commit adc218676eef25575469234709c2d87185ca223a Author: Linus Torvalds Date: Sun Nov 17 14:15:08 2024 -0800 Linux 6.12 commit f66d6acccbc08b4146f4c2cf9445241f70f5517d Merge: 4a5df37964673e 8d9ffb2fe65a6c Author: Linus Torvalds Date: Sun Nov 17 09:35:51 2024 -0800 Merge tag 'x86_urgent_for_v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fixes from Borislav Petkov: - Make sure a kdump kernel with CONFIG_IMA_KEXEC enabled and booted on an AMD SME enabled hardware properly decrypts the ima_kexec buffer information passed to it from the previous kernel - Fix building the kernel with Clang where a non-TLS definition of the stack protector guard cookie leads to bogus code generation - Clear a wrongly advertised virtualized VMLOAD/VMSAVE feature flag on some Zen4 client systems as those insns are not supported on client * tag 'x86_urgent_for_v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/mm: Fix a kdump kernel failure on SME system when CONFIG_IMA_KEXEC=y x86/stackprotector: Work around strict Clang TLS symbol requirements x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client commit 4a5df37964673effcd9f84041f7423206a5ae5f2 Merge: b84eeed05a8823 d1aa0c04294e29 Author: Linus Torvalds Date: Sat Nov 16 16:00:38 2024 -0800 Merge tag 'mm-hotfixes-stable-2024-11-16-15-33' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull hotfixes from Andrew Morton: "10 hotfixes, 7 of which are cc:stable. All singletons, please see the changelogs for details" * tag 'mm-hotfixes-stable-2024-11-16-15-33' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: mm: revert "mm: shmem: fix data-race in shmem_getattr()" ocfs2: uncache inode which has failed entering the group mm: fix NULL pointer dereference in alloc_pages_bulk_noprof mm, doc: update read_ahead_kb for MADV_HUGEPAGE fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args() sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers crash, powerpc: default to CRASH_DUMP=n on PPC_BOOK3S_32 mm/mremap: fix address wraparound in move_page_tables() tools/mm: fix compile error mm, swap: fix allocation and scanning race with swapoff commit d1aa0c04294e29883d65eac6c2f72fe95cc7c049 Author: Andrew Morton Date: Fri Nov 15 16:57:24 2024 -0800 mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. As Hugh commented, "added just to silence a syzbot sanitizer splat: added where there has never been any practical problem". Link: https://lkml.kernel.org/r/ZzdxKF39VEmXSSyN@tissot.1015granger.net [1] Fixes: d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") Acked-by: Hugh Dickins Cc: Chuck Lever Cc: Jeongjun Park Cc: Yu Zhao Cc: Signed-off-by: Andrew Morton commit b84eeed05a8823074866924f4c072bdf2d533f5d Merge: e06bc45bef9aca ca29cfcc4a2108 Author: Linus Torvalds Date: Sat Nov 16 15:14:39 2024 -0800 Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rmk/linux Pull ARM fixes from Russell King: - Fix kernel mapping for XIP kernels - Fix SMP support for XIP kernels - Fix complication corner case with CFI - Fix a typo in nommu code - Fix cacheflush syscall when PAN is enabled on LPAE platforms * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rmk/linux: ARM: fix cacheflush with PAN ARM: 9435/1: ARM/nommu: Fix typo "absence" ARM: 9434/1: cfi: Fix compilation corner case ARM: 9420/1: smp: Fix SMP for xip kernels ARM: 9419/1: mm: Fix kernel memory mapping for xip kernels commit e06bc45bef9aca52c6bdcb56aa6d392d99516ac3 Merge: b5a24181e461e8 f48ab0a39f12fd Author: Linus Torvalds Date: Sat Nov 16 15:09:14 2024 -0800 Merge tag 'drm-fixes-2024-11-17' of https://gitlab.freedesktop.org/drm/kernel Pull drm fix from Dave Airlie: "Alex sent on a last minute revert for a amdgpu/swsmu regression: - revert patch to fix swsmu regression" * tag 'drm-fixes-2024-11-17' of https://gitlab.freedesktop.org/drm/kernel: Revert "drm/amd/pm: correct the workload setting" commit f48ab0a39f12fd83fae13bf81152531565cd5e75 Merge: 21c1c6c7d732c2 44f392fbf628a7 Author: Dave Airlie Date: Sun Nov 17 08:12:44 2024 +1000 Merge tag 'amd-drm-fixes-6.12-2024-11-16' of https://gitlab.freedesktop.org/agd5f/linux into drm-fixes amd-drm-fixes-6.12-2024-11-16: amdgpu: - Revert a swsmu patch to fix a regression Signed-off-by: Dave Airlie From: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20241116145320.2507156-1-alexander.deucher@amd.com commit b5a24181e461e8bfa8cdf35e1804679dc1bebcdd Merge: e8bdb3c8be08c9 09663753bb7c50 Author: Linus Torvalds Date: Sat Nov 16 08:12:43 2024 -0800 Merge tag 'trace-ringbuffer-v6.12-rc7-2' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull ring buffer fixes from Steven Rostedt: - Revert: "ring-buffer: Do not have boot mapped buffers hook to CPU hotplug" A crash that happened on cpu hotplug was actually caused by the incorrect ref counting that was fixed by commit 2cf9733891a4 ("ring-buffer: Fix refcount setting of boot mapped buffers"). The removal of calling cpu hotplug callbacks on memory mapped buffers was not an issue even though the tests at the time pointed toward it. But in fact, there's a check in that code that tests to see if the buffers are already allocated or not, and will not allocate them again if they are. Not calling the cpu hotplug callbacks ended up not initializing the non boot CPU buffers. Simply remove that change. - Clear all CPU buffers when starting tracing in a boot mapped buffer To properly process events from a previous boot, the address space needs to be accounted for due to KASLR and the events in the buffer are updated accordingly when read. This also requires that when the buffer has tracing enabled again in the current boot that the buffers are reset so that events from the previous boot do not interact with the events of the current boot and cause confusing due to not having the proper meta data. It was found that if a CPU is taken offline, that its per CPU buffer is not reset when tracing starts. This allows for events to be from both the previous boot and the current boot to be in the buffer at the same time. Clear all CPU buffers when tracing is started in a boot mapped buffer. * tag 'trace-ringbuffer-v6.12-rc7-2' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: tracing/ring-buffer: Clear all memory mapped CPU ring buffers on first recording Revert: "ring-buffer: Do not have boot mapped buffers hook to CPU hotplug" commit 44f392fbf628a7ff2d8bb8e83ca1851261f81a6f Author: Alex Deucher Date: Sat Nov 16 09:22:14 2024 -0500 Revert "drm/amd/pm: correct the workload setting" This reverts commit 74e1006430a5377228e49310f6d915628609929e. This causes a regression in the workload selection. A more extensive fix is being worked on. For now, revert. Link: https://gitlab.freedesktop.org/drm/amd/-/issues/3618 Fixes: 74e1006430a5 ("drm/amd/pm: correct the workload setting") Signed-off-by: Alex Deucher commit e8bdb3c8be08c9a3edc0a373c0aa8729355a0705 Merge: f868cd2517763c 57f7c7dc78cd09 Author: Linus Torvalds Date: Fri Nov 15 11:44:32 2024 -0800 Merge tag 'riscv-for-linus-6.12-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux Pull RISC-V fix from Palmer Dabbelt: - A fix for the CPU perf driver that avoids leaking CPU ID references on systems without snapshot support. * tag 'riscv-for-linus-6.12-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux: drivers: perf: Fix wrong put_cpu() placement commit f868cd2517763c66783c6000b29d97f0b966b311 Merge: f5395732841802 21c1c6c7d732c2 Author: Linus Torvalds Date: Fri Nov 15 10:53:42 2024 -0800 Merge tag 'drm-fixes-2024-11-16' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes from Dave Airlie: "Final week of fixes, lots of small amdgpu fixes, some i915 and xe fixes, the nouveau changes fix a recent regression and some laptop panel black screens, then a couple of other misc ones. It's probably a little busier than I'd like, but each fix seems fine. amdgpu: - PSR fix - Panel replay fixes - DML fix - vblank power fix - Fix video caps - SMU 14.0 fix - GPUVM fix - MES 12 fix - APU carve out fix - DC vbios fix - NBIO fix i915: - Don't load GSC on ARL-H and ARL-U if too old FW - Avoid potential OOPS in enabling/disabling TV output xe: - Fix unlock on exec ioctl error path - Fix hibernation on LNL due to ggtt getting lost - Fix missing runtime PM in OA release bridge: - tc358768: Fix DSI command tx nouveau: - Fix GSP AUX error handling - dp: Handle retires for AUX CH transfers with GSP - fw: Sync DMA after setup panthor: - Fix partial BO mappings to GPU rockchip: - vop: Avoid null-ptr deref in plane-state check vmwgfx: - Avoid null-ptr deref in surface creation" * tag 'drm-fixes-2024-11-16' of https://gitlab.freedesktop.org/drm/kernel: (27 commits) drm/bridge: tc358768: Fix DSI command tx drm/vmwgfx: avoid null_ptr_deref in vmw_framebuffer_surface_create_handle nouveau/dp: handle retries for AUX CH transfers with GSP. nouveau: handle EBUSY and EAGAIN for GSP aux errors. nouveau: fw: sync dma after setup is called. drm/xe/oa: Fix "Missing outer runtime PM protection" warning drm/xe: handle flat ccs during hibernation on igpu drm/xe: improve hibernation on igpu drm/xe: Restore system memory GGTT mappings drm/xe: Ensure all locks released in exec IOCTL drm/panthor: Fix handling of partial GPU mapping of BOs drm/amd: Fix initialization mistake for NBIO 7.7.0 Revert "drm/amd/display: parse umc_info or vram_info based on ASIC" drm/amd/display: Fix failure to read vram info due to static BP_RESULT drm/amdgpu: enable GTT fallback handling for dGPUs only drm/i915: Grab intel_display from the encoder to avoid potential oopsies drm/i915/gsc: ARL-H and ARL-U need a newer GSC FW. drm/amdgpu/mes12: correct kiq unmap latency drm/amdgpu: fix check in gmc_v9_0_get_vm_pte() drm/amd/pm: print pp_dpm_mclk in ascending order on SMU v14.0.0 ... commit f5395732841802fcfd04fa7faa9a6cf2d4a8a714 Merge: 1b597e1cf0a226 6abe2a90808192 Author: Linus Torvalds Date: Fri Nov 15 10:48:28 2024 -0800 Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma Pull rdma fixes from Jason Gunthorpe: - Revert a change to the VLAN logic, this broke previously working ROCE configurations - Fix a memory leak on error unwinding in bnxt_re * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma: Revert "RDMA/core: Fix ENODEV error for iWARP test over vlan" RDMA/bnxt_re: Remove some dead code RDMA/bnxt_re: Fix some error handling paths in bnxt_re_probe() commit 21c1c6c7d732c2f6f4c5ffc77e103aa3ae8bff1d Merge: 1eb0de899b1eaf c0403e4ceecaef Author: Dave Airlie Date: Sat Nov 16 04:31:09 2024 +1000 Merge tag 'drm-xe-fixes-2024-11-14' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-fixes Driver Changes: - Fix unlock on exec ioctl error path (Matthew Brost) - Fix hibernation on LNL due to ggtt getting lost (Matthew Brost / Matthew Auld) - Fix missing runtime PM in OA release (Ashutosh) Signed-off-by: Dave Airlie From: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/5ntcf2ssmmvo5dsf2mdcee4guwwmpbm3xrlufgt2pdfmznzjo3@62ygo3bxkock commit 1b597e1cf0a226ff1a3b0e117238cfe6c5168de9 Merge: aa35f5446fac73 d2fab3fc27cbca Author: Linus Torvalds Date: Fri Nov 15 10:20:17 2024 -0800 Merge tag 'pmdomain-v6.12-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm Pull pmdomain fixes from Ulf Hansson: "pmdomain core: - Add GENPD_FLAG_DEV_NAME_FW flag to generate unique names pmdomain providers: - arm: Use FLAG_DEV_NAME_FW to ensure unique names - imx93-blk-ctrl: Fix the remove path arm_scmi/qcom-cpucp: - Report duplicate OPPs as firmware bugs for arm_scmi - Skip OPP duplicates for arm_scmi - Mark the qcom-cpucp mailbox irq with IRQF_NO_SUSPEND flag" * tag 'pmdomain-v6.12-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm: mailbox: qcom-cpucp: Mark the irq with IRQF_NO_SUSPEND flag firmware: arm_scmi: Report duplicate opps as firmware bugs firmware: arm_scmi: Skip opp duplicates pmdomain: imx93-blk-ctrl: correct remove path pmdomain: arm: Use FLAG_DEV_NAME_FW to ensure unique names pmdomain: core: Add GENPD_FLAG_DEV_NAME_FW flag commit aa35f5446fac73c96f4c282e333b119deba2d82e Merge: eeae5ef6bf76b1 1635e407a4a64d Author: Linus Torvalds Date: Fri Nov 15 10:16:12 2024 -0800 Merge tag 'mmc-v6.12-rc3-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc Pull MMC host fixes from Ulf Hansson: - dw_mmc: Revert fix for IDMAC operation with pages bigger than 4K - sunxi-mmc: Fix A100 compatible description * tag 'mmc-v6.12-rc3-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc: Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" mmc: sunxi-mmc: Fix A100 compatible description commit eeae5ef6bf76b1d828eff26d2ae393cfebac72ad Merge: 842c7e5834af1f 5ec23a1b53a98d Author: Linus Torvalds Date: Fri Nov 15 10:09:38 2024 -0800 Merge tag 'sound-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound Pull sound fixes from Takashi Iwai: "A few last-minute fixes. All changes are device-specific small fixes that should be pretty safe to apply" * tag 'sound-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: ALSA: hda/realtek - update set GPIO3 to default for Thinkpad with ALC1318 ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 ALSA: hda/realtek - Fixed Clevo platform headset Mic issue ALSA: usb-audio: Fix Yamaha P-125 Quirk Entry ASoC: max9768: Fix event generation for playback mute ASoC: intel: sof_sdw: add quirk for Dell SKU ASoC: audio-graph-card2: Purge absent supplies for device tree nodes commit 842c7e5834af1fd20b3c79f894be51b2059e3c88 Merge: d79944b0948c3a dd41b283ef2f02 Author: Linus Torvalds Date: Fri Nov 15 10:04:39 2024 -0800 Merge tag 'v6.12-p5' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto fix from Herbert Xu: "Fix a regression in the MIPS CRC32C code" * tag 'v6.12-p5' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: mips/crc32 - fix the CRC32C implementation commit d79944b0948c3a5e80229606e36281d6ef746b21 Merge: c9dd4571ad3865 a4af89cc50f3c1 Author: Linus Torvalds Date: Fri Nov 15 09:59:51 2024 -0800 Merge tag 'sched_ext-for-6.12-rc7-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext Pull sched_ext fix from Tejun Heo: "One more fix for v6.12-rc7 ops.cpu_acquire() was being invoked with the wrong kfunc mask allowing the operation to call kfuncs which shouldn't be allowed. Fix it by using SCX_KF_REST instead, which is trivial and low risk" * tag 'sched_ext-for-6.12-rc7-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext: sched_ext: ops.cpu_acquire() should be called with SCX_KF_REST commit c9dd4571ad38654f26c07ff2b7c7dba03301fc76 Merge: cfaaa7d010d1fc 7d493a5ecc26f8 Author: Linus Torvalds Date: Fri Nov 15 09:45:32 2024 -0800 Merge tag 'for-6.12-rc7-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux Pull btrfs fix from David Sterba: "One more fix that seems urgent and good to have in 6.12 final. It could potentially lead to unexpected transaction aborts, due to wrong comparison and order of processing of delayed refs" * tag 'for-6.12-rc7-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux: btrfs: fix incorrect comparison for delayed refs commit 737f34137844d6572ab7d473c998c7f977ff30eb Author: Dmitry Antipov Date: Thu Nov 14 07:38:44 2024 +0300 ocfs2: uncache inode which has failed entering the group Syzbot has reported the following BUG: kernel BUG at fs/ocfs2/uptodate.c:509! ... Call Trace: ? __die_body+0x5f/0xb0 ? die+0x9e/0xc0 ? do_trap+0x15a/0x3a0 ? ocfs2_set_new_buffer_uptodate+0x145/0x160 ? do_error_trap+0x1dc/0x2c0 ? ocfs2_set_new_buffer_uptodate+0x145/0x160 ? __pfx_do_error_trap+0x10/0x10 ? handle_invalid_op+0x34/0x40 ? ocfs2_set_new_buffer_uptodate+0x145/0x160 ? exc_invalid_op+0x38/0x50 ? asm_exc_invalid_op+0x1a/0x20 ? ocfs2_set_new_buffer_uptodate+0x2e/0x160 ? ocfs2_set_new_buffer_uptodate+0x144/0x160 ? ocfs2_set_new_buffer_uptodate+0x145/0x160 ocfs2_group_add+0x39f/0x15a0 ? __pfx_ocfs2_group_add+0x10/0x10 ? __pfx_lock_acquire+0x10/0x10 ? mnt_get_write_access+0x68/0x2b0 ? __pfx_lock_release+0x10/0x10 ? rcu_read_lock_any_held+0xb7/0x160 ? __pfx_rcu_read_lock_any_held+0x10/0x10 ? smack_log+0x123/0x540 ? mnt_get_write_access+0x68/0x2b0 ? mnt_get_write_access+0x68/0x2b0 ? mnt_get_write_access+0x226/0x2b0 ocfs2_ioctl+0x65e/0x7d0 ? __pfx_ocfs2_ioctl+0x10/0x10 ? smack_file_ioctl+0x29e/0x3a0 ? __pfx_smack_file_ioctl+0x10/0x10 ? lockdep_hardirqs_on_prepare+0x43d/0x780 ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 ? __pfx_ocfs2_ioctl+0x10/0x10 __se_sys_ioctl+0xfb/0x170 do_syscall_64+0xf3/0x230 entry_SYSCALL_64_after_hwframe+0x77/0x7f ... When 'ioctl(OCFS2_IOC_GROUP_ADD, ...)' has failed for the particular inode in 'ocfs2_verify_group_and_input()', corresponding buffer head remains cached and subsequent call to the same 'ioctl()' for the same inode issues the BUG() in 'ocfs2_set_new_buffer_uptodate()' (trying to cache the same buffer head of that inode). Fix this by uncaching the buffer head with 'ocfs2_remove_from_cache()' on error path in 'ocfs2_group_add()'. Link: https://lkml.kernel.org/r/20241114043844.111847-1-dmantipov@yandex.ru Fixes: 7909f2bf8353 ("[PATCH 2/2] ocfs2: Implement group add for online resize") Signed-off-by: Dmitry Antipov Reported-by: syzbot+453873f1588c2d75b447@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=453873f1588c2d75b447 Reviewed-by: Joseph Qi Cc: Dmitry Antipov Cc: Joel Becker Cc: Mark Fasheh Cc: Junxiao Bi Cc: Changwei Ge Cc: Jun Piao Cc: Signed-off-by: Andrew Morton commit 8ce41b0f9d77cca074df25afd39b86e2ee3aa68e Author: Jinjiang Tu Date: Wed Nov 13 16:32:35 2024 +0800 mm: fix NULL pointer dereference in alloc_pages_bulk_noprof We triggered a NULL pointer dereference for ac.preferred_zoneref->zone in alloc_pages_bulk_noprof() when the task is migrated between cpusets. When cpuset is enabled, in prepare_alloc_pages(), ac->nodemask may be ¤t->mems_allowed. when first_zones_zonelist() is called to find preferred_zoneref, the ac->nodemask may be modified concurrently if the task is migrated between different cpusets. Assuming we have 2 NUMA Node, when traversing Node1 in ac->zonelist, the nodemask is 2, and when traversing Node2 in ac->zonelist, the nodemask is 1. As a result, the ac->preferred_zoneref points to NULL zone. In alloc_pages_bulk_noprof(), for_each_zone_zonelist_nodemask() finds a allowable zone and calls zonelist_node_idx(ac.preferred_zoneref), leading to NULL pointer dereference. __alloc_pages_noprof() fixes this issue by checking NULL pointer in commit ea57485af8f4 ("mm, page_alloc: fix check for NULL preferred_zone") and commit df76cee6bbeb ("mm, page_alloc: remove redundant checks from alloc fastpath"). To fix it, check NULL pointer for preferred_zoneref->zone. Link: https://lkml.kernel.org/r/20241113083235.166798-1-tujinjiang@huawei.com Fixes: 387ba26fb1cb ("mm/page_alloc: add a bulk page allocator") Signed-off-by: Jinjiang Tu Reviewed-by: Vlastimil Babka Cc: Alexander Lobakin Cc: David Hildenbrand Cc: Kefeng Wang Cc: Mel Gorman Cc: Nanyong Sun Cc: Signed-off-by: Andrew Morton commit 0740e54304dcd11cf2a8edb6764423eb2fed1c61 Author: Yafang Shao Date: Wed Nov 13 23:07:11 2024 +0800 mm, doc: update read_ahead_kb for MADV_HUGEPAGE MADV_HUGEPAGE is a new addition to readahead with behavior distinct from normal pages. To prevent confusion, we should update the documentation accordingly. Link: https://lkml.kernel.org/r/20241113150711.1685-1-laoar.shao@gmail.com Signed-off-by: Yafang Shao Cc: David Hildenbrand Cc: Matthew Wilcox Signed-off-by: Andrew Morton commit 669b0cb81e4e4e78cff77a5b367c7f70c0c6c05e Author: Dan Carpenter Date: Thu Nov 14 11:59:32 2024 +0300 fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args() The "arg->vec_len" variable is a u64 that comes from the user at the start of the function. The "arg->vec_len * sizeof(struct page_region))" multiplication can lead to integer wrapping. Use size_mul() to avoid that. Also the size_add/mul() functions work on unsigned long so for 32bit systems we need to ensure that "arg->vec_len" fits in an unsigned long. Link: https://lkml.kernel.org/r/39d41335-dd4d-48ed-8a7f-402c57d8ea84@stanley.mountain Fixes: 52526ca7fdb9 ("fs/proc/task_mmu: implement IOCTL to get and optionally clear info about PTEs") Signed-off-by: Dan Carpenter Cc: Andrei Vagin Cc: Andrii Nakryiko Cc: Arnd Bergmann Cc: David Hildenbrand Cc: Matthew Wilcox Cc: Michał Mirosław Cc: Muhammad Usama Anjum Cc: Oscar Salvador Cc: Peter Xu Cc: Ryan Roberts Cc: Signed-off-by: Andrew Morton commit fd7b4f9f46d46acbc7af3a439bb0d869efdc5c58 Author: Qun-Wei Lin Date: Wed Nov 13 12:25:43 2024 +0800 sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers When CONFIG_KASAN_SW_TAGS and CONFIG_KASAN_STACK are enabled, the object_is_on_stack() function may produce incorrect results due to the presence of tags in the obj pointer, while the stack pointer does not have tags. This discrepancy can lead to incorrect stack object detection and subsequently trigger warnings if CONFIG_DEBUG_OBJECTS is also enabled. Example of the warning: ODEBUG: object 3eff800082ea7bb0 is NOT on stack ffff800082ea0000, but annotated. ------------[ cut here ]------------ WARNING: CPU: 0 PID: 1 at lib/debugobjects.c:557 __debug_object_init+0x330/0x364 Modules linked in: CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-rc5 #4 Hardware name: linux,dummy-virt (DT) pstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __debug_object_init+0x330/0x364 lr : __debug_object_init+0x330/0x364 sp : ffff800082ea7b40 x29: ffff800082ea7b40 x28: 98ff0000c0164518 x27: 98ff0000c0164534 x26: ffff800082d93ec8 x25: 0000000000000001 x24: 1cff0000c00172a0 x23: 0000000000000000 x22: ffff800082d93ed0 x21: ffff800081a24418 x20: 3eff800082ea7bb0 x19: efff800000000000 x18: 0000000000000000 x17: 00000000000000ff x16: 0000000000000047 x15: 206b63617473206e x14: 0000000000000018 x13: ffff800082ea7780 x12: 0ffff800082ea78e x11: 0ffff800082ea790 x10: 0ffff800082ea79d x9 : 34d77febe173e800 x8 : 34d77febe173e800 x7 : 0000000000000001 x6 : 0000000000000001 x5 : feff800082ea74b8 x4 : ffff800082870a90 x3 : ffff80008018d3c4 x2 : 0000000000000001 x1 : ffff800082858810 x0 : 0000000000000050 Call trace: __debug_object_init+0x330/0x364 debug_object_init_on_stack+0x30/0x3c schedule_hrtimeout_range_clock+0xac/0x26c schedule_hrtimeout+0x1c/0x30 wait_task_inactive+0x1d4/0x25c kthread_bind_mask+0x28/0x98 init_rescuer+0x1e8/0x280 workqueue_init+0x1a0/0x3cc kernel_init_freeable+0x118/0x200 kernel_init+0x28/0x1f0 ret_from_fork+0x10/0x20 ---[ end trace 0000000000000000 ]--- ODEBUG: object 3eff800082ea7bb0 is NOT on stack ffff800082ea0000, but annotated. ------------[ cut here ]------------ Link: https://lkml.kernel.org/r/20241113042544.19095-1-qun-wei.lin@mediatek.com Signed-off-by: Qun-Wei Lin Cc: Andrew Yang Cc: AngeloGioacchino Del Regno Cc: Casper Li Cc: Catalin Marinas Cc: Chinwen Chang Cc: Kent Overstreet Cc: Matthias Brugger Cc: Pasha Tatashin Cc: Shakeel Butt Cc: Signed-off-by: Andrew Morton commit 31daa34315d45d3fe77f2158d889d523d78852ea Author: Dave Vasilevsky Date: Tue Sep 17 12:37:20 2024 -0400 crash, powerpc: default to CRASH_DUMP=n on PPC_BOOK3S_32 Fixes boot failures on 6.9 on PPC_BOOK3S_32 machines using Open Firmware. On these machines, the kernel refuses to boot from non-zero PHYSICAL_START, which occurs when CRASH_DUMP is on. Since most PPC_BOOK3S_32 machines boot via Open Firmware, it should default to off for them. Users booting via some other mechanism can still turn it on explicitly. Does not change the default on any other architectures for the time being. Link: https://lkml.kernel.org/r/20240917163720.1644584-1-dave@vasilevsky.ca Fixes: 75bc255a7444 ("crash: clean up kdump related config items") Signed-off-by: Dave Vasilevsky Reported-by: Reimar Döffinger Closes: https://lists.debian.org/debian-powerpc/2024/07/msg00001.html Acked-by: Michael Ellerman [powerpc] Acked-by: Baoquan He Cc: "Eric W. Biederman" Cc: John Paul Adrian Glaubitz Cc: Reimar Döffinger Cc: Signed-off-by: Andrew Morton commit a4a282daf1a190f03790bf163458ea3c8d28d217 Author: Jann Horn Date: Mon Nov 11 20:34:30 2024 +0100 mm/mremap: fix address wraparound in move_page_tables() On 32-bit platforms, it is possible for the expression `len + old_addr < old_end` to be false-positive if `len + old_addr` wraps around. `old_addr` is the cursor in the old range up to which page table entries have been moved; so if the operation succeeded, `old_addr` is the *end* of the old region, and adding `len` to it can wrap. The overflow causes mremap() to mistakenly believe that PTEs have been copied; the consequence is that mremap() bails out, but doesn't move the PTEs back before the new VMA is unmapped, causing anonymous pages in the region to be lost. So basically if userspace tries to mremap() a private-anon region and hits this bug, mremap() will return an error and the private-anon region's contents appear to have been zeroed. The idea of this check is that `old_end - len` is the original start address, and writing the check that way also makes it easier to read; so fix the check by rearranging the comparison accordingly. (An alternate fix would be to refactor this function by introducing an "orig_old_start" variable or such.) Tested in a VM with a 32-bit X86 kernel; without the patch: ``` user@horn:~/big_mremap$ cat test.c #define _GNU_SOURCE #include #include #include #include #define ADDR1 ((void*)0x60000000) #define ADDR2 ((void*)0x10000000) #define SIZE 0x50000000uL int main(void) { unsigned char *p1 = mmap(ADDR1, SIZE, PROT_READ|PROT_WRITE, MAP_ANONYMOUS|MAP_PRIVATE|MAP_FIXED_NOREPLACE, -1, 0); if (p1 == MAP_FAILED) err(1, "mmap 1"); unsigned char *p2 = mmap(ADDR2, SIZE, PROT_NONE, MAP_ANONYMOUS|MAP_PRIVATE|MAP_FIXED_NOREPLACE, -1, 0); if (p2 == MAP_FAILED) err(1, "mmap 2"); *p1 = 0x41; printf("first char is 0x%02hhx\n", *p1); unsigned char *p3 = mremap(p1, SIZE, SIZE, MREMAP_MAYMOVE|MREMAP_FIXED, p2); if (p3 == MAP_FAILED) { printf("mremap() failed; first char is 0x%02hhx\n", *p1); } else { printf("mremap() succeeded; first char is 0x%02hhx\n", *p3); } } user@horn:~/big_mremap$ gcc -static -o test test.c user@horn:~/big_mremap$ setarch -R ./test first char is 0x41 mremap() failed; first char is 0x00 ``` With the patch: ``` user@horn:~/big_mremap$ setarch -R ./test first char is 0x41 mremap() succeeded; first char is 0x41 ``` Link: https://lkml.kernel.org/r/20241111-fix-mremap-32bit-wrap-v1-1-61d6be73b722@google.com Fixes: af8ca1c14906 ("mm/mremap: optimize the start addresses in move_page_tables()") Signed-off-by: Jann Horn Acked-by: Vlastimil Babka Reviewed-by: Lorenzo Stoakes Acked-by: Qi Zheng Reviewed-by: Liam R. Howlett Cc: Joel Fernandes (Google) Cc: Signed-off-by: Andrew Morton commit a39326767c55c00c7c313333404cbcb502cce8fe Author: Motiejus JakÅ`tys Date: Tue Nov 12 19:16:55 2024 +0200 tools/mm: fix compile error Add a missing semicolon. Link: https://lkml.kernel.org/r/20241112171655.1662670-1-motiejus@jakstys.lt Fixes: ece5897e5a10 ("tools/mm: -Werror fixes in page-types/slabinfo") Signed-off-by: Motiejus JakÅ`tys Closes: https://github.com/NixOS/nixpkgs/issues/355369 Reviewed-by: SeongJae Park Reviewed-by: Vishal Moola (Oracle) Acked-by: Oleksandr Natalenko Cc: Wladislav Wiebe Signed-off-by: Andrew Morton commit 0ec8bc9e880eb576dc4492e8e0c7153ed0a71031 Author: Kairui Song Date: Tue Nov 12 16:34:14 2024 +0800 mm, swap: fix allocation and scanning race with swapoff There are two flags used to synchronize allocation and scanning with swapoff: SWP_WRITEOK and SWP_SCANNING. SWP_WRITEOK: Swapoff will first unset this flag, at this point any further swap allocation or scanning on this device should just abort so no more new entries will be referencing this device. Swapoff will then unuse all existing swap entries. SWP_SCANNING: This flag is set when device is being scanned. Swapoff will wait for all scanner to stop before the final release of the swap device structures to avoid UAF. Note this flag is the highest used bit of si->flags so it could be added up arithmetically, if there are multiple scanner. commit 5f843a9a3a1e ("mm: swap: separate SSD allocation from scan_swap_map_slots()") ignored SWP_SCANNING and SWP_WRITEOK flags while separating cluster allocation path from the old allocation path. Add the flags back to fix swapoff race. The race is hard to trigger as si->lock prevents most parallel operations, but si->lock could be dropped for reclaim or discard. This issue is found during code review. This commit fixes this problem. For SWP_SCANNING, Just like before, set the flag before scan and remove it afterwards. For SWP_WRITEOK, there are several places where si->lock could be dropped, it will be error-prone and make the code hard to follow if we try to cover these places one by one. So just do one check before the real allocation, which is also very similar like before. With new cluster allocator it may waste a bit of time iterating the clusters but won't take long, and swapoff is not performance sensitive. Link: https://lkml.kernel.org/r/20241112083414.78174-1-ryncsn@gmail.com Fixes: 5f843a9a3a1e ("mm: swap: separate SSD allocation from scan_swap_map_slots()") Reported-by: "Huang, Ying" Closes: https://lore.kernel.org/linux-mm/87a5es3f1f.fsf@yhuang6-desk2.ccr.corp.intel.com/ Signed-off-by: Kairui Song Cc: Barry Song Cc: Chris Li Cc: Hugh Dickins Cc: Kalesh Singh Cc: Ryan Roberts Signed-off-by: Andrew Morton commit 1eb0de899b1eafe2c3aca8763c99e5c5ed791561 Merge: 99d051c4b33cfb 7013a8268d311f Author: Dave Airlie Date: Fri Nov 15 06:48:49 2024 +1000 Merge tag 'amd-drm-fixes-6.12-2024-11-14' of https://gitlab.freedesktop.org/agd5f/linux into drm-fixes amd-drm-fixes-6.12-2024-11-14: amdgpu: - PSR fix - Panel replay fixes - DML fix - vblank power fix - Fix video caps - SMU 14.0 fix - GPUVM fix - MES 12 fix - APU carve out fix - DC vbios fix - NBIO fix Signed-off-by: Dave Airlie From: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20241114143401.448210-1-alexander.deucher@amd.com commit 99d051c4b33cfb451dca0c30e28da25db2ce4d7f Merge: 6b76bf8f3b79fc 32c4514455b2b8 Author: Dave Airlie Date: Fri Nov 15 06:38:32 2024 +1000 Merge tag 'drm-misc-fixes-2024-11-14' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-fixes Short summary of fixes pull: bridge: - tc358768: Fix DSI command tx nouveau: - Fix GSP AUX error handling - dp: Handle retires for AUX CH transfers with GSP - fw: Sync DMA after setup panthor: - Fix partial BO mappings to GPU rockchip: - vop: Avoid null-ptr deref in plane-state check vmwgfx: - Avoid null-ptr deref in surface creation Signed-off-by: Dave Airlie From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20241114142256.GA86810@2a02-2454-fd5e-fd00-4ce-489-4b34-bd1a.dyn6.pyur.net commit 6b76bf8f3b79fc8e2bac4ecd6fe925f18fdfd14a Merge: 2d5404caa8c7bb 67e023b93d69e5 Author: Dave Airlie Date: Fri Nov 15 06:18:34 2024 +1000 Merge tag 'drm-intel-fixes-2024-11-14' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-fixes - Don't load GSC on ARL-H and ARL-U if too old FW - Avoid potential OOPS in enabling/disabling TV output Signed-off-by: Dave Airlie From: Joonas Lahtinen Link: https://patchwork.freedesktop.org/patch/msgid/ZzWksU6CMGLPfjkT@jlahtine-mobl.ger.corp.intel.com commit a4af89cc50f3c1035c1e0dfb50948a23107f3e95 Author: Tejun Heo Date: Thu Nov 14 08:50:58 2024 -1000 sched_ext: ops.cpu_acquire() should be called with SCX_KF_REST ops.cpu_acquire() is currently called with 0 kf_maks which is interpreted as SCX_KF_UNLOCKED which allows all unlocked kfuncs, but ops.cpu_acquire() is called from balance_one() under the rq lock and should only be allowed call kfuncs that are safe under the rq lock. Update it to use SCX_KF_REST. Signed-off-by: Tejun Heo Cc: David Vernet Cc: Zhao Mengmeng Link: http://lkml.kernel.org/r/ZzYvf2L3rlmjuKzh@slm.duckdns.org Fixes: 245254f7081d ("sched_ext: Implement sched_ext_ops.cpu_acquire/release()") commit cfaaa7d010d1fc58f9717fcc8591201e741d2d49 Merge: 4abcd80f233578 ca34aceb322bfc Author: Linus Torvalds Date: Thu Nov 14 10:05:33 2024 -0800 Merge tag 'net-6.12-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from Paolo Abeni: "Including fixes from bluetooth. Quite calm week. No new regression under investigation. Current release - regressions: - eth: revert "igb: Disable threaded IRQ for igb_msix_other" Current release - new code bugs: - bluetooth: btintel: direct exception event to bluetooth stack Previous releases - regressions: - core: fix data-races around sk->sk_forward_alloc - netlink: terminate outstanding dump on socket close - mptcp: error out earlier on disconnect - vsock: fix accept_queue memory leak - phylink: ensure PHY momentary link-fails are handled - eth: mlx5: - fix null-ptr-deref in add rule err flow - lock FTE when checking if active - eth: dwmac-mediatek: fix inverted handling of mediatek,mac-wol Previous releases - always broken: - sched: fix u32's systematic failure to free IDR entries for hnodes. - sctp: fix possible UAF in sctp_v6_available() - eth: bonding: add ns target multicast address to slave device - eth: mlx5: fix msix vectors to respect platform limit - eth: icssg-prueth: fix 1 PPS sync" * tag 'net-6.12-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (38 commits) net: sched: u32: Add test case for systematic hnode IDR leaks selftests: bonding: add ns multicast group testing bonding: add ns target multicast address to slave device net: ti: icssg-prueth: Fix 1 PPS sync stmmac: dwmac-intel-plat: fix call balance of tx_clk handling routines net: Make copy_safe_from_sockptr() match documentation net: stmmac: dwmac-mediatek: Fix inverted handling of mediatek,mac-wol ipmr: Fix access to mfc_cache_list without lock held samples: pktgen: correct dev to DEV net: phylink: ensure PHY momentary link-fails are handled mptcp: pm: use _rcu variant under rcu_read_lock mptcp: hold pm lock when deleting entry mptcp: update local address flags when setting it net: sched: cls_u32: Fix u32's systematic failure to free IDR entries for hnodes. MAINTAINERS: Re-add cancelled Renesas driver sections Revert "igb: Disable threaded IRQ for igb_msix_other" Bluetooth: btintel: Direct exception event to bluetooth stack Bluetooth: hci_core: Fix calling mgmt_device_connected virtio/vsock: Improve MSG_ZEROCOPY error handling vsock: Fix sk_error_queue memory leak ... commit 4abcd80f23357808b0444d261ed08e5a77dbaa9a Merge: 0a9b9d17f3a781 840c2fbcc5cd33 Author: Linus Torvalds Date: Thu Nov 14 10:00:23 2024 -0800 Merge tag 'bcachefs-2024-11-13' of git://evilpiepirate.org/bcachefs Pull bcachefs fixes from Kent Overstreet: "This fixes one minor regression from the btree cache fixes (in the scan_for_btree_nodes repair path) - and the shutdown path fix is the big one here, in terms of bugs closed: - Assorted tiny syzbot fixes - Shutdown path fix: "bch2_btree_write_buffer_flush_going_ro()" The shutdown path wasn't flushing the btree write buffer, leading to shutting down while we still had operations in flight. This fixes a whole slew of syzbot bugs, and undoubtedly other strange heisenbugs. * tag 'bcachefs-2024-11-13' of git://evilpiepirate.org/bcachefs: bcachefs: Fix assertion pop in bch2_ptr_swab() bcachefs: Fix journal_entry_dev_usage_to_text() overrun bcachefs: Allow for unknown key types in backpointers fsck bcachefs: Fix assertion pop in topology repair bcachefs: Fix hidden btree errors when reading roots bcachefs: Fix validate_bset() repair path bcachefs: Fix missing validation for bch_backpointer.level bcachefs: Fix bch_member.btree_bitmap_shift validation bcachefs: bch2_btree_write_buffer_flush_going_ro() commit 09663753bb7c50b33f8e5fa562c20ce275b88237 Author: Steven Rostedt Date: Thu Nov 14 11:28:25 2024 -0500 tracing/ring-buffer: Clear all memory mapped CPU ring buffers on first recording The events of a memory mapped ring buffer from the previous boot should not be mixed in with events from the current boot. There's meta data that is used to handle KASLR so that function names can be shown properly. Also, since the timestamps of the previous boot have no meaning to the timestamps of the current boot, having them intermingled in a buffer can also cause confusion because there could possibly be events in the future. When a trace is activated the meta data is reset so that the pointers of are now processed for the new address space. The trace buffers are reset when tracing starts for the first time. The problem here is that the reset only happens on online CPUs. If a CPU is offline, it does not get reset. To demonstrate the issue, a previous boot had tracing enabled in the boot mapped ring buffer on reboot. On the following boot, tracing has not been started yet so the function trace from the previous boot is still visible. # trace-cmd show -B boot_mapped -c 3 | tail -0 [003] d.h2. 156.462395: __rcu_read_lock <-cpu_emergency_disable_virtualization -0 [003] d.h2. 156.462396: vmx_emergency_disable_virtualization_cpu <-cpu_emergency_disable_virtualization -0 [003] d.h2. 156.462396: __rcu_read_unlock <-__sysvec_reboot -0 [003] d.h2. 156.462397: stop_this_cpu <-__sysvec_reboot -0 [003] d.h2. 156.462397: set_cpu_online <-stop_this_cpu -0 [003] d.h2. 156.462397: disable_local_APIC <-stop_this_cpu -0 [003] d.h2. 156.462398: clear_local_APIC <-disable_local_APIC -0 [003] d.h2. 156.462574: mcheck_cpu_clear <-stop_this_cpu -0 [003] d.h2. 156.462575: mce_intel_feature_clear <-stop_this_cpu -0 [003] d.h2. 156.462575: lmce_supported <-mce_intel_feature_clear Now, if CPU 3 is taken offline, and tracing is started on the memory mapped ring buffer, the events from the previous boot in the CPU 3 ring buffer is not reset. Now those events are using the meta data from the current boot and produces just hex values. # echo 0 > /sys/devices/system/cpu/cpu3/online # trace-cmd start -B boot_mapped -p function # trace-cmd show -B boot_mapped -c 3 | tail -0 [003] d.h2. 156.462395: 0xffffffff9a1e3194 <-0xffffffff9a0f655e -0 [003] d.h2. 156.462396: 0xffffffff9a0a1d24 <-0xffffffff9a0f656f -0 [003] d.h2. 156.462396: 0xffffffff9a1e6bc4 <-0xffffffff9a0f7323 -0 [003] d.h2. 156.462397: 0xffffffff9a0d12b4 <-0xffffffff9a0f732a -0 [003] d.h2. 156.462397: 0xffffffff9a1458d4 <-0xffffffff9a0d12e2 -0 [003] d.h2. 156.462397: 0xffffffff9a0faed4 <-0xffffffff9a0d12e7 -0 [003] d.h2. 156.462398: 0xffffffff9a0faaf4 <-0xffffffff9a0faef2 -0 [003] d.h2. 156.462574: 0xffffffff9a0e3444 <-0xffffffff9a0d12ef -0 [003] d.h2. 156.462575: 0xffffffff9a0e4964 <-0xffffffff9a0d12ef -0 [003] d.h2. 156.462575: 0xffffffff9a0e3fb0 <-0xffffffff9a0e496f Reset all CPUs when starting a boot mapped ring buffer for the first time, and not just the online CPUs. Fixes: 7a1d1e4b9639f ("tracing/ring-buffer: Add last_boot_info file to boot instance") Signed-off-by: Steven Rostedt (Google) commit 5ec23a1b53a98dbd7ea33954db5f0fe7110903aa Merge: 2143c8ae423dbc 2ae6da569e34e1 Author: Takashi Iwai Date: Thu Nov 14 16:40:15 2024 +0100 Merge tag 'asoc-fix-v6.12-rc7' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus ASoC: Fixes for v6.12 Some last updates for v6.12, one quirk plus a couple of fixes. One is a minor fix for a relatively obscure driver and the other is a relatively important fix for boot hangs with some audio graph based cards. commit 7d493a5ecc26f861421af6e64427d5f697ddd395 Author: Josef Bacik Date: Wed Nov 13 11:05:13 2024 -0500 btrfs: fix incorrect comparison for delayed refs When I reworked delayed ref comparison in cf4f04325b2b ("btrfs: move ->parent and ->ref_root into btrfs_delayed_ref_node"), I made a mistake and returned -1 for the case where ref1->ref_root was > than ref2->ref_root. This is a subtle bug that can result in improper delayed ref running order, which can result in transaction aborts. Fixes: cf4f04325b2b ("btrfs: move ->parent and ->ref_root into btrfs_delayed_ref_node") CC: stable@vger.kernel.org # 6.10+ Reviewed-by: Filipe Manana Reviewed-by: Qu Wenruo Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 580bb355bcae7e9a6606ce9644af09b2a793f1bb Author: Steven Rostedt Date: Wed Nov 13 23:08:39 2024 -0500 Revert: "ring-buffer: Do not have boot mapped buffers hook to CPU hotplug" A crash happened when testing cpu hotplug with respect to the memory mapped ring buffers. It was assumed that the hot plug code was adding a per CPU buffer that was already created that caused the crash. The real problem was due to ref counting and was fixed by commit 2cf9733891a4 ("ring-buffer: Fix refcount setting of boot mapped buffers"). When a per CPU buffer is created, it will not be created again even with CPU hotplug, so the fix to not use CPU hotplug was a red herring. In fact, it caused only the boot CPU buffer to be created, leaving the other CPU per CPU buffers disabled. Revert that change as it was not the culprit of the fix it was intended to be. Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Link: https://lore.kernel.org/20241113230839.6c03640f@gandalf.local.home Fixes: 912da2c384d5 ("ring-buffer: Do not have boot mapped buffers hook to CPU hotplug") Signed-off-by: Steven Rostedt (Google) commit ca34aceb322bfcd6ab498884f1805ee12f983259 Author: Alexandre Ferrieux Date: Wed Nov 13 11:04:28 2024 +0100 net: sched: u32: Add test case for systematic hnode IDR leaks Add a tdc test case to exercise the just-fixed systematic leak of IDR entries in u32 hnode disposal. Given the IDR in question is confined to the range [1..0x7FF], it is sufficient to create/delete the same filter 2048 times to fill it up and get a nonzero exit status from "tc filter add". Signed-off-by: Alexandre Ferrieux Acked-by: Jamal Hadi Salim Reviewed-by: Victor Nogueira Link: https://patch.msgid.link/20241113100428.360460-1-alexandre.ferrieux@orange.com Signed-off-by: Paolo Abeni commit 32c4514455b2b8fde506f8c0962f15c7e4c26f1d Author: Francesco Dolcini Date: Thu Sep 26 16:12:46 2024 +0200 drm/bridge: tc358768: Fix DSI command tx Wait for the command transmission to be completed in the DSI transfer function polling for the dc_start bit to go back to idle state after the transmission is started. This is documented in the datasheet and failures to do so lead to commands corruption. Fixes: ff1ca6397b1d ("drm/bridge: Add tc358768 driver") Cc: stable@vger.kernel.org Signed-off-by: Francesco Dolcini Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240926141246.48282-1-francesco@dolcini.it Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240926141246.48282-1-francesco@dolcini.it commit f8d670b1ae90cb1c5a18a4698c264e96dedc762c Merge: dc065076ee7768 86fb6173d11e77 Author: Paolo Abeni Date: Thu Nov 14 11:16:30 2024 +0100 Merge branch 'bonding-fix-ns-targets-not-work-on-hardware-nic' Hangbin Liu says: ==================== bonding: fix ns targets not work on hardware NIC The first patch fixed ns targets not work on hardware NIC when bonding set arp_validate. The second patch add a related selftest for bonding. v4: Thanks Nikolay for the comments: use bond_slave_ns_maddrs_{add/del} with clear name fix comments typos remove _slave_set_ns_maddrs underscore directly update bond_option_arp_validate_set() change logic v3: use ndisc_mc_map to convert the mcast mac address (Jay Vosburgh) v2: only add/del mcast group on backup slaves when arp_validate is set (Jay Vosburgh) arp_validate doesn't support 3ad, tlb, alb. So let's only do it on ab mode. ==================== Link: https://patch.msgid.link/20241111101650.27685-1-liuhangbin@gmail.com Signed-off-by: Paolo Abeni commit 86fb6173d11e773a00a5b6d1b7bd17caff8692b8 Author: Hangbin Liu Date: Mon Nov 11 10:16:50 2024 +0000 selftests: bonding: add ns multicast group testing Add a test to make sure the backup slaves join correct multicast group when arp_validate enabled and ns_ip6_target is set. Here is the result: TEST: arp_validate (active-backup ns_ip6_target arp_validate 0) [ OK ] TEST: arp_validate (join mcast group) [ OK ] TEST: arp_validate (active-backup ns_ip6_target arp_validate 1) [ OK ] TEST: arp_validate (join mcast group) [ OK ] TEST: arp_validate (active-backup ns_ip6_target arp_validate 2) [ OK ] TEST: arp_validate (join mcast group) [ OK ] TEST: arp_validate (active-backup ns_ip6_target arp_validate 3) [ OK ] TEST: arp_validate (join mcast group) [ OK ] TEST: arp_validate (active-backup ns_ip6_target arp_validate 4) [ OK ] TEST: arp_validate (join mcast group) [ OK ] TEST: arp_validate (active-backup ns_ip6_target arp_validate 5) [ OK ] TEST: arp_validate (join mcast group) [ OK ] TEST: arp_validate (active-backup ns_ip6_target arp_validate 6) [ OK ] TEST: arp_validate (join mcast group) [ OK ] Signed-off-by: Hangbin Liu Reviewed-by: Nikolay Aleksandrov Signed-off-by: Paolo Abeni commit 8eb36164d1a6769a20ed43033510067ff3dab9ee Author: Hangbin Liu Date: Mon Nov 11 10:16:49 2024 +0000 bonding: add ns target multicast address to slave device Commit 4598380f9c54 ("bonding: fix ns validation on backup slaves") tried to resolve the issue where backup slaves couldn't be brought up when receiving IPv6 Neighbor Solicitation (NS) messages. However, this fix only worked for drivers that receive all multicast messages, such as the veth interface. For standard drivers, the NS multicast message is silently dropped because the slave device is not a member of the NS target multicast group. To address this, we need to make the slave device join the NS target multicast group, ensuring it can receive these IPv6 NS messages to validate the slave’s status properly. There are three policies before joining the multicast group: 1. All settings must be under active-backup mode (alb and tlb do not support arp_validate), with backup slaves and slaves supporting multicast. 2. We can add or remove multicast groups when arp_validate changes. 3. Other operations, such as enslaving, releasing, or setting NS targets, need to be guarded by arp_validate. Fixes: 4e24be018eb9 ("bonding: add new parameter ns_targets") Signed-off-by: Hangbin Liu Reviewed-by: Nikolay Aleksandrov Signed-off-by: Paolo Abeni commit dc065076ee7768377d7c16af7d1b0767782d8c98 Author: Meghana Malladi Date: Mon Nov 11 15:28:42 2024 +0530 net: ti: icssg-prueth: Fix 1 PPS sync The first PPS latch time needs to be calculated by the driver (in rounded off seconds) and configured as the start time offset for the cycle. After synchronizing two PTP clocks running as master/slave, missing this would cause master and slave to start immediately with some milliseconds drift which causes the PPS signal to never synchronize with the PTP master. Fixes: 186734c15886 ("net: ti: icssg-prueth: add packet timestamping and ptp support") Signed-off-by: Meghana Malladi Reviewed-by: Vadim Fedorenko Reviewed-by: MD Danish Anwar Link: https://patch.msgid.link/20241111095842.478833-1-m-malladi@ti.com Signed-off-by: Paolo Abeni commit 93d1f41a82de382845af460bf03bcb17dcbf08c5 Author: Chen Ridong Date: Tue Oct 29 08:34:29 2024 +0000 drm/vmwgfx: avoid null_ptr_deref in vmw_framebuffer_surface_create_handle The 'vmw_user_object_buffer' function may return NULL with incorrect inputs. To avoid possible null pointer dereference, add a check whether the 'bo' is NULL in the vmw_framebuffer_surface_create_handle. Fixes: d6667f0ddf46 ("drm/vmwgfx: Fix handling of dumb buffers") Signed-off-by: Chen Ridong Signed-off-by: Zack Rusin Link: https://patchwork.freedesktop.org/patch/msgid/20241029083429.1185479-1-chenridong@huaweicloud.com commit 5b366eae71937ae7412365340b431064625f9617 Author: Vitalii Mordan Date: Fri Nov 8 20:33:34 2024 +0300 stmmac: dwmac-intel-plat: fix call balance of tx_clk handling routines If the clock dwmac->tx_clk was not enabled in intel_eth_plat_probe, it should not be disabled in any path. Conversely, if it was enabled in intel_eth_plat_probe, it must be disabled in all error paths to ensure proper cleanup. Found by Linux Verification Center (linuxtesting.org) with Klever. Fixes: 9efc9b2b04c7 ("net: stmmac: Add dwmac-intel-plat for GBE driver") Signed-off-by: Vitalii Mordan Link: https://patch.msgid.link/20241108173334.2973603-1-mordan@ispras.ru Signed-off-by: Jakub Kicinski commit eb94b7bb10109a14a5431a67e5d8e31cfa06b395 Author: Michal Luczaj Date: Mon Nov 11 00:17:34 2024 +0100 net: Make copy_safe_from_sockptr() match documentation copy_safe_from_sockptr() return copy_from_sockptr() return copy_from_sockptr_offset() return copy_from_user() copy_from_user() does not return an error on fault. Instead, it returns a number of bytes that were not copied. Have it handled. Patch has a side effect: it un-breaks garbage input handling of nfc_llcp_setsockopt() and mISDN's data_sock_setsockopt(). Fixes: 6309863b31dd ("net: add copy_safe_from_sockptr() helper") Signed-off-by: Michal Luczaj Link: https://patch.msgid.link/20241111-sockptr-copy-ret-fix-v1-1-a520083a93fb@rbox.co Signed-off-by: Jakub Kicinski commit a03b18a71c128846360cc81ac6fdb0e7d41597b4 Author: Nícolas F. R. A. Prado Date: Sat Nov 9 10:16:32 2024 -0500 net: stmmac: dwmac-mediatek: Fix inverted handling of mediatek,mac-wol The mediatek,mac-wol property is being handled backwards to what is described in the binding: it currently enables PHY WOL when the property is present and vice versa. Invert the driver logic so it matches the binding description. Fixes: fd1d62d80ebc ("net: stmmac: replace the use_phy_wol field with a flag") Signed-off-by: Nícolas F. R. A. Prado Link: https://patch.msgid.link/20241109-mediatek-mac-wol-noninverted-v2-1-0e264e213878@collabora.com Signed-off-by: Jakub Kicinski commit e28acc9c1ccfcb24c08e020828f69d0a915b06ae Author: Breno Leitao Date: Fri Nov 8 06:08:36 2024 -0800 ipmr: Fix access to mfc_cache_list without lock held Accessing `mr_table->mfc_cache_list` is protected by an RCU lock. In the following code flow, the RCU read lock is not held, causing the following error when `RCU_PROVE` is not held. The same problem might show up in the IPv6 code path. 6.12.0-rc5-kbuilder-01145-gbac17284bdcb #33 Tainted: G E N ----------------------------- net/ipv4/ipmr_base.c:313 RCU-list traversed in non-reader section!! rcu_scheduler_active = 2, debug_locks = 1 2 locks held by RetransmitAggre/3519: #0: ffff88816188c6c0 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x8a/0x290 #1: ffffffff83fcf7a8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x6b/0x90 stack backtrace: lockdep_rcu_suspicious mr_table_dump ipmr_rtm_dumproute rtnl_dump_all rtnl_dumpit netlink_dump __netlink_dump_start rtnetlink_rcv_msg netlink_rcv_skb netlink_unicast netlink_sendmsg This is not a problem per see, since the RTNL lock is held here, so, it is safe to iterate in the list without the RCU read lock, as suggested by Eric. To alleviate the concern, modify the code to use list_for_each_entry_rcu() with the RTNL-held argument. The annotation will raise an error only if RTNL or RCU read lock are missing during iteration, signaling a legitimate problem, otherwise it will avoid this false positive. This will solve the IPv6 case as well, since ip6mr_rtm_dumproute() calls this function as well. Signed-off-by: Breno Leitao Reviewed-by: David Ahern Link: https://patch.msgid.link/20241108-ipmr_rcu-v2-1-c718998e209b@debian.org Signed-off-by: Jakub Kicinski commit 3342dc8b4623d835e7dd76a15cec2e5a94fe2f93 Author: Wei Fang Date: Tue Nov 12 11:03:47 2024 +0800 samples: pktgen: correct dev to DEV In the pktgen_sample01_simple.sh script, the device variable is uppercase 'DEV' instead of lowercase 'dev'. Because of this typo, the script cannot enable UDP tx checksum. Fixes: 460a9aa23de6 ("samples: pktgen: add UDP tx checksum support") Signed-off-by: Wei Fang Reviewed-by: Simon Horman Acked-by: Jesper Dangaard Brouer Link: https://patch.msgid.link/20241112030347.1849335-1-wei.fang@nxp.com Signed-off-by: Jakub Kicinski commit 671154f174e0e7f242507cd074497661deb41bfd Author: Russell King (Oracle) Date: Tue Nov 12 16:20:00 2024 +0000 net: phylink: ensure PHY momentary link-fails are handled Normally, phylib won't notify changes in quick succession. However, as a result of commit 3e43b903da04 ("net: phy: Immediately call adjust_link if only tx_lpi_enabled changes") this is no longer true - it is now possible that phy_link_down() and phy_link_up() will both complete before phylink's resolver has run, which means it'll miss that pl->phy_state.link momentarily became false. Rename "mac_link_dropped" to be more generic "link_failed" since it will cover more than the MAC/PCS end of the link failing, and arrange to set this in phylink_phy_change() if we notice that the PHY reports that the link is down. This will ensure that we capture an EEE reconfiguration event. Fixes: 3e43b903da04 ("net: phy: Immediately call adjust_link if only tx_lpi_enabled changes") Signed-off-by: Russell King (Oracle) Reviewed-by: Oleksij Rempel Link: https://patch.msgid.link/E1tAtcW-002RBS-LB@rmk-PC.armlinux.org.uk Signed-off-by: Jakub Kicinski commit 7d2253d93327de257590b88c86eeebfe7ff88d0c Merge: 73af53d82076bb db3eab8110bc05 Author: Jakub Kicinski Date: Wed Nov 13 18:51:09 2024 -0800 Merge branch 'mptcp-pm-a-few-more-fixes' Matthieu Baerts says: ==================== mptcp: pm: a few more fixes Three small fixes related to the MPTCP path-manager: - Patch 1: correctly reflect the backup flag to the corresponding local address entry of the userspace path-manager. A fix for v5.19. - Patch 2: hold the PM lock when deleting an entry from the local addresses of the userspace path-manager to avoid messing up with this list. A fix for v5.19. - Patch 3: use _rcu variant to iterate the in-kernel path-manager's local addresses list, when under rcu_read_lock(). A fix for v5.17. ==================== Link: https://patch.msgid.link/20241112-net-mptcp-misc-6-12-pm-v1-0-b835580cefa8@kernel.org Signed-off-by: Jakub Kicinski commit db3eab8110bc0520416101b6a5b52f44a43fb4cf Author: Matthieu Baerts (NGI0) Date: Tue Nov 12 20:18:35 2024 +0100 mptcp: pm: use _rcu variant under rcu_read_lock In mptcp_pm_create_subflow_or_signal_addr(), rcu_read_(un)lock() are used as expected to iterate over the list of local addresses, but list_for_each_entry() was used instead of list_for_each_entry_rcu() in __lookup_addr(). It is important to use this variant which adds the required READ_ONCE() (and diagnostic checks if enabled). Because __lookup_addr() is also used in mptcp_pm_nl_set_flags() where it is called under the pernet->lock and not rcu_read_lock(), an extra condition is then passed to help the diagnostic checks making sure either the associated spin lock or the RCU lock is held. Fixes: 86e39e04482b ("mptcp: keep track of local endpoint still available for each msk") Cc: stable@vger.kernel.org Reviewed-by: Geliang Tang Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20241112-net-mptcp-misc-6-12-pm-v1-3-b835580cefa8@kernel.org Signed-off-by: Jakub Kicinski commit f642c5c4d528d11bd78b6c6f84f541cd3c0bea86 Author: Geliang Tang Date: Tue Nov 12 20:18:34 2024 +0100 mptcp: hold pm lock when deleting entry When traversing userspace_pm_local_addr_list and deleting an entry from it in mptcp_pm_nl_remove_doit(), msk->pm.lock should be held. This patch holds this lock before mptcp_userspace_pm_lookup_addr_by_id() and releases it after list_move() in mptcp_pm_nl_remove_doit(). Fixes: d9a4594edabf ("mptcp: netlink: Add MPTCP_PM_CMD_REMOVE") Cc: stable@vger.kernel.org Signed-off-by: Geliang Tang Reviewed-by: Matthieu Baerts (NGI0) Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20241112-net-mptcp-misc-6-12-pm-v1-2-b835580cefa8@kernel.org Signed-off-by: Jakub Kicinski commit e0266319413d5d687ba7b6df7ca99e4b9724a4f2 Author: Geliang Tang Date: Tue Nov 12 20:18:33 2024 +0100 mptcp: update local address flags when setting it Just like in-kernel pm, when userspace pm does set_flags, it needs to send out MP_PRIO signal, and also modify the flags of the corresponding address entry in the local address list. This patch implements the missing logic. Traverse all address entries on userspace_pm_local_addr_list to find the local address entry, if bkup is true, set the flags of this entry with FLAG_BACKUP, otherwise, clear FLAG_BACKUP. Fixes: 892f396c8e68 ("mptcp: netlink: issue MP_PRIO signals from userspace PMs") Cc: stable@vger.kernel.org Signed-off-by: Geliang Tang Reviewed-by: Matthieu Baerts (NGI0) Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20241112-net-mptcp-misc-6-12-pm-v1-1-b835580cefa8@kernel.org Signed-off-by: Jakub Kicinski commit 9776c0a75a1a86b753b2dc7c1ecc3baa048a8dec Author: Dave Airlie Date: Mon Nov 11 13:41:25 2024 +1000 nouveau/dp: handle retries for AUX CH transfers with GSP. eb284f4b3781 drm/nouveau/dp: Honor GSP link training retry timeouts tried to fix a problem with panel retires, however it appears the auxch also needs the same treatment, so add the same retry wrapper around it. This fixes some eDP panels after a suspend/resume cycle. Fixes: eb284f4b3781 ("drm/nouveau/dp: Honor GSP link training retry timeouts") Cc: stable@vger.kernel.org Reviewed-by: Lyude Paul Signed-off-by: Dave Airlie Link: https://patchwork.freedesktop.org/patch/msgid/20241111034126.2028401-2-airlied@gmail.com commit b6ad7debf5ab3e581b5cb0f5c94e404ec968bd5b Author: Dave Airlie Date: Mon Nov 11 13:41:24 2024 +1000 nouveau: handle EBUSY and EAGAIN for GSP aux errors. The upper layer transfer functions expect EBUSY as a return for when retries should be done. Fix the AUX error translation, but also check for both errors in a few places. Fixes: eb284f4b3781 ("drm/nouveau/dp: Honor GSP link training retry timeouts") Cc: stable@vger.kernel.org Reviewed-by: Lyude Paul Signed-off-by: Dave Airlie Link: https://patchwork.freedesktop.org/patch/msgid/20241111034126.2028401-1-airlied@gmail.com commit 21ec425eaf2cb7c0371f7683f81ad7d9679b6eb5 Author: Dave Airlie Date: Wed Nov 13 05:57:03 2024 +1000 nouveau: fw: sync dma after setup is called. When this code moved to non-coherent allocator the sync was put too early for some firmwares which called the setup function, move the sync down after the setup function. Reported-by: Diogo Ivo Tested-by: Diogo Ivo Reviewed-by: Lyude Paul Fixes: 9b340aeb26d5 ("nouveau/firmware: use dma non-coherent allocator") Cc: stable@vger.kernel.org Signed-off-by: Dave Airlie Link: https://patchwork.freedesktop.org/patch/msgid/20241114004603.3095485-1-airlied@gmail.com commit 0a9b9d17f3a781dea03baca01c835deaa07f7cc3 Merge: 4ba05b0e857d1f 1a1030d10a6335 Author: Linus Torvalds Date: Wed Nov 13 13:32:51 2024 -0800 Merge tag 'pm-6.12-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull power management fix from Rafael Wysocki: "Fix a locking issue in the asymmetric CPU capacity setup code in the intel_pstate driver that may lead to a deadlock if CPU online/offline runs in parallel with the code in question, which is unlikely but not impossible (Rafael Wysocki)" * tag 'pm-6.12-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: cpufreq: intel_pstate: Rearrange locking in hybrid_init_cpu_capacity_scaling() commit 4ba05b0e857d1f78f92084a15e618ea89a318089 Merge: 9f8e716d46c681 423893fcbe7e9a Author: Linus Torvalds Date: Wed Nov 13 13:28:58 2024 -0800 Merge tag 'tpmdd-next-6.12-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd Pull tpm fixes from Jarkko Sakkinen: "Two bug fixes for TPM bus encryption (the remaining reported issues in the feature)" * tag 'tpmdd-next-6.12-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd: tpm: Disable TPM on tpm2_create_primary() failure tpm: Opt-in in disable PCR integrity protection commit c0403e4ceecaefbeaf78263dffcd3e3f06a19f6b Author: Ashutosh Dixit Date: Fri Nov 8 19:20:03 2024 -0800 drm/xe/oa: Fix "Missing outer runtime PM protection" warning Fix the following drm_WARN: [953.586396] xe 0000:00:02.0: [drm] Missing outer runtime PM protection ... <4> [953.587090] ? xe_pm_runtime_get_noresume+0x8d/0xa0 [xe] <4> [953.587208] guc_exec_queue_add_msg+0x28/0x130 [xe] <4> [953.587319] guc_exec_queue_fini+0x3a/0x40 [xe] <4> [953.587425] xe_exec_queue_destroy+0xb3/0xf0 [xe] <4> [953.587515] xe_oa_release+0x9c/0xc0 [xe] Suggested-by: John Harrison Suggested-by: Matthew Brost Fixes: e936f885f1e9 ("drm/xe/oa/uapi: Expose OA stream fd") Cc: stable@vger.kernel.org Signed-off-by: Ashutosh Dixit Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20241109032003.3093811-1-ashutosh.dixit@intel.com (cherry picked from commit b107c63d2953907908fd0cafb0e543b3c3167b75) Signed-off-by: Lucas De Marchi commit 423893fcbe7e9adc875bce4e55b9b25fc1424977 Author: Jarkko Sakkinen Date: Wed Nov 13 20:35:39 2024 +0200 tpm: Disable TPM on tpm2_create_primary() failure The earlier bug fix misplaced the error-label when dealing with the tpm2_create_primary() return value, which the original completely ignored. Cc: stable@vger.kernel.org Reported-by: Christoph Anton Mitterer Closes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087331 Fixes: cc7d8594342a ("tpm: Rollback tpm2_load_null()") Signed-off-by: Jarkko Sakkinen commit 27184f8905ba680f22abf1707fbed24036a67119 Author: Jarkko Sakkinen Date: Wed Nov 13 07:54:12 2024 +0200 tpm: Opt-in in disable PCR integrity protection The initial HMAC session feature added TPM bus encryption and/or integrity protection to various in-kernel TPM operations. This can cause performance bottlenecks with IMA, as it heavily utilizes PCR extend operations. In order to mitigate this performance issue, introduce a kernel command-line parameter to the TPM driver for disabling the integrity protection for PCR extend operations (i.e. TPM2_PCR_Extend). Cc: James Bottomley Link: https://lore.kernel.org/linux-integrity/20241015193916.59964-1-zohar@linux.ibm.com/ Fixes: 6519fea6fd37 ("tpm: add hmac checks to tpm2_pcr_extend()") Tested-by: Mimi Zohar Co-developed-by: Roberto Sassu Signed-off-by: Roberto Sassu Co-developed-by: Mimi Zohar Signed-off-by: Mimi Zohar Signed-off-by: Jarkko Sakkinen commit 9f8e716d46c68112484a23d1742d9ec725e082fc Merge: c5f404511890d7 fb86c42a2a5d44 Author: Linus Torvalds Date: Wed Nov 13 09:14:19 2024 -0800 Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Pull bpf fixes from Daniel Borkmann: - Fix a mismatching RCU unlock flavor in bpf_out_neigh_v6 (Jiawei Ye) - Fix BPF sockmap with kTLS to reject vsock and unix sockets upon kTLS context retrieval (Zijian Zhang) - Fix BPF bits iterator selftest for s390x (Hou Tao) * tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf: bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx selftests/bpf: Use -4095 as the bad address for bits iterator commit c5f404511890d75c90e4ec06c54f06bd397d96f5 Merge: 4b49c0ba4eeb31 6ce031e5d6f475 Author: Linus Torvalds Date: Wed Nov 13 09:09:00 2024 -0800 Merge tag 'loongarch-fixes-6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson Pull LoongArch fixes from Huacai Chen: - fix possible CPUs setup logical-physical CPU mapping, in order to avoid CPU hotplug issue - fix some KASAN bugs - fix AP booting issue in VM mode - some trivial cleanups * tag 'loongarch-fixes-6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson: LoongArch: Fix AP booting issue in VM mode LoongArch: Add WriteCombine shadow mapping in KASAN LoongArch: Disable KASAN if PGDIR_SIZE is too large for cpu_vabits LoongArch: Make KASAN work with 5-level page-tables LoongArch: Define a default value for VM_DATA_DEFAULT_FLAGS LoongArch: Fix early_numa_add_cpu() usage for FDT systems LoongArch: For all possible CPUs setup logical-physical CPU mapping commit 4b49c0ba4eeb31b44462303cac4162476b72c831 Merge: f1b785f4c7870c dcf32ea7ecede9 Author: Linus Torvalds Date: Wed Nov 13 08:58:11 2024 -0800 Merge tag 'mm-hotfixes-stable-2024-11-12-16-39' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull misc fixes from Andrew Morton: "10 hotfixes, 7 of which are cc:stable. 7 are MM, 3 are not. All singletons" * tag 'mm-hotfixes-stable-2024-11-12-16-39' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: mm: swapfile: fix cluster reclaim work crash on rotational devices selftests: hugetlb_dio: fixup check for initial conditions to skip in the start mm/thp: fix deferred split queue not partially_mapped: fix mm/gup: avoid an unnecessary allocation call for FOLL_LONGTERM cases nommu: pass NULL argument to vma_iter_prealloc() ocfs2: fix UBSAN warning in ocfs2_verify_volume() nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint mm: page_alloc: move mlocked flag clearance into free_pages_prepare() mm: count zeromap read and set for swapout and swapin commit be7eeaba2a11d7c16a9dc034a25f224f1343f303 Author: Matthew Auld Date: Tue Nov 12 16:28:28 2024 +0000 drm/xe: handle flat ccs during hibernation on igpu Starting from LNL, CCS has moved over to flat CCS model where there is now dedicated memory reserved for storing compression state. On platforms like LNL this reserved memory lives inside graphics stolen memory, which is not treated like normal RAM and is therefore skipped by the core kernel when creating the hibernation image. Currently if something was compressed and we enter hibernation all the corresponding CCS state is lost on such HW, resulting in corrupted memory. To fix this evict user buffers from TT -> SYSTEM to ensure we take a snapshot of the raw CCS state when entering hibernation, where upon resuming we can restore the raw CCS state back when next validating the buffer. This has been confirmed to fix display corruption on LNL when coming back from hibernation. Fixes: cbdc52c11c9b ("drm/xe/xe2: Support flat ccs") Link: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/3409 Signed-off-by: Matthew Auld Cc: Matthew Brost Cc: # v6.8+ Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20241112162827.116523-2-matthew.auld@intel.com (cherry picked from commit c8b3c6db941299d7cc31bd9befed3518fdebaf68) Signed-off-by: Lucas De Marchi commit 46f1f4b0f3c2a2dff9887de7c66ccc7ef482bd83 Author: Matthew Auld Date: Fri Nov 1 17:01:57 2024 +0000 drm/xe: improve hibernation on igpu The GGTT looks to be stored inside stolen memory on igpu which is not treated as normal RAM. The core kernel skips this memory range when creating the hibernation image, therefore when coming back from hibernation the GGTT programming is lost. This seems to cause issues with broken resume where GuC FW fails to load: [drm] *ERROR* GT0: load failed: status = 0x400000A0, time = 10ms, freq = 1250MHz (req 1300MHz), done = -1 [drm] *ERROR* GT0: load failed: status: Reset = 0, BootROM = 0x50, UKernel = 0x00, MIA = 0x00, Auth = 0x01 [drm] *ERROR* GT0: firmware signature verification failed [drm] *ERROR* CRITICAL: Xe has declared device 0000:00:02.0 as wedged. Current GGTT users are kernel internal and tracked as pinned, so it should be possible to hook into the existing save/restore logic that we use for dgpu, where the actual evict is skipped but on restore we importantly restore the GGTT programming. This has been confirmed to fix hibernation on at least ADL and MTL, though likely all igpu platforms are affected. This also means we have a hole in our testing, where the existing s4 tests only really test the driver hooks, and don't go as far as actually rebooting and restoring from the hibernation image and in turn powering down RAM (and therefore losing the contents of stolen). v2 (Brost) - Remove extra newline and drop unnecessary parentheses. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Link: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/3275 Signed-off-by: Matthew Auld Cc: Matthew Brost Cc: # v6.8+ Reviewed-by: Matthew Brost Reviewed-by: Lucas De Marchi Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20241101170156.213490-2-matthew.auld@intel.com (cherry picked from commit f2a6b8e396666d97ada8e8759dfb6a69d8df6380) Signed-off-by: Lucas De Marchi commit dd886a63d6e2ce5c16e662c07547c067ad7d91f5 Author: Matthew Brost Date: Thu Oct 31 11:22:57 2024 -0700 drm/xe: Restore system memory GGTT mappings GGTT mappings reside on the device and this state is lost during suspend / d3cold thus this state must be restored resume regardless if the BO is in system memory or VRAM. v2: - Unnecessary parentheses around bo->placements[0] (Checkpatch) Signed-off-by: Matthew Brost Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20241031182257.2949579-1-matthew.brost@intel.com (cherry picked from commit a19d1db9a3fa89fabd7c83544b84f393ee9b851f) Signed-off-by: Lucas De Marchi commit ce0d6970231903f43572a6998020fdc8b3a8f455 Author: Matthew Brost Date: Wed Nov 6 14:49:44 2024 -0800 drm/xe: Ensure all locks released in exec IOCTL In couple of places the wrong error handling goto was used to release locks. Fix these to ensure all locks dropped on exec IOCTL errors. Cc: Francois Dugast Fixes: d16ef1a18e39 ("drm/xe/exec: Switch hw engine group execution mode upon job submission") Signed-off-by: Matthew Brost Reviewed-by: Francois Dugast Link: https://patchwork.freedesktop.org/patch/msgid/20241106224944.30130-1-matthew.brost@intel.com (cherry picked from commit 9e7aacd8402b88394e6a83cb242901fde77a1773) Signed-off-by: Lucas De Marchi commit 8d9ffb2fe65a6c4ef114e8d4f947958a12751bbe Author: Baoquan He Date: Wed Sep 11 16:16:15 2024 +0800 x86/mm: Fix a kdump kernel failure on SME system when CONFIG_IMA_KEXEC=y The kdump kernel is broken on SME systems with CONFIG_IMA_KEXEC=y enabled. Debugging traced the issue back to b69a2afd5afc ("x86/kexec: Carry forward IMA measurement log on kexec"). Testing was previously not conducted on SME systems with CONFIG_IMA_KEXEC enabled, which led to the oversight, with the following incarnation: ... ima: No TPM chip found, activating TPM-bypass! Loading compiled-in module X.509 certificates Loaded X.509 cert 'Build time autogenerated kernel key: 18ae0bc7e79b64700122bb1d6a904b070fef2656' ima: Allocated hash algorithm: sha256 Oops: general protection fault, probably for non-canonical address 0xcfacfdfe6660003e: 0000 [#1] PREEMPT SMP NOPTI CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.11.0-rc2+ #14 Hardware name: Dell Inc. PowerEdge R7425/02MJ3T, BIOS 1.20.0 05/03/2023 RIP: 0010:ima_restore_measurement_list Call Trace: ? show_trace_log_lvl ? show_trace_log_lvl ? ima_load_kexec_buffer ? __die_body.cold ? die_addr ? exc_general_protection ? asm_exc_general_protection ? ima_restore_measurement_list ? vprintk_emit ? ima_load_kexec_buffer ima_load_kexec_buffer ima_init ? __pfx_init_ima init_ima ? __pfx_init_ima do_one_initcall do_initcalls ? __pfx_kernel_init kernel_init_freeable kernel_init ret_from_fork ? __pfx_kernel_init ret_from_fork_asm Modules linked in: ---[ end trace 0000000000000000 ]--- ... Kernel panic - not syncing: Fatal exception Kernel Offset: disabled Rebooting in 10 seconds.. Adding debug printks showed that the stored addr and size of ima_kexec buffer are not decrypted correctly like: ima: ima_load_kexec_buffer, buffer:0xcfacfdfe6660003e, size:0xe48066052d5df359 Three types of setup_data info — SETUP_EFI, - SETUP_IMA, and - SETUP_RNG_SEED are passed to the kexec/kdump kernel. Only the ima_kexec buffer experienced incorrect decryption. Debugging identified a bug in early_memremap_is_setup_data(), where an incorrect range calculation occurred due to the len variable in struct setup_data ended up only representing the length of the data field, excluding the struct's size, and thus leading to miscalculation. Address a similar issue in memremap_is_setup_data() while at it. [ bp: Heavily massage. ] Fixes: b3c72fc9a78e ("x86/boot: Introduce setup_indirect") Signed-off-by: Baoquan He Signed-off-by: Borislav Petkov (AMD) Acked-by: Tom Lendacky Cc: Link: https://lore.kernel.org/r/20240911081615.262202-3-bhe@redhat.com commit 2143c8ae423dbc3f036cae8d18a5a3c272df3deb Author: Kailang Yang Date: Tue Nov 12 14:03:53 2024 +0800 ALSA: hda/realtek - update set GPIO3 to default for Thinkpad with ALC1318 If user no update BIOS, the speaker will no sound. This patch support old BIOS to have sound from speaker. Fixes: 1e707769df07 ("ALSA: hda/realtek - Set GPIO3 to default at S4 state for Thinkpad with ALC1318") Signed-off-by: Kailang Yang Cc: Signed-off-by: Takashi Iwai commit 96409eeab8cdd394e03ec494ea9547edc27f7ab4 Author: Maksym Glubokiy Date: Tue Nov 12 17:48:15 2024 +0200 ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 HP EliteBook 645 G10 uses ALC236 codec and need the ALC236_FIXUP_HP_MUTE_LED_MICMUTE_VREF quirk to make mute LED and micmute LED work. Signed-off-by: Maksym Glubokiy Cc: Link: https://patch.msgid.link/20241112154815.10888-1-maxgl.kernel@gmail.com Signed-off-by: Takashi Iwai commit 73af53d82076bbe184d9ece9e14b0dc8599e6055 Author: Alexandre Ferrieux Date: Sun Nov 10 18:28:36 2024 +0100 net: sched: cls_u32: Fix u32's systematic failure to free IDR entries for hnodes. To generate hnode handles (in gen_new_htid()), u32 uses IDR and encodes the returned small integer into a structured 32-bit word. Unfortunately, at disposal time, the needed decoding is not done. As a result, idr_remove() fails, and the IDR fills up. Since its size is 2048, the following script ends up with "Filter already exists": tc filter add dev myve $FILTER1 tc filter add dev myve $FILTER2 for i in {1..2048} do echo $i tc filter del dev myve $FILTER2 tc filter add dev myve $FILTER2 done This patch adds the missing decoding logic for handles that deserve it. Fixes: e7614370d6f0 ("net_sched: use idr to allocate u32 filter handles") Reviewed-by: Eric Dumazet Acked-by: Jamal Hadi Salim Signed-off-by: Alexandre Ferrieux Tested-by: Victor Nogueira Link: https://patch.msgid.link/20241110172836.331319-1-alexandre.ferrieux@orange.com Signed-off-by: Jakub Kicinski commit 2b99b2532593b5a4c7dc6bff2486e98d211a8596 Author: Geert Uytterhoeven Date: Mon Nov 11 11:03:21 2024 +0100 MAINTAINERS: Re-add cancelled Renesas driver sections Removing full driver sections also removed mailing list entries, causing submitters of future patches to forget CCing these mailing lists. Hence re-add the sections for the Renesas Ethernet AVB, R-Car SATA, and SuperH Ethernet drivers. Add people who volunteered to maintain these drivers (thanks a lot!), and mark all of them as supported. Fixes: 6e90b675cf942e50 ("MAINTAINERS: Remove some entries due to various compliance requirements.") Signed-off-by: Geert Uytterhoeven Acked-by: Greg Kroah-Hartman Reviewed-by: Simon Horman Acked-by: Niklas Cassel Acked-by: Niklas Söderlund Reviewed-by: Paul Barker Link: https://patch.msgid.link/4b2105332edca277f07ffa195796975e9ddce994.1731319098.git.geert+renesas@glider.be Signed-off-by: Jakub Kicinski commit 50d325bb05cef24a2105e40e7cace5e2b237236d Author: Wander Lairson Costa Date: Wed Nov 6 08:14:26 2024 -0300 Revert "igb: Disable threaded IRQ for igb_msix_other" This reverts commit 338c4d3902feb5be49bfda530a72c7ab860e2c9f. Sebastian noticed the ISR indirectly acquires spin_locks, which are sleeping locks under PREEMPT_RT, which leads to kernel splats. Fixes: 338c4d3902feb ("igb: Disable threaded IRQ for igb_msix_other") Reported-by: Sebastian Andrzej Siewior Signed-off-by: Wander Lairson Costa Reviewed-by: Sebastian Andrzej Siewior Acked-by: Przemek Kitszel Link: https://patch.msgid.link/20241106111427.7272-1-wander@redhat.com Signed-off-by: Jakub Kicinski commit e707e366f35576a455678ad74c4835d1c62633c6 Merge: 20bbe5b8024944 d5359a7f583ab9 Author: Jakub Kicinski Date: Tue Nov 12 17:30:41 2024 -0800 Merge tag 'for-net-2024-11-12' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth Luiz Augusto von Dentz says: ==================== bluetooth pull request for net: - btintel: Direct exception event to bluetooth stack - hci_core: Fix calling mgmt_device_connected * tag 'for-net-2024-11-12' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth: Bluetooth: btintel: Direct exception event to bluetooth stack Bluetooth: hci_core: Fix calling mgmt_device_connected ==================== Link: https://patch.msgid.link/20241112175326.930800-1-luiz.dentz@gmail.com Signed-off-by: Jakub Kicinski commit f1b785f4c7870c42330b35522c2514e39a1e28e7 Merge: 14b6320953a3f8 29ce8b8a4fa74e Author: Linus Torvalds Date: Tue Nov 12 16:39:34 2024 -0800 Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost Pull virtio fix from Michael Tsirkin: "A last minute mlx5 bugfix" * tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost: vdpa/mlx5: Fix PA offset with unaligned starting iotlb map commit 3387e043918e154ca08d83954966a8b087fe2835 Author: Akash Goel Date: Mon Nov 11 13:47:20 2024 +0000 drm/panthor: Fix handling of partial GPU mapping of BOs This commit fixes the bug in the handling of partial mapping of the buffer objects to the GPU, which caused kernel warnings. Panthor didn't correctly handle the case where the partial mapping spanned multiple scatterlists and the mapping offset didn't point to the 1st page of starting scatterlist. The offset variable was not cleared after reaching the starting scatterlist. Following warning messages were seen. WARNING: CPU: 1 PID: 650 at drivers/iommu/io-pgtable-arm.c:659 __arm_lpae_unmap+0x254/0x5a0 pc : __arm_lpae_unmap+0x254/0x5a0 lr : __arm_lpae_unmap+0x2cc/0x5a0 Call trace: __arm_lpae_unmap+0x254/0x5a0 __arm_lpae_unmap+0x108/0x5a0 __arm_lpae_unmap+0x108/0x5a0 __arm_lpae_unmap+0x108/0x5a0 arm_lpae_unmap_pages+0x80/0xa0 panthor_vm_unmap_pages+0xac/0x1c8 [panthor] panthor_gpuva_sm_step_unmap+0x4c/0xc8 [panthor] op_unmap_cb.isra.23.constprop.30+0x54/0x80 __drm_gpuvm_sm_unmap+0x184/0x1c8 drm_gpuvm_sm_unmap+0x40/0x60 panthor_vm_exec_op+0xa8/0x120 [panthor] panthor_vm_bind_exec_sync_op+0xc4/0xe8 [panthor] panthor_ioctl_vm_bind+0x10c/0x170 [panthor] drm_ioctl_kernel+0xbc/0x138 drm_ioctl+0x210/0x4b0 __arm64_sys_ioctl+0xb0/0xf8 invoke_syscall+0x4c/0x110 el0_svc_common.constprop.1+0x98/0xf8 do_el0_svc+0x24/0x38 el0_svc+0x34/0xc8 el0t_64_sync_handler+0xa0/0xc8 el0t_64_sync+0x174/0x178 panthor : [drm] drm_WARN_ON(unmapped_sz != pgsize * pgcount) WARNING: CPU: 1 PID: 650 at drivers/gpu/drm/panthor/panthor_mmu.c:922 panthor_vm_unmap_pages+0x124/0x1c8 [panthor] pc : panthor_vm_unmap_pages+0x124/0x1c8 [panthor] lr : panthor_vm_unmap_pages+0x124/0x1c8 [panthor] panthor : [drm] *ERROR* failed to unmap range ffffa388f000-ffffa3890000 (requested range ffffa388c000-ffffa3890000) Fixes: 647810ec2476 ("drm/panthor: Add the MMU/VM logical block") Signed-off-by: Akash Goel Reviewed-by: Liviu Dudau Reviewed-by: Steven Price Reviewed-by: Boris Brezillon Link: https://patchwork.freedesktop.org/patch/msgid/20241111134720.780403-1-akash.goel@arm.com Signed-off-by: Liviu Dudau commit dcf32ea7ecede94796fb30231b3969d7c838374c Author: Johannes Weiner Date: Thu Nov 7 09:08:36 2024 -0500 mm: swapfile: fix cluster reclaim work crash on rotational devices syzbot and Daan report a NULL pointer crash in the new full swap cluster reclaim work: > Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI > KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] > CPU: 1 UID: 0 PID: 51 Comm: kworker/1:1 Not tainted 6.12.0-rc6-syzkaller #0 > Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 > Workqueue: events swap_reclaim_work > RIP: 0010:__list_del_entry_valid_or_report+0x20/0x1c0 lib/list_debug.c:49 > Code: 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 fe 48 83 c7 08 48 83 ec 18 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 19 01 00 00 48 89 f2 48 8b 4e 08 48 b8 00 00 00 > RSP: 0018:ffffc90000bb7c30 EFLAGS: 00010202 > RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff88807b9ae078 > RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000008 > RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 > R10: 0000000000000001 R11: 000000000000004f R12: dffffc0000000000 > R13: ffffffffffffffb8 R14: ffff88807b9ae000 R15: ffffc90003af1000 > FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 00007fffaca68fb8 CR3: 00000000791c8000 CR4: 00000000003526f0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > Call Trace: > > __list_del_entry_valid include/linux/list.h:124 [inline] > __list_del_entry include/linux/list.h:215 [inline] > list_move_tail include/linux/list.h:310 [inline] > swap_reclaim_full_clusters+0x109/0x460 mm/swapfile.c:748 > swap_reclaim_work+0x2e/0x40 mm/swapfile.c:779 The syzbot console output indicates a virtual environment where swapfile is on a rotational device. In this case, clusters aren't actually used, and si->full_clusters is not initialized. Daan's report is from qemu, so likely rotational too. Make sure to only schedule the cluster reclaim work when clusters are actually in use. Link: https://lkml.kernel.org/r/20241107142335.GB1172372@cmpxchg.org Link: https://lore.kernel.org/lkml/672ac50b.050a0220.2edce.1517.GAE@google.com/ Link: https://github.com/systemd/systemd/issues/35044 Fixes: 5168a68eb78f ("mm, swap: avoid over reclaim of full clusters") Reported-by: syzbot+078be8bfa863cb9e0c6b@syzkaller.appspotmail.com Signed-off-by: Johannes Weiner Reported-by: Daan De Meyer Cc: Kairui Song Signed-off-by: Andrew Morton commit ca29cfcc4a21083d671522ad384532e28a43f033 Author: Russell King (Oracle) Date: Tue Nov 12 10:16:13 2024 +0000 ARM: fix cacheflush with PAN It seems that the cacheflush syscall got broken when PAN for LPAE was implemented. User access was not enabled around the cache maintenance instructions, causing them to fault. Fixes: 7af5b901e847 ("ARM: 9358/2: Implement PAN for LPAE by TTBR0 page table walks disablement") Reported-by: Michał Pecio Tested-by: Michał Pecio Signed-off-by: Russell King (Oracle) commit fb5af7d5405bf89a848819d1af007dfc73e9fb57 Author: WangYuli Date: Mon Nov 11 06:07:40 2024 +0100 ARM: 9435/1: ARM/nommu: Fix typo "absence" There is a spelling mistake of 'absense' in comments which should be 'absence'. Link: https://lore.kernel.org/all/fca25741-c89f-43ea-95af-5e3232d513fc@arm.com/ Signed-off-by: WangYuli Reviewed-by: Vladimir Murzin Signed-off-by: Russell King (Oracle) commit 4aea16b7cfb76bd3361858ceee6893ef5c9b5570 Author: Linus Walleij Date: Mon Nov 11 00:17:03 2024 +0100 ARM: 9434/1: cfi: Fix compilation corner case When enabling expert mode CONFIG_EXPERT and using that power user mode to disable the branch prediction hardening !CONFIG_HARDEN_BRANCH_PREDICTOR, the assembly linker in CLANG notices that some assembly in proc-v7.S does not have corresponding C call sites, i.e. the prototypes in proc-v7-bugs.c are enclosed in ifdef CONFIG_HARDEN_BRANCH_PREDICTOR so this assembly: SYM_TYPED_FUNC_START(cpu_v7_smc_switch_mm) SYM_TYPED_FUNC_START(cpu_v7_hvc_switch_mm) Results in: ld.lld: error: undefined symbol: __kcfi_typeid_cpu_v7_smc_switch_mm >>> referenced by proc-v7.S:94 (.../arch/arm/mm/proc-v7.S:94) >>> arch/arm/mm/proc-v7.o:(.text+0x108) in archive vmlinux.a ld.lld: error: undefined symbol: __kcfi_typeid_cpu_v7_hvc_switch_mm >>> referenced by proc-v7.S:105 (.../arch/arm/mm/proc-v7.S:105) >>> arch/arm/mm/proc-v7.o:(.text+0x124) in archive vmlinux.a Fix this by adding an additional requirement that CONFIG_HARDEN_BRANCH_PREDICTOR has to be enabled to compile these assembly calls. Closes: https://lore.kernel.org/oe-kbuild-all/202411041456.ZsoEiD7T-lkp@intel.com/ Reported-by: kernel test robot Reviewed-by: Nathan Chancellor Signed-off-by: Linus Walleij Signed-off-by: Russell King (Oracle) commit 29ce8b8a4fa74e841342c8b8f8941848a3c6f29f Author: Si-Wei Liu Date: Mon Oct 21 16:40:39 2024 +0300 vdpa/mlx5: Fix PA offset with unaligned starting iotlb map When calculating the physical address range based on the iotlb and mr [start,end) ranges, the offset of mr->start relative to map->start is not taken into account. This leads to some incorrect and duplicate mappings. For the case when mr->start < map->start the code is already correct: the range in [mr->start, map->start) was handled by a different iteration. Fixes: 94abbccdf291 ("vdpa/mlx5: Add shared memory registration code") Cc: stable@vger.kernel.org Signed-off-by: Si-Wei Liu Signed-off-by: Dragos Tatulea Message-Id: <20241021134040.975221-2-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin Acked-by: Jason Wang commit 7013a8268d311fded6c7a6528fc1de82668e75f6 Author: Vijendar Mukunda Date: Tue Nov 12 10:11:42 2024 -0600 drm/amd: Fix initialization mistake for NBIO 7.7.0 There is a strapping issue on NBIO 7.7.0 that can lead to spurious PME events while in the D0 state. Co-developed-by: Mario Limonciello Signed-off-by: Vijendar Mukunda Signed-off-by: Mario Limonciello Acked-by: Alex Deucher Link: https://lore.kernel.org/r/20241112161142.28974-1-mario.limonciello@amd.com Signed-off-by: Alex Deucher (cherry picked from commit 447a54a0f79c9a409ceaa17804bdd2e0206397b9) Cc: stable@vger.kernel.org commit 5f77ee21eb44e37e371bcea195ea9403b95d1399 Author: Alex Deucher Date: Fri Nov 8 09:34:46 2024 -0500 Revert "drm/amd/display: parse umc_info or vram_info based on ASIC" This reverts commit 694c79769cb384bca8b1ec1d1e84156e726bd106. This was not the root cause. Revert. Link: https://gitlab.freedesktop.org/drm/amd/-/issues/3678 Reviewed-by: Harry Wentland Signed-off-by: Alex Deucher Cc: aurabindo.pillai@amd.com Cc: hamishclaxton@gmail.com (cherry picked from commit 3c2296b1eec55b50c64509ba15406142d4a958dc) Cc: stable@vger.kernel.org # 6.11.x commit 4bb2f52ac01b8d45d64c7c04881207722e5e6fe4 Author: Hamish Claxton Date: Tue Nov 5 10:42:31 2024 +1000 drm/amd/display: Fix failure to read vram info due to static BP_RESULT The static declaration causes the check to fail. Remove it. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3678 Fixes: 00c391102abc ("drm/amd/display: Add misc DC changes for DCN401") Reviewed-by: Harry Wentland Signed-off-by: Hamish Claxton Signed-off-by: Alex Deucher Cc: aurabindo.pillai@amd.com Cc: hamishclaxton@gmail.com (cherry picked from commit 91314e7dfd83345b8b820b782b2511c9c32866cd) Cc: stable@vger.kernel.org # 6.11.x commit 5a67c31669a3aca814a99428328d2be40d82b333 Author: Christian König Date: Tue Jun 4 18:05:00 2024 +0200 drm/amdgpu: enable GTT fallback handling for dGPUs only That is just a waste of time on APUs. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3704 Fixes: 216c1282dde3 ("drm/amdgpu: use GTT only as fallback for VRAM|GTT") Reviewed-by: Alex Deucher Signed-off-by: Christian König Signed-off-by: Alex Deucher (cherry picked from commit e8fc090d322346e5ce4c4cfe03a8100e31f61c3c) Cc: stable@vger.kernel.org commit 14b6320953a3f856a3f93bf9a0e423395baa593d Merge: 5456ec9dab3a91 aa0d42cacf093a Author: Linus Torvalds Date: Tue Nov 12 13:35:13 2024 -0800 Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm Pull kvm fixes from Paolo Bonzini: "x86 and selftests fixes. x86: - When emulating a guest TLB flush for a nested guest, flush vpid01, not vpid02, if L2 is active but VPID is disabled in vmcs12, i.e. if L2 and L1 are sharing VPID '0' (from L1's perspective). - Fix a bug in the SNP initialization flow where KVM would return '0' to userspace instead of -errno on failure. - Move the Intel PT virtualization (i.e. outputting host trace to host buffer and guest trace to guest buffer) behind CONFIG_BROKEN. - Fix memory leak on failure of KVM_SEV_SNP_LAUNCH_START - Fix a bug where KVM fails to inject an interrupt from the IRR after KVM_SET_LAPIC. Selftests: - Increase the timeout for the memslot performance selftest to avoid false failures on arm64 and nested x86 platforms. - Fix a goof in the guest_memfd selftest where a for-loop initialized a bit mask to zero instead of BIT(0). - Disable strict aliasing when building KVM selftests to prevent the compiler from treating things like "u64 *" to "uint64_t *" cases as undefined behavior, which can lead to nasty, hard to debug failures. - Force -march=x86-64-v2 for KVM x86 selftests if and only if the uarch is supported by the compiler. - Fix broken compilation of kvm selftests after a header sync in tools/" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN KVM: x86: Unconditionally set irr_pending when updating APICv state kvm: svm: Fix gctx page leak on invalid inputs KVM: selftests: use X86_MEMTYPE_WB instead of VMX_BASIC_MEM_TYPE_WB KVM: SVM: Propagate error from snp_guest_req_init() to userspace KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled KVM: selftests: Don't force -march=x86-64-v2 if it's unsupported KVM: selftests: Disable strict aliasing KVM: selftests: fix unintentional noop test in guest_memfd_test.c KVM: selftests: memslot_perf_test: increase guest sync timeout commit 5456ec9dab3a918ccfc0dc82677d38a74fab4212 Merge: 93db202ce00c07 346dbf1b134547 Author: Linus Torvalds Date: Tue Nov 12 13:21:07 2024 -0800 Merge tag 'for-6.12/dm-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm Pull device mapper fixes from Mikulas Patocka: - fix warnings about duplicate slab cache names * tag 'for-6.12/dm-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm: dm-cache: fix warnings about duplicate slab caches dm-bufio: fix warnings about duplicate slab caches commit 93db202ce00c07ca78121478b26dc77a6a72bce3 Merge: 92dda329e337b7 08ae3e5f5fc8ed Author: Linus Torvalds Date: Tue Nov 12 13:06:31 2024 -0800 Merge tag 'integrity-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity Pull integrity fixes from Mimi Zohar: "One bug fix, one performance improvement, and the use of static_assert: - The bug fix addresses "only a cosmetic change" commit, which didn't take into account the original 'ima' template definition. - The performance improvement limits the atomic_read()" * tag 'integrity-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: integrity: Use static_assert() to check struct sizes evm: stop avoidably reading i_writecount in evm_file_release ima: fix buffer overrun in ima_eventdigest_init_common commit 92dda329e337b7ab9cb63f4563dd7a21d001e47c Merge: 3022e9d00ebec3 03197e40a22c26 Author: Linus Torvalds Date: Tue Nov 12 13:01:09 2024 -0800 Merge tag 'landlock-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux Pull landlock fixes from Mickaël Salaün: "This fixes issues in the Landlock's sandboxer sample and documentation, slightly refactors helpers (required for ongoing patch series), and improve/fix a feature merged in v6.12 (signal and abstract UNIX socket scoping)" * tag 'landlock-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux: landlock: Optimize scope enforcement landlock: Refactor network access mask management landlock: Refactor filesystem access mask management samples/landlock: Clarify option parsing behaviour samples/landlock: Refactor help message samples/landlock: Fix port parsing in sandboxer landlock: Fix grammar issues in documentation landlock: Improve documentation of previous limitations commit d2fab3fc27cbca7ba65c539a2c5fc7f941231983 Author: Sibi Sankar Date: Wed Oct 30 18:25:12 2024 +0530 mailbox: qcom-cpucp: Mark the irq with IRQF_NO_SUSPEND flag The qcom-cpucp mailbox irq is expected to function during suspend-resume cycle particularly when the scmi cpufreq driver can query the current frequency using the get_level message after the cpus are brought up during resume. Hence mark the irq with IRQF_NO_SUSPEND flag to fix the do_xfer failures we see during resume. Err Logs: arm-scmi firmware:scmi: timed out in resp(caller:do_xfer+0x164/0x568) cpufreq: cpufreq_online: ->get() failed Reported-by: Johan Hovold Closes: https://lore.kernel.org/lkml/ZtgFj1y5ggipgEOS@hovoldconsulting.com/ Fixes: 0e2a9a03106c ("mailbox: Add support for QTI CPUCP mailbox controller") Signed-off-by: Sibi Sankar Reviewed-by: Konrad Dybcio Tested-by: Johan Hovold Cc: stable@vger.kernel.org Message-ID: <20241030125512.2884761-7-quic_sibis@quicinc.com> Signed-off-by: Ulf Hansson commit e2261bb81e0db86c3c866734cf93232a58464ecd Author: Sibi Sankar Date: Wed Oct 30 18:25:09 2024 +0530 firmware: arm_scmi: Report duplicate opps as firmware bugs Duplicate opps reported by buggy SCP firmware currently show up as warnings even though the only functional impact is that the level/index remain inaccessible. Make it less scary for the end user by using dev_info instead, along with FW_BUG tag. Suggested-by: Johan Hovold Signed-off-by: Sibi Sankar Reviewed-by: Cristian Marussi Reviewed-by: Florian Fainelli Reviewed-by: Sudeep Holla Cc: stable@vger.kernel.org Message-ID: <20241030125512.2884761-4-quic_sibis@quicinc.com> Signed-off-by: Ulf Hansson commit 5d8a766226587d111620df520dd9239c009cb154 Author: Cristian Marussi Date: Wed Oct 30 18:25:08 2024 +0530 firmware: arm_scmi: Skip opp duplicates Buggy firmware can reply with duplicated PERF opps descriptors. Ensure that the bad duplicates reported by the platform firmware doesn't get added to the opp-tables. Reported-by: Johan Hovold Closes: https://lore.kernel.org/lkml/ZoQjAWse2YxwyRJv@hovoldconsulting.com/ Signed-off-by: Cristian Marussi Tested-by: Johan Hovold Reviewed-by: Sudeep Holla Cc: stable@vger.kernel.org Message-ID: <20241030125512.2884761-3-quic_sibis@quicinc.com> Signed-off-by: Ulf Hansson commit 1635e407a4a64d08a8517ac59ca14ad4fc785e75 Author: Aurelien Jarno Date: Sun Nov 10 12:46:36 2024 +0100 Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" The commit 8396c793ffdf ("mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K") increased the max_req_size, even for 4K pages, causing various issues: - Panic booting the kernel/rootfs from an SD card on Rockchip RK3566 - Panic booting the kernel/rootfs from an SD card on StarFive JH7100 - "swiotlb buffer is full" and data corruption on StarFive JH7110 At this stage no fix have been found, so it's probably better to just revert the change. This reverts commit 8396c793ffdf28bb8aee7cfe0891080f8cab7890. Cc: stable@vger.kernel.org Cc: Sam Protsenko Fixes: 8396c793ffdf ("mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K") Closes: https://lore.kernel.org/linux-mmc/614692b4-1dbe-31b8-a34d-cb6db1909bb7@w6rz.net/ Closes: https://lore.kernel.org/linux-mmc/CAC8uq=Ppnmv98mpa1CrWLawWoPnu5abtU69v-=G-P7ysATQ2Pw@mail.gmail.com/ Signed-off-by: Aurelien Jarno Message-ID: <20241110114700.622372-1-aurelien@aurel32.net> Signed-off-by: Ulf Hansson commit fae1980347bfd23325099b69db6638b94149a94c Author: Donet Tom Date: Sun Nov 10 00:49:03 2024 -0600 selftests: hugetlb_dio: fixup check for initial conditions to skip in the start This test verifies that a hugepage, used as a user buffer for DIO operations, is correctly freed upon unmapping. To test this, we read the count of free hugepages before and after the mmap, DIO, and munmap operations, then check if the free hugepage count is the same. Reading free hugepages before the test was removed by commit 0268d4579901 ('selftests: hugetlb_dio: check for initial conditions to skip at the start'), causing the test to always fail. This patch adds back reading the free hugepages before starting the test. With this patch, the tests are now passing. Test results without this patch: ./tools/testing/selftests/mm/hugetlb_dio TAP version 13 1..4 # No. Free pages before allocation : 0 # No. Free pages after munmap : 100 not ok 1 : Huge pages not freed! # No. Free pages before allocation : 0 # No. Free pages after munmap : 100 not ok 2 : Huge pages not freed! # No. Free pages before allocation : 0 # No. Free pages after munmap : 100 not ok 3 : Huge pages not freed! # No. Free pages before allocation : 0 # No. Free pages after munmap : 100 not ok 4 : Huge pages not freed! # Totals: pass:0 fail:4 xfail:0 xpass:0 skip:0 error:0 Test results with this patch: /tools/testing/selftests/mm/hugetlb_dio TAP version 13 1..4 # No. Free pages before allocation : 100 # No. Free pages after munmap : 100 ok 1 : Huge pages freed successfully ! # No. Free pages before allocation : 100 # No. Free pages after munmap : 100 ok 2 : Huge pages freed successfully ! # No. Free pages before allocation : 100 # No. Free pages after munmap : 100 ok 3 : Huge pages freed successfully ! # No. Free pages before allocation : 100 # No. Free pages after munmap : 100 ok 4 : Huge pages freed successfully ! # Totals: pass:4 fail:0 xfail:0 xpass:0 skip:0 error:0 Link: https://lkml.kernel.org/r/20241110064903.23626-1-donettom@linux.ibm.com Fixes: 0268d4579901 ("selftests: hugetlb_dio: check for initial conditions to skip in the start") Signed-off-by: Donet Tom Cc: Muhammad Usama Anjum Cc: Shuah Khan Cc: Signed-off-by: Andrew Morton commit a3477c9e02cc9d62a7c8bfc4e7453f5af9a175aa Author: Hugh Dickins Date: Sun Nov 10 13:11:21 2024 -0800 mm/thp: fix deferred split queue not partially_mapped: fix Though even more elusive than before, list_del corruption has still been seen on THP's deferred split queue. The idea in commit e66f3185fa04 was right, but its implementation wrong. The context omitted an important comment just before the critical test: "split_folio() removes folio from list on success." In ignoring that comment, when a THP split succeeded, the code went on to release the preceding safe folio, preserving instead an irrelevant (formerly head) folio: which gives no safety because it's not on the list. Fix the logic. Link: https://lkml.kernel.org/r/3c995a30-31ce-0998-1b9f-3a2cb9354c91@google.com Fixes: e66f3185fa04 ("mm/thp: fix deferred split queue not partially_mapped") Signed-off-by: Hugh Dickins Acked-by: Usama Arif Reviewed-by: Zi Yan Cc: Baolin Wang Cc: Barry Song Cc: Chris Li Cc: David Hildenbrand Cc: Johannes Weiner Cc: Kefeng Wang Cc: Kirill A. Shutemov Cc: Matthew Wilcox Cc: Nhat Pham Cc: Ryan Roberts Cc: Shakeel Butt Cc: Wei Yang Cc: Yang Shi Signed-off-by: Andrew Morton commit 94efde1d15399f5c88e576923db9bcd422d217f2 Author: John Hubbard Date: Mon Nov 4 19:29:44 2024 -0800 mm/gup: avoid an unnecessary allocation call for FOLL_LONGTERM cases commit 53ba78de064b ("mm/gup: introduce check_and_migrate_movable_folios()") created a new constraint on the pin_user_pages*() API family: a potentially large internal allocation must now occur, for FOLL_LONGTERM cases. A user-visible consequence has now appeared: user space can no longer pin more than 2GB of memory anymore on x86_64. That's because, on a 4KB PAGE_SIZE system, when user space tries to (indirectly, via a device driver that calls pin_user_pages()) pin 2GB, this requires an allocation of a folio pointers array of MAX_PAGE_ORDER size, which is the limit for kmalloc(). In addition to the directly visible effect described above, there is also the problem of adding an unnecessary allocation. The **pages array argument has already been allocated, and there is no need for a redundant **folios array allocation in this case. Fix this by avoiding the new allocation entirely. This is done by referring to either the original page[i] within **pages, or to the associated folio. Thanks to David Hildenbrand for suggesting this approach and for providing the initial implementation (which I've tested and adjusted slightly) as well. [jhubbard@nvidia.com: whitespace tweak, per David] Link: https://lkml.kernel.org/r/131cf9c8-ebc0-4cbb-b722-22fa8527bf3c@nvidia.com [jhubbard@nvidia.com: bypass pofs_get_folio(), per Oscar] Link: https://lkml.kernel.org/r/c1587c7f-9155-45be-bd62-1e36c0dd6923@nvidia.com Link: https://lkml.kernel.org/r/20241105032944.141488-2-jhubbard@nvidia.com Fixes: 53ba78de064b ("mm/gup: introduce check_and_migrate_movable_folios()") Signed-off-by: John Hubbard Suggested-by: David Hildenbrand Acked-by: David Hildenbrand Reviewed-by: Oscar Salvador Cc: Vivek Kasireddy Cc: Dave Airlie Cc: Gerd Hoffmann Cc: Matthew Wilcox Cc: Christoph Hellwig Cc: Jason Gunthorpe Cc: Peter Xu Cc: Arnd Bergmann Cc: Daniel Vetter Cc: Dongwon Kim Cc: Hugh Dickins Cc: Junxiao Chang Cc: Signed-off-by: Andrew Morton commit 85b580afc2c215394e08974bf033de9face94955 Author: Andre Przywara Date: Thu Nov 7 01:42:40 2024 +0000 mmc: sunxi-mmc: Fix A100 compatible description It turns out that the Allwinner A100/A133 SoC only supports 8K DMA blocks (13 bits wide), for both the SD/SDIO and eMMC instances. And while this alone would make a trivial fix, the H616 falls back to the A100 compatible string, so we have to now match the H616 compatible string explicitly against the description advertising 64K DMA blocks. As the A100 is now compatible with the D1 description, let the A100 compatible string point to that block instead, and introduce an explicit match against the H616 string, pointing to the old description. Also remove the redundant setting of clk_delays to NULL on the way. Fixes: 3536b82e5853 ("mmc: sunxi: add support for A100 mmc controller") Cc: stable@vger.kernel.org Signed-off-by: Andre Przywara Tested-by: Parthiban Nallathambi Reviewed-by: Chen-Yu Tsai Message-ID: <20241107014240.24669-1-andre.przywara@arm.com> Signed-off-by: Ulf Hansson commit d5359a7f583ab9b7706915213b54deac065bcb81 Author: Kiran K Date: Tue Oct 22 14:41:34 2024 +0530 Bluetooth: btintel: Direct exception event to bluetooth stack Have exception event part of HCI traces which helps for debug. snoop traces: > HCI Event: Vendor (0xff) plen 79 Vendor Prefix (0x8780) Intel Extended Telemetry (0x03) Unknown extended telemetry event type (0xde) 01 01 de Unknown extended subevent 0x07 01 01 de 07 01 de 06 1c ef be ad de ef be ad de ef be ad de ef be ad de ef be ad de ef be ad de ef be ad de 05 14 ef be ad de ef be ad de ef be ad de ef be ad de ef be ad de 43 10 ef be ad de ef be ad de ef be ad de ef be ad de Fixes: af395330abed ("Bluetooth: btintel: Add Intel devcoredump support") Signed-off-by: Kiran K Signed-off-by: Luiz Augusto von Dentz commit 7967dc8f797f454d4f4acec15c7df0cdf4801617 Author: Luiz Augusto von Dentz Date: Fri Nov 8 11:19:54 2024 -0500 Bluetooth: hci_core: Fix calling mgmt_device_connected Since 61a939c68ee0 ("Bluetooth: Queue incoming ACL data until BT_CONNECTED state is reached") there is no long the need to call mgmt_device_connected as ACL data will be queued until BT_CONNECTED state. Link: https://bugzilla.kernel.org/show_bug.cgi?id=219458 Link: https://github.com/bluez/bluez/issues/1014 Fixes: 333b4fd11e89 ("Bluetooth: L2CAP: Fix uaf in l2cap_connect") Signed-off-by: Luiz Augusto von Dentz commit 9e9b0cf9319b4db143014477b0bc4b39894248f1 Author: Harith G Date: Wed Sep 18 06:57:53 2024 +0100 ARM: 9420/1: smp: Fix SMP for xip kernels Fix the physical address calculation of the following to get smp working on xip kernels. - secondary_data needed for secondary cpu bootup. - secondary_startup address passed through psci. - identity mapped code region needed for enabling mmu for secondary cpus. Signed-off-by: Harith George Reviewed-by: Linus Walleij Signed-off-by: Russell King (Oracle) commit ed6cbe6e5563452f305e89c15846820f2874e431 Author: Harith G Date: Wed Sep 18 06:57:11 2024 +0100 ARM: 9419/1: mm: Fix kernel memory mapping for xip kernels The patchset introducing kernel_sec_start/end variables to separate the kernel/lowmem memory mappings, broke the mapping of the kernel memory for xipkernels. kernel_sec_start/end variables are in RO area before the MMU is switched on for xipkernels. So these cannot be set early in boot in head.S. Fix this by setting these after MMU is switched on. xipkernels need two different mappings for kernel text (starting at CONFIG_XIP_PHYS_ADDR) and data (starting at CONFIG_PHYS_OFFSET). Also, move the kernel code mapping from devicemaps_init() to map_kernel(). Fixes: a91da5457085 ("ARM: 9089/1: Define kernel physical section start and end") Signed-off-by: Harith George Reviewed-by: Linus Walleij Signed-off-by: Russell King (Oracle) commit 57f7c7dc78cd09622b12920d92b40c1ce11b234e Author: Alexandre Ghiti Date: Tue Nov 12 12:34:22 2024 +0100 drivers: perf: Fix wrong put_cpu() placement Unfortunately, the wrong patch version was merged which places the put_cpu() after enabling a static key, which is not safe as pointed by Will [1], so move put_cpu() before to avoid this. Fixes: 2840dadf0dde ("drivers: perf: Fix smp_processor_id() use in preemptible code") Reported-by: Atish Patra Link: https://lore.kernel.org/all/20240827125335.GD4772@willie-the-truck/ [1] Signed-off-by: Alexandre Ghiti Link: https://lore.kernel.org/r/20241112113422.617954-1-alexghiti@rivosinc.com Signed-off-by: Palmer Dabbelt commit 6abe2a90808192a5a8b2825293e5f10e80fdea56 Author: Leon Romanovsky Date: Tue Nov 12 10:56:26 2024 +0200 Revert "RDMA/core: Fix ENODEV error for iWARP test over vlan" The citied commit in Fixes line caused to regression for udaddy [1] application. It doesn't work over VLANs anymore. Client: ifconfig eth2 1.1.1.1 ip link add link eth2 name p0.3597 type vlan protocol 802.1Q id 3597 ip link set dev p0.3597 up ip addr add 2.2.2.2/16 dev p0.3597 udaddy -S 847 -C 220 -c 2 -t 0 -s 2.2.2.3 -b 2.2.2.2 Server: ifconfig eth2 1.1.1.3 ip link add link eth2 name p0.3597 type vlan protocol 802.1Q id 3597 ip link set dev p0.3597 up ip addr add 2.2.2.3/16 dev p0.3597 udaddy -S 847 -C 220 -c 2 -t 0 -b 2.2.2.3 [1] https://github.com/linux-rdma/rdma-core/blob/master/librdmacm/examples/udaddy.c Fixes: 5069d7e202f6 ("RDMA/core: Fix ENODEV error for iWARP test over vlan") Reported-by: Leon Romanovsky Closes: https://lore.kernel.org/all/20241110130746.GA48891@unreal Link: https://patch.msgid.link/bb9d403419b2b9566da5b8bf0761fa8377927e49.1731401658.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit 42ee87df8530150d637aa48363b72b22a9bbd78f Author: Kailang Yang Date: Fri Oct 25 16:37:57 2024 +0800 ALSA: hda/realtek - Fixed Clevo platform headset Mic issue Clevo platform with ALC255 Headset Mic was disable by default. Assigned verb table for Mic pin will enable it. Signed-off-by: Kailang Yang Cc: Link: https://lore.kernel.org/b2dcac3e09ef4f82b36d6712194e1ea4@realtek.com Signed-off-by: Takashi Iwai commit 6f891ca15b017707840c9e7f5afd9fc6cfd7d8b1 Author: Eryk Zagorski Date: Mon Nov 11 11:45:21 2024 -0500 ALSA: usb-audio: Fix Yamaha P-125 Quirk Entry This patch switches the P-125 quirk entry to use a composite quirk as the P-125 supplies both MIDI and Audio like many of the other Yamaha keyboards Signed-off-by: Eryk Zagorski Link: https://patch.msgid.link/20241111164520.9079-2-erykzagorski@gmail.com Signed-off-by: Takashi Iwai commit 2ae6da569e34e1d26c5275442d17ffd75fd343b3 Author: Mark Brown Date: Tue Nov 12 13:09:50 2024 +0000 ASoC: max9768: Fix event generation for playback mute The max9768 has a custom control for playback mute which unconditionally returns 0 from the put() operation, rather than returning 1 on change to ensure notifications are generated to userspace. Check to see if the value has changed and return appropriately. Signed-off-by: Mark Brown Link: https://patch.msgid.link/20241112-asoc-max9768-event-v1-1-ba5d50599787@kernel.org Signed-off-by: Mark Brown commit 20bbe5b802494444791beaf2c6b9597fcc67ff49 Merge: 76d71eee1b56de 60cf6206a1f513 Author: Paolo Abeni Date: Tue Nov 12 12:16:54 2024 +0100 Merge branch 'virtio-vsock-fix-memory-leaks' Michal Luczaj says: ==================== virtio/vsock: Fix memory leaks Short series fixing some memory leaks that I've stumbled upon while toying with the selftests. Signed-off-by: Michal Luczaj ==================== Link: https://patch.msgid.link/20241107-vsock-mem-leaks-v2-0-4e21bfcfc818@rbox.co Signed-off-by: Paolo Abeni commit 60cf6206a1f513512f5d73fa4d3dbbcad2e7dcd6 Author: Michal Luczaj Date: Thu Nov 7 21:46:14 2024 +0100 virtio/vsock: Improve MSG_ZEROCOPY error handling Add a missing kfree_skb() to prevent memory leaks. Fixes: 581512a6dc93 ("vsock/virtio: MSG_ZEROCOPY flag support") Reviewed-by: Stefano Garzarella Signed-off-by: Michal Luczaj Acked-by: Arseniy Krasnov Signed-off-by: Paolo Abeni commit fbf7085b3ad1c7cc0677834c90f985f1b4f77a33 Author: Michal Luczaj Date: Thu Nov 7 21:46:13 2024 +0100 vsock: Fix sk_error_queue memory leak Kernel queues MSG_ZEROCOPY completion notifications on the error queue. Where they remain, until explicitly recv()ed. To prevent memory leaks, clean up the queue when the socket is destroyed. unreferenced object 0xffff8881028beb00 (size 224): comm "vsock_test", pid 1218, jiffies 4294694897 hex dump (first 32 bytes): 90 b0 21 17 81 88 ff ff 90 b0 21 17 81 88 ff ff ..!.......!..... 00 00 00 00 00 00 00 00 00 b0 21 17 81 88 ff ff ..........!..... backtrace (crc 6c7031ca): [] kmem_cache_alloc_node_noprof+0x2f7/0x370 [] __alloc_skb+0x132/0x180 [] sock_omalloc+0x4b/0x80 [] msg_zerocopy_realloc+0x9e/0x240 [] virtio_transport_send_pkt_info+0x412/0x4c0 [] virtio_transport_stream_enqueue+0x43/0x50 [] vsock_connectible_sendmsg+0x373/0x450 [] ____sys_sendmsg+0x365/0x3a0 [] ___sys_sendmsg+0x84/0xd0 [] __sys_sendmsg+0x47/0x80 [] do_syscall_64+0x93/0x180 [] entry_SYSCALL_64_after_hwframe+0x76/0x7e Fixes: 581512a6dc93 ("vsock/virtio: MSG_ZEROCOPY flag support") Signed-off-by: Michal Luczaj Reviewed-by: Stefano Garzarella Acked-by: Arseniy Krasnov Signed-off-by: Paolo Abeni commit d7b0ff5a866724c3ad21f2628c22a63336deec3f Author: Michal Luczaj Date: Thu Nov 7 21:46:12 2024 +0100 virtio/vsock: Fix accept_queue memory leak As the final stages of socket destruction may be delayed, it is possible that virtio_transport_recv_listen() will be called after the accept_queue has been flushed, but before the SOCK_DONE flag has been set. As a result, sockets enqueued after the flush would remain unremoved, leading to a memory leak. vsock_release __vsock_release lock virtio_transport_release virtio_transport_close schedule_delayed_work(close_work) sk_shutdown = SHUTDOWN_MASK (!) flush accept_queue release virtio_transport_recv_pkt vsock_find_bound_socket lock if flag(SOCK_DONE) return virtio_transport_recv_listen child = vsock_create_connected (!) vsock_enqueue_accept(child) release close_work lock virtio_transport_do_close set_flag(SOCK_DONE) virtio_transport_remove_sock vsock_remove_sock vsock_remove_bound release Introduce a sk_shutdown check to disallow vsock_enqueue_accept() during socket destruction. unreferenced object 0xffff888109e3f800 (size 2040): comm "kworker/5:2", pid 371, jiffies 4294940105 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 28 00 0b 40 00 00 00 00 00 00 00 00 00 00 00 00 (..@............ backtrace (crc 9e5f4e84): [] kmem_cache_alloc_noprof+0x2c1/0x360 [] sk_prot_alloc+0x30/0x120 [] sk_alloc+0x2c/0x4b0 [] __vsock_create.constprop.0+0x2a/0x310 [] virtio_transport_recv_pkt+0x4dc/0x9a0 [] vsock_loopback_work+0xfd/0x140 [] process_one_work+0x20c/0x570 [] worker_thread+0x1bf/0x3a0 [] kthread+0xdd/0x110 [] ret_from_fork+0x2d/0x50 [] ret_from_fork_asm+0x1a/0x30 Fixes: 3fe356d58efa ("vsock/virtio: discard packets only when socket is really closed") Reviewed-by: Stefano Garzarella Signed-off-by: Michal Luczaj Signed-off-by: Paolo Abeni commit 67e023b93d69e5a21b16f9602656a803d314e825 Author: Ville Syrjälä Date: Thu Nov 7 18:11:14 2024 +0200 drm/i915: Grab intel_display from the encoder to avoid potential oopsies Grab the intel_display from 'encoder' rather than 'state' in the encoder hooks to avoid the massive footgun that is intel_sanitize_encoder(), which passes NULL as the 'state' argument to encoder .disable() and .post_disable(). TODO: figure out how to actually fix intel_sanitize_encoder()... Fixes: ab0b0eb5c85c ("drm/i915/tv: convert to struct intel_display") Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20241107161123.16269-2-ville.syrjala@linux.intel.com Reviewed-by: Jani Nikula (cherry picked from commit dc3806d9eb66d0105f8d55d462d4ef681d9eac59) Signed-off-by: Joonas Lahtinen commit 840c2fbcc5cd33ba8fab180f09da0bb7f354ea71 Author: Kent Overstreet Date: Mon Nov 11 16:15:15 2024 -0500 bcachefs: Fix assertion pop in bch2_ptr_swab() This runs on extents that haven't yet been validated, so we don't want to assert that we have a valid entry type. Reported-by: syzbot+4f29c3f12f864d8a8d17@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet commit 657d4282d8c4ac2349472529c9a6f20c503d1aee Author: Kent Overstreet Date: Mon Nov 11 16:01:38 2024 -0500 bcachefs: Fix journal_entry_dev_usage_to_text() overrun If the jset_entry_dev_usage is malformed, and too small, our nr_entries calculation will be incorrect - just bail out. Reported-by: syzbot+05d7520be047c9be86e0@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet commit 6ce031e5d6f475d476bab55ab7d8ea168fedc4c1 Author: Bibo Mao Date: Tue Nov 12 16:35:39 2024 +0800 LoongArch: Fix AP booting issue in VM mode Native IPI is used for AP booting, because it is the booting interface between OS and BIOS firmware. The paravirt IPI is only used inside OS, and native IPI is necessary to boot AP. When booting AP, we write the kernel entry address in the HW mailbox of AP and send IPI interrupt to it. AP executes idle instruction and waits for interrupts or SW events, then clears IPI interrupt and jumps to the kernel entry from HW mailbox. Between writing HW mailbox and sending IPI, AP can be woken up by SW events and jumps to the kernel entry, so ACTION_BOOT_CPU IPI interrupt will keep pending during AP booting. And native IPI interrupt handler needs be registered so that it can clear pending native IPI, else there will be endless interrupts during AP booting stage. Here native IPI interrupt is initialized even if paravirt IPI is used. Cc: stable@vger.kernel.org Fixes: 74c16b2e2b0c ("LoongArch: KVM: Add PV IPI support on guest side") Signed-off-by: Bibo Mao Signed-off-by: Huacai Chen commit 139d42ca51018c1d43ab5f35829179f060d1ab31 Author: Kanglong Wang Date: Tue Nov 12 16:35:39 2024 +0800 LoongArch: Add WriteCombine shadow mapping in KASAN Currently, the kernel couldn't boot when ARCH_IOREMAP, ARCH_WRITECOMBINE and KASAN are enabled together. Because DMW2 is used by kernel now which is configured as 0xa000000000000000 for WriteCombine, but KASAN has no segment mapping for it. This patch fix this issue. Solution: Add the relevant definitions for WriteCombine (DMW2) in KASAN. Cc: stable@vger.kernel.org Fixes: 8e02c3b782ec ("LoongArch: Add writecombine support for DMW-based ioremap()") Signed-off-by: Kanglong Wang Signed-off-by: Huacai Chen commit 227ca9f6f6aeb8aa8f0c10430b955f1fe2aeab91 Author: Huacai Chen Date: Tue Nov 12 16:35:39 2024 +0800 LoongArch: Disable KASAN if PGDIR_SIZE is too large for cpu_vabits If PGDIR_SIZE is too large for cpu_vabits, KASAN_SHADOW_END will overflow UINTPTR_MAX because KASAN_SHADOW_START/KASAN_SHADOW_END are aligned up by PGDIR_SIZE. And then the overflowed KASAN_SHADOW_END looks like a user space address. For example, PGDIR_SIZE of CONFIG_4KB_4LEVEL is 2^39, which is too large for Loongson-2K series whose cpu_vabits = 39. Since CONFIG_4KB_4LEVEL is completely legal for CPUs with cpu_vabits <= 39, we just disable KASAN via early return in kasan_init(). Otherwise we get a boot failure. Moreover, we change KASAN_SHADOW_END from the first address after KASAN shadow area to the last address in KASAN shadow area, in order to avoid the end address exactly overflow to 0 (which is a legal case). We don't need to worry about alignment because pgd_addr_end() can handle it. Cc: stable@vger.kernel.org Reviewed-by: Jiaxun Yang Signed-off-by: Huacai Chen commit a410656643ce4844ba9875aa4e87a7779308259b Author: Huacai Chen Date: Tue Nov 12 16:35:39 2024 +0800 LoongArch: Make KASAN work with 5-level page-tables Make KASAN work with 5-level page-tables, including: 1. Implement and use __pgd_none() and kasan_p4d_offset(). 2. As done in kasan_pmd_populate() and kasan_pte_populate(), restrict the loop conditions of kasan_p4d_populate() and kasan_pud_populate() to avoid unnecessary population. Cc: stable@vger.kernel.org Signed-off-by: Huacai Chen commit c859900a841b0a6cd9a73d16426465e44cdde29c Author: Yuli Wang Date: Tue Nov 12 16:35:39 2024 +0800 LoongArch: Define a default value for VM_DATA_DEFAULT_FLAGS This is a trivial cleanup, commit c62da0c35d58518d ("mm/vma: define a default value for VM_DATA_DEFAULT_FLAGS") has unified default values of VM_DATA_DEFAULT_FLAGS across different platforms. Apply the same consistency to LoongArch. Suggested-by: Wentao Guan Signed-off-by: Yuli Wang Signed-off-by: Huacai Chen commit 30cec747d6bf2c3e915c075d76d9712e54cde0a6 Author: Huacai Chen Date: Tue Nov 12 16:35:36 2024 +0800 LoongArch: Fix early_numa_add_cpu() usage for FDT systems early_numa_add_cpu() applies on physical CPU id rather than logical CPU id, so use cpuid instead of cpu. Cc: stable@vger.kernel.org Fixes: 3de9c42d02a79a5 ("LoongArch: Add all CPUs enabled by fdt to NUMA node 0") Reported-by: Bibo Mao Signed-off-by: Huacai Chen commit a6654a40a852a4ca18aacced4cf5ca87997818d7 Author: Huacai Chen Date: Tue Nov 12 16:35:36 2024 +0800 LoongArch: For all possible CPUs setup logical-physical CPU mapping In order to support ACPI-based physical CPU hotplug, we suppose for all "possible" CPUs cpu_logical_map() can work. Because some drivers want to use cpu_logical_map() for all "possible" CPUs, while currently we only setup logical-physical mapping for "present" CPUs. This lack of mapping also causes cpu_to_node() cannot work for hot-added CPUs. All "possible" CPUs are listed in MADT, and the "present" subset is marked as ACPI_MADT_ENABLED. To setup logical-physical CPU mapping for all possible CPUs and keep present CPUs continuous in cpu_present_mask, we parse MADT twice. The first pass handles CPUs with ACPI_MADT_ENABLED and the second pass handles CPUs without ACPI_MADT_ENABLED. The global flag (cpu_enumerated) is removed because acpi_map_cpu() calls cpu_number_map() rather than set_processor_mask() now. Reported-by: Bibo Mao Signed-off-by: Huacai Chen commit db0fc586edde83ff7ff65fea56c4f72dae511764 Author: Daniele Ceraolo Spurio Date: Mon Oct 28 16:31:32 2024 -0700 drm/i915/gsc: ARL-H and ARL-U need a newer GSC FW. All MTL and ARL SKUs share the same GSC FW, but the newer platforms are only supported in newer blobs. In particular, ARL-S is supported starting from 102.0.10.1878 (which is already the minimum required version for ARL in the code), while ARL-H and ARL-U are supported from 102.1.15.1926. Therefore, the driver needs to check which specific ARL subplatform its running on when verifying that the GSC FW is new enough for it. Fixes: 2955ae8186c8 ("drm/i915: ARL requires a newer GSC firmware") Signed-off-by: Daniele Ceraolo Spurio Cc: John Harrison Cc: Rodrigo Vivi Reviewed-by: Rodrigo Vivi Reviewed-by: John Harrison Link: https://patchwork.freedesktop.org/patch/msgid/20241028233132.149745-1-daniele.ceraolospurio@intel.com (cherry picked from commit 3c1d5ced18db8a67251c8436cf9bdc061f972bdb) Signed-off-by: Joonas Lahtinen commit 76d71eee1b56de9123b8f07e94ab170ce3ea75c1 Merge: cf8fbc6de307d9 d1ac33934a66e8 Author: Jakub Kicinski Date: Mon Nov 11 19:23:40 2024 -0800 Merge branch 'mlx5-misc-fixes-2024-11-07' Tariq Toukan says: ==================== mlx5 misc fixes 2024-11-07 This patchset provides misc bug fixes from the team to the mlx5 core and Eth drivers. ==================== Link: https://patch.msgid.link/20241107183527.676877-1-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit d1ac33934a66e8d58a52668999bf9e8f59e56c81 Author: Carolina Jubran Date: Thu Nov 7 20:35:27 2024 +0200 net/mlx5e: Disable loopback self-test on multi-PF netdev In Multi-PF (Socket Direct) configurations, when a loopback packet is sent through one of the secondary devices, it will always be received on the primary device. This causes the loopback layer to fail in identifying the loopback packet as the devices are different. To avoid false test failures, disable the loopback self-test in Multi-PF configurations. Fixes: ed29705e4ed1 ("net/mlx5: Enable SD feature") Signed-off-by: Carolina Jubran Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20241107183527.676877-8-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit e99c6873229fe0482e7ceb7d5600e32d623ed9d9 Author: Moshe Shemesh Date: Thu Nov 7 20:35:26 2024 +0200 net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5_tc_ct_entry_add_rule(), in case ct_rule_add() callback returns error, zone_rule->attr is used uninitiated. Fix it to use attr which has the needed pointer value. Kernel log: BUG: kernel NULL pointer dereference, address: 0000000000000110 RIP: 0010:mlx5_tc_ct_entry_add_rule+0x2b1/0x2f0 [mlx5_core] … Call Trace: ? __die+0x20/0x70 ? page_fault_oops+0x150/0x3e0 ? exc_page_fault+0x74/0x140 ? asm_exc_page_fault+0x22/0x30 ? mlx5_tc_ct_entry_add_rule+0x2b1/0x2f0 [mlx5_core] ? mlx5_tc_ct_entry_add_rule+0x1d5/0x2f0 [mlx5_core] mlx5_tc_ct_block_flow_offload+0xc6a/0xf90 [mlx5_core] ? nf_flow_offload_tuple+0xd8/0x190 [nf_flow_table] nf_flow_offload_tuple+0xd8/0x190 [nf_flow_table] flow_offload_work_handler+0x142/0x320 [nf_flow_table] ? finish_task_switch.isra.0+0x15b/0x2b0 process_one_work+0x16c/0x320 worker_thread+0x28c/0x3a0 ? __pfx_worker_thread+0x10/0x10 kthread+0xb8/0xf0 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x2d/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 Fixes: 7fac5c2eced3 ("net/mlx5: CT: Avoid reusing modify header context for natted entries") Signed-off-by: Moshe Shemesh Reviewed-by: Cosmin Ratiu Reviewed-by: Yevgeny Kliteynik Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20241107183527.676877-7-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit c079389878debf767dc4e52fe877b9117258dfe2 Author: William Tu Date: Thu Nov 7 20:35:25 2024 +0200 net/mlx5e: clear xdp features on non-uplink representors Non-uplink representor port does not support XDP. The patch clears the xdp feature by checking the net_device_ops.ndo_bpf is set or not. Verify using the netlink tool: $ tools/net/ynl/cli.py --spec Documentation/netlink/specs/netdev.yaml --dump dev-get Representor netdev before the patch: {'ifindex': 8, 'xdp-features': {'basic', 'ndo-xmit', 'ndo-xmit-sg', 'redirect', 'rx-sg', 'xsk-zerocopy'}, 'xdp-rx-metadata-features': set(), 'xdp-zc-max-segs': 1, 'xsk-features': set()}, With the patch: {'ifindex': 8, 'xdp-features': set(), 'xdp-rx-metadata-features': set(), 'xsk-features': set()}, Fixes: 4d5ab0ad964d ("net/mlx5e: take into account device reconfiguration for xdp_features flag") Signed-off-by: William Tu Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20241107183527.676877-6-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit dd6e972cc5890d91d6749bb48e3912721c4e4b25 Author: Dragos Tatulea Date: Thu Nov 7 20:35:24 2024 +0200 net/mlx5e: kTLS, Fix incorrect page refcounting The kTLS tx handling code is using a mix of get_page() and page_ref_inc() APIs to increment the page reference. But on the release path (mlx5e_ktls_tx_handle_resync_dump_comp()), only put_page() is used. This is an issue when using pages from large folios: the get_page() references are stored on the folio page while the page_ref_inc() references are stored directly in the given page. On release the folio page will be dereferenced too many times. This was found while doing kTLS testing with sendfile() + ZC when the served file was read from NFS on a kernel with NFS large folios support (commit 49b29a573da8 ("nfs: add support for large folios")). Fixes: 84d1bb2b139e ("net/mlx5e: kTLS, Limit DUMP wqe size") Signed-off-by: Dragos Tatulea Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20241107183527.676877-5-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit 9ca314419930f9135727e39d77e66262d5f7bef6 Author: Mark Bloch Date: Thu Nov 7 20:35:23 2024 +0200 net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from hardware, set the hardware deletion function to NULL and unlock the FTE. - Lock the parent flow group, delete the software copy of the FTE, and remove it from the xarray. However, this approach encounters a race condition if a rule with the same match value is added simultaneously. In this scenario, fs_core may set the hardware deletion function to NULL prematurely, causing a panic during subsequent rule deletions. To prevent this, ensure the active flag of the FTE is checked under a lock, which will prevent the fs_core layer from attaching a new steering rule to an FTE that is in the process of deletion. [ 438.967589] MOSHE: 2496 mlx5_del_flow_rules del_hw_func [ 438.968205] ------------[ cut here ]------------ [ 438.968654] refcount_t: decrement hit 0; leaking memory. [ 438.969249] WARNING: CPU: 0 PID: 8957 at lib/refcount.c:31 refcount_warn_saturate+0xfb/0x110 [ 438.970054] Modules linked in: act_mirred cls_flower act_gact sch_ingress openvswitch nsh mlx5_vdpa vringh vhost_iotlb vdpa mlx5_ib mlx5_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm ib_uverbs ib_core zram zsmalloc fuse [last unloaded: cls_flower] [ 438.973288] CPU: 0 UID: 0 PID: 8957 Comm: tc Not tainted 6.12.0-rc1+ #8 [ 438.973888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 [ 438.974874] RIP: 0010:refcount_warn_saturate+0xfb/0x110 [ 438.975363] Code: 40 66 3b 82 c6 05 16 e9 4d 01 01 e8 1f 7c a0 ff 0f 0b c3 cc cc cc cc 48 c7 c7 10 66 3b 82 c6 05 fd e8 4d 01 01 e8 05 7c a0 ff <0f> 0b c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 [ 438.976947] RSP: 0018:ffff888124a53610 EFLAGS: 00010286 [ 438.977446] RAX: 0000000000000000 RBX: ffff888119d56de0 RCX: 0000000000000000 [ 438.978090] RDX: ffff88852c828700 RSI: ffff88852c81b3c0 RDI: ffff88852c81b3c0 [ 438.978721] RBP: ffff888120fa0e88 R08: 0000000000000000 R09: ffff888124a534b0 [ 438.979353] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888119d56de0 [ 438.979979] R13: ffff888120fa0ec0 R14: ffff888120fa0ee8 R15: ffff888119d56de0 [ 438.980607] FS: 00007fe6dcc0f800(0000) GS:ffff88852c800000(0000) knlGS:0000000000000000 [ 438.983984] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 438.984544] CR2: 00000000004275e0 CR3: 0000000186982001 CR4: 0000000000372eb0 [ 438.985205] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 438.985842] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 438.986507] Call Trace: [ 438.986799] [ 438.987070] ? __warn+0x7d/0x110 [ 438.987426] ? refcount_warn_saturate+0xfb/0x110 [ 438.987877] ? report_bug+0x17d/0x190 [ 438.988261] ? prb_read_valid+0x17/0x20 [ 438.988659] ? handle_bug+0x53/0x90 [ 438.989054] ? exc_invalid_op+0x14/0x70 [ 438.989458] ? asm_exc_invalid_op+0x16/0x20 [ 438.989883] ? refcount_warn_saturate+0xfb/0x110 [ 438.990348] mlx5_del_flow_rules+0x2f7/0x340 [mlx5_core] [ 438.990932] __mlx5_eswitch_del_rule+0x49/0x170 [mlx5_core] [ 438.991519] ? mlx5_lag_is_sriov+0x3c/0x50 [mlx5_core] [ 438.992054] ? xas_load+0x9/0xb0 [ 438.992407] mlx5e_tc_rule_unoffload+0x45/0xe0 [mlx5_core] [ 438.993037] mlx5e_tc_del_fdb_flow+0x2a6/0x2e0 [mlx5_core] [ 438.993623] mlx5e_flow_put+0x29/0x60 [mlx5_core] [ 438.994161] mlx5e_delete_flower+0x261/0x390 [mlx5_core] [ 438.994728] tc_setup_cb_destroy+0xb9/0x190 [ 438.995150] fl_hw_destroy_filter+0x94/0xc0 [cls_flower] [ 438.995650] fl_change+0x11a4/0x13c0 [cls_flower] [ 438.996105] tc_new_tfilter+0x347/0xbc0 [ 438.996503] ? ___slab_alloc+0x70/0x8c0 [ 438.996929] rtnetlink_rcv_msg+0xf9/0x3e0 [ 438.997339] ? __netlink_sendskb+0x4c/0x70 [ 438.997751] ? netlink_unicast+0x286/0x2d0 [ 438.998171] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 438.998625] netlink_rcv_skb+0x54/0x100 [ 438.999020] netlink_unicast+0x203/0x2d0 [ 438.999421] netlink_sendmsg+0x1e4/0x420 [ 438.999820] __sock_sendmsg+0xa1/0xb0 [ 439.000203] ____sys_sendmsg+0x207/0x2a0 [ 439.000600] ? copy_msghdr_from_user+0x6d/0xa0 [ 439.001072] ___sys_sendmsg+0x80/0xc0 [ 439.001459] ? ___sys_recvmsg+0x8b/0xc0 [ 439.001848] ? generic_update_time+0x4d/0x60 [ 439.002282] __sys_sendmsg+0x51/0x90 [ 439.002658] do_syscall_64+0x50/0x110 [ 439.003040] entry_SYSCALL_64_after_hwframe+0x76/0x7e Fixes: 718ce4d601db ("net/mlx5: Consolidate update FTE for all removal changes") Fixes: cefc23554fc2 ("net/mlx5: Fix FTE cleanup") Signed-off-by: Mark Bloch Reviewed-by: Maor Gottlieb Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20241107183527.676877-4-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit d0989c9d2b3a89ae5e4ad45fe6d7bbe449fc49fe Author: Parav Pandit Date: Thu Nov 7 20:35:22 2024 +0200 net/mlx5: Fix msix vectors to respect platform limit The number of PCI vectors allocated by the platform (which may be fewer than requested) is currently not honored when creating the SF pool; only the PCI MSI-X capability is considered. As a result, when a platform allocates fewer vectors (in non-dynamic mode) than requested, the PF and SF pools end up with an invalid vector range. This causes incorrect SF vector accounting, which leads to the following call trace when an invalid IRQ vector is allocated. This issue is resolved by ensuring that the platform's vector limit is respected for both the SF and PF pools. Workqueue: mlx5_vhca_event0 mlx5_sf_dev_add_active_work [mlx5_core] RIP: 0010:pci_irq_vector+0x23/0x80 RSP: 0018:ffffabd5cebd7248 EFLAGS: 00010246 RAX: ffff980880e7f308 RBX: ffff9808932fb880 RCX: 0000000000000001 RDX: 00000000000001ff RSI: 0000000000000200 RDI: ffff980880e7f308 RBP: 0000000000000200 R08: 0000000000000010 R09: ffff97a9116f0860 R10: 0000000000000002 R11: 0000000000000228 R12: ffff980897cd0160 R13: 0000000000000000 R14: ffff97a920fec0c0 R15: ffffabd5cebd72d0 FS: 0000000000000000(0000) GS:ffff97c7ff9c0000(0000) knlGS:0000000000000000 ? rescuer_thread+0x350/0x350 kthread+0x11b/0x140 ? __kthread_bind_mask+0x60/0x60 ret_from_fork+0x22/0x30 mlx5_core 0000:a1:00.0: mlx5_irq_alloc:321:(pid 6781): Failed to request irq. err = -22 mlx5_core 0000:a1:00.0: mlx5_irq_alloc:321:(pid 6781): Failed to request irq. err = -22 mlx5_core.sf mlx5_core.sf.6: MLX5E: StrdRq(1) RqSz(8) StrdSz(2048) RxCqeCmprss(0 enhanced) mlx5_core.sf mlx5_core.sf.7: firmware version: 32.43.356 mlx5_core.sf mlx5_core.sf.6 enpa1s0f0s4: renamed from eth0 mlx5_core.sf mlx5_core.sf.7: Rate limit: 127 rates are supported, range: 0Mbps to 195312Mbps mlx5_core 0000:a1:00.0: mlx5_irq_alloc:321:(pid 6781): Failed to request irq. err = -22 mlx5_core 0000:a1:00.0: mlx5_irq_alloc:321:(pid 6781): Failed to request irq. err = -22 mlx5_core 0000:a1:00.0: mlx5_irq_alloc:321:(pid 6781): Failed to request irq. err = -22 Fixes: 3354822cde5a ("net/mlx5: Use dynamic msix vectors allocation") Signed-off-by: Parav Pandit Signed-off-by: Amir Tzin Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20241107183527.676877-3-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit 1220965d619178713844ef365beb9d9b88267e13 Author: Chiara Meiohas Date: Thu Nov 7 20:35:21 2024 +0200 net/mlx5: E-switch, unload IB representors when unloading ETH representors IB representors depend on ETH representors, so the IB representors should not exist without the ETH ones. When unloading the ETH representors, the corresponding IB representors should be also unloaded. The commit 8d159eb2117b ("RDMA/mlx5: Use IB set_netdev and get_netdev functions") introduced the use of the ib_device_set_netdev API in IB repsresentors. ib_device_set_netdev() increments the refcount of the representor's netdev when loading an IB representor and decrements it when unloading. Without the unloading of the IB representor, the refcount of the representor's netdev remains greater than 0, preventing it from being unregistered. The patch uncovered an underlying bug where the eth representor is unloaded, without unloading the IB representor. This issue happened when using multiport E-switch and rebooting, causing the shutdown to hang when unloading the ETH representor because the refcount of the representor's netdevice was greater than 0. Call trace: unregister_netdevice: waiting for eth3 to become free. Usage count = 2 ref_tracker: eth%d@00000000661d60f7 has 1/1 users at ib_device_set_netdev+0x160/0x2d0 [ib_core] mlx5_ib_vport_rep_load+0x104/0x3f0 [mlx5_ib] mlx5_eswitch_reload_ib_reps+0xfc/0x110 [mlx5_core] mlx5_mpesw_work+0x236/0x330 [mlx5_core] process_one_work+0x169/0x320 worker_thread+0x288/0x3a0 kthread+0xb8/0xe0 ret_from_fork+0x2d/0x50 ret_from_fork_asm+0x11/0x20 Fixes: 8d159eb2117b ("RDMA/mlx5: Use IB set_netdev and get_netdev functions") Signed-off-by: Chiara Meiohas Reviewed-by: Mark Bloch Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20241107183527.676877-2-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit cf8fbc6de307d9027179c06b761076e786fba6b0 Merge: 102d1404c38561 ce7356ae35943c Author: Jakub Kicinski Date: Mon Nov 11 19:06:36 2024 -0800 Merge branch 'mptcp-fix-a-couple-of-races' Paolo Abeni says: ==================== mptcp: fix a couple of races The first patch addresses a division by zero issue reported by Eric, the second one solves a similar issue found by code inspection while investigating the former. ==================== Link: https://patch.msgid.link/cover.1731060874.git.pabeni@redhat.com Signed-off-by: Jakub Kicinski commit ce7356ae35943cc6494cc692e62d51a734062b7d Author: Paolo Abeni Date: Fri Nov 8 11:58:17 2024 +0100 mptcp: cope racing subflow creation in mptcp_rcv_space_adjust Additional active subflows - i.e. created by the in kernel path manager - are included into the subflow list before starting the 3whs. A racing recvmsg() spooling data received on an already established subflow would unconditionally call tcp_cleanup_rbuf() on all the current subflows, potentially hitting a divide by zero error on the newly created ones. Explicitly check that the subflow is in a suitable state before invoking tcp_cleanup_rbuf(). Fixes: c76c6956566f ("mptcp: call tcp_cleanup_rbuf on subflows") Signed-off-by: Paolo Abeni Reviewed-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/02374660836e1b52afc91966b7535c8c5f7bafb0.1731060874.git.pabeni@redhat.com Signed-off-by: Jakub Kicinski commit 581302298524e9d77c4c44ff5156a6cd112227ae Author: Paolo Abeni Date: Fri Nov 8 11:58:16 2024 +0100 mptcp: error out earlier on disconnect Eric reported a division by zero splat in the MPTCP protocol: Oops: divide error: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 1 UID: 0 PID: 6094 Comm: syz-executor317 Not tainted 6.12.0-rc5-syzkaller-00291-g05b92660cdfe #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 RIP: 0010:__tcp_select_window+0x5b4/0x1310 net/ipv4/tcp_output.c:3163 Code: f6 44 01 e3 89 df e8 9b 75 09 f8 44 39 f3 0f 8d 11 ff ff ff e8 0d 74 09 f8 45 89 f4 e9 04 ff ff ff e8 00 74 09 f8 44 89 f0 99 7c 24 14 41 29 d6 45 89 f4 e9 ec fe ff ff e8 e8 73 09 f8 48 89 RSP: 0018:ffffc900041f7930 EFLAGS: 00010293 RAX: 0000000000017e67 RBX: 0000000000017e67 RCX: ffffffff8983314b RDX: 0000000000000000 RSI: ffffffff898331b0 RDI: 0000000000000004 RBP: 00000000005d6000 R08: 0000000000000004 R09: 0000000000017e67 R10: 0000000000003e80 R11: 0000000000000000 R12: 0000000000003e80 R13: ffff888031d9b440 R14: 0000000000017e67 R15: 00000000002eb000 FS: 00007feb5d7f16c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007feb5d8adbb8 CR3: 0000000074e4c000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __tcp_cleanup_rbuf+0x3e7/0x4b0 net/ipv4/tcp.c:1493 mptcp_rcv_space_adjust net/mptcp/protocol.c:2085 [inline] mptcp_recvmsg+0x2156/0x2600 net/mptcp/protocol.c:2289 inet_recvmsg+0x469/0x6a0 net/ipv4/af_inet.c:885 sock_recvmsg_nosec net/socket.c:1051 [inline] sock_recvmsg+0x1b2/0x250 net/socket.c:1073 __sys_recvfrom+0x1a5/0x2e0 net/socket.c:2265 __do_sys_recvfrom net/socket.c:2283 [inline] __se_sys_recvfrom net/socket.c:2279 [inline] __x64_sys_recvfrom+0xe0/0x1c0 net/socket.c:2279 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7feb5d857559 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007feb5d7f1208 EFLAGS: 00000246 ORIG_RAX: 000000000000002d RAX: ffffffffffffffda RBX: 00007feb5d8e1318 RCX: 00007feb5d857559 RDX: 000000800000000e RSI: 0000000000000000 RDI: 0000000000000003 RBP: 00007feb5d8e1310 R08: 0000000000000000 R09: ffffffff81000000 R10: 0000000000000100 R11: 0000000000000246 R12: 00007feb5d8e131c R13: 00007feb5d8ae074 R14: 000000800000000e R15: 00000000fffffdef and provided a nice reproducer. The root cause is the current bad handling of racing disconnect. After the blamed commit below, sk_wait_data() can return (with error) with the underlying socket disconnected and a zero rcv_mss. Catch the error and return without performing any additional operations on the current socket. Reported-by: Eric Dumazet Fixes: 419ce133ab92 ("tcp: allow again tcp_disconnect() when threads are waiting") Signed-off-by: Paolo Abeni Reviewed-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/8c82ecf71662ecbc47bf390f9905de70884c9f2d.1731060874.git.pabeni@redhat.com Signed-off-by: Jakub Kicinski commit 102d1404c385611c574498b1e0d1f3762e253359 Author: Mina Almasry Date: Thu Nov 7 21:03:31 2024 +0000 net: clarify SO_DEVMEM_DONTNEED behavior in documentation Document new behavior when the number of frags passed is too big. Signed-off-by: Mina Almasry Link: https://patch.msgid.link/20241107210331.3044434-2-almasrymina@google.com Signed-off-by: Jakub Kicinski commit f2685c00c3222305f5b6740a8b16ea044640283a Author: Mina Almasry Date: Thu Nov 7 21:03:30 2024 +0000 net: fix SO_DEVMEM_DONTNEED looping too long Exit early if we're freeing more than 1024 frags, to prevent looping too long. Also minor code cleanups: - Flip checks to reduce indentation. - Use sizeof(*tokens) everywhere for consistentcy. Cc: Yi Lai Signed-off-by: Mina Almasry Acked-by: Stanislav Fomichev Link: https://patch.msgid.link/20241107210331.3044434-1-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 247d720b2c5d22f7281437fd6054a138256986ba Author: Hajime Tazaki Date: Sat Nov 9 07:28:34 2024 +0900 nommu: pass NULL argument to vma_iter_prealloc() When deleting a vma entry from a maple tree, it has to pass NULL to vma_iter_prealloc() in order to calculate internal state of the tree, but it passed a wrong argument. As a result, nommu kernels crashed upon accessing a vma iterator, such as acct_collect() reading the size of vma entries after do_munmap(). This commit fixes this issue by passing a right argument to the preallocation call. Link: https://lkml.kernel.org/r/20241108222834.3625217-1-thehajime@gmail.com Fixes: b5df09226450 ("mm: set up vma iterator for vma_iter_prealloc() calls") Signed-off-by: Hajime Tazaki Reviewed-by: Liam R. Howlett Cc: Signed-off-by: Andrew Morton commit 23aab037106d46e6168ce1214a958ce9bf317f2e Author: Dmitry Antipov Date: Wed Nov 6 12:21:00 2024 +0300 ocfs2: fix UBSAN warning in ocfs2_verify_volume() Syzbot has reported the following splat triggered by UBSAN: UBSAN: shift-out-of-bounds in fs/ocfs2/super.c:2336:10 shift exponent 32768 is too large for 32-bit type 'int' CPU: 2 UID: 0 PID: 5255 Comm: repro Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014 Call Trace: dump_stack_lvl+0x241/0x360 ? __pfx_dump_stack_lvl+0x10/0x10 ? __pfx__printk+0x10/0x10 ? __asan_memset+0x23/0x50 ? lockdep_init_map_type+0xa1/0x910 __ubsan_handle_shift_out_of_bounds+0x3c8/0x420 ocfs2_fill_super+0xf9c/0x5750 ? __pfx_ocfs2_fill_super+0x10/0x10 ? __pfx_validate_chain+0x10/0x10 ? __pfx_validate_chain+0x10/0x10 ? validate_chain+0x11e/0x5920 ? __lock_acquire+0x1384/0x2050 ? __pfx_validate_chain+0x10/0x10 ? string+0x26a/0x2b0 ? widen_string+0x3a/0x310 ? string+0x26a/0x2b0 ? bdev_name+0x2b1/0x3c0 ? pointer+0x703/0x1210 ? __pfx_pointer+0x10/0x10 ? __pfx_format_decode+0x10/0x10 ? __lock_acquire+0x1384/0x2050 ? vsnprintf+0x1ccd/0x1da0 ? snprintf+0xda/0x120 ? __pfx_lock_release+0x10/0x10 ? do_raw_spin_lock+0x14f/0x370 ? __pfx_snprintf+0x10/0x10 ? set_blocksize+0x1f9/0x360 ? sb_set_blocksize+0x98/0xf0 ? setup_bdev_super+0x4e6/0x5d0 mount_bdev+0x20c/0x2d0 ? __pfx_ocfs2_fill_super+0x10/0x10 ? __pfx_mount_bdev+0x10/0x10 ? vfs_parse_fs_string+0x190/0x230 ? __pfx_vfs_parse_fs_string+0x10/0x10 legacy_get_tree+0xf0/0x190 ? __pfx_ocfs2_mount+0x10/0x10 vfs_get_tree+0x92/0x2b0 do_new_mount+0x2be/0xb40 ? __pfx_do_new_mount+0x10/0x10 __se_sys_mount+0x2d6/0x3c0 ? __pfx___se_sys_mount+0x10/0x10 ? do_syscall_64+0x100/0x230 ? __x64_sys_mount+0x20/0xc0 do_syscall_64+0xf3/0x230 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f37cae96fda Code: 48 8b 0d 51 ce 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 1e ce 0c 00 f7 d8 64 89 01 48 RSP: 002b:00007fff6c1aa228 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00007fff6c1aa240 RCX: 00007f37cae96fda RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 00007fff6c1aa240 RBP: 0000000000000004 R08: 00007fff6c1aa280 R09: 0000000000000000 R10: 00000000000008c0 R11: 0000000000000206 R12: 00000000000008c0 R13: 00007fff6c1aa280 R14: 0000000000000003 R15: 0000000001000000 For a really damaged superblock, the value of 'i_super.s_blocksize_bits' may exceed the maximum possible shift for an underlying 'int'. So add an extra check whether the aforementioned field represents the valid block size, which is 512 bytes, 1K, 2K, or 4K. Link: https://lkml.kernel.org/r/20241106092100.2661330-1-dmantipov@yandex.ru Fixes: ccd979bdbce9 ("[PATCH] OCFS2: The Second Oracle Cluster Filesystem") Signed-off-by: Dmitry Antipov Reported-by: syzbot+56f7cd1abe4b8e475180@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=56f7cd1abe4b8e475180 Reviewed-by: Joseph Qi Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Cc: Changwei Ge Cc: Jun Piao Cc: Signed-off-by: Andrew Morton commit 2026559a6c4ce34db117d2db8f710fe2a9420d5a Author: Ryusuke Konishi Date: Thu Nov 7 01:07:33 2024 +0900 nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint When using the "block:block_dirty_buffer" tracepoint, mark_buffer_dirty() may cause a NULL pointer dereference, or a general protection fault when KASAN is enabled. This happens because, since the tracepoint was added in mark_buffer_dirty(), it references the dev_t member bh->b_bdev->bd_dev regardless of whether the buffer head has a pointer to a block_device structure. In the current implementation, nilfs_grab_buffer(), which grabs a buffer to read (or create) a block of metadata, including b-tree node blocks, does not set the block device, but instead does so only if the buffer is not in the "uptodate" state for each of its caller block reading functions. However, if the uptodate flag is set on a folio/page, and the buffer heads are detached from it by try_to_free_buffers(), and new buffer heads are then attached by create_empty_buffers(), the uptodate flag may be restored to each buffer without the block device being set to bh->b_bdev, and mark_buffer_dirty() may be called later in that state, resulting in the bug mentioned above. Fix this issue by making nilfs_grab_buffer() always set the block device of the super block structure to the buffer head, regardless of the state of the buffer's uptodate flag. Link: https://lkml.kernel.org/r/20241106160811.3316-3-konishi.ryusuke@gmail.com Fixes: 5305cb830834 ("block: add block_{touch|dirty}_buffer tracepoint") Signed-off-by: Ryusuke Konishi Cc: Tejun Heo Cc: Ubisectech Sirius Cc: Signed-off-by: Andrew Morton commit cd45e963e44b0f10d90b9e6c0e8b4f47f3c92471 Author: Ryusuke Konishi Date: Thu Nov 7 01:07:32 2024 +0900 nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint Patch series "nilfs2: fix null-ptr-deref bugs on block tracepoints". This series fixes null pointer dereference bugs that occur when using nilfs2 and two block-related tracepoints. This patch (of 2): It has been reported that when using "block:block_touch_buffer" tracepoint, touch_buffer() called from __nilfs_get_folio_block() causes a NULL pointer dereference, or a general protection fault when KASAN is enabled. This happens because since the tracepoint was added in touch_buffer(), it references the dev_t member bh->b_bdev->bd_dev regardless of whether the buffer head has a pointer to a block_device structure. In the current implementation, the block_device structure is set after the function returns to the caller. Here, touch_buffer() is used to mark the folio/page that owns the buffer head as accessed, but the common search helper for folio/page used by the caller function was optimized to mark the folio/page as accessed when it was reimplemented a long time ago, eliminating the need to call touch_buffer() here in the first place. So this solves the issue by eliminating the touch_buffer() call itself. Link: https://lkml.kernel.org/r/20241106160811.3316-1-konishi.ryusuke@gmail.com Link: https://lkml.kernel.org/r/20241106160811.3316-2-konishi.ryusuke@gmail.com Fixes: 5305cb830834 ("block: add block_{touch|dirty}_buffer tracepoint") Signed-off-by: Ryusuke Konishi Reported-by: Ubisectech Sirius Closes: https://lkml.kernel.org/r/86bd3013-887e-4e38-960f-ca45c657f032.bugreport@valiantsec.com Reported-by: syzbot+9982fb8d18eba905abe2@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=9982fb8d18eba905abe2 Tested-by: syzbot+9982fb8d18eba905abe2@syzkaller.appspotmail.com Cc: Tejun Heo Cc: Signed-off-by: Andrew Morton commit 66edc3a5894c74f8887c8af23b97593a0dd0df4d Author: Roman Gushchin Date: Wed Nov 6 19:53:54 2024 +0000 mm: page_alloc: move mlocked flag clearance into free_pages_prepare() Syzbot reported a bad page state problem caused by a page being freed using free_page() still having a mlocked flag at free_pages_prepare() stage: BUG: Bad page state in process syz.5.504 pfn:61f45 page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61f45 flags: 0xfff00000080204(referenced|workingset|mlocked|node=0|zone=1|lastcpupid=0x7ff) raw: 00fff00000080204 0000000000000000 dead000000000122 0000000000000000 raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set page_owner tracks the page as allocated page last allocated via order 0, migratetype Unmovable, gfp_mask 0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), pid 8443, tgid 8442 (syz.5.504), ts 201884660643, free_ts 201499827394 set_page_owner include/linux/page_owner.h:32 [inline] post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1537 prep_new_page mm/page_alloc.c:1545 [inline] get_page_from_freelist+0x303f/0x3190 mm/page_alloc.c:3457 __alloc_pages_noprof+0x292/0x710 mm/page_alloc.c:4733 alloc_pages_mpol_noprof+0x3e8/0x680 mm/mempolicy.c:2265 kvm_coalesced_mmio_init+0x1f/0xf0 virt/kvm/coalesced_mmio.c:99 kvm_create_vm virt/kvm/kvm_main.c:1235 [inline] kvm_dev_ioctl_create_vm virt/kvm/kvm_main.c:5488 [inline] kvm_dev_ioctl+0x12dc/0x2240 virt/kvm/kvm_main.c:5530 __do_compat_sys_ioctl fs/ioctl.c:1007 [inline] __se_compat_sys_ioctl+0x510/0xc90 fs/ioctl.c:950 do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline] __do_fast_syscall_32+0xb4/0x110 arch/x86/entry/common.c:386 do_fast_syscall_32+0x34/0x80 arch/x86/entry/common.c:411 entry_SYSENTER_compat_after_hwframe+0x84/0x8e page last free pid 8399 tgid 8399 stack trace: reset_page_owner include/linux/page_owner.h:25 [inline] free_pages_prepare mm/page_alloc.c:1108 [inline] free_unref_folios+0xf12/0x18d0 mm/page_alloc.c:2686 folios_put_refs+0x76c/0x860 mm/swap.c:1007 free_pages_and_swap_cache+0x5c8/0x690 mm/swap_state.c:335 __tlb_batch_free_encoded_pages mm/mmu_gather.c:136 [inline] tlb_batch_pages_flush mm/mmu_gather.c:149 [inline] tlb_flush_mmu_free mm/mmu_gather.c:366 [inline] tlb_flush_mmu+0x3a3/0x680 mm/mmu_gather.c:373 tlb_finish_mmu+0xd4/0x200 mm/mmu_gather.c:465 exit_mmap+0x496/0xc40 mm/mmap.c:1926 __mmput+0x115/0x390 kernel/fork.c:1348 exit_mm+0x220/0x310 kernel/exit.c:571 do_exit+0x9b2/0x28e0 kernel/exit.c:926 do_group_exit+0x207/0x2c0 kernel/exit.c:1088 __do_sys_exit_group kernel/exit.c:1099 [inline] __se_sys_exit_group kernel/exit.c:1097 [inline] __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1097 x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Modules linked in: CPU: 0 UID: 0 PID: 8442 Comm: syz.5.504 Not tainted 6.12.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 bad_page+0x176/0x1d0 mm/page_alloc.c:501 free_page_is_bad mm/page_alloc.c:918 [inline] free_pages_prepare mm/page_alloc.c:1100 [inline] free_unref_page+0xed0/0xf20 mm/page_alloc.c:2638 kvm_destroy_vm virt/kvm/kvm_main.c:1327 [inline] kvm_put_kvm+0xc75/0x1350 virt/kvm/kvm_main.c:1386 kvm_vcpu_release+0x54/0x60 virt/kvm/kvm_main.c:4143 __fput+0x23f/0x880 fs/file_table.c:431 task_work_run+0x24f/0x310 kernel/task_work.c:239 exit_task_work include/linux/task_work.h:43 [inline] do_exit+0xa2f/0x28e0 kernel/exit.c:939 do_group_exit+0x207/0x2c0 kernel/exit.c:1088 __do_sys_exit_group kernel/exit.c:1099 [inline] __se_sys_exit_group kernel/exit.c:1097 [inline] __ia32_sys_exit_group+0x3f/0x40 kernel/exit.c:1097 ia32_sys_call+0x2624/0x2630 arch/x86/include/generated/asm/syscalls_32.h:253 do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline] __do_fast_syscall_32+0xb4/0x110 arch/x86/entry/common.c:386 do_fast_syscall_32+0x34/0x80 arch/x86/entry/common.c:411 entry_SYSENTER_compat_after_hwframe+0x84/0x8e RIP: 0023:0xf745d579 Code: Unable to access opcode bytes at 0xf745d54f. RSP: 002b:00000000f75afd6c EFLAGS: 00000206 ORIG_RAX: 00000000000000fc RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 00000000ffffff9c RDI: 00000000f744cff4 RBP: 00000000f717ae61 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 The problem was originally introduced by commit b109b87050df ("mm/munlock: replace clear_page_mlock() by final clearance"): it was focused on handling pagecache and anonymous memory and wasn't suitable for lower level get_page()/free_page() API's used for example by KVM, as with this reproducer. Fix it by moving the mlocked flag clearance down to free_page_prepare(). The bug itself if fairly old and harmless (aside from generating these warnings), aside from a small memory leak - "bad" pages are stopped from being allocated again. Link: https://lkml.kernel.org/r/20241106195354.270757-1-roman.gushchin@linux.dev Fixes: b109b87050df ("mm/munlock: replace clear_page_mlock() by final clearance") Signed-off-by: Roman Gushchin Reported-by: syzbot+e985d3026c4fd041578e@syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/6729f475.050a0220.701a.0019.GAE@google.com Acked-by: Hugh Dickins Cc: Matthew Wilcox Cc: Sean Christopherson Cc: Vlastimil Babka Cc: Signed-off-by: Andrew Morton commit 073d89808c065ac4c672c0a613a71b27a80691cb Author: Wang Liang Date: Thu Nov 7 10:34:05 2024 +0800 net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0 Modules linked in: CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc5 #26 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 RIP: 0010:inet_sock_destruct+0x1c5/0x1e0 Code: 24 12 4c 89 e2 5b 48 c7 c7 98 ec bb 82 41 5c e9 d1 18 17 ff 4c 89 e6 5b 48 c7 c7 d0 ec bb 82 41 5c e9 bf 18 17 ff 0f 0b eb 83 <0f> 0b eb 97 0f 0b eb 87 0f 0b e9 68 ff ff ff 66 66 2e 0f 1f 84 00 RSP: 0018:ffffc9000008bd90 EFLAGS: 00010206 RAX: 0000000000000300 RBX: ffff88810b172a90 RCX: 0000000000000007 RDX: 0000000000000002 RSI: 0000000000000300 RDI: ffff88810b172a00 RBP: ffff88810b172a00 R08: ffff888104273c00 R09: 0000000000100007 R10: 0000000000020000 R11: 0000000000000006 R12: ffff88810b172a00 R13: 0000000000000004 R14: 0000000000000000 R15: ffff888237c31f78 FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffc63fecac8 CR3: 000000000342e000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ? __warn+0x88/0x130 ? inet_sock_destruct+0x1c5/0x1e0 ? report_bug+0x18e/0x1a0 ? handle_bug+0x53/0x90 ? exc_invalid_op+0x18/0x70 ? asm_exc_invalid_op+0x1a/0x20 ? inet_sock_destruct+0x1c5/0x1e0 __sk_destruct+0x2a/0x200 rcu_do_batch+0x1aa/0x530 ? rcu_do_batch+0x13b/0x530 rcu_core+0x159/0x2f0 handle_softirqs+0xd3/0x2b0 ? __pfx_smpboot_thread_fn+0x10/0x10 run_ksoftirqd+0x25/0x30 smpboot_thread_fn+0xdd/0x1d0 kthread+0xd3/0x100 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x34/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 ---[ end trace 0000000000000000 ]--- Its possible that two threads call tcp_v6_do_rcv()/sk_forward_alloc_add() concurrently when sk->sk_state == TCP_LISTEN with sk->sk_lock unlocked, which triggers a data-race around sk->sk_forward_alloc: tcp_v6_rcv tcp_v6_do_rcv skb_clone_and_charge_r sk_rmem_schedule __sk_mem_schedule sk_forward_alloc_add() skb_set_owner_r sk_mem_charge sk_forward_alloc_add() __kfree_skb skb_release_all skb_release_head_state sock_rfree sk_mem_uncharge sk_forward_alloc_add() sk_mem_reclaim // set local var reclaimable __sk_mem_reclaim sk_forward_alloc_add() In this syzkaller testcase, two threads call tcp_v6_do_rcv() with skb->truesize=768, the sk_forward_alloc changes like this: (cpu 1) | (cpu 2) | sk_forward_alloc ... | ... | 0 __sk_mem_schedule() | | +4096 = 4096 | __sk_mem_schedule() | +4096 = 8192 sk_mem_charge() | | -768 = 7424 | sk_mem_charge() | -768 = 6656 ... | ... | sk_mem_uncharge() | | +768 = 7424 reclaimable=7424 | | | sk_mem_uncharge() | +768 = 8192 | reclaimable=8192 | __sk_mem_reclaim() | | -4096 = 4096 | __sk_mem_reclaim() | -8192 = -4096 != 0 The skb_clone_and_charge_r() should not be called in tcp_v6_do_rcv() when sk->sk_state is TCP_LISTEN, it happens later in tcp_v6_syn_recv_sock(). Fix the same issue in dccp_v6_do_rcv(). Suggested-by: Eric Dumazet Reviewed-by: Eric Dumazet Fixes: e994b2f0fb92 ("tcp: do not lock listener to process SYN packets") Signed-off-by: Wang Liang Link: https://patch.msgid.link/20241107023405.889239-1-wangliang74@huawei.com Signed-off-by: Jakub Kicinski commit 3022e9d00ebec31ed435ae0844e3f235dba998a9 Merge: 0ccd733ac99edc a6250aa251eaca Author: Linus Torvalds Date: Mon Nov 11 14:09:57 2024 -0800 Merge tag 'sched_ext-for-6.12-rc7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext Pull sched_ext fixes from Tejun Heo: - The fair sched class currently has a bug where its balance() returns true telling the sched core that it has tasks to run but then NULL from pick_task(). This makes sched core call sched_ext's pick_task() without preceding balance() which can lead to stalls in partial mode. For now, work around by detecting the condition and forcing the CPU to go through another scheduling cycle. - Add a missing newline to an error message and fix drgn introspection tool which went out of sync. * tag 'sched_ext-for-6.12-rc7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext: sched_ext: Handle cases where pick_task_scx() is called without preceding balance_scx() sched_ext: Update scx_show_state.py to match scx_ops_bypass_depth's new type sched_ext: Add a missing newline at the end of an error message commit 79365ea70714427b4dff89b43234ad7c3233d7ba Author: Jack Xiao Date: Mon Nov 4 18:06:01 2024 +0800 drm/amdgpu/mes12: correct kiq unmap latency Correct kiq unmap queue timeout value. Signed-off-by: Jack Xiao Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher (cherry picked from commit cfe98204a06329b6b7fce1b828b7d620473181ff) Cc: stable@vger.kernel.org # 6.11.x commit 0e5ac88fb918297a7484b67f2b484d43bed3fbbe Author: Christian König Date: Thu Oct 31 10:04:17 2024 +0100 drm/amdgpu: fix check in gmc_v9_0_get_vm_pte() The coherency flags can only be determined when the BO is locked and that in turn is only guaranteed when the mapping is validated. Fix the check, move the resource check into the function and add an assert that the BO is locked. Signed-off-by: Christian König Fixes: d1a372af1c3d ("drm/amdgpu: Set MTYPE in PTE based on BO flags") Acked-by: Alex Deucher Signed-off-by: Alex Deucher (cherry picked from commit 1b4ca8546f5b5c482717bedb8e031227b1541539) Cc: stable@vger.kernel.org commit df0279e2a1c0735e8ca80c5df8d9f8f9fc120b4a Author: Tim Huang Date: Mon Oct 28 13:51:50 2024 +0800 drm/amd/pm: print pp_dpm_mclk in ascending order on SMU v14.0.0 Currently, the pp_dpm_mclk values are reported in descending order on SMU IP v14.0.0/1/4. Adjust to ascending order for consistency with other clock interfaces. Signed-off-by: Tim Huang Reviewed-by: Yifan Zhang Signed-off-by: Alex Deucher (cherry picked from commit d4be16ccfd5bf822176740a51ff2306679a2247e) Cc: stable@vger.kernel.org commit d641a151fcaf0d043075b214b469a14abab25af2 Author: David Rosca Date: Mon Oct 21 09:36:11 2024 +0200 drm/amdgpu: Fix video caps for H264 and HEVC encode maximum size H264 supports 4096x4096 starting from Polaris. HEVC also supports 4096x4096, with VCN 3 and newer 8192x4352 is supported. Signed-off-by: David Rosca Reviewed-by: Leo Liu Signed-off-by: Alex Deucher (cherry picked from commit 69e9a9e65b1ea542d07e3fdd4222b46e9f5a3a29) Cc: stable@vger.kernel.org commit 16dd2825c23530f2259fc671960a3a65d2af69bd Author: Rodrigo Siqueira Date: Tue Nov 5 08:40:23 2024 -0700 drm/amd/display: Adjust VSDB parser for replay feature At some point, the IEEE ID identification for the replay check in the AMD EDID was added. However, this check causes the following out-of-bounds issues when using KASAN: [ 27.804016] BUG: KASAN: slab-out-of-bounds in amdgpu_dm_update_freesync_caps+0xefa/0x17a0 [amdgpu] [ 27.804788] Read of size 1 at addr ffff8881647fdb00 by task systemd-udevd/383 ... [ 27.821207] Memory state around the buggy address: [ 27.821215] ffff8881647fda00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.821224] ffff8881647fda80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.821234] >ffff8881647fdb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.821243] ^ [ 27.821250] ffff8881647fdb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.821259] ffff8881647fdc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.821268] ================================================================== This is caused because the ID extraction happens outside of the range of the edid lenght. This commit addresses this issue by considering the amd_vsdb_block size. Cc: ChiaHsuan Chung Reviewed-by: Leo Li Signed-off-by: Rodrigo Siqueira Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher (cherry picked from commit b7e381b1ccd5e778e3d9c44c669ad38439a861d8) Cc: stable@vger.kernel.org commit 9fc0cbcb6e45d6fc96ffd3bb7b6d6d28d693ff4d Author: Dillon Varone Date: Fri Nov 1 12:00:14 2024 -0400 drm/amd/display: Require minimum VBlank size for stutter optimization If the nominal VBlank is too small, optimizing for stutter can cause the prefetch bandwidth to increase drasticaly, resulting in higher clock and power requirements. Only optimize if it is >3x the stutter latency. Reviewed-by: Austin Zheng Signed-off-by: Dillon Varone Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher (cherry picked from commit 003215f962cdf2265f126a3f4c9ad20917f87fca) Cc: stable@vger.kernel.org commit 6825cb07b79ffeb1d90ffaa7a1227462cdca34ae Author: Ryan Seto Date: Fri Nov 1 10:19:56 2024 -0400 drm/amd/display: Handle dml allocation failure to avoid crash [Why] In the case where a dml allocation fails for any reason, the current state's dml contexts would no longer be valid. Then subsequent calls dc_state_copy_internal would shallow copy invalid memory and if the new state was released, a double free would occur. [How] Reset dml pointers in new_state to NULL and avoid invalid pointer Reviewed-by: Dillon Varone Signed-off-by: Ryan Seto Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher (cherry picked from commit bcafdc61529a48f6f06355d78eb41b3aeda5296c) Cc: stable@vger.kernel.org commit bd8a9576617439bdc907c9ce0875909aea4221cb Author: Tom Chung Date: Tue Oct 29 17:28:23 2024 +0800 drm/amd/display: Fix Panel Replay not update screen correctly [Why] In certain use case such as KDE login screen, there will be no atomic commit while do the frame update. If the Panel Replay enabled, it will cause the screen not updated and looks like system hang. [How] Delay few atomic commits before enabled the Panel Replay just like PSR. Fixes: be64336307a6c ("drm/amd/display: Re-enable panel replay feature") Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3686 Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3682 Tested-By: Corey Hickey Tested-By: James Courtier-Dutton Reviewed-by: Leo Li Signed-off-by: Tom Chung Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher (cherry picked from commit ca628f0eddd73adfccfcc06b2a55d915bca4a342) Cc: stable@vger.kernel.org # 6.11+ commit b8d9d5fef4915a383b4ce4d0f418352aa4701a87 Author: Tom Chung Date: Tue Oct 29 15:38:16 2024 +0800 drm/amd/display: Change some variable name of psr Panel Replay feature may also use the same variable with PSR. Change the variable name and make it not specify for PSR. Reviewed-by: Leo Li Signed-off-by: Tom Chung Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher (cherry picked from commit c7fafb7a46b38a11a19342d153f505749bf56f3e) Cc: stable@vger.kernel.org # 6.11+ commit 0ccd733ac99edc473aaee90c8f6adc346d82befb Merge: 2d5404caa8c7bb 83e445e64f48bd Author: Linus Torvalds Date: Mon Nov 11 09:06:17 2024 -0800 Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost Pull virtio fixes from Michael Tsirkin: "Several small bugfixes all over the place" * tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost: vdpa/mlx5: Fix error path during device add vp_vdpa: fix id_table array not null terminated error virtio_pci: Fix admin vq cleanup by using correct info pointer vDPA/ifcvf: Fix pci_read_config_byte() return code handling Fix typo in vringh_test.c vdpa: solidrun: Fix UB bug with devres vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans commit 346dbf1b1345476a6524512892cceb931bee3039 Author: Mikulas Patocka Date: Mon Nov 11 16:51:02 2024 +0100 dm-cache: fix warnings about duplicate slab caches The commit 4c39529663b9 adds a warning about duplicate cache names if CONFIG_DEBUG_VM is selected. These warnings are triggered by the dm-cache code. The dm-cache code allocates a slab cache for each device. This commit changes it to allocate just one slab cache in the module init function. Signed-off-by: Mikulas Patocka Fixes: 4c39529663b9 ("slab: Warn on duplicate cache names when DEBUG_VM=y") commit 42964e4b5e3ac95090bdd23ed7da2a941ccd902c Author: Mikulas Patocka Date: Mon Nov 11 16:48:18 2024 +0100 dm-bufio: fix warnings about duplicate slab caches The commit 4c39529663b9 adds a warning about duplicate cache names if CONFIG_DEBUG_VM is selected. These warnings are triggered by the dm-bufio code. The dm-bufio code allocates a slab cache with each client. It is not possible to preallocate the caches in the module init function because the size of auxiliary per-buffer data is not known at this point. So, this commit changes dm-bufio so that it appends a unique atomic value to the cache name, to avoid the warnings. Signed-off-by: Mikulas Patocka Fixes: 4c39529663b9 ("slab: Warn on duplicate cache names when DEBUG_VM=y") commit 1a1030d10a6335bb5e6cdb24fc9388d3d9bcc1ac Author: Rafael J. Wysocki Date: Thu Nov 7 13:36:10 2024 +0100 cpufreq: intel_pstate: Rearrange locking in hybrid_init_cpu_capacity_scaling() Notice that hybrid_init_cpu_capacity_scaling() only needs to hold hybrid_capacity_lock around __hybrid_init_cpu_capacity_scaling() calls, so introduce a "locked" wrapper around the latter and call it from the former. This allows to drop a local variable and a label that are not needed any more. Also, rename __hybrid_init_cpu_capacity_scaling() to __hybrid_refresh_cpu_capacity_scaling() for consistency. Interestingly enough, this fixes a locking issue introduced by commit 929ebc93ccaa ("cpufreq: intel_pstate: Set asymmetric CPU capacity on hybrid systems") that put an arch_enable_hybrid_capacity_scale() call under hybrid_capacity_lock, which was a mistake because the latter is acquired in CPU hotplug paths and so it cannot be held around cpus_read_lock() calls. Link: https://lore.kernel.org/linux-pm/SJ1PR11MB6129EDBF22F8A90FC3A3EDC8B9582@SJ1PR11MB6129.namprd11.prod.outlook.com/ Fixes: 929ebc93ccaa ("cpufreq: intel_pstate: Set asymmetric CPU capacity on hybrid systems") Signed-off-by: Rafael J. Wysocki Reported-by: "Borah, Chaitanya Kumar" Link: https://patch.msgid.link/12554508.O9o76ZdvQC@rjwysocki.net [ rjw: Changelog update ] Signed-off-by: Rafael J. Wysocki commit d859923faeca740ae9235e2b9328999836e681b9 Author: Deep Harsora Date: Mon Nov 11 15:06:18 2024 +0800 ASoC: intel: sof_sdw: add quirk for Dell SKU This patch adds a quirk to include the codec amplifier function for this Dell SKU. Note: In this SKU '0CF1', the RT722 codec amplifier is excluded, and an external amplifier is used instead. Signed-off-by: Deep Harsora Reviewed-by: Liam Girdwood Reviewed-by: Péter Ujfalusi Reviewed-by: Ranjani Sridharan Signed-off-by: Bard Liao Link: https://patch.msgid.link/20241111070618.5414-1-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit f8da001ae7af0abd9f6250c02c01a1121074ca60 Author: John Watts Date: Fri Nov 8 12:37:15 2024 +1100 ASoC: audio-graph-card2: Purge absent supplies for device tree nodes The audio graph card doesn't mark its subnodes such as multi {}, dpcm {} and c2c {} as not requiring any suppliers. This causes a hang as Linux waits for these phantom suppliers to show up on boot. Make it clear these nodes have no suppliers. Example error message: [ 15.208558] platform 2034000.i2s: deferred probe pending: platform: wait for supplier /sound/multi [ 15.208584] platform sound: deferred probe pending: asoc-audio-graph-card2: parse error Signed-off-by: John Watts Acked-by: Kuninori Morimoto Link: https://patch.msgid.link/20241108-graph_dt_fix-v1-1-173e2f9603d6@jookia.org Signed-off-by: Mark Brown commit 14062c267f09c7b33a8d5a7d9eb3908b9941aae4 Merge: ab1c793f457f74 2d5404caa8c7bb Author: Thomas Zimmermann Date: Mon Nov 11 09:23:27 2024 +0100 Merge drm/drm-fixes into drm-misc-fixes Backmerging to get fixes from v6.12-rc7. Signed-off-by: Thomas Zimmermann commit e7ac4daeed91a25382091e73818ea0cddb1afd5e Author: Barry Song Date: Thu Nov 7 14:12:46 2024 +1300 mm: count zeromap read and set for swapout and swapin When the proportion of folios from the zeromap is small, missing their accounting may not significantly impact profiling. However, it's easy to construct a scenario where this becomes an issue—for example, allocating 1 GB of memory, writing zeros from userspace, followed by MADV_PAGEOUT, and then swapping it back in. In this case, the swap-out and swap-in counts seem to vanish into a black hole, potentially causing semantic ambiguity. On the other hand, Usama reported that zero-filled pages can exceed 10% in workloads utilizing zswap, while Hailong noted that some app in Android have more than 6% zero-filled pages. Before commit 0ca0c24e3211 ("mm: store zero pages to be swapped out in a bitmap"), both zswap and zRAM implemented similar optimizations, leading to these optimized-out pages being counted in either zswap or zRAM counters (with pswpin/pswpout also increasing for zRAM). With zeromap functioning prior to both zswap and zRAM, userspace will no longer detect these swap-out and swap-in actions. We have three ways to address this: 1. Introduce a dedicated counter specifically for the zeromap. 2. Use pswpin/pswpout accounting, treating the zero map as a standard backend. This approach aligns with zRAM's current handling of same-page fills at the device level. However, it would mean losing the optimized-out page counters previously available in zRAM and would not align with systems using zswap. Additionally, as noted by Nhat Pham, pswpin/pswpout counters apply only to I/O done directly to the backend device. 3. Count zeromap pages under zswap, aligning with system behavior when zswap is enabled. However, this would not be consistent with zRAM, nor would it align with systems lacking both zswap and zRAM. Given the complications with options 2 and 3, this patch selects option 1. We can find these counters from /proc/vmstat (counters for the whole system) and memcg's memory.stat (counters for the interested memcg). For example: $ grep -E 'swpin_zero|swpout_zero' /proc/vmstat swpin_zero 1648 swpout_zero 33536 $ grep -E 'swpin_zero|swpout_zero' /sys/fs/cgroup/system.slice/memory.stat swpin_zero 3905 swpout_zero 3985 This patch does not address any specific zeromap bug, but the missing swpout and swpin counts for zero-filled pages can be highly confusing and may mislead user-space agents that rely on changes in these counters as indicators. Therefore, we add a Fixes tag to encourage the inclusion of this counter in any kernel versions with zeromap. Many thanks to Kanchana for the contribution of changing count_objcg_event() to count_objcg_events() to support large folios[1], which has now been incorporated into this patch. [1] https://lkml.kernel.org/r/20241001053222.6944-5-kanchana.p.sridhar@intel.com Link: https://lkml.kernel.org/r/20241107011246.59137-1-21cnbao@gmail.com Fixes: 0ca0c24e3211 ("mm: store zero pages to be swapped out in a bitmap") Co-developed-by: Kanchana P Sridhar Signed-off-by: Barry Song Reviewed-by: Nhat Pham Reviewed-by: Chengming Zhou Acked-by: Johannes Weiner Cc: Usama Arif Cc: Yosry Ahmed Cc: Hailong Liu Cc: David Hildenbrand Cc: Hugh Dickins Cc: Matthew Wilcox (Oracle) Cc: Shakeel Butt Cc: Andi Kleen Cc: Baolin Wang Cc: Chris Li Cc: "Huang, Ying" Cc: Kairui Song Cc: Ryan Roberts Signed-off-by: Andrew Morton commit 2642084f26b5a5e9353fa530efb30f49e752185d Author: Kent Overstreet Date: Sun Nov 10 23:28:33 2024 -0500 bcachefs: Allow for unknown key types in backpointers fsck We can't assume that btrees only contain keys of a given type - even if they only have a single key type listed in the allowed key types for that btree; this is a forwards compatibility issue. Reported-by: syzbot+a27c3aaa3640dd3e1dfb@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet commit 0b6ec0c5ac6c9e80a6157cbc5631802c81a674d7 Author: Kent Overstreet Date: Sun Nov 10 22:01:04 2024 -0500 bcachefs: Fix assertion pop in topology repair Fixes: baefd3f849ed ("bcachefs: btree_cache.freeable list fixes") Signed-off-by: Kent Overstreet commit 2d5404caa8c7bb5c4e0435f94b28834ae5456623 Author: Linus Torvalds Date: Sun Nov 10 14:19:35 2024 -0800 Linux 6.12-rc7 commit 541f3d87b6b7eb97073d0e5a46beae5ebcc0ba96 Merge: d7e67a9e8c304b 714398d8742d5e Author: Linus Torvalds Date: Sun Nov 10 14:16:28 2024 -0800 Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux Pull clk fixes from Stephen Boyd: "A handful of Qualcomm clk driver fixes: - Correct flags for X Elite USB MP GDSC and pcie pipediv2 clocks - Fix alpha PLL post_div mask for the cases where width is not specified - Avoid hangs in the SM8350 video driver (venus) by setting HW_CTRL trigger feature on the video clocks" * tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux: clk: qcom: gcc-x1e80100: Fix USB MP SS1 PHY GDSC pwrsts flags clk: qcom: gcc-x1e80100: Fix halt_check for pipediv2 clocks clk: qcom: clk-alpha-pll: Fix pll post div mask when width is not set clk: qcom: videocc-sm8350: use HW_CTRL_TRIGGER for vcodec GDSCs commit d7e67a9e8c304ba767c5069a9c1f0c8ca80276f9 Merge: ace149e0830c38 547aad93e00d5a Author: Linus Torvalds Date: Sun Nov 10 14:13:05 2024 -0800 Merge tag 'i2c-for-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux Pull i2c fixes from Wolfram Sang: "i2c-host fixes for v6.12-rc7 (from Andi): - Fix designware incorrect behavior when concluding a transmission - Fix Mule multiplexer error value evaluation" * tag 'i2c-for-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: i2c: designware: do not hold SCL low when I2C_DYNAMIC_TAR_UPDATE is not set i2c: muxes: Fix return value check in mule_i2c_mux_probe() commit ace149e0830c380ddfce7e466fe860ca502fe4ee Author: Trond Myklebust Date: Fri Sep 13 13:57:04 2024 -0400 filemap: Fix bounds checking in filemap_read() If the caller supplies an iocb->ki_pos value that is close to the filesystem upper limit, and an iterator with a count that causes us to overflow that limit, then filemap_read() enters an infinite loop. This behaviour was discovered when testing xfstests generic/525 with the "localio" optimisation for loopback NFS mounts. Reported-by: Mike Snitzer Fixes: c2a9737f45e2 ("vfs,mm: fix a dead loop in truncate_inode_pages_range()") Tested-by: Mike Snitzer Signed-off-by: Trond Myklebust Signed-off-by: Linus Torvalds commit a9cda7c0ffedb47b23002e109bd26ab2a2ab99c9 Merge: 28e43197c4460e 464cb98f1c0729 Author: Linus Torvalds Date: Sun Nov 10 09:37:47 2024 -0800 Merge tag 'irq_urgent_for_v6.12_rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull irq fix from Borislav Petkov: - Make sure GICv3 controller interrupt activation doesn't race with a concurrent deactivation due to propagation delays of the register write * tag 'irq_urgent_for_v6.12_rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: irqchip/gic-v3: Force propagation of the active state with a read-back commit 28e43197c4460e08b55554c05998d6de9da7d0b6 Merge: a558cc34936b48 c289f4de8e4792 Author: Linus Torvalds Date: Sun Nov 10 09:04:27 2024 -0800 Merge tag 'mm-hotfixes-stable-2024-11-09-22-40' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull misc fixes from Andrew Morton: "20 hotfixes, 14 of which are cc:stable. Three affect DAMON. Lorenzo's five-patch series to address the mmap_region error handling is here also. Apart from that, various singletons" * tag 'mm-hotfixes-stable-2024-11-09-22-40' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: mailmap: add entry for Thorsten Blum ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() signal: restore the override_rlimit logic fs/proc: fix compile warning about variable 'vmcore_mmap_ops' ucounts: fix counter leak in inc_rlimit_get_ucounts() selftests: hugetlb_dio: check for initial conditions to skip in the start mm: fix docs for the kernel parameter ``thp_anon=`` mm/damon/core: avoid overflow in damon_feed_loop_next_input() mm/damon/core: handle zero schemes apply interval mm/damon/core: handle zero {aggregation,ops_update} intervals mm/mlock: set the correct prev on failure objpool: fix to make percpu slot allocation more robust mm/page_alloc: keep track of free highatomic mm: resolve faulty mmap_region() error path behaviour mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling mm: refactor map_deny_write_exec() mm: unconditionally close VMAs on error mm: avoid unsafe VMA hook invocation when error arises on mmap hook mm/thp: fix deferred split unqueue naming and locking mm/thp: fix deferred split queue not partially_mapped commit a558cc34936b48909c0c54f7efac8b6a2c1120a4 Merge: 023d4fc00fdeac 742afcc22d8eb5 Author: Linus Torvalds Date: Sun Nov 10 08:56:48 2024 -0800 Merge tag 'usb-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb Pull USB/Thunderbolt fixes from Greg KH: "Here are some small remaining USB and Thunderbolt fixes and device ids for 6.12-rc7. Included in here are: - new USB serial driver device ids - thunderbolt driver fixes for reported problems - typec bugfixes - dwc3 driver fix - musb driver fix All of these have been in linux-next this past week with no reported issues" * tag 'usb-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: USB: serial: qcserial: add support for Sierra Wireless EM86xx thunderbolt: Fix connection issue with Pluggable UD-4VPD dock usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() usb: dwc3: fix fault at system suspend if device was already runtime suspended usb: typec: qcom-pmic: init value of hdr_len/txbuf_len earlier usb: musb: sunxi: Fix accessing an released usb phy USB: serial: io_edgeport: fix use after free in debug printk USB: serial: option: add Quectel RG650V USB: serial: option: add Fibocom FG132 0x0112 composition thunderbolt: Add only on-board retimers when !CONFIG_USB4_DEBUGFS_MARGINING commit 023d4fc00fdeac9c73b6c1da2d720eade48db020 Merge: de2f378f2b771b 807babf69027b4 Author: Linus Torvalds Date: Sun Nov 10 08:53:24 2024 -0800 Merge tag 'staging-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging Pull staging driver fixes from Greg KH: "Here are two small memory leak fixes for the vchiq_arm staging driver that have been sitting in my tree for weeks and should get merged for 6.12-rc7 so that people don't keep tripping over them. They both have been in linux-next for a while with no reported problems" * tag 'staging-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: staging: vchiq_arm: Use devm_kzalloc() for drv_mgmt allocation staging: vchiq_arm: Use devm_kzalloc() for vchiq_arm_state allocation commit 252e01e68241d33bfe0ed1fc333220d9bd8b06df Author: Jakub Kicinski Date: Thu Nov 7 16:47:31 2024 -0800 selftests: net: add netlink-dumps to .gitignore Commit 55d42a0c3f9c ("selftests: net: add a test for closing a netlink socket ith dump in progress") added a new test but did not add it to gitignore. Reviewed-by: Joe Damato Link: https://patch.msgid.link/20241108004731.2979878-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit ab1c793f457f740ab7108cc0b1340a402dbf484d Author: Andy Yan Date: Mon Oct 21 15:28:06 2024 +0800 drm/rockchip: vop: Fix a dereferenced before check warning The 'state' can't be NULL, we should check crtc_state. Fix warning: drivers/gpu/drm/rockchip/rockchip_drm_vop.c:1096 vop_plane_atomic_async_check() warn: variable dereferenced before check 'state' (see line 1077) Fixes: 5ddb0bd4ddc3 ("drm/atomic: Pass the full state to planes async atomic check and update") Signed-off-by: Andy Yan Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/20241021072818.61621-1-andyshrk@163.com commit 547aad93e00d5acdefb9ba6de2a7dfaeaf311475 Merge: 59b723cd2adbac 8de3e97f3d3d62 Author: Wolfram Sang Date: Sat Nov 9 23:47:51 2024 +0100 Merge tag 'i2c-host-fixes-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/andi.shyti/linux into i2c/for-current i2c-host fixes for v6.12-rc7 In designware an incorrect behavior has been fixes when concluding a transmission. Fixed return error value evaluation in the Mule multiplexer. commit e68da664d379f352d41d7955712c44e0a738e4ab Author: Stefan Wahren Date: Fri Nov 8 12:43:43 2024 +0100 net: vertexcom: mse102x: Fix tx_bytes calculation The tx_bytes should consider the actual size of the Ethernet frames without the SPI encapsulation. But we still need to take care of Ethernet padding. Fixes: 2f207cbf0dd4 ("net: vertexcom: Add MSE102x SPI support") Signed-off-by: Stefan Wahren Link: https://patch.msgid.link/20241108114343.6174-3-wahrenst@gmx.net Signed-off-by: Jakub Kicinski commit de2f378f2b771b39594c04695feee86476743a69 Merge: bceea667990a3c bb1fb40f8beb45 Author: Linus Torvalds Date: Sat Nov 9 13:18:07 2024 -0800 Merge tag 'nfsd-6.12-4' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux Pull nfsd fix from Chuck Lever: - Fix a v6.12-rc regression when exporting ext4 filesystems with NFSD * tag 'nfsd-6.12-4' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux: NFSD: Fix READDIR on NFSv3 mounts of ext4 exports commit bceea667990a3c00d371a58120a457452b4c741c Merge: a58f4dd9526abb ef7134c7fc48e1 Author: Linus Torvalds Date: Sat Nov 9 12:58:23 2024 -0800 Merge tag 'v6.12-rc6-smb3-client-fix' of git://git.samba.org/sfrench/cifs-2.6 Pull smb client fix from Steve French: "Fix net namespace refcount use after free issue" * tag 'v6.12-rc6-smb3-client-fix' of git://git.samba.org/sfrench/cifs-2.6: smb: client: Fix use-after-free of network namespace. commit a58f4dd9526abbb83523ea515508ba714a1e6881 Merge: da4373fbcf006d 52ff8e91f916fa Author: Linus Torvalds Date: Sat Nov 9 12:55:32 2024 -0800 Merge tag 'block-6.12-20241108' of git://git.kernel.dk/linux Pull block fix from Jens Axboe: "Single fix for an issue triggered with PROVE_RCU=y, with nvme using the wrong iterators for an SRCU protected list" * tag 'block-6.12-20241108' of git://git.kernel.dk/linux: nvme/host: Fix RCU list traversal to use SRCU primitive commit a6250aa251eacaf3ebfcfe152a96a727fd483ecd Author: Tejun Heo Date: Sat Nov 9 10:43:55 2024 -1000 sched_ext: Handle cases where pick_task_scx() is called without preceding balance_scx() sched_ext dispatches tasks from the BPF scheduler from balance_scx() and thus every pick_task_scx() call must be preceded by balance_scx(). While this usually holds, due to a bug, there are cases where the fair class's balance() returns true indicating that it has tasks to run on the CPU and thus terminating balance() calls but fails to actually find the next task to run when pick_task() is called. In such cases, pick_task_scx() can be called without preceding balance_scx(). Detect this condition using SCX_RQ_BAL_PENDING flags. If detected, keep running the previous task if possible and avoid stalling from entering idle without balancing. Signed-off-by: Tejun Heo Cc: Peter Zijlstra Link: http://lkml.kernel.org/r/Ztj_h5c2LYsdXYbA@slm.duckdns.org commit 03197e40a22c2641a1f9d1744418cd29f4954b83 Author: Mickaël Salaün Date: Sat Nov 9 12:08:56 2024 +0100 landlock: Optimize scope enforcement Do not walk through the domain hierarchy when the required scope is not supported by this domain. This is the same approach as for filesystem and network restrictions. Cc: Mikhail Ivanov Cc: Tahera Fahimi Reviewed-by: Günther Noack Link: https://lore.kernel.org/r/20241109110856.222842-4-mic@digikod.net Signed-off-by: Mickaël Salaün commit 8376226e5f53e78cd16a2b23577304e43acb3ba4 Author: Mickaël Salaün Date: Sat Nov 9 12:08:55 2024 +0100 landlock: Refactor network access mask management Replace get_raw_handled_net_accesses() and get_current_net_domain() with a call to landlock_get_applicable_domain(). Cc: Konstantin Meskhidze Cc: Mikhail Ivanov Reviewed-by: Günther Noack Link: https://lore.kernel.org/r/20241109110856.222842-3-mic@digikod.net Signed-off-by: Mickaël Salaün commit 0c0effb07f7d662af3e6f74da4d34241e412029b Author: Mickaël Salaün Date: Sat Nov 9 12:08:54 2024 +0100 landlock: Refactor filesystem access mask management Replace get_raw_handled_fs_accesses() with a generic landlock_union_access_masks(), and replace get_fs_domain() with a generic landlock_get_applicable_domain(). These helpers will also be useful for other types of access. Cc: Mikhail Ivanov Reviewed-by: Günther Noack Link: https://lore.kernel.org/r/20241109110856.222842-2-mic@digikod.net [mic: Slightly improve doc as suggested by Günther] Signed-off-by: Mickaël Salaün commit eb72e7fcc83987d5d5595b43222f23b295d5de7f Author: Eric Dumazet Date: Thu Nov 7 19:20:21 2024 +0000 sctp: fix possible UAF in sctp_v6_available() A lockdep report [1] with CONFIG_PROVE_RCU_LIST=y hints that sctp_v6_available() is calling dev_get_by_index_rcu() and ipv6_chk_addr() without holding rcu. [1] ============================= WARNING: suspicious RCU usage 6.12.0-rc5-virtme #1216 Tainted: G W ----------------------------- net/core/dev.c:876 RCU-list traversed in non-reader section!! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 1 lock held by sctp_hello/31495: #0: ffff9f1ebbdb7418 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sctp_bind (./arch/x86/include/asm/jump_label.h:27 net/sctp/socket.c:315) sctp stack backtrace: CPU: 7 UID: 0 PID: 31495 Comm: sctp_hello Tainted: G W 6.12.0-rc5-virtme #1216 Tainted: [W]=WARN Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 Call Trace: dump_stack_lvl (lib/dump_stack.c:123) lockdep_rcu_suspicious (kernel/locking/lockdep.c:6822) dev_get_by_index_rcu (net/core/dev.c:876 (discriminator 7)) sctp_v6_available (net/sctp/ipv6.c:701) sctp sctp_do_bind (net/sctp/socket.c:400 (discriminator 1)) sctp sctp_bind (net/sctp/socket.c:320) sctp inet6_bind_sk (net/ipv6/af_inet6.c:465) ? security_socket_bind (security/security.c:4581 (discriminator 1)) __sys_bind (net/socket.c:1848 net/socket.c:1869) ? do_user_addr_fault (./include/linux/rcupdate.h:347 ./include/linux/rcupdate.h:880 ./include/linux/mm.h:729 arch/x86/mm/fault.c:1340) ? do_user_addr_fault (./arch/x86/include/asm/preempt.h:84 (discriminator 13) ./include/linux/rcupdate.h:98 (discriminator 13) ./include/linux/rcupdate.h:882 (discriminator 13) ./include/linux/mm.h:729 (discriminator 13) arch/x86/mm/fault.c:1340 (discriminator 13)) __x64_sys_bind (net/socket.c:1877 (discriminator 1) net/socket.c:1875 (discriminator 1) net/socket.c:1875 (discriminator 1)) do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1)) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) RIP: 0033:0x7f59b934a1e7 Code: 44 00 00 48 8b 15 39 8c 0c 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 31 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 09 8c 0c 00 f7 d8 64 89 01 48 All code ======== 0: 44 00 00 add %r8b,(%rax) 3: 48 8b 15 39 8c 0c 00 mov 0xc8c39(%rip),%rdx # 0xc8c43 a: f7 d8 neg %eax c: 64 89 02 mov %eax,%fs:(%rdx) f: b8 ff ff ff ff mov $0xffffffff,%eax 14: eb bd jmp 0xffffffffffffffd3 16: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1) 1d: 00 00 00 20: 0f 1f 00 nopl (%rax) 23: b8 31 00 00 00 mov $0x31,%eax 28: 0f 05 syscall 2a:* 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction 30: 73 01 jae 0x33 32: c3 ret 33: 48 8b 0d 09 8c 0c 00 mov 0xc8c09(%rip),%rcx # 0xc8c43 3a: f7 d8 neg %eax 3c: 64 89 01 mov %eax,%fs:(%rcx) 3f: 48 rex.W Code starting with the faulting instruction =========================================== 0: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax 6: 73 01 jae 0x9 8: c3 ret 9: 48 8b 0d 09 8c 0c 00 mov 0xc8c09(%rip),%rcx # 0xc8c19 10: f7 d8 neg %eax 12: 64 89 01 mov %eax,%fs:(%rcx) 15: 48 rex.W RSP: 002b:00007ffe2d0ad398 EFLAGS: 00000202 ORIG_RAX: 0000000000000031 RAX: ffffffffffffffda RBX: 00007ffe2d0ad3d0 RCX: 00007f59b934a1e7 RDX: 000000000000001c RSI: 00007ffe2d0ad3d0 RDI: 0000000000000005 RBP: 0000000000000005 R08: 1999999999999999 R09: 0000000000000000 R10: 00007f59b9253298 R11: 0000000000000202 R12: 00007ffe2d0ada61 R13: 0000000000000000 R14: 0000562926516dd8 R15: 00007f59b9479000 Fixes: 6fe1e52490a9 ("sctp: check ipv6 addr with sk_bound_dev if set") Signed-off-by: Eric Dumazet Cc: Marcelo Ricardo Leitner Acked-by: Xin Long Link: https://patch.msgid.link/20241107192021.2579789-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit da4373fbcf006deda90e5e6a87c499e0ff747572 Merge: 4f63642c09dbcf 5469a8deac0539 Author: Linus Torvalds Date: Fri Nov 8 13:20:45 2024 -1000 Merge tag 'thermal-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull thermal control fixes from Rafael Wysocki: "These fix one issue in the qcom lmh thermal driver, a DT handling issue in the thermal core and two issues in the userspace thermal library: - Allow tripless thermal zones defined in a DT to be registered in accordance with the thermal DT bindings (Icenowy Zheng) - Annotate LMH IRQs with lockdep classes to prevent lockdep from reporting a possible recursive locking issue that cannot really occur (Dmitry Baryshkov) - Improve the thermal library "make clean" to remove a leftover symbolic link created during compilation and fix the sampling handler invocation in that library to pass the correct pointer to it (Emil Dahl Juhl, zhang jiao)" * tag 'thermal-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: thermal/of: support thermal zones w/o trips subnode tools/lib/thermal: Remove the thermal.h soft link when doing make clean tools/lib/thermal: Fix sampling handler context ptr thermal/drivers/qcom/lmh: Remove false lockdep backtrace commit 4f63642c09dbcfe09ba50b896c382e224f7e630f Merge: c7a8f2a504c396 92447aa5f6e7fb Author: Linus Torvalds Date: Fri Nov 8 13:13:54 2024 -1000 Merge tag 'pm-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull power management fix from Rafael Wysocki: "Fix the asymmetric CPU capacity support code in the intel_pstate driver, added during this develompent cycle, to address a corner case in which the capacity of a CPU going online is not updated (Rafael Wysocki)" * tag 'pm-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: cpufreq: intel_pstate: Update asym capacity for CPUs that were offline initially cpufreq: intel_pstate: Clear hybrid_max_perf_cpu before driver registration commit c7a8f2a504c396f229e6025eca609c4e66f44c8b Merge: 1eb714c660eb13 b79276dcac9124 Author: Linus Torvalds Date: Fri Nov 8 13:08:23 2024 -1000 Merge tag 'acpi-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull ACPI fix from Rafael Wysocki: "Fix the ACPI processor driver initialization ordering after recent changes to avoid calling init_freq_invariance_cppc() too early on AMD platforms (Mario Limonciello)" * tag 'acpi-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: ACPI: processor: Move arch_init_invariance_cppc() call later commit 1eb714c660eb136c47902d969fc162af9bdd52d0 Merge: c291c9cfd76a8f 0a77d947f599b1 Author: Linus Torvalds Date: Fri Nov 8 13:03:29 2024 -1000 Merge tag 'v6.12-rc6-ksmbd-fixes' of git://git.samba.org/ksmbd Pull smb server fixes from Steve French: "Four fixes, all also marked for stable: - fix two potential use after free issues - fix OOM issue with many simultaneous requests - fix missing error check in RPC pipe handling" * tag 'v6.12-rc6-ksmbd-fixes' of git://git.samba.org/ksmbd: ksmbd: check outstanding simultaneous SMB operations ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create ksmbd: Fix the missing xa_store error check commit fb86c42a2a5d44e849ddfbc98b8d2f4f40d36ee3 Author: Jiawei Ye Date: Fri Nov 8 08:18:52 2024 +0000 bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 In the bpf_out_neigh_v6 function, rcu_read_lock() is used to begin an RCU read-side critical section. However, when unlocking, one branch incorrectly uses a different RCU unlock flavour rcu_read_unlock_bh() instead of rcu_read_unlock(). This mismatch in RCU locking flavours can lead to unexpected behavior and potential concurrency issues. This possible bug was identified using a static analysis tool developed by myself, specifically designed to detect RCU-related issues. This patch corrects the mismatched unlock flavour by replacing the incorrect rcu_read_unlock_bh() with the appropriate rcu_read_unlock(), ensuring that the RCU critical section is properly exited. This change prevents potential synchronization issues and aligns with proper RCU usage patterns. Fixes: 09eed1192cec ("neighbour: switch to standard rcu, instead of rcu_bh") Signed-off-by: Jiawei Ye Acked-by: Yonghong Song Link: https://lore.kernel.org/r/tencent_CFD3D1C3D68B45EA9F52D8EC76D2C4134306@qq.com Signed-off-by: Martin KaFai Lau commit c291c9cfd76a8fb92ef3d66567e507009236ce90 Merge: 952a33dc08cefd 54c814c8b23bc7 Author: Linus Torvalds Date: Fri Nov 8 09:56:27 2024 -1000 Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi Pull SCSI fixes from James Bottomley: "Two small fixes, the drivers one in ufs simply delays running a work queue and the generic one in zoned storage switches to a more correct API that tries the standard buddy allocator first (for small allocations); this fixes an allocation problem with small allocations seen under memory pressure" * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: scsi: ufs: core: Start the RTC update work later scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer commit 952a33dc08cefde50540cc82abaa2e09f37ef540 Merge: 50643bbc9eb697 1a6bbc4d9e55d6 Author: Linus Torvalds Date: Fri Nov 8 09:49:32 2024 -1000 Merge tag 'drm-fixes-2024-11-09' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes from Dave Airlie: "Weekly fixes, usual leaders in amdgpu and xe, then a panel quirk, and some fixes to imagination and panthor drivers. Seems around the usual level for this time and don't know of any big problems. amdgpu: - Brightness fix - DC vbios parsing fix - ACPI fix - SMU 14.x fix - Power workload profile fix - GC partitioning fix - Debugfs fixes imagination: - Track PVR context per file - Break ref-counting cycle panel-orientation-quirks: - Fix matching Lenovo Yoga Tab 3 X90F panthor: - Lock VM array - Be strict about I/O mapping flags xe: - Fix ccs_mode setting for Xe2 and later - Synchronize ccs_mode setting with client creation - Apply scheduling WA for LNL in additional places as needed - Fix leak and lock handling in error paths of xe_exec ioctl - Fix GGTT allocation leak leading to eventual crash in SR-IOV - Move run_ticks update out of job handling to avoid synchronization with reader" * tag 'drm-fixes-2024-11-09' of https://gitlab.freedesktop.org/drm/kernel: (23 commits) drm/panthor: Be stricter about IO mapping flags drm/panthor: Lock XArray when getting entries for the VM drm: panel-orientation-quirks: Make Lenovo Yoga Tab 3 X90F DMI match less strict drm/xe: Stop accumulating LRC timestamp on job_free drm/xe/pf: Fix potential GGTT allocation leak drm/xe: Drop VM dma-resv lock on xe_sync_in_fence_get failure in exec IOCTL drm/xe: Fix possible exec queue leak in exec IOCTL drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() drm/amdgpu: Adjust debugfs eviction and IB access permissions drm/amdgpu: Adjust debugfs register access permissions drm/amdgpu: Fix DPX valid mode check on GC 9.4.3 drm/amd/pm: correct the workload setting drm/amd/pm: always pick the pptable from IFWI drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported drm/amd/display: parse umc_info or vram_info based on ASIC drm/amd/display: Fix brightness level not retained over reboot drm/xe/guc/tlb: Flush g2h worker in case of tlb timeout drm/xe/ufence: Flush xe ordered_wq in case of ufence timeout drm/xe: Move LNL scheduling WA to xe_device.h drm/xe: Use the filelist from drm for ccs_mode change ... commit 1a6bbc4d9e55d6c9df2dfe7d4f2705a544d8ca13 Merge: 9b984a71c240ed 514447a1219021 Author: Dave Airlie Date: Sat Nov 9 05:14:28 2024 +1000 Merge tag 'drm-xe-fixes-2024-11-08' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-fixes Driver Changes: - Fix ccs_mode setting for Xe2 and later (Balasubramani) - Synchronize ccs_mode setting with client creation (Balasubramani) - Apply scheduling WA for LNL in additional places as needed (Nirmoy) - Fix leak and lock handling in error paths of xe_exec ioctl (Matthew Brost) - Fix GGTT allocation leak leading to eventual crash in SR-IOV (Michal Wajdeczko) - Move run_ticks update out of job handling to avoid synchronization with reader (Lucas) Signed-off-by: Dave Airlie From: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/4ffcebtluaaaohquxfyf5babpihmtscxwad3jjmt5nggwh2xpm@ztw67ucywttg commit 9b984a71c240ed9287d6358109f6a0c6ab5bba32 Merge: fd836e82de0a98 f432a1621f049b Author: Dave Airlie Date: Sat Nov 9 05:03:44 2024 +1000 Merge tag 'drm-misc-fixes-2024-11-08' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-fixes Short summary of fixes pull: imagination: - Track PVR context per file - Break ref-counting cycle panel-orientation-quirks: - Fix matching Lenovo Yoga Tab 3 X90F panthor: - Lock VM array - Be strict about I/O mapping flags Signed-off-by: Dave Airlie From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20241108085058.GA37468@linux.fritz.box commit bcf77a05fb3d6210026483703bcacb22ed961c99 Author: Kent Overstreet Date: Fri Nov 8 00:25:18 2024 -0500 bcachefs: Fix hidden btree errors when reading roots We silence btree errors in btree_node_scan, since it's probing and errors are expected: add a fake pass so that btree_node_scan is no longer recovery pass 0, and we don't think we're in btree node scan when reading btree roots. Signed-off-by: Kent Overstreet commit dc537189b5cf09e61839491fc6a465c5659d7dbd Author: Kent Overstreet Date: Fri Nov 8 00:00:19 2024 -0500 bcachefs: Fix validate_bset() repair path When we truncate a bset (due to it extending past the end of the btree node), we can't skip the rest of the validation for e.g. the packed format (if it's the first bset in the node). Reported-by: syzbot+4d722d3c539d77c7bc82@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet commit 8de3e97f3d3d62cd9f3067f073e8ac93261597db Author: Liu Peibao Date: Fri Nov 1 16:12:43 2024 +0800 i2c: designware: do not hold SCL low when I2C_DYNAMIC_TAR_UPDATE is not set When the Tx FIFO is empty and the last command has no STOP bit set, the master holds SCL low. If I2C_DYNAMIC_TAR_UPDATE is not set, BIT(13) MST_ON_HOLD of IC_RAW_INTR_STAT is not enabled, causing the __i2c_dw_disable() timeout. This is quite similar to commit 2409205acd3c ("i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low"). Also check BIT(7) MST_HOLD_TX_FIFO_EMPTY in IC_STATUS, which is available when IC_STAT_FOR_CLK_STRETCH is set. Fixes: 2409205acd3c ("i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low") Co-developed-by: Xiaowu Ding Signed-off-by: Xiaowu Ding Co-developed-by: Angus Chen Signed-off-by: Angus Chen Signed-off-by: Liu Peibao Acked-by: Jarkko Nikula Signed-off-by: Andi Shyti commit 50643bbc9eb697636d08ccabb54f1b7d57941910 Merge: ceb061330df991 fa59caa7859813 Author: Linus Torvalds Date: Fri Nov 8 07:44:28 2024 -1000 Merge tag 'sound-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound Pull sound fixes from Takashi Iwai: "Still more changes floating than wished at this late stage, but all are small device-specific fixes, and look less troublesome. Including a few ASoC quirk / ID additoins, a series of ASoC STM fixes, HD-audio conexant codec regression fix, and other various quirks and device-specific fixes" * tag 'sound-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: ASoC: SOF: sof-client-probes-ipc4: Set param_size extension bits ASoC: stm: Prevent potential division by zero in stm32_sai_get_clk_div() ASoC: stm: Prevent potential division by zero in stm32_sai_mclk_round_rate() ASoC: amd: yc: Support dmic on another model of Lenovo Thinkpad E14 Gen 6 ASoC: SOF: amd: Fix for incorrect DMA ch status register offset ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022 ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove MAINTAINERS: Generic Sound Card section ALSA: usb-audio: Add quirk for HP 320 FHD Webcam ASoC: tas2781: Add new driver version for tas2563 & tas2781 qfn chip ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() ALSA: ump: Don't enumeration invalid groups for legacy rawmidi Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown" commit ceb061330df9911cc2e1b809ae62d47799d2e7e2 Merge: f1dce1f09380e2 702a47ce6dde72 Author: Linus Torvalds Date: Fri Nov 8 07:41:27 2024 -1000 Merge tag 'media/v6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media Pull media fixes from Mauro Carvalho Chehab: - dvb-core fixes for vb2 check and device registration - v4l2-core: fix an issue with error handling for VIDIOC_G_CTRL - vb2 core: fix an issue with vb plane copy logic - videobuf2-core: copy vb planes unconditionally - vivid: fix buffer overwrite when using > 32 buffers - vivid: fix a potential division by zero due to an issue at v4l2-tpg - some spectre vulnerability fixes - several OOM access fixes - some buffer overflow fixes * tag 'media/v6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media: media: videobuf2-core: copy vb planes unconditionally media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set media: vivid: fix buffer overwrite when using > 32 buffers media: pulse8-cec: fix data timestamp at pulse8_setup() media: cec: extron-da-hd-4k-plus: don't use -1 as an error code media: stb0899_algo: initialize cfr before using it media: adv7604: prevent underflow condition when reporting colorspace media: cx24116: prevent overflows on SNR calculus media: ar0521: don't overflow when checking PLL values media: s5p-jpeg: prevent buffer overflows media: av7110: fix a spectre vulnerability media: mgb4: protect driver against spectre media: dvb_frontend: don't play tricks with underflow values media: dvbdev: prevent the risk of out of memory access media: v4l2-tpg: prevent the risk of a division by zero media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl() media: dvb-core: add missing buffer index check commit f1dce1f09380e28633b8b910fd87b103d5a8e11e Merge: 9183e033ec4f8b 9c9201afebea1e Author: Linus Torvalds Date: Fri Nov 8 07:35:16 2024 -1000 Merge tag 'slab-for-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab Pull slab fix from Vlastimil Babka: - Fix for duplicate caches in some arm64 configurations with CONFIG_SLAB_BUCKETS (Koichiro Den) * tag 'slab-for-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab: mm/slab: fix warning caused by duplicate kmem_cache creation in kmem_buckets_create commit 9183e033ec4f8bdac778070ebccdd41727da2305 Merge: b5f1b488000068 2b084d8205949d Author: Linus Torvalds Date: Fri Nov 8 07:31:03 2024 -1000 Merge tag 'for-6.12-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux Pull btrfs fixes from David Sterba: "A few more one-liners that fix some user visible problems: - use correct range when clearing qgroup reservations after COW - properly reset freed delayed ref list head - fix ro/rw subvolume mounts to be backward compatible with old and new mount API" * tag 'for-6.12-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux: btrfs: fix the length of reserved qgroup to free btrfs: reinitialize delayed ref list after deleting it from the list btrfs: fix per-subvolume RO/RW flags with new mount API commit b5f1b488000068107869ab2553ab16b568f487b1 Merge: 9ea7edac83630a 8440da933127fc Author: Linus Torvalds Date: Fri Nov 8 07:27:14 2024 -1000 Merge tag 'bcachefs-2024-11-07' of git://evilpiepirate.org/bcachefs Pull bcachefs fixes from Kent Overstreet: "Some trivial syzbot fixes, two more serious btree fixes found by looping single_devices.ktest small_nodes: - Topology error on split after merge, where we accidentaly picked the node being deleted for the pivot, resulting in an assertion pop - New nodes being preallocated were left on the freedlist, unlocked, resulting in them sometimes being accidentally freed: this dated from pre-cycle detector, when we could leave them locked. This should have resulted in more explosions and fireworks, but turned out to be surprisingly hard to hit because the preallocated nodes were being used right away. The fix for this is bigger than we'd like - reworking btree list handling was a bit invasive - but we've now got more assertions and it's well tested. - Also another mishandled transaction restart fix (in btree_node_prefetch) - we're almost done with those" * tag 'bcachefs-2024-11-07' of git://evilpiepirate.org/bcachefs: bcachefs: Fix UAF in __promote_alloc() error path bcachefs: Change OPT_STR max to be 1 less than the size of choices array bcachefs: btree_cache.freeable list fixes bcachefs: check the invalid parameter for perf test bcachefs: add check NULL return of bio_kmalloc in journal_read_bucket bcachefs: Ensure BCH_FS_may_go_rw is set before exiting recovery bcachefs: Fix topology errors on split after merge bcachefs: Ancient versions with bad bkey_formats are no longer supported bcachefs: Fix error handling in bch2_btree_node_prefetch() bcachefs: Fix null ptr deref in bucket_gen_get() commit 9ea7edac83630a9e8a05042b8750eaa10ecb6a38 Merge: 51b47860ad8058 81235ae0c846e1 Author: Linus Torvalds Date: Fri Nov 8 07:19:58 2024 -1000 Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux Pull arm64 fixes from Will Deacon: "Here is a (hopefully) final round of arm64 fixes for 6.12 that address some user-visible floating point register corruption. Both of the Marks have been working on this for a couple of weeks and we've ended up in a position where SVE is solid but SME still has enough pending issues that the most pragmatic solution for the release and stable backports is to disable the feature. Yes, it's a shame, but the hardware is rare as hen's teeth at the moment and we're better off getting back to a known good state before fixing it all properly. We're also improving the selftests for 6.13 to help avoid merging broken code in the future. Anyway, the good news is that we're removing a lot more code than we're adding. Summary: - Fix handling of SVE traps from userspace on preemptible kernels when converting the saved floating point state into SVE state. - Remove broken support for the SMCCCv1.3 "SVE discard hint" optimisation. - Disable SME support, as the current support code suffers from numerous issues around signal delivery, ptrace access and context-switch which can lead to user-visible corruption of the register state" * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: arm64: Kconfig: Make SME depend on BROKEN for now arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint arm64/sve: Discard stale CPU state when handling SVE traps commit 51b47860ad8058ae54e4789b5f9b253fd555d2e9 Merge: 906bd684e4b1e5 a373830f96db28 Author: Linus Torvalds Date: Fri Nov 8 07:16:01 2024 -1000 Merge tag 'powerpc-6.12-6' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux Pull powerpc fix from Madhavan Srinivasan: - Fix spurious interrupts in Book3S HV Nested KVM Thanks to Gautam Menghani. * tag 'powerpc-6.12-6' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux: KVM: PPC: Book3S HV: Mask off LPCR_MER for a vCPU before running it to avoid spurious interrupts commit 577c134d311b9b94598d7a0c86be1f431f823003 Author: Ard Biesheuvel Date: Tue Nov 5 10:57:46 2024 -0500 x86/stackprotector: Work around strict Clang TLS symbol requirements GCC and Clang both implement stack protector support based on Thread Local Storage (TLS) variables, and this is used in the kernel to implement per-task stack cookies, by copying a task's stack cookie into a per-CPU variable every time it is scheduled in. Both now also implement -mstack-protector-guard-symbol=, which permits the TLS variable to be specified directly. This is useful because it will allow to move away from using a fixed offset of 40 bytes into the per-CPU area on x86_64, which requires a lot of special handling in the per-CPU code and the runtime relocation code. However, while GCC is rather lax in its implementation of this command line option, Clang actually requires that the provided symbol name refers to a TLS variable (i.e., one declared with __thread), although it also permits the variable to be undeclared entirely, in which case it will use an implicit declaration of the right type. The upshot of this is that Clang will emit the correct references to the stack cookie variable in most cases, e.g., 10d: 64 a1 00 00 00 00 mov %fs:0x0,%eax 10f: R_386_32 __stack_chk_guard However, if a non-TLS definition of the symbol in question is visible in the same compilation unit (which amounts to the whole of vmlinux if LTO is enabled), it will drop the per-CPU prefix and emit a load from a bogus address. Work around this by using a symbol name that never occurs in C code, and emit it as an alias in the linker script. Fixes: 3fb0fdb3bbe7 ("x86/stackprotector/32: Make the canary into a regular percpu variable") Signed-off-by: Ard Biesheuvel Signed-off-by: Brian Gerst Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Nathan Chancellor Tested-by: Nathan Chancellor Cc: stable@vger.kernel.org Link: https://github.com/ClangBuiltLinux/linux/issues/1854 Link: https://lore.kernel.org/r/20241105155801.1779119-2-brgerst@gmail.com commit aa0d42cacf093a6fcca872edc954f6f812926a17 Author: Sean Christopherson Date: Fri Nov 1 11:50:30 2024 -0700 KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN Hide KVM's pt_mode module param behind CONFIG_BROKEN, i.e. disable support for virtualizing Intel PT via guest/host mode unless BROKEN=y. There are myriad bugs in the implementation, some of which are fatal to the guest, and others which put the stability and health of the host at risk. For guest fatalities, the most glaring issue is that KVM fails to ensure tracing is disabled, and *stays* disabled prior to VM-Enter, which is necessary as hardware disallows loading (the guest's) RTIT_CTL if tracing is enabled (enforced via a VMX consistency check). Per the SDM: If the logical processor is operating with Intel PT enabled (if IA32_RTIT_CTL.TraceEn = 1) at the time of VM entry, the "load IA32_RTIT_CTL" VM-entry control must be 0. On the host side, KVM doesn't validate the guest CPUID configuration provided by userspace, and even worse, uses the guest configuration to decide what MSRs to save/load at VM-Enter and VM-Exit. E.g. configuring guest CPUID to enumerate more address ranges than are supported in hardware will result in KVM trying to passthrough, save, and load non-existent MSRs, which generates a variety of WARNs, ToPA ERRORs in the host, a potential deadlock, etc. Fixes: f99e3daf94ff ("KVM: x86: Add Intel PT virtualization work mode") Cc: stable@vger.kernel.org Cc: Adrian Hunter Signed-off-by: Sean Christopherson Reviewed-by: Xiaoyao Li Tested-by: Adrian Hunter Message-ID: <20241101185031.1799556-2-seanjc@google.com> Signed-off-by: Paolo Bonzini commit d3ddef46f22e8c3124e0df1f325bc6a18dadff39 Author: Sean Christopherson Date: Tue Nov 5 17:51:35 2024 -0800 KVM: x86: Unconditionally set irr_pending when updating APICv state Always set irr_pending (to true) when updating APICv status to fix a bug where KVM fails to set irr_pending when userspace sets APIC state and APICv is disabled, which ultimate results in KVM failing to inject the pending interrupt(s) that userspace stuffed into the vIRR, until another interrupt happens to be emulated by KVM. Only the APICv-disabled case is flawed, as KVM forces apic->irr_pending to be true if APICv is enabled, because not all vIRR updates will be visible to KVM. Hit the bug with a big hammer, even though strictly speaking KVM can scan the vIRR and set/clear irr_pending as appropriate for this specific case. The bug was introduced by commit 755c2bf87860 ("KVM: x86: lapic: don't touch irr_pending in kvm_apic_update_apicv when inhibiting it"), which as the shortlog suggests, deleted code that updated irr_pending. Before that commit, kvm_apic_update_apicv() did indeed scan the vIRR, with with the crucial difference that kvm_apic_update_apicv() did the scan even when APICv was being *disabled*, e.g. due to an AVIC inhibition. struct kvm_lapic *apic = vcpu->arch.apic; if (vcpu->arch.apicv_active) { /* irr_pending is always true when apicv is activated. */ apic->irr_pending = true; apic->isr_count = 1; } else { apic->irr_pending = (apic_search_irr(apic) != -1); apic->isr_count = count_vectors(apic->regs + APIC_ISR); } And _that_ bug (clearing irr_pending) was introduced by commit b26a695a1d78 ("kvm: lapic: Introduce APICv update helper function"), prior to which KVM unconditionally set irr_pending to true in kvm_apic_set_state(), i.e. assumed that the new virtual APIC state could have a pending IRQ. Furthermore, in addition to introducing this issue, commit 755c2bf87860 also papered over the underlying bug: KVM doesn't ensure CPUs and devices see APICv as disabled prior to searching the IRR. Waiting until KVM emulates an EOI to update irr_pending "works", but only because KVM won't emulate EOI until after refresh_apicv_exec_ctrl(), and there are plenty of memory barriers in between. I.e. leaving irr_pending set is basically hacking around bad ordering. So, effectively revert to the pre-b26a695a1d78 behavior for state restore, even though it's sub-optimal if no IRQs are pending, in order to provide a minimal fix, but leave behind a FIXME to document the ugliness. With luck, the ordering issue will be fixed and the mess will be cleaned up in the not-too-distant future. Fixes: 755c2bf87860 ("KVM: x86: lapic: don't touch irr_pending in kvm_apic_update_apicv when inhibiting it") Cc: stable@vger.kernel.org Cc: Maxim Levitsky Reported-by: Yong He Closes: https://lkml.kernel.org/r/20241023124527.1092810-1-alexyonghe%40tencent.com Signed-off-by: Sean Christopherson Message-ID: <20241106015135.2462147-1-seanjc@google.com> Signed-off-by: Paolo Bonzini commit e3a7792d96765ff435f3000e94619fcef2f6bfec Author: Dionna Glaze Date: Tue Nov 5 01:05:48 2024 +0000 kvm: svm: Fix gctx page leak on invalid inputs Ensure that snp gctx page allocation is adequately deallocated on failure during snp_launch_start. Fixes: 136d8bc931c8 ("KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command") CC: Sean Christopherson CC: Paolo Bonzini CC: Thomas Gleixner CC: Ingo Molnar CC: Borislav Petkov CC: Dave Hansen CC: Ashish Kalra CC: Tom Lendacky CC: John Allen CC: Herbert Xu CC: "David S. Miller" CC: Michael Roth CC: Luis Chamberlain CC: Russ Weight CC: Danilo Krummrich CC: Greg Kroah-Hartman CC: "Rafael J. Wysocki" CC: Tianfei zhang CC: Alexey Kardashevskiy Signed-off-by: Dionna Glaze Message-ID: <20241105010558.1266699-2-dionnaglaze@google.com> Signed-off-by: Paolo Bonzini commit 10299cdde869abab7a42fb5ab905a47a4e2cd24e Author: John Sperbeck Date: Tue Nov 5 19:40:31 2024 -0800 KVM: selftests: use X86_MEMTYPE_WB instead of VMX_BASIC_MEM_TYPE_WB In 08a7d2525511 ("tools arch x86: Sync the msr-index.h copy with the kernel sources"), VMX_BASIC_MEM_TYPE_WB was removed. Use X86_MEMTYPE_WB instead. Fixes: 08a7d2525511 ("tools arch x86: Sync the msr-index.h copy with the kernel sources") Signed-off-by: John Sperbeck Message-ID: <20241106034031.503291-1-jsperbeck@google.com> Signed-off-by: Paolo Bonzini commit 9893deb08b0f08b114458fe4966b049786fb876f Merge: 59b723cd2adbac e5d253c60e9627 Author: Paolo Bonzini Date: Fri Nov 8 04:01:38 2024 -0500 Merge tag 'kvm-x86-fixes-6.12-rcN' of https://github.com/kvm-x86/linux into HEAD KVM x86 and selftests fixes for 6.12: - Increase the timeout for the memslot performance selftest to avoid false failures on arm64 and nested x86 platforms. - Fix a goof in the guest_memfd selftest where a for-loop initialized a bit mask to zero instead of BIT(0). - Disable strict aliasing when building KVM selftests to prevent the compiler from treating things like "u64 *" to "uint64_t *" cases as undefined behavior, which can lead to nasty, hard to debug failures. - Force -march=x86-64-v2 for KVM x86 selftests if and only if the uarch is supported by the compiler. - When emulating a guest TLB flush for a nested guest, flush vpid01, not vpid02, if L2 is active but VPID is disabled in vmcs12, i.e. if L2 and L1 are sharing VPID '0' (from L1's perspective). - Fix a bug in the SNP initialization flow where KVM would return '0' to userspace instead of -errno on failure. commit fa59caa7859813b2a20f33e7c1f89459e7b6055f Merge: dabc44c28f1189 48b86532c10128 Author: Takashi Iwai Date: Fri Nov 8 09:25:33 2024 +0100 Merge tag 'asoc-fix-v6.12-rc6' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus ASoC: Fixes for v6.12 A moderately large pile of small changes here, split fairly evenly between fixes and ID additions/quirks and all of it driver specific. commit 742afcc22d8eb5dcc67c1dc58ed249851e7cdbdf Merge: 0c08402f64729e 25eb47eed52979 Author: Greg Kroah-Hartman Date: Fri Nov 8 08:36:31 2024 +0100 Merge tag 'usb-serial-6.12-rc7' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial into usb-linus Johan writes: USB-serial fixes for 6.12-rc7 Here's a fix for a long-standing use-after-free in an io_edgeport debug printk and some new modem device ids. All have been in linux-next with no reported issues. * tag 'usb-serial-6.12-rc7' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial: USB: serial: qcserial: add support for Sierra Wireless EM86xx USB: serial: io_edgeport: fix use after free in debug printk USB: serial: option: add Quectel RG650V USB: serial: option: add Fibocom FG132 0x0112 composition commit f8f1dde6868139f2294786365c56d7ff5cc3f4e7 Author: Kent Overstreet Date: Thu Nov 7 22:18:02 2024 -0500 bcachefs: Fix missing validation for bch_backpointer.level This fixes an assertion pop where we try to navigate to the target of the backpointer, and the path level isn't what we expect. Reported-by: syzbot+b17df21b4d370f2dc330@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet commit 27a036a0c3e7046f508143af96a54f657c3584b8 Author: Kent Overstreet Date: Thu Nov 7 23:24:22 2024 -0500 bcachefs: Fix bch_member.btree_bitmap_shift validation Needs to match the assert later when we resize... Reported-by: syzbot+e8eff054face85d7ea41@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet commit ca43f73cd1720e3b0b9c49deec1a13c89c0ca1e8 Author: Kent Overstreet Date: Thu Nov 7 21:48:33 2024 -0500 bcachefs: bch2_btree_write_buffer_flush_going_ro() The write buffer needs to be specifically flushed when going RO: keys in the journal that haven't yet been moved to the write buffer don't have a journal pin yet. This fixes numerous syzbot bugs, all with symptoms of still doing writes after we've got RO. Signed-off-by: Kent Overstreet commit fd836e82de0a98ea04c488953384da716b72ff7e Merge: 59b723cd2adbac 4d75b9468021c7 Author: Dave Airlie Date: Fri Nov 8 12:36:38 2024 +1000 Merge tag 'amd-drm-fixes-6.12-2024-11-07' of https://gitlab.freedesktop.org/agd5f/linux into drm-fixes amd-drm-fixes-6.12-2024-11-07: amdgpu: - Brightness fix - DC vbios parsing fix - ACPI fix - SMU 14.x fix - Power workload profile fix - GC partitioning fix - Debugfs fixes Signed-off-by: Dave Airlie From: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20241107182722.14147-1-alexander.deucher@amd.com commit 906bd684e4b1e517dd424a354744c5b0aebef8af Merge: 7b85bb4bc043d7 ebdcba2126a817 Author: Linus Torvalds Date: Thu Nov 7 12:53:43 2024 -1000 Merge tag 'spi-fix-v6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi Pull spi fix from Mark Brown: "An update for the maintainers of the AMD driver following some job changes there" * tag 'spi-fix-v6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi: MAINTAINERS: update AMD SPI maintainer commit 7b85bb4bc043d703c6d8bb35080b7753a1dd8021 Merge: bfc64d9b7e8cac 5e53e4a66bc743 Author: Linus Torvalds Date: Thu Nov 7 12:49:36 2024 -1000 Merge tag 'regulator-fix-v6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator Pull regulator fixes from Mark Brown: "A couple of small fixes for drivers, nothing particularly remarkable" * tag 'regulator-fix-v6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator: regulator: rk808: Add apply_bit for BUCK3 on RK809 regulator: rtq2208: Fix uninitialized use of regulator_config commit c289f4de8e479251b64988839fd0e87f246e03a2 Author: Thorsten Blum Date: Mon Nov 4 00:44:09 2024 +0100 mailmap: add entry for Thorsten Blum Map my previously used email address to my @linux.dev address. Link: https://lkml.kernel.org/r/20241103234411.2522-2-thorsten.blum@linux.dev Signed-off-by: Thorsten Blum Cc: Alex Elder Cc: David S. Miller Cc: Geliang Tang Cc: Kees Cook Cc: Mathieu Othacehe Cc: Matthieu Baerts (NGI0) Cc: Matt Ranostay Cc: Naoya Horiguchi Cc: Neeraj Upadhyay Cc: Quentin Monnet Signed-off-by: Andrew Morton commit 0b63c0e01fba40e3992bc627272ec7b618ccaef7 Author: Andrew Kanner Date: Sun Nov 3 20:38:45 2024 +0100 ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() Syzkaller is able to provoke null-ptr-dereference in ocfs2_xa_remove(): [ 57.319872] (a.out,1161,7):ocfs2_xa_remove:2028 ERROR: status = -12 [ 57.320420] (a.out,1161,7):ocfs2_xa_cleanup_value_truncate:1999 ERROR: Partial truncate while removing xattr overlay.upper. Leaking 1 clusters and removing the entry [ 57.321727] BUG: kernel NULL pointer dereference, address: 0000000000000004 [...] [ 57.325727] RIP: 0010:ocfs2_xa_block_wipe_namevalue+0x2a/0xc0 [...] [ 57.331328] Call Trace: [ 57.331477] [...] [ 57.333511] ? do_user_addr_fault+0x3e5/0x740 [ 57.333778] ? exc_page_fault+0x70/0x170 [ 57.334016] ? asm_exc_page_fault+0x2b/0x30 [ 57.334263] ? __pfx_ocfs2_xa_block_wipe_namevalue+0x10/0x10 [ 57.334596] ? ocfs2_xa_block_wipe_namevalue+0x2a/0xc0 [ 57.334913] ocfs2_xa_remove_entry+0x23/0xc0 [ 57.335164] ocfs2_xa_set+0x704/0xcf0 [ 57.335381] ? _raw_spin_unlock+0x1a/0x40 [ 57.335620] ? ocfs2_inode_cache_unlock+0x16/0x20 [ 57.335915] ? trace_preempt_on+0x1e/0x70 [ 57.336153] ? start_this_handle+0x16c/0x500 [ 57.336410] ? preempt_count_sub+0x50/0x80 [ 57.336656] ? _raw_read_unlock+0x20/0x40 [ 57.336906] ? start_this_handle+0x16c/0x500 [ 57.337162] ocfs2_xattr_block_set+0xa6/0x1e0 [ 57.337424] __ocfs2_xattr_set_handle+0x1fd/0x5d0 [ 57.337706] ? ocfs2_start_trans+0x13d/0x290 [ 57.337971] ocfs2_xattr_set+0xb13/0xfb0 [ 57.338207] ? dput+0x46/0x1c0 [ 57.338393] ocfs2_xattr_trusted_set+0x28/0x30 [ 57.338665] ? ocfs2_xattr_trusted_set+0x28/0x30 [ 57.338948] __vfs_removexattr+0x92/0xc0 [ 57.339182] __vfs_removexattr_locked+0xd5/0x190 [ 57.339456] ? preempt_count_sub+0x50/0x80 [ 57.339705] vfs_removexattr+0x5f/0x100 [...] Reproducer uses faultinject facility to fail ocfs2_xa_remove() -> ocfs2_xa_value_truncate() with -ENOMEM. In this case the comment mentions that we can return 0 if ocfs2_xa_cleanup_value_truncate() is going to wipe the entry anyway. But the following 'rc' check is wrong and execution flow do 'ocfs2_xa_remove_entry(loc);' twice: * 1st: in ocfs2_xa_cleanup_value_truncate(); * 2nd: returning back to ocfs2_xa_remove() instead of going to 'out'. Fix this by skipping the 2nd removal of the same entry and making syzkaller repro happy. Link: https://lkml.kernel.org/r/20241103193845.2940988-1-andrew.kanner@gmail.com Fixes: 399ff3a748cf ("ocfs2: Handle errors while setting external xattr values.") Signed-off-by: Andrew Kanner Reported-by: syzbot+386ce9e60fa1b18aac5b@syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/671e13ab.050a0220.2b8c0f.01d0.GAE@google.com/T/ Tested-by: syzbot+386ce9e60fa1b18aac5b@syzkaller.appspotmail.com Reviewed-by: Joseph Qi Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Cc: Changwei Ge Cc: Jun Piao Cc: Signed-off-by: Andrew Morton commit 9e05e5c7ee8758141d2db7e8fea2cab34500c6ed Author: Roman Gushchin Date: Mon Nov 4 19:54:19 2024 +0000 signal: restore the override_rlimit logic Prior to commit d64696905554 ("Reimplement RLIMIT_SIGPENDING on top of ucounts") UCOUNT_RLIMIT_SIGPENDING rlimit was not enforced for a class of signals. However now it's enforced unconditionally, even if override_rlimit is set. This behavior change caused production issues. For example, if the limit is reached and a process receives a SIGSEGV signal, sigqueue_alloc fails to allocate the necessary resources for the signal delivery, preventing the signal from being delivered with siginfo. This prevents the process from correctly identifying the fault address and handling the error. From the user-space perspective, applications are unaware that the limit has been reached and that the siginfo is effectively 'corrupted'. This can lead to unpredictable behavior and crashes, as we observed with java applications. Fix this by passing override_rlimit into inc_rlimit_get_ucounts() and skip the comparison to max there if override_rlimit is set. This effectively restores the old behavior. Link: https://lkml.kernel.org/r/20241104195419.3962584-1-roman.gushchin@linux.dev Fixes: d64696905554 ("Reimplement RLIMIT_SIGPENDING on top of ucounts") Signed-off-by: Roman Gushchin Co-developed-by: Andrei Vagin Signed-off-by: Andrei Vagin Acked-by: Oleg Nesterov Acked-by: Alexey Gladkov Cc: Kees Cook Cc: "Eric W. Biederman" Cc: Signed-off-by: Andrew Morton commit b8ee299855f08539e04d6c1a6acb3dc9e5423c00 Author: Qi Xi Date: Fri Nov 1 11:48:03 2024 +0800 fs/proc: fix compile warning about variable 'vmcore_mmap_ops' When build with !CONFIG_MMU, the variable 'vmcore_mmap_ops' is defined but not used: >> fs/proc/vmcore.c:458:42: warning: unused variable 'vmcore_mmap_ops' 458 | static const struct vm_operations_struct vmcore_mmap_ops = { Fix this by only defining it when CONFIG_MMU is enabled. Link: https://lkml.kernel.org/r/20241101034803.9298-1-xiqi2@huawei.com Fixes: 9cb218131de1 ("vmcore: introduce remap_oldmem_pfn_range()") Signed-off-by: Qi Xi Reported-by: kernel test robot Closes: https://lore.kernel.org/lkml/202410301936.GcE8yUos-lkp@intel.com/ Cc: Baoquan He Cc: Dave Young Cc: Michael Holzheu Cc: Vivek Goyal Cc: Wang ShaoBo Signed-off-by: Andrew Morton commit 432dc0654c612457285a5dcf9bb13968ac6f0804 Author: Andrei Vagin Date: Fri Nov 1 19:19:40 2024 +0000 ucounts: fix counter leak in inc_rlimit_get_ucounts() The inc_rlimit_get_ucounts() increments the specified rlimit counter and then checks its limit. If the value exceeds the limit, the function returns an error without decrementing the counter. Link: https://lkml.kernel.org/r/20241101191940.3211128-1-roman.gushchin@linux.dev Fixes: 15bc01effefe ("ucounts: Fix signal ucount refcounting") Signed-off-by: Andrei Vagin Co-developed-by: Roman Gushchin Signed-off-by: Roman Gushchin Tested-by: Roman Gushchin Acked-by: Alexey Gladkov Cc: Kees Cook Cc: Andrei Vagin Cc: "Eric W. Biederman" Cc: Alexey Gladkov Cc: Oleg Nesterov Cc: Signed-off-by: Andrew Morton commit 0268d4579901821ff17259213c2d8c9679995d48 Author: Muhammad Usama Anjum Date: Fri Nov 1 19:15:57 2024 +0500 selftests: hugetlb_dio: check for initial conditions to skip in the start The test should be skipped if initial conditions aren't fulfilled in the start instead of failing and outputting non-compliant TAP logs. This kind of failure pollutes the results. The initial conditions are: - The test should only execute if /tmp file can be allocated. - The test should only execute if huge pages are free. Before: TAP version 13 1..4 Bail out! Error opening file : Read-only file system (30) # Planned tests != run tests (4 != 0) # Totals: pass:0 fail:0 xfail:0 xpass:0 skip:0 error:0 After: TAP version 13 1..0 # SKIP Unable to allocate file: Read-only file system Link: https://lkml.kernel.org/r/20241101141557.3159432-1-usama.anjum@collabora.com Signed-off-by: Muhammad Usama Anjum Fixes: 3a103b5315b7 ("selftest: mm: Test if hugepage does not get leaked during __bio_release_pages()") Cc: Muhammad Usama Anjum Cc: Shuah Khan Cc: Donet Tom Cc: Signed-off-by: Andrew Morton commit 652e1a51465f2e8e75590bc3dd1e3a3b61020568 Author: Maíra Canal Date: Fri Nov 1 13:54:05 2024 -0300 mm: fix docs for the kernel parameter ``thp_anon=`` If we add ``thp_anon=32,64K:always`` to the kernel command line, we will see the following error: [ 0.000000] huge_memory: thp_anon=32,64K:always: error parsing string, ignoring setting This happens because the correct format isn't ``thp_anon=,[KMG]:```, as [KMG] must follow each number to especify its unit. So, the correct format is ``thp_anon=[KMG],[KMG]:```. Therefore, adjust the documentation to reflect the correct format of the parameter ``thp_anon=``. Link: https://lkml.kernel.org/r/20241101165719.1074234-3-mcanal@igalia.com Fixes: dd4d30d1cdbe ("mm: override mTHP "enabled" defaults at kernel cmdline") Signed-off-by: Maíra Canal Acked-by: Barry Song Acked-by: David Hildenbrand Cc: Baolin Wang Cc: Hugh Dickins Cc: Jonathan Corbet Cc: Lance Yang Cc: Ryan Roberts Signed-off-by: Andrew Morton commit 4401e9d10ab0281a520b9f8c220f30f60b5c248f Author: SeongJae Park Date: Thu Oct 31 09:12:03 2024 -0700 mm/damon/core: avoid overflow in damon_feed_loop_next_input() damon_feed_loop_next_input() is inefficient and fragile to overflows. Specifically, 'score_goal_diff_bp' calculation can overflow when 'score' is high. The calculation is actually unnecessary at all because 'goal' is a constant of value 10,000. Calculation of 'compensation' is again fragile to overflow. Final calculation of return value for under-achiving case is again fragile to overflow when the current score is under-achieving the target. Add two corner cases handling at the beginning of the function to make the body easier to read, and rewrite the body of the function to avoid overflows and the unnecessary bp value calcuation. Link: https://lkml.kernel.org/r/20241031161203.47751-1-sj@kernel.org Fixes: 9294a037c015 ("mm/damon/core: implement goal-oriented feedback-driven quota auto-tuning") Signed-off-by: SeongJae Park Reported-by: Guenter Roeck Closes: https://lore.kernel.org/944f3d5b-9177-48e7-8ec9-7f1331a3fea3@roeck-us.net Tested-by: Guenter Roeck Cc: [6.8.x] Signed-off-by: Andrew Morton commit 8e7bde615f634a82a44b1f3d293c049fd3ef9ca9 Author: SeongJae Park Date: Thu Oct 31 11:37:57 2024 -0700 mm/damon/core: handle zero schemes apply interval DAMON's logics to determine if this is the time to apply damos schemes assumes next_apply_sis is always set larger than current passed_sample_intervals. And therefore assume continuously incrementing passed_sample_intervals will make it reaches to the next_apply_sis in future. The logic hence does apply the scheme and update next_apply_sis only if passed_sample_intervals is same to next_apply_sis. If Schemes apply interval is set as zero, however, next_apply_sis is set same to current passed_sample_intervals, respectively. And passed_sample_intervals is incremented before doing the next_apply_sis check. Hence, next_apply_sis becomes larger than next_apply_sis, and the logic says it is not the time to apply schemes and update next_apply_sis. In other words, DAMON stops applying schemes until passed_sample_intervals overflows. Based on the documents and the common sense, a reasonable behavior for such inputs would be applying the schemes for every sampling interval. Handle the case by removing the assumption. Link: https://lkml.kernel.org/r/20241031183757.49610-3-sj@kernel.org Fixes: 42f994b71404 ("mm/damon/core: implement scheme-specific apply interval") Signed-off-by: SeongJae Park Cc: [6.7.x] Signed-off-by: Andrew Morton commit 3488af0970445ff5532c7e8dc5e6456b877aee5e Author: SeongJae Park Date: Thu Oct 31 11:37:56 2024 -0700 mm/damon/core: handle zero {aggregation,ops_update} intervals Patch series "mm/damon/core: fix handling of zero non-sampling intervals". DAMON's internal intervals accounting logic is not correctly handling non-sampling intervals of zero values for a wrong assumption. This could cause unexpected monitoring behavior, and even result in infinite hang of DAMON sysfs interface user threads in case of zero aggregation interval. Fix those by updating the intervals accounting logic. For details of the root case and solutions, please refer to commit messages of fixes. This patch (of 2): DAMON's logics to determine if this is the time to do aggregation and ops update assumes next_{aggregation,ops_update}_sis are always set larger than current passed_sample_intervals. And therefore it further assumes continuously incrementing passed_sample_intervals every sampling interval will make it reaches to the next_{aggregation,ops_update}_sis in future. The logic therefore make the action and update next_{aggregation,ops_updaste}_sis only if passed_sample_intervals is same to the counts, respectively. If Aggregation interval or Ops update interval are zero, however, next_aggregation_sis or next_ops_update_sis are set same to current passed_sample_intervals, respectively. And passed_sample_intervals is incremented before doing the next_{aggregation,ops_update}_sis check. Hence, passed_sample_intervals becomes larger than next_{aggregation,ops_update}_sis, and the logic says it is not the time to do the action and update next_{aggregation,ops_update}_sis forever, until an overflow happens. In other words, DAMON stops doing aggregations or ops updates effectively forever, and users cannot get monitoring results. Based on the documents and the common sense, a reasonable behavior for such inputs is doing an aggregation and an ops update for every sampling interval. Handle the case by removing the assumption. Note that this could incur particular real issue for DAMON sysfs interface users, in case of zero Aggregation interval. When user starts DAMON with zero Aggregation interval and asks online DAMON parameter tuning via DAMON sysfs interface, the request is handled by the aggregation callback. Until the callback finishes the work, the user who requested the online tuning just waits. Hence, the user will be stuck until the passed_sample_intervals overflows. Link: https://lkml.kernel.org/r/20241031183757.49610-1-sj@kernel.org Link: https://lkml.kernel.org/r/20241031183757.49610-2-sj@kernel.org Fixes: 4472edf63d66 ("mm/damon/core: use number of passed access sampling as a timer") Signed-off-by: SeongJae Park Cc: [6.7.x] Signed-off-by: Andrew Morton commit faa242b1d2a97143150bdc50d5b61fd70fcd17cd Author: Wei Yang Date: Sun Oct 27 12:33:21 2024 +0000 mm/mlock: set the correct prev on failure After commit 94d7d9233951 ("mm: abstract the vma_merge()/split_vma() pattern for mprotect() et al."), if vma_modify_flags() return error, the vma is set to an error code. This will lead to an invalid prev be returned. Generally this shouldn't matter as the caller should treat an error as indicating state is now invalidated, however unfortunately apply_mlockall_flags() does not check for errors and assumes that mlock_fixup() correctly maintains prev even if an error were to occur. This patch fixes that assumption. [lorenzo.stoakes@oracle.com: provide a better fix and rephrase the log] Link: https://lkml.kernel.org/r/20241027123321.19511-1-richard.weiyang@gmail.com Fixes: 94d7d9233951 ("mm: abstract the vma_merge()/split_vma() pattern for mprotect() et al.") Signed-off-by: Wei Yang Reviewed-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Cc: Vlastimil Babka Cc: Jann Horn Cc: Signed-off-by: Andrew Morton commit cb6fcef8b4b6c655b6a25cc3a415cd9eb81b3da8 Author: Masami Hiramatsu (Google) Date: Mon Oct 28 12:26:27 2024 +0900 objpool: fix to make percpu slot allocation more robust Since gfp & GFP_ATOMIC == GFP_ATOMIC is true for GFP_KERNEL | GFP_HIGH, it will use kmalloc if user specifies that combination. Here the reason why combining the __vmalloc_node() and kmalloc_node() is that the vmalloc does not support all GFP flag, especially GFP_ATOMIC. So we should check if gfp & (GFP_ATOMIC | GFP_KERNEL) != GFP_ATOMIC for vmalloc first. This ensures caller can sleep. And for the robustness, even if vmalloc fails, it should retry with kmalloc to allocate it. Link: https://lkml.kernel.org/r/173008598713.1262174.2959179484209897252.stgit@mhiramat.roam.corp.google.com Fixes: aff1871bfc81 ("objpool: fix choosing allocation for percpu slots") Signed-off-by: Masami Hiramatsu (Google) Reported-by: Linus Torvalds Closes: https://lore.kernel.org/all/CAHk-=whO+vSH+XVRio8byJU8idAWES0SPGVZ7KAVdc4qrV0VUA@mail.gmail.com/ Cc: Leo Yan Cc: Linus Torvalds Cc: Matt Wu Cc: Mikel Rychliski Cc: Steven Rostedt (Google) Cc: Viktor Malik Signed-off-by: Andrew Morton commit c928807f6f6b6d595a7e199591ae297c81de3aeb Author: Yu Zhao Date: Mon Oct 28 12:26:53 2024 -0600 mm/page_alloc: keep track of free highatomic OOM kills due to vastly overestimated free highatomic reserves were observed: ... invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0 ... Node 0 Normal free:1482936kB boost:0kB min:410416kB low:739404kB high:1068392kB reserved_highatomic:1073152KB ... Node 0 Normal: 1292*4kB (ME) 1920*8kB (E) 383*16kB (UE) 220*32kB (ME) 340*64kB (E) 2155*128kB (UE) 3243*256kB (UE) 615*512kB (U) 1*1024kB (M) 0*2048kB 0*4096kB = 1477408kB The second line above shows that the OOM kill was due to the following condition: free (1482936kB) - reserved_highatomic (1073152kB) = 409784KB < min (410416kB) And the third line shows there were no free pages in any MIGRATE_HIGHATOMIC pageblocks, which otherwise would show up as type 'H'. Therefore __zone_watermark_unusable_free() underestimated the usable free memory by over 1GB, which resulted in the unnecessary OOM kill above. The comments in __zone_watermark_unusable_free() warns about the potential risk, i.e., If the caller does not have rights to reserves below the min watermark then subtract the high-atomic reserves. This will over-estimate the size of the atomic reserve but it avoids a search. However, it is possible to keep track of free pages in reserved highatomic pageblocks with a new per-zone counter nr_free_highatomic protected by the zone lock, to avoid a search when calculating the usable free memory. And the cost would be minimal, i.e., simple arithmetics in the highatomic alloc/free/move paths. Note that since nr_free_highatomic can be relatively small, using a per-cpu counter might cause too much drift and defeat its purpose, in addition to the extra memory overhead. Dependson e0932b6c1f94 ("mm: page_alloc: consolidate free page accounting") - see [1] [akpm@linux-foundation.org: s/if/else if/, per Johannes, stealth whitespace tweak] Link: https://lkml.kernel.org/r/20241028182653.3420139-1-yuzhao@google.com Link: https://lkml.kernel.org/r/0d0ddb33-fcdc-43e2-801f-0c1df2031afb@suse.cz [1] Fixes: 0aaa29a56e4f ("mm, page_alloc: reserve pageblocks for high-order atomic allocations on demand") Signed-off-by: Yu Zhao Reported-by: Link Lin Acked-by: David Rientjes Acked-by: Vlastimil Babka Acked-by: Johannes Weiner Signed-off-by: Andrew Morton commit 83e445e64f48bdae3f25013e788fcf592f142576 Author: Dragos Tatulea Date: Tue Nov 5 20:51:02 2024 +0200 vdpa/mlx5: Fix error path during device add In the error recovery path of mlx5_vdpa_dev_add(), the cleanup is executed and at the end put_device() is called which ends up calling mlx5_vdpa_free(). This function will execute the same cleanup all over again. Most resources support being cleaned up twice, but the recent mlx5_vdpa_destroy_mr_resources() doesn't. This change drops the explicit cleanup from within the mlx5_vdpa_dev_add() and lets mlx5_vdpa_free() do its work. This issue was discovered while trying to add 2 vdpa devices with the same name: $> vdpa dev add name vdpa-0 mgmtdev auxiliary/mlx5_core.sf.2 $> vdpa dev add name vdpa-0 mgmtdev auxiliary/mlx5_core.sf.3 ... yields the following dump: BUG: kernel NULL pointer dereference, address: 00000000000000b8 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: Oops: 0000 [#1] SMP CPU: 4 UID: 0 PID: 2811 Comm: vdpa Not tainted 6.12.0-rc6 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 RIP: 0010:destroy_workqueue+0xe/0x2a0 Code: ... RSP: 0018:ffff88814920b9a8 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffff888105c10000 RCX: 0000000000000000 RDX: 0000000000000001 RSI: ffff888100400168 RDI: 0000000000000000 RBP: 0000000000000000 R08: ffff888100120c00 R09: ffffffff828578c0 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: ffff888131fd99a0 R14: 0000000000000000 R15: ffff888105c10580 FS: 00007fdfa6b4f740(0000) GS:ffff88852ca00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000000b8 CR3: 000000018db09006 CR4: 0000000000372eb0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ? __die+0x20/0x60 ? page_fault_oops+0x150/0x3e0 ? exc_page_fault+0x74/0x130 ? asm_exc_page_fault+0x22/0x30 ? destroy_workqueue+0xe/0x2a0 mlx5_vdpa_destroy_mr_resources+0x2b/0x40 [mlx5_vdpa] mlx5_vdpa_free+0x45/0x150 [mlx5_vdpa] vdpa_release_dev+0x1e/0x50 [vdpa] device_release+0x31/0x90 kobject_put+0x8d/0x230 mlx5_vdpa_dev_add+0x328/0x8b0 [mlx5_vdpa] vdpa_nl_cmd_dev_add_set_doit+0x2b8/0x4c0 [vdpa] genl_family_rcv_msg_doit+0xd0/0x120 genl_rcv_msg+0x180/0x2b0 ? __vdpa_alloc_device+0x1b0/0x1b0 [vdpa] ? genl_family_rcv_msg_dumpit+0xf0/0xf0 netlink_rcv_skb+0x54/0x100 genl_rcv+0x24/0x40 netlink_unicast+0x1fc/0x2d0 netlink_sendmsg+0x1e4/0x410 __sock_sendmsg+0x38/0x60 ? sockfd_lookup_light+0x12/0x60 __sys_sendto+0x105/0x160 ? __count_memcg_events+0x53/0xe0 ? handle_mm_fault+0x100/0x220 ? do_user_addr_fault+0x40d/0x620 __x64_sys_sendto+0x20/0x30 do_syscall_64+0x4c/0x100 entry_SYSCALL_64_after_hwframe+0x4b/0x53 RIP: 0033:0x7fdfa6c66b57 Code: ... RSP: 002b:00007ffeace22998 EFLAGS: 00000202 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 000055a498608350 RCX: 00007fdfa6c66b57 RDX: 000000000000006c RSI: 000055a498608350 RDI: 0000000000000003 RBP: 00007ffeace229c0 R08: 00007fdfa6d35200 R09: 000000000000000c R10: 0000000000000000 R11: 0000000000000202 R12: 000055a4986082a0 R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffeace233f3 Modules linked in: ... CR2: 00000000000000b8 Fixes: 62111654481d ("vdpa/mlx5: Postpone MR deletion") Signed-off-by: Dragos Tatulea Message-Id: <20241105185101.1323272-2-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin Acked-by: Jason Wang Acked-by: Eugenio Pérez commit 8440da933127fc5330c3d1090cdd612fddbc40eb Author: Kent Overstreet Date: Wed Nov 6 16:40:08 2024 -0500 bcachefs: Fix UAF in __promote_alloc() error path If we error in data_update_init() after adding to the rhashtable of outstanding promotes, kfree_rcu() is required. Reported-by: Reed Riley Signed-off-by: Kent Overstreet commit f9f0a5390dcef1f96cc506a2cf7d50c8e348fa3d Author: Piotr Zalewski Date: Wed Nov 6 19:46:30 2024 +0000 bcachefs: Change OPT_STR max to be 1 less than the size of choices array Change OPT_STR max value to be 1 less than the "ARRAY_SIZE" of "_choices" array. As a result, remove -1 from (opt->max-1) in bch2_opt_to_text. The "_choices" array is a null-terminated array, so computing the maximum using "ARRAY_SIZE" without subtracting 1 yields an incorrect result. Since bch2_opt_validate don't subtract 1, as bch2_opt_to_text does, values bigger than the actual maximum would pass through option validation. Reported-by: syzbot+bee87a0c3291c06aa8c6@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=bee87a0c3291c06aa8c6 Fixes: 63c4b2545382 ("bcachefs: Better superblock opt validation") Suggested-by: Kent Overstreet Signed-off-by: Piotr Zalewski Signed-off-by: Kent Overstreet commit baefd3f849ed956d4c1aee80889093cf0d9c6a94 Author: Kent Overstreet Date: Thu Oct 31 01:17:54 2024 -0400 bcachefs: btree_cache.freeable list fixes When allocating new btree nodes, we were leaving them on the freeable list - unlocked - allowing them to be reclaimed: ouch. Additionally, bch2_btree_node_free_never_used() -> bch2_btree_node_hash_remove was putting it on the freelist, while bch2_btree_node_free_never_used() was putting it back on the btree update reserve list - ouch. Originally, the code was written to always keep btree nodes on a list - live or freeable - and this worked when new nodes were kept locked. But now with the cycle detector, we can't keep nodes locked that aren't tracked by the cycle detector; and this is fine as long as they're not reachable. We also have better and more robust leak detection now, with memory allocation profiling, so the original justification no longer applies. Signed-off-by: Kent Overstreet commit 9bb33852f5cc145b17d96f3792ff69148a37e1fd Author: Hongbo Li Date: Tue Oct 29 20:53:29 2024 +0800 bcachefs: check the invalid parameter for perf test The perf_test does not check the number of iterations and threads when it is zero. If nr_thread is 0, the perf test will keep waiting for wakekup. If iteration is 0, it will cause exception of division by zero. This can be reproduced by: echo "rand_insert 0 1" > /sys/fs/bcachefs/${uuid}/perf_test or echo "rand_insert 1 0" > /sys/fs/bcachefs/${uuid}/perf_test Fixes: 1c6fdbd8f246 ("bcachefs: Initial commit") Signed-off-by: Hongbo Li Signed-off-by: Kent Overstreet commit 93d53f1caf2cf861d0f28d096792d3b92efae178 Author: Pei Xiao Date: Wed Oct 30 15:48:01 2024 +0800 bcachefs: add check NULL return of bio_kmalloc in journal_read_bucket bio_kmalloc may return NULL, will cause NULL pointer dereference. Add check NULL return for bio_kmalloc in journal_read_bucket. Signed-off-by: Pei Xiao Fixes: ac10a9611d87 ("bcachefs: Some fixes for building in userspace") Signed-off-by: Kent Overstreet commit ef4f6c322bf4ca8e6d050cd0667a9447b8cbe212 Author: Kent Overstreet Date: Thu Oct 31 03:33:36 2024 -0400 bcachefs: Ensure BCH_FS_may_go_rw is set before exiting recovery If BCH_FS_may_go_rw is not yet set, it indicates to the transaction commit path that updates should be done via the list of journal replay keys. This must be set before multithreaded use commences. Signed-off-by: Kent Overstreet commit cec136d348e037ea5b6a463164454d6d0174d92f Author: Kent Overstreet Date: Thu Oct 31 02:50:55 2024 -0400 bcachefs: Fix topology errors on split after merge If a btree split picks a pivot that's being deleted by a btree node merge, we're going to have problems. Fix this by checking if the pivot is being deleted, the same as we check for deletions in journal replay keys. Found by single_devic.ktest small_nodes. Signed-off-by: Kent Overstreet commit d335bb3fd3a4102f325ef8a353efc3d2fb523f55 Author: Kent Overstreet Date: Thu Oct 31 02:36:21 2024 -0400 bcachefs: Ancient versions with bad bkey_formats are no longer supported Syzbot found an assertion pop, by generating an ancient filesystem version with an invalid bkey_format (with fields that can overflow) as well as packed keys that aren't representable unpacked. This breaks key comparisons in all sorts of painful ways. Filesystems have been automatically rewriting nodes with such invalid formats for years; we can safely drop support for them. Reported-by: syzbot+8a0109511de9d4b61217@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet commit 72acab3a7c5aee76451fa6054e9608026476a971 Author: Kent Overstreet Date: Sun Oct 27 18:25:30 2024 -0400 bcachefs: Fix error handling in bch2_btree_node_prefetch() Signed-off-by: Kent Overstreet commit fd00045f383f51b66a7a46084a0e92b8de563157 Author: Kent Overstreet Date: Sun Oct 27 20:40:20 2024 -0400 bcachefs: Fix null ptr deref in bucket_gen_get() bucket_gen() checks if we're lookup up a valid bucket and returns NULL otherwise, but bucket_gen_get() was failing to check; other callers were correct. Also do a bit of cleanup on callers. Signed-off-by: Kent Overstreet commit 55d42a0c3f9ccd07c199e0ddbe1ba87572d30074 Author: Jakub Kicinski Date: Tue Nov 5 17:52:35 2024 -0800 selftests: net: add a test for closing a netlink socket ith dump in progress Close a socket with dump in progress. We need a dump which generates enough info not to fit into a single skb. Policy dump fits the bill. Use the trick discovered by syzbot for keeping a ref on the socket longer than just close, with mqueue. TAP version 13 1..3 # Starting 3 tests from 1 test cases. # RUN global.test_sanity ... # OK global.test_sanity ok 1 global.test_sanity # RUN global.close_in_progress ... # OK global.close_in_progress ok 2 global.close_in_progress # RUN global.close_with_ref ... # OK global.close_with_ref ok 3 global.close_with_ref # PASSED: 3 / 3 tests passed. # Totals: pass:3 fail:0 xfail:0 xpass:0 skip:0 error:0 Note that this test is not expected to fail but rather crash the kernel if we get the cleanup wrong. Reviewed-by: Kuniyuki Iwashima Link: https://patch.msgid.link/20241106015235.2458807-2-kuba@kernel.org Signed-off-by: Jakub Kicinski commit 1904fb9ebf911441f90a68e96b22aa73e4410505 Author: Jakub Kicinski Date: Tue Nov 5 17:52:34 2024 -0800 netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - (optional) kicks off the dumping process - dump - actual dump helper, keeps getting called until it returns 0 - done - (optional) pairs with .start, can be used for cleanup The whole process is asynchronous and the repeated calls to .dump don't actually happen in a tight loop, but rather are triggered in response to recvmsg() on the socket. This gives the user full control over the dump, but also means that the user can close the socket without getting to the end of the dump. To make sure .start is always paired with .done we check if there is an ongoing dump before freeing the socket, and if so call .done. The complication is that sockets can get freed from BH and .done is allowed to sleep. So we use a workqueue to defer the call, when needed. Unfortunately this does not work correctly. What we defer is not the cleanup but rather releasing a reference on the socket. We have no guarantee that we own the last reference, if someone else holds the socket they may release it in BH and we're back to square one. The whole dance, however, appears to be unnecessary. Only the user can interact with dumps, so we can clean up when socket is closed. And close always happens in process context. Some async code may still access the socket after close, queue notification skbs to it etc. but no dumps can start, end or otherwise make progress. Delete the workqueue and flush the dump state directly from the release handler. Note that further cleanup is possible in -next, for instance we now always call .done before releasing the main module reference, so dump doesn't have to take a reference of its own. Reported-by: syzkaller Fixes: ed5d7788a934 ("netlink: Do not schedule work from sk_destruct") Reviewed-by: Kuniyuki Iwashima Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20241106015235.2458807-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit bfc64d9b7e8cac82be6b8629865e137d962578f8 Merge: 80fb25341631b7 71712cf519faee Author: Linus Torvalds Date: Thu Nov 7 11:07:57 2024 -1000 Merge tag 'net-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from Jakub Kicinski: "Including fixes from can and netfilter. Things are slowing down quite a bit, mostly driver fixes here. No known ongoing investigations. Current release - new code bugs: - eth: ti: am65-cpsw: - fix multi queue Rx on J7 - fix warning in am65_cpsw_nuss_remove_rx_chns() Previous releases - regressions: - mptcp: do not require admin perm to list endpoints, got missed in a refactoring - mptcp: use sock_kfree_s instead of kfree Previous releases - always broken: - sctp: properly validate chunk size in sctp_sf_ootb() fix OOB access - virtio_net: make RSS interact properly with queue number - can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation - can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing configuration when switching CAN modes Misc: - revert earlier hns3 fixes, they were ignoring IOMMU abstractions and need to be reworked - can: {cc770,sja1000}_isa: allow building on x86_64" * tag 'net-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (42 commits) drivers: net: ionic: add missed debugfs cleanup to ionic_probe() error path net/smc: do not leave a dangling sk pointer in __smc_create() rxrpc: Fix missing locking causing hanging calls net/smc: Fix lookup of netdev by using ib_device_get_netdev() net: arc: rockchip: fix emac mdio node support net: arc: fix the device for dma_map_single/dma_unmap_single virtio_net: Update rss when set queue virtio_net: Sync rss config to device when virtnet_probe virtio_net: Add hash_key_length check virtio_net: Support dynamic rss indirection table size netfilter: nf_tables: wait for rcu grace period on net_device removal net: stmmac: Fix unbalanced IRQ wake disable warning on single irq case net: vertexcom: mse102x: Fix possible double free of TX skb mptcp: use sock_kfree_s instead of kfree mptcp: no admin perm to list endpoints net: phy: ti: add PHY_RST_AFTER_CLK_EN flag net: ethernet: ti: am65-cpsw: fix warning in am65_cpsw_nuss_remove_rx_chns() net: ethernet: ti: am65-cpsw: Fix multi queue Rx on J7 net: hns3: fix kernel crash when uninstalling driver Revert "Merge branch 'there-are-some-bugfix-for-the-hns3-ethernet-driver'" ... commit 52ff8e91f916fa05dd47b5c30afa3286c30db444 Merge: d0c6cc6c6a6164 6d1c69945ce63a Author: Jens Axboe Date: Thu Nov 7 13:57:12 2024 -0700 Merge tag 'nvme-6.12-2024-11-07' of git://git.infradead.org/nvme into block-6.12 Pull NVMe fix from Keith: "nvme fix for Linux 6.13 - Use correct list traversal for srcu lists (Breno)" * tag 'nvme-6.12-2024-11-07' of git://git.infradead.org/nvme: nvme/host: Fix RCU list traversal to use SRCU primitive commit 71712cf519faeed529549a79559c06c7fc250a15 Author: Wentao Liang Date: Thu Nov 7 10:17:56 2024 +0800 drivers: net: ionic: add missed debugfs cleanup to ionic_probe() error path The ionic_setup_one() creates a debugfs entry for ionic upon successful execution. However, the ionic_probe() does not release the dentry before returning, resulting in a memory leak. To fix this bug, we add the ionic_debugfs_del_dev() to release the resources in a timely manner before returning. Fixes: 0de38d9f1dba ("ionic: extract common bits from ionic_probe") Signed-off-by: Wentao Liang Acked-by: Shannon Nelson Link: https://patch.msgid.link/20241107021756.1677-1-liangwentao@iscas.ac.cn Signed-off-by: Jakub Kicinski commit d293958a8595ba566fb90b99da4d6263e14fee15 Author: Eric Dumazet Date: Wed Nov 6 22:19:22 2024 +0000 net/smc: do not leave a dangling sk pointer in __smc_create() Thanks to commit 4bbd360a5084 ("socket: Print pf->create() when it does not clear sock->sk on failure."), syzbot found an issue with AF_SMC: smc_create must clear sock->sk on failure, family: 43, type: 1, protocol: 0 WARNING: CPU: 0 PID: 5827 at net/socket.c:1565 __sock_create+0x96f/0xa30 net/socket.c:1563 Modules linked in: CPU: 0 UID: 0 PID: 5827 Comm: syz-executor259 Not tainted 6.12.0-rc6-next-20241106-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 RIP: 0010:__sock_create+0x96f/0xa30 net/socket.c:1563 Code: 03 00 74 08 4c 89 e7 e8 4f 3b 85 f8 49 8b 34 24 48 c7 c7 40 89 0c 8d 8b 54 24 04 8b 4c 24 0c 44 8b 44 24 08 e8 32 78 db f7 90 <0f> 0b 90 90 e9 d3 fd ff ff 89 e9 80 e1 07 fe c1 38 c1 0f 8c ee f7 RSP: 0018:ffffc90003e4fda0 EFLAGS: 00010246 RAX: 099c6f938c7f4700 RBX: 1ffffffff1a595fd RCX: ffff888034823c00 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 00000000ffffffe9 R08: ffffffff81567052 R09: 1ffff920007c9f50 R10: dffffc0000000000 R11: fffff520007c9f51 R12: ffffffff8d2cafe8 R13: 1ffffffff1a595fe R14: ffffffff9a789c40 R15: ffff8880764298c0 FS: 000055557b518380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fa62ff43225 CR3: 0000000031628000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: sock_create net/socket.c:1616 [inline] __sys_socket_create net/socket.c:1653 [inline] __sys_socket+0x150/0x3c0 net/socket.c:1700 __do_sys_socket net/socket.c:1714 [inline] __se_sys_socket net/socket.c:1712 [inline] For reference, see commit 2d859aff775d ("Merge branch 'do-not-leave-dangling-sk-pointers-in-pf-create-functions'") Fixes: d25a92ccae6b ("net/smc: Introduce IPPROTO_SMC") Signed-off-by: Eric Dumazet Cc: Ignat Korchagin Cc: D. Wythe Cc: Dust Li Reviewed-by: Kuniyuki Iwashima Reviewed-by: Wenjia Zhang Link: https://patch.msgid.link/20241106221922.1544045-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit fc9de52de38f656399d2ce40f7349a6b5f86e787 Author: David Howells Date: Wed Nov 6 13:03:22 2024 +0000 rxrpc: Fix missing locking causing hanging calls If a call gets aborted (e.g. because kafs saw a signal) between it being queued for connection and the I/O thread picking up the call, the abort will be prioritised over the connection and it will be removed from local->new_client_calls by rxrpc_disconnect_client_call() without a lock being held. This may cause other calls on the list to disappear if a race occurs. Fix this by taking the client_call_lock when removing a call from whatever list its ->wait_link happens to be on. Signed-off-by: David Howells cc: linux-afs@lists.infradead.org Reported-by: Marc Dionne Fixes: 9d35d880e0e4 ("rxrpc: Move client call connection to the I/O thread") Link: https://patch.msgid.link/726660.1730898202@warthog.procyon.org.uk Signed-off-by: Jakub Kicinski commit de88df01796b309903b70888fbdf2b89607e3a6a Author: Wenjia Zhang Date: Wed Nov 6 09:26:12 2024 +0100 net/smc: Fix lookup of netdev by using ib_device_get_netdev() The SMC-R variant of the SMC protocol used direct call to function ib_device_ops.get_netdev() to lookup netdev. As we used mlx5 device driver to run SMC-R, it failed to find a device, because in mlx5_ib the internal net device management for retrieving net devices was replaced by a common interface ib_device_get_netdev() in commit 8d159eb2117b ("RDMA/mlx5: Use IB set_netdev and get_netdev functions"). Since such direct accesses to the internal net device management is not recommended at all, update the SMC-R code to use proper API ib_device_get_netdev(). Fixes: 54903572c23c ("net/smc: allow pnetid-less configuration") Reported-by: Aswin K Reviewed-by: Gerd Bayer Reviewed-by: Halil Pasic Reviewed-by: Simon Horman Reviewed-by: Dust Li Reviewed-by: Wen Gu Reviewed-by: Zhu Yanjun Reviewed-by: D. Wythe Signed-off-by: Wenjia Zhang Reviewed-by: Leon Romanovsky Link: https://patch.msgid.link/20241106082612.57803-1-wenjia@linux.ibm.com Signed-off-by: Jakub Kicinski commit 80fb25341631b75f57b84f99cc35b95ca2aad329 Merge: 84b9749a3a704d 517fb4d77c44c7 Author: Linus Torvalds Date: Thu Nov 7 07:41:34 2024 -1000 Merge tag 'pwm/for-6.12-rc7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/ukleinek/linux Pull pwm fix from Uwe Kleine-König: "Fix period setting in imx-tpm driver and a maintainer update Erik Schumacher found and fixed a problem in the calculation of the PWM period setting yielding too long periods. Trevor Gamblin - who already cared about mainlining the pwm-axi-pwmgen driver - stepped forward as an additional reviewer. Thanks to Erik and Trevor" * tag 'pwm/for-6.12-rc7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/ukleinek/linux: MAINTAINERS: add self as reviewer for AXI PWM GENERATOR pwm: imx-tpm: Use correct MODULO value for EPWM mode commit 84b9749a3a704dcc824a88aa8267247c801d51e4 Author: David Wang <00107082@163.com> Date: Wed Nov 6 10:12:28 2024 +0800 proc/softirqs: replace seq_printf with seq_put_decimal_ull_width seq_printf is costy, on a system with n CPUs, reading /proc/softirqs would yield 10*n decimal values, and the extra cost parsing format string grows linearly with number of cpus. Replace seq_printf with seq_put_decimal_ull_width have significant performance improvement. On an 8CPUs system, reading /proc/softirqs show ~40% performance gain with this patch. Signed-off-by: David Wang <00107082@163.com> Signed-off-by: Linus Torvalds commit f432a1621f049bb207e78363d9d0e3c6fa2da5db Author: Jann Horn Date: Tue Nov 5 00:17:13 2024 +0100 drm/panthor: Be stricter about IO mapping flags The current panthor_device_mmap_io() implementation has two issues: 1. For mapping DRM_PANTHOR_USER_FLUSH_ID_MMIO_OFFSET, panthor_device_mmap_io() bails if VM_WRITE is set, but does not clear VM_MAYWRITE. That means userspace can use mprotect() to make the mapping writable later on. This is a classic Linux driver gotcha. I don't think this actually has any impact in practice: When the GPU is powered, writes to the FLUSH_ID seem to be ignored; and when the GPU is not powered, the dummy_latest_flush page provided by the driver is deliberately designed to not do any flushes, so the only thing writing to the dummy_latest_flush could achieve would be to make *more* flushes happen. 2. panthor_device_mmap_io() does not block MAP_PRIVATE mappings (which are mappings without the VM_SHARED flag). MAP_PRIVATE in combination with VM_MAYWRITE indicates that the VMA has copy-on-write semantics, which for VM_PFNMAP are semi-supported but fairly cursed. In particular, in such a mapping, the driver can only install PTEs during mmap() by calling remap_pfn_range() (because remap_pfn_range() wants to **store the physical address of the mapped physical memory into the vm_pgoff of the VMA**); installing PTEs later on with a fault handler (as panthor does) is not supported in private mappings, and so if you try to fault in such a mapping, vmf_insert_pfn_prot() splats when it hits a BUG() check. Fix it by clearing the VM_MAYWRITE flag (userspace writing to the FLUSH_ID doesn't make sense) and requiring VM_SHARED (copy-on-write semantics for the FLUSH_ID don't make sense). Reproducers for both scenarios are in the notes of my patch on the mailing list; I tested that these bugs exist on a Rock 5B machine. Note that I only compile-tested the patch, I haven't tested it; I don't have a working kernel build setup for the test machine yet. Please test it before applying it. Cc: stable@vger.kernel.org Fixes: 5fe909cae118 ("drm/panthor: Add the device logical block") Signed-off-by: Jann Horn Reviewed-by: Boris Brezillon Reviewed-by: Liviu Dudau Reviewed-by: Steven Price Signed-off-by: Steven Price Link: https://patchwork.freedesktop.org/patch/msgid/20241105-panthor-flush-page-fixes-v1-1-829aaf37db93@google.com commit 013d2c5c6b18db7cc5c8bd7348081ccce7302f30 Merge: 5f897f30f59605 c03d278fdf35e7 Author: Jakub Kicinski Date: Thu Nov 7 08:16:42 2024 -0800 Merge tag 'nf-24-11-07' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf Pablo Neira Ayuso says: ==================== Netfilter fix for net The following series contains a Netfilter fix: 1) Wait for rcu grace period after netdevice removal is reported via event. * tag 'nf-24-11-07' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: netfilter: nf_tables: wait for rcu grace period on net_device removal ==================== Link: https://patch.msgid.link/20241107113212.116634-1-pablo@netfilter.org Signed-off-by: Jakub Kicinski commit 48b86532c10128cf50c854a90c2d5b1410f4012d Author: Jyri Sarha Date: Thu Nov 7 15:28:40 2024 +0200 ASoC: SOF: sof-client-probes-ipc4: Set param_size extension bits Write the size of the optional payload of SOF_IPC4_MOD_INIT_INSTANCE message to extension param_size-bits. The previous IPC4 version does not set these bits that should indicate the size of the optional payload (struct sof_ipc4_probe_cfg). The old firmware side component code works well without these bits, but when the probes are converted to use the generic module API, this does not work anymore. Fixes: f5623593060f ("ASoC: SOF: IPC4: probes: Implement IPC4 ops for probes client device") Signed-off-by: Jyri Sarha Reviewed-by: Ranjani Sridharan Reviewed-by: Liam Girdwood Reviewed-by: Bard Liao Signed-off-by: Peter Ujfalusi Link: https://patch.msgid.link/20241107132840.17386-1-peter.ujfalusi@linux.intel.com Signed-off-by: Mark Brown commit 444fa5b100e5c90550d6bccfe4476efb0391b3ca Author: Liviu Dudau Date: Wed Nov 6 18:58:06 2024 +0000 drm/panthor: Lock XArray when getting entries for the VM Similar to commit cac075706f29 ("drm/panthor: Fix race when converting group handle to group object") we need to use the XArray's internal locking when retrieving a vm pointer from there. v2: Removed part of the patch that was trying to protect fetching the heap pointer from XArray, as that operation is protected by the @pool->lock. Fixes: 647810ec2476 ("drm/panthor: Add the MMU/VM logical block") Reported-by: Jann Horn Cc: stable@vger.kernel.org Signed-off-by: Liviu Dudau Reviewed-by: Boris Brezillon Reviewed-by: Steven Price Signed-off-by: Steven Price Link: https://patchwork.freedesktop.org/patch/msgid/20241106185806.389089-1-liviu.dudau@arm.com commit 052ef642bd6c108a24f375f9ad174b97b425a50b Author: Hans de Goede Date: Sun Aug 25 15:21:31 2024 +0200 drm: panel-orientation-quirks: Make Lenovo Yoga Tab 3 X90F DMI match less strict There are 2G and 4G RAM versions of the Lenovo Yoga Tab 3 X90F and it turns out that the 2G version has a DMI product name of "CHERRYVIEW D1 PLATFORM" where as the 4G version has "CHERRYVIEW C0 PLATFORM". The sys-vendor + product-version check are unique enough that the product-name check is not necessary. Drop the product-name check so that the existing DMI match for the 4G RAM version also matches the 2G RAM version. Signed-off-by: Hans de Goede Acked-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240825132131.6643-1-hdegoede@redhat.com commit 0c08402f64729e7ce5d082c4d04b4f20b7cf247f Merge: 7dd08a0b419308 bd646c768a934d Author: Greg Kroah-Hartman Date: Thu Nov 7 16:11:57 2024 +0100 Merge tag 'thunderbolt-for-v6.12-rc7' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/westeri/thunderbolt into usb-linus thunderbolt: Fixes for v6.12-rc7 This includes following USB4/Thunderbolt fixes for v6.12-rc7: - Fix for retimer enumeration. - Fix connection issue with Pluggable UD-4VPD USB4 dock. Both have been in linux-next with no reported issues. * tag 'thunderbolt-for-v6.12-rc7' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/westeri/thunderbolt: thunderbolt: Fix connection issue with Pluggable UD-4VPD dock thunderbolt: Add only on-board retimers when !CONFIG_USB4_DEBUGFS_MARGINING commit bb1fb40f8beb45a3733118780a3da24fb071a2e9 Author: Chuck Lever Date: Wed Nov 6 16:55:05 2024 -0500 NFSD: Fix READDIR on NFSv3 mounts of ext4 exports I noticed that recently, simple operations like "make" started failing on NFSv3 mounts of ext4 exports. Network capture shows that READDIRPLUS operated correctly but READDIR failed with NFS3ERR_INVAL. The vfs_llseek() call returned EINVAL when it is passed a non-zero starting directory cookie. I bisected to commit c689bdd3bffa ("nfsd: further centralize protocol version checks."). Turns out that nfsd3_proc_readdir() does not call fh_verify() before it calls nfsd_readdir(), so the new fhp->fh_64bit_cookies boolean is not set properly. This leaves the NFSD_MAY_64BIT_COOKIE unset when the directory is opened. For ext4, this causes the wrong "max file size" value to be used when sanity checking the incoming directory cookie (which is a seek offset value). The fhp->fh_64bit_cookies boolean is /always/ properly initialized after nfsd_open() returns. There doesn't seem to be a reason for the generic NFSD open helper to handle the f_mode fix-up for directories, so just move that to the one caller that tries to open an S_IFDIR with NFSD_MAY_64BIT_COOKIE. Suggested-by: NeilBrown Fixes: c689bdd3bffa ("nfsd: further centralize protocol version checks.") Reviewed-by: NeilBrown Signed-off-by: Chuck Lever commit 23569c8b314925bdb70dd1a7b63cfe6100868315 Author: Luo Yifan Date: Thu Nov 7 09:59:36 2024 +0800 ASoC: stm: Prevent potential division by zero in stm32_sai_get_clk_div() This patch checks if div is less than or equal to zero (div <= 0). If div is zero or negative, the function returns -EINVAL, ensuring the division operation is safe to perform. Signed-off-by: Luo Yifan Reviewed-by: Olivier Moysan Link: https://patch.msgid.link/20241107015936.211902-1-luoyifan@cmss.chinamobile.com Signed-off-by: Mark Brown commit 63c1c87993e0e5bb11bced3d8224446a2bc62338 Author: Luo Yifan Date: Wed Nov 6 09:46:54 2024 +0800 ASoC: stm: Prevent potential division by zero in stm32_sai_mclk_round_rate() This patch checks if div is less than or equal to zero (div <= 0). If div is zero or negative, the function returns -EINVAL, ensuring the division operation (*prate / div) is safe to perform. Signed-off-by: Luo Yifan Link: https://patch.msgid.link/20241106014654.206860-1-luoyifan@cmss.chinamobile.com Signed-off-by: Mark Brown commit 8c21e40e1e481f7fef6e570089e317068b972c45 Author: Markus Petri Date: Thu Nov 7 10:40:20 2024 +0100 ASoC: amd: yc: Support dmic on another model of Lenovo Thinkpad E14 Gen 6 Another model of Thinkpad E14 Gen 6 (21M4) needs a quirk entry for the dmic to be detected. Signed-off-by: Markus Petri Link: https://patch.msgid.link/20241107094020.1050935-1-mp@localhost Signed-off-by: Mark Brown commit 5f897f30f596053499782f5f3c597ea285997765 Merge: 5d182f711ecc80 0a1c7a7b0adbf5 Author: Paolo Abeni Date: Thu Nov 7 13:39:43 2024 +0100 Merge branch 'fix-the-arc-emac-driver' Andy Yan says: ==================== Fix the arc emac driver The arc emac driver was broken for a long time, The first broken happens when a dma releated fix introduced in Linux 5.10. The second broken happens when a emac device tree node restyle introduced in Linux 6.1. These two patches are try to make the arc emac work again. Changes in v2: - Add cover letter. - Add fix tag. - Add more detail explaination. ==================== Link: https://patch.msgid.link/20241104130147.440125-1-andyshrk@163.com Signed-off-by: Paolo Abeni commit 0a1c7a7b0adbf595ce7f218609db53749e966573 Author: Johan Jonker Date: Mon Nov 4 21:01:39 2024 +0800 net: arc: rockchip: fix emac mdio node support The binding emac_rockchip.txt is converted to YAML. Changed against the original binding is an added MDIO subnode. This make the driver failed to find the PHY, and given the 'mdio has invalid PHY address' it is probably looking in the wrong node. Fix emac_mdio.c so that it can handle both old and new device trees. Fixes: 1dabb74971b3 ("ARM: dts: rockchip: restyle emac nodes") Signed-off-by: Johan Jonker Tested-by: Andy Yan Link: https://lore.kernel.org/r/20220603163539.537-3-jbx6244@gmail.com Signed-off-by: Andy Yan Reviewed-by: Andrew Lunn Signed-off-by: Paolo Abeni commit 71803c1dfa29e0d13b99e48fda11107cc8caebc7 Author: Johan Jonker Date: Mon Nov 4 21:01:38 2024 +0800 net: arc: fix the device for dma_map_single/dma_unmap_single The ndev->dev and pdev->dev aren't the same device, use ndev->dev.parent which has dma_mask, ndev->dev.parent is just pdev->dev. Or it would cause the following issue: [ 39.933526] ------------[ cut here ]------------ [ 39.938414] WARNING: CPU: 1 PID: 501 at kernel/dma/mapping.c:149 dma_map_page_attrs+0x90/0x1f8 Fixes: f959dcd6ddfd ("dma-direct: Fix potential NULL pointer dereference") Signed-off-by: David Wu Signed-off-by: Johan Jonker Signed-off-by: Andy Yan Signed-off-by: Paolo Abeni commit 702a47ce6dde72f6e247b3c3c00a0fc521f9b1c6 Author: Tudor Ambarus Date: Wed Nov 6 12:18:02 2024 +0000 media: videobuf2-core: copy vb planes unconditionally Copy the relevant data from userspace to the vb->planes unconditionally as it's possible some of the fields may have changed after the buffer has been validated. Keep the dma_buf_put(planes[plane].dbuf) calls in the first `if (!reacquired)` case, in order to be close to the plane validation code where the buffers were got in the first place. Cc: stable@vger.kernel.org Fixes: 95af7c00f35b ("media: videobuf2-core: release all planes first in __prepare_dmabuf()") Signed-off-by: Tudor Ambarus Tested-by: Will McVicker Acked-by: Tomasz Figa Signed-off-by: Hans Verkuil commit 5d182f711ecc80b085f73c7bdd49fc65c886ac69 Merge: 25d70702142ac2 50bfcaedd78e53 Author: Paolo Abeni Date: Thu Nov 7 12:40:20 2024 +0100 Merge branch 'virtio_net-make-rss-interact-properly-with-queue-number' Philo Lu says: ==================== virtio_net: Make RSS interact properly with queue number With this patch set, RSS updates with queue_pairs changing: - When virtnet_probe, init default rss and commit - When queue_pairs changes _without_ user rss configuration, update rss with the new queue number - When queue_pairs changes _with_ user rss configuration, keep rss as user configured Patch 1 and 2 fix possible out of bound errors for indir_table and key. Patch 3 and 4 add RSS update in probe() and set_queues(). ==================== Link: https://patch.msgid.link/20241104085706.13872-1-lulie@linux.alibaba.com Signed-off-by: Paolo Abeni commit 50bfcaedd78e53135ec0504302269b3b65bf1eff Author: Philo Lu Date: Mon Nov 4 16:57:06 2024 +0800 virtio_net: Update rss when set queue RSS configuration should be updated with queue number. In particular, it should be updated when (1) rss enabled and (2) default rss configuration is used without user modification. During rss command processing, device updates queue_pairs using rss.max_tx_vq. That is, the device updates queue_pairs together with rss, so we can skip the sperate queue_pairs update (VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET below) and return directly. Also remove the `vi->has_rss ?` check when setting vi->rss.max_tx_vq, because this is not used in the other hash_report case. Fixes: c7114b1249fa ("drivers/net/virtio_net: Added basic RSS support.") Signed-off-by: Philo Lu Signed-off-by: Xuan Zhuo Acked-by: Michael S. Tsirkin Signed-off-by: Paolo Abeni commit dc749b7b06082ccaacc602e724445da19cd03e9f Author: Philo Lu Date: Mon Nov 4 16:57:05 2024 +0800 virtio_net: Sync rss config to device when virtnet_probe During virtnet_probe, default rss configuration is initialized, but was not committed to the device. This patch fix this by sending rss command after device ready in virtnet_probe. Otherwise, the actual rss configuration used by device can be different with that read by user from driver, which may confuse the user. If the command committing fails, driver rss will be disabled. Fixes: c7114b1249fa ("drivers/net/virtio_net: Added basic RSS support.") Signed-off-by: Philo Lu Signed-off-by: Xuan Zhuo Acked-by: Joe Damato Acked-by: Michael S. Tsirkin Signed-off-by: Paolo Abeni commit 3f7d9c1964fcd16d02a8a9d4fd6f6cb60c4cc530 Author: Philo Lu Date: Mon Nov 4 16:57:04 2024 +0800 virtio_net: Add hash_key_length check Add hash_key_length check in virtnet_probe() to avoid possible out of bound errors when setting/reading the hash key. Fixes: c7114b1249fa ("drivers/net/virtio_net: Added basic RSS support.") Signed-off-by: Philo Lu Signed-off-by: Xuan Zhuo Acked-by: Joe Damato Acked-by: Michael S. Tsirkin Signed-off-by: Paolo Abeni commit 86a48a00efdf61197b6658e52c6140463eb313dc Author: Philo Lu Date: Mon Nov 4 16:57:03 2024 +0800 virtio_net: Support dynamic rss indirection table size When reading/writing virtio_net_ctrl_rss, we get the indirection table size from vi->rss_indir_table_size, which is initialized in virtnet_probe(). However, the actual size of indirection_table was set as VIRTIO_NET_RSS_MAX_TABLE_LEN=128. This collision may cause issues if the vi->rss_indir_table_size exceeds 128. This patch instead uses dynamic indirection table, allocated with vi->rss after vi->rss_indir_table_size initialized. And free it in virtnet_remove(). In virtnet_commit_rss_command(), sgs for rss is initialized differently with hash_report. So indirection_table is not used if !vi->has_rss, and then we don't need to alloc indirection_table for hash_report only uses. Fixes: c7114b1249fa ("drivers/net/virtio_net: Added basic RSS support.") Signed-off-by: Philo Lu Signed-off-by: Xuan Zhuo Acked-by: Joe Damato Acked-by: Michael S. Tsirkin Signed-off-by: Paolo Abeni commit c03d278fdf35e73dd0ec543b9b556876b9d9a8dc Author: Pablo Neira Ayuso Date: Tue Nov 5 12:07:22 2024 +0100 netfilter: nf_tables: wait for rcu grace period on net_device removal 8c873e219970 ("netfilter: core: free hooks with call_rcu") removed synchronize_net() call when unregistering basechain hook, however, net_device removal event handler for the NFPROTO_NETDEV was not updated to wait for RCU grace period. Note that 835b803377f5 ("netfilter: nf_tables_netdev: unregister hooks on net_device removal") does not remove basechain rules on device removal, I was hinted to remove rules on net_device removal later, see 5ebe0b0eec9d ("netfilter: nf_tables: destroy basechain and rules on netdevice removal"). Although NETDEV_UNREGISTER event is guaranteed to be handled after synchronize_net() call, this path needs to wait for rcu grace period via rcu callback to release basechain hooks if netns is alive because an ongoing netlink dump could be in progress (sockets hold a reference on the netns). Note that nf_tables_pre_exit_net() unregisters and releases basechain hooks but it is possible to see NETDEV_UNREGISTER at a later stage in the netns exit path, eg. veth peer device in another netns: cleanup_net() default_device_exit_batch() unregister_netdevice_many_notify() notifier_call_chain() nf_tables_netdev_event() __nft_release_basechain() In this particular case, same rule of thumb applies: if netns is alive, then wait for rcu grace period because netlink dump in the other netns could be in progress. Otherwise, if the other netns is going away then no netlink dump can be in progress and basechain hooks can be released inmediately. While at it, turn WARN_ON() into WARN_ON_ONCE() for the basechain validation, which should not ever happen. Fixes: 835b803377f5 ("netfilter: nf_tables_netdev: unregister hooks on net_device removal") Signed-off-by: Pablo Neira Ayuso commit 81235ae0c846e1fb46a2c6fe9283fe2b2b24f7dc Author: Mark Rutland Date: Wed Nov 6 16:42:20 2024 +0000 arm64: Kconfig: Make SME depend on BROKEN for now Although support for SME was merged in v5.19, we've since uncovered a number of issues with the implementation, including issues which might corrupt the FPSIMD/SVE/SME state of arbitrary tasks. While there are patches to address some of these issues, ongoing review has highlighted additional functional problems, and more time is necessary to analyse and fix these. For now, mark SME as BROKEN in the hope that we can fix things properly in the near future. As SME is an OPTIONAL part of ARMv9.2+, and there is very little extant hardware, this should not adversely affect the vast majority of users. Signed-off-by: Mark Rutland Cc: Ard Biesheuvel Cc: Catalin Marinas Cc: Marc Zyngier Cc: Mark Brown Cc: Will Deacon Cc: stable@vger.kernel.org # 5.19 Acked-by: Catalin Marinas Link: https://lore.kernel.org/r/20241106164220.2789279-1-mark.rutland@arm.com Signed-off-by: Will Deacon commit 8c462d56487e3abdbf8a61cedfe7c795a54f4a78 Author: Mark Rutland Date: Wed Nov 6 16:04:48 2024 +0000 arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint SMCCCv1.3 added a hint bit which callers can set in an SMCCC function ID (AKA "FID") to indicate that it is acceptable for the SMCCC implementation to discard SVE and/or SME state over a specific SMCCC call. The kernel support for using this hint is broken and SMCCC calls may clobber the SVE and/or SME state of arbitrary tasks, though FPSIMD state is unaffected. The kernel support is intended to use the hint when there is no SVE or SME state to save, and to do this it checks whether TIF_FOREIGN_FPSTATE is set or TIF_SVE is clear in assembly code: | ldr , [, #TSK_TI_FLAGS] | tbnz , #TIF_FOREIGN_FPSTATE, 1f // Any live FP state? | tbnz , #TIF_SVE, 2f // Does that state include SVE? | | 1: orr , , ARM_SMCCC_1_3_SVE_HINT | 2: | << SMCCC call using FID >> This is not safe as-is: (1) SMCCC calls can be made in a preemptible context and preemption can result in TIF_FOREIGN_FPSTATE being set or cleared at arbitrary points in time. Thus checking for TIF_FOREIGN_FPSTATE provides no guarantee. (2) TIF_FOREIGN_FPSTATE only indicates that the live FP/SVE/SME state in the CPU does not belong to the current task, and does not indicate that clobbering this state is acceptable. When the live CPU state is clobbered it is necessary to update fpsimd_last_state.st to ensure that a subsequent context switch will reload FP/SVE/SME state from memory rather than consuming the clobbered state. This and the SMCCC call itself must happen in a critical section with preemption disabled to avoid races. (3) Live SVE/SME state can exist with TIF_SVE clear (e.g. with only TIF_SME set), and checking TIF_SVE alone is insufficient. Remove the broken support for the SMCCCv1.3 SVE saving hint. This is effectively a revert of commits: * cfa7ff959a78 ("arm64: smccc: Support SMCCC v1.3 SVE register saving hint") * a7c3acca5380 ("arm64: smccc: Save lr before calling __arm_smccc_sve_check()") ... leaving behind the ARM_SMCCC_VERSION_1_3 and ARM_SMCCC_1_3_SVE_HINT definitions, since these are simply definitions from the SMCCC specification, and the latter is used in KVM via ARM_SMCCC_CALL_HINTS. If we want to bring this back in future, we'll probably want to handle this logic in C where we can use all the usual FPSIMD/SVE/SME helper functions, and that'll likely require some rework of the SMCCC code and/or its callers. Fixes: cfa7ff959a78 ("arm64: smccc: Support SMCCC v1.3 SVE register saving hint") Signed-off-by: Mark Rutland Cc: Ard Biesheuvel Cc: Catalin Marinas Cc: Marc Zyngier Cc: Mark Brown Cc: Will Deacon Cc: stable@vger.kernel.org Reviewed-by: Mark Brown Link: https://lore.kernel.org/r/20241106160448.2712997-1-mark.rutland@arm.com Signed-off-by: Will Deacon commit 25d70702142ac2115e75e01a0a985c6ea1d78033 Author: Nícolas F. R. A. Prado Date: Fri Nov 1 17:17:29 2024 -0400 net: stmmac: Fix unbalanced IRQ wake disable warning on single irq case Commit a23aa0404218 ("net: stmmac: ethtool: Fixed calltrace caused by unbalanced disable_irq_wake calls") introduced checks to prevent unbalanced enable and disable IRQ wake calls. However it only initialized the auxiliary variable on one of the paths, stmmac_request_irq_multi_msi(), missing the other, stmmac_request_irq_single(). Add the same initialization on stmmac_request_irq_single() to prevent "Unbalanced IRQ wake disable" warnings from being printed the first time disable_irq_wake() is called on platforms that run on that code path. Fixes: a23aa0404218 ("net: stmmac: ethtool: Fixed calltrace caused by unbalanced disable_irq_wake calls") Signed-off-by: Nícolas F. R. A. Prado Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241101-stmmac-unbalanced-wake-single-fix-v1-1-5952524c97f0@collabora.com Signed-off-by: Paolo Abeni commit 1f26339b2ed63d1e8e18a18674fb73a392f3660e Author: Stefan Wahren Date: Tue Nov 5 17:31:01 2024 +0100 net: vertexcom: mse102x: Fix possible double free of TX skb The scope of the TX skb is wider than just mse102x_tx_frame_spi(), so in case the TX skb room needs to be expanded, we should free the the temporary skb instead of the original skb. Otherwise the original TX skb pointer would be freed again in mse102x_tx_work(), which leads to crashes: Internal error: Oops: 0000000096000004 [#2] PREEMPT SMP CPU: 0 PID: 712 Comm: kworker/0:1 Tainted: G D 6.6.23 Hardware name: chargebyte Charge SOM DC-ONE (DT) Workqueue: events mse102x_tx_work [mse102x] pstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : skb_release_data+0xb8/0x1d8 lr : skb_release_data+0x1ac/0x1d8 sp : ffff8000819a3cc0 x29: ffff8000819a3cc0 x28: ffff0000046daa60 x27: ffff0000057f2dc0 x26: ffff000005386c00 x25: 0000000000000002 x24: 00000000ffffffff x23: 0000000000000000 x22: 0000000000000001 x21: ffff0000057f2e50 x20: 0000000000000006 x19: 0000000000000000 x18: ffff00003fdacfcc x17: e69ad452d0c49def x16: 84a005feff870102 x15: 0000000000000000 x14: 000000000000024a x13: 0000000000000002 x12: 0000000000000000 x11: 0000000000000400 x10: 0000000000000930 x9 : ffff00003fd913e8 x8 : fffffc00001bc008 x7 : 0000000000000000 x6 : 0000000000000008 x5 : ffff00003fd91340 x4 : 0000000000000000 x3 : 0000000000000009 x2 : 00000000fffffffe x1 : 0000000000000000 x0 : 0000000000000000 Call trace: skb_release_data+0xb8/0x1d8 kfree_skb_reason+0x48/0xb0 mse102x_tx_work+0x164/0x35c [mse102x] process_one_work+0x138/0x260 worker_thread+0x32c/0x438 kthread+0x118/0x11c ret_from_fork+0x10/0x20 Code: aa1303e0 97fffab6 72001c1f 54000141 (f9400660) Cc: stable@vger.kernel.org Fixes: 2f207cbf0dd4 ("net: vertexcom: Add MSE102x SPI support") Signed-off-by: Stefan Wahren Link: https://patch.msgid.link/20241105163101.33216-1-wahrenst@gmx.net Signed-off-by: Jakub Kicinski commit 2b084d8205949dd804e279df8e68531da78be1e8 Author: Haisu Wang Date: Fri Oct 25 14:54:40 2024 +0800 btrfs: fix the length of reserved qgroup to free The dealloc flag may be cleared and the extent won't reach the disk in cow_file_range when errors path. The reserved qgroup space is freed in commit 30479f31d44d ("btrfs: fix qgroup reserve leaks in cow_file_range"). However, the length of untouched region to free needs to be adjusted with the correct remaining region size. Fixes: 30479f31d44d ("btrfs: fix qgroup reserve leaks in cow_file_range") CC: stable@vger.kernel.org # 6.11+ Reviewed-by: Qu Wenruo Reviewed-by: Boris Burkov Signed-off-by: Haisu Wang Reviewed-by: David Sterba Signed-off-by: David Sterba commit c9a75ec45f1111ef530ab186c2a7684d0a0c9245 Author: Filipe Manana Date: Mon Nov 4 12:11:15 2024 +0000 btrfs: reinitialize delayed ref list after deleting it from the list At insert_delayed_ref() if we need to update the action of an existing ref to BTRFS_DROP_DELAYED_REF, we delete the ref from its ref head's ref_add_list using list_del(), which leaves the ref's add_list member not reinitialized, as list_del() sets the next and prev members of the list to LIST_POISON1 and LIST_POISON2, respectively. If later we end up calling drop_delayed_ref() against the ref, which can happen during merging or when destroying delayed refs due to a transaction abort, we can trigger a crash since at drop_delayed_ref() we call list_empty() against the ref's add_list, which returns false since the list was not reinitialized after the list_del() and as a consequence we call list_del() again at drop_delayed_ref(). This results in an invalid list access since the next and prev members are set to poison pointers, resulting in a splat if CONFIG_LIST_HARDENED and CONFIG_DEBUG_LIST are set or invalid poison pointer dereferences otherwise. So fix this by deleting from the list with list_del_init() instead. Fixes: 1d57ee941692 ("btrfs: improve delayed refs iterations") CC: stable@vger.kernel.org # 4.19+ Reviewed-by: Johannes Thumshirn Signed-off-by: Filipe Manana Reviewed-by: David Sterba Signed-off-by: David Sterba commit cda7163d4e3d99db93aa38f0e825b8433c7a8452 Author: Qu Wenruo Date: Wed Oct 30 11:25:47 2024 +1030 btrfs: fix per-subvolume RO/RW flags with new mount API [BUG] With util-linux 2.40.2, the 'mount' utility is already utilizing the new mount API. e.g: # strace mount -o subvol=subv1,ro /dev/test/scratch1 /mnt/test/ ... fsconfig(3, FSCONFIG_SET_STRING, "source", "/dev/mapper/test-scratch1", 0) = 0 fsconfig(3, FSCONFIG_SET_STRING, "subvol", "subv1", 0) = 0 fsconfig(3, FSCONFIG_SET_FLAG, "ro", NULL, 0) = 0 fsconfig(3, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = 0 fsmount(3, FSMOUNT_CLOEXEC, 0) = 4 mount_setattr(4, "", AT_EMPTY_PATH, {attr_set=MOUNT_ATTR_RDONLY, attr_clr=0, propagation=0 /* MS_??? */, userns_fd=0}, 32) = 0 move_mount(4, "", AT_FDCWD, "/mnt/test", MOVE_MOUNT_F_EMPTY_PATH) = 0 But this leads to a new problem, that per-subvolume RO/RW mount no longer works, if the initial mount is RO: # mount -o subvol=subv1,ro /dev/test/scratch1 /mnt/test # mount -o rw,subvol=subv2 /dev/test/scratch1 /mnt/scratch # mount | grep mnt /dev/mapper/test-scratch1 on /mnt/test type btrfs (ro,relatime,discard=async,space_cache=v2,subvolid=256,subvol=/subv1) /dev/mapper/test-scratch1 on /mnt/scratch type btrfs (ro,relatime,discard=async,space_cache=v2,subvolid=257,subvol=/subv2) # touch /mnt/scratch/foobar touch: cannot touch '/mnt/scratch/foobar': Read-only file system This is a common use cases on distros. [CAUSE] We have a workaround for remount to handle the RO->RW change, but if the mount is using the new mount API, we do not do that, and rely on the mount tool NOT to set the ro flag. But that's not how the mount tool is doing for the new API: fsconfig(3, FSCONFIG_SET_STRING, "source", "/dev/mapper/test-scratch1", 0) = 0 fsconfig(3, FSCONFIG_SET_STRING, "subvol", "subv1", 0) = 0 fsconfig(3, FSCONFIG_SET_FLAG, "ro", NULL, 0) = 0 <<<< Setting RO flag for super block fsconfig(3, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = 0 fsmount(3, FSMOUNT_CLOEXEC, 0) = 4 mount_setattr(4, "", AT_EMPTY_PATH, {attr_set=MOUNT_ATTR_RDONLY, attr_clr=0, propagation=0 /* MS_??? */, userns_fd=0}, 32) = 0 move_mount(4, "", AT_FDCWD, "/mnt/test", MOVE_MOUNT_F_EMPTY_PATH) = 0 This means we will set the super block RO at the first mount. Later RW mount will not try to reconfigure the fs to RW because the mount tool is already using the new API. This totally breaks the per-subvolume RO/RW mount behavior. [FIX] Do not skip the reconfiguration even if using the new API. The old comments are just expecting any mount tool to properly skip the RO flag set even if we specify "ro", which is not the reality. Update the comments regarding the backward compatibility on the kernel level so it works with old and new mount utilities. CC: stable@vger.kernel.org # 6.8+ Fixes: f044b318675f ("btrfs: handle the ro->rw transition for mounting different subvolumes") Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit 464cb98f1c07298c4c10e714ae0c36338d18d316 Author: Marc Zyngier Date: Wed Nov 6 08:44:18 2024 +0000 irqchip/gic-v3: Force propagation of the active state with a read-back Christoffer reports that on some implementations, writing to GICR_ISACTIVER0 (and similar GICD registers) can race badly with a guest issuing a deactivation of that interrupt via the system register interface. There are multiple reasons to this: - this uses an early write-acknoledgement memory type (nGnRE), meaning that the write may only have made it as far as some interconnect by the time the store is considered "done" - the GIC itself is allowed to buffer the write until it decides to take it into account (as long as it is in finite time) The effects are that the activation may not have taken effect by the time the kernel enters the guest, forcing an immediate exit, or that a guest deactivation occurs before the interrupt is active, doing nothing. In order to guarantee that the write to the ISACTIVER register has taken effect, read back from it, forcing the interconnect to propagate the write, and the GIC to process the write before returning the read. Reported-by: Christoffer Dall Signed-off-by: Marc Zyngier Signed-off-by: Thomas Gleixner Acked-by: Christoffer Dall Cc: stable@vger.kernel.org Link: https://lore.kernel.org/all/20241106084418.3794612-1-maz@kernel.org commit ff7afaeca1a15fbeaa2c4795ee806c0667bd77b2 Merge: f43b1569212990 867da60d463bb2 Author: Linus Torvalds Date: Wed Nov 6 13:09:22 2024 -1000 Merge tag 'nfs-for-6.12-3' of git://git.linux-nfs.org/projects/anna/linux-nfs Pull NFS client fixes from Anna Schumaker: "These are mostly fixes that came up during the nfs bakeathon the other week. Stable Fixes: - Fix KMSAN warning in decode_getfattr_attrs() Other Bugfixes: - Handle -ENOTCONN in xs_tcp_setup_socked() - NFSv3: only use NFS timeout for MOUNT when protocols are compatible - Fix attribute delegation behavior on exclusive create and a/mtime changes - Fix localio to cope with racing nfs_local_probe() - Avoid i_lock contention in fs_clear_invalid_mapping()" * tag 'nfs-for-6.12-3' of git://git.linux-nfs.org/projects/anna/linux-nfs: nfs: avoid i_lock contention in nfs_clear_invalid_mapping nfs_common: fix localio to cope with racing nfs_local_probe() NFS: Further fixes to attribute delegation a/mtime changes NFS: Fix attribute delegation behaviour on exclusive create nfs: Fix KMSAN warning in decode_getfattr_attrs() NFSv3: only use NFS timeout for MOUNT when protocols are compatible sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() commit a4aebaf6e6efff548b01a3dc49b4b9074751c15b Author: Mauro Carvalho Chehab Date: Wed Nov 6 21:50:55 2024 +0100 media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set When CONFIG_DVB_DYNAMIC_MINORS, ret is not initialized, and a semaphore is left at the wrong state, in case of errors. Make the code simpler and avoid mistakes by having just one error check logic used weather DVB_DYNAMIC_MINORS is used or not. Reported-by: kernel test robot Reported-by: Dan Carpenter Closes: https://lore.kernel.org/r/202410201717.ULWWdJv8-lkp@intel.com/ Signed-off-by: Mauro Carvalho Chehab Link: https://lore.kernel.org/r/9e067488d8935b8cf00959764a1fa5de85d65725.1730926254.git.mchehab+huawei@kernel.org commit 94debe5eaa0adaa24a6de4a8e5f138be7381eb9e Author: Venkata Prasad Potturu Date: Wed Nov 6 19:56:57 2024 +0530 ASoC: SOF: amd: Fix for incorrect DMA ch status register offset DMA ch status register offset change in acp7.0 platform Incorrect DMA channel status register offset check lead to firmware boot failure. [ 14.432497] snd_sof_amd_acp70 0000:c4:00.5: ------------[ DSP dump start ]------------ [ 14.432533] snd_sof_amd_acp70 0000:c4:00.5: Firmware boot failure due to timeout [ 14.432549] snd_sof_amd_acp70 0000:c4:00.5: fw_state: SOF_FW_BOOT_IN_PROGRESS (3) [ 14.432610] snd_sof_amd_acp70 0000:c4:00.5: invalid header size 0x71c41000. FW oops is bogus [ 14.432626] snd_sof_amd_acp70 0000:c4:00.5: unexpected fault 0x71c40000 trace 0x71c40000 [ 14.432642] snd_sof_amd_acp70 0000:c4:00.5: ------------[ DSP dump end ]------------ [ 14.432657] snd_sof_amd_acp70 0000:c4:00.5: error: failed to boot DSP firmware -5 [ 14.432672] snd_sof_amd_acp70 0000:c4:00.5: fw_state change: 3 -> 4 [ 14.433260] dmic-codec dmic-codec: ASoC: Unregistered DAI 'dmic-hifi' [ 14.433319] snd_sof_amd_acp70 0000:c4:00.5: fw_state change: 4 -> 0 [ 14.433358] snd_sof_amd_acp70 0000:c4:00.5: error: sof_probe_work failed err: -5 Update correct register offset for DMA ch status register. Fixes: 490be7ba2a01 ("ASoC: SOF: amd: add support for acp7.0 based platform") Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20241106142658.1240929-1-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit b79276dcac9124a79c8cf7cc8fbdd3d4c3c9a7c7 Author: Mario Limonciello Date: Mon Nov 4 16:28:55 2024 -0600 ACPI: processor: Move arch_init_invariance_cppc() call later arch_init_invariance_cppc() is called at the end of acpi_cppc_processor_probe() in order to configure frequency invariance based upon the values from _CPC. This however doesn't work on AMD CPPC shared memory designs that have AMD preferred cores enabled because _CPC needs to be analyzed from all cores to judge if preferred cores are enabled. This issue manifests to users as a warning since commit 21fb59ab4b97 ("ACPI: CPPC: Adjust debug messages in amd_set_max_freq_ratio() to warn"): ``` Could not retrieve highest performance (-19) ``` However the warning isn't the cause of this, it was actually commit 279f838a61f9 ("x86/amd: Detect preferred cores in amd_get_boost_ratio_numerator()") which exposed the issue. To fix this problem, change arch_init_invariance_cppc() into a new weak symbol that is called at the end of acpi_processor_driver_init(). Each architecture that supports it can declare the symbol to override the weak one. Define it for x86, in arch/x86/kernel/acpi/cppc.c, and for all of the architectures using the generic arch_topology.c code. Fixes: 279f838a61f9 ("x86/amd: Detect preferred cores in amd_get_boost_ratio_numerator()") Reported-by: Ivan Shapovalov Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219431 Tested-by: Oleksandr Natalenko Signed-off-by: Mario Limonciello Link: https://patch.msgid.link/20241104222855.3959267-1-superm1@kernel.org [ rjw: Changelog edit ] Signed-off-by: Rafael J. Wysocki commit f43b15692129904ccc064180fa2dd796ba3843a5 Merge: 7758b206117dab 04de7589e0a951 Author: Linus Torvalds Date: Wed Nov 6 09:29:15 2024 -1000 Merge tag 'keys-next-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd Pull keys fixes from Jarkko Sakkinen: "A couple of fixes for keys and trusted keys" * tag 'keys-next-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd: KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation security/keys: fix slab-out-of-bounds in key_task_permission commit 44d0469f79bd3d0b3433732877358df7dc6b17b1 Author: Zijian Zhang Date: Wed Nov 6 00:37:42 2024 +0000 bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx As the introduction of the support for vsock and unix sockets in sockmap, tls_sw_has_ctx_tx/rx cannot presume the socket passed in must be IS_ICSK. vsock and af_unix sockets have vsock_sock and unix_sock instead of inet_connection_sock. For these sockets, tls_get_ctx may return an invalid pointer and cause page fault in function tls_sw_ctx_rx. BUG: unable to handle page fault for address: 0000000000040030 Workqueue: vsock-loopback vsock_loopback_work RIP: 0010:sk_psock_strp_data_ready+0x23/0x60 Call Trace: ? __die+0x81/0xc3 ? no_context+0x194/0x350 ? do_page_fault+0x30/0x110 ? async_page_fault+0x3e/0x50 ? sk_psock_strp_data_ready+0x23/0x60 virtio_transport_recv_pkt+0x750/0x800 ? update_load_avg+0x7e/0x620 vsock_loopback_work+0xd0/0x100 process_one_work+0x1a7/0x360 worker_thread+0x30/0x390 ? create_worker+0x1a0/0x1a0 kthread+0x112/0x130 ? __kthread_cancel_work+0x40/0x40 ret_from_fork+0x1f/0x40 v2: - Add IS_ICSK check v3: - Update the commits in Fixes Fixes: 634f1a7110b4 ("vsock: support sockmap") Fixes: 94531cfcbe79 ("af_unix: Add unix_stream_proto for sockmap") Signed-off-by: Zijian Zhang Acked-by: Stanislav Fomichev Acked-by: Jakub Kicinski Reviewed-by: Cong Wang Acked-by: Stefano Garzarella Link: https://lore.kernel.org/r/20241106003742.399240-1-zijianzhang@bytedance.com Signed-off-by: Martin KaFai Lau commit 7758b206117dab9894f0bcb8333f8e4731c5065a Merge: b226d019836fba 8b55572e518051 Author: Linus Torvalds Date: Wed Nov 6 08:08:39 2024 -1000 Merge tag 'tracefs-v6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull tracefs fixes from Steven Rostedt: "Fix tracefs mount options. Commit 78ff64081949 ("vfs: Convert tracefs to use the new mount API") broke the gid setting when set by fstab or other mount utility. It is ignored when it is set. Fix the code so that it recognises the option again and will honor the settings on mount at boot up. Update the internal documentation and create a selftest to make sure it doesn't break again in the future" * tag 'tracefs-v6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: tracing/selftests: Add tracefs mount options test tracing: Document tracefs gid mount option tracing: Fix tracefs mount options commit b226d019836fbab759be8f62818851ee5cb0d9de Merge: 9e23acf024895a 1be765b292577c Author: Linus Torvalds Date: Wed Nov 6 08:03:19 2024 -1000 Merge tag 'platform-drivers-x86-v6.12-4' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86 Pull x86 platform driver fixes from Hans de Goede: - AMD PMF: Add new hardware id - AMD PMC: Fix crash when loaded with enable_stb=1 on devices without STB - Dell: Add Alienware hwid for Alienware systems with Dell WMI interface - thinkpad_acpi: Quirk to fix wrong fan speed readings on L480 - New hotkey mappings for Dell and Lenovo laptops * tag 'platform-drivers-x86-v6.12-4' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86: platform/x86: thinkpad_acpi: Fix for ThinkPad's with ECFW showing incorrect fan speed platform/x86: ideapad-laptop: add missing Ideapad Pro 5 fn keys platform/x86: dell-wmi-base: Handle META key Lock/Unlock events platform/x86: dell-smbios-base: Extends support to Alienware products platform/x86/amd/pmc: Detect when STB is not available platform/x86/amd/pmf: Add SMU metrics table support for 1Ah family 60h model commit 9e23acf024895a50306508880a075efa18656322 Merge: 0951fede4e5215 c0ade5d9897958 Author: Linus Torvalds Date: Wed Nov 6 07:56:47 2024 -1000 Merge tag 'for-6.12/dm-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm Pull device mapper fixes from Mikulas Patocka: - fix memory safety bugs in dm-cache - fix restart/panic logic in dm-verity - fix 32-bit unsigned integer overflow in dm-unstriped - fix a device mapper crash if blk_alloc_disk fails * tag 'for-6.12/dm-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm: dm cache: fix potential out-of-bounds access on the first resume dm cache: optimize dirty bit checking with find_next_bit when resizing dm cache: fix out-of-bounds access to the dirty bitset when resizing dm cache: fix flushing uninitialized delayed_work on cache_ctr error dm cache: correct the number of origin blocks to match the target length dm-verity: don't crash if panic_on_corruption is not selected dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow dm: fix a crash if blk_alloc_disk fails commit 0951fede4e5215e4529a3b711ac94fc84f90eca8 Merge: 2e1b3cc9d7f790 177f25d1292c7e Author: Linus Torvalds Date: Wed Nov 6 07:49:54 2024 -1000 Merge tag 'hid-for-linus-20241105' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid Pull HID fix from Jiri Kosina: - report buffer sanitization fix for HID core (Jiri Kosina) * tag 'hid-for-linus-20241105' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid: HID: core: zero-initialize the report buffer commit de156f3cf70e17dc6ff4c3c364bb97a6db961ffd Author: Mingcong Bai Date: Wed Nov 6 10:40:50 2024 +0800 ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022 Xiaomi Book Pro 14 2022 (MIA2210-AD) requires a quirk entry for its internal microphone to be enabled. This is likely due to similar reasons as seen previously on Redmi Book 14/15 Pro 2022 models (since they likely came with similar firmware): - commit dcff8b7ca92d ("ASoC: amd: yc: Add Xiaomi Redmi Book Pro 15 2022 into DMI table") - commit c1dd6bf61997 ("ASoC: amd: yc: Add Xiaomi Redmi Book Pro 14 2022 into DMI table") A quirk would likely be needed for Xiaomi Book Pro 15 2022 models, too. However, I do not have such device on hand so I will leave it for now. Signed-off-by: Mingcong Bai Link: https://patch.msgid.link/20241106024052.15748-1-jeffbai@aosc.io Signed-off-by: Mark Brown commit 25eb47eed52979c2f5eee3f37e6c67714e02c49c Author: Jack Wu Date: Wed Nov 6 18:50:29 2024 +0800 USB: serial: qcserial: add support for Sierra Wireless EM86xx Add support for Sierra Wireless EM86xx with USB-id 0x1199:0x90e5 and 0x1199:0x90e4. 0x1199:0x90e5 T: Bus=03 Lev=01 Prnt=01 Port=05 Cnt=01 Dev#= 14 Spd=480 MxCh= 0 D: Ver= 2.00 Cls=ef(misc ) Sub=02 Prot=01 MxPS=64 #Cfgs= 1 P: Vendor=1199 ProdID=90e5 Rev= 5.15 S: Manufacturer=Sierra Wireless, Incorporated S: Product=Semtech EM8695 Mobile Broadband Adapter S: SerialNumber=004403161882339 C:* #Ifs= 6 Cfg#= 1 Atr=a0 MxPwr=500mA A: FirstIf#=12 IfCount= 2 Cls=02(comm.) Sub=0e Prot=00 I:* If#= 0 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=30 Driver=qcserial E: Ad=01(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=81(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms I:* If#= 1 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=42 Prot=01 Driver=usbfs E: Ad=02(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=82(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms I:* If#= 3 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=40 Driver=qcserial E: Ad=84(I) Atr=03(Int.) MxPS= 10 Ivl=32ms E: Ad=83(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=03(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms I:* If#= 4 Alt= 0 #EPs= 1 Cls=ff(vend.) Sub=ff Prot=ff Driver=(none) E: Ad=85(I) Atr=03(Int.) MxPS= 64 Ivl=32ms I:* If#=12 Alt= 0 #EPs= 1 Cls=02(comm.) Sub=0e Prot=00 Driver=cdc_mbim E: Ad=87(I) Atr=03(Int.) MxPS= 64 Ivl=32ms I: If#=13 Alt= 0 #EPs= 0 Cls=0a(data ) Sub=00 Prot=02 Driver=cdc_mbim I:* If#=13 Alt= 1 #EPs= 2 Cls=0a(data ) Sub=00 Prot=02 Driver=cdc_mbim E: Ad=86(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=04(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms 0x1199:0x90e4 T: Bus=03 Lev=01 Prnt=01 Port=05 Cnt=01 Dev#= 16 Spd=480 MxCh= 0 D: Ver= 2.00 Cls=00(>ifc ) Sub=00 Prot=00 MxPS=64 #Cfgs= 1 P: Vendor=1199 ProdID=90e4 Rev= 0.00 S: Manufacturer=Sierra Wireless, Incorporated S: SerialNumber=004403161882339 C:* #Ifs= 1 Cfg#= 1 Atr=a0 MxPwr= 2mA I:* If#= 0 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=10 Driver=qcserial E: Ad=81(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=01(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms Signed-off-by: Jack Wu Cc: stable@vger.kernel.org Signed-off-by: Johan Hovold commit 751ecf6afd6568adc98f2a6052315552c0483d18 Author: Mark Brown Date: Wed Oct 30 20:23:50 2024 +0000 arm64/sve: Discard stale CPU state when handling SVE traps The logic for handling SVE traps manipulates saved FPSIMD/SVE state incorrectly, and a race with preemption can result in a task having TIF_SVE set and TIF_FOREIGN_FPSTATE clear even though the live CPU state is stale (e.g. with SVE traps enabled). This has been observed to result in warnings from do_sve_acc() where SVE traps are not expected while TIF_SVE is set: | if (test_and_set_thread_flag(TIF_SVE)) | WARN_ON(1); /* SVE access shouldn't have trapped */ Warnings of this form have been reported intermittently, e.g. https://lore.kernel.org/linux-arm-kernel/CA+G9fYtEGe_DhY2Ms7+L7NKsLYUomGsgqpdBj+QwDLeSg=JhGg@mail.gmail.com/ https://lore.kernel.org/linux-arm-kernel/000000000000511e9a060ce5a45c@google.com/ The race can occur when the SVE trap handler is preempted before and after manipulating the saved FPSIMD/SVE state, starting and ending on the same CPU, e.g. | void do_sve_acc(unsigned long esr, struct pt_regs *regs) | { | // Trap on CPU 0 with TIF_SVE clear, SVE traps enabled | // task->fpsimd_cpu is 0. | // per_cpu_ptr(&fpsimd_last_state, 0) is task. | | ... | | // Preempted; migrated from CPU 0 to CPU 1. | // TIF_FOREIGN_FPSTATE is set. | | get_cpu_fpsimd_context(); | | if (test_and_set_thread_flag(TIF_SVE)) | WARN_ON(1); /* SVE access shouldn't have trapped */ | | sve_init_regs() { | if (!test_thread_flag(TIF_FOREIGN_FPSTATE)) { | ... | } else { | fpsimd_to_sve(current); | current->thread.fp_type = FP_STATE_SVE; | } | } | | put_cpu_fpsimd_context(); | | // Preempted; migrated from CPU 1 to CPU 0. | // task->fpsimd_cpu is still 0 | // If per_cpu_ptr(&fpsimd_last_state, 0) is still task then: | // - Stale HW state is reused (with SVE traps enabled) | // - TIF_FOREIGN_FPSTATE is cleared | // - A return to userspace skips HW state restore | } Fix the case where the state is not live and TIF_FOREIGN_FPSTATE is set by calling fpsimd_flush_task_state() to detach from the saved CPU state. This ensures that a subsequent context switch will not reuse the stale CPU state, and will instead set TIF_FOREIGN_FPSTATE, forcing the new state to be reloaded from memory prior to a return to userspace. Fixes: cccb78ce89c4 ("arm64/sve: Rework SVE access trap to convert state in registers") Reported-by: Mark Rutland Signed-off-by: Mark Brown Cc: stable@vger.kernel.org Reviewed-by: Mark Rutland Link: https://lore.kernel.org/r/20241030-arm64-fpsimd-foreign-flush-v1-1-bd7bd66905a2@kernel.org Signed-off-by: Will Deacon commit 1be765b292577c752e0b87bf8c0e92aff6699d8e Author: Vishnu Sankar Date: Wed Nov 6 08:55:05 2024 +0900 platform/x86: thinkpad_acpi: Fix for ThinkPad's with ECFW showing incorrect fan speed Fix for Thinkpad's with ECFW showing incorrect fan speed. Some models use decimal instead of hexadecimal for the speed stored in the EC registers. For example the rpm register will have 0x4200 instead of 0x1068, here the actual RPM is "4200" in decimal. Add a quirk to handle this. Signed-off-by: Vishnu Sankar Suggested-by: Mark Pearson Link: https://lore.kernel.org/r/20241105235505.8493-1-vishnuocv@gmail.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 4e39ecadf1d2a08187139619f1f314b64ba7d947 Author: Xiaoguang Wang Date: Tue Nov 5 21:35:18 2024 +0800 vp_vdpa: fix id_table array not null terminated error Allocate one extra virtio_device_id as null terminator, otherwise vdpa_mgmtdev_get_classes() may iterate multiple times and visit undefined memory. Fixes: ffbda8e9df10 ("vdpa/vp_vdpa : add vdpa tool support in vp_vdpa") Cc: stable@vger.kernel.org Suggested-by: Parav Pandit Signed-off-by: Angus Chen Signed-off-by: Xiaoguang Wang Message-Id: <20241105133518.1494-1-lege.wang@jaguarmicro.com> Signed-off-by: Michael S. Tsirkin Reviewed-by: Parav Pandit Acked-by: Jason Wang commit 97ee04feb682c906a1fa973ebe586fe91567d165 Author: Feng Liu Date: Thu Oct 24 09:54:06 2024 -0400 virtio_pci: Fix admin vq cleanup by using correct info pointer vp_modern_avq_cleanup() and vp_del_vqs() clean up admin vq resources by virtio_pci_vq_info pointer. The info pointer of admin vq is stored in vp_dev->admin_vq.info instead of vp_dev->vqs[]. Using the info pointer from vp_dev->vqs[] for admin vq causes a kernel NULL pointer dereference bug. In vp_modern_avq_cleanup() and vp_del_vqs(), get the info pointer from vp_dev->admin_vq.info for admin vq to clean up the resources. Also make info ptr as argument of vp_del_vq() to be symmetric with vp_setup_vq(). vp_reset calls vp_modern_avq_cleanup, and causes the Call Trace: ================================================================== BUG: kernel NULL pointer dereference, address:0000000000000000 ... CPU: 49 UID: 0 PID: 4439 Comm: modprobe Not tainted 6.11.0-rc5 #1 RIP: 0010:vp_reset+0x57/0x90 [virtio_pci] Call Trace: ... ? vp_reset+0x57/0x90 [virtio_pci] ? vp_reset+0x38/0x90 [virtio_pci] virtio_reset_device+0x1d/0x30 remove_vq_common+0x1c/0x1a0 [virtio_net] virtnet_remove+0xa1/0xc0 [virtio_net] virtio_dev_remove+0x46/0xa0 ... virtio_pci_driver_exit+0x14/0x810 [virtio_pci] ================================================================== Fixes: 4c3b54af907e ("virtio_pci_modern: use completion instead of busy loop to wait on admin cmd result") Signed-off-by: Feng Liu Signed-off-by: Jiri Pirko Reviewed-by: Parav Pandit Message-Id: <20241024135406.81388-1-feliu@nvidia.com> Signed-off-by: Michael S. Tsirkin commit 7f8825b2a78ac392d3fbb3a2e65e56d9e39d75e9 Author: Yuan Can Date: Thu Oct 17 09:38:12 2024 +0800 vDPA/ifcvf: Fix pci_read_config_byte() return code handling ifcvf_init_hw() uses pci_read_config_byte() that returns PCIBIOS_* codes. The error handling, however, assumes the codes are normal errnos because it checks for < 0. Convert the error check to plain non-zero check. Fixes: 5a2414bc454e ("virtio: Intel IFC VF driver for VDPA") Signed-off-by: Yuan Can Message-Id: <20241017013812.129952-1-yuancan@huawei.com> Signed-off-by: Michael S. Tsirkin Acked-by: Jason Wang Acked-by: Zhu Lingshan commit 03a942f793ca33653f3fa4bdb377f5d2376e74f6 Author: Shivam Chaudhary Date: Tue Oct 8 20:22:04 2024 +0530 Fix typo in vringh_test.c Corrected minor typo in tools/virtio/vringh_test.c: - Fixed "retreives" to "retrieves" Signed-off-by: Shivam Chaudhary Message-Id: <20241008145204.478749-1-cvam0000@gmail.com> Signed-off-by: Michael S. Tsirkin commit 0b364cf53b20204e92bac7c6ebd1ee7d3ec62931 Author: Philipp Stanner Date: Mon Oct 28 08:43:59 2024 +0100 vdpa: solidrun: Fix UB bug with devres In psnet_open_pf_bar() and snet_open_vf_bar() a string later passed to pcim_iomap_regions() is placed on the stack. Neither pcim_iomap_regions() nor the functions it calls copy that string. Should the string later ever be used, this, consequently, causes undefined behavior since the stack frame will by then have disappeared. Fix the bug by allocating the strings on the heap through devm_kasprintf(). Cc: stable@vger.kernel.org # v6.3 Fixes: 51a8f9d7f587 ("virtio: vdpa: new SolidNET DPU driver.") Reported-by: Christophe JAILLET Closes: https://lore.kernel.org/all/74e9109a-ac59-49e2-9b1d-d825c9c9f891@wanadoo.fr/ Suggested-by: Andy Shevchenko Signed-off-by: Philipp Stanner Reviewed-by: Stefano Garzarella Message-Id: <20241028074357.9104-3-pstanner@redhat.com> Signed-off-by: Michael S. Tsirkin commit 6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f Author: Hyunwoo Kim Date: Tue Oct 22 09:32:56 2024 +0200 vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. This issue is resolved by initializing vsk->trans to NULL. Cc: stable Fixes: 06a8fc78367d ("VSOCK: Introduce virtio_vsock_common.ko") Signed-off-by: Hyunwoo Kim Signed-off-by: Wongi Lee Signed-off-by: Greg Kroah-Hartman Message-Id: <2024102245-strive-crib-c8d3@gregkh> Signed-off-by: Michael S. Tsirkin commit a373830f96db288a3eb43a8692b6bcd0bd88dfe1 Author: Gautam Menghani Date: Mon Oct 28 14:34:09 2024 +0530 KVM: PPC: Book3S HV: Mask off LPCR_MER for a vCPU before running it to avoid spurious interrupts Running a L2 vCPU (see [1] for terminology) with LPCR_MER bit set and no pending interrupts results in that L2 vCPU getting an infinite flood of spurious interrupts. The 'if check' in kvmhv_run_single_vcpu() sets the LPCR_MER bit if there are pending interrupts. The spurious flood problem can be observed in 2 cases: 1. Crashing the guest while interrupt heavy workload is running a. Start a L2 guest and run an interrupt heavy workload (eg: ipistorm) b. While the workload is running, crash the guest (make sure kdump is configured) c. Any one of the vCPUs of the guest will start getting an infinite flood of spurious interrupts. 2. Running LTP stress tests in multiple guests at the same time a. Start 4 L2 guests. b. Start running LTP stress tests on all 4 guests at same time. c. In some time, any one/more of the vCPUs of any of the guests will start getting an infinite flood of spurious interrupts. The root cause of both the above issues is the same: 1. A NMI is sent to a running vCPU that has LPCR_MER bit set. 2. In the NMI path, all registers are refreshed, i.e, H_GUEST_GET_STATE is called for all the registers. 3. When H_GUEST_GET_STATE is called for LPCR, the vcpu->arch.vcore->lpcr of that vCPU at L1 level gets updated with LPCR_MER set to 1, and this new value is always used whenever that vCPU runs, regardless of whether there was a pending interrupt. 4. Since LPCR_MER is set, the vCPU in L2 always jumps to the external interrupt handler, and this cycle never ends. Fix the spurious flood by masking off the LPCR_MER bit before running a L2 vCPU to ensure that it is not set if there are no pending interrupts. [1] Terminology: 1. L0 : PAPR hypervisor running in HV mode 2. L1 : Linux guest (logical partition) running on top of L0 3. L2 : KVM guest running on top of L1 Fixes: ec0f6639fa88 ("KVM: PPC: Book3S HV nestedv2: Ensure LPCR_MER bit is passed to the L0") Cc: stable@vger.kernel.org # v6.8+ Signed-off-by: Gautam Menghani Signed-off-by: Madhavan Srinivasan commit 26a2bebd2c0cb55582501678a182d0ae1a730f2d Merge: 3f2f406a35e931 b8473723272e34 Author: Jakub Kicinski Date: Tue Nov 5 18:05:50 2024 -0800 Merge branch '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/net-queue Tony Nguyen says: ==================== Intel Wired LAN Driver Updates 2024-11-04 (ice, idpf, i40e, e1000e) For ice: Marcin adjusts ordering of calls in ice_eswitch_detach() to resolve a use after free issue. Mateusz corrects variable type for Flow Director queue to fix issues related to drop actions. For idpf: Pavan resolves issues related to reset on idpf; avoiding use of freed vport and correctly unrolling the mailbox task. For i40e: Aleksandr fixes a race condition involving addition and deletion of VF MAC filters. For e1000e: Vitaly reverts workaround for Meteor Lake causing regressions in power management flows. * '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/net-queue: e1000e: Remove Meteor Lake SMBUS workarounds i40e: fix race condition by adding filter's intermediate sync state idpf: fix idpf_vc_core_init error path idpf: avoid vport access in idpf_get_link_ksettings ice: change q_index variable type to s16 to store -1 value ice: Fix use after free during unload with ports in bridge ==================== Link: https://patch.msgid.link/20241104223639.2801097-1-anthony.l.nguyen@intel.com Signed-off-by: Jakub Kicinski commit 3f2f406a35e9311d9d3ec8db0ac33ea1853825cd Merge: 256748d5480bb3 99635c91fb8b86 Author: Jakub Kicinski Date: Tue Nov 5 17:51:10 2024 -0800 Merge branch 'mptcp-pm-fix-wrong-perm-and-sock-kfree' Matthieu Baerts says: ==================== mptcp: pm: fix wrong perm and sock kfree Two small fixes related to the MPTCP path-manager: - Patch 1: remove an accidental restriction to admin users to list MPTCP endpoints. A regression from v6.7. - Patch 2: correctly use sock_kfree_s() instead of kfree() in the userspace PM. A fix for another fix introduced in v6.4 and backportable up to v5.19. ==================== Link: https://patch.msgid.link/20241104-net-mptcp-misc-6-12-v1-0-c13f2ff1656f@kernel.org Signed-off-by: Jakub Kicinski commit 99635c91fb8b860a6404b9bc8b769df7bdaa2ae3 Author: Geliang Tang Date: Mon Nov 4 13:31:42 2024 +0100 mptcp: use sock_kfree_s instead of kfree The local address entries on userspace_pm_local_addr_list are allocated by sock_kmalloc(). It's then required to use sock_kfree_s() instead of kfree() to free these entries in order to adjust the allocated size on the sk side. Fixes: 24430f8bf516 ("mptcp: add address into userspace pm list") Cc: stable@vger.kernel.org Signed-off-by: Geliang Tang Reviewed-by: Matthieu Baerts (NGI0) Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20241104-net-mptcp-misc-6-12-v1-2-c13f2ff1656f@kernel.org Signed-off-by: Jakub Kicinski commit cfbbd4859882a5469f6f4945937a074ee78c4b46 Author: Matthieu Baerts (NGI0) Date: Mon Nov 4 13:31:41 2024 +0100 mptcp: no admin perm to list endpoints During the switch to YNL, the command to list all endpoints has been accidentally restricted to users with admin permissions. It looks like there are no reasons to have this restriction which makes it harder for a user to quickly check if the endpoint list has been correctly populated by an automated tool. Best to go back to the previous behaviour then. mptcp_pm_gen.c has been modified using ynl-gen-c.py: $ ./tools/net/ynl/ynl-gen-c.py --mode kernel \ --spec Documentation/netlink/specs/mptcp_pm.yaml --source \ -o net/mptcp/mptcp_pm_gen.c The header file doesn't need to be regenerated. Fixes: 1d0507f46843 ("net: mptcp: convert netlink from small_ops to ops") Cc: stable@vger.kernel.org Reviewed-by: Davide Caratti Reviewed-by: Mat Martineau Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20241104-net-mptcp-misc-6-12-v1-1-c13f2ff1656f@kernel.org Signed-off-by: Jakub Kicinski commit 256748d5480bb3c4b731236c6d6fc86a8e2815d8 Author: Diogo Silva Date: Sat Nov 2 16:15:05 2024 +0100 net: phy: ti: add PHY_RST_AFTER_CLK_EN flag DP83848 datasheet (section 4.7.2) indicates that the reset pin should be toggled after the clocks are running. Add the PHY_RST_AFTER_CLK_EN to make sure that this indication is respected. In my experience not having this flag enabled would lead to, on some boots, the wrong MII mode being selected if the PHY was initialized on the bootloader and was receiving data during Linux boot. Signed-off-by: Diogo Silva Reviewed-by: Andrew Lunn Fixes: 34e45ad9378c ("net: phy: dp83848: Add TI DP83848 Ethernet PHY") Link: https://patch.msgid.link/20241102151504.811306-1-paissilva@ld-100007.ds1.internal Signed-off-by: Jakub Kicinski commit 5de195060b2e251a835f622759550e6202167641 Author: Lorenzo Stoakes Date: Tue Oct 29 18:11:48 2024 +0000 mm: resolve faulty mmap_region() error path behaviour The mmap_region() function is somewhat terrifying, with spaghetti-like control flow and numerous means by which issues can arise and incomplete state, memory leaks and other unpleasantness can occur. A large amount of the complexity arises from trying to handle errors late in the process of mapping a VMA, which forms the basis of recently observed issues with resource leaks and observable inconsistent state. Taking advantage of previous patches in this series we move a number of checks earlier in the code, simplifying things by moving the core of the logic into a static internal function __mmap_region(). Doing this allows us to perform a number of checks up front before we do any real work, and allows us to unwind the writable unmap check unconditionally as required and to perform a CONFIG_DEBUG_VM_MAPLE_TREE validation unconditionally also. We move a number of things here: 1. We preallocate memory for the iterator before we call the file-backed memory hook, allowing us to exit early and avoid having to perform complicated and error-prone close/free logic. We carefully free iterator state on both success and error paths. 2. The enclosing mmap_region() function handles the mapping_map_writable() logic early. Previously the logic had the mapping_map_writable() at the point of mapping a newly allocated file-backed VMA, and a matching mapping_unmap_writable() on success and error paths. We now do this unconditionally if this is a file-backed, shared writable mapping. If a driver changes the flags to eliminate VM_MAYWRITE, however doing so does not invalidate the seal check we just performed, and we in any case always decrement the counter in the wrapper. We perform a debug assert to ensure a driver does not attempt to do the opposite. 3. We also move arch_validate_flags() up into the mmap_region() function. This is only relevant on arm64 and sparc64, and the check is only meaningful for SPARC with ADI enabled. We explicitly add a warning for this arch if a driver invalidates this check, though the code ought eventually to be fixed to eliminate the need for this. With all of these measures in place, we no longer need to explicitly close the VMA on error paths, as we place all checks which might fail prior to a call to any driver mmap hook. This eliminates an entire class of errors, makes the code easier to reason about and more robust. Link: https://lkml.kernel.org/r/6e0becb36d2f5472053ac5d544c0edfe9b899e25.1730224667.git.lorenzo.stoakes@oracle.com Fixes: deb0f6562884 ("mm/mmap: undo ->mmap() when arch_validate_flags() fails") Signed-off-by: Lorenzo Stoakes Reported-by: Jann Horn Reviewed-by: Liam R. Howlett Reviewed-by: Vlastimil Babka Tested-by: Mark Brown Cc: Andreas Larsson Cc: Catalin Marinas Cc: David S. Miller Cc: Helge Deller Cc: James E.J. Bottomley Cc: Linus Torvalds Cc: Peter Xu Cc: Will Deacon Cc: Signed-off-by: Andrew Morton commit 5baf8b037debf4ec60108ccfeccb8636d1dbad81 Author: Lorenzo Stoakes Date: Tue Oct 29 18:11:47 2024 +0000 mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling Currently MTE is permitted in two circumstances (desiring to use MTE having been specified by the VM_MTE flag) - where MAP_ANONYMOUS is specified, as checked by arch_calc_vm_flag_bits() and actualised by setting the VM_MTE_ALLOWED flag, or if the file backing the mapping is shmem, in which case we set VM_MTE_ALLOWED in shmem_mmap() when the mmap hook is activated in mmap_region(). The function that checks that, if VM_MTE is set, VM_MTE_ALLOWED is also set is the arm64 implementation of arch_validate_flags(). Unfortunately, we intend to refactor mmap_region() to perform this check earlier, meaning that in the case of a shmem backing we will not have invoked shmem_mmap() yet, causing the mapping to fail spuriously. It is inappropriate to set this architecture-specific flag in general mm code anyway, so a sensible resolution of this issue is to instead move the check somewhere else. We resolve this by setting VM_MTE_ALLOWED much earlier in do_mmap(), via the arch_calc_vm_flag_bits() call. This is an appropriate place to do this as we already check for the MAP_ANONYMOUS case here, and the shmem file case is simply a variant of the same idea - we permit RAM-backed memory. This requires a modification to the arch_calc_vm_flag_bits() signature to pass in a pointer to the struct file associated with the mapping, however this is not too egregious as this is only used by two architectures anyway - arm64 and parisc. So this patch performs this adjustment and removes the unnecessary assignment of VM_MTE_ALLOWED in shmem_mmap(). [akpm@linux-foundation.org: fix whitespace, per Catalin] Link: https://lkml.kernel.org/r/ec251b20ba1964fb64cf1607d2ad80c47f3873df.1730224667.git.lorenzo.stoakes@oracle.com Fixes: deb0f6562884 ("mm/mmap: undo ->mmap() when arch_validate_flags() fails") Signed-off-by: Lorenzo Stoakes Suggested-by: Catalin Marinas Reported-by: Jann Horn Reviewed-by: Catalin Marinas Reviewed-by: Vlastimil Babka Cc: Andreas Larsson Cc: David S. Miller Cc: Helge Deller Cc: James E.J. Bottomley Cc: Liam R. Howlett Cc: Linus Torvalds Cc: Mark Brown Cc: Peter Xu Cc: Will Deacon Cc: Signed-off-by: Andrew Morton commit 0fb4a7ad270b3b209e510eb9dc5b07bf02b7edaf Author: Lorenzo Stoakes Date: Tue Oct 29 18:11:46 2024 +0000 mm: refactor map_deny_write_exec() Refactor the map_deny_write_exec() to not unnecessarily require a VMA parameter but rather to accept VMA flags parameters, which allows us to use this function early in mmap_region() in a subsequent commit. While we're here, we refactor the function to be more readable and add some additional documentation. Link: https://lkml.kernel.org/r/6be8bb59cd7c68006ebb006eb9d8dc27104b1f70.1730224667.git.lorenzo.stoakes@oracle.com Fixes: deb0f6562884 ("mm/mmap: undo ->mmap() when arch_validate_flags() fails") Signed-off-by: Lorenzo Stoakes Reported-by: Jann Horn Reviewed-by: Liam R. Howlett Reviewed-by: Vlastimil Babka Reviewed-by: Jann Horn Cc: Andreas Larsson Cc: Catalin Marinas Cc: David S. Miller Cc: Helge Deller Cc: James E.J. Bottomley Cc: Linus Torvalds Cc: Mark Brown Cc: Peter Xu Cc: Will Deacon Cc: Signed-off-by: Andrew Morton commit 4080ef1579b2413435413988d14ac8c68e4d42c8 Author: Lorenzo Stoakes Date: Tue Oct 29 18:11:45 2024 +0000 mm: unconditionally close VMAs on error Incorrect invocation of VMA callbacks when the VMA is no longer in a consistent state is bug prone and risky to perform. With regards to the important vm_ops->close() callback We have gone to great lengths to try to track whether or not we ought to close VMAs. Rather than doing so and risking making a mistake somewhere, instead unconditionally close and reset vma->vm_ops to an empty dummy operations set with a NULL .close operator. We introduce a new function to do so - vma_close() - and simplify existing vms logic which tracked whether we needed to close or not. This simplifies the logic, avoids incorrect double-calling of the .close() callback and allows us to update error paths to simply call vma_close() unconditionally - making VMA closure idempotent. Link: https://lkml.kernel.org/r/28e89dda96f68c505cb6f8e9fc9b57c3e9f74b42.1730224667.git.lorenzo.stoakes@oracle.com Fixes: deb0f6562884 ("mm/mmap: undo ->mmap() when arch_validate_flags() fails") Signed-off-by: Lorenzo Stoakes Reported-by: Jann Horn Reviewed-by: Vlastimil Babka Reviewed-by: Liam R. Howlett Reviewed-by: Jann Horn Cc: Andreas Larsson Cc: Catalin Marinas Cc: David S. Miller Cc: Helge Deller Cc: James E.J. Bottomley Cc: Linus Torvalds Cc: Mark Brown Cc: Peter Xu Cc: Will Deacon Cc: Signed-off-by: Andrew Morton commit 3dd6ed34ce1f2356a77fb88edafb5ec96784e3cf Author: Lorenzo Stoakes Date: Tue Oct 29 18:11:44 2024 +0000 mm: avoid unsafe VMA hook invocation when error arises on mmap hook Patch series "fix error handling in mmap_region() and refactor (hotfixes)", v4. mmap_region() is somewhat terrifying, with spaghetti-like control flow and numerous means by which issues can arise and incomplete state, memory leaks and other unpleasantness can occur. A large amount of the complexity arises from trying to handle errors late in the process of mapping a VMA, which forms the basis of recently observed issues with resource leaks and observable inconsistent state. This series goes to great lengths to simplify how mmap_region() works and to avoid unwinding errors late on in the process of setting up the VMA for the new mapping, and equally avoids such operations occurring while the VMA is in an inconsistent state. The patches in this series comprise the minimal changes required to resolve existing issues in mmap_region() error handling, in order that they can be hotfixed and backported. There is additionally a follow up series which goes further, separated out from the v1 series and sent and updated separately. This patch (of 5): After an attempted mmap() fails, we are no longer in a situation where we can safely interact with VMA hooks. This is currently not enforced, meaning that we need complicated handling to ensure we do not incorrectly call these hooks. We can avoid the whole issue by treating the VMA as suspect the moment that the file->f_ops->mmap() function reports an error by replacing whatever VMA operations were installed with a dummy empty set of VMA operations. We do so through a new helper function internal to mm - mmap_file() - which is both more logically named than the existing call_mmap() function and correctly isolates handling of the vm_op reassignment to mm. All the existing invocations of call_mmap() outside of mm are ultimately nested within the call_mmap() from mm, which we now replace. It is therefore safe to leave call_mmap() in place as a convenience function (and to avoid churn). The invokers are: ovl_file_operations -> mmap -> ovl_mmap() -> backing_file_mmap() coda_file_operations -> mmap -> coda_file_mmap() shm_file_operations -> shm_mmap() shm_file_operations_huge -> shm_mmap() dma_buf_fops -> dma_buf_mmap_internal -> i915_dmabuf_ops -> i915_gem_dmabuf_mmap() None of these callers interact with vm_ops or mappings in a problematic way on error, quickly exiting out. Link: https://lkml.kernel.org/r/cover.1730224667.git.lorenzo.stoakes@oracle.com Link: https://lkml.kernel.org/r/d41fd763496fd0048a962f3fd9407dc72dd4fd86.1730224667.git.lorenzo.stoakes@oracle.com Fixes: deb0f6562884 ("mm/mmap: undo ->mmap() when arch_validate_flags() fails") Signed-off-by: Lorenzo Stoakes Reported-by: Jann Horn Reviewed-by: Liam R. Howlett Reviewed-by: Vlastimil Babka Reviewed-by: Jann Horn Cc: Andreas Larsson Cc: Catalin Marinas Cc: David S. Miller Cc: Helge Deller Cc: James E.J. Bottomley Cc: Linus Torvalds Cc: Mark Brown Cc: Peter Xu Cc: Will Deacon Cc: Signed-off-by: Andrew Morton commit f8f931bba0f92052cf842b7e30917b1afcc77d5a Author: Hugh Dickins Date: Sun Oct 27 13:02:13 2024 -0700 mm/thp: fix deferred split unqueue naming and locking Recent changes are putting more pressure on THP deferred split queues: under load revealing long-standing races, causing list_del corruptions, "Bad page state"s and worse (I keep BUGs in both of those, so usually don't get to see how badly they end up without). The relevant recent changes being 6.8's mTHP, 6.10's mTHP swapout, and 6.12's mTHP swapin, improved swap allocation, and underused THP splitting. Before fixing locking: rename misleading folio_undo_large_rmappable(), which does not undo large_rmappable, to folio_unqueue_deferred_split(), which is what it does. But that and its out-of-line __callee are mm internals of very limited usability: add comment and WARN_ON_ONCEs to check usage; and return a bool to say if a deferred split was unqueued, which can then be used in WARN_ON_ONCEs around safety checks (sparing callers the arcane conditionals in __folio_unqueue_deferred_split()). Just omit the folio_unqueue_deferred_split() from free_unref_folios(), all of whose callers now call it beforehand (and if any forget then bad_page() will tell) - except for its caller put_pages_list(), which itself no longer has any callers (and will be deleted separately). Swapout: mem_cgroup_swapout() has been resetting folio->memcg_data 0 without checking and unqueueing a THP folio from deferred split list; which is unfortunate, since the split_queue_lock depends on the memcg (when memcg is enabled); so swapout has been unqueueing such THPs later, when freeing the folio, using the pgdat's lock instead: potentially corrupting the memcg's list. __remove_mapping() has frozen refcount to 0 here, so no problem with calling folio_unqueue_deferred_split() before resetting memcg_data. That goes back to 5.4 commit 87eaceb3faa5 ("mm: thp: make deferred split shrinker memcg aware"): which included a check on swapcache before adding to deferred queue, but no check on deferred queue before adding THP to swapcache. That worked fine with the usual sequence of events in reclaim (though there were a couple of rare ways in which a THP on deferred queue could have been swapped out), but 6.12 commit dafff3f4c850 ("mm: split underused THPs") avoids splitting underused THPs in reclaim, which makes swapcache THPs on deferred queue commonplace. Keep the check on swapcache before adding to deferred queue? Yes: it is no longer essential, but preserves the existing behaviour, and is likely to be a worthwhile optimization (vmstat showed much more traffic on the queue under swapping load if the check was removed); update its comment. Memcg-v1 move (deprecated): mem_cgroup_move_account() has been changing folio->memcg_data without checking and unqueueing a THP folio from the deferred list, sometimes corrupting "from" memcg's list, like swapout. Refcount is non-zero here, so folio_unqueue_deferred_split() can only be used in a WARN_ON_ONCE to validate the fix, which must be done earlier: mem_cgroup_move_charge_pte_range() first try to split the THP (splitting of course unqueues), or skip it if that fails. Not ideal, but moving charge has been requested, and khugepaged should repair the THP later: nobody wants new custom unqueueing code just for this deprecated case. The 87eaceb3faa5 commit did have the code to move from one deferred list to another (but was not conscious of its unsafety while refcount non-0); but that was removed by 5.6 commit fac0516b5534 ("mm: thp: don't need care deferred split queue in memcg charge move path"), which argued that the existence of a PMD mapping guarantees that the THP cannot be on a deferred list. As above, false in rare cases, and now commonly false. Backport to 6.11 should be straightforward. Earlier backports must take care that other _deferred_list fixes and dependencies are included. There is not a strong case for backports, but they can fix cornercases. Link: https://lkml.kernel.org/r/8dc111ae-f6db-2da7-b25c-7a20b1effe3b@google.com Fixes: 87eaceb3faa5 ("mm: thp: make deferred split shrinker memcg aware") Fixes: dafff3f4c850 ("mm: split underused THPs") Signed-off-by: Hugh Dickins Acked-by: David Hildenbrand Reviewed-by: Yang Shi Cc: Baolin Wang Cc: Barry Song Cc: Chris Li Cc: Johannes Weiner Cc: Kefeng Wang Cc: Kirill A. Shutemov Cc: Matthew Wilcox (Oracle) Cc: Nhat Pham Cc: Ryan Roberts Cc: Shakeel Butt Cc: Usama Arif Cc: Wei Yang Cc: Zi Yan Cc: Signed-off-by: Andrew Morton commit e66f3185fa04ccb807c6fbf0ea066574f4308831 Author: Hugh Dickins Date: Sun Oct 27 12:59:34 2024 -0700 mm/thp: fix deferred split queue not partially_mapped Recent changes are putting more pressure on THP deferred split queues: under load revealing long-standing races, causing list_del corruptions, "Bad page state"s and worse (I keep BUGs in both of those, so usually don't get to see how badly they end up without). The relevant recent changes being 6.8's mTHP, 6.10's mTHP swapout, and 6.12's mTHP swapin, improved swap allocation, and underused THP splitting. The new unlocked list_del_init() in deferred_split_scan() is buggy. I gave bad advice, it looks plausible since that's a local on-stack list, but the fact is that it can race with a third party freeing or migrating the preceding folio (properly unqueueing it with refcount 0 while holding split_queue_lock), thereby corrupting the list linkage. The obvious answer would be to take split_queue_lock there: but it has a long history of contention, so I'm reluctant to add to that. Instead, make sure that there is always one safe (raised refcount) folio before, by delaying its folio_put(). (And of course I was wrong to suggest updating split_queue_len without the lock: leave that until the splice.) And remove two over-eager partially_mapped checks, restoring those tests to how they were before: if uncharge_folio() or free_tail_page_prepare() finds _deferred_list non-empty, it's in trouble whether or not that folio is partially_mapped (and the flag was already cleared in the latter case). Link: https://lkml.kernel.org/r/81e34a8b-113a-0701-740e-2135c97eb1d7@google.com Fixes: dafff3f4c850 ("mm: split underused THPs") Signed-off-by: Hugh Dickins Acked-by: Usama Arif Reviewed-by: David Hildenbrand Reviewed-by: Baolin Wang Acked-by: Zi Yan Cc: Barry Song Cc: Chris Li Cc: Johannes Weiner Cc: Kefeng Wang Cc: Kirill A. Shutemov Cc: Matthew Wilcox (Oracle) Cc: Nhat Pham Cc: Ryan Roberts Cc: Shakeel Butt Cc: Wei Yang Cc: Yang Shi Signed-off-by: Andrew Morton commit 514447a1219021298329ce586536598c3b4b2dc0 Author: Lucas De Marchi Date: Mon Nov 4 06:38:12 2024 -0800 drm/xe: Stop accumulating LRC timestamp on job_free The exec queue timestamp is only really useful when it's being queried through the fdinfo. There's no need to update it so often, on every job_free. Tracing a simple app like vkcube running shows an update rate of ~ 120Hz. In case of discrete, the BO is on vram, creating a lot of pcie transactions. The update on job_free() is used to cover a gap: if exec queue is created and destroyed rapidly, before a new query, the timestamp still needs to be accumulated and accounted for in the xef. Initial implementation in commit 6109f24f87d7 ("drm/xe: Add helper to accumulate exec queue runtime") couldn't do it on the exec_queue_fini since the xef could be gone at that point. However since commit ce8c161cbad4 ("drm/xe: Add ref counting for xe_file") the xef is refcounted and the exec queue always holds a reference, making this safe now. Improve the fix in commit 2149ded63079 ("drm/xe: Fix use after free when client stats are captured") by reducing the frequency in which the update is needed. Fixes: 2149ded63079 ("drm/xe: Fix use after free when client stats are captured") Reviewed-by: Nirmoy Das Reviewed-by: Jonathan Cavitt Reviewed-by: Umesh Nerlige Ramappa Link: https://patchwork.freedesktop.org/patch/msgid/20241104143815.2112272-3-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi (cherry picked from commit 83db047d9425d9a649f01573797558eff0f632e1) Signed-off-by: Lucas De Marchi commit a353c78459f4d116216393cc29032ef5fe1472d2 Author: Michal Wajdeczko Date: Mon Nov 4 15:49:01 2024 +0100 drm/xe/pf: Fix potential GGTT allocation leak In unlikely event that we fail during sending the new VF GGTT configuration to the GuC, we will free only the GGTT node data struct but will miss to release the actual GGTT allocation. This will later lead to list corruption, GGTT space leak and finally risking crash when unloading the driver: [ ] ... [drm] GT0: PF: Failed to provision VF1 with 1073741824 (1.00 GiB) GGTT (-EIO) [ ] ... [drm] GT0: PF: VF1 provisioning remains at 0 (0 B) GGTT [ ] list_add corruption. next->prev should be prev (ffff88813cfcd628), but was 0000000000000000. (next=ffff88813cfe2028). [ ] RIP: 0010:__list_add_valid_or_report+0x6b/0xb0 [ ] Call Trace: [ ] drm_mm_insert_node_in_range+0x2c0/0x4e0 [ ] xe_ggtt_node_insert+0x46/0x70 [xe] [ ] pf_provision_vf_ggtt+0x7f5/0xa70 [xe] [ ] xe_gt_sriov_pf_config_set_ggtt+0x5e/0x770 [xe] [ ] ggtt_set+0x4b/0x70 [xe] [ ] simple_attr_write_xsigned.constprop.0.isra.0+0xb0/0x110 [ ] ... [drm] GT0: PF: Failed to provision VF1 with 1073741824 (1.00 GiB) GGTT (-ENOSPC) [ ] ... [drm] GT0: PF: VF1 provisioning remains at 0 (0 B) GGTT [ ] Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [#1] PREEMPT SMP NOPTI [ ] RIP: 0010:drm_mm_remove_node+0x1b7/0x390 [ ] Call Trace: [ ] [ ] ? die_addr+0x2e/0x80 [ ] ? exc_general_protection+0x1a1/0x3e0 [ ] ? asm_exc_general_protection+0x22/0x30 [ ] ? drm_mm_remove_node+0x1b7/0x390 [ ] ggtt_node_remove+0xa5/0xf0 [xe] [ ] xe_ggtt_node_remove+0x35/0x70 [xe] [ ] xe_ttm_bo_destroy+0x123/0x220 [xe] [ ] intel_user_framebuffer_destroy+0x44/0x70 [xe] [ ] intel_plane_destroy_state+0x3b/0xc0 [xe] [ ] drm_atomic_state_default_clear+0x1cd/0x2f0 [ ] intel_atomic_state_clear+0x9/0x20 [xe] [ ] __drm_atomic_state_free+0x1d/0xb0 Fix that by using pf_release_ggtt() on the error path, which now works regardless if the node has GGTT allocation or not. Fixes: 34e804220f69 ("drm/xe: Make xe_ggtt_node struct independent") Signed-off-by: Michal Wajdeczko Cc: Rodrigo Vivi Cc: Matthew Brost Cc: Matthew Auld Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20241104144901.1903-1-michal.wajdeczko@intel.com (cherry picked from commit 43b1dd2b550f0861ce80fbfffd5881b1b26272b1) Signed-off-by: Lucas De Marchi commit 64a2b6ed4bfd890a0e91955dd8ef8422a3944ed9 Author: Matthew Brost Date: Mon Nov 4 20:35:24 2024 -0800 drm/xe: Drop VM dma-resv lock on xe_sync_in_fence_get failure in exec IOCTL Upon failure all locks need to be dropped before returning to the user. Fixes: 58480c1c912f ("drm/xe: Skip VMAs pin when requesting signal to the last XE_EXEC") Cc: Signed-off-by: Matthew Brost Reviewed-by: Tejas Upadhyay Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20241105043524.4062774-3-matthew.brost@intel.com (cherry picked from commit 7d1a4258e602ffdce529f56686925034c1b3b095) Signed-off-by: Lucas De Marchi commit af797b831d8975cb4610f396dcb7f03f4b9908e7 Author: Matthew Brost Date: Mon Nov 4 20:35:23 2024 -0800 drm/xe: Fix possible exec queue leak in exec IOCTL In a couple of places after an exec queue is looked up the exec IOCTL returns on input errors without dropping the exec queue ref. Fix this ensuring the exec queue ref is dropped on input error. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Cc: Signed-off-by: Matthew Brost Reviewed-by: Tejas Upadhyay Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20241105043524.4062774-2-matthew.brost@intel.com (cherry picked from commit 07064a200b40ac2195cb6b7b779897d9377e5e6f) Signed-off-by: Lucas De Marchi commit 714398d8742d5e019a8e5512de2abb8db69ba0a3 Merge: 6b5cca7868fdd2 e7f37a7d16310d Author: Stephen Boyd Date: Tue Nov 5 15:30:35 2024 -0800 Merge tag 'qcom-clk-fixes-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux into clk-fixes Pull Qualcomm clk driver fixes from Bjorn Andersson: - Correct flags for X Elite USB MP GDSC and pcie pipediv2 clocks - Fix alpha PLL post_div mask for the cases where width is not specified - Avoid hangs in the SM8350 video driver (venus) by setting HW_CTRL trigger feature on the video clocks * tag 'qcom-clk-fixes-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux: clk: qcom: gcc-x1e80100: Fix USB MP SS1 PHY GDSC pwrsts flags clk: qcom: gcc-x1e80100: Fix halt_check for pipediv2 clocks clk: qcom: clk-alpha-pll: Fix pll post div mask when width is not set clk: qcom: videocc-sm8350: use HW_CTRL_TRIGGER for vcodec GDSCs commit 6801cf7890f2ed8fcc14859b47501f8ee7a58ec7 Author: Hou Tao Date: Tue Nov 5 12:30:57 2024 +0800 selftests/bpf: Use -4095 as the bad address for bits iterator As reported by Byeonguk, the bad_words test in verifier_bits_iter.c occasionally fails on s390 host. Quoting Ilya's explanation: s390 kernel runs in a completely separate address space, there is no user/kernel split at TASK_SIZE. The same address may be valid in both the kernel and the user address spaces, there is no way to tell by looking at it. The config option related to this property is ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE. Also, unfortunately, 0 is a valid address in the s390 kernel address space. Fix the issue by using -4095 as the bad address for bits iterator, as suggested by Ilya. Verify that bpf_iter_bits_new() returns -EINVAL for NULL address and -EFAULT for bad address. Fixes: ebafc1e535db ("selftests/bpf: Add three test cases for bits_iter") Reported-by: Byeonguk Jeong Closes: https://lore.kernel.org/bpf/ZycSXwjH4UTvx-Cn@ub22/ Signed-off-by: Hou Tao Acked-by: Ilya Leoshkevich Link: https://lore.kernel.org/r/20241105043057.3371482-1-houtao@huaweicloud.com Signed-off-by: Alexei Starovoitov commit a759bf0dfc4db3cb6556fc79c7c98da3a46b2b80 Author: Tejun Heo Date: Tue Nov 5 11:45:27 2024 -1000 sched_ext: Update scx_show_state.py to match scx_ops_bypass_depth's new type 0e7ffff1b811 ("scx: Fix raciness in scx_ops_bypass()") converted scx_ops_bypass_depth from an atomic to an int. Update scx_show_state.py accordingly. Signed-off-by: Tejun Heo Fixes: 0e7ffff1b811 ("scx: Fix raciness in scx_ops_bypass()") commit f7d1b585e1533e26801c13569b96b84b2ad2d3c1 Author: Tejun Heo Date: Tue Nov 5 11:45:24 2024 -1000 sched_ext: Add a missing newline at the end of an error message Signed-off-by: Tejun Heo commit a5ca1dc46a6b610dd4627d8b633d6c84f9724ef0 Author: Mario Limonciello Date: Tue Nov 5 10:02:34 2024 -0600 x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client A number of Zen4 client SoCs advertise the ability to use virtualized VMLOAD/VMSAVE, but using these instructions is reported to be a cause of a random host reboot. These instructions aren't intended to be advertised on Zen4 client so clear the capability. Signed-off-by: Mario Limonciello Signed-off-by: Borislav Petkov (AMD) Cc: stable@vger.kernel.org Link: https://bugzilla.kernel.org/show_bug.cgi?id=219009 commit 9c9201afebea1efc7ea4b8f721ee18a05bb8aca1 Author: Koichiro Den Date: Tue Nov 5 11:27:47 2024 +0900 mm/slab: fix warning caused by duplicate kmem_cache creation in kmem_buckets_create Commit b035f5a6d852 ("mm: slab: reduce the kmalloc() minimum alignment if DMA bouncing possible") reduced ARCH_KMALLOC_MINALIGN to 8 on arm64. However, with KASAN_HW_TAGS enabled, arch_slab_minalign() becomes 16. This causes kmalloc_caches[*][8] to be aliased to kmalloc_caches[*][16], resulting in kmem_buckets_create() attempting to create a kmem_cache for size 16 twice. This duplication triggers warnings on boot: [ 2.325108] ------------[ cut here ]------------ [ 2.325135] kmem_cache of name 'memdup_user-16' already exists [ 2.325783] WARNING: CPU: 0 PID: 1 at mm/slab_common.c:107 __kmem_cache_create_args+0xb8/0x3b0 [ 2.327957] Modules linked in: [ 2.328550] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-rc5mm-unstable-arm64+ #12 [ 2.328683] Hardware name: QEMU QEMU Virtual Machine, BIOS 2024.02-2 03/11/2024 [ 2.328790] pstate: 61000009 (nZCv daif -PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 2.328911] pc : __kmem_cache_create_args+0xb8/0x3b0 [ 2.328930] lr : __kmem_cache_create_args+0xb8/0x3b0 [ 2.328942] sp : ffff800083d6fc50 [ 2.328961] x29: ffff800083d6fc50 x28: f2ff0000c1674410 x27: ffff8000820b0598 [ 2.329061] x26: 000000007fffffff x25: 0000000000000010 x24: 0000000000002000 [ 2.329101] x23: ffff800083d6fce8 x22: ffff8000832222e8 x21: ffff800083222388 [ 2.329118] x20: f2ff0000c1674410 x19: f5ff0000c16364c0 x18: ffff800083d80030 [ 2.329135] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 [ 2.329152] x14: 0000000000000000 x13: 0a73747369786520 x12: 79646165726c6120 [ 2.329169] x11: 656820747563205b x10: 2d2d2d2d2d2d2d2d x9 : 0000000000000000 [ 2.329194] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000 [ 2.329210] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 [ 2.329226] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000 [ 2.329291] Call trace: [ 2.329407] __kmem_cache_create_args+0xb8/0x3b0 [ 2.329499] kmem_buckets_create+0xfc/0x320 [ 2.329526] init_user_buckets+0x34/0x78 [ 2.329540] do_one_initcall+0x64/0x3c8 [ 2.329550] kernel_init_freeable+0x26c/0x578 [ 2.329562] kernel_init+0x3c/0x258 [ 2.329574] ret_from_fork+0x10/0x20 [ 2.329698] ---[ end trace 0000000000000000 ]--- [ 2.403704] ------------[ cut here ]------------ [ 2.404716] kmem_cache of name 'msg_msg-16' already exists [ 2.404801] WARNING: CPU: 2 PID: 1 at mm/slab_common.c:107 __kmem_cache_create_args+0xb8/0x3b0 [ 2.404842] Modules linked in: [ 2.404971] CPU: 2 UID: 0 PID: 1 Comm: swapper/0 Tainted: G W 6.12.0-rc5mm-unstable-arm64+ #12 [ 2.405026] Tainted: [W]=WARN [ 2.405043] Hardware name: QEMU QEMU Virtual Machine, BIOS 2024.02-2 03/11/2024 [ 2.405057] pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 2.405079] pc : __kmem_cache_create_args+0xb8/0x3b0 [ 2.405100] lr : __kmem_cache_create_args+0xb8/0x3b0 [ 2.405111] sp : ffff800083d6fc50 [ 2.405115] x29: ffff800083d6fc50 x28: fbff0000c1674410 x27: ffff8000820b0598 [ 2.405135] x26: 000000000000ffd0 x25: 0000000000000010 x24: 0000000000006000 [ 2.405153] x23: ffff800083d6fce8 x22: ffff8000832222e8 x21: ffff800083222388 [ 2.405169] x20: fbff0000c1674410 x19: fdff0000c163d6c0 x18: ffff800083d80030 [ 2.405185] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 [ 2.405201] x14: 0000000000000000 x13: 0a73747369786520 x12: 79646165726c6120 [ 2.405217] x11: 656820747563205b x10: 2d2d2d2d2d2d2d2d x9 : 0000000000000000 [ 2.405233] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000 [ 2.405248] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 [ 2.405271] x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000 [ 2.405287] Call trace: [ 2.405293] __kmem_cache_create_args+0xb8/0x3b0 [ 2.405305] kmem_buckets_create+0xfc/0x320 [ 2.405315] init_msg_buckets+0x34/0x78 [ 2.405326] do_one_initcall+0x64/0x3c8 [ 2.405337] kernel_init_freeable+0x26c/0x578 [ 2.405348] kernel_init+0x3c/0x258 [ 2.405360] ret_from_fork+0x10/0x20 [ 2.405370] ---[ end trace 0000000000000000 ]--- To address this, alias kmem_cache for sizes smaller than min alignment to the aligned sized kmem_cache, as done with the default system kmalloc bucket. Fixes: b32801d1255b ("mm/slab: Introduce kmem_buckets_create() and family") Cc: # v6.11+ Signed-off-by: Koichiro Den Reviewed-by: Catalin Marinas Tested-by: Catalin Marinas Signed-off-by: Vlastimil Babka commit 9bb4af400c386374ab1047df44c508512c08c31f Author: Amelie Delaunay Date: Tue Nov 5 15:02:42 2024 +0100 ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove In case of error when requesting ctrl_chan DMA channel, ctrl_chan is not null. So the release of the dma channel leads to the following issue: [ 4.879000] st,stm32-spdifrx 500d0000.audio-controller: dma_request_slave_channel error -19 [ 4.888975] Unable to handle kernel NULL pointer dereference at virtual address 000000000000003d [...] [ 5.096577] Call trace: [ 5.099099] dma_release_channel+0x24/0x100 [ 5.103235] stm32_spdifrx_remove+0x24/0x60 [snd_soc_stm32_spdifrx] [ 5.109494] stm32_spdifrx_probe+0x320/0x4c4 [snd_soc_stm32_spdifrx] To avoid this issue, release channel only if the pointer is valid. Fixes: 794df9448edb ("ASoC: stm32: spdifrx: manage rebind issue") Signed-off-by: Amelie Delaunay Signed-off-by: Olivier Moysan Link: https://patch.msgid.link/20241105140242.527279-1-olivier.moysan@foss.st.com Signed-off-by: Mark Brown commit 4d75b9468021c73108b4439794d69e892b1d24e3 Author: Alex Deucher Date: Wed Oct 23 16:52:08 2024 -0400 drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Avoid a possible buffer overflow if size is larger than 4K. Reviewed-by: Yang Wang Signed-off-by: Alex Deucher (cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434) Cc: stable@vger.kernel.org commit f790a2c494c4ef587eeeb9fca20124de76a1646f Author: Alex Deucher Date: Wed Oct 23 16:39:36 2024 -0400 drm/amdgpu: Adjust debugfs eviction and IB access permissions Users should not be able to run these. Reviewed-by: Yang Wang Signed-off-by: Alex Deucher (cherry picked from commit 7ba9395430f611cfc101b1c2687732baafa239d5) Cc: stable@vger.kernel.org commit b46dadf7e3cfe26d0b109c9c3d81b278d6c75361 Author: Alex Deucher Date: Wed Oct 23 16:37:52 2024 -0400 drm/amdgpu: Adjust debugfs register access permissions Regular users shouldn't have read access. Reviewed-by: Yang Wang Signed-off-by: Alex Deucher (cherry picked from commit c0cfd2e652553d607b910be47d0cc5a7f3a78641) Cc: stable@vger.kernel.org commit 3ce3f85787352fa48fc02ef6cbd7a5e5aba93347 Author: Lijo Lazar Date: Mon Nov 4 10:36:13 2024 +0530 drm/amdgpu: Fix DPX valid mode check on GC 9.4.3 For DPX mode, the number of memory partitions supported should be less than or equal to 2. Fixes: 1589c82a1085 ("drm/amdgpu: Check memory ranges for valid xcp mode") Signed-off-by: Lijo Lazar Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher (cherry picked from commit 990c4f580742de7bb78fa57420ffd182fc3ab4cd) Cc: stable@vger.kernel.org commit 9eaff63bfb59b93a79ac8450e3d1e45a1f72f29a Merge: df3dff8ab6d79e ba3b7ac4f71435 Author: Paolo Abeni Date: Tue Nov 5 15:56:48 2024 +0100 Merge branch 'net-ethernet-ti-am65-cpsw-fixes-to-multi-queue-rx-feature' Roger Quadros says: ==================== net: ethernet: ti: am65-cpsw: Fixes to multi queue RX feature On J7 platforms, setting up multiple RX flows was failing as the RX free descriptor ring 0 is shared among all flows and we did not allocate enough elements in the RX free descriptor ring 0 to accommodate for all RX flows. Patch 1 fixes this. The second patch fixes a warning if there was any error in am65_cpsw_nuss_init_rx_chns() and am65_cpsw_nuss_cleanup_rx_chns() was called after that. Signed-off-by: Roger Quadros ==================== Link: https://patch.msgid.link/20241101-am65-cpsw-multi-rx-j7-fix-v3-0-338fdd6a55da@kernel.org Signed-off-by: Paolo Abeni commit ba3b7ac4f7143568ed6480180a847dc752780ece Author: Roger Quadros Date: Fri Nov 1 12:18:51 2024 +0200 net: ethernet: ti: am65-cpsw: fix warning in am65_cpsw_nuss_remove_rx_chns() flow->irq is initialized to 0 which is a valid IRQ. Set it to -EINVAL in error path of am65_cpsw_nuss_init_rx_chns() so we do not try to free an unallocated IRQ in am65_cpsw_nuss_remove_rx_chns(). If user tried to change number of RX queues and am65_cpsw_nuss_init_rx_chns() failed due to any reason, the warning will happen if user tries to change the number of RX queues after the error condition. root@am62xx-evm:~# ethtool -L eth0 rx 3 [ 40.385293] am65-cpsw-nuss 8000000.ethernet: set new flow-id-base 19 [ 40.393211] am65-cpsw-nuss 8000000.ethernet: Failed to init rx flow2 netlink error: Invalid argument root@am62xx-evm:~# ethtool -L eth0 rx 2 [ 82.306427] ------------[ cut here ]------------ [ 82.311075] WARNING: CPU: 0 PID: 378 at kernel/irq/devres.c:144 devm_free_irq+0x84/0x90 [ 82.469770] Call trace: [ 82.472208] devm_free_irq+0x84/0x90 [ 82.475777] am65_cpsw_nuss_remove_rx_chns+0x6c/0xac [ti_am65_cpsw_nuss] [ 82.482487] am65_cpsw_nuss_update_tx_rx_chns+0x2c/0x9c [ti_am65_cpsw_nuss] [ 82.489442] am65_cpsw_set_channels+0x30/0x4c [ti_am65_cpsw_nuss] [ 82.495531] ethnl_set_channels+0x224/0x2dc [ 82.499713] ethnl_default_set_doit+0xb8/0x1b8 [ 82.504149] genl_family_rcv_msg_doit+0xc0/0x124 [ 82.508757] genl_rcv_msg+0x1f0/0x284 [ 82.512409] netlink_rcv_skb+0x58/0x130 [ 82.516239] genl_rcv+0x38/0x50 [ 82.519374] netlink_unicast+0x1d0/0x2b0 [ 82.523289] netlink_sendmsg+0x180/0x3c4 [ 82.527205] __sys_sendto+0xe4/0x158 [ 82.530779] __arm64_sys_sendto+0x28/0x38 [ 82.534782] invoke_syscall+0x44/0x100 [ 82.538526] el0_svc_common.constprop.0+0xc0/0xe0 [ 82.543221] do_el0_svc+0x1c/0x28 [ 82.546528] el0_svc+0x28/0x98 [ 82.549578] el0t_64_sync_handler+0xc0/0xc4 [ 82.553752] el0t_64_sync+0x190/0x194 [ 82.557407] ---[ end trace 0000000000000000 ]--- Fixes: da70d184a8c3 ("net: ethernet: ti: am65-cpsw: Introduce multi queue Rx") Signed-off-by: Roger Quadros Signed-off-by: Paolo Abeni commit de794169cf1711a98e1e4856c76388e6dadd73a1 Author: Roger Quadros Date: Fri Nov 1 12:18:50 2024 +0200 net: ethernet: ti: am65-cpsw: Fix multi queue Rx on J7 On J7 platforms, setting up multiple RX flows was failing as the RX free descriptor ring 0 is shared among all flows and we did not allocate enough elements in the RX free descriptor ring 0 to accommodate for all RX flows. This issue is not present on AM62 as separate pair of rings are used for free and completion rings for each flow. Fix this by allocating enough elements for RX free descriptor ring 0. However, we can no longer rely on desc_idx (descriptor based offsets) to identify the pages in the respective flows as free descriptor ring includes elements for all flows. To solve this, introduce a new swdata data structure to store flow_id and page. This can be used to identify which flow (page_pool) and page the descriptor belonged to when popped out of the RX rings. Fixes: da70d184a8c3 ("net: ethernet: ti: am65-cpsw: Introduce multi queue Rx") Signed-off-by: Roger Quadros Reviewed-by: Simon Horman Signed-off-by: Paolo Abeni commit bd646c768a934d28e574ee940d6759c7954a024d Author: Mika Westerberg Date: Tue Nov 5 09:19:02 2024 +0200 thunderbolt: Fix connection issue with Pluggable UD-4VPD dock Rick reported that his Pluggable USB4 dock does not work anymore after upgrading to v6.10 kernel. It looks like commit c6ca1ac9f472 ("thunderbolt: Increase sideband access polling delay") makes the device router enumeration happen later than what might be expected by the dock (although there is no such limit in the USB4 spec) which probably makes it assume there is something wrong with the high-speed link and reset it. After the link is reset the same issue happens again and again. For this reason lower the sideband access delay from 5ms to 1ms. This seems to work fine according to Rick's testing. Reported-by: Rick Lahaye Closes: https://lore.kernel.org/linux-usb/000f01db247b$d10e1520$732a3f60$@581238.xyz/ Tested-by: Rick Lahaye Fixes: c6ca1ac9f472 ("thunderbolt: Increase sideband access polling delay") Cc: stable@vger.kernel.org Acked-by: Greg Kroah-Hartman Reviewed-by: Mario Limonciello Signed-off-by: Mika Westerberg commit ab2e5c8ff253ff612f7c6ef9441d2ff6558e5449 Author: Yang Yingliang Date: Sat Oct 26 11:09:42 2024 +0800 i2c: muxes: Fix return value check in mule_i2c_mux_probe() If dev_get_regmap() fails, it returns NULL pointer not ERR_PTR(), replace IS_ERR() with NULL pointer check, and return -ENODEV. Fixes: d0f8e97866bf ("i2c: muxes: add support for tsd,mule-i2c multiplexer") Signed-off-by: Yang Yingliang Signed-off-by: Andi Shyti commit 08a3b241adfd90361c16c3e92f5275b816a73f04 Author: Kuninori Morimoto Date: Tue Nov 5 01:00:00 2024 +0000 MAINTAINERS: Generic Sound Card section ALSA SoC Sound has Generic Sound Card (Simple-Card, Audio-Graph-Card, Audio-Graph-Card2). Adds its Maintainer. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87ikt2a41c.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit 7dd08a0b4193087976db6b3ee7807de7e8316f96 Author: Dan Carpenter Date: Mon Nov 4 20:16:42 2024 +0300 usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() The "*cmd" variable can be controlled by the user via debugfs. That means "new_cam" can be as high as 255 while the size of the uc->updated[] array is UCSI_MAX_ALTMODES (30). The call tree is: ucsi_cmd() // val comes from simple_attr_write_xsigned() -> ucsi_send_command() -> ucsi_send_command_common() -> ucsi_run_command() // calls ucsi->ops->sync_control() -> ucsi_ccg_sync_control() Fixes: 170a6726d0e2 ("usb: typec: ucsi: add support for separate DP altmode devices") Cc: stable Signed-off-by: Dan Carpenter Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/325102b3-eaa8-4918-a947-22aca1146586@stanley.mountain Signed-off-by: Greg Kroah-Hartman commit 9cfb31e4c89d200d8ab7cb1e0bb9e6e8d621ca0b Author: Roger Quadros Date: Mon Nov 4 16:00:11 2024 +0200 usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then during system suspend we cannot access the device registers else it will crash. Also we cannot access any registers after dwc3_core_exit() on some platforms so move the dwc3_enable_susphy() call to the top. Cc: stable@vger.kernel.org # v5.15+ Reported-by: William McVicker Closes: https://lore.kernel.org/all/ZyVfcUuPq56R2m1Y@google.com Fixes: 705e3ce37bcc ("usb: dwc3: core: Fix system suspend on TI AM62 platforms") Signed-off-by: Roger Quadros Acked-by: Thinh Nguyen Tested-by: Will McVicker Link: https://lore.kernel.org/r/20241104-am62-lpm-usb-fix-v1-1-e93df73a4f0d@kernel.org Signed-off-by: Greg Kroah-Hartman commit 029778a4fd2c90c2e76a902b797c2348a722f1b8 Author: Rex Nie Date: Wed Oct 30 21:36:32 2024 +0800 usb: typec: qcom-pmic: init value of hdr_len/txbuf_len earlier If the read of USB_PDPHY_RX_ACKNOWLEDGE_REG failed, then hdr_len and txbuf_len are uninitialized. This commit stops to print uninitialized value and misleading/false data. Cc: stable@vger.kernel.org Fixes: a4422ff22142 (" usb: typec: qcom: Add Qualcomm PMIC Type-C driver") Signed-off-by: Rex Nie Reviewed-by: Heikki Krogerus Reviewed-by: Bjorn Andersson Acked-by: Bryan O'Donoghue Link: https://lore.kernel.org/r/20241030133632.2116-1-rex.nie@jaguarmicro.com Signed-off-by: Greg Kroah-Hartman commit df3dff8ab6d79edc942464999d06fbaedf8cdd18 Author: Peiyang Wang Date: Fri Nov 1 17:15:07 2024 +0800 net: hns3: fix kernel crash when uninstalling driver When the driver is uninstalled and the VF is disabled concurrently, a kernel crash occurs. The reason is that the two actions call function pci_disable_sriov(). The num_VFs is checked to determine whether to release the corresponding resources. During the second calling, num_VFs is not 0 and the resource release function is called. However, the corresponding resource has been released during the first invoking. Therefore, the problem occurs: [15277.839633][T50670] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020 ... [15278.131557][T50670] Call trace: [15278.134686][T50670] klist_put+0x28/0x12c [15278.138682][T50670] klist_del+0x14/0x20 [15278.142592][T50670] device_del+0xbc/0x3c0 [15278.146676][T50670] pci_remove_bus_device+0x84/0x120 [15278.151714][T50670] pci_stop_and_remove_bus_device+0x6c/0x80 [15278.157447][T50670] pci_iov_remove_virtfn+0xb4/0x12c [15278.162485][T50670] sriov_disable+0x50/0x11c [15278.166829][T50670] pci_disable_sriov+0x24/0x30 [15278.171433][T50670] hnae3_unregister_ae_algo_prepare+0x60/0x90 [hnae3] [15278.178039][T50670] hclge_exit+0x28/0xd0 [hclge] [15278.182730][T50670] __se_sys_delete_module.isra.0+0x164/0x230 [15278.188550][T50670] __arm64_sys_delete_module+0x1c/0x30 [15278.193848][T50670] invoke_syscall+0x50/0x11c [15278.198278][T50670] el0_svc_common.constprop.0+0x158/0x164 [15278.203837][T50670] do_el0_svc+0x34/0xcc [15278.207834][T50670] el0_svc+0x20/0x30 For details, see the following figure. rmmod hclge disable VFs ---------------------------------------------------- hclge_exit() sriov_numvfs_store() ... device_lock() pci_disable_sriov() hns3_pci_sriov_configure() pci_disable_sriov() sriov_disable() sriov_disable() if !num_VFs : if !num_VFs : return; return; sriov_del_vfs() sriov_del_vfs() ... ... klist_put() klist_put() ... ... num_VFs = 0; num_VFs = 0; device_unlock(); In this patch, when driver is removing, we get the device_lock() to protect num_VFs, just like sriov_numvfs_store(). Fixes: 0dd8a25f355b ("net: hns3: disable sriov before unload hclge layer") Signed-off-by: Peiyang Wang Signed-off-by: Jijie Shao Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241101091507.3644584-1-shaojijie@huawei.com Signed-off-by: Paolo Abeni commit 498dbd9aea205db9da674994b74c7bf8e18448bd Author: Zijun Hu Date: Tue Oct 29 23:13:38 2024 +0800 usb: musb: sunxi: Fix accessing an released usb phy Commit 6ed05c68cbca ("usb: musb: sunxi: Explicitly release USB PHY on exit") will cause that usb phy @glue->xceiv is accessed after released. 1) register platform driver @sunxi_musb_driver // get the usb phy @glue->xceiv sunxi_musb_probe() -> devm_usb_get_phy(). 2) register and unregister platform driver @musb_driver musb_probe() -> sunxi_musb_init() use the phy here //the phy is released here musb_remove() -> sunxi_musb_exit() -> devm_usb_put_phy() 3) register @musb_driver again musb_probe() -> sunxi_musb_init() use the phy here but the phy has been released at 2). ... Fixed by reverting the commit, namely, removing devm_usb_put_phy() from sunxi_musb_exit(). Fixes: 6ed05c68cbca ("usb: musb: sunxi: Explicitly release USB PHY on exit") Cc: stable@vger.kernel.org Signed-off-by: Zijun Hu Link: https://lore.kernel.org/r/20241029-sunxi_fix-v1-1-9431ed2ab826@quicinc.com Signed-off-by: Greg Kroah-Hartman commit dabc44c28f118910dea96244d903f0c270225669 Author: Takashi Iwai Date: Tue Nov 5 13:02:17 2024 +0100 ALSA: usb-audio: Add quirk for HP 320 FHD Webcam HP 320 FHD Webcam (03f0:654a) seems to have flaky firmware like other webcam devices that don't like the frequency inquiries. Also, Mic Capture Volume has an invalid resolution, hence fix it to be 16 (as a blind shot). Link: https://bugzilla.suse.com/show_bug.cgi?id=1232768 Cc: Link: https://patch.msgid.link/20241105120220.5740-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit e301aea030d60da760f85f854a82ce788d5cf6e7 Merge: b04ce1e718bd55 59b723cd2adbac Author: Thomas Zimmermann Date: Tue Nov 5 09:43:47 2024 +0100 Merge drm/drm-fixes into drm-misc-fixes Backmerging to get the latest fixes from v6.12-rc6. Signed-off-by: Thomas Zimmermann commit e5d253c60e9627a22940e00a05a6115d722f07ed Author: Sean Christopherson Date: Thu Oct 31 13:32:14 2024 -0700 KVM: SVM: Propagate error from snp_guest_req_init() to userspace If snp_guest_req_init() fails, return the provided error code up the stack to userspace, e.g. so that userspace can log that KVM_SEV_INIT2 failed, as opposed to some random operation later in VM setup failing because SNP wasn't actually enabled for the VM. Note, KVM itself doesn't consult the return value from __sev_guest_init(), i.e. the fallout is purely that userspace may be confused. Fixes: 88caf544c930 ("KVM: SEV: Provide support for SNP_GUEST_REQUEST NAE event") Reported-by: kernel test robot Reported-by: Dan Carpenter Closes: https://lore.kernel.org/r/202410192220.MeTyHPxI-lkp@intel.com Link: https://lore.kernel.org/r/20241031203214.1585751-1-seanjc@google.com Signed-off-by: Sean Christopherson commit 2657b82a78f18528bef56dc1b017158490970873 Author: Sean Christopherson Date: Thu Oct 31 13:20:11 2024 -0700 KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled When getting the current VPID, e.g. to emulate a guest TLB flush, return vpid01 if L2 is running but with VPID disabled, i.e. if VPID is disabled in vmcs12. Architecturally, if VPID is disabled, then the guest and host effectively share VPID=0. KVM emulates this behavior by using vpid01 when running an L2 with VPID disabled (see prepare_vmcs02_early_rare()), and so KVM must also treat vpid01 as the current VPID while L2 is active. Unconditionally treating vpid02 as the current VPID when L2 is active causes KVM to flush TLB entries for vpid02 instead of vpid01, which results in TLB entries from L1 being incorrectly preserved across nested VM-Enter to L2 (L2=>L1 isn't problematic, because the TLB flush after nested VM-Exit flushes vpid01). The bug manifests as failures in the vmx_apicv_test KVM-Unit-Test, as KVM incorrectly retains TLB entries for the APIC-access page across a nested VM-Enter. Opportunisticaly add comments at various touchpoints to explain the architectural requirements, and also why KVM uses vpid01 instead of vpid02. All credit goes to Chao, who root caused the issue and identified the fix. Link: https://lore.kernel.org/all/ZwzczkIlYGX+QXJz@intel.com Fixes: 2b4a5a5d5688 ("KVM: nVMX: Flush current VPID (L1 vs. L2) for KVM_REQ_TLB_FLUSH_GUEST") Cc: stable@vger.kernel.org Cc: Like Xu Debugged-by: Chao Gao Reviewed-by: Chao Gao Tested-by: Chao Gao Link: https://lore.kernel.org/r/20241031202011.1580522-1-seanjc@google.com Signed-off-by: Sean Christopherson commit 979956bc681105f34642971448c4cda048954a07 Author: Sean Christopherson Date: Wed Oct 30 21:53:33 2024 -0700 KVM: selftests: Don't force -march=x86-64-v2 if it's unsupported Force -march=x86-64-v2 to avoid SSE/AVX instructions if and only if the uarch definition is supported by the compiler, e.g. gcc 7.5 only supports x86-64. Fixes: 9a400068a158 ("KVM: selftests: x86: Avoid using SSE/AVX instructions") Cc: Vitaly Kuznetsov Reviewed-and-tested-by: Vitaly Kuznetsov Link: https://lore.kernel.org/r/20241031045333.1209195-1-seanjc@google.com Signed-off-by: Sean Christopherson commit 5b188cc4866aaf712e896f92ac42c7802135e507 Author: Sean Christopherson Date: Wed Oct 9 08:49:41 2024 -0700 KVM: selftests: Disable strict aliasing Disable strict aliasing, as has been done in the kernel proper for decades (literally since before git history) to fix issues where gcc will optimize away loads in code that looks 100% correct, but is _technically_ undefined behavior, and thus can be thrown away by the compiler. E.g. arm64's vPMU counter access test casts a uint64_t (unsigned long) pointer to a u64 (unsigned long long) pointer when setting PMCR.N via u64p_replace_bits(), which gcc-13 detects and optimizes away, i.e. ignores the result and uses the original PMCR. The issue is most easily observed by making set_pmcr_n() noinline and wrapping the call with printf(), e.g. sans comments, for this code: printf("orig = %lx, next = %lx, want = %lu\n", pmcr_orig, pmcr, pmcr_n); set_pmcr_n(&pmcr, pmcr_n); printf("orig = %lx, next = %lx, want = %lu\n", pmcr_orig, pmcr, pmcr_n); gcc-13 generates: 0000000000401c90 : 401c90: f9400002 ldr x2, [x0] 401c94: b3751022 bfi x2, x1, #11, #5 401c98: f9000002 str x2, [x0] 401c9c: d65f03c0 ret 0000000000402660 : 402724: aa1403e3 mov x3, x20 402728: aa1503e2 mov x2, x21 40272c: aa1603e0 mov x0, x22 402730: aa1503e1 mov x1, x21 402734: 940060ff bl 41ab30 <_IO_printf> 402738: aa1403e1 mov x1, x20 40273c: 910183e0 add x0, sp, #0x60 402740: 97fffd54 bl 401c90 402744: aa1403e3 mov x3, x20 402748: aa1503e2 mov x2, x21 40274c: aa1503e1 mov x1, x21 402750: aa1603e0 mov x0, x22 402754: 940060f7 bl 41ab30 <_IO_printf> with the value stored in [sp + 0x60] ignored by both printf() above and in the test proper, resulting in a false failure due to vcpu_set_reg() simply storing the original value, not the intended value. $ ./vpmu_counter_access Random seed: 0x6b8b4567 orig = 3040, next = 3040, want = 0 orig = 3040, next = 3040, want = 0 ==== Test Assertion Failure ==== aarch64/vpmu_counter_access.c:505: pmcr_n == get_pmcr_n(pmcr) pid=71578 tid=71578 errno=9 - Bad file descriptor 1 0x400673: run_access_test at vpmu_counter_access.c:522 2 (inlined by) main at vpmu_counter_access.c:643 3 0x4132d7: __libc_start_call_main at libc-start.o:0 4 0x413653: __libc_start_main at ??:0 5 0x40106f: _start at ??:0 Failed to update PMCR.N to 0 (received: 6) Somewhat bizarrely, gcc-11 also exhibits the same behavior, but only if set_pmcr_n() is marked noinline, whereas gcc-13 fails even if set_pmcr_n() is inlined in its sole caller. Cc: stable@vger.kernel.org Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=116912 Signed-off-by: Sean Christopherson commit 945bdae20be5a13f1fcdcb14ec356dcbeee35839 Author: Patrick Roy Date: Thu Oct 24 10:59:53 2024 +0100 KVM: selftests: fix unintentional noop test in guest_memfd_test.c The loop in test_create_guest_memfd_invalid() that is supposed to test that nothing is accepted as a valid flag to KVM_CREATE_GUEST_MEMFD was initializing `flag` as 0 instead of BIT(0). This caused the loop to immediately exit instead of iterating over BIT(0), BIT(1), ... . Fixes: 8a89efd43423 ("KVM: selftests: Add basic selftest for guest_memfd()") Signed-off-by: Patrick Roy Reviewed-by: James Gowans Reviewed-by: Muhammad Usama Anjum Link: https://lore.kernel.org/r/20241024095956.3668818-1-roypat@amazon.co.uk Signed-off-by: Sean Christopherson commit 2d0f2a648147d6bbf0655e03500586a6712a7281 Author: Maxim Levitsky Date: Fri Oct 4 18:01:53 2024 -0400 KVM: selftests: memslot_perf_test: increase guest sync timeout When memslot_perf_test is run nested, first iteration of test_memslot_rw_loop testcase, sometimes takes more than 2 seconds due to build of shadow page tables. Following iterations are fast. To be on the safe side, bump the timeout to 10 seconds. Signed-off-by: Maxim Levitsky Tested-by: Liam Merwick Reviewed-by: Liam Merwick Link: https://lore.kernel.org/r/20241004220153.287459-1-mlevitsk@redhat.com Signed-off-by: Sean Christopherson commit 249cfa318fb1b77eb726c2ff4f74c9685f04e568 Author: Jakub Kicinski Date: Mon Nov 4 18:03:52 2024 -0800 Revert "Merge branch 'there-are-some-bugfix-for-the-hns3-ethernet-driver'" This reverts commit d80a3091308491455b6501b1c4b68698c4a7cd24, reversing changes made to 637f41476384c76d3cd7dcf5947caf2c8b8d7a9b: 2cf246143519 ("net: hns3: fix kernel crash when 1588 is sent on HIP08 devices") 3e22b7de34cb ("net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue") d1c2e2961ab4 ("net: hns3: initialize reset_timer before hclgevf_misc_irq_init()") 5f62009ff108 ("net: hns3: don't auto enable misc vector") 2758f18a83ef ("net: hns3: Resolved the issue that the debugfs query result is inconsistent.") 662ecfc46690 ("net: hns3: fix missing features due to dev->features configuration too early") 3e0f7cc887b7 ("net: hns3: fixed reset failure issues caused by the incorrect reset type") f2c14899caba ("net: hns3: add sync command to sync io-pgtable") e6ab19443b36 ("net: hns3: default enable tx bounce buffer when smmu enabled") The series is making the driver poke into IOMMU internals instead of implementing appropriate IOMMU workarounds. Link: https://lore.kernel.org/069c9838-b781-4012-934a-d2626fa78212@arm.com Signed-off-by: Jakub Kicinski commit 54c814c8b23bc7617be3d46abdb896937695dbfa Author: Bart Van Assche Date: Thu Oct 31 14:26:24 2024 -0700 scsi: ufs: core: Start the RTC update work later The RTC update work involves runtime resuming the UFS controller. Hence, only start the RTC update work after runtime power management in the UFS driver has been fully initialized. This patch fixes the following kernel crash: Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP Workqueue: events ufshcd_rtc_work Call trace: _raw_spin_lock_irqsave+0x34/0x8c (P) pm_runtime_get_if_active+0x24/0x9c (L) pm_runtime_get_if_active+0x24/0x9c ufshcd_rtc_work+0x138/0x1b4 process_one_work+0x148/0x288 worker_thread+0x2cc/0x3d4 kthread+0x110/0x114 ret_from_fork+0x10/0x20 Reported-by: Neil Armstrong Closes: https://lore.kernel.org/linux-scsi/0c0bc528-fdc2-4106-bc99-f23ae377f6f5@linaro.org/ Fixes: 6bf999e0eb41 ("scsi: ufs: core: Add UFS RTC support") Cc: Bean Huo Cc: stable@vger.kernel.org Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20241031212632.2799127-1-bvanassche@acm.org Reviewed-by: Peter Wang Reviewed-by: Bean Huo Tested-by: Neil Armstrong # on SM8650-HDK Signed-off-by: Martin K. Petersen commit 08d05cea028276669e44f9a145d55de10ae59547 Merge: 5ccdcdf186aec6 3c1c18551e6ac1 Author: Jakub Kicinski Date: Mon Nov 4 17:48:52 2024 -0800 Merge tag 'linux-can-fixes-for-6.12-20241104' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can Marc Kleine-Budde says: ==================== pull-request: can 2024-11-04 Alexander Hölzl contributes a patch to fix an error in the CAN j1939 documentation. Thomas Mühlbacher's patch allows building of the {cc770,sja1000}_isa drivers on x86_64 again. A patch by me targets the m_can driver and limits the call to free_irq() to devices with IRQs. Dario Binacchi's patch fixes the RX and TX error counters in the c_can driver. The next 2 patches target the rockchip_canfd driver. Geert Uytterhoeven's patch lets the driver depend on ARCH_ROCKCHIP. Jean Delvare's patch drops the obsolete dependency on COMPILE_TEST. The last 2 patches are by me and fix 2 regressions in the mcp251xfd driver: fix broken coalescing configuration when switching CAN modes and fix the length calculation of the Transmit Event FIFO (TEF) on full TEF. * tag 'linux-can-fixes-for-6.12-20241104' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can: can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing configuration when switching CAN modes can: rockchip_canfd: Drop obsolete dependency on COMPILE_TEST can: rockchip_canfd: CAN_ROCKCHIP_CANFD should depend on ARCH_ROCKCHIP can: c_can: fix {rx,tx}_errors statistics can: m_can: m_can_close(): don't call free_irq() for IRQ-less devices can: {cc770,sja1000}_isa: allow building on x86_64 can: j1939: fix error in J1939 documentation. ==================== Link: https://patch.msgid.link/20241104200120.393312-1-mkl@pengutronix.de Signed-off-by: Jakub Kicinski commit 2e1b3cc9d7f790145a80cb705b168f05dab65df2 Merge: 557329bcecc2f5 bbfbb579586359 Author: Linus Torvalds Date: Mon Nov 4 15:23:26 2024 -1000 Merge tag 'arm-fixes-6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull SoC fixes from Arnd Bergmann: "Where the last set of fixes was mostly drivers, this time the devicetree changes all come at once, targeting mostly the Rockchips, Qualcomm and NXP platforms. The Qualcomm bugfixes target the Snapdragon X Elite laptops, specifically problems with PCIe and NVMe support to improve reliability, and a boot regresion on msm8939. Also for Snapdragon platforms, there are a number of correctness changes in the several platform specific device drivers, but none of these are as impactful. On the NXP i.MX platform, the fixes are all for 64-bit i.MX8 variants, correcting individual entries in the devicetree that were incorrect and causing the media, video, mmc and spi drivers to misbehave in minor ways. The Arm SCMI firmware driver gets fixes for a use-after-free bug and for correctly parsing firmware information. On the RISC-V side, there are three minor devicetree fixes for starfive and sophgo, again addressing only minor mistakes. One device driver patch fixes a problem with spurious interrupt handling" * tag 'arm-fixes-6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (63 commits) firmware: arm_scmi: Use vendor string in max-rx-timeout-ms dt-bindings: firmware: arm,scmi: Add missing vendor string riscv: dts: Replace deprecated snps,nr-gpios property for snps,dw-apb-gpio-port devices arm64: dts: rockchip: Correct GPIO polarity on brcm BT nodes arm64: dts: rockchip: Drop invalid clock-names from es8388 codec nodes ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin ARM: dts: rockchip: Fix the spi controller on rk3036 ARM: dts: rockchip: drop grf reference from rk3036 hdmi ARM: dts: rockchip: fix rk3036 acodec node arm64: dts: rockchip: remove orphaned pinctrl-names from pinephone pro soc: qcom: pmic_glink: Handle GLINK intent allocation rejections rpmsg: glink: Handle rejected intent request better arm64: dts: qcom: x1e80100: fix PCIe5 interconnect arm64: dts: qcom: x1e80100: fix PCIe4 interconnect arm64: dts: qcom: x1e80100: Fix up BAR spaces MAINTAINERS: invert Misc RISC-V SoC Support's pattern soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() arm64: dts: qcom: x1e80100-qcp: fix nvme regulator boot glitch arm64: dts: qcom: x1e80100-microsoft-romulus: fix nvme regulator boot glitch arm64: dts: qcom: x1e80100-yoga-slim7x: fix nvme regulator boot glitch ... commit 0a77d947f599b1f39065015bec99390d0c0022ee Author: Namjae Jeon Date: Mon Nov 4 13:43:06 2024 +0900 ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbd_work_cache”. It will cause OOM issue. ksmbd has a credit mechanism but it can't handle this problem. This patch add the check if it exceeds max credits to prevent this problem by assuming that one smb request consumes at least one credit. Cc: stable@vger.kernel.org # v5.15+ Reported-by: Norbert Szetei Tested-by: Norbert Szetei Signed-off-by: Namjae Jeon Signed-off-by: Steve French commit b8fc56fbca7482c1e5c0e3351c6ae78982e25ada Author: Namjae Jeon Date: Mon Nov 4 13:40:41 2024 +0900 ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp ksmbd_user_session_put should be called under smb3_preauth_hash_rsp(). It will avoid freeing session before calling smb3_preauth_hash_rsp(). Cc: stable@vger.kernel.org # v5.15+ Reported-by: Norbert Szetei Tested-by: Norbert Szetei Signed-off-by: Namjae Jeon Signed-off-by: Steve French commit 0a77715db22611df50b178374c51e2ba0d58866e Author: Namjae Jeon Date: Sat Nov 2 18:46:38 2024 +0900 ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create There is a race condition between ksmbd_smb2_session_create and ksmbd_expire_session. This patch add missing sessions_table_lock while adding/deleting session from global session table. Cc: stable@vger.kernel.org # v5.15+ Reported-by: Norbert Szetei Tested-by: Norbert Szetei Signed-off-by: Namjae Jeon Signed-off-by: Steve French commit 92447aa5f6e7fbad9427a3fd1bb9e0679c403206 Author: Rafael J. Wysocki Date: Mon Nov 4 19:53:53 2024 +0100 cpufreq: intel_pstate: Update asym capacity for CPUs that were offline initially Commit 929ebc93ccaa ("cpufreq: intel_pstate: Set asymmetric CPU capacity on hybrid systems") overlooked a corner case in which some CPUs may be offline to start with and brought back online later, after the intel_pstate driver has been registered, so their asymmetric capacity will not be set. Address this by calling hybrid_update_capacity() in the CPU initialization path that is executed instead of the online path for those CPUs. Note that this asymmetric capacity update will be skipped during driver initialization and mode switches because hybrid_max_perf_cpu is NULL in those cases. Fixes: 929ebc93ccaa ("cpufreq: intel_pstate: Set asymmetric CPU capacity on hybrid systems") Signed-off-by: Rafael J. Wysocki Link: https://patch.msgid.link/1913414.tdWV9SEqCh@rjwysocki.net commit a97e293e077a3e8f41e8972e593b34d0052b9e25 Author: Rafael J. Wysocki Date: Mon Nov 4 19:51:28 2024 +0100 cpufreq: intel_pstate: Clear hybrid_max_perf_cpu before driver registration Modify intel_pstate_register_driver() to clear hybrid_max_perf_cpu before calling cpufreq_register_driver(), so that asymmetric CPU capacity scaling is not updated until hybrid_init_cpu_capacity_scaling() runs down the road. This is done in preparation for a subsequent change adding asymmetric CPU capacity computation to the CPU init path to handle CPUs that are initially offline. The information on whether or not hybrid_max_perf_cpu was NULL before it has been cleared is passed to hybrid_init_cpu_capacity_scaling(), so full initialization of CPU capacity scaling can be skipped if it has been carried out already. No intentional functional impact. Signed-off-by: Rafael J. Wysocki Link: https://patch.msgid.link/4616631.LvFx2qVVIh@rjwysocki.net commit 6d1c69945ce63a9fba22a4abf646cf960d878782 Author: Breno Leitao Date: Mon Nov 4 04:24:40 2024 -0800 nvme/host: Fix RCU list traversal to use SRCU primitive The code currently uses list_for_each_entry_rcu() while holding an SRCU lock, triggering false positive warnings with CONFIG_PROVE_RCU=y enabled: drivers/nvme/host/core.c:3770 RCU-list traversed in non-reader section!! While the list is properly protected by SRCU lock, the code uses the wrong list traversal primitive. Replace list_for_each_entry_rcu() with list_for_each_entry_srcu() to correctly indicate SRCU-based protection and eliminate the false warning. Fixes: be647e2c76b2 ("nvme: use srcu for iterating namespace list") Signed-off-by: Breno Leitao Reviewed-by: Christoph Hellwig Signed-off-by: Keith Busch commit b8473723272e346e22aa487b9046fd324b73a0a5 Author: Vitaly Lifshits Date: Tue Oct 1 20:08:48 2024 +0300 e1000e: Remove Meteor Lake SMBUS workarounds This is a partial revert to commit 76a0a3f9cc2f ("e1000e: fix force smbus during suspend flow"). That commit fixed a sporadic PHY access issue but introduced a regression in runtime suspend flows. The original issue on Meteor Lake systems was rare in terms of the reproduction rate and the number of the systems affected. After the integration of commit 0a6ad4d9e169 ("e1000e: avoid failing the system during pm_suspend"), PHY access loss can no longer cause a system-level suspend failure. As it only occurs when the LAN cable is disconnected, and is recovered during system resume flow. Therefore, its functional impact is low, and the priority is given to stabilizing runtime suspend. Fixes: 76a0a3f9cc2f ("e1000e: fix force smbus during suspend flow") Signed-off-by: Vitaly Lifshits Tested-by: Avigail Dahan Signed-off-by: Tony Nguyen commit f30490e9695ef7da3d0899c6a0293cc7cd373567 Author: Aleksandr Loktionov Date: Wed Oct 16 11:30:11 2024 +0200 i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under heavy load when multiple threads are concurrently modifying MAC/VLAN filters by setting mac and port VLAN. 1. Thread T0 allocates a filter in i40e_add_filter() within i40e_ndo_set_vf_port_vlan(). 2. Thread T1 concurrently frees the filter in __i40e_del_filter() within i40e_ndo_set_vf_mac(). 3. Subsequently, i40e_service_task() calls i40e_sync_vsi_filters(), which refers to the already freed filter memory, causing corruption. Reproduction steps: 1. Spawn multiple VFs. 2. Apply a concurrent heavy load by running parallel operations to change MAC addresses on the VFs and change port VLANs on the host. 3. Observe errors in dmesg: "Error I40E_AQ_RC_ENOSPC adding RX filters on VF XX, please set promiscuous on manually for VF XX". Exact code for stable reproduction Intel can't open-source now. The fix involves implementing a new intermediate filter state, I40E_FILTER_NEW_SYNC, for the time when a filter is on a tmp_add_list. These filters cannot be deleted from the hash list directly but must be removed using the full process. Fixes: 278e7d0b9d68 ("i40e: store MAC/VLAN filters in a hash with the MAC Address as key") Signed-off-by: Aleksandr Loktionov Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Reviewed-by: Michal Schmidt Tested-by: Michal Schmidt Signed-off-by: Tony Nguyen commit 9b58031ff96b84a38d7b73b23c7ecfb2e0557f43 Author: Pavan Kumar Linga Date: Fri Oct 25 11:38:43 2024 -0700 idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases all the resources and waits for the reset to complete. Once the reset is done, it tries to build the resources back. At this time if the device control plane is not yet started, then the driver timeouts on the virtchnl message and retries to establish the mailbox again. In the retry flow, mailbox is deinitialized but the mailbox workqueue is still alive and polling for the mailbox message. This results in accessing the released control queue leading to null-ptr-deref. Fix it by unrolling the work queue cancellation and mailbox deinitialization in the reverse order which they got initialized. Fixes: 4930fbf419a7 ("idpf: add core init and interrupt request") Fixes: 34c21fa894a1 ("idpf: implement virtchnl transaction manager") Cc: stable@vger.kernel.org # 6.9+ Reviewed-by: Tarun K Singh Signed-off-by: Pavan Kumar Linga Tested-by: Krishneil Singh Signed-off-by: Tony Nguyen commit 81d2fb4c7c18a3b36ba3e00b9d5b753107472d75 Author: Pavan Kumar Linga Date: Fri Oct 25 11:38:42 2024 -0700 idpf: avoid vport access in idpf_get_link_ksettings When the device control plane is removed or the platform running device control plane is rebooted, a reset is detected on the driver. On driver reset, it releases the resources and waits for the reset to complete. If the reset fails, it takes the error path and releases the vport lock. At this time if the monitoring tools tries to access link settings, it call traces for accessing released vport pointer. To avoid it, move link_speed_mbps to netdev_priv structure which removes the dependency on vport pointer and the vport lock in idpf_get_link_ksettings. Also use netif_carrier_ok() to check the link status and adjust the offsetof to use link_up instead of link_speed_mbps. Fixes: 02cbfba1add5 ("idpf: add ethtool callbacks") Cc: stable@vger.kernel.org # 6.7+ Reviewed-by: Tarun K Singh Signed-off-by: Pavan Kumar Linga Tested-by: Krishneil Singh Signed-off-by: Tony Nguyen commit 64502dac974a5d9951d16015fa2e16a14e5f2bb2 Author: Mateusz Polchlopek Date: Mon Oct 28 12:59:22 2024 -0400 ice: change q_index variable type to s16 to store -1 value Fix Flow Director not allowing to re-map traffic to 0th queue when action is configured to drop (and vice versa). The current implementation of ethtool callback in the ice driver forbids change Flow Director action from 0 to -1 and from -1 to 0 with an error, e.g: # ethtool -U eth2 flow-type tcp4 src-ip 1.1.1.1 loc 1 action 0 # ethtool -U eth2 flow-type tcp4 src-ip 1.1.1.1 loc 1 action -1 rmgr: Cannot insert RX class rule: Invalid argument We set the value of `u16 q_index = 0` at the beginning of the function ice_set_fdir_input_set(). In case of "drop traffic" action (which is equal to -1 in ethtool) we store the 0 value. Later, when want to change traffic rule to redirect to queue with index 0 it returns an error caused by duplicate found. Fix this behaviour by change of the type of field `q_index` from u16 to s16 in `struct ice_fdir_fltr`. This allows to store -1 in the field in case of "drop traffic" action. What is more, change the variable type in the function ice_set_fdir_input_set() and assign at the beginning the new `#define ICE_FDIR_NO_QUEUE_IDX` which is -1. Later, if the action is set to another value (point specific queue index) the variable value is overwritten in the function. Fixes: cac2a27cd9ab ("ice: Support IPv4 Flow Director filters") Reviewed-by: Przemek Kitszel Signed-off-by: Mateusz Polchlopek Reviewed-by: Simon Horman Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit e9942bfe493108bceb64a91c2a832412524e8b78 Author: Marcin Szycik Date: Wed Oct 9 17:18:35 2024 +0200 ice: Fix use after free during unload with ports in bridge Unloading the ice driver while switchdev port representors are added to a bridge can lead to kernel panic. Reproducer: modprobe ice devlink dev eswitch set $PF1_PCI mode switchdev ip link add $BR type bridge ip link set $BR up echo 2 > /sys/class/net/$PF1/device/sriov_numvfs sleep 2 ip link set $PF1 master $BR ip link set $VF1_PR master $BR ip link set $VF2_PR master $BR ip link set $PF1 up ip link set $VF1_PR up ip link set $VF2_PR up ip link set $VF1 up rmmod irdma ice When unloading the driver, ice_eswitch_detach() is eventually called as part of VF freeing. First, it removes a port representor from xarray, then unregister_netdev() is called (via repr->ops.rem()), finally representor is deallocated. The problem comes from the bridge doing its own deinit at the same time. unregister_netdev() triggers a notifier chain, resulting in ice_eswitch_br_port_deinit() being called. It should set repr->br_port = NULL, but this does not happen since repr has already been removed from xarray and is not found. Regardless, it finishes up deallocating br_port. At this point, repr is still not freed and an fdb event can happen, in which ice_eswitch_br_fdb_event_work() takes repr->br_port and tries to use it, which causes a panic (use after free). Note that this only happens with 2 or more port representors added to the bridge, since with only one representor port, the bridge deinit is slightly different (ice_eswitch_br_port_deinit() is called via ice_eswitch_br_ports_flush(), not ice_eswitch_br_port_unlink()). Trace: Oops: general protection fault, probably for non-canonical address 0xf129010fd1a93284: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: maybe wild-memory-access in range [0x8948287e8d499420-0x8948287e8d499427] (...) Workqueue: ice_bridge_wq ice_eswitch_br_fdb_event_work [ice] RIP: 0010:__rht_bucket_nested+0xb4/0x180 (...) Call Trace: (...) ice_eswitch_br_fdb_find+0x3fa/0x550 [ice] ? __pfx_ice_eswitch_br_fdb_find+0x10/0x10 [ice] ice_eswitch_br_fdb_event_work+0x2de/0x1e60 [ice] ? __schedule+0xf60/0x5210 ? mutex_lock+0x91/0xe0 ? __pfx_ice_eswitch_br_fdb_event_work+0x10/0x10 [ice] ? ice_eswitch_br_update_work+0x1f4/0x310 [ice] (...) A workaround is available: brctl setageing $BR 0, which stops the bridge from adding fdb entries altogether. Change the order of operations in ice_eswitch_detach(): move the call to unregister_netdev() before removing repr from xarray. This way repr->br_port will be correctly set to NULL in ice_eswitch_br_port_deinit(), preventing a panic. Fixes: fff292b47ac1 ("ice: add VF representors one by one") Reviewed-by: Michal Swiatkowski Reviewed-by: Paul Menzel Signed-off-by: Marcin Szycik Tested-by: Sujai Buvaneswaran Signed-off-by: Tony Nguyen commit 04de7589e0a95167d803ecadd115235ba2c14997 Author: David Gstir Date: Tue Oct 29 12:34:01 2024 +0100 KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation When sealing or unsealing a key blob we currently do not wait for the AEAD cipher operation to finish and simply return after submitting the request. If there is some load on the system we can exit before the cipher operation is done and the buffer we read from/write to is already removed from the stack. This will e.g. result in NULL pointer dereference errors in the DCP driver during blob creation. Fix this by waiting for the AEAD cipher operation to finish before resuming the seal and unseal calls. Cc: stable@vger.kernel.org # v6.10+ Fixes: 0e28bf61a5f9 ("KEYS: trusted: dcp: fix leak of blob encryption key") Reported-by: Parthiban N Closes: https://lore.kernel.org/keyrings/254d3bb1-6dbc-48b4-9c08-77df04baee2f@linumiz.com/ Signed-off-by: David Gstir Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen commit 4a74da044ec9ec8679e6beccc4306b936b62873f Author: Chen Ridong Date: Tue Oct 8 12:46:39 2024 +0000 security/keys: fix slab-out-of-bounds in key_task_permission KASAN reports an out of bounds read: BUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36 BUG: KASAN: slab-out-of-bounds in uid_eq include/linux/uidgid.h:63 [inline] BUG: KASAN: slab-out-of-bounds in key_task_permission+0x394/0x410 security/keys/permission.c:54 Read of size 4 at addr ffff88813c3ab618 by task stress-ng/4362 CPU: 2 PID: 4362 Comm: stress-ng Not tainted 5.10.0-14930-gafbffd6c3ede #15 Call Trace: __dump_stack lib/dump_stack.c:82 [inline] dump_stack+0x107/0x167 lib/dump_stack.c:123 print_address_description.constprop.0+0x19/0x170 mm/kasan/report.c:400 __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560 kasan_report+0x3a/0x50 mm/kasan/report.c:585 __kuid_val include/linux/uidgid.h:36 [inline] uid_eq include/linux/uidgid.h:63 [inline] key_task_permission+0x394/0x410 security/keys/permission.c:54 search_nested_keyrings+0x90e/0xe90 security/keys/keyring.c:793 This issue was also reported by syzbot. It can be reproduced by following these steps(more details [1]): 1. Obtain more than 32 inputs that have similar hashes, which ends with the pattern '0xxxxxxxe6'. 2. Reboot and add the keys obtained in step 1. The reproducer demonstrates how this issue happened: 1. In the search_nested_keyrings function, when it iterates through the slots in a node(below tag ascend_to_node), if the slot pointer is meta and node->back_pointer != NULL(it means a root), it will proceed to descend_to_node. However, there is an exception. If node is the root, and one of the slots points to a shortcut, it will be treated as a keyring. 2. Whether the ptr is keyring decided by keyring_ptr_is_keyring function. However, KEYRING_PTR_SUBTYPE is 0x2UL, the same as ASSOC_ARRAY_PTR_SUBTYPE_MASK. 3. When 32 keys with the similar hashes are added to the tree, the ROOT has keys with hashes that are not similar (e.g. slot 0) and it splits NODE A without using a shortcut. When NODE A is filled with keys that all hashes are xxe6, the keys are similar, NODE A will split with a shortcut. Finally, it forms the tree as shown below, where slot 6 points to a shortcut. NODE A +------>+---+ ROOT | | 0 | xxe6 +---+ | +---+ xxxx | 0 | shortcut : : xxe6 +---+ | +---+ xxe6 : : | | | xxe6 +---+ | +---+ | 6 |---+ : : xxe6 +---+ +---+ xxe6 : : | f | xxe6 +---+ +---+ xxe6 | f | +---+ 4. As mentioned above, If a slot(slot 6) of the root points to a shortcut, it may be mistakenly transferred to a key*, leading to a read out-of-bounds read. To fix this issue, one should jump to descend_to_node if the ptr is a shortcut, regardless of whether the node is root or not. [1] https://lore.kernel.org/linux-kernel/1cfa878e-8c7b-4570-8606-21daf5e13ce7@huaweicloud.com/ [jarkko: tweaked the commit message a bit to have an appropriate closes tag.] Fixes: b2a4df200d57 ("KEYS: Expand the capacity of a keyring") Reported-by: syzbot+5b415c07907a2990d1a3@syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/000000000000cbb7860611f61147@google.com/T/ Signed-off-by: Chen Ridong Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen commit 557329bcecc2f55e134db8974953b32b69db9d15 Merge: a0339404fd2753 c4dedaaeb3f78d Author: Linus Torvalds Date: Mon Nov 4 08:07:22 2024 -1000 Merge tag 'mmc-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc Pull mmc fixes from Ulf Hansson: - sdhci-pci-gli: A couple of fixes for low power mode on GL9767 * tag 'mmc-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc: mmc: sdhci-pci-gli: GL9767: Fix low power mode in the SD Express process mmc: sdhci-pci-gli: GL9767: Fix low power mode on the set clock function commit a0339404fd2753c042eb7ea11bd3288dbfc38107 Merge: 59b723cd2adbac 9265fed6db601e Author: Linus Torvalds Date: Mon Nov 4 08:00:14 2024 -1000 Merge tag 'tpmdd-next-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd Pull tpm fix from Jarkko Sakkinen: "Fix a race condition between tpm_pm_suspend() and tpm_hwrng_read() (I think for good now)" * tag 'tpmdd-next-6.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd: tpm: Lock TPM chip in tpm_pm_suspend() first commit 74e1006430a5377228e49310f6d915628609929e Author: Kenneth Feng Date: Wed Oct 30 13:22:44 2024 +0800 drm/amd/pm: correct the workload setting Correct the workload setting in order not to mix the setting with the end user. Update the workload mask accordingly. v2: changes as below: 1. the end user can not erase the workload from driver except default workload. 2. always shows the real highest priority workoad to the end user. 3. the real workload mask is combined with driver workload mask and end user workload mask. v3: apply this to the other ASICs as well. v4: simplify the code v5: refine the code based on the review comments. Signed-off-by: Kenneth Feng Acked-by: Alex Deucher Signed-off-by: Alex Deucher (cherry picked from commit 8cc438be5d49b8326b2fcade0bdb7e6a97df9e0b) Cc: stable@vger.kernel.org # 6.11.x commit 1356bfc54c8d4c8e7c9fb8553dc8c28e9714b07b Author: Kenneth Feng Date: Fri Nov 1 11:55:25 2024 +0800 drm/amd/pm: always pick the pptable from IFWI always pick the pptable from IFWI on smu v14.0.2/3 Signed-off-by: Kenneth Feng Reviewed-by: Yang Wang Signed-off-by: Alex Deucher (cherry picked from commit 136ce12bd5907388cb4e9aa63ee5c9c8c441640b) Cc: stable@vger.kernel.org # 6.11.x commit a6dd15981c03f2cdc9a351a278f09b5479d53d2e Author: Antonio Quartulli Date: Thu Oct 31 16:28:48 2024 +0100 drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported acpi_evaluate_object() may return AE_NOT_FOUND (failure), which would result in dereferencing buffer.pointer (obj) while being NULL. Although this case may be unrealistic for the current code, it is still better to protect against possible bugs. Bail out also when status is AE_NOT_FOUND. This fixes 1 FORWARD_NULL issue reported by Coverity Report: CID 1600951: Null pointer dereferences (FORWARD_NULL) Signed-off-by: Antonio Quartulli Fixes: c9b7c809b89f ("drm/amd: Guard against bad data for ATIF ACPI method") Reviewed-by: Mario Limonciello Link: https://lore.kernel.org/r/20241031152848.4716-1-antonio@mandelbit.com Signed-off-by: Mario Limonciello Signed-off-by: Alex Deucher (cherry picked from commit 91c9e221fe2553edf2db71627d8453f083de87a1) Cc: stable@vger.kernel.org commit 694c79769cb384bca8b1ec1d1e84156e726bd106 Author: Aurabindo Pillai Date: Fri Oct 18 10:52:16 2024 -0400 drm/amd/display: parse umc_info or vram_info based on ASIC An upstream bug report suggests that there are production dGPUs that are older than DCN401 but still have a umc_info in VBIOS tables with the same version as expected for a DCN401 product. Hence, reading this tables should be guarded with a version check. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3678 Reviewed-by: Dillon Varone Signed-off-by: Aurabindo Pillai Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher (cherry picked from commit 2551b4a321a68134360b860113dd460133e856e5) Fixes: 00c391102abc ("drm/amd/display: Add misc DC changes for DCN401") Cc: stable@vger.kernel.org # 6.11.x commit 4f26c95ffc21a91281429ed60180619bae19ae92 Author: Tom Chung Date: Wed Oct 9 17:09:38 2024 +0800 drm/amd/display: Fix brightness level not retained over reboot [Why] During boot up and resume the DC layer will reset the panel brightness to fix a flicker issue. It will cause the dm->actual_brightness is not the current panel brightness level. (the dm->brightness is the correct panel level) [How] Set the backlight level after do the set mode. Cc: Mario Limonciello Cc: Alex Deucher Fixes: d9e865826c20 ("drm/amd/display: Simplify brightness initialization") Reported-by: Mark Herbert Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3655 Reviewed-by: Sun peng Li Signed-off-by: Tom Chung Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher (cherry picked from commit 7875afafba84817b791be6d2282b836695146060) Cc: stable@vger.kernel.org commit 3c1c18551e6ac1b988d0a05c5650e3f6c95a1b8a Author: Marc Kleine-Budde Date: Tue Oct 1 16:56:22 2024 +0200 can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation Commit b8e0ddd36ce9 ("can: mcp251xfd: tef: prepare to workaround broken TEF FIFO tail index erratum") introduced mcp251xfd_get_tef_len() to get the number of unhandled transmit events from the Transmit Event FIFO (TEF). As the TEF has no head pointer, the driver uses the TX FIFO's tail pointer instead, assuming that send frames are completed. However the check for the TEF being full was not correct. This leads to the driver stop working if the TEF is full. Fix the TEF full check by assuming that if, from the driver's point of view, there are no free TX buffers in the chip and the TX FIFO is empty, all messages must have been sent and the TEF must therefore be full. Reported-by: Sven Schuchmann Closes: https://patch.msgid.link/FR3P281MB155216711EFF900AD9791B7ED9692@FR3P281MB1552.DEUP281.PROD.OUTLOOK.COM Fixes: b8e0ddd36ce9 ("can: mcp251xfd: tef: prepare to workaround broken TEF FIFO tail index erratum") Tested-by: Sven Schuchmann Cc: stable@vger.kernel.org Link: https://patch.msgid.link/20241104-mcp251xfd-fix-length-calculation-v3-1-608b6e7e2197@pengutronix.de Signed-off-by: Marc Kleine-Budde commit eb9a839b3d8a989be5970035a5cf29bcd6ffd24d Author: Marc Kleine-Budde Date: Fri Oct 25 14:34:40 2024 +0200 can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing configuration when switching CAN modes Since commit 50ea5449c563 ("can: mcp251xfd: fix ring configuration when switching from CAN-CC to CAN-FD mode"), the current ring and coalescing configuration is passed to can_ram_get_layout(). That fixed the issue when switching between CAN-CC and CAN-FD mode with configured ring (rx, tx) and/or coalescing parameters (rx-frames-irq, tx-frames-irq). However 50ea5449c563 ("can: mcp251xfd: fix ring configuration when switching from CAN-CC to CAN-FD mode"), introduced a regression when switching CAN modes with disabled coalescing configuration: Even if the previous CAN mode has no coalescing configured, the new mode is configured with active coalescing. This leads to delayed receiving of CAN-FD frames. This comes from the fact, that ethtool uses usecs = 0 and max_frames = 1 to disable coalescing, however the driver uses internally priv->{rx,tx}_obj_num_coalesce_irq = 0 to indicate disabled coalescing. Fix the regression by assigning struct ethtool_coalesce ec->{rx,tx}_max_coalesced_frames_irq = 1 if coalescing is disabled in the driver as can_ram_get_layout() expects this. Reported-by: https://github.com/vdh-robothania Closes: https://github.com/raspberrypi/linux/issues/6407 Fixes: 50ea5449c563 ("can: mcp251xfd: fix ring configuration when switching from CAN-CC to CAN-FD mode") Cc: stable@vger.kernel.org Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241025-mcp251xfd-fix-coalesing-v1-1-9d11416de1df@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 51e102ec23b25e6ca45ed45c3b9be42cb48d63dd Author: Jean Delvare Date: Tue Oct 22 13:04:39 2024 +0200 can: rockchip_canfd: Drop obsolete dependency on COMPILE_TEST Since commit 0166dc11be91 ("of: make CONFIG_OF user selectable"), OF can be enabled on all architectures. Therefore depending on COMPILE_TEST as an alternative is no longer needed. Signed-off-by: Jean Delvare Reviewed-by: Vincent Mailhol Link: https://patch.msgid.link/20241022130439.70d016e9@endymion.delvare Signed-off-by: Marc Kleine-Budde commit 4384b8b6ec4643aa73487bd1dc458e236c320564 Author: Geert Uytterhoeven Date: Tue Sep 24 11:15:31 2024 +0200 can: rockchip_canfd: CAN_ROCKCHIP_CANFD should depend on ARCH_ROCKCHIP The Rockchip CAN-FD controller is only present on Rockchip SoCs. Hence add a dependency on ARCH_ROCKCHIP, to prevent asking the user about this driver when configuring a kernel without Rockchip platform support. Fixes: ff60bfbaf67f219c ("can: rockchip_canfd: add driver for Rockchip CAN-FD controller") Signed-off-by: Geert Uytterhoeven Reviewed-by: Heiko Stuebner Link: https://patch.msgid.link/a4b3c8c1cca9515e67adac83af5ba1b1fab2fcbc.1727169288.git.geert+renesas@glider.be Signed-off-by: Marc Kleine-Budde commit 4d6d26537940f3b3e17138987ed9e4a334780bf7 Author: Dario Binacchi Date: Mon Oct 14 15:53:13 2024 +0200 can: c_can: fix {rx,tx}_errors statistics The c_can_handle_bus_err() function was incorrectly incrementing only the receive error counter, even in cases of bit or acknowledgment errors that occur during transmission. The patch fixes the issue by incrementing the appropriate counter based on the type of error. Fixes: 881ff67ad450 ("can: c_can: Added support for Bosch C_CAN controller") Signed-off-by: Dario Binacchi Link: https://patch.msgid.link/20241014135319.2009782-1-dario.binacchi@amarulasolutions.com Signed-off-by: Marc Kleine-Budde commit e4de81f9e134c78ff7c75a00e43bd819643530d0 Author: Marc Kleine-Budde Date: Mon Sep 30 19:02:30 2024 +0200 can: m_can: m_can_close(): don't call free_irq() for IRQ-less devices In commit b382380c0d2d ("can: m_can: Add hrtimer to generate software interrupt") support for IRQ-less devices was added. Instead of an interrupt, the interrupt routine is called by a hrtimer-based polling loop. That patch forgot to change free_irq() to be only called for devices with IRQs. Fix this, by calling free_irq() conditionally only if an IRQ is available for the device (and thus has been requested previously). Fixes: b382380c0d2d ("can: m_can: Add hrtimer to generate software interrupt") Reviewed-by: Simon Horman Reviewed-by: Markus Schneider-Pargmann Link: https://patch.msgid.link/20240930-m_can-cleanups-v1-1-001c579cdee4@pengutronix.de Cc: # v6.6+ Signed-off-by: Marc Kleine-Budde commit 7b22846f8af5ab2f267de9eb209fb1835ee9978c Author: Thomas Mühlbacher Date: Thu Sep 19 17:35:22 2024 +0000 can: {cc770,sja1000}_isa: allow building on x86_64 The ISA variable is only defined if X86_32 is also defined. However, these drivers are still useful and in use on at least some modern 64-bit x86 industrial systems as well. With the correct module parameters, they work as long as IO port communication is possible, despite their name having ISA in them. Fixes: a29689e60ed3 ("net: handle HAS_IOPORT dependencies") Signed-off-by: Thomas Mühlbacher Link: https://patch.msgid.link/20240919174151.15473-2-tmuehlbacher@posteo.net Cc: stable@vger.kernel.org Signed-off-by: Marc Kleine-Budde commit b6ec62e01aa4229bc9d3861d1073806767ea7838 Author: Alexander Hölzl Date: Wed Oct 23 16:52:57 2024 +0200 can: j1939: fix error in J1939 documentation. The description of PDU1 format usage mistakenly referred to PDU2 format. Signed-off-by: Alexander Hölzl Acked-by: Oleksij Rempel Acked-by: Vincent Mailhol Link: https://patch.msgid.link/20241023145257.82709-1-alexander.hoelzl@gmx.net Signed-off-by: Marc Kleine-Budde commit c0ade5d98979585d4f5a93e4514c2e9a65afa08d Author: Ming-Hung Tsai Date: Tue Oct 22 15:13:54 2024 +0800 dm cache: fix potential out-of-bounds access on the first resume Out-of-bounds access occurs if the fast device is expanded unexpectedly before the first-time resume of the cache table. This happens because expanding the fast device requires reloading the cache table for cache_create to allocate new in-core data structures that fit the new size, and the check in cache_preresume is not performed during the first resume, leading to the issue. Reproduce steps: 1. prepare component devices: dmsetup create cmeta --table "0 8192 linear /dev/sdc 0" dmsetup create cdata --table "0 65536 linear /dev/sdc 8192" dmsetup create corig --table "0 524288 linear /dev/sdc 262144" dd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct 2. load a cache table of 512 cache blocks, and deliberately expand the fast device before resuming the cache, making the in-core data structures inadequate. dmsetup create cache --notable dmsetup reload cache --table "0 524288 cache /dev/mapper/cmeta \ /dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0" dmsetup reload cdata --table "0 131072 linear /dev/sdc 8192" dmsetup resume cdata dmsetup resume cache 3. suspend the cache to write out the in-core dirty bitset and hint array, leading to out-of-bounds access to the dirty bitset at offset 0x40: dmsetup suspend cache KASAN reports: BUG: KASAN: vmalloc-out-of-bounds in is_dirty_callback+0x2b/0x80 Read of size 8 at addr ffffc90000085040 by task dmsetup/90 (...snip...) The buggy address belongs to the virtual mapping at [ffffc90000085000, ffffc90000087000) created by: cache_ctr+0x176a/0x35f0 (...snip...) Memory state around the buggy address: ffffc90000084f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ffffc90000084f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 >ffffc90000085000: 00 00 00 00 00 00 00 00 f8 f8 f8 f8 f8 f8 f8 f8 ^ ffffc90000085080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ffffc90000085100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 Fix by checking the size change on the first resume. Signed-off-by: Ming-Hung Tsai Fixes: f494a9c6b1b6 ("dm cache: cache shrinking support") Cc: stable@vger.kernel.org Signed-off-by: Mikulas Patocka Acked-by: Joe Thornber commit f484697e619a83ecc370443a34746379ad99d204 Author: Ming-Hung Tsai Date: Tue Oct 22 15:13:39 2024 +0800 dm cache: optimize dirty bit checking with find_next_bit when resizing When shrinking the fast device, dm-cache iteratively searches for a dirty bit among the cache blocks to be dropped, which is less efficient. Use find_next_bit instead, as it is twice as fast as the iterative approach with test_bit. Signed-off-by: Ming-Hung Tsai Fixes: f494a9c6b1b6 ("dm cache: cache shrinking support") Cc: stable@vger.kernel.org Signed-off-by: Mikulas Patocka Acked-by: Joe Thornber commit 792227719725497ce10a8039803bec13f89f8910 Author: Ming-Hung Tsai Date: Tue Oct 22 15:13:16 2024 +0800 dm cache: fix out-of-bounds access to the dirty bitset when resizing dm-cache checks the dirty bits of the cache blocks to be dropped when shrinking the fast device, but an index bug in bitset iteration causes out-of-bounds access. Reproduce steps: 1. create a cache device of 1024 cache blocks (128 bytes dirty bitset) dmsetup create cmeta --table "0 8192 linear /dev/sdc 0" dmsetup create cdata --table "0 131072 linear /dev/sdc 8192" dmsetup create corig --table "0 524288 linear /dev/sdc 262144" dd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct dmsetup create cache --table "0 524288 cache /dev/mapper/cmeta \ /dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0" 2. shrink the fast device to 512 cache blocks, triggering out-of-bounds access to the dirty bitset (offset 0x80) dmsetup suspend cache dmsetup reload cdata --table "0 65536 linear /dev/sdc 8192" dmsetup resume cdata dmsetup resume cache KASAN reports: BUG: KASAN: vmalloc-out-of-bounds in cache_preresume+0x269/0x7b0 Read of size 8 at addr ffffc900000f3080 by task dmsetup/131 (...snip...) The buggy address belongs to the virtual mapping at [ffffc900000f3000, ffffc900000f5000) created by: cache_ctr+0x176a/0x35f0 (...snip...) Memory state around the buggy address: ffffc900000f2f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ffffc900000f3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffffc900000f3080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ^ ffffc900000f3100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ffffc900000f3180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 Fix by making the index post-incremented. Signed-off-by: Ming-Hung Tsai Fixes: f494a9c6b1b6 ("dm cache: cache shrinking support") Cc: stable@vger.kernel.org Signed-off-by: Mikulas Patocka Acked-by: Joe Thornber commit 135496c208ba26fd68cdef10b64ed7a91ac9a7ff Author: Ming-Hung Tsai Date: Tue Oct 22 15:12:49 2024 +0800 dm cache: fix flushing uninitialized delayed_work on cache_ctr error An unexpected WARN_ON from flush_work() may occur when cache creation fails, caused by destroying the uninitialized delayed_work waker in the error path of cache_create(). For example, the warning appears on the superblock checksum error. Reproduce steps: dmsetup create cmeta --table "0 8192 linear /dev/sdc 0" dmsetup create cdata --table "0 65536 linear /dev/sdc 8192" dmsetup create corig --table "0 524288 linear /dev/sdc 262144" dd if=/dev/urandom of=/dev/mapper/cmeta bs=4k count=1 oflag=direct dmsetup create cache --table "0 524288 cache /dev/mapper/cmeta \ /dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0" Kernel logs: (snip) WARNING: CPU: 0 PID: 84 at kernel/workqueue.c:4178 __flush_work+0x5d4/0x890 Fix by pulling out the cancel_delayed_work_sync() from the constructor's error path. This patch doesn't affect the use-after-free fix for concurrent dm_resume and dm_destroy (commit 6a459d8edbdb ("dm cache: Fix UAF in destroy()")) as cache_dtr is not changed. Signed-off-by: Ming-Hung Tsai Fixes: 6a459d8edbdb ("dm cache: Fix UAF in destroy()") Cc: stable@vger.kernel.org Signed-off-by: Mikulas Patocka Acked-by: Joe Thornber commit 235d2e739fcbe964c9ce179b4c991025662dcdb6 Author: Ming-Hung Tsai Date: Tue Oct 22 15:12:22 2024 +0800 dm cache: correct the number of origin blocks to match the target length When creating a cache device, the actual size of the cache origin might be greater than the specified cache target length. In such case, the number of origin blocks should match the cache target length, not the full size of the origin device, since access beyond the cache target is not possible. This issue occurs when reducing the origin device size using lvm, as lvreduce preloads the new cache table before resuming the cache origin, which can result in incorrect sizes for the discard bitset and smq hotspot blocks. Reproduce steps: 1. create a cache device consists of 4096 origin blocks dmsetup create cmeta --table "0 8192 linear /dev/sdc 0" dmsetup create cdata --table "0 65536 linear /dev/sdc 8192" dmsetup create corig --table "0 524288 linear /dev/sdc 262144" dd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct dmsetup create cache --table "0 524288 cache /dev/mapper/cmeta \ /dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0" 2. reduce the cache origin to 2048 oblocks, in lvreduce's approach dmsetup reload corig --table "0 262144 linear /dev/sdc 262144" dmsetup reload cache --table "0 262144 cache /dev/mapper/cmeta \ /dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0" dmsetup suspend cache dmsetup suspend corig dmsetup suspend cdata dmsetup suspend cmeta dmsetup resume corig dmsetup resume cdata dmsetup resume cmeta dmsetup resume cache 3. shutdown the cache, and check the number of discard blocks in superblock. The value is expected to be 2048, but actually is 4096. dmsetup remove cache corig cdata cmeta dd if=/dev/sdc bs=1c count=8 skip=224 2>/dev/null | hexdump -e '1/8 "%u\n"' Fix by correcting the origin_blocks initialization in cache_create and removing the unused origin_sectors from struct cache_args accordingly. Signed-off-by: Ming-Hung Tsai Fixes: c6b4fcbad044 ("dm: add cache target") Cc: stable@vger.kernel.org Signed-off-by: Mikulas Patocka Acked-by: Joe Thornber commit a674d0cd56f47628e8057232833cd0654c85d50b Author: Mikulas Patocka Date: Tue Oct 29 12:17:13 2024 +0100 dm-verity: don't crash if panic_on_corruption is not selected If the user sets panic_on_error and doesn't set panic_on_corruption, dm-verity should not panic on data mismatch. But, currently it panics, because it treats data mismatch as I/O error. This commit fixes the logic so that if there is data mismatch and panic_on_corruption or restart_on_corruption is not selected, the system won't restart or panic. Signed-off-by: Mikulas Patocka Reviewed-by: Sami Tolvanen Fixes: f811b83879fb ("dm-verity: introduce the options restart_on_error and panic_on_error") commit 5a4510c762fc04c74cff264cd4d9e9f5bf364bae Author: Zichen Xie Date: Mon Oct 21 14:54:45 2024 -0500 dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow This was found by a static analyzer. There may be a potential integer overflow issue in unstripe_ctr(). uc->unstripe_offset and uc->unstripe_width are defined as "sector_t"(uint64_t), while uc->unstripe, uc->chunk_size and uc->stripes are all defined as "uint32_t". The result of the calculation will be limited to "uint32_t" without correct casting. So, we recommend adding an extra cast to prevent potential integer overflow. Fixes: 18a5bf270532 ("dm: add unstriped target") Signed-off-by: Zichen Xie Signed-off-by: Mikulas Patocka Cc: stable@vger.kernel.org commit 1491efb39acee3848b61fcb3e5cc4be8de304352 Author: Nirmoy Das Date: Tue Oct 29 13:01:17 2024 +0100 drm/xe/guc/tlb: Flush g2h worker in case of tlb timeout Flush the g2h worker explicitly if TLB timeout happens which is observed on LNL and that points to the recent scheduling issue with E-cores on LNL. This is similar to the recent fix: commit e51527233804 ("drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout") and should be removed once there is E core scheduling fix. v2: Add platform check(Himal) v3: Remove gfx platform check as the issue related to cpu platform(John) Use the common WA macro(John) and print when the flush resolves timeout(Matt B) v4: Remove the resolves log and do the flush before taking pending_lock(Matt A) Cc: Badal Nilawar Cc: Matthew Brost Cc: Matthew Auld Cc: John Harrison Cc: Himal Prasad Ghimiray Cc: Lucas De Marchi Cc: stable@vger.kernel.org # v6.11+ Link: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2687 Signed-off-by: Nirmoy Das Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20241029120117.449694-3-nirmoy.das@intel.com Signed-off-by: Lucas De Marchi (cherry picked from commit e1f6fa55664a0eeb0a641f497e1adfcf6672e995) Signed-off-by: Lucas De Marchi commit 7d1e2580ed166f36949b468373b468d188880cd3 Author: Nirmoy Das Date: Tue Oct 29 13:01:16 2024 +0100 drm/xe/ufence: Flush xe ordered_wq in case of ufence timeout Flush xe ordered_wq in case of ufence timeout which is observed on LNL and that points to recent scheduling issue with E-cores. This is similar to the recent fix: commit e51527233804 ("drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout") and should be removed once there is a E-core scheduling fix for LNL. v2: Add platform check(Himal) s/__flush_workqueue/flush_workqueue(Jani) v3: Remove gfx platform check as the issue related to cpu platform(John) v4: Use the Common macro(John) and print when the flush resolves timeout(Matt B) Cc: Badal Nilawar Cc: Matthew Auld Cc: John Harrison Cc: Himal Prasad Ghimiray Cc: Lucas De Marchi Cc: stable@vger.kernel.org # v6.11+ Link: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2754 Suggested-by: Matthew Brost Signed-off-by: Nirmoy Das Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20241029120117.449694-2-nirmoy.das@intel.com Signed-off-by: Lucas De Marchi (cherry picked from commit 38c4c8722bd74452280951edc44c23de47612001) Signed-off-by: Lucas De Marchi commit 55e8a3f37e54eb1c7b914d6d5565a37282ec1978 Author: Nirmoy Das Date: Tue Oct 29 13:01:15 2024 +0100 drm/xe: Move LNL scheduling WA to xe_device.h Move LNL scheduling WA to xe_device.h so this can be used in other places without needing keep the same comment about removal of this WA in the future. The WA, which flushes work or workqueues, is now wrapped in macros and can be reused wherever needed. Cc: Badal Nilawar Cc: Matthew Auld Cc: Matthew Brost Cc: Himal Prasad Ghimiray Cc: Lucas De Marchi cc: stable@vger.kernel.org # v6.11+ Suggested-by: John Harrison Signed-off-by: Nirmoy Das Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20241029120117.449694-1-nirmoy.das@intel.com Signed-off-by: Lucas De Marchi (cherry picked from commit cbe006a6492c01a0058912ae15d473f4c149896c) Signed-off-by: Lucas De Marchi commit 4b468a92ddb2985da66823910a1643349fe6447d Author: Balasubramani Vivekanandan Date: Tue Oct 8 13:06:28 2024 +0530 drm/xe: Use the filelist from drm for ccs_mode change Drop the exclusive client count tracking and use the filelist from the drm to track the active clients. This also ensures the clients created internally by the driver won't block changing the ccs mode. Fixes: ce8c161cbad4 ("drm/xe: Add ref counting for xe_file") Signed-off-by: Balasubramani Vivekanandan Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20241008073628.377433-3-balasubramani.vivekanandan@intel.com Signed-off-by: Lucas De Marchi (cherry picked from commit 1c35f1ed1fe3c649f8c16214d0d3dd828b5265d9) Signed-off-by: Lucas De Marchi commit 7fd3fa006fa56c0ec299c61ecf5c572c723adad5 Author: Balasubramani Vivekanandan Date: Tue Oct 8 13:06:27 2024 +0530 drm/xe: Set mask bits for CCS_MODE register CCS_MODE register requires setting mask bits from Xe2+ platforms. Set the mask bits unconditionally, as those bits are unused for older platforms. Signed-off-by: Balasubramani Vivekanandan Cc: stable@vger.kernel.org # v6.11+ Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20241008073628.377433-2-balasubramani.vivekanandan@intel.com Signed-off-by: Lucas De Marchi (cherry picked from commit 23ea2c7572d4735ef66beb1e4feb8ae510b78247) [ Fix conflict with mmio refactors ] Signed-off-by: Lucas De Marchi commit 5469a8deac05391781bcd27e7c40f2c35121ca09 Merge: 59b723cd2adbac 725f31f300e300 Author: Rafael J. Wysocki Date: Mon Nov 4 17:03:04 2024 +0100 Merge tag 'thermal-v6.12-rc7' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/thermal/linux Merge thermal driver fixes for 6.12-rc7 from Daniel Lezcano: "- Remove a false lockdep backtrace in the LMh driver (Dmitry Baryshkov) - Fix sampling handler context ptr in the libthermal (Emil Dahl Juhl) - Remove the thermal soft link when doing a make clean. The link is created at compilation time (Zhang Jiao) - Accept thermal zone without trip points as stated in the bindings, otherwise the thermal zone fails to initialize (Icenowy Zheng)" * tag 'thermal-v6.12-rc7' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/thermal/linux: thermal/of: support thermal zones w/o trips subnode tools/lib/thermal: Remove the thermal.h soft link when doing make clean tools/lib/thermal: Fix sampling handler context ptr thermal/drivers/qcom/lmh: Remove false lockdep backtrace commit 867da60d463bb2a3e28c9235c487e56e96cffa00 Author: Mike Snitzer Date: Fri Oct 18 17:15:41 2024 -0400 nfs: avoid i_lock contention in nfs_clear_invalid_mapping Multi-threaded buffered reads to the same file exposed significant inode spinlock contention in nfs_clear_invalid_mapping(). Eliminate this spinlock contention by checking flags without locking, instead using smp_rmb and smp_load_acquire accordingly, but then take spinlock and double-check these inode flags. Also refactor nfs_set_cache_invalid() slightly to use smp_store_release() to pair with nfs_clear_invalid_mapping()'s smp_load_acquire(). While this fix is beneficial for all multi-threaded buffered reads issued by an NFS client, this issue was identified in the context of surprisingly low LOCALIO performance with 4K multi-threaded buffered read IO. This fix dramatically speeds up LOCALIO performance: before: read: IOPS=1583k, BW=6182MiB/s (6482MB/s)(121GiB/20002msec) after: read: IOPS=3046k, BW=11.6GiB/s (12.5GB/s)(232GiB/20001msec) Fixes: 17dfeb911339 ("NFS: Fix races in nfs_revalidate_mapping") Signed-off-by: Mike Snitzer Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit bc2940869508b7b956a757a26d3b1ebf9546790e Author: Mike Snitzer Date: Wed Oct 23 16:34:42 2024 -0400 nfs_common: fix localio to cope with racing nfs_local_probe() Fix the possibility of racing nfs_local_probe() resulting in: list_add double add: new=ffff8b99707f9f58, prev=ffff8b99707f9f58, next=ffffffffc0f30000. ------------[ cut here ]------------ kernel BUG at lib/list_debug.c:35! Add nfs_uuid_init() to properly initialize all nfs_uuid_t members (particularly its list_head). Switch to returning bool from nfs_uuid_begin(), returns false if nfs_uuid_t is already in-use (its list_head is on a list). Update nfs_local_probe() to return early if the nfs_client's cl_uuid (nfs_uuid_t) is in-use. Also, switch nfs_uuid_begin() from using list_add_tail_rcu() to list_add_tail() -- rculist was used in an earlier version of the localio code that had a lockless nfs_uuid_lookup interface. Signed-off-by: Mike Snitzer Signed-off-by: Anna Schumaker commit 40f45ab3814f2aff1ddada629c910aad982fc8e1 Author: Trond Myklebust Date: Wed Oct 23 17:05:48 2024 -0400 NFS: Further fixes to attribute delegation a/mtime changes When asked to set both an atime and an mtime to the current system time, ensure that the setting is atomic by calling inode_update_timestamps() only once with the appropriate flags. Fixes: e12912d94137 ("NFSv4: Add support for delegated atime and mtime attributes") Signed-off-by: Trond Myklebust Signed-off-by: Anna Schumaker commit d054c5eb2890633935c23c371f45fb2d6b3b4b64 Author: Trond Myklebust Date: Wed Oct 23 09:35:43 2024 -0400 NFS: Fix attribute delegation behaviour on exclusive create When the client does an exclusive create and the server decides to store the verifier in the timestamps, a SETATTR is subsequently sent to fix up those timestamps. When that is the case, suppress the exceptions for attribute delegations in nfs4_bitmap_copy_adjust(). Fixes: 32215c1f893a ("NFSv4: Don't request atime/mtime/size if they are delegated to us") Signed-off-by: Trond Myklebust Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit dc270d7159699ad6d11decadfce9633f0f71c1db Author: Roberto Sassu Date: Fri Oct 25 16:03:27 2024 +0200 nfs: Fix KMSAN warning in decode_getfattr_attrs() Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: [B]=BAD_PAGE Hardware name: QEMU Standard PC (Q35 + ICH9, 2009) ===================================================== ===================================================== BUG: KMSAN: uninit-value in decode_getfattr_attrs+0x2d6d/0x2f90 decode_getfattr_attrs+0x2d6d/0x2f90 decode_getfattr_generic+0x806/0xb00 nfs4_xdr_dec_getattr+0x1de/0x240 rpcauth_unwrap_resp_decode+0xab/0x100 rpcauth_unwrap_resp+0x95/0xc0 call_decode+0x4ff/0xb50 __rpc_execute+0x57b/0x19d0 rpc_execute+0x368/0x5e0 rpc_run_task+0xcfe/0xee0 nfs4_proc_getattr+0x5b5/0x990 __nfs_revalidate_inode+0x477/0xd00 nfs_access_get_cached+0x1021/0x1cc0 nfs_do_access+0x9f/0xae0 nfs_permission+0x1e4/0x8c0 inode_permission+0x356/0x6c0 link_path_walk+0x958/0x1330 path_lookupat+0xce/0x6b0 filename_lookup+0x23e/0x770 vfs_statx+0xe7/0x970 vfs_fstatat+0x1f2/0x2c0 __se_sys_newfstatat+0x67/0x880 __x64_sys_newfstatat+0xbd/0x120 x64_sys_call+0x1826/0x3cf0 do_syscall_64+0xd0/0x1b0 entry_SYSCALL_64_after_hwframe+0x77/0x7f The KMSAN warning is triggered in decode_getfattr_attrs(), when calling decode_attr_mdsthreshold(). It appears that fattr->mdsthreshold is not initialized. Fix the issue by initializing fattr->mdsthreshold to NULL in nfs_fattr_init(). Cc: stable@vger.kernel.org # v3.5.x Fixes: 88034c3d88c2 ("NFSv4.1 mdsthreshold attribute xdr") Signed-off-by: Roberto Sassu Signed-off-by: Anna Schumaker commit 6e2a10343ecb71c4457bc16be05758f9c7aae7d9 Author: NeilBrown Date: Fri Oct 4 11:07:23 2024 +1000 NFSv3: only use NFS timeout for MOUNT when protocols are compatible If a timeout is specified in the mount options, it currently applies to both the NFS protocol and (with v3) the MOUNT protocol. This is sensible when they both use the same underlying protocol, or those protocols are compatible w.r.t timeouts as RDMA and TCP are. However if, for example, NFS is using TCP and MOUNT is using UDP then using the same timeout doesn't make much sense. If you mount -o vers=3,proto=tcp,mountproto=udp,timeo=600,retrans=5 \ server:/path /mountpoint then the timeo=600 which was intended for the NFS/TCP request will apply to the MOUNT/UDP requests with the result that there will only be one request sent (because UDP has a maximum timeout of 60 seconds). This is not what a reasonable person might expect. This patch disables the sharing of timeout information in cases where the underlying protocols are not compatible. Fixes: c9301cb35b59 ("nfs: hornor timeo and retrans option when mounting NFSv3") Signed-off-by: NeilBrown Signed-off-by: Anna Schumaker commit 10f0740234f0b157b41bdc7e9c3555a9b86c1599 Author: NeilBrown Date: Wed Oct 9 16:28:06 2024 +1100 sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() xs_tcp_finish_connecting() can return -ENOTCONN but the switch statement in xs_tcp_setup_socket() treats that as an unhandled error. If we treat it as a known error it would propagate back to call_connect_status() which does handle that error code. This appears to be the intention of the commit (given below) which added -ENOTCONN as a return status for xs_tcp_finish_connecting(). So add -ENOTCONN to the switch statement as an error to pass through to the caller. Link: https://bugzilla.suse.com/show_bug.cgi?id=1231050 Link: https://access.redhat.com/discussions/3434091 Fixes: 01d37c428ae0 ("SUNRPC: xprt_connect() don't abort the task if the transport isn't bound") Signed-off-by: NeilBrown Reviewed-by: Benjamin Coddington Signed-off-by: Anna Schumaker commit 725f31f300e300a9d94976bd8f1db6e746f95f63 Author: Icenowy Zheng Date: Fri Oct 18 15:31:36 2024 +0800 thermal/of: support thermal zones w/o trips subnode Although the current device tree binding of thermal zones require the trips subnode, the binding in kernel v5.15 does not require it, and many device trees shipped with the kernel, for example, allwinner/sun50i-a64.dtsi and mediatek/mt8183-kukui.dtsi in ARM64, still comply to the old binding and contain no trips subnode. Allow the code to successfully register thermal zones w/o trips subnode for DT binding compatibility now. Furtherly, the inconsistency between DTs and bindings should be resolved by either adding empty trips subnode or dropping the trips subnode requirement. Fixes: d0c75fa2c17f ("thermal/of: Initialize trip points separately") Signed-off-by: Icenowy Zheng [wenst@chromium.org: Reworked logic and kernel log messages] Signed-off-by: Chen-Yu Tsai Reviewed-by: Rafael J. Wysocki Link: https://lore.kernel.org/r/20241018073139.1268995-1-wenst@chromium.org Signed-off-by: Daniel Lezcano commit c5426dcc5a3a064bbd2de383e29035a14fe933e0 Author: zhang jiao Date: Thu Sep 12 12:50:31 2024 +0800 tools/lib/thermal: Remove the thermal.h soft link when doing make clean Run "make -C tools thermal" can create a soft link for thermal.h in tools/include/uapi/linux. Just rm it when make clean. Signed-off-by: zhang jiao Link: https://lore.kernel.org/r/20240912045031.18426-1-zhangjiao2@cmss.chinamobile.com Signed-off-by: Daniel Lezcano commit fcd54cf480c87b96313a97dbf898c644b7bb3a2e Author: Emil Dahl Juhl Date: Tue Oct 15 19:18:26 2024 +0200 tools/lib/thermal: Fix sampling handler context ptr The sampling handler, provided by the user alongside a void* context, was invoked with an internal structure instead of the user context. Correct the invocation of the sampling handler to pass the user context pointer instead. Note that the approach taken is similar to that in events.c, and will reduce the chances of this mistake happening if additional sampling callbacks are added. Fixes: 47c4b0de080a ("tools/lib/thermal: Add a thermal library") Signed-off-by: Emil Dahl Juhl Link: https://lore.kernel.org/r/20241015171826.170154-1-emdj@bang-olufsen.dk Signed-off-by: Daniel Lezcano commit f16beaaee248eaa37ad40b5905924fcf70ae02e3 Author: Dmitry Baryshkov Date: Fri Oct 11 08:48:39 2024 +0300 thermal/drivers/qcom/lmh: Remove false lockdep backtrace Annotate LMH IRQs with lockdep classes so that the lockdep doesn't report possible recursive locking issue between LMH and GIC interrupts. For the reference: CPU0 ---- lock(&irq_desc_lock_class); lock(&irq_desc_lock_class); *** DEADLOCK *** Call trace: dump_backtrace+0x98/0xf0 show_stack+0x18/0x24 dump_stack_lvl+0x90/0xd0 dump_stack+0x18/0x24 print_deadlock_bug+0x258/0x348 __lock_acquire+0x1078/0x1f44 lock_acquire+0x1fc/0x32c _raw_spin_lock_irqsave+0x60/0x88 __irq_get_desc_lock+0x58/0x98 enable_irq+0x38/0xa0 lmh_enable_interrupt+0x2c/0x38 irq_enable+0x40/0x8c __irq_startup+0x78/0xa4 irq_startup+0x78/0x168 __enable_irq+0x70/0x7c enable_irq+0x4c/0xa0 qcom_cpufreq_ready+0x20/0x2c cpufreq_online+0x2a8/0x988 cpufreq_add_dev+0x80/0x98 subsys_interface_register+0x104/0x134 cpufreq_register_driver+0x150/0x234 qcom_cpufreq_hw_driver_probe+0x2a8/0x388 platform_probe+0x68/0xc0 really_probe+0xbc/0x298 __driver_probe_device+0x78/0x12c driver_probe_device+0x3c/0x160 __device_attach_driver+0xb8/0x138 bus_for_each_drv+0x84/0xe0 __device_attach+0x9c/0x188 device_initial_probe+0x14/0x20 bus_probe_device+0xac/0xb0 deferred_probe_work_func+0x8c/0xc8 process_one_work+0x20c/0x62c worker_thread+0x1bc/0x36c kthread+0x120/0x124 ret_from_fork+0x10/0x20 Fixes: 53bca371cdf7 ("thermal/drivers/qcom: Add support for LMh driver") Cc: stable@vger.kernel.org Signed-off-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20241011-lmh-lockdep-v1-1-495cbbe6fef1@linaro.org Signed-off-by: Daniel Lezcano commit ebdcba2126a817da4efc085c9d4dce0c51942eba Author: Raju Rangoju Date: Mon Nov 4 11:53:27 2024 +0530 MAINTAINERS: update AMD SPI maintainer 'Sanjay R Mehta' is no longer with AMD, I will take over as the maintainer of the AMD SPI driver moving forward. I request to be added as the new maintainer. Signed-off-by: Raju Rangoju Link: https://patch.msgid.link/20241104062327.1228521-1-Raju.Rangoju@amd.com Signed-off-by: Mark Brown commit fe09de2db2365eed8b44b572cff7d421eaf1754a Author: Shenghao Ding Date: Mon Nov 4 18:00:55 2024 +0800 ASoC: tas2781: Add new driver version for tas2563 & tas2781 qfn chip Add new driver version to support tas2563 & tas2781 qfn chip Signed-off-by: Shenghao Ding Link: https://patch.msgid.link/20241104100055.48-1-shenghao-ding@ti.com Signed-off-by: Mark Brown commit bbfbb57958635912ba472925622f2bb0bab5f06c Merge: 566064e57066a1 f8c879192465d9 Author: Arnd Bergmann Date: Mon Nov 4 14:22:53 2024 +0100 Merge tag 'qcom-drivers-fixes-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux into arm/fixes Qualcomm driver fixes for v6.12 The Qualcomm EDAC driver's configuration of interrupts is made optional, to avoid violating security constriants on X Elite platform . The SCM drivers' detection mechanism for the presence of SHM bridge in QTEE, is corrected to handle the case where firmware successfully returns that the interface isn't supported. The GLINK driver and the PMIC GLINK interface is updated to handle buffer allocation issues during initialization of the communication channel. Allocation error handling in the socinfo dirver is corrected, and then the fix is corrected. * tag 'qcom-drivers-fixes-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux: soc: qcom: pmic_glink: Handle GLINK intent allocation rejections rpmsg: glink: Handle rejected intent request better soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() firmware: qcom: scm: Return -EOPNOTSUPP for unsupported SHM bridge enabling EDAC/qcom: Make irq configuration optional firmware: qcom: scm: fix a NULL-pointer dereference firmware: qcom: scm: suppress download mode error soc: qcom: Add check devm_kasprintf() returned value MAINTAINERS: Qualcomm SoC: Match reserved-memory bindings Link: https://lore.kernel.org/r/20241101161455.746290-1-andersson@kernel.org Signed-off-by: Arnd Bergmann commit 36e66be874a7ea9d28fb9757629899a8449b8748 Author: Renato Caldas Date: Sat Nov 2 18:31:16 2024 +0000 platform/x86: ideapad-laptop: add missing Ideapad Pro 5 fn keys The scancodes for the Mic Mute and Airplane keys on the Ideapad Pro 5 (14AHP9 at least, probably the other variants too) are different and were not being picked up by the driver. This adds them to the keymap. Apart from what is already supported, the remaining fn keys are unfortunately producing windows-specific key-combos. Signed-off-by: Renato Caldas Link: https://lore.kernel.org/r/20241102183116.30142-1-renato@calgera.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit ec61f0bb4feec3345626a2b93b970b6719743997 Author: Kurt Borja Date: Thu Oct 31 12:44:42 2024 -0300 platform/x86: dell-wmi-base: Handle META key Lock/Unlock events Some Alienware devices have a key that locks/unlocks the Meta key. This key triggers a WMI event that should be ignored by the kernel, as it's handled by internally the firmware. There is no known way of changing this default behavior. The firmware would lock/unlock the Meta key, regardless of how the event is handled. Tested on an Alienware x15 R1. Signed-off-by: Kurt Borja Reviewed-by: Mario Limonciello Acked-by: Pali Rohár Link: https://lore.kernel.org/r/20241031154441.6663-2-kuurtb@gmail.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit a36b8b84ac4327b90ef5a22bc97cc96a92073330 Author: Kurt Borja Date: Thu Oct 31 12:40:24 2024 -0300 platform/x86: dell-smbios-base: Extends support to Alienware products Fixes the following error: dell_smbios: Unable to run on non-Dell system Which is triggered after dell-wmi driver fails to initialize on Alienware systems, as it depends on dell-smbios. This effectively extends dell-wmi, dell-smbios and dcdbas support to Alienware devices, that might share some features of the SMBIOS intereface calling interface with other Dell products. Tested on an Alienware X15 R1. Signed-off-by: Kurt Borja Reviewed-by: Mario Limonciello Acked-by: Pali Rohár Link: https://lore.kernel.org/r/20241031154023.6149-2-kuurtb@gmail.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 8abbf1f01d6a2ef9f911f793e30f7382154b5a3a Author: Murad Masimov Date: Fri Nov 1 21:55:13 2024 +0300 ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() If amdtp_stream_init() fails in amdtp_tscm_init(), the latter returns zero, though it's supposed to return error code, which is checked inside init_stream() in file tascam-stream.c. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 47faeea25ef3 ("ALSA: firewire-tascam: add data block processing layer") Signed-off-by: Murad Masimov Reviewed-by: Takashi Sakamoto Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20241101185517.1819-1-m.masimov@maxima.ru commit c2d188e137e77294323132a760a4608321a36a70 Author: Takashi Iwai Date: Mon Nov 4 11:07:34 2024 +0100 ALSA: ump: Don't enumeration invalid groups for legacy rawmidi The legacy rawmidi tries to enumerate all possible UMP groups belonging to the UMP endpoint. But currently it shows all 16 ports when the UMP endpoint is configured with static blocks, although most of them may be unused. There was already a fix for the sequencer client side to ignore such groups in the commit 3bfd7c0ba184 ("ALSA: seq: ump: Skip useless ports for static blocks"), and this commit is a similar fix for UMP rawmidi devices; it adds simply the check for the validity of each group that has been already parsed. (Note that the group info was moved to snd_ump_endpoint.groups[] by the commit 0642a3c5cacc0321c755 ("ALSA: ump: Update substream name from assigned FB names")). Link: https://patch.msgid.link/20241104100735.16127-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit bceec87a73804bb4c33b9a6c96e2d27cd893a801 Author: Corey Hickey Date: Mon Oct 28 11:02:41 2024 -0700 platform/x86/amd/pmc: Detect when STB is not available Loading the amd_pmc module as: amd_pmc enable_stb=1 ...can result in the following messages in the kernel ring buffer: amd_pmc AMDI0009:00: SMU cmd failed. err: 0xff ioremap on RAM at 0x0000000000000000 - 0x0000000000ffffff WARNING: CPU: 10 PID: 2151 at arch/x86/mm/ioremap.c:217 __ioremap_caller+0x2cd/0x340 Further debugging reveals that this occurs when the requests for S2D_PHYS_ADDR_LOW and S2D_PHYS_ADDR_HIGH return a value of 0, indicating that the STB is inaccessible. To prevent the ioremap warning and provide clarity to the user, handle the invalid address and display an error message. Link: https://lore.kernel.org/platform-driver-x86/c588ff5d-3e04-4549-9a86-284b9b4419ba@amd.com Fixes: 3d7d407dfb05 ("platform/x86: amd-pmc: Add support for AMD Spill to DRAM STB feature") Acked-by: Shyam Sundar S K Signed-off-by: Corey Hickey Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20241028180241.1341624-1-bugfood-ml@fatooh.org Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 8ca8d07857c698503b2b3bf615238c87c02f064e Author: Shyam Sundar S K Date: Wed Oct 23 12:02:41 2024 +0530 platform/x86/amd/pmf: Add SMU metrics table support for 1Ah family 60h model Add SMU metrics table support for 1Ah family 60h model. This information will be used by the PMF driver to alter the system thermals. Co-developed-by: Patil Rajesh Reddy Signed-off-by: Patil Rajesh Reddy Signed-off-by: Shyam Sundar S K Reviewed-by: Mario Limonciello Link: https://lore.kernel.org/r/20241023063245.1404420-2-Shyam-sundar.S-k@amd.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit b04ce1e718bd55302b52d05d6873e233cb3ec7a1 Author: Brendan King Date: Fri Oct 18 15:41:40 2024 +0000 drm/imagination: Break an object reference loop When remaining resources are being cleaned up on driver close, outstanding VM mappings may result in resources being leaked, due to an object reference loop, as shown below, with each object (or set of objects) referencing the object below it: PVR GEM Object GPU scheduler "finished" fence GPU scheduler “scheduled” fence PVR driver “done” fence PVR Context PVR VM Context PVR VM Mappings PVR GEM Object The reference that the PVR VM Context has on the VM mappings is a soft one, in the sense that the freeing of outstanding VM mappings is done as part of VM context destruction; no reference counts are involved, as is the case for all the other references in the loop. To break the reference loop during cleanup, free the outstanding VM mappings before destroying the PVR Context associated with the VM context. Signed-off-by: Brendan King Signed-off-by: Matt Coster Reviewed-by: Frank Binns Cc: stable@vger.kernel.org Link: https://patchwork.freedesktop.org/patch/msgid/8a25924f-1bb7-4d9a-a346-58e871dfb1d1@imgtec.com commit b0ef514bc6bbdeb8cc7492c0f473e14cb06b14d4 Author: Brendan King Date: Fri Oct 18 15:41:36 2024 +0000 drm/imagination: Add a per-file PVR context list This adds a linked list of VM contexts which is needed for the next patch to be able to correctly track VM contexts for destruction on file close. It is only safe for VM contexts to be removed from the list and destroyed when not in interrupt context. Signed-off-by: Brendan King Signed-off-by: Matt Coster Reviewed-by: Frank Binns Cc: stable@vger.kernel.org Link: https://patchwork.freedesktop.org/patch/msgid/e57128ea-f0ce-4e93-a9d4-3f033a8b06fa@imgtec.com commit ef7134c7fc48e1441b398e55a862232868a6f0a7 Author: Kuniyuki Iwashima Date: Sat Nov 2 14:24:38 2024 -0700 smb: client: Fix use-after-free of network namespace. Recently, we got a customer report that CIFS triggers oops while reconnecting to a server. [0] The workload runs on Kubernetes, and some pods mount CIFS servers in non-root network namespaces. The problem rarely happened, but it was always while the pod was dying. The root cause is wrong reference counting for network namespace. CIFS uses kernel sockets, which do not hold refcnt of the netns that the socket belongs to. That means CIFS must ensure the socket is always freed before its netns; otherwise, use-after-free happens. The repro steps are roughly: 1. mount CIFS in a non-root netns 2. drop packets from the netns 3. destroy the netns 4. unmount CIFS We can reproduce the issue quickly with the script [1] below and see the splat [2] if CONFIG_NET_NS_REFCNT_TRACKER is enabled. When the socket is TCP, it is hard to guarantee the netns lifetime without holding refcnt due to async timers. Let's hold netns refcnt for each socket as done for SMC in commit 9744d2bf1976 ("smc: Fix use-after-free in tcp_write_timer_handler()."). Note that we need to move put_net() from cifs_put_tcp_session() to clean_demultiplex_info(); otherwise, __sock_create() still could touch a freed netns while cifsd tries to reconnect from cifs_demultiplex_thread(). Also, maybe_get_net() cannot be put just before __sock_create() because the code is not under RCU and there is a small chance that the same address happened to be reallocated to another netns. [0]: CIFS: VFS: \\XXXXXXXXXXX has not responded in 15 seconds. Reconnecting... CIFS: Serverclose failed 4 times, giving up Unable to handle kernel paging request at virtual address 14de99e461f84a07 Mem abort info: ESR = 0x0000000096000004 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x04: level 0 translation fault Data abort info: ISV = 0, ISS = 0x00000004 CM = 0, WnR = 0 [14de99e461f84a07] address between user and kernel address ranges Internal error: Oops: 0000000096000004 [#1] SMP Modules linked in: cls_bpf sch_ingress nls_utf8 cifs cifs_arc4 cifs_md4 dns_resolver tcp_diag inet_diag veth xt_state xt_connmark nf_conntrack_netlink xt_nat xt_statistic xt_MASQUERADE xt_mark xt_addrtype ipt_REJECT nf_reject_ipv4 nft_chain_nat nf_nat xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xt_comment nft_compat nf_tables nfnetlink overlay nls_ascii nls_cp437 sunrpc vfat fat aes_ce_blk aes_ce_cipher ghash_ce sm4_ce_cipher sm4 sm3_ce sm3 sha3_ce sha512_ce sha512_arm64 sha1_ce ena button sch_fq_codel loop fuse configfs dmi_sysfs sha2_ce sha256_arm64 dm_mirror dm_region_hash dm_log dm_mod dax efivarfs CPU: 5 PID: 2690970 Comm: cifsd Not tainted 6.1.103-109.184.amzn2023.aarch64 #1 Hardware name: Amazon EC2 r7g.4xlarge/, BIOS 1.0 11/1/2018 pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : fib_rules_lookup+0x44/0x238 lr : __fib_lookup+0x64/0xbc sp : ffff8000265db790 x29: ffff8000265db790 x28: 0000000000000000 x27: 000000000000bd01 x26: 0000000000000000 x25: ffff000b4baf8000 x24: ffff00047b5e4580 x23: ffff8000265db7e0 x22: 0000000000000000 x21: ffff00047b5e4500 x20: ffff0010e3f694f8 x19: 14de99e461f849f7 x18: 0000000000000000 x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000 x14: 0000000000000000 x13: 0000000000000000 x12: 3f92800abd010002 x11: 0000000000000001 x10: ffff0010e3f69420 x9 : ffff800008a6f294 x8 : 0000000000000000 x7 : 0000000000000006 x6 : 0000000000000000 x5 : 0000000000000001 x4 : ffff001924354280 x3 : ffff8000265db7e0 x2 : 0000000000000000 x1 : ffff0010e3f694f8 x0 : ffff00047b5e4500 Call trace: fib_rules_lookup+0x44/0x238 __fib_lookup+0x64/0xbc ip_route_output_key_hash_rcu+0x2c4/0x398 ip_route_output_key_hash+0x60/0x8c tcp_v4_connect+0x290/0x488 __inet_stream_connect+0x108/0x3d0 inet_stream_connect+0x50/0x78 kernel_connect+0x6c/0xac generic_ip_connect+0x10c/0x6c8 [cifs] __reconnect_target_unlocked+0xa0/0x214 [cifs] reconnect_dfs_server+0x144/0x460 [cifs] cifs_reconnect+0x88/0x148 [cifs] cifs_readv_from_socket+0x230/0x430 [cifs] cifs_read_from_socket+0x74/0xa8 [cifs] cifs_demultiplex_thread+0xf8/0x704 [cifs] kthread+0xd0/0xd4 Code: aa0003f8 f8480f13 eb18027f 540006c0 (b9401264) [1]: CIFS_CRED="/root/cred.cifs" CIFS_USER="Administrator" CIFS_PASS="Password" CIFS_IP="X.X.X.X" CIFS_PATH="//${CIFS_IP}/Users/Administrator/Desktop/CIFS_TEST" CIFS_MNT="/mnt/smb" DEV="enp0s3" cat < ${CIFS_CRED} username=${CIFS_USER} password=${CIFS_PASS} domain=EXAMPLE.COM EOF unshare -n bash -c " mkdir -p ${CIFS_MNT} ip netns attach root 1 ip link add eth0 type veth peer veth0 netns root ip link set eth0 up ip -n root link set veth0 up ip addr add 192.168.0.2/24 dev eth0 ip -n root addr add 192.168.0.1/24 dev veth0 ip route add default via 192.168.0.1 dev eth0 ip netns exec root sysctl net.ipv4.ip_forward=1 ip netns exec root iptables -t nat -A POSTROUTING -s 192.168.0.2 -o ${DEV} -j MASQUERADE mount -t cifs ${CIFS_PATH} ${CIFS_MNT} -o vers=3.0,sec=ntlmssp,credentials=${CIFS_CRED},rsize=65536,wsize=65536,cache=none,echo_interval=1 touch ${CIFS_MNT}/a.txt ip netns exec root iptables -t nat -D POSTROUTING -s 192.168.0.2 -o ${DEV} -j MASQUERADE " umount ${CIFS_MNT} [2]: ref_tracker: net notrefcnt@000000004bbc008d has 1/1 users at sk_alloc (./include/net/net_namespace.h:339 net/core/sock.c:2227) inet_create (net/ipv4/af_inet.c:326 net/ipv4/af_inet.c:252) __sock_create (net/socket.c:1576) generic_ip_connect (fs/smb/client/connect.c:3075) cifs_get_tcp_session.part.0 (fs/smb/client/connect.c:3160 fs/smb/client/connect.c:1798) cifs_mount_get_session (fs/smb/client/trace.h:959 fs/smb/client/connect.c:3366) dfs_mount_share (fs/smb/client/dfs.c:63 fs/smb/client/dfs.c:285) cifs_mount (fs/smb/client/connect.c:3622) cifs_smb3_do_mount (fs/smb/client/cifsfs.c:949) smb3_get_tree (fs/smb/client/fs_context.c:784 fs/smb/client/fs_context.c:802 fs/smb/client/fs_context.c:794) vfs_get_tree (fs/super.c:1800) path_mount (fs/namespace.c:3508 fs/namespace.c:3834) __x64_sys_mount (fs/namespace.c:3848 fs/namespace.c:4057 fs/namespace.c:4034 fs/namespace.c:4034) do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) Fixes: 26abe14379f8 ("net: Modify sk_alloc to not reference count the netns of kernel sockets.") Signed-off-by: Kuniyuki Iwashima Acked-by: Tom Talpey Signed-off-by: Steve French commit 59b723cd2adbac2a34fc8e12c74ae26ae45bf230 Author: Linus Torvalds Date: Sun Nov 3 14:05:52 2024 -1000 Linux 6.12-rc6 commit 9265fed6db601ee2ec47577815387458ef4f047a Author: Jarkko Sakkinen Date: Thu Oct 31 02:16:09 2024 +0200 tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according, as this leaves window for tpm_hwrng_read() to be called while the operation is in progress. The recent bug report gives also evidence of this behaviour. Aadress this by locking the TPM chip before checking any chip->flags both in tpm_pm_suspend() and tpm_hwrng_read(). Move TPM_CHIP_FLAG_SUSPENDED check inside tpm_get_random() so that it will be always checked only when the lock is reserved. Cc: stable@vger.kernel.org # v6.4+ Fixes: 99d464506255 ("tpm: Prevent hwrng from activating during resume") Reported-by: Mike Seo Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219383 Reviewed-by: Jerry Snitselaar Tested-by: Mike Seo Signed-off-by: Jarkko Sakkinen commit 5ccdcdf186aec6b9111845fd37e1757e9b413e2f Author: Suraj Gupta Date: Wed Oct 30 11:55:32 2024 +0530 net: xilinx: axienet: Enqueue Tx packets in dql before dmaengine starts Enqueue packets in dql after dma engine starts causes race condition. Tx transfer starts once dma engine is started and may execute dql dequeue in completion before it gets queued. It results in following kernel crash while running iperf stress test: kernel BUG at lib/dynamic_queue_limits.c:99! Internal error: Oops - BUG: 00000000f2000800 [#1] SMP pc : dql_completed+0x238/0x248 lr : dql_completed+0x3c/0x248 Call trace: dql_completed+0x238/0x248 axienet_dma_tx_cb+0xa0/0x170 xilinx_dma_do_tasklet+0xdc/0x290 tasklet_action_common+0xf8/0x11c tasklet_action+0x30/0x3c handle_softirqs+0xf8/0x230 Start dmaengine after enqueue in dql fixes the crash. Fixes: 6a91b846af85 ("net: axienet: Introduce dmaengine support") Signed-off-by: Suraj Gupta Link: https://patch.msgid.link/20241030062533.2527042-2-suraj.gupta2@amd.com Signed-off-by: Jakub Kicinski commit be31ec5c8efa69f4970e4554c1b760ac8ea3e543 Author: Florian Fainelli Date: Thu Oct 31 10:33:29 2024 -0700 MAINTAINERS: Remove self from DSA entry Signed-off-by: Florian Fainelli Acked-by: Andrew Lunn Acked-by: Vladimir Oltean Link: https://patch.msgid.link/20241031173332.3858162-1-f.fainelli@gmail.com Signed-off-by: Jakub Kicinski commit e15c5506dd39885cd047f811a64240e2e8ab401b Author: Wei Fang Date: Thu Oct 31 14:02:46 2024 +0800 net: enetc: allocate vf_state during PF probes In the previous implementation, vf_state is allocated memory only when VF is enabled. However, net_device_ops::ndo_set_vf_mac() may be called before VF is enabled to configure the MAC address of VF. If this is the case, enetc_pf_set_vf_mac() will access vf_state, resulting in access to a null pointer. The simplified error log is as follows. root@ls1028ardb:~# ip link set eno0 vf 1 mac 00:0c:e7:66:77:89 [ 173.543315] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004 [ 173.637254] pc : enetc_pf_set_vf_mac+0x3c/0x80 Message from sy [ 173.641973] lr : do_setlink+0x4a8/0xec8 [ 173.732292] Call trace: [ 173.734740] enetc_pf_set_vf_mac+0x3c/0x80 [ 173.738847] __rtnl_newlink+0x530/0x89c [ 173.742692] rtnl_newlink+0x50/0x7c [ 173.746189] rtnetlink_rcv_msg+0x128/0x390 [ 173.750298] netlink_rcv_skb+0x60/0x130 [ 173.754145] rtnetlink_rcv+0x18/0x24 [ 173.757731] netlink_unicast+0x318/0x380 [ 173.761665] netlink_sendmsg+0x17c/0x3c8 Fixes: d4fd0404c1c9 ("enetc: Introduce basic PF and VF ENETC ethernet drivers") Signed-off-by: Wei Fang Reviewed-by: Vladimir Oltean Tested-by: Vladimir Oltean Link: https://patch.msgid.link/20241031060247.1290941-2-wei.fang@nxp.com Signed-off-by: Jakub Kicinski commit a8cc7432728d019a10cb412401ebc15ed7504289 Merge: d5aaa0bc6de9c2 1d4832becdc2cd Author: Linus Torvalds Date: Sun Nov 3 10:25:05 2024 -1000 Merge tag 'mm-hotfixes-stable-2024-11-03-10-50' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull misc fixes from Andrew Morton: "17 hotfixes. 9 are cc:stable. 13 are MM and 4 are non-MM. The usual collection of singletons - please see the changelogs" * tag 'mm-hotfixes-stable-2024-11-03-10-50' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: mm: multi-gen LRU: use {ptep,pmdp}_clear_young_notify() mm: multi-gen LRU: remove MM_LEAF_OLD and MM_NONLEAF_TOTAL stats mm, mmap: limit THP alignment of anonymous mappings to PMD-aligned sizes mm: shrinker: avoid memleak in alloc_shrinker_info .mailmap: update e-mail address for Eugen Hristev vmscan,migrate: fix page count imbalance on node stats when demoting pages mailmap: update Jarkko's email addresses mm: allow set/clear page_type again nilfs2: fix potential deadlock with newly created symlinks Squashfs: fix variable overflow in squashfs_readpage_block kasan: remove vmalloc_percpu test tools/mm: -Werror fixes in page-types/slabinfo mm, swap: avoid over reclaim of full clusters mm: fix PSWPIN counter for large folios swap-in mm: avoid VM_BUG_ON when try to map an anon large folio to zero page. mm/codetag: fix null pointer check logic for ref and tag mm/gup: stop leaking pinned pages in low memory conditions commit d5aaa0bc6de9c2649fa15def775a6710c052c966 Merge: e8529dcb1218ce e70d2677ef4088 Author: Linus Torvalds Date: Sun Nov 3 10:19:34 2024 -1000 Merge tag 'phy-fixes-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/phy/linux-phy Pull phy fixes from Vinod Koul: - Qualcomm QMP driver fixes for null deref on suspend, bogus supplies fix and reset entries fix - BCM usb driver init array fix - cadence array offset fix - starfive link configuration fix - config dependency fix for rockchip driver - freescale reset signal fix before pll lock - tegra driver fix for error pointer check * tag 'phy-fixes-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/phy/linux-phy: phy: tegra: xusb: Add error pointer check in xusb.c dt-bindings: phy: qcom,sc8280xp-qmp-pcie-phy: Fix X1E80100 resets entries phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check phy: phy-rockchip-samsung-hdptx: Depend on CONFIG_COMMON_CLK phy: ti: phy-j721e-wiz: fix usxgmii configuration phy: starfive: jh7110-usb: Fix link configuration to controller phy: qcom: qmp-pcie: drop bogus x1e80100 qref supplies phy: qcom: qmp-combo: move driver data initialisation earlier phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend phy: qcom: qmp-usb: fix NULL-deref on runtime suspend dt-bindings: phy: qcom,sc8280xp-qmp-pcie-phy: add missing x1e80100 pipediv2 clocks phy: usb: disable COMMONONN for dual mode phy: cadence: Sierra: Fix offset of DEQ open eye algorithm control register phy: usb: Fix missing elements in BCM4908 USB init array commit e8529dcb1218ce176d5e84168568f69e1d9de109 Merge: 886b7e80ab1984 d35f40642904b0 Author: Linus Torvalds Date: Sun Nov 3 10:15:50 2024 -1000 Merge tag 'dmaengine-fix-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/dmaengine Pull dmaengine fixes from Vinod Koul: - TI driver fix to set EOP for cyclic BCDMA transfers - sh rz-dmac driver fix for handling config with zero address * tag 'dmaengine-fix-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/dmaengine: dmaengine: ti: k3-udma: Set EOP for all TRs in cyclic BCDMA transfer dmaengine: sh: rz-dmac: handle configs where one address is zero commit 0ead60804b64f5bd6999eec88e503c6a1a242d41 Author: Xin Long Date: Tue Oct 29 13:46:21 2024 -0400 sctp: properly validate chunk size in sctp_sf_ootb() A size validation fix similar to that in Commit 50619dbf8db7 ("sctp: add size validation when walking chunks") is also required in sctp_sf_ootb() to address a crash reported by syzbot: BUG: KMSAN: uninit-value in sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712 sctp_do_sm+0x181/0x93d0 net/sctp/sm_sideeffect.c:1166 sctp_endpoint_bh_rcv+0xc38/0xf90 net/sctp/endpointola.c:407 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88 sctp_rcv+0x3831/0x3b20 net/sctp/input.c:243 sctp4_rcv+0x42/0x50 net/sctp/protocol.c:1159 ip_protocol_deliver_rcu+0xb51/0x13d0 net/ipv4/ip_input.c:205 ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233 Reported-by: syzbot+f0cbb34d39392f2746ca@syzkaller.appspotmail.com Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Xin Long Link: https://patch.msgid.link/a29ebb6d8b9f8affd0f9abb296faafafe10c17d8.1730223981.git.lucien.xin@gmail.com Signed-off-by: Jakub Kicinski commit 886b7e80ab19841f640cafd8b5ab053409b9b931 Merge: be5bfa1378f238 9a71892cbcdb9d Author: Linus Torvalds Date: Sun Nov 3 08:51:53 2024 -1000 Merge tag 'driver-core-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core Pull driver core revert from Greg KH: "Here is a single driver core revert for 6.12-rc6. It reverts a change that came in -rc1 that was supposed to resolve a reported problem, but caused another one, so revert it for now so that we can get this all worked out properly in 6.13. The revert has been in linux-next all week with no reported issues" * tag 'driver-core-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: Revert "driver core: Fix uevent_show() vs driver detach race" commit be5bfa1378f238da4a35c7d4b7cc0505ae869fb4 Merge: 32cfb3c48e2451 afb92ad8733ef0 Author: Linus Torvalds Date: Sun Nov 3 08:48:11 2024 -1000 Merge tag 'usb-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb Pull USB / Thunderbolt fixes from Greg KH: "Here are some small USB and Thunderbolt driver fixes for 6.12-rc6 that have been sitting in my tree this week. Included in here are the following: - thunderbolt driver fixes for reported issues - USB typec driver fixes - xhci driver fixes for reported problems - dwc2 driver revert for a broken change - usb phy driver fix - usbip tool fix All of these have been in linux-next this week with no reported issues" * tag 'usb-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: usb: typec: tcpm: restrict SNK_WAIT_CAPABILITIES_TIMEOUT transitions to non self-powered devices usb: phy: Fix API devm_usb_put_phy() can not release the phy usb: typec: use cleanup facility for 'altmodes_node' usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() usb: typec: qcom-pmic-typec: fix missing fwnode removal in error path usb: typec: qcom-pmic-typec: use fwnode_handle_put() to release fwnodes usb: acpi: fix boot hang due to early incorrect 'tunneled' USB3 device links Revert "usb: dwc2: Skip clock gating on Broadcom SoCs" xhci: Fix Link TRB DMA in command ring stopped completion event xhci: Use pm_runtime_get to prevent RPM on unsupported systems usbip: tools: Fix detach_port() invalid port error path thunderbolt: Honor TMU requirements in the domain when setting TMU mode thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan() commit 1d4832becdc2cdb2cffe2a6050c9d9fd8ff1c58c Author: Yu Zhao Date: Sat Oct 19 01:29:39 2024 +0000 mm: multi-gen LRU: use {ptep,pmdp}_clear_young_notify() When the MM_WALK capability is enabled, memory that is mostly accessed by a VM appears younger than it really is, therefore this memory will be less likely to be evicted. Therefore, the presence of a running VM can significantly increase swap-outs for non-VM memory, regressing the performance for the rest of the system. Fix this regression by always calling {ptep,pmdp}_clear_young_notify() whenever we clear the young bits on PMDs/PTEs. [jthoughton@google.com: fix link-time error] Link: https://lkml.kernel.org/r/20241019012940.3656292-3-jthoughton@google.com Fixes: bd74fdaea146 ("mm: multi-gen LRU: support page table walks") Signed-off-by: Yu Zhao Signed-off-by: James Houghton Reported-by: David Stevens Cc: Axel Rasmussen Cc: David Matlack Cc: David Rientjes Cc: Oliver Upton Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Wei Xu Cc: Cc: kernel test robot Signed-off-by: Andrew Morton commit ddd6d8e975b171ea3f63a011a75820883ff0d479 Author: Yu Zhao Date: Sat Oct 19 01:29:38 2024 +0000 mm: multi-gen LRU: remove MM_LEAF_OLD and MM_NONLEAF_TOTAL stats Patch series "mm: multi-gen LRU: Have secondary MMUs participate in MM_WALK". Today, the MM_WALK capability causes MGLRU to clear the young bit from PMDs and PTEs during the page table walk before eviction, but MGLRU does not call the clear_young() MMU notifier in this case. By not calling this notifier, the MM walk takes less time/CPU, but it causes pages that are accessed mostly through KVM / secondary MMUs to appear younger than they should be. We do call the clear_young() notifier today, but only when attempting to evict the page, so we end up clearing young/accessed information less frequently for secondary MMUs than for mm PTEs, and therefore they appear younger and are less likely to be evicted. Therefore, memory that is *not* being accessed mostly by KVM will be evicted *more* frequently, worsening performance. ChromeOS observed a tab-open latency regression when enabling MGLRU with a setup that involved running a VM: Tab-open latency histogram (ms) Version p50 mean p95 p99 max base 1315 1198 2347 3454 10319 mglru 2559 1311 7399 12060 43758 fix 1119 926 2470 4211 6947 This series replaces the final non-selftest patchs from this series[1], which introduced a similar change (and a new MMU notifier) with KVM optimizations. I'll send a separate series (to Sean and Paolo) for the KVM optimizations. This series also makes proactive reclaim with MGLRU possible for KVM memory. I have verified that this functions correctly with the selftest from [1], but given that that test is a KVM selftest, I'll send it with the rest of the KVM optimizations later. Andrew, let me know if you'd like to take the test now anyway. [1]: https://lore.kernel.org/linux-mm/20240926013506.860253-18-jthoughton@google.com/ This patch (of 2): The removed stats, MM_LEAF_OLD and MM_NONLEAF_TOTAL, are not very helpful and become more complicated to properly compute when adding test/clear_young() notifiers in MGLRU's mm walk. Link: https://lkml.kernel.org/r/20241019012940.3656292-1-jthoughton@google.com Link: https://lkml.kernel.org/r/20241019012940.3656292-2-jthoughton@google.com Fixes: bd74fdaea146 ("mm: multi-gen LRU: support page table walks") Signed-off-by: Yu Zhao Signed-off-by: James Houghton Cc: Axel Rasmussen Cc: David Matlack Cc: David Rientjes Cc: David Stevens Cc: Oliver Upton Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Wei Xu Cc: Signed-off-by: Andrew Morton commit 32cfb3c48e24511ccf9f76d8a2e04a30397af438 Merge: 295ba6501d2e83 d0bc3b92fb9b2c Author: Linus Torvalds Date: Sun Nov 3 08:45:03 2024 -1000 Merge tag 'char-misc-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc Pull misc driver fixes from Greg KH: "Here are some small char/misc/iio fixes for 6.12-rc6 that resolve some reported issues. Included in here are the following: - small IIO driver fixes for many reported issues - mei driver fix for a suddenly much reported issue for an "old" issue. - MAINTAINERS update for a developer who has moved companies and forgot to update their old entry. All of these have been in linux-next this week with no reported issues" * tag 'char-misc-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: mei: use kvmalloc for read buffer MAINTAINERS: add netup_unidvb maintainer iio: dac: Kconfig: Fix build error for ltc2664 iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() docs: iio: ad7380: fix supply for ad7380-4 iio: adc: ad7380: fix supplies for ad7380-4 iio: adc: ad7380: add missing supplies iio: adc: ad7380: use devm_regulator_get_enable_read_voltage() dt-bindings: iio: adc: ad7380: fix ad7380-4 reference supply iio: light: veml6030: fix microlux value calculation iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() commit 295ba6501d2e83b2e66729dc3a7726f80893c920 Merge: a33ab3f94f510b 071b24b54d2d05 Author: Linus Torvalds Date: Sun Nov 3 08:35:29 2024 -1000 Merge tag 'input-for-v6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input Pull input fixes from Dmitry Torokhov: - a fix for regression in input core introduced in 6.11 preventing re-registering input handlers - a fix for adp5588-keys driver tyring to disable interrupt 0 at suspend when devices is used without interrupt - a fix for edt-ft5x06 to stop leaking regmap structure when probing fails and to make sure it is not released too early on removal. * tag 'input-for-v6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: Input: fix regression when re-registering input handlers Input: adp5588-keys - do not try to disable interrupt 0 Input: edt-ft5x06 - fix regmap leak when probe fails commit a33ab3f94f510b5bc6b74b2d1e9bc585391c2861 Merge: b9021de3ec2f39 77dc55a978e696 Author: Linus Torvalds Date: Sun Nov 3 08:29:02 2024 -1000 Merge tag 'kbuild-fixes-v6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild Pull Kbuild fixes from Masahiro Yamada: - Fix a memory leak in modpost - Resolve build issues when cross-compiling RPM and Debian packages - Fix another regression in Kconfig - Fix incorrect MODULE_ALIAS() output in modpost * tag 'kbuild-fixes-v6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild: modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host modpost: fix acpi MODULE_DEVICE_TABLE built with mismatched endianness kconfig: show sub-menu entries even if the prompt is hidden kbuild: deb-pkg: add pkg.linux-upstream.nokerneldbg build profile kbuild: deb-pkg: add pkg.linux-upstream.nokernelheaders build profile kbuild: rpm-pkg: disable kernel-devel package when cross-compiling sumversion: Fix a memory leak in get_src_version() commit b9021de3ec2f39074aae92ed69c3823e30cd8cdb Merge: b019b4a6706f3e fce9642c765a18 Author: Linus Torvalds Date: Sun Nov 3 08:26:00 2024 -1000 Merge tag 'x86-urgent-2024-11-03' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fix from Thomas Gleixner: "A trivial compile test fix for x86: When CONFIG_AMD_NB is not set a COMPILE_TEST of an AMD specific driver fails due to a missing inline stub. Add the stub to cure it" * tag 'x86-urgent-2024-11-03' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB commit b019b4a6706f3ee133d68a29ae92cc6695e86d6e Merge: 33e83ffe4c5713 b5413156bad91d Author: Linus Torvalds Date: Sun Nov 3 08:22:21 2024 -1000 Merge tag 'timers-urgent-2024-11-03' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull timer fix from Thomas Gleixner: "A single fix for posix CPU timers. When a thread is cloned, the posix CPU timers are not inherited. If the parent has a CPU timer armed the corresponding tick dependency in the tasks tick_dep_mask is set and copied to the new thread, which means the new thread and all decendants will prevent the system to go into full NOHZ operation. Clear the tick dependency mask in copy_process() to fix this" * tag 'timers-urgent-2024-11-03' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone commit 33e83ffe4c57132c73b7d3fb7919006c5296c496 Merge: 68f05b251b7156 69d5e722be949a Author: Linus Torvalds Date: Sun Nov 3 08:18:28 2024 -1000 Merge tag 'sched-urgent-2024-11-03' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull scheduler fixes from Thomas Gleixner: - Plug a race between pick_next_task_fair() and try_to_wake_up() where both try to write to the same task, even though both paths hold a runqueue lock, but obviously from different runqueues. The problem is that the store to task::on_rq in __block_task() is visible to try_to_wake_up() which assumes that the task is not queued. Both sides then operate on the same task. Cure it by rearranging __block_task() so the the store to task::on_rq is the last operation on the task. - Prevent a potential NULL pointer dereference in task_numa_work() task_numa_work() iterates the VMAs of a process. A concurrent unmap of the address space can result in a NULL pointer return from vma_next() which is unchecked. Add the missing NULL pointer check to prevent this. - Operate on the correct scheduler policy in task_should_scx() task_should_scx() returns true when a task should be handled by sched EXT. It checks the tasks scheduling policy. This fails when the check is done before a policy has been set. Cure it by handing the policy into task_should_scx() so it operates on the requested value. - Add the missing handling of sched EXT in the delayed dequeue mechanism. This was simply forgotten. * tag 'sched-urgent-2024-11-03' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: sched/ext: Fix scx vs sched_delayed sched: Pass correct scheduling policy to __setscheduler_class sched/numa: Fix the potential null pointer dereference in task_numa_work() sched: Fix pick_next_task_fair() vs try_to_wake_up() race commit 68f05b251b7156b10a6f6547f7f8672ffb94100f Merge: 8f0b844adc096f e3dfd64c1f344e Author: Linus Torvalds Date: Sun Nov 3 08:13:52 2024 -1000 Merge tag 'perf-urgent-2024-11-03' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull perf fix from Thomas Gleixner: "perf_event_clear_cpumask() uses list_for_each_entry_rcu() without being in a RCU read side critical section, which triggers a 'suspicious RCU usage' warning. It turns out that the list walk does not be RCU protected because the write side lock is held in this context. Change it to a regular list walk" * tag 'perf-urgent-2024-11-03' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: perf: Fix missing RCU reader protection in perf_event_clear_cpumask() commit 8f0b844adc096feee437c6271a1419ee81383fc6 Merge: 3e5e6c9900c3d7 e6c24e2d05bb05 Author: Linus Torvalds Date: Sun Nov 3 08:09:25 2024 -1000 Merge tag 'irq-urgent-2024-11-03' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull irq fixes from Thomas Gleixner: - Fix an off-by-one error in the failure path of msi_domain_alloc(), which causes the cleanup loop to terminate early and leaking the first allocated interrupt. - Handle a corner case in GIC-V4 versus a lazily mapped Virtual Processing Element (VPE). If the VPE has not been mapped because the guest has not yet emitted a mapping command, then the set_affinity() callback returns an error code, which causes the vCPU management to fail. Return success in this case without touching the hardware. This will be done later when the guest issues the mapping command. * tag 'irq-urgent-2024-11-03' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: irqchip/gic-v4: Correctly deal with set_affinity on lazily-mapped VPEs genirq/msi: Fix off-by-one error in msi_domain_alloc() commit aceee63a3aba4611f89dfc7e127792f469f45526 Author: Christophe JAILLET Date: Fri Nov 1 17:10:57 2024 +0100 RDMA/bnxt_re: Remove some dead code If the probe succeeds, then auxiliary_get_drvdata() can't return a NULL pointer. So several NULL checks can be removed to simplify code. Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/f02eb630734ee530315dce9f60b078f631ae93d0.1730477345.git.christophe.jaillet@wanadoo.fr Signed-off-by: Leon Romanovsky commit cf90a4d1b9ff9e09442226bdb18fec45f013db9d Author: Christophe JAILLET Date: Fri Nov 1 17:10:56 2024 +0100 RDMA/bnxt_re: Fix some error handling paths in bnxt_re_probe() If bnxt_re_add_device() fails, 'en_info' still needs to be freed, as already done in the .remove() function. The commit in Fixes incorrectly removed this call, certainly because it was expecting the .remove() function was called anyway. But if the probe fails, the remove function is not called. There is no need to call bnxt_re_remove() as it was done before, kfree() is enough. Fixes: a5e099e0c464 ("RDMA/bnxt_re: Fix an error path in bnxt_re_add_device") Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/9e48ff955ae55fc39a9eb1eb590d374539eab5ba.1730477345.git.christophe.jaillet@wanadoo.fr Signed-off-by: Leon Romanovsky commit 3b557be89fc688dbd9ccf704a70f7600a094f13a Author: Jinjie Ruan Date: Fri Nov 1 10:53:16 2024 +0800 net: wwan: t7xx: Fix off-by-one error in t7xx_dpmaif_rx_buf_alloc() The error path in t7xx_dpmaif_rx_buf_alloc(), free and unmap the already allocated and mapped skb in a loop, but the loop condition terminates when the index reaches zero, which fails to free the first allocated skb at index zero. Check with i-- so that skb at index 0 is freed as well. Cc: stable@vger.kernel.org Fixes: d642b012df70 ("net: wwan: t7xx: Add data path interface") Acked-by: Sergey Ryazanov Signed-off-by: Jinjie Ruan Reviewed-by: Ilpo Järvinen Link: https://patch.msgid.link/20241101025316.3234023-1-ruanjinjie@huawei.com Signed-off-by: Jakub Kicinski commit 77dc55a978e69625f9718460012e5ef0172dc4de Author: Masahiro Yamada Date: Sun Nov 3 21:52:57 2024 +0900 modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host When building a 64-bit kernel on a 32-bit build host, incorrect input MODULE_ALIAS() entries may be generated. For example, when compiling a 64-bit kernel with CONFIG_INPUT_MOUSEDEV=m on a 64-bit build machine, you will get the correct output: $ grep MODULE_ALIAS drivers/input/mousedev.mod.c MODULE_ALIAS("input:b*v*p*e*-e*1,*2,*k*110,*r*0,*1,*a*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*2,*k*r*8,*a*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*3,*k*14A,*r*a*0,*1,*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*3,*k*145,*r*a*0,*1,*18,*1C,*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*3,*k*110,*r*a*0,*1,*m*l*s*f*w*"); However, building the same kernel on a 32-bit machine results in incorrect output: $ grep MODULE_ALIAS drivers/input/mousedev.mod.c MODULE_ALIAS("input:b*v*p*e*-e*1,*2,*k*110,*130,*r*0,*1,*a*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*2,*k*r*8,*a*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*3,*k*14A,*16A,*r*a*0,*1,*20,*21,*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*3,*k*145,*165,*r*a*0,*1,*18,*1C,*20,*21,*38,*3C,*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*3,*k*110,*130,*r*a*0,*1,*20,*21,*m*l*s*f*w*"); A similar issue occurs with CONFIG_INPUT_JOYDEV=m. On a 64-bit build machine, the output is: $ grep MODULE_ALIAS drivers/input/joydev.mod.c MODULE_ALIAS("input:b*v*p*e*-e*3,*k*r*a*0,*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*3,*k*r*a*2,*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*3,*k*r*a*8,*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*3,*k*r*a*6,*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*k*120,*r*a*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*k*130,*r*a*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*k*2C0,*r*a*m*l*s*f*w*"); However, on a 32-bit machine, the output is incorrect: $ grep MODULE_ALIAS drivers/input/joydev.mod.c MODULE_ALIAS("input:b*v*p*e*-e*3,*k*r*a*0,*20,*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*3,*k*r*a*2,*22,*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*3,*k*r*a*8,*28,*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*3,*k*r*a*6,*26,*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*k*11F,*13F,*r*a*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*k*11F,*13F,*r*a*m*l*s*f*w*"); MODULE_ALIAS("input:b*v*p*e*-e*1,*k*2C0,*2E0,*r*a*m*l*s*f*w*"); When building a 64-bit kernel, BITS_PER_LONG is defined as 64. However, on a 32-bit build machine, the constant 1L is a signed 32-bit value. Left-shifting it beyond 32 bits causes wraparound, and shifting by 31 or 63 bits makes it a negative value. The fix in commit e0e92632715f ("[PATCH] PATCH: 1 line 2.6.18 bugfix: modpost-64bit-fix.patch") is incorrect; it only addresses cases where a 64-bit kernel is built on a 64-bit build machine, overlooking cases on a 32-bit build machine. Using 1ULL ensures a 64-bit width on both 32-bit and 64-bit machines, avoiding the wraparound issue. Fixes: e0e92632715f ("[PATCH] PATCH: 1 line 2.6.18 bugfix: modpost-64bit-fix.patch") Signed-off-by: Masahiro Yamada commit 2e766a1f5f94a142d9a906c9411d0f6101c4c721 Author: Masahiro Yamada Date: Sun Nov 3 21:46:50 2024 +0900 modpost: fix acpi MODULE_DEVICE_TABLE built with mismatched endianness When CONFIG_SATA_AHCI_PLATFORM=m, modpost outputs incorect acpi MODULE_ALIAS() if the endianness of the target and the build machine do not match. When the endianness of the target kernel and the build machine match, the output is correct: $ grep 'MODULE_ALIAS("acpi' drivers/ata/ahci_platform.mod.c MODULE_ALIAS("acpi*:APMC0D33:*"); MODULE_ALIAS("acpi*:010601:*"); However, when building a little-endian kernel on a big-endian machine (or vice versa), the output is incorrect: $ grep 'MODULE_ALIAS("acpi' drivers/ata/ahci_platform.mod.c MODULE_ALIAS("acpi*:APMC0D33:*"); MODULE_ALIAS("acpi*:0601??:*"); The 'cls' and 'cls_msk' fields are 32-bit. DEF_FIELD() must be used instead of DEF_FIELD_ADDR() to correctly handle endianness of these 32-bit fields. The check 'if (cls)' was unnecessary; it never became NULL, as it was the pointer to 'symval' plus the offset to the 'cls' field. Fixes: 26095a01d359 ("ACPI / scan: Add support for ACPI _CLS device matching") Signed-off-by: Masahiro Yamada commit 071b24b54d2d05fbf39ddbb27dee08abd1d713f3 Author: Dmitry Torokhov Date: Sun Oct 27 22:31:15 2024 -0700 Input: fix regression when re-registering input handlers Commit d469647bafd9 ("Input: simplify event handling logic") introduced code that would set handler->events() method to either input_handler_events_filter() or input_handler_events_default() or input_handler_events_null(), depending on the kind of input handler (a filter or a regular one) we are dealing with. Unfortunately this breaks cases when we try to re-register the same filter (as is the case with sysrq handler): after initial registration the handler will have 2 event handling methods defined, and will run afoul of the check in input_handler_check_methods(): input: input_handler_check_methods: only one event processing method can be defined (sysrq) sysrq: Failed to register input handler, error -22 Fix this by adding handle_events() method to input_handle structure and setting it up when registering a new input handle according to event handling methods defined in associated input_handler structure, thus avoiding modifying the input_handler structure. Reported-by: "Ned T. Crigler" Reported-by: Christian Heusel Tested-by: "Ned T. Crigler" Tested-by: Peter Seiderer Fixes: d469647bafd9 ("Input: simplify event handling logic") Link: https://lore.kernel.org/r/Zx2iQp6csn42PJA7@xavtug Cc: stable@vger.kernel.org Signed-off-by: Dmitry Torokhov commit 7ce3e6107103214d354a16729a472f588be60572 Author: Johannes Thumshirn Date: Wed Oct 30 12:02:53 2024 +0100 scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer We have two reports of failed memory allocation in btrfs' code which is calling into report zones. Both of these reports have the following signature coming from __vmalloc_area_node(): kworker/u17:5: vmalloc error: size 0, failed to allocate pages, mode:0x10dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NORETRY|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 Further debugging showed these where allocations of one sector (512 bytes) and at least one of the reporter's systems where low on memory, so going through the overhead of allocating a vm area failed. Switching the allocation from __vmalloc() to kvzalloc() avoids the overhead of vmalloc() on small allocations and succeeds. Note: the buffer is already freed using kvfree() so there's no need to adjust the free path. Cc: Qu Wenru Cc: Naohiro Aota Link: https://github.com/kdave/btrfs-progs/issues/779 Link: https://github.com/kdave/btrfs-progs/issues/915 Fixes: 23a50861adda ("scsi: sd_zbc: Cleanup sd_zbc_alloc_report_buffer()") Signed-off-by: Johannes Thumshirn Link: https://lore.kernel.org/r/20241030110253.11718-1-jth@kernel.org Reviewed-by: Damien Le Moal Signed-off-by: Martin K. Petersen commit 3e5e6c9900c3d71895e8bdeacfb579462e98eba1 Merge: f6a7b4ec74a03c 63a81588cd2025 Author: Linus Torvalds Date: Sat Nov 2 09:27:11 2024 -1000 Merge tag 'nfsd-6.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux Pull nfsd fixes from Chuck Lever: - Fix two async COPY bugs found during NFS bake-a-thon - Fix an svcrdma memory leak * tag 'nfsd-6.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux: rpcrdma: Always release the rpcrdma_device's xa_array NFSD: Never decrement pending_async_copies on error NFSD: Initialize struct nfsd4_copy earlier commit f6a7b4ec74a03cb9ad1fee6b8b6615cc57b927b1 Merge: 11066801dd4b7c 81a1e1c32ef474 Author: Linus Torvalds Date: Sat Nov 2 09:22:16 2024 -1000 Merge tag 'xfs-6.12-fixes-6' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux Pull xfs fixes from Carlos Maiolino: - fix a sysbot reported crash on filestreams - Reduce cpu time spent searching for extents in a very fragmented FS - Check for delayed allocations before setting extsize * tag 'xfs-6.12-fixes-6' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: xfs: streamline xfs_filestream_pick_ag xfs: fix finding a last resort AG in xfs_filestream_pick_ag xfs: Reduce unnecessary searches when searching for the best extents xfs: Check for delayed allocations before setting extsize commit 11066801dd4b7c4d75fce65c812723a80c1481ae Merge: f7292c0934a848 dc1308bee1ed03 Author: Linus Torvalds Date: Fri Nov 1 16:05:50 2024 -1000 Merge tag 'linux_kselftest-fixes-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull Kselftest fixes from Shuah Khan: - fix syntax error in frequency calculation arithmetic expression in intel_pstate run.sh - add missing cpupower dependency check intel_pstate run.sh - fix idmap_mount_tree_invalid test failure due to incorrect argument - fix watchdog-test run leaving the watchdog timer enabled causing system reboot. With this fix, the test disables the watchdog timer when it gets terminated with SIGTERM, SIGKILL, and SIGQUIT in addition to SIGINT * tag 'linux_kselftest-fixes-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: selftests/watchdog-test: Fix system accidentally reset after watchdog-test selftests/intel_pstate: check if cpupower is installed selftests/intel_pstate: fix operand expected error selftests/mount_setattr: fix idmap_mount_tree_invalid failed to run commit b2183187c5fd30659b9caccb92f7e5e680301769 Author: Suraj Gupta Date: Mon Oct 28 14:42:14 2024 +0530 dt-bindings: net: xlnx,axi-ethernet: Correct phy-mode property value Correct phy-mode property value to 1000base-x. Fixes: cbb1ca6d5f9a ("dt-bindings: net: xlnx,axi-ethernet: convert bindings document to yaml") Signed-off-by: Suraj Gupta Reviewed-by: Radhey Shyam Pandey Reviewed-by: Andrew Lunn Acked-by: Rob Herring (Arm) Link: https://patch.msgid.link/20241028091214.2078726-1-suraj.gupta2@amd.com Signed-off-by: Jakub Kicinski commit f7292c0934a848a3fc52c0926203417b5613c69c Merge: 05b92660cdfe53 2313ab74c30040 Author: Linus Torvalds Date: Fri Nov 1 15:59:46 2024 -1000 Merge tag 'rust-fixes-6.12-3' of https://github.com/Rust-for-Linux/linux Pull rust fixes from Miguel Ojeda: "Toolchain and infrastructure: - Avoid build errors with old 'rustc's without LLVM patch version (important since it impacts people that do not even enable Rust) - Update LLVM version for 'HAVE_CFI_ICALL_NORMALIZE_INTEGERS' in 'depends on' condition (the fix was eventually backported rather than land in LLVM 19)" * tag 'rust-fixes-6.12-3' of https://github.com/Rust-for-Linux/linux: cfi: tweak llvm version for HAVE_CFI_ICALL_NORMALIZE_INTEGERS kbuild: rust: avoid errors with old `rustc`s without LLVM patch version commit 05b92660cdfe53a49425467fa64b5ac4451a7f9e Merge: 269ce3bd62e8ad f3c3ccc4fe49db Author: Linus Torvalds Date: Fri Nov 1 15:44:23 2024 -1000 Merge tag 'pci-v6.12-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci Pull pci fix from Bjorn Helgaas: - Enable device-specific ACS-like functionality even if the device doesn't advertise an ACS capability, which got broken when adding fancy ACS kernel parameter (Jason Gunthorpe) * tag 'pci-v6.12-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci: PCI: Fix pci_enable_acs() support for the ACS quirks commit 269ce3bd62e8ad83dadc80a2f755a799697ca4a3 Merge: b1966a1fd218e1 f99c7cca2f712d Author: Linus Torvalds Date: Fri Nov 1 15:37:09 2024 -1000 Merge tag 'drm-fixes-2024-11-02' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes from Dave Airlie: "Regular fixes pull, nothing too out of the ordinary, the mediatek fixes came in a batch that I might have preferred a bit earlier but all seem fine, otherwise regular xe/amdgpu and a few misc ones. xe: - Fix missing HPD interrupt enabling, bringing one PM refactor with it - Workaround LNL GGTT invalidation not being visible to GuC - Avoid getting jobs stuck without a protecting timeout ivpu: - Fix firewall IRQ handling panthor: - Fix firmware initialization wrt page sizes - Fix handling and reporting of dead job groups sched: - Guarantee forward progress via WC_MEM_RECLAIM tests: - Fix memory leak in drm_display_mode_from_cea_vic() amdgpu: - DCN 3.5 fix - Vangogh SMU KASAN fix - SMU 13 profile reporting fix mediatek: - Fix degradation problem of alpha blending - Fix color format MACROs in OVL - Fix get efuse issue for MT8188 DPTX - Fix potential NULL dereference in mtk_crtc_destroy() - Correct dpi power-domains property - Add split subschema property constraints" * tag 'drm-fixes-2024-11-02' of https://gitlab.freedesktop.org/drm/kernel: (27 commits) drm/xe: Don't short circuit TDR on jobs not started drm/xe: Add mmio read before GGTT invalidate drm/tests: hdmi: Fix memory leaks in drm_display_mode_from_cea_vic() drm/connector: hdmi: Fix memory leak in drm_display_mode_from_cea_vic() drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() drm/panthor: Report group as timedout when we fail to properly suspend drm/panthor: Fail job creation when the group is dead drm/panthor: Fix firmware initialization on systems with a page size > 4k accel/ivpu: Fix NOC firewall interrupt handling drm/xe/display: Add missing HPD interrupt enabling during non-d3cold RPM resume drm/xe/display: Separate the d3cold and non-d3cold runtime PM handling drm/xe: Remove runtime argument from display s/r functions drm/amdgpu/smu13: fix profile reporting drm/amd/pm: Vangogh: Fix kernel memory out of bounds write Revert "drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35" drm/sched: Mark scheduler work queues with WQ_MEM_RECLAIM drm/tegra: Fix NULL vs IS_ERR() check in probe() dt-bindings: display: mediatek: split: add subschema property constraints dt-bindings: display: mediatek: dpi: correct power-domains property drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() ... commit b1966a1fd218e1f5d5376bf352f9a4c26aba50b5 Merge: f4a1e8e36973e2 3a2b97b3210bd5 Author: Linus Torvalds Date: Fri Nov 1 15:22:57 2024 -1000 Merge tag 'cxl-fixes-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/cxl/cxl Pull cxl fixes from Ira Weiny: "The bulk of these fixes center around an initialization order bug reported by Gregory Price and some additional fall out from the debugging effort. In summary, cxl_acpi and cxl_mem race and previously worked because of a bus_rescan_devices() while testing without modules built in. Unfortunately with modules built in the rescan would fail due to the cxl_port driver being registered late via the build order. Furthermore it was found bus_rescan_devices() did not guarantee a probe barrier which CXL was expecting. Additional fixes to cxl-test and decoder allocation came along as they were found in this debugging effort. The other fixes are pretty minor but one affects trace point data seen by user space. Summary: - Fix crashes when running with cxl-test code - Fix Trace DRAM Event Record field decodes - Fix module/built in initialization order errors - Fix use after free on decoder shutdowns - Fix out of order decoder allocations - Improve cxl-test to better reflect real world systems" * tag 'cxl-fixes-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/cxl/cxl: cxl/test: Improve init-order fidelity relative to real-world systems cxl/port: Prevent out-of-order decoder allocation cxl/port: Fix use-after-free, permit out-of-order decoder shutdown cxl/acpi: Ensure ports ready at cxl_acpi_probe() return cxl/port: Fix cxl_bus_rescan() vs bus_rescan_devices() cxl/port: Fix CXL port initialization order when the subsystem is built-in cxl/events: Fix Trace DRAM Event Record cxl/core: Return error when cxl_endpoint_gather_bandwidth() handles a non-PCI device commit f4a1e8e36973e2034c9eac2b3538470f8b2748a4 Merge: f0d3699aef2b6f d0c6cc6c6a6164 Author: Linus Torvalds Date: Fri Nov 1 13:41:55 2024 -1000 Merge tag 'block-6.12-20241101' of git://git.kernel.dk/linux Pull block fixes from Jens Axboe: - Fixup for a recent blk_rq_map_user_bvec() patch - NVMe pull request via Keith: - Spec compliant identification fix (Keith) - Module parameter to enable backward compatibility on unusual namespace formats (Keith) - Target double free fix when using keys (Vitaliy) - Passthrough command error handling fix (Keith) * tag 'block-6.12-20241101' of git://git.kernel.dk/linux: nvme: re-fix error-handling for io_uring nvme-passthrough nvmet-auth: assign dh_key to NULL after kfree_sensitive nvme: module parameter to disable pi with offsets block: fix queue limits checks in blk_rq_map_user_bvec for real nvme: enhance cns version checking commit f0d3699aef2b6f864c78ccfa8e2a7327f65b8841 Merge: c426456857fa09 1d60d74e852647 Author: Linus Torvalds Date: Fri Nov 1 13:38:01 2024 -1000 Merge tag 'io_uring-6.12-20241101' of git://git.kernel.dk/linux Pull io_uring fix from Jens Axboe: - Fix not honoring IOCB_NOWAIT for starting buffered writes in terms of calling sb_start_write(), leading to a deadlock if someone is attempting to freeze the file system with writes in progress, as each side will end up waiting for the other to make progress. * tag 'io_uring-6.12-20241101' of git://git.kernel.dk/linux: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write commit c426456857fa0957d4ef62cb1410b5e91a08aca4 Merge: edf0227abd7ffa 1c10941e34c5fd Author: Linus Torvalds Date: Fri Nov 1 09:04:23 2024 -1000 Merge tag 'acpi-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull ACPI fix from Rafael Wysocki: "Make the ACPI CPPC library use a raw spinlock for operations carried out in scheduler context via the schedutil governor and the ACPI CPPC cpufreq driver (Pierre Gondois)" * tag 'acpi-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: ACPI: CPPC: Make rmw_lock a raw_spin_lock commit edf0227abd7ffa3eff5510fd760123e2e15dc879 Merge: a031e154043984 604888f8c3d01f Author: Linus Torvalds Date: Fri Nov 1 09:03:02 2024 -1000 Merge tag 'gpio-fixes-for-v6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux Pull gpio fixes from Bartosz Golaszewski: - fix an uninitialized variable in GPIO swnode code - add a missing return value check for devm_mutex_init() - fix an old issue with debugfs output * tag 'gpio-fixes-for-v6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux: gpiolib: fix debugfs dangling chip separator gpiolib: fix debugfs newline separators gpio: sloppy-logic-analyzer: Check for error code from devm_mutex_init() call gpio: fix uninit-value in swnode_find_gpio commit f99c7cca2f712d11a67148cfbe463fdefeb82dc5 Merge: 427360718e5b9a fe05cee4d95338 Author: Dave Airlie Date: Sat Nov 2 04:44:02 2024 +1000 Merge tag 'drm-xe-fixes-2024-10-31' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-fixes Driver Changes: - Fix missing HPD interrupt enabling, bringing one PM refactor with it (Imre / Maarten) - Workaround LNL GGTT invalidation not being visible to GuC (Matthew Brost) - Avoid getting jobs stuck without a protecting timeout (Matthew Brost) Signed-off-by: Dave Airlie From: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/tsbftadm7owyizzdaqnqu7u4tqggxgeqeztlfvmj5fryxlfomi@5m5bfv2zvzmw commit a031e154043984cc5a073c1b7fe62abdbe25c0c6 Merge: 3dfffd506eff69 5f153a692bacc2 Author: Linus Torvalds Date: Fri Nov 1 08:26:38 2024 -1000 Merge tag 'riscv-for-linus-6.11-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux Pull RISC-V fixes from Palmer Dabbelt: - Avoid accessing the early boot ACPI tables via unsafe memory attributes, which can result in incorrect ACPI table data appearing. This can cause all sorts of bad behavior. - Avoid compiler-inserted library calls in the VDSO. - GCC+Rust builds have been disabled, to avoid issues related to ISA string mismatched between the GCC and LLVM Rust implementations. - The NX flag is now set in the EFI PE/COFF headers, which is necessary for some distro GRUB versions to boot images. - A fix to avoid leaking DT node reference counts on ACPI systems during cache info parsing. - CPU numbers are now printed as unsigned values during hotplug. - A pair of build fixes for usused macros, which can trigger warnings on some configurations. * tag 'riscv-for-linus-6.11-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux: riscv: Remove duplicated GET_RM riscv: Remove unused GENERATING_ASM_OFFSETS riscv: Use '%u' to format the output of 'cpu' riscv: Prevent a bad reference count on CPU nodes riscv: efi: Set NX compat flag in PE/COFF header RISC-V: disallow gcc + rust builds riscv: Do not use fortify in early code RISC-V: ACPI: fix early_ioremap to early_memremap riscv: vdso: Prevent the compiler from inserting calls to memset() commit 3dfffd506eff69e4246a0f1760e67dd90f9bbb32 Merge: 17fa6a5f93fcd5 2e8a1acea8597f Author: Linus Torvalds Date: Fri Nov 1 07:54:11 2024 -1000 Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux Pull arm64 fixes from Will Deacon: "The important one is a change to the way in which we handle protection keys around signal delivery so that we're more closely aligned with the x86 behaviour, however there is also a revert of the previous fix to disable software tag-based KASAN with GCC, since a workaround materialised shortly afterwards. I'd love to say we're done with 6.12, but we're aware of some longstanding fpsimd register corruption issues that we're almost at the bottom of resolving. Summary: - Fix handling of POR_EL0 during signal delivery so that pushing the signal context doesn't fail based on the pkey configuration of the interrupted context and align our user-visible behaviour with that of x86. - Fix a bogus pointer being passed to the CPU hotplug code from the Arm SDEI driver. - Re-enable software tag-based KASAN with GCC by using an alternative implementation of '__no_sanitize_address'" * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: arm64: signal: Improve POR_EL0 handling to avoid uaccess failures firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state() Revert "kasan: Disable Software Tag-Based KASAN with GCC" kasan: Fix Software Tag-Based KASAN with GCC commit 17fa6a5f93fcd5dd936e07aee61c014d401df4ae Merge: d56239a82e3721 6db388585e486c Author: Linus Torvalds Date: Fri Nov 1 07:45:00 2024 -1000 Merge tag 'vfs-6.12-rc6.iomap' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs Pull iomap fixes from Christian Brauner: "Fixes for iomap to prevent data corruption bugs in the fallocate unshare range implementation of fsdax and a small cleanup to turn iomap_want_unshare_iter() into an inline function" * tag 'vfs-6.12-rc6.iomap' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs: iomap: turn iomap_want_unshare_iter into an inline function fsdax: dax_unshare_iter needs to copy entire blocks fsdax: remove zeroing code from dax_unshare_iter iomap: share iomap_unshare_iter predicate code with fsdax xfs: don't allocate COW extents when unsharing a hole commit d56239a82e3721d38ff5496f2411bf0cb57ece5c Merge: 6b4926494ed872 c749d9b7ebbc57 Author: Linus Torvalds Date: Fri Nov 1 07:37:10 2024 -1000 Merge tag 'vfs-6.12-rc6.fixes' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs Pull filesystem fixes from Christian Brauner: "VFS: - Fix copy_page_from_iter_atomic() if KMAP_LOCAL_FORCE_MAP=y is set - Add a get_tree_bdev_flags() helper that allows to modify e.g., whether errors are logged into the filesystem context during superblock creation. This is used by erofs to fix a userspace regression where an error is currently logged when its used on a regular file which is an new allowed mode in erofs. netfs: - Fix the sysfs debug path in the documentation. - Fix iov_iter_get_pages*() for folio queues by skipping the page extracation if we're at the end of a folio. afs: - Fix moving subdirectories to different parent directory. autofs: - Fix handling of AUTOFS_DEV_IOCTL_TIMEOUT_CMD ioctl in validate_dev_ioctl(). The actual ioctl number, not the ioctl command needs to be checked for autofs" * tag 'vfs-6.12-rc6.fixes' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs: iov_iter: fix copy_page_from_iter_atomic() if KMAP_LOCAL_FORCE_MAP autofs: fix thinko in validate_dev_ioctl() iov_iter: Fix iov_iter_get_pages*() for folio_queue afs: Fix missing subdir edit when renamed between parent dirs doc: correcting the debug path for cachefiles erofs: use get_tree_bdev_flags() to avoid misleading messages fs/super.c: introduce get_tree_bdev_flags() commit 6b4926494ed872803bb0b3c59440ac25c35c9869 Merge: 7b83601da470cf 77b0d113eec49a Author: Linus Torvalds Date: Fri Nov 1 07:31:47 2024 -1000 Merge tag 'for-6.12-rc5-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux Pull btrfs fixes from David Sterba: "A few more stability fixes. There's one patch adding export of MIPS cmpxchg helper, used in the error propagation fix. - fix error propagation from split bios to the original btrfs bio - fix merging of adjacent extents (normal operation, defragmentation) - fix potential use after free after freeing btrfs device structures" * tag 'for-6.12-rc5-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux: btrfs: fix defrag not merging contiguous extents due to merged extent maps btrfs: fix extent map merging not happening for adjacent extents btrfs: fix use-after-free of block device file in __btrfs_free_extra_devids() btrfs: fix error propagation of split bios MIPS: export __cmpxchg_small() commit 7b83601da470cfdb0a66eb9335fb6ec34d3dd876 Merge: 6c52d4da1c742c 3726a1970bd724 Author: Linus Torvalds Date: Fri Nov 1 07:21:03 2024 -1000 Merge tag 'bcachefs-2024-10-31' of git://evilpiepirate.org/bcachefs Pull bcachefs fixes from Kent Overstreet: "Various syzbot fixes, and the more notable ones: - Fix for pointers in an extent overflowing the max (16) on a filesystem with many devices: we were creating too many cached copies when moving data around. Now, we only create at most one cached copy if there's a promote target set. Caching will be a bit broken for reflinked data until 6.13: I have larger series queued up which significantly improves the plumbing for data options down into the extent (bch_extent_rebalance) to fix this. - Fix for deadlock on -ENOSPC on tiny filesystems Allocation from the partial open_bucket list wasn't correctly accounting partial open_buckets as free: this fixes the main cause of tests timing out in the automated tests" * tag 'bcachefs-2024-10-31' of git://evilpiepirate.org/bcachefs: bcachefs: Fix NULL ptr dereference in btree_node_iter_and_journal_peek bcachefs: fix possible null-ptr-deref in __bch2_ec_stripe_head_get() bcachefs: Fix deadlock on -ENOSPC w.r.t. partial open buckets bcachefs: Don't filter partial list buckets in open_buckets_to_text() bcachefs: Don't keep tons of cached pointers around bcachefs: init freespace inited bits to 0 in bch2_fs_initialize bcachefs: Fix unhandled transaction restart in fallocate bcachefs: Fix UAF in bch2_reconstruct_alloc() bcachefs: fix null-ptr-deref in have_stripes() bcachefs: fix shift oob in alloc_lru_idx_fragmentation bcachefs: Fix invalid shift in validate_sb_layout() commit 566064e57066a14ef5d2a90e29a7bb3495c0fed2 Merge: 51c4bae06685da 54376fe116ef69 Author: Arnd Bergmann Date: Fri Nov 1 16:10:53 2024 +0100 Merge tag 'qcom-arm64-fixes-for-6.12-2' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux into HEAD More Qualcomm Arm64 DeviceTree fixes for v6.12 Bring a range of PCIe fixes across the X Elite platform, as well as marking the NVMe power supply boot-on to avoid glitching the power supply during boot. The X Elite CRD audio configuration sees a spelling mistake corrected. On SM8450 the PCIe 1 PIPE clock definition is corrected, to fix a regression where this isn't able to acquire it's clocks. * tag 'qcom-arm64-fixes-for-6.12-2' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux: arm64: dts: qcom: x1e80100: fix PCIe5 interconnect arm64: dts: qcom: x1e80100: fix PCIe4 interconnect arm64: dts: qcom: x1e80100: Fix up BAR spaces arm64: dts: qcom: x1e80100-qcp: fix nvme regulator boot glitch arm64: dts: qcom: x1e80100-microsoft-romulus: fix nvme regulator boot glitch arm64: dts: qcom: x1e80100-yoga-slim7x: fix nvme regulator boot glitch arm64: dts: qcom: x1e80100-vivobook-s15: fix nvme regulator boot glitch arm64: dts: qcom: x1e80100-crd: fix nvme regulator boot glitch arm64: dts: qcom: x1e78100-t14s: fix nvme regulator boot glitch arm64: dts: qcom: x1e80100-crd Rename "Twitter" to "Tweeter" arm64: dts: qcom: x1e80100: Fix PCIe 6a lanes description arm64: dts: qcom: sm8450 fix PIPE clock specification for pcie1 arm64: dts: qcom: x1e80100: Add Broadcast_AND region in LLCC block arm64: dts: qcom: x1e80100: fix PCIe5 PHY clocks arm64: dts: qcom: x1e80100: fix PCIe4 and PCIe6a PHY clocks Link: https://lore.kernel.org/r/20241101143206.738617-1-andersson@kernel.org Signed-off-by: Arnd Bergmann commit 51c4bae06685dad4d2356a57ea07a87f127c7c65 Merge: c3b56da655a672 d92e9ea2f0f918 Author: Arnd Bergmann Date: Fri Nov 1 16:10:32 2024 +0100 Merge tag 'qcom-arm64-fixes-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux into HEAD Qualcomm Arm64 DeviceTree fix for v6.12 This reverts the conversion to use the mailbox binding for RPM IPC interrupts, as this broke boot on msm8939. * tag 'qcom-arm64-fixes-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux: arm64: dts: qcom: msm8939: revert use of APCS mbox for RPM Link: https://lore.kernel.org/r/20241101142414.737828-1-andersson@kernel.org Signed-off-by: Arnd Bergmann commit c3b56da655a6725e58c5c3cd1877a2f781e8b797 Merge: e5c06efdc0306c 54962707f8b8b5 Author: Arnd Bergmann Date: Fri Nov 1 15:48:06 2024 +0100 Merge tag 'scmi-fixes-6.12-2' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux into HEAD Arm SCMI fixes for v6.12(part 2) Couple of fixes to address slab-use-after-free in scmi_bus_notifier() via scmi_dev->name and possible incorrect clear channel transport operation on A2P channel if some sort of P2A only messages are initiated on A2P channel(occurs when stress tested passing /dev/random to the channel). Apart from this, there are fixes to address missing "arm" prefix in the recently added property max-rx-timeout-ms which was missed in the review but was identified when further additions to the same binding were getting reviewed. * tag 'scmi-fixes-6.12-2' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux: firmware: arm_scmi: Use vendor string in max-rx-timeout-ms dt-bindings: firmware: arm,scmi: Add missing vendor string firmware: arm_scmi: Reject clear channel request on A2P firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() Link: https://lore.kernel.org/r/20241031172734.3109140-1-sudeep.holla@arm.com Signed-off-by: Arnd Bergmann commit e5c06efdc0306c2831992dd6fa1a0e38db1a9845 Merge: 896dcf47670de7 384f2024e1a100 Author: Arnd Bergmann Date: Fri Nov 1 15:47:30 2024 +0100 Merge tag 'riscv-soc-fixes-for-v6.12-rc6' of https://git.kernel.org/pub/scm/linux/kernel/git/conor/linux into HEAD RISC-V soc fixes for v6.12-rc6 StarFive: Two minor dts fixes, one setting the correct eth phy delay parameters and one disabling unused nodes that caused warnings at probe time. Firmware: Fix the poll_complete() implementation in the auto-update driver so that it behaves as the framework expects. Misc: Update the maintainer pattern for my dts entry, so that it covers the specific platforms listed , rather than including all riscv platforms with the list platforms excluded. Signed-off-by: Conor Dooley * tag 'riscv-soc-fixes-for-v6.12-rc6' of https://git.kernel.org/pub/scm/linux/kernel/git/conor/linux: MAINTAINERS: invert Misc RISC-V SoC Support's pattern riscv: dts: starfive: Update ethernet phy0 delay parameter values for Star64 riscv: dts: starfive: disable unused csi/camss nodes firmware: microchip: auto-update: fix poll_complete() to not report spurious timeout errors Link: https://lore.kernel.org/r/20241031-colossal-cassette-617817c9bec3@spud Signed-off-by: Arnd Bergmann commit 5e53e4a66bc7430dd2d11c18a86410e3a38d2940 Author: Mikhail Rudenko Date: Thu Oct 17 21:37:28 2024 +0300 regulator: rk808: Add apply_bit for BUCK3 on RK809 Currently, RK809's BUCK3 regulator is modelled in the driver as a configurable regulator with 0.5-2.4V voltage range. But the voltage setting is not actually applied, because when bit 6 of PMIC_POWER_CONFIG register is set to 0 (default), BUCK3 output voltage is determined by the external feedback resistor. Fix this, by setting bit 6 when voltage selection is set. Existing users which do not specify voltage constraints in their device trees will not be affected by this change, since no voltage setting is applied in those cases, and bit 6 is not enabled. Signed-off-by: Mikhail Rudenko Link: https://patch.msgid.link/20241017-rk809-dcdc3-v1-1-e3c3de92f39c@gmail.com Signed-off-by: Mark Brown commit 896dcf47670de72335e40e5f71f7160fc494d16c Merge: e29c29343a8908 08846522d9a7bc Author: Arnd Bergmann Date: Fri Nov 1 14:47:37 2024 +0100 Merge tag 'v6.12-rockchip-dtsfixes1' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip into HEAD A number of DTS correctnes fixes, to bring down the amount of errors reported by dtbscheck. * tag 'v6.12-rockchip-dtsfixes1' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip: (23 commits) arm64: dts: rockchip: Correct GPIO polarity on brcm BT nodes arm64: dts: rockchip: Drop invalid clock-names from es8388 codec nodes ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin ARM: dts: rockchip: Fix the spi controller on rk3036 ARM: dts: rockchip: drop grf reference from rk3036 hdmi ARM: dts: rockchip: fix rk3036 acodec node arm64: dts: rockchip: remove orphaned pinctrl-names from pinephone pro arm64: dts: rockchip: remove num-slots property from rk3328-nanopi-r2s-plus arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion arm64: dts: rockchip: Remove undocumented supports-emmc property arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards arm64: dts: rockchip: Fix bluetooth properties on rk3566 box demo arm64: dts: rockchip: Drop regulator-init-microvolt from two boards arm64: dts: rockchip: fix i2c2 pinctrl-names property on anbernic-rg353p/v arm64: dts: rockchip: Fix reset-gpios property on brcm BT nodes arm64: dts: rockchip: Fix wakeup prop names on PineNote BT node arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 arm64: dts: rockchip: Designate Turing RK1's system power controller arm64: dts: rockchip: Start cooling maps numbering from zero on ROCK 5B ... Link: https://lore.kernel.org/r/2847150.mvXUDI8C0e@phil Signed-off-by: Arnd Bergmann commit e29c29343a89081a9183ff4f70974c4db5fb8839 Merge: 83359f6bb91c66 d99913e1b80b51 Author: Arnd Bergmann Date: Fri Nov 1 14:47:23 2024 +0100 Merge tag 'riscv-sophgo-dt-fixes-for-v6.12-rc1' of https://github.com/sophgo/linux into HEAD RISC-V Sophgo Devicetree fixes for v6.12-rc1 Just one minor fix to replace deprecated "snps,nr-gpios" property with "ngpios" for snps,dw-apb-gpio-port devices. Signed-off-by: Chen Wang * tag 'riscv-sophgo-dt-fixes-for-v6.12-rc1' of https://github.com/sophgo/linux: riscv: dts: Replace deprecated snps,nr-gpios property for snps,dw-apb-gpio-port devices Link: https://lore.kernel.org/r/MA0P287MB2822A17623C51A558DB948FCFE482@MA0P287MB2822.INDP287.PROD.OUTLOOK.COM Signed-off-by: Arnd Bergmann commit 83359f6bb91c6603aa70fc81b1b20008b11641d8 Merge: 42f7652d3eb527 4fbb73416b1077 Author: Arnd Bergmann Date: Fri Nov 1 14:46:26 2024 +0100 Merge tag 'imx-fixes-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux into HEAD i.MX fixes for 6.12: - An imx8qm change from Alexander Stein to fix VPU IRQs - An imx8 LVDS subsystem change from Diogo Silva to fix clock-output-names - An imx8ulp change from Haibo Chen to correct flexspi compatible string - An imx8mp-skov board change from Liu Ying to set correct clock rate for media_isp - An imx8mp-phyboard change from Marek Vasut to correct Video PLL1 frequency - An imx8mp change from Peng Fan to correct SDHC IPG clock * tag 'imx-fixes-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux: arm64: dts: imx8mp-phyboard-pollux: Set Video PLL1 frequency to 506.8 MHz arm64: dts: imx8mp: correct sdhc ipg clk arm64: dts: imx8mp-skov-revb-mi1010ait-1cp1: Assign "media_isp" clock rate arm64: dts: imx8: Fix lvds0 device tree arm64: dts: imx8ulp: correct the flexspi compatible string arm64: dts: imx8-ss-vpu: Fix imx8qm VPU IRQs Link: https://lore.kernel.org/r/ZxhsnnLudN2kD2Po@dragon Signed-off-by: Arnd Bergmann commit 8b55572e51805184353ee7d587c720a51818fb82 Author: Kalesh Singh Date: Wed Oct 30 10:17:50 2024 -0700 tracing/selftests: Add tracefs mount options test Add a selftest to check that the tracefs gid mount option is applied correctly. ./ftracetest test.d/00basic/mount_options.tc Use the new readme string "[gid=] as a requirement and also update test_ownership.tc requirements to use this. Cc: Eric Sandeen Cc: Mathieu Desnoyers Cc: Shuah Khan Cc: Ali Zahraee Cc: Christian Brauner Cc: David Howells Cc: Masami Hiramatsu Link: https://lore.kernel.org/20241030171928.4168869-4-kaleshsingh@google.com Signed-off-by: Kalesh Singh Signed-off-by: Steven Rostedt (Google) commit fa17cb4b3b42618aeed1e0bce80cc55106561718 Author: Kalesh Singh Date: Wed Oct 30 10:17:49 2024 -0700 tracing: Document tracefs gid mount option Commit ee7f3666995d ("tracefs: Have new files inherit the ownership of their parent") and commit 48b27b6b5191 ("tracefs: Set all files to the same group ownership as the mount option") introduced a new gid mount option that allows specifying a group to apply to all entries in tracefs. Document this in the tracing readme. Cc: Eric Sandeen Cc: Mathieu Desnoyers Cc: Shuah Khan Cc: Ali Zahraee Cc: Christian Brauner Cc: David Howells Cc: Masami Hiramatsu Link: https://lore.kernel.org/20241030171928.4168869-3-kaleshsingh@google.com Signed-off-by: Kalesh Singh Signed-off-by: Steven Rostedt (Google) commit e4d32142d1de8bcafd90ea5f4f557104f0969c41 Author: Kalesh Singh Date: Wed Oct 30 10:17:48 2024 -0700 tracing: Fix tracefs mount options Commit 78ff64081949 ("vfs: Convert tracefs to use the new mount API") converted tracefs to use the new mount APIs caused mount options (e.g. gid=) to not take effect. The tracefs superblock can be updated from multiple paths: - on fs_initcall() to init_trace_printk_function_export() - from a work queue to initialize eventfs tracer_init_tracefs_work_func() - fsconfig() syscall to mount or remount of tracefs The tracefs superblock root inode gets created early on in init_trace_printk_function_export(). With the new mount API, tracefs effectively uses get_tree_single() instead of the old API mount_single(). Previously, mount_single() ensured that the options are always applied to the superblock root inode: (1) If the root inode didn't exist, call fill_super() to create it and apply the options. (2) If the root inode exists, call reconfigure_single() which effectively calls tracefs_apply_options() to parse and apply options to the subperblock's fs_info and inode and remount eventfs (if necessary) On the other hand, get_tree_single() effectively calls vfs_get_super() which: (3) If the root inode doesn't exists, calls fill_super() to create it and apply the options. (4) If the root inode already exists, updates the fs_context root with the superblock's root inode. (4) above is always the case for tracefs mounts, since the super block's root inode will already be created by init_trace_printk_function_export(). This means that the mount options get ignored: - Since it isn't applied to the superblock's root inode, it doesn't get inherited by the children. - Since eventfs is initialized from a separate work queue and before call to mount with the options, and it doesn't get remounted for mount. Ensure that the mount options are applied to the super block and eventfs is remounted to respect the mount options. To understand this better, if fstab has the following: tracefs /sys/kernel/tracing tracefs nosuid,nodev,noexec,gid=tracing 0 0 On boot up, permissions look like: # ls -l /sys/kernel/tracing/trace -rw-r----- 1 root root 0 Nov 1 08:37 /sys/kernel/tracing/trace When it should look like: # ls -l /sys/kernel/tracing/trace -rw-r----- 1 root tracing 0 Nov 1 08:37 /sys/kernel/tracing/trace Link: https://lore.kernel.org/r/536e99d3-345c-448b-adee-a21389d7ab4b@redhat.com/ Cc: Eric Sandeen Cc: Mathieu Desnoyers Cc: Shuah Khan Cc: Ali Zahraee Cc: Christian Brauner Cc: David Howells Cc: Steven Rostedt Cc: Masami Hiramatsu Cc: stable@vger.kernel.org Fixes: 78ff64081949 ("vfs: Convert tracefs to use the new mount API") Link: https://lore.kernel.org/20241030171928.4168869-2-kaleshsingh@google.com Signed-off-by: Kalesh Singh Signed-off-by: Steven Rostedt (Google) commit f7c7c5aa556378a2c8da72c1f7f238b6648f95fb Author: Peng Fan Date: Fri Nov 1 18:12:51 2024 +0800 pmdomain: imx93-blk-ctrl: correct remove path The check condition should be 'i < bc->onecell_data.num_domains', not 'bc->onecell_data.num_domains' which will make the look never finish and cause kernel panic. Also disable runtime to address "imx93-blk-ctrl 4ac10000.system-controller: Unbalanced pm_runtime_enable!" Fixes: e9aa77d413c9 ("soc: imx: add i.MX93 media blk ctrl driver") Signed-off-by: Peng Fan Reviewed-by: Stefan Wahren Cc: stable@vger.kernel.org Message-ID: <20241101101252.1448466-1-peng.fan@oss.nxp.com> Signed-off-by: Ulf Hansson commit d4148aeab412432bf928f311eca8a2ba52bb05df Author: Vlastimil Babka Date: Thu Oct 24 17:12:29 2024 +0200 mm, mmap: limit THP alignment of anonymous mappings to PMD-aligned sizes Since commit efa7df3e3bb5 ("mm: align larger anonymous mappings on THP boundaries") a mmap() of anonymous memory without a specific address hint and of at least PMD_SIZE will be aligned to PMD so that it can benefit from a THP backing page. However this change has been shown to regress some workloads significantly. [1] reports regressions in various spec benchmarks, with up to 600% slowdown of the cactusBSSN benchmark on some platforms. The benchmark seems to create many mappings of 4632kB, which would have merged to a large THP-backed area before commit efa7df3e3bb5 and now they are fragmented to multiple areas each aligned to PMD boundary with gaps between. The regression then seems to be caused mainly due to the benchmark's memory access pattern suffering from TLB or cache aliasing due to the aligned boundaries of the individual areas. Another known regression bisected to commit efa7df3e3bb5 is darktable [2] [3] and early testing suggests this patch fixes the regression there as well. To fix the regression but still try to benefit from THP-friendly anonymous mapping alignment, add a condition that the size of the mapping must be a multiple of PMD size instead of at least PMD size. In case of many odd-sized mapping like the cactusBSSN creates, those will stop being aligned and with gaps between, and instead naturally merge again. Link: https://lkml.kernel.org/r/20241024151228.101841-2-vbabka@suse.cz Fixes: efa7df3e3bb5 ("mm: align larger anonymous mappings on THP boundaries") Signed-off-by: Vlastimil Babka Reported-by: Michael Matz Debugged-by: Gabriel Krisman Bertazi Closes: https://bugzilla.suse.com/show_bug.cgi?id=1229012 [1] Reported-by: Matthias Bodenbinder Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219366 [2] Closes: https://lore.kernel.org/all/2050f0d4-57b0-481d-bab8-05e8d48fed0c@leemhuis.info/ [3] Reviewed-by: Lorenzo Stoakes Reviewed-by: Yang Shi Cc: Rik van Riel Cc: Jann Horn Cc: Liam R. Howlett Cc: Petr Tesarik Cc: Thorsten Leemhuis Cc: Signed-off-by: Andrew Morton commit 15e8156713cc38031642fafc8baf7d53f19f2e83 Author: Chen Ridong Date: Fri Oct 25 06:09:42 2024 +0000 mm: shrinker: avoid memleak in alloc_shrinker_info A memleak was found as below: unreferenced object 0xffff8881010d2a80 (size 32): comm "mkdir", pid 1559, jiffies 4294932666 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 @............... backtrace (crc 2e7ef6fa): [] __kmalloc_node_noprof+0x394/0x470 [] alloc_shrinker_info+0x7b/0x1a0 [] mem_cgroup_css_online+0x11a/0x3b0 [] online_css+0x29/0xa0 [] cgroup_apply_control_enable+0x20d/0x360 [] cgroup_mkdir+0x168/0x5f0 [] kernfs_iop_mkdir+0x5e/0x90 [] vfs_mkdir+0x144/0x220 [] do_mkdirat+0x87/0x130 [] __x64_sys_mkdir+0x49/0x70 [] do_syscall_64+0x68/0x140 [] entry_SYSCALL_64_after_hwframe+0x76/0x7e alloc_shrinker_info(), when shrinker_unit_alloc() returns an errer, the info won't be freed. Just fix it. Link: https://lkml.kernel.org/r/20241025060942.1049263-1-chenridong@huaweicloud.com Fixes: 307bececcd12 ("mm: shrinker: add a secondary array for shrinker_info::{map, nr_deferred}") Signed-off-by: Chen Ridong Acked-by: Qi Zheng Acked-by: Roman Gushchin Acked-by: Vlastimil Babka Acked-by: Kirill A. Shutemov Reviewed-by: Dave Chinner Cc: Anshuman Khandual Cc: Muchun Song Cc: Wang Weiyang Cc: Signed-off-by: Andrew Morton commit 0173471d21ec964921f97ba4eca71af74beb29f7 Author: Eugen Hristev Date: Fri Oct 25 11:58:48 2024 +0300 .mailmap: update e-mail address for Eugen Hristev Update e-mail address. Link: https://lkml.kernel.org/r/20241025085848.483149-1-eugen.hristev@linaro.org Signed-off-by: Eugen Hristev Signed-off-by: Andrew Morton commit 35e41024c4c2b02ef8207f61b9004f6956cf037b Author: Gregory Price Date: Fri Oct 25 10:17:24 2024 -0400 vmscan,migrate: fix page count imbalance on node stats when demoting pages When numa balancing is enabled with demotion, vmscan will call migrate_pages when shrinking LRUs. migrate_pages will decrement the the node's isolated page count, leading to an imbalanced count when invoked from (MG)LRU code. The result is dmesg output like such: $ cat /proc/sys/vm/stat_refresh [77383.088417] vmstat_refresh: nr_isolated_anon -103212 [77383.088417] vmstat_refresh: nr_isolated_file -899642 This negative value may impact compaction and reclaim throttling. The following path produces the decrement: shrink_folio_list demote_folio_list migrate_pages migrate_pages_batch migrate_folio_move migrate_folio_done mod_node_page_state(-ve) <- decrement This path happens for SUCCESSFUL migrations, not failures. Typically callers to migrate_pages are required to handle putback/accounting for failures, but this is already handled in the shrink code. When accounting for migrations, instead do not decrement the count when the migration reason is MR_DEMOTION. As of v6.11, this demotion logic is the only source of MR_DEMOTION. Link: https://lkml.kernel.org/r/20241025141724.17927-1-gourry@gourry.net Fixes: 26aa2d199d6f ("mm/migrate: demote pages during reclaim") Signed-off-by: Gregory Price Reviewed-by: Yang Shi Reviewed-by: Davidlohr Bueso Reviewed-by: Shakeel Butt Reviewed-by: "Huang, Ying" Reviewed-by: Oscar Salvador Cc: Dave Hansen Cc: Wei Xu Cc: Signed-off-by: Andrew Morton commit 85d16bceaf5d8112c9ffcfedd2f1bb9d0a1c1578 Author: Jarkko Sakkinen Date: Fri Oct 25 21:15:28 2024 +0300 mailmap: update Jarkko's email addresses Remove my previous work email, and the new one. The previous was never used in the commit log, so there's no good reason to spare it. Link: https://lkml.kernel.org/r/20241025181530.6151-1-jarkko@kernel.org Signed-off-by: Jarkko Sakkinen Cc: Alex Elder Cc: David S. Miller Cc: Geliang Tang Cc: Jiri Kosina Cc: Kees Cook Cc: Matthieu Baerts (NGI0) Cc: Matt Ranostay Cc: Neeraj Upadhyay Cc: Quentin Monnet Signed-off-by: Andrew Morton commit 6c52d4da1c742cd01a797a4d0a2d3c5a60dc9bfe Merge: 5635f189425e32 76d3ddff7153cc Author: Linus Torvalds Date: Thu Oct 31 16:49:23 2024 -1000 Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma Pull rdma fixes from Jason Gunthorpe: - Put the QP netlink dump back in cxgb4, fixes a user visible regression - Don't change the rounding style in mlx5 for user provided rd_atomic values - Resolve a race in bnxt_re around the qp-handle table array * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma: RDMA/bnxt_re: synchronize the qp-handle table array RDMA/bnxt_re: Fix the usage of control path spin locks RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down RDMA/cxgb4: Dump vendor specific QP details commit 0144c06c5890d1ad0eea65df074cffaf4eea5a3c Author: Vladimir Oltean Date: Tue Oct 29 18:31:05 2024 +0200 net: dpaa_eth: print FD status in CPU endianness in dpaa_eth_fd tracepoint Sparse warns: note: in included file (through ../include/trace/trace_events.h, ../include/trace/define_trace.h, ../drivers/net/ethernet/freescale/dpaa/dpaa_eth_trace.h): warning: incorrect type in assignment (different base types) expected unsigned int [usertype] fd_status got restricted __be32 const [usertype] status We take struct qm_fd :: status, store it and print it as an u32, though it is a big endian field. We should print the FD status in CPU endianness for ease of debug and consistency between PowerPC and Arm systems. Though it is a not often used debug feature, it is best to treat it as a bug and backport the format change to all supported stable kernels, for consistency. Fixes: eb11ddf36eb8 ("dpaa_eth: add trace points") Signed-off-by: Vladimir Oltean Acked-by: Madalin Bucur Link: https://patch.msgid.link/20241029163105.44135-1-vladimir.oltean@nxp.com Signed-off-by: Jakub Kicinski commit badccd49b93bb945bf4e5cc8707db67cdc5e27e5 Author: Wei Fang Date: Tue Oct 29 17:04:06 2024 +0800 net: enetc: set MAC address to the VF net_device The MAC address of VF can be configured through the mailbox mechanism of ENETC, but the previous implementation forgot to set the MAC address in net_device, resulting in the SMAC of the sent frames still being the old MAC address. Since the MAC address in the hardware has been changed, Rx cannot receive frames with the DMAC address as the new MAC address. The most obvious phenomenon is that after changing the MAC address, we can see that the MAC address of eno0vf0 has not changed through the "ifconfig eno0vf0" command and the IP address cannot be obtained . root@ls1028ardb:~# ifconfig eno0vf0 down root@ls1028ardb:~# ifconfig eno0vf0 hw ether 00:04:9f:3a:4d:56 up root@ls1028ardb:~# ifconfig eno0vf0 eno0vf0: flags=4163 mtu 1500 ether 66:36:2c:3b:87:76 txqueuelen 1000 (Ethernet) RX packets 794 bytes 69239 (69.2 KB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 11 bytes 2226 (2.2 KB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 Fixes: beb74ac878c8 ("enetc: Add vf to pf messaging support") Signed-off-by: Wei Fang Reviewed-by: Vladimir Oltean Reviewed-by: Claudiu Manoil Link: https://patch.msgid.link/20241029090406.841836-1-wei.fang@nxp.com Signed-off-by: Jakub Kicinski commit 5635f189425e328097714c38341944fc40731f3d Merge: 90602c251cda8a c40dd8c4732551 Author: Linus Torvalds Date: Thu Oct 31 14:56:19 2024 -1000 Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Pull bpf fixes from Daniel Borkmann: - Fix BPF verifier to force a checkpoint when the program's jump history becomes too long (Eduard Zingerman) - Add several fixes to the BPF bits iterator addressing issues like memory leaks and overflow problems (Hou Tao) - Fix an out-of-bounds write in trie_get_next_key (Byeonguk Jeong) - Fix BPF test infra's LIVE_FRAME frame update after a page has been recycled (Toke Høiland-Jørgensen) - Fix BPF verifier and undo the 40-bytes extra stack space for bpf_fastcall patterns due to various bugs (Eduard Zingerman) - Fix a BPF sockmap race condition which could trigger a NULL pointer dereference in sock_map_link_update_prog (Cong Wang) - Fix tcp_bpf_recvmsg_parser to retrieve seq_copied from tcp_sk under the socket lock (Jiayuan Chen) * tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf: bpf, test_run: Fix LIVE_FRAME frame update after a page has been recycled selftests/bpf: Add three test cases for bits_iter bpf: Use __u64 to save the bits in bits iterator bpf: Check the validity of nr_words in bpf_iter_bits_new() bpf: Add bpf_mem_alloc_check_size() helper bpf: Free dynamically allocated bits in bpf_iter_bits_destroy() bpf: disallow 40-bytes extra stack for bpf_fastcall patterns selftests/bpf: Add test for trie_get_next_key() bpf: Fix out-of-bounds write in trie_get_next_key() selftests/bpf: Test with a very short loop bpf: Force checkpoint when jmp history is too long bpf: fix filed access without lock sock_map: fix a NULL pointer dereference in sock_map_link_update_prog() commit 90602c251cda8a1e526efb250f28c1ea3f87cd78 Merge: 15cb732c16edd3 50ae879de107ca Author: Linus Torvalds Date: Thu Oct 31 12:39:58 2024 -1000 Merge tag 'net-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from Paolo Abeni: "Including fixes from WiFi, bluetooth and netfilter. No known new regressions outstanding. Current release - regressions: - wifi: mt76: do not increase mcu skb refcount if retry is not supported Current release - new code bugs: - wifi: - rtw88: fix the RX aggregation in USB 3 mode - mac80211: fix memory corruption bug in struct ieee80211_chanctx Previous releases - regressions: - sched: - stop qdisc_tree_reduce_backlog on TC_H_ROOT - sch_api: fix xa_insert() error path in tcf_block_get_ext() - wifi: - revert "wifi: iwlwifi: remove retry loops in start" - cfg80211: clear wdev->cqm_config pointer on free - netfilter: fix potential crash in nf_send_reset6() - ip_tunnel: fix suspicious RCU usage warning in ip_tunnel_find() - bluetooth: fix null-ptr-deref in hci_read_supported_codecs - eth: mlxsw: add missing verification before pushing Tx header - eth: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue Previous releases - always broken: - wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower - netfilter: sanitize offset and length before calling skb_checksum() - core: - fix crash when config small gso_max_size/gso_ipv4_max_size - skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension - mptcp: protect sched with rcu_read_lock - eth: ice: fix crash on probe for DPLL enabled E810 LOM - eth: macsec: fix use-after-free while sending the offloading packet - eth: stmmac: fix unbalanced DMA map/unmap for non-paged SKB data - eth: hns3: fix kernel crash when 1588 is sent on HIP08 devices - eth: mtk_wed: fix path of MT7988 WO firmware" * tag 'net-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (70 commits) net: hns3: fix kernel crash when 1588 is sent on HIP08 devices net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue net: hns3: initialize reset_timer before hclgevf_misc_irq_init() net: hns3: don't auto enable misc vector net: hns3: Resolved the issue that the debugfs query result is inconsistent. net: hns3: fix missing features due to dev->features configuration too early net: hns3: fixed reset failure issues caused by the incorrect reset type net: hns3: add sync command to sync io-pgtable net: hns3: default enable tx bounce buffer when smmu enabled netfilter: nft_payload: sanitize offset and length before calling skb_checksum() net: ethernet: mtk_wed: fix path of MT7988 WO firmware selftests: forwarding: Add IPv6 GRE remote change tests mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address mlxsw: pci: Sync Rx buffers for device mlxsw: pci: Sync Rx buffers for CPU mlxsw: spectrum_ptp: Add missing verification before pushing Tx header net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() netfilter: Fix use-after-free in get_info() ... commit 427360718e5b9a6e5b5936e2d3d8ae768da54811 Merge: 8594a2d8d72d86 3ad0edc46fb766 Author: Dave Airlie Date: Fri Nov 1 07:34:14 2024 +1000 Merge tag 'mediatek-drm-fixes-20241028' of https://git.kernel.org/pub/scm/linux/kernel/git/chunkuang.hu/linux into drm-fixes Mediatek DRM Fixes - 20241028 1. Fix degradation problem of alpha blending 2. Fix color format MACROs in OVL 3. Fix get efuse issue for MT8188 DPTX 4. Fix potential NULL dereference in mtk_crtc_destroy() 5. Correct dpi power-domains property 6. Add split subschema property constraints Signed-off-by: Dave Airlie From: Chun-Kuang Hu Link: https://patchwork.freedesktop.org/patch/msgid/20241028135846.3570-1-chunkuang.hu@kernel.org commit 8594a2d8d72d86b70b8bace607100d88111aedf6 Merge: 989c5b9051ca24 935abb86a95def Author: Dave Airlie Date: Fri Nov 1 07:24:37 2024 +1000 Merge tag 'amd-drm-fixes-6.12-2024-10-31' of https://gitlab.freedesktop.org/agd5f/linux into drm-fixes amd-drm-fixes-6.12-2024-10-31: amdgpu: - DCN 3.5 fix - Vangogh SMU KASAN fix - SMU 13 profile reporting fix Signed-off-by: Dave Airlie From: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20241031151539.3523633-1-alexander.deucher@amd.com commit 989c5b9051ca241950a875c72d812517cbb55576 Merge: 81983758430957 add4163aca0d4a Author: Dave Airlie Date: Fri Nov 1 05:05:41 2024 +1000 Merge tag 'drm-misc-fixes-2024-10-31' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-fixes Short summary of fixes pull: ivpu: - Fix firewall IRQ handling panthor: - Fix firmware initialization wrt page sizes - Fix handling and reporting of dead job groups sched: - Guarantee forward progress via WC_MEM_RECLAIM tests: - Fix memory leak in drm_display_mode_from_cea_vic() Signed-off-by: Dave Airlie From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20241031144348.GA7826@linux-2.fritz.box commit 15cb732c16edd39ce00ce655710e34cc82bbcf2c Merge: 0fc810ae3ae110 e49370d769e714 Author: Linus Torvalds Date: Thu Oct 31 08:15:40 2024 -1000 Merge tag 'sound-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound Pull sound fixes from Takashi Iwai: "Here we see slightly more commits than wished, but basically all are small and mostly trivial fixes. The only core change is the workaround for __counted_by() usage in ASoC DAPM code, while the rest are device-specific fixes for Intel Baytrail devices, Cirrus and wcd937x codecs, and HD-audio / USB-audio devices" * tag 'sound-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 ALSA: usb-audio: Add quirks for Dell WD19 dock ASoC: codecs: wcd937x: relax the AUX PDM watchdog ASoC: codecs: wcd937x: add missing LO Switch control ASoC: dt-bindings: rockchip,rk3308-codec: add port property ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 ASoC: dapm: fix bounds checker error in dapm_widget_list_create ASoC: Intel: sst: Fix used of uninitialized ctx to log an error ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() ASoC: Intel: sst: Support LPE0F28 ACPI HID ALSA: hda/realtek: Limit internal Mic boost on Dell platform ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet ASoC: Intel: bytcr_rt5640: Add support for non ACPI instantiated codec ASoC: codecs: rt5640: Always disable IRQs from rt5640_cancel_work() commit 604888f8c3d01fddd9366161efc65cb3182831f1 Author: Johan Hovold Date: Mon Oct 28 13:49:59 2024 +0100 gpiolib: fix debugfs dangling chip separator Add the missing newline after entries for recently removed gpio chips so that the chip sections are separated by a newline as intended. Fixes: e348544f7994 ("gpio: protect the list of GPIO devices with SRCU") Cc: stable@vger.kernel.org # 6.9 Cc: Bartosz Golaszewski Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20241028125000.24051-3-johan+linaro@kernel.org Signed-off-by: Bartosz Golaszewski commit 3e8b7238b427e05498034c240451af5f5495afda Author: Johan Hovold Date: Mon Oct 28 13:49:58 2024 +0100 gpiolib: fix debugfs newline separators The gpiolib debugfs interface exports a list of all gpio chips in a system and the state of their pins. The gpio chip sections are supposed to be separated by a newline character, but a long-standing bug prevents the separator from being included when output is generated in multiple sessions, making the output inconsistent and hard to read. Make sure to only suppress the newline separator at the beginning of the file as intended. Fixes: f9c4a31f6150 ("gpiolib: Use seq_file's iterator interface") Cc: stable@vger.kernel.org # 3.7 Cc: Thierry Reding Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20241028125000.24051-2-johan+linaro@kernel.org Signed-off-by: Bartosz Golaszewski commit 77b0d113eec49a7390ff1a08ca1923e89f5f86c6 Author: Filipe Manana Date: Tue Oct 29 15:18:45 2024 +0000 btrfs: fix defrag not merging contiguous extents due to merged extent maps When running defrag (manual defrag) against a file that has extents that are contiguous and we already have the respective extent maps loaded and merged, we end up not defragging the range covered by those contiguous extents. This happens when we have an extent map that was the result of merging multiple extent maps for contiguous extents and the length of the merged extent map is greater than or equals to the defrag threshold length. The script below reproduces this scenario: $ cat test.sh #!/bin/bash DEV=/dev/sdi MNT=/mnt/sdi mkfs.btrfs -f $DEV mount $DEV $MNT # Create a 256K file with 4 extents of 64K each. xfs_io -f -c "falloc 0 64K" \ -c "pwrite 0 64K" \ -c "falloc 64K 64K" \ -c "pwrite 64K 64K" \ -c "falloc 128K 64K" \ -c "pwrite 128K 64K" \ -c "falloc 192K 64K" \ -c "pwrite 192K 64K" \ $MNT/foo umount $MNT echo -n "Initial number of file extent items: " btrfs inspect-internal dump-tree -t 5 $DEV | grep EXTENT_DATA | wc -l mount $DEV $MNT # Read the whole file in order to load and merge extent maps. cat $MNT/foo > /dev/null btrfs filesystem defragment -t 128K $MNT/foo umount $MNT echo -n "Number of file extent items after defrag with 128K threshold: " btrfs inspect-internal dump-tree -t 5 $DEV | grep EXTENT_DATA | wc -l mount $DEV $MNT # Read the whole file in order to load and merge extent maps. cat $MNT/foo > /dev/null btrfs filesystem defragment -t 256K $MNT/foo umount $MNT echo -n "Number of file extent items after defrag with 256K threshold: " btrfs inspect-internal dump-tree -t 5 $DEV | grep EXTENT_DATA | wc -l Running it: $ ./test.sh Initial number of file extent items: 4 Number of file extent items after defrag with 128K threshold: 4 Number of file extent items after defrag with 256K threshold: 4 The 4 extents don't get merged because we have an extent map with a size of 256K that is the result of merging the individual extent maps for each of the four 64K extents and at defrag_lookup_extent() we have a value of zero for the generation threshold ('newer_than' argument) since this is a manual defrag. As a consequence we don't call defrag_get_extent() to get an extent map representing a single file extent item in the inode's subvolume tree, so we end up using the merged extent map at defrag_collect_targets() and decide not to defrag. Fix this by updating defrag_lookup_extent() to always discard extent maps that were merged and call defrag_get_extent() regardless of the minimum generation threshold ('newer_than' argument). A test case for fstests will be sent along soon. CC: stable@vger.kernel.org # 6.1+ Fixes: 199257a78bb0 ("btrfs: defrag: don't use merged extent map for their generation check") Reviewed-by: Qu Wenruo Signed-off-by: Filipe Manana Signed-off-by: David Sterba commit a0f0625390858321525c2a8d04e174a546bd19b3 Author: Filipe Manana Date: Mon Oct 28 16:23:00 2024 +0000 btrfs: fix extent map merging not happening for adjacent extents If we have 3 or more adjacent extents in a file, that is, consecutive file extent items pointing to adjacent extents, within a contiguous file range and compatible flags, we end up not merging all the extents into a single extent map. For example: $ mkfs.btrfs -f /dev/sdc $ mount /dev/sdc /mnt/sdc $ xfs_io -f -d -c "pwrite -b 64K 0 64K" \ -c "pwrite -b 64K 64K 64K" \ -c "pwrite -b 64K 128K 64K" \ -c "pwrite -b 64K 192K 64K" \ /mnt/sdc/foo After all the ordered extents complete we unpin the extent maps and try to merge them, but instead of getting a single extent map we get two because: 1) When the first ordered extent completes (file range [0, 64K)) we unpin its extent map and attempt to merge it with the extent map for the range [64K, 128K), but we can't because that extent map is still pinned; 2) When the second ordered extent completes (file range [64K, 128K)), we unpin its extent map and merge it with the previous extent map, for file range [0, 64K), but we can't merge with the next extent map, for the file range [128K, 192K), because this one is still pinned. The merged extent map for the file range [0, 128K) gets the flag EXTENT_MAP_MERGED set; 3) When the third ordered extent completes (file range [128K, 192K)), we unpin its extent map and attempt to merge it with the previous extent map, for file range [0, 128K), but we can't because that extent map has the flag EXTENT_MAP_MERGED set (mergeable_maps() returns false due to different flags) while the extent map for the range [128K, 192K) doesn't have that flag set. We also can't merge it with the next extent map, for file range [192K, 256K), because that one is still pinned. At this moment we have 3 extent maps: One for file range [0, 128K), with the flag EXTENT_MAP_MERGED set. One for file range [128K, 192K). One for file range [192K, 256K) which is still pinned; 4) When the fourth and final extent completes (file range [192K, 256K)), we unpin its extent map and attempt to merge it with the previous extent map, for file range [128K, 192K), which succeeds since none of these extent maps have the EXTENT_MAP_MERGED flag set. So we end up with 2 extent maps: One for file range [0, 128K), with the flag EXTENT_MAP_MERGED set. One for file range [128K, 256K), with the flag EXTENT_MAP_MERGED set. Since after merging extent maps we don't attempt to merge again, that is, merge the resulting extent map with the one that is now preceding it (and the one following it), we end up with those two extent maps, when we could have had a single extent map to represent the whole file. Fix this by making mergeable_maps() ignore the EXTENT_MAP_MERGED flag. While this doesn't present any functional issue, it prevents the merging of extent maps which allows to save memory, and can make defrag not merging extents too (that will be addressed in the next patch). Fixes: 199257a78bb0 ("btrfs: defrag: don't use merged extent map for their generation check") CC: stable@vger.kernel.org # 6.1+ Reviewed-by: Qu Wenruo Signed-off-by: Filipe Manana Signed-off-by: David Sterba commit c40dd8c4732551605712985bc5b7045094c6458d Author: Toke Høiland-Jørgensen Date: Wed Oct 30 11:48:26 2024 +0100 bpf, test_run: Fix LIVE_FRAME frame update after a page has been recycled The test_run code detects whether a page has been modified and re-initialises the xdp_frame structure if it has, using xdp_update_frame_from_buff(). However, xdp_update_frame_from_buff() doesn't touch frame->mem, so that wasn't correctly re-initialised, which led to the pages from page_pool not being returned correctly. Syzbot noticed this as a memory leak. Fix this by also copying the frame->mem structure when re-initialising the frame, like we do on initialisation of a new page from page_pool. Fixes: e5995bc7e2ba ("bpf, test_run: fix crashes due to XDP frame overwriting/corruption") Fixes: b530e9e1063e ("bpf: Add "live packet" mode for XDP in BPF_PROG_RUN") Reported-by: syzbot+d121e098da06af416d23@syzkaller.appspotmail.com Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Daniel Borkmann Tested-by: syzbot+d121e098da06af416d23@syzkaller.appspotmail.com Reviewed-by: Alexander Lobakin Acked-by: Stanislav Fomichev Link: https://lore.kernel.org/bpf/20241030-test-run-mem-fix-v1-1-41e88e8cae43@redhat.com commit d0c6cc6c6a6164a853e86206309b5a5bc5e3e72b Merge: be0e822bb3f525 5eed4fb274cd65 Author: Jens Axboe Date: Thu Oct 31 09:10:07 2024 -0600 Merge tag 'nvme-6.12-2024-10-31' of git://git.infradead.org/nvme into block-6.12 Pull NVMe fixes from Keith: "nvme fixes for Linux 6.12 - Spec compliant identification fix (Keith) - Module parameter to enable backward compatibility on unusual namespace formats (Keith) - Target double free fix when using keys (Vitaliy) - Passthrough command error handling fix (Keith)" * tag 'nvme-6.12-2024-10-31' of git://git.infradead.org/nvme: nvme: re-fix error-handling for io_uring nvme-passthrough nvmet-auth: assign dh_key to NULL after kfree_sensitive nvme: module parameter to disable pi with offsets nvme: enhance cns version checking commit c9363bbb0f68dd1ddb8be7bbfe958cdfcd38d851 Author: Jarosław Janik Date: Wed Oct 30 18:18:12 2024 +0100 Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown" Commit 4f61c8fe3520 ("ALSA: hda/conexant: Mute speakers at suspend / shutdown") mutes speakers on system shutdown or whenever HDA controller is suspended by PM; this however interacts badly with Thinkpad's ACPI firmware behavior which uses beeps to signal various events (enter/leave suspend or hibernation, AC power connect/disconnect, low battery, etc.); now those beeps are either muted altogether (for suspend/hibernate/ shutdown related events) or work more or less randomly (eg. AC plug/unplug is only audible when you are playing music at the moment, because HDA device is likely in suspend mode otherwise). Since the original bug report mentioned in 4f61c8fe3520 complained about Lenovo's Thinkpad laptop - revert this commit altogether. Fixes: 4f61c8fe3520 ("ALSA: hda/conexant: Mute speakers at suspend / shutdown") Signed-off-by: Jarosław Janik Link: https://patch.msgid.link/20241030171813.18941-2-jaroslaw.janik@gmail.com Signed-off-by: Takashi Iwai commit 1d60d74e852647255bd8e76f5a22dc42531e4389 Author: Jens Axboe Date: Thu Oct 31 08:05:44 2024 -0600 io_uring/rw: fix missing NOWAIT check for O_DIRECT start write When io_uring starts a write, it'll call kiocb_start_write() to bump the super block rwsem, preventing any freezes from happening while that write is in-flight. The freeze side will grab that rwsem for writing, excluding any new writers from happening and waiting for existing writes to finish. But io_uring unconditionally uses kiocb_start_write(), which will block if someone is currently attempting to freeze the mount point. This causes a deadlock where freeze is waiting for previous writes to complete, but the previous writes cannot complete, as the task that is supposed to complete them is blocked waiting on starting a new write. This results in the following stuck trace showing that dependency with the write blocked starting a new write: task:fio state:D stack:0 pid:886 tgid:886 ppid:876 Call trace: __switch_to+0x1d8/0x348 __schedule+0x8e8/0x2248 schedule+0x110/0x3f0 percpu_rwsem_wait+0x1e8/0x3f8 __percpu_down_read+0xe8/0x500 io_write+0xbb8/0xff8 io_issue_sqe+0x10c/0x1020 io_submit_sqes+0x614/0x2110 __arm64_sys_io_uring_enter+0x524/0x1038 invoke_syscall+0x74/0x268 el0_svc_common.constprop.0+0x160/0x238 do_el0_svc+0x44/0x60 el0_svc+0x44/0xb0 el0t_64_sync_handler+0x118/0x128 el0t_64_sync+0x168/0x170 INFO: task fsfreeze:7364 blocked for more than 15 seconds. Not tainted 6.12.0-rc5-00063-g76aaf945701c #7963 with the attempting freezer stuck trying to grab the rwsem: task:fsfreeze state:D stack:0 pid:7364 tgid:7364 ppid:995 Call trace: __switch_to+0x1d8/0x348 __schedule+0x8e8/0x2248 schedule+0x110/0x3f0 percpu_down_write+0x2b0/0x680 freeze_super+0x248/0x8a8 do_vfs_ioctl+0x149c/0x1b18 __arm64_sys_ioctl+0xd0/0x1a0 invoke_syscall+0x74/0x268 el0_svc_common.constprop.0+0x160/0x238 do_el0_svc+0x44/0x60 el0_svc+0x44/0xb0 el0t_64_sync_handler+0x118/0x128 el0t_64_sync+0x168/0x170 Fix this by having the io_uring side honor IOCB_NOWAIT, and only attempt a blocking grab of the super block rwsem if it isn't set. For normal issue where IOCB_NOWAIT would always be set, this returns -EAGAIN which will have io_uring core issue a blocking attempt of the write. That will in turn also get completions run, ensuring forward progress. Since freezing requires CAP_SYS_ADMIN in the first place, this isn't something that can be triggered by a regular user. Cc: stable@vger.kernel.org # 5.10+ Reported-by: Peter Mann Link: https://lore.kernel.org/io-uring/38c94aec-81c9-4f62-b44e-1d87f5597644@sh.cz Signed-off-by: Jens Axboe commit fe05cee4d9533892210e1ee90147175d87e7c053 Author: Matthew Brost Date: Fri Oct 25 14:43:29 2024 -0700 drm/xe: Don't short circuit TDR on jobs not started Short circuiting TDR on jobs not started is an optimization which is not required. On LNL we are facing an issue where jobs do not get scheduled by the GuC if it misses a GGTT page update. When this occurs let the TDR fire, toggle the scheduling which may get the job unstuck, and print a warning message. If the TDR fires twice on job that hasn't started, timeout the job. v2: - Add warning message (Paulo) - Add fixes tag (Paulo) - Timeout job which hasn't started after TDR firing twice v3: - Include local change v4: - Short circuit check_timeout on job not started - use warn level rather than notice (Paulo) Fixes: 7ddb9403dd74 ("drm/xe: Sample ctx timestamp to determine if jobs have timed out") Cc: stable@vger.kernel.org Cc: Paulo Zanoni Signed-off-by: Matthew Brost Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20241025214330.2010521-2-matthew.brost@intel.com Signed-off-by: Lucas De Marchi (cherry picked from commit 35d25a4a0012e690ef0cc4c5440231176db595cc) Signed-off-by: Lucas De Marchi commit 993ca0eccec65a2cacc3cefb15d35ffadc6f00fb Author: Matthew Brost Date: Wed Oct 23 15:12:00 2024 -0700 drm/xe: Add mmio read before GGTT invalidate On LNL without a mmio read before a GGTT invalidate the GuC can incorrectly read the GGTT scratch page upon next access leading to jobs not getting scheduled. A mmio read before a GGTT invalidate seems to fix this. Since a GGTT invalidate is not a hot code path, blindly do a mmio read before each GGTT invalidate. Cc: John Harrison Cc: Daniele Ceraolo Spurio Cc: Thomas Hellström Cc: Lucas De Marchi Cc: stable@vger.kernel.org Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Reported-by: Paulo Zanoni Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/3164 Signed-off-by: Matthew Brost Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20241023221200.1797832-1-matthew.brost@intel.com Signed-off-by: Lucas De Marchi (cherry picked from commit 5a710196883e0ac019ac6df2a6d79c16ad3c32fa) [ Fix conflict with mmio vs gt argument ] Signed-off-by: Lucas De Marchi commit 37bb5628379295c1254c113a407cab03a0f4d0b4 Author: Dan Carpenter Date: Thu Oct 31 12:48:30 2024 +0300 USB: serial: io_edgeport: fix use after free in debug printk The "dev_dbg(&urb->dev->dev, ..." which happens after usb_free_urb(urb) is a use after free of the "urb" pointer. Store the "dev" pointer at the start of the function to avoid this issue. Fixes: 984f68683298 ("USB: serial: io_edgeport.c: remove dbg() usage") Cc: stable@vger.kernel.org Signed-off-by: Dan Carpenter Signed-off-by: Johan Hovold commit 90bad749858cf88d80af7c2b23f86db4f7ad61c2 Author: Andy Shevchenko Date: Wed Oct 30 19:36:52 2024 +0200 gpio: sloppy-logic-analyzer: Check for error code from devm_mutex_init() call Even if it's not critical, the avoidance of checking the error code from devm_mutex_init() call today diminishes the point of using devm variant of it. Tomorrow it may even leak something. Add the missed check. Fixes: 7828b7bbbf20 ("gpio: add sloppy logic analyzer using polling") Reviewed-by: Wolfram Sang Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20241030174132.2113286-3-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit d01661e1f422f071279417c6a21d9d7989844d25 Author: Masahiro Yamada Date: Sun Oct 27 02:55:50 2024 +0900 kconfig: show sub-menu entries even if the prompt is hidden Since commit f79dc03fe68c ("kconfig: refactor choice value calculation"), when EXPERT is disabled, nothing within the "if INPUT" ... "endif" block in drivers/input/Kconfig is displayed. This issue affects all command-line interfaces and GUI frontends. The prompt for INPUT is hidden when EXPERT is disabled. Previously, menu_is_visible() returned true in this case; however, it now returns false, resulting in all sub-menu entries being skipped. Here is a simplified test case illustrating the issue: config A bool "A" if X default y config B bool "B" depends on A When X is disabled, A becomes unconfigurable and is forced to y. B should be displayed, as its dependency is met. This commit restores the necessary code, so menu_is_visible() functions as it did previously. Fixes: f79dc03fe68c ("kconfig: refactor choice value calculation") Reported-by: Edmund Raile Closes: https://lore.kernel.org/all/5fd0dfc7ff171aa74352e638c276069a5f2e888d.camel@proton.me/ Signed-off-by: Masahiro Yamada commit 2ad7126c5190864e928154ef74e0ae6cbdcea783 Author: Masahiro Yamada Date: Wed Oct 23 03:16:59 2024 +0900 kbuild: deb-pkg: add pkg.linux-upstream.nokerneldbg build profile The Debian kernel supports the pkg.linux.nokerneldbg build profile. The debug package tends to become huge, and you may not want to build it even when CONFIG_DEBUG_INFO is enabled. This commit introduces a similar profile for the upstream kernel. Signed-off-by: Masahiro Yamada Reviewed-by: Nicolas Schier commit e2c318225ac13083cdcb4780cdf5b90edaa8644d Author: Masahiro Yamada Date: Wed Oct 23 03:16:58 2024 +0900 kbuild: deb-pkg: add pkg.linux-upstream.nokernelheaders build profile Since commit f1d87664b82a ("kbuild: cross-compile linux-headers package when possible"), 'make bindeb-pkg' may attempt to cross-compile the linux-headers package, but it fails under certain circumstances. For example, when CONFIG_MODULE_SIG_FORMAT is enabled on Debian, the following command fails: $ make ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- bindeb-pkg [ snip ] Rebuilding host programs with aarch64-linux-gnu-gcc... HOSTCC debian/linux-headers-6.12.0-rc4/usr/src/linux-headers-6.12.0-rc4/scripts/kallsyms HOSTCC debian/linux-headers-6.12.0-rc4/usr/src/linux-headers-6.12.0-rc4/scripts/sorttable HOSTCC debian/linux-headers-6.12.0-rc4/usr/src/linux-headers-6.12.0-rc4/scripts/asn1_compiler HOSTCC debian/linux-headers-6.12.0-rc4/usr/src/linux-headers-6.12.0-rc4/scripts/sign-file In file included from /usr/include/openssl/opensslv.h:109, from debian/linux-headers-6.12.0-rc4/usr/src/linux-headers-6.12.0-rc4/scripts/sign-file.c:25: /usr/include/openssl/macros.h:14:10: fatal error: openssl/opensslconf.h: No such file or directory 14 | #include | ^~~~~~~~~~~~~~~~~~~~~~~ compilation terminated. This commit adds a new profile, pkg.linux-upstream.nokernelheaders, to guard the linux-headers package. There are two options to fix the above issue. Option 1: Set the pkg.linux-upstream.nokernelheaders build profile $ DEB_BUILD_PROFILES=pkg.linux-upstream.nokernelheaders \ make ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- bindeb-pkg This skips the building of the linux-headers package. Option 2: Install the necessary build dependencies If you want to cross-compile the linux-headers package, you need to install additional packages. For example, on Debian, the packages necessary for cross-compiling it to arm64 can be installed with the following commands: # dpkg --add-architecture arm64 # apt update # apt install gcc-aarch64-linux-gnu libssl-dev:arm64 Fixes: f1d87664b82a ("kbuild: cross-compile linux-headers package when possible") Reported-by: Ron Economos Closes: https://lore.kernel.org/all/b3d4f49e-7ddb-29ba-0967-689232329b53@w6rz.net/ Signed-off-by: Masahiro Yamada Tested-by: Ron Economos Reviewed-by: Nicolas Schier commit cb08a0265917bc2943bf68c1760058660882e394 Author: Masahiro Yamada Date: Wed Oct 23 03:16:57 2024 +0900 kbuild: rpm-pkg: disable kernel-devel package when cross-compiling Since commit f1d87664b82a ("kbuild: cross-compile linux-headers package when possible"), 'make binrpm-pkg' may attempt to cross-compile the kernel-devel package, but it fails under certain circumstances. For example, when CONFIG_MODULE_SIG_FORMAT is enabled on openSUSE Tumbleweed, the following command fails: $ make ARCH=arm64 CROSS_COMPILE=aarch64-suse-linux- binrpm-pkg [ snip ] Rebuilding host programs with aarch64-suse-linux-gcc... HOSTCC /home/masahiro/ref/linux/rpmbuild/BUILDROOT/kernel-6.12.0_rc4-1.aarch64/usr/src/kernels/6.12.0-rc4/scripts/kallsyms HOSTCC /home/masahiro/ref/linux/rpmbuild/BUILDROOT/kernel-6.12.0_rc4-1.aarch64/usr/src/kernels/6.12.0-rc4/scripts/sorttable HOSTCC /home/masahiro/ref/linux/rpmbuild/BUILDROOT/kernel-6.12.0_rc4-1.aarch64/usr/src/kernels/6.12.0-rc4/scripts/asn1_compiler HOSTCC /home/masahiro/ref/linux/rpmbuild/BUILDROOT/kernel-6.12.0_rc4-1.aarch64/usr/src/kernels/6.12.0-rc4/scripts/sign-file /home/masahiro/ref/linux/rpmbuild/BUILDROOT/kernel-6.12.0_rc4-1.aarch64/usr/src/kernels/6.12.0-rc4/scripts/sign-file.c:25:10: fatal error: openssl/opensslv.h: No such file or directory 25 | #include | ^~~~~~~~~~~~~~~~~~~~ compilation terminated. I believe this issue is less common on Fedora because the disto's cross- compilier cannot link user-space programs. Hence, CONFIG_CC_CAN_LINK is unset. On Fedora 40, the package information explains this limitation clearly: $ dnf info gcc-aarch64-linux-gnu [ snip ] Description : Cross-build GNU C compiler. : : Only building kernels is currently supported. Support for cross-building : user space programs is not currently provided as that would massively multiply : the number of packages. Anyway, cross-compiling RPM packages is somewhat challenging. This commit disables the kernel-devel package when cross-compiling because I did not come up with a better solution. Fixes: f1d87664b82a ("kbuild: cross-compile linux-headers package when possible") Signed-off-by: Masahiro Yamada Reviewed-by: Nathan Chancellor commit a14968aea637bbe38a99e6089944e4ad8e6c49e5 Author: Suraj Sonawane Date: Sat Oct 26 14:36:42 2024 +0530 gpio: fix uninit-value in swnode_find_gpio Fix an issue detected by the Smatch tool: drivers/gpio/gpiolib-swnode.c:78 swnode_find_gpio() error: uninitialized symbol 'ret'. The issue occurs because the 'ret' variable may be used without initialization if the for_each_gpio_property_name loop does not run. This could lead to returning an undefined value, causing unpredictable behavior. Initialize 'ret' to 0 before the loop to ensure the function returns an error code if no properties are parsed, maintaining proper error handling. Fixes: 9e4c6c1ad ("Merge tag 'io_uring-6.12-20241011' of git://git.kernel.dk/linux") Signed-off-by: Suraj Sonawane Link: https://lore.kernel.org/r/20241026090642.28633-1-surajsonawane0215@gmail.com Signed-off-by: Bartosz Golaszewski commit 50ae879de107ca2fe2ca99180f6ba95770f32a62 Merge: ee802a49545ac2 d5953d680f7e96 Author: Paolo Abeni Date: Thu Oct 31 12:13:08 2024 +0100 Merge tag 'nf-24-10-31' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf Pablo Neira Ayuso says: ==================== The following patchset contains Netfilter fixes for net: 1) Remove unused parameters in conntrack_dump_flush.c used by selftests, from Liu Jing. 2) Fix possible UaF when removing xtables module via getsockopt() interface, from Dong Chenchen. 3) Fix potential crash in nf_send_reset6() reported by syzkaller. From Eric Dumazet 4) Validate offset and length before calling skb_checksum() in nft_payload, otherwise hitting BUG() is possible. netfilter pull request 24-10-31 * tag 'nf-24-10-31' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() netfilter: Fix use-after-free in get_info() selftests: netfilter: remove unused parameter ==================== Link: https://patch.msgid.link/ Signed-off-by: Paolo Abeni commit ee802a49545ac20d7021c24068badd2c280c2bf7 Merge: d80a3091308491 1e67d8641813f1 Author: Paolo Abeni Date: Thu Oct 31 11:32:57 2024 +0100 Merge tag 'for-net-2024-10-30' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth Luiz Augusto von Dentz says: ==================== bluetooth pull request for net: - hci: fix null-ptr-deref in hci_read_supported_codecs * tag 'for-net-2024-10-30' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth: Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs ==================== Link: https://patch.msgid.link/20241030192205.38298-1-luiz.dentz@gmail.com Signed-off-by: Paolo Abeni commit d80a3091308491455b6501b1c4b68698c4a7cd24 Merge: 637f41476384c7 2cf246143519ec Author: Paolo Abeni Date: Thu Oct 31 11:15:47 2024 +0100 Merge branch 'there-are-some-bugfix-for-the-hns3-ethernet-driver' Jijie Shao says: ==================== There are some bugfix for the HNS3 ethernet driver ChangeLog: v2 -> v3: - Rewrite the commit logs of net: hns3: add sync command to sync io-pgtable' to add more verbose explanation, suggested Paolo. - Add fixes tag for hardware issue, suggested Paolo and Simon Horman. v2: https://lore.kernel.org/all/20241018101059.1718375-1-shaojijie@huawei.com/ v1 -> v2: - Pass IRQF_NO_AUTOEN to request_irq(), suggested by Jakub. - Rewrite the commit logs of 'net: hns3: default enable tx bounce buffer when smmu enabled' and 'net: hns3: add sync command to sync io-pgtable'. v1: https://lore.kernel.org/all/20241011094521.3008298-1-shaojijie@huawei.com/ ==================== Link: https://patch.msgid.link/20241025092938.2912958-1-shaojijie@huawei.com Signed-off-by: Paolo Abeni commit 2cf246143519ecc11dab754385ec42d78b6b6a05 Author: Jie Wang Date: Fri Oct 25 17:29:38 2024 +0800 net: hns3: fix kernel crash when 1588 is sent on HIP08 devices Currently, HIP08 devices does not register the ptp devices, so the hdev->ptp is NULL. But the tx process would still try to set hardware time stamp info with SKBTX_HW_TSTAMP flag and cause a kernel crash. [ 128.087798] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000018 ... [ 128.280251] pc : hclge_ptp_set_tx_info+0x2c/0x140 [hclge] [ 128.286600] lr : hclge_ptp_set_tx_info+0x20/0x140 [hclge] [ 128.292938] sp : ffff800059b93140 [ 128.297200] x29: ffff800059b93140 x28: 0000000000003280 [ 128.303455] x27: ffff800020d48280 x26: ffff0cb9dc814080 [ 128.309715] x25: ffff0cb9cde93fa0 x24: 0000000000000001 [ 128.315969] x23: 0000000000000000 x22: 0000000000000194 [ 128.322219] x21: ffff0cd94f986000 x20: 0000000000000000 [ 128.328462] x19: ffff0cb9d2a166c0 x18: 0000000000000000 [ 128.334698] x17: 0000000000000000 x16: ffffcf1fc523ed24 [ 128.340934] x15: 0000ffffd530a518 x14: 0000000000000000 [ 128.347162] x13: ffff0cd6bdb31310 x12: 0000000000000368 [ 128.353388] x11: ffff0cb9cfbc7070 x10: ffff2cf55dd11e02 [ 128.359606] x9 : ffffcf1f85a212b4 x8 : ffff0cd7cf27dab0 [ 128.365831] x7 : 0000000000000a20 x6 : ffff0cd7cf27d000 [ 128.372040] x5 : 0000000000000000 x4 : 000000000000ffff [ 128.378243] x3 : 0000000000000400 x2 : ffffcf1f85a21294 [ 128.384437] x1 : ffff0cb9db520080 x0 : ffff0cb9db500080 [ 128.390626] Call trace: [ 128.393964] hclge_ptp_set_tx_info+0x2c/0x140 [hclge] [ 128.399893] hns3_nic_net_xmit+0x39c/0x4c4 [hns3] [ 128.405468] xmit_one.constprop.0+0xc4/0x200 [ 128.410600] dev_hard_start_xmit+0x54/0xf0 [ 128.415556] sch_direct_xmit+0xe8/0x634 [ 128.420246] __dev_queue_xmit+0x224/0xc70 [ 128.425101] dev_queue_xmit+0x1c/0x40 [ 128.429608] ovs_vport_send+0xac/0x1a0 [openvswitch] [ 128.435409] do_output+0x60/0x17c [openvswitch] [ 128.440770] do_execute_actions+0x898/0x8c4 [openvswitch] [ 128.446993] ovs_execute_actions+0x64/0xf0 [openvswitch] [ 128.453129] ovs_dp_process_packet+0xa0/0x224 [openvswitch] [ 128.459530] ovs_vport_receive+0x7c/0xfc [openvswitch] [ 128.465497] internal_dev_xmit+0x34/0xb0 [openvswitch] [ 128.471460] xmit_one.constprop.0+0xc4/0x200 [ 128.476561] dev_hard_start_xmit+0x54/0xf0 [ 128.481489] __dev_queue_xmit+0x968/0xc70 [ 128.486330] dev_queue_xmit+0x1c/0x40 [ 128.490856] ip_finish_output2+0x250/0x570 [ 128.495810] __ip_finish_output+0x170/0x1e0 [ 128.500832] ip_finish_output+0x3c/0xf0 [ 128.505504] ip_output+0xbc/0x160 [ 128.509654] ip_send_skb+0x58/0xd4 [ 128.513892] udp_send_skb+0x12c/0x354 [ 128.518387] udp_sendmsg+0x7a8/0x9c0 [ 128.522793] inet_sendmsg+0x4c/0x8c [ 128.527116] __sock_sendmsg+0x48/0x80 [ 128.531609] __sys_sendto+0x124/0x164 [ 128.536099] __arm64_sys_sendto+0x30/0x5c [ 128.540935] invoke_syscall+0x50/0x130 [ 128.545508] el0_svc_common.constprop.0+0x10c/0x124 [ 128.551205] do_el0_svc+0x34/0xdc [ 128.555347] el0_svc+0x20/0x30 [ 128.559227] el0_sync_handler+0xb8/0xc0 [ 128.563883] el0_sync+0x160/0x180 Fixes: 0bf5eb788512 ("net: hns3: add support for PTP") Signed-off-by: Jie Wang Signed-off-by: Jijie Shao Signed-off-by: Paolo Abeni commit 3e22b7de34cbdb991a2c9c5413eeb8a6fb7da2a5 Author: Hao Lan Date: Fri Oct 25 17:29:37 2024 +0800 net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue The TQP BAR space is divided into two segments. TQPs 0-1023 and TQPs 1024-1279 are in different BAR space addresses. However, hclge_fetch_pf_reg does not distinguish the tqp space information when reading the tqp space information. When the number of TQPs is greater than 1024, access bar space overwriting occurs. The problem of different segments has been considered during the initialization of tqp.io_base. Therefore, tqp.io_base is directly used when the queue is read in hclge_fetch_pf_reg. The error message: Unable to handle kernel paging request at virtual address ffff800037200000 pc : hclge_fetch_pf_reg+0x138/0x250 [hclge] lr : hclge_get_regs+0x84/0x1d0 [hclge] Call trace: hclge_fetch_pf_reg+0x138/0x250 [hclge] hclge_get_regs+0x84/0x1d0 [hclge] hns3_get_regs+0x2c/0x50 [hns3] ethtool_get_regs+0xf4/0x270 dev_ethtool+0x674/0x8a0 dev_ioctl+0x270/0x36c sock_do_ioctl+0x110/0x2a0 sock_ioctl+0x2ac/0x530 __arm64_sys_ioctl+0xa8/0x100 invoke_syscall+0x4c/0x124 el0_svc_common.constprop.0+0x140/0x15c do_el0_svc+0x30/0xd0 el0_svc+0x1c/0x2c el0_sync_handler+0xb0/0xb4 el0_sync+0x168/0x180 Fixes: 939ccd107ffc ("net: hns3: move dump regs function to a separate file") Signed-off-by: Hao Lan Signed-off-by: Jijie Shao Signed-off-by: Paolo Abeni commit d1c2e2961ab460ac2433ff8ad46000582abc573c Author: Jian Shen Date: Fri Oct 25 17:29:36 2024 +0800 net: hns3: initialize reset_timer before hclgevf_misc_irq_init() Currently the misc irq is initialized before reset_timer setup. But it will access the reset_timer in the irq handler. So initialize the reset_timer earlier. Fixes: ff200099d271 ("net: hns3: remove unnecessary work in hclgevf_main") Signed-off-by: Jian Shen Signed-off-by: Jijie Shao Signed-off-by: Paolo Abeni commit 5f62009ff10826fefa215da68831f42b0c36b6fb Author: Jian Shen Date: Fri Oct 25 17:29:35 2024 +0800 net: hns3: don't auto enable misc vector Currently, there is a time window between misc irq enabled and service task inited. If an interrupte is reported at this time, it will cause warning like below: [ 16.324639] Call trace: [ 16.324641] __queue_delayed_work+0xb8/0xe0 [ 16.324643] mod_delayed_work_on+0x78/0xd0 [ 16.324655] hclge_errhand_task_schedule+0x58/0x90 [hclge] [ 16.324662] hclge_misc_irq_handle+0x168/0x240 [hclge] [ 16.324666] __handle_irq_event_percpu+0x64/0x1e0 [ 16.324667] handle_irq_event+0x80/0x170 [ 16.324670] handle_fasteoi_edge_irq+0x110/0x2bc [ 16.324671] __handle_domain_irq+0x84/0xfc [ 16.324673] gic_handle_irq+0x88/0x2c0 [ 16.324674] el1_irq+0xb8/0x140 [ 16.324677] arch_cpu_idle+0x18/0x40 [ 16.324679] default_idle_call+0x5c/0x1bc [ 16.324682] cpuidle_idle_call+0x18c/0x1c4 [ 16.324684] do_idle+0x174/0x17c [ 16.324685] cpu_startup_entry+0x30/0x6c [ 16.324687] secondary_start_kernel+0x1a4/0x280 [ 16.324688] ---[ end trace 6aa0bff672a964aa ]--- So don't auto enable misc vector when request irq.. Fixes: 7be1b9f3e99f ("net: hns3: make hclge_service use delayed workqueue") Signed-off-by: Jian Shen Signed-off-by: Jijie Shao Signed-off-by: Paolo Abeni commit 2758f18a83ef283d50c0566d3f672621cc658a1a Author: Hao Lan Date: Fri Oct 25 17:29:34 2024 +0800 net: hns3: Resolved the issue that the debugfs query result is inconsistent. This patch modifies the implementation of debugfs: When the user process stops unexpectedly, not all data of the file system is read. In this case, the save_buf pointer is not released. When the user process is called next time, save_buf is used to copy the cached data to the user space. As a result, the queried data is inconsistent. To solve this problem, determine whether the function is invoked for the first time based on the value of *ppos. If *ppos is 0, obtain the actual data. Fixes: 5e69ea7ee2a6 ("net: hns3: refactor the debugfs process") Signed-off-by: Hao Lan Signed-off-by: Guangwei Zhang Signed-off-by: Jijie Shao Signed-off-by: Paolo Abeni commit 662ecfc46690e92cf630f51b5d4bbbcffe102980 Author: Hao Lan Date: Fri Oct 25 17:29:33 2024 +0800 net: hns3: fix missing features due to dev->features configuration too early Currently, the netdev->features is configured in hns3_nic_set_features. As a result, __netdev_update_features considers that there is no feature difference, and the procedures of the real features are missing. Fixes: 2a7556bb2b73 ("net: hns3: implement ndo_features_check ops for hns3 driver") Signed-off-by: Hao Lan Signed-off-by: Jian Shen Signed-off-by: Jijie Shao Signed-off-by: Paolo Abeni commit 3e0f7cc887b77603182dceca4d3a6e84f6a40d0a Author: Hao Lan Date: Fri Oct 25 17:29:32 2024 +0800 net: hns3: fixed reset failure issues caused by the incorrect reset type When a reset type that is not supported by the driver is input, a reset pending flag bit of the HNAE3_NONE_RESET type is generated in reset_pending. The driver does not have a mechanism to clear this type of error. As a result, the driver considers that the reset is not complete. This patch provides a mechanism to clear the HNAE3_NONE_RESET flag and the parameter of hnae3_ae_ops.set_default_reset_request is verified. The error message: hns3 0000:39:01.0: cmd failed -16 hns3 0000:39:01.0: hclge device re-init failed, VF is disabled! hns3 0000:39:01.0: failed to reset VF stack hns3 0000:39:01.0: failed to reset VF(4) hns3 0000:39:01.0: prepare reset(2) wait done hns3 0000:39:01.0 eth4: already uninitialized Use the crash tool to view struct hclgevf_dev: struct hclgevf_dev { ... default_reset_request = 0x20, reset_level = HNAE3_NONE_RESET, reset_pending = 0x100, reset_type = HNAE3_NONE_RESET, ... }; Fixes: 720bd5837e37 ("net: hns3: add set_default_reset_request in the hnae3_ae_ops") Signed-off-by: Hao Lan Signed-off-by: Jijie Shao Signed-off-by: Paolo Abeni commit f2c14899caba76da93ff3fff46b4d5a8f43ce07e Author: Jian Shen Date: Fri Oct 25 17:29:31 2024 +0800 net: hns3: add sync command to sync io-pgtable To avoid errors in pgtable prefectch, add a sync command to sync io-pagtable. This is a supplement for the previous patch. We want all the tx packet can be handled with tx bounce buffer path. But it depends on the remain space of the spare buffer, checked by the hns3_can_use_tx_bounce(). In most cases, maybe 99.99%, it returns true. But once it return false by no available space, the packet will be handled with the former path, which will map/unmap the skb buffer. Then the driver will face the smmu prefetch risk again. So add a sync command in this case to avoid smmu prefectch, just protects corner scenes. Fixes: 295ba232a8c3 ("net: hns3: add device version to replace pci revision") Signed-off-by: Jian Shen Signed-off-by: Peiyang Wang Signed-off-by: Jijie Shao Signed-off-by: Paolo Abeni commit e6ab19443b36a45ebfb392775cb17d6a78dd07ea Author: Peiyang Wang Date: Fri Oct 25 17:29:30 2024 +0800 net: hns3: default enable tx bounce buffer when smmu enabled The SMMU engine on HIP09 chip has a hardware issue. SMMU pagetable prefetch features may prefetch and use a invalid PTE even the PTE is valid at that time. This will cause the device trigger fake pagefaults. The solution is to avoid prefetching by adding a SYNC command when smmu mapping a iova. But the performance of nic has a sharp drop. Then we do this workaround, always enable tx bounce buffer, avoid mapping/unmapping on TX path. This issue only affects HNS3, so we always enable tx bounce buffer when smmu enabled to improve performance. Fixes: 295ba232a8c3 ("net: hns3: add device version to replace pci revision") Signed-off-by: Peiyang Wang Signed-off-by: Jian Shen Signed-off-by: Jijie Shao Signed-off-by: Paolo Abeni commit d5953d680f7e96208c29ce4139a0e38de87a57fe Author: Pablo Neira Ayuso Date: Wed Oct 30 23:13:48 2024 +0100 netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally subtracts the length parameter while iterating over skbuff, BUG_ON(len) at the end of it checks that the expected length to be included in the checksum calculation is fully consumed. Fixes: 7ec3f7b47b8d ("netfilter: nft_payload: add packet mangling support") Reported-by: Slavin Liu Signed-off-by: Pablo Neira Ayuso commit add4163aca0d4a86e9fe4aa513865e4237db8aef Author: Jinjie Ruan Date: Wed Oct 30 10:35:04 2024 +0800 drm/tests: hdmi: Fix memory leaks in drm_display_mode_from_cea_vic() modprobe drm_hdmi_state_helper_test and then rmmod it, the following memory leak occurs. The `mode` allocated in drm_mode_duplicate() called by drm_display_mode_from_cea_vic() is not freed, which cause the memory leak: unreferenced object 0xffffff80ccd18100 (size 128): comm "kunit_try_catch", pid 1851, jiffies 4295059695 hex dump (first 32 bytes): 57 62 00 00 80 02 90 02 f0 02 20 03 00 00 e0 01 Wb........ ..... ea 01 ec 01 0d 02 00 00 0a 00 00 00 00 00 00 00 ................ backtrace (crc c2f1aa95): [<000000000f10b11b>] kmemleak_alloc+0x34/0x40 [<000000001cd4cf73>] __kmalloc_cache_noprof+0x26c/0x2f4 [<00000000f1f3cffa>] drm_mode_duplicate+0x44/0x19c [<000000008cbeef13>] drm_display_mode_from_cea_vic+0x88/0x98 [<0000000019daaacf>] 0xffffffedc11ae69c [<000000000aad0f85>] kunit_try_run_case+0x13c/0x3ac [<00000000a9210bac>] kunit_generic_run_threadfn_adapter+0x80/0xec [<000000000a0b2e9e>] kthread+0x2e8/0x374 [<00000000bd668858>] ret_from_fork+0x10/0x20 ...... Free `mode` by using drm_kunit_display_mode_from_cea_vic() to fix it. Cc: stable@vger.kernel.org Fixes: 4af70f19e559 ("drm/tests: Add RGB Quantization tests") Acked-by: Maxime Ripard Signed-off-by: Jinjie Ruan Link: https://patchwork.freedesktop.org/patch/msgid/20241030023504.530425-4-ruanjinjie@huawei.com Signed-off-by: Maxime Ripard commit 926163342a2e7595d950e84c17c693b1272bd491 Author: Jinjie Ruan Date: Wed Oct 30 10:35:03 2024 +0800 drm/connector: hdmi: Fix memory leak in drm_display_mode_from_cea_vic() modprobe drm_connector_test and then rmmod drm_connector_test, the following memory leak occurs. The `mode` allocated in drm_mode_duplicate() called by drm_display_mode_from_cea_vic() is not freed, which cause the memory leak: unreferenced object 0xffffff80cb0ee400 (size 128): comm "kunit_try_catch", pid 1948, jiffies 4294950339 hex dump (first 32 bytes): 14 44 02 00 80 07 d8 07 04 08 98 08 00 00 38 04 .D............8. 3c 04 41 04 65 04 00 00 05 00 00 00 00 00 00 00 <.A.e........... backtrace (crc 90e9585c): [<00000000ec42e3d7>] kmemleak_alloc+0x34/0x40 [<00000000d0ef055a>] __kmalloc_cache_noprof+0x26c/0x2f4 [<00000000c2062161>] drm_mode_duplicate+0x44/0x19c [<00000000f96c74aa>] drm_display_mode_from_cea_vic+0x88/0x98 [<00000000d8f2c8b4>] 0xffffffdc982a4868 [<000000005d164dbc>] kunit_try_run_case+0x13c/0x3ac [<000000006fb23398>] kunit_generic_run_threadfn_adapter+0x80/0xec [<000000006ea56ca0>] kthread+0x2e8/0x374 [<000000000676063f>] ret_from_fork+0x10/0x20 ...... Free `mode` by using drm_kunit_display_mode_from_cea_vic() to fix it. Cc: stable@vger.kernel.org Fixes: abb6f74973e2 ("drm/tests: Add HDMI TDMS character rate tests") Acked-by: Maxime Ripard Signed-off-by: Jinjie Ruan Link: https://patchwork.freedesktop.org/patch/msgid/20241030023504.530425-3-ruanjinjie@huawei.com Signed-off-by: Maxime Ripard commit caa714f86699bcfb01aa2d698db12d91af7d0d81 Author: Jinjie Ruan Date: Wed Oct 30 10:35:02 2024 +0800 drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() As Maxime suggested, add a new helper drm_kunit_display_mode_from_cea_vic(), it can replace the direct call of drm_display_mode_from_cea_vic(), and it will help solving the `mode` memory leaks. Acked-by: Maxime Ripard Suggested-by: Maxime Ripard Signed-off-by: Jinjie Ruan Link: https://patchwork.freedesktop.org/patch/msgid/20241030023504.530425-2-ruanjinjie@huawei.com Signed-off-by: Maxime Ripard commit 9d08ec41a0645283d79a2e642205d488feaceacf Author: Yu Zhao Date: Sat Oct 19 22:22:12 2024 -0600 mm: allow set/clear page_type again Some page flags (page->flags) were converted to page types (page->page_types). A recent example is PG_hugetlb. From the exclusive writer's perspective, e.g., a thread doing __folio_set_hugetlb(), there is a difference between the page flag and type APIs: the former allows the same non-atomic operation to be repeated whereas the latter does not. For example, calling __folio_set_hugetlb() twice triggers VM_BUG_ON_FOLIO(), since the second call expects the type (PG_hugetlb) not to be set previously. Using add_hugetlb_folio() as an example, it calls __folio_set_hugetlb() in the following error-handling path. And when that happens, it triggers the aforementioned VM_BUG_ON_FOLIO(). if (folio_test_hugetlb(folio)) { rc = hugetlb_vmemmap_restore_folio(h, folio); if (rc) { spin_lock_irq(&hugetlb_lock); add_hugetlb_folio(h, folio, false); ... It is possible to make hugeTLB comply with the new requirements from the page type API. However, a straightforward fix would be to just allow the same page type to be set or cleared again inside the API, to avoid any changes to its callers. Link: https://lkml.kernel.org/r/20241020042212.296781-1-yuzhao@google.com Fixes: d99e3140a4d3 ("mm: turn folio_test_hugetlb into a PageType") Signed-off-by: Yu Zhao Cc: Matthew Wilcox (Oracle) Cc: Muchun Song Cc: Signed-off-by: Andrew Morton commit b3a033e3ecd3471248d474ef263aadc0059e516a Author: Ryusuke Konishi Date: Sun Oct 20 13:51:28 2024 +0900 nilfs2: fix potential deadlock with newly created symlinks Syzbot reported that page_symlink(), called by nilfs_symlink(), triggers memory reclamation involving the filesystem layer, which can result in circular lock dependencies among the reader/writer semaphore nilfs->ns_segctor_sem, s_writers percpu_rwsem (intwrite) and the fs_reclaim pseudo lock. This is because after commit 21fc61c73c39 ("don't put symlink bodies in pagecache into highmem"), the gfp flags of the page cache for symbolic links are overwritten to GFP_KERNEL via inode_nohighmem(). This is not a problem for symlinks read from the backing device, because the __GFP_FS flag is dropped after inode_nohighmem() is called. However, when a new symlink is created with nilfs_symlink(), the gfp flags remain overwritten to GFP_KERNEL. Then, memory allocation called from page_symlink() etc. triggers memory reclamation including the FS layer, which may call nilfs_evict_inode() or nilfs_dirty_inode(). And these can cause a deadlock if they are called while nilfs->ns_segctor_sem is held: Fix this issue by dropping the __GFP_FS flag from the page cache GFP flags of newly created symlinks in the same way that nilfs_new_inode() and __nilfs_read_inode() do, as a workaround until we adopt nofs allocation scope consistently or improve the locking constraints. Link: https://lkml.kernel.org/r/20241020050003.4308-1-konishi.ryusuke@gmail.com Fixes: 21fc61c73c39 ("don't put symlink bodies in pagecache into highmem") Signed-off-by: Ryusuke Konishi Reported-by: syzbot+9ef37ac20608f4836256@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=9ef37ac20608f4836256 Tested-by: syzbot+9ef37ac20608f4836256@syzkaller.appspotmail.com Cc: Signed-off-by: Andrew Morton commit d31638ff6c5437ca2968d6c22fb16524fd485013 Author: Phillip Lougher Date: Mon Oct 21 00:22:00 2024 +0100 Squashfs: fix variable overflow in squashfs_readpage_block Syzbot reports a slab out of bounds access in squashfs_readpage_block(). This is caused by an attempt to read page index 0x2000000000. This value (start_index) is stored in an integer loop variable which overflows producing a value of 0. This causes a loop which iterates over pages start_index -> end_index to iterate over 0 -> end_index, which ultimately causes an out of bounds page array access. Fix by changing variable to a loff_t, and rename to index to make it clearer it is a page index, and not a loop count. Link: https://lkml.kernel.org/r/20241020232200.837231-1-phillip@squashfs.org.uk Signed-off-by: Phillip Lougher Reported-by: "Lai, Yi" Closes: https://lore.kernel.org/all/ZwzcnCAosIPqQ9Ie@ly-workstation/ Signed-off-by: Andrew Morton commit 330d8df81f3673d6fb74550bbc9bb159d81b35f7 Author: Andrey Konovalov Date: Tue Oct 22 18:07:06 2024 +0200 kasan: remove vmalloc_percpu test Commit 1a2473f0cbc0 ("kasan: improve vmalloc tests") added the vmalloc_percpu KASAN test with the assumption that __alloc_percpu always uses vmalloc internally, which is tagged by KASAN. However, __alloc_percpu might allocate memory from the first per-CPU chunk, which is not allocated via vmalloc(). As a result, the test might fail. Remove the test until proper KASAN annotation for the per-CPU allocated are added; tracked in https://bugzilla.kernel.org/show_bug.cgi?id=215019. Link: https://lkml.kernel.org/r/20241022160706.38943-1-andrey.konovalov@linux.dev Fixes: 1a2473f0cbc0 ("kasan: improve vmalloc tests") Signed-off-by: Andrey Konovalov Reported-by: Samuel Holland Link: https://lore.kernel.org/all/4a245fff-cc46-44d1-a5f9-fd2f1c3764ae@sifive.com/ Reported-by: Sabyrzhan Tasbolatov Link: https://lore.kernel.org/all/CACzwLxiWzNqPBp4C1VkaXZ2wDwvY3yZeetCi1TLGFipKW77drA@mail.gmail.com/ Cc: Alexander Potapenko Cc: Andrey Ryabinin Cc: Dmitry Vyukov Cc: Marco Elver Cc: Sabyrzhan Tasbolatov Cc: Signed-off-by: Andrew Morton commit ece5897e5a10fcd56a317e32f2dc7219f366a5a8 Author: Wladislav Wiebe Date: Tue Oct 22 19:21:13 2024 +0200 tools/mm: -Werror fixes in page-types/slabinfo Commit e6d2c436ff693 ("tools/mm: allow users to provide additional cflags/ldflags") passes now CFLAGS to Makefile. With this, build systems with default -Werror enabled found: slabinfo.c:1300:25: error: ignoring return value of 'chdir' declared with attribute 'warn_unused_result' [-Werror=unused-result]                          chdir("..");                          ^~~~~~~~~~~ page-types.c:397:35: error: format '%lu' expects argument of type 'long unsigned int', but argument 2 has type 'uint64_t' {aka 'long long unsigned int'} [-Werror=format=]                          printf("%lu\t", mapcnt0);                                  ~~^     ~~~~~~~ .. Fix page-types by using PRIu64 for uint64_t prints and check in slabinfo for return code on chdir(".."). Link: https://lkml.kernel.org/r/c1ceb507-94bc-461c-934d-c19b77edd825@gmail.com Fixes: e6d2c436ff69 ("tools/mm: allow users to provide additional cflags/ldflags") Signed-off-by: Wladislav Wiebe Cc: Vlastimil Babka Cc: Herton R. Krzesinski Cc: Signed-off-by: Andrew Morton commit 5168a68eb78fa1c67a8b2d31d0642c7fd866cc12 Author: Kairui Song Date: Wed Oct 23 01:55:12 2024 +0800 mm, swap: avoid over reclaim of full clusters When running low on usable slots, cluster allocator will try to reclaim the full clusters aggressively to reclaim HAS_CACHE slots. This guarantees that as long as there are any usable slots, HAS_CACHE or not, the swap device will be usable and workload won't go OOM early. Before the cluster allocator, swap allocator fails easily if device is filled up with reclaimable HAS_CACHE slots. Which can be easily reproduced with following simple program: #include #include #include #include #define SIZE 8192UL * 1024UL * 1024UL int main(int argc, char **argv) { long tmp; char *p = mmap(NULL, SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); memset(p, 0, SIZE); madvise(p, SIZE, MADV_PAGEOUT); for (unsigned long i = 0; i < SIZE; ++i) tmp += p[i]; getchar(); /* Pause */ return 0; } Setup an 8G non ramdisk swap, the first run of the program will swapout 8G ram successfully. But run same program again after the first run paused, the second run can't swapout all 8G memory as now half of the swap device is pinned by HAS_CACHE. There was a random scan in the old allocator that may reclaim part of the HAS_CACHE by luck, but it's unreliable. The new allocator's added reclaim of full clusters when device is low on usable slots. But when multiple CPUs are seeing the device is low on usable slots at the same time, they ran into a thundering herd problem. This is an observable problem on large machine with mass parallel workload, as full cluster reclaim is slower on large swap device and higher number of CPUs will also make things worse. Testing using a 128G ZRAM on a 48c96t system. When the swap device is very close to full (eg. 124G / 128G), running build linux kernel with make -j96 in a 1G memory cgroup will hung (not a softlockup though) spinning in full cluster reclaim for about ~5min before go OOM. To solve this, split the full reclaim into two parts: - Instead of do a synchronous aggressively reclaim when device is low, do only one aggressively reclaim when device is strictly full with a kworker. This still ensures in worst case the device won't be unusable because of HAS_CACHE slots. - To avoid allocation (especially higher order) suffer from HAS_CACHE filling up clusters and kworker not responsive enough, do one synchronous scan every time the free list is drained, and only scan one cluster. This is kind of similar to the random reclaim before, keeps the full clusters rotated and has a minimal latency. This should provide a fair reclaim strategy suitable for most workloads. Link: https://lkml.kernel.org/r/20241022175512.10398-1-ryncsn@gmail.com Fixes: 2cacbdfdee65 ("mm: swap: add a adaptive full cluster cache reclaim") Signed-off-by: Kairui Song Cc: Barry Song Cc: Chris Li Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kalesh Singh Cc: Ryan Roberts Cc: Yosry Ahmed Signed-off-by: Andrew Morton commit b54e1bfecc4b2775c184d2edb319232b853a686d Author: Barry Song Date: Thu Oct 24 10:02:01 2024 +1300 mm: fix PSWPIN counter for large folios swap-in Similar to PSWPOUT, we should count the number of base pages instead of large folios. Link: https://lkml.kernel.org/r/20241023210201.2798-1-21cnbao@gmail.com Fixes: 242d12c98174 ("mm: support large folios swap-in for sync io devices") Signed-off-by: Barry Song Acked-by: David Hildenbrand Reviewed-by: Baolin Wang Cc: Chris Li Cc: Yosry Ahmed Cc: "Huang, Ying" Cc: Kairui Song Cc: Ryan Roberts Cc: Kanchana P Sridhar Cc: Usama Arif Signed-off-by: Andrew Morton commit e0fc203748377835bbb4fb4c45174592214a3211 Author: Zi Yan Date: Wed Oct 23 13:12:36 2024 -0400 mm: avoid VM_BUG_ON when try to map an anon large folio to zero page. An anonymous large folio can be split into non order-0 folios, try_to_map_unused_to_zeropage() should not VM_BUG_ON compound pages but just return false. This fixes the crash when splitting anonymous large folios to non order-0 folios. Link: https://lkml.kernel.org/r/20241023171236.1122535-1-ziy@nvidia.com Fixes: b1f202060afe ("mm: remap unused subpages to shared zeropage when splitting isolated thp") Signed-off-by: Zi Yan Acked-by: David Hildenbrand Acked-by: Usama Arif Cc: Barry Song Cc: Domenico Cerasuolo Cc: Johannes Weiner Cc: Jonathan Corbet Cc: Matthew Wilcox Cc: Mike Rapoport (Microsoft) Cc: Nico Pache Cc: Rik van Riel Cc: Roman Gushchin Cc: Ryan Roberts Cc: Shakeel Butt Cc: Yu Zhao Signed-off-by: Andrew Morton commit f4657e16e767105194f97586fe3c03d3f64c4d37 Author: Hao Ge Date: Sun Oct 20 15:08:19 2024 +0800 mm/codetag: fix null pointer check logic for ref and tag When we compile and load lib/slub_kunit.c,it will cause a panic. The root cause is that __kmalloc_cache_noprof was directly called instead of kmem_cache_alloc,which resulted in no alloc_tag being allocated.This caused current->alloc_tag to be null,leading to a null pointer dereference in alloc_tag_ref_set. Despite the fact that my colleague Pei Xiao will later fix the code in slub_kunit.c,we still need fix null pointer check logic for ref and tag to avoid panic caused by a null pointer dereference. Here is the log for the panic: [ 74.779373][ T2158] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020 [ 74.780130][ T2158] Mem abort info: [ 74.780406][ T2158] ESR = 0x0000000096000004 [ 74.780756][ T2158] EC = 0x25: DABT (current EL), IL = 32 bits [ 74.781225][ T2158] SET = 0, FnV = 0 [ 74.781529][ T2158] EA = 0, S1PTW = 0 [ 74.781836][ T2158] FSC = 0x04: level 0 translation fault [ 74.782288][ T2158] Data abort info: [ 74.782577][ T2158] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 74.783068][ T2158] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 74.783533][ T2158] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 74.784010][ T2158] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000105f34000 [ 74.784586][ T2158] [0000000000000020] pgd=0000000000000000, p4d=0000000000000000 [ 74.785293][ T2158] Internal error: Oops: 0000000096000004 [#1] SMP [ 74.785805][ T2158] Modules linked in: slub_kunit kunit ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 ipt_REJECT nf_reject_ipv4 xt_conntrack ebtable_nat ebtable_broute ip6table_nat ip6table_mangle 4 [ 74.790661][ T2158] CPU: 0 UID: 0 PID: 2158 Comm: kunit_try_catch Kdump: loaded Tainted: G W N 6.12.0-rc3+ #2 [ 74.791535][ T2158] Tainted: [W]=WARN, [N]=TEST [ 74.791889][ T2158] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015 [ 74.792479][ T2158] pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 74.793101][ T2158] pc : alloc_tagging_slab_alloc_hook+0x120/0x270 [ 74.793607][ T2158] lr : alloc_tagging_slab_alloc_hook+0x120/0x270 [ 74.794095][ T2158] sp : ffff800084d33cd0 [ 74.794418][ T2158] x29: ffff800084d33cd0 x28: 0000000000000000 x27: 0000000000000000 [ 74.795095][ T2158] x26: 0000000000000000 x25: 0000000000000012 x24: ffff80007b30e314 [ 74.795822][ T2158] x23: ffff000390ff6f10 x22: 0000000000000000 x21: 0000000000000088 [ 74.796555][ T2158] x20: ffff000390285840 x19: fffffd7fc3ef7830 x18: ffffffffffffffff [ 74.797283][ T2158] x17: ffff8000800e63b4 x16: ffff80007b33afc4 x15: ffff800081654c00 [ 74.798011][ T2158] x14: 0000000000000000 x13: 205d383531325420 x12: 5b5d383734363537 [ 74.798744][ T2158] x11: ffff800084d337e0 x10: 000000000000005d x9 : 00000000ffffffd0 [ 74.799476][ T2158] x8 : 7f7f7f7f7f7f7f7f x7 : ffff80008219d188 x6 : c0000000ffff7fff [ 74.800206][ T2158] x5 : ffff0003fdbc9208 x4 : ffff800081edd188 x3 : 0000000000000001 [ 74.800932][ T2158] x2 : 0beaa6dee1ac5a00 x1 : 0beaa6dee1ac5a00 x0 : ffff80037c2cb000 [ 74.801656][ T2158] Call trace: [ 74.801954][ T2158] alloc_tagging_slab_alloc_hook+0x120/0x270 [ 74.802494][ T2158] __kmalloc_cache_noprof+0x148/0x33c [ 74.802976][ T2158] test_kmalloc_redzone_access+0x4c/0x104 [slub_kunit] [ 74.803607][ T2158] kunit_try_run_case+0x70/0x17c [kunit] [ 74.804124][ T2158] kunit_generic_run_threadfn_adapter+0x2c/0x4c [kunit] [ 74.804768][ T2158] kthread+0x10c/0x118 [ 74.805141][ T2158] ret_from_fork+0x10/0x20 [ 74.805540][ T2158] Code: b9400a80 11000400 b9000a80 97ffd858 (f94012d3) [ 74.806176][ T2158] SMP: stopping secondary CPUs [ 74.808130][ T2158] Starting crashdump kernel... Link: https://lkml.kernel.org/r/20241020070819.307944-1-hao.ge@linux.dev Fixes: e0a955bf7f61 ("mm/codetag: add pgalloc_tag_copy()") Signed-off-by: Hao Ge Acked-by: Suren Baghdasaryan Suggested-by: Suren Baghdasaryan Acked-by: Yu Zhao Cc: Kent Overstreet Signed-off-by: Andrew Morton commit aa6f8b2593b56a02043684182a89853f919dff3e Author: John Hubbard Date: Fri Oct 18 15:34:11 2024 -0700 mm/gup: stop leaking pinned pages in low memory conditions If a driver tries to call any of the pin_user_pages*(FOLL_LONGTERM) family of functions, and requests "too many" pages, then the call will erroneously leave pages pinned. This is visible in user space as an actual memory leak. Repro is trivial: just make enough pin_user_pages(FOLL_LONGTERM) calls to exhaust memory. The root cause of the problem is this sequence, within __gup_longterm_locked(): __get_user_pages_locked() rc = check_and_migrate_movable_pages() ...which gets retried in a loop. The loop error handling is incomplete, clearly due to a somewhat unusual and complicated tri-state error API. But anyway, if -ENOMEM, or in fact, any unexpected error is returned from check_and_migrate_movable_pages(), then __gup_longterm_locked() happily returns the error, while leaving the pages pinned. In the failed case, which is an app that requests (via a device driver) 30720000000 bytes to be pinned, and then exits, I see this: $ grep foll /proc/vmstat nr_foll_pin_acquired 7502048 nr_foll_pin_released 2048 And after applying this patch, it returns to balanced pins: $ grep foll /proc/vmstat nr_foll_pin_acquired 7502048 nr_foll_pin_released 7502048 Note that the child routine, check_and_migrate_movable_folios(), avoids this problem, by unpinning any folios in the **folios argument, before returning an error. Fix this by making check_and_migrate_movable_pages() behave in exactly the same way as check_and_migrate_movable_folios(): unpin all pages in **pages, before returning an error. Also, documentation was an aggravating factor, so: 1) Consolidate the documentation for these two routines, now that they have identical external behavior. 2) Rewrite the consolidated documentation: a) Clearly list the three return code cases, and what happens in each case. b) Mention that one of the cases unpins the pages or folios, before returning an error code. Link: https://lkml.kernel.org/r/20241018223411.310331-1-jhubbard@nvidia.com Fixes: 24a95998e9ba ("mm/gup.c: simplify and fix check_and_migrate_movable_pages() return codes") Signed-off-by: John Hubbard Reviewed-by: Alistair Popple Suggested-by: David Hildenbrand Cc: Shigeru Yoshida Cc: Jason Gunthorpe Cc: Minchan Kim Cc: Pasha Tatashin Signed-off-by: Andrew Morton commit 637f41476384c76d3cd7dcf5947caf2c8b8d7a9b Author: Daniel Golle Date: Sat Oct 26 14:52:25 2024 +0100 net: ethernet: mtk_wed: fix path of MT7988 WO firmware linux-firmware commit 808cba84 ("mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher") added mt7988_wo_{0,1}.bin in the 'mediatek/mt7988' directory while driver current expects the files in the 'mediatek' directory. Change path in the driver header now that the firmware has been added. Fixes: e2f64db13aa1 ("net: ethernet: mtk_wed: introduce WED support for MT7988") Signed-off-by: Daniel Golle Reviewed-by: Andrew Lunn Reviewed-by: AngeloGioacchino Del Regno Link: https://patch.msgid.link/Zxz0GWTR5X5LdWPe@pidgin.makrotopia.org Signed-off-by: Jakub Kicinski commit b919f1e54e11662d5aa9582b514431c168c0bed8 Merge: 04c20a9356f283 d7bd61fa0222db Author: Jakub Kicinski Date: Wed Oct 30 18:24:41 2024 -0700 Merge branch 'mlxsw-fixes' Petr Machata says: ==================== mlxsw: Fixes In this patchset: - Tx header should be pushed for each packet which is transmitted via Spectrum ASICs. Patch #1 adds a missing call to skb_cow_head() to make sure that there is both enough room to push the Tx header and that the SKB header is not cloned and can be modified. - Commit b5b60bb491b2 ("mlxsw: pci: Use page pool for Rx buffers allocation") converted mlxsw to use page pool for Rx buffers allocation. Sync for CPU and for device should be done for Rx pages. In patches #2 and #3, add the missing calls to sync pages for, respectively, CPU and the device. - Patch #4 then fixes a bug to IPv6 GRE forwarding offload. Patch #5 adds a generic forwarding test that fails with mlxsw ports prior to the fix. ==================== Link: https://patch.msgid.link/cover.1729866134.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit d7bd61fa0222db1cdc01d66bec2477c9fdfa6d4f Author: Ido Schimmel Date: Fri Oct 25 16:26:29 2024 +0200 selftests: forwarding: Add IPv6 GRE remote change tests Test that after changing the remote address of an ip6gre net device traffic is forwarded as expected. Test with both flat and hierarchical topologies and with and without an input / output keys. Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata Link: https://patch.msgid.link/02b05246d2cdada0cf2fccffc0faa8a424d0f51b.1729866134.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit 12ae97c531fcd3bfd774d4dfeaeac23eafe24280 Author: Ido Schimmel Date: Fri Oct 25 16:26:28 2024 +0200 mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address The device stores IPv6 addresses that are used for encapsulation in linear memory that is managed by the driver. Changing the remote address of an ip6gre net device never worked properly, but since cited commit the following reproducer [1] would result in a warning [2] and a memory leak [3]. The problem is that the new remote address is never added by the driver to its hash table (and therefore the device) and the old address is never removed from it. Fix by programming the new address when the configuration of the ip6gre net device changes and removing the old one. If the address did not change, then the above would result in increasing the reference count of the address and then decreasing it. [1] # ip link add name bla up type ip6gre local 2001:db8:1::1 remote 2001:db8:2::1 tos inherit ttl inherit # ip link set dev bla type ip6gre remote 2001:db8:3::1 # ip link del dev bla # devlink dev reload pci/0000:01:00.0 [2] WARNING: CPU: 0 PID: 1682 at drivers/net/ethernet/mellanox/mlxsw/spectrum.c:3002 mlxsw_sp_ipv6_addr_put+0x140/0x1d0 Modules linked in: CPU: 0 UID: 0 PID: 1682 Comm: ip Not tainted 6.12.0-rc3-custom-g86b5b55bc835 #151 Hardware name: Nvidia SN5600/VMOD0013, BIOS 5.13 05/31/2023 RIP: 0010:mlxsw_sp_ipv6_addr_put+0x140/0x1d0 [...] Call Trace: mlxsw_sp_router_netdevice_event+0x55f/0x1240 notifier_call_chain+0x5a/0xd0 call_netdevice_notifiers_info+0x39/0x90 unregister_netdevice_many_notify+0x63e/0x9d0 rtnl_dellink+0x16b/0x3a0 rtnetlink_rcv_msg+0x142/0x3f0 netlink_rcv_skb+0x50/0x100 netlink_unicast+0x242/0x390 netlink_sendmsg+0x1de/0x420 ____sys_sendmsg+0x2bd/0x320 ___sys_sendmsg+0x9a/0xe0 __sys_sendmsg+0x7a/0xd0 do_syscall_64+0x9e/0x1a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f [3] unreferenced object 0xffff898081f597a0 (size 32): comm "ip", pid 1626, jiffies 4294719324 hex dump (first 32 bytes): 20 01 0d b8 00 02 00 00 00 00 00 00 00 00 00 01 ............... 21 49 61 83 80 89 ff ff 00 00 00 00 01 00 00 00 !Ia............. backtrace (crc fd9be911): [<00000000df89c55d>] __kmalloc_cache_noprof+0x1da/0x260 [<00000000ff2a1ddb>] mlxsw_sp_ipv6_addr_kvdl_index_get+0x281/0x340 [<000000009ddd445d>] mlxsw_sp_router_netdevice_event+0x47b/0x1240 [<00000000743e7757>] notifier_call_chain+0x5a/0xd0 [<000000007c7b9e13>] call_netdevice_notifiers_info+0x39/0x90 [<000000002509645d>] register_netdevice+0x5f7/0x7a0 [<00000000c2e7d2a9>] ip6gre_newlink_common.isra.0+0x65/0x130 [<0000000087cd6d8d>] ip6gre_newlink+0x72/0x120 [<000000004df7c7cc>] rtnl_newlink+0x471/0xa20 [<0000000057ed632a>] rtnetlink_rcv_msg+0x142/0x3f0 [<0000000032e0d5b5>] netlink_rcv_skb+0x50/0x100 [<00000000908bca63>] netlink_unicast+0x242/0x390 [<00000000cdbe1c87>] netlink_sendmsg+0x1de/0x420 [<0000000011db153e>] ____sys_sendmsg+0x2bd/0x320 [<000000003b6d53eb>] ___sys_sendmsg+0x9a/0xe0 [<00000000cae27c62>] __sys_sendmsg+0x7a/0xd0 Fixes: cf42911523e0 ("mlxsw: spectrum_ipip: Use common hash table for IPv6 address mapping") Reported-by: Maksym Yaremchuk Signed-off-by: Ido Schimmel Reviewed-by: Petr Machata Signed-off-by: Petr Machata Link: https://patch.msgid.link/e91012edc5a6cb9df37b78fd377f669381facfcb.1729866134.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit d0fbdc3ae9ecc614ddffde55dccbcacef353da0b Author: Amit Cohen Date: Fri Oct 25 16:26:27 2024 +0200 mlxsw: pci: Sync Rx buffers for device Non-coherent architectures, like ARM, may require invalidating caches before the device can use the DMA mapped memory, which means that before posting pages to device, drivers should sync the memory for device. Sync for device can be configured as page pool responsibility. Set the relevant flag and define max_len for sync. Cc: Jiri Pirko Fixes: b5b60bb491b2 ("mlxsw: pci: Use page pool for Rx buffers allocation") Signed-off-by: Amit Cohen Reviewed-by: Ido Schimmel Signed-off-by: Petr Machata Link: https://patch.msgid.link/92e01f05c4f506a4f0a9b39c10175dcc01994910.1729866134.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit 15f73e601a9c67aa83bde92b2d940a6532d8614d Author: Amit Cohen Date: Fri Oct 25 16:26:26 2024 +0200 mlxsw: pci: Sync Rx buffers for CPU When Rx packet is received, drivers should sync the pages for CPU, to ensure the CPU reads the data written by the device and not stale data from its cache. Add the missing sync call in Rx path, sync the actual length of data for each fragment. Cc: Jiri Pirko Fixes: b5b60bb491b2 ("mlxsw: pci: Use page pool for Rx buffers allocation") Signed-off-by: Amit Cohen Reviewed-by: Ido Schimmel Signed-off-by: Petr Machata Link: https://patch.msgid.link/461486fac91755ca4e04c2068c102250026dcd0b.1729866134.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit 0a66e5582b5102c4d7b866b977ff7c850c1174ce Author: Amit Cohen Date: Fri Oct 25 16:26:25 2024 +0200 mlxsw: spectrum_ptp: Add missing verification before pushing Tx header Tx header should be pushed for each packet which is transmitted via Spectrum ASICs. The cited commit moved the call to skb_cow_head() from mlxsw_sp_port_xmit() to functions which handle Tx header. In case that mlxsw_sp->ptp_ops->txhdr_construct() is used to handle Tx header, and txhdr_construct() is mlxsw_sp_ptp_txhdr_construct(), there is no call for skb_cow_head() before pushing Tx header size to SKB. This flow is relevant for Spectrum-1 and Spectrum-4, for PTP packets. Add the missing call to skb_cow_head() to make sure that there is both enough room to push the Tx header and that the SKB header is not cloned and can be modified. An additional set will be sent to net-next to centralize the handling of the Tx header by pushing it to every packet just before transmission. Cc: Richard Cochran Fixes: 24157bc69f45 ("mlxsw: Send PTP packets as data packets to overcome a limitation") Signed-off-by: Amit Cohen Signed-off-by: Petr Machata Link: https://patch.msgid.link/5145780b07ebbb5d3b3570f311254a3a2d554a44.1729866134.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit 04c20a9356f283da623903e81e7c6d5df7e4dc3c Author: Benoît Monin Date: Thu Oct 24 16:01:54 2024 +0200 net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension As documented in skbuff.h, devices with NETIF_F_IPV6_CSUM capability can only checksum TCP and UDP over IPv6 if the IP header does not contains extension. This is enforced for UDP packets emitted from user-space to an IPv6 address as they go through ip6_make_skb(), which calls __ip6_append_data() where a check is done on the header size before setting CHECKSUM_PARTIAL. But the introduction of UDP encapsulation with fou6 added a code-path where it is possible to get an skb with a partial UDP checksum and an IPv6 header with extension: * fou6 adds a UDP header with a partial checksum if the inner packet does not contains a valid checksum. * ip6_tunnel adds an IPv6 header with a destination option extension header if encap_limit is non-zero (the default value is 4). The thread linked below describes in more details how to reproduce the problem with GRE-in-UDP tunnel. Add a check on the network header size in skb_csum_hwoffload_help() to make sure no IPv6 packet with extension header is handed to a network device with NETIF_F_IPV6_CSUM capability. Link: https://lore.kernel.org/netdev/26548921.1r3eYUQgxm@benoit.monin/T/#u Fixes: aa3463d65e7b ("fou: Add encap ops for IPv6 tunnels") Signed-off-by: Benoît Monin Reviewed-by: Willem de Bruijn Link: https://patch.msgid.link/5fbeecfc311ea182aa1d1c771725ab8b4cac515e.1729778144.git.benoit.monin@gmx.fr Signed-off-by: Jakub Kicinski commit 2313ab74c3004089ecac5f0f91f7274829f3825b Author: Alice Ryhl Date: Wed Oct 30 10:31:34 2024 +0000 cfi: tweak llvm version for HAVE_CFI_ICALL_NORMALIZE_INTEGERS The llvm fix [1] did not make it for 19.0.0, but ended up getting backported to llvm 19.1.3 [2]. Thus, fix the version requirement to correctly specify which versions have the bug. Link: https://github.com/llvm/llvm-project/pull/104826 [1] Link: https://github.com/llvm/llvm-project/pull/113938 [2] Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202410281414.c351044e-oliver.sang@intel.com Fixes: 8b8ca9c25fe6 ("cfi: fix conditions for HAVE_CFI_ICALL_NORMALIZE_INTEGERS") Signed-off-by: Alice Ryhl Reviewed-by: Sami Tolvanen Link: https://lore.kernel.org/r/20241030-cfi-icall-1913-v1-1-ab8a26e13733@google.com Signed-off-by: Miguel Ojeda commit 69d5e722be949a1e2409c3f2865ba6020c279db6 Author: Peter Zijlstra Date: Wed Oct 30 11:49:34 2024 +0100 sched/ext: Fix scx vs sched_delayed Commit 98442f0ccd82 ("sched: Fix delayed_dequeue vs switched_from_fair()") forgot about scx :/ Fixes: 98442f0ccd82 ("sched: Fix delayed_dequeue vs switched_from_fair()") Reported-by: Tejun Heo Signed-off-by: Peter Zijlstra (Intel) Acked-by: Tejun Heo Link: https://lkml.kernel.org/r/20241030104934.GK14555@noisy.programming.kicks-ass.net commit 0fc810ae3ae110f9e2fcccce80fc8c8d62f97907 Author: Linus Torvalds Date: Tue Oct 29 16:03:31 2024 -1000 x86/uaccess: Avoid barrier_nospec() in 64-bit copy_from_user() The barrier_nospec() in 64-bit copy_from_user() is slow. Instead use pointer masking to force the user pointer to all 1's for an invalid address. The kernel test robot reports a 2.6% improvement in the per_thread_ops benchmark [1]. This is a variation on a patch originally by Josh Poimboeuf [2]. Link: https://lore.kernel.org/202410281344.d02c72a2-oliver.sang@intel.com [1] Link: https://lore.kernel.org/5b887fe4c580214900e21f6c61095adf9a142735.1730166635.git.jpoimboe@kernel.org [2] Tested-and-reviewed-by: Josh Poimboeuf Cc: Kirill A. Shutemov Signed-off-by: Linus Torvalds commit 14b7d43c5c068cb9688a9fe68883f4340effb053 Merge: 4236f913808ceb a5384c426744eb Author: Linus Torvalds Date: Wed Oct 30 11:17:47 2024 -1000 Merge tag 'perf-tools-fixes-for-v6.12-2-2024-10-30' of git://git.kernel.org/pub/scm/linux/kernel/git/perf/perf-tools Pull perf tools fixes from Arnaldo Carvalho de Melo: - Update more header copies with the kernel sources, including const.h, msr-index.h, arm64's cputype.h, kvm's, bits.h and unaligned.h - The return from 'write' isn't a pid, fix cut'n'paste error in 'perf trace' - Fix up the python binding build on architectures without HAVE_KVM_STAT_SUPPORT - Add some more bounds checks to augmented_raw_syscalls.bpf.c (used to collect syscall pointer arguments in 'perf trace') to make the resulting bytecode to pass the kernel BPF verifier, allowing us to go back accepting clang 12.0.1 as the minimum version required for compiling BPF sources - Add __NR_capget for x86 to fix a regression on running perf + intel PT (hw tracing) as non-root setting up the capabilities as described in https://www.kernel.org/doc/html/latest/admin-guide/perf-security.html - Fix missing syscalltbl in non-explicitly listed architectures, noticed on ARM 32-bit, that still needs a .tbl generator for the syscall id<->name tables, should be added for v6.13 - Handle 'perf test' failure when handling broken DWARF for ASM files * tag 'perf-tools-fixes-for-v6.12-2-2024-10-30' of git://git.kernel.org/pub/scm/linux/kernel/git/perf/perf-tools: perf cap: Add __NR_capget to arch/x86 unistd tools headers: Update the linux/unaligned.h copy with the kernel sources tools headers arm64: Sync arm64's cputype.h with the kernel sources tools headers: Synchronize {uapi/}linux/bits.h with the kernel sources tools arch x86: Sync the msr-index.h copy with the kernel sources perf python: Fix up the build on architectures without HAVE_KVM_STAT_SUPPORT perf test: Handle perftool-testsuite_probe failure due to broken DWARF tools headers UAPI: Sync kvm headers with the kernel sources perf trace: Fix non-listed archs in the syscalltbl routines perf build: Change the clang check back to 12.0.1 perf trace augmented_raw_syscalls: Add more checks to pass the verifier perf trace augmented_raw_syscalls: Add extra array index bounds checking to satisfy some BPF verifiers perf trace: The return from 'write' isn't a pid tools headers UAPI: Sync linux/const.h with the kernel headers commit 63a81588cd2025e75fbaf30b65930b76825c456f Author: Chuck Lever Date: Wed Oct 30 16:11:30 2024 -0400 rpcrdma: Always release the rpcrdma_device's xa_array Dai pointed out that the xa_init_flags() in rpcrdma_add_one() needs to have a matching xa_destroy() in rpcrdma_remove_one() to release underlying memory that the xarray might have accrued during operation. Reported-by: Dai Ngo Fixes: 7e86845a0346 ("rpcrdma: Implement generic device removal") Signed-off-by: Chuck Lever commit 053b212b3a356e47fe7772fbf19e07721393ba72 Merge: d0b98f6a17a5cb ebafc1e535db19 Author: Alexei Starovoitov Date: Wed Oct 30 12:13:46 2024 -0700 Merge branch 'fixes-for-bits-iterator' Hou Tao says: ==================== The patch set fixes several issues in bits iterator. Patch #1 fixes the kmemleak problem of bits iterator. Patch #2~#3 fix the overflow problem of nr_bits. Patch #4 fixes the potential stack corruption when bits iterator is used on 32-bit host. Patch #5 adds more test cases for bits iterator. Please see the individual patches for more details. And comments are always welcome. --- v4: * patch #1: add ack from Yafang * patch #3: revert code-churn like changes: (1) compute nr_bytes and nr_bits before the check of nr_words. (2) use nr_bits == 64 to check for single u64, preventing build warning on 32-bit hosts. * patch #4: use "BITS_PER_LONG == 32" instead of "!defined(CONFIG_64BIT)" v3: https://lore.kernel.org/bpf/20241025013233.804027-1-houtao@huaweicloud.com/T/#t * split the bits-iterator related patches from "Misc fixes for bpf" patch set * patch #1: use "!nr_bits || bits >= nr_bits" to stop the iteration * patch #2: add a new helper for the overflow problem * patch #3: decrease the limitation from 512 to 511 and check whether nr_bytes is too large for bpf memory allocator explicitly * patch #5: add two more test cases for bit iterator v2: http://lore.kernel.org/bpf/d49fa2f4-f743-c763-7579-c3cab4dd88cb@huaweicloud.com ==================== Link: https://lore.kernel.org/r/20241030100516.3633640-1-houtao@huaweicloud.com Signed-off-by: Alexei Starovoitov commit ebafc1e535db19505aec3b94a4a641fe735a2eac Author: Hou Tao Date: Wed Oct 30 18:05:16 2024 +0800 selftests/bpf: Add three test cases for bits_iter Add more test cases for bits iterator: (1) huge word test Verify the multiplication overflow of nr_bits in bits_iter. Without the overflow check, when nr_words is 67108865, nr_bits becomes 64, causing bpf_probe_read_kernel_common() to corrupt the stack. (2) max word test Verify correct handling of maximum nr_words value (511). (3) bad word test Verify early termination of bits iteration when bits iterator initialization fails. Also rename bits_nomem to bits_too_big to better reflect its purpose. Signed-off-by: Hou Tao Link: https://lore.kernel.org/r/20241030100516.3633640-6-houtao@huaweicloud.com Signed-off-by: Alexei Starovoitov commit e1339383675063ae4760d81ffe13a79981841b8d Author: Hou Tao Date: Wed Oct 30 18:05:15 2024 +0800 bpf: Use __u64 to save the bits in bits iterator On 32-bit hosts (e.g., arm32), when a bpf program passes a u64 to bpf_iter_bits_new(), bpf_iter_bits_new() will use bits_copy to store the content of the u64. However, bits_copy is only 4 bytes, leading to stack corruption. The straightforward solution would be to replace u64 with unsigned long in bpf_iter_bits_new(). However, this introduces confusion and problems for 32-bit hosts because the size of ulong in bpf program is 8 bytes, but it is treated as 4-bytes after passed to bpf_iter_bits_new(). Fix it by changing the type of both bits and bit_count from unsigned long to u64. However, the change is not enough. The main reason is that bpf_iter_bits_next() uses find_next_bit() to find the next bit and the pointer passed to find_next_bit() is an unsigned long pointer instead of a u64 pointer. For 32-bit little-endian host, it is fine but it is not the case for 32-bit big-endian host. Because under 32-bit big-endian host, the first iterated unsigned long will be the bits 32-63 of the u64 instead of the expected bits 0-31. Therefore, in addition to changing the type, swap the two unsigned longs within the u64 for 32-bit big-endian host. Signed-off-by: Hou Tao Link: https://lore.kernel.org/r/20241030100516.3633640-5-houtao@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 393397fbdcad7396639d7077c33f86169184ba99 Author: Hou Tao Date: Wed Oct 30 18:05:14 2024 +0800 bpf: Check the validity of nr_words in bpf_iter_bits_new() Check the validity of nr_words in bpf_iter_bits_new(). Without this check, when multiplication overflow occurs for nr_bits (e.g., when nr_words = 0x0400-0001, nr_bits becomes 64), stack corruption may occur due to bpf_probe_read_kernel_common(..., nr_bytes = 0x2000-0008). Fix it by limiting the maximum value of nr_words to 511. The value is derived from the current implementation of BPF memory allocator. To ensure compatibility if the BPF memory allocator's size limitation changes in the future, use the helper bpf_mem_alloc_check_size() to check whether nr_bytes is too larger. And return -E2BIG instead of -ENOMEM for oversized nr_bytes. Fixes: 4665415975b0 ("bpf: Add bits iterator") Signed-off-by: Hou Tao Link: https://lore.kernel.org/r/20241030100516.3633640-4-houtao@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 62a898b07b83f6f407003d8a70f0827a5af08a59 Author: Hou Tao Date: Wed Oct 30 18:05:13 2024 +0800 bpf: Add bpf_mem_alloc_check_size() helper Introduce bpf_mem_alloc_check_size() to check whether the allocation size exceeds the limitation for the kmalloc-equivalent allocator. The upper limit for percpu allocation is LLIST_NODE_SZ bytes larger than non-percpu allocation, so a percpu argument is added to the helper. The helper will be used in the following patch to check whether the size parameter passed to bpf_mem_alloc() is too big. Signed-off-by: Hou Tao Link: https://lore.kernel.org/r/20241030100516.3633640-3-houtao@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 101ccfbabf4738041273ce64e2b116cf440dea13 Author: Hou Tao Date: Wed Oct 30 18:05:12 2024 +0800 bpf: Free dynamically allocated bits in bpf_iter_bits_destroy() bpf_iter_bits_destroy() uses "kit->nr_bits <= 64" to check whether the bits are dynamically allocated. However, the check is incorrect and may cause a kmemleak as shown below: unreferenced object 0xffff88812628c8c0 (size 32): comm "swapper/0", pid 1, jiffies 4294727320 hex dump (first 32 bytes): b0 c1 55 f5 81 88 ff ff f0 f0 f0 f0 f0 f0 f0 f0 ..U........... f0 f0 f0 f0 f0 f0 f0 f0 00 00 00 00 00 00 00 00 .............. backtrace (crc 781e32cc): [<00000000c452b4ab>] kmemleak_alloc+0x4b/0x80 [<0000000004e09f80>] __kmalloc_node_noprof+0x480/0x5c0 [<00000000597124d6>] __alloc.isra.0+0x89/0xb0 [<000000004ebfffcd>] alloc_bulk+0x2af/0x720 [<00000000d9c10145>] prefill_mem_cache+0x7f/0xb0 [<00000000ff9738ff>] bpf_mem_alloc_init+0x3e2/0x610 [<000000008b616eac>] bpf_global_ma_init+0x19/0x30 [<00000000fc473efc>] do_one_initcall+0xd3/0x3c0 [<00000000ec81498c>] kernel_init_freeable+0x66a/0x940 [<00000000b119f72f>] kernel_init+0x20/0x160 [<00000000f11ac9a7>] ret_from_fork+0x3c/0x70 [<0000000004671da4>] ret_from_fork_asm+0x1a/0x30 That is because nr_bits will be set as zero in bpf_iter_bits_next() after all bits have been iterated. Fix the issue by setting kit->bit to kit->nr_bits instead of setting kit->nr_bits to zero when the iteration completes in bpf_iter_bits_next(). In addition, use "!nr_bits || bits >= nr_bits" to check whether the iteration is complete and still use "nr_bits > 64" to indicate whether bits are dynamically allocated. The "!nr_bits" check is necessary because bpf_iter_bits_new() may fail before setting kit->nr_bits, and this condition will stop the iteration early instead of accessing the zeroed or freed kit->bits. Considering the initial value of kit->bits is -1 and the type of kit->nr_bits is unsigned int, change the type of kit->nr_bits to int. The potential overflow problem will be handled in the following patch. Fixes: 4665415975b0 ("bpf: Add bits iterator") Acked-by: Yafang Shao Signed-off-by: Hou Tao Link: https://lore.kernel.org/r/20241030100516.3633640-2-houtao@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 1e67d8641813f1876a42eeb4f532487b8a7fb0a8 Author: Sungwoo Kim Date: Tue Oct 29 19:44:41 2024 +0000 Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs Fix __hci_cmd_sync_sk() to return not NULL for unknown opcodes. __hci_cmd_sync_sk() returns NULL if a command returns a status event. However, it also returns NULL where an opcode doesn't exist in the hci_cc table because hci_cmd_complete_evt() assumes status = skb->data[0] for unknown opcodes. This leads to null-ptr-deref in cmd_sync for HCI_OP_READ_LOCAL_CODECS as there is no hci_cc for HCI_OP_READ_LOCAL_CODECS, which always assumes status = skb->data[0]. KASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077] CPU: 1 PID: 2000 Comm: kworker/u9:5 Not tainted 6.9.0-ga6bcb805883c-dirty #10 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Workqueue: hci7 hci_power_on RIP: 0010:hci_read_supported_codecs+0xb9/0x870 net/bluetooth/hci_codec.c:138 Code: 08 48 89 ef e8 b8 c1 8f fd 48 8b 75 00 e9 96 00 00 00 49 89 c6 48 ba 00 00 00 00 00 fc ff df 4c 8d 60 70 4c 89 e3 48 c1 eb 03 <0f> b6 04 13 84 c0 0f 85 82 06 00 00 41 83 3c 24 02 77 0a e8 bf 78 RSP: 0018:ffff888120bafac8 EFLAGS: 00010212 RAX: 0000000000000000 RBX: 000000000000000e RCX: ffff8881173f0040 RDX: dffffc0000000000 RSI: ffffffffa58496c0 RDI: ffff88810b9ad1e4 RBP: ffff88810b9ac000 R08: ffffffffa77882a7 R09: 1ffffffff4ef1054 R10: dffffc0000000000 R11: fffffbfff4ef1055 R12: 0000000000000070 R13: 0000000000000000 R14: 0000000000000000 R15: ffff88810b9ac000 FS: 0000000000000000(0000) GS:ffff8881f6c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f6ddaa3439e CR3: 0000000139764003 CR4: 0000000000770ef0 PKRU: 55555554 Call Trace: hci_read_local_codecs_sync net/bluetooth/hci_sync.c:4546 [inline] hci_init_stage_sync net/bluetooth/hci_sync.c:3441 [inline] hci_init4_sync net/bluetooth/hci_sync.c:4706 [inline] hci_init_sync net/bluetooth/hci_sync.c:4742 [inline] hci_dev_init_sync net/bluetooth/hci_sync.c:4912 [inline] hci_dev_open_sync+0x19a9/0x2d30 net/bluetooth/hci_sync.c:4994 hci_dev_do_open net/bluetooth/hci_core.c:483 [inline] hci_power_on+0x11e/0x560 net/bluetooth/hci_core.c:1015 process_one_work kernel/workqueue.c:3267 [inline] process_scheduled_works+0x8ef/0x14f0 kernel/workqueue.c:3348 worker_thread+0x91f/0xe50 kernel/workqueue.c:3429 kthread+0x2cb/0x360 kernel/kthread.c:388 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Fixes: abfeea476c68 ("Bluetooth: hci_sync: Convert MGMT_OP_START_DISCOVERY") Signed-off-by: Sungwoo Kim Signed-off-by: Luiz Augusto von Dentz commit 4236f913808cebef1b9e078726a4e5d56064f7ad Merge: c1e939a21eb111 cb7e509c4e0197 Author: Linus Torvalds Date: Wed Oct 30 08:16:23 2024 -1000 Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi Pull SCSI fixes from James Bottomley: "Two small fixes, both in drivers (ufs and scsi_debug)" * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: scsi: ufs: core: Fix another deadlock during RTC update scsi: scsi_debug: Fix do_device_access() handling of unexpected SG copy length commit 8286f8b622990194207df9ab852e0f87c60d35e9 Author: Chuck Lever Date: Tue Oct 29 15:27:19 2024 -0400 NFSD: Never decrement pending_async_copies on error The error flow in nfsd4_copy() calls cleanup_async_copy(), which already decrements nn->pending_async_copies. Reported-by: Olga Kornievskaia Fixes: aadc3bbea163 ("NFSD: Limit the number of concurrent async COPY operations") Signed-off-by: Chuck Lever commit 0bf020344204a2c1067b7562b6a247e6c689e28b Author: Sibi Sankar Date: Wed Oct 30 18:25:11 2024 +0530 pmdomain: arm: Use FLAG_DEV_NAME_FW to ensure unique names The domain attributes returned by the perf protocol can end up reporting identical names across domains, resulting in debugfs node creation failure. Use the GENPD_FLAG_DEV_NAME_FW to ensure the genpd providers end up with an unique name. Logs: [X1E reports 'NCC' for all its scmi perf domains] debugfs: Directory 'NCC' with parent 'pm_genpd' already present! debugfs: Directory 'NCC' with parent 'pm_genpd' already present! Reported-by: Johan Hovold Closes: https://lore.kernel.org/lkml/ZoQjAWse2YxwyRJv@hovoldconsulting.com/ Suggested-by: Ulf Hansson Suggested-by: Dmitry Baryshkov Signed-off-by: Sibi Sankar Cc: stable@vger.kernel.org Message-ID: <20241030125512.2884761-6-quic_sibis@quicinc.com> Signed-off-by: Ulf Hansson commit 899f44531fe6cac4b024710fec647ecc127724b8 Author: Sibi Sankar Date: Wed Oct 30 18:25:10 2024 +0530 pmdomain: core: Add GENPD_FLAG_DEV_NAME_FW flag Introduce GENPD_FLAG_DEV_NAME_FW flag which instructs genpd to generate an unique device name using ida. It is aimed to be used by genpd providers which derive their names directly from FW making them susceptible to debugfs node creation failures. Reported-by: Johan Hovold Closes: https://lore.kernel.org/lkml/ZoQjAWse2YxwyRJv@hovoldconsulting.com/ Fixes: 718072ceb211 ("PM: domains: create debugfs nodes when adding power domains") Suggested-by: Ulf Hansson Suggested-by: Dmitry Baryshkov Signed-off-by: Sibi Sankar Cc: stable@vger.kernel.org Message-ID: <20241030125512.2884761-5-quic_sibis@quicinc.com> Signed-off-by: Ulf Hansson commit 4700fd3e050da8302e60ebd4850d008250fa7204 Author: Boris Brezillon Date: Tue Oct 29 16:29:11 2024 +0100 drm/panthor: Report group as timedout when we fail to properly suspend If we don't do that, the group is considered usable by userspace, but all further GROUP_SUBMIT will fail with -EINVAL. Changes in v3: - Add R-bs Changes in v2: - New patch Fixes: de8548813824 ("drm/panthor: Add the scheduler logical block") Signed-off-by: Boris Brezillon Reviewed-by: Steven Price Reviewed-by: Liviu Dudau Link: https://patchwork.freedesktop.org/patch/msgid/20241029152912.270346-3-boris.brezillon@collabora.com commit 412a2a8fdd4eb89b263623c7a59b77dbfcf8f215 Author: Boris Brezillon Date: Tue Oct 29 16:29:10 2024 +0100 drm/panthor: Fail job creation when the group is dead Userspace can use GROUP_SUBMIT errors as a trigger to check the group state and recreate the group if it became unusable. Make sure we report an error when the group became unusable. Changes in v3: - None Changes in v2: - Add R-bs Fixes: de8548813824 ("drm/panthor: Add the scheduler logical block") Signed-off-by: Boris Brezillon Reviewed-by: Steven Price Reviewed-by: Liviu Dudau Link: https://patchwork.freedesktop.org/patch/msgid/20241029152912.270346-2-boris.brezillon@collabora.com commit 5d01b56f0518d80211812420a8907ca0b6c6e4e3 Author: Boris Brezillon Date: Wed Oct 30 16:02:31 2024 +0100 drm/panthor: Fix firmware initialization on systems with a page size > 4k The system and GPU MMU page size might differ, which becomes a problem for FW sections that need to be mapped at explicit addresses since our PAGE_SIZE alignment might cover a VA range that's expected to be used for another section. Make sure we never map more than we need. Changes in v3: - Add R-bs Changes in v2: - Plan for per-VM page sizes so the MCU VM and user VM can have different pages sizes Fixes: 2718d91816ee ("drm/panthor: Add the FW logical block") Signed-off-by: Boris Brezillon Reviewed-by: Steven Price Reviewed-by: Liviu Dudau Link: https://patchwork.freedesktop.org/patch/msgid/20241030150231.768949-1-boris.brezillon@collabora.com commit 5eed4fb274cd6579f2fb4190b11c4c86c553cd06 Author: Keith Busch Date: Mon Oct 28 13:45:46 2024 -0700 nvme: re-fix error-handling for io_uring nvme-passthrough This was previously fixed with commit 1147dd0503564fa0e0348 ("nvme: fix error-handling for io_uring nvme-passthrough"), but the change was mistakenly undone in a later commit. Fixes: d6aacee9255e7f ("nvme: use bio_integrity_map_user") Cc: stable@vger.kernel.org Reported-by: Jens Axboe Reviewed-by: Christoph Hellwig Reviewed-by: Anuj Gupta Reviewed-by: Kanchan Joshi Signed-off-by: Keith Busch commit d2f551b1f72b4c508ab9298419f6feadc3b5d791 Author: Vitaliy Shevtsov Date: Mon Sep 16 22:41:37 2024 +0500 nvmet-auth: assign dh_key to NULL after kfree_sensitive ctrl->dh_key might be used across multiple calls to nvmet_setup_dhgroup() for the same controller. So it's better to nullify it after release on error path in order to avoid double free later in nvmet_destroy_auth(). Found by Linux Verification Center (linuxtesting.org) with Svace. Fixes: 7a277c37d352 ("nvmet-auth: Diffie-Hellman key exchange support") Cc: stable@vger.kernel.org Signed-off-by: Vitaliy Shevtsov Reviewed-by: Christoph Hellwig Reviewed-by: Hannes Reinecke Signed-off-by: Keith Busch commit 42ab37eaad17aee458489c553a367621ee04e0bc Author: Keith Busch Date: Wed Oct 23 08:40:26 2024 -0700 nvme: module parameter to disable pi with offsets A recent commit enables integrity checks for formats the previous kernel versions registered with the "nop" integrity profile. This means namespaces using that format become unreadable when upgrading the kernel past that commit. Introduce a module parameter to restore the "nop" integrity profile so that storage can be readable once again. This could be a boot device, so the setting needs to happen at module load time. Fixes: 921e81db524d17 ("nvme: allow integrity when PI is not in first bytes") Reported-by: David Wei Reviewed-by: Christoph Hellwig Reviewed-by: Kanchan Joshi Reviewed-by: Chaitanya Kulkarni Signed-off-by: Keith Busch commit e49370d769e71456db3fbd982e95bab8c69f73e8 Author: Christoffer Sandberg Date: Tue Oct 29 16:16:53 2024 +0100 ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 Quirk is needed to enable headset microphone on missing pin 0x19. Signed-off-by: Christoffer Sandberg Signed-off-by: Werner Sembach Cc: Link: https://patch.msgid.link/20241029151653.80726-2-wse@tuxedocomputers.com Signed-off-by: Takashi Iwai commit 0b04fbe886b4274c8e5855011233aaa69fec6e75 Author: Christoffer Sandberg Date: Tue Oct 29 16:16:52 2024 +0100 ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 Quirk is needed to enable headset microphone on missing pin 0x19. Signed-off-by: Christoffer Sandberg Signed-off-by: Werner Sembach Cc: Link: https://patch.msgid.link/20241029151653.80726-1-wse@tuxedocomputers.com Signed-off-by: Takashi Iwai commit 4413665dd6c528b31284119e3571c25f371e1c36 Author: Jan Schär Date: Tue Oct 29 23:12:49 2024 +0100 ALSA: usb-audio: Add quirks for Dell WD19 dock The WD19 family of docks has the same audio chipset as the WD15. This change enables jack detection on the WD19. We don't need the dell_dock_mixer_init quirk for the WD19. It is only needed because of the dell_alc4020_map quirk for the WD15 in mixer_maps.c, which disables the volume controls. Even for the WD15, this quirk was apparently only needed when the dock firmware was not updated. Signed-off-by: Jan Schär Cc: Link: https://patch.msgid.link/20241029221249.15661-1-jan@jschaer.ch Signed-off-by: Takashi Iwai commit 7027eee0908cc4807bb69242e6ceaa0002e682a7 Merge: ef5fbdf732a158 2db63e92186d72 Author: Takashi Iwai Date: Wed Oct 30 14:46:35 2024 +0100 Merge tag 'asoc-fix-v6.12-rc5' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus ASoC: Fixes for v6.12 The biggest set of changes here is Hans' fixes and quirks for various Baytrail based platforms with RT5640 CODECs, and there's one core fix for a missed length assignment for __counted_by() checking. Otherwise it's small device specific fixes, several of them in the DT bindings. commit 4ed234fe793f27a3b151c43d2106df2ff0d81aac Author: Eric Dumazet Date: Fri Oct 25 08:02:29 2024 +0000 netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() I got a syzbot report without a repro [1] crashing in nf_send_reset6() I think the issue is that dev->hard_header_len is zero, and we attempt later to push an Ethernet header. Use LL_MAX_HEADER, as other functions in net/ipv6/netfilter/nf_reject_ipv6.c. [1] skbuff: skb_under_panic: text:ffffffff89b1d008 len:74 put:14 head:ffff88803123aa00 data:ffff88803123a9f2 tail:0x3c end:0x140 dev:syz_tun kernel BUG at net/core/skbuff.c:206 ! Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 0 UID: 0 PID: 7373 Comm: syz.1.568 Not tainted 6.12.0-rc2-syzkaller-00631-g6d858708d465 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 RIP: 0010:skb_panic net/core/skbuff.c:206 [inline] RIP: 0010:skb_under_panic+0x14b/0x150 net/core/skbuff.c:216 Code: 0d 8d 48 c7 c6 60 a6 29 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 ba 30 38 02 48 83 c4 20 90 <0f> 0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 RSP: 0018:ffffc900045269b0 EFLAGS: 00010282 RAX: 0000000000000088 RBX: dffffc0000000000 RCX: cd66dacdc5d8e800 RDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000 RBP: ffff88802d39a3d0 R08: ffffffff8174afec R09: 1ffff920008a4ccc R10: dffffc0000000000 R11: fffff520008a4ccd R12: 0000000000000140 R13: ffff88803123aa00 R14: ffff88803123a9f2 R15: 000000000000003c FS: 00007fdbee5ff6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 000000005d322000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: skb_push+0xe5/0x100 net/core/skbuff.c:2636 eth_header+0x38/0x1f0 net/ethernet/eth.c:83 dev_hard_header include/linux/netdevice.h:3208 [inline] nf_send_reset6+0xce6/0x1270 net/ipv6/netfilter/nf_reject_ipv6.c:358 nft_reject_inet_eval+0x3b9/0x690 net/netfilter/nft_reject_inet.c:48 expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline] nft_do_chain+0x4ad/0x1da0 net/netfilter/nf_tables_core.c:288 nft_do_chain_inet+0x418/0x6b0 net/netfilter/nft_chain_filter.c:161 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626 nf_hook include/linux/netfilter.h:269 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] br_nf_pre_routing_ipv6+0x63e/0x770 net/bridge/br_netfilter_ipv6.c:184 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_bridge_pre net/bridge/br_input.c:277 [inline] br_handle_frame+0x9fd/0x1530 net/bridge/br_input.c:424 __netif_receive_skb_core+0x13e8/0x4570 net/core/dev.c:5562 __netif_receive_skb_one_core net/core/dev.c:5666 [inline] __netif_receive_skb+0x12f/0x650 net/core/dev.c:5781 netif_receive_skb_internal net/core/dev.c:5867 [inline] netif_receive_skb+0x1e8/0x890 net/core/dev.c:5926 tun_rx_batched+0x1b7/0x8f0 drivers/net/tun.c:1550 tun_get_user+0x3056/0x47e0 drivers/net/tun.c:2007 tun_chr_write_iter+0x10d/0x1f0 drivers/net/tun.c:2053 new_sync_write fs/read_write.c:590 [inline] vfs_write+0xa6d/0xc90 fs/read_write.c:683 ksys_write+0x183/0x2b0 fs/read_write.c:736 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fdbeeb7d1ff Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 RSP: 002b:00007fdbee5ff000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007fdbeed36058 RCX: 00007fdbeeb7d1ff RDX: 000000000000008e RSI: 0000000020000040 RDI: 00000000000000c8 RBP: 00007fdbeebf12be R08: 0000000000000000 R09: 0000000000000000 R10: 000000000000008e R11: 0000000000000293 R12: 0000000000000000 R13: 0000000000000000 R14: 00007fdbeed36058 R15: 00007ffc38de06e8 Fixes: c8d7b98bec43 ("netfilter: move nf_send_resetX() code to nf_reject_ipvX modules") Reported-by: syzbot Signed-off-by: Eric Dumazet Signed-off-by: Pablo Neira Ayuso commit f48d258f0ac540f00fa617dac496c4c18b5dc2fa Author: Dong Chenchen Date: Thu Oct 24 09:47:01 2024 +0800 netfilter: Fix use-after-free in get_info() ip6table_nat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 module_put+0x6f/0x80 Modules linked in: ip6table_nat(-) CPU: 1 UID: 0 PID: 379 Comm: ip6tables Not tainted 6.12.0-rc4-00047-gc2ee9f594da8-dirty #205 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 RIP: 0010:module_put+0x6f/0x80 Call Trace: get_info+0x128/0x180 do_ip6t_get_ctl+0x6a/0x430 nf_getsockopt+0x46/0x80 ipv6_getsockopt+0xb9/0x100 rawv6_getsockopt+0x42/0x190 do_sock_getsockopt+0xaa/0x180 __sys_getsockopt+0x70/0xc0 __x64_sys_getsockopt+0x20/0x30 do_syscall_64+0xa2/0x1a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Concurrent execution of module unload and get_info() trigered the warning. The root cause is as follows: cpu0 cpu1 module_exit //mod->state = MODULE_STATE_GOING ip6table_nat_exit xt_unregister_template kfree(t) //removed from templ_list getinfo() t = xt_find_table_lock list_for_each_entry(tmpl, &xt_templates[af]...) if (strcmp(tmpl->name, name)) continue; //table not found try_module_get list_for_each_entry(t, &xt_net->tables[af]...) return t; //not get refcnt module_put(t->me) //uaf unregister_pernet_subsys //remove table from xt_net list While xt_table module was going away and has been removed from xt_templates list, we couldnt get refcnt of xt_table->me. Check module in xt_net->tables list re-traversal to fix it. Fixes: fdacd57c79b7 ("netfilter: x_tables: never register tables by default") Signed-off-by: Dong Chenchen Reviewed-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit 76342e84258771e0ef1da7f7de071069f33f9900 Author: Liu Jing Date: Mon Oct 21 16:04:47 2024 +0800 selftests: netfilter: remove unused parameter err is never used, remove it. Signed-off-by: Liu Jing Signed-off-by: Pablo Neira Ayuso commit 81a1e1c32ef474c20ccb9f730afe1ac25b1c62a4 Author: Christoph Hellwig Date: Wed Oct 23 15:37:23 2024 +0200 xfs: streamline xfs_filestream_pick_ag Directly return the error from xfs_bmap_longest_free_extent instead of breaking from the loop and handling it there, and use a done label to directly jump to the exist when we found a suitable perag structure to reduce the indentation level and pag/max_pag check complexity in the tail of the function. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit dc60992ce76fbc2f71c2674f435ff6bde2108028 Author: Christoph Hellwig Date: Wed Oct 23 15:37:22 2024 +0200 xfs: fix finding a last resort AG in xfs_filestream_pick_ag When the main loop in xfs_filestream_pick_ag fails to find a suitable AG it tries to just pick the online AG. But the loop for that uses args->pag as loop iterator while the later code expects pag to be set. Fix this by reusing the max_pag case for this last resort, and also add a check for impossible case of no AG just to make sure that the uninitialized pag doesn't even escape in theory. Reported-by: syzbot+4125a3c514e3436a02e6@syzkaller.appspotmail.com Signed-off-by: Christoph Hellwig Tested-by: syzbot+4125a3c514e3436a02e6@syzkaller.appspotmail.com Fixes: f8f1ed1ab3baba ("xfs: return a referenced perag from filestreams allocator") Cc: # v6.3 Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit 3ef22684038aa577c10972ee9c6a2455f5fac941 Author: Chi Zhiling Date: Fri Oct 25 10:33:20 2024 +0800 xfs: Reduce unnecessary searches when searching for the best extents Recently, we found that the CPU spent a lot of time in xfs_alloc_ag_vextent_size when the filesystem has millions of fragmented spaces. The reason is that we conducted much extra searching for extents that could not yield a better result, and these searches would cost a lot of time when there were millions of extents to search through. Even if we get the same result length, we don't switch our choice to the new one, so we can definitely terminate the search early. Since the result length cannot exceed the found length, when the found length equals the best result length we already have, we can conclude the search. We did a test in that filesystem: [root@localhost ~]# xfs_db -c freesp /dev/vdb from to extents blocks pct 1 1 215 215 0.01 2 3 994476 1988952 99.99 Before this patch: 0) | xfs_alloc_ag_vextent_size [xfs]() { 0) * 15597.94 us | } After this patch: 0) | xfs_alloc_ag_vextent_size [xfs]() { 0) 19.176 us | } Signed-off-by: Chi Zhiling Reviewed-by: Dave Chinner Signed-off-by: Carlos Maiolino commit 2a492ff66673c38a77d0815d67b9a8cce2ef57f8 Author: Ojaswin Mujoo Date: Tue Oct 15 15:15:09 2024 +0530 xfs: Check for delayed allocations before setting extsize Extsize should only be allowed to be set on files with no data in it. For this, we check if the files have extents but miss to check if delayed extents are present. This patch adds that check. While we are at it, also refactor this check into a helper since it's used in some other places as well like xfs_inactive() or xfs_ioctl_setattr_xflags() **Without the patch (SUCCEEDS)** $ xfs_io -c 'open -f testfile' -c 'pwrite 0 1024' -c 'extsize 65536' wrote 1024/1024 bytes at offset 0 1 KiB, 1 ops; 0.0002 sec (4.628 MiB/sec and 4739.3365 ops/sec) **With the patch (FAILS as expected)** $ xfs_io -c 'open -f testfile' -c 'pwrite 0 1024' -c 'extsize 65536' wrote 1024/1024 bytes at offset 0 1 KiB, 1 ops; 0.0002 sec (4.628 MiB/sec and 4739.3365 ops/sec) xfs_io: FS_IOC_FSSETXATTR testfile: Invalid argument Fixes: e94af02a9cd7 ("[XFS] fix old xfs_setattr mis-merge from irix; mostly harmless esp if not using xfs rt") Reviewed-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Reviewed-by: John Garry Signed-off-by: Ojaswin Mujoo Signed-off-by: Carlos Maiolino commit 72f7e16eccddde99386a10eb2d08833e805917c6 Author: Andrzej Kacprowski Date: Thu Oct 17 16:49:58 2024 +0200 accel/ivpu: Fix NOC firewall interrupt handling The NOC firewall interrupt means that the HW prevented unauthorized access to a protected resource, so there is no need to trigger device reset in such case. To facilitate security testing add firewall_irq_counter debugfs file that tracks firewall interrupts. Fixes: 8a27ad81f7d3 ("accel/ivpu: Split IP and buttress code") Cc: stable@vger.kernel.org # v6.11+ Signed-off-by: Andrzej Kacprowski Reviewed-by: Jacek Lawrynowicz Reviewed-by: Jeffrey Hugo Signed-off-by: Jacek Lawrynowicz Link: https://patchwork.freedesktop.org/patch/msgid/20241017144958.79327-1-jacek.lawrynowicz@linux.intel.com commit d0b98f6a17a5cb336121302bce0c97eb5fe32d16 Author: Eduard Zingerman Date: Tue Oct 29 12:39:11 2024 -0700 bpf: disallow 40-bytes extra stack for bpf_fastcall patterns Hou Tao reported an issue with bpf_fastcall patterns allowing extra stack space above MAX_BPF_STACK limit. This extra stack allowance is not integrated properly with the following verifier parts: - backtracking logic still assumes that stack can't exceed MAX_BPF_STACK; - bpf_verifier_env->scratched_stack_slots assumes only 64 slots are available. Here is an example of an issue with precision tracking (note stack slot -8 tracked as precise instead of -520): 0: (b7) r1 = 42 ; R1_w=42 1: (b7) r2 = 42 ; R2_w=42 2: (7b) *(u64 *)(r10 -512) = r1 ; R1_w=42 R10=fp0 fp-512_w=42 3: (7b) *(u64 *)(r10 -520) = r2 ; R2_w=42 R10=fp0 fp-520_w=42 4: (85) call bpf_get_smp_processor_id#8 ; R0_w=scalar(...) 5: (79) r2 = *(u64 *)(r10 -520) ; R2_w=42 R10=fp0 fp-520_w=42 6: (79) r1 = *(u64 *)(r10 -512) ; R1_w=42 R10=fp0 fp-512_w=42 7: (bf) r3 = r10 ; R3_w=fp0 R10=fp0 8: (0f) r3 += r2 mark_precise: frame0: last_idx 8 first_idx 0 subseq_idx -1 mark_precise: frame0: regs=r2 stack= before 7: (bf) r3 = r10 mark_precise: frame0: regs=r2 stack= before 6: (79) r1 = *(u64 *)(r10 -512) mark_precise: frame0: regs=r2 stack= before 5: (79) r2 = *(u64 *)(r10 -520) mark_precise: frame0: regs= stack=-8 before 4: (85) call bpf_get_smp_processor_id#8 mark_precise: frame0: regs= stack=-8 before 3: (7b) *(u64 *)(r10 -520) = r2 mark_precise: frame0: regs=r2 stack= before 2: (7b) *(u64 *)(r10 -512) = r1 mark_precise: frame0: regs=r2 stack= before 1: (b7) r2 = 42 9: R2_w=42 R3_w=fp42 9: (95) exit This patch disables the additional allowance for the moment. Also, two test cases are removed: - bpf_fastcall_max_stack_ok: it fails w/o additional stack allowance; - bpf_fastcall_max_stack_fail: this test is no longer necessary, stack size follows regular rules, pattern invalidation is checked by other test cases. Reported-by: Hou Tao Closes: https://lore.kernel.org/bpf/20241023022752.172005-1-houtao@huaweicloud.com/ Fixes: 5b5f51bff1b6 ("bpf: no_caller_saved_registers attribute for helper calls") Signed-off-by: Eduard Zingerman Acked-by: Andrii Nakryiko Tested-by: Hou Tao Link: https://lore.kernel.org/r/20241029193911.1575719-1-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit c1e939a21eb111a6d6067b38e8e04b8809b64c4e Merge: daa9f66fe194f6 3cc4e13bb1617f Author: Linus Torvalds Date: Tue Oct 29 16:41:30 2024 -1000 Merge tag 'cgroup-for-6.12-rc5-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup Pull cgroup fixes from Tejun Heo: - cgroup_bpf_release_fn() could saturate system_wq with cgrp->bpf.release_work which can then form a circular dependency leading to deadlocks. Fix by using a dedicated workqueue. The system_wq's max concurrency limit is being increased separately. - Fix theoretical off-by-one bug when enforcing max cgroup hierarchy depth * tag 'cgroup-for-6.12-rc5-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup: cgroup: Fix potential overflow issue when checking max_depth cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction commit daa9f66fe194f672d2c94d879b6dad7035e03ebe Merge: 7fbaacafbc55c5 c31f2ee5cd7da3 Author: Linus Torvalds Date: Tue Oct 29 16:35:40 2024 -1000 Merge tag 'sched_ext-for-6.12-rc5-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext Pull sched_ext fixes from Tejun Heo: - Instances of scx_ops_bypass() could race each other leading to misbehavior. Fix by protecting the operation with a spinlock. - selftest and userspace header fixes * tag 'sched_ext-for-6.12-rc5-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext: sched_ext: Fix enq_last_no_enq_fails selftest sched_ext: Make cast_mask() inline scx: Fix raciness in scx_ops_bypass() scx: Fix exit selftest to use custom DSQ sched_ext: Fix function pointer type mismatches in BPF selftests selftests/sched_ext: add order-only dependency of runner.o on BPFOBJ commit 7fbaacafbc55c56ca156a628a805f79a2cbe7103 Merge: 9251e3e93cf289 704573851b5180 Author: Linus Torvalds Date: Tue Oct 29 16:24:02 2024 -1000 Merge tag 'slab-for-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab Pull slab fixes from Vlastimil Babka: - Fix for a slub_kunit test warning with MEM_ALLOC_PROFILING_DEBUG (Pei Xiao) - Fix for a MTE-based KASAN BUG in krealloc() (Qun-Wei Lin) * tag 'slab-for-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab: mm: krealloc: Fix MTE false alarm in __do_krealloc slub/kunit: fix a WARNING due to unwrapped __kmalloc_cache_noprof commit 9251e3e93cf2892641539c184294838adedae415 Merge: d5b2ee0fe86351 01626a18230246 Author: Linus Torvalds Date: Tue Oct 29 16:19:15 2024 -1000 Merge tag 'mm-hotfixes-stable-2024-10-28-21-50' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull misc fixes from Andrew Morton: "21 hotfixes. 13 are cc:stable. 13 are MM and 8 are non-MM. No particular theme here - mainly singletons, a couple of doubletons. Please see the changelogs" * tag 'mm-hotfixes-stable-2024-10-28-21-50' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: (21 commits) mm: avoid unconditional one-tick sleep when swapcache_prepare fails mseal: update mseal.rst mm: split critical region in remap_file_pages() and invoke LSMs in between selftests/mm: fix deadlock for fork after pthread_create with atomic_bool Revert "selftests/mm: replace atomic_bool with pthread_barrier_t" Revert "selftests/mm: fix deadlock for fork after pthread_create on ARM" tools: testing: add expand-only mode VMA test mm/vma: add expand-only VMA merge mode and optimise do_brk_flags() resource,kexec: walk_system_ram_res_rev must retain resource flags nilfs2: fix kernel bug due to missing clearing of checked flag mm: numa_clear_kernel_node_hotplug: Add NUMA_NO_NODE check for node id ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow mm: shmem: fix data-race in shmem_getattr() mm: mark mas allocation in vms_abort_munmap_vmas as __GFP_NOFAIL x86/traps: move kmsan check after instrumentation_begin resource: remove dependency on SPARSEMEM from GET_FREE_REGION mm/mmap: fix race in mmap_region() with ftruncate() mm/page_alloc: let GFP_ATOMIC order-0 allocs access highatomic reserves fork: only invoke khugepaged, ksm hooks if no error fork: do not invoke uffd on fork if error occurs ... commit d5b2ee0fe863519be5e1c277d22609b048b61a2a Merge: e42b1a9a2557aa df745e25098dcb Author: Linus Torvalds Date: Tue Oct 29 16:04:24 2024 -1000 Merge tag 'tpmdd-next-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd Pull tpm fix from Jarkko Sakkinen: "Address a significant boot-time delay issue" Link: https://bugzilla.kernel.org/show_bug.cgi?id=219229 * tag 'tpmdd-next-6.12-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd: tpm: Lazily flush the auth session tpm: Rollback tpm2_load_null() tpm: Return tpm2_sessions_init() when null key creation fails commit c05c62850a8f035a267151dd86ea3daf887e28b8 Merge: 9ab5cf19fb0e46 cf44e745048df2 Author: Jakub Kicinski Date: Tue Oct 29 18:57:12 2024 -0700 Merge tag 'wireless-2024-10-29' of https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless Johannes Berg says: ==================== wireless fixes for v6.12-rc6 Another set of fixes, mostly iwlwifi: * fix infinite loop in 6 GHz scan if more than 255 colocated APs were reported * revert removal of retry loops for now to work around issues with firmware initialization on some devices/platforms * fix SAR table issues with some BIOSes * fix race in suspend/debug collection * fix memory leak in fw recovery * fix link ID leak in AP mode for older devices * fix sending TX power constraints * fix link handling in FW restart And also the stack: * fix setting TX power from userspace with the new chanctx emulation code for old-style drivers * fix a memory corruption bug due to structure embedding * fix CQM configuration double-free when moving between net namespaces * tag 'wireless-2024-10-29' of https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless: wifi: mac80211: ieee80211_i: Fix memory corruption bug in struct ieee80211_chanctx wifi: iwlwifi: mvm: fix 6 GHz scan construction wifi: cfg80211: clear wdev->cqm_config pointer on free mac80211: fix user-power when emulating chanctx Revert "wifi: iwlwifi: remove retry loops in start" wifi: iwlwifi: mvm: don't add default link in fw restart flow wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() wifi: iwlwifi: mvm: SAR table alignment wifi: iwlwifi: mvm: Use the sync timepoint API in suspend wifi: iwlwifi: mvm: really send iwl_txpower_constraints_cmd wifi: iwlwifi: mvm: don't leak a link on AP removal ==================== Link: https://patch.msgid.link/20241029093926.13750-3-johannes@sipsolutions.net Signed-off-by: Jakub Kicinski commit 9ab5cf19fb0e4680f95e506d6c544259bf1111c4 Author: Wang Liang Date: Wed Oct 23 11:52:13 2024 +0800 net: fix crash when config small gso_max_size/gso_ipv4_max_size Config a small gso_max_size/gso_ipv4_max_size will lead to an underflow in sk_dst_gso_max_size(), which may trigger a BUG_ON crash, because sk->sk_gso_max_size would be much bigger than device limits. Call Trace: tcp_write_xmit tso_segs = tcp_init_tso_segs(skb, mss_now); tcp_set_skb_tso_segs tcp_skb_pcount_set // skb->len = 524288, mss_now = 8 // u16 tso_segs = 524288/8 = 65535 -> 0 tso_segs = DIV_ROUND_UP(skb->len, mss_now) BUG_ON(!tso_segs) Add check for the minimum value of gso_max_size and gso_ipv4_max_size. Fixes: 46e6b992c250 ("rtnetlink: allow GSO maximums to be set on device creation") Fixes: 9eefedd58ae1 ("net: add gso_ipv4_max_size and gro_ipv4_max_size per device") Signed-off-by: Wang Liang Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20241023035213.517386-1-wangliang74@huawei.com Signed-off-by: Jakub Kicinski commit aec8e6bf839101784f3ef037dcdb9432c3f32343 Author: Zhihao Cheng Date: Mon Oct 21 22:02:15 2024 +0800 btrfs: fix use-after-free of block device file in __btrfs_free_extra_devids() Mounting btrfs from two images (which have the same one fsid and two different dev_uuids) in certain executing order may trigger an UAF for variable 'device->bdev_file' in __btrfs_free_extra_devids(). And following are the details: 1. Attach image_1 to loop0, attach image_2 to loop1, and scan btrfs devices by ioctl(BTRFS_IOC_SCAN_DEV): / btrfs_device_1 → loop0 fs_device \ btrfs_device_2 → loop1 2. mount /dev/loop0 /mnt btrfs_open_devices btrfs_device_1->bdev_file = btrfs_get_bdev_and_sb(loop0) btrfs_device_2->bdev_file = btrfs_get_bdev_and_sb(loop1) btrfs_fill_super open_ctree fail: btrfs_close_devices // -ENOMEM btrfs_close_bdev(btrfs_device_1) fput(btrfs_device_1->bdev_file) // btrfs_device_1->bdev_file is freed btrfs_close_bdev(btrfs_device_2) fput(btrfs_device_2->bdev_file) 3. mount /dev/loop1 /mnt btrfs_open_devices btrfs_get_bdev_and_sb(&bdev_file) // EIO, btrfs_device_1->bdev_file is not assigned, // which points to a freed memory area btrfs_device_2->bdev_file = btrfs_get_bdev_and_sb(loop1) btrfs_fill_super open_ctree btrfs_free_extra_devids if (btrfs_device_1->bdev_file) fput(btrfs_device_1->bdev_file) // UAF ! Fix it by setting 'device->bdev_file' as 'NULL' after closing the btrfs_device in btrfs_close_one_device(). Fixes: 142388194191 ("btrfs: do not background blkdev_put()") CC: stable@vger.kernel.org # 4.19+ Link: https://bugzilla.kernel.org/show_bug.cgi?id=219408 Signed-off-by: Zhihao Cheng Reviewed-by: David Sterba Signed-off-by: David Sterba commit d7f214aeacb984b9d42da0146e789f595eb09068 Author: Byeonguk Jeong Date: Sat Oct 26 14:04:58 2024 +0900 selftests/bpf: Add test for trie_get_next_key() Add a test for out-of-bounds write in trie_get_next_key() when a full path from root to leaf exists and bpf_map_get_next_key() is called with the leaf node. It may crashes the kernel on failure, so please run in a VM. Signed-off-by: Byeonguk Jeong Acked-by: Hou Tao Link: https://lore.kernel.org/r/Zxx4ep78tsbeWPVM@localhost.localdomain Signed-off-by: Alexei Starovoitov commit 13400ac8fb80c57c2bfb12ebd35ee121ce9b4d21 Author: Byeonguk Jeong Date: Sat Oct 26 14:02:43 2024 +0900 bpf: Fix out-of-bounds write in trie_get_next_key() trie_get_next_key() allocates a node stack with size trie->max_prefixlen, while it writes (trie->max_prefixlen + 1) nodes to the stack when it has full paths from the root to leaves. For example, consider a trie with max_prefixlen is 8, and the nodes with key 0x00/0, 0x00/1, 0x00/2, ... 0x00/8 inserted. Subsequent calls to trie_get_next_key with _key with .prefixlen = 8 make 9 nodes be written on the node stack with size 8. Fixes: b471f2f1de8b ("bpf: implement MAP_GET_NEXT_KEY command for LPM_TRIE map") Signed-off-by: Byeonguk Jeong Reviewed-by: Toke Høiland-Jørgensen Tested-by: Hou Tao Acked-by: Hou Tao Link: https://lore.kernel.org/r/Zxx384ZfdlFYnz6J@localhost.localdomain Signed-off-by: Alexei Starovoitov commit 63fab04cbd0f96191b6e5beedc3b643b01c15889 Author: Chuck Lever Date: Sat Oct 26 12:02:38 2024 -0400 NFSD: Initialize struct nfsd4_copy earlier Ensure the refcount and async_copies fields are initialized early. cleanup_async_copy() will reference these fields if an error occurs in nfsd4_copy(). If they are not correctly initialized, at the very least, a refcount underflow occurs. Reported-by: Olga Kornievskaia Fixes: aadc3bbea163 ("NFSD: Limit the number of concurrent async COPY operations") Reviewed-by: Jeff Layton Tested-by: Olga Kornievskaia Signed-off-by: Chuck Lever commit 2db63e92186d7201ee1cb2f5af11757c5e5a1020 Merge: cc8475a07cf348 107a5c853eef53 Author: Mark Brown Date: Tue Oct 29 19:18:48 2024 +0000 wcd937x codec fixes Merge series from Alexey Klimov : This sent as RFC because of the following: - regarding the LO switch patch. I've got info about that from two persons independently hence not sure what tags to put there and who should be the author. Please let me know if that needs to be corrected. - the wcd937x pdm watchdog is a problem for audio playback and needs to be fixed. The minimal fix would be to at least increase timeout value but it will still trigger in case of plenty of dbg messages or other delay-generating things. Unfortunately, I can't test HPHL/R outputs hence the patch is only for AUX. The other options would be introducing module parameter for debugging and using HOLD_OFF bit for that or adding Kconfig option. Alexey Klimov (2): ASoC: codecs: wcd937x: add missing LO Switch control ASoC: codecs: wcd937x: relax the AUX PDM watchdog sound/soc/codecs/wcd937x.c | 12 ++++++++++-- sound/soc/codecs/wcd937x.h | 4 ++++ 2 files changed, 14 insertions(+), 2 deletions(-) -- 2.45.2 commit 6b3f18a76be6bbd237c7594cf0bf2912b68084fe Author: Benoît Monin Date: Thu Oct 24 17:11:13 2024 +0200 net: usb: qmi_wwan: add Quectel RG650V Add support for Quectel RG650V which is based on Qualcomm SDX65 chip. The composition is DIAG / NMEA / AT / AT / QMI. T: Bus=02 Lev=01 Prnt=01 Port=03 Cnt=01 Dev#= 4 Spd=5000 MxCh= 0 D: Ver= 3.20 Cls=00(>ifc ) Sub=00 Prot=00 MxPS= 9 #Cfgs= 1 P: Vendor=2c7c ProdID=0122 Rev=05.15 S: Manufacturer=Quectel S: Product=RG650V-EU S: SerialNumber=xxxxxxx C: #Ifs= 5 Cfg#= 1 Atr=a0 MxPwr=896mA I: If#= 0 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=30 Driver=option E: Ad=01(O) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=81(I) Atr=02(Bulk) MxPS=1024 Ivl=0ms I: If#= 1 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=00 Prot=00 Driver=option E: Ad=02(O) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=82(I) Atr=02(Bulk) MxPS=1024 Ivl=0ms I: If#= 2 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option E: Ad=03(O) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=83(I) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=84(I) Atr=03(Int.) MxPS= 10 Ivl=9ms I: If#= 3 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option E: Ad=04(O) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=85(I) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=86(I) Atr=03(Int.) MxPS= 10 Ivl=9ms I: If#= 4 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=ff Driver=qmi_wwan E: Ad=05(O) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=87(I) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=88(I) Atr=03(Int.) MxPS= 8 Ivl=9ms Signed-off-by: Benoît Monin Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241024151113.53203-1-benoit.monin@gmx.fr Signed-off-by: Jakub Kicinski commit a13e690191eafc154b3f60afe9ce35aa9b9128b4 Author: Vladimir Oltean Date: Wed Oct 23 13:05:41 2024 +0300 net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext() This command: $ tc qdisc replace dev eth0 ingress_block 1 egress_block 1 clsact Error: block dev insert failed: -EBUSY. fails because user space requests the same block index to be set for both ingress and egress. [ side note, I don't think it even failed prior to commit 913b47d3424e ("net/sched: Introduce tc block netdev tracking infra"), because this is a command from an old set of notes of mine which used to work, but alas, I did not scientifically bisect this ] The problem is not that it fails, but rather, that the second time around, it fails differently (and irrecoverably): $ tc qdisc replace dev eth0 ingress_block 1 egress_block 1 clsact Error: dsa_core: Flow block cb is busy. [ another note: the extack is added by me for illustration purposes. the context of the problem is that clsact_init() obtains the same &q->ingress_block pointer as &q->egress_block, and since we call tcf_block_get_ext() on both of them, "dev" will be added to the block->ports xarray twice, thus failing the operation: once through the ingress block pointer, and once again through the egress block pointer. the problem itself is that when xa_insert() fails, we have emitted a FLOW_BLOCK_BIND command through ndo_setup_tc(), but the offload never sees a corresponding FLOW_BLOCK_UNBIND. ] Even correcting the bad user input, we still cannot recover: $ tc qdisc replace dev swp3 ingress_block 1 egress_block 2 clsact Error: dsa_core: Flow block cb is busy. Basically the only way to recover is to reboot the system, or unbind and rebind the net device driver. To fix the bug, we need to fill the correct error teardown path which was missed during code movement, and call tcf_block_offload_unbind() when xa_insert() fails. [ last note, fundamentally I blame the label naming convention in tcf_block_get_ext() for the bug. The labels should be named after what they do, not after the error path that jumps to them. This way, it is obviously wrong that two labels pointing to the same code mean something is wrong, and checking the code correctness at the goto site is also easier ] Fixes: 94e2557d086a ("net: sched: move block device tracking into tcf_block_get/put_ext()") Signed-off-by: Vladimir Oltean Reviewed-by: Simon Horman Acked-by: Jamal Hadi Salim Link: https://patch.msgid.link/20241023100541.974362-1-vladimir.oltean@nxp.com Signed-off-by: Jakub Kicinski commit 4ce1f56a1eaced2523329bef800d004e30f2f76c Author: Zichen Xie Date: Tue Oct 22 12:19:08 2024 -0500 netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write() This was found by a static analyzer. We should not forget the trailing zero after copy_from_user() if we will further do some string operations, sscanf() in this case. Adding a trailing zero will ensure that the function performs properly. Fixes: c6385c0b67c5 ("netdevsim: Allow reporting activity on nexthop buckets") Signed-off-by: Zichen Xie Reviewed-by: Petr Machata Reviewed-by: Ido Schimmel Link: https://patch.msgid.link/20241022171907.8606-1-zichenxie0106@gmail.com Signed-off-by: Jakub Kicinski commit 1fb315892d8395cec2dae04b0cb5558731aefb37 Author: Eduard Zingerman Date: Tue Oct 29 10:26:41 2024 -0700 selftests/bpf: Test with a very short loop The test added is a simplified reproducer from syzbot report [1]. If verifier does not insert checkpoint somewhere inside the loop, verification of the program would take a very long time. This would happen because mark_chain_precision() for register r7 would constantly trace jump history of the loop back, processing many iterations for each mark_chain_precision() call. [1] https://lore.kernel.org/bpf/670429f6.050a0220.49194.0517.GAE@google.com/ Signed-off-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Acked-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20241029172641.1042523-2-eddyz87@gmail.com commit aa30eb3260b2dea3a68d3c42a39f9a09c5e99cee Author: Eduard Zingerman Date: Tue Oct 29 10:26:40 2024 -0700 bpf: Force checkpoint when jmp history is too long A specifically crafted program might trick verifier into growing very long jump history within a single bpf_verifier_state instance. Very long jump history makes mark_chain_precision() unreasonably slow, especially in case if verifier processes a loop. Mitigate this by forcing new state in is_state_visited() in case if current state's jump history is too long. Use same constant as in `skip_inf_loop_check`, but multiply it by arbitrarily chosen value 2 to account for jump history containing not only information about jumps, but also information about stack access. For an example of problematic program consider the code below, w/o this patch the example is processed by verifier for ~15 minutes, before failing to allocate big-enough chunk for jmp_history. 0: r7 = *(u16 *)(r1 +0);" 1: r7 += 0x1ab064b9;" 2: if r7 & 0x702000 goto 1b; 3: r7 &= 0x1ee60e;" 4: r7 += r1;" 5: if r7 s> 0x37d2 goto +0;" 6: r0 = 0;" 7: exit;" Perf profiling shows that most of the time is spent in mark_chain_precision() ~95%. The easiest way to explain why this program causes problems is to apply the following patch: diff --git a/include/linux/bpf.h b/include/linux/bpf.h index 0c216e71cec7..4b4823961abe 100644 \--- a/include/linux/bpf.h \+++ b/include/linux/bpf.h \@@ -1926,7 +1926,7 @@ struct bpf_array { }; }; -#define BPF_COMPLEXITY_LIMIT_INSNS 1000000 /* yes. 1M insns */ +#define BPF_COMPLEXITY_LIMIT_INSNS 256 /* yes. 1M insns */ #define MAX_TAIL_CALL_CNT 33 /* Maximum number of loops for bpf_loop and bpf_iter_num. diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index f514247ba8ba..75e88be3bb3e 100644 \--- a/kernel/bpf/verifier.c \+++ b/kernel/bpf/verifier.c \@@ -18024,8 +18024,13 @@ static int is_state_visited(struct bpf_verifier_env *env, int insn_idx) skip_inf_loop_check: if (!force_new_state && env->jmps_processed - env->prev_jmps_processed < 20 && - env->insn_processed - env->prev_insn_processed < 100) + env->insn_processed - env->prev_insn_processed < 100) { + verbose(env, "is_state_visited: suppressing checkpoint at %d, %d jmps processed, cur->jmp_history_cnt is %d\n", + env->insn_idx, + env->jmps_processed - env->prev_jmps_processed, + cur->jmp_history_cnt); add_new_state = false; + } goto miss; } /* If sl->state is a part of a loop and this loop's entry is a part of \@@ -18142,6 +18147,9 @@ static int is_state_visited(struct bpf_verifier_env *env, int insn_idx) if (!add_new_state) return 0; + verbose(env, "is_state_visited: new checkpoint at %d, resetting env->jmps_processed\n", + env->insn_idx); + /* There were no equivalent states, remember the current one. * Technically the current state is not proven to be safe yet, * but it will either reach outer most bpf_exit (which means it's safe) And observe verification log: ... is_state_visited: new checkpoint at 5, resetting env->jmps_processed 5: R1=ctx() R7=ctx(...) 5: (65) if r7 s> 0x37d2 goto pc+0 ; R7=ctx(...) 6: (b7) r0 = 0 ; R0_w=0 7: (95) exit from 5 to 6: R1=ctx() R7=ctx(...) R10=fp0 6: R1=ctx() R7=ctx(...) R10=fp0 6: (b7) r0 = 0 ; R0_w=0 7: (95) exit is_state_visited: suppressing checkpoint at 1, 3 jmps processed, cur->jmp_history_cnt is 74 from 2 to 1: R1=ctx() R7_w=scalar(...) R10=fp0 1: R1=ctx() R7_w=scalar(...) R10=fp0 1: (07) r7 += 447767737 is_state_visited: suppressing checkpoint at 2, 3 jmps processed, cur->jmp_history_cnt is 75 2: R7_w=scalar(...) 2: (45) if r7 & 0x702000 goto pc-2 ... mark_precise 152 steps for r7 ... 2: R7_w=scalar(...) is_state_visited: suppressing checkpoint at 1, 4 jmps processed, cur->jmp_history_cnt is 75 1: (07) r7 += 447767737 is_state_visited: suppressing checkpoint at 2, 4 jmps processed, cur->jmp_history_cnt is 76 2: R7_w=scalar(...) 2: (45) if r7 & 0x702000 goto pc-2 ... BPF program is too large. Processed 257 insn The log output shows that checkpoint at label (1) is never created, because it is suppressed by `skip_inf_loop_check` logic: a. When 'if' at (2) is processed it pushes a state with insn_idx (1) onto stack and proceeds to (3); b. At (5) checkpoint is created, and this resets env->{jmps,insns}_processed. c. Verification proceeds and reaches `exit`; d. State saved at step (a) is popped from stack and is_state_visited() considers if checkpoint needs to be added, but because env->{jmps,insns}_processed had been just reset at step (b) the `skip_inf_loop_check` logic forces `add_new_state` to false. e. Verifier proceeds with current state, which slowly accumulates more and more entries in the jump history. The accumulation of entries in the jump history is a problem because of two factors: - it eventually exhausts memory available for kmalloc() allocation; - mark_chain_precision() traverses the jump history of a state, meaning that if `r7` is marked precise, verifier would iterate ever growing jump history until parent state boundary is reached. (note: the log also shows a REG INVARIANTS VIOLATION warning upon jset processing, but that's another bug to fix). With this patch applied, the example above is rejected by verifier under 1s of time, reaching 1M instructions limit. The program is a simplified reproducer from syzbot report. Previous discussion could be found at [1]. The patch does not cause any changes in verification performance, when tested on selftests from veristat.cfg and cilium programs taken from [2]. [1] https://lore.kernel.org/bpf/20241009021254.2805446-1-eddyz87@gmail.com/ [2] https://github.com/anakryiko/cilium Changelog: - v1 -> v2: - moved patch to bpf tree; - moved force_new_state variable initialization after declaration and shortened the comment. v1: https://lore.kernel.org/bpf/20241018020307.1766906-1-eddyz87@gmail.com/ Fixes: 2589726d12a1 ("bpf: introduce bounded loops") Reported-by: syzbot+7e46cdef14bf496a3ab4@syzkaller.appspotmail.com Signed-off-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Acked-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20241029172641.1042523-1-eddyz87@gmail.com Closes: https://lore.kernel.org/bpf/670429f6.050a0220.49194.0517.GAE@google.com/ commit 2e95c4384438adeaa772caa560244b1a2efef816 Author: Pedro Tammela Date: Thu Oct 24 12:55:47 2024 -0400 net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed to be either root or ingress. This assumption is bogus since it's valid to create egress qdiscs with major handle ffff: Budimir Markovic found that for qdiscs like DRR that maintain an active class list, it will cause a UAF with a dangling class pointer. In 066a3b5b2346, the concern was to avoid iterating over the ingress qdisc since its parent is itself. The proper fix is to stop when parent TC_H_ROOT is reached because the only way to retrieve ingress is when a hierarchy which does not contain a ffff: major handle call into qdisc_lookup with TC_H_MAJ(TC_H_ROOT). In the scenario where major ffff: is an egress qdisc in any of the tree levels, the updates will also propagate to TC_H_ROOT, which then the iteration must stop. Fixes: 066a3b5b2346 ("[NET_SCHED] sch_api: fix qdisc_tree_decrease_qlen() loop") Reported-by: Budimir Markovic Suggested-by: Jamal Hadi Salim Tested-by: Victor Nogueira Signed-off-by: Pedro Tammela Signed-off-by: Jamal Hadi Salim net/sched/sch_api.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241024165547.418570-1-jhs@mojatatu.com Signed-off-by: Jakub Kicinski commit c59d72d0a4fbaa5fd7a04b2d13cfc101d01310db Author: Florian Westphal Date: Tue Oct 22 17:23:18 2024 +0200 selftests: netfilter: nft_flowtable.sh: make first pass deterministic The CI occasionaly encounters a failing test run. Example: # PASS: ipsec tunnel mode for ns1/ns2 # re-run with random mtus: -o 10966 -l 19499 -r 31322 # PASS: flow offloaded for ns1/ns2 [..] # FAIL: ipsec tunnel ... counter 1157059 exceeds expected value 878489 This script will re-exec itself, on the second run, random MTUs are chosen for the involved links. This is done so we can cover different combinations (large mtu on client, small on server, link has lowest mtu, etc). Furthermore, file size is random, even for the first run. Rework this script and always use the same file size on initial run so that at least the first round can be expected to have reproducible behavior. Second round will use random mtu/filesize. Raise the failure limit to that of the file size, this should avoid all errneous test errors. Currently, first fin will remove the offload, so if one peer is already closing remaining data is handled by classic path, which result in larger-than-expected counter and a test failure. Given packet path also counts tcp/ip headers, in case offload is completely broken this test will still fail (as expected). The test counter limit could be made more strict again in the future once flowtable can keep a connection in offloaded state until FINs in both directions were seen. Signed-off-by: Florian Westphal Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241022152324.13554-1-fw@strlen.de Signed-off-by: Jakub Kicinski commit 7515e37bce5c428a56a9b04ea7e96b3f53f17150 Author: Pablo Neira Ayuso Date: Tue Oct 22 16:48:25 2024 +0200 gtp: allow -1 to be specified as file description from userspace Existing user space applications maintained by the Osmocom project are breaking since a recent fix that addresses incorrect error checking. Restore operation for user space programs that specify -1 as file descriptor to skip GTPv0 or GTPv1 only sockets. Fixes: defd8b3c37b0 ("gtp: fix a potential NULL pointer dereference") Reported-by: Pau Espin Pedrol Signed-off-by: Pablo Neira Ayuso Tested-by: Oliver Smith Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241022144825.66740-1-pablo@netfilter.org Signed-off-by: Jakub Kicinski commit 01e215975fd80af81b5b79f009d49ddd35976c13 Author: Matt Johnston Date: Tue Oct 22 18:25:14 2024 +0800 mctp i2c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case the tx packet should be dropped. saddr will usually be set by MCTP core, but check for NULL in case a packet is transmitted by a different protocol. Fixes: f5b8abf9fc3d ("mctp i2c: MCTP I2C binding driver") Cc: stable@vger.kernel.org Reported-by: Dung Cao Signed-off-by: Matt Johnston Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241022-mctp-i2c-null-dest-v3-1-e929709956c5@codeconstruct.com.au Signed-off-by: Jakub Kicinski commit 90e0569dd3d32f4f4d2ca691d3fa5a8a14a13c12 Author: Ido Schimmel Date: Wed Oct 23 15:30:09 2024 +0300 ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() The per-netns IP tunnel hash table is protected by the RTNL mutex and ip_tunnel_find() is only called from the control path where the mutex is taken. Add a lockdep expression to hlist_for_each_entry_rcu() in ip_tunnel_find() in order to validate that the mutex is held and to silence the suspicious RCU usage warning [1]. [1] WARNING: suspicious RCU usage 6.12.0-rc3-custom-gd95d9a31aceb #139 Not tainted ----------------------------- net/ipv4/ip_tunnel.c:221 RCU-list traversed in non-reader section!! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 1 lock held by ip/362: #0: ffffffff86fc7cb0 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x377/0xf60 stack backtrace: CPU: 12 UID: 0 PID: 362 Comm: ip Not tainted 6.12.0-rc3-custom-gd95d9a31aceb #139 Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 Call Trace: dump_stack_lvl+0xba/0x110 lockdep_rcu_suspicious.cold+0x4f/0xd6 ip_tunnel_find+0x435/0x4d0 ip_tunnel_newlink+0x517/0x7a0 ipgre_newlink+0x14c/0x170 __rtnl_newlink+0x1173/0x19c0 rtnl_newlink+0x6c/0xa0 rtnetlink_rcv_msg+0x3cc/0xf60 netlink_rcv_skb+0x171/0x450 netlink_unicast+0x539/0x7f0 netlink_sendmsg+0x8c1/0xd80 ____sys_sendmsg+0x8f9/0xc20 ___sys_sendmsg+0x197/0x1e0 __sys_sendmsg+0x122/0x1f0 do_syscall_64+0xbb/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Fixes: c54419321455 ("GRE: Refactor GRE tunneling code.") Suggested-by: Eric Dumazet Signed-off-by: Ido Schimmel Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20241023123009.749764-1-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit ad4a3ca6a8e886f6491910a3ae5d53595e40597d Author: Ido Schimmel Date: Tue Oct 22 09:38:22 2024 +0300 ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() There are code paths from which the function is called without holding the RCU read lock, resulting in a suspicious RCU usage warning [1]. Fix by using l3mdev_master_upper_ifindex_by_index() which will acquire the RCU read lock before calling l3mdev_master_upper_ifindex_by_index_rcu(). [1] WARNING: suspicious RCU usage 6.12.0-rc3-custom-gac8f72681cf2 #141 Not tainted ----------------------------- net/core/dev.c:876 RCU-list traversed in non-reader section!! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 1 lock held by ip/361: #0: ffffffff86fc7cb0 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x377/0xf60 stack backtrace: CPU: 3 UID: 0 PID: 361 Comm: ip Not tainted 6.12.0-rc3-custom-gac8f72681cf2 #141 Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 Call Trace: dump_stack_lvl+0xba/0x110 lockdep_rcu_suspicious.cold+0x4f/0xd6 dev_get_by_index_rcu+0x1d3/0x210 l3mdev_master_upper_ifindex_by_index_rcu+0x2b/0xf0 ip_tunnel_bind_dev+0x72f/0xa00 ip_tunnel_newlink+0x368/0x7a0 ipgre_newlink+0x14c/0x170 __rtnl_newlink+0x1173/0x19c0 rtnl_newlink+0x6c/0xa0 rtnetlink_rcv_msg+0x3cc/0xf60 netlink_rcv_skb+0x171/0x450 netlink_unicast+0x539/0x7f0 netlink_sendmsg+0x8c1/0xd80 ____sys_sendmsg+0x8f9/0xc20 ___sys_sendmsg+0x197/0x1e0 __sys_sendmsg+0x122/0x1f0 do_syscall_64+0xbb/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Fixes: db53cd3d88dc ("net: Handle l3mdev in ip_tunnel_init_flow") Signed-off-by: Ido Schimmel Reviewed-by: David Ahern Link: https://patch.msgid.link/20241022063822.462057-1-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 2e8a1acea8597ff42189ea94f0a63fa58640223d Author: Kevin Brodsky Date: Tue Oct 29 14:45:35 2024 +0000 arm64: signal: Improve POR_EL0 handling to avoid uaccess failures Reset POR_EL0 to "allow all" before writing the signal frame, preventing spurious uaccess failures. When POE is supported, the POR_EL0 register constrains memory accesses based on the target page's POIndex (pkey). This raises the question: what constraints should apply to a signal handler? The current answer is that POR_EL0 is reset to POR_EL0_INIT when invoking the handler, giving it full access to POIndex 0. This is in line with x86's MPK support and remains unchanged. This is only part of the story, though. POR_EL0 constrains all unprivileged memory accesses, meaning that uaccess routines such as put_user() are also impacted. As a result POR_EL0 may prevent the signal frame from being written to the signal stack (ultimately causing a SIGSEGV). This is especially concerning when an alternate signal stack is used, because userspace may want to prevent access to it outside of signal handlers. There is currently no provision for that: POR_EL0 is reset after writing to the stack, and POR_EL0_INIT only enables access to POIndex 0. This patch ensures that POR_EL0 is reset to its most permissive state before the signal stack is accessed. Once the signal frame has been fully written, POR_EL0 is still set to POR_EL0_INIT - it is up to the signal handler to enable access to additional pkeys if needed. As to sigreturn(), it expects having access to the stack like any other syscall; we only need to ensure that POR_EL0 is restored from the signal frame after all uaccess calls. This approach is in line with the recent x86/pkeys series [1]. Resetting POR_EL0 early introduces some complications, in that we can no longer read the register directly in preserve_poe_context(). This is addressed by introducing a struct (user_access_state) and helpers to manage any such register impacting user accesses (uaccess and accesses in userspace). Things look like this on signal delivery: 1. Save original POR_EL0 into struct [save_reset_user_access_state()] 2. Set POR_EL0 to "allow all" [save_reset_user_access_state()] 3. Create signal frame 4. Write saved POR_EL0 value to the signal frame [preserve_poe_context()] 5. Finalise signal frame 6. If all operations succeeded: a. Set POR_EL0 to POR_EL0_INIT [set_handler_user_access_state()] b. Else reset POR_EL0 to its original value [restore_user_access_state()] If any step fails when setting up the signal frame, the process will be sent a SIGSEGV, which it may be able to handle. Step 6.b ensures that the original POR_EL0 is saved in the signal frame when delivering that SIGSEGV (so that the original value is restored by sigreturn). The return path (sys_rt_sigreturn) doesn't strictly require any change since restore_poe_context() is already called last. However, to avoid uaccess calls being accidentally added after that point, we use the same approach as in the delivery path, i.e. separating uaccess from writing to the register: 1. Read saved POR_EL0 value from the signal frame [restore_poe_context()] 2. Set POR_EL0 to the saved value [restore_user_access_state()] [1] https://lore.kernel.org/lkml/20240802061318.2140081-1-aruna.ramakrishna@oracle.com/ Fixes: 9160f7e909e1 ("arm64: add POE signal support") Reviewed-by: Catalin Marinas Signed-off-by: Kevin Brodsky Link: https://lore.kernel.org/r/20241029144539.111155-2-kevin.brodsky@arm.com Signed-off-by: Will Deacon commit a32aee8f0d987a7cba7fcc28002553361a392048 Author: Jiayuan Chen Date: Mon Oct 28 14:52:26 2024 +0800 bpf: fix filed access without lock The tcp_bpf_recvmsg_parser() function, running in user context, retrieves seq_copied from tcp_sk without holding the socket lock, and stores it in a local variable seq. However, the softirq context can modify tcp_sk->seq_copied concurrently, for example, n tcp_read_sock(). As a result, the seq value is stale when it is assigned back to tcp_sk->copied_seq at the end of tcp_bpf_recvmsg_parser(), leading to incorrect behavior. Due to concurrency, the copied_seq field in tcp_bpf_recvmsg_parser() might be set to an incorrect value (less than the actual copied_seq) at the end of function: 'WRITE_ONCE(tcp->copied_seq, seq)'. This causes the 'offset' to be negative in tcp_read_sock()->tcp_recv_skb() when processing new incoming packets (sk->copied_seq - skb->seq becomes less than 0), and all subsequent packets will be dropped. Signed-off-by: Jiayuan Chen Link: https://lore.kernel.org/r/20241028065226.35568-1-mrpre@163.com Signed-off-by: Martin KaFai Lau commit fce9642c765a18abd1db0339a7d832c29b68456a Author: Arnd Bergmann Date: Tue Oct 29 09:23:20 2024 +0000 x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB node_to_amd_nb() is defined to NULL in non-AMD configs: drivers/platform/x86/amd/hsmp/plat.c: In function 'init_platform_device': drivers/platform/x86/amd/hsmp/plat.c:165:68: error: dereferencing 'void *' pointer [-Werror] 165 | sock->root = node_to_amd_nb(i)->root; | ^~ drivers/platform/x86/amd/hsmp/plat.c:165:68: error: request for member 'root' in something not a structure or union Users of the interface who also allow COMPILE_TEST will cause the above build error so provide an inline stub to fix that. [ bp: Massage commit message. ] Signed-off-by: Arnd Bergmann Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20241029092329.3857004-1-arnd@kernel.org commit f3c3ccc4fe49dbc560b01d16bebd1b116c46c2b4 Author: Jason Gunthorpe Date: Wed Oct 16 20:52:33 2024 -0300 PCI: Fix pci_enable_acs() support for the ACS quirks There are ACS quirks that hijack the normal ACS processing and deliver to to special quirk code. The enable path needs to call pci_dev_specific_enable_acs() and then pci_dev_specific_acs_enabled() will report the hidden ACS state controlled by the quirk. The recent rework got this out of order and we should try to call pci_dev_specific_enable_acs() regardless of any actual ACS support in the device. As before command line parameters that effect standard PCI ACS don't interact with the quirk versions, including the new config_acs= option. Link: https://lore.kernel.org/r/0-v1-f96b686c625b+124-pci_acs_quirk_fix_jgg@nvidia.com Fixes: 47c8846a49ba ("PCI: Extend ACS configurability") Reported-by: Jiri Slaby Closes: https://lore.kernel.org/all/e89107da-ac99-4d3a-9527-a4df9986e120@kernel.org Closes: https://bugzilla.suse.com/show_bug.cgi?id=1229019 Tested-by: Steffen Dirkwinkel Signed-off-by: Jason Gunthorpe Signed-off-by: Bjorn Helgaas commit 177f25d1292c7e16e1199b39c85480f7f8815552 Author: Jiri Kosina Date: Tue Oct 29 15:44:35 2024 +0100 HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report. Fixes: 27ce405039bf ("HID: fix data access in implement()") Reported-by: Benoît Sevens Acked-by: Benjamin Tissoires Signed-off-by: Jiri Kosina commit bacccddbbcc3c853828745be325b24f85c8714c6 Merge: 66600fac7a984d 6e58c33106220c Author: Paolo Abeni Date: Tue Oct 29 15:24:55 2024 +0100 Merge branch 'intel-wired-lan-driver-fixes-2024-10-21-igb-ice' Jacob Keller says: ==================== Intel Wired LAN Driver Fixes 2024-10-21 (igb, ice) This series includes fixes for the ice and igb drivers. Wander fixes an issue in igb when operating on PREEMPT_RT kernels due to the PREEMPT_RT kernel switching IRQs to be threaded by default. Michal fixes the ice driver to block subfunction port creation when the PF is operating in legacy (non-switchdev) mode. Arkadiusz fixes a crash when loading the ice driver on an E810 LOM which has DPLL enabled. Signed-off-by: Jacob Keller ==================== Link: https://patch.msgid.link/20241021-iwl-2024-10-21-iwl-net-fixes-v1-0-a50cb3059f55@intel.com Signed-off-by: Paolo Abeni commit 6e58c33106220c6c0c8fbee9ab63eae76ad8f260 Author: Arkadiusz Kubalewski Date: Mon Oct 21 16:26:26 2024 -0700 ice: fix crash on probe for DPLL enabled E810 LOM The E810 Lan On Motherboard (LOM) design is vendor specific. Intel provides the reference design, but it is up to vendor on the final product design. For some cases, like Linux DPLL support, the static values defined in the driver does not reflect the actual LOM design. Current implementation of dpll pins is causing the crash on probe of the ice driver for such DPLL enabled E810 LOM designs: WARNING: (...) at drivers/dpll/dpll_core.c:495 dpll_pin_get+0x2c4/0x330 ... Call Trace: ? __warn+0x83/0x130 ? dpll_pin_get+0x2c4/0x330 ? report_bug+0x1b7/0x1d0 ? handle_bug+0x42/0x70 ? exc_invalid_op+0x18/0x70 ? asm_exc_invalid_op+0x1a/0x20 ? dpll_pin_get+0x117/0x330 ? dpll_pin_get+0x2c4/0x330 ? dpll_pin_get+0x117/0x330 ice_dpll_get_pins.isra.0+0x52/0xe0 [ice] ... The number of dpll pins enabled by LOM vendor is greater than expected and defined in the driver for Intel designed NICs, which causes the crash. Prevent the crash and allow generic pin initialization within Linux DPLL subsystem for DPLL enabled E810 LOM designs. Newly designed solution for described issue will be based on "per HW design" pin initialization. It requires pin information dynamically acquired from the firmware and is already in progress, planned for next-tree only. Fixes: d7999f5ea64b ("ice: implement dpll interface to control cgu") Reviewed-by: Karol Kolacinski Signed-off-by: Arkadiusz Kubalewski Tested-by: Pucha Himasekhar Reddy Signed-off-by: Jacob Keller Reviewed-by: Simon Horman Signed-off-by: Paolo Abeni commit 3e13a8c0a5263827380c5090d822a92cb13767dd Author: Michal Swiatkowski Date: Mon Oct 21 16:26:25 2024 -0700 ice: block SF port creation in legacy mode There is no support for SF in legacy mode. Reflect it in the code. Reviewed-by: Przemek Kitszel Fixes: eda69d654c7e ("ice: add basic devlink subfunctions support") Signed-off-by: Michal Swiatkowski Reviewed-by: Kalesh AP Tested-by: Rafal Romanowski Signed-off-by: Jacob Keller Reviewed-by: Simon Horman Signed-off-by: Paolo Abeni commit 338c4d3902feb5be49bfda530a72c7ab860e2c9f Author: Wander Lairson Costa Date: Mon Oct 21 16:26:24 2024 -0700 igb: Disable threaded IRQ for igb_msix_other During testing of SR-IOV, Red Hat QE encountered an issue where the ip link up command intermittently fails for the igbvf interfaces when using the PREEMPT_RT variant. Investigation revealed that e1000_write_posted_mbx returns an error due to the lack of an ACK from e1000_poll_for_ack. The underlying issue arises from the fact that IRQs are threaded by default under PREEMPT_RT. While the exact hardware details are not available, it appears that the IRQ handled by igb_msix_other must be processed before e1000_poll_for_ack times out. However, e1000_write_posted_mbx is called with preemption disabled, leading to a scenario where the IRQ is serviced only after the failure of e1000_write_posted_mbx. To resolve this, we set IRQF_NO_THREAD for the affected interrupt, ensuring that the kernel handles it immediately, thereby preventing the aforementioned error. Reproducer: #!/bin/bash # echo 2 > /sys/class/net/ens14f0/device/sriov_numvfs ipaddr_vlan=3 nic_test=ens14f0 vf=${nic_test}v0 while true; do ip link set ${nic_test} mtu 1500 ip link set ${vf} mtu 1500 ip link set $vf up ip link set ${nic_test} vf 0 vlan ${ipaddr_vlan} ip addr add 172.30.${ipaddr_vlan}.1/24 dev ${vf} ip addr add 2021:db8:${ipaddr_vlan}::1/64 dev ${vf} if ! ip link show $vf | grep 'state UP'; then echo 'Error found' break fi ip link set $vf down done Signed-off-by: Wander Lairson Costa Fixes: 9d5c824399de ("igb: PCI-Express 82575 Gigabit Ethernet driver") Reported-by: Yuying Ma Reviewed-by: Przemek Kitszel Tested-by: Rafal Romanowski Signed-off-by: Jacob Keller Reviewed-by: Simon Horman Signed-off-by: Paolo Abeni commit 6a9d2e2988fa3ef9b03ddd9ba9aaa54dc23635e6 Author: Imre Deak Date: Wed Oct 9 22:43:58 2024 +0300 drm/xe/display: Add missing HPD interrupt enabling during non-d3cold RPM resume Atm the display HPD interrupts that got disabled during runtime suspend, are re-enabled only if d3cold is enabled. Fix things by also re-enabling the interrupts if d3cold is disabled. Cc: Rodrigo Vivi Reviewed-by: Jonathan Cavitt Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20241009194358.1321200-5-imre.deak@intel.com (cherry picked from commit bbc4a30de095f0349d3c278500345a1b620d495e) Signed-off-by: Lucas De Marchi commit dcb6c1d071712186c213c26b245779f7859b9cec Author: Imre Deak Date: Wed Oct 9 22:43:57 2024 +0300 drm/xe/display: Separate the d3cold and non-d3cold runtime PM handling For clarity separate the d3cold and non-d3cold runtime PM handling. The only change in behavior is disabling polling later during runtime resume. This shouldn't make a difference, since the poll disabling is handled from a work, which could run at any point wrt. the runtime resume handler. The work will also require a runtime PM reference, syncing it with the resume handler. Cc: Rodrigo Vivi Reviewed-by: Jonathan Cavitt Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20241009194358.1321200-4-imre.deak@intel.com (cherry picked from commit a4de6beb83fc5adee788518350247c629568901e) Signed-off-by: Lucas De Marchi commit 25f2ff53838ccbd5ce558b5d23fac8a5d7f86655 Author: Maarten Lankhorst Date: Thu Sep 5 17:00:50 2024 +0200 drm/xe: Remove runtime argument from display s/r functions The previous change ensures that pm_suspend is only called when suspending or resuming. This ensures no further bugs like those in the previous commit. Signed-off-by: Maarten Lankhorst Reviewed-by: Lucas De Marchi Reviewed-by: Vinod Govindapillai Link: https://patchwork.freedesktop.org/patch/msgid/20240905150052.174895-3-maarten.lankhorst@linux.intel.com (cherry picked from commit f90491d4b64e302e940133103d3d9908e70e454f) Signed-off-by: Lucas De Marchi commit 107a5c853eef5336a9846e7dd2f9184b6e3c07c7 Author: Alexey Klimov Date: Tue Oct 22 04:31:31 2024 +0100 ASoC: codecs: wcd937x: relax the AUX PDM watchdog On a system with wcd937x, rxmacro and Qualcomm audio DSP, which is pretty common set of devices on Qualcomm platforms, and due to the order of how DAPM widgets are powered on (they are sorted), there is a small time window when wcd937x chip is online and expects the flow of incoming data but rxmacro is not yet online. When wcd937x is programmed to receive data via AUX port then its AUX PDM watchdog is enabled in wcd937x_codec_enable_aux_pa(). If due to some reasons the rxmacro and soundwire machinery are delayed to start streaming data, then there is a chance for this AUX PDM watchdog to reset the wcd937x codec. Such event is not logged as a message and only wcd937x IRQ counter is increased however there could be a lot of other reasons for that IRQ. There is a similar opportunity for such delay during DAPM widgets power down sequence. If wcd937x codec reset happens on the start of the playback, then there will be no sound and if such reset happens at the end of a playback then it may generate additional clicks and pops noises. On qrb4210 RB2 board without any debugging bits the wcd937x resets are sometimes observed at the end of a playback though not always. With some debugging messages or with some tracing enabled the AUX PDM watchdog resets the wcd937x codec at the start of a playback and there is no sound output at all. In this patch: - TIMEOUT_SEL bit in PDM_WD_CTL2 register is set to increase the watchdog reset delay to 100ms which eliminates the AUX PDM watchdog IRQs on qrb4210 RB2 board completely and decreases the number of unwanted clicks noises; - HOLD_OFF bit postpones triggering such watchdog IRQ till wcd937x codec reset which usually happens at the end of a playback. This allows to actually output some sound in case of debugging. Cc: Adam Skladowski Cc: Mohammad Rafi Shaik Cc: Prasad Kumpatla Cc: Srinivas Kandagatla Signed-off-by: Alexey Klimov Link: https://patch.msgid.link/20241022033132.787416-3-alexey.klimov@linaro.org Signed-off-by: Mark Brown commit 041db4bbe04e8e0b48350b3bbbd9a799794d5c1e Author: Alexey Klimov Date: Tue Oct 22 04:31:30 2024 +0100 ASoC: codecs: wcd937x: add missing LO Switch control The wcd937x supports also AUX input but the control that sets correct soundwire port for this is missing. This control is required for audio playback, for instance, on qrb4210 RB2 board as well as on other SoCs. Reported-by: Adam Skladowski Reported-by: Prasad Kumpatla Suggested-by: Adam Skladowski Suggested-by: Prasad Kumpatla Cc: Srinivas Kandagatla Cc: Mohammad Rafi Shaik Signed-off-by: Alexey Klimov Link: https://patch.msgid.link/20241022033132.787416-2-alexey.klimov@linaro.org Signed-off-by: Mark Brown commit 5db91545ef8150c45a526675ef99e8998b648a41 Author: Aboorva Devarajan Date: Sat Oct 26 00:20:20 2024 +0530 sched: Pass correct scheduling policy to __setscheduler_class Commit 98442f0ccd82 ("sched: Fix delayed_dequeue vs switched_from_fair()") overlooked that __setscheduler_prio(), now __setscheduler_class() relies on p->policy for task_should_scx(), and moved the call before __setscheduler_params() updates it, causing it to be using the old p->policy value. Resolve this by changing task_should_scx() to take the policy itself instead of a task pointer, such that __sched_setscheduler() can pass in the updated policy. Fixes: 98442f0ccd82 ("sched: Fix delayed_dequeue vs switched_from_fair()") Signed-off-by: Aboorva Devarajan Signed-off-by: Peter Zijlstra (Intel) Acked-by: Tejun Heo commit cc8475a07cf34891bf11a63025659d3537b638ef Author: Dmitry Yashin Date: Tue Oct 29 02:33:12 2024 +0500 ASoC: dt-bindings: rockchip,rk3308-codec: add port property Fix DTB warnings when rk3308-codec used with audio-graph-card by documenting port property: codec@ff560000: 'port' does not match any of the regexes: 'pinctrl-[0-9]+' Signed-off-by: Dmitry Yashin Reviewed-by: Luca Ceresoli Link: https://patch.msgid.link/20241028213314.476776-2-dmt.yashin@gmail.com Signed-off-by: Mark Brown commit 1c10941e34c5fdc0357e46a25bd130d9cf40b925 Author: Pierre Gondois Date: Mon Oct 28 13:56:56 2024 +0100 ACPI: CPPC: Make rmw_lock a raw_spin_lock The following BUG was triggered: ============================= [ BUG: Invalid wait context ] 6.12.0-rc2-XXX #406 Not tainted ----------------------------- kworker/1:1/62 is trying to lock: ffffff8801593030 (&cpc_ptr->rmw_lock){+.+.}-{3:3}, at: cpc_write+0xcc/0x370 other info that might help us debug this: context-{5:5} 2 locks held by kworker/1:1/62: #0: ffffff897ef5ec98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2c/0x50 #1: ffffff880154e238 (&sg_policy->update_lock){....}-{2:2}, at: sugov_update_shared+0x3c/0x280 stack backtrace: CPU: 1 UID: 0 PID: 62 Comm: kworker/1:1 Not tainted 6.12.0-rc2-g9654bd3e8806 #406 Workqueue: 0x0 (events) Call trace: dump_backtrace+0xa4/0x130 show_stack+0x20/0x38 dump_stack_lvl+0x90/0xd0 dump_stack+0x18/0x28 __lock_acquire+0x480/0x1ad8 lock_acquire+0x114/0x310 _raw_spin_lock+0x50/0x70 cpc_write+0xcc/0x370 cppc_set_perf+0xa0/0x3a8 cppc_cpufreq_fast_switch+0x40/0xc0 cpufreq_driver_fast_switch+0x4c/0x218 sugov_update_shared+0x234/0x280 update_load_avg+0x6ec/0x7b8 dequeue_entities+0x108/0x830 dequeue_task_fair+0x58/0x408 __schedule+0x4f0/0x1070 schedule+0x54/0x130 worker_thread+0xc0/0x2e8 kthread+0x130/0x148 ret_from_fork+0x10/0x20 sugov_update_shared() locks a raw_spinlock while cpc_write() locks a spinlock. To have a correct wait-type order, update rmw_lock to a raw spinlock and ensure that interrupts will be disabled on the CPU holding it. Fixes: 60949b7b8054 ("ACPI: CPPC: Fix MASK_VAL() usage") Signed-off-by: Pierre Gondois Link: https://patch.msgid.link/20241028125657.1271512-1-pierre.gondois@arm.com [ rjw: Changelog edits ] Signed-off-by: Rafael J. Wysocki commit 3b05949ba39f305b585452d0e177470607842165 Author: Benoît Monin Date: Thu Oct 24 17:09:19 2024 +0200 USB: serial: option: add Quectel RG650V Add support for Quectel RG650V which is based on Qualcomm SDX65 chip. The composition is DIAG / NMEA / AT / AT / QMI. T: Bus=02 Lev=01 Prnt=01 Port=03 Cnt=01 Dev#= 4 Spd=5000 MxCh= 0 D: Ver= 3.20 Cls=00(>ifc ) Sub=00 Prot=00 MxPS= 9 #Cfgs= 1 P: Vendor=2c7c ProdID=0122 Rev=05.15 S: Manufacturer=Quectel S: Product=RG650V-EU S: SerialNumber=xxxxxxx C: #Ifs= 5 Cfg#= 1 Atr=a0 MxPwr=896mA I: If#= 0 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=30 Driver=option E: Ad=01(O) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=81(I) Atr=02(Bulk) MxPS=1024 Ivl=0ms I: If#= 1 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=00 Prot=00 Driver=option E: Ad=02(O) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=82(I) Atr=02(Bulk) MxPS=1024 Ivl=0ms I: If#= 2 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option E: Ad=03(O) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=83(I) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=84(I) Atr=03(Int.) MxPS= 10 Ivl=9ms I: If#= 3 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option E: Ad=04(O) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=85(I) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=86(I) Atr=03(Int.) MxPS= 10 Ivl=9ms I: If#= 4 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=ff Driver=qmi_wwan E: Ad=05(O) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=87(I) Atr=02(Bulk) MxPS=1024 Ivl=0ms E: Ad=88(I) Atr=03(Int.) MxPS= 8 Ivl=9ms Signed-off-by: Benoît Monin Cc: stable@vger.kernel.org Signed-off-by: Johan Hovold commit 393c74ccbd847bacf18865a01b422586fc7341cf Author: Reinhard Speyerer Date: Fri Oct 18 23:07:06 2024 +0200 USB: serial: option: add Fibocom FG132 0x0112 composition Add Fibocom FG132 0x0112 composition: T: Bus=03 Lev=02 Prnt=06 Port=01 Cnt=02 Dev#= 10 Spd=12 MxCh= 0 D: Ver= 2.01 Cls=00(>ifc ) Sub=00 Prot=00 MxPS=64 #Cfgs= 1 P: Vendor=2cb7 ProdID=0112 Rev= 5.15 S: Manufacturer=Fibocom Wireless Inc. S: Product=Fibocom Module S: SerialNumber=xxxxxxxx C:* #Ifs= 4 Cfg#= 1 Atr=a0 MxPwr=500mA I:* If#= 0 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=50 Driver=qmi_wwan E: Ad=82(I) Atr=03(Int.) MxPS= 8 Ivl=32ms E: Ad=81(I) Atr=02(Bulk) MxPS= 64 Ivl=0ms E: Ad=01(O) Atr=02(Bulk) MxPS= 64 Ivl=0ms I:* If#= 1 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=30 Driver=option E: Ad=02(O) Atr=02(Bulk) MxPS= 64 Ivl=0ms E: Ad=83(I) Atr=02(Bulk) MxPS= 64 Ivl=0ms I:* If#= 2 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=40 Driver=option E: Ad=85(I) Atr=03(Int.) MxPS= 10 Ivl=32ms E: Ad=84(I) Atr=02(Bulk) MxPS= 64 Ivl=0ms E: Ad=03(O) Atr=02(Bulk) MxPS= 64 Ivl=0ms I:* If#= 3 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=00 Prot=00 Driver=option E: Ad=86(I) Atr=02(Bulk) MxPS= 64 Ivl=0ms E: Ad=04(O) Atr=02(Bulk) MxPS= 64 Ivl=0ms Signed-off-by: Reinhard Speyerer Cc: stable@vger.kernel.org Signed-off-by: Johan Hovold commit 66600fac7a984dea4ae095411f644770b2561ede Author: Furong Xu <0x1207@gmail.com> Date: Mon Oct 21 14:10:23 2024 +0800 net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data In case the non-paged data of a SKB carries protocol header and protocol payload to be transmitted on a certain platform that the DMA AXI address width is configured to 40-bit/48-bit, or the size of the non-paged data is bigger than TSO_MAX_BUFF_SIZE on a certain platform that the DMA AXI address width is configured to 32-bit, then this SKB requires at least two DMA transmit descriptors to serve it. For example, three descriptors are allocated to split one DMA buffer mapped from one piece of non-paged data: dma_desc[N + 0], dma_desc[N + 1], dma_desc[N + 2]. Then three elements of tx_q->tx_skbuff_dma[] will be allocated to hold extra information to be reused in stmmac_tx_clean(): tx_q->tx_skbuff_dma[N + 0], tx_q->tx_skbuff_dma[N + 1], tx_q->tx_skbuff_dma[N + 2]. Now we focus on tx_q->tx_skbuff_dma[entry].buf, which is the DMA buffer address returned by DMA mapping call. stmmac_tx_clean() will try to unmap the DMA buffer _ONLY_IF_ tx_q->tx_skbuff_dma[entry].buf is a valid buffer address. The expected behavior that saves DMA buffer address of this non-paged data to tx_q->tx_skbuff_dma[entry].buf is: tx_q->tx_skbuff_dma[N + 0].buf = NULL; tx_q->tx_skbuff_dma[N + 1].buf = NULL; tx_q->tx_skbuff_dma[N + 2].buf = dma_map_single(); Unfortunately, the current code misbehaves like this: tx_q->tx_skbuff_dma[N + 0].buf = dma_map_single(); tx_q->tx_skbuff_dma[N + 1].buf = NULL; tx_q->tx_skbuff_dma[N + 2].buf = NULL; On the stmmac_tx_clean() side, when dma_desc[N + 0] is closed by the DMA engine, tx_q->tx_skbuff_dma[N + 0].buf is a valid buffer address obviously, then the DMA buffer will be unmapped immediately. There may be a rare case that the DMA engine does not finish the pending dma_desc[N + 1], dma_desc[N + 2] yet. Now things will go horribly wrong, DMA is going to access a unmapped/unreferenced memory region, corrupted data will be transmited or iommu fault will be triggered :( In contrast, the for-loop that maps SKB fragments behaves perfectly as expected, and that is how the driver should do for both non-paged data and paged frags actually. This patch corrects DMA map/unmap sequences by fixing the array index for tx_q->tx_skbuff_dma[entry].buf when assigning DMA buffer address. Tested and verified on DWXGMAC CORE 3.20a Reported-by: Suraj Jaiswal Fixes: f748be531d70 ("stmmac: support new GMAC4") Signed-off-by: Furong Xu <0x1207@gmail.com> Reviewed-by: Hariprasad Kelam Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241021061023.2162701-1-0x1207@gmail.com Signed-off-by: Paolo Abeni commit 3726a1970bd72419aa7a54f574635f855b98d67a Author: Piotr Zalewski Date: Sun Oct 27 19:46:52 2024 +0000 bcachefs: Fix NULL ptr dereference in btree_node_iter_and_journal_peek Add NULL check for key returned from bch2_btree_and_journal_iter_peek in btree_node_iter_and_journal_peek to avoid NULL ptr dereference in bch2_bkey_buf_reassemble. When key returned from bch2_btree_and_journal_iter_peek is NULL it means that btree topology needs repair. Print topology error message with position at which node wasn't found, its parent node information and btree_id with level. Return error code returned by bch2_topology_error to ensure that topology error is handled properly by recovery. Reported-by: syzbot+005ef9aa519f30d97657@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=005ef9aa519f30d97657 Fixes: 5222a4607cd8 ("bcachefs: BTREE_ITER_WITH_JOURNAL") Suggested-by: Alan Huang Suggested-by: Kent Overstreet Signed-off-by: Piotr Zalewski Signed-off-by: Kent Overstreet commit ca959e328b2243687aa0b95de01414d13e4f3ade Author: Gaosheng Cui Date: Sat Oct 26 18:26:58 2024 +0800 bcachefs: fix possible null-ptr-deref in __bch2_ec_stripe_head_get() The function ec_new_stripe_head_alloc() returns nullptr if kzalloc() fails. It is crucial to verify its return value before dereferencing it to avoid a potential nullptr dereference. Fixes: 035d72f72c91 ("bcachefs: bch2_ec_stripe_head_get() now checks for change in rw devices") Signed-off-by: Gaosheng Cui Signed-off-by: Kent Overstreet commit 778ac324ccfad7b941bba604118e38a19800657b Author: Kent Overstreet Date: Sat Oct 26 20:21:41 2024 -0400 bcachefs: Fix deadlock on -ENOSPC w.r.t. partial open buckets Open buckets on the partial list should not count as allocated when we're trying to allocate from the partial list. Signed-off-by: Kent Overstreet commit e0fafac5c4b61501f60c3841649170424eda641f Author: Kent Overstreet Date: Fri Oct 18 02:26:59 2024 -0400 bcachefs: Don't filter partial list buckets in open_buckets_to_text() these are an important source of stranded buckets we need to be able to watch Signed-off-by: Kent Overstreet commit a34eef6dd179463e70a97bbf8453b7ca21d1e666 Author: Kent Overstreet Date: Sun Oct 20 20:02:09 2024 -0400 bcachefs: Don't keep tons of cached pointers around We had a bug report where the data update path was creating an extent that failed to validate because it had too many pointers; almost all of them were cached. To fix this, we have: - want_cached_ptr(), a new helper that checks if we even want a cached pointer (is on appropriate target, device is readable). - bch2_extent_set_ptr_cached() now only sets a pointer cached if we want it. - bch2_extent_normalize_by_opts() now ensures that we only have a single cached pointer that we want. While working on this, it was noticed that this doesn't work well with reflinked data and per-file options. Another patch series is coming that plumbs through additional io path options through bch_extent_rebalance, with improved option handling. Reported-by: Reed Riley Signed-off-by: Kent Overstreet commit 3fd27e9c57bf12c4eb1e41b87fc1aa579ec772da Author: Piotr Zalewski Date: Sat Oct 26 00:15:49 2024 +0000 bcachefs: init freespace inited bits to 0 in bch2_fs_initialize Initialize freespace_initialized bits to 0 in member's flags and update member's cached version for each device in bch2_fs_initialize. It's possible for the bits to be set to 1 before fs is initialized and if call to bch2_trans_mark_dev_sbs (just before bch2_fs_freespace_init) fails bits remain to be 1 which can later indirectly trigger BUG condition in bch2_bucket_alloc_freelist during shutdown. Reported-by: syzbot+2b6a17991a6af64f9489@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=2b6a17991a6af64f9489 Fixes: bbe682c76789 ("bcachefs: Ensure devices are always correctly initialized") Suggested-by: Kent Overstreet Signed-off-by: Piotr Zalewski Signed-off-by: Kent Overstreet commit c1fa854acc72e783fa6a464d3e35766e06d18d83 Author: Kent Overstreet Date: Fri Oct 25 20:18:48 2024 -0400 bcachefs: Fix unhandled transaction restart in fallocate This used to not matter, but now we're being more strict. Signed-off-by: Kent Overstreet commit f84ef58e553206b02d06e02158c98fbccba25d19 Author: Ley Foon Tan Date: Mon Oct 21 13:46:25 2024 +0800 net: stmmac: dwmac4: Fix high address display by updating reg_space[] from register values The high address will display as 0 if the driver does not set the reg_space[]. To fix this, read the high address registers and update the reg_space[] accordingly. Fixes: fbf68229ffe7 ("net: stmmac: unify registers dumps methods") Signed-off-by: Ley Foon Tan Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241021054625.1791965-1-leyfoon.tan@starfivetech.com Signed-off-by: Paolo Abeni commit 704573851b51808b45dae2d62059d1d8189138a2 Author: Qun-Wei Lin Date: Fri Oct 25 16:58:11 2024 +0800 mm: krealloc: Fix MTE false alarm in __do_krealloc This patch addresses an issue introduced by commit 1a83a716ec233 ("mm: krealloc: consider spare memory for __GFP_ZERO") which causes MTE (Memory Tagging Extension) to falsely report a slab-out-of-bounds error. The problem occurs when zeroing out spare memory in __do_krealloc. The original code only considered software-based KASAN and did not account for MTE. It does not reset the KASAN tag before calling memset, leading to a mismatch between the pointer tag and the memory tag, resulting in a false positive. Example of the error: ================================================================== swapper/0: BUG: KASAN: slab-out-of-bounds in __memset+0x84/0x188 swapper/0: Write at addr f4ffff8005f0fdf0 by task swapper/0/1 swapper/0: Pointer tag: [f4], memory tag: [fe] swapper/0: swapper/0: CPU: 4 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12. swapper/0: Hardware name: MT6991(ENG) (DT) swapper/0: Call trace: swapper/0: dump_backtrace+0xfc/0x17c swapper/0: show_stack+0x18/0x28 swapper/0: dump_stack_lvl+0x40/0xa0 swapper/0: print_report+0x1b8/0x71c swapper/0: kasan_report+0xec/0x14c swapper/0: __do_kernel_fault+0x60/0x29c swapper/0: do_bad_area+0x30/0xdc swapper/0: do_tag_check_fault+0x20/0x34 swapper/0: do_mem_abort+0x58/0x104 swapper/0: el1_abort+0x3c/0x5c swapper/0: el1h_64_sync_handler+0x80/0xcc swapper/0: el1h_64_sync+0x68/0x6c swapper/0: __memset+0x84/0x188 swapper/0: btf_populate_kfunc_set+0x280/0x3d8 swapper/0: __register_btf_kfunc_id_set+0x43c/0x468 swapper/0: register_btf_kfunc_id_set+0x48/0x60 swapper/0: register_nf_nat_bpf+0x1c/0x40 swapper/0: nf_nat_init+0xc0/0x128 swapper/0: do_one_initcall+0x184/0x464 swapper/0: do_initcall_level+0xdc/0x1b0 swapper/0: do_initcalls+0x70/0xc0 swapper/0: do_basic_setup+0x1c/0x28 swapper/0: kernel_init_freeable+0x144/0x1b8 swapper/0: kernel_init+0x20/0x1a8 swapper/0: ret_from_fork+0x10/0x20 ================================================================== Fixes: 1a83a716ec233 ("mm: krealloc: consider spare memory for __GFP_ZERO") Signed-off-by: Qun-Wei Lin Acked-by: David Rientjes Signed-off-by: Vlastimil Babka commit ef5fbdf732a158ec27eeba69d8be851351f29f73 Author: Piyush Raj Chouhan Date: Mon Oct 28 15:55:16 2024 +0000 ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 Infinix ZERO BOOK 13 has a 2+2 speaker system which isn't probed correctly. This patch adds a quirk with the proper pin connections. Also The mic in this laptop suffers too high gain resulting in mostly fan noise being recorded, This patch Also limit mic boost. HW Probe for device; https://linux-hardware.org/?probe=a2e892c47b Test: All 4 speaker works, Mic has low noise. Signed-off-by: Piyush Raj Chouhan Link: https://patch.msgid.link/20241028155516.15552-1-piyuschouhan1598@gmail.com Signed-off-by: Takashi Iwai commit bf791751162ac875a9439426d13f8d4d18151549 Author: Mika Westerberg Date: Thu Oct 24 12:26:53 2024 +0300 thunderbolt: Add only on-board retimers when !CONFIG_USB4_DEBUGFS_MARGINING Normally there is no need to enumerate retimers on the other side of the cable. This is only needed in special cases where user wants to run receiver lane margining against the downstream facing port of a retimer. Furthermore this might confuse the userspace tools such as fwupd because it cannot read the information it expects from these retimers. Fix this by changing the retimer enumeration code to add only on-board retimers when CONFIG_USB4_DEBUGFS_MARGINING is not enabled. Reported-by: AceLan Kao Tested-by: AceLan Kao Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219420 Cc: stable@vger.kernel.org Fixes: ff6ab055e070 ("thunderbolt: Add receiver lane margining support for retimers") Signed-off-by: Mika Westerberg commit 01626a18230246efdcea322aa8f067e60ffe5ccd Author: Barry Song Date: Fri Sep 27 09:19:36 2024 +1200 mm: avoid unconditional one-tick sleep when swapcache_prepare fails Commit 13ddaf26be32 ("mm/swap: fix race when skipping swapcache") introduced an unconditional one-tick sleep when `swapcache_prepare()` fails, which has led to reports of UI stuttering on latency-sensitive Android devices. To address this, we can use a waitqueue to wake up tasks that fail `swapcache_prepare()` sooner, instead of always sleeping for a full tick. While tasks may occasionally be woken by an unrelated `do_swap_page()`, this method is preferable to two scenarios: rapid re-entry into page faults, which can cause livelocks, and multiple millisecond sleeps, which visibly degrade user experience. Oven's testing shows that a single waitqueue resolves the UI stuttering issue. If a 'thundering herd' problem becomes apparent later, a waitqueue hash similar to `folio_wait_table[PAGE_WAIT_TABLE_SIZE]` for page bit locks can be introduced. [v-songbaohua@oppo.com: wake_up only when swapcache_wq waitqueue is active] Link: https://lkml.kernel.org/r/20241008130807.40833-1-21cnbao@gmail.com Link: https://lkml.kernel.org/r/20240926211936.75373-1-21cnbao@gmail.com Fixes: 13ddaf26be32 ("mm/swap: fix race when skipping swapcache") Signed-off-by: Barry Song Reported-by: Oven Liyang Tested-by: Oven Liyang Cc: Kairui Song Cc: "Huang, Ying" Cc: Yu Zhao Cc: David Hildenbrand Cc: Chris Li Cc: Hugh Dickins Cc: Johannes Weiner Cc: Matthew Wilcox (Oracle) Cc: Michal Hocko Cc: Minchan Kim Cc: Yosry Ahmed Cc: SeongJae Park Cc: Kalesh Singh Cc: Suren Baghdasaryan Cc: Signed-off-by: Andrew Morton commit 183430079869fcb4b2967800d7659bbeb6052d07 Author: Jeff Xu Date: Tue Oct 8 04:09:41 2024 +0000 mseal: update mseal.rst Pedro Falcato's optimization [1] for checking sealed VMAs, which replaces the can_modify_mm() function with an in-loop check, necessitates an update to the mseal.rst documentation to reflect this change. Furthermore, the document has received offline comments regarding the code sample and suggestions for sentence clarification to enhance reader comprehension. [1] https://lore.kernel.org/linux-mm/20240817-mseal-depessimize-v3-0-d8d2e037df30@gmail.com/ Update doc after in-loop change: mprotect/madvise can have partially updated and munmap is atomic. Fix indentation and clarify some sections to improve readability. Link: https://lkml.kernel.org/r/20241008040942.1478931-2-jeffxu@chromium.org Fixes: df2a7df9a9aa ("mm/munmap: replace can_modify_mm with can_modify_vma") Fixes: 4a2dd02b0916 ("mm/mprotect: replace can_modify_mm with can_modify_vma") Fixes: 38075679b5f1 ("mm/mremap: replace can_modify_mm with can_modify_vma") Fixes: 23c57d1fa2b9 ("mseal: replace can_modify_mm_madv with a vma variant") Signed-off-by: Jeff Xu Reviewed-by: Randy Dunlap Cc: Elliott Hughes Cc: Greg Kroah-Hartman Cc: Guenter Roeck Cc: Jann Horn Cc: Jonathan Corbet Cc: Jorge Lucangeli Obes Cc: Kees Cook Cc: "Liam R. Howlett" Cc: Linus Torvalds Cc: Lorenzo Stoakes Cc: Matthew Wilcox Cc: Muhammad Usama Anjum Cc: Pedro Falcato Cc: Stephen Röttger Cc: Suren Baghdasaryan Cc: "Theo de Raadt" Signed-off-by: Andrew Morton commit 58a039e679fe72bd0efa8b2abe669a7914bb4429 Author: Kirill A. Shutemov Date: Fri Oct 18 18:14:15 2024 +0200 mm: split critical region in remap_file_pages() and invoke LSMs in between Commit ea7e2d5e49c0 ("mm: call the security_mmap_file() LSM hook in remap_file_pages()") fixed a security issue, it added an LSM check when trying to remap file pages, so that LSMs have the opportunity to evaluate such action like for other memory operations such as mmap() and mprotect(). However, that commit called security_mmap_file() inside the mmap_lock lock, while the other calls do it before taking the lock, after commit 8b3ec6814c83 ("take security_mmap_file() outside of ->mmap_sem"). This caused lock inversion issue with IMA which was taking the mmap_lock and i_mutex lock in the opposite way when the remap_file_pages() system call was called. Solve the issue by splitting the critical region in remap_file_pages() in two regions: the first takes a read lock of mmap_lock, retrieves the VMA and the file descriptor associated, and calculates the 'prot' and 'flags' variables; the second takes a write lock on mmap_lock, checks that the VMA flags and the VMA file descriptor are the same as the ones obtained in the first critical region (otherwise the system call fails), and calls do_mmap(). In between, after releasing the read lock and before taking the write lock, call security_mmap_file(), and solve the lock inversion issue. Link: https://lkml.kernel.org/r/20241018161415.3845146-1-roberto.sassu@huaweicloud.com Fixes: ea7e2d5e49c0 ("mm: call the security_mmap_file() LSM hook in remap_file_pages()") Signed-off-by: Kirill A. Shutemov Signed-off-by: Roberto Sassu Reported-by: syzbot+1cd571a672400ef3a930@syzkaller.appspotmail.com Closes: https://lore.kernel.org/linux-security-module/66f7b10e.050a0220.46d20.0036.GAE@google.com/ Tested-by: Roberto Sassu Reviewed-by: Roberto Sassu Reviewed-by: Jann Horn Reviewed-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Reviewed-by: Paul Moore Tested-by: syzbot+1cd571a672400ef3a930@syzkaller.appspotmail.com Cc: Jarkko Sakkinen Cc: Dmitry Kasatkin Cc: Eric Snowberg Cc: James Morris Cc: Mimi Zohar Cc: "Serge E. Hallyn" Cc: Shu Han Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit f2330b650e97a68c1afce66305f10651a9544037 Author: Edward Liaw Date: Fri Oct 18 17:17:24 2024 +0000 selftests/mm: fix deadlock for fork after pthread_create with atomic_bool Some additional synchronization is needed on Android ARM64; we see a deadlock with pthread_create when the parent thread races forward before the child has a chance to start doing work. Link: https://lkml.kernel.org/r/20241018171734.2315053-4-edliaw@google.com Fixes: cff294582798 ("selftests/mm: extend and rename uffd pagemap test") Signed-off-by: Edward Liaw Cc: Ryan Roberts Cc: Peter Xu Cc: Shuah Khan Signed-off-by: Andrew Morton commit 3673167a3a07f25b3f06754d69f406edea65543a Author: Edward Liaw Date: Fri Oct 18 17:17:23 2024 +0000 Revert "selftests/mm: replace atomic_bool with pthread_barrier_t" This reverts commit e61ef21e27e8deed8c474e9f47f4aa7bc37e138c. uffd_poll_thread may be called by other tests that do not initialize the pthread_barrier, so this approach is not correct. This will revert to using atomic_bool instead. Link: https://lkml.kernel.org/r/20241018171734.2315053-3-edliaw@google.com Fixes: e61ef21e27e8 ("selftests/mm: replace atomic_bool with pthread_barrier_t") Signed-off-by: Edward Liaw Cc: Ryan Roberts Cc: Peter Xu Cc: Shuah Khan Cc: Signed-off-by: Andrew Morton commit 5bb1f4c9340e01003b00b94d539eadb0da88f48e Author: Edward Liaw Date: Fri Oct 18 17:17:22 2024 +0000 Revert "selftests/mm: fix deadlock for fork after pthread_create on ARM" Patch series "selftests/mm: revert pthread_barrier change" On Android arm, pthread_create followed by a fork caused a deadlock in the case where the fork required work to be completed by the created thread. The previous patches incorrectly assumed that the parent would always initialize the pthread_barrier for the child thread. This reverts the change and replaces the fix for wp-fork-with-event with the original use of atomic_bool. This patch (of 3): This reverts commit e142cc87ac4ec618f2ccf5f68aedcd6e28a59d9d. fork_event_consumer may be called by other tests that do not initialize the pthread_barrier, so this approach is not correct. The subsequent patch will revert to using atomic_bool instead. Link: https://lkml.kernel.org/r/20241018171734.2315053-1-edliaw@google.com Link: https://lkml.kernel.org/r/20241018171734.2315053-2-edliaw@google.com Fixes: e142cc87ac4e ("fix deadlock for fork after pthread_create on ARM") Signed-off-by: Edward Liaw Cc: Ryan Roberts Cc: Peter Xu Cc: Shuah Khan Cc: Signed-off-by: Andrew Morton commit e8133a77999f650495dca9669c49f143d70bb4f6 Author: Lorenzo Stoakes Date: Thu Oct 17 15:31:46 2024 +0100 tools: testing: add expand-only mode VMA test Add a test to assert that VMG_FLAG_JUST_EXPAND functions as expected - that is, when the VMA iterator is positioned at the previous VMA and no VMAs proceed it, we observe an expansion with all state as expected. Explicitly place a prior VMA that would otherwise fail this test if the mode were not enabled (as it would traverse to the previous-previous VMA). Link: https://lkml.kernel.org/r/d2f88330254a6448092412bf7dfe077a579ab0dc.1729174352.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Cc: Jann Horn Cc: kernel test robot Cc: Liam R. Howlett Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit c4d91e225ff3c9821c85ac6efd8e02c0025c0190 Author: Lorenzo Stoakes Date: Thu Oct 17 15:31:45 2024 +0100 mm/vma: add expand-only VMA merge mode and optimise do_brk_flags() Patch series "introduce VMA merge mode to improve brk() performance". A ~5% performance regression was discovered on the aim9.brk_test.ops_per_sec by the linux kernel test bot [0]. In the past to satisfy brk() performance we duplicated VMA expansion code and special-cased do_brk_flags(). This is however horrid and undoes work to abstract this logic, so in resolving the issue I have endeavoured to avoid this. Investigating further I was able to observe that the use of a vma_iter_next_range() and vma_prev() pair, causing an unnecessary maple tree walk. In addition there is work that we do that is simply unnecessary for brk(). Therefore, add a special VMA merge mode VMG_FLAG_JUST_EXPAND to avoid doing any of this - it assumes the VMA iterator is pointing at the previous VMA and which skips logic that brk() does not require. This mostly eliminates the performance regression reducing it to ~2% which is in the realm of noise. In addition, the will-it-scale test brk2, written to be more representative of real-world brk() usage, shows a modest performance improvement - which gives me confidence that we are not meaningfully regressing real workloads here. This series includes a test asserting that the 'just expand' mode works as expected. With many thanks to Oliver Sang for helping with performance testing of candidate patch sets! [0]:https://lore.kernel.org/linux-mm/202409301043.629bea78-oliver.sang@intel.com This patch (of 2): We know in advance that do_brk_flags() wants only to perform a VMA expansion (if the prior VMA is compatible), and that we assume no mergeable VMA follows it. These are the semantics of this function prior to the recent rewrite of the VMA merging logic, however we are now doing more work than necessary - positioning the VMA iterator at the prior VMA and performing tasks that are not required. Add a new field to the vmg struct to permit merge flags and add a new merge flag VMG_FLAG_JUST_EXPAND which implies this behaviour, and have do_brk_flags() use this. This fixes a reported performance regression in a brk() benchmarking suite. Link: https://lkml.kernel.org/r/cover.1729174352.git.lorenzo.stoakes@oracle.com Link: https://lkml.kernel.org/r/4e65d4395e5841c5acf8470dbcb714016364fd39.1729174352.git.lorenzo.stoakes@oracle.com Fixes: cacded5e42b9 ("mm: avoid using vma_merge() for new VMAs") Reported-by: kernel test robot Closes: https://lore.kernel.org/linux-mm/202409301043.629bea78-oliver.sang@intel.com Signed-off-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Cc: Jann Horn Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit b125a0def25a082ae944c9615208bf359abdb61c Author: Gregory Price Date: Thu Oct 17 15:03:47 2024 -0400 resource,kexec: walk_system_ram_res_rev must retain resource flags walk_system_ram_res_rev() erroneously discards resource flags when passing the information to the callback. This causes systems with IORESOURCE_SYSRAM_DRIVER_MANAGED memory to have these resources selected during kexec to store kexec buffers if that memory happens to be at placed above normal system ram. This leads to undefined behavior after reboot. If the kexec buffer is never touched, nothing happens. If the kexec buffer is touched, it could lead to a crash (like below) or undefined behavior. Tested on a system with CXL memory expanders with driver managed memory, TPM enabled, and CONFIG_IMA_KEXEC=y. Adding printk's showed the flags were being discarded and as a result the check for IORESOURCE_SYSRAM_DRIVER_MANAGED passes. find_next_iomem_res: name(System RAM (kmem)) start(10000000000) end(1034fffffff) flags(83000200) locate_mem_hole_top_down: start(10000000000) end(1034fffffff) flags(0) [.] BUG: unable to handle page fault for address: ffff89834ffff000 [.] #PF: supervisor read access in kernel mode [.] #PF: error_code(0x0000) - not-present page [.] PGD c04c8bf067 P4D c04c8bf067 PUD c04c8be067 PMD 0 [.] Oops: 0000 [#1] SMP [.] RIP: 0010:ima_restore_measurement_list+0x95/0x4b0 [.] RSP: 0018:ffffc900000d3a80 EFLAGS: 00010286 [.] RAX: 0000000000001000 RBX: 0000000000000000 RCX: ffff89834ffff000 [.] RDX: 0000000000000018 RSI: ffff89834ffff000 RDI: ffff89834ffff018 [.] RBP: ffffc900000d3ba0 R08: 0000000000000020 R09: ffff888132b8a900 [.] R10: 4000000000000000 R11: 000000003a616d69 R12: 0000000000000000 [.] R13: ffffffff8404ac28 R14: 0000000000000000 R15: ffff89834ffff000 [.] FS: 0000000000000000(0000) GS:ffff893d44640000(0000) knlGS:0000000000000000 [.] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [.] ata5: SATA link down (SStatus 0 SControl 300) [.] CR2: ffff89834ffff000 CR3: 000001034d00f001 CR4: 0000000000770ef0 [.] PKRU: 55555554 [.] Call Trace: [.] [.] ? __die+0x78/0xc0 [.] ? page_fault_oops+0x2a8/0x3a0 [.] ? exc_page_fault+0x84/0x130 [.] ? asm_exc_page_fault+0x22/0x30 [.] ? ima_restore_measurement_list+0x95/0x4b0 [.] ? template_desc_init_fields+0x317/0x410 [.] ? crypto_alloc_tfm_node+0x9c/0xc0 [.] ? init_ima_lsm+0x30/0x30 [.] ima_load_kexec_buffer+0x72/0xa0 [.] ima_init+0x44/0xa0 [.] __initstub__kmod_ima__373_1201_init_ima7+0x1e/0xb0 [.] ? init_ima_lsm+0x30/0x30 [.] do_one_initcall+0xad/0x200 [.] ? idr_alloc_cyclic+0xaa/0x110 [.] ? new_slab+0x12c/0x420 [.] ? new_slab+0x12c/0x420 [.] ? number+0x12a/0x430 [.] ? sysvec_apic_timer_interrupt+0xa/0x80 [.] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [.] ? parse_args+0xd4/0x380 [.] ? parse_args+0x14b/0x380 [.] kernel_init_freeable+0x1c1/0x2b0 [.] ? rest_init+0xb0/0xb0 [.] kernel_init+0x16/0x1a0 [.] ret_from_fork+0x2f/0x40 [.] ? rest_init+0xb0/0xb0 [.] ret_from_fork_asm+0x11/0x20 [.] Link: https://lore.kernel.org/all/20231114091658.228030-1-bhe@redhat.com/ Link: https://lkml.kernel.org/r/20241017190347.5578-1-gourry@gourry.net Fixes: 7acf164b259d ("resource: add walk_system_ram_res_rev()") Signed-off-by: Gregory Price Reviewed-by: Dan Williams Acked-by: Baoquan He Cc: AKASHI Takahiro Cc: Andy Shevchenko Cc: Bjorn Helgaas Cc: "Huang, Ying" Cc: Ilpo Järvinen Cc: Mika Westerberg Cc: Thomas Gleixner Cc: Signed-off-by: Andrew Morton commit 41e192ad2779cae0102879612dfe46726e4396aa Author: Ryusuke Konishi Date: Fri Oct 18 04:33:10 2024 +0900 nilfs2: fix kernel bug due to missing clearing of checked flag Syzbot reported that in directory operations after nilfs2 detects filesystem corruption and degrades to read-only, __block_write_begin_int(), which is called to prepare block writes, may fail the BUG_ON check for accesses exceeding the folio/page size, triggering a kernel bug. This was found to be because the "checked" flag of a page/folio was not cleared when it was discarded by nilfs2's own routine, which causes the sanity check of directory entries to be skipped when the directory page/folio is reloaded. So, fix that. This was necessary when the use of nilfs2's own page discard routine was applied to more than just metadata files. Link: https://lkml.kernel.org/r/20241017193359.5051-1-konishi.ryusuke@gmail.com Fixes: 8c26c4e2694a ("nilfs2: fix issue with flush kernel thread after remount in RO mode because of driver's internal error or metadata corruption") Signed-off-by: Ryusuke Konishi Reported-by: syzbot+d6ca2daf692c7a82f959@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=d6ca2daf692c7a82f959 Cc: Signed-off-by: Andrew Morton commit d95fb348f0160f562ac07fa201dbbaf14524381f Author: Nobuhiro Iwamatsu Date: Wed Oct 16 18:21:01 2024 +0900 mm: numa_clear_kernel_node_hotplug: Add NUMA_NO_NODE check for node id The acquired memory blocks for reserved may include blocks outside of memory management. In this case, the nid variable is set to NUMA_NO_NODE (-1), so an error occurs in node_set(). This adds a check using numa_valid_node() to numa_clear_kernel_node_hotplug() that skips node_set() when nid is set to NUMA_NO_NODE. Link: https://lkml.kernel.org/r/1729070461-13576-1-git-send-email-nobuhiro1.iwamatsu@toshiba.co.jp Fixes: 87482708210f ("mm: introduce numa_memblks") Signed-off-by: Nobuhiro Iwamatsu Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Anshuman Khandual Suggested-by: Yuji Ishikawa Signed-off-by: Andrew Morton commit bc0a2f3a73fcdac651fca64df39306d1e5ebe3b0 Author: Edward Adam Davis Date: Wed Oct 16 19:43:47 2024 +0800 ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow Syzbot reported a kernel BUG in ocfs2_truncate_inline. There are two reasons for this: first, the parameter value passed is greater than ocfs2_max_inline_data_with_xattr, second, the start and end parameters of ocfs2_truncate_inline are "unsigned int". So, we need to add a sanity check for byte_start and byte_len right before ocfs2_truncate_inline() in ocfs2_remove_inode_range(), if they are greater than ocfs2_max_inline_data_with_xattr return -EINVAL. Link: https://lkml.kernel.org/r/tencent_D48DB5122ADDAEDDD11918CFB68D93258C07@qq.com Fixes: 1afc32b95233 ("ocfs2: Write support for inline data") Signed-off-by: Edward Adam Davis Reported-by: syzbot+81092778aac03460d6b7@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=81092778aac03460d6b7 Reviewed-by: Joseph Qi Cc: Joel Becker Cc: Joseph Qi Cc: Mark Fasheh Cc: Junxiao Bi Cc: Changwei Ge Cc: Gang He Cc: Jun Piao Cc: Signed-off-by: Andrew Morton commit d949d1d14fa281ace388b1de978e8f2cd52875cf Author: Jeongjun Park Date: Mon Sep 9 21:35:58 2024 +0900 mm: shmem: fix data-race in shmem_getattr() I got the following KCSAN report during syzbot testing: ================================================================== BUG: KCSAN: data-race in generic_fillattr / inode_set_ctime_current write to 0xffff888102eb3260 of 4 bytes by task 6565 on cpu 1: inode_set_ctime_to_ts include/linux/fs.h:1638 [inline] inode_set_ctime_current+0x169/0x1d0 fs/inode.c:2626 shmem_mknod+0x117/0x180 mm/shmem.c:3443 shmem_create+0x34/0x40 mm/shmem.c:3497 lookup_open fs/namei.c:3578 [inline] open_last_lookups fs/namei.c:3647 [inline] path_openat+0xdbc/0x1f00 fs/namei.c:3883 do_filp_open+0xf7/0x200 fs/namei.c:3913 do_sys_openat2+0xab/0x120 fs/open.c:1416 do_sys_open fs/open.c:1431 [inline] __do_sys_openat fs/open.c:1447 [inline] __se_sys_openat fs/open.c:1442 [inline] __x64_sys_openat+0xf3/0x120 fs/open.c:1442 x64_sys_call+0x1025/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:258 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0x54/0x120 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x76/0x7e read to 0xffff888102eb3260 of 4 bytes by task 3498 on cpu 0: inode_get_ctime_nsec include/linux/fs.h:1623 [inline] inode_get_ctime include/linux/fs.h:1629 [inline] generic_fillattr+0x1dd/0x2f0 fs/stat.c:62 shmem_getattr+0x17b/0x200 mm/shmem.c:1157 vfs_getattr_nosec fs/stat.c:166 [inline] vfs_getattr+0x19b/0x1e0 fs/stat.c:207 vfs_statx_path fs/stat.c:251 [inline] vfs_statx+0x134/0x2f0 fs/stat.c:315 vfs_fstatat+0xec/0x110 fs/stat.c:341 __do_sys_newfstatat fs/stat.c:505 [inline] __se_sys_newfstatat+0x58/0x260 fs/stat.c:499 __x64_sys_newfstatat+0x55/0x70 fs/stat.c:499 x64_sys_call+0x141f/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:263 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0x54/0x120 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x76/0x7e value changed: 0x2755ae53 -> 0x27ee44d3 Reported by Kernel Concurrency Sanitizer on: CPU: 0 UID: 0 PID: 3498 Comm: udevd Not tainted 6.11.0-rc6-syzkaller-00326-gd1f2d51b711a-dirty #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 ================================================================== When calling generic_fillattr(), if you don't hold read lock, data-race will occur in inode member variables, which can cause unexpected behavior. Since there is no special protection when shmem_getattr() calls generic_fillattr(), data-race occurs by functions such as shmem_unlink() or shmem_mknod(). This can cause unexpected results, so commenting it out is not enough. Therefore, when calling generic_fillattr() from shmem_getattr(), it is appropriate to protect the inode using inode_lock_shared() and inode_unlock_shared() to prevent data-race. Link: https://lkml.kernel.org/r/20240909123558.70229-1-aha310510@gmail.com Fixes: 44a30220bc0a ("shmem: recalculate file inode when fstat") Signed-off-by: Jeongjun Park Reported-by: syzbot Cc: Hugh Dickins Cc: Yu Zhao Cc: Signed-off-by: Andrew Morton commit 14611508cb5bf031f85bae58704c9218681d8e07 Author: Jann Horn Date: Wed Oct 16 17:07:53 2024 +0200 mm: mark mas allocation in vms_abort_munmap_vmas as __GFP_NOFAIL vms_abort_munmap_vmas() is a recovery path where, on entry, some VMAs have already been torn down halfway (in a way we can't undo) but are still present in the maple tree. At this point, we *must* remove the VMAs from the VMA tree, otherwise we get UAF. Because removing VMA tree nodes can require memory allocation, the existing code has an error path which tries to handle this by reattaching the VMAs; but that can't be done safely. A nicer way to fix it would probably be to preallocate enough maple tree nodes for the removal before the point of no return, or something like that; but for now, fix it the easy and kinda ugly way, by marking this allocation __GFP_NOFAIL. Link: https://lkml.kernel.org/r/20241016-fix-munmap-abort-v1-1-601c94b2240d@google.com Fixes: 4f87153e82c4 ("mm: change failure of MAP_FIXED to restoring the gap on failure") Signed-off-by: Jann Horn Reviewed-by: Liam R. Howlett Acked-by: Vlastimil Babka Reviewed-by: Lorenzo Stoakes Signed-off-by: Andrew Morton commit 1db272864ff250b5e607283eaec819e1186c8e26 Author: Sabyrzhan Tasbolatov Date: Wed Oct 16 20:24:07 2024 +0500 x86/traps: move kmsan check after instrumentation_begin During x86_64 kernel build with CONFIG_KMSAN, the objtool warns following: AR built-in.a AR vmlinux.a LD vmlinux.o vmlinux.o: warning: objtool: handle_bug+0x4: call to kmsan_unpoison_entry_regs() leaves .noinstr.text section OBJCOPY modules.builtin.modinfo GEN modules.builtin MODPOST Module.symvers CC .vmlinux.export.o Moving kmsan_unpoison_entry_regs() _after_ instrumentation_begin() fixes the warning. There is decode_bug(regs->ip, &imm) is left before KMSAN unpoisoining, but it has the return condition and if we include it after instrumentation_begin() it results the warning "return with instrumentation enabled", hence, I'm concerned that regs will not be KMSAN unpoisoned if `ud_type == BUG_NONE` is true. Link: https://lkml.kernel.org/r/20241016152407.3149001-1-snovitoll@gmail.com Fixes: ba54d194f8da ("x86/traps: avoid KMSAN bugs originating from handle_bug()") Signed-off-by: Sabyrzhan Tasbolatov Reviewed-by: Alexander Potapenko Cc: Borislav Petkov (AMD) Cc: Dave Hansen Cc: Ingo Molnar Cc: Thomas Gleixner Cc: Signed-off-by: Andrew Morton commit b7c5f9a1fb9b40491d8b564b7eb9df26128cda3f Author: Huang Ying Date: Tue Oct 15 13:15:54 2024 +0800 resource: remove dependency on SPARSEMEM from GET_FREE_REGION We want to use the functions (get_free_mem_region()) configured via GET_FREE_REGION in resource kunit tests. However, GET_FREE_REGION depends on SPARSEMEM now. This makes resource kunit tests cannot be built on some architectures lacking SPARSEMEM, or causes config warning as follows, WARNING: unmet direct dependencies detected for GET_FREE_REGION Depends on [n]: SPARSEMEM [=n] Selected by [y]: - RESOURCE_KUNIT_TEST [=y] && RUNTIME_TESTING_MENU [=y] && KUNIT [=y] When get_free_mem_region() was introduced the only consumers were those looking to pass the address range to memremap_pages(). That address range needed to be mindful of the maximum addressable platform physical address which at the time only SPARSMEM defined via MAX_PHYSMEM_BITS. Given that memremap_pages() also depended on SPARSEMEM via ZONE_DEVICE, it was easier to just depend on that definition than invent a general MAX_PHYSMEM_BITS concept outside of SPARSEMEM. Turns out that decision was buggy and did not account for KASAN consumption of physical address space. That problem was resolved recently with commit ea72ce5da228 ("x86/kaslr: Expose and use the end of the physical memory address space"), and GET_FREE_REGION dropped its MAX_PHYSMEM_BITS dependency. Then commit 99185c10d5d9 ("resource, kunit: add test case for region_intersects()"), went ahead and fixed up the only remaining dependency on SPARSEMEM which was usage of the PA_SECTION_SHIFT macro for setting the default alignment. A PAGE_SIZE fallback is fine in the SPARSEMEM=n case. With those build dependencies gone GET_FREE_REGION no longer depends on SPARSEMEM. So, the patch removes dependency on SPARSEMEM from GET_FREE_REGION to fix the build issues. Link: https://lkml.kernel.org/r/20241016014730.339369-1-ying.huang@intel.com Link: https://lore.kernel.org/lkml/20240922225041.603186-1-linux@roeck-us.net/ Link: https://lkml.kernel.org/r/20241015051554.294734-1-ying.huang@intel.com Fixes: 99185c10d5d9 ("resource, kunit: add test case for region_intersects()") Signed-off-by: "Huang, Ying" Co-developed-by: Dan Williams Signed-off-by: Dan Williams Tested-by: Guenter Roeck Acked-by: David Hildenbrand Tested-by: Nathan Chancellor # build Cc: Arnd Bergmann Cc: Jonathan Cameron Signed-off-by: Andrew Morton commit 79f3d123caedbac30a6fd75f9597b2a60a89d513 Author: Liam R. Howlett Date: Tue Oct 15 21:34:55 2024 -0400 mm/mmap: fix race in mmap_region() with ftruncate() Avoiding the zeroing of the vma tree in mmap_region() introduced a race with truncate in the page table walk. To avoid any races, create a hole in the rmap during the operation by clearing the pagetable entries earlier under the mmap write lock and (critically) before the new vma is installed into the vma tree. The result is that the old vma(s) are left in the vma tree, but free_pgtables() removes them from the rmap and clears the ptes while holding the necessary locks. This change extends the fix required for hugetblfs and the call_mmap() function by moving the cleanup higher in the function and running it unconditionally. Link: https://lkml.kernel.org/r/20241016013455.2241533-1-Liam.Howlett@oracle.com Fixes: f8d112a4e657 ("mm/mmap: avoid zeroing vma tree in mmap_region()") Signed-off-by: Liam R. Howlett Reported-by: Jann Horn Closes: https://lore.kernel.org/all/CAG48ez0ZpGzxi=-5O_uGQ0xKXOmbjeQ0LjZsRJ1Qtf2X5eOr1w@mail.gmail.com/ Reviewed-by: Jann Horn Reviewed-by: Lorenzo Stoakes Acked-by: Vlastimil Babka Cc: Matthew Wilcox Cc: David Hildenbrand Signed-off-by: Andrew Morton commit 281dd25c1a018261a04d1b8bf41a0674000bfe38 Author: Matt Fleming Date: Fri Oct 11 13:07:37 2024 +0100 mm/page_alloc: let GFP_ATOMIC order-0 allocs access highatomic reserves Under memory pressure it's possible for GFP_ATOMIC order-0 allocations to fail even though free pages are available in the highatomic reserves. GFP_ATOMIC allocations cannot trigger unreserve_highatomic_pageblock() since it's only run from reclaim. Given that such allocations will pass the watermarks in __zone_watermark_unusable_free(), it makes sense to fallback to highatomic reserves the same way that ALLOC_OOM can. This fixes order-0 page allocation failures observed on Cloudflare's fleet when handling network packets: kswapd1: page allocation failure: order:0, mode:0x820(GFP_ATOMIC), nodemask=(null),cpuset=/,mems_allowed=0-7 CPU: 10 PID: 696 Comm: kswapd1 Kdump: loaded Tainted: G O 6.6.43-CUSTOM #1 Hardware name: MACHINE Call Trace: dump_stack_lvl+0x3c/0x50 warn_alloc+0x13a/0x1c0 __alloc_pages_slowpath.constprop.0+0xc9d/0xd10 __alloc_pages+0x327/0x340 __napi_alloc_skb+0x16d/0x1f0 bnxt_rx_page_skb+0x96/0x1b0 [bnxt_en] bnxt_rx_pkt+0x201/0x15e0 [bnxt_en] __bnxt_poll_work+0x156/0x2b0 [bnxt_en] bnxt_poll+0xd9/0x1c0 [bnxt_en] __napi_poll+0x2b/0x1b0 bpf_trampoline_6442524138+0x7d/0x1000 __napi_poll+0x5/0x1b0 net_rx_action+0x342/0x740 handle_softirqs+0xcf/0x2b0 irq_exit_rcu+0x6c/0x90 sysvec_apic_timer_interrupt+0x72/0x90 [mfleming@cloudflare.com: update comment] Link: https://lkml.kernel.org/r/20241015125158.3597702-1-matt@readmodwrite.com Link: https://lkml.kernel.org/r/20241011120737.3300370-1-matt@readmodwrite.com Link: https://lore.kernel.org/all/CAGis_TWzSu=P7QJmjD58WWiu3zjMTVKSzdOwWE8ORaGytzWJwQ@mail.gmail.com/ Fixes: 1d91df85f399 ("mm/page_alloc: handle a missing case for memalloc_nocma_{save/restore} APIs") Signed-off-by: Matt Fleming Suggested-by: Vlastimil Babka Reviewed-by: Vlastimil Babka Cc: Mel Gorman Cc: Michal Hocko Cc: Signed-off-by: Andrew Morton commit 985da552a98e27096444508ce5d853244019111f Author: Lorenzo Stoakes Date: Tue Oct 15 18:56:06 2024 +0100 fork: only invoke khugepaged, ksm hooks if no error There is no reason to invoke these hooks early against an mm that is in an incomplete state. The change in commit d24062914837 ("fork: use __mt_dup() to duplicate maple tree in dup_mmap()") makes this more pertinent as we may be in a state where entries in the maple tree are not yet consistent. Their placement early in dup_mmap() only appears to have been meaningful for early error checking, and since functionally it'd require a very small allocation to fail (in practice 'too small to fail') that'd only occur in the most dire circumstances, meaning the fork would fail or be OOM'd in any case. Since both khugepaged and KSM tracking are there to provide optimisations to memory performance rather than critical functionality, it doesn't really matter all that much if, under such dire memory pressure, we fail to register an mm with these. As a result, we follow the example of commit d2081b2bf819 ("mm: khugepaged: make khugepaged_enter() void function") and make ksm_fork() a void function also. We only expose the mm to these functions once we are done with them and only if no error occurred in the fork operation. Link: https://lkml.kernel.org/r/e0cb8b840c9d1d5a6e84d4f8eff5f3f2022aa10c.1729014377.git.lorenzo.stoakes@oracle.com Fixes: d24062914837 ("fork: use __mt_dup() to duplicate maple tree in dup_mmap()") Signed-off-by: Lorenzo Stoakes Reported-by: Jann Horn Reviewed-by: Liam R. Howlett Reviewed-by: Vlastimil Babka Reviewed-by: Jann Horn Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: Linus Torvalds Cc: Signed-off-by: Andrew Morton commit f64e67e5d3a45a4a04286c47afade4b518acd47b Author: Lorenzo Stoakes Date: Tue Oct 15 18:56:05 2024 +0100 fork: do not invoke uffd on fork if error occurs Patch series "fork: do not expose incomplete mm on fork". During fork we may place the virtual memory address space into an inconsistent state before the fork operation is complete. In addition, we may encounter an error during the fork operation that indicates that the virtual memory address space is invalidated. As a result, we should not be exposing it in any way to external machinery that might interact with the mm or VMAs, machinery that is not designed to deal with incomplete state. We specifically update the fork logic to defer khugepaged and ksm to the end of the operation and only to be invoked if no error arose, and disallow uffd from observing fork events should an error have occurred. This patch (of 2): Currently on fork we expose the virtual address space of a process to userland unconditionally if uffd is registered in VMAs, regardless of whether an error arose in the fork. This is performed in dup_userfaultfd_complete() which is invoked unconditionally, and performs two duties - invoking registered handlers for the UFFD_EVENT_FORK event via dup_fctx(), and clearing down userfaultfd_fork_ctx objects established in dup_userfaultfd(). This is problematic, because the virtual address space may not yet be correctly initialised if an error arose. The change in commit d24062914837 ("fork: use __mt_dup() to duplicate maple tree in dup_mmap()") makes this more pertinent as we may be in a state where entries in the maple tree are not yet consistent. We address this by, on fork error, ensuring that we roll back state that we would otherwise expect to clean up through the event being handled by userland and perform the memory freeing duty otherwise performed by dup_userfaultfd_complete(). We do this by implementing a new function, dup_userfaultfd_fail(), which performs the same loop, only decrementing reference counts. Note that we perform mmgrab() on the parent and child mm's, however userfaultfd_ctx_put() will mmdrop() this once the reference count drops to zero, so we will avoid memory leaks correctly here. Link: https://lkml.kernel.org/r/cover.1729014377.git.lorenzo.stoakes@oracle.com Link: https://lkml.kernel.org/r/d3691d58bb58712b6fb3df2be441d175bd3cdf07.1729014377.git.lorenzo.stoakes@oracle.com Fixes: d24062914837 ("fork: use __mt_dup() to duplicate maple tree in dup_mmap()") Signed-off-by: Lorenzo Stoakes Reported-by: Jann Horn Reviewed-by: Jann Horn Reviewed-by: Liam R. Howlett Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: Linus Torvalds Cc: Vlastimil Babka Cc: Signed-off-by: Andrew Morton commit 7c18d4811000945677a8531e89de3e17582e8a36 Author: David Hildenbrand Date: Tue Oct 15 13:12:36 2024 +0200 mm/pagewalk: fix usage of pmd_leaf()/pud_leaf() without present check pmd_leaf()/pud_leaf() only implies a pmd_present()/pud_present() check on some architectures. We really should check for pmd_present()/pud_present() first. This should explain the report we got on ppc64 (which has CONFIG_PGTABLE_HAS_HUGE_LEAVES set in the config) that triggered: VM_WARN_ON_ONCE(pmd_leaf(pmdp_get_lockless(pmdp))); Likely we had a PMD migration entry for which pmd_leaf() did not trigger. We raced with restoring the PMD migration entry, and suddenly saw a pmd_leaf(). In this case, pte_offset_map_lock() saved us from more trouble, because it rechecks the PMD value, but we would not have processed the migration entry -- which is not too bad because the only user of FW_MIGRATION is KSM for unsharing, and KSM only applies to small folios. Further, we shouldn't re-read the PMD/PUD value for our warning, the primary purpose of the VM_WARN_ON_ONCE() is to find spurious use of pmd_leaf()/pud_leaf() without CONFIG_PGTABLE_HAS_HUGE_LEAVES. As a side note, we are currently not implementing FW_MIGRATION support for PUD migration entries, which likely should exist due to hugetlb. Add a TODO so this won't fall through the cracks if more FW_MIGRATION users get added. Was able to write a quick reproducer and verify that the issue no longer triggers with this fix. https://gitlab.com/davidhildenbrand/scratchspace/-/blob/main/reproducers/move-pages-pmd-leaf.c Without this fix after a couple of seconds in a VM with 2 NUMA nodes: [ 54.333753] ------------[ cut here ]------------ [ 54.334901] WARNING: CPU: 20 PID: 1704 at mm/pagewalk.c:815 folio_walk_start+0x48f/0x6e0 [ 54.336455] Modules linked in: ... [ 54.345009] CPU: 20 UID: 0 PID: 1704 Comm: move-pages-pmd- Not tainted 6.12.0-rc2+ #81 [ 54.346529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014 [ 54.348191] RIP: 0010:folio_walk_start+0x48f/0x6e0 [ 54.349134] Code: b5 ad 48 8d 35 00 00 00 00 e8 6d 59 d7 ff e8 08 74 da ff e9 9c fe ff ff 4c 8b 7c 24 08 4c 89 ff e8 26 2b be 00 e9 8a fe ff ff <0f> 0b e9 ec fe ff ff f7 c2 ff 0f 00 00 0f 85 81 fe ff ff 48 8b 02 [ 54.352660] RSP: 0018:ffffb7e4c430bc78 EFLAGS: 00010282 [ 54.353679] RAX: 80000002a3e008e7 RBX: ffff9946039aa580 RCX: ffff994380000000 [ 54.355056] RDX: ffff994606aec000 RSI: 00007f004b000000 RDI: 0000000000000000 [ 54.356440] RBP: 00007f004b000000 R08: 0000000000000591 R09: 0000000000000001 [ 54.357820] R10: 0000000000000200 R11: 0000000000000001 R12: ffffb7e4c430bd10 [ 54.359198] R13: ffff994606aec2c0 R14: 0000000000000002 R15: ffff994604a89b00 [ 54.360564] FS: 00007f004ae006c0(0000) GS:ffff9947f7400000(0000) knlGS:0000000000000000 [ 54.362111] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 54.363242] CR2: 00007f004adffe58 CR3: 0000000281e12005 CR4: 0000000000770ef0 [ 54.364615] PKRU: 55555554 [ 54.365153] Call Trace: [ 54.365646] [ 54.366073] ? __warn.cold+0xb7/0x14d [ 54.366796] ? folio_walk_start+0x48f/0x6e0 [ 54.367628] ? report_bug+0xff/0x140 [ 54.368324] ? handle_bug+0x58/0x90 [ 54.369019] ? exc_invalid_op+0x17/0x70 [ 54.369771] ? asm_exc_invalid_op+0x1a/0x20 [ 54.370606] ? folio_walk_start+0x48f/0x6e0 [ 54.371415] ? folio_walk_start+0x9e/0x6e0 [ 54.372227] do_pages_move+0x1c5/0x680 [ 54.372972] kernel_move_pages+0x1a1/0x2b0 [ 54.373804] __x64_sys_move_pages+0x25/0x30 Link: https://lkml.kernel.org/r/20241015111236.1290921-1-david@redhat.com Fixes: aa39ca6940f1 ("mm/pagewalk: introduce folio_walk_start() + folio_walk_end()") Signed-off-by: David Hildenbrand Reported-by: syzbot+7d917f67c05066cec295@syzkaller.appspotmail.com Closes: https://lkml.kernel.org/r/670d3248.050a0220.3e960.0064.GAE@google.com Acked-by: Kirill A. Shutemov Acked-by: Qi Zheng Cc: Jann Horn Signed-off-by: Andrew Morton commit afb92ad8733ef0a2843cc229e4d96aead80bc429 Author: Amit Sunil Dhamne Date: Wed Oct 23 19:22:30 2024 -0700 usb: typec: tcpm: restrict SNK_WAIT_CAPABILITIES_TIMEOUT transitions to non self-powered devices PD3.1 spec ("8.3.3.3.3 PE_SNK_Wait_for_Capabilities State") mandates that the policy engine perform a hard reset when SinkWaitCapTimer expires. Instead the code explicitly does a GET_SOURCE_CAP when the timer expires as part of SNK_WAIT_CAPABILITIES_TIMEOUT. Due to this the following compliance test failures are reported by the compliance tester (added excerpts from the PD Test Spec): * COMMON.PROC.PD.2#1: The Tester receives a Get_Source_Cap Message from the UUT. This message is valid except the following conditions: [COMMON.PROC.PD.2#1] a. The check fails if the UUT sends this message before the Tester has established an Explicit Contract ... * TEST.PD.PROT.SNK.4: ... 4. The check fails if the UUT does not send a Hard Reset between tTypeCSinkWaitCap min and max. [TEST.PD.PROT.SNK.4#1] The delay is between the VBUS present vSafe5V min and the time of the first bit of Preamble of the Hard Reset sent by the UUT. For the purpose of interoperability, restrict the quirk introduced in https://lore.kernel.org/all/20240523171806.223727-1-sebastian.reichel@collabora.com/ to only non self-powered devices as battery powered devices will not have the issue mentioned in that commit. Cc: stable@vger.kernel.org Fixes: 122968f8dda8 ("usb: typec: tcpm: avoid resets for missing source capability messages") Reported-by: Badhri Jagan Sridharan Closes: https://lore.kernel.org/all/CAPTae5LAwsVugb0dxuKLHFqncjeZeJ785nkY4Jfd+M-tCjHSnQ@mail.gmail.com/ Signed-off-by: Amit Sunil Dhamne Reviewed-by: Badhri Jagan Sridharan Reviewed-by: Heikki Krogerus Tested-by: Xu Yang Reviewed-by: Sebastian Reichel Link: https://lore.kernel.org/r/20241024022233.3276995-1-amitsd@google.com Signed-off-by: Greg Kroah-Hartman commit fdce49b5da6e0fb6d077986dec3e90ef2b094b50 Author: Zijun Hu Date: Sun Oct 20 17:33:42 2024 +0800 usb: phy: Fix API devm_usb_put_phy() can not release the phy For devm_usb_put_phy(), its comment says it needs to invoke usb_put_phy() to release the phy, but it does not do that actually, so it can not fully undo what the API devm_usb_get_phy() does, that is wrong, fixed by using devres_release() instead of devres_destroy() within the API. Fixes: cedf8602373a ("usb: phy: move bulk of otg/otg.c to phy/phy.c") Cc: stable@vger.kernel.org Signed-off-by: Zijun Hu Link: https://lore.kernel.org/r/20241020-usb_phy_fix-v1-1-7f79243b8e1e@quicinc.com Signed-off-by: Greg Kroah-Hartman commit dc1308bee1ed03b4d698d77c8bd670d399dcd04d Author: Li Zhijian Date: Tue Oct 29 11:13:24 2024 +0800 selftests/watchdog-test: Fix system accidentally reset after watchdog-test When running watchdog-test with 'make run_tests', the watchdog-test will be terminated by a timeout signal(SIGTERM) due to the test timemout. And then, a system reboot would happen due to watchdog not stop. see the dmesg as below: ``` [ 1367.185172] watchdog: watchdog0: watchdog did not stop! ``` Fix it by registering more signals(including SIGTERM) in watchdog-test, where its signal handler will stop the watchdog. After that # timeout 1 ./watchdog-test Watchdog Ticking Away! . Stopping watchdog ticks... Link: https://lore.kernel.org/all/20241029031324.482800-1-lizhijian@fujitsu.com/ Signed-off-by: Li Zhijian Reviewed-by: Shuah Khan Signed-off-by: Shuah Khan commit 1ab0b9ae587373f9f800b6fda01b8faf02b3530b Author: Javier Carrasco Date: Mon Oct 21 22:45:30 2024 +0200 usb: typec: use cleanup facility for 'altmodes_node' Use the __free() macro for 'altmodes_node' to automatically release the node when it goes out of scope, removing the need for explicit calls to fwnode_handle_put(). Suggested-by: Heikki Krogerus Signed-off-by: Javier Carrasco Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20241021-typec-class-fwnode_handle_put-v2-2-3281225d3d27@gmail.com Signed-off-by: Greg Kroah-Hartman commit 9581acb91eaf5bbe70086bbb6fca808220d358ba Author: Javier Carrasco Date: Mon Oct 21 22:45:29 2024 +0200 usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() The 'altmodes_node' fwnode_handle is never released after it is no longer required, which leaks the resource. Add the required call to fwnode_handle_put() when 'altmodes_node' is no longer required. Cc: stable@vger.kernel.org Fixes: 7b458a4c5d73 ("usb: typec: Add typec_port_register_altmodes()") Reviewed-by: Heikki Krogerus Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20241021-typec-class-fwnode_handle_put-v2-1-3281225d3d27@gmail.com Signed-off-by: Greg Kroah-Hartman commit b8423a2f5814dbf055ed7c41f25bfe91c2066cbe Author: Javier Carrasco Date: Sun Oct 20 14:56:35 2024 +0200 usb: typec: qcom-pmic-typec: fix missing fwnode removal in error path If drm_dp_hpd_bridge_register() fails, the probe function returns without removing the fwnode via fwnode_handle_put(), leaking the resource. Jump to fwnode_remove if drm_dp_hpd_bridge_register() fails to remove the fwnode acquired with device_get_named_child_node(). Cc: stable@vger.kernel.org Fixes: 7d9f1b72b296 ("usb: typec: qcom-pmic-typec: switch to DRM_AUX_HPD_BRIDGE") Signed-off-by: Javier Carrasco Reviewed-by: Dmitry Baryshkov Acked-by: Bryan O'Donoghue Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20241020-qcom_pmic_typec-fwnode_remove-v2-2-7054f3d2e215@gmail.com Signed-off-by: Greg Kroah-Hartman commit 7f02b8a5b602098f2901166e7e4d583acaed872a Author: Javier Carrasco Date: Sun Oct 20 14:56:34 2024 +0200 usb: typec: qcom-pmic-typec: use fwnode_handle_put() to release fwnodes The right function to release a fwnode acquired via device_get_named_child_node() is fwnode_handle_put(), and not fwnode_remove_software_node(), as no software node is being handled. Replace the calls to fwnode_remove_software_node() with fwnode_handle_put() in qcom_pmic_typec_probe() and qcom_pmic_typec_remove(). Cc: stable@vger.kernel.org Fixes: a4422ff22142 ("usb: typec: qcom: Add Qualcomm PMIC Type-C driver") Suggested-by: Dmitry Baryshkov Signed-off-by: Javier Carrasco Acked-by: Bryan O'Donoghue Reviewed-by: Heikki Krogerus Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20241020-qcom_pmic_typec-fwnode_remove-v2-1-7054f3d2e215@gmail.com Signed-off-by: Greg Kroah-Hartman commit 623dae3e7084a9504e6dc4cf0cb83f305f413b4d Author: Mathias Nyman Date: Thu Oct 24 16:13:55 2024 +0300 usb: acpi: fix boot hang due to early incorrect 'tunneled' USB3 device links Fix a boot hang issue triggered when a USB3 device is incorrectly assumed to be tunneled over USB4, thus attempting to create a device link between the USB3 "consumer" device and the USB4 "supplier" Host Interface before the USB4 side is properly bound to a driver. This could happen if xhci isn't capable of detecting tunneled devices, but ACPI tables contain all info needed to assume device is tunneled. i.e. udev->tunnel_mode == USB_LINK_UNKNOWN. It turns out that even for actual tunneled USB3 devices it can't be assumed that the thunderbolt driver providing the tunnel is loaded before the tunneled USB3 device is created. The tunnel can be created by BIOS and remain in use by thunderbolt/USB4 host driver once it loads. Solve this by making the device link "stateless", which doesn't create a driver presence order dependency between the supplier and consumer drivers. It still guarantees correct suspend/resume and shutdown ordering. cc: Mario Limonciello Fixes: f1bfb4a6fed6 ("usb: acpi: add device link between tunneled USB3 device and USB4 Host Interface") Tested-by: Harry Wentland Signed-off-by: Mathias Nyman Reviewed-by: Mika Westerberg Tested-by: Mario Limonciello Link: https://lore.kernel.org/r/20241024131355.3836538-1-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit f3b311325fa20023fd1e322538388dca2ddb8dc0 Author: Stefan Wahren Date: Fri Oct 25 12:36:13 2024 +0200 Revert "usb: dwc2: Skip clock gating on Broadcom SoCs" The commit d483f034f032 ("usb: dwc2: Skip clock gating on Broadcom SoCs") introduced a regression on Raspberry Pi 3 B Plus, which prevents enumeration of the onboard Microchip LAN7800 in case no external USB device is connected during boot. Fixes: d483f034f032 ("usb: dwc2: Skip clock gating on Broadcom SoCs") Signed-off-by: Stefan Wahren Link: https://lore.kernel.org/r/20241025103621.4780-2-wahrenst@gmx.net Signed-off-by: Greg Kroah-Hartman commit 075919f6df5dd82ad0b1894898b315fbb3c29b84 Author: Faisal Hassan Date: Tue Oct 22 21:26:31 2024 +0530 xhci: Fix Link TRB DMA in command ring stopped completion event During the aborting of a command, the software receives a command completion event for the command ring stopped, with the TRB pointing to the next TRB after the aborted command. If the command we abort is located just before the Link TRB in the command ring, then during the 'command ring stopped' completion event, the xHC gives the Link TRB in the event's cmd DMA, which causes a mismatch in handling command completion event. To address this situation, move the 'command ring stopped' completion event check slightly earlier, since the specific command it stopped on isn't of significant concern. Fixes: 7f84eef0dafb ("USB: xhci: No-op command queueing and irq handler.") Cc: stable@vger.kernel.org Signed-off-by: Faisal Hassan Acked-by: Mathias Nyman Link: https://lore.kernel.org/r/20241022155631.1185-1-quic_faisalh@quicinc.com Signed-off-by: Greg Kroah-Hartman commit 31004740e42846a6f0bb255e6348281df3eb8032 Author: Basavaraj Natikar Date: Thu Oct 24 19:07:18 2024 +0530 xhci: Use pm_runtime_get to prevent RPM on unsupported systems Use pm_runtime_put in the remove function and pm_runtime_get to disable RPM on platforms that don't support runtime D3, as re-enabling it through sysfs auto power control may cause the controller to malfunction. This can lead to issues such as hotplug devices not being detected due to failed interrupt generation. Fixes: a5d6264b638e ("xhci: Enable RPM on controllers that support low-power states") Cc: stable Signed-off-by: Basavaraj Natikar Reviewed-by: Mario Limonciello Link: https://lore.kernel.org/r/20241024133718.723846-1-Basavaraj.Natikar@amd.com Signed-off-by: Greg Kroah-Hartman commit e7cd4b811c9e019f5acbce85699c622b30194c24 Author: Zongmin Zhou Date: Thu Oct 24 10:27:00 2024 +0800 usbip: tools: Fix detach_port() invalid port error path The detach_port() doesn't return error when detach is attempted on an invalid port. Fixes: 40ecdeb1a187 ("usbip: usbip_detach: fix to check for invalid ports") Cc: stable@vger.kernel.org Reviewed-by: Hongren Zheng Reviewed-by: Shuah Khan Signed-off-by: Zongmin Zhou Link: https://lore.kernel.org/r/20241024022700.1236660-1-min_halo@163.com Signed-off-by: Greg Kroah-Hartman commit 722d89c34cc496aadc737e2df40234580fa05877 Author: Alessandro Zanni Date: Mon Oct 28 20:08:44 2024 +0100 selftests/intel_pstate: check if cpupower is installed Running "make kselftest TARGETS=intel_pstate" results in the following errors: - ./run.sh: line 89: cpupower: command not found - ./run.sh: line 91: cpupower: command not found if the cpupower is not installed. Since the test depends on cpupower, this patch stops the test if the cpupower is not installed. Link: https://lore.kernel.org/all/cc01753c8dab0f33669a5a0fc162544078055bd1.1730141362.git.alessandro.zanni87@gmail.com/ Signed-off-by: Alessandro Zanni Signed-off-by: Shuah Khan commit 6553bfcb8499bf5e7e6d07d93f29459198dba798 Author: Alessandro Zanni Date: Mon Oct 28 20:08:43 2024 +0100 selftests/intel_pstate: fix operand expected error Running "make kselftest TARGETS=intel_pstate" results in the following errors: - ./run.sh: line 90: / 1000: syntax error: operand expected (error token is "/ 1000") - ./run.sh: line 92: / 1000: syntax error: operand expected (error token is "/ 1000") This fix allows to have cross-platform compatibility when using arithmetic expression with command substitutions. Link: https://lore.kernel.org/r/f37df23888cd5ea6b3976f19d3e25796129dd090.1730141362.git.alessandro.zanni87@gmail.com Signed-off-by: Alessandro Zanni Signed-off-by: Shuah Khan commit fa0122eaca4f14272fbf76a70d51db78c69091f6 Author: zhouyuhang Date: Mon Oct 28 16:41:32 2024 +0800 selftests/mount_setattr: fix idmap_mount_tree_invalid failed to run Test case idmap_mount_tree_invalid failed to run on the newer kernel with the following output: # RUN mount_setattr_idmapped.idmap_mount_tree_invalid ... # mount_setattr_test.c:1428:idmap_mount_tree_invalid:Expected sys_mount_setattr(open_tree_fd, "", AT_EMPTY_PATH, &attr, sizeof(attr)) (0) ! = 0 (0) # idmap_mount_tree_invalid: Test terminated by assertion This is because tmpfs is mounted at "/mnt/A", and tmpfs already contains the flag FS_ALLOW_IDMAP after the commit 7a80e5b8c6fa ("shmem: support idmapped mounts for tmpfs"). So calling sys_mount_setattr here returns 0 instead of -EINVAL as expected. Ramfs does not support idmap mounts, so we can use it here to test invalid mounts, which allows the test case to pass with the following output: # Starting 1 tests from 1 test cases. # RUN mount_setattr_idmapped.idmap_mount_tree_invalid ... # OK mount_setattr_idmapped.idmap_mount_tree_invalid ok 1 mount_setattr_idmapped.idmap_mount_tree_invalid # PASSED: 1 / 1 tests passed. Link: https://lore.kernel.org/all/20241028084132.3212598-1-zhouyuhang1010@163.com/ Signed-off-by: zhouyuhang Reviewed-by: Christian Brauner Signed-off-by: Shuah Khan commit 5963e0786a3f28cd87c950dec18574bfcceb8335 Merge: 42f7652d3eb527 3cea8af2d1a9ae Author: Greg Kroah-Hartman Date: Tue Oct 29 04:12:04 2024 +0100 Merge tag 'thunderbolt-for-v6.12-rc5' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/westeri/thunderbolt into usb-linus Mika writes: thunderbolt: Fixes for v6.12-rc5 This includes following USB4/Thunderbolt fixes for v6.12-rc5: - Fix KASAN reported stack out-of-bounds read - Honor Time Management Unit (TMU) requirements in the domain when configuring TMU mode of a newly plugged router. Both have been in linux-next with no reported issues. * tag 'thunderbolt-for-v6.12-rc5' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/westeri/thunderbolt: thunderbolt: Honor TMU requirements in the domain when setting TMU mode thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan() commit d0bc3b92fb9b2c3c981984d52fffe8cca77165dc Merge: 4adf613e01bf99 7bd4923940c8d6 Author: Greg Kroah-Hartman Date: Tue Oct 29 04:10:12 2024 +0100 Merge tag 'iio-fixes-for-6.12b' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/jic23/iio into char-misc-next Jonathan writes: IIO: Fixes for 6.12, set 2 Usual mixed back of fixes for ancient bugs and some more recently introduced problems. gts-helper module - Memory leak fixes for this library code to handle complex gain cases. adi,ad7124 - Fix a divide by zero that can be triggered from userspace. adi,ad7380 - Various supply fixes. Includes some minor rework that simplifies the fix though increases the apparent scale of the change. adi,ad9832 - Avoid a potential divide by zero if clk_get_rate() returns 0. adi,ltc2642 - Fix wrong Kconfig regmap dependency. vishay,veml6030 - Fix a scaling problem with decimal part of processed channel. Note that only the illuminance channel is fixed as a larger series of cleanups not suitable for this point in the rc cycle removes the intensity channel anyway. * tag 'iio-fixes-for-6.12b' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/jic23/iio: iio: dac: Kconfig: Fix build error for ltc2664 iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() docs: iio: ad7380: fix supply for ad7380-4 iio: adc: ad7380: fix supplies for ad7380-4 iio: adc: ad7380: add missing supplies iio: adc: ad7380: use devm_regulator_get_enable_read_voltage() dt-bindings: iio: adc: ad7380: fix ad7380-4 reference supply iio: light: veml6030: fix microlux value calculation iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() commit 4adf613e01bf99e1739f6ff3e162ad5b7d578d1a Author: Alexander Usyskin Date: Tue Oct 15 15:31:57 2024 +0300 mei: use kvmalloc for read buffer Read buffer is allocated according to max message size, reported by the firmware and may reach 64K in systems with pxp client. Contiguous 64k allocation may fail under memory pressure. Read buffer is used as in-driver message storage and not required to be contiguous. Use kvmalloc to allow kernel to allocate non-contiguous memory. Fixes: 3030dc056459 ("mei: add wrapper for queuing control commands.") Cc: stable Reported-by: Rohit Agarwal Closes: https://lore.kernel.org/all/20240813084542.2921300-1-rohiagar@chromium.org/ Tested-by: Brian Geffon Signed-off-by: Alexander Usyskin Acked-by: Tomas Winkler Link: https://lore.kernel.org/r/20241015123157.2337026-1-alexander.usyskin@intel.com Signed-off-by: Greg Kroah-Hartman commit cb617e148bb3d50dfbbd44db81227edcee2cd4bc Author: Abylay Ospan Date: Wed Oct 23 16:34:25 2024 +0000 MAINTAINERS: add netup_unidvb maintainer Adding/restoring maintainership for the following drivers: F: drivers/media/pci/netup_unidvb/* F: drivers/media/dvb-frontends/helene* F: drivers/media/dvb-frontends/horus3a* F: drivers/media/dvb-frontends/lnbh25* F: drivers/media/dvb-frontends/ascot2e* F: drivers/media/dvb-frontends/cxd2841er* Signed-off-by: Abylay Ospan Link: https://lore.kernel.org/r/20241023163425.30492-1-aospan@amazon.com Signed-off-by: Greg Kroah-Hartman commit 740be3b9a6d73336f8c7d540842d0831dc7a808b Author: Cong Wang Date: Sat Oct 26 11:55:22 2024 -0700 sock_map: fix a NULL pointer dereference in sock_map_link_update_prog() The following race condition could trigger a NULL pointer dereference: sock_map_link_detach(): sock_map_link_update_prog(): mutex_lock(&sockmap_mutex); ... sockmap_link->map = NULL; mutex_unlock(&sockmap_mutex); mutex_lock(&sockmap_mutex); ... sock_map_prog_link_lookup(sockmap_link->map); mutex_unlock(&sockmap_mutex); Fix it by adding a NULL pointer check. In this specific case, it makes no sense to update a link which is being released. Reported-by: Ruan Bonan Fixes: 699c23f02c65 ("bpf: Add bpf_link support for sk_msg and sk_skb progs") Cc: Yonghong Song Cc: John Fastabend Cc: Jakub Sitnicki Signed-off-by: Cong Wang Link: https://lore.kernel.org/r/20241026185522.338562-1-xiyou.wangcong@gmail.com Signed-off-by: Martin KaFai Lau commit 9a71892cbcdb9d1459c84f5a4c722b14354158a5 Author: Greg Kroah-Hartman Date: Tue Oct 29 01:23:04 2024 +0100 Revert "driver core: Fix uevent_show() vs driver detach race" This reverts commit 15fffc6a5624b13b428bb1c6e9088e32a55eb82c. This commit causes a regression, so revert it for now until it can come back in a way that works for everyone. Link: https://lore.kernel.org/all/172790598832.1168608.4519484276671503678.stgit@dwillia2-xfh.jf.intel.com/ Fixes: 15fffc6a5624 ("driver core: Fix uevent_show() vs driver detach race") Cc: stable Cc: Ashish Sangwan Cc: Namjae Jeon Cc: Dirk Behme Cc: Greg Kroah-Hartman Cc: Rafael J. Wysocki Cc: Dan Williams Signed-off-by: Greg Kroah-Hartman commit 2ef9439f7a19fd3d43b288d38b1c6e55b668a4fe Author: Aleksei Vetrov Date: Mon Oct 28 22:50:30 2024 +0000 ASoC: dapm: fix bounds checker error in dapm_widget_list_create The widgets array in the snd_soc_dapm_widget_list has a __counted_by attribute attached to it, which points to the num_widgets variable. This attribute is used in bounds checking, and if it is not set before the array is filled, then the bounds sanitizer will issue a warning or a kernel panic if CONFIG_UBSAN_TRAP is set. This patch sets the size of the widgets list calculated with list_for_each as the initial value for num_widgets as it is used for allocating memory for the array. It is updated with the actual number of added elements after the array is filled. Signed-off-by: Aleksei Vetrov Fixes: 80e698e2df5b ("ASoC: soc-dapm: Annotate struct snd_soc_dapm_widget_list with __counted_by") Link: https://patch.msgid.link/20241028-soc-dapm-bounds-checker-fix-v1-1-262b0394e89e@google.com Signed-off-by: Mark Brown commit 94c11e852955b2eef5c4f0b36cfeae7dcf11a759 Author: Benjamin Große Date: Sun Oct 20 18:41:28 2024 +0100 usb: add support for new USB device ID 0x17EF:0x3098 for the r8152 driver This patch adds support for another Lenovo Mini dock 0x17EF:0x3098 to the r8152 driver. The device has been tested on NixOS, hotplugging and sleep included. Signed-off-by: Benjamin Große Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241020174128.160898-1-ste3ls@gmail.com Signed-off-by: Jakub Kicinski commit f1e54d11b210b53d418ff1476c6b58a2f434dfc0 Author: Jianbo Liu Date: Mon Oct 21 13:03:09 2024 +0300 macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadata_dst, which is used to store the SCI value for macsec offload, is already freed by metadata_dst_free() in macsec_free_netdev(), while driver still use it for sending the packet. To fix this issue, dst_release() is used instead to release metadata_dst. So it is not freed instantly in macsec_free_netdev() if still referenced by skb. BUG: KASAN: slab-use-after-free in mlx5e_xmit+0x1e8f/0x4190 [mlx5_core] Read of size 2 at addr ffff88813e42e038 by task kworker/7:2/714 [...] Workqueue: mld mld_ifc_work Call Trace: dump_stack_lvl+0x51/0x60 print_report+0xc1/0x600 kasan_report+0xab/0xe0 mlx5e_xmit+0x1e8f/0x4190 [mlx5_core] dev_hard_start_xmit+0x120/0x530 sch_direct_xmit+0x149/0x11e0 __qdisc_run+0x3ad/0x1730 __dev_queue_xmit+0x1196/0x2ed0 vlan_dev_hard_start_xmit+0x32e/0x510 [8021q] dev_hard_start_xmit+0x120/0x530 __dev_queue_xmit+0x14a7/0x2ed0 macsec_start_xmit+0x13e9/0x2340 dev_hard_start_xmit+0x120/0x530 __dev_queue_xmit+0x14a7/0x2ed0 ip6_finish_output2+0x923/0x1a70 ip6_finish_output+0x2d7/0x970 ip6_output+0x1ce/0x3a0 NF_HOOK.constprop.0+0x15f/0x190 mld_sendpack+0x59a/0xbd0 mld_ifc_work+0x48a/0xa80 process_one_work+0x5aa/0xe50 worker_thread+0x79c/0x1290 kthread+0x28f/0x350 ret_from_fork+0x2d/0x70 ret_from_fork_asm+0x11/0x20 Allocated by task 3922: kasan_save_stack+0x20/0x40 kasan_save_track+0x10/0x30 __kasan_kmalloc+0x77/0x90 __kmalloc_noprof+0x188/0x400 metadata_dst_alloc+0x1f/0x4e0 macsec_newlink+0x914/0x1410 __rtnl_newlink+0xe08/0x15b0 rtnl_newlink+0x5f/0x90 rtnetlink_rcv_msg+0x667/0xa80 netlink_rcv_skb+0x12c/0x360 netlink_unicast+0x551/0x770 netlink_sendmsg+0x72d/0xbd0 __sock_sendmsg+0xc5/0x190 ____sys_sendmsg+0x52e/0x6a0 ___sys_sendmsg+0xeb/0x170 __sys_sendmsg+0xb5/0x140 do_syscall_64+0x4c/0x100 entry_SYSCALL_64_after_hwframe+0x4b/0x53 Freed by task 4011: kasan_save_stack+0x20/0x40 kasan_save_track+0x10/0x30 kasan_save_free_info+0x37/0x50 poison_slab_object+0x10c/0x190 __kasan_slab_free+0x11/0x30 kfree+0xe0/0x290 macsec_free_netdev+0x3f/0x140 netdev_run_todo+0x450/0xc70 rtnetlink_rcv_msg+0x66f/0xa80 netlink_rcv_skb+0x12c/0x360 netlink_unicast+0x551/0x770 netlink_sendmsg+0x72d/0xbd0 __sock_sendmsg+0xc5/0x190 ____sys_sendmsg+0x52e/0x6a0 ___sys_sendmsg+0xeb/0x170 __sys_sendmsg+0xb5/0x140 do_syscall_64+0x4c/0x100 entry_SYSCALL_64_after_hwframe+0x4b/0x53 Fixes: 0a28bfd4971f ("net/macsec: Add MACsec skb_metadata_dst Tx Data path support") Signed-off-by: Jianbo Liu Reviewed-by: Patrisious Haddad Reviewed-by: Chris Mi Signed-off-by: Tariq Toukan Reviewed-by: Simon Horman Reviewed-by: Sabrina Dubroca Link: https://patch.msgid.link/20241021100309.234125-1-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit b5abbf612092ebb3e026c0c4756a109d8750f5a5 Merge: b935252cc2983d 5513dc1d8fec92 Author: Jakub Kicinski Date: Mon Oct 28 15:50:57 2024 -0700 Merge branch 'mptcp-sched-fix-some-lock-issues' Matthieu Baerts says: ==================== mptcp: sched: fix some lock issues Two small fixes related to the MPTCP packets scheduler: - Patch 1: add missing rcu_read_(un)lock(). A fix for >= 6.6. And some modifications in the MPTCP selftests: - Patch 2: a small addition to the MPTCP selftests to cover more code. ==================== Link: https://patch.msgid.link/20241021-net-mptcp-sched-lock-v1-0-637759cf061c@kernel.org Signed-off-by: Jakub Kicinski commit 5513dc1d8fec929006548dde4acdabdc54379beb Author: Matthieu Baerts (NGI0) Date: Mon Oct 21 12:25:28 2024 +0200 selftests: mptcp: list sysctl data Listing all the values linked to the MPTCP sysctl knobs was not exercised in MPTCP test suite. Let's do that to avoid any regressions, but also to have a kernel with a debug kconfig verifying more assumptions. For the moment, we are not interested by the output, only to avoid crashes and warnings. Signed-off-by: Matthieu Baerts (NGI0) Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241021-net-mptcp-sched-lock-v1-3-637759cf061c@kernel.org Signed-off-by: Jakub Kicinski commit 3deb12c788c385e17142ce6ec50f769852fcec65 Author: Matthieu Baerts (NGI0) Date: Mon Oct 21 12:25:26 2024 +0200 mptcp: init: protect sched with rcu_read_lock Enabling CONFIG_PROVE_RCU_LIST with its dependence CONFIG_RCU_EXPERT creates this splat when an MPTCP socket is created: ============================= WARNING: suspicious RCU usage 6.12.0-rc2+ #11 Not tainted ----------------------------- net/mptcp/sched.c:44 RCU-list traversed in non-reader section!! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 no locks held by mptcp_connect/176. stack backtrace: CPU: 0 UID: 0 PID: 176 Comm: mptcp_connect Not tainted 6.12.0-rc2+ #11 Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 Call Trace: dump_stack_lvl (lib/dump_stack.c:123) lockdep_rcu_suspicious (kernel/locking/lockdep.c:6822) mptcp_sched_find (net/mptcp/sched.c:44 (discriminator 7)) mptcp_init_sock (net/mptcp/protocol.c:2867 (discriminator 1)) ? sock_init_data_uid (arch/x86/include/asm/atomic.h:28) inet_create.part.0.constprop.0 (net/ipv4/af_inet.c:386) ? __sock_create (include/linux/rcupdate.h:347 (discriminator 1)) __sock_create (net/socket.c:1576) __sys_socket (net/socket.c:1671) ? __pfx___sys_socket (net/socket.c:1712) ? do_user_addr_fault (arch/x86/mm/fault.c:1419 (discriminator 1)) __x64_sys_socket (net/socket.c:1728) do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1)) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) That's because when the socket is initialised, rcu_read_lock() is not used despite the explicit comment written above the declaration of mptcp_sched_find() in sched.c. Adding the missing lock/unlock avoids the warning. Fixes: 1730b2b2c5a5 ("mptcp: add sched in mptcp_sock") Cc: stable@vger.kernel.org Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/523 Reviewed-by: Geliang Tang Signed-off-by: Matthieu Baerts (NGI0) Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241021-net-mptcp-sched-lock-v1-1-637759cf061c@kernel.org Signed-off-by: Jakub Kicinski commit b935252cc2983d3bcb306fef5bf838e255bab631 Author: Levi Zim Date: Mon Oct 21 21:55:49 2024 +0800 docs: networking: packet_mmap: replace dead links with archive.org links The original link returns 404 now. This commit replaces the dead google site link with archive.org link. Signed-off-by: Levi Zim Reviewed-by: Willem de Bruijn Link: https://patch.msgid.link/20241021-packet_mmap_fix_link-v1-1-dffae4a174c0@outlook.com Signed-off-by: Jakub Kicinski commit df745e25098dcb2f706399c0d06dd8d1bab6b6ec Author: Jarkko Sakkinen Date: Mon Oct 28 07:50:01 2024 +0200 tpm: Lazily flush the auth session Move the allocation of chip->auth to tpm2_start_auth_session() so that this field can be used as flag to tell whether auth session is active or not. Instead of flushing and reloading the auth session for every transaction separately, keep the session open unless /dev/tpm0 is used. Reported-by: Pengyu Ma Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219229 Cc: stable@vger.kernel.org # v6.10+ Fixes: 7ca110f2679b ("tpm: Address !chip->auth in tpm_buf_append_hmac_session*()") Tested-by: Pengyu Ma Tested-by: Stefan Berger Reviewed-by: Stefan Berger Signed-off-by: Jarkko Sakkinen commit 935abb86a95def8c20dbb184ce30051db168e541 Author: Alex Deucher Date: Wed Oct 23 09:13:21 2024 -0400 drm/amdgpu/smu13: fix profile reporting The following 3 commits landed in parallel: commit d7d2688bf4ea ("drm/amd/pm: update workload mask after the setting") commit 7a1613e47e65 ("drm/amdgpu/smu13: always apply the powersave optimization") commit 7c210ca5a2d7 ("drm/amdgpu: handle default profile on on devices without fullscreen 3D") While everything is set correctly, this caused the profile to be reported incorrectly because both the powersave and fullscreen3d bits were set in the mask and when the driver prints the profile, it looks for the first bit set. Fixes: d7d2688bf4ea ("drm/amd/pm: update workload mask after the setting") Reviewed-by: Kenneth Feng Signed-off-by: Alex Deucher (cherry picked from commit ecfe9b237687a55d596fff0650ccc8cc455edd3f) Cc: stable@vger.kernel.org commit e42b1a9a2557aa94fee47f078633677198386a52 Merge: 81983758430957 25f00a13dccf8e Author: Linus Torvalds Date: Mon Oct 28 11:16:33 2024 -1000 Merge tag 'spi-fix-v6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi Pull spi fixes from Mark Brown: "A small collection of driver specific fixes for SPI, there's nothing particularly remarkable about any of them" * tag 'spi-fix-v6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi: spi: spi-fsl-dspi: Fix crash when not using GPIO chip select spi: geni-qcom: Fix boot warning related to pm_runtime and devres spi: mtk-snfi: fix kerneldoc for mtk_snand_is_page_ops() spi: stm32: fix missing device mode capability in stm32mp25 commit 4aa923a6e6406b43566ef6ac35a3d9a3197fa3e8 Author: Tvrtko Ursulin Date: Fri Oct 25 15:56:39 2024 +0100 drm/amd/pm: Vangogh: Fix kernel memory out of bounds write KASAN reports that the GPU metrics table allocated in vangogh_tables_init() is not large enough for the memset done in smu_cmn_init_soft_gpu_metrics(). Condensed report follows: [ 33.861314] BUG: KASAN: slab-out-of-bounds in smu_cmn_init_soft_gpu_metrics+0x73/0x200 [amdgpu] [ 33.861799] Write of size 168 at addr ffff888129f59500 by task mangoapp/1067 ... [ 33.861808] CPU: 6 UID: 1000 PID: 1067 Comm: mangoapp Tainted: G W 6.12.0-rc4 #356 1a56f59a8b5182eeaf67eb7cb8b13594dd23b544 [ 33.861816] Tainted: [W]=WARN [ 33.861818] Hardware name: Valve Galileo/Galileo, BIOS F7G0107 12/01/2023 [ 33.861822] Call Trace: [ 33.861826] [ 33.861829] dump_stack_lvl+0x66/0x90 [ 33.861838] print_report+0xce/0x620 [ 33.861853] kasan_report+0xda/0x110 [ 33.862794] kasan_check_range+0xfd/0x1a0 [ 33.862799] __asan_memset+0x23/0x40 [ 33.862803] smu_cmn_init_soft_gpu_metrics+0x73/0x200 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779] [ 33.863306] vangogh_get_gpu_metrics_v2_4+0x123/0xad0 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779] [ 33.864257] vangogh_common_get_gpu_metrics+0xb0c/0xbc0 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779] [ 33.865682] amdgpu_dpm_get_gpu_metrics+0xcc/0x110 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779] [ 33.866160] amdgpu_get_gpu_metrics+0x154/0x2d0 [amdgpu 13b1bc364ec578808f676eba412c20eaab792779] [ 33.867135] dev_attr_show+0x43/0xc0 [ 33.867147] sysfs_kf_seq_show+0x1f1/0x3b0 [ 33.867155] seq_read_iter+0x3f8/0x1140 [ 33.867173] vfs_read+0x76c/0xc50 [ 33.867198] ksys_read+0xfb/0x1d0 [ 33.867214] do_syscall_64+0x90/0x160 ... [ 33.867353] Allocated by task 378 on cpu 7 at 22.794876s: [ 33.867358] kasan_save_stack+0x33/0x50 [ 33.867364] kasan_save_track+0x17/0x60 [ 33.867367] __kasan_kmalloc+0x87/0x90 [ 33.867371] vangogh_init_smc_tables+0x3f9/0x840 [amdgpu] [ 33.867835] smu_sw_init+0xa32/0x1850 [amdgpu] [ 33.868299] amdgpu_device_init+0x467b/0x8d90 [amdgpu] [ 33.868733] amdgpu_driver_load_kms+0x19/0xf0 [amdgpu] [ 33.869167] amdgpu_pci_probe+0x2d6/0xcd0 [amdgpu] [ 33.869608] local_pci_probe+0xda/0x180 [ 33.869614] pci_device_probe+0x43f/0x6b0 Empirically we can confirm that the former allocates 152 bytes for the table, while the latter memsets the 168 large block. Root cause appears that when GPU metrics tables for v2_4 parts were added it was not considered to enlarge the table to fit. The fix in this patch is rather "brute force" and perhaps later should be done in a smarter way, by extracting and consolidating the part version to size logic to a common helper, instead of brute forcing the largest possible allocation. Nevertheless, for now this works and fixes the out of bounds write. v2: * Drop impossible v3_0 case. (Mario) Signed-off-by: Tvrtko Ursulin Fixes: 41cec40bc9ba ("drm/amd/pm: Vangogh: Add new gpu_metrics_v2_4 to acquire gpu_metrics") Cc: Mario Limonciello Cc: Evan Quan Cc: Wenyou Yang Cc: Alex Deucher Reviewed-by: Mario Limonciello Link: https://lore.kernel.org/r/20241025145639.19124-1-tursulin@igalia.com Signed-off-by: Mario Limonciello Signed-off-by: Alex Deucher (cherry picked from commit 0880f58f9609f0200483a49429af0f050d281703) Cc: stable@vger.kernel.org # v6.6+ commit 1b6063a57754eae5705753c01e78dc268b989038 Author: Ovidiu Bunea Date: Fri Oct 11 11:12:19 2024 -0400 Revert "drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35" This reverts commit 9dad21f910fc ("drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35") [why & how] The offending commit exposes a hang with lid close/open behavior. Both issues seem to be related to ODM 2:1 mode switching, so there is another issue generic to that sequence that needs to be investigated. Cc: Mario Limonciello Cc: Alex Deucher Reviewed-by: Nicholas Kazlauskas Signed-off-by: Ovidiu Bunea Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher (cherry picked from commit 68bf95317ebf2cfa7105251e4279e951daceefb7) Cc: stable@vger.kernel.org commit be0e822bb3f5259c7f9424ba97e8175211288813 Author: Christoph Hellwig Date: Mon Oct 28 10:07:48 2024 +0100 block: fix queue limits checks in blk_rq_map_user_bvec for real blk_rq_map_user_bvec currently only has ad-hoc checks for queue limits, and the last fix to it enabled valid NVMe I/O to pass, but also allowed invalid one for drivers that set a max_segment_size or seg_boundary limit. Fix it once for all by using the bio_split_rw_at helper from the I/O path that indicates if and where a bio would be have to be split to adhere to the queue limits, and it returns a positive value, turn that into -EREMOTEIO to retry using the copy path. Fixes: 2ff949441802 ("block: fix sanity checks in blk_rq_map_user_bvec") Signed-off-by: Christoph Hellwig Reviewed-by: John Garry Link: https://lore.kernel.org/r/20241028090840.446180-1-hch@lst.de Signed-off-by: Jens Axboe commit 746ae46c11137ba21f0c0c68f082a9d8c1222c78 Author: Matthew Brost Date: Wed Oct 23 16:59:17 2024 -0700 drm/sched: Mark scheduler work queues with WQ_MEM_RECLAIM drm_gpu_scheduler.submit_wq is used to submit jobs, jobs are in the path of dma-fences, and dma-fences are in the path of reclaim. Mark scheduler work queue with WQ_MEM_RECLAIM to ensure forward progress during reclaim; without WQ_MEM_RECLAIM, work queues cannot make forward progress during reclaim. v2: - Fixes tags (Philipp) - Reword commit message (Philipp) Cc: Luben Tuikov Cc: Danilo Krummrich Cc: Philipp Stanner Cc: stable@vger.kernel.org Fixes: 34f50cc6441b ("drm/sched: Use drm sched lockdep map for submit_wq") Fixes: a6149f039369 ("drm/sched: Convert drm scheduler to use a work queue rather than kthread") Signed-off-by: Matthew Brost Acked-by: Nirmoy Das Reviewed-by: Philipp Stanner Link: https://patchwork.freedesktop.org/patch/msgid/20241023235917.1836428-1-matthew.brost@intel.com Signed-off-by: Rodrigo Vivi commit c1895ba181e560144601fafe46aeedbafdf4dbc4 Author: Hans de Goede Date: Sat Oct 26 16:36:15 2024 +0200 ASoC: Intel: sst: Fix used of uninitialized ctx to log an error Fix the new "LPE0F28" code path using the uninitialized ctx variable to log an error. Fixes: 6668610b4d8c ("ASoC: Intel: sst: Support LPE0F28 ACPI HID") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202410261106.EBx49ssy-lkp@intel.com/ Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20241026143615.171821-1-hdegoede@redhat.com Signed-off-by: Mark Brown commit a5384c426744ebe41dafc6e5fa3acecc05e43462 Author: Ian Rogers Date: Fri Oct 25 22:54:48 2024 -0700 perf cap: Add __NR_capget to arch/x86 unistd As there are duplicated kernel headers in tools/include libc can pick up the wrong definitions. This was causing the wrong system call for capget in perf. Reported-by: Adrian Hunter Fixes: e25ebda78e230283 ("perf cap: Tidy up and improve capability testing") Closes: https://lore.kernel.org/lkml/cc7d6bdf-1aeb-4179-9029-4baf50b59342@intel.com/ Signed-off-by: Ian Rogers Tested-by: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20241026055448.312247-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 55f1b540d893da740a81200450014c45a8103f54 Author: Arnaldo Carvalho de Melo Date: Mon Oct 28 12:24:37 2024 -0300 tools headers: Update the linux/unaligned.h copy with the kernel sources To pick up the changes in: 7f053812dab3946c ("random: vDSO: minimize and simplify header includes") That required adding a copy of include/vdso/unaligned.h and its checking in tools/perf/check-headers.h. Addressing this perf tools build warning: Warning: Kernel ABI header differences: diff -u tools/include/linux/unaligned.h include/linux/unaligned.h Please see tools/include/uapi/README for further details. Cc: Adrian Hunter Cc: Christophe Leroy Cc: Ian Rogers Cc: Jason A. Donenfeld Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/Zx-uHvAbPAESofEN@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 93e4b86b3e74e19c95b762cfeb42baa0a94f212f Author: Arnaldo Carvalho de Melo Date: Mon Oct 28 11:13:57 2024 -0300 tools headers arm64: Sync arm64's cputype.h with the kernel sources To get the changes in: 924725707d80bc25 ("arm64: cputype: Add Neoverse-N3 definitions") That makes this perf source code to be rebuilt: CC /tmp/build/perf-tools/util/arm-spe.o The changes in the above patch add MIDR_NEOVERSE_N3, that probably need changes in arm-spe.c, so probably we need to add it to that array? Or maybe we need to leave this for later when this is all tested on those machines? static const struct midr_range neoverse_spe[] = { MIDR_ALL_VERSIONS(MIDR_NEOVERSE_N1), MIDR_ALL_VERSIONS(MIDR_NEOVERSE_N2), MIDR_ALL_VERSIONS(MIDR_NEOVERSE_V1), {}, }; Mark Rutland recommended about arm-spe.c in a previous update to this file: "I would not touch this for now -- someone would have to go audit the TRMs to check that those other cores have the same encoding, and I think it'd be better to do that as a follow-up." That addresses this perf build warning: Warning: Kernel ABI header differences: diff -u tools/arch/arm64/include/asm/cputype.h arch/arm64/include/asm/cputype.h Cc: Adrian Hunter Cc: Catalin Marinas Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/Zx-dffKdGsgkhG96@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 21a3a3d015aeee2402d14b425197d70aa3bd0d91 Author: Arnaldo Carvalho de Melo Date: Mon Oct 28 10:55:09 2024 -0300 tools headers: Synchronize {uapi/}linux/bits.h with the kernel sources To pick up the changes in this cset: 947697c6f0f75f98 ("uapi: Define GENMASK_U128") This addresses these perf build warnings: Warning: Kernel ABI header differences: diff -u tools/include/uapi/linux/bits.h include/uapi/linux/bits.h diff -u tools/include/linux/bits.h include/linux/bits.h Please see tools/include/uapi/README for further details. Acked-by: Yury Norov Cc: Adrian Hunter Cc: Anshuman Khandual Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/Zx-ZVH7bHqtFn8Dv@x1 Signed-off-by: Arnaldo Carvalho de Melo commit cc7d8594342a25693d40fe96f97e5c6c29ee609c Author: Jarkko Sakkinen Date: Mon Oct 28 07:50:00 2024 +0200 tpm: Rollback tpm2_load_null() Do not continue on tpm2_create_primary() failure in tpm2_load_null(). Cc: stable@vger.kernel.org # v6.10+ Fixes: eb24c9788cd9 ("tpm: disable the TPM if NULL name changes") Reviewed-by: Stefan Berger Signed-off-by: Jarkko Sakkinen commit d658d59471ed80c4a8aaf082ccc3e83cdf5ae4c1 Author: Jarkko Sakkinen Date: Mon Oct 28 07:49:59 2024 +0200 tpm: Return tpm2_sessions_init() when null key creation fails Do not continue tpm2_sessions_init() further if the null key pair creation fails. Cc: stable@vger.kernel.org # v6.10+ Fixes: d2add27cf2b8 ("tpm: Add NULL primary creation") Reviewed-by: Stefan Berger Signed-off-by: Jarkko Sakkinen commit 54962707f8b8b53812d3d7fca279a68c6e18faae Author: Cristian Marussi Date: Mon Oct 28 12:01:51 2024 +0000 firmware: arm_scmi: Use vendor string in max-rx-timeout-ms The original optional property was missing a vendor string prefix; this has been rectified. Fix the naming of such optional property in code too. Cc: Peng Fan Fixes: 1780e411ef94 ("firmware: arm_scmi: Use max-rx-timeout-ms from devicetree") Signed-off-by: Cristian Marussi Message-Id: <20241028120151.1301177-8-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit 7bf46ec090b9e6c9ab08d8006b4eefba2cd5a7f5 Author: Cristian Marussi Date: Mon Oct 28 12:01:50 2024 +0000 dt-bindings: firmware: arm,scmi: Add missing vendor string Recently introduced max-rx-timeout-ms optionao property is missing a vendor prefix. Add the vendor prefix so that it aligns with the new properties that are about to get added soon. Fixes: 3a5e6ab06eab ("dt-bindings: firmware: arm,scmi: Introduce property max-rx-timeout-ms") Signed-off-by: Cristian Marussi Message-Id: <20241028120151.1301177-7-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit c749d9b7ebbc5716af7a95f7768634b30d9446ec Author: Hugh Dickins Date: Sun Oct 27 15:23:23 2024 -0700 iov_iter: fix copy_page_from_iter_atomic() if KMAP_LOCAL_FORCE_MAP generic/077 on x86_32 CONFIG_DEBUG_KMAP_LOCAL_FORCE_MAP=y with highmem, on huge=always tmpfs, issues a warning and then hangs (interruptibly): WARNING: CPU: 5 PID: 3517 at mm/highmem.c:622 kunmap_local_indexed+0x62/0xc9 CPU: 5 UID: 0 PID: 3517 Comm: cp Not tainted 6.12.0-rc4 #2 ... copy_page_from_iter_atomic+0xa6/0x5ec generic_perform_write+0xf6/0x1b4 shmem_file_write_iter+0x54/0x67 Fix copy_page_from_iter_atomic() by limiting it in that case (include/linux/skbuff.h skb_frag_must_loop() does similar). But going forward, perhaps CONFIG_DEBUG_KMAP_LOCAL_FORCE_MAP is too surprising, has outlived its usefulness, and should just be removed? Fixes: 908a1ad89466 ("iov_iter: Handle compound highmem pages in copy_page_from_iter_atomic()") Signed-off-by: Hugh Dickins Link: https://lore.kernel.org/r/dd5f0c89-186e-18e1-4f43-19a60f5a9774@google.com Reviewed-by: Christoph Hellwig Cc: stable@vger.kernel.org Signed-off-by: Christian Brauner commit d221b844ee79823ffc29b7badc4010bdb0960224 Author: Christophe JAILLET Date: Sat Oct 26 22:46:34 2024 +0200 ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() If devm_gpiod_get_optional() fails, we need to disable previously enabled regulators, as done in the other error handling path of the function. Also, gpiod_set_value_cansleep(, 1) needs to be called to undo a potential gpiod_set_value_cansleep(, 0). If the "reset" gpio is not defined, this additional call is just a no-op. This behavior is the same as the one already in the .remove() function. Fixes: 11b9cd748e31 ("ASoC: cs42l51: add reset management") Signed-off-by: Christophe JAILLET Reviewed-by: Charles Keepax Link: https://patch.msgid.link/a5e5f4b9fb03f46abd2c93ed94b5c395972ce0d1.1729975570.git.christophe.jaillet@wanadoo.fr Signed-off-by: Mark Brown commit f19910006effbd08398de79ca0233ea7e480616a Author: Ian Kent Date: Mon Oct 28 06:47:17 2024 +0800 autofs: fix thinko in validate_dev_ioctl() I was so sure the per-dentry expire timeout patch worked ok but my testing was flawed. In validate_dev_ioctl() the check for ioctl AUTOFS_DEV_IOCTL_TIMEOUT_CMD should use the ioctl number not the passed in ioctl command. Fixes: 433f9d76a010 ("autofs: add per dentry expire timeout") Cc: # mainline only Signed-off-by: Ian Kent Link: https://lore.kernel.org/r/20241027224732.5507-1-raven@themaw.net Signed-off-by: Christian Brauner commit c4dedaaeb3f78d3718e9c1b1e4d972a6b99073cd Author: Ben Chuang Date: Fri Oct 25 14:00:17 2024 +0800 mmc: sdhci-pci-gli: GL9767: Fix low power mode in the SD Express process When starting the SD Express process, the low power negotiation mode will be disabled, so we need to re-enable it after switching back to SD mode. Fixes: 0e92aec2efa0 ("mmc: sdhci-pci-gli: Add support SD Express card for GL9767") Signed-off-by: Ben Chuang Cc: stable@vger.kernel.org Message-ID: <20241025060017.1663697-2-benchuanggli@gmail.com> Signed-off-by: Ulf Hansson commit 8c68b5656e55e9324875881f1000eb4ee3603a87 Author: Ben Chuang Date: Fri Oct 25 14:00:16 2024 +0800 mmc: sdhci-pci-gli: GL9767: Fix low power mode on the set clock function On sdhci_gl9767_set_clock(), the vendor header space(VHS) is read-only after calling gl9767_disable_ssc_pll() and gl9767_set_ssc_pll_205mhz(). So the low power negotiation mode cannot be enabled again. Introduce gl9767_set_low_power_negotiation() function to fix it. The explanation process is as below. static void sdhci_gl9767_set_clock() { ... gl9767_vhs_write(); ... value |= PCIE_GLI_9767_CFG_LOW_PWR_OFF; pci_write_config_dword(pdev, PCIE_GLI_9767_CFG, value); <--- (a) gl9767_disable_ssc_pll(); <--- (b) sdhci_writew(host, 0, SDHCI_CLOCK_CONTROL); if (clock == 0) return; <-- (I) ... if (clock == 200000000 && ios->timing == MMC_TIMING_UHS_SDR104) { ... gl9767_set_ssc_pll_205mhz(); <--- (c) } ... value &= ~PCIE_GLI_9767_CFG_LOW_PWR_OFF; pci_write_config_dword(pdev, PCIE_GLI_9767_CFG, value); <-- (II) gl9767_vhs_read(); } (a) disable low power negotiation mode. When return on (I), the low power mode is disabled. After (b) and (c), VHS is read-only, the low power mode cannot be enabled on (II). Reported-by: Georg Gottleuber Fixes: d2754355512e ("mmc: sdhci-pci-gli: Set SDR104's clock to 205MHz and enable SSC for GL9767") Signed-off-by: Ben Chuang Tested-by: Georg Gottleuber Cc: stable@vger.kernel.org Message-ID: <20241025060017.1663697-1-benchuanggli@gmail.com> Signed-off-by: Ulf Hansson commit 96d8569563916fe2f8fe17317e20e43f54f9ba4b Author: Hans Verkuil Date: Thu Oct 24 10:21:30 2024 +0200 media: vivid: fix buffer overwrite when using > 32 buffers The maximum number of buffers that can be requested was increased to 64 for the video capture queue. But video capture used a must_blank array that was still sized for 32 (VIDEO_MAX_FRAME). This caused an out-of-bounds write when using buffer indices >= 32. Create a new define MAX_VID_CAP_BUFFERS that is used to access the must_blank array and set max_num_buffers for the video capture queue. This solves a crash reported by: https://bugzilla.kernel.org/show_bug.cgi?id=219258 Signed-off-by: Hans Verkuil Fixes: cea70ed416b4 ("media: test-drivers: vivid: Increase max supported buffers for capture queues") Cc: stable@vger.kernel.org commit 3abab905b14f4ba756d413f37f1fb02b708eee93 Author: Jinjie Ruan Date: Mon Oct 28 08:28:30 2024 +0900 ksmbd: Fix the missing xa_store error check xa_store() can fail, it return xa_err(-EINVAL) if the entry cannot be stored in an XArray, or xa_err(-ENOMEM) if memory allocation failed, so check error for xa_store() to fix it. Cc: stable@vger.kernel.org Fixes: b685757c7b08 ("ksmbd: Implements sess->rpc_handle_list as xarray") Signed-off-by: Jinjie Ruan Acked-by: Namjae Jeon Signed-off-by: Steve French commit c38a04ecb6ac25c0c8786b5c5bfa4724ee483d67 Author: Miguel Ojeda Date: Sun Oct 27 15:56:36 2024 +0100 kbuild: rust: avoid errors with old `rustc`s without LLVM patch version Some old versions of `rustc` did not report the LLVM version without the patch version, e.g.: $ rustc --version --verbose rustc 1.48.0 (7eac88abb 2020-11-16) binary: rustc commit-hash: 7eac88abb2e57e752f3302f02be5f3ce3d7adfb4 commit-date: 2020-11-16 host: x86_64-unknown-linux-gnu release: 1.48.0 LLVM version: 11.0 Which would make the new `scripts/rustc-llvm-version.sh` fail and, in turn, the build: $ make LLVM=1 SYNC include/config/auto.conf.cmd ./scripts/rustc-llvm-version.sh: 13: arithmetic expression: expecting primary: "10000 * 10 + 100 * 0 + " init/Kconfig:83: syntax error init/Kconfig:83: invalid statement make[3]: *** [scripts/kconfig/Makefile:85: syncconfig] Error 1 make[2]: *** [Makefile:679: syncconfig] Error 2 make[1]: *** [/home/cam/linux/Makefile:780: include/config/auto.conf.cmd] Error 2 make: *** [Makefile:224: __sub-make] Error 2 Since we do not need to support such binaries, we can avoid adding logic for computing `rustc`'s LLVM version for those old binaries. Thus, instead, just make the match stricter. Other `rustc` binaries (even newer) did not report the LLVM version at all, but that was fine, since it would not match "LLVM", e.g.: $ rustc --version --verbose rustc 1.49.0 (e1884a8e3 2020-12-29) binary: rustc commit-hash: e1884a8e3c3e813aada8254edfa120e85bf5ffca commit-date: 2020-12-29 host: x86_64-unknown-linux-gnu release: 1.49.0 Cc: Thorsten Leemhuis Cc: Gary Guo Reported-by: Cameron MacPherson Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219423 Fixes: af0121c2d303 ("kbuild: rust: add `CONFIG_RUSTC_LLVM_VERSION`") Tested-by: Cameron MacPherson Reviewed-by: Nathan Chancellor Tested-by: Nathan Chancellor Link: https://lore.kernel.org/r/20241027145636.416030-1-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit 81983758430957d9a5cb3333fe324fd70cf63e7e Author: Linus Torvalds Date: Sun Oct 27 12:52:02 2024 -1000 Linux 6.12-rc5 commit ea1fda89f5b23734e10c62762990120d5ae23c43 Merge: f69a1accfe2e2e 88a921aa3c6b00 Author: Linus Torvalds Date: Sun Oct 27 09:01:36 2024 -1000 Merge tag 'x86_urgent_for_v6.12_rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fixes from Borislav Petkov: - Prevent a certain range of pages which get marked as hypervisor-only, to get allocated to a CoCo (SNP) guest which cannot use them and thus fail booting - Fix the microcode loader on AMD to pay attention to the stepping of a patch and to handle the case where a BIOS config option splits the machine into logical NUMA nodes per L3 cache slice - Disable LAM from being built by default due to security concerns * tag 'x86_urgent_for_v6.12_rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/sev: Ensure that RMP table fixups are reserved x86/microcode/AMD: Split load_microcode_amd() x86/microcode/AMD: Pay attention to the stepping dynamically x86/lam: Disable ADDRESS_MASKING in most cases commit f69a1accfe2e2ee2c43096abd9080b1fdb0c894d Merge: 284a2f89967640 a574e7f80e86c7 Author: Linus Torvalds Date: Sun Oct 27 08:56:22 2024 -1000 Merge tag 'ftrace-v6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull ftrace fixes from Steven Rostedt: - Fix missing mutex unlock in error path of register_ftrace_graph() A previous fix added a return on an error path and forgot to unlock the mutex. Instead of dealing with error paths, use guard(mutex) as the mutex is just released at the exit of the function anyway. Other functions in this file should be updated with this, but that's a cleanup and not a fix. - Change cpuhp setup name to be consistent with other cpuhp states The same fix that the above patch fixes added a cpuhp_setup_state() call with the name of "fgraph_idle_init". I was informed that it should instead be something like: "fgraph:online". Update that too. * tag 'ftrace-v6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: fgraph: Change the name of cpuhp state to "fgraph:online" fgraph: Fix missing unlock in register_ftrace_graph() commit 284a2f899676407b5bed8c1fb37eb9d636e5477d Merge: 7bec4657b0c935 b012170fed2821 Author: Linus Torvalds Date: Sun Oct 27 08:40:33 2024 -1000 Merge tag 'platform-drivers-x86-v6.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86 Pull x86 platform driver fixes from Hans de Goede: - Asus thermal profile fix, fixing performance issues on Lunar Lake - Intel PMC: one revert for a lockdep issue and one bugfix - Dell WMI: Ignore some WMI events on suspend/resume to silence warnings * tag 'platform-drivers-x86-v6.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86: platform/x86: asus-wmi: Fix thermal profile initialization platform/x86: dell-wmi: Ignore suspend notifications platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses platform/x86:intel/pmc: Revert "Enable the ACPI PM Timer to be turned off when suspended" commit 7bec4657b0c9355f235a3dc60578bc200146aabd Merge: 75f8b2f52632fb f6a6780e0b9bbc Author: Linus Torvalds Date: Sun Oct 27 08:36:01 2024 -1000 Merge tag 'firewire-fixes-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394 Pull firewire fix from Takashi Sakamoto: "A single commit to resolve a regression existing in v6.11 or later. The change in 1394 OHCI driver in v6.11 kernel could cause general protection faults when rediscovering nodes in IEEE 1394 bus while holding a spin lock. Consequently, watchdog checks can report a hard lockup. Currently, this issue is observed primarily during the system resume phase when using an extra node with three ports or more is used. However, it could potentially occur in the other cases as well" * tag 'firewire-fixes-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394: firewire: core: fix invalid port index for parent device commit 75f8b2f52632fbbbbabc5e9c3a6f820282ff8920 Merge: a8b3be2617d677 2ff949441802a8 Author: Linus Torvalds Date: Sun Oct 27 08:29:36 2024 -1000 Merge tag 'block-6.12-20241026' of git://git.kernel.dk/linux Pull block fixes from Jens Axboe: - Pull request for MD via Song fixing a few issues - Fix a wrong check in blk_rq_map_user_bvec(), causing IO errors on passthrough IO (Xinyu) * tag 'block-6.12-20241026' of git://git.kernel.dk/linux: block: fix sanity checks in blk_rq_map_user_bvec md/raid10: fix null ptr dereference in raid10_size() md: ensure child flush IO does not affect origin bio->bi_status commit a8b3be2617d677796e576cc64d4ad9de45dfaf14 Merge: 850925a8133c73 4a201dcfa1ff0d Author: Linus Torvalds Date: Sun Oct 27 08:23:49 2024 -1000 Merge tag 'xfs-6.12-fixes-5' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux Pull xfs fixes from Carlos Maiolino: - Fix recovery of allocator ops after a growfs - Do not fail repairs on metadata files with no attr fork * tag 'xfs-6.12-fixes-5' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: xfs: update the pag for the last AG at recovery time xfs: don't use __GFP_RETRY_MAYFAIL in xfs_initialize_perag xfs: error out when a superblock buffer update reduces the agcount xfs: update the file system geometry after recoverying superblock buffers xfs: merge the perag freeing helpers xfs: pass the exact range to initialize to xfs_initialize_perag xfs: don't fail repairs on metadata files with no attr fork commit e6c24e2d05bb05de96ffb9bdb0ee62d20ad526f8 Author: Marc Zyngier Date: Sun Oct 27 10:22:20 2024 +0000 irqchip/gic-v4: Correctly deal with set_affinity on lazily-mapped VPEs Zenghui points out that a recent change to the way set_affinity is handled for VPEs has the potential to return an error if the VPE hasn't been mapped yet (because the guest hasn't emited a MAPTI command yet), affecting GICv4.0 implementations that rely on the ITSList feature. Fix this by making the set_affinity succeed in this case, and return early, without trying to touch the HW. Fixes: 1442ee0011983 ("irqchip/gic-v4: Don't allow a VMOVP on a dying VPE") Reported-by: Zenghui Yu Signed-off-by: Marc Zyngier Signed-off-by: Thomas Gleixner Reviewed-by: Zenghui Yu Link: https://lore.kernel.org/all/20241027102220.1858558-1-maz@kernel.org Link: https://lore.kernel.org/r/aab45cd3-e5ca-58cf-e081-e32a17f5b4e7@huawei.com commit 5f994f534120f47432092fb36f5cb0c7a80ed2bf Author: Jinjie Ruan Date: Sat Oct 26 14:36:39 2024 +0800 genirq/msi: Fix off-by-one error in msi_domain_alloc() The error path in msi_domain_alloc(), frees the already allocated MSI interrupts in a loop, but the loop condition terminates when the index reaches zero, which fails to free the first allocated MSI interrupt at index zero. Check for >= 0 so that msi[0] is freed as well. Fixes: f3cf8bb0d6c3 ("genirq: Add generic msi irq domain support") Signed-off-by: Jinjie Ruan Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20241026063639.10711-1-ruanjinjie@huawei.com commit b5413156bad91dc2995a5c4eab1b05e56914638a Author: Benjamin Segall Date: Fri Oct 25 18:35:35 2024 -0700 posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone When cloning a new thread, its posix_cputimers are not inherited, and are cleared by posix_cputimers_init(). However, this does not clear the tick dependency it creates in tsk->tick_dep_mask, and the handler does not reach the code to clear the dependency if there were no timers to begin with. Thus if a thread has a cputimer running before clone/fork, all descendants will prevent nohz_full unless they create a cputimer of their own. Fix this by entirely clearing the tick_dep_mask in copy_process(). (There is currently no inherited state that needs a tick dependency) Process-wide timers do not have this problem because fork does not copy signal_struct as a baseline, it creates one from scratch. Fixes: b78783000d5c ("posix-cpu-timers: Migrate to use new tick dependency mask model") Signed-off-by: Ben Segall Signed-off-by: Thomas Gleixner Reviewed-by: Frederic Weisbecker Cc: stable@vger.kernel.org Link: https://lore.kernel.org/all/xm26o737bq8o.fsf@google.com commit f6a6780e0b9bbcf311a727afed06fee533a5e957 Author: Takashi Sakamoto Date: Fri Oct 25 12:41:37 2024 +0900 firewire: core: fix invalid port index for parent device In a commit 24b7f8e5cd65 ("firewire: core: use helper functions for self ID sequence"), the enumeration over self ID sequence was refactored with some helper functions with KUnit tests. These helper functions are guaranteed to work expectedly by the KUnit tests, however their application includes a mistake to assign invalid value to the index of port connected to parent device. This bug affects the case that any extra node devices which has three or more ports are connected to 1394 OHCI controller. In the case, the path to update the tree cache could hits WARN_ON(), and gets general protection fault due to the access to invalid address computed by the invalid value. This commit fixes the bug to assign correct port index. Cc: stable@vger.kernel.org Reported-by: Edmund Raile Closes: https://lore.kernel.org/lkml/8a9902a4ece9329af1e1e42f5fea76861f0bf0e8.camel@proton.me/ Fixes: 24b7f8e5cd65 ("firewire: core: use helper functions for self ID sequence") Link: https://lore.kernel.org/r/20241025034137.99317-1-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit b012170fed282151f7ba8988a347670c299f5ab3 Author: Armin Wolf Date: Fri Oct 25 21:15:13 2024 +0200 platform/x86: asus-wmi: Fix thermal profile initialization When support for vivobook fan profiles was added, the initial call to throttle_thermal_policy_set_default() was removed, which however is necessary for full initialization. Fix this by calling throttle_thermal_policy_set_default() again when setting up the platform profile. Fixes: bcbfcebda2cb ("platform/x86: asus-wmi: add support for vivobook fan profiles") Reported-by: Michael Larabel Closes: https://www.phoronix.com/review/lunar-lake-xe2/5 Signed-off-by: Armin Wolf Link: https://lore.kernel.org/r/20241025191514.15032-2-W_Armin@gmx.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 9c70b2a33cd2aa6a5a59c5523ef053bd42265209 Author: Shawn Wang Date: Fri Oct 25 10:22:08 2024 +0800 sched/numa: Fix the potential null pointer dereference in task_numa_work() When running stress-ng-vm-segv test, we found a null pointer dereference error in task_numa_work(). Here is the backtrace: [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020 ...... [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se ...... [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--) [323676.067115] pc : vma_migratable+0x1c/0xd0 [323676.067122] lr : task_numa_work+0x1ec/0x4e0 [323676.067127] sp : ffff8000ada73d20 [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010 [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000 [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000 [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8 [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035 [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8 [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4 [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001 [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000 [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000 [323676.067152] Call trace: [323676.067153] vma_migratable+0x1c/0xd0 [323676.067155] task_numa_work+0x1ec/0x4e0 [323676.067157] task_work_run+0x78/0xd8 [323676.067161] do_notify_resume+0x1ec/0x290 [323676.067163] el0_svc+0x150/0x160 [323676.067167] el0t_64_sync_handler+0xf8/0x128 [323676.067170] el0t_64_sync+0x17c/0x180 [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000) [323676.067177] SMP: stopping secondary CPUs [323676.070184] Starting crashdump kernel... stress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error handling function of the system, which tries to cause a SIGSEGV error on return from unmapping the whole address space of the child process. Normally this program will not cause kernel crashes. But before the munmap system call returns to user mode, a potential task_numa_work() for numa balancing could be added and executed. In this scenario, since the child process has no vma after munmap, the vma_next() in task_numa_work() will return a null pointer even if the vma iterator restarts from 0. Recheck the vma pointer before dereferencing it in task_numa_work(). Fixes: 214dbc428137 ("sched: convert to vma iterator") Signed-off-by: Shawn Wang Signed-off-by: Peter Zijlstra (Intel) Cc: stable@vger.kernel.org # v6.2+ Link: https://lkml.kernel.org/r/20241025022208.125527-1-shawnwang@linux.alibaba.com commit dd41b283ef2f028e414312706b48f2880b7050b5 Author: Eric Biggers Date: Sun Oct 20 11:02:58 2024 -0700 crypto: mips/crc32 - fix the CRC32C implementation Commit ca459e5f826f ("crypto: mips/crc32 - Clean up useless assignment operations") changed crc32c_mips_le_hw() to use the instructions that use the "regular" CRC32 polynomial instead of the Castagnoli polynomial. Therefore it can't be computing CRC32C values correctly anymore. I haven't been successful in running a MIPS kernel in QEMU, but based on code review this is the fix that is needed. Fixes: ca459e5f826f ("crypto: mips/crc32 - Clean up useless assignment operations") Cc: Guan Wentao Cc: WangYuli Signed-off-by: Eric Biggers Acked-by: Wentao Guan Acked-by: WangYuli Signed-off-by: Herbert Xu commit 2860586c588ad2dd8747e85ab43c4cf58bb066f4 Author: Dmitry Torokhov Date: Fri Oct 4 07:07:08 2024 -0700 Input: adp5588-keys - do not try to disable interrupt 0 Commit dc748812fca0 ("Input: adp5588-keys - add support for pure gpio") made having interrupt line optional for the device, however it neglected to update suspend and resume handlers that try to disable interrupts for the duration of suspend. Fix this by checking if interrupt number assigned to the i2c device is not 0 before trying to disable or reenable it. Fixes: dc748812fca0 ("Input: adp5588-keys - add support for pure gpio") Link: https://lore.kernel.org/r/Zv_2jEMYSWDw2gKs@google.com Signed-off-by: Dmitry Torokhov commit cf44e745048df2c935cb37de16e0ca476003a3b1 Author: Gustavo A. R. Silva Date: Fri Oct 25 16:05:50 2024 -0600 wifi: mac80211: ieee80211_i: Fix memory corruption bug in struct ieee80211_chanctx Move the `struct ieee80211_chanctx_conf conf` to the end of `struct ieee80211_chanctx` and fix a memory corruption bug triggered e.g. in `hwsim_set_chanctx_magic()`: `radar_detected` is being overwritten when `cp->magic = HWSIM_CHANCTX_MAGIC;` See the function call sequence below: drv_add_chanctx(... struct ieee80211_chanctx *ctx) -> local->ops->add_chanctx(&local->hw, &ctx->conf) -> mac80211_hwsim_add_chanctx(... struct ieee80211_chanctx_conf *ctx) -> hwsim_set_chanctx_magic(ctx) This also happens in a number of other drivers. Also, add a code comment to try to prevent people from introducing new members after `struct ieee80211_chanctx_conf conf`. Notice that `struct ieee80211_chanctx_conf` is a flexible structure --a structure that contains a flexible-array member, so it should always be at the end of any other containing structures. This change also fixes 50 of the following warnings: net/mac80211/ieee80211_i.h:895:39: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] -Wflex-array-member-not-at-end was introduced in GCC-14, and we are getting ready to enable it, globally. Fixes: bca8bc0399ac ("wifi: mac80211: handle ieee80211_radar_detected() for MLO") Signed-off-by: Gustavo A. R. Silva Link: https://patch.msgid.link/ZxwWPrncTeSi1UTq@kspp [also refer to other drivers in commit message] Signed-off-by: Johannes Berg commit 850925a8133c73c4a2453c360b2c3beb3bab67c9 Merge: c71f8fb4dc9110 be2ca382537208 Author: Linus Torvalds Date: Fri Oct 25 15:25:02 2024 -0700 Merge tag '9p-for-6.12-rc5' of https://github.com/martinetd/linux Pull more 9p reverts from Dominique Martinet: "Revert patches causing inode collision problems. The code simplification introduced significant regressions on servers that do not remap inode numbers when exporting multiple underlying filesystems with colliding inodes. See the top-most revert (commit be2ca3825372) for details. This problem had been ignored for too long and the reverts will also head to stable (6.9+). I'm confident this set of patches gets us back to previous behaviour (another related patch had already been reverted back in April and we're almost back to square 1, and the rest didn't touch inode lifecycle)" * tag '9p-for-6.12-rc5' of https://github.com/martinetd/linux: Revert "fs/9p: simplify iget to remove unnecessary paths" Revert "fs/9p: fix uaf in in v9fs_stat2inode_dotl" Revert "fs/9p: remove redundant pointer v9ses" Revert " fs/9p: mitigate inode collisions" commit c31f2ee5cd7da3086eb4fbeef9f3afdc8e01d36b Author: Tejun Heo Date: Fri Oct 25 12:19:06 2024 -1000 sched_ext: Fix enq_last_no_enq_fails selftest cc9877fb7677 ("sched_ext: Improve error reporting during loading") changed how load failures are reported so that more error context can be communicated. This breaks the enq_last_no_enq_fails test as attach no longer fails. The scheduler is guaranteed to be ejected on attach completion with full error information. Update enq_last_no_enq_fails so that it checks that the scheduler is ejected using ops.exit(). Signed-off-by: Tejun Heo Reported-by: Vishal Chourasia Link: http://lkml.kernel.org/r/Zxknp7RAVNjmdJSc@linux.ibm.com Fixes: cc9877fb7677 ("sched_ext: Improve error reporting during loading") commit 7724abf0ca77460cb06ac3d5e4352a5c2289c3ae Author: Tejun Heo Date: Fri Oct 25 12:11:14 2024 -1000 sched_ext: Make cast_mask() inline cast_mask() doesn't do any actual work and is defined in a header file. Force it to be inline. When it is not inlined and the function is not used, it can cause verificaiton failures like the following: # tools/testing/selftests/sched_ext/runner -t minimal ===== START ===== TEST: minimal DESCRIPTION: Verify we can load a fully minimal scheduler OUTPUT: libbpf: prog 'cast_mask': missing BPF prog type, check ELF section name '.text' libbpf: prog 'cast_mask': failed to load: -22 libbpf: failed to load object 'minimal' libbpf: failed to load BPF skeleton 'minimal': -22 ERR: minimal.c:20 Failed to open and load skel not ok 1 minimal # ===== END ===== Signed-off-by: Tejun Heo Fixes: a748db0c8c6a ("tools/sched_ext: Receive misc updates from SCX repo") commit 0e7ffff1b8117b05635c87d3c9099f6aa9c9b689 Author: David Vernet Date: Fri Oct 25 15:54:08 2024 -0500 scx: Fix raciness in scx_ops_bypass() scx_ops_bypass() can currently race on the ops enable / disable path as follows: 1. scx_ops_bypass(true) called on enable path, bypass depth is set to 1 2. An op on the init path exits, which schedules scx_ops_disable_workfn() 3. scx_ops_bypass(false) is called on the disable path, and bypass depth is decremented to 0 4. kthread is scheduled to execute scx_ops_disable_workfn() 5. scx_ops_bypass(true) called, bypass depth set to 1 6. scx_ops_bypass() races when iterating over CPUs While it's not safe to take any blocking locks on the bypass path, it is safe to take a raw spinlock which cannot be preempted. This patch therefore updates scx_ops_bypass() to use a raw spinlock to synchronize, and changes scx_ops_bypass_depth to be a regular int. Without this change, we observe the following warnings when running the 'exit' sched_ext selftest (sometimes requires a couple of runs): .[root@virtme-ng sched_ext]# ./runner -t exit ===== START ===== TEST: exit ... [ 14.935078] WARNING: CPU: 2 PID: 360 at kernel/sched/ext.c:4332 scx_ops_bypass+0x1ca/0x280 [ 14.935126] Modules linked in: [ 14.935150] CPU: 2 UID: 0 PID: 360 Comm: sched_ext_ops_h Not tainted 6.11.0-virtme #24 [ 14.935192] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014 [ 14.935242] Sched_ext: exit (enabling+all) [ 14.935244] RIP: 0010:scx_ops_bypass+0x1ca/0x280 [ 14.935300] Code: ff ff ff e8 48 96 10 00 fb e9 08 ff ff ff c6 05 7b 34 e8 01 01 90 48 c7 c7 89 86 88 87 e8 be 1d f8 ff 90 0f 0b 90 90 eb 95 90 <0f> 0b 90 41 8b 84 24 24 0a 00 00 eb 97 90 0f 0b 90 41 8b 84 24 24 [ 14.935394] RSP: 0018:ffffb706c0957ce0 EFLAGS: 00010002 [ 14.935424] RAX: 0000000000000009 RBX: 0000000000000001 RCX: 00000000e3fb8b2a [ 14.935465] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff88a4c080 [ 14.935512] RBP: 0000000000009b56 R08: 0000000000000004 R09: 00000003f12e520a [ 14.935555] R10: ffffffff863a9795 R11: 0000000000000000 R12: ffff8fc5fec31300 [ 14.935598] R13: ffff8fc5fec31318 R14: 0000000000000286 R15: 0000000000000018 [ 14.935642] FS: 0000000000000000(0000) GS:ffff8fc5fe680000(0000) knlGS:0000000000000000 [ 14.935684] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 14.935721] CR2: 0000557d92890b88 CR3: 000000002464a000 CR4: 0000000000750ef0 [ 14.935765] PKRU: 55555554 [ 14.935782] Call Trace: [ 14.935802] [ 14.935823] ? __warn+0xce/0x220 [ 14.935850] ? scx_ops_bypass+0x1ca/0x280 [ 14.935881] ? report_bug+0xc1/0x160 [ 14.935909] ? handle_bug+0x61/0x90 [ 14.935934] ? exc_invalid_op+0x1a/0x50 [ 14.935959] ? asm_exc_invalid_op+0x1a/0x20 [ 14.935984] ? raw_spin_rq_lock_nested+0x15/0x30 [ 14.936019] ? scx_ops_bypass+0x1ca/0x280 [ 14.936046] ? srso_alias_return_thunk+0x5/0xfbef5 [ 14.936081] ? __pfx_scx_ops_disable_workfn+0x10/0x10 [ 14.936111] scx_ops_disable_workfn+0x146/0xac0 [ 14.936142] ? finish_task_switch+0xa9/0x2c0 [ 14.936172] ? srso_alias_return_thunk+0x5/0xfbef5 [ 14.936211] ? __pfx_scx_ops_disable_workfn+0x10/0x10 [ 14.936244] kthread_worker_fn+0x101/0x2c0 [ 14.936268] ? __pfx_kthread_worker_fn+0x10/0x10 [ 14.936299] kthread+0xec/0x110 [ 14.936327] ? __pfx_kthread+0x10/0x10 [ 14.936351] ret_from_fork+0x37/0x50 [ 14.936374] ? __pfx_kthread+0x10/0x10 [ 14.936400] ret_from_fork_asm+0x1a/0x30 [ 14.936427] [ 14.936443] irq event stamp: 21002 [ 14.936467] hardirqs last enabled at (21001): [] resched_cpu+0x9f/0xd0 [ 14.936521] hardirqs last disabled at (21002): [] scx_ops_bypass+0x11a/0x280 [ 14.936571] softirqs last enabled at (20642): [] __irq_exit_rcu+0x67/0xd0 [ 14.936622] softirqs last disabled at (20637): [] __irq_exit_rcu+0x67/0xd0 [ 14.936672] ---[ end trace 0000000000000000 ]--- [ 14.953282] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) [ 14.953352] ------------[ cut here ]------------ [ 14.953383] WARNING: CPU: 2 PID: 360 at kernel/sched/ext.c:4335 scx_ops_bypass+0x1d8/0x280 [ 14.953428] Modules linked in: [ 14.953453] CPU: 2 UID: 0 PID: 360 Comm: sched_ext_ops_h Tainted: G W 6.11.0-virtme #24 [ 14.953505] Tainted: [W]=WARN [ 14.953527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014 [ 14.953574] RIP: 0010:scx_ops_bypass+0x1d8/0x280 [ 14.953603] Code: c6 05 7b 34 e8 01 01 90 48 c7 c7 89 86 88 87 e8 be 1d f8 ff 90 0f 0b 90 90 eb 95 90 0f 0b 90 41 8b 84 24 24 0a 00 00 eb 97 90 <0f> 0b 90 41 8b 84 24 24 0a 00 00 eb 92 f3 0f 1e fa 49 8d 84 24 f0 [ 14.953693] RSP: 0018:ffffb706c0957ce0 EFLAGS: 00010046 [ 14.953722] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000001 [ 14.953763] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8fc5fec31318 [ 14.953804] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 14.953845] R10: ffffffff863a9795 R11: 0000000000000000 R12: ffff8fc5fec31300 [ 14.953888] R13: ffff8fc5fec31318 R14: 0000000000000286 R15: 0000000000000018 [ 14.953934] FS: 0000000000000000(0000) GS:ffff8fc5fe680000(0000) knlGS:0000000000000000 [ 14.953974] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 14.954009] CR2: 0000557d92890b88 CR3: 000000002464a000 CR4: 0000000000750ef0 [ 14.954052] PKRU: 55555554 [ 14.954068] Call Trace: [ 14.954085] [ 14.954102] ? __warn+0xce/0x220 [ 14.954126] ? scx_ops_bypass+0x1d8/0x280 [ 14.954150] ? report_bug+0xc1/0x160 [ 14.954178] ? handle_bug+0x61/0x90 [ 14.954203] ? exc_invalid_op+0x1a/0x50 [ 14.954226] ? asm_exc_invalid_op+0x1a/0x20 [ 14.954250] ? raw_spin_rq_lock_nested+0x15/0x30 [ 14.954285] ? scx_ops_bypass+0x1d8/0x280 [ 14.954311] ? __mutex_unlock_slowpath+0x3a/0x260 [ 14.954343] scx_ops_disable_workfn+0xa3e/0xac0 [ 14.954381] ? __pfx_scx_ops_disable_workfn+0x10/0x10 [ 14.954413] kthread_worker_fn+0x101/0x2c0 [ 14.954442] ? __pfx_kthread_worker_fn+0x10/0x10 [ 14.954479] kthread+0xec/0x110 [ 14.954507] ? __pfx_kthread+0x10/0x10 [ 14.954530] ret_from_fork+0x37/0x50 [ 14.954553] ? __pfx_kthread+0x10/0x10 [ 14.954576] ret_from_fork_asm+0x1a/0x30 [ 14.954603] [ 14.954621] irq event stamp: 21002 [ 14.954644] hardirqs last enabled at (21001): [] resched_cpu+0x9f/0xd0 [ 14.954686] hardirqs last disabled at (21002): [] scx_ops_bypass+0x11a/0x280 [ 14.954735] softirqs last enabled at (20642): [] __irq_exit_rcu+0x67/0xd0 [ 14.954782] softirqs last disabled at (20637): [] __irq_exit_rcu+0x67/0xd0 [ 14.954829] ---[ end trace 0000000000000000 ]--- [ 15.022283] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) [ 15.092282] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) [ 15.149282] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) ok 1 exit # ===== END ===== And with it, the test passes without issue after 1000s of runs: .[root@virtme-ng sched_ext]# ./runner -t exit ===== START ===== TEST: exit DESCRIPTION: Verify we can cleanly exit a scheduler in multiple places OUTPUT: [ 7.412856] sched_ext: BPF scheduler "exit" enabled [ 7.427924] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) [ 7.466677] sched_ext: BPF scheduler "exit" enabled [ 7.475923] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) [ 7.512803] sched_ext: BPF scheduler "exit" enabled [ 7.532924] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) [ 7.586809] sched_ext: BPF scheduler "exit" enabled [ 7.595926] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) [ 7.661923] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) [ 7.723923] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) ok 1 exit # ===== END ===== ============================= RESULTS: PASSED: 1 SKIPPED: 0 FAILED: 0 Fixes: f0e1a0643a59 ("sched_ext: Implement BPF extensible scheduler class") Signed-off-by: David Vernet Signed-off-by: Tejun Heo commit 3a2b97b3210bd5758f66fad04c5171f85a016a04 Author: Dan Williams Date: Tue Oct 22 18:44:06 2024 -0700 cxl/test: Improve init-order fidelity relative to real-world systems The investigation of an initialization failure [1] highlighted that cxl_test does not reflect the init-order of real world systems. The expected order is root/bus first then async probing of the memory devices. Fix up cxl_test to reflect that order. While it did not reproduce the initial bug report (since that is dependent on built-in vs modular builds), it did reveal a separate latent bug in the subsystem's decoder shutdown flow. Fix for that sent separately. Link: http://lore.kernel.org/20241004212504.1246-1-gourry@gourry.net [1] Cc: Davidlohr Bueso Cc: Jonathan Cameron Cc: Dave Jiang Cc: Alison Schofield Cc: Vishal Verma Cc: Ira Weiny Signed-off-by: Dan Williams Reviewed-by: Jonathan Cameron Link: https://patch.msgid.link/172964784521.81806.15791069994065969243.stgit@dwillia2-xfh.jf.intel.com Signed-off-by: Ira Weiny commit 105b6235ad0f24f271aef17f8865186c4546cb3a Author: Dan Williams Date: Tue Oct 22 18:43:57 2024 -0700 cxl/port: Prevent out-of-order decoder allocation With the recent change to allow out-of-order decoder de-commit it highlights a need to strengthen the in-order decoder commit guarantees. As it stands match_free_decoder() ensures that if 2 regions are racing decoder allocations the one that wins the race will get the lower id decoder, but that still leaves the race to *commit* the decoder. Rather than have this complicated case of "reserved in-order, but may still commit out-of-order", just arrange for the reservation order to match the commit-order. In other words, prevent subsequent allocations until the last reservation is committed. This precludes overlapping region creation events and requires the previous regionN to either move forward to the decoder commit stage or drop its reservation before regionN+1 can move forward. That is, provided that regionN and regionN+1 decode through the same switch port. As a side effect this allows match_free_decoder() to drop its dependency on needing write access to the device_find_child() @data parameter [1]. Reported-by: Zijun Hu Closes: http://lore.kernel.org/20240905-const_dfc_prepare-v4-0-4180e1d5a244@quicinc.com Cc: Davidlohr Bueso Cc: Vishal Verma Cc: Alison Schofield Cc: Jonathan Cameron Signed-off-by: Dan Williams Reviewed-by: Jonathan Cameron Reviewed-by: Ira Weiny Link: https://patch.msgid.link/172964783668.81806.14962699553881333486.stgit@dwillia2-xfh.jf.intel.com Signed-off-by: Ira Weiny commit 101c268bd2f37e965a5468353e62d154db38838e Author: Dan Williams Date: Tue Oct 22 18:43:49 2024 -0700 cxl/port: Fix use-after-free, permit out-of-order decoder shutdown In support of investigating an initialization failure report [1], cxl_test was updated to register mock memory-devices after the mock root-port/bus device had been registered. That led to cxl_test crashing with a use-after-free bug with the following signature: cxl_port_attach_region: cxl region3: cxl_host_bridge.0:port3 decoder3.0 add: mem0:decoder7.0 @ 0 next: cxl_switch_uport.0 nr_eps: 1 nr_targets: 1 cxl_port_attach_region: cxl region3: cxl_host_bridge.0:port3 decoder3.0 add: mem4:decoder14.0 @ 1 next: cxl_switch_uport.0 nr_eps: 2 nr_targets: 1 cxl_port_setup_targets: cxl region3: cxl_switch_uport.0:port6 target[0] = cxl_switch_dport.0 for mem0:decoder7.0 @ 0 1) cxl_port_setup_targets: cxl region3: cxl_switch_uport.0:port6 target[1] = cxl_switch_dport.4 for mem4:decoder14.0 @ 1 [..] cxld_unregister: cxl decoder14.0: cxl_region_decode_reset: cxl_region region3: mock_decoder_reset: cxl_port port3: decoder3.0 reset 2) mock_decoder_reset: cxl_port port3: decoder3.0: out of order reset, expected decoder3.1 cxl_endpoint_decoder_release: cxl decoder14.0: [..] cxld_unregister: cxl decoder7.0: 3) cxl_region_decode_reset: cxl_region region3: Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6bc3: 0000 [#1] PREEMPT SMP PTI [..] RIP: 0010:to_cxl_port+0x8/0x60 [cxl_core] [..] Call Trace: cxl_region_decode_reset+0x69/0x190 [cxl_core] cxl_region_detach+0xe8/0x210 [cxl_core] cxl_decoder_kill_region+0x27/0x40 [cxl_core] cxld_unregister+0x5d/0x60 [cxl_core] At 1) a region has been established with 2 endpoint decoders (7.0 and 14.0). Those endpoints share a common switch-decoder in the topology (3.0). At teardown, 2), decoder14.0 is the first to be removed and hits the "out of order reset case" in the switch decoder. The effect though is that region3 cleanup is aborted leaving it in-tact and referencing decoder14.0. At 3) the second attempt to teardown region3 trips over the stale decoder14.0 object which has long since been deleted. The fix here is to recognize that the CXL specification places no mandate on in-order shutdown of switch-decoders, the driver enforces in-order allocation, and hardware enforces in-order commit. So, rather than fail and leave objects dangling, always remove them. In support of making cxl_region_decode_reset() always succeed, cxl_region_invalidate_memregion() failures are turned into warnings. Crashing the kernel is ok there since system integrity is at risk if caches cannot be managed around physical address mutation events like CXL region destruction. A new device_for_each_child_reverse_from() is added to cleanup port->commit_end after all dependent decoders have been disabled. In other words if decoders are allocated 0->1->2 and disabled 1->2->0 then port->commit_end only decrements from 2 after 2 has been disabled, and it decrements all the way to zero since 1 was disabled previously. Link: http://lore.kernel.org/20241004212504.1246-1-gourry@gourry.net [1] Cc: stable@vger.kernel.org Fixes: 176baefb2eb5 ("cxl/hdm: Commit decoder state to hardware") Reviewed-by: Jonathan Cameron Cc: Greg Kroah-Hartman Cc: Davidlohr Bueso Cc: Dave Jiang Cc: Alison Schofield Cc: Ira Weiny Cc: Zijun Hu Signed-off-by: Dan Williams Reviewed-by: Ira Weiny Link: https://patch.msgid.link/172964782781.81806.17902885593105284330.stgit@dwillia2-xfh.jf.intel.com Signed-off-by: Ira Weiny commit 48f62d38a07d464a499fa834638afcfd2b68f852 Author: Dan Williams Date: Tue Oct 22 18:43:40 2024 -0700 cxl/acpi: Ensure ports ready at cxl_acpi_probe() return In order to ensure root CXL ports are enabled upon cxl_acpi_probe() when the 'cxl_port' driver is built as a module, arrange for the module to be pre-loaded or built-in. The "Fixes:" but no "Cc: stable" on this patch reflects that the issue is merely by inspection since the bug that triggered the discovery of this potential problem [1] is fixed by other means. However, a stable backport should do no harm. Fixes: 8dd2bc0f8e02 ("cxl/mem: Add the cxl_mem driver") Link: http://lore.kernel.org/20241004212504.1246-1-gourry@gourry.net [1] Signed-off-by: Dan Williams Tested-by: Gregory Price Reviewed-by: Jonathan Cameron Reviewed-by: Ira Weiny Link: https://patch.msgid.link/172964781969.81806.17276352414854540808.stgit@dwillia2-xfh.jf.intel.com Signed-off-by: Ira Weiny commit 3d6ebf16438de5d712030fefbb4182b46373d677 Author: Dan Williams Date: Tue Oct 22 18:43:32 2024 -0700 cxl/port: Fix cxl_bus_rescan() vs bus_rescan_devices() It turns out since its original introduction, pre-2.6.12, bus_rescan_devices() has skipped devices that might be in the process of attaching or detaching from their driver. For CXL this behavior is unwanted and expects that cxl_bus_rescan() is a probe barrier. That behavior is simple enough to achieve with bus_for_each_dev() paired with call to device_attach(), and it is unclear why bus_rescan_devices() took the position of lockless consumption of dev->driver which is racy. The "Fixes:" but no "Cc: stable" on this patch reflects that the issue is merely by inspection since the bug that triggered the discovery of this potential problem [1] is fixed by other means. However, a stable backport should do no harm. Fixes: 8dd2bc0f8e02 ("cxl/mem: Add the cxl_mem driver") Link: http://lore.kernel.org/20241004212504.1246-1-gourry@gourry.net [1] Signed-off-by: Dan Williams Tested-by: Gregory Price Reviewed-by: Jonathan Cameron Reviewed-by: Ira Weiny Link: https://patch.msgid.link/172964781104.81806.4277549800082443769.stgit@dwillia2-xfh.jf.intel.com Signed-off-by: Ira Weiny commit 6575b268157f37929948a8d1f3bafb3d7c055bc1 Author: Dan Williams Date: Fri Oct 25 12:32:55 2024 -0700 cxl/port: Fix CXL port initialization order when the subsystem is built-in When the CXL subsystem is built-in the module init order is determined by Makefile order. That order violates expectations. The expectation is that cxl_acpi and cxl_mem can race to attach. If cxl_acpi wins the race, cxl_mem will find the enabled CXL root ports it needs. If cxl_acpi loses the race it will retrigger cxl_mem to attach via cxl_bus_rescan(). That flow only works if cxl_acpi can assume ports are enabled immediately upon cxl_acpi_probe() return. That in turn can only happen in the CONFIG_CXL_ACPI=y case if the cxl_port driver is registered before cxl_acpi_probe() runs. Fix up the order to prevent initialization failures. Ensure that cxl_port is built-in when cxl_acpi is also built-in, arrange for Makefile order to resolve the subsys_initcall() order of cxl_port and cxl_acpi, and arrange for Makefile order to resolve the device_initcall() (module_init()) order of the remaining objects. As for what contributed to this not being found earlier, the CXL regression environment, cxl_test, builds all CXL functionality as a module to allow to symbol mocking and other dynamic reload tests. As a result there is no regression coverage for the built-in case. Reported-by: Gregory Price Closes: http://lore.kernel.org/20241004212504.1246-1-gourry@gourry.net Tested-by: Gregory Price Fixes: 8dd2bc0f8e02 ("cxl/mem: Add the cxl_mem driver") Cc: stable@vger.kernel.org Cc: Davidlohr Bueso Cc: Jonathan Cameron Cc: Dave Jiang Cc: Alison Schofield Cc: Vishal Verma Cc: Ira Weiny Reviewed-by: Jonathan Cameron Reviewed-by: Ira Weiny Tested-by: Alejandro Lucero Reviewed-by: Alejandro Lucero Signed-off-by: Dan Williams Link: https://patch.msgid.link/172988474904.476062.7961350937442459266.stgit@dwillia2-xfh.jf.intel.com Signed-off-by: Ira Weiny commit cb7e509c4e0197f63717fee54fb41c4990ba8d3a Author: Peter Wang Date: Thu Oct 24 09:54:53 2024 +0800 scsi: ufs: core: Fix another deadlock during RTC update If ufshcd_rtc_work calls ufshcd_rpm_put_sync() and the pm's usage_count is 0, we will enter the runtime suspend callback. However, the runtime suspend callback will wait to flush ufshcd_rtc_work, causing a deadlock. Replace ufshcd_rpm_put_sync() with ufshcd_rpm_put() to avoid the deadlock. Fixes: 6bf999e0eb41 ("scsi: ufs: core: Add UFS RTC support") Cc: stable@vger.kernel.org #6.11.x Signed-off-by: Peter Wang Link: https://lore.kernel.org/r/20241024015453.21684-1-peter.wang@mediatek.com Reviewed-by: Bart Van Assche Signed-off-by: Martin K. Petersen commit d28d17a845600dd9f7de241de9b1528a1b138716 Author: John Garry Date: Fri Oct 18 10:16:55 2024 +0000 scsi: scsi_debug: Fix do_device_access() handling of unexpected SG copy length If the sg_copy_buffer() call returns less than sdebug_sector_size, then we drop out of the copy loop. However, we still report that we copied the full expected amount, which is not proper. Fix by keeping a running total and return that value. Fixes: 84f3a3c01d70 ("scsi: scsi_debug: Atomic write support") Reported-by: Colin Ian King Suggested-by: Dan Carpenter Signed-off-by: John Garry Link: https://lore.kernel.org/r/20241018101655.4207-1-john.g.garry@oracle.com Reviewed-by: Dan Carpenter Reviewed-by: Colin Ian King Signed-off-by: Martin K. Petersen commit c71f8fb4dc911022748a378b16aad1cc9b43aad8 Merge: 81dcc79758cd0c 2ce1007f42b8a6 Author: Linus Torvalds Date: Fri Oct 25 11:45:22 2024 -0700 Merge tag 'v6.12-rc4-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6 Pull smb client fixes from Steve French: - Fix init module error caseb - Fix memory allocation error path (for passwords) in mount * tag 'v6.12-rc4-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6: cifs: fix warning when destroy 'cifs_io_request_pool' smb: client: Handle kstrdup failures for passwords commit 81dcc79758cd0c0cfddf539bbdb6e7307053fc0d Merge: f647053312ee1a d34a5575e6d238 Author: Linus Torvalds Date: Fri Oct 25 11:41:18 2024 -0700 Merge tag 'fuse-fixes-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse Pull fuse fixes from Miklos Szeredi: - Fix cached size after passthrough writes This fix needed a trivial change in the backing-file API, which resulted in some non-fuse files being touched. - Revert a commit meant as a cleanup but which triggered a WARNING - Remove a stray debug line left-over * tag 'fuse-fixes-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse: fuse: remove stray debug line Revert "fuse: move initialization of fuse_file to fuse_writepages() instead of in callback" fuse: update inode size after extending passthrough write fs: pass offset and result to backing_file end_write() callback commit f647053312ee1a01927a4ec2970c0fbbb31f983a Merge: b423f5a9a61f36 d5ff2fb2e7167e Author: Linus Torvalds Date: Fri Oct 25 11:38:15 2024 -0700 Merge tag 'nfsd-6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux Pull nfsd fixes from Chuck Lever: - Fix a couple of use-after-free bugs * tag 'nfsd-6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux: nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net nfsd: fix race between laundromat and free_stateid commit b423f5a9a61f360a250596d78e513761aea96b4f Merge: 8c76163fff18f2 54774abb5549c6 Author: Linus Torvalds Date: Fri Oct 25 11:04:34 2024 -0700 Merge tag 'acpi-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull ACPI fixes from Rafael Wysocki: "These fix an ACPI PRM (Platform Runtime Mechanism) issue and add two new DMI quirks, one for an ACPI IRQ override and one for lid switch detection: - Make acpi_parse_prmt() look for EFI_MEMORY_RUNTIME memory regions only to comply with the UEFI specification and make PRM use efi_guid_t instead of guid_t to avoid a compiler warning triggered by that change (Koba Ko, Dan Carpenter) - Add an ACPI IRQ override quirk for LG 16T90SP (Christian Heusel) - Add a lid switch detection quirk for Samsung Galaxy Book2 (Shubham Panwar)" * tag 'acpi-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: ACPI: PRM: Clean up guid type in struct prm_handler_info ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[] ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context commit 8c76163fff18f2149f923e1b3c34d00801668244 Merge: 48005a5a74d83c 1646a3f2b1bda0 Author: Linus Torvalds Date: Fri Oct 25 11:00:50 2024 -0700 Merge tag 'pm-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull power management fixes from Rafael Wysocki: "Update cpufreq documentation to match the code after recent changes (Christian Loehle), fix a units conversion issue in the CPPC cpufreq driver (liwei), and fix an error check in the dtpm_devfreq power capping driver (Yuan Can)" * tag 'pm-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: cpufreq: CPPC: fix perf_to_khz/khz_to_perf conversion exception powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() cpufreq: docs: Reflect latency changes in docs commit 48005a5a74d83cac0bf6cab03342c3ae7ef975ef Merge: 86d6688e609959 ad783b9f8e7857 Author: Linus Torvalds Date: Fri Oct 25 10:56:06 2024 -0700 Merge tag 'pci-v6.12-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci Pull pci fixes from Bjorn Helgaas: - Hold the rescan lock while adding devices to avoid race with concurrent pwrctl rescan that can lead to a crash (Bartosz Golaszewski) - Avoid binding pwrctl driver to QCom WCN wifi if the DT lacks the necessary PMU regulator descriptions (Bartosz Golaszewski) * tag 'pci-v6.12-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci: PCI/pwrctl: Abandon QCom WCN probe on pre-pwrseq device-trees PCI: Hold rescan lock while adding devices during host probe commit 86d6688e6099594e732841ddad69fad196e95245 Merge: f0560f974eaad7 51521d2e2c3595 Author: Linus Torvalds Date: Fri Oct 25 10:51:58 2024 -0700 Merge tag 'fbdev-for-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev Pull fbdev fixes from Helge Deller: - Fix some build warnings and failures with CONFIG_FB_IOMEM_FOPS and CONFIG_FB_DEVICE - Remove the da8xx fbdev driver - Constify struct sbus_mmap_map and fix indentation warning * tag 'fbdev-for-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev: fbdev: wm8505fb: select CONFIG_FB_IOMEM_FOPS fbdev: da8xx: remove the driver fbdev: Constify struct sbus_mmap_map fbdev: nvidiafb: fix inconsistent indentation warning fbdev: sstfb: Make CONFIG_FB_DEVICE optional commit f0560f974eaad72701061d40490fc8a36b95695b Merge: 7a7aecd9c031c2 7e336a6c15ec76 Author: Linus Torvalds Date: Fri Oct 25 10:47:51 2024 -0700 Merge tag 'gpio-fixes-for-v6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux Pull gpio fix from Bartosz Golaszewski: "Update MAINTAINERS with a keyword pattern for legacy GPIO API The goal is to alert us to anyone trying to use the deprecated, legacy API (this happens almost every release)" * tag 'gpio-fixes-for-v6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux: MAINTAINERS: add a keyword entry for the GPIO subsystem commit 7a7aecd9c031c25988d0e123750674e6d6a876ec Merge: 01154cc30e3439 8e59a2a5459fd9 Author: Linus Torvalds Date: Fri Oct 25 10:42:29 2024 -0700 Merge tag 'ata-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/libata/linux Pull ata fix from Niklas Cassel: - Fix the handling of ATA commands that timeout (command that did not receive a completion interrupt within the configured timeout time). Commands that timeout, while also having either the FAILFAST flag set, or the command being a passthrough command, should never be retried. Restore this behavior (as it was before v6.12-rc1). * tag 'ata-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/libata/linux: ata: libata: Set DID_TIME_OUT for commands that actually timed out commit 01154cc30e343952d7ab1c6b35c3577725dc5d54 Merge: fd143856b094b1 c9f7a144e7e3ef Author: Linus Torvalds Date: Fri Oct 25 10:35:29 2024 -0700 Merge tag 'sound-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound Pull sound fixes from Takashi Iwai: "The majority of changes here are about ASoC. There are two core changes in ASoC (the bump of minimal topology ABI version and the fix for references of components in DAPM code), and others are mostly various device-specific fixes for SoundWire, AMD, Intel, SOF, Qualcomm and FSL, in addition to a few usual HD-audio quirks and fixes" * tag 'sound-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: (33 commits) ALSA: hda/realtek: Update default depop procedure ASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc ASoC: fsl_micfil: Add sample rate constraint ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop issue ALSA: hda/tas2781: select CRC32 instead of CRC32_SARWATE ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593 ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() ASoC: fsl_micfil: Add a flag to distinguish with different volume control types ASoC: codecs: lpass-rx-macro: fix RXn(rx,n) macro for DSM_CTL and SEC7 regs ASoC: Change my e-mail to gmail ASoC: Intel: soc-acpi: lnl: Add match entry for TM2 laptops ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA ASoC: SOF: Intel: hda: Always clean up link DMA during stop soundwire: intel_ace2x: Send PDI stream number during prepare ASoC: SOF: Intel: hda: Handle prepare without close for non-HDA DAI's ASoC: SOF: ipc4-topology: Do not set ALH node_id for aggregated DAIs MAINTAINERS: Update maintainer list for MICROCHIP ASOC, SSC and MCP16502 drivers ASoC: qcom: Select missing common Soundwire module code on SDM845 ASoC: fsl_esai: change dev_warn to dev_dbg in irq handler ASoC: rsnd: Fix probe failure on HiHope boards due to endpoint parsing ... commit fd143856b094b1798318d6816f37ea7380668c4c Merge: 4dc1f31ec3f13a 4d95a12beba146 Author: Linus Torvalds Date: Fri Oct 25 10:29:51 2024 -0700 Merge tag 'drm-fixes-2024-10-25' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes from Dave Airlie: "Weekly drm fixes, mostly amdgpu and xe, with minor bridge and an i915 Kconfig fix. Nothing too scary and it seems to be pretty quiet. amdgpu: - ACPI method handling fixes - SMU 14.x fixes - Display idle optimization fix - DP link layer compliance fix - SDMA 7.x fix - PSR-SU fix - SWSMU fix i915: - Fix DRM_I915_GVT_KVMGT dependencies in Kconfig xe: - Increase invalidation timeout to avoid errors in some hosts - Flush worker on timeout - Better handling for force wake failure - Improve argument check on user fence creation - Don't restart parallel queues multiple times on GT reset bridge: - aux: Fix assignment of OF node - tc358767: Add missing of_node_put() in error path" * tag 'drm-fixes-2024-10-25' of https://gitlab.freedesktop.org/drm/kernel: drm/xe: Don't restart parallel queues multiple times on GT reset drm/xe/ufence: Prefetch ufence addr to catch bogus address drm/xe: Handle unreliable MMIO reads during forcewake drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout drm/xe: Enlarge the invalidation timeout from 150 to 500 drm/amdgpu: handle default profile on on devices without fullscreen 3D drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too drm/amdgpu: fix random data corruption for sdma 7 drm/amd/display: temp w/a for DP Link Layer compliance drm/amd/display: temp w/a for dGPU to enter idle optimizations drm/amd/pm: update deep sleep status on smu v14.0.2/3 drm/amd/pm: update overdrive function on smu v14.0.2/3 drm/amd/pm: update the driver-fw interface file for smu v14.0.2/3 drm/amd: Guard against bad data for ATIF ACPI method drm/bridge: tc358767: fix missing of_node_put() in for_each_endpoint_of_node() drm/bridge: Fix assignment of the of_node of the parent to aux bridge i915: fix DRM_I915_GVT_KVMGT dependencies commit 8e910ca20e112d7f06ba3bf631a06ddb5ce14657 Author: Kent Overstreet Date: Fri Oct 25 13:13:05 2024 -0400 bcachefs: Fix UAF in bch2_reconstruct_alloc() write_super() -> sb_counters_from_cpu() may reallocate the superblock Reported-by: syzbot+9fc4dac4775d07bcfe34@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet commit a25a83de45b435cf89e55c7fb8733f83c7826004 Author: Jeongjun Park Date: Thu Oct 24 01:13:45 2024 +0900 bcachefs: fix null-ptr-deref in have_stripes() c->btree_roots_known[i].b can be NULL. In this case, a NULL pointer dereference occurs, so you need to add code to check the variable. Reported-by: syzbot+b468b9fef56949c3b528@syzkaller.appspotmail.com Fixes: 7773df19c35f ("bcachefs: metadata version bucket_stripe_sectors") Signed-off-by: Jeongjun Park Signed-off-by: Kent Overstreet commit 895669fd0d8c816572ff779979a032d0395a0194 Author: David Vernet Date: Fri Oct 25 00:40:13 2024 -0500 scx: Fix exit selftest to use custom DSQ In commit 63fb3ec80516 ("sched_ext: Allow only user DSQs for scx_bpf_consume(), scx_bpf_dsq_nr_queued() and bpf_iter_scx_dsq_new()"), we updated the consume path to only accept user DSQs, thus making it invalid to consume SCX_DSQ_GLOBAL. This selftest was doing that, so let's create a custom DSQ and use that instead. The test now passes: [root@virtme-ng sched_ext]# ./runner -t exit ===== START ===== TEST: exit DESCRIPTION: Verify we can cleanly exit a scheduler in multiple places OUTPUT: [ 12.387229] sched_ext: BPF scheduler "exit" enabled [ 12.406064] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) [ 12.453325] sched_ext: BPF scheduler "exit" enabled [ 12.474064] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) [ 12.515241] sched_ext: BPF scheduler "exit" enabled [ 12.532064] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) [ 12.592063] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) [ 12.654063] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) [ 12.715062] sched_ext: BPF scheduler "exit" disabled (unregistered from BPF) ok 1 exit # ===== END ===== Signed-off-by: David Vernet Signed-off-by: Tejun Heo commit 4dc1f31ec3f13a065c7ae2ccdec562b0123e21bb Author: Linus Torvalds Date: Thu Oct 24 13:23:56 2024 -0700 x86: fix whitespace in runtime-const assembler output The x86 user pointer validation changes made me look at compiler output a lot, and the wrong indentation for the ".popsection" in the generated assembler triggered me. Signed-off-by: Linus Torvalds commit 86e6b1547b3d013bc392adf775b89318441403c2 Author: Linus Torvalds Date: Wed Oct 23 18:17:46 2024 -0700 x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Lite(tm)" issue with non-canonical accesses in kernel space. And so using just the high bit to decide whether an access is in user space or kernel space ends up with the good old "leak speculative data" if you have the right gadget using the result: CVE-2020-12965 “Transient Execution of Non-Canonical Accesses“ Now, the kernel surrounds the access with a STAC/CLAC pair, and those instructions end up serializing execution on older Zen architectures, which closes the speculation window. But that was true only up until Zen 5, which renames the AC bit [1]. That improves performance of STAC/CLAC a lot, but also means that the speculation window is now open. Note that this affects not just the new address masking, but also the regular valid_user_address() check used by access_ok(), and the asm version of the sign bit check in the get_user() helpers. It does not affect put_user() or clear_user() variants, since there's no speculative result to be used in a gadget for those operations. Reported-by: Andrew Cooper Link: https://lore.kernel.org/all/80d94591-1297-4afb-b510-c665efd37f10@citrix.com/ Link: https://lore.kernel.org/all/20241023094448.GAZxjFkEOOF_DM83TQ@fat_crate.local/ [1] Link: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-1010.html Link: https://arxiv.org/pdf/2108.10771 Cc: Josh Poimboeuf Cc: Borislav Petkov Tested-by: Maciej Wieczor-Retman # LAM case Fixes: 2865baf54077 ("x86: support user address masking instead of non-speculative conditional") Fixes: 6014bc27561f ("x86-64: make access_ok() independent of LAM") Fixes: b19b74bc99b1 ("x86/mm: Rework address range check in get_user() and put_user()") Signed-off-by: Linus Torvalds commit 53ab8678e7180834be29cf56cd52825fc3427c02 Author: Shiju Jose Date: Mon Oct 14 15:30:03 2024 +0100 cxl/events: Fix Trace DRAM Event Record CXL spec rev 3.0 section 8.2.9.2.1.2 defines the DRAM Event Record. Fix decode memory event type field of DRAM Event Record. For e.g. if value is 0x1 it will be reported as an Invalid Address (General Media Event Record - Memory Event Type) instead of Scrub Media ECC Error (DRAM Event Record - Memory Event Type) and so on. Fixes: 2d6c1e6d60ba ("cxl/mem: Trace DRAM Event Record") Signed-off-by: Shiju Jose Link: https://patch.msgid.link/20241014143003.1170-1-shiju.jose@huawei.com Signed-off-by: Ira Weiny commit 7245012f0f496162dd95d888ed2ceb5a35170f1a Author: Johannes Berg Date: Wed Oct 23 09:17:44 2024 +0200 wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop forever since the loop variable has type u8, which can never reach the number found when that's bigger than 255, and is stored in a u32 variable. Also move it into the loops to have a smaller scope. Using a u32 there is fine, we limit the number of APs in the scan list and each has a limit on the number of RNR entries due to the frame size. With a limit of 1000 scan results, a frame size upper bound of 4096 (really it's more like ~2300) and a TBTT entry size of at least 11, we get an upper bound for the number of ~372k, well in the bounds of a u32. Cc: stable@vger.kernel.org Fixes: eae94cf82d74 ("iwlwifi: mvm: add support for 6GHz") Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219375 Link: https://patch.msgid.link/20241023091744.f4baed5c08a1.I8b417148bbc8c5d11c101e1b8f5bf372e17bf2a7@changeid Signed-off-by: Johannes Berg commit d5fee261dfd9e17b08b1df8471ac5d5736070917 Author: Johannes Berg Date: Tue Oct 22 16:17:42 2024 +0200 wifi: cfg80211: clear wdev->cqm_config pointer on free When we free wdev->cqm_config when unregistering, we also need to clear out the pointer since the same wdev/netdev may get re-registered in another network namespace, then destroyed later, running this code again, which results in a double-free. Reported-by: syzbot+36218cddfd84b5cc263e@syzkaller.appspotmail.com Fixes: 37c20b2effe9 ("wifi: cfg80211: fix cqm_config access race") Cc: stable@vger.kernel.org Link: https://patch.msgid.link/20241022161742.7c34b2037726.I121b9cdb7eb180802eafc90b493522950d57ee18@changeid Signed-off-by: Johannes Berg commit 9b15c6cf8d2e82c8427cd06f535d8de93b5b995c Author: Ben Greear Date: Thu Oct 10 13:39:54 2024 -0700 mac80211: fix user-power when emulating chanctx ieee80211_calc_hw_conf_chan was ignoring the configured user_txpower. If it is set, use it to potentially decrease txpower as requested. Signed-off-by: Ben Greear Link: https://patch.msgid.link/20241010203954.1219686-1-greearb@candelatech.com Signed-off-by: Johannes Berg commit bfc0ed73e095cc3858d35731f191fa6e3d813262 Author: Emmanuel Grumbach Date: Tue Oct 22 09:22:11 2024 +0200 Revert "wifi: iwlwifi: remove retry loops in start" Revert commit dfdfe4be183b ("wifi: iwlwifi: remove retry loops in start"), it turns out that there's an issue with the PNVM load notification from firmware not getting processed, that this patch has been somewhat successfully papering over. Since this is being reported, revert the loop removal for now. We will later at least clean this up to only attempt to retry if there was a timeout, but currently we don't even bubble up the failure reason to the correct layer, only returning NULL. Fixes: dfdfe4be183b ("wifi: iwlwifi: remove retry loops in start") Signed-off-by: Emmanuel Grumbach Link: https://patch.msgid.link/20241022092212.4aa82a558a00.Ibdeff9c8f0d608bc97fc42024392ae763b6937b7@changeid Signed-off-by: Johannes Berg commit 734a377e1eacc5153bae0ccd4423365726876e93 Author: Emmanuel Grumbach Date: Thu Oct 10 14:05:06 2024 +0300 wifi: iwlwifi: mvm: don't add default link in fw restart flow When we add the vif (and its default link) in fw restart we may override the link that already exists. We take care of this but if link 0 is a valid MLO link, then we will re-create a default link on mvmvif->link[0] and we'll loose the real link we had there. In non-MLO, we need to re-create the default link upon the interface creation, this is fine. In MLO, we'll just wait for change_vif_links() to re-build the links. Fixes: bf976c814c86 ("wifi: iwlwifi: mvm: implement link change ops") Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20241010140328.385bfea1b2e9.I4a127312285ccb529cc95cc4edf6fbe1e0a136ad@changeid Signed-off-by: Johannes Berg commit 07a6e3b78a65f4b2796a8d0d4adb1a15a81edead Author: Daniel Gabay Date: Thu Oct 10 14:05:05 2024 +0300 wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() 1. The size of the response packet is not validated. 2. The response buffer is not freed. Resolve these issues by switching to iwl_mvm_send_cmd_status(), which handles both size validation and frees the buffer. Fixes: f130bb75d881 ("iwlwifi: add FW recovery flow") Signed-off-by: Daniel Gabay Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20241010140328.76c73185951e.Id3b6ca82ced2081f5ee4f33c997491d0ebda83f7@changeid Signed-off-by: Johannes Berg commit 32d95ab330069f9c551b8e99770bb4e799730b55 Author: Anjaneyulu Date: Thu Oct 10 14:05:04 2024 +0300 wifi: iwlwifi: mvm: SAR table alignment SAR table format in ACPI and local data base are different, So modified code to read data properly. Signed-off-by: Anjaneyulu Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20241010140328.f077aced4dee.I4dc618f12d01f7ad19f9f8881f6e09eea77e9a14@changeid Signed-off-by: Johannes Berg commit 9715246ca0bfc9feaec1b4ff5b3d38de65a7025d Author: Daniel Gabay Date: Thu Oct 10 14:05:03 2024 +0300 wifi: iwlwifi: mvm: Use the sync timepoint API in suspend When starting the suspend flow, HOST_D3_START triggers an _async_ firmware dump collection for debugging purposes. The async worker may race with suspend flow and fail to get NIC access, resulting in the following warning: "Timeout waiting for hardware access (CSR_GP_CNTRL 0xffffffff)" Fix this by switching to the sync version to ensure the dump completes before proceeding with the suspend flow, avoiding potential race issues. Signed-off-by: Daniel Gabay Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20241010140328.9aae318cd593.I4b322009f39489c0b1d8893495c887870f73ed9c@changeid Signed-off-by: Johannes Berg commit cbe84e9ad5e28ef083beff7f6edf2e623fac09e4 Author: Miri Korenblit Date: Thu Oct 10 14:05:01 2024 +0300 wifi: iwlwifi: mvm: really send iwl_txpower_constraints_cmd iwl_mvm_send_ap_tx_power_constraint_cmd is a no-op if the link is not active (we need to know the band etc.) However, for the station case it will be called just before we set the link to active (by calling iwl_mvm_link_changed with the LINK_CONTEXT_MODIFY_ACTIVE bit set in the 'changed' flags and active = true), so it will end up doing nothing. Fix this by calling iwl_mvm_send_ap_tx_power_constraint_cmd before iwl_mvm_link_changed. Fixes: 6b82f4e119d1 ("wifi: iwlwifi: mvm: handle TPE advertised by AP") Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20241010140328.5c235fccd3f1.I2d40dea21e5547eba458565edcb4c354d094d82a@changeid Signed-off-by: Johannes Berg commit 3ed092997a004d68a3a5b0eeb94e71b69839d0f7 Author: Emmanuel Grumbach Date: Thu Oct 10 14:04:59 2024 +0300 wifi: iwlwifi: mvm: don't leak a link on AP removal Release the link mapping resource in AP removal. This impacted devices that do not support the MLD API (9260 and down). On those devices, we couldn't start the AP again after the AP has been already started and stopped. Fixes: a8b5d4809b50 ("wifi: iwlwifi: mvm: Configure the link mapping for non-MLD FW") Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20241010140328.c54c42779882.Ied79e0d6244dc5a372e8b6ffa8ee9c6e1379ec1d@changeid Signed-off-by: Johannes Berg commit 1646a3f2b1bda03a763f7aecf83504144fb8bba9 Merge: d93df29bdab133 5209d1b654f1db Author: Rafael J. Wysocki Date: Fri Oct 25 17:27:19 2024 +0200 Merge branch 'pm-powercap' Merge a dtpm_devfreq power capping driver fix for 6.12-rc5: - Fix a dev_pm_qos_add_request() return value check in __dtpm_devfreq_setup() to prevent it from failing if a positive number is returned (Yuan Can). * pm-powercap: powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() commit 54774abb5549c619909b5c3e2605bc643e83d9a7 Merge: 3d1c651272cf1d 53f1a907d36fb3 8fa73ee44daefc Author: Rafael J. Wysocki Date: Fri Oct 25 17:08:14 2024 +0200 Merge branches 'acpi-resource' and 'acpi-button' Merge new DMI quirks for 6.12-rc5: - Add an ACPI IRQ override quirk for LG 16T90SP (Christian Heusel). - Add a lid switch detection quirk for Samsung Galaxy Book2 (Shubham Panwar). * acpi-resource: ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[] * acpi-button: ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue commit d34a5575e6d2380cc375d2b4650d385a859e67bc Author: Miklos Szeredi Date: Mon Oct 7 12:43:50 2024 +0200 fuse: remove stray debug line It wasn't there when the patch was posted for review, but somehow made it into the pull. Link: https://lore.kernel.org/all/20240913104703.1673180-1-mszeredi@redhat.com/ Fixes: efad7153bf93 ("fuse: allow O_PATH fd for FUSE_DEV_IOC_BACKING_OPEN") Signed-off-by: Miklos Szeredi commit fc5ced75d6dffc9e2a441520b7dc587b95281f86 Merge: a85df8c7b5ee2d 4d95a12beba146 Author: Thomas Zimmermann Date: Fri Oct 25 15:24:08 2024 +0200 Merge drm/drm-fixes into drm-misc-fixes Backmerging to get the latest fixes from upstream. Signed-off-by: Thomas Zimmermann commit 5f153a692bacc295f213e2c632ca557979fad7be Merge: 164f66de6bb6ef bf40167d54d55d Author: Palmer Dabbelt Date: Thu Oct 24 10:58:51 2024 -0700 Merge commit 'bf40167d54d5' into fixes This fix is part of a series on for-next, but it fixes broken builds so I'm picking it up as a fix. * commit 'bf40167d54d5': riscv: vdso: Prevent the compiler from inserting calls to memset() commit 164f66de6bb6ef454893f193c898dc8f1da6d18b Author: Chunyan Zhang Date: Tue Oct 8 17:41:39 2024 +0800 riscv: Remove duplicated GET_RM The macro GET_RM defined twice in this file, one can be removed. Reviewed-by: Alexandre Ghiti Signed-off-by: Chunyan Zhang Fixes: 956d705dd279 ("riscv: Unaligned load/store handling for M_MODE") Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20241008094141.549248-3-zhangchunyan@iscas.ac.cn Signed-off-by: Palmer Dabbelt commit 46d4e5ac6f2f801f97bcd0ec82365969197dc9b1 Author: Chunyan Zhang Date: Tue Oct 8 17:41:38 2024 +0800 riscv: Remove unused GENERATING_ASM_OFFSETS The macro is not used in the current version of kernel, it looks like can be removed to avoid a build warning: ../arch/riscv/kernel/asm-offsets.c: At top level: ../arch/riscv/kernel/asm-offsets.c:7: warning: macro "GENERATING_ASM_OFFSETS" is not used [-Wunused-macros] 7 | #define GENERATING_ASM_OFFSETS Fixes: 9639a44394b9 ("RISC-V: Provide a cleaner raw_smp_processor_id()") Cc: stable@vger.kernel.org Reviewed-by: Alexandre Ghiti Tested-by: Alexandre Ghiti Signed-off-by: Chunyan Zhang Link: https://lore.kernel.org/r/20241008094141.549248-2-zhangchunyan@iscas.ac.cn Signed-off-by: Palmer Dabbelt commit e0872ab72630dada3ae055bfa410bf463ff1d1e0 Author: WangYuli Date: Thu Oct 17 11:20:10 2024 +0800 riscv: Use '%u' to format the output of 'cpu' 'cpu' is an unsigned integer, so its conversion specifier should be %u, not %d. Suggested-by: Wentao Guan Suggested-by: Maciej W. Rozycki Link: https://lore.kernel.org/all/alpine.DEB.2.21.2409122309090.40372@angie.orcam.me.uk/ Signed-off-by: WangYuli Reviewed-by: Charlie Jenkins Tested-by: Charlie Jenkins Fixes: f1e58583b9c7 ("RISC-V: Support cpu hotplug") Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/4C127DEECDA287C8+20241017032010.96772-1-wangyuli@uniontech.com Signed-off-by: Palmer Dabbelt commit 37233169a6ea912020c572f870075a63293b786a Author: Miquel Sabaté Solà Date: Fri Sep 13 10:00:52 2024 +0200 riscv: Prevent a bad reference count on CPU nodes When populating cache leaves we previously fetched the CPU device node at the very beginning. But when ACPI is enabled we go through a specific branch which returns early and does not call 'of_node_put' for the node that was acquired. Since we are not using a CPU device node for the ACPI code anyways, we can simply move the initialization of it just passed the ACPI block, and we are guaranteed to have an 'of_node_put' call for the acquired node. This prevents a bad reference count of the CPU device node. Moreover, the previous function did not check for errors when acquiring the device node, so a return -ENOENT has been added for that case. Signed-off-by: Miquel Sabaté Solà Reviewed-by: Sudeep Holla Reviewed-by: Sunil V L Reviewed-by: Alexandre Ghiti Fixes: 604f32ea6909 ("riscv: cacheinfo: initialize cacheinfo's level and type from ACPI PPTT") Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240913080053.36636-1-mikisabate@gmail.com Signed-off-by: Palmer Dabbelt commit d41373a4b910961df5a5e3527d7bde6ad45ca438 Author: Heinrich Schuchardt Date: Sun Sep 29 16:02:33 2024 +0200 riscv: efi: Set NX compat flag in PE/COFF header The IMAGE_DLLCHARACTERISTICS_NX_COMPAT informs the firmware that the EFI binary does not rely on pages that are both executable and writable. The flag is used by some distro versions of GRUB to decide if the EFI binary may be executed. As the Linux kernel neither has RWX sections nor needs RWX pages for relocation we should set the flag. Cc: Ard Biesheuvel Cc: Signed-off-by: Heinrich Schuchardt Reviewed-by: Emil Renner Berthing Fixes: cb7d2dd5612a ("RISC-V: Add PE/COFF header for EFI stub") Acked-by: Ard Biesheuvel Link: https://lore.kernel.org/r/20240929140233.211800-1-heinrich.schuchardt@canonical.com Signed-off-by: Palmer Dabbelt commit 33549fcf37ec461f398f0a41e1c9948be2e5aca4 Author: Conor Dooley Date: Tue Oct 1 12:28:13 2024 +0100 RISC-V: disallow gcc + rust builds During the discussion before supporting rust on riscv, it was decided not to support gcc yet, due to differences in extension handling compared to llvm (only the version of libclang matching the c compiler is supported). Recently Jason Montleon reported [1] that building with gcc caused build issues, due to unsupported arguments being passed to libclang. After some discussion between myself and Miguel, it is better to disable gcc + rust builds to match the original intent, and subsequently support it when an appropriate set of extensions can be deduced from the version of libclang. Closes: https://lore.kernel.org/all/20240917000848.720765-2-jmontleo@redhat.com/ [1] Link: https://lore.kernel.org/all/20240926-battering-revolt-6c6a7827413e@spud/ [2] Fixes: 70a57b247251a ("RISC-V: enable building 64-bit kernels with rust support") Cc: stable@vger.kernel.org Reported-by: Jason Montleon Signed-off-by: Conor Dooley Acked-by: Miguel Ojeda Reviewed-by: Nathan Chancellor Link: https://lore.kernel.org/r/20241001-playlist-deceiving-16ece2f440f5@spud Signed-off-by: Palmer Dabbelt commit afedc3126e11ff1404b32e538657b68022e933ca Author: Alexandre Ghiti Date: Wed Oct 9 09:27:49 2024 +0200 riscv: Do not use fortify in early code Early code designates the code executed when the MMU is not yet enabled, and this comes with some limitations (see Documentation/arch/riscv/boot.rst, section "Pre-MMU execution"). FORTIFY_SOURCE must be disabled then since it can trigger kernel panics as reported in [1]. Reported-by: Jason Montleon Closes: https://lore.kernel.org/linux-riscv/CAJD_bPJes4QhmXY5f63GHV9B9HFkSCoaZjk-qCT2NGS7Q9HODg@mail.gmail.com/ [1] Fixes: a35707c3d850 ("riscv: add memory-type errata for T-Head") Fixes: 26e7aacb83df ("riscv: Allow to downgrade paging mode from the command line") Cc: stable@vger.kernel.org Signed-off-by: Alexandre Ghiti Link: https://lore.kernel.org/r/20241009072749.45006-1-alexghiti@rivosinc.com Signed-off-by: Palmer Dabbelt commit 1966db682f064172891275cb951aa8c98a0a809b Author: Yunhui Cui Date: Mon Oct 14 21:01:41 2024 +0800 RISC-V: ACPI: fix early_ioremap to early_memremap When SVPBMT is enabled, __acpi_map_table() will directly access the data in DDR through the IO attribute, rather than through hardware cache consistency, resulting in incorrect data in the obtained ACPI table. The log: ACPI: [ACPI:0x18] Invalid zero length. We do not assume whether the bootloader flushes or not. We should access in a cacheable way instead of maintaining cache consistency by software. Fixes: 3b426d4b5b14 ("RISC-V: ACPI : Fix for usage of pointers in different address space") Cc: stable@vger.kernel.org Reviewed-by: Alexandre Ghiti Signed-off-by: Yunhui Cui Reviewed-by: Sunil V L Link: https://lore.kernel.org/r/20241014130141.86426-1-cuiyunhui@bytedance.com Signed-off-by: Palmer Dabbelt commit 2feb023110843acce790e9089e72e9a9503d9fa5 Author: ChiYuan Huang Date: Fri Oct 25 13:59:18 2024 +0800 regulator: rtq2208: Fix uninitialized use of regulator_config Fix rtq2208 driver uninitialized use to cause kernel error. Fixes: 85a11f55621a ("regulator: rtq2208: Add Richtek RTQ2208 SubPMIC") Signed-off-by: ChiYuan Huang Link: https://patch.msgid.link/00d691cfcc0eae9ce80a37b62e99851e8fdcffe2.1729829243.git.cy_huang@richtek.com Signed-off-by: Mark Brown commit 6668610b4d8ce9a3ee3ed61a9471f62fb5f05bf9 Author: Hans de Goede Date: Fri Oct 25 11:02:21 2024 +0200 ASoC: Intel: sst: Support LPE0F28 ACPI HID Some old Bay Trail tablets which shipped with Android as factory OS have the SST/LPE audio engine described by an ACPI device with a HID (Hardware-ID) of LPE0F28 instead of 80860F28. Add support for this. Note this uses a new sst_res_info for just the LPE0F28 case because it has a different layout for the IO-mem ACPI resources then the 80860F28. An example of a tablet which needs this is the Vexia EDU ATLA 10 tablet, which has been distributed to schools in the Spanish Andalucía region. Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20241025090221.52198-1-hdegoede@redhat.com Signed-off-by: Mark Brown commit d99913e1b80b51a058020835e7ea1a44397cb4d7 Author: Uwe Kleine-König Date: Tue Oct 22 11:14:30 2024 +0200 riscv: dts: Replace deprecated snps,nr-gpios property for snps,dw-apb-gpio-port devices snps,dw-apb-gpio-port is deprecated since commit ef42a8da3cf3 ("dt-bindings: gpio: dwapb: Add ngpios property support"). The respective driver supports this since commit 7569486d79ae ("gpio: dwapb: Add ngpios DT-property support") which is included in Linux v5.10-rc1. This change was created using git grep -l snps,nr-gpios arch/riscv/boot/dts | xargs perl -p -i -e 's/\bsnps,nr-gpios\b/ngpios/ . Signed-off-by: Uwe Kleine-König Reviewed-by: Inochi Amaoto Reviewed-by: Chen Wang Fixes: a508d794f86e ("riscv: sophgo: dts: add gpio controllers for SG2042 SoC") Link: https://lore.kernel.org/r/20241022091428.477697-8-u.kleine-koenig@baylibre.com Signed-off-by: Inochi Amaoto Signed-off-by: Chen Wang commit e31a8219fbfcf9dc65ba1e1c10cade12b6754e00 Merge: d44cd822644911 a940b3a1ad0f5b Author: David S. Miller Date: Fri Oct 25 10:44:41 2024 +0100 Merge tag 'wireless-2024-10-21' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless wireless fixes for v6.12-rc5 The first set of wireless fixes for v6.12. We have been busy and have not been able to send this earlier, so there are more fixes than usual. The fixes are all over, both in stack and in drivers, but nothing special really standing out. commit 517fb4d77c44c7519ae6937329c496894461f416 Author: Trevor Gamblin Date: Thu Oct 17 13:47:44 2024 -0400 MAINTAINERS: add self as reviewer for AXI PWM GENERATOR The initial author of the driver has moved on, so add the final submitter (myself) as reviewer for the AXI PWM driver. Signed-off-by: Trevor Gamblin Reviewed-by: Nuno Sa Link: https://lore.kernel.org/r/20241017174744.902454-1-tgamblin@baylibre.com Signed-off-by: Uwe Kleine-König commit cc6a931d1f3b412263d515fd93b21fc0ca5147fe Author: Erik Schumacher Date: Fri Oct 25 08:37:00 2024 +0000 pwm: imx-tpm: Use correct MODULO value for EPWM mode The modulo register defines the period of the edge-aligned PWM mode (which is the only mode implemented). The reference manual states: "The EPWM period is determined by (MOD + 0001h) ..." So the value that is written to the MOD register must therefore be one less than the calculated period length. Return -EINVAL if the calculated length is already zero. A correct MODULO value is particularly relevant if the PWM has to output a high frequency due to a low period value. Fixes: 738a1cfec2ed ("pwm: Add i.MX TPM PWM driver support") Cc: stable@vger.kernel.org Signed-off-by: Erik Schumacher Link: https://lore.kernel.org/r/1a3890966d68b9f800d457cbf095746627495e18.camel@iris-sensing.com Signed-off-by: Uwe Kleine-König commit 78e7be018784934081afec77f96d49a2483f9188 Author: Kailang Yang Date: Fri Oct 18 13:53:24 2024 +0800 ALSA: hda/realtek: Limit internal Mic boost on Dell platform Dell want to limit internal Mic boost on all Dell platform. Signed-off-by: Kailang Yang Cc: Link: https://lore.kernel.org/561fc5f5eff04b6cbd79ed173cd1c1db@realtek.com Signed-off-by: Takashi Iwai commit 4d95a12beba146b0ca2de59c7ce905bc0aadfd0c Merge: e3e1cfe33f9328 cdc21021f03512 Author: Dave Airlie Date: Fri Oct 25 16:55:35 2024 +1000 Merge tag 'drm-xe-fixes-2024-10-24-1' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-fixes Driver Changes: - Increase invalidation timeout to avoid errors in some hosts (Shuicheng) - Flush worker on timeout (Badal) - Better handling for force wake failure (Shuicheng) - Improve argument check on user fence creation (Nirmoy) - Don't restart parallel queues multiple times on GT reset (Nirmoy) Signed-off-by: Dave Airlie From: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/trlkoiewtc4x2cyhsxmj3atayyq4zwto4iryea5pvya2ymc3yp@fdx5nhwmiyem commit 08846522d9a7bccf18d4f97c3f39d03c7a193970 Author: Diederik de Haas Date: Fri Oct 18 16:45:50 2024 +0200 arm64: dts: rockchip: Correct GPIO polarity on brcm BT nodes Paragraph "3.4 Power up Timing Sequence" of the AzureWave-CM256SM datasheet mentions the following about the BT_REG_ON pin, which is connected to GPIO0_C4_d: When this pin is low and WL_REG_ON is high, the BT section is in reset. Therefor set that pin to GPIO_ACTIVE_HIGH so that it can be pulled low for a reset. If set to GPIO_ACTIVE_LOW, the following errors are observed: Bluetooth: hci0: command 0x0c03 tx timeout Bluetooth: hci0: BCM: Reset failed (-110) So fix the GPIO polarity by setting it to ACTIVE_HIGH. This also matches what other devices with the same BT device have. Fixes: 2b6a3f857550 ("arm64: dts: rockchip: Fix reset-gpios property on brcm BT nodes") Signed-off-by: Diederik de Haas Link: https://lore.kernel.org/r/20241018145053.11928-2-didi.debian@cknow.org Signed-off-by: Heiko Stuebner commit a4dca88c9c3abd2ba73d09fb5b365fdf7d5198a3 Author: Cristian Ciocaltea Date: Sat Oct 19 03:38:10 2024 +0300 arm64: dts: rockchip: Drop invalid clock-names from es8388 codec nodes The binding for Everest ES8328/ES8388 audio CODEC doesn't support the 'clock-names' property: rk3588-orangepi-5-plus.dtb: audio-codec@11: 'clock-names' does not match any of the regexes: 'pinctrl-[0-9]+' from schema $id: http://devicetree.org/schemas/sound/everest,es8328.yaml# Since the related audio driver is also not making use of it, drop the invalid property from all es8388 codec nodes. Signed-off-by: Cristian Ciocaltea Link: https://lore.kernel.org/r/20241019-es8328-dt-fixes-v1-1-ca77d5ce21ad@collabora.com Signed-off-by: Heiko Stuebner commit 77a9a7f2d3b94d29d13d71b851114d593a2147cf Author: Heiko Stuebner Date: Tue Oct 8 22:39:40 2024 +0200 ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin Both the node name as well as the compatible were not named according to the binding expectations, fix that. Fixes: 47bf3a5c9e2a ("ARM: dts: rockchip: add the sound setup for rk3036-kylin board") Cc: Caesar Wang Reviewed-by: Dragan Simic Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20241008203940.2573684-15-heiko@sntech.de Signed-off-by: Heiko Stuebner commit 8bade1ad1f0821aef31f6a8fb1027ae292566d85 Author: Heiko Stuebner Date: Tue Oct 8 22:39:39 2024 +0200 ARM: dts: rockchip: Fix the spi controller on rk3036 Compatible and clock names did not match the existing binding. So set the correct values and re-order+rename the clocks. It looks like no rk3036 board did use the spi controller so far, so this was never detected on a running device yet. Fixes: f629fcfab2cd ("ARM: dts: rockchip: support the spi for rk3036") Cc: Caesar Wang Reviewed-by: Dragan Simic Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20241008203940.2573684-14-heiko@sntech.de Signed-off-by: Heiko Stuebner commit 1580ccb6ed9dc76b8ff3e2d8912e8215c8b0fa6d Author: Heiko Stuebner Date: Tue Oct 8 22:39:38 2024 +0200 ARM: dts: rockchip: drop grf reference from rk3036 hdmi Neither the binding nor the driver implementation specify/use the grf reference provided in the rk3036. And neither does the newer rk3128 user of the hdmi controller. So drop the rockchip,grf property. Fixes: b7217cf19c63 ("ARM: dts: rockchip: add hdmi device node for rk3036") Cc: Caesar Wang Reviewed-by: Dragan Simic Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20241008203940.2573684-13-heiko@sntech.de Signed-off-by: Heiko Stuebner commit c7206853cd7d31c52575fb1dc7616b4398f3bc8f Author: Heiko Stuebner Date: Tue Oct 8 22:39:37 2024 +0200 ARM: dts: rockchip: fix rk3036 acodec node The acodec node is not conformant to the binding. Set the correct nodename, use the correct compatible, add the needed #sound-dai-cells and sort the rockchip,grf below clocks properties as expected. Fixes: faea098e1808 ("ARM: dts: rockchip: add core rk3036 dtsi") Reviewed-by: Dragan Simic Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20241008203940.2573684-12-heiko@sntech.de Signed-off-by: Heiko Stuebner commit 3577d5e2bc1ff78808cbe2f233ae1837ee2ce84c Author: Heiko Stuebner Date: Tue Oct 8 22:39:36 2024 +0200 arm64: dts: rockchip: remove orphaned pinctrl-names from pinephone pro The patch adding display support for the pinephone pro introduced two regulators that contain pinctrl-names props but no pinctrl-assignments. Looks like someone forgot the pinctrl settings, so remove the orphans for now, until that changes. Fixes: 3e987e1f22b9 ("arm64: dts: rockchip: Add internal display support to rk3399-pinephone-pro") Cc: Martijn Braam Cc: Javier Martinez Canillas Cc: Ondrej Jirman Reviewed-by: Ondrej Jirman Reviewed-by: Javier Martinez Canillas Reviewed-by: Dragan Simic Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20241008203940.2573684-11-heiko@sntech.de Signed-off-by: Heiko Stuebner commit a574e7f80e86c740e241c762923f50077b2c2a30 Author: Steven Rostedt Date: Thu Oct 24 22:29:44 2024 -0400 fgraph: Change the name of cpuhp state to "fgraph:online" The cpuhp state name given to cpuhp_setup_state() is "fgraph_idle_init" which doesn't really conform to the names that are used for cpu hotplug setups. Instead rename it to "fgraph:online" to be in line with other states. Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Thomas Gleixner Link: https://lore.kernel.org/20241024222944.473d88c5@rorschach.local.home Suggested-by: Masami Hiramatsu Fixes: 2c02f7375e658 ("fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks") Signed-off-by: Steven Rostedt (Google) commit bd3734db86e01e20dd239a40b419059a0ce9c901 Author: Li Huafei Date: Thu Oct 24 23:59:17 2024 +0800 fgraph: Fix missing unlock in register_ftrace_graph() Use guard(mutex)() to acquire and automatically release ftrace_lock, fixing the issue of not unlocking when calling cpuhp_setup_state() fails. Fixes smatch warning: kernel/trace/fgraph.c:1317 register_ftrace_graph() warn: inconsistent returns '&ftrace_lock'. Link: https://lore.kernel.org/20241024155917.1019580-1-lihuafei1@huawei.com Fixes: 2c02f7375e65 ("fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks") Reported-by: kernel test robot Reported-by: Dan Carpenter Closes: https://lore.kernel.org/r/202410220121.wxg0olfd-lkp@intel.com/ Suggested-by: Steven Rostedt Signed-off-by: Li Huafei Acked-by: Masami Hiramatsu (Google) Signed-off-by: Steven Rostedt (Google) commit bffdf9d7e51a7be8eeaac2ccf9e54a5fde01ff65 Author: Dmitry Torokhov Date: Fri Oct 18 17:17:48 2024 -0700 Input: edt-ft5x06 - fix regmap leak when probe fails The driver neglects to free the instance of I2C regmap constructed at the beginning of the edt_ft5x06_ts_probe() method when probe fails. Additionally edt_ft5x06_ts_remove() is freeing the regmap too early, before the rest of the device resources that are managed by devm are released. Fix this by installing a custom devm action that will ensure that the regmap is released at the right time during normal teardown as well as in case of probe failure. Note that devm_regmap_init_i2c() could not be used because the driver may replace the original regmap with a regmap specific for M06 devices in the middle of the probe, and using devm_regmap_init_i2c() would result in releasing the M06 regmap too early. Reported-by: Li Zetao Fixes: 9dfd9708ffba ("Input: edt-ft5x06 - convert to use regmap API") Cc: stable@vger.kernel.org Reviewed-by: Oliver Graute Link: https://lore.kernel.org/r/ZxL6rIlVlgsAu-Jv@google.com Signed-off-by: Dmitry Torokhov commit e3e1cfe33f932860e070eafec8df8780e3b889a8 Merge: 2ba1f81ec7cbb2 5c23878252515b Author: Dave Airlie Date: Fri Oct 25 11:11:55 2024 +1000 Merge tag 'drm-misc-fixes-2024-10-24' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-fixes Short summary of fixes pull: bridge: - aux: Fix assignment of OF node - tc358767: Add missing of_node_put() in error path Signed-off-by: Dave Airlie From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20241024124921.GA20475@localhost.localdomain commit ae90f6a6170d7a7a1aa4fddf664fbd093e3023bc Merge: d44cd822644911 d5fb316e2af1d9 Author: Linus Torvalds Date: Thu Oct 24 16:53:20 2024 -0700 Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Pull bpf fixes from Daniel Borkmann: - Fix an out-of-bounds read in bpf_link_show_fdinfo for BPF sockmap link file descriptors (Hou Tao) - Fix BPF arm64 JIT's address emission with tag-based KASAN enabled reserving not enough size (Peter Collingbourne) - Fix BPF verifier do_misc_fixups patching for inlining of the bpf_get_branch_snapshot BPF helper (Andrii Nakryiko) - Fix a BPF verifier bug and reject BPF program write attempts into read-only marked BPF maps (Daniel Borkmann) - Fix perf_event_detach_bpf_prog error handling by removing an invalid check which would skip BPF program release (Jiri Olsa) - Fix memory leak when parsing mount options for the BPF filesystem (Hou Tao) * tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf: bpf: Check validity of link->type in bpf_link_show_fdinfo() bpf: Add the missing BPF_LINK_TYPE invocation for sockmap bpf: fix do_misc_fixups() for bpf_get_branch_snapshot() bpf,perf: Fix perf_event_detach_bpf_prog error handling selftests/bpf: Add test for passing in uninit mtu_len selftests/bpf: Add test for writes to .rodata bpf: Remove MEM_UNINIT from skb/xdp MTU helpers bpf: Fix overloading of MEM_UNINIT's meaning bpf: Add MEM_WRITE attribute bpf: Preserve param->string when parsing mount options bpf, arm64: Fix address emission with tag-based KASAN enabled commit 0107f28f135231da22a9ad5756bb16bd5cada4d5 Author: Hans de Goede Date: Thu Oct 24 23:16:15 2024 +0200 ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet The Vexia Edu Atla 10 tablet mostly uses the BYTCR tablet defaults, but as happens on more models it is using IN1 instead of IN3 for its internal mic and JD_SRC_JD2_IN4N instead of JD_SRC_JD1_IN4P for jack-detection. Add a DMI quirk for this to fix the internal-mic and jack-detection. Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20241024211615.79518-2-hdegoede@redhat.com Signed-off-by: Mark Brown commit d48696b915527b5bcdd207a299aec03fb037eb17 Author: Hans de Goede Date: Thu Oct 24 23:16:14 2024 +0200 ASoC: Intel: bytcr_rt5640: Add support for non ACPI instantiated codec On some x86 Bay Trail tablets which shipped with Android as factory OS, the DSDT is so broken that the codec needs to be manually instantatiated by the special x86-android-tablets.ko "fixup" driver for cases like this. This means that the codec-dev cannot be retrieved through its ACPI fwnode, add support to the bytcr_rt5640 machine driver for such manually instantiated rt5640 i2c_clients. An example of a tablet which needs this is the Vexia EDU ATLA 10 tablet, which has been distributed to schools in the Spanish Andalucía region. Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20241024211615.79518-1-hdegoede@redhat.com Signed-off-by: Mark Brown commit 032532f91a1d06d0750f16c49a9698ef5374a68f Author: Hans de Goede Date: Thu Oct 24 23:56:12 2024 +0200 ASoC: codecs: rt5640: Always disable IRQs from rt5640_cancel_work() Disable IRQs from rt5640_cancel_work(), this fixes a crash caused by the IRQ never getting freed when the driver is unbound from the i2c_client with jack-detection active: [ 193.138780] rt5640 i2c-rt5640: ASoC: unknown pin LDO2 [ 193.138830] rt5640 i2c-rt5640: ASoC: unknown pin MICBIAS1 [ 193.671218] BUG: kernel NULL pointer dereference, address: 0000000000000078 [ 193.671239] #PF: supervisor read access in kernel mode [ 193.671248] #PF: error_code(0x0000) - not-present page ... [ 193.671531] ? asm_exc_page_fault+0x22/0x30 [ 193.671551] ? rt5640_jack_inserted+0x10/0x80 [snd_soc_rt5640] [ 193.671574] rt5640_detect_headset+0x93/0x130 [snd_soc_rt5640] [ 193.671596] rt5640_jack_work+0x93/0x355 [snd_soc_rt5640] Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20241024215612.92147-1-hdegoede@redhat.com Signed-off-by: Mark Brown commit d44cd8226449114780a8554fd253c7e3d171a0a6 Merge: c9a50b90905a1d 9efc44fb2dba61 Author: Linus Torvalds Date: Thu Oct 24 16:43:50 2024 -0700 Merge tag 'net-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from Paolo Abeni: "Including fixes from netfiler, xfrm and bluetooth. Oddly this includes a fix for a posix clock regression; in our previous PR we included a change there as a pre-requisite for networking one. That fix proved to be buggy and requires the follow-up included here. Thomas suggested we should send it, given we sent the buggy patch. Current release - regressions: - posix-clock: Fix unbalanced locking in pc_clock_settime() - netfilter: fix typo causing some targets not to load on IPv6 Current release - new code bugs: - xfrm: policy: remove last remnants of pernet inexact list Previous releases - regressions: - core: fix races in netdev_tx_sent_queue()/dev_watchdog() - bluetooth: fix UAF on sco_sock_timeout - eth: hv_netvsc: fix VF namespace also in synthetic NIC NETDEV_REGISTER event - eth: usbnet: fix name regression - eth: be2net: fix potential memory leak in be_xmit() - eth: plip: fix transmit path breakage Previous releases - always broken: - sched: deny mismatched skip_sw/skip_hw flags for actions created by classifiers - netfilter: bpf: must hold reference on net namespace - eth: virtio_net: fix integer overflow in stats - eth: bnxt_en: replace ptp_lock with irqsave variant - eth: octeon_ep: add SKB allocation failures handling in __octep_oq_process_rx() Misc: - MAINTAINERS: add Simon as an official reviewer" * tag 'net-6.12-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (40 commits) net: dsa: mv88e6xxx: support 4000ps cycle counter period net: dsa: mv88e6xxx: read cycle counter period from hardware net: dsa: mv88e6xxx: group cycle counter coefficients net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event net: dsa: microchip: disable EEE for KSZ879x/KSZ877x/KSZ876x Bluetooth: ISO: Fix UAF on iso_sock_timeout Bluetooth: SCO: Fix UAF on sco_sock_timeout Bluetooth: hci_core: Disable works on hci_unregister_dev posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() r8169: avoid unsolicited interrupts net: sched: use RCU read-side critical section in taprio_dump() net: sched: fix use-after-free in taprio_change() net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers net: usb: usbnet: fix name regression mlxsw: spectrum_router: fix xa_store() error checking virtio_net: fix integer overflow in stats net: fix races in netdev_tx_sent_queue()/dev_watchdog() net: wwan: fix global oob in wwan_rtnl_policy netfilter: xtables: fix typo causing some targets not to load on IPv6 ... commit c9a50b90905a1dc79ca72d4a262da30d3572ca9e Merge: 3964f82a4dfc7e 51268879eb2bfc Author: Linus Torvalds Date: Thu Oct 24 16:31:58 2024 -0700 Merge tag 'hid-for-linus-20241024' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid Pull HID fixes from Jiri Kosina: "Device-specific functionality quirks for Thinkpad X1 Gen3, Logitech Bolt and some Goodix touchpads (Bartłomiej Maryńczak, Hans de Goede and Kenneth Albanowski)" * tag 'hid-for-linus-20241024' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid: HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad HID: i2c-hid: Delayed i2c resume wakeup for 0x0d42 Goodix touchpad commit 2ba1f81ec7cbb2a9920cd3435c515247863b32a6 Merge: 19c6890c3d01a9 338b655a117890 Author: Dave Airlie Date: Fri Oct 25 07:43:40 2024 +1000 Merge tag 'drm-intel-fixes-2024-10-24' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-fixes - Fix DRM_I915_GVT_KVMGT dependencies in Kconfig Signed-off-by: Dave Airlie From: Joonas Lahtinen Link: https://patchwork.freedesktop.org/patch/msgid/ZxniUlDg59RxOO-6@jlahtine-mobl.ger.corp.intel.com commit 5c41f75d1b921b9eaf79588cdd3b22b00fb4ec52 Author: Jeongjun Park Date: Tue Oct 22 00:43:56 2024 +0900 bcachefs: fix shift oob in alloc_lru_idx_fragmentation The size of a.data_type is set abnormally large, causing shift-out-of-bounds. To fix this, we need to add validation on a.data_type in alloc_lru_idx_fragmentation(). Reported-by: syzbot+7f45fa9805c40db3f108@syzkaller.appspotmail.com Fixes: 260af1562ec1 ("bcachefs: Kill alloc_v4.fragmentation_lru") Signed-off-by: Jeongjun Park Signed-off-by: Kent Overstreet commit 2045fc4295c427d420aa1ff551b4de8179b6e5d5 Author: Gianfranco Trad Date: Wed Oct 23 23:30:44 2024 +0200 bcachefs: Fix invalid shift in validate_sb_layout() Add check on layout->sb_max_size_bits against BCH_SB_LAYOUT_SIZE_BITS_MAX to prevent UBSAN shift-out-of-bounds in validate_sb_layout(). Reported-by: syzbot+089fad5a3a5e77825426@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=089fad5a3a5e77825426 Fixes: 03ef80b469d5 ("bcachefs: Ignore unknown mount options") Tested-by: syzbot+089fad5a3a5e77825426@syzkaller.appspotmail.com Signed-off-by: Gianfranco Trad Signed-off-by: Kent Overstreet commit be2ca3825372085d669d322dccd0542a90e5b434 Author: Dominique Martinet Date: Thu Oct 24 08:52:13 2024 +0900 Revert "fs/9p: simplify iget to remove unnecessary paths" This reverts commit 724a08450f74b02bd89078a596fd24857827c012. This code simplification introduced significant regressions on servers that do not remap inode numbers when exporting multiple underlying filesystems with colliding inodes, as can be illustrated with simple tmpfs exports in qemu with remapping disabled: ``` # host side cd /tmp/linux-test mkdir m1 m2 mount -t tmpfs tmpfs m1 mount -t tmpfs tmpfs m2 mkdir m1/dir m2/dir echo foo > m1/dir/foo echo bar > m2/dir/bar # guest side # started with -virtfs local,path=/tmp/linux-test,mount_tag=tmp,security_model=mapped-file mount -t 9p -o trans=virtio,debug=1 tmp /mnt/t ls /mnt/t/m1/dir # foo ls /mnt/t/m2/dir # bar (works ok if directry isn't open) # cd to keep first dir's inode alive cd /mnt/t/m1/dir ls /mnt/t/m2/dir # foo (should be bar) ``` Other examples can be crafted with regular files with fscache enabled, in which case I/Os just happen to the wrong file leading to corruptions, or guest failing to boot with: | VFS: Lookup of 'com.android.runtime' in 9p 9p would have caused loop In theory, we'd want the servers to be smart enough and ensure they never send us two different files with the same 'qid.path', but while qemu has an option to remap that is recommended (and qemu prints a warning if this case happens), there are many other servers which do not (kvmtool, nfs-ganesha, probably diod...), we should at least ensure we don't cause regressions on this: - assume servers can't be trusted and operations that should get a 'new' inode properly do so. commit d05dcfdf5e16 (" fs/9p: mitigate inode collisions") attempted to do this, but v9fs_fid_iget_dotl() was not called so some higher level of caching got in the way; this needs to be fixed properly before we can re-apply the patches. - if we ever want to really simplify this code, we will need to add some negotiation with the server at mount time where the server could claim they handle this properly, at which point we could optimize this out. (but that might not be needed at all if we properly handle the 'new' check?) Fixes: 724a08450f74 ("fs/9p: simplify iget to remove unnecessary paths") Reported-by: Will Deacon Link: https://lore.kernel.org/all/20240408141436.GA17022@redhat.com/ Link: https://lkml.kernel.org/r/20240923100508.GA32066@willie-the-truck Cc: stable@vger.kernel.org # v6.9+ Message-ID: <20241024-revert_iget-v1-4-4cac63d25f72@codewreck.org> Signed-off-by: Dominique Martinet commit 26f8dd2dde6864558782d91542f89483bd59a3c2 Author: Dominique Martinet Date: Thu Oct 24 08:52:12 2024 +0900 Revert "fs/9p: fix uaf in in v9fs_stat2inode_dotl" This reverts commit 11763a8598f888dec631a8a903f7ada32181001f. This is a requirement to revert commit 724a08450f74 ("fs/9p: simplify iget to remove unnecessary paths"), see that revert for details. Fixes: 724a08450f74 ("fs/9p: simplify iget to remove unnecessary paths") Reported-by: Will Deacon Link: https://lkml.kernel.org/r/20240923100508.GA32066@willie-the-truck Cc: stable@vger.kernel.org # v6.9+ Message-ID: <20241024-revert_iget-v1-3-4cac63d25f72@codewreck.org> Signed-off-by: Dominique Martinet commit fedd06210b14febfa69e09d0721746749ea9ea20 Author: Dominique Martinet Date: Thu Oct 24 08:52:11 2024 +0900 Revert "fs/9p: remove redundant pointer v9ses" This reverts commit 10211b4a23cf4a3df5c11a10e5b3d371f16a906f. This is a requirement to revert commit 724a08450f74 ("fs/9p: simplify iget to remove unnecessary paths"), see that revert for details. Fixes: 724a08450f74 ("fs/9p: simplify iget to remove unnecessary paths") Reported-by: Will Deacon Link: https://lkml.kernel.org/r/20240923100508.GA32066@willie-the-truck Cc: stable@vger.kernel.org # v6.9+ Message-ID: <20241024-revert_iget-v1-2-4cac63d25f72@codewreck.org> Signed-off-by: Dominique Martinet commit f69999b5f9b444a2443ca2b9e5976e78bb5b7c69 Author: Dominique Martinet Date: Thu Oct 24 08:52:10 2024 +0900 Revert " fs/9p: mitigate inode collisions" This reverts commit d05dcfdf5e1659b2949d13060284eff3888b644e. This is a requirement to revert commit 724a08450f74 ("fs/9p: simplify iget to remove unnecessary paths"), see that revert for details. Fixes: 724a08450f74 ("fs/9p: simplify iget to remove unnecessary paths") Reported-by: Will Deacon Link: https://lkml.kernel.org/r/20240923100508.GA32066@willie-the-truck Cc: stable@vger.kernel.org # v6.9+ Message-ID: <20241024-revert_iget-v1-1-4cac63d25f72@codewreck.org> Signed-off-by: Dominique Martinet commit 19c6890c3d01a978a167fec0759daf18cc284aa1 Merge: 42f7652d3eb527 7c210ca5a2d728 Author: Dave Airlie Date: Fri Oct 25 07:17:44 2024 +1000 Merge tag 'amd-drm-fixes-6.12-2024-10-23' of https://gitlab.freedesktop.org/agd5f/linux into drm-fixes amd-drm-fixes-6.12-2024-10-23: amdgpu: - ACPI method handling fixes - SMU 14.x fixes - Display idle optimization fix - DP link layer compliance fix - SDMA 7.x fix - PSR-SU fix - SWSMU fix Signed-off-by: Dave Airlie From: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20241023180208.452636-1-alexander.deucher@amd.com commit 3964f82a4dfc7e4bd4055fdc2a42250f71449f54 Merge: c2cd8e4592c04b 73adbd92f3223d Author: Linus Torvalds Date: Thu Oct 24 14:17:34 2024 -0700 Merge tag 'loongarch-fixes-6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson Pull LoongArch fixes from Huacai Chen: "Get correct cores_per_package for SMT systems, enable IRQ if do_ale() triggered in irq-enabled context, and fix some bugs about vDSO, memory managenent, hrtimer in KVM, etc" * tag 'loongarch-fixes-6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson: LoongArch: KVM: Mark hrtimer to expire in hard interrupt context LoongArch: Make KASAN usable for variable cpu_vabits LoongArch: Set initial pte entry with PAGE_GLOBAL for kernel space LoongArch: Don't crash in stack_top() for tasks without vDSO LoongArch: Set correct size for vDSO code mapping LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context LoongArch: Get correct cores_per_package for SMT systems LoongArch: Use "Exception return address" to comment ERA commit cce3cd647721dc30273f0546852b5c26820eb715 Author: Li Zhijian Date: Tue Oct 22 11:00:54 2024 +0800 cxl/core: Return error when cxl_endpoint_gather_bandwidth() handles a non-PCI device The function cxl_endpoint_gather_bandwidth() invokes pci_bus_read/write_XXX(), however, not all CXL devices are presently implemented via PCI. It is recognized that the cxl_test has realized a CXL device using a platform device. Calling pci_bus_read/write_XXX() in cxl_test will cause kernel panic: platform cxl_host_bridge.3: host supports CXL (restricted) Oops: general protection fault, probably for non-canonical address 0x3ef17856fcae4fbd: 0000 [#1] PREEMPT SMP PTI Call Trace: ? __die_body.cold+0x19/0x27 ? die_addr+0x38/0x60 ? exc_general_protection+0x1f5/0x4b0 ? asm_exc_general_protection+0x22/0x30 ? pci_bus_read_config_word+0x1c/0x60 pcie_capability_read_word+0x93/0xb0 pcie_link_speed_mbps+0x18/0x50 cxl_pci_get_bandwidth+0x18/0x60 [cxl_core] cxl_endpoint_gather_bandwidth.constprop.0+0xf4/0x230 [cxl_core] ? xas_store+0x54/0x660 ? preempt_count_add+0x69/0xa0 ? _raw_spin_lock+0x13/0x40 ? __kmalloc_cache_noprof+0xe7/0x270 cxl_region_shared_upstream_bandwidth_update+0x9c/0x790 [cxl_core] cxl_region_attach+0x520/0x7e0 [cxl_core] store_targetN+0xf2/0x120 [cxl_core] kernfs_fop_write_iter+0x13a/0x1f0 vfs_write+0x23b/0x410 ksys_write+0x53/0xd0 do_syscall_64+0x62/0x180 entry_SYSCALL_64_after_hwframe+0x76/0x7e And Ying also reported a KASAN error with similar calltrace. Reported-by: Huang, Ying Closes: http://lore.kernel.org/87y12w9vp5.fsf@yhuang6-desk2.ccr.corp.intel.com Fixes: a5ab0de0ebaa ("cxl: Calculate region bandwidth of targets with shared upstream link") Signed-off-by: Li Zhijian Reviewed-by: Dan Williams Tested-by: Huang, Ying Link: https://patch.msgid.link/20241022030054.258942-1-lizhijian@fujitsu.com Signed-off-by: Ira Weiny commit c2cd8e4592c04b6725611ccce60f2d0f85383f09 Merge: 4e46774408d942 0b6e2e22cb2310 Author: Linus Torvalds Date: Thu Oct 24 13:51:58 2024 -0700 Merge tag 'probes-fixes-v6.12-rc4.2' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull probes fixes from Masami Hiramatsu: - objpool: Fix choosing allocation for percpu slots Fixes to allocate objpool's percpu slots correctly according to the GFP flag. It checks whether "any bit" in GFP_ATOMIC is set to choose the vmalloc source, but it should check "all bits" in GFP_ATOMIC flag is set, because GFP_ATOMIC is a combined flag. - tracing/probes: Fix MAX_TRACE_ARGS limit handling If more than MAX_TRACE_ARGS are passed for creating a probe event, the entries over MAX_TRACE_ARG in trace_arg array are not initialized. Thus if the kernel accesses those entries, it crashes. This rejects creating event if the number of arguments is over MAX_TRACE_ARGS. - tracing: Consider the NUL character when validating the event length A strlen() is used when parsing the event name, and the original code does not consider the terminal null byte. Thus it can pass the name one byte longer than the buffer. This fixes to check it correctly. * tag 'probes-fixes-v6.12-rc4.2' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: tracing: Consider the NULL character when validating the event length tracing/probes: Fix MAX_TRACE_ARGS limit handling objpool: fix choosing allocation for percpu slots commit 4e46774408d942efe4eb35dc62e5af3af71b9a30 Merge: 6cc65abee8ee1e 75f49c3dc7b742 Author: Linus Torvalds Date: Thu Oct 24 13:04:15 2024 -0700 Merge tag 'for-6.12-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux Pull btrfs fixes from David Sterba: - mount option fixes: - fix handling of compression mount options on remount - reject rw remount in case there are options that don't work in read-write mode (like rescue options) - fix zone accounting of unusable space - fix in-memory corruption when merging extent maps - fix delalloc range locking for sector < page - use more convenient default value of drop subtree threshold, clean more subvolumes without the fallback to marking quotas inconsistent - fix smatch warning about incorrect value passed to ERR_PTR * tag 'for-6.12-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux: btrfs: fix passing 0 to ERR_PTR in btrfs_search_dir_index_item() btrfs: reject ro->rw reconfiguration if there are hard ro requirements btrfs: fix read corruption due to race with extent map merging btrfs: fix the delalloc range locking if sector size < page size btrfs: qgroup: set a more sane default value for subtree drop threshold btrfs: clear force-compress on remount when compress mount option is given btrfs: zoned: fix zone unusable accounting for freed reserved extent commit 6cc65abee8ee1ef5cfeb2748157be232262956a8 Merge: c1e822754cc7f2 67373ca8404fe5 Author: Linus Torvalds Date: Thu Oct 24 12:47:01 2024 -0700 Merge tag 'jfs-6.12-rc5' of github.com:kleikamp/linux-shaggy Pull jfs fix from David Kleikamp: "Fix a regression introduced in 6.12-rc1" * tag 'jfs-6.12-rc5' of github.com:kleikamp/linux-shaggy: jfs: Fix sanity check in dbMount commit c1e822754cc7f28b98c6897d62e8b47b4001e422 Merge: f009e946c15540 a069f014797fde Author: Linus Torvalds Date: Thu Oct 24 12:38:59 2024 -0700 Merge tag 'bcachefs-2024-10-22' of https://github.com/koverstreet/bcachefs Pull bcachefs fixes from Kent Overstreet: "Lots of hotfixes: - transaction restart injection has been shaking out a few things - fix a data corruption in the buffered write path on -ENOSPC, found by xfstests generic/299 - Some small show_options fixes - Repair mismatches in inode hash type, seed: different snapshot versions of an inode must have the same hash/type seed, used for directory entries and xattrs. We were checking the hash seed, but not the type, and a user contributed a filesystem where the hash type on one inode had somehow been flipped; these fixes allow his filesystem to repair. Additionally, the hash type flip made some directory entries invisible, which were then recreated by userspace; so the hash check code now checks for duplicate non dangling dirents, and renames one of them if necessary. - Don't use wait_event_interruptible() in recovery: this fixes some filesystems failing to mount with -ERESTARTSYS - Workaround for kvmalloc not supporting > INT_MAX allocations, causing an -ENOMEM when allocating the sorted array of journal keys: this allows a 75 TB filesystem to mount - Make sure bch_inode_unpacked.bi_snapshot is set in the old inode compat path: this alllows Marcin's filesystem (in use since before 6.7) to repair and mount" * tag 'bcachefs-2024-10-22' of https://github.com/koverstreet/bcachefs: (26 commits) bcachefs: Set bch_inode_unpacked.bi_snapshot in old inode path bcachefs: Mark more errors as AUTOFIX bcachefs: Workaround for kvmalloc() not supporting > INT_MAX allocations bcachefs: Don't use wait_event_interruptible() in recovery bcachefs: Fix __bch2_fsck_err() warning bcachefs: fsck: Improve hash_check_key() bcachefs: bch2_hash_set_or_get_in_snapshot() bcachefs: Repair mismatches in inode hash seed, type bcachefs: Add hash seed, type to inode_to_text() bcachefs: INODE_STR_HASH() for bch_inode_unpacked bcachefs: Run in-kernel offline fsck without ratelimit errors bcachefs: skip mount option handle for empty string. bcachefs: fix incorrect show_options results bcachefs: Fix data corruption on -ENOSPC in buffered write path bcachefs: bch2_folio_reservation_get_partial() is now better behaved bcachefs: fix disk reservation accounting in bch2_folio_reservation_get() bcachefS: ec: fix data type on stripe deletion bcachefs: Don't use commit_do() unnecessarily bcachefs: handle restarts in bch2_bucket_io_time_reset() bcachefs: fix restart handling in __bch2_resume_logged_op_finsert() ... commit f009e946c15540cdff2974771fb979f40b794153 Author: Dominique Martinet Date: Thu Oct 24 08:29:19 2024 +0900 Revert "9p: Enable multipage folios" This reverts commit 1325e4a91a405f88f1b18626904d37860a4f9069. using multipage folios apparently break some madvise operations like MADV_PAGEOUT which do not reliably unload the specified page anymore, Revert the patch until that is figured out. Reported-by: Andrii Nakryiko Fixes: 1325e4a91a40 ("9p: Enable multipage folios") Signed-off-by: Dominique Martinet Acked-by: Andrii Nakryiko Signed-off-by: Linus Torvalds commit f8c879192465d9f328cb0df07208ef077c560bb1 Author: Bjorn Andersson Date: Wed Oct 23 17:24:33 2024 +0000 soc: qcom: pmic_glink: Handle GLINK intent allocation rejections Some versions of the pmic_glink firmware does not allow dynamic GLINK intent allocations, attempting to send a message before the firmware has allocated its receive buffers and announced these intent allocations will fail. When this happens something like this showns up in the log: pmic_glink_altmode.pmic_glink_altmode pmic_glink.altmode.0: failed to send altmode request: 0x10 (-125) pmic_glink_altmode.pmic_glink_altmode pmic_glink.altmode.0: failed to request altmode notifications: -125 ucsi_glink.pmic_glink_ucsi pmic_glink.ucsi.0: failed to send UCSI read request: -125 qcom_battmgr.pmic_glink_power_supply pmic_glink.power-supply.0: failed to request power notifications GLINK has been updated to distinguish between the cases where the remote is going down (-ECANCELED) and the intent allocation being rejected (-EAGAIN). Retry the send until intent buffers becomes available, or an actual error occur. To avoid infinitely waiting for the firmware in the event that this misbehaves and no intents arrive, an arbitrary 5 second timeout is used. This patch was developed with input from Chris Lew. Reported-by: Johan Hovold Closes: https://lore.kernel.org/all/Zqet8iInnDhnxkT9@hovoldconsulting.com/#t Cc: stable@vger.kernel.org # rpmsg: glink: Handle rejected intent request better Fixes: 58ef4ece1e41 ("soc: qcom: pmic_glink: Introduce base PMIC GLINK driver") Tested-by: Johan Hovold Reviewed-by: Johan Hovold Signed-off-by: Bjorn Andersson Reviewed-by: Chris Lew Link: https://lore.kernel.org/r/20241023-pmic-glink-ecancelled-v2-2-ebc268129407@oss.qualcomm.com Signed-off-by: Bjorn Andersson commit a387e73fedd6307c0e194deaa53c42b153ff0bd6 Author: Bjorn Andersson Date: Wed Oct 23 17:24:32 2024 +0000 rpmsg: glink: Handle rejected intent request better GLINK operates using pre-allocated buffers, aka intents, where incoming messages are aggregated before being passed up the stack. In the case that no suitable intents have been announced by the receiver, the sender can request an intent to be allocated. The initial implementation of the response to such request dealt with two outcomes; granted allocations, and all other cases being considered -ECANCELLED (likely from "cancelling the operation as the remote is going down"). But on some channels intent allocation is not supported, instead the remote will pre-allocate and announce a fixed number of intents for the sender to use. If for such channels an rpmsg_send() is being invoked before any channels have been announced, an intent request will be issued and as this comes back rejected the call fails with -ECANCELED. Given that this is reported in the same way as the remote being shut down, there's no way for the client to differentiate the two cases. In line with the original GLINK design, change the return value to -EAGAIN for the case where the remote rejects an intent allocation request. It's tempting to handle this case in the GLINK core, as we expect intents to show up in this case. But there's no way to distinguish between this case and a rejection for a too big allocation, nor is it possible to predict if a currently used (and seemingly suitable) intent will be returned for reuse or not. As such, returning the error to the client and allow it to react seems to be the only sensible solution. In addition to this, commit 'c05dfce0b89e ("rpmsg: glink: Wait for intent, not just request ack")' changed the logic such that the code always wait for an intent request response and an intent. This works out in most cases, but in the event that an intent request is rejected and no further intent arrives (e.g. client asks for a too big intent), the code will stall for 10 seconds and then return -ETIMEDOUT; instead of a more suitable error. This change also resulted in intent requests racing with the shutdown of the remote would be exposed to this same problem, unless some intent happens to arrive. A patch for this was developed and posted by Sarannya S [1], and has been incorporated here. To summarize, the intent request can end in 4 ways: - Timeout, no response arrived => return -ETIMEDOUT - Abort TX, the edge is going away => return -ECANCELLED - Intent request was rejected => return -EAGAIN - Intent request was accepted, and an intent arrived => return 0 This patch was developed with input from Sarannya S, Deepak Kumar Singh, and Chris Lew. [1] https://lore.kernel.org/all/20240925072328.1163183-1-quic_deesin@quicinc.com/ Fixes: c05dfce0b89e ("rpmsg: glink: Wait for intent, not just request ack") Cc: stable@vger.kernel.org Tested-by: Johan Hovold Signed-off-by: Bjorn Andersson Reviewed-by: Chris Lew Link: https://lore.kernel.org/r/20241023-pmic-glink-ecancelled-v2-1-ebc268129407@oss.qualcomm.com Signed-off-by: Bjorn Andersson commit bf40167d54d55d4b54d0103713d86a8638fb9290 Author: Alexandre Ghiti Date: Wed Oct 16 10:36:24 2024 +0200 riscv: vdso: Prevent the compiler from inserting calls to memset() The compiler is smart enough to insert a call to memset() in riscv_vdso_get_cpus(), which generates a dynamic relocation. So prevent this by using -fno-builtin option. Fixes: e2c0cdfba7f6 ("RISC-V: User-facing API") Cc: stable@vger.kernel.org Signed-off-by: Alexandre Ghiti Reviewed-by: Guo Ren Link: https://lore.kernel.org/r/20241016083625.136311-2-alexghiti@rivosinc.com Signed-off-by: Palmer Dabbelt commit 7bd4923940c8d67d9f3f3fde8d7c067e9e804fc6 Author: Jinjie Ruan Date: Thu Oct 24 09:55:53 2024 +0800 iio: dac: Kconfig: Fix build error for ltc2664 If REGMAP_SPI is n and LTC2664 is y, the following build error occurs: riscv64-unknown-linux-gnu-ld: drivers/iio/dac/ltc2664.o: in function `ltc2664_probe': ltc2664.c:(.text+0x714): undefined reference to `__devm_regmap_init_spi' Select REGMAP_SPI instead of REGMAP for LTC2664 to fix it. Fixes: 4cc2fc445d2e ("iio: dac: ltc2664: Add driver for LTC2664 and LTC2672") Reviewed-by: Nuno Sa Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20241024015553.1111253-1-ruanjinjie@huawei.com Signed-off-by: Jonathan Cameron commit cdc21021f0351226a4845715564afd5dc50ed44b Author: Nirmoy Das Date: Tue Oct 22 12:35:55 2024 +0200 drm/xe: Don't restart parallel queues multiple times on GT reset In case of parallel submissions multiple GuC id will point to the same exec queue and on GT reset such exec queues will get restarted multiple times which is not desirable. v2: don't use exec_queue_enabled() which could race, do the same for xe_guc_submit_stop (Matt B) Link: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2295 Cc: Jonathan Cavitt Cc: Himal Prasad Ghimiray Cc: Matthew Auld Cc: Matthew Brost Cc: Tejas Upadhyay Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20241022103555.731557-1-nirmoy.das@intel.com Signed-off-by: Nirmoy Das (cherry picked from commit c8b0acd6d8745fd7e6450f5acc38f0227bd253b3) Signed-off-by: Lucas De Marchi commit 9c1813b3253480b30604c680026c7dc721ce86d1 Author: Nirmoy Das Date: Wed Oct 16 10:23:03 2024 +0200 drm/xe/ufence: Prefetch ufence addr to catch bogus address access_ok() only checks for addr overflow so also try to read the addr to catch invalid addr sent from userspace. Link: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/1630 Cc: Francois Dugast Cc: Maarten Lankhorst Cc: Matthew Auld Cc: Matthew Brost Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20241016082304.66009-2-nirmoy.das@intel.com Signed-off-by: Nirmoy Das (cherry picked from commit 9408c4508483ffc60811e910a93d6425b8e63928) Signed-off-by: Lucas De Marchi commit 69418db678567bdf9a4992c83d448da462ffa78c Author: Shuicheng Lin Date: Thu Oct 17 22:15:47 2024 +0000 drm/xe: Handle unreliable MMIO reads during forcewake In some cases, when the driver attempts to read an MMIO register, the hardware may return 0xFFFFFFFF. The current force wake path code treats this as a valid response, as it only checks the BIT. However, 0xFFFFFFFF should be considered an invalid value, indicating a potential issue. To address this, we should add a log entry to highlight this condition and return failure. The force wake failure log level is changed from notice to err to match the failure return value. v2 (Matt Brost): - set ret value (-EIO) to kick the error to upper layers v3 (Rodrigo): - add commit message for the log level promotion from notice to err v4: - update reviewed info Suggested-by: Alex Zuo Signed-off-by: Shuicheng Lin Cc: Matthew Brost Cc: Michal Wajdeczko Reviewed-by: Himal Prasad Ghimiray Acked-by: Badal Nilawar Cc: Anshuman Gupta Cc: Matt Roper Cc: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20241017221547.1564029-1-shuicheng.lin@intel.com Signed-off-by: Rodrigo Vivi (cherry picked from commit a9fbeabe7226a3bf90f82d0e28a02c18e3c67447) Signed-off-by: Lucas De Marchi commit 22ef43c78647dd37b0dafe2182b8650b99dbbe59 Author: Badal Nilawar Date: Thu Oct 17 16:44:10 2024 +0530 drm/xe/guc/ct: Flush g2h worker in case of g2h response timeout In case if g2h worker doesn't get opportunity to within specified timeout delay then flush the g2h worker explicitly. v2: - Describe change in the comment and add TODO (Matt B/John H) - Add xe_gt_warn on fence done after G2H flush (John H) v3: - Updated the comment with root cause - Clean up xe_gt_warn message (John H) Closes: https://gitlab.freedesktop.org/drm/xe/kernel/issues/1620 Closes: https://gitlab.freedesktop.org/drm/xe/kernel/issues/2902 Signed-off-by: Badal Nilawar Cc: Matthew Brost Cc: Matthew Auld Cc: John Harrison Cc: Himal Prasad Ghimiray Reviewed-by: Himal Prasad Ghimiray Acked-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20241017111410.2553784-2-badal.nilawar@intel.com (cherry picked from commit e5152723380404acb8175e0777b1cea57f319a01) Signed-off-by: Lucas De Marchi commit c8fb95e7a54315460b45090f0968167a332e1657 Author: Shuicheng Lin Date: Tue Oct 15 16:12:07 2024 +0000 drm/xe: Enlarge the invalidation timeout from 150 to 500 There are error messages like below that are occurring during stress testing: "[ 31.004009] xe 0000:03:00.0: [drm] ERROR GT0: Global invalidation timeout". Previously it was hitting this 3 out of 1000 executions of warm reboot. After raising it to 500, 1000 warm reboot executions passed and it didn't fail. Due to the way xe_mmio_wait32() is implemented, the timeout is able to expire early when the register matches the expected value due to the wait increments starting small. So, the larger timeout value should have no effect during normal use cases. v2 (Jonathan): - rework the commit message v3 (Lucas): - add conclusive message for the fail rate and test case v4: - add suggested-by Suggested-by: Jia Yao Signed-off-by: Shuicheng Lin Cc: Lucas De Marchi Cc: Matthew Auld Cc: Nirmoy Das Reviewed-by: Jonathan Cavitt Tested-by: Zongyao Bai Reviewed-by: Nirmoy Das Signed-off-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20241015161207.1373401-1-shuicheng.lin@intel.com (cherry picked from commit 2eb460ab9f4bc5b575f52568d17936da0af681d8) [ Fix conflict with gt->mmio ] Signed-off-by: Lucas De Marchi commit 54376fe116ef69c9e58794589c044abb2555169e Author: Johan Hovold Date: Thu Oct 24 15:11:00 2024 +0200 arm64: dts: qcom: x1e80100: fix PCIe5 interconnect The fifth PCIe controller is connected to the PCIe North ANoC. Fix the corresponding interconnect property so that the OS manages the right path. Fixes: 62ab23e15508 ("arm64: dts: qcom: x1e80100: add PCIe5 nodes") Signed-off-by: Johan Hovold Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20241024131101.13587-3-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit f3bba5eb46ddb8f460fc808a65050a9bf2f7ef23 Author: Johan Hovold Date: Thu Oct 24 15:10:59 2024 +0200 arm64: dts: qcom: x1e80100: fix PCIe4 interconnect The fourth PCIe controller is connected to the PCIe North ANoC. Fix the corresponding interconnect property so that the OS manages the right path. Fixes: 5eb83fc10289 ("arm64: dts: qcom: x1e80100: Add PCIe nodes") Cc: stable@vger.kernel.org # 6.9 Cc: Abel Vesa Cc: Sibi Sankar Cc: Rajendra Nayak Signed-off-by: Johan Hovold Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20241024131101.13587-2-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit efa353ae1b0541981bc96dbf2e586387d0392baa Author: Zicheng Qu Date: Tue Oct 22 13:43:30 2024 +0000 iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() In the ad7124_write_raw() function, parameter val can potentially be zero. This may lead to a division by zero when DIV_ROUND_CLOSEST() is called within ad7124_set_channel_odr(). The ad7124_write_raw() function is invoked through the sequence: iio_write_channel_raw() -> iio_write_channel_attribute() -> iio_channel_write(), with no checks in place to ensure val is non-zero. Cc: stable@vger.kernel.org Fixes: 7b8d045e497a ("iio: adc: ad7124: allow more than 8 channels") Signed-off-by: Zicheng Qu Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20241022134330.574601-1-quzicheng@huawei.com Signed-off-by: Jonathan Cameron commit 6bd301819f8f69331a55ae2336c8b111fc933f3d Author: Zicheng Qu Date: Tue Oct 22 13:43:54 2024 +0000 staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() In the ad9832_write_frequency() function, clk_get_rate() might return 0. This can lead to a division by zero when calling ad9832_calc_freqreg(). The check if (fout > (clk_get_rate(st->mclk) / 2)) does not protect against the case when fout is 0. The ad9832_write_frequency() function is called from ad9832_write(), and fout is derived from a text buffer, which can contain any value. Link: https://lore.kernel.org/all/2024100904-CVE-2024-47663-9bdc@gregkh/ Fixes: ea707584bac1 ("Staging: IIO: DDS: AD9832 / AD9835 driver") Cc: stable@vger.kernel.org Signed-off-by: Zicheng Qu Reviewed-by: Nuno Sa Reviewed-by: Dan Carpenter Link: https://patch.msgid.link/20241022134354.574614-1-quzicheng@huawei.com Signed-off-by: Jonathan Cameron commit 795114e849ddfd48150eb0135d04748a8c81cec5 Author: Julien Stephan Date: Tue Oct 22 15:22:40 2024 +0200 docs: iio: ad7380: fix supply for ad7380-4 ad7380-4 is the only device from ad738x family that doesn't have an internal reference. Moreover it's external reference is called REFIN in the datasheet while all other use REFIO as an optional external reference. Update documentation to highlight this. Fixes: 3e82dfc82f38 ("docs: iio: new docs for ad7380 driver") Reviewed-by: David Lechner Signed-off-by: Julien Stephan Link: https://patch.msgid.link/20241022-ad7380-fix-supplies-v3-5-f0cefe1b7fa6@baylibre.com Cc: Signed-off-by: Jonathan Cameron commit 05f9c67179c9a8d66dee175fb4b17f380908a26f Author: Julien Stephan Date: Tue Oct 22 15:22:39 2024 +0200 iio: adc: ad7380: fix supplies for ad7380-4 ad7380-4 is the only device in the family that does not have an internal reference. It uses "refin" as a required external reference. All other devices in the family use "refio"" as an optional external reference. Fixes: 737413da8704 ("iio: adc: ad7380: add support for ad738x-4 4 channels variants") Reviewed-by: Nuno Sa Reviewed-by: David Lechner Signed-off-by: Julien Stephan Link: https://patch.msgid.link/20241022-ad7380-fix-supplies-v3-4-f0cefe1b7fa6@baylibre.com Cc: Signed-off-by: Jonathan Cameron commit 7ddbc2728728f9b832ade7b4c180efdc2f22e8b9 Author: Julien Stephan Date: Tue Oct 22 15:22:38 2024 +0200 iio: adc: ad7380: add missing supplies vcc and vlogic are required but are not retrieved and enabled in the probe. Add them. In order to prepare support for additional parts requiring different supplies, add vcc and vlogic to the platform specific structures Reviewed-by: Nuno Sa Reviewed-by: David Lechner Signed-off-by: Julien Stephan Link: https://patch.msgid.link/20241022-ad7380-fix-supplies-v3-3-f0cefe1b7fa6@baylibre.com Signed-off-by: Jonathan Cameron commit 2ac6b2e823b52f7f4abf1d3a97d11889e22d0d16 Author: Julien Stephan Date: Tue Oct 22 15:22:37 2024 +0200 iio: adc: ad7380: use devm_regulator_get_enable_read_voltage() Use devm_regulator_get_enable_read_voltage() to simplify the code. Reviewed-by: Nuno Sa Reviewed-by: David Lechner Signed-off-by: Julien Stephan Link: https://patch.msgid.link/20241022-ad7380-fix-supplies-v3-2-f0cefe1b7fa6@baylibre.com Signed-off-by: Jonathan Cameron commit fbe5956e8809f04e9121923db0b6d1b94f2b93ba Author: Julien Stephan Date: Tue Oct 22 15:22:36 2024 +0200 dt-bindings: iio: adc: ad7380: fix ad7380-4 reference supply ad7380-4 is the only device from ad738x family that doesn't have an internal reference. Moreover its external reference is called REFIN in the datasheet while all other use REFIO as an optional external reference. If refio-supply is omitted the internal reference is used. Fix the binding by adding refin-supply and makes it required for ad7380-4 only. Fixes: 1a291cc8ee17 ("dt-bindings: iio: adc: ad7380: add support for ad738x-4 4 channels variants") Acked-by: Conor Dooley Reviewed-by: David Lechner Signed-off-by: Julien Stephan Link: https://patch.msgid.link/20241022-ad7380-fix-supplies-v3-1-f0cefe1b7fa6@baylibre.com Cc: Signed-off-by: Jonathan Cameron commit 63dd163cd61dda6f38343776b42331cc6b7e56e0 Author: Javier Carrasco Date: Wed Oct 16 19:04:31 2024 +0200 iio: light: veml6030: fix microlux value calculation The raw value conversion to obtain a measurement in lux as INT_PLUS_MICRO does not calculate the decimal part properly to display it as micro (in this case microlux). It only calculates the module to obtain the decimal part from a resolution that is 10000 times the provided in the datasheet (0.5376 lux/cnt for the veml6030). The resulting value must still be multiplied by 100 to make it micro. This bug was introduced with the original implementation of the driver. Only the illuminance channel is fixed becuase the scale is non sensical for the intensity channels anyway. Cc: stable@vger.kernel.org Fixes: 7b779f573c48 ("iio: light: add driver for veml6030 ambient light sensor") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241016-veml6030-fix-processed-micro-v1-1-4a5644796437@gmail.com Signed-off-by: Jonathan Cameron commit d5fb316e2af1d947f0f6c3666e373a54d9f27c6f Merge: 9806f283140ef3 8421d4c8762bd0 Author: Andrii Nakryiko Date: Thu Oct 24 10:17:13 2024 -0700 Merge branch 'add-the-missing-bpf_link_type-invocation-for-sockmap' Hou Tao says: ==================== Add the missing BPF_LINK_TYPE invocation for sockmap From: Hou Tao Hi, The tiny patch set fixes the out-of-bound read problem when reading the fdinfo of sock map link fd. And in order to spot such omission early for the newly-added link type in the future, it also checks the validity of the link->type and adds a WARN_ONCE() for missed invocation. Please see individual patches for more details. And comments are always welcome. v3: * patch #2: check and warn the validity of link->type instead of adding a static assertion for bpf_link_type_strs array. v2: http://lore.kernel.org/bpf/d49fa2f4-f743-c763-7579-c3cab4dd88cb@huaweicloud.com ==================== Link: https://lore.kernel.org/r/20241024013558.1135167-1-houtao@huaweicloud.com Signed-off-by: Andrii Nakryiko commit 8421d4c8762bd022cb491f2f0f7019ef51b4f0a7 Author: Hou Tao Date: Thu Oct 24 09:35:58 2024 +0800 bpf: Check validity of link->type in bpf_link_show_fdinfo() If a newly-added link type doesn't invoke BPF_LINK_TYPE(), accessing bpf_link_type_strs[link->type] may result in an out-of-bounds access. To spot such missed invocations early in the future, checking the validity of link->type in bpf_link_show_fdinfo() and emitting a warning when such invocations are missed. Signed-off-by: Hou Tao Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20241024013558.1135167-3-houtao@huaweicloud.com commit c2f803052bc7a7feb2e03befccc8e49b6ff1f5f5 Author: Hou Tao Date: Thu Oct 24 09:35:57 2024 +0800 bpf: Add the missing BPF_LINK_TYPE invocation for sockmap There is an out-of-bounds read in bpf_link_show_fdinfo() for the sockmap link fd. Fix it by adding the missing BPF_LINK_TYPE invocation for sockmap link Also add comments for bpf_link_type to prevent missing updates in the future. Fixes: 699c23f02c65 ("bpf: Add bpf_link support for sk_msg and sk_skb progs") Signed-off-by: Hou Tao Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20241024013558.1135167-2-houtao@huaweicloud.com commit 4f7f417042b242c1e5a9ed03741acb5d900e0871 Author: Vishal Chourasia Date: Thu Oct 24 10:46:09 2024 +0530 sched_ext: Fix function pointer type mismatches in BPF selftests Fix incompatible function pointer type warnings in sched_ext BPF selftests by explicitly casting the function pointers when initializing struct_ops. This addresses multiple -Wincompatible-function-pointer-types warnings from the clang compiler where function signatures didn't match exactly. The void * cast ensures the compiler accepts the function pointer assignment despite minor type differences in the parameters. Signed-off-by: Vishal Chourasia Signed-off-by: Tejun Heo commit a85df8c7b5ee2d3d4823befada42c5c41aff4cb0 Author: Dan Carpenter Date: Fri Sep 13 17:34:54 2024 +0300 drm/tegra: Fix NULL vs IS_ERR() check in probe() The iommu_paging_domain_alloc() function doesn't return NULL pointers, it returns error pointers. Update the check to match. Fixes: 45c690aea8ee ("drm/tegra: Use iommu_paging_domain_alloc()") Signed-off-by: Dan Carpenter Reviewed-by: Lu Baolu Signed-off-by: Thierry Reding Link: https://patchwork.freedesktop.org/patch/msgid/ba31cf3a-af3d-4ff1-87a8-f05aaf8c780b@stanley.mountain commit 7af1418500124150f9fd24e1a5b9c288771df271 Author: Konrad Dybcio Date: Wed Jul 10 16:07:23 2024 +0200 arm64: dts: qcom: x1e80100: Fix up BAR spaces The 32-bit BAR spaces are reaching outside their assigned register regions. Shrink them to match their actual sizes. This resolves an issue where the regions overlap and one of the controllers won't come up, which can be seen in the log as: qcom-pcie 1c08000.pci: resource collision: [mem 0x7c300000-0x7fffffff] conflicts with 1c00000.pci dbi [mem 0x7e000000-0x7e000f1c] While at it, unify the style. Fixes: 5eb83fc10289 ("arm64: dts: qcom: x1e80100: Add PCIe nodes") Cc: stable@vger.kernel.org Signed-off-by: Konrad Dybcio Reviewed-by: Abel Vesa Tested-by: Abel Vesa Link: https://lore.kernel.org/r/20240710-topic-barman-v1-1-5f63fca8d0fc@linaro.org [bjorn: Added note about overlapping resource regions] Signed-off-by: Bjorn Andersson commit d93df29bdab133b85e94b3c328e7fe26a0ebd56c Author: liwei Date: Thu Oct 24 10:29:52 2024 +0800 cpufreq: CPPC: fix perf_to_khz/khz_to_perf conversion exception When the nominal_freq recorded by the kernel is equal to the lowest_freq, and the frequency adjustment operation is triggered externally, there is a logic error in cppc_perf_to_khz()/cppc_khz_to_perf(), resulting in perf and khz conversion errors. Fix this by adding a branch processing logic when nominal_freq is equal to lowest_freq. Fixes: ec1c7ad47664 ("cpufreq: CPPC: Fix performance/frequency conversion") Signed-off-by: liwei Acked-by: Viresh Kumar Link: https://patch.msgid.link/20241024022952.2627694-1-liwei728@huawei.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit 3d1c651272cf1df8aac7d9b6d92d836d27bed50f Author: Dan Carpenter Date: Thu Oct 24 11:07:15 2024 +0300 ACPI: PRM: Clean up guid type in struct prm_handler_info Clang 19 prints a warning when we pass &th->guid to efi_pa_va_lookup(): drivers/acpi/prmt.c:156:29: error: passing 1-byte aligned argument to 4-byte aligned parameter 1 of 'efi_pa_va_lookup' may result in an unaligned pointer access [-Werror,-Walign-mismatch] 156 | (void *)efi_pa_va_lookup(&th->guid, handler_info->handler_address); | ^ The problem is that efi_pa_va_lookup() takes a efi_guid_t and &th->guid is a regular guid_t. The difference between the two types is the alignment. efi_guid_t is a typedef. typedef guid_t efi_guid_t __aligned(__alignof__(u32)); It's possible that this a bug in Clang 19. Even though the alignment of &th->guid is not explicitly specified, it will still end up being aligned at 4 or 8 bytes. Anyway, as Ard points out, it's cleaner to change guid to efi_guid_t type and that also makes the warning go away. Fixes: 088984c8d54c ("ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context") Reported-by: Linux Kernel Functional Testing Suggested-by: Ard Biesheuvel Signed-off-by: Dan Carpenter Tested-by: Paul E. McKenney Acked-by: Ard Biesheuvel Link: https://patch.msgid.link/3777d71b-9e19-45f4-be4e-17bf4fa7a834@stanley.mountain [ rjw: Subject edit ] Signed-off-by: Rafael J. Wysocki commit 384f2024e1a100b9b977a697f5e7cb151b00550d Author: Conor Dooley Date: Tue Aug 6 18:36:21 2024 +0100 MAINTAINERS: invert Misc RISC-V SoC Support's pattern There are now more directories that someone else maintains than ones I do, so invert the pattern to cover included, rather than included directories. Ditto for the bindings directory - there's more files there that are the responsibility of others than mine (and I get CCed on all bindings anyway). Remove it from the entry. Signed-off-by: Conor Dooley commit 128fdbf36cddc2a901c4889ba1c89fa9f2643f2c Author: Manikanta Mylavarapu Date: Wed Oct 16 20:18:52 2024 +0530 soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() In success case, the revision holds a non-null pointer. The current logic incorrectly returns an error for a non-null pointer, whereas it should return an error for a null pointer. The socinfo driver for IPQ9574 and IPQ5332 is currently broken, resulting in the following error message qcom-socinfo qcom-socinfo: probe with driver qcom-socinfo failed with error -12 Add a null check for the revision to ensure it returns an error only in failure case (null pointer). Fixes: e694d2b5c58b ("soc: qcom: Add check devm_kasprintf() returned value") Signed-off-by: Manikanta Mylavarapu Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20241016144852.2888679-1-quic_mmanikan@quicinc.com Signed-off-by: Bjorn Andersson commit 717f0637ffc6a6a59f838df94a7d61e643c98d62 Author: Johan Hovold Date: Wed Oct 16 16:51:12 2024 +0200 arm64: dts: qcom: x1e80100-qcp: fix nvme regulator boot glitch The NVMe regulator has been left enabled by the boot firmware. Mark it as such to avoid disabling the regulator temporarily during boot. Fixes: eb57cbe730d1 ("arm64: dts: qcom: x1e80100: Describe the PCIe 6a resources") Cc: stable@vger.kernel.org # 6.11 Cc: Abel Vesa Signed-off-by: Johan Hovold Reviewed-by: Stephan Gerhold Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20241016145112.24785-7-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit 5462190b11aa62a945dc2fd74e1531b9c1bc9952 Author: Johan Hovold Date: Wed Oct 16 16:51:11 2024 +0200 arm64: dts: qcom: x1e80100-microsoft-romulus: fix nvme regulator boot glitch The NVMe regulator has been left enabled by the boot firmware. Mark it as such to avoid disabling the regulator temporarily during boot. Fixes: 09d77be56093 ("arm64: dts: qcom: Add support for X1-based Surface Laptop 7 devices") Cc: Konrad Dybcio Signed-off-by: Johan Hovold Reviewed-by: Stephan Gerhold Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20241016145112.24785-6-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit 1badd07e4c0e1ecfb187dcba05357c0f3e70e797 Author: Johan Hovold Date: Wed Oct 16 16:51:10 2024 +0200 arm64: dts: qcom: x1e80100-yoga-slim7x: fix nvme regulator boot glitch The NVMe regulator has been left enabled by the boot firmware. Mark it as such to avoid disabling the regulator temporarily during boot. Fixes: 45247fe17db2 ("arm64: dts: qcom: x1e80100: add Lenovo Thinkpad Yoga slim 7x devicetree") Cc: stable@vger.kernel.org # 6.11 Cc: Srinivas Kandagatla Signed-off-by: Johan Hovold Reviewed-by: Stephan Gerhold Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20241016145112.24785-5-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit c6d151f61b6703124e14bc0eae98d05206e36e02 Author: Johan Hovold Date: Wed Oct 16 16:51:09 2024 +0200 arm64: dts: qcom: x1e80100-vivobook-s15: fix nvme regulator boot glitch The NVMe regulator has been left enabled by the boot firmware. Mark it as such to avoid disabling the regulator temporarily during boot. Fixes: d0e2f8f62dff ("arm64: dts: qcom: Add device tree for ASUS Vivobook S 15") Cc: stable@vger.kernel.org # 6.11 Cc: Xilin Wu Signed-off-by: Johan Hovold Reviewed-by: Stephan Gerhold Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20241016145112.24785-4-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit 37f9477ce9d07ed87f6efe9b99de580bc9d27df5 Author: Johan Hovold Date: Wed Oct 16 16:51:08 2024 +0200 arm64: dts: qcom: x1e80100-crd: fix nvme regulator boot glitch The NVMe regulator has been left enabled by the boot firmware. Mark it as such to avoid disabling the regulator temporarily during boot. Fixes: eb57cbe730d1 ("arm64: dts: qcom: x1e80100: Describe the PCIe 6a resources") Cc: stable@vger.kernel.org # 6.11 Cc: Abel Vesa Signed-off-by: Johan Hovold Reviewed-by: Stephan Gerhold Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20241016145112.24785-3-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit dec19f1406fc5d73512cacdcf612e7bb161c2101 Author: Johan Hovold Date: Wed Oct 16 16:51:07 2024 +0200 arm64: dts: qcom: x1e78100-t14s: fix nvme regulator boot glitch The NVMe regulator has been left enabled by the boot firmware. Mark it as such to avoid disabling the regulator temporarily during boot. Fixes: 7d1cbe2f4985 ("arm64: dts: qcom: Add X1E78100 ThinkPad T14s Gen 6") Cc: Konrad Dybcio Signed-off-by: Johan Hovold Reviewed-by: Stephan Gerhold Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20241016145112.24785-2-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit 08a7d2525511ba07b8ab3dfb472a9d3df4c40f79 Author: Arnaldo Carvalho de Melo Date: Thu Oct 24 10:19:06 2024 -0300 tools arch x86: Sync the msr-index.h copy with the kernel sources To pick up the changes from these csets: dc1e67f70f6d4e33 ("KVM VMX: Move MSR_IA32_VMX_MISC bit defines to asm/vmx.h") d7bfc9ffd58037ff ("KVM: VMX: Move MSR_IA32_VMX_BASIC bit defines to asm/vmx.h") beb2e446046f8dd9 ("x86/cpu: KVM: Move macro to encode PAT value to common header") e7e80b66fb242a63 ("x86/cpu: KVM: Add common defines for architectural memory types (PAT, MTRRs, etc.)") That cause no changes to tooling: $ tools/perf/trace/beauty/tracepoints/x86_msr.sh > before $ cp arch/x86/include/asm/msr-index.h tools/arch/x86/include/asm/msr-index.h $ tools/perf/trace/beauty/tracepoints/x86_msr.sh > after $ diff -u before after $ To see how this works take a look at this previous update: https://git.kernel.org/torvalds/c/174372668933ede5 174372668933ede5 ("tools arch x86: Sync the msr-index.h copy with the kernel sources to pick IA32_MKTME_KEYID_PARTITIONING") Just silences this perf build warning: Warning: Kernel ABI header differences: diff -u tools/arch/x86/include/asm/msr-index.h arch/x86/include/asm/msr-index.h Please see tools/include/uapi/README for further details. Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Sean Christopherson Cc: Xin Li Link: https://lore.kernel.org/lkml/ZxpLSBzGin3vjs3b@x1 Signed-off-by: Arnaldo Carvalho de Melo commit e65a0dc1cabe71b91ef5603e5814359451b74ca7 Author: David Howells Date: Wed Oct 23 11:07:05 2024 +0100 iov_iter: Fix iov_iter_get_pages*() for folio_queue p9_get_mapped_pages() uses iov_iter_get_pages_alloc2() to extract pages from an iterator when performing a zero-copy request and under some circumstances, this crashes with odd page errors[1], for example, I see: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xbcf0 flags: 0x2000000000000000(zone=1) ... page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u)) ------------[ cut here ]------------ kernel BUG at include/linux/mm.h:1444! This is because, unlike in iov_iter_extract_folioq_pages(), the iter_folioq_get_pages() helper function doesn't skip the current folio when iov_offset points to the end of it, but rather extracts the next page beyond the end of the folio and adds it to the list. Reading will then clobber the contents of this page, leading to system corruption, and if the page is not in use, put_page() may try to clean up the unused page. This can be worked around by copying the iterator before each extraction[2] and using iov_iter_advance() on the original as the advance function steps over the page we're at the end of. Fix this by skipping the page extraction if we're at the end of the folio. This was reproduced in the ktest environment[3] by forcing 9p to use the fscache caching mode and then reading a file through 9p. Fixes: db0aa2e9566f ("mm: Define struct folio_queue and ITER_FOLIOQ to handle a sequence of folios") Reported-by: Antony Antony Closes: https://lore.kernel.org/r/ZxFQw4OI9rrc7UYc@Antony2201.local/ Signed-off-by: David Howells cc: Eric Van Hensbergen cc: Latchesar Ionkov cc: Dominique Martinet cc: Christian Schoenebeck cc: v9fs@lists.linux.dev cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/ZxFEi1Tod43pD6JC@moon.secunet.de/ [1] Link: https://lore.kernel.org/r/2299159.1729543103@warthog.procyon.org.uk/ [2] Link: https://github.com/koverstreet/ktest.git [3] Tested-by: Antony Antony Link: https://lore.kernel.org/r/3327438.1729678025@warthog.procyon.org.uk Signed-off-by: Christian Brauner commit 247d65fb122ad560be1c8c4d87d7374fb28b0770 Author: David Howells Date: Wed Oct 23 11:40:10 2024 +0100 afs: Fix missing subdir edit when renamed between parent dirs When rename moves an AFS subdirectory between parent directories, the subdir also needs a bit of editing: the ".." entry needs updating to point to the new parent (though I don't make use of the info) and the DV needs incrementing by 1 to reflect the change of content. The server also sends a callback break notification on the subdirectory if we have one, but we can take care of recovering the promise next time we access the subdir. This can be triggered by something like: mount -t afs %example.com:xfstest.test20 /xfstest.test/ mkdir /xfstest.test/{aaa,bbb,aaa/ccc} touch /xfstest.test/bbb/ccc/d mv /xfstest.test/{aaa/ccc,bbb/ccc} touch /xfstest.test/bbb/ccc/e When the pathwalk for the second touch hits "ccc", kafs spots that the DV is incorrect and downloads it again (so the fix is not critical). Fix this, if the rename target is a directory and the old and new parents are different, by: (1) Incrementing the DV number of the target locally. (2) Editing the ".." entry in the target to refer to its new parent's vnode ID and uniquifier. Link: https://lore.kernel.org/r/3340431.1729680010@warthog.procyon.org.uk Fixes: 63a4681ff39c ("afs: Locally edit directory data for mkdir/create/unlink/...") cc: David Howells cc: Marc Dionne cc: linux-afs@lists.infradead.org Signed-off-by: David Howells Signed-off-by: Christian Brauner commit 6b51b9f65cec2c5246b06eec0334ba465ba357a8 Author: Hongbo Li Date: Tue Oct 22 09:38:12 2024 +0800 doc: correcting the debug path for cachefiles The original debug path is under "/sys/modules", that's wrong. The real path in kernel is "/sys/module". So we can correct it. Signed-off-by: Hongbo Li Link: https://lore.kernel.org/r/20241022013812.2880883-1-lihongbo22@huawei.com Signed-off-by: Christian Brauner commit 9efc44fb2dba6138b0575826319200049078679a Merge: 64761c980cbf71 3e65ede526cf4f Author: Paolo Abeni Date: Thu Oct 24 12:57:48 2024 +0200 Merge branch 'net-dsa-mv88e6xxx-fix-mv88e6393x-phc-frequency-on-internal-clock' Shenghao Yang says: ==================== net: dsa: mv88e6xxx: fix MV88E6393X PHC frequency on internal clock The MV88E6393X family of switches can additionally run their cycle counters using a 250MHz internal clock instead of the usual 125MHz external clock [1]. The driver currently assumes all designs utilize that external clock, but MikroTik's RB5009 uses the internal source - causing the PHC to be seen running at 2x real time in userspace, making synchronization with ptp4l impossible. This series adds support for reading off the cycle counter frequency known to the hardware in the TAI_CLOCK_PERIOD register and picking an appropriate set of scaling coefficients instead of using a fixed set for each switch family. Patch 1 groups those cycle counter coefficients into a new structure to make it easier to pass them around. Patch 2 modifies PTP initialization to probe TAI_CLOCK_PERIOD and use an appropriate set of coefficients. Patch 3 adds support for 4000ps cycle counter periods. Changes since v2 [2]: - Patch 1: "net: dsa: mv88e6xxx: group cycle counter coefficients" - Moved declaration of mv88e6xxx_cc_coeffs to avoid moving that in Patch 2. - Patch 2: "net: dsa: mv88e6xxx: read cycle counter period from hardware" - Removed move of mv88e6xxx_cc_coeffs declaration. - Patch 3: "net: dsa: mv88e6xxx: support 4000ps cycle counter periods" - No change. [1] https://lore.kernel.org/netdev/d6622575-bf1b-445a-b08f-2739e3642aae@lunn.ch/ [2] https://lore.kernel.org/netdev/20241006145951.719162-1-me@shenghaoyang.info/ ==================== Link: https://patch.msgid.link/20241020063833.5425-1-me@shenghaoyang.info Signed-off-by: Paolo Abeni commit 3e65ede526cf4f95636dbc835598d100c7668ab3 Author: Shenghao Yang Date: Sun Oct 20 14:38:30 2024 +0800 net: dsa: mv88e6xxx: support 4000ps cycle counter period The MV88E6393X family of devices can run its cycle counter off an internal 250MHz clock instead of an external 125MHz one. Add support for this cycle counter period by adding another set of coefficients and lowering the periodic cycle counter read interval to compensate for faster overflows at the increased frequency. Otherwise, the PHC runs at 2x real time in userspace and cannot be synchronized. Fixes: de776d0d316f ("net: dsa: mv88e6xxx: add support for mv88e6393x family") Signed-off-by: Shenghao Yang Reviewed-by: Andrew Lunn Signed-off-by: Paolo Abeni commit 7e3c18097a709e9b958e721066e5fe76e563739b Author: Shenghao Yang Date: Sun Oct 20 14:38:29 2024 +0800 net: dsa: mv88e6xxx: read cycle counter period from hardware Instead of relying on a fixed mapping of hardware family to cycle counter frequency, pull this information from the MV88E6XXX_TAI_CLOCK_PERIOD register. This lets us support switches whose cycle counter frequencies depend on board design. Fixes: de776d0d316f ("net: dsa: mv88e6xxx: add support for mv88e6393x family") Suggested-by: Andrew Lunn Signed-off-by: Shenghao Yang Reviewed-by: Andrew Lunn Signed-off-by: Paolo Abeni commit 67af86afff74c914944374a103c04e4d9868dd15 Author: Shenghao Yang Date: Sun Oct 20 14:38:28 2024 +0800 net: dsa: mv88e6xxx: group cycle counter coefficients Instead of having them as individual fields in ptp_ops, wrap the coefficients in a separate struct so they can be referenced together. Fixes: de776d0d316f ("net: dsa: mv88e6xxx: add support for mv88e6393x family") Signed-off-by: Shenghao Yang Reviewed-by: Andrew Lunn Signed-off-by: Paolo Abeni commit 64761c980cbf71fb7a532a8c7299907ea972a88c Author: Reinhard Speyerer Date: Fri Oct 18 22:52:55 2024 +0200 net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition Add Fibocom FG132 0x0112 composition: T: Bus=03 Lev=02 Prnt=06 Port=01 Cnt=02 Dev#= 10 Spd=12 MxCh= 0 D: Ver= 2.01 Cls=00(>ifc ) Sub=00 Prot=00 MxPS=64 #Cfgs= 1 P: Vendor=2cb7 ProdID=0112 Rev= 5.15 S: Manufacturer=Fibocom Wireless Inc. S: Product=Fibocom Module S: SerialNumber=xxxxxxxx C:* #Ifs= 4 Cfg#= 1 Atr=a0 MxPwr=500mA I:* If#= 0 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=50 Driver=qmi_wwan E: Ad=82(I) Atr=03(Int.) MxPS= 8 Ivl=32ms E: Ad=81(I) Atr=02(Bulk) MxPS= 64 Ivl=0ms E: Ad=01(O) Atr=02(Bulk) MxPS= 64 Ivl=0ms I:* If#= 1 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=30 Driver=option E: Ad=02(O) Atr=02(Bulk) MxPS= 64 Ivl=0ms E: Ad=83(I) Atr=02(Bulk) MxPS= 64 Ivl=0ms I:* If#= 2 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=40 Driver=option E: Ad=85(I) Atr=03(Int.) MxPS= 10 Ivl=32ms E: Ad=84(I) Atr=02(Bulk) MxPS= 64 Ivl=0ms E: Ad=03(O) Atr=02(Bulk) MxPS= 64 Ivl=0ms I:* If#= 3 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=00 Prot=00 Driver=option E: Ad=86(I) Atr=02(Bulk) MxPS= 64 Ivl=0ms E: Ad=04(O) Atr=02(Bulk) MxPS= 64 Ivl=0ms Signed-off-by: Reinhard Speyerer Link: https://patch.msgid.link/ZxLKp5YZDy-OM0-e@arcor.de Signed-off-by: Paolo Abeni commit 4c262801ea60c518b5bebc22a09f5b78b3147da2 Author: Haiyang Zhang Date: Fri Oct 18 11:25:22 2024 -0700 hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event The existing code moves VF to the same namespace as the synthetic NIC during netvsc_register_vf(). But, if the synthetic device is moved to a new namespace after the VF registration, the VF won't be moved together. To make the behavior more consistent, add a namespace check for synthetic NIC's NETDEV_REGISTER event (generated during its move), and move the VF if it is not in the same namespace. Cc: stable@vger.kernel.org Fixes: c0a41b887ce6 ("hv_netvsc: move VF to same namespace as netvsc device") Suggested-by: Stephen Hemminger Signed-off-by: Haiyang Zhang Reviewed-by: Simon Horman Link: https://patch.msgid.link/1729275922-17595-1-git-send-email-haiyangz@microsoft.com Signed-off-by: Paolo Abeni commit ee76eb24343bdd5450eb87572865a4d7fffd335b Author: Tim Harvey Date: Fri Oct 18 09:06:58 2024 -0700 net: dsa: microchip: disable EEE for KSZ879x/KSZ877x/KSZ876x The well-known errata regarding EEE not being functional on various KSZ switches has been refactored a few times. Recently the refactoring has excluded several switches that the errata should also apply to. Disable EEE for additional switches with this errata and provide additional comments referring to the public errata document. The original workaround for the errata was applied with a register write to manually disable the EEE feature in MMD 7:60 which was being applied for KSZ9477/KSZ9897/KSZ9567 switch ID's. Then came commit 26dd2974c5b5 ("net: phy: micrel: Move KSZ9477 errata fixes to PHY driver") and commit 6068e6d7ba50 ("net: dsa: microchip: remove KSZ9477 PHY errata handling") which moved the errata from the switch driver to the PHY driver but only for PHY_ID_KSZ9477 (PHY ID) however that PHY code was dead code because an entry was never added for PHY_ID_KSZ9477 via MODULE_DEVICE_TABLE. This was apparently realized much later and commit 54a4e5c16382 ("net: phy: micrel: add Microchip KSZ 9477 to the device table") added the PHY_ID_KSZ9477 to the PHY driver but as the errata was only being applied to PHY_ID_KSZ9477 it's not completely clear what switches that relates to. Later commit 6149db4997f5 ("net: phy: micrel: fix KSZ9477 PHY issues after suspend/resume") breaks this again for all but KSZ9897 by only applying the errata for that PHY ID. Following that this was affected with commit 08c6d8bae48c("net: phy: Provide Module 4 KSZ9477 errata (DS80000754C)") which removes the blatant register write to MMD 7:60 and replaces it by setting phydev->eee_broken_modes = -1 so that the generic phy-c45 code disables EEE but this is only done for the KSZ9477_CHIP_ID (Switch ID). Lastly commit 0411f73c13af ("net: dsa: microchip: disable EEE for KSZ8567/KSZ9567/KSZ9896/KSZ9897.") adds some additional switches that were missing to the errata due to the previous changes. This commit adds an additional set of switches. Fixes: 0411f73c13af ("net: dsa: microchip: disable EEE for KSZ8567/KSZ9567/KSZ9896/KSZ9897.") Signed-off-by: Tim Harvey Reviewed-by: Oleksij Rempel Link: https://patch.msgid.link/20241018160658.781564-1-tharvey@gateworks.com Signed-off-by: Paolo Abeni commit 1876479d9866689a929a629c2c2396f3b63159e6 Merge: 1e424d08d35cc0 246b435ad66859 Author: Paolo Abeni Date: Thu Oct 24 12:30:22 2024 +0200 Merge tag 'for-net-2024-10-23' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth Luiz Augusto von Dentz says: ==================== bluetooth pull request for net: - hci_core: Disable works on hci_unregister_dev - SCO: Fix UAF on sco_sock_timeout - ISO: Fix UAF on iso_sock_timeout * tag 'for-net-2024-10-23' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth: Bluetooth: ISO: Fix UAF on iso_sock_timeout Bluetooth: SCO: Fix UAF on sco_sock_timeout Bluetooth: hci_core: Disable works on hci_unregister_dev ==================== Link: https://patch.msgid.link/20241023143005.2297694-1-luiz.dentz@gmail.com Signed-off-by: Paolo Abeni commit 8e59a2a5459fd9840dbe2cbde85fe154b11e1727 Author: Niklas Cassel Date: Wed Oct 23 12:55:41 2024 +0200 ata: libata: Set DID_TIME_OUT for commands that actually timed out When ata_qc_complete() schedules a command for EH using ata_qc_schedule_eh(), blk_abort_request() will be called, which leads to req->q->mq_ops->timeout() / scsi_timeout() being called. scsi_timeout(), if the LLDD has no abort handler (libata has no abort handler), will set host byte to DID_TIME_OUT, and then call scsi_eh_scmd_add() to add the command to EH. Thus, when commands first enter libata's EH strategy_handler, all the commands that have been added to EH will have DID_TIME_OUT set. Commit e5dd410acb34 ("ata: libata: Clear DID_TIME_OUT for ATA PT commands with sense data") clears this bogus DID_TIME_OUT flag for all commands that reached libata's EH strategy_handler. libata has its own flag (AC_ERR_TIMEOUT), that it sets for commands that have not received a completion at the time of entering EH. ata_eh_worth_retry() has no special handling for AC_ERR_TIMEOUT, so by default timed out commands will get flag ATA_QCFLAG_RETRY set, and will be retried after the port has been reset (ata_eh_link_autopsy() always triggers a port reset if any command has AC_ERR_TIMEOUT set). For a command that has ATA_QCFLAG_RETRY set, while also having an error flag set (e.g. AC_ERR_TIMEOUT), ata_eh_finish() will not increment scmd->allowed, so the command will at most be retried scmd->allowed number of times (which by default is set to 3). However, scsi_eh_flush_done_q() will only retry commands for which scsi_noretry_cmd() returns false. For a command that has DID_TIME_OUT set, while also having either the FAILFAST flag set, or the command being a passthrough command, scsi_noretry_cmd() will return true. Thus, such a command will never be retried. Thus, make sure that libata sets SCSI's DID_TIME_OUT flag for commands that actually timed out (libata's AC_ERR_TIMEOUT flag), such that timed out commands will once again not be retried if they are also a FAILFAST or passthrough command. Cc: stable@vger.kernel.org Fixes: e5dd410acb34 ("ata: libata: Clear DID_TIME_OUT for ATA PT commands with sense data") Reported-by: Lai, Yi Closes: https://lore.kernel.org/linux-ide/ZxYz871I3Blsi30F@ly-workstation/ Reviewed-by: Damien Le Moal Link: https://lore.kernel.org/r/20241023105540.1070012-2-cassel@kernel.org Signed-off-by: Niklas Cassel commit 1e424d08d35cc0d2811a810722f82236e7691cc8 Merge: 6e62807c7fbb3c 6889cd2a93e1e3 Author: Paolo Abeni Date: Thu Oct 24 11:11:32 2024 +0200 Merge tag 'ipsec-2024-10-22' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec Steffen Klassert says: ==================== pull request (net): ipsec 2024-10-22 1) Fix routing behavior that relies on L4 information for xfrm encapsulated packets. From Eyal Birger. 2) Remove leftovers of pernet policy_inexact lists. From Florian Westphal. 3) Validate new SA's prefixlen when the selector family is not set from userspace. From Sabrina Dubroca. 4) Fix a kernel-infoleak when dumping an auth algorithm. From Petr Vaganov. Please pull or let me know if there are problems. ipsec-2024-10-22 * tag 'ipsec-2024-10-22' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec: xfrm: fix one more kernel-infoleak in algo dumping xfrm: validate new SA's prefixlen using SA family when sel.family is unset xfrm: policy: remove last remnants of pernet inexact list xfrm: respect ip protocols rules criteria when performing dst lookups xfrm: extract dst lookup parameters into a struct ==================== Link: https://patch.msgid.link/20241022092226.654370-1-steffen.klassert@secunet.com Signed-off-by: Paolo Abeni commit c9f7a144e7e3effd49303bfc58c07cc10ab2d573 Merge: e3ea2757c312e5 db7e59e6a39a4d Author: Takashi Iwai Date: Thu Oct 24 07:57:39 2024 +0200 Merge tag 'asoc-fix-v6.12-rc4' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus ASoC: Fixes for v6.12 An uncomfortably large set of fixes due to me not getting round to sending them for longer than I should due to travel and illness. This is mostly smaller driver specific changes, but there are a couple of generic changes: - Bumping the minimal topology ABI we check for during validation, the code had support for v4 removed previously but the update of the define used for initial validation was missed. - Fix the assumption that DAPM structs will be embedded in a component which isn't true for card widgets when doing name comparisons, though fortunately this is rarely triggered. We've pulled in one Soundwire fix which was part of a larger series fixing cleanup issues in on Intel Soundwire systems. commit 9806f283140ef3e4d259b7646bd8c66026bbaac5 Author: Andrii Nakryiko Date: Wed Oct 23 09:19:16 2024 -0700 bpf: fix do_misc_fixups() for bpf_get_branch_snapshot() We need `goto next_insn;` at the end of patching instead of `continue;`. It currently works by accident by making verifier re-process patched instructions. Reported-by: Shung-Hsi Yu Fixes: 314a53623cd4 ("bpf: inline bpf_get_branch_snapshot() helper") Signed-off-by: Andrii Nakryiko Acked-by: Yonghong Song Acked-by: Shung-Hsi Yu Link: https://lore.kernel.org/r/20241023161916.2896274-1-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit 2ff949441802a8d076d9013c7761f63e8ae5a9bd Author: Xinyu Zhang Date: Wed Oct 23 15:15:19 2024 -0600 block: fix sanity checks in blk_rq_map_user_bvec blk_rq_map_user_bvec contains a check bytes + bv->bv_len > nr_iter which causes unnecessary failures in NVMe passthrough I/O, reproducible as follows: - register a 2 page, page-aligned buffer against a ring - use that buffer to do a 1 page io_uring NVMe passthrough read The second (i = 1) iteration of the loop in blk_rq_map_user_bvec will then have nr_iter == 1 page, bytes == 1 page, bv->bv_len == 1 page, so the check bytes + bv->bv_len > nr_iter will succeed, causing the I/O to fail. This failure is unnecessary, as when the check succeeds, it means we've checked the entire buffer that will be used by the request - i.e. blk_rq_map_user_bvec should complete successfully. Therefore, terminate the loop early and return successfully when the check bytes + bv->bv_len > nr_iter succeeds. While we're at it, also remove the check that all segments in the bvec are single-page. While this seems to be true for all users of the function, it doesn't appear to be required anywhere downstream. CC: stable@vger.kernel.org Signed-off-by: Xinyu Zhang Co-developed-by: Uday Shankar Signed-off-by: Uday Shankar Fixes: 37987547932c ("block: extend functionality to map bvec iterator") Link: https://lore.kernel.org/r/20241023211519.4177873-1-ushankar@purestorage.com Signed-off-by: Jens Axboe commit 758f18158952a6287ac23679ec04c32d44ca5368 Author: Arnaldo Carvalho de Melo Date: Wed Oct 23 16:12:57 2024 -0300 perf python: Fix up the build on architectures without HAVE_KVM_STAT_SUPPORT Noticed while building on a raspbian arm 32-bit system. There was also this other case, fixed by adding a missing util/stat.h with the prototypes: /tmp/tmp.MbiSHoF3dj/perf-6.12.0-rc3/tools/perf/util/python.c:1396:6: error: no previous prototype for ‘perf_stat__set_no_csv_summary’ [-Werror=missing-prototypes] 1396 | void perf_stat__set_no_csv_summary(int set __maybe_unused) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /tmp/tmp.MbiSHoF3dj/perf-6.12.0-rc3/tools/perf/util/python.c:1400:6: error: no previous prototype for ‘perf_stat__set_big_num’ [-Werror=missing-prototypes] 1400 | void perf_stat__set_big_num(int set __maybe_unused) | ^~~~~~~~~~~~~~~~~~~~~~ cc1: all warnings being treated as errors In other architectures this must be building due to some lucky indirect inclusion of that header. Fixes: 9dabf4003423c8d3 ("perf python: Switch module to linking libraries from building source") Reviewed-by: Ian Rogers Cc: Adrian Hunter Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/ZxllAtpmEw5fg9oy@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 25f00a13dccf8e45441265768de46c8bf58e08f6 Author: Frank Li Date: Wed Oct 23 16:30:32 2024 -0400 spi: spi-fsl-dspi: Fix crash when not using GPIO chip select Add check for the return value of spi_get_csgpiod() to avoid passing a NULL pointer to gpiod_direction_output(), preventing a crash when GPIO chip select is not used. Fix below crash: [ 4.251960] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 4.260762] Mem abort info: [ 4.263556] ESR = 0x0000000096000004 [ 4.267308] EC = 0x25: DABT (current EL), IL = 32 bits [ 4.272624] SET = 0, FnV = 0 [ 4.275681] EA = 0, S1PTW = 0 [ 4.278822] FSC = 0x04: level 0 translation fault [ 4.283704] Data abort info: [ 4.286583] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 4.292074] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 4.297130] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 4.302445] [0000000000000000] user address but active_mm is swapper [ 4.308805] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP [ 4.315072] Modules linked in: [ 4.318124] CPU: 2 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-rc4-next-20241023-00008-ga20ec42c5fc1 #359 [ 4.328130] Hardware name: LS1046A QDS Board (DT) [ 4.332832] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 4.339794] pc : gpiod_direction_output+0x34/0x5c [ 4.344505] lr : gpiod_direction_output+0x18/0x5c [ 4.349208] sp : ffff80008003b8f0 [ 4.352517] x29: ffff80008003b8f0 x28: 0000000000000000 x27: ffffc96bcc7e9068 [ 4.359659] x26: ffffc96bcc6e00b0 x25: ffffc96bcc598398 x24: ffff447400132810 [ 4.366800] x23: 0000000000000000 x22: 0000000011e1a300 x21: 0000000000020002 [ 4.373940] x20: 0000000000000000 x19: 0000000000000000 x18: ffffffffffffffff [ 4.381081] x17: ffff44740016e600 x16: 0000000500000003 x15: 0000000000000007 [ 4.388221] x14: 0000000000989680 x13: 0000000000020000 x12: 000000000000001e [ 4.395362] x11: 0044b82fa09b5a53 x10: 0000000000000019 x9 : 0000000000000008 [ 4.402502] x8 : 0000000000000002 x7 : 0000000000000007 x6 : 0000000000000000 [ 4.409641] x5 : 0000000000000200 x4 : 0000000002000000 x3 : 0000000000000000 [ 4.416781] x2 : 0000000000022202 x1 : 0000000000000000 x0 : 0000000000000000 [ 4.423921] Call trace: [ 4.426362] gpiod_direction_output+0x34/0x5c (P) [ 4.431067] gpiod_direction_output+0x18/0x5c (L) [ 4.435771] dspi_setup+0x220/0x334 Fixes: 9e264f3f85a5 ("spi: Replace all spi->chip_select and spi->cs_gpiod references with function call") Cc: stable@vger.kernel.org Signed-off-by: Frank Li Link: https://patch.msgid.link/20241023203032.1388491-1-Frank.Li@nxp.com Signed-off-by: Mark Brown commit 0ee288e69d033850bc87abe0f9cc3ada24763d7f Author: Jiri Olsa Date: Wed Oct 23 22:03:52 2024 +0200 bpf,perf: Fix perf_event_detach_bpf_prog error handling Peter reported that perf_event_detach_bpf_prog might skip to release the bpf program for -ENOENT error from bpf_prog_array_copy. This can't happen because bpf program is stored in perf event and is detached and released only when perf event is freed. Let's drop the -ENOENT check and make sure the bpf program is released in any case. Fixes: 170a7e3ea070 ("bpf: bpf_prog_array_copy() should return -ENOENT if exclude_prog not found") Reported-by: Peter Zijlstra Signed-off-by: Jiri Olsa Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20241023200352.3488610-1-jolsa@kernel.org Closes: https://lore.kernel.org/lkml/20241022111638.GC16066@noisy.programming.kicks-ass.net/ commit 06a130e42a5bfc84795464bff023bff4c16f58c5 Author: Veronika Molnarova Date: Thu Oct 17 18:15:55 2024 +0200 perf test: Handle perftool-testsuite_probe failure due to broken DWARF Test case test_adding_blacklisted ends in failure if the blacklisted probe is of an assembler function with no DWARF available. At the same time, probing the blacklisted function with ASM DWARF doesn't test the blacklist itself as the failure is a result of the broken DWARF. When the broken DWARF output is encountered, check if the probed function was compiled by the assembler. If so, the broken DWARF message is expected and does not report a perf issue, else report a failure. If the ASM DWARF affected the probe, try the next probe on the blacklist. If the first 5 probes are defective due to broken DWARF, skip the test case. Fixes: def5480d63c1e847 ("perf testsuite probe: Add test for blacklisted kprobes handling") Signed-off-by: Veronika Molnarova Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Michael Petlan Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Veronika Molnarova Link: https://lore.kernel.org/r/20241017161555.236769-1-vmolnaro@redhat.com Signed-off-by: Arnaldo Carvalho de Melo commit 9b3c11a867a82ebee4e096008014417918b82801 Author: Ihor Solodrai Date: Mon Oct 21 23:16:52 2024 +0000 selftests/sched_ext: add order-only dependency of runner.o on BPFOBJ The runner.o may start building before libbpf headers are installed, and as a result build fails. This happened a couple of times on libbpf/ci test jobs: * https://github.com/libbpf/ci/actions/runs/11447667257/job/31849533100 * https://github.com/theihor/libbpf-ci/actions/runs/11445162764/job/31841649552 Headers are installed in a recipe for $(BPFOBJ) target, and adding an order-only dependency should ensure this doesn't happen. Signed-off-by: Ihor Solodrai Signed-off-by: Tejun Heo commit b55945c500c5723992504aa03b362fab416863a6 Author: Peter Zijlstra Date: Wed Oct 23 11:36:41 2024 +0200 sched: Fix pick_next_task_fair() vs try_to_wake_up() race Syzkaller robot reported KCSAN tripping over the ASSERT_EXCLUSIVE_WRITER(p->on_rq) in __block_task(). The report noted that both pick_next_task_fair() and try_to_wake_up() were concurrently trying to write to the same p->on_rq, violating the assertion -- even though both paths hold rq->__lock. The logical consequence is that both code paths end up holding a different rq->__lock. And looking through ttwu(), this is possible when the __block_task() 'p->on_rq = 0' store is visible to the ttwu() 'p->on_rq' load, which then assumes the task is not queued and continues to migrate it. Rearrange things such that __block_task() releases @p with the store and no code thereafter will use @p again. Fixes: 152e11f6df29 ("sched/fair: Implement delayed dequeue") Reported-by: syzbot+0ec1e96c2cdf5c0e512a@syzkaller.appspotmail.com Reported-by: Kent Overstreet Signed-off-by: Peter Zijlstra (Intel) Tested-by: Marco Elver Link: https://lkml.kernel.org/r/20241023093641.GE16066@noisy.programming.kicks-ass.net commit e3dfd64c1f344ebec9397719244c27b360255855 Author: Kan Liang Date: Fri Sep 13 09:23:40 2024 -0700 perf: Fix missing RCU reader protection in perf_event_clear_cpumask() Running rcutorture scenario TREE05, the below warning is triggered. [ 32.604594] WARNING: suspicious RCU usage [ 32.605928] 6.11.0-rc5-00040-g4ba4f1afb6a9 #55238 Not tainted [ 32.607812] ----------------------------- [ 32.609140] kernel/events/core.c:13946 RCU-list traversed in non-reader section!! [ 32.611595] other info that might help us debug this: [ 32.614247] rcu_scheduler_active = 2, debug_locks = 1 [ 32.616392] 3 locks held by cpuhp/4/35: [ 32.617687] #0: ffffffffb666a650 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x4e/0x200 [ 32.620563] #1: ffffffffb666cd20 (cpuhp_state-down){+.+.}-{0:0}, at: cpuhp_thread_fun+0x4e/0x200 [ 32.623412] #2: ffffffffb677c288 (pmus_lock){+.+.}-{3:3}, at: perf_event_exit_cpu_context+0x32/0x2f0 In perf_event_clear_cpumask(), uses list_for_each_entry_rcu() without an obvious RCU read-side critical section. Either pmus_srcu or pmus_lock is good enough to protect the pmus list. In the current context, pmus_lock is already held. The list_for_each_entry_rcu() is not required. Fixes: 4ba4f1afb6a9 ("perf: Generic hotplug support for a PMU with a scope") Closes: https://lore.kernel.org/lkml/2b66dff8-b827-494b-b151-1ad8d56f13e6@paulmck-laptop/ Closes: https://lore.kernel.org/oe-lkp/202409131559.545634cc-oliver.sang@intel.com Reported-by: "Paul E. McKenney" Reported-by: kernel test robot Suggested-by: Peter Zijlstra Signed-off-by: Kan Liang Signed-off-by: Peter Zijlstra (Intel) Tested-by: "Paul E. McKenney" Link: https://lore.kernel.org/r/20240913162340.2142976-1-kan.liang@linux.intel.com commit ad783b9f8e78572fff3b04b6caee7bea3821eea8 Author: Bartosz Golaszewski Date: Mon Oct 7 11:24:46 2024 +0200 PCI/pwrctl: Abandon QCom WCN probe on pre-pwrseq device-trees Old device trees for some platforms already define wifi nodes for the WCN family of chips since before power sequencing was added upstream. These nodes don't consume the regulator outputs from the PMU, and if we allow this driver to bind to one of such "incomplete" nodes, we'll see a kernel log error about the infinite probe deferral. Extend the driver by adding a platform data struct matched against the compatible. This struct contains the pwrseq target string as well as a validation function called right after entering probe(). For Qualcomm WCN models, check the existence of the regulator supply property that indicates the DT is already using power sequencing and return -ENODEV if it's not there, indicating to the driver model that the device should not be bound to the pwrctl driver. Link: https://lore.kernel.org/r/20241007092447.18616-1-brgl@bgdev.pl Fixes: 6140d185a43d ("PCI/pwrctl: Add a PCI power control driver for power sequenced devices") Reported-by: Johan Hovold Closes: https://lore.kernel.org/all/Zv565olMDDGHyYVt@hovoldconsulting.com/ Signed-off-by: Bartosz Golaszewski Signed-off-by: Bjorn Helgaas commit d48e1dea3931de64c26717adc2b89743c7ab6594 Author: Naohiro Aota Date: Wed Oct 9 22:52:06 2024 +0900 btrfs: fix error propagation of split bios The purpose of btrfs_bbio_propagate_error() shall be propagating an error of split bio to its original btrfs_bio, and tell the error to the upper layer. However, it's not working well on some cases. * Case 1. Immediate (or quick) end_bio with an error When btrfs sends btrfs_bio to mirrored devices, btrfs calls btrfs_bio_end_io() when all the mirroring bios are completed. If that btrfs_bio was split, it is from btrfs_clone_bioset and its end_io function is btrfs_orig_write_end_io. For this case, btrfs_bbio_propagate_error() accesses the orig_bbio's bio context to increase the error count. That works well in most cases. However, if the end_io is called enough fast, orig_bbio's (remaining part after split) bio context may not be properly set at that time. Since the bio context is set when the orig_bbio (the last btrfs_bio) is sent to devices, that might be too late for earlier split btrfs_bio's completion. That will result in NULL pointer dereference. That bug is easily reproducible by running btrfs/146 on zoned devices [1] and it shows the following trace. [1] You need raid-stripe-tree feature as it create "-d raid0 -m raid1" FS. BUG: kernel NULL pointer dereference, address: 0000000000000020 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: Oops: 0000 [#1] PREEMPT SMP PTI CPU: 1 UID: 0 PID: 13 Comm: kworker/u32:1 Not tainted 6.11.0-rc7-BTRFS-ZNS+ #474 Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 Workqueue: writeback wb_workfn (flush-btrfs-5) RIP: 0010:btrfs_bio_end_io+0xae/0xc0 [btrfs] BTRFS error (device dm-0): bdev /dev/mapper/error-test errs: wr 2, rd 0, flush 0, corrupt 0, gen 0 RSP: 0018:ffffc9000006f248 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff888005a7f080 RCX: ffffc9000006f1dc RDX: 0000000000000000 RSI: 000000000000000a RDI: ffff888005a7f080 RBP: ffff888011dfc540 R08: 0000000000000000 R09: 0000000000000001 R10: ffffffff82e508e0 R11: 0000000000000005 R12: ffff88800ddfbe58 R13: ffff888005a7f080 R14: ffff888005a7f158 R15: ffff888005a7f158 FS: 0000000000000000(0000) GS:ffff88803ea80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000020 CR3: 0000000002e22006 CR4: 0000000000370ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ? __die_body.cold+0x19/0x26 ? page_fault_oops+0x13e/0x2b0 ? _printk+0x58/0x73 ? do_user_addr_fault+0x5f/0x750 ? exc_page_fault+0x76/0x240 ? asm_exc_page_fault+0x22/0x30 ? btrfs_bio_end_io+0xae/0xc0 [btrfs] ? btrfs_log_dev_io_error+0x7f/0x90 [btrfs] btrfs_orig_write_end_io+0x51/0x90 [btrfs] dm_submit_bio+0x5c2/0xa50 [dm_mod] ? find_held_lock+0x2b/0x80 ? blk_try_enter_queue+0x90/0x1e0 __submit_bio+0xe0/0x130 ? ktime_get+0x10a/0x160 ? lockdep_hardirqs_on+0x74/0x100 submit_bio_noacct_nocheck+0x199/0x410 btrfs_submit_bio+0x7d/0x150 [btrfs] btrfs_submit_chunk+0x1a1/0x6d0 [btrfs] ? lockdep_hardirqs_on+0x74/0x100 ? __folio_start_writeback+0x10/0x2c0 btrfs_submit_bbio+0x1c/0x40 [btrfs] submit_one_bio+0x44/0x60 [btrfs] submit_extent_folio+0x13f/0x330 [btrfs] ? btrfs_set_range_writeback+0xa3/0xd0 [btrfs] extent_writepage_io+0x18b/0x360 [btrfs] extent_write_locked_range+0x17c/0x340 [btrfs] ? __pfx_end_bbio_data_write+0x10/0x10 [btrfs] run_delalloc_cow+0x71/0xd0 [btrfs] btrfs_run_delalloc_range+0x176/0x500 [btrfs] ? find_lock_delalloc_range+0x119/0x260 [btrfs] writepage_delalloc+0x2ab/0x480 [btrfs] extent_write_cache_pages+0x236/0x7d0 [btrfs] btrfs_writepages+0x72/0x130 [btrfs] do_writepages+0xd4/0x240 ? find_held_lock+0x2b/0x80 ? wbc_attach_and_unlock_inode+0x12c/0x290 ? wbc_attach_and_unlock_inode+0x12c/0x290 __writeback_single_inode+0x5c/0x4c0 ? do_raw_spin_unlock+0x49/0xb0 writeback_sb_inodes+0x22c/0x560 __writeback_inodes_wb+0x4c/0xe0 wb_writeback+0x1d6/0x3f0 wb_workfn+0x334/0x520 process_one_work+0x1ee/0x570 ? lock_is_held_type+0xc6/0x130 worker_thread+0x1d1/0x3b0 ? __pfx_worker_thread+0x10/0x10 kthread+0xee/0x120 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x30/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 Modules linked in: dm_mod btrfs blake2b_generic xor raid6_pq rapl CR2: 0000000000000020 * Case 2. Earlier completion of orig_bbio for mirrored btrfs_bios btrfs_bbio_propagate_error() assumes the end_io function for orig_bbio is called last among split bios. In that case, btrfs_orig_write_end_io() sets the bio->bi_status to BLK_STS_IOERR by seeing the bioc->error [2]. Otherwise, the increased orig_bio's bioc->error is not checked by anyone and return BLK_STS_OK to the upper layer. [2] Actually, this is not true. Because we only increases orig_bioc->errors by max_errors, the condition "atomic_read(&bioc->error) > bioc->max_errors" is still not met if only one split btrfs_bio fails. * Case 3. Later completion of orig_bbio for un-mirrored btrfs_bios In contrast to the above case, btrfs_bbio_propagate_error() is not working well if un-mirrored orig_bbio is completed last. It sets orig_bbio->bio.bi_status to the btrfs_bio's error. But, that is easily over-written by orig_bbio's completion status. If the status is BLK_STS_OK, the upper layer would not know the failure. * Solution Considering the above cases, we can only save the error status in the orig_bbio (remaining part after split) itself as it is always available. Also, the saved error status should be propagated when all the split btrfs_bios are finished (i.e, bbio->pending_ios == 0). This commit introduces "status" to btrfs_bbio and saves the first error of split bios to original btrfs_bio's "status" variable. When all the split bios are finished, the saved status is loaded into original btrfs_bio's status. With this commit, btrfs/146 on zoned devices does not hit the NULL pointer dereference anymore. Fixes: 852eee62d31a ("btrfs: allow btrfs_submit_bio to split bios") CC: stable@vger.kernel.org # 6.6+ Reviewed-by: Qu Wenruo Reviewed-by: Christoph Hellwig Reviewed-by: Johannes Thumshirn Signed-off-by: Naohiro Aota Signed-off-by: David Sterba commit 90a88784cdb7757feb8dd520255e6cb861f30943 Author: David Sterba Date: Tue Oct 22 16:21:05 2024 +0200 MIPS: export __cmpxchg_small() Export the symbol __cmpxchg_small() for btrfs.ko that uses it to store blk_status_t, which is u8. Reported by LKP: >> ERROR: modpost: "__cmpxchg_small" [fs/btrfs/btrfs.ko] undefined! Patch using the cmpxchg() https://lore.kernel.org/linux-btrfs/1d4f72f7fee285b2ddf4bf62b0ac0fd89def5417.1728575379.git.naohiro.aota@wdc.com/ Link: https://lore.kernel.org/all/20241016134919.GO1609@suse.cz/ Acked-by: Thomas Bogendoerfer Signed-off-by: David Sterba commit c83212d79be2c9886d3e6039759ecd388fd5fed1 Author: Xiongfeng Wang Date: Wed Oct 16 16:47:40 2024 +0800 firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state() In sdei_device_freeze(), the input parameter of cpuhp_remove_state() is passed as 'sdei_entry_point' by mistake. Change it to 'sdei_hp_state'. Fixes: d2c48b2387eb ("firmware: arm_sdei: Fix sleep from invalid context BUG") Signed-off-by: Xiongfeng Wang Reviewed-by: James Morse Link: https://lore.kernel.org/r/20241016084740.183353-1-wangxiongfeng2@huawei.com Signed-off-by: Will Deacon commit 237ab03e301d21cc8fed631a8cdb5076c92ac263 Author: Marco Elver Date: Mon Oct 21 14:00:11 2024 +0200 Revert "kasan: Disable Software Tag-Based KASAN with GCC" This reverts commit 7aed6a2c51ffc97a126e0ea0c270fab7af97ae18. Now that __no_sanitize_address attribute is fixed for KASAN_SW_TAGS with GCC, allow re-enabling KASAN_SW_TAGS with GCC. Cc: Andrey Konovalov Cc: Andrew Pinski Cc: Mark Rutland Cc: Will Deacon Signed-off-by: Marco Elver Reviewed-by: Andrey Konovalov Link: https://lore.kernel.org/r/20241021120013.3209481-2-elver@google.com Signed-off-by: Will Deacon commit 894b00a3350c560990638bdf89bdf1f3d5491950 Author: Marco Elver Date: Mon Oct 21 14:00:10 2024 +0200 kasan: Fix Software Tag-Based KASAN with GCC Per [1], -fsanitize=kernel-hwaddress with GCC currently does not disable instrumentation in functions with __attribute__((no_sanitize_address)). However, __attribute__((no_sanitize("hwaddress"))) does correctly disable instrumentation. Use it instead. Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=117196 [1] Link: https://lore.kernel.org/r/000000000000f362e80620e27859@google.com Link: https://lore.kernel.org/r/ZvFGwKfoC4yVjN_X@J2N7QTR9R3 Link: https://bugzilla.kernel.org/show_bug.cgi?id=218854 Reported-by: syzbot+908886656a02769af987@syzkaller.appspotmail.com Tested-by: Andrey Konovalov Cc: Andrew Pinski Cc: Mark Rutland Cc: Will Deacon Signed-off-by: Marco Elver Reviewed-by: Andrey Konovalov Fixes: 7b861a53e46b ("kasan: Bump required compiler version") Link: https://lore.kernel.org/r/20241021120013.3209481-1-elver@google.com Signed-off-by: Will Deacon commit 3ad0edc46fb7668e75583ee6ebcce684f62ec4dc Author: Moudy Ho Date: Mon Oct 7 10:28:34 2024 +0800 dt-bindings: display: mediatek: split: add subschema property constraints The display node in mt8195.dtsi was triggering a CHECK_DTBS error due to an excessively long 'clocks' property: display@14f06000: clocks: [[31, 14], [31, 43], [31, 44]] is too long To resolve this issue, the constraints for 'clocks' and other properties within the subschemas will be reinforced. Fixes: 739058a9c5c3 ("dt-bindings: display: mediatek: split: add compatible for MT8195") Signed-off-by: Macpaul Lin Signed-off-by: Moudy Ho Reviewed-by: Krzysztof Kozlowski Link: https://patchwork.kernel.org/project/dri-devel/patch/20241007022834.4609-1-moudy.ho@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit d822ca29a4fc5278fb511790dace44836e8cc40d Author: Arnaldo Carvalho de Melo Date: Tue Oct 22 17:36:16 2024 -0300 tools headers UAPI: Sync kvm headers with the kernel sources To pick the changes in: aa8d1f48d353b046 ("KVM: x86/mmu: Introduce a quirk to control memslot zap behavior") That don't change functionality in tools/perf, as no new ioctl is added for the 'perf trace' scripts to harvest. This addresses these perf build warnings: Warning: Kernel ABI header differences: diff -u tools/arch/x86/include/uapi/asm/kvm.h arch/x86/include/uapi/asm/kvm.h Please see tools/include/uapi/README for further details. Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Paolo Bonzini Cc: Yan Zhao Link: https://lore.kernel.org/lkml/ZxgN0O02YrAJ2qIC@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 5d35634ecc2d2c3938bd7dc23df0ad046da1b303 Author: Jiri Slaby Date: Tue Oct 22 17:22:36 2024 -0300 perf trace: Fix non-listed archs in the syscalltbl routines This fixes a build breakage on 32-bit arm, where the syscalltbl__id_at_idx() function was missing. Committer notes: Generating a proper syscall table from a copy of arch/arm/tools/syscall.tbl ends up being too big a patch for this rc stage, I started doing it but while testing noticed some other problems with using BPF to collect pointer args on arm7 (32-bit) will maybe continue trying to make it work on the next cycle... Fixes: 7a2fb5619cc1fb53 ("perf trace: Fix iteration of syscall ids in syscalltbl->entries") Suggested-by: Howard Chu Signed-off-by: Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Howard Chu Cc: Ian Rogers Cc: Jiri Olsa Link: https://lore.kernel.org/lkml/3a592835-a14f-40be-8961-c0cee7720a94@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 7fbff3c0e085745b99f220ad56fcee3ea9643d87 Author: Howard Chu Date: Thu Oct 10 19:14:01 2024 -0700 perf build: Change the clang check back to 12.0.1 This serves as a revert for this patch: https://lore.kernel.org/linux-perf-users/ZuGL9ROeTV2uXoSp@x1/ Signed-off-by: Howard Chu Tested-by: James Clark Cc: Adrian Hunter Cc: Alan Maguire Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20241011021403.4089793-2-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit 395d38419f1853decab84acc16176b3fa5c96690 Author: Howard Chu Date: Thu Oct 10 19:14:02 2024 -0700 perf trace augmented_raw_syscalls: Add more checks to pass the verifier Add some more checks to pass the verifier in more kernels. Signed-off-by: Howard Chu Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alan Maguire Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20241011021403.4089793-3-howardchu95@gmail.com [ Reduced the patch removing things that can be done later ] Signed-off-by: Arnaldo Carvalho de Melo commit ecabac70ff919580324b407818ee3e6c0004dcf8 Author: Arnaldo Carvalho de Melo Date: Tue Oct 15 17:03:37 2024 -0300 perf trace augmented_raw_syscalls: Add extra array index bounds checking to satisfy some BPF verifiers In a RHEL8 kernel (4.18.0-513.11.1.el8_9.x86_64), that, as enterprise kernels go, have backports from modern kernels, the verifier complains about lack of bounds check for the index into the array of syscall arguments, on a BPF bytecode generated by clang 17, with: ; } else if (size < 0 && size >= -6) { /* buffer */ 116: (b7) r1 = -6 117: (2d) if r1 > r6 goto pc-30 R0=map_value(id=0,off=0,ks=4,vs=24688,imm=0) R1_w=inv-6 R2=map_value(id=0,off=16,ks=4,vs=8272,imm=0) R3=inv(id=0) R5=inv40 R6=inv(id=0,umin_value=18446744073709551610,var_off=(0xffffffff00000000; 0xffffffff)) R7=map_value(id=0,off=56,ks=4,vs=8272,imm=0) R8=invP6 R9=map_value(id=0,off=20,ks=4,vs=24,imm=0) R10=fp0 fp-8=mmmmmmmm fp-16=map_value fp-24=map_value fp-32=inv40 fp-40=ctx fp-48=map_value fp-56=inv1 fp-64=map_value fp-72=map_value fp-80=map_value ; index = -(size + 1); 118: (a7) r6 ^= -1 119: (67) r6 <<= 32 120: (77) r6 >>= 32 ; aug_size = args->args[index]; 121: (67) r6 <<= 3 122: (79) r1 = *(u64 *)(r10 -24) 123: (0f) r1 += r6 last_idx 123 first_idx 116 regs=40 stack=0 before 122: (79) r1 = *(u64 *)(r10 -24) regs=40 stack=0 before 121: (67) r6 <<= 3 regs=40 stack=0 before 120: (77) r6 >>= 32 regs=40 stack=0 before 119: (67) r6 <<= 32 regs=40 stack=0 before 118: (a7) r6 ^= -1 regs=40 stack=0 before 117: (2d) if r1 > r6 goto pc-30 regs=42 stack=0 before 116: (b7) r1 = -6 R0_w=map_value(id=0,off=0,ks=4,vs=24688,imm=0) R1_w=inv1 R2_w=map_value(id=0,off=16,ks=4,vs=8272,imm=0) R3_w=inv(id=0) R5_w=inv40 R6_rw=invP(id=0,smin_value=-2147483648,smax_value=0) R7_w=map_value(id=0,off=56,ks=4,vs=8272,imm=0) R8_w=invP6 R9_w=map_value(id=0,off=20,ks=4,vs=24,imm=0) R10=fp0 fp-8=mmmmmmmm fp-16_w=map_value fp-24_r=map_value fp-32_w=inv40 fp-40=ctx fp-48=map_value fp-56_w=inv1 fp-64_w=map_value fp-72=map_value fp-80=map_value parent didn't have regs=40 stack=0 marks last_idx 110 first_idx 98 regs=40 stack=0 before 110: (6d) if r1 s> r6 goto pc+5 regs=42 stack=0 before 109: (b7) r1 = 1 regs=40 stack=0 before 108: (65) if r6 s> 0x1000 goto pc+7 regs=40 stack=0 before 98: (55) if r6 != 0x1 goto pc+9 R0_w=map_value(id=0,off=0,ks=4,vs=24688,imm=0) R1_w=invP12 R2_w=map_value(id=0,off=16,ks=4,vs=8272,imm=0) R3_rw=inv(id=0) R5_w=inv24 R6_rw=invP(id=0,smin_value=-2147483648,smax_value=2147483647) R7_w=map_value(id=0,off=40,ks=4,vs=8272,imm=0) R8_rw=invP4 R9_w=map_value(id=0,off=12,ks=4,vs=24,imm=0) R10=fp0 fp-8=mmmmmmmm fp-16_rw=map_value fp-24_r=map_value fp-32_rw=invP24 fp-40_r=ctx fp-48_r=map_value fp-56_w=invP1 fp-64_rw=map_value fp-72_r=map_value fp-80_r=map_value parent already had regs=40 stack=0 marks 124: (79) r6 = *(u64 *)(r1 +16) R0=map_value(id=0,off=0,ks=4,vs=24688,imm=0) R1_w=map_value(id=0,off=0,ks=4,vs=8272,umax_value=34359738360,var_off=(0x0; 0x7fffffff8),s32_max_value=2147483640,u32_max_value=-8) R2=map_value(id=0,off=16,ks=4,vs=8272,imm=0) R3=inv(id=0) R5=inv40 R6_w=invP(id=0,umax_value=34359738360,var_off=(0x0; 0x7fffffff8),s32_max_value=2147483640,u32_max_value=-8) R7=map_value(id=0,off=56,ks=4,vs=8272,imm=0) R8=invP6 R9=map_value(id=0,off=20,ks=4,vs=24,imm=0) R10=fp0 fp-8=mmmmmmmm fp-16=map_value fp-24=map_value fp-32=inv40 fp-40=ctx fp-48=map_value fp-56=inv1 fp-64=map_value fp-72=map_value fp-80=map_value R1 unbounded memory access, make sure to bounds check any such access processed 466 insns (limit 1000000) max_states_per_insn 2 total_states 20 peak_states 20 mark_read 3 If we add this line, as used in other BPF programs, to cap that index: index &= 7; The generated BPF program is considered safe by that version of the BPF verifier, allowing perf to collect the syscall args in one more kernel using the BPF based pointer contents collector. With the above one-liner it works with that kernel: [root@dell-per740-01 ~]# uname -a Linux dell-per740-01.khw.eng.rdu2.dc.redhat.com 4.18.0-513.11.1.el8_9.x86_64 #1 SMP Thu Dec 7 03:06:13 EST 2023 x86_64 x86_64 x86_64 GNU/Linux [root@dell-per740-01 ~]# ~acme/bin/perf trace -e *sleep* sleep 1.234567890 0.000 (1234.704 ms): sleep/3863610 nanosleep(rqtp: { .tv_sec: 1, .tv_nsec: 234567890 }) = 0 [root@dell-per740-01 ~]# As well as with the one in Fedora 40: root@number:~# uname -a Linux number 6.11.3-200.fc40.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Oct 10 22:31:19 UTC 2024 x86_64 GNU/Linux root@number:~# perf trace -e *sleep* sleep 1.234567890 0.000 (1234.722 ms): sleep/14873 clock_nanosleep(rqtp: { .tv_sec: 1, .tv_nsec: 234567890 }, rmtp: 0x7ffe87311a40) = 0 root@number:~# Song Liu reported that this one-liner was being optimized out by clang 18, so I suggested and he tested that adding a compiler barrier before it made clang v18 to keep it and the verifier in the kernel in Song's case (Meta's 5.12 based kernel) also was happy with the resulting bytecode. I'll investigate using virtme-ng[1] to have all the perf BPF based functionality thoroughly tested over multiple kernels and clang versions. [1] https://kernel-recipes.org/en/2024/virtme-ng/ Cc: Adrian Hunter Cc: Alan Maguire Cc: Alexander Shishkin Cc: Andrea Righi Cc: Howard Chu Cc: Ian Rogers Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Song Liu Link: https://lore.kernel.org/lkml/Zw7JgJc0LOwSpuvx@x1 Signed-off-by: Arnaldo Carvalho de Melo commit af6ab107ce2c338790c6629fe0edc0333e708be8 Author: Macpaul Lin Date: Thu Oct 3 11:09:19 2024 +0800 dt-bindings: display: mediatek: dpi: correct power-domains property The MediaTek DPI module is typically associated with one of the following multimedia power domains: - POWER_DOMAIN_DISPLAY - POWER_DOMAIN_VDOSYS - POWER_DOMAIN_MM The specific power domain used varies depending on the SoC design. These power domains are shared by multiple devices within the SoC. In most cases, these power domains are enabled by other devices. As a result, the DPI module of legacy SoCs often functions correctly even without explicit configuration. It is recommended to explicitly add the appropriate power domain property to the DPI node in the device tree. Hence drop the compatible checking for specific SoCs. Fixes: 5474d49b2f79 ("dt-bindings: display: mediatek: dpi: Add power domains") Signed-off-by: Macpaul Lin Signed-off-by: Jitao Shi Signed-off-by: Pablo Sun Reviewed-by: Krzysztof Kozlowski Link: https://patchwork.kernel.org/project/dri-devel/patch/20241003030919.17980-4-macpaul.lin@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit 246b435ad668596aa0e2bbb9d491b6413861211a Author: Luiz Augusto von Dentz Date: Tue Oct 22 15:35:49 2024 -0400 Bluetooth: ISO: Fix UAF on iso_sock_timeout conn->sk maybe have been unlinked/freed while waiting for iso_conn_lock so this checks if the conn->sk is still valid by checking if it part of iso_sk_list. Fixes: ccf74f2390d6 ("Bluetooth: Add BTPROTO_ISO socket type") Signed-off-by: Luiz Augusto von Dentz commit 1bf4470a3939c678fb822073e9ea77a0560bc6bb Author: Luiz Augusto von Dentz Date: Tue Oct 22 12:31:08 2024 -0400 Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been unlinked/freed while waiting for sco_conn_lock so this checks if the conn->sk is still valid by checking if it part of sco_sk_list. Reported-by: syzbot+4c0d0c4cde787116d465@syzkaller.appspotmail.com Tested-by: syzbot+4c0d0c4cde787116d465@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=4c0d0c4cde787116d465 Fixes: ba316be1b6a0 ("Bluetooth: schedule SCO timeouts with delayed_work") Signed-off-by: Luiz Augusto von Dentz commit 989fa5171f005ecf63440057218d8aeb1795287d Author: Luiz Augusto von Dentz Date: Tue Oct 22 11:09:13 2024 -0400 Bluetooth: hci_core: Disable works on hci_unregister_dev This make use of disable_work_* on hci_unregister_dev since the hci_dev is about to be freed new submissions are not disarable. Fixes: 0d151a103775 ("Bluetooth: hci_core: cancel all works upon hci_unregister_dev()") Signed-off-by: Luiz Augusto von Dentz commit 73adbd92f3223dc0c3506822b71c6b259d5d537b Author: Huacai Chen Date: Wed Oct 23 22:15:44 2024 +0800 LoongArch: KVM: Mark hrtimer to expire in hard interrupt context Like commit 2c0d278f3293f ("KVM: LAPIC: Mark hrtimer to expire in hard interrupt context") and commit 9090825fa9974 ("KVM: arm/arm64: Let the timer expire in hardirq context on RT"), On PREEMPT_RT enabled kernels unmarked hrtimers are moved into soft interrupt expiry mode by default. Then the timers are canceled from an preempt-notifier which is invoked with disabled preemption which is not allowed on PREEMPT_RT. The timer callback is short so in could be invoked in hard-IRQ context. So let the timer expire on hard-IRQ context even on -RT. This fix a "scheduling while atomic" bug for PREEMPT_RT enabled kernels: BUG: scheduling while atomic: qemu-system-loo/1011/0x00000002 Modules linked in: amdgpu rfkill nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat ns CPU: 1 UID: 0 PID: 1011 Comm: qemu-system-loo Tainted: G W 6.12.0-rc2+ #1774 Tainted: [W]=WARN Hardware name: Loongson Loongson-3A5000-7A1000-1w-CRB/Loongson-LS3A5000-7A1000-1w-CRB, BIOS vUDK2018-LoongArch-V2.0.0-prebeta9 10/21/2022 Stack : ffffffffffffffff 0000000000000000 9000000004e3ea38 9000000116744000 90000001167475a0 0000000000000000 90000001167475a8 9000000005644830 90000000058dc000 90000000058dbff8 9000000116747420 0000000000000001 0000000000000001 6a613fc938313980 000000000790c000 90000001001c1140 00000000000003fe 0000000000000001 000000000000000d 0000000000000003 0000000000000030 00000000000003f3 000000000790c000 9000000116747830 90000000057ef000 0000000000000000 9000000005644830 0000000000000004 0000000000000000 90000000057f4b58 0000000000000001 9000000116747868 900000000451b600 9000000005644830 9000000003a13998 0000000010000020 00000000000000b0 0000000000000004 0000000000000000 0000000000071c1d ... Call Trace: [<9000000003a13998>] show_stack+0x38/0x180 [<9000000004e3ea34>] dump_stack_lvl+0x84/0xc0 [<9000000003a71708>] __schedule_bug+0x48/0x60 [<9000000004e45734>] __schedule+0x1114/0x1660 [<9000000004e46040>] schedule_rtlock+0x20/0x60 [<9000000004e4e330>] rtlock_slowlock_locked+0x3f0/0x10a0 [<9000000004e4f038>] rt_spin_lock+0x58/0x80 [<9000000003b02d68>] hrtimer_cancel_wait_running+0x68/0xc0 [<9000000003b02e30>] hrtimer_cancel+0x70/0x80 [] kvm_restore_timer+0x50/0x1a0 [kvm] [] kvm_arch_vcpu_load+0x68/0x2a0 [kvm] [] kvm_sched_in+0x34/0x60 [kvm] [<9000000003a749a0>] finish_task_switch.isra.0+0x140/0x2e0 [<9000000004e44a70>] __schedule+0x450/0x1660 [<9000000004e45cb0>] schedule+0x30/0x180 [] kvm_vcpu_block+0x70/0x120 [kvm] [] kvm_vcpu_halt+0x60/0x3e0 [kvm] [] kvm_handle_gspr+0x3f4/0x4e0 [kvm] [] kvm_handle_exit+0x1c8/0x260 [kvm] Reviewed-by: Bibo Mao Signed-off-by: Huacai Chen commit 3c252263be801f937f56b4bcd8e8e2b5307c1ce5 Author: Huacai Chen Date: Wed Oct 23 22:15:30 2024 +0800 LoongArch: Make KASAN usable for variable cpu_vabits Currently, KASAN on LoongArch assume the CPU VA bits is 48, which is true for Loongson-3 series, but not for Loongson-2 series (only 40 or lower), this patch fix that issue and make KASAN usable for variable cpu_vabits. Solution is very simple: Just define XRANGE_SHADOW_SHIFT which means valid address length from VA_BITS to min(cpu_vabits, VA_BITS). Cc: stable@vger.kernel.org Signed-off-by: Kanglong Wang Signed-off-by: Huacai Chen commit 4018651ba5c409034149f297d3dd3328b91561fd Author: Dan Carpenter Date: Thu Sep 12 11:44:59 2024 +0300 drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() In mtk_crtc_create(), if the call to mbox_request_channel() fails then we set the "mtk_crtc->cmdq_client.chan" pointer to NULL. In that situation, we do not call cmdq_pkt_create(). During the cleanup, we need to check if the "mtk_crtc->cmdq_client.chan" is NULL first before calling cmdq_pkt_destroy(). Calling cmdq_pkt_destroy() is unnecessary if we didn't call cmdq_pkt_create() and it will result in a NULL pointer dereference. Fixes: 7627122fd1c0 ("drm/mediatek: Add cmdq_handle in mtk_crtc") Signed-off-by: Dan Carpenter Reviewed-by: AngeloGioacchino Del Regno Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/cc537bd6-837f-4c85-a37b-1a007e268310@stanley.mountain/ Signed-off-by: Chun-Kuang Hu commit 6e62807c7fbb3c758d233018caf94dfea9c65dbd Author: Jinjie Ruan Date: Fri Oct 18 18:07:48 2024 +0800 posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() If get_clock_desc() succeeds, it calls fget() for the clockid's fd, and get the clk->rwsem read lock, so the error path should release the lock to make the lock balance and fput the clockid's fd to make the refcount balance and release the fd related resource. However the below commit left the error path locked behind resulting in unbalanced locking. Check timespec64_valid_strict() before get_clock_desc() to fix it, because the "ts" is not changed after that. Fixes: d8794ac20a29 ("posix-clock: Fix missing timespec64 check in pc_clock_settime()") Acked-by: Richard Cochran Signed-off-by: Jinjie Ruan Acked-by: Anna-Maria Behnsen [pabeni@redhat.com: fixed commit message typo] Signed-off-by: Paolo Abeni commit 3ded11b5c1b476f6d027d9017aa7deb8ab381ec1 Author: Liankun Yang Date: Mon Sep 23 21:24:15 2024 +0800 drm/mediatek: Fix get efuse issue for MT8188 DPTX Update efuse data for MT8188 displayport. The DP monitor can not display when DUT connected to USB-c to DP dongle. Analysis view is invalid DP efuse data. Fixes: 350c3fe907fb ("drm/mediatek: dp: Add support MT8188 dp/edp function") Reviewed-by: Matthias Brugger Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Liankun Yang Reviewed-by: Fei Shao Tested-by: Fei Shao Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20240923132521.22785-1-liankun.yang@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit 10ce0db787004875f4dba068ea952207d1d8abeb Author: Heiner Kallweit Date: Fri Oct 18 11:08:16 2024 +0200 r8169: avoid unsolicited interrupts It was reported that after resume from suspend a PCI error is logged and connectivity is broken. Error message is: PCI error (cmd = 0x0407, status_errs = 0x0000) The message seems to be a red herring as none of the error bits is set, and the PCI command register value also is normal. Exception handling for a PCI error includes a chip reset what apparently brakes connectivity here. The interrupt status bit triggering the PCI error handling isn't actually used on PCIe chip versions, so it's not clear why this bit is set by the chip. Fix this by ignoring this bit on PCIe chip versions. Fixes: 0e4851502f84 ("r8169: merge with version 8.001.00 of Realtek's r8168 driver") Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219388 Tested-by: Atlas Yu Signed-off-by: Heiner Kallweit Reviewed-by: Simon Horman Link: https://patch.msgid.link/78e2f535-438f-4212-ad94-a77637ac6c9c@gmail.com Signed-off-by: Paolo Abeni commit 2ce1007f42b8a6a0814386cb056feb28dc6d6091 Author: Ye Bin Date: Wed Oct 23 09:24:30 2024 +0800 cifs: fix warning when destroy 'cifs_io_request_pool' There's a issue as follows: WARNING: CPU: 1 PID: 27826 at mm/slub.c:4698 free_large_kmalloc+0xac/0xe0 RIP: 0010:free_large_kmalloc+0xac/0xe0 Call Trace: ? __warn+0xea/0x330 mempool_destroy+0x13f/0x1d0 init_cifs+0xa50/0xff0 [cifs] do_one_initcall+0xdc/0x550 do_init_module+0x22d/0x6b0 load_module+0x4e96/0x5ff0 init_module_from_file+0xcd/0x130 idempotent_init_module+0x330/0x620 __x64_sys_finit_module+0xb3/0x110 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Obviously, 'cifs_io_request_pool' is not created by mempool_create(). So just use mempool_exit() to revert 'cifs_io_request_pool'. Fixes: edea94a69730 ("cifs: Add mempools for cifs_io_request and cifs_io_subrequest structs") Signed-off-by: Ye Bin Acked-by: David Howells commit 9a5dd61151399ad5a5d69aad28ab164734c1e3bc Author: Henrique Carvalho Date: Tue Oct 22 15:21:26 2024 -0300 smb: client: Handle kstrdup failures for passwords In smb3_reconfigure(), after duplicating ctx->password and ctx->password2 with kstrdup(), we need to check for allocation failures. If ses->password allocation fails, return -ENOMEM. If ses->password2 allocation fails, free ses->password, set it to NULL, and return -ENOMEM. Fixes: c1eb537bf456 ("cifs: allow changing password during remount") Reviewed-by: David Howells Signed-off-by: Henrique Carvalho Signed-off-by: Steve French commit e3ea2757c312e51bbf62ebc434a6f7df1e3a201f Author: Kailang Yang Date: Wed Oct 23 16:13:10 2024 +0800 ALSA: hda/realtek: Update default depop procedure Old procedure has a chance to meet Headphone no output. Fixes: c2d6af53a43f ("ALSA: hda/realtek - Add default procedure for suspend and resume state") Signed-off-by: Kailang Yang Link: https://lore.kernel.org/17b717a0a0b04a77aea4a8ec820cba13@realtek.com Signed-off-by: Takashi Iwai commit b22db8b8befe90b61c98626ca1a2fbb0505e9fe3 Author: Dmitry Antipov Date: Fri Oct 18 08:13:39 2024 +0300 net: sched: use RCU read-side critical section in taprio_dump() Fix possible use-after-free in 'taprio_dump()' by adding RCU read-side critical section there. Never seen on x86 but found on a KASAN-enabled arm64 system when investigating https://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa: [T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0 [T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862 [T15862] [T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2 [T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024 [T15862] Call trace: [T15862] dump_backtrace+0x20c/0x220 [T15862] show_stack+0x2c/0x40 [T15862] dump_stack_lvl+0xf8/0x174 [T15862] print_report+0x170/0x4d8 [T15862] kasan_report+0xb8/0x1d4 [T15862] __asan_report_load4_noabort+0x20/0x2c [T15862] taprio_dump+0xa0c/0xbb0 [T15862] tc_fill_qdisc+0x540/0x1020 [T15862] qdisc_notify.isra.0+0x330/0x3a0 [T15862] tc_modify_qdisc+0x7b8/0x1838 [T15862] rtnetlink_rcv_msg+0x3c8/0xc20 [T15862] netlink_rcv_skb+0x1f8/0x3d4 [T15862] rtnetlink_rcv+0x28/0x40 [T15862] netlink_unicast+0x51c/0x790 [T15862] netlink_sendmsg+0x79c/0xc20 [T15862] __sock_sendmsg+0xe0/0x1a0 [T15862] ____sys_sendmsg+0x6c0/0x840 [T15862] ___sys_sendmsg+0x1ac/0x1f0 [T15862] __sys_sendmsg+0x110/0x1d0 [T15862] __arm64_sys_sendmsg+0x74/0xb0 [T15862] invoke_syscall+0x88/0x2e0 [T15862] el0_svc_common.constprop.0+0xe4/0x2a0 [T15862] do_el0_svc+0x44/0x60 [T15862] el0_svc+0x50/0x184 [T15862] el0t_64_sync_handler+0x120/0x12c [T15862] el0t_64_sync+0x190/0x194 [T15862] [T15862] Allocated by task 15857: [T15862] kasan_save_stack+0x3c/0x70 [T15862] kasan_save_track+0x20/0x3c [T15862] kasan_save_alloc_info+0x40/0x60 [T15862] __kasan_kmalloc+0xd4/0xe0 [T15862] __kmalloc_cache_noprof+0x194/0x334 [T15862] taprio_change+0x45c/0x2fe0 [T15862] tc_modify_qdisc+0x6a8/0x1838 [T15862] rtnetlink_rcv_msg+0x3c8/0xc20 [T15862] netlink_rcv_skb+0x1f8/0x3d4 [T15862] rtnetlink_rcv+0x28/0x40 [T15862] netlink_unicast+0x51c/0x790 [T15862] netlink_sendmsg+0x79c/0xc20 [T15862] __sock_sendmsg+0xe0/0x1a0 [T15862] ____sys_sendmsg+0x6c0/0x840 [T15862] ___sys_sendmsg+0x1ac/0x1f0 [T15862] __sys_sendmsg+0x110/0x1d0 [T15862] __arm64_sys_sendmsg+0x74/0xb0 [T15862] invoke_syscall+0x88/0x2e0 [T15862] el0_svc_common.constprop.0+0xe4/0x2a0 [T15862] do_el0_svc+0x44/0x60 [T15862] el0_svc+0x50/0x184 [T15862] el0t_64_sync_handler+0x120/0x12c [T15862] el0t_64_sync+0x190/0x194 [T15862] [T15862] Freed by task 6192: [T15862] kasan_save_stack+0x3c/0x70 [T15862] kasan_save_track+0x20/0x3c [T15862] kasan_save_free_info+0x4c/0x80 [T15862] poison_slab_object+0x110/0x160 [T15862] __kasan_slab_free+0x3c/0x74 [T15862] kfree+0x134/0x3c0 [T15862] taprio_free_sched_cb+0x18c/0x220 [T15862] rcu_core+0x920/0x1b7c [T15862] rcu_core_si+0x10/0x1c [T15862] handle_softirqs+0x2e8/0xd64 [T15862] __do_softirq+0x14/0x20 Fixes: 18cdd2f0998a ("net/sched: taprio: taprio_dump and taprio_change are protected by rtnl_mutex") Acked-by: Vinicius Costa Gomes Signed-off-by: Dmitry Antipov Link: https://patch.msgid.link/20241018051339.418890-2-dmantipov@yandex.ru Signed-off-by: Paolo Abeni commit f504465970aebb2467da548f7c1efbbf36d0f44b Author: Dmitry Antipov Date: Fri Oct 18 08:13:38 2024 +0300 net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch / removal caused by 'advance_sched()', and critical section protected by 'q->current_entry_lock' is too small to prevent from such a scenario (which causes use-after-free detected by KASAN). Fix this by prefer 'rcu_replace_pointer()' over 'rcu_assign_pointer()' to update 'admin' immediately before an attempt to schedule freeing. Fixes: a3d43c0d56f1 ("taprio: Add support adding an admin schedule") Reported-by: syzbot+b65e0af58423fc8a73aa@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa Acked-by: Vinicius Costa Gomes Signed-off-by: Dmitry Antipov Link: https://patch.msgid.link/20241018051339.418890-1-dmantipov@yandex.ru Signed-off-by: Paolo Abeni commit 88a921aa3c6b006160d6a46a231b8b32227e8196 Author: Ashish Kalra Date: Thu Aug 15 22:16:30 2024 +0000 x86/sev: Ensure that RMP table fixups are reserved The BIOS reserves RMP table memory via e820 reservations. This can still lead to RMP page faults during kexec if the host tries to access memory within the same 2MB region. Commit 400fea4b9651 ("x86/sev: Add callback to apply RMP table fixups for kexec" adjusts the e820 reservations for the RMP table so that the entire 2MB range at the start/end of the RMP table is marked reserved. The e820 reservations are then passed to firmware via SNP_INIT where they get marked HV-Fixed. The RMP table fixups are done after the e820 ranges have been added to memblock, allowing the fixup ranges to still be allocated and used by the system. The problem is that this memory range is now marked reserved in the e820 tables and during SNP initialization these reserved ranges are marked as HV-Fixed. This means that the pages cannot be used by an SNP guest, only by the hypervisor. However, the memory management subsystem does not make this distinction and can allocate one of those pages to an SNP guest. This will ultimately result in RMPUPDATE failures associated with the guest, causing it to fail to start or terminate when accessing the HV-Fixed page. The issue is captured below with memblock=debug: [ 0.000000] SEV-SNP: *** DEBUG: snp_probe_rmptable_info:352 - rmp_base=0x280d4800000, rmp_end=0x28357efffff ... [ 0.000000] BIOS-provided physical RAM map: ... [ 0.000000] BIOS-e820: [mem 0x00000280d4800000-0x0000028357efffff] reserved [ 0.000000] BIOS-e820: [mem 0x0000028357f00000-0x0000028357ffffff] usable ... ... [ 0.183593] memblock add: [0x0000028357f00000-0x0000028357ffffff] e820__memblock_setup+0x74/0xb0 ... [ 0.203179] MEMBLOCK configuration: [ 0.207057] memory size = 0x0000027d0d194000 reserved size = 0x0000000009ed2c00 [ 0.215299] memory.cnt = 0xb ... [ 0.311192] memory[0x9] [0x0000028357f00000-0x0000028357ffffff], 0x0000000000100000 bytes flags: 0x0 ... ... [ 0.419110] SEV-SNP: Reserving start/end of RMP table on a 2MB boundary [0x0000028357e00000] [ 0.428514] e820: update [mem 0x28357e00000-0x28357ffffff] usable ==> reserved [ 0.428517] e820: update [mem 0x28357e00000-0x28357ffffff] usable ==> reserved [ 0.428520] e820: update [mem 0x28357e00000-0x28357ffffff] usable ==> reserved ... ... [ 5.604051] MEMBLOCK configuration: [ 5.607922] memory size = 0x0000027d0d194000 reserved size = 0x0000000011faae02 [ 5.616163] memory.cnt = 0xe ... [ 5.754525] memory[0xc] [0x0000028357f00000-0x0000028357ffffff], 0x0000000000100000 bytes on node 0 flags: 0x0 ... ... [ 10.080295] Early memory node ranges[ 10.168065] ... node 0: [mem 0x0000028357f00000-0x0000028357ffffff] ... ... [ 8149.348948] SEV-SNP: RMPUPDATE failed for PFN 28357f7c, pg_level: 1, ret: 2 As shown above, the memblock allocations show 1MB after the end of the RMP as available for allocation, which is what the RMP table fixups have reserved. This memory range subsequently gets allocated as SNP guest memory, resulting in an RMPUPDATE failure. This can potentially be fixed by not reserving the memory range in the e820 table, but that causes kexec failures when using the KEXEC_FILE_LOAD syscall. The solution is to use memblock_reserve() to mark the memory reserved for the system, ensuring that it cannot be allocated to an SNP guest. Since HV-Fixed memory is still readable/writable by the host, this only ends up being a problem if the memory in this range requires a page state change, which generally will only happen when allocating memory in this range to be used for running SNP guests, which is now possible with the SNP hypervisor support in kernel 6.11. Backporter note: Fixes tag points to a 6.9 change but as the last paragraph above explains, this whole thing can happen after 6.11 received SNP HV support, therefore backporting to 6.9 is not really necessary. [ bp: Massage commit message. ] Fixes: 400fea4b9651 ("x86/sev: Add callback to apply RMP table fixups for kexec") Suggested-by: Thomas Lendacky Signed-off-by: Ashish Kalra Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Tom Lendacky Cc: # 6.11, see Backporter note above. Link: https://lore.kernel.org/r/20240815221630.131133-1-Ashish.Kalra@amd.com commit 825bb69228c8ab85637d21cdf4d44207937130b6 Author: E Shattow Date: Mon Oct 21 23:09:51 2024 -0700 riscv: dts: starfive: Update ethernet phy0 delay parameter values for Star64 Improve function of Star64 bottom network port phy0 with updated delay values. Initial upstream patches supporting Star64 use the same vendor board support package parameters known to result in an unreliable bottom network port. Success acquiring DHCP lease and no dropped packets to ping LAN address: rx 900: tx 1500 1650 1800 1950 rx 750: tx 1650 1800 1950 rx 600: tx 1800 1950 rx 1050: tx 1650 1800 1950 rx 1200: tx 1500 1650 1800 1950 rx 1350: tx 1500 1650 1800 1950 rx 1500: tx 1500 1650 1800 1950 rx 1650: tx 1500 1650 1800 1950 rx 1800: tx 1500 1650 1800 1950 rx 1900: tx 1950 rx 1950: tx 1950 Failure acquiring DHCP lease or many dropped packets: rx 450: tx 1500 1800 1950 rx 600: tx 1200 1350 1650 rx 750: tx 1350 1500 rx 900: tx 1200 1350 rx 1050: tx 1050 1200 1350 1500 rx 1200: tx 1350 rx 1350: tx 1350 rx 1500: tx 1200 1350 rx 1650: tx 1050 1200 1350 rx 1800: tx 1050 1200 1350 rx 1900: tx 1500 1650 1800 rx 1950: tx 1200 1350 Non-functional: rx 0: tx 0 150 300 450 600 750 900 1050 1200 1350 1500 1650 1800 1950 rx 150: tx 0 150 300 450 600 750 900 1050 1200 1350 1500 1650 1800 1950 rx 300: tx 0 150 300 450 600 750 900 1050 1200 1350 1500 1650 1800 1950 rx 450: tx 0 150 300 450 600 750 900 1050 1200 1350 1650 rx 600: tx 0 150 300 450 600 750 900 1050 rx 750: tx 0 150 300 450 600 750 900 1050 1200 rx 900: tx 0 150 300 450 600 750 900 1050 rx 1050: tx 0 150 300 450 600 750 900 rx 1200: tx 0 150 300 450 600 750 900 1050 1200 rx 1350: tx 0 150 300 450 600 750 900 1050 1200 rx 1500: tx 0 150 300 450 600 750 900 1050 rx 1650: tx 0 150 300 450 600 750 900 rx 1800: tx 0 150 300 450 600 750 900 rx 1900: tx 0 150 300 450 600 750 900 1050 1200 1350 rx 1950: tx 0 150 300 450 600 750 900 1050 Selecting the median of all working rx delay values 1500 combined with tx delay values 1500, 1650, 1800, and 1950 only the tx delay value of 1950 (default) is reliable as tested in both Linux 6.11.2 and U-Boot v2024.10 Signed-off-by: E Shattow CC: stable@vger.kernel.org Fixes: 2606bf583b962 ("riscv: dts: starfive: add Star64 board devicetree") Acked-by: Emil Renner Berthing Signed-off-by: Conor Dooley commit 34d35b4edbbe890a91bec939bfd29ad92517a52b Author: Vladimir Oltean Date: Thu Oct 17 19:10:48 2024 +0300 net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers tcf_action_init() has logic for checking mismatches between action and filter offload flags (skip_sw/skip_hw). AFAIU, this is intended to run on the transition between the new tc_act_bind(flags) returning true (aka now gets bound to classifier) and tc_act_bind(act->tcfa_flags) returning false (aka action was not bound to classifier before). Otherwise, the check is skipped. For the case where an action is not standalone, but rather it was created by a classifier and is bound to it, tcf_action_init() skips the check entirely, and this means it allows mismatched flags to occur. Taking the matchall classifier code path as an example (with mirred as an action), the reason is the following: 1 | mall_change() 2 | -> mall_replace_hw_filter() 3 | -> tcf_exts_validate_ex() 4 | -> flags |= TCA_ACT_FLAGS_BIND; 5 | -> tcf_action_init() 6 | -> tcf_action_init_1() 7 | -> a_o->init() 8 | -> tcf_mirred_init() 9 | -> tcf_idr_create_from_flags() 10 | -> tcf_idr_create() 11 | -> p->tcfa_flags = flags; 12 | -> tc_act_bind(flags)) 13 | -> tc_act_bind(act->tcfa_flags) When invoked from tcf_exts_validate_ex() like matchall does (but other classifiers validate their extensions as well), tcf_action_init() runs in a call path where "flags" always contains TCA_ACT_FLAGS_BIND (set by line 4). So line 12 is always true, and line 13 is always true as well. No transition ever takes place, and the check is skipped. The code was added in this form in commit c86e0209dc77 ("flow_offload: validate flags of filter and actions"), but I'm attributing the blame even earlier in that series, to when TCA_ACT_FLAGS_SKIP_HW and TCA_ACT_FLAGS_SKIP_SW were added to the UAPI. Following the development process of this change, the check did not always exist in this form. A change took place between v3 [1] and v4 [2], AFAIU due to review feedback that it doesn't make sense for action flags to be different than classifier flags. I think I agree with that feedback, but it was translated into code that omits enforcing this for "classic" actions created at the same time with the filters themselves. There are 3 more important cases to discuss. First there is this command: $ tc qdisc add dev eth0 clasct $ tc filter add dev eth0 ingress matchall skip_sw \ action mirred ingress mirror dev eth1 which should be allowed, because prior to the concept of dedicated action flags, it used to work and it used to mean the action inherited the skip_sw/skip_hw flags from the classifier. It's not a mismatch. Then we have this command: $ tc qdisc add dev eth0 clasct $ tc filter add dev eth0 ingress matchall skip_sw \ action mirred ingress mirror dev eth1 skip_hw where there is a mismatch and it should be rejected. Finally, we have: $ tc qdisc add dev eth0 clasct $ tc filter add dev eth0 ingress matchall skip_sw \ action mirred ingress mirror dev eth1 skip_sw where the offload flags coincide, and this should be treated the same as the first command based on inheritance, and accepted. [1]: https://lore.kernel.org/netdev/20211028110646.13791-9-simon.horman@corigine.com/ [2]: https://lore.kernel.org/netdev/20211118130805.23897-10-simon.horman@corigine.com/ Fixes: 7adc57651211 ("flow_offload: add skip_hw and skip_sw to control if offload the action") Signed-off-by: Vladimir Oltean Reviewed-by: Simon Horman Reviewed-by: Ido Schimmel Tested-by: Ido Schimmel Link: https://patch.msgid.link/20241017161049.3570037-1-vladimir.oltean@nxp.com Signed-off-by: Paolo Abeni commit 0b6e2e22cb23105fcb171ab92f0f7516c69c8471 Author: Leo Yan Date: Mon Oct 7 15:47:24 2024 +0100 tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL terminating character. This commit checks this condition and returns failure for it. Link: https://lore.kernel.org/all/20241007144724.920954-1-leo.yan@arm.com/ Fixes: dec65d79fd26 ("tracing/probe: Check event name length correctly") Signed-off-by: Leo Yan Reviewed-by: Steven Rostedt (Google) Signed-off-by: Masami Hiramatsu (Google) commit 73f35080477e893aa6f4c8d388352b871b288fbc Author: Mikel Rychliski Date: Mon Sep 30 16:26:54 2024 -0400 tracing/probes: Fix MAX_TRACE_ARGS limit handling When creating a trace_probe we would set nr_args prior to truncating the arguments to MAX_TRACE_ARGS. However, we would only initialize arguments up to the limit. This caused invalid memory access when attempting to set up probes with more than 128 fetchargs. BUG: kernel NULL pointer dereference, address: 0000000000000020 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: Oops: 0000 [#1] PREEMPT SMP PTI CPU: 0 UID: 0 PID: 1769 Comm: cat Not tainted 6.11.0-rc7+ #8 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014 RIP: 0010:__set_print_fmt+0x134/0x330 Resolve the issue by applying the MAX_TRACE_ARGS limit earlier. Return an error when there are too many arguments instead of silently truncating. Link: https://lore.kernel.org/all/20240930202656.292869-1-mikel@mikelr.com/ Fixes: 035ba76014c0 ("tracing/probes: cleanup: Set trace_probe::nr_args at trace_probe_init") Signed-off-by: Mikel Rychliski Signed-off-by: Masami Hiramatsu (Google) commit 2b059d0d1e624adc6e69a754bc48057f8bf459dc Author: Pei Xiao Date: Wed Oct 23 14:21:17 2024 +0800 slub/kunit: fix a WARNING due to unwrapped __kmalloc_cache_noprof 'modprobe slub_kunit' will have a warning as shown below. The root cause is that __kmalloc_cache_noprof was directly used, which resulted in no alloc_tag being allocated. This caused current->alloc_tag to be null, leading to a warning in alloc_tag_add_check. Let's add an alloc_hook layer to __kmalloc_cache_noprof specifically within lib/slub_kunit.c, which is the only user of this internal slub function outside kmalloc implementation itself. [58162.947016] WARNING: CPU: 2 PID: 6210 at ./include/linux/alloc_tag.h:125 alloc_tagging_slab_alloc_hook+0x268/0x27c [58162.957721] Call trace: [58162.957919] alloc_tagging_slab_alloc_hook+0x268/0x27c [58162.958286] __kmalloc_cache_noprof+0x14c/0x344 [58162.958615] test_kmalloc_redzone_access+0x50/0x10c [slub_kunit] [58162.959045] kunit_try_run_case+0x74/0x184 [kunit] [58162.959401] kunit_generic_run_threadfn_adapter+0x2c/0x4c [kunit] [58162.959841] kthread+0x10c/0x118 [58162.960093] ret_from_fork+0x10/0x20 [58162.960363] ---[ end trace 0000000000000000 ]--- Signed-off-by: Pei Xiao Fixes: a0a44d9175b3 ("mm, slab: don't wrap internal functions with alloc_hooks()") Signed-off-by: Vlastimil Babka commit 4b60a5655528786bf659e9627fb0b45900f4cc66 Author: Elena Salomatkina Date: Wed Oct 23 00:37:08 2024 +0300 sumversion: Fix a memory leak in get_src_version() strsep() modifies its first argument - buf. An invalid pointer will be passed to the free() function. Make the pointer passed to free() match the return value of read_text_file(). Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 9413e7640564 ("kbuild: split the second line of *.mod into *.usyms") Signed-off-by: Elena Salomatkina Signed-off-by: Masahiro Yamada commit f489f6c6eb26482010470d77bad3901a3de1b166 Author: Qingqing Zhou Date: Wed Oct 23 00:51:48 2024 +0530 firmware: qcom: scm: Return -EOPNOTSUPP for unsupported SHM bridge enabling When enabling SHM bridge, QTEE returns 0 and sets error 4 in result to qcom_scm for unsupported platforms. Currently, tzmem interprets this as an unknown error rather than recognizing it as an unsupported platform. Error log: [ 0.177224] qcom_scm firmware:scm: error (____ptrval____): Failed to enable the TrustZone memory allocator [ 0.177244] qcom_scm firmware:scm: probe with driver qcom_scm failed with error 4 To address this, modify the function call qcom_scm_shm_bridge_enable() to remap result to indicate an unsupported error. This way, tzmem will correctly identify it as an unsupported platform case instead of reporting it as an error. Fixes: 178e19c0df1b ("firmware: qcom: scm: add support for SHM bridge operations") Signed-off-by: Qingqing Zhou Co-developed-by: Kuldeep Singh Signed-off-by: Kuldeep Singh Reviewed-by: Bartosz Golaszewski Reviewed-by: Mukesh Ojha Link: https://lore.kernel.org/r/20241022192148.1626633-1-quic_kuldsing@quicinc.com Signed-off-by: Bjorn Andersson commit 82bbe133312b37bbef29f96e56e177ebe240f700 Author: Daniel Borkmann Date: Mon Oct 21 17:28:09 2024 +0200 selftests/bpf: Add test for passing in uninit mtu_len Add a small test to pass an uninitialized mtu_len to the bpf_check_mtu() helper to probe whether the verifier rejects it under !CAP_PERFMON. # ./vmtest.sh -- ./test_progs -t verifier_mtu [...] ./test_progs -t verifier_mtu [ 1.414712] tsc: Refined TSC clocksource calibration: 3407.993 MHz [ 1.415327] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x311fcd52370, max_idle_ns: 440795242006 ns [ 1.416463] clocksource: Switched to clocksource tsc [ 1.429842] bpf_testmod: loading out-of-tree module taints kernel. [ 1.430283] bpf_testmod: module verification failed: signature and/or required key missing - tainting kernel #510/1 verifier_mtu/uninit/mtu: write rejected:OK #510 verifier_mtu:OK Summary: 1/1 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Daniel Borkmann Acked-by: Kumar Kartikeya Dwivedi Link: https://lore.kernel.org/r/20241021152809.33343-5-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit baa802d2aa5c220d82499fd1c81fb735c74729b2 Author: Daniel Borkmann Date: Mon Oct 21 17:28:08 2024 +0200 selftests/bpf: Add test for writes to .rodata Add a small test to write a (verification-time) fixed vs unknown but bounded-sized buffer into .rodata BPF map and assert that both get rejected. # ./vmtest.sh -- ./test_progs -t verifier_const [...] ./test_progs -t verifier_const [ 1.418717] tsc: Refined TSC clocksource calibration: 3407.994 MHz [ 1.419113] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x311fcde90a1, max_idle_ns: 440795222066 ns [ 1.419972] clocksource: Switched to clocksource tsc [ 1.449596] bpf_testmod: loading out-of-tree module taints kernel. [ 1.449958] bpf_testmod: module verification failed: signature and/or required key missing - tainting kernel #475/1 verifier_const/rodata/strtol: write rejected:OK #475/2 verifier_const/bss/strtol: write accepted:OK #475/3 verifier_const/data/strtol: write accepted:OK #475/4 verifier_const/rodata/mtu: write rejected:OK #475/5 verifier_const/bss/mtu: write accepted:OK #475/6 verifier_const/data/mtu: write accepted:OK #475/7 verifier_const/rodata/mark: write with unknown reg rejected:OK #475/8 verifier_const/rodata/mark: write with unknown reg rejected:OK #475 verifier_const:OK #476/1 verifier_const_or/constant register |= constant should keep constant type:OK #476/2 verifier_const_or/constant register |= constant should not bypass stack boundary checks:OK #476/3 verifier_const_or/constant register |= constant register should keep constant type:OK #476/4 verifier_const_or/constant register |= constant register should not bypass stack boundary checks:OK #476 verifier_const_or:OK Summary: 2/12 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Daniel Borkmann Acked-by: Kumar Kartikeya Dwivedi Link: https://lore.kernel.org/r/20241021152809.33343-4-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit 14a3d3ef02ba53447d5112a2641aac0d10dc994f Author: Daniel Borkmann Date: Mon Oct 21 17:28:07 2024 +0200 bpf: Remove MEM_UNINIT from skb/xdp MTU helpers We can now undo parts of 4b3786a6c539 ("bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error") as discussed in [0]. Given the BPF helpers now have MEM_WRITE tag, the MEM_UNINIT can be cleared. The mtu_len is an input as well as output argument, meaning, the BPF program has to set it to something. It cannot be uninitialized. Therefore, allowing uninitialized memory and zeroing it on error would be odd. It was done as an interim step in 4b3786a6c539 as the desired behavior could not have been expressed before the introduction of MEM_WRITE tag. Fixes: 4b3786a6c539 ("bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error") Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/a86eb76d-f52f-dee4-e5d2-87e45de3e16f@iogearbox.net [0] Acked-by: Kumar Kartikeya Dwivedi Link: https://lore.kernel.org/r/20241021152809.33343-3-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit 8ea607330a39184f51737c6ae706db7fdca7628e Author: Daniel Borkmann Date: Mon Oct 21 17:28:06 2024 +0200 bpf: Fix overloading of MEM_UNINIT's meaning Lonial reported an issue in the BPF verifier where check_mem_size_reg() has the following code: if (!tnum_is_const(reg->var_off)) /* For unprivileged variable accesses, disable raw * mode so that the program is required to * initialize all the memory that the helper could * just partially fill up. */ meta = NULL; This means that writes are not checked when the register containing the size of the passed buffer has not a fixed size. Through this bug, a BPF program can write to a map which is marked as read-only, for example, .rodata global maps. The problem is that MEM_UNINIT's initial meaning that "the passed buffer to the BPF helper does not need to be initialized" which was added back in commit 435faee1aae9 ("bpf, verifier: add ARG_PTR_TO_RAW_STACK type") got overloaded over time with "the passed buffer is being written to". The problem however is that checks such as the above which were added later via 06c1c049721a ("bpf: allow helpers access to variable memory") set meta to NULL in order force the user to always initialize the passed buffer to the helper. Due to the current double meaning of MEM_UNINIT, this bypasses verifier write checks to the memory (not boundary checks though) and only assumes the latter memory is read instead. Fix this by reverting MEM_UNINIT back to its original meaning, and having MEM_WRITE as an annotation to BPF helpers in order to then trigger the BPF verifier checks for writing to memory. Some notes: check_arg_pair_ok() ensures that for ARG_CONST_SIZE{,_OR_ZERO} we can access fn->arg_type[arg - 1] since it must contain a preceding ARG_PTR_TO_MEM. For check_mem_reg() the meta argument can be removed altogether since we do check both BPF_READ and BPF_WRITE. Same for the equivalent check_kfunc_mem_size_reg(). Fixes: 7b3552d3f9f6 ("bpf: Reject writes for PTR_TO_MAP_KEY in check_helper_mem_access") Fixes: 97e6d7dab1ca ("bpf: Check PTR_TO_MEM | MEM_RDONLY in check_helper_mem_access") Fixes: 15baa55ff5b0 ("bpf/verifier: allow all functions to read user provided context") Reported-by: Lonial Con Signed-off-by: Daniel Borkmann Acked-by: Kumar Kartikeya Dwivedi Link: https://lore.kernel.org/r/20241021152809.33343-2-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit 6fad274f06f038c29660aa53fbad14241c9fd976 Author: Daniel Borkmann Date: Mon Oct 21 17:28:05 2024 +0200 bpf: Add MEM_WRITE attribute Add a MEM_WRITE attribute for BPF helper functions which can be used in bpf_func_proto to annotate an argument type in order to let the verifier know that the helper writes into the memory passed as an argument. In the past MEM_UNINIT has been (ab)used for this function, but the latter merely tells the verifier that the passed memory can be uninitialized. There have been bugs with overloading the latter but aside from that there are also cases where the passed memory is read + written which currently cannot be expressed, see also 4b3786a6c539 ("bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error"). Signed-off-by: Daniel Borkmann Acked-by: Kumar Kartikeya Dwivedi Link: https://lore.kernel.org/r/20241021152809.33343-1-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit 7c210ca5a2d72868e5a052fc533d5dcb7e070f89 Author: Alex Deucher Date: Fri Oct 18 12:35:51 2024 -0400 drm/amdgpu: handle default profile on on devices without fullscreen 3D Some devices do not support fullscreen 3D. v2: Make the check generic. Fixes: ec1aab7816b0 ("drm/amdgpu/swsmu: default to fullscreen 3D profile for dGPUs") Reviewed-by: Lijo Lazar Signed-off-by: Alex Deucher Cc: Kenneth Feng Cc: Lijo Lazar (cherry picked from commit 1cdd67510e54e3832f14a885dbf5858584558650) commit ba1959f71117b27f3099ee789e0815360b4081dd Author: Mario Limonciello Date: Mon Feb 5 15:12:33 2024 -0600 drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too Stuart Hayhurst has found that both at bootup and fullscreen VA-API video is leading to black screens for around 1 second and kernel WARNING [1] traces when calling dmub_psr_enable() with Parade 08-01 TCON. These symptoms all go away with PSR-SU disabled for this TCON, so disable it for now while DMUB traces [2] from the failure can be analyzed and the failure state properly root caused. Cc: Marc Rossi Cc: Hamza Mahfooz Link: https://gitlab.freedesktop.org/drm/amd/uploads/a832dd515b571ee171b3e3b566e99a13/dmesg.log [1] Link: https://gitlab.freedesktop.org/drm/amd/uploads/8f13ff3b00963c833e23e68aa8116959/output.log [2] Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/2645 Reviewed-by: Leo Li Link: https://lore.kernel.org/r/20240205211233.2601-1-mario.limonciello@amd.com Signed-off-by: Mario Limonciello Signed-off-by: Alex Deucher (cherry picked from commit afb634a6823d8d9db23c5fb04f79c5549349628b) Cc: stable@vger.kernel.org commit 108bc59fe817686a59d2008f217bad38a5cf4427 Author: Frank Min Date: Thu Oct 10 16:41:32 2024 +0800 drm/amdgpu: fix random data corruption for sdma 7 There is random data corruption caused by const fill, this is caused by write compression mode not correctly configured. So correct compression mode for const fill. Signed-off-by: Frank Min Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher (cherry picked from commit 75400f8d6e36afc88d59db8a1f3e4b7d90d836ad) Cc: stable@vger.kernel.org # 6.11.x commit 63feb35cd26557572ad95fc062ede344bb61d9ad Author: Aurabindo Pillai Date: Mon Oct 7 14:19:32 2024 -0400 drm/amd/display: temp w/a for DP Link Layer compliance [Why&How] Disabling P-State support on full updates for DCN401 results in introducing additional communication with SMU. A UCLK hard min message to SMU takes 4 seconds to go through, which was due to DCN not allowing pstate switch, which was caused by incorrect value for TTU watermark before blanking the HUBP prior to DPG on for servicing the test request. Fix the issue temporarily by disallowing pstate changes for compliance test while test request handler is reworked for a proper fix. Fixes: 67ea53a4bd9d ("drm/amd/display: Disable DCN401 UCLK P-State support on full updates") Cc: Mario Limonciello Cc: Alex Deucher Reviewed-by: Dillon Varone Signed-off-by: Aurabindo Pillai Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher (cherry picked from commit 8a79f7cdbb41bb0ddfd4d7662b4428d4a9d5306d) Cc: stable@vger.kernel.org commit 23d16ede33a4db4973468bf6652a09da5efd1468 Author: Aurabindo Pillai Date: Tue Oct 1 18:03:02 2024 -0400 drm/amd/display: temp w/a for dGPU to enter idle optimizations [Why&How] vblank immediate disable currently does not work for all asics. On DCN401, the vblank interrupts never stop coming, and hence we never get a chance to trigger idle optimizations. Add a workaround to enable immediate disable only on APUs for now. This adds a 2-frame delay for triggering idle optimization, which is a negligible overhead. Fixes: 58a261bfc967 ("drm/amd/display: use a more lax vblank enable policy for older ASICs") Fixes: e45b6716de4b ("drm/amd/display: use a more lax vblank enable policy for DCN35+") Cc: Mario Limonciello Cc: Alex Deucher Reviewed-by: Harry Wentland Reviewed-by: Rodrigo Siqueira Signed-off-by: Aurabindo Pillai Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher (cherry picked from commit 9b47278cec98e9894adf39229e91aaf4ab9140c5) Cc: stable@vger.kernel.org commit f67644b219d458d4b314e78f2304b73985390311 Author: Kenneth Feng Date: Thu Oct 17 16:32:22 2024 +0800 drm/amd/pm: update deep sleep status on smu v14.0.2/3 disable deep sleep during the compute workload for the potential performance loss on smu v14.0.2/3 Signed-off-by: Kenneth Feng Reviewed-by: Lijo Lazar Signed-off-by: Alex Deucher (cherry picked from commit 7d9af459f43436452103babb960fd0ecb13c714e) commit f888e3d34b8641a551eba8e0fa26209c5392eec8 Author: Kenneth Feng Date: Thu Oct 17 10:13:41 2024 +0800 drm/amd/pm: update overdrive function on smu v14.0.2/3 update overdrive function on smu v14.0.2/3 Signed-off-by: Kenneth Feng Acked-by: Yang Wang Signed-off-by: Alex Deucher (cherry picked from commit dcf822fca599e4cbc582801222d519b4da82fab5) commit 9515e74d756b6825f6119823d41b437832d89355 Author: Kenneth Feng Date: Wed Oct 16 15:58:45 2024 +0800 drm/amd/pm: update the driver-fw interface file for smu v14.0.2/3 update the driver-fw interface file for smu v14.0.2/3 Signed-off-by: Kenneth Feng Reviewed-by: Yang Wang Signed-off-by: Alex Deucher (cherry picked from commit 0642c95efbdc09efb34dd9f1ac642daa0daa9c2c) commit bf58f03931fdcf7b3c45cb76ac13244477a60f44 Author: Mario Limonciello Date: Fri Oct 11 12:23:15 2024 -0500 drm/amd: Guard against bad data for ATIF ACPI method If a BIOS provides bad data in response to an ATIF method call this causes a NULL pointer dereference in the caller. ``` ? show_regs (arch/x86/kernel/dumpstack.c:478 (discriminator 1)) ? __die (arch/x86/kernel/dumpstack.c:423 arch/x86/kernel/dumpstack.c:434) ? page_fault_oops (arch/x86/mm/fault.c:544 (discriminator 2) arch/x86/mm/fault.c:705 (discriminator 2)) ? do_user_addr_fault (arch/x86/mm/fault.c:440 (discriminator 1) arch/x86/mm/fault.c:1232 (discriminator 1)) ? acpi_ut_update_object_reference (drivers/acpi/acpica/utdelete.c:642) ? exc_page_fault (arch/x86/mm/fault.c:1542) ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623) ? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:387 (discriminator 2)) amdgpu ? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:386 (discriminator 1)) amdgpu ``` It has been encountered on at least one system, so guard for it. Fixes: d38ceaf99ed0 ("drm/amdgpu: add core driver (v4)") Acked-by: Alex Deucher Signed-off-by: Mario Limonciello Signed-off-by: Alex Deucher (cherry picked from commit c9b7c809b89f24e9372a4e7f02d64c950b07fdee) Cc: stable@vger.kernel.org commit 787ade24cc3af4a8ec9498c9cd8a6d47a4d86485 Author: Maya Matuszczyk Date: Sat Oct 19 21:02:15 2024 +0200 arm64: dts: qcom: x1e80100-crd Rename "Twitter" to "Tweeter" This makes the name consistent with both other x1e80100 devices and the dictionary. A UCM fix was merged already and is required in order for sound to work after this commit. Signed-off-by: Maya Matuszczyk Reviewed-by: Konrad Dybcio Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20241019190214.3337-2-maccraft123mc@gmail.com Signed-off-by: Bjorn Andersson commit e7f37a7d16310d3c9474825de26a67f00983ebea Author: Abel Vesa Date: Mon Oct 21 15:46:25 2024 +0300 clk: qcom: gcc-x1e80100: Fix USB MP SS1 PHY GDSC pwrsts flags Allowing these GDSCs to collapse makes the QMP combo PHYs lose their configuration on machine suspend. Currently, the QMP combo PHY driver doesn't reinitialise the HW on resume. Under such conditions, the USB SuperSpeed support is broken. To avoid this, mark the pwrsts flags with RET_ON. This has been already done for USB 0 and 1 SS PHY GDSCs, Do this also for the USB MP SS1 PHY GDSC config. The USB MP SS0 PHY GDSC already has it. Fixes: 161b7c401f4b ("clk: qcom: Add Global Clock controller (GCC) driver for X1E80100") Reviewed-by: Johan Hovold Signed-off-by: Abel Vesa Link: https://lore.kernel.org/r/20241021-x1e80100-clk-gcc-fix-usb-mp-phy-gdsc-pwrsts-flags-v2-1-0bfd64556238@linaro.org Signed-off-by: Bjorn Andersson commit db7e59e6a39a4d3d54ca8197c796557e6d480b0d Author: Krzysztof Kozlowski Date: Sat Oct 12 12:11:08 2024 +0200 ASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc Commit 15c7fab0e047 ("ASoC: qcom: Move Soundwire runtime stream alloc to soundcards") moved the allocation of Soundwire stream runtime from the Qualcomm Soundwire driver to each individual machine sound card driver, except that it forgot to update SC7280 card. Just like for other Qualcomm sound cards using Soundwire, the card driver should allocate and release the runtime. Otherwise sound playback will result in a NULL pointer dereference or other effect of uninitialized memory accesses (which was confirmed on SDM845 having similar issue). Cc: stable@vger.kernel.org Cc: Alexey Klimov Cc: Steev Klimaszewski Fixes: 15c7fab0e047 ("ASoC: qcom: Move Soundwire runtime stream alloc to soundcards") Link: https://lore.kernel.org/r/20241010054109.16938-1-krzysztof.kozlowski@linaro.org Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20241012101108.129476-1-krzysztof.kozlowski@linaro.org Signed-off-by: Mark Brown commit 1f97c03f43fadc407de5b5cb01c07755053e1c22 Author: Hou Tao Date: Tue Oct 22 21:01:33 2024 +0800 bpf: Preserve param->string when parsing mount options In bpf_parse_param(), keep the value of param->string intact so it can be freed later. Otherwise, the kmalloc area pointed to by param->string will be leaked as shown below: unreferenced object 0xffff888118c46d20 (size 8): comm "new_name", pid 12109, jiffies 4295580214 hex dump (first 8 bytes): 61 6e 79 00 38 c9 5c 7e any.8.\~ backtrace (crc e1b7f876): [<00000000c6848ac7>] kmemleak_alloc+0x4b/0x80 [<00000000de9f7d00>] __kmalloc_node_track_caller_noprof+0x36e/0x4a0 [<000000003e29b886>] memdup_user+0x32/0xa0 [<0000000007248326>] strndup_user+0x46/0x60 [<0000000035b3dd29>] __x64_sys_fsconfig+0x368/0x3d0 [<0000000018657927>] x64_sys_call+0xff/0x9f0 [<00000000c0cabc95>] do_syscall_64+0x3b/0xc0 [<000000002f331597>] entry_SYSCALL_64_after_hwframe+0x4b/0x53 Fixes: 6c1752e0b6ca ("bpf: Support symbolic BPF FS delegation mount options") Signed-off-by: Hou Tao Signed-off-by: Andrii Nakryiko Acked-by: Jiri Olsa Link: https://lore.kernel.org/bpf/20241022130133.3798232-1-houtao@huaweicloud.com commit d0ccf760a405d243a49485be0a43bd5b66ed17e2 Author: Georgi Djakov Date: Wed Oct 9 02:16:15 2024 +0300 spi: geni-qcom: Fix boot warning related to pm_runtime and devres During boot, users sometimes observe the following warning: [7.841431] WARNING: CPU: 4 PID: 492 at drivers/interconnect/core.c:685 __icc_enable (drivers/interconnect/core.c:685 (discriminator 7)) [..] [7.841541] Call trace: [7.841542] __icc_enable (drivers/interconnect/core.c:685 (discriminator 7)) [7.841545] icc_disable (drivers/interconnect/core.c:708) [7.841547] geni_icc_disable (drivers/soc/qcom/qcom-geni-se.c:862) [7.841553] spi_geni_runtime_suspend+0x3c/0x4c spi_geni_qcom This occurs when the spi-geni driver receives an -EPROBE_DEFER error from spi_geni_grab_gpi_chan(), causing devres to start releasing all resources as shown below: [7.138679] geni_spi 880000.spi: DEVRES REL ffff800081443800 devm_icc_release (8 bytes) [7.138751] geni_spi 880000.spi: DEVRES REL ffff800081443800 devm_icc_release (8 bytes) [7.138827] geni_spi 880000.spi: DEVRES REL ffff800081443800 pm_runtime_disable_action (16 bytes) [7.139494] geni_spi 880000.spi: DEVRES REL ffff800081443800 devm_pm_opp_config_release (16 bytes) [7.139512] geni_spi 880000.spi: DEVRES REL ffff800081443800 devm_spi_release_controller (8 bytes) [7.139516] geni_spi 880000.spi: DEVRES REL ffff800081443800 devm_clk_release (16 bytes) [7.139519] geni_spi 880000.spi: DEVRES REL ffff800081443800 devm_ioremap_release (8 bytes) [7.139524] geni_spi 880000.spi: DEVRES REL ffff800081443800 devm_region_release (24 bytes) [7.139527] geni_spi 880000.spi: DEVRES REL ffff800081443800 devm_kzalloc_release (22 bytes) [7.139530] geni_spi 880000.spi: DEVRES REL ffff800081443800 devm_pinctrl_release (8 bytes) [7.139539] geni_spi 880000.spi: DEVRES REL ffff800081443800 devm_kzalloc_release (40 bytes) The issue here is that pm_runtime_disable_action() results in a call to spi_geni_runtime_suspend(), which attempts to suspend the device and disable an interconnect path that devm_icc_release() has just released. Resolve this by calling geni_icc_get() before enabling runtime PM. This approach ensures that when devres releases resources in reverse order, it will start with pm_runtime_disable_action(), suspending the device, and then proceed to free the remaining resources. Reported-by: Naresh Kamboju Reported-by: Linux Kernel Functional Testing Closes: https://lore.kernel.org/r/CA+G9fYtsjFtddG8i+k-SpV8U6okL0p4zpsTiwGfNH5GUA8dWAA@mail.gmail.com Fixes: 89e362c883c6 ("spi: geni-qcom: Undo runtime PM changes at driver exit time") Signed-off-by: Georgi Djakov Link: https://patch.msgid.link/20241008231615.430073-1-djakov@kernel.org Signed-off-by: Mark Brown commit 53b9d789df983790015ef04b0283ac5a33917cad Author: Matthieu Buffet Date: Sat Oct 19 17:15:34 2024 +0200 samples/landlock: Clarify option parsing behaviour Clarify the distinction between filesystem variables (mandatory) and all others (optional). For optional variables, explain the difference between unset variables (no access check performed) and empty variables (nothing allowed for lists of allowed paths/ports, or no effect for lists of scopes). List the known LL_SCOPED values and their effect. Signed-off-by: Matthieu Buffet Link: https://lore.kernel.org/r/20241019151534.1400605-4-matthieu@buffet.re [mic: Add a missing colon] Signed-off-by: Mickaël Salaün commit f51e55a0892bd2030c847d4583c12498bb93f812 Author: Matthieu Buffet Date: Sat Oct 19 17:15:33 2024 +0200 samples/landlock: Refactor help message Help message is getting larger with each new supported feature (scopes, and soon UDP). Also the large number of calls to fprintf with environment variables make it hard to read. Refactor it away into a single simpler constant format string. Signed-off-by: Matthieu Buffet Link: https://lore.kernel.org/r/20241019151534.1400605-3-matthieu@buffet.re [mic: Move the small cleanups in the next commit] Signed-off-by: Mickaël Salaün commit 387285530d1d4bdba8c5dff5aeabd8d71638173f Author: Matthieu Buffet Date: Sat Oct 19 17:15:32 2024 +0200 samples/landlock: Fix port parsing in sandboxer If you want to specify that no port can be bind()ed, you would think (looking quickly at both help message and code) that setting LL_TCP_BIND="" would do it. However the code splits on ":" then applies atoi(), which does not allow checking for errors. Passing an empty string returns 0, which is interpreted as "allow bind(0)", which means bind to any ephemeral port. This bug occurs whenever passing an empty string or when leaving a trailing/leading colon, making it impossible to completely deny bind(). To reproduce: export LL_FS_RO="/" LL_FS_RW="" LL_TCP_BIND="" ./sandboxer strace -e bind nc -n -vvv -l -p 0 Executing the sandboxed command... bind(3, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("0.0.0.0")}, 16) = 0 Listening on 0.0.0.0 37629 Use strtoull(3) instead, which allows error checking. Check that the entire string has been parsed correctly without overflows/underflows, but not that the __u64 (the type of struct landlock_net_port_attr.port) is a valid __u16 port: that is already done by the kernel. Fixes: 5e990dcef12e ("samples/landlock: Support TCP restrictions") Signed-off-by: Matthieu Buffet Link: https://lore.kernel.org/r/20241019151534.1400605-2-matthieu@buffet.re Signed-off-by: Mickaël Salaün commit b9a8ecf81066e01e8a3de35517481bc5aa0439e5 Author: Shengjiu Wang Date: Mon Oct 14 13:38:33 2024 +0800 ASoC: fsl_micfil: Add sample rate constraint On some platforms, for example i.MX93, there is only one audio PLL source, so some sample rate can't be supported. If the PLL source is used for 8kHz series rates, then 11kHz series rates can't be supported. So add constraints according to the frequency of available clock sources, then alsa-lib will help to convert the unsupported rate for the driver. Signed-off-by: Shengjiu Wang Link: https://patch.msgid.link/1728884313-6778-1-git-send-email-shengjiu.wang@nxp.com Signed-off-by: Mark Brown commit f54f0d0e2b1f74de85ff02013fa4886e4154aca5 Author: Keith Busch Date: Thu Oct 17 10:45:24 2024 -0700 nvme: enhance cns version checking The number of CNS bits in the command is specific to the nvme spec version compliance. The existing check is not sufficient for possible CNS values the driver uses that may create confusion between host and device, so enhance the check to consider the version and desired CNS value. Reviewed-by: Sagi Grimberg Reviewed-by: Christoph Hellwig Signed-off-by: Keith Busch commit 1d81d85d1a19e50d5237dc67d6b825c34ae13de8 Author: Borislav Petkov (AMD) Date: Mon Oct 21 10:38:21 2024 +0200 x86/microcode/AMD: Split load_microcode_amd() This function should've been split a long time ago because it is used in two paths: 1) On the late loading path, when the microcode is loaded through the request_firmware interface 2) In the save_microcode_in_initrd() path which collects all the microcode patches which are relevant for the current system before the initrd with the microcode container has been jettisoned. In that path, it is not really necessary to iterate over the nodes on a system and match a patch however it didn't cause any trouble so it was left for a later cleanup However, that later cleanup was expedited by the fact that Jens was enabling "Use L3 as a NUMA node" in the BIOS setting in his machine and so this causes the NUMA CPU masks used in cpumask_of_node() to be generated *after* 2) above happened on the first node. Which means, all those masks were funky, wrong, uninitialized and whatnot, leading to explosions when dereffing c->microcode in load_microcode_amd(). So split that function and do only the necessary work needed at each stage. Fixes: 94838d230a6c ("x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID") Reported-by: Jens Axboe Signed-off-by: Borislav Petkov (AMD) Tested-by: Jens Axboe Link: https://lore.kernel.org/r/91194406-3fdf-4e38-9838-d334af538f74@kernel.dk commit 67373ca8404fe57eb1bb4b57f314cff77ce54932 Author: Dave Kleikamp Date: Tue Oct 22 09:40:37 2024 -0500 jfs: Fix sanity check in dbMount MAXAG is a legitimate value for bmp->db_numag Fixes: e63866a47556 ("jfs: fix out-of-bounds in dbNextAG() and diAlloc()") Signed-off-by: Dave Kleikamp commit d1744a4c975b1acbe8b498356d28afbc46c88428 Author: Borislav Petkov (AMD) Date: Mon Oct 21 10:27:52 2024 +0200 x86/microcode/AMD: Pay attention to the stepping dynamically Commit in Fixes changed how a microcode patch is loaded on Zen and newer but the patch matching needs to happen with different rigidity, depending on what is being done: 1) When the patch is added to the patches cache, the stepping must be ignored because the driver still supports different steppings per system 2) When the patch is matched for loading, then the stepping must be taken into account because each CPU needs the patch matching its exact stepping Take care of that by making the matching smarter. Fixes: 94838d230a6c ("x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID") Reported-by: Jens Axboe Signed-off-by: Borislav Petkov (AMD) Tested-by: Jens Axboe Link: https://lore.kernel.org/r/91194406-3fdf-4e38-9838-d334af538f74@kernel.dk commit 75f49c3dc7b7423d3734f2e4dabe3dac8d064338 Author: Yue Haibing Date: Tue Oct 22 17:52:08 2024 +0800 btrfs: fix passing 0 to ERR_PTR in btrfs_search_dir_index_item() The ret may be zero in btrfs_search_dir_index_item() and should not passed to ERR_PTR(). Now btrfs_unlink_subvol() is the only caller to this, reconstructed it to check ERR_PTR(-ENOENT) while ret >= 0. This fixes smatch warnings: fs/btrfs/dir-item.c:353 btrfs_search_dir_index_item() warn: passing zero to 'ERR_PTR' Fixes: 9dcbe16fccbb ("btrfs: use btrfs_for_each_slot in btrfs_search_dir_index_item") CC: stable@vger.kernel.org # 6.1+ Reviewed-by: Johannes Thumshirn Signed-off-by: Yue Haibing Reviewed-by: David Sterba Signed-off-by: David Sterba commit 3c36a72c1d27de6618c1c480c793d9924640f5bb Author: Qu Wenruo Date: Thu Sep 19 20:18:11 2024 +0930 btrfs: reject ro->rw reconfiguration if there are hard ro requirements [BUG] Syzbot reports the following crash: BTRFS info (device loop0 state MCS): disabling free space tree BTRFS info (device loop0 state MCS): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) BTRFS info (device loop0 state MCS): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) Oops: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 RIP: 0010:backup_super_roots fs/btrfs/disk-io.c:1691 [inline] RIP: 0010:write_all_supers+0x97a/0x40f0 fs/btrfs/disk-io.c:4041 Call Trace: btrfs_commit_transaction+0x1eae/0x3740 fs/btrfs/transaction.c:2530 btrfs_delete_free_space_tree+0x383/0x730 fs/btrfs/free-space-tree.c:1312 btrfs_start_pre_rw_mount+0xf28/0x1300 fs/btrfs/disk-io.c:3012 btrfs_remount_rw fs/btrfs/super.c:1309 [inline] btrfs_reconfigure+0xae6/0x2d40 fs/btrfs/super.c:1534 btrfs_reconfigure_for_mount fs/btrfs/super.c:2020 [inline] btrfs_get_tree_subvol fs/btrfs/super.c:2079 [inline] btrfs_get_tree+0x918/0x1920 fs/btrfs/super.c:2115 vfs_get_tree+0x90/0x2b0 fs/super.c:1800 do_new_mount+0x2be/0xb40 fs/namespace.c:3472 do_mount fs/namespace.c:3812 [inline] __do_sys_mount fs/namespace.c:4020 [inline] __se_sys_mount+0x2d6/0x3c0 fs/namespace.c:3997 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f [CAUSE] To support mounting different subvolume with different RO/RW flags for the new mount APIs, btrfs introduced two workaround to support this feature: - Skip mount option/feature checks if we are mounting a different subvolume - Reconfigure the fs to RW if the initial mount is RO Combining these two, we can have the following sequence: - Mount the fs ro,rescue=all,clear_cache,space_cache=v1 rescue=all will mark the fs as hard read-only, so no v2 cache clearing will happen. - Mount a subvolume rw of the same fs. We go into btrfs_get_tree_subvol(), but fc_mount() returns EBUSY because our new fc is RW, different from the original fs. Now we enter btrfs_reconfigure_for_mount(), which switches the RO flag first so that we can grab the existing fs_info. Then we reconfigure the fs to RW. - During reconfiguration, option/features check is skipped This means we will restart the v2 cache clearing, and convert back to v1 cache. This will trigger fs writes, and since the original fs has "rescue=all" option, it skips the csum tree read. And eventually causing NULL pointer dereference in super block writeback. [FIX] For reconfiguration caused by different subvolume RO/RW flags, ensure we always run btrfs_check_options() to ensure we have proper hard RO requirements met. In fact the function btrfs_check_options() doesn't really do many complex checks, but hard RO requirement and some feature dependency checks, thus there is no special reason not to do the check for mount reconfiguration. Reported-by: syzbot+56360f93efa90ff15870@syzkaller.appspotmail.com Link: https://lore.kernel.org/linux-btrfs/0000000000008c5d090621cb2770@google.com/ Fixes: f044b318675f ("btrfs: handle the ro->rw transition for mounting different subvolumes") CC: stable@vger.kernel.org # 6.8+ Reviewed-by: Johannes Thumshirn Signed-off-by: Qu Wenruo Signed-off-by: David Sterba commit 7a2339058ed71f54c1e12e1b3c25aab1b1ba7943 Author: Boris Burkov Date: Fri Oct 18 15:44:34 2024 -0700 btrfs: fix read corruption due to race with extent map merging In debugging some corrupt squashfs files, we observed symptoms of corrupt page cache pages but correct on-disk contents. Further investigation revealed that the exact symptom was a correct page followed by an incorrect, duplicate, page. This got us thinking about extent maps. commit ac05ca913e9f ("Btrfs: fix race between using extent maps and merging them") enforces a reference count on the primary `em` extent_map being merged, as that one gets modified. However, since, commit 3d2ac9922465 ("btrfs: introduce new members for extent_map") both 'em' and 'merge' get modified, which started modifying 'merge' and thus introduced the same race. We were able to reproduce this by looping the affected squashfs workload in parallel on a bunch of separate btrfs-es while also dropping caches. We are still working on a simple enough reproducer to make into an fstest. The simplest fix is to stop modifying 'merge', which is not essential, as it is dropped immediately after the merge. This behavior is simply a consequence of the order of the two extent maps being important in computing the new values. Modify merge_ondisk_extents to take prev and next by const* and also take a third merged parameter that it puts the results in. Note that this introduces the rather odd behavior of passing 'em' to merge_ondisk_extents as a const * and as a regular ptr. Fixes: 3d2ac9922465 ("btrfs: introduce new members for extent_map") CC: stable@vger.kernel.org # 6.11+ Reviewed-by: Qu Wenruo Reviewed-by: Filipe Manana Signed-off-by: Omar Sandoval Signed-off-by: Boris Burkov Signed-off-by: David Sterba commit f10f59f91a6278e9637327d1206140d28e2d5004 Author: Qu Wenruo Date: Wed Oct 9 09:37:03 2024 +1030 btrfs: fix the delalloc range locking if sector size < page size Inside lock_delalloc_folios(), there are several problems related to sector size < page size handling: - Set the writer locks without checking if the folio is still valid We call btrfs_folio_start_writer_lock() just like it's folio_lock(). But since the folio may not even be the folio of the current mapping, we can easily screw up the folio->private. - The range is not clamped inside the page This means we can over write other bitmaps if the start/len is not properly handled, and trigger the btrfs_subpage_assert(). - @processed_end is always rounded up to page end If the delalloc range is not page aligned, and we need to retry (returning -EAGAIN), then we will unlock to the page end. Thankfully this is not a huge problem, as now btrfs_folio_end_writer_lock() can handle range larger than the locked range, and only unlock what is already locked. Fix all these problems by: - Lock and check the folio first, then call btrfs_folio_set_writer_lock() So that if we got a folio not belonging to the inode, we won't touch folio->private. - Properly truncate the range inside the page - Update @processed_end to the locked range end Fixes: 1e1de38792e0 ("btrfs: make process_one_page() to handle subpage locking") CC: stable@vger.kernel.org # 6.1+ Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit 5f9062a48db260fd6b53d86ecfb4d5dc59266316 Author: Qu Wenruo Date: Tue Sep 10 15:21:04 2024 +0930 btrfs: qgroup: set a more sane default value for subtree drop threshold Since commit 011b46c30476 ("btrfs: skip subtree scan if it's too high to avoid low stall in btrfs_commit_transaction()"), btrfs qgroup can automatically skip large subtree scan at the cost of marking qgroup inconsistent. It's designed to address the final performance problem of snapshot drop with qgroup enabled, but to be safe the default value is BTRFS_MAX_LEVEL, requiring a user space daemon to set a different value to make it work. I'd say it's not a good idea to rely on user space tool to set this default value, especially when some operations (snapshot dropping) can be triggered immediately after mount, leaving a very small window to that that sysfs interface. So instead of disabling this new feature by default, enable it with a low threshold (3), so that large subvolume tree drop at mount time won't cause huge qgroup workload. CC: stable@vger.kernel.org # 6.1 Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit 3510e684b8f6a569c2f8b86870da116e2ffeec2d Author: Filipe Manana Date: Mon Oct 14 16:14:18 2024 +0100 btrfs: clear force-compress on remount when compress mount option is given After the migration to use fs context for processing mount options we had a slight change in the semantics for remounting a filesystem that was mounted with compress-force. Before we could clear compress-force by passing only "-o compress[=algo]" during a remount, but after that change that does not work anymore, force-compress is still present and one needs to pass "-o compress-force=no,compress[=algo]" to the mount command. Example, when running on a kernel 6.8+: $ mount -o compress-force=zlib:9 /dev/sdi /mnt/sdi $ mount | grep sdi /dev/sdi on /mnt/sdi type btrfs (rw,relatime,compress-force=zlib:9,discard=async,space_cache=v2,subvolid=5,subvol=/) $ mount -o remount,compress=zlib:5 /mnt/sdi $ mount | grep sdi /dev/sdi on /mnt/sdi type btrfs (rw,relatime,compress-force=zlib:5,discard=async,space_cache=v2,subvolid=5,subvol=/) On a 6.7 kernel (or older): $ mount -o compress-force=zlib:9 /dev/sdi /mnt/sdi $ mount | grep sdi /dev/sdi on /mnt/sdi type btrfs (rw,relatime,compress-force=zlib:9,discard=async,space_cache=v2,subvolid=5,subvol=/) $ mount -o remount,compress=zlib:5 /mnt/sdi $ mount | grep sdi /dev/sdi on /mnt/sdi type btrfs (rw,relatime,compress=zlib:5,discard=async,space_cache=v2,subvolid=5,subvol=/) So update btrfs_parse_param() to clear "compress-force" when "compress" is given, providing the same semantics as kernel 6.7 and older. Reported-by: Roman Mamedov Link: https://lore.kernel.org/linux-btrfs/20241014182416.13d0f8b0@nvm/ CC: stable@vger.kernel.org # 6.8+ Signed-off-by: Filipe Manana Reviewed-by: David Sterba Signed-off-by: David Sterba commit 655c6c1b7afe6d29f386f415594ee643e5e3d755 Author: Hsin-Te Yuan Date: Wed Oct 16 14:17:14 2024 +0000 drm/mediatek: Fix color format MACROs in OVL In commit 9f428b95ac89 ("drm/mediatek: Add new color format MACROs in OVL"), some new color formats are defined in the MACROs to make the switch statement more concise. That commit was intended to be a no-op cleanup. However, there are typos in these formats MACROs, which cause the return value to be incorrect. Fix the typos to ensure the return value remains unchanged. Fixes: 9f428b95ac89 ("drm/mediatek: Add new color format MACROs in OVL") Reviewed-by: Douglas Anderson Reviewed-by: Matthias Brugger Signed-off-by: Hsin-Te Yuan Reviewed-by: AngeloGioacchino Del Regno Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20241016-color-v3-1-e0f5f44a72d8@chromium.org/ Signed-off-by: Chun-Kuang Hu commit e6411bf2aea87aa3fdf74c7bce37db3d975ab026 Author: Jason-JH.Lin Date: Wed Oct 9 11:46:46 2024 +0800 drm/mediatek: Add blend_modes to mtk_plane_init() for different SoCs Since some SoCs support premultiplied pixel formats but some do not, the blend_modes parameter is added to mtk_plane_init(), which is obtained from the mtk_ddp_comp_get_blend_modes function implemented in different blending supported components. The blending supported components can use driver data to set the blend mode capabilities for different SoCs. Signed-off-by: Jason-JH.Lin Reviewed-by: AngeloGioacchino Del Regno Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20241009034646.13143-6-jason-jh.lin@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit 333ab43616ff46694b46b4137acd0e19dc291a7f Author: Jason-JH.Lin Date: Wed Oct 9 11:46:45 2024 +0800 drm/mediatek: ovl: Add blend_modes to driver data OVL_CON_CLRFMT_MAN is a configuration for extending color format settings of DISP_REG_OVL_CON(n). It will change some of the original color format settings. Take the settings of (3 << 12) for example. - If OVL_CON_CLRFMT_MAN = 0 means OVL_CON_CLRFMT_RGBA8888. - If OVL_CON_CLRFMT_MAN = 1 means OVL_CON_CLRFMT_PARGB8888. Since previous SoCs did not support OVL_CON_CLRFMT_MAN, this means that the SoC does not support the premultiplied color format. It will break the original color format setting of MT8173. Therefore, the blend_modes is added to the driver data and then mtk_ovl_fmt_convert() will check the blend_modes to see if pre-multiplied is supported in the current platform. If it is not supported, use coverage mode to set it to the supported color formats to solve the degradation problem. Fixes: a3f7f7ef4bfe ("drm/mediatek: Support "Pre-multiplied" blending in OVL") Signed-off-by: Jason-JH.Lin Reviewed-by: AngeloGioacchino Del Regno Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20241009034646.13143-5-jason-jh.lin@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit 41607c3ceb0e527e0985387bc41bbf291dc9a3d8 Author: Jason-JH.Lin Date: Wed Oct 9 11:46:44 2024 +0800 drm/mediatek: ovl: Remove the color format comment for ovl_fmt_convert() Since we changed MACROs to be consistent with DRM input color format naming, the comment for ovl_fmt_conver() is no longer needed. Fixes: 9f428b95ac89 ("drm/mediatek: Add new color format MACROs in OVL") Signed-off-by: Jason-JH.Lin Reviewed-by: CK Hu Reviewed-by: AngeloGioacchino Del Regno Link: https://patchwork.kernel.org/project/dri-devel/patch/20241009034646.13143-4-jason-jh.lin@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit 28fbc3293f034f3d148bb0bc433114db493657b8 Author: Jason-JH.Lin Date: Wed Oct 9 11:46:43 2024 +0800 drm/mediatek: ovl: Refine ignore_pixel_alpha comment and placement Refine the comment for ignore_pixel_alpha flag and move it to if(state->fb) statement to make it less conditional. Signed-off-by: Jason-JH.Lin Reviewed-by: AngeloGioacchino Del Regno Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20241009034646.13143-3-jason-jh.lin@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit 995d4d558eea79f8d2e8e46d0914c3940b7463ac Author: Jason-JH.Lin Date: Wed Oct 9 11:46:42 2024 +0800 drm/mediatek: ovl: Fix XRGB format breakage for blend_modes unsupported SoCs OVL_CON_AEN is for alpha blending enable. For the SoC that is supported the blend_modes, OVL_CON_AEN will always enabled to use constant alpha and then use the ignore_pixel_alpha bit to do the alpha blending for XRGB8888 format. Note that ignore pixel alpha bit is not supported if the SoC is not supported the blend_modes. So it will break the original setting of XRGB8888 format for the blend_modes unsupported SoCs, such as MT8173. To fix the downgrade issue, enable alpha blending only when a valid blend_mode or has_alpha is set. Fixes: bc46eb5d5d77 ("drm/mediatek: Support DRM plane alpha in OVL") Signed-off-by: Jason-JH.Lin Reviewed-by: CK Hu Reviewed-by: AngeloGioacchino Del Regno Link: https://patchwork.kernel.org/project/dri-devel/patch/20241009034646.13143-2-jason-jh.lin@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit 4a201dcfa1ff0dcfe4348c40f3ad8bd68b97eb6c Author: Christoph Hellwig Date: Mon Oct 14 08:04:55 2024 +0200 xfs: update the pag for the last AG at recovery time Currently log recovery never updates the in-core perag values for the last allocation group when they were grown by growfs. This leads to btree record validation failures for the alloc, ialloc or finotbt trees if a transaction references this new space. Found by Brian's new growfs recovery stress test. Signed-off-by: Christoph Hellwig Reviewed-by: Brian Foster Signed-off-by: Carlos Maiolino commit 069cf5e32b700f94c6ac60f6171662bdfb04f325 Author: Christoph Hellwig Date: Mon Oct 14 08:04:54 2024 +0200 xfs: don't use __GFP_RETRY_MAYFAIL in xfs_initialize_perag __GFP_RETRY_MAYFAIL increases the likelyhood of allocations to fail, which isn't really helpful during log recovery. Remove the flag and stick to the default GFP_KERNEL policies. Signed-off-by: Christoph Hellwig Reviewed-by: Brian Foster Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit b882b0f8138ffa935834e775953f1630f89bbb62 Author: Christoph Hellwig Date: Mon Oct 14 08:04:53 2024 +0200 xfs: error out when a superblock buffer update reduces the agcount XFS currently does not support reducing the agcount, so error out if a logged sb buffer tries to shrink the agcount. Signed-off-by: Christoph Hellwig Reviewed-by: Brian Foster Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit 6a18765b54e2e52aebcdb84c3b4f4d1f7cb2c0ca Author: Christoph Hellwig Date: Mon Oct 14 08:04:52 2024 +0200 xfs: update the file system geometry after recoverying superblock buffers Primary superblock buffers that change the file system geometry after a growfs operation can affect the operation of later CIL checkpoints that make use of the newly added space and allocation groups. Apply the changes to the in-memory structures as part of recovery pass 2, to ensure recovery works fine for such cases. In the future we should apply the logic to other updates such as features bits as well. Signed-off-by: Christoph Hellwig Reviewed-by: Brian Foster Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit aa67ec6a25617e36eba4fb28a88159f500a6cac6 Author: Christoph Hellwig Date: Mon Oct 14 08:04:51 2024 +0200 xfs: merge the perag freeing helpers There is no good reason to have two different routines for freeing perag structures for the unmount and error cases. Add two arguments to specify the range of AGs to free to xfs_free_perag, and use that to replace xfs_free_unused_perag_range. The addition RCU grace period for the error case is harmless, and the extra check for the AG to actually exist is not required now that the callers pass the exact known allocated range. Signed-off-by: Christoph Hellwig Reviewed-by: Brian Foster Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit 82742f8c3f1a93787a05a00aca50c2a565231f84 Author: Christoph Hellwig Date: Mon Oct 14 08:04:50 2024 +0200 xfs: pass the exact range to initialize to xfs_initialize_perag Currently only the new agcount is passed to xfs_initialize_perag, which requires lookups of existing AGs to skip them and complicates error handling. Also pass the previous agcount so that the range that xfs_initialize_perag operates on is exactly defined. That way the extra lookups can be avoided, and error handling can clean up the exact range from the old count to the last added perag structure. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Reviewed-by: Brian Foster Signed-off-by: Carlos Maiolino commit af8512c5277d17aae09be5305daa9118d2fa8881 Author: Darrick J. Wong Date: Thu Oct 17 11:58:10 2024 -0700 xfs: don't fail repairs on metadata files with no attr fork Fix a minor bug where we fail repairs on metadata files that do not have attr forks because xrep_metadata_inode_subtype doesn't filter ENOENT. Cc: stable@vger.kernel.org # v6.8 Fixes: 5a8e07e799721b ("xfs: repair the inode core and forks of a metadata inode") Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig Signed-off-by: Carlos Maiolino commit 8a7d12d674ac6f2147c18f36d1e15f1a48060edf Author: Oliver Neukum Date: Thu Oct 17 09:18:37 2024 +0200 net: usb: usbnet: fix name regression The fix for MAC addresses broke detection of the naming convention because it gave network devices no random MAC before bind() was called. This means that the check for the local assignment bit was always negative as the address was zeroed from allocation, instead of from overwriting the MAC with a unique hardware address. The correct check for whether bind() has altered the MAC is done with is_zero_ether_addr Signed-off-by: Oliver Neukum Reported-by: Greg Thelen Diagnosed-by: John Sperbeck Fixes: bab8eb0dd4cb9 ("usbnet: modern method to get random MAC") Link: https://patch.msgid.link/20241017071849.389636-1-oneukum@suse.com Signed-off-by: Paolo Abeni commit f7b4cf0306bbea500a613e4b618576452c1df4ba Author: Yuan Can Date: Thu Oct 17 10:32:23 2024 +0800 mlxsw: spectrum_router: fix xa_store() error checking It is meant to use xa_err() to extract the error encoded in the return value of xa_store(). Fixes: 44c2fbebe18a ("mlxsw: spectrum_router: Share nexthop counters in resilient groups") Signed-off-by: Yuan Can Reviewed-by: Petr Machata Reviewed-by: Przemek Kitszel Tested-by: Petr Machata Link: https://patch.msgid.link/20241017023223.74180-1-yuancan@huawei.com Signed-off-by: Paolo Abeni commit fa287557e6d41ee224ab82baa73b538e6031b0ed Merge: d95d9a31aceb20 306ed1728e8438 Author: Paolo Abeni Date: Tue Oct 22 12:43:42 2024 +0200 Merge tag 'nf-24-10-21' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf Pablo Neira Ayuso says: ==================== This patchset contains Netfilter fixes for net: 1) syzkaller managed to triger UaF due to missing reference on netns in bpf infrastructure, from Florian Westphal. 2) Fix incorrect conversion from NFPROTO_UNSPEC to NFPROTO_{IPV4,IPV6} in the following xtables targets: MARK and NFLOG. Moreover, add missing I have my half share in this mistake, I did not take the necessary time to review this: For several years I have been struggling to keep working on Netfilter, juggling a myriad of side consulting projects to stop burning my own savings. I have extended the iptables-tests.py test infrastructure to improve the coverage of ip6tables and detect similar problems in the future. This is a v2 including a extended PR with one more fix. netfilter pull request 24-10-21 * tag 'nf-24-10-21' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: netfilter: xtables: fix typo causing some targets not to load on IPv6 netfilter: bpf: must hold reference on net namespace ==================== Link: https://patch.msgid.link/20241021094536.81487-1-pablo@netfilter.org Signed-off-by: Paolo Abeni commit a0a18e91eb3a6ef75a6de69dc00f206b913e3848 Author: Cristian Marussi Date: Mon Oct 21 18:15:44 2024 +0100 firmware: arm_scmi: Reject clear channel request on A2P The clear channel transport operation is supposed to be called exclusively on the P2A channel from the agent, since it relinquishes the ownership of the channel to the platform, after this latter has initiated some sort of P2A communication. Make sure that, if it is ever called on a A2P, is logged and ignored. Signed-off-by: Cristian Marussi Reviewed-by: Florian Fainelli Message-Id: <20241021171544.2579551-1-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit 295416091e44806760ccf753aeafdafc0ae268f3 Author: Xinqi Zhang Date: Wed Oct 16 14:13:38 2024 +0800 firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() The scmi_dev->name is released prematurely in __scmi_device_destroy(), which causes slab-use-after-free when accessing scmi_dev->name in scmi_bus_notifier(). So move the release of scmi_dev->name to scmi_device_release() to avoid slab-use-after-free. | BUG: KASAN: slab-use-after-free in strncmp+0xe4/0xec | Read of size 1 at addr ffffff80a482bcc0 by task swapper/0/1 | | CPU: 1 PID: 1 Comm: swapper/0 Not tainted 6.6.38-debug #1 | Hardware name: Qualcomm Technologies, Inc. SA8775P Ride (DT) | Call trace: | dump_backtrace+0x94/0x114 | show_stack+0x18/0x24 | dump_stack_lvl+0x48/0x60 | print_report+0xf4/0x5b0 | kasan_report+0xa4/0xec | __asan_report_load1_noabort+0x20/0x2c | strncmp+0xe4/0xec | scmi_bus_notifier+0x5c/0x54c | notifier_call_chain+0xb4/0x31c | blocking_notifier_call_chain+0x68/0x9c | bus_notify+0x54/0x78 | device_del+0x1bc/0x840 | device_unregister+0x20/0xb4 | __scmi_device_destroy+0xac/0x280 | scmi_device_destroy+0x94/0xd0 | scmi_chan_setup+0x524/0x750 | scmi_probe+0x7fc/0x1508 | platform_probe+0xc4/0x19c | really_probe+0x32c/0x99c | __driver_probe_device+0x15c/0x3c4 | driver_probe_device+0x5c/0x170 | __driver_attach+0x1c8/0x440 | bus_for_each_dev+0xf4/0x178 | driver_attach+0x3c/0x58 | bus_add_driver+0x234/0x4d4 | driver_register+0xf4/0x3c0 | __platform_driver_register+0x60/0x88 | scmi_driver_init+0xb0/0x104 | do_one_initcall+0xb4/0x664 | kernel_init_freeable+0x3c8/0x894 | kernel_init+0x24/0x1e8 | ret_from_fork+0x10/0x20 | | Allocated by task 1: | kasan_save_stack+0x2c/0x54 | kasan_set_track+0x2c/0x40 | kasan_save_alloc_info+0x24/0x34 | __kasan_kmalloc+0xa0/0xb8 | __kmalloc_node_track_caller+0x6c/0x104 | kstrdup+0x48/0x84 | kstrdup_const+0x34/0x40 | __scmi_device_create.part.0+0x8c/0x408 | scmi_device_create+0x104/0x370 | scmi_chan_setup+0x2a0/0x750 | scmi_probe+0x7fc/0x1508 | platform_probe+0xc4/0x19c | really_probe+0x32c/0x99c | __driver_probe_device+0x15c/0x3c4 | driver_probe_device+0x5c/0x170 | __driver_attach+0x1c8/0x440 | bus_for_each_dev+0xf4/0x178 | driver_attach+0x3c/0x58 | bus_add_driver+0x234/0x4d4 | driver_register+0xf4/0x3c0 | __platform_driver_register+0x60/0x88 | scmi_driver_init+0xb0/0x104 | do_one_initcall+0xb4/0x664 | kernel_init_freeable+0x3c8/0x894 | kernel_init+0x24/0x1e8 | ret_from_fork+0x10/0x20 | | Freed by task 1: | kasan_save_stack+0x2c/0x54 | kasan_set_track+0x2c/0x40 | kasan_save_free_info+0x38/0x5c | __kasan_slab_free+0xe8/0x164 | __kmem_cache_free+0x11c/0x230 | kfree+0x70/0x130 | kfree_const+0x20/0x40 | __scmi_device_destroy+0x70/0x280 | scmi_device_destroy+0x94/0xd0 | scmi_chan_setup+0x524/0x750 | scmi_probe+0x7fc/0x1508 | platform_probe+0xc4/0x19c | really_probe+0x32c/0x99c | __driver_probe_device+0x15c/0x3c4 | driver_probe_device+0x5c/0x170 | __driver_attach+0x1c8/0x440 | bus_for_each_dev+0xf4/0x178 | driver_attach+0x3c/0x58 | bus_add_driver+0x234/0x4d4 | driver_register+0xf4/0x3c0 | __platform_driver_register+0x60/0x88 | scmi_driver_init+0xb0/0x104 | do_one_initcall+0xb4/0x664 | kernel_init_freeable+0x3c8/0x894 | kernel_init+0x24/0x1e8 | ret_from_fork+0x10/0x20 Fixes: ee7a9c9f67c5 ("firmware: arm_scmi: Add support for multiple device per protocol") Signed-off-by: Xinqi Zhang Reviewed-by: Cristian Marussi Reviewed-by: Bjorn Andersson Message-Id: <20241016-fix-arm-scmi-slab-use-after-free-v2-1-1783685ef90d@quicinc.com> Signed-off-by: Sudeep Holla commit 7e336a6c15ec7675adc1b376ca176ab013642098 Author: Bartosz Golaszewski Date: Thu Oct 17 09:18:35 2024 +0200 MAINTAINERS: add a keyword entry for the GPIO subsystem Every now and then - despite being clearly documented as deprecated - the legacy GPIO API is being used in some new drivers in the kernel. Add a keyword pattern matching the unwanted functions so that I get Cc'ed anytime they're being used and get the chance to object. Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20241017071835.19069-1-brgl@bgdev.pl Signed-off-by: Bartosz Golaszewski commit aff1871bfc81e9dffa7d2a77e67cc5441cc37f81 Author: Viktor Malik Date: Mon Aug 26 08:07:18 2024 +0200 objpool: fix choosing allocation for percpu slots objpool intends to use vmalloc for default (non-atomic) allocations of percpu slots and objects. However, the condition checking if GFP flags set any bit of GFP_ATOMIC is wrong b/c GFP_ATOMIC is a combination of bits (__GFP_HIGH|__GFP_KSWAPD_RECLAIM) and so `pool->gfp & GFP_ATOMIC` will be true if either bit is set. Since GFP_ATOMIC and GFP_KERNEL share the ___GFP_KSWAPD_RECLAIM bit, kmalloc will be used in cases when GFP_KERNEL is specified, i.e. in all current usages of objpool. This may lead to unexpected OOM errors since kmalloc cannot allocate large amounts of memory. For instance, objpool is used by fprobe rethook which in turn is used by BPF kretprobe.multi and kprobe.session probe types. Trying to attach these to all kernel functions with libbpf using SEC("kprobe.session/*") int kprobe(struct pt_regs *ctx) { [...] } fails on objpool slot allocation with ENOMEM. Fix the condition to truly use vmalloc by default. Link: https://lore.kernel.org/all/20240826060718.267261-1-vmalik@redhat.com/ Fixes: b4edb8d2d464 ("lib: objpool added: ring-array based lockless MPMC") Signed-off-by: Viktor Malik Acked-by: Andrii Nakryiko Reviewed-by: Matt Wu Signed-off-by: Masami Hiramatsu (Google) commit 4fbb73416b10778adfd2c1319e9c5829780d8535 Author: Marek Vasut Date: Thu Oct 17 05:11:20 2024 +0200 arm64: dts: imx8mp-phyboard-pollux: Set Video PLL1 frequency to 506.8 MHz The LVDS panel on this device uses 72.4 MHz pixel clock, set IMX8MP_VIDEO_PLL1 to 72.4 * 7 = 506.8 MHz so the LDB serializer and LCDIFv3 scanout engine can reach accurate pixel clock of exactly 72.4 MHz. Without this patch, the Video PLL1 frequency is the default set in imx8mp.dtsi which is 1039.5 MHz, which divides down to inaccurate pixel clock of 74.25 MHz which works for this particular panel by sheer chance. Stop taking that chance and set correct accurate pixel clock frequency instead. Fixes: 326d86e197fc ("arm64: dts: imx8mp-phyboard-pollux-rdk: add etml panel support") Reported-by: Isaac Scott Signed-off-by: Marek Vasut Reviewed-by: Yannic Moog Tested-by: Yannic Moog Signed-off-by: Shawn Guo commit eab6ba2aa3bbaf598a66e31f709bf84b7bb7dc8a Author: Peng Fan Date: Sat Oct 12 10:52:21 2024 +0800 arm64: dts: imx8mp: correct sdhc ipg clk The ipg clk for sdhc sources from IPG_CLK_ROOT per i.MX 8M Plus Applications Processor Reference Manual, Table 5-2. System Clocks. Fixes: 6d9b8d20431f ("arm64: dts: freescale: Add i.MX8MP dtsi support") Signed-off-by: Peng Fan Reviewed-by: Fabio Estevam Signed-off-by: Shawn Guo commit c2ee9f594da826bea183ed14f2cc029c719bf4da Author: Mark Brown Date: Mon Oct 21 23:11:40 2024 +0100 KVM: selftests: Fix build on on non-x86 architectures Commit 9a400068a158 ("KVM: selftests: x86: Avoid using SSE/AVX instructions") unconditionally added -march=x86-64-v2 to the CFLAGS used to build the KVM selftests which does not work on non-x86 architectures: cc1: error: unknown value ‘x86-64-v2’ for ‘-march’ Fix this by making the addition of this x86 specific command line flag conditional on building for x86. Fixes: 9a400068a158 ("KVM: selftests: x86: Avoid using SSE/AVX instructions") Signed-off-by: Mark Brown Signed-off-by: Linus Torvalds commit a360f311f57a36e96d88fa8086b749159714dcd2 Author: Linus Torvalds Date: Mon Oct 21 11:57:38 2024 -0700 9p: fix slab cache name creation for real This was attempted by using the dev_name in the slab cache name, but as Omar Sandoval pointed out, that can be an arbitrary string, eg something like "/dev/root". Which in turn trips verify_dirent_name(), which fails if a filename contains a slash. So just make it use a sequence counter, and make it an atomic_t to avoid any possible races or locking issues. Reported-and-tested-by: Omar Sandoval Link: https://lore.kernel.org/all/ZxafcO8KWMlXaeWE@telecaster.dhcp.thefacebook.com/ Fixes: 79efebae4afc ("9p: Avoid creating multiple slab caches with the same name") Acked-by: Vlastimil Babka Cc: Dominique Martinet Cc: Thorsten Leemhuis Signed-off-by: Linus Torvalds commit 3267cb6d3a174ff83d6287dcd5b0047bbd912452 Author: Pawan Gupta Date: Tue Jan 23 19:55:21 2024 -0800 x86/lam: Disable ADDRESS_MASKING in most cases Linear Address Masking (LAM) has a weakness related to transient execution as described in the SLAM paper[1]. Unless Linear Address Space Separation (LASS) is enabled this weakness may be exploitable. Until kernel adds support for LASS[2], only allow LAM for COMPILE_TEST, or when speculation mitigations have been disabled at compile time, otherwise keep LAM disabled. There are no processors in market that support LAM yet, so currently nobody is affected by this issue. [1] SLAM: https://download.vusec.net/papers/slam_sp24.pdf [2] LASS: https://lore.kernel.org/lkml/20230609183632.48706-1-alexander.shishkin@linux.intel.com/ [ dhansen: update SPECULATION_MITIGATIONS -> CPU_MITIGATIONS ] Signed-off-by: Pawan Gupta Signed-off-by: Dave Hansen Reviewed-by: Sohil Mehta Acked-by: Kirill A. Shutemov Cc:stable@vger.kernel.org Link: https://lore.kernel.org/all/5373262886f2783f054256babdf5a98545dc986b.1706068222.git.pawan.kumar.gupta%40linux.intel.com commit dad2f20715163e80aab284fb092efc8c18bf97c7 Author: Daniel Burgener Date: Tue Oct 15 13:26:46 2024 -0400 landlock: Fix grammar issues in documentation Improve user space and kernel documentation. Signed-off-by: Daniel Burgener Link: https://lore.kernel.org/r/20241015172647.2007644-1-dburgener@linux.microsoft.com [mic: Extend commit message, reword ptrace restriction as discussed in the thread] Signed-off-by: Mickaël Salaün commit d129377639907fce7e0a27990e590e4661d3ee02 Merge: c1bc09d7bfcbe9 e9001a382fa2c2 Author: Linus Torvalds Date: Mon Oct 21 11:22:04 2024 -0700 Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm Pull kvm fixes from Paolo Bonzini: "ARM64: - Fix the guest view of the ID registers, making the relevant fields writable from userspace (affecting ID_AA64DFR0_EL1 and ID_AA64PFR1_EL1) - Correcly expose S1PIE to guests, fixing a regression introduced in 6.12-rc1 with the S1POE support - Fix the recycling of stage-2 shadow MMUs by tracking the context (are we allowed to block or not) as well as the recycling state - Address a couple of issues with the vgic when userspace misconfigures the emulation, resulting in various splats. Headaches courtesy of our Syzkaller friends - Stop wasting space in the HYP idmap, as we are dangerously close to the 4kB limit, and this has already exploded in -next - Fix another race in vgic_init() - Fix a UBSAN error when faking the cache topology with MTE enabled RISCV: - RISCV: KVM: use raw_spinlock for critical section in imsic x86: - A bandaid for lack of XCR0 setup in selftests, which causes trouble if the compiler is configured to have x86-64-v3 (with AVX) as the default ISA. Proper XCR0 setup will come in the next merge window. - Fix an issue where KVM would not ignore low bits of the nested CR3 and potentially leak up to 31 bytes out of the guest memory's bounds - Fix case in which an out-of-date cached value for the segments could by returned by KVM_GET_SREGS. - More cleanups for KVM_X86_QUIRK_SLOT_ZAP_ALL - Override MTRR state for KVM confidential guests, making it WB by default as is already the case for Hyper-V guests. Generic: - Remove a couple of unused functions" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (27 commits) RISCV: KVM: use raw_spinlock for critical section in imsic KVM: selftests: Fix out-of-bounds reads in CPUID test's array lookups KVM: selftests: x86: Avoid using SSE/AVX instructions KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() KVM: x86: Clean up documentation for KVM_X86_QUIRK_SLOT_ZAP_ALL KVM: x86/mmu: Add lockdep assert to enforce safe usage of kvm_unmap_gfn_range() KVM: x86/mmu: Zap only SPs that shadow gPTEs when deleting memslot x86/kvm: Override default caching mode for SEV-SNP and TDX KVM: Remove unused kvm_vcpu_gfn_to_pfn_atomic KVM: Remove unused kvm_vcpu_gfn_to_pfn KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration KVM: arm64: vgic: Don't check for vgic_ready() when setting NR_IRQS KVM: arm64: Fix shift-out-of-bounds bug KVM: arm64: Shave a few bytes from the EL2 idmap code KVM: arm64: Don't eagerly teardown the vgic on init error KVM: arm64: Expose S1PIE to guests KVM: arm64: nv: Clarify safety of allowing TLBI unmaps to reschedule KVM: arm64: nv: Punt stage-2 recycling to a vCPU request KVM: arm64: nv: Do not block when unmapping stage-2 if disallowed ... commit c1bc09d7bfcbe90c6df3a630ec1fb0fcd4799236 Merge: 7166c32651fa2a 373b9338c9722a Author: Linus Torvalds Date: Mon Oct 21 11:08:05 2024 -0700 Merge tag 'probes-fixes-v6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull uprobe fix from Masami Hiramatsu: - uprobe: avoid out-of-bounds memory access of fetching args Uprobe trace events can cause out-of-bounds memory access when fetching user-space data which is bigger than one page, because it does not check the local CPU buffer size when reading the data. This checks the read data size and cut it down to the local CPU buffer size. * tag 'probes-fixes-v6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: uprobe: avoid out-of-bounds memory access of fetching args commit e70d2677ef4088d59158739d72b67ac36d1b132b Author: Dipendra Khadka Date: Mon Sep 30 19:11:00 2024 +0000 phy: tegra: xusb: Add error pointer check in xusb.c Add error pointer check after tegra_xusb_find_lane(). Fixes: e8f7d2f409a1 ("phy: tegra: xusb: Add usb-phy support") Signed-off-by: Dipendra Khadka Acked-by: Thierry Reding Link: https://lore.kernel.org/r/20240930191101.13184-1-kdipendra88@gmail.com Signed-off-by: Vinod Koul commit 16fde3e076775d3b51f48d44d050746fbc9d638e Author: Abel Vesa Date: Mon Oct 21 16:53:28 2024 +0300 dt-bindings: phy: qcom,sc8280xp-qmp-pcie-phy: Fix X1E80100 resets entries The PCIe 6a PHY is actually Gen4 4-lanes capable. So the gen4x4 compatible describes it. But according to the schema, currently the gen4x4 compatible doesn't require both PHY and PHY-nocsr resets, while the HW does. So fix that by adding the gen4x4 compatible alongside the gen4x2 one for the resets description. Fixes: 0c5f4d23f776 ("dt-bindings: phy: qcom,sc8280xp-qmp-pcie-phy: Document the X1E80100 QMP PCIe PHY Gen4 x4") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202410182029.n2zPkuGx-lkp@intel.com/ Reviewed-by: Krzysztof Kozlowski Reviewed-by: Johan Hovold Signed-off-by: Abel Vesa Link: https://lore.kernel.org/r/20241021-phy-qcom-qmp-pcie-fix-x1e80100-gen4x4-resets-v3-1-1918c46fc37c@linaro.org Signed-off-by: Vinod Koul commit f89263b69731e0144d275fff777ee0dd92069200 Author: Richard Zhu Date: Mon Oct 21 11:52:41 2024 -0400 phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check When enable initcall_debug together with higher debug level below. CONFIG_CONSOLE_LOGLEVEL_DEFAULT=9 CONFIG_CONSOLE_LOGLEVEL_QUIET=9 CONFIG_MESSAGE_LOGLEVEL_DEFAULT=7 The initialization of i.MX8MP PCIe PHY might be timeout failed randomly. To fix this issue, adjust the sequence of the resets refer to the power up sequence listed below. i.MX8MP PCIe PHY power up sequence: /--------------------------------------------- 1.8v supply ---------/ /--------------------------------------------------- 0.8v supply ---/ ---\ /-------------------------------------------------- X REFCLK Valid Reference Clock ---/ \-------------------------------------------------- ------------------------------------------- | i_init_restn -------------- ------------------------------------ | i_cmn_rstn --------------------- ------------------------------- | o_pll_lock_done -------------------------- Logs: imx6q-pcie 33800000.pcie: host bridge /soc@0/pcie@33800000 ranges: imx6q-pcie 33800000.pcie: IO 0x001ff80000..0x001ff8ffff -> 0x0000000000 imx6q-pcie 33800000.pcie: MEM 0x0018000000..0x001fefffff -> 0x0018000000 probe of clk_imx8mp_audiomix.reset.0 returned 0 after 1052 usecs probe of 30e20000.clock-controller returned 0 after 32971 usecs phy phy-32f00000.pcie-phy.4: phy poweron failed --> -110 probe of 30e10000.dma-controller returned 0 after 10235 usecs imx6q-pcie 33800000.pcie: waiting for PHY ready timeout! dwhdmi-imx 32fd8000.hdmi: Detected HDMI TX controller v2.13a with HDCP (samsung_dw_hdmi_phy2) imx6q-pcie 33800000.pcie: probe with driver imx6q-pcie failed with error -110 Fixes: dce9edff16ee ("phy: freescale: imx8m-pcie: Add i.MX8MP PCIe PHY support") Cc: stable@vger.kernel.org Signed-off-by: Richard Zhu Signed-off-by: Frank Li v2 changes: - Rebase to latest fixes branch of linux-phy git repo. - Richard's environment have problem and can't sent out patch. So I help post this fix patch. Link: https://lore.kernel.org/r/20241021155241.943665-1-Frank.Li@nxp.com Signed-off-by: Vinod Koul commit 7166c32651fa2a5712215980d1b54d4b9ccca6b5 Merge: a777c32ca42b9a 197231da7f6a2e Author: Linus Torvalds Date: Mon Oct 21 10:48:24 2024 -0700 Merge tag 'vfs-6.12-rc5.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs fixes from Christian Brauner: "afs: - Fix a lock recursion in afs_wake_up_async_call() on ->notify_lock netfs: - Drop the references to a folio immediately after the folio has been extracted to prevent races with future I/O collection - Fix a documenation build error - Downgrade the i_rwsem for buffered writes to fix a cifs reported performance regression when switching to netfslib vfs: - Explicitly return -E2BIG from openat2() if the specified size is unexpectedly large. This aligns openat2() with other extensible struct based system calls - When copying a mount namespace ensure that we only try to remove the new copy from the mount namespace rbtree if it has already been added to it nilfs: - Clear the buffer delay flag when clearing the buffer state clags when a buffer head is discarded to prevent a kernel OOPs ocfs2: - Fix an unitialized value warning in ocfs2_setattr() proc: - Fix a kernel doc warning" * tag 'vfs-6.12-rc5.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: proc: Fix W=1 build kernel-doc warning afs: Fix lock recursion fs: Fix uninitialized value issue in from_kuid and from_kgid fs: don't try and remove empty rbtree node netfs: Downgrade i_rwsem for a buffered write nilfs2: fix kernel bug due to missing clearing of buffer delay flag openat2: explicitly return -E2BIG for (usize > PAGE_SIZE) netfs: fix documentation build error netfs: In readahead, put the folio refs as soon extracted commit a777c32ca42b9a8a5e5abd915883a73620d9044b Merge: 42f7652d3eb527 cd843399d70641 Author: Linus Torvalds Date: Mon Oct 21 09:59:43 2024 -0700 Merge tag 'v6.12-p4' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto fix from Herbert Xu: "Fix a regression in mpi that broke RSA" * tag 'v6.12-p4' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: lib/mpi - Fix an "Uninitialized scalar variable" issue commit 76d3ddff7153cc0bcc14a63798d19f5d0693ea71 Author: Selvin Xavier Date: Mon Oct 14 06:36:15 2024 -0700 RDMA/bnxt_re: synchronize the qp-handle table array There is a race between the CREQ tasklet and destroy qp when accessing the qp-handle table. There is a chance of reading a valid qp-handle in the CREQ tasklet handler while the QP is already moving ahead with the destruction. Fixing this race by implementing a table-lock to synchronize the access. Fixes: f218d67ef004 ("RDMA/bnxt_re: Allow posting when QPs are in error") Fixes: 84cf229f4001 ("RDMA/bnxt_re: Fix the qp table indexing") Link: https://patch.msgid.link/r/1728912975-19346-3-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit d71f4acd584cc861f54b3cb3ac07875f06550a05 Author: Selvin Xavier Date: Mon Oct 14 06:36:14 2024 -0700 RDMA/bnxt_re: Fix the usage of control path spin locks Control path completion processing always runs in tasklet context. To synchronize with the posting thread, there is no need to use the irq variant of spin lock. Use spin_lock_bh instead. Fixes: 1ac5a4047975 ("RDMA/bnxt_re: Add bnxt_re RoCE driver") Link: https://patch.msgid.link/r/1728912975-19346-2-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit 78ed28e08e74da6265e49e19206e1bcb8b9a7f0d Author: Patrisious Haddad Date: Thu Oct 10 11:50:23 2024 +0300 RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down After the cited commit below max_dest_rd_atomic and max_rd_atomic values are being rounded down to the next power of 2. As opposed to the old behavior and mlx4 driver where they used to be rounded up instead. In order to stay consistent with older code and other drivers, revert to using fls round function which rounds up to the next power of 2. Fixes: f18e26af6aba ("RDMA/mlx5: Convert modify QP to use MLX5_SET macros") Link: https://patch.msgid.link/r/d85515d6ef21a2fa8ef4c8293dce9b58df8a6297.1728550179.git.leon@kernel.org Signed-off-by: Patrisious Haddad Reviewed-by: Maher Sanalla Signed-off-by: Leon Romanovsky Signed-off-by: Jason Gunthorpe commit 89f8c6f197f480fe05edf91eb9359d5425869d04 Author: Leon Romanovsky Date: Mon Oct 7 20:55:17 2024 +0300 RDMA/cxgb4: Dump vendor specific QP details Restore the missing functionality to dump vendor specific QP details, which was mistakenly removed in the commit mentioned in Fixes line. Fixes: 5cc34116ccec ("RDMA: Add dedicated QP resource tracker function") Link: https://patch.msgid.link/r/ed9844829135cfdcac7d64285688195a5cd43f82.1728323026.git.leonro@nvidia.com Reported-by: Dr. David Alan Gilbert Closes: https://lore.kernel.org/all/Zv_4qAxuC0dLmgXP@gallifrey Signed-off-by: Leon Romanovsky Signed-off-by: Jason Gunthorpe commit 6db388585e486c0261aeef55f8bc63a9b45756c0 Author: Christoph Hellwig Date: Tue Oct 15 06:13:50 2024 +0200 iomap: turn iomap_want_unshare_iter into an inline function iomap_want_unshare_iter currently sits in fs/iomap/buffered-io.c, which depends on CONFIG_BLOCK. It is also in used in fs/dax.c whіch has no such dependency. Given that it is a trivial check turn it into an inline in include/linux/iomap.h to fix the DAX && !BLOCK build. Fixes: 6ef6a0e821d3 ("iomap: share iomap_unshare_iter predicate code with fsdax") Reported-by: kernel test robot Signed-off-by: Christoph Hellwig Link: https://lore.kernel.org/r/20241015041350.118403-1-hch@lst.de Reviewed-by: Brian Foster Signed-off-by: Christian Brauner commit f2b5b8201b1545ef92e050735e9c768010d497aa Author: Bartosz Golaszewski Date: Mon Oct 21 16:21:13 2024 +0200 spi: mtk-snfi: fix kerneldoc for mtk_snand_is_page_ops() The op argument is missing the colon and is not picked up by the kerneldoc generator. Fix it to address the following build warning: drivers/spi/spi-mtk-snfi.c:1201: warning: Function parameter or struct member 'op' not described in 'mtk_snand_is_page_ops' Fixes: 764f1b748164 ("spi: add driver for MTK SPI NAND Flash Interface") Signed-off-by: Bartosz Golaszewski Link: https://patch.msgid.link/20241021142113.71081-1-brgl@bgdev.pl Signed-off-by: Mark Brown commit a7990957fa53326fe9b47f0349373ed99bb69aaa Author: Armin Wolf Date: Tue Oct 15 00:05:29 2024 +0200 platform/x86: dell-wmi: Ignore suspend notifications Some machines like the Dell G15 5155 emit WMI events when suspending/resuming. Ignore those WMI events. Tested-by: siddharth.manthan@gmail.com Signed-off-by: Armin Wolf Acked-by: Pali Rohár Link: https://lore.kernel.org/r/20241014220529.397390-1-W_Armin@gmx.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 48771da48072823956b271dddd568492c13d8170 Author: Vamsi Krishna Brahmajosyula Date: Fri Oct 18 16:19:58 2024 +0530 platform/x86/intel/pmc: Fix pmc_core_iounmap to call iounmap for valid addresses Commit 50c6dbdfd16e ("x86/ioremap: Improve iounmap() address range checks") introduces a WARN when adrress ranges of iounmap are invalid. On Thinkpad P1 Gen 7 (Meteor Lake-P) this caused the following warning to appear: WARNING: CPU: 7 PID: 713 at arch/x86/mm/ioremap.c:461 iounmap+0x58/0x1f0 Modules linked in: rfkill(+) snd_timer(+) fjes(+) snd soundcore intel_pmc_core(+) int3403_thermal(+) int340x_thermal_zone intel_vsec pmt_telemetry acpi_pad pmt_class acpi_tad int3400_thermal acpi_thermal_rel joydev loop nfnetlink zram xe drm_suballoc_helper nouveau i915 mxm_wmi drm_ttm_helper gpu_sched drm_gpuvm drm_exec drm_buddy i2c_algo_bit crct10dif_pclmul crc32_pclmul ttm crc32c_intel polyval_clmulni rtsx_pci_sdmmc ucsi_acpi polyval_generic mmc_core hid_multitouch drm_display_helper ghash_clmulni_intel typec_ucsi nvme sha512_ssse3 video sha256_ssse3 nvme_core intel_vpu sha1_ssse3 rtsx_pci cec typec nvme_auth i2c_hid_acpi i2c_hid wmi pinctrl_meteorlake serio_raw ip6_tables ip_tables fuse CPU: 7 UID: 0 PID: 713 Comm: (udev-worker) Not tainted 6.12.0-rc2iounmap+ #42 Hardware name: LENOVO 21KWCTO1WW/21KWCTO1WW, BIOS N48ET19W (1.06 ) 07/18/2024 RIP: 0010:iounmap+0x58/0x1f0 Code: 85 6a 01 00 00 48 8b 05 e6 e2 28 04 48 39 c5 72 19 eb 26 cc cc cc 48 ba 00 00 00 00 00 00 32 00 48 8d 44 02 ff 48 39 c5 72 23 <0f> 0b 48 83 c4 08 5b 5d 41 5c c3 cc cc cc cc 48 ba 00 00 00 00 00 RSP: 0018:ffff888131eff038 EFLAGS: 00010207 RAX: ffffc90000000000 RBX: 0000000000000000 RCX: ffff888e33b80000 RDX: dffffc0000000000 RSI: ffff888e33bc29c0 RDI: 0000000000000000 RBP: 0000000000000000 R08: ffff8881598a8000 R09: ffff888e2ccedc10 R10: 0000000000000003 R11: ffffffffb3367634 R12: 00000000fe000000 R13: ffff888101d0da28 R14: ffffffffc2e437e0 R15: ffff888110b03b28 FS: 00007f3c1d4b3980(0000) GS:ffff888e33b80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005651cfc93578 CR3: 0000000124e4c002 CR4: 0000000000f70ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff07f0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: ? __warn.cold+0xb6/0x176 ? iounmap+0x58/0x1f0 ? report_bug+0x1f4/0x2b0 ? handle_bug+0x58/0x90 ? exc_invalid_op+0x17/0x40 ? asm_exc_invalid_op+0x1a/0x20 ? iounmap+0x58/0x1f0 pmc_core_ssram_get_pmc+0x477/0x6c0 [intel_pmc_core] ? __pfx_pmc_core_ssram_get_pmc+0x10/0x10 [intel_pmc_core] ? __pfx_do_pci_enable_device+0x10/0x10 ? pci_wait_for_pending+0x60/0x110 ? pci_enable_device_flags+0x1e3/0x2e0 ? __pfx_mtl_core_init+0x10/0x10 [intel_pmc_core] pmc_core_ssram_init+0x7f/0x110 [intel_pmc_core] mtl_core_init+0xda/0x130 [intel_pmc_core] ? __mutex_init+0xb9/0x130 pmc_core_probe+0x27e/0x10b0 [intel_pmc_core] ? _raw_spin_lock_irqsave+0x96/0xf0 ? __pfx_pmc_core_probe+0x10/0x10 [intel_pmc_core] ? __pfx_mutex_unlock+0x10/0x10 ? __pfx_mutex_lock+0x10/0x10 ? device_pm_check_callbacks+0x82/0x370 ? acpi_dev_pm_attach+0x234/0x2b0 platform_probe+0x9f/0x150 really_probe+0x1e0/0x8a0 __driver_probe_device+0x18c/0x370 ? __pfx___driver_attach+0x10/0x10 driver_probe_device+0x4a/0x120 __driver_attach+0x190/0x4a0 ? __pfx___driver_attach+0x10/0x10 bus_for_each_dev+0x103/0x180 ? __pfx_bus_for_each_dev+0x10/0x10 ? klist_add_tail+0x136/0x270 bus_add_driver+0x2fc/0x540 driver_register+0x1a5/0x360 ? __pfx_pmc_core_driver_init+0x10/0x10 [intel_pmc_core] do_one_initcall+0xa4/0x380 ? __pfx_do_one_initcall+0x10/0x10 ? kasan_unpoison+0x44/0x70 do_init_module+0x296/0x800 load_module+0x5090/0x6ce0 ? __pfx_load_module+0x10/0x10 ? ima_post_read_file+0x193/0x200 ? __pfx_ima_post_read_file+0x10/0x10 ? rw_verify_area+0x152/0x4c0 ? kernel_read_file+0x257/0x750 ? __pfx_kernel_read_file+0x10/0x10 ? __pfx_filemap_get_read_batch+0x10/0x10 ? init_module_from_file+0xd1/0x130 init_module_from_file+0xd1/0x130 ? __pfx_init_module_from_file+0x10/0x10 ? __pfx__raw_spin_lock+0x10/0x10 ? __pfx_cred_has_capability.isra.0+0x10/0x10 idempotent_init_module+0x236/0x770 ? __pfx_idempotent_init_module+0x10/0x10 ? fdget+0x58/0x3f0 ? security_capable+0x7d/0x110 __x64_sys_finit_module+0xbe/0x130 do_syscall_64+0x82/0x160 ? __pfx_filemap_read+0x10/0x10 ? __pfx___fsnotify_parent+0x10/0x10 ? vfs_read+0x3a6/0xa30 ? vfs_read+0x3a6/0xa30 ? __seccomp_filter+0x175/0xc60 ? __pfx___seccomp_filter+0x10/0x10 ? fdget_pos+0x1ce/0x500 ? syscall_exit_to_user_mode_prepare+0x149/0x170 ? syscall_exit_to_user_mode+0x10/0x210 ? do_syscall_64+0x8e/0x160 ? switch_fpu_return+0xe3/0x1f0 ? syscall_exit_to_user_mode+0x1d5/0x210 ? do_syscall_64+0x8e/0x160 ? exc_page_fault+0x76/0xf0 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7f3c1d6d155d Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 83 58 0f 00 f7 d8 64 89 01 48 RSP: 002b:00007ffe6309db38 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 RAX: ffffffffffffffda RBX: 0000557c212550a0 RCX: 00007f3c1d6d155d RDX: 0000000000000000 RSI: 00007f3c1cd943bd RDI: 0000000000000025 RBP: 00007ffe6309dbf0 R08: 00007f3c1d7c7b20 R09: 00007ffe6309db80 R10: 0000557c21255270 R11: 0000000000000246 R12: 00007f3c1cd943bd R13: 0000000000020000 R14: 0000557c21255c80 R15: 0000557c21255240 no_free_ptr(tmp_ssram) sets tmp_ssram NULL while assigning ssram. pmc_core_iounmap calls iounmap unconditionally causing the above warning to appear during boot. Fix it by checking for a valid address before calling iounmap. Also in the function pmc_core_ssram_get_pmc return -ENOMEM when ioremap fails similar to other instances in the file. Fixes: a01486dc4bb1 ("platform/x86/intel/pmc: Cleanup SSRAM discovery") Reviewed-by: Ilpo Järvinen Reviewed-by: David E. Box Signed-off-by: Vamsi Krishna Brahmajosyula Link: https://lore.kernel.org/r/20241018104958.14195-1-vamsikrishna.brahmajosyula@gmail.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit d5ff2fb2e7167e9483846e34148e60c0c016a1f6 Author: Yang Erkun Date: Mon Oct 21 16:25:40 2024 +0800 nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net In the normal case, when we excute `echo 0 > /proc/fs/nfsd/threads`, the function `nfs4_state_destroy_net` in `nfs4_state_shutdown_net` will release all resources related to the hashed `nfs4_client`. If the `nfsd_client_shrinker` is running concurrently, the `expire_client` function will first unhash this client and then destroy it. This can lead to the following warning. Additionally, numerous use-after-free errors may occur as well. nfsd_client_shrinker echo 0 > /proc/fs/nfsd/threads expire_client nfsd_shutdown_net unhash_client ... nfs4_state_shutdown_net /* won't wait shrinker exit */ /* cancel_work(&nn->nfsd_shrinker_work) * nfsd_file for this /* won't destroy unhashed client1 */ * client1 still alive nfs4_state_destroy_net */ nfsd_file_cache_shutdown /* trigger warning */ kmem_cache_destroy(nfsd_file_slab) kmem_cache_destroy(nfsd_file_mark_slab) /* release nfsd_file and mark */ __destroy_client ==================================================================== BUG nfsd_file (Not tainted): Objects remaining in nfsd_file on __kmem_cache_shutdown() -------------------------------------------------------------------- CPU: 4 UID: 0 PID: 764 Comm: sh Not tainted 6.12.0-rc3+ #1 dump_stack_lvl+0x53/0x70 slab_err+0xb0/0xf0 __kmem_cache_shutdown+0x15c/0x310 kmem_cache_destroy+0x66/0x160 nfsd_file_cache_shutdown+0xac/0x210 [nfsd] nfsd_destroy_serv+0x251/0x2a0 [nfsd] nfsd_svc+0x125/0x1e0 [nfsd] write_threads+0x16a/0x2a0 [nfsd] nfsctl_transaction_write+0x74/0xa0 [nfsd] vfs_write+0x1a5/0x6d0 ksys_write+0xc1/0x160 do_syscall_64+0x5f/0x170 entry_SYSCALL_64_after_hwframe+0x76/0x7e ==================================================================== BUG nfsd_file_mark (Tainted: G B W ): Objects remaining nfsd_file_mark on __kmem_cache_shutdown() -------------------------------------------------------------------- dump_stack_lvl+0x53/0x70 slab_err+0xb0/0xf0 __kmem_cache_shutdown+0x15c/0x310 kmem_cache_destroy+0x66/0x160 nfsd_file_cache_shutdown+0xc8/0x210 [nfsd] nfsd_destroy_serv+0x251/0x2a0 [nfsd] nfsd_svc+0x125/0x1e0 [nfsd] write_threads+0x16a/0x2a0 [nfsd] nfsctl_transaction_write+0x74/0xa0 [nfsd] vfs_write+0x1a5/0x6d0 ksys_write+0xc1/0x160 do_syscall_64+0x5f/0x170 entry_SYSCALL_64_after_hwframe+0x76/0x7e To resolve this issue, cancel `nfsd_shrinker_work` using synchronous mode in nfs4_state_shutdown_net. Fixes: 7c24fa225081 ("NFSD: replace delayed_work with work_struct for nfsd_client_shrinker") Signed-off-by: Yang Erkun Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit d2f8671045b41871053dedaf3035a06ad53d2736 Author: Bibo Mao Date: Mon Oct 21 22:11:19 2024 +0800 LoongArch: Set initial pte entry with PAGE_GLOBAL for kernel space There are two pages in one TLB entry on LoongArch system. For kernel space, it requires both two pte entries (buddies) with PAGE_GLOBAL bit set, otherwise HW treats it as non-global tlb, there will be potential problems if tlb entry for kernel space is not global. Such as fail to flush kernel tlb with the function local_flush_tlb_kernel_range() which supposed only flush tlb with global bit. Kernel address space areas include percpu, vmalloc, vmemmap, fixmap and kasan areas. For these areas both two consecutive page table entries should be enabled with PAGE_GLOBAL bit. So with function set_pte() and pte_clear(), pte buddy entry is checked and set besides its own pte entry. However it is not atomic operation to set both two pte entries, there is problem with test_vmalloc test case. So function kernel_pte_init() is added to init a pte table when it is created for kernel address space, and the default initial pte value is PAGE_GLOBAL rather than zero at beginning. Then only its own pte entry need update with function set_pte() and pte_clear(), nothing to do with the pte buddy entry. Signed-off-by: Bibo Mao Signed-off-by: Huacai Chen commit 134475a9ab8487527238d270639a8cb74c10aab2 Author: Thomas Weißschuh Date: Mon Oct 21 22:11:19 2024 +0800 LoongArch: Don't crash in stack_top() for tasks without vDSO Not all tasks have a vDSO mapped, for example kthreads never do. If such a task ever ends up calling stack_top(), it will derefence the NULL vdso pointer and crash. This can for example happen when using kunit: [<9000000000203874>] stack_top+0x58/0xa8 [<90000000002956cc>] arch_pick_mmap_layout+0x164/0x220 [<90000000003c284c>] kunit_vm_mmap_init+0x108/0x12c [<90000000003c1fbc>] __kunit_add_resource+0x38/0x8c [<90000000003c2704>] kunit_vm_mmap+0x88/0xc8 [<9000000000410b14>] usercopy_test_init+0xbc/0x25c [<90000000003c1db4>] kunit_try_run_case+0x5c/0x184 [<90000000003c3d54>] kunit_generic_run_threadfn_adapter+0x24/0x48 [<900000000022e4bc>] kthread+0xc8/0xd4 [<9000000000200ce8>] ret_from_kernel_thread+0xc/0xa4 Fixes: 803b0fc5c3f2 ("LoongArch: Add process management") Signed-off-by: Thomas Weißschuh Signed-off-by: Huacai Chen commit 2ed119aef60d73d00371195fc84dd68248071100 Author: Huacai Chen Date: Mon Oct 21 22:11:19 2024 +0800 LoongArch: Set correct size for vDSO code mapping The current size of vDSO code mapping is hardcoded to PAGE_SIZE. This cannot work for 4KB page size after commit 18efd0b10e0fd77 ("LoongArch: vDSO: Wire up getrandom() vDSO implementation") because the code size increases to 8KB. Thus set the code mapping size to its real size, i.e. PAGE_ALIGN(vdso_end - vdso_start). Fixes: 18efd0b10e0fd77 ("LoongArch: vDSO: Wire up getrandom() vDSO implementation") Reviewed-by: Xi Ruoyao Signed-off-by: Huacai Chen commit 69cc6fad5df4ce652d969be69acc60e269e5eea1 Author: Huacai Chen Date: Mon Oct 21 22:11:19 2024 +0800 LoongArch: Enable IRQ if do_ale() triggered in irq-enabled context Unaligned access exception can be triggered in irq-enabled context such as user mode, in this case do_ale() may call get_user() which may cause sleep. Then we will get: BUG: sleeping function called from invalid context at arch/loongarch/kernel/access-helper.h:7 in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 129, name: modprobe preempt_count: 0, expected: 0 RCU nest depth: 0, expected: 0 CPU: 0 UID: 0 PID: 129 Comm: modprobe Tainted: G W 6.12.0-rc1+ #1723 Tainted: [W]=WARN Stack : 9000000105e0bd48 0000000000000000 9000000003803944 9000000105e08000 9000000105e0bc70 9000000105e0bc78 0000000000000000 0000000000000000 9000000105e0bc78 0000000000000001 9000000185e0ba07 9000000105e0b890 ffffffffffffffff 9000000105e0bc78 73924b81763be05b 9000000100194500 000000000000020c 000000000000000a 0000000000000000 0000000000000003 00000000000023f0 00000000000e1401 00000000072f8000 0000007ffbb0e260 0000000000000000 0000000000000000 9000000005437650 90000000055d5000 0000000000000000 0000000000000003 0000007ffbb0e1f0 0000000000000000 0000005567b00490 0000000000000000 9000000003803964 0000007ffbb0dfec 00000000000000b0 0000000000000007 0000000000000003 0000000000071c1d ... Call Trace: [<9000000003803964>] show_stack+0x64/0x1a0 [<9000000004c57464>] dump_stack_lvl+0x74/0xb0 [<9000000003861ab4>] __might_resched+0x154/0x1a0 [<900000000380c96c>] emulate_load_store_insn+0x6c/0xf60 [<9000000004c58118>] do_ale+0x78/0x180 [<9000000003801bc8>] handle_ale+0x128/0x1e0 So enable IRQ if unaligned access exception is triggered in irq-enabled context to fix it. Cc: stable@vger.kernel.org Reported-by: Binbin Zhou Signed-off-by: Huacai Chen commit b7296f9d5bf99330063d4bbecc43c9b33fed0137 Author: Huacai Chen Date: Mon Oct 21 22:11:18 2024 +0800 LoongArch: Get correct cores_per_package for SMT systems In loongson_sysconf, The "core" of cores_per_node and cores_per_package stands for a logical core, which means in a SMT system it stands for a thread indeed. This information is gotten from SMBIOS Type4 Structure, so in order to get a correct cores_per_package for both SMT and non-SMT systems in parse_cpu_table() we should use SMBIOS_THREAD_PACKAGE_OFFSET instead of SMBIOS_CORE_PACKAGE_OFFSET. Cc: stable@vger.kernel.org Reported-by: Chao Li Tested-by: Chao Li Signed-off-by: Huacai Chen commit b69269c870ece1bc7d2e3e39ca76f4602f2cb0dd Author: Yanteng Si Date: Mon Oct 21 22:11:18 2024 +0800 LoongArch: Use "Exception return address" to comment ERA The information contained in the comment for LOONGARCH_CSR_ERA is even less informative than the macro itself, which can cause confusion for junior developers. Let's use the full English term. Signed-off-by: Yanteng Si Signed-off-by: Huacai Chen commit 5fa607880168d991bdc819f493a11155e935abe6 Author: Marek Maslanka Date: Sat Oct 12 18:26:55 2024 +0000 platform/x86:intel/pmc: Revert "Enable the ACPI PM Timer to be turned off when suspended" Commit e86c8186d03a ("platform/x86:intel/pmc: Enable the ACPI PM Timer to be turned off when suspended") can cause the suspend process to hang as the pmcdev->lock in the pmc_core_acpi_pm_timer_suspend_resume might already be held by the pmc_core_mphy_pg_show or pmc_core_pll_show if the userspace gets frozen when these functions are being executed. Also, pmc_core_acpi_pm_timer_suspend_resume must not sleep, as this function is called indirectly by the tick_freeze function in kernel/time/tick-common.c, which holds the spinlock. Revert the changes for now to fix these issues. Fixes: e86c8186d03a ("platform/x86:intel/pmc: Enable the ACPI PM Timer to be turned off when suspended") Reported-by: Luca Coelho Closes: https://lore.kernel.org/lkml/40555604c3f4be43bf72e72d5409eaece4be9320.camel@coelho.fi/ Signed-off-by: Marek Maslanka Link: https://lore.kernel.org/r/20241012182656.2107178-1-mmaslanka@google.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 5c23878252515b8d2b86839bd4cb7dea7088aacd Author: Javier Carrasco Date: Sun Oct 13 20:11:29 2024 +0200 drm/bridge: tc358767: fix missing of_node_put() in for_each_endpoint_of_node() for_each_endpoint_of_node() requires a call to of_node_put() for every early exit. A new error path was added to the loop without observing this requirement. Add the missing call to of_node_put() in the error path. Fixes: 1fb4dceeedc5 ("drm/bridge: tc358767: Add configurable default preemphasis") Signed-off-by: Javier Carrasco Reviewed-by: Marek Vasut Link: https://lore.kernel.org/r/20241013-tc358767-of_node_put-v1-1-97431772c0ff@gmail.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20241013-tc358767-of_node_put-v1-1-97431772c0ff@gmail.com commit 85e444a68126a631221ae32c63fce882bb18a262 Author: Abel Vesa Date: Fri Oct 18 15:49:34 2024 +0300 drm/bridge: Fix assignment of the of_node of the parent to aux bridge The assignment of the of_node to the aux bridge needs to mark the of_node as reused as well, otherwise resource providers like pinctrl will report a gpio as already requested by a different device when both pinconf and gpios property are present. Fix that by using the device_set_of_node_from_dev() helper instead. Fixes: 6914968a0b52 ("drm/bridge: properly refcount DT nodes in aux bridge drivers") Cc: stable@vger.kernel.org # 6.8 Cc: Dmitry Baryshkov Signed-off-by: Abel Vesa Reviewed-by: Dmitry Baryshkov Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20241018-drm-aux-bridge-mark-of-node-reused-v2-1-aeed1b445c7d@linaro.org Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20241018-drm-aux-bridge-mark-of-node-reused-v2-1-aeed1b445c7d@linaro.org commit 35100ae2dc33fc4b20c3648ed375a81e1f4b6e3a Merge: 42f7652d3eb527 14c2d97265ea59 Author: Christian Brauner Date: Mon Oct 21 14:30:29 2024 +0200 Merge patch series "fs/super.c: introduce get_tree_bdev_flags()" Allison Karlitskaya says: In context of my work on composefs/bootc I've been testing the new support for directly mounting files with erofs (ie: without a loopback device) and it's working well. Thanks for adding this feature --- it's a huge quality of life improvement for us. I've observed a strange behaviour, though: when mounting a file as an erofs, if you read() the filesystem context fd, you always get the following error message reported: Can't lookup blockdev. That's caused by the code in erofs_fc_get_tree() trying to call get_tree_bdev() and recovering from the error in case it was ENOTBLK and CONFIG_EROFS_FS_BACKED_BY_FILE. Unfortunately, get_tree_bdev() logs the error directly on the fs_context, so you get the error message even on successful mounts. It looks something like this at the syscall level: fsopen("erofs", FSOPEN_CLOEXEC) = 3 fsconfig(3, FSCONFIG_SET_FLAG, "ro", NULL, 0) = 0 fsconfig(3, FSCONFIG_SET_STRING, "source", "/home/lis/src/mountcfs/cfs", 0) = 0 fsconfig(3, FSCONFIG_CMD_CREATE, NULL, NULL, 0) = 0 fsmount(3, FSMOUNT_CLOEXEC, 0) = 5 move_mount(5, "", AT_FDCWD, "/tmp/composefs.upper.KuT5aV", MOVE_MOUNT_F_EMPTY_PATH) = 0 read(3, "e /home/lis/src/mountcfs/cfs: Can't lookup blockdev\n", 1024) = 52 This is kernel 6.12.0-0.rc0.20240926git11a299a7933e.13.fc42.x86_64 from Fedora Rawhide. It's a pretty minor issue, but it sent me on a wild goose chase for an hour or two, so probably it should get fixed before the final release. Gao Xiang : Fix this by providing a get_tree_bdev_flags() helper which can be used to silence such warnings. * patches from https://lore.kernel.org/r/20241009033151.2334888-1-hsiangkao@linux.alibaba.com: erofs: use get_tree_bdev_flags() to avoid misleading messages fs/super.c: introduce get_tree_bdev_flags() Link: https://lore.kernel.org/r/20241009033151.2334888-1-hsiangkao@linux.alibaba.com Signed-off-by: Christian Brauner commit 14c2d97265ea5989000c428dbb7321cbd4a85f9b Author: Gao Xiang Date: Wed Oct 9 11:31:51 2024 +0800 erofs: use get_tree_bdev_flags() to avoid misleading messages Users can pass in an arbitrary source path for the proper type of a mount then without "Can't lookup blockdev" error message. Reported-by: Allison Karlitskaya Closes: https://lore.kernel.org/r/CAOYeF9VQ8jKVmpy5Zy9DNhO6xmWSKMB-DO8yvBB0XvBE7=3Ugg@mail.gmail.com Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20241009033151.2334888-2-hsiangkao@linux.alibaba.com Signed-off-by: Christian Brauner commit 4021e685139d567b3fc862f54101ae9dbb15d8b5 Author: Gao Xiang Date: Wed Oct 9 11:31:50 2024 +0800 fs/super.c: introduce get_tree_bdev_flags() As Allison reported [1], currently get_tree_bdev() will store "Can't lookup blockdev" error message. Although it makes sense for pure bdev-based fses, this message may mislead users who try to use EROFS file-backed mounts since get_tree_nodev() is used as a fallback then. Add get_tree_bdev_flags() to specify extensible flags [2] and GET_TREE_BDEV_QUIET_LOOKUP to silence "Can't lookup blockdev" message since it's misleading to EROFS file-backed mounts now. [1] https://lore.kernel.org/r/CAOYeF9VQ8jKVmpy5Zy9DNhO6xmWSKMB-DO8yvBB0XvBE7=3Ugg@mail.gmail.com [2] https://lore.kernel.org/r/ZwUkJEtwIpUA4qMz@infradead.org Suggested-by: Christoph Hellwig Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20241009033151.2334888-1-hsiangkao@linux.alibaba.com Reviewed-by: Christoph Hellwig Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 8fa73ee44daefc884c53a25158c25a4107eb5a94 Author: Shubham Panwar Date: Sun Oct 20 15:20:46 2024 +0530 ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue Add a DMI quirk for Samsung Galaxy Book2 to fix an initial lid state detection issue. The _LID device incorrectly returns the lid status as "closed" during boot, causing the system to enter a suspend loop right after booting. The quirk ensures that the correct lid state is reported initially, preventing the system from immediately suspending after startup. It only addresses the initial lid state detection and ensures proper system behavior upon boot. Signed-off-by: Shubham Panwar Link: https://patch.msgid.link/20241020095045.6036-2-shubiisp8@gmail.com [ rjw: Changelog edits ] Cc: All applicable Signed-off-by: Rafael J. Wysocki commit 53f1a907d36fb3aa02a4d34073bcec25823a6c74 Author: Christian Heusel Date: Thu Oct 17 13:16:26 2024 +0200 ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[] The LG Gram Pro 16 2-in-1 (2024) the 16T90SP has its keybopard IRQ (1) described as ActiveLow in the DSDT, which the kernel overrides to EdgeHigh which breaks the keyboard. Add the 16T90SP to the irq1_level_low_skip_override[] quirk table to fix this. Reported-by: Dirk Holten Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219382 Cc: All applicable Suggested-by: Dirk Holten Signed-off-by: Christian Heusel Link: https://patch.msgid.link/20241017-lg-gram-pro-keyboard-v2-1-7c8fbf6ff718@heusel.eu Signed-off-by: Rafael J. Wysocki commit 038fa6ddf5d22694f61ff7a7a53c8887c6b08c45 Author: Jack Yu Date: Mon Oct 21 06:15:44 2024 +0000 ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop issue clk_stop_timeout should be increased to 900ms to fix clock stop issue. Signed-off-by: Jack Yu Link: https://patch.msgid.link/cd26275d9fc54374a18dc016755cb72d@realtek.com Signed-off-by: Mark Brown commit 088984c8d54c0053fc4ae606981291d741c5924b Author: Koba Ko Date: Sun Oct 13 04:50:10 2024 +0800 ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context PRMT needs to find the correct type of block to translate the PA-VA mapping for EFI runtime services. The issue arises because the PRMT is finding a block of type EFI_CONVENTIONAL_MEMORY, which is not appropriate for runtime services as described in Section 2.2.2 (Runtime Services) of the UEFI Specification [1]. Since the PRM handler is a type of runtime service, this causes an exception when the PRM handler is called. [Firmware Bug]: Unable to handle paging request in EFI runtime service WARNING: CPU: 22 PID: 4330 at drivers/firmware/efi/runtime-wrappers.c:341 __efi_queue_work+0x11c/0x170 Call trace: Let PRMT find a block with EFI_MEMORY_RUNTIME for PRM handler and PRM context. If no suitable block is found, a warning message will be printed, but the procedure continues to manage the next PRM handler. However, if the PRM handler is actually called without proper allocation, it would result in a failure during error handling. By using the correct memory types for runtime services, ensure that the PRM handler and the context are properly mapped in the virtual address space during runtime, preventing the paging request error. The issue is really that only memory that has been remapped for runtime by the firmware can be used by the PRM handler, and so the region needs to have the EFI_MEMORY_RUNTIME attribute. Link: https://uefi.org/sites/default/files/resources/UEFI_Spec_2_10_Aug29.pdf # [1] Fixes: cefc7ca46235 ("ACPI: PRM: implement OperationRegion handler for the PlatformRtMechanism subtype") Cc: All applicable Signed-off-by: Koba Ko Reviewed-by: Matthew R. Ochs Reviewed-by: Zhang Rui Reviewed-by: Ard Biesheuvel Link: https://patch.msgid.link/20241012205010.4165798-1-kobak@nvidia.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit 5209d1b654f1db80509040cc694c7814a1b547e3 Author: Yuan Can Date: Fri Oct 18 10:12:05 2024 +0800 powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() The caller of the function dev_pm_qos_add_request() checks again a non zero value but dev_pm_qos_add_request() can return '1' if the request already exists. Therefore, the setup function fails while the QoS request actually did not failed. Fix that by changing the check against a negative value like all the other callers of the function. Fixes: e44655617317 ("powercap/drivers/dtpm: Add dtpm devfreq with energy model support") Signed-off-by: Yuan Can Reviewed-by: Lukasz Luba Link: https://patch.msgid.link/20241018021205.46460-1-yuancan@huawei.com [ rjw: Subject edit ] Signed-off-by: Rafael J. Wysocki commit 29dcbea92460e82181774b46f08b55a917615a97 Author: Christian Loehle Date: Thu Oct 17 23:00:33 2024 +0100 cpufreq: docs: Reflect latency changes in docs There were two changes related to transition latency recently. Namely commit e13aa799c2a6 ("cpufreq: Change default transition delay to 2ms") and commit 37c6dccd6837 ("cpufreq: Remove LATENCY_MULTIPLIER"). Both changed the defaults / maximums so let the documentation reflect that. Signed-off-by: Christian Loehle Link: https://patch.msgid.link/46853b6e-bad5-4ace-9b23-ff157f234ae3@arm.com Signed-off-by: Rafael J. Wysocki commit d95d9a31aceb2021084bc9b94647bc5b175e05e7 Author: Michael S. Tsirkin Date: Wed Oct 16 13:27:07 2024 -0400 virtio_net: fix integer overflow in stats Static analysis on linux-next has detected the following issue in function virtnet_stats_ctx_init, in drivers/net/virtio_net.c : if (vi->device_stats_cap & VIRTIO_NET_STATS_TYPE_CVQ) { queue_type = VIRTNET_Q_TYPE_CQ; ctx->bitmap[queue_type] |= VIRTIO_NET_STATS_TYPE_CVQ; ctx->desc_num[queue_type] += ARRAY_SIZE(virtnet_stats_cvq_desc); ctx->size[queue_type] += sizeof(struct virtio_net_stats_cvq); } ctx->bitmap is declared as a u32 however it is being bit-wise or'd with VIRTIO_NET_STATS_TYPE_CVQ and this is defined as 1 << 32: include/uapi/linux/virtio_net.h:#define VIRTIO_NET_STATS_TYPE_CVQ (1ULL << 32) ..and hence the bit-wise or operation won't set any bits in ctx->bitmap because 1ULL < 32 is too wide for a u32. In fact, the field is read into a u64: u64 offset, bitmap; .... bitmap = ctx->bitmap[queue_type]; so to fix, it is enough to make bitmap an array of u64. Fixes: 941168f8b40e5 ("virtio_net: support device stats") Reported-by: "Colin King (gmail)" Signed-off-by: Michael S. Tsirkin Acked-by: Jason Wang Reviewed-by: Stefano Garzarella Link: https://patch.msgid.link/53e2bd6728136d5916e384a7840e5dc7eebff832.1729099611.git.mst@redhat.com Signed-off-by: Paolo Abeni commit 95ecba62e2fd201bcdcca636f5d774f1cd4f1458 Author: Eric Dumazet Date: Tue Oct 15 19:41:18 2024 +0000 net: fix races in netdev_tx_sent_queue()/dev_watchdog() Some workloads hit the infamous dev_watchdog() message: "NETDEV WATCHDOG: eth0 (xxxx): transmit queue XX timed out" It seems possible to hit this even for perfectly normal BQL enabled drivers: 1) Assume a TX queue was idle for more than dev->watchdog_timeo (5 seconds unless changed by the driver) 2) Assume a big packet is sent, exceeding current BQL limit. 3) Driver ndo_start_xmit() puts the packet in TX ring, and netdev_tx_sent_queue() is called. 4) QUEUE_STATE_STACK_XOFF could be set from netdev_tx_sent_queue() before txq->trans_start has been written. 5) txq->trans_start is written later, from netdev_start_xmit() if (rc == NETDEV_TX_OK) txq_trans_update(txq) dev_watchdog() running on another cpu could read the old txq->trans_start, and then see QUEUE_STATE_STACK_XOFF, because 5) did not happen yet. To solve the issue, write txq->trans_start right before one XOFF bit is set : - _QUEUE_STATE_DRV_XOFF from netif_tx_stop_queue() - __QUEUE_STATE_STACK_XOFF from netdev_tx_sent_queue() From dev_watchdog(), we have to read txq->state before txq->trans_start. Add memory barriers to enforce correct ordering. In the future, we could avoid writing over txq->trans_start for normal operations, and rename this field to txq->xoff_start_time. Fixes: bec251bc8b6a ("net: no longer stop all TX queues in dev_watchdog()") Signed-off-by: Eric Dumazet Reviewed-by: Willem de Bruijn Reviewed-by: Toke Høiland-Jørgensen Link: https://patch.msgid.link/20241015194118.3951657-1-edumazet@google.com Signed-off-by: Paolo Abeni commit 47dd5447cab8ce30a847a0337d5341ae4c7476a7 Author: Lin Ma Date: Tue Oct 15 21:16:21 2024 +0800 net: wwan: fix global oob in wwan_rtnl_policy The variable wwan_rtnl_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as the oob fixed in commit b33fb5b801c6 ("net: qualcomm: rmnet: fix global oob in rmnet_policy"). ================================================================== BUG: KASAN: global-out-of-bounds in validate_nla lib/nlattr.c:388 [inline] BUG: KASAN: global-out-of-bounds in __nla_validate_parse+0x19d7/0x29a0 lib/nlattr.c:603 Read of size 1 at addr ffffffff8b09cb60 by task syz.1.66276/323862 CPU: 0 PID: 323862 Comm: syz.1.66276 Not tainted 6.1.70 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x177/0x231 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:284 [inline] print_report+0x14f/0x750 mm/kasan/report.c:395 kasan_report+0x139/0x170 mm/kasan/report.c:495 validate_nla lib/nlattr.c:388 [inline] __nla_validate_parse+0x19d7/0x29a0 lib/nlattr.c:603 __nla_parse+0x3c/0x50 lib/nlattr.c:700 nla_parse_nested_deprecated include/net/netlink.h:1269 [inline] __rtnl_newlink net/core/rtnetlink.c:3514 [inline] rtnl_newlink+0x7bc/0x1fd0 net/core/rtnetlink.c:3623 rtnetlink_rcv_msg+0x794/0xef0 net/core/rtnetlink.c:6122 netlink_rcv_skb+0x1de/0x420 net/netlink/af_netlink.c:2508 netlink_unicast_kernel net/netlink/af_netlink.c:1326 [inline] netlink_unicast+0x74b/0x8c0 net/netlink/af_netlink.c:1352 netlink_sendmsg+0x882/0xb90 net/netlink/af_netlink.c:1874 sock_sendmsg_nosec net/socket.c:716 [inline] __sock_sendmsg net/socket.c:728 [inline] ____sys_sendmsg+0x5cc/0x8f0 net/socket.c:2499 ___sys_sendmsg+0x21c/0x290 net/socket.c:2553 __sys_sendmsg net/socket.c:2582 [inline] __do_sys_sendmsg net/socket.c:2591 [inline] __se_sys_sendmsg+0x19e/0x270 net/socket.c:2589 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x45/0x90 arch/x86/entry/common.c:81 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f67b19a24ad RSP: 002b:00007f67b17febb8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f67b1b45f80 RCX: 00007f67b19a24ad RDX: 0000000000000000 RSI: 0000000020005e40 RDI: 0000000000000004 RBP: 00007f67b1a1e01d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd2513764f R14: 00007ffd251376e0 R15: 00007f67b17fed40 The buggy address belongs to the variable: wwan_rtnl_policy+0x20/0x40 The buggy address belongs to the physical page: page:ffffea00002c2700 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xb09c flags: 0xfff00000001000(reserved|node=0|zone=1|lastcpupid=0x7ff) raw: 00fff00000001000 ffffea00002c2708 ffffea00002c2708 0000000000000000 raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected page_owner info is not present (never set?) Memory state around the buggy address: ffffffff8b09ca00: 05 f9 f9 f9 05 f9 f9 f9 00 01 f9 f9 00 01 f9 f9 ffffffff8b09ca80: 00 00 00 05 f9 f9 f9 f9 00 00 03 f9 f9 f9 f9 f9 >ffffffff8b09cb00: 00 00 00 00 05 f9 f9 f9 00 00 00 00 f9 f9 f9 f9 ^ ffffffff8b09cb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ================================================================== According to the comment of `nla_parse_nested_deprecated`, use correct size `IFLA_WWAN_MAX` here to fix this issue. Fixes: 88b710532e53 ("wwan: add interface creation support") Signed-off-by: Lin Ma Reviewed-by: Loic Poulain Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241015131621.47503-1-linma@zju.edu.cn Signed-off-by: Paolo Abeni commit 306ed1728e8438caed30332e1ab46b28c25fe3d8 Author: Pablo Neira Ayuso Date: Sun Oct 20 14:49:51 2024 +0200 netfilter: xtables: fix typo causing some targets not to load on IPv6 - There is no NFPROTO_IPV6 family for mark and NFLOG. - TRACE is also missing module autoload with NFPROTO_IPV6. This results in ip6tables failing to restore a ruleset. This issue has been reported by several users providing incomplete patches. Very similar to Ilya Katsnelson's patch including a missing chunk in the TRACE extension. Fixes: 0bfcb7b71e73 ("netfilter: xtables: avoid NFPROTO_UNSPEC where needed") Reported-by: Ignat Korchagin Reported-by: Ilya Katsnelson Reported-by: Krzysztof Olędzki Signed-off-by: Pablo Neira Ayuso commit 51521d2e2c35959cc70a62ccddf694965e29c950 Author: Arnd Bergmann Date: Fri Oct 18 15:12:49 2024 +0000 fbdev: wm8505fb: select CONFIG_FB_IOMEM_FOPS The fb_io_mmap() function is used in the file operations but not enabled in all configurations unless FB_IOMEM_FOPS gets selected: ld.lld-20: error: undefined symbol: fb_io_mmap referenced by wm8505fb.c drivers/video/fbdev/wm8505fb.o:(wm8505fb_ops) in archive vmlinux.a Fixes: 11754a504608 ("fbdev/wm8505fb: Initialize fb_ops to fbdev I/O-memory helpers") Signed-off-by: Arnd Bergmann Reviewed-by: Thomas Zimmermann Signed-off-by: Helge Deller commit 374d4106cb7565d00361b1d2d9e0b92e59f091d2 Merge: 3b05b9c36ddd01 1dec67e0d9fbb0 Author: Paolo Abeni Date: Mon Oct 21 10:50:18 2024 +0200 Merge branch 'fsl-fman-fix-refcount-handling-of-fman-related-devices' Aleksandr Mishin says: ==================== fsl/fman: Fix refcount handling of fman-related devices The series is intended to fix refcount handling for fman-related "struct device" objects - the devices are not released upon driver removal or in the error paths during probe. This leads to device reference leaks. The device pointers are now saved to struct mac_device and properly handled in the driver's probe and removal functions. Originally reported by Simon Horman (https://lore.kernel.org/all/20240702133651.GK598357@kernel.org/) Compile tested only. ==================== Link: https://patch.msgid.link/20241015060122.25709-1-amishin@t-argos.ru Signed-off-by: Paolo Abeni commit 1dec67e0d9fbb087c2ab17bf1bd17208231c3bb1 Author: Aleksandr Mishin Date: Tue Oct 15 09:01:22 2024 +0300 fsl/fman: Fix refcount handling of fman-related devices In mac_probe() there are multiple calls to of_find_device_by_node(), fman_bind() and fman_port_bind() which takes references to of_dev->dev. Not all references taken by these calls are released later on error path in mac_probe() and in mac_remove() which lead to reference leaks. Add references release. Fixes: 3933961682a3 ("fsl/fman: Add FMan MAC driver") Signed-off-by: Aleksandr Mishin Signed-off-by: Paolo Abeni commit efeddd552ec6767e4c8884caa516ac80b65f8823 Author: Aleksandr Mishin Date: Tue Oct 15 09:01:21 2024 +0300 fsl/fman: Save device references taken in mac_probe() In mac_probe() there are calls to of_find_device_by_node() which takes references to of_dev->dev. These references are not saved and not released later on error path in mac_probe() and in mac_remove(). Add new fields into mac_device structure to save references taken for future use in mac_probe() and mac_remove(). This is a preparation for further reference leaks fix. Signed-off-by: Aleksandr Mishin Signed-off-by: Paolo Abeni commit 184429a17f8ffc9e188dee9a4459165014025e71 Author: Miklos Szeredi Date: Mon Oct 21 10:02:51 2024 +0200 Revert "fuse: move initialization of fuse_file to fuse_writepages() instead of in callback" This reverts commit 672c3b7457fcee9656c36a29a4b21ec4a652433e. fuse_writepages() might be called with no dirty pages after all writable opens were closed. In this case __fuse_write_file_get() will return NULL which will trigger the WARNING. The exact conditions under which this is triggered is unclear and syzbot didn't find a reproducer yet. Reported-by: syzbot+217a976dc26ef2fa8711@syzkaller.appspotmail.com Link: https://lore.kernel.org/all/CAJnrk1aQwfvb51wQ5rUSf9N8j1hArTFeSkHqC_3T-mU6_BCD=A@mail.gmail.com/ Signed-off-by: Miklos Szeredi commit a552e2ef5fd1a6c78267cd4ec5a9b49aa11bbb1c Author: Peter Collingbourne Date: Fri Oct 18 15:16:43 2024 -0700 bpf, arm64: Fix address emission with tag-based KASAN enabled When BPF_TRAMP_F_CALL_ORIG is enabled, the address of a bpf_tramp_image struct on the stack is passed during the size calculation pass and an address on the heap is passed during code generation. This may cause a heap buffer overflow if the heap address is tagged because emit_a64_mov_i64() will emit longer code than it did during the size calculation pass. The same problem could occur without tag-based KASAN if one of the 16-bit words of the stack address happened to be all-ones during the size calculation pass. Fix the problem by assuming the worst case (4 instructions) when calculating the size of the bpf_tramp_image address emission. Fixes: 19d3c179a377 ("bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG") Signed-off-by: Peter Collingbourne Signed-off-by: Daniel Borkmann Acked-by: Xu Kuohai Link: https://linux-review.googlesource.com/id/I1496f2bc24fba7a1d492e16e2b94cf43714f2d3c Link: https://lore.kernel.org/bpf/20241018221644.3240898-1-pcc@google.com commit 86c96e7289c5758284b562ac7b5c94429f48d2d9 Author: Eric Biggers Date: Sun Oct 20 10:56:24 2024 -0700 ALSA: hda/tas2781: select CRC32 instead of CRC32_SARWATE Fix the kconfig option for the tas2781 HDA driver to select CRC32 rather than CRC32_SARWATE. CRC32_SARWATE is an option from the kconfig 'choice' that selects the specific CRC32 implementation. Selecting a 'choice' option seems to have no effect, but even if it did work, it would be incorrect for a random driver to override the user's choice. CRC32 is the correct option to select for crc32() to be available. Fixes: 5be27f1e3ec9 ("ALSA: hda/tas2781: Add tas2781 HDA driver") Cc: stable@vger.kernel.org Signed-off-by: Eric Biggers Link: https://patch.msgid.link/20241020175624.7095-1-ebiggers@kernel.org Signed-off-by: Takashi Iwai commit 35fdc6e1c16099078bcbd73a6c8f1733ae7f1909 Author: José Relvas Date: Sun Oct 20 11:27:56 2024 +0100 ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593 The Acer Predator G9-593 has a 2+1 speaker system which isn't probed correctly. This patch adds a quirk with the proper pin connections. Note that I do not own this laptop, so I cannot guarantee that this fixes the issue. Testing was done by other users here: https://discussion.fedoraproject.org/t/-/118482 This model appears to have two different dev IDs... - 0x1177 (as seen on the forum link above) - 0x1178 (as seen on https://linux-hardware.org/?probe=127df9999f) I don't think the audio system was changed between model revisions, so the patch applies for both IDs. Signed-off-by: José Relvas Link: https://patch.msgid.link/20241020102756.225258-1-josemonsantorelvas@gmail.com Cc: Signed-off-by: Takashi Iwai commit 72cafe63b35d06b5cfbaf807e90ae657907858da Author: Andrey Shumilin Date: Fri Oct 18 09:00:18 2024 +0300 ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() The step variable is initialized to zero. It is changed in the loop, but if it's not changed it will remain zero. Add a variable check before the division. The observed behavior was introduced by commit 826b5de90c0b ("ALSA: firewire-lib: fix insufficient PCM rule for period/buffer size"), and it is difficult to show that any of the interval parameters will satisfy the snd_interval_test() condition with data from the amdtp_rate_table[] table. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 826b5de90c0b ("ALSA: firewire-lib: fix insufficient PCM rule for period/buffer size") Signed-off-by: Andrey Shumilin Reviewed-by: Takashi Sakamoto Link: https://patch.msgid.link/20241018060018.1189537-1-shum.sdl@nppct.ru Signed-off-by: Takashi Iwai commit 338b655a1178900ac05aca7ac66dc28b05100430 Author: Arnd Bergmann Date: Tue Oct 15 15:21:48 2024 +0000 i915: fix DRM_I915_GVT_KVMGT dependencies Depending on x86 and KVM is not enough, as the kvm helper functions that get called here are controlled by CONFIG_KVM_X86, which is disabled if both KVM_INTEL and KVM_AMD are turned off. ERROR: modpost: "kvm_write_track_remove_gfn" [drivers/gpu/drm/i915/kvmgt.ko] undefined! ERROR: modpost: "kvm_page_track_register_notifier" [drivers/gpu/drm/i915/kvmgt.ko] undefined! ERROR: modpost: "kvm_page_track_unregister_notifier" [drivers/gpu/drm/i915/kvmgt.ko] undefined! ERROR: modpost: "kvm_write_track_add_gfn" [drivers/gpu/drm/i915/kvmgt.ko] undefined! Change the dependency to CONFIG_KVM_X86 instead. Fixes: ea4290d77bda ("KVM: x86: leave kvm.ko out of the build if no vendor module is requested") Signed-off-by: Arnd Bergmann Link: https://patchwork.freedesktop.org/patch/msgid/20241015152157.2955229-1-arnd@kernel.org Signed-off-by: Rodrigo Vivi (cherry picked from commit 341e4023032fba6c02326bfc6babd63ef4039712) Signed-off-by: Joonas Lahtinen commit 3cea8af2d1a9ae5869b47c3dabe3b20f331f3bbd Author: Gil Fine Date: Thu Oct 10 17:29:42 2024 +0300 thunderbolt: Honor TMU requirements in the domain when setting TMU mode Currently, when configuring TMU (Time Management Unit) mode of a given router, we take into account only its own TMU requirements ignoring other routers in the domain. This is problematic if the router we are configuring has lower TMU requirements than what is already configured in the domain. In the scenario below, we have a host router with two USB4 ports: A and B. Port A connected to device router #1 (which supports CL states) and existing DisplayPort tunnel, thus, the TMU mode is HiFi uni-directional. 1. Initial topology [Host] A/ / [Device #1] / Monitor 2. Plug in device #2 (that supports CL states) to downstream port B of the host router [Host] A/ B\ / \ [Device #1] [Device #2] / Monitor The TMU mode on port B and port A will be configured to LowRes which is not what we want and will cause monitor to start flickering. To address this we first scan the domain and search for any router configured to HiFi uni-directional mode, and if found, configure TMU mode of the given router to HiFi uni-directional as well. Cc: stable@vger.kernel.org Signed-off-by: Gil Fine Signed-off-by: Mika Westerberg commit 373b9338c9722a368925d83bc622c596896b328e Author: Qiao Ma Date: Tue Oct 15 14:01:48 2024 +0800 uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring buffer to avoid non-atomic context problem. Sometimes user-space strings, arrays can be very large, but the size of percpu buffer is only page size. And store_trace_args() won't check whether these data exceeds a single page or not, caused out-of-bounds memory access. It could be reproduced by following steps: 1. build kernel with CONFIG_KASAN enabled 2. save follow program as test.c ``` \#include \#include \#include // If string length large than MAX_STRING_SIZE, the fetch_store_strlen() // will return 0, cause __get_data_size() return shorter size, and // store_trace_args() will not trigger out-of-bounds access. // So make string length less than 4096. \#define STRLEN 4093 void generate_string(char *str, int n) { int i; for (i = 0; i < n; ++i) { char c = i % 26 + 'a'; str[i] = c; } str[n-1] = '\0'; } void print_string(char *str) { printf("%s\n", str); } int main() { char tmp[STRLEN]; generate_string(tmp, STRLEN); print_string(tmp); return 0; } ``` 3. compile program `gcc -o test test.c` 4. get the offset of `print_string()` ``` objdump -t test | grep -w print_string 0000000000401199 g F .text 000000000000001b print_string ``` 5. configure uprobe with offset 0x1199 ``` off=0x1199 cd /sys/kernel/debug/tracing/ echo "p /root/test:${off} arg1=+0(%di):ustring arg2=\$comm arg3=+0(%di):ustring" > uprobe_events echo 1 > events/uprobes/enable echo 1 > tracing_on ``` 6. run `test`, and kasan will report error. ================================================================== BUG: KASAN: use-after-free in strncpy_from_user+0x1d6/0x1f0 Write of size 8 at addr ffff88812311c004 by task test/499CPU: 0 UID: 0 PID: 499 Comm: test Not tainted 6.12.0-rc3+ #18 Hardware name: Red Hat KVM, BIOS 1.16.0-4.al8 04/01/2014 Call Trace: dump_stack_lvl+0x55/0x70 print_address_description.constprop.0+0x27/0x310 kasan_report+0x10f/0x120 ? strncpy_from_user+0x1d6/0x1f0 strncpy_from_user+0x1d6/0x1f0 ? rmqueue.constprop.0+0x70d/0x2ad0 process_fetch_insn+0xb26/0x1470 ? __pfx_process_fetch_insn+0x10/0x10 ? _raw_spin_lock+0x85/0xe0 ? __pfx__raw_spin_lock+0x10/0x10 ? __pte_offset_map+0x1f/0x2d0 ? unwind_next_frame+0xc5f/0x1f80 ? arch_stack_walk+0x68/0xf0 ? is_bpf_text_address+0x23/0x30 ? kernel_text_address.part.0+0xbb/0xd0 ? __kernel_text_address+0x66/0xb0 ? unwind_get_return_address+0x5e/0xa0 ? __pfx_stack_trace_consume_entry+0x10/0x10 ? arch_stack_walk+0xa2/0xf0 ? _raw_spin_lock_irqsave+0x8b/0xf0 ? __pfx__raw_spin_lock_irqsave+0x10/0x10 ? depot_alloc_stack+0x4c/0x1f0 ? _raw_spin_unlock_irqrestore+0xe/0x30 ? stack_depot_save_flags+0x35d/0x4f0 ? kasan_save_stack+0x34/0x50 ? kasan_save_stack+0x24/0x50 ? mutex_lock+0x91/0xe0 ? __pfx_mutex_lock+0x10/0x10 prepare_uprobe_buffer.part.0+0x2cd/0x500 uprobe_dispatcher+0x2c3/0x6a0 ? __pfx_uprobe_dispatcher+0x10/0x10 ? __kasan_slab_alloc+0x4d/0x90 handler_chain+0xdd/0x3e0 handle_swbp+0x26e/0x3d0 ? __pfx_handle_swbp+0x10/0x10 ? uprobe_pre_sstep_notifier+0x151/0x1b0 irqentry_exit_to_user_mode+0xe2/0x1b0 asm_exc_int3+0x39/0x40 RIP: 0033:0x401199 Code: 01 c2 0f b6 45 fb 88 02 83 45 fc 01 8b 45 fc 3b 45 e4 7c b7 8b 45 e4 48 98 48 8d 50 ff 48 8b 45 e8 48 01 d0 ce RSP: 002b:00007ffdf00576a8 EFLAGS: 00000206 RAX: 00007ffdf00576b0 RBX: 0000000000000000 RCX: 0000000000000ff2 RDX: 0000000000000ffc RSI: 0000000000000ffd RDI: 00007ffdf00576b0 RBP: 00007ffdf00586b0 R08: 00007feb2f9c0d20 R09: 00007feb2f9c0d20 R10: 0000000000000001 R11: 0000000000000202 R12: 0000000000401040 R13: 00007ffdf0058780 R14: 0000000000000000 R15: 0000000000000000 This commit enforces the buffer's maxlen less than a page-size to avoid store_trace_args() out-of-memory access. Link: https://lore.kernel.org/all/20241015060148.1108331-1-mqaio@linux.alibaba.com/ Fixes: dcad1a204f72 ("tracing/uprobes: Fetch args before reserving a ring buffer") Signed-off-by: Qiao Ma Signed-off-by: Masami Hiramatsu (Google) commit 42f7652d3eb527d03665b09edac47f85fb600924 Author: Linus Torvalds Date: Sun Oct 20 15:19:38 2024 -0700 Linux 6.12-rc4 commit a069f014797fdef8757f3adebc1c16416271a599 Author: Kent Overstreet Date: Sun Oct 20 18:00:13 2024 -0400 bcachefs: Set bch_inode_unpacked.bi_snapshot in old inode path This fixes a fsck bug on a very old filesystem (pre mainline merge). Fixes: 72350ee0ea22 ("bcachefs: Kill snapshot arg to fsck_write_inode()") Reported-by: Marcin Mirosław Signed-off-by: Kent Overstreet commit e04ee8608914d00812e4a10288cf8d8905ced849 Author: Kent Overstreet Date: Sun Oct 20 16:48:31 2024 -0400 bcachefs: Mark more errors as AUTOFIX Reported-by: Marcin Mirosław Signed-off-by: Kent Overstreet commit d7f513ae7b108f953cceec8bc96d2e5e83c3ccd0 Merge: dd4f50373e5086 2c1dda2acc4192 Author: Linus Torvalds Date: Sun Oct 20 14:08:17 2024 -0700 Merge tag 'for-net-2024-10-16' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth Pull bluetooth fixes from Luiz Augusto Von Dentz: - ISO: Fix multiple init when debugfs is disabled - Call iso_exit() on module unload - Remove debugfs directory on module init failure - btusb: Fix not being able to reconnect after suspend - btusb: Fix regression with fake CSR controllers 0a12:0001 - bnep: fix wild-memory-access in proto_unregister Note: normally the bluetooth fixes go through the networking tree, but this missed the weekly merge, and two of the commits fix regressions that have caused a fair amount of noise and have now hit stable too: https://lore.kernel.org/all/4e1977ca-6166-4891-965e-34a6f319035f@leemhuis.info/ So I'm pulling it directly just to expedite things and not miss yet another -rc release. This is not meant to become a new pattern. * tag 'for-net-2024-10-16' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth: Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 Bluetooth: bnep: fix wild-memory-access in proto_unregister Bluetooth: btusb: Fix not being able to reconnect after suspend Bluetooth: Remove debugfs directory on module init failure Bluetooth: Call iso_exit() on module unload Bluetooth: ISO: Fix multiple init when debugfs is disabled commit dd4f50373e508632f01b63eab5a3c0b5debe22e3 Merge: c55228220dd33e 93b8ddc54507a2 Author: Linus Torvalds Date: Sun Oct 20 13:55:46 2024 -0700 Merge tag 'pinctrl-v6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl Pull pin control fixes from Linus Walleij: "Mostly error path fixes, but one pretty serious interrupt problem in the Ocelot driver as well: - Fix two error paths and a missing semicolon in the Intel driver - Add a missing ACPI ID for the Intel Panther Lake - Check return value of devm_kasprintf() in the Apple and STM32 drivers - Add a missing mutex_destroy() in the aw9523 driver - Fix a double free in cv1800_pctrl_dt_node_to_map() in the Sophgo driver - Fix a double free in ma35_pinctrl_dt_node_to_map_func() in the Nuvoton driver - Fix a bug in the Ocelot interrupt handler making the system hang" * tag 'pinctrl-v6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl: pinctrl: ocelot: fix system hang on level based interrupts pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func() pinctrl: sophgo: fix double free in cv1800_pctrl_dt_node_to_map() pinctrl: intel: platform: Add Panther Lake to the list of supported pinctrl: aw9523: add missing mutex_destroy pinctrl: stm32: check devm_kasprintf() returned value pinctrl: apple: check devm_kasprintf() returned value pinctrl: intel: platform: use semicolon instead of comma in ncommunities assignment pinctrl: intel: platform: fix error path in device_for_each_child_node() commit f0d3302073e60b55318c941cd10b225a3cde9d32 Author: Kent Overstreet Date: Sat Oct 19 18:27:09 2024 -0400 bcachefs: Workaround for kvmalloc() not supporting > INT_MAX allocations kvmalloc() doesn't support allocations > INT_MAX, but vmalloc() does - the limit should be lifted, but we can work around this for now. A user with a 75 TB filesystem reported the following journal replay error: https://github.com/koverstreet/bcachefs/issues/769 In journal replay we have to sort and dedup all the keys from the journal, which means we need a large contiguous allocation. Given that the user has 128GB of ram, the 2GB limit on allocation size has become far too small. Signed-off-by: Kent Overstreet commit 3956ff8bc2f39a7e77d7a6da8d95c7ffc4928d64 Author: Kent Overstreet Date: Sat Oct 19 17:50:41 2024 -0400 bcachefs: Don't use wait_event_interruptible() in recovery Fix a bug where mount was failing with -ERESTARTSYS: https://github.com/koverstreet/bcachefs/issues/741 We only want the interruptible wait when called from fsync. Signed-off-by: Kent Overstreet commit eb5db64c4570948e6ee0b0f53d658e136e06cd04 Author: Kent Overstreet Date: Sat Oct 19 17:23:10 2024 -0400 bcachefs: Fix __bch2_fsck_err() warning We only warn about having a btree_trans that wasn't passed in if we'll be prompting. Signed-off-by: Kent Overstreet commit c55228220dd33e7627ad9736b6fce4df5e7eac98 Merge: c01ac4b9440aa8 9b673c7551e688 Author: Linus Torvalds Date: Sun Oct 20 13:10:44 2024 -0700 Merge tag 'char-misc-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc Pull misc driver fixes from Greg KH: "Here are a number of small char/misc/iio driver fixes for 6.12-rc4: - loads of small iio driver fixes for reported problems - parport driver out-of-bounds fix - Kconfig description and MAINTAINERS file updates All of these, except for the Kconfig and MAINTAINERS file updates have been in linux-next all week. Those other two are just documentation changes and will have no runtime issues and were merged on Friday" * tag 'char-misc-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (39 commits) misc: rtsx: list supported models in Kconfig help MAINTAINERS: Remove some entries due to various compliance requirements. misc: microchip: pci1xxxx: add support for NVMEM_DEVID_AUTO for OTP device misc: microchip: pci1xxxx: add support for NVMEM_DEVID_AUTO for EEPROM device parport: Proper fix for array out-of-bounds access iio: frequency: admv4420: fix missing select REMAP_SPI in Kconfig iio: frequency: {admv4420,adrf6780}: format Kconfig entries iio: adc: ad4695: Add missing Kconfig select iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() iioc: dac: ltc2664: Fix span variable usage in ltc2664_channel_config() iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig iio: resolver: ad2s1210: add missing select (TRIGGERED_)BUFFER in Kconfig iio: resolver: ad2s1210 add missing select REGMAP in Kconfig iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig iio: pressure: bm1390: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig ... commit c01ac4b9440aa85374536075b1d61af961c3e567 Merge: b68c18957029b7 be847a3a8d4ec4 Author: Linus Torvalds Date: Sun Oct 20 13:03:30 2024 -0700 Merge tag 'tty-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty Pull tty/serial driver fixes from Greg KH: "Here are some small tty and serial driver fixes for 6.12-rc4: - qcom-geni serial driver fixes, wow what a mess of a UART chip that thing is... - vt infoleak fix for odd font sizes - imx serial driver bugfix - yet-another n_gsm ldisc bugfix, slowly chipping down the issues in that piece of code All of these have been in linux-next for over a week with no reported issues" * tag 'tty-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: serial: qcom-geni: rename suspend functions serial: qcom-geni: drop unused receive parameter serial: qcom-geni: drop flip buffer WARN() serial: qcom-geni: fix rx cancel dma status bit serial: qcom-geni: fix receiver enable serial: qcom-geni: fix dma rx cancellation serial: qcom-geni: fix shutdown race serial: qcom-geni: revert broken hibernation support serial: qcom-geni: fix polled console initialisation serial: imx: Update mctrl old_status on RTSD interrupt tty: n_gsm: Fix use-after-free in gsm_cleanup_mux vt: prevent kernel-infoleak in con_font_get() commit b68c18957029b7be71a73f89a083856305536e1f Merge: db87114dcf138b 1154a599214c65 Author: Linus Torvalds Date: Sun Oct 20 12:57:53 2024 -0700 Merge tag 'usb-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb Pull USB driver fixes from Greg KH: "Here are some small USB driver fixes and new device ids for 6.12-rc4: - xhci driver fixes for a number of reported issues - new usb-serial driver ids - dwc3 driver fixes for reported problems. - usb gadget driver fixes for reported problems - typec driver fixes - MAINTAINER file updates All of these have been in linux-next this week with no reported issues" * tag 'usb-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: USB: serial: option: add Telit FN920C04 MBIM compositions USB: serial: option: add support for Quectel EG916Q-GL xhci: dbc: honor usb transfer size boundaries. usb: xhci: Fix handling errors mid TD followed by other errors xhci: Mitigate failed set dequeue pointer commands xhci: Fix incorrect stream context type macro USB: gadget: dummy-hcd: Fix "task hung" problem usb: gadget: f_uac2: fix return value for UAC2_ATTRIBUTE_STRING store usb: dwc3: core: Fix system suspend on TI AM62 platforms xhci: tegra: fix checked USB2 port number usb: dwc3: Wait for EndXfer completion before restoring GUSB2PHYCFG usb: typec: qcom-pmic-typec: fix sink status being overwritten with RP_DEF usb: typec: altmode should keep reference to parent MAINTAINERS: usb: raw-gadget: add bug tracker link MAINTAINERS: Add an entry for the LJCA drivers commit db87114dcf138b5b1290ba9aa9e29c21297a0b48 Merge: 949c9ef59be74a ffd95846c6ec6c Author: Linus Torvalds Date: Sun Oct 20 12:04:32 2024 -0700 Merge tag 'x86_urgent_for_v6.12_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fixes from Borislav Petkov: - Explicitly disable the TSC deadline timer when going idle to address some CPU errata in that area - Do not apply the Zenbleed fix on anything else except AMD Zen2 on the late microcode loading path - Clear CPU buffers later in the NMI exit path on 32-bit to avoid register clearing while they still contain sensitive data, for the RDFS mitigation - Do not clobber EFLAGS.ZF with VERW on the opportunistic SYSRET exit path on 32-bit - Fix parsing issues of memory bandwidth specification in sysfs for resctrl's memory bandwidth allocation feature - Other small cleanups and improvements * tag 'x86_urgent_for_v6.12_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/apic: Always explicitly disarm TSC-deadline timer x86/CPU/AMD: Only apply Zenbleed fix for Zen2 during late microcode load x86/bugs: Use code segment selector for VERW operand x86/entry_32: Clear CPU buffers after register restore in NMI return x86/entry_32: Do not clobber user EFLAGS.ZF x86/resctrl: Annotate get_mem_config() functions as __init x86/resctrl: Avoid overflow in MB settings in bw_validate() x86/amd_nb: Add new PCI ID for AMD family 1Ah model 20h commit 949c9ef59be74a0439e57629b72ac972c0f47136 Merge: 2b4d25010d0f2e d038109ac1c6bf Author: Linus Torvalds Date: Sun Oct 20 11:44:07 2024 -0700 Merge tag 'irq_urgent_for_v6.12_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull irq fixes from Borislav Petkov: - Fix a case for sifive-plic where an interrupt gets disabled *and* masked and remains masked when it gets reenabled later - Plug a small race in GIC-v4 where userspace can force an affinity change of a virtual CPU (vPE) in its unmapping path - Do not mix the two sets of ocelot irqchip's registers in the mask calculation of the main interrupt sticky register - Other smaller fixlets and cleanups * tag 'irq_urgent_for_v6.12_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: irqchip/renesas-rzg2l: Fix missing put_device irqchip/riscv-intc: Fix SMP=n boot with ACPI irqchip/sifive-plic: Unmask interrupt in plic_irq_enable() irqchip/gic-v4: Don't allow a VMOVP on a dying VPE irqchip/sifive-plic: Return error code on failure irqchip/riscv-imsic: Fix output text of base address irqchip/ocelot: Comment sticky register clearing code irqchip/ocelot: Fix trigger register address irqchip: Remove obsolete config ARM_GIC_V3_ITS_PCI commit 2b4d25010d0f2e359ff34e06c120e0cee3848fc7 Merge: a5ee44c8297803 5ec36fe24bd2d5 Author: Linus Torvalds Date: Sun Oct 20 11:30:56 2024 -0700 Merge tag 'sched_urgent_for_v6.12_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull scheduling fixes from Borislav Petkov: - Add PREEMPT_RT maintainers - Fix another aspect of delayed dequeued tasks wrt determining their state, i.e., whether they're runnable or blocked - Handle delayed dequeued tasks and their migration wrt PSI properly - Fix the situation where a delayed dequeue task gets enqueued into a new class, which should not happen - Fix a case where memory allocation would happen while the runqueue lock is held, which is a no-no - Do not over-schedule when tasks with shorter slices preempt the currently running task - Make sure delayed to deque entities are properly handled before unthrottling - Other smaller cleanups and improvements * tag 'sched_urgent_for_v6.12_rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: MAINTAINERS: Add an entry for PREEMPT_RT. sched/fair: Fix external p->on_rq users sched/psi: Fix mistaken CPU pressure indication after corrupted task state bug sched/core: Dequeue PSI signals for blocked tasks that are delayed sched: Fix delayed_dequeue vs switched_from_fair() sched/core: Disable page allocation in task_tick_mm_cid() sched/deadline: Use hrtick_enabled_dl() before start_hrtick_dl() sched/eevdf: Fix wakeup-preempt by checking cfs_rq->nr_running sched: Fix sched_delayed vs cfs_bandwidth commit a5ee44c8297803efd36cd0c773d72687afdd7500 Merge: 10e93e1900286c 0fd2a743301b6b Author: Linus Torvalds Date: Sun Oct 20 11:25:58 2024 -0700 Merge tag 'for-linus-6.12a-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip Pull xen fix from Juergen Gross: "A single fix for a build failure introduced this merge window" * tag 'for-linus-6.12a-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip: xen: Remove dependency between pciback and privcmd commit 10e93e1900286cdb2db2754d86910e229be635dc Merge: 715ca9dd687f89 78b2770c935fc1 Author: Linus Torvalds Date: Sun Oct 20 10:56:42 2024 -0700 Merge tag 'dma-mapping-6.12-2024-10-20' of git://git.infradead.org/users/hch/dma-mapping Pull dma-mapping fix from Christoph Hellwig: "Just another small tracing fix from Sean" * tag 'dma-mapping-6.12-2024-10-20' of git://git.infradead.org/users/hch/dma-mapping: dma-mapping: fix tracing dma_alloc/free with vmalloc'd memory commit e9001a382fa2c256229adc68d55212028b01d515 Merge: ddd5c5820116a0 78a00555550042 Author: Paolo Bonzini Date: Sun Oct 20 12:10:59 2024 -0400 Merge tag 'kvmarm-fixes-6.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD KVM/arm64 fixes for 6.12, take #3 - Stop wasting space in the HYP idmap, as we are dangerously close to the 4kB limit, and this has already exploded in -next - Fix another race in vgic_init() - Fix a UBSAN error when faking the cache topology with MTE enabled commit ddd5c5820116a04b5f95711518d3be922990b5ec Merge: 3ec4350d4efb5c df5fd75ee305cb Author: Paolo Bonzini Date: Sun Oct 20 12:10:56 2024 -0400 Merge tag 'kvmarm-fixes-6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD KVM/arm64 fixes for 6.12, take #2 - Fix the guest view of the ID registers, making the relevant fields writable from userspace (affecting ID_AA64DFR0_EL1 and ID_AA64PFR1_EL1) - Correcly expose S1PIE to guests, fixing a regression introduced in 6.12-rc1 with the S1POE support - Fix the recycling of stage-2 shadow MMUs by tracking the context (are we allowed to block or not) as well as the recycling state - Address a couple of issues with the vgic when userspace misconfigures the emulation, resulting in various splats. Headaches courtesy of our Syzkaller friends commit 3ec4350d4efb5ccb6bd0e11d9cf7f2be4f47297d Author: Cyan Yang Date: Fri Sep 20 00:01:26 2024 +0800 RISCV: KVM: use raw_spinlock for critical section in imsic For the external interrupt updating procedure in imsic, there was a spinlock to protect it already. But since it should not be preempted in any cases, we should turn to use raw_spinlock to prevent any preemption in case PREEMPT_RT was enabled. Signed-off-by: Cyan Yang Reviewed-by: Yong-Xuan Wang Reviewed-by: Anup Patel Message-ID: <20240919160126.44487-1-cyan.yang@sifive.com> Signed-off-by: Paolo Bonzini commit 773cca183440e74690dbb4f3f54bc7748f255821 Author: Sean Christopherson Date: Thu Oct 3 16:43:27 2024 -0700 KVM: selftests: Fix out-of-bounds reads in CPUID test's array lookups When looking for a "mangled", i.e. dynamic, CPUID entry, terminate the walk based on the number of array _entries_, not the size in bytes of the array. Iterating based on the total size of the array can result in false passes, e.g. if the random data beyond the array happens to match a CPUID entry's function and index. Fixes: fb18d053b7f8 ("selftest: kvm: x86: test KVM_GET_CPUID2 and guest visible CPUIDs against KVM_GET_SUPPORTED_CPUID") Signed-off-by: Sean Christopherson Reviewed-by: Vitaly Kuznetsov Message-ID: <20241003234337.273364-2-seanjc@google.com> Signed-off-by: Paolo Bonzini commit 9a400068a1586bc4f10ee8b0443527de27d8834c Author: Vitaly Kuznetsov Date: Fri Sep 20 17:44:22 2024 +0200 KVM: selftests: x86: Avoid using SSE/AVX instructions Some distros switched gcc to '-march=x86-64-v3' by default and while it's hard to find a CPU which doesn't support it today, many KVM selftests fail with ==== Test Assertion Failure ==== lib/x86_64/processor.c:570: Unhandled exception in guest pid=72747 tid=72747 errno=4 - Interrupted system call Unhandled exception '0x6' at guest RIP '0x4104f7' The failure is easy to reproduce elsewhere with $ make clean && CFLAGS='-march=x86-64-v3' make -j && ./x86_64/kvm_pv_test The root cause of the problem seems to be that with '-march=x86-64-v3' GCC uses AVX* instructions (VMOVQ in the example above) and without prior XSETBV() in the guest this results in #UD. It is certainly possible to add it there, e.g. the following saves the day as well: Signed-off-by: Vitaly Kuznetsov Message-ID: <20240920154422.2890096-1-vkuznets@redhat.com> Signed-off-by: Paolo Bonzini commit 3b05b9c36ddd01338e1352588f2ec1ea23f97d43 Author: Hangbin Liu Date: Fri Oct 18 00:53:01 2024 +0000 MAINTAINERS: add samples/pktgen to NETWORKING [GENERAL] samples/pktgen is missing in the MAINTAINERS file. Suggested-by: Antoine Tenart Reviewed-by: Simon Horman Signed-off-by: Hangbin Liu Message-ID: <20241018005301.10052-1-liuhangbin@gmail.com> Signed-off-by: Andrew Lunn commit 3e14d8ebaa11e92325985c67cd147431a1116cd4 Author: Jesper Dangaard Brouer Date: Wed Oct 16 16:56:13 2024 +0200 mailmap: update entry for Jesper Dangaard Brouer Mapping all my previously used emails to my kernel.org email. Signed-off-by: Jesper Dangaard Brouer Message-ID: <172909057364.2452383.8019986488234344607.stgit@firesoul> Signed-off-by: Andrew Lunn commit 12bc14949c4a7272b509af0f1022a0deeb215fd8 Author: Peter Rashleigh Date: Tue Oct 15 21:08:22 2024 -0700 net: dsa: mv88e6xxx: Fix error when setting port policy on mv88e6393x mv88e6393x_port_set_policy doesn't correctly shift the ptr value when converting the policy format between the old and new styles, so the target register ends up with the ptr being written over the data bits. Shift the pointer to align with the format expected by mv88e6393x_port_policy_write(). Fixes: 6584b26020fc ("net: dsa: mv88e6xxx: implement .port_set_policy for Amethyst") Signed-off-by: Peter Rashleigh Reviewed-by: Simon Horman Message-ID: <20241016040822.3917-1-peter@rashleigh.ca> Signed-off-by: Andrew Lunn commit f559b2e9c5c5308850544ab59396b7d53cfc67bd Author: Sean Christopherson Date: Wed Oct 9 07:08:38 2024 -0700 KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory Ignore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits 4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't enforce 32-byte alignment of nCR3. In the absolute worst case scenario, failure to ignore bits 4:0 can result in an out-of-bounds read, e.g. if the target page is at the end of a memslot, and the VMM isn't using guard pages. Per the APM: The CR3 register points to the base address of the page-directory-pointer table. The page-directory-pointer table is aligned on a 32-byte boundary, with the low 5 address bits 4:0 assumed to be 0. And the SDM's much more explicit: 4:0 Ignored Note, KVM gets this right when loading PDPTRs, it's only the nSVM flow that is broken. Fixes: e4e517b4be01 ("KVM: MMU: Do not unconditionally read PDPTE from guest memory") Reported-by: Kirk Swidowski Cc: Andy Nguyen Cc: 3pvd <3pvd@google.com> Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson Message-ID: <20241009140838.1036226-1-seanjc@google.com> Signed-off-by: Paolo Bonzini commit 731285fbb6f5bea357d79059db865f351626e689 Author: Maxim Levitsky Date: Wed Oct 9 10:50:00 2024 -0700 KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() Reset the segment cache after segment initialization in vmx_vcpu_reset() to harden KVM against caching stale/uninitialized data. Without the recent fix to bypass the cache in kvm_arch_vcpu_put(), the following scenario is possible: - vCPU is just created, and the vCPU thread is preempted before SS.AR_BYTES is written in vmx_vcpu_reset(). - When scheduling out the vCPU task, kvm_arch_vcpu_in_kernel() => vmx_get_cpl() reads and caches '0' for SS.AR_BYTES. - vmx_vcpu_reset() => seg_setup() configures SS.AR_BYTES, but doesn't invoke vmx_segment_cache_clear() to invalidate the cache. As a result, KVM retains a stale value in the cache, which can be read, e.g. via KVM_GET_SREGS. Usually this is not a problem because the VMX segment cache is reset on each VM-Exit, but if the userspace VMM (e.g KVM selftests) reads and writes system registers just after the vCPU was created, _without_ modifying SS.AR_BYTES, userspace will write back the stale '0' value and ultimately will trigger a VM-Entry failure due to incorrect SS segment type. Invalidating the cache after writing the VMCS doesn't address the general issue of cache accesses from IRQ context being unsafe, but it does prevent KVM from clobbering the VMCS, i.e. mitigates the harm done _if_ KVM has a bug that results in an unsafe cache access. Signed-off-by: Maxim Levitsky Fixes: 2fb92db1ec08 ("KVM: VMX: Cache vmcs segment fields") [sean: rework changelog to account for previous patch] Signed-off-by: Sean Christopherson Message-ID: <20241009175002.1118178-3-seanjc@google.com> Signed-off-by: Paolo Bonzini commit 5a279842441b68727d53b6333d0c3af90dd5a2f8 Author: Sean Christopherson Date: Wed Oct 9 12:23:45 2024 -0700 KVM: x86: Clean up documentation for KVM_X86_QUIRK_SLOT_ZAP_ALL Massage the documentation for KVM_X86_QUIRK_SLOT_ZAP_ALL to call out that it applies to moved memslots as well as deleted memslots, to avoid KVM's "fast zap" terminology (which has no meaning for userspace), and to reword the documented targeted zap behavior to specifically say that KVM _may_ zap a subset of all SPTEs. As evidenced by the fix to zap non-leafs SPTEs with gPTEs, formally documenting KVM's exact internal behavior is risky and unnecessary. Signed-off-by: Sean Christopherson Message-ID: <20241009192345.1148353-4-seanjc@google.com> Signed-off-by: Paolo Bonzini commit 28cf4978810791bf30288e59f1b9dc31eeeb68e6 Author: Sean Christopherson Date: Wed Oct 9 12:23:44 2024 -0700 KVM: x86/mmu: Add lockdep assert to enforce safe usage of kvm_unmap_gfn_range() Add a lockdep assertion in kvm_unmap_gfn_range() to ensure that either mmu_invalidate_in_progress is elevated, or that the range is being zapped due to memslot removal (loosely detected by slots_lock being held). Zapping SPTEs without mmu_invalidate_{in_progress,seq} protection is unsafe as KVM's page fault path snapshots state before acquiring mmu_lock, and thus can create SPTEs with stale information if vCPUs aren't forced to retry faults (due to seeing an in-progress or past MMU invalidation). Memslot removal is a special case, as the memslot is retrieved outside of mmu_invalidate_seq, i.e. doesn't use the "standard" protections, and instead relies on SRCU synchronization to ensure any in-flight page faults are fully resolved before zapping SPTEs. Signed-off-by: Sean Christopherson Message-ID: <20241009192345.1148353-3-seanjc@google.com> Signed-off-by: Paolo Bonzini commit 58a20a9435aaf696d4ae778a5c727be55ff8544d Author: Sean Christopherson Date: Wed Oct 9 12:23:43 2024 -0700 KVM: x86/mmu: Zap only SPs that shadow gPTEs when deleting memslot When performing a targeted zap on memslot removal, zap only MMU pages that shadow guest PTEs, as zapping all SPs that "match" the gfn is inexact and unnecessary. Furthermore, for_each_gfn_valid_sp() arguably shouldn't exist, because it doesn't do what most people would it expect it to do. The "round gfn for level" adjustment that is done for direct SPs (no gPTE) means that the exact gfn comparison will not get a match, even when a SP does "cover" a gfn, or was even created specifically for a gfn. For memslot deletion specifically, KVM's behavior will vary significantly based on the size and alignment of a memslot, and in weird ways. E.g. for a 4KiB memslot, KVM will zap more SPs if the slot is 1GiB aligned than if it's only 4KiB aligned. And as described below, zapping SPs in the aligned case overzaps for direct MMUs, as odds are good the upper-level SPs are serving other memslots. To iterate over all potentially-relevant gfns, KVM would need to make a pass over the hash table for each level, with the gfn used for lookup rounded for said level. And then check that the SP is of the correct level, too, e.g. to avoid over-zapping. But even then, KVM would massively overzap, as processing every level is all but guaranteed to zap SPs that serve other memslots, especially if the memslot being removed is relatively small. KVM could mitigate that issue by processing only levels that can be possible guest huge pages, i.e. are less likely to be re-used for other memslot, but while somewhat logical, that's quite arbitrary and would be a bit of a mess to implement. So, zap only SPs with gPTEs, as the resulting behavior is easy to describe, is predictable, and is explicitly minimal, i.e. KVM only zaps SPs that absolutely must be zapped. Cc: Yan Zhao Signed-off-by: Sean Christopherson Reviewed-by: Yan Zhao Tested-by: Yan Zhao Message-ID: <20241009192345.1148353-2-seanjc@google.com> Signed-off-by: Paolo Bonzini commit 8e690b817e38769dc2fa0e7473e5a5dc1fc25795 Author: Kirill A. Shutemov Date: Tue Oct 15 12:58:17 2024 +0300 x86/kvm: Override default caching mode for SEV-SNP and TDX AMD SEV-SNP and Intel TDX have limited access to MTRR: either it is not advertised in CPUID or it cannot be programmed (on TDX, due to #VE on CR0.CD clear). This results in guests using uncached mappings where it shouldn't and pmd/pud_set_huge() failures due to non-uniform memory type reported by mtrr_type_lookup(). Override MTRR state, making it WB by default as the kernel does for Hyper-V guests. Signed-off-by: Kirill A. Shutemov Suggested-by: Binbin Wu Cc: Juergen Gross Cc: Tom Lendacky Reviewed-by: Juergen Gross Message-ID: <20241015095818.357915-1-kirill.shutemov@linux.intel.com> Signed-off-by: Paolo Bonzini commit bc07eea2f3b330127242df2e0ec2d6cd16b4f2e8 Author: Dr. David Alan Gilbert Date: Tue Oct 1 15:13:54 2024 +0100 KVM: Remove unused kvm_vcpu_gfn_to_pfn_atomic The last use of kvm_vcpu_gfn_to_pfn_atomic was removed by commit 1bbc60d0c7e5 ("KVM: x86/mmu: Remove MMU auditing") Remove it. Signed-off-by: Dr. David Alan Gilbert Message-ID: <20241001141354.18009-3-linux@treblig.org> [Adjust Documentation/virt/kvm/locking.rst. - Paolo] Signed-off-by: Paolo Bonzini commit 88a387cf9e5f7f7665e6dde8c6610f0ea65c5a6b Author: Dr. David Alan Gilbert Date: Tue Oct 1 15:13:53 2024 +0100 KVM: Remove unused kvm_vcpu_gfn_to_pfn The last use of kvm_vcpu_gfn_to_pfn was removed by commit b1624f99aa8f ("KVM: Remove kvm_vcpu_gfn_to_page() and kvm_vcpu_gpa_to_page()") Remove it. Signed-off-by: Dr. David Alan Gilbert Message-ID: <20241001141354.18009-2-linux@treblig.org> Signed-off-by: Paolo Bonzini commit 715ca9dd687f89ddaac8ec8ccb3b5e5a30311a99 Merge: 531643fcd98c8d ae6a888a435713 Author: Linus Torvalds Date: Sat Oct 19 17:04:52 2024 -0700 Merge tag 'io_uring-6.12-20241019' of git://git.kernel.dk/linux Pull one more io_uring fix from Jens Axboe: "Fix for a regression introduced in 6.12-rc2, where a condition check was negated and hence -EAGAIN would bubble back up up to userspace rather than trigger a retry condition" * tag 'io_uring-6.12-20241019' of git://git.kernel.dk/linux: io_uring/rw: fix wrong NOWAIT check in io_rw_init_file() commit eb592008f79be52ccef88cd9a5249b3fc0367278 Author: Aleksandr Mishin Date: Thu Oct 17 13:06:51 2024 +0300 octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx() build_skb() returns NULL in case of a memory allocation failure so handle it inside __octep_oq_process_rx() to avoid NULL pointer dereference. __octep_oq_process_rx() is called during NAPI polling by the driver. If skb allocation fails, keep on pulling packets out of the Rx DMA queue: we shouldn't break the polling immediately and thus falsely indicate to the octep_napi_poll() that the Rx pressure is going down. As there is no associated skb in this case, don't process the packets and don't push them up the network stack - they are skipped. Helper function is implemented to unmmap/flush all the fragment buffers used by the dropped packet. 'alloc_failures' counter is incremented to mark the skb allocation error in driver statistics. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 37d79d059606 ("octeon_ep: add Tx/Rx processing and interrupt support") Suggested-by: Paolo Abeni Signed-off-by: Aleksandr Mishin Reviewed-by: Jacob Keller Signed-off-by: Andrew Lunn commit bd28df26197b2bd0913bf1b36770836481975143 Author: Aleksandr Mishin Date: Thu Oct 17 13:06:50 2024 +0300 octeon_ep: Implement helper for iterating packets in Rx queue The common code with some packet and index manipulations is extracted and moved to newly implemented helper to make the code more readable and avoid duplication. This is a preparation for skb allocation failure handling. Found by Linux Verification Center (linuxtesting.org) with SVACE. Suggested-by: Simon Horman Suggested-by: Paolo Abeni Signed-off-by: Aleksandr Mishin Reviewed-by: Jacob Keller Signed-off-by: Andrew Lunn commit 4ab3e4983bcc9d9b9dd9720253cb93f44e9e657c Author: Vadim Fedorenko Date: Wed Oct 16 12:52:34 2024 -0700 bnxt_en: replace ptp_lock with irqsave variant In netpoll configuration the completion processing can happen in hard irq context which will break with spin_lock_bh() for fullfilling RX timestamp in case of all packets timestamping. Replace it with spin_lock_irqsave() variant. Fixes: 7f5515d19cd7 ("bnxt_en: Get the RX packet timestamp") Reviewed-by: Michael Chan Signed-off-by: Vadim Fedorenko Message-ID: <20241016195234.2622004-1-vadfed@meta.com> Signed-off-by: Andrew Lunn commit de96f6a3003513c796bbe4e23210a446913f5c00 Author: Michel Alex Date: Wed Oct 16 12:11:15 2024 +0000 net: phy: dp83822: Fix reset pin definitions This change fixes a rare issue where the PHY fails to detect a link due to incorrect reset behavior. The SW_RESET definition was incorrectly assigned to bit 14, which is the Digital Restart bit according to the datasheet. This commit corrects SW_RESET to bit 15 and assigns DIG_RESTART to bit 14 as per the datasheet specifications. The SW_RESET define is only used in the phy_reset function, which fully re-initializes the PHY after the reset is performed. The change in the bit definitions should not have any negative impact on the functionality of the PHY. v2: - added Fixes tag - improved commit message Cc: stable@vger.kernel.org Fixes: 5dc39fd5ef35 ("net: phy: DP83822: Add ability to advertise Fiber connection") Signed-off-by: Alex Michel Reviewed-by: Andrew Lunn Message-ID: Signed-off-by: Andrew Lunn commit 9f86df0e7537c31b901b7448cf1c30f4fc1afc41 Author: Jakub Kicinski Date: Tue Oct 15 08:30:05 2024 -0700 MAINTAINERS: add Simon as an official reviewer Simon has been diligently and consistently reviewing networking changes for at least as long as our development statistics go back. Often if not usually topping the list of reviewers. Make his role official. Acked-by: Eric Dumazet Acked-by: Paolo Abeni Signed-off-by: Jakub Kicinski Reviewed-by: Simon Horman Message-ID: <20241015153005.2854018-1-kuba@kernel.org> Signed-off-by: Andrew Lunn commit f99cf996ba5a315f8b9f13cc21dff0604a0eb749 Author: Jakub Boehm Date: Tue Oct 15 17:16:04 2024 +0200 net: plip: fix break; causing plip to never transmit Since commit 71ae2cb30531 ("net: plip: Fix fall-through warnings for Clang") plip was not able to send any packets, this patch replaces one unintended break; with fallthrough; which was originally missed by commit 9525d69a3667 ("net: plip: mark expected switch fall-throughs"). I have verified with a real hardware PLIP connection that everything works once again after applying this patch. Fixes: 71ae2cb30531 ("net: plip: Fix fall-through warnings for Clang") Signed-off-by: Jakub Boehm Reviewed-by: Simon Horman Message-ID: <20241015-net-plip-tx-fix-v1-1-32d8be1c7e0b@gmail.com> Signed-off-by: Andrew Lunn commit e4dd8bfe0f6a23acd305f9b892c00899089bd621 Author: Wang Hai Date: Tue Oct 15 22:48:02 2024 +0800 be2net: fix potential memory leak in be_xmit() The be_xmit() returns NETDEV_TX_OK without freeing skb in case of be_xmit_enqueue() fails, add dev_kfree_skb_any() to fix it. Fixes: 760c295e0e8d ("be2net: Support for OS2BMC.") Signed-off-by: Wang Hai Reviewed-by: Simon Horman Reviewed-by: Kalesh AP Message-ID: <20241015144802.12150-1-wanghai38@huawei.com> Signed-off-by: Andrew Lunn commit 2cb3f56e827abb22c4168ad0c1bbbf401bb2f3b8 Author: Wang Hai Date: Tue Oct 15 22:41:48 2024 +0800 net/sun3_82586: fix potential memory leak in sun3_82586_send_packet() The sun3_82586_send_packet() returns NETDEV_TX_OK without freeing skb in case of skb->len being too long, add dev_kfree_skb() to fix it. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Wang Hai Reviewed-by: Simon Horman Message-ID: <20241015144148.7918-1-wanghai38@huawei.com> Signed-off-by: Andrew Lunn commit f2767a41959e60763949c73ee180e40c686e807e Author: Kory Maincent Date: Tue Oct 15 15:02:54 2024 +0200 net: pse-pd: Fix out of bound for loop Adjust the loop limit to prevent out-of-bounds access when iterating over PI structures. The loop should not reach the index pcdev->nr_lines since we allocate exactly pcdev->nr_lines number of PI structures. This fix ensures proper bounds are maintained during iterations. Fixes: 9be9567a7c59 ("net: pse-pd: Add support for PSE PIs") Signed-off-by: Kory Maincent Reviewed-by: Simon Horman Acked-by: Oleksij Rempel Message-ID: <20241015130255.125508-1-kory.maincent@bootlin.com> Signed-off-by: Andrew Lunn commit 531643fcd98c8d045d72a05cb0aaf49e5a4bdf5c Merge: 06526daaff9058 fca6caeb4a61d2 Author: Linus Torvalds Date: Sat Oct 19 12:52:19 2024 -0700 Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi Pull SCSI fixes from James Bottomley: "Fixes all in drivers. The largest is the mpi3mr which corrects a phy count limit that should only apply to the controller but was being incorrectly applied to expander phys" * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: scsi: target: core: Fix null-ptr-deref in target_alloc_device() scsi: mpi3mr: Validate SAS port assignments scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down scsi: ufs: core: Requeue aborted request scsi: ufs: core: Fix the issue of ICU failure commit 06526daaff9058947293244d28a32280d9218d8e Merge: 8203ca380913af fae4078c289a2f Author: Linus Torvalds Date: Sat Oct 19 12:42:14 2024 -0700 Merge tag 'ftrace-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull ftrace fixes from Steven Rostedt: "A couple of fixes to function graph infrastructure: - Fix allocation of idle shadow stack allocation during hotplug If function graph tracing is started when a CPU is offline, if it were come online during the trace then the idle task that represents the CPU will not get a shadow stack allocated for it. This means all function graph hooks that happen while that idle task is running (including in interrupt mode) will have all its events dropped. Switch over to the CPU hotplug mechanism that will have any newly brought on line CPU get a callback that can allocate the shadow stack for its idle task. - Fix allocation size of the ret_stack_list array When function graph tracing converted over to allowing more than one user at a time, it had to convert its shadow stack from an array of ret_stack structures to an array of unsigned longs. The shadow stacks are allocated in batches of 32 at a time and assigned to every running task. The batch is held by the ret_stack_list array. But when the conversion happened, instead of allocating an array of 32 pointers, it was allocated as a ret_stack itself (PAGE_SIZE). This ret_stack_list gets passed to a function that iterates over what it believes is its size defined by the FTRACE_RETSTACK_ALLOC_SIZE macro (which is 32). Luckily (PAGE_SIZE) is greater than 32 * sizeof(long), otherwise this would have been an array overflow. This still should be fixed and the ret_stack_list should be allocated to the size it is expected to be as someday it may end up being bigger than SHADOW_STACK_SIZE" * tag 'ftrace-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: fgraph: Allocate ret_stack_list with proper size fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks commit 8203ca380913af8d807f82089ec623e117955c85 Merge: f9e4825524aaf2 917a15c37d371b Author: Linus Torvalds Date: Sat Oct 19 11:48:14 2024 -0700 Merge tag 'ipe-pr-20241018' of git://git.kernel.org/pub/scm/linux/kernel/git/wufan/ipe Pull ipe fixes from Fan Wu: "This addresses several issues identified by Luca when attempting to enable IPE on Debian and systemd: - address issues with IPE policy update errors and policy update version check, improving the clarity of error messages for better understanding by userspace programs. - enable IPE policies to be signed by secondary and platform keyrings, facilitating broader use across general Linux distributions like Debian. - updates the IPE entry in the MAINTAINERS file to reflect the new tree URL and my updated email from kernel.org" * tag 'ipe-pr-20241018' of git://git.kernel.org/pub/scm/linux/kernel/git/wufan/ipe: MAINTAINERS: update IPE tree url and Fan Wu's email ipe: fallback to platform keyring also if key in trusted keyring is rejected ipe: allow secondary and platform keyrings to install/update policies ipe: also reject policy updates with the same version ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version commit f9e4825524aaf28af6b2097776616f27c31d6847 Merge: 9197b73fd7bb26 2de01e0e57f3eb Author: Linus Torvalds Date: Sat Oct 19 10:18:03 2024 -0700 Merge tag 'input-for-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input Pull input fixes from Dmitry Torokhov: - a fix for Zinitix driver to not fail probing if the property enabling touch keys functionality is not defined. Support for touch keys was added in 6.12 merge window so this issue does not affect users of released kernels - a couple new vendor/device IDs in xpad driver to enable support for more hardware * tag 'input-for-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: Input: zinitix - don't fail if linux,keycodes prop is absent Input: xpad - add support for MSI Claw A1M Input: xpad - add support for 8BitDo Ultimate 2C Wireless Controller commit 9197b73fd7bb263084a95d1c578b7ee0ad54dfb3 Merge: 4e6bd4a33a6cf4 79efebae4afc22 Author: Linus Torvalds Date: Sat Oct 19 08:44:10 2024 -0700 Merge tag '9p-for-6.12-rc4' of https://github.com/martinetd/linux Pull 9p fixes from Dominique Martinet: "Mashed-up update that I sat on too long: - fix for multiple slabs created with the same name - enable multipage folios - theorical fix to also look for opened fids by inode if none was found by dentry" [ Enabling multi-page folios should have been done during the merge window, but it's a one-liner, and the actual meat of the enablement is in netfs and already in use for other filesystems... - Linus ] * tag '9p-for-6.12-rc4' of https://github.com/martinetd/linux: 9p: Avoid creating multiple slab caches with the same name 9p: Enable multipage folios 9p: v9fs_fid_find: also lookup by inode if not found dentry commit 4e6bd4a33a6cf4d2dce9725630ada847a3947c7c Merge: 3d5ad2d4eca337 8b8ca9c25fe69c Author: Linus Torvalds Date: Sat Oct 19 08:32:47 2024 -0700 Merge tag 'rust-fixes-6.12-2' of https://github.com/Rust-for-Linux/linux Pull rust fixes from Miguel Ojeda: "Toolchain and infrastructure: - Fix several issues with the 'rustc-option' macro. It includes a refactor from Masahiro of three '{cc,rust}-*' macros, which is not a fix but avoids repeating the same commands (which would be several lines in the case of 'rustc-option'). - Fix conditions for 'CONFIG_HAVE_CFI_ICALL_NORMALIZE_INTEGERS'. It includes the addition of 'CONFIG_RUSTC_LLVM_VERSION', which is not a fix but is needed for the actual fix. And a trivial grammar fix" * tag 'rust-fixes-6.12-2' of https://github.com/Rust-for-Linux/linux: cfi: fix conditions for HAVE_CFI_ICALL_NORMALIZE_INTEGERS kbuild: rust: add `CONFIG_RUSTC_LLVM_VERSION` kbuild: fix issues with rustc-option kbuild: refactor cc-option-yn, cc-disable-warning, rust-option-yn macros lib/Kconfig.debug: fix grammar in RUST_BUILD_ASSERT_ALLOW commit ae6a888a4357131c01d85f4c91fb32552dd0bf70 Author: Jens Axboe Date: Sat Oct 19 09:16:51 2024 -0600 io_uring/rw: fix wrong NOWAIT check in io_rw_init_file() A previous commit improved how !FMODE_NOWAIT is dealt with, but inadvertently negated a check whilst doing so. This caused -EAGAIN to be returned from reading files with O_NONBLOCK set. Fix up the check for REQ_F_SUPPORT_NOWAIT. Reported-by: Julian Orth Link: https://github.com/axboe/liburing/issues/1270 Fixes: f7c913438533 ("io_uring/rw: allow pollable non-blocking attempts for !FMODE_NOWAIT") Signed-off-by: Jens Axboe commit 369f05688911b05216cfcd6ca74473bec87948d7 Author: Jinjie Ruan Date: Wed Oct 16 09:24:53 2024 +0800 iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() If per_time_scales[i] or per_time_gains[i] kcalloc fails in the for loop of iio_gts_build_avail_scale_table(), the err_free_out will fail to call kfree() each time when i is reduced to 0, so all the per_time_scales[0] and per_time_gains[0] will not be freed, which will cause memory leaks. Fix it by checking if i >= 0. Cc: stable@vger.kernel.org Fixes: 38416c28e168 ("iio: light: Add gain-time-scale helpers") Reviewed-by: Matti Vaittinen Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20241016012453.2013302-1-ruanjinjie@huawei.com Signed-off-by: Jonathan Cameron commit 691e79ffc42154a9c91dc3b7e96a307037b4be74 Author: Jinjie Ruan Date: Fri Oct 11 17:55:12 2024 +0800 iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() modprobe iio-test-gts and rmmod it, then the following memory leak occurs: unreferenced object 0xffffff80c810be00 (size 64): comm "kunit_try_catch", pid 1654, jiffies 4294913981 hex dump (first 32 bytes): 02 00 00 00 08 00 00 00 20 00 00 00 40 00 00 00 ........ ...@... 80 00 00 00 00 02 00 00 00 04 00 00 00 08 00 00 ................ backtrace (crc a63d875e): [<0000000028c1b3c2>] kmemleak_alloc+0x34/0x40 [<000000001d6ecc87>] __kmalloc_noprof+0x2bc/0x3c0 [<00000000393795c1>] devm_iio_init_iio_gts+0x4b4/0x16f4 [<0000000071bb4b09>] 0xffffffdf052a62e0 [<000000000315bc18>] 0xffffffdf052a6488 [<00000000f9dc55b5>] kunit_try_run_case+0x13c/0x3ac [<00000000175a3fd4>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000f505065d>] kthread+0x2e8/0x374 [<00000000bbfb0e5d>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80cbfe9e70 (size 16): comm "kunit_try_catch", pid 1658, jiffies 4294914015 hex dump (first 16 bytes): 10 00 00 00 40 00 00 00 80 00 00 00 00 00 00 00 ....@........... backtrace (crc 857f0cb4): [<0000000028c1b3c2>] kmemleak_alloc+0x34/0x40 [<000000001d6ecc87>] __kmalloc_noprof+0x2bc/0x3c0 [<00000000393795c1>] devm_iio_init_iio_gts+0x4b4/0x16f4 [<0000000071bb4b09>] 0xffffffdf052a62e0 [<000000007d089d45>] 0xffffffdf052a6864 [<00000000f9dc55b5>] kunit_try_run_case+0x13c/0x3ac [<00000000175a3fd4>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000f505065d>] kthread+0x2e8/0x374 [<00000000bbfb0e5d>] ret_from_fork+0x10/0x20 ...... It includes 5*5 times "size 64" memory leaks, which correspond to 5 times test_init_iio_gain_scale() calls with gts_test_gains size 10 (10*size(int)) and gts_test_itimes size 5. It also includes 5*1 times "size 16" memory leak, which correspond to one time __test_init_iio_gain_scale() call with gts_test_gains_gain_low size 3 (3*size(int)) and gts_test_itimes size 5. The reason is that the per_time_gains[i] is not freed which is allocated in the "gts->num_itime" for loop in iio_gts_build_avail_scale_table(). Cc: stable@vger.kernel.org Fixes: 38416c28e168 ("iio: light: Add gain-time-scale helpers") Signed-off-by: Jinjie Ruan Reviewed-by: Matti Vaittinen Link: https://patch.msgid.link/20241011095512.3667549-1-ruanjinjie@huawei.com Signed-off-by: Jonathan Cameron commit 807babf69027b4f1c55e72b06879658e83830880 Author: Umang Jain Date: Wed Oct 16 18:32:25 2024 +0530 staging: vchiq_arm: Use devm_kzalloc() for drv_mgmt allocation The struct drv_mgmt 'mgmt' is currently allocated dynamically using kzalloc(). Unfortunately, it is subjected to memory leaks in the error handling paths of the probe() function. To address this issue, use device resource management helper devm_kzalloc(), to ensure cleanup after the allocation. Cc: stable@vger.kernel.org Fixes: 1c9e16b73166 ("staging: vc04_services: vchiq_arm: Split driver static and runtime data") Signed-off-by: Umang Jain Reviewed-by: Dan Carpenter Link: https://lore.kernel.org/r/20241016130225.61024-3-umang.jain@ideasonboard.com Signed-off-by: Greg Kroah-Hartman commit 404b739e895522838f1abdc340c554654d671dde Author: Umang Jain Date: Wed Oct 16 18:32:24 2024 +0530 staging: vchiq_arm: Use devm_kzalloc() for vchiq_arm_state allocation The struct vchiq_arm_state 'platform_state' is currently allocated dynamically using kzalloc(). Unfortunately, it is never freed and is subjected to memory leaks in the error handling paths of the probe() function. To address the issue, use device resource management helper devm_kzalloc(), to ensure cleanup after its allocation. Fixes: 71bad7f08641 ("staging: add bcm2708 vchiq driver") Cc: stable@vger.kernel.org Signed-off-by: Umang Jain Reviewed-by: Dan Carpenter Link: https://lore.kernel.org/r/20241016130225.61024-2-umang.jain@ideasonboard.com Signed-off-by: Greg Kroah-Hartman commit fae4078c289a2f24229c0de652249948b1cd6bdb Author: Steven Rostedt Date: Fri Oct 18 21:52:12 2024 -0400 fgraph: Allocate ret_stack_list with proper size The ret_stack_list is an array of ret_stack shadow stacks for the function graph usage. When the first function graph is enabled, all tasks in the system get a shadow stack. The ret_stack_list is a 32 element array of pointers to these shadow stacks. It allocates the shadow stack in batches (32 stacks at a time), assigns them to running tasks, and continues until all tasks are covered. When the function graph shadow stack changed from an array of ftrace_ret_stack structures to an array of longs, the allocation of ret_stack_list went from allocating an array of 32 elements to just a block defined by SHADOW_STACK_SIZE. Luckily, that's defined as PAGE_SIZE and is much more than enough to hold 32 pointers. But it is way overkill for the amount needed to allocate. Change the allocation of ret_stack_list back to a kcalloc() of FTRACE_RETSTACK_ALLOC_SIZE pointers. Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Link: https://lore.kernel.org/20241018215212.23f13f40@rorschach Fixes: 42675b723b484 ("function_graph: Convert ret_stack to a series of longs") Signed-off-by: Steven Rostedt (Google) commit 2c02f7375e658ae93d57a31a66f91b62754ef8f1 Author: Steven Rostedt Date: Fri Oct 18 21:43:00 2024 -0400 fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks The function graph infrastructure allocates a shadow stack for every task when enabled. This includes the idle tasks. The first time the function graph is invoked, the shadow stacks are created and never freed until the task exits. This includes the idle tasks. Only the idle tasks that were for online CPUs had their shadow stacks created when function graph tracing started. If function graph tracing is enabled and a CPU comes online, the idle task representing that CPU will not have its shadow stack created, and all function graph tracing for that idle task will be silently dropped. Instead, use the CPU hotplug mechanism to allocate the idle shadow stacks. This will include idle tasks for CPUs that come online during tracing. This issue can be reproduced by: # cd /sys/kernel/tracing # echo 0 > /sys/devices/system/cpu/cpu1/online # echo 0 > set_ftrace_pid # echo function_graph > current_tracer # echo 1 > options/funcgraph-proc # echo 1 > /sys/devices/system/cpu/cpu1 # grep '' per_cpu/cpu1/trace | head Before, nothing would show up. After: 1) -0 | 0.811 us | __enqueue_entity(); 1) -0 | 5.626 us | } /* enqueue_entity */ 1) -0 | | dl_server_update_idle_time() { 1) -0 | | dl_scaled_delta_exec() { 1) -0 | 0.450 us | arch_scale_cpu_capacity(); 1) -0 | 1.242 us | } 1) -0 | 1.908 us | } 1) -0 | | dl_server_start() { 1) -0 | | enqueue_dl_entity() { 1) -0 | | task_contending() { Note, if tracing stops and restarts, the old way would then initialize the onlined CPUs. Cc: stable@vger.kernel.org Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Cc: Mark Rutland Cc: Thomas Gleixner Link: https://lore.kernel.org/20241018214300.6df82178@rorschach Fixes: 868baf07b1a25 ("ftrace: Fix memory leak with function graph and cpu hotplug") Signed-off-by: Steven Rostedt (Google) commit 3d5ad2d4eca337e80f38df77de89614aa5aaceb9 Merge: dbafeddb9524bd 5ac9b4e935dfc6 Author: Linus Torvalds Date: Fri Oct 18 16:27:14 2024 -0700 Merge tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Pull bpf fixes from Daniel Borkmann: - Fix BPF verifier to not affect subreg_def marks in its range propagation (Eduard Zingerman) - Fix a truncation bug in the BPF verifier's handling of coerce_reg_to_size_sx (Dimitar Kanaliev) - Fix the BPF verifier's delta propagation between linked registers under 32-bit addition (Daniel Borkmann) - Fix a NULL pointer dereference in BPF devmap due to missing rxq information (Florian Kauer) - Fix a memory leak in bpf_core_apply (Jiri Olsa) - Fix an UBSAN-reported array-index-out-of-bounds in BTF parsing for arrays of nested structs (Hou Tao) - Fix build ID fetching where memory areas backing the file were created with memfd_secret (Andrii Nakryiko) - Fix BPF task iterator tid filtering which was incorrectly using pid instead of tid (Jordan Rome) - Several fixes for BPF sockmap and BPF sockhash redirection in combination with vsocks (Michal Luczaj) - Fix riscv BPF JIT and make BPF_CMPXCHG fully ordered (Andrea Parri) - Fix riscv BPF JIT under CONFIG_CFI_CLANG to prevent the possibility of an infinite BPF tailcall (Pu Lehui) - Fix a build warning from resolve_btfids that bpf_lsm_key_free cannot be resolved (Thomas Weißschuh) - Fix a bug in kfunc BTF caching for modules where the wrong BTF object was returned (Toke Høiland-Jørgensen) - Fix a BPF selftest compilation error in cgroup-related tests with musl libc (Tony Ambardar) - Several fixes to BPF link info dumps to fill missing fields (Tyrone Wu) - Add BPF selftests for kfuncs from multiple modules, checking that the correct kfuncs are called (Simon Sundberg) - Ensure that internal and user-facing bpf_redirect flags don't overlap (Toke Høiland-Jørgensen) - Switch to use kvzmalloc to allocate BPF verifier environment (Rik van Riel) - Use raw_spinlock_t in BPF ringbuf to fix a sleep in atomic splat under RT (Wander Lairson Costa) * tag 'bpf-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf: (38 commits) lib/buildid: Handle memfd_secret() files in build_id_parse() selftests/bpf: Add test case for delta propagation bpf: Fix print_reg_state's constant scalar dump bpf: Fix incorrect delta propagation between linked registers bpf: Properly test iter/task tid filtering bpf: Fix iter/task tid filtering riscv, bpf: Make BPF_CMPXCHG fully ordered bpf, vsock: Drop static vsock_bpf_prot initialization vsock: Update msg_count on read_skb() vsock: Update rx_bytes on read_skb() bpf, sockmap: SK_DROP on attempted redirects of unsupported af_vsock selftests/bpf: Add asserts for netfilter link info bpf: Fix link info netfilter flags to populate defrag flag selftests/bpf: Add test for sign extension in coerce_subreg_to_size_sx() selftests/bpf: Add test for truncation after sign extension in coerce_reg_to_size_sx() bpf: Fix truncation bug in coerce_reg_to_size_sx() selftests/bpf: Assert link info uprobe_multi count & path_size if unset bpf: Fix unpopulated path_size when uprobe_multi fields unset selftests/bpf: Fix cross-compiling urandom_read selftests/bpf: Add test for kfunc module order ... commit dbafeddb9524bd459592f92432b90dd7c0b79568 Merge: f8eacd8ad7a658 fe05c40ca9c18c Author: Linus Torvalds Date: Fri Oct 18 16:11:17 2024 -0700 Merge tag 'linux_kselftest-fixes-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull kselftest fix from Shuah Khan: - fix test makefile to install tests directory without which the test fails with errors * tag 'linux_kselftest-fixes-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: selftest: hid: add the missing tests directory commit 2de01e0e57f3ebe7f90b08f6bca5ce0f3da3829f Author: Nikita Travkin Date: Fri Oct 4 21:17:30 2024 +0500 Input: zinitix - don't fail if linux,keycodes prop is absent When initially adding the touchkey support, a mistake was made in the property parsing code. The possible negative errno from device_property_count_u32() was never checked, which was an oversight left from converting to it from the of_property as part of the review fixes. Re-add the correct handling of the absent property, in which case zero touchkeys should be assumed, which would disable the feature. Reported-by: Jakob Hauser Tested-by: Jakob Hauser Fixes: 075d9b22c8fe ("Input: zinitix - add touchkey support") Reviewed-by: Linus Walleij Signed-off-by: Nikita Travkin Tested-by: Yassine Oudjana Link: https://lore.kernel.org/r/20241004-zinitix-no-keycodes-v2-1-876dc9fea4b6@trvn.ru Signed-off-by: Dmitry Torokhov commit f8eacd8ad7a658b805c635f8ffad7913981f863c Merge: a041f47898e30e b0bf1afde7c346 Author: Linus Torvalds Date: Fri Oct 18 15:53:00 2024 -0700 Merge tag 'block-6.12-20241018' of git://git.kernel.dk/linux Pull block fixes from Jens Axboe: - NVMe pull request via Keith: - Fix target passthrough identifier (Nilay) - Fix tcp locking (Hannes) - Replace list with sbitmap for tracking RDMA rsp tags (Guixen) - Remove unnecessary fallthrough statements (Tokunori) - Remove ready-without-media support (Greg) - Fix multipath partition scan deadlock (Keith) - Fix concurrent PCI reset and remove queue mapping (Maurizio) - Fabrics shutdown fixes (Nilay) - Fix for a kerneldoc warning (Keith) - Fix a race with blk-rq-qos and wakeups (Omar) - Cleanup of checking for always-set tag_set (SurajSonawane2415) - Fix for a crash with CPU hotplug notifiers (Ming) - Don't allow zero-copy ublk on unprivileged device (Ming) - Use array_index_nospec() for CDROM (Josh) - Remove dead code in drbd (David) - Tweaks to elevator loading (Breno) * tag 'block-6.12-20241018' of git://git.kernel.dk/linux: cdrom: Avoid barrier_nospec() in cdrom_ioctl_media_changed() nvme: use helper nvme_ctrl_state in nvme_keep_alive_finish function nvme: make keep-alive synchronous operation nvme-loop: flush off pending I/O while shutting down loop controller nvme-pci: fix race condition between reset and nvme_dev_disable() ublk: don't allow user copy for unprivileged device blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race nvme-multipath: defer partition scanning blk-mq: setup queue ->tag_set before initializing hctx elevator: Remove argument from elevator_find_get elevator: do not request_module if elevator exists drbd: Remove unused conn_lowest_minor nvme: disable CC.CRIME (NVME_CC_CRIME) nvme: delete unnecessary fallthru comment nvmet-rdma: use sbitmap to replace rsp free list block: Fix elevator_get_default() checking for NULL q->tag_set nvme: tcp: avoid race between queue_lock lock and destroy nvmet-passthru: clear EUID/NGUID/UUID while using loop target block: fix blk_rq_map_integrity_sg kernel-doc commit a041f47898e30e01fea5da4a47bd6bcd72d8955a Merge: b04ae0f4516897 8f7033aa4089fb Author: Linus Torvalds Date: Fri Oct 18 15:38:37 2024 -0700 Merge tag 'io_uring-6.12-20241018' of git://git.kernel.dk/linux Pull io_uring fixes from Jens Axboe: - Fix a regression this merge window where cloning of registered buffers didn't take into account the dummy_ubuf - Fix a race with reading how many SQRING entries are available, causing userspace to need to loop around io_uring_sqring_wait() rather than being able to rely on SQEs being available when it returned - Ensure that the SQPOLL thread is TASK_RUNNING before running task_work off the cancelation exit path * tag 'io_uring-6.12-20241018' of git://git.kernel.dk/linux: io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work io_uring/rsrc: ignore dummy_ubuf for buffer cloning io_uring/sqpoll: close race on waiting for sqring entries commit 22a18935d7d96bbb1a28076f843c1926d0ba189e Author: John Edwards Date: Thu Oct 10 23:09:23 2024 +0000 Input: xpad - add support for MSI Claw A1M Add MSI Claw A1M controller to xpad_device match table when in xinput mode. Add MSI VID as XPAD_XBOX360_VENDOR. Signed-off-by: John Edwards Reviewed-by: Derek J. Clark Reviewed-by: Christopher Snowhill Link: https://lore.kernel.org/r/20241010232020.3292284-4-uejji@uejji.net Cc: stable@vger.kernel.org Signed-off-by: Dmitry Torokhov commit d641c164f8de5b5e19e66a27d9b5feedc8f2e84c Merge: da95e891dd5d5d ab5593793e9088 Author: Mark Brown Date: Fri Oct 18 21:47:03 2024 +0100 ASoC/SoundWire: clean up link DMA during stop for IPC4 Merge series from Bard Liao : Clean up the link DMA for playback during stop for IPC4 is required to reset the DMA read/write pointers when the stream is prepared and restarted after a call to snd_pcm_drain()/snd_pcm_drop(). The change is mainly on ASoC. We may go via ASoC tree with Vinod's Acked-by tag Ranjani Sridharan (4): ASoC: SOF: ipc4-topology: Do not set ALH node_id for aggregated DAIs ASoC: SOF: Intel: hda: Handle prepare without close for non-HDA DAI's soundwire: intel_ace2x: Send PDI stream number during prepare ASoC: SOF: Intel: hda: Always clean up link DMA during stop drivers/soundwire/intel_ace2x.c | 19 +++++----------- sound/soc/sof/intel/hda-dai-ops.c | 23 +++++++++---------- sound/soc/sof/intel/hda-dai.c | 37 +++++++++++++++++++++++++++---- sound/soc/sof/ipc4-topology.c | 15 +++++++++++-- 4 files changed, 62 insertions(+), 32 deletions(-) -- 2.43.0 commit 8dd91e8d31febf4d9cca3ae1bb4771d33ae7ee5a Author: Olga Kornievskaia Date: Fri Oct 18 15:24:58 2024 -0400 nfsd: fix race between laundromat and free_stateid There is a race between laundromat handling of revoked delegations and a client sending free_stateid operation. Laundromat thread finds that delegation has expired and needs to be revoked so it marks the delegation stid revoked and it puts it on a reaper list but then it unlock the state lock and the actual delegation revocation happens without the lock. Once the stid is marked revoked a racing free_stateid processing thread does the following (1) it calls list_del_init() which removes it from the reaper list and (2) frees the delegation stid structure. The laundromat thread ends up not calling the revoke_delegation() function for this particular delegation but that means it will no release the lock lease that exists on the file. Now, a new open for this file comes in and ends up finding that lease list isn't empty and calls nfsd_breaker_owns_lease() which ends up trying to derefence a freed delegation stateid. Leading to the followint use-after-free KASAN warning: kernel: ================================================================== kernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd] kernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205 kernel: kernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9 kernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024 kernel: Call trace: kernel: dump_backtrace+0x98/0x120 kernel: show_stack+0x1c/0x30 kernel: dump_stack_lvl+0x80/0xe8 kernel: print_address_description.constprop.0+0x84/0x390 kernel: print_report+0xa4/0x268 kernel: kasan_report+0xb4/0xf8 kernel: __asan_report_load8_noabort+0x1c/0x28 kernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd] kernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd] kernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd] kernel: nfs4_get_vfs_file+0x634/0x958 [nfsd] kernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd] kernel: nfsd4_open+0xa08/0xe80 [nfsd] kernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd] kernel: nfsd_dispatch+0x22c/0x718 [nfsd] kernel: svc_process_common+0x8e8/0x1960 [sunrpc] kernel: svc_process+0x3d4/0x7e0 [sunrpc] kernel: svc_handle_xprt+0x828/0xe10 [sunrpc] kernel: svc_recv+0x2cc/0x6a8 [sunrpc] kernel: nfsd+0x270/0x400 [nfsd] kernel: kthread+0x288/0x310 kernel: ret_from_fork+0x10/0x20 This patch proposes a fixed that's based on adding 2 new additional stid's sc_status values that help coordinate between the laundromat and other operations (nfsd4_free_stateid() and nfsd4_delegreturn()). First to make sure, that once the stid is marked revoked, it is not removed by the nfsd4_free_stateid(), the laundromat take a reference on the stateid. Then, coordinating whether the stid has been put on the cl_revoked list or we are processing FREE_STATEID and need to make sure to remove it from the list, each check that state and act accordingly. If laundromat has added to the cl_revoke list before the arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove it from the list. If nfsd4_free_stateid() finds that operations arrived before laundromat has placed it on cl_revoke list, it marks the state freed and then laundromat will no longer add it to the list. Also, for nfsd4_delegreturn() when looking for the specified stid, we need to access stid that are marked removed or freeable, it means the laundromat has started processing it but hasn't finished and this delegreturn needs to return nfserr_deleg_revoked and not nfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the lack of it will leave this stid on the cl_revoked list indefinitely. Fixes: 2d4a532d385f ("nfsd: ensure that clp->cl_revoked list is protected by clp->cl_lock") CC: stable@vger.kernel.org Signed-off-by: Olga Kornievskaia Signed-off-by: Chuck Lever commit 917a15c37d371bc40b5ad13df366e29bd49c04a1 Author: Fan Wu Date: Wed Oct 16 16:43:05 2024 -0700 MAINTAINERS: update IPE tree url and Fan Wu's email Update Integrity Policy Enforcement (IPE) LSM tree url and maintainer's email to the newly issued kernel.org tree/email. Signed-off-by: Fan Wu commit f40998a8e6bbf0314b8416350183a537f9b59ca9 Author: Luca Boccassi Date: Fri Sep 27 10:23:44 2024 +0200 ipe: fallback to platform keyring also if key in trusted keyring is rejected If enabled, we fallback to the platform keyring if the trusted keyring doesn't have the key used to sign the ipe policy. But if pkcs7_verify() rejects the key for other reasons, such as usage restrictions, we do not fallback. Do so, following the same change in dm-verity. Signed-off-by: Luca Boccassi Suggested-by: Serge Hallyn [FW: fixed some line length issues and a typo in the commit message] Signed-off-by: Fan Wu commit b04ae0f45168973edb658ac2385045ac13c5aca7 Merge: 568570fdf2b941 6aca91c416f626 Author: Linus Torvalds Date: Fri Oct 18 11:37:12 2024 -0700 Merge tag 'v6.12-rc3-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6 Pull smb client fixes from Steve French: - Fix possible double free setting xattrs - Fix slab out of bounds with large ioctl payload - Remove three unused functions, and an unused variable that could be confusing * tag 'v6.12-rc3-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6: cifs: Remove unused functions smb/client: Fix logically dead code smb: client: fix OOBs when building SMB2_IOCTL request smb: client: fix possible double free in smb2_set_ea() commit 568570fdf2b941115f0b1cf8d539255a1c707d9e Merge: 5e9ab267bec1cf f6f91d290c8b9d Author: Linus Torvalds Date: Fri Oct 18 11:28:39 2024 -0700 Merge tag 'xfs-6.12-fixes-4' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux Pull xfs fixes from Carlos Maiolino: - Fix integer overflow in xrep_bmap - Fix stale dealloc punching for COW IO * tag 'xfs-6.12-fixes-4' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: xfs: punch delalloc extents from the COW fork for COW writes xfs: set IOMAP_F_SHARED for all COW fork allocations xfs: share more code in xfs_buffered_write_iomap_begin xfs: support the COW fork in xfs_bmap_punch_delalloc_range xfs: IOMAP_ZERO and IOMAP_UNSHARE already hold invalidate_lock xfs: take XFS_MMAPLOCK_EXCL xfs_file_write_zero_eof xfs: factor out a xfs_file_write_zero_eof helper iomap: move locking out of iomap_write_delalloc_release iomap: remove iomap_file_buffered_write_punch_delalloc iomap: factor out a iomap_last_written_block helper xfs: fix integer overflow in xrep_bmap commit 5e9ab267bec1cf6d1127a7fabd7d7108865bb0fb Merge: 3b3a0ef6ae5494 cf8679bb77e996 Author: Linus Torvalds Date: Fri Oct 18 11:16:01 2024 -0700 Merge tag 'pm-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull power management fixes from Rafael Wysocki: "These fix two issues in the amd-pstate cpufreq driver and update the intel_rapl power capping driver with a new processor ID. Specifics: - Enable ACPI CPPC in amd_pstate_register_driver() after disabling it in amd_pstate_unregister_driver() when switching driver operation modes (Dhananjay Ugwekar) - Make amd-pstate use nominal performance as the maximum performance level when boost is disabled (Mario Limonciello) - Add ArrowLake-H to the list of processors where PL4 is supported in the MSR part of the intel_rapl power capping driver (Srinivas Pandruvada)" * tag 'pm-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: powercap: intel_rapl_msr: Add PL4 support for ArrowLake-H cpufreq/amd-pstate: Use nominal perf for limits when boost is disabled cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems commit 3b3a0ef6ae54948d71e93f94e3deee81f9a8b971 Merge: 5d97dde4d5f751 eabb03810194b7 Author: Linus Torvalds Date: Fri Oct 18 11:13:53 2024 -0700 Merge tag 'hwmon-for-v6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging Pull hwmon fix from Guenter Roeck: "Fix auto-detect regression in jc42 driver" * tag 'hwmon-for-v6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging: [PATCH} hwmon: (jc42) Properly detect TSE2004-compliant devices again commit 5d97dde4d5f751858390b557729a1a12210024c1 Merge: b1b46751671be5 83f000784844cb Author: Linus Torvalds Date: Fri Oct 18 11:03:21 2024 -0700 Merge tag 'drm-fixes-2024-10-18' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes from Dave Airlie: "Weekly fixes, msm and xe are the two main ones, with a bunch of scattered fixes including a largish revert in mgag200, then amdgpu, vmwgfx and scattering of other minor ones. All seems pretty regular. msm: - Display: - move CRTC resource assignment to atomic_check otherwise to make consecutive calls to atomic_check() consistent - fix rounding / sign-extension issues with pclk calculation in case of DSC - cleanups to drop incorrect null checks in dpu snapshots - fix to use kvzalloc in dpu snapshot to avoid allocation issues in heavily loaded system cases - Fix to not program merge_3d block if dual LM is not being used - Fix to not flush merge_3d block if its not enabled otherwise this leads to false timeouts - GPU: - a7xx: add a fence wait before SMMU table update xe: - New workaround to Xe2 (Aradhya) - Fix unbalanced rpm put (Matthew Auld) - Remove fragile lock optimization (Matthew Brost) - Fix job release, delegating it to the drm scheduler (Matthew Brost) - Fix timestamp bit width for Xe2 (Lucas) - Fix external BO's dma-resv usag (Matthew Brost) - Fix returning success for timeout in wait_token (Nirmoy) - Initialize fence to avoid it being detected as signaled (Matthew Auld) - Improve cache flush for BMG (Matthew Auld) - Don't allow hflip for tile4 framebuffer on Xe2 (Juha-Pekka) amdgpu: - SR-IOV fix - CS chunk handling fix - MES fixes - SMU13 fixes amdkfd: - VRAM usage reporting fix radeon: - Fix possible_clones handling i915: - Two DP bandwidth related MST fixes ast: - Clear EDID on unplugged connectors host1x: - Fix boot on Tegra186 - Set DMA parameters mgag200: - Revert VBLANK support panel: - himax-hx83192: Adjust power and gamma qaic: - Sgtable loop fixes vmwgfx: - Limit display layout allocatino size - Handle allocation errors in connector checks - Clean up KMS code for 2d-only setup - Report surface-check errors correctly - Remove NULL test around kvfree()" * tag 'drm-fixes-2024-10-18' of https://gitlab.freedesktop.org/drm/kernel: (45 commits) drm/ast: vga: Clear EDID if no display is connected drm/ast: sil164: Clear EDID if no display is connected Revert "drm/mgag200: Add vblank support" drm/amdgpu/swsmu: default to fullscreen 3D profile for dGPUs drm/i915/display: Don't allow tile4 framebuffer to do hflip on display20 or greater drm/xe/bmg: improve cache flushing behaviour drm/xe/xe_sync: initialise ufence.signalled drm/xe/ufence: ufence can be signaled right after wait_woken drm/xe: Use bookkeep slots for external BO's in exec IOCTL drm/xe/query: Increase timestamp width drm/xe: Don't free job in TDR drm/xe: Take job list lock in xe_sched_add_pending_job drm/xe: fix unbalanced rpm put() with declare_wedged() drm/xe: fix unbalanced rpm put() with fence_fini() drm/xe/xe2lpg: Extend Wa_15016589081 for xe2lpg drm/i915/dp_mst: Don't require DSC hblank quirk for a non-DSC compatible mode drm/i915/dp_mst: Handle error during DSC BW overhead/slice calculation drm/msm/a6xx+: Insert a fence wait before SMMU table update drm/msm/dpu: don't always program merge_3d block drm/msm/dpu: Don't always set merge_3d pending flush ... commit da95e891dd5d5de6c5ebc010bd028a2e028de093 Author: Chancel Liu Date: Thu Oct 17 16:15:07 2024 +0900 ASoC: fsl_micfil: Add a flag to distinguish with different volume control types On i.MX8MM the register of volume control has positive and negative values. It is different from other platforms like i.MX8MP and i.MX93 which only have positive values. Add a volume_sx flag to use SX_TLV volume control for this kind of platform. Use common TLV volume control for other platforms. Fixes: cdfa92eb90f5 ("ASoC: fsl_micfil: Correct the number of steps on SX controls") Signed-off-by: Chancel Liu Reviewed-by: Daniel Baluta Link: https://patch.msgid.link/20241017071507.2577786-1-chancel.liu@nxp.com Signed-off-by: Mark Brown commit 9fc9ef05727ccb45fd881770f2aa5c3774b2e8e2 Author: Alexey Klimov Date: Wed Oct 16 23:10:49 2024 +0100 ASoC: codecs: lpass-rx-macro: fix RXn(rx,n) macro for DSM_CTL and SEC7 regs Turns out some registers of pre-2.5 version of rxmacro codecs are not located at the expected offsets but 0xc further away in memory. So far the detected registers are CDC_RX_RX2_RX_PATH_SEC7 and CDC_RX_RX2_RX_PATH_DSM_CTL. CDC_RX_RXn_RX_PATH_DSM_CTL(rx, n) macro incorrectly generates the address 0x540 for RX2 but it should be 0x54C and it also overwrites CDC_RX_RX2_RX_PATH_SEC7 which is located at 0x540. The same goes for CDC_RX_RXn_RX_PATH_SEC7(rx, n). Fix this by introducing additional rxn_reg_stride2 offset. For 2.5 version and above this offset will be equal to 0. With such change the corresponding RXn() macros will generate the same values for 2.5 codec version for all RX paths and the same old values for pre-2.5 version for RX0 and RX1. However for the latter case with RX2 path it will also add rxn_reg_stride2 on top. While at this, also remove specific if-check for INTERP_AUX from rx_macro_digital_mute() and rx_macro_enable_interp_clk(). These if-check was used to handle such special offset for AUX interpolator but since CDC_RX_RXn_RX_PATH_SEC7(rx, n) and CDC_RX_RXn_RX_PATH_DSM_CTL(rx, n) macros will generate the correst addresses of dsm register, they are no longer needed. Cc: Srinivas Kandagatla Cc: Krzysztof Kozlowski Signed-off-by: Alexey Klimov Reviewed-by: Dmitry Baryshkov Link: https://patch.msgid.link/20241016221049.1145101-1-alexey.klimov@linaro.org Signed-off-by: Mark Brown commit 49c234b50a437eb827832b61cd662e9aa382f31a Merge: b0bf1afde7c346 825711e00117fc Author: Jens Axboe Date: Fri Oct 18 10:58:24 2024 -0600 Merge tag 'md-6.12-20241018' of https://git.kernel.org/pub/scm/linux/kernel/git/song/md into block-6.12 Pull MD fixes from Song. * tag 'md-6.12-20241018' of https://git.kernel.org/pub/scm/linux/kernel/git/song/md: md/raid10: fix null ptr dereference in raid10_size() md: ensure child flush IO does not affect origin bio->bi_status commit b1b46751671be5a426982f037a47ae05f37ff80b Author: Linus Torvalds Date: Fri Oct 18 09:50:05 2024 -0700 mm: fix follow_pfnmap API lockdep assert The lockdep asserts for the new follow_pfnmap() API "knows" that a pfnmap always has a vma->vm_file, since that's the only way to create such a mapping. And that's actually true for all the normal cases. But not for the mmap failure case, where the incomplete mapping is torn down and we have cleared vma->vm_file because the failure occured before the file was linked to the vma. So this codepath does actually need to check for vm_file being NULL. Reported-by: Jann Horn Fixes: 6da8e9634bb7 ("mm: new follow_pfnmap API") Cc: Peter Xu Cc: Andrew Morton Signed-off-by: Linus Torvalds commit cf8679bb77e99682a5a5806cc86554235fa56233 Merge: 3ebe9c12559c65 702dedf75891f1 Author: Rafael J. Wysocki Date: Fri Oct 18 18:22:43 2024 +0200 Merge branch 'pm-cpufreq' Merge amd-pstate driver fixes for 6.12-rc4: - Enable ACPI CPPC in amd_pstate_register_driver() after disabling it in amd_pstate_unregister_driver() during driver operation mode switch (Dhananjay Ugwekar). - Make amd-pstate use nominal performance as the maximum performance level when boost is disabled (Mario Limonciello). * pm-cpufreq: cpufreq/amd-pstate: Use nominal perf for limits when boost is disabled cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems commit 75aa74d52f43e75d0beb20572f98529071b700e5 Merge: ef444a0aba6d12 6e02a277f1db24 Author: Linus Torvalds Date: Fri Oct 18 07:13:24 2024 -0700 Merge tag 'iommu-fixes-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/iommu/linux Pull iommu fixes from Joerg Roedel: "ARM-SMMU fixes from Will Deacon: - Clarify warning message when failing to disable the MMU-500 prefetcher - Fix undefined behaviour in calculation of L1 stream-table index when 32-bit StreamIDs are implemented - Replace a rogue comma with a semicolon Intel VT-d fix from Lu Baolu: - Fix incorrect pci_for_each_dma_alias() for non-PCI devices" * tag 'iommu-fixes-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/iommu/linux: iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices iommu/arm-smmu-v3: Convert comma to semicolon iommu/arm-smmu-v3: Fix last_sid_idx calculation for sid_bits==32 iommu/arm-smmu: Clarify MMU-500 CPRE workaround commit ef444a0aba6d128e5ecd1c8df0f989c356f76b5d Merge: c91c14618fcf4a cf8989d20d64ad Author: Linus Torvalds Date: Fri Oct 18 07:07:13 2024 -0700 Merge tag 'powerpc-6.12-5' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux Pull powerpc fix from Madhavan Srinivasan: - To prevent possible memory leak, free "name" on error in opal_event_init() Thanks to Michael Ellerman and 2639161967. * tag 'powerpc-6.12-5' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux: powerpc/powernv: Free name on error in opal_event_init() commit c91c14618fcf4ae3cf3475e5461ea8b41bf76f6d Merge: ade8ff3b6aca47 b4fa00fd428bf7 Author: Linus Torvalds Date: Fri Oct 18 07:01:59 2024 -0700 Merge tag 's390-6.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux Pull s390 fixes from Heiko Carstens: - Fix PCI error recovery by handling error events correctly - Fix CCA crypto card behavior within protected execution environment - Two KVM commits which fix virtual vs physical address handling bugs in KVM pfault handling - Fix return code handling in pckmo_key2protkey() - Deactivate sclp console as late as possible so that outstanding messages appear on the console instead of being dropped on reboot - Convert newlines to CRLF instead of LFCR for the sclp vt220 driver, as required by the vt220 specification - Initialize also psw mask in perf_arch_fetch_caller_regs() to make sure that user_mode(regs) will return false - Update defconfigs * tag 's390-6.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: s390: Update defconfigs s390: Initialize psw mask in perf_arch_fetch_caller_regs() s390/sclp_vt220: Convert newlines to CRLF instead of LFCR s390/sclp: Deactivate sclp after all its users s390/pkey_pckmo: Return with success for valid protected key types KVM: s390: Change virtual to physical address access in diag 0x258 handler KVM: s390: gaccess: Check if guest address is in memslot s390/ap: Fix CCA crypto card behavior within protected execution environment s390/pci: Handle PCI error codes other than 0x3a commit 9b673c7551e6881ee0946be95e21ba290c8ac45e Author: Yo-Jung (Leo) Lin <0xff07@gmail.com> Date: Thu Oct 17 22:47:38 2024 +0800 misc: rtsx: list supported models in Kconfig help rts5228, rts5261, rts5264 are supported by the rtsx_pci driver, but they are not mentioned in the Kconfig help when the code was added. List those models in the Kconfig help accordingly. Signed-off-by: Yo-Jung Lin (Leo) <0xff07@gmail.com> Link: https://lore.kernel.org/r/20241017144747.15966-1-0xff07@gmail.com Signed-off-by: Greg Kroah-Hartman commit 6e90b675cf942e50c70e8394dfb5862975c3b3b2 Author: Greg Kroah-Hartman Date: Fri Oct 18 13:31:34 2024 +0200 MAINTAINERS: Remove some entries due to various compliance requirements. Remove some entries due to various compliance requirements. They can come back in the future if sufficient documentation is provided. Link: https://lore.kernel.org/r/2024101835-tiptop-blip-09ed@gregkh Signed-off-by: Greg Kroah-Hartman commit 197231da7f6a2e9884f84a4a463f53f9f491d920 Author: Thorsten Blum Date: Fri Oct 18 12:27:03 2024 +0200 proc: Fix W=1 build kernel-doc warning Building the kernel with W=1 generates the following warning: fs/proc/fd.c:81: warning: This comment starts with '/**', but isn't a kernel-doc comment. Use a normal comment for the helper function proc_fdinfo_permission(). Signed-off-by: Thorsten Blum Link: https://lore.kernel.org/r/20241018102705.92237-2-thorsten.blum@linux.dev Signed-off-by: Christian Brauner commit 51268879eb2bfc563a91cdce69362d9dbf707e7e Author: Hans de Goede Date: Thu Oct 10 11:45:12 2024 +0200 HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard The Thinkpad X1 Tablet Gen 3 keyboard has the same Lenovo specific quirks as the original Thinkpad X1 Tablet keyboard. Add the PID for the "Thinkpad X1 Tablet Gen 3 keyboard" to the hid-lenovo driver to fix the FnLock, Mute and media buttons not working. Suggested-by: Izhar Firdaus Closes https://bugzilla.redhat.com/show_bug.cgi?id=2315395 Signed-off-by: Hans de Goede Signed-off-by: Jiri Kosina commit 526748b925185e95f1415900ee13c2469d4b64cc Author: Kenneth Albanowski Date: Fri Oct 4 10:24:29 2024 -0700 HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad The Logitech Casa Touchpad does not reliably send touch release signals when communicating through the Logitech Bolt wireless-to-USB receiver. Adjusting the device class to add MT_QUIRK_NOT_SEEN_MEANS_UP to make sure that no touches become stuck, MT_QUIRK_FORCE_MULTI_INPUT is not needed, but harmless. Linux does not have information on which devices are connected to the Bolt receiver, so we have to enable this for the entire device. Signed-off-by: Kenneth Albanowski Signed-off-by: Jiri Kosina commit 293c485cbac2607595fdaae2b1fb390fc7b2d014 Author: Bartłomiej Maryńczak Date: Tue Oct 8 00:25:42 2024 +0200 HID: i2c-hid: Delayed i2c resume wakeup for 0x0d42 Goodix touchpad Patch for Goodix 27c6:0d42 touchpads found in Inspiron 5515 laptops. After resume from suspend, one can communicate with this device just fine. We can read data from it or request a reset, but for some reason the interrupt line will not go up when new events are available. (it can correctly respond to a reset with an interrupt tho) The only way I found to wake this device up is to send anything to it after ~1.5s mark, for example a simple read request, or power mode change. In this patch, I simply delay the resume steps with msleep, this will cause the set_power request to happen after the ~1.5s barrier causing the device to resume its event interrupts. Sleep was used rather than delayed_work to make this workaround as non-invasive as possible. [jkosina@suse.com: shortlog update] Signed-off-by: Bartłomiej Maryńczak Signed-off-by: Jiri Kosina commit 1154a599214c655c8138b540f13845257f1952fd Merge: 30c9ae5ece8ecd 6d951576ee1643 Author: Greg Kroah-Hartman Date: Fri Oct 18 12:11:28 2024 +0200 Merge tag 'usb-serial-6.12-rc4' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial into usb-linus Johan writes: USB-serial device ids for 6.12-rc4 Here are some new modem device ids. Everything has been in linux-next over night with no reported issues. * tag 'usb-serial-6.12-rc4' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial: USB: serial: option: add Telit FN920C04 MBIM compositions USB: serial: option: add support for Quectel EG916Q-GL commit 0fd2a743301b6b5eec0f407080f89bed98384836 Author: Jiqian Chen Date: Sat Oct 12 16:45:37 2024 +0800 xen: Remove dependency between pciback and privcmd Commit 2fae6bb7be32 ("xen/privcmd: Add new syscall to get gsi from dev") adds a weak reverse dependency to the config XEN_PRIVCMD definition, that dependency causes xen-privcmd can't be loaded on domU, because dependent xen-pciback isn't always be loaded successfully on domU. To solve above problem, remove that dependency, and do not call pcistub_get_gsi_from_sbdf() directly, instead add a hook in drivers/xen/apci.c, xen-pciback register the real call function, then in privcmd_ioctl_pcidev_get_gsi call that hook. Fixes: 2fae6bb7be32 ("xen/privcmd: Add new syscall to get gsi from dev") Reported-by: Marek Marczykowski-Górecki Signed-off-by: Jiqian Chen Reviewed-by: Juergen Gross Message-ID: <20241012084537.1543059-1-Jiqian.Chen@amd.com> Signed-off-by: Juergen Gross commit ba9cf6b430433e57bfc8072364e944b7c0eca2a4 Author: Mauro Carvalho Chehab Date: Wed Oct 16 11:24:15 2024 +0200 media: pulse8-cec: fix data timestamp at pulse8_setup() As pointed by Coverity, there is a hidden overflow condition there. As date is signed and u8 is unsigned, doing: date = (data[0] << 24) With a value bigger than 07f will make all upper bits of date 0xffffffff. This can be demonstrated with this small code: typedef int64_t time64_t; typedef uint8_t u8; int main(void) { u8 data[] = { 0xde ,0xad , 0xbe, 0xef }; time64_t date; date = (data[0] << 24) | (data[1] << 16) | (data[2] << 8) | data[3]; printf("Invalid data = 0x%08lx\n", date); date = ((unsigned)data[0] << 24) | (data[1] << 16) | (data[2] << 8) | data[3]; printf("Expected data = 0x%08lx\n", date); return 0; } Fix it by converting the upper bit calculation to unsigned. Fixes: cea28e7a55e7 ("media: pulse8-cec: reorganize function order") Cc: stable@vger.kernel.org Signed-off-by: Mauro Carvalho Chehab commit eba6a8619d2b988f9b3a34e6b552a34fa2057d61 Author: Mauro Carvalho Chehab Date: Wed Oct 16 11:03:26 2024 +0200 media: cec: extron-da-hd-4k-plus: don't use -1 as an error code The logic at get_edid_tag_location() returns either an offset or an error condition. However, the error condition uses a non-standard "-1" value. This hits a Coverity bug, as Coverity assumes that positive values are underflow. While this is a false positive, returning error codes as -1 is an issue. So, instead, use -ENOENT to indicate that the tag was not found. Fixes: 056f2821b631 ("media: cec: extron-da-hd-4k-plus: add the Extron DA HD 4K Plus CEC driver") Signed-off-by: Mauro Carvalho Chehab commit 2d861977e7314f00bf27d0db17c11ff5e85e609a Author: Mauro Carvalho Chehab Date: Tue Oct 15 13:29:43 2024 +0200 media: stb0899_algo: initialize cfr before using it The loop at stb0899_search_carrier() starts with a random value for cfr, as reported by Coverity. Initialize it to zero, just like stb0899_dvbs_algo() to ensure that carrier search won't bail out. Fixes: 8bd135bab91f ("V4L/DVB (9375): Add STB0899 support") Cc: stable@vger.kernel.org Signed-off-by: Mauro Carvalho Chehab commit 50b9fa751d1aef5d262bde871c70a7f44262f0bc Author: Mauro Carvalho Chehab Date: Tue Oct 15 12:25:09 2024 +0200 media: adv7604: prevent underflow condition when reporting colorspace Currently, adv76xx_log_status() reads some date using io_read() which may return negative values. The current logic doesn't check such errors, causing colorspace to be reported on a wrong way at adv76xx_log_status(), as reported by Coverity. If I/O error happens there, print a different message, instead of reporting bogus messages to userspace. Fixes: 54450f591c99 ("[media] adv7604: driver for the Analog Devices ADV7604 video decoder") Signed-off-by: Mauro Carvalho Chehab Reviewed-by: Hans Verkuil commit 576a307a7650bd544fbb24df801b9b7863b85e2f Author: Mauro Carvalho Chehab Date: Tue Oct 15 12:14:11 2024 +0200 media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registers fail, a negative number will be returned, causing an underflow when reading SNR registers. Prevent that. Fixes: 8953db793d5b ("V4L/DVB (9178): cx24116: Add module parameter to return SNR as ESNO.") Cc: stable@vger.kernel.org Signed-off-by: Mauro Carvalho Chehab commit 438d3085ba5b8b5bfa5290faa594e577f6ac9aa7 Author: Mauro Carvalho Chehab Date: Tue Oct 15 11:38:10 2024 +0200 media: ar0521: don't overflow when checking PLL values The PLL checks are comparing 64 bit integers with 32 bit ones, as reported by Coverity. Depending on the values of the variables, this may underflow. Fix it ensuring that both sides of the expression are u64. Fixes: 852b50aeed15 ("media: On Semi AR0521 sensor driver") Cc: stable@vger.kernel.org Signed-off-by: Mauro Carvalho Chehab Acked-by: Sakari Ailus commit 14a22762c3daeac59a5a534e124acbb4d7a79b3a Author: Mauro Carvalho Chehab Date: Tue Oct 15 11:10:31 2024 +0200 media: s5p-jpeg: prevent buffer overflows The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it. While here, remove an unused word = 0 assignment. Fixes: 6c96dbbc2aa9 ("[media] s5p-jpeg: add support for 5433") Cc: stable@vger.kernel.org Signed-off-by: Mauro Carvalho Chehab Reviewed-by: Jacek Anaszewski commit 458ea1c0be991573ec436aa0afa23baacfae101a Author: Mauro Carvalho Chehab Date: Tue Oct 15 09:24:24 2024 +0200 media: av7110: fix a spectre vulnerability As warned by smatch: drivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue 'av7110->ci_slot' [w] (local cap) There is a spectre-related vulnerability at the code. Fix it. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable@vger.kernel.org Signed-off-by: Mauro Carvalho Chehab commit 2aee207e5b3c94ef859316008119ea06d6798d49 Author: Mauro Carvalho Chehab Date: Tue Oct 15 10:33:10 2024 +0200 media: mgb4: protect driver against spectre Frequency range is set from sysfs via frequency_range_store(), being vulnerable to spectre, as reported by smatch: drivers/media/pci/mgb4/mgb4_cmt.c:231 mgb4_cmt_set_vin_freq_range() warn: potential spectre issue 'cmt_vals_in' [r] drivers/media/pci/mgb4/mgb4_cmt.c:238 mgb4_cmt_set_vin_freq_range() warn: possible spectre second half. 'reg_set' Fix it. Fixes: 0ab13674a9bd ("media: pci: mgb4: Added Digiteq Automotive MGB4 driver") Cc: stable@vger.kernel.org Signed-off-by: Mauro Carvalho Chehab Reviewed-by: Martin Tůma commit 9883a4d41aba7612644e9bb807b971247cea9b9d Author: Mauro Carvalho Chehab Date: Tue Oct 15 16:05:16 2024 +0200 media: dvb_frontend: don't play tricks with underflow values fepriv->auto_sub_step is unsigned. Setting it to -1 is just a trick to avoid calling continue, as reported by Coverity. It relies to have this code just afterwards: if (!ready) fepriv->auto_sub_step++; Simplify the code by simply setting it to zero and use continue to return to the while loop. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Mauro Carvalho Chehab commit 972e63e895abbe8aa1ccbdbb4e6362abda7cd457 Author: Mauro Carvalho Chehab Date: Tue Oct 15 15:23:01 2024 +0200 media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set or not. When not set, dvb_register_device() won't check for boundaries, as it will rely that a previous call to dvb_register_adapter() would already be enforcing it. On a similar way, dvb_device_open() uses the assumption that the register functions already did the needed checks. This can be fragile if some device ends using different calls. This also generate warnings on static check analysers like Coverity. So, add explicit guards to prevent potential risk of OOM issues. Fixes: 5dd3f3071070 ("V4L/DVB (9361): Dynamic DVB minor allocation") Signed-off-by: Mauro Carvalho Chehab commit e6a3ea83fbe15d4818d01804e904cbb0e64e543b Author: Mauro Carvalho Chehab Date: Wed Oct 16 11:53:15 2024 +0200 media: v4l2-tpg: prevent the risk of a division by zero As reported by Coverity, the logic at tpg_precalculate_line() blindly rescales the buffer even when scaled_witdh is equal to zero. If this ever happens, this will cause a division by zero. Instead, add a WARN_ON_ONCE() to trigger such cases and return without doing any precalculation. Fixes: 63881df94d3e ("[media] vivid: add the Test Pattern Generator") Cc: stable@vger.kernel.org Signed-off-by: Mauro Carvalho Chehab commit 4c76f331a9a173ac8fe1297a9231c2a38f88e368 Author: Mauro Carvalho Chehab Date: Tue Oct 15 14:23:38 2024 +0200 media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl() As detected by Coverity, the error check logic at get_ctrl() is broken: if ptr_to_user() fails to fill a control due to an error, no errors are returned and v4l2_g_ctrl() returns success on a failed operation, which may cause applications to fail. Add an error check at get_ctrl() and ensure that it will be returned to userspace without filling the control value if get_ctrl() fails. Fixes: 71c689dc2e73 ("media: v4l2-ctrls: split up into four source files") Cc: stable@vger.kernel.org Signed-off-by: Mauro Carvalho Chehab commit bc6d2d10418e1bfdb95b16f5dd4cca42d5dec766 Author: Kent Overstreet Date: Fri Oct 18 00:22:09 2024 -0400 bcachefs: fsck: Improve hash_check_key() hash_check_key() checks and repairs the hash table btrees: dirents and xattrs are open addressing hash tables. We recently had a corruption reported where the hash type on an inode somehow got flipped, which made the existing dirents invisible and allowed new ones to be created with the same name. Now, hash_check_key() can repair duplicates: it will delete one of them, if it has an xattr or dangling dirent, but if it has two valid dirents one of them gets renamed. Signed-off-by: Kent Overstreet commit dc96656b20eb6f7dea0ccd220541b4af49cf5789 Author: Kent Overstreet Date: Fri Oct 18 00:19:12 2024 -0400 bcachefs: bch2_hash_set_or_get_in_snapshot() Add a variant of bch2_hash_set_in_snapshot() that returns the existing key on -EEXIST. Signed-off-by: Kent Overstreet commit 15a3836c8ed7bf102159e70ed380b8158651df8e Author: Kent Overstreet Date: Thu Oct 17 23:00:14 2024 -0400 bcachefs: Repair mismatches in inode hash seed, type Different versions of the same inode (same inode number, different snapshot ID) must have the same hash seed and type - lookups require this, since they see keys from different snapshots simultaneously. To repair we only need to make the inodes consistent, hash_check_key() will do the rest. Signed-off-by: Kent Overstreet commit d8e879377ffb37ba0d3afa0c92bd3b88b849a0a9 Author: Kent Overstreet Date: Sat Sep 28 14:44:06 2024 -0400 bcachefs: Add hash seed, type to inode_to_text() This helped with discovering some filesystem corruption fsck has having trouble with: the str_hash type had gotten flipped on one snapshot's version of an inode. All versions of a given inode number have the same hash seed and hash type, since lookups will be done with a single hash/seed and type and see dirents/xattrs from multiple snapshots. Signed-off-by: Kent Overstreet commit 78cf0ae636a55e0bef99308d305d4e1f8a6c4147 Author: Kent Overstreet Date: Thu Oct 17 22:55:59 2024 -0400 bcachefs: INODE_STR_HASH() for bch_inode_unpacked Trivial cleanup - add a normal BITMASK() helper for bch_inode_unpacked. Signed-off-by: Kent Overstreet commit b96f8cd3870a140524fb8cec58790a4be04f41d9 Author: Kent Overstreet Date: Thu Oct 17 22:29:23 2024 -0400 bcachefs: Run in-kernel offline fsck without ratelimit errors Signed-off-by: Kent Overstreet commit 489ecc4cfddada303bd9c2b287a3c8744c324ed3 Author: Hongbo Li Date: Thu Oct 10 12:01:48 2024 +0800 bcachefs: skip mount option handle for empty string. The options parse in get_tree will split the options buffer, it will get the empty string for last one by strsep(). After commit ea0eeb89b1d5 ("bcachefs: reject unknown mount options") is merged, unknown mount options is not allowed (here is empty string), and this causes this errors. This can be reproduced just by the following steps: bcachefs format /dev/loop mount -t bcachefs -o metadata_target=loop1 /dev/loop1 /mnt/bcachefs/ Fixes: ea0eeb89b1d5 ("bcachefs: reject unknown mount options") Signed-off-by: Hongbo Li Signed-off-by: Kent Overstreet commit 07cf8bac2d3efa8d3fb62cd4d98c00087efd7fe8 Author: Hongbo Li Date: Thu Sep 26 10:00:01 2024 +0800 bcachefs: fix incorrect show_options results When call show_options in bcachefs, the options buffer is appeneded to the seq variable. In fact, it requires an additional comma to be appended first. This will affect the remount process when reading existing mount options. Fixes: 9305cf91d05e ("bcachefs: bch2_opts_to_text()") Signed-off-by: Hongbo Li Signed-off-by: Kent Overstreet commit 97535cd84f189248ea0fe14544628d480908e99b Author: Kent Overstreet Date: Thu Oct 17 01:10:49 2024 -0400 bcachefs: Fix data corruption on -ENOSPC in buffered write path Found by generic/299: When we have to truncate a write due to -ENOSPC, we may have to read in the folio we're writing to if we're now no longer doing a complete write to a !uptodate folio. Signed-off-by: Kent Overstreet commit 335d318ef5329e0b500e0f3394bbe0a14cd7f99b Author: Kent Overstreet Date: Thu Oct 17 01:05:17 2024 -0400 bcachefs: bch2_folio_reservation_get_partial() is now better behaved bch2_folio_reservation_get_partial(), on partial success, will now return a reservation that's aligned to the filesystem blocksize. This is a partial fix for fstests generic/299 - fio verify is badly behaved in the presence of short writes that aren't aligned to its blocksize. Signed-off-by: Kent Overstreet commit 81e0b6c7c1f75c914dede330121391f57f216a6e Author: Kent Overstreet Date: Mon Oct 14 17:55:48 2024 -0400 bcachefs: fix disk reservation accounting in bch2_folio_reservation_get() bch2_disk_reservation_put() zeroes out the reservation - oops. This fixes a disk reservation leak when getting a quota reservation returned an error. Signed-off-by: Kent Overstreet commit 4007bbb203a0c36e66bb2e785e1b2cb7266179d5 Author: Kent Overstreet Date: Wed Oct 16 06:32:12 2024 -0400 bcachefS: ec: fix data type on stripe deletion Signed-off-by: Kent Overstreet commit a0d11feefb1998204f095fa0400024403d233108 Author: Kent Overstreet Date: Sun Oct 13 21:53:26 2024 -0400 bcachefs: Don't use commit_do() unnecessarily Using commit_do() to call alloc_sectors_start_trans() breaks when we're randomly injecting transaction restarts - the restart in the commit causes us to leak the lock that alloc_sectorS_start_trans() takes. Signed-off-by: Kent Overstreet commit 6bee2a04c5473d6d463c64e9a1f77c875b83401d Author: Kent Overstreet Date: Mon Oct 14 23:58:45 2024 -0400 bcachefs: handle restarts in bch2_bucket_io_time_reset() bch2_bucket_io_time_reset() doesn't need to succeed, which is why it didn't previously retry on transaction restart - but we're now treating these as errors. Signed-off-by: Kent Overstreet commit 29fd10a36a6326aba134cc0ea9def8d4601279d0 Author: Kent Overstreet Date: Wed Oct 16 04:11:15 2024 -0400 bcachefs: fix restart handling in __bch2_resume_logged_op_finsert() Signed-off-by: Kent Overstreet commit d8b50597748d6d960c936c89b972516c5e39ee96 Author: Kent Overstreet Date: Wed Oct 16 03:36:40 2024 -0400 bcachefs: fix restart handling in bch2_alloc_write_key() This is ugly: We may discover in alloc_write_key that the data type we calculated is wrong, because BCH_DATA_need_discard is checked/set elsewhere, and the disk accounting counters we calculated need to be updated. But bch2_alloc_key_to_dev_counters(..., BTREE_TRIGGER_gc) is not safe w.r.t. transaction restarts, so we need to propagate the fixup back to our gc state in case we take a transaction restart. Signed-off-by: Kent Overstreet commit 7ee4be9c621e4cd6a87d134a46d7c56debdf6664 Author: Kent Overstreet Date: Tue Oct 15 02:13:22 2024 -0400 bcachefs: fix restart handling in bch2_do_invalidates_work() this one is fairly harmless since the invalidate worker will just run again later if it needs to, but still worth fixing Signed-off-by: Kent Overstreet commit 028f3c1d9b3cddfbe327a3e6f09c3229aefc366c Author: Kent Overstreet Date: Mon Oct 14 23:52:38 2024 -0400 bcachefs: fix missing restart handling in bch2_read_retry_nodecode() Signed-off-by: Kent Overstreet commit e1c4d2f0826d6815a268f42395b61962a05d3c51 Author: Kent Overstreet Date: Mon Oct 14 23:32:23 2024 -0400 bcachefs: fix restart handling in bch2_fiemap() We were leaking transaction restart errors to userspace. Signed-off-by: Kent Overstreet commit 94bdeec8f5303a8e445c9a7b9b2b2d69a29d7f38 Author: Kent Overstreet Date: Mon Oct 14 22:40:20 2024 -0400 bcachefs: fix bch2_hash_delete() error path we were exiting an iterator that hadn't been initialized Signed-off-by: Kent Overstreet commit 74ec2f302402c4cfd172f7254ae0e5b851e31b0a Author: Kent Overstreet Date: Mon Oct 14 22:18:12 2024 -0400 bcachefs: fix restart handling in bch2_rename2() This should be impossible to hit in practice; the first lookup within a transaction won't return a restart due to lock ordering, but we're adding fault injection for transaction restarts and shaking out bugs. Signed-off-by: Kent Overstreet commit 83f000784844cb9d4669ef1a3366479db3197b33 Merge: 49ff3e79a7f49e ffafd12696d1a4 Author: Dave Airlie Date: Fri Oct 18 13:53:34 2024 +1000 Merge tag 'drm-xe-fixes-2024-10-17' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-fixes Driver Changes: - New workaround to Xe2 (Aradhya) - Fix unbalanced rpm put (Matthew Auld) - Remove fragile lock optimization (Matthew Brost) - Fix job release, delegating it to the drm scheduler (Matthew Brost) - Fix timestamp bit width for Xe2 (Lucas) - Fix external BO's dma-resv usag (Matthew Brost) - Fix returning success for timeout in wait_token (Nirmoy) - Initialize fence to avoid it being detected as signaled (Matthew Auld) - Improve cache flush for BMG (Matthew Auld) - Don't allow hflip for tile4 framebuffer on Xe2 (Juha-Pekka) Signed-off-by: Dave Airlie From: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/jkldrex5733ldxrla75b4ayvhujjhw2kccmasl5rotoufoacj4@pkvlrrv4orc7 commit ade8ff3b6aca47c234e5353b1e9dc1e5a8f21ffe Merge: 4d939780b70592 c62fa117c32bd1 Author: Linus Torvalds Date: Thu Oct 17 19:12:38 2024 -0700 Merge tag 'x86_bugs_post_ibpb' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 IBPB fixes from Borislav Petkov: "This fixes the IBPB implementation of older AMDs (< gen4) that do not flush the RSB (Return Address Stack) so you can still do some leaking when using a "=ibpb" mitigation for Retbleed or SRSO. Fix it by doing the flushing in software on those generations. IBPB is not the default setting so this is not likely to affect anybody in practice" * tag 'x86_bugs_post_ibpb' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/bugs: Do not use UNTRAIN_RET with IBPB on entry x86/bugs: Skip RSB fill at VMEXIT x86/entry: Have entry_ibpb() invalidate return predictions x86/cpufeatures: Add a IBPB_NO_RET BUG flag x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET commit b0bf1afde7c34698cf61422fa8ee60e690dc25c3 Author: Josh Poimboeuf Date: Thu Oct 17 15:09:02 2024 -0700 cdrom: Avoid barrier_nospec() in cdrom_ioctl_media_changed() The barrier_nospec() after the array bounds check is overkill and painfully slow for arches which implement it. Furthermore, most arches don't implement it, so they remain exposed to Spectre v1 (which can affect pretty much any CPU with branch prediction). Instead, clamp the user pointer to a valid range so it's guaranteed to be a valid array index even when the bounds check mispredicts. Fixes: 8270cb10c068 ("cdrom: Fix spectre-v1 gadget") Signed-off-by: Josh Poimboeuf Link: https://lore.kernel.org/r/1d86f4d9d8fba68e5ca64cdeac2451b95a8bf872.1729202937.git.jpoimboe@kernel.org Signed-off-by: Jens Axboe commit 4d939780b70592e0f4bc6c397e52e518f8fb7916 Merge: d4b82e58082412 e993457df65896 Author: Linus Torvalds Date: Thu Oct 17 16:33:06 2024 -0700 Merge tag 'mm-hotfixes-stable-2024-10-17-16-08' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull misc fixes from Andrew Morton: "28 hotfixes. 13 are cc:stable. 23 are MM. It is the usual shower of unrelated singletons - please see the individual changelogs for details" * tag 'mm-hotfixes-stable-2024-10-17-16-08' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: (28 commits) maple_tree: add regression test for spanning store bug maple_tree: correct tree corruption on spanning store mm/mglru: only clear kswapd_failures if reclaimable mm/swapfile: skip HugeTLB pages for unuse_vma selftests: mm: fix the incorrect usage() info of khugepaged MAINTAINERS: add Jann as memory mapping/VMA reviewer mm: swap: prevent possible data-race in __try_to_reclaim_swap mm: khugepaged: fix the incorrect statistics when collapsing large file folios MAINTAINERS: kasan, kcov: add bugzilla links mm: don't install PMD mappings when THPs are disabled by the hw/process/vma mm: huge_memory: add vma_thp_disabled() and thp_disabled_by_hw() Docs/damon/maintainer-profile: update deprecated awslabs GitHub URLs Docs/damon/maintainer-profile: add missing '_' suffixes for external web links maple_tree: check for MA_STATE_BULK on setting wr_rebalance mm: khugepaged: fix the arguments order in khugepaged_collapse_file trace point mm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets() mm: remove unused stub for can_swapin_thp() mailmap: add an entry for Andy Chiu MAINTAINERS: add memory mapping/VMA co-maintainers fs/proc: fix build with GCC 15 due to -Werror=unterminated-string-initialization ... commit d4b82e5808241239cb3ae2bff5a6c6767ea976cb Merge: 6efbea77b39060 6b5cca7868fdd2 Author: Linus Torvalds Date: Thu Oct 17 16:24:42 2024 -0700 Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux Pull clk fixes from Stephen Boyd: "Two clk driver fixes and a unit test fix: - Terminate the of_device_id table in the Samsung exynosautov920 clk driver so that device matching logic doesn't run off the end of the array into other memory and break matching for any kernel with this driver loaded - Properly limit the max clk ID in the Rockchip clk driver - Use clk kunit helpers in the clk tests so that memory isn't leaked after the test concludes" * tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux: clk: test: Fix some memory leaks clk: rockchip: fix finding of maximum clock ID clk: samsung: Fix out-of-bound access of of_match_node() commit 49ff3e79a7f49e269b0278e75d35d6421f5538a2 Merge: 7626b4e96bdbba c09c4f2a972ca7 Author: Dave Airlie Date: Fri Oct 18 06:43:11 2024 +1000 Merge tag 'drm-misc-fixes-2024-10-17' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-fixes Short summary of fixes pull: ast: - Clear EDID on unplugged connectors host1x: - Fix boot on Tegra186 - Set DMA parameters mgag200: - Revert VBLANK support panel: - himax-hx83192: Adjust power and gamma qaic: - Sgtable loop fixes vmwgfx: - Limit display layout allocatino size - Handle allocation errors in connector checks - Clean up KMS code for 2d-only setup - Report surface-check errors correctly - Remove NULL test around kvfree() Signed-off-by: Dave Airlie From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20241017115516.GA196624@linux.fritz.box commit 7626b4e96bdbbadca046a775c6b8e02b842c05e7 Merge: 01541a87064f9e 2f54e71359eb2a Author: Dave Airlie Date: Fri Oct 18 06:41:12 2024 +1000 Merge tag 'drm-intel-fixes-2024-10-17' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-fixes - Two DP bandwidth related MST fixes Signed-off-by: Dave Airlie From: Joonas Lahtinen Link: https://patchwork.freedesktop.org/patch/msgid/ZxDLdML9Dwqkb1AW@jlahtine-mobl.ger.corp.intel.com commit 01541a87064f9e5d336fd8e2e397fd16e567b484 Merge: 4cd33d972e0ff5 ec1aab7816b06c Author: Dave Airlie Date: Fri Oct 18 06:13:13 2024 +1000 Merge tag 'amd-drm-fixes-6.12-2024-10-16' of https://gitlab.freedesktop.org/agd5f/linux into drm-fixes amd-drm-fixes-6.12-2024-10-16: amdgpu: - SR-IOV fix - CS chunk handling fix - MES fixes - SMU13 fixes amdkfd: - VRAM usage reporting fix radeon: - Fix possible_clones handling Signed-off-by: Dave Airlie From: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20241016200514.3520286-1-alexander.deucher@amd.com commit 5ec36fe24bd2d529ba415b9eaed44a689ab543ed Author: Sebastian Andrzej Siewior Date: Tue Oct 15 17:11:32 2024 +0200 MAINTAINERS: Add an entry for PREEMPT_RT. Add a maintainers entry now that the PREEMPT_RT bits are merged. Steven volunteered and asked for the list. There are no files associated with this entry since it is spread over the kernel. It serves as entry for people knowing what they look for. There is a keyword added so if PREEMPT_RT is mentioned somewhere, then the entry will be picked up. Signed-off-by: Sebastian Andrzej Siewior Signed-off-by: Thomas Gleixner Acked-by: Pavel Machek Link: https://lore.kernel.org/all/20241015151132.Erx81G9f@linutronix.de commit 5ac9b4e935dfc6af41eee2ddc21deb5c36507a9f Author: Andrii Nakryiko Date: Thu Oct 17 10:47:13 2024 -0700 lib/buildid: Handle memfd_secret() files in build_id_parse() >From memfd_secret(2) manpage: The memory areas backing the file created with memfd_secret(2) are visible only to the processes that have access to the file descriptor. The memory region is removed from the kernel page tables and only the page tables of the processes holding the file descriptor map the corresponding physical memory. (Thus, the pages in the region can't be accessed by the kernel itself, so that, for example, pointers to the region can't be passed to system calls.) We need to handle this special case gracefully in build ID fetching code. Return -EFAULT whenever secretmem file is passed to build_id_parse() family of APIs. Original report and repro can be found in [0]. [0] https://lore.kernel.org/bpf/ZwyG8Uro%2FSyTXAni@ly-workstation/ Fixes: de3ec364c3c3 ("lib/buildid: add single folio-based file reader abstraction") Reported-by: Yi Lai Suggested-by: Shakeel Butt Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Shakeel Butt Link: https://lore.kernel.org/bpf/20241017175431.6183-A-hca@linux.ibm.com Link: https://lore.kernel.org/bpf/20241017174713.2157873-1-andrii@kernel.org commit de7007e9e6fe08dc7b45693d7e8cef41f9499854 Merge: 42aafd8b48adac 599d9f3a10eec6 Author: Jens Axboe Date: Thu Oct 17 12:49:27 2024 -0600 Merge tag 'nvme-6.12-2024-10-18' of git://git.infradead.org/nvme into block-6.12 Pull NVMe fixes from Keith: "nvme fixes for Linux 6.12 - Fix target passthrough identifier (Nilay) - Fix tcp locking (Hannes) - Replace list with sbitmap for tracking RDMA rsp tags (Guixen) - Remove unnecessary fallthrough statements (Tokunori) - Remove ready-without-media support (Greg) - Fix multipath partition scan deadlock (Keith) - Fix concurrent PCI reset and remove queue mapping (Maurizio) - Fabrics shutdown fixes (Nilay)" * tag 'nvme-6.12-2024-10-18' of git://git.infradead.org/nvme: nvme: use helper nvme_ctrl_state in nvme_keep_alive_finish function nvme: make keep-alive synchronous operation nvme-loop: flush off pending I/O while shutting down loop controller nvme-pci: fix race condition between reset and nvme_dev_disable() nvme-multipath: defer partition scanning nvme: disable CC.CRIME (NVME_CC_CRIME) nvme: delete unnecessary fallthru comment nvmet-rdma: use sbitmap to replace rsp free list nvme: tcp: avoid race between queue_lock lock and destroy nvmet-passthru: clear EUID/NGUID/UUID while using loop target block: fix blk_rq_map_integrity_sg kernel-doc commit 02e2f9aa33e461468de02e35ad977bd7233960ae Author: Luca Boccassi Date: Sun Sep 15 11:11:19 2024 +0200 ipe: allow secondary and platform keyrings to install/update policies The current policy management makes it impossible to use IPE in a general purpose distribution. In such cases the users are not building the kernel, the distribution is, and access to the private key included in the trusted keyring is, for obvious reason, not available. This means that users have no way to enable IPE, since there will be no built-in generic policy, and no access to the key to sign updates validated by the trusted keyring. Just as we do for dm-verity, kernel modules and more, allow the secondary and platform keyrings to also validate policies. This allows users enrolling their own keys in UEFI db or MOK to also sign policies, and enroll them. This makes it sensible to enable IPE in general purpose distributions, as it becomes usable by any user wishing to do so. Keys in these keyrings can already load kernels and kernel modules, so there is no security downgrade. Add a kconfig each, like dm-verity does, but default to enabled if the dependencies are available. Signed-off-by: Luca Boccassi Reviewed-by: Serge Hallyn [FW: fixed some style issues] Signed-off-by: Fan Wu commit 825711e00117fc686ab89ac36a9a7b252dc349c6 Author: Yu Kuai Date: Wed Oct 9 09:49:14 2024 +0800 md/raid10: fix null ptr dereference in raid10_size() In raid10_run() if raid10_set_queue_limits() succeed, the return value is set to zero, and if following procedures failed raid10_run() will return zero while mddev->private is still NULL, causing null ptr dereference in raid10_size(). Fix the problem by only overwrite the return value if raid10_set_queue_limits() failed. Fixes: 3d8466ba68d4 ("md/raid10: use the atomic queue limit update APIs") Cc: stable@vger.kernel.org Reported-and-tested-by: ValdikSS Closes: https://lore.kernel.org/all/0dd96820-fe52-4841-bc58-dbf14d6bfcc8@valdikss.org.ru/ Signed-off-by: Yu Kuai Reviewed-by: Christoph Hellwig Link: https://lore.kernel.org/r/20241009014914.1682037-1-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 5ceecb301e50e933c1e621fbeea5ec239fbff858 Author: Luca Boccassi Date: Wed Sep 25 23:01:34 2024 +0200 ipe: also reject policy updates with the same version Currently IPE accepts an update that has the same version as the policy being updated, but it doesn't make it a no-op nor it checks that the old and new policyes are the same. So it is possible to change the content of a policy, without changing its version. This is very confusing from userspace when managing policies. Instead change the update logic to reject updates that have the same version with ESTALE, as that is much clearer and intuitive behaviour. Signed-off-by: Luca Boccassi Reviewed-by: Serge Hallyn Signed-off-by: Fan Wu commit 579941899db4f972507df3bf783518e606bb095a Author: Luca Boccassi Date: Wed Sep 25 23:01:33 2024 +0200 ipe: return -ESTALE instead of -EINVAL on update when new policy has a lower version When loading policies in userspace we want a recognizable error when an update attempts to use an old policy, as that is an error that needs to be treated differently from an invalid policy. Use -ESTALE as it is clear enough for an update mechanism. Signed-off-by: Luca Boccassi Reviewed-by: Serge Hallyn Signed-off-by: Fan Wu commit 62ce0782bbacd32ec10292b9bdd127330e9b6968 Author: Li Nan Date: Thu Sep 19 14:30:48 2024 +0800 md: ensure child flush IO does not affect origin bio->bi_status When a flush is issued to an RAID array, a child flush IO is created and issued for each member disk in the RAID array. Since commit b75197e86e6d ("md: Remove flush handling"), each child flush IO has been chained with the original bio. As a result, the failure of any child IO could modify the bi_status of the original bio, potentially impacting the upper-layer filesystem. Fix the issue by preventing child flush IO from altering the original bio->bi_status as before. However, this design introduces a known issue: in the event of a power failure, if a flush IO on a member disk fails, the upper layers may not be informed. This issue is not easy to fix and will not be addressed for the time being in this issue. Fixes: b75197e86e6d ("md: Remove flush handling") Signed-off-by: Li Nan Reviewed-by: Yu Kuai Link: https://lore.kernel.org/r/20240919063048.2887579-1-linan666@huaweicloud.com Signed-off-by: Song Liu commit 599d9f3a10eec69ef28a90161763e4bd7c9c02bf Author: Nilay Shroff Date: Wed Oct 16 08:33:16 2024 +0530 nvme: use helper nvme_ctrl_state in nvme_keep_alive_finish function We no more need acquiring ctrl->lock before accessing the NVMe controller state and instead we can now use the helper nvme_ctrl_state. So replace the use of ctrl->lock from nvme_keep_alive_finish function with nvme_ctrl_state call. Reviewed-by: Christoph Hellwig Signed-off-by: Nilay Shroff Signed-off-by: Keith Busch commit d06923670b5a5f609603d4a9fee4dec02d38de9c Author: Nilay Shroff Date: Wed Oct 16 08:33:15 2024 +0530 nvme: make keep-alive synchronous operation The nvme keep-alive operation, which executes at a periodic interval, could potentially sneak in while shutting down a fabric controller. This may lead to a race between the fabric controller admin queue destroy code path (invoked while shutting down controller) and hw/hctx queue dispatcher called from the nvme keep-alive async request queuing operation. This race could lead to the kernel crash shown below: Call Trace: autoremove_wake_function+0x0/0xbc (unreliable) __blk_mq_sched_dispatch_requests+0x114/0x24c blk_mq_sched_dispatch_requests+0x44/0x84 blk_mq_run_hw_queue+0x140/0x220 nvme_keep_alive_work+0xc8/0x19c [nvme_core] process_one_work+0x200/0x4e0 worker_thread+0x340/0x504 kthread+0x138/0x140 start_kernel_thread+0x14/0x18 While shutting down fabric controller, if nvme keep-alive request sneaks in then it would be flushed off. The nvme_keep_alive_end_io function is then invoked to handle the end of the keep-alive operation which decrements the admin->q_usage_counter and assuming this is the last/only request in the admin queue then the admin->q_usage_counter becomes zero. If that happens then blk-mq destroy queue operation (blk_mq_destroy_ queue()) which could be potentially running simultaneously on another cpu (as this is the controller shutdown code path) would forward progress and deletes the admin queue. So, now from this point onward we are not supposed to access the admin queue resources. However the issue here's that the nvme keep-alive thread running hw/hctx queue dispatch operation hasn't yet finished its work and so it could still potentially access the admin queue resource while the admin queue had been already deleted and that causes the above crash. This fix helps avoid the observed crash by implementing keep-alive as a synchronous operation so that we decrement admin->q_usage_counter only after keep-alive command finished its execution and returns the command status back up to its caller (blk_execute_rq()). This would ensure that fabric shutdown code path doesn't destroy the fabric admin queue until keep-alive request finished execution and also keep-alive thread is not running hw/hctx queue dispatch operation. Reviewed-by: Christoph Hellwig Signed-off-by: Nilay Shroff Signed-off-by: Keith Busch commit c199fac88fe7c749f88a0653e9f621b9f5a71cf1 Author: Nilay Shroff Date: Wed Oct 16 08:33:14 2024 +0530 nvme-loop: flush off pending I/O while shutting down loop controller While shutting down loop controller, we first quiesce the admin/IO queue, delete the admin/IO tag-set and then at last destroy the admin/IO queue. However it's quite possible that during the window between quiescing and destroying of the admin/IO queue, some admin/IO request might sneak in and if that happens then we could potentially encounter a hung task because shutdown operation can't forward progress until any pending I/O is flushed off. This commit helps ensure that before destroying the admin/IO queue, we unquiesce the admin/IO queue so that any outstanding requests, which are added after the admin/IO queue is quiesced, are now flushed to its completion. Reviewed-by: Christoph Hellwig Signed-off-by: Nilay Shroff Signed-off-by: Keith Busch commit db123e42304d5bba9a1e04341db0cafaa7a52f35 Author: Daniel Borkmann Date: Wed Oct 16 15:49:13 2024 +0200 selftests/bpf: Add test case for delta propagation Add a small BPF verifier test case to ensure that alu32 additions to registers are not subject to linked scalar delta tracking. # ./vmtest.sh -- ./test_progs -t verifier_linked_scalars [...] ./test_progs -t verifier_linked_scalars [ 1.413138] tsc: Refined TSC clocksource calibration: 3407.993 MHz [ 1.413524] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x311fcd52370, max_idle_ns: 440795242006 ns [ 1.414223] clocksource: Switched to clocksource tsc [ 1.419640] bpf_testmod: loading out-of-tree module taints kernel. [ 1.420025] bpf_testmod: module verification failed: signature and/or required key missing - tainting kernel #500/1 verifier_linked_scalars/scalars: find linked scalars:OK #500 verifier_linked_scalars:OK Summary: 1/1 PASSED, 0 SKIPPED, 0 FAILED [ 1.590858] ACPI: PM: Preparing to enter system sleep state S5 [ 1.591402] reboot: Power down [...] Signed-off-by: Daniel Borkmann Signed-off-by: Andrii Nakryiko Acked-by: Eduard Zingerman Link: https://lore.kernel.org/bpf/20241016134913.32249-3-daniel@iogearbox.net commit 3e9e708757ca3b7eb65a820031d62fea1a265709 Author: Daniel Borkmann Date: Wed Oct 16 15:49:12 2024 +0200 bpf: Fix print_reg_state's constant scalar dump print_reg_state() should not consider adding reg->off to reg->var_off.value when dumping scalars. Scalars can be produced with reg->off != 0 through BPF_ADD_CONST, and thus as-is this can skew the register log dump. Fixes: 98d7ca374ba4 ("bpf: Track delta between "linked" registers.") Reported-by: Nathaniel Theis Signed-off-by: Daniel Borkmann Signed-off-by: Andrii Nakryiko Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20241016134913.32249-2-daniel@iogearbox.net commit 3878ae04e9fc24dacb77a1d32bd87e7d8108599e Author: Daniel Borkmann Date: Wed Oct 16 15:49:11 2024 +0200 bpf: Fix incorrect delta propagation between linked registers Nathaniel reported a bug in the linked scalar delta tracking, which can lead to accepting a program with OOB access. The specific code is related to the sync_linked_regs() function and the BPF_ADD_CONST flag, which signifies a constant offset between two scalar registers tracked by the same register id. The verifier attempts to track "similar" scalars in order to propagate bounds information learned about one scalar to others. For instance, if r1 and r2 are known to contain the same value, then upon encountering 'if (r1 != 0x1234) goto xyz', not only does it know that r1 is equal to 0x1234 on the path where that conditional jump is not taken, it also knows that r2 is. Additionally, with env->bpf_capable set, the verifier will track scalars which should be a constant delta apart (if r1 is known to be one greater than r2, then if r1 is known to be equal to 0x1234, r2 must be equal to 0x1233.) The code path for the latter in adjust_reg_min_max_vals() is reached when processing both 32 and 64-bit addition operations. While adjust_reg_min_max_vals() knows whether dst_reg was produced by a 32 or a 64-bit addition (based on the alu32 bool), the only information saved in dst_reg is the id of the source register (reg->id, or'ed by BPF_ADD_CONST) and the value of the constant offset (reg->off). Later, the function sync_linked_regs() will attempt to use this information to propagate bounds information from one register (known_reg) to others, meaning, for all R in linked_regs, it copies known_reg range (and possibly adjusting delta) into R for the case of R->id == known_reg->id. For the delta adjustment, meaning, matching reg->id with BPF_ADD_CONST, the verifier adjusts the register as reg = known_reg; reg += delta where delta is computed as (s32)reg->off - (s32)known_reg->off and placed as a scalar into a fake_reg to then simulate the addition of reg += fake_reg. This is only correct, however, if the value in reg was created by a 64-bit addition. When reg contains the result of a 32-bit addition operation, its upper 32 bits will always be zero. sync_linked_regs() on the other hand, may cause the verifier to believe that the addition between fake_reg and reg overflows into those upper bits. For example, if reg was generated by adding the constant 1 to known_reg using a 32-bit alu operation, then reg->off is 1 and known_reg->off is 0. If known_reg is known to be the constant 0xFFFFFFFF, sync_linked_regs() will tell the verifier that reg is equal to the constant 0x100000000. This is incorrect as the actual value of reg will be 0, as the 32-bit addition will wrap around. Example: 0: (b7) r0 = 0; R0_w=0 1: (18) r1 = 0x80000001; R1_w=0x80000001 3: (37) r1 /= 1; R1_w=scalar() 4: (bf) r2 = r1; R1_w=scalar(id=1) R2_w=scalar(id=1) 5: (bf) r4 = r1; R1_w=scalar(id=1) R4_w=scalar(id=1) 6: (04) w2 += 2147483647; R2_w=scalar(id=1+2147483647,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) 7: (04) w4 += 0 ; R4_w=scalar(id=1+0,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) 8: (15) if r2 == 0x0 goto pc+1 10: R0=0 R1=0xffffffff80000001 R2=0x7fffffff R4=0xffffffff80000001 R10=fp0 What can be seen here is that r1 is copied to r2 and r4, such that {r1,r2,r4}.id are all the same which later lets sync_linked_regs() to be invoked. Then, in a next step constants are added with alu32 to r2 and r4, setting their ->off, as well as id |= BPF_ADD_CONST. Next, the conditional will bind r2 and propagate ranges to its linked registers. The verifier now believes the upper 32 bits of r4 are r4=0xffffffff80000001, while actually r4=r1=0x80000001. One approach for a simple fix suitable also for stable is to limit the constant delta tracking to only 64-bit alu addition. If necessary at some later point, BPF_ADD_CONST could be split into BPF_ADD_CONST64 and BPF_ADD_CONST32 to avoid mixing the two under the tradeoff to further complicate sync_linked_regs(). However, none of the added tests from dedf56d775c0 ("selftests/bpf: Add tests for add_const") make this necessary at this point, meaning, BPF CI also passes with just limiting tracking to 64-bit alu addition. Fixes: 98d7ca374ba4 ("bpf: Track delta between "linked" registers.") Reported-by: Nathaniel Theis Signed-off-by: Daniel Borkmann Signed-off-by: Andrii Nakryiko Reviewed-by: Eduard Zingerman Link: https://lore.kernel.org/bpf/20241016134913.32249-1-daniel@iogearbox.net commit ee8c7c6c3f8c7105b1f2e0ba321c193e9f0158d9 Author: Jordan Rome Date: Wed Oct 16 14:00:48 2024 -0700 bpf: Properly test iter/task tid filtering Previously test_task_tid was setting `linfo.task.tid` to `getpid()` which is the same as `gettid()` for the parent process. Instead create a new child thread and set `linfo.task.tid` to `gettid()` to make sure the tid filtering logic is working as expected. Signed-off-by: Jordan Rome Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20241016210048.1213935-2-linux@jordanrome.com commit 9495a5b731fcaf580448a3438d63601c88367661 Author: Jordan Rome Date: Wed Oct 16 14:00:47 2024 -0700 bpf: Fix iter/task tid filtering In userspace, you can add a tid filter by setting the "task.tid" field for "bpf_iter_link_info". However, `get_pid_task` when called for the `BPF_TASK_ITER_TID` type should have been using `PIDTYPE_PID` (tid) instead of `PIDTYPE_TGID` (pid). Fixes: f0d74c4da1f0 ("bpf: Parameterize task iterators.") Signed-off-by: Jordan Rome Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20241016210048.1213935-1-linux@jordanrome.com commit 26bc0a81f64ce00fc4342c38eeb2eddaad084dd2 Author: Maurizio Lombardi Date: Tue Oct 15 13:21:00 2024 +0200 nvme-pci: fix race condition between reset and nvme_dev_disable() nvme_dev_disable() modifies the dev->online_queues field, therefore nvme_pci_update_nr_queues() should avoid racing against it, otherwise we could end up passing invalid values to blk_mq_update_nr_hw_queues(). WARNING: CPU: 39 PID: 61303 at drivers/pci/msi/api.c:347 pci_irq_get_affinity+0x187/0x210 Workqueue: nvme-reset-wq nvme_reset_work [nvme] RIP: 0010:pci_irq_get_affinity+0x187/0x210 Call Trace: ? blk_mq_pci_map_queues+0x87/0x3c0 ? pci_irq_get_affinity+0x187/0x210 blk_mq_pci_map_queues+0x87/0x3c0 nvme_pci_map_queues+0x189/0x460 [nvme] blk_mq_update_nr_hw_queues+0x2a/0x40 nvme_reset_work+0x1be/0x2a0 [nvme] Fix the bug by locking the shutdown_lock mutex before using dev->online_queues. Give up if nvme_dev_disable() is running or if it has been executed already. Fixes: 949928c1c731 ("NVMe: Fix possible queue use after freed") Tested-by: Yi Zhang Reviewed-by: Christoph Hellwig Signed-off-by: Maurizio Lombardi Signed-off-by: Keith Busch commit 6efbea77b390604a7be7364583e19cd2d6a1291b Merge: c16e5c94c8c2f0 7aed6a2c51ffc9 Author: Linus Torvalds Date: Thu Oct 17 09:51:03 2024 -0700 Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux Pull arm64 fixes from Will Deacon: - Disable software tag-based KASAN when compiling with GCC, as functions are incorrectly instrumented leading to a crash early during boot - Fix pkey configuration for kernel threads when POE is enabled - Fix invalid memory accesses in uprobes when targetting load-literal instructions * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: kasan: Disable Software Tag-Based KASAN with GCC Documentation/protection-keys: add AArch64 to documentation arm64: set POR_EL0 for kernel threads arm64: probes: Fix uprobes for big-endian kernels arm64: probes: Fix simulate_ldr*_literal() arm64: probes: Remove broken LDR (literal) uprobe support commit c16e5c94c8c2f0c20f5ce594188f84fd00040378 Merge: 5c94bdab3a32e6 1b59d6c19c2ca4 Author: Linus Torvalds Date: Thu Oct 17 09:43:36 2024 -0700 Merge tag 'arm-fixes-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull SoC fixes from Arnd Bergmann: "Most of the fixes this time are for platform specific drivers, addressing issues found through build testing on freescale, ep93xx, starfive, and npcm platforms, as as well as the ffa firmware. The fixes for the scmi firmware driver address compatibility problems found on broadcom machines. There are only two devicetree fixes, addressing incorrect in configuration on broadcom and marvell machines. The changes to the Documentation and MAINTAINERS files are for clarification only" * tag 'arm-fixes-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: firmware: arm_ffa: Avoid string-fortify warning caused by memcpy() firmware: arm_scmi: Queue in scmi layer for mailbox implementation firmware: arm_ffa: Avoid string-fortify warning in export_uuid() firmware: arm_scmi: Give SMC transport precedence over mailbox firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() Documentation/process: maintainer-soc: clarify submitting patches dmaengine: cirrus: check that output may be truncated dmaengine: cirrus: ERR_CAST() ioremap error MAINTAINERS: use the canonical soc mailing list address and mark it as L: ARM: dts: bcm2837-rpi-cm3-io3: Fix HDMI hpd-gpio pin arm64: dts: marvell: cn9130-sr-som: fix cp0 mdio pin numbers soc: fsl: cpm1: qmc: Fix unused data compilation warning soc: fsl: cpm1: qmc: Do not use IS_ERR_VALUE() on error pointers reset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC reset: npcm: convert comma to semicolon commit 5c94bdab3a32e6225b30df6650337ad21ac42551 Merge: 07d6bf634bc8f9 164cd0e077a18d Author: Linus Torvalds Date: Thu Oct 17 09:36:59 2024 -0700 Merge tag 'sound-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound Pull sound fixes from Takashi Iwai: "A collection of small fixes, nothing really stands out: - Usual HD-audio quirks / device-specific fixes - Kconfig dependency fix for UM - A series of minor fixes for SoundWire - Updates of USB-audio LINE6 contact address" * tag 'sound-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 ALSA/hda: intel-sdw-acpi: add support for sdw-manager-list property read ALSA/hda: intel-sdw-acpi: simplify sdw-master-count property read ALSA/hda: intel-sdw-acpi: fetch fwnode once in sdw_intel_scan_controller() ALSA/hda: intel-sdw-acpi: cleanup sdw_intel_scan_controller ALSA: hda/tas2781: Add new quirk for Lenovo, ASUS, Dell projects ALSA: scarlett2: Add error check after retrieving PEQ filter values ALSA: hda/cs8409: Fix possible NULL dereference sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML ALSA: line6: update contact information ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 ALSA: hda: Sound support for HP Spectre x360 16 inch model 2024 commit 07d6bf634bc8f93caf8920c9d61df761645336e2 Merge: c964ced7726294 cb560795c8c2ce Author: Linus Torvalds Date: Thu Oct 17 09:31:18 2024 -0700 Merge tag 'net-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from Paolo Abeni: "Current release - new code bugs: - eth: mlx5: HWS, don't destroy more bwc queue locks than allocated Previous releases - regressions: - ipv4: give an IPv4 dev to blackhole_netdev - udp: compute L4 checksum as usual when not segmenting the skb - tcp/dccp: don't use timer_pending() in reqsk_queue_unlink(). - eth: mlx5e: don't call cleanup on profile rollback failure - eth: microchip: vcap api: fix memory leaks in vcap_api_encode_rule_test() - eth: enetc: disable Tx BD rings after they are empty - eth: macb: avoid 20s boot delay by skipping MDIO bus registration for fixed-link PHY Previous releases - always broken: - posix-clock: fix missing timespec64 check in pc_clock_settime() - genetlink: hold RCU in genlmsg_mcast() - mptcp: prevent MPC handshake on port-based signal endpoints - eth: vmxnet3: fix packet corruption in vmxnet3_xdp_xmit_frame - eth: stmmac: dwmac-tegra: fix link bring-up sequence - eth: bcmasp: fix potential memory leak in bcmasp_xmit() Misc: - add Andrew Lunn as a co-maintainer of all networking drivers" * tag 'net-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (47 commits) net/mlx5e: Don't call cleanup on profile rollback failure net/mlx5: Unregister notifier on eswitch init failure net/mlx5: Fix command bitmask initialization net/mlx5: Check for invalid vector index on EQ creation net/mlx5: HWS, use lock classes for bwc locks net/mlx5: HWS, don't destroy more bwc queue locks than allocated net/mlx5: HWS, fixed double free in error flow of definer layout net/mlx5: HWS, removed wrong access to a number of rules variable mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow net: ethernet: mtk_eth_soc: fix memory corruption during fq dma init vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame net: dsa: vsc73xx: fix reception from VLAN-unaware bridges net: ravb: Only advertise Rx/Tx timestamps if hardware supports it net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test() net: phy: mdio-bcm-unimac: Add BCM6846 support dt-bindings: net: brcm,unimac-mdio: Add bcm6846-mdio udp: Compute L4 checksum as usual when not segmenting the skb genetlink: hold RCU in genlmsg_mcast() net: dsa: mv88e6xxx: Fix the max_vid definition for the MV88E6361 tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). ... commit 2e11e78667db90a9e732fbe42820e734d0658fc7 Author: Conor Dooley Date: Wed Oct 16 21:11:15 2024 +0100 riscv: dts: starfive: disable unused csi/camss nodes Aurelien reported probe failures due to the csi node being enabled without having a camera attached to it. A camera was in the initial submissions, but was removed from the dts, as it had not actually been present on the board, but was from an addon board used by the developer of the relevant drivers. The non-camera pipeline nodes were not disabled when this happened and the probe failures are problematic for Debian. Disable them. CC: stable@vger.kernel.org Fixes: 28ecaaa5af192 ("riscv: dts: starfive: jh7110: Add camera subsystem nodes") Closes: https://lore.kernel.org/all/Zw1-vcN4CoVkfLjU@aurel32.net/ Reported-by: Aurelien Jarno Reviewed-by: Emil Renner Berthing Tested-by: Aurelien Jarno Reviewed-by: Aurelien Jarno Signed-off-by: Conor Dooley commit 83beece5aff75879bdfc6df8ba84ea88fd93050e Author: Conor Dooley Date: Wed Oct 16 17:35:06 2024 +0100 firmware: microchip: auto-update: fix poll_complete() to not report spurious timeout errors fw_upload's poll_complete() is really intended for use with asynchronous write() implementations - or at least those where the write() loop may terminate without the kernel yet being aware of whether or not the firmware upload has succeeded. For auto-update, write() is only ever called once and will only return when uploading has completed, be that by passing or failing. The core fw_upload code only calls poll_complete() after the final call to write() has returned. However, the poll_complete() implementation in the auto-update driver was written to expect poll_complete() to be called from another context, and it waits for a completion signalled from write(). Since poll_complete() is actually called from the same context, after the write() loop has terminated, wait_for_completion() never sees the completion get signalled and always times out, causing programming to always report a failing. Since write() is full synchronous, and its return value will indicate whether or not programming passed or failed, poll_complete() serves no purpose and can be cut down to simply return FW_UPLOAD_ERR_NONE. Cc: stable@vger.kernel.org Fixes: ec5b0f1193ad4 ("firmware: microchip: add PolarFire SoC Auto Update support") Reported-by: Jamie Gibbons Tested-by: Jamie Gibbons Signed-off-by: Conor Dooley commit 78b2770c935fc1434a95cc17613fe31165b02dfe Author: Sean Anderson Date: Thu Oct 17 11:10:55 2024 -0400 dma-mapping: fix tracing dma_alloc/free with vmalloc'd memory Not all virtual addresses have physical addresses, such as if they were vmalloc'd. Just trace the virtual address instead of trying to trace a physical address. This aligns with the API, and is good enough to associate dma_alloc with dma_free. Fixes: 038eb433dc14 ("dma-mapping: add tracing for dma-mapping API calls") Reported-by: syzbot+b4bfacdec173efaa8567@syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/670ebde5.050a0220.d9b66.0154.GAE@google.com/ Signed-off-by: Sean Anderson Signed-off-by: Christoph Hellwig commit e993457df65896696e165defa8a468a831d0da1b Author: Lorenzo Stoakes Date: Mon Oct 7 16:28:33 2024 +0100 maple_tree: add regression test for spanning store bug Add a regression test to assert that, when performing a spanning store which consumes the entirety of the rightmost right leaf node does not result in maple tree corruption when doing so. This achieves this by building a test tree of 3 levels and establishing a store which ultimately results in a spanned store of this nature. Link: https://lkml.kernel.org/r/30cdc101a700d16e03ba2f9aa5d83f2efa894168.1728314403.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Acked-by: Vlastimil Babka Reviewed-by: Liam R. Howlett Reviewed-by: Wei Yang Cc: Bert Karwatzki Cc: Matthew Wilcox Cc: Mikhail Gavrilov Cc: Sidhartha Kumar Signed-off-by: Andrew Morton commit bea07fd63192b61209d48cbb81ef474cc3ee4c62 Author: Lorenzo Stoakes Date: Mon Oct 7 16:28:32 2024 +0100 maple_tree: correct tree corruption on spanning store Patch series "maple_tree: correct tree corruption on spanning store", v3. There has been a nasty yet subtle maple tree corruption bug that appears to have been in existence since the inception of the algorithm. This bug seems far more likely to happen since commit f8d112a4e657 ("mm/mmap: avoid zeroing vma tree in mmap_region()"), which is the point at which reports started to be submitted concerning this bug. We were made definitely aware of the bug thanks to the kind efforts of Bert Karwatzki who helped enormously in my being able to track this down and identify the cause of it. The bug arises when an attempt is made to perform a spanning store across two leaf nodes, where the right leaf node is the rightmost child of the shared parent, AND the store completely consumes the right-mode node. This results in mas_wr_spanning_store() mitakenly duplicating the new and existing entries at the maximum pivot within the range, and thus maple tree corruption. The fix patch corrects this by detecting this scenario and disallowing the mistaken duplicate copy. The fix patch commit message goes into great detail as to how this occurs. This series also includes a test which reliably reproduces the issue, and asserts that the fix works correctly. Bert has kindly tested the fix and confirmed it resolved his issues. Also Mikhail Gavrilov kindly reported what appears to be precisely the same bug, which this fix should also resolve. This patch (of 2): There has been a subtle bug present in the maple tree implementation from its inception. This arises from how stores are performed - when a store occurs, it will overwrite overlapping ranges and adjust the tree as necessary to accommodate this. A range may always ultimately span two leaf nodes. In this instance we walk the two leaf nodes, determine which elements are not overwritten to the left and to the right of the start and end of the ranges respectively and then rebalance the tree to contain these entries and the newly inserted one. This kind of store is dubbed a 'spanning store' and is implemented by mas_wr_spanning_store(). In order to reach this stage, mas_store_gfp() invokes mas_wr_preallocate(), mas_wr_store_type() and mas_wr_walk() in turn to walk the tree and update the object (mas) to traverse to the location where the write should be performed, determining its store type. When a spanning store is required, this function returns false stopping at the parent node which contains the target range, and mas_wr_store_type() marks the mas->store_type as wr_spanning_store to denote this fact. When we go to perform the store in mas_wr_spanning_store(), we first determine the elements AFTER the END of the range we wish to store (that is, to the right of the entry to be inserted) - we do this by walking to the NEXT pivot in the tree (i.e. r_mas.last + 1), starting at the node we have just determined contains the range over which we intend to write. We then turn our attention to the entries to the left of the entry we are inserting, whose state is represented by l_mas, and copy these into a 'big node', which is a special node which contains enough slots to contain two leaf node's worth of data. We then copy the entry we wish to store immediately after this - the copy and the insertion of the new entry is performed by mas_store_b_node(). After this we copy the elements to the right of the end of the range which we are inserting, if we have not exceeded the length of the node (i.e. r_mas.offset <= r_mas.end). Herein lies the bug - under very specific circumstances, this logic can break and corrupt the maple tree. Consider the following tree: Height 0 Root Node / \ pivot = 0xffff / \ pivot = ULONG_MAX / \ 1 A [-----] ... / \ pivot = 0x4fff / \ pivot = 0xffff / \ 2 (LEAVES) B [-----] [-----] C ^--- Last pivot 0xffff. Now imagine we wish to store an entry in the range [0x4000, 0xffff] (note that all ranges expressed in maple tree code are inclusive): 1. mas_store_gfp() descends the tree, finds node A at <=0xffff, then determines that this is a spanning store across nodes B and C. The mas state is set such that the current node from which we traverse further is node A. 2. In mas_wr_spanning_store() we try to find elements to the right of pivot 0xffff by searching for an index of 0x10000: - mas_wr_walk_index() invokes mas_wr_walk_descend() and mas_wr_node_walk() in turn. - mas_wr_node_walk() loops over entries in node A until EITHER it finds an entry whose pivot equals or exceeds 0x10000 OR it reaches the final entry. - Since no entry has a pivot equal to or exceeding 0x10000, pivot 0xffff is selected, leading to node C. - mas_wr_walk_traverse() resets the mas state to traverse node C. We loop around and invoke mas_wr_walk_descend() and mas_wr_node_walk() in turn once again. - Again, we reach the last entry in node C, which has a pivot of 0xffff. 3. We then copy the elements to the left of 0x4000 in node B to the big node via mas_store_b_node(), and insert the new [0x4000, 0xffff] entry too. 4. We determine whether we have any entries to copy from the right of the end of the range via - and with r_mas set up at the entry at pivot 0xffff, r_mas.offset <= r_mas.end, and then we DUPLICATE the entry at pivot 0xffff. 5. BUG! The maple tree is corrupted with a duplicate entry. This requires a very specific set of circumstances - we must be spanning the last element in a leaf node, which is the last element in the parent node. spanning store across two leaf nodes with a range that ends at that shared pivot. A potential solution to this problem would simply be to reset the walk each time we traverse r_mas, however given the rarity of this situation it seems that would be rather inefficient. Instead, this patch detects if the right hand node is populated, i.e. has anything we need to copy. We do so by only copying elements from the right of the entry being inserted when the maximum value present exceeds the last, rather than basing this on offset position. The patch also updates some comments and eliminates the unused bool return value in mas_wr_walk_index(). The work performed in commit f8d112a4e657 ("mm/mmap: avoid zeroing vma tree in mmap_region()") seems to have made the probability of this event much more likely, which is the point at which reports started to be submitted concerning this bug. The motivation for this change arose from Bert Karwatzki's report of encountering mm instability after the release of kernel v6.12-rc1 which, after the use of CONFIG_DEBUG_VM_MAPLE_TREE and similar configuration options, was identified as maple tree corruption. After Bert very generously provided his time and ability to reproduce this event consistently, I was able to finally identify that the issue discussed in this commit message was occurring for him. Link: https://lkml.kernel.org/r/cover.1728314402.git.lorenzo.stoakes@oracle.com Link: https://lkml.kernel.org/r/48b349a2a0f7c76e18772712d0997a5e12ab0a3b.1728314403.git.lorenzo.stoakes@oracle.com Fixes: 54a611b60590 ("Maple Tree: add new data structure") Signed-off-by: Lorenzo Stoakes Reported-by: Bert Karwatzki Closes: https://lore.kernel.org/all/20241001023402.3374-1-spasswolf@web.de/ Tested-by: Bert Karwatzki Reported-by: Mikhail Gavrilov Closes: https://lore.kernel.org/all/CABXGCsOPwuoNOqSMmAvWO2Fz4TEmPnjFj-b7iF+XFRu1h7-+Dg@mail.gmail.com/ Acked-by: Vlastimil Babka Reviewed-by: Liam R. Howlett Tested-by: Mikhail Gavrilov Reviewed-by: Wei Yang Cc: Matthew Wilcox Cc: Sidhartha Kumar Cc: Signed-off-by: Andrew Morton commit d8f9d6d826fc15780451802796bb88ec52978f17 Author: Cristian Ciocaltea Date: Mon Sep 23 19:40:16 2024 +0300 phy: phy-rockchip-samsung-hdptx: Depend on CONFIG_COMMON_CLK Ensure CONFIG_PHY_ROCKCHIP_SAMSUNG_HDPTX depends on CONFIG_COMMON_CLK to fix the following link errors when compile testing some random kernel configurations: m68k-linux-ld: drivers/phy/rockchip/phy-rockchip-samsung-hdptx.o: in function `rk_hdptx_phy_clk_register': drivers/phy/rockchip/phy-rockchip-samsung-hdptx.c:1031:(.text+0x470): undefined reference to `__clk_get_name' m68k-linux-ld: drivers/phy/rockchip/phy-rockchip-samsung-hdptx.c:1036:(.text+0x4ba): undefined reference to `devm_clk_hw_register' m68k-linux-ld: drivers/phy/rockchip/phy-rockchip-samsung-hdptx.c:1040:(.text+0x4d2): undefined reference to `of_clk_hw_simple_get' m68k-linux-ld: drivers/phy/rockchip/phy-rockchip-samsung-hdptx.c:1040:(.text+0x4da): undefined reference to `devm_of_clk_add_hw_provider' Fixes: c4b09c562086 ("phy: phy-rockchip-samsung-hdptx: Add clock provider support") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409180305.53PXymZn-lkp@intel.com/ Signed-off-by: Cristian Ciocaltea Reviewed-by: AngeloGioacchino Del Regno Reviewed-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240923-sam-hdptx-link-fix-v1-1-8d10d7456305@collabora.com Signed-off-by: Vinod Koul commit e59db0623f6955986d1be0880b351a1f56e7fd6d Author: Andrea Parri Date: Thu Oct 17 17:36:28 2024 +0300 riscv, bpf: Make BPF_CMPXCHG fully ordered According to the prototype formal BPF memory consistency model discussed e.g. in [1] and following the ordering properties of the C/in-kernel macro atomic_cmpxchg(), a BPF atomic operation with the BPF_CMPXCHG modifier is fully ordered. However, the current RISC-V JIT lowerings fail to meet such memory ordering property. This is illustrated by the following litmus test: BPF BPF__MP+success_cmpxchg+fence { 0:r1=x; 0:r3=y; 0:r5=1; 1:r2=y; 1:r4=f; 1:r7=x; } P0 | P1 ; *(u64 *)(r1 + 0) = 1 | r1 = *(u64 *)(r2 + 0) ; r2 = cmpxchg_64 (r3 + 0, r4, r5) | r3 = atomic_fetch_add((u64 *)(r4 + 0), r5) ; | r6 = *(u64 *)(r7 + 0) ; exists (1:r1=1 /\ 1:r6=0) whose "exists" clause is not satisfiable according to the BPF memory model. Using the current RISC-V JIT lowerings, the test can be mapped to the following RISC-V litmus test: RISCV RISCV__MP+success_cmpxchg+fence { 0:x1=x; 0:x3=y; 0:x5=1; 1:x2=y; 1:x4=f; 1:x7=x; } P0 | P1 ; sd x5, 0(x1) | ld x1, 0(x2) ; L00: | amoadd.d.aqrl x3, x5, 0(x4) ; lr.d x2, 0(x3) | ld x6, 0(x7) ; bne x2, x4, L01 | ; sc.d x6, x5, 0(x3) | ; bne x6, x4, L00 | ; fence rw, rw | ; L01: | ; exists (1:x1=1 /\ 1:x6=0) where the two stores in P0 can be reordered. Update the RISC-V JIT lowerings/implementation of BPF_CMPXCHG to emit an SC with RELEASE ("rl") annotation in order to meet the expected memory ordering guarantees. The resulting RISC-V JIT lowerings of BPF_CMPXCHG match the RISC-V lowerings of the C atomic_cmpxchg(). Other lowerings were fixed via 20a759df3bba ("riscv, bpf: make some atomic operations fully ordered"). Fixes: dd642ccb45ec ("riscv, bpf: Implement more atomic operations for RV64") Signed-off-by: Andrea Parri Signed-off-by: Daniel Borkmann Reviewed-by: Puranjay Mohan Acked-by: Björn Töpel Link: https://lpc.events/event/18/contributions/1949/attachments/1665/3441/bpfmemmodel.2024.09.19p.pdf [1] Link: https://lore.kernel.org/bpf/20241017143628.2673894-1-parri.andrea@gmail.com commit b4b32423b6ee6bb96e19fd82bcfd372f6192c737 Author: Siddharth Vadapalli Date: Sat Oct 12 11:09:37 2024 +0530 phy: ti: phy-j721e-wiz: fix usxgmii configuration Commit b64a85fb8f53 ("phy: ti: phy-j721e-wiz.c: Add usxgmii support in wiz driver") added support for USXGMII mode. In doing so, P0_REFCLK_SEL was set to "pcs_mac_clk_divx1_ln_0" (0x3) and P0_STANDARD_MODE was set to LANE_MODE_GEN1, which results in a data rate of 5.15625 Gbps. However, since the USXGMII mode can support up to 10.3125 Gbps data rate, the aforementioned fields should be set to "pcs_mac_clk_divx0_ln_0" (0x2) and LANE_MODE_GEN2 respectively. The signal corresponding to the USXGMII lane of the SERDES has been measured as 5 Gbps without the change and 10 Gbps with the change. Hence, fix the configuration accordingly to support USXGMII up to 10G. Fixes: b64a85fb8f53 ("phy: ti: phy-j721e-wiz.c: Add usxgmii support in wiz driver") Signed-off-by: Siddharth Vadapalli Reviewed-by: Roger Quadros Link: https://lore.kernel.org/r/20241012053937.3596885-1-s-vadapalli@ti.com Signed-off-by: Vinod Koul commit e10c52e7e064038d9bd67b20bf4ce92077d7d84e Author: Jan Kiszka Date: Tue Oct 15 15:04:44 2024 +0800 phy: starfive: jh7110-usb: Fix link configuration to controller In order to connect the USB 2.0 PHY to its controller, we also need to set "u0_pdrstn_split_sw_usbpipe_plugen" [1]. Some downstream U-Boot versions did that, but upstream firmware does not, and the kernel must not rely on such behavior anyway. Failing to set this left the USB gadget port invisible to connected hosts behind. Link: https://doc-en.rvspace.org/JH7110/TRM/JH7110_TRM/sys_syscon.html#sys_syscon__section_b3l_fqs_wsb [1] Fixes: 16d3a71c20cf ("phy: starfive: Add JH7110 USB 2.0 PHY driver") Signed-off-by: Jan Kiszka Signed-off-by: Minda Chen Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20241015070444.20972-2-minda.chen@starfivetech.com Signed-off-by: Vinod Koul commit 031b46b4729b1a6ff8484a1e29cdb41b710ed740 Author: Johan Hovold Date: Tue Oct 15 14:14:06 2024 +0200 phy: qcom: qmp-pcie: drop bogus x1e80100 qref supplies The PCIe PHYs on x1e80100 do not a have a qref supply so stop requesting one. This also avoids the follow warning at boot: qcom-qmp-pcie-phy 1bfc000.phy: supply vdda-qref not found, using dummy regulator Fixes: 9dab00ee9544 ("phy: qcom: qmp-pcie: Add Gen4 4-lanes mode for X1E80100") Fixes: 606060ce8fd0 ("phy: qcom-qmp-pcie: Add support for X1E80100 g3x2 and g4x2 PCIE") Cc: Abel Vesa Signed-off-by: Johan Hovold Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20241015121406.15033-1-johan+linaro@kernel.org Signed-off-by: Vinod Koul commit 8f7033aa4089fbaf7a33995f0f2ee6c9d7b9ca1b Author: Jens Axboe Date: Thu Oct 17 08:31:56 2024 -0600 io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work When the sqpoll is exiting and cancels pending work items, it may need to run task_work. If this happens from within io_uring_cancel_generic(), then it may be under waiting for the io_uring_task waitqueue. This results in the below splat from the scheduler, as the ring mutex may be attempted grabbed while in a TASK_INTERRUPTIBLE state. Ensure that the task state is set appropriately for that, just like what is done for the other cases in io_run_task_work(). do not call blocking ops when !TASK_RUNNING; state=1 set at [<0000000029387fd2>] prepare_to_wait+0x88/0x2fc WARNING: CPU: 6 PID: 59939 at kernel/sched/core.c:8561 __might_sleep+0xf4/0x140 Modules linked in: CPU: 6 UID: 0 PID: 59939 Comm: iou-sqp-59938 Not tainted 6.12.0-rc3-00113-g8d020023b155 #7456 Hardware name: linux,dummy-virt (DT) pstate: 61400005 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) pc : __might_sleep+0xf4/0x140 lr : __might_sleep+0xf4/0x140 sp : ffff80008c5e7830 x29: ffff80008c5e7830 x28: ffff0000d93088c0 x27: ffff60001c2d7230 x26: dfff800000000000 x25: ffff0000e16b9180 x24: ffff80008c5e7a50 x23: 1ffff000118bcf4a x22: ffff0000e16b9180 x21: ffff0000e16b9180 x20: 000000000000011b x19: ffff80008310fac0 x18: 1ffff000118bcd90 x17: 30303c5b20746120 x16: 74657320313d6574 x15: 0720072007200720 x14: 0720072007200720 x13: 0720072007200720 x12: ffff600036c64f0b x11: 1fffe00036c64f0a x10: ffff600036c64f0a x9 : dfff800000000000 x8 : 00009fffc939b0f6 x7 : ffff0001b6327853 x6 : 0000000000000001 x5 : ffff0001b6327850 x4 : ffff600036c64f0b x3 : ffff8000803c35bc x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff0000e16b9180 Call trace: __might_sleep+0xf4/0x140 mutex_lock+0x84/0x124 io_handle_tw_list+0xf4/0x260 tctx_task_work_run+0x94/0x340 io_run_task_work+0x1ec/0x3c0 io_uring_cancel_generic+0x364/0x524 io_sq_thread+0x820/0x124c ret_from_fork+0x10/0x20 Cc: stable@vger.kernel.org Fixes: af5d68f8892f ("io_uring/sqpoll: manage task_work privately") Signed-off-by: Jens Axboe commit 6d951576ee16430822a8dee1e5c54d160e1de87d Author: Daniele Palmas Date: Thu Oct 3 11:38:08 2024 +0200 USB: serial: option: add Telit FN920C04 MBIM compositions Add the following Telit FN920C04 compositions: 0x10a2: MBIM + tty (AT/NMEA) + tty (AT) + tty (diag) T: Bus=03 Lev=01 Prnt=03 Port=06 Cnt=01 Dev#= 17 Spd=480 MxCh= 0 D: Ver= 2.00 Cls=ef(misc ) Sub=02 Prot=01 MxPS=64 #Cfgs= 1 P: Vendor=1bc7 ProdID=10a2 Rev=05.15 S: Manufacturer=Telit Cinterion S: Product=FN920 S: SerialNumber=92c4c4d8 C: #Ifs= 5 Cfg#= 1 Atr=e0 MxPwr=500mA I: If#= 0 Alt= 0 #EPs= 1 Cls=02(commc) Sub=0e Prot=00 Driver=cdc_mbim E: Ad=82(I) Atr=03(Int.) MxPS= 64 Ivl=32ms I: If#= 1 Alt= 1 #EPs= 2 Cls=0a(data ) Sub=00 Prot=02 Driver=cdc_mbim E: Ad=01(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=81(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms I: If#= 2 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=60 Driver=option E: Ad=02(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=83(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=84(I) Atr=03(Int.) MxPS= 10 Ivl=32ms I: If#= 3 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=40 Driver=option E: Ad=03(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=85(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=86(I) Atr=03(Int.) MxPS= 10 Ivl=32ms I: If#= 4 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=30 Driver=option E: Ad=04(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=87(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms 0x10a7: MBIM + tty (AT) + tty (AT) + tty (diag) T: Bus=03 Lev=01 Prnt=03 Port=06 Cnt=01 Dev#= 18 Spd=480 MxCh= 0 D: Ver= 2.00 Cls=ef(misc ) Sub=02 Prot=01 MxPS=64 #Cfgs= 1 P: Vendor=1bc7 ProdID=10a7 Rev=05.15 S: Manufacturer=Telit Cinterion S: Product=FN920 S: SerialNumber=92c4c4d8 C: #Ifs= 5 Cfg#= 1 Atr=e0 MxPwr=500mA I: If#= 0 Alt= 0 #EPs= 1 Cls=02(commc) Sub=0e Prot=00 Driver=cdc_mbim E: Ad=82(I) Atr=03(Int.) MxPS= 64 Ivl=32ms I: If#= 1 Alt= 1 #EPs= 2 Cls=0a(data ) Sub=00 Prot=02 Driver=cdc_mbim E: Ad=01(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=81(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms I: If#= 2 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=40 Driver=option E: Ad=02(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=83(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=84(I) Atr=03(Int.) MxPS= 10 Ivl=32ms I: If#= 3 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=40 Driver=option E: Ad=03(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=85(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=86(I) Atr=03(Int.) MxPS= 10 Ivl=32ms I: If#= 4 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=30 Driver=option E: Ad=04(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=87(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms 0x10aa: MBIM + tty (AT) + tty (diag) + DPL (data packet logging) + adb T: Bus=03 Lev=01 Prnt=03 Port=06 Cnt=01 Dev#= 15 Spd=480 MxCh= 0 D: Ver= 2.00 Cls=ef(misc ) Sub=02 Prot=01 MxPS=64 #Cfgs= 1 P: Vendor=1bc7 ProdID=10aa Rev=05.15 S: Manufacturer=Telit Cinterion S: Product=FN920 S: SerialNumber=92c4c4d8 C: #Ifs= 6 Cfg#= 1 Atr=e0 MxPwr=500mA I: If#= 0 Alt= 0 #EPs= 1 Cls=02(commc) Sub=0e Prot=00 Driver=cdc_mbim E: Ad=82(I) Atr=03(Int.) MxPS= 64 Ivl=32ms I: If#= 1 Alt= 1 #EPs= 2 Cls=0a(data ) Sub=00 Prot=02 Driver=cdc_mbim E: Ad=01(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=81(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms I: If#= 2 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=ff Prot=40 Driver=option E: Ad=02(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=83(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=84(I) Atr=03(Int.) MxPS= 10 Ivl=32ms I: If#= 3 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=30 Driver=option E: Ad=03(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=85(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms I: If#= 4 Alt= 0 #EPs= 1 Cls=ff(vend.) Sub=ff Prot=80 Driver=(none) E: Ad=86(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms I: If#= 5 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=42 Prot=01 Driver=(none) E: Ad=04(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=87(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms Signed-off-by: Daniele Palmas Cc: stable@vger.kernel.org Signed-off-by: Johan Hovold commit 540eff5d7faf0c9330ec762da49df453263f7676 Author: Benjamin B. Frost Date: Wed Sep 11 10:54:05 2024 +0200 USB: serial: option: add support for Quectel EG916Q-GL Add Quectel EM916Q-GL with product ID 0x6007 T: Bus=01 Lev=02 Prnt=02 Port=01 Cnt=01 Dev#= 3 Spd=480 MxCh= 0 D: Ver= 2.00 Cls=ef(misc ) Sub=02 Prot=01 MxPS=64 #Cfgs= 1 P: Vendor=2c7c ProdID=6007 Rev= 2.00 S: Manufacturer=Quectel S: Product=EG916Q-GL C:* #Ifs= 6 Cfg#= 1 Atr=a0 MxPwr=200mA A: FirstIf#= 4 IfCount= 2 Cls=02(comm.) Sub=06 Prot=00 I:* If#= 0 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=00 Prot=00 Driver=option E: Ad=01(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=81(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms I:* If#= 1 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option E: Ad=82(I) Atr=03(Int.) MxPS= 16 Ivl=32ms E: Ad=83(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=02(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms I:* If#= 2 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option E: Ad=84(I) Atr=03(Int.) MxPS= 16 Ivl=32ms E: Ad=85(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=03(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms I:* If#= 3 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option E: Ad=86(I) Atr=03(Int.) MxPS= 16 Ivl=32ms E: Ad=87(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=04(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms I:* If#= 4 Alt= 0 #EPs= 1 Cls=02(comm.) Sub=06 Prot=00 Driver=cdc_ether E: Ad=88(I) Atr=03(Int.) MxPS= 32 Ivl=32ms I: If#= 5 Alt= 0 #EPs= 0 Cls=0a(data ) Sub=00 Prot=00 Driver=cdc_ether I:* If#= 5 Alt= 1 #EPs= 2 Cls=0a(data ) Sub=00 Prot=00 Driver=cdc_ether E: Ad=05(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=89(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms MI_00 Quectel USB Diag Port MI_01 Quectel USB NMEA Port MI_02 Quectel USB AT Port MI_03 Quectel USB Modem Port MI_04 Quectel USB Net Port Signed-off-by: Benjamin B. Frost Reviewed-by: Lars Melin Cc: stable@vger.kernel.org Signed-off-by: Johan Hovold commit a940b3a1ad0f5bab139fd710dd433aec4eeaea85 Merge: a95d28a8a2f76c befd716ed429b2 Author: Kalle Valo Date: Thu Oct 17 17:25:37 2024 +0300 Merge tag 'ath-current-20241016' of git://git.kernel.org/pub/scm/linux/kernel/git/ath/ath ath.git patches for v6.12-rc4 Fix two instances of memory leaks, one in ath10k and one in ath11k. commit a95d28a8a2f76c591a195c06ea15f5b15c66c3d1 Author: Bitterblue Smith Date: Thu Oct 10 18:34:43 2024 +0300 wifi: rtlwifi: rtl8192du: Don't claim USB ID 0bda:8171 This ID appears to be RTL8188SU, not RTL8192DU. This is the wrong driver for RTL8188SU. The r8712u driver from staging handles this ID. I think this ID comes from the original rtl8192du driver from Realtek. I don't know if they added it by mistake, or it was actually used for two different chips. RTL8188SU with this ID exists in the wild. RTL8192DU with this ID probably doesn't. Fixes: b5dc8873b6ff ("wifi: rtlwifi: Add rtl8192du/sw.c") Cc: stable@vger.kernel.org # v6.11 Closes: https://github.com/lwfinger/rtl8192du/issues/105 Signed-off-by: Bitterblue Smith Acked-by: Ping-Ke Shih Signed-off-by: Kalle Valo Link: https://patch.msgid.link/40245564-41fe-4a5e-881f-cd517255b20a@gmail.com commit 4aefde403da7af30757915e0462d88398c9388c5 Author: Bitterblue Smith Date: Tue Oct 8 21:44:02 2024 +0300 wifi: rtw88: Fix the RX aggregation in USB 3 mode RTL8822CU, RTL8822BU, and RTL8821CU don't need BIT_EN_PRE_CALC. In fact, RTL8822BU in USB 3 mode doesn't pass all the frames to the driver, resulting in much lower download speed than normal: $ iperf3 -c 192.168.0.1 -R Connecting to host 192.168.0.1, port 5201 Reverse mode, remote host 192.168.0.1 is sending [ 5] local 192.168.0.50 port 43062 connected to 192.168.0.1 port 5201 [ ID] Interval Transfer Bitrate [ 5] 0.00-1.00 sec 26.9 MBytes 225 Mbits/sec [ 5] 1.00-2.00 sec 7.50 MBytes 62.9 Mbits/sec [ 5] 2.00-3.00 sec 8.50 MBytes 71.3 Mbits/sec [ 5] 3.00-4.00 sec 8.38 MBytes 70.3 Mbits/sec [ 5] 4.00-5.00 sec 7.75 MBytes 65.0 Mbits/sec [ 5] 5.00-6.00 sec 8.00 MBytes 67.1 Mbits/sec [ 5] 6.00-7.00 sec 8.00 MBytes 67.1 Mbits/sec [ 5] 7.00-8.00 sec 7.75 MBytes 65.0 Mbits/sec [ 5] 8.00-9.00 sec 7.88 MBytes 66.1 Mbits/sec [ 5] 9.00-10.00 sec 7.88 MBytes 66.1 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.02 sec 102 MBytes 85.1 Mbits/sec 224 sender [ 5] 0.00-10.00 sec 98.6 MBytes 82.7 Mbits/sec receiver Don't set BIT_EN_PRE_CALC. Then the speed is much better: % iperf3 -c 192.168.0.1 -R Connecting to host 192.168.0.1, port 5201 Reverse mode, remote host 192.168.0.1 is sending [ 5] local 192.168.0.50 port 39000 connected to 192.168.0.1 port 5201 [ ID] Interval Transfer Bitrate [ 5] 0.00-1.00 sec 52.8 MBytes 442 Mbits/sec [ 5] 1.00-2.00 sec 71.9 MBytes 603 Mbits/sec [ 5] 2.00-3.00 sec 74.8 MBytes 627 Mbits/sec [ 5] 3.00-4.00 sec 75.9 MBytes 636 Mbits/sec [ 5] 4.00-5.00 sec 76.0 MBytes 638 Mbits/sec [ 5] 5.00-6.00 sec 74.1 MBytes 622 Mbits/sec [ 5] 6.00-7.00 sec 74.0 MBytes 621 Mbits/sec [ 5] 7.00-8.00 sec 76.0 MBytes 638 Mbits/sec [ 5] 8.00-9.00 sec 74.4 MBytes 624 Mbits/sec [ 5] 9.00-10.00 sec 63.9 MBytes 536 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bitrate Retr [ 5] 0.00-10.00 sec 717 MBytes 601 Mbits/sec 24 sender [ 5] 0.00-10.00 sec 714 MBytes 599 Mbits/sec receiver Fixes: 002a5db9a52a ("wifi: rtw88: Enable USB RX aggregation for 8822c/8822b/8821c") Signed-off-by: Bitterblue Smith Acked-by: Ping-Ke Shih Signed-off-by: Kalle Valo Link: https://patch.msgid.link/afb94a82-3d18-459e-97fc-1a217608cdf0@gmail.com commit b73b2069528f90ec49d5fa1010a759baa2c2be05 Author: Geert Uytterhoeven Date: Tue Sep 24 14:09:32 2024 +0200 wifi: brcm80211: BRCM_TRACING should depend on TRACING When tracing is disabled, there is no point in asking the user about enabling Broadcom wireless device tracing. Fixes: f5c4f10852d42012 ("brcm80211: Allow trace support to be enabled separately from debug") Signed-off-by: Geert Uytterhoeven Acked-by: Arend van Spriel Signed-off-by: Kalle Valo Link: https://patch.msgid.link/81a29b15eaacc1ac1fb421bdace9ac0c3385f40f.1727179742.git.geert@linux-m68k.org commit aa70ff0945fea2ed14046273609d04725f222616 Author: Ping-Ke Shih Date: Tue Sep 24 10:16:33 2024 +0800 wifi: rtw89: pci: early chips only enable 36-bit DMA on specific PCI hosts The early chips including RTL8852A, RTL8851B, RTL8852B and RTL8852BT have interoperability problems of 36-bit DMA with some PCI hosts. Rollback to 32-bit DMA by default, and only enable 36-bit DMA for tested platforms. Since all Intel platforms we have can work correctly, add the vendor ID to white list. Otherwise, list vendor/device ID of bridge we have tested. Fixes: 1fd4b3fe52ef ("wifi: rtw89: pci: support 36-bit PCI DMA address") Reported-by: Marcel Weißenbach Closes: https://lore.kernel.org/linux-wireless/20240918073237.Horde.VLueh0_KaiDw-9asEEcdM84@ignaz.org/T/#m07c5694df1acb173a42e1a0bab7ac22bd231a2b8 Signed-off-by: Ping-Ke Shih Tested-by: Marcel Weißenbach Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240924021633.19861-1-pkshih@realtek.com commit bf9821ba4792a0d9a2e72803ae7b4341faf3d532 Author: Naohiro Aota Date: Tue Oct 1 17:03:32 2024 +0900 btrfs: zoned: fix zone unusable accounting for freed reserved extent When btrfs reserves an extent and does not use it (e.g, by an error), it calls btrfs_free_reserved_extent() to free the reserved extent. In the process, it calls btrfs_add_free_space() and then it accounts the region bytes as block_group->zone_unusable. However, it leaves the space_info->bytes_zone_unusable side not updated. As a result, ENOSPC can happen while a space_info reservation succeeded. The reservation is fine because the freed region is not added in space_info->bytes_zone_unusable, leaving that space as "free". OTOH, corresponding block group counts it as zone_unusable and its allocation pointer is not rewound, we cannot allocate an extent from that block group. That will also negate space_info's async/sync reclaim process, and cause an ENOSPC error from the extent allocation process. Fix that by returning the space to space_info->bytes_zone_unusable. Ideally, since a bio is not submitted for this reserved region, we should return the space to free space and rewind the allocation pointer. But, it needs rework on extent allocation handling, so let it work in this way for now. Fixes: 169e0da91a21 ("btrfs: zoned: track unusable bytes for zones") CC: stable@vger.kernel.org # 5.15+ Reviewed-by: Johannes Thumshirn Signed-off-by: Naohiro Aota Reviewed-by: David Sterba Signed-off-by: David Sterba commit 39c6a356201ebbd7e1db5be53fbb46ef4bfc70a4 Author: Arnaldo Carvalho de Melo Date: Fri Oct 11 16:10:01 2024 -0300 perf trace: The return from 'write' isn't a pid When adding a explicit beautifier for the 'write' syscall when the BPF based buffer collector was introduced there was a cut'n'paste error that carried the syscall_fmt->errpid setting from a nearby syscall (waitid) that returns a pid. So the write return was being suppressed by the return pretty printer, remove that field, reverting it back to the default return handler, that prints positive numbers as-is and interpret negative values as errnos. I actually introduced the problem while making Howard's original patch work just with the 'write' syscall, as we couldn't just look for any buffers, the ones that are filled in by the kernel couldn't use the same sys_enter BPF collector. Fixes: b257fac12f38d7f5 ("perf trace: Pretty print buffer data") Reported-by: James Clark Link: https://lore.kernel.org/lkml/bcf50648-3c7e-4513-8717-0d14492c53b9@linaro.org Link: https://lore.kernel.org/all/Zt8jTfzDYgBPvFCd@x1/#t Cc: Adrian Hunter Cc: Alan Maguire Cc: Howard Chu Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Signed-off-by: Arnaldo Carvalho de Melo commit ab8aaab874c4aa378e76d0a55ce6e0fad6e042a2 Author: Arnaldo Carvalho de Melo Date: Fri Oct 11 15:20:17 2024 -0300 tools headers UAPI: Sync linux/const.h with the kernel headers To pick up the changes in: 947697c6f0f75f98 ("uapi: Define GENMASK_U128") That causes no changes in tooling, just addresses this perf build warning: Warning: Kernel ABI header differences: diff -u tools/include/uapi/linux/const.h include/uapi/linux/const.h Cc: Adrian Hunter Cc: Anshuman Khandual Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Yury Norov Link: https://lore.kernel.org/lkml/ZwltGNJwujKu1Fgn@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 610a79ffea02102899a1373fe226d949944a7ed6 Author: David Howells Date: Thu Oct 17 11:58:52 2024 +0100 afs: Fix lock recursion afs_wake_up_async_call() can incur lock recursion. The problem is that it is called from AF_RXRPC whilst holding the ->notify_lock, but it tries to take a ref on the afs_call struct in order to pass it to a work queue - but if the afs_call is already queued, we then have an extraneous ref that must be put... calling afs_put_call() may call back down into AF_RXRPC through rxrpc_kernel_shutdown_call(), however, which might try taking the ->notify_lock again. This case isn't very common, however, so defer it to a workqueue. The oops looks something like: BUG: spinlock recursion on CPU#0, krxrpcio/7001/1646 lock: 0xffff888141399b30, .magic: dead4ead, .owner: krxrpcio/7001/1646, .owner_cpu: 0 CPU: 0 UID: 0 PID: 1646 Comm: krxrpcio/7001 Not tainted 6.12.0-rc2-build3+ #4351 Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014 Call Trace: dump_stack_lvl+0x47/0x70 do_raw_spin_lock+0x3c/0x90 rxrpc_kernel_shutdown_call+0x83/0xb0 afs_put_call+0xd7/0x180 rxrpc_notify_socket+0xa0/0x190 rxrpc_input_split_jumbo+0x198/0x1d0 rxrpc_input_data+0x14b/0x1e0 ? rxrpc_input_call_packet+0xc2/0x1f0 rxrpc_input_call_event+0xad/0x6b0 rxrpc_input_packet_on_conn+0x1e1/0x210 rxrpc_input_packet+0x3f2/0x4d0 rxrpc_io_thread+0x243/0x410 ? __pfx_rxrpc_io_thread+0x10/0x10 kthread+0xcf/0xe0 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x24/0x40 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 Signed-off-by: David Howells Link: https://lore.kernel.org/r/1394602.1729162732@warthog.procyon.org.uk cc: Marc Dionne cc: linux-afs@lists.infradead.org cc: linux-fsdevel@vger.kernel.org Signed-off-by: Christian Brauner commit 15f34347481648a567db67fb473c23befb796af5 Author: Alessandro Zanni Date: Thu Oct 17 14:05:51 2024 +0200 fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set. Initialize all fields of newattrs to avoid uninitialized variables, by checking if ATTR_MODE, ATTR_UID, ATTR_GID are initialized, otherwise 0. Reported-by: syzbot+6c55f725d1bdc8c52058@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=6c55f725d1bdc8c52058 Signed-off-by: Alessandro Zanni Link: https://lore.kernel.org/r/20241017120553.55331-1-alessandro.zanni87@gmail.com Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 229fd15908fe1f99b1de4cde3326e62d1e892611 Author: Christian Brauner Date: Wed Oct 16 19:49:48 2024 +0200 fs: don't try and remove empty rbtree node When copying a namespace we won't have added the new copy into the namespace rbtree until after the copy succeeded. Calling free_mnt_ns() will try to remove the copy from the rbtree which is invalid. Simply free the namespace skeleton directly. Link: https://lore.kernel.org/r/20241016-adapter-seilwinde-83c508a7bde1@brauner Fixes: 1901c92497bd ("fs: keep an index of current mount namespaces") Tested-by: Brad Spengler Cc: stable@vger.kernel.org # v6.11+ Reported-by: Brad Spengler Suggested-by: Brad Spengler Signed-off-by: Christian Brauner commit d6a77668a708f0b5ca6713b39c178c9d9563c35b Author: David Howells Date: Wed Oct 16 17:28:33 2024 +0100 netfs: Downgrade i_rwsem for a buffered write In the I/O locking code borrowed from NFS into netfslib, i_rwsem is held locked across a buffered write - but this causes a performance regression in cifs as it excludes buffered reads for the duration (cifs didn't use any locking for buffered reads). Mitigate this somewhat by downgrading the i_rwsem to a read lock across the buffered write. This at least allows parallel reads to occur whilst excluding other writes, DIO, truncate and setattr. Note that this shouldn't be a problem for a buffered write as a read through an mmap can circumvent i_rwsem anyway. Also note that we might want to make this change in NFS also. Signed-off-by: David Howells Link: https://lore.kernel.org/r/1317958.1729096113@warthog.procyon.org.uk cc: Steve French cc: Paulo Alcantara cc: Trond Myklebust cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-cifs@vger.kernel.org cc: linux-nfs@vger.kernel.org cc: linux-fsdevel@vger.kernel.org Signed-off-by: Christian Brauner commit 1dd196f9004848d0318e8831f962cc76255431d8 Author: Johan Hovold Date: Wed Sep 11 13:52:53 2024 +0200 phy: qcom: qmp-combo: move driver data initialisation earlier Commit 44aff8e31080 ("phy: qcom-qmp-combo: clean up probe initialisation") removed most users of the platform device driver data, but mistakenly also removed the initialisation despite the data still being used in the runtime PM callbacks. The initialisation was soon after restored by commit 83a0bbe39b17 ("phy: qcom-qmp-combo: add support for updated sc8280xp binding") but now happens slightly later during probe. This should not cause any trouble currently as runtime PM needs to be enabled manually through sysfs and the platform device would not be suspended before the PHY has been registered anyway. Move the driver data initialisation to avoid a NULL-pointer dereference on runtime suspend if runtime PM is ever enabled by default in this driver. Fixes: 44aff8e31080 ("phy: qcom-qmp-combo: clean up probe initialisation") Signed-off-by: Johan Hovold Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240911115253.10920-5-johan+linaro@kernel.org Signed-off-by: Vinod Koul commit 34c21f94fa1e147a19b54b6adf0c93a623b70dd8 Author: Johan Hovold Date: Wed Sep 11 13:52:52 2024 +0200 phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation") removed most users of the platform device driver data from the qcom-qmp-usb driver, but mistakenly also removed the initialisation despite the data still being used in the runtime PM callbacks. This bug was later reproduced when the driver was copied to create the qmp-usbc driver. Restore the driver data initialisation at probe to avoid a NULL-pointer dereference on runtime suspend. Apparently no one uses runtime PM, which currently needs to be enabled manually through sysfs, with these drivers. Fixes: 19281571a4d5 ("phy: qcom: qmp-usb: split USB-C PHY driver") Cc: stable@vger.kernel.org # 6.9 Signed-off-by: Johan Hovold Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240911115253.10920-4-johan+linaro@kernel.org Signed-off-by: Vinod Koul commit 29240130ab77c80bea1464317ae2a5fd29c16a0c Author: Johan Hovold Date: Wed Sep 11 13:52:51 2024 +0200 phy: qcom: qmp-usb-legacy: fix NULL-deref on runtime suspend Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation") removed most users of the platform device driver data from the qcom-qmp-usb driver, but mistakenly also removed the initialisation despite the data still being used in the runtime PM callbacks. This bug was later reproduced when the driver was copied to create the qmp-usb-legacy driver. Restore the driver data initialisation at probe to avoid a NULL-pointer dereference on runtime suspend. Apparently no one uses runtime PM, which currently needs to be enabled manually through sysfs, with these drivers. Fixes: e464a3180a43 ("phy: qcom-qmp-usb: split off the legacy USB+dp_com support") Cc: stable@vger.kernel.org # 6.6 Signed-off-by: Johan Hovold Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240911115253.10920-3-johan+linaro@kernel.org Signed-off-by: Vinod Koul commit bd9e4d4a3b127686efc60096271b0a44c3100061 Author: Johan Hovold Date: Wed Sep 11 13:52:50 2024 +0200 phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation") removed most users of the platform device driver data, but mistakenly also removed the initialisation despite the data still being used in the runtime PM callbacks. Restore the driver data initialisation at probe to avoid a NULL-pointer dereference on runtime suspend. Apparently no one uses runtime PM, which currently needs to be enabled manually through sysfs, with this driver. Fixes: 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation") Cc: stable@vger.kernel.org # 6.2 Signed-off-by: Johan Hovold Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240911115253.10920-2-johan+linaro@kernel.org Signed-off-by: Vinod Koul commit 938ade15abaea765dfab32d906de45657067c11f Author: Johan Hovold Date: Mon Sep 16 10:23:05 2024 +0200 dt-bindings: phy: qcom,sc8280xp-qmp-pcie-phy: add missing x1e80100 pipediv2 clocks The x1e80100 QMP PCIe PHYs all have a pipediv2 clock that needs to be described. Fixes: e94b29f2bd73 ("dt-bindings: phy: qcom,sc8280xp-qmp-pcie-phy: Document the X1E80100 QMP PCIe PHYs") Cc: Abel Vesa Signed-off-by: Johan Hovold Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240916082307.29393-2-johan+linaro@kernel.org Signed-off-by: Vinod Koul commit 1230fe7ad3974f7bf6c78901473e039b34d4fb1f Author: Florian Westphal Date: Thu Oct 10 18:34:05 2024 +0200 netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0 Read of size 8 at addr ffff8880106fe400 by task repro/72= bpf_nf_link_release+0xda/0x1e0 bpf_link_free+0x139/0x2d0 bpf_link_release+0x68/0x80 __fput+0x414/0xb60 Eric says: It seems that bpf was able to defer the __nf_unregister_net_hook() after exit()/close() time. Perhaps a netns reference is missing, because the netns has been dismantled/freed already. bpf_nf_link_attach() does : link->net = net; But I do not see a reference being taken on net. Add such a reference and release it after hook unreg. Note that I was unable to get syzbot reproducer to work, so I do not know if this resolves this splat. Fixes: 84601d6ee68a ("bpf: add bpf_link support for BPF_NETFILTER programs") Diagnosed-by: Eric Dumazet Reported-by: Lai, Yi Signed-off-by: Florian Westphal Reviewed-by: Eric Dumazet Signed-off-by: Pablo Neira Ayuso commit 740883fa6c7262036769aa54b50609c8043977e0 Author: Kirill Marinushkin Date: Wed Oct 16 23:58:10 2024 +0200 ASoC: Change my e-mail to gmail Change my contact e-mail in pcm3060 driver and MAINTAINERS Signed-off-by: Kirill Marinushkin Cc: Kirill Marinushkin Cc: Liam Girdwood Cc: Mark Brown Cc: Jaroslav Kysela Cc: Takashi Iwai Cc: linux-kernel@vger.kernel.org Cc: linux-sound@vger.kernel.org Link: https://patch.msgid.link/20241016215810.1544222-1-k.marinushkin@gmail.com Signed-off-by: Mark Brown commit 6924565a04e5f424c95e6d894584e3059f257373 Author: Derek Fang Date: Wed Oct 16 11:07:03 2024 +0800 ASoC: Intel: soc-acpi: lnl: Add match entry for TM2 laptops Add a new match table entry on Lunarlake for the TM2 laptops with rt713 and rt1318. Signed-off-by: Derek Fang Reviewed-by: Péter Ujfalusi Reviewed-by: Ranjani Sridharan Signed-off-by: Bard Liao Link: https://patch.msgid.link/20241016030703.13669-1-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit b0867999e3282378a0b26a7ad200233044d31eca Author: Ilya Dudikov Date: Wed Oct 16 10:40:37 2024 +0700 ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA ASUS Vivobook E1404FA needs a quirks-table entry for the internal microphone to function properly. Signed-off-by: Ilya Dudikov Link: https://patch.msgid.link/20241016034038.13481-1-ilyadud25@gmail.com Signed-off-by: Mark Brown commit ab5593793e9088abcddce30ba8e376e31b7285fd Author: Ranjani Sridharan Date: Wed Oct 16 11:29:10 2024 +0800 ASoC: SOF: Intel: hda: Always clean up link DMA during stop This is required to reset the DMA read/write pointers when the stream is prepared and restarted after a call to snd_pcm_drain()/snd_pcm_drop(). Also, now that the stream is reset during stop, do not save LLP registers in the case of STOP/suspend to avoid erroneous delay reporting. Link: https://github.com/thesofproject/sof/issues/9502 Signed-off-by: Ranjani Sridharan Reviewed-by: Péter Ujfalusi Reviewed-by: Kai Vehmanen Signed-off-by: Bard Liao All: stable@vger.kernel.org # 6.10.x 6.11.x Link: https://patch.msgid.link/20241016032910.14601-5-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit c78f1e15e46ac82607eed593b22992fd08644d96 Author: Ranjani Sridharan Date: Wed Oct 16 11:29:09 2024 +0800 soundwire: intel_ace2x: Send PDI stream number during prepare In the case of a prepare callback after an xrun or when the PCM is restarted after a call to snd_pcm_drain/snd_pcm_drop, avoid reprogramming the SHIM registers but send the PDI stream number so that the link DMA data can be set. This is needed for the case that the DMA data is cleared when the PCM is stopped and restarted without being closed. Link: https://github.com/thesofproject/sof/issues/9502 Signed-off-by: Ranjani Sridharan Reviewed-by: Péter Ujfalusi Reviewed-by: Kai Vehmanen Signed-off-by: Bard Liao Acked-by: Vinod Koul All: stable@vger.kernel.org # 6.10.x 6.11.x Link: https://patch.msgid.link/20241016032910.14601-4-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 6e38a7e098d32d128b00b42a536151de9ea1340b Author: Ranjani Sridharan Date: Wed Oct 16 11:29:08 2024 +0800 ASoC: SOF: Intel: hda: Handle prepare without close for non-HDA DAI's When a PCM is restarted after a snd_pcm_drain/snd_pcm_drop(), the prepare callback will be invoked and the hw_params will be set again. For the HDA DAI's, the hw_params function handles this case already but not for the non-HDA DAI's. So, add the check for link_prepared to verify if the hw_params should be done again or not. Additionally, for SDW DAI's reset the PCMSyCM registers as would be done in the case of a start after a hw_free. Signed-off-by: Ranjani Sridharan Reviewed-by: Péter Ujfalusi Reviewed-by: Kai Vehmanen Signed-off-by: Bard Liao All: stable@vger.kernel.org # 6.10.x 6.11.x Link: https://patch.msgid.link/20241016032910.14601-3-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 9822b4c90d77e3c6555fb21c459c4a61c6a8619f Author: Ranjani Sridharan Date: Wed Oct 16 11:29:07 2024 +0800 ASoC: SOF: ipc4-topology: Do not set ALH node_id for aggregated DAIs For aggregated DAIs, the node ID is set to the group_id during the DAI widget's ipc_prepare op. With the current logic, setting the dai_index for node_id in the dai_config is redundant as it will be overwritten with the group_id anyway. Removing it will also prevent any accidental clearing/resetting of the group_id for aggregated DAIs due to the dai_config calls could that happen before the allocated group_id is freed. Signed-off-by: Ranjani Sridharan Reviewed-by: Péter Ujfalusi Reviewed-by: Kai Vehmanen Signed-off-by: Bard Liao All: stable@vger.kernel.org # 6.10.x 6.11.x Link: https://patch.msgid.link/20241016032910.14601-2-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 19039f279797efbe044cae41ee216c5fe481fc33 Author: Michal Luczaj Date: Sun Oct 13 18:26:42 2024 +0200 bpf, vsock: Drop static vsock_bpf_prot initialization vsock_bpf_prot is set up at runtime. Remove the superfluous init. No functional change intended. Fixes: 634f1a7110b4 ("vsock: support sockmap") Signed-off-by: Michal Luczaj Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20241013-vsock-fixes-for-redir-v2-4-d6577bbfe742@rbox.co commit 6dafde852df8de3617d4b9f835b629aaeaccd01d Author: Michal Luczaj Date: Sun Oct 13 18:26:41 2024 +0200 vsock: Update msg_count on read_skb() Dequeuing via vsock_transport::read_skb() left msg_count outdated, which then confused SOCK_SEQPACKET recv(). Decrease the counter. Fixes: 634f1a7110b4 ("vsock: support sockmap") Signed-off-by: Michal Luczaj Signed-off-by: Daniel Borkmann Reviewed-by: Stefano Garzarella Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20241013-vsock-fixes-for-redir-v2-3-d6577bbfe742@rbox.co commit 3543152f2d330141d9394d28855cb90b860091d2 Author: Michal Luczaj Date: Sun Oct 13 18:26:40 2024 +0200 vsock: Update rx_bytes on read_skb() Make sure virtio_transport_inc_rx_pkt() and virtio_transport_dec_rx_pkt() calls are balanced (i.e. virtio_vsock_sock::rx_bytes doesn't lie) after vsock_transport::read_skb(). While here, also inform the peer that we've freed up space and it has more credit. Failing to update rx_bytes after packet is dequeued leads to a warning on SOCK_STREAM recv(): [ 233.396654] rx_queue is empty, but rx_bytes is non-zero [ 233.396702] WARNING: CPU: 11 PID: 40601 at net/vmw_vsock/virtio_transport_common.c:589 Fixes: 634f1a7110b4 ("vsock: support sockmap") Suggested-by: Stefano Garzarella Signed-off-by: Michal Luczaj Signed-off-by: Daniel Borkmann Reviewed-by: Stefano Garzarella Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20241013-vsock-fixes-for-redir-v2-2-d6577bbfe742@rbox.co commit 9c5bd93edf7b8834aecaa7c340b852d5990d7c78 Author: Michal Luczaj Date: Sun Oct 13 18:26:39 2024 +0200 bpf, sockmap: SK_DROP on attempted redirects of unsupported af_vsock Don't mislead the callers of bpf_{sk,msg}_redirect_{map,hash}(): make sure to immediately and visibly fail the forwarding of unsupported af_vsock packets. Fixes: 634f1a7110b4 ("vsock: support sockmap") Signed-off-by: Michal Luczaj Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20241013-vsock-fixes-for-redir-v2-1-d6577bbfe742@rbox.co commit cb560795c8c2ceca1d36a95f0d1b2eafc4074e37 Merge: 7decd1f5904a48 4dbc1d1a9f39c3 Author: Paolo Abeni Date: Thu Oct 17 12:14:10 2024 +0200 Merge branch 'mlx5-misc-fixes-2024-10-15' Tariq Toukan says: ==================== mlx5 misc fixes 2024-10-15 This patchset provides misc bug fixes from the team to the mlx5 core and Eth drivers. Series generated against: commit 174714f0e505 ("selftests: drivers: net: fix name not defined") ==================== Link: https://patch.msgid.link/20241015093208.197603-1-tariqt@nvidia.com Signed-off-by: Paolo Abeni commit 4dbc1d1a9f39c3711ad2a40addca04d07d9ab5d0 Author: Cosmin Ratiu Date: Tue Oct 15 12:32:08 2024 +0300 net/mlx5e: Don't call cleanup on profile rollback failure When profile rollback fails in mlx5e_netdev_change_profile, the netdev profile var is left set to NULL. Avoid a crash when unloading the driver by not calling profile->cleanup in such a case. This was encountered while testing, with the original trigger that the wq rescuer thread creation got interrupted (presumably due to Ctrl+C-ing modprobe), which gets converted to ENOMEM (-12) by mlx5e_priv_init, the profile rollback also fails for the same reason (signal still active) so the profile is left as NULL, leading to a crash later in _mlx5e_remove. [ 732.473932] mlx5_core 0000:08:00.1: E-Switch: Unload vfs: mode(OFFLOADS), nvfs(2), necvfs(0), active vports(2) [ 734.525513] workqueue: Failed to create a rescuer kthread for wq "mlx5e": -EINTR [ 734.557372] mlx5_core 0000:08:00.1: mlx5e_netdev_init_profile:6235:(pid 6086): mlx5e_priv_init failed, err=-12 [ 734.559187] mlx5_core 0000:08:00.1 eth3: mlx5e_netdev_change_profile: new profile init failed, -12 [ 734.560153] workqueue: Failed to create a rescuer kthread for wq "mlx5e": -EINTR [ 734.589378] mlx5_core 0000:08:00.1: mlx5e_netdev_init_profile:6235:(pid 6086): mlx5e_priv_init failed, err=-12 [ 734.591136] mlx5_core 0000:08:00.1 eth3: mlx5e_netdev_change_profile: failed to rollback to orig profile, -12 [ 745.537492] BUG: kernel NULL pointer dereference, address: 0000000000000008 [ 745.538222] #PF: supervisor read access in kernel mode [ 745.551290] Call Trace: [ 745.551590] [ 745.551866] ? __die+0x20/0x60 [ 745.552218] ? page_fault_oops+0x150/0x400 [ 745.555307] ? exc_page_fault+0x79/0x240 [ 745.555729] ? asm_exc_page_fault+0x22/0x30 [ 745.556166] ? mlx5e_remove+0x6b/0xb0 [mlx5_core] [ 745.556698] auxiliary_bus_remove+0x18/0x30 [ 745.557134] device_release_driver_internal+0x1df/0x240 [ 745.557654] bus_remove_device+0xd7/0x140 [ 745.558075] device_del+0x15b/0x3c0 [ 745.558456] mlx5_rescan_drivers_locked.part.0+0xb1/0x2f0 [mlx5_core] [ 745.559112] mlx5_unregister_device+0x34/0x50 [mlx5_core] [ 745.559686] mlx5_uninit_one+0x46/0xf0 [mlx5_core] [ 745.560203] remove_one+0x4e/0xd0 [mlx5_core] [ 745.560694] pci_device_remove+0x39/0xa0 [ 745.561112] device_release_driver_internal+0x1df/0x240 [ 745.561631] driver_detach+0x47/0x90 [ 745.562022] bus_remove_driver+0x84/0x100 [ 745.562444] pci_unregister_driver+0x3b/0x90 [ 745.562890] mlx5_cleanup+0xc/0x1b [mlx5_core] [ 745.563415] __x64_sys_delete_module+0x14d/0x2f0 [ 745.563886] ? kmem_cache_free+0x1b0/0x460 [ 745.564313] ? lockdep_hardirqs_on_prepare+0xe2/0x190 [ 745.564825] do_syscall_64+0x6d/0x140 [ 745.565223] entry_SYSCALL_64_after_hwframe+0x4b/0x53 [ 745.565725] RIP: 0033:0x7f1579b1288b Fixes: 3ef14e463f6e ("net/mlx5e: Separate between netdev objects and mlx5e profiles initialization") Signed-off-by: Cosmin Ratiu Reviewed-by: Dragos Tatulea Signed-off-by: Tariq Toukan Signed-off-by: Paolo Abeni commit 1da9cfd6c41c2e6bbe624d0568644e1521c33e12 Author: Cosmin Ratiu Date: Tue Oct 15 12:32:07 2024 +0300 net/mlx5: Unregister notifier on eswitch init failure It otherwise remains registered and a subsequent attempt at eswitch enabling might trigger warnings of the sort: [ 682.589148] ------------[ cut here ]------------ [ 682.590204] notifier callback eswitch_vport_event [mlx5_core] already registered [ 682.590256] WARNING: CPU: 13 PID: 2660 at kernel/notifier.c:31 notifier_chain_register+0x3e/0x90 [...snipped] [ 682.610052] Call Trace: [ 682.610369] [ 682.610663] ? __warn+0x7c/0x110 [ 682.611050] ? notifier_chain_register+0x3e/0x90 [ 682.611556] ? report_bug+0x148/0x170 [ 682.611977] ? handle_bug+0x36/0x70 [ 682.612384] ? exc_invalid_op+0x13/0x60 [ 682.612817] ? asm_exc_invalid_op+0x16/0x20 [ 682.613284] ? notifier_chain_register+0x3e/0x90 [ 682.613789] atomic_notifier_chain_register+0x25/0x40 [ 682.614322] mlx5_eswitch_enable_locked+0x1d4/0x3b0 [mlx5_core] [ 682.614965] mlx5_eswitch_enable+0xc9/0x100 [mlx5_core] [ 682.615551] mlx5_device_enable_sriov+0x25/0x340 [mlx5_core] [ 682.616170] mlx5_core_sriov_configure+0x50/0x170 [mlx5_core] [ 682.616789] sriov_numvfs_store+0xb0/0x1b0 [ 682.617248] kernfs_fop_write_iter+0x117/0x1a0 [ 682.617734] vfs_write+0x231/0x3f0 [ 682.618138] ksys_write+0x63/0xe0 [ 682.618536] do_syscall_64+0x4c/0x100 [ 682.618958] entry_SYSCALL_64_after_hwframe+0x4b/0x53 Fixes: 7624e58a8b3a ("net/mlx5: E-switch, register event handler before arming the event") Signed-off-by: Cosmin Ratiu Signed-off-by: Tariq Toukan Signed-off-by: Paolo Abeni commit d62b14045c6511a7b2d4948d1a83a4e592deeb05 Author: Shay Drory Date: Tue Oct 15 12:32:06 2024 +0300 net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGE_PAGES command, this bit isn't Initialize during command bitmask Initialization, only during MANAGE_PAGES. In addition, mlx5_cmd_trigger_completions() is trying to trigger completion for MANAGE_PAGES command as well. Hence, in case health error occurred before any MANAGE_PAGES command have been invoke (for example, during mlx5_enable_hca()), mlx5_cmd_trigger_completions() will try to trigger completion for MANAGE_PAGES command, which will result in null-ptr-deref error.[1] Fix it by Initialize command bitmask correctly. While at it, re-write the code for better understanding. [1] BUG: KASAN: null-ptr-deref in mlx5_cmd_trigger_completions+0x1db/0x600 [mlx5_core] Write of size 4 at addr 0000000000000214 by task kworker/u96:2/12078 CPU: 10 PID: 12078 Comm: kworker/u96:2 Not tainted 6.9.0-rc2_for_upstream_debug_2024_04_07_19_01 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 Workqueue: mlx5_health0000:08:00.0 mlx5_fw_fatal_reporter_err_work [mlx5_core] Call Trace: dump_stack_lvl+0x7e/0xc0 kasan_report+0xb9/0xf0 kasan_check_range+0xec/0x190 mlx5_cmd_trigger_completions+0x1db/0x600 [mlx5_core] mlx5_cmd_flush+0x94/0x240 [mlx5_core] enter_error_state+0x6c/0xd0 [mlx5_core] mlx5_fw_fatal_reporter_err_work+0xf3/0x480 [mlx5_core] process_one_work+0x787/0x1490 ? lockdep_hardirqs_on_prepare+0x400/0x400 ? pwq_dec_nr_in_flight+0xda0/0xda0 ? assign_work+0x168/0x240 worker_thread+0x586/0xd30 ? rescuer_thread+0xae0/0xae0 kthread+0x2df/0x3b0 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x2d/0x70 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork_asm+0x11/0x20 Fixes: 9b98d395b85d ("net/mlx5: Start health poll at earlier stage of driver load") Signed-off-by: Shay Drory Reviewed-by: Moshe Shemesh Reviewed-by: Saeed Mahameed Signed-off-by: Tariq Toukan Signed-off-by: Paolo Abeni commit d4f25be27e3ef7e23998fbd3dd4bff0602de7ae5 Author: Maher Sanalla Date: Tue Oct 15 12:32:05 2024 +0300 net/mlx5: Check for invalid vector index on EQ creation Currently, mlx5 driver does not enforce vector index to be lower than the maximum number of supported completion vectors when requesting a new completion EQ. Thus, mlx5_comp_eqn_get() fails when trying to acquire an IRQ with an improper vector index. To prevent the case above, enforce that vector index value is valid and lower than maximum in mlx5_comp_eqn_get() before handling the request. Fixes: f14c1a14e632 ("net/mlx5: Allocate completion EQs dynamically") Signed-off-by: Maher Sanalla Signed-off-by: Tariq Toukan Signed-off-by: Paolo Abeni commit 9addffa3435973e016f066e13f950be5eed73c06 Author: Cosmin Ratiu Date: Tue Oct 15 12:32:04 2024 +0300 net/mlx5: HWS, use lock classes for bwc locks The HWS BWC API uses one lock per queue and usually acquires one of them, except when doing changes which require locking all queues in order. Naturally, lockdep isn't too happy about acquiring the same lock class multiple times, so inform it that each queue lock is a different class to avoid false positives. Fixes: 2ca62599aa0b ("net/mlx5: HWS, added send engine and context handling") Signed-off-by: Cosmin Ratiu Signed-off-by: Yevgeny Kliteynik Signed-off-by: Tariq Toukan Signed-off-by: Paolo Abeni commit 45bcbd49224ac5aec5e1239de9060e431ca2acd9 Author: Cosmin Ratiu Date: Tue Oct 15 12:32:03 2024 +0300 net/mlx5: HWS, don't destroy more bwc queue locks than allocated hws_send_queues_bwc_locks_destroy destroyed more queue locks than allocated, leading to memory corruption (occasionally) and warnings such as DEBUG_LOCKS_WARN_ON(mutex_is_locked(lock)) in __mutex_destroy because sometimes, the 'mutex' being destroyed was random memory. The severity of this problem is proportional to the number of queues configured because the code overreaches beyond the end of the bwc_send_queue_locks array by 2x its length. Fix that by using the correct number of bwc queues. Fixes: 2ca62599aa0b ("net/mlx5: HWS, added send engine and context handling") Signed-off-by: Cosmin Ratiu Signed-off-by: Yevgeny Kliteynik Signed-off-by: Tariq Toukan Signed-off-by: Paolo Abeni commit 5aa2184e29081665f915594bc6de9b7fee6e4883 Author: Yevgeny Kliteynik Date: Tue Oct 15 12:32:02 2024 +0300 net/mlx5: HWS, fixed double free in error flow of definer layout Fix error flow bug that could lead to double free of a buffer during a failure to calculate a suitable definer layout. Fixes: 74a778b4a63f ("net/mlx5: HWS, added definers handling") Signed-off-by: Yevgeny Kliteynik Reviewed-by: Itamar Gozlan Signed-off-by: Tariq Toukan Signed-off-by: Paolo Abeni commit 65b4eb9f3d1e037100b157e023f4d3d988aafd29 Author: Yevgeny Kliteynik Date: Tue Oct 15 12:32:01 2024 +0300 net/mlx5: HWS, removed wrong access to a number of rules variable Removed wrong access to the num_of_rules field of the matcher. This is a usual u32 variable, but the access was as if it was atomic. This fixes the following CI warnings: mlx5hws_bwc.c:708:17: warning: large atomic operation may incur significant performance penalty; the access size (4 bytes) exceeds the max lock-free size (0 bytes) [-Watomic-alignment] Fixes: 510f9f61a112 ("net/mlx5: HWS, added API and enabled HWS support") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409291101.6NdtMFVC-lkp@intel.com/ Signed-off-by: Yevgeny Kliteynik Reviewed-by: Itamar Gozlan Signed-off-by: Tariq Toukan Signed-off-by: Paolo Abeni commit 7decd1f5904a489d3ccdcf131972f94645681689 Author: Matthieu Baerts (NGI0) Date: Tue Oct 15 10:38:47 2024 +0200 mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow Syzkaller reported this splat: ================================================================== BUG: KASAN: slab-use-after-free in mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881 Read of size 4 at addr ffff8880569ac858 by task syz.1.2799/14662 CPU: 0 UID: 0 PID: 14662 Comm: syz.1.2799 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:377 [inline] print_report+0xc3/0x620 mm/kasan/report.c:488 kasan_report+0xd9/0x110 mm/kasan/report.c:601 mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881 mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:914 [inline] mptcp_nl_remove_id_zero_address+0x305/0x4a0 net/mptcp/pm_netlink.c:1572 mptcp_pm_nl_del_addr_doit+0x5c9/0x770 net/mptcp/pm_netlink.c:1603 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline] genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210 netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2551 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline] netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901 sock_sendmsg_nosec net/socket.c:729 [inline] __sock_sendmsg net/socket.c:744 [inline] ____sys_sendmsg+0x9ae/0xb40 net/socket.c:2607 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2661 __sys_sendmsg+0x117/0x1f0 net/socket.c:2690 do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline] __do_fast_syscall_32+0x73/0x120 arch/x86/entry/common.c:386 do_fast_syscall_32+0x32/0x80 arch/x86/entry/common.c:411 entry_SYSENTER_compat_after_hwframe+0x84/0x8e RIP: 0023:0xf7fe4579 Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 RSP: 002b:00000000f574556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000140 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 Allocated by task 5387: kasan_save_stack+0x33/0x60 mm/kasan/common.c:47 kasan_save_track+0x14/0x30 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394 kmalloc_noprof include/linux/slab.h:878 [inline] kzalloc_noprof include/linux/slab.h:1014 [inline] subflow_create_ctx+0x87/0x2a0 net/mptcp/subflow.c:1803 subflow_ulp_init+0xc3/0x4d0 net/mptcp/subflow.c:1956 __tcp_set_ulp net/ipv4/tcp_ulp.c:146 [inline] tcp_set_ulp+0x326/0x7f0 net/ipv4/tcp_ulp.c:167 mptcp_subflow_create_socket+0x4ae/0x10a0 net/mptcp/subflow.c:1764 __mptcp_subflow_connect+0x3cc/0x1490 net/mptcp/subflow.c:1592 mptcp_pm_create_subflow_or_signal_addr+0xbda/0x23a0 net/mptcp/pm_netlink.c:642 mptcp_pm_nl_fully_established net/mptcp/pm_netlink.c:650 [inline] mptcp_pm_nl_work+0x3a1/0x4f0 net/mptcp/pm_netlink.c:943 mptcp_worker+0x15a/0x1240 net/mptcp/protocol.c:2777 process_one_work+0x958/0x1b30 kernel/workqueue.c:3229 process_scheduled_works kernel/workqueue.c:3310 [inline] worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391 kthread+0x2c1/0x3a0 kernel/kthread.c:389 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Freed by task 113: kasan_save_stack+0x33/0x60 mm/kasan/common.c:47 kasan_save_track+0x14/0x30 mm/kasan/common.c:68 kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579 poison_slab_object mm/kasan/common.c:247 [inline] __kasan_slab_free+0x51/0x70 mm/kasan/common.c:264 kasan_slab_free include/linux/kasan.h:230 [inline] slab_free_hook mm/slub.c:2342 [inline] slab_free mm/slub.c:4579 [inline] kfree+0x14f/0x4b0 mm/slub.c:4727 kvfree+0x47/0x50 mm/util.c:701 kvfree_rcu_list+0xf5/0x2c0 kernel/rcu/tree.c:3423 kvfree_rcu_drain_ready kernel/rcu/tree.c:3563 [inline] kfree_rcu_monitor+0x503/0x8b0 kernel/rcu/tree.c:3632 kfree_rcu_shrink_scan+0x245/0x3a0 kernel/rcu/tree.c:3966 do_shrink_slab+0x44f/0x11c0 mm/shrinker.c:435 shrink_slab+0x32b/0x12a0 mm/shrinker.c:662 shrink_one+0x47e/0x7b0 mm/vmscan.c:4818 shrink_many mm/vmscan.c:4879 [inline] lru_gen_shrink_node mm/vmscan.c:4957 [inline] shrink_node+0x2452/0x39d0 mm/vmscan.c:5937 kswapd_shrink_node mm/vmscan.c:6765 [inline] balance_pgdat+0xc19/0x18f0 mm/vmscan.c:6957 kswapd+0x5ea/0xbf0 mm/vmscan.c:7226 kthread+0x2c1/0x3a0 kernel/kthread.c:389 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Last potentially related work creation: kasan_save_stack+0x33/0x60 mm/kasan/common.c:47 __kasan_record_aux_stack+0xba/0xd0 mm/kasan/generic.c:541 kvfree_call_rcu+0x74/0xbe0 kernel/rcu/tree.c:3810 subflow_ulp_release+0x2ae/0x350 net/mptcp/subflow.c:2009 tcp_cleanup_ulp+0x7c/0x130 net/ipv4/tcp_ulp.c:124 tcp_v4_destroy_sock+0x1c5/0x6a0 net/ipv4/tcp_ipv4.c:2541 inet_csk_destroy_sock+0x1a3/0x440 net/ipv4/inet_connection_sock.c:1293 tcp_done+0x252/0x350 net/ipv4/tcp.c:4870 tcp_rcv_state_process+0x379b/0x4f30 net/ipv4/tcp_input.c:6933 tcp_v4_do_rcv+0x1ad/0xa90 net/ipv4/tcp_ipv4.c:1938 sk_backlog_rcv include/net/sock.h:1115 [inline] __release_sock+0x31b/0x400 net/core/sock.c:3072 __tcp_close+0x4f3/0xff0 net/ipv4/tcp.c:3142 __mptcp_close_ssk+0x331/0x14d0 net/mptcp/protocol.c:2489 mptcp_close_ssk net/mptcp/protocol.c:2543 [inline] mptcp_close_ssk+0x150/0x220 net/mptcp/protocol.c:2526 mptcp_pm_nl_rm_addr_or_subflow+0x2be/0xcc0 net/mptcp/pm_netlink.c:878 mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:914 [inline] mptcp_nl_remove_id_zero_address+0x305/0x4a0 net/mptcp/pm_netlink.c:1572 mptcp_pm_nl_del_addr_doit+0x5c9/0x770 net/mptcp/pm_netlink.c:1603 genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline] genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210 netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2551 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219 netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline] netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357 netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901 sock_sendmsg_nosec net/socket.c:729 [inline] __sock_sendmsg net/socket.c:744 [inline] ____sys_sendmsg+0x9ae/0xb40 net/socket.c:2607 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2661 __sys_sendmsg+0x117/0x1f0 net/socket.c:2690 do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline] __do_fast_syscall_32+0x73/0x120 arch/x86/entry/common.c:386 do_fast_syscall_32+0x32/0x80 arch/x86/entry/common.c:411 entry_SYSENTER_compat_after_hwframe+0x84/0x8e The buggy address belongs to the object at ffff8880569ac800 which belongs to the cache kmalloc-512 of size 512 The buggy address is located 88 bytes inside of freed 512-byte region [ffff8880569ac800, ffff8880569aca00) The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x569ac head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) page_type: f5(slab) raw: 04fff00000000040 ffff88801ac42c80 dead000000000100 dead000000000122 raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 head: 04fff00000000040 ffff88801ac42c80 dead000000000100 dead000000000122 head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 head: 04fff00000000002 ffffea00015a6b01 ffffffffffffffff 0000000000000000 head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: kasan: bad access detected page_owner tracks the page as allocated page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 10238, tgid 10238 (kworker/u32:6), ts 597403252405, free_ts 597177952947 set_page_owner include/linux/page_owner.h:32 [inline] post_alloc_hook+0x2d1/0x350 mm/page_alloc.c:1537 prep_new_page mm/page_alloc.c:1545 [inline] get_page_from_freelist+0x101e/0x3070 mm/page_alloc.c:3457 __alloc_pages_noprof+0x223/0x25a0 mm/page_alloc.c:4733 alloc_pages_mpol_noprof+0x2c9/0x610 mm/mempolicy.c:2265 alloc_slab_page mm/slub.c:2412 [inline] allocate_slab mm/slub.c:2578 [inline] new_slab+0x2ba/0x3f0 mm/slub.c:2631 ___slab_alloc+0xd1d/0x16f0 mm/slub.c:3818 __slab_alloc.constprop.0+0x56/0xb0 mm/slub.c:3908 __slab_alloc_node mm/slub.c:3961 [inline] slab_alloc_node mm/slub.c:4122 [inline] __kmalloc_cache_noprof+0x2c5/0x310 mm/slub.c:4290 kmalloc_noprof include/linux/slab.h:878 [inline] kzalloc_noprof include/linux/slab.h:1014 [inline] mld_add_delrec net/ipv6/mcast.c:743 [inline] igmp6_leave_group net/ipv6/mcast.c:2625 [inline] igmp6_group_dropped+0x4ab/0xe40 net/ipv6/mcast.c:723 __ipv6_dev_mc_dec+0x281/0x360 net/ipv6/mcast.c:979 addrconf_leave_solict net/ipv6/addrconf.c:2253 [inline] __ipv6_ifa_notify+0x3f6/0xc30 net/ipv6/addrconf.c:6283 addrconf_ifdown.isra.0+0xef9/0x1a20 net/ipv6/addrconf.c:3982 addrconf_notify+0x220/0x19c0 net/ipv6/addrconf.c:3781 notifier_call_chain+0xb9/0x410 kernel/notifier.c:93 call_netdevice_notifiers_info+0xbe/0x140 net/core/dev.c:1996 call_netdevice_notifiers_extack net/core/dev.c:2034 [inline] call_netdevice_notifiers net/core/dev.c:2048 [inline] dev_close_many+0x333/0x6a0 net/core/dev.c:1589 page last free pid 13136 tgid 13136 stack trace: reset_page_owner include/linux/page_owner.h:25 [inline] free_pages_prepare mm/page_alloc.c:1108 [inline] free_unref_page+0x5f4/0xdc0 mm/page_alloc.c:2638 stack_depot_save_flags+0x2da/0x900 lib/stackdepot.c:666 kasan_save_stack+0x42/0x60 mm/kasan/common.c:48 kasan_save_track+0x14/0x30 mm/kasan/common.c:68 unpoison_slab_object mm/kasan/common.c:319 [inline] __kasan_slab_alloc+0x89/0x90 mm/kasan/common.c:345 kasan_slab_alloc include/linux/kasan.h:247 [inline] slab_post_alloc_hook mm/slub.c:4085 [inline] slab_alloc_node mm/slub.c:4134 [inline] kmem_cache_alloc_noprof+0x121/0x2f0 mm/slub.c:4141 skb_clone+0x190/0x3f0 net/core/skbuff.c:2084 do_one_broadcast net/netlink/af_netlink.c:1462 [inline] netlink_broadcast_filtered+0xb11/0xef0 net/netlink/af_netlink.c:1540 netlink_broadcast+0x39/0x50 net/netlink/af_netlink.c:1564 uevent_net_broadcast_untagged lib/kobject_uevent.c:331 [inline] kobject_uevent_net_broadcast lib/kobject_uevent.c:410 [inline] kobject_uevent_env+0xacd/0x1670 lib/kobject_uevent.c:608 device_del+0x623/0x9f0 drivers/base/core.c:3882 snd_card_disconnect.part.0+0x58a/0x7c0 sound/core/init.c:546 snd_card_disconnect+0x1f/0x30 sound/core/init.c:495 snd_usx2y_disconnect+0xe9/0x1f0 sound/usb/usx2y/usbusx2y.c:417 usb_unbind_interface+0x1e8/0x970 drivers/usb/core/driver.c:461 device_remove drivers/base/dd.c:569 [inline] device_remove+0x122/0x170 drivers/base/dd.c:561 That's because 'subflow' is used just after 'mptcp_close_ssk(subflow)', which will initiate the release of its memory. Even if it is very likely the release and the re-utilisation will be done later on, it is of course better to avoid any issues and read the content of 'subflow' before closing it. Fixes: 1c1f72137598 ("mptcp: pm: only decrement add_addr_accepted for MPJ req") Cc: stable@vger.kernel.org Reported-by: syzbot+3c8b7a8e7df6a2a226ca@syzkaller.appspotmail.com Closes: https://lore.kernel.org/670d7337.050a0220.4cbc0.004f.GAE@google.com Signed-off-by: Matthieu Baerts (NGI0) Acked-by: Paolo Abeni Link: https://patch.msgid.link/20241015-net-mptcp-uaf-pm-rm-v1-1-c4ee5d987a64@kernel.org Signed-off-by: Paolo Abeni commit 88806efc034a9830f483963326b99930ad519af1 Author: Felix Fietkau Date: Tue Oct 15 10:17:55 2024 +0200 net: ethernet: mtk_eth_soc: fix memory corruption during fq dma init The loop responsible for allocating up to MTK_FQ_DMA_LENGTH buffers must only touch as many descriptors, otherwise it ends up corrupting unrelated memory. Fix the loop iteration count accordingly. Fixes: c57e55819443 ("net: ethernet: mtk_eth_soc: handle dma buffer size soc specific") Signed-off-by: Felix Fietkau Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241015081755.31060-1-nbd@nbd.name Signed-off-by: Paolo Abeni commit 4678adf94da4a9e9683817b246b58ce15fb81782 Author: Daniel Borkmann Date: Mon Oct 14 21:03:11 2024 +0200 vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame Andrew and Nikolay reported connectivity issues with Cilium's service load-balancing in case of vmxnet3. If a BPF program for native XDP adds an encapsulation header such as IPIP and transmits the packet out the same interface, then in case of vmxnet3 a corrupted packet is being sent and subsequently dropped on the path. vmxnet3_xdp_xmit_frame() which is called e.g. via vmxnet3_run_xdp() through vmxnet3_xdp_xmit_back() calculates an incorrect DMA address: page = virt_to_page(xdpf->data); tbi->dma_addr = page_pool_get_dma_addr(page) + VMXNET3_XDP_HEADROOM; dma_sync_single_for_device(&adapter->pdev->dev, tbi->dma_addr, buf_size, DMA_TO_DEVICE); The above assumes a fixed offset (VMXNET3_XDP_HEADROOM), but the XDP BPF program could have moved xdp->data. While the passed buf_size is correct (xdpf->len), the dma_addr needs to have a dynamic offset which can be calculated as xdpf->data - (void *)xdpf, that is, xdp->data - xdp->data_hard_start. Fixes: 54f00cce1178 ("vmxnet3: Add XDP support.") Reported-by: Andrew Sauber Reported-by: Nikolay Nikolaev Signed-off-by: Daniel Borkmann Tested-by: Nikolay Nikolaev Acked-by: Anton Protopopov Cc: William Tu Cc: Ronak Doshi Link: https://patch.msgid.link/a0888656d7f09028f9984498cc698bb5364d89fc.1728931137.git.daniel@iogearbox.net Signed-off-by: Paolo Abeni commit 734bf13e0c853de4fe2c05d5c0255e9247ad634c Author: Liu Ying Date: Tue Sep 24 15:12:18 2024 +0800 arm64: dts: imx8mp-skov-revb-mi1010ait-1cp1: Assign "media_isp" clock rate Commit 2d39b78e5716 ("arm64: dts: imx8mp: Add DT nodes for the two ISPs") added a new phandle to the "assigned-clocks" property of media_blk_ctrl node just before the phandle for "video_pll1" clock in i.MX8MP SoC device tree so that "media_isp" clock rate is assigned to 500MHz by default. However, it missed updating this relevant board device tree where the relevant "assigned-clock-rates" property is changed to set a new rate for "video_pll1" clock. This causes the "media_isp" clock rate being wrongly set to the "video_pll1" clock rate and the "video_pll1" clock rate being untouched. Fix this by assigning "media_isp" clock rate explicitly to 500MHz in this board device tree. Fixes: 2d39b78e5716 ("arm64: dts: imx8mp: Add DT nodes for the two ISPs") Signed-off-by: Liu Ying Signed-off-by: Shawn Guo commit 78a00555550042ed77b33ace7423aced228b3b4e Author: Oliver Upton Date: Thu Oct 17 00:19:47 2024 +0000 KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration kvm_vgic_map_resources() prematurely marks the distributor as 'ready', potentially allowing vCPUs to enter the guest before the distributor's MMIO registration has been made visible. Plug the race by marking the distributor as ready only after MMIO registration is completed. Rely on the implied ordering of synchronize_srcu() to ensure the MMIO registration is visible before vgic_dist::ready. This also means that writers to vgic_dist::ready are now serialized by the slots_lock, which was effectively the case already as all writers held the slots_lock in addition to the config_lock. Fixes: 59112e9c390b ("KVM: arm64: vgic: Fix a circular locking issue") Signed-off-by: Oliver Upton Link: https://lore.kernel.org/r/20241017001947.2707312-3-oliver.upton@linux.dev Signed-off-by: Marc Zyngier commit 5978d4ec7e82ffc472ac2645601dd10b09e61b0f Author: Oliver Upton Date: Thu Oct 17 00:19:46 2024 +0000 KVM: arm64: vgic: Don't check for vgic_ready() when setting NR_IRQS KVM commits to a particular sizing of SPIs when the vgic is initialized, which is before the point a vgic becomes ready. On top of that, KVM supplies a default amount of SPIs should userspace not explicitly configure this. As such, the check for vgic_ready() in the handling of KVM_DEV_ARM_VGIC_GRP_NR_IRQS is completely wrong, and testing if nr_spis is nonzero is sufficient for preventing userspace from playing games with us. Signed-off-by: Oliver Upton Link: https://lore.kernel.org/r/20241017001947.2707312-2-oliver.upton@linux.dev Signed-off-by: Marc Zyngier commit c6c167afa090ea0451f91814e1318755a8fb8bb9 Author: Ilkka Koskinen Date: Wed Oct 16 19:57:01 2024 -0700 KVM: arm64: Fix shift-out-of-bounds bug Fix a shift-out-of-bounds bug reported by UBSAN when running VM with MTE enabled host kernel. UBSAN: shift-out-of-bounds in arch/arm64/kvm/sys_regs.c:1988:14 shift exponent 33 is too large for 32-bit type 'int' CPU: 26 UID: 0 PID: 7629 Comm: qemu-kvm Not tainted 6.12.0-rc2 #34 Hardware name: IEI NF5280R7/Mitchell MB, BIOS 00.00. 2024-10-12 09:28:54 10/14/2024 Call trace: dump_backtrace+0xa0/0x128 show_stack+0x20/0x38 dump_stack_lvl+0x74/0x90 dump_stack+0x18/0x28 __ubsan_handle_shift_out_of_bounds+0xf8/0x1e0 reset_clidr+0x10c/0x1c8 kvm_reset_sys_regs+0x50/0x1c8 kvm_reset_vcpu+0xec/0x2b0 __kvm_vcpu_set_target+0x84/0x158 kvm_vcpu_set_target+0x138/0x168 kvm_arch_vcpu_ioctl_vcpu_init+0x40/0x2b0 kvm_arch_vcpu_ioctl+0x28c/0x4b8 kvm_vcpu_ioctl+0x4bc/0x7a8 __arm64_sys_ioctl+0xb4/0x100 invoke_syscall+0x70/0x100 el0_svc_common.constprop.0+0x48/0xf0 do_el0_svc+0x24/0x38 el0_svc+0x3c/0x158 el0t_64_sync_handler+0x120/0x130 el0t_64_sync+0x194/0x198 Fixes: 7af0c2534f4c ("KVM: arm64: Normalize cache configuration") Cc: stable@vger.kernel.org Reviewed-by: Gavin Shan Signed-off-by: Ilkka Koskinen Reviewed-by: Anshuman Khandual Link: https://lore.kernel.org/r/20241017025701.67936-1-ilkka@os.amperecomputing.com Signed-off-by: Marc Zyngier commit afa9b48f327c9ef36bfba4c643a29385a633252b Author: Marc Zyngier Date: Thu Oct 10 16:13:26 2024 +0100 KVM: arm64: Shave a few bytes from the EL2 idmap code Our idmap is becoming too big, to the point where it doesn't fit in a 4kB page anymore. There are some low-hanging fruits though, such as the el2_init_state horror that is expanded 3 times in the kernel. Let's at least limit ourselves to two copies, which makes the kernel link again. At some point, we'll have to have a better way of doing this. Reported-by: Nathan Chancellor Signed-off-by: Marc Zyngier Link: https://lore.kernel.org/r/20241009204903.GA3353168@thelio-3990X commit be602cde657ee43d23adbf309be6d700d0106dc9 Merge: cd9626e9ebc77e c964ced7726294 Author: Ingo Molnar Date: Thu Oct 17 09:58:07 2024 +0200 Merge branch 'linus' into sched/urgent, to resolve conflict Conflicts: kernel/sched/ext.c There's a context conflict between this upstream commit: 3fdb9ebcec10 sched_ext: Start schedulers with consistent p->scx.slice values ... and this fix in sched/urgent: 98442f0ccd82 sched: Fix delayed_dequeue vs switched_from_fair() Resolve it. Signed-off-by: Ingo Molnar commit 4cd33d972e0ff596df99db9afcc37e50d1772b48 Merge: 8e929cb546ee42 77ad507dbb7ec1 Author: Dave Airlie Date: Thu Oct 17 17:40:54 2024 +1000 Merge tag 'drm-msm-fixes-2024-10-16' of https://gitlab.freedesktop.org/drm/msm into drm-fixes Fixes for v6.12 Display: - move CRTC resource assignment to atomic_check otherwise to make consecutive calls to atomic_check() consistent - fix rounding / sign-extension issues with pclk calculation in case of DSC - cleanups to drop incorrect null checks in dpu snapshots - fix to use kvzalloc in dpu snapshot to avoid allocation issues in heavily loaded system cases - Fix to not program merge_3d block if dual LM is not being used - Fix to not flush merge_3d block if its not enabled otherwise this leads to false timeouts GPU: - a7xx: add a fence wait before SMMU table update Signed-off-by: Dave Airlie From: Rob Clark Link: https://patchwork.freedesktop.org/patch/msgid/CAF6AEGsp3Zbd_H3FhHdRz9yCYA4wxX4SenpYRSk=Mx2d8GMSuQ@mail.gmail.com commit b130ba4a6259f6b64d8af15e9e7ab1e912bcb7ad Author: Wei Xu Date: Mon Oct 14 22:12:11 2024 +0000 mm/mglru: only clear kswapd_failures if reclaimable lru_gen_shrink_node() unconditionally clears kswapd_failures, which can prevent kswapd from sleeping and cause 100% kswapd cpu usage even when kswapd repeatedly fails to make progress in reclaim. Only clear kswap_failures in lru_gen_shrink_node() if reclaim makes some progress, similar to shrink_node(). I happened to run into this problem in one of my tests recently. It requires a combination of several conditions: The allocator needs to allocate a right amount of pages such that it can wake up kswapd without itself being OOM killed; there is no memory for kswapd to reclaim (My test disables swap and cleans page cache first); no other process frees enough memory at the same time. Link: https://lkml.kernel.org/r/20241014221211.832591-1-weixugc@google.com Fixes: e4dde56cd208 ("mm: multi-gen LRU: per-node lru_gen_folio lists") Signed-off-by: Wei Xu Cc: Axel Rasmussen Cc: Brian Geffon Cc: Jan Alexander Steffens Cc: Suleiman Souhlal Cc: Yu Zhao Cc: Signed-off-by: Andrew Morton commit 7528c4fb1237512ee18049f852f014eba80bbe8d Author: Liu Shixin Date: Tue Oct 15 09:45:21 2024 +0800 mm/swapfile: skip HugeTLB pages for unuse_vma I got a bad pud error and lost a 1GB HugeTLB when calling swapoff. The problem can be reproduced by the following steps: 1. Allocate an anonymous 1GB HugeTLB and some other anonymous memory. 2. Swapout the above anonymous memory. 3. run swapoff and we will get a bad pud error in kernel message: mm/pgtable-generic.c:42: bad pud 00000000743d215d(84000001400000e7) We can tell that pud_clear_bad is called by pud_none_or_clear_bad in unuse_pud_range() by ftrace. And therefore the HugeTLB pages will never be freed because we lost it from page table. We can skip HugeTLB pages for unuse_vma to fix it. Link: https://lkml.kernel.org/r/20241015014521.570237-1-liushixin2@huawei.com Fixes: 0fe6e20b9c4c ("hugetlb, rmap: add reverse mapping for hugepage") Signed-off-by: Liu Shixin Acked-by: Muchun Song Cc: Naoya Horiguchi Cc: Signed-off-by: Andrew Morton commit 3e822bed2fbd1527d88f483342b1d2a468520a9a Author: Nanyong Sun Date: Tue Oct 15 10:02:57 2024 +0800 selftests: mm: fix the incorrect usage() info of khugepaged The mount option of tmpfs should be huge=advise, not madvise which is not supported and may mislead the users. Link: https://lkml.kernel.org/r/20241015020257.139235-1-sunnanyong@huawei.com Fixes: 1b03d0d558a2 ("selftests/vm: add thp collapse file and tmpfs testing") Signed-off-by: Nanyong Sun Reviewed-by: Baolin Wang Reviewed-by: Anshuman Khandual Cc: Kefeng Wang Cc: Shuah Khan Cc: Zach O'Keefe Signed-off-by: Andrew Morton commit cb2bb9c564acf45f1725696177fdb1bc067f4dbb Author: Jann Horn Date: Mon Oct 14 22:50:57 2024 +0200 MAINTAINERS: add Jann as memory mapping/VMA reviewer Add myself as a reviewer for memory mapping / VMA code. I will probably only reply to patches sporadically, but hopefully this will help me keep up with changes that look interesting security-wise. Link: https://lkml.kernel.org/r/20241014-maintainers-mmap-reviewer-v1-1-50dce0514752@google.com Signed-off-by: Jann Horn Acked-by: Liam R. Howlett Acked-by: Lorenzo Stoakes Acked-by: Vlastimil Babka Signed-off-by: Andrew Morton commit 818f916e3a07bf0c64bbf5e250ad209eebe21c85 Author: Jeongjun Park Date: Mon Oct 7 16:06:23 2024 +0900 mm: swap: prevent possible data-race in __try_to_reclaim_swap A report [1] was uploaded from syzbot. In the previous commit 862590ac3708 ("mm: swap: allow cache reclaim to skip slot cache"), the __try_to_reclaim_swap() function reads offset and folio->entry from folio without folio_lock protection. In the currently reported KCSAN log, it is assumed that the actual data-race will not occur because the calltrace that does WRITE already obtains the folio_lock and then writes. However, the existing __try_to_reclaim_swap() function was already implemented to perform reads under folio_lock protection [1], and there is a risk of a data-race occurring through a function other than the one shown in the KCSAN log. Therefore, I think it is appropriate to change read operations for folio to be performed under folio_lock. [1] ================================================================== BUG: KCSAN: data-race in __delete_from_swap_cache / __try_to_reclaim_swap write to 0xffffea0004c90328 of 8 bytes by task 5186 on cpu 0: __delete_from_swap_cache+0x1f0/0x290 mm/swap_state.c:163 delete_from_swap_cache+0x72/0xe0 mm/swap_state.c:243 folio_free_swap+0x1d8/0x1f0 mm/swapfile.c:1850 free_swap_cache mm/swap_state.c:293 [inline] free_pages_and_swap_cache+0x1fc/0x410 mm/swap_state.c:325 __tlb_batch_free_encoded_pages mm/mmu_gather.c:136 [inline] tlb_batch_pages_flush mm/mmu_gather.c:149 [inline] tlb_flush_mmu_free mm/mmu_gather.c:366 [inline] tlb_flush_mmu+0x2cf/0x440 mm/mmu_gather.c:373 zap_pte_range mm/memory.c:1700 [inline] zap_pmd_range mm/memory.c:1739 [inline] zap_pud_range mm/memory.c:1768 [inline] zap_p4d_range mm/memory.c:1789 [inline] unmap_page_range+0x1f3c/0x22d0 mm/memory.c:1810 unmap_single_vma+0x142/0x1d0 mm/memory.c:1856 unmap_vmas+0x18d/0x2b0 mm/memory.c:1900 exit_mmap+0x18a/0x690 mm/mmap.c:1864 __mmput+0x28/0x1b0 kernel/fork.c:1347 mmput+0x4c/0x60 kernel/fork.c:1369 exit_mm+0xe4/0x190 kernel/exit.c:571 do_exit+0x55e/0x17f0 kernel/exit.c:926 do_group_exit+0x102/0x150 kernel/exit.c:1088 get_signal+0xf2a/0x1070 kernel/signal.c:2917 arch_do_signal_or_restart+0x95/0x4b0 arch/x86/kernel/signal.c:337 exit_to_user_mode_loop kernel/entry/common.c:111 [inline] exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline] syscall_exit_to_user_mode+0x59/0x130 kernel/entry/common.c:218 do_syscall_64+0xd6/0x1c0 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffffea0004c90328 of 8 bytes by task 5189 on cpu 1: __try_to_reclaim_swap+0x9d/0x510 mm/swapfile.c:198 free_swap_and_cache_nr+0x45d/0x8a0 mm/swapfile.c:1915 zap_pte_range mm/memory.c:1656 [inline] zap_pmd_range mm/memory.c:1739 [inline] zap_pud_range mm/memory.c:1768 [inline] zap_p4d_range mm/memory.c:1789 [inline] unmap_page_range+0xcf8/0x22d0 mm/memory.c:1810 unmap_single_vma+0x142/0x1d0 mm/memory.c:1856 unmap_vmas+0x18d/0x2b0 mm/memory.c:1900 exit_mmap+0x18a/0x690 mm/mmap.c:1864 __mmput+0x28/0x1b0 kernel/fork.c:1347 mmput+0x4c/0x60 kernel/fork.c:1369 exit_mm+0xe4/0x190 kernel/exit.c:571 do_exit+0x55e/0x17f0 kernel/exit.c:926 __do_sys_exit kernel/exit.c:1055 [inline] __se_sys_exit kernel/exit.c:1053 [inline] __x64_sys_exit+0x1f/0x20 kernel/exit.c:1053 x64_sys_call+0x2d46/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:61 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0x0000000000000242 -> 0x0000000000000000 Link: https://lkml.kernel.org/r/20241007070623.23340-1-aha310510@gmail.com Reported-by: syzbot+fa43f1b63e3aa6f66329@syzkaller.appspotmail.com Fixes: 862590ac3708 ("mm: swap: allow cache reclaim to skip slot cache") Signed-off-by: Jeongjun Park Acked-by: Chris Li Reviewed-by: Kairui Song Signed-off-by: Andrew Morton commit d60fcaf00d752c52fdf566d4184e6d04d9d08879 Author: Baolin Wang Date: Mon Oct 14 18:24:44 2024 +0800 mm: khugepaged: fix the incorrect statistics when collapsing large file folios Khugepaged already supports collapsing file large folios (including shmem mTHP) by commit 7de856ffd007 ("mm: khugepaged: support shmem mTHP collapse"), and the control parameters in khugepaged: 'khugepaged_max_ptes_swap' and 'khugepaged_max_ptes_none', still compare based on PTE granularity to determine whether a file collapse is needed. However, the statistics for 'present' and 'swap' in hpage_collapse_scan_file() do not take into account the large folios, which may lead to incorrect judgments regarding the khugepaged_max_ptes_swap/none parameters, resulting in unnecessary file collapses. To fix this issue, take into account the large folios' statistics for 'present' and 'swap' variables in the hpage_collapse_scan_file(). Link: https://lkml.kernel.org/r/c76305d96d12d030a1a346b50503d148364246d2.1728901391.git.baolin.wang@linux.alibaba.com Fixes: 7de856ffd007 ("mm: khugepaged: support shmem mTHP collapse") Signed-off-by: Baolin Wang Acked-by: David Hildenbrand Reviewed-by: Barry Song Reviewed-by: Zi Yan Reviewed-by: Yang Shi Cc: Hugh Dickins Cc: Matthew Wilcox Cc: Ryan Roberts Signed-off-by: Andrew Morton commit 22ff9b0ff11a762852cd620972f265b3129e3fe7 Author: Andrey Konovalov Date: Sun Oct 13 00:55:24 2024 +0200 MAINTAINERS: kasan, kcov: add bugzilla links Add links to the Bugzilla component that's used to track KASAN and KCOV issues. Link: https://lkml.kernel.org/r/20241012225524.117871-1-andrey.konovalov@linux.dev Signed-off-by: Andrey Konovalov Acked-by: Dmitry Vyukov Cc: Alexander Potapenko Cc: Andrey Ryabinin Cc: Marco Elver Signed-off-by: Andrew Morton commit 2b0f922323ccfa76219bcaacd35cd50aeaa13592 Author: David Hildenbrand Date: Fri Oct 11 12:24:45 2024 +0200 mm: don't install PMD mappings when THPs are disabled by the hw/process/vma We (or rather, readahead logic :) ) might be allocating a THP in the pagecache and then try mapping it into a process that explicitly disabled THP: we might end up installing PMD mappings. This is a problem for s390x KVM, which explicitly remaps all PMD-mapped THPs to be PTE-mapped in s390_enable_sie()->thp_split_mm(), before starting the VM. For example, starting a VM backed on a file system with large folios supported makes the VM crash when the VM tries accessing such a mapping using KVM. Is it also a problem when the HW disabled THP using TRANSPARENT_HUGEPAGE_UNSUPPORTED? At least on x86 this would be the case without X86_FEATURE_PSE. In the future, we might be able to do better on s390x and only disallow PMD mappings -- what s390x and likely TRANSPARENT_HUGEPAGE_UNSUPPORTED really wants. For now, fix it by essentially performing the same check as would be done in __thp_vma_allowable_orders() or in shmem code, where this works as expected, and disallow PMD mappings, making us fallback to PTE mappings. Link: https://lkml.kernel.org/r/20241011102445.934409-3-david@redhat.com Fixes: 793917d997df ("mm/readahead: Add large folio readahead") Signed-off-by: David Hildenbrand Reported-by: Leo Fu Tested-by: Thomas Huth Cc: Thomas Huth Cc: Matthew Wilcox (Oracle) Cc: Ryan Roberts Cc: Christian Borntraeger Cc: Janosch Frank Cc: Claudio Imbrenda Cc: Hugh Dickins Cc: Kefeng Wang Cc: Signed-off-by: Andrew Morton commit 963756aac1f011d904ddd9548ae82286d3a91f96 Author: Kefeng Wang Date: Fri Oct 11 12:24:44 2024 +0200 mm: huge_memory: add vma_thp_disabled() and thp_disabled_by_hw() Patch series "mm: don't install PMD mappings when THPs are disabled by the hw/process/vma". During testing, it was found that we can get PMD mappings in processes where THP (and more precisely, PMD mappings) are supposed to be disabled. While it works as expected for anon+shmem, the pagecache is the problematic bit. For s390 KVM this currently means that a VM backed by a file located on filesystem with large folio support can crash when KVM tries accessing the problematic page, because the readahead logic might decide to use a PMD-sized THP and faulting it into the page tables will install a PMD mapping, something that s390 KVM cannot tolerate. This might also be a problem with HW that does not support PMD mappings, but I did not try reproducing it. Fix it by respecting the ways to disable THPs when deciding whether we can install a PMD mapping. khugepaged should already be taking care of not collapsing if THPs are effectively disabled for the hw/process/vma. This patch (of 2): Add vma_thp_disabled() and thp_disabled_by_hw() helpers to be shared by shmem_allowable_huge_orders() and __thp_vma_allowable_orders(). [david@redhat.com: rename to vma_thp_disabled(), split out thp_disabled_by_hw() ] Link: https://lkml.kernel.org/r/20241011102445.934409-2-david@redhat.com Fixes: 793917d997df ("mm/readahead: Add large folio readahead") Signed-off-by: Kefeng Wang Signed-off-by: David Hildenbrand Reported-by: Leo Fu Tested-by: Thomas Huth Reviewed-by: Ryan Roberts Cc: Boqiao Fu Cc: Christian Borntraeger Cc: Claudio Imbrenda Cc: Hugh Dickins Cc: Janosch Frank Cc: Matthew Wilcox Cc: Signed-off-by: Andrew Morton commit f4050ccab716541454d2d33758eab6df1a092f7a Author: SeongJae Park Date: Fri Oct 11 10:01:54 2024 -0700 Docs/damon/maintainer-profile: update deprecated awslabs GitHub URLs DAMON GitHub repos have moved from awslabs GitHub org to damonitor org[1]. Following the change, URLs on documents are also updated[2]. However, commit 2e9b3d6e2e59 ("Docs/damon/maintainer-profile: add links in place"), which was added just after the update, was using the deprecated GitHub URLs. Update those to use damonitor GitHub URLs instead. [1] https://lore.kernel.org/20240813232158.83903-1-sj@kernel.org [2] https://lore.kernel.org/20240826015741.80707-2-sj@kernel.org Link: https://lkml.kernel.org/r/20241011170154.70651-3-sj@kernel.org Fixes: 2e9b3d6e2e59 ("Docs/damon/maintainer-profile: add links in place") Signed-off-by: SeongJae Park Cc: Jonathan Corbet Signed-off-by: Andrew Morton commit 46e10f644ac0a48d719436d4e9d61289f3979835 Author: SeongJae Park Date: Fri Oct 11 10:01:53 2024 -0700 Docs/damon/maintainer-profile: add missing '_' suffixes for external web links Patch series "Docs/damon/maintainer-profile: a couple of minor hotfixes". DAMON maintainer-profile.rst file patches[1] that were merged into the v6.12-rc1 have a couple of minor mistakes. Fix those. [1] https://lore.kernel.org/20240826015741.80707-1-sj@kernel.org This patch (of 2): Links to external web pages on DAMON's maintainer-profile.rst are missing '_' suffixes. As a result, rendered document is having only verbose URLs that cannot be clicked. Fix those. Also, update the link texts for git trees to contain the names of the trees, for better readability and avoiding below Sphinx warning. maintainer-profile.rst:4: WARNING: Duplicate explicit target name: "tree". Link: https://lkml.kernel.org/r/20241011170154.70651-1-sj@kernel.org Link: https://lkml.kernel.org/r/20241011170154.70651-2-sj@kernel.org Fixes: 2e9b3d6e2e59 ("Docs/damon/maintainer-profile: add links in place") Signed-off-by: SeongJae Park Cc: Jonathan Corbet Signed-off-by: Andrew Morton commit a6e0ceb7bf48695d199f93432b35cb11502da0e4 Author: Sidhartha Kumar Date: Fri Oct 11 17:44:50 2024 -0400 maple_tree: check for MA_STATE_BULK on setting wr_rebalance It is possible for a bulk operation (MA_STATE_BULK is set) to enter the new_end < mt_min_slots[type] case and set wr_rebalance as a store type. This is incorrect as bulk stores do not rebalance per write, but rather after the all of the writes are done through the mas_bulk_rebalance() path. Therefore, add a check to make sure MA_STATE_BULK is not set before we return wr_rebalance as the store type. Also add a test to make sure wr_rebalance is never the store type when doing bulk operations via mas_expected_entries() This is a hotfix for this rc however it has no userspace effects as there are no users of the bulk insertion mode. Link: https://lkml.kernel.org/r/20241011214451.7286-1-sidhartha.kumar@oracle.com Fixes: 5d659bbb52a2 ("maple_tree: introduce mas_wr_store_type()") Suggested-by: Liam Howlett Signed-off-by: Sidhartha Reviewed-by: Wei Yang Reviewed-by: Liam Howlett Cc: Matthew Wilcox Signed-off-by: Andrew Morton commit 37f0b47c5143c2957909ced44fc09ffb118c99f7 Author: Yang Shi Date: Fri Oct 11 18:17:02 2024 -0700 mm: khugepaged: fix the arguments order in khugepaged_collapse_file trace point The "addr" and "is_shmem" arguments have different order in TP_PROTO and TP_ARGS. This resulted in the incorrect trace result: text-hugepage-644429 [276] 392092.878683: mm_khugepaged_collapse_file: mm=0xffff20025d52c440, hpage_pfn=0x200678c00, index=512, addr=1, is_shmem=0, filename=text-hugepage, nr=512, result=failed The value of "addr" is wrong because it was treated as bool value, the type of is_shmem. Fix the order in TP_PROTO to keep "addr" is before "is_shmem" since the original patch review suggested this order to achieve best packing. And use "lx" for "addr" instead of "ld" in TP_printk because address is typically shown in hex. After the fix, the trace result looks correct: text-hugepage-7291 [004] 128.627251: mm_khugepaged_collapse_file: mm=0xffff0001328f9500, hpage_pfn=0x20016ea00, index=512, addr=0x400000, is_shmem=0, filename=text-hugepage, nr=512, result=failed Link: https://lkml.kernel.org/r/20241012011702.1084846-1-yang@os.amperecomputing.com Fixes: 4c9473e87e75 ("mm/khugepaged: add tracepoint to collapse_file()") Signed-off-by: Yang Shi Cc: Gautam Menghani Cc: Steven Rostedt (Google) Cc: [6.2+] Signed-off-by: Andrew Morton commit 2d6a1c835685de3b0c8e8dc871f60f4ef92ab01a Author: Jinjie Ruan Date: Thu Oct 10 20:53:23 2024 +0800 mm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets() The sysfs_target->regions allocated in damon_sysfs_regions_alloc() is not freed in damon_sysfs_test_add_targets(), which cause the following memory leak, free it to fix it. unreferenced object 0xffffff80c2a8db80 (size 96): comm "kunit_try_catch", pid 187, jiffies 4294894363 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 0): [<0000000001e3714d>] kmemleak_alloc+0x34/0x40 [<000000008e6835c1>] __kmalloc_cache_noprof+0x26c/0x2f4 [<000000001286d9f8>] damon_sysfs_test_add_targets+0x1cc/0x738 [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000adf936cf>] kthread+0x2e8/0x374 [<0000000041bb1628>] ret_from_fork+0x10/0x20 Link: https://lkml.kernel.org/r/20241010125323.3127187-1-ruanjinjie@huawei.com Fixes: b8ee5575f763 ("mm/damon/sysfs-test: add a unit test for damon_sysfs_set_targets()") Signed-off-by: Jinjie Ruan Reviewed-by: SeongJae Park Cc: Signed-off-by: Andrew Morton commit a5e8eb25135a48d400e5a695ba9329bc632c3bb4 Author: Andy Shevchenko Date: Tue Oct 8 22:13:29 2024 +0300 mm: remove unused stub for can_swapin_thp() When can_swapin_thp() is unused, it prevents kernel builds with clang, `make W=1` and CONFIG_WERROR=y: mm/memory.c:4184:20: error: unused function 'can_swapin_thp' [-Werror,-Wunused-function] Fix this by removing the unused stub. See also commit 6863f5643dd7 ("kbuild: allow Clang to find unused static inline functions for W=1 build"). Link: https://lkml.kernel.org/r/20241008191329.2332346-1-andriy.shevchenko@linux.intel.com Fixes: 242d12c98174 ("mm: support large folios swap-in for sync io devices") Signed-off-by: Andy Shevchenko Acked-by: Barry Song Cc: Bill Wendling Cc: Chuanhua Han Cc: Justin Stitt Cc: Nathan Chancellor Cc: Nick Desaulniers Signed-off-by: Andrew Morton commit 3f4e74cb3f2d06c3128e5b22c603a0dd4ab6f540 Author: Andy Chiu Date: Wed Oct 9 22:49:34 2024 +0800 mailmap: add an entry for Andy Chiu Map my outdated addresses within mailmap. Link: https://lkml.kernel.org/r/20241009144934.43027-1-andybnac@gmail.com Signed-off-by: Andy Chiu Cc: Greentime Hu Cc: Paul Walmsley Cc: Leon Chien Signed-off-by: Andrew Morton commit f8dc524e5929695664fd05a7c3e369cd7edcf8a9 Author: Lorenzo Stoakes Date: Wed Oct 9 21:10:32 2024 +0100 MAINTAINERS: add memory mapping/VMA co-maintainers Add myself and Liam as co-maintainers of the memory mapping and VMA code alongside Andrew as we are heavily involved in its implementation and maintenance. Link: https://lkml.kernel.org/r/20241009201032.6130-1-lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Acked-by: Vlastimil Babka Acked-by: Liam R. Howlett Signed-off-by: Andrew Morton commit 5778ace04e6f07043f1564bc9b47b1098608cfdd Author: Brahmajit Das Date: Sat Oct 5 12:07:00 2024 +0530 fs/proc: fix build with GCC 15 due to -Werror=unterminated-string-initialization show show_smap_vma_flags() has been a using misspelled initializer in mnemonics[] - it needed to initialize 2 element array of char and it used NUL-padded 2 character string literals (i.e. 3-element initializer). This has been spotted by gcc-15[*]; prior to that gcc quietly dropped the 3rd eleemnt of initializers. To fix this we are increasing the size of mnemonics[] (from mnemonics[BITS_PER_LONG][2] to mnemonics[BITS_PER_LONG][3]) to accomodate the NUL-padded string literals. This also helps us in simplyfying the logic for printing of the flags as instead of printing each character from the mnemonics[], we can just print the mnemonics[] using seq_printf. [*]: fs/proc/task_mmu.c:917:49: error: initializer-string for array of `char' is too long [-Werror=unterminate d-string-initialization] 917 | [0 ... (BITS_PER_LONG-1)] = "??", | ^~~~ fs/proc/task_mmu.c:917:49: error: initializer-string for array of `char' is too long [-Werror=unterminate d-string-initialization] fs/proc/task_mmu.c:917:49: error: initializer-string for array of `char' is too long [-Werror=unterminate d-string-initialization] fs/proc/task_mmu.c:917:49: error: initializer-string for array of `char' is too long [-Werror=unterminate d-string-initialization] fs/proc/task_mmu.c:917:49: error: initializer-string for array of `char' is too long [-Werror=unterminate d-string-initialization] fs/proc/task_mmu.c:917:49: error: initializer-string for array of `char' is too long [-Werror=unterminate d-string-initialization] ... Stephen pointed out: : The C standard explicitly allows for a string initializer to be too long : due to the NUL byte at the end ... so this warning may be overzealous. but let's make the warning go away anwyay. Link: https://lkml.kernel.org/r/20241005063700.2241027-1-brahmajit.xyz@gmail.com Link: https://lkml.kernel.org/r/20241003093040.47c08382@canb.auug.org.au Signed-off-by: Brahmajit Das Cc: Cyrill Gorcunov Cc: David Hildenbrand Cc: Stephen Rothwell Signed-off-by: Andrew Morton commit dc783ba4b9df3fb3e76e968b2cbeb9960069263c Author: Florian Westphal Date: Mon Oct 7 22:52:24 2024 +0200 lib: alloc_tag_module_unload must wait for pending kfree_rcu calls Ben Greear reports following splat: ------------[ cut here ]------------ net/netfilter/nf_nat_core.c:1114 module nf_nat func:nf_nat_register_fn has 256 allocated at module unload WARNING: CPU: 1 PID: 10421 at lib/alloc_tag.c:168 alloc_tag_module_unload+0x22b/0x3f0 Modules linked in: nf_nat(-) btrfs ufs qnx4 hfsplus hfs minix vfat msdos fat ... Hardware name: Default string Default string/SKYBAY, BIOS 5.12 08/04/2020 RIP: 0010:alloc_tag_module_unload+0x22b/0x3f0 codetag_unload_module+0x19b/0x2a0 ? codetag_load_module+0x80/0x80 nf_nat module exit calls kfree_rcu on those addresses, but the free operation is likely still pending by the time alloc_tag checks for leaks. Wait for outstanding kfree_rcu operations to complete before checking resolves this warning. Reproducer: unshare -n iptables-nft -t nat -A PREROUTING -p tcp grep nf_nat /proc/allocinfo # will list 4 allocations rmmod nft_chain_nat rmmod nf_nat # will WARN. [akpm@linux-foundation.org: add comment] Link: https://lkml.kernel.org/r/20241007205236.11847-1-fw@strlen.de Fixes: a473573964e5 ("lib: code tagging module support") Signed-off-by: Florian Westphal Reported-by: Ben Greear Closes: https://lore.kernel.org/netdev/bdaaef9d-4364-4171-b82b-bcfc12e207eb@candelatech.com/ Cc: Uladzislau Rezki Cc: Vlastimil Babka Cc: Suren Baghdasaryan Cc: Kent Overstreet Cc: Signed-off-by: Andrew Morton commit 6fa1066fc5d00cb9f1b0e83b7ff6ef98d26ba2aa Author: Jann Horn Date: Mon Oct 7 23:42:04 2024 +0200 mm/mremap: fix move_normal_pmd/retract_page_tables race In mremap(), move_page_tables() looks at the type of the PMD entry and the specified address range to figure out by which method the next chunk of page table entries should be moved. At that point, the mmap_lock is held in write mode, but no rmap locks are held yet. For PMD entries that point to page tables and are fully covered by the source address range, move_pgt_entry(NORMAL_PMD, ...) is called, which first takes rmap locks, then does move_normal_pmd(). move_normal_pmd() takes the necessary page table locks at source and destination, then moves an entire page table from the source to the destination. The problem is: The rmap locks, which protect against concurrent page table removal by retract_page_tables() in the THP code, are only taken after the PMD entry has been read and it has been decided how to move it. So we can race as follows (with two processes that have mappings of the same tmpfs file that is stored on a tmpfs mount with huge=advise); note that process A accesses page tables through the MM while process B does it through the file rmap: process A process B ========= ========= mremap mremap_to move_vma move_page_tables get_old_pmd alloc_new_pmd *** PREEMPT *** madvise(MADV_COLLAPSE) do_madvise madvise_walk_vmas madvise_vma_behavior madvise_collapse hpage_collapse_scan_file collapse_file retract_page_tables i_mmap_lock_read(mapping) pmdp_collapse_flush i_mmap_unlock_read(mapping) move_pgt_entry(NORMAL_PMD, ...) take_rmap_locks move_normal_pmd drop_rmap_locks When this happens, move_normal_pmd() can end up creating bogus PMD entries in the line `pmd_populate(mm, new_pmd, pmd_pgtable(pmd))`. The effect depends on arch-specific and machine-specific details; on x86, you can end up with physical page 0 mapped as a page table, which is likely exploitable for user->kernel privilege escalation. Fix the race by letting process B recheck that the PMD still points to a page table after the rmap locks have been taken. Otherwise, we bail and let the caller fall back to the PTE-level copying path, which will then bail immediately at the pmd_none() check. Bug reachability: Reaching this bug requires that you can create shmem/file THP mappings - anonymous THP uses different code that doesn't zap stuff under rmap locks. File THP is gated on an experimental config flag (CONFIG_READ_ONLY_THP_FOR_FS), so on normal distro kernels you need shmem THP to hit this bug. As far as I know, getting shmem THP normally requires that you can mount your own tmpfs with the right mount flags, which would require creating your own user+mount namespace; though I don't know if some distros maybe enable shmem THP by default or something like that. Bug impact: This issue can likely be used for user->kernel privilege escalation when it is reachable. Link: https://lkml.kernel.org/r/20241007-move_normal_pmd-vs-collapse-fix-2-v1-1-5ead9631f2ea@google.com Fixes: 1d65b771bc08 ("mm/khugepaged: retract_page_tables() without mmap or vma lock") Signed-off-by: Jann Horn Signed-off-by: David Hildenbrand Co-developed-by: David Hildenbrand Closes: https://project-zero.issues.chromium.org/371047675 Acked-by: Qi Zheng Reviewed-by: Lorenzo Stoakes Cc: Hugh Dickins Cc: Joel Fernandes Cc: Matthew Wilcox Cc: Signed-off-by: Andrew Morton commit 8f3ce3d996bf1e2f8474ec3ddabdb8765c19e6ea Author: Sebastian Andrzej Siewior Date: Mon Oct 7 16:30:49 2024 +0200 mm: percpu: increase PERCPU_DYNAMIC_SIZE_SHIFT on certain builds. Arnd reported a build failure due to the BUILD_BUG_ON() statement in alloc_kmem_cache_cpus(). The test PERCPU_DYNAMIC_EARLY_SIZE < NR_KMALLOC_TYPES * KMALLOC_SHIFT_HIGH * sizeof(struct kmem_cache_cpu) The factors that increase the right side of the equation: - PAGE_SIZE > 4KiB increases KMALLOC_SHIFT_HIGH - For the local_lock_t in kmem_cache_cpu: - PREEMPT_RT adds an actual lock. - LOCKDEP increases the size of the lock. - LOCK_STAT adds additional bytes plus padding to the lockdep structure. The net difference with and without PREEMPT_RT is 88 bytes for the lock_lock_t, 96 bytes for kmem_cache_cpu due to additional padding. This is enough to exceed the 80KiB limit with 16KiB page size - the 8KiB page size is fine. Increase PERCPU_DYNAMIC_SIZE_SHIFT to 13 on configs with PAGE_SIZE larger than 4KiB and LOCKDEP enabled. Link: https://lkml.kernel.org/r/20241007143049.gyMpEu89@linutronix.de Fixes: d8fccd9ca5f9 ("arm64: Allow to enable PREEMPT_RT.") Signed-off-by: Sebastian Andrzej Siewior Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202410020326.iaZIteIx-lkp@intel.com/ Reported-by: Arnd Bergmann Closes: https://lore.kernel.org/20241004095702.637528-1-arnd@kernel.org Acked-by: Arnd Bergmann Acked-by: Vlastimil Babka Acked-by: David Rientjes Cc: Christoph Lameter Cc: Dennis Zhou Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Joonsoo Kim Cc: Pekka Enberg Cc: Roman Gushchin Cc: Tejun Heo Cc: Thomas Gleixner Signed-off-by: Andrew Morton commit e142cc87ac4ec618f2ccf5f68aedcd6e28a59d9d Author: Edward Liaw Date: Thu Oct 3 21:17:11 2024 +0000 selftests/mm: fix deadlock for fork after pthread_create on ARM On Android with arm, there is some synchronization needed to avoid a deadlock when forking after pthread_create. Link: https://lkml.kernel.org/r/20241003211716.371786-3-edliaw@google.com Fixes: cff294582798 ("selftests/mm: extend and rename uffd pagemap test") Signed-off-by: Edward Liaw Cc: Lokesh Gidra Cc: Peter Xu Cc: Shuah Khan Cc: Signed-off-by: Andrew Morton commit e61ef21e27e8deed8c474e9f47f4aa7bc37e138c Author: Edward Liaw Date: Thu Oct 3 21:17:10 2024 +0000 selftests/mm: replace atomic_bool with pthread_barrier_t Patch series "selftests/mm: fix deadlock after pthread_create". On Android arm, pthread_create followed by a fork caused a deadlock in the case where the fork required work to be completed by the created thread. Update the synchronization primitive to use pthread_barrier instead of atomic_bool. Apply the same fix to the wp-fork-with-event test. This patch (of 2): Swap synchronization primitive with pthread_barrier, so that stdatomic.h does not need to be included. The synchronization is needed on Android ARM64; we see a deadlock with pthread_create when the parent thread races forward before the child has a chance to start doing work. Link: https://lkml.kernel.org/r/20241003211716.371786-1-edliaw@google.com Link: https://lkml.kernel.org/r/20241003211716.371786-2-edliaw@google.com Fixes: cff294582798 ("selftests/mm: extend and rename uffd pagemap test") Signed-off-by: Edward Liaw Cc: Lokesh Gidra Cc: Peter Xu Cc: Shuah Khan Cc: Signed-off-by: Andrew Morton commit 963a7f4d3b90ee195b895ca06b95757fcba02d1a Author: OGAWA Hirofumi Date: Fri Oct 4 15:03:49 2024 +0900 fat: fix uninitialized variable syszbot produced this with a corrupted fs image. In theory, however an IO error would trigger this also. This affects just an error report, so should not be a serious error. Link: https://lkml.kernel.org/r/87r08wjsnh.fsf@mail.parknet.co.jp Link: https://lkml.kernel.org/r/66ff2c95.050a0220.49194.03e9.GAE@google.com Signed-off-by: OGAWA Hirofumi Reported-by: syzbot+ef0d7bc412553291aa86@syzkaller.appspotmail.com Cc: Signed-off-by: Andrew Morton commit 08cfa12adf888db98879dbd735bc741360a34168 Author: Ryusuke Konishi Date: Fri Oct 4 12:35:31 2024 +0900 nilfs2: propagate directory read errors from nilfs_find_entry() Syzbot reported that a task hang occurs in vcs_open() during a fuzzing test for nilfs2. The root cause of this problem is that in nilfs_find_entry(), which searches for directory entries, ignores errors when loading a directory page/folio via nilfs_get_folio() fails. If the filesystem images is corrupted, and the i_size of the directory inode is large, and the directory page/folio is successfully read but fails the sanity check, for example when it is zero-filled, nilfs_check_folio() may continue to spit out error messages in bursts. Fix this issue by propagating the error to the callers when loading a page/folio fails in nilfs_find_entry(). The current interface of nilfs_find_entry() and its callers is outdated and cannot propagate error codes such as -EIO and -ENOMEM returned via nilfs_find_entry(), so fix it together. Link: https://lkml.kernel.org/r/20241004033640.6841-1-konishi.ryusuke@gmail.com Fixes: 2ba466d74ed7 ("nilfs2: directory entry operations") Signed-off-by: Ryusuke Konishi Reported-by: Lizhi Xu Closes: https://lkml.kernel.org/r/20240927013806.3577931-1-lizhi.xu@windriver.com Reported-by: syzbot+8a192e8d090fa9a31135@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=8a192e8d090fa9a31135 Cc: Signed-off-by: Andrew Morton commit 74874c57939444b19993fe3dd6c0b70aba4f468c Author: Lorenzo Stoakes Date: Wed Oct 2 08:39:32 2024 +0100 mm/mmap: correct error handling in mmap_region() Commit f8d112a4e657 ("mm/mmap: avoid zeroing vma tree in mmap_region()") changed how error handling is performed in mmap_region(). The error value defaults to -ENOMEM, but then gets reassigned immediately to the result of vms_gather_munmap_vmas() if we are performing a MAP_FIXED mapping over existing VMAs (and thus unmapping them). This overwrites the error value, potentially clearing it. After this, we invoke may_expand_vm() and possibly vm_area_alloc(), and check to see if they failed. If they do so, then we perform error-handling logic, but importantly, we do NOT update the error code. This means that, if vms_gather_munmap_vmas() succeeds, but one of these calls does not, the function will return indicating no error, but rather an address value of zero, which is entirely incorrect. Correct this and avoid future confusion by strictly setting error on each and every occasion we jump to the error handling logic, and set the error code immediately prior to doing so. This way we can see at a glance that the error code is always correct. Many thanks to Vegard Nossum who spotted this issue in discussion around this problem. Link: https://lkml.kernel.org/r/20241002073932.13482-1-lorenzo.stoakes@oracle.com Fixes: f8d112a4e657 ("mm/mmap: avoid zeroing vma tree in mmap_region()") Signed-off-by: Lorenzo Stoakes Suggested-by: Vegard Nossum Reviewed-by: Vlastimil Babka Cc: "Liam R. Howlett" Signed-off-by: Andrew Morton commit c09c4f2a972ca7cd9c8926594aa2099bcbcd3b79 Author: Thomas Zimmermann Date: Tue Oct 15 08:49:07 2024 +0200 drm/ast: vga: Clear EDID if no display is connected Do not keep the obsolete EDID around after unplugging the display from the connector. Signed-off-by: Thomas Zimmermann Fixes: 2a2391f857cd ("drm/ast: vga: Transparently handle BMC support") Cc: Thomas Zimmermann Cc: Jocelyn Falempe Cc: Dave Airlie Cc: dri-devel@lists.freedesktop.org Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20241015065113.11790-3-tzimmermann@suse.de commit 5b3c0209e88a67a8d029ed8b6e30bca383cbdc55 Author: Thomas Zimmermann Date: Tue Oct 15 08:49:06 2024 +0200 drm/ast: sil164: Clear EDID if no display is connected Do not keep the obsolete EDID around after unplugging the display from the connector. Signed-off-by: Thomas Zimmermann Fixes: d20c2f846428 ("drm/ast: sil164: Transparently handle BMC support") Cc: Thomas Zimmermann Cc: Jocelyn Falempe Cc: Dave Airlie Cc: dri-devel@lists.freedesktop.org Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20241015065113.11790-2-tzimmermann@suse.de commit e5a3c24bcaf7bc1c3c2647395aae5de4660c1c64 Author: Thomas Zimmermann Date: Tue Oct 15 08:37:13 2024 +0200 Revert "drm/mgag200: Add vblank support" This reverts commit 6c9e14ee9f519ee605a3694fbfa4711284781d22. This reverts commit d5070c9b29440c270b534bbacd636b8fa558e82b. This reverts commit 89c6ea2006e2d39b125848fb0195c08fa0b354be. The VLINE interrupt doesn't work correctly on G200SE-A (at least). We have also seen missing interrupts on G200ER. So revert vblank support. Fixes frozen displays and warnings about missed vblanks. [ 33.818362] [CRTC:34:crtc-0] vblank wait timed out From the vblank code, the driver only keeps the register constants and the line that disables all interrupts in mgag200_device_init(). Both is still useful without vblank handling. Reported-by: Tony Luck Closes: https://lore.kernel.org/dri-devel/Zvx6lSi7oq5xvTZb@agluck-desk3.sc.intel.com/raw Tested-by: Tony Luck Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20241015063932.8620-1-tzimmermann@suse.de commit 30c9ae5ece8ecd69d36e6912c2c0896418f2468c Author: Mathias Nyman Date: Wed Oct 16 17:00:00 2024 +0300 xhci: dbc: honor usb transfer size boundaries. Treat each completed full size write to /dev/ttyDBC0 as a separate usb transfer. Make sure the size of the TRBs matches the size of the tty write by first queuing as many max packet size TRBs as possible up to the last TRB which will be cut short to match the size of the tty write. This solves an issue where userspace writes several transfers back to back via /dev/ttyDBC0 into a kfifo before dbgtty can find available request to turn that kfifo data into TRBs on the transfer ring. The boundary between transfer was lost as xhci-dbgtty then turned everyting in the kfifo into as many 'max packet size' TRBs as possible. DbC would then send more data to the host than intended for that transfer, causing host to issue a babble error. Refuse to write more data to kfifo until previous tty write data is turned into properly sized TRBs with data size boundaries matching tty write size Tested-by: Uday M Bhat Tested-by: Łukasz Bartosik Cc: stable@vger.kernel.org Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20241016140000.783905-5-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit f42a36bae0645f85c0290abc1d1385efd8ec9b13 Author: Michal Pecio Date: Wed Oct 16 16:59:59 2024 +0300 usb: xhci: Fix handling errors mid TD followed by other errors Some host controllers fail to produce the final completion event on an isochronous TD which experienced an error mid TD. We deal with it by flagging such TDs and checking if the next event points at the flagged TD or at the next one, and giving back the flagged TD if the latter. This is not enough, because the next TD may be missed by the xHC. Or there may be no next TD but a ring underrun. We also need to get such TD quickly out of the way, or errors on later TDs may be handled wrong. If the next TD experiences a Missed Service Error, we will set the skip flag on the endpoint and then attempt skipping TDs when yet another event arrives. In such scenario, we ought to report the 'error mid TD' transfer as such rather than skip it. Another problem case are Stopped events. If we see one after an error mid TD, we naively assume that it's a Force Stopped Event because it doesn't match the pending TD, but in reality it might be an ordinary Stopped event for the next TD, which we fail to recognize and handle. Fix this by moving error mid TD handling before the whole TD skipping loop. Remove unnecessary conditions, always give back the TD if the new event points to any TRB outside it or if the pointer is NULL, as may be the case in Ring Underrun and Overrun events on 1st gen hardware. Only if the pending TD isn't flagged, consider other actions like skipping. As a side effect of reordering with skip and FSE cases, error mid TD is reordered with last_td_was_short check. This is harmless, because the two cases are mutually exclusive - only one can happen in any given run of handle_tx_event(). Tested on the NEC host and a USB camera with flaky cable. Dynamic debug confirmed that Transaction Errors are sometimes seen, sometimes mid-TD, sometimes followed by Missed Service. In such cases, they were finished properly before skipping began. [Rebase on 6.12-rc1 -Mathias] Signed-off-by: Michal Pecio Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20241016140000.783905-4-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit fe49df60cdb7c2975aa743dc295f8786e4b7db10 Author: Mathias Nyman Date: Wed Oct 16 16:59:58 2024 +0300 xhci: Mitigate failed set dequeue pointer commands Avoid xHC host from processing a cancelled URB by always turning cancelled URB TDs into no-op TRBs before queuing a 'Set TR Deq' command. If the command fails then xHC will start processing the cancelled TD instead of skipping it once endpoint is restarted, causing issues like Babble error. This is not a complete solution as a failed 'Set TR Deq' command does not guarantee xHC TRB caches are cleared. Fixes: 4db356924a50 ("xhci: turn cancelled td cleanup to its own function") Cc: stable@vger.kernel.org Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20241016140000.783905-3-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 6599b6a6fa8060145046d0744456b6abdb3122a7 Author: Mathias Nyman Date: Wed Oct 16 16:59:57 2024 +0300 xhci: Fix incorrect stream context type macro The stream contex type (SCT) bitfield is used both in the stream context data structure, and in the 'Set TR Dequeue pointer' command TRB. In both cases it uses bits 3:1 The SCT_FOR_TRB(p) macro used to set the stream context type (SCT) field for the 'Set TR Dequeue pointer' command TRB incorrectly shifts the value 1 bit left before masking the three bits. Fix this by first masking and rshifting, just like the similar SCT_FOR_CTX(p) macro does This issue has not been visibile as the lost bit 3 is only used with secondary stream arrays (SSA). Xhci driver currently only supports using a primary stream array with Linear stream addressing. Fixes: 95241dbdf828 ("xhci: Set SCT field for Set TR dequeue on streams") Cc: stable@vger.kernel.org Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20241016140000.783905-2-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 5189df7b8088268012882c220d6aca4e64981348 Author: Alan Stern Date: Wed Oct 16 11:44:45 2024 -0400 USB: gadget: dummy-hcd: Fix "task hung" problem The syzbot fuzzer has been encountering "task hung" problems ever since the dummy-hcd driver was changed to use hrtimers instead of regular timers. It turns out that the problems are caused by a subtle difference between the timer_pending() and hrtimer_active() APIs. The changeover blindly replaced the first by the second. However, timer_pending() returns True when the timer is queued but not when its callback is running, whereas hrtimer_active() returns True when the hrtimer is queued _or_ its callback is running. This difference occasionally caused dummy_urb_enqueue() to think that the callback routine had not yet started when in fact it was almost finished. As a result the hrtimer was not restarted, which made it impossible for the driver to dequeue later the URB that was just enqueued. This caused usb_kill_urb() to hang, and things got worse from there. Since hrtimers have no API for telling when they are queued and the callback isn't running, the driver must keep track of this for itself. That's what this patch does, adding a new "timer_pending" flag and setting or clearing it at the appropriate times. Reported-by: syzbot+f342ea16c9d06d80b585@syzkaller.appspotmail.com Closes: https://lore.kernel.org/linux-usb/6709234e.050a0220.3e960.0011.GAE@google.com/ Tested-by: syzbot+f342ea16c9d06d80b585@syzkaller.appspotmail.com Signed-off-by: Alan Stern Fixes: a7f3813e589f ("usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler") Cc: Marcello Sylvester Bauer Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/2dab644e-ef87-4de8-ac9a-26f100b2c609@rowland.harvard.edu Signed-off-by: Greg Kroah-Hartman commit fe05c40ca9c18cfdb003f639a30fc78a7ab49519 Author: Yun Lu Date: Tue Oct 15 17:15:20 2024 +0800 selftest: hid: add the missing tests directory Commit 160c826b4dd0 ("selftest: hid: add missing run-hid-tools-tests.sh") has added the run-hid-tools-tests.sh script for it to be installed, but I forgot to add the tests directory together. If running the test case without the tests directory, will results in the following error message: make -C tools/testing/selftests/ TARGETS=hid install \ INSTALL_PATH=$KSFT_INSTALL_PATH cd $KSFT_INSTALL_PATH ./run_kselftest.sh -t hid:hid-core.sh /usr/lib/python3.11/site-packages/_pytest/config/__init__.py:331: PluggyTeardownRaisedWarning: A plugin raised an exception during an old-style hookwrapper teardown. Plugin: helpconfig, Hook: pytest_cmdline_parse UsageError: usage: __main__.py [options] [file_or_dir] [file_or_dir] [...] __main__.py: error: unrecognized arguments: --udevd inifile: None rootdir: /root/linux/kselftest_install/hid In fact, the run-hid-tools-tests.sh script uses the scripts in the tests directory to run tests. The tests directory also needs to be added to be installed. Fixes: ffb85d5c9e80 ("selftests: hid: import hid-tools hid-core tests") Cc: stable@vger.kernel.org Signed-off-by: Yun Lu Acked-by: Benjamin Tissoires Signed-off-by: Shuah Khan commit 6b5cca7868fdd2499384e21279fdab86bfa04997 Author: Jinjie Ruan Date: Wed Oct 16 10:26:58 2024 +0800 clk: test: Fix some memory leaks CONFIG_CLK_KUNIT_TEST=y, CONFIG_DEBUG_KMEMLEAK=y and CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y, the following memory leak occurs. If the KUNIT_ASSERT_*() fails, the latter (exit() or testcases) clk_put() or clk_hw_unregister() will fail to release the clk resource and cause memory leaks, use new clk_hw_register_kunit() and clk_hw_get_clk_kunit() to automatically release them. unreferenced object 0xffffff80c6af5000 (size 512): comm "kunit_try_catch", pid 371, jiffies 4294896001 hex dump (first 32 bytes): 20 4c c0 86 e1 ff ff ff e0 1a c0 86 e1 ff ff ff L.............. c0 75 e3 c6 80 ff ff ff 00 00 00 00 00 00 00 00 .u.............. backtrace (crc 8ca788fa): [<00000000e21852d0>] kmemleak_alloc+0x34/0x40 [<000000009c583f7b>] __kmalloc_cache_noprof+0x26c/0x2f4 [<00000000d1bc850c>] __clk_register+0x80/0x1ecc [<00000000b08c78c5>] clk_hw_register+0xc4/0x110 [<00000000b16d6df8>] clk_multiple_parents_mux_test_init+0x238/0x288 [<0000000014a7e804>] kunit_try_run_case+0x10c/0x3ac [<0000000026b41f03>] kunit_generic_run_threadfn_adapter+0x80/0xec [<0000000066619fb8>] kthread+0x2e8/0x374 [<00000000a1157f53>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80c6e37880 (size 96): comm "kunit_try_catch", pid 371, jiffies 4294896002 hex dump (first 32 bytes): 00 50 af c6 80 ff ff ff 00 00 00 00 00 00 00 00 .P.............. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc b4b766dd): [<00000000e21852d0>] kmemleak_alloc+0x34/0x40 [<000000009c583f7b>] __kmalloc_cache_noprof+0x26c/0x2f4 [<0000000086e7dd64>] clk_hw_create_clk.part.0.isra.0+0x58/0x2f4 [<00000000dcf1ac31>] clk_hw_get_clk+0x8c/0x114 [<000000006fab5bfa>] clk_test_multiple_parents_mux_set_range_set_parent_get_rate+0x3c/0xa0 [<00000000c97db55a>] kunit_try_run_case+0x13c/0x3ac [<0000000026b41f03>] kunit_generic_run_threadfn_adapter+0x80/0xec [<0000000066619fb8>] kthread+0x2e8/0x374 [<00000000a1157f53>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80c2b56900 (size 96): comm "kunit_try_catch", pid 395, jiffies 4294896107 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 e0 49 c0 86 e1 ff ff ff .........I...... backtrace (crc 2e59b327): [<00000000e21852d0>] kmemleak_alloc+0x34/0x40 [<00000000c6c715a8>] __kmalloc_noprof+0x2bc/0x3c0 [<00000000f04a7951>] __clk_register+0x70c/0x1ecc [<00000000b08c78c5>] clk_hw_register+0xc4/0x110 [<00000000cafa9563>] clk_orphan_transparent_multiple_parent_mux_test_init+0x1a8/0x1dc [<0000000014a7e804>] kunit_try_run_case+0x10c/0x3ac [<0000000026b41f03>] kunit_generic_run_threadfn_adapter+0x80/0xec [<0000000066619fb8>] kthread+0x2e8/0x374 [<00000000a1157f53>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80c87c9400 (size 512): comm "kunit_try_catch", pid 483, jiffies 4294896907 hex dump (first 32 bytes): a0 44 c0 86 e1 ff ff ff e0 1a c0 86 e1 ff ff ff .D.............. 20 05 a8 c8 80 ff ff ff 00 00 00 00 00 00 00 00 ............... backtrace (crc c25b43fb): [<00000000e21852d0>] kmemleak_alloc+0x34/0x40 [<000000009c583f7b>] __kmalloc_cache_noprof+0x26c/0x2f4 [<00000000d1bc850c>] __clk_register+0x80/0x1ecc [<00000000b08c78c5>] clk_hw_register+0xc4/0x110 [<000000002688be48>] clk_single_parent_mux_test_init+0x1a0/0x1d4 [<0000000014a7e804>] kunit_try_run_case+0x10c/0x3ac [<0000000026b41f03>] kunit_generic_run_threadfn_adapter+0x80/0xec [<0000000066619fb8>] kthread+0x2e8/0x374 [<00000000a1157f53>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80c6dd2380 (size 96): comm "kunit_try_catch", pid 483, jiffies 4294896908 hex dump (first 32 bytes): 00 94 7c c8 80 ff ff ff 00 00 00 00 00 00 00 00 ..|............. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 4401212): [<00000000e21852d0>] kmemleak_alloc+0x34/0x40 [<000000009c583f7b>] __kmalloc_cache_noprof+0x26c/0x2f4 [<0000000086e7dd64>] clk_hw_create_clk.part.0.isra.0+0x58/0x2f4 [<00000000dcf1ac31>] clk_hw_get_clk+0x8c/0x114 [<0000000063eb2c90>] clk_test_single_parent_mux_set_range_disjoint_child_last+0x3c/0xa0 [<00000000c97db55a>] kunit_try_run_case+0x13c/0x3ac [<0000000026b41f03>] kunit_generic_run_threadfn_adapter+0x80/0xec [<0000000066619fb8>] kthread+0x2e8/0x374 [<00000000a1157f53>] ret_from_fork+0x10/0x20 ...... Fixes: 02cdeace1e1e ("clk: tests: Add tests for single parent mux") Fixes: 2e9cad1abc71 ("clk: tests: Add some tests for orphan with multiple parents") Fixes: 433fb8a611ca ("clk: tests: Add missing test case for ranges") Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/r/20241016022658.2131826-1-ruanjinjie@huawei.com Reviewed-by: Maxime Ripard Signed-off-by: Stephen Boyd commit c964ced7726294d40913f2127c3f185a92cb4a41 Merge: 667b1d41b25b9b dc5006cfcf62be Author: Linus Torvalds Date: Wed Oct 16 13:37:59 2024 -0700 Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma Pull rdma fixes from Jason Gunthorpe: "Several miscellaneous fixes. A lot of bnxt_re activity, there will be more rc patches there coming. - Many bnxt_re bug fixes - Memory leaks, kasn, NULL pointer deref, soft lockups, error unwinding and some small functional issues - Error unwind bug in rdma netlink - Two issues with incorrect VLAN detection for iWarp - skb_splice_from_iter() splat in siw - Give SRP slab caches unique names to resolve the merge window WARN_ON regression" * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma: RDMA/bnxt_re: Fix the GID table length RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages RDMA/bnxt_re: Change the sequence of updating the CQ toggle value RDMA/bnxt_re: Fix an error path in bnxt_re_add_device RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop RDMA/bnxt_re: Fix a possible NULL pointer dereference RDMA/bnxt_re: Return more meaningful error RDMA/bnxt_re: Fix incorrect dereference of srq in async event RDMA/bnxt_re: Fix out of bound check RDMA/bnxt_re: Fix the max CQ WQEs for older adapters RDMA/srpt: Make slab cache names unique RDMA/irdma: Fix misspelling of "accept*" RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES RDMA/core: Fix ENODEV error for iWARP test over vlan RDMA/nldev: Fix NULL pointer dereferences issue in rdma_nl_notify_event RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode RDMA/bnxt_re: Add a check for memory allocation RDMA/bnxt_re: Fix incorrect AVID type in WQE structure RDMA/bnxt_re: Fix a possible memory leak commit 3ebe9c12559c656dd16d05c97dcc77dcdac8d995 Author: Srinivas Pandruvada Date: Wed Oct 16 08:48:51 2024 -0700 powercap: intel_rapl_msr: Add PL4 support for ArrowLake-H Add ArrowLake-H to the list of processors where PL4 is supported. Signed-off-by: Srinivas Pandruvada Link: https://patch.msgid.link/20241016154851.1293654-1-srinivas.pandruvada@linux.intel.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit 702dedf75891f10fe8adddf1e2858aa5b96fae2f Merge: 940efc9fc80a29 18d9b522712138 Author: Rafael J. Wysocki Date: Wed Oct 16 22:29:34 2024 +0200 Merge tag 'amd-pstate-v6.12-2024-10-16' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/superm1/linux Merge an amd-pstate driver fix for 6.12-rc4 from Mario Limonciello: "Fix a regression introduced where boost control malfunctioned in amd-pstate" * tag 'amd-pstate-v6.12-2024-10-16' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/superm1/linux: cpufreq/amd-pstate: Use nominal perf for limits when boost is disabled commit 837c333f46df8ce6755ba82c53acb91948ec0072 Author: Abel Vesa Date: Wed Oct 9 14:07:23 2024 +0300 arm64: dts: qcom: x1e80100: Fix PCIe 6a lanes description Fix the description and compatible for PCIe 6a, as it is in fact a 4-lanes controller and PHY, but it can also be used in 2-lanes mode. For 4-lanes mode, it uses the lanes provided by PCIe 6b. For 2-lanes mode, PCIe 6a uses 2 lanes and then PCIe 6b uses the other 2 lanes. The number of lanes in which the PHY should be configured depends on a TCSR register value on each individual board. Cc: stable+noautosel@kernel.org # Depends on pcie-qcom 16.0 GT/s support Fixes: 5eb83fc10289 ("arm64: dts: qcom: x1e80100: Add PCIe nodes") Signed-off-by: Abel Vesa Reviewed-by: Konrad Dybcio Reviewed-by: Johan Hovold Tested-by: Johan Hovold Link: https://lore.kernel.org/r/20241009-x1e80100-dts-fixes-pcie6a-v3-1-14a1163e691b@linaro.org Signed-off-by: Bjorn Andersson commit bf0a800415a7397617765fe5f5278a645195c75a Author: Qiang Yu Date: Fri Oct 11 03:41:39 2024 -0700 clk: qcom: gcc-x1e80100: Fix halt_check for pipediv2 clocks The pipediv2_clk's source from the same mux as pipe clock. So they have same limitation, which is that the PHY sequence requires to enable these local CBCs before the PHY is actually outputting a clock to them. This means the clock won't actually turn on when we vote them. Hence, let's skip the halt bit check of the pipediv2_clk, otherwise pipediv2_clk may stuck at off state during bootup. Cc: stable@vger.kernel.org Fixes: 161b7c401f4b ("clk: qcom: Add Global Clock controller (GCC) driver for X1E80100") Suggested-by: Mike Tipton Signed-off-by: Qiang Yu Reviewed-by: Konrad Dybcio Reviewed-by: Johan Hovold Link: https://lore.kernel.org/r/20241011104142.1181773-6-quic_qianyu@quicinc.com Signed-off-by: Bjorn Andersson commit 2c1dda2acc4192d826e84008d963b528e24d12bc Author: Luiz Augusto von Dentz Date: Wed Oct 16 11:47:00 2024 -0400 Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 Fake CSR controllers don't seem to handle short-transfer properly which cause command to time out: kernel: usb 1-1: new full-speed USB device number 19 using xhci_hcd kernel: usb 1-1: New USB device found, idVendor=0a12, idProduct=0001, bcdDevice=88.91 kernel: usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=0 kernel: usb 1-1: Product: BT DONGLE10 ... Bluetooth: hci1: Opcode 0x1004 failed: -110 kernel: Bluetooth: hci1: command 0x1004 tx timeout According to USB Spec 2.0 Section 5.7.3 Interrupt Transfer Packet Size Constraints a interrupt transfer is considered complete when the size is 0 (ZPL) or < wMaxPacketSize: 'When an interrupt transfer involves more data than can fit in one data payload of the currently established maximum size, all data payloads are required to be maximum-sized except for the last data payload, which will contain the remaining data. An interrupt transfer is complete when the endpoint does one of the following: • Has transferred exactly the amount of data expected • Transfers a packet with a payload size less than wMaxPacketSize or transfers a zero-length packet' Link: https://bugzilla.kernel.org/show_bug.cgi?id=219365 Fixes: 7b05933340f4 ("Bluetooth: btusb: Fix not handling ZPL/short-transfer") Signed-off-by: Luiz Augusto von Dentz commit 64a90991ba8d4e32e3173ddd83d0b24167a5668c Author: Ye Bin Date: Mon Oct 14 17:07:08 2024 +0800 Bluetooth: bnep: fix wild-memory-access in proto_unregister There's issue as follows: KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f] CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W RIP: 0010:proto_unregister+0xee/0x400 Call Trace: __do_sys_delete_module+0x318/0x580 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f As bnep_init() ignore bnep_sock_init()'s return value, and bnep_sock_init() will cleanup all resource. Then when remove bnep module will call bnep_sock_cleanup() to cleanup sock's resource. To solve above issue just return bnep_sock_init()'s return value in bnep_exit(). Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Ye Bin Signed-off-by: Luiz Augusto von Dentz commit 4084286151fc91cd093578f615bfb68f9efbbfcb Author: Luiz Augusto von Dentz Date: Mon Oct 14 16:23:26 2024 -0400 Bluetooth: btusb: Fix not being able to reconnect after suspend This partially reverts 81b3e33bb054 ("Bluetooth: btusb: Don't fail external suspend requests") as it introduced a call to hci_suspend_dev that assumes the system-suspend which doesn't work well when just the device is being suspended because wakeup flag is only set for remote devices that can wakeup the system. Reported-by: Rafael J. Wysocki Reported-by: Heiner Kallweit Reported-by: Kenneth Crudup Fixes: 610712298b11 ("Bluetooth: btusb: Don't fail external suspend requests") Signed-off-by: Luiz Augusto von Dentz Tested-by: Rafael J. Wysocki commit 1db4564f101b47188c1b71696bd342ef09172b22 Author: Aaron Thompson Date: Fri Oct 4 23:04:10 2024 +0000 Bluetooth: Remove debugfs directory on module init failure If bt_init() fails, the debugfs directory currently is not removed. If the module is loaded again after that, the debugfs directory is not set up properly due to the existing directory. # modprobe bluetooth # ls -laF /sys/kernel/debug/bluetooth total 0 drwxr-xr-x 2 root root 0 Sep 27 14:26 ./ drwx------ 31 root root 0 Sep 27 14:25 ../ -r--r--r-- 1 root root 0 Sep 27 14:26 l2cap -r--r--r-- 1 root root 0 Sep 27 14:26 sco # modprobe -r bluetooth # ls -laF /sys/kernel/debug/bluetooth ls: cannot access '/sys/kernel/debug/bluetooth': No such file or directory # # modprobe bluetooth modprobe: ERROR: could not insert 'bluetooth': Invalid argument # dmesg | tail -n 6 Bluetooth: Core ver 2.22 NET: Registered PF_BLUETOOTH protocol family Bluetooth: HCI device and connection manager initialized Bluetooth: HCI socket layer initialized Bluetooth: Faking l2cap_init() failure for testing NET: Unregistered PF_BLUETOOTH protocol family # ls -laF /sys/kernel/debug/bluetooth total 0 drwxr-xr-x 2 root root 0 Sep 27 14:31 ./ drwx------ 31 root root 0 Sep 27 14:26 ../ # # modprobe bluetooth # dmesg | tail -n 7 Bluetooth: Core ver 2.22 debugfs: Directory 'bluetooth' with parent '/' already present! NET: Registered PF_BLUETOOTH protocol family Bluetooth: HCI device and connection manager initialized Bluetooth: HCI socket layer initialized Bluetooth: L2CAP socket layer initialized Bluetooth: SCO socket layer initialized # ls -laF /sys/kernel/debug/bluetooth total 0 drwxr-xr-x 2 root root 0 Sep 27 14:31 ./ drwx------ 31 root root 0 Sep 27 14:26 ../ # Cc: stable@vger.kernel.org Fixes: ffcecac6a738 ("Bluetooth: Create root debugfs directory during module init") Signed-off-by: Aaron Thompson Signed-off-by: Luiz Augusto von Dentz commit d458cd1221e9e56da3b2cc5518ad3225caa91f20 Author: Aaron Thompson Date: Fri Oct 4 23:04:09 2024 +0000 Bluetooth: Call iso_exit() on module unload If iso_init() has been called, iso_exit() must be called on module unload. Without that, the struct proto that iso_init() registered with proto_register() becomes invalid, which could cause unpredictable problems later. In my case, with CONFIG_LIST_HARDENED and CONFIG_BUG_ON_DATA_CORRUPTION enabled, loading the module again usually triggers this BUG(): list_add corruption. next->prev should be prev (ffffffffb5355fd0), but was 0000000000000068. (next=ffffffffc0a010d0). ------------[ cut here ]------------ kernel BUG at lib/list_debug.c:29! Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI CPU: 1 PID: 4159 Comm: modprobe Not tainted 6.10.11-4+bt2-ao-desktop #1 RIP: 0010:__list_add_valid_or_report+0x61/0xa0 ... __list_add_valid_or_report+0x61/0xa0 proto_register+0x299/0x320 hci_sock_init+0x16/0xc0 [bluetooth] bt_init+0x68/0xd0 [bluetooth] __pfx_bt_init+0x10/0x10 [bluetooth] do_one_initcall+0x80/0x2f0 do_init_module+0x8b/0x230 __do_sys_init_module+0x15f/0x190 do_syscall_64+0x68/0x110 ... Cc: stable@vger.kernel.org Fixes: ccf74f2390d6 ("Bluetooth: Add BTPROTO_ISO socket type") Signed-off-by: Aaron Thompson Signed-off-by: Luiz Augusto von Dentz commit a9b7b535ba192c6b77e6c15a4c82d853163eab8c Author: Aaron Thompson Date: Fri Oct 4 23:04:08 2024 +0000 Bluetooth: ISO: Fix multiple init when debugfs is disabled If bt_debugfs is not created successfully, which happens if either CONFIG_DEBUG_FS or CONFIG_DEBUG_FS_ALLOW_ALL is unset, then iso_init() returns early and does not set iso_inited to true. This means that a subsequent call to iso_init() will result in duplicate calls to proto_register(), bt_sock_register(), etc. With CONFIG_LIST_HARDENED and CONFIG_BUG_ON_DATA_CORRUPTION enabled, the duplicate call to proto_register() triggers this BUG(): list_add double add: new=ffffffffc0b280d0, prev=ffffffffbab56250, next=ffffffffc0b280d0. ------------[ cut here ]------------ kernel BUG at lib/list_debug.c:35! Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI CPU: 2 PID: 887 Comm: bluetoothd Not tainted 6.10.11-1-ao-desktop #1 RIP: 0010:__list_add_valid_or_report+0x9a/0xa0 ... __list_add_valid_or_report+0x9a/0xa0 proto_register+0x2b5/0x340 iso_init+0x23/0x150 [bluetooth] set_iso_socket_func+0x68/0x1b0 [bluetooth] kmem_cache_free+0x308/0x330 hci_sock_sendmsg+0x990/0x9e0 [bluetooth] __sock_sendmsg+0x7b/0x80 sock_write_iter+0x9a/0x110 do_iter_readv_writev+0x11d/0x220 vfs_writev+0x180/0x3e0 do_writev+0xca/0x100 ... This change removes the early return. The check for iso_debugfs being NULL was unnecessary, it is always NULL when iso_inited is false. Cc: stable@vger.kernel.org Fixes: ccf74f2390d6 ("Bluetooth: Add BTPROTO_ISO socket type") Signed-off-by: Aaron Thompson Signed-off-by: Luiz Augusto von Dentz commit ec1aab7816b06c32f42935e34ce3a3040c778afb Author: Alex Deucher Date: Thu Oct 3 09:57:38 2024 -0400 drm/amdgpu/swsmu: default to fullscreen 3D profile for dGPUs This uses more aggressive hueristics than the the bootup default profile. On windows the OS has a special fullscreen 3D mode where this is used. Since we don't have the equivalent on Linux default to this profile for dGPUs. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3618 Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/1500 Link: https://gitlab.freedesktop.org/drm/amd/-/issues/3131 Reviewed-by: Kenneth Feng Signed-off-by: Alex Deucher (cherry picked from commit 336568de918e08c825b3b1cbe2ec809f2fc26d94) commit ea330429a04b383bd319c66261a5eca4798801e4 Author: Stefan Kerkmann Date: Wed Oct 16 12:37:06 2024 -0700 Input: xpad - add support for 8BitDo Ultimate 2C Wireless Controller This XBOX360 compatible gamepad uses the new product id 0x310a under the 8BitDo's vendor id 0x2dc8. The change was tested using the gamepad in a wired and wireless dongle configuration. Signed-off-by: Stefan Kerkmann Link: https://lore.kernel.org/r/20241015-8bitdo_2c_ultimate_wireless-v1-1-9c9f9db2e995@pengutronix.de Cc: stable@vger.kernel.org Signed-off-by: Dmitry Torokhov commit 667b1d41b25b9b6b19c8af9d673ccb93b451b527 Merge: 9f635d44d766b1 2ab5e243c2266c Author: Linus Torvalds Date: Wed Oct 16 09:30:20 2024 -0700 Merge tag 'for-6.12-rc3-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux Pull btrfs fixes from David Sterba: - regression fix: dirty extents tracked in xarray for qgroups must be adjusted for 32bit platforms - fix potentially freeing uninitialized name in fscrypt structure - fix warning about unneeded variable in a send callback * tag 'for-6.12-rc3-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux: btrfs: fix uninitialized pointer free on read_alloc_one_name() error btrfs: send: cleanup unneeded return variable in changed_verity() btrfs: fix uninitialized pointer free in add_inode_ref() btrfs: use sector numbers as keys for the dirty extents xarray commit 9f635d44d766b10b6fa5cc08b09a18de7de9ff42 Merge: 6f6fc393f4dbaa a77e0e02af1c2d Author: Linus Torvalds Date: Wed Oct 16 09:15:43 2024 -0700 Merge tag 'v6.12-rc3-ksmbd-fixes' of git://git.samba.org/ksmbd Pull smb server fixes from Steve French: - fix race between session setup and session logoff - add supplementary group support * tag 'v6.12-rc3-ksmbd-fixes' of git://git.samba.org/ksmbd: ksmbd: add support for supplementary groups ksmbd: fix user-after-free from session log off commit 6f6fc393f4dbaa149962a4662f5dd08513c28905 Merge: dff6584301ddeb e845d2399a00f8 Author: Linus Torvalds Date: Wed Oct 16 08:42:54 2024 -0700 Merge tag 'v6.12-p3' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto fixes from Herbert Xu: - Remove bogus testmgr ENOENT error messages - Ensure algorithm is still alive before marking it as tested - Disable buggy hash algorithms in marvell/cesa * tag 'v6.12-p3' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: marvell/cesa - Disable hash algorithms crypto: testmgr - Hide ENOENT errors better crypto: api - Fix liveliness check in crypto_alg_tested commit 2aa587fd6659baef8722ccfb1d1d13d18e105059 Author: Tyrone Wu Date: Fri Oct 11 19:32:52 2024 +0000 selftests/bpf: Add asserts for netfilter link info Add assertions/tests to verify `bpf_link_info` fields for netfilter link are correctly populated. Signed-off-by: Tyrone Wu Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20241011193252.178997-2-wudevelops@gmail.com commit 92f3715e1eba1d41e55be06159dc3d856b18326d Author: Tyrone Wu Date: Fri Oct 11 19:32:51 2024 +0000 bpf: Fix link info netfilter flags to populate defrag flag This fix correctly populates the `bpf_link_info.netfilter.flags` field when user passes the `BPF_F_NETFILTER_IP_DEFRAG` flag. Fixes: 91721c2d02d3 ("netfilter: bpf: Support BPF_F_NETFILTER_IP_DEFRAG in netfilter link") Signed-off-by: Tyrone Wu Signed-off-by: Daniel Borkmann Acked-by: Florian Westphal Cc: Daniel Xu Link: https://lore.kernel.org/bpf/20241011193252.178997-1-wudevelops@gmail.com commit befd716ed429b26eca7abde95da6195c548470de Author: Remi Pommarel Date: Tue Sep 24 21:41:19 2024 +0200 wifi: ath11k: Fix invalid ring usage in full monitor mode On full monitor HW the monitor destination rxdma ring does not have the same descriptor format as in the "classical" mode. The full monitor destination entries are of hal_sw_monitor_ring type and fetched using ath11k_dp_full_mon_process_rx while the classical ones are of type hal_reo_entrance_ring and fetched with ath11k_dp_rx_mon_dest_process. Although both hal_sw_monitor_ring and hal_reo_entrance_ring are of same size, the offset to useful info (such as sw_cookie, paddr, etc) are different. Thus if ath11k_dp_rx_mon_dest_process gets called on full monitor destination ring, invalid skb buffer id will be fetched from DMA ring causing issues such as the following rcu_sched stall: rcu: INFO: rcu_sched self-detected stall on CPU rcu: 0-....: (1 GPs behind) idle=c67/0/0x7 softirq=45768/45769 fqs=1012 (t=2100 jiffies g=14817 q=8703) Task dump for CPU 0: task:swapper/0 state:R running task stack: 0 pid: 0 ppid: 0 flags:0x0000000a Call trace: dump_backtrace+0x0/0x160 show_stack+0x14/0x20 sched_show_task+0x158/0x184 dump_cpu_task+0x40/0x4c rcu_dump_cpu_stacks+0xec/0x12c rcu_sched_clock_irq+0x6c8/0x8a0 update_process_times+0x88/0xd0 tick_sched_timer+0x74/0x1e0 __hrtimer_run_queues+0x150/0x204 hrtimer_interrupt+0xe4/0x240 arch_timer_handler_phys+0x30/0x40 handle_percpu_devid_irq+0x80/0x130 handle_domain_irq+0x5c/0x90 gic_handle_irq+0x8c/0xb4 do_interrupt_handler+0x30/0x54 el1_interrupt+0x2c/0x4c el1h_64_irq_handler+0x14/0x1c el1h_64_irq+0x74/0x78 do_raw_spin_lock+0x60/0x100 _raw_spin_lock_bh+0x1c/0x2c ath11k_dp_rx_mon_mpdu_pop.constprop.0+0x174/0x650 ath11k_dp_rx_process_mon_status+0x8b4/0xa80 ath11k_dp_rx_process_mon_rings+0x244/0x510 ath11k_dp_service_srng+0x190/0x300 ath11k_pcic_ext_grp_napi_poll+0x30/0xc0 __napi_poll+0x34/0x174 net_rx_action+0xf8/0x2a0 _stext+0x12c/0x2ac irq_exit+0x94/0xc0 handle_domain_irq+0x60/0x90 gic_handle_irq+0x8c/0xb4 call_on_irq_stack+0x28/0x44 do_interrupt_handler+0x4c/0x54 el1_interrupt+0x2c/0x4c el1h_64_irq_handler+0x14/0x1c el1h_64_irq+0x74/0x78 arch_cpu_idle+0x14/0x20 do_idle+0xf0/0x130 cpu_startup_entry+0x24/0x50 rest_init+0xf8/0x104 arch_call_rest_init+0xc/0x14 start_kernel+0x56c/0x58c __primary_switched+0xa0/0xa8 Thus ath11k_dp_rx_mon_dest_process(), which use classical destination entry format, should no be called on full monitor capable HW. Fixes: 67a9d399fcb0 ("ath11k: enable RX PPDU stats in monitor co-exist mode") Signed-off-by: Remi Pommarel Reviewed-by: Praneesh P Link: https://patch.msgid.link/20240924194119.15942-1-repk@triplefau.lt Signed-off-by: Jeff Johnson commit e15d84b3bba187aa372dff7c58ce1fd5cb48a076 Author: Manikanta Pubbisetty Date: Tue Oct 15 12:11:03 2024 +0530 wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during management packet TX but this memory is not being freed during management TX completion. Similar leaks are seen in the management TX cleanup logic. Kmemleak reports this problem as below, unreferenced object 0xffffff80b64ed250 (size 16): comm "kworker/u16:7", pid 148, jiffies 4294687130 (age 714.199s) hex dump (first 16 bytes): 00 2b d8 d8 80 ff ff ff c4 74 e9 fd 07 00 00 00 .+.......t...... backtrace: [] __kmem_cache_alloc_node+0x1e4/0x2d8 [] kmalloc_trace+0x48/0x110 [] ath10k_wmi_tlv_op_gen_mgmt_tx_send+0xd4/0x1d8 [ath10k_core] [] ath10k_mgmt_over_wmi_tx_work+0x134/0x298 [ath10k_core] [] process_scheduled_works+0x1ac/0x400 [] worker_thread+0x208/0x328 [] kthread+0x100/0x1c0 [] ret_from_fork+0x10/0x20 Free the memory during completion and cleanup to fix the leak. Protect the mgmt_pending_tx idr_remove() operation in ath10k_wmi_tlv_op_cleanup_mgmt_tx_send() using ar->data_lock similar to other instances. Tested-on: WCN3990 hw1.0 SNOC WLAN.HL.2.0-01387-QCAHLSWMTPLZ-1 Fixes: dc405152bb64 ("ath10k: handle mgmt tx completion event") Fixes: c730c477176a ("ath10k: Remove msdu from idr when management pkt send fails") Cc: stable@vger.kernel.org Signed-off-by: Manikanta Pubbisetty Link: https://patch.msgid.link/20241015064103.6060-1-quic_mpubbise@quicinc.com Signed-off-by: Jeff Johnson commit 42aafd8b48adac1c3b20fe5892b1b91b80c1a1e6 Author: Ming Lei Date: Wed Oct 16 21:48:47 2024 +0800 ublk: don't allow user copy for unprivileged device UBLK_F_USER_COPY requires userspace to call write() on ublk char device for filling request buffer, and unprivileged device can't be trusted. So don't allow user copy for unprivileged device. Cc: stable@vger.kernel.org Fixes: 1172d5b8beca ("ublk: support user copy") Signed-off-by: Ming Lei Link: https://lore.kernel.org/r/20241016134847.2911721-1-ming.lei@redhat.com Signed-off-by: Jens Axboe commit ffafd12696d1a4c8eeb7386d798d75e1fafb4e01 Author: Juha-Pekka Heikkila Date: Mon Oct 7 21:28:41 2024 +0300 drm/i915/display: Don't allow tile4 framebuffer to do hflip on display20 or greater On display ver 20 onwards tile4 is not supported with horizontal flip Bspec: 69853 Signed-off-by: Juha-Pekka Heikkila Reviewed-by: Sai Teja Pottumuttu Signed-off-by: Mika Kahola Link: https://patchwork.freedesktop.org/patch/msgid/20241007182841.2104740-1-juhapekka.heikkila@gmail.com (cherry picked from commit 73e8e2f9a358caa005ed6e52dcb7fa2bca59d132) Signed-off-by: Lucas De Marchi commit 6df106e93f79fb7dc90546a2d93bb3776b42863e Author: Matthew Auld Date: Mon Oct 7 08:45:42 2024 +0100 drm/xe/bmg: improve cache flushing behaviour The BSpec says that EN_L3_RW_CCS_CACHE_FLUSH must be toggled on for manual global invalidation to take effect and actually flush device cache, however this also turns on flushing for things like pipecontrol, which occurs between submissions for compute/render. This sounds like massive overkill for our needs, where we already have the manual flushing on the display side with the global invalidation. Some observations on BMG: 1. Disabling l2 caching for host writes and stubbing out the driver global invalidation but keeping EN_L3_RW_CCS_CACHE_FLUSH enabled, has no impact on wb-transient-vs-display IGT, which makes sense since the pipecontrol is now flushing the device cache after the render copy. Without EN_L3_RW_CCS_CACHE_FLUSH the test then fails, which is also expected since device cache is now dirty and display engine can't see the writes. 2. Disabling EN_L3_RW_CCS_CACHE_FLUSH, but keeping the driver global invalidation also has no impact on wb-transient-vs-display. This suggests that the global invalidation still works as expected and is flushing the device cache without EN_L3_RW_CCS_CACHE_FLUSH turned on. With that drop EN_L3_RW_CCS_CACHE_FLUSH. This helps some workloads since we no longer flush the device cache between submissions as part of pipecontrol. Edit: We now also have clarification from HW side that BSpec was indeed wrong here. v2: - Rebase and update commit message. BSpec: 71718 Signed-off-by: Matthew Auld Cc: Vitasta Wattal Cc: Matt Roper Cc: Nirmoy Das Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20241007074541.33937-2-matthew.auld@intel.com (cherry picked from commit 67ec9f87bd6c57db1251bb2244d242f7ca5a0b6a) [ Fix conflict due to changed xe_mmio_write32() signature ] Signed-off-by: Lucas De Marchi commit 816b186ce2e87df7c7ead4ad44f70f3b10a04c91 Author: Matthew Auld Date: Fri Oct 11 14:36:34 2024 +0100 drm/xe/xe_sync: initialise ufence.signalled We can incorrectly think that the fence has signalled, if we get a non-zero value here from the kmalloc, which is quite plausible. Just use kzalloc to prevent stuff like this. Fixes: 977e5b82e090 ("drm/xe: Expose user fence from xe_sync_entry") Signed-off-by: Matthew Auld Cc: Mika Kuoppala Cc: Matthew Brost Cc: Nirmoy Das Cc: # v6.10+ Reviewed-by: Nirmoy Das Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20241011133633.388008-2-matthew.auld@intel.com (cherry picked from commit 26f69e88dcc95fffc62ed2aea30ad7b1fdf31fdb) Signed-off-by: Lucas De Marchi commit 4e8b5a165160e2f521cc10bae58ce0b72b2e22b5 Author: Nirmoy Das Date: Fri Oct 11 17:10:29 2024 +0200 drm/xe/ufence: ufence can be signaled right after wait_woken do_comapre() can return success after a timedout wait_woken() which was treated as -ETIME. The loop calling wait_woken() sets correct err so there is no need to re-evaluate err. v2: Remove entire check that reevaluate err at the end(Matt) Fixes: e670f0b4ef24 ("drm/xe/uapi: Return correct error code for xe_wait_user_fence_ioctl") Link: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/1630 Cc: stable@vger.kernel.org # v6.8+ Cc: Bommu Krishnaiah Cc: Matthew Auld Cc: Matthew Brost Reviewed-by: Matthew Brost Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20241011151029.4160630-1-nirmoy.das@intel.com Signed-off-by: Nirmoy Das (cherry picked from commit ec7e6a1d527755fc3c7a3303eaa5577aac5cf6be) Signed-off-by: Lucas De Marchi commit e7518276e9388d36f103e8c1c7e99898a30d11f5 Author: Matthew Brost Date: Wed Sep 11 08:26:22 2024 -0700 drm/xe: Use bookkeep slots for external BO's in exec IOCTL Fix external BO's dma-resv usage in exec IOCTL using bookkeep slots rather than write slots. This leaves syncing to user space rather than the KMD blindly enforcing write semantics on every external BO. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Cc: José Roberto de Souza Cc: Kenneth Graunke Cc: Paulo Zanoni Reported-by: Simona Vetter Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2673 Signed-off-by: Matthew Brost Reviewed-by: José Roberto de Souza Reviewed-by: Kenneth Graunke Link: https://patchwork.freedesktop.org/patch/msgid/20240911152622.903058-1-matthew.brost@intel.com (cherry picked from commit b8b1163248759ba18509f7443a2d19b15b4c1df8) Signed-off-by: Lucas De Marchi commit 477d665e9b6a1369968383f50c688d56b692a155 Author: Lucas De Marchi Date: Thu Oct 10 20:56:16 2024 -0700 drm/xe/query: Increase timestamp width Starting with Xe2 the timestamp is a full 64 bit counter, contrary to the 36 bit that was available before. Although 36 should be sufficient for any reasonable delta calculation (for Xe2, of about 30min), it's surprising to userspace to get something truncated. Also if the timestamp being compared to is coming from the GPU and the application is not careful enough to apply the width there, a delta calculation would be wrong. Extend it to full 64-bits starting with Xe2. v2: Expand width=64 to media gt, as it's just a wrong tagging in the spec - empirical tests show it goes beyond 36 bits and match the engines for the main gt Bspec: 60411 Cc: Szymon Morek Reviewed-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20241011035618.1057602-1-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi (cherry picked from commit 9d559cdcb21f42188d4c3ff3b4fe42b240f4af5d) Signed-off-by: Lucas De Marchi commit 82926f52d7a09c65d916c0ef8d4305fc95d68c0c Author: Matthew Brost Date: Wed Oct 2 17:16:57 2024 -0700 drm/xe: Don't free job in TDR Freeing job in TDR is not safe as TDR can pass the run_job thread resulting in UAF. It is only safe for free job to naturally be called by the scheduler. Rather free job in TDR, add to pending list. Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2811 Cc: Matthew Auld Fixes: e275d61c5f3f ("drm/xe/guc: Handle timing out of signaled jobs gracefully") Signed-off-by: Matthew Brost Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20241003001657.3517883-3-matthew.brost@intel.com (cherry picked from commit ea2f6a77d0c40d97f4a4dc93fee4afe15d94926d) Signed-off-by: Lucas De Marchi commit ed931fb40e353586f26c3327813d142f782f5f78 Author: Matthew Brost Date: Wed Oct 2 17:16:56 2024 -0700 drm/xe: Take job list lock in xe_sched_add_pending_job A fragile micro optimization in xe_sched_add_pending_job relied on both the GPU scheduler being stopped and fence signaling stopped to safely add a job to the pending list without the job list lock in xe_sched_add_pending_job. Remove this optimization and just take the job list lock. Fixes: 7ddb9403dd74 ("drm/xe: Sample ctx timestamp to determine if jobs have timed out") Signed-off-by: Matthew Brost Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20241003001657.3517883-2-matthew.brost@intel.com (cherry picked from commit 90521df5fc43980e4575bd8c5b1cb62afe1a9f5f) Signed-off-by: Lucas De Marchi commit 761f916af44279a99db4e78c5f5ee839b31107ea Author: Matthew Auld Date: Wed Oct 9 09:48:10 2024 +0100 drm/xe: fix unbalanced rpm put() with declare_wedged() Technically the or_reset() means we call the action on failure, however that would lead to unbalanced rpm put(). Move the get() earlier to fix this. It should be extremely unlikely to ever trigger this in practice. Fixes: 90936a0a4c54 ("drm/xe: Don't suspend device upon wedge") Signed-off-by: Matthew Auld Cc: Matthew Brost Cc: Nirmoy Das Reviewed-by: Matthew Brost Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20241009084808.204432-4-matthew.auld@intel.com (cherry picked from commit a187c1b0a800565a4db6372268692aff99df7f53) Signed-off-by: Lucas De Marchi commit 03a86c24aea0920a1ca20a0d7771d5e176db538d Author: Matthew Auld Date: Wed Oct 9 09:48:09 2024 +0100 drm/xe: fix unbalanced rpm put() with fence_fini() Currently we can call fence_fini() twice if something goes wrong when sending the GuC CT for the tlb request, since we signal the fence and return an error, leading to the caller also calling fini() on the error path in the case of stack version of the flow, which leads to an extra rpm put() which might later cause device to enter suspend when it shouldn't. It looks like we can just drop the fini() call since the fence signaller side will already call this for us. There are known mysterious splats with device going to sleep even with an rpm ref, and this could be one candidate. v2 (Matt B): - Prefer warning if we detect double fini() Fixes: f002702290fc ("drm/xe: Hold a PM ref when GT TLB invalidations are inflight") Signed-off-by: Matthew Auld Cc: Matthew Brost Cc: Nirmoy Das Reviewed-by: Matthew Brost Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20241009084808.204432-3-matthew.auld@intel.com (cherry picked from commit cfcbc0520d5055825f0647ab922b655688605183) Signed-off-by: Lucas De Marchi commit 4ceead37ca9f5e555fe46e8528bd14dd1d2728e8 Author: Aradhya Bhatia Date: Wed Oct 9 12:25:42 2024 +0530 drm/xe/xe2lpg: Extend Wa_15016589081 for xe2lpg Add workaround (wa) 15016589081 which applies to Xe2_v3_LPG_MD. Xe2_v3_LPG_MD is a Lunar Lake platform with GFX version: 20.04. This wa is type: permanent, and hence is applicable on all steppings. Signed-off-by: Aradhya Bhatia Reviewed-by: Tejas Upadhyay Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20241009065542.283151-1-aradhya.bhatia@intel.com (cherry picked from commit 8fb1da9f9bfb02f710a7f826d50781b0b030cf53) Signed-off-by: Lucas De Marchi commit e972b08b91ef48488bae9789f03cfedb148667fb Author: Omar Sandoval Date: Tue Oct 15 10:59:46 2024 -0700 blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race We're seeing crashes from rq_qos_wake_function that look like this: BUG: unable to handle page fault for address: ffffafe180a40084 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 100000067 P4D 100000067 PUD 10027c067 PMD 10115d067 PTE 0 Oops: Oops: 0002 [#1] PREEMPT SMP PTI CPU: 17 UID: 0 PID: 0 Comm: swapper/17 Not tainted 6.12.0-rc3-00013-geca631b8fe80 #11 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 RIP: 0010:_raw_spin_lock_irqsave+0x1d/0x40 Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 41 54 9c 41 5c fa 65 ff 05 62 97 30 4c 31 c0 ba 01 00 00 00 0f b1 17 75 0a 4c 89 e0 41 5c c3 cc cc cc cc 89 c6 e8 2c 0b 00 RSP: 0018:ffffafe180580ca0 EFLAGS: 00010046 RAX: 0000000000000000 RBX: ffffafe180a3f7a8 RCX: 0000000000000011 RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffffafe180a40084 RBP: 0000000000000000 R08: 00000000001e7240 R09: 0000000000000011 R10: 0000000000000028 R11: 0000000000000888 R12: 0000000000000002 R13: ffffafe180a40084 R14: 0000000000000000 R15: 0000000000000003 FS: 0000000000000000(0000) GS:ffff9aaf1f280000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffafe180a40084 CR3: 000000010e428002 CR4: 0000000000770ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: try_to_wake_up+0x5a/0x6a0 rq_qos_wake_function+0x71/0x80 __wake_up_common+0x75/0xa0 __wake_up+0x36/0x60 scale_up.part.0+0x50/0x110 wb_timer_fn+0x227/0x450 ... So rq_qos_wake_function() calls wake_up_process(data->task), which calls try_to_wake_up(), which faults in raw_spin_lock_irqsave(&p->pi_lock). p comes from data->task, and data comes from the waitqueue entry, which is stored on the waiter's stack in rq_qos_wait(). Analyzing the core dump with drgn, I found that the waiter had already woken up and moved on to a completely unrelated code path, clobbering what was previously data->task. Meanwhile, the waker was passing the clobbered garbage in data->task to wake_up_process(), leading to the crash. What's happening is that in between rq_qos_wake_function() deleting the waitqueue entry and calling wake_up_process(), rq_qos_wait() is finding that it already got a token and returning. The race looks like this: rq_qos_wait() rq_qos_wake_function() ============================================================== prepare_to_wait_exclusive() data->got_token = true; list_del_init(&curr->entry); if (data.got_token) break; finish_wait(&rqw->wait, &data.wq); ^- returns immediately because list_empty_careful(&wq_entry->entry) is true ... return, go do something else ... wake_up_process(data->task) (NO LONGER VALID!)-^ Normally, finish_wait() is supposed to synchronize against the waker. But, as noted above, it is returning immediately because the waitqueue entry has already been removed from the waitqueue. The bug is that rq_qos_wake_function() is accessing the waitqueue entry AFTER deleting it. Note that autoremove_wake_function() wakes the waiter and THEN deletes the waitqueue entry, which is the proper order. Fix it by swapping the order. We also need to use list_del_init_careful() to match the list_empty_careful() in finish_wait(). Fixes: 38cfb5a45ee0 ("blk-wbt: improve waking of tasks") Cc: stable@vger.kernel.org Signed-off-by: Omar Sandoval Acked-by: Tejun Heo Reviewed-by: Johannes Thumshirn Link: https://lore.kernel.org/r/d3bee2463a67b1ee597211823bf7ad3721c26e41.1729014591.git.osandov@fb.com Signed-off-by: Jens Axboe commit 858e686a30d7bffba3f3527add4f78766a4389d0 Author: Jens Axboe Date: Wed Oct 16 07:09:25 2024 -0600 io_uring/rsrc: ignore dummy_ubuf for buffer cloning For placeholder buffers, &dummy_ubuf is assigned which is a static value. When buffers are attempted cloned, don't attempt to grab a reference to it, as we both don't need it and it'll actively fail as dummy_ubuf doesn't have a valid reference count setup. Link: https://lore.kernel.org/io-uring/Zw8dkUzsxQ5LgAJL@ly-workstation/ Reported-by: Lai, Yi Fixes: 7cc2a6eadcd7 ("io_uring: add IORING_REGISTER_COPY_BUFFERS method") Signed-off-by: Jens Axboe commit 6ed469df0bfbef3e4b44fca954a781919db9f7ab Author: Ryusuke Konishi Date: Wed Oct 16 06:32:07 2024 +0900 nilfs2: fix kernel bug due to missing clearing of buffer delay flag Syzbot reported that after nilfs2 reads a corrupted file system image and degrades to read-only, the BUG_ON check for the buffer delay flag in submit_bh_wbc() may fail, causing a kernel bug. This is because the buffer delay flag is not cleared when clearing the buffer state flags to discard a page/folio or a buffer head. So, fix this. This became necessary when the use of nilfs2's own page clear routine was expanded. This state inconsistency does not occur if the buffer is written normally by log writing. Signed-off-by: Ryusuke Konishi Link: https://lore.kernel.org/r/20241015213300.7114-1-konishi.ryusuke@gmail.com Fixes: 8c26c4e2694a ("nilfs2: fix issue with flush kernel thread after remount in RO mode because of driver's internal error or metadata corruption") Reported-by: syzbot+985ada84bf055a575c07@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=985ada84bf055a575c07 Cc: stable@vger.kernel.org Signed-off-by: Christian Brauner commit 2f54e71359eb2abc0bdf6619cd356e5e350ff27b Author: Imre Deak Date: Wed Oct 9 14:01:35 2024 +0300 drm/i915/dp_mst: Don't require DSC hblank quirk for a non-DSC compatible mode If an MST branch device doesn't support DSC for a given mode, but the MST link has enough BW for the mode, assume that the branch device does support the mode using an uncompressed stream. Fixes: 55eaef164174 ("drm/i915/dp_mst: Handle the Synaptics HBlank expansion quirk") Cc: stable@vger.kernel.org # v6.8+ Reviewed-by: Suraj Kandpal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20241009110135.1216498-2-imre.deak@intel.com (cherry picked from commit 4e75c3e208a06ad6fd9b3517fb77337460d7c2b0) Signed-off-by: Joonas Lahtinen commit 69b3d87212676c4c22aa4660435e2066dc7d1311 Author: Imre Deak Date: Wed Oct 9 14:01:34 2024 +0300 drm/i915/dp_mst: Handle error during DSC BW overhead/slice calculation The MST branch device may not support the number of DSC slices a mode requires, handle the error in this case. Fixes: 4e0837a8d00a ("drm/i915/dp_mst: Account for FEC and DSC overhead during BW allocation") Cc: stable@vger.kernel.org # v6.8+ Reviewed-by: Suraj Kandpal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20241009110135.1216498-1-imre.deak@intel.com (cherry picked from commit 802a69b6b8a0502a9e2309afec7e1b77f67874f2) Signed-off-by: Joonas Lahtinen commit 20121d3f58f06e977ca43eb6efe1fb23b1d2f6d9 Author: Amir Goldstein Date: Mon Oct 14 21:27:59 2024 +0200 fuse: update inode size after extending passthrough write yangyun reported that libfuse test test_copy_file_range() copies zero bytes from a newly written file when fuse passthrough is enabled. The reason is that extending passthrough write is not updating the fuse inode size and when vfs_copy_file_range() observes a zero size inode, it returns without calling the filesystem copy_file_range() method. Fix this by adjusting the fuse inode size after an extending passthrough write. This does not provide cache coherency of fuse inode attributes and backing inode attributes, but it should prevent situations where fuse inode size is too small, causing read/copy to be wrongly shortened. Reported-by: yangyun Closes: https://github.com/libfuse/libfuse/issues/1048 Fixes: 57e1176e6086 ("fuse: implement read/write passthrough") Signed-off-by: Amir Goldstein Signed-off-by: Miklos Szeredi commit f03b296e8b516dbd63f57fc9056c1b0da1b9a0ff Author: Amir Goldstein Date: Mon Oct 14 21:27:58 2024 +0200 fs: pass offset and result to backing_file end_write() callback This is needed for extending fuse inode size after fuse passthrough write. Suggested-by: Miklos Szeredi Link: https://lore.kernel.org/linux-fsdevel/CAJfpegs=cvZ_NYy6Q_D42XhYS=Sjj5poM1b5TzXzOVvX=R36aA@mail.gmail.com/ Signed-off-by: Amir Goldstein Signed-off-by: Miklos Szeredi commit b4fa00fd428bf7648d4ac5d0c8b61882902ec516 Author: Heiko Carstens Date: Mon Oct 14 12:07:26 2024 +0200 s390: Update defconfigs Signed-off-by: Heiko Carstens commit 223e7fb979fa06934f1595b6ad0ae1d4ead1147f Author: Heiko Carstens Date: Thu Oct 10 17:52:39 2024 +0200 s390: Initialize psw mask in perf_arch_fetch_caller_regs() Also initialize regs->psw.mask in perf_arch_fetch_caller_regs(). This way user_mode(regs) will return false, like it should. It looks like all current users initialize regs to zero, so that this doesn't fix a bug currently. However it is better to not rely on callers to do this. Fixes: 914d52e46490 ("s390: implement perf_arch_fetch_caller_regs") Signed-off-by: Heiko Carstens commit dee3df68ab4b00fff6bdf9fc39541729af37307c Author: Thomas Weißschuh Date: Mon Oct 14 07:50:07 2024 +0200 s390/sclp_vt220: Convert newlines to CRLF instead of LFCR According to the VT220 specification the possible character combinations sent on RETURN are only CR or CRLF [0]. The Return key sends either a CR character (0/13) or a CR character (0/13) and an LF character (0/10), depending on the set/reset state of line feed/new line mode (LNM). The sclp/vt220 driver however uses LFCR. This can confuse tools, for example the kunit runner. Link: https://vt100.net/docs/vt220-rm/chapter3.html#S3.2 Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable@vger.kernel.org Signed-off-by: Thomas Weißschuh Reviewed-by: Sven Schnelle Link: https://lore.kernel.org/r/20241014-s390-kunit-v1-2-941defa765a6@linutronix.de Signed-off-by: Heiko Carstens commit 0d9dc27df22d9b5c8dc7185c8dddbc14f5468518 Author: Thomas Weißschuh Date: Mon Oct 14 07:50:06 2024 +0200 s390/sclp: Deactivate sclp after all its users On reboot the SCLP interface is deactivated through a reboot notifier. This happens before other components using SCLP have the chance to run their own reboot notifiers. Two of those components are the SCLP console and tty drivers which try to flush the last outstanding messages. At that point the SCLP interface is already unusable and the messages are discarded. Execute sclp_deactivate() as late as possible to avoid this issue. Fixes: 4ae46db99cd8 ("s390/consoles: improve panic notifiers reliability") Cc: stable@vger.kernel.org Signed-off-by: Thomas Weißschuh Reviewed-by: Sven Schnelle Link: https://lore.kernel.org/r/20241014-s390-kunit-v1-1-941defa765a6@linutronix.de Signed-off-by: Heiko Carstens commit 9b52ddeb468c74db7f652f7ac5a390591bb47dc7 Author: Holger Dengler Date: Fri Oct 11 10:48:00 2024 +0200 s390/pkey_pckmo: Return with success for valid protected key types The key_to_protkey handler function in module pkey_pckmo should return with success on all known protected key types, including the new types introduced by fd197556eef5 ("s390/pkey: Add AES xts and HMAC clear key token support"). Fixes: fd197556eef5 ("s390/pkey: Add AES xts and HMAC clear key token support") Signed-off-by: Holger Dengler Reviewed-by: Ingo Franzki Signed-off-by: Heiko Carstens commit d7425f3cfada8c4a3bc72bdd203c4fec7f77b7a6 Author: Diogo Silva Date: Tue Sep 17 08:58:01 2024 +0200 arm64: dts: imx8: Fix lvds0 device tree Some clock output names on lvds0 device tree were duplicated from mipi1, which caused an -EEXIST when registering these clocks during probe. Fixes: 0fba24b3b956 ("arm64: dts: imx8: add basic lvds0 and lvds1 subsystem") Signed-off-by: Diogo Silva Signed-off-by: Shawn Guo commit 164cd0e077a18d6208523c82b102c98c77fdd51f Author: Vasiliy Kovalev Date: Wed Oct 16 11:07:13 2024 +0300 ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 The cached version avoids redundant commands to the codec, improving stability and reducing unnecessary operations. This change ensures better power management and reliable restoration of pin configurations, especially after hibernation (S4) and other power transitions. Fixes: 9988844c457f ("ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2") Suggested-by: Kai-Heng Feng Suggested-by: Takashi Iwai Signed-off-by: Vasiliy Kovalev Link: https://patch.msgid.link/20241016080713.46801-1-kovalev@altlinux.org Signed-off-by: Takashi Iwai commit 9499327714de7bc5cf6c792112c1474932d8ad31 Author: Kevin Groeneveld Date: Sun Oct 6 19:26:31 2024 -0400 usb: gadget: f_uac2: fix return value for UAC2_ATTRIBUTE_STRING store The configfs store callback should return the number of bytes consumed not the total number of bytes we actually stored. These could differ if for example the passed in string had a newline we did not store. If the returned value does not match the number of bytes written the writer might assume a failure or keep trying to write the remaining bytes. For example the following command will hang trying to write the final newline over and over again (tested on bash 2.05b): echo foo > function_name Fixes: 993a44fa85c1 ("usb: gadget: f_uac2: allow changing interface name via configfs") Cc: stable Signed-off-by: Kevin Groeneveld Link: https://lore.kernel.org/r/20241006232637.4267-1-kgroeneveld@lenbrook.com Signed-off-by: Greg Kroah-Hartman commit 705e3ce37bccdf2ed6f848356ff355f480d51a91 Author: Roger Quadros Date: Fri Oct 11 13:53:24 2024 +0300 usb: dwc3: core: Fix system suspend on TI AM62 platforms Since commit 6d735722063a ("usb: dwc3: core: Prevent phy suspend during init"), system suspend is broken on AM62 TI platforms. Before that commit, both DWC3_GUSB3PIPECTL_SUSPHY and DWC3_GUSB2PHYCFG_SUSPHY bits (hence forth called 2 SUSPHY bits) were being set during core initialization and even during core re-initialization after a system suspend/resume. These bits are required to be set for system suspend/resume to work correctly on AM62 platforms. Since that commit, the 2 SUSPHY bits are not set for DEVICE/OTG mode if gadget driver is not loaded and started. For Host mode, the 2 SUSPHY bits are set before the first system suspend but get cleared at system resume during core re-init and are never set again. This patch resovles these two issues by ensuring the 2 SUSPHY bits are set before system suspend and restored to the original state during system resume. Cc: stable@vger.kernel.org # v6.9+ Fixes: 6d735722063a ("usb: dwc3: core: Prevent phy suspend during init") Link: https://lore.kernel.org/all/1519dbe7-73b6-4afc-bfe3-23f4f75d772f@kernel.org/ Signed-off-by: Roger Quadros Acked-by: Thinh Nguyen Tested-by: Markus Schneider-Pargmann Reviewed-by: Dhruva Gole Link: https://lore.kernel.org/r/20241011-am62-lpm-usb-v3-1-562d445625b5@kernel.org Signed-off-by: Greg Kroah-Hartman commit 7d381137cb6ecf558ef6698c7730ddd482d4c8f2 Author: Henry Lin Date: Mon Oct 14 12:21:34 2024 +0800 xhci: tegra: fix checked USB2 port number If USB virtualizatoin is enabled, USB2 ports are shared between all Virtual Functions. The USB2 port number owned by an USB2 root hub in a Virtual Function may be less than total USB2 phy number supported by the Tegra XUSB controller. Using total USB2 phy number as port number to check all PORTSC values would cause invalid memory access. [ 116.923438] Unable to handle kernel paging request at virtual address 006c622f7665642f ... [ 117.213640] Call trace: [ 117.216783] tegra_xusb_enter_elpg+0x23c/0x658 [ 117.222021] tegra_xusb_runtime_suspend+0x40/0x68 [ 117.227260] pm_generic_runtime_suspend+0x30/0x50 [ 117.232847] __rpm_callback+0x84/0x3c0 [ 117.237038] rpm_suspend+0x2dc/0x740 [ 117.241229] pm_runtime_work+0xa0/0xb8 [ 117.245769] process_scheduled_works+0x24c/0x478 [ 117.251007] worker_thread+0x23c/0x328 [ 117.255547] kthread+0x104/0x1b0 [ 117.259389] ret_from_fork+0x10/0x20 [ 117.263582] Code: 54000222 f9461ae8 f8747908 b4ffff48 (f9400100) Cc: stable@vger.kernel.org # v6.3+ Fixes: a30951d31b25 ("xhci: tegra: USB2 pad power controls") Signed-off-by: Henry Lin Link: https://lore.kernel.org/r/20241014042134.27664-1-henryl@nvidia.com Signed-off-by: Greg Kroah-Hartman commit c96e31252110a84dcc44412e8a7b456b33c3e298 Author: Prashanth K Date: Tue Sep 24 15:02:08 2024 +0530 usb: dwc3: Wait for EndXfer completion before restoring GUSB2PHYCFG DWC3 programming guide mentions that when operating in USB2.0 speeds, if GUSB2PHYCFG[6] or GUSB2PHYCFG[8] is set, it must be cleared prior to issuing commands and may be set again after the command completes. But currently while issuing EndXfer command without CmdIOC set, we wait for 1ms after GUSB2PHYCFG is restored. This results in cases where EndXfer command doesn't get completed and causes SMMU faults since requests are unmapped afterwards. Hence restore GUSB2PHYCFG after waiting for EndXfer command completion. Cc: stable@vger.kernel.org Fixes: 1d26ba0944d3 ("usb: dwc3: Wait unconditionally after issuing EndXfer command") Signed-off-by: Prashanth K Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240924093208.2524531-1-quic_prashk@quicinc.com Signed-off-by: Greg Kroah-Hartman commit ffe85c24d7ca5de7d57690c0ab194b3838674935 Author: Jonathan Marek Date: Sat Oct 5 10:41:46 2024 -0400 usb: typec: qcom-pmic-typec: fix sink status being overwritten with RP_DEF This line is overwriting the result of the above switch-case. This fixes the tcpm driver getting stuck in a "Sink TX No Go" loop. Fixes: a4422ff22142 ("usb: typec: qcom: Add Qualcomm PMIC Type-C driver") Cc: stable Signed-off-by: Jonathan Marek Acked-by: Bryan O'Donoghue Reviewed-by: Heikki Krogerus Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20241005144146.2345-1-jonathan@marek.ca Signed-off-by: Greg Kroah-Hartman commit befab3a278c59db0cc88c8799638064f6d3fd6f8 Author: Thadeu Lima de Souza Cascardo Date: Fri Oct 4 09:37:38 2024 -0300 usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode, get a reference to the parent and put it in the release function. Before this fix, when using CONFIG_DEBUG_KOBJECT_RELEASE, we see issues like this: [ 43.572860] kobject: 'port0.0' (ffff8880057ba008): kobject_release, parent 0000000000000000 (delayed 3000) [ 43.573532] kobject: 'port0.1' (ffff8880057bd008): kobject_release, parent 0000000000000000 (delayed 1000) [ 43.574407] kobject: 'port0' (ffff8880057b9008): kobject_release, parent 0000000000000000 (delayed 3000) [ 43.575059] kobject: 'port1.0' (ffff8880057ca008): kobject_release, parent 0000000000000000 (delayed 4000) [ 43.575908] kobject: 'port1.1' (ffff8880057c9008): kobject_release, parent 0000000000000000 (delayed 4000) [ 43.576908] kobject: 'typec' (ffff8880062dbc00): kobject_release, parent 0000000000000000 (delayed 4000) [ 43.577769] kobject: 'port1' (ffff8880057bf008): kobject_release, parent 0000000000000000 (delayed 3000) [ 46.612867] ================================================================== [ 46.613402] BUG: KASAN: slab-use-after-free in typec_altmode_release+0x38/0x129 [ 46.614003] Read of size 8 at addr ffff8880057b9118 by task kworker/2:1/48 [ 46.614538] [ 46.614668] CPU: 2 UID: 0 PID: 48 Comm: kworker/2:1 Not tainted 6.12.0-rc1-00138-gedbae730ad31 #535 [ 46.615391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 [ 46.616042] Workqueue: events kobject_delayed_cleanup [ 46.616446] Call Trace: [ 46.616648] [ 46.616820] dump_stack_lvl+0x5b/0x7c [ 46.617112] ? typec_altmode_release+0x38/0x129 [ 46.617470] print_report+0x14c/0x49e [ 46.617769] ? rcu_read_unlock_sched+0x56/0x69 [ 46.618117] ? __virt_addr_valid+0x19a/0x1ab [ 46.618456] ? kmem_cache_debug_flags+0xc/0x1d [ 46.618807] ? typec_altmode_release+0x38/0x129 [ 46.619161] kasan_report+0x8d/0xb4 [ 46.619447] ? typec_altmode_release+0x38/0x129 [ 46.619809] ? process_scheduled_works+0x3cb/0x85f [ 46.620185] typec_altmode_release+0x38/0x129 [ 46.620537] ? process_scheduled_works+0x3cb/0x85f [ 46.620907] device_release+0xaf/0xf2 [ 46.621206] kobject_delayed_cleanup+0x13b/0x17a [ 46.621584] process_scheduled_works+0x4f6/0x85f [ 46.621955] ? __pfx_process_scheduled_works+0x10/0x10 [ 46.622353] ? hlock_class+0x31/0x9a [ 46.622647] ? lock_acquired+0x361/0x3c3 [ 46.622956] ? move_linked_works+0x46/0x7d [ 46.623277] worker_thread+0x1ce/0x291 [ 46.623582] ? __kthread_parkme+0xc8/0xdf [ 46.623900] ? __pfx_worker_thread+0x10/0x10 [ 46.624236] kthread+0x17e/0x190 [ 46.624501] ? kthread+0xfb/0x190 [ 46.624756] ? __pfx_kthread+0x10/0x10 [ 46.625015] ret_from_fork+0x20/0x40 [ 46.625268] ? __pfx_kthread+0x10/0x10 [ 46.625532] ret_from_fork_asm+0x1a/0x30 [ 46.625805] [ 46.625953] [ 46.626056] Allocated by task 678: [ 46.626287] kasan_save_stack+0x24/0x44 [ 46.626555] kasan_save_track+0x14/0x2d [ 46.626811] __kasan_kmalloc+0x3f/0x4d [ 46.627049] __kmalloc_noprof+0x1bf/0x1f0 [ 46.627362] typec_register_port+0x23/0x491 [ 46.627698] cros_typec_probe+0x634/0xbb6 [ 46.628026] platform_probe+0x47/0x8c [ 46.628311] really_probe+0x20a/0x47d [ 46.628605] device_driver_attach+0x39/0x72 [ 46.628940] bind_store+0x87/0xd7 [ 46.629213] kernfs_fop_write_iter+0x1aa/0x218 [ 46.629574] vfs_write+0x1d6/0x29b [ 46.629856] ksys_write+0xcd/0x13b [ 46.630128] do_syscall_64+0xd4/0x139 [ 46.630420] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 46.630820] [ 46.630946] Freed by task 48: [ 46.631182] kasan_save_stack+0x24/0x44 [ 46.631493] kasan_save_track+0x14/0x2d [ 46.631799] kasan_save_free_info+0x3f/0x4d [ 46.632144] __kasan_slab_free+0x37/0x45 [ 46.632474] kfree+0x1d4/0x252 [ 46.632725] device_release+0xaf/0xf2 [ 46.633017] kobject_delayed_cleanup+0x13b/0x17a [ 46.633388] process_scheduled_works+0x4f6/0x85f [ 46.633764] worker_thread+0x1ce/0x291 [ 46.634065] kthread+0x17e/0x190 [ 46.634324] ret_from_fork+0x20/0x40 [ 46.634621] ret_from_fork_asm+0x1a/0x30 Fixes: 8a37d87d72f0 ("usb: typec: Bus type for alternate modes") Signed-off-by: Thadeu Lima de Souza Cascardo Reviewed-by: Heikki Krogerus Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20241004123738.2964524-1-cascardo@igalia.com Signed-off-by: Greg Kroah-Hartman commit 92682f3460071733f16cebd7cf8e33e776bc9aaf Author: Andrey Konovalov Date: Sun Oct 13 00:58:53 2024 +0200 MAINTAINERS: usb: raw-gadget: add bug tracker link Add a link to the GitHub repository where Raw Gadget issues are managed. Signed-off-by: Andrey Konovalov Link: https://lore.kernel.org/r/20241012225853.118217-1-andrey.konovalov@linux.dev Signed-off-by: Greg Kroah-Hartman commit 0240b293ec0fd90b92ac938dc28134244e9142d2 Author: Sakari Ailus Date: Fri Oct 11 10:04:14 2024 +0300 MAINTAINERS: Add an entry for the LJCA drivers Add a MAINTAINERS entry for the Intel La Jolla Cove Adapter (LJCA) set of drivers. Signed-off-by: Sakari Ailus Acked-by: Wolfram Sang Link: https://lore.kernel.org/r/20241011070414.3124-1-sakari.ailus@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit cd843399d706411ff80520fb7883afeeefa76e98 Author: Qianqiang Liu Date: Fri Sep 13 22:07:42 2024 +0800 crypto: lib/mpi - Fix an "Uninitialized scalar variable" issue The "err" variable may be returned without an initialized value. Fixes: 8e3a67f2de87 ("crypto: lib/mpi - Add error checks to extension") Signed-off-by: Qianqiang Liu Signed-off-by: Herbert Xu commit 6aca91c416f626fc0c5146cc4450ea86b831f3dd Author: Dr. David Alan Gilbert Date: Mon Oct 7 01:48:55 2024 +0100 cifs: Remove unused functions cifs_ses_find_chan() has been unused since commit f486ef8e2003 ("cifs: use the chans_need_reconnect bitmap for reconnect status") cifs_read_page_from_socket() has been unused since commit d08089f649a0 ("cifs: Change the I/O paths to use an iterator rather than a page list") cifs_chan_in_reconnect() has been unused since commit bc962159e8e3 ("cifs: avoid race conditions with parallel reconnects") Remove them. Signed-off-by: Dr. David Alan Gilbert Signed-off-by: Steve French commit 3dfea293f4279b3021cb0ecf3807e763bddb63b9 Author: Advait Dhamorikar Date: Mon Oct 7 20:53:34 2024 +0530 smb/client: Fix logically dead code The if condition in collect_sample: can never be satisfied because of a logical contradiction. The indicated dead code may have performed some action; that action will never occur. Fixes: 94ae8c3fee94 ("smb: client: compress: LZ77 code improvements cleanup") Signed-off-by: Advait Dhamorikar Signed-off-by: Steve French commit 1ab60323c5201bef25f2a3dc0ccc404d9aca77f1 Author: Paulo Alcantara Date: Tue Oct 15 19:04:04 2024 -0300 smb: client: fix OOBs when building SMB2_IOCTL request When using encryption, either enforced by the server or when using 'seal' mount option, the client will squash all compound request buffers down for encryption into a single iov in smb2_set_next_command(). SMB2_ioctl_init() allocates a small buffer (448 bytes) to hold the SMB2_IOCTL request in the first iov, and if the user passes an input buffer that is greater than 328 bytes, smb2_set_next_command() will end up writing off the end of @rqst->iov[0].iov_base as shown below: mount.cifs //srv/share /mnt -o ...,seal ln -s $(perl -e "print('a')for 1..1024") /mnt/link BUG: KASAN: slab-out-of-bounds in smb2_set_next_command.cold+0x1d6/0x24c [cifs] Write of size 4116 at addr ffff8881148fcab8 by task ln/859 CPU: 1 UID: 0 PID: 859 Comm: ln Not tainted 6.12.0-rc3 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014 Call Trace: dump_stack_lvl+0x5d/0x80 ? smb2_set_next_command.cold+0x1d6/0x24c [cifs] print_report+0x156/0x4d9 ? smb2_set_next_command.cold+0x1d6/0x24c [cifs] ? __virt_addr_valid+0x145/0x310 ? __phys_addr+0x46/0x90 ? smb2_set_next_command.cold+0x1d6/0x24c [cifs] kasan_report+0xda/0x110 ? smb2_set_next_command.cold+0x1d6/0x24c [cifs] kasan_check_range+0x10f/0x1f0 __asan_memcpy+0x3c/0x60 smb2_set_next_command.cold+0x1d6/0x24c [cifs] smb2_compound_op+0x238c/0x3840 [cifs] ? kasan_save_track+0x14/0x30 ? kasan_save_free_info+0x3b/0x70 ? vfs_symlink+0x1a1/0x2c0 ? do_symlinkat+0x108/0x1c0 ? __pfx_smb2_compound_op+0x10/0x10 [cifs] ? kmem_cache_free+0x118/0x3e0 ? cifs_get_writable_path+0xeb/0x1a0 [cifs] smb2_get_reparse_inode+0x423/0x540 [cifs] ? __pfx_smb2_get_reparse_inode+0x10/0x10 [cifs] ? rcu_is_watching+0x20/0x50 ? __kmalloc_noprof+0x37c/0x480 ? smb2_create_reparse_symlink+0x257/0x490 [cifs] ? smb2_create_reparse_symlink+0x38f/0x490 [cifs] smb2_create_reparse_symlink+0x38f/0x490 [cifs] ? __pfx_smb2_create_reparse_symlink+0x10/0x10 [cifs] ? find_held_lock+0x8a/0xa0 ? hlock_class+0x32/0xb0 ? __build_path_from_dentry_optional_prefix+0x19d/0x2e0 [cifs] cifs_symlink+0x24f/0x960 [cifs] ? __pfx_make_vfsuid+0x10/0x10 ? __pfx_cifs_symlink+0x10/0x10 [cifs] ? make_vfsgid+0x6b/0xc0 ? generic_permission+0x96/0x2d0 vfs_symlink+0x1a1/0x2c0 do_symlinkat+0x108/0x1c0 ? __pfx_do_symlinkat+0x10/0x10 ? strncpy_from_user+0xaa/0x160 __x64_sys_symlinkat+0xb9/0xf0 do_syscall_64+0xbb/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f08d75c13bb Reported-by: David Howells Fixes: e77fe73c7e38 ("cifs: we can not use small padding iovs together with encryption") Signed-off-by: Paulo Alcantara (Red Hat) Signed-off-by: Steve French commit 19ebc1e6cab334a8193398d4152deb76019b5d34 Author: Su Hui Date: Tue Oct 15 18:20:37 2024 +0800 smb: client: fix possible double free in smb2_set_ea() Clang static checker(scan-build) warning: fs/smb/client/smb2ops.c:1304:2: Attempt to free released memory. 1304 | kfree(ea); | ^~~~~~~~~ There is a double free in such case: 'ea is initialized to NULL' -> 'first successful memory allocation for ea' -> 'something failed, goto sea_exit' -> 'first memory release for ea' -> 'goto replay_again' -> 'second goto sea_exit before allocate memory for ea' -> 'second memory release for ea resulted in double free'. Re-initialie 'ea' to NULL near to the replay_again label, it can fix this double free problem. Fixes: 4f1fffa23769 ("cifs: commands that are retried should have replay flag set") Reviewed-by: Dan Carpenter Signed-off-by: Su Hui Signed-off-by: Steve French commit 18d9b52271213890da295a7c63ef8880ed570cd8 Author: Mario Limonciello Date: Sat Oct 12 12:45:16 2024 -0500 cpufreq/amd-pstate: Use nominal perf for limits when boost is disabled When boost has been disabled the limit for perf should be nominal perf not the highest perf. Using the latter to do calculations will lead to incorrect values that are still above nominal. Fixes: ad4caad58d91 ("cpufreq: amd-pstate: Merge amd_pstate_highest_perf_set() into amd_get_boost_ratio_numerator()") Reported-by: Peter Jung Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219348 Reviewed-by: Perry Yuan Reviewed-by: Gautham R. Shenoy Tested-by: Dhananjay Ugwekar Link: https://lore.kernel.org/r/20241012174519.897-1-mario.limonciello@amd.com Signed-off-by: Mario Limonciello commit 409dc5196d5b6eb67468a06bf4d2d07d7225a67b Author: Haibo Chen Date: Thu Sep 5 17:43:38 2024 +0800 arm64: dts: imx8ulp: correct the flexspi compatible string The flexspi on imx8ulp only has 16 LUTs, and imx8mm flexspi has 32 LUTs, so correct the compatible string here, otherwise will meet below error: [ 1.119072] ------------[ cut here ]------------ [ 1.123926] WARNING: CPU: 0 PID: 1 at drivers/spi/spi-nxp-fspi.c:855 nxp_fspi_exec_op+0xb04/0xb64 [ 1.133239] Modules linked in: [ 1.136448] CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.11.0-rc6-next-20240902-00001-g131bf9439dd9 #69 [ 1.146821] Hardware name: NXP i.MX8ULP EVK (DT) [ 1.151647] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 1.158931] pc : nxp_fspi_exec_op+0xb04/0xb64 [ 1.163496] lr : nxp_fspi_exec_op+0xa34/0xb64 [ 1.168060] sp : ffff80008002b2a0 [ 1.171526] x29: ffff80008002b2d0 x28: 0000000000000000 x27: 0000000000000000 [ 1.179002] x26: ffff2eb645542580 x25: ffff800080610014 x24: ffff800080610000 [ 1.186480] x23: ffff2eb645548080 x22: 0000000000000006 x21: ffff2eb6455425e0 [ 1.193956] x20: 0000000000000000 x19: ffff80008002b5e0 x18: ffffffffffffffff [ 1.201432] x17: ffff2eb644467508 x16: 0000000000000138 x15: 0000000000000002 [ 1.208907] x14: 0000000000000000 x13: ffff2eb6400d8080 x12: 00000000ffffff00 [ 1.216378] x11: 0000000000000000 x10: ffff2eb6400d8080 x9 : ffff2eb697adca80 [ 1.223850] x8 : ffff2eb697ad3cc0 x7 : 0000000100000000 x6 : 0000000000000001 [ 1.231324] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 00000000000007a6 [ 1.238795] x2 : 0000000000000000 x1 : 00000000000001ce x0 : 00000000ffffff92 [ 1.246267] Call trace: [ 1.248824] nxp_fspi_exec_op+0xb04/0xb64 [ 1.253031] spi_mem_exec_op+0x3a0/0x430 [ 1.257139] spi_nor_read_id+0x80/0xcc [ 1.261065] spi_nor_scan+0x1ec/0xf10 [ 1.264901] spi_nor_probe+0x108/0x2fc [ 1.268828] spi_mem_probe+0x6c/0xbc [ 1.272574] spi_probe+0x84/0xe4 [ 1.275958] really_probe+0xbc/0x29c [ 1.279713] __driver_probe_device+0x78/0x12c [ 1.284277] driver_probe_device+0xd8/0x15c [ 1.288660] __device_attach_driver+0xb8/0x134 [ 1.293316] bus_for_each_drv+0x88/0xe8 [ 1.297337] __device_attach+0xa0/0x190 [ 1.301353] device_initial_probe+0x14/0x20 [ 1.305734] bus_probe_device+0xac/0xb0 [ 1.309752] device_add+0x5d0/0x790 [ 1.313408] __spi_add_device+0x134/0x204 [ 1.317606] of_register_spi_device+0x3b4/0x590 [ 1.322348] spi_register_controller+0x47c/0x754 [ 1.327181] devm_spi_register_controller+0x4c/0xa4 [ 1.332289] nxp_fspi_probe+0x1cc/0x2b0 [ 1.336307] platform_probe+0x68/0xc4 [ 1.340145] really_probe+0xbc/0x29c [ 1.343893] __driver_probe_device+0x78/0x12c [ 1.348457] driver_probe_device+0xd8/0x15c [ 1.352838] __driver_attach+0x90/0x19c [ 1.356857] bus_for_each_dev+0x7c/0xdc [ 1.360877] driver_attach+0x24/0x30 [ 1.364624] bus_add_driver+0xe4/0x208 [ 1.368552] driver_register+0x5c/0x124 [ 1.372573] __platform_driver_register+0x28/0x34 [ 1.377497] nxp_fspi_driver_init+0x1c/0x28 [ 1.381888] do_one_initcall+0x80/0x1c8 [ 1.385908] kernel_init_freeable+0x1c4/0x28c [ 1.390472] kernel_init+0x20/0x1d8 [ 1.394138] ret_from_fork+0x10/0x20 [ 1.397885] ---[ end trace 0000000000000000 ]--- [ 1.407908] ------------[ cut here ]------------ Fixes: ef89fd56bdfc ("arm64: dts: imx8ulp: add flexspi node") Cc: stable@kernel.org Signed-off-by: Haibo Chen Signed-off-by: Shawn Guo commit eed2d8e8d0051a6551e4dffba99e16eb88c676ac Author: Alexander Stein Date: Wed Sep 4 13:41:03 2024 +0200 arm64: dts: imx8-ss-vpu: Fix imx8qm VPU IRQs imx8-ss-vpu only contained imx8qxp IRQ numbers, only mu2_m0 uses the correct imx8qm IRQ number, as imx8qxp lacks this MU. Fix this by providing imx8qm IRQ numbers in the main imx8-ss-vpu.dtsi and override the IRQ numbers in SoC-specific imx8qxp-ss-vpu.dtsi, similar to reg property for VPU core devices. Fixes: 0d9968d98467d ("arm64: dts: freescale: imx8q: add imx vpu codec entries") Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit dff6584301ddeb147ae306b140ccf2e128e29030 Merge: 2f87d0916ce0d2 60e339be100d7d Author: Linus Torvalds Date: Tue Oct 15 19:47:19 2024 -0700 Merge tag 'sched_ext-for-6.12-rc3-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext Pull sched_ext fixes from Tejun Heo: - More issues reported in the enable/disable paths on large machines with many tasks due to scx_tasks_lock being held too long. Break up the task iterations - Remove ops.select_cpu() dependency in bypass mode so that a misbehaving implementation can't live-lock the machine by pushing all tasks to few CPUs in bypass mode - Other misc fixes * tag 'sched_ext-for-6.12-rc3-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext: sched_ext: Remove unnecessary cpu_relax() sched_ext: Don't hold scx_tasks_lock for too long sched_ext: Move scx_tasks_lock handling into scx_task_iter helpers sched_ext: bypass mode shouldn't depend on ops.select_cpu() sched_ext: Move scx_buildin_idle_enabled check to scx_bpf_select_cpu_dfl() sched_ext: Start schedulers with consistent p->scx.slice values Revert "sched_ext: Use shorter slice while bypassing" sched_ext: use correct function name in pick_task_scx() warning message selftests: sched_ext: Add sched_ext as proper selftest target commit fca6caeb4a61d240f031914413fcc69534f6dc03 Author: Wang Hai Date: Fri Oct 11 19:34:44 2024 +0800 scsi: target: core: Fix null-ptr-deref in target_alloc_device() There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: null-ptr-deref in target_alloc_device+0xbc4/0xbe0 [target_core_mod] ... kasan_report+0xb9/0xf0 target_alloc_device+0xbc4/0xbe0 [target_core_mod] core_dev_setup_virtual_lun0+0xef/0x1f0 [target_core_mod] target_core_init_configfs+0x205/0x420 [target_core_mod] do_one_initcall+0xdd/0x4e0 ... entry_SYSCALL_64_after_hwframe+0x76/0x7e In target_alloc_device(), if allocing memory for dev queues fails, then dev will be freed by dev->transport->free_device(), but dev->transport is not initialized at that time, which will lead to a null pointer reference problem. Fixing this bug by freeing dev with hba->backend->ops->free_device(). Fixes: 1526d9f10c61 ("scsi: target: Make state_list per CPU") Signed-off-by: Wang Hai Link: https://lore.kernel.org/r/20241011113444.40749-1-wanghai38@huawei.com Reviewed-by: Mike Christie Signed-off-by: Martin K. Petersen commit b9e63d6c7c0e94a99e1af7c9c0c7fad13a2f2453 Author: Ranjan Kumar Date: Tue Oct 8 13:13:53 2024 +0530 scsi: mpi3mr: Validate SAS port assignments A sanity check on phy_mask was added in commit 3668651def2c ("scsi: mpi3mr: Sanitise num_phys"). This causes warning messages when more than 64 phys are detected and devices connected to phys greater than 64 are dropped. The phy_mask bitmap is only needed for controller phys and not required for expander phys. Controller phys can go up to a maximum of 64 and therefore u64 is good enough to contain phy_mask bitmap. To suppress those warnings and allow devices to be discovered as before the offending commit, restrict the phy_mask setting and lowest phy setting only to the controller phys. Fixes: 3668651def2c ("scsi: mpi3mr: Sanitise num_phys") Cc: stable@vger.kernel.org Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202410051943.Mp9o5DlF-lkp@intel.com/ Reported-by: Alexander Motin Signed-off-by: Ranjan Kumar Link: https://lore.kernel.org/r/20241008074353.200379-1-ranjan.kumar@broadcom.com Signed-off-by: Martin K. Petersen commit 19a198b67767d952c8f3d0cf24eb3100522a8223 Author: Seunghwan Baek Date: Thu Aug 29 18:39:13 2024 +0900 scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down There is a history of deadlock if reboot is performed at the beginning of booting. SDEV_QUIESCE was set for all LU's scsi_devices by UFS shutdown, and at that time the audio driver was waiting on blk_mq_submit_bio() holding a mutex_lock while reading the fw binary. After that, a deadlock issue occurred while audio driver shutdown was waiting for mutex_unlock of blk_mq_submit_bio(). To solve this, set SDEV_OFFLINE for all LUs except WLUN, so that any I/O that comes down after a UFS shutdown will return an error. [ 31.907781]I[0: swapper/0: 0] 1 130705007 1651079834 11289729804 0 D( 2) 3 ffffff882e208000 * init [device_shutdown] [ 31.907793]I[0: swapper/0: 0] Mutex: 0xffffff8849a2b8b0: owner[0xffffff882e28cb00 kworker/6:0 :49] [ 31.907806]I[0: swapper/0: 0] Call trace: [ 31.907810]I[0: swapper/0: 0] __switch_to+0x174/0x338 [ 31.907819]I[0: swapper/0: 0] __schedule+0x5ec/0x9cc [ 31.907826]I[0: swapper/0: 0] schedule+0x7c/0xe8 [ 31.907834]I[0: swapper/0: 0] schedule_preempt_disabled+0x24/0x40 [ 31.907842]I[0: swapper/0: 0] __mutex_lock+0x408/0xdac [ 31.907849]I[0: swapper/0: 0] __mutex_lock_slowpath+0x14/0x24 [ 31.907858]I[0: swapper/0: 0] mutex_lock+0x40/0xec [ 31.907866]I[0: swapper/0: 0] device_shutdown+0x108/0x280 [ 31.907875]I[0: swapper/0: 0] kernel_restart+0x4c/0x11c [ 31.907883]I[0: swapper/0: 0] __arm64_sys_reboot+0x15c/0x280 [ 31.907890]I[0: swapper/0: 0] invoke_syscall+0x70/0x158 [ 31.907899]I[0: swapper/0: 0] el0_svc_common+0xb4/0xf4 [ 31.907909]I[0: swapper/0: 0] do_el0_svc+0x2c/0xb0 [ 31.907918]I[0: swapper/0: 0] el0_svc+0x34/0xe0 [ 31.907928]I[0: swapper/0: 0] el0t_64_sync_handler+0x68/0xb4 [ 31.907937]I[0: swapper/0: 0] el0t_64_sync+0x1a0/0x1a4 [ 31.908774]I[0: swapper/0: 0] 49 0 11960702 11236868007 0 D( 2) 6 ffffff882e28cb00 * kworker/6:0 [__bio_queue_enter] [ 31.908783]I[0: swapper/0: 0] Call trace: [ 31.908788]I[0: swapper/0: 0] __switch_to+0x174/0x338 [ 31.908796]I[0: swapper/0: 0] __schedule+0x5ec/0x9cc [ 31.908803]I[0: swapper/0: 0] schedule+0x7c/0xe8 [ 31.908811]I[0: swapper/0: 0] __bio_queue_enter+0xb8/0x178 [ 31.908818]I[0: swapper/0: 0] blk_mq_submit_bio+0x194/0x67c [ 31.908827]I[0: swapper/0: 0] __submit_bio+0xb8/0x19c Fixes: b294ff3e3449 ("scsi: ufs: core: Enable power management for wlun") Cc: stable@vger.kernel.org Signed-off-by: Seunghwan Baek Link: https://lore.kernel.org/r/20240829093913.6282-2-sh8267.baek@samsung.com Reviewed-by: Bart Van Assche Signed-off-by: Martin K. Petersen commit 8fa075804cb3b00960dd5c06554308175c834530 Author: Peter Wang Date: Tue Oct 1 17:19:17 2024 +0800 scsi: ufs: core: Requeue aborted request After the SQ cleanup fix, the CQ will receive a response with the corresponding tag marked as OCS: ABORTED. To align with the behavior of Legacy SDB mode, the handling of OCS: ABORTED has been changed to match that of OCS_INVALID_COMMAND_STATUS (SDB), with both returning a SCSI result of DID_REQUEUE. Furthermore, the workaround implemented before the SQ cleanup fix can be removed. Fixes: ab248643d3d6 ("scsi: ufs: core: Add error handling for MCQ mode") Cc: stable@vger.kernel.org Signed-off-by: Peter Wang Link: https://lore.kernel.org/r/20241001091917.6917-3-peter.wang@mediatek.com Reviewed-by: Bart Van Assche Signed-off-by: Martin K. Petersen commit bf0c6cc73f7f91ec70307f7c72343f6cb7d65d01 Author: Peter Wang Date: Tue Oct 1 17:19:16 2024 +0800 scsi: ufs: core: Fix the issue of ICU failure When setting the ICU bit without using read-modify-write, SQRTCy will restart SQ again and receive an RTC return error code 2 (Failure - SQ not stopped). Additionally, the error log has been modified so that this type of error can be observed. Fixes: ab248643d3d6 ("scsi: ufs: core: Add error handling for MCQ mode") Cc: stable@vger.kernel.org Signed-off-by: Peter Wang Link: https://lore.kernel.org/r/20241001091917.6917-2-peter.wang@mediatek.com Reviewed-by: Bao D. Nguyen Reviewed-by: Bart Van Assche Signed-off-by: Martin K. Petersen commit 11d06f0aaef89f4cad68b92510bd9decff2d7b87 Author: Vladimir Oltean Date: Mon Oct 14 18:30:41 2024 +0300 net: dsa: vsc73xx: fix reception from VLAN-unaware bridges Similar to the situation described for sja1105 in commit 1f9fc48fd302 ("net: dsa: sja1105: fix reception from VLAN-unaware bridges"), the vsc73xx driver uses tag_8021q and doesn't need the ds->untag_bridge_pvid request. In fact, this option breaks packet reception. The ds->untag_bridge_pvid option strips VLANs from packets received on VLAN-unaware bridge ports. But those VLANs should already be stripped by tag_vsc73xx_8021q.c as part of vsc73xx_rcv() - they are not VLANs in VLAN-unaware mode, but DSA tags. Thus, dsa_software_vlan_untag() tries to untag a VLAN that doesn't exist, corrupting the packet. Fixes: 93e4649efa96 ("net: dsa: provide a software untagging function on RX for VLAN-aware bridges") Tested-by: Pawel Dembicki Signed-off-by: Vladimir Oltean Reviewed-by: Florian Fainelli Reviewed-by: Linus Walleij Link: https://patch.msgid.link/20241014153041.1110364-1-vladimir.oltean@nxp.com Signed-off-by: Jakub Kicinski commit 126e799602f45e9ce1ded03ee9eadda68bf470e0 Author: Niklas Söderlund Date: Mon Oct 14 14:43:43 2024 +0200 net: ravb: Only advertise Rx/Tx timestamps if hardware supports it Recent work moving the reporting of Rx software timestamps to the core [1] highlighted an issue where hardware time stamping was advertised for the platforms where it is not supported. Fix this by covering advertising support for hardware timestamps only if the hardware supports it. Due to the Tx implementation in RAVB software Tx timestamping is also only considered if the hardware supports hardware timestamps. This should be addressed in future, but this fix only reflects what the driver currently implements. 1. Commit 277901ee3a26 ("ravb: Remove setting of RX software timestamp") Fixes: 7e09a052dc4e ("ravb: Exclude gPTP feature support for RZ/G2L") Signed-off-by: Niklas Söderlund Reviewed-by: Paul Barker Tested-by: Paul Barker Reviewed-by: Sergey Shtylyov Link: https://patch.msgid.link/20241014124343.3875285-1-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Jakub Kicinski commit 217a3d98d1e9891a8b1438a27dfbc64ddf01f691 Author: Jinjie Ruan Date: Mon Oct 14 20:19:22 2024 +0800 net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test() Commit a3c1e45156ad ("net: microchip: vcap: Fix use-after-free error in kunit test") fixed the use-after-free error, but introduced below memory leaks by removing necessary vcap_free_rule(), add it to fix it. unreferenced object 0xffffff80ca58b700 (size 192): comm "kunit_try_catch", pid 1215, jiffies 4294898264 hex dump (first 32 bytes): 00 12 7a 00 05 00 00 00 0a 00 00 00 64 00 00 00 ..z.........d... 00 00 00 00 00 00 00 00 00 04 0b cc 80 ff ff ff ................ backtrace (crc 9c09c3fe): [<0000000052a0be73>] kmemleak_alloc+0x34/0x40 [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4 [<0000000040a01b8d>] vcap_alloc_rule+0x3cc/0x9c4 [<000000003fe86110>] vcap_api_encode_rule_test+0x1ac/0x16b0 [<00000000b3595fc4>] kunit_try_run_case+0x13c/0x3ac [<0000000010f5d2bf>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000c5d82c9a>] kthread+0x2e8/0x374 [<00000000f4287308>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80cc0b0400 (size 64): comm "kunit_try_catch", pid 1215, jiffies 4294898265 hex dump (first 32 bytes): 80 04 0b cc 80 ff ff ff 18 b7 58 ca 80 ff ff ff ..........X..... 39 00 00 00 02 00 00 00 06 05 04 03 02 01 ff ff 9............... backtrace (crc daf014e9): [<0000000052a0be73>] kmemleak_alloc+0x34/0x40 [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4 [<000000000ff63fd4>] vcap_rule_add_key+0x2cc/0x528 [<00000000dfdb1e81>] vcap_api_encode_rule_test+0x224/0x16b0 [<00000000b3595fc4>] kunit_try_run_case+0x13c/0x3ac [<0000000010f5d2bf>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000c5d82c9a>] kthread+0x2e8/0x374 [<00000000f4287308>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80cc0b0700 (size 64): comm "kunit_try_catch", pid 1215, jiffies 4294898265 hex dump (first 32 bytes): 80 07 0b cc 80 ff ff ff 28 b7 58 ca 80 ff ff ff ........(.X..... 3c 00 00 00 00 00 00 00 01 2f 03 b3 ec ff ff ff <......../...... backtrace (crc 8d877792): [<0000000052a0be73>] kmemleak_alloc+0x34/0x40 [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4 [<000000006eadfab7>] vcap_rule_add_action+0x2d0/0x52c [<00000000323475d1>] vcap_api_encode_rule_test+0x4d4/0x16b0 [<00000000b3595fc4>] kunit_try_run_case+0x13c/0x3ac [<0000000010f5d2bf>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000c5d82c9a>] kthread+0x2e8/0x374 [<00000000f4287308>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80cc0b0900 (size 64): comm "kunit_try_catch", pid 1215, jiffies 4294898266 hex dump (first 32 bytes): 80 09 0b cc 80 ff ff ff 80 06 0b cc 80 ff ff ff ................ 7d 00 00 00 01 00 00 00 00 00 00 00 ff 00 00 00 }............... backtrace (crc 34181e56): [<0000000052a0be73>] kmemleak_alloc+0x34/0x40 [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4 [<000000000ff63fd4>] vcap_rule_add_key+0x2cc/0x528 [<00000000991e3564>] vcap_val_rule+0xcf0/0x13e8 [<00000000fc9868e5>] vcap_api_encode_rule_test+0x678/0x16b0 [<00000000b3595fc4>] kunit_try_run_case+0x13c/0x3ac [<0000000010f5d2bf>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000c5d82c9a>] kthread+0x2e8/0x374 [<00000000f4287308>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80cc0b0980 (size 64): comm "kunit_try_catch", pid 1215, jiffies 4294898266 hex dump (first 32 bytes): 18 b7 58 ca 80 ff ff ff 00 09 0b cc 80 ff ff ff ..X............. 67 00 00 00 00 00 00 00 01 01 74 88 c0 ff ff ff g.........t..... backtrace (crc 275fd9be): [<0000000052a0be73>] kmemleak_alloc+0x34/0x40 [<0000000043605459>] __kmalloc_cache_noprof+0x26c/0x2f4 [<000000000ff63fd4>] vcap_rule_add_key+0x2cc/0x528 [<000000001396a1a2>] test_add_def_fields+0xb0/0x100 [<000000006e7621f0>] vcap_val_rule+0xa98/0x13e8 [<00000000fc9868e5>] vcap_api_encode_rule_test+0x678/0x16b0 [<00000000b3595fc4>] kunit_try_run_case+0x13c/0x3ac [<0000000010f5d2bf>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000c5d82c9a>] kthread+0x2e8/0x374 [<00000000f4287308>] ret_from_fork+0x10/0x20 ...... Cc: stable@vger.kernel.org Fixes: a3c1e45156ad ("net: microchip: vcap: Fix use-after-free error in kunit test") Reviewed-by: Simon Horman Reviewed-by: Jens Emil Schulz Østergaard Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20241014121922.1280583-1-ruanjinjie@huawei.com Signed-off-by: Jakub Kicinski commit 9626c182096f625278ce517d9416c1de90dba173 Merge: d96016a764f6aa 906b77ca91c7e9 Author: Jakub Kicinski Date: Tue Oct 15 18:23:55 2024 -0700 Merge branch 'net-phy-mdio-bcm-unimac-add-bcm6846-variant' Linus Walleij says: ==================== net: phy: mdio-bcm-unimac: Add BCM6846 variant As pointed out by Florian: https://lore.kernel.org/linux-devicetree/b542b2e8-115c-4234-a464-e73aa6bece5c@broadcom.com/ The BCM6846 has a few extra registers and cannot reuse the compatible string from other variants of the Unimac MDIO block: we need to be able to tell them apart. ==================== Link: https://patch.msgid.link/20241012-bcm6846-mdio-v1-0-c703ca83e962@linaro.org Signed-off-by: Jakub Kicinski commit 906b77ca91c7e9833b4e47bedb6bec76be71d497 Author: Linus Walleij Date: Sat Oct 12 22:35:23 2024 +0200 net: phy: mdio-bcm-unimac: Add BCM6846 support Add Unimac mdio compatible string for the special BCM6846 variant. This variant has a few extra registers compared to other versions. Suggested-by: Florian Fainelli Link: https://lore.kernel.org/linux-devicetree/b542b2e8-115c-4234-a464-e73aa6bece5c@broadcom.com/ Signed-off-by: Linus Walleij Link: https://patch.msgid.link/20241012-bcm6846-mdio-v1-2-c703ca83e962@linaro.org Signed-off-by: Jakub Kicinski commit 6ed97afd75cc5cac34b1c15a930ab2a6b7c6ff0f Author: Linus Walleij Date: Sat Oct 12 22:35:22 2024 +0200 dt-bindings: net: brcm,unimac-mdio: Add bcm6846-mdio The MDIO block in the BCM6846 is not identical to any of the previous versions, but has extended registers not present in the other variants. For this reason we need to use a new compatible especially for this SoC. Suggested-by: Florian Fainelli Link: https://lore.kernel.org/linux-devicetree/b542b2e8-115c-4234-a464-e73aa6bece5c@broadcom.com/ Signed-off-by: Linus Walleij Acked-by: Rob Herring (Arm) Link: https://patch.msgid.link/20241012-bcm6846-mdio-v1-1-c703ca83e962@linaro.org Signed-off-by: Jakub Kicinski commit d96016a764f6aa5c7528c3d3f9cb472ef7266951 Author: Jakub Sitnicki Date: Fri Oct 11 14:17:30 2024 +0200 udp: Compute L4 checksum as usual when not segmenting the skb If: 1) the user requested USO, but 2) there is not enough payload for GSO to kick in, and 3) the egress device doesn't offer checksum offload, then we want to compute the L4 checksum in software early on. In the case when we are not taking the GSO path, but it has been requested, the software checksum fallback in skb_segment doesn't get a chance to compute the full checksum, if the egress device can't do it. As a result we end up sending UDP datagrams with only a partial checksum filled in, which the peer will discard. Fixes: 10154dbded6d ("udp: Allow GSO transmit from devices with no checksum offload") Reported-by: Ivan Babrou Signed-off-by: Jakub Sitnicki Acked-by: Willem de Bruijn Cc: stable@vger.kernel.org Link: https://patch.msgid.link/20241011-uso-swcsum-fixup-v2-1-6e1ddc199af9@cloudflare.com Signed-off-by: Jakub Kicinski commit 56440d7ec28d60f8da3bfa09062b3368ff9b16db Author: Eric Dumazet Date: Fri Oct 11 17:12:17 2024 +0000 genetlink: hold RCU in genlmsg_mcast() While running net selftests with CONFIG_PROVE_RCU_LIST=y I saw one lockdep splat [1]. genlmsg_mcast() uses for_each_net_rcu(), and must therefore hold RCU. Instead of letting all callers guard genlmsg_multicast_allns() with a rcu_read_lock()/rcu_read_unlock() pair, do it in genlmsg_mcast(). This also means the @flags parameter is useless, we need to always use GFP_ATOMIC. [1] [10882.424136] ============================= [10882.424166] WARNING: suspicious RCU usage [10882.424309] 6.12.0-rc2-virtme #1156 Not tainted [10882.424400] ----------------------------- [10882.424423] net/netlink/genetlink.c:1940 RCU-list traversed in non-reader section!! [10882.424469] other info that might help us debug this: [10882.424500] rcu_scheduler_active = 2, debug_locks = 1 [10882.424744] 2 locks held by ip/15677: [10882.424791] #0: ffffffffb6b491b0 (cb_lock){++++}-{3:3}, at: genl_rcv (net/netlink/genetlink.c:1219) [10882.426334] #1: ffffffffb6b49248 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg (net/netlink/genetlink.c:61 net/netlink/genetlink.c:57 net/netlink/genetlink.c:1209) [10882.426465] stack backtrace: [10882.426805] CPU: 14 UID: 0 PID: 15677 Comm: ip Not tainted 6.12.0-rc2-virtme #1156 [10882.426919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [10882.427046] Call Trace: [10882.427131] [10882.427244] dump_stack_lvl (lib/dump_stack.c:123) [10882.427335] lockdep_rcu_suspicious (kernel/locking/lockdep.c:6822) [10882.427387] genlmsg_multicast_allns (net/netlink/genetlink.c:1940 (discriminator 7) net/netlink/genetlink.c:1977 (discriminator 7)) [10882.427436] l2tp_tunnel_notify.constprop.0 (net/l2tp/l2tp_netlink.c:119) l2tp_netlink [10882.427683] l2tp_nl_cmd_tunnel_create (net/l2tp/l2tp_netlink.c:253) l2tp_netlink [10882.427748] genl_family_rcv_msg_doit (net/netlink/genetlink.c:1115) [10882.427834] genl_rcv_msg (net/netlink/genetlink.c:1195 net/netlink/genetlink.c:1210) [10882.427877] ? __pfx_l2tp_nl_cmd_tunnel_create (net/l2tp/l2tp_netlink.c:186) l2tp_netlink [10882.427927] ? __pfx_genl_rcv_msg (net/netlink/genetlink.c:1201) [10882.427959] netlink_rcv_skb (net/netlink/af_netlink.c:2551) [10882.428069] genl_rcv (net/netlink/genetlink.c:1220) [10882.428095] netlink_unicast (net/netlink/af_netlink.c:1332 net/netlink/af_netlink.c:1357) [10882.428140] netlink_sendmsg (net/netlink/af_netlink.c:1901) [10882.428210] ____sys_sendmsg (net/socket.c:729 (discriminator 1) net/socket.c:744 (discriminator 1) net/socket.c:2607 (discriminator 1)) Fixes: 33f72e6f0c67 ("l2tp : multicast notification to the registered listeners") Signed-off-by: Eric Dumazet Cc: James Chapman Cc: Tom Parkin Cc: Johannes Berg Link: https://patch.msgid.link/20241011171217.3166614-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit 1833d8a26f057128fd63e126b4428203ece84684 Author: Peter Rashleigh Date: Mon Oct 14 13:43:42 2024 -0700 net: dsa: mv88e6xxx: Fix the max_vid definition for the MV88E6361 According to the Marvell datasheet the 88E6361 has two VTU pages (4k VIDs per page) so the max_vid should be 8191, not 4095. In the current implementation mv88e6xxx_vtu_walk() gives unexpected results because of this error. I verified that mv88e6xxx_vtu_walk() works correctly on the MV88E6361 with this patch in place. Fixes: 12899f299803 ("net: dsa: mv88e6xxx: enable support for 88E6361 switch") Signed-off-by: Peter Rashleigh Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20241014204342.5852-1-peter@rashleigh.ca Signed-off-by: Jakub Kicinski commit e8c526f2bdf1845bedaf6a478816a3d06fa78b8f Author: Kuniyuki Iwashima Date: Mon Oct 14 15:33:12 2024 -0700 tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). Martin KaFai Lau reported use-after-free [0] in reqsk_timer_handler(). """ We are seeing a use-after-free from a bpf prog attached to trace_tcp_retransmit_synack. The program passes the req->sk to the bpf_sk_storage_get_tracing kernel helper which does check for null before using it. """ The commit 83fccfc3940c ("inet: fix potential deadlock in reqsk_queue_unlink()") added timer_pending() in reqsk_queue_unlink() not to call del_timer_sync() from reqsk_timer_handler(), but it introduced a small race window. Before the timer is called, expire_timers() calls detach_timer(timer, true) to clear timer->entry.pprev and marks it as not pending. If reqsk_queue_unlink() checks timer_pending() just after expire_timers() calls detach_timer(), TCP will miss del_timer_sync(); the reqsk timer will continue running and send multiple SYN+ACKs until it expires. The reported UAF could happen if req->sk is close()d earlier than the timer expiration, which is 63s by default. The scenario would be 1. inet_csk_complete_hashdance() calls inet_csk_reqsk_queue_drop(), but del_timer_sync() is missed 2. reqsk timer is executed and scheduled again 3. req->sk is accept()ed and reqsk_put() decrements rsk_refcnt, but reqsk timer still has another one, and inet_csk_accept() does not clear req->sk for non-TFO sockets 4. sk is close()d 5. reqsk timer is executed again, and BPF touches req->sk Let's not use timer_pending() by passing the caller context to __inet_csk_reqsk_queue_drop(). Note that reqsk timer is pinned, so the issue does not happen in most use cases. [1] [0] BUG: KFENCE: use-after-free read in bpf_sk_storage_get_tracing+0x2e/0x1b0 Use-after-free read at 0x00000000a891fb3a (in kfence-#1): bpf_sk_storage_get_tracing+0x2e/0x1b0 bpf_prog_5ea3e95db6da0438_tcp_retransmit_synack+0x1d20/0x1dda bpf_trace_run2+0x4c/0xc0 tcp_rtx_synack+0xf9/0x100 reqsk_timer_handler+0xda/0x3d0 run_timer_softirq+0x292/0x8a0 irq_exit_rcu+0xf5/0x320 sysvec_apic_timer_interrupt+0x6d/0x80 asm_sysvec_apic_timer_interrupt+0x16/0x20 intel_idle_irq+0x5a/0xa0 cpuidle_enter_state+0x94/0x273 cpu_startup_entry+0x15e/0x260 start_secondary+0x8a/0x90 secondary_startup_64_no_verify+0xfa/0xfb kfence-#1: 0x00000000a72cc7b6-0x00000000d97616d9, size=2376, cache=TCPv6 allocated by task 0 on cpu 9 at 260507.901592s: sk_prot_alloc+0x35/0x140 sk_clone_lock+0x1f/0x3f0 inet_csk_clone_lock+0x15/0x160 tcp_create_openreq_child+0x1f/0x410 tcp_v6_syn_recv_sock+0x1da/0x700 tcp_check_req+0x1fb/0x510 tcp_v6_rcv+0x98b/0x1420 ipv6_list_rcv+0x2258/0x26e0 napi_complete_done+0x5b1/0x2990 mlx5e_napi_poll+0x2ae/0x8d0 net_rx_action+0x13e/0x590 irq_exit_rcu+0xf5/0x320 common_interrupt+0x80/0x90 asm_common_interrupt+0x22/0x40 cpuidle_enter_state+0xfb/0x273 cpu_startup_entry+0x15e/0x260 start_secondary+0x8a/0x90 secondary_startup_64_no_verify+0xfa/0xfb freed by task 0 on cpu 9 at 260507.927527s: rcu_core_si+0x4ff/0xf10 irq_exit_rcu+0xf5/0x320 sysvec_apic_timer_interrupt+0x6d/0x80 asm_sysvec_apic_timer_interrupt+0x16/0x20 cpuidle_enter_state+0xfb/0x273 cpu_startup_entry+0x15e/0x260 start_secondary+0x8a/0x90 secondary_startup_64_no_verify+0xfa/0xfb Fixes: 83fccfc3940c ("inet: fix potential deadlock in reqsk_queue_unlink()") Reported-by: Martin KaFai Lau Closes: https://lore.kernel.org/netdev/eb6684d0-ffd9-4bdc-9196-33f690c25824@linux.dev/ Link: https://lore.kernel.org/netdev/b55e2ca0-42f2-4b7c-b445-6ffd87ca74a0@linux.dev/ [1] Signed-off-by: Kuniyuki Iwashima Reviewed-by: Eric Dumazet Reviewed-by: Martin KaFai Lau Link: https://patch.msgid.link/20241014223312.4254-1-kuniyu@amazon.com Signed-off-by: Jakub Kicinski commit 77ad507dbb7ec1ecd60fc081d03616960ef596fd Author: Rob Clark Date: Tue Oct 15 15:13:34 2024 -0700 drm/msm/a6xx+: Insert a fence wait before SMMU table update The CP_SMMU_TABLE_UPDATE _should_ be waiting for idle, but on some devices (x1-85, possibly others), it seems to pass that barrier while there are still things in the event completion FIFO waiting to be written back to memory. Work around that by adding a fence wait before context switch. The CP_EVENT_WRITE that writes the fence is the last write from a submit, so seeing this value hit memory is a reliable indication that it is safe to proceed with the context switch. v2: Only emit CP_WAIT_TIMESTAMP on a7xx, as it is not supported on a6xx. Conversely, I've not been able to reproduce this issue on a6xx, so hopefully it is limited to a7xx, or perhaps just certain a7xx devices. Fixes: af66706accdf ("drm/msm/a6xx: Add skeleton A7xx support") Closes: https://gitlab.freedesktop.org/drm/msm/-/issues/63 Signed-off-by: Rob Clark Reviewed-by: Akhil P Oommen Signed-off-by: Abhinav Kumar commit fed07d3eb8a8d9fcc0e455175a89bc6445d6faed Author: Wang Hai Date: Mon Oct 14 22:59:01 2024 +0800 net: bcmasp: fix potential memory leak in bcmasp_xmit() The bcmasp_xmit() returns NETDEV_TX_OK without freeing skb in case of mapping fails, add dev_kfree_skb() to fix it. Fixes: 490cb412007d ("net: bcmasp: Add support for ASP2.0 Ethernet controller") Signed-off-by: Wang Hai Acked-by: Florian Fainelli Link: https://patch.msgid.link/20241014145901.48940-1-wanghai38@huawei.com Signed-off-by: Jakub Kicinski commit cf8989d20d64ad702a6210c11a0347ebf3852aa7 Author: Michael Ellerman Date: Fri Sep 20 19:35:20 2024 +1000 powerpc/powernv: Free name on error in opal_event_init() In opal_event_init() if request_irq() fails name is not freed, leading to a memory leak. The code only runs at boot time, there's no way for a user to trigger it, so there's no security impact. Fix the leak by freeing name in the error path. Reported-by: 2639161967 <2639161967@qq.com> Closes: https://lore.kernel.org/linuxppc-dev/87wmjp3wig.fsf@mail.lhotse Signed-off-by: Michael Ellerman Link: https://patch.msgid.link/20240920093520.67997-1-mpe@ellerman.id.au commit f87f3b80abaf7949e638dd17dfdc267066eb52d5 Author: Jessica Zhang Date: Wed Oct 9 20:46:19 2024 -0700 drm/msm/dpu: don't always program merge_3d block Only program the merge_3d block for the video phys encoder when the 3d blend mode is not NONE Fixes: 3e79527a33a8 ("drm/msm/dpu: enable merge_3d support on sm8150/sm8250") Suggested-by: Abhinav Kumar Signed-off-by: Jessica Zhang Patchwork: https://patchwork.freedesktop.org/patch/619095/ Link: https://lore.kernel.org/r/20241009-merge3d-fix-v1-1-0d0b6f5c244e@quicinc.com Signed-off-by: Abhinav Kumar commit 40dad89cb86ce824f2080441b2a6b7aedf695329 Author: Jessica Zhang Date: Wed Oct 9 20:41:13 2024 -0700 drm/msm/dpu: Don't always set merge_3d pending flush Don't set the merge_3d pending flush bits if the mode_3d is BLEND_3D_NONE. Always flushing merge_3d can cause timeout issues when there are multiple commits with concurrent writeback enabled. This is because the video phys enc waits for the hw_ctl flush register to be completely cleared [1] in its wait_for_commit_done(), but the WB encoder always sets the merge_3d pending flush during each commit regardless of if the merge_3d is actually active. This means that the hw_ctl flush register will never be 0 when there are multiple CWB commits and the video phys enc will hit vblank timeout errors after the first CWB commit. [1] commit fe9df3f50c39 ("drm/msm/dpu: add real wait_for_commit_done()") Fixes: 3e79527a33a8 ("drm/msm/dpu: enable merge_3d support on sm8150/sm8250") Fixes: d7d0e73f7de3 ("drm/msm/dpu: introduce the dpu_encoder_phys_* for writeback") Signed-off-by: Jessica Zhang Reviewed-by: Dmitry Baryshkov Patchwork: https://patchwork.freedesktop.org/patch/619092/ Link: https://lore.kernel.org/r/20241009-mode3d-fix-v1-1-c0258354fadc@quicinc.com Signed-off-by: Abhinav Kumar commit d038109ac1c6bf619473dda03a16a6de58170f7f Author: Fabrizio Castro Date: Fri Oct 11 18:20:03 2024 +0100 irqchip/renesas-rzg2l: Fix missing put_device rzg2l_irqc_common_init() calls of_find_device_by_node(), but the corresponding put_device() call is missing. This also gets reported by make coccicheck. Make use of the cleanup interfaces from cleanup.h to call into __free_put_device(), which in turn calls into put_device when leaving function rzg2l_irqc_common_init() and variable "dev" goes out of scope. To prevent that the device is put on successful completion, assign NULL to "dev" to prevent __free_put_device() from calling into put_device() within the successful path. "make coccicheck" will still complain about missing put_device() calls, but those are false positives now. Fixes: 3fed09559cd8 ("irqchip: Add RZ/G2L IA55 Interrupt Controller driver") Signed-off-by: Fabrizio Castro Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20241011172003.1242841-1-fabrizio.castro.jz@renesas.com commit a98a0f050ced4bd4ecb59e92412916012b7c2917 Author: Sunil V L Date: Mon Oct 14 12:27:39 2024 +0530 irqchip/riscv-intc: Fix SMP=n boot with ACPI When CONFIG_SMP is disabled, the static array rintc_acpi_data with size NR_CPUS is not sufficient to hold all RINTC structures passed from the firmware. All RINTC structures are required to configure IMSIC/APLIC/PLIC properly irrespective of SMP in the OS. So, allocate dynamic memory based on the number of RINTC structures in MADT to fix this issue. Fixes: f8619b66bdb1 ("irqchip/riscv-intc: Add ACPI support for AIA") Reported-by: Björn Töpel Signed-off-by: Sunil V L Signed-off-by: Thomas Gleixner Tested-by: Alexandre Ghiti Reviewed-by: Anup Patel Link: https://lore.kernel.org/all/20241014065739.656959-1-sunilvl@ventanamicro.com Closes: https://github.com/linux-riscv/linux-riscv/actions/runs/11280997511/job/31375229012 commit 1b59d6c19c2ca4e705effee5c2f68fd8ab307c90 Merge: aa56d752673aae da1642bc97c4ef Author: Arnd Bergmann Date: Tue Oct 15 20:39:42 2024 +0000 Merge tag 'scmi-fixes-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux into arm/fixes Arm SCMI fixes for v6.12 Couple of fixes to address the issues found and reported on Broadcom STB platforms following the recent refactor of all the SCMI transports as standalone drivers. One of the issue is that the effective timeout value is much less than the intended value due to the way mailbox messages are queues in the mailbox framework. Since we block or serialise the shmem access anyway, there is no point in utilizing mailbox queues. The issue is fixed with exclusive lock on the channel when sending the message. The other issues is actually non-issue for upstream, but the workaround is just changing the link order of the transport drivers which enables Broadcom STB platforms to run both upstream and custom downstream kernel without any device tree changes. So pushing this to help them test upstream seamlessly as it has no practical or theoretical impact for others. There is also a fix to address possible double freeing of the name string in scmi_debugfs_common_cleanup() when devm_add_action_or_reset() fails. * tag 'scmi-fixes-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux: firmware: arm_scmi: Queue in scmi layer for mailbox implementation firmware: arm_scmi: Give SMC transport precedence over mailbox firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() Link: https://lore.kernel.org/r/20241015185128.1000604-1-sudeep.holla@arm.com Signed-off-by: Arnd Bergmann commit aa56d752673aaec3cab7d73c668c4b29925d3ba0 Merge: 6f547381662cb2 b0798838418abe Author: Arnd Bergmann Date: Tue Oct 15 20:38:27 2024 +0000 Merge tag 'ffa-fixes-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux into arm/fixes Arm FF-A fixes for v6.12 Couple of fixes to avoid string-fortify warnings in export_uuid() and memcpy() from the recently added functions to support FFA_MSG_SEND_DIRECT_REQ2 and FFA_MSG_SEND_DIRECT_RESP2. * tag 'ffa-fixes-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux: firmware: arm_ffa: Avoid string-fortify warning caused by memcpy() firmware: arm_ffa: Avoid string-fortify warning in export_uuid() Link: https://lore.kernel.org/r/20241015185037.1000435-1-sudeep.holla@arm.com Signed-off-by: Arnd Bergmann commit 6f547381662cb29f81b9e35bdd0e6686930d7cb6 Merge: 76237ff95bf769 841dd5b122b4b8 Author: Arnd Bergmann Date: Tue Oct 15 20:37:29 2024 +0000 Merge tag 'mvebu-fixes-6.12-1' of https://git.kernel.org/pub/scm/linux/kernel/git/gclement/mvebu into arm/fixes mvebu fixes for 6.12 (part 1) Fix cp0 mdio pin numbers on SolidRun CN9130 SoM * tag 'mvebu-fixes-6.12-1' of https://git.kernel.org/pub/scm/linux/kernel/git/gclement/mvebu: arm64: dts: marvell: cn9130-sr-som: fix cp0 mdio pin numbers Link: https://lore.kernel.org/r/87ldyud25o.fsf@BLaptop.bootlin.com Signed-off-by: Arnd Bergmann commit 76237ff95bf7691f115b1b08a1fbdfd61bc398b1 Merge: b72cd67a0300f3 2cf59663660799 Author: Arnd Bergmann Date: Tue Oct 15 20:36:53 2024 +0000 Merge tag 'reset-fixes-for-v6.12' of git://git.pengutronix.de/pza/linux into arm/fixes Reset controller fixes for v6.12 Fix a NULL pointer dereference in reset-starfive-jh71x0 and replace two accidental commas at line endings with semicolons in reset-npcm. * tag 'reset-fixes-for-v6.12' of git://git.pengutronix.de/pza/linux: reset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC reset: npcm: convert comma to semicolon Link: https://lore.kernel.org/r/20240930165733.1541936-1-p.zabel@pengutronix.de Signed-off-by: Arnd Bergmann commit c401ed1c709948e57945485088413e1bb5e94bd1 Author: Wang Hai Date: Mon Oct 14 22:51:15 2024 +0800 net: systemport: fix potential memory leak in bcm_sysport_xmit() The bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skb in case of dma_map_single() fails, add dev_kfree_skb() to fix it. Fixes: 80105befdb4b ("net: systemport: add Broadcom SYSTEMPORT Ethernet MAC driver") Signed-off-by: Wang Hai Link: https://patch.msgid.link/20241014145115.44977-1-wanghai38@huawei.com Signed-off-by: Jakub Kicinski commit 2f87d0916ce0d2925cedbc9e8f5d6291ba2ac7b2 Merge: bdc72765122356 09661f75e75cb6 Author: Linus Torvalds Date: Tue Oct 15 11:18:44 2024 -0700 Merge tag 'trace-ringbuffer-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull ring-buffer fixes from Steven Rostedt: - Fix ref counter of buffers assigned at boot up A tracing instance can be created from the kernel command line. If it maps to memory, it is considered permanent and should not be deleted, or bad things can happen. If it is not mapped to memory, then the user is fine to delete it via rmdir from the instances directory. But the ref counts assumed 0 was free to remove and greater than zero was not. But this was not the case. When an instance is created, it should have the reference of 1, and if it should not be removed, it must be greater than 1. The boot up code set normal instances with a ref count of 0, which could get removed if something accessed it and then released it. And memory mapped instances had a ref count of 1 which meant it could be deleted, and bad things happen. Keep normal instances ref count as 1, and set memory mapped instances ref count to 2. - Protect sub buffer size (order) updates from other modifications When a ring buffer is changing the size of its sub-buffers, no other operations should be performed on the ring buffer. That includes reading it. But the locking only grabbed the buffer->mutex that keeps some operations from touching the ring buffer. It also must hold the cpu_buffer->reader_lock as well when updates happen as other paths use that to do some operations on the ring buffer. * tag 'trace-ringbuffer-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: ring-buffer: Fix reader locking when changing the sub buffer order ring-buffer: Fix refcount setting of boot mapped buffers commit ee230090f62fbb1c63c7f305d57289ab753221ef Merge: b836cbdf3b81a4 35ccd576a23ce4 Author: Alexei Starovoitov Date: Tue Oct 15 11:16:25 2024 -0700 Merge branch 'fix-truncation-bug-in-coerce_reg_to_size_sx-and-extend-selftests' Dimitar Kanaliev says: ==================== Fix truncation bug in coerce_reg_to_size_sx and extend selftests. This patch series addresses a truncation bug in the eBPF verifier function coerce_reg_to_size_sx(). The issue was caused by the incorrect ordering of assignments between 32-bit and 64-bit min/max values, leading to improper truncation when updating the register state. This issue has been reported previously by Zac Ecob[1] , but was not followed up on. The first patch fixes the assignment order in coerce_reg_to_size_sx() to ensure correct truncation. The subsequent patches add selftests for coerce_{reg,subreg}_to_size_sx. Changelog: v1 -> v2: - Moved selftests inside the conditional check for cpuv4 [1] (https://lore.kernel.org/bpf/h3qKLDEO6m9nhif0eAQX4fVrqdO0D_OPb0y5HfMK9jBePEKK33wQ3K-bqSVnr0hiZdFZtSJOsbNkcEQGpv_yJk61PAAiO8fUkgMRSO-lB50=@protonmail.com/) ==================== Link: https://lore.kernel.org/r/20241014121155.92887-1-dimitar.kanaliev@siteground.com Signed-off-by: Alexei Starovoitov commit 35ccd576a23ce495b4064f4a3445626de790cd23 Author: Dimitar Kanaliev Date: Mon Oct 14 15:11:55 2024 +0300 selftests/bpf: Add test for sign extension in coerce_subreg_to_size_sx() Add a test for unsigned ranges after signed extension instruction. This case isn't currently covered by existing tests in verifier_movsx.c. Acked-by: Shung-Hsi Yu Signed-off-by: Dimitar Kanaliev Acked-by: Yonghong Song Link: https://lore.kernel.org/r/20241014121155.92887-4-dimitar.kanaliev@siteground.com Signed-off-by: Alexei Starovoitov commit 61f506eacc77a9dad510fce92477af72be82c89d Author: Dimitar Kanaliev Date: Mon Oct 14 15:11:54 2024 +0300 selftests/bpf: Add test for truncation after sign extension in coerce_reg_to_size_sx() Add test that checks whether unsigned ranges deduced by the verifier for sign extension instruction is correct. Without previous patch that fixes truncation in coerce_reg_to_size_sx() this test fails. Acked-by: Shung-Hsi Yu Signed-off-by: Dimitar Kanaliev Acked-by: Yonghong Song Link: https://lore.kernel.org/r/20241014121155.92887-3-dimitar.kanaliev@siteground.com Signed-off-by: Alexei Starovoitov commit ae67b9fb8c4e981e929a665dcaa070f4b05ebdb4 Author: Dimitar Kanaliev Date: Mon Oct 14 15:11:53 2024 +0300 bpf: Fix truncation bug in coerce_reg_to_size_sx() coerce_reg_to_size_sx() updates the register state after a sign-extension operation. However, there's a bug in the assignment order of the unsigned min/max values, leading to incorrect truncation: 0: (85) call bpf_get_prandom_u32#7 ; R0_w=scalar() 1: (57) r0 &= 1 ; R0_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=1,var_off=(0x0; 0x1)) 2: (07) r0 += 254 ; R0_w=scalar(smin=umin=smin32=umin32=254,smax=umax=smax32=umax32=255,var_off=(0xfe; 0x1)) 3: (bf) r0 = (s8)r0 ; R0_w=scalar(smin=smin32=-2,smax=smax32=-1,umin=umin32=0xfffffffe,umax=0xffffffff,var_off=(0xfffffffffffffffe; 0x1)) In the current implementation, the unsigned 32-bit min/max values (u32_min_value and u32_max_value) are assigned directly from the 64-bit signed min/max values (s64_min and s64_max): reg->umin_value = reg->u32_min_value = s64_min; reg->umax_value = reg->u32_max_value = s64_max; Due to the chain assigmnent, this is equivalent to: reg->u32_min_value = s64_min; // Unintended truncation reg->umin_value = reg->u32_min_value; reg->u32_max_value = s64_max; // Unintended truncation reg->umax_value = reg->u32_max_value; Fixes: 1f9a1ea821ff ("bpf: Support new sign-extension load insns") Reported-by: Shung-Hsi Yu Reported-by: Zac Ecob Signed-off-by: Dimitar Kanaliev Acked-by: Yonghong Song Reviewed-by: Shung-Hsi Yu Link: https://lore.kernel.org/r/20241014121155.92887-2-dimitar.kanaliev@siteground.com Signed-off-by: Alexei Starovoitov commit bdc72765122356796aa72f6e99142cdf24254ce5 Merge: eca631b8fe8087 5e3b72324d3262 Author: Linus Torvalds Date: Tue Oct 15 11:06:45 2024 -0700 Merge tag 'bcachefs-2024-10-14' of git://evilpiepirate.org/bcachefs Pull bcachefs fixes from Kent Overstreet: - New metadata version inode_has_child_snapshots This fixes bugs with handling of unlinked inodes + snapshots, in particular when an inode is reattached after taking a snapshot; deleted inodes now get correctly cleaned up across snapshots. - Disk accounting rewrite fixes - validation fixes for when a device has been removed - fix journal replay failing with "journal_reclaim_would_deadlock" - Some more small fixes for erasure coding + device removal - Assorted small syzbot fixes * tag 'bcachefs-2024-10-14' of git://evilpiepirate.org/bcachefs: (27 commits) bcachefs: Fix sysfs warning in fstests generic/730,731 bcachefs: Handle race between stripe reuse, invalidate_stripe_to_dev bcachefs: Fix kasan splat in new_stripe_alloc_buckets() bcachefs: Add missing validation for bch_stripe.csum_granularity_bits bcachefs: Fix missing bounds checks in bch2_alloc_read() bcachefs: fix uaf in bch2_dio_write_done() bcachefs: Improve check_snapshot_exists() bcachefs: Fix bkey_nocow_lock() bcachefs: Fix accounting replay flags bcachefs: Fix invalid shift in member_to_text() bcachefs: Fix bch2_have_enough_devs() for BCH_SB_MEMBER_INVALID bcachefs: __wait_for_freeing_inode: Switch to wait_bit_queue_entry bcachefs: Check if stuck in journal_res_get() closures: Add closure_wait_event_timeout() bcachefs: Fix state lock involved deadlock bcachefs: Fix NULL pointer dereference in bch2_opt_to_text bcachefs: Release transaction before wake up bcachefs: add check for btree id against max in try read node bcachefs: Disk accounting device validation fixes bcachefs: bch2_inode_or_descendents_is_open() ... commit c186b7a7f2387d9e09ad408420570be025b187c5 Author: Wang Hai Date: Mon Oct 14 22:42:50 2024 +0800 net: ethernet: rtsn: fix potential memory leak in rtsn_start_xmit() The rtsn_start_xmit() returns NETDEV_TX_OK without freeing skb in case of skb->len being too long, add dev_kfree_skb_any() to fix it. Fixes: b0d3969d2b4d ("net: ethernet: rtsn: Add support for Renesas Ethernet-TSN") Signed-off-by: Wang Hai Reviewed-by: Niklas Söderlund Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20241014144250.38802-1-wanghai38@huawei.com Signed-off-by: Jakub Kicinski commit 99714e37e8333bbc22496fe80f241d5b35380e83 Author: Wang Hai Date: Mon Oct 14 22:37:04 2024 +0800 net: xilinx: axienet: fix potential memory leak in axienet_start_xmit() The axienet_start_xmit() returns NETDEV_TX_OK without freeing skb in case of dma_map_single() fails, add dev_kfree_skb_any() to fix it. Fixes: 71791dc8bdea ("net: axienet: Check for DMA mapping errors") Signed-off-by: Wang Hai Reviewed-by: Radhey Shyam Pandey Link: https://patch.msgid.link/20241014143704.31938-1-wanghai38@huawei.com Signed-off-by: Jakub Kicinski commit 56f51dfdff841bd07a31e86834283f4fee2f8c88 Merge: 82ac39ebd6db0c 5afca7e996c42a Author: Jakub Kicinski Date: Tue Oct 15 10:57:04 2024 -0700 Merge branch 'mptcp-prevent-mpc-handshake-on-port-based-signal-endpoints' Matthieu Baerts says: ==================== mptcp: prevent MPC handshake on port-based signal endpoints MPTCP connection requests toward a listening socket created by the in-kernel PM for a port based signal endpoint will never be accepted, they need to be explicitly rejected. - Patch 1: Explicitly reject such requests. A fix for >= v5.12. - Patch 2: Cover this case in the MPTCP selftests to avoid regressions. Signed-off-by: Matthieu Baerts (NGI0) v1: https://lore.kernel.org/20240908180620.822579-1-xiyou.wangcong@gmail.com Link: https://lore.kernel.org/a5289a0d-2557-40b8-9575-6f1a0bbf06e4@redhat.com ==================== Link: https://patch.msgid.link/20241014-net-mptcp-mpc-port-endp-v2-0-7faea8e6b6ae@kernel.org Signed-off-by: Jakub Kicinski commit 5afca7e996c42aed1b4a42d4712817601ba42aff Author: Paolo Abeni Date: Mon Oct 14 16:06:01 2024 +0200 selftests: mptcp: join: test for prohibited MPC to port-based endp Explicitly verify that MPC connection attempts towards a port-based signal endpoint fail with a reset. Note that this new test is a bit different from the other ones, not using 'run_tests'. It is then needed to add the capture capability, and the picking the right port which have been extracted into three new helpers. The info about the capture can also be printed from a single point, which simplifies the exit paths in do_transfer(). The 'Fixes' tag here below is the same as the one from the previous commit: this patch here is not fixing anything wrong in the selftests, but it validates the previous fix for an issue introduced by this commit ID. Fixes: 1729cf186d8a ("mptcp: create the listening socket for new port") Cc: stable@vger.kernel.org Co-developed-by: Matthieu Baerts (NGI0) Signed-off-by: Matthieu Baerts (NGI0) Signed-off-by: Paolo Abeni Reviewed-by: Mat Martineau Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20241014-net-mptcp-mpc-port-endp-v2-2-7faea8e6b6ae@kernel.org Signed-off-by: Jakub Kicinski commit 3d041393ea8c815f773020fb4a995331a69c0139 Author: Paolo Abeni Date: Mon Oct 14 16:06:00 2024 +0200 mptcp: prevent MPC handshake on port-based signal endpoints Syzkaller reported a lockdep splat: ============================================ WARNING: possible recursive locking detected 6.11.0-rc6-syzkaller-00019-g67784a74e258 #0 Not tainted -------------------------------------------- syz-executor364/5113 is trying to acquire lock: ffff8880449f1958 (k-slock-AF_INET){+.-.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline] ffff8880449f1958 (k-slock-AF_INET){+.-.}-{2:2}, at: sk_clone_lock+0x2cd/0xf40 net/core/sock.c:2328 but task is already holding lock: ffff88803fe3cb58 (k-slock-AF_INET){+.-.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline] ffff88803fe3cb58 (k-slock-AF_INET){+.-.}-{2:2}, at: sk_clone_lock+0x2cd/0xf40 net/core/sock.c:2328 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(k-slock-AF_INET); lock(k-slock-AF_INET); *** DEADLOCK *** May be due to missing lock nesting notation 7 locks held by syz-executor364/5113: #0: ffff8880449f0e18 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1607 [inline] #0: ffff8880449f0e18 (sk_lock-AF_INET){+.+.}-{0:0}, at: mptcp_sendmsg+0x153/0x1b10 net/mptcp/protocol.c:1806 #1: ffff88803fe39ad8 (k-sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1607 [inline] #1: ffff88803fe39ad8 (k-sk_lock-AF_INET){+.+.}-{0:0}, at: mptcp_sendmsg_fastopen+0x11f/0x530 net/mptcp/protocol.c:1727 #2: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline] #2: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline] #2: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: __ip_queue_xmit+0x5f/0x1b80 net/ipv4/ip_output.c:470 #3: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline] #3: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline] #3: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: ip_finish_output2+0x45f/0x1390 net/ipv4/ip_output.c:228 #4: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: local_lock_acquire include/linux/local_lock_internal.h:29 [inline] #4: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: process_backlog+0x33b/0x15b0 net/core/dev.c:6104 #5: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:326 [inline] #5: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline] #5: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: ip_local_deliver_finish+0x230/0x5f0 net/ipv4/ip_input.c:232 #6: ffff88803fe3cb58 (k-slock-AF_INET){+.-.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline] #6: ffff88803fe3cb58 (k-slock-AF_INET){+.-.}-{2:2}, at: sk_clone_lock+0x2cd/0xf40 net/core/sock.c:2328 stack backtrace: CPU: 0 UID: 0 PID: 5113 Comm: syz-executor364 Not tainted 6.11.0-rc6-syzkaller-00019-g67784a74e258 #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119 check_deadlock kernel/locking/lockdep.c:3061 [inline] validate_chain+0x15d3/0x5900 kernel/locking/lockdep.c:3855 __lock_acquire+0x137a/0x2040 kernel/locking/lockdep.c:5142 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5759 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 spin_lock include/linux/spinlock.h:351 [inline] sk_clone_lock+0x2cd/0xf40 net/core/sock.c:2328 mptcp_sk_clone_init+0x32/0x13c0 net/mptcp/protocol.c:3279 subflow_syn_recv_sock+0x931/0x1920 net/mptcp/subflow.c:874 tcp_check_req+0xfe4/0x1a20 net/ipv4/tcp_minisocks.c:853 tcp_v4_rcv+0x1c3e/0x37f0 net/ipv4/tcp_ipv4.c:2267 ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205 ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233 NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314 NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314 __netif_receive_skb_one_core net/core/dev.c:5661 [inline] __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5775 process_backlog+0x662/0x15b0 net/core/dev.c:6108 __napi_poll+0xcb/0x490 net/core/dev.c:6772 napi_poll net/core/dev.c:6841 [inline] net_rx_action+0x89b/0x1240 net/core/dev.c:6963 handle_softirqs+0x2c4/0x970 kernel/softirq.c:554 do_softirq+0x11b/0x1e0 kernel/softirq.c:455 __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382 local_bh_enable include/linux/bottom_half.h:33 [inline] rcu_read_unlock_bh include/linux/rcupdate.h:908 [inline] __dev_queue_xmit+0x1763/0x3e90 net/core/dev.c:4450 dev_queue_xmit include/linux/netdevice.h:3105 [inline] neigh_hh_output include/net/neighbour.h:526 [inline] neigh_output include/net/neighbour.h:540 [inline] ip_finish_output2+0xd41/0x1390 net/ipv4/ip_output.c:235 ip_local_out net/ipv4/ip_output.c:129 [inline] __ip_queue_xmit+0x118c/0x1b80 net/ipv4/ip_output.c:535 __tcp_transmit_skb+0x2544/0x3b30 net/ipv4/tcp_output.c:1466 tcp_rcv_synsent_state_process net/ipv4/tcp_input.c:6542 [inline] tcp_rcv_state_process+0x2c32/0x4570 net/ipv4/tcp_input.c:6729 tcp_v4_do_rcv+0x77d/0xc70 net/ipv4/tcp_ipv4.c:1934 sk_backlog_rcv include/net/sock.h:1111 [inline] __release_sock+0x214/0x350 net/core/sock.c:3004 release_sock+0x61/0x1f0 net/core/sock.c:3558 mptcp_sendmsg_fastopen+0x1ad/0x530 net/mptcp/protocol.c:1733 mptcp_sendmsg+0x1884/0x1b10 net/mptcp/protocol.c:1812 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg+0x1a6/0x270 net/socket.c:745 ____sys_sendmsg+0x525/0x7d0 net/socket.c:2597 ___sys_sendmsg net/socket.c:2651 [inline] __sys_sendmmsg+0x3b2/0x740 net/socket.c:2737 __do_sys_sendmmsg net/socket.c:2766 [inline] __se_sys_sendmmsg net/socket.c:2763 [inline] __x64_sys_sendmmsg+0xa0/0xb0 net/socket.c:2763 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f04fb13a6b9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 01 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffd651f42d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f04fb13a6b9 RDX: 0000000000000001 RSI: 0000000020000d00 RDI: 0000000000000004 RBP: 00007ffd651f4310 R08: 0000000000000001 R09: 0000000000000001 R10: 0000000020000080 R11: 0000000000000246 R12: 00000000000f4240 R13: 00007f04fb187449 R14: 00007ffd651f42f4 R15: 00007ffd651f4300 As noted by Cong Wang, the splat is false positive, but the code path leading to the report is an unexpected one: a client is attempting an MPC handshake towards the in-kernel listener created by the in-kernel PM for a port based signal endpoint. Such connection will be never accepted; many of them can make the listener queue full and preventing the creation of MPJ subflow via such listener - its intended role. Explicitly detect this scenario at initial-syn time and drop the incoming MPC request. Fixes: 1729cf186d8a ("mptcp: create the listening socket for new port") Cc: stable@vger.kernel.org Reported-by: syzbot+f4aacdfef2c6a6529c3e@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=f4aacdfef2c6a6529c3e Cc: Cong Wang Signed-off-by: Paolo Abeni Reviewed-by: Matthieu Baerts (NGI0) Reviewed-by: Mat Martineau Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20241014-net-mptcp-mpc-port-endp-v2-1-7faea8e6b6ae@kernel.org Signed-off-by: Jakub Kicinski commit 82ac39ebd6db0c9f7a97a934bda1e3e101a9d201 Author: Li RongQing Date: Mon Oct 14 19:53:21 2024 +0800 net/smc: Fix searching in list of known pnetids in smc_pnet_add_pnetid pnetid of pi (not newly allocated pe) should be compared Fixes: e888a2e8337c ("net/smc: introduce list of pnetids for Ethernet devices") Reviewed-by: D. Wythe Reviewed-by: Wen Gu Signed-off-by: Li RongQing Reviewed-by: Simon Horman Reviewed-by: Gerd Bayer Link: https://patch.msgid.link/20241014115321.33234-1-lirongqing@baidu.com Signed-off-by: Jakub Kicinski commit d0c3601f2c4e12e7689b0f46ebc17525250ea8c3 Author: Oleksij Rempel Date: Sun Oct 13 07:29:16 2024 +0200 net: macb: Avoid 20s boot delay by skipping MDIO bus registration for fixed-link PHY A boot delay was introduced by commit 79540d133ed6 ("net: macb: Fix handling of fixed-link node"). This delay was caused by the call to `mdiobus_register()` in cases where a fixed-link PHY was present. The MDIO bus registration triggered unnecessary PHY address scans, leading to a 20-second delay due to attempts to detect Clause 45 (C45) compatible PHYs, despite no MDIO bus being attached. The commit 79540d133ed6 ("net: macb: Fix handling of fixed-link node") was originally introduced to fix a regression caused by commit 7897b071ac3b4 ("net: macb: convert to phylink"), which caused the driver to misinterpret fixed-link nodes as PHY nodes. This resulted in warnings like: mdio_bus f0028000.ethernet-ffffffff: fixed-link has invalid PHY address mdio_bus f0028000.ethernet-ffffffff: scan phy fixed-link at address 0 ... mdio_bus f0028000.ethernet-ffffffff: scan phy fixed-link at address 31 This patch reworks the logic to avoid registering and allocation of the MDIO bus when: - The device tree contains a fixed-link node. - There is no "mdio" child node in the device tree. If a child node named "mdio" exists, the MDIO bus will be registered to support PHYs attached to the MACB's MDIO bus. Otherwise, with only a fixed-link, the MDIO bus is skipped. Tested on a sama5d35 based system with a ksz8863 switch attached to macb0. Fixes: 79540d133ed6 ("net: macb: Fix handling of fixed-link node") Signed-off-by: Oleksij Rempel Cc: stable@vger.kernel.org Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20241013052916.3115142-1-o.rempel@pengutronix.de Signed-off-by: Jakub Kicinski commit cf57b5d7a2aad456719152ecd12007fe031628a3 Author: Wang Hai Date: Sat Oct 12 19:04:34 2024 +0800 net: ethernet: aeroflex: fix potential memory leak in greth_start_xmit_gbit() The greth_start_xmit_gbit() returns NETDEV_TX_OK without freeing skb in case of skb->len being too long, add dev_kfree_skb() to fix it. Fixes: d4c41139df6e ("net: Add Aeroflex Gaisler 10/100/1G Ethernet MAC driver") Signed-off-by: Wang Hai Reviewed-by: Gerhard Engleder Link: https://patch.msgid.link/20241012110434.49265-1-wanghai38@huawei.com Signed-off-by: Jakub Kicinski commit a1494d532e28598bde7a5544892ef9c7dbfafa93 Author: Eric Dumazet Date: Sat Oct 12 09:42:30 2024 +0000 netdevsim: use cond_resched() in nsim_dev_trap_report_work() I am still seeing many syzbot reports hinting that syzbot might fool nsim_dev_trap_report_work() with hundreds of ports [1] Lets use cond_resched(), and system_unbound_wq instead of implicit system_wq. [1] INFO: task syz-executor:20633 blocked for more than 143 seconds. Not tainted 6.12.0-rc2-syzkaller-00205-g1d227fcc7222 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor state:D stack:25856 pid:20633 tgid:20633 ppid:1 flags:0x00004006 ... NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 16760 Comm: kworker/1:0 Not tainted 6.12.0-rc2-syzkaller-00205-g1d227fcc7222 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Workqueue: events nsim_dev_trap_report_work RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 kernel/kcov.c:210 Code: 89 fb e8 23 00 00 00 48 8b 3d 04 fb 9c 0c 48 89 de 5b e9 c3 c7 5d 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 c0 d7 03 00 65 8b 15 60 f0 RSP: 0018:ffffc90000a187e8 EFLAGS: 00000246 RAX: 0000000000000100 RBX: ffffc90000a188e0 RCX: ffff888027d3bc00 RDX: ffff888027d3bc00 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffff88804a2e6000 R08: ffffffff8a4bc495 R09: ffffffff89da3577 R10: 0000000000000004 R11: ffffffff8a4bc2b0 R12: dffffc0000000000 R13: ffff88806573b503 R14: dffffc0000000000 R15: ffff8880663cca00 FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc90a747f98 CR3: 000000000e734000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 000000000000002b DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 Call Trace: __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382 spin_unlock_bh include/linux/spinlock.h:396 [inline] nsim_dev_trap_report drivers/net/netdevsim/dev.c:820 [inline] nsim_dev_trap_report_work+0x75d/0xaa0 drivers/net/netdevsim/dev.c:850 process_one_work kernel/workqueue.c:3229 [inline] process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310 worker_thread+0x870/0xd30 kernel/workqueue.c:3391 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Fixes: ba5e1272142d ("netdevsim: avoid potential loop in nsim_dev_trap_report_work()") Reported-by: syzbot+d383dc9579a76f56c251@syzkaller.appspotmail.com Reported-by: syzbot+c596faae21a68bf7afd0@syzkaller.appspotmail.com Signed-off-by: Eric Dumazet Cc: Jiri Pirko Link: https://patch.msgid.link/20241012094230.3893510-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit cf58aefb1332db322060cad4a330d5f9292b0f41 Author: Sabrina Dubroca Date: Fri Oct 11 17:16:37 2024 +0200 macsec: don't increment counters for an unrelated SA On RX, we shouldn't be incrementing the stats for an arbitrary SA in case the actual SA hasn't been set up. Those counters are intended to track packets for their respective AN when the SA isn't currently configured. Due to the way MACsec is implemented, we don't keep counters unless the SA is configured, so we can't track those packets, and those counters will remain at 0. The RXSC's stats keeps track of those packets without telling us which AN they belonged to. We could add counters for non-existent SAs, and then find a way to integrate them in the dump to userspace, but I don't think it's worth the effort. Fixes: 91ec9bd57f35 ("macsec: Fix traffic counters/statistics") Reported-by: Paolo Abeni Signed-off-by: Sabrina Dubroca Link: https://patch.msgid.link/f5ac92aaa5b89343232615f4c03f9f95042c6aa0.1728657709.git.sd@queasysnail.net Signed-off-by: Jakub Kicinski commit eb0c062161cf5f98556a906c48b0cfc019d9e89c Author: Thierry Reding Date: Mon Sep 16 15:33:20 2024 +0200 gpu: host1x: Set up device DMA parameters In order to store device DMA parameters, the DMA framework depends on the device's dma_parms field to point at a valid memory location. Add backing storage for this in struct host1x_memory_context and point to it. Reported-by: Jonathan Hunter Reviewed-by: Christoph Hellwig Tested-by: Jon Hunter Signed-off-by: Thierry Reding Link: https://patchwork.freedesktop.org/patch/msgid/20240916133320.368620-1-thierry.reding@gmail.com (cherry picked from commit b4ad4ef374d66cc8df3188bb1ddb65bce5fc9e50) Signed-off-by: Thierry Reding commit cb07c8338fc2b9d5f949a19d4a07ee4d5ecf8793 Author: Alex Deucher Date: Wed Oct 2 10:22:30 2024 -0400 drm/amdgpu/swsmu: Only force workload setup on init Needed to set the workload type at init time so that we can apply the navi3x margin optimization. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3618 Link: https://gitlab.freedesktop.org/drm/amd/-/issues/3131 Fixes: c50fe289ed72 ("drm/amdgpu/swsmu: always force a state reprogram on init") Reviewed-by: Kenneth Feng Signed-off-by: Alex Deucher (cherry picked from commit 580ad7cbd4b7be8d2cb5ab5c1fca6bb76045eb0e) Cc: stable@vger.kernel.org commit 28127dba64d8ae1a0b737b973d6d029908599611 Author: Ville Syrjälä Date: Mon Oct 14 19:09:36 2024 +0300 drm/radeon: Fix encoder->possible_clones Include the encoder itself in its possible_clones bitmask. In the past nothing validated that drivers were populating possible_clones correctly, but that changed in commit 74d2aacbe840 ("drm: Validate encoder->possible_clones"). Looks like radeon never got the memo and is still not following the rules 100% correctly. This results in some warnings during driver initialization: Bogus possible_clones: [ENCODER:46:TV-46] possible_clones=0x4 (full encoder mask=0x7) WARNING: CPU: 0 PID: 170 at drivers/gpu/drm/drm_mode_config.c:615 drm_mode_config_validate+0x113/0x39c ... Cc: Alex Deucher Cc: amd-gfx@lists.freedesktop.org Fixes: 74d2aacbe840 ("drm: Validate encoder->possible_clones") Reported-by: Erhard Furtner Closes: https://lore.kernel.org/dri-devel/20241009000321.418e4294@yea/ Tested-by: Erhard Furtner Signed-off-by: Ville Syrjälä Signed-off-by: Alex Deucher (cherry picked from commit 3b6e7d40649c0d75572039aff9d0911864c689db) Cc: stable@vger.kernel.org commit 7a1613e47e65ba6967085ad99dee95420346a0ce Author: Alex Deucher Date: Thu Oct 3 10:09:50 2024 -0400 drm/amdgpu/smu13: always apply the powersave optimization It can avoid margin issues in some very demanding applications. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3618 Link: https://gitlab.freedesktop.org/drm/amd/-/issues/3131 Fixes: c50fe289ed72 ("drm/amdgpu/swsmu: always force a state reprogram on init") Reviewed-by: Kenneth Feng Signed-off-by: Alex Deucher (cherry picked from commit 62f38b4ccaa6aa063ca781d80b10aacd39dc5c76) Cc: stable@vger.kernel.org commit 68d26c10ef503175df3142db6fcd75dd94860592 Author: Philip Yang Date: Fri Oct 4 16:28:07 2024 -0400 drm/amdkfd: Accounting pdd vram_usage for svm Process device data pdd->vram_usage is read by rocm-smi via sysfs, this is currently missing the svm_bo usage accounting, so "rocm-smi --showpids" per process VRAM usage report is incorrect. Add pdd->vram_usage accounting when svm_bo allocation and release, change to atomic64_t type because it is updated outside process mutex now. Signed-off-by: Philip Yang Reviewed-by: Felix Kuehling Signed-off-by: Alex Deucher (cherry picked from commit 98c0b0efcc11f2a5ddf3ce33af1e48eedf808b04) commit e7457532cb7167516263150ceae86f36d6ef9683 Author: Srinivasan Shanmugam Date: Tue Oct 8 19:01:48 2024 +0530 drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring This patch addresses a double unlock issue in the amdgpu_mes_add_ring function. The mutex was being unlocked twice under certain error conditions, which could lead to undefined behavior. The fix ensures that the mutex is unlocked only once before jumping to the clean_up_memory label. The unlock operation is moved to just before the goto statement within the conditional block that checks the return value of amdgpu_ring_init. This prevents the second unlock attempt after the clean_up_memory label, which is no longer necessary as the mutex is already unlocked by this point in the code flow. This change resolves the potential double unlock and maintains the correct mutex handling throughout the function. Fixes below: Commit d0c423b64765 ("drm/amdgpu/mes: use ring for kernel queue submission"), leads to the following Smatch static checker warning: drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c:1240 amdgpu_mes_add_ring() warn: double unlock '&adev->mes.mutex_hidden' (orig line 1213) drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c 1143 int amdgpu_mes_add_ring(struct amdgpu_device *adev, int gang_id, 1144 int queue_type, int idx, 1145 struct amdgpu_mes_ctx_data *ctx_data, 1146 struct amdgpu_ring **out) 1147 { 1148 struct amdgpu_ring *ring; 1149 struct amdgpu_mes_gang *gang; 1150 struct amdgpu_mes_queue_properties qprops = {0}; 1151 int r, queue_id, pasid; 1152 1153 /* 1154 * Avoid taking any other locks under MES lock to avoid circular 1155 * lock dependencies. 1156 */ 1157 amdgpu_mes_lock(&adev->mes); 1158 gang = idr_find(&adev->mes.gang_id_idr, gang_id); 1159 if (!gang) { 1160 DRM_ERROR("gang id %d doesn't exist\n", gang_id); 1161 amdgpu_mes_unlock(&adev->mes); 1162 return -EINVAL; 1163 } 1164 pasid = gang->process->pasid; 1165 1166 ring = kzalloc(sizeof(struct amdgpu_ring), GFP_KERNEL); 1167 if (!ring) { 1168 amdgpu_mes_unlock(&adev->mes); 1169 return -ENOMEM; 1170 } 1171 1172 ring->ring_obj = NULL; 1173 ring->use_doorbell = true; 1174 ring->is_mes_queue = true; 1175 ring->mes_ctx = ctx_data; 1176 ring->idx = idx; 1177 ring->no_scheduler = true; 1178 1179 if (queue_type == AMDGPU_RING_TYPE_COMPUTE) { 1180 int offset = offsetof(struct amdgpu_mes_ctx_meta_data, 1181 compute[ring->idx].mec_hpd); 1182 ring->eop_gpu_addr = 1183 amdgpu_mes_ctx_get_offs_gpu_addr(ring, offset); 1184 } 1185 1186 switch (queue_type) { 1187 case AMDGPU_RING_TYPE_GFX: 1188 ring->funcs = adev->gfx.gfx_ring[0].funcs; 1189 ring->me = adev->gfx.gfx_ring[0].me; 1190 ring->pipe = adev->gfx.gfx_ring[0].pipe; 1191 break; 1192 case AMDGPU_RING_TYPE_COMPUTE: 1193 ring->funcs = adev->gfx.compute_ring[0].funcs; 1194 ring->me = adev->gfx.compute_ring[0].me; 1195 ring->pipe = adev->gfx.compute_ring[0].pipe; 1196 break; 1197 case AMDGPU_RING_TYPE_SDMA: 1198 ring->funcs = adev->sdma.instance[0].ring.funcs; 1199 break; 1200 default: 1201 BUG(); 1202 } 1203 1204 r = amdgpu_ring_init(adev, ring, 1024, NULL, 0, 1205 AMDGPU_RING_PRIO_DEFAULT, NULL); 1206 if (r) 1207 goto clean_up_memory; 1208 1209 amdgpu_mes_ring_to_queue_props(adev, ring, &qprops); 1210 1211 dma_fence_wait(gang->process->vm->last_update, false); 1212 dma_fence_wait(ctx_data->meta_data_va->last_pt_update, false); 1213 amdgpu_mes_unlock(&adev->mes); ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 1214 1215 r = amdgpu_mes_add_hw_queue(adev, gang_id, &qprops, &queue_id); 1216 if (r) 1217 goto clean_up_ring; ^^^^^^^^^^^^^^^^^^ 1218 1219 ring->hw_queue_id = queue_id; 1220 ring->doorbell_index = qprops.doorbell_off; 1221 1222 if (queue_type == AMDGPU_RING_TYPE_GFX) 1223 sprintf(ring->name, "gfx_%d.%d.%d", pasid, gang_id, queue_id); 1224 else if (queue_type == AMDGPU_RING_TYPE_COMPUTE) 1225 sprintf(ring->name, "compute_%d.%d.%d", pasid, gang_id, 1226 queue_id); 1227 else if (queue_type == AMDGPU_RING_TYPE_SDMA) 1228 sprintf(ring->name, "sdma_%d.%d.%d", pasid, gang_id, 1229 queue_id); 1230 else 1231 BUG(); 1232 1233 *out = ring; 1234 return 0; 1235 1236 clean_up_ring: 1237 amdgpu_ring_fini(ring); 1238 clean_up_memory: 1239 kfree(ring); --> 1240 amdgpu_mes_unlock(&adev->mes); ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 1241 return r; 1242 } Fixes: d0c423b64765 ("drm/amdgpu/mes: use ring for kernel queue submission") Cc: Christian König Cc: Alex Deucher Cc: Hawking Zhang Suggested-by: Jack Xiao Reported by: Dan Carpenter Signed-off-by: Srinivasan Shanmugam Reviewed-by: Jack Xiao Signed-off-by: Alex Deucher (cherry picked from commit bfaf1883605fd0c0dbabacd67ed49708470d5ea4) commit 7760d7f93c764625fedca176891238675fd06d62 Author: Michael Chen Date: Tue Oct 8 15:29:50 2024 -0400 drm/amdgpu/mes: fix issue of writing to the same log buffer from 2 MES pipes With Unified MES enabled in gfx12, need separate event log buffer for the 2 MES pipes to avoid data overwrite. Signed-off-by: Michael Chen Reviewed-by: Jack Xiao Signed-off-by: Alex Deucher (cherry picked from commit 144df260f3daab42c4611021f929b3342de516e5) Cc: stable@vger.kernel.org # 6.11.x commit c0ec082f10b7a1fd25e8c1e2a686440da913b7a3 Author: Mohammed Anees Date: Wed Oct 9 17:58:31 2024 +0530 drm/amdgpu: prevent BO_HANDLES error from being overwritten Before this patch, if multiple BO_HANDLES chunks were submitted, the error -EINVAL would be correctly set but could be overwritten by the return value from amdgpu_cs_p1_bo_handles(). This patch ensures that if there are multiple BO_HANDLES, we stop. Fixes: fec5f8e8c6bc ("drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit") Signed-off-by: Mohammed Anees Reviewed-by: Christian König Signed-off-by: Pierre-Eric Pelloux-Prayer Signed-off-by: Alex Deucher (cherry picked from commit 40f2cd98828f454bdc5006ad3d94330a5ea164b7) Cc: stable@vger.kernel.org commit d2c72d96dff5ba408bb107193b53e3134a516c4b Author: Alex Deucher Date: Tue Oct 8 16:02:48 2024 -0400 drm/amdgpu: enable enforce_isolation sysfs node on VFs It should be enabled on both bare metal and VFs. Fixes: e189be9b2e38 ("drm/amdgpu: Add enforce_isolation sysfs attribute") Signed-off-by: Alex Deucher Cc: Srinivasan Shanmugam Cc: Amber Lin Reviewed-by: Srinivasan Shanmugam (cherry picked from commit dc8847b054fd6679866ed4ee861e069e54c10799) commit 1f021341eef41e77a633186e9be5223de2ce5d48 Author: Keith Busch Date: Tue Oct 15 07:30:17 2024 -0700 nvme-multipath: defer partition scanning We need to suppress the partition scan from occuring within the controller's scan_work context. If a path error occurs here, the IO will wait until a path becomes available or all paths are torn down, but that action also occurs within scan_work, so it would deadlock. Defer the partion scan to a different context that does not block scan_work. Reported-by: Hannes Reinecke Reviewed-by: Christoph Hellwig Signed-off-by: Keith Busch commit 09661f75e75cb6c1d2d8326a70c311d46729235f Author: Petr Pavlu Date: Tue Oct 15 13:24:29 2024 +0200 ring-buffer: Fix reader locking when changing the sub buffer order The function ring_buffer_subbuf_order_set() updates each ring_buffer_per_cpu and installs new sub buffers that match the requested page order. This operation may be invoked concurrently with readers that rely on some of the modified data, such as the head bit (RB_PAGE_HEAD), or the ring_buffer_per_cpu.pages and reader_page pointers. However, no exclusive access is acquired by ring_buffer_subbuf_order_set(). Modifying the mentioned data while a reader also operates on them can then result in incorrect memory access and various crashes. Fix the problem by taking the reader_lock when updating a specific ring_buffer_per_cpu in ring_buffer_subbuf_order_set(). Link: https://lore.kernel.org/linux-trace-kernel/20240715145141.5528-1-petr.pavlu@suse.com/ Link: https://lore.kernel.org/linux-trace-kernel/20241010195849.2f77cc3f@gandalf.local.home/ Link: https://lore.kernel.org/linux-trace-kernel/20241011112850.17212b25@gandalf.local.home/ Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Link: https://lore.kernel.org/20241015112440.26987-1-petr.pavlu@suse.com Fixes: 8e7b58c27b3c ("ring-buffer: Just update the subbuffers when changing their allocation order") Signed-off-by: Petr Pavlu Signed-off-by: Steven Rostedt (Google) commit 28aabffae6be54284869a91cd8bccd3720041129 Author: Jens Axboe Date: Tue Oct 15 08:58:25 2024 -0600 io_uring/sqpoll: close race on waiting for sqring entries When an application uses SQPOLL, it must wait for the SQPOLL thread to consume SQE entries, if it fails to get an sqe when calling io_uring_get_sqe(). It can do so by calling io_uring_enter(2) with the flag value of IORING_ENTER_SQ_WAIT. In liburing, this is generally done with io_uring_sqring_wait(). There's a natural expectation that once this call returns, a new SQE entry can be retrieved, filled out, and submitted. However, the kernel uses the cached sq head to determine if the SQRING is full or not. If the SQPOLL thread is currently in the process of submitting SQE entries, it may have updated the cached sq head, but not yet committed it to the SQ ring. Hence the kernel may find that there are SQE entries ready to be consumed, and return successfully to the application. If the SQPOLL thread hasn't yet committed the SQ ring entries by the time the application returns to userspace and attempts to get a new SQE, it will fail getting a new SQE. Fix this by having io_sqring_full() always use the user visible SQ ring head entry, rather than the internally cached one. Cc: stable@vger.kernel.org # 5.10+ Link: https://github.com/axboe/liburing/discussions/1267 Reported-by: Benedek Thaler Signed-off-by: Jens Axboe commit c8347f915e6779f6c861e7a041adf3559d51b363 Author: Jon Hunter Date: Wed Sep 25 17:05:04 2024 +0100 gpu: host1x: Fix boot regression for Tegra Commit 4c27ac45e622 ("gpu: host1x: Request syncpoint IRQs only during probe") caused a boot regression for the Tegra186 device. Following this update the function host1x_intr_init() now calls host1x_hw_intr_disable_all_syncpt_intrs() during probe. However, host1x_intr_init() is called before runtime power-management is enabled for Host1x and the function host1x_hw_intr_disable_all_syncpt_intrs() is accessing hardware registers. So if the Host1x hardware is not enabled prior to probing then the device will now hang on attempting to access the registers. So far this is only observed on Tegra186, but potentially could be seen on other devices. Fix this by moving the call to the function host1x_intr_init() in probe to after enabling the runtime power-management in the probe and update the failure path in probe as necessary. Fixes: 4c27ac45e622 ("gpu: host1x: Request syncpoint IRQs only during probe") Signed-off-by: Jon Hunter Signed-off-by: Thierry Reding Link: https://patchwork.freedesktop.org/patch/msgid/20240925160504.60221-1-jonathanh@nvidia.com (cherry picked from commit dc56f8428e5f34418f3243a60cec13166efe4fdb) Signed-off-by: Thierry Reding commit b0798838418abe996d9b618d341d865462264cbe Author: Gavin Shan Date: Mon Oct 14 10:47:24 2024 +1000 firmware: arm_ffa: Avoid string-fortify warning caused by memcpy() Copying from a 144 byte structure arm_smccc_1_2_regs at an offset of 32 into an 112 byte struct ffa_send_direct_data2 causes a compile-time warning: | In file included from drivers/firmware/arm_ffa/driver.c:25: | In function 'fortify_memcpy_chk', | inlined from 'ffa_msg_send_direct_req2' at drivers/firmware/arm_ffa/driver.c:504:3: | include/linux/fortify-string.h:580:4: warning: call to '__read_overflow2_field' | declared with 'warning' attribute: detected read beyond size of field | (2nd parameter); maybe use struct_group()? [-Wattribute-warning] | __read_overflow2_field(q_size_field, size); Fix it by not passing a plain buffer to memcpy() to avoid the overflow warning. Fixes: aaef3bc98129 ("firmware: arm_ffa: Add support for FFA_MSG_SEND_DIRECT_{REQ,RESP}2") Signed-off-by: Gavin Shan Message-Id: <20241014004724.991353-1-gshan@redhat.com> Signed-off-by: Sudeep Holla commit ffd95846c6ec6cf1f93da411ea10d504036cab42 Author: Zhang Rui Date: Tue Oct 15 14:15:22 2024 +0800 x86/apic: Always explicitly disarm TSC-deadline timer New processors have become pickier about the local APIC timer state before entering low power modes. These low power modes are used (for example) when you close your laptop lid and suspend. If you put your laptop in a bag and it is not in this low power mode, it is likely to get quite toasty while it quickly sucks the battery dry. The problem boils down to some CPUs' inability to power down until the CPU recognizes that the local APIC timer is shut down. The current kernel code works in one-shot and periodic modes but does not work for deadline mode. Deadline mode has been the supported and preferred mode on Intel CPUs for over a decade and uses an MSR to drive the timer instead of an APIC register. Disable the TSC Deadline timer in lapic_timer_shutdown() by writing to MSR_IA32_TSC_DEADLINE when in TSC-deadline mode. Also avoid writing to the initial-count register (APIC_TMICT) which is ignored in TSC-deadline mode. Note: The APIC_LVTT|=APIC_LVT_MASKED operation should theoretically be enough to tell the hardware that the timer will not fire in any of the timer modes. But mitigating AMD erratum 411[1] also requires clearing out APIC_TMICT. Solely setting APIC_LVT_MASKED is also ineffective in practice on Intel Lunar Lake systems, which is the motivation for this change. 1. 411 Processor May Exit Message-Triggered C1E State Without an Interrupt if Local APIC Timer Reaches Zero - https://www.amd.com/content/dam/amd/en/documents/archived-tech-docs/revision-guides/41322_10h_Rev_Gd.pdf Fixes: 279f1461432c ("x86: apic: Use tsc deadline for oneshot when available") Suggested-by: Dave Hansen Signed-off-by: Zhang Rui Signed-off-by: Dave Hansen Reviewed-by: Rafael J. Wysocki Tested-by: Srinivas Pandruvada Tested-by: Todd Brandt Cc: stable@vger.kernel.org Link: https://lore.kernel.org/all/20241015061522.25288-1-rui.zhang%40intel.com commit fed13a5478680614ba97fc87e71f16e2e197912e Author: Mikulas Patocka Date: Mon Oct 7 13:38:12 2024 +0200 dm: fix a crash if blk_alloc_disk fails If blk_alloc_disk fails, the variable md->disk is set to an error value. cleanup_mapped_device will see that md->disk is non-NULL and it will attempt to access it, causing a crash on this statement "md->disk->private_data = NULL;". Signed-off-by: Mikulas Patocka Reported-by: Chenyuan Yang Closes: https://marc.info/?l=dm-devel&m=172824125004329&w=2 Cc: stable@vger.kernel.org Reviewed-by: Nitesh Shetty commit 637c4f6fe40befa04f19c38b5d15429cbb9191d9 Author: Colin Ian King Date: Thu Oct 10 16:45:19 2024 +0100 octeontx2-af: Fix potential integer overflows on integer shifts The left shift int 32 bit integer constants 1 is evaluated using 32 bit arithmetic and then assigned to a 64 bit unsigned integer. In the case where the shift is 32 or more this can lead to an overflow. Avoid this by shifting using the BIT_ULL macro instead. Fixes: 019aba04f08c ("octeontx2-af: Modify SMQ flush sequence to drop packets") Signed-off-by: Colin Ian King Reviewed-by: Dan Carpenter Link: https://patch.msgid.link/20241010154519.768785-1-colin.i.king@gmail.com Signed-off-by: Paolo Abeni commit 7aed6a2c51ffc97a126e0ea0c270fab7af97ae18 Author: Will Deacon Date: Mon Oct 14 17:11:00 2024 +0100 kasan: Disable Software Tag-Based KASAN with GCC Syzbot reports a KASAN failure early during boot on arm64 when building with GCC 12.2.0 and using the Software Tag-Based KASAN mode: | BUG: KASAN: invalid-access in smp_build_mpidr_hash arch/arm64/kernel/setup.c:133 [inline] | BUG: KASAN: invalid-access in setup_arch+0x984/0xd60 arch/arm64/kernel/setup.c:356 | Write of size 4 at addr 03ff800086867e00 by task swapper/0 | Pointer tag: [03], memory tag: [fe] Initial triage indicates that the report is a false positive and a thorough investigation of the crash by Mark Rutland revealed the root cause to be a bug in GCC: > When GCC is passed `-fsanitize=hwaddress` or > `-fsanitize=kernel-hwaddress` it ignores > `__attribute__((no_sanitize_address))`, and instruments functions > we require are not instrumented. > > [...] > > All versions [of GCC] I tried were broken, from 11.3.0 to 14.2.0 > inclusive. > > I think we have to disable KASAN_SW_TAGS with GCC until this is > fixed Disable Software Tag-Based KASAN when building with GCC by making CC_HAS_KASAN_SW_TAGS depend on !CC_IS_GCC. Cc: Andrey Konovalov Suggested-by: Mark Rutland Reported-by: syzbot+908886656a02769af987@syzkaller.appspotmail.com Link: https://lore.kernel.org/r/000000000000f362e80620e27859@google.com Link: https://lore.kernel.org/r/ZvFGwKfoC4yVjN_X@J2N7QTR9R3 Link: https://bugzilla.kernel.org/show_bug.cgi?id=218854 Reviewed-by: Andrey Konovalov Acked-by: Mark Rutland Link: https://lore.kernel.org/r/20241014161100.18034-1-will@kernel.org Signed-off-by: Will Deacon commit 1cff6ff302f5703a627f9ee1d99131161ea2683e Author: Paritosh Dixit Date: Thu Oct 10 10:29:08 2024 -0400 net: stmmac: dwmac-tegra: Fix link bring-up sequence The Tegra MGBE driver sometimes fails to initialize, reporting the following error, and as a result, it is unable to acquire an IP address with DHCP: tegra-mgbe 6800000.ethernet: timeout waiting for link to become ready As per the recommendation from the Tegra hardware design team, fix this issue by: - clearing the PHY_RDY bit before setting the CDR_RESET bit and then setting PHY_RDY bit before clearing CDR_RESET bit. This ensures valid data is present at UPHY RX inputs before starting the CDR lock. - adding the required delays when bringing up the UPHY lane. Note we need to use delays here because there is no alternative, such as polling, for these cases. Using the usleep_range() instead of ndelay() as sleeping is preferred over busy wait loop. Without this change we would see link failures on boot sometimes as often as 1 in 5 boots. With this fix we have not observed any failures in over 1000 boots. Fixes: d8ca113724e7 ("net: stmmac: tegra: Add MGBE support") Signed-off-by: Paritosh Dixit Link: https://patch.msgid.link/20241010142908.602712-1-paritoshd@nvidia.com Signed-off-by: Paolo Abeni commit f6f91d290c8b9da6e671bd15f306ad2d0e635a04 Author: Christoph Hellwig Date: Tue Oct 8 10:59:21 2024 +0200 xfs: punch delalloc extents from the COW fork for COW writes When ->iomap_end is called on a short write to the COW fork it needs to punch stale delalloc data from the COW fork and not the data fork. Ensure that IOMAP_F_NEW is set for new COW fork allocations in xfs_buffered_write_iomap_begin, and then use the IOMAP_F_SHARED flag in xfs_buffered_write_delalloc_punch to decide which fork to punch. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit 7d6fe5c586e6a866f9e69a5bdd72a72b977bab8e Author: Christoph Hellwig Date: Tue Oct 8 10:59:20 2024 +0200 xfs: set IOMAP_F_SHARED for all COW fork allocations Change to always set xfs_buffered_write_iomap_begin for COW fork allocations even if they don't overlap existing data fork extents, which will allow the iomap_end callback to detect if it has to punch stale delalloc blocks from the COW fork instead of the data fork. It also means we sample the sequence counter for both the data and the COW fork when writing to the COW fork, which ensures we properly revalidate when only COW fork changes happens. This is essentially a revert of commit 72a048c1056a ("xfs: only set IOMAP_F_SHARED when providing a srcmap to a write"). This is fine because the problem that the commit fixed has now been dealt with in iomap by only looking at the actual srcmap and not the fallback to the write iomap. Note that the direct I/O path was never changed and has always set IOMAP_F_SHARED for all COW fork allocations. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit c29440ff66d6f24be5e9e313c1c0eca7212faf9e Author: Christoph Hellwig Date: Tue Oct 8 10:59:19 2024 +0200 xfs: share more code in xfs_buffered_write_iomap_begin Introduce a local iomap_flags variable so that the code allocating new delalloc blocks in the data fork can fall through to the found_imap label and reuse the code to unlock and fill the iomap. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit 8fe3b21efa075f29d64a34000e84f89cfaa6cd80 Author: Christoph Hellwig Date: Tue Oct 8 10:59:18 2024 +0200 xfs: support the COW fork in xfs_bmap_punch_delalloc_range xfs_buffered_write_iomap_begin can also create delallocate reservations that need cleaning up, prepare for that by adding support for the COW fork in xfs_bmap_punch_delalloc_range. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit abd7d651ad2cd2ab1b8cd4dd31e80a8255196db3 Author: Christoph Hellwig Date: Tue Oct 8 10:59:17 2024 +0200 xfs: IOMAP_ZERO and IOMAP_UNSHARE already hold invalidate_lock All XFS callers of iomap_zero_range and iomap_file_unshare already hold invalidate_lock, so we can't take it again in iomap_file_buffered_write_punch_delalloc. Use the passed in flags argument to detect if we're called from a zero or unshare operation and don't take the lock again in this case. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit acfbac776496f2093e9facf7876b4015ef8c3d1d Author: Christoph Hellwig Date: Tue Oct 8 10:59:16 2024 +0200 xfs: take XFS_MMAPLOCK_EXCL xfs_file_write_zero_eof xfs_file_write_zero_eof is the only caller of xfs_zero_range that does not take XFS_MMAPLOCK_EXCL (aka the invalidate lock). Currently that is actually the right thing, as an error in the iomap zeroing code will also take the invalidate_lock to clean up, but to fix that deadlock we need a consistent locking pattern first. The only extra thing that XFS_MMAPLOCK_EXCL will lock out are read pagefaults, which isn't really needed here, but also not actively harmful. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit 3c399374af28b158854701da324a7bff576f5a97 Author: Christoph Hellwig Date: Tue Oct 8 10:59:15 2024 +0200 xfs: factor out a xfs_file_write_zero_eof helper Split a helper from xfs_file_write_checks that just deal with the post-EOF zeroing to keep the code readable. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit b78495166264fee1ed7ac44627e1dd080bbdf283 Author: Christoph Hellwig Date: Tue Oct 8 10:59:14 2024 +0200 iomap: move locking out of iomap_write_delalloc_release XFS (which currently is the only user of iomap_write_delalloc_release) already holds invalidate_lock for most zeroing operations. To be able to avoid a deadlock it needs to stop taking the lock, but doing so in iomap would leak XFS locking details into iomap. To avoid this require the caller to hold invalidate_lock when calling iomap_write_delalloc_release instead of taking it there. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit caf0ea451d97c33c5bbaa0074dad33b0b2a4e649 Author: Christoph Hellwig Date: Tue Oct 8 10:59:13 2024 +0200 iomap: remove iomap_file_buffered_write_punch_delalloc Currently iomap_file_buffered_write_punch_delalloc can be called from XFS either with the invalidate lock held or not. To fix this while keeping the locking in the file system and not the iomap library code we'll need to life the locking up into the file system. To prepare for that, open code iomap_file_buffered_write_punch_delalloc in the only caller, and instead export iomap_write_delalloc_release. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit c0adf8c3a9bf33f1dd1bf950601380f46a3fcec3 Author: Christoph Hellwig Date: Tue Oct 8 10:59:12 2024 +0200 iomap: factor out a iomap_last_written_block helper Split out a pice of logic from iomap_file_buffered_write_punch_delalloc that is useful for all iomap_end implementations. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit b62f4c186c70aa235fef2da68d07325d85ca3ade Author: Oliver Neukum Date: Thu Oct 10 15:19:14 2024 +0200 net: usb: usbnet: fix race in probe failure The same bug as in the disconnect code path also exists in the case of a failure late during the probe process. The flag must also be set. Signed-off-by: Oliver Neukum Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Link: https://patch.msgid.link/20241010131934.1499695-1-oneukum@suse.com Signed-off-by: Paolo Abeni commit 6e02a277f1db24fa039e23783c8921c7b0e5b1b3 Author: Lu Baolu Date: Mon Oct 14 09:37:44 2024 +0800 iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices Previously, the domain_context_clear() function incorrectly called pci_for_each_dma_alias() to set up context entries for non-PCI devices. This could lead to kernel hangs or other unexpected behavior. Add a check to only call pci_for_each_dma_alias() for PCI devices. For non-PCI devices, domain_context_clear_one() is called directly. Reported-by: Todd Brandt Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219363 Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219349 Fixes: 9a16ab9d6402 ("iommu/vt-d: Make context clearing consistent with context mapping") Cc: stable@vger.kernel.org Signed-off-by: Lu Baolu Link: https://lore.kernel.org/r/20241014013744.102197-2-baolu.lu@linux.intel.com Signed-off-by: Joerg Roedel commit 8e8a69bc776ad7d70357237d5a67bc904c4193aa Merge: 8e929cb546ee42 7de7d35429aa2e Author: Joerg Roedel Date: Tue Oct 15 10:16:22 2024 +0200 Merge tag 'arm-smmu-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/will/linux into fixes Arm SMMU fixes for 6.12 - Clarify warning message when failing to disable the MMU-500 prefetcher - Fix undefined behaviour in calculation of L1 stream-table index when 32-bit StreamIDs are implemented - Replace a rogue comma with a semicolon commit bb94f56b9cfa4a946a43492b2a13ecb5b9b571bc Author: Bartosz Golaszewski Date: Tue Oct 15 08:53:29 2024 +0200 fbdev: da8xx: remove the driver This driver is no longer used on any platform. It has been replaced by tilcdc on the two DaVinci boards we still support and can be removed. Signed-off-by: Bartosz Golaszewski Acked-by: Thomas Zimmermann Signed-off-by: Helge Deller commit 161e95b899a624b877c13a83e4cc720aa56514b4 Author: Christophe JAILLET Date: Sun Oct 13 13:48:01 2024 +0200 fbdev: Constify struct sbus_mmap_map 'struct sbus_mmap_map' are not modified in these drivers. Constifying this structure moves some data to a read-only section, so increases overall security. Update sbusfb_mmap_helper() accordingly. On a x86_64, with allmodconfig, as an example: Before: ====== text data bss dec hex filename 2452 536 16 3004 bbc drivers/video/fbdev/bw2.o After: ===== text data bss dec hex filename 2500 483 16 2999 bb7 drivers/video/fbdev/bw2.o Signed-off-by: Christophe JAILLET Signed-off-by: Helge Deller commit 57e755d333d1465c1cbf31d28245d429e1015beb Author: SurajSonawane2415 Date: Sun Oct 6 12:45:14 2024 +0530 fbdev: nvidiafb: fix inconsistent indentation warning Fix the indentation to ensure consistent code style and improve readability, and to fix this warning: drivers/video/fbdev/nvidia/nv_hw.c:1512 NVLoadStateExt() warn: inconsistent indenting Signed-off-by: SurajSonawane2415 Signed-off-by: Helge Deller commit 447794e44744aff3c0f11942b83b878b8bb6f72b Author: Gonzalo Silvalde Blanco Date: Fri Oct 4 17:24:29 2024 +0200 fbdev: sstfb: Make CONFIG_FB_DEVICE optional The sstfb driver currently depends on CONFIG_FB_DEVICE to create sysfs entries and access info->dev. This patch wraps the relevant code blocks with #ifdef CONFIG_FB_DEVICE, allowing the driver to be built and used even if CONFIG_FB_DEVICE is not selected. The sysfs setting only controls the VGA pass-through state and is not required for the display to work correctly. (See: http://vogonswiki.com/index.php/VGA_passthrough_cable for more information.) Added some fixes from Thomas Zimmermann. Signed-off-by: Gonzalo Silvalde Blanco Signed-off-by: Thomas Zimmermann Reviewed-by: Thomas Zimmermann Signed-off-by: Helge Deller commit 71dce222d5865ccb19b231a84d26ca316a65e255 Author: Pierre-Louis Bossart Date: Tue Oct 1 15:06:11 2024 +0800 ALSA/hda: intel-sdw-acpi: add support for sdw-manager-list property read The DisCo for SoundWire 2.0 spec adds support for a new sdw-manager-list property. Add it in backwards-compatible mode with 'sdw-master-count', which assumed that all links between 0..count-1 exist. Signed-off-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20241001070611.63288-5-yung-chuan.liao@linux.intel.com commit 8782ba96851c137388fd2af1cca5d5d537788aad Author: Pierre-Louis Bossart Date: Tue Oct 1 15:06:10 2024 +0800 ALSA/hda: intel-sdw-acpi: simplify sdw-master-count property read For some reason we used an array of one u8 when the specification requires a u32. Signed-off-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20241001070611.63288-4-yung-chuan.liao@linux.intel.com commit 5b1b5631d8b68a5d7d4ef2c489377696596e89a1 Author: Pierre-Louis Bossart Date: Tue Oct 1 15:06:09 2024 +0800 ALSA/hda: intel-sdw-acpi: fetch fwnode once in sdw_intel_scan_controller() Optimize a bit by using an intermediate 'fwnode' variable. Suggested-by: Andy Shevchenko Signed-off-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20241001070611.63288-3-yung-chuan.liao@linux.intel.com commit 9d94c58316bc1c40c21d284dfbe9358b223eadd1 Author: Pierre-Louis Bossart Date: Tue Oct 1 15:06:08 2024 +0800 ALSA/hda: intel-sdw-acpi: cleanup sdw_intel_scan_controller Remove unnecessary initialization and un-shadow return code. Suggested-by: Andy Shevchenko Signed-off-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20241001070611.63288-2-yung-chuan.liao@linux.intel.com commit fa88dc7db176c79b50adb132a56120a1d4d9d18b Author: Hans Verkuil Date: Tue Oct 1 11:01:34 2024 +0200 media: dvb-core: add missing buffer index check dvb_vb2_expbuf() didn't check if the given buffer index was for a valid buffer. Add this check. Signed-off-by: Hans Verkuil Reported-by: Chenyuan Yang Closes: https://lore.kernel.org/linux-media/?q=WARNING+in+vb2_core_reqbufs Fixes: 7dc866df4012 ("media: dvb-core: Use vb2_get_buffer() instead of directly access to buffers array") Reviewed-by: Benjamin Gaignard Cc: Signed-off-by: Mauro Carvalho Chehab commit eabb03810194b75417b09cff8a526d26939736ac Author: Jean Delvare Date: Mon Oct 14 22:04:26 2024 +0200 [PATCH} hwmon: (jc42) Properly detect TSE2004-compliant devices again Commit b3e992f69c23 ("hwmon: (jc42) Strengthen detect function") attempted to make the detect function more robust for TSE2004-compliant devices by checking capability bits which, according to the JEDEC 21-C specification, should always be set. Unfortunately, not all real-world implementations fully adhere to this specification, so this change caused a regression. Stop testing bit 7 (EVSD) of the Capabilities register, as it was found to be 0 on one real-world device. Also stop testing bits 0 (EVENT) and 2 (RANGE) as vendor datasheets (Renesas TSE2004GB2B0, ST STTS2004) suggest that they may not always be set either. Signed-off-by: Jean Delvare Message-ID: <20241014141204.026f4641@endymion.delvare> Fixes: b3e992f69c23 ("hwmon: (jc42) Strengthen detect function") Message-ID: <20241014220426.0c8f4d9c@endymion.delvare> Signed-off-by: Guenter Roeck commit 25c12b459db8365fee84b63f3dd7910f70627f29 Author: Kai Shen Date: Thu Oct 10 11:56:24 2024 +0000 net/smc: Fix memory leak when using percpu refs This patch adds missing percpu_ref_exit when releasing percpu refs. When releasing percpu refs, percpu_ref_exit should be called. Otherwise, memory leak happens. Fixes: 79a22238b4f2 ("net/smc: Use percpu ref for wr tx reference") Signed-off-by: Kai Shen Reviewed-by: Dust Li Reviewed-by: Wenjia Zhang Link: https://patch.msgid.link/20241010115624.7769-1-KaiShen@linux.alibaba.com Signed-off-by: Jakub Kicinski commit e3e4e5667d134e37cad83049071545b7475dd23a Merge: 0b84db5d8f258d ea531dc66e27dc Author: Jakub Kicinski Date: Mon Oct 14 17:22:45 2024 -0700 Merge branch 'posix-clock-fix-missing-timespec64-check-for-ptp-clock' Jinjie Ruan says: ==================== posix-clock: Fix missing timespec64 check for PTP clock Check timespec64 in pc_clock_settime() for PTP clock as the man manual of clock_settime() said. ==================== Link: https://patch.msgid.link/20241009072302.1754567-1-ruanjinjie@huawei.com Signed-off-by: Jakub Kicinski commit ea531dc66e27dcc5216bee1a76d1c052ab9eb5b6 Author: Jinjie Ruan Date: Wed Oct 9 15:23:02 2024 +0800 net: lan743x: Remove duplicate check Since timespec64_valid() has been checked in higher layer pc_clock_settime(), the duplicate check in lan743x_ptpci_settime64() can be removed. Acked-by: Richard Cochran Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20241009072302.1754567-3-ruanjinjie@huawei.com Signed-off-by: Jakub Kicinski commit d8794ac20a299b647ba9958f6d657051fc51a540 Author: Jinjie Ruan Date: Wed Oct 9 15:23:01 2024 +0800 posix-clock: Fix missing timespec64 check in pc_clock_settime() As Andrew pointed out, it will make sense that the PTP core checked timespec64 struct's tv_sec and tv_nsec range before calling ptp->info->settime64(). As the man manual of clock_settime() said, if tp.tv_sec is negative or tp.tv_nsec is outside the range [0..999,999,999], it should return EINVAL, which include dynamic clocks which handles PTP clock, and the condition is consistent with timespec64_valid(). As Thomas suggested, timespec64_valid() only check the timespec is valid, but not ensure that the time is in a valid range, so check it ahead using timespec64_valid_strict() in pc_clock_settime() and return -EINVAL if not valid. There are some drivers that use tp->tv_sec and tp->tv_nsec directly to write registers without validity checks and assume that the higher layer has checked it, which is dangerous and will benefit from this, such as hclge_ptp_settime(), igb_ptp_settime_i210(), _rcar_gen4_ptp_settime(), and some drivers can remove the checks of itself. Cc: stable@vger.kernel.org Fixes: 0606f422b453 ("posix clocks: Introduce dynamic clocks") Acked-by: Richard Cochran Suggested-by: Andrew Lunn Suggested-by: Thomas Gleixner Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20241009072302.1754567-2-ruanjinjie@huawei.com Signed-off-by: Jakub Kicinski commit e02bfea4d7ef587bb285ad5825da4e1973ac8263 Author: Barnabás Czémán Date: Sun Oct 6 22:51:58 2024 +0200 clk: qcom: clk-alpha-pll: Fix pll post div mask when width is not set Many qcom clock drivers do not have .width set. In that case value of (p)->width - 1 will be negative which breaks clock tree. Fix this by checking if width is zero, and pass 3 to GENMASK if that's the case. Fixes: 1c3541145cbf ("clk: qcom: support for 2 bit PLL post divider") Signed-off-by: Barnabás Czémán Reviewed-by: Dmitry Baryshkov Reviewed-by: Christopher Obbard Tested-by: Christopher Obbard Link: https://lore.kernel.org/r/20241006-fix-postdiv-mask-v3-1-160354980433@mainlining.org Signed-off-by: Bjorn Andersson commit 5d3d966400d0a094359009147d742b3926a2ea53 Author: Dmitry Baryshkov Date: Sun Oct 6 19:47:56 2024 +0300 arm64: dts: qcom: sm8450 fix PIPE clock specification for pcie1 For historical reasons on SM8450 the second PCIe host (pcie1) also keeps a reference to the PIPE clock coming from the PHY. Commit e76862840660 ("arm64: dts: qcom: sm8450: correct pcie1 phy clocks inputs to gcc") has updated the PHY to use #clock-cells = <1>, making just <&pcie1_phy> clock specification invalid. Update corresponding clock entry in the PCIe1 host node. /soc@0/pcie@1c08000: Failed to get clk index: 2 ret: -22 qcom-pcie 1c08000.pcie: Failed to get clocks qcom-pcie 1c08000.pcie: probe with driver qcom-pcie failed with error -22 Fixes: e76862840660 ("arm64: dts: qcom: sm8450: correct pcie1 phy clocks inputs to gcc") Signed-off-by: Dmitry Baryshkov Reviewed-by: Konrad Dybcio Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20241006-fix-sm8450-pcie1-v1-1-4f227c9082ed@linaro.org Signed-off-by: Bjorn Andersson commit 3cc4e13bb1617f6a13e5e6882465984148743cf4 Author: Xiu Jianfeng Date: Sat Oct 12 07:22:46 2024 +0000 cgroup: Fix potential overflow issue when checking max_depth cgroup.max.depth is the maximum allowed descent depth below the current cgroup. If the actual descent depth is equal or larger, an attempt to create a new child cgroup will fail. However due to the cgroup->max_depth is of int type and having the default value INT_MAX, the condition 'level > cgroup->max_depth' will never be satisfied, and it will cause an overflow of the level after it reaches to INT_MAX. Fix it by starting the level from 0 and using '>=' instead. It's worth mentioning that this issue is unlikely to occur in reality, as it's impossible to have a depth of INT_MAX hierarchy, but should be be avoided logically. Fixes: 1a926e0bbab8 ("cgroup: implement hierarchy limits") Signed-off-by: Xiu Jianfeng Reviewed-by: Michal Koutný Signed-off-by: Tejun Heo commit 80fe25fcc605209b707583e3337e3cd40b7ed0bf Author: Abel Vesa Date: Mon Oct 14 10:38:20 2024 +0300 arm64: dts: qcom: x1e80100: Add Broadcast_AND region in LLCC block Add missing Broadcast_AND region to the LLCC block for x1e80100, as the LLCC version on this platform is 4.1 and it provides the region. This also fixes the following error caused by the missing region: [ 3.797768] qcom-llcc 25000000.system-cache-controller: error -EINVAL: invalid resource (null) This error started showing up only after the new regmap region called Broadcast_AND that has been added to the llcc-qcom driver. Cc: stable@vger.kernel.org # 6.11: 055afc34fd21: soc: qcom: llcc: Add regmap for Broadcast_AND region Fixes: af16b00578a7 ("arm64: dts: qcom: Add base X1E80100 dtsi and the QCP dts") Signed-off-by: Abel Vesa Link: https://lore.kernel.org/r/20241014-x1e80100-dts-llcc-add-broadcastand_region-v2-1-5ee6ac128627@linaro.org Signed-off-by: Bjorn Andersson commit 60e339be100d7d49e13616bd8b4b1b864f0a64a0 Author: David Vernet Date: Mon Oct 14 12:58:30 2024 -0500 sched_ext: Remove unnecessary cpu_relax() As described in commit b07996c7abac ("sched_ext: Don't hold scx_tasks_lock for too long"), we're doing a cond_resched() every 32 calls to scx_task_iter_next() to avoid RCU and other stalls. That commit also added a cpu_relax() to the codepath where we drop and reacquire the lock, but as Waiman described in [0], cpu_relax() should only be necessary in busy loops to avoid pounding on a cacheline (or to allow a hypertwin to more fully utilize a core). Let's remove the unnecessary cpu_relax(). [0]: https://lore.kernel.org/all/35b3889b-904a-4d26-981f-c8aa1557a7c7@redhat.com/ Cc: Waiman Long Signed-off-by: David Vernet Signed-off-by: Tejun Heo commit da1642bc97c4ef67f347edcd493bd0a52f88777b Author: Justin Chen Date: Mon Oct 14 09:07:17 2024 -0700 firmware: arm_scmi: Queue in scmi layer for mailbox implementation send_message() does not block in the MBOX implementation. This is because the mailbox layer has its own queue. However, this confuses the per xfer timeouts as they all start their timeout ticks in parallel. Consider a case where the xfer timeout is 30ms and a SCMI transaction takes 25ms: | 0ms: Message #0 is queued in mailbox layer and sent out, then sits | at scmi_wait_for_message_response() with a timeout of 30ms | 1ms: Message #1 is queued in mailbox layer but not sent out yet. | Since send_message() doesn't block, it also sits at | scmi_wait_for_message_response() with a timeout of 30ms | ... | 25ms: Message #0 is completed, txdone is called and message #1 is sent | 31ms: Message #1 times out since the count started at 1ms. Even though | it has only been inflight for 6ms. Fixes: 5c8a47a5a91d ("firmware: arm_scmi: Make scmi core independent of the transport type") Signed-off-by: Justin Chen Message-Id: <20241014160717.1678953-1-justin.chen@broadcom.com> Reviewed-by: Cristian Marussi Tested-by: Cristian Marussi Signed-off-by: Sudeep Holla commit e4a45582db1b792c57bdb52c45958264f7fcfbdc Author: Douglas Anderson Date: Mon Oct 14 09:36:09 2024 -0700 drm/msm: Allocate memory for disp snapshot with kvzalloc() With the "drm/msm: add a display mmu fault handler" series [1] we saw issues in the field where memory allocation was failing when allocating space for registers in msm_disp_state_dump_regs(). Specifically we were seeing an order 5 allocation fail. It's not surprising that order 5 allocations will sometimes fail after the system has been up and running for a while. There's no need here for contiguous memory. Change the allocation to kvzalloc() which should make it much less likely to fail. [1] https://lore.kernel.org/r/20240628214848.4075651-1-quic_abhinavk@quicinc.com/ Fixes: 98659487b845 ("drm/msm: add support to take dpu snapshot") Signed-off-by: Douglas Anderson Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/619658/ Link: https://lore.kernel.org/r/20241014093605.2.I72441365ffe91f3dceb17db0a8ec976af8139590@changeid Signed-off-by: Abhinav Kumar commit 293f53263266bc4340d777268ab4328a97f041fa Author: Douglas Anderson Date: Mon Oct 14 09:36:08 2024 -0700 drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() If the allocation in msm_disp_state_dump_regs() failed then `block->state` can be NULL. The msm_disp_state_print_regs() function _does_ have code to try to handle it with: if (*reg) dump_addr = *reg; ...but since "dump_addr" is initialized to NULL the above is actually a noop. The code then goes on to dereference `dump_addr`. Make the function print "Registers not stored" when it sees a NULL to solve this. Since we're touching the code, fix msm_disp_state_print_regs() not to pointlessly take a double-pointer and properly mark the pointer as `const`. Fixes: 98659487b845 ("drm/msm: add support to take dpu snapshot") Signed-off-by: Douglas Anderson Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/619657/ Link: https://lore.kernel.org/r/20241014093605.1.Ia1217cecec9ef09eb3c6d125360cc6c8574b0e73@changeid Signed-off-by: Abhinav Kumar commit 358b762400bd94db2a14a72dfcef74c7da6bd845 Author: Jonathan Marek Date: Mon Oct 7 01:01:49 2024 -0400 drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation When (mode->clock * 1000) is larger than (1<<31), int to unsigned long conversion will sign extend the int to 64 bits and the pclk_rate value will be incorrect. Fix this by making the result of the multiplication unsigned. Note that above (1<<32) would still be broken and require more changes, but its unlikely anyone will need that anytime soon. Fixes: c4d8cfe516dc ("drm/msm/dsi: add implementation for helper functions") Signed-off-by: Jonathan Marek Reviewed-by: Dmitry Baryshkov Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/618434/ Link: https://lore.kernel.org/r/20241007050157.26855-2-jonathan@marek.ca Signed-off-by: Abhinav Kumar commit 24436a540d16ca6a523b8e5441180001c31b6b35 Author: Jonathan Marek Date: Mon Oct 7 01:01:48 2024 -0400 drm/msm/dsi: improve/fix dsc pclk calculation drm_mode_vrefresh() can introduce a large rounding error, avoid it. Fixes: 7c9e4a554d4a ("drm/msm/dsi: Reduce pclk rate for compression") Signed-off-by: Jonathan Marek Reviewed-by: Dmitry Baryshkov Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/618432/ Link: https://lore.kernel.org/r/20241007050157.26855-1-jonathan@marek.ca Signed-off-by: Abhinav Kumar commit f260ed880c1fbe6bd7fab47708a659e9df2bdbde Author: Dmitry Baryshkov Date: Sun Sep 22 00:14:48 2024 +0300 drm/msm/hdmi: drop pll_cmp_to_fdata from hdmi_phy_8998 The pll_cmp_to_fdata() was never used by the working code. Drop it to prevent warnings with W=1 and clang. Reported-by: Jani Nikula Closes: https://lore.kernel.org/dri-devel/3553b1db35665e6ff08592e35eb438a574d1ad65.1725962479.git.jani.nikula@intel.com Signed-off-by: Dmitry Baryshkov Reviewed-by: Jani Nikula Fixes: caedbf17c48d ("drm/msm: add msm8998 hdmi phy/pll support") Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/615348/ Link: https://lore.kernel.org/r/20240922-msm-drop-unused-func-v1-1-c5dc083415b8@linaro.org Signed-off-by: Abhinav Kumar commit 3a0851b442d1f63ba42ecfa2506d3176cfabf9d4 Author: Dmitry Baryshkov Date: Tue Sep 3 06:22:46 2024 +0300 drm/msm/dpu: check for overflow in _dpu_crtc_setup_lm_bounds() Make _dpu_crtc_setup_lm_bounds() check that CRTC width is not overflowing LM requirements. Rename the function accordingly. Fixes: 25fdd5933e4c ("drm/msm: Add SDM845 DPU support") Reviewed-by: Abhinav Kumar Tested-by: Abhinav Kumar # sc7280 Signed-off-by: Dmitry Baryshkov Patchwork: https://patchwork.freedesktop.org/patch/612237/ Link: https://lore.kernel.org/r/20240903-dpu-mode-config-width-v6-3-617e1ecc4b7a@linaro.org Signed-off-by: Abhinav Kumar commit 3ae133b0192b9b0c9f560bbc096887053150195f Author: Dmitry Baryshkov Date: Tue Sep 3 06:22:45 2024 +0300 drm/msm/dpu: move CRTC resource assignment to dpu_encoder_virt_atomic_check Historically CRTC resources (LMs and CTLs) were assigned in dpu_crtc_atomic_begin(). The commit 9222cdd27e82 ("drm/msm/dpu: move hw resource tracking to crtc state") simply moved resources to struct dpu_crtc_state, without changing the code sequence. Later on the commit b107603b4ad0 ("drm/msm/dpu: map mixer/ctl hw blocks in encoder modeset") rearanged the code, but still kept the cstate->num_mixers assignment to happen during commit phase. This makes dpu_crtc_state inconsistent between consequent atomic_check() calls. Move CRTC resource assignment to happen at the end of dpu_encoder_virt_atomic_check(). Fixes: b107603b4ad0 ("drm/msm/dpu: map mixer/ctl hw blocks in encoder modeset") Signed-off-by: Dmitry Baryshkov Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/612235/ Link: https://lore.kernel.org/r/20240903-dpu-mode-config-width-v6-2-617e1ecc4b7a@linaro.org Signed-off-by: Abhinav Kumar commit bfecbc2cfba9b06d67d9d249c33d92e570e2fa70 Author: Dmitry Baryshkov Date: Tue Sep 3 06:22:44 2024 +0300 drm/msm/dpu: make sure phys resources are properly initialized The commit b954fa6baaca ("drm/msm/dpu: Refactor rm iterator") removed zero-init of the hw_ctl array, but didn't change the error condition, that checked for hw_ctl[i] being NULL. At the same time because of the early returns in case of an error dpu_encoder_phys might be left with the resources assigned in the previous state. Rework assigning of hw_pp / hw_ctl to the dpu_encoder_phys in order to make sure they are always set correctly. Fixes: b954fa6baaca ("drm/msm/dpu: Refactor rm iterator") Suggested-by: Abhinav Kumar Signed-off-by: Dmitry Baryshkov Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/612233/ Link: https://lore.kernel.org/r/20240903-dpu-mode-config-width-v6-1-617e1ecc4b7a@linaro.org Signed-off-by: Abhinav Kumar commit 629253b2f6d74e7bf9e7e3134ed6c8355a3c8619 Author: Arnd Bergmann Date: Mon Sep 9 11:09:24 2024 +0000 firmware: arm_ffa: Avoid string-fortify warning in export_uuid() Copying to a 16 byte structure into an 8-byte struct member causes a compile-time warning: | In file included from drivers/firmware/arm_ffa/driver.c:25: | In function 'fortify_memcpy_chk', | inlined from 'export_uuid' at include/linux/uuid.h:88:2, | inlined from 'ffa_msg_send_direct_req2' at drivers/firmware/arm_ffa/driver.c:488:2: | include/linux/fortify-string.h:571:25: error: call to '__write_overflow_field' | declared with attribute warning: detected write beyond size of field | (1st parameter); maybe use struct_group()? [-Werror=attribute-warning] | __write_overflow_field(p_size_field, size); Use a union for the conversion instead and make sure the byte order is fixed in the process. Fixes: aaef3bc98129 ("firmware: arm_ffa: Add support for FFA_MSG_SEND_DIRECT_{REQ,RESP}2") Signed-off-by: Arnd Bergmann Message-Id: <20240909110938.247976-1-arnd@kernel.org> Signed-off-by: Sudeep Holla commit 2cf9733891a460a16a209fcc20fbd138605b13b8 Author: Steven Rostedt Date: Fri Oct 11 16:52:24 2024 -0400 ring-buffer: Fix refcount setting of boot mapped buffers A ring buffer which has its buffered mapped at boot up to fixed memory should not be freed. Other buffers can be. The ref counting setup was wrong for both. It made the not mapped buffers ref count have zero, and the boot mapped buffer a ref count of 1. But an normally allocated buffer should be 1, where it can be removed. Keep the ref count of a normal boot buffer with its setup ref count (do not decrement it), and increment the fixed memory boot mapped buffer's ref count. Cc: Mathieu Desnoyers Link: https://lore.kernel.org/20241011165224.33dd2624@gandalf.local.home Fixes: e645535a954ad ("tracing: Add option to use memmapped memory for trace boot instance") Reviewed-by: Masami Hiramatsu (Google) Signed-off-by: Steven Rostedt (Google) commit eca631b8fe808748d7585059c4307005ca5c5820 Merge: 63fa605041843b 332fade75d0ecd Author: Linus Torvalds Date: Mon Oct 14 11:19:19 2024 -0700 Merge tag 'f2fs-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs Pull f2fs fix from Jaegeuk Kim: "An urgent fix to resolve DIO read performance regression caused by 'f2fs: fix to avoid racing in between read and OPU dio write'" * tag 'f2fs-6.12-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs: f2fs: allow parallel DIO reads commit 63fa605041843b50ebc8dca6483dbfa6e835c61a Merge: 6485cf5ea253d4 ae54567eaa87fd Author: Linus Torvalds Date: Mon Oct 14 11:12:09 2024 -0700 Merge tag 'erofs-for-6.12-rc4-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs Pull erofs fixes from Gao Xiang: "The main one fixes a syzbot issue due to the invalid inode type out of file-backed mounts. The others are minor cleanups without actual logic changes. Summary: - Make sure only regular inodes can be used for file-backed mounts - Two minor codebase cleanups" * tag 'erofs-for-6.12-rc4-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs: erofs: get rid of kaddr in `struct z_erofs_maprecorder` erofs: get rid of z_erofs_try_to_claim_pcluster() erofs: ensure regular inodes for file-backed mounts commit d35f40642904b017d1301340734b91aef69d1c0c Author: Jai Luthra Date: Mon Sep 30 13:02:54 2024 -0400 dmaengine: ti: k3-udma: Set EOP for all TRs in cyclic BCDMA transfer When receiving data in cyclic mode from PDMA peripherals, where reload count is set to infinite, any TR in the set can potentially be the last one of the overall transfer. In such cases, the EOP flag needs to be set in each TR and PDMA's Static TR "Z" parameter should be set, matching the size of the TR. This is required for the teardown to function properly and cleanup the internal state memory. This only affects platforms using BCDMA and not those using UDMA-P, which could set EOP flag in the teardown TR automatically. Similarly when transmitting data in cyclic mode to PDMA peripherals, the EOP flag needs to be set to get the teardown completion signal correctly. Fixes: 017794739702 ("dmaengine: ti: k3-udma: Initial support for K3 BCDMA") Tested-by: Francesco Dolcini # Toradex Verdin AM62 Signed-off-by: Jai Luthra Signed-off-by: Jai Luthra Acked-by: Peter Ujfalusi Link: https://lore.kernel.org/r/20240930-z_cnt-v2-1-9d38aba149a2@linux.dev Signed-off-by: Vinod Koul commit 6e9c5c8ef2820d18492d07172ac52f23ea8a54d9 Author: Wolfram Sang Date: Mon Oct 7 13:02:01 2024 +0200 dmaengine: sh: rz-dmac: handle configs where one address is zero Configs like the ones coming from the MMC subsystem will have either 'src' or 'dst' zeroed, resulting in an unknown bus width. This will bail out on the RZ DMA driver because of the sanity check for a valid bus width. Reorder the code, so that the check will only be applied when the corresponding address is non-zero. Fixes: 5000d37042a6 ("dmaengine: sh: Add DMAC driver for RZ/G2L SoC") Signed-off-by: Wolfram Sang Reviewed-by: Biju Das Reviewed-by: Geert Uytterhoeven Tested-by: Biju Das Tested-by: Claudiu Beznea Link: https://lore.kernel.org/r/20241007110200.43166-6-wsa+renesas@sang-engineering.com Signed-off-by: Vinod Koul commit fcf38bc321fbc87dfcd829f42e64e541f17599f7 Author: Cong Yang Date: Fri Oct 11 10:08:19 2024 +0800 drm/panel: himax-hx83102: Adjust power and gamma to optimize brightness The current panel brightness is only 360 nit. Adjust the power and gamma to optimize the panel brightness. The brightness after adjustment is 390 nit. Fixes: 3179338750d8 ("drm/panel: himax-hx83102: Support for IVO t109nw41 MIPI-DSI panel") Signed-off-by: Cong Yang Reviewed-by: Douglas Anderson Reviewed-by: Linus Walleij Signed-off-by: Douglas Anderson Link: https://patchwork.freedesktop.org/patch/msgid/20241011020819.1254157-1-yangcong5@huaqin.corp-partner.google.com commit f56d8d2389ba2a0cab0512637bd264611eab1b9a Author: Joey Gouly Date: Tue Oct 1 14:36:18 2024 +0100 Documentation/protection-keys: add AArch64 to documentation As POE support was recently added, update the documentation. Also note that kernel threads have a default protection key register value. Signed-off-by: Joey Gouly Cc: Will Deacon Cc: Catalin Marinas Cc: Jonathan Corbet Link: https://lore.kernel.org/r/20241001133618.1547996-3-joey.gouly@arm.com [will: Adjusted wording based on feedback from Kevin] Signed-off-by: Will Deacon commit e3e85271330b18f487ab3032ea9ca0601efeafaf Author: Joey Gouly Date: Tue Oct 1 14:36:17 2024 +0100 arm64: set POR_EL0 for kernel threads Restrict kernel threads to only have RWX overlays for pkey 0. This matches what arch/x86 does, by defaulting to a restrictive PKRU. Signed-off-by: Joey Gouly Cc: Will Deacon Cc: Catalin Marinas Reviewed-by: Kevin Brodsky Link: https://lore.kernel.org/r/20241001133618.1547996-2-joey.gouly@arm.com Signed-off-by: Will Deacon commit 0b84db5d8f258d4b212c05ea0772ee47612d6cfb Author: Jakub Kicinski Date: Fri Oct 11 12:33:03 2024 -0700 MAINTAINERS: add Andrew Lunn as a co-maintainer of all networking drivers Andrew has been a pillar of the community for as long as I remember. Focusing on embedded networking, co-maintaining Ethernet PHYs and DSA code, but also actively reviewing MAC and integrated NIC drivers. Elevate Andrew to the status of co-maintainer of all netdev drivers. Acked-by: Andrew Lunn Reviewed-by: Eric Dumazet Acked-by: Paolo Abeni Link: https://patch.msgid.link/20241011193303.2461769-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit c25c0c9035bb8b28c844dfddeda7b8bdbcfcae95 Author: Ming Lei Date: Mon Oct 14 08:51:15 2024 +0800 blk-mq: setup queue ->tag_set before initializing hctx Commit 7b815817aa58 ("blk-mq: add helper for checking if one CPU is mapped to specified hctx") needs to check queue mapping via tag set in hctx's cpuhp handler. However, q->tag_set may not be setup yet when the cpuhp handler is enabled, then kernel oops is triggered. Fix the issue by setup queue tag_set before initializing hctx. Cc: stable@vger.kernel.org Reported-and-tested-by: Rick Koch Closes: https://lore.kernel.org/linux-block/CANa58eeNDozLaBHKPLxSAhEy__FPfJT_F71W=sEQw49UCrC9PQ@mail.gmail.com Fixes: 7b815817aa58 ("blk-mq: add helper for checking if one CPU is mapped to specified hctx") Signed-off-by: Ming Lei Reviewed-by: Christoph Hellwig Reviewed-by: John Garry Link: https://lore.kernel.org/r/20241014005115.2699642-1-ming.lei@redhat.com Signed-off-by: Jens Axboe commit 9803787a23c57328cd70c393a661266c396d12fb Author: Mickaël Salaün Date: Fri Oct 4 17:31:20 2024 +0200 landlock: Improve documentation of previous limitations Improve consistency of previous limitations' subsection titles, and expand a bit the IOCTL section. This changes some HTML anchors and may break some external links though. Cc: Konstantin Meskhidze Cc: Tahera Fahimi Reviewed-by: Günther Noack Link: https://lore.kernel.org/r/20241004153122.501775-1-mic@digikod.net Signed-off-by: Mickaël Salaün commit 1e9c708dc3ae7226d5f9461540e3d583736af5f1 Author: Baojun Xu Date: Fri Oct 11 15:40:40 2024 +0800 ALSA: hda/tas2781: Add new quirk for Lenovo, ASUS, Dell projects Add new vendor_id and subsystem_id in quirk for Lenovo, ASUS, and Dell projects. Signed-off-by: Baojun Xu Link: https://patch.msgid.link/20241011074040.524-1-baojun.xu@ti.com Signed-off-by: Takashi Iwai commit 5e3b72324d32629fa013f86657308f3dbc1115e1 Author: Kent Overstreet Date: Sat Oct 12 14:36:38 2024 -0400 bcachefs: Fix sysfs warning in fstests generic/730,731 sysfs warns if we're removing a symlink from a directory that's no longer in sysfs; this is triggered by fstests generic/730, which simulates hot removal of a block device. This patch is however not a correct fix, since checking kobj->state_in_sysfs on a kobj owned by another subsystem is racy. A better fix would be to add the appropriate check to sysfs_remove_link() - and sysfs_create_link() as well. But kobject_add_internal()/kobject_del() do not as of today have locking that would support that. Note that the block/holder.c code appears to be subject to this race as well. Cc: Greg Kroah-Hartman Cc: "Rafael J. Wysocki" Cc: Christoph Hellwig Signed-off-by: Kent Overstreet commit 3692a4ccacf3c44249e584aea3ae8568f953e7e4 Author: Andrei Simion Date: Mon Oct 14 12:28:31 2024 +0300 MAINTAINERS: Update maintainer list for MICROCHIP ASOC, SSC and MCP16502 drivers To help Claudiu and offload the work, add myself to the maintainer list for those drivers. Acked-by: Claudiu Beznea Signed-off-by: Andrei Simion Link: https://patch.msgid.link/20241014092830.46709-1-andrei.simion@microchip.com Signed-off-by: Mark Brown commit cd9626e9ebc77edec33023fe95dab4b04ffc819d Author: Peter Zijlstra Date: Thu Oct 10 11:38:10 2024 +0200 sched/fair: Fix external p->on_rq users Sean noted that ever since commit 152e11f6df29 ("sched/fair: Implement delayed dequeue") KVM's preemption notifiers have started mis-classifying preemption vs blocking. Notably p->on_rq is no longer sufficient to determine if a task is runnable or blocked -- the aforementioned commit introduces tasks that remain on the runqueue even through they will not run again, and should be considered blocked for many cases. Add the task_is_runnable() helper to classify things and audit all external users of the p->on_rq state. Also add a few comments. Fixes: 152e11f6df29 ("sched/fair: Implement delayed dequeue") Reported-by: Sean Christopherson Tested-by: Sean Christopherson Signed-off-by: Peter Zijlstra (Intel) Signed-off-by: Ingo Molnar Link: https://lkml.kernel.org/r/20241010091843.GK33184@noisy.programming.kicks-ass.net commit c6508124193d42bbc3224571eb75bfa4c1821fbb Author: Johannes Weiner Date: Fri Oct 11 10:49:33 2024 +0200 sched/psi: Fix mistaken CPU pressure indication after corrupted task state bug Since sched_delayed tasks remain queued even after blocking, the load balancer can migrate them between runqueues while PSI considers them to be asleep. As a result, it misreads the migration requeue followed by a wakeup as a double queue: psi: inconsistent task state! task=... cpu=... psi_flags=4 clear=. set=4 First, call psi_enqueue() after p->sched_class->enqueue_task(). A wakeup will clear p->se.sched_delayed while a migration will not, so psi can use that flag to tell them apart. Then teach psi to migrate any "sleep" state when delayed-dequeue tasks are being migrated. Delayed-dequeue tasks can be revived by ttwu_runnable(), which will call down with a new ENQUEUE_DELAYED. Instead of further complicating the wakeup conditional in enqueue_task(), identify migration contexts instead and default to wakeup handling for all other cases. It's not just the warning in dmesg, the task state corruption causes a permanent CPU pressure indication, which messes with workload/machine health monitoring. Debugged-by-and-original-fix-by: K Prateek Nayak Fixes: 152e11f6df29 ("sched/fair: Implement delayed dequeue") Closes: https://lore.kernel.org/lkml/20240830123458.3557-1-spasswolf@web.de/ Closes: https://lore.kernel.org/all/cd67fbcd-d659-4822-bb90-7e8fbb40a856@molgen.mpg.de/ Signed-off-by: Johannes Weiner Signed-off-by: Peter Zijlstra (Intel) Signed-off-by: Ingo Molnar Tested-by: K Prateek Nayak Link: https://lkml.kernel.org/r/20241010193712.GC181795@cmpxchg.org commit cb6055e66faa0d4c15587ef67be18bc199aef085 Author: Kent Overstreet Date: Sun Oct 13 19:38:00 2024 -0400 bcachefs: Handle race between stripe reuse, invalidate_stripe_to_dev When creating a new stripe, we may reuse an existing stripe that has some empty and some nonempty blocks. Generally, the existing stripe won't change underneath us - except for block sector counts, which we copy to the new key in ec_stripe_key_update. But the device removal path can now invalidate stripe pointers to a device, and that can race with stripe reuse. Change ec_stripe_key_update() to check for and resolve this inconsistency. Signed-off-by: Kent Overstreet commit b1e562265ed801c36e8817c67c97a47137870ece Author: Kent Overstreet Date: Sun Oct 13 20:16:45 2024 -0400 bcachefs: Fix kasan splat in new_stripe_alloc_buckets() Update for BCH_SB_MEMBER_INVALID. Signed-off-by: Kent Overstreet commit 6485cf5ea253d40d507cd71253c9568c5470cd27 Merge: 8e929cb546ee42 2934b12281abf4 Author: Linus Torvalds Date: Sun Oct 13 16:35:20 2024 -0700 Merge tag 'hid-for-linus-2024101301' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid Pull HID fixes from Jiri Kosina: - fix for memory corruption regression in amd_sfh driver (Basavaraj Natikar) - fix for mis-reporting of BTN_TOOL_PEN and BTN_TOOL_RUBBER for AES sensors tools in Wacom driver (Jason Gerecke) - fix for unitialized variable use in intel-ish-hid driver (SurajSonawane2415) - a few device-specific quirks / device ID additions * tag 'hid-for-linus-2024101301' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid: HID: wacom: Hardcode (non-inverted) AES pens as BTN_TOOL_PEN HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad HID: multitouch: Add support for B2402FVA track point HID: plantronics: Workaround for an unexcepted opposite volume key hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma commit 9f25dbe0bf91108be38c690628910c3ee85f6c1c Author: Kent Overstreet Date: Sat Oct 12 17:03:30 2024 -0400 bcachefs: Add missing validation for bch_stripe.csum_granularity_bits Reported-by: syzbot+f8c98a50c323635be65d@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet commit a319aeaebb6c7d8e68125943d454031b27d6b3ef Author: Kent Overstreet Date: Sat Oct 12 15:49:23 2024 -0400 bcachefs: Fix missing bounds checks in bch2_alloc_read() We were checking that the alloc key was for a valid device, but not a valid bucket. This is the upgrade path from versions prior to bcachefs being mainlined. Reported-by: syzbot+a1b59c8e1a3f022fd301@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet commit 573ddcdc56077615f8db045cd06b44dd8fc01f4b Author: Kent Overstreet Date: Sat Oct 12 15:38:33 2024 -0400 bcachefs: fix uaf in bch2_dio_write_done() Reported-by: syzbot+19ad84d5133871207377@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet commit 8e929cb546ee42c9a61d24fae60605e9e3192354 Author: Linus Torvalds Date: Sun Oct 13 14:33:32 2024 -0700 Linux 6.12-rc3 commit 8b8ca9c25fe69c2162e3235c7d6c341127abeed6 Author: Alice Ryhl Date: Thu Oct 10 09:38:27 2024 +0000 cfi: fix conditions for HAVE_CFI_ICALL_NORMALIZE_INTEGERS The HAVE_CFI_ICALL_NORMALIZE_INTEGERS option has some tricky conditions when KASAN or GCOV are turned on, as in that case we need some clang and rustc fixes [1][2] to avoid boot failures. The intent with the current setup is that you should be able to override the check and turn on the option if your clang/rustc has the fix. However, this override does not work in practice. Thus, use the new RUSTC_LLVM_VERSION to correctly implement the check for whether the fix is available. Additionally, remove KASAN_HW_TAGS from the list of incompatible options. The CFI_ICALL_NORMALIZE_INTEGERS option is incompatible with KASAN because LLVM will emit some constructors when using KASAN that are assigned incorrect CFI tags. These constructors are emitted due to use of -fsanitize=kernel-address or -fsanitize=kernel-hwaddress that are respectively passed when KASAN_GENERIC or KASAN_SW_TAGS are enabled. However, the KASAN_HW_TAGS option relies on hardware support for MTE instead and does not pass either flag. (Note also that KASAN_HW_TAGS does not `select CONSTRUCTORS`.) Link: https://github.com/llvm/llvm-project/pull/104826 [1] Link: https://github.com/rust-lang/rust/pull/129373 [2] Fixes: 4c66f8307ac0 ("cfi: encode cfi normalized integers + kasan/gcov bug in Kconfig") Signed-off-by: Alice Ryhl Reviewed-by: Sami Tolvanen Link: https://lore.kernel.org/r/20241010-icall-detect-vers-v1-2-8f114956aa88@google.com Signed-off-by: Miguel Ojeda commit af0121c2d303111d363c62e40413ffb39d5dc0f1 Author: Gary Guo Date: Fri Oct 11 12:40:33 2024 +0100 kbuild: rust: add `CONFIG_RUSTC_LLVM_VERSION` Each version of Rust supports a range of LLVM versions. There are cases where we want to gate a config on the LLVM version instead of the Rust version. Normalized cfi integer tags are one example [1]. The invocation of rustc-version is being moved from init/Kconfig to scripts/Kconfig.include for consistency with cc-version. Link: https://lore.kernel.org/all/20240925-cfi-norm-kasan-fix-v1-1-0328985cdf33@google.com/ [1] Signed-off-by: Gary Guo Link: https://lore.kernel.org/r/20241011114040.3900487-1-gary@garyguo.net [ Added missing `-llvm` to the Usage documentation. - Miguel ] Signed-off-by: Miguel Ojeda commit cfea70e835b9180029257d8b772c9e99c3305a9a Merge: ba01565ced22c0 63271b7d569fbe Author: Linus Torvalds Date: Sun Oct 13 10:52:39 2024 -0700 Merge tag '6.12-rc2-cifs-fixes' of git://git.samba.org/sfrench/cifs-2.6 Pull smb client fixes from Steve French: "Two fixes for Windows symlink handling" * tag '6.12-rc2-cifs-fixes' of git://git.samba.org/sfrench/cifs-2.6: cifs: Fix creating native symlinks pointing to current or parent directory cifs: Improve creating native symlinks pointing to directory commit ba01565ced22c04749a6f71aa8a658d3a64734bc Merge: f683c9b134f2b0 faa34159d08089 Author: Linus Torvalds Date: Sun Oct 13 09:21:36 2024 -0700 Merge tag 'usb-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb Pull USB fixes from Greg KH: "Here are some small USB fixes for some reported problems for 6.12-rc3. Include in here is: - fix for yurex driver that was caused in -rc1 - build error fix for usbg network filesystem code - onboard_usb_dev build fix - dwc3 driver fixes for reported errors - gadget driver fix - new USB storage driver quirk - xhci resume bugfix All of these have been in linux-next for a while with no reported issues" * tag 'usb-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: net/9p/usbg: Fix build error USB: yurex: kill needless initialization in yurex_read Revert "usb: yurex: Replace snprintf() with the safer scnprintf() variant" usb: xhci: Fix problem with xhci resume from suspend usb: misc: onboard_usb_dev: introduce new config symbol for usb5744 SMBus support usb: dwc3: core: Stop processing of pending events if controller is halted usb: dwc3: re-enable runtime PM after failed resume usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip usb: gadget: core: force synchronous registration commit 2471787c1f0dae6721f60ab44be37460635d3732 Author: Heiko Thiery Date: Mon Oct 7 09:11:22 2024 +0200 misc: microchip: pci1xxxx: add support for NVMEM_DEVID_AUTO for OTP device By using NVMEM_DEVID_AUTO we support more than 1 device and automatically enumerate. Fixes: 0969001569e4 ("misc: microchip: pci1xxxx: Add support to read and write into PCI1XXXX OTP via NVMEM sysfs") Cc: stable@vger.kernel.org Signed-off-by: Heiko Thiery Reviewed-by: Michael Walle Link: https://lore.kernel.org/r/20241007071120.9522-2-heiko.thiery@gmail.com Signed-off-by: Greg Kroah-Hartman commit 3c2d73de49be528276474c1a53f78b38ee11c1fa Author: Heiko Thiery Date: Mon Oct 7 09:11:20 2024 +0200 misc: microchip: pci1xxxx: add support for NVMEM_DEVID_AUTO for EEPROM device By using NVMEM_DEVID_AUTO we support more than 1 device and automatically enumerate. Fixes: 9ab5465349c0 ("misc: microchip: pci1xxxx: Add support to read and write into PCI1XXXX EEPROM via NVMEM sysfs") Cc: stable@vger.kernel.org Signed-off-by: Heiko Thiery Reviewed-by: Michael Walle Link: https://lore.kernel.org/r/20241007071120.9522-1-heiko.thiery@gmail.com Signed-off-by: Greg Kroah-Hartman commit 02ac3a9ef3a18b58d8f3ea2b6e46de657bf6c4f9 Author: Takashi Iwai Date: Fri Sep 20 12:32:19 2024 +0200 parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf() calls blindly with snprintf(). However, since snprintf() returns the would-be-printed size, not the actually output size, the length calculation can still go over the given limit. Use scnprintf() instead of snprintf(), which returns the actually output letters, for addressing the potential out-of-bounds access properly. Fixes: ab11dac93d2d ("dev/parport: fix the array out-of-bounds risk") Cc: stable@vger.kernel.org Signed-off-by: Takashi Iwai Link: https://lore.kernel.org/r/20240920103318.19271-1-tiwai@suse.de Signed-off-by: Greg Kroah-Hartman commit f683c9b134f2b0cb5d917296a142db1211468a78 Merge: 36c254515dc659 bd2b7f62a0d5fe Author: Linus Torvalds Date: Sun Oct 13 09:10:52 2024 -0700 Merge tag 'driver-core-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core Pull driver core fixes from Greg KH: "Here is a single driver core fix, and a .mailmap update. The fix is for the rust driver core bindings, turned out that the from_raw binding wasn't a good idea (don't want to pass a pointer to a reference counted object without actually incrementing the pointer.) So this change fixes it up as the from_raw binding came in in -rc1. The other change is a .mailmap update. Both have been in linux-next for a while with no reported issues" * tag 'driver-core-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: mailmap: update mail for Fiona Behrens rust: device: change the from_raw() function commit 7528cb0f65d7472c1d6b96956f86b408c5ab6b11 Merge: 8cf0b93919e13d 6b8e9dbfaed471 Author: Greg Kroah-Hartman Date: Sun Oct 13 17:23:47 2024 +0200 Merge tag 'iio-fixes-for-6.12a' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/jic23/iio into char-misc-linus Jonathan writes: IIO: 1st set of fixes for the 6.12 cycle. Most of this pull request is the result of Javier Carrasco doing a careful audit for missing Kconfig dependencies that luck has meant the random builds have never hit. The rest is the usual mix of old bugs that have surfaced and some fallout from the recent merge window. adi,ad5686 - Fix binding duplication of compatible strings. bosch,bma400 - Fix an uninitialized variable in the event tap handling. bosch,bmi323 - Fix several issues in the register saving and restore on suspend/resume sensiron,spd500 - Fix missing CRC8 dependency ti,op3001 - Fix a missing full-scale range value (values above this point were all reported wrongly) vishay,veml6030 - Fix a segmentation fault due to some type confusion. - Fix wrong ambient light sensor resolution. * tag 'iio-fixes-for-6.12a' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/jic23/iio: (34 commits) iio: frequency: admv4420: fix missing select REMAP_SPI in Kconfig iio: frequency: {admv4420,adrf6780}: format Kconfig entries iio: adc: ad4695: Add missing Kconfig select iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() iioc: dac: ltc2664: Fix span variable usage in ltc2664_channel_config() iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig iio: resolver: ad2s1210: add missing select (TRIGGERED_)BUFFER in Kconfig iio: resolver: ad2s1210 add missing select REGMAP in Kconfig iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig iio: pressure: bm1390: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig iio: magnetometer: af8133j: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig iio: light: bu27008: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig iio: chemical: ens160: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig iio: dac: ad5766: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig iio: dac: ad3552r: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig ... commit 36c254515dc6592c44db77b84908358979dd6b50 Merge: 7234e2ea0edd00 8956c582ac6b16 Author: Linus Torvalds Date: Sat Oct 12 17:16:21 2024 -0700 Merge tag 'powerpc-6.12-4' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux Pull powerpc fix from Michael Ellerman: - Fix crash in memcpy on 8xx due to dcbz workaround since recent changes Thanks to Christophe Leroy. * tag 'powerpc-6.12-4' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux: powerpc/8xx: Fix kernel DTLB miss on dcbz commit c5e8e93897b7bb0a336bf3332f82f8d9f2b33f14 Author: Pranjal Ramajor Asha Kanojiya Date: Fri Oct 4 13:32:52 2024 -0600 accel/qaic: Fix the for loop used to walk SG table Only for_each_sgtable_dma_sg() should be used to walk through a SG table to grab correct bus address and length pair after calling DMA MAP API on a SG table as DMA MAP APIs updates the SG table and for_each_sgtable_sg() walks through the original SG table. Fixes: ff13be830333 ("accel/qaic: Add datapath") Fixes: 129776ac2e38 ("accel/qaic: Add control path") Signed-off-by: Pranjal Ramajor Asha Kanojiya Reviewed-by: Jeffrey Hugo Signed-off-by: Jeffrey Hugo Reviewed-by: Jacek Lawrynowicz Link: https://patchwork.freedesktop.org/patch/msgid/20241004193252.3888544-1-quic_jhugo@quicinc.com commit 93b8ddc54507a227087c60a0013ed833b6ae7d3c Author: Sergey Matsievskiy Date: Sat Oct 12 13:57:43 2024 +0300 pinctrl: ocelot: fix system hang on level based interrupts The current implementation only calls chained_irq_enter() and chained_irq_exit() if it detects pending interrupts. ``` for (i = 0; i < info->stride; i++) { uregmap_read(info->map, id_reg + 4 * i, ®); if (!reg) continue; chained_irq_enter(parent_chip, desc); ``` However, in case of GPIO pin configured in level mode and the parent controller configured in edge mode, GPIO interrupt might be lowered by the hardware. In the result, if the interrupt is short enough, the parent interrupt is still pending while the GPIO interrupt is cleared; chained_irq_enter() never gets called and the system hangs trying to service the parent interrupt. Moving chained_irq_enter() and chained_irq_exit() outside the for loop ensures that they are called even when GPIO interrupt is lowered by the hardware. The similar code with chained_irq_enter() / chained_irq_exit() functions wrapping interrupt checking loop may be found in many other drivers: ``` grep -r -A 10 chained_irq_enter drivers/pinctrl ``` Cc: stable@vger.kernel.org Signed-off-by: Sergey Matsievskiy Reviewed-by: Alexandre Belloni Link: https://lore.kernel.org/20241012105743.12450-2-matsievskiysv@gmail.com Signed-off-by: Linus Walleij commit 7234e2ea0edd00bfb6bb2159e55878c19885ce68 Merge: 05749ecf5d52e2 d539a871ae47a1 Author: Linus Torvalds Date: Sat Oct 12 09:24:13 2024 -0700 Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi Pull SCSI fixes from James Bottomley: "Four small fixes, three in drivers and one in the FC transport class to add idempotence to state setting" * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: scsi: scsi_transport_fc: Allow setting rport state to current state scsi: wd33c93: Don't use stale scsi_pointer value scsi: fnic: Move flush_work initialization out of if block scsi: ufs: Use pre-calculated offsets in ufshcd_init_lrb() commit 05749ecf5d52e28a1eeb494498e2d51ebbbec11a Merge: 09f6b0c8904bfa 2d6c668902e583 Author: Linus Torvalds Date: Sat Oct 12 09:09:04 2024 -0700 Merge tag 'hwmon-for-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging Pull hwmon fixes from Guenter Roeck: - Add missing dependencies on REGMAP_I2C for several drivers - Fix memory leak in adt7475 driver - Relabel Columbiaville temperature sensor in intel-m10-bmc-hwmon driver to match other sensor labels * tag 'hwmon-for-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging: hwmon: (max1668) Add missing dependency on REGMAP_I2C hwmon: (ltc2991) Add missing dependency on REGMAP_I2C hwmon: (adt7470) Add missing dependency on REGMAP_I2C hwmon: (adm9240) Add missing dependency on REGMAP_I2C hwmon: (mc34vr500) Add missing dependency on REGMAP_I2C hwmon: (tmp513) Add missing dependency on REGMAP_I2C hwmon: (adt7475) Fix memory leak in adt7475_fan_pwm_config() hwmon: intel-m10-bmc-hwmon: relabel Columbiaville to CVL Die Temperature commit 1d59d474e1cb7d4fdf87dfaf96f44647f13ea590 Author: Bartosz Golaszewski Date: Thu Oct 3 10:43:41 2024 +0200 PCI: Hold rescan lock while adding devices during host probe Since adding the PCI power control code, we may end up with a race between the pwrctl platform device rescanning the bus and host controller probe functions. The latter need to take the rescan lock when adding devices or we may end up in an undefined state having two incompletely added devices and hit the following crash when trying to remove the device over sysfs: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 Internal error: Oops: 0000000096000004 [#1] SMP Call trace: __pi_strlen+0x14/0x150 kernfs_find_ns+0x80/0x13c kernfs_remove_by_name_ns+0x54/0xf0 sysfs_remove_bin_file+0x24/0x34 pci_remove_resource_files+0x3c/0x84 pci_remove_sysfs_dev_files+0x28/0x38 pci_stop_bus_device+0x8c/0xd8 pci_stop_bus_device+0x40/0xd8 pci_stop_and_remove_bus_device_locked+0x28/0x48 remove_store+0x70/0xb0 dev_attr_store+0x20/0x38 sysfs_kf_write+0x58/0x78 kernfs_fop_write_iter+0xe8/0x184 vfs_write+0x2dc/0x308 ksys_write+0x7c/0xec Fixes: 4565d2652a37 ("PCI/pwrctl: Add PCI power control core code") Link: https://lore.kernel.org/r/20241003084342.27501-1-brgl@bgdev.pl Reported-by: Konrad Dybcio Tested-by: Konrad Dybcio Signed-off-by: Bartosz Golaszewski Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam commit b930d8647869802a0d430aae6b1b05c3acb24a41 Author: Krzysztof Kozlowski Date: Sat Oct 12 12:09:57 2024 +0200 ASoC: qcom: Select missing common Soundwire module code on SDM845 SDM845 sound card driver uses qcom_snd_sdw_startup() from the common Soundwire module, so select it to fix build failures: ERROR: modpost: "qcom_snd_sdw_startup" [sound/soc/qcom/snd-soc-sdm845.ko] undefined! Fixes: d0e806b0cc62 ("ASoC: qcom: sdm845: add missing soundwire runtime stream alloc") Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20241012100957.129103-1-krzysztof.kozlowski@linaro.org Signed-off-by: Mark Brown commit c986dd7ecba185ad2a36b0815940f34deb2a8170 Author: Kent Overstreet Date: Wed Oct 9 21:28:11 2024 -0400 bcachefs: Improve check_snapshot_exists() Check if we have snapshot_trees or subvolumes that refer to the snapshot node being reconstructed, and use them. With this, the kill_btree_root test that blows away the snapshots btree now passes, and we're able to successfully reconstruct. Signed-off-by: Kent Overstreet commit 9183c2b11e93f16dfd89a7fa09ec50c0be71f15a Author: Kent Overstreet Date: Sat Oct 12 05:00:26 2024 -0400 bcachefs: Fix bkey_nocow_lock() This fixes an assertion pop in nocow_locking.c 00243 kernel BUG at fs/bcachefs/nocow_locking.c:41! 00243 Internal error: Oops - BUG: 00000000f2000800 [#1] SMP 00243 Modules linked in: 00243 Hardware name: linux,dummy-virt (DT) 00243 pstate: 60001005 (nZCv daif -PAN -UAO -TCO -DIT +SSBS BTYPE=--) 00244 pc : bch2_bucket_nocow_unlock (/home/testdashboard/linux-7/fs/bcachefs/nocow_locking.c:41) 00244 lr : bkey_nocow_lock (/home/testdashboard/linux-7/fs/bcachefs/data_update.c:79) 00244 sp : ffffff80c82373b0 00244 x29: ffffff80c82373b0 x28: ffffff80e08958c0 x27: ffffff80e0880000 00244 x26: ffffff80c8237a98 x25: 00000000000000a0 x24: ffffff80c8237ab0 00244 x23: 00000000000000c0 x22: 0000000000000008 x21: 0000000000000000 00244 x20: ffffff80c8237a98 x19: 0000000000000018 x18: 0000000000000000 00244 x17: 0000000000000000 x16: 000000000000003f x15: 0000000000000000 00244 x14: 0000000000000008 x13: 0000000000000018 x12: 0000000000000000 00244 x11: 0000000000000000 x10: ffffff80e0880000 x9 : ffffffc0803ac1a4 00244 x8 : 0000000000000018 x7 : ffffff80c8237a88 x6 : ffffff80c8237ab0 00244 x5 : ffffff80e08988d0 x4 : 00000000ffffffff x3 : 0000000000000000 00244 x2 : 0000000000000004 x1 : 0003000000000d1e x0 : ffffff80e08988c0 00244 Call trace: 00244 bch2_bucket_nocow_unlock (/home/testdashboard/linux-7/fs/bcachefs/nocow_locking.c:41) 00245 bch2_data_update_init (/home/testdashboard/linux-7/fs/bcachefs/data_update.c:627 (discriminator 1)) 00245 promote_alloc.isra.0 (/home/testdashboard/linux-7/fs/bcachefs/io_read.c:242 /home/testdashboard/linux-7/fs/bcachefs/io_read.c:304) 00245 __bch2_read_extent (/home/testdashboard/linux-7/fs/bcachefs/io_read.c:949) 00246 __bch2_read (/home/testdashboard/linux-7/fs/bcachefs/io_read.c:1215) 00246 bch2_direct_IO_read (/home/testdashboard/linux-7/fs/bcachefs/fs-io-direct.c:132) 00246 bch2_read_iter (/home/testdashboard/linux-7/fs/bcachefs/fs-io-direct.c:201) 00247 aio_read.constprop.0 (/home/testdashboard/linux-7/fs/aio.c:1602) 00247 io_submit_one.constprop.0 (/home/testdashboard/linux-7/fs/aio.c:2003 /home/testdashboard/linux-7/fs/aio.c:2052) 00248 __arm64_sys_io_submit (/home/testdashboard/linux-7/fs/aio.c:2111 /home/testdashboard/linux-7/fs/aio.c:2081 /home/testdashboard/linux-7/fs/aio.c:2081) 00248 invoke_syscall.constprop.0 (/home/testdashboard/linux-7/arch/arm64/include/asm/syscall.h:61 /home/testdashboard/linux-7/arch/arm64/kernel/syscall.c:54) 00248 ========= FAILED TIMEOUT tiering_variable_buckets_replicas in 1200s Signed-off-by: Kent Overstreet commit 672f75238e54a642d3ccbcb62d3977383ab50bb0 Author: Kent Overstreet Date: Sat Oct 12 02:44:38 2024 -0400 bcachefs: Fix accounting replay flags BCH_TRANS_COMMIT_journal_reclaim without BCH_WATERMARK_reclaim means "return an error if low on journal space" - but accounting replay must succeed. Fixes https://github.com/koverstreet/bcachefs/issues/656 Signed-off-by: Kent Overstreet commit c1bd21bb65182afca490db4031890802a1a546b7 Author: Kent Overstreet Date: Fri Oct 11 22:06:58 2024 -0400 bcachefs: Fix invalid shift in member_to_text() Reported-by: syzbot+064ce437a1ad63d3f6ef@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet commit 7d84d9f449f929a3b010cab04a0adc97c7853ab7 Author: Kent Overstreet Date: Fri Oct 11 22:00:44 2024 -0400 bcachefs: Fix bch2_have_enough_devs() for BCH_SB_MEMBER_INVALID This fixes a kasan splat in the ec device removal tests. Signed-off-by: Kent Overstreet commit dc5006cfcf62bea88076a587344ba5e00e66d1c6 Author: Kalesh AP Date: Tue Oct 8 00:41:42 2024 -0700 RDMA/bnxt_re: Fix the GID table length GID table length is reported by FW. The gid index which is passed to the driver during modify_qp/create_ah is restricted by the sgid_index field of struct ib_global_route. sgid_index is u8 and the max sgid possible is 256. Each GID entry in HW will have 2 GID entries in the kernel gid table. So we can support twice the gid table size reported by FW. Also, restrict the max GID to 256 also. Fixes: 847b97887ed4 ("RDMA/bnxt_re: Restrict the max_gids to 256") Link: https://patch.msgid.link/r/1728373302-19530-11-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit 7988bdbbb85ac85a847baf09879edcd0f70521dc Author: Bhargava Chenna Marreddy Date: Tue Oct 8 00:41:41 2024 -0700 RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when num_pages > 256K. There will be a single PDE page address (contiguous pages in the case of > PAGE_SIZE), but, current logic assumes multiple pages, leading to invalid memory access after 256K PBL entries in the PDE. Fixes: 0c4dcd602817 ("RDMA/bnxt_re: Refactor hardware queue memory allocation") Link: https://patch.msgid.link/r/1728373302-19530-10-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Bhargava Chenna Marreddy Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit 2df411353dacc4b0c911f8c4944f8ffab955391c Author: Chandramohan Akula Date: Tue Oct 8 00:41:40 2024 -0700 RDMA/bnxt_re: Change the sequence of updating the CQ toggle value Currently the CQ toggle value in the shared page (read by the userlib) is updated as part of the cqn_handler. There is a potential race of application calling the CQ ARM doorbell immediately and using the old toggle value. Change the sequence of updating CQ toggle value to update in the bnxt_qplib_service_nq function immediately after reading the toggle value to be in sync with the HW updated value. Fixes: e275919d9669 ("RDMA/bnxt_re: Share a page to expose per CQ info with userspace") Link: https://patch.msgid.link/r/1728373302-19530-9-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Chandramohan Akula Reviewed-by: Selvin Xavier Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit a5e099e0c464ac3d077339f481981e0d859b8545 Author: Kalesh AP Date: Tue Oct 8 00:41:39 2024 -0700 RDMA/bnxt_re: Fix an error path in bnxt_re_add_device In bnxt_re_add_device(), when register netdev notifier fails, driver is not unregistering the IB device in the error cleanup path. Also, removed the duplicate cleanup in error path of bnxt_re_probe. Fixes: 94a9dc6ac8f7 ("RDMA/bnxt_re: Group all operations under add_device and remove_device") Link: https://patch.msgid.link/r/1728373302-19530-8-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit 8be3e5b0c96beeefe9d5486b96575d104d3e7d17 Author: Selvin Xavier Date: Tue Oct 8 00:41:38 2024 -0700 RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop Driver waits indefinitely for the fifo occupancy to go below a threshold as soon as the pacing interrupt is received. This can cause soft lockup on one of the processors, if the rate of DB is very high. Add a loop count for FPGA and exit the __wait_for_fifo_occupancy_below_th if the loop is taking more time. Pacing will be continuing until the occupancy is below the threshold. This is ensured by the checks in bnxt_re_pacing_timer_exp and further scheduling the work for pacing based on the fifo occupancy. Fixes: 2ad4e6303a6d ("RDMA/bnxt_re: Implement doorbell pacing algorithm") Link: https://patch.msgid.link/r/1728373302-19530-7-git-send-email-selvin.xavier@broadcom.com Reviewed-by: Kalesh AP Reviewed-by: Chandramohan Akula Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit 0ba9294da081ba4a16699cfcfc3836600ec9e403 Author: Kalesh AP Date: Tue Oct 8 00:41:37 2024 -0700 RDMA/bnxt_re: Fix a possible NULL pointer dereference There is a possibility of a NULL pointer dereference in the failure path of bnxt_re_add_device(). To address that, moved the update of "rdev->adev" to bnxt_re_dev_add(). Fixes: dee3da3422d5 ("RDMA/bnxt_re: Change aux driver data to en_info to hold more information") Link: https://patch.msgid.link/r/1728373302-19530-6-git-send-email-selvin.xavier@broadcom.com Reported-by: Dan Carpenter Closes: https://lore.kernel.org/linux-rdma/CAH-L+nMCwymKGqf5pd8-FZNhxEkDD=kb6AoCaE6fAVi7b3e5Qw@mail.gmail.com/T/#t Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit 98647df0178df215b8239c5c365537283b2852a6 Author: Kalesh AP Date: Tue Oct 8 00:41:36 2024 -0700 RDMA/bnxt_re: Return more meaningful error When the HWRM command fails, driver currently returns -EFAULT(Bad address). This does not look correct. Modified to return -EIO(I/O error). Fixes: cc1ec769b87c ("RDMA/bnxt_re: Fixing the Control path command and response handling") Fixes: 65288a22ddd8 ("RDMA/bnxt_re: use shadow qd while posting non blocking rcfw command") Link: https://patch.msgid.link/r/1728373302-19530-5-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit 87b4d8d28f6af8fc62766a8af7a5467b37053dfa Author: Kashyap Desai Date: Tue Oct 8 00:41:35 2024 -0700 RDMA/bnxt_re: Fix incorrect dereference of srq in async event Currently driver is not getting correct srq. Dereference only if qplib has a valid srq. Fixes: b02fd3f79ec3 ("RDMA/bnxt_re: Report async events and errors") Link: https://patch.msgid.link/r/1728373302-19530-4-git-send-email-selvin.xavier@broadcom.com Reviewed-by: Saravanan Vajravel Reviewed-by: Chandramohan Akula Signed-off-by: Kashyap Desai Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit a9e6e7443922ac0a48243c35d03834c96926bff1 Author: Kalesh AP Date: Tue Oct 8 00:41:34 2024 -0700 RDMA/bnxt_re: Fix out of bound check Driver exports pacing stats only on GenP5 and P7 adapters. But while parsing the pacing stats, driver has a check for "rdev->dbr_pacing". This caused a trace when KASAN is enabled. BUG: KASAN: slab-out-of-bounds in bnxt_re_get_hw_stats+0x2b6a/0x2e00 [bnxt_re] Write of size 8 at addr ffff8885942a6340 by task modprobe/4809 Fixes: 8b6573ff3420 ("bnxt_re: Update the debug counters for doorbell pacing") Link: https://patch.msgid.link/r/1728373302-19530-3-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit ac6df53738b465053d38d491fff87bd7d37fdc07 Author: Abhishek Mohapatra Date: Tue Oct 8 00:41:33 2024 -0700 RDMA/bnxt_re: Fix the max CQ WQEs for older adapters Older adapters doesn't support the MAX CQ WQEs reported by older FW. So restrict the value reported to 1M always for older adapters. Fixes: 1ac5a4047975 ("RDMA/bnxt_re: Add bnxt_re RoCE driver") Link: https://patch.msgid.link/r/1728373302-19530-2-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Abhishek Mohapatra Reviewed-by: Chandramohan Akula Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit 09f6b0c8904bfaa1e0601bc102e1b6aa6de8c98f Merge: 974099e40e924a 4ee5ca9a29384f Author: Linus Torvalds Date: Fri Oct 11 16:12:45 2024 -0700 Merge tag 'linux_kselftest-fixes-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull kselftest fixes from Shuah Khan: "Fixes for build, run-time errors, and reporting errors: - ftrace: regression test for a kernel crash when running function graph tracing and then enabling function profiler. - rseq: fix for mm_cid test failure. - vDSO: - fixes to reporting skip and other error conditions - changes unconditionally build chacha and getrandom tests on all architectures to make it easier for them to run in CIs - build error when sched.h to bring in CLONE_NEWTIME define" * tag 'linux_kselftest-fixes-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: ftrace/selftest: Test combination of function_graph tracer and function profiler selftests/rseq: Fix mm_cid test failure selftests: vDSO: Explicitly include sched.h selftests: vDSO: improve getrandom and chacha error messages selftests: vDSO: unconditionally build getrandom test selftests: vDSO: unconditionally build chacha test commit 974099e40e924a911000541fea0b59d075a3d1d0 Merge: 9066258d0a5335 6e0391e48cf9fb Author: Linus Torvalds Date: Fri Oct 11 16:07:15 2024 -0700 Merge tag 'devicetree-fixes-for-6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux Pull devicetree fixes from Rob Herring: - Disable kunit tests for arm64+ACPI - Fix refcount issue in kunit tests - Drop constraints on non-conformant 'interrupt-map' in fsl,ls-extirq - Drop type ref on 'msi-parent in fsl,qoriq-mc binding - Move elgin,jg10309-01 to its own binding from trivial-devices * tag 'devicetree-fixes-for-6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux: of: Skip kunit tests when arm64+ACPI doesn't populate root node of: Fix unbalanced of node refcount and memory leaks dt-bindings: interrupt-controller: fsl,ls-extirq: workaround wrong interrupt-map number dt-bindings: misc: fsl,qoriq-mc: remove ref for msi-parent dt-bindings: display: elgin,jg10309-01: Add own binding commit 174714f0e505070a16be6fbede30d32b81df789f Author: Alessandro Zanni Date: Thu Oct 10 20:30:30 2024 +0200 selftests: drivers: net: fix name not defined This fix solves this error, when calling kselftest with targets "drivers/net": File "tools/testing/selftests/net/lib/py/nsim.py", line 64, in __init__ if e.errno == errno.ENOSPC: NameError: name 'errno' is not defined The error was found by running tests manually with the command: make kselftest TARGETS="drivers/net" The module errno makes available standard error system symbols. Reviewed-by: Petr Machata Signed-off-by: Alessandro Zanni Link: https://patch.msgid.link/20241010183034.24739-1-alessandro.zanni87@gmail.com Signed-off-by: Jakub Kicinski commit 6ea8a1c28fd36179fc66e088060b11515c8508b7 Author: Alessandro Zanni Date: Thu Oct 10 21:44:17 2024 +0200 selftests: net/rds: add module not found This fix solves this error, when calling kselftest with targets "net/rds": The error was found by running tests manually with the command: make kselftest TARGETS="net/rds" The patch also specifies to import ip() function from the utils module. Signed-off-by: Alessandro Zanni Reviewed-by: Allison Henderson Link: https://patch.msgid.link/20241010194421.48198-1-alessandro.zanni87@gmail.com Signed-off-by: Jakub Kicinski commit 1d7b2ce43d2c22a21dadaf689cb36a69570346a6 Author: Wei Fang Date: Fri Oct 11 11:01:03 2024 +0800 net: enetc: add missing static descriptor and inline keyword Fix the build warnings when CONFIG_FSL_ENETC_MDIO is not enabled. The detailed warnings are shown as follows. include/linux/fsl/enetc_mdio.h:62:18: warning: no previous prototype for function 'enetc_hw_alloc' [-Wmissing-prototypes] 62 | struct enetc_hw *enetc_hw_alloc(struct device *dev, void __iomem *port_regs) | ^ include/linux/fsl/enetc_mdio.h:62:1: note: declare 'static' if the function is not intended to be used outside of this translation unit 62 | struct enetc_hw *enetc_hw_alloc(struct device *dev, void __iomem *port_regs) | ^ | static 8 warnings generated. Fixes: 6517798dd343 ("enetc: Make MDIO accessors more generic and export to include/linux/fsl") Cc: stable@vger.kernel.org Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202410102136.jQHZOcS4-lkp@intel.com/ Signed-off-by: Wei Fang Reviewed-by: Claudiu Manoil Reviewed-by: Vladimir Oltean Link: https://patch.msgid.link/20241011030103.392362-1-wei.fang@nxp.com Signed-off-by: Jakub Kicinski commit 9066258d0a533530c2508f784e85c53b44f5d9e4 Merge: 547fc3225a4187 01ecc142ef7c8c Author: Linus Torvalds Date: Fri Oct 11 15:56:02 2024 -0700 Merge tag 'fbdev-for-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev Pull fbdev platform driver fix from Helge Deller: "Switch fbdev drivers back to struct platform_driver::remove() Now that 'remove()' has been converted to the sane new API, there's no reason for the 'remove_new()' use, so this converts back to the traditional and simpler name. See commits 5c5a7680e67b ("platform: Provide a remove callback that returns no value") 0edb555a65d1 ("platform: Make platform_driver::remove() return void") for background to this all" * tag 'fbdev-for-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev: fbdev: Switch back to struct platform_driver::remove() commit 0af8c8ae3484200c7ea85f6b544a73e530c0e969 Merge: 8a6be4bd6fb319 6b58fadd44aafb Author: Jakub Kicinski Date: Fri Oct 11 15:45:20 2024 -0700 Merge branch 'net-enetc-fix-some-issues-of-xdp' Wei Fang says: ==================== net: enetc: fix some issues of XDP We found some bugs when testing the XDP function of enetc driver, and these bugs are easy to reproduce. This is not only causes XDP to not work, but also the network cannot be restored after exiting the XDP program. So the patch set is mainly to fix these bugs. For details, please see the commit message of each patch. v1: https://lore.kernel.org/bpf/20240919084104.661180-1-wei.fang@nxp.com/ v2: https://lore.kernel.org/netdev/20241008224806.2onzkt3gbslw5jxb@skbuf/ v3: https://lore.kernel.org/imx/20241009090327.146461-1-wei.fang@nxp.com/ ==================== Link: https://patch.msgid.link/20241010092056.298128-1-wei.fang@nxp.com Signed-off-by: Jakub Kicinski commit 6b58fadd44aafbbd6af5f0b965063e1fd2063992 Author: Wei Fang Date: Thu Oct 10 17:20:56 2024 +0800 net: enetc: disable NAPI after all rings are disabled When running "xdp-bench tx eno0" to test the XDP_TX feature of ENETC on LS1028A, it was found that if the command was re-run multiple times, Rx could not receive the frames, and the result of xdp-bench showed that the rx rate was 0. root@ls1028ardb:~# ./xdp-bench tx eno0 Hairpinning (XDP_TX) packets on eno0 (ifindex 3; driver fsl_enetc) Summary 2046 rx/s 0 err,drop/s Summary 0 rx/s 0 err,drop/s Summary 0 rx/s 0 err,drop/s Summary 0 rx/s 0 err,drop/s By observing the Rx PIR and CIR registers, CIR is always 0x7FF and PIR is always 0x7FE, which means that the Rx ring is full and can no longer accommodate other Rx frames. Therefore, the problem is caused by the Rx BD ring not being cleaned up. Further analysis of the code revealed that the Rx BD ring will only be cleaned if the "cleaned_cnt > xdp_tx_in_flight" condition is met. Therefore, some debug logs were added to the driver and the current values of cleaned_cnt and xdp_tx_in_flight were printed when the Rx BD ring was full. The logs are as follows. [ 178.762419] [XDP TX] >> cleaned_cnt:1728, xdp_tx_in_flight:2140 [ 178.771387] [XDP TX] >> cleaned_cnt:1941, xdp_tx_in_flight:2110 [ 178.776058] [XDP TX] >> cleaned_cnt:1792, xdp_tx_in_flight:2110 From the results, the max value of xdp_tx_in_flight has reached 2140. However, the size of the Rx BD ring is only 2048. So xdp_tx_in_flight did not drop to 0 after enetc_stop() is called and the driver does not clear it. The root cause is that NAPI is disabled too aggressively, without having waited for the pending XDP_TX frames to be transmitted, and their buffers recycled, so that xdp_tx_in_flight cannot naturally drop to 0. Later, enetc_free_tx_ring() does free those stale, unsent XDP_TX packets, but it is not coded up to also reset xdp_tx_in_flight, hence the manifestation of the bug. One option would be to cover this extra condition in enetc_free_tx_ring(), but now that the ENETC_TX_DOWN exists, we have created a window at the beginning of enetc_stop() where NAPI can still be scheduled, but any concurrent enqueue will be blocked. Therefore, enetc_wait_bdrs() and enetc_disable_tx_bdrs() can be called with NAPI still scheduled, and it is guaranteed that this will not wait indefinitely, but instead give us an indication that the pending TX frames have orderly dropped to zero. Only then should we call napi_disable(). This way, enetc_free_tx_ring() becomes entirely redundant and can be dropped as part of subsequent cleanup. The change also refactors enetc_start() so that it looks like the mirror opposite procedure of enetc_stop(). Fixes: ff58fda09096 ("net: enetc: prioritize ability to go down over packet processing") Cc: stable@vger.kernel.org Signed-off-by: Wei Fang Reviewed-by: Vladimir Oltean Tested-by: Vladimir Oltean Link: https://patch.msgid.link/20241010092056.298128-5-wei.fang@nxp.com Signed-off-by: Jakub Kicinski commit 0a93f2ca4be6c4616d371f18a3fabad2df7f8d55 Author: Wei Fang Date: Thu Oct 10 17:20:55 2024 +0800 net: enetc: disable Tx BD rings after they are empty The Tx BD rings are disabled first in enetc_stop() and the driver waits for them to become empty. This operation is not safe while the ring is actively transmitting frames, and will cause the ring to not be empty and hardware exception. As described in the NETC block guide, software should only disable an active Tx ring after all pending ring entries have been consumed (i.e. when PI = CI). Disabling a transmit ring that is actively processing BDs risks a HW-SW race hazard whereby a hardware resource becomes assigned to work on one or more ring entries only to have those entries be removed due to the ring becoming disabled. When testing XDP_REDIRECT feautre, although all frames were blocked from being put into Tx rings during ring reconfiguration, the similar warning log was still encountered: fsl_enetc 0000:00:00.2 eno2: timeout for tx ring #6 clear fsl_enetc 0000:00:00.2 eno2: timeout for tx ring #7 clear The reason is that when there are still unsent frames in the Tx ring, disabling the Tx ring causes the remaining frames to be unable to be sent out. And the Tx ring cannot be restored, which means that even if the xdp program is uninstalled, the Tx frames cannot be sent out anymore. Therefore, correct the operation order in enect_start() and enect_stop(). Fixes: ff58fda09096 ("net: enetc: prioritize ability to go down over packet processing") Cc: stable@vger.kernel.org Signed-off-by: Wei Fang Reviewed-by: Vladimir Oltean Link: https://patch.msgid.link/20241010092056.298128-4-wei.fang@nxp.com Signed-off-by: Jakub Kicinski commit c728a95ccf2a8ba544facfc30a4418d4c68c39f0 Author: Wei Fang Date: Thu Oct 10 17:20:54 2024 +0800 net: enetc: block concurrent XDP transmissions during ring reconfiguration When testing the XDP_REDIRECT function on the LS1028A platform, we found a very reproducible issue that the Tx frames can no longer be sent out even if XDP_REDIRECT is turned off. Specifically, if there is a lot of traffic on Rx direction, when XDP_REDIRECT is turned on, the console may display some warnings like "timeout for tx ring #6 clear", and all redirected frames will be dropped, the detailed log is as follows. root@ls1028ardb:~# ./xdp-bench redirect eno0 eno2 Redirecting from eno0 (ifindex 3; driver fsl_enetc) to eno2 (ifindex 4; driver fsl_enetc) [203.849809] fsl_enetc 0000:00:00.2 eno2: timeout for tx ring #5 clear [204.006051] fsl_enetc 0000:00:00.2 eno2: timeout for tx ring #6 clear [204.161944] fsl_enetc 0000:00:00.2 eno2: timeout for tx ring #7 clear eno0->eno2 1420505 rx/s 1420590 err,drop/s 0 xmit/s xmit eno0->eno2 0 xmit/s 1420590 drop/s 0 drv_err/s 15.71 bulk-avg eno0->eno2 1420484 rx/s 1420485 err,drop/s 0 xmit/s xmit eno0->eno2 0 xmit/s 1420485 drop/s 0 drv_err/s 15.71 bulk-avg By analyzing the XDP_REDIRECT implementation of enetc driver, the driver will reconfigure Tx and Rx BD rings when a bpf program is installed or uninstalled, but there is no mechanisms to block the redirected frames when enetc driver reconfigures rings. Similarly, XDP_TX verdicts on received frames can also lead to frames being enqueued in the Tx rings. Because XDP ignores the state set by the netif_tx_wake_queue() API, so introduce the ENETC_TX_DOWN flag to suppress transmission of XDP frames. Fixes: c33bfaf91c4c ("net: enetc: set up XDP program under enetc_reconfigure()") Cc: stable@vger.kernel.org Signed-off-by: Wei Fang Reviewed-by: Vladimir Oltean Link: https://patch.msgid.link/20241010092056.298128-3-wei.fang@nxp.com Signed-off-by: Jakub Kicinski commit 412950d5746f7aa139e14fe95338694c1f09b595 Author: Wei Fang Date: Thu Oct 10 17:20:53 2024 +0800 net: enetc: remove xdp_drops statistic from enetc_xdp_drop() The xdp_drops statistic indicates the number of XDP frames dropped in the Rx direction. However, enetc_xdp_drop() is also used in XDP_TX and XDP_REDIRECT actions. If frame loss occurs in these two actions, the frames loss count should not be included in xdp_drops, because there are already xdp_tx_drops and xdp_redirect_failures to count the frame loss of these two actions, so it's better to remove xdp_drops statistic from enetc_xdp_drop() and increase xdp_drops in XDP_DROP action. Fixes: 7ed2bc80074e ("net: enetc: add support for XDP_TX") Cc: stable@vger.kernel.org Signed-off-by: Wei Fang Reviewed-by: Maciej Fijalkowski Reviewed-by: Vladimir Oltean Link: https://patch.msgid.link/20241010092056.298128-2-wei.fang@nxp.com Signed-off-by: Jakub Kicinski commit 8a6be4bd6fb319cee63d228e37c8dda5fd1eb74a Author: Daniel Machon Date: Wed Oct 9 14:49:56 2024 +0200 net: sparx5: fix source port register when mirroring When port mirroring is added to a port, the bit position of the source port, needs to be written to the register ANA_AC_PROBE_PORT_CFG. This register is replicated for n_ports > 32, and therefore we need to derive the correct register from the port number. Before this patch, we wrongly calculate the register from portno / BITS_PER_BYTE, where the divisor ought to be 32, causing any port >=8 to be written to the wrong register. We fix this, by using do_div(), where the dividend is the register, the remainder is the bit position and the divisor is now 32. Fixes: 4e50d72b3b95 ("net: sparx5: add port mirroring implementation") Signed-off-by: Daniel Machon Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241009-mirroring-fix-v1-1-9ec962301989@microchip.com Signed-off-by: Jakub Kicinski commit 547fc3225a4187c25e296240a3371115821c5850 Merge: 6254d537277947 a6191a3d181191 Author: Linus Torvalds Date: Fri Oct 11 15:42:26 2024 -0700 Merge tag 'gpio-fixes-for-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux Pull gpio fixes from Bartosz Golaszewski: - fix clock handle leak in probe() error path in gpio-aspeed - add a dummy register read to ensure the write actually completed * tag 'gpio-fixes-for-v6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux: gpio: aspeed: Use devm_clk api to manage clock source gpio: aspeed: Add the flush write to ensure the write complete. commit 6254d537277947fc086324954ddfba1188ba8212 Merge: a1029768f3931b 7ef60108069b7e Author: Linus Torvalds Date: Fri Oct 11 15:37:15 2024 -0700 Merge tag 'nfs-for-6.12-2' of git://git.linux-nfs.org/projects/anna/linux-nfs Pull NFS client fixes from Anna Schumaker: "Localio Bugfixes: - remove duplicated include in localio.c - fix race in NFS calls to nfsd_file_put_local() and nfsd_serv_put() - fix Kconfig for NFS_COMMON_LOCALIO_SUPPORT - fix nfsd_file tracepoints to handle NULL rqstp pointers Other Bugfixes: - fix program selection loop in svc_process_common - fix integer overflow in decode_rc_list() - prevent NULL-pointer dereference in nfs42_complete_copies() - fix CB_RECALL performance issues when using a large number of delegations" * tag 'nfs-for-6.12-2' of git://git.linux-nfs.org/projects/anna/linux-nfs: NFS: remove revoked delegation from server's delegation list nfsd/localio: fix nfsd_file tracepoints to handle NULL rqstp nfs_common: fix Kconfig for NFS_COMMON_LOCALIO_SUPPORT nfs_common: fix race in NFS calls to nfsd_file_put_local() and nfsd_serv_put() NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() SUNRPC: Fix integer overflow in decode_rc_list() sunrpc: fix prog selection loop in svc_process_common nfs: Remove duplicated include in localio.c commit 22600596b6756b166fd052d5facb66287e6f0bad Author: Xin Long Date: Wed Oct 9 14:47:13 2024 -0400 ipv4: give an IPv4 dev to blackhole_netdev After commit 8d7017fd621d ("blackhole_netdev: use blackhole_netdev to invalidate dst entries"), blackhole_netdev was introduced to invalidate dst cache entries on the TX path whenever the cache times out or is flushed. When two UDP sockets (sk1 and sk2) send messages to the same destination simultaneously, they are using the same dst cache. If the dst cache is invalidated on one path (sk2) while the other (sk1) is still transmitting, sk1 may try to use the invalid dst entry. CPU1 CPU2 udp_sendmsg(sk1) udp_sendmsg(sk2) udp_send_skb() ip_output() <--- dst timeout or flushed dst_dev_put() ip_finish_output2() ip_neigh_for_gw() This results in a scenario where ip_neigh_for_gw() returns -EINVAL because blackhole_dev lacks an in_dev, which is needed to initialize the neigh in arp_constructor(). This error is then propagated back to userspace, breaking the UDP application. The patch fixes this issue by assigning an in_dev to blackhole_dev for IPv4, similar to what was done for IPv6 in commit e5f80fcf869a ("ipv6: give an IPv6 dev to blackhole_netdev"). This ensures that even when the dst entry is invalidated with blackhole_dev, it will not fail to create the neigh entry. As devinet_init() is called ealier than blackhole_netdev_init() in system booting, it can not assign the in_dev to blackhole_dev in devinet_init(). As Paolo suggested, add a separate late_initcall() in devinet.c to ensure inet_blackhole_dev_init() is called after blackhole_netdev_init(). Fixes: 8d7017fd621d ("blackhole_netdev: use blackhole_netdev to invalidate dst entries") Signed-off-by: Xin Long Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/3000792d45ca44e16c785ebe2b092e610e5b3df1.1728499633.git.lucien.xin@gmail.com Signed-off-by: Jakub Kicinski commit a1029768f3931b31aa52790f1dde0c7d6a6552eb Merge: d947d6848a7906 f7345ccc62a4b8 Author: Linus Torvalds Date: Fri Oct 11 14:42:27 2024 -0700 Merge tag 'rcu.fixes.6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rcu/linux Pull RCU fix from Neeraj Upadhyay: "Fix rcuog kthread wakeup invocation from softirq context on a CPU which has been marked offline. This can happen when new callbacks are enqueued from a softirq on an offline CPU before it calls rcutree_report_cpu_dead(). When this happens on NOCB configuration, the rcuog wake-up is deferred through an IPI to an online CPU. This is done to avoid call into the scheduler which can risk arming the RT-bandwidth after hrtimers have been migrated out and disabled. However, doing IPI call from softirq is not allowed: Fix this by forcing deferred rcuog wakeup through the NOCB timer when the CPU is offline" * tag 'rcu.fixes.6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rcu/linux: rcu/nocb: Fix rcuog wake-up from offline softirq commit d947d6848a790616d6d2ca64097b6e818ffe3017 Merge: 9e4c6c1ad9a195 bf56c410162dbf Author: Linus Torvalds Date: Fri Oct 11 14:34:18 2024 -0700 Merge tag 'for-linus-6.12a-rc3-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip Pull xen fix from Juergen Gross: "A fix for topology information of Xen PV guests" * tag 'for-linus-6.12a-rc3-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip: x86/xen: mark boot CPU of PV guest in MSR_IA32_APICBASE commit 4ee5ca9a29384fcf3f18232fdf8474166dea8dca Author: Steven Rostedt Date: Thu Oct 10 16:52:35 2024 -0400 ftrace/selftest: Test combination of function_graph tracer and function profiler Masami reported a bug when running function graph tracing then the function profiler. The following commands would cause a kernel crash: # cd /sys/kernel/tracing/ # echo function_graph > current_tracer # echo 1 > function_profile_enabled In that order. Create a test to test this two to make sure this does not come back as a regression. Link: https://lore.kernel.org/172398528350.293426.8347220120333730248.stgit@devnote2 Link: https://lore.kernel.org/all/20241010165235.35122877@gandalf.local.home/ Acked-by: Masami Hiramatsu (Google) Signed-off-by: Steven Rostedt (Google) Signed-off-by: Shuah Khan commit a0cc649353bb726d4aa0db60dce467432197b746 Author: Mathieu Desnoyers Date: Tue Oct 8 21:28:01 2024 -0400 selftests/rseq: Fix mm_cid test failure Adapt the rseq.c/rseq.h code to follow GNU C library changes introduced by: glibc commit 2e456ccf0c34 ("Linux: Make __rseq_size useful for feature detection (bug 31965)") Without this fix, rseq selftests for mm_cid fail: ./run_param_test.sh Default parameters Running test spinlock Running compare-twice test spinlock Running mm_cid test spinlock Error: cpu id getter unavailable Fixes: 18c2355838e7 ("selftests/rseq: Implement rseq mm_cid field support") Signed-off-by: Mathieu Desnoyers Cc: Peter Zijlstra CC: Boqun Feng CC: "Paul E. McKenney" Cc: Shuah Khan CC: Carlos O'Donell CC: Florian Weimer CC: linux-kselftest@vger.kernel.org CC: stable@vger.kernel.org Signed-off-by: Shuah Khan commit 3fd976afe9743110f20a23f93b7ff9693f2be4bf Author: Harshit Mogalapalli Date: Thu Oct 10 13:52:37 2024 -0700 pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func() 'new_map' is allocated using devm_* which takes care of freeing the allocated data on device removal, call to .dt_free_map = pinconf_generic_dt_free_map double frees the map as pinconf_generic_dt_free_map() calls pinctrl_utils_free_map(). Fix this by using kcalloc() instead of auto-managed devm_kcalloc(). Cc: stable@vger.kernel.org Fixes: f805e356313b ("pinctrl: nuvoton: Add ma35d1 pinctrl and GPIO driver") Reported-by: Christophe JAILLET Signed-off-by: Harshit Mogalapalli Link: https://lore.kernel.org/20241010205237.1245318-1-harshit.m.mogalapalli@oracle.com Signed-off-by: Linus Walleij commit ee4d4e8d2c3bec6ee652599ab31991055a72c322 Author: John Allen Date: Mon Sep 23 16:44:04 2024 +0000 x86/CPU/AMD: Only apply Zenbleed fix for Zen2 during late microcode load Commit f69759be251d ("x86/CPU/AMD: Move Zenbleed check to the Zen2 init function") causes a bit in the DE_CFG MSR to get set erroneously after a microcode late load. The microcode late load path calls into amd_check_microcode() and subsequently zen2_zenbleed_check(). Since the above commit removes the cpu_has_amd_erratum() call from zen2_zenbleed_check(), this will cause all non-Zen2 CPUs to go through the function and set the bit in the DE_CFG MSR. Call into the Zenbleed fix path on Zen2 CPUs only. [ bp: Massage commit message, use cpu_feature_enabled(). ] Fixes: f69759be251d ("x86/CPU/AMD: Move Zenbleed check to the Zen2 init function") Signed-off-by: John Allen Signed-off-by: Borislav Petkov (AMD) Acked-by: Borislav Petkov (AMD) Cc: Link: https://lore.kernel.org/r/20240923164404.27227-1-john.allen@amd.com commit 9e4c6c1ad9a195f28ec3d3d5054e25f6bdde87bd Merge: e643edac700637 f7c9134385331c Author: Linus Torvalds Date: Fri Oct 11 12:00:21 2024 -0700 Merge tag 'io_uring-6.12-20241011' of git://git.kernel.dk/linux Pull io_uring fixes from Jens Axboe: - Explicitly have a mshot_finished condition for IORING_OP_RECV in multishot mode, similarly to what IORING_OP_RECVMSG has. This doesn't fix a bug right now, but it makes it harder to actually have a bug here if a request takes multiple iterations to finish. - Fix handling of retry of read/write of !FMODE_NOWAIT files. If they are pollable, that's all we need. * tag 'io_uring-6.12-20241011' of git://git.kernel.dk/linux: io_uring/rw: allow pollable non-blocking attempts for !FMODE_NOWAIT io_uring/rw: fix cflags posting for single issue multishot read commit e643edac700637dbfb13d8cafd5754898486e666 Merge: f8fafb690b7c2d 3fb0eea8a1c4be Author: Linus Torvalds Date: Fri Oct 11 11:41:20 2024 -0700 Merge tag 'pm-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull power management fixes from Rafael Wysocki: "These address two issues in the TPMI module of the Intel RAPL power capping driver and one issue in the processor part of the Intel int340x thermal driver, update a CPU ID list and register definitions needed for RAPL PL4 support and remove some unused code. Specifics: - Fix the TPMI_RAPL_REG_DOMAIN_INFO register offset in the TPMI part of the Intel RAPL power capping driver, make it ignore minor hardware version mismatches (which only indicate exposing additional features) and update register definitions in it to enable PL4 support (Zhang Rui) - Add Arrow Lake-U to the list of processors supporting PL4 in the MSR part of the Intel RAPL power capping driver (Sumeet Pawnikar) - Remove excess pci_disable_device() calls from the processor part of the int340x thermal driver to address a warning triggered during module unload and remove unused CPU hotplug code related to RAPL support from it (Zhang Rui)" * tag 'pm-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: thermal: intel: int340x: processor: Add MMIO RAPL PL4 support thermal: intel: int340x: processor: Remove MMIO RAPL CPU hotplug support powercap: intel_rapl_msr: Add PL4 support for Arrowlake-U powercap: intel_rapl_tpmi: Ignore minor version change thermal: intel: int340x: processor: Fix warning during module unload powercap: intel_rapl_tpmi: Fix bogus register reading commit f8fafb690b7c2dfd6e388248a817fd7d1fd2420f Merge: 325354cf00c703 827a07525c099f Author: Linus Torvalds Date: Fri Oct 11 11:35:30 2024 -0700 Merge tag 'thermal-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull thermal control fixes from Rafael Wysocki: "Address possible use-after-free scenarios during the processing of thermal netlink commands and during thermal zone removal (Rafael Wysocki)" * tag 'thermal-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: thermal: core: Free tzp copy along with the thermal zone thermal: core: Reference count the zone in thermal_zone_get_by_id() commit 940efc9fc80a29c6d9320bc79e8d2e93e0dabfcc Merge: 8cf0b93919e13d c10e50a469b5ec Author: Rafael J. Wysocki Date: Fri Oct 11 20:32:58 2024 +0200 Merge tag 'amd-pstate-v6.12-2024-10-10' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/superm1/linux Merge an amd-pstate fix for 6.12 from Mario Limonciello: "Fix an issue with changing amd-pstate modes at runtime on shared memory systems." * tag 'amd-pstate-v6.12-2024-10-10' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/superm1/linux: cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems commit 325354cf00c7031c32618feaadc0f22eadee790c Merge: 22e6abaa7263b3 1af7e441feb08c Author: Linus Torvalds Date: Fri Oct 11 11:32:10 2024 -0700 Merge tag 'acpi-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull ACPI fixes from Rafael Wysocki: "Reduce the number of ACPI IRQ override DMI quirks by combining quirks that cover similar systems while making them cover additional models at the same time (Hans de Goede)" * tag 'acpi-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: ACPI: resource: Fold Asus Vivobook Pro N6506M* DMI quirks together ACPI: resource: Fold Asus ExpertBook B1402C* and B1502C* DMI quirks together ACPI: resource: Make Asus ExpertBook B2502 matches cover more models ACPI: resource: Make Asus ExpertBook B2402 matches cover more models commit 22e6abaa7263b3cbfce3c1d1f80307571ec66f7a Merge: 7351a8793d8dc7 7738568885f2ea Author: Linus Torvalds Date: Fri Oct 11 11:26:15 2024 -0700 Merge tag 'pmdomain-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm Pull pmdomain fixes from Ulf Hansson: "pmdomain core: - Fix alloc/free in dev_pm_domain_attach|detach_list() pmdomain providers: - qcom: Fix the return of uninitialized variable pmdomain consumers: - drm/tegra/gr3d: Revert conversion to dev_pm_domain_attach|detach_list() OPP core: - Fix error code in dev_pm_opp_set_config()" * tag 'pmdomain-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm: PM: domains: Fix alloc/free in dev_pm_domain_attach|detach_list() Revert "drm/tegra: gr3d: Convert into dev_pm_domain_attach|detach_list()" pmdomain: qcom-cpr: Fix the return of uninitialized variable OPP: fix error code in dev_pm_opp_set_config() commit 7351a8793d8dc7e3aca09f2d9ec624ce46c42a0f Merge: 3700dc91b39aa9 27e8fe0da3b755 Author: Linus Torvalds Date: Fri Oct 11 11:23:21 2024 -0700 Merge tag 'mmc-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc Pull MMC fixes from Ulf Hansson: "MMC core: - Prevent splat from warning when setting maximum DMA segment MMC host: - mvsdio: Drop sg_miter support for PIO as it didn't work - sdhci-of-dwcmshc: Prevent stale interrupt for the T-Head 1520 variant" * tag 'mmc-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc: mmc: sdhci-of-dwcmshc: Prevent stale command interrupt handling Revert "mmc: mvsdio: Use sg_miter for PIO" mmc: core: Only set maximum DMA segment size if DMA is supported commit 3700dc91b39aa9675047f7aae232b9d4a1b70e20 Merge: befcc893623832 0df4b9d9148892 Author: Linus Torvalds Date: Fri Oct 11 11:18:31 2024 -0700 Merge tag 'ata-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/libata/linux Pull ata fixes from Niklas Cassel: - Fix a hibernate regression where the disk was needlessly spun down and then immediately spun up both when entering and when resuming from hibernation (me) - Update the MAINTAINERS file to remove remnants from Jens maintainership of libata (Damien) * tag 'ata-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/libata/linux: ata: libata: Update MAINTAINERS file ata: libata: avoid superfluous disk spin down + spin up during hibernation commit befcc89362383208f62b15887592758165459e3d Merge: 1d227fcc72223c ac44ff7cec33d5 Author: Linus Torvalds Date: Fri Oct 11 11:13:05 2024 -0700 Merge tag 'drm-fixes-2024-10-11' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes from Dave Airlie: "Weekly fixes haul for drm, lots of small fixes all over, amdgpu, xe lead the way, some minor nouveau and radeon fixes, and then a bunch of misc all over. Nothing too scary or out of the unusual. sched: - Avoid leaking lockdep map fbdev-dma: - Only clean up deferred I/O if instanciated amdgpu: - Fix invalid UBSAN warnings - Fix artifacts in MPO transitions - Hibernation fix amdkfd: - Fix an eviction fence leak radeon: - Add late register for connectors - Always set GEM function pointers i915: - HDCP refcount fix nouveau: - dmem: Fix privileged error in copy engine channel; Fix possible data leak in migrate_to_ram() - gsp: Fix coding style v3d: - Stop active perfmon before destroying it vc4: - Stop active perfmon before destroying it xe: - Drop GuC submit_wq pool - Fix error checking with xa_store() - Fix missing freq restore on GSC load error - Fix wedged_mode file permission - Fix use-after-free in ct communication" * tag 'drm-fixes-2024-10-11' of https://gitlab.freedesktop.org/drm/kernel: drm/fbdev-dma: Only cleanup deferred I/O if necessary drm/xe: Make wedged_mode debugfs writable drm/xe: Restore GT freq on GSC load error drm/xe/guc_submit: fix xa_store() error checking drm/xe/ct: fix xa_store() error checking drm/xe/ct: prevent UAF in send_recv() drm/radeon: always set GEM function pointer nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error nouveau/dmem: Fix privileged error in copy engine channel drm/amd/display: fix hibernate entry for DCN35+ drm/amd/display: Clear update flags after update has been applied drm/amdgpu: partially revert powerplay `__counted_by` changes drm/radeon: add late_register for connector drm/amdkfd: Fix an eviction fence leak drm/vc4: Stop the active perfmon before being destroyed drm/v3d: Stop the active perfmon before being destroyed drm/i915/hdcp: fix connector refcounting drm/nouveau/gsp: remove extraneous ; after mutex drm/xe: Drop GuC submit_wq pool drm/sched: Use drm sched lockdep map for submit_wq commit 2ab5e243c2266c841e0f6904fad1514b18eaf510 Author: Roi Martin Date: Thu Oct 10 21:47:17 2024 +0200 btrfs: fix uninitialized pointer free on read_alloc_one_name() error The function read_alloc_one_name() does not initialize the name field of the passed fscrypt_str struct if kmalloc fails to allocate the corresponding buffer. Thus, it is not guaranteed that fscrypt_str.name is initialized when freeing it. This is a follow-up to the linked patch that fixes the remaining instances of the bug introduced by commit e43eec81c516 ("btrfs: use struct qstr instead of name and namelen pairs"). Link: https://lore.kernel.org/linux-btrfs/20241009080833.1355894-1-jroi.martin@gmail.com/ Fixes: e43eec81c516 ("btrfs: use struct qstr instead of name and namelen pairs") CC: stable@vger.kernel.org # 6.1+ Reviewed-by: Anand Jain Signed-off-by: Roi Martin Signed-off-by: David Sterba commit a0af4936e4a89e0006c73d5f9e969a613c99a655 Author: Christian Heusel Date: Thu Oct 10 15:25:25 2024 +0200 btrfs: send: cleanup unneeded return variable in changed_verity() As all changed_* functions need to return something, just return 0 directly here, as the verity status is passed via the context. Reported by LKP: fs/btrfs/send.c:6877:5-8: Unneeded variable: "ret". Return "0" on line 6883 Reported-by: kernel test robot Link: https://lore.kernel.org/oe-kbuild-all/202410092305.WbyqspH8-lkp@intel.com/ Signed-off-by: Christian Heusel Reviewed-by: David Sterba Signed-off-by: David Sterba commit 66691c6e2f18d2aa4b22ffb624b9bdc97e9979e4 Author: Roi Martin Date: Wed Oct 9 10:08:33 2024 +0200 btrfs: fix uninitialized pointer free in add_inode_ref() The add_inode_ref() function does not initialize the "name" struct when it is declared. If any of the following calls to "read_one_inode() returns NULL, dir = read_one_inode(root, parent_objectid); if (!dir) { ret = -ENOENT; goto out; } inode = read_one_inode(root, inode_objectid); if (!inode) { ret = -EIO; goto out; } then "name.name" would be freed on "out" before being initialized. out: ... kfree(name.name); This issue was reported by Coverity with CID 1526744. Fixes: e43eec81c516 ("btrfs: use struct qstr instead of name and namelen pairs") CC: stable@vger.kernel.org # 6.6+ Reviewed-by: Filipe Manana Signed-off-by: Roi Martin Reviewed-by: David Sterba Signed-off-by: David Sterba commit ee7ff15bf507d4cf9a2b11b00690dfe6046ad325 Author: Breno Leitao Date: Fri Oct 11 08:56:15 2024 -0700 elevator: Remove argument from elevator_find_get Commit e4eb37cc0f3ed ("block: Remove elevator required features") removed the usage of `struct request_queue` from elevator_find_get(), but didn't removed the argument. Remove the "struct request_queue *q" argument from elevator_find_get() given it is useless. Fixes: e4eb37cc0f3e ("block: Remove elevator required features") Signed-off-by: Breno Leitao Link: https://lore.kernel.org/r/20241011155615.3361143-1-leitao@debian.org Signed-off-by: Jens Axboe commit b4ff6e93bfd0093ce3ffc7322e89fbaa8300488f Author: Breno Leitao Date: Fri Oct 11 10:01:21 2024 -0700 elevator: do not request_module if elevator exists Whenever an I/O elevator is changed, the system attempts to load a module for the new elevator. This occurs regardless of whether the elevator is already loaded or built directly into the kernel. This behavior introduces unnecessary overhead and potential issues. This makes the operation slower, and more error-prone. For instance, making the problem fixed by [1] visible for users that doesn't even rely on modules being available through modules. Do not try to load the ioscheduler if it is already visible. This change brings two main benefits: it improves the performance of elevator changes, and it reduces the likelihood of errors occurring during this process. [1] Commit e3accac1a976 ("block: Fix elv_iosched_local_module handling of "none" scheduler") Fixes: 734e1a860312 ("block: Prevent deadlocks when switching elevators") Signed-off-by: Breno Leitao Link: https://lore.kernel.org/r/20241011170122.3880087-1-leitao@debian.org Signed-off-by: Jens Axboe commit 4d784c042d164f10fc809e2338457036cd7c653d Author: Bart Van Assche Date: Wed Oct 9 14:00:48 2024 -0700 RDMA/srpt: Make slab cache names unique Since commit 4c39529663b9 ("slab: Warn on duplicate cache names when DEBUG_VM=y"), slab complains about duplicate cache names. Hence this patch. The approach is as follows: - Maintain an xarray with the slab size as index and a reference count and a kmem_cache pointer as contents. Use srpt-${slab_size} as kmem cache name. - Use 512-byte alignment for all slabs instead of only for some of the slabs. - Increment the reference count instead of calling kmem_cache_create(). - Decrement the reference count instead of calling kmem_cache_destroy(). Fixes: 5dabcd0456d7 ("RDMA/srpt: Add support for immediate data") Link: https://patch.msgid.link/r/20241009210048.4122518-1-bvanassche@acm.org Reported-by: Shinichiro Kawasaki Closes: https://lore.kernel.org/linux-block/xpe6bea7rakpyoyfvspvin2dsozjmjtjktpph7rep3h25tv7fb@ooz4cu5z6bq6/ Suggested-by: Jason Gunthorpe Signed-off-by: Bart Van Assche Tested-by: Shin'ichiro Kawasaki Signed-off-by: Jason Gunthorpe commit 8cddfa535c931b8d8110c73bfed7354a94cbf891 Author: Alexander Zubkov Date: Tue Oct 8 18:19:13 2024 +0200 RDMA/irdma: Fix misspelling of "accept*" There is "accept*" misspelled as "accpet*" in the comments. Fix the spelling. Fixes: 146b9756f14c ("RDMA/irdma: Add connection manager") Link: https://patch.msgid.link/r/20241008161913.19965-1-green@qrator.net Signed-off-by: Alexander Zubkov Signed-off-by: Jason Gunthorpe commit c659b405b82ead335bee6eb33f9691bf718e21e8 Author: Anumula Murali Mohan Reddy Date: Mon Oct 7 18:53:11 2024 +0530 RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP ip_dev_find() always returns real net_device address, whether traffic is running on a vlan or real device, if traffic is over vlan, filling endpoint struture with real ndev and an attempt to send a connect request will results in RDMA_CM_EVENT_UNREACHABLE error. This patch fixes the issue by using vlan_dev_real_dev(). Fixes: 830662f6f032 ("RDMA/cxgb4: Add support for active and passive open connection with IPv6 address") Link: https://patch.msgid.link/r/20241007132311.70593-1-anumula@chelsio.com Signed-off-by: Anumula Murali Mohan Reddy Signed-off-by: Potnuri Bharat Teja Signed-off-by: Jason Gunthorpe commit 4e1e3dd88a4cedd5ccc1a3fc3d71e03b70a7a791 Author: Showrya M N Date: Mon Oct 7 18:28:36 2024 +0530 RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES While running ISER over SIW, the initiator machine encounters a warning from skb_splice_from_iter() indicating that a slab page is being used in send_page. To address this, it is better to add a sendpage_ok() check within the driver itself, and if it returns 0, then MSG_SPLICE_PAGES flag should be disabled before entering the network stack. A similar issue has been discussed for NVMe in this thread: https://lore.kernel.org/all/20240530142417.146696-1-ofir.gal@volumez.com/ WARNING: CPU: 0 PID: 5342 at net/core/skbuff.c:7140 skb_splice_from_iter+0x173/0x320 Call Trace: tcp_sendmsg_locked+0x368/0xe40 siw_tx_hdt+0x695/0xa40 [siw] siw_qp_sq_process+0x102/0xb00 [siw] siw_sq_resume+0x39/0x110 [siw] siw_run_sq+0x74/0x160 [siw] kthread+0xd2/0x100 ret_from_fork+0x34/0x40 ret_from_fork_asm+0x1a/0x30 Link: https://patch.msgid.link/r/20241007125835.89942-1-showrya@chelsio.com Signed-off-by: Showrya M N Signed-off-by: Potnuri Bharat Teja Signed-off-by: Jason Gunthorpe commit 97420be7bda57030110c7032ad190d320f2e0157 Author: Filipe Manana Date: Tue Sep 24 15:58:31 2024 +0100 btrfs: use sector numbers as keys for the dirty extents xarray We are using the logical address ("bytenr") of an extent as the key for qgroup records in the dirty extents xarray. This is a problem because the xarrays use "unsigned long" for keys/indices, meaning that on a 32 bits platform any extent starting at or beyond 4G is truncated, which is a too low limitation as virtually everyone is using storage with more than 4G of space. This means a "bytenr" of 4G gets truncated to 0, and so does 8G and 16G for example, resulting in incorrect qgroup accounting. Fix this by using sector numbers as keys instead, that is, using keys that match the logical address right shifted by fs_info->sectorsize_bits, which is what we do for the fs_info->buffer_radix that tracks extent buffers (radix trees also use an "unsigned long" type for keys). This also makes the index space more dense which helps optimize the xarray (as mentioned at Documentation/core-api/xarray.rst). Fixes: 3cce39a8ca4e ("btrfs: qgroup: use xarray to track dirty extents in transaction") Reviewed-by: Qu Wenruo Signed-off-by: Filipe Manana Reviewed-by: David Sterba Signed-off-by: David Sterba commit a77e0e02af1c2db5fc040511aa78a58a52e116ab Author: Namjae Jeon Date: Wed Oct 9 10:39:16 2024 +0900 ksmbd: add support for supplementary groups Even though system user has a supplementary group, It gets NT_STATUS_ACCESS_DENIED when attempting to create file or directory. This patch add KSMBD_EVENT_LOGIN_REQUEST_EXT/RESPONSE_EXT netlink events to get supplementary groups list. The new netlink event doesn't break backward compatibility when using old ksmbd-tools. Co-developed-by: Atte Heikkilä Signed-off-by: Atte Heikkilä Signed-off-by: Namjae Jeon Signed-off-by: Steve French commit db8f0b8088865150e4c9a8b8ffc9abdfd58bc4f7 Author: Florian Fainelli Date: Mon Oct 7 16:54:13 2024 -0700 firmware: arm_scmi: Give SMC transport precedence over mailbox Broadcom STB platforms have for historical reasons included both "arm,scmi-smc" and "arm,scmi" in their SCMI Device Tree node compatible string, in that order. After the commit b53515fa177c ("firmware: arm_scmi: Make MBOX transport a standalone driver") and with a kernel configuration that enables both the SMC and the mailbox transports, we would probe the mailbox transport, but fail to complete since we would not have a mailbox driver available. With each SCMI transport being a platform driver with its own set of compatible strings to match, rather than an unique platform driver entry point, we no longer match from most specific to least specific. There is also no simple way for the mailbox driver to return -ENODEV and let another platform driver attempt probing. This leads to a platform with no SCMI provider, therefore all drivers depending upon SCMI resources are put on deferred probe forever. By keeping the SMC transport objects linked first, we can let the platform driver match the compatible string and probe successfully with no adverse effects on platforms using the mailbox transport. This is just the workaround to the issue observed which doesn't have any impact on the other platforms. Fixes: b53515fa177c ("firmware: arm_scmi: Make MBOX transport a standalone driver") Signed-off-by: Florian Fainelli Message-Id: <20241007235413.507860-1-florian.fainelli@broadcom.com> Reviewed-by: Cristian Marussi Signed-off-by: Sudeep Holla commit 39b13dce1a91cdfc3bec9238f9e89094551bd428 Author: Su Hui Date: Fri Oct 11 18:40:02 2024 +0800 firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() Clang static checker(scan-build) throws below warning: | drivers/firmware/arm_scmi/driver.c:line 2915, column 2 | Attempt to free released memory. When devm_add_action_or_reset() fails, scmi_debugfs_common_cleanup() will run twice which causes double free of 'dbg->name'. Remove the redundant scmi_debugfs_common_cleanup() to fix this problem. Fixes: c3d4aed763ce ("firmware: arm_scmi: Populate a common SCMI debugfs root") Signed-off-by: Su Hui Reviewed-by: Cristian Marussi Message-Id: <20241011104001.1546476-1-suhui@nfschina.com> Signed-off-by: Sudeep Holla commit 332fade75d0ecd88cd19556fce0f9cc8322de434 Author: Jaegeuk Kim Date: Wed Oct 9 19:40:07 2024 +0000 f2fs: allow parallel DIO reads This fixes a regression which prevents parallel DIO reads. Fixes: 0cac51185e65 ("f2fs: fix to avoid racing in between read and OPU dio write") Reviewed-by: Daeho Jeong Signed-off-by: Jaegeuk Kim commit 1e3fc2000035ffea0b1b7ec2423706715ab2e7f6 Author: Dr. David Alan Gilbert Date: Thu Oct 10 21:44:26 2024 +0100 drbd: Remove unused conn_lowest_minor conn_lowest_minor() last use was removed by 2011 commit 69a227731a37 ("drbd: Pass a peer device to a number of fuctions") Remove it. Signed-off-by: Dr. David Alan Gilbert Link: https://lore.kernel.org/r/20241010204426.277535-1-linux@treblig.org Reviewed-by: Christoph Hellwig Signed-off-by: Jens Axboe commit df5fd75ee305cb5927e0b1a0b46cc988ad8db2b1 Author: Marc Zyngier Date: Wed Oct 9 19:36:03 2024 +0100 KVM: arm64: Don't eagerly teardown the vgic on init error As there is very little ordering in the KVM API, userspace can instanciate a half-baked GIC (missing its memory map, for example) at almost any time. This means that, with the right timing, a thread running vcpu-0 can enter the kernel without a GIC configured and get a GIC created behind its back by another thread. Amusingly, it will pick up that GIC and start messing with the data structures without the GIC having been fully initialised. Similarly, a thread running vcpu-1 can enter the kernel, and try to init the GIC that was previously created. Since this GIC isn't properly configured (no memory map), it fails to correctly initialise. And that's the point where we decide to teardown the GIC, freeing all its resources. Behind vcpu-0's back. Things stop pretty abruptly, with a variety of symptoms. Clearly, this isn't good, we should be a bit more careful about this. It is obvious that this guest is not viable, as it is missing some important part of its configuration. So instead of trying to tear bits of it down, let's just mark it as *dead*. It means that any further interaction from userspace will result in -EIO. The memory will be released on the "normal" path, when userspace gives up. Cc: stable@vger.kernel.org Reported-by: Alexander Potapenko Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20241009183603.3221824-1-maz@kernel.org Signed-off-by: Marc Zyngier commit e9e1b20fae7de06ba36dd3f8dba858157bad233d Author: Mika Westerberg Date: Wed Sep 25 12:59:20 2024 +0300 thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan() KASAN reported following issue: BUG: KASAN: stack-out-of-bounds in tb_retimer_scan+0xffe/0x1550 [thunderbolt] Read of size 4 at addr ffff88810111fc1c by task kworker/u56:0/11 CPU: 0 UID: 0 PID: 11 Comm: kworker/u56:0 Tainted: G U 6.11.0+ #1387 Tainted: [U]=USER Workqueue: thunderbolt0 tb_handle_hotplug [thunderbolt] Call Trace: dump_stack_lvl+0x6c/0x90 print_report+0xd1/0x630 kasan_report+0xdb/0x110 __asan_report_load4_noabort+0x14/0x20 tb_retimer_scan+0xffe/0x1550 [thunderbolt] tb_scan_port+0xa6f/0x2060 [thunderbolt] tb_handle_hotplug+0x17b1/0x3080 [thunderbolt] process_one_work+0x626/0x1100 worker_thread+0x6c8/0xfa0 kthread+0x2c8/0x3a0 ret_from_fork+0x3a/0x80 ret_from_fork_asm+0x1a/0x30 This happens because the loop variable still gets incremented by one so max becomes 3 instead of 2, and this makes the second loop read past the the array declared on the stack. Fix this by assigning to max directly in the loop body. Fixes: ff6ab055e070 ("thunderbolt: Add receiver lane margining support for retimers") CC: stable@vger.kernel.org Signed-off-by: Mika Westerberg commit 54c805c1eb264c839fa3027d0073bb7f323b0722 Author: Shengjiu Wang Date: Fri Oct 11 12:53:53 2024 +0800 ASoC: fsl_esai: change dev_warn to dev_dbg in irq handler Irq handler need to be executed as fast as possible, so the log in irq handler is better to use dev_dbg which needs to be enabled when debugging. Signed-off-by: Shengjiu Wang Reviewed-by: Iuliana Prodan Link: https://patch.msgid.link/1728622433-2873-1-git-send-email-shengjiu.wang@nxp.com Signed-off-by: Mark Brown commit 9b064d200aa8fee9d1d7ced05d8a617e45966715 Author: Lad Prabhakar Date: Thu Oct 10 15:14:32 2024 +0100 ASoC: rsnd: Fix probe failure on HiHope boards due to endpoint parsing On the HiHope boards, we have a single port with a single endpoint defined as below: .... rsnd_port: port { rsnd_endpoint: endpoint { remote-endpoint = <&dw_hdmi0_snd_in>; dai-format = "i2s"; bitclock-master = <&rsnd_endpoint>; frame-master = <&rsnd_endpoint>; playback = <&ssi2>; }; }; .... With commit 547b02f74e4a ("ASoC: rsnd: enable multi Component support for Audio Graph Card/Card2"), support for multiple ports was added. This caused probe failures on HiHope boards, as the endpoint could not be retrieved due to incorrect device node pointers being used. This patch fixes the issue by updating the `rsnd_dai_of_node()` and `rsnd_dai_probe()` functions to use the correct device node pointers based on the port names ('port' or 'ports'). It ensures that the endpoint is properly parsed for both single and multi-port configurations, restoring compatibility with HiHope boards. Fixes: 547b02f74e4a ("ASoC: rsnd: enable multi Component support for Audio Graph Card/Card2") Signed-off-by: Lad Prabhakar Acked-by: Kuninori Morimoto Link: https://patch.msgid.link/20241010141432.716868-1-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Mark Brown commit ca2803fadfd239abf155ef4a563b22a9507ee4b2 Author: Colin Ian King Date: Thu Oct 10 19:20:32 2024 +0100 ASoC: max98388: Fix missing increment of variable slot_found The variable slot_found is being initialized to zero and inside a for-loop is being checked if it's reached MAX_NUM_CH, however, this is currently impossible since slot_found is never changed. In a previous loop a similar coding pattern is used and slot_found is being incremented. It appears the increment of slot_found is missing from the loop, so fix the code by adding in the increment. Fixes: 6a8e1d46f062 ("ASoC: max98388: add amplifier driver") Signed-off-by: Colin Ian King Link: https://patch.msgid.link/20241010182032.776280-1-colin.i.king@gmail.com Signed-off-by: Mark Brown commit 0fb823f1cf3417e06846d1ffe2c97e10a65a847e Author: Darrick J. Wong Date: Mon Oct 7 21:07:08 2024 -0700 xfs: fix integer overflow in xrep_bmap The variable declaration in this function predates the merge of the nrext64 (aka 64-bit extent counters) feature, which means that the variable declaration type is insufficient to avoid an integer overflow. Fix that by redeclaring the variable to be xfs_extnum_t. Coverity-id: 1630958 Fixes: 8f71bede8efd ("xfs: repair inode fork block mapping data structures") Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig Signed-off-by: Carlos Maiolino commit b72cd67a0300f3a38e1121a91849b556fc31fad2 Merge: dec17c8b365ede dc7785e4723510 Author: Arnd Bergmann Date: Fri Oct 11 10:03:29 2024 +0000 Merge tag 'arm-soc/for-6.12/devicetree-fixes' of https://github.com/Broadcom/stblinux into arm/fixes This pull request contains Broadcom ARM-based SoCs Device Tree fixes for 6.12, please pull the following: - Florian fixed the HDMI gpio pin which is connected to GPIO pin 0, not 1 * tag 'arm-soc/for-6.12/devicetree-fixes' of https://github.com/Broadcom/stblinux: ARM: dts: bcm2837-rpi-cm3-io3: Fix HDMI hpd-gpio pin Link: https://lore.kernel.org/r/20241008220440.23182-1-florian.fainelli@broadcom.com Signed-off-by: Arnd Bergmann commit dec17c8b365ede2a6f9589f4f718af77c3ebfcfd Merge: 29ce0bca6d5fc0 1117b916f541fc Author: Arnd Bergmann Date: Fri Oct 11 10:03:13 2024 +0000 Merge tag 'soc_fsl-6.12-3' of https://github.com/chleroy/linux into arm/fixes FSL SOC fixes for v6.12: - Fix a "cast to pointer from integer of different size" build error due to IS_ERROR_VALUE() used with something which is not a pointer. - Fix an unused data build warning. * tag 'soc_fsl-6.12-3' of https://github.com/chleroy/linux: soc: fsl: cpm1: qmc: Fix unused data compilation warning soc: fsl: cpm1: qmc: Do not use IS_ERR_VALUE() on error pointers Link: https://lore.kernel.org/r/c954bdb0-0c16-491a-8662-37e58f07208f@csgroup.eu Signed-off-by: Arnd Bergmann commit 29ce0bca6d5fc0f14a0b7a2c6551128fc27cb8db Author: Krzysztof Kozlowski Date: Wed Sep 25 11:56:35 2024 +0200 Documentation/process: maintainer-soc: clarify submitting patches Patches for SoCs are expected to be picked up by SoC submaintainers. The main SoC maintainers should be addressed only in few cases. Rewrite the section about maintainer handling to document above expectation. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Linus Walleij Reviewed-by: Kevin Hilman Reviewed-by: Bagas Sanjaya Cc: Linus Walleij Cc: Alexandre Belloni Cc: Will Deacon Cc: Kevin Hilman Cc: Palmer Dabbelt Cc: Geert Uytterhoeven Cc: Conor Dooley Cc: Heiko Stübner Link: https://lore.kernel.org/r/20240925095635.30452-1-krzysztof.kozlowski@linaro.org Signed-off-by: Arnd Bergmann commit 26d77ce57479f4aa960f0e446e3f27be725b2d70 Author: Alexander Sverdlin Date: Sat Sep 21 01:21:55 2024 +0200 dmaengine: cirrus: check that output may be truncated ep93xx_dma.c: In function 'ep93xx_dma_of_probe': ep93xx_dma.c:1409:74: warning: '%u' directive output may be truncated writing between 1 and 8 bytes into a region of size 2 [-Wformat-truncation=] snprintf(dma_clk_name, sizeof(dma_clk_name), "m2p%u", i); ^~ Fixes: d7333f9d3377 ("dmaengine: cirrus: use snprintf() to calm down gcc 13.3.0") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409172024.pU8U5beA-lkp@intel.com/ Signed-off-by: Alexander Sverdlin Link: https://lore.kernel.org/r/2bf9c37aad8f085839f9c63104f7275742f51945.camel@gmail.com Signed-off-by: Arnd Bergmann commit 5b484feb7a26615f09b398e3ac5cefd5c85e9b37 Author: Alexander Sverdlin Date: Sat Sep 21 00:39:49 2024 +0200 dmaengine: cirrus: ERR_CAST() ioremap error ep93xx_dma.c:1354:37: sparse: sparse: incorrect type in return expression (different address spaces) ep93xx_dma.c:1354:37: sparse: expected struct ep93xx_dma_engine * ep93xx_dma.c:1354:37: sparse: got void [noderef] __iomem *regs Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409202250.fPlN2Erd-lkp@intel.com/ Fixes: 4e8ad5ed845b ("dmaengine: cirrus: Convert to DT for Cirrus EP93xx") Signed-off-by: Alexander Sverdlin Link: https://lore.kernel.org/r/d4b542f1d678796fbf094ebcc77295af3617bca0.camel@gmail.com Signed-off-by: Arnd Bergmann commit 32af1c8af40c6b5abfb0e6d362ec9cc801e2bcbc Author: Konstantin Ryabitsev Date: Fri Sep 20 07:03:27 2024 -0400 MAINTAINERS: use the canonical soc mailing list address and mark it as L: The soc@kernel.org address started out as a mail alias, but at some point became a mailing list. Use the canonical name of the list and properly mark it as L: instead of M:. Signed-off-by: Konstantin Ryabitsev Signed-off-by: Arnd Bergmann commit fd5f14c126a65f27ada3f192b982c6797cc302c7 Author: Zhu Jun Date: Wed Oct 9 02:23:05 2024 -0700 ALSA: scarlett2: Add error check after retrieving PEQ filter values Add error check after retrieving PEQ filter values in scarlett2_update_filter_values that ensure function returns error if PEQ filter value retrieval fails. Fixes: b64678eb4e70 ("ALSA: scarlett2: Add DSP controls") Signed-off-by: Zhu Jun Cc: Link: https://patch.msgid.link/20241009092305.8570-1-zhujun2@cmss.chinamobile.com Signed-off-by: Takashi Iwai commit c9bd4a82b4ed32c6d1c90500a52063e6e341517f Author: Murad Masimov Date: Fri Oct 11 01:16:45 2024 +0300 ALSA: hda/cs8409: Fix possible NULL dereference If snd_hda_gen_add_kctl fails to allocate memory and returns NULL, then NULL pointer dereference will occur in the next line. Since dolphin_fixups function is a hda_fixup function which is not supposed to return any errors, add simple check before dereference, ignore the fail. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 20e507724113 ("ALSA: hda/cs8409: Add support for dolphin") Signed-off-by: Murad Masimov Link: https://patch.msgid.link/20241010221649.1305-1-m.masimov@maxima.ru Signed-off-by: Takashi Iwai commit 2934b12281abf4eb5f915086fd5699de5c497ccd Author: Jason Gerecke Date: Wed Oct 9 09:41:21 2024 -0700 HID: wacom: Hardcode (non-inverted) AES pens as BTN_TOOL_PEN Unlike EMR tools which encode type information in their tool ID, tools for AES sensors are all "generic pens". It is inappropriate to make use of the wacom_intuos_get_tool_type function when dealing with these kinds of devices. Instead, we should only ever report BTN_TOOL_PEN or BTN_TOOL_RUBBER, as depending on the state of the Eraser and Invert bits. Reported-by: Daniel Jutz Closes: https://lore.kernel.org/linux-input/3cd82004-c5b8-4f2a-9a3b-d88d855c65e4@heusel.eu/ Bisected-by: Christian Heusel Fixes: 9c2913b962da ("HID: wacom: more appropriate tool type categorization") Link: https://gitlab.freedesktop.org/libinput/libinput/-/issues/1041 Link: https://github.com/linuxwacom/input-wacom/issues/440 Signed-off-by: Jason Gerecke Cc: stable@vger.kernel.org Acked-by: Benjamin Tissoires Signed-off-by: Jiri Kosina commit f5aaff7bfa11fb0b2ee6b8fd7bbc16cfceea2ad3 Author: Peter Zijlstra Date: Thu Oct 10 08:28:36 2024 +0000 sched/core: Dequeue PSI signals for blocked tasks that are delayed psi_dequeue() in for blocked task expects psi_sched_switch() to clear the TSK_.*RUNNING PSI flags and set the TSK_IOWAIT flags however psi_sched_switch() uses "!task_on_rq_queued(prev)" to detect if the task is blocked or still runnable which is no longer true with DELAY_DEQUEUE since a blocking task can be left queued on the runqueue. This can lead to PSI splats similar to: psi: inconsistent task state! task=... cpu=... psi_flags=4 clear=0 set=4 when the task is requeued since the TSK_RUNNING flag was not cleared when the task was blocked. Explicitly communicate that the task was blocked to psi_sched_switch() even if it was delayed and is still on the runqueue. [ prateek: Broke off the relevant part from [1], commit message ] Fixes: 152e11f6df29 ("sched/fair: Implement delayed dequeue") Closes: https://lore.kernel.org/lkml/20240830123458.3557-1-spasswolf@web.de/ Closes: https://lore.kernel.org/all/cd67fbcd-d659-4822-bb90-7e8fbb40a856@molgen.mpg.de/ Signed-off-by: Peter Zijlstra (Intel) Not-yet-signed-off-by: Peter Zijlstra Signed-off-by: K Prateek Nayak Signed-off-by: Peter Zijlstra (Intel) Tested-by: Johannes Weiner Link: https://lore.kernel.org/lkml/20241004123506.GR18071@noisy.programming.kicks-ass.net/ [1] commit 98442f0ccd828ac42e89281a815e9e7a97533822 Author: Peter Zijlstra Date: Thu Oct 10 11:54:38 2024 +0200 sched: Fix delayed_dequeue vs switched_from_fair() Commit 2e0199df252a ("sched/fair: Prepare exit/cleanup paths for delayed_dequeue") and its follow up fixes try to deal with a rather unfortunate situation where is task is enqueued in a new class, even though it shouldn't have been. Mostly because the existing ->switched_to/from() hooks are in the wrong place for this case. This all led to Paul being able to trigger failures at something like once per 10k CPU hours of RCU torture. For now, do the ugly thing and move the code to the right place by ignoring the switch hooks. Note: Clean up the whole sched_class::switch*_{to,from}() thing. Fixes: 2e0199df252a ("sched/fair: Prepare exit/cleanup paths for delayed_dequeue") Reported-by: Paul E. McKenney Signed-off-by: Peter Zijlstra (Intel) Link: https://lkml.kernel.org/r/20241003185037.GA5594@noisy.programming.kicks-ass.net commit 73ab05aa46b02d96509cb029a8d04fca7bbde8c7 Author: Waiman Long Date: Wed Oct 9 21:44:32 2024 -0400 sched/core: Disable page allocation in task_tick_mm_cid() With KASAN and PREEMPT_RT enabled, calling task_work_add() in task_tick_mm_cid() may cause the following splat. [ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe [ 63.696416] preempt_count: 10001, expected: 0 [ 63.696416] RCU nest depth: 1, expected: 1 This problem is caused by the following call trace. sched_tick() [ acquire rq->__lock ] -> task_tick_mm_cid() -> task_work_add() -> __kasan_record_aux_stack() -> kasan_save_stack() -> stack_depot_save_flags() -> alloc_pages_mpol_noprof() -> __alloc_pages_noprof() -> get_page_from_freelist() -> rmqueue() -> rmqueue_pcplist() -> __rmqueue_pcplist() -> rmqueue_bulk() -> rt_spin_lock() The rq lock is a raw_spinlock_t. We can't sleep while holding it. IOW, we can't call alloc_pages() in stack_depot_save_flags(). The task_tick_mm_cid() function with its task_work_add() call was introduced by commit 223baf9d17f2 ("sched: Fix performance regression introduced by mm_cid") in v6.4 kernel. Fortunately, there is a kasan_record_aux_stack_noalloc() variant that calls stack_depot_save_flags() while not allowing it to allocate new pages. To allow task_tick_mm_cid() to use task_work without page allocation, a new TWAF_NO_ALLOC flag is added to enable calling kasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack() if set. The task_tick_mm_cid() function is modified to add this new flag. The possible downside is the missing stack trace in a KASAN report due to new page allocation required when task_work_add_noallloc() is called which should be rare. Fixes: 223baf9d17f2 ("sched: Fix performance regression introduced by mm_cid") Signed-off-by: Waiman Long Signed-off-by: Peter Zijlstra (Intel) Link: https://lkml.kernel.org/r/20241010014432.194742-1-longman@redhat.com commit d16b7eb6f523eeac3cff13001ef2a59cd462aa73 Author: Phil Auld Date: Fri Oct 4 08:37:29 2024 -0400 sched/deadline: Use hrtick_enabled_dl() before start_hrtick_dl() The deadline server code moved one of the start_hrtick_dl() calls but dropped the dl specific hrtick_enabled check. This causes hrticks to get armed even when sched_feat(HRTICK_DL) is false. Fix it. Fixes: 63ba8422f876 ("sched/deadline: Introduce deadline servers") Signed-off-by: Phil Auld Signed-off-by: Peter Zijlstra (Intel) Acked-by: Juri Lelli Link: https://lore.kernel.org/r/20241004123729.460668-1-pauld@redhat.com commit 1e48fd0574ee697e87f9c9bbd64d9a121d271f7a Author: Justin Chen Date: Thu Oct 10 11:53:44 2024 -0700 phy: usb: disable COMMONONN for dual mode The COMMONONN bit suspends the phy when the port is put into a suspend state. However when the phy is shared between host and device in dual mode, this no longer works cleanly as there is no synchronization between the two. Fixes: 5095d045a962 ("phy: usb: Turn off phy when port is in suspend") Signed-off-by: Justin Chen Acked-by: Florian Fainelli Link: https://lore.kernel.org/r/20241010185344.859865-1-justin.chen@broadcom.com Signed-off-by: Vinod Koul commit 6889cd2a93e1e3606b3f6e958aa0924e836de4d2 Author: Petr Vaganov Date: Tue Oct 8 14:02:58 2024 +0500 xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x598/0x2a30 _copy_to_iter+0x598/0x2a30 __skb_datagram_iter+0x168/0x1060 skb_copy_datagram_iter+0x5b/0x220 netlink_recvmsg+0x362/0x1700 sock_recvmsg+0x2dc/0x390 __sys_recvfrom+0x381/0x6d0 __x64_sys_recvfrom+0x130/0x200 x64_sys_call+0x32c8/0x3cc0 do_syscall_64+0xd8/0x1c0 entry_SYSCALL_64_after_hwframe+0x79/0x81 Uninit was stored to memory at: copy_to_user_state_extra+0xcc1/0x1e00 dump_one_state+0x28c/0x5f0 xfrm_state_walk+0x548/0x11e0 xfrm_dump_sa+0x1e0/0x840 netlink_dump+0x943/0x1c40 __netlink_dump_start+0x746/0xdb0 xfrm_user_rcv_msg+0x429/0xc00 netlink_rcv_skb+0x613/0x780 xfrm_netlink_rcv+0x77/0xc0 netlink_unicast+0xe90/0x1280 netlink_sendmsg+0x126d/0x1490 __sock_sendmsg+0x332/0x3d0 ____sys_sendmsg+0x863/0xc30 ___sys_sendmsg+0x285/0x3e0 __x64_sys_sendmsg+0x2d6/0x560 x64_sys_call+0x1316/0x3cc0 do_syscall_64+0xd8/0x1c0 entry_SYSCALL_64_after_hwframe+0x79/0x81 Uninit was created at: __kmalloc+0x571/0xd30 attach_auth+0x106/0x3e0 xfrm_add_sa+0x2aa0/0x4230 xfrm_user_rcv_msg+0x832/0xc00 netlink_rcv_skb+0x613/0x780 xfrm_netlink_rcv+0x77/0xc0 netlink_unicast+0xe90/0x1280 netlink_sendmsg+0x126d/0x1490 __sock_sendmsg+0x332/0x3d0 ____sys_sendmsg+0x863/0xc30 ___sys_sendmsg+0x285/0x3e0 __x64_sys_sendmsg+0x2d6/0x560 x64_sys_call+0x1316/0x3cc0 do_syscall_64+0xd8/0x1c0 entry_SYSCALL_64_after_hwframe+0x79/0x81 Bytes 328-379 of 732 are uninitialized Memory access of size 732 starts at ffff88800e18e000 Data copied to user address 00007ff30f48aff0 CPU: 2 PID: 18167 Comm: syz-executor.0 Not tainted 6.8.11 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Fixes copying of xfrm algorithms where some random data of the structure fields can end up in userspace. Padding in structures may be filled with random (possibly sensitve) data and should never be given directly to user-space. A similar issue was resolved in the commit 8222d5910dae ("xfrm: Zero padding when dumping algos and encap") Found by Linux Verification Center (linuxtesting.org) with Syzkaller. Fixes: c7a5899eb26e ("xfrm: redact SA secret with lockdown confidentiality") Cc: stable@vger.kernel.org Co-developed-by: Boris Tonofa Signed-off-by: Boris Tonofa Signed-off-by: Petr Vaganov Signed-off-by: Steffen Klassert commit be847a3a8d4ec4bf270c2455376d11f2de61bfb3 Author: Johan Hovold Date: Wed Oct 9 16:51:10 2024 +0200 serial: qcom-geni: rename suspend functions Drop the unnecessary "_sys" infix from the suspend PM ops. Signed-off-by: Johan Hovold Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20241009145110.16847-10-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit 4cf4b344c1e1a0682d76f3ec9da90a714e986e90 Author: Johan Hovold Date: Wed Oct 9 16:51:09 2024 +0200 serial: qcom-geni: drop unused receive parameter Serial drivers should not be dropping characters themselves, but at least drop the unused 'drop' parameter from the receive handler for now. Reviewed-by: Douglas Anderson Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20241009145110.16847-9-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit 8173d74ac12bf231fa3a22ae0ad9d56c2abc4618 Author: Johan Hovold Date: Wed Oct 9 16:51:08 2024 +0200 serial: qcom-geni: drop flip buffer WARN() Drop the unnecessary WARN() in case the TTY buffers are ever full in favour of a rate limited dev_err() which doesn't kill the machine when panic_on_warn is set. Reviewed-by: Douglas Anderson Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20241009145110.16847-8-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit c657243ae12000dc57e3648b0ddd30da9ffd1f14 Author: Johan Hovold Date: Wed Oct 9 16:51:07 2024 +0200 serial: qcom-geni: fix rx cancel dma status bit Cancelling an rx command is signalled using bit 14 of the rx DMA status register and not bit 11. This bit is currently unused, but this error becomes apparent, for example, when tracing the status register when closing the port. Fixes: eddac5af0654 ("soc: qcom: Add GENI based QUP Wrapper driver") Reviewed-by: Douglas Anderson Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20241009145110.16847-7-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit fa103d2599e11e802c818684cff821baefe7f206 Author: Johan Hovold Date: Wed Oct 9 16:51:06 2024 +0200 serial: qcom-geni: fix receiver enable The receiver is supposed to be enabled in the startup() callback and not in set_termios() which is called also during console setup. This specifically avoids accepting input before the port has been opened (and interrupts enabled), something which can also break the GENI firmware (cancel fails and after abort, the "stale" counter handling appears to be broken so that later input is not processed until twelve chars have been received). There also does not appear to be any need to keep the receiver disabled while updating the port settings. Since commit 6f3c3cafb115 ("serial: qcom-geni: disable interrupts during console writes") the calls to manipulate the secondary interrupts, which were done without holding the port lock, can also lead to the receiver being left disabled when set_termios() races with the console code (e.g. when init opens the tty during boot). This can manifest itself as a serial getty not accepting input. The calls to stop and start rx in set_termios() can similarly race with DMA completion and, for example, cause the DMA buffer to be unmapped twice or the mapping to be leaked. Fix this by only enabling the receiver during startup and while holding the port lock to avoid racing with the console code. Fixes: 6f3c3cafb115 ("serial: qcom-geni: disable interrupts during console writes") Fixes: 2aaa43c70778 ("tty: serial: qcom-geni-serial: add support for serial engine DMA") Fixes: c4f528795d1a ("tty: serial: msm_geni_serial: Add serial driver support for GENI based QUP") Cc: stable@vger.kernel.org # 6.3 Cc: Bartosz Golaszewski Signed-off-by: Johan Hovold Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20241009145110.16847-6-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit 23ee4a25661c33e6381d41e848a9060ed6d72845 Author: Johan Hovold Date: Wed Oct 9 16:51:05 2024 +0200 serial: qcom-geni: fix dma rx cancellation Make sure to wait for the DMA transfer to complete when cancelling the rx command on stop_rx(). This specifically prevents the DMA completion interrupt from firing after rx has been restarted, something which can lead to an IOMMU fault and hosed rx when the interrupt handler unmaps the DMA buffer for the new command: qcom_geni_serial 988000.serial: serial engine reports 0 RX bytes in! arm-smmu 15000000.iommu: FSR = 00000402 [Format=2 TF], SID=0x563 arm-smmu 15000000.iommu: FSYNR0 = 00210013 [S1CBNDX=33 WNR PLVL=3] Bluetooth: hci0: command 0xfc00 tx timeout Bluetooth: hci0: Reading QCA version information failed (-110) Also add the missing state machine reset which is needed in case cancellation fails. Fixes: 2aaa43c70778 ("tty: serial: qcom-geni-serial: add support for serial engine DMA") Cc: stable@vger.kernel.org # 6.3 Cc: Bartosz Golaszewski Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20241009145110.16847-5-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit 23f5f5debcaac1399cfeacec215278bf6dbc1d11 Author: Johan Hovold Date: Wed Oct 9 16:51:04 2024 +0200 serial: qcom-geni: fix shutdown race A commit adding back the stopping of tx on port shutdown failed to add back the locking which had also been removed by commit e83766334f96 ("tty: serial: qcom_geni_serial: No need to stop tx/rx on UART shutdown"). Holding the port lock is needed to serialise against the console code, which may update the interrupt enable register and access the port state. Fixes: d8aca2f96813 ("tty: serial: qcom-geni-serial: stop operations in progress at shutdown") Fixes: 947cc4ecc06c ("serial: qcom-geni: fix soft lockup on sw flow control and suspend") Cc: stable@vger.kernel.org # 6.3 Reviewed-by: Bartosz Golaszewski Signed-off-by: Johan Hovold Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20241009145110.16847-4-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit 19df76662a33d2f2fc41a66607cb8285fc02d6ec Author: Johan Hovold Date: Wed Oct 9 16:51:03 2024 +0200 serial: qcom-geni: revert broken hibernation support This reverts commit 35781d8356a2eecaa6074ceeb80ee22e252fcdae. Hibernation is not supported on Qualcomm platforms with mainline kernels yet a broken vendor implementation for the GENI serial driver made it upstream. This is effectively dead code that cannot be tested and should just be removed, but if these paths were ever hit for an open non-console port they would crash the machine as the driver would fail to enable clocks during restore() (i.e. all ports would have to be closed by drivers and user space before hibernating the system to avoid this as a comment in the code hinted at). The broken implementation also added a random call to enable the receiver in the port setup code where it does not belong and which enables the receiver prematurely for console ports. Fixes: 35781d8356a2 ("tty: serial: qcom-geni-serial: Add support for Hibernation feature") Cc: stable@vger.kernel.org # 6.2 Cc: Aniket Randive Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20241009145110.16847-3-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit 4bef7c6f299910f19876ad8e7f5897514855f1d2 Author: Johan Hovold Date: Wed Oct 9 16:51:02 2024 +0200 serial: qcom-geni: fix polled console initialisation The polled console (KGDB/KDB) implementation must not call port setup unconditionally as the port may already be in use by the console or a getty. Only make sure that the receiver is enabled, but do not enable any device interrupts. Fixes: d8851a96ba25 ("tty: serial: qcom-geni-serial: Add a poll_init() function") Cc: stable@vger.kernel.org # 6.4 Cc: Douglas Anderson Signed-off-by: Johan Hovold Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20241009145110.16847-2-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit 40d7903386df4d18f04d90510ba90eedee260085 Author: Marek Vasut Date: Wed Oct 2 20:40:38 2024 +0200 serial: imx: Update mctrl old_status on RTSD interrupt When sending data using DMA at high baudrate (4 Mbdps in local test case) to a device with small RX buffer which keeps asserting RTS after every received byte, it is possible that the iMX UART driver would not recognize the falling edge of RTS input signal and get stuck, unable to transmit any more data. This condition happens when the following sequence of events occur: - imx_uart_mctrl_check() is called at some point and takes a snapshot of UART control signal status into sport->old_status using imx_uart_get_hwmctrl(). The RTSS/TIOCM_CTS bit is of interest here (*). - DMA transfer occurs, the remote device asserts RTS signal after each byte. The i.MX UART driver recognizes each such RTS signal change, raises an interrupt with USR1 register RTSD bit set, which leads to invocation of __imx_uart_rtsint(), which calls uart_handle_cts_change(). - If the RTS signal is deasserted, uart_handle_cts_change() clears port->hw_stopped and unblocks the port for further data transfers. - If the RTS is asserted, uart_handle_cts_change() sets port->hw_stopped and blocks the port for further data transfers. This may occur as the last interrupt of a transfer, which means port->hw_stopped remains set and the port remains blocked (**). - Any further data transfer attempts will trigger imx_uart_mctrl_check(), which will read current status of UART control signals by calling imx_uart_get_hwmctrl() (***) and compare it with sport->old_status . - If current status differs from sport->old_status for RTS signal, uart_handle_cts_change() is called and possibly unblocks the port by clearing port->hw_stopped . - If current status does not differ from sport->old_status for RTS signal, no action occurs. This may occur in case prior snapshot (*) was taken before any transfer so the RTS is deasserted, current snapshot (***) was taken after a transfer and therefore RTS is deasserted again, which means current status and sport->old_status are identical. In case (**) triggered when RTS got asserted, and made port->hw_stopped set, the port->hw_stopped will remain set because no change on RTS line is recognized by this driver and uart_handle_cts_change() is not called from here to unblock the port->hw_stopped. Update sport->old_status in __imx_uart_rtsint() accordingly to make imx_uart_mctrl_check() detect such RTS change. Note that TIOCM_CAR and TIOCM_RI bits in sport->old_status do not suffer from this problem. Fixes: ceca629e0b48 ("[ARM] 2971/1: i.MX uart handle rts irq") Cc: stable Reviewed-by: Esben Haabendal Signed-off-by: Marek Vasut Link: https://lore.kernel.org/r/20241002184133.19427-1-marex@denx.de Signed-off-by: Greg Kroah-Hartman commit 9462f4ca56e7d2430fdb6dcc8498244acbfc4489 Author: Longlong Xia Date: Thu Sep 26 21:02:13 2024 +0800 tty: n_gsm: Fix use-after-free in gsm_cleanup_mux BUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm] Read of size 8 at addr ffff88815fe99c00 by task poc/3379 CPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56 Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020 Call Trace: gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm] __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm] __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389 update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500 __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846 __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161 gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm] _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107 __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm] ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195 ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79 __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338 __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805 tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818 Allocated by task 65: gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm] gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm] gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm] gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm] tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391 tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39 flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445 process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229 worker_thread+0x3dc/0x950 kernel/workqueue.c:3391 kthread+0x2a3/0x370 kernel/kthread.c:389 ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257 Freed by task 3367: kfree+0x126/0x420 mm/slub.c:4580 gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm] gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm] tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818 [Analysis] gsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux can be freed by multi threads through ioctl,which leads to the occurrence of uaf. Protect it by gsm tx lock. Signed-off-by: Longlong Xia Cc: stable Suggested-by: Jiri Slaby Link: https://lore.kernel.org/r/20240926130213.531959-1-xialonglong@kylinos.cn Signed-off-by: Greg Kroah-Hartman commit f956052e00de211b5c9ebaa1958366c23f82ee9e Author: Jeongjun Park Date: Fri Oct 11 02:46:19 2024 +0900 vt: prevent kernel-infoleak in con_font_get() font.data may not initialize all memory spaces depending on the implementation of vc->vc_sw->con_font_get. This may cause info-leak, so to prevent this, it is safest to modify it to initialize the allocated memory space to 0, and it generally does not affect the overall performance of the system. Cc: stable@vger.kernel.org Reported-by: syzbot+955da2d57931604ee691@syzkaller.appspotmail.com Fixes: 05e2600cb0a4 ("VT: Bump font size limitation to 64x128 pixels") Signed-off-by: Jeongjun Park Link: https://lore.kernel.org/r/20241010174619.59662-1-aha310510@gmail.com Signed-off-by: Greg Kroah-Hartman commit ae54567eaa87fd863ab61084a3828e1c36b0ffb0 Author: Gao Xiang Date: Fri Oct 11 07:58:30 2024 +0800 erofs: get rid of kaddr in `struct z_erofs_maprecorder` `kaddr` becomes useless after switching to metabuf. Reviewed-by: Chao Yu Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20241010235830.1535616-1-hsiangkao@linux.alibaba.com commit 2402082e5332a2d27be82b4a2bb42490f9c5134b Author: Gao Xiang Date: Thu Oct 10 17:04:19 2024 +0800 erofs: get rid of z_erofs_try_to_claim_pcluster() Just fold it into the caller for simplicity. Reviewed-by: Chao Yu Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20241010090420.405871-1-hsiangkao@linux.alibaba.com commit 416a8b2c02fe2a5a9fbdf2a35ea294b78d939f84 Author: Gao Xiang Date: Tue Sep 17 21:08:03 2024 +0800 erofs: ensure regular inodes for file-backed mounts Only regular inodes are allowed for file-backed mounts, not directories (as seen in the original syzbot case) or special inodes. Also ensure that .read_folio() is implemented on the underlying fs for the primary device. Fixes: fb176750266a ("erofs: add file-backed mount support") Reported-by: syzbot+001306cd9c92ce0df23f@syzkaller.appspotmail.com Closes: https://lore.kernel.org/r/00000000000011bdde0622498ee3@google.com Tested-by: syzbot+001306cd9c92ce0df23f@syzkaller.appspotmail.com Reviewed-by: Chao Yu Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20240917130803.32418-1-hsiangkao@linux.alibaba.com commit 8956c582ac6b1693a351230179f898979dd00bdf Author: Christophe Leroy Date: Sat Oct 5 10:53:29 2024 +0200 powerpc/8xx: Fix kernel DTLB miss on dcbz Following OOPS is encountered while loading test_bpf module on powerpc 8xx: [ 218.835567] BUG: Unable to handle kernel data access on write at 0xcb000000 [ 218.842473] Faulting instruction address: 0xc0017a80 [ 218.847451] Oops: Kernel access of bad area, sig: 11 [#1] [ 218.852854] BE PAGE_SIZE=16K PREEMPT CMPC885 [ 218.857207] SAF3000 DIE NOTIFICATION [ 218.860713] Modules linked in: test_bpf(+) test_module [ 218.865867] CPU: 0 UID: 0 PID: 527 Comm: insmod Not tainted 6.11.0-s3k-dev-09856-g3de3d71ae2e6-dirty #1280 [ 218.875546] Hardware name: MIAE 8xx 0x500000 CMPC885 [ 218.880521] NIP: c0017a80 LR: beab859c CTR: 000101d4 [ 218.885584] REGS: cac2bc90 TRAP: 0300 Not tainted (6.11.0-s3k-dev-09856-g3de3d71ae2e6-dirty) [ 218.894308] MSR: 00009032 CR: 55005555 XER: a0007100 [ 218.901290] DAR: cb000000 DSISR: c2000000 [ 218.901290] GPR00: 000185d1 cac2bd50 c21b9580 caf7c030 c3883fcc 00000008 cafffffc 00000000 [ 218.901290] GPR08: 00040000 18300000 20000000 00000004 99005555 100d815e ca669d08 00000369 [ 218.901290] GPR16: ca730000 00000000 ca2c004c 00000000 00000000 0000035d 00000311 00000369 [ 218.901290] GPR24: ca732240 00000001 00030ba3 c3800000 00000000 00185d48 caf7c000 ca2c004c [ 218.941087] NIP [c0017a80] memcpy+0x88/0xec [ 218.945277] LR [beab859c] test_bpf_init+0x22c/0x3c90 [test_bpf] [ 218.951476] Call Trace: [ 218.953916] [cac2bd50] [beab8570] test_bpf_init+0x200/0x3c90 [test_bpf] (unreliable) [ 218.962034] [cac2bde0] [c0004c04] do_one_initcall+0x4c/0x1fc [ 218.967706] [cac2be40] [c00a2ec4] do_init_module+0x68/0x360 [ 218.973292] [cac2be60] [c00a5194] init_module_from_file+0x8c/0xc0 [ 218.979401] [cac2bed0] [c00a5568] sys_finit_module+0x250/0x3f0 [ 218.985248] [cac2bf20] [c000e390] system_call_exception+0x8c/0x15c [ 218.991444] [cac2bf30] [c00120a8] ret_from_syscall+0x0/0x28 This happens in the main loop of memcpy() ==> c0017a80: 7c 0b 37 ec dcbz r11,r6 c0017a84: 80 e4 00 04 lwz r7,4(r4) c0017a88: 81 04 00 08 lwz r8,8(r4) c0017a8c: 81 24 00 0c lwz r9,12(r4) c0017a90: 85 44 00 10 lwzu r10,16(r4) c0017a94: 90 e6 00 04 stw r7,4(r6) c0017a98: 91 06 00 08 stw r8,8(r6) c0017a9c: 91 26 00 0c stw r9,12(r6) c0017aa0: 95 46 00 10 stwu r10,16(r6) c0017aa4: 42 00 ff dc bdnz c0017a80 Commit ac9f97ff8b32 ("powerpc/8xx: Inconditionally use task PGDIR in DTLB misses") relies on re-reading DAR register to know if an error is due to a missing copy of a PMD entry in task's PGDIR, allthough DAR was already read in the exception prolog and copied into thread struct. This is because is it done very early in the exception and there are not enough registers available to keep a pointer to thread struct. However, dcbz instruction is buggy and doesn't update DAR register on fault. That is detected and generates a call to FixupDAR workaround which updates DAR copy in thread struct but doesn't fix DAR register. Let's fix DAR in addition to the update of DAR copy in thread struct. Fixes: ac9f97ff8b32 ("powerpc/8xx: Inconditionally use task PGDIR in DTLB misses") Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/2b851399bd87e81c6ccb87ea3a7a6b32c7aa04d7.1728118396.git.christophe.leroy@csgroup.eu commit ac44ff7cec33d5c2d4b72d52603552ec64c1a8bf Merge: b634acb2a070c0 1badf482816417 Author: Dave Airlie Date: Fri Oct 11 13:54:05 2024 +1000 Merge tag 'drm-xe-fixes-2024-10-10' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-fixes Driver Changes: - Fix error checking with xa_store() (Matthe Auld) - Fix missing freq restore on GSC load error (Vinay) - Fix wedged_mode file permission (Matt Roper) - Fix use-after-free in ct communication (Matthew Auld) Signed-off-by: Dave Airlie From: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/jri65tmv3bjbhqhxs5smv45nazssxzhtwphojem4uufwtjuliy@gsdhlh6kzsdy commit f07fd958a49264eebc1db9c946eb5d2e91c470fd Author: Thorsten Blum Date: Mon Oct 7 13:51:32 2024 +0200 drm/vmwgfx: Remove unnecessary NULL checks before kvfree() Since kvfree() already checks if its argument is NULL, an additional check before calling kvfree() is unnecessary and can be removed. Remove both and the following Coccinelle/coccicheck warnings reported by ifnullfree.cocci: WARNING: NULL check before some freeing functions is not needed WARNING: NULL check before some freeing functions is not needed Signed-off-by: Thorsten Blum Signed-off-by: Zack Rusin Link: https://patchwork.freedesktop.org/patch/msgid/20241007115131.1811-3-thorsten.blum@linux.dev commit b836cbdf3b81a4a22b3452186efa2e5105a77e10 Author: Tyrone Wu Date: Fri Oct 11 00:08:03 2024 +0000 selftests/bpf: Assert link info uprobe_multi count & path_size if unset Add assertions in `bpf_link_info.uprobe_multi` test to verify that `count` and `path_size` fields are correctly populated when the fields are unset. This tests a previous bug where the `path_size` field was not populated when `path` and `path_size` were unset. Signed-off-by: Tyrone Wu Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20241011000803.681190-2-wudevelops@gmail.com commit ad6b5b6ea9b764018249285a4fe0a2226bef4caa Author: Tyrone Wu Date: Fri Oct 11 00:08:02 2024 +0000 bpf: Fix unpopulated path_size when uprobe_multi fields unset Previously when retrieving `bpf_link_info.uprobe_multi` with `path` and `path_size` fields unset, the `path_size` field is not populated (remains 0). This behavior was inconsistent with how other input/output string buffer fields work, as the field should be populated in cases when: - both buffer and length are set (currently works as expected) - both buffer and length are unset (not working as expected) This patch now fills the `path_size` field when `path` and `path_size` are unset. Fixes: e56fdbfb06e2 ("bpf: Add link_info support for uprobe multi link") Signed-off-by: Tyrone Wu Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20241011000803.681190-1-wudevelops@gmail.com commit fd526e121c4d6f71aed82d21a8b8277b03e60b43 Author: Tony Ambardar Date: Tue Oct 8 21:07:20 2024 -0700 selftests/bpf: Fix cross-compiling urandom_read Linking of urandom_read and liburandom_read.so prefers LLVM's 'ld.lld' but falls back to using 'ld' if unsupported. However, this fallback discards any existing makefile macro for LD and can break cross-compilation. Fix by changing the fallback to use the target linker $(LD), passed via '-fuse-ld=' using an absolute path rather than a linker "flavour". Fixes: 08c79c9cd67f ("selftests/bpf: Don't force lld on non-x86 architectures") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20241009040720.635260-1-tony.ambardar@gmail.com commit b634acb2a070c072900c56154aa43e2ec2d45b2d Merge: fe4a435bd0c20b fcddc71ec7ecf1 Author: Dave Airlie Date: Fri Oct 11 09:03:20 2024 +1000 Merge tag 'drm-misc-fixes-2024-10-10' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-fixes Short summary of fixes pull: fbdev-dma: - Only clean up deferred I/O if instanciated nouveau: - dmem: Fix privileged error in copy engine channel; Fix possible data leak in migrate_to_ram() - gsp: Fix coding style sched: - Avoid leaking lockdep map v3d: - Stop active perfmon before destroying it vc4: - Stop active perfmon before destroying it xe: - Drop GuC submit_wq pool Signed-off-by: Dave Airlie From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20241010133708.GA461532@localhost.localdomain commit fe4a435bd0c20beb6d7caf87b49bc49a2233b18b Merge: fc4d262721705f 4cc2718f621a6a Author: Dave Airlie Date: Fri Oct 11 08:55:26 2024 +1000 Merge tag 'drm-intel-fixes-2024-10-10' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-fixes - HDCP refcount fix Signed-off-by: Dave Airlie From: Joonas Lahtinen Link: https://patchwork.freedesktop.org/patch/msgid/Zwd78Tnw8t3w9F16@jlahtine-mobl.ger.corp.intel.com commit 23dbbe8889250bed10cdd8a328d97efd15f808a7 Merge: ad1081a0da2744 a03c246d4ec836 Author: Stephen Boyd Date: Thu Oct 10 14:47:45 2024 -0700 Merge tag 'samsung-clk-fixes-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux into clk-fixes Pull a Samsung clk driver fix from Krzysztof Kozlowski: Add missing sentinel in of_device_id table so the code iterating over it will not go over the size of an array. * tag 'samsung-clk-fixes-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux: clk: samsung: Fix out-of-bound access of of_match_node() commit b07996c7abac0fe3f70bf74b0b3f76eb7852ef5a Author: Tejun Heo Date: Thu Oct 10 11:41:44 2024 -1000 sched_ext: Don't hold scx_tasks_lock for too long While enabling and disabling a BPF scheduler, every task is iterated a couple times by walking scx_tasks. Except for one, all iterations keep holding scx_tasks_lock. On multi-socket systems under heavy rq lock contention and high number of threads, this can can lead to RCU and other stalls. The following is triggered on a 2 x AMD EPYC 7642 system (192 logical CPUs) running `stress-ng --workload 150 --workload-threads 10` with >400k idle threads and RCU stall period reduced to 5s: rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: rcu: 91-...!: (10 ticks this GP) idle=0754/1/0x4000000000000000 softirq=18204/18206 fqs=17 rcu: 186-...!: (17 ticks this GP) idle=ec54/1/0x4000000000000000 softirq=25863/25866 fqs=17 rcu: (detected by 80, t=10042 jiffies, g=89305, q=33 ncpus=192) Sending NMI from CPU 80 to CPUs 91: NMI backtrace for cpu 91 CPU: 91 UID: 0 PID: 284038 Comm: sched_ext_ops_h Kdump: loaded Not tainted 6.12.0-rc2-work-g6bf5681f7ee2-dirty #471 Hardware name: Supermicro Super Server/H11DSi, BIOS 2.8 12/14/2023 Sched_ext: simple (disabling+all) RIP: 0010:queued_spin_lock_slowpath+0x17b/0x2f0 Code: 02 c0 10 03 00 83 79 08 00 75 08 f3 90 83 79 08 00 74 f8 48 8b 11 48 85 d2 74 09 0f 0d 0a eb 0a 31 d2 eb 06 31 d2 eb 02 f3 90 <8b> 07 66 85 c0 75 f7 39 d8 75 0d be 01 00 00 00 89 d8 f0 0f b1 37 RSP: 0018:ffffc9000fadfcb8 EFLAGS: 00000002 RAX: 0000000001700001 RBX: 0000000001700000 RCX: ffff88bfcaaf10c0 RDX: 0000000000000000 RSI: 0000000000000101 RDI: ffff88bfca8f0080 RBP: 0000000001700000 R08: 0000000000000090 R09: ffffffffffffffff R10: ffff88a74761b268 R11: 0000000000000000 R12: ffff88a6b6765460 R13: ffffc9000fadfd60 R14: ffff88bfca8f0080 R15: ffff88bfcaac0000 FS: 0000000000000000(0000) GS:ffff88bfcaac0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f5c55f526a0 CR3: 0000000afd474000 CR4: 0000000000350eb0 Call Trace: do_raw_spin_lock+0x9c/0xb0 task_rq_lock+0x50/0x190 scx_task_iter_next_locked+0x157/0x170 scx_ops_disable_workfn+0x2c2/0xbf0 kthread_worker_fn+0x108/0x2a0 kthread+0xeb/0x110 ret_from_fork+0x36/0x40 ret_from_fork_asm+0x1a/0x30 Sending NMI from CPU 80 to CPUs 186: NMI backtrace for cpu 186 CPU: 186 UID: 0 PID: 51248 Comm: fish Kdump: loaded Not tainted 6.12.0-rc2-work-g6bf5681f7ee2-dirty #471 scx_task_iter can safely drop locks while iterating. Make scx_task_iter_next() drop scx_tasks_lock every 32 iterations to avoid stalls. Signed-off-by: Tejun Heo Acked-by: David Vernet commit 967da578325d8539d42245d98f126f47abcc0569 Author: Tejun Heo Date: Thu Oct 10 11:41:44 2024 -1000 sched_ext: Move scx_tasks_lock handling into scx_task_iter helpers Iterating with scx_task_iter involves scx_tasks_lock and optionally the rq lock of the task being iterated. Both locks can be released during iteration and the iteration can be continued after re-grabbing scx_tasks_lock. Currently, all lock handling is pushed to the caller which is a bit cumbersome and makes it difficult to add lock-aware behaviors. Make the scx_task_iter helpers handle scx_tasks_lock. - scx_task_iter_init/scx_taks_iter_exit() now grabs and releases scx_task_lock, respectively. Renamed to scx_task_iter_start/scx_task_iter_stop() to more clearly indicate that there are non-trivial side-effects. - Add __ prefix to scx_task_iter_rq_unlock() to indicate that the function is internal. - Add scx_task_iter_unlock/relock(). The former drops both rq lock (if held) and scx_tasks_lock and the latter re-locks only scx_tasks_lock. This doesn't cause behavior changes and will be used to implement stall avoidance. Signed-off-by: Tejun Heo Acked-by: David Vernet commit aebe7ae4cb50551874fdfaf88e4127884298caad Author: Tejun Heo Date: Thu Oct 10 11:41:44 2024 -1000 sched_ext: bypass mode shouldn't depend on ops.select_cpu() Bypass mode was depending on ops.select_cpu() which can't be trusted as with the rest of the BPF scheduler. Always enable and use scx_select_cpu_dfl() in bypass mode. Signed-off-by: Tejun Heo Acked-by: David Vernet commit cc3e1caca998e445a030253d2dc42a0db6f5af30 Author: Tejun Heo Date: Thu Oct 10 11:41:44 2024 -1000 sched_ext: Move scx_buildin_idle_enabled check to scx_bpf_select_cpu_dfl() Move the sanity check from the inner function scx_select_cpu_dfl() to the exported kfunc scx_bpf_select_cpu_dfl(). This doesn't cause behavior differences and will allow using scx_select_cpu_dfl() in bypass mode regardless of scx_builtin_idle_enabled. Signed-off-by: Tejun Heo commit 3fdb9ebcec10a91e7825b95840c5a627dabcbca7 Author: Tejun Heo Date: Thu Oct 10 11:41:44 2024 -1000 sched_ext: Start schedulers with consistent p->scx.slice values The disable path caps p->scx.slice to SCX_SLICE_DFL. As the field is already being ignored at this stage during disable, the only effect this has is that when the next BPF scheduler is loaded, it won't see unreasonable left-over slices. Ultimately, this shouldn't matter but it's better to start in a known state. Drop p->scx.slice capping from the disable path and instead reset it to SCX_SLICE_DFL in the enable path. Signed-off-by: Tejun Heo Acked-by: David Vernet commit 54baa7ac0cebe53a03ba3083905021f92d2420db Author: Tejun Heo Date: Thu Oct 10 11:41:44 2024 -1000 Revert "sched_ext: Use shorter slice while bypassing" This reverts commit 6f34d8d382d64e7d8e77f5a9ddfd06f4c04937b0. Slice length is ignored while bypassing and tasks are switched on every tick and thus the patch does not make any difference. The perceived difference was from test noise. Signed-off-by: Tejun Heo Acked-by: David Vernet commit e72a076c620f692b405dd6c39e8a7c98c8a59ecc Author: Alice Ryhl Date: Wed Oct 9 11:41:59 2024 +0000 kbuild: fix issues with rustc-option Fix a few different compiler errors that cause rustc-option to give wrong results. If KBUILD_RUSTFLAGS or the flags being tested contain any -Z flags, then the error below is generated. The RUSTC_BOOTSTRAP environment variable is added to fix this error. error: the option `Z` is only accepted on the nightly compiler help: consider switching to a nightly toolchain: `rustup default nightly` note: selecting a toolchain with `+toolchain` arguments require a rustup proxy; see note: for more information about Rust's stability policy, see error: 1 nightly option were parsed Note that RUSTC_BOOTSTRAP is also defined in the top-level Makefile, but Make-exported variables are unfortunately *not* inherited. That said, this is changing as of commit 98da874c4303 ("[SV 10593] Export variables to $(shell ...) commands"), which is part of Make 4.4. The probe may also fail with the error message below. To fix it, the /dev/null argument is replaced with a file containing the crate attribute #![no_core]. The #![no_core] attribute ensures that rustc does not look for the standard library. It's not possible to instead supply a standard library (i.e. `core`) to rustc, as we need `rustc-option` before the Rust standard library is compiled. error[E0463]: can't find crate for `std` | = note: the `aarch64-unknown-none` target may not be installed = help: consider downloading the target with `rustup target add aarch64-unknown-none` = help: consider building the standard library from source with `cargo build -Zbuild-std` The -o and --out-dir parameters are altered to fix this warning: warning: ignoring --out-dir flag due to -o flag The --sysroot flag is provided as we would otherwise require it to be present in KBUILD_RUSTFLAGS. The --emit=obj flag is used to write the resulting object file to /dev/null instead of writing it to a file in $(TMPOUT). I verified that the Kconfig version of rustc-option doesn't have the same issues. Fixes: c42297438aee ("kbuild: rust: Define probing macros for rustc") Co-developed-by: Miguel Ojeda Signed-off-by: Miguel Ojeda Signed-off-by: Alice Ryhl Acked-by: Masahiro Yamada Link: https://lore.kernel.org/r/20241009-rustc-option-bootstrap-v3-1-5fa0d520efba@google.com [ Reworded as discussed in the list. - Miguel ] Signed-off-by: Miguel Ojeda commit b1f8d3b81d9289e171141a7120093ddefe7bd2f4 Author: Heiko Stuebner Date: Tue Oct 8 22:39:34 2024 +0200 arm64: dts: rockchip: remove num-slots property from rk3328-nanopi-r2s-plus num-slots was not part of the dw-mmc binding and the last slipage of one of them seeping in from the vendor kernel was removed way back in 2017. Somehow the nanopi-r2s-plus managed to smuggle another on in the kernel, so remove that as well. Fixes: b8c028782922 ("arm64: dts: rockchip: Add DTS for FriendlyARM NanoPi R2S Plus") Cc: Sergey Bostandzhyan Reviewed-by: Dragan Simic Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20241008203940.2573684-9-heiko@sntech.de Signed-off-by: Heiko Stuebner commit 3a53a7187f41ec3db12cf4c2cb0db4ba87c2f3a1 Author: Heiko Stuebner Date: Tue Oct 8 22:39:33 2024 +0200 arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc There are two LEDs on the board, power and user events. Currently both are assigned undocumented IR(-remote) triggers that are probably only part of the vendor-kernel. To make dtbs check happier, assign the power-led to a generic default-on trigger and the user led to the documented rc-feedback trigger that should mostly match its current usage. Fixes: 4403e1237be3 ("arm64: dts: rockchip: Add devicetree for board roc-rk3308-cc") Cc: Andy Yan Reviewed-by: Dragan Simic Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20241008203940.2573684-8-heiko@sntech.de Signed-off-by: Heiko Stuebner commit 5ed96580568c4f79a0aff11a67f10b3e9229ba86 Author: Heiko Stuebner Date: Tue Oct 8 22:39:32 2024 +0200 arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion All Theobroma boards use a ti,amc6821 as fan controller. It normally runs in an automatically controlled way and while it may be possible to use it as part of a dt-based thermal management, this is not yet specified in the binding, nor implemented in any kernel. Newer boards already don't contain that #cooling-cells property, but older ones do. So remove them for now, they can be re-added if thermal integration gets implemented in the future. There are two further occurences in v6.12-rc in px30-ringneck and rk3399-puma, but those already get removed by the i2c-mux conversion scheduled for 6.13 . As the undocumented property is in the kernel so long, I opted for not causing extra merge conflicts between 6.12 and 6.13 Fixes: d99a02bcfa81 ("arm64: dts: rockchip: add RK3368-uQ7 (Lion) SoM") Cc: Quentin Schulz Cc: Klaus Goger Reviewed-by: Quentin Schulz Reviewed-by: Dragan Simic Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20241008203940.2573684-7-heiko@sntech.de Signed-off-by: Heiko Stuebner commit 1d227fcc72223cbdd34d0ce13541cbaab5e0d72f Merge: 0edab8d1324dfe 7b43ba65019e83 Author: Linus Torvalds Date: Thu Oct 10 12:36:35 2024 -0700 Merge tag 'net-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from Jakub Kicinski: "Including fixes from bluetooth and netfilter. Current release - regressions: - dsa: sja1105: fix reception from VLAN-unaware bridges - Revert "net: stmmac: set PP_FLAG_DMA_SYNC_DEV only if XDP is enabled" - eth: fec: don't save PTP state if PTP is unsupported Current release - new code bugs: - smc: fix lack of icsk_syn_mss with IPPROTO_SMC, prevent null-deref - eth: airoha: update Tx CPU DMA ring idx at the end of xmit loop - phy: aquantia: AQR115c fix up PMA capabilities Previous releases - regressions: - tcp: 3 fixes for retrans_stamp and undo logic Previous releases - always broken: - net: do not delay dst_entries_add() in dst_release() - netfilter: restrict xtables extensions to families that are safe, syzbot found a way to combine ebtables with extensions that are never used by userspace tools - sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start - mptcp: handle consistently DSS corruption, and prevent corruption due to large pmtu xmit" * tag 'net-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (87 commits) MAINTAINERS: Add headers and mailing list to UDP section MAINTAINERS: consistently exclude wireless files from NETWORKING [GENERAL] slip: make slhc_remember() more robust against malicious packets net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC ppp: fix ppp_async_encode() illegal access docs: netdev: document guidance on cleanup patches phonet: Handle error of rtnl_register_module(). mpls: Handle error of rtnl_register_module(). mctp: Handle error of rtnl_register_module(). bridge: Handle error of rtnl_register_module(). vxlan: Handle error of rtnl_register_module(). rtnetlink: Add bulk registration helpers for rtnetlink message handlers. net: do not delay dst_entries_add() in dst_release() mptcp: pm: do not remove closing subflows mptcp: fallback when MPTCP opts are dropped after 1st data tcp: fix mptcp DSS corruption due to large pmtu xmit mptcp: handle consistently DSS corruption net: netconsole: fix wrong warning net: dsa: refuse cross-chip mirroring operations net: fec: don't save PTP state if PTP is unsupported ... commit 0edab8d1324dfeee52aad763236c9015e413c4c2 Merge: eb952c47d154ba 912da2c384d510 Author: Linus Torvalds Date: Thu Oct 10 12:25:32 2024 -0700 Merge tag 'trace-ringbuffer-v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull tracing fix from Steven Rostedt: "Ring-buffer fix: do not have boot-mapped buffers use CPU hotplug callbacks When a ring buffer is mapped to memory assigned at boot, it also splits it up evenly between the possible CPUs. But the allocation code still attached a CPU notifier callback to this ring buffer. When a CPU is added, the callback will happen and another per-cpu buffer is created for the ring buffer. But for boot mapped buffers, there is no room to add another one (as they were all created already). The result of calling the CPU hotplug notifier on a boot mapped ring buffer is unpredictable and could lead to a system crash. If the ring buffer is boot mapped simply do not attach the CPU notifier to it" * tag 'trace-ringbuffer-v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: ring-buffer: Do not have boot mapped buffers hook to CPU hotplug commit 4575962aeed63aca975756852ab0c550164f849f Author: Harshit Mogalapalli Date: Thu Oct 10 04:18:18 2024 -0700 pinctrl: sophgo: fix double free in cv1800_pctrl_dt_node_to_map() 'map' is allocated using devm_* which takes care of freeing the allocated data, but in error paths there is a call to pinctrl_utils_free_map() which also does kfree(map) which leads to a double free. Use kcalloc() instead of devm_kcalloc() as freeing is manually handled. Fixes: a29d8e93e710 ("pinctrl: sophgo: add support for CV1800B SoC") Signed-off-by: Harshit Mogalapalli Link: https://lore.kernel.org/20241010111830.3474719-1-harshit.m.mogalapalli@oracle.com Signed-off-by: Linus Walleij commit 1b670212ee3dd9d14c6d39a042dfe4ae79b49b4e Author: Heiko Stuebner Date: Tue Oct 8 22:39:31 2024 +0200 arm64: dts: rockchip: Remove undocumented supports-emmc property supports-emmc is an undocumented property that slipped into the mainline kernel devicetree for some boards. Drop it. Fixes: c484cf93f61b ("arm64: dts: rockchip: add PX30-µQ7 (Ringneck) SoM with Haikou baseboard") Cc: Quentin Schulz Fixes: b8c028782922 ("arm64: dts: rockchip: Add DTS for FriendlyARM NanoPi R2S Plus") Cc: Sergey Bostandzhyan Fixes: 8d94da58de53 ("arm64: dts: rockchip: Add EmbedFire LubanCat 1") Cc: Wenhao Cui Fixes: cdf46cdbabfc ("arm64: dts: rockchip: Add dts for EmbedFire rk3568 LubanCat 2") Cc: Andy Yan Reviewed-by: Dragan Simic Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20241008203940.2573684-6-heiko@sntech.de Signed-off-by: Heiko Stuebner commit ea74528aaea5a1dfc8e3de09ef2af37530eca526 Author: Heiko Stuebner Date: Tue Oct 8 22:39:30 2024 +0200 arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards The expected clock-name is different, and extclk also is deprecated in favor of txco for clocks that are not crystals. So fix it to match the binding. Fixes: c72235c288c8 ("arm64: dts: rockchip: Add on-board WiFi/BT support for Rock960 boards") Cc: Manivannan Sadhasivam Reviewed-by: Dragan Simic Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20241008203940.2573684-5-heiko@sntech.de Signed-off-by: Heiko Stuebner commit 2fa98dcc8d3ea2ebbd9e6be778f8bb19231c28be Author: Heiko Stuebner Date: Tue Oct 8 22:39:29 2024 +0200 arm64: dts: rockchip: Fix bluetooth properties on rk3566 box demo The expected clock-name is different, and extclk also is deprecated in favor of txco for clocks that are not crystals. The wakeup gpio properties are named differently too, when changing from vendor-tree to mainline. So fix those to match the binding. Fixes: 2e0537b16b25 ("arm64: dts: rockchip: Add dts for rockchip rk3566 box demo board") Cc: Andy Yan Reviewed-by: Dragan Simic Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20241008203940.2573684-4-heiko@sntech.de Signed-off-by: Heiko Stuebner commit 98c3f4a2d61a29a53244ce45e50655140bd47afb Author: Heiko Stuebner Date: Tue Oct 8 22:39:28 2024 +0200 arm64: dts: rockchip: Drop regulator-init-microvolt from two boards rk3568-roc-pc and rk3588-toybrick-x0 re-introduced this property despite previous patches removing older instances already. regulator-init-microvolt is not part of any regulator binding and is only used in the Rockchip vendor kernel. So drop it. It is used by u-boot in some places to setup initial regulator-state, but that should happen in the existing -u-boot devicetree additions. Fixes: 007b4bb47f44 ("arm64: dts: rockchip: add dts for Firefly Station P2 aka rk3568-roc-pc") Cc: Furkan Kardame Fixes: 8ffe365f8dc7 ("arm64: dts: rockchip: Add devicetree support for TB-RK3588X board") Cc: Elon Zhang Reviewed-by: Dragan Simic Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20241008203940.2573684-3-heiko@sntech.de Signed-off-by: Heiko Stuebner commit f94b934336e30cebae75d4fbe04a2109a3c8fdec Author: Heiko Stuebner Date: Tue Oct 8 22:39:27 2024 +0200 arm64: dts: rockchip: fix i2c2 pinctrl-names property on anbernic-rg353p/v We want to control pins, not beer mugs, so rename pintctrl-names to the expected pinctrl-names. This was not affecting functionality, because the i2c2 controller already had a set of pinctrl properties. Fixes: 523adb553573 ("arm64: dts: rockchip: add Anbernic RG353P and RG503") Fixes: 1e141cf12726 ("arm64: dts: rockchip: add Anbernic RG353V and RG353VS") Cc: Chris Morgan Acked-by: Chris Morgan Reviewed-by: Dragan Simic Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20241008203940.2573684-2-heiko@sntech.de Signed-off-by: Heiko Stuebner commit 26498b8d54373d31a621d7dec95c4bd842563b3b Author: Nikolay Kuratov Date: Wed Oct 2 15:24:29 2024 +0300 drm/vmwgfx: Handle surface check failure correctly Currently if condition (!bo and !vmw_kms_srf_ok()) was met we go to err_out with ret == 0. err_out dereferences vfb if ret == 0, but in our case vfb is still NULL. Fix this by assigning sensible error to ret. Found by Linux Verification Center (linuxtesting.org) with SVACE Signed-off-by: Nikolay Kuratov Cc: stable@vger.kernel.org Fixes: 810b3e1683d0 ("drm/vmwgfx: Support topology greater than texture size") Signed-off-by: Zack Rusin Link: https://patchwork.freedesktop.org/patch/msgid/20241002122429.1981822-1-kniv@yandex-team.ru commit 512a9721cae0d88d34ff441f2f5917cd149af8af Author: Zack Rusin Date: Tue Aug 27 00:39:05 2024 -0400 drm/vmwgfx: Cleanup kms setup without 3d Do not validate format equality for the non 3d cases to allow xrgb to argb copies and make sure the dx binding flags are only used on dx compatible surfaces. Fixes basic 2d kms setup on configurations without 3d. There's little practical benefit to it because kms framebuffer coherence is disabled on configurations without 3d but with those changes the code actually makes sense. v2: Remove the now unused format variable Signed-off-by: Zack Rusin Fixes: d6667f0ddf46 ("drm/vmwgfx: Fix handling of dumb buffers") Cc: Broadcom internal kernel review list Cc: dri-devel@lists.freedesktop.org Cc: # v6.9+ Cc: Maaz Mombasawala Cc: Martin Krastev Reviewed-by: Martin Krastev Reviewed-by: Maaz Mombasawala Link: https://patchwork.freedesktop.org/patch/msgid/20240827043905.472825-1-zack.rusin@broadcom.com commit 4809a017a2bc42ff239d53ade4b2e70f2fe81348 Author: Ian Forbes Date: Fri Aug 9 13:37:56 2024 -0500 drm/vmwgfx: Handle possible ENOMEM in vmw_stdu_connector_atomic_check Handle unlikely ENOMEN condition and other errors in vmw_stdu_connector_atomic_check. Signed-off-by: Ian Forbes Reported-by: Dan Carpenter Fixes: 75c3e8a26a35 ("drm/vmwgfx: Trigger a modeset when the screen moves") Reviewed-by: Zack Rusin Reviewed-by: Martin Krastev Signed-off-by: Zack Rusin Link: https://patchwork.freedesktop.org/patch/msgid/20240809183756.27283-1-ian.forbes@broadcom.com commit 6b8e9dbfaed471627f7b863633b9937717df1d4d Author: Javier Carrasco Date: Mon Oct 7 22:06:39 2024 +0200 iio: frequency: admv4420: fix missing select REMAP_SPI in Kconfig This driver makes use of regmap_spi, but does not select the required module. Add the missing 'select REGMAP_SPI'. Fixes: b59c04155901 ("iio: frequency: admv4420.c: Add support for ADMV4420") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241007-ad2s1210-select-v2-2-7345d228040f@gmail.com Signed-off-by: Jonathan Cameron commit 5c9644a683e1690387a476a4f5f6bd5cf9a1d695 Author: Javier Carrasco Date: Mon Oct 7 22:06:38 2024 +0200 iio: frequency: {admv4420,adrf6780}: format Kconfig entries Format the entries of these drivers in the Kconfig, where spaces instead of tabs were used. Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241007-ad2s1210-select-v2-1-7345d228040f@gmail.com Signed-off-by: Jonathan Cameron commit 28a5dfd4f615539fb22fb6d5c219c199c14e6eb6 Author: Ian Forbes Date: Thu Aug 8 15:06:34 2024 -0500 drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS Currently the array size is only limited by the largest kmalloc size which is incorrect. This change will also return a more specific error message than ENOMEM to userspace. Signed-off-by: Ian Forbes Reviewed-by: Zack Rusin Reviewed-by: Martin Krastev Signed-off-by: Zack Rusin Link: https://patchwork.freedesktop.org/patch/msgid/20240808200634.1074083-1-ian.forbes@broadcom.com commit 66cf4455f3aba1d7dab4be7f4d8f95dc334ae46e Author: David Lechner Date: Wed Oct 9 16:23:04 2024 -0500 iio: adc: ad4695: Add missing Kconfig select Add select IIO_BUFFER and select IIO_TRIGGERED_BUFFER to the Kconfig for the ad4695 driver. Fixes: 6cc7e4bf2e08 ("iio: adc: ad4695: implement triggered buffer") Signed-off-by: David Lechner Reviewed-by: Javier Carrasco Link: https://patch.msgid.link/20241009-iio-adc-ad4695-fix-kconfig-v1-1-e2a4dfde8d55@baylibre.com Signed-off-by: Jonathan Cameron commit 4c4834fd8696a949d1b1f1c2c5b96e1ad2083b02 Author: Javier Carrasco Date: Thu Oct 3 23:04:50 2024 +0200 iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig This driver makes use of triggered buffers, but does not select the required modules. Fixes: 2a86487786b5 ("iio: adc: ti-ads8688: add trigger and buffer support") Add the missing 'select IIO_BUFFER' and 'select IIO_TRIGGERED_BUFFER'. Signed-off-by: Javier Carrasco Reviewed-by: Sean Nyekjaer Link: https://patch.msgid.link/20241003-iio-select-v1-4-67c0385197cd@gmail.com Cc: Signed-off-by: Jonathan Cameron commit 3a29b84cf7fbf912a6ab1b9c886746f02b74ea25 Author: Christophe JAILLET Date: Thu Oct 3 20:41:12 2024 +0200 iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() If hid_sensor_set_report_latency() fails, the error code should be returned instead of a value likely to be interpreted as 'success'. Fixes: 138bc7969c24 ("iio: hid-sensor-hub: Implement batch mode") Signed-off-by: Christophe JAILLET Acked-by: Srinivas Pandruvada Link: https://patch.msgid.link/c50640665f091a04086e5092cf50f73f2055107a.1727980825.git.christophe.jaillet@wanadoo.fr Cc: Signed-off-by: Jonathan Cameron commit 3f2ac59c0d7b4d9f0e87371662a6ba8273b07818 Merge: 60f802e2d6e10d f91b256644ea6f Author: Alexei Starovoitov Date: Thu Oct 10 10:44:03 2024 -0700 Merge branch 'fix-caching-of-btf-for-kfuncs-in-the-verifier' Toke Høiland-Jørgensen says: ==================== Fix caching of BTF for kfuncs in the verifier When playing around with defining kfuncs in some custom modules, we noticed that if a BPF program calls two functions with the same signature in two different modules, the function from the wrong module may sometimes end up being called. Whether this happens depends on the order of the calls in the BPF program, which turns out to be due to the use of sort() inside __find_kfunc_desc_btf() in the verifier code. This series contains a fix for the issue (first patch), and a selftest to trigger it (last patch). The middle commit is a small refactor to expose the module loading helper functions in testing_helpers.c. See the individual patch descriptions for more details. Changes in v2: - Drop patch that refactors module building in selftests (Alexei) - Get rid of expect_val function argument in selftest (Jiri) - Collect ACKs - Link to v1: https://lore.kernel.org/r/20241008-fix-kfunc-btf-caching-for-modules-v1-0-dfefd9aa4318@redhat.com ==================== Link: https://lore.kernel.org/r/20241010-fix-kfunc-btf-caching-for-modules-v2-0-745af6c1af98@redhat.com Signed-off-by: Alexei Starovoitov commit f91b256644ea6f7628580029c5a223573f55d98c Author: Simon Sundberg Date: Thu Oct 10 15:27:09 2024 +0200 selftests/bpf: Add test for kfunc module order Add a test case for kfuncs from multiple external modules, checking that the correct kfuncs are called regardless of which order they're called in. Specifically, check that calling the kfuncs in an order different from the one the modules' BTF are loaded in works. Signed-off-by: Simon Sundberg Acked-by: Kumar Kartikeya Dwivedi Signed-off-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/r/20241010-fix-kfunc-btf-caching-for-modules-v2-3-745af6c1af98@redhat.com Signed-off-by: Alexei Starovoitov commit 4192bb294f80928bc2257c7a2ff6c86a27de6807 Author: Simon Sundberg Date: Thu Oct 10 15:27:08 2024 +0200 selftests/bpf: Provide a generic [un]load_module helper Generalize the previous [un]load_bpf_testmod() helpers (in testing_helpers.c) to the more generic [un]load_module(), which can load an arbitrary kernel module by name. This allows future selftests to more easily load custom kernel modules other than bpf_testmod.ko. Refactor [un]load_bpf_testmod() to wrap this new helper. Signed-off-by: Simon Sundberg Acked-by: Jiri Olsa Acked-by: Kumar Kartikeya Dwivedi Signed-off-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/r/20241010-fix-kfunc-btf-caching-for-modules-v2-2-745af6c1af98@redhat.com Signed-off-by: Alexei Starovoitov commit 6cb86a0fdece87e126323ec1bb19deb16a52aedf Author: Toke Høiland-Jørgensen Date: Thu Oct 10 15:27:07 2024 +0200 bpf: fix kfunc btf caching for modules The verifier contains a cache for looking up module BTF objects when calling kfuncs defined in modules. This cache uses a 'struct bpf_kfunc_btf_tab', which contains a sorted list of BTF objects that were already seen in the current verifier run, and the BTF objects are looked up by the offset stored in the relocated call instruction using bsearch(). The first time a given offset is seen, the module BTF is loaded from the file descriptor passed in by libbpf, and stored into the cache. However, there's a bug in the code storing the new entry: it stores a pointer to the new cache entry, then calls sort() to keep the cache sorted for the next lookup using bsearch(), and then returns the entry that was just stored through the stored pointer. However, because sort() modifies the list of entries in place *by value*, the stored pointer may no longer point to the right entry, in which case the wrong BTF object will be returned. The end result of this is an intermittent bug where, if a BPF program calls two functions with the same signature in two different modules, the function from the wrong module may sometimes end up being called. Whether this happens depends on the order of the calls in the BPF program (as that affects whether sort() reorders the array of BTF objects), making it especially hard to track down. Simon, credited as reporter below, spent significant effort analysing and creating a reproducer for this issue. The reproducer is added as a selftest in a subsequent patch. The fix is straight forward: simply don't use the stored pointer after calling sort(). Since we already have an on-stack pointer to the BTF object itself at the point where the function return, just use that, and populate it from the cache entry in the branch where the lookup succeeds. Fixes: 2357672c54c3 ("bpf: Introduce BPF support for kernel module function calls") Reported-by: Simon Sundberg Acked-by: Jiri Olsa Acked-by: Kumar Kartikeya Dwivedi Signed-off-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/r/20241010-fix-kfunc-btf-caching-for-modules-v2-1-745af6c1af98@redhat.com Signed-off-by: Alexei Starovoitov commit 6e0391e48cf9fb8b1b5e27c0cbbaf2e4639f2c33 Author: Stephen Boyd Date: Wed Oct 9 13:41:31 2024 -0700 of: Skip kunit tests when arm64+ACPI doesn't populate root node A root node is required to apply DT overlays. A root node is usually present after commit 7b937cc243e5 ("of: Create of_root if no dtb provided by firmware"), except for on arm64 systems booted with ACPI tables. In that case, the root node is intentionally not populated because it would "allow DT devices to be instantiated atop an ACPI base system"[1]. Introduce an OF function that skips the kunit test if the root node isn't populated. Limit the test to when both CONFIG_ARM64 and CONFIG_ACPI are set, because otherwise the lack of a root node is a bug. Make the function private and take a kunit test parameter so that it can't be abused to test for the presence of the root node in non-test code. Use this function to skip tests that require the root node. Currently that's the DT tests and any tests that apply overlays. Reported-by: Guenter Roeck Closes: https://lore.kernel.org/r/6cd337fb-38f0-41cb-b942-5844b84433db@roeck-us.net Link: https://lore.kernel.org/r/Zd4dQpHO7em1ji67@FVFF77S0Q05N.cambridge.arm.com [1] Fixes: 893ecc6d2d61 ("of: Add KUnit test to confirm DTB is loaded") Signed-off-by: Stephen Boyd Tested-by: Guenter Roeck Acked-by: Mark Rutland Link: https://lore.kernel.org/r/20241009204133.1169931-1-sboyd@kernel.org Signed-off-by: Rob Herring (Arm) commit eb952c47d154ba2aac794b99c66c3c45eb4cc4ec Merge: 5870963f6c0e2d e761be2a074408 Author: Linus Torvalds Date: Thu Oct 10 10:02:59 2024 -0700 Merge tag 'for-6.12-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux Pull btrfs fixes from David Sterba: - update fstrim loop and add more cancellation points, fix reported delayed or blocked suspend if there's a huge chunk queued - fix error handling in recent qgroup xarray conversion - in zoned mode, fix warning printing device path without RCU protection - again fix invalid extent xarray state (6252690f7e1b), lost due to refactoring * tag 'for-6.12-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux: btrfs: fix clear_dirty and writeback ordering in submit_one_sector() btrfs: zoned: fix missing RCU locking in error message when loading zone info btrfs: fix missing error handling when adding delayed ref with qgroups enabled btrfs: add cancellation points to trim loops btrfs: split remaining space to discard in chunks commit 5870963f6c0e2dc7f3330c6cfdbda6b81bfdd3a5 Merge: 825ec756afeeb0 c88c150a467fcb Author: Linus Torvalds Date: Thu Oct 10 09:52:49 2024 -0700 Merge tag 'nfsd-6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux Pull nfsd fixes from Chuck Lever: - Fix NFSD bring-up / shutdown - Fix a UAF when releasing a stateid * tag 'nfsd-6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux: nfsd: fix possible badness in FREE_STATEID nfsd: nfsd_destroy_serv() must call svc_destroy() even if nfsd_startup_net() failed NFSD: Mark filecache "down" if init fails commit f7345ccc62a4b880cf76458db5f320725f28e400 Author: Frederic Weisbecker Date: Thu Oct 10 18:36:09 2024 +0200 rcu/nocb: Fix rcuog wake-up from offline softirq After a CPU has set itself offline and before it eventually calls rcutree_report_cpu_dead(), there are still opportunities for callbacks to be enqueued, for example from a softirq. When that happens on NOCB, the rcuog wake-up is deferred through an IPI to an online CPU in order not to call into the scheduler and risk arming the RT-bandwidth after hrtimers have been migrated out and disabled. But performing a synchronized IPI from a softirq is buggy as reported in the following scenario: WARNING: CPU: 1 PID: 26 at kernel/smp.c:633 smp_call_function_single Modules linked in: rcutorture torture CPU: 1 UID: 0 PID: 26 Comm: migration/1 Not tainted 6.11.0-rc1-00012-g9139f93209d1 #1 Stopper: multi_cpu_stop+0x0/0x320 <- __stop_cpus+0xd0/0x120 RIP: 0010:smp_call_function_single swake_up_one_online __call_rcu_nocb_wake __call_rcu_common ? rcu_torture_one_read call_timer_fn __run_timers run_timer_softirq handle_softirqs irq_exit_rcu ? tick_handle_periodic sysvec_apic_timer_interrupt Fix this with forcing deferred rcuog wake up through the NOCB timer when the CPU is offline. The actual wake up will happen from rcutree_report_cpu_dead(). Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202409231644.4c55582d-lkp@intel.com Fixes: 9139f93209d1 ("rcu/nocb: Fix RT throttling hrtimer armed from offline CPU") Reviewed-by: "Joel Fernandes (Google)" Signed-off-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 825ec756afeeb082395ac6430e7b07e3a9997665 Merge: d3d1556696c1a9 77bfe1b11ea0c0 Author: Linus Torvalds Date: Thu Oct 10 09:45:45 2024 -0700 Merge tag 'xfs-6.12-fixes-3' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux Pull xfs fixes from Carlos Maiolino: - A few small typo fixes - fstests xfs/538 DEBUG-only fix - Performance fix on blockgc on COW'ed files, by skipping trims on cowblock inodes currently opened for write - Prevent cowblocks to be freed under dirty pagecache during unshare - Update MAINTAINERS file to quote the new maintainer * tag 'xfs-6.12-fixes-3' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: xfs: fix a typo xfs: don't free cowblocks from under dirty pagecache on unshare xfs: skip background cowblock trims on inodes open for write xfs: support lowmode allocations in xfs_bmap_exact_minlen_extent_alloc xfs: call xfs_bmap_exact_minlen_extent_alloc from xfs_bmap_btalloc xfs: don't ifdef around the exact minlen allocations xfs: fold xfs_bmap_alloc_userdata into xfs_bmapi_allocate xfs: distinguish extra split from real ENOSPC from xfs_attr_node_try_addname xfs: distinguish extra split from real ENOSPC from xfs_attr3_leaf_split xfs: return bool from xfs_attr3_leaf_add xfs: merge xfs_attr_leaf_try_add into xfs_attr_leaf_addname xfs: Use try_cmpxchg() in xlog_cil_insert_pcp_aggregate() xfs: scrub: convert comma to semicolon xfs: Remove empty declartion in header file MAINTAINERS: add Carlos Maiolino as XFS release manager commit 7b43ba65019e83b55cfacfcfc0c3a08330af54c1 Merge: 7d3fce8cbe3a70 5404b5a2fea983 Author: Jakub Kicinski Date: Thu Oct 10 09:35:50 2024 -0700 Merge branch 'maintainers-networking-file-coverage-updates' Simon Horman says: ==================== MAINTAINERS: Networking file coverage updates The aim of this proposal is to make the handling of some files, related to Networking and Wireless, more consistently. It does so by: 1. Adding some more headers to the UDP section, making it consistent with the TCP section. 2. Excluding some files relating to Wireless from NETWORKING [GENERAL], making their handling consistent with other files related to Wireless. The aim of this is to make things more consistent. And for MAINTAINERS to better reflect the situation on the ground. I am more than happy to be told that the current state of affairs is fine. Or for other ideas to be discussed. v1: https://lore.kernel.org/20241004-maint-net-hdrs-v1-0-41fd555aacc5@kernel.org ==================== Link: https://patch.msgid.link/20241009-maint-net-hdrs-v2-0-f2c86e7309c8@kernel.org Signed-off-by: Jakub Kicinski commit 5404b5a2fea9831a1f5be4ab9a94de07d976b177 Author: Simon Horman Date: Wed Oct 9 09:47:23 2024 +0100 MAINTAINERS: Add headers and mailing list to UDP section Add netdev mailing list and some more udp.h headers to the UDP section. This is now more consistent with the TCP section. Acked-by: Willem de Bruijn Signed-off-by: Simon Horman Link: https://patch.msgid.link/20241009-maint-net-hdrs-v2-2-f2c86e7309c8@kernel.org Signed-off-by: Jakub Kicinski commit 9937aae39bc09645cd67d53e0320926cd91570de Author: Simon Horman Date: Wed Oct 9 09:47:22 2024 +0100 MAINTAINERS: consistently exclude wireless files from NETWORKING [GENERAL] We already exclude wireless drivers from the netdev@ traffic, to delegate it to linux-wireless@, and avoid overwhelming netdev@. Many of the following wireless-related sections MAINTAINERS are already not included in the NETWORKING [GENERAL] section. For consistency, exclude those that are. * 802.11 (including CFG80211/NL80211) * MAC80211 * RFKILL Acked-by: Johannes Berg Signed-off-by: Simon Horman Link: https://patch.msgid.link/20241009-maint-net-hdrs-v2-1-f2c86e7309c8@kernel.org Signed-off-by: Jakub Kicinski commit c425180d888e7d346d3b574a62a91932bca8797f Author: Honglei Wang Date: Thu Oct 10 11:34:05 2024 +0800 sched_ext: use correct function name in pick_task_scx() warning message pick_next_task_scx() was turned into pick_task_scx() since commit 753e2836d139 ("sched_ext: Unify regular and core-sched pick task paths"). Update the outdated message. Signed-off-by: Honglei Wang Signed-off-by: Tejun Heo commit 7d3fce8cbe3a70a1c7c06c9b53696be5d5d8dd5c Author: Eric Dumazet Date: Wed Oct 9 09:11:32 2024 +0000 slip: make slhc_remember() more robust against malicious packets syzbot found that slhc_remember() was missing checks against malicious packets [1]. slhc_remember() only checked the size of the packet was at least 20, which is not good enough. We need to make sure the packet includes the IPv4 and TCP header that are supposed to be carried. Add iph and th pointers to make the code more readable. [1] BUG: KMSAN: uninit-value in slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666 slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666 ppp_receive_nonmp_frame+0xe45/0x35e0 drivers/net/ppp/ppp_generic.c:2455 ppp_receive_frame drivers/net/ppp/ppp_generic.c:2372 [inline] ppp_do_recv+0x65f/0x40d0 drivers/net/ppp/ppp_generic.c:2212 ppp_input+0x7dc/0xe60 drivers/net/ppp/ppp_generic.c:2327 pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113 __release_sock+0x1da/0x330 net/core/sock.c:3072 release_sock+0x6b/0x250 net/core/sock.c:3626 pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903 sock_sendmsg_nosec net/socket.c:729 [inline] __sock_sendmsg+0x30f/0x380 net/socket.c:744 ____sys_sendmsg+0x903/0xb60 net/socket.c:2602 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656 __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742 __do_sys_sendmmsg net/socket.c:2771 [inline] __se_sys_sendmmsg net/socket.c:2768 [inline] __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768 x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was created at: slab_post_alloc_hook mm/slub.c:4091 [inline] slab_alloc_node mm/slub.c:4134 [inline] kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4186 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587 __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678 alloc_skb include/linux/skbuff.h:1322 [inline] sock_wmalloc+0xfe/0x1a0 net/core/sock.c:2732 pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867 sock_sendmsg_nosec net/socket.c:729 [inline] __sock_sendmsg+0x30f/0x380 net/socket.c:744 ____sys_sendmsg+0x903/0xb60 net/socket.c:2602 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656 __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742 __do_sys_sendmmsg net/socket.c:2771 [inline] __se_sys_sendmmsg net/socket.c:2768 [inline] __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768 x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 0 UID: 0 PID: 5460 Comm: syz.2.33 Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Fixes: b5451d783ade ("slip: Move the SLIP drivers") Reported-by: syzbot+2ada1bc857496353be5a@syzkaller.appspotmail.com Closes: https://lore.kernel.org/netdev/670646db.050a0220.3f80e.0027.GAE@google.com/T/#u Signed-off-by: Eric Dumazet Link: https://patch.msgid.link/20241009091132.2136321-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit 182fff3a2aafe4e7f3717a0be9df2fe2ed1a77de Author: Christian Heusel Date: Thu Oct 10 15:32:11 2024 +0200 ASoC: amd: yc: Add quirk for ASUS Vivobook S15 M3502RA As reported the builtin microphone doesn't work on the ASUS Vivobook model S15 OLED M3502RA. Therefore add a quirk for it to make it work. Link: https://bugzilla.kernel.org/show_bug.cgi?id=219345 Signed-off-by: Christian Heusel Link: https://patch.msgid.link/20241010-bugzilla-219345-asus-vivobook-v1-1-3bb24834e2c3@heusel.eu Signed-off-by: Mark Brown commit 6fd27ea183c208e478129a85e11d880fc70040f2 Author: D. Wythe Date: Wed Oct 9 14:55:16 2024 +0800 net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC Eric report a panic on IPPROTO_SMC, and give the facts that when INET_PROTOSW_ICSK was set, icsk->icsk_sync_mss must be set too. Bug: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 Mem abort info: ESR = 0x0000000086000005 EC = 0x21: IABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x05: level 1 translation fault user pgtable: 4k pages, 48-bit VAs, pgdp=00000001195d1000 [0000000000000000] pgd=0800000109c46003, p4d=0800000109c46003, pud=0000000000000000 Internal error: Oops: 0000000086000005 [#1] PREEMPT SMP Modules linked in: CPU: 1 UID: 0 PID: 8037 Comm: syz.3.265 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : 0x0 lr : cipso_v4_sock_setattr+0x2a8/0x3c0 net/ipv4/cipso_ipv4.c:1910 sp : ffff80009b887a90 x29: ffff80009b887aa0 x28: ffff80008db94050 x27: 0000000000000000 x26: 1fffe0001aa6f5b3 x25: dfff800000000000 x24: ffff0000db75da00 x23: 0000000000000000 x22: ffff0000d8b78518 x21: 0000000000000000 x20: ffff0000d537ad80 x19: ffff0000d8b78000 x18: 1fffe000366d79ee x17: ffff8000800614a8 x16: ffff800080569b84 x15: 0000000000000001 x14: 000000008b336894 x13: 00000000cd96feaa x12: 0000000000000003 x11: 0000000000040000 x10: 00000000000020a3 x9 : 1fffe0001b16f0f1 x8 : 0000000000000000 x7 : 0000000000000000 x6 : 000000000000003f x5 : 0000000000000040 x4 : 0000000000000001 x3 : 0000000000000000 x2 : 0000000000000002 x1 : 0000000000000000 x0 : ffff0000d8b78000 Call trace: 0x0 netlbl_sock_setattr+0x2e4/0x338 net/netlabel/netlabel_kapi.c:1000 smack_netlbl_add+0xa4/0x154 security/smack/smack_lsm.c:2593 smack_socket_post_create+0xa8/0x14c security/smack/smack_lsm.c:2973 security_socket_post_create+0x94/0xd4 security/security.c:4425 __sock_create+0x4c8/0x884 net/socket.c:1587 sock_create net/socket.c:1622 [inline] __sys_socket_create net/socket.c:1659 [inline] __sys_socket+0x134/0x340 net/socket.c:1706 __do_sys_socket net/socket.c:1720 [inline] __se_sys_socket net/socket.c:1718 [inline] __arm64_sys_socket+0x7c/0x94 net/socket.c:1718 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 Code: ???????? ???????? ???????? ???????? (????????) ---[ end trace 0000000000000000 ]--- This patch add a toy implementation that performs a simple return to prevent such panic. This is because MSS can be set in sock_create_kern or smc_setsockopt, similar to how it's done in AF_SMC. However, for AF_SMC, there is currently no way to synchronize MSS within __sys_connect_file. This toy implementation lays the groundwork for us to support such feature for IPPROTO_SMC in the future. Fixes: d25a92ccae6b ("net/smc: Introduce IPPROTO_SMC") Reported-by: Eric Dumazet Signed-off-by: D. Wythe Reviewed-by: Eric Dumazet Reviewed-by: Wenjia Zhang Link: https://patch.msgid.link/1728456916-67035-1-git-send-email-alibuda@linux.alibaba.com Signed-off-by: Jakub Kicinski commit 40dddd4b8bd08a69471efd96107a4e1c73fabefc Author: Eric Dumazet Date: Wed Oct 9 18:58:02 2024 +0000 ppp: fix ppp_async_encode() illegal access syzbot reported an issue in ppp_async_encode() [1] In this case, pppoe_sendmsg() is called with a zero size. Then ppp_async_encode() is called with an empty skb. BUG: KMSAN: uninit-value in ppp_async_encode drivers/net/ppp/ppp_async.c:545 [inline] BUG: KMSAN: uninit-value in ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675 ppp_async_encode drivers/net/ppp/ppp_async.c:545 [inline] ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675 ppp_async_send+0x130/0x1b0 drivers/net/ppp/ppp_async.c:634 ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2280 [inline] ppp_input+0x1f1/0xe60 drivers/net/ppp/ppp_generic.c:2304 pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113 __release_sock+0x1da/0x330 net/core/sock.c:3072 release_sock+0x6b/0x250 net/core/sock.c:3626 pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903 sock_sendmsg_nosec net/socket.c:729 [inline] __sock_sendmsg+0x30f/0x380 net/socket.c:744 ____sys_sendmsg+0x903/0xb60 net/socket.c:2602 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656 __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742 __do_sys_sendmmsg net/socket.c:2771 [inline] __se_sys_sendmmsg net/socket.c:2768 [inline] __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768 x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was created at: slab_post_alloc_hook mm/slub.c:4092 [inline] slab_alloc_node mm/slub.c:4135 [inline] kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4187 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587 __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678 alloc_skb include/linux/skbuff.h:1322 [inline] sock_wmalloc+0xfe/0x1a0 net/core/sock.c:2732 pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867 sock_sendmsg_nosec net/socket.c:729 [inline] __sock_sendmsg+0x30f/0x380 net/socket.c:744 ____sys_sendmsg+0x903/0xb60 net/socket.c:2602 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656 __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742 __do_sys_sendmmsg net/socket.c:2771 [inline] __se_sys_sendmmsg net/socket.c:2768 [inline] __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768 x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 1 UID: 0 PID: 5411 Comm: syz.1.14 Not tainted 6.12.0-rc1-syzkaller-00165-g360c1f1f24c6 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Reported-by: syzbot+1d121645899e7692f92a@syzkaller.appspotmail.com Signed-off-by: Eric Dumazet Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241009185802.3763282-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit aeb218d900e3ea2cc3878ba92cb4758227075358 Author: Simon Horman Date: Wed Oct 9 10:12:19 2024 +0100 docs: netdev: document guidance on cleanup patches The purpose of this section is to document what is the current practice regarding clean-up patches which address checkpatch warnings and similar problems. I feel there is a value in having this documented so others can easily refer to it. Clearly this topic is subjective. And to some extent the current practice discourages a wider range of patches than is described here. But I feel it is best to start somewhere, with the most well established part of the current practice. Signed-off-by: Simon Horman Link: https://patch.msgid.link/20241009-doc-mc-clean-v2-1-e637b665fa81@kernel.org Signed-off-by: Jakub Kicinski commit ad6639f143a0b42d7fb110ad14f5949f7c218890 Author: Julian Vetter Date: Thu Oct 10 14:46:01 2024 +0200 sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML When building for the UM arch and neither INDIRECT_IOMEM=y, nor HAS_IOMEM=y is selected, it will fall back to the implementations from asm-generic/io.h for IO memcpy. But these fall-back functions just do a memcpy. So, instead of depending on UML, add dependency on 'HAS_IOMEM || INDIRECT_IOMEM'. Reviewed-by: Yann Sionneau Signed-off-by: Julian Vetter Link: https://patch.msgid.link/20241010124601.700528-1-jvetter@kalrayinc.com Signed-off-by: Takashi Iwai commit ffc8fa91bef547ed419fb093e5e1703567552d2a Merge: 9a3cd877dc9306 b5e837c86041be Author: Paolo Abeni Date: Thu Oct 10 15:39:37 2024 +0200 Merge branch 'rtnetlink-handle-error-of-rtnl_register_module' Kuniyuki Iwashima says: ==================== rtnetlink: Handle error of rtnl_register_module(). While converting phonet to per-netns RTNL, I found a weird comment /* Further rtnl_register_module() cannot fail */ that was true but no longer true after commit addf9b90de22 ("net: rtnetlink: use rcu to free rtnl message handlers"). Many callers of rtnl_register_module() just ignore the returned value but should handle them properly. This series introduces two helpers, rtnl_register_many() and rtnl_unregister_many(), to do that easily and fix such callers. All rtnl_register() and rtnl_register_module() will be converted to _many() variant and some rtnl_lock() will be saved in _many() later in net-next. Changes: v4: * Add more context in changelog of each patch v3: https://lore.kernel.org/all/20241007124459.5727-1-kuniyu@amazon.com/ * Move module *owner to struct rtnl_msg_handler * Make struct rtnl_msg_handler args/vars const * Update mctp goto labels v2: https://lore.kernel.org/netdev/20241004222358.79129-1-kuniyu@amazon.com/ * Remove __exit from mctp_neigh_exit(). v1: https://lore.kernel.org/netdev/20241003205725.5612-1-kuniyu@amazon.com/ ==================== Link: https://patch.msgid.link/20241008184737.9619-1-kuniyu@amazon.com Signed-off-by: Paolo Abeni commit b5e837c86041bef60f36cf9f20a641a30764379a Author: Kuniyuki Iwashima Date: Tue Oct 8 11:47:37 2024 -0700 phonet: Handle error of rtnl_register_module(). Before commit addf9b90de22 ("net: rtnetlink: use rcu to free rtnl message handlers"), once the first rtnl_register_module() allocated rtnl_msg_handlers[PF_PHONET], the following calls never failed. However, after the commit, rtnl_register_module() could fail silently to allocate rtnl_msg_handlers[PF_PHONET][msgtype] and requires error handling for each call. Handling the error allows users to view a module as an all-or-nothing thing in terms of the rtnetlink functionality. This prevents syzkaller from reporting spurious errors from its tests, where OOM often occurs and module is automatically loaded. Let's use rtnl_register_many() to handle the errors easily. Fixes: addf9b90de22 ("net: rtnetlink: use rcu to free rtnl message handlers") Signed-off-by: Kuniyuki Iwashima Acked-by: Rémi Denis-Courmont Signed-off-by: Paolo Abeni commit 5be2062e3080e3ff6707816caa445ec0c6eaacf7 Author: Kuniyuki Iwashima Date: Tue Oct 8 11:47:36 2024 -0700 mpls: Handle error of rtnl_register_module(). Since introduced, mpls_init() has been ignoring the returned value of rtnl_register_module(), which could fail silently. Handling the error allows users to view a module as an all-or-nothing thing in terms of the rtnetlink functionality. This prevents syzkaller from reporting spurious errors from its tests, where OOM often occurs and module is automatically loaded. Let's handle the errors by rtnl_register_many(). Fixes: 03c0566542f4 ("mpls: Netlink commands to add, remove, and dump routes") Signed-off-by: Kuniyuki Iwashima Signed-off-by: Paolo Abeni commit d51705614f668254cc5def7490df76f9680b4659 Author: Kuniyuki Iwashima Date: Tue Oct 8 11:47:35 2024 -0700 mctp: Handle error of rtnl_register_module(). Since introduced, mctp has been ignoring the returned value of rtnl_register_module(), which could fail silently. Handling the error allows users to view a module as an all-or-nothing thing in terms of the rtnetlink functionality. This prevents syzkaller from reporting spurious errors from its tests, where OOM often occurs and module is automatically loaded. Let's handle the errors by rtnl_register_many(). Fixes: 583be982d934 ("mctp: Add device handling and netlink interface") Fixes: 831119f88781 ("mctp: Add neighbour netlink interface") Fixes: 06d2f4c583a7 ("mctp: Add netlink route management") Signed-off-by: Kuniyuki Iwashima Reviewed-by: Jeremy Kerr Signed-off-by: Paolo Abeni commit cba5e43b0b757734b1e79f624d93a71435e31136 Author: Kuniyuki Iwashima Date: Tue Oct 8 11:47:34 2024 -0700 bridge: Handle error of rtnl_register_module(). Since introduced, br_vlan_rtnl_init() has been ignoring the returned value of rtnl_register_module(), which could fail silently. Handling the error allows users to view a module as an all-or-nothing thing in terms of the rtnetlink functionality. This prevents syzkaller from reporting spurious errors from its tests, where OOM often occurs and module is automatically loaded. Let's handle the errors by rtnl_register_many(). Fixes: 8dcea187088b ("net: bridge: vlan: add rtm definitions and dump support") Fixes: f26b296585dc ("net: bridge: vlan: add new rtm message support") Fixes: adb3ce9bcb0f ("net: bridge: vlan: add del rtm message support") Signed-off-by: Kuniyuki Iwashima Acked-by: Nikolay Aleksandrov Signed-off-by: Paolo Abeni commit 78b7b991838a4a6baeaad934addc4db2c5917eb8 Author: Kuniyuki Iwashima Date: Tue Oct 8 11:47:33 2024 -0700 vxlan: Handle error of rtnl_register_module(). Since introduced, vxlan_vnifilter_init() has been ignoring the returned value of rtnl_register_module(), which could fail silently. Handling the error allows users to view a module as an all-or-nothing thing in terms of the rtnetlink functionality. This prevents syzkaller from reporting spurious errors from its tests, where OOM often occurs and module is automatically loaded. Let's handle the errors by rtnl_register_many(). Fixes: f9c4bb0b245c ("vxlan: vni filtering support on collect metadata device") Signed-off-by: Kuniyuki Iwashima Reviewed-by: Nikolay Aleksandrov Signed-off-by: Paolo Abeni commit 07cc7b0b942bf55ef1a471470ecda8d2a6a6541f Author: Kuniyuki Iwashima Date: Tue Oct 8 11:47:32 2024 -0700 rtnetlink: Add bulk registration helpers for rtnetlink message handlers. Before commit addf9b90de22 ("net: rtnetlink: use rcu to free rtnl message handlers"), once rtnl_msg_handlers[protocol] was allocated, the following rtnl_register_module() for the same protocol never failed. However, after the commit, rtnl_msg_handler[protocol][msgtype] needs to be allocated in each rtnl_register_module(), so each call could fail. Many callers of rtnl_register_module() do not handle the returned error, and we need to add many error handlings. To handle that easily, let's add wrapper functions for bulk registration of rtnetlink message handlers. Signed-off-by: Kuniyuki Iwashima Signed-off-by: Paolo Abeni commit cad4b3d4ab1f062708fff33f44d246853f51e966 Author: Michael Mueller Date: Tue Sep 17 17:18:34 2024 +0200 KVM: s390: Change virtual to physical address access in diag 0x258 handler The parameters for the diag 0x258 are real addresses, not virtual, but KVM was using them as virtual addresses. This only happened to work, since the Linux kernel as a guest used to have a 1:1 mapping for physical vs virtual addresses. Fix KVM so that it correctly uses the addresses as real addresses. Cc: stable@vger.kernel.org Fixes: 8ae04b8f500b ("KVM: s390: Guest's memory access functions get access registers") Suggested-by: Vasily Gorbik Signed-off-by: Michael Mueller Signed-off-by: Nico Boehr Reviewed-by: Christian Borntraeger Reviewed-by: Heiko Carstens Link: https://lore.kernel.org/r/20240917151904.74314-3-nrb@linux.ibm.com Acked-by: Janosch Frank Signed-off-by: Heiko Carstens commit e8061f06185be0a06a73760d6526b8b0feadfe52 Author: Nico Boehr Date: Tue Sep 17 17:18:33 2024 +0200 KVM: s390: gaccess: Check if guest address is in memslot Previously, access_guest_page() did not check whether the given guest address is inside of a memslot. This is not a problem, since kvm_write_guest_page/kvm_read_guest_page return -EFAULT in this case. However, -EFAULT is also returned when copy_to/from_user fails. When emulating a guest instruction, the address being outside a memslot usually means that an addressing exception should be injected into the guest. Failure in copy_to/from_user however indicates that something is wrong in userspace and hence should be handled there. To be able to distinguish these two cases, return PGM_ADDRESSING in access_guest_page() when the guest address is outside guest memory. In access_guest_real(), populate vcpu->arch.pgm.code such that kvm_s390_inject_prog_cond() can be used in the caller for injecting into the guest (if applicable). Since this adds a new return value to access_guest_page(), we need to make sure that other callers are not confused by the new positive return value. There are the following users of access_guest_page(): - access_guest_with_key() does the checking itself (in guest_range_to_gpas()), so this case should never happen. Even if, the handling is set up properly. - access_guest_real() just passes the return code to its callers, which are: - read_guest_real() - see below - write_guest_real() - see below There are the following users of read_guest_real(): - ar_translation() in gaccess.c which already returns PGM_* - setup_apcb10(), setup_apcb00(), setup_apcb11() in vsie.c which always return -EFAULT on read_guest_read() nonzero return - no change - shadow_crycb(), handle_stfle() always present this as validity, this could be handled better but doesn't change current behaviour - no change There are the following users of write_guest_real(): - kvm_s390_store_status_unloaded() always returns -EFAULT on write_guest_real() failure. Fixes: 2293897805c2 ("KVM: s390: add architecture compliant guest access functions") Cc: stable@vger.kernel.org Signed-off-by: Nico Boehr Reviewed-by: Heiko Carstens Link: https://lore.kernel.org/r/20240917151904.74314-2-nrb@linux.ibm.com Acked-by: Janosch Frank Signed-off-by: Heiko Carstens commit 78f636e82b2288462498e235dc5a886426ce5dd7 Author: Harald Freudenberger Date: Wed Sep 25 15:31:06 2024 +0200 s390/ap: Fix CCA crypto card behavior within protected execution environment A crypto card comes in 3 flavors: accelerator, CCA co-processor or EP11 co-processor. Within a protected execution environment only the accelerator and EP11 co-processor is supported. However, it is possible to set up a KVM guest with a CCA card and run it as a protected execution guest. There is nothing at the host side which prevents this. Within such a guest, a CCA card is shown as "illicit" and you can't do anything with such a crypto card. Regardless of the unsupported CCA card within a protected execution guest there are a couple of user space applications which unconditional try to run crypto requests to the zcrypt device driver. There was a bug within the AP bus code which allowed such a request to be forwarded to a CCA card where it is finally rejected and the driver reacts with -ENODEV but also triggers an AP bus scan. Together with a retry loop this caused some kind of "hang" of the KVM guest. On startup it caused timeouts and finally led the KVM guest startup fail. Fix that by closing the gap and make sure a CCA card is not usable within a protected execution environment. Another behavior within an protected execution environment with CCA cards was that the se_bind and se_associate AP queue sysfs attributes where shown. The implementation unconditional always added these attributes. Fix that by checking if the card mode is supported within a protected execution environment and only if valid, add the attribute group. Signed-off-by: Harald Freudenberger Reviewed-by: Holger Dengler Signed-off-by: Heiko Carstens commit 3cd03ea57e8e16cc78cc357d5e9f26078426f236 Author: Niklas Schnelle Date: Thu Apr 11 14:01:39 2024 +0200 s390/pci: Handle PCI error codes other than 0x3a The Linux implementation of PCI error recovery for s390 was based on the understanding that firmware error recovery is a two step process with an optional initial error event to indicate the cause of the error if known followed by either error event 0x3A (Success) or 0x3B (Failure) to indicate whether firmware was able to recover. While this has been the case in testing and the error cases seen in the wild it turns out this is not correct. Instead firmware only generates 0x3A for some error and service scenarios and expects the OS to perform recovery for all PCI events codes except for those indicating permanent error (0x3B, 0x40) and those indicating errors on the function measurement block (0x2A, 0x2B, 0x2C). Align Linux behavior with these expectations. Fixes: 4cdf2f4e24ff ("s390/pci: implement minimal PCI error recovery") Reviewed-by: Gerd Bayer Signed-off-by: Niklas Schnelle Signed-off-by: Heiko Carstens commit 122fe6e915cef4710461bc7f137da03607003a0e Author: Markus Grabner Date: Wed Oct 9 21:42:51 2024 +0200 ALSA: line6: update contact information The Line6 driver source code files contain an outdated email address of the original author. This patch updates the contact information. Signed-off-by: Markus Grabner Link: https://patch.msgid.link/20241009194251.15662-1-line6@grabner-graz.at Signed-off-by: Takashi Iwai commit 57c14b983f3b0293f68ef7395148dd80197f5f9d Author: Karol Kosik Date: Wed Oct 9 23:59:10 2024 -0700 ALSA: usb-audio: Fix NULL pointer deref in snd_usb_power_domain_set() Commit adding support for multiple control interfaces expanded struct snd_usb_power_domain with pointer to control interface for proper control message routing but missed one initialization point of this structure, which has left new field with NULL value. Standard mandates that each device has at least one control interface and code responsible for power domain does not check for NULL values when querying for control interface. This caused some USB devices to crash the kernel. Fixes: 6aa8700150f7 ("ALSA: usb-audio: Support multiple control interfaces") Signed-off-by: Karol Kosik Link: https://patch.msgid.link/AS8P190MB1285B563C6B5394DB274813FEC782@AS8P190MB1285.EURP190.PROD.OUTLOOK.COM Signed-off-by: Takashi Iwai commit 7738568885f2eaecfc10a3f530a2693e5f0ae3d0 Author: Ulf Hansson Date: Wed Oct 2 14:22:23 2024 +0200 PM: domains: Fix alloc/free in dev_pm_domain_attach|detach_list() The dev_pm_domain_attach|detach_list() functions are not resource managed, hence they should not use devm_* helpers to manage allocation/freeing of data. Let's fix this by converting to the traditional alloc/free functions. Fixes: 161e16a5e50a ("PM: domains: Add helper functions to attach/detach multiple PM domains") Cc: stable@vger.kernel.org Signed-off-by: Ulf Hansson Acked-by: Viresh Kumar Link: https://lore.kernel.org/r/20241002122232.194245-3-ulf.hansson@linaro.org commit fa36b4bc9234f1538580737a7d77a5344c9a4afe Author: Ulf Hansson Date: Wed Oct 2 14:22:22 2024 +0200 Revert "drm/tegra: gr3d: Convert into dev_pm_domain_attach|detach_list()" This reverts commit f790b5c09665cab0d51dfcc84832d79d2b1e6c0e. The reverted commit was not ready to be applied due to dependency on other OPP/pmdomain changes that didn't make it for the last release cycle. Let's revert it to fix the behaviour. Signed-off-by: Ulf Hansson Acked-by: Viresh Kumar Link: https://lore.kernel.org/r/20241002122232.194245-2-ulf.hansson@linaro.org commit 9a3cd877dc93061fbbe0c834d53d89639e7ea46a Merge: ac888d58869bb9 c6a0862bee696c Author: Paolo Abeni Date: Thu Oct 10 13:50:55 2024 +0200 Merge tag 'nf-24-10-09' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf Pablo Neira Ayuso says: ==================== Netfilter fixes for net The following patchset contains Netfilter fixes for net: 1) Restrict xtables extensions to families that are safe, syzbot found a way to combine ebtables with extensions that are never used by userspace tools. From Florian Westphal. 2) Set l3mdev inconditionally whenever possible in nft_fib to fix lookup mismatch, also from Florian. netfilter pull request 24-10-09 * tag 'nf-24-10-09' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: selftests: netfilter: conntrack_vrf.sh: add fib test case netfilter: fib: check correct rtable in vrf setups netfilter: xtables: avoid NFPROTO_UNSPEC where needed ==================== Link: https://patch.msgid.link/20241009213858.3565808-1-pablo@netfilter.org Signed-off-by: Paolo Abeni commit 27e8fe0da3b75520edfba9cee0030aeb5aef1505 Author: Michal Wilczynski Date: Tue Oct 8 12:03:27 2024 +0200 mmc: sdhci-of-dwcmshc: Prevent stale command interrupt handling While working with the T-Head 1520 LicheePi4A SoC, certain conditions arose that allowed me to reproduce a race issue in the sdhci code. To reproduce the bug, you need to enable the sdio1 controller in the device tree file `arch/riscv/boot/dts/thead/th1520-lichee-module-4a.dtsi` as follows: &sdio1 { bus-width = <4>; max-frequency = <100000000>; no-sd; no-mmc; broken-cd; cap-sd-highspeed; post-power-on-delay-ms = <50>; status = "okay"; wakeup-source; keep-power-in-suspend; }; When resetting the SoC using the reset button, the following messages appear in the dmesg log: [ 8.164898] mmc2: Got command interrupt 0x00000001 even though no command operation was in progress. [ 8.174054] mmc2: sdhci: ============ SDHCI REGISTER DUMP =========== [ 8.180503] mmc2: sdhci: Sys addr: 0x00000000 | Version: 0x00000005 [ 8.186950] mmc2: sdhci: Blk size: 0x00000000 | Blk cnt: 0x00000000 [ 8.193395] mmc2: sdhci: Argument: 0x00000000 | Trn mode: 0x00000000 [ 8.199841] mmc2: sdhci: Present: 0x03da0000 | Host ctl: 0x00000000 [ 8.206287] mmc2: sdhci: Power: 0x0000000f | Blk gap: 0x00000000 [ 8.212733] mmc2: sdhci: Wake-up: 0x00000000 | Clock: 0x0000decf [ 8.219178] mmc2: sdhci: Timeout: 0x00000000 | Int stat: 0x00000000 [ 8.225622] mmc2: sdhci: Int enab: 0x00ff1003 | Sig enab: 0x00ff1003 [ 8.232068] mmc2: sdhci: ACmd stat: 0x00000000 | Slot int: 0x00000000 [ 8.238513] mmc2: sdhci: Caps: 0x3f69c881 | Caps_1: 0x08008177 [ 8.244959] mmc2: sdhci: Cmd: 0x00000502 | Max curr: 0x00191919 [ 8.254115] mmc2: sdhci: Resp[0]: 0x00001009 | Resp[1]: 0x00000000 [ 8.260561] mmc2: sdhci: Resp[2]: 0x00000000 | Resp[3]: 0x00000000 [ 8.267005] mmc2: sdhci: Host ctl2: 0x00001000 [ 8.271453] mmc2: sdhci: ADMA Err: 0x00000000 | ADMA Ptr: 0x0000000000000000 [ 8.278594] mmc2: sdhci: ============================================ I also enabled some traces to better understand the problem: kworker/3:1-62 [003] ..... 8.163538: mmc_request_start: mmc2: start struct mmc_request[000000000d30cc0c]: cmd_opcode=5 cmd_arg=0x0 cmd_flags=0x2e1 cmd_retries=0 stop_opcode=0 stop_arg=0x0 stop_flags=0x0 stop_retries=0 sbc_opcode=0 sbc_arg=0x0 sbc_flags=0x0 sbc_retires=0 blocks=0 block_size=0 blk_addr=0 data_flags=0x0 tag=0 can_retune=0 doing_retune=0 retune_now=0 need_retune=0 hold_retune=1 retune_period=0 -0 [000] d.h2. 8.164816: sdhci_cmd_irq: hw_name=ffe70a0000.mmc quirks=0x2008008 quirks2=0x8 intmask=0x10000 intmask_p=0x18000 irq/24-mmc2-96 [000] ..... 8.164840: sdhci_thread_irq: msg= irq/24-mmc2-96 [000] d.h2. 8.164896: sdhci_cmd_irq: hw_name=ffe70a0000.mmc quirks=0x2008008 quirks2=0x8 intmask=0x1 intmask_p=0x1 irq/24-mmc2-96 [000] ..... 8.285142: mmc_request_done: mmc2: end struct mmc_request[000000000d30cc0c]: cmd_opcode=5 cmd_err=-110 cmd_resp=0x0 0x0 0x0 0x0 cmd_retries=0 stop_opcode=0 stop_err=0 stop_resp=0x0 0x0 0x0 0x0 stop_retries=0 sbc_opcode=0 sbc_err=0 sbc_resp=0x0 0x0 0x0 0x0 sbc_retries=0 bytes_xfered=0 data_err=0 tag=0 can_retune=0 doing_retune=0 retune_now=0 need_retune=0 hold_retune=1 retune_period=0 Here's what happens: the __mmc_start_request function is called with opcode 5. Since the power to the Wi-Fi card, which resides on this SDIO bus, is initially off after the reset, an interrupt SDHCI_INT_TIMEOUT is triggered. Immediately after that, a second interrupt SDHCI_INT_RESPONSE is triggered. Depending on the exact timing, these conditions can trigger the following race problem: 1) The sdhci_cmd_irq top half handles the command as an error. It sets host->cmd to NULL and host->pending_reset to true. 2) The sdhci_thread_irq bottom half is scheduled next and executes faster than the second interrupt handler for SDHCI_INT_RESPONSE. It clears host->pending_reset before the SDHCI_INT_RESPONSE handler runs. 3) The pending interrupt SDHCI_INT_RESPONSE handler gets called, triggering a code path that prints: "mmc2: Got command interrupt 0x00000001 even though no command operation was in progress." To solve this issue, we need to clear pending interrupts when resetting host->pending_reset. This ensures that after sdhci_threaded_irq restores interrupts, there are no pending stale interrupts. The behavior observed here is non-compliant with the SDHCI standard. Place the code in the sdhci-of-dwcmshc driver to account for a hardware-specific quirk instead of the core SDHCI code. Signed-off-by: Michal Wilczynski Acked-by: Adrian Hunter Fixes: 43658a542ebf ("mmc: sdhci-of-dwcmshc: Add support for T-Head TH1520") Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20241008100327.4108895-1-m.wilczynski@samsung.com Signed-off-by: Ulf Hansson commit b5a468199b995bd8ee3c26f169a416a181210c9e Author: Alain Volmat Date: Wed Oct 9 18:15:52 2024 +0200 spi: stm32: fix missing device mode capability in stm32mp25 The STM32MP25 SOC has capability to behave in device mode however missing .has_device_mode within its stm32mp25_spi_cfg structure leads to not being able to enable the device mode. Signed-off-by: Alain Volmat Link: https://patch.msgid.link/20241009-spi-mp25-device-fix-v1-1-8e5ca7db7838@foss.st.com Signed-off-by: Mark Brown commit 9eb2142a2ae8c8fdfce2aaa4c110f5a6f6b0b56e Author: Amadeusz Sławiński Date: Wed Oct 9 10:12:30 2024 +0200 ASoC: topology: Bump minimal topology ABI version When v4 topology support was removed, minimal topology ABI version should have been bumped. Fixes: fe4a07454256 ("ASoC: Drop soc-topology ABI v4 support") Reviewed-by: Cezary Rojewski Signed-off-by: Amadeusz Sławiński Link: https://patch.msgid.link/20241009081230.304918-1-amadeuszx.slawinski@linux.intel.com Signed-off-by: Mark Brown commit 251ce34a446ef0e1d6acd65cf5947abd5d10b8b6 Author: Zhu Jun Date: Wed Oct 9 00:39:38 2024 -0700 ASoC: codecs: Fix error handling in aw_dev_get_dsp_status function Added proper error handling for register value check that return -EPERM when register value does not meet expected condition Signed-off-by: Zhu Jun Link: https://patch.msgid.link/20241009073938.7472-1-zhujun2@cmss.chinamobile.com Signed-off-by: Mark Brown commit d0e806b0cc6260b59c65e606034a63145169c04c Author: Alexey Klimov Date: Wed Oct 9 22:39:22 2024 +0100 ASoC: qcom: sdm845: add missing soundwire runtime stream alloc During the migration of Soundwire runtime stream allocation from the Qualcomm Soundwire controller to SoC's soundcard drivers the sdm845 soundcard was forgotten. At this point any playback attempt or audio daemon startup, for instance on sdm845-db845c (Qualcomm RB3 board), will result in stream pointer NULL dereference: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020 Mem abort info: ESR = 0x0000000096000004 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x04: level 0 translation fault Data abort info: ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 user pgtable: 4k pages, 48-bit VAs, pgdp=0000000101ecf000 [0000000000000020] pgd=0000000000000000, p4d=0000000000000000 Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP Modules linked in: ... CPU: 5 UID: 0 PID: 1198 Comm: aplay Not tainted 6.12.0-rc2-qcomlt-arm64-00059-g9d78f315a362-dirty #18 Hardware name: Thundercomm Dragonboard 845c (DT) pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : sdw_stream_add_slave+0x44/0x380 [soundwire_bus] lr : sdw_stream_add_slave+0x44/0x380 [soundwire_bus] sp : ffff80008a2035c0 x29: ffff80008a2035c0 x28: ffff80008a203978 x27: 0000000000000000 x26: 00000000000000c0 x25: 0000000000000000 x24: ffff1676025f4800 x23: ffff167600ff1cb8 x22: ffff167600ff1c98 x21: 0000000000000003 x20: ffff167607316000 x19: ffff167604e64e80 x18: 0000000000000000 x17: 0000000000000000 x16: ffffcec265074160 x15: 0000000000000000 x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 x8 : 0000000000000000 x7 : 0000000000000000 x6 : ffff167600ff1cec x5 : ffffcec22cfa2010 x4 : 0000000000000000 x3 : 0000000000000003 x2 : ffff167613f836c0 x1 : 0000000000000000 x0 : ffff16761feb60b8 Call trace: sdw_stream_add_slave+0x44/0x380 [soundwire_bus] wsa881x_hw_params+0x68/0x80 [snd_soc_wsa881x] snd_soc_dai_hw_params+0x3c/0xa4 __soc_pcm_hw_params+0x230/0x660 dpcm_be_dai_hw_params+0x1d0/0x3f8 dpcm_fe_dai_hw_params+0x98/0x268 snd_pcm_hw_params+0x124/0x460 snd_pcm_common_ioctl+0x998/0x16e8 snd_pcm_ioctl+0x34/0x58 __arm64_sys_ioctl+0xac/0xf8 invoke_syscall+0x48/0x104 el0_svc_common.constprop.0+0x40/0xe0 do_el0_svc+0x1c/0x28 el0_svc+0x34/0xe0 el0t_64_sync_handler+0x120/0x12c el0t_64_sync+0x190/0x194 Code: aa0403fb f9418400 9100e000 9400102f (f8420f22) ---[ end trace 0000000000000000 ]--- 0000000000006108 : 6108: d503233f paciasp 610c: a9b97bfd stp x29, x30, [sp, #-112]! 6110: 910003fd mov x29, sp 6114: a90153f3 stp x19, x20, [sp, #16] 6118: a9025bf5 stp x21, x22, [sp, #32] 611c: aa0103f6 mov x22, x1 6120: 2a0303f5 mov w21, w3 6124: a90363f7 stp x23, x24, [sp, #48] 6128: aa0003f8 mov x24, x0 612c: aa0203f7 mov x23, x2 6130: a9046bf9 stp x25, x26, [sp, #64] 6134: aa0403f9 mov x25, x4 <-- x4 copied to x25 6138: a90573fb stp x27, x28, [sp, #80] 613c: aa0403fb mov x27, x4 6140: f9418400 ldr x0, [x0, #776] 6144: 9100e000 add x0, x0, #0x38 6148: 94000000 bl 0 614c: f8420f22 ldr x2, [x25, #32]! <-- offset 0x44 ^^^ This is 0x6108 + offset 0x44 from the beginning of sdw_stream_add_slave() where data abort happens. wsa881x_hw_params() is called with stream = NULL and passes it further in register x4 (5th argument) to sdw_stream_add_slave() without any checks. Value from x4 is copied to x25 and finally it aborts on trying to load a value from address in x25 plus offset 32 (in dec) which corresponds to master_list member in struct sdw_stream_runtime: struct sdw_stream_runtime { const char * name; /* 0 8 */ struct sdw_stream_params params; /* 8 12 */ enum sdw_stream_state state; /* 20 4 */ enum sdw_stream_type type; /* 24 4 */ /* XXX 4 bytes hole, try to pack */ here-> struct list_head master_list; /* 32 16 */ int m_rt_count; /* 48 4 */ /* size: 56, cachelines: 1, members: 6 */ /* sum members: 48, holes: 1, sum holes: 4 */ /* padding: 4 */ /* last cacheline: 56 bytes */ Fix this by adding required calls to qcom_snd_sdw_startup() and sdw_release_stream() to startup and shutdown routines which restores the previous correct behaviour when ->set_stream() method is called to set a valid stream runtime pointer on playback startup. Reproduced and then fix was tested on db845c RB3 board. Reported-by: Dmitry Baryshkov Cc: stable@vger.kernel.org Fixes: 15c7fab0e047 ("ASoC: qcom: Move Soundwire runtime stream alloc to soundcards") Cc: Srinivas Kandagatla Cc: Dmitry Baryshkov Cc: Krzysztof Kozlowski Cc: Pierre-Louis Bossart Signed-off-by: Alexey Klimov Tested-by: Steev Klimaszewski # Lenovo Yoga C630 Reviewed-by: Krzysztof Kozlowski Reviewed-by: Srinivas Kandagatla Link: https://patch.msgid.link/20241009213922.999355-1-alexey.klimov@linaro.org Signed-off-by: Mark Brown commit a6134e7b4d4a14e0942f113a6df1d518baa2a0a4 Author: Binbin Zhou Date: Wed Oct 9 15:52:27 2024 +0800 ASoC: loongson: Fix component check failed on FDT systems Add missing snd_soc_dai_link.platforms assignment to avoid soc_dai_link_sanity_check() failure. Fixes: d24028606e76 ("ASoC: loongson: Add Loongson ASoC Sound Card Support") Signed-off-by: Binbin Zhou Link: https://patch.msgid.link/6645888f2f9e8a1d8d799109f867d0f97fd78c58.1728459624.git.zhoubinbin@loongson.cn Signed-off-by: Mark Brown commit f92f0a1b05698340836229d791b3ffecc71b265a Author: Aleksa Sarai Date: Thu Oct 10 07:40:36 2024 +1100 openat2: explicitly return -E2BIG for (usize > PAGE_SIZE) While we do currently return -EFAULT in this case, it seems prudent to follow the behaviour of other syscalls like clone3. It seems quite unlikely that anyone depends on this error code being EFAULT, but we can always revert this if it turns out to be an issue. Cc: stable@vger.kernel.org # v5.6+ Fixes: fddb5d430ad9 ("open: introduce openat2(2) syscall") Signed-off-by: Aleksa Sarai Link: https://lore.kernel.org/r/20241010-extensible-structs-check_fields-v3-3-d2833dfe6edd@cyphar.com Signed-off-by: Christian Brauner commit ac888d58869bb99753e7652be19a151df9ecb35d Author: Eric Dumazet Date: Tue Oct 8 14:31:10 2024 +0000 net: do not delay dst_entries_add() in dst_release() dst_entries_add() uses per-cpu data that might be freed at netns dismantle from ip6_route_net_exit() calling dst_entries_destroy() Before ip6_route_net_exit() can be called, we release all the dsts associated with this netns, via calls to dst_release(), which waits an rcu grace period before calling dst_destroy() dst_entries_add() use in dst_destroy() is racy, because dst_entries_destroy() could have been called already. Decrementing the number of dsts must happen sooner. Notes: 1) in CONFIG_XFRM case, dst_destroy() can call dst_release_immediate(child), this might also cause UAF if the child does not have DST_NOCOUNT set. IPSEC maintainers might take a look and see how to address this. 2) There is also discussion about removing this count of dst, which might happen in future kernels. Fixes: f88649721268 ("ipv4: fix dst race in sk_dst_get()") Closes: https://lore.kernel.org/lkml/CANn89iLCCGsP7SFn9HKpvnKu96Td4KD08xf7aGtiYgZnkjaL=w@mail.gmail.com/T/ Reported-by: Naresh Kamboju Tested-by: Linux Kernel Functional Testing Tested-by: Naresh Kamboju Signed-off-by: Eric Dumazet Cc: Xin Long Cc: Steffen Klassert Reviewed-by: Xin Long Link: https://patch.msgid.link/20241008143110.1064899-1-edumazet@google.com Signed-off-by: Paolo Abeni commit e845d2399a00f866f287e0cefbd4fc7d8ef0d2f7 Author: Herbert Xu Date: Wed Oct 9 16:38:48 2024 +0800 crypto: marvell/cesa - Disable hash algorithms Disable cesa hash algorithms by lowering the priority because they appear to be broken when invoked in parallel. This allows them to still be tested for debugging purposes. Reported-by: Klaus Kudielka Signed-off-by: Herbert Xu commit 6318fbe26e67f9c27a1917fe63936b0fc6000373 Author: Herbert Xu Date: Sun Oct 6 09:24:56 2024 +0800 crypto: testmgr - Hide ENOENT errors better The previous patch removed the ENOENT warning at the point of allocation, but the overall self-test warning is still there. Fix all of them by returning zero as the test result. This is safe because if the algorithm has gone away, then it cannot be marked as tested. Fixes: 4eded6d14f5b ("crypto: testmgr - Hide ENOENT errors") Signed-off-by: Herbert Xu commit b81e286ba154a4e0f01a94d99179a97f4ba3e396 Author: Herbert Xu Date: Sun Oct 6 09:18:37 2024 +0800 crypto: api - Fix liveliness check in crypto_alg_tested As algorithm testing is carried out without holding the main crypto lock, it is always possible for the algorithm to go away during the test. So before crypto_alg_tested updates the status of the tested alg, it checks whether it's still on the list of all algorithms. This is inaccurate because it may be off the main list but still on the list of algorithms to be removed. Updating the algorithm status is safe per se as the larval still holds a reference to it. However, killing spawns of other algorithms that are of lower priority is clearly a deficiency as it adds unnecessary churn. Fix the test by checking whether the algorithm is dead. Signed-off-by: Herbert Xu commit 0df4b9d91488922859db8dde4ee56936e01d547c Author: Damien Le Moal Date: Thu Oct 10 11:01:17 2024 +0900 ata: libata: Update MAINTAINERS file Modify the entry for the ahci_platform driver (LIBATA SATA AHCI PLATFORM devices support) in the MAINTAINERS file to remove Jens as maintainer. Also remove all references to Jens block tree from the various LIBATA driver entries as the tree reference for these is defined by the LIBATA SUBSYSTEM entry. Signed-off-by: Damien Le Moal Acked-by: Jens Axboe Link: https://lore.kernel.org/r/20241010020117.416333-1-dlemoal@kernel.org Signed-off-by: Niklas Cassel commit c62fa117c32bd1abed9304c58e0da6940f8c7fc2 Author: Johannes Wikner Date: Tue Oct 8 12:58:03 2024 +0200 x86/bugs: Do not use UNTRAIN_RET with IBPB on entry Since X86_FEATURE_ENTRY_IBPB will invalidate all harmful predictions with IBPB, no software-based untraining of returns is needed anymore. Currently, this change affects retbleed and SRSO mitigations so if either of the mitigations is doing IBPB and the other one does the software sequence, the latter is not needed anymore. [ bp: Massage commit message. ] Suggested-by: Borislav Petkov Signed-off-by: Johannes Wikner Cc: commit 0fad2878642ec46225af2054564932745ac5c765 Author: Johannes Wikner Date: Tue Oct 8 12:36:30 2024 +0200 x86/bugs: Skip RSB fill at VMEXIT entry_ibpb() is designed to follow Intel's IBPB specification regardless of CPU. This includes invalidating RSB entries. Hence, if IBPB on VMEXIT has been selected, entry_ibpb() as part of the RET untraining in the VMEXIT path will take care of all BTB and RSB clearing so there's no need to explicitly fill the RSB anymore. [ bp: Massage commit message. ] Suggested-by: Borislav Petkov Signed-off-by: Johannes Wikner Cc: commit 50e4b3b94090babe8d4bb85c95f0d3e6b07ea86e Author: Johannes Wikner Date: Mon Sep 23 20:49:36 2024 +0200 x86/entry: Have entry_ibpb() invalidate return predictions entry_ibpb() should invalidate all indirect predictions, including return target predictions. Not all IBPB implementations do this, in which case the fallback is RSB filling. Prevent SRSO-style hijacks of return predictions following IBPB, as the return target predictor can be corrupted before the IBPB completes. [ bp: Massage. ] Signed-off-by: Johannes Wikner Signed-off-by: Borislav Petkov (AMD) Cc: commit 3ea87dfa31a7b0bb0ff1675e67b9e54883013074 Author: Johannes Wikner Date: Mon Sep 23 20:49:34 2024 +0200 x86/cpufeatures: Add a IBPB_NO_RET BUG flag Set this flag if the CPU has an IBPB implementation that does not invalidate return target predictions. Zen generations < 4 do not flush the RSB when executing an IBPB and this bug flag denotes that. [ bp: Massage. ] Signed-off-by: Johannes Wikner Signed-off-by: Borislav Petkov (AMD) Cc: commit ff898623af2ed564300752bba83a680a1e4fec8d Author: Jim Mattson Date: Fri Sep 13 10:32:27 2024 -0700 x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET AMD's initial implementation of IBPB did not clear the return address predictor. Beginning with Zen4, AMD's IBPB *does* clear the return address predictor. This behavior is enumerated by CPUID.80000008H:EBX.IBPB_RET[30]. Define X86_FEATURE_AMD_IBPB_RET for use in KVM_GET_SUPPORTED_CPUID, when determining cross-vendor capabilities. Suggested-by: Venkatesh Srinivas Signed-off-by: Jim Mattson Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Tom Lendacky Reviewed-by: Thomas Gleixner Cc: commit fcddc71ec7ecf15b4df3c41288c9cf0b8e886111 Author: Janne Grunau Date: Sun Oct 6 19:49:45 2024 +0200 drm/fbdev-dma: Only cleanup deferred I/O if necessary Commit 5a498d4d06d6 ("drm/fbdev-dma: Only install deferred I/O if necessary") initializes deferred I/O only if it is used. drm_fbdev_dma_fb_destroy() however calls fb_deferred_io_cleanup() unconditionally with struct fb_info.fbdefio == NULL. KASAN with the out-of-tree Apple silicon display driver posts following warning from __flush_work() of a random struct work_struct instead of the expected NULL pointer derefs. [ 22.053799] ------------[ cut here ]------------ [ 22.054832] WARNING: CPU: 2 PID: 1 at kernel/workqueue.c:4177 __flush_work+0x4d8/0x580 [ 22.056597] Modules linked in: uhid bnep uinput nls_ascii ip6_tables ip_tables i2c_dev loop fuse dm_multipath nfnetlink zram hid_magicmouse btrfs xor xor_neon brcmfmac_wcc raid6_pq hci_bcm4377 bluetooth brcmfmac hid_apple brcmutil nvmem_spmi_mfd simple_mfd_spmi dockchannel_hid cfg80211 joydev regmap_spmi nvme_apple ecdh_generic ecc macsmc_hid rfkill dwc3 appledrm snd_soc_macaudio macsmc_power nvme_core apple_isp phy_apple_atc apple_sart apple_rtkit_helper apple_dockchannel tps6598x macsmc_hwmon snd_soc_cs42l84 videobuf2_v4l2 spmi_apple_controller nvmem_apple_efuses videobuf2_dma_sg apple_z2 videobuf2_memops spi_nor panel_summit videobuf2_common asahi videodev pwm_apple apple_dcp snd_soc_apple_mca apple_admac spi_apple clk_apple_nco i2c_pasemi_platform snd_pcm_dmaengine mc i2c_pasemi_core mux_core ofpart adpdrm drm_dma_helper apple_dart apple_soc_cpufreq leds_pwm phram [ 22.073768] CPU: 2 UID: 0 PID: 1 Comm: systemd-shutdow Not tainted 6.11.2-asahi+ #asahi-dev [ 22.075612] Hardware name: Apple MacBook Pro (13-inch, M2, 2022) (DT) [ 22.077032] pstate: 01400005 (nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 22.078567] pc : __flush_work+0x4d8/0x580 [ 22.079471] lr : __flush_work+0x54/0x580 [ 22.080345] sp : ffffc000836ef820 [ 22.081089] x29: ffffc000836ef880 x28: 0000000000000000 x27: ffff80002ddb7128 [ 22.082678] x26: dfffc00000000000 x25: 1ffff000096f0c57 x24: ffffc00082d3e358 [ 22.084263] x23: ffff80004b7862b8 x22: dfffc00000000000 x21: ffff80005aa1d470 [ 22.085855] x20: ffff80004b786000 x19: ffff80004b7862a0 x18: 0000000000000000 [ 22.087439] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000005 [ 22.089030] x14: 1ffff800106ddf0a x13: 0000000000000000 x12: 0000000000000000 [ 22.090618] x11: ffffb800106ddf0f x10: dfffc00000000000 x9 : 1ffff800106ddf0e [ 22.092206] x8 : 0000000000000000 x7 : aaaaaaaaaaaaaaaa x6 : 0000000000000001 [ 22.093790] x5 : ffffc000836ef728 x4 : 0000000000000000 x3 : 0000000000000020 [ 22.095368] x2 : 0000000000000008 x1 : 00000000000000aa x0 : 0000000000000000 [ 22.096955] Call trace: [ 22.097505] __flush_work+0x4d8/0x580 [ 22.098330] flush_delayed_work+0x80/0xb8 [ 22.099231] fb_deferred_io_cleanup+0x3c/0x130 [ 22.100217] drm_fbdev_dma_fb_destroy+0x6c/0xe0 [drm_dma_helper] [ 22.101559] unregister_framebuffer+0x210/0x2f0 [ 22.102575] drm_fb_helper_unregister_info+0x48/0x60 [ 22.103683] drm_fbdev_dma_client_unregister+0x4c/0x80 [drm_dma_helper] [ 22.105147] drm_client_dev_unregister+0x1cc/0x230 [ 22.106217] drm_dev_unregister+0x58/0x570 [ 22.107125] apple_drm_unbind+0x50/0x98 [appledrm] [ 22.108199] component_del+0x1f8/0x3a8 [ 22.109042] dcp_platform_shutdown+0x24/0x38 [apple_dcp] [ 22.110357] platform_shutdown+0x70/0x90 [ 22.111219] device_shutdown+0x368/0x4d8 [ 22.112095] kernel_restart+0x6c/0x1d0 [ 22.112946] __arm64_sys_reboot+0x1c8/0x328 [ 22.113868] invoke_syscall+0x78/0x1a8 [ 22.114703] do_el0_svc+0x124/0x1a0 [ 22.115498] el0_svc+0x3c/0xe0 [ 22.116181] el0t_64_sync_handler+0x70/0xc0 [ 22.117110] el0t_64_sync+0x190/0x198 [ 22.117931] ---[ end trace 0000000000000000 ]--- Signed-off-by: Janne Grunau Fixes: 5a498d4d06d6 ("drm/fbdev-dma: Only install deferred I/O if necessary") Reviewed-by: Thomas Zimmermann Reviewed-by: Linus Walleij Signed-off-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/ZwLNuZL-8Gh5UUQb@robin commit b68694a95373c79e5d3290352e59ce031ce68ece Author: Jinjie Ruan Date: Thu Oct 10 11:44:16 2024 +0800 of: Fix unbalanced of node refcount and memory leaks Got following report when doing overlay_test: OF: ERROR: memory leak, expected refcount 1 instead of 2, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /kunit-test OF: ERROR: memory leak before free overlay changeset, /kunit-test In of_overlay_apply_kunit_cleanup(), the "np" should be associated with fake instead of test to call of_node_put(), so the node is put before the overlay is removed. It also fix the following memory leaks: unreferenced object 0xffffff80c7d22800 (size 256): comm "kunit_try_catch", pid 236, jiffies 4294894764 hex dump (first 32 bytes): d0 26 d4 c2 80 ff ff ff 00 00 00 00 00 00 00 00 .&.............. 60 19 75 c1 80 ff ff ff 00 00 00 00 00 00 00 00 `.u............. backtrace (crc ee0a471c): [<0000000058ea1340>] kmemleak_alloc+0x34/0x40 [<00000000c538ac7e>] __kmalloc_cache_noprof+0x26c/0x2f4 [<00000000119f34f3>] __of_node_dup+0x4c/0x328 [<00000000b212ca39>] build_changeset_next_level+0x2cc/0x4c0 [<00000000eb208e87>] of_overlay_fdt_apply+0x930/0x1334 [<000000005bdc53a3>] of_overlay_fdt_apply_kunit+0x54/0x10c [<00000000143acd5d>] of_overlay_apply_kunit_cleanup+0x12c/0x524 [<00000000a813abc8>] kunit_try_run_case+0x13c/0x3ac [<00000000d77ab00c>] kunit_generic_run_threadfn_adapter+0x80/0xec [<000000000b296be1>] kthread+0x2e8/0x374 [<0000000007bd1c51>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80c1751960 (size 16): comm "kunit_try_catch", pid 236, jiffies 4294894764 hex dump (first 16 bytes): 6b 75 6e 69 74 2d 74 65 73 74 00 c1 80 ff ff ff kunit-test...... backtrace (crc 18196259): [<0000000058ea1340>] kmemleak_alloc+0x34/0x40 [<0000000071006e2c>] __kmalloc_node_track_caller_noprof+0x300/0x3e0 [<00000000b16ac6cb>] kstrdup+0x48/0x84 [<0000000050e3373b>] __of_node_dup+0x60/0x328 [<00000000b212ca39>] build_changeset_next_level+0x2cc/0x4c0 [<00000000eb208e87>] of_overlay_fdt_apply+0x930/0x1334 [<000000005bdc53a3>] of_overlay_fdt_apply_kunit+0x54/0x10c [<00000000143acd5d>] of_overlay_apply_kunit_cleanup+0x12c/0x524 [<00000000a813abc8>] kunit_try_run_case+0x13c/0x3ac [<00000000d77ab00c>] kunit_generic_run_threadfn_adapter+0x80/0xec [<000000000b296be1>] kthread+0x2e8/0x374 [<0000000007bd1c51>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80c2e96e00 (size 192): comm "kunit_try_catch", pid 236, jiffies 4294894764 hex dump (first 32 bytes): 80 19 75 c1 80 ff ff ff 0b 00 00 00 00 00 00 00 ..u............. a0 19 75 c1 80 ff ff ff 00 6f e9 c2 80 ff ff ff ..u......o...... backtrace (crc 1924cba4): [<0000000058ea1340>] kmemleak_alloc+0x34/0x40 [<00000000c538ac7e>] __kmalloc_cache_noprof+0x26c/0x2f4 [<000000009fdd35ad>] __of_prop_dup+0x7c/0x2ec [<00000000aa4e0111>] add_changeset_property+0x548/0x9e0 [<000000004777e25b>] build_changeset_next_level+0xd4/0x4c0 [<00000000a9c93f8a>] build_changeset_next_level+0x3a8/0x4c0 [<00000000eb208e87>] of_overlay_fdt_apply+0x930/0x1334 [<000000005bdc53a3>] of_overlay_fdt_apply_kunit+0x54/0x10c [<00000000143acd5d>] of_overlay_apply_kunit_cleanup+0x12c/0x524 [<00000000a813abc8>] kunit_try_run_case+0x13c/0x3ac [<00000000d77ab00c>] kunit_generic_run_threadfn_adapter+0x80/0xec [<000000000b296be1>] kthread+0x2e8/0x374 [<0000000007bd1c51>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80c1751980 (size 16): comm "kunit_try_catch", pid 236, jiffies 4294894764 hex dump (first 16 bytes): 63 6f 6d 70 61 74 69 62 6c 65 00 c1 80 ff ff ff compatible...... backtrace (crc 42df3c87): [<0000000058ea1340>] kmemleak_alloc+0x34/0x40 [<0000000071006e2c>] __kmalloc_node_track_caller_noprof+0x300/0x3e0 [<00000000b16ac6cb>] kstrdup+0x48/0x84 [<00000000a8888fd8>] __of_prop_dup+0xb0/0x2ec [<00000000aa4e0111>] add_changeset_property+0x548/0x9e0 [<000000004777e25b>] build_changeset_next_level+0xd4/0x4c0 [<00000000a9c93f8a>] build_changeset_next_level+0x3a8/0x4c0 [<00000000eb208e87>] of_overlay_fdt_apply+0x930/0x1334 [<000000005bdc53a3>] of_overlay_fdt_apply_kunit+0x54/0x10c [<00000000143acd5d>] of_overlay_apply_kunit_cleanup+0x12c/0x524 [<00000000a813abc8>] kunit_try_run_case+0x13c/0x3ac [<00000000d77ab00c>] kunit_generic_run_threadfn_adapter+0x80/0xec [<000000000b296be1>] kthread+0x2e8/0x374 unreferenced object 0xffffff80c2e96f00 (size 192): comm "kunit_try_catch", pid 236, jiffies 4294894764 hex dump (first 32 bytes): 40 f7 bb c6 80 ff ff ff 0b 00 00 00 00 00 00 00 @............... c0 19 75 c1 80 ff ff ff 00 00 00 00 00 00 00 00 ..u............. backtrace (crc f2f57ea7): [<0000000058ea1340>] kmemleak_alloc+0x34/0x40 [<00000000c538ac7e>] __kmalloc_cache_noprof+0x26c/0x2f4 [<000000009fdd35ad>] __of_prop_dup+0x7c/0x2ec [<00000000aa4e0111>] add_changeset_property+0x548/0x9e0 [<000000004777e25b>] build_changeset_next_level+0xd4/0x4c0 [<00000000a9c93f8a>] build_changeset_next_level+0x3a8/0x4c0 [<00000000eb208e87>] of_overlay_fdt_apply+0x930/0x1334 [<000000005bdc53a3>] of_overlay_fdt_apply_kunit+0x54/0x10c [<00000000143acd5d>] of_overlay_apply_kunit_cleanup+0x12c/0x524 [<00000000a813abc8>] kunit_try_run_case+0x13c/0x3ac [<00000000d77ab00c>] kunit_generic_run_threadfn_adapter+0x80/0xec [<000000000b296be1>] kthread+0x2e8/0x374 [<0000000007bd1c51>] ret_from_fork+0x10/0x20 ...... How to reproduce: CONFIG_OF_OVERLAY_KUNIT_TEST=y, CONFIG_DEBUG_KMEMLEAK=y and CONFIG_DEBUG_KMEMLEAK_AUTO_SCAN=y, launch the kernel. Fixes: 5c9dd72d8385 ("of: Add a KUnit test for overlays and test managed APIs") Reviewed-by: Stephen Boyd Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/r/20241010034416.2324196-1-ruanjinjie@huawei.com Signed-off-by: Rob Herring (Arm) commit a354733c738d905eb8c446fca43b872d2a985f8b Merge: 5151a35c9b5f86 9d9e5347b03541 Author: Jakub Kicinski Date: Wed Oct 9 20:01:20 2024 -0700 Merge branch '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/net-queue Tony Nguyen says: ==================== Intel Wired LAN Driver Updates 2024-10-08 (ice, i40e, igb, e1000e) This series contains updates to ice, i40e, igb, and e1000e drivers. For ice: Marcin allows driver to load, into safe mode, when DDP package is missing or corrupted and adjusts the netif_is_ice() check to account for when the device is in safe mode. He also fixes an out-of-bounds issue when MSI-X are increased for VFs. Wojciech clears FDB entries on reset to match the hardware state. For i40e: Aleksandr adds locking around MACVLAN filters to prevent memory leaks due to concurrency issues. For igb: Mohamed Khalfella adds a check to not attempt to bring up an already running interface on non-fatal PCIe errors. For e1000e: Vitaly changes board type for I219 to more closely match the hardware and stop PHY issues. * '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/net-queue: e1000e: change I219 (19) devices to ADP igb: Do not bring the device up after non-fatal error i40e: Fix macvlan leak by synchronizing access to mac_filter_hash ice: Fix increasing MSI-X on VF ice: Flush FDB entries before reset ice: Fix netif_is_ice() in Safe Mode ice: Fix entering Safe Mode ==================== Link: https://patch.msgid.link/20241008230050.928245-1-anthony.l.nguyen@intel.com Signed-off-by: Jakub Kicinski commit 08ae3e5f5fc8edb9bd0c7ef9696ff29ef18b26ef Author: Gustavo A. R. Silva Date: Thu Aug 8 16:04:59 2024 -0600 integrity: Use static_assert() to check struct sizes Commit 38aa3f5ac6d2 ("integrity: Avoid -Wflex-array-member-not-at-end warnings") introduced tagged `struct evm_ima_xattr_data_hdr` and `struct ima_digest_data_hdr`. We want to ensure that when new members need to be added to the flexible structures, they are always included within these tagged structs. So, we use `static_assert()` to ensure that the memory layout for both the flexible structure and the tagged struct is the same after any changes. Signed-off-by: Gustavo A. R. Silva Tested-by: Roberto Sassu Reviewed-by: Roberto Sassu Signed-off-by: Mimi Zohar commit 699ae6241920b0fa837fa57e61f7d5b0e2e65b58 Author: Mateusz Guzik Date: Tue Aug 6 15:36:07 2024 +0200 evm: stop avoidably reading i_writecount in evm_file_release The EVM_NEW_FILE flag is unset if the file already existed at the time of open and this can be checked without looking at i_writecount. Not accessing it reduces traffic on the cacheline during parallel open of the same file and drop the evm_file_release routine from second place to bottom of the profile. Fixes: 75a323e604fc ("evm: Make it independent from 'integrity' LSM") Signed-off-by: Mateusz Guzik Reviewed-by: Roberto Sassu Cc: stable@vger.kernel.org # 6.9+ Signed-off-by: Mimi Zohar commit 923168a0631bc42fffd55087b337b1b6c54dcff5 Author: Samasth Norway Ananda Date: Wed Aug 7 10:27:13 2024 -0700 ima: fix buffer overrun in ima_eventdigest_init_common Function ima_eventdigest_init() calls ima_eventdigest_init_common() with HASH_ALGO__LAST which is then used to access the array hash_digest_size[] leading to buffer overrun. Have a conditional statement to handle this. Fixes: 9fab303a2cb3 ("ima: fix violation measurement list record") Signed-off-by: Samasth Norway Ananda Tested-by: Enrico Bravi (PhD at polito.it) Cc: stable@vger.kernel.org # 5.19+ Signed-off-by: Mimi Zohar commit 5151a35c9b5f86a5899dd32c5fe286bfe5436479 Merge: d94785bb46b616 db0a37b7ac27d8 Author: Jakub Kicinski Date: Wed Oct 9 19:43:46 2024 -0700 Merge branch 'mptcp-misc-fixes-involving-fallback-to-tcp' Matthieu Baerts says: ==================== mptcp: misc. fixes involving fallback to TCP - Patch 1: better handle DSS corruptions from a bugged peer: reducing warnings, doing a fallback or a reset depending on the subflow state. For >= v5.7. - Patch 2: fix DSS corruption due to large pmtu xmit, where MPTCP was not taken into account. For >= v5.6. - Patch 3: fallback when MPTCP opts are dropped after the first data packet, instead of resetting the connection. For >= v5.6. - Patch 4: restrict the removal of a subflow to other closing states, a better fix, for a recent one. For >= v5.10. ==================== Link: https://patch.msgid.link/20241008-net-mptcp-fallback-fixes-v1-0-c6fb8e93e551@kernel.org Signed-off-by: Jakub Kicinski commit db0a37b7ac27d8ca27d3dc676a16d081c16ec7b9 Author: Matthieu Baerts (NGI0) Date: Tue Oct 8 13:04:55 2024 +0200 mptcp: pm: do not remove closing subflows In a previous fix, the in-kernel path-manager has been modified not to retrigger the removal of a subflow if it was already closed, e.g. when the initial subflow is removed, but kept in the subflows list. To be complete, this fix should also skip the subflows that are in any closing state: mptcp_close_ssk() will initiate the closure, but the switch to the TCP_CLOSE state depends on the other peer. Fixes: 58e1b66b4e4b ("mptcp: pm: do not remove already closed subflows") Cc: stable@vger.kernel.org Suggested-by: Paolo Abeni Acked-by: Paolo Abeni Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20241008-net-mptcp-fallback-fixes-v1-4-c6fb8e93e551@kernel.org Signed-off-by: Jakub Kicinski commit 119d51e225febc8152476340a880f5415a01e99e Author: Matthieu Baerts (NGI0) Date: Tue Oct 8 13:04:54 2024 +0200 mptcp: fallback when MPTCP opts are dropped after 1st data As reported by Christoph [1], before this patch, an MPTCP connection was wrongly reset when a host received a first data packet with MPTCP options after the 3wHS, but got the next ones without. According to the MPTCP v1 specs [2], a fallback should happen in this case, because the host didn't receive a DATA_ACK from the other peer, nor receive data for more than the initial window which implies a DATA_ACK being received by the other peer. The patch here re-uses the same logic as the one used in other places: by looking at allow_infinite_fallback, which is disabled at the creation of an additional subflow. It's not looking at the first DATA_ACK (or implying one received from the other side) as suggested by the RFC, but it is in continuation with what was already done, which is safer, and it fixes the reported issue. The next step, looking at this first DATA_ACK, is tracked in [4]. This patch has been validated using the following Packetdrill script: 0 socket(..., SOCK_STREAM, IPPROTO_MPTCP) = 3 +0 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0 +0 bind(3, ..., ...) = 0 +0 listen(3, 1) = 0 // 3WHS is OK +0.0 < S 0:0(0) win 65535 +0.0 > S. 0:0(0) ack 1 +0.1 < . 1:1(0) ack 1 win 2048 +0 accept(3, ..., ...) = 4 // Data from the client with valid MPTCP options (no DATA_ACK: normal) +0.1 < P. 1:501(500) ack 1 win 2048 // From here, the MPTCP options will be dropped by a middlebox +0.0 > . 1:1(0) ack 501 +0.1 read(4, ..., 500) = 500 +0 write(4, ..., 100) = 100 // The server replies with data, still thinking MPTCP is being used +0.0 > P. 1:101(100) ack 501 // But the client already did a fallback to TCP, because the two previous packets have been received without MPTCP options +0.1 < . 501:501(0) ack 101 win 2048 +0.0 < P. 501:601(100) ack 101 win 2048 // The server should fallback to TCP, not reset: it didn't get a DATA_ACK, nor data for more than the initial window +0.0 > . 101:101(0) ack 601 Note that this script requires Packetdrill with MPTCP support, see [3]. Fixes: dea2b1ea9c70 ("mptcp: do not reset MP_CAPABLE subflow on mapping errors") Cc: stable@vger.kernel.org Reported-by: Christoph Paasch Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/518 [1] Link: https://datatracker.ietf.org/doc/html/rfc8684#name-fallback [2] Link: https://github.com/multipath-tcp/packetdrill [3] Link: https://github.com/multipath-tcp/mptcp_net-next/issues/519 [4] Reviewed-by: Paolo Abeni Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20241008-net-mptcp-fallback-fixes-v1-3-c6fb8e93e551@kernel.org Signed-off-by: Jakub Kicinski commit 4dabcdf581217e60690467a37c956a5b8dbc6bd9 Author: Paolo Abeni Date: Tue Oct 8 13:04:53 2024 +0200 tcp: fix mptcp DSS corruption due to large pmtu xmit Syzkaller was able to trigger a DSS corruption: TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. ------------[ cut here ]------------ WARNING: CPU: 0 PID: 5227 at net/mptcp/protocol.c:695 __mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695 Modules linked in: CPU: 0 UID: 0 PID: 5227 Comm: syz-executor350 Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 RIP: 0010:__mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695 Code: 0f b6 dc 31 ff 89 de e8 b5 dd ea f5 89 d8 48 81 c4 50 01 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 98 da ea f5 90 <0f> 0b 90 e9 47 ff ff ff e8 8a da ea f5 90 0f 0b 90 e9 99 e0 ff ff RSP: 0018:ffffc90000006db8 EFLAGS: 00010246 RAX: ffffffff8ba9df18 RBX: 00000000000055f0 RCX: ffff888030023c00 RDX: 0000000000000100 RSI: 00000000000081e5 RDI: 00000000000055f0 RBP: 1ffff110062bf1ae R08: ffffffff8ba9cf12 R09: 1ffff110062bf1b8 R10: dffffc0000000000 R11: ffffed10062bf1b9 R12: 0000000000000000 R13: dffffc0000000000 R14: 00000000700cec61 R15: 00000000000081e5 FS: 000055556679c380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020287000 CR3: 0000000077892000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: move_skbs_to_msk net/mptcp/protocol.c:811 [inline] mptcp_data_ready+0x29c/0xa90 net/mptcp/protocol.c:854 subflow_data_ready+0x34a/0x920 net/mptcp/subflow.c:1490 tcp_data_queue+0x20fd/0x76c0 net/ipv4/tcp_input.c:5283 tcp_rcv_established+0xfba/0x2020 net/ipv4/tcp_input.c:6237 tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915 tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2350 ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205 ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233 NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314 NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314 __netif_receive_skb_one_core net/core/dev.c:5662 [inline] __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5775 process_backlog+0x662/0x15b0 net/core/dev.c:6107 __napi_poll+0xcb/0x490 net/core/dev.c:6771 napi_poll net/core/dev.c:6840 [inline] net_rx_action+0x89b/0x1240 net/core/dev.c:6962 handle_softirqs+0x2c5/0x980 kernel/softirq.c:554 do_softirq+0x11b/0x1e0 kernel/softirq.c:455 __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382 local_bh_enable include/linux/bottom_half.h:33 [inline] rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline] __dev_queue_xmit+0x1764/0x3e80 net/core/dev.c:4451 dev_queue_xmit include/linux/netdevice.h:3094 [inline] neigh_hh_output include/net/neighbour.h:526 [inline] neigh_output include/net/neighbour.h:540 [inline] ip_finish_output2+0xd41/0x1390 net/ipv4/ip_output.c:236 ip_local_out net/ipv4/ip_output.c:130 [inline] __ip_queue_xmit+0x118c/0x1b80 net/ipv4/ip_output.c:536 __tcp_transmit_skb+0x2544/0x3b30 net/ipv4/tcp_output.c:1466 tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline] tcp_mtu_probe net/ipv4/tcp_output.c:2547 [inline] tcp_write_xmit+0x641d/0x6bf0 net/ipv4/tcp_output.c:2752 __tcp_push_pending_frames+0x9b/0x360 net/ipv4/tcp_output.c:3015 tcp_push_pending_frames include/net/tcp.h:2107 [inline] tcp_data_snd_check net/ipv4/tcp_input.c:5714 [inline] tcp_rcv_established+0x1026/0x2020 net/ipv4/tcp_input.c:6239 tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915 sk_backlog_rcv include/net/sock.h:1113 [inline] __release_sock+0x214/0x350 net/core/sock.c:3072 release_sock+0x61/0x1f0 net/core/sock.c:3626 mptcp_push_release net/mptcp/protocol.c:1486 [inline] __mptcp_push_pending+0x6b5/0x9f0 net/mptcp/protocol.c:1625 mptcp_sendmsg+0x10bb/0x1b10 net/mptcp/protocol.c:1903 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg+0x1a6/0x270 net/socket.c:745 ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2603 ___sys_sendmsg net/socket.c:2657 [inline] __sys_sendmsg+0x2aa/0x390 net/socket.c:2686 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fb06e9317f9 Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffe2cfd4f98 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007fb06e97f468 RCX: 00007fb06e9317f9 RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005 RBP: 00007fb06e97f446 R08: 0000555500000000 R09: 0000555500000000 R10: 0000555500000000 R11: 0000000000000246 R12: 00007fb06e97f406 R13: 0000000000000001 R14: 00007ffe2cfd4fe0 R15: 0000000000000003 Additionally syzkaller provided a nice reproducer. The repro enables pmtu on the loopback device, leading to tcp_mtu_probe() generating very large probe packets. tcp_can_coalesce_send_queue_head() currently does not check for mptcp-level invariants, and allowed the creation of cross-DSS probes, leading to the mentioned corruption. Address the issue teaching tcp_can_coalesce_send_queue_head() about mptcp using the tcp_skb_can_collapse(), also reducing the code duplication. Fixes: 85712484110d ("tcp: coalesce/collapse must respect MPTCP extensions") Cc: stable@vger.kernel.org Reported-by: syzbot+d1bff73460e33101f0e7@syzkaller.appspotmail.com Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/513 Signed-off-by: Paolo Abeni Acked-by: Matthieu Baerts (NGI0) Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20241008-net-mptcp-fallback-fixes-v1-2-c6fb8e93e551@kernel.org Signed-off-by: Jakub Kicinski commit e32d262c89e2b22cb0640223f953b548617ed8a6 Author: Paolo Abeni Date: Tue Oct 8 13:04:52 2024 +0200 mptcp: handle consistently DSS corruption Bugged peer implementation can send corrupted DSS options, consistently hitting a few warning in the data path. Use DEBUG_NET assertions, to avoid the splat on some builds and handle consistently the error, dumping related MIBs and performing fallback and/or reset according to the subflow type. Fixes: 6771bfd9ee24 ("mptcp: update mptcp ack sequence from work queue") Cc: stable@vger.kernel.org Signed-off-by: Paolo Abeni Reviewed-by: Matthieu Baerts (NGI0) Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20241008-net-mptcp-fallback-fixes-v1-1-c6fb8e93e551@kernel.org Signed-off-by: Jakub Kicinski commit d94785bb46b6167382b1de3290eccc91fa98df53 Author: Breno Leitao Date: Tue Oct 8 02:43:24 2024 -0700 net: netconsole: fix wrong warning A warning is triggered when there is insufficient space in the buffer for userdata. However, this is not an issue since userdata will be sent in the next iteration. Current warning message: ------------[ cut here ]------------ WARNING: CPU: 13 PID: 3013042 at drivers/net/netconsole.c:1122 write_ext_msg+0x3b6/0x3d0 ? write_ext_msg+0x3b6/0x3d0 console_flush_all+0x1e9/0x330 The code incorrectly issues a warning when this_chunk is zero, which is a valid scenario. The warning should only be triggered when this_chunk is negative. Fixes: 1ec9daf95093 ("net: netconsole: append userdata to fragmented netconsole messages") Signed-off-by: Breno Leitao Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241008094325.896208-1-leitao@debian.org Signed-off-by: Jakub Kicinski commit 8c924369cb56c3054dca504c2c9c3eb208272865 Author: Vladimir Oltean Date: Tue Oct 8 12:43:20 2024 +0300 net: dsa: refuse cross-chip mirroring operations In case of a tc mirred action from one switch to another, the behavior is not correct. We simply tell the source switch driver to program a mirroring entry towards mirror->to_local_port = to_dp->index, but it is not even guaranteed that the to_dp belongs to the same switch as dp. For proper cross-chip support, we would need to go through the cross-chip notifier layer in switch.c, program the entry on cascade ports, and introduce new, explicit API for cross-chip mirroring, given that intermediary switches should have introspection into the DSA tags passed through the cascade port (and not just program a port mirror on the entire cascade port). None of that exists today. Reject what is not implemented so that user space is not misled into thinking it works. Fixes: f50f212749e8 ("net: dsa: Add plumbing for port mirroring") Signed-off-by: Vladimir Oltean Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20241008094320.3340980-1-vladimir.oltean@nxp.com Signed-off-by: Jakub Kicinski commit 6be063071a457767ee229db13f019c2ec03bfe44 Author: Wei Fang Date: Tue Oct 8 14:11:53 2024 +0800 net: fec: don't save PTP state if PTP is unsupported Some platforms (such as i.MX25 and i.MX27) do not support PTP, so on these platforms fec_ptp_init() is not called and the related members in fep are not initialized. However, fec_ptp_save_state() is called unconditionally, which causes the kernel to panic. Therefore, add a condition so that fec_ptp_save_state() is not called if PTP is not supported. Fixes: a1477dc87dc4 ("net: fec: Restart PPS after link state change") Reported-by: Guenter Roeck Closes: https://lore.kernel.org/lkml/353e41fe-6bb4-4ee9-9980-2da2a9c1c508@roeck-us.net/ Signed-off-by: Wei Fang Reviewed-by: Csókás, Bence Reviewed-by: Simon Horman Tested-by: Guenter Roeck Link: https://patch.msgid.link/20241008061153.1977930-1-wei.fang@nxp.com Signed-off-by: Jakub Kicinski commit 080ddc22f3b0a58500f87e8e865aabbf96495eea Author: Rosen Penev Date: Tue Oct 8 16:30:50 2024 -0700 net: ibm: emac: mal: add dcr_unmap to _remove It's done in probe so it should be undone here. Fixes: 1d3bb996481e ("Device tree aware EMAC driver") Signed-off-by: Rosen Penev Reviewed-by: Breno Leitao Link: https://patch.msgid.link/20241008233050.9422-1-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit f903663a8dcd6e1656e52856afbf706cc14cbe6d Author: Johan Hovold Date: Sun Sep 1 11:30:24 2024 +0200 clk: qcom: videocc-sm8350: use HW_CTRL_TRIGGER for vcodec GDSCs A recent change in the venus driver results in a stuck clock on the Lenovo ThinkPad X13s, for example, when streaming video in firefox: video_cc_mvs0_clk status stuck at 'off' WARNING: CPU: 6 PID: 2885 at drivers/clk/qcom/clk-branch.c:87 clk_branch_wait+0x144/0x15c ... Call trace: clk_branch_wait+0x144/0x15c clk_branch2_enable+0x30/0x40 clk_core_enable+0xd8/0x29c clk_enable+0x2c/0x4c vcodec_clks_enable.isra.0+0x94/0xd8 [venus_core] coreid_power_v4+0x464/0x628 [venus_core] vdec_start_streaming+0xc4/0x510 [venus_dec] vb2_start_streaming+0x6c/0x180 [videobuf2_common] vb2_core_streamon+0x120/0x1dc [videobuf2_common] vb2_streamon+0x1c/0x6c [videobuf2_v4l2] v4l2_m2m_ioctl_streamon+0x30/0x80 [v4l2_mem2mem] v4l_streamon+0x24/0x30 [videodev] using the out-of-tree sm8350/sc8280xp venus support. [1] Update also the sm8350/sc8280xp GDSC definitions so that the hw control mode can be changed at runtime as the venus driver now requires. Fixes: ec9a652e5149 ("venus: pm_helpers: Use dev_pm_genpd_set_hwmode to switch GDSC mode on V6") Link: https://lore.kernel.org/lkml/20230731-topic-8280_venus-v1-0-8c8bbe1983a5@linaro.org/ # [1] Cc: Jagadeesh Kona Cc: Taniya Das Cc: Abel Vesa Cc: Konrad Dybcio Cc: stable@vger.kernel.org Signed-off-by: Johan Hovold Tested-by: Steev Klimaszewski Link: https://lore.kernel.org/r/20240901093024.18841-1-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit 7aa8804c0b67b3cb263a472d17f2cb50d7f1a930 Author: Namjae Jeon Date: Tue Oct 8 22:42:57 2024 +0900 ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add session_lock when setting SMB2_SESSION_EXPIRED and referece count to session struct not to free session while it is being used. Cc: stable@vger.kernel.org # v5.15+ Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-25282 Signed-off-by: Namjae Jeon Signed-off-by: Steve French commit 60f802e2d6e10df609a80962b13558b7455ab32b Author: Tony Ambardar Date: Tue Oct 8 16:12:32 2024 -0700 selftests/bpf: Fix error compiling cgroup_ancestor.c with musl libc Existing code calls connect() with a 'struct sockaddr_in6 *' argument where a 'struct sockaddr *' argument is declared, yielding compile errors when building for mips64el/musl-libc: In file included from cgroup_ancestor.c:3: cgroup_ancestor.c: In function 'send_datagram': cgroup_ancestor.c:38:38: error: passing argument 2 of 'connect' from incompatible pointer type [-Werror=incompatible-pointer-types] 38 | if (!ASSERT_OK(connect(sock, &addr, sizeof(addr)), "connect")) { | ^~~~~ | | | struct sockaddr_in6 * ./test_progs.h:343:29: note: in definition of macro 'ASSERT_OK' 343 | long long ___res = (res); \ | ^~~ In file included from .../netinet/in.h:10, from .../arpa/inet.h:9, from ./test_progs.h:17: .../sys/socket.h:386:19: note: expected 'const struct sockaddr *' but argument is of type 'struct sockaddr_in6 *' 386 | int connect (int, const struct sockaddr *, socklen_t); | ^~~~~~~~~~~~~~~~~~~~~~~ cc1: all warnings being treated as errors This only compiles because of a glibc extension allowing declaration of the argument as a "transparent union" which includes both types above. Explicitly cast the argument to allow compiling for both musl and glibc. Cc: Alexis Lothoré (eBPF Foundation) Fixes: f957c230e173 ("selftests/bpf: convert test_skb_cgroup_id_user to test_progs") Signed-off-by: Tony Ambardar Reviewed-by: Alexis Lothoré Link: https://lore.kernel.org/r/20241008231232.634047-1-tony.ambardar@gmail.com Signed-off-by: Alexei Starovoitov commit 30a59cc79754fd9ff3f41b7ee2eb21da85988548 Author: Pu Lehui Date: Tue Oct 8 12:45:44 2024 +0000 riscv, bpf: Fix possible infinite tailcall when CONFIG_CFI_CLANG is enabled When CONFIG_CFI_CLANG is enabled, the number of prologue instructions skipped by tailcall needs to include the kcfi instruction, otherwise the TCC will be initialized every tailcall is called, which may result in infinite tailcalls. Fixes: e63985ecd226 ("bpf, riscv64/cfi: Support kCFI + BPF on riscv64") Signed-off-by: Pu Lehui Acked-by: Björn Töpel Link: https://lore.kernel.org/r/20241008124544.171161-1-pulehui@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 4538a38f654a1c292fe489a9b66179262bfed088 Author: Tyrone Wu Date: Tue Oct 8 16:43:12 2024 +0000 selftests/bpf: fix perf_event link info name_len assertion Fix `name_len` field assertions in `bpf_link_info.perf_event` for kprobe/uprobe/tracepoint to validate correct name size instead of 0. Fixes: 23cf7aa539dc ("selftests/bpf: Add selftest for fill_link_info") Signed-off-by: Tyrone Wu Acked-by: Jiri Olsa Acked-by: Yafang Shao Link: https://lore.kernel.org/r/20241008164312.46269-2-wudevelops@gmail.com Signed-off-by: Alexei Starovoitov commit 4deecdd29cf29844c7bd164d72dc38d2e672f64e Author: Tyrone Wu Date: Tue Oct 8 16:43:11 2024 +0000 bpf: fix unpopulated name_len field in perf_event link info Previously when retrieving `bpf_link_info.perf_event` for kprobe/uprobe/tracepoint, the `name_len` field was not populated by the kernel, leaving it to reflect the value initially set by the user. This behavior was inconsistent with how other input/output string buffer fields function (e.g. `raw_tracepoint.tp_name_len`). This patch fills `name_len` with the actual size of the string name. Fixes: 1b715e1b0ec5 ("bpf: Support ->fill_link_info for perf_event") Signed-off-by: Tyrone Wu Acked-by: Jiri Olsa Acked-by: Yafang Shao Link: https://lore.kernel.org/r/20241008164312.46269-1-wudevelops@gmail.com Signed-off-by: Alexei Starovoitov commit 434247637c66e1be2bc71a9987d4c3f0d8672387 Author: Rik van Riel Date: Tue Oct 8 17:07:35 2024 -0400 bpf: use kvzmalloc to allocate BPF verifier environment The kzmalloc call in bpf_check can fail when memory is very fragmented, which in turn can lead to an OOM kill. Use kvzmalloc to fall back to vmalloc when memory is too fragmented to allocate an order 3 sized bpf verifier environment. Admittedly this is not a very common case, and only happens on systems where memory has already been squeezed close to the limit, but this does not seem like much of a hot path, and it's a simple enough fix. Signed-off-by: Rik van Riel Reviewed-by: Shakeel Butt Link: https://lore.kernel.org/r/20241008170735.16766766@imladris.surriel.com Signed-off-by: Alexei Starovoitov commit 70a0da8c113555fe14bb6db8e5180f8fc2c18385 Author: Jacky Chou Date: Mon Oct 7 11:24:35 2024 +0800 net: ftgmac100: fixed not check status from fixed phy Add error handling from calling fixed_phy_register. It may return some error, therefore, need to check the status. And fixed_phy_register needs to bind a device node for mdio. Add the mac device node for fixed_phy_register function. This is a reference to this function, of_phy_register_fixed_link(). Fixes: e24a6c874601 ("net: ftgmac100: Get link speed and duplex for NC-SI") Signed-off-by: Jacky Chou Link: https://patch.msgid.link/20241007032435.787892-1-jacky_chou@aspeedtech.com Signed-off-by: Jakub Kicinski commit 830b8e49424b15ca469e2a5b162c9ee818a113c6 Merge: b24d7f0da6ef5a c456f08040589a Author: Alexei Starovoitov Date: Wed Oct 9 16:32:47 2024 -0700 Merge branch 'check-the-remaining-info_cnt-before-repeating-btf-fields' Hou Tao says: ==================== Check the remaining info_cnt before repeating btf fields From: Hou Tao Hi, The patch set adds the missed check again info_cnt when flattening the array of nested struct. The problem was spotted when developing dynptr key support for hash map. Patch #1 adds the missed check and patch #2 adds three success test cases and one failure test case for the problem. Comments are always welcome. Change Log: v2: * patch #1: check info_cnt in btf_repeat_fields() * patch #2: use a hard-coded number instead of BTF_FIELDS_MAX, because BTF_FIELDS_MAX is not always available in vmlinux.h (e.g., for llvm 17/18) v1: https://lore.kernel.org/bpf/20240911110557.2759801-1-houtao@huaweicloud.com/T/#t ==================== Link: https://lore.kernel.org/r/20241008071114.3718177-1-houtao@huaweicloud.com Signed-off-by: Alexei Starovoitov commit c456f08040589a5096481277c83168a4e7ae7ed7 Author: Hou Tao Date: Tue Oct 8 15:11:14 2024 +0800 selftests/bpf: Add more test case for field flattening Add three success test cases to test the flattening of array of nested struct. For these three tests, the number of special fields in map is BTF_FIELDS_MAX, but the array is defined in structs with different nested level. Add one failure test case for the flattening as well. In the test case, the number of special fields in map is BTF_FIELDS_MAX + 1. It will make btf_parse_fields() in map_create() return -E2BIG, the creation of map will succeed, but the load of program will fail because the btf_record is invalid for the map. Signed-off-by: Hou Tao Acked-by: Eduard Zingerman Link: https://lore.kernel.org/r/20241008071114.3718177-3-houtao@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 797d73ee232dd1833dec4824bc53a22032e97c1c Author: Hou Tao Date: Tue Oct 8 15:11:13 2024 +0800 bpf: Check the remaining info_cnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, it doesn't check the remaining info_cnt. The following splat will be reported when the value of ret * nelems is greater than BTF_FIELDS_MAX: ------------[ cut here ]------------ UBSAN: array-index-out-of-bounds in ../kernel/bpf/btf.c:3951:49 index 11 is out of range for type 'btf_field_info [11]' CPU: 6 UID: 0 PID: 411 Comm: test_progs ...... 6.11.0-rc4+ #1 Tainted: [O]=OOT_MODULE Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ... Call Trace: dump_stack_lvl+0x57/0x70 dump_stack+0x10/0x20 ubsan_epilogue+0x9/0x40 __ubsan_handle_out_of_bounds+0x6f/0x80 ? kallsyms_lookup_name+0x48/0xb0 btf_parse_fields+0x992/0xce0 map_create+0x591/0x770 __sys_bpf+0x229/0x2410 __x64_sys_bpf+0x1f/0x30 x64_sys_call+0x199/0x9f0 do_syscall_64+0x3b/0xc0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 RIP: 0033:0x7fea56f2cc5d ...... ---[ end trace ]--- Fix it by checking the remaining info_cnt in btf_repeat_fields() before repeating the btf fields. Fixes: 64e8ee814819 ("bpf: look into the types of the fields of a struct type recursively.") Signed-off-by: Hou Tao Acked-by: Eduard Zingerman Link: https://lore.kernel.org/r/20241008071114.3718177-2-houtao@huaweicloud.com Signed-off-by: Alexei Starovoitov commit ad1081a0da2744141d12e94ff816ac91feb871ca Author: Yao Zi Date: Thu Sep 12 13:32:05 2024 +0000 clk: rockchip: fix finding of maximum clock ID If an ID of a branch's child is greater than current maximum, we should set new maximum to the child's ID, instead of its parent's. Fixes: 2dc66a5ab2c6 ("clk: rockchip: rk3588: fix CLK_NR_CLKS usage") Signed-off-by: Yao Zi Link: https://lore.kernel.org/r/20240912133204.29089-2-ziyao@disroot.org Reviewed-by: Sebastian Reichel Reviewed-by: Heiko Stuebner Signed-off-by: Stephen Boyd commit d3d1556696c1a993eec54ac585fe5bf677e07474 Merge: b983b271662bd6 aa5f0fa6af38d9 Author: Linus Torvalds Date: Wed Oct 9 16:01:40 2024 -0700 Merge tag 'mm-hotfixes-stable-2024-10-09-15-46' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull misc fixes from Andrew Morton: "12 hotfixes, 5 of which are c:stable. All singletons, about half of which are MM" * tag 'mm-hotfixes-stable-2024-10-09-15-46' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: mm: zswap: delete comments for "value" member of 'struct zswap_entry'. CREDITS: sort alphabetically by name secretmem: disable memfd_secret() if arch cannot set direct map .mailmap: update Fangrui's email mm/huge_memory: check pmd_special() only after pmd_present() resource, kunit: fix user-after-free in resource_test_region_intersects() fs/proc/kcore.c: allow translation of physical memory addresses selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test device-dax: correct pgoff align in dax_set_mapping() kthread: unpark only parked kthread Revert "mm: introduce PF_MEMALLOC_NORECLAIM, PF_MEMALLOC_NOWARN" bcachefs: do not use PF_MEMALLOC_NORECLAIM commit b55da84759c8c21ec0c7441c519fc1d07dc4c65c Author: Masahiro Yamada Date: Wed Oct 9 19:27:37 2024 +0900 kbuild: refactor cc-option-yn, cc-disable-warning, rust-option-yn macros cc-option-yn and cc-disable-warning duplicate the compile command seen a few lines above. These can be defined based on cc-option. I also refactored rustc-option-yn in the same way, although there are currently no users of it. Signed-off-by: Masahiro Yamada Reviewed-by: Alice Ryhl Reviewed-by: Nathan Chancellor Link: https://lore.kernel.org/r/20241009102821.2675718-1-masahiroy@kernel.org Signed-off-by: Miguel Ojeda commit 0ce96a6708f34280a536263ee5c67e20c433dcce Author: Greg Joyce Date: Mon Oct 7 14:33:24 2024 -0500 nvme: disable CC.CRIME (NVME_CC_CRIME) Disable NVME_CC_CRIME so that CSTS.RDY indicates that the media is ready and able to handle commands without returning NVME_SC_ADMIN_COMMAND_MEDIA_NOT_READY. Signed-off-by: Greg Joyce Reviewed-by: Nilay Shroff Tested-by: Nilay Shroff Signed-off-by: Keith Busch commit c6a0862bee696cfb236a4e160a7f376c0ecdcf0c Author: Florian Westphal Date: Wed Oct 9 09:19:03 2024 +0200 selftests: netfilter: conntrack_vrf.sh: add fib test case meta iifname veth0 ip daddr ... fib daddr oif ... is expected to return "dummy0" interface which is part of same vrf as veth0. Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit 05ef7055debc804e8083737402127975e7244fc4 Author: Florian Westphal Date: Wed Oct 9 09:19:02 2024 +0200 netfilter: fib: check correct rtable in vrf setups We need to init l3mdev unconditionally, else main routing table is searched and incorrect result is returned unless strict (iif keyword) matching is requested. Next patch adds a selftest for this. Fixes: 2a8a7c0eaa87 ("netfilter: nft_fib: Fix for rpath check with VRF devices") Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1761 Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit 0bfcb7b71e735560077a42847f69597ec7dcc326 Author: Florian Westphal Date: Mon Oct 7 11:28:16 2024 +0200 netfilter: xtables: avoid NFPROTO_UNSPEC where needed syzbot managed to call xt_cluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780 [..] ebt_do_table+0x174b/0x2a40 Module registers to NFPROTO_UNSPEC, but it assumes ipv4/ipv6 packet processing. As this is only useful to restrict locally terminating TCP/UDP traffic, register this for ipv4 and ipv6 family only. Pablo points out that this is a general issue, direct users of the set/getsockopt interface can call into targets/matches that were only intended for use with ip(6)tables. Check all UNSPEC matches and targets for similar issues: - matches and targets are fine except if they assume skb_network_header() is valid -- this is only true when called from inet layer: ip(6) stack pulls the ip/ipv6 header into linear data area. - targets that return XT_CONTINUE or other xtables verdicts must be restricted too, they are incompatbile with the ebtables traverser, e.g. EBT_CONTINUE is a completely different value than XT_CONTINUE. Most matches/targets are changed to register for NFPROTO_IPV4/IPV6, as they are provided for use by ip(6)tables. The MARK target is also used by arptables, so register for NFPROTO_ARP too. While at it, bail out if connbytes fails to enable the corresponding conntrack family. This change passes the selftests in iptables.git. Reported-by: syzbot+256c348558aa5cf611a9@syzkaller.appspotmail.com Closes: https://lore.kernel.org/netfilter-devel/66fec2e2.050a0220.9ec68.0047.GAE@google.com/ Fixes: 0269ea493734 ("netfilter: xtables: add cluster match") Signed-off-by: Florian Westphal Co-developed-by: Pablo Neira Ayuso Signed-off-by: Pablo Neira Ayuso commit 3b80552e70573764bbf38b89c58749aef9dd8753 Author: Kent Overstreet Date: Wed Oct 9 16:21:00 2024 -0400 bcachefs: __wait_for_freeing_inode: Switch to wait_bit_queue_entry inode_bit_waitqueue() is changing - this update clears the way for sched changes. Signed-off-by: Kent Overstreet commit a7e2dd58fbbd8882557135b9433192e038fdb88e Author: Kent Overstreet Date: Mon Oct 7 16:55:34 2024 -0400 bcachefs: Check if stuck in journal_res_get() Like how we already do when the allocator seems to be stuck, check if we're waiting too long for a journal reservation and print some debug info. This is specifically to track down https://github.com/koverstreet/bcachefs/issues/656 which is showing up in userspace where we don't have sysfs/debugfs to get the journal debug info. Signed-off-by: Kent Overstreet commit 04b670de2859a8a8b0830779f9c9bda5d39662ab Author: Kent Overstreet Date: Mon Oct 7 16:54:11 2024 -0400 closures: Add closure_wait_event_timeout() Add a closure version of wait_event_timeout(), with the same semantics. The closure version is useful because unlike wait_event(), it allows blocking code to run in the conditional expression. Cc: Coly Li Signed-off-by: Kent Overstreet commit 9205d24cf7714dd2b5fa09a22964dbcdeed6c430 Author: Alan Huang Date: Wed Oct 9 01:33:05 2024 +0800 bcachefs: Fix state lock involved deadlock We increased write ref, if the fs went to RO, that would lead to a deadlock, it actually happens: 00171 ========= TEST generic/279 00171 00172 bcachefs (vdb): starting version 1.12: rebalance_work_acct_fix opts=nocow 00172 bcachefs (vdb): recovering from clean shutdown, journal seq 35 00172 bcachefs (vdb): accounting_read... done 00172 bcachefs (vdb): alloc_read... done 00172 bcachefs (vdb): stripes_read... done 00172 bcachefs (vdb): snapshots_read... done 00172 bcachefs (vdb): journal_replay... done 00172 bcachefs (vdb): resume_logged_ops... done 00172 bcachefs (vdb): going read-write 00172 bcachefs (vdb): done starting filesystem 00172 FSTYP -- bcachefs 00172 PLATFORM -- Linux/aarch64 farm3-kvm 6.11.0-rc1-ktest-g3e290a0b8e34 #7030 SMP Tue Oct 8 14:15:12 UTC 2024 00172 MKFS_OPTIONS -- --nocow /dev/vdc 00172 MOUNT_OPTIONS -- /dev/vdc /mnt/scratch 00172 00172 bcachefs (vdc): starting version 1.12: rebalance_work_acct_fix opts=nocow 00172 bcachefs (vdc): initializing new filesystem 00172 bcachefs (vdc): going read-write 00172 bcachefs (vdc): marking superblocks 00172 bcachefs (vdc): initializing freespace 00172 bcachefs (vdc): done initializing freespace 00172 bcachefs (vdc): reading snapshots table 00172 bcachefs (vdc): reading snapshots done 00172 bcachefs (vdc): done starting filesystem 00173 bcachefs (vdc): shutting down 00173 bcachefs (vdc): going read-only 00173 bcachefs (vdc): finished waiting for writes to stop 00173 bcachefs (vdc): flushing journal and stopping allocators, journal seq 4 00173 bcachefs (vdc): flushing journal and stopping allocators complete, journal seq 6 00173 bcachefs (vdc): shutdown complete, journal seq 7 00173 bcachefs (vdc): marking filesystem clean 00173 bcachefs (vdc): shutdown complete 00173 bcachefs (vdb): shutting down 00173 bcachefs (vdb): going read-only 00361 INFO: task umount:6180 blocked for more than 122 seconds. 00361 Not tainted 6.11.0-rc1-ktest-g3e290a0b8e34 #7030 00361 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. 00361 task:umount state:D stack:0 pid:6180 tgid:6180 ppid:6176 flags:0x00000004 00361 Call trace: 00362 __switch_to (arch/arm64/kernel/process.c:556) 00362 __schedule (kernel/sched/core.c:5191 kernel/sched/core.c:6529) 00363 schedule (include/asm-generic/bitops/generic-non-atomic.h:128 include/linux/thread_info.h:192 include/linux/sched.h:2084 kernel/sched/core.c:6608 kernel/sched/core.c:6621) 00365 bch2_fs_read_only (fs/bcachefs/super.c:346 (discriminator 41)) 00367 __bch2_fs_stop (fs/bcachefs/super.c:620) 00368 bch2_put_super (fs/bcachefs/fs.c:1942) 00369 generic_shutdown_super (include/linux/list.h:373 (discriminator 2) fs/super.c:650 (discriminator 2)) 00371 bch2_kill_sb (fs/bcachefs/fs.c:2170) 00372 deactivate_locked_super (fs/super.c:434 fs/super.c:475) 00373 deactivate_super (fs/super.c:508) 00374 cleanup_mnt (fs/namespace.c:250 fs/namespace.c:1374) 00376 __cleanup_mnt (fs/namespace.c:1381) 00376 task_work_run (include/linux/sched.h:2024 kernel/task_work.c:224) 00377 do_notify_resume (include/linux/resume_user_mode.h:50 arch/arm64/kernel/entry-common.c:151) 00377 el0_svc (arch/arm64/include/asm/daifflags.h:28 arch/arm64/kernel/entry-common.c:171 arch/arm64/kernel/entry-common.c:178 arch/arm64/kernel/entry-common.c:713) 00377 el0t_64_sync_handler (arch/arm64/kernel/entry-common.c:731) 00378 el0t_64_sync (arch/arm64/kernel/entry.S:598) 00378 INFO: task tee:6182 blocked for more than 122 seconds. 00378 Not tainted 6.11.0-rc1-ktest-g3e290a0b8e34 #7030 00378 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. 00378 task:tee state:D stack:0 pid:6182 tgid:6182 ppid:533 flags:0x00000004 00378 Call trace: 00378 __switch_to (arch/arm64/kernel/process.c:556) 00378 __schedule (kernel/sched/core.c:5191 kernel/sched/core.c:6529) 00378 schedule (include/asm-generic/bitops/generic-non-atomic.h:128 include/linux/thread_info.h:192 include/linux/sched.h:2084 kernel/sched/core.c:6608 kernel/sched/core.c:6621) 00378 schedule_preempt_disabled (kernel/sched/core.c:6680) 00379 rwsem_down_read_slowpath (kernel/locking/rwsem.c:1073 (discriminator 1)) 00379 down_read (kernel/locking/rwsem.c:1529) 00381 bch2_gc_gens (fs/bcachefs/sb-members.h:77 fs/bcachefs/sb-members.h:88 fs/bcachefs/sb-members.h:128 fs/bcachefs/btree_gc.c:1240) 00383 bch2_fs_store_inner (fs/bcachefs/sysfs.c:473) 00385 bch2_fs_internal_store (fs/bcachefs/sysfs.c:417 fs/bcachefs/sysfs.c:580 fs/bcachefs/sysfs.c:576) 00386 sysfs_kf_write (fs/sysfs/file.c:137) 00387 kernfs_fop_write_iter (fs/kernfs/file.c:334) 00389 vfs_write (fs/read_write.c:497 fs/read_write.c:590) 00390 ksys_write (fs/read_write.c:643) 00391 __arm64_sys_write (fs/read_write.c:652) 00391 invoke_syscall.constprop.0 (arch/arm64/include/asm/syscall.h:61 arch/arm64/kernel/syscall.c:54) 00392 do_el0_svc (include/linux/thread_info.h:127 (discriminator 2) arch/arm64/kernel/syscall.c:140 (discriminator 2) arch/arm64/kernel/syscall.c:151 (discriminator 2)) 00392 el0_svc (arch/arm64/include/asm/irqflags.h:55 arch/arm64/include/asm/irqflags.h:76 arch/arm64/kernel/entry-common.c:165 arch/arm64/kernel/entry-common.c:178 arch/arm64/kernel/entry-common.c:713) 00392 el0t_64_sync_handler (arch/arm64/kernel/entry-common.c:731) 00392 el0t_64_sync (arch/arm64/kernel/entry.S:598) Signed-off-by: Alan Huang Signed-off-by: Kent Overstreet commit a30f32222df2a3777f8c09ef460ae8ad278021e6 Author: Mohammed Anees Date: Sat Oct 5 18:32:29 2024 +0530 bcachefs: Fix NULL pointer dereference in bch2_opt_to_text This patch adds a bounds check to the bch2_opt_to_text function to prevent NULL pointer dereferences when accessing the opt->choices array. This ensures that the index used is within valid bounds before dereferencing. The new version enhances the readability. Reported-and-tested-by: syzbot+37186860aa7812b331d5@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=37186860aa7812b331d5 Signed-off-by: Mohammed Anees Signed-off-by: Kent Overstreet commit a1541541480073365ac701a1125d750a86bfd644 Author: Alan Huang Date: Wed Oct 9 00:59:08 2024 +0800 bcachefs: Release transaction before wake up We will get this if we wake up first: Kernel panic - not syncing: btree_node_write_done leaked btree_trans since there are still transactions waiting for cycle detectors after BTREE_NODE_write_in_flight is cleared. Signed-off-by: Alan Huang Signed-off-by: Kent Overstreet commit 0151d10a480da22d0c137f859645fdc79e10b551 Author: Piotr Zalewski Date: Sun Sep 29 14:26:45 2024 +0000 bcachefs: add check for btree id against max in try read node Add check for read node's btree_id against BTREE_ID_NR_MAX in try_read_btree_node to prevent triggering EBUG_ON condition in bch2_btree_id_root[1]. [1] https://syzkaller.appspot.com/bug?extid=cf7b2215b5d70600ec00 Reported-by: syzbot+cf7b2215b5d70600ec00@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=cf7b2215b5d70600ec00 Fixes: 4409b8081d16 ("bcachefs: Repair pass for scanning for btree nodes") Signed-off-by: Piotr Zalewski Signed-off-by: Kent Overstreet commit 19773ec997201a45b3a1b5f1171897cba0f30bab Author: Kent Overstreet Date: Mon Oct 7 18:04:21 2024 -0400 bcachefs: Disk accounting device validation fixes - Fix failure to validate that accounting replicas entries point to valid devices: this wasn't a real bug since they'd be cleaned up by GC, but is still something we should know about - Fix failure to validate that dev_data_type entries point to valid devices: this does fix a real bug, since bch2_accounting_read() would then try to copy the counters to that device and pop an inconsistent error when the device didn't exist - Remove accounting entries that are zeroed or invalid: if we're not validating them we need to get rid of them: they might not exist in the superblock, so we need the to trigger the superblock mark path when they're readded. This fixes the replication.ktest rereplicate test, which was failing with "superblock not marked for replicas..." Signed-off-by: Kent Overstreet commit 9d86178782a25fac105e550e1c29c7d3f8470116 Author: Kent Overstreet Date: Wed Oct 2 21:23:41 2024 -0400 bcachefs: bch2_inode_or_descendents_is_open() fsck can now correctly check if inodes in interior snapshot nodes are open/in use. - Tweak the vfs inode rhashtable so that the subvolume ID isn't hashed, meaning inums in different subvolumes will hash to the same slot. Note that this is a hack, and will cause problems if anyone ever has the same file in many different snapshots open all at the same time. - Then check if any of those subvolumes is a descendent of the snapshot ID being checked Signed-off-by: Kent Overstreet commit 84878e82457f2d7900cc70041bd7c05684a6726e Author: Kent Overstreet Date: Mon Sep 30 00:38:13 2024 -0400 bcachefs: Kill bch2_propagate_key_to_snapshot_leaves() Dead code now. Signed-off-by: Kent Overstreet commit 9b23fdbd5d29beb5bd272c304e0d978edd32f513 Author: Kent Overstreet Date: Sun Sep 29 22:11:37 2024 -0400 bcachefs: bcachefs_metadata_version_inode_has_child_snapshots There's an inherent race in taking a snapshot while an unlinked file is open, and then reattaching it in the child snapshot. In the interior snapshot node the file will appear unlinked, as though it should be deleted - it's not referenced by anything in that snapshot - but we can't delete it, because the file data is referenced by the child snapshot. This was being handled incorrectly with propagate_key_to_snapshot_leaves() - but that doesn't resolve the fundamental inconsistency of "this file looks like it should be deleted according to normal rules, but - ". To fix this, we need to fix the rule for when an inode is deleted. The previous rule, ignoring snapshots (there was no well-defined rule for with snapshots) was: Unlinked, non open files are deleted, either at recovery time or during online fsck The new rule is: Unlinked, non open files, that do not exist in child snapshots, are deleted. To make this work transactionally, we add a new inode flag, BCH_INODE_has_child_snapshot; it overrides BCH_INODE_unlinked when considering whether to delete an inode, or put it on the deleted list. For transactional consistency, clearing it handled by the inode trigger: when deleting an inode we check if there are parent inodes which can now have the BCH_INODE_has_child_snapshot flag cleared. Signed-off-by: Kent Overstreet commit aa5f0fa6af38d96bc6f1b7e1534f5b5c025930a6 Author: Kanchana P Sridhar Date: Wed Oct 2 12:42:13 2024 -0700 mm: zswap: delete comments for "value" member of 'struct zswap_entry'. Made a minor edit in the comments for 'struct zswap_entry' to delete the description of the 'value' member that was deleted in commit 20a5532ffa53 ("mm: remove code to handle same filled pages"). Link: https://lkml.kernel.org/r/20241002194213.30041-1-kanchana.p.sridhar@intel.com Signed-off-by: Kanchana P Sridhar Fixes: 20a5532ffa53 ("mm: remove code to handle same filled pages") Reviewed-by: Nhat Pham Acked-by: Yosry Ahmed Reviewed-by: Usama Arif Cc: Chengming Zhou Cc: Huang Ying Cc: Johannes Weiner Cc: Kanchana P Sridhar Cc: Ryan Roberts Cc: Wajdi Feghali Signed-off-by: Andrew Morton commit b1815690289449c2973b7ca77aea0e155677176f Author: Krzysztof Kozlowski Date: Wed Oct 2 13:19:32 2024 +0200 CREDITS: sort alphabetically by name Re-sort few misplaced entries in the CREDITS file. Link: https://lkml.kernel.org/r/20241002111932.46012-1-krzysztof.kozlowski@linaro.org Signed-off-by: Krzysztof Kozlowski Cc: Arnd Bergmann Signed-off-by: Andrew Morton commit 532b53cebe58f34ce1c0f34d866f5c0e335c53c6 Author: Patrick Roy Date: Tue Oct 1 09:00:41 2024 +0100 secretmem: disable memfd_secret() if arch cannot set direct map Return -ENOSYS from memfd_secret() syscall if !can_set_direct_map(). This is the case for example on some arm64 configurations, where marking 4k PTEs in the direct map not present can only be done if the direct map is set up at 4k granularity in the first place (as ARM's break-before-make semantics do not easily allow breaking apart large/gigantic pages). More precisely, on arm64 systems with !can_set_direct_map(), set_direct_map_invalid_noflush() is a no-op, however it returns success (0) instead of an error. This means that memfd_secret will seemingly "work" (e.g. syscall succeeds, you can mmap the fd and fault in pages), but it does not actually achieve its goal of removing its memory from the direct map. Note that with this patch, memfd_secret() will start erroring on systems where can_set_direct_map() returns false (arm64 with CONFIG_RODATA_FULL_DEFAULT_ENABLED=n, CONFIG_DEBUG_PAGEALLOC=n and CONFIG_KFENCE=n), but that still seems better than the current silent failure. Since CONFIG_RODATA_FULL_DEFAULT_ENABLED defaults to 'y', most arm64 systems actually have a working memfd_secret() and aren't be affected. From going through the iterations of the original memfd_secret patch series, it seems that disabling the syscall in these scenarios was the intended behavior [1] (preferred over having set_direct_map_invalid_noflush return an error as that would result in SIGBUSes at page-fault time), however the check for it got dropped between v16 [2] and v17 [3], when secretmem moved away from CMA allocations. [1]: https://lore.kernel.org/lkml/20201124164930.GK8537@kernel.org/ [2]: https://lore.kernel.org/lkml/20210121122723.3446-11-rppt@kernel.org/#t [3]: https://lore.kernel.org/lkml/20201125092208.12544-10-rppt@kernel.org/ Link: https://lkml.kernel.org/r/20241001080056.784735-1-roypat@amazon.co.uk Fixes: 1507f51255c9 ("mm: introduce memfd_secret system call to create "secret" memory areas") Signed-off-by: Patrick Roy Reviewed-by: Mike Rapoport (Microsoft) Cc: Alexander Graf Cc: David Hildenbrand Cc: James Gowans Cc: Signed-off-by: Andrew Morton commit 71e32fe63cb654fbf23933b10613714b2429118b Author: Fangrui Song Date: Fri Sep 27 12:29:12 2024 -0700 .mailmap: update Fangrui's email I'm leaving Google. Link: https://lkml.kernel.org/r/20240927192912.31532-1-i@maskray.me Signed-off-by: Fangrui Song Acked-by: Nathan Chancellor Signed-off-by: Andrew Morton commit 47fa30118f02dc50e1c57242c6b72542c871b178 Author: David Hildenbrand Date: Thu Sep 26 17:42:34 2024 +0200 mm/huge_memory: check pmd_special() only after pmd_present() We should only check for pmd_special() after we made sure that we have a present PMD. For example, if we have a migration PMD, pmd_special() might indicate that we have a special PMD although we really don't. This fixes confusing migration entries as PFN mappings, and not doing what we are supposed to do in the "is_swap_pmd()" case further down in the function -- including messing up COW, page table handling and accounting. Link: https://lkml.kernel.org/r/20240926154234.2247217-1-david@redhat.com Fixes: bc02afbd4d73 ("mm/fork: accept huge pfnmap entries") Signed-off-by: David Hildenbrand Reported-by: syzbot+bf2c35fa302ebe3c7471@syzkaller.appspotmail.com Closes: https://lore.kernel.org/lkml/66f15c8d.050a0220.c23dd.000f.GAE@google.com/ Reviewed-by: Peter Xu Signed-off-by: Andrew Morton commit 0665d7a39bdf92c8ac3dc390501f303907c87f62 Author: Huang Ying Date: Mon Sep 30 15:06:11 2024 +0800 resource, kunit: fix user-after-free in resource_test_region_intersects() In resource_test_insert_resource(), the pointer is used in error message after kfree(). This is user-after-free. To fix this, we need to call kunit_add_action_or_reset() to schedule memory freeing after usage. But kunit_add_action_or_reset() itself may fail and free the memory. So, its return value should be checked and abort the test for failure. Then, we found that other usage of kunit_add_action_or_reset() in resource_test_region_intersects() needs to be fixed too. We fix all these user-after-free bugs in this patch. Link: https://lkml.kernel.org/r/20240930070611.353338-1-ying.huang@intel.com Fixes: 99185c10d5d9 ("resource, kunit: add test case for region_intersects()") Signed-off-by: "Huang, Ying" Reported-by: Kees Bakker Closes: https://lore.kernel.org/lkml/87ldzaotcg.fsf@yhuang6-desk2.ccr.corp.intel.com/ Cc: Dan Williams Cc: David Hildenbrand Cc: Bjorn Helgaas Signed-off-by: Andrew Morton commit 3d5854d75e3187147613130561b58f0b06166172 Author: Alexander Gordeev Date: Mon Sep 30 14:21:19 2024 +0200 fs/proc/kcore.c: allow translation of physical memory addresses When /proc/kcore is read an attempt to read the first two pages results in HW-specific page swap on s390 and another (so called prefix) pages are accessed instead. That leads to a wrong read. Allow architecture-specific translation of memory addresses using kc_xlate_dev_mem_ptr() and kc_unxlate_dev_mem_ptr() callbacks similarily to /dev/mem xlate_dev_mem_ptr() and unxlate_dev_mem_ptr() callbacks. That way an architecture can deal with specific physical memory ranges. Re-use the existing /dev/mem callback implementation on s390, which handles the described prefix pages swapping correctly. For other architectures the default callback is basically NOP. It is expected the condition (vaddr == __va(__pa(vaddr))) always holds true for KCORE_RAM memory type. Link: https://lkml.kernel.org/r/20240930122119.1651546-1-agordeev@linux.ibm.com Signed-off-by: Alexander Gordeev Suggested-by: Heiko Carstens Cc: Vasily Gorbik Cc: Signed-off-by: Andrew Morton commit 76503e1fa1a53ef041a120825d5ce81c7fe7bdd7 Author: Donet Tom Date: Fri Sep 27 00:07:52 2024 -0500 selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test The hmm2 double_map test was failing due to an incorrect buffer->mirror size. The buffer->mirror size was 6, while buffer->ptr size was 6 * PAGE_SIZE. The test failed because the kernel's copy_to_user function was attempting to copy a 6 * PAGE_SIZE buffer to buffer->mirror. Since the size of buffer->mirror was incorrect, copy_to_user failed. This patch corrects the buffer->mirror size to 6 * PAGE_SIZE. Test Result without this patch ============================== # RUN hmm2.hmm2_device_private.double_map ... # hmm-tests.c:1680:double_map:Expected ret (-14) == 0 (0) # double_map: Test terminated by assertion # FAIL hmm2.hmm2_device_private.double_map not ok 53 hmm2.hmm2_device_private.double_map Test Result with this patch =========================== # RUN hmm2.hmm2_device_private.double_map ... # OK hmm2.hmm2_device_private.double_map ok 53 hmm2.hmm2_device_private.double_map Link: https://lkml.kernel.org/r/20240927050752.51066-1-donettom@linux.ibm.com Fixes: fee9f6d1b8df ("mm/hmm/test: add selftests for HMM") Signed-off-by: Donet Tom Reviewed-by: Muhammad Usama Anjum Cc: Jérôme Glisse Cc: Kees Cook Cc: Mark Brown Cc: Przemek Kitszel Cc: Ritesh Harjani (IBM) Cc: Shuah Khan Cc: Ralph Campbell Cc: Jason Gunthorpe Cc: Signed-off-by: Andrew Morton commit 7fcbd9785d4c17ea533c42f20a9083a83f301fa6 Author: Kun(llfl) Date: Fri Sep 27 15:45:09 2024 +0800 device-dax: correct pgoff align in dax_set_mapping() pgoff should be aligned using ALIGN_DOWN() instead of ALIGN(). Otherwise, vmf->address not aligned to fault_size will be aligned to the next alignment, that can result in memory failure getting the wrong address. It's a subtle situation that only can be observed in page_mapped_in_vma() after the page is page fault handled by dev_dax_huge_fault. Generally, there is little chance to perform page_mapped_in_vma in dev-dax's page unless in specific error injection to the dax device to trigger an MCE - memory-failure. In that case, page_mapped_in_vma() will be triggered to determine which task is accessing the failure address and kill that task in the end. We used self-developed dax device (which is 2M aligned mapping) , to perform error injection to random address. It turned out that error injected to non-2M-aligned address was causing endless MCE until panic. Because page_mapped_in_vma() kept resulting wrong address and the task accessing the failure address was never killed properly: [ 3783.719419] Memory failure: 0x200c9742: recovery action for dax page: Recovered [ 3784.049006] mce: Uncorrected hardware memory error in user-access at 200c9742380 [ 3784.049190] Memory failure: 0x200c9742: recovery action for dax page: Recovered [ 3784.448042] mce: Uncorrected hardware memory error in user-access at 200c9742380 [ 3784.448186] Memory failure: 0x200c9742: recovery action for dax page: Recovered [ 3784.792026] mce: Uncorrected hardware memory error in user-access at 200c9742380 [ 3784.792179] Memory failure: 0x200c9742: recovery action for dax page: Recovered [ 3785.162502] mce: Uncorrected hardware memory error in user-access at 200c9742380 [ 3785.162633] Memory failure: 0x200c9742: recovery action for dax page: Recovered [ 3785.461116] mce: Uncorrected hardware memory error in user-access at 200c9742380 [ 3785.461247] Memory failure: 0x200c9742: recovery action for dax page: Recovered [ 3785.764730] mce: Uncorrected hardware memory error in user-access at 200c9742380 [ 3785.764859] Memory failure: 0x200c9742: recovery action for dax page: Recovered [ 3786.042128] mce: Uncorrected hardware memory error in user-access at 200c9742380 [ 3786.042259] Memory failure: 0x200c9742: recovery action for dax page: Recovered [ 3786.464293] mce: Uncorrected hardware memory error in user-access at 200c9742380 [ 3786.464423] Memory failure: 0x200c9742: recovery action for dax page: Recovered [ 3786.818090] mce: Uncorrected hardware memory error in user-access at 200c9742380 [ 3786.818217] Memory failure: 0x200c9742: recovery action for dax page: Recovered [ 3787.085297] mce: Uncorrected hardware memory error in user-access at 200c9742380 [ 3787.085424] Memory failure: 0x200c9742: recovery action for dax page: Recovered It took us several weeks to pinpoint this problem,  but we eventually used bpftrace to trace the page fault and mce address and successfully identified the issue. Joao added: ; Likely we never reproduce in production because we always pin : device-dax regions in the region align they provide (Qemu does : similarly with prealloc in hugetlb/file backed memory). I think this : bug requires that we touch *unpinned* device-dax regions unaligned to : the device-dax selected alignment (page size i.e. 4K/2M/1G) Link: https://lkml.kernel.org/r/23c02a03e8d666fef11bbe13e85c69c8b4ca0624.1727421694.git.llfl@linux.alibaba.com Fixes: b9b5777f09be ("device-dax: use ALIGN() for determining pgoff") Signed-off-by: Kun(llfl) Tested-by: JianXiong Zhao Reviewed-by: Joao Martins Cc: Dan Williams Cc: Signed-off-by: Andrew Morton commit 214e01ad4ed7158cab66498810094fac5d09b218 Author: Frederic Weisbecker Date: Fri Sep 13 23:46:34 2024 +0200 kthread: unpark only parked kthread Calling into kthread unparking unconditionally is mostly harmless when the kthread is already unparked. The wake up is then simply ignored because the target is not in TASK_PARKED state. However if the kthread is per CPU, the wake up is preceded by a call to kthread_bind() which expects the task to be inactive and in TASK_PARKED state, which obviously isn't the case if it is unparked. As a result, calling kthread_stop() on an unparked per-cpu kthread triggers such a warning: WARNING: CPU: 0 PID: 11 at kernel/kthread.c:525 __kthread_bind_mask kernel/kthread.c:525 kthread_stop+0x17a/0x630 kernel/kthread.c:707 destroy_workqueue+0x136/0xc40 kernel/workqueue.c:5810 wg_destruct+0x1e2/0x2e0 drivers/net/wireguard/device.c:257 netdev_run_todo+0xe1a/0x1000 net/core/dev.c:10693 default_device_exit_batch+0xa14/0xa90 net/core/dev.c:11769 ops_exit_list net/core/net_namespace.c:178 [inline] cleanup_net+0x89d/0xcc0 net/core/net_namespace.c:640 process_one_work kernel/workqueue.c:3231 [inline] process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312 worker_thread+0x86d/0xd70 kernel/workqueue.c:3393 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Fix this with skipping unecessary unparking while stopping a kthread. Link: https://lkml.kernel.org/r/20240913214634.12557-1-frederic@kernel.org Fixes: 5c25b5ff89f0 ("workqueue: Tag bound workers with KTHREAD_IS_PER_CPU") Signed-off-by: Frederic Weisbecker Reported-by: syzbot+943d34fa3cf2191e3068@syzkaller.appspotmail.com Tested-by: syzbot+943d34fa3cf2191e3068@syzkaller.appspotmail.com Suggested-by: Thomas Gleixner Cc: Hillf Danton Cc: Tejun Heo Cc: Signed-off-by: Andrew Morton commit 9a8da05d7ad619beb84d0c6904c3fa7022c6fb9b Author: Michal Hocko Date: Thu Sep 26 19:11:51 2024 +0200 Revert "mm: introduce PF_MEMALLOC_NORECLAIM, PF_MEMALLOC_NOWARN" This reverts commit eab0af905bfc3e9c05da2ca163d76a1513159aa4. There is no existing user of those flags. PF_MEMALLOC_NOWARN is dangerous because a nested allocation context can use GFP_NOFAIL which could cause unexpected failure. Such a code would be hard to maintain because it could be deeper in the call chain. PF_MEMALLOC_NORECLAIM has been added even when it was pointed out [1] that such a allocation contex is inherently unsafe if the context doesn't fully control all allocations called from this context. While PF_MEMALLOC_NOWARN is not dangerous the way PF_MEMALLOC_NORECLAIM is it doesn't have any user and as Matthew has pointed out we are running out of those flags so better reclaim it without any real users. [1] https://lore.kernel.org/all/ZcM0xtlKbAOFjv5n@tiehlicka/ Link: https://lkml.kernel.org/r/20240926172940.167084-3-mhocko@kernel.org Signed-off-by: Michal Hocko Reviewed-by: Matthew Wilcox (Oracle) Reviewed-by: Christoph Hellwig Reviewed-by: Dave Chinner Reviewed-by: Vlastimil Babka Cc: Al Viro Cc: Christian Brauner Cc: James Morris Cc: Jan Kara Cc: Kent Overstreet Cc: Paul Moore Cc: Serge E. Hallyn Cc: Yafang Shao Signed-off-by: Andrew Morton commit 9897713fe1077c90b4a86c9af0a878d56c8888a2 Author: Michal Hocko Date: Thu Sep 26 19:11:50 2024 +0200 bcachefs: do not use PF_MEMALLOC_NORECLAIM Patch series "remove PF_MEMALLOC_NORECLAIM" v3. This patch (of 2): bch2_new_inode relies on PF_MEMALLOC_NORECLAIM to try to allocate a new inode to achieve GFP_NOWAIT semantic while holding locks. If this allocation fails it will drop locks and use GFP_NOFS allocation context. We would like to drop PF_MEMALLOC_NORECLAIM because it is really dangerous to use if the caller doesn't control the full call chain with this flag set. E.g. if any of the function down the chain needed GFP_NOFAIL request the PF_MEMALLOC_NORECLAIM would override this and cause unexpected failure. While this is not the case in this particular case using the scoped gfp semantic is not really needed bacause we can easily pus the allocation context down the chain without too much clutter. [akpm@linux-foundation.org: fix kerneldoc warnings] Link: https://lkml.kernel.org/r/20240926172940.167084-1-mhocko@kernel.org Link: https://lkml.kernel.org/r/20240926172940.167084-2-mhocko@kernel.org Signed-off-by: Michal Hocko Reviewed-by: Christoph Hellwig Reviewed-by: Dave Chinner Reviewed-by: Jan Kara # For vfs changes Cc: Al Viro Cc: Christian Brauner Cc: James Morris Cc: Kent Overstreet Cc: Paul Moore Cc: Serge E. Hallyn Cc: Yafang Shao Cc: Matthew Wilcox (Oracle) Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit b983b271662bd6104d429b0fd97af3333ba760bf Author: Dimitri Sivanich Date: Thu Sep 19 07:34:50 2024 -0500 misc: sgi-gru: Don't disable preemption in GRU driver Disabling preemption in the GRU driver is unnecessary, and clashes with sleeping locks in several code paths. Remove preempt_disable and preempt_enable from the GRU driver. Signed-off-by: Dimitri Sivanich Signed-off-by: Linus Torvalds commit 7ef60108069b7e3cc66432304e1dd197d5c0a9b5 Author: Dai Ngo Date: Tue Oct 8 15:58:07 2024 -0700 NFS: remove revoked delegation from server's delegation list After the delegation is returned to the NFS server remove it from the server's delegations list to reduce the time it takes to scan this list. Network trace captured while running the below script shows the time taken to service the CB_RECALL increases gradually due to the overhead of traversing the delegation list in nfs_delegation_find_inode_server. The NFS server in this test is a Solaris server which issues CB_RECALL when receiving the all-zero stateid in the SETATTR. mount=/mnt/data for i in $(seq 1 20) do echo $i mkdir $mount/testtarfile$i time tar -C $mount/testtarfile$i -xf 5000_files.tar done Signed-off-by: Dai Ngo Reviewed-by: Trond Myklebust Signed-off-by: Anna Schumaker commit ff9d4099e6abe7062b1d81f003b1efce72da2fb3 Merge: 75b607fab38d14 5c26d2f1d3f5e4 Author: Linus Torvalds Date: Wed Oct 9 12:22:02 2024 -0700 Merge tag 'unicode-fixes-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/krisman/unicode Pull unicode fix from Gabriel Krisman Bertazi: - Handle code-points with the Ignorable property as regular character instead of treating them as an empty string (me) * tag 'unicode-fixes-6.12-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/krisman/unicode: unicode: Don't special case ignorable code points commit 5c26d2f1d3f5e4be3e196526bead29ecb139cf91 Author: Gabriel Krisman Bertazi Date: Tue Oct 8 18:43:16 2024 -0400 unicode: Don't special case ignorable code points We don't need to handle them separately. Instead, just let them decompose/casefold to themselves. Signed-off-by: Gabriel Krisman Bertazi commit 7941b83bceb374c7e81061e0ebb45cd45f3e3517 Author: Björn Töpel Date: Tue Oct 8 17:35:18 2024 +0200 selftests: sched_ext: Add sched_ext as proper selftest target The sched_ext selftests is missing proper cross-compilation support, a proper target entry, and out-of-tree build support. When building the kselftest suite, e.g.: make ARCH=riscv CROSS_COMPILE=riscv64-linux-gnu- \ TARGETS=sched_ext SKIP_TARGETS="" O=/output/foo \ -C tools/testing/selftests install or: make ARCH=arm64 LLVM=1 TARGETS=sched_ext SKIP_TARGETS="" \ O=/output/foo -C tools/testing/selftests install The expectation is that the sched_ext is included, cross-built, the correct toolchain is picked up, and placed into /output/foo. In contrast to the BPF selftests, the sched_ext suite does not use bpftool at test run-time, so it is sufficient to build bpftool for the build host only. Add ARCH, CROSS_COMPILE, OUTPUT, and TARGETS support to the sched_ext selftest. Also, remove some variables that were unused by the Makefile. Signed-off-by: Björn Töpel Reviewed-by: Shuah Khan Acked-by: David Vernet Tested-by: Mark Brown Reviewed-by: Mark Brown Signed-off-by: Tejun Heo commit 13f8f1e05f1dc36dbba6cba0ae03354c0dafcde7 Author: Mark Rutland Date: Tue Oct 8 16:58:48 2024 +0100 arm64: probes: Fix uprobes for big-endian kernels The arm64 uprobes code is broken for big-endian kernels as it doesn't convert the in-memory instruction encoding (which is always little-endian) into the kernel's native endianness before analyzing and simulating instructions. This may result in a few distinct problems: * The kernel may may erroneously reject probing an instruction which can safely be probed. * The kernel may erroneously erroneously permit stepping an instruction out-of-line when that instruction cannot be stepped out-of-line safely. * The kernel may erroneously simulate instruction incorrectly dur to interpretting the byte-swapped encoding. The endianness mismatch isn't caught by the compiler or sparse because: * The arch_uprobe::{insn,ixol} fields are encoded as arrays of u8, so the compiler and sparse have no idea these contain a little-endian 32-bit value. The core uprobes code populates these with a memcpy() which similarly does not handle endianness. * While the uprobe_opcode_t type is an alias for __le32, both arch_uprobe_analyze_insn() and arch_uprobe_skip_sstep() cast from u8[] to the similarly-named probe_opcode_t, which is an alias for u32. Hence there is no endianness conversion warning. Fix this by changing the arch_uprobe::{insn,ixol} fields to __le32 and adding the appropriate __le32_to_cpu() conversions prior to consuming the instruction encoding. The core uprobes copies these fields as opaque ranges of bytes, and so is unaffected by this change. At the same time, remove MAX_UINSN_BYTES and consistently use AARCH64_INSN_SIZE for clarity. Tested with the following: | #include | #include | | #define noinline __attribute__((noinline)) | | static noinline void *adrp_self(void) | { | void *addr; | | asm volatile( | " adrp %x0, adrp_self\n" | " add %x0, %x0, :lo12:adrp_self\n" | : "=r" (addr)); | } | | | int main(int argc, char *argv) | { | void *ptr = adrp_self(); | bool equal = (ptr == adrp_self); | | printf("adrp_self => %p\n" | "adrp_self() => %p\n" | "%s\n", | adrp_self, ptr, equal ? "EQUAL" : "NOT EQUAL"); | | return 0; | } .... where the adrp_self() function was compiled to: | 00000000004007e0 : | 4007e0: 90000000 adrp x0, 400000 <__ehdr_start> | 4007e4: 911f8000 add x0, x0, #0x7e0 | 4007e8: d65f03c0 ret Before this patch, the ADRP is not recognized, and is assumed to be steppable, resulting in corruption of the result: | # ./adrp-self | adrp_self => 0x4007e0 | adrp_self() => 0x4007e0 | EQUAL | # echo 'p /root/adrp-self:0x007e0' > /sys/kernel/tracing/uprobe_events | # echo 1 > /sys/kernel/tracing/events/uprobes/enable | # ./adrp-self | adrp_self => 0x4007e0 | adrp_self() => 0xffffffffff7e0 | NOT EQUAL After this patch, the ADRP is correctly recognized and simulated: | # ./adrp-self | adrp_self => 0x4007e0 | adrp_self() => 0x4007e0 | EQUAL | # | # echo 'p /root/adrp-self:0x007e0' > /sys/kernel/tracing/uprobe_events | # echo 1 > /sys/kernel/tracing/events/uprobes/enable | # ./adrp-self | adrp_self => 0x4007e0 | adrp_self() => 0x4007e0 | EQUAL Fixes: 9842ceae9fa8 ("arm64: Add uprobe support") Cc: stable@vger.kernel.org Signed-off-by: Mark Rutland Cc: Catalin Marinas Cc: Will Deacon Link: https://lore.kernel.org/r/20241008155851.801546-4-mark.rutland@arm.com Signed-off-by: Will Deacon commit 50f813e57601c22b6f26ced3193b9b94d70a2640 Author: Mark Rutland Date: Tue Oct 8 16:58:47 2024 +0100 arm64: probes: Fix simulate_ldr*_literal() The simulate_ldr_literal() code always loads a 64-bit quantity, and when simulating a 32-bit load into a 'W' register, it discards the most significant 32 bits. For big-endian kernels this means that the relevant bits are discarded, and the value returned is the the subsequent 32 bits in memory (i.e. the value at addr + 4). Additionally, simulate_ldr_literal() and simulate_ldrsw_literal() use a plain C load, which the compiler may tear or elide (e.g. if the target is the zero register). Today this doesn't happen to matter, but it may matter in future if trampoline code uses a LDR (literal) or LDRSW (literal). Update simulate_ldr_literal() and simulate_ldrsw_literal() to use an appropriately-sized READ_ONCE() to perform the access, which avoids these problems. Fixes: 39a67d49ba35 ("arm64: kprobes instruction simulation support") Cc: stable@vger.kernel.org Signed-off-by: Mark Rutland Cc: Catalin Marinas Cc: Will Deacon Link: https://lore.kernel.org/r/20241008155851.801546-3-mark.rutland@arm.com Signed-off-by: Will Deacon commit acc450aa07099d071b18174c22a1119c57da8227 Author: Mark Rutland Date: Tue Oct 8 16:58:46 2024 +0100 arm64: probes: Remove broken LDR (literal) uprobe support The simulate_ldr_literal() and simulate_ldrsw_literal() functions are unsafe to use for uprobes. Both functions were originally written for use with kprobes, and access memory with plain C accesses. When uprobes was added, these were reused unmodified even though they cannot safely access user memory. There are three key problems: 1) The plain C accesses do not have corresponding extable entries, and thus if they encounter a fault the kernel will treat these as unintentional accesses to user memory, resulting in a BUG() which will kill the kernel thread, and likely lead to further issues (e.g. lockup or panic()). 2) The plain C accesses are subject to HW PAN and SW PAN, and so when either is in use, any attempt to simulate an access to user memory will fault. Thus neither simulate_ldr_literal() nor simulate_ldrsw_literal() can do anything useful when simulating a user instruction on any system with HW PAN or SW PAN. 3) The plain C accesses are privileged, as they run in kernel context, and in practice can access a small range of kernel virtual addresses. The instructions they simulate have a range of +/-1MiB, and since the simulated instructions must itself be a user instructions in the TTBR0 address range, these can address the final 1MiB of the TTBR1 acddress range by wrapping downwards from an address in the first 1MiB of the TTBR0 address range. In contemporary kernels the last 8MiB of TTBR1 address range is reserved, and accesses to this will always fault, meaning this is no worse than (1). Historically, it was theoretically possible for the linear map or vmemmap to spill into the final 8MiB of the TTBR1 address range, but in practice this is extremely unlikely to occur as this would require either: * Having enough physical memory to fill the entire linear map all the way to the final 1MiB of the TTBR1 address range. * Getting unlucky with KASLR randomization of the linear map such that the populated region happens to overlap with the last 1MiB of the TTBR address range. ... and in either case if we were to spill into the final page there would be larger problems as the final page would alias with error pointers. Practically speaking, (1) and (2) are the big issues. Given there have been no reports of problems since the broken code was introduced, it appears that no-one is relying on probing these instructions with uprobes. Avoid these issues by not allowing uprobes on LDR (literal) and LDRSW (literal), limiting the use of simulate_ldr_literal() and simulate_ldrsw_literal() to kprobes. Attempts to place uprobes on LDR (literal) and LDRSW (literal) will be rejected as arm_probe_decode_insn() will return INSN_REJECTED. In future we can consider introducing working uprobes support for these instructions, but this will require more significant work. Fixes: 9842ceae9fa8 ("arm64: Add uprobe support") Cc: stable@vger.kernel.org Signed-off-by: Mark Rutland Cc: Catalin Marinas Cc: Will Deacon Link: https://lore.kernel.org/r/20241008155851.801546-2-mark.rutland@arm.com Signed-off-by: Will Deacon commit c56f9ecb7fb6a3a90079c19eb4c8daf3bbf514b3 Author: Basavaraj Natikar Date: Wed Oct 9 20:17:57 2024 +0530 HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() Using the device-managed version allows to simplify clean-up in probe() error path. Additionally, this device-managed ensures proper cleanup, which helps to resolve memory errors, page faults, btrfs going read-only, and btrfs disk corruption. Fixes: 4b2c53d93a4b ("SFH:Transport Driver to add support of AMD Sensor Fusion Hub (SFH)") Tested-by: Chris Hixon Tested-by: Richard Tested-by: Skyler Reported-by: Chris Hixon Closes: https://lore.kernel.org/all/3b129b1f-8636-456a-80b4-0f6cce0eef63@hixontech.com/ Link: https://bugzilla.kernel.org/show_bug.cgi?id=219331 Signed-off-by: Basavaraj Natikar Signed-off-by: Jiri Kosina commit 9988844c457f6f17fb2e75aa000b6c3b1b673bb9 Author: Vasiliy Kovalev Date: Wed Oct 9 16:42:48 2024 +0300 ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 There is a problem with simultaneous audio output to headphones and speakers, and when headphones are turned off, the speakers also turn off and do not turn them on. However, it was found that if you boot linux immediately after windows, there are no such problems. When comparing alsa-info, the only difference is the different configuration of Node 0x1d: working conf. (windows): Pin-ctls: 0x80: HP not working (linux): Pin-ctls: 0xc0: OUT HP This patch disable the AC_PINCTL_OUT_EN bit of Node 0x1d and fixes the described problem. Signed-off-by: Vasiliy Kovalev Cc: Link: https://patch.msgid.link/20241009134248.662175-1-kovalev@altlinux.org Signed-off-by: Takashi Iwai commit a38719e3157118428e34fbd45b0d0707a5877784 Author: Niklas Cassel Date: Tue Oct 8 15:58:44 2024 +0200 ata: libata: avoid superfluous disk spin down + spin up during hibernation A user reported that commit aa3998dbeb3a ("ata: libata-scsi: Disable scsi device manage_system_start_stop") introduced a spin down + immediate spin up of the disk both when entering and when resuming from hibernation. This behavior was not there before, and causes an increased latency both when entering and when resuming from hibernation. Hibernation is done by three consecutive PM events, in the following order: 1) PM_EVENT_FREEZE 2) PM_EVENT_THAW 3) PM_EVENT_HIBERNATE Commit aa3998dbeb3a ("ata: libata-scsi: Disable scsi device manage_system_start_stop") modified ata_eh_handle_port_suspend() to call ata_dev_power_set_standby() (which spins down the disk), for both event PM_EVENT_FREEZE and event PM_EVENT_HIBERNATE. Documentation/driver-api/pm/devices.rst, section "Entering Hibernation", explicitly mentions that PM_EVENT_FREEZE does not have to be put the device in a low-power state, and actually recommends not doing so. Thus, let's not spin down the disk on PM_EVENT_FREEZE. (The disk will instead be spun down during the subsequent PM_EVENT_HIBERNATE event.) This way, PM_EVENT_FREEZE will behave as it did before commit aa3998dbeb3a ("ata: libata-scsi: Disable scsi device manage_system_start_stop"), while PM_EVENT_HIBERNATE will continue to spin down the disk. This will avoid the superfluous spin down + spin up when entering and resuming from hibernation, while still making sure that the disk is spun down before actually entering hibernation. Cc: stable@vger.kernel.org # v6.6+ Fixes: aa3998dbeb3a ("ata: libata-scsi: Disable scsi device manage_system_start_stop") Reviewed-by: Damien Le Moal Link: https://lore.kernel.org/r/20241008135843.1266244-2-cassel@kernel.org Signed-off-by: Niklas Cassel commit 912da2c384d510ce40c5af9c3adc316afa4ec547 Author: Steven Rostedt Date: Tue Oct 8 14:32:42 2024 -0400 ring-buffer: Do not have boot mapped buffers hook to CPU hotplug The boot mapped ring buffer has its buffer mapped at a fixed location found at boot up. It is not dynamic. It cannot grow or be expanded when new CPUs come online. Do not hook fixed memory mapped ring buffers to the CPU hotplug callback, otherwise it can cause a crash when it tries to add the buffer to the memory that is already fully occupied. Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Link: https://lore.kernel.org/20241008143242.25e20801@gandalf.local.home Fixes: be68d63a139bd ("ring-buffer: Add ring_buffer_alloc_range()") Signed-off-by: Steven Rostedt (Google) commit 983e35ce2e1ee4037f6f5d5398dfc107b22ad569 Author: Jijie Shao Date: Tue Oct 8 10:48:36 2024 +0800 net: hns3/hns: Update the maintainer for the HNS3/HNS ethernet driver Yisen Zhuang has left the company in September. Jian Shen will be responsible for maintaining the hns3/hns driver's code in the future, so add Jian Shen to the hns3/hns driver's matainer list. Signed-off-by: Jijie Shao Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit 4d5c70e6155d5eae198bade4afeab3c1b15073b6 Author: Xin Long Date: Mon Oct 7 12:25:11 2024 -0400 sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start If hashing fails in sctp_listen_start(), the socket remains in the LISTENING state, even though it was not added to the hash table. This can lead to a scenario where a socket appears to be listening without actually being accessible. This patch ensures that if the hashing operation fails, the sk_state is set back to CLOSED before returning an error. Note that there is no need to undo the autobind operation if hashing fails, as the bind port can still be used for next listen() call on the same socket. Fixes: 76c6d988aeb3 ("sctp: add sock_reuseport for the sock in __sctp_hash_endpoint") Reported-by: Marcelo Ricardo Leitner Signed-off-by: Xin Long Acked-by: Marcelo Ricardo Leitner Signed-off-by: David S. Miller commit 82c5b53140faf89c31ea2b3a0985a2f291694169 Author: Daniel Palmer Date: Mon Oct 7 19:43:17 2024 +0900 net: amd: mvme147: Fix probe banner message Currently this driver prints this line with what looks like a rogue format specifier when the device is probed: [ 2.840000] eth%d: MVME147 at 0xfffe1800, irq 12, Hardware Address xx:xx:xx:xx:xx:xx Change the printk() for netdev_info() and move it after the registration has completed so it prints out the name of the interface properly. Signed-off-by: Daniel Palmer Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit a6ad589c1d118f9d5b1bc4c6888d42919f830340 Author: Heiner Kallweit Date: Mon Oct 7 11:57:41 2024 +0200 net: phy: realtek: Fix MMD access on RTL8126A-integrated PHY All MMD reads return 0 for the RTL8126A-integrated PHY. Therefore phylib assumes it doesn't support EEE, what results in higher power consumption, and a significantly higher chip temperature in my case. To fix this split out the PHY driver for the RTL8126A-integrated PHY and set the read_mmd/write_mmd callbacks to read from vendor-specific registers. Fixes: 5befa3728b85 ("net: phy: realtek: add support for RTL8126A-integrated 5Gbps PHY") Cc: stable@vger.kernel.org Signed-off-by: Heiner Kallweit Signed-off-by: David S. Miller commit e761be2a0744086fc4793a4870d4b5746b7fe8cd Author: Naohiro Aota Date: Fri Oct 4 13:53:35 2024 +0900 btrfs: fix clear_dirty and writeback ordering in submit_one_sector() This commit is a replay of commit 6252690f7e1b ("btrfs: fix invalid mapping of extent xarray state"). We need to call btrfs_folio_clear_dirty() before btrfs_set_range_writeback(), so that xarray DIRTY tag is cleared. With a refactoring commit 8189197425e7 ("btrfs: refactor __extent_writepage_io() to do sector-by-sector submission"), it screwed up and the order is reversed and causing the same hang. Fix the ordering now in submit_one_sector(). Fixes: 8189197425e7 ("btrfs: refactor __extent_writepage_io() to do sector-by-sector submission") Reviewed-by: Qu Wenruo Reviewed-by: Johannes Thumshirn Signed-off-by: Naohiro Aota Signed-off-by: David Sterba commit fe4cd7ed128fe82ab9fe4f9fc8a73d4467699787 Author: Filipe Manana Date: Wed Oct 2 15:02:56 2024 +0100 btrfs: zoned: fix missing RCU locking in error message when loading zone info At btrfs_load_zone_info() we have an error path that is dereferencing the name of a device which is a RCU string but we are not holding a RCU read lock, which is incorrect. Fix this by using btrfs_err_in_rcu() instead of btrfs_err(). The problem is there since commit 08e11a3db098 ("btrfs: zoned: load zone's allocation offset"), back then at btrfs_load_block_group_zone_info() but then later on that code was factored out into the helper btrfs_load_zone_info() by commit 09a46725cc84 ("btrfs: zoned: factor out per-zone logic from btrfs_load_block_group_zone_info"). Fixes: 08e11a3db098 ("btrfs: zoned: load zone's allocation offset") Reviewed-by: Johannes Thumshirn Reviewed-by: Qu Wenruo Reviewed-by: Naohiro Aota Signed-off-by: Filipe Manana Reviewed-by: David Sterba Signed-off-by: David Sterba commit ff8ee11e778520c5716b7f165d2c7ce14d6a068b Author: MD Danish Anwar Date: Mon Oct 7 11:11:24 2024 +0530 net: ti: icssg-prueth: Fix race condition for VLAN table access The VLAN table is a shared memory between the two ports/slices in a ICSSG cluster and this may lead to race condition when the common code paths for both ports are executed in different CPUs. Fix the race condition access by locking the shared memory access Fixes: 487f7323f39a ("net: ti: icssg-prueth: Add helper functions to configure FDB") Signed-off-by: MD Danish Anwar Reviewed-by: Roger Quadros Signed-off-by: David S. Miller commit 77bfe1b11ea0c0c4b0ce19b742cd1aa82f60e45d Author: Andrew Kreimer Date: Thu Oct 3 00:19:48 2024 +0300 xfs: fix a typo Fix a typo in comments. Signed-off-by: Andrew Kreimer Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit 4390f019ad7866c3791c3d768d2ff185d89e8ebe Author: Brian Foster Date: Fri Sep 6 07:40:51 2024 -0400 xfs: don't free cowblocks from under dirty pagecache on unshare fallocate unshare mode explicitly breaks extent sharing. When a command completes, it checks the data fork for any remaining shared extents to determine whether the reflink inode flag and COW fork preallocation can be removed. This logic doesn't consider in-core pagecache and I/O state, however, which means we can unsafely remove COW fork blocks that are still needed under certain conditions. For example, consider the following command sequence: xfs_io -fc "pwrite 0 1k" -c "reflink 0 256k 1k" \ -c "pwrite 0 32k" -c "funshare 0 1k" This allocates a data block at offset 0, shares it, and then overwrites it with a larger buffered write. The overwrite triggers COW fork preallocation, 32 blocks by default, which maps the entire 32k write to delalloc in the COW fork. All but the shared block at offset 0 remains hole mapped in the data fork. The unshare command redirties and flushes the folio at offset 0, removing the only shared extent from the inode. Since the inode no longer maps shared extents, unshare purges the COW fork before the remaining 28k may have written back. This leaves dirty pagecache backed by holes, which writeback quietly skips, thus leaving clean, non-zeroed pagecache over holes in the file. To verify, fiemap shows holes in the first 32k of the file and reads return different data across a remount: $ xfs_io -c "fiemap -v" : EXT: FILE-OFFSET BLOCK-RANGE TOTAL FLAGS ... 1: [8..511]: hole 504 ... $ xfs_io -c "pread -v 4k 8" 00001000: cd cd cd cd cd cd cd cd ........ $ umount ; mount $ xfs_io -c "pread -v 4k 8" 00001000: 00 00 00 00 00 00 00 00 ........ To avoid this problem, make unshare follow the same rules used for background cowblock scanning and never purge the COW fork for inodes with dirty pagecache or in-flight I/O. Fixes: 46afb0628b86347 ("xfs: only flush the unshared range in xfs_reflink_unshare") Signed-off-by: Brian Foster Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit faa34159d08089036b6119c85e279fb36abb8bb5 Author: Jinjie Ruan Date: Mon Sep 30 16:15:20 2024 +0800 net/9p/usbg: Fix build error When CONFIG_NET_9P_USBG=y but CONFIG_USB_LIBCOMPOSITE=m and CONFIG_CONFIGFS_FS=m, the following build error occurs: riscv64-unknown-linux-gnu-ld: net/9p/trans_usbg.o: in function `usb9pfs_free_func': trans_usbg.c:(.text+0x124): undefined reference to `usb_free_all_descriptors' riscv64-unknown-linux-gnu-ld: net/9p/trans_usbg.o: in function `usb9pfs_rx_complete': trans_usbg.c:(.text+0x2d8): undefined reference to `usb_interface_id' riscv64-unknown-linux-gnu-ld: trans_usbg.c:(.text+0x2f6): undefined reference to `usb_string_id' riscv64-unknown-linux-gnu-ld: net/9p/trans_usbg.o: in function `usb9pfs_func_bind': trans_usbg.c:(.text+0x31c): undefined reference to `usb_ep_autoconfig' riscv64-unknown-linux-gnu-ld: trans_usbg.c:(.text+0x336): undefined reference to `usb_ep_autoconfig' riscv64-unknown-linux-gnu-ld: trans_usbg.c:(.text+0x378): undefined reference to `usb_assign_descriptors' riscv64-unknown-linux-gnu-ld: net/9p/trans_usbg.o: in function `f_usb9pfs_opts_buflen_store': trans_usbg.c:(.text+0x49e): undefined reference to `usb_put_function_instance' riscv64-unknown-linux-gnu-ld: net/9p/trans_usbg.o: in function `usb9pfs_alloc_instance': trans_usbg.c:(.text+0x5fe): undefined reference to `config_group_init_type_name' riscv64-unknown-linux-gnu-ld: net/9p/trans_usbg.o: in function `usb9pfs_alloc': trans_usbg.c:(.text+0x7aa): undefined reference to `config_ep_by_speed' riscv64-unknown-linux-gnu-ld: trans_usbg.c:(.text+0x7ea): undefined reference to `config_ep_by_speed' riscv64-unknown-linux-gnu-ld: net/9p/trans_usbg.o: in function `usb9pfs_set_alt': trans_usbg.c:(.text+0x828): undefined reference to `alloc_ep_req' riscv64-unknown-linux-gnu-ld: net/9p/trans_usbg.o: in function `usb9pfs_modexit': trans_usbg.c:(.exit.text+0x10): undefined reference to `usb_function_unregister' riscv64-unknown-linux-gnu-ld: net/9p/trans_usbg.o: in function `usb9pfs_modinit': trans_usbg.c:(.init.text+0x1e): undefined reference to `usb_function_register' Select the config for NET_9P_USBG to fix it. Fixes: a3be076dc174 ("net/9p/usbg: Add new usb gadget function transport") Signed-off-by: Jinjie Ruan Tested-by: Kexy Biscuit Link: https://lore.kernel.org/r/20240930081520.2371424-1-ruanjinjie@huawei.com Signed-off-by: Greg Kroah-Hartman commit e4d2102018542e3ae5e297bc6e229303abff8a0f Author: Pawan Gupta Date: Thu Sep 26 09:10:31 2024 -0700 x86/bugs: Use code segment selector for VERW operand Robert Gill reported below #GP in 32-bit mode when dosemu software was executing vm86() system call: general protection fault: 0000 [#1] PREEMPT SMP CPU: 4 PID: 4610 Comm: dosemu.bin Not tainted 6.6.21-gentoo-x86 #1 Hardware name: Dell Inc. PowerEdge 1950/0H723K, BIOS 2.7.0 10/30/2010 EIP: restore_all_switch_stack+0xbe/0xcf EAX: 00000000 EBX: 00000000 ECX: 00000000 EDX: 00000000 ESI: 00000000 EDI: 00000000 EBP: 00000000 ESP: ff8affdc DS: 0000 ES: 0000 FS: 0000 GS: 0033 SS: 0068 EFLAGS: 00010046 CR0: 80050033 CR2: 00c2101c CR3: 04b6d000 CR4: 000406d0 Call Trace: show_regs+0x70/0x78 die_addr+0x29/0x70 exc_general_protection+0x13c/0x348 exc_bounds+0x98/0x98 handle_exception+0x14d/0x14d exc_bounds+0x98/0x98 restore_all_switch_stack+0xbe/0xcf exc_bounds+0x98/0x98 restore_all_switch_stack+0xbe/0xcf This only happens in 32-bit mode when VERW based mitigations like MDS/RFDS are enabled. This is because segment registers with an arbitrary user value can result in #GP when executing VERW. Intel SDM vol. 2C documents the following behavior for VERW instruction: #GP(0) - If a memory operand effective address is outside the CS, DS, ES, FS, or GS segment limit. CLEAR_CPU_BUFFERS macro executes VERW instruction before returning to user space. Use %cs selector to reference VERW operand. This ensures VERW will not #GP for an arbitrary user %ds. [ mingo: Fixed the SOB chain. ] Fixes: a0e2dab44d22 ("x86/entry_32: Add VERW just before userspace transition") Reported-by: Robert Gill Reviewed-by: Andrew Cooper Suggested-by: Brian Gerst Signed-off-by: Pawan Gupta Signed-off-by: Dave Hansen Signed-off-by: Ingo Molnar commit fc4d262721705f2a7b860946504e7b8a313f06e1 Merge: 8cf0b93919e13d 32fda565062506 Author: Dave Airlie Date: Wed Oct 9 16:30:21 2024 +1000 Merge tag 'amd-drm-fixes-6.12-2024-10-08' of https://gitlab.freedesktop.org/agd5f/linux into drm-fixes amd-drm-fixes-6.12-2024-10-08: amdgpu: - Fix invalid UBSAN warnings - Fix artifacts in MPO transitions - Hibernation fix amdkfd: - Fix an eviction fence leak radeon: - Add late register for connectors - Always set GEM function pointers Signed-off-by: Dave Airlie From: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20241008142831.3739244-1-alexander.deucher@amd.com commit 08c8acc9d8f3f70d62dd928571368d5018206490 Author: Rosen Penev Date: Mon Oct 7 16:57:11 2024 -0700 net: ibm: emac: mal: fix wrong goto dcr_map is called in the previous if and therefore needs to be unmapped. Fixes: 1ff0fcfcb1a6 ("ibm_newemac: Fix new MAL feature handling") Signed-off-by: Rosen Penev Link: https://patch.msgid.link/20241007235711.5714-1-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 1badf482816417dca71f8120b4c540cdc82aa03c Author: Matt Roper Date: Wed Oct 2 16:06:21 2024 -0700 drm/xe: Make wedged_mode debugfs writable The intent of this debugfs entry is to allow modification of wedging behavior, either from IGT tests or during manual debug; it should be marked as writable to properly reflect this. In practice this hasn't caused a problem because we always access wedged_mode as root, which ignores file permissions, but it's still misleading to have the entry incorrectly marked as RO. Cc: Rodrigo Vivi Fixes: 6b8ef44cc0a9 ("drm/xe: Introduce the wedged_mode debugfs") Signed-off-by: Matt Roper Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/20241002230620.1249258-2-matthew.d.roper@intel.com (cherry picked from commit 93d93813422758f6c99289de446b19184019ef5a) Signed-off-by: Lucas De Marchi commit 3fd76be868ae5c7e9f905f3bcc2ce0e3d8f5aa08 Author: Vinay Belgaumkar Date: Wed Sep 25 13:49:18 2024 -0700 drm/xe: Restore GT freq on GSC load error As part of a Wa_22019338487, ensure that GT freq is restored even when GSC reload is not successful. Fixes: 3b1592fb7835 ("drm/xe/lnl: Apply Wa_22019338487") Signed-off-by: Vinay Belgaumkar Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240925204918.1989574-1-vinay.belgaumkar@intel.com Signed-off-by: Rodrigo Vivi (cherry picked from commit 491418a258322bbd7f045e36884d2849b673f23d) Signed-off-by: Lucas De Marchi commit 42465603a31089a89b5fe25966ecedb841eeaa0f Author: Matthew Auld Date: Tue Oct 1 09:43:49 2024 +0100 drm/xe/guc_submit: fix xa_store() error checking Looks like we are meant to use xa_err() to extract the error encoded in the ptr. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Matthew Auld Cc: Matthew Brost Cc: Badal Nilawar Cc: # v6.8+ Reviewed-by: Badal Nilawar Link: https://patchwork.freedesktop.org/patch/msgid/20241001084346.98516-7-matthew.auld@intel.com (cherry picked from commit f040327238b1a8311598c40ac94464e77fff368c) Signed-off-by: Lucas De Marchi commit e863781abe4fe430406dd075ca0cab99165b4e63 Author: Matthew Auld Date: Tue Oct 1 09:43:48 2024 +0100 drm/xe/ct: fix xa_store() error checking Looks like we are meant to use xa_err() to extract the error encoded in the ptr. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Matthew Auld Cc: Matthew Brost Cc: Badal Nilawar Cc: # v6.8+ Reviewed-by: Badal Nilawar Link: https://patchwork.freedesktop.org/patch/msgid/20241001084346.98516-6-matthew.auld@intel.com (cherry picked from commit 1aa4b7864707886fa40d959483591f3d3937fa28) Signed-off-by: Lucas De Marchi commit db7f92af626178ba59dbbcdd5dee9ec24a987a88 Author: Matthew Auld Date: Tue Oct 1 09:43:47 2024 +0100 drm/xe/ct: prevent UAF in send_recv() Ensure we serialize with completion side to prevent UAF with fence going out of scope on the stack, since we have no clue if it will fire after the timeout before we can erase from the xa. Also we have some dependent loads and stores for which we need the correct ordering, and we lack the needed barriers. Fix this by grabbing the ct->lock after the wait, which is also held by the completion side. v2 (Badal): - Also print done after acquiring the lock and seeing timeout. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Matthew Auld Cc: Matthew Brost Cc: Badal Nilawar Cc: # v6.8+ Reviewed-by: Badal Nilawar Link: https://patchwork.freedesktop.org/patch/msgid/20241001084346.98516-5-matthew.auld@intel.com (cherry picked from commit 52789ce35c55ccd30c4b67b9cc5b2af55e0122ea) Signed-off-by: Lucas De Marchi commit 3cb7cf1540ddff5473d6baeb530228d19bc97b8a Author: Eric Dumazet Date: Mon Oct 7 18:41:30 2024 +0000 net/sched: accept TCA_STAB only for root qdisc Most qdiscs maintain their backlog using qdisc_pkt_len(skb) on the assumption it is invariant between the enqueue() and dequeue() handlers. Unfortunately syzbot can crash a host rather easily using a TBF + SFQ combination, with an STAB on SFQ [1] We can't support TCA_STAB on arbitrary level, this would require to maintain per-qdisc storage. [1] [ 88.796496] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 88.798611] #PF: supervisor read access in kernel mode [ 88.799014] #PF: error_code(0x0000) - not-present page [ 88.799506] PGD 0 P4D 0 [ 88.799829] Oops: Oops: 0000 [#1] SMP NOPTI [ 88.800569] CPU: 14 UID: 0 PID: 2053 Comm: b371744477 Not tainted 6.12.0-rc1-virtme #1117 [ 88.801107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 88.801779] RIP: 0010:sfq_dequeue (net/sched/sch_sfq.c:272 net/sched/sch_sfq.c:499) sch_sfq [ 88.802544] Code: 0f b7 50 12 48 8d 04 d5 00 00 00 00 48 89 d6 48 29 d0 48 8b 91 c0 01 00 00 48 c1 e0 03 48 01 c2 66 83 7a 1a 00 7e c0 48 8b 3a <4c> 8b 07 4c 89 02 49 89 50 08 48 c7 47 08 00 00 00 00 48 c7 07 00 All code ======== 0: 0f b7 50 12 movzwl 0x12(%rax),%edx 4: 48 8d 04 d5 00 00 00 lea 0x0(,%rdx,8),%rax b: 00 c: 48 89 d6 mov %rdx,%rsi f: 48 29 d0 sub %rdx,%rax 12: 48 8b 91 c0 01 00 00 mov 0x1c0(%rcx),%rdx 19: 48 c1 e0 03 shl $0x3,%rax 1d: 48 01 c2 add %rax,%rdx 20: 66 83 7a 1a 00 cmpw $0x0,0x1a(%rdx) 25: 7e c0 jle 0xffffffffffffffe7 27: 48 8b 3a mov (%rdx),%rdi 2a:* 4c 8b 07 mov (%rdi),%r8 <-- trapping instruction 2d: 4c 89 02 mov %r8,(%rdx) 30: 49 89 50 08 mov %rdx,0x8(%r8) 34: 48 c7 47 08 00 00 00 movq $0x0,0x8(%rdi) 3b: 00 3c: 48 rex.W 3d: c7 .byte 0xc7 3e: 07 (bad) ... Code starting with the faulting instruction =========================================== 0: 4c 8b 07 mov (%rdi),%r8 3: 4c 89 02 mov %r8,(%rdx) 6: 49 89 50 08 mov %rdx,0x8(%r8) a: 48 c7 47 08 00 00 00 movq $0x0,0x8(%rdi) 11: 00 12: 48 rex.W 13: c7 .byte 0xc7 14: 07 (bad) ... [ 88.803721] RSP: 0018:ffff9a1f892b7d58 EFLAGS: 00000206 [ 88.804032] RAX: 0000000000000000 RBX: ffff9a1f8420c800 RCX: ffff9a1f8420c800 [ 88.804560] RDX: ffff9a1f81bc1440 RSI: 0000000000000000 RDI: 0000000000000000 [ 88.805056] RBP: ffffffffc04bb0e0 R08: 0000000000000001 R09: 00000000ff7f9a1f [ 88.805473] R10: 000000000001001b R11: 0000000000009a1f R12: 0000000000000140 [ 88.806194] R13: 0000000000000001 R14: ffff9a1f886df400 R15: ffff9a1f886df4ac [ 88.806734] FS: 00007f445601a740(0000) GS:ffff9a2e7fd80000(0000) knlGS:0000000000000000 [ 88.807225] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.807672] CR2: 0000000000000000 CR3: 000000050cc46000 CR4: 00000000000006f0 [ 88.808165] Call Trace: [ 88.808459] [ 88.808710] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434) [ 88.809261] ? page_fault_oops (arch/x86/mm/fault.c:715) [ 88.809561] ? exc_page_fault (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:87 ./arch/x86/include/asm/irqflags.h:147 arch/x86/mm/fault.c:1489 arch/x86/mm/fault.c:1539) [ 88.809806] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623) [ 88.810074] ? sfq_dequeue (net/sched/sch_sfq.c:272 net/sched/sch_sfq.c:499) sch_sfq [ 88.810411] sfq_reset (net/sched/sch_sfq.c:525) sch_sfq [ 88.810671] qdisc_reset (./include/linux/skbuff.h:2135 ./include/linux/skbuff.h:2441 ./include/linux/skbuff.h:3304 ./include/linux/skbuff.h:3310 net/sched/sch_generic.c:1036) [ 88.810950] tbf_reset (./include/linux/timekeeping.h:169 net/sched/sch_tbf.c:334) sch_tbf [ 88.811208] qdisc_reset (./include/linux/skbuff.h:2135 ./include/linux/skbuff.h:2441 ./include/linux/skbuff.h:3304 ./include/linux/skbuff.h:3310 net/sched/sch_generic.c:1036) [ 88.811484] netif_set_real_num_tx_queues (./include/linux/spinlock.h:396 ./include/net/sch_generic.h:768 net/core/dev.c:2958) [ 88.811870] __tun_detach (drivers/net/tun.c:590 drivers/net/tun.c:673) [ 88.812271] tun_chr_close (drivers/net/tun.c:702 drivers/net/tun.c:3517) [ 88.812505] __fput (fs/file_table.c:432 (discriminator 1)) [ 88.812735] task_work_run (kernel/task_work.c:230) [ 88.813016] do_exit (kernel/exit.c:940) [ 88.813372] ? trace_hardirqs_on (kernel/trace/trace_preemptirq.c:58 (discriminator 4)) [ 88.813639] ? handle_mm_fault (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:97 ./arch/x86/include/asm/irqflags.h:155 ./include/linux/memcontrol.h:1022 ./include/linux/memcontrol.h:1045 ./include/linux/memcontrol.h:1052 mm/memory.c:5928 mm/memory.c:6088) [ 88.813867] do_group_exit (kernel/exit.c:1070) [ 88.814138] __x64_sys_exit_group (kernel/exit.c:1099) [ 88.814490] x64_sys_call (??:?) [ 88.814791] do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1)) [ 88.815012] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) [ 88.815495] RIP: 0033:0x7f44560f1975 Fixes: 175f9c1bba9b ("net_sched: Add size table for qdiscs") Reported-by: syzbot Signed-off-by: Eric Dumazet Cc: Daniel Borkmann Link: https://patch.msgid.link/20241007184130.3960565-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit 48a2440d0f20c826b884e04377ccc1e4696c84e9 Author: Pawan Gupta Date: Wed Sep 25 15:25:44 2024 -0700 x86/entry_32: Clear CPU buffers after register restore in NMI return CPU buffers are currently cleared after call to exc_nmi, but before register state is restored. This may be okay for MDS mitigation but not for RDFS. Because RDFS mitigation requires CPU buffers to be cleared when registers don't have any sensitive data. Move CLEAR_CPU_BUFFERS after RESTORE_ALL_NMI. Fixes: a0e2dab44d22 ("x86/entry_32: Add VERW just before userspace transition") Suggested-by: Dave Hansen Signed-off-by: Pawan Gupta Signed-off-by: Dave Hansen Cc:stable@vger.kernel.org Link: https://lore.kernel.org/all/20240925-fix-dosemu-vm86-v7-2-1de0daca2d42%40linux.intel.com commit 2e2e5143d4868163d6756c8c6a4d28cbfa5245e5 Author: Pawan Gupta Date: Wed Sep 25 15:25:38 2024 -0700 x86/entry_32: Do not clobber user EFLAGS.ZF Opportunistic SYSEXIT executes VERW to clear CPU buffers after user EFLAGS are restored. This can clobber user EFLAGS.ZF. Move CLEAR_CPU_BUFFERS before the user EFLAGS are restored. This ensures that the user EFLAGS.ZF is not clobbered. Closes: https://lore.kernel.org/lkml/yVXwe8gvgmPADpRB6lXlicS2fcHoV5OHHxyuFbB_MEleRPD7-KhGe5VtORejtPe-KCkT8Uhcg5d7-IBw4Ojb4H7z5LQxoZylSmJ8KNL3A8o=@protonmail.com/ Fixes: a0e2dab44d22 ("x86/entry_32: Add VERW just before userspace transition") Reported-by: Jari Ruusu Signed-off-by: Pawan Gupta Signed-off-by: Dave Hansen Cc:stable@vger.kernel.org Link: https://lore.kernel.org/all/20240925-fix-dosemu-vm86-v7-1-1de0daca2d42%40linux.intel.com commit dc7785e4723510616d776862ddb4c08857a1bdb2 Author: Florian Klink Date: Tue Jul 16 02:03:11 2024 +0300 ARM: dts: bcm2837-rpi-cm3-io3: Fix HDMI hpd-gpio pin HDMI_HPD_N_1V8 is connected to GPIO pin 0, not 1. This fixes HDMI hotplug/output detection. See https://datasheets.raspberrypi.com/cm/cm3-schematics.pdf Signed-off-by: Florian Klink Reviewed-by: Stefan Wahren Link: https://lore.kernel.org/r/20240715230311.685641-1-flokli@flokli.de Reviewed-by: Stefan Wahren Fixes: a54fe8a6cf66 ("ARM: dts: add Raspberry Pi Compute Module 3 and IO board") Signed-off-by: Florian Fainelli commit 34d5b600172b846161e507bdce132c98d9cc9701 Author: Yu Liao Date: Tue Oct 8 10:33:32 2024 +0800 selftests: vDSO: Explicitly include sched.h The previous commit introduced the use of CLONE_NEWTIME without including which contains its definition. Add an explicit include of to ensure that CLONE_NEWTIME is correctly defined before it is used. Fixes: 2aec90036dcd ("selftests: vDSO: ensure vgetrandom works in a time namespace") Signed-off-by: Yu Liao Signed-off-by: Shuah Khan commit 9d9e5347b035412daa844f884b94a05bac94f864 Author: Vitaly Lifshits Date: Sun Sep 8 09:49:17 2024 +0300 e1000e: change I219 (19) devices to ADP Sporadic issues, such as PHY access loss, have been observed on I219 (19) devices. It was found that these devices have hardware more closely related to ADP than MTP and the issues were caused by taking MTP-specific flows. Change the MAC and board types of these devices from MTP to ADP to correctly reflect the LAN hardware, and flows, of these devices. Fixes: db2d737d63c5 ("e1000e: Separate MTP board type from ADP") Signed-off-by: Vitaly Lifshits Tested-by: Mor Bar-Gabay Signed-off-by: Tony Nguyen commit 330a699ecbfc9c26ec92c6310686da1230b4e7eb Author: Mohamed Khalfella Date: Tue Sep 24 15:06:01 2024 -0600 igb: Do not bring the device up after non-fatal error Commit 004d25060c78 ("igb: Fix igb_down hung on surprise removal") changed igb_io_error_detected() to ignore non-fatal pcie errors in order to avoid hung task that can happen when igb_down() is called multiple times. This caused an issue when processing transient non-fatal errors. igb_io_resume(), which is called after igb_io_error_detected(), assumes that device is brought down by igb_io_error_detected() if the interface is up. This resulted in panic with stacktrace below. [ T3256] igb 0000:09:00.0 haeth0: igb: haeth0 NIC Link is Down [ T292] pcieport 0000:00:1c.5: AER: Uncorrected (Non-Fatal) error received: 0000:09:00.0 [ T292] igb 0000:09:00.0: PCIe Bus Error: severity=Uncorrected (Non-Fatal), type=Transaction Layer, (Requester ID) [ T292] igb 0000:09:00.0: device [8086:1537] error status/mask=00004000/00000000 [ T292] igb 0000:09:00.0: [14] CmpltTO [ 200.105524,009][ T292] igb 0000:09:00.0: AER: TLP Header: 00000000 00000000 00000000 00000000 [ T292] pcieport 0000:00:1c.5: AER: broadcast error_detected message [ T292] igb 0000:09:00.0: Non-correctable non-fatal error reported. [ T292] pcieport 0000:00:1c.5: AER: broadcast mmio_enabled message [ T292] pcieport 0000:00:1c.5: AER: broadcast resume message [ T292] ------------[ cut here ]------------ [ T292] kernel BUG at net/core/dev.c:6539! [ T292] invalid opcode: 0000 [#1] PREEMPT SMP [ T292] RIP: 0010:napi_enable+0x37/0x40 [ T292] Call Trace: [ T292] [ T292] ? die+0x33/0x90 [ T292] ? do_trap+0xdc/0x110 [ T292] ? napi_enable+0x37/0x40 [ T292] ? do_error_trap+0x70/0xb0 [ T292] ? napi_enable+0x37/0x40 [ T292] ? napi_enable+0x37/0x40 [ T292] ? exc_invalid_op+0x4e/0x70 [ T292] ? napi_enable+0x37/0x40 [ T292] ? asm_exc_invalid_op+0x16/0x20 [ T292] ? napi_enable+0x37/0x40 [ T292] igb_up+0x41/0x150 [ T292] igb_io_resume+0x25/0x70 [ T292] report_resume+0x54/0x70 [ T292] ? report_frozen_detected+0x20/0x20 [ T292] pci_walk_bus+0x6c/0x90 [ T292] ? aer_print_port_info+0xa0/0xa0 [ T292] pcie_do_recovery+0x22f/0x380 [ T292] aer_process_err_devices+0x110/0x160 [ T292] aer_isr+0x1c1/0x1e0 [ T292] ? disable_irq_nosync+0x10/0x10 [ T292] irq_thread_fn+0x1a/0x60 [ T292] irq_thread+0xe3/0x1a0 [ T292] ? irq_set_affinity_notifier+0x120/0x120 [ T292] ? irq_affinity_notify+0x100/0x100 [ T292] kthread+0xe2/0x110 [ T292] ? kthread_complete_and_exit+0x20/0x20 [ T292] ret_from_fork+0x2d/0x50 [ T292] ? kthread_complete_and_exit+0x20/0x20 [ T292] ret_from_fork_asm+0x11/0x20 [ T292] To fix this issue igb_io_resume() checks if the interface is running and the device is not down this means igb_io_error_detected() did not bring the device down and there is no need to bring it up. Signed-off-by: Mohamed Khalfella Reviewed-by: Yuanyuan Zhong Fixes: 004d25060c78 ("igb: Fix igb_down hung on surprise removal") Reviewed-by: Simon Horman Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit dac6c7b3d33756d6ce09f00a96ea2ecd79fae9fb Author: Aleksandr Loktionov Date: Mon Sep 23 11:12:19 2024 +0200 i40e: Fix macvlan leak by synchronizing access to mac_filter_hash This patch addresses a macvlan leak issue in the i40e driver caused by concurrent access to vsi->mac_filter_hash. The leak occurs when multiple threads attempt to modify the mac_filter_hash simultaneously, leading to inconsistent state and potential memory leaks. To fix this, we now wrap the calls to i40e_del_mac_filter() and zeroing vf->default_lan_addr.addr with spin_lock/unlock_bh(&vsi->mac_filter_hash_lock), ensuring atomic operations and preventing concurrent access. Additionally, we add lockdep_assert_held(&vsi->mac_filter_hash_lock) in i40e_add_mac_filter() to help catch similar issues in the future. Reproduction steps: 1. Spawn VFs and configure port vlan on them. 2. Trigger concurrent macvlan operations (e.g., adding and deleting portvlan and/or mac filters). 3. Observe the potential memory leak and inconsistent state in the mac_filter_hash. This synchronization ensures the integrity of the mac_filter_hash and prevents the described leak. Fixes: fed0d9f13266 ("i40e: Fix VF's MAC Address change on VM") Reviewed-by: Arkadiusz Kubalewski Signed-off-by: Aleksandr Loktionov Reviewed-by: Simon Horman Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 3953a1d1375247eafeeee24e69abb622f6acbd79 Author: Jason A. Donenfeld Date: Mon Oct 7 23:45:58 2024 +0200 selftests: vDSO: improve getrandom and chacha error messages Improve the error and skip condition messages to let the developer know precisely where a test has failed. Also make better use of the ksft api for this. Signed-off-by: Jason A. Donenfeld Signed-off-by: Shuah Khan commit fe6305cbc753766191da33b819f82f88986d3ca1 Author: Jason A. Donenfeld Date: Mon Oct 7 23:45:57 2024 +0200 selftests: vDSO: unconditionally build getrandom test Rather than building on supported archs, build on all archs, and then use the presence of the symbol in the vDSO to either skip the test or move forward with it. Note that this means that this test no longer checks whether the symbol was correctly added to the kernel. But hopefully this will be clear enough to developers and we'll cross our fingers that symbols aren't removed by accident and not caught after this change. Signed-off-by: Jason A. Donenfeld Signed-off-by: Shuah Khan commit 3b5992eaf730bf6c48e2dc8b4ebf360c43e973a7 Author: Jason A. Donenfeld Date: Mon Oct 7 23:45:56 2024 +0200 selftests: vDSO: unconditionally build chacha test Rather than using symlinks to find the vgetrandom-chacha.S file for each arch, store this in a file that uses the compiler to determine architecture, and then make use of weak symbols to skip the test on architectures that don't provide the code. Signed-off-by: Jason A. Donenfeld Signed-off-by: Shuah Khan commit bce9af1b030bf59d51bbabf909a3ef164787e44e Author: Marcin Szycik Date: Fri Sep 27 17:15:40 2024 +0200 ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid memory operations. This is caused by not reallocating some arrays. Reproducer: modprobe ice echo 0 > /sys/bus/pci/devices/$PF_PCI/sriov_drivers_autoprobe echo 1 > /sys/bus/pci/devices/$PF_PCI/sriov_numvfs echo 17 > /sys/bus/pci/devices/$VF0_PCI/sriov_vf_msix_count Default MSI-X is 16, so 17 and above triggers this issue. KASAN reports: BUG: KASAN: slab-out-of-bounds in ice_vsi_alloc_ring_stats+0x38d/0x4b0 [ice] Read of size 8 at addr ffff8888b937d180 by task bash/28433 (...) Call Trace: (...) ? ice_vsi_alloc_ring_stats+0x38d/0x4b0 [ice] kasan_report+0xed/0x120 ? ice_vsi_alloc_ring_stats+0x38d/0x4b0 [ice] ice_vsi_alloc_ring_stats+0x38d/0x4b0 [ice] ice_vsi_cfg_def+0x3360/0x4770 [ice] ? mutex_unlock+0x83/0xd0 ? __pfx_ice_vsi_cfg_def+0x10/0x10 [ice] ? __pfx_ice_remove_vsi_lkup_fltr+0x10/0x10 [ice] ice_vsi_cfg+0x7f/0x3b0 [ice] ice_vf_reconfig_vsi+0x114/0x210 [ice] ice_sriov_set_msix_vec_count+0x3d0/0x960 [ice] sriov_vf_msix_count_store+0x21c/0x300 (...) Allocated by task 28201: (...) ice_vsi_cfg_def+0x1c8e/0x4770 [ice] ice_vsi_cfg+0x7f/0x3b0 [ice] ice_vsi_setup+0x179/0xa30 [ice] ice_sriov_configure+0xcaa/0x1520 [ice] sriov_numvfs_store+0x212/0x390 (...) To fix it, use ice_vsi_rebuild() instead of ice_vf_reconfig_vsi(). This causes the required arrays to be reallocated taking the new queue count into account (ice_vsi_realloc_stat_arrays()). Set req_txq and req_rxq before ice_vsi_rebuild(), so that realloc uses the newly set queue count. Additionally, ice_vsi_rebuild() does not remove VSI filters (ice_fltr_remove_all()), so ice_vf_init_host_cfg() is no longer necessary. Reported-by: Jacob Keller Fixes: 2a2cb4c6c181 ("ice: replace ice_vf_recreate_vsi() with ice_vf_reconfig_vsi()") Reviewed-by: Michal Swiatkowski Signed-off-by: Marcin Szycik Reviewed-by: Simon Horman Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit fbcb968a98ac0b71f5a2bda2751d7a32d201f90d Author: Wojciech Drewek Date: Fri Sep 27 14:38:01 2024 +0200 ice: Flush FDB entries before reset Triggering the reset while in switchdev mode causes errors[1]. Rules are already removed by this time because switch content is flushed in case of the reset. This means that rules were deleted from HW but SW still thinks they exist so when we get SWITCHDEV_FDB_DEL_TO_DEVICE notification we try to delete not existing rule. We can avoid these errors by clearing the rules early in the reset flow before they are removed from HW. Switchdev API will get notified that the rule was removed so we won't get SWITCHDEV_FDB_DEL_TO_DEVICE notification. Remove unnecessary ice_clear_sw_switch_recipes. [1] ice 0000:01:00.0: Failed to delete FDB forward rule, err: -2 ice 0000:01:00.0: Failed to delete FDB guard rule, err: -2 Fixes: 7c945a1a8e5f ("ice: Switchdev FDB events support") Reviewed-by: Mateusz Polchlopek Signed-off-by: Wojciech Drewek Tested-by: Sujai Buvaneswaran Signed-off-by: Tony Nguyen commit 8e60dbcbaaa177dacef55a61501790e201bf8c88 Author: Marcin Szycik Date: Tue Sep 24 12:04:24 2024 +0200 ice: Fix netif_is_ice() in Safe Mode netif_is_ice() works by checking the pointer to netdev ops. However, it only checks for the default ice_netdev_ops, not ice_netdev_safe_mode_ops, so in Safe Mode it always returns false, which is unintuitive. While it doesn't look like netif_is_ice() is currently being called anywhere in Safe Mode, this could change and potentially lead to unexpected behaviour. Fixes: df006dd4b1dc ("ice: Add initial support framework for LAG") Reviewed-by: Przemek Kitszel Signed-off-by: Marcin Szycik Reviewed-by: Brett Creeley Tested-by: Sujai Buvaneswaran Signed-off-by: Tony Nguyen commit b972060a47780aa2d46441e06b354156455cc877 Author: Marcin Szycik Date: Tue Sep 24 12:04:23 2024 +0200 ice: Fix entering Safe Mode If DDP package is missing or corrupted, the driver should enter Safe Mode. Instead, an error is returned and probe fails. To fix this, don't exit init if ice_init_ddp_config() returns an error. Repro: * Remove or rename DDP package (/lib/firmware/intel/ice/ddp/ice.pkg) * Load ice Fixes: cc5776fe1832 ("ice: Enable switching default Tx scheduler topology") Reviewed-by: Przemek Kitszel Signed-off-by: Marcin Szycik Reviewed-by: Brett Creeley Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit 9c7072df535bd7db475d32c7da76c7d241c08ab1 Author: Tokunori Ikegami Date: Sat Oct 5 20:30:22 2024 +0900 nvme: delete unnecessary fallthru comment Signed-off-by: Tokunori Ikegami Signed-off-by: Keith Busch commit 40f0e5dc2f3c866bef3fccf398114b90c6136dfa Author: Guixin Liu Date: Tue Oct 8 17:37:08 2024 +0800 nvmet-rdma: use sbitmap to replace rsp free list We can use sbitmap to manage all the nvmet_rdma_rsp instead of using free lists and spinlock, and we can use an additional tag to determine whether the nvmet_rdma_rsp is extra allocated. In addition, performance has improved: 1. testing environment is local rxe rdma devie and mem-based backstore device. 2. fio command, test the average 5 times: fio -filename=/dev/nvme0n1 --ioengine=libaio -direct=1 -size=1G -name=1 -thread -runtime=60 -time_based -rw=read -numjobs=16 -iodepth=128 -bs=4k -group_reporting 3. Before: 241k IOPS, After: 256k IOPS, an increase of about 5%. Signed-off-by: Guixin Liu Reviewed-by: Jens Axboe commit 75b607fab38d149f232f01eae5e6392b394dd659 Merge: 5b7c893ed5ed0f e0ed52154e866a Author: Linus Torvalds Date: Tue Oct 8 12:54:04 2024 -0700 Merge tag 'sched_ext-for-6.12-rc2-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext Pull sched_ext fixes from Tejun Heo: - ops.enqueue() didn't have a way to tell whether select_task_rq_scx() and thus ops.select() were skipped. Some schedulers were incorrectly using SCX_ENQ_WAKEUP. Add SCX_ENQ_CPU_SELECTED and fix scx_qmap using it. - Remove a spurious WARN_ON_ONCE() in scx_cgroup_exit() - Fix error information clobbering during load - Add missing __weak markers to BPF helper declarations - Doc update * tag 'sched_ext-for-6.12-rc2-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext: sched_ext: Documentation: Update instructions for running example schedulers sched_ext, scx_qmap: Add and use SCX_ENQ_CPU_SELECTED sched/core: Add ENQUEUE_RQ_SELECTED to indicate whether ->select_task_rq() was called sched/core: Make select_task_rq() take the pointer to wake_flags instead of value sched_ext: scx_cgroup_exit() may be called without successful scx_cgroup_init() sched_ext: Improve error reporting during loading sched_ext: Add __weak markers to BPF helper function decalarations commit b24d7f0da6ef5a23456a301eaf51b170f961d4ae Author: Thomas Weißschuh Date: Sat Oct 5 02:06:28 2024 +0200 bpf, lsm: Remove bpf_lsm_key_free hook The key_free LSM hook has been removed. Remove the corresponding BPF hook. Avoid warnings during the build: BTFIDS vmlinux WARN: resolve_btfids: unresolved symbol bpf_lsm_key_free Fixes: 5f8d28f6d7d5 ("lsm: infrastructure management of the key security blob") Signed-off-by: Thomas Weißschuh Signed-off-by: Andrii Nakryiko Acked-by: Song Liu Acked-by: Jiri Olsa Link: https://lore.kernel.org/bpf/20241005-lsm-key_free-v1-1-42ea801dbd63@weissschuh.net commit 01ecc142ef7c8c5081a39be81c1d8ab7c10dd7b8 Author: Uwe Kleine-König Date: Mon Oct 7 18:35:17 2024 +0200 fbdev: Switch back to struct platform_driver::remove() After commit 0edb555a65d1 ("platform: Make platform_driver::remove() return void") .remove() is (again) the right callback to implement for platform drivers. Convert all platform drivers below drivers/video/fbdev to use .remove(), with the eventual goal to drop struct platform_driver::remove_new(). As .remove() and .remove_new() have the same prototypes, conversion is done by just changing the structure member name in the driver initializer. While touching these files, make indention of the struct initializer consistent in several files. Signed-off-by: Uwe Kleine-König Reviewed-by: Thomas Zimmermann Signed-off-by: Helge Deller commit 3fb0eea8a1c4be5884e0731ea76cbd3ce126e1f3 Author: Zhang Rui Date: Mon Sep 30 16:18:01 2024 +0800 thermal: intel: int340x: processor: Add MMIO RAPL PL4 support Similar to the MSR RAPL interface, MMIO RAPL supports PL4 too, so add MMIO RAPL PL4d support to the processor_thermal driver. As a result, the powercap sysfs for MMIO RAPL will show a new "peak power" constraint. Signed-off-by: Zhang Rui Reviewed-by: Srinivas Pandruvada Link: https://patch.msgid.link/20240930081801.28502-7-rui.zhang@intel.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit bfc6819e4bf56a55df6178f93241b5845ad672eb Author: Zhang Rui Date: Mon Sep 30 16:18:00 2024 +0800 thermal: intel: int340x: processor: Remove MMIO RAPL CPU hotplug support CPU0/package0 is always online and the MMIO RAPL driver runs on single package systems only, so there is no need to handle CPU hotplug in it. Always register a RAPL package device for package 0 and remove the unnecessary CPU hotplug support. Signed-off-by: Zhang Rui Reviewed-by: Srinivas Pandruvada Link: https://patch.msgid.link/20240930081801.28502-6-rui.zhang@intel.com [ rjw: Subject edits ] Signed-off-by: Rafael J. Wysocki commit f517ff174ab79dd59f538a9aa2770cd3ee6dd48b Author: Sumeet Pawnikar Date: Mon Sep 30 16:17:59 2024 +0800 powercap: intel_rapl_msr: Add PL4 support for Arrowlake-U Add PL4 support for ArrowLake-U platform. Signed-off-by: Sumeet Pawnikar Signed-off-by: Zhang Rui Reviewed-by: Srinivas Pandruvada Link: https://patch.msgid.link/20240930081801.28502-5-rui.zhang@intel.com Signed-off-by: Rafael J. Wysocki commit 1d390923974cc233245649cf23833e06b15a9ef7 Author: Zhang Rui Date: Mon Sep 30 16:17:58 2024 +0800 powercap: intel_rapl_tpmi: Ignore minor version change The hardware definition of every TPMI feature contains a major and minor version. When there is a change in the MMIO offset or change in the definition of a field, hardware will change major version. For addition of new fields without modifying existing MMIO offsets or fields, only the minor version is changed. If the driver has not been updated to recognize a new hardware major version, it cannot provide the RAPL interface to users due to possible register layout incompatibilities. However, the driver does not need to be updated every time the hardware minor version changes because in that case it will just miss some new functionality exposed by the hardware. The current implementation causes the driver to refuse to work for any hardware version change which is unnecessarily restrictive. If there is a minor version mismatch, log an information message and continue, but if there is a major version mismatch, log a warning and exit (as before). Signed-off-by: Zhang Rui Reviewed-by: Srinivas Pandruvada Link: https://patch.msgid.link/20240930081801.28502-4-rui.zhang@intel.com Fixes: 9eef7f9da928 ("powercap: intel_rapl: Introduce RAPL TPMI interface driver") [ rjw: Changelog edits ] Signed-off-by: Rafael J. Wysocki commit 52009b419355195912a628d0a9847922e90c348c Author: Felix Fietkau Date: Sun Oct 6 17:36:30 2024 +0200 wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys Sync iterator conditions with ieee80211_iter_keys_rcu. Fixes: 830af02f24fb ("mac80211: allow driver to iterate keys") Signed-off-by: Felix Fietkau Link: https://patch.msgid.link/20241006153630.87885-1-nbd@nbd.name Signed-off-by: Johannes Berg commit 57be3d3562ca4aa62b8047bc681028cc402af8ce Author: Gustavo A. R. Silva Date: Fri Oct 4 14:14:44 2024 -0600 wifi: radiotap: Avoid -Wflex-array-member-not-at-end warnings -Wflex-array-member-not-at-end was introduced in GCC-14, and we are getting ready to enable it, globally. So, in order to avoid ending up with a flexible-array member in the middle of multiple other structs, we use the `__struct_group()` helper to create a new tagged `struct ieee80211_radiotap_header_fixed`. This structure groups together all the members of the flexible `struct ieee80211_radiotap_header` except the flexible array. As a result, the array is effectively separated from the rest of the members without modifying the memory layout of the flexible structure. We then change the type of the middle struct members currently causing trouble from `struct ieee80211_radiotap_header` to `struct ieee80211_radiotap_header_fixed`. We also want to ensure that in case new members need to be added to the flexible structure, they are always included within the newly created tagged struct. For this, we use `static_assert()`. This ensures that the memory layout for both the flexible structure and the new tagged struct is the same after any changes. This approach avoids having to implement `struct ieee80211_radiotap_header_fixed` as a completely separate structure, thus preventing having to maintain two independent but basically identical structures, closing the door to potential bugs in the future. So, with these changes, fix the following warnings: drivers/net/wireless/ath/wil6210/txrx.c:309:50: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/ipw2x00/ipw2100.c:2521:50: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/ipw2x00/ipw2200.h:1146:42: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/ipw2x00/libipw.h:595:36: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/marvell/libertas/radiotap.h:34:42: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/marvell/libertas/radiotap.h:5:42: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/microchip/wilc1000/mon.c:10:42: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/microchip/wilc1000/mon.c:15:42: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/virtual/mac80211_hwsim.c:758:42: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/virtual/mac80211_hwsim.c:767:42: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva Link: https://patch.msgid.link/ZwBMtBZKcrzwU7l4@kspp Signed-off-by: Johannes Berg commit 393b6bc174b0dd21bb2a36c13b36e62fc3474a23 Author: Felix Fietkau Date: Wed Oct 2 11:56:30 2024 +0200 wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower Avoid potentially crashing in the driver because of uninitialized private data Fixes: 5b3dc42b1b0d ("mac80211: add support for driver tx power reporting") Cc: stable@vger.kernel.org Signed-off-by: Felix Fietkau Link: https://patch.msgid.link/20241002095630.22431-1-nbd@nbd.name Signed-off-by: Johannes Berg commit 4cc6f3e5e5765abad9c091989970d67d8c1d2204 Author: Remi Pommarel Date: Tue Sep 24 21:28:05 2024 +0200 wifi: mac80211: Convert color collision detection to wiphy work Call to ieee80211_color_collision_detection_work() needs wiphy lock to be held (see lockdep assert in cfg80211_bss_color_notify()). Not locking wiphy causes the following lockdep error: WARNING: CPU: 2 PID: 42 at net/wireless/nl80211.c:19505 cfg80211_bss_color_notify+0x1a4/0x25c Modules linked in: CPU: 2 PID: 42 Comm: kworker/u8:3 Tainted: G W 6.4.0-02327-g36c6cb260481 #1048 Hardware name: Workqueue: phy1 ieee80211_color_collision_detection_work pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : cfg80211_bss_color_notify+0x1a4/0x25c lr : cfg80211_bss_color_notify+0x1a0/0x25c sp : ffff000002947d00 x29: ffff000002947d00 x28: ffff800008e1a000 x27: ffff000002bd4705 x26: ffff00000d034000 x25: ffff80000903cf40 x24: 0000000000000000 x23: ffff00000cb70720 x22: 0000000000800000 x21: ffff800008dfb008 x20: 000000000000008d x19: ffff00000d035fa8 x18: 0000000000000010 x17: 0000000000000001 x16: 000003564b1ce96a x15: 000d69696d057970 x14: 000000000000003b x13: 0000000000000001 x12: 0000000000040000 x11: 0000000000000001 x10: ffff80000978f9c0 x9 : ffff0000028d3174 x8 : ffff800008e30000 x7 : 0000000000000000 x6 : 0000000000000028 x5 : 000000000002f498 x4 : ffff00000d034a80 x3 : 0000000000800000 x2 : ffff800016143000 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: cfg80211_bss_color_notify+0x1a4/0x25c ieee80211_color_collision_detection_work+0x20/0x118 process_one_work+0x294/0x554 worker_thread+0x70/0x440 kthread+0xf4/0xf8 ret_from_fork+0x10/0x20 irq event stamp: 77372 hardirqs last enabled at (77371): [] _raw_spin_unlock_irq+0x2c/0x4c hardirqs last disabled at (77372): [] el1_dbg+0x20/0x48 softirqs last enabled at (77350): [] batadv_send_outstanding_bcast_packet+0xb8/0x120 softirqs last disabled at (77348): [] batadv_send_outstanding_bcast_packet+0x80/0x120 The wiphy lock cannot be taken directly from color collision detection delayed work (ieee80211_color_collision_detection_work()) because this work is cancel_delayed_work_sync() under this wiphy lock causing a potential deadlock( see [0] for details). To fix that ieee80211_color_collision_detection_work() could be converted to a wiphy work and cancel_delayed_work_sync() can be simply replaced by wiphy_delayed_work_cancel() serving the same purpose under wiphy lock. This could potentially fix [1]. [0]: https://lore.kernel.org/linux-wireless/D4A40Q44OAY2.W3SIF6UEPBUN@freebox.fr/ [1]: https://lore.kernel.org/lkml/000000000000612f290618eee3e5@google.com/ Reported-by: Nicolas Escande Signed-off-by: Remi Pommarel Link: https://patch.msgid.link/20240924192805.13859-3-repk@triplefau.lt Signed-off-by: Johannes Berg commit 68d0021fe7231eec0fb84cd110cf62a6e782b72d Author: Remi Pommarel Date: Tue Sep 24 21:28:04 2024 +0200 wifi: cfg80211: Add wiphy_delayed_work_pending() Add wiphy_delayed_work_pending() to check if any delayed work timer is pending, that can be used to be sure that wiphy_delayed_work_queue() won't postpone an already pending delayed work. Signed-off-by: Remi Pommarel Link: https://patch.msgid.link/20240924192805.13859-2-repk@triplefau.lt [fix return value kernel-doc] Signed-off-by: Johannes Berg commit 2b6a3f857550e52b1cd4872ebb13cb3e3cf12f5f Author: Diederik de Haas Date: Tue Oct 8 13:15:39 2024 +0200 arm64: dts: rockchip: Fix reset-gpios property on brcm BT nodes For most compatibles, the "brcm,bluetooth.yaml" binding doesn't allow the 'reset-gpios' property, but there is a 'shutdown-gpios' property. Page 12 of the AzureWave-CM256SM datasheet (v1.9) has the following wrt pin 34 'BT_REG_ON' (connected to GPIO0_C4_d on the PineNote): Used by PMU to power up or power down the internal regulators used by the Bluetooth section. Also, when deasserted, this pin holds the Bluetooth section in reset. This pin has an internal 200k ohm pull down resistor that is enabled by default. So it is safe to replace 'reset-gpios' with 'shutdown-gpios'. Fixes: d449121e5e8a ("arm64: dts: rockchip: Add Pine64 PineNote board") Signed-off-by: Diederik de Haas Link: https://lore.kernel.org/r/20241008113344.23957-5-didi.debian@cknow.org Signed-off-by: Heiko Stuebner commit 87299d6ee95a37d2d576dd8077ea6860f77ad8e2 Author: Diederik de Haas Date: Tue Oct 8 13:15:38 2024 +0200 arm64: dts: rockchip: Fix wakeup prop names on PineNote BT node The "brcm,bluetooth.yaml" binding has 'device-wakeup-gpios' and 'host-wakeup-gpios' property names, not '*-wake-gpios'. Fix the incorrect property names. Note that the "realtek,bluetooth.yaml" binding does use the '*-wake-gpios' property names. Fixes: d449121e5e8a ("arm64: dts: rockchip: Add Pine64 PineNote board") Signed-off-by: Diederik de Haas Link: https://lore.kernel.org/r/20241008113344.23957-4-didi.debian@cknow.org Signed-off-by: Heiko Stuebner commit de50a7e3681771c6b990238af82bf1dea9b11b21 Author: Diederik de Haas Date: Tue Oct 8 13:15:37 2024 +0200 arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 The "synopsys,dw-hdmi.yaml" binding specifies that the interrupts property of the hdmi node has 'maxItems: 1', so the hdmi node in rk3328.dtsi having 2 is incorrect. Paragraph 1.3 ("System Interrupt connection") of the RK3328 TRM v1.1 page 16 and 17 define the following hdmi related interrupts: - 67 hdmi_intr - 103 hdmi_intr_wakeup The difference of 32 is due to a different base used in the TRM. The RK3399 (which uses the same binding) has '23: hdmi_irq' and '24: hdmi_wakeup_irq' according to its TRM (page 19). The RK3568 (also same binding) has '76: hdmi_wakeup' and '77: hdmi' according to page 17 of its TRM. In both cases the non-wakeup IRQ was used, so use that too for rk3328. Helped-by: Heiko Stuebner Fixes: 725e351c265a ("arm64: dts: rockchip: add rk3328 display nodes") Signed-off-by: Diederik de Haas Link: https://lore.kernel.org/r/20241008113344.23957-3-didi.debian@cknow.org Signed-off-by: Heiko Stuebner commit e1a9ae3a73810c00e492485fdbae09f0dccb057e Author: Chenming Huang Date: Mon Sep 23 07:46:44 2024 +0530 wifi: cfg80211: Do not create BSS entries for unsupported channels Currently, in cfg80211_parse_ml_elem_sta_data(), when RNR element indicates a BSS that operates in a channel that current regulatory domain doesn't support, a NULL value is returned by ieee80211_get_channel_khz() and assigned to this BSS entry's channel field. Later in cfg80211_inform_single_bss_data(), the reported BSS entry's channel will be wrongly overridden by transmitted BSS's. This could result in connection failure that when wpa_supplicant tries to select this reported BSS entry while it actually resides in an unsupported channel. Since this channel is not supported, it is reasonable to skip such entries instead of reporting wrong information. Signed-off-by: Chenming Huang Link: https://patch.msgid.link/20240923021644.12885-1-quic_chenhuan@quicinc.com Signed-off-by: Johannes Berg commit 8dd0498983eef524a8d104eb8abb32ec4c595bec Author: Ben Greear Date: Mon Sep 23 18:13:25 2024 -0700 wifi: mac80211: Fix setting txpower with emulate_chanctx Propagate hw conf into the driver when txpower changes and driver is emulating channel contexts. Signed-off-by: Ben Greear Link: https://patch.msgid.link/20240924011325.1509103-1-greearb@candelatech.com Signed-off-by: Johannes Berg commit b3e046c31441d182b954fc2f57b2dc38c71ad4bc Author: Geert Uytterhoeven Date: Tue Sep 24 14:08:57 2024 +0200 mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING When tracing is disabled, there is no point in asking the user about enabling tracing of all mac80211 debug messages. Fixes: 3fae0273168026ed ("mac80211: trace debug messages") Signed-off-by: Geert Uytterhoeven Link: https://patch.msgid.link/85bbe38ce0df13350f45714e2dc288cc70947a19.1727179690.git.geert@linux-m68k.org Signed-off-by: Johannes Berg commit d5fd042bf4cfb557981d65628e1779a492cd8cfa Author: Nathan Chancellor Date: Tue Sep 17 09:02:53 2024 -0700 x86/resctrl: Annotate get_mem_config() functions as __init After a recent LLVM change [1] that deduces __cold on functions that only call cold code (such as __init functions), there is a section mismatch warning from __get_mem_config_intel(), which got moved to .text.unlikely. as a result of that optimization: WARNING: modpost: vmlinux: section mismatch in reference: \ __get_mem_config_intel+0x77 (section: .text.unlikely.) -> thread_throttle_mode_init (section: .init.text) Mark __get_mem_config_intel() as __init as well since it is only called from __init code, which clears up the warning. While __rdt_get_mem_config_amd() does not exhibit a warning because it does not call any __init code, it is a similar function that is only called from __init code like __get_mem_config_intel(), so mark it __init as well to keep the code symmetrical. CONFIG_SECTION_MISMATCH_WARN_ONLY=n would turn this into a fatal error. Fixes: 05b93417ce5b ("x86/intel_rdt/mba: Add primary support for Memory Bandwidth Allocation (MBA)") Fixes: 4d05bf71f157 ("x86/resctrl: Introduce AMD QOS feature") Signed-off-by: Nathan Chancellor Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Reinette Chatre Cc: Link: https://github.com/llvm/llvm-project/commit/6b11573b8c5e3d36beee099dbe7347c2a007bf53 [1] Link: https://lore.kernel.org/r/20240917-x86-restctrl-get_mem_config_intel-init-v3-1-10d521256284@kernel.org commit 07c90acb071b9954e1fecb1e4f4f13d12c544b34 Author: Ville Syrjälä Date: Tue Oct 1 23:07:45 2024 +0300 wifi: iwlegacy: Clear stale interrupts before resuming device iwl4965 fails upon resume from hibernation on my laptop. The reason seems to be a stale interrupt which isn't being cleared out before interrupts are enabled. We end up with a race beween the resume trying to bring things back up, and the restart work (queued form the interrupt handler) trying to bring things down. Eventually the whole thing blows up. Fix the problem by clearing out any stale interrupts before interrupts get enabled during resume. Here's a debug log of the indicent: [ 12.042589] ieee80211 phy0: il_isr ISR inta 0x00000080, enabled 0xaa00008b, fh 0x00000000 [ 12.042625] ieee80211 phy0: il4965_irq_tasklet inta 0x00000080, enabled 0x00000000, fh 0x00000000 [ 12.042651] iwl4965 0000:10:00.0: RF_KILL bit toggled to enable radio. [ 12.042653] iwl4965 0000:10:00.0: On demand firmware reload [ 12.042690] ieee80211 phy0: il4965_irq_tasklet End inta 0x00000000, enabled 0xaa00008b, fh 0x00000000, flags 0x00000282 [ 12.052207] ieee80211 phy0: il4965_mac_start enter [ 12.052212] ieee80211 phy0: il_prep_station Add STA to driver ID 31: ff:ff:ff:ff:ff:ff [ 12.052244] ieee80211 phy0: il4965_set_hw_ready hardware ready [ 12.052324] ieee80211 phy0: il_apm_init Init card's basic functions [ 12.052348] ieee80211 phy0: il_apm_init L1 Enabled; Disabling L0S [ 12.055727] ieee80211 phy0: il4965_load_bsm Begin load bsm [ 12.056140] ieee80211 phy0: il4965_verify_bsm Begin verify bsm [ 12.058642] ieee80211 phy0: il4965_verify_bsm BSM bootstrap uCode image OK [ 12.058721] ieee80211 phy0: il4965_load_bsm BSM write complete, poll 1 iterations [ 12.058734] ieee80211 phy0: __il4965_up iwl4965 is coming up [ 12.058737] ieee80211 phy0: il4965_mac_start Start UP work done. [ 12.058757] ieee80211 phy0: __il4965_down iwl4965 is going down [ 12.058761] ieee80211 phy0: il_scan_cancel_timeout Scan cancel timeout [ 12.058762] ieee80211 phy0: il_do_scan_abort Not performing scan to abort [ 12.058765] ieee80211 phy0: il_clear_ucode_stations Clearing ucode stations in driver [ 12.058767] ieee80211 phy0: il_clear_ucode_stations No active stations found to be cleared [ 12.058819] ieee80211 phy0: _il_apm_stop Stop card, put in low power state [ 12.058827] ieee80211 phy0: _il_apm_stop_master stop master [ 12.058864] ieee80211 phy0: il4965_clear_free_frames 0 frames on pre-allocated heap on clear. [ 12.058869] ieee80211 phy0: Hardware restart was requested [ 16.132299] iwl4965 0000:10:00.0: START_ALIVE timeout after 4000ms. [ 16.132303] ------------[ cut here ]------------ [ 16.132304] Hardware became unavailable upon resume. This could be a software issue prior to suspend or a hardware issue. [ 16.132338] WARNING: CPU: 0 PID: 181 at net/mac80211/util.c:1826 ieee80211_reconfig+0x8f/0x14b0 [mac80211] [ 16.132390] Modules linked in: ctr ccm sch_fq_codel xt_tcpudp xt_multiport xt_state iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv4 ip_tables x_tables binfmt_misc joydev mousedev btusb btrtl btintel btbcm bluetooth ecdh_generic ecc iTCO_wdt i2c_dev iwl4965 iwlegacy coretemp snd_hda_codec_analog pcspkr psmouse mac80211 snd_hda_codec_generic libarc4 sdhci_pci cqhci sha256_generic sdhci libsha256 firewire_ohci snd_hda_intel snd_intel_dspcfg mmc_core snd_hda_codec snd_hwdep firewire_core led_class iosf_mbi snd_hda_core uhci_hcd lpc_ich crc_itu_t cfg80211 ehci_pci ehci_hcd snd_pcm usbcore mfd_core rfkill snd_timer snd usb_common soundcore video parport_pc parport intel_agp wmi intel_gtt backlight e1000e agpgart evdev [ 16.132456] CPU: 0 UID: 0 PID: 181 Comm: kworker/u8:6 Not tainted 6.11.0-cl+ #143 [ 16.132460] Hardware name: Hewlett-Packard HP Compaq 6910p/30BE, BIOS 68MCU Ver. F.19 07/06/2010 [ 16.132463] Workqueue: async async_run_entry_fn [ 16.132469] RIP: 0010:ieee80211_reconfig+0x8f/0x14b0 [mac80211] [ 16.132501] Code: da 02 00 00 c6 83 ad 05 00 00 00 48 89 df e8 98 1b fc ff 85 c0 41 89 c7 0f 84 e9 02 00 00 48 c7 c7 a0 e6 48 a0 e8 d1 77 c4 e0 <0f> 0b eb 2d 84 c0 0f 85 8b 01 00 00 c6 87 ad 05 00 00 00 e8 69 1b [ 16.132504] RSP: 0018:ffffc9000029fcf0 EFLAGS: 00010282 [ 16.132507] RAX: 0000000000000000 RBX: ffff8880072008e0 RCX: 0000000000000001 [ 16.132509] RDX: ffffffff81f21a18 RSI: 0000000000000086 RDI: 0000000000000001 [ 16.132510] RBP: ffff8880072003c0 R08: 0000000000000000 R09: 0000000000000003 [ 16.132512] R10: 0000000000000000 R11: ffff88807e5b0000 R12: 0000000000000001 [ 16.132514] R13: 0000000000000000 R14: 0000000000000000 R15: 00000000ffffff92 [ 16.132515] FS: 0000000000000000(0000) GS:ffff88807c200000(0000) knlGS:0000000000000000 [ 16.132517] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 16.132519] CR2: 000055dd43786c08 CR3: 000000000978f000 CR4: 00000000000006f0 [ 16.132521] Call Trace: [ 16.132525] [ 16.132526] ? __warn+0x77/0x120 [ 16.132532] ? ieee80211_reconfig+0x8f/0x14b0 [mac80211] [ 16.132564] ? report_bug+0x15c/0x190 [ 16.132568] ? handle_bug+0x36/0x70 [ 16.132571] ? exc_invalid_op+0x13/0x60 [ 16.132573] ? asm_exc_invalid_op+0x16/0x20 [ 16.132579] ? ieee80211_reconfig+0x8f/0x14b0 [mac80211] [ 16.132611] ? snd_hdac_bus_init_cmd_io+0x24/0x200 [snd_hda_core] [ 16.132617] ? pick_eevdf+0x133/0x1c0 [ 16.132622] ? check_preempt_wakeup_fair+0x70/0x90 [ 16.132626] ? wakeup_preempt+0x4a/0x60 [ 16.132628] ? ttwu_do_activate.isra.0+0x5a/0x190 [ 16.132632] wiphy_resume+0x79/0x1a0 [cfg80211] [ 16.132675] ? wiphy_suspend+0x2a0/0x2a0 [cfg80211] [ 16.132697] dpm_run_callback+0x75/0x1b0 [ 16.132703] device_resume+0x97/0x200 [ 16.132707] async_resume+0x14/0x20 [ 16.132711] async_run_entry_fn+0x1b/0xa0 [ 16.132714] process_one_work+0x13d/0x350 [ 16.132718] worker_thread+0x2be/0x3d0 [ 16.132722] ? cancel_delayed_work_sync+0x70/0x70 [ 16.132725] kthread+0xc0/0xf0 [ 16.132729] ? kthread_park+0x80/0x80 [ 16.132732] ret_from_fork+0x28/0x40 [ 16.132735] ? kthread_park+0x80/0x80 [ 16.132738] ret_from_fork_asm+0x11/0x20 [ 16.132741] [ 16.132742] ---[ end trace 0000000000000000 ]--- [ 16.132930] ------------[ cut here ]------------ [ 16.132932] WARNING: CPU: 0 PID: 181 at net/mac80211/driver-ops.c:41 drv_stop+0xe7/0xf0 [mac80211] [ 16.132957] Modules linked in: ctr ccm sch_fq_codel xt_tcpudp xt_multiport xt_state iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv4 ip_tables x_tables binfmt_misc joydev mousedev btusb btrtl btintel btbcm bluetooth ecdh_generic ecc iTCO_wdt i2c_dev iwl4965 iwlegacy coretemp snd_hda_codec_analog pcspkr psmouse mac80211 snd_hda_codec_generic libarc4 sdhci_pci cqhci sha256_generic sdhci libsha256 firewire_ohci snd_hda_intel snd_intel_dspcfg mmc_core snd_hda_codec snd_hwdep firewire_core led_class iosf_mbi snd_hda_core uhci_hcd lpc_ich crc_itu_t cfg80211 ehci_pci ehci_hcd snd_pcm usbcore mfd_core rfkill snd_timer snd usb_common soundcore video parport_pc parport intel_agp wmi intel_gtt backlight e1000e agpgart evdev [ 16.133014] CPU: 0 UID: 0 PID: 181 Comm: kworker/u8:6 Tainted: G W 6.11.0-cl+ #143 [ 16.133018] Tainted: [W]=WARN [ 16.133019] Hardware name: Hewlett-Packard HP Compaq 6910p/30BE, BIOS 68MCU Ver. F.19 07/06/2010 [ 16.133021] Workqueue: async async_run_entry_fn [ 16.133025] RIP: 0010:drv_stop+0xe7/0xf0 [mac80211] [ 16.133048] Code: 48 85 c0 74 0e 48 8b 78 08 89 ea 48 89 de e8 e0 87 04 00 65 ff 0d d1 de c4 5f 0f 85 42 ff ff ff e8 be 52 c2 e0 e9 38 ff ff ff <0f> 0b 5b 5d c3 0f 1f 40 00 41 54 49 89 fc 55 53 48 89 f3 2e 2e 2e [ 16.133050] RSP: 0018:ffffc9000029fc50 EFLAGS: 00010246 [ 16.133053] RAX: 0000000000000000 RBX: ffff8880072008e0 RCX: ffff88800377f6c0 [ 16.133054] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff8880072008e0 [ 16.133056] RBP: 0000000000000000 R08: ffffffff81f238d8 R09: 0000000000000000 [ 16.133058] R10: ffff8880080520f0 R11: 0000000000000000 R12: ffff888008051c60 [ 16.133060] R13: ffff8880072008e0 R14: 0000000000000000 R15: ffff8880072011d8 [ 16.133061] FS: 0000000000000000(0000) GS:ffff88807c200000(0000) knlGS:0000000000000000 [ 16.133063] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 16.133065] CR2: 000055dd43786c08 CR3: 000000000978f000 CR4: 00000000000006f0 [ 16.133067] Call Trace: [ 16.133069] [ 16.133070] ? __warn+0x77/0x120 [ 16.133075] ? drv_stop+0xe7/0xf0 [mac80211] [ 16.133098] ? report_bug+0x15c/0x190 [ 16.133100] ? handle_bug+0x36/0x70 [ 16.133103] ? exc_invalid_op+0x13/0x60 [ 16.133105] ? asm_exc_invalid_op+0x16/0x20 [ 16.133109] ? drv_stop+0xe7/0xf0 [mac80211] [ 16.133132] ieee80211_do_stop+0x55a/0x810 [mac80211] [ 16.133161] ? fq_codel_reset+0xa5/0xc0 [sch_fq_codel] [ 16.133164] ieee80211_stop+0x4f/0x180 [mac80211] [ 16.133192] __dev_close_many+0xa2/0x120 [ 16.133195] dev_close_many+0x90/0x150 [ 16.133198] dev_close+0x5d/0x80 [ 16.133200] cfg80211_shutdown_all_interfaces+0x40/0xe0 [cfg80211] [ 16.133223] wiphy_resume+0xb2/0x1a0 [cfg80211] [ 16.133247] ? wiphy_suspend+0x2a0/0x2a0 [cfg80211] [ 16.133269] dpm_run_callback+0x75/0x1b0 [ 16.133273] device_resume+0x97/0x200 [ 16.133277] async_resume+0x14/0x20 [ 16.133280] async_run_entry_fn+0x1b/0xa0 [ 16.133283] process_one_work+0x13d/0x350 [ 16.133287] worker_thread+0x2be/0x3d0 [ 16.133290] ? cancel_delayed_work_sync+0x70/0x70 [ 16.133294] kthread+0xc0/0xf0 [ 16.133296] ? kthread_park+0x80/0x80 [ 16.133299] ret_from_fork+0x28/0x40 [ 16.133302] ? kthread_park+0x80/0x80 [ 16.133304] ret_from_fork_asm+0x11/0x20 [ 16.133307] [ 16.133308] ---[ end trace 0000000000000000 ]--- [ 16.133335] ieee80211 phy0: PM: dpm_run_callback(): wiphy_resume [cfg80211] returns -110 [ 16.133360] ieee80211 phy0: PM: failed to restore async: error -110 Cc: stable@vger.kernel.org Cc: Stanislaw Gruszka Cc: Kalle Valo Cc: linux-wireless@vger.kernel.org Signed-off-by: Ville Syrjälä Acked-by: Stanislaw Gruszka Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20241001200745.8276-1-ville.syrjala@linux.intel.com commit e0ed52154e866a1e9e9b97ded50b164698f0a222 Author: Devaansh-Kumar Date: Tue Oct 8 19:56:20 2024 +0530 sched_ext: Documentation: Update instructions for running example schedulers Since the artifact paths for tools changed, we need to update the documentation to reflect that path. Signed-off-by: Devaansh-Kumar Signed-off-by: Tejun Heo commit 117932eea99b729ee5d12783601a4f7f5fd58a23 Author: Chen Ridong Date: Tue Oct 8 11:24:56 2024 +0000 cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction A hung_task problem shown below was found: INFO: task kworker/0:0:8 blocked for more than 327 seconds. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Workqueue: events cgroup_bpf_release Call Trace: __schedule+0x5a2/0x2050 ? find_held_lock+0x33/0x100 ? wq_worker_sleeping+0x9e/0xe0 schedule+0x9f/0x180 schedule_preempt_disabled+0x25/0x50 __mutex_lock+0x512/0x740 ? cgroup_bpf_release+0x1e/0x4d0 ? cgroup_bpf_release+0xcf/0x4d0 ? process_scheduled_works+0x161/0x8a0 ? cgroup_bpf_release+0x1e/0x4d0 ? mutex_lock_nested+0x2b/0x40 ? __pfx_delay_tsc+0x10/0x10 mutex_lock_nested+0x2b/0x40 cgroup_bpf_release+0xcf/0x4d0 ? process_scheduled_works+0x161/0x8a0 ? trace_event_raw_event_workqueue_execute_start+0x64/0xd0 ? process_scheduled_works+0x161/0x8a0 process_scheduled_works+0x23a/0x8a0 worker_thread+0x231/0x5b0 ? __pfx_worker_thread+0x10/0x10 kthread+0x14d/0x1c0 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x59/0x70 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1b/0x30 This issue can be reproduced by the following pressuse test: 1. A large number of cpuset cgroups are deleted. 2. Set cpu on and off repeatly. 3. Set watchdog_thresh repeatly. The scripts can be obtained at LINK mentioned above the signature. The reason for this issue is cgroup_mutex and cpu_hotplug_lock are acquired in different tasks, which may lead to deadlock. It can lead to a deadlock through the following steps: 1. A large number of cpusets are deleted asynchronously, which puts a large number of cgroup_bpf_release works into system_wq. The max_active of system_wq is WQ_DFL_ACTIVE(256). Consequently, all active works are cgroup_bpf_release works, and many cgroup_bpf_release works will be put into inactive queue. As illustrated in the diagram, there are 256 (in the acvtive queue) + n (in the inactive queue) works. 2. Setting watchdog_thresh will hold cpu_hotplug_lock.read and put smp_call_on_cpu work into system_wq. However step 1 has already filled system_wq, 'sscs.work' is put into inactive queue. 'sscs.work' has to wait until the works that were put into the inacvtive queue earlier have executed (n cgroup_bpf_release), so it will be blocked for a while. 3. Cpu offline requires cpu_hotplug_lock.write, which is blocked by step 2. 4. Cpusets that were deleted at step 1 put cgroup_release works into cgroup_destroy_wq. They are competing to get cgroup_mutex all the time. When cgroup_metux is acqured by work at css_killed_work_fn, it will call cpuset_css_offline, which needs to acqure cpu_hotplug_lock.read. However, cpuset_css_offline will be blocked for step 3. 5. At this moment, there are 256 works in active queue that are cgroup_bpf_release, they are attempting to acquire cgroup_mutex, and as a result, all of them are blocked. Consequently, sscs.work can not be executed. Ultimately, this situation leads to four processes being blocked, forming a deadlock. system_wq(step1) WatchDog(step2) cpu offline(step3) cgroup_destroy_wq(step4) ... 2000+ cgroups deleted asyn 256 actives + n inactives __lockup_detector_reconfigure P(cpu_hotplug_lock.read) put sscs.work into system_wq 256 + n + 1(sscs.work) sscs.work wait to be executed warting sscs.work finish percpu_down_write P(cpu_hotplug_lock.write) ...blocking... css_killed_work_fn P(cgroup_mutex) cpuset_css_offline P(cpu_hotplug_lock.read) ...blocking... 256 cgroup_bpf_release mutex_lock(&cgroup_mutex); ..blocking... To fix the problem, place cgroup_bpf_release works on a dedicated workqueue which can break the loop and solve the problem. System wqs are for misc things which shouldn't create a large number of concurrent work items. If something is going to generate >WQ_DFL_ACTIVE(256) concurrent work items, it should use its own dedicated workqueue. Fixes: 4bfc0bb2c60e ("bpf: decouple the lifetime of cgroup_bpf from cgroup itself") Cc: stable@vger.kernel.org # v5.3+ Link: https://lore.kernel.org/cgroups/e90c32d2-2a85-4f28-9154-09c7d320cb60@huawei.com/T/#t Tested-by: Vishal Chourasia Signed-off-by: Chen Ridong Signed-off-by: Tejun Heo commit 5b7c893ed5ed0fc1cbe28c0e3296a6fb45698486 Merge: b2760b83904413 48dbc127836a6f Author: Linus Torvalds Date: Tue Oct 8 10:53:06 2024 -0700 Merge tag 'ntfs3_for_6.12' of https://github.com/Paragon-Software-Group/linux-ntfs3 Pull ntfs3 updates from Konstantin Komarov: "New: - implement fallocate for compressed files - add support for the compression attribute - optimize large writes to sparse files Fixes: - fix several potential deadlock scenarios - fix various internal bugs detected by syzbot - add checks before accessing NTFS structures during parsing - correct the format of output messages Refactoring: - replace fsparam_flag_no with fsparam_flag in options parser - remove unused functions and macros" * tag 'ntfs3_for_6.12' of https://github.com/Paragon-Software-Group/linux-ntfs3: (25 commits) fs/ntfs3: Format output messages like others fs in kernel fs/ntfs3: Additional check in ntfs_file_release fs/ntfs3: Fix general protection fault in run_is_mapped_full fs/ntfs3: Sequential field availability check in mi_enum_attr() fs/ntfs3: Additional check in ni_clear() fs/ntfs3: Fix possible deadlock in mi_read ntfs3: Change to non-blocking allocation in ntfs_d_hash fs/ntfs3: Remove unused al_delete_le fs/ntfs3: Rename ntfs3_setattr into ntfs_setattr fs/ntfs3: Replace fsparam_flag_no -> fsparam_flag fs/ntfs3: Add support for the compression attribute fs/ntfs3: Implement fallocate for compressed files fs/ntfs3: Make checks in run_unpack more clear fs/ntfs3: Add rough attr alloc_size check fs/ntfs3: Stale inode instead of bad fs/ntfs3: Refactor enum_rstbl to suppress static checker fs/ntfs3: Fix sparse warning in ni_fiemap fs/ntfs3: Fix warning possible deadlock in ntfs_set_state fs/ntfs3: Fix sparse warning for bigendian fs/ntfs3: Separete common code for file_read/write iter/splice ... commit b2760b839044132c29234b648aa4f6a2877de234 Merge: 87d6aab2389e5c e934a35e3cc1fe Author: Linus Torvalds Date: Tue Oct 8 10:43:22 2024 -0700 Merge tag 'perf-tools-fixes-for-v6.12-1-2024-10-08' of git://git.kernel.org/pub/scm/linux/kernel/git/perf/perf-tools Pull perf tools fixes from Arnaldo Carvalho de Melo: - Fix an assert() to handle captured and unprocessed ARM CoreSight CPU traces - Fix static build compilation error when libdw isn't installed or is too old - Add missing include when building with !HAVE_DWARF_GETLOCATIONS_SUPPORT - Add missing refcount put on 32-bit DSOs - Fix disassembly of user space binaries by setting the binary_type of DSO when loading - Update headers with the kernel sources, including asound.h, sched.h, fcntl, msr-index.h, irq_vectors.h, socket.h, list_sort.c and arm64's cputype.h * tag 'perf-tools-fixes-for-v6.12-1-2024-10-08' of git://git.kernel.org/pub/scm/linux/kernel/git/perf/perf-tools: perf cs-etm: Fix the assert() to handle captured and unprocessed cpu trace perf build: Fix build feature-dwarf_getlocations fail for old libdw perf build: Fix static compilation error when libdw is not installed perf dwarf-aux: Fix build with !HAVE_DWARF_GETLOCATIONS_SUPPORT tools headers arm64: Sync arm64's cputype.h with the kernel sources perf tools: Cope with differences for lib/list_sort.c copy from the kernel tools check_headers.sh: Add check variant that excludes some hunks perf beauty: Update copy of linux/socket.h with the kernel sources tools headers UAPI: Sync the linux/in.h with the kernel sources perf trace beauty: Update the arch/x86/include/asm/irq_vectors.h copy with the kernel sources tools arch x86: Sync the msr-index.h copy with the kernel sources tools include UAPI: Sync linux/fcntl.h copy with the kernel sources tools include UAPI: Sync linux/sched.h copy with the kernel sources tools include UAPI: Sync sound/asound.h copy with the kernel sources perf vdso: Missed put on 32-bit dsos perf symbol: Set binary_type of dso when loading commit 7de7d35429aa2e9667e51b88ff097be968feaf8f Author: Chen Ni Date: Mon Sep 23 10:15:57 2024 +0800 iommu/arm-smmu-v3: Convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Fixes: e3b1be2e73db ("iommu/arm-smmu-v3: Reorganize struct arm_smmu_ctx_desc_cfg") Signed-off-by: Chen Ni Reviewed-by: Jason Gunthorpe Reviewed-by: Lu Baolu Link: https://lore.kernel.org/r/20240923021557.3432068-1-nichen@iscas.ac.cn Signed-off-by: Will Deacon commit f63237f54cf18448728201a65e6c82018e807cd9 Author: Daniel Mentz Date: Tue Oct 1 18:53:57 2024 -0700 iommu/arm-smmu-v3: Fix last_sid_idx calculation for sid_bits==32 The function arm_smmu_init_strtab_2lvl uses the expression ((1 << smmu->sid_bits) - 1) to calculate the largest StreamID value. However, this fails for the maximum allowed value of SMMU_IDR1.SIDSIZE which is 32. The C standard states: "If the value of the right operand is negative or is greater than or equal to the width of the promoted left operand, the behavior is undefined." With smmu->sid_bits being 32, the prerequisites for undefined behavior are met. We observed that the value of (1 << 32) is 1 and not 0 as we initially expected. Similar bit shift operations in arm_smmu_init_strtab_linear seem to not be affected, because it appears to be unlikely for an SMMU to have SMMU_IDR1.SIDSIZE set to 32 but then not support 2-level Stream tables This issue was found by Ryan Huang on our team. Fixes: ce410410f1a7 ("iommu/arm-smmu-v3: Add arm_smmu_strtab_l1/2_idx()") Signed-off-by: Daniel Mentz Link: https://lore.kernel.org/r/20241002015357.1766934-1-danielmentz@google.com Signed-off-by: Will Deacon commit 0dfe314cdd0d378f96bb9c6bdc05c8120f48606d Author: Robin Murphy Date: Tue Oct 8 16:21:17 2024 +0100 iommu/arm-smmu: Clarify MMU-500 CPRE workaround CPRE workarounds are implicated in at least 5 MMU-500 errata, some of which remain unfixed. The comment and warning message have proven to be unhelpfully misleading about this scope, so reword them to get the point across with less risk of going out of date or confusing users. Signed-off-by: Robin Murphy Link: https://lore.kernel.org/r/dfa82171b5248ad7cf1f25592101a6eec36b8c9a.1728400877.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit 6b1e0651e9ce8ce418ad4ff360e7b9925dc5da79 Author: Nam Cao Date: Thu Oct 3 10:41:52 2024 +0200 irqchip/sifive-plic: Unmask interrupt in plic_irq_enable() It is possible that an interrupt is disabled and masked at the same time. When the interrupt is enabled again by enable_irq(), only plic_irq_enable() is called, not plic_irq_unmask(). The interrupt remains masked and never raises. An example where interrupt is both disabled and masked is when handle_fasteoi_irq() is the handler, and IRQS_ONESHOT is set. The interrupt handler: 1. Mask the interrupt 2. Handle the interrupt 3. Check if interrupt is still enabled, and unmask it (see cond_unmask_eoi_irq()) If another task disables the interrupt in the middle of the above steps, the interrupt will not get unmasked, and will remain masked when it is enabled in the future. The problem is occasionally observed when PREEMPT_RT is enabled, because PREEMPT_RT adds the IRQS_ONESHOT flag. But PREEMPT_RT only makes the problem more likely to appear, the bug has been around since commit a1706a1c5062 ("irqchip/sifive-plic: Separate the enable and mask operations"). Fix it by unmasking interrupt in plic_irq_enable(). Fixes: a1706a1c5062 ("irqchip/sifive-plic: Separate the enable and mask operations") Signed-off-by: Nam Cao Signed-off-by: Thomas Gleixner Cc: stable@vger.kernel.org Link: https://lore.kernel.org/all/20241003084152.2422969-1-namcao@linutronix.de commit 1442ee0011983f0c5c4b92380e6853afb513841a Author: Marc Zyngier Date: Wed Oct 2 21:49:59 2024 +0100 irqchip/gic-v4: Don't allow a VMOVP on a dying VPE Kunkun Jiang reported that there is a small window of opportunity for userspace to force a change of affinity for a VPE while the VPE has already been unmapped, but the corresponding doorbell interrupt still visible in /proc/irq/. Plug the race by checking the value of vmapp_count, which tracks whether the VPE is mapped ot not, and returning an error in this case. This involves making vmapp_count common to both GICv4.1 and its v4.0 ancestor. Fixes: 64edfaa9a234 ("irqchip/gic-v4.1: Implement the v4.1 flavour of VMAPP") Reported-by: Kunkun Jiang Signed-off-by: Marc Zyngier Signed-off-by: Thomas Gleixner Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/c182ece6-2ba0-ce4f-3404-dba7a3ab6c52@huawei.com Link: https://lore.kernel.org/all/20241002204959.2051709-1-maz@kernel.org commit 1fd9e4f257827d939cc627541f12fc4bdd979eb1 Author: Greg Thelen Date: Sat Oct 5 14:56:00 2024 -0700 selftests: make kselftest-clean remove libynl outputs Starting with 6.12 commit 85585b4bc8d8 ("selftests: add ncdevmem, netcat for devmem TCP") kselftest-all creates additional outputs that kselftest-clean does not cleanup: $ make defconfig $ make kselftest-all $ make kselftest-clean $ git clean -ndxf | grep tools/net Would remove tools/net/ynl/lib/__pycache__/ Would remove tools/net/ynl/lib/ynl.a Would remove tools/net/ynl/lib/ynl.d Would remove tools/net/ynl/lib/ynl.o Make kselftest-clean remove the newly added net/ynl outputs. Fixes: 85585b4bc8d8 ("selftests: add ncdevmem, netcat for devmem TCP") Signed-off-by: Greg Thelen Reviewed-by: Muhammad Usama Anjum Reviewed-by: Guenter Roeck Link: https://patch.msgid.link/20241005215600.852260-1-gthelen@google.com Signed-off-by: Jakub Kicinski commit c0a30936dbf2f5a143e4afed02a14cddccc2674e Merge: f15b8d6eb63874 0e43a5a7b253ed Author: Jakub Kicinski Date: Tue Oct 8 08:15:32 2024 -0700 Merge branch 'selftests-net-add-missing-gitignore-and-extra_clean-entries' Javier Carrasco says: ==================== selftests: net: add missing gitignore and EXTRA_CLEAN entries. This series is a cherry-pick on top of v6.12-rc1 from the one I sent for selftests with other patches that were not net-related: https://lore.kernel.org/all/20240925-selftests-gitignore-v3-0-9db896474170@gmail.com/ The patches have not been modified, and the Reviewed-by tags have been kept. v1: https://lore.kernel.org/20240930-net-selftests-gitignore-v1-0-65225a855946@gmail.com ==================== Link: https://patch.msgid.link/20241005-net-selftests-gitignore-v2-0-3a0b2876394a@gmail.com Signed-off-by: Jakub Kicinski commit 0e43a5a7b253ed3764929a43778d3c684092a277 Author: Javier Carrasco Date: Sat Oct 5 07:29:42 2024 +0200 selftests: net: rds: add gitignore file for include.sh The generated include.sh should be ignored by git. Create a new gitignore and add the file to the list. Reviewed-by: Allison Henderson Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241005-net-selftests-gitignore-v2-3-3a0b2876394a@gmail.com Signed-off-by: Jakub Kicinski commit 4227b50cff0586d6f92b20ce9672dbe881105ea7 Author: Javier Carrasco Date: Sat Oct 5 07:29:41 2024 +0200 selftests: net: rds: add include.sh to EXTRA_CLEAN The include.sh file is generated when building the net/rds selftests, but there is no rule to delete it with the clean target. Add the file to EXTRA_CLEAN in order to remove it when required. Reviewed-by: Allison Henderson Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241005-net-selftests-gitignore-v2-2-3a0b2876394a@gmail.com Signed-off-by: Jakub Kicinski commit 9c4beb2dfebab4e81f7aabde03ce2918e358e841 Author: Javier Carrasco Date: Sat Oct 5 07:29:40 2024 +0200 selftests: net: add msg_oob to gitignore This executable is missing from the corresponding gitignore file. Add msg_oob to the net gitignore list. Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241005-net-selftests-gitignore-v2-1-3a0b2876394a@gmail.com Signed-off-by: Jakub Kicinski commit bf56c410162dbf2e27906acbdcd904cbbfdba302 Author: Juergen Gross Date: Fri Oct 4 12:22:12 2024 +0200 x86/xen: mark boot CPU of PV guest in MSR_IA32_APICBASE Recent topology checks of the x86 boot code uncovered the need for PV guests to have the boot cpu marked in the APICBASE MSR. Fixes: 9d22c96316ac ("x86/topology: Handle bogus ACPI tables correctly") Reported-by: Niels Dettenbach Signed-off-by: Juergen Gross Reviewed-by: Thomas Gleixner Signed-off-by: Juergen Gross commit 32fda5650625065b8ae6dbd9967fb572d3835c35 Author: Christian König Date: Mon Oct 7 20:30:19 2024 +0200 drm/radeon: always set GEM function pointer Make sure to always set the GEM function pointer even for in kernel allocations. This fixes a NULL pointer deref caused by switching to GEM references. Signed-off-by: Christian König Fixes: fd69ef05029f ("drm/radeon: use GEM references instead of TTMs") Acked-by: Alex Deucher Tested-by: Hans de Goede Signed-off-by: Alex Deucher (cherry picked from commit 01b64bc063d014641631867a7e0edd8ac55282d4) commit 2b5648416e47933939dc310c4ea1e29404f35630 Author: Martin Kletzander Date: Tue Oct 1 13:43:56 2024 +0200 x86/resctrl: Avoid overflow in MB settings in bw_validate() The resctrl schemata file supports specifying memory bandwidth associated with the Memory Bandwidth Allocation (MBA) feature via a percentage (this is the default) or bandwidth in MiBps (when resctrl is mounted with the "mba_MBps" option). The allowed range for the bandwidth percentage is from /sys/fs/resctrl/info/MB/min_bandwidth to 100, using a granularity of /sys/fs/resctrl/info/MB/bandwidth_gran. The supported range for the MiBps bandwidth is 0 to U32_MAX. There are two issues with parsing of MiBps memory bandwidth: * The user provided MiBps is mistakenly rounded up to the granularity that is unique to percentage input. * The user provided MiBps is parsed using unsigned long (thus accepting values up to ULONG_MAX), and then assigned to u32 that could result in overflow. Do not round up the MiBps value and parse user provided bandwidth as the u32 it is intended to be. Use the appropriate kstrtou32() that can detect out of range values. Fixes: 8205a078ba78 ("x86/intel_rdt/mba_sc: Add schemata support") Fixes: 6ce1560d35f6 ("x86/resctrl: Switch over to the resctrl mbps_val list") Co-developed-by: Reinette Chatre Signed-off-by: Reinette Chatre Signed-off-by: Martin Kletzander Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Reinette Chatre Reviewed-by: Tony Luck commit a6191a3d18119184237f4ee600039081ad992320 Author: Billy Tsai Date: Tue Oct 8 16:14:45 2024 +0800 gpio: aspeed: Use devm_clk api to manage clock source Replace of_clk_get with devm_clk_get_enabled to manage the clock source. Fixes: 5ae4cb94b313 ("gpio: aspeed: Add debounce support") Reviewed-by: Andrew Jeffery Signed-off-by: Billy Tsai Link: https://lore.kernel.org/r/20241008081450.1490955-3-billy_tsai@aspeedtech.com Signed-off-by: Bartosz Golaszewski commit 1bb5a99e1f3fd27accb804aa0443a789161f843c Author: Billy Tsai Date: Tue Oct 8 16:14:44 2024 +0800 gpio: aspeed: Add the flush write to ensure the write complete. Performing a dummy read ensures that the register write operation is fully completed, mitigating any potential bus delays that could otherwise impact the frequency of bitbang usage. E.g., if the JTAG application uses GPIO to control the JTAG pins (TCK, TMS, TDI, TDO, and TRST), and the application sets the TCK clock to 1 MHz, the GPIO's high/low transitions will rely on a delay function to ensure the clock frequency does not exceed 1 MHz. However, this can lead to rapid toggling of the GPIO because the write operation is POSTed and does not wait for a bus acknowledgment. Fixes: 361b79119a4b ("gpio: Add Aspeed driver") Reviewed-by: Andrew Jeffery Signed-off-by: Billy Tsai Link: https://lore.kernel.org/r/20241008081450.1490955-2-billy_tsai@aspeedtech.com Signed-off-by: Bartosz Golaszewski commit 3fe9f5882cf71573516749b0bb687ef88f470d1d Author: Benjamin Bara Date: Tue Oct 8 13:36:14 2024 +0200 ASoC: dapm: avoid container_of() to get component The current implementation does not work for widgets of DAPMs without component, as snd_soc_dapm_to_component() requires it. If the widget is directly owned by the card, e.g. as it is the case for the tegra implementation, the call leads to UB. Therefore directly access the component of the widget's DAPM to be able to check if a component is available. Fixes: f82eb06a40c8 ("ASoC: tegra: machine: Handle component name prefix") Cc: stable@vger.kernel.org # v6.7+ Signed-off-by: Benjamin Bara Link: https://patch.msgid.link/20241008-tegra-dapm-v2-1-5e999cb5f0e7@skidata.com Signed-off-by: Mark Brown commit 835745a377a4519decd1a36d6b926e369b3033e2 Author: Yonatan Maman Date: Tue Oct 8 14:59:43 2024 +0300 nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error The `nouveau_dmem_copy_one` function ensures that the copy push command is sent to the device firmware but does not track whether it was executed successfully. In the case of a copy error (e.g., firmware or hardware failure), the copy push command will be sent via the firmware channel, and `nouveau_dmem_copy_one` will likely report success, leading to the `migrate_to_ram` function returning a dirty HIGH_USER page to the user. This can result in a security vulnerability, as a HIGH_USER page that may contain sensitive or corrupted data could be returned to the user. To prevent this vulnerability, we allocate a zero page. Thus, in case of an error, a non-dirty (zero) page will be returned to the user. Fixes: 5be73b690875 ("drm/nouveau/dmem: device memory helpers for SVM") Signed-off-by: Yonatan Maman Co-developed-by: Gal Shalom Signed-off-by: Gal Shalom Reviewed-by: Ben Skeggs Cc: stable@vger.kernel.org Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20241008115943.990286-3-ymaman@nvidia.com commit 04e0481526e30ab8c7e7580033d2f88b7ef2da3f Author: Yonatan Maman Date: Tue Oct 8 14:59:42 2024 +0300 nouveau/dmem: Fix privileged error in copy engine channel When `nouveau_dmem_copy_one` is called, the following error occurs: [272146.675156] nouveau 0000:06:00.0: fifo: PBDMA9: 00000004 [HCE_PRIV] ch 1 00000300 00003386 This indicates that a copy push command triggered a Host Copy Engine Privileged error on channel 1 (Copy Engine channel). To address this issue, modify the Copy Engine channel to allow privileged push commands Fixes: 6de125383a5c ("drm/nouveau/fifo: expose runlist topology info on all chipsets") Signed-off-by: Yonatan Maman Co-developed-by: Gal Shalom Signed-off-by: Gal Shalom Reviewed-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20241008115943.990286-2-ymaman@nvidia.com commit 5069d7e202f640a36cf213a432296c85113a52f7 Author: Anumula Murali Mohan Reddy Date: Tue Oct 8 17:13:34 2024 +0530 RDMA/core: Fix ENODEV error for iWARP test over vlan If traffic is over vlan, cma_validate_port() fails to match vlan net_device ifindex with bound_if_index and results in ENODEV error. It is because rdma_copy_src_l2_addr() always assigns bound_if_index with real net_device ifindex. This patch fixes the issue by assigning bound_if_index with vlan net_device index if traffic is over vlan. Fixes: f8ef1be816bf ("RDMA/cma: Avoid GID lookups on iWARP devices") Signed-off-by: Anumula Murali Mohan Reddy Signed-off-by: Potnuri Bharat Teja Link: https://patch.msgid.link/20241008114334.146702-1-anumula@chelsio.com Signed-off-by: Leon Romanovsky commit d4a89e5aee23eaebdc45f63cb3d6d5917ff6acf4 Author: Mark Brown Date: Sat Oct 5 00:19:37 2024 +0100 KVM: arm64: Expose S1PIE to guests Prior to commit 70ed7238297f ("KVM: arm64: Sanitise ID_AA64MMFR3_EL1") we just exposed the santised view of ID_AA64MMFR3_EL1 to guests, meaning that they saw both TCRX and S1PIE if present on the host machine. That commit added VMM control over the contents of the register and exposed S1POE but removed S1PIE, meaning that the extension is no longer visible to guests. Reenable support for S1PIE with VMM control. Fixes: 70ed7238297f ("KVM: arm64: Sanitise ID_AA64MMFR3_EL1") Signed-off-by: Mark Brown Reviewed-by: Joey Gouly Link: https://lore.kernel.org/r/20241005-kvm-arm64-fix-s1pie-v1-1-5901f02de749@kernel.org Signed-off-by: Marc Zyngier commit dad1b6c805692ceb7f3872bc70e6dfe12abceb91 Merge: 8cf0b93919e13d 50793801fc7f6d Author: Christian Brauner Date: Mon Oct 7 13:51:55 2024 +0200 Merge patch series "fsdax/xfs: unshare range fixes for 6.12" Darrick J. Wong says: This patchset fixes multiple data corruption bugs in the fallocate unshare range implementation for fsdax. * patches from https://lore.kernel.org/r/172796813251.1131942.12184885574609980777.stgit@frogsfrogsfrogs: fsdax: dax_unshare_iter needs to copy entire blocks fsdax: remove zeroing code from dax_unshare_iter iomap: share iomap_unshare_iter predicate code with fsdax xfs: don't allocate COW extents when unsharing a hole Link: https://lore.kernel.org/r/172796813251.1131942.12184885574609980777.stgit@frogsfrogsfrogs Signed-off-by: Christian Brauner commit 9814c1447f9cc67c9e88e0a4423de3a496078360 Author: Kai Vehmanen Date: Tue Oct 8 09:07:10 2024 +0300 ASoC: SOF: Intel: hda-loader: do not wait for HDaudio IOC Commit 9ee3f0d8c999 ("ASOC: SOF: Intel: hda-loader: only wait for HDaudio IOC for IPC4 devices") removed DMA wait for IPC3 case. Proceed and remove the wait for IPC4 devices as well. There is no dependency to IPC version in the load logic and checking the firmware status is a sufficient check in case of errors. The removed code also had a bug in that -ETIMEDOUT is returned without stopping the DMA transfer. Cc: stable@vger.kernel.org Link: https://github.com/thesofproject/linux/issues/5135 Fixes: 9ee3f0d8c999 ("ASOC: SOF: Intel: hda-loader: only wait for HDaudio IOC for IPC4 devices") Suggested-by: Peter Ujfalusi Signed-off-by: Kai Vehmanen Reviewed-by: Péter Ujfalusi Reviewed-by: Pierre-Louis Bossart Reviewed-by: Ranjani Sridharan Signed-off-by: Peter Ujfalusi Link: https://patch.msgid.link/20241008060710.15409-1-peter.ujfalusi@linux.intel.com Signed-off-by: Mark Brown commit 494ddacd4a2ae5fd1c46ea49364eaab4fc1e5461 Author: Venkata Prasad Potturu Date: Tue Oct 8 14:43:45 2024 +0530 ASoC: SOF: amd: Fix for ACP SRAM addr for acp7.0 platform Incorrect SRAM base addr for acp7.0 platform results firmware boot failure. Add condition check to support SRAM addr for various platforms. Fixes: 145d7e5ae8f4 ("ASoC: SOF: amd: add option to use sram for data bin loading") Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20241008091347.594378-2-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit 0a5c40393b123f3f08e428143985ab0c5ddb4d28 Author: Venkata Prasad Potturu Date: Tue Oct 8 14:43:44 2024 +0530 ASoC: SOF: amd: Add error log for DSP firmware validation failure Add dev_err to print ACP_SHA_DSP_FW_QUALIFIER and ACP_SHA_PSP_ACK register values for PSP firmware validation failure case. Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20241008091347.594378-1-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit 0dbb186c3510cad4e9f443e801bf2e6ab5770c00 Author: Amadeusz Sławiński Date: Tue Oct 8 10:37:58 2024 +0200 ASoC: Intel: avs: Update stream status in a separate thread Function snd_pcm_period_elapsed() is part of sequence servicing HDAudio stream IRQs. It's called under Global Interrupt Enable (GIE) disabled - no HDAudio interrupts will be raised. At the same time, the function may end up calling __snd_pcm_xrun() or snd_pcm_drain_done(). On the avs-driver side, this translates to IPCs and as GIE is disabled, these will never complete successfully. Improve system stability by scheduling stream-IRQ handling in a separate thread. Signed-off-by: Amadeusz Sławiński Reviewed-by: Cezary Rojewski Link: https://patch.msgid.link/20241008083758.756578-1-amadeuszx.slawinski@linux.intel.com Signed-off-by: Mark Brown commit 79cc6cdb932a5cf1a1ee05f6de12a7d102818d21 Author: Oliver Upton Date: Mon Oct 7 23:30:28 2024 +0000 KVM: arm64: nv: Clarify safety of allowing TLBI unmaps to reschedule There's been a decent amount of attention around unmaps of nested MMUs, and TLBI handling is no exception to this. Add a comment clarifying why it is safe to reschedule during a TLBI unmap, even without a reference on the MMU in progress. Signed-off-by: Oliver Upton Link: https://lore.kernel.org/r/20241007233028.2236133-5-oliver.upton@linux.dev Signed-off-by: Marc Zyngier commit c268f204f7c5784e84583c1c44d427bac09f517a Author: Oliver Upton Date: Mon Oct 7 23:30:27 2024 +0000 KVM: arm64: nv: Punt stage-2 recycling to a vCPU request Currently, when a nested MMU is repurposed for some other MMU context, KVM unmaps everything during vcpu_load() while holding the MMU lock for write. This is quite a performance bottleneck for large nested VMs, as all vCPU scheduling will spin until the unmap completes. Start punting the MMU cleanup to a vCPU request, where it is then possible to periodically release the MMU lock and CPU in the presence of contention. Ensure that no vCPU winds up using a stale MMU by tracking the pending unmap on the S2 MMU itself and requesting an unmap on every vCPU that finds it. Signed-off-by: Oliver Upton Link: https://lore.kernel.org/r/20241007233028.2236133-4-oliver.upton@linux.dev Signed-off-by: Marc Zyngier commit 3c164eb9464d39ba339c1487dcac0dc9508e03f0 Author: Oliver Upton Date: Mon Oct 7 23:30:26 2024 +0000 KVM: arm64: nv: Do not block when unmapping stage-2 if disallowed Right now the nested code allows unmap operations on a shadow stage-2 to block unconditionally. This is wrong in a couple places, such as a non-blocking MMU notifier or on the back of a sched_in() notifier as part of shadow MMU recycling. Carry through whether or not blocking is allowed to kvm_pgtable_stage2_unmap(). This 'fixes' an issue where stage-2 MMU reclaim would precipitate a stack overflow from a pile of kvm_sched_in() callbacks, all trying to recycle a stage-2 MMU. Signed-off-by: Oliver Upton Link: https://lore.kernel.org/r/20241007233028.2236133-3-oliver.upton@linux.dev Signed-off-by: Marc Zyngier commit 6ded46b5a4fd7fc9c6104b770627043aaf996abf Author: Oliver Upton Date: Mon Oct 7 23:30:25 2024 +0000 KVM: arm64: nv: Keep reference on stage-2 MMU when scheduled out If a vCPU is scheduling out and not in WFI emulation, it is highly likely it will get scheduled again soon and reuse the MMU it had before. Dropping the MMU at vcpu_put() can have some unfortunate consequences, as the MMU could get reclaimed and used in a different context, forcing another 'cold start' on an otherwise active MMU. Avoid that altogether by keeping a reference on the MMU if the vCPU is scheduling out, ensuring that another vCPU cannot reclaim it while the current vCPU is away. Since there are more MMUs than vCPUs, this does not affect the guarantee that an unused MMU is available at any time. Furthermore, this makes the vcpu->arch.hw_mmu ~stable in preemptible code, at least for where it matters in the stage-2 abort path. Yes, the MMU can change across WFI emulation, but there isn't even a use case where this would matter. Signed-off-by: Oliver Upton Link: https://lore.kernel.org/r/20241007233028.2236133-2-oliver.upton@linux.dev Signed-off-by: Marc Zyngier commit ae8f8b37610269009326f4318df161206c59843e Author: Oliver Upton Date: Mon Oct 7 22:39:09 2024 +0000 KVM: arm64: Unregister redistributor for failed vCPU creation Alex reports that syzkaller has managed to trigger a use-after-free when tearing down a VM: BUG: KASAN: slab-use-after-free in kvm_put_kvm+0x300/0xe68 virt/kvm/kvm_main.c:5769 Read of size 8 at addr ffffff801c6890d0 by task syz.3.2219/10758 CPU: 3 UID: 0 PID: 10758 Comm: syz.3.2219 Not tainted 6.11.0-rc6-dirty #64 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace+0x17c/0x1a8 arch/arm64/kernel/stacktrace.c:317 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:324 __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0x94/0xc0 lib/dump_stack.c:119 print_report+0x144/0x7a4 mm/kasan/report.c:377 kasan_report+0xcc/0x128 mm/kasan/report.c:601 __asan_report_load8_noabort+0x20/0x2c mm/kasan/report_generic.c:381 kvm_put_kvm+0x300/0xe68 virt/kvm/kvm_main.c:5769 kvm_vm_release+0x4c/0x60 virt/kvm/kvm_main.c:1409 __fput+0x198/0x71c fs/file_table.c:422 ____fput+0x20/0x30 fs/file_table.c:450 task_work_run+0x1cc/0x23c kernel/task_work.c:228 do_notify_resume+0x144/0x1a0 include/linux/resume_user_mode.h:50 el0_svc+0x64/0x68 arch/arm64/kernel/entry-common.c:169 el0t_64_sync_handler+0x90/0xfc arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 Upon closer inspection, it appears that we do not properly tear down the MMIO registration for a vCPU that fails creation late in the game, e.g. a vCPU w/ the same ID already exists in the VM. It is important to consider the context of commit that introduced this bug by moving the unregistration out of __kvm_vgic_vcpu_destroy(). That change correctly sought to avoid an srcu v. config_lock inversion by breaking up the vCPU teardown into two parts, one guarded by the config_lock. Fix the use-after-free while avoiding lock inversion by adding a special-cased unregistration to __kvm_vgic_vcpu_destroy(). This is safe because failed vCPUs are torn down outside of the config_lock. Cc: stable@vger.kernel.org Fixes: f616506754d3 ("KVM: arm64: vgic: Don't hold config_lock while unregistering redistributors") Reported-by: Alexander Potapenko Signed-off-by: Oliver Upton Link: https://lore.kernel.org/r/20241007223909.2157336-1-oliver.upton@linux.dev Signed-off-by: Marc Zyngier commit 9b7c3dd5964b252f187f1982996fb9c0c2159da9 Merge: a1d402abf8e3ff dc9b5d7e0bd40e Author: Marc Zyngier Date: Tue Oct 8 10:39:27 2024 +0100 Merge branch kvm-arm64/idregs-6.12 into kvmarm/fixes * kvm-arm64/idregs-6.12: : . : Make some fields of ID_AA64DFR0_EL1 and ID_AA64PFR1_EL1 : writable from userspace, so that a VMM can influence the : set of guest-visible features. : : - for ID_AA64DFR0_EL1: DoubleLock, WRPs, PMUVer and DebugVer : are writable (courtesy of Shameer Kolothum) : : - for ID_AA64PFR1_EL1: BT, SSBS, CVS2_frac are writable : (courtesy of Shaoqin Huang) : . KVM: selftests: aarch64: Add writable test for ID_AA64PFR1_EL1 KVM: arm64: Allow userspace to change ID_AA64PFR1_EL1 KVM: arm64: Use kvm_has_feat() to check if FEAT_SSBS is advertised to the guest KVM: arm64: Disable fields that KVM doesn't know how to handle in ID_AA64PFR1_EL1 KVM: arm64: Make the exposed feature bits in AA64DFR0_EL1 writable from userspace Signed-off-by: Marc Zyngier commit f15b8d6eb63874230e36a45dd24239050a6f6250 Merge: 60ed96bd1e6976 2f3dcd0d39affe Author: Paolo Abeni Date: Tue Oct 8 10:42:31 2024 +0200 Merge branch 'net-dsa-b53-assorted-jumbo-frame-fixes' Jonas Gorski says: ==================== net: dsa: b53: assorted jumbo frame fixes While investigating the capabilities of BCM63XX's integrated switch and its DMA engine, I noticed a few issues in b53's jumbo frame code. Mostly a confusion of MTU vs frame length, but also a few missing cases for 100M switches. Tested on BCM63XX and BCM53115 with intel 1G and realtek 1G NICs, which support MTUs of 9000 or slightly above, but significantly less than the 9716/9720 supported by BCM53115, so I couldn't verify the actual maximum frame length. Signed-off-by: Jonas Gorski --- ==================== Link: https://patch.msgid.link/20241004-b53_jumbo_fixes-v1-0-ce1e54aa7b3c@gmail.com Signed-off-by: Paolo Abeni commit 2f3dcd0d39affe5b9ba1c351ce0e270c8bdd5109 Author: Jonas Gorski Date: Fri Oct 4 10:47:21 2024 +0200 net: dsa: b53: fix jumbo frames on 10/100 ports All modern chips support and need the 10_100 bit set for supporting jumbo frames on 10/100 ports, so instead of enabling it only for 583XX enable it for everything except bcm63xx, where the bit is writeable, but does nothing. Tested on BCM53115, where jumbo frames were dropped at 10/100 speeds without the bit set. Fixes: 6ae5834b983a ("net: dsa: b53: add MTU configuration support") Signed-off-by: Jonas Gorski Reviewed-by: Florian Fainelli Signed-off-by: Paolo Abeni commit e4b294f88a32438baf31762441f3dd1c996778be Author: Jonas Gorski Date: Fri Oct 4 10:47:20 2024 +0200 net: dsa: b53: allow lower MTUs on BCM5325/5365 While BCM5325/5365 do not support jumbo frames, they do support slightly oversized frames, so do not error out if requesting a supported MTU for them. Fixes: 6ae5834b983a ("net: dsa: b53: add MTU configuration support") Signed-off-by: Jonas Gorski Reviewed-by: Florian Fainelli Signed-off-by: Paolo Abeni commit ca8c1f71c10193c270f772d70d34b15ad765d6a8 Author: Jonas Gorski Date: Fri Oct 4 10:47:19 2024 +0200 net: dsa: b53: fix max MTU for BCM5325/BCM5365 BCM5325/BCM5365 do not support jumbo frames, so we should not report a jumbo frame mtu for them. But they do support so called "oversized" frames up to 1536 bytes long by default, so report an appropriate MTU. Fixes: 6ae5834b983a ("net: dsa: b53: add MTU configuration support") Signed-off-by: Jonas Gorski Reviewed-by: Florian Fainelli Signed-off-by: Paolo Abeni commit 680a8217dc00dc7e7da57888b3c053289b60eb2b Author: Jonas Gorski Date: Fri Oct 4 10:47:18 2024 +0200 net: dsa: b53: fix max MTU for 1g switches JMS_MAX_SIZE is the ethernet frame length, not the MTU, which is payload without ethernet headers. According to the datasheets maximum supported frame length for most gigabyte swithes is 9720 bytes, so convert that to the expected MTU when using VLAN tagged frames. Fixes: 6ae5834b983a ("net: dsa: b53: add MTU configuration support") Signed-off-by: Jonas Gorski Reviewed-by: Florian Fainelli Signed-off-by: Paolo Abeni commit 42fb3acf6826c6764ba79feb6e15229b43fd2f9f Author: Jonas Gorski Date: Fri Oct 4 10:47:17 2024 +0200 net: dsa: b53: fix jumbo frame mtu check JMS_MIN_SIZE is the full ethernet frame length, while mtu is just the data payload size. Comparing these two meant that mtus between 1500 and 1518 did not trigger enabling jumbo frames. So instead compare the set mtu ETH_DATA_LEN, which is equal to JMS_MIN_SIZE - ETH_HLEN - ETH_FCS_LEN; Also do a check that the requested mtu is actually greater than the minimum length, else we do not need to enable jumbo frames. In practice this only introduced a very small range of mtus that did not work properly. Newer chips allow 2000 byte large frames by default, and older chips allow 1536 bytes long, which is equivalent to an mtu of 1514. So effectivly only mtus of 1515~1517 were broken. Fixes: 6ae5834b983a ("net: dsa: b53: add MTU configuration support") Signed-off-by: Jonas Gorski Reviewed-by: Florian Fainelli Signed-off-by: Paolo Abeni commit 368196e5019464c7bf81c797a415d09e53f5792a Author: Jonathan Corbet Date: Mon Oct 7 11:04:57 2024 -0600 netfs: fix documentation build error Commit 86b374d061ee ("netfs: Remove fs/netfs/io.c") did what it said on the tin, but failed to remove the reference to fs/netfs/io.c from the documentation, leading to this docs build error: WARNING: kernel-doc './scripts/kernel-doc -rst -enable-lineno -sphinx-version 7.3.7 ./fs/netfs/io.c' failed with return code 1 Remove the offending kernel-doc line, making the docs build process a little happier. Fixes: 86b374d061ee ("netfs: Remove fs/netfs/io.c") Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/874j5nlu86.fsf@trenco.lwn.net Signed-off-by: Christian Brauner commit 60ed96bd1e69764f6b4bdf28ce9399d6a79f497b Merge: 3dc6e998d18bfb 03c96bc9d3d2d5 Author: Paolo Abeni Date: Tue Oct 8 10:30:32 2024 +0200 Merge branch 'fix-ti-am65-cpsw-nuss-module-removal' Nicolas Pitre says: ==================== fix ti-am65-cpsw-nuss module removal Fix issues preventing rmmod of ti-am65-cpsw-nuss from working properly. v3: - more patch submission minutiae v2: https://lore.kernel.org/netdev/20241003172105.2712027-2-nico@fluxnic.net/T/ - conform to netdev patch submission customs - address patch review trivias v1: https://lore.kernel.org/netdev/20240927025301.1312590-2-nico@fluxnic.net/T/ ==================== Link: https://patch.msgid.link/20241004041218.2809774-1-nico@fluxnic.net Signed-off-by: Paolo Abeni commit 03c96bc9d3d2d5991ed455d70a67cbafbbc50063 Author: Nicolas Pitre Date: Fri Oct 4 00:10:34 2024 -0400 net: ethernet: ti: am65-cpsw: avoid devm_alloc_etherdev, fix module removal Usage of devm_alloc_etherdev_mqs() conflicts with am65_cpsw_nuss_cleanup_ndev() as the same struct net_device instances get unregistered twice. Switch to alloc_etherdev_mqs() and make sure am65_cpsw_nuss_cleanup_ndev() unregisters and frees those net_device instances properly. With this, it is finally possible to rmmod the driver without oopsing the kernel. Fixes: 93a76530316a ("net: ethernet: ti: introduce am65x/j721e gigabit eth subsystem driver") Signed-off-by: Nicolas Pitre Reviewed-by: Roger Quadros Signed-off-by: Paolo Abeni commit 47f9605484a89ea14c41f0aa0e9294b7b94d64c0 Author: Nicolas Pitre Date: Fri Oct 4 00:10:33 2024 -0400 net: ethernet: ti: am65-cpsw: prevent WARN_ON upon module removal In am65_cpsw_nuss_remove(), move the call to am65_cpsw_unregister_devlink() after am65_cpsw_nuss_cleanup_ndev() to avoid triggering the WARN_ON(devlink_port->type != DEVLINK_PORT_TYPE_NOTSET) in devl_port_unregister(). Makes it coherent with usage in m65_cpsw_nuss_register_ndevs()'s cleanup path. Fixes: 58356eb31d60 ("net: ti: am65-cpsw-nuss: Add devlink support") Signed-off-by: Nicolas Pitre Reviewed-by: Roger Quadros Signed-off-by: Paolo Abeni commit 557f6e4ab5ba607750756b29922b7f35fd7ec97e Author: christoph.plattner Date: Sat Oct 5 19:35:09 2024 +0200 ALSA: hda: Sound support for HP Spectre x360 16 inch model 2024 Included solution with ALC287/CS35L41 did not cover full function, 14 inch code blocked. Forcing output for treble/bass speaker to connection 0x02, setting pin configs for LEDs and re-powering amp and calling fixups for cs35l41, mute and gpio leds was a working combination to reach correct behaviour. Signed-off-by: christoph.plattner Link: https://patch.msgid.link/20241005173509.1196001-1-christoph.plattner@gmx.at Signed-off-by: Takashi Iwai commit 7a5ab8071114344f62a8b1e64ed3452a77257d76 Author: WangYuli Date: Mon Oct 7 12:08:03 2024 +0800 HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad The behavior of HONOR MagicBook Art 14 touchpad is not consistent after reboots, as sometimes it reports itself as a touchpad, and sometimes as a mouse. Similarly to GLO-GXXX it is possible to call MT_QUIRK_FORCE_GET_FEATURE as a workaround to force set feature in mt_set_input_mode() for such special touchpad device. [jkosina@suse.com: reword changelog a little bit] Link: https://gitlab.freedesktop.org/libinput/libinput/-/issues/1040 Signed-off-by: Wentao Guan Signed-off-by: WangYuli Reviewed-by: Benjamin Tissoires Signed-off-by: Jiri Kosina commit 6ff57a2ea7c2911f80457a5a3a5b4370756ad475 Author: Qianqiang Liu Date: Fri Sep 27 22:06:13 2024 +0800 RDMA/nldev: Fix NULL pointer dereferences issue in rdma_nl_notify_event nlmsg_put() may return a NULL pointer assigned to nlh, which will later be dereferenced in nlmsg_end(). Fixes: 9cbed5aab5ae ("RDMA/nldev: Add support for RDMA monitoring") Link: https://patch.msgid.link/r/Zva71Yf3F94uxi5A@iZbp1asjb3cy8ks0srf007Z Signed-off-by: Qianqiang Liu Signed-off-by: Jason Gunthorpe Signed-off-by: Leon Romanovsky commit 8e65abacbce22fc8dcf6d58f7937e721d8a13fdd Author: Selvin Xavier Date: Wed Sep 18 20:06:01 2024 -0700 RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode max_sw_wqe used for static wqe mode should be same as the max_wqe. Calculate the max_sw_wqe only for the variable WQE mode. Fixes: de1d364c3815 ("RDMA/bnxt_re: Add support for Variable WQE in Genp7 adapters") Link: https://patch.msgid.link/r/1726715161-18941-7-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe Signed-off-by: Leon Romanovsky commit c5c1ae73b7741fa3b58e6e001b407825bb971225 Author: Kalesh AP Date: Wed Sep 18 20:05:58 2024 -0700 RDMA/bnxt_re: Add a check for memory allocation __alloc_pbl() can return error when memory allocation fails. Driver is not checking the status on one of the instances. Fixes: 0c4dcd602817 ("RDMA/bnxt_re: Refactor hardware queue memory allocation") Link: https://patch.msgid.link/r/1726715161-18941-4-git-send-email-selvin.xavier@broadcom.com Reviewed-by: Selvin Xavier Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe Signed-off-by: Leon Romanovsky commit 9ab20f76ae9fad55ebaf36bdff04aea1c2552374 Author: Saravanan Vajravel Date: Wed Sep 18 20:05:57 2024 -0700 RDMA/bnxt_re: Fix incorrect AVID type in WQE structure Driver uses internal data structure to construct WQE frame. It used avid type as u16 which can accommodate up to 64K AVs. When outstanding AVID crosses 64K, driver truncates AVID and hence it uses incorrect AVID to WR. This leads to WR failure due to invalid AV ID and QP is moved to error state with reason set to 19 (INVALID AVID). When RDMA CM path is used, this issue hits QP1 and it is moved to error state Fixes: 1ac5a4047975 ("RDMA/bnxt_re: Add bnxt_re RoCE driver") Link: https://patch.msgid.link/r/1726715161-18941-3-git-send-email-selvin.xavier@broadcom.com Reviewed-by: Selvin Xavier Reviewed-by: Chandramohan Akula Signed-off-by: Saravanan Vajravel Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe Signed-off-by: Leon Romanovsky commit 3fc5410f225d1651580a4aeb7c72f55e28673b53 Author: Kalesh AP Date: Wed Sep 18 20:05:56 2024 -0700 RDMA/bnxt_re: Fix a possible memory leak In bnxt_re_setup_chip_ctx() when bnxt_qplib_map_db_bar() fails driver is not freeing the memory allocated for "rdev->chip_ctx". Fixes: 0ac20faf5d83 ("RDMA/bnxt_re: Reorg the bar mapping") Link: https://patch.msgid.link/r/1726715161-18941-2-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Selvin Xavier Signed-off-by: Kalesh AP Signed-off-by: Jason Gunthorpe Signed-off-by: Leon Romanovsky commit 1a5cbb526ec4b885177d06a8bc04f38da7dbb1d9 Author: Stefan Blum Date: Sun Oct 6 10:12:23 2024 +0200 HID: multitouch: Add support for B2402FVA track point By default the track point does not work on the Asus Expertbook B2402FVA. From libinput record i got the ID of the track point device: evdev: # Name: ASUE1201:00 04F3:32AE # ID: bus 0x18 vendor 0x4f3 product 0x32ae version 0x100 I found that the track point is functional, when i set the MT_CLS_WIN_8_FORCE_MULTI_INPUT_NSMU class for the reported device. Signed-off-by: Stefan Blum Signed-off-by: Jiri Kosina commit 87b696209007b7c4ef7bdfe39ea0253404a43770 Author: Wade Wang Date: Mon Sep 16 16:56:00 2024 +0800 HID: plantronics: Workaround for an unexcepted opposite volume key Some Plantronics headset as the below send an unexcept opposite volume key's HID report for each volume key press after 200ms, like unecepted Volume Up Key following Volume Down key pressed by user. This patch adds a quirk to hid-plantronics for these devices, which will ignore the second unexcepted opposite volume key if it happens within 220ms from the last one that was handled. Plantronics EncorePro 500 Series (047f:431e) Plantronics Blackwire_3325 Series (047f:430c) The patch was tested on the mentioned model, it shouldn't affect other models, however, this quirk might be needed for them too. Auto-repeat (when a key is held pressed) is not affected per test result. Cc: stable@vger.kernel.org Signed-off-by: Wade Wang Signed-off-by: Jiri Kosina commit 45126b155e3b5201179cdc038504bf93a8ccd921 Author: Jiri Olsa Date: Mon Oct 7 18:09:58 2024 +0200 bpf: Fix memory leak in bpf_core_apply We need to free specs properly. Fixes: 3d2786d65aaa ("bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos") Signed-off-by: Jiri Olsa Signed-off-by: Andrii Nakryiko Acked-by: Eduard Zingerman Link: https://lore.kernel.org/bpf/20241007160958.607434-1-jolsa@kernel.org commit 3dc6e998d18bfba6e0dc979d3cc68eba98dfeef7 Author: Lorenzo Bianconi Date: Fri Oct 4 15:51:26 2024 +0200 net: airoha: Update tx cpu dma ring idx at the end of xmit loop Move the tx cpu dma ring index update out of transmit loop of airoha_dev_xmit routine in order to not start transmitting the packet before it is fully DMA mapped (e.g. fragmented skbs). Fixes: 23020f049327 ("net: airoha: Introduce ethernet support for EN7581 SoC") Reported-by: Felix Fietkau Signed-off-by: Lorenzo Bianconi Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241004-airoha-eth-7581-mapping-fix-v1-1-8e4279ab1812@kernel.org Signed-off-by: Jakub Kicinski commit f50b5d74c68e551667e265123659b187a30fe3a5 Author: Christian Marangi Date: Fri Oct 4 20:27:58 2024 +0200 net: phy: Remove LED entry from LEDs list on unregister Commit c938ab4da0eb ("net: phy: Manual remove LEDs to ensure correct ordering") correctly fixed a problem with using devm_ but missed removing the LED entry from the LEDs list. This cause kernel panic on specific scenario where the port for the PHY is torn down and up and the kmod for the PHY is removed. On setting the port down the first time, the assosiacted LEDs are correctly unregistered. The associated kmod for the PHY is now removed. The kmod is now added again and the port is now put up, the associated LED are registered again. On putting the port down again for the second time after these step, the LED list now have 4 elements. With the first 2 already unregistered previously and the 2 new one registered again. This cause a kernel panic as the first 2 element should have been removed. Fix this by correctly removing the element when LED is unregistered. Reported-by: Daniel Golle Tested-by: Daniel Golle Cc: stable@vger.kernel.org Fixes: c938ab4da0eb ("net: phy: Manual remove LEDs to ensure correct ordering") Signed-off-by: Christian Marangi Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20241004182759.14032-1-ansuelsmth@gmail.com Signed-off-by: Jakub Kicinski commit f61060fb29e552e089be973c9fb44ebf03d7e6ae Merge: 83211ae1640516 610712298b11b2 Author: Jakub Kicinski Date: Mon Oct 7 17:05:19 2024 -0700 Merge tag 'for-net-2024-10-04' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth Luiz Augusto von Dentz says: ==================== bluetooth pull request for net: - RFCOMM: FIX possible deadlock in rfcomm_sk_state_change - hci_conn: Fix UAF in hci_enhanced_setup_sync - btusb: Don't fail external suspend requests * tag 'for-net-2024-10-04' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth: Bluetooth: btusb: Don't fail external suspend requests Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change ==================== Link: https://patch.msgid.link/20241004210124.4010321-1-luiz.dentz@gmail.com Signed-off-by: Jakub Kicinski commit 83211ae1640516accae645de82f5a0a142676897 Author: Christophe JAILLET Date: Thu Oct 3 20:53:15 2024 +0200 net: ethernet: adi: adin1110: Fix some error handling path in adin1110_read_fifo() If 'frame_size' is too small or if 'round_len' is an error code, it is likely that an error code should be returned to the caller. Actually, 'ret' is likely to be 0, so if one of these sanity checks fails, 'success' is returned. Return -EINVAL instead. Fixes: bc93e19d088b ("net: ethernet: adi: Add ADIN1110 support") Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/8ff73b40f50d8fa994a454911b66adebce8da266.1727981562.git.christophe.jaillet@wanadoo.fr Signed-off-by: Jakub Kicinski commit 5546da79e6cc5bb3324bf25688ed05498fd3f86d Author: Jakub Kicinski Date: Fri Oct 4 07:21:15 2024 -0700 Revert "net: stmmac: set PP_FLAG_DMA_SYNC_DEV only if XDP is enabled" This reverts commit b514c47ebf41a6536551ed28a05758036e6eca7c. The commit describes that we don't have to sync the page when recycling, and it tries to optimize that case. But we do need to sync after allocation. Recycling side should be changed to pass the right sync size instead. Fixes: b514c47ebf41 ("net: stmmac: set PP_FLAG_DMA_SYNC_DEV only if XDP is enabled") Reported-by: Jon Hunter Link: https://lore.kernel.org/20241004070846.2502e9ea@kernel.org Reviewed-by: Jacob Keller Reviewed-by: Furong Xu <0x1207@gmail.com> Link: https://patch.msgid.link/20241004142115.910876-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit 5c14e51d2d7df49fe0d4e64a12c58d2542f452ff Author: Anatolij Gustschin Date: Fri Oct 4 13:36:54 2024 +0200 net: dsa: lan9303: ensure chip reset and wait for READY status Accessing device registers seems to be not reliable, the chip revision is sometimes detected wrongly (0 instead of expected 1). Ensure that the chip reset is performed via reset GPIO and then wait for 'Device Ready' status in HW_CFG register before doing any register initializations. Cc: stable@vger.kernel.org Fixes: a1292595e006 ("net: dsa: add new DSA switch driver for the SMSC-LAN9303") Signed-off-by: Anatolij Gustschin [alex: reworked using read_poll_timeout()] Signed-off-by: Alexander Sverdlin Reviewed-by: Vladimir Oltean Link: https://patch.msgid.link/20241004113655.3436296-1-alexander.sverdlin@siemens.com Signed-off-by: Jakub Kicinski commit 631083143315d1b192bd7d915b967b37819e88ea Author: Ignat Korchagin Date: Thu Oct 3 18:01:51 2024 +0100 net: explicitly clear the sk pointer, when pf->create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b ("net: do not leave a dangling sk pointer, when socket creation fails"). The problem is that commit did not fully address the problem, as some pf->create implementations do not use sk_common_release in their error paths. For example, we can use the same reproducer as in the above commit, but changing ping to arping. arping uses AF_PACKET socket and if packet_create fails, it will just sk_free the allocated sk object. While we could chase all the pf->create implementations and make sure they NULL the freed sk object on error from the socket, we can't guarantee future protocols will not make the same mistake. So it is easier to just explicitly NULL the sk pointer upon return from pf->create in __sock_create. We do know that pf->create always releases the allocated sk object on error, so if the pointer is not NULL, it is definitely dangling. Fixes: 6cd4a78d962b ("net: do not leave a dangling sk pointer, when socket creation fails") Signed-off-by: Ignat Korchagin Cc: stable@vger.kernel.org Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20241003170151.69445-1-ignat@cloudflare.com Signed-off-by: Jakub Kicinski commit 6ef8fbce010421bf742b12b8f8f2b2d2ff154845 Author: Filipe Manana Date: Tue Sep 24 14:39:19 2024 +0100 btrfs: fix missing error handling when adding delayed ref with qgroups enabled When adding a delayed ref head, at delayed-ref.c:add_delayed_ref_head(), if we fail to insert the qgroup record we don't error out, we ignore it. In fact we treat it as if there was no error and there was already an existing record - we don't distinguish between the cases where btrfs_qgroup_trace_extent_nolock() returns 1, meaning a record already existed and we can free the given record, and the case where it returns a negative error value, meaning the insertion into the xarray that is used to track records failed. Effectively we end up ignoring that we are lacking qgroup record in the dirty extents xarray, resulting in incorrect qgroup accounting. Fix this by checking for errors and return them to the callers. Fixes: 3cce39a8ca4e ("btrfs: qgroup: use xarray to track dirty extents in transaction") Reviewed-by: Qu Wenruo Signed-off-by: Filipe Manana Reviewed-by: David Sterba Signed-off-by: David Sterba commit 69313850dce33ce8c24b38576a279421f4c60996 Author: Luca Stefani Date: Tue Sep 17 22:33:05 2024 +0200 btrfs: add cancellation points to trim loops There are reports that system cannot suspend due to running trim because the task responsible for trimming the device isn't able to finish in time, especially since we have a free extent discarding phase, which can trim a lot of unallocated space. There are no limits on the trim size (unlike the block group part). Since trime isn't a critical call it can be interrupted at any time, in such cases we stop the trim, report the amount of discarded bytes and return an error. Link: https://bugzilla.kernel.org/show_bug.cgi?id=219180 Link: https://bugzilla.suse.com/show_bug.cgi?id=1229737 CC: stable@vger.kernel.org # 5.15+ Signed-off-by: Luca Stefani Reviewed-by: David Sterba Signed-off-by: David Sterba commit a99fcb0158978ed332009449b484e5f3ca2d7df4 Author: Luca Stefani Date: Tue Sep 17 22:33:04 2024 +0200 btrfs: split remaining space to discard in chunks Per Qu Wenruo in case we have a very large disk, e.g. 8TiB device, mostly empty although we will do the split according to our super block locations, the last super block ends at 256G, we can submit a huge discard for the range [256G, 8T), causing a large delay. Split the space left to discard based on BTRFS_MAX_DISCARD_CHUNK_SIZE in preparation of introduction of cancellation points to trim. The value of the chunk size is arbitrary, it can be higher or derived from actual device capabilities but we can't easily read that using bio_discard_limit(). Link: https://bugzilla.kernel.org/show_bug.cgi?id=219180 Link: https://bugzilla.suse.com/show_bug.cgi?id=1229737 CC: stable@vger.kernel.org # 5.15+ Signed-off-by: Luca Stefani Reviewed-by: David Sterba Signed-off-by: David Sterba commit b402328a24ee7193a8ab84277c0c90ae16768126 Author: SurajSonawane2415 Date: Mon Oct 7 16:44:16 2024 +0530 block: Fix elevator_get_default() checking for NULL q->tag_set elevator_get_default() and elv_support_iosched() both check for whether or not q->tag_set is non-NULL, however it's not possible for them to be NULL. This messes up some static checkers, as the checking of tag_set isn't consistent. Remove the checks, which both simplifies the logic and avoids checker errors. Signed-off-by: SurajSonawane2415 Link: https://lore.kernel.org/r/20241007111416.13814-1-surajsonawane0215@gmail.com Signed-off-by: Jens Axboe commit 9b671793c7d95f020791415cbbcc82b9c007d19c Author: Tejun Heo Date: Fri Sep 27 13:46:13 2024 -1000 sched_ext, scx_qmap: Add and use SCX_ENQ_CPU_SELECTED scx_qmap and other schedulers in the SCX repo are using SCX_ENQ_WAKEUP to tell whether ops.select_cpu() was called. This is incorrect as ops.select_cpu() can be skipped in the wakeup path and leads to e.g. incorrectly skipping direct dispatch for tasks that are bound to a single CPU. sched core has been updated to specify ENQUEUE_RQ_SELECTED if ->select_task_rq() was called. Map it to SCX_ENQ_CPU_SELECTED and update scx_qmap to test it instead of SCX_ENQ_WAKEUP. Signed-off-by: Tejun Heo Acked-by: David Vernet Cc: Daniel Hodges Cc: Changwoo Min Cc: Andrea Righi Cc: Dan Schatzberg commit f207dc2dcdcf0e1e7d260b392784855ce8d84147 Author: Tejun Heo Date: Fri Sep 27 13:46:12 2024 -1000 sched/core: Add ENQUEUE_RQ_SELECTED to indicate whether ->select_task_rq() was called During ttwu, ->select_task_rq() can be skipped if only one CPU is allowed or migration is disabled. sched_ext schedulers may perform operations such as direct dispatch from ->select_task_rq() path and it is useful for them to know whether ->select_task_rq() was skipped in the ->enqueue_task() path. Currently, sched_ext schedulers are using ENQUEUE_WAKEUP for this purpose and end up assuming incorrectly that ->select_task_rq() was called for tasks that are bound to a single CPU or migration disabled. Make select_task_rq() indicate whether ->select_task_rq() was called by setting WF_RQ_SELECTED in *wake_flags and make ttwu_do_activate() map that to ENQUEUE_RQ_SELECTED for ->enqueue_task(). This will be used by sched_ext to fix ->select_task_rq() skip detection. Signed-off-by: Tejun Heo Acked-by: David Vernet commit b62933eee41e2909422c2c3d7fdb56217913faf9 Author: Tejun Heo Date: Fri Sep 27 13:46:11 2024 -1000 sched/core: Make select_task_rq() take the pointer to wake_flags instead of value This will be used to allow select_task_rq() to indicate whether ->select_task_rq() was called by modifying *wake_flags. This makes try_to_wake_up() call all functions that take wake_flags with WF_TTWU set. Previously, only select_task_rq() was. Using the same flags is more consistent, and, as the flag is only tested by ->select_task_rq() implementations, it doesn't cause any behavior differences. Signed-off-by: Tejun Heo Acked-by: David Vernet commit 6df1197815142f968d9bdf8b82f76b0b20a0b7bb Author: Frank Li Date: Mon Oct 7 12:18:23 2024 -0400 dt-bindings: interrupt-controller: fsl,ls-extirq: workaround wrong interrupt-map number The driver(drivers/irqchip/irq-ls-extirq.c) have not use standard DT function to parser interrupt-map. So it doesn't consider '#address-size' in parent interrupt controller, such as GIC. When dt-binding verify interrupt-map, item data matrix is spitted at incorrect position. So cause below warning: arch/arm64/boot/dts/freescale/fsl-ls1088a-qds.dtb: interrupt-controller@14: interrupt-map: [[0, 0, 1, 0, 0, 4, 1, 0], [1, 0, 1, 4, 2, 0, 1, 0], ... is too short Remove interrupt-map restriction to workaround this warning for 'fsl,ls1088a-extirq', 'fsl,ls2080a-extirq' and fsl,lx2160a-extirq. Other keep the same restriction. Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20241007161823.811021-1-Frank.Li@nxp.com Signed-off-by: Rob Herring (Arm) commit e60099fa648666e4c1ff0fd90f3fece543896ff3 Author: Frank Li Date: Mon Oct 7 11:30:42 2024 -0400 dt-bindings: misc: fsl,qoriq-mc: remove ref for msi-parent msi-parent is standard property. Needn't ref to phandle. Add maxItems: 1 for it. Fix below warning: arch/arm64/boot/dts/freescale/fsl-ls1088a-ten64.dtb: fsl-mc@80c000000: msi-parent:0: [16, 0] is too long Reviewed-by: Krzysztof Kozlowski Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20241007153047.807723-1-Frank.Li@nxp.com Signed-off-by: Rob Herring (Arm) commit f8bc84b6096f1ffa67252f0f88d86e77f6bbe348 Author: Richard Gong Date: Fri Sep 13 11:29:03 2024 -0500 x86/amd_nb: Add new PCI ID for AMD family 1Ah model 20h Add new PCI ID for Device 18h and Function 4. Signed-off-by: Richard Gong Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Yazen Ghannam Link: https://lore.kernel.org/r/20240913162903.649519-1-richard.gong@amd.com Signed-off-by: Borislav Petkov (AMD) commit 79bc412ef787cf25773d0ece93f8739ce0e6ac1e Author: Hamza Mahfooz Date: Fri Oct 4 15:22:57 2024 -0400 drm/amd/display: fix hibernate entry for DCN35+ Since, two suspend-resume cycles are required to enter hibernate and, since we only need to enable idle optimizations in the first cycle (which is pretty much equivalent to s2idle). We can check in_s0ix, to prevent the system from entering idle optimizations before it actually enters hibernate (from display's perspective). Also, call dc_set_power_state() before dc_allow_idle_optimizations(), since it's safer to do so because dc_set_power_state() writes to DMUB. Acked-by: Alex Deucher Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher (cherry picked from commit 2fe79508d9c393bb9931b0037c5ecaee09a8dc39) Cc: stable@vger.kernel.org # 6.10+ commit 0a9906cc45d21e21ca8bb2b98b79fd7c05420fda Author: Josip Pavic Date: Tue Sep 24 17:25:54 2024 -0400 drm/amd/display: Clear update flags after update has been applied [Why] Since the surface/stream update flags aren't cleared after applying updates, those same updates may be applied again in a future call to update surfaces/streams for surfaces/streams that aren't actually part of that update (i.e. applying an update for one surface/stream can trigger unintended programming on a different surface/stream). For example, when an update results in a call to program_front_end_for_ctx, that function may call program_pipe on all pipes. If there are surface update flags that were never cleared on the surface some pipe is attached to, then the same update will be programmed again. [How] Clear the surface and stream update flags after applying the updates. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3441 Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3616 Cc: Melissa Wen Reviewed-by: Aric Cyr Signed-off-by: Josip Pavic Signed-off-by: Rodrigo Siqueira Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher (cherry picked from commit 7671f62c10f2a4c77d89b39fd50fab7f918d6809) Cc: stable@vger.kernel.org commit d6b9f492e229be1d1bd360c3ac5bee4635bacf99 Author: Alex Deucher Date: Wed Oct 2 17:27:25 2024 -0400 drm/amdgpu: partially revert powerplay `__counted_by` changes Partially revert commit 0ca9f757a0e2 ("drm/amd/pm: powerplay: Add `__counted_by` attribute for flexible arrays") The count attribute for these arrays does not get set until after the arrays are allocated and populated leading to false UBSAN warnings. Fixes: 0ca9f757a0e2 ("drm/amd/pm: powerplay: Add `__counted_by` attribute for flexible arrays") Reviewed-by: Mario Limonciello Reviewed-by: Lijo Lazar Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3662 Signed-off-by: Alex Deucher (cherry picked from commit 8a5ae927b653b43623e55610d2215ee94c027e8c) Cc: stable@vger.kernel.org commit 8e82d1199564ea0baab7be31f6558406bab4fe1d Author: Wu Hoi Pok Date: Fri Oct 4 09:05:59 2024 +0800 drm/radeon: add late_register for connector The patch is to solve null dereference in 'aux.dev', which is introduced in recent radeon rework. By having 'late_register', the connector should be registered after 'drm_dev_register' automatically, where in before it is the opposite. Fixes: 90985660ba48 ("drm/radeon: remove load callback from kms_driver") Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3665 Tested-by: Hans de Goede Suggested-by: Christophe Leroy Signed-off-by: Wu Hoi Pok Signed-off-by: Alex Deucher (cherry picked from commit b4c1ad70e279bacbc772a468033bdecce2f5e0dc) commit d7d7b947a4fa6d0a82ff2bf0db413edc63738e3a Author: Lang Yu Date: Fri Sep 27 18:27:46 2024 +0800 drm/amdkfd: Fix an eviction fence leak Only creating a new reference for each process instead of each VM. Fixes: 9a1c1339abf9 ("drm/amdkfd: Run restore_workers on freezable WQs") Suggested-by: Felix Kuehling Signed-off-by: Lang Yu Reviewed-by: Felix Kuehling Signed-off-by: Alex Deucher (cherry picked from commit 5fa436289483ae56427b0896c31f72361223c758) Cc: stable@vger.kernel.org commit 87d6aab2389e5ce0197d8257d5f8ee965a67c4cd Merge: 8cf0b93919e13d 221af82f606d92 Author: Linus Torvalds Date: Mon Oct 7 11:33:26 2024 -0700 Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost Pull virtio fixes from Michael Tsirkin: "Several small bugfixes all over the place. Most notably, fixes the vsock allocation with GFP_KERNEL in atomic context, which has been triggering warnings for lots of testers" * tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost: vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() vsock/virtio: use GFP_ATOMIC under RCU read lock virtio_console: fix misc probe bugs virtio_ring: tag event_triggered as racy for KCSAN vdpa/octeon_ep: Fix format specifier for pointers in debug messages commit 99ca0b57e49fb73624eede1c4396d9e3d10ccf14 Author: Zhang Rui Date: Mon Sep 30 16:17:57 2024 +0800 thermal: intel: int340x: processor: Fix warning during module unload The processor_thermal driver uses pcim_device_enable() to enable a PCI device, which means the device will be automatically disabled on driver detach. Thus there is no need to call pci_disable_device() again on it. With recent PCI device resource management improvements, e.g. commit f748a07a0b64 ("PCI: Remove legacy pcim_release()"), this problem is exposed and triggers the warining below. [ 224.010735] proc_thermal_pci 0000:00:04.0: disabling already-disabled device [ 224.010747] WARNING: CPU: 8 PID: 4442 at drivers/pci/pci.c:2250 pci_disable_device+0xe5/0x100 ... [ 224.010844] Call Trace: [ 224.010845] [ 224.010847] ? show_regs+0x6d/0x80 [ 224.010851] ? __warn+0x8c/0x140 [ 224.010854] ? pci_disable_device+0xe5/0x100 [ 224.010856] ? report_bug+0x1c9/0x1e0 [ 224.010859] ? handle_bug+0x46/0x80 [ 224.010862] ? exc_invalid_op+0x1d/0x80 [ 224.010863] ? asm_exc_invalid_op+0x1f/0x30 [ 224.010867] ? pci_disable_device+0xe5/0x100 [ 224.010869] ? pci_disable_device+0xe5/0x100 [ 224.010871] ? kfree+0x21a/0x2b0 [ 224.010873] pcim_disable_device+0x20/0x30 [ 224.010875] devm_action_release+0x16/0x20 [ 224.010878] release_nodes+0x47/0xc0 [ 224.010880] devres_release_all+0x9f/0xe0 [ 224.010883] device_unbind_cleanup+0x12/0x80 [ 224.010885] device_release_driver_internal+0x1ca/0x210 [ 224.010887] driver_detach+0x4e/0xa0 [ 224.010889] bus_remove_driver+0x6f/0xf0 [ 224.010890] driver_unregister+0x35/0x60 [ 224.010892] pci_unregister_driver+0x44/0x90 [ 224.010894] proc_thermal_pci_driver_exit+0x14/0x5f0 [processor_thermal_device_pci] ... [ 224.010921] ---[ end trace 0000000000000000 ]--- Remove the excess pci_disable_device() calls. Fixes: acd65d5d1cf4 ("thermal/drivers/int340x/processor_thermal: Add PCI MMIO based thermal driver") Signed-off-by: Zhang Rui Reviewed-by: Srinivas Pandruvada Link: https://patch.msgid.link/20240930081801.28502-3-rui.zhang@intel.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit 91e8f835a7eda4ba2c0c4002a3108a0e3b22d34e Author: Zhang Rui Date: Mon Sep 30 16:17:56 2024 +0800 powercap: intel_rapl_tpmi: Fix bogus register reading The TPMI_RAPL_REG_DOMAIN_INFO value needs to be multiplied by 8 to get the register offset. Cc: All applicable Fixes: 903eb9fb85e3 ("powercap: intel_rapl_tpmi: Fix System Domain probing") Signed-off-by: Zhang Rui Link: https://patch.msgid.link/20240930081801.28502-2-rui.zhang@intel.com [ rjw: Changelog edits ] Signed-off-by: Rafael J. Wysocki commit 1af7e441feb08cdaab8f4a320577ed0bba1f5896 Author: Hans de Goede Date: Sat Oct 5 23:28:19 2024 +0200 ACPI: resource: Fold Asus Vivobook Pro N6506M* DMI quirks together Asus Vivobook Pro 15 OLED comes in 3 N6506M* models: N6506MU: Intel Ultra 9 185H, 3K OLED, RTX4060 N6506MV: Intel Ultra 7 155H, 3K OLED, RTX4050 N6506MJ: Intel Ultra 7 155H, FHD OLED, RTX3050 Fold the 3 DMI quirks for these into a single quirk to reduce the number of quirks. Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20241005212819.354681-5-hdegoede@redhat.com Signed-off-by: Rafael J. Wysocki commit 158d0f3700fd7190df609a0a61294f29ae698d9e Author: Hans de Goede Date: Sat Oct 5 23:28:18 2024 +0200 ACPI: resource: Fold Asus ExpertBook B1402C* and B1502C* DMI quirks together Asus has 2 ExpertBook B1402C models: B1402CBA with 12th gen Intel CPUs B1402CVA with 13th gen Intel CPUs Fold the 2 DMI quirks for these into a single quirk to reduce the number of quirks. Likewise Asus has 3 ExpertBook B1502C models: B1502CBA with 12th gen Intel CPUs B1502CGA with 12th gen Intel N-series CPUs B1502CVA with 13th gen Intel CPUs Fold the 3 DMI quirks for these into a single quirk to reduce the number of quirks. Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20241005212819.354681-4-hdegoede@redhat.com Signed-off-by: Rafael J. Wysocki commit 435f2d87579e2408ab6502248f2270fc3c9e636e Author: Hans de Goede Date: Sat Oct 5 23:28:17 2024 +0200 ACPI: resource: Make Asus ExpertBook B2502 matches cover more models Like the various 14" Asus ExpertBook B2 B2402* models there are also 4 variants of the 15" Asus ExpertBook B2 B2502* models: B2502CBA: 12th gen Intel CPU, non flip B2502FBA: 12th gen Intel CPU, flip B2502CVA: 13th gen Intel CPU, non flip B2502FVA: 13th gen Intel CPU, flip Currently there already are DMI quirks for the B2502CBA, B2502FBA and B2502CVA models. Asus website shows that there also is a B2502FVA. Rather then adding a 4th quirk fold the 3 existing quirks into a single quirk covering B2502* to also cover the last model while at the same time reducing the number of quirks. Cc: All applicable Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20241005212819.354681-3-hdegoede@redhat.com Signed-off-by: Rafael J. Wysocki commit 564a278573783cd8859829767851744087e676d8 Author: Hans de Goede Date: Sat Oct 5 23:28:16 2024 +0200 ACPI: resource: Make Asus ExpertBook B2402 matches cover more models The Asus ExpertBook B2402CBA / B2402FBA are the non flip / flip versions of the 14" Asus ExpertBook B2 with 12th gen Intel processors. It has been reported that the B2402FVA which is the 14" Asus ExpertBook B2 flip with 13th gen Intel processors needs to skip the IRQ override too. And looking at Asus website there also is a B2402CVA which is the non flip model with 13th gen Intel processors. Summarizing the following 4 models of the Asus ExpertBook B2 are known: B2402CBA: 12th gen Intel CPU, non flip B2402FBA: 12th gen Intel CPU, flip B2402CVA: 13th gen Intel CPU, non flip B2402FVA: 13th gen Intel CPU, flip Fold the 2 existing quirks for the B2402CBA and B2402FBA into a single quirk covering B2402* to also cover the 2 other models while at the same time reducing the number of quirks. Reported-by: Stefan Blum Closes: https://lore.kernel.org/platform-driver-x86/a983e6d5-c7ab-4758-be9b-7dcfc1b44ed3@gmail.com/ Cc: All applicable Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20241005212819.354681-2-hdegoede@redhat.com Signed-off-by: Rafael J. Wysocki commit ab8851431bef5cc44f0f3f0da112e883fd4d0df5 Author: Timo Grautstueck Date: Sun Oct 6 16:02:44 2024 +0200 lib/Kconfig.debug: fix grammar in RUST_BUILD_ASSERT_ALLOW Just a grammar fix in lib/Kconfig.debug, under the config option RUST_BUILD_ASSERT_ALLOW. Reported-by: Miguel Ojeda Closes: https://github.com/Rust-for-Linux/linux/issues/1006 Fixes: ecaa6ddff2fd ("rust: add `build_error` crate") Signed-off-by: Timo Grautstueck Link: https://lore.kernel.org/r/20241006140244.5509-1-timo.grautstueck@web.de Signed-off-by: Miguel Ojeda commit c10e50a469b5ec91eabf653526a22bdce03a9bca Author: Dhananjay Ugwekar Date: Fri Oct 4 12:23:04 2024 +0000 cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems While switching the driver mode between active and passive, Collaborative Processor Performance Control (CPPC) is disabled in amd_pstate_unregister_driver(). But, it is not enabled back while registering the new driver (passive or active). This leads to the new driver mode not working correctly, so enable it back in amd_pstate_register_driver(). Fixes: 3ca7bc818d8c ("cpufreq: amd-pstate: Add guided mode control support via sysfs") Signed-off-by: Dhananjay Ugwekar Reviewed-by: Mario Limonciello Link: https://lore.kernel.org/r/20241004122303.94283-1-Dhananjay.Ugwekar@amd.com Signed-off-by: Mario Limonciello commit 221af82f606d928ccef19a16d35633c63026f1be Author: Haoran Zhang Date: Tue Oct 1 15:14:15 2024 -0500 vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() Since commit 3f8ca2e115e5 ("vhost/scsi: Extract common handling code from control queue handler") a null pointer dereference bug can be triggered when guest sends an SCSI AN request. In vhost_scsi_ctl_handle_vq(), `vc.target` is assigned with `&v_req.tmf.lun[1]` within a switch-case block and is then passed to vhost_scsi_get_req() which extracts `vc->req` and `tpg`. However, for a `VIRTIO_SCSI_T_AN_*` request, tpg is not required, so `vc.target` is set to NULL in this branch. Later, in vhost_scsi_get_req(), `vc->target` is dereferenced without being checked, leading to a null pointer dereference bug. This bug can be triggered from guest. When this bug occurs, the vhost_worker process is killed while holding `vq->mutex` and the corresponding tpg will remain occupied indefinitely. Below is the KASAN report: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] CPU: 1 PID: 840 Comm: poc Not tainted 6.10.0+ #1 Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:vhost_scsi_get_req+0x165/0x3a0 Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 2b 02 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 65 30 4c 89 e2 48 c1 ea 03 <0f> b6 04 02 4c 89 e2 83 e2 07 38 d0 7f 08 84 c0 0f 85 be 01 00 00 RSP: 0018:ffff888017affb50 EFLAGS: 00010246 RAX: dffffc0000000000 RBX: ffff88801b000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888017affcb8 RBP: ffff888017affb80 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: ffff888017affc88 R14: ffff888017affd1c R15: ffff888017993000 FS: 000055556e076500(0000) GS:ffff88806b100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000200027c0 CR3: 0000000010ed0004 CR4: 0000000000370ef0 Call Trace: ? show_regs+0x86/0xa0 ? die_addr+0x4b/0xd0 ? exc_general_protection+0x163/0x260 ? asm_exc_general_protection+0x27/0x30 ? vhost_scsi_get_req+0x165/0x3a0 vhost_scsi_ctl_handle_vq+0x2a4/0xca0 ? __pfx_vhost_scsi_ctl_handle_vq+0x10/0x10 ? __switch_to+0x721/0xeb0 ? __schedule+0xda5/0x5710 ? __kasan_check_write+0x14/0x30 ? _raw_spin_lock+0x82/0xf0 vhost_scsi_ctl_handle_kick+0x52/0x90 vhost_run_work_list+0x134/0x1b0 vhost_task_fn+0x121/0x350 ... ---[ end trace 0000000000000000 ]--- Let's add a check in vhost_scsi_get_req. Fixes: 3f8ca2e115e5 ("vhost/scsi: Extract common handling code from control queue handler") Signed-off-by: Haoran Zhang [whitespace fixes] Signed-off-by: Mike Christie Message-Id: Signed-off-by: Michael S. Tsirkin commit a194c985973276b2f280428c848f20369bb83734 Author: Michael S. Tsirkin Date: Wed Oct 2 09:35:20 2024 -0400 vsock/virtio: use GFP_ATOMIC under RCU read lock virtio_transport_send_pkt in now called on transport fast path, under RCU read lock. In that case, we have a bug: virtio_add_sgs is called with GFP_KERNEL, and might sleep. Pass the gfp flags as an argument, and use GFP_ATOMIC on the fast path. Link: https://lore.kernel.org/all/hfcr2aget2zojmqpr4uhlzvnep4vgskblx5b6xf2ddosbsrke7@nt34bxgp7j2x Fixes: efcd71af38be ("vsock/virtio: avoid queuing packets when intermediate queue is empty") Reported-by: Christian Brauner Cc: Stefano Garzarella Cc: Luigi Leonardi Message-ID: <3fbfb6e871f625f89eb578c7228e127437b1975a.1727876449.git.mst@redhat.com> Signed-off-by: Michael S. Tsirkin Reviewed-by: Pankaj Gupta Reviewed-by: Christian Brauner Reviewed-by: Luigi Leonardi Reviewed-by: Stefano Garzarella commit 2d6c668902e5834f54d7eb673318455492730cbf Author: Javier Carrasco Date: Wed Oct 2 03:08:11 2024 +0200 hwmon: (max1668) Add missing dependency on REGMAP_I2C This driver requires REGMAP_I2C to be selected in order to get access to regmap_config, regmap_bus, and devm_regmap_init_i2c. Add the missing dependency. Fixes: 021730acbca6 ("hwmon: (max1668) Convert to use regmap") Signed-off-by: Javier Carrasco Message-ID: <20241002-hwmon-select-regmap-v1-4-548d03268934@gmail.com> Signed-off-by: Guenter Roeck commit 7d4cc7fdc6c889608fff051530e6f0c617f71995 Author: Javier Carrasco Date: Wed Oct 2 03:08:10 2024 +0200 hwmon: (ltc2991) Add missing dependency on REGMAP_I2C This driver requires REGMAP_I2C to be selected in order to get access to regmap_config and devm_regmap_init_i2c. Add the missing dependency. Fixes: 2b9ea4262ae9 ("hwmon: Add driver for ltc2991") Signed-off-by: Javier Carrasco Message-ID: <20241002-hwmon-select-regmap-v1-3-548d03268934@gmail.com> Signed-off-by: Guenter Roeck commit b6abcc19566509ab4812bd5ae5df46515d0c1d70 Author: Javier Carrasco Date: Wed Oct 2 03:08:09 2024 +0200 hwmon: (adt7470) Add missing dependency on REGMAP_I2C This driver requires REGMAP_I2C to be selected in order to get access to regmap_config and devm_regmap_init_i2c. Add the missing dependency. Fixes: ef67959c4253 ("hwmon: (adt7470) Convert to use regmap") Signed-off-by: Javier Carrasco Message-ID: <20241002-hwmon-select-regmap-v1-2-548d03268934@gmail.com> Signed-off-by: Guenter Roeck commit 14849a2ec175bb8a2280ce20efe002bb19f1e274 Author: Javier Carrasco Date: Wed Oct 2 03:08:08 2024 +0200 hwmon: (adm9240) Add missing dependency on REGMAP_I2C This driver requires REGMAP_I2C to be selected in order to get access to regmap_config and devm_regmap_init_i2c. Add the missing dependency. Fixes: df885d912f67 ("hwmon: (adm9240) Convert to regmap") Signed-off-by: Javier Carrasco Message-ID: <20241002-hwmon-select-regmap-v1-1-548d03268934@gmail.com> Signed-off-by: Guenter Roeck commit 56c77c0f4a7c9043e7d1d94e0aace264361e6717 Author: Javier Carrasco Date: Wed Oct 2 02:31:25 2024 +0200 hwmon: (mc34vr500) Add missing dependency on REGMAP_I2C This driver requires REGMAP_I2C to be selected in order to get access to regmap_config and devm_regmap_init_i2c. Add the missing dependency. Fixes: 07830d9ab34c ("hwmon: add initial NXP MC34VR500 PMIC monitoring support") Signed-off-by: Javier Carrasco Message-ID: <20241002-mc34vr500-select-regmap_i2c-v1-1-a01875d0a2e5@gmail.com> Signed-off-by: Guenter Roeck commit 193bc02c664999581a1f38c152f379fce91afc0c Author: Guenter Roeck Date: Tue Oct 1 11:37:15 2024 -0700 hwmon: (tmp513) Add missing dependency on REGMAP_I2C 0-day reports: drivers/hwmon/tmp513.c:162:21: error: variable 'tmp51x_regmap_config' has initializer but incomplete type 162 | static const struct regmap_config tmp51x_regmap_config = { | ^ struct regmap_config is only available if REGMAP is enabled. Add the missing Kconfig dependency to fix the problem. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202410020246.2cTDDx0X-lkp@intel.com/ Fixes: 59dfa75e5d82 ("hwmon: Add driver for Texas Instruments TMP512/513 sensor chips.") Cc: Eric Tremblay Reviewed-by: Javier Carrasco Signed-off-by: Guenter Roeck commit 0fb09bf715736acfa7419d52f966aea2c0d57e7a Author: Javier Carrasco Date: Thu Sep 26 11:38:11 2024 +0200 hwmon: (adt7475) Fix memory leak in adt7475_fan_pwm_config() The device_for_each_child_node() loop requires calls to fwnode_handle_put() upon early returns to decrement the refcount of the child node and avoid leaking memory. There are multiple early returns within that loop in adt7475_fan_pwm_config(), but fwnode_handle_put() is never called. Instead of adding the missing calls, the scoped version of the loop can be used to simplify the code and avoid mistakes in the future if new early returns are added. This issue was recently introduced and it does not affect old kernels that do not support the scoped variant. Fixes: 777c97ff08d0 ("hwmon: (adt7475) Add support for configuring initial PWM state") Signed-off-by: Javier Carrasco Message-ID: <20240926-hwmon_adt7475_memleak-v1-1-89b8ee07507a@gmail.com> Signed-off-by: Guenter Roeck commit a017616fafc6b2a6b3043bf46f6381ef2611c188 Author: Peter Colberg Date: Thu Sep 19 13:34:17 2024 -0400 hwmon: intel-m10-bmc-hwmon: relabel Columbiaville to CVL Die Temperature Consistently use CVL instead of Columbiaville, since CVL is already being used in all other sensor labels for the Intel N6000 card. Fixes: e1983220ae14 ("hwmon: intel-m10-bmc-hwmon: Add N6000 sensors") Signed-off-by: Peter Colberg Reviewed-by: Michael Adler Message-ID: <20240919173417.867640-1-peter.colberg@intel.com> Signed-off-by: Guenter Roeck commit 8380dbf1b9ef66e3ce6c1d660fd7259637c2a929 Author: Miquel Raynal Date: Thu Oct 3 10:36:11 2024 +0200 ASoC: dt-bindings: davinci-mcasp: Fix interrupt properties Combinations of "tx" alone, "rx" alone and "tx", "rx" together are supposedly valid (see link below), which is not the case today as "rx" alone is not accepted by the current binding. Let's rework the two interrupt properties to expose all correct possibilities. Cc: Péter Ujfalusi Link: https://lore.kernel.org/linux-sound/20241003102552.2c11840e@xps-13/T/#m277fce1d49c50d94e071f7890aed472fa2c64052 Fixes: 8be90641a0bb ("ASoC: dt-bindings: davinci-mcasp: convert McASP bindings to yaml schema") Signed-off-by: Miquel Raynal Acked-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20241003083611.461894-1-miquel.raynal@bootlin.com Signed-off-by: Mark Brown commit 49da1463c9e3d2082276c3e0e2a8b65a88711cd2 Author: Zichen Xie Date: Sun Oct 6 15:57:37 2024 -0500 ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() A devm_kzalloc() in asoc_qcom_lpass_cpu_platform_probe() could possibly return NULL pointer. NULL Pointer Dereference may be triggerred without addtional check. Add a NULL check for the returned pointer. Fixes: b5022a36d28f ("ASoC: qcom: lpass: Use regmap_field for i2sctl and dmactl registers") Cc: stable@vger.kernel.org Signed-off-by: Zichen Xie Link: https://patch.msgid.link/20241006205737.8829-1-zichenxie0106@gmail.com Signed-off-by: Mark Brown commit 0b2ad4f6f2bec74a5287d96cb2325a5e11706f22 Author: Maíra Canal Date: Fri Oct 4 09:36:00 2024 -0300 drm/vc4: Stop the active perfmon before being destroyed Upon closing the file descriptor, the active performance monitor is not stopped. Although all perfmons are destroyed in `vc4_perfmon_close_file()`, the active performance monitor's pointer (`vc4->active_perfmon`) is still retained. If we open a new file descriptor and submit a few jobs with performance monitors, the driver will attempt to stop the active performance monitor using the stale pointer in `vc4->active_perfmon`. However, this pointer is no longer valid because the previous process has already terminated, and all performance monitors associated with it have been destroyed and freed. To fix this, when the active performance monitor belongs to a given process, explicitly stop it before destroying and freeing it. Cc: stable@vger.kernel.org # v4.17+ Cc: Boris Brezillon Cc: Juan A. Suarez Romero Fixes: 65101d8c9108 ("drm/vc4: Expose performance counters to userspace") Signed-off-by: Maíra Canal Reviewed-by: Juan A. Suarez Link: https://patchwork.freedesktop.org/patch/msgid/20241004123817.890016-2-mcanal@igalia.com commit 7d1fd3638ee3a9f9bca4785fffb638ca19120718 Author: Maíra Canal Date: Fri Oct 4 10:02:29 2024 -0300 drm/v3d: Stop the active perfmon before being destroyed When running `kmscube` with one or more performance monitors enabled via `GALLIUM_HUD`, the following kernel panic can occur: [ 55.008324] Unable to handle kernel paging request at virtual address 00000000052004a4 [ 55.008368] Mem abort info: [ 55.008377] ESR = 0x0000000096000005 [ 55.008387] EC = 0x25: DABT (current EL), IL = 32 bits [ 55.008402] SET = 0, FnV = 0 [ 55.008412] EA = 0, S1PTW = 0 [ 55.008421] FSC = 0x05: level 1 translation fault [ 55.008434] Data abort info: [ 55.008442] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000 [ 55.008455] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 55.008467] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 55.008481] user pgtable: 4k pages, 39-bit VAs, pgdp=00000001046c6000 [ 55.008497] [00000000052004a4] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000 [ 55.008525] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP [ 55.008542] Modules linked in: rfcomm [...] vc4 v3d snd_soc_hdmi_codec drm_display_helper gpu_sched drm_shmem_helper cec drm_dma_helper drm_kms_helper i2c_brcmstb drm drm_panel_orientation_quirks snd_soc_core snd_compress snd_pcm_dmaengine snd_pcm snd_timer snd backlight [ 55.008799] CPU: 2 PID: 166 Comm: v3d_bin Tainted: G C 6.6.47+rpt-rpi-v8 #1 Debian 1:6.6.47-1+rpt1 [ 55.008824] Hardware name: Raspberry Pi 4 Model B Rev 1.5 (DT) [ 55.008838] pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 55.008855] pc : __mutex_lock.constprop.0+0x90/0x608 [ 55.008879] lr : __mutex_lock.constprop.0+0x58/0x608 [ 55.008895] sp : ffffffc080673cf0 [ 55.008904] x29: ffffffc080673cf0 x28: 0000000000000000 x27: ffffff8106188a28 [ 55.008926] x26: ffffff8101e78040 x25: ffffff8101baa6c0 x24: ffffffd9d989f148 [ 55.008947] x23: ffffffda1c2a4008 x22: 0000000000000002 x21: ffffffc080673d38 [ 55.008968] x20: ffffff8101238000 x19: ffffff8104f83188 x18: 0000000000000000 [ 55.008988] x17: 0000000000000000 x16: ffffffda1bd04d18 x15: 00000055bb08bc90 [ 55.009715] x14: 0000000000000000 x13: 0000000000000000 x12: ffffffda1bd4cbb0 [ 55.010433] x11: 00000000fa83b2da x10: 0000000000001a40 x9 : ffffffda1bd04d04 [ 55.011162] x8 : ffffff8102097b80 x7 : 0000000000000000 x6 : 00000000030a5857 [ 55.011880] x5 : 00ffffffffffffff x4 : 0300000005200470 x3 : 0300000005200470 [ 55.012598] x2 : ffffff8101238000 x1 : 0000000000000021 x0 : 0300000005200470 [ 55.013292] Call trace: [ 55.013959] __mutex_lock.constprop.0+0x90/0x608 [ 55.014646] __mutex_lock_slowpath+0x1c/0x30 [ 55.015317] mutex_lock+0x50/0x68 [ 55.015961] v3d_perfmon_stop+0x40/0xe0 [v3d] [ 55.016627] v3d_bin_job_run+0x10c/0x2d8 [v3d] [ 55.017282] drm_sched_main+0x178/0x3f8 [gpu_sched] [ 55.017921] kthread+0x11c/0x128 [ 55.018554] ret_from_fork+0x10/0x20 [ 55.019168] Code: f9400260 f1001c1f 54001ea9 927df000 (b9403401) [ 55.019776] ---[ end trace 0000000000000000 ]--- [ 55.020411] note: v3d_bin[166] exited with preempt_count 1 This issue arises because, upon closing the file descriptor (which happens when we interrupt `kmscube`), the active performance monitor is not stopped. Although all perfmons are destroyed in `v3d_perfmon_close_file()`, the active performance monitor's pointer (`v3d->active_perfmon`) is still retained. If `kmscube` is run again, the driver will attempt to stop the active performance monitor using the stale pointer in `v3d->active_perfmon`. However, this pointer is no longer valid because the previous process has already terminated, and all performance monitors associated with it have been destroyed and freed. To fix this, when the active performance monitor belongs to a given process, explicitly stop it before destroying and freeing it. Cc: stable@vger.kernel.org # v5.15+ Closes: https://github.com/raspberrypi/linux/issues/6389 Fixes: 26a4dc29b74a ("drm/v3d: Expose performance counters to userspace") Signed-off-by: Maíra Canal Reviewed-by: Juan A. Suarez Link: https://patchwork.freedesktop.org/patch/msgid/20241004130625.918580-2-mcanal@igalia.com commit 50793801fc7f6d08def48754fb0f0706b0cfc394 Author: Darrick J. Wong Date: Thu Oct 3 08:09:48 2024 -0700 fsdax: dax_unshare_iter needs to copy entire blocks The code that copies data from srcmap to iomap in dax_unshare_iter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len passed to dax_file_unshare are not aligned to an fsblock boundary, the iter pos and length in the _iter function will reflect this unalignment. dax_iomap_direct_access always returns a pointer to the start of the kmapped fsdax page, even if its pos argument is in the middle of that page. This is catastrophic for data integrity when iter->pos is not aligned to a page, because daddr/saddr do not point to the same byte in the file as iter->pos. Hence we corrupt user data by copying it to the wrong place. If iter->pos + iomap_length() in the _iter function not aligned to a page, then we fail to copy a full block, and only partially populate the destination block. This is catastrophic for data confidentiality because we expose stale pmem contents. Fix both of these issues by aligning copy_pos/copy_len to a page boundary (remember, this is fsdax so 1 fsblock == 1 base page) so that we always copy full blocks. We're not done yet -- there's no call to invalidate_inode_pages2_range, so programs that have the file range mmap'd will continue accessing the old memory mapping after the file metadata updates have completed. Be careful with the return value -- if the unshare succeeds, we still need to return the number of bytes that the iomap iter thinks we're operating on. Cc: ruansy.fnst@fujitsu.com Fixes: d984648e428b ("fsdax,xfs: port unshare to fsdax") Signed-off-by: Darrick J. Wong Link: https://lore.kernel.org/r/172796813328.1131942.16777025316348797355.stgit@frogsfrogsfrogs Reviewed-by: Christoph Hellwig Signed-off-by: Christian Brauner commit 95472274b6fed8f2d30fbdda304e12174b3d4099 Author: Darrick J. Wong Date: Thu Oct 3 08:09:32 2024 -0700 fsdax: remove zeroing code from dax_unshare_iter Remove the code in dax_unshare_iter that zeroes the destination memory because it's not necessary. If srcmap is unwritten, we don't have to do anything because that unwritten extent came from the regular file mapping, and unwritten extents cannot be shared. The same applies to holes. Furthermore, zeroing to unshare a mapping is just plain wrong because unsharing means copy on write, and we should be copying data. This is effectively a revert of commit 13dd4e04625f ("fsdax: unshare: zero destination if srcmap is HOLE or UNWRITTEN") Cc: ruansy.fnst@fujitsu.com Signed-off-by: Darrick J. Wong Link: https://lore.kernel.org/r/172796813311.1131942.16033376284752798632.stgit@frogsfrogsfrogs Reviewed-by: Christoph Hellwig Signed-off-by: Christian Brauner commit 6ef6a0e821d3dad6bf8a5d5508762dba9042c84b Author: Darrick J. Wong Date: Thu Oct 3 08:09:16 2024 -0700 iomap: share iomap_unshare_iter predicate code with fsdax The predicate code that iomap_unshare_iter uses to decide if it's really needs to unshare a file range mapping should be shared with the fsdax version, because right now they're opencoded and inconsistent. Note that we simplify the predicate logic a bit -- we no longer allow unsharing of inline data mappings, but there aren't any filesystems that allow shared inline data currently. This is a fix in the sense that it should have been ported to fsdax. Fixes: b53fdb215d13 ("iomap: improve shared block detection in iomap_unshare_iter") Signed-off-by: Darrick J. Wong Link: https://lore.kernel.org/r/172796813294.1131942.15762084021076932620.stgit@frogsfrogsfrogs Reviewed-by: Christoph Hellwig Signed-off-by: Christian Brauner commit b8c4076db5fd24b3be047e033b1098a5366db2fc Author: Darrick J. Wong Date: Thu Oct 3 08:09:01 2024 -0700 xfs: don't allocate COW extents when unsharing a hole It doesn't make sense to allocate a COW extent when unsharing a hole because holes cannot be shared. Fixes: 1f1397b7218d7 ("xfs: don't allocate into the data fork for an unshare request") Signed-off-by: Darrick J. Wong Link: https://lore.kernel.org/r/172796813277.1131942.5486112889531210260.stgit@frogsfrogsfrogs Reviewed-by: Christoph Hellwig Signed-off-by: Christian Brauner commit 796a4049640b54cb1daf9e7fe543292c5ca02c74 Author: David Howells Date: Fri Oct 4 15:33:58 2024 +0100 netfs: In readahead, put the folio refs as soon extracted netfslib currently defers dropping the ref on the folios it obtains during readahead to after it has started I/O on the basis that we can do it whilst we wait for the I/O to complete, but this runs the risk of the I/O collection racing with this in future. Furthermore, Matthew Wilcox strongly suggests that the refs should be dropped immediately, as readahead_folio() does (netfslib is using __readahead_batch() which doesn't drop the refs). Fixes: ee4cdf7ba857 ("netfs: Speed up buffered reading") Suggested-by: Matthew Wilcox Signed-off-by: David Howells Link: https://lore.kernel.org/r/3771538.1728052438@warthog.procyon.org.uk cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Signed-off-by: Christian Brauner commit 39845764a0ca01a89dca4ff5b4e9d896ee410054 Author: Oliver Neukum Date: Mon Oct 7 11:39:48 2024 +0200 USB: yurex: kill needless initialization in yurex_read This prevented the compiler from catching the patch that broke the driver. Signed-off-by: Oliver Neukum Link: https://lore.kernel.org/r/20241007094004.242122-2-oneukum@suse.com Signed-off-by: Greg Kroah-Hartman commit 71c717cd8a2e180126932cc6851ff21c1d04d69a Author: Oliver Neukum Date: Mon Oct 7 11:39:47 2024 +0200 Revert "usb: yurex: Replace snprintf() with the safer scnprintf() variant" This reverts commit 86b20af11e84c26ae3fde4dcc4f490948e3f8035. This patch leads to passing 0 to simple_read_from_buffer() as a fifth argument, turning the read method into a nop. The change is fundamentally flawed, as it breaks the driver. Signed-off-by: Oliver Neukum Cc: stable Link: https://lore.kernel.org/r/20241007094004.242122-1-oneukum@suse.com Signed-off-by: Greg Kroah-Hartman commit 841dd5b122b4b8080ede69c5f72fd6057da43f8a Author: Josua Mayer Date: Wed Oct 2 15:07:16 2024 +0200 arm64: dts: marvell: cn9130-sr-som: fix cp0 mdio pin numbers SolidRun CN9130 SoM actually uses CP_MPP[0:1] for mdio. CP_MPP[40] provides reference clock for dsa switch and ethernet phy on Clearfog Pro, wheras MPP[41] controls efuse programming voltage "VHV". Update the cp0 mdio pinctrl node to specify mpp0, mpp1. Fixes: 1c510c7d82e5 ("arm64: dts: add description for solidrun cn9130 som and clearfog boards") Cc: stable@vger.kernel.org # 6.11.x Signed-off-by: Josua Mayer Reviewed-by: Andrew Lunn Link: https://lore.kernel.org/stable/20241002-cn9130-som-mdio-v1-1-0942be4dc550%40solid-run.com Signed-off-by: Gregory CLEMENT commit 3f0ab59e6537c6a8f9e1b355b48f9c05a76e8563 Author: Sabrina Dubroca Date: Tue Oct 1 18:48:14 2024 +0200 xfrm: validate new SA's prefixlen using SA family when sel.family is unset This expands the validation introduced in commit 07bf7908950a ("xfrm: Validate address prefix lengths in the xfrm selector.") syzbot created an SA with usersa.sel.family = AF_UNSPEC usersa.sel.prefixlen_s = 128 usersa.family = AF_INET Because of the AF_UNSPEC selector, verify_newsa_info doesn't put limits on prefixlen_{s,d}. But then copy_from_user_state sets x->sel.family to usersa.family (AF_INET). Do the same conversion in verify_newsa_info before validating prefixlen_{s,d}, since that's how prefixlen is going to be used later on. Reported-by: syzbot+cc39f136925517aed571@syzkaller.appspotmail.com Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Sabrina Dubroca Signed-off-by: Steffen Klassert commit 2d0f973b5f1c369671d0c59e103d15f4f6f775c9 Author: Bartosz Wawrzyniak Date: Thu Oct 3 12:34:02 2024 +0000 phy: cadence: Sierra: Fix offset of DEQ open eye algorithm control register Fix the value of SIERRA_DEQ_OPENEYE_CTRL_PREG and add a definition for SIERRA_DEQ_TAU_EPIOFFSET_MODE_PREG. This fixes the SGMII single link register configuration. Fixes: 7a5ad9b4b98c ("phy: cadence: Sierra: Update single link PCIe register configuration") Signed-off-by: Bartosz Wawrzyniak Link: https://lore.kernel.org/r/20241003123405.1101157-1-bwawrzyn@cisco.com Signed-off-by: Vinod Koul commit cb4c7df596a9048a6025e96e62fe698f15ec1992 Author: Sam Edwards Date: Thu Oct 3 20:41:30 2024 -0700 phy: usb: Fix missing elements in BCM4908 USB init array The Broadcom USB PHY driver contains a lookup table (`reg_bits_map_tables`) to resolve register bitmaps unique to certain versions of the USB PHY as found in various Broadcom chip families. A recent commit (see 'fixes' tag) introduced two new elements to each chip family in this table -- except for one: BCM4908. This resulted in the xHCI controller not being initialized correctly, causing a panic on boot. The next patch will update this table to use designated initializers in order to prevent this from happening again. For now, just add back the missing array elements to resolve the regression. Fixes: 4536fe9640b6 ("phy: usb: suppress OC condition for 7439b2") Signed-off-by: Sam Edwards Reviewed-by: Justin Chen Reviewed-by: Florian Fainelli Link: https://lore.kernel.org/r/20241004034131.1363813-2-CFSworks@gmail.com Signed-off-by: Vinod Koul commit 90a71daaf73f5d39bb0cbb3c7ab6af942fe6233e Author: Brian Foster Date: Tue Sep 3 08:47:13 2024 -0400 xfs: skip background cowblock trims on inodes open for write The background blockgc scanner runs on a 5m interval by default and trims preallocation (post-eof and cow fork) from inodes that are otherwise idle. Idle effectively means that iolock can be acquired without blocking and that the inode has no dirty pagecache or I/O in flight. This simple mechanism and heuristic has worked fairly well for post-eof speculative preallocations. Support for reflink and COW fork preallocations came sometime later and plugged into the same mechanism, with similar heuristics. Some recent testing has shown that COW fork preallocation may be notably more sensitive to blockgc processing than post-eof preallocation, however. For example, consider an 8GB reflinked file with a COW extent size hint of 1MB. A worst case fully randomized overwrite of this file results in ~8k extents of an average size of ~1MB. If the same workload is interrupted a couple times for blockgc processing (assuming the file goes idle), the resulting extent count explodes to over 100k extents with an average size <100kB. This is significantly worse than ideal and essentially defeats the COW extent size hint mechanism. While this particular test is instrumented, it reflects a fairly reasonable pattern in practice where random I/Os might spread out over a large period of time with varying periods of (in)activity. For example, consider a cloned disk image file for a VM or container with long uptime and variable and bursty usage. A background blockgc scan that races and processes the image file when it happens to be clean and idle can have a significant effect on the future fragmentation level of the file, even when still in use. To help combat this, update the heuristic to skip cowblocks inodes that are currently opened for write access during non-sync blockgc scans. This allows COW fork preallocations to persist for as long as possible unless otherwise needed for functional purposes (i.e. a sync scan), the file is idle and closed, or the inode is being evicted from cache. While here, update the comments to help distinguish performance oriented heuristics from the logic that exists to maintain functional correctness. Suggested-by: Darrick Wong Signed-off-by: Brian Foster Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit 6aac77059881e4419df499392c995bf02fb9630b Author: Christoph Hellwig Date: Wed Sep 18 07:30:10 2024 +0200 xfs: support lowmode allocations in xfs_bmap_exact_minlen_extent_alloc Currently the debug-only xfs_bmap_exact_minlen_extent_alloc allocation variant fails to drop into the lowmode last resort allocator, and thus can sometimes fail allocations for which the caller has a transaction block reservation. Fix this by using xfs_bmap_btalloc_low_space to do the actual allocation. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit 405ee87c6938f67e6ab62a3f8f85b3c60a093886 Author: Christoph Hellwig Date: Wed Sep 18 07:30:09 2024 +0200 xfs: call xfs_bmap_exact_minlen_extent_alloc from xfs_bmap_btalloc xfs_bmap_exact_minlen_extent_alloc duplicates the args setup in xfs_bmap_btalloc. Switch to call it from xfs_bmap_btalloc after doing the basic setup. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit b611fddc0435738e64453bbf1dadd4b12a801858 Author: Christoph Hellwig Date: Wed Sep 18 07:30:08 2024 +0200 xfs: don't ifdef around the exact minlen allocations Exact minlen allocations only exist as an error injection tool for debug builds. Currently this is implemented using ifdefs, which means the code isn't even compiled for non-XFS_DEBUG builds. Enhance the compile test coverage by always building the code and use the compilers' dead code elimination to remove it from the generated binary instead. The only downside is that the alloc_minlen_only field is unconditionally added to struct xfs_alloc_args now, but by moving it around and packing it tightly this doesn't actually increase the size of the structure. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit 865469cd41bce2b04bef9539cbf70676878bc8df Author: Christoph Hellwig Date: Wed Sep 18 07:30:07 2024 +0200 xfs: fold xfs_bmap_alloc_userdata into xfs_bmapi_allocate Userdata and metadata allocations end up in the same allocation helpers. Remove the separate xfs_bmap_alloc_userdata function to make this more clear. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit b3f4e84e2f438a119b7ca8684a25452b3e57c0f0 Author: Christoph Hellwig Date: Wed Sep 18 07:30:06 2024 +0200 xfs: distinguish extra split from real ENOSPC from xfs_attr_node_try_addname Just like xfs_attr3_leaf_split, xfs_attr_node_try_addname can return -ENOSPC both for an actual failure to allocate a disk block, but also to signal the caller to convert the format of the attr fork. Use magic 1 to ask for the conversion here as well. Note that unlike the similar issue in xfs_attr3_leaf_split, this one was only found by code review. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit a5f73342abe1f796140f6585e43e2aa7bc1b7975 Author: Christoph Hellwig Date: Wed Sep 18 07:30:05 2024 +0200 xfs: distinguish extra split from real ENOSPC from xfs_attr3_leaf_split xfs_attr3_leaf_split propagates the need for an extra btree split as -ENOSPC to it's only caller, but the same return value can also be returned from xfs_da_grow_inode when it fails to find free space. Distinguish the two cases by returning 1 for the extra split case instead of overloading -ENOSPC. This can be triggered relatively easily with the pending realtime group support and a file system with a lot of small zones that use metadata space on the main device. In this case every about 5-10th run of xfs/538 runs into the following assert: ASSERT(oldblk->magic == XFS_ATTR_LEAF_MAGIC); in xfs_attr3_leaf_split caused by an allocation failure. Note that the allocation failure is caused by another bug that will be fixed subsequently, but this commit at least sorts out the error handling. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit 346c1d46d4c631c0c88592d371f585214d714da4 Author: Christoph Hellwig Date: Wed Sep 18 07:30:04 2024 +0200 xfs: return bool from xfs_attr3_leaf_add xfs_attr3_leaf_add only has two potential return values, indicating if the entry could be added or not. Replace the errno return with a bool so that ENOSPC from it can't easily be confused with a real ENOSPC. Remove the return value from the xfs_attr3_leaf_add_work helper entirely, as it always return 0. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit b1c649da15c2e4c86344c8e5af69c8afa215efec Author: Christoph Hellwig Date: Wed Sep 18 07:30:03 2024 +0200 xfs: merge xfs_attr_leaf_try_add into xfs_attr_leaf_addname xfs_attr_leaf_try_add is only called by xfs_attr_leaf_addname, and merging the two will simplify a following error handling fix. To facilitate this move the remote block state save/restore helpers up in the file so that they don't need forward declarations now. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit 20195d011c840b01fa91a85ebcd099ca95fbf8fc Author: Uros Bizjak Date: Mon Sep 23 14:22:17 2024 +0200 xfs: Use try_cmpxchg() in xlog_cil_insert_pcp_aggregate() Use !try_cmpxchg instead of cmpxchg (*ptr, old, new) != old in xlog_cil_insert_pcp_aggregate(). x86 CMPXCHG instruction returns success in ZF flag, so this change saves a compare after cmpxchg. Also, try_cmpxchg implicitly assigns old *ptr value to "old" when cmpxchg fails. There is no need to re-read the value in the loop. Note that the value from *ptr should be read using READ_ONCE to prevent the compiler from merging, refetching or reordering the read. No functional change intended. Signed-off-by: Uros Bizjak Reviewed-by: Christoph Hellwig Cc: Chandan Babu R Cc: Darrick J. Wong Reviewed-by: Dave Chinner Signed-off-by: Carlos Maiolino commit 6148b77960cc43547e4b819bfa5f064fb83dc2ae Author: Yan Zhen Date: Tue Sep 10 20:28:42 2024 +0800 xfs: scrub: convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Yan Zhen Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit f6225eebd76f371dab98b4d1c1a7c1e255190aef Author: Zhang Zekun Date: Fri Sep 6 14:02:43 2024 +0800 xfs: Remove empty declartion in header file The definition of xfs_attr_use_log_assist() has been removed since commit d9c61ccb3b09 ("xfs: move xfs_attr_use_log_assist out of xfs_log.c"). So, Remove the empty declartion in header files. Signed-off-by: Zhang Zekun Reviewed-by: Christoph Hellwig Signed-off-by: Carlos Maiolino commit ae6f70c66748640739356bb1938dbdbc9e42eb44 Author: Chandan Babu R Date: Wed Sep 25 17:25:09 2024 +0530 MAINTAINERS: add Carlos Maiolino as XFS release manager I nominate Carlos Maiolino to take over linux-xfs tree maintainer role for upstream kernel's XFS code. He has enough experience in Linux kernel and he's been maintaining xfsprogs and xfsdump trees for a few years now, so he has sufficient experience with xfs workflow to take over this role. Signed-off-by: Chandan Babu R Acked-by: Carlos Maiolino Reviewed-by: Darrick J. Wong Signed-off-by: Carlos Maiolino commit bd2b7f62a0d5feda8b21c7371058e8cd2956151a Author: Fiona Behrens Date: Sun Sep 22 19:57:29 2024 +0200 mailmap: update mail for Fiona Behrens Remove old mails of Fiona Behrens Signed-off-by: Fiona Behrens Link: https://lore.kernel.org/r/20240922175729.233070-1-me@kloenk.dev Signed-off-by: Greg Kroah-Hartman commit 63271b7d569fbe924bccc7dadc17d3d07a4e5f7a Author: Pali Rohár Date: Sat Oct 5 16:02:56 2024 +0200 cifs: Fix creating native symlinks pointing to current or parent directory Calling 'ln -s . symlink' or 'ln -s .. symlink' creates symlink pointing to some object name which ends with U+F029 unicode codepoint. This is because trailing dot in the object name is replaced by non-ASCII unicode codepoint. So Linux SMB client currently is not able to create native symlink pointing to current or parent directory on Windows SMB server which can be read by either on local Windows server or by any other SMB client which does not implement compatible-reverse character replacement. Fix this problem in cifsConvertToUTF16() function which is doing that character replacement. Function comment already says that it does not need to handle special cases '.' and '..', but after introduction of native symlinks in reparse point form, this handling is needed. Note that this change depends on the previous change "cifs: Improve creating native symlinks pointing to directory". Signed-off-by: Pali Rohár Signed-off-by: Steve French commit 3eb40512530e4f64f819d8e723b6f41695dace5a Author: Pali Rohár Date: Sat Oct 5 16:02:55 2024 +0200 cifs: Improve creating native symlinks pointing to directory SMB protocol for native symlinks distinguish between symlink to directory and symlink to file. These two symlink types cannot be exchanged, which means that symlink of file type pointing to directory cannot be resolved at all (and vice-versa). Windows follows this rule for local filesystems (NTFS) and also for SMB. Linux SMB client currenly creates all native symlinks of file type. Which means that Windows (and some other SMB clients) cannot resolve symlinks pointing to directory created by Linux SMB client. As Linux system does not distinguish between directory and file symlinks, its API does not provide enough information for Linux SMB client during creating of native symlinks. Add some heuristic into the Linux SMB client for choosing the correct symlink type during symlink creation. Check if the symlink target location ends with slash, or last path component is dot or dot-dot, and check if the target location on SMB share exists and is a directory. If at least one condition is truth then create a new SMB symlink of directory type. Otherwise create it as file type symlink. This change improves interoperability with Windows systems. Windows systems would be able to resolve more SMB symlinks created by Linux SMB client which points to existing directory. Signed-off-by: Pali Rohár Signed-off-by: Steve French commit 4cc2718f621a6a57a02581125bb6d914ce74d23b Author: Jani Nikula Date: Tue Sep 24 18:30:22 2024 +0300 drm/i915/hdcp: fix connector refcounting We acquire a connector reference before scheduling an HDCP prop work, and expect the work function to release the reference. However, if the work was already queued, it won't be queued multiple times, and the reference is not dropped. Release the reference immediately if the work was already queued. Fixes: a6597faa2d59 ("drm/i915: Protect workers against disappearing connectors") Cc: Sean Paul Cc: Suraj Kandpal Cc: Ville Syrjälä Cc: stable@vger.kernel.org # v5.10+ Reviewed-by: Suraj Kandpal Link: https://patchwork.freedesktop.org/patch/msgid/20240924153022.2255299-1-jani.nikula@intel.com Signed-off-by: Jani Nikula (cherry picked from commit abc0742c79bdb3b164eacab24aea0916d2ec1cb5) Signed-off-by: Joonas Lahtinen commit f7c9134385331c5ef36252895130aa01a92de907 Author: Jens Axboe Date: Sun Oct 6 10:40:36 2024 -0600 io_uring/rw: allow pollable non-blocking attempts for !FMODE_NOWAIT The checking for whether or not io_uring can do a non-blocking read or write attempt is gated on FMODE_NOWAIT. However, if the file is pollable, it's feasible to just check if it's currently in a state in which it can sanely receive or send _some_ data. This avoids unnecessary io-wq punts, and repeated worthless retries before doing that punt, by assuming that some data can get delivered or received if poll tells us that is true. It also allows multishot reads to properly work with these types of files, enabling a bit of a cleanup of the logic that: c9d952b9103b ("io_uring/rw: fix cflags posting for single issue multishot read") had to put in place. Signed-off-by: Jens Axboe commit 8cf0b93919e13d1e8d4466eb4080a4c4d9d66d7b Author: Linus Torvalds Date: Sun Oct 6 15:32:27 2024 -0700 Linux 6.12-rc2 commit 2a130b7e1fcdd83633c4aa70998c314d7c38b476 Merge: c8d9f2c7aa599d 82cb44308951ad Author: Linus Torvalds Date: Sun Oct 6 11:34:55 2024 -0700 Merge tag 'kbuild-fixes-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild Pull Kbuild fixes from Masahiro Yamada: - Move non-boot built-in DTBs to the .rodata section - Fix Kconfig bugs - Fix maint scripts in the linux-image Debian package - Import some list macros to scripts/include/ * tag 'kbuild-fixes-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild: kbuild: deb-pkg: Remove blank first line from maint scripts kbuild: fix a typo dt_binding_schema -> dt_binding_schemas scripts: import more list macros kconfig: qconf: fix buffer overflow in debug links kconfig: qconf: move conf_read() before drawing tree pain kconfig: clear expr::val_is_valid when allocated kconfig: fix infinite loop in sym_calc_choice() kbuild: move non-boot built-in DTBs to .rodata section commit c8d9f2c7aa599dcebab63400f7eaa767629faf04 Merge: 4563243edeeb3d 2fae3129c0c08e Author: Linus Torvalds Date: Sun Oct 6 11:11:01 2024 -0700 Merge tag 'platform-drivers-x86-v6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86 Pull x86 platform driver fixes from Hans de Goede: - Intel PMC fix for suspend/resume issues on some Sky and Kaby Lake laptops - Intel Diamond Rapids hw-id additions - Documentation and MAINTAINERS fixes - Some other small fixes * tag 'platform-drivers-x86-v6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86: platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors platform/x86: wmi: Update WMI driver API documentation platform/x86: dell-ddv: Fix typo in documentation platform/x86: dell-sysman: add support for alienware products platform/x86/intel: power-domains: Add Diamond Rapids support platform/x86: ISST: Add Diamond Rapids to support list platform/x86:intel/pmc: Disable ACPI PM Timer disabling on Sky and Kaby Lake platform/x86: dell-laptop: Do not fail when encountering unsupported batteries MAINTAINERS: Update Intel In Field Scan(IFS) entry platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug commit 4563243edeeb3dc17355a80ec16bbfdc675702cb Merge: b3ce5c30a0e05e c8d430db8eec7d Author: Linus Torvalds Date: Sun Oct 6 10:53:28 2024 -0700 Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm Pull kvm fixes from Paolo Bonzini: "ARM64: - Fix pKVM error path on init, making sure we do not change critical system registers as we're about to fail - Make sure that the host's vector length is at capped by a value common to all CPUs - Fix kvm_has_feat*() handling of "negative" features, as the current code is pretty broken - Promote Joey to the status of official reviewer, while James steps down -- hopefully only temporarly x86: - Fix compilation with KVM_INTEL=KVM_AMD=n - Fix disabling KVM_X86_QUIRK_SLOT_ZAP_ALL when shadow MMU is in use Selftests: - Fix compilation on non-x86 architectures" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: x86/reboot: emergency callbacks are now registered by common KVM code KVM: x86: leave kvm.ko out of the build if no vendor module is requested KVM: x86/mmu: fix KVM_X86_QUIRK_SLOT_ZAP_ALL for shadow MMU KVM: arm64: Fix kvm_has_feat*() handling of negative features KVM: selftests: Fix build on architectures other than x86_64 KVM: arm64: Another reviewer reshuffle KVM: arm64: Constrain the host to the maximum shared SVE VL with pKVM KVM: arm64: Fix __pkvm_init_vcpu cptr_el2 error path commit b3ce5c30a0e05ee3600c82925bebaa4dc1b29cfd Merge: 8f602276d39026 4b058c9f281f5b Author: Linus Torvalds Date: Sun Oct 6 10:43:00 2024 -0700 Merge tag 'powerpc-6.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux Pull powerpc fix from Michael Ellerman: - Allow r30 to be used in vDSO code generation of getrandom Thanks to Jason A. Donenfeld * tag 'powerpc-6.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux: powerpc/vdso: allow r30 in vDSO code generation of getrandom commit 82cb44308951ad4ce7a8500b9e025d27d7fb3526 Author: Aaron Thompson Date: Fri Oct 4 07:52:45 2024 +0000 kbuild: deb-pkg: Remove blank first line from maint scripts The blank line causes execve() to fail: # strace ./postinst execve("./postinst", ...) = -1 ENOEXEC (Exec format error) strace: exec: Exec format error +++ exited with 1 +++ However running the scripts via shell does work (at least with bash) because the shell attempts to execute the file as a shell script when execve() fails. Fixes: b611daae5efc ("kbuild: deb-pkg: split image and debug objects staging out into functions") Signed-off-by: Aaron Thompson Reviewed-by: Nathan Chancellor Reviewed-by: Nicolas Schier Signed-off-by: Masahiro Yamada commit d939881a15b13c028257471d8853d12d83686bcc Author: Xu Yang Date: Wed Sep 25 13:32:30 2024 +0800 kbuild: fix a typo dt_binding_schema -> dt_binding_schemas If we follow "make help" to "make dt_binding_schema", we will see below error: $ make dt_binding_schema make[1]: *** No rule to make target 'dt_binding_schema'. Stop. make: *** [Makefile:224: __sub-make] Error 2 It should be a typo. So this will fix it. Fixes: 604a57ba9781 ("dt-bindings: kbuild: Add separate target/dependency for processed-schema.json") Signed-off-by: Xu Yang Reviewed-by: Nicolas Schier Signed-off-by: Masahiro Yamada commit c14a30468230c608731f36569bfd9785bb486131 Author: Sami Tolvanen Date: Mon Sep 23 18:18:47 2024 +0000 scripts: import more list macros Import list_is_first, list_is_last, list_replace, and list_replace_init. Signed-off-by: Sami Tolvanen Signed-off-by: Masahiro Yamada commit ccf9af8b0dadd0aecc24503ef289cbc178208418 Author: Mohammed Anees Date: Sun Oct 6 01:34:35 2024 +0530 iioc: dac: ltc2664: Fix span variable usage in ltc2664_channel_config() In the current implementation of the ltc2664_channel_config() function, a variable named span is declared and initialized to 0, intended to capture the return value of the ltc2664_set_span() function. However, the output of ltc2664_set_span() is directly assigned to chan->span, leaving span unchanged. As a result, when the function later checks if (span < 0), this condition will never trigger an error since span remains 0, this flaw leads to ineffective error handling. Resolve this issue by using the ret variable to get the return value and later assign it if successful and remove unused span variable. Fixes: 4cc2fc445d2e ("iio: dac: ltc2664: Add driver for LTC2664 and LTC2672") Signed-off-by: Mohammed Anees Link: https://patch.msgid.link/20241005200435.25061-1-pvmohammedanees2003@gmail.com Cc: Signed-off-by: Jonathan Cameron commit 27b6aa68a68105086aef9f0cb541cd688e5edea8 Author: Javier Carrasco Date: Thu Oct 3 18:49:40 2024 +0200 iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig This driver makes use of regmap_mmio, but does not select the required module. Add the missing 'select REGMAP_MMIO'. Fixes: 4d4b30526eb8 ("iio: dac: add support for stm32 DAC") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241003-ad2s1210-select-v1-8-4019453f8c33@gmail.com Cc: Signed-off-by: Jonathan Cameron commit 252ff06a4cb4e572cb3c7fcfa697db96b08a7781 Author: Javier Carrasco Date: Thu Oct 3 18:49:39 2024 +0200 iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig This driver makes use of regmap_spi, but does not select the required module. Add the missing 'select REGMAP_SPI'. Fixes: 8316cebd1e59 ("iio: dac: add support for ltc1660") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241003-ad2s1210-select-v1-7-4019453f8c33@gmail.com Cc: Signed-off-by: Jonathan Cameron commit bcdab6f74c91cda19714354fd4e9e3ef3c9a78b3 Author: Javier Carrasco Date: Thu Oct 3 18:49:38 2024 +0200 iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig This driver makes use of regmap_spi, but does not select the required module. Add the missing 'select REGMAP_SPI'. Fixes: cbbb819837f6 ("iio: dac: ad5770r: Add AD5770R support") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241003-ad2s1210-select-v1-6-4019453f8c33@gmail.com Cc: Signed-off-by: Jonathan Cameron commit b7983033a10baa0d98784bb411b2679bfb207d9a Author: Javier Carrasco Date: Thu Oct 3 18:49:37 2024 +0200 iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig This driver makes use of regmap_spi, but does not select the required module. Add the missing 'select REGMAP_SPI'. Fixes: 28b4c30bfa5f ("iio: amplifiers: ada4250: add support for ADA4250") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241003-ad2s1210-select-v1-5-4019453f8c33@gmail.com Cc: Signed-off-by: Jonathan Cameron commit c64643ed4eaa5dfd0b3bab7ef1c50b84f3dbaba4 Author: Javier Carrasco Date: Thu Oct 3 18:49:35 2024 +0200 iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig This driver makes use of regmap_spi, but does not select the required module. Add the missing 'select REGMAP_SPI'. Fixes: eda549e2e524 ("iio: frequency: adf4377: add support for ADF4377") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241003-ad2s1210-select-v1-3-4019453f8c33@gmail.com Cc: Signed-off-by: Jonathan Cameron commit 2caa67b6251c802e0c2257920b225c765e86bf4a Author: Javier Carrasco Date: Thu Oct 3 18:49:34 2024 +0200 iio: resolver: ad2s1210: add missing select (TRIGGERED_)BUFFER in Kconfig This driver makes use of triggered buffers, but does not select the required modules. Add the missing 'select IIO_BUFFER' and 'select IIO_TRIGGERED_BUFFER'. Fixes: 128b9389db0e ("staging: iio: resolver: ad2s1210: add triggered buffer support") Signed-off-by: Javier Carrasco Reviewed-by: David Lechner Link: https://patch.msgid.link/20241003-ad2s1210-select-v1-2-4019453f8c33@gmail.com Cc: Signed-off-by: Jonathan Cameron commit 17a99360184cf02b2b3bc3c1972e777326bfa63b Author: Javier Carrasco Date: Thu Oct 3 18:49:33 2024 +0200 iio: resolver: ad2s1210 add missing select REGMAP in Kconfig This driver makes use of regmap, but does not select the required module. Add the missing 'select REGMAP'. Fixes: b3689e14415a ("staging: iio: resolver: ad2s1210: use regmap for config registers") Signed-off-by: Javier Carrasco Reviewed-by: David Lechner Link: https://patch.msgid.link/20241003-ad2s1210-select-v1-1-4019453f8c33@gmail.com Cc: Signed-off-by: Jonathan Cameron commit 75461a0b15d7c026924d0001abce0476bbc7eda8 Author: Javier Carrasco Date: Thu Oct 3 23:04:59 2024 +0200 iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig This driver makes use of triggered buffers, but does not select the required modules. Add the missing 'select IIO_BUFFER' and 'select IIO_TRIGGERED_BUFFER'. Fixes: 16b05261537e ("mb1232.c: add distance iio sensor with i2c") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241003-iio-select-v1-13-67c0385197cd@gmail.com Cc: Signed-off-by: Jonathan Cameron commit 3f7b25f6ad0925b9ae9b70656a49abb5af111483 Author: Javier Carrasco Date: Thu Oct 3 23:04:58 2024 +0200 iio: pressure: bm1390: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig This driver makes use of triggered buffers, but does not select the required modules. Add the missing 'select IIO_BUFFER' and 'select IIO_TRIGGERED_BUFFER'. Note the original driver patch had wrong part number hence the odd fixes entry. Fixes: 81ca5979b6ed ("iio: pressure: Support ROHM BU1390") Signed-off-by: Javier Carrasco Acked-by: Matti Vaittinen Link: https://patch.msgid.link/20241003-iio-select-v1-12-67c0385197cd@gmail.com Cc: Signed-off-by: Jonathan Cameron commit fbb913895e3da36cb42e1e7a5a3cae1c6d150cf6 Author: Javier Carrasco Date: Thu Oct 3 23:04:57 2024 +0200 iio: magnetometer: af8133j: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig This driver makes use of triggered buffers, but does not select the required modules. Add the missing 'select IIO_BUFFER' and 'select IIO_TRIGGERED_BUFFER'. Fixes: 1d8f4b04621f ("iio: magnetometer: add a driver for Voltafield AF8133J magnetometer") Signed-off-by: Javier Carrasco Reviewed-by: Andrey Skvortsov Link: https://patch.msgid.link/20241003-iio-select-v1-11-67c0385197cd@gmail.com Cc: Signed-off-by: Jonathan Cameron commit aa99ef68eff5bc6df4959a372ae355b3b73f9930 Author: Javier Carrasco Date: Thu Oct 3 23:04:56 2024 +0200 iio: light: bu27008: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig This driver makes use of triggered buffers, but does not select the required modules. Add the missing 'select IIO_BUFFER' and 'select IIO_TRIGGERED_BUFFER'. Fixes: 41ff93d14f78 ("iio: light: ROHM BU27008 color sensor") Signed-off-by: Javier Carrasco Acked-by: Matti Vaittinen Link: https://patch.msgid.link/20241003-iio-select-v1-10-67c0385197cd@gmail.com Cc: Signed-off-by: Jonathan Cameron commit 3fd8bbf93926162eb59153a5bcd2a53b0cc04cf0 Author: Javier Carrasco Date: Thu Oct 3 23:04:55 2024 +0200 iio: chemical: ens160: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig This driver makes use of triggered buffers, but does not select the required modules. Add the missing 'select IIO_BUFFER' and 'select IIO_TRIGGERED_BUFFER'. Fixes: 0fc26596b4b3 ("iio: chemical: ens160: add triggered buffer support") Signed-off-by: Javier Carrasco Acked-by: Gustavo Silva Link: https://patch.msgid.link/20241003-iio-select-v1-9-67c0385197cd@gmail.com Cc: Signed-off-by: Jonathan Cameron commit 62ec3df342cca6a8eb7ed33fd4ac8d0fbfcb9391 Author: Javier Carrasco Date: Thu Oct 3 23:04:54 2024 +0200 iio: dac: ad5766: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig This driver makes use of triggered buffers, but does not select the required modules. Add the missing 'select IIO_BUFFER' and 'select IIO_TRIGGERED_BUFFER'. Fixes: 885b9790c25a ("drivers:iio:dac:ad5766.c: Add trigger buffer") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241003-iio-select-v1-8-67c0385197cd@gmail.com Cc: Signed-off-by: Jonathan Cameron commit 5bede948670f447154df401458aef4e2fd446ba8 Author: Javier Carrasco Date: Thu Oct 3 23:04:53 2024 +0200 iio: dac: ad3552r: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig This driver makes use of triggered buffers, but does not select the required modules. Add the missing 'select IIO_BUFFER' and 'select IIO_TRIGGERED_BUFFER'. Fixes: 8f2b54824b28 ("drivers:iio:dac: Add AD3552R driver support") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241003-iio-select-v1-7-67c0385197cd@gmail.com Cc: Signed-off-by: Jonathan Cameron commit a985576af824426e33100554a5958a6beda60a13 Author: Javier Carrasco Date: Thu Oct 3 23:04:52 2024 +0200 iio: adc: ti-lmp92064: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig This driver makes use of triggered buffers, but does not select the required modules. Add the missing 'select IIO_BUFFER' and 'select IIO_TRIGGERED_BUFFER'. Fixes: 6c7bc1d27bb2 ("iio: adc: ti-lmp92064: add buffering support") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241003-iio-select-v1-6-67c0385197cd@gmail.com Cc: Signed-off-by: Jonathan Cameron commit f3fe8c52c580e99c6dc0c7859472ec48176af32d Author: Javier Carrasco Date: Thu Oct 3 23:04:51 2024 +0200 iio: adc: ti-lmp92064: add missing select REGMAP_SPI in Kconfig This driver makes use of regmap_spi, but does not select the required module. Add the missing 'select REGMAP_SPI'. Fixes: 627198942641 ("iio: adc: add ADC driver for the TI LMP92064 controller") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241003-iio-select-v1-5-67c0385197cd@gmail.com Cc: Signed-off-by: Jonathan Cameron commit eb143d05def52bc6d193e813018e5fa1a0e47c77 Author: Javier Carrasco Date: Thu Oct 3 23:04:49 2024 +0200 iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig This driver makes use of triggered buffers, but does not select the required modules. Add the missing 'select IIO_BUFFER' and 'select IIO_TRIGGERED_BUFFER'. Fixes: e717f8c6dfec ("iio: adc: Add the TI ads124s08 ADC code") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20241003-iio-select-v1-3-67c0385197cd@gmail.com Cc: Signed-off-by: Jonathan Cameron commit f4dc96f05149d5e14d7a03c3b16171098847fee9 Author: Javier Carrasco Date: Thu Oct 3 23:04:48 2024 +0200 iio: adc: ad7944: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig This driver makes use of triggered buffers, but does not select the required modules. Add the missing 'select IIO_BUFFER' and 'select IIO_TRIGGERED_BUFFER'. Fixes: d1efcf8871db ("iio: adc: ad7944: add driver for AD7944/AD7985/AD7986") Signed-off-by: Javier Carrasco Reviewed-by: David Lechner Link: https://patch.msgid.link/20241003-iio-select-v1-2-67c0385197cd@gmail.com Cc: Signed-off-by: Jonathan Cameron commit 96666f05d11acf0370cedca17a4c3ab6f9554b35 Author: Javier Carrasco Date: Thu Oct 3 23:04:47 2024 +0200 iio: accel: kx022a: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig This driver makes use of triggered buffers, but does not select the required modules. Add the missing 'select IIO_BUFFER' and 'select IIO_TRIGGERED_BUFFER'. Fixes: 7c1d1677b322 ("iio: accel: Support Kionix/ROHM KX022A accelerometer") Signed-off-by: Javier Carrasco Acked-by: Matti Vaittinen Link: https://patch.msgid.link/20241003-iio-select-v1-1-67c0385197cd@gmail.com Cc: Signed-off-by: Jonathan Cameron commit c9d952b9103b600ddafc5d1c0e2f2dbd30f0b805 Author: Jens Axboe Date: Sat Oct 5 19:06:50 2024 -0600 io_uring/rw: fix cflags posting for single issue multishot read If multishot gets disabled, and hence the request will get terminated rather than persist for more iterations, then posting the CQE with the right cflags is still important. Most notably, the buffer reference needs to be included. Refactor the return of __io_read() a bit, so that the provided buffer is always put correctly, and hence returned to the application. Reported-by: Sharon Rosner Link: https://github.com/axboe/liburing/issues/1257 Cc: stable@vger.kernel.org Fixes: 2a975d426c82 ("io_uring/rw: don't allow multishot reads without NOWAIT support") Signed-off-by: Jens Axboe commit 2fae3129c0c08e72b1fe93e61fd8fd203252094a Author: Hans de Goede Date: Sat Oct 5 15:05:45 2024 +0200 platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors x86_android_tablet_remove() frees the pdevs[] array, so it should not be used after calling x86_android_tablet_remove(). When platform_device_register() fails, store the pdevs[x] PTR_ERR() value into the local ret variable before calling x86_android_tablet_remove() to avoid using pdevs[] after it has been freed. Fixes: 5eba0141206e ("platform/x86: x86-android-tablets: Add support for instantiating platform-devs") Fixes: e2200d3f26da ("platform/x86: x86-android-tablets: Add gpio_keys support to x86_android_tablet_init()") Cc: stable@vger.kernel.org Reported-by: Aleksandr Burakov Closes: https://lore.kernel.org/platform-driver-x86/20240917120458.7300-1-a.burakov@rosalinux.ru/ Signed-off-by: Hans de Goede Link: https://lore.kernel.org/r/20241005130545.64136-1-hdegoede@redhat.com commit 5984b40f5bcd41bfd08359cdb9c8cb7ca9d3cc60 Author: Armin Wolf Date: Sat Oct 5 23:38:24 2024 +0200 platform/x86: wmi: Update WMI driver API documentation The WMI driver core now passes the WMI event data to legacy notify handlers, so WMI devices sharing notification IDs are now being handled properly. Fixes: e04e2b760ddb ("platform/x86: wmi: Pass event data directly to legacy notify handlers") Signed-off-by: Armin Wolf Link: https://lore.kernel.org/r/20241005213825.701887-1-W_Armin@gmx.de Signed-off-by: Hans de Goede commit 7b954b9ba007d03ba26135ac49b2c93208cf090e Author: Anaswara T Rajan Date: Sat Oct 5 12:30:56 2024 +0530 platform/x86: dell-ddv: Fix typo in documentation Fix typo in word 'diagnostics' in documentation. Signed-off-by: Anaswara T Rajan Reviewed-by: Armin Wolf Link: https://lore.kernel.org/r/20241005070056.16326-1-anaswaratrajan@gmail.com Signed-off-by: Hans de Goede commit a561509b4187a8908eb7fbb2d1bf35bbc20ec74b Author: Crag Wang Date: Fri Oct 4 23:27:58 2024 +0800 platform/x86: dell-sysman: add support for alienware products Alienware supports firmware-attributes and has its own OEM string. Signed-off-by: Crag Wang Link: https://lore.kernel.org/r/20241004152826.93992-1-crag_wang@dell.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit e16f7eee7c80f9ec7084e06efbe2398586dbf38e Author: Srinivas Pandruvada Date: Thu Oct 3 14:55:54 2024 -0700 platform/x86/intel: power-domains: Add Diamond Rapids support Add Diamond Rapids (INTEL_PANTHERCOVE_X) to tpmi_cpu_ids to support domaid id mappings. Signed-off-by: Srinivas Pandruvada Link: https://lore.kernel.org/r/20241003215554.3013807-3-srinivas.pandruvada@linux.intel.com Signed-off-by: Hans de Goede commit 2f95a035b8fdd3bba58228212a01bb114f541b03 Author: Srinivas Pandruvada Date: Thu Oct 3 14:55:53 2024 -0700 platform/x86: ISST: Add Diamond Rapids to support list Add Diamond Rapids (INTEL_PANTHERCOVE_X) to SST support list by adding to isst_cpu_ids. Signed-off-by: Srinivas Pandruvada Link: https://lore.kernel.org/r/20241003215554.3013807-2-srinivas.pandruvada@linux.intel.com Signed-off-by: Hans de Goede commit 0bdb4e57a1b0622685e6973321d7c417fb386b42 Author: Hans de Goede Date: Thu Oct 3 22:26:13 2024 +0200 platform/x86:intel/pmc: Disable ACPI PM Timer disabling on Sky and Kaby Lake There have been multiple reports that the ACPI PM Timer disabling is causing Sky and Kaby Lake systems to hang on all suspend (s2idle, s3, hibernate) methods. Remove the acpi_pm_tmr_ctl_offset and acpi_pm_tmr_disable_bit settings from spt_reg_map to disable the ACPI PM Timer disabling on Sky and Kaby Lake to fix the hang on suspend. Fixes: e86c8186d03a ("platform/x86:intel/pmc: Enable the ACPI PM Timer to be turned off when suspended") Reported-by: Paul Menzel Closes: https://lore.kernel.org/linux-pm/18784f62-91ff-4d88-9621-6c88eb0af2b5@molgen.mpg.de/ Reported-by: Todd Brandt Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219346 Cc: Marek Maslanka Signed-off-by: Hans de Goede Tested-by: Todd Brandt Tested-by: Paul Menzel # Dell XPS 13 9360/0596KF Acked-by: Rafael J. Wysocki Link: https://lore.kernel.org/r/20241003202614.17181-2-hdegoede@redhat.com commit b6c57b70a343da512e0fdcae9a097b3aa506b9bb Author: Armin Wolf Date: Tue Oct 1 23:28:35 2024 +0200 platform/x86: dell-laptop: Do not fail when encountering unsupported batteries If the battery hook encounters a unsupported battery, it will return an error. This in turn will cause the battery driver to automatically unregister the battery hook. On machines with multiple batteries however, this will prevent the battery hook from handling the primary battery, since it will always get unregistered upon encountering one of the unsupported batteries. Fix this by simply ignoring unsupported batteries. Reviewed-by: Pali Rohár Fixes: ab58016c68cc ("platform/x86:dell-laptop: Add knobs to change battery charge settings") Signed-off-by: Armin Wolf Link: https://lore.kernel.org/r/20241001212835.341788-4-W_Armin@gmx.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit ed0e64d85fe79db0472531e6bf43d8fe2524c75c Author: Jithu Joseph Date: Tue Oct 1 10:08:08 2024 -0700 MAINTAINERS: Update Intel In Field Scan(IFS) entry Ashok is no longer with Intel and his e-mail address will start bouncing soon. Update his email address to the new one he provided to ensure correct contact details in the MAINTAINERS file. Signed-off-by: Jithu Joseph Link: https://lore.kernel.org/r/20241001170808.203970-1-jithu.joseph@intel.com Signed-off-by: Hans de Goede commit c8d430db8eec7d4fd13a6bea27b7086a54eda6da Merge: 2a5fe5a01668e8 a1d402abf8e3ff Author: Paolo Bonzini Date: Sun Oct 6 03:59:22 2024 -0400 Merge tag 'kvmarm-fixes-6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD KVM/arm64 fixes for 6.12, take #1 - Fix pKVM error path on init, making sure we do not change critical system registers as we're about to fail - Make sure that the host's vector length is at capped by a value common to all CPUs - Fix kvm_has_feat*() handling of "negative" features, as the current code is pretty broken - Promote Joey to the status of official reviewer, while James steps down -- hopefully only temporarly commit 2a5fe5a01668e831af1de3951718fbf88b9a9b9c Author: Paolo Bonzini Date: Tue Oct 1 10:34:58 2024 -0400 x86/reboot: emergency callbacks are now registered by common KVM code Guard them with CONFIG_KVM_X86_COMMON rather than the two vendor modules. In practice this has no functional change, because CONFIG_KVM_X86_COMMON is set if and only if at least one vendor-specific module is being built. However, it is cleaner to specify CONFIG_KVM_X86_COMMON for functions that are used in kvm.ko. Reported-by: Linus Torvalds Fixes: 590b09b1d88e ("KVM: x86: Register "emergency disable" callbacks when virt is enabled") Fixes: 6d55a94222db ("x86/reboot: Unconditionally define cpu_emergency_virt_cb typedef") Signed-off-by: Paolo Bonzini commit ea4290d77bda2bd1f173a86f07aa79b568e0a6f8 Author: Paolo Bonzini Date: Tue Oct 1 10:15:01 2024 -0400 KVM: x86: leave kvm.ko out of the build if no vendor module is requested kvm.ko is nothing but library code shared by kvm-intel.ko and kvm-amd.ko. It provides no functionality on its own and it is unnecessary unless one of the vendor-specific module is compiled. In particular, /dev/kvm is not created until one of kvm-intel.ko or kvm-amd.ko is loaded. Use CONFIG_KVM to decide if it is built-in or a module, but use the vendor-specific modules for the actual decision on whether to build it. This also fixes a build failure when CONFIG_KVM_INTEL and CONFIG_KVM_AMD are both disabled. The cpu_emergency_register_virt_callback() function is called from kvm.ko, but it is only defined if at least one of CONFIG_KVM_INTEL and CONFIG_KVM_AMD is provided. Fixes: 590b09b1d88e ("KVM: x86: Register "emergency disable" callbacks when virt is enabled") Signed-off-by: Paolo Bonzini commit cba31b7eee41eb34941d040bddaed3628f160cae Author: Kent Overstreet Date: Sat Sep 28 23:30:05 2024 -0400 bcachefs: Delete vestigal check_inode() checks BCH_INODE_i_size_dirty dates from before we had logged operations for truncate (as well as finsert) - it hasn't been needed since before bcachefs was mainlined. BCH_INODE_i_sectors_dirty hasn't been needed since we started always updating i_sectors transactionally - it's been unused for even longer. BCH_INODE_backptr_untrusted also hasn't been used since prior to mainlining; when unlinking a hardling, we zero out the backpointer fields if they're for the dirent being removed. Signed-off-by: Kent Overstreet commit 12f286085bf592346cffa93d8e21b0cc2c01f9fe Author: Kent Overstreet Date: Fri Oct 4 21:40:13 2024 -0400 bcachefs: btree_iter_peek_upto() now handles BTREE_ITER_all_snapshots end_pos now compares against snapshot ID when required Signed-off-by: Kent Overstreet commit 38864eccf78b4e8ab9e2b7a4320943b1feb6872a Author: Kent Overstreet Date: Mon Sep 30 19:03:19 2024 -0400 bcachefs: reattach_inode() now correctly handles interior snapshot nodes When we find an unreachable inode, we now reattach it in the oldest version that needs to be reattached (thus avoiding redundant work reattaching every single version), and we now fix up inode -> dirent backpointers in newer versions as needed - or white out the reattaching dirent in newer versions, if the newer version isn't supposed to be reattached. This results in the second verify fsck now passing cleanly after repairing on a user-provided filesystem image with thousands of different snapshots. Reported-by: Christopher Snowhill Signed-off-by: Kent Overstreet commit bade9711e0905eaa99e2ed98fc9642acaf9ba2b5 Author: Kent Overstreet Date: Sun Sep 29 23:40:28 2024 -0400 bcachefs: Split out check_unreachable_inodes() pass With inode backpointers, we can write a very simple check_unreachable_inodes() pass that only looks for non-unlinked inodes that are missing backpointers, and reattaches them. This simplifies check_directory_structure() so that it's now only checking for directory structure loops, Signed-off-by: Kent Overstreet commit bf4baaa087e2be0279991f1dbf9acaa7a4c9148c Author: Kent Overstreet Date: Sat Oct 5 17:37:02 2024 -0400 bcachefs: Fix lockdep splat in bch2_accounting_read We can't take sb_lock while holding mark_lock, so split out replicas_entry_validate() and replicas_entry_sb_validate() - replicas_entry_validate() now uses the normal online device interface. 00039 ========= TEST set_option 00039 00039 WATCHDOG 30 00040 bcachefs (vdb): starting version 1.12: rebalance_work_acct_fix opts=errors=panic 00040 bcachefs (vdb): initializing new filesystem 00040 bcachefs (vdb): going read-write 00040 bcachefs (vdb): marking superblocks 00040 bcachefs (vdb): initializing freespace 00040 bcachefs (vdb): done initializing freespace 00040 bcachefs (vdb): reading snapshots table 00040 bcachefs (vdb): reading snapshots done 00040 bcachefs (vdb): done starting filesystem 00040 zstd 00041 bcachefs (vdb): shutting down 00041 bcachefs (vdb): going read-only 00041 bcachefs (vdb): finished waiting for writes to stop 00041 bcachefs (vdb): flushing journal and stopping allocators, journal seq 3 00041 bcachefs (vdb): flushing journal and stopping allocators complete, journal seq 11 00041 bcachefs (vdb): shutdown complete, journal seq 12 00041 bcachefs (vdb): marking filesystem clean 00041 bcachefs (vdb): shutdown complete 00041 Setting option on offline fs 00041 bch2_write_super(): fatal error : attempting to write superblock that wasn't version downgraded (1.12: (unknown version) > 1.10: disk_accounting_v3) 00041 fatal error - emergency read only 00041 bch2_write_super(): fatal error : attempting to write superblock that wasn't version downgraded (1.12: (unknown version) > 1.10: disk_accounting_v3) 00042 bcachefs (vdb): starting version 1.12: rebalance_work_acct_fix opts=errors=panic,compression=zstd 00042 bcachefs (vdb): recovering from clean shutdown, journal seq 12 00042 bcachefs (vdb): accounting_read... 00042 00042 ====================================================== 00042 WARNING: possible circular locking dependency detected 00042 6.12.0-rc1-ktest-g805e938a8502 #6807 Not tainted 00042 ------------------------------------------------------ 00042 mount.bcachefs/665 is trying to acquire lock: 00045 ffffff80cc280908 (&c->sb_lock){+.+.}-{3:3}, at: bch2_replicas_entry_validate (fs/bcachefs/replicas.c:102) 00045 00045 but task is already holding lock: 00048 ffffff80cc284870 (&c->mark_lock){++++}-{0:0}, at: bch2_accounting_read (fs/bcachefs/disk_accounting.c:670 (discriminator 1)) 00048 00048 which lock already depends on the new lock. 00048 00048 00048 the existing dependency chain (in reverse order) is: 00048 00048 -> #1 (&c->mark_lock){++++}-{0:0}: 00049 percpu_down_write (kernel/locking/percpu-rwsem.c:232) 00052 bch2_sb_replicas_to_cpu_replicas (fs/bcachefs/replicas.c:583) 00055 bch2_sb_to_fs (fs/bcachefs/super-io.c:614) 00057 bch2_fs_open (fs/bcachefs/super.c:828 fs/bcachefs/super.c:2050) 00060 bch2_fs_get_tree (fs/bcachefs/fs.c:2067) 00062 vfs_get_tree (fs/super.c:1801) 00064 path_mount (fs/namespace.c:3507 fs/namespace.c:3834) 00066 __arm64_sys_mount (fs/namespace.c:3847 fs/namespace.c:4055 fs/namespace.c:4032 fs/namespace.c:4032) 00067 invoke_syscall.constprop.0 (arch/arm64/include/asm/syscall.h:61 arch/arm64/kernel/syscall.c:54) 00068 do_el0_svc (include/linux/thread_info.h:127 (discriminator 2) arch/arm64/kernel/syscall.c:140 (discriminator 2) arch/arm64/kernel/syscall.c:151 (discriminator 2)) 00069 el0_svc (arch/arm64/include/asm/irqflags.h:82 arch/arm64/include/asm/irqflags.h:123 arch/arm64/include/asm/irqflags.h:136 arch/arm64/kernel/entry-common.c:165 arch/arm64/kernel/entry-common.c:178 arch/arm64/kernel/entry-common.c:713) 00069 ========= FAILED TIMEOUT set_option in 30s Signed-off-by: Kent Overstreet commit 0a97195d2181caced187acd7454464b8e37021d7 Author: Rajendra Nayak Date: Tue Sep 3 15:45:10 2024 +0530 EDAC/qcom: Make irq configuration optional On most modern qualcomm SoCs, the configuration necessary to enable the Tag/Data RAM related irqs being propagated to the SoC irq controller is already done in firmware (in DSF or 'DDR System Firmware') On some like the x1e80100, these registers aren't even accesible to the kernel causing a crash when edac device is probed. Hence, make the irq configuration optional in the driver and mark x1e80100 as the SoC on which this should be avoided. Fixes: af16b00578a7 ("arm64: dts: qcom: Add base X1E80100 dtsi and the QCP dts") Reported-by: Bjorn Andersson Signed-off-by: Rajendra Nayak Reviewed-by: Manivannan Sadhasivam Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240903101510.3452734-1-quic_rjendra@quicinc.com Signed-off-by: Bjorn Andersson commit ca61d6836e6f4442a77762e1074d2706a2a6e578 Author: Bartosz Golaszewski Date: Mon Sep 30 10:33:28 2024 +0200 firmware: qcom: scm: fix a NULL-pointer dereference Some SCM calls can be invoked with __scm being NULL (the driver may not have been and will not be probed as there's no SCM entry in device-tree). Make sure we don't dereference a NULL pointer. Fixes: 449d0d84bcd8 ("firmware: qcom: scm: smc: switch to using the SCM allocator") Reported-by: Rudraksha Gupta Closes: https://lore.kernel.org/lkml/692cfe9a-8c05-4ce4-813e-82b3f310019a@gmail.com/ Reviewed-by: Konrad Dybcio Tested-by: Rudraksha Gupta Reviewed-by: Dmitry Baryshkov Reviewed-by: Stephan Gerhold Signed-off-by: Bartosz Golaszewski Reviewed-by: Kuldeep Singh Link: https://lore.kernel.org/r/20240930083328.17904-1-brgl@bgdev.pl Signed-off-by: Bjorn Andersson commit d67907154808745b0fae5874edc7b0f78d33991c Author: Johan Hovold Date: Wed Oct 2 12:01:21 2024 +0200 firmware: qcom: scm: suppress download mode error Stop spamming the logs with errors about missing mechanism for setting the so called download (or dump) mode for users that have not requested that feature to be enabled in the first place. This avoids the follow error being logged on boot as well as on shutdown when the feature it not available and download mode has not been enabled on the kernel command line: qcom_scm firmware:scm: No available mechanism for setting download mode Fixes: 79cb2cb8d89b ("firmware: qcom: scm: Disable SDI and write no dump to dump mode") Fixes: 781d32d1c970 ("firmware: qcom_scm: Clear download bit during reboot") Cc: Mukesh Ojha Cc: stable@vger.kernel.org # 6.4 Signed-off-by: Johan Hovold Reviewed-by: Mukesh Ojha Link: https://lore.kernel.org/r/20241002100122.18809-2-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit 0b80b3c0f6d20f1bc1f7fea6176a8df15619e884 Author: Johan Hovold Date: Mon Sep 16 10:23:07 2024 +0200 arm64: dts: qcom: x1e80100: fix PCIe5 PHY clocks Add the missing clkref enable and pipediv2 clocks to the PCIe5 PHY. Fixes: 62ab23e15508 ("arm64: dts: qcom: x1e80100: add PCIe5 nodes") Signed-off-by: Johan Hovold Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240916082307.29393-4-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit 27727cb6604e0998d03d9ec063b517b239d2bb0f Author: Johan Hovold Date: Mon Sep 16 10:23:06 2024 +0200 arm64: dts: qcom: x1e80100: fix PCIe4 and PCIe6a PHY clocks Add the missing clkref enable and pipediv2 clocks to the PCIe4 and PCIe6a PHYs. Fixes: 5eb83fc10289 ("arm64: dts: qcom: x1e80100: Add PCIe nodes") Cc: stable@vger.kernel.org # 6.9 Cc: Abel Vesa Signed-off-by: Johan Hovold Reviewed-by: Abel Vesa Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240916082307.29393-3-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit 8f602276d3902642fdc3429b548d73c745446601 Merge: fc20a3e57247e2 0f25eb4b60771f Author: Linus Torvalds Date: Sat Oct 5 15:18:04 2024 -0700 Merge tag 'bcachefs-2024-10-05' of git://evilpiepirate.org/bcachefs Pull bcachefs fixes from Kent Overstreet: "A lot of little fixes, bigger ones include: - bcachefs's __wait_on_freeing_inode() was broken in rc1 due to vfs changes, now fixed along with another lost wakeup - fragmentation LRU fixes; fsck now repairs successfully (this is the data structure copygc uses); along with some nice simplification. - Rework logged op error handling, so that if logged op replay errors (due to another filesystem error) we delete the logged op instead of going into an infinite loop) - Various small filesystem connectivitity repair fixes" * tag 'bcachefs-2024-10-05' of git://evilpiepirate.org/bcachefs: bcachefs: Rework logged op error handling bcachefs: Add warn param to subvol_get_snapshot, peek_inode bcachefs: Kill snapshot arg to fsck_write_inode() bcachefs: Check for unlinked, non-empty dirs in check_inode() bcachefs: Check for unlinked inodes with dirents bcachefs: Check for directories with no backpointers bcachefs: Kill alloc_v4.fragmentation_lru bcachefs: minor lru fsck fixes bcachefs: Mark more errors AUTOFIX bcachefs: Make sure we print error that causes fsck to bail out bcachefs: bkey errors are only AUTOFIX during read bcachefs: Create lost+found in correct snapshot bcachefs: Fix reattach_inode() bcachefs: Add missing wakeup to bch2_inode_hash_remove() bcachefs: Fix trans_commit disk accounting revert bcachefs: Fix bch2_inode_is_open() check bcachefs: Fix return type of dirent_points_to_inode_nowarn() bcachefs: Fix bad shift in bch2_read_flag_list() commit c88c150a467fcb670a1608e2272beeee3e86df6e Author: Olga Kornievskaia Date: Fri Oct 4 18:04:03 2024 -0400 nfsd: fix possible badness in FREE_STATEID When multiple FREE_STATEIDs are sent for the same delegation stateid, it can lead to a possible either use-after-free or counter refcount underflow errors. In nfsd4_free_stateid() under the client lock we find a delegation stateid, however the code drops the lock before calling nfs4_put_stid(), that allows another FREE_STATE to find the stateid again. The first one will proceed to then free the stateid which leads to either use-after-free or decrementing already zeroed counter. Fixes: 3f29cc82a84c ("nfsd: split sc_status out of sc_type") Signed-off-by: Olga Kornievskaia Reviewed-by: Benjamin Coddington Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit fc20a3e57247e21e1bd582f604b20bf898f7d111 Merge: fdd0a94dcf7fde 9af48210ea5f15 Author: Linus Torvalds Date: Sat Oct 5 10:59:44 2024 -0700 Merge tag 'for-linus-6.12a-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip Pull xen fix from Juergen Gross: "Fix Xen config issue introduced in the merge window" * tag 'for-linus-6.12a-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip: xen: Fix config option reference in XEN_PRIVCMD definition commit fdd0a94dcf7fdebaebe1b9c59614a41b6f9aa651 Merge: 7c50f221837e96 6121258c2b33ce Author: Linus Torvalds Date: Sat Oct 5 10:47:00 2024 -0700 Merge tag 'ext4_for_linus-5.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 Pull ext4 fixes from Ted Ts'o: "Fix some ext4 bugs and regressions relating to oneline resize and fast commits" * tag 'ext4_for_linus-5.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4: ext4: fix off by one issue in alloc_flex_gd() ext4: mark fc as ineligible using an handle in ext4_xattr_set() ext4: use handle to mark fc as ineligible in __track_dentry_update() commit 7c50f221837e9672e67f0a6be40ee02974cd7851 Merge: 3a28c9e12828ad ee1e3c46ed19c0 Author: Linus Torvalds Date: Sat Oct 5 10:40:16 2024 -0700 Merge tag 'cxl-fixes-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/cxl/cxl Pull cxl fix from Ira Weiny: - Fix calculation for SBDF in error injection * tag 'cxl-fixes-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/cxl/cxl: EINJ, CXL: Fix CXL device SBDF calculation commit 3a28c9e12828adcc899a9738783f1380f077a260 Merge: 60b9f47eb3b01f 3689245dedfd61 Author: Linus Torvalds Date: Sat Oct 5 10:31:04 2024 -0700 Merge tag 'i2c-for-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux Pull i2c fix from Wolfram Sang: - Fix potential deadlock during runtime suspend and resume (stm32f7) * tag 'i2c-for-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume commit 60b9f47eb3b01f829a94f7fea81bc8d59ff93dc2 Merge: 9ec2236a0260f8 65fbec3121eb7a Author: Linus Torvalds Date: Sat Oct 5 10:25:04 2024 -0700 Merge tag 'spi-fix-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi Pull spi fixes from Mark Brown: "A small set of driver specific fixes that came in since the merge window, about half of which is fixes for correctness in the use of the runtime PM APIs done as part of a broader cleanup" * tag 'spi-fix-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi: spi: s3c64xx: fix timeout counters in flush_fifo spi: atmel-quadspi: Fix wrong register value written to MR spi: spi-cadence: Fix missing spi_controller_is_target() check spi: spi-cadence: Fix pm_runtime_set_suspended() with runtime pm enabled spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled commit 9ec2236a0260f88362ab00510d19397c0e396587 Merge: fb9b76749adb28 045244dd5d75c6 Author: Linus Torvalds Date: Sat Oct 5 10:19:14 2024 -0700 Merge tag 'hardening-v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull hardening fixes from Kees Cook: - gcc plugins: Avoid Kconfig warnings with randstruct (Nathan Chancellor) - MAINTAINERS: Add security/Kconfig.hardening to hardening section (Nathan Chancellor) - MAINTAINERS: Add unsafe_memcpy() to the FORTIFY review list * tag 'hardening-v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: MAINTAINERS: Add security/Kconfig.hardening to hardening section hardening: Adjust dependencies in selection of MODVERSIONS MAINTAINERS: Add unsafe_memcpy() to the FORTIFY review list commit fb9b76749adb28d4cee88b296a9b21d834484541 Merge: 27cc6fdf720183 c5e3cdbf2afede Author: Linus Torvalds Date: Sat Oct 5 10:10:45 2024 -0700 Merge tag 'lsm-pr-20241004' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm Pull lsm revert from Paul Moore: "Here is the CONFIG_SECURITY_TOMOYO_LKM revert that we've been discussing this week. With near unanimous agreement that the original TOMOYO patches were not the right way to solve the distro problem Tetsuo is trying the solve, reverting is our best option at this time" * tag 'lsm-pr-20241004' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm: tomoyo: revert CONFIG_SECURITY_TOMOYO_LKM support commit 7d59ac07ccb58f8f604f8057db63b8efcebeb3de Author: Zach Wade Date: Mon Sep 23 22:45:08 2024 +0800 platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bounds". kasan report: [ 19.411889] ================================================================== [ 19.413702] BUG: KASAN: slab-out-of-bounds in _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common] [ 19.415634] Read of size 8 at addr ffff888829e65200 by task cpuhp/16/113 [ 19.417368] [ 19.418627] CPU: 16 PID: 113 Comm: cpuhp/16 Tainted: G E 6.9.0 #10 [ 19.420435] Hardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.20192059.B64.2207280713 07/28/2022 [ 19.422687] Call Trace: [ 19.424091] [ 19.425448] dump_stack_lvl+0x5d/0x80 [ 19.426963] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common] [ 19.428694] print_report+0x19d/0x52e [ 19.430206] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 19.431837] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common] [ 19.433539] kasan_report+0xf0/0x170 [ 19.435019] ? _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common] [ 19.436709] _isst_if_get_pci_dev+0x3d5/0x400 [isst_if_common] [ 19.438379] ? __pfx_sched_clock_cpu+0x10/0x10 [ 19.439910] isst_if_cpu_online+0x406/0x58f [isst_if_common] [ 19.441573] ? __pfx_isst_if_cpu_online+0x10/0x10 [isst_if_common] [ 19.443263] ? ttwu_queue_wakelist+0x2c1/0x360 [ 19.444797] cpuhp_invoke_callback+0x221/0xec0 [ 19.446337] cpuhp_thread_fun+0x21b/0x610 [ 19.447814] ? __pfx_cpuhp_thread_fun+0x10/0x10 [ 19.449354] smpboot_thread_fn+0x2e7/0x6e0 [ 19.450859] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 19.452405] kthread+0x29c/0x350 [ 19.453817] ? __pfx_kthread+0x10/0x10 [ 19.455253] ret_from_fork+0x31/0x70 [ 19.456685] ? __pfx_kthread+0x10/0x10 [ 19.458114] ret_from_fork_asm+0x1a/0x30 [ 19.459573] [ 19.460853] [ 19.462055] Allocated by task 1198: [ 19.463410] kasan_save_stack+0x30/0x50 [ 19.464788] kasan_save_track+0x14/0x30 [ 19.466139] __kasan_kmalloc+0xaa/0xb0 [ 19.467465] __kmalloc+0x1cd/0x470 [ 19.468748] isst_if_cdev_register+0x1da/0x350 [isst_if_common] [ 19.470233] isst_if_mbox_init+0x108/0xff0 [isst_if_mbox_msr] [ 19.471670] do_one_initcall+0xa4/0x380 [ 19.472903] do_init_module+0x238/0x760 [ 19.474105] load_module+0x5239/0x6f00 [ 19.475285] init_module_from_file+0xd1/0x130 [ 19.476506] idempotent_init_module+0x23b/0x650 [ 19.477725] __x64_sys_finit_module+0xbe/0x130 [ 19.476506] idempotent_init_module+0x23b/0x650 [ 19.477725] __x64_sys_finit_module+0xbe/0x130 [ 19.478920] do_syscall_64+0x82/0x160 [ 19.480036] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 19.481292] [ 19.482205] The buggy address belongs to the object at ffff888829e65000 which belongs to the cache kmalloc-512 of size 512 [ 19.484818] The buggy address is located 0 bytes to the right of allocated 512-byte region [ffff888829e65000, ffff888829e65200) [ 19.487447] [ 19.488328] The buggy address belongs to the physical page: [ 19.489569] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888829e60c00 pfn:0x829e60 [ 19.491140] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.492466] anon flags: 0x57ffffc0000840(slab|head|node=1|zone=2|lastcpupid=0x1fffff) [ 19.493914] page_type: 0xffffffff() [ 19.494988] raw: 0057ffffc0000840 ffff88810004cc80 0000000000000000 0000000000000001 [ 19.496451] raw: ffff888829e60c00 0000000080200018 00000001ffffffff 0000000000000000 [ 19.497906] head: 0057ffffc0000840 ffff88810004cc80 0000000000000000 0000000000000001 [ 19.499379] head: ffff888829e60c00 0000000080200018 00000001ffffffff 0000000000000000 [ 19.500844] head: 0057ffffc0000003 ffffea0020a79801 ffffea0020a79848 00000000ffffffff [ 19.502316] head: 0000000800000000 0000000000000000 00000000ffffffff 0000000000000000 [ 19.503784] page dumped because: kasan: bad access detected [ 19.505058] [ 19.505970] Memory state around the buggy address: [ 19.507172] ffff888829e65100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.508599] ffff888829e65180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.510013] >ffff888829e65200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.510014] ^ [ 19.510016] ffff888829e65280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.510018] ffff888829e65300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.515367] ================================================================== The reason for this error is physical_package_ids assigned by VMware VMM are not continuous and have gaps. This will cause value returned by topology_physical_package_id() to be more than topology_max_packages(). Here the allocation uses topology_max_packages(). The call to topology_max_packages() returns maximum logical package ID not physical ID. Hence use topology_logical_package_id() instead of topology_physical_package_id(). Fixes: 9a1aac8a96dc ("platform/x86: ISST: PUNIT device mapping with Sub-NUMA clustering") Cc: stable@vger.kernel.org Acked-by: Srinivas Pandruvada Signed-off-by: Zach Wade Link: https://lore.kernel.org/r/20240923144508.1764-1-zachwade.k@gmail.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 27cc6fdf720183dce1dbd293483ec5a9cb6b595e Merge: ac308609567d31 c66be905cda24f Author: Linus Torvalds Date: Fri Oct 4 17:30:59 2024 -0700 Merge tag 'linux_kselftest-fixes-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull kselftest fixes from Shuah Khan: "Fixes to build warnings, install scripts, run-time error path, and git status cleanups to tests: - devices/probe: fix for Python3 regex string syntax warnings - clone3: removing unused macro from clone3_cap_checkpoint_restore() - vDSO: fix to align getrandom states to cache line - core and exec: add missing executables to .gitignore files - rtc: change to skip test if /dev/rtc0 can't be accessed - timers/posix: fix warn_unused_result result in __fatal_error() - breakpoints: fix to detect suspend successful condition correctly - hid: fix to install required dependencies to run the test" * tag 'linux_kselftest-fixes-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: selftests: breakpoints: use remaining time to check if suspend succeed kselftest/devices/probe: Fix SyntaxWarning in regex strings for Python3 selftest: hid: add missing run-hid-tools-tests.sh selftests: vDSO: align getrandom states to cache line selftests: exec: update gitignore for load_address selftests: core: add unshare_test to gitignore clone3: clone3_cap_checkpoint_restore: remove unused MAX_PID_NS_LEVEL macro selftests:timers: posix_timers: Fix warn_unused_result in __fatal_error() selftest: rtc: Check if could access /dev/rtc0 before testing commit 0f25eb4b60771f08fbcca878a8f7f88086d0c885 Author: Kent Overstreet Date: Mon Sep 23 22:06:58 2024 -0400 bcachefs: Rework logged op error handling Initially it was thought that we just wanted to ignore errors from logged op replay, but it turns out we do need to catch -EROFS, or we'll go into an infinite loop. Signed-off-by: Kent Overstreet commit 1f73cb4d34e787b3671f1e9d527eb8cf72c05283 Author: Kent Overstreet Date: Tue Sep 24 05:33:07 2024 -0400 bcachefs: Add warn param to subvol_get_snapshot, peek_inode These shouldn't always be fatal errors - logged op resume, in particular, and we want it as a parameter there. Signed-off-by: Kent Overstreet commit 72350ee0ea22c053f2683e50f1beba97df2ad053 Author: Kent Overstreet Date: Mon Sep 30 00:00:33 2024 -0400 bcachefs: Kill snapshot arg to fsck_write_inode() It was initially believed that it would be better to be explicit about the snapshot we're updating when writing inodes in fsck; however, it turns out that passing around the snapshot separately is more error prone and we're usually updating the inode in the same snapshow we read it from. This is different from normal filesystem paths, where we do the update in the snapshot of the subvolume we're in. Signed-off-by: Kent Overstreet commit c9306a91c3fdc9915f5408561ea432c70b03383b Author: Kent Overstreet Date: Sun Sep 29 23:38:37 2024 -0400 bcachefs: Check for unlinked, non-empty dirs in check_inode() We want to check for this early so it can be reattached if necessary in check_unreachable_inodes(); better than letting it be deleted and having the children reattached, losing their filenames. Signed-off-by: Kent Overstreet commit c7da5ee2e5cc30faca49e3ea9dbecf8f6ee4f1ea Author: Kent Overstreet Date: Sun Sep 29 22:38:04 2024 -0400 bcachefs: Check for unlinked inodes with dirents link count works differently in bcachefs - it's only nonzero for files with multiple hardlinks, which means we can also avoid checking it except for files that are known to have hardlinks. That means we need a few different checks instead; in particular, we don't want fsck to delet a file that has a dirent pointing to it. Signed-off-by: Kent Overstreet commit 1c6051bbd76b2767d6acef6a1d0bdf99aa319273 Author: Kent Overstreet Date: Sat Sep 28 15:27:37 2024 -0400 bcachefs: Check for directories with no backpointers It's legal for regular files to have missing backpointers (due to hardlinks), and fsck should automatically add them, but for directories this is an error that should be flagged. Signed-off-by: Kent Overstreet commit 260af1562ec14353824da24fe7acc179a902558e Author: Kent Overstreet Date: Tue Oct 1 19:08:37 2024 -0400 bcachefs: Kill alloc_v4.fragmentation_lru The fragmentation_lru field hasn't been needed since we reworked the LRU btrees to use the btree write buffer; previously it was used to resolve collisions, but the revised LRU btree uses the backpointer (the bucket) as part of the key. It should have been deleted at the time of the LRU rework; since it wasn't, that left places for bugs to hide, in check/repair. This fixes LRU fsck on a filesystem image helpfully provided by a user who disappeared before I could get his name for the reported-by. Signed-off-by: Kent Overstreet commit 01bf5e3bd26ff8e49bf06fa4180f3eab51ab06df Author: Kent Overstreet Date: Tue Oct 1 16:40:33 2024 -0400 bcachefs: minor lru fsck fixes check_lru_key() wasn't using write buffer updates for deleting bad lru entries - dating from before the lru btree used the btree write buffer. And when possibly flushing the btree write buffer (to make sure we're seeing a real inconsistency), we need to be using the modern bch2_btree_write_buffer_maybe_flush(). Signed-off-by: Kent Overstreet commit 1bea714c532abf101e939a90b8c920ef9205cfa3 Author: Kent Overstreet Date: Tue Oct 1 16:26:21 2024 -0400 bcachefs: Mark more errors AUTOFIX Errors are getting marked as AUTOFIX once they've been (re)-tested and audited. Signed-off-by: Kent Overstreet commit 492e24d7604a1b78c8af3c30984a0cffc17d6bdf Author: Kent Overstreet Date: Tue Oct 1 16:26:02 2024 -0400 bcachefs: Make sure we print error that causes fsck to bail out Signed-off-by: Kent Overstreet commit 658c82f41e8075e18b98b8705ed0cc34346f35c2 Author: Kent Overstreet Date: Fri Oct 4 15:05:40 2024 -0400 bcachefs: bkey errors are only AUTOFIX during read Newly generated keys, in the transaction commit path or write path, should not be AUTOFIX; those indicate bugs that we need to fail fast for. Fixes: 5612daafb764 ("bcachefs: Fix fsck warnings from bkey validation") Signed-off-by: Kent Overstreet commit fda7b1ffdef75cc0f4d34255e88b5894e2ce75b1 Author: Kent Overstreet Date: Sat Sep 28 15:33:08 2024 -0400 bcachefs: Create lost+found in correct snapshot Signed-off-by: Kent Overstreet commit 20826fe6b810bce3efba9ef5d74cf13ebe5f23d9 Author: Kent Overstreet Date: Sat Sep 28 02:44:12 2024 -0400 bcachefs: Fix reattach_inode() Ensure a copy of the lost+found inode exists in the snapshot that we're reattaching, so that we don't trigger warnings in lookup_inode_for_snapshot() later. Signed-off-by: Kent Overstreet commit 6b63a948a73ba3df0fb3ab0c44807df344bc5bbf Author: Kent Overstreet Date: Fri Oct 4 19:44:32 2024 -0400 bcachefs: Add missing wakeup to bch2_inode_hash_remove() This fixes two different bugs: - Looser locking with the rhashtable means we need to recheck if the inode is still hashed after prepare_to_wait(), and add a corresponding wakeup after removing from the hash table. - da18ecbf0fb6 ("fs: add i_state helpers") changed the bit waitqueues used for inodes, and bcachefs wasn't updated and thus broke; this updates bcachefs to the new helper. Fixes: 112d21fd1a12 ("bcachefs: switch to rhashtable for vfs inodes hash") Signed-off-by: Kent Overstreet commit 9234a2549cb6ac038bec36cc7c084218e9575513 Author: Christophe JAILLET Date: Thu Oct 3 21:03:21 2024 +0200 net: phy: bcm84881: Fix some error handling paths If phy_read_mmd() fails, the error code stored in 'bmsr' should be returned instead of 'val' which is likely to be 0. Fixes: 75f4d8d10e01 ("net: phy: add Broadcom BCM84881 PHY driver") Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/3e1755b0c40340d00e089d6adae5bca2f8c79e53.1727982168.git.christophe.jaillet@wanadoo.fr Signed-off-by: Jakub Kicinski commit 1dae9f1187189bc09ff6d25ca97ead711f7e26f9 Author: Anastasia Kovaleva Date: Thu Oct 3 13:44:31 2024 +0300 net: Fix an unsafe loop on the list The kernel may crash when deleting a genetlink family if there are still listeners for that family: Oops: Kernel access of bad area, sig: 11 [#1] ... NIP [c000000000c080bc] netlink_update_socket_mc+0x3c/0xc0 LR [c000000000c0f764] __netlink_clear_multicast_users+0x74/0xc0 Call Trace: __netlink_clear_multicast_users+0x74/0xc0 genl_unregister_family+0xd4/0x2d0 Change the unsafe loop on the list to a safe one, because inside the loop there is an element removal from this list. Fixes: b8273570f802 ("genetlink: fix netns vs. netlink table locking (2)") Cc: stable@vger.kernel.org Signed-off-by: Anastasia Kovaleva Reviewed-by: Dmitry Bogdanov Reviewed-by: Kuniyuki Iwashima Link: https://patch.msgid.link/20241003104431.12391-1-a.kovaleva@yadro.com Signed-off-by: Jakub Kicinski commit 6121258c2b33ceac3d21f6a221452692c465df88 Author: Baokun Li Date: Fri Sep 27 21:33:29 2024 +0800 ext4: fix off by one issue in alloc_flex_gd() Wesley reported an issue: ================================================================== EXT4-fs (dm-5): resizing filesystem from 7168 to 786432 blocks ------------[ cut here ]------------ kernel BUG at fs/ext4/resize.c:324! CPU: 9 UID: 0 PID: 3576 Comm: resize2fs Not tainted 6.11.0+ #27 RIP: 0010:ext4_resize_fs+0x1212/0x12d0 Call Trace: __ext4_ioctl+0x4e0/0x1800 ext4_ioctl+0x12/0x20 __x64_sys_ioctl+0x99/0xd0 x64_sys_call+0x1206/0x20d0 do_syscall_64+0x72/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e ================================================================== While reviewing the patch, Honza found that when adjusting resize_bg in alloc_flex_gd(), it was possible for flex_gd->resize_bg to be bigger than flexbg_size. The reproduction of the problem requires the following: o_group = flexbg_size * 2 * n; o_size = (o_group + 1) * group_size; n_group: [o_group + flexbg_size, o_group + flexbg_size * 2) o_size = (n_group + 1) * group_size; Take n=0,flexbg_size=16 as an example: last:15 |o---------------|--------------n-| o_group:0 resize to n_group:30 The corresponding reproducer is: img=test.img rm -f $img truncate -s 600M $img mkfs.ext4 -F $img -b 1024 -G 16 8M dev=`losetup -f --show $img` mkdir -p /tmp/test mount $dev /tmp/test resize2fs $dev 248M Delete the problematic plus 1 to fix the issue, and add a WARN_ON_ONCE() to prevent the issue from happening again. [ Note: another reproucer which this commit fixes is: img=test.img rm -f $img truncate -s 25MiB $img mkfs.ext4 -b 4096 -E nodiscard,lazy_itable_init=0,lazy_journal_init=0 $img truncate -s 3GiB $img dev=`losetup -f --show $img` mkdir -p /tmp/test mount $dev /tmp/test resize2fs $dev 3G umount $dev losetup -d $dev -- TYT ] Reported-by: Wesley Hershberger Closes: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2081231 Reported-by: Stéphane Graber Closes: https://lore.kernel.org/all/20240925143325.518508-1-aleksandr.mikhalitsyn@canonical.com/ Tested-by: Alexander Mikhalitsyn Tested-by: Eric Sandeen Fixes: 665d3e0af4d3 ("ext4: reduce unnecessary memory allocation in alloc_flex_gd()") Cc: stable@vger.kernel.org Signed-off-by: Baokun Li Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240927133329.1015041-1-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 04e6ce8f06d161399e5afde3df5dcfa9455b4952 Author: Luis Henriques (SUSE) Date: Mon Sep 23 11:49:09 2024 +0100 ext4: mark fc as ineligible using an handle in ext4_xattr_set() Calling ext4_fc_mark_ineligible() with a NULL handle is racy and may result in a fast-commit being done before the filesystem is effectively marked as ineligible. This patch moves the call to this function so that an handle can be used. If a transaction fails to start, then there's not point in trying to mark the filesystem as ineligible, and an error will eventually be returned to user-space. Suggested-by: Jan Kara Signed-off-by: Luis Henriques (SUSE) Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240923104909.18342-3-luis.henriques@linux.dev Signed-off-by: Theodore Ts'o Cc: stable@kernel.org commit faab35a0370fd6e0821c7a8dd213492946fc776f Author: Luis Henriques (SUSE) Date: Mon Sep 23 11:49:08 2024 +0100 ext4: use handle to mark fc as ineligible in __track_dentry_update() Calling ext4_fc_mark_ineligible() with a NULL handle is racy and may result in a fast-commit being done before the filesystem is effectively marked as ineligible. This patch fixes the calls to this function in __track_dentry_update() by adding an extra parameter to the callback used in ext4_fc_track_template(). Suggested-by: Jan Kara Signed-off-by: Luis Henriques (SUSE) Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240923104909.18342-2-luis.henriques@linux.dev Signed-off-by: Theodore Ts'o Cc: stable@kernel.org commit 610712298b11b2914be00b35abe9326b5dbb62c8 Author: Luiz Augusto von Dentz Date: Tue Oct 1 11:21:37 2024 -0400 Bluetooth: btusb: Don't fail external suspend requests Commit 4e0a1d8b0675 ("Bluetooth: btusb: Don't suspend when there are connections") introduces a check for connections to prevent auto-suspend but that actually ignored the fact the .suspend callback can be called for external suspend requests which Documentation/driver-api/usb/power-management.rst states the following: 'External suspend calls should never be allowed to fail in this way, only autosuspend calls. The driver can tell them apart by applying the :c:func:`PMSG_IS_AUTO` macro to the message argument to the ``suspend`` method; it will return True for internal PM events (autosuspend) and False for external PM events.' In addition to that align system suspend with USB suspend by using hci_suspend_dev since otherwise the stack would be expecting events such as advertising reports which may not be delivered while the transport is suspended. Fixes: 4e0a1d8b0675 ("Bluetooth: btusb: Don't suspend when there are connections") Signed-off-by: Luiz Augusto von Dentz Tested-by: Kiran K commit 18fd04ad856df07733f5bb07e7f7168e7443d393 Author: Luiz Augusto von Dentz Date: Wed Oct 2 11:17:26 2024 -0400 Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync This checks if the ACL connection remains valid as it could be destroyed while hci_enhanced_setup_sync is pending on cmd_sync leading to the following trace: BUG: KASAN: slab-use-after-free in hci_enhanced_setup_sync+0x91b/0xa60 Read of size 1 at addr ffff888002328ffd by task kworker/u5:2/37 CPU: 0 UID: 0 PID: 37 Comm: kworker/u5:2 Not tainted 6.11.0-rc6-01300-g810be445d8d6 #7099 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014 Workqueue: hci0 hci_cmd_sync_work Call Trace: dump_stack_lvl+0x5d/0x80 ? hci_enhanced_setup_sync+0x91b/0xa60 print_report+0x152/0x4c0 ? hci_enhanced_setup_sync+0x91b/0xa60 ? __virt_addr_valid+0x1fa/0x420 ? hci_enhanced_setup_sync+0x91b/0xa60 kasan_report+0xda/0x1b0 ? hci_enhanced_setup_sync+0x91b/0xa60 hci_enhanced_setup_sync+0x91b/0xa60 ? __pfx_hci_enhanced_setup_sync+0x10/0x10 ? __pfx___mutex_lock+0x10/0x10 hci_cmd_sync_work+0x1c2/0x330 process_one_work+0x7d9/0x1360 ? __pfx_lock_acquire+0x10/0x10 ? __pfx_process_one_work+0x10/0x10 ? assign_work+0x167/0x240 worker_thread+0x5b7/0xf60 ? __kthread_parkme+0xac/0x1c0 ? __pfx_worker_thread+0x10/0x10 ? __pfx_worker_thread+0x10/0x10 kthread+0x293/0x360 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x2f/0x70 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 Allocated by task 34: kasan_save_stack+0x30/0x50 kasan_save_track+0x14/0x30 __kasan_kmalloc+0x8f/0xa0 __hci_conn_add+0x187/0x17d0 hci_connect_sco+0x2e1/0xb90 sco_sock_connect+0x2a2/0xb80 __sys_connect+0x227/0x2a0 __x64_sys_connect+0x6d/0xb0 do_syscall_64+0x71/0x140 entry_SYSCALL_64_after_hwframe+0x76/0x7e Freed by task 37: kasan_save_stack+0x30/0x50 kasan_save_track+0x14/0x30 kasan_save_free_info+0x3b/0x60 __kasan_slab_free+0x101/0x160 kfree+0xd0/0x250 device_release+0x9a/0x210 kobject_put+0x151/0x280 hci_conn_del+0x448/0xbf0 hci_abort_conn_sync+0x46f/0x980 hci_cmd_sync_work+0x1c2/0x330 process_one_work+0x7d9/0x1360 worker_thread+0x5b7/0xf60 kthread+0x293/0x360 ret_from_fork+0x2f/0x70 ret_from_fork_asm+0x1a/0x30 Cc: stable@vger.kernel.org Fixes: e07a06b4eb41 ("Bluetooth: Convert SCO configure_datapath to hci_sync") Signed-off-by: Luiz Augusto von Dentz commit 08d1914293dae38350b8088980e59fbc699a72fe Author: Luiz Augusto von Dentz Date: Mon Sep 30 13:26:21 2024 -0400 Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change rfcomm_sk_state_change attempts to use sock_lock so it must never be called with it locked but rfcomm_sock_ioctl always attempt to lock it causing the following trace: ====================================================== WARNING: possible circular locking dependency detected 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted ------------------------------------------------------ syz-executor386/5093 is trying to acquire lock: ffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1671 [inline] ffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sk_state_change+0x5b/0x310 net/bluetooth/rfcomm/sock.c:73 but task is already holding lock: ffff88807badfd28 (&d->lock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x226/0x6a0 net/bluetooth/rfcomm/core.c:491 Reported-by: syzbot+d7ce59b06b3eb14fd218@syzkaller.appspotmail.com Tested-by: syzbot+d7ce59b06b3eb14fd218@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=d7ce59b06b3eb14fd218 Fixes: 3241ad820dbb ("[Bluetooth] Add timestamp support to L2CAP, RFCOMM and SCO") Signed-off-by: Luiz Augusto von Dentz commit dda3529d2e84e2ee7b97158c9cdf5e10308f37bc Author: Kory Maincent Date: Wed Oct 2 14:17:05 2024 +0200 net: pse-pd: Fix enabled status mismatch PSE controllers like the TPS23881 can forcefully turn off their configuration state. In such cases, the is_enabled() and get_status() callbacks will report the PSE as disabled, while admin_state_enabled will show it as enabled. This mismatch can lead the user to attempt to enable it, but no action is taken as admin_state_enabled remains set. The solution is to disable the PSE before enabling it, ensuring the actual status matches admin_state_enabled. Fixes: d83e13761d5b ("net: pse-pd: Use regulator framework within PSE framework") Signed-off-by: Kory Maincent Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20241002121706.246143-1-kory.maincent@bootlin.com Signed-off-by: Jakub Kicinski commit 9f49d14ec41ce7be647028d7d34dea727af55272 Author: Kacper Ludwinski Date: Wed Oct 2 14:10:16 2024 +0900 selftests: net: no_forwarding: fix VID for $swp2 in one_bridge_two_pvids() test Currently, the second bridge command overwrites the first one. Fix this by adding this VID to the interface behind $swp2. The one_bridge_two_pvids() test intends to check that there is no leakage of traffic between bridge ports which have a single VLAN - the PVID VLAN. Because of a typo, port $swp1 is configured with a PVID twice (second command overwrites first), and $swp2 isn't configured at all (and since the bridge vlan_default_pvid property is set to 0, this port will not have a PVID at all, so it will drop all untagged and priority-tagged traffic). So, instead of testing the configuration that was intended, we are testing a different one, where one port has PVID 2 and the other has no PVID. This incorrect version of the test should also pass, but is ineffective for its purpose, so fix the typo. This typo has an impact on results of the test, potentially leading to wrong conclusions regarding the functionality of a network device. The tests results: TEST: Switch ports in VLAN-aware bridge with different PVIDs: Unicast non-IP untagged [ OK ] Multicast non-IP untagged [ OK ] Broadcast non-IP untagged [ OK ] Unicast IPv4 untagged [ OK ] Multicast IPv4 untagged [ OK ] Unicast IPv6 untagged [ OK ] Multicast IPv6 untagged [ OK ] Unicast non-IP VID 1 [ OK ] Multicast non-IP VID 1 [ OK ] Broadcast non-IP VID 1 [ OK ] Unicast IPv4 VID 1 [ OK ] Multicast IPv4 VID 1 [ OK ] Unicast IPv6 VID 1 [ OK ] Multicast IPv6 VID 1 [ OK ] Unicast non-IP VID 4094 [ OK ] Multicast non-IP VID 4094 [ OK ] Broadcast non-IP VID 4094 [ OK ] Unicast IPv4 VID 4094 [ OK ] Multicast IPv4 VID 4094 [ OK ] Unicast IPv6 VID 4094 [ OK ] Multicast IPv6 VID 4094 [ OK ] Fixes: 476a4f05d9b8 ("selftests: forwarding: add a no_forwarding.sh test") Reviewed-by: Hangbin Liu Reviewed-by: Shuah Khan Signed-off-by: Kacper Ludwinski Link: https://patch.msgid.link/20241002051016.849-1-kac.ludwinski@icloud.com Signed-off-by: Jakub Kicinski commit ec010333ce7cf3270ae7193a6724794d5a179625 Author: Tejun Heo Date: Wed Oct 2 10:34:38 2024 -1000 sched_ext: scx_cgroup_exit() may be called without successful scx_cgroup_init() 568894edbe48 ("sched_ext: Add scx_cgroup_enabled to gate cgroup operations and fix scx_tg_online()") assumed that scx_cgroup_exit() is only called after scx_cgroup_init() finished successfully. This isn't true. scx_cgroup_exit() can be called without scx_cgroup_init() being called at all or after scx_cgroup_init() failed in the middle. As init state is tracked per cgroup, scx_cgroup_exit() can be used safely to clean up in all cases. Remove the incorrect WARN_ON_ONCE(). Signed-off-by: Tejun Heo Fixes: 568894edbe48 ("sched_ext: Add scx_cgroup_enabled to gate cgroup operations and fix scx_tg_online()") commit cc9877fb76771b7cbce6c9ec239f13a1d7759876 Author: Tejun Heo Date: Wed Oct 2 10:33:37 2024 -1000 sched_ext: Improve error reporting during loading When the BPF scheduler fails, ops.exit() allows rich error reporting through scx_exit_info. Use scx.exit() path consistently for all failures which can be caused by the BPF scheduler: - scx_ops_error() is called after ops.init() and ops.cgroup_init() failure to record error information. - ops.init_task() failure now uses scx_ops_error() instead of pr_err(). - The err_disable path updated to automatically trigger scx_ops_error() to cover cases that the error message hasn't already been generated and always return 0 indicating init success so that the error is reported through ops.exit(). Signed-off-by: Tejun Heo Cc: David Vernet Cc: Daniel Hodges Cc: Changwoo Min Cc: Andrea Righi Cc: Dan Schatzberg commit ac308609567d31fe44be80ab757a5ddf062362ef Merge: 7943f06cfc8693 3eddb108abe3de Author: Linus Torvalds Date: Fri Oct 4 12:20:09 2024 -0700 Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux Pull arm64 fixes from Catalin Marinas: "A couple of build/config issues and expanding the speculative SSBS workaround to more CPUs: - Expand the speculative SSBS workaround to cover Cortex-A715, Neoverse-N3 and Microsoft Azure Cobalt 100 - Force position-independent veneers - in some kernel configurations, the LLD linker generates position-dependent veneers for otherwise position-independent code, resulting in early boot-time failures - Fix Kconfig selection of HAVE_DYNAMIC_FTRACE_WITH_ARGS so that it is not enabled when not supported by the combination of clang and GNU ld" * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: arm64: Subscribe Microsoft Azure Cobalt 100 to erratum 3194386 arm64: fix selection of HAVE_DYNAMIC_FTRACE_WITH_ARGS arm64: errata: Expand speculative SSBS workaround once more arm64: cputype: Add Neoverse-N3 definitions arm64: Force position-independent veneers commit 7943f06cfc8693d861816dbe608f84d52dd4af52 Merge: 622a3ed1accbb8 cfb10de18538e3 Author: Linus Torvalds Date: Fri Oct 4 12:16:51 2024 -0700 Merge tag 'riscv-for-linus-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux Pull RISC-V fixes from Palmer Dabbelt: - PERF_TYPE_BREAKPOINT now returns -EOPNOTSUPP instead of -ENOENT, which aligns to other ports and is a saner value - The KASAN-related stack size increasing logic has been moved to a C header, to avoid dependency issues * tag 'riscv-for-linus-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux: riscv: Fix kernel stack size when KASAN is enabled drivers/perf: riscv: Align errno for unsupported perf event commit 622a3ed1accbb8e008a7247317bf3e8bc1fd7665 Merge: f6785e0ccfdfc3 2a13ca2e8abb12 Author: Linus Torvalds Date: Fri Oct 4 12:11:06 2024 -0700 Merge tag 'trace-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull tracing fixes from Steven Rostedt: - Fix tp_printk command line option crashing the kernel With the code that can handle a buffer from a previous boot, the trace_check_vprintf() needed access to the delta of the address space used by the old buffer and the current buffer. To do so, the trace_array (tr) parameter was used. But when tp_printk is enabled on the kernel command line, no trace buffer is used and the trace event is sent directly to printk(). That meant the tr field of the iterator descriptor was NULL, and since tp_printk still uses trace_check_vprintf() it caused a NULL dereference. - Add ptrace.h include to x86 ftrace file for completeness - Fix rtla installation when done with out-of-tree build - Fix the help messages in rtla that were incorrect - Several fixes to fix races with the timerlat and hwlat code Several locking issues were discovered with the coordination between timerlat kthread creation and hotplug. As timerlat has callbacks from hotplug code to start kthreads when CPUs come online. There are also locking issues with grabbing the cpu_read_lock() and the locks within timerlat. * tag 'trace-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: tracing/hwlat: Fix a race during cpuhp processing tracing/timerlat: Fix a race during cpuhp processing tracing/timerlat: Drop interface_lock in stop_kthread() tracing/timerlat: Fix duplicated kthread creation due to CPU online/offline x86/ftrace: Include rtla: Fix the help text in osnoise and timerlat top tools tools/rtla: Fix installation from out-of-tree build tracing: Fix trace_check_vprintf() when tp_printk is used commit f6785e0ccfdfc3d87aa8f1287a49cf8cae111d5f Merge: e1043b6765d6ca cac39b0706f186 Author: Linus Torvalds Date: Fri Oct 4 12:05:39 2024 -0700 Merge tag 'slab-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab Pull slab fixes from Vlastimil Babka: "Fixes for issues introduced in this merge window: kobject memory leak, unsupressed warning and possible lockup in new slub_kunit tests, misleading code in kvfree_rcu_queue_batch()" * tag 'slab-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab: slub/kunit: skip test_kfree_rcu when the slub kunit test is built-in mm, slab: suppress warnings in test_leak_destroy kunit test rcu/kvfree: Refactor kvfree_rcu_queue_batch() mm, slab: fix use of SLAB_SUPPORTS_SYSFS in kmem_cache_release() commit 500257db81d067c1ad5a202501a085a8ffea10f1 Merge: 69ea1d4ac916ca de390657b5d6f7 Author: Jakub Kicinski Date: Fri Oct 4 12:04:11 2024 -0700 Merge branch 'ibmvnic-fix-for-send-scrq-direct' Nick Child says: ==================== ibmvnic: Fix for send scrq direct This is a v2 of a patchset (now just patch) which addresses a bug in a new feature which is causing major link UP issues with certain physical cards. For a full summary of the issue: 1. During vnic initialization we get the following values from vnic server regarding "Transmit / Receive Descriptor Requirement" (see PAPR Table 584. CAPABILITIES Commands): - LSO Tx frame = 0x0F , header offsets + L2, L3, L4 headers required - CSO Tx frame = 0x0C , header offsets + L2 header required - standard frame = 0x0C , header offsets + L2 header required 2. Assume we are dealing with only "standard frames" from now on (no CSO, no LSO) 3. When using 100G backing device, we don't hand vnic server any header information and TX is successful 4. When using 25G backing device, we don't hand vnic server any header information and TX fails and we get "Adapter Error" transport events. The obvious issue here is that vnic client should be respecting the 0X0C header requirement for standard frames. But 100G cards will also give 0x0C despite the fact that we know TX works if we ignore it. That being said, we still must respect values given from the managing server. Will need to work with them going forward to hopefully get 100G cards to return 0x00 for this bitstring so the performance gains of using send_subcrq_direct can be continued. ==================== Link: https://patch.msgid.link/20241001163200.1802522-1-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski commit de390657b5d6f7deb9d1d36aaf45f02ba51ec9dc Author: Nick Child Date: Tue Oct 1 11:32:00 2024 -0500 ibmvnic: Inspect header requirements before using scrq direct Previously, the TX header requirement for standard frames was ignored. This requirement is a bitstring sent from the VIOS which maps to the type of header information needed during TX. If no header information, is needed then send subcrq direct can be used (which can be more performant). This bitstring was previously ignored for standard packets (AKA non LSO, non CSO) due to the belief that the bitstring was over-cautionary. It turns out that there are some configurations where the backing device does need header information for transmission of standard packets. If the information is not supplied then this causes continuous "Adapter error" transport events. Therefore, this bitstring should be respected and observed before considering the use of send subcrq direct. Fixes: 74839f7a8268 ("ibmvnic: Introduce send sub-crq direct") Signed-off-by: Nick Child Reviewed-by: Simon Horman Link: https://patch.msgid.link/20241001163200.1802522-2-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski commit e1043b6765d6ca310a10be342e25d5451d58ee53 Merge: 5d18081de22cb7 3be5c171025bae Author: Linus Torvalds Date: Fri Oct 4 11:59:36 2024 -0700 Merge tag 'acpi-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull ACPI fixes from Rafael Wysocki: "These fix up the ACPI IRQ override quirk list and add two new entries to it, add a new quirk to the ACPI backlight (video) driver, and fix the ACPI battery driver. Specifics: - Add a quirk for Dell OptiPlex 5480 AIO to the ACPI backlight (video) driver (Hans de Goede) - Prevent the ACPI battery driver from crashing when unregistering a battery hook and simplify battery hook locking in it (Armin Wolf) - Fix up the ACPI IRQ override quirk list and add quirks for Asus Vivobook X1704VAP and Asus ExpertBook B2502CVA to it (Hans de Goede)" * tag 'acpi-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: ACPI: battery: Fix possible crash when unregistering a battery hook ACPI: battery: Simplify battery hook locking ACPI: video: Add backlight=native quirk for Dell OptiPlex 5480 AIO ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] ACPI: resource: Loosen the Asus E1404GAB DMI match to also cover the E1404GA ACPI: resource: Remove duplicate Asus E1504GAB IRQ override commit 5d18081de22cb73f0959deb0327292da30c9771c Merge: cc70ce8fccd3f8 c0f02536fffbbe Author: Linus Torvalds Date: Fri Oct 4 11:57:15 2024 -0700 Merge tag 'pm-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull power management fixes from Rafael Wysocki: "These fix two cpufreq issues, one in the core and one in the intel_pstate driver: - Fix CPU device node reference counting in the cpufreq core (Miquel Sabaté Solà) - Turn the spinlock used by the intel_pstate driver in hard IRQ context into a raw one to prevent the driver from crashing when PREEMPT_RT is enabled (Uwe Kleine-König)" * tag 'pm-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: cpufreq: Avoid a bad reference count on CPU node cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock commit 69ea1d4ac916cac21ad976dd9cdec69878abac81 Merge: 1f9fc48fd302be bc4d22b72a2d8d Author: Jakub Kicinski Date: Fri Oct 4 11:54:56 2024 -0700 Merge branch 'netfilter-br_netfilter-fix-panic-with-metadata_dst-skb' Andy Roulin says: ==================== netfilter: br_netfilter: fix panic with metadata_dst skb There's a kernel panic possible in the br_netfilter module when sending untagged traffic via a VxLAN device. Traceback is included below. This happens during the check for fragmentation in br_nf_dev_queue_xmit if the MTU on the VxLAN device is not big enough. It is dependent on: 1) the br_netfilter module being loaded; 2) net.bridge.bridge-nf-call-iptables set to 1; 3) a bridge with a VxLAN (single-vxlan-device) netdevice as a bridge port; 4) untagged frames with size higher than the VxLAN MTU forwarded/flooded This case was never supported in the first place, so the first patch drops such packets. A regression selftest is added as part of the second patch. PING 10.0.0.2 (10.0.0.2) from 0.0.0.0 h1-eth0: 2000(2028) bytes of data. [ 176.291791] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000110 [ 176.292101] Mem abort info: [ 176.292184] ESR = 0x0000000096000004 [ 176.292322] EC = 0x25: DABT (current EL), IL = 32 bits [ 176.292530] SET = 0, FnV = 0 [ 176.292709] EA = 0, S1PTW = 0 [ 176.292862] FSC = 0x04: level 0 translation fault [ 176.293013] Data abort info: [ 176.293104] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 176.293488] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 176.293787] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 176.293995] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000043ef5000 [ 176.294166] [0000000000000110] pgd=0000000000000000, p4d=0000000000000000 [ 176.294827] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP [ 176.295252] Modules linked in: vxlan ip6_udp_tunnel udp_tunnel veth br_netfilter bridge stp llc ipv6 crct10dif_ce [ 176.295923] CPU: 0 PID: 188 Comm: ping Not tainted 6.8.0-rc3-g5b3fbd61b9d1 #2 [ 176.296314] Hardware name: linux,dummy-virt (DT) [ 176.296535] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 176.296808] pc : br_nf_dev_queue_xmit+0x390/0x4ec [br_netfilter] [ 176.297382] lr : br_nf_dev_queue_xmit+0x2ac/0x4ec [br_netfilter] [ 176.297636] sp : ffff800080003630 [ 176.297743] x29: ffff800080003630 x28: 0000000000000008 x27: ffff6828c49ad9f8 [ 176.298093] x26: ffff6828c49ad000 x25: 0000000000000000 x24: 00000000000003e8 [ 176.298430] x23: 0000000000000000 x22: ffff6828c4960b40 x21: ffff6828c3b16d28 [ 176.298652] x20: ffff6828c3167048 x19: ffff6828c3b16d00 x18: 0000000000000014 [ 176.298926] x17: ffffb0476322f000 x16: ffffb7e164023730 x15: 0000000095744632 [ 176.299296] x14: ffff6828c3f1c880 x13: 0000000000000002 x12: ffffb7e137926a70 [ 176.299574] x11: 0000000000000001 x10: ffff6828c3f1c898 x9 : 0000000000000000 [ 176.300049] x8 : ffff6828c49bf070 x7 : 0008460f18d5f20e x6 : f20e0100bebafeca [ 176.300302] x5 : ffff6828c7f918fe x4 : ffff6828c49bf070 x3 : 0000000000000000 [ 176.300586] x2 : 0000000000000000 x1 : ffff6828c3c7ad00 x0 : ffff6828c7f918f0 [ 176.300889] Call trace: [ 176.301123] br_nf_dev_queue_xmit+0x390/0x4ec [br_netfilter] [ 176.301411] br_nf_post_routing+0x2a8/0x3e4 [br_netfilter] [ 176.301703] nf_hook_slow+0x48/0x124 [ 176.302060] br_forward_finish+0xc8/0xe8 [bridge] [ 176.302371] br_nf_hook_thresh+0x124/0x134 [br_netfilter] [ 176.302605] br_nf_forward_finish+0x118/0x22c [br_netfilter] [ 176.302824] br_nf_forward_ip.part.0+0x264/0x290 [br_netfilter] [ 176.303136] br_nf_forward+0x2b8/0x4e0 [br_netfilter] [ 176.303359] nf_hook_slow+0x48/0x124 [ 176.303803] __br_forward+0xc4/0x194 [bridge] [ 176.304013] br_flood+0xd4/0x168 [bridge] [ 176.304300] br_handle_frame_finish+0x1d4/0x5c4 [bridge] [ 176.304536] br_nf_hook_thresh+0x124/0x134 [br_netfilter] [ 176.304978] br_nf_pre_routing_finish+0x29c/0x494 [br_netfilter] [ 176.305188] br_nf_pre_routing+0x250/0x524 [br_netfilter] [ 176.305428] br_handle_frame+0x244/0x3cc [bridge] [ 176.305695] __netif_receive_skb_core.constprop.0+0x33c/0xecc [ 176.306080] __netif_receive_skb_one_core+0x40/0x8c [ 176.306197] __netif_receive_skb+0x18/0x64 [ 176.306369] process_backlog+0x80/0x124 [ 176.306540] __napi_poll+0x38/0x17c [ 176.306636] net_rx_action+0x124/0x26c [ 176.306758] __do_softirq+0x100/0x26c [ 176.307051] ____do_softirq+0x10/0x1c [ 176.307162] call_on_irq_stack+0x24/0x4c [ 176.307289] do_softirq_own_stack+0x1c/0x2c [ 176.307396] do_softirq+0x54/0x6c [ 176.307485] __local_bh_enable_ip+0x8c/0x98 [ 176.307637] __dev_queue_xmit+0x22c/0xd28 [ 176.307775] neigh_resolve_output+0xf4/0x1a0 [ 176.308018] ip_finish_output2+0x1c8/0x628 [ 176.308137] ip_do_fragment+0x5b4/0x658 [ 176.308279] ip_fragment.constprop.0+0x48/0xec [ 176.308420] __ip_finish_output+0xa4/0x254 [ 176.308593] ip_finish_output+0x34/0x130 [ 176.308814] ip_output+0x6c/0x108 [ 176.308929] ip_send_skb+0x50/0xf0 [ 176.309095] ip_push_pending_frames+0x30/0x54 [ 176.309254] raw_sendmsg+0x758/0xaec [ 176.309568] inet_sendmsg+0x44/0x70 [ 176.309667] __sys_sendto+0x110/0x178 [ 176.309758] __arm64_sys_sendto+0x28/0x38 [ 176.309918] invoke_syscall+0x48/0x110 [ 176.310211] el0_svc_common.constprop.0+0x40/0xe0 [ 176.310353] do_el0_svc+0x1c/0x28 [ 176.310434] el0_svc+0x34/0xb4 [ 176.310551] el0t_64_sync_handler+0x120/0x12c [ 176.310690] el0t_64_sync+0x190/0x194 [ 176.311066] Code: f9402e61 79402aa2 927ff821 f9400023 (f9408860) [ 176.315743] ---[ end trace 0000000000000000 ]--- [ 176.316060] Kernel panic - not syncing: Oops: Fatal exception in interrupt [ 176.316371] Kernel Offset: 0x37e0e3000000 from 0xffff800080000000 [ 176.316564] PHYS_OFFSET: 0xffff97d780000000 [ 176.316782] CPU features: 0x0,88000203,3c020000,0100421b [ 176.317210] Memory Limit: none [ 176.317527] ---[ end Kernel panic - not syncing: Oops: Fatal Exception in interrupt ]---\ ==================== Link: https://patch.msgid.link/20241001154400.22787-1-aroulin@nvidia.com Signed-off-by: Jakub Kicinski commit bc4d22b72a2d8d22b03b89083db4937dc427ddaa Author: Andy Roulin Date: Tue Oct 1 08:44:00 2024 -0700 selftests: add regression test for br_netfilter panic Add a new netfilter selftests to test against br_netfilter panics when VxLAN single-device is used together with untagged traffic and high MTU. Reviewed-by: Petr Machata Signed-off-by: Andy Roulin Acked-by: Nikolay Aleksandrov Link: https://patch.msgid.link/20241001154400.22787-3-aroulin@nvidia.com Signed-off-by: Jakub Kicinski commit f9ff7665cd128012868098bbd07e28993e314fdb Author: Andy Roulin Date: Tue Oct 1 08:43:59 2024 -0700 netfilter: br_netfilter: fix panic with metadata_dst skb Fix a kernel panic in the br_netfilter module when sending untagged traffic via a VxLAN device. This happens during the check for fragmentation in br_nf_dev_queue_xmit. It is dependent on: 1) the br_netfilter module being loaded; 2) net.bridge.bridge-nf-call-iptables set to 1; 3) a bridge with a VxLAN (single-vxlan-device) netdevice as a bridge port; 4) untagged frames with size higher than the VxLAN MTU forwarded/flooded When forwarding the untagged packet to the VxLAN bridge port, before the netfilter hooks are called, br_handle_egress_vlan_tunnel is called and changes the skb_dst to the tunnel dst. The tunnel_dst is a metadata type of dst, i.e., skb_valid_dst(skb) is false, and metadata->dst.dev is NULL. Then in the br_netfilter hooks, in br_nf_dev_queue_xmit, there's a check for frames that needs to be fragmented: frames with higher MTU than the VxLAN device end up calling br_nf_ip_fragment, which in turns call ip_skb_dst_mtu. The ip_dst_mtu tries to use the skb_dst(skb) as if it was a valid dst with valid dst->dev, thus the crash. This case was never supported in the first place, so drop the packet instead. PING 10.0.0.2 (10.0.0.2) from 0.0.0.0 h1-eth0: 2000(2028) bytes of data. [ 176.291791] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000110 [ 176.292101] Mem abort info: [ 176.292184] ESR = 0x0000000096000004 [ 176.292322] EC = 0x25: DABT (current EL), IL = 32 bits [ 176.292530] SET = 0, FnV = 0 [ 176.292709] EA = 0, S1PTW = 0 [ 176.292862] FSC = 0x04: level 0 translation fault [ 176.293013] Data abort info: [ 176.293104] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 [ 176.293488] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 176.293787] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 176.293995] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000043ef5000 [ 176.294166] [0000000000000110] pgd=0000000000000000, p4d=0000000000000000 [ 176.294827] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP [ 176.295252] Modules linked in: vxlan ip6_udp_tunnel udp_tunnel veth br_netfilter bridge stp llc ipv6 crct10dif_ce [ 176.295923] CPU: 0 PID: 188 Comm: ping Not tainted 6.8.0-rc3-g5b3fbd61b9d1 #2 [ 176.296314] Hardware name: linux,dummy-virt (DT) [ 176.296535] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 176.296808] pc : br_nf_dev_queue_xmit+0x390/0x4ec [br_netfilter] [ 176.297382] lr : br_nf_dev_queue_xmit+0x2ac/0x4ec [br_netfilter] [ 176.297636] sp : ffff800080003630 [ 176.297743] x29: ffff800080003630 x28: 0000000000000008 x27: ffff6828c49ad9f8 [ 176.298093] x26: ffff6828c49ad000 x25: 0000000000000000 x24: 00000000000003e8 [ 176.298430] x23: 0000000000000000 x22: ffff6828c4960b40 x21: ffff6828c3b16d28 [ 176.298652] x20: ffff6828c3167048 x19: ffff6828c3b16d00 x18: 0000000000000014 [ 176.298926] x17: ffffb0476322f000 x16: ffffb7e164023730 x15: 0000000095744632 [ 176.299296] x14: ffff6828c3f1c880 x13: 0000000000000002 x12: ffffb7e137926a70 [ 176.299574] x11: 0000000000000001 x10: ffff6828c3f1c898 x9 : 0000000000000000 [ 176.300049] x8 : ffff6828c49bf070 x7 : 0008460f18d5f20e x6 : f20e0100bebafeca [ 176.300302] x5 : ffff6828c7f918fe x4 : ffff6828c49bf070 x3 : 0000000000000000 [ 176.300586] x2 : 0000000000000000 x1 : ffff6828c3c7ad00 x0 : ffff6828c7f918f0 [ 176.300889] Call trace: [ 176.301123] br_nf_dev_queue_xmit+0x390/0x4ec [br_netfilter] [ 176.301411] br_nf_post_routing+0x2a8/0x3e4 [br_netfilter] [ 176.301703] nf_hook_slow+0x48/0x124 [ 176.302060] br_forward_finish+0xc8/0xe8 [bridge] [ 176.302371] br_nf_hook_thresh+0x124/0x134 [br_netfilter] [ 176.302605] br_nf_forward_finish+0x118/0x22c [br_netfilter] [ 176.302824] br_nf_forward_ip.part.0+0x264/0x290 [br_netfilter] [ 176.303136] br_nf_forward+0x2b8/0x4e0 [br_netfilter] [ 176.303359] nf_hook_slow+0x48/0x124 [ 176.303803] __br_forward+0xc4/0x194 [bridge] [ 176.304013] br_flood+0xd4/0x168 [bridge] [ 176.304300] br_handle_frame_finish+0x1d4/0x5c4 [bridge] [ 176.304536] br_nf_hook_thresh+0x124/0x134 [br_netfilter] [ 176.304978] br_nf_pre_routing_finish+0x29c/0x494 [br_netfilter] [ 176.305188] br_nf_pre_routing+0x250/0x524 [br_netfilter] [ 176.305428] br_handle_frame+0x244/0x3cc [bridge] [ 176.305695] __netif_receive_skb_core.constprop.0+0x33c/0xecc [ 176.306080] __netif_receive_skb_one_core+0x40/0x8c [ 176.306197] __netif_receive_skb+0x18/0x64 [ 176.306369] process_backlog+0x80/0x124 [ 176.306540] __napi_poll+0x38/0x17c [ 176.306636] net_rx_action+0x124/0x26c [ 176.306758] __do_softirq+0x100/0x26c [ 176.307051] ____do_softirq+0x10/0x1c [ 176.307162] call_on_irq_stack+0x24/0x4c [ 176.307289] do_softirq_own_stack+0x1c/0x2c [ 176.307396] do_softirq+0x54/0x6c [ 176.307485] __local_bh_enable_ip+0x8c/0x98 [ 176.307637] __dev_queue_xmit+0x22c/0xd28 [ 176.307775] neigh_resolve_output+0xf4/0x1a0 [ 176.308018] ip_finish_output2+0x1c8/0x628 [ 176.308137] ip_do_fragment+0x5b4/0x658 [ 176.308279] ip_fragment.constprop.0+0x48/0xec [ 176.308420] __ip_finish_output+0xa4/0x254 [ 176.308593] ip_finish_output+0x34/0x130 [ 176.308814] ip_output+0x6c/0x108 [ 176.308929] ip_send_skb+0x50/0xf0 [ 176.309095] ip_push_pending_frames+0x30/0x54 [ 176.309254] raw_sendmsg+0x758/0xaec [ 176.309568] inet_sendmsg+0x44/0x70 [ 176.309667] __sys_sendto+0x110/0x178 [ 176.309758] __arm64_sys_sendto+0x28/0x38 [ 176.309918] invoke_syscall+0x48/0x110 [ 176.310211] el0_svc_common.constprop.0+0x40/0xe0 [ 176.310353] do_el0_svc+0x1c/0x28 [ 176.310434] el0_svc+0x34/0xb4 [ 176.310551] el0t_64_sync_handler+0x120/0x12c [ 176.310690] el0t_64_sync+0x190/0x194 [ 176.311066] Code: f9402e61 79402aa2 927ff821 f9400023 (f9408860) [ 176.315743] ---[ end trace 0000000000000000 ]--- [ 176.316060] Kernel panic - not syncing: Oops: Fatal exception in interrupt [ 176.316371] Kernel Offset: 0x37e0e3000000 from 0xffff800080000000 [ 176.316564] PHYS_OFFSET: 0xffff97d780000000 [ 176.316782] CPU features: 0x0,88000203,3c020000,0100421b [ 176.317210] Memory Limit: none [ 176.317527] ---[ end Kernel panic - not syncing: Oops: Fatal Exception in interrupt ]---\ Fixes: 11538d039ac6 ("bridge: vlan dst_metadata hooks in ingress and egress paths") Reviewed-by: Ido Schimmel Signed-off-by: Andy Roulin Acked-by: Nikolay Aleksandrov Link: https://patch.msgid.link/20241001154400.22787-2-aroulin@nvidia.com Signed-off-by: Jakub Kicinski commit 76f5af9952064dc88d41be6fde1fce793ee7eabe Author: Mike Snitzer Date: Thu Oct 3 15:35:00 2024 -0400 nfsd/localio: fix nfsd_file tracepoints to handle NULL rqstp Otherwise nfsd_file_acquire, nfsd_file_insert_err, and nfsd_file_cons_err will hit a NULL pointer when they are enabled and LOCALIO used. Example trace output (note xid is 0x0 and LOCALIO flag set): nfsd_file_acquire: xid=0x0 inode=0000000069a1b2e7 may_flags=WRITE|LOCALIO ref=1 nf_flags=HASHED|GC nf_may=WRITE nf_file=0000000070123234 status=0 Fixes: c63f0e48febf ("nfsd: add nfsd_file_acquire_local()") Signed-off-by: Mike Snitzer Reviewed-by: Chuck Lever Signed-off-by: Anna Schumaker commit cc70ce8fccd3f81c58f1e983336568d7c9df0e3b Merge: 2f91ff27b0ee99 7b99b5ab885993 Author: Linus Torvalds Date: Fri Oct 4 11:50:38 2024 -0700 Merge tag 'gpio-fixes-for-v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux Pull gpio fixes from Bartosz Golaszewski: - fix a potential NULL-pointer dereference in gpiolib core - fix a probe() regression from the v6.12 merge window and an older bug leading to missed interrupts in gpio-davinci * tag 'gpio-fixes-for-v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux: gpiolib: Fix potential NULL pointer dereference in gpiod_get_label() gpio: davinci: Fix condition for irqchip registration gpio: davinci: fix lazy disable commit 2f91ff27b0ee99e7e526bf711626c1dc3fa12560 Merge: fe6fceceaecf4c b3ebb007060f89 Author: Linus Torvalds Date: Fri Oct 4 11:29:46 2024 -0700 Merge tag 'sound-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound Pull sound fixes from Takashi Iwai: "Slightly high amount of changes in this round, partly because of my vacation in the last weeks. But all changes are small and nothing looks worrisome. The biggest LOCs is MAINTAINERS updates, and there is a core change for card-ID string creation for non-ASCII inputs. Others are rather device-specific, such as new quirks and device IDs for ASoC, usual HD-audio and USB-audio quirks and fixes, as well as regression fixes in HD-audio HDMI audio and Conexant codec" * tag 'sound-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: (39 commits) ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin ALSA: line6: add hw monitor volume control to POD HD500X ALSA: gus: Fix some error handling paths related to get_bpos() usage ALSA: hda: Add missing parameter description for snd_hdac_stream_timecounter_init() ALSA: usb-audio: Add native DSD support for Luxman D-08u ALSA: core: add isascii() check to card ID generator MAINTAINERS: ALSA: use linux-sound@vger.kernel.org list Revert "ALSA: hda: Conditionally use snooping for AMD HDMI" ASoC: intel: sof_sdw: Add check devm_kasprintf() returned value ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m ASoC: dt-bindings: davinci-mcasp: Fix interrupts property ASoC: qcom: sm8250: add qrb4210-rb2-sndcard compatible string ASoC: dt-bindings: qcom,sm8250: add qrb4210-rb2-sndcard ALSA: hda: fix trigger_tstamp_latched ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 ALSA: hda/generic: Drop obsoleted obey_preferred_dacs flag ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs ALSA: silence integer wrapping warning ASoC: Intel: soc-acpi: arl: Fix some missing empty terminators ASoC: Intel: soc-acpi-intel-rpl-match: add missing empty item ... commit fe6fceceaecf4c7488832be18a37ddf9213782bc Merge: 360c1f1f24c6ab 5b272bf7dcf969 Author: Linus Torvalds Date: Fri Oct 4 11:25:14 2024 -0700 Merge tag 'drm-fixes-2024-10-04' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes from Dave Airlie: "Weekly fixes, xe and amdgpu lead the way, with panthor, and few core components getting various fixes. Nothing seems too out of the ordinary. atomic: - Use correct type when reading damage rectangles display: - Fix kernel docs dp-mst: - Fix DSC decompression detection hdmi: - Fix infoframe size sched: - Update maintainers - Fix race condition whne queueing up jobs - Fix locking in drm_sched_entity_modify_sched() - Fix pointer deref if entity queue changes sysfb: - Disable sysfb if framebuffer parent device is unknown amdgpu: - DML2 fix - DSC fix - Dispclk fix - eDP HDR fix - IPS fix - TBT fix i915: - One fix for bitwise and logical "and" mixup in PM code xe: - Restore pci state on resume - Fix locking on submission, queue and vm - Fix UAF on queue destruction - Fix resource release on freq init error path - Use rw_semaphore to reduce contention on ASID->VM lookup - Fix steering for media on Xe2_HPM - Tuning updates to Xe2 - Resume TDR after GT reset to prevent jobs running forever - Move id allocation to avoid userspace using a guessed number to trigger UAF - Fix OA stream close preventing pbatch buffers to complete - Fix NPD when migrating memory on LNL - Fix memory leak when aborting binds panthor: - Fix locking - Set FOP_UNSIGNED_OFFSET in fops instance - Acquire lock in panthor_vm_prepare_map_op_ctx() - Avoid uninitialized variable in tick_ctx_cleanup() - Do not block scheduler queue if work is pending - Do not add write fences to the shared BOs vbox: - Fix VLA handling" * tag 'drm-fixes-2024-10-04' of https://gitlab.freedesktop.org/drm/kernel: (41 commits) drm/xe: Fix memory leak when aborting binds drm/xe: Prevent null pointer access in xe_migrate_copy drm/xe/oa: Don't reset OAC_CONTEXT_ENABLE on OA stream close drm/xe/queue: move xa_alloc to prevent UAF drm/xe/vm: move xa_alloc to prevent UAF drm/xe: Clean up VM / exec queue file lock usage. drm/xe: Resume TDR after GT reset drm/xe/xe2: Add performance tuning for L3 cache flushing drm/xe/xe2: Extend performance tuning to media GT drm/xe/mcr: Use Xe2_LPM steering tables for Xe2_HPM drm/xe: Use helper for ASID -> VM in GPU faults and access counters drm/xe: Convert to USM lock to rwsem drm/xe: use devm_add_action_or_reset() helper drm/xe: fix UAF around queue destruction drm/xe/guc_submit: add missing locking in wedged_fini drm/xe: Restore pci state upon resume drm/amd/display: Fix system hang while resume with TBT monitor drm/amd/display: Enable idle workqueue for more IPS modes drm/amd/display: Add HDR workaround for specific eDP drm/amd/display: avoid set dispclk to 0 ... commit 1f9fc48fd302be3311186152225ef195e6139d7a Author: Vladimir Oltean Date: Tue Oct 1 17:02:06 2024 +0300 net: dsa: sja1105: fix reception from VLAN-unaware bridges The blamed commit introduced an unexpected regression in the sja1105 driver. Packets from VLAN-unaware bridge ports get received correctly, but the protocol stack can't seem to decode them properly. For ds->untag_bridge_pvid users (thus also sja1105), the blamed commit did introduce a functional change: dsa_switch_rcv() used to call dsa_untag_bridge_pvid(), which looked like this: err = br_vlan_get_proto(br, &proto); if (err) return skb; /* Move VLAN tag from data to hwaccel */ if (!skb_vlan_tag_present(skb) && skb->protocol == htons(proto)) { skb = skb_vlan_untag(skb); if (!skb) return NULL; } and now it calls dsa_software_vlan_untag() which has just this: /* Move VLAN tag from data to hwaccel */ if (!skb_vlan_tag_present(skb)) { skb = skb_vlan_untag(skb); if (!skb) return NULL; } thus lacks any skb->protocol == bridge VLAN protocol check. That check is deferred until a later check for skb->vlan_proto (in the hwaccel area). The new code is problematic because, for VLAN-untagged packets, skb_vlan_untag() blindly takes the 4 bytes starting with the EtherType and turns them into a hwaccel VLAN tag. This is what breaks the protocol stack. It would be tempting to "make it work as before" and only call skb_vlan_untag() for those packets with the skb->protocol actually representing a VLAN. But the premise of the newly introduced dsa_software_vlan_untag() core function is not wrong. Drivers set ds->untag_bridge_pvid or ds->untag_vlan_aware_bridge_pvid presumably because they send all traffic to the CPU reception path as VLAN-tagged. So why should we spend any additional CPU cycles assuming that the packet may be VLAN-untagged? And why does the sja1105 driver opt into ds->untag_bridge_pvid if it doesn't always deliver packets to the CPU as VLAN-tagged? The answer to the latter question is indeed more interesting: it doesn't need to. This got done in commit 884be12f8566 ("net: dsa: sja1105: add support for imprecise RX"), because I thought it would be needed, but I didn't realize that it doesn't actually make a difference. As explained in the commit message of the blamed patch, ds->untag_bridge_pvid only makes a difference in the VLAN-untagged receive path of a bridge port. However, in that operating mode, tag_sja1105.c makes use of VLAN tags with the ETH_P_SJA1105 TPID, and it decodes and consumes these VLAN tags as if they were DSA tags (aka tag_8021q operation). Even if commit 884be12f8566 ("net: dsa: sja1105: add support for imprecise RX") added this logic in sja1105_bridge_vlan_add(): /* Always install bridge VLANs as egress-tagged on the CPU port. */ if (dsa_is_cpu_port(ds, port)) flags = 0; that was for _bridge_ VLANs, which are _not_ committed to hardware in VLAN-unaware mode (aka the mode where ds->untag_bridge_pvid does anything at all). Even prior to that change, the tag_8021q VLANs were always installed as egress-tagged on the CPU port, see dsa_switch_tag_8021q_vlan_add(): u16 flags = 0; // egress-tagged, non-PVID if (dsa_port_is_user(dp)) flags |= BRIDGE_VLAN_INFO_UNTAGGED | BRIDGE_VLAN_INFO_PVID; err = dsa_port_do_tag_8021q_vlan_add(dp, info->vid, flags); if (err) return err; Whether the sja1105 driver needs the new flag, ds->untag_vlan_aware_bridge_pvid, rather than ds->untag_bridge_pvid, is a separate discussion. To fix the current bug in VLAN-unaware bridge mode, I would argue that the sja1105 driver should not request something it doesn't need, rather than complicating the core DSA helper. Whereas before the blamed commit, this setting was harmless, now it has caused breakage. Fixes: 93e4649efa96 ("net: dsa: provide a software untagging function on RX for VLAN-aware bridges") Signed-off-by: Vladimir Oltean Link: https://patch.msgid.link/20241001140206.50933-1-vladimir.oltean@nxp.com Signed-off-by: Jakub Kicinski commit 360c1f1f24c6ab1dfe422a81a90cc07f53f378c1 Merge: 43454e83916dc5 6d6e54fc71ad1a Author: Linus Torvalds Date: Fri Oct 4 10:43:44 2024 -0700 Merge tag 'block-6.12-20241004' of git://git.kernel.dk/linux Pull block fixes from Jens Axboe: - Fix another use-after-free in aoe - Fixup wrong nested non-saving irq disable/restore in blk-iocost - Fixup a kerneldoc complaint introduced by a merge window patch * tag 'block-6.12-20241004' of git://git.kernel.dk/linux: aoe: fix the potential use-after-free problem in more places blk_iocost: remove some duplicate irq disable/enables block: fix blk_rq_map_integrity_sg kernel-doc commit 43454e83916dc515e3d11fd07d50c40e6e555873 Merge: e02f08e2171655 c314094cb4cfa6 Author: Linus Torvalds Date: Fri Oct 4 10:39:36 2024 -0700 Merge tag 'io_uring-6.12-20241004' of git://git.kernel.dk/linux Pull io_uring fixes from Jens Axboe: - Fix an error path memory leak, if one part fails to allocate. Obviously not something that'll generally hit without error injection. - Fix an io_req_flags_t cast to make sparse happier. - Improve the recv multishot termination. Not a bug now, but could be one in the future. This makes it do the same thing that recvmsg does in terms of when to terminate a request or not. * tag 'io_uring-6.12-20241004' of git://git.kernel.dk/linux: io_uring/net: harden multishot termination case for recv io_uring: fix casts to io_req_flags_t io_uring: fix memory leak when cache init fail commit e02f08e217165500a9500e0db1b2da9f4db4e964 Merge: 4770119d637c2c cad3f4a22cfa40 Author: Linus Torvalds Date: Fri Oct 4 10:31:59 2024 -0700 Merge tag 'fsnotify_for_v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs Pull fsnotify fixes from Jan Kara: "Fixes for an inotify deadlock and a data race in fsnotify" * tag 'fsnotify_for_v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs: inotify: Fix possible deadlock in fsnotify_destroy_mark fsnotify: Avoid data race between fsnotify_recalc_mask() and fsnotify_object_watched() commit 4770119d637c2cb55076811c79083d3ffb990665 Merge: a3a37691e662b7 264db9d666ad9a Author: Linus Torvalds Date: Fri Oct 4 10:24:06 2024 -0700 Merge tag 'fs_for_v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs Pull UDF fixes from Jan Kara: "A couple of UDF error handling fixes for issues spotted by syzbot" * tag 'fs_for_v6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs: udf: fix uninit-value use in udf_get_fileshortad udf: refactor inode_bmap() to handle error udf: refactor udf_next_aext() to handle error udf: refactor udf_current_aext() to handle error commit a3a37691e662b76d9c8a4d74cd856b5a4ae8286e Merge: 79eb2c07afbe4d ccda9910d8490f Author: Linus Torvalds Date: Fri Oct 4 10:10:23 2024 -0700 Merge tag 'ceph-for-6.12-rc2' of https://github.com/ceph/ceph-client Pull ceph fixes from Ilya Dryomov: "A fix from Patrick for a variety of CephFS lockup scenarios caused by a regression in cap handling which sneaked in through the netfs helper library in 5.18 (marked for stable) and an unrelated one-line cleanup" * tag 'ceph-for-6.12-rc2' of https://github.com/ceph/ceph-client: ceph: fix cap ref leak via netfs init_request ceph: use struct_size() helper in __ceph_pool_perm_get() commit 3be5c171025baece9a0793170eb3b47ad08bf6c9 Merge: 056301e7c7c886 ac78288fe062b6 76959aff14a001 Author: Rafael J. Wysocki Date: Fri Oct 4 19:06:44 2024 +0200 Merge branches 'acpi-video' and 'acpi-battery' Merge an ACPI backlight (video) quirk and ACPI battery driver fix and cleanup for 6.12-rc2: - Add a quirk for Dell OptiPlex 5480 AIO to the ACPI backlight (video) driver (Hans de Goede). - Prevent the ACPI battery driver from crashing when unregistering a battery hook and simplify battery hook locking in it (Armin Wolf). * acpi-video: ACPI: video: Add backlight=native quirk for Dell OptiPlex 5480 AIO * acpi-battery: ACPI: battery: Fix possible crash when unregistering a battery hook ACPI: battery: Simplify battery hook locking commit 79eb2c07afbe4d165734ea61a258dd8410ec6624 Merge: b7a838ee7e8904 d6e7ac65d4c106 Author: Linus Torvalds Date: Fri Oct 4 10:05:13 2024 -0700 Merge tag 'for-6.12-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux Pull btrfs fixes from David Sterba: - in incremental send, fix invalid clone operation for file that got its size decreased - fix __counted_by() annotation of send path cache entries, we do not store the terminating NUL - fix a longstanding bug in relocation (and quite hard to hit by chance), drop back reference cache that can get out of sync after transaction commit - wait for fixup worker kthread before finishing umount - add missing raid-stripe-tree extent for NOCOW files, zoned mode cannot have NOCOW files but RST is meant to be a standalone feature - handle transaction start error during relocation, avoid potential NULL pointer dereference of relocation control structure (reported by syzbot) - disable module-wide rate limiting of debug level messages - minor fix to tracepoint definition (reported by checkpatch.pl) * tag 'for-6.12-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux: btrfs: disable rate limiting when debug enabled btrfs: wait for fixup workers before stopping cleaner kthread during umount btrfs: fix a NULL pointer dereference when failed to start a new trasacntion btrfs: send: fix invalid clone operation for file that got its size decreased btrfs: tracepoints: end assignment with semicolon at btrfs_qgroup_extent event class btrfs: drop the backref cache during relocation if we commit btrfs: also add stripe entries for NOCOW writes btrfs: send: fix buffer overflow detection when copying path to cache entry commit 827a07525c099f54d3b15110408824541ec66b3c Author: Rafael J. Wysocki Date: Thu Oct 3 14:27:28 2024 +0200 thermal: core: Free tzp copy along with the thermal zone The object pointed to by tz->tzp may still be accessed after being freed in thermal_zone_device_unregister(), so move the freeing of it to the point after the removal completion has been completed at which it cannot be accessed any more. Fixes: 3d439b1a2ad3 ("thermal/core: Alloc-copy-free the thermal zone parameters structure") Cc: 6.8+ # 6.8+ Signed-off-by: Rafael J. Wysocki Reviewed-by: Lukasz Luba Link: https://patch.msgid.link/4623516.LvFx2qVVIh@rjwysocki.net commit a42a5839f400e929c489bb1b58f54596c4535167 Author: Rafael J. Wysocki Date: Thu Oct 3 14:25:58 2024 +0200 thermal: core: Reference count the zone in thermal_zone_get_by_id() There are places in the thermal netlink code where nothing prevents the thermal zone object from going away while being accessed after it has been returned by thermal_zone_get_by_id(). To address this, make thermal_zone_get_by_id() get a reference on the thermal zone device object to be returned with the help of get_device(), under thermal_list_lock, and adjust all of its callers to this change with the help of the cleanup.h infrastructure. Fixes: 1ce50e7d408e ("thermal: core: genetlink support for events/cmd/sampling") Cc: 6.8+ # 6.8+ Signed-off-by: Rafael J. Wysocki Reviewed-by: Lukasz Luba Link: https://patch.msgid.link/6112242.lOV4Wx5bFT@rjwysocki.net commit b7a838ee7e8904c14e5d6ca2d0029bbad70fb761 Merge: 6cca11958870b9 d3a49f60917323 Author: Linus Torvalds Date: Fri Oct 4 09:56:05 2024 -0700 Merge tag 'v6.12-rc1-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6 Pull smb client fixes from Steve French: - statfs fix (e.g. when limited access to root directory of share) - special file handling fixes: fix packet validation to avoid buffer overflow for reparse points, fixes for symlink path parsing (one for reparse points, and one for SFU use case), and fix for cleanup after failed SET_REPARSE operation. - fix for SMB2.1 signing bug introduced by recent patch to NFS symlink path, and NFS reparse point validation - comment cleanup * tag 'v6.12-rc1-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6: cifs: Do not convert delimiter when parsing NFS-style symlinks cifs: Validate content of NFS reparse point buffer cifs: Fix buffer overflow when parsing NFS reparse points smb: client: Correct typos in multiple comments across various files smb: client: use actual path when queryfs cifs: Remove intermediate object of failed create reparse call Revert "smb: client: make SHA-512 TFM ephemeral" smb: Update comments about some reparse point tags cifs: Check for UTF-16 null codepoint in SFU symlink target location commit 6cca11958870b9b1d64933ffe1a4c11b0e6e6bbb Merge: 0c559323bbaabe 678379e1d4f744 Author: Linus Torvalds Date: Fri Oct 4 09:46:16 2024 -0700 Merge tag 'pull-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs Pull close_range() fix from Al Viro: "Fix the logic in descriptor table trimming" * tag 'pull-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: close_range(): fix the logics in descriptor table trimming commit 3689245dedfd6157bb6060b62e523a68f1d674b2 Merge: 9852d85ec9d492 048bbbdbf85e5e Author: Wolfram Sang Date: Fri Oct 4 18:30:37 2024 +0200 Merge tag 'i2c-host-fixes-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/andi.shyti/linux into i2c/for-current i2c-host fixes for v6.12-rc2 In the stm32f7 a potential deadlock is fixed during runtime suspend and resume. commit c5e3cdbf2afedef77b64229fd0aed693abf0a0c4 Author: Paul Moore Date: Thu Oct 3 16:43:39 2024 -0400 tomoyo: revert CONFIG_SECURITY_TOMOYO_LKM support This patch reverts two TOMOYO patches that were merged into Linus' tree during the v6.12 merge window: 8b985bbfabbe ("tomoyo: allow building as a loadable LSM module") 268225a1de1a ("tomoyo: preparation step for building as a loadable LSM module") Together these two patches introduced the CONFIG_SECURITY_TOMOYO_LKM Kconfig build option which enabled a TOMOYO specific dynamic LSM loading mechanism (see the original commits for more details). Unfortunately, this approach was widely rejected by the LSM community as well as some members of the general kernel community. Objections included concerns over setting a bad precedent regarding individual LSMs managing their LSM callback registrations as well as general kernel symbol exporting practices. With little to no support for the CONFIG_SECURITY_TOMOYO_LKM approach outside of Tetsuo, and multiple objections, we need to revert these changes. Link: https://lore.kernel.org/all/0c4b443a-9c72-4800-97e8-a3816b6a9ae2@I-love.SAKURA.ne.jp Link: https://lore.kernel.org/all/CAHC9VhR=QjdoHG3wJgHFJkKYBg7vkQH2MpffgVzQ0tAByo_wRg@mail.gmail.com Acked-by: John Johansen Signed-off-by: Paul Moore commit d44238d8254a36249d576c96473269dbe500f5e4 Author: Jose Alberto Reguero Date: Thu Sep 19 20:42:02 2024 +0200 usb: xhci: Fix problem with xhci resume from suspend I have a ASUS PN51 S mini pc that has two xhci devices. One from AMD, and other from ASMEDIA. The one from ASMEDIA have problems when resume from suspend, and keep broken until unplug the power cord. I use this kernel parameter: xhci-hcd.quirks=128 and then it works ok. I make a path to reset only the ASMEDIA xhci. Signed-off-by: Jose Alberto Reguero Cc: stable Link: https://lore.kernel.org/r/20240919184202.22249-1-jose.alberto.reguero@gmail.com Signed-off-by: Greg Kroah-Hartman commit 6c4e1ef46c9d565c71e9ff1a70ddbe24790694d5 Author: Radhey Shyam Pandey Date: Sat Sep 28 18:56:32 2024 +0530 usb: misc: onboard_usb_dev: introduce new config symbol for usb5744 SMBus support Introduce new kernel config symbol for Microchip usb5744 SMBus programming support. Since usb5744 i2c initialization routine uses i2c SMBus APIs these APIs should only be invoked when kernel has I2C support. This new kernel config describes the dependency on I2C kernel support and fix the below build issues when USB_ONBOARD_DEV=y and CONFIG_I2C=m. riscv64-linux-ld: drivers/usb/misc/onboard_usb_dev.o: undefined reference to `i2c_find_device_by_fwnode' drivers/usb/misc/onboard_usb_dev.c:408:(.text+0xb24): undefined reference to `i2c_smbus_write_block_data' Parsing of the i2c-bus bus handle is not put under usb5744 kernel config check as the intention is to report an error when DT is configured for usb5744 SMBus support and kernel has USB_ONBOARD_DEV_USB5744 disabled. Fixes: 6782311d04df ("usb: misc: onboard_usb_dev: add Microchip usb5744 SMBus programming support") Signed-off-by: Radhey Shyam Pandey Suggested-by: Matthias Kaehlcke Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409140539.3Axwv38m-lkp@intel.com/ Acked-by: Matthias Kaehlcke Link: https://lore.kernel.org/r/1727529992-476088-1-git-send-email-radhey.shyam.pandey@amd.com Signed-off-by: Greg Kroah-Hartman commit 0d410e8913f5cffebcca79ffdd596009d4a13a28 Author: Selvarasu Ganesan Date: Tue Sep 17 04:48:09 2024 +0530 usb: dwc3: core: Stop processing of pending events if controller is halted This commit addresses an issue where events were being processed when the controller was in a halted state. To fix this issue by stop processing the events as the event count was considered stale or invalid when the controller was halted. Fixes: fc8bb91bc83e ("usb: dwc3: implement runtime PM") Cc: stable@kernel.org Signed-off-by: Selvarasu Ganesan Suggested-by: Thinh Nguyen Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240916231813.206-1-selvarasu.g@samsung.com Signed-off-by: Greg Kroah-Hartman commit 897e13a8f9a23576eeacb95075fdded97b197cc3 Author: Roy Luo Date: Fri Sep 13 23:21:45 2024 +0000 usb: dwc3: re-enable runtime PM after failed resume When dwc3_resume_common() returns an error, runtime pm is left in suspended and disabled state in dwc3_resume(). Since the device is suspended, its parent devices (like the power domain or glue driver) could also be suspended and may have released resources that dwc requires. Consequently, calling dwc3_suspend_common() in this situation could result in attempts to access unclocked or unpowered registers. To prevent these problems, runtime PM should always be re-enabled, even after failed resume attempts. This ensures that dwc3_suspend_common() is skipped in such cases. Fixes: 68c26fe58182 ("usb: dwc3: set pm runtime active before resume common") Cc: stable@vger.kernel.org Signed-off-by: Roy Luo Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240913232145.3507723-1-royluo@google.com Signed-off-by: Greg Kroah-Hartman commit a6555cb1cb69db479d0760e392c175ba32426842 Author: Icenowy Zheng Date: Tue Oct 1 16:34:07 2024 +0800 usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip JieLi tends to use SCSI via USB Mass Storage to implement their own proprietary commands instead of implementing another USB interface. Enumerating it as a generic mass storage device will lead to a Hardware Error sense key get reported. Ignore this bogus device to prevent appearing a unusable sdX device file. Signed-off-by: Icenowy Zheng Cc: stable Acked-by: Alan Stern Link: https://lore.kernel.org/r/20241001083407.8336-1-uwu@icenowy.me Signed-off-by: Greg Kroah-Hartman commit df9158826b00e53f42c67d62c887a84490d80a0a Author: John Keeping Date: Fri Sep 13 11:23:23 2024 +0100 usb: gadget: core: force synchronous registration Registering a gadget driver is expected to complete synchronously and immediately after calling driver_register() this function checks that the driver has bound so as to return an error. Set PROBE_FORCE_SYNCHRONOUS to ensure this is the case even when asynchronous probing is set as the default. Fixes: fc274c1e99731 ("USB: gadget: Add a new bus for gadgets") Cc: stable@vger.kernel.org Signed-off-by: John Keeping Link: https://lore.kernel.org/r/20240913102325.2826261-1-jkeeping@inmusicbrands.com Signed-off-by: Greg Kroah-Hartman commit 3eddb108abe3de6723cc4b77e8558ce1b3047987 Author: Easwar Hariharan Date: Thu Oct 3 22:52:35 2024 +0000 arm64: Subscribe Microsoft Azure Cobalt 100 to erratum 3194386 Add the Microsoft Azure Cobalt 100 CPU to the list of CPUs suffering from erratum 3194386 added in commit 75b3c43eab59 ("arm64: errata: Expand speculative SSBS workaround") CC: Mark Rutland CC: James More CC: Will Deacon CC: stable@vger.kernel.org # 6.6+ Signed-off-by: Easwar Hariharan Link: https://lore.kernel.org/r/20241003225239.321774-1-eahariha@linux.microsoft.com Signed-off-by: Catalin Marinas commit d41bff05a61fb539f21e9bf0d39fac77f457434e Author: SurajSonawane2415 Date: Fri Oct 4 13:29:44 2024 +0530 hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma Fix the uninitialized symbol 'rv' in the function ish_fw_xfer_direct_dma to resolve the following warning from the smatch tool: drivers/hid/intel-ish-hid/ishtp-fw-loader.c:714 ish_fw_xfer_direct_dma() error: uninitialized symbol 'rv'. Initialize 'rv' to 0 to prevent undefined behavior from uninitialized access. Cc: stable@vger.kernel.org Fixes: 91b228107da3 ("HID: intel-ish-hid: ISH firmware loader client driver") Signed-off-by: SurajSonawane2415 Link: https://patch.msgid.link/20241004075944.44932-1-surajsonawane0215@gmail.com Signed-off-by: Benjamin Tissoires commit b3ebb007060f89d5a45c9b99f06a55e36a1945b5 Author: Takashi Iwai Date: Fri Oct 4 10:25:58 2024 +0200 ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin We received a regression report for System76 Pangolin (pang14) due to the recent fix for Tuxedo Sirius devices to support the top speaker. The reason was the conflicting PCI SSID, as often seen. As a workaround, now the codec SSID is checked and the quirk is applied conditionally only to Sirius devices. Fixes: 4178d78cd7a8 ("ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices") Reported-by: Christian Heusel Reported-by: Jerry Closes: https://lore.kernel.org/c930b6a6-64e5-498f-b65a-1cd5e0a1d733@heusel.eu Link: https://patch.msgid.link/20241004082602.29016-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 703235a244e533652346844cfa42623afb36eed1 Author: Hans P. Moller Date: Thu Oct 3 20:28:28 2024 -0300 ALSA: line6: add hw monitor volume control to POD HD500X Add hw monitor volume control for POD HD500X. This is done adding LINE6_CAP_HWMON_CTL to the capabilities Signed-off-by: Hans P. Moller Cc: Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20241003232828.5819-1-hmoller@uc.cl commit 9df39a872c462ea07a3767ebd0093c42b2ff78a2 Author: Christophe JAILLET Date: Thu Oct 3 21:34:01 2024 +0200 ALSA: gus: Fix some error handling paths related to get_bpos() usage If get_bpos() fails, it is likely that the corresponding error code should be returned. Fixes: a6970bb1dd99 ("ALSA: gus: Convert to the new PCM ops") Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/d9ca841edad697154afa97c73a5d7a14919330d9.1727984008.git.christophe.jaillet@wanadoo.fr Signed-off-by: Takashi Iwai commit d539a871ae47a1f27a609a62e06093fa69d7ce99 Author: Benjamin Marzinski Date: Tue Sep 17 19:06:43 2024 -0400 scsi: scsi_transport_fc: Allow setting rport state to current state The only input fc_rport_set_marginal_state() currently accepts is "Marginal" when port_state is "Online", and "Online" when the port_state is "Marginal". It should also allow setting port_state to its current state, either "Marginal or "Online". Signed-off-by: Benjamin Marzinski Link: https://lore.kernel.org/r/20240917230643.966768-1-bmarzins@redhat.com Reviewed-by: Ewan D. Milne Signed-off-by: Martin K. Petersen commit 9023ed8d91eb1fcc93e64dc4962f7412b1c4cbec Author: Daniel Palmer Date: Thu Oct 3 13:29:47 2024 +1000 scsi: wd33c93: Don't use stale scsi_pointer value A regression was introduced with commit dbb2da557a6a ("scsi: wd33c93: Move the SCSI pointer to private command data") which results in an oops in wd33c93_intr(). That commit added the scsi_pointer variable and initialized it from hostdata->connected. However, during selection, hostdata->connected is not yet valid. Fix this by getting the current scsi_pointer from hostdata->selecting. Cc: Daniel Palmer Cc: Michael Schmitz Cc: stable@kernel.org Fixes: dbb2da557a6a ("scsi: wd33c93: Move the SCSI pointer to private command data") Signed-off-by: Daniel Palmer Co-developed-by: Finn Thain Signed-off-by: Finn Thain Link: https://lore.kernel.org/r/09e11a0a54e6aa2a88bd214526d305aaf018f523.1727926187.git.fthain@linux-m68k.org Reviewed-by: Michael Schmitz Reviewed-by: Bart Van Assche Signed-off-by: Martin K. Petersen commit f30e5f77d2f205ac14d09dec40fd4bb76712f13d Author: Martin Wilck Date: Mon Sep 30 15:30:14 2024 +0200 scsi: fnic: Move flush_work initialization out of if block After commit 379a58caa199 ("scsi: fnic: Move fnic_fnic_flush_tx() to a work queue"), it can happen that a work item is sent to an uninitialized work queue. This may has the effect that the item being queued is never actually queued, and any further actions depending on it will not proceed. The following warning is observed while the fnic driver is loaded: kernel: WARNING: CPU: 11 PID: 0 at ../kernel/workqueue.c:1524 __queue_work+0x373/0x410 kernel: kernel: queue_work_on+0x3a/0x50 kernel: fnic_wq_copy_cmpl_handler+0x54a/0x730 [fnic 62fbff0c42e7fb825c60a55cde2fb91facb2ed24] kernel: fnic_isr_msix_wq_copy+0x2d/0x60 [fnic 62fbff0c42e7fb825c60a55cde2fb91facb2ed24] kernel: __handle_irq_event_percpu+0x36/0x1a0 kernel: handle_irq_event_percpu+0x30/0x70 kernel: handle_irq_event+0x34/0x60 kernel: handle_edge_irq+0x7e/0x1a0 kernel: __common_interrupt+0x3b/0xb0 kernel: common_interrupt+0x58/0xa0 kernel: It has been observed that this may break the rediscovery of Fibre Channel devices after a temporary fabric failure. This patch fixes it by moving the work queue initialization out of an if block in fnic_probe(). Signed-off-by: Martin Wilck Fixes: 379a58caa199 ("scsi: fnic: Move fnic_fnic_flush_tx() to a work queue") Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240930133014.71615-1-mwilck@suse.com Reviewed-by: Lee Duncan Reviewed-by: Karan Tilak Kumar Signed-off-by: Martin K. Petersen commit d5130c5a093257aa4542aaded8034ef116a7624a Author: Avri Altman Date: Tue Sep 10 07:45:43 2024 +0300 scsi: ufs: Use pre-calculated offsets in ufshcd_init_lrb() Replace manual offset calculations for response_upiu and prd_table in ufshcd_init_lrb() with pre-calculated offsets already stored in the utp_transfer_req_desc structure. The pre-calculated offsets are set differently in ufshcd_host_memory_configure() based on the UFSHCD_QUIRK_PRDT_BYTE_GRAN quirk, ensuring correct alignment and access. Fixes: 26f968d7de82 ("scsi: ufs: Introduce UFSHCD_QUIRK_PRDT_BYTE_GRAN quirk") Cc: stable@vger.kernel.org Signed-off-by: Avri Altman Link: https://lore.kernel.org/r/20240910044543.3812642-1-avri.altman@wdc.com Acked-by: Bart Van Assche Signed-off-by: Martin K. Petersen commit 5b272bf7dcf969eb4f19ef994b6e60458ee6300f Merge: 240ebf1c9d4ce1 a6f3b2527375c7 Author: Dave Airlie Date: Fri Oct 4 10:30:33 2024 +1000 Merge tag 'drm-xe-fixes-2024-10-03' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-fixes Driver Changes: - Restore pci state on resume (Rodrigo Vivi) - Fix locking on submission, queue and vm (Matthew Auld, Matthew Brost) - Fix UAF on queue destruction (Matthew Auld) - Fix resource release on freq init error path (He Lugang) - Use rw_semaphore to reduce contention on ASID->VM lookup (Matthew Brost) - Fix steering for media on Xe2_HPM (Gustavo Sousa) - Tuning updates to Xe2 (Gustavo Sousa) - Resume TDR after GT reset to prevent jobs running forever (Matthew Brost) - Move id allocation to avoid userspace using a guessed number to trigger UAF (Matthew Auld, Matthew Brost) - Fix OA stream close preventing pbatch buffers to complete (José) - Fix NPD when migrating memory on LNL (Zhanjun Dong) - Fix memory leak when aborting binds (Matthew Brost) Signed-off-by: Dave Airlie From: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/2fiv63yanlal5mpw3mxtotte6yvkvtex74c7mkjxca4bazlyja@o4iejcfragxy commit 096c0fa42afa92b6ffa4e441c4c72a2f805c5a88 Merge: 2d7a098b9dbe78 09d0fb5cb30ebc Author: Jakub Kicinski Date: Thu Oct 3 17:35:02 2024 -0700 Merge branch '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/net-queue Tony Nguyen says: ==================== Intel Wired LAN Driver Updates 2024-09-30 (ice, idpf) This series contains updates to ice and idpf drivers: For ice: Michal corrects setting of dst VSI on LAN filters and adds clearing of port VLAN configuration during reset. Gui-Dong Han corrects failures to decrement refcount in some error paths. Przemek resolves a memory leak in ice_init_tx_topology(). Arkadiusz prevents setting of DPLL_PIN_STATE_SELECTABLE to an improper value. Dave stops clearing of VLAN tracking bit to allow for VLANs to be properly restored after reset. For idpf: Ahmed sets uninitialized dyn_ctl_intrvl_s value. Josh corrects use and reporting of mailbox size. Larysa corrects order of function calls during de-initialization. * '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/net-queue: idpf: deinit virtchnl transaction manager after vport and vectors idpf: use actual mbx receive payload length idpf: fix VF dynamic interrupt ctl register initialization ice: fix VLAN replay after reset ice: disallow DPLL_PIN_STATE_SELECTABLE for dpll output pins ice: fix memleak in ice_init_tx_topology() ice: clear port vlan config during reset ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count() ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins() ice: set correct dst VSI in only LAN filters ==================== Link: https://patch.msgid.link/20240930223601.3137464-1-anthony.l.nguyen@intel.com Signed-off-by: Jakub Kicinski commit 0c559323bbaabee7346c12e74b497e283aaafef5 Merge: 263a25de5b6002 05cef2c4a421ca Author: Linus Torvalds Date: Thu Oct 3 17:15:09 2024 -0700 Merge tag 'rust-fixes-6.12' of https://github.com/Rust-for-Linux/linux Pull Rust fixes from Miguel Ojeda: "Toolchain and infrastructure: - Fix/improve a couple 'depends on' on the newly added CFI/KASAN suppport to avoid build errors/warnings - Fix ARCH_SLAB_MINALIGN multiple definition error for RISC-V under !CONFIG_MMU - Clean upcoming (Rust 1.83.0) Clippy warnings 'kernel' crate: - 'sync' module: fix soundness issue by requiring 'T: Sync' for 'LockedBy::access'; and fix helpers build error under PREEMPT_RT - Fix trivial sorting issue ('rustfmtcheck') on the v6.12 Rust merge" * tag 'rust-fixes-6.12' of https://github.com/Rust-for-Linux/linux: rust: kunit: use C-string literals to clean warning cfi: encode cfi normalized integers + kasan/gcov bug in Kconfig rust: KASAN+RETHUNK requires rustc 1.83.0 rust: cfi: fix `patchable-function-entry` starting version rust: mutex: fix __mutex_init() usage in case of PREEMPT_RT rust: fix `ARCH_SLAB_MINALIGN` multiple definition error rust: sync: require `T: Sync` for `LockedBy::access` rust: kernel: sort Rust modules commit 263a25de5b6002da3b27bc33a36c51ecfc086b35 Merge: 3840cbe24cf060 0d0b8646a66de7 Author: Linus Torvalds Date: Thu Oct 3 17:03:18 2024 -0700 Merge tag 'pull-fixes.ufs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs Pull ufs fix from Al Viro: "Fix ufs_rename() braino introduced this cycle. The 'folio_release_kmap(dir_folio, new_dir)' in ufs_rename() part of folio conversion should've been getting a pointer to ufs directory entry within the page, rather than a pointer to directory struct inode..." * tag 'pull-fixes.ufs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: ufs_rename(): fix bogus argument of folio_release_kmap() commit 2d7a098b9dbe78b6b56694184315fbc1647719b7 Author: Leo Stone Date: Sat Sep 28 17:49:34 2024 -0700 Documentation: networking/tcp_ao: typo and grammar fixes Fix multiple grammatical issues and add a missing period to improve readability. Signed-off-by: Leo Stone Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240929005001.370991-1-leocstone@gmail.com Signed-off-by: Jakub Kicinski commit 35f12108791890d8f09fd8086c74c9a860753df2 Merge: 9af25dd9ae2fb2 7a310f8d7dfe2d Author: Jakub Kicinski Date: Thu Oct 3 16:23:24 2024 -0700 Merge branch 'rxrpc-miscellaneous-fixes' David Howells says: ==================== rxrpc: Miscellaneous fixes Here some miscellaneous fixes for AF_RXRPC: (1) Fix a race in the I/O thread vs UDP socket setup. (2) Fix an uninitialised variable. ==================== Link: https://patch.msgid.link/20241001132702.3122709-1-dhowells@redhat.com Signed-off-by: Jakub Kicinski commit 7a310f8d7dfe2d92a1f31ddb5357bfdd97eed273 Author: David Howells Date: Tue Oct 1 14:26:59 2024 +0100 rxrpc: Fix uninitialised variable in rxrpc_send_data() Fix the uninitialised txb variable in rxrpc_send_data() by moving the code that loads it above all the jumps to maybe_error, txb being stored back into call->tx_pending right before the normal return. Fixes: b0f571ecd794 ("rxrpc: Fix locking in rxrpc's sendmsg") Reported-by: Dan Carpenter Closes: https://lists.infradead.org/pipermail/linux-afs/2024-October/008896.html Signed-off-by: David Howells cc: Marc Dionne cc: linux-afs@lists.infradead.org Link: https://patch.msgid.link/20241001132702.3122709-3-dhowells@redhat.com Signed-off-by: Jakub Kicinski commit bc212465326e8587325f520a052346f0b57360e6 Author: David Howells Date: Tue Oct 1 14:26:58 2024 +0100 rxrpc: Fix a race between socket set up and I/O thread creation In rxrpc_open_socket(), it sets up the socket and then sets up the I/O thread that will handle it. This is a problem, however, as there's a gap between the two phases in which a packet may come into rxrpc_encap_rcv() from the UDP packet but we oops when trying to wake the not-yet created I/O thread. As a quick fix, just make rxrpc_encap_rcv() discard the packet if there's no I/O thread yet. A better, but more intrusive fix would perhaps be to rearrange things such that the socket creation is done by the I/O thread. Fixes: a275da62e8c1 ("rxrpc: Create a per-local endpoint receive queue and I/O thread") Signed-off-by: David Howells cc: yuxuanzhe@outlook.com cc: Marc Dionne cc: Simon Horman cc: linux-afs@lists.infradead.org Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20241001132702.3122709-2-dhowells@redhat.com Signed-off-by: Jakub Kicinski commit 9af25dd9ae2fb27fede7ecc42242306f318cf770 Merge: ec636707f75747 27c80efcc20486 Author: Jakub Kicinski Date: Thu Oct 3 16:18:09 2024 -0700 Merge branch 'tcp-3-fixes-for-retrans_stamp-and-undo-logic' Neal Cardwell says: ==================== tcp: 3 fixes for retrans_stamp and undo logic Geumhwan Yu recently reported and diagnosed a regression in TCP loss recovery undo logic in the case where a TCP connection enters fast recovery, is unable to retransmit anything due to TSQ, and then receives an ACK allowing forward progress. The sender should be able to undo the spurious loss recovery in this case, but was not doing so. The first patch fixes this regression. Running our suite of packetdrill tests with the first fix, the tests highlighted two other small bugs in the way retrans_stamp is updated in some rare corner cases. The second two patches fix those other two small bugs. Thanks to Geumhwan Yu for the bug report! ==================== Link: https://patch.msgid.link/20241001200517.2756803-1-ncardwell.sw@gmail.com Signed-off-by: Jakub Kicinski commit 27c80efcc20486c82698f05f00e288b44513c86b Author: Neal Cardwell Date: Tue Oct 1 20:05:17 2024 +0000 tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out Fix tcp_rcv_synrecv_state_fastopen() to not zero retrans_stamp if retransmits are outstanding. tcp_fastopen_synack_timer() sets retrans_stamp, so typically we'll need to zero retrans_stamp here to prevent spurious retransmits_timed_out(). The logic to zero retrans_stamp is from this 2019 commit: commit cd736d8b67fb ("tcp: fix retrans timestamp on passive Fast Open") However, in the corner case where the ACK of our TFO SYNACK carried some SACK blocks that caused us to enter TCP_CA_Recovery then that non-zero retrans_stamp corresponds to the active fast recovery, and we need to leave retrans_stamp with its current non-zero value, for correct ETIMEDOUT and undo behavior. Fixes: cd736d8b67fb ("tcp: fix retrans timestamp on passive Fast Open") Signed-off-by: Neal Cardwell Signed-off-by: Yuchung Cheng Signed-off-by: Eric Dumazet Link: https://patch.msgid.link/20241001200517.2756803-4-ncardwell.sw@gmail.com Signed-off-by: Jakub Kicinski commit b41b4cbd9655bcebcce941bef3601db8110335be Author: Neal Cardwell Date: Tue Oct 1 20:05:16 2024 +0000 tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe Fix tcp_enter_recovery() so that if there are no retransmits out then we zero retrans_stamp when entering fast recovery. This is necessary to fix two buggy behaviors. Currently a non-zero retrans_stamp value can persist across multiple back-to-back loss recovery episodes. This is because we generally only clears retrans_stamp if we are completely done with loss recoveries, and get to tcp_try_to_open() and find !tcp_any_retrans_done(sk). This behavior causes two bugs: (1) When a loss recovery episode (CA_Loss or CA_Recovery) is followed immediately by a new CA_Recovery, the retrans_stamp value can persist and can be a time before this new CA_Recovery episode starts. That means that timestamp-based undo will be using the wrong retrans_stamp (a value that is too old) when comparing incoming TS ecr values to retrans_stamp to see if the current fast recovery episode can be undone. (2) If there is a roughly minutes-long sequence of back-to-back fast recovery episodes, one after another (e.g. in a shallow-buffered or policed bottleneck), where each fast recovery successfully makes forward progress and recovers one window of sequence space (but leaves at least one retransmit in flight at the end of the recovery), followed by several RTOs, then the ETIMEDOUT check may be using the wrong retrans_stamp (a value set at the start of the first fast recovery in the sequence). This can cause a very premature ETIMEDOUT, killing the connection prematurely. This commit changes the code to zero retrans_stamp when entering fast recovery, when this is known to be safe (no retransmits are out in the network). That ensures that when starting a fast recovery episode, and it is safe to do so, retrans_stamp is set when we send the fast retransmit packet. That addresses both bug (1) and bug (2) by ensuring that (if no retransmits are out when we start a fast recovery) we use the initial fast retransmit of this fast recovery as the time value for undo and ETIMEDOUT calculations. This makes intuitive sense, since the start of a new fast recovery episode (in a scenario where no lost packets are out in the network) means that the connection has made forward progress since the last RTO or fast recovery, and we should thus "restart the clock" used for both undo and ETIMEDOUT logic. Note that if when we start fast recovery there *are* retransmits out in the network, there can still be undesirable (1)/(2) issues. For example, after this patch we can still have the (1) and (2) problems in cases like this: + round 1: sender sends flight 1 + round 2: sender receives SACKs and enters fast recovery 1, retransmits some packets in flight 1 and then sends some new data as flight 2 + round 3: sender receives some SACKs for flight 2, notes losses, and retransmits some packets to fill the holes in flight 2 + fast recovery has some lost retransmits in flight 1 and continues for one or more rounds sending retransmits for flight 1 and flight 2 + fast recovery 1 completes when snd_una reaches high_seq at end of flight 1 + there are still holes in the SACK scoreboard in flight 2, so we enter fast recovery 2, but some retransmits in the flight 2 sequence range are still in flight (retrans_out > 0), so we can't execute the new retrans_stamp=0 added here to clear retrans_stamp It's not yet clear how to fix these remaining (1)/(2) issues in an efficient way without breaking undo behavior, given that retrans_stamp is currently used for undo and ETIMEDOUT. Perhaps the optimal (but expensive) strategy would be to set retrans_stamp to the timestamp of the earliest outstanding retransmit when entering fast recovery. But at least this commit makes things better. Note that this does not change the semantics of retrans_stamp; it simply makes retrans_stamp accurate in some cases where it was not before: (1) Some loss recovery, followed by an immediate entry into a fast recovery, where there are no retransmits out when entering the fast recovery. (2) When a TFO server has a SYNACK retransmit that sets retrans_stamp, and then the ACK that completes the 3-way handshake has SACK blocks that trigger a fast recovery. In this case when entering fast recovery we want to zero out the retrans_stamp from the TFO SYNACK retransmit, and set the retrans_stamp based on the timestamp of the fast recovery. We introduce a tcp_retrans_stamp_cleanup() helper, because this two-line sequence already appears in 3 places and is about to appear in 2 more as a result of this bug fix patch series. Once this bug fix patches series in the net branch makes it into the net-next branch we'll update the 3 other call sites to use the new helper. This is a long-standing issue. The Fixes tag below is chosen to be the oldest commit at which the patch will apply cleanly, which is from Linux v3.5 in 2012. Fixes: 1fbc340514fc ("tcp: early retransmit: tcp_enter_recovery()") Signed-off-by: Neal Cardwell Signed-off-by: Yuchung Cheng Signed-off-by: Eric Dumazet Link: https://patch.msgid.link/20241001200517.2756803-3-ncardwell.sw@gmail.com Signed-off-by: Jakub Kicinski commit e37ab7373696e650d3b6262a5b882aadad69bb9e Author: Neal Cardwell Date: Tue Oct 1 20:05:15 2024 +0000 tcp: fix to allow timestamp undo if no retransmits were sent Fix the TCP loss recovery undo logic in tcp_packet_delayed() so that it can trigger undo even if TSQ prevents a fast recovery episode from reaching tcp_retransmit_skb(). Geumhwan Yu recently reported that after this commit from 2019: commit bc9f38c8328e ("tcp: avoid unconditional congestion window undo on SYN retransmit") ...and before this fix we could have buggy scenarios like the following: + Due to reordering, a TCP connection receives some SACKs and enters a spurious fast recovery. + TSQ prevents all invocations of tcp_retransmit_skb(), because many skbs are queued in lower layers of the sending machine's network stack; thus tp->retrans_stamp remains 0. + The connection receives a TCP timestamp ECR value echoing a timestamp before the fast recovery, indicating that the fast recovery was spurious. + The connection fails to undo the spurious fast recovery because tp->retrans_stamp is 0, and thus tcp_packet_delayed() returns false, due to the new logic in the 2019 commit: commit bc9f38c8328e ("tcp: avoid unconditional congestion window undo on SYN retransmit") This fix tweaks the logic to be more similar to the tcp_packet_delayed() logic before bc9f38c8328e, except that we take care not to be fooled by the FLAG_SYN_ACKED code path zeroing out tp->retrans_stamp (the bug noted and fixed by Yuchung in bc9f38c8328e). Note that this returns the high-level behavior of tcp_packet_delayed() to again match the comment for the function, which says: "Nothing was retransmitted or returned timestamp is less than timestamp of the first retransmission." Note that this comment is in the original 2005-04-16 Linux git commit, so this is evidently long-standing behavior. Fixes: bc9f38c8328e ("tcp: avoid unconditional congestion window undo on SYN retransmit") Reported-by: Geumhwan Yu Diagnosed-by: Geumhwan Yu Signed-off-by: Neal Cardwell Signed-off-by: Yuchung Cheng Signed-off-by: Eric Dumazet Link: https://patch.msgid.link/20241001200517.2756803-2-ncardwell.sw@gmail.com Signed-off-by: Jakub Kicinski commit ec636707f757474c959dc4e90f58e32aa9eb060a Merge: 55e802468e1d38 8f61d73306c62e Author: Jakub Kicinski Date: Thu Oct 3 16:16:04 2024 -0700 Merge branch 'fix-aqr-pma-capabilities' Abhishek Chauhan says: ==================== Fix AQR PMA capabilities Patch 1:- AQR115c reports incorrect PMA capabilities which includes 10G/5G and also incorrectly disables capabilities like autoneg and 10Mbps support. AQR115c as per the Marvell databook supports speeds up to 2.5Gbps with autonegotiation. Patch 2:- Remove the use of phy_set_max_speed in phy driver as the function is mainly used in MAC driver to set the max speed. Instead use get_features to fix up Phy PMA capabilities for AQR111, AQR111B0, AQR114C and AQCS109 ==================== Link: https://patch.msgid.link/20241001224626.2400222-1-quic_abchauha@quicinc.com Signed-off-by: Jakub Kicinski commit 8f61d73306c62e3c0e368cf6051330f4593415f6 Author: Abhishek Chauhan Date: Tue Oct 1 15:46:26 2024 -0700 net: phy: aquantia: remove usage of phy_set_max_speed Remove the use of phy_set_max_speed in phy driver as the function is mainly used in MAC driver to set the max speed. Instead use get_features to fix up Phy PMA capabilities for AQR111, AQR111B0, AQR114C and AQCS109 Fixes: 038ba1dc4e54 ("net: phy: aquantia: add AQR111 and AQR111B0 PHY ID") Fixes: 0974f1f03b07 ("net: phy: aquantia: remove false 5G and 10G speed ability for AQCS109") Fixes: c278ec644377 ("net: phy: aquantia: add support for AQR114C PHY ID") Link: https://lore.kernel.org/all/20240913011635.1286027-1-quic_abchauha@quicinc.com/T/ Signed-off-by: Abhishek Chauhan Reviewed-by: Russell King (Oracle) Link: https://patch.msgid.link/20241001224626.2400222-3-quic_abchauha@quicinc.com Signed-off-by: Jakub Kicinski commit 17cbfcdd85f6c93b2e9565d61110ad0b90440436 Author: Abhishek Chauhan Date: Tue Oct 1 15:46:25 2024 -0700 net: phy: aquantia: AQR115c fix up PMA capabilities AQR115c reports incorrect PMA capabilities which includes 10G/5G and also incorrectly disables capabilities like autoneg and 10Mbps support. AQR115c as per the Marvell databook supports speeds up to 2.5Gbps with autonegotiation. Fixes: 0ebc581f8a4b ("net: phy: aquantia: add support for aqr115c") Link: https://lore.kernel.org/all/20240913011635.1286027-1-quic_abchauha@quicinc.com/T/ Signed-off-by: Abhishek Chauhan Reviewed-by: Russell King (Oracle) Link: https://patch.msgid.link/20241001224626.2400222-2-quic_abchauha@quicinc.com Signed-off-by: Jakub Kicinski commit 3840cbe24cf060ea05a585ca497814609f5d47d1 Author: Johannes Weiner Date: Thu Oct 3 07:29:05 2024 -0400 sched: psi: fix bogus pressure spikes from aggregation race Brandon reports sporadic, non-sensical spikes in cumulative pressure time (total=) when reading cpu.pressure at a high rate. This is due to a race condition between reader aggregation and tasks changing states. While it affects all states and all resources captured by PSI, in practice it most likely triggers with CPU pressure, since scheduling events are so frequent compared to other resource events. The race context is the live snooping of ongoing stalls during a pressure read. The read aggregates per-cpu records for stalls that have concluded, but will also incorporate ad-hoc the duration of any active state that hasn't been recorded yet. This is important to get timely measurements of ongoing stalls. Those ad-hoc samples are calculated on-the-fly up to the current time on that CPU; since the stall hasn't concluded, it's expected that this is the minimum amount of stall time that will enter the per-cpu records once it does. The problem is that the path that concludes the state uses a CPU clock read that is not synchronized against aggregators; the clock is read outside of the seqlock protection. This allows aggregators to race and snoop a stall with a longer duration than will actually be recorded. With the recorded stall time being less than the last snapshot remembered by the aggregator, a subsequent sample will underflow and observe a bogus delta value, resulting in an erratic jump in pressure. Fix this by moving the clock read of the state change into the seqlock protection. This ensures no aggregation can snoop live stalls past the time that's recorded when the state concludes. Reported-by: Brandon Duffany Link: https://bugzilla.kernel.org/show_bug.cgi?id=219194 Link: https://lore.kernel.org/lkml/20240827121851.GB438928@cmpxchg.org/ Fixes: df77430639c9 ("psi: Reduce calls to sched_clock() in psi") Cc: stable@vger.kernel.org Signed-off-by: Johannes Weiner Reviewed-by: Chengming Zhou Signed-off-by: Linus Torvalds commit fcd1ec9cb59c4375803c2c3c18ba7f473fe91cdc Author: Paolo Bonzini Date: Fri Sep 27 06:25:35 2024 -0400 KVM: x86/mmu: fix KVM_X86_QUIRK_SLOT_ZAP_ALL for shadow MMU As was tried in commit 4e103134b862 ("KVM: x86/mmu: Zap only the relevant pages when removing a memslot"), all shadow pages, i.e. non-leaf SPTEs, need to be zapped. All of the accounting for a shadow page is tied to the memslot, i.e. the shadow page holds a reference to the memslot, for all intents and purposes. Deleting the memslot without removing all relevant shadow pages, as is done when KVM_X86_QUIRK_SLOT_ZAP_ALL is disabled, results in NULL pointer derefs when tearing down the VM. Reintroduce from that commit the code that walks the whole memslot when there are active shadow MMU pages. Signed-off-by: Paolo Bonzini commit 55e802468e1d38dec8e25a2fdb6078d45b647e8c Author: Sebastian Andrzej Siewior Date: Wed Oct 2 14:58:37 2024 +0200 sfc: Don't invoke xdp_do_flush() from netpoll. Yury reported a crash in the sfc driver originated from netpoll_send_udp(). The netconsole sends a message and then netpoll invokes the driver's NAPI function with a budget of zero. It is dedicated to allow driver to free TX resources, that it may have used while sending the packet. In the netpoll case the driver invokes xdp_do_flush() unconditionally, leading to crash because bpf_net_context was never assigned. Invoke xdp_do_flush() only if budget is not zero. Fixes: 401cb7dae8130 ("net: Reference bpf_redirect_info via task_struct on PREEMPT_RT.") Reported-by: Yury Vostrikov Closes: https://lore.kernel.org/5627f6d1-5491-4462-9d75-bc0612c26a22@app.fastmail.com Signed-off-by: Sebastian Andrzej Siewior Reviewed-by: Edward Cree Link: https://patch.msgid.link/20241002125837.utOcRo6Y@linutronix.de Signed-off-by: Jakub Kicinski commit a842e443ca8184f2dc82ab307b43a8b38defd6a5 Author: Ingo van Lil Date: Wed Oct 2 18:18:07 2024 +0200 net: phy: dp83869: fix memory corruption when enabling fiber When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmode_set_bit() with a bit mask (1 << 10) rather than a bit number (10). This corrupts some other memory location -- in case of arm64 the priv pointer in the same structure. Since the advertising flags are updated from supported at the end of the function the incorrect line isn't needed at all and can be removed. Fixes: a29de52ba2a1 ("net: dp83869: Add ability to advertise Fiber connection") Signed-off-by: Ingo van Lil Reviewed-by: Alexander Sverdlin Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20241002161807.440378-1-inguin@gmx.de Signed-off-by: Jakub Kicinski commit 301d194d01f3074efcf3a10eae116fcddb76788a Author: Colin Ian King Date: Tue Sep 17 13:08:56 2024 +0100 drm/nouveau/gsp: remove extraneous ; after mutex The mutex field has two following semicolons, replace this with just one semicolon. Signed-off-by: Colin Ian King Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240917120856.1877733-1-colin.i.king@gmail.com commit 2a13ca2e8abb12ee43ada8a107dadca83f140937 Author: Wei Li Date: Tue Sep 24 17:45:14 2024 +0800 tracing/hwlat: Fix a race during cpuhp processing The cpuhp online/offline processing race also exists in percpu-mode hwlat tracer in theory, apply the fix too. That is: T1 | T2 [CPUHP_ONLINE] | cpu_device_down() hwlat_hotplug_workfn() | | cpus_write_lock() | takedown_cpu(1) | cpus_write_unlock() [CPUHP_OFFLINE] | cpus_read_lock() | start_kthread(1) | cpus_read_unlock() | Cc: stable@vger.kernel.org Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Link: https://lore.kernel.org/20240924094515.3561410-5-liwei391@huawei.com Fixes: ba998f7d9531 ("trace/hwlat: Support hotplug operations") Signed-off-by: Wei Li Signed-off-by: Steven Rostedt (Google) commit 829e0c9f0855f26b3ae830d17b24aec103f7e915 Author: Wei Li Date: Tue Sep 24 17:45:13 2024 +0800 tracing/timerlat: Fix a race during cpuhp processing There is another found exception that the "timerlat/1" thread was scheduled on CPU0, and lead to timer corruption finally: ``` ODEBUG: init active (active state 0) object: ffff888237c2e108 object type: hrtimer hint: timerlat_irq+0x0/0x220 WARNING: CPU: 0 PID: 426 at lib/debugobjects.c:518 debug_print_object+0x7d/0xb0 Modules linked in: CPU: 0 UID: 0 PID: 426 Comm: timerlat/1 Not tainted 6.11.0-rc7+ #45 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 RIP: 0010:debug_print_object+0x7d/0xb0 ... Call Trace: ? __warn+0x7c/0x110 ? debug_print_object+0x7d/0xb0 ? report_bug+0xf1/0x1d0 ? prb_read_valid+0x17/0x20 ? handle_bug+0x3f/0x70 ? exc_invalid_op+0x13/0x60 ? asm_exc_invalid_op+0x16/0x20 ? debug_print_object+0x7d/0xb0 ? debug_print_object+0x7d/0xb0 ? __pfx_timerlat_irq+0x10/0x10 __debug_object_init+0x110/0x150 hrtimer_init+0x1d/0x60 timerlat_main+0xab/0x2d0 ? __pfx_timerlat_main+0x10/0x10 kthread+0xb7/0xe0 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x2d/0x40 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 ``` After tracing the scheduling event, it was discovered that the migration of the "timerlat/1" thread was performed during thread creation. Further analysis confirmed that it is because the CPU online processing for osnoise is implemented through workers, which is asynchronous with the offline processing. When the worker was scheduled to create a thread, the CPU may has already been removed from the cpu_online_mask during the offline process, resulting in the inability to select the right CPU: T1 | T2 [CPUHP_ONLINE] | cpu_device_down() osnoise_hotplug_workfn() | | cpus_write_lock() | takedown_cpu(1) | cpus_write_unlock() [CPUHP_OFFLINE] | cpus_read_lock() | start_kthread(1) | cpus_read_unlock() | To fix this, skip online processing if the CPU is already offline. Cc: stable@vger.kernel.org Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Link: https://lore.kernel.org/20240924094515.3561410-4-liwei391@huawei.com Fixes: c8895e271f79 ("trace/osnoise: Support hotplug operations") Signed-off-by: Wei Li Signed-off-by: Steven Rostedt (Google) commit b484a02c9cedf8703eff8f0756f94618004bd165 Author: Wei Li Date: Tue Sep 24 17:45:12 2024 +0800 tracing/timerlat: Drop interface_lock in stop_kthread() stop_kthread() is the offline callback for "trace/osnoise:online", since commit 5bfbcd1ee57b ("tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread()"), the following ABBA deadlock scenario is introduced: T1 | T2 [BP] | T3 [AP] osnoise_hotplug_workfn() | work_for_cpu_fn() | cpuhp_thread_fun() | _cpu_down() | osnoise_cpu_die() mutex_lock(&interface_lock) | | stop_kthread() | cpus_write_lock() | mutex_lock(&interface_lock) cpus_read_lock() | cpuhp_kick_ap() | As the interface_lock here in just for protecting the "kthread" field of the osn_var, use xchg() instead to fix this issue. Also use for_each_online_cpu() back in stop_per_cpu_kthreads() as it can take cpu_read_lock() again. Cc: stable@vger.kernel.org Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Link: https://lore.kernel.org/20240924094515.3561410-3-liwei391@huawei.com Fixes: 5bfbcd1ee57b ("tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread()") Signed-off-by: Wei Li Signed-off-by: Steven Rostedt (Google) commit 0bb0a5c12ecf36ad561542bbb95f96355e036a02 Author: Wei Li Date: Tue Sep 24 17:45:11 2024 +0800 tracing/timerlat: Fix duplicated kthread creation due to CPU online/offline osnoise_hotplug_workfn() is the asynchronous online callback for "trace/osnoise:online". It may be congested when a CPU goes online and offline repeatedly and is invoked for multiple times after a certain online. This will lead to kthread leak and timer corruption. Add a check in start_kthread() to prevent this situation. Cc: stable@vger.kernel.org Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Link: https://lore.kernel.org/20240924094515.3561410-2-liwei391@huawei.com Fixes: c8895e271f79 ("trace/osnoise: Support hotplug operations") Signed-off-by: Wei Li Signed-off-by: Steven Rostedt (Google) commit ad686707ea16099a791bcdcd5372764c5059aecc Author: Sami Tolvanen Date: Mon Sep 16 22:15:57 2024 +0000 x86/ftrace: Include uses struct pt_regs in several places. Include to ensure it's visible. This is needed to make sure object files that only include compile. Cc: Mark Rutland Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: "H. Peter Anvin" Link: https://lore.kernel.org/20240916221557.846853-2-samitolvanen@google.com Suggested-by: Masahiro Yamada Signed-off-by: Sami Tolvanen Acked-by: Masami Hiramatsu (Google) Signed-off-by: Steven Rostedt (Google) commit 3d7b8ea7a8a20a45d019382c4dc6ed79e8bb95cf Author: Eder Zulian Date: Tue Aug 13 17:58:31 2024 +0200 rtla: Fix the help text in osnoise and timerlat top tools The help text in osnoise top and timerlat top had some minor errors and omissions. The -d option was missing the 's' (second) abbreviation and the error message for '-d' used '-D'. Cc: stable@vger.kernel.org Fixes: 1eceb2fc2ca54 ("rtla/osnoise: Add osnoise top mode") Fixes: a828cd18bc4ad ("rtla: Add timerlat tool and timelart top mode") Link: https://lore.kernel.org/20240813155831.384446-1-ezulian@redhat.com Suggested-by: Tomas Glozar Reviewed-by: Tomas Glozar Signed-off-by: Eder Zulian Signed-off-by: Steven Rostedt (Google) commit f771d5369f1dbfe32c93bcb4f5d7ca8322b15389 Author: Ben Hutchings Date: Mon Sep 16 01:31:58 2024 +0200 tools/rtla: Fix installation from out-of-tree build rtla now supports out-of-tree builds, but installation fails as it still tries to install the rtla binary from the source tree. Use the existing macro $(RTLA) to refer to the binary. Link: https://lore.kernel.org/ZudubuoU_JHjPZ7w@decadent.org.uk Fixes: 01474dc706ca ("tools/rtla: Use tools/build makefiles to build rtla") Reviewed-by: Tomas Glozar Tested-by: Tomas Glozar Signed-off-by: Ben Hutchings Signed-off-by: Steven Rostedt (Google) commit 50a3242d84ee1625b0bfef29b95f935958dccfbe Author: Steven Rostedt Date: Thu Oct 3 10:49:25 2024 -0400 tracing: Fix trace_check_vprintf() when tp_printk is used When the tp_printk kernel command line is used, the trace events go directly to printk(). It is still checked via the trace_check_vprintf() function to make sure the pointers of the trace event are legit. The addition of reading buffers from previous boots required adding a delta between the addresses of the previous boot and the current boot so that the pointers in the old buffer can still be used. But this required adding a trace_array pointer to acquire the delta offsets. The tp_printk code does not provide a trace_array (tr) pointer, so when the offsets were examined, a NULL pointer dereference happened and the kernel crashed. If the trace_array does not exist, just default the delta offsets to zero, as that also means the trace event is not being read from a previous boot. Link: https://lore.kernel.org/all/Zv3z5UsG_jsO9_Tb@aschofie-mobl2.lan/ Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Link: https://lore.kernel.org/20241003104925.4e1b1fd9@gandalf.local.home Fixes: 07714b4bb3f98 ("tracing: Handle old buffer mappings for event strings and functions") Reported-by: Alison Schofield Tested-by: Alison Schofield Signed-off-by: Steven Rostedt (Google) commit 009b15b5748549fec4f40f1142ce644a27ddc265 Author: Mike Snitzer Date: Thu Oct 3 15:34:59 2024 -0400 nfs_common: fix Kconfig for NFS_COMMON_LOCALIO_SUPPORT The 'default n' that was in NFS_COMMON_LOCALIO_SUPPORT caused these extra defaults to be missed: default y if NFSD=y || NFS_FS=y default m if NFSD=m && NFS_FS=m Remove the 'default n' for NFS_COMMON_LOCALIO_SUPPORT so that the correct tristate is selected based on how NFSD and NFS_FS are configured. This fixes the reported case where NFS_FS=y but NFS_COMMON_LOCALIO_SUPPORT=m, it is now correctly set to =y. In addition, add extra 'depends on NFS_LOCALIO' to NFS_COMMON_LOCALIO_SUPPORT so that if NFS_LOCALIO isn't set then NFS_COMMON_LOCALIO_SUPPORT will not be either. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202410031944.hMCFY9BO-lkp@intel.com/ Signed-off-by: Mike Snitzer Signed-off-by: Anna Schumaker commit 65f2a5c366353da6fa724c68347e1de954928143 Author: Mike Snitzer Date: Thu Oct 3 15:34:58 2024 -0400 nfs_common: fix race in NFS calls to nfsd_file_put_local() and nfsd_serv_put() Add nfs_to_nfsd_file_put_local() interface to fix race with nfsd module unload. Similarly, use RCU around nfs_open_local_fh()'s error path call to nfs_to->nfsd_serv_put(). Holding RCU ensures that NFS will safely _call and return_ from its nfs_to calls into the NFSD functions nfsd_file_put_local() and nfsd_serv_put(). Otherwise, if RCU isn't used then there is a narrow window when NFS's reference for the nfsd_file and nfsd_serv are dropped and the NFSD module could be unloaded, which could result in a crash from the return instruction for either nfs_to->nfsd_file_put_local() or nfs_to->nfsd_serv_put(). Reported-by: NeilBrown Signed-off-by: Mike Snitzer Signed-off-by: Anna Schumaker commit a848c29e3486189aaabd5663bc11aea50c5bd144 Author: Yanjun Zhang Date: Tue Oct 1 16:39:30 2024 +0800 NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() On the node of an NFS client, some files saved in the mountpoint of the NFS server were copied to another location of the same NFS server. Accidentally, the nfs42_complete_copies() got a NULL-pointer dereference crash with the following syslog: [232064.838881] NFSv4: state recovery failed for open file nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116 [232064.839360] NFSv4: state recovery failed for open file nfs/pvc-12b5200d-cd0f-46a3-b9f0-af8f4fe0ef64.qcow2, error = -116 [232066.588183] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000058 [232066.588586] Mem abort info: [232066.588701] ESR = 0x0000000096000007 [232066.588862] EC = 0x25: DABT (current EL), IL = 32 bits [232066.589084] SET = 0, FnV = 0 [232066.589216] EA = 0, S1PTW = 0 [232066.589340] FSC = 0x07: level 3 translation fault [232066.589559] Data abort info: [232066.589683] ISV = 0, ISS = 0x00000007 [232066.589842] CM = 0, WnR = 0 [232066.589967] user pgtable: 64k pages, 48-bit VAs, pgdp=00002000956ff400 [232066.590231] [0000000000000058] pgd=08001100ae100003, p4d=08001100ae100003, pud=08001100ae100003, pmd=08001100b3c00003, pte=0000000000000000 [232066.590757] Internal error: Oops: 96000007 [#1] SMP [232066.590958] Modules linked in: rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache netfs ocfs2_dlmfs ocfs2_stack_o2cb ocfs2_dlm vhost_net vhost vhost_iotlb tap tun ipt_rpfilter xt_multiport ip_set_hash_ip ip_set_hash_net xfrm_interface xfrm6_tunnel tunnel4 tunnel6 esp4 ah4 wireguard libcurve25519_generic veth xt_addrtype xt_set nf_conntrack_netlink ip_set_hash_ipportnet ip_set_hash_ipportip ip_set_bitmap_port ip_set_hash_ipport dummy ip_set ip_vs_sh ip_vs_wrr ip_vs_rr ip_vs iptable_filter sch_ingress nfnetlink_cttimeout vport_gre ip_gre ip_tunnel gre vport_geneve geneve vport_vxlan vxlan ip6_udp_tunnel udp_tunnel openvswitch nf_conncount dm_round_robin dm_service_time dm_multipath xt_nat xt_MASQUERADE nft_chain_nat nf_nat xt_mark xt_conntrack xt_comment nft_compat nft_counter nf_tables nfnetlink ocfs2 ocfs2_nodemanager ocfs2_stackglue iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ipmi_ssif nbd overlay 8021q garp mrp bonding tls rfkill sunrpc ext4 mbcache jbd2 [232066.591052] vfat fat cas_cache cas_disk ses enclosure scsi_transport_sas sg acpi_ipmi ipmi_si ipmi_devintf ipmi_msghandler ip_tables vfio_pci vfio_pci_core vfio_virqfd vfio_iommu_type1 vfio dm_mirror dm_region_hash dm_log dm_mod nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter bridge stp llc fuse xfs libcrc32c ast drm_vram_helper qla2xxx drm_kms_helper syscopyarea crct10dif_ce sysfillrect ghash_ce sysimgblt sha2_ce fb_sys_fops cec sha256_arm64 sha1_ce drm_ttm_helper ttm nvme_fc igb sbsa_gwdt nvme_fabrics drm nvme_core i2c_algo_bit i40e scsi_transport_fc megaraid_sas aes_neon_bs [232066.596953] CPU: 6 PID: 4124696 Comm: 10.253.166.125- Kdump: loaded Not tainted 5.15.131-9.cl9_ocfs2.aarch64 #1 [232066.597356] Hardware name: Great Wall .\x93\x8e...RF6260 V5/GWMSSE2GL1T, BIOS T656FBE_V3.0.18 2024-01-06 [232066.597721] pstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [232066.598034] pc : nfs4_reclaim_open_state+0x220/0x800 [nfsv4] [232066.598327] lr : nfs4_reclaim_open_state+0x12c/0x800 [nfsv4] [232066.598595] sp : ffff8000f568fc70 [232066.598731] x29: ffff8000f568fc70 x28: 0000000000001000 x27: ffff21003db33000 [232066.599030] x26: ffff800005521ae0 x25: ffff0100f98fa3f0 x24: 0000000000000001 [232066.599319] x23: ffff800009920008 x22: ffff21003db33040 x21: ffff21003db33050 [232066.599628] x20: ffff410172fe9e40 x19: ffff410172fe9e00 x18: 0000000000000000 [232066.599914] x17: 0000000000000000 x16: 0000000000000004 x15: 0000000000000000 [232066.600195] x14: 0000000000000000 x13: ffff800008e685a8 x12: 00000000eac0c6e6 [232066.600498] x11: 0000000000000000 x10: 0000000000000008 x9 : ffff8000054e5828 [232066.600784] x8 : 00000000ffffffbf x7 : 0000000000000001 x6 : 000000000a9eb14a [232066.601062] x5 : 0000000000000000 x4 : ffff70ff8a14a800 x3 : 0000000000000058 [232066.601348] x2 : 0000000000000001 x1 : 54dce46366daa6c6 x0 : 0000000000000000 [232066.601636] Call trace: [232066.601749] nfs4_reclaim_open_state+0x220/0x800 [nfsv4] [232066.601998] nfs4_do_reclaim+0x1b8/0x28c [nfsv4] [232066.602218] nfs4_state_manager+0x928/0x10f0 [nfsv4] [232066.602455] nfs4_run_state_manager+0x78/0x1b0 [nfsv4] [232066.602690] kthread+0x110/0x114 [232066.602830] ret_from_fork+0x10/0x20 [232066.602985] Code: 1400000d f9403f20 f9402e61 91016003 (f9402c00) [232066.603284] SMP: stopping secondary CPUs [232066.606936] Starting crashdump kernel... [232066.607146] Bye! Analysing the vmcore, we know that nfs4_copy_state listed by destination nfs_server->ss_copies was added by the field copies in handle_async_copy(), and we found a waiting copy process with the stack as: PID: 3511963 TASK: ffff710028b47e00 CPU: 0 COMMAND: "cp" #0 [ffff8001116ef740] __switch_to at ffff8000081b92f4 #1 [ffff8001116ef760] __schedule at ffff800008dd0650 #2 [ffff8001116ef7c0] schedule at ffff800008dd0a00 #3 [ffff8001116ef7e0] schedule_timeout at ffff800008dd6aa0 #4 [ffff8001116ef860] __wait_for_common at ffff800008dd166c #5 [ffff8001116ef8e0] wait_for_completion_interruptible at ffff800008dd1898 #6 [ffff8001116ef8f0] handle_async_copy at ffff8000055142f4 [nfsv4] #7 [ffff8001116ef970] _nfs42_proc_copy at ffff8000055147c8 [nfsv4] #8 [ffff8001116efa80] nfs42_proc_copy at ffff800005514cf0 [nfsv4] #9 [ffff8001116efc50] __nfs4_copy_file_range.constprop.0 at ffff8000054ed694 [nfsv4] The NULL-pointer dereference was due to nfs42_complete_copies() listed the nfs_server->ss_copies by the field ss_copies of nfs4_copy_state. So the nfs4_copy_state address ffff0100f98fa3f0 was offset by 0x10 and the data accessed through this pointer was also incorrect. Generally, the ordered list nfs4_state_owner->so_states indicate open(O_RDWR) or open(O_WRITE) states are reclaimed firstly by nfs4_reclaim_open_state(). When destination state reclaim is failed with NFS_STATE_RECOVERY_FAILED and copies are not deleted in nfs_server->ss_copies, the source state may be passed to the nfs42_complete_copies() process earlier, resulting in this crash scene finally. To solve this issue, we add a list_head nfs_server->ss_src_copies for a server-to-server copy specially. Fixes: 0e65a32c8a56 ("NFS: handle source server reboot") Signed-off-by: Yanjun Zhang Reviewed-by: Trond Myklebust Signed-off-by: Anna Schumaker commit 6dbf1f341b6b35bcc20ff95b6b315e509f6c5369 Author: Dan Carpenter Date: Thu Sep 19 11:50:33 2024 +0300 SUNRPC: Fix integer overflow in decode_rc_list() The math in "rc_list->rcl_nrefcalls * 2 * sizeof(uint32_t)" could have an integer overflow. Add bounds checking on rc_list->rcl_nrefcalls to fix that. Fixes: 4aece6a19cf7 ("nfs41: cb_sequence xdr implementation") Signed-off-by: Dan Carpenter Signed-off-by: Anna Schumaker commit 782373ba27660ba7d330208cf5509ece6feb4545 Author: Hannes Reinecke Date: Wed Oct 2 13:51:41 2024 +0900 nvme: tcp: avoid race between queue_lock lock and destroy Commit 76d54bf20cdc ("nvme-tcp: don't access released socket during error recovery") added a mutex_lock() call for the queue->queue_lock in nvme_tcp_get_address(). However, the mutex_lock() races with mutex_destroy() in nvme_tcp_free_queue(), and causes the WARN below. DEBUG_LOCKS_WARN_ON(lock->magic != lock) WARNING: CPU: 3 PID: 34077 at kernel/locking/mutex.c:587 __mutex_lock+0xcf0/0x1220 Modules linked in: nvmet_tcp nvmet nvme_tcp nvme_fabrics iw_cm ib_cm ib_core pktcdvd nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables qrtr sunrpc ppdev 9pnet_virtio 9pnet pcspkr netfs parport_pc parport e1000 i2c_piix4 i2c_smbus loop fuse nfnetlink zram bochs drm_vram_helper drm_ttm_helper ttm drm_kms_helper xfs drm sym53c8xx floppy nvme scsi_transport_spi nvme_core nvme_auth serio_raw ata_generic pata_acpi dm_multipath qemu_fw_cfg [last unloaded: ib_uverbs] CPU: 3 UID: 0 PID: 34077 Comm: udisksd Not tainted 6.11.0-rc7 #319 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014 RIP: 0010:__mutex_lock+0xcf0/0x1220 Code: 08 84 d2 0f 85 c8 04 00 00 8b 15 ef b6 c8 01 85 d2 0f 85 78 f4 ff ff 48 c7 c6 20 93 ee af 48 c7 c7 60 91 ee af e8 f0 a7 6d fd <0f> 0b e9 5e f4 ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 f2 48 c1 RSP: 0018:ffff88811305f760 EFLAGS: 00010286 RAX: 0000000000000000 RBX: ffff88812c652058 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 RBP: ffff88811305f8b0 R08: 0000000000000001 R09: ffffed1075c36341 R10: ffff8883ae1b1a0b R11: 0000000000010498 R12: 0000000000000000 R13: 0000000000000000 R14: dffffc0000000000 R15: ffff88812c652058 FS: 00007f9713ae4980(0000) GS:ffff8883ae180000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fcd78483c7c CR3: 0000000122c38000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ? __warn.cold+0x5b/0x1af ? __mutex_lock+0xcf0/0x1220 ? report_bug+0x1ec/0x390 ? handle_bug+0x3c/0x80 ? exc_invalid_op+0x13/0x40 ? asm_exc_invalid_op+0x16/0x20 ? __mutex_lock+0xcf0/0x1220 ? nvme_tcp_get_address+0xc2/0x1e0 [nvme_tcp] ? __pfx___mutex_lock+0x10/0x10 ? __lock_acquire+0xd6a/0x59e0 ? nvme_tcp_get_address+0xc2/0x1e0 [nvme_tcp] nvme_tcp_get_address+0xc2/0x1e0 [nvme_tcp] ? __pfx_nvme_tcp_get_address+0x10/0x10 [nvme_tcp] nvme_sysfs_show_address+0x81/0xc0 [nvme_core] dev_attr_show+0x42/0x80 ? __asan_memset+0x1f/0x40 sysfs_kf_seq_show+0x1f0/0x370 seq_read_iter+0x2cb/0x1130 ? rw_verify_area+0x3b1/0x590 ? __mutex_lock+0x433/0x1220 vfs_read+0x6a6/0xa20 ? lockdep_hardirqs_on+0x78/0x100 ? __pfx_vfs_read+0x10/0x10 ksys_read+0xf7/0x1d0 ? __pfx_ksys_read+0x10/0x10 ? __x64_sys_openat+0x105/0x1d0 do_syscall_64+0x93/0x180 ? lockdep_hardirqs_on_prepare+0x16d/0x400 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on+0x78/0x100 ? do_syscall_64+0x9f/0x180 ? __pfx_ksys_read+0x10/0x10 ? lockdep_hardirqs_on_prepare+0x16d/0x400 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on+0x78/0x100 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on_prepare+0x16d/0x400 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on+0x78/0x100 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on_prepare+0x16d/0x400 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on+0x78/0x100 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on_prepare+0x16d/0x400 ? do_syscall_64+0x9f/0x180 ? lockdep_hardirqs_on+0x78/0x100 ? do_syscall_64+0x9f/0x180 ? do_syscall_64+0x9f/0x180 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7f9713f55cfa Code: 55 48 89 e5 48 83 ec 20 48 89 55 e8 48 89 75 f0 89 7d f8 e8 e8 74 f8 ff 48 8b 55 e8 48 8b 75 f0 41 89 c0 8b 7d f8 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 2e 44 89 c7 48 89 45 f8 e8 42 75 f8 ff 48 8b RSP: 002b:00007ffd7f512e70 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 RAX: ffffffffffffffda RBX: 000055c38f316859 RCX: 00007f9713f55cfa RDX: 0000000000000fff RSI: 00007ffd7f512eb0 RDI: 0000000000000011 RBP: 00007ffd7f512e90 R08: 0000000000000000 R09: 00000000ffffffff R10: 0000000000000000 R11: 0000000000000246 R12: 000055c38f317148 R13: 0000000000000000 R14: 00007f96f4004f30 R15: 000055c3b6b623c0 The WARN is observed when the blktests test case nvme/014 is repeated with tcp transport. It is rare, and 200 times repeat is required to recreate in some test environments. To avoid the WARN, check the NVME_TCP_Q_LIVE flag before locking queue->queue_lock. The flag is cleared long time before the lock gets destroyed. Signed-off-by: Hannes Reinecke Signed-off-by: Shin'ichiro Kawasaki Signed-off-by: Keith Busch commit 7b99b5ab885993bff010ebcd93be5e511c56e28a Author: Lad Prabhakar Date: Thu Oct 3 14:13:51 2024 +0100 gpiolib: Fix potential NULL pointer dereference in gpiod_get_label() In `gpiod_get_label()`, it is possible that `srcu_dereference_check()` may return a NULL pointer, leading to a scenario where `label->str` is accessed without verifying if `label` itself is NULL. This patch adds a proper NULL check for `label` before accessing `label->str`. The check for `label->str != NULL` is removed because `label->str` can never be NULL if `label` is not NULL. This fixes the issue where the label name was being printed as `(efault)` when dumping the sysfs GPIO file when `label == NULL`. Fixes: 5a646e03e956 ("gpiolib: Return label, if set, for IRQ only line") Fixes: a86d27693066 ("gpiolib: fix the speed of descriptor label setting with SRCU") Signed-off-by: Lad Prabhakar Link: https://lore.kernel.org/r/20241003131351.472015-1-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Bartosz Golaszewski commit a1d402abf8e3ff1d821e88993fc5331784fac0da Author: Marc Zyngier Date: Wed Oct 2 21:42:39 2024 +0100 KVM: arm64: Fix kvm_has_feat*() handling of negative features Oliver reports that the kvm_has_feat() helper is not behaviing as expected for negative feature. On investigation, the main issue seems to be caused by the following construct: #define get_idreg_field(kvm, id, fld) \ (id##_##fld##_SIGNED ? \ get_idreg_field_signed(kvm, id, fld) : \ get_idreg_field_unsigned(kvm, id, fld)) where one side of the expression evaluates as something signed, and the other as something unsigned. In retrospect, this is totally braindead, as the compiler converts this into an unsigned expression. When compared to something that is 0, the test is simply elided. Epic fail. Similar issue exists in the expand_field_sign() macro. The correct way to handle this is to chose between signed and unsigned comparisons, so that both sides of the ternary expression are of the same type (bool). In order to keep the code readable (sort of), we introduce new comparison primitives taking an operator as a parameter, and rewrite the kvm_has_feat*() helpers in terms of these primitives. Fixes: c62d7a23b947 ("KVM: arm64: Add feature checking helpers") Reported-by: Oliver Upton Tested-by: Oliver Upton Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20241002204239.2051637-1-maz@kernel.org Signed-off-by: Marc Zyngier commit d3a49f60917323228f8fdeee313260ef14f94df7 Author: Pali Rohár Date: Sat Sep 28 23:59:46 2024 +0200 cifs: Do not convert delimiter when parsing NFS-style symlinks NFS-style symlinks have target location always stored in NFS/UNIX form where backslash means the real UNIX backslash and not the SMB path separator. So do not mangle slash and backslash content of NFS-style symlink during readlink() syscall as it is already in the correct Linux form. This fixes interoperability of NFS-style symlinks with backslashes created by Linux NFS3 client throw Windows NFS server and retrieved by Linux SMB client throw Windows SMB server, where both Windows servers exports the same directory. Fixes: d5ecebc4900d ("smb3: Allow query of symlinks stored as reparse points") Acked-by: Paulo Alcantara (Red Hat) Signed-off-by: Pali Rohár Signed-off-by: Steve French commit 556ac52bb1e76cc28fd30aa117b42989965b3efd Author: Pali Rohár Date: Sat Sep 28 23:59:47 2024 +0200 cifs: Validate content of NFS reparse point buffer Symlink target location stored in DataBuffer is encoded in UTF-16. So check that symlink DataBuffer length is non-zero and even number. And check that DataBuffer does not contain UTF-16 null codepoint because Linux cannot process symlink with null byte. DataBuffer for char and block devices is 8 bytes long as it contains two 32-bit numbers (major and minor). Add check for this. DataBuffer buffer for sockets and fifos zero-length. Add checks for this. Signed-off-by: Pali Rohár Reviewed-by: Paulo Alcantara (Red Hat) Signed-off-by: Steve French commit e2a8910af01653c1c268984855629d71fb81f404 Author: Pali Rohár Date: Sun Sep 29 12:22:40 2024 +0200 cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseDataLength. Function cifs_strndup_from_utf16() is currentlly accessing buf->DataBuffer at position after the end of the buffer because it does not subtract InodeType size from the length. Fix this problem and correctly subtract variable len. Member InodeType is present only when reparse buffer is large enough. Check for ReparseDataLength before accessing InodeType to prevent another invalid memory access. Major and minor rdev values are present also only when reparse buffer is large enough. Check for reparse buffer size before calling reparse_mkdev(). Fixes: d5ecebc4900d ("smb3: Allow query of symlinks stored as reparse points") Reviewed-by: Paulo Alcantara (Red Hat) Signed-off-by: Pali Rohár Signed-off-by: Steve French commit 8c245fe7dde3bf776253550fc914a36293db4ff3 Merge: 9c02404b52f56b 8beee4d8dee76b Author: Linus Torvalds Date: Thu Oct 3 09:44:00 2024 -0700 Merge tag 'net-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from Paolo Abeni: "Including fixes from ieee802154, bluetooth and netfilter. Current release - regressions: - eth: mlx5: fix wrong reserved field in hca_cap_2 in mlx5_ifc - eth: am65-cpsw: fix forever loop in cleanup code Current release - new code bugs: - eth: mlx5: HWS, fixed double-free in error flow of creating SQ Previous releases - regressions: - core: avoid potential underflow in qdisc_pkt_len_init() with UFO - core: test for not too small csum_start in virtio_net_hdr_to_skb() - vrf: revert "vrf: remove unnecessary RCU-bh critical section" - bluetooth: - fix uaf in l2cap_connect - fix possible crash on mgmt_index_removed - dsa: improve shutdown sequence - eth: mlx5e: SHAMPO, fix overflow of hd_per_wq - eth: ip_gre: fix drops of small packets in ipgre_xmit Previous releases - always broken: - core: fix gso_features_check to check for both dev->gso_{ipv4_,}max_size - core: fix tcp fraglist segmentation after pull from frag_list - netfilter: nf_tables: prevent nf_skb_duplicated corruption - sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start - mac802154: fix potential RCU dereference issue in mac802154_scan_worker - eth: fec: restart PPS after link state change" * tag 'net-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (48 commits) sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start dt-bindings: net: xlnx,axi-ethernet: Add missing reg minItems doc: net: napi: Update documentation for napi_schedule_irqoff net/ncsi: Disable the ncsi work before freeing the associated structure net: phy: qt2025: Fix warning: unused import DeviceId gso: fix udp gso fraglist segmentation after pull from frag_list bridge: mcast: Fail MDB get request on empty entry vrf: revert "vrf: Remove unnecessary RCU-bh critical section" net: ethernet: ti: am65-cpsw: Fix forever loop in cleanup code net: phy: realtek: Check the index value in led_hw_control_get ppp: do not assume bh is held in ppp_channel_bridge_input() selftests: rds: move include.sh to TEST_FILES net: test for not too small csum_start in virtio_net_hdr_to_skb() net: gso: fix tcp fraglist segmentation after pull from frag_list ipv4: ip_gre: Fix drops of small packets in ipgre_xmit net: stmmac: dwmac4: extend timeout for VLAN Tag register busy bit check net: add more sanity checks to qdisc_pkt_len_init() net: avoid potential underflow in qdisc_pkt_len_init() with UFO net: ethernet: ti: cpsw_ale: Fix warning on some platforms net: microchip: Make FDMA config symbol invisible ... commit 9c02404b52f56b2c8acc8c0ac16d525b1226dfe5 Merge: 20c2474fa515ea 9c383396362a4d Author: Linus Torvalds Date: Thu Oct 3 09:38:16 2024 -0700 Merge tag 'v6.12-rc1-ksmbd-fixes' of git://git.samba.org/ksmbd Pull smb server fixes from Steve French: - small cleanup patches leveraging struct size to improve access bounds checking * tag 'v6.12-rc1-ksmbd-fixes' of git://git.samba.org/ksmbd: ksmbd: Use struct_size() to improve smb_direct_rdma_xmit() ksmbd: Annotate struct copychunk_ioctl_req with __counted_by_le() ksmbd: Use struct_size() to improve get_file_alternate_info() commit 20c2474fa515ea3ce39b92a37fc5d03cdfc509b8 Merge: 7ec462100ef914 a311a08a423724 Author: Linus Torvalds Date: Thu Oct 3 09:22:50 2024 -0700 Merge tag 'vfs-6.12-rc2.fixes.2' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs fixes from Christian Brauner: "vfs: - Ensure that iter_folioq_get_pages() advances to the next slot otherwise it will end up using the same folio with an out-of-bound offset. iomap: - Dont unshare delalloc extents which can't be reflinked, and thus can't be shared. - Constrain the file range passed to iomap_file_unshare() directly in iomap instead of requiring the callers to do it. netfs: - Use folioq_count instead of folioq_nr_slot to prevent an unitialized value warning in netfs_clear_buffer(). - Fix missing wakeup after issuing writes by scheduling the write collector only if all the subrequest queues are empty and thus no writes are pending. - Fix two minor documentation bugs" * tag 'vfs-6.12-rc2.fixes.2' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: iomap: constrain the file range passed to iomap_file_unshare iomap: don't bother unsharing delalloc extents netfs: Fix missing wakeup after issuing writes Documentation: add missing folio_queue entry folio_queue: fix documentation netfs: Fix a KMSAN uninit-value error in netfs_clear_buffer iov_iter: fix advancing slot in iter_folioq_get_pages() commit c9560baef0fa95aa676b7c7a7532543a4c6ff80c Merge: 393c554093c0c4 37756257093bf1 Author: Linus Walleij Date: Thu Oct 3 16:03:27 2024 +0200 Merge tag 'intel-pinctrl-v6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pinctrl/intel into fixes intel-pinctrl for v6.12-2 Fixes a few issues with Intel pin control platform driver: * fix missing reference counter drop of fwnode on error path * replace comma by semicolon to follow the kernel style * add Panther Lake to the list of supported devices The following is an automated git shortlog grouped by driver: intel: - platform: Add Panther Lake to the list of supported - platform: use semicolon instead of comma in ncommunities assignment - platform: fix error path in device_for_each_child_node() Signed-off-by: Linus Walleij commit cc4332afb5631b0e9d2ce5699b7f4b7caf743526 Author: Guilherme Giacomo Simoes Date: Tue Oct 1 17:56:03 2024 -0300 rust: device: change the from_raw() function The function Device::from_raw() increments a refcount by a call to bindings::get_device(ptr). This can be confused because usually from_raw() functions don't increment a refcount. Hence, rename Device::from_raw() to avoid confuion with other "from_raw" semantics. The new name of function should be "get_device" to be consistent with the function get_device() already exist in .c files. This function body also changed, because the `into()` will convert the `&'a Device` into `ARef` and also call `inc_ref` from the `AlwaysRefCounted` trait implemented for Device. Signed-off-by: Guilherme Giacomo Simoes Acked-by: Danilo Krummrich Closes: https://github.com/Rust-for-Linux/linux/issues/1088 Reviewed-by: Boqun Feng Link: https://lore.kernel.org/r/20241001205603.106278-1-trintaeoitogc@gmail.com Signed-off-by: Greg Kroah-Hartman commit 8beee4d8dee76b67c75dc91fd8185d91e845c160 Author: Xin Long Date: Mon Sep 30 16:49:51 2024 -0400 sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start In sctp_listen_start() invoked by sctp_inet_listen(), it should set the sk_state back to CLOSED if sctp_autobind() fails due to whatever reason. Otherwise, next time when calling sctp_inet_listen(), if sctp_sk(sk)->reuse is already set via setsockopt(SCTP_REUSE_PORT), sctp_sk(sk)->bind_hash will be dereferenced as sk_state is LISTENING, which causes a crash as bind_hash is NULL. KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] RIP: 0010:sctp_inet_listen+0x7f0/0xa20 net/sctp/socket.c:8617 Call Trace: __sys_listen_socket net/socket.c:1883 [inline] __sys_listen+0x1b7/0x230 net/socket.c:1894 __do_sys_listen net/socket.c:1902 [inline] Fixes: 5e8f3f703ae4 ("sctp: simplify sctp listening code") Reported-by: syzbot+f4e0f821e3a3b7cee51d@syzkaller.appspotmail.com Signed-off-by: Xin Long Acked-by: Marcelo Ricardo Leitner Link: https://patch.msgid.link/a93e655b3c153dc8945d7a812e6d8ab0d52b7aa0.1727729391.git.lucien.xin@gmail.com Signed-off-by: Paolo Abeni commit c6929644c1e0d6108e57061d427eb966e1746351 Author: Ravikanth Tuniki Date: Tue Oct 1 00:43:35 2024 +0530 dt-bindings: net: xlnx,axi-ethernet: Add missing reg minItems Add missing reg minItems as based on current binding document only ethernet MAC IO space is a supported configuration. There is a bug in schema, current examples contain 64-bit addressing as well as 32-bit addressing. The schema validation does pass incidentally considering one 64-bit reg address as two 32-bit reg address entries. If we change axi_ethernet_eth1 example node reg addressing to 32-bit schema validation reports: Documentation/devicetree/bindings/net/xlnx,axi-ethernet.example.dtb: ethernet@40000000: reg: [[1073741824, 262144]] is too short To fix it add missing reg minItems constraints and to make things clearer stick to 32-bit addressing in examples. Fixes: cbb1ca6d5f9a ("dt-bindings: net: xlnx,axi-ethernet: convert bindings document to yaml") Signed-off-by: Ravikanth Tuniki Signed-off-by: Radhey Shyam Pandey Acked-by: Conor Dooley Link: https://patch.msgid.link/1727723615-2109795-1-git-send-email-radhey.shyam.pandey@amd.com Signed-off-by: Paolo Abeni commit 37756257093bf1bda0bb034f4f1bd3219c7b2a40 Author: Andy Shevchenko Date: Wed Oct 2 18:00:36 2024 +0300 pinctrl: intel: platform: Add Panther Lake to the list of supported Intel Panther Lake is supported by the generic platform driver, so add it to the list of supported in Kconfig. Acked-by: Mika Westerberg Signed-off-by: Andy Shevchenko commit b63ad06ddddfe792f93df0c24adb66622bd7b8c9 Author: Sean Anderson Date: Mon Sep 30 11:39:54 2024 -0400 doc: net: napi: Update documentation for napi_schedule_irqoff Since commit 8380c81d5c4f ("net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT"), napi_schedule_irqoff will do the right thing if IRQs are threaded. Therefore, there is no need to use IRQF_NO_THREAD. Signed-off-by: Sean Anderson Reviewed-by: Bagas Sanjaya Reviewed-by: Sebastian Andrzej Siewior Link: https://patch.msgid.link/20240930153955.971657-1-sean.anderson@linux.dev Signed-off-by: Paolo Abeni commit 1127c73a8d4f803bb3d9e3d024b0863191d52e03 Merge: a0ffa68c70b367 10dbd23633f043 Author: Paolo Abeni Date: Thu Oct 3 12:01:04 2024 +0200 Merge tag 'nf-24-10-02' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf Pablo Neira Ayuso says: ==================== Netfilter fixes for net The following patchset contains Netfilter fixes for net: 1) Fix incorrect documentation in uapi/linux/netfilter/nf_tables.h regarding flowtable hooks, from Phil Sutter. 2) Fix nft_audit.sh selftests with newer nft binaries, due to different (valid) audit output, also from Phil. 3) Disable BH when duplicating packets via nf_dup infrastructure, otherwise race on nf_skb_duplicated for locally generated traffic. From Eric. 4) Missing return in callback of selftest C program, from zhang jiao. netfilter pull request 24-10-02 * tag 'nf-24-10-02' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: selftests: netfilter: Add missing return value netfilter: nf_tables: prevent nf_skb_duplicated corruption selftests: netfilter: Fix nft_audit.sh for newer nft binaries netfilter: uapi: NFTA_FLOWTABLE_HOOK is NLA_NESTED ==================== Link: https://patch.msgid.link/20241002202421.1281311-1-pablo@netfilter.org Signed-off-by: Paolo Abeni commit a311a08a4237241fb5b9d219d3e33346de6e83e0 Author: Darrick J. Wong Date: Wed Oct 2 08:02:13 2024 -0700 iomap: constrain the file range passed to iomap_file_unshare File contents can only be shared (i.e. reflinked) below EOF, so it makes no sense to try to unshare ranges beyond EOF. Constrain the file range parameters here so that we don't have to do that in the callers. Fixes: 5f4e5752a8a3 ("fs: add iomap_file_dirty") Signed-off-by: Darrick J. Wong Link: https://lore.kernel.org/r/20241002150213.GC21853@frogsfrogsfrogs Reviewed-by: Christoph Hellwig Reviewed-by: Brian Foster Signed-off-by: Christian Brauner commit f7a4874d977bf4202ad575031222e78809a36292 Author: Darrick J. Wong Date: Wed Oct 2 08:00:40 2024 -0700 iomap: don't bother unsharing delalloc extents If unshare encounters a delalloc reservation in the srcmap, that means that the file range isn't shared because delalloc reservations cannot be reflinked. Therefore, don't try to unshare them. Signed-off-by: Darrick J. Wong Link: https://lore.kernel.org/r/20241002150040.GB21853@frogsfrogsfrogs Reviewed-by: Christoph Hellwig Reviewed-by: Brian Foster Signed-off-by: Christian Brauner commit a0ffa68c70b367358b2672cdab6fa5bc4c40de2c Author: Eddie James Date: Wed Sep 25 10:55:23 2024 -0500 net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic. Fixes: 2d283bdd079c ("net/ncsi: Resource management") Signed-off-by: Eddie James Link: https://patch.msgid.link/20240925155523.1017097-1-eajames@linux.ibm.com Signed-off-by: Paolo Abeni commit ccda9910d8490f4fb067131598e4b2e986faa5a0 Author: Patrick Donnelly Date: Wed Oct 2 21:05:12 2024 -0400 ceph: fix cap ref leak via netfs init_request Log recovered from a user's cluster: <7>[ 5413.970692] ceph: get_cap_refs 00000000958c114b ret 1 got Fr <7>[ 5413.970695] ceph: start_read 00000000958c114b, no cache cap ... <7>[ 5473.934609] ceph: my wanted = Fr, used = Fr, dirty - <7>[ 5473.934616] ceph: revocation: pAsLsXsFr -> pAsLsXs (revoking Fr) <7>[ 5473.934632] ceph: __ceph_caps_issued 00000000958c114b cap 00000000f7784259 issued pAsLsXs <7>[ 5473.934638] ceph: check_caps 10000000e68.fffffffffffffffe file_want - used Fr dirty - flushing - issued pAsLsXs revoking Fr retain pAsLsXsFsr AUTHONLY NOINVAL FLUSH_FORCE The MDS subsequently complains that the kernel client is late releasing caps. Approximately, a series of changes to this code by commits 49870056005c ("ceph: convert ceph_readpages to ceph_readahead"), 2de160417315 ("netfs: Change ->init_request() to return an error code") and a5c9dc445139 ("ceph: Make ceph_init_request() check caps on readahead") resulted in subtle resource cleanup to be missed. The main culprit is the change in error handling in 2de160417315 which meant that a failure in init_request() would no longer cause cleanup to be called. That would prevent the ceph_put_cap_refs() call which would cleanup the leaked cap ref. Cc: stable@vger.kernel.org Fixes: a5c9dc445139 ("ceph: Make ceph_init_request() check caps on readahead") Link: https://tracker.ceph.com/issues/67008 Signed-off-by: Patrick Donnelly Reviewed-by: Ilya Dryomov Signed-off-by: Ilya Dryomov commit 7264745d55422dbe53b5e75ddec622ab5d1290cb Author: Thorsten Blum Date: Thu Sep 12 17:39:24 2024 +0200 ceph: use struct_size() helper in __ceph_pool_perm_get() Use struct_size() to calculate the number of bytes to be allocated. Signed-off-by: Thorsten Blum Reviewed-by: Ilya Dryomov Signed-off-by: Ilya Dryomov commit 3e8800273c4b473342e2dbffa83a87f651d811c7 Author: Takashi Iwai Date: Thu Oct 3 09:24:18 2024 +0200 ALSA: hda: Add missing parameter description for snd_hdac_stream_timecounter_init() Add the missing description for the new parameter "start" of snd_hdac_stream_timecounter_init() in the previous patch. Fixes: df5215618fbe ("ALSA: hda: fix trigger_tstamp_latched") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202410031300.ecLmATNd-lkp@intel.com/ Link: https://patch.msgid.link/20241003072420.8932-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 6b0bde5d8d4078ca5feec72fd2d828f0e5cf115d Author: Jan Lalinsky Date: Thu Oct 3 05:08:11 2024 +0200 ALSA: usb-audio: Add native DSD support for Luxman D-08u Add native DSD support for Luxman D-08u DAC, by adding the PID/VID 1852:5062. This makes DSD playback work, and also sound quality when playing PCM files is improved, crackling sounds are gone. Signed-off-by: Jan Lalinsky Cc: Link: https://patch.msgid.link/20241003030811.2655735-1-lalinsky@c4.cz Signed-off-by: Takashi Iwai commit d278a9de5e1837edbe57b2f1f95a104ff6c84846 Author: Jaroslav Kysela Date: Wed Oct 2 21:46:49 2024 +0200 ALSA: core: add isascii() check to card ID generator The card identifier should contain only safe ASCII characters. The isalnum() returns true also for characters for non-ASCII characters. Link: https://gitlab.freedesktop.org/pipewire/pipewire/-/issues/4135 Link: https://lore.kernel.org/linux-sound/yk3WTvKkwheOon_LzZlJ43PPInz6byYfBzpKkbasww1yzuiMRqn7n6Y8vZcXB-xwFCu_vb8hoNjv7DTNwH5TWjpEuiVsyn9HPCEXqwF4120=@protonmail.com/ Cc: stable@vger.kernel.org Reported-by: Barnabás Pőcze Signed-off-by: Jaroslav Kysela Link: https://patch.msgid.link/20241002194649.1944696-1-perex@perex.cz Signed-off-by: Takashi Iwai commit a6f3b2527375c786f2eff77d3ee8b805bcfe026d Author: Matthew Brost Date: Fri Sep 27 16:22:28 2024 -0700 drm/xe: Fix memory leak when aborting binds Make sure to call xe_pt_update_ops_fini in xe_pt_update_ops_abort to free any memory the bind allocated. Caught by kmemleak when running Vulkan CTS tests on LNL. The leak seems to happen only when there's some kind of failure happening, like the lack of memory. Example output: unreferenced object 0xffff9120bdf62000 (size 8192): comm "deqp-vk", pid 115008, jiffies 4310295728 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 1b 05 f9 28 01 00 00 40 ...........(...@ 00 00 00 00 00 00 00 00 1b 15 f9 28 01 00 00 40 ...........(...@ backtrace (crc 7a56be79): [] __kmalloc_cache_noprof+0x310/0x3d0 [] xe_pt_new_shared.constprop.0+0x81/0xb0 [xe] [] xe_pt_insert_entry+0xb9/0x140 [xe] [] xe_pt_stage_bind_entry+0x12d/0x5b0 [xe] [] xe_pt_walk_range+0xea/0x280 [xe] [] xe_pt_walk_range+0x20a/0x280 [xe] [] xe_pt_walk_range+0x20a/0x280 [xe] [] xe_pt_walk_range+0x20a/0x280 [xe] [] xe_pt_walk_range+0x20a/0x280 [xe] [] xe_pt_stage_bind.constprop.0+0x25f/0x580 [xe] [] bind_op_prepare+0xea/0x6e0 [xe] [] xe_pt_update_ops_prepare+0x1c8/0x440 [xe] [] ops_execute+0x143/0x850 [xe] [] vm_bind_ioctl_ops_execute+0x244/0x800 [xe] [] xe_vm_bind_ioctl+0x1877/0x2370 [xe] [] drm_ioctl_kernel+0xb3/0x110 [drm] unreferenced object 0xffff9120bdf72000 (size 8192): comm "deqp-vk", pid 115008, jiffies 4310295728 hex dump (first 32 bytes): 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk backtrace (crc 23b2f0b5): [] __kmalloc_cache_noprof+0x310/0x3d0 [] xe_pt_new_shared.constprop.0+0x81/0xb0 [xe] [] xe_pt_stage_unbind_post_descend+0xb3/0x150 [xe] [] xe_pt_walk_range+0x246/0x280 [xe] [] xe_pt_walk_range+0x20a/0x280 [xe] [] xe_pt_walk_range+0x20a/0x280 [xe] [] xe_pt_walk_range+0x20a/0x280 [xe] [] xe_pt_walk_shared+0xc1/0x110 [xe] [] xe_pt_stage_unbind+0x9a/0xd0 [xe] [] unbind_op_prepare+0xdd/0x270 [xe] [] xe_pt_update_ops_prepare+0x106/0x440 [xe] [] ops_execute+0x143/0x850 [xe] [] vm_bind_ioctl_ops_execute+0x244/0x800 [xe] [] xe_vm_bind_ioctl+0x1877/0x2370 [xe] [] drm_ioctl_kernel+0xb3/0x110 [drm] [] drm_ioctl+0x280/0x4e0 [drm] Reported-by: Paulo Zanoni Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2877 Fixes: a708f6501c69 ("drm/xe: Update PT layer with better error handling") Signed-off-by: Matthew Brost Reviewed-by: Paulo Zanoni Link: https://patchwork.freedesktop.org/patch/msgid/20240927232228.3255246-1-matthew.brost@intel.com (cherry picked from commit 63e0695597a044c96bf369e4d8ba031291449d95) Signed-off-by: Lucas De Marchi commit 7257d9c9a3c6cfe26c428e9b7ae21d61f2f55a79 Author: Zhanjun Dong Date: Fri Sep 27 09:13:08 2024 -0700 drm/xe: Prevent null pointer access in xe_migrate_copy xe_migrate_copy designed to copy content of TTM resources. When source resource is null, it will trigger a NULL pointer dereference in xe_migrate_copy. To avoid this situation, update lacks source flag to true for this case, the flag will trigger xe_migrate_clear rather than xe_migrate_copy. Issue trace: <7> [317.089847] xe 0000:00:02.0: [drm:xe_migrate_copy [xe]] Pass 14, sizes: 4194304 & 4194304 <7> [317.089945] xe 0000:00:02.0: [drm:xe_migrate_copy [xe]] Pass 15, sizes: 4194304 & 4194304 <1> [317.128055] BUG: kernel NULL pointer dereference, address: 0000000000000010 <1> [317.128064] #PF: supervisor read access in kernel mode <1> [317.128066] #PF: error_code(0x0000) - not-present page <6> [317.128069] PGD 0 P4D 0 <4> [317.128071] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI <4> [317.128074] CPU: 1 UID: 0 PID: 1440 Comm: kunit_try_catch Tainted: G U N 6.11.0-rc7-xe #1 <4> [317.128078] Tainted: [U]=USER, [N]=TEST <4> [317.128080] Hardware name: Intel Corporation Lunar Lake Client Platform/LNL-M LP5 RVP1, BIOS LNLMFWI1.R00.3221.D80.2407291239 07/29/2024 <4> [317.128082] RIP: 0010:xe_migrate_copy+0x66/0x13e0 [xe] <4> [317.128158] Code: 00 00 48 89 8d e0 fe ff ff 48 8b 40 10 4c 89 85 c8 fe ff ff 44 88 8d bd fe ff ff 65 48 8b 3c 25 28 00 00 00 48 89 7d d0 31 ff <8b> 79 10 48 89 85 a0 fe ff ff 48 8b 00 48 89 b5 d8 fe ff ff 83 ff <4> [317.128162] RSP: 0018:ffffc9000167f9f0 EFLAGS: 00010246 <4> [317.128164] RAX: ffff8881120d8028 RBX: ffff88814d070428 RCX: 0000000000000000 <4> [317.128166] RDX: ffff88813cb99c00 RSI: 0000000004000000 RDI: 0000000000000000 <4> [317.128168] RBP: ffffc9000167fbb8 R08: ffff88814e7b1f08 R09: 0000000000000001 <4> [317.128170] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88814e7b1f08 <4> [317.128172] R13: ffff88814e7b1f08 R14: ffff88813cb99c00 R15: 0000000000000001 <4> [317.128174] FS: 0000000000000000(0000) GS:ffff88846f280000(0000) knlGS:0000000000000000 <4> [317.128176] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 <4> [317.128178] CR2: 0000000000000010 CR3: 000000011f676004 CR4: 0000000000770ef0 <4> [317.128180] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 <4> [317.128182] DR3: 0000000000000000 DR6: 00000000ffff07f0 DR7: 0000000000000400 <4> [317.128184] PKRU: 55555554 <4> [317.128185] Call Trace: <4> [317.128187] <4> [317.128189] ? show_regs+0x67/0x70 <4> [317.128194] ? __die_body+0x20/0x70 <4> [317.128196] ? __die+0x2b/0x40 <4> [317.128198] ? page_fault_oops+0x15f/0x4e0 <4> [317.128203] ? do_user_addr_fault+0x3fb/0x970 <4> [317.128205] ? lock_acquire+0xc7/0x2e0 <4> [317.128209] ? exc_page_fault+0x87/0x2b0 <4> [317.128212] ? asm_exc_page_fault+0x27/0x30 <4> [317.128216] ? xe_migrate_copy+0x66/0x13e0 [xe] <4> [317.128263] ? __lock_acquire+0xb9d/0x26f0 <4> [317.128265] ? __lock_acquire+0xb9d/0x26f0 <4> [317.128267] ? sg_free_append_table+0x20/0x80 <4> [317.128271] ? lock_acquire+0xc7/0x2e0 <4> [317.128273] ? mark_held_locks+0x4d/0x80 <4> [317.128275] ? trace_hardirqs_on+0x1e/0xd0 <4> [317.128278] ? _raw_spin_unlock_irqrestore+0x31/0x60 <4> [317.128281] ? __pm_runtime_resume+0x60/0xa0 <4> [317.128284] xe_bo_move+0x682/0xc50 [xe] <4> [317.128315] ? lock_is_held_type+0xaa/0x120 <4> [317.128318] ttm_bo_handle_move_mem+0xe5/0x1a0 [ttm] <4> [317.128324] ttm_bo_validate+0xd1/0x1a0 [ttm] <4> [317.128328] shrink_test_run_device+0x721/0xc10 [xe] <4> [317.128360] ? find_held_lock+0x31/0x90 <4> [317.128363] ? lock_release+0xd1/0x2a0 <4> [317.128365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [kunit] <4> [317.128370] xe_bo_shrink_kunit+0x11/0x20 [xe] <4> [317.128397] kunit_try_run_case+0x6e/0x150 [kunit] <4> [317.128400] ? trace_hardirqs_on+0x1e/0xd0 <4> [317.128402] ? _raw_spin_unlock_irqrestore+0x31/0x60 <4> [317.128404] kunit_generic_run_threadfn_adapter+0x1e/0x40 [kunit] <4> [317.128407] kthread+0xf5/0x130 <4> [317.128410] ? __pfx_kthread+0x10/0x10 <4> [317.128412] ret_from_fork+0x39/0x60 <4> [317.128415] ? __pfx_kthread+0x10/0x10 <4> [317.128416] ret_from_fork_asm+0x1a/0x30 <4> [317.128420] Fixes: 266c85885263 ("drm/xe/xe2: Handle flat ccs move for igfx.") Signed-off-by: Zhanjun Dong Reviewed-by: Thomas Hellström Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240927161308.862323-2-zhanjun.dong@intel.com (cherry picked from commit 59a1c9c7e1d02b43b415ea92627ce095b7c79e47) Signed-off-by: Lucas De Marchi commit 8135f1c09dd2eecee7cb637f7ec9a29e57300eb8 Author: José Roberto de Souza Date: Tue Sep 24 14:37:13 2024 -0700 drm/xe/oa: Don't reset OAC_CONTEXT_ENABLE on OA stream close Mesa testing on Xe2+ revealed that when OA metrics are collected for an exec_queue, after the OA stream is closed, future batch buffers submitted on that exec_queue do not complete. Not resetting OAC_CONTEXT_ENABLE on OA stream close resolves these hangs and should not have any adverse effects. v2: Make the change that we don't reset the bit clearer (Ashutosh) Also make the same fix for OAC as OAR (Ashutosh) Bspec: 60314 Fixes: 2f4a730fcd2d ("drm/xe/oa: Add OAR support") Fixes: 14e077f8006d ("drm/xe/oa: Add OAC support") Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2821 Signed-off-by: José Roberto de Souza Signed-off-by: Ashutosh Dixit Cc: stable@vger.kernel.org Reviewed-by: Ashutosh Dixit Link: https://patchwork.freedesktop.org/patch/msgid/20240924213713.3497992-1-ashutosh.dixit@intel.com (cherry picked from commit 0c8650b09a365f4a31fca1d1d1e9d99c56071128) Signed-off-by: Lucas De Marchi commit 67801fa67b94ebd0e4da7a77ac2d9f321b75fbe0 Author: Matthew Auld Date: Wed Sep 25 08:14:28 2024 +0100 drm/xe/queue: move xa_alloc to prevent UAF Evil user can guess the next id of the queue before the ioctl completes and then call queue destroy ioctl to trigger UAF since create ioctl is still referencing the same queue. Move the xa_alloc all the way to the end to prevent this. v2: - Rebase Fixes: 2149ded63079 ("drm/xe: Fix use after free when client stats are captured") Signed-off-by: Matthew Auld Cc: Matthew Brost Reviewed-by: Nirmoy Das Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240925071426.144015-4-matthew.auld@intel.com (cherry picked from commit 16536582ddbebdbdf9e1d7af321bbba2bf955a87) Signed-off-by: Lucas De Marchi commit 74231870cf4976f69e83aa24f48edb16619f652f Author: Matthew Auld Date: Wed Sep 25 08:14:27 2024 +0100 drm/xe/vm: move xa_alloc to prevent UAF Evil user can guess the next id of the vm before the ioctl completes and then call vm destroy ioctl to trigger UAF since create ioctl is still referencing the same vm. Move the xa_alloc all the way to the end to prevent this. v2: - Rebase Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Matthew Auld Cc: Matthew Brost Cc: # v6.8+ Reviewed-by: Nirmoy Das Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240925071426.144015-3-matthew.auld@intel.com (cherry picked from commit dcfd3971327f3ee92765154baebbaece833d3ca9) Signed-off-by: Lucas De Marchi commit 9e3c85ddea7a473ed57b6cdfef2dfd468356fc91 Author: Matthew Brost Date: Fri Sep 20 18:17:12 2024 -0700 drm/xe: Clean up VM / exec queue file lock usage. Both the VM / exec queue file lock protect the lookup and reference to the object, nothing more. These locks are not intended anything else underneath them. XA have their own locking too, so no need to take the VM / exec queue file lock aside from when doing a lookup and reference get. Add some kernel doc to make this clear and cleanup a few typos too. Signed-off-by: Matthew Brost Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240921011712.2681510-1-matthew.brost@intel.com (cherry picked from commit fe4f5d4b661666a45b48fe7f95443f8fefc09c8c) Signed-off-by: Lucas De Marchi commit 1b30f87e088b499eb74298db256da5c98e8276e2 Author: Matthew Brost Date: Wed Jul 24 16:59:19 2024 -0700 drm/xe: Resume TDR after GT reset Not starting the TDR after GT reset on exec queue which have been restarted can lead to jobs being able to be run forever. Fix this by restarting the TDR. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Matthew Brost Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240724235919.1917216-1-matthew.brost@intel.com (cherry picked from commit 8ec5a4e5ce97d6ee9f5eb5b4ce4cfc831976fdec) Signed-off-by: Lucas De Marchi commit 6ef5a04221aaeb858d1a825b2ecb7e200cac80f8 Author: Gustavo Sousa Date: Fri Sep 20 18:13:18 2024 -0300 drm/xe/xe2: Add performance tuning for L3 cache flushing A recommended performance tuning for LNL related to L3 cache flushing was recently introduced in Bspec. Implement it. Unlike the other existing tuning settings, we limit this one for LNL only, since there is no info about whether this would be applicable to other platforms yet. In the future we can come back and use IP version ranges if applicable. v2: - Fix reference to Bspec. (Sai Teja, Tejas) - Use correct register name for "Tuning: L3 RW flush all Cache". (Sai Teja) - Use SCRATCH3_LBCF (with the underscore) for better readability. v3: - Limit setting to LNL only. (Matt) Bspec: 72161 Cc: Sai Teja Pottumuttu Cc: Tejas Upadhyay Cc: Matt Roper Signed-off-by: Gustavo Sousa Reviewed-by: Matt Roper Reviewed-by: Tejas Upadhyay Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240920211459.255181-5-gustavo.sousa@intel.com (cherry picked from commit 876253165f3eaaacacb8c8bed16a9df4b6081479) Signed-off-by: Lucas De Marchi commit 3bf90935aafc750c838c8831e96c3ac36cfd48d5 Author: Gustavo Sousa Date: Fri Sep 20 18:13:16 2024 -0300 drm/xe/xe2: Extend performance tuning to media GT With exception of "Tuning: L3 cache - media", we are currently applying recommended performance tuning settings only for the primary GT. Let's also implement them for the media GT when applicable. According to our spec, media GT registers CCCHKNREG1 and L3SQCREG* exist only in Xe2_LPM and their offsets do not match their primary GT counterparts. Furthermore, the range where CCCHKNREG1 belongs is not listed as a multicast range on the media GT. As such, we need to have Xe2_LPM-specific definitions for those registers and apply the setting only for that specific IP. Both Xe2_HPM and Xe2_LPM contain STATELESS_COMPRESSION_CTRL and the offset on the media GT matches the one on the primary one. So we can simply have a copy of "Tuning: Stateless compression control" for the media GT. v2: - Fix implementation with respect to multicast vs non-multicast registers. (Matt) - Add missing XE2LPM_CCCHKNREG1 on second action of "Tuning: Compression Overfetch - media". v3: - STATELESS_COMPRESSION_CTRL on Xe2_HPM is also a multicast register, do not define a XE2HPM_STATELESS_COMPRESSION_CTRL register. (Tejas) Bspec: 72161 Cc: Matt Roper Reviewed-by: Tejas Upadhyay Signed-off-by: Gustavo Sousa Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240920211459.255181-3-gustavo.sousa@intel.com (cherry picked from commit e1f813947ccf2326cfda4558b7d31430d7860c4b) Signed-off-by: Lucas De Marchi commit 7929ffce0f8b9c76cb5c2a67d1966beaed20ab61 Author: Gustavo Sousa Date: Fri Sep 20 18:13:15 2024 -0300 drm/xe/mcr: Use Xe2_LPM steering tables for Xe2_HPM According to Bspec, Xe2 steering tables must be used for Xe2_HPM, just as it is with Xe2_LPM. Update our driver to reflect that. Bspec: 71186 Reviewed-by: Matt Roper Signed-off-by: Gustavo Sousa Reviewed-by: Tejas Upadhyay Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240920211459.255181-2-gustavo.sousa@intel.com (cherry picked from commit 21ae035ae5c33ef176f4062bd9d4aa973dde240b) Signed-off-by: Lucas De Marchi commit 0f18ac78aa974660a948dafcc45f4dc6e2c5858d Author: Matthew Brost Date: Wed Sep 18 09:05:03 2024 -0700 drm/xe: Use helper for ASID -> VM in GPU faults and access counters Normalize both code paths with a helper. Fixes a possible leak access counter path too. Suggested-by: Matthew Auld Signed-off-by: Matthew Brost Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240918160503.2021315-1-matthew.brost@intel.com (cherry picked from commit dc0dce6d63d22e8319e27b6a41be7368376f9471) Signed-off-by: Lucas De Marchi commit d1ef967126e295d36201e79ec64efdba31710353 Author: Matthew Brost Date: Tue Sep 17 22:44:36 2024 -0700 drm/xe: Convert to USM lock to rwsem Remove contention from GPU fault path for ASID->VM lookup. Signed-off-by: Matthew Brost Reviewed-by: Matthew Auld Reviewed-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240918054436.1971839-1-matthew.brost@intel.com (cherry picked from commit 1378c633a3fbfeb344c486ffda0e920a21e62712) Signed-off-by: Lucas De Marchi commit cb58977016d1b25781743e5fbe6a545493785e37 Author: He Lugang Date: Wed Sep 11 18:22:15 2024 +0800 drm/xe: use devm_add_action_or_reset() helper Use devm_add_action_or_reset() to release resources in case of failure, because the cleanup function will be automatically called. Reviewed-by: Rodrigo Vivi Signed-off-by: He Lugang Link: https://patchwork.freedesktop.org/patch/msgid/9631BC17D1E028A2+20240911102215.84865-1-helugang@uniontech.com Signed-off-by: Rodrigo Vivi (cherry picked from commit fdc81c43f0c14ace6383024a02585e3fcbd1ceba) Signed-off-by: Lucas De Marchi commit 2d2be279f1ca9e7288282d4214f16eea8a727cdb Author: Matthew Auld Date: Mon Sep 23 15:56:48 2024 +0100 drm/xe: fix UAF around queue destruction We currently do stuff like queuing the final destruction step on a random system wq, which will outlive the driver instance. With bad timing we can teardown the driver with one or more work workqueue still being alive leading to various UAF splats. Add a fini step to ensure user queues are properly torn down. At this point GuC should already be nuked so queue itself should no longer be referenced from hw pov. v2 (Matt B) - Looks much safer to use a waitqueue and then just wait for the xa_array to become empty before triggering the drain. Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2317 Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Matthew Auld Cc: Matthew Brost Cc: # v6.8+ Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240923145647.77707-2-matthew.auld@intel.com (cherry picked from commit 861108666cc0e999cffeab6aff17b662e68774e3) Signed-off-by: Lucas De Marchi commit 790533e44bfc7af929842fccd9674c9f424d4627 Author: Matthew Auld Date: Tue Sep 24 16:09:48 2024 +0100 drm/xe/guc_submit: add missing locking in wedged_fini Any non-wedged queue can have a zero refcount here and can be running concurrently with an async queue destroy, therefore dereferencing the queue ptr to check wedge status after the lookup can trigger UAF if queue is not wedged. Fix this by keeping the submission_state lock held around the check to postpone the free and make the check safe, before dropping again around the put() to avoid the deadlock. Fixes: 8ed9aaae39f3 ("drm/xe: Force wedged state and block GT reset upon any GPU hang") Signed-off-by: Matthew Auld Cc: Matthew Brost Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240924150947.118433-2-matthew.auld@intel.com (cherry picked from commit d28af0b6b9580b9f90c265a7da0315b0ad20bbfd) Signed-off-by: Lucas De Marchi commit cffa8e83df9fe525afad1e1099097413f9174f57 Author: Rodrigo Vivi Date: Thu Sep 12 17:45:07 2024 -0400 drm/xe: Restore pci state upon resume The pci state was saved, but not restored. Restore right after the power state transition request like every other driver. v2: Use right fixes tag, since this was there initialy, but accidentally removed. Fixes: f6761c68c0ac ("drm/xe/display: Improve s2idle handling.") Cc: Maarten Lankhorst Cc: Lucas De Marchi Reviewed-by: Jonathan Cavitt Signed-off-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240912214507.456897-1-rodrigo.vivi@intel.com Signed-off-by: Maarten Lankhorst (cherry picked from commit ec2d1539e159f53eae708e194c449cfefa004994) Signed-off-by: Lucas De Marchi commit 240ebf1c9d4ce1576f58e10365fdd3bed8aba7dc Merge: 475be5144459b5 394b52462020b6 Author: Dave Airlie Date: Thu Oct 3 12:02:28 2024 +1000 Merge tag 'drm-intel-fixes-2024-10-02' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-fixes - One fix for bitwise and logical "and" mixup in PM code Signed-off-by: Dave Airlie From: Joonas Lahtinen Link: https://patchwork.freedesktop.org/patch/msgid/Zv1l75s9Z4Gl4lDH@jlahtine-mobl.ger.corp.intel.com commit d28786606a51620df7b7a3e7231338d9bc081656 Author: Kent Overstreet Date: Wed Oct 2 21:35:38 2024 -0400 bcachefs: Fix trans_commit disk accounting revert We only are applying JSET_ENTRY_TYPE_write_buffer_keys, revert path was missed. Fixes: a3581ca35d2b ("bcachefs: Fix BCH_TRANS_COMMIT_skip_accounting_apply") Signed-off-by: Kent Overstreet commit 3b1425a4eb4e9750db8620c26e39390411eea185 Author: Kent Overstreet Date: Wed Oct 2 21:31:31 2024 -0400 bcachefs: Fix bch2_inode_is_open() check Signed-off-by: Kent Overstreet commit abaa6d4f6ab8371c5b73afb726ff1c012526e999 Author: Kent Overstreet Date: Tue Oct 1 17:43:36 2024 -0400 bcachefs: Fix return type of dirent_points_to_inode_nowarn() we're returning an error code now, not a bool Reported-by: Dan Carpenter Signed-off-by: Kent Overstreet commit 475be5144459b502d8aa987637dd4d9f38422786 Merge: 156cc376a200aa f9e7ac6e2e9986 Author: Dave Airlie Date: Thu Oct 3 10:49:06 2024 +1000 Merge tag 'drm-misc-fixes-2024-10-02' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-fixes Short summary of fixes pull: panthor: - Set FOP_UNSIGNED_OFFSET in fops instance - Acquire lock in panthor_vm_prepare_map_op_ctx() - Avoid ninitialized variable in tick_ctx_cleanup() - Do not block scheduler queue if work is pending - Do not add write fences to the shared BOs scheduler: - Fix locking in drm_sched_entity_modify_sched() - Fix pointer deref if entity queue changes Signed-off-by: Dave Airlie From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20241002151528.GA300287@linux.fritz.box commit fa7dfeae041c91e425db9fbb95fb3f57b821c386 Author: FUJITA Tomonori Date: Thu Sep 26 12:14:03 2024 +0000 net: phy: qt2025: Fix warning: unused import DeviceId Fix the following warning when the driver is compiled as built-in: warning: unused import: `DeviceId` --> drivers/net/phy/qt2025.rs:18:5 | 18 | DeviceId, Driver, | ^^^^^^^^ | = note: `#[warn(unused_imports)]` on by default device_table in module_phy_driver macro is defined only when the driver is built as a module. Use phy::DeviceId in the macro instead of importing `DeviceId` since `phy` is always used. Fixes: fd3eaad826da ("net: phy: add Applied Micro QT2025 PHY driver") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409190717.i135rfVo-lkp@intel.com/ Reviewed-by: Alice Ryhl Reviewed-by: Trevor Gross Signed-off-by: FUJITA Tomonori Reviewed-by: Fiona Behrens Acked-by: Miguel Ojeda Link: https://patch.msgid.link/20240926121404.242092-1-fujita.tomonori@gmail.com Signed-off-by: Jakub Kicinski commit a1e40ac5b5e9077fe1f7ae0eb88034db0f9ae1ab Author: Willem de Bruijn Date: Tue Oct 1 13:17:46 2024 -0400 gso: fix udp gso fraglist segmentation after pull from frag_list Detect gso fraglist skbs with corrupted geometry (see below) and pass these to skb_segment instead of skb_segment_list, as the first can segment them correctly. Valid SKB_GSO_FRAGLIST skbs - consist of two or more segments - the head_skb holds the protocol headers plus first gso_size - one or more frag_list skbs hold exactly one segment - all but the last must be gso_size Optional datapath hooks such as NAT and BPF (bpf_skb_pull_data) can modify these skbs, breaking these invariants. In extreme cases they pull all data into skb linear. For UDP, this causes a NULL ptr deref in __udpv4_gso_segment_list_csum at udp_hdr(seg->next)->dest. Detect invalid geometry due to pull, by checking head_skb size. Don't just drop, as this may blackhole a destination. Convert to be able to pass to regular skb_segment. Link: https://lore.kernel.org/netdev/20240428142913.18666-1-shiming.cheng@mediatek.com/ Fixes: 9fd1ff5d2ac7 ("udp: Support UDP fraglist GRO/GSO.") Signed-off-by: Willem de Bruijn Cc: stable@vger.kernel.org Link: https://patch.msgid.link/20241001171752.107580-1-willemdebruijn.kernel@gmail.com Signed-off-by: Jakub Kicinski commit 555f45d24ba7cd5527716553031641cdebbe76c7 Author: Ido Schimmel Date: Sun Sep 29 15:36:40 2024 +0300 bridge: mcast: Fail MDB get request on empty entry When user space deletes a port from an MDB entry, the port is removed synchronously. If this was the last port in the entry and the entry is not joined by the host itself, then the entry is scheduled for deletion via a timer. The above means that it is possible for the MDB get netlink request to retrieve an empty entry which is scheduled for deletion. This is problematic as after deleting the last port in an entry, user space cannot rely on a non-zero return code from the MDB get request as an indication that the port was successfully removed. Fix by returning an error when the entry's port list is empty and the entry is not joined by the host. Fixes: 68b380a395a7 ("bridge: mcast: Add MDB get support") Reported-by: Jamie Bainbridge Closes: https://lore.kernel.org/netdev/c92569919307749f879b9482b0f3e125b7d9d2e3.1726480066.git.jamie.bainbridge@gmail.com/ Tested-by: Jamie Bainbridge Signed-off-by: Ido Schimmel Acked-by: Nikolay Aleksandrov Link: https://patch.msgid.link/20240929123640.558525-1-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit b04c4d9eb4f25b950b33218e33b04c94e7445e51 Author: Willem de Bruijn Date: Sun Sep 29 02:18:20 2024 -0400 vrf: revert "vrf: Remove unnecessary RCU-bh critical section" This reverts commit 504fc6f4f7f681d2a03aa5f68aad549d90eab853. dev_queue_xmit_nit is expected to be called with BH disabled. __dev_queue_xmit has the following: /* Disable soft irqs for various locks below. Also * stops preemption for RCU. */ rcu_read_lock_bh(); VRF must follow this invariant. The referenced commit removed this protection. Which triggered a lockdep warning: ================================ WARNING: inconsistent lock state 6.11.0 #1 Tainted: G W -------------------------------- inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage. btserver/134819 [HC0[0]:SC0[0]:HE1:SE1] takes: ffff8882da30c118 (rlock-AF_PACKET){+.?.}-{2:2}, at: tpacket_rcv+0x863/0x3b30 {IN-SOFTIRQ-W} state was registered at: lock_acquire+0x19a/0x4f0 _raw_spin_lock+0x27/0x40 packet_rcv+0xa33/0x1320 __netif_receive_skb_core.constprop.0+0xcb0/0x3a90 __netif_receive_skb_list_core+0x2c9/0x890 netif_receive_skb_list_internal+0x610/0xcc0 [...] other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(rlock-AF_PACKET); lock(rlock-AF_PACKET); *** DEADLOCK *** Call Trace: dump_stack_lvl+0x73/0xa0 mark_lock+0x102e/0x16b0 __lock_acquire+0x9ae/0x6170 lock_acquire+0x19a/0x4f0 _raw_spin_lock+0x27/0x40 tpacket_rcv+0x863/0x3b30 dev_queue_xmit_nit+0x709/0xa40 vrf_finish_direct+0x26e/0x340 [vrf] vrf_l3_out+0x5f4/0xe80 [vrf] __ip_local_out+0x51e/0x7a0 [...] Fixes: 504fc6f4f7f6 ("vrf: Remove unnecessary RCU-bh critical section") Link: https://lore.kernel.org/netdev/20240925185216.1990381-1-greearb@candelatech.com/ Reported-by: Ben Greear Signed-off-by: Willem de Bruijn Cc: stable@vger.kernel.org Reviewed-by: Ido Schimmel Tested-by: Ido Schimmel Reviewed-by: David Ahern Link: https://patch.msgid.link/20240929061839.1175300-1-willemdebruijn.kernel@gmail.com Signed-off-by: Jakub Kicinski commit 3c97fe4f9fbc2bbc555b51268a9556e61cd3ca4e Author: Dan Carpenter Date: Sat Sep 28 13:04:01 2024 +0300 net: ethernet: ti: am65-cpsw: Fix forever loop in cleanup code This error handling has a typo. It should i++ instead of i--. In the original code the error handling will loop until it crashes. Fixes: da70d184a8c3 ("net: ethernet: ti: am65-cpsw: Introduce multi queue Rx") Signed-off-by: Dan Carpenter Reviewed-by: Alexander Sverdlin Reviewed-by: Roger Quadros Link: https://patch.msgid.link/8e7960cc-415d-48d7-99ce-f623022ec7b5@stanley.mountain Signed-off-by: Jakub Kicinski commit c283782fc5d60c4d8169137c6f955aa3553d3b3d Author: Hui Wang Date: Fri Sep 27 19:46:10 2024 +0800 net: phy: realtek: Check the index value in led_hw_control_get Just like rtl8211f_led_hw_is_supported() and rtl8211f_led_hw_control_set(), the rtl8211f_led_hw_control_get() also needs to check the index value, otherwise the caller is likely to get an incorrect rules. Fixes: 17784801d888 ("net: phy: realtek: Add support for PHY LEDs on RTL8211F") Signed-off-by: Hui Wang Reviewed-by: Marek Vasut Link: https://patch.msgid.link/20240927114610.1278935-1-hui.wang@canonical.com Signed-off-by: Jakub Kicinski commit aec7291003df78cb71fd461d7b672912bde55807 Author: Eric Dumazet Date: Fri Sep 27 07:45:53 2024 +0000 ppp: do not assume bh is held in ppp_channel_bridge_input() Networking receive path is usually handled from BH handler. However, some protocols need to acquire the socket lock, and packets might be stored in the socket backlog is the socket was owned by a user process. In this case, release_sock(), __release_sock(), and sk_backlog_rcv() might call the sk->sk_backlog_rcv() handler in process context. sybot caught ppp was not considering this case in ppp_channel_bridge_input() : WARNING: inconsistent lock state 6.11.0-rc7-syzkaller-g5f5673607153 #0 Not tainted -------------------------------- inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. ksoftirqd/1/24 [HC0[0]:SC1[1]:HE1:SE0] takes: ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline] ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2272 [inline] ffff0000db7f11e0 (&pch->downl){+.?.}-{2:2}, at: ppp_input+0x16c/0x854 drivers/net/ppp/ppp_generic.c:2304 {SOFTIRQ-ON-W} state was registered at: lock_acquire+0x240/0x728 kernel/locking/lockdep.c:5759 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x48/0x60 kernel/locking/spinlock.c:154 spin_lock include/linux/spinlock.h:351 [inline] ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2272 [inline] ppp_input+0x16c/0x854 drivers/net/ppp/ppp_generic.c:2304 pppoe_rcv_core+0xfc/0x314 drivers/net/ppp/pppoe.c:379 sk_backlog_rcv include/net/sock.h:1111 [inline] __release_sock+0x1a8/0x3d8 net/core/sock.c:3004 release_sock+0x68/0x1b8 net/core/sock.c:3558 pppoe_sendmsg+0xc8/0x5d8 drivers/net/ppp/pppoe.c:903 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg net/socket.c:745 [inline] __sys_sendto+0x374/0x4f4 net/socket.c:2204 __do_sys_sendto net/socket.c:2216 [inline] __se_sys_sendto net/socket.c:2212 [inline] __arm64_sys_sendto+0xd8/0xf8 net/socket.c:2212 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598 irq event stamp: 282914 hardirqs last enabled at (282914): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (282914): [] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194 hardirqs last disabled at (282913): [] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline] hardirqs last disabled at (282913): [] _raw_spin_lock_irqsave+0x2c/0x7c kernel/locking/spinlock.c:162 softirqs last enabled at (282904): [] softirq_handle_end kernel/softirq.c:400 [inline] softirqs last enabled at (282904): [] handle_softirqs+0xa3c/0xbfc kernel/softirq.c:582 softirqs last disabled at (282909): [] run_ksoftirqd+0x70/0x158 kernel/softirq.c:928 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&pch->downl); lock(&pch->downl); *** DEADLOCK *** 1 lock held by ksoftirqd/1/24: #0: ffff80008f74dfa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c include/linux/rcupdate.h:325 stack backtrace: CPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 Call trace: dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:319 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:326 __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:119 dump_stack+0x1c/0x28 lib/dump_stack.c:128 print_usage_bug+0x698/0x9ac kernel/locking/lockdep.c:4000 mark_lock_irq+0x980/0xd2c mark_lock+0x258/0x360 kernel/locking/lockdep.c:4677 __lock_acquire+0xf48/0x779c kernel/locking/lockdep.c:5096 lock_acquire+0x240/0x728 kernel/locking/lockdep.c:5759 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x48/0x60 kernel/locking/spinlock.c:154 spin_lock include/linux/spinlock.h:351 [inline] ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2272 [inline] ppp_input+0x16c/0x854 drivers/net/ppp/ppp_generic.c:2304 ppp_async_process+0x98/0x150 drivers/net/ppp/ppp_async.c:495 tasklet_action_common+0x318/0x3f4 kernel/softirq.c:785 tasklet_action+0x68/0x8c kernel/softirq.c:811 handle_softirqs+0x2e4/0xbfc kernel/softirq.c:554 run_ksoftirqd+0x70/0x158 kernel/softirq.c:928 smpboot_thread_fn+0x4b0/0x90c kernel/smpboot.c:164 kthread+0x288/0x310 kernel/kthread.c:389 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860 Fixes: 4cf476ced45d ("ppp: add PPPIOCBRIDGECHAN and PPPIOCUNBRIDGECHAN ioctls") Reported-by: syzbot+bd8d55ee2acd0a71d8ce@syzkaller.appspotmail.com Closes: https://lore.kernel.org/netdev/66f661e2.050a0220.38ace9.000f.GAE@google.com/T/#u Signed-off-by: Eric Dumazet Cc: Tom Parkin Cc: James Chapman Link: https://patch.msgid.link/20240927074553.341910-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit 8ed7cf66f4841bcc8c15a89be0732b933703b51c Author: Hangbin Liu Date: Fri Sep 27 12:13:49 2024 +0800 selftests: rds: move include.sh to TEST_FILES The include.sh file is generated for inclusion and should not be executable. Otherwise, it will be added to kselftest-list.txt. Additionally, add the executable bit for test.py at the same time to ensure proper functionality. Fixes: 3ade6ce1255e ("selftests: rds: add testing infrastructure") Signed-off-by: Hangbin Liu Link: https://patch.msgid.link/20240927041349.81216-1-liuhangbin@gmail.com Signed-off-by: Jakub Kicinski commit 49d14b54a527289d09a9480f214b8c586322310a Author: Eric Dumazet Date: Thu Sep 26 16:58:36 2024 +0000 net: test for not too small csum_start in virtio_net_hdr_to_skb() syzbot was able to trigger this warning [1], after injecting a malicious packet through af_packet, setting skb->csum_start and thus the transport header to an incorrect value. We can at least make sure the transport header is after the end of the network header (with a estimated minimal size). [1] [ 67.873027] skb len=4096 headroom=16 headlen=14 tailroom=0 mac=(-1,-1) mac_len=0 net=(16,-6) trans=10 shinfo(txflags=0 nr_frags=1 gso(size=0 type=0 segs=0)) csum(0xa start=10 offset=0 ip_summed=3 complete_sw=0 valid=0 level=0) hash(0x0 sw=0 l4=0) proto=0x0800 pkttype=0 iif=0 priority=0x0 mark=0x0 alloc_cpu=10 vlan_all=0x0 encapsulation=0 inner(proto=0x0000, mac=0, net=0, trans=0) [ 67.877172] dev name=veth0_vlan feat=0x000061164fdd09e9 [ 67.877764] sk family=17 type=3 proto=0 [ 67.878279] skb linear: 00000000: 00 00 10 00 00 00 00 00 0f 00 00 00 08 00 [ 67.879128] skb frag: 00000000: 0e 00 07 00 00 00 28 00 08 80 1c 00 04 00 00 02 [ 67.879877] skb frag: 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.880647] skb frag: 00000020: 00 00 02 00 00 00 08 00 1b 00 00 00 00 00 00 00 [ 67.881156] skb frag: 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.881753] skb frag: 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.882173] skb frag: 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.882790] skb frag: 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.883171] skb frag: 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.883733] skb frag: 00000080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.884206] skb frag: 00000090: 00 00 00 00 00 00 00 00 00 00 69 70 76 6c 61 6e [ 67.884704] skb frag: 000000a0: 31 00 00 00 00 00 00 00 00 00 2b 00 00 00 00 00 [ 67.885139] skb frag: 000000b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.885677] skb frag: 000000c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.886042] skb frag: 000000d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.886408] skb frag: 000000e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.887020] skb frag: 000000f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 67.887384] skb frag: 00000100: 00 00 [ 67.887878] ------------[ cut here ]------------ [ 67.887908] offset (-6) >= skb_headlen() (14) [ 67.888445] WARNING: CPU: 10 PID: 2088 at net/core/dev.c:3332 skb_checksum_help (net/core/dev.c:3332 (discriminator 2)) [ 67.889353] Modules linked in: macsec macvtap macvlan hsr wireguard curve25519_x86_64 libcurve25519_generic libchacha20poly1305 chacha_x86_64 libchacha poly1305_x86_64 dummy bridge sr_mod cdrom evdev pcspkr i2c_piix4 9pnet_virtio 9p 9pnet netfs [ 67.890111] CPU: 10 UID: 0 PID: 2088 Comm: b363492833 Not tainted 6.11.0-virtme #1011 [ 67.890183] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 67.890309] RIP: 0010:skb_checksum_help (net/core/dev.c:3332 (discriminator 2)) [ 67.891043] Call Trace: [ 67.891173] [ 67.891274] ? __warn (kernel/panic.c:741) [ 67.891320] ? skb_checksum_help (net/core/dev.c:3332 (discriminator 2)) [ 67.891333] ? report_bug (lib/bug.c:180 lib/bug.c:219) [ 67.891348] ? handle_bug (arch/x86/kernel/traps.c:239) [ 67.891363] ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1)) [ 67.891372] ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621) [ 67.891388] ? skb_checksum_help (net/core/dev.c:3332 (discriminator 2)) [ 67.891399] ? skb_checksum_help (net/core/dev.c:3332 (discriminator 2)) [ 67.891416] ip_do_fragment (net/ipv4/ip_output.c:777 (discriminator 1)) [ 67.891448] ? __ip_local_out (./include/linux/skbuff.h:1146 ./include/net/l3mdev.h:196 ./include/net/l3mdev.h:213 net/ipv4/ip_output.c:113) [ 67.891459] ? __pfx_ip_finish_output2 (net/ipv4/ip_output.c:200) [ 67.891470] ? ip_route_output_flow (./arch/x86/include/asm/preempt.h:84 (discriminator 13) ./include/linux/rcupdate.h:96 (discriminator 13) ./include/linux/rcupdate.h:871 (discriminator 13) net/ipv4/route.c:2625 (discriminator 13) ./include/net/route.h:141 (discriminator 13) net/ipv4/route.c:2852 (discriminator 13)) [ 67.891484] ipvlan_process_v4_outbound (drivers/net/ipvlan/ipvlan_core.c:445 (discriminator 1)) [ 67.891581] ipvlan_queue_xmit (drivers/net/ipvlan/ipvlan_core.c:542 drivers/net/ipvlan/ipvlan_core.c:604 drivers/net/ipvlan/ipvlan_core.c:670) [ 67.891596] ipvlan_start_xmit (drivers/net/ipvlan/ipvlan_main.c:227) [ 67.891607] dev_hard_start_xmit (./include/linux/netdevice.h:4916 ./include/linux/netdevice.h:4925 net/core/dev.c:3588 net/core/dev.c:3604) [ 67.891620] __dev_queue_xmit (net/core/dev.h:168 (discriminator 25) net/core/dev.c:4425 (discriminator 25)) [ 67.891630] ? skb_copy_bits (./include/linux/uaccess.h:233 (discriminator 1) ./include/linux/uaccess.h:260 (discriminator 1) ./include/linux/highmem-internal.h:230 (discriminator 1) net/core/skbuff.c:3018 (discriminator 1)) [ 67.891645] ? __pskb_pull_tail (net/core/skbuff.c:2848 (discriminator 4)) [ 67.891655] ? skb_partial_csum_set (net/core/skbuff.c:5657) [ 67.891666] ? virtio_net_hdr_to_skb.constprop.0 (./include/linux/skbuff.h:2791 (discriminator 3) ./include/linux/skbuff.h:2799 (discriminator 3) ./include/linux/virtio_net.h:109 (discriminator 3)) [ 67.891684] packet_sendmsg (net/packet/af_packet.c:3145 (discriminator 1) net/packet/af_packet.c:3177 (discriminator 1)) [ 67.891700] ? _raw_spin_lock_bh (./arch/x86/include/asm/atomic.h:107 (discriminator 4) ./include/linux/atomic/atomic-arch-fallback.h:2170 (discriminator 4) ./include/linux/atomic/atomic-instrumented.h:1302 (discriminator 4) ./include/asm-generic/qspinlock.h:111 (discriminator 4) ./include/linux/spinlock.h:187 (discriminator 4) ./include/linux/spinlock_api_smp.h:127 (discriminator 4) kernel/locking/spinlock.c:178 (discriminator 4)) [ 67.891716] __sys_sendto (net/socket.c:730 (discriminator 1) net/socket.c:745 (discriminator 1) net/socket.c:2210 (discriminator 1)) [ 67.891734] ? do_sock_setsockopt (net/socket.c:2335) [ 67.891747] ? __sys_setsockopt (./include/linux/file.h:34 net/socket.c:2355) [ 67.891761] __x64_sys_sendto (net/socket.c:2222 (discriminator 1) net/socket.c:2218 (discriminator 1) net/socket.c:2218 (discriminator 1)) [ 67.891772] do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1)) [ 67.891785] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) Fixes: 9181d6f8a2bb ("net: add more sanity check in virtio_net_hdr_to_skb()") Signed-off-by: Eric Dumazet Reviewed-by: Willem de Bruijn Link: https://patch.msgid.link/20240926165836.3797406-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit 17bd3bd82f9f79f3feba15476c2b2c95a9b11ff8 Author: Felix Fietkau Date: Thu Sep 26 10:53:14 2024 +0200 net: gso: fix tcp fraglist segmentation after pull from frag_list Detect tcp gso fraglist skbs with corrupted geometry (see below) and pass these to skb_segment instead of skb_segment_list, as the first can segment them correctly. Valid SKB_GSO_FRAGLIST skbs - consist of two or more segments - the head_skb holds the protocol headers plus first gso_size - one or more frag_list skbs hold exactly one segment - all but the last must be gso_size Optional datapath hooks such as NAT and BPF (bpf_skb_pull_data) can modify these skbs, breaking these invariants. In extreme cases they pull all data into skb linear. For TCP, this causes a NULL ptr deref in __tcpv4_gso_segment_list_csum at tcp_hdr(seg->next). Detect invalid geometry due to pull, by checking head_skb size. Don't just drop, as this may blackhole a destination. Convert to be able to pass to regular skb_segment. Approach and description based on a patch by Willem de Bruijn. Link: https://lore.kernel.org/netdev/20240428142913.18666-1-shiming.cheng@mediatek.com/ Link: https://lore.kernel.org/netdev/20240922150450.3873767-1-willemdebruijn.kernel@gmail.com/ Fixes: bee88cd5bd83 ("net: add support for segmenting TCP fraglist GSO packets") Cc: stable@vger.kernel.org Signed-off-by: Felix Fietkau Reviewed-by: Willem de Bruijn Link: https://patch.msgid.link/20240926085315.51524-1-nbd@nbd.name Signed-off-by: Jakub Kicinski commit 854e9bf5c524c836e3c65737b9ddc90e8b7622cc Merge: e5e3f369b123a7 7b124695db40d5 Author: Jakub Kicinski Date: Wed Oct 2 17:14:52 2024 -0700 Merge tag 'mlx5-fixes-2024-09-25' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux Saeed Mahameed says: ==================== mlx5 fixes 2024-09-25 * tag 'mlx5-fixes-2024-09-25' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux: net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice net/mlx5e: SHAMPO, Fix overflow of hd_per_wq net/mlx5: HWS, changed E2BIG error to a negative return code net/mlx5: HWS, fixed double-free in error flow of creating SQ net/mlx5: Fix wrong reserved field in hca_cap_2 in mlx5_ifc net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() net/mlx5: Added cond_resched() to crdump collection net/mlx5: Fix error path in multi-packet WQE transmit ==================== Link: https://patch.msgid.link/20240925202013.45374-1-saeed@kernel.org Signed-off-by: Jakub Kicinski commit e5e3f369b123a7abe83fb6f5f9eab6651ee9b76b Merge: cb3ad11342a2fb b25e11f978b63c Author: Jakub Kicinski Date: Wed Oct 2 17:09:52 2024 -0700 Merge tag 'for-net-2024-09-27' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth Luiz Augusto von Dentz says: ==================== bluetooth pull request for net: - btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() - MGMT: Fix possible crash on mgmt_index_removed - L2CAP: Fix uaf in l2cap_connect - Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE * tag 'for-net-2024-09-27' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() Bluetooth: L2CAP: Fix uaf in l2cap_connect Bluetooth: MGMT: Fix possible crash on mgmt_index_removed ==================== Link: https://patch.msgid.link/20240927145730.2452175-1-luiz.dentz@gmail.com Signed-off-by: Jakub Kicinski commit cb3ad11342a2fb3d5b67a4ca0f06a64bbe2edc52 Merge: c4a14f6d9d17ad 09573b1cc76e7f Author: Jakub Kicinski Date: Wed Oct 2 17:07:00 2024 -0700 Merge tag 'ieee802154-for-net-2024-09-27' of git://git.kernel.org/pub/scm/linux/kernel/git/wpan/wpan Stefan Schmidt says: ==================== pull-request: ieee802154 for net 2024-09-27 Jinjie Ruan added the use of IRQF_NO_AUTOEN in the mcr20a driver and fixed and addiotinal build dependency problem while doing so. Jiawei Ye, ensured a correct RCU handling in mac802154_scan_worker. * tag 'ieee802154-for-net-2024-09-27' of git://git.kernel.org/pub/scm/linux/kernel/git/wpan/wpan: net: ieee802154: mcr20a: Use IRQF_NO_AUTOEN flag in request_irq() mac802154: Fix potential RCU dereference issue in mac802154_scan_worker ieee802154: Fix build error ==================== Link: https://patch.msgid.link/20240927094351.3865511-1-stefan@datenfreihafen.org Signed-off-by: Jakub Kicinski commit 156cc376a200aa9890c1f71c5e3d2fec874a7d07 Merge: 43102a2012c2e2 52d4e3fb3d3404 Author: Dave Airlie Date: Thu Oct 3 10:02:45 2024 +1000 Merge tag 'amd-drm-fixes-6.12-2024-10-02' of https://gitlab.freedesktop.org/agd5f/linux into drm-fixes amd-drm-fixes-6.12-2024-10-02: amdgpu: - DML2 fix - DSC fix - Dispclk fix - eDP HDR fix - IPS fix - TBT fix Signed-off-by: Dave Airlie From: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20241002135831.2510790-1-alexander.deucher@amd.com commit 7ec462100ef9142344ddbf86f2c3008b97acddbe Merge: f23aa4c0761a70 5f60d5f6bbc12e Author: Linus Torvalds Date: Wed Oct 2 16:42:28 2024 -0700 Merge tag 'pull-work.unaligned' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs Pull generic unaligned.h cleanups from Al Viro: "Get rid of architecture-specific includes, replacing them with a single generic header file. It's the second largest (after asm/io.h) class of asm/* includes, and all but two architectures actually end up using exact same file. Massage the remaining two (arc and parisc) to do the same and just move the thing to from asm-generic/unaligned.h to linux/unaligned.h" [ This is one of those things that we're better off doing outside the merge window, and would only cause extra conflict noise if it was in linux-next for the next release due to all the trivial #include line updates. Rip off the band-aid. - Linus ] * tag 'pull-work.unaligned' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: move asm/unaligned.h to linux/unaligned.h arc: get rid of private asm/unaligned.h parisc: get rid of private asm/unaligned.h commit 5b35746a0fdc73063a4c7fc6208b7abd644f9ef5 Author: Linus Walleij Date: Fri Sep 27 17:54:28 2024 +0200 Revert "mmc: mvsdio: Use sg_miter for PIO" This reverts commit 2761822c00e8c271f10a10affdbd4917d900d7ea. When testing on real hardware the patch does not work. Revert, try to acquire real hardware, and retry. These systems typically don't have highmem anyway so the impact is likely zero. Cc: stable@vger.kernel.org Reported-by: Charlie Signed-off-by: Linus Walleij Link: https://lore.kernel.org/r/20240927-kirkwood-mmc-regression-v1-1-2e55bbbb7b19@linaro.org Signed-off-by: Ulf Hansson commit c26339faed11fae01fafd61e5e97ac3ba7b23ef3 Author: Guenter Roeck Date: Tue Sep 24 14:01:23 2024 -0700 mmc: core: Only set maximum DMA segment size if DMA is supported Since upstream commit 334304ac2bac ("dma-mapping: don't return errors from dma_set_max_seg_size") calling dma_set_max_seg_size() on a device not supporting DMA results in a warning traceback. This is seen when booting the sifive_u machine from SD. The underlying SPI controller (sifive,spi0 compatible) explicitly sets dma_mask to NULL. Avoid the backtrace by only calling dma_set_max_seg_size() if DMA is supported. Signed-off-by: Guenter Roeck Reviewed-by: Christoph Hellwig Reviewed-by: Robin Murphy Tested-by: Geert Uytterhoeven Fixes: 334304ac2bac ("dma-mapping: don't return errors from dma_set_max_seg_size") Link: https://lore.kernel.org/r/20240924210123.2288529-1-linux@roeck-us.net Signed-off-by: Ulf Hansson commit e9f49feefb4b13b36441aae51649a67a8389bd40 Author: Shen Lichuan Date: Wed Sep 25 14:55:43 2024 +0800 smb: client: Correct typos in multiple comments across various files Fixed some confusing typos that were currently identified witch codespell, the details are as follows: -in the code comments: fs/smb/client/cifsacl.h:58: inheritence ==> inheritance fs/smb/client/cifsencrypt.c:242: origiginal ==> original fs/smb/client/cifsfs.c:164: referece ==> reference fs/smb/client/cifsfs.c:292: ned ==> need fs/smb/client/cifsglob.h:779: initital ==> initial fs/smb/client/cifspdu.h:784: altetnative ==> alternative fs/smb/client/cifspdu.h:2409: conrol ==> control fs/smb/client/cifssmb.c:1218: Expirement ==> Experiment fs/smb/client/cifssmb.c:3021: conver ==> convert fs/smb/client/cifssmb.c:3998: asterik ==> asterisk fs/smb/client/file.c:2505: useable ==> usable fs/smb/client/fs_context.h:263: timemout ==> timeout fs/smb/client/misc.c:257: responsbility ==> responsibility fs/smb/client/netmisc.c:1006: divisable ==> divisible fs/smb/client/readdir.c:556: endianess ==> endianness fs/smb/client/readdir.c:818: bu ==> by fs/smb/client/smb2ops.c:2180: snaphots ==> snapshots fs/smb/client/smb2ops.c:3586: otions ==> options fs/smb/client/smb2pdu.c:2979: timestaps ==> timestamps fs/smb/client/smb2pdu.c:4574: memmory ==> memory fs/smb/client/smb2transport.c:699: origiginal ==> original fs/smb/client/smbdirect.c:222: happenes ==> happens fs/smb/client/smbdirect.c:1347: registartions ==> registrations fs/smb/client/smbdirect.h:114: accoutning ==> accounting Signed-off-by: Shen Lichuan Signed-off-by: Steve French commit 1117b916f541fc8e4ce812843555432022e5aa0e Author: Herve Codina Date: Mon Sep 9 14:11:29 2024 +0200 soc: fsl: cpm1: qmc: Fix unused data compilation warning In some configuration, compilation raises warnings related to unused data. Indeed, depending on configuration, those data can be unused. mark those data as __maybe_unused to avoid compilation warnings. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409071707.ou2KFNKO-lkp@intel.com/ Fixes: eb680d563089 ("soc: fsl: cpm1: qmc: Add support for QUICC Engine (QE) implementation") Signed-off-by: Herve Codina Link: https://lore.kernel.org/r/20240909121129.57067-1-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 122019f051bdae3c700ec4a8246b74e3e6f29d9b Author: Geert Uytterhoeven Date: Mon Sep 30 17:08:31 2024 +0200 soc: fsl: cpm1: qmc: Do not use IS_ERR_VALUE() on error pointers ppc64_book3e_allmodconfig: drivers/soc/fsl/qe/qmc.c: In function ‘qmc_qe_init_resources’: include/linux/err.h:28:49: error: cast to pointer from integer of different size [-Werror=int-to-pointer-cast] 28 | #define IS_ERR_VALUE(x) unlikely((unsigned long)(void *)(x) >= (unsigned long)-MAX_ERRNO) | ^ include/linux/compiler.h:77:45: note: in definition of macro ‘unlikely’ 77 | # define unlikely(x) __builtin_expect(!!(x), 0) | ^ drivers/soc/fsl/qe/qmc.c:1764:13: note: in expansion of macro ‘IS_ERR_VALUE’ 1764 | if (IS_ERR_VALUE(info)) { | ^~~~~~~~~~~~ IS_ERR_VALUE() is only meant for pointers. Fix this by checking for a negative error value instead, which matches the documented behavior of devm_qe_muram_alloc() aka devm_cpm_muram_alloc(). While at it, remove the unneeded print in case of a memory allocation failure, and propagate the returned error code. Fixes: eb680d563089e55b ("soc: fsl: cpm1: qmc: Add support for QUICC Engine (QE) implementation") Signed-off-by: Geert Uytterhoeven Tested-by: Herve Codina Acked-by: Herve Codina Link: https://lore.kernel.org/r/8b113596b2c8cdda6655346232cc603efdeb935a.1727708905.git.geert+renesas@glider.be Signed-off-by: Christophe Leroy commit 5f60d5f6bbc12e782fac78110b0ee62698f3b576 Author: Al Viro Date: Tue Oct 1 15:35:57 2024 -0400 move asm/unaligned.h to linux/unaligned.h asm/unaligned.h is always an include of asm-generic/unaligned.h; might as well move that thing to linux/unaligned.h and include that - there's nothing arch-specific in that header. auto-generated by the following: for i in `git grep -l -w asm/unaligned.h`; do sed -i -e "s/asm\/unaligned.h/linux\/unaligned.h/" $i done for i in `git grep -l -w asm-generic/unaligned.h`; do sed -i -e "s/asm-generic\/unaligned.h/linux\/unaligned.h/" $i done git mv include/asm-generic/unaligned.h include/linux/unaligned.h git mv tools/include/asm-generic/unaligned.h tools/include/linux/unaligned.h sed -i -e "/unaligned.h/d" include/asm-generic/Kbuild sed -i -e "s/__ASM_GENERIC/__LINUX/" include/linux/unaligned.h tools/include/linux/unaligned.h commit 00429083f404efe230fee577aa3dfbf2dea9b1f1 Author: Al Viro Date: Tue Dec 5 21:53:22 2023 -0500 arc: get rid of private asm/unaligned.h Declarations local to arch/*/kernel/*.c are better off *not* in a public header - arch/arc/kernel/unaligned.h is just fine for those bits. Unlike the parisc case, here we have an extra twist - asm/mmu.h has an implicit dependency on struct pt_regs, and in some users that used to be satisfied by include of asm/ptrace.h from asm/unaligned.h (note that asm/mmu.h itself did _not_ pull asm/unaligned.h - it relied upon the users having pulled asm/unaligned.h before asm/mmu.h got there). Seeing that asm/mmu.h only wants struct pt_regs * arguments in an extern, just pre-declare it there - less brittle that way. With that done _all_ asm/unaligned.h instances are reduced to include of asm-generic/unaligned.h and can be removed - unaligned.h is in mandatory-y in include/asm-generic/Kbuild. What's more, we can move asm-generic/unaligned.h to linux/unaligned.h and switch includes of to ; that's better off as an auto-generated commit, though, to be done by Linus at -rc1 time next cycle. Acked-by: Vineet Gupta Signed-off-by: Al Viro commit e934a35e3cc1fe0bfb1bc771e64f3ba6e70c40e2 Author: Ilkka Koskinen Date: Tue Sep 24 16:39:30 2024 -0700 perf cs-etm: Fix the assert() to handle captured and unprocessed cpu trace If one builds perf with DEBUG=1, captures data on multiple CPUs and finally runs 'perf report -C ' for only one of the cpus, assert() aborts the program. This happens because there are empty queues with format set. This patch changes the condition to abort only if a queue is not empty and if the format is unset. $ make -C tools/perf DEBUG=1 CORESIGHT=1 CSLIBS=/usr/lib CSINCLUDES=/usr/include install $ perf record -o kcore --kcore -e cs_etm/timestamp/k -s -C 0-1 dd if=/dev/zero of=/dev/null bs=1M count=1 $ perf report --input kcore/data --vmlinux=/home/ikoskine/projects/linux/vmlinux -C 1 Aborted (core dumped) Fixes: 57880a7966be510c ("perf: cs-etm: Allocate queues for all CPUs") Reviewed-by: James Clark Signed-off-by: Ilkka Koskinen Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Suzuki Poulouse Cc: Will Deacon Link: https://lore.kernel.org/r/20240924233930.5193-1-ilkka@os.amperecomputing.com Signed-off-by: Arnaldo Carvalho de Melo commit a530337ba9ef601c93ec378fd941be43f587d563 Author: Yang Jihong Date: Thu Sep 19 09:35:12 2024 +0800 perf build: Fix build feature-dwarf_getlocations fail for old libdw For libdw versions below 0.177, need to link libdl.a in addition to libbebl.a during static compilation, otherwise feature-dwarf_getlocations compilation will fail. Before: $ make LDFLAGS=-static BUILD: Doing 'make -j20' parallel build Makefile.config:483: Old libdw.h, finding variables at given 'perf probe' point will not work, install elfutils-devel/libdw-dev >= 0.157 $ cat ../build/feature/test-dwarf_getlocations.make.output /usr/bin/ld: /usr/lib/gcc/x86_64-linux-gnu/9/../../../x86_64-linux-gnu/libebl.a(eblclosebackend.o): in function `ebl_closebackend': (.text+0x20): undefined reference to `dlclose' collect2: error: ld returned 1 exit status After: $ make LDFLAGS=-static Auto-detecting system features: ... dwarf: [ on ] $ ./perf probe Usage: perf probe [] 'PROBEDEF' ['PROBEDEF' ...] or: perf probe [] --add 'PROBEDEF' [--add 'PROBEDEF' ...] or: perf probe [] --del '[GROUP:]EVENT' ... or: perf probe --list [GROUP:]EVENT ... Fixes: 536661da6ea18fe6 ("perf: build: Only link libebl.a for old libdw") Reviewed-by: Leo Yan Signed-off-by: Yang Jihong Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240919013513.118527-3-yangjihong@bytedance.com Signed-off-by: Arnaldo Carvalho de Melo commit 43f6564f18bf5b27e1675ef6f4baf68e786396b2 Author: Yang Jihong Date: Thu Sep 19 09:35:11 2024 +0800 perf build: Fix static compilation error when libdw is not installed If libdw is not installed in build environment, the output of 'pkg-config --modversion libdw' is empty, causing LIBDW_VERSION_2 to be empty and the shell test will have the following error: /bin/sh: 1: test: -lt: unexpected operator Before: $ pkg-config --modversion libdw Package libdw was not found in the pkg-config search path. Perhaps you should add the directory containing `libdw.pc' to the PKG_CONFIG_PATH environment variable No package 'libdw' found $ make LDFLAGS=-static -j16 BUILD: Doing 'make -j20' parallel build Package libdw was not found in the pkg-config search path. Perhaps you should add the directory containing `libdw.pc' to the PKG_CONFIG_PATH environment variable No package 'libdw' found /bin/sh: 1: test: -lt: unexpected operator After: 1. libdw is not installed: $ pkg-config --modversion libdw Package libdw was not found in the pkg-config search path. Perhaps you should add the directory containing `libdw.pc' to the PKG_CONFIG_PATH environment variable No package 'libdw' found $ make LDFLAGS=-static -j16 BUILD: Doing 'make -j20' parallel build Package libdw was not found in the pkg-config search path. Perhaps you should add the directory containing `libdw.pc' to the PKG_CONFIG_PATH environment variable No package 'libdw' found Makefile.config:473: No libdw DWARF unwind found, Please install elfutils-devel/libdw-dev >= 0.158 and/or set LIBDW_DIR 2. libdw version is lower than 0.177 $ pkg-config --modversion libdw 0.176 $ make LDFLAGS=-static -j16 BUILD: Doing 'make -j20' parallel build Auto-detecting system features: ... dwarf: [ on ] INSTALL libsubcmd_headers INSTALL libapi_headers INSTALL libperf_headers INSTALL libsymbol_headers INSTALL libbpf_headers LINK perf 3. libdw version is higher than 0.177 $ pkg-config --modversion libdw 0.186 $ make LDFLAGS=-static -j16 BUILD: Doing 'make -j20' parallel build Auto-detecting system features: ... dwarf: [ on ] CC util/bpf-utils.o CC util/pfm.o LD util/perf-util-in.o LD perf-util-in.o AR libperf-util.a LINK perf Fixes: 536661da6ea18fe6 ("perf: build: Only link libebl.a for old libdw") Reviewed-by: Leo Yan Signed-off-by: Yang Jihong Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240919013513.118527-2-yangjihong@bytedance.com Signed-off-by: Arnaldo Carvalho de Melo commit 008979cc6911987152eb7485943c85b9c92c1e9b Author: James Clark Date: Tue Oct 1 13:36:25 2024 +0100 perf dwarf-aux: Fix build with !HAVE_DWARF_GETLOCATIONS_SUPPORT The linked fixes commit added an #include "dwarf-aux.h" to disasm.h which gets picked up in a lot of places. Without HAVE_DWARF_GETLOCATIONS_SUPPORT the stubs return an errno, so include errno.h to fix the following build error: In file included from util/disasm.h:8, from util/annotate.h:16, from builtin-top.c:23: util/dwarf-aux.h: In function 'die_get_var_range': util/dwarf-aux.h:183:10: error: 'ENOTSUP' undeclared (first use in this function) 183 | return -ENOTSUP; | ^~~~~~~ Fixes: 782959ac248ac3cb ("perf annotate: Add "update_insn_state" callback function to handle arch specific instruction tracking") Signed-off-by: James Clark Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kajol Jain Cc: Kan Liang Cc: Mark Rutland Cc: Masami Hiramatsu Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20241001123625.1063153-1-james.clark@linaro.org Signed-off-by: Arnaldo Carvalho de Melo commit bcd28cfd04ebd3f871443e4746e511147686e517 Merge: 3ed6be68913b2d 49ebeb0c15e865 Author: Martin KaFai Lau Date: Wed Oct 2 13:48:27 2024 -0700 Merge branch 'bpf: devmap: provide rxq after redirect' Florian Kauer says: ==================== rxq contains a pointer to the device from where the redirect happened. Currently, the BPF program that was executed after a redirect via BPF_MAP_TYPE_DEVMAP* does not have it set. Add bugfix and related selftest. --- Changes in v4: - return -> goto out_close, thanks Toke - Link to v3: https://lore.kernel.org/r/20240909-devel-koalo-fix-ingress-ifindex-v3-0-66218191ecca@linutronix.de Changes in v3: - initialize skel to NULL, thanks Stanislav - Link to v2: https://lore.kernel.org/r/20240906-devel-koalo-fix-ingress-ifindex-v2-0-4caa12c644b4@linutronix.de Changes in v2: - changed fixes tag - added selftest - Link to v1: https://lore.kernel.org/r/20240905-devel-koalo-fix-ingress-ifindex-v1-1-d12a0d74c29c@linutronix.de ==================== Signed-off-by: Martin KaFai Lau commit 49ebeb0c15e86548822a8fc8c5ac34c70709c1aa Author: Florian Kauer Date: Wed Sep 11 10:41:19 2024 +0200 bpf: selftests: send packet to devmap redirect XDP The current xdp_devmap_attach test attaches a program that redirects to another program via devmap. It is, however, never executed, so do that to catch any bugs that might occur during execution. Also, execute the same for a veth pair so that we also cover the non-generic path. Warning: Running this without the bugfix in this series will likely crash your system. Signed-off-by: Florian Kauer Reviewed-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/r/20240911-devel-koalo-fix-ingress-ifindex-v4-2-5c643ae10258@linutronix.de Signed-off-by: Martin KaFai Lau commit ca9984c5f0ab3690d98b13937b2485a978c8dd73 Author: Florian Kauer Date: Wed Sep 11 10:41:18 2024 +0200 bpf: devmap: provide rxq after redirect rxq contains a pointer to the device from where the redirect happened. Currently, the BPF program that was executed after a redirect via BPF_MAP_TYPE_DEVMAP* does not have it set. This is particularly bad since accessing ingress_ifindex, e.g. SEC("xdp") int prog(struct xdp_md *pkt) { return bpf_redirect_map(&dev_redirect_map, 0, 0); } SEC("xdp/devmap") int prog_after_redirect(struct xdp_md *pkt) { bpf_printk("ifindex %i", pkt->ingress_ifindex); return XDP_PASS; } depends on access to rxq, so a NULL pointer gets dereferenced: <1>[ 574.475170] BUG: kernel NULL pointer dereference, address: 0000000000000000 <1>[ 574.475188] #PF: supervisor read access in kernel mode <1>[ 574.475194] #PF: error_code(0x0000) - not-present page <6>[ 574.475199] PGD 0 P4D 0 <4>[ 574.475207] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI <4>[ 574.475217] CPU: 4 UID: 0 PID: 217 Comm: kworker/4:1 Not tainted 6.11.0-rc5-reduced-00859-g780801200300 #23 <4>[ 574.475226] Hardware name: Intel(R) Client Systems NUC13ANHi7/NUC13ANBi7, BIOS ANRPL357.0026.2023.0314.1458 03/14/2023 <4>[ 574.475231] Workqueue: mld mld_ifc_work <4>[ 574.475247] RIP: 0010:bpf_prog_5e13354d9cf5018a_prog_after_redirect+0x17/0x3c <4>[ 574.475257] Code: cc cc cc cc cc cc cc 80 00 00 00 cc cc cc cc cc cc cc cc f3 0f 1e fa 0f 1f 44 00 00 66 90 55 48 89 e5 f3 0f 1e fa 48 8b 57 20 <48> 8b 52 00 8b 92 e0 00 00 00 48 bf f8 a6 d5 c4 5d a0 ff ff be 0b <4>[ 574.475263] RSP: 0018:ffffa62440280c98 EFLAGS: 00010206 <4>[ 574.475269] RAX: ffffa62440280cd8 RBX: 0000000000000001 RCX: 0000000000000000 <4>[ 574.475274] RDX: 0000000000000000 RSI: ffffa62440549048 RDI: ffffa62440280ce0 <4>[ 574.475278] RBP: ffffa62440280c98 R08: 0000000000000002 R09: 0000000000000001 <4>[ 574.475281] R10: ffffa05dc8b98000 R11: ffffa05f577fca40 R12: ffffa05dcab24000 <4>[ 574.475285] R13: ffffa62440280ce0 R14: ffffa62440549048 R15: ffffa62440549000 <4>[ 574.475289] FS: 0000000000000000(0000) GS:ffffa05f4f700000(0000) knlGS:0000000000000000 <4>[ 574.475294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 <4>[ 574.475298] CR2: 0000000000000000 CR3: 000000025522e000 CR4: 0000000000f50ef0 <4>[ 574.475303] PKRU: 55555554 <4>[ 574.475306] Call Trace: <4>[ 574.475313] <4>[ 574.475318] ? __die+0x23/0x70 <4>[ 574.475329] ? page_fault_oops+0x180/0x4c0 <4>[ 574.475339] ? skb_pp_cow_data+0x34c/0x490 <4>[ 574.475346] ? kmem_cache_free+0x257/0x280 <4>[ 574.475357] ? exc_page_fault+0x67/0x150 <4>[ 574.475368] ? asm_exc_page_fault+0x26/0x30 <4>[ 574.475381] ? bpf_prog_5e13354d9cf5018a_prog_after_redirect+0x17/0x3c <4>[ 574.475386] bq_xmit_all+0x158/0x420 <4>[ 574.475397] __dev_flush+0x30/0x90 <4>[ 574.475407] veth_poll+0x216/0x250 [veth] <4>[ 574.475421] __napi_poll+0x28/0x1c0 <4>[ 574.475430] net_rx_action+0x32d/0x3a0 <4>[ 574.475441] handle_softirqs+0xcb/0x2c0 <4>[ 574.475451] do_softirq+0x40/0x60 <4>[ 574.475458] <4>[ 574.475461] <4>[ 574.475464] __local_bh_enable_ip+0x66/0x70 <4>[ 574.475471] __dev_queue_xmit+0x268/0xe40 <4>[ 574.475480] ? selinux_ip_postroute+0x213/0x420 <4>[ 574.475491] ? alloc_skb_with_frags+0x4a/0x1d0 <4>[ 574.475502] ip6_finish_output2+0x2be/0x640 <4>[ 574.475512] ? nf_hook_slow+0x42/0xf0 <4>[ 574.475521] ip6_finish_output+0x194/0x300 <4>[ 574.475529] ? __pfx_ip6_finish_output+0x10/0x10 <4>[ 574.475538] mld_sendpack+0x17c/0x240 <4>[ 574.475548] mld_ifc_work+0x192/0x410 <4>[ 574.475557] process_one_work+0x15d/0x380 <4>[ 574.475566] worker_thread+0x29d/0x3a0 <4>[ 574.475573] ? __pfx_worker_thread+0x10/0x10 <4>[ 574.475580] ? __pfx_worker_thread+0x10/0x10 <4>[ 574.475587] kthread+0xcd/0x100 <4>[ 574.475597] ? __pfx_kthread+0x10/0x10 <4>[ 574.475606] ret_from_fork+0x31/0x50 <4>[ 574.475615] ? __pfx_kthread+0x10/0x10 <4>[ 574.475623] ret_from_fork_asm+0x1a/0x30 <4>[ 574.475635] <4>[ 574.475637] Modules linked in: veth br_netfilter bridge stp llc iwlmvm x86_pkg_temp_thermal iwlwifi efivarfs nvme nvme_core <4>[ 574.475662] CR2: 0000000000000000 <4>[ 574.475668] ---[ end trace 0000000000000000 ]--- Therefore, provide it to the program by setting rxq properly. Fixes: cb261b594b41 ("bpf: Run devmap xdp_prog on flush instead of bulk enqueue") Reviewed-by: Toke Høiland-Jørgensen Signed-off-by: Florian Kauer Acked-by: Jakub Kicinski Link: https://lore.kernel.org/r/20240911-devel-koalo-fix-ingress-ifindex-v4-1-5c643ae10258@linutronix.de Signed-off-by: Martin KaFai Lau commit c66be905cda24fb782b91053b196bd2e966f95b7 Author: Yifei Liu Date: Mon Sep 30 15:40:25 2024 -0700 selftests: breakpoints: use remaining time to check if suspend succeed step_after_suspend_test fails with device busy error while writing to /sys/power/state to start suspend. The test believes it failed to enter suspend state with $ sudo ./step_after_suspend_test TAP version 13 Bail out! Failed to enter Suspend state However, in the kernel message, I indeed see the system get suspended and then wake up later. [611172.033108] PM: suspend entry (s2idle) [611172.044940] Filesystems sync: 0.006 seconds [611172.052254] Freezing user space processes [611172.059319] Freezing user space processes completed (elapsed 0.001 seconds) [611172.067920] OOM killer disabled. [611172.072465] Freezing remaining freezable tasks [611172.080332] Freezing remaining freezable tasks completed (elapsed 0.001 seconds) [611172.089724] printk: Suspending console(s) (use no_console_suspend to debug) [611172.117126] serial 00:03: disabled some other hardware get reconnected [611203.136277] OOM killer enabled. [611203.140637] Restarting tasks ... [611203.141135] usb 1-8.1: USB disconnect, device number 7 [611203.141755] done. [611203.155268] random: crng reseeded on system resumption [611203.162059] PM: suspend exit After investigation, I noticed that for the code block if (write(power_state_fd, "mem", strlen("mem")) != strlen("mem")) ksft_exit_fail_msg("Failed to enter Suspend state\n"); The write will return -1 and errno is set to 16 (device busy). It should be caused by the write function is not successfully returned before the system suspend and the return value get messed when waking up. As a result, It may be better to check the time passed of those few instructions to determine whether the suspend is executed correctly for it is pretty hard to execute those few lines for 5 seconds. The timer to wake up the system is set to expire after 5 seconds and no re-arm. If the timer remaining time is 0 second and 0 nano secomd, it means the timer expired and wake the system up. Otherwise, the system could be considered to enter the suspend state failed if there is any remaining time. After appling this patch, the test would not fail for it believes the system does not go to suspend by mistake. It now could continue to the rest part of the test after suspend. Fixes: bfd092b8c272 ("selftests: breakpoint: add step_after_suspend_test") Reported-by: Sinadin Shan Signed-off-by: Yifei Liu Signed-off-by: Shuah Khan commit a19008256d05e726f29f43c6a307e45482c082c3 Author: Alessandro Zanni Date: Tue Aug 6 14:14:50 2024 +0200 kselftest/devices/probe: Fix SyntaxWarning in regex strings for Python3 Insert raw strings to prevent Python3 from interpreting string literals as Unicode strings and "\d" as invalid escaped sequence. Fix the warnings: tools/testing/selftests/devices/probe/test_discoverable_devices.py:48: SyntaxWarning: invalid escape sequence '\d' usb_controller_sysfs_dir = "usb[\d]+" tools/testing/selftests/devices/probe/test_discoverable_devices.py: 94: SyntaxWarning: invalid escape sequence '\d' re_usb_version = re.compile("PRODUCT=.*/(\d)/.*") Fixes: dacf1d7a78bf ("kselftest: Add test to verify probe of devices from discoverable buses") Reviewed-by: Nícolas F. R. A. Prado Signed-off-by: Alessandro Zanni Signed-off-by: Shuah Khan commit 33027006ecf3f4204de54c446b1fe9b770e99f44 Author: Jaroslav Kysela Date: Wed Oct 2 17:15:36 2024 +0200 MAINTAINERS: ALSA: use linux-sound@vger.kernel.org list We are now using the linux-sound@vger.kernel.org list for kernel related work. This patch converts all remaining entries that reference the former alsa-devel mailing list. All ALSA developers should subscribe to the linux-sound mailing list. Thank you. Cc: linux-kernel@vger.kernel.org Cc: Ban Tao Cc: Lars-Peter Clausen Cc: Nuno Sá Cc: Johannes Berg Cc: Jerome Brunet Cc: Martin Povišer Cc: Peter Rosin Cc: Clemens Ladisch Cc: Takashi Sakamoto Cc: Geoffrey D. Bennett Cc: Shengjiu Wang Cc: Xiubo Li Cc: Fabio Estevam Cc: Nicolin Chen Cc: J.M.B. Downing Cc: Piotr Wojtaszczyk Cc: Vladimir Zapolskiy Cc: Herve Codina Cc: Cezary Rojewski Cc: Liam Girdwood Cc: Peter Ujfalusi Cc: Bard Liao Cc: Ranjani Sridharan Cc: Kai Vehmanen Cc: Pierre-Louis Bossart Cc: Kiseok Jo Cc: Claudiu Beznea Cc: Daniel Mack Cc: Stephan Gerhold Cc: Peter Ujfalusi Cc: Jarkko Nikula Cc: Srinivas Kandagatla Cc: Sylwester Nawrocki Cc: Vinod Koul Cc: Sanyog Kale Cc: Arnaud Pouliquen Cc: Olivier Moysan Cc: Shenghao Ding Cc: Kevin Lu Cc: Baojun Xu Cc: M R Swami Reddy Cc: Vishwas A Deshpande Cc: Kirill Marinushkin Cc: Kevin Cernekee Cc: Anton Yakovlev Cc: "Michael S. Tsirkin" Cc: Oleksandr Andrushchenko Signed-off-by: Jaroslav Kysela Link: https://patch.msgid.link/20241002151536.1855793-1-perex@perex.cz Signed-off-by: Takashi Iwai commit f23aa4c0761a70bfd046dd5755281667f0769a94 Merge: 0d2746a208ea5f acd5f76fd5292c Author: Linus Torvalds Date: Wed Oct 2 12:30:25 2024 -0700 Merge tag 'hid-for-linus-2024090201' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid Pull HID fix from Benjamin Tissoires: - A small fix from the new HID-BPF code. The HID-BPF CI started failing completely because the BPF tree is now stricter, exposing a problem in the hid_bpf_ops. * tag 'hid-for-linus-2024090201' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid: HID: bpf: fix cfi stubs for hid_bpf_ops commit 0c436dfe5c25d0931b164b944165259f95e5281f Merge: 3f7f36a4559ef7 eb1df4bbf53c29 Author: Takashi Iwai Date: Wed Oct 2 21:29:16 2024 +0200 Merge tag 'asoc-fix-v6.12-rc1' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus ASoC: Fixes for v6.12 A bunch of fixes here that came in during the merge window and the first week of release, plus some new quirks and device IDs. There's nothing major here, it's a bit bigger than it might've been due to there being no fixes sent during the merge window due to your vacation. commit 0d2746a208ea5faaaccf9a5e97ad214cff0942f5 Merge: 359cdf5a328360 c684771630e64b Author: Linus Torvalds Date: Wed Oct 2 12:18:02 2024 -0700 Merge tag 'input-for-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input Pull input fixes from Dmitry Torokhov: - a couple fixups for adp5589-keys driver - recently added driver for PixArt PS/2 touchpads is dropped temporarily because its detection routine is too greedy and mis-identifies devices from other vendors as PixArt devices * tag 'input-for-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: Input: adp5589-keys - fix adp5589_gpio_get_value() Input: adp5589-keys - fix NULL pointer dereference Revert "Input: Add driver for PixArt PS/2 touchpad" commit 359cdf5a328360fdc41e5ca979f22625f4aceb44 Merge: 27af290f1636c9 f811b83879fb67 Author: Linus Torvalds Date: Wed Oct 2 12:05:13 2024 -0700 Merge tag 'for-6.12/dm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm Pull device mapper fixes from Mikulas Patocka: "Revert the patch that made dm-verity restart or panic on I/O errors, and instead add new explicit options for people who want that behavior" * tag 'for-6.12/dm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm: dm-verity: introduce the options restart_on_error and panic_on_error Revert: "dm-verity: restart or panic on an I/O error" commit 27af290f1636c9784dbbdd860677aaf57355ff90 Merge: e32cde8d2bd7d2 c4b3c1332f55c4 Author: Linus Torvalds Date: Wed Oct 2 12:02:15 2024 -0700 Merge tag 'zonefs-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs Pull zonefs update from Damien Le Moal: - Add support for the FS_IOC_GETFSSYSFSPATH ioctl * tag 'zonefs-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs: zonefs: add support for FS_IOC_GETFSSYSFSPATH commit 76959aff14a0012ad6b984ec7686d163deccdc16 Author: Armin Wolf Date: Tue Oct 1 23:28:34 2024 +0200 ACPI: battery: Fix possible crash when unregistering a battery hook When a battery hook returns an error when adding a new battery, then the battery hook is automatically unregistered. However the battery hook provider cannot know that, so it will later call battery_hook_unregister() on the already unregistered battery hook, resulting in a crash. Fix this by using the list head to mark already unregistered battery hooks as already being unregistered so that they can be ignored by battery_hook_unregister(). Fixes: fa93854f7a7e ("battery: Add the battery hooking API") Signed-off-by: Armin Wolf Link: https://patch.msgid.link/20241001212835.341788-3-W_Armin@gmx.de Cc: All applicable Signed-off-by: Rafael J. Wysocki commit 86309cbed26139e1caae7629dcca1027d9a28e75 Author: Armin Wolf Date: Tue Oct 1 23:28:33 2024 +0200 ACPI: battery: Simplify battery hook locking Move the conditional locking from __battery_hook_unregister() into battery_hook_unregister() and rename the low-level function to simplify the locking during battery hook removal. Reviewed-by: Ilpo Järvinen Reviewed-by: Pali Rohár Signed-off-by: Armin Wolf Link: https://patch.msgid.link/20241001212835.341788-2-W_Armin@gmx.de Signed-off-by: Rafael J. Wysocki commit b9efb5960ce4634010fc6f9b6c7f803345e733fc Author: Arnaldo Carvalho de Melo Date: Mon Sep 30 21:22:52 2024 -0300 tools headers arm64: Sync arm64's cputype.h with the kernel sources To get the changes in: db0d8a84348b876d ("arm64: errata: Enable the AC03_CPU_38 workaround for ampere1a") That makes this perf source code to be rebuilt: CC /tmp/build/perf-tools/util/arm-spe.o The changes in the above patch add MIDR_AMPERE1A, used in arm-spe.c, so probably we need to add it to that array? Or maybe we need to leave this for later when this is all tested on those machines? static const struct midr_range neoverse_spe[] = { MIDR_ALL_VERSIONS(MIDR_NEOVERSE_N1), MIDR_ALL_VERSIONS(MIDR_NEOVERSE_N2), MIDR_ALL_VERSIONS(MIDR_NEOVERSE_V1), {}, }; Mark Rutland recommended about arm-spe.c in a previous update to this file: "I would not touch this for now -- someone would have to go audit the TRMs to check that those other cores have the same encoding, and I think it'd be better to do that as a follow-up." That addresses this perf build warning: Warning: Kernel ABI header differences: diff -u tools/arch/arm64/include/asm/cputype.h arch/arm64/include/asm/cputype.h Cc: Adrian Hunter Cc: D Scott Phillips Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Will Deacon Link: https://lore.kernel.org/lkml/ZvtFu7J-Awy2zuEJ@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 36110669ddf832e6c9ceba4dd203749d5be31d31 Author: Arnaldo Carvalho de Melo Date: Mon Sep 30 17:13:48 2024 -0300 perf tools: Cope with differences for lib/list_sort.c copy from the kernel With 6d74e1e371d43a7b ("tools/lib/list_sort: remove redundant code for cond_resched handling") we need to use the newly added hunk based exceptions when comparing the copy we carry in tools/lib/ to the original file, do it by adding the hunks that we know will be the expected diff. If at some point the original file is updated in other parts, then we should flag and check the file for update. Acked-by: Kuan-Wei Chiu Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Andrew Morton Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Link: https://lore.kernel.org/lkml/20240930202136.16904-3-acme@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit cd46ea5ab48667e9522608533b9a24e3028fa368 Author: Arnaldo Carvalho de Melo Date: Mon Sep 30 17:07:28 2024 -0300 tools check_headers.sh: Add check variant that excludes some hunks With 6d74e1e371d43a7b ("tools/lib/list_sort: remove redundant code for cond_resched handling") we end up with a multi-line variation in the merge_final() implementation, one that the simple line based exceptions we had so far can't cope. Thus this check has been failing: Warning: Kernel ABI header differences: diff -u tools/lib/list_sort.c lib/list_sort.c So add a new check routine that uses grep -vf to exclude some hunks that we store in the tools/perf/check-header_ignore_hunks/ directory. This first patch is just the new check routine, the next one will use it to check lib/list_sort.c. Acked-by: Kuan-Wei Chiu Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Andrew Morton Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Link: https://lore.kernel.org/lkml/20240930202136.16904-2-acme@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit eb1df4bbf53c29babf68fcb36e80d9c62a345257 Merge: 2c0b2b484b1640 b97bc0656a66f8 Author: Mark Brown Date: Wed Oct 2 18:38:11 2024 +0100 qrb4210-rb2: add HDMI audio playback support Merge series from Alexey Klimov : This series still keeps "qcom,qrb4210-rb2-sndcard" for sm8250 soundcard. As per off the list discussion with Srini it was suggested to have it since in future it may be required to add clocks, workarounds, quirks, model-specific things based on this compatible. The same as for RB5 compatible in sm8250 snd driver. This focuses on HDMI audio playback only hence there are no soundwire and dmic pins, for instance. The work to enable playback via wcd+wsa8815 amplifier is in progress (it works) and one of the routes is to merge such two patchsets together. Link to prev series: https://lore.kernel.org/linux-sound/20240628010715.438471-1-alexey.klimov@linaro.org/ commit fcbc423577ce28b5e470a2a47fed6724430cccdb Author: Vishal Chourasia Date: Wed Oct 2 12:38:06 2024 +0530 sched_ext: Add __weak markers to BPF helper function decalarations Fix build errors by adding __weak markers to BPF helper function declarations in header files. This resolves static assertion failures in scx_qmap.bpf.c and scx_flatcg.bpf.c where functions like scx_bpf_dispatch_from_dsq_set_slice, scx_bpf_dispatch_from_dsq_set_vtime, and scx_bpf_task_cgroup were missing the __weak attribute. [1] https://lore.kernel.org/all/ZvvfUqRNM4-jYQzH@linux.ibm.com Signed-off-by: Vishal Chourasia Signed-off-by: Tejun Heo commit 3f7f36a4559ef78a6418c5f0447fbfbdcf671956 Author: Takashi Iwai Date: Wed Oct 2 17:59:39 2024 +0200 Revert "ALSA: hda: Conditionally use snooping for AMD HDMI" This reverts commit 478689b5990deb626a0b3f1ebf165979914d6be4. The fix seems leading to regressions for other systems. Also, the way to check the presence of IOMMU via get_dma_ops() isn't reliable and it's no longer applicable for 6.12. After all, it's no right fix, so let's revert it at first. To be noted, the PCM buffer allocation has been changed to try the continuous pages at first since 6.12, so the problem could be already addressed without this hackish workaround. Reported-by: Salvatore Bonaccorso Closes: https://lore.kernel.org/ZvgCdYfKgwHpJXGE@eldamar.lan Link: https://patch.msgid.link/20241002155948.4859-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 9286a191abe2ea01b34be577e8a09a412dcbb644 Author: Matthew Brost Date: Wed Oct 2 06:16:39 2024 -0700 drm/xe: Drop GuC submit_wq pool Now that drm sched uses a single lockdep map for all submit_wq, drop the GuC submit_wq pool hack. Signed-off-by: Matthew Brost Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20241002131639.3425022-3-matthew.brost@intel.com Signed-off-by: Maarten Lankhorst Acked-by: Thomas Hellström commit 34f50cc6441b7fee4a86495d5ef43da5d254bad9 Author: Matthew Brost Date: Wed Oct 2 06:16:38 2024 -0700 drm/sched: Use drm sched lockdep map for submit_wq Avoid leaking a lockdep map on each drm sched creation and destruction by using a single lockdep map for all drm sched allocated submit_wq. v2: - Use alloc_ordered_workqueue_lockdep_map (Tejun) Cc: Luben Tuikov Cc: Christian König Signed-off-by: Matthew Brost Reviewed-by: Nirmoy Das Acked-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20241002131639.3425022-2-matthew.brost@intel.com Signed-off-by: Maarten Lankhorst commit 1ca4169c391c370e0f3a92938df2862900575096 Author: David Howells Date: Wed Oct 2 15:45:50 2024 +0100 netfs: Fix missing wakeup after issuing writes After dividing up a proposed write into subrequests, netfslib sets NETFS_RREQ_ALL_QUEUED to indicate to the collector that it can move on to the final cleanup once it has emptied the subrequest queues. Now, whilst the collector will normally end up running at least once after this bit is set just because it takes a while to process all the write subrequests before the collector runs out of subrequests, there exists the possibility that the issuing thread will be forced to sleep and the collector thread will clean up all the subrequests before ALL_QUEUED gets set. In such a case, the collector thread will not get triggered again and will never clear NETFS_RREQ_IN_PROGRESS thus leaving a request uncompleted and causing a potential futute hang. Fix this by scheduling the write collector if all the subrequest queues are empty (and thus no writes pending issuance). Note that we'd do this ideally before queuing the subrequest, but in the case of buffered writeback, at least, we can't find out that we've run out of folios until after we've called writeback_iter() and it has returned NULL - at which point we might not actually have any subrequests still under construction. Fixes: 288ace2f57c9 ("netfs: New writeback implementation") Signed-off-by: David Howells Link: https://lore.kernel.org/r/3317784.1727880350@warthog.procyon.org.uk cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Signed-off-by: Christian Brauner commit cac39b0706f186ce01b9dd1c3802846528d1bbca Author: Vlastimil Babka Date: Tue Oct 1 18:20:49 2024 +0200 slub/kunit: skip test_kfree_rcu when the slub kunit test is built-in Guenter Roeck reports that the new slub kunit tests added by commit 4e1c44b3db79 ("kunit, slub: add test_kfree_rcu() and test_leak_destroy()") cause a lockup on boot on several architectures when the kunit tests are configured to be built-in and not modules. The test_kfree_rcu test invokes kfree_rcu() and boot sequence inspection showed the runner for built-in kunit tests kunit_run_all_tests() is called before setting system_state to SYSTEM_RUNNING and calling rcu_end_inkernel_boot(), so this seems like a likely cause. So while I was unable to reproduce the problem myself, skipping the test when the slub_kunit module is built-in should avoid the issue. An alternative fix that was moving the call to kunit_run_all_tests() a bit later in the boot was tried, but has broken tests with functions marked as __init due to free_initmem() already being done. Fixes: 4e1c44b3db79 ("kunit, slub: add test_kfree_rcu() and test_leak_destroy()") Reported-by: Guenter Roeck Closes: https://lore.kernel.org/all/6fcb1252-7990-4f0d-8027-5e83f0fb9409@roeck-us.net/ Cc: Paul E. McKenney Cc: Boqun Feng Cc: Uladzislau Rezki Cc: rcu@vger.kernel.org Cc: Brendan Higgins Cc: David Gow Cc: Rae Moar Cc: linux-kselftest@vger.kernel.org Cc: kunit-dev@googlegroups.com Tested-by: Guenter Roeck Signed-off-by: Vlastimil Babka commit 3f1dd33f99677e7025b45a2b8d2baa04985ff4dc Author: Vlastimil Babka Date: Tue Oct 1 18:20:48 2024 +0200 mm, slab: suppress warnings in test_leak_destroy kunit test The test_leak_destroy kunit test intends to test the detection of stray objects in kmem_cache_destroy(), which normally produces a warning. The other slab kunit tests suppress the warnings in the kunit test context, so suppress warnings and related printk output in this test as well. Automated test running environments then don't need to learn to filter the warnings. Also rename the test's kmem_cache, the name was wrongly copy-pasted from test_kfree_rcu. Fixes: 4e1c44b3db79 ("kunit, slub: add test_kfree_rcu() and test_leak_destroy()") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202408251723.42f3d902-oliver.sang@intel.com Reported-by: Hyeonggon Yoo <42.hyeyoo@gmail.com> Closes: https://lore.kernel.org/all/CAB=+i9RHHbfSkmUuLshXGY_ifEZg9vCZi3fqr99+kmmnpDus7Q@mail.gmail.com/ Reported-by: Guenter Roeck Closes: https://lore.kernel.org/all/6fcb1252-7990-4f0d-8027-5e83f0fb9409@roeck-us.net/ Tested-by: Guenter Roeck Reviewed-by: Hyeonggon Yoo <42.hyeyoo@gmail.com> Signed-off-by: Vlastimil Babka commit f811b83879fb6717cdb288e34253cf26d135b019 Author: Mikulas Patocka Date: Wed Oct 2 16:03:41 2024 +0200 dm-verity: introduce the options restart_on_error and panic_on_error This patch introduces the options restart_on_error and panic_on_error on dm-verity. Previously, restarting on error was handled by the patch e6a3531dd542cb127c8de32ab1e54a48ae19962b, but Google engineers wanted to have a special option for it. Signed-off-by: Mikulas Patocka Suggested-by: Sami Tolvanen Suggested-by: Will Drewry commit 462763212dd71c41f092b48eaa352bc1f5ed5d66 Author: Mikulas Patocka Date: Wed Oct 2 15:56:18 2024 +0200 Revert: "dm-verity: restart or panic on an I/O error" This reverts commit e6a3531dd542cb127c8de32ab1e54a48ae19962b. The problem that the commit e6a3531dd542cb127c8de32ab1e54a48ae19962b fixes was reported as a security bug, but Google engineers working on Android and ChromeOS didn't want to change the default behavior, they want to get -EIO rather than restarting the system, so I am reverting that commit. Note also that calling machine_restart from the I/O handling code is potentially unsafe (the reboot notifiers may wait for the bio that triggered the restart), but Android uses the reboot notifiers to store the reboot reason into the PMU microcontroller, so machine_restart must be used. Signed-off-by: Mikulas Patocka Cc: stable@vger.kernel.org Fixes: e6a3531dd542 ("dm-verity: restart or panic on an I/O error") Suggested-by: Sami Tolvanen Suggested-by: Will Drewry commit 9af48210ea5f1539e1999154b0acd343efdb370b Author: Lukas Bulwahn Date: Mon Sep 30 11:06:50 2024 +0200 xen: Fix config option reference in XEN_PRIVCMD definition Commit 2fae6bb7be32 ("xen/privcmd: Add new syscall to get gsi from dev") adds a weak reverse dependency to the config XEN_PRIVCMD definition, referring to CONFIG_XEN_PCIDEV_BACKEND. In Kconfig files, one refers to config options without the CONFIG prefix, though. So in its current form, this does not create the reverse dependency as intended, but is an attribute with no effect. Refer to the intended config option XEN_PCIDEV_BACKEND in the XEN_PRIVCMD definition. Fixes: 2fae6bb7be32 ("xen/privcmd: Add new syscall to get gsi from dev") Signed-off-by: Lukas Bulwahn Reviewed-by: Juergen Gross Message-ID: <20240930090650.429813-1-lukas.bulwahn@redhat.com> Signed-off-by: Juergen Gross commit 393c554093c0c4cbc8e2f178d36df169016384da Author: Rosen Penev Date: Tue Oct 1 14:27:22 2024 -0700 pinctrl: aw9523: add missing mutex_destroy Otherwise the mutex remains after a failed kzalloc. Signed-off-by: Rosen Penev Link: https://lore.kernel.org/20241001212724.309320-1-rosenp@gmail.com Signed-off-by: Linus Walleij commit 6d6e54fc71ad1ab0a87047fd9c211e75d86084a3 Author: Chun-Yi Lee Date: Wed Oct 2 11:54:58 2024 +0800 aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 ("aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts") makes tx() calling dev_put() instead of doing in aoecmd_cfg_pkts(). It avoids that the tx() runs into use-after-free. Then Nicolai Stange found more places in aoe have potential use-after-free problem with tx(). e.g. revalidate(), aoecmd_ata_rw(), resend(), probe() and aoecmd_cfg_rsp(). Those functions also use aoenet_xmit() to push packet to tx queue. So they should also use dev_hold() to increase the refcnt of skb->dev. On the other hand, moving dev_put() to tx() causes that the refcnt of skb->dev be reduced to a negative value, because corresponding dev_hold() are not called in revalidate(), aoecmd_ata_rw(), resend(), probe(), and aoecmd_cfg_rsp(). This patch fixed this issue. Cc: stable@vger.kernel.org Link: https://nvd.nist.gov/vuln/detail/CVE-2023-6270 Fixes: f98364e92662 ("aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts") Reported-by: Nicolai Stange Signed-off-by: Chun-Yi Lee Link: https://lore.kernel.org/stable/20240624064418.27043-1-jlee%40suse.com Link: https://lore.kernel.org/r/20241002035458.24401-1-jlee@suse.com Signed-off-by: Jens Axboe commit 14d57ec3b86369d0037567f12caae0c9e9eaad9e Author: Dan Carpenter Date: Wed Oct 2 13:47:21 2024 +0300 blk_iocost: remove some duplicate irq disable/enables These are called from blkcg_print_blkgs() which already disables IRQs so disabling it again is wrong. It means that IRQs will be enabled slightly earlier than intended, however, so far as I can see, this bug is harmless. Fixes: 35198e323001 ("blk-iocost: read params inside lock in sysfs apis") Signed-off-by: Dan Carpenter Reviewed-by: Christoph Hellwig Link: https://lore.kernel.org/r/Zv0kudA9xyGdaA4g@stanley.mountain Signed-off-by: Jens Axboe commit 6eabf656048d904d961584de2e1d45bc0854f9fb Author: Charlie Jenkins Date: Tue Sep 3 16:36:19 2024 -0700 irqchip/sifive-plic: Return error code on failure Set error to -ENOMEM if kcalloc() fails or if irq_domain_add_linear() fails inside of plic_probe() instead of returning 0. Fixes: 4d936f10ff80 ("irqchip/sifive-plic: Probe plic driver early for Allwinner D1 platform") Reported-by: kernel test robot Reported-by: Dan Carpenter Signed-off-by: Charlie Jenkins Signed-off-by: Thomas Gleixner Reviewed-by: Anup Patel Reviewed-by: Alexandre Ghiti Cc: stable@vger.kernel.org Link: https://lore.kernel.org/all/20240903-correct_error_codes_sifive_plic-v1-1-d929b79663a2@rivosinc.com Closes: https://lore.kernel.org/r/202409031122.yBh8HrxA-lkp@intel.com/ commit 0ab42843003f27db509e42f2060bb3fa6ffad38d Author: Keith Busch Date: Sun Sep 22 07:18:00 2024 -0700 block: fix blk_rq_map_integrity_sg kernel-doc Fix the documentation to match the new function signature. Fixes: 76c313f658d2752 ("blk-integrity: improved sg segment mapping") Signed-off-by: Keith Busch Reviewed-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240922141800.3622319-1-kbusch@meta.com Signed-off-by: Jens Axboe commit cad3f4a22cfa4081cc2d465d1118cf31708fd82b Author: Lizhi Xu Date: Fri Sep 27 22:36:42 2024 +0800 inotify: Fix possible deadlock in fsnotify_destroy_mark [Syzbot reported] WARNING: possible circular locking dependency detected 6.11.0-rc4-syzkaller-00019-gb311c1b497e5 #0 Not tainted ------------------------------------------------------ kswapd0/78 is trying to acquire lock: ffff88801b8d8930 (&group->mark_mutex){+.+.}-{3:3}, at: fsnotify_group_lock include/linux/fsnotify_backend.h:270 [inline] ffff88801b8d8930 (&group->mark_mutex){+.+.}-{3:3}, at: fsnotify_destroy_mark+0x38/0x3c0 fs/notify/mark.c:578 but task is already holding lock: ffffffff8ea2fd60 (fs_reclaim){+.+.}-{0:0}, at: balance_pgdat mm/vmscan.c:6841 [inline] ffffffff8ea2fd60 (fs_reclaim){+.+.}-{0:0}, at: kswapd+0xbb4/0x35a0 mm/vmscan.c:7223 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (fs_reclaim){+.+.}-{0:0}: ... kmem_cache_alloc_noprof+0x3d/0x2a0 mm/slub.c:4044 inotify_new_watch fs/notify/inotify/inotify_user.c:599 [inline] inotify_update_watch fs/notify/inotify/inotify_user.c:647 [inline] __do_sys_inotify_add_watch fs/notify/inotify/inotify_user.c:786 [inline] __se_sys_inotify_add_watch+0x72e/0x1070 fs/notify/inotify/inotify_user.c:729 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f -> #0 (&group->mark_mutex){+.+.}-{3:3}: ... __mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752 fsnotify_group_lock include/linux/fsnotify_backend.h:270 [inline] fsnotify_destroy_mark+0x38/0x3c0 fs/notify/mark.c:578 fsnotify_destroy_marks+0x14a/0x660 fs/notify/mark.c:934 fsnotify_inoderemove include/linux/fsnotify.h:264 [inline] dentry_unlink_inode+0x2e0/0x430 fs/dcache.c:403 __dentry_kill+0x20d/0x630 fs/dcache.c:610 shrink_kill+0xa9/0x2c0 fs/dcache.c:1055 shrink_dentry_list+0x2c0/0x5b0 fs/dcache.c:1082 prune_dcache_sb+0x10f/0x180 fs/dcache.c:1163 super_cache_scan+0x34f/0x4b0 fs/super.c:221 do_shrink_slab+0x701/0x1160 mm/shrinker.c:435 shrink_slab+0x1093/0x14d0 mm/shrinker.c:662 shrink_one+0x43b/0x850 mm/vmscan.c:4815 shrink_many mm/vmscan.c:4876 [inline] lru_gen_shrink_node mm/vmscan.c:4954 [inline] shrink_node+0x3799/0x3de0 mm/vmscan.c:5934 kswapd_shrink_node mm/vmscan.c:6762 [inline] balance_pgdat mm/vmscan.c:6954 [inline] kswapd+0x1bcd/0x35a0 mm/vmscan.c:7223 [Analysis] The problem is that inotify_new_watch() is using GFP_KERNEL to allocate new watches under group->mark_mutex, however if dentry reclaim races with unlinking of an inode, it can end up dropping the last dentry reference for an unlinked inode resulting in removal of fsnotify mark from reclaim context which wants to acquire group->mark_mutex as well. This scenario shows that all notification groups are in principle prone to this kind of a deadlock (previously, we considered only fanotify and dnotify to be problematic for other reasons) so make sure all allocations under group->mark_mutex happen with GFP_NOFS. Reported-and-tested-by: syzbot+c679f13773f295d2da53@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=c679f13773f295d2da53 Signed-off-by: Lizhi Xu Reviewed-by: Amir Goldstein Signed-off-by: Jan Kara Link: https://patch.msgid.link/20240927143642.2369508-1-lizhi.xu@windriver.com commit 4a1361e9a5c5dbb5c9f647762ae0cb1a605101fa Author: Andrew Jones Date: Mon Sep 9 10:56:11 2024 +0200 irqchip/riscv-imsic: Fix output text of base address The "per-CPU IDs ... at base ..." info log is outputting a physical address, not a PPN. Fixes: 027e125acdba ("irqchip/riscv-imsic: Add device MSI domain support for platform devices") Signed-off-by: Andrew Jones Signed-off-by: Thomas Gleixner Reviewed-by: Anup Patel Link: https://lore.kernel.org/all/20240909085610.46625-2-ajones@ventanamicro.com commit 35ceae44742e1101f9d20adadbbbd92c05d7d659 Author: Jan Kara Date: Wed Jul 17 16:06:23 2024 +0200 fsnotify: Avoid data race between fsnotify_recalc_mask() and fsnotify_object_watched() When __fsnotify_recalc_mask() recomputes the mask on the watched object, the compiler can "optimize" the code to perform partial updates to the mask (including zeroing it at the beginning). Thus places checking the object mask without conn->lock such as fsnotify_object_watched() could see invalid states of the mask. Make sure the mask update is performed by one memory store using WRITE_ONCE(). Reported-by: syzbot+701037856c25b143f1ad@syzkaller.appspotmail.com Reported-by: Dmitry Vyukov Link: https://lore.kernel.org/all/CACT4Y+Zk0ohwwwHSD63U2-PQ=UuamXczr1mKBD6xtj2dyYKBvA@mail.gmail.com Signed-off-by: Jan Kara Reviewed-by: Josef Bacik Link: https://patch.msgid.link/20240717140623.27768-1-jack@suse.cz commit 7f1f78b903c933617cbd352f9eafe9e3644f3b92 Author: Sergey Matsievskiy Date: Wed Sep 25 21:44:16 2024 +0300 irqchip/ocelot: Comment sticky register clearing code Add comment to the sticky register clearing code. Signed-off-by: Sergey Matsievskiy Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240925184416.54204-3-matsievskiysv@gmail.com commit 9e9c4666abb5bb444dac37e2d7eb5250c8d52a45 Author: Sergey Matsievskiy Date: Wed Sep 25 21:44:15 2024 +0300 irqchip/ocelot: Fix trigger register address Controllers, supported by this driver, have two sets of registers: * (main) interrupt registers control peripheral interrupt sources. * device interrupt registers configure per-device (network interface) interrupts and act as an extra stage before the main interrupt registers. In the driver unmask code, device trigger registers are used in the mask calculation of the main interrupt sticky register, mixing two kinds of registers. Use the main interrupt trigger register instead. Signed-off-by: Sergey Matsievskiy Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240925184416.54204-2-matsievskiysv@gmail.com commit 5fd7e1ee09afd1546b92615123d718ad6c8c5baf Author: Lukas Bulwahn Date: Thu Sep 26 14:55:02 2024 +0200 irqchip: Remove obsolete config ARM_GIC_V3_ITS_PCI Commit b5712bf89b4b ("irqchip/gic-v3-its: Provide MSI parent for PCI/MSI[-X]") moves the functionality of irq-gic-v3-its-pci-msi.c into irq-gic-v3-its-msi-parent.c, and drops the former file. With that, the config option ARM_GIC_V3_ITS_PCI is obsolete, but the definition of that config was not removed in the commit above. Remove this obsolete config ARM_GIC_V3_ITS_PCI. Signed-off-by: Lukas Bulwahn Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240926125502.363364-1-lukas.bulwahn@redhat.com commit 2c0b2b484b164072ba6cf52af1bde85158fc75d4 Author: Charles Han Date: Wed Sep 25 16:00:30 2024 +0800 ASoC: intel: sof_sdw: Add check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fixes: b359760d95ee ("ASoC: intel: sof_sdw: Add simple DAI link creation helper") Signed-off-by: Charles Han Link: https://patch.msgid.link/20240925080030.11262-1-hanchunchao@inspur.com Signed-off-by: Mark Brown commit 47d7d3fd72afc7dcd548806291793ee6f3848215 Author: Hui Wang Date: Wed Oct 2 10:56:59 2024 +0800 ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m In most Linux distribution kernels, the SND is set to m, in such a case, when booting the kernel on i.MX8MP EVK board, there is a warning calltrace like below: Call trace: snd_card_init+0x484/0x4cc [snd] snd_card_new+0x70/0xa8 [snd] snd_soc_bind_card+0x310/0xbd0 [snd_soc_core] snd_soc_register_card+0xf0/0x108 [snd_soc_core] devm_snd_soc_register_card+0x4c/0xa4 [snd_soc_core] That is because the card.owner is not set, a warning calltrace is raised in the snd_card_init() due to it. Fixes: aa736700f42f ("ASoC: imx-card: Add imx-card machine driver") Signed-off-by: Hui Wang Link: https://patch.msgid.link/20241002025659.723544-1-hui.wang@canonical.com Signed-off-by: Mark Brown commit 17d8adc4cd5181c13c1041b197b76efc09eaf8a8 Author: Miquel Raynal Date: Tue Oct 1 22:47:49 2024 +0200 ASoC: dt-bindings: davinci-mcasp: Fix interrupts property My understanding of the interrupts property is that it can either be: 1/ - TX 2/ - TX - RX 3/ - Common/combined. There are very little chances that either: - TX - Common/combined or even - TX - RX - Common/combined could be a thing. Looking at the interrupt-names definition (which uses oneOf instead of anyOf), it makes indeed little sense to use anyOf in the interrupts definition. I believe this is just a mistake, hence let's fix it. Fixes: 8be90641a0bb ("ASoC: dt-bindings: davinci-mcasp: convert McASP bindings to yaml schema") Signed-off-by: Miquel Raynal Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20241001204749.390054-1-miquel.raynal@bootlin.com Signed-off-by: Mark Brown commit b97bc0656a66f89f78098d4d72dc04fa9518ab11 Author: Alexey Klimov Date: Wed Oct 2 03:20:10 2024 +0100 ASoC: qcom: sm8250: add qrb4210-rb2-sndcard compatible string Add "qcom,qrb4210-rb2-sndcard" to the list of recognizable devices. Signed-off-by: Alexey Klimov Link: https://patch.msgid.link/20241002022015.867031-3-alexey.klimov@linaro.org Signed-off-by: Mark Brown commit bbd1e5ea66f6ca88624faefe0a153637f53ad15d Author: Alexey Klimov Date: Wed Oct 2 03:20:09 2024 +0100 ASoC: dt-bindings: qcom,sm8250: add qrb4210-rb2-sndcard Add adsp-backed soundcard compatible for QRB4210 RB2 platform, which as of now looks fully compatible with SM8250. Signed-off-by: Alexey Klimov Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20241002022015.867031-2-alexey.klimov@linaro.org Signed-off-by: Mark Brown commit 264db9d666ad9a35075cc9ed9ec09d021580fbb1 Author: Gianfranco Trad Date: Wed Sep 25 09:46:15 2024 +0200 udf: fix uninit-value use in udf_get_fileshortad Check for overflow when computing alen in udf_current_aext to mitigate later uninit-value use in udf_get_fileshortad KMSAN bug[1]. After applying the patch reproducer did not trigger any issue[2]. [1] https://syzkaller.appspot.com/bug?extid=8901c4560b7ab5c2f9df [2] https://syzkaller.appspot.com/x/log.txt?x=10242227980000 Reported-by: syzbot+8901c4560b7ab5c2f9df@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=8901c4560b7ab5c2f9df Tested-by: syzbot+8901c4560b7ab5c2f9df@syzkaller.appspotmail.com Suggested-by: Jan Kara Signed-off-by: Gianfranco Trad Signed-off-by: Jan Kara Link: https://patch.msgid.link/20240925074613.8475-3-gianf.trad@gmail.com commit c226964ec786f3797ed389a16392ce4357697d24 Author: Zhao Mengmeng Date: Tue Oct 1 19:54:25 2024 +0800 udf: refactor inode_bmap() to handle error Refactor inode_bmap() to handle error since udf_next_aext() can return error now. On situations like ftruncate, udf_extend_file() can now detect errors and bail out early without resorting to checking for particular offsets and assuming internal behavior of these functions. Reported-by: syzbot+7a4842f0b1801230a989@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=7a4842f0b1801230a989 Tested-by: syzbot+7a4842f0b1801230a989@syzkaller.appspotmail.com Signed-off-by: Zhao Mengmeng Suggested-by: Jan Kara Signed-off-by: Jan Kara Link: https://patch.msgid.link/20241001115425.266556-4-zhaomzhao@126.com commit b405c1e58b73981da0f8df03b00666b22b9397ae Author: Zhao Mengmeng Date: Tue Oct 1 19:54:24 2024 +0800 udf: refactor udf_next_aext() to handle error Since udf_current_aext() has error handling, udf_next_aext() should have error handling too. Besides, when too many indirect extents found in one inode, return -EFSCORRUPTED; when reading block failed, return -EIO. Signed-off-by: Zhao Mengmeng Suggested-by: Jan Kara Signed-off-by: Jan Kara Link: https://patch.msgid.link/20241001115425.266556-3-zhaomzhao@126.com commit df5215618fbe425875336d3a2d31bd599ae8c401 Author: Jaroslav Kysela Date: Wed Oct 2 10:13:06 2024 +0200 ALSA: hda: fix trigger_tstamp_latched When the trigger_tstamp_latched flag is set, the PCM core code assumes that the low-level driver handles the trigger timestamping itself. Ensure that runtime->trigger_tstamp is always updated. Buglink: https://github.com/alsa-project/alsa-lib/issues/387 Reported-by: Zeno Endemann Signed-off-by: Jaroslav Kysela Link: https://patch.msgid.link/20241002081306.1788405-1-perex@perex.cz Signed-off-by: Takashi Iwai commit 500580c7ae7bbd38c7641102059fa9308f35d26c Author: Zhang Zekun Date: Thu Sep 26 21:42:11 2024 +0800 pmdomain: qcom-cpr: Fix the return of uninitialized variable The of_property_read_u64() can fail and remain the variable uninitialized, which will then be returned. Initializing the variable "rate" to zero to fix this problem. Fixes: 181c8148556a ("pmdomain: qcom-cpr: Use scope based of_node_put() to simplify code.") Reported-by: Dan Carpenter Closes: https://lore.kernel.org/linux-pm/455a6a49-41d2-4a20-9a31-f57ee7a67920@huawei.com/T/#m0a62b501b453a6d6e94c52a428a66f65b5422c65 Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240926134211.45394-1-zhangzekun11@huawei.com Signed-off-by: Ulf Hansson commit ee703a7068f95764cfb62b57db1d36e465cb9b26 Author: Zhao Mengmeng Date: Tue Oct 1 19:54:23 2024 +0800 udf: refactor udf_current_aext() to handle error As Jan suggested in links below, refactor udf_current_aext() to differentiate between error, hit EOF and success, it now takes pointer to etype to store the extent type, return 1 when getting etype success, return 0 when hitting EOF and return -errno when err. Link: https://lore.kernel.org/all/20240912111235.6nr3wuqvktecy3vh@quack3/ Signed-off-by: Zhao Mengmeng Suggested-by: Jan Kara Signed-off-by: Jan Kara Link: https://patch.msgid.link/20241001115425.266556-2-zhaomzhao@126.com commit 5a431e50e9d4189800be1607eef9deaf95959fc3 Author: Vignesh Raghavendra Date: Wed Oct 2 12:49:01 2024 +0530 gpio: davinci: Fix condition for irqchip registration Since commit d29e741cad3f ("gpio: davinci: drop platform data support"), irqchip is no longer being registered on platforms what don't use unbanked gpios. Fix this. Reported-by: Sabeeh Khan Fixes: d29e741cad3f ("gpio: davinci: drop platform data support") Signed-off-by: Vignesh Raghavendra Link: https://lore.kernel.org/r/20241002071901.2752757-1-vigneshr@ti.com Signed-off-by: Bartosz Golaszewski commit d4ac164bde7a12ec0a238a7ead5aa26819bbb1c1 Author: Chen Yu Date: Wed Sep 25 16:54:40 2024 +0800 sched/eevdf: Fix wakeup-preempt by checking cfs_rq->nr_running Commit 85e511df3cec ("sched/eevdf: Allow shorter slices to wakeup-preempt") introduced a mechanism that a wakee with shorter slice could preempt the current running task. It also lower the bar for the current task to be preempted, by checking the rq->nr_running instead of cfs_rq->nr_running when the current task has ran out of time slice. But there is a scenario that is problematic. Say, if there is 1 cfs task and 1 rt task, before 85e511df3cec, update_deadline() will not trigger a reschedule, and after 85e511df3cec, since rq->nr_running is 2 and resched is true, a resched_curr() would happen. Some workloads (like the hackbench reported by lkp) do not like over-scheduling. We can see that the preemption rate has been increased by 2.2%: 1.654e+08 +2.2% 1.69e+08 hackbench.time.involuntary_context_switches Restore its previous check criterion. Fixes: 85e511df3cec ("sched/eevdf: Allow shorter slices to wakeup-preempt") Closes: https://lore.kernel.org/oe-lkp/202409231416.9403c2e9-oliver.sang@intel.com Reported-by: kernel test robot Suggested-by: K Prateek Nayak Signed-off-by: Chen Yu Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Honglei Wang Tested-by: K Prateek Nayak Link: https://lore.kernel.org/r/20240925085440.358138-1-yu.c.chen@intel.com commit 9b5ce1a37e904fac32d560668134965f4e937f6c Author: Mike Galbraith Date: Tue Oct 1 03:34:01 2024 +0200 sched: Fix sched_delayed vs cfs_bandwidth Meeting an unfinished DELAY_DEQUEUE treated entity in unthrottle_cfs_rq() leads to a couple terminal scenarios. Finish it first, so ENQUEUE_WAKEUP can proceed as it would have sans DELAY_DEQUEUE treatment. Fixes: 152e11f6df29 ("sched/fair: Implement delayed dequeue") Reported-by: Venkat Rao Bagalkote Signed-off-by: Mike Galbraith Signed-off-by: Peter Zijlstra (Intel) Tested-by: Venkat Rao Bagalkote Link: https://lore.kernel.org/r/7515d2e64c989b9e3b828a9e21bcd959b99df06a.camel@gmx.de commit 984ed20ece1c6c20789ece040cbff3eb1a388fa9 Author: Masahiro Yamada Date: Tue Oct 1 18:02:22 2024 +0900 kconfig: qconf: fix buffer overflow in debug links If you enable "Option -> Show Debug Info" and click a link, the program terminates with the following error: *** buffer overflow detected ***: terminated The buffer overflow is caused by the following line: strcat(data, "$"); The buffer needs one more byte to accommodate the additional character. Fixes: c4f7398bee9c ("kconfig: qconf: make debug links work again") Signed-off-by: Masahiro Yamada commit d75dba49744478c32f6ce1c16b5f391c2d5cef5f Author: Abhishek Tamboli Date: Mon Sep 30 20:23:00 2024 +0530 ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 Add the quirk for HP Pavilion Gaming laptop 15z-ec200 for enabling the mute led. The fix apply the ALC285_FIXUP_HP_MUTE_LED quirk for this model. Link: https://bugzilla.kernel.org/show_bug.cgi?id=219303 Signed-off-by: Abhishek Tamboli Cc: Link: https://patch.msgid.link/20240930145300.4604-1-abhishektamboli9@gmail.com Signed-off-by: Takashi Iwai commit 864773f9e7899f5ea72f92ebd75770e25e0b35be Author: Takashi Iwai Date: Tue Oct 1 14:14:37 2024 +0200 ALSA: hda/generic: Drop obsoleted obey_preferred_dacs flag Now we evaluate directly with preferred_dacs table, the flag is no longer used and merely a placeholder. Let's drop the definition and its users. Link: https://patch.msgid.link/20241001121439.26060-2-tiwai@suse.de Signed-off-by: Takashi Iwai commit 1c801e7f77445bc56e5e1fec6191fd4503534787 Author: Takashi Iwai Date: Tue Oct 1 14:14:36 2024 +0200 ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs Some time ago, we introduced the obey_preferred_dacs flag for choosing the DAC/pin pairs specified by the driver instead of parsing the paths. This works as expected, per se, but there have been a few cases where we forgot to set this flag while preferred_dacs table is already set up. It ended up with incorrect wiring and made us wondering why it doesn't work. Basically, when the preferred_dacs table is provided, it means that the driver really wants to wire up to follow that. That is, the presence of the preferred_dacs table itself is already a "do-it" flag. In this patch, we simply replace the evaluation of obey_preferred_dacs flag with the presence of preferred_dacs table for fixing the misbehavior. Another patch to drop of the obsoleted flag will follow. Fixes: 242d990c158d ("ALSA: hda/generic: Add option to enforce preferred_dacs pairs") Link: https://bugzilla.suse.com/show_bug.cgi?id=1219803 Link: https://patch.msgid.link/20241001121439.26060-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 0d0b8646a66de7f3bf345106f2034a2268799d67 Author: Al Viro Date: Tue Oct 1 23:28:49 2024 -0400 ufs_rename(): fix bogus argument of folio_release_kmap() new_dir does *NOT* point into dir_folio - it's an inode, not a pointer to ufs directory entry. Fixes: 516b97cf03dd6 "ufs: Convert directory handling to kmap_local" Acked-by: Matthew Wilcox (Oracle) Signed-off-by: Al Viro commit 134d988208602ccae792e91475c05911c962798e Author: Al Viro Date: Tue Dec 5 21:53:22 2023 -0500 parisc: get rid of private asm/unaligned.h Declarations local to arch/*/kernel/*.c are better off *not* in a public header - arch/parisc/kernel/unaligned.h is just fine for those bits. With that done parisc asm/unaligned.h is reduced to include of asm-generic/unaligned.h and can be removed - unaligned.h is in mandatory-y in include/asm-generic/Kbuild. Acked-by: Helge Deller Signed-off-by: Al Viro commit a421e3fe0e6abe27395078f4f0cec5daf466caea Author: wangrong Date: Thu Jun 20 16:37:29 2024 +0800 smb: client: use actual path when queryfs Due to server permission control, the client does not have access to the shared root directory, but can access subdirectories normally, so users usually mount the shared subdirectories directly. In this case, queryfs should use the actual path instead of the root directory to avoid the call returning an error (EACCES). Signed-off-by: wangrong Reviewed-by: Paulo Alcantara (Red Hat) Cc: stable@vger.kernel.org Signed-off-by: Steve French commit d0a0c91dff5f0d2a084f5dc859360e3dd549354c Author: Fabio Estevam Date: Mon Sep 30 18:32:38 2024 -0300 dt-bindings: display: elgin,jg10309-01: Add own binding Currently, the compatible 'elgin,jg10309-01' is documented inside trivial-devices.yaml, but it does not fit well there as it requires extra properties such as spi-max-frequency, spi-cpha, and spi-cpol. This causes the following dt-schema warnings: make CHECK_DTBS=y rockchip/rv1108-elgin-r1.dtb -j12 DTC [C] arch/arm/boot/dts/rockchip/rv1108-elgin-r1.dtb rv1108-elgin-r1.dtb:display@0: 'spi-cpha', 'spi-cpol' do not match any of the regexes: ... Fix this problem by introducing a specific binding for the Elgin JG10309-01 SPI-controlled display. Signed-off-by: Fabio Estevam Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240930213238.977833-1-festevam@gmail.com Signed-off-by: Rob Herring (Arm) commit eb8333673e1ebc2418980b664a84c91b4e98afc4 Author: Dan Carpenter Date: Mon Sep 16 17:07:26 2024 +0300 OPP: fix error code in dev_pm_opp_set_config() This is an error path so set the error code. Smatch complains about the current code: drivers/opp/core.c:2660 dev_pm_opp_set_config() error: uninitialized symbol 'ret'. Fixes: e37440e7e2c2 ("OPP: Call dev_pm_opp_set_opp() for required OPPs") Signed-off-by: Dan Carpenter Acked-by: Viresh Kumar Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/3f3660af-4ea0-4a89-b3b7-58de7b16d7a5@stanley.mountain Signed-off-by: Ulf Hansson commit 65fbec3121eb7a10a839784496357f5a833af69b Merge: 68a16708d2503b 3eae4a916fc0eb Author: Mark Brown Date: Wed Oct 2 00:24:48 2024 +0100 spi: Fix pm_runtime_set_suspended() with runtime pm Merge series from Jinjie Ruan : Fix pm_runtime_set_suspended() with runtime pm enabled, and fix the missing check for spi-cadence. Jinjie Ruan (3): spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled spi: spi-cadence: Fix pm_runtime_set_suspended() with runtime pm enabled spi: spi-cadence: Fix missing spi_controller_is_target() check drivers/spi/spi-cadence.c | 8 +++++--- drivers/spi/spi-imx.c | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) -- 2.34.1 commit 52d4e3fb3d340447dcdac0e14ff21a764f326907 Author: Tom Chung Date: Fri Sep 13 15:44:40 2024 +0800 drm/amd/display: Fix system hang while resume with TBT monitor [Why] Connected with a Thunderbolt monitor and do the suspend and the system may hang while resume. The TBT monitor HPD will be triggered during the resume procedure and call the drm_client_modeset_probe() while struct drm_connector connector->dev->master is NULL. It will mess up the pipe topology after resume. [How] Skip the TBT monitor HPD during the resume procedure because we currently will probe the connectors after resume by default. Reviewed-by: Wayne Lin Signed-off-by: Tom Chung Signed-off-by: Fangzhi Zuo Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher (cherry picked from commit 453f86a26945207a16b8f66aaed5962dc2b95b85) Cc: stable@vger.kernel.org commit ef785ca7f7c80891580cafd36c8dd86375684310 Author: Leo Li Date: Wed Sep 11 17:27:08 2024 -0400 drm/amd/display: Enable idle workqueue for more IPS modes [Why] There are more IPS modes other than DMUB_IPS_ENABLE that enables IPS. We need to enable the hotplug detect idle workqueue for those modes as well. [How] Modify the if condition to initialize the workqueue in all IPS modes except for DMUB_IPS_DISABLE_ALL. Fixes: 65444581a4ae ("drm/amd/display: Determine IPS mode by ASIC and PMFW versions") Signed-off-by: Leo Li Reviewed-by: Roman Li Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher (cherry picked from commit 181db30bcfed097ecc680539b1eabe935c11f57f) Cc: stable@vger.kernel.org commit 05af800704ee7187d9edd461ec90f3679b1c4aba Author: Alex Hung Date: Fri Sep 6 11:39:18 2024 -0600 drm/amd/display: Add HDR workaround for specific eDP [WHY & HOW] Some eDP panels suffer from flicking when HDR is enabled in KDE. This quirk works around it by skipping VSC that is incompatible with eDP panels. Link: https://gitlab.freedesktop.org/drm/amd/-/issues/3151 Cc: Mario Limonciello Cc: Alex Deucher Reviewed-by: Rodrigo Siqueira Signed-off-by: Alex Hung Signed-off-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher (cherry picked from commit 4d4257280d7957727998ef90ccc7b69c7cca8376) Cc: stable@vger.kernel.org commit c36df0f5f5e5acec5d78f23c4725cc500df28843 Author: Charlene Liu Date: Wed Sep 11 19:45:09 2024 -0400 drm/amd/display: avoid set dispclk to 0 [why] set dispclk to 0 cause stability issue. Cc: Mario Limonciello Cc: Alex Deucher Reviewed-by: Nicholas Kazlauskas Signed-off-by: Charlene Liu Signed-off-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher (cherry picked from commit 1c6b16ebf5eb2bc5740be9e37b3a69f1dfe1dded) Cc: stable@vger.kernel.org commit d51160ab00969ee6758ed2dcbc0f81dd476a181c Author: Fangzhi Zuo Date: Wed Sep 4 15:29:24 2024 -0400 drm/amd/display: Restore Optimized pbn Value if Failed to Disable DSC Existing last step of dsc policy is to restore pbn value under minimum compression when try to greedily disable dsc for a stream failed to fit in MST bw. Optimized dsc params result from optimization step is not necessarily the minimum compression, therefore it is not correct to restore the pbn under minimum compression rate. Restore the pbn under minimum compression instead of the value from optimized pbn could result in the dsc params not correct at the modeset where atomic_check failed due to not enough bw. One or more monitors connected could not light up in such case. Restore the optimized pbn value, instead of using the pbn value under minimum compression. Cc: Mario Limonciello Cc: Alex Deucher Reviewed-by: Wayne Lin Signed-off-by: Fangzhi Zuo Signed-off-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher (cherry picked from commit 352c3165d2b75030169e012461a16bcf97f392fc) Cc: stable@vger.kernel.org commit 0d5e5e8a0aa49ea2163abf128da3b509a6c58286 Author: Yihan Zhu Date: Sat Sep 7 13:25:19 2024 -0400 drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35 [WHY & HOW] Mismatch in DCN35 DML2 cause bw validation failed to acquire unexpected DPP pipe to cause grey screen and system hang. Remove EnhancedPrefetchScheduleAccelerationFinal value override to match HW spec. Cc: Mario Limonciello Cc: Alex Deucher Reviewed-by: Charlene Liu Signed-off-by: Yihan Zhu Signed-off-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher (cherry picked from commit 9dad21f910fcea2bdcff4af46159101d7f9cd8ba) Cc: stable@vger.kernel.org commit 05cef2c4a421ca09ab9761a95e61423e59e5bfb1 Author: Miguel Ojeda Date: Fri Sep 27 18:44:14 2024 +0200 rust: kunit: use C-string literals to clean warning Starting with upstream Rust commit a5e3a3f9b6bd ("move `manual_c_str_literals` to complexity"), to be released in Rust 1.83.0 [1], Clippy now warns on `manual_c_str_literals` by default, e.g.: error: manually constructing a nul-terminated string --> rust/kernel/kunit.rs:21:13 | 21 | b"\x013%pA\0".as_ptr() as _, | ^^^^^^^^^^^^^ help: use a `c""` literal: `c"\x013%pA"` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#manual_c_str_literals = note: `-D clippy::manual-c-str-literals` implied by `-D warnings` = help: to override `-D warnings` add `#[allow(clippy::manual_c_str_literals)]` Apply the suggestion to clean up the warnings. Link: https://github.com/rust-lang/rust-clippy/pull/13263 [1] Reviewed-by: Trevor Gross Reviewed-by: Benno Lossin Link: https://lore.kernel.org/r/20240927164414.560906-1-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit e764e68103c12aef161480b8da984c36ca99cfb5 Author: Kent Overstreet Date: Mon Sep 30 18:46:48 2024 -0400 bcachefs: Fix bad shift in bch2_read_flag_list() Signed-off-by: Kent Overstreet commit cfb10de18538e383dbc4f3ce7f477ce49287ff3d Author: Alexandre Ghiti Date: Tue Sep 17 17:03:28 2024 +0200 riscv: Fix kernel stack size when KASAN is enabled We use Kconfig to select the kernel stack size, doubling the default size if KASAN is enabled. But that actually only works if KASAN is selected from the beginning, meaning that if KASAN config is added later (for example using menuconfig), CONFIG_THREAD_SIZE_ORDER won't be updated, keeping the default size, which is not enough for KASAN as reported in [1]. So fix this by moving the logic to compute the right kernel stack into a header. Fixes: a7555f6b62e7 ("riscv: stack: Add config of thread stack size") Reported-by: syzbot+ba9eac24453387a9d502@syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/000000000000eb301906222aadc2@google.com/ [1] Cc: stable@vger.kernel.org Signed-off-by: Alexandre Ghiti Link: https://lore.kernel.org/r/20240917150328.59831-1-alexghiti@rivosinc.com Signed-off-by: Palmer Dabbelt commit 9c383396362a4d1db99ed5240f4708d443361ef3 Author: Thorsten Blum Date: Sat Sep 28 17:00:30 2024 +0200 ksmbd: Use struct_size() to improve smb_direct_rdma_xmit() Use struct_size() to calculate the number of bytes to allocate for a new message. Signed-off-by: Thorsten Blum Acked-by: Namjae Jeon Signed-off-by: Steve French commit 0801c1374ab1552bd7376370987142ff77912527 Author: Thorsten Blum Date: Wed Sep 25 11:03:13 2024 +0200 ksmbd: Annotate struct copychunk_ioctl_req with __counted_by_le() Add the __counted_by_le compiler attribute to the flexible array member Chunks to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Change the data type of the flexible array member Chunks from __u8[] to struct srv_copychunk[] for ChunkCount to match the number of elements in the Chunks array. (With __u8[], each srv_copychunk would occupy 24 array entries and the __counted_by compiler attribute wouldn't be applicable.) Use struct_size() to calculate the size of the copychunk_ioctl_req. Read Chunks[0] after checking that ChunkCount is not 0. Signed-off-by: Thorsten Blum Acked-by: Namjae Jeon Signed-off-by: Steve French commit 04afb0a3c30aeb5fbe890a92debbfc0cc4044b6f Author: Thorsten Blum Date: Fri Sep 27 16:36:42 2024 +0200 ksmbd: Use struct_size() to improve get_file_alternate_info() Use struct_size() to calculate the output buffer length. Signed-off-by: Thorsten Blum Acked-by: Namjae Jeon Signed-off-by: Steve French commit 3ed6be68913b2d56a35d30c67f83ba3d2f1998fc Author: Daniel Borkmann Date: Tue Oct 1 21:41:05 2024 +0200 bpf: Sync uapi bpf.h header to tools directory There is a delta between kernel UAPI bpf.h and tools UAPI bpf.h, thus sync them again. Signed-off-by: Daniel Borkmann commit 09d88791c7cd888d5195c84733caf9183dcfbd16 Author: Toke Høiland-Jørgensen Date: Fri Sep 20 14:56:24 2024 +0200 bpf: Make sure internal and UAPI bpf_redirect flags don't overlap The bpf_redirect_info is shared between the SKB and XDP redirect paths, and the two paths use the same numeric flag values in the ri->flags field (specifically, BPF_F_BROADCAST == BPF_F_NEXTHOP). This means that if skb bpf_redirect_neigh() is used with a non-NULL params argument and, subsequently, an XDP redirect is performed using the same bpf_redirect_info struct, the XDP path will get confused and end up crashing, which syzbot managed to trigger. With the stack-allocated bpf_redirect_info, the structure is no longer shared between the SKB and XDP paths, so the crash doesn't happen anymore. However, different code paths using identically-numbered flag values in the same struct field still seems like a bit of a mess, so this patch cleans that up by moving the flag definitions together and redefining the three flags in BPF_F_REDIRECT_INTERNAL to not overlap with the flags used for XDP. It also adds a BUILD_BUG_ON() check to make sure the overlap is not re-introduced by mistake. Fixes: e624d4ed4aa8 ("xdp: Extend xdp_redirect_map with broadcast support") Reported-by: syzbot+cca39e6e84a367a7e6f6@syzkaller.appspotmail.com Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Daniel Borkmann Acked-by: Daniel Borkmann Closes: https://syzkaller.appspot.com/bug?extid=cca39e6e84a367a7e6f6 Link: https://lore.kernel.org/bpf/20240920125625.59465-1-toke@redhat.com commit ac78288fe062b64e45a479eaae74aaaafcc8ecdd Author: Hans de Goede Date: Wed Sep 18 17:38:49 2024 +0200 ACPI: video: Add backlight=native quirk for Dell OptiPlex 5480 AIO Dell All In One (AIO) models released after 2017 may use a backlight controller board connected to an UART. In DSDT this uart port will be defined as: Name (_HID, "DELL0501") Name (_CID, EisaId ("PNP0501") The Dell OptiPlex 5480 AIO has an ACPI device for one of its UARTs with the above _HID + _CID. Loading the dell-uart-backlight driver fails with the following errors: [ 18.261353] dell_uart_backlight serial0-0: Timed out waiting for response. [ 18.261356] dell_uart_backlight serial0-0: error -ETIMEDOUT: getting firmware version [ 18.261359] dell_uart_backlight serial0-0: probe with driver dell_uart_backlight failed with error -110 Indicating that there is no backlight controller board attached to the UART, while the GPU's native backlight control method does work. Add a quirk to use the GPU's native backlight control method on this model. Fixes: cd8e468efb4f ("ACPI: video: Add Dell UART backlight controller detection") Cc: All applicable Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20240918153849.37221-1-hdegoede@redhat.com [ rjw: Changelog edit ] Signed-off-by: Rafael J. Wysocki commit c0f02536fffbbec71aced36d52a765f8c4493dc2 Author: Miquel Sabaté Solà Date: Tue Sep 17 15:42:46 2024 +0200 cpufreq: Avoid a bad reference count on CPU node In the parse_perf_domain function, if the call to of_parse_phandle_with_args returns an error, then the reference to the CPU device node that was acquired at the start of the function would not be properly decremented. Address this by declaring the variable with the __free(device_node) cleanup attribute. Signed-off-by: Miquel Sabaté Solà Acked-by: Viresh Kumar Link: https://patch.msgid.link/20240917134246.584026-1-mikisabate@gmail.com Cc: All applicable Signed-off-by: Rafael J. Wysocki commit 8b4865cd904650cbed7f2407e653934c621b8127 Author: Uwe Kleine-König Date: Thu Sep 19 10:11:21 2024 +0200 cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock notify_hwp_interrupt() is called via sysvec_thermal() -> smp_thermal_vector() -> intel_thermal_interrupt() in hard irq context. For this reason it must not use a simple spin_lock that sleeps with PREEMPT_RT enabled. So convert it to a raw spinlock. Reported-by: xiao sheng wen Link: https://bugs.debian.org/1076483 Signed-off-by: Uwe Kleine-König Acked-by: Srinivas Pandruvada Acked-by: Sebastian Andrzej Siewior Tested-by: xiao sheng wen Link: https://patch.msgid.link/20240919081121.10784-2-ukleinek@debian.org Cc: All applicable Signed-off-by: Rafael J. Wysocki commit e38dad438fc08162e20c600ae899e9e60688f72e Author: Nilay Shroff Date: Sat Sep 21 12:35:33 2024 +0530 nvmet-passthru: clear EUID/NGUID/UUID while using loop target When nvme passthru is configured using loop target, the clear_ids attribute is, by default, set to true. This attribute would ensure that EUID/NGUID/UUID is cleared for the loop passthru target. The newer NVMe disk supporting the NVMe spec 1.3 or higher, typically, implements the support for "Namespace Identification Descriptor list" command. This command when issued from host returns EUID/NGUID/UUID assigned to the inquired namespace. Not clearing these values, while using nvme passthru using loop target, would result in NVMe host driver rejecting the namespace. This check was implemented in the commit 2079f41ec6ff ("nvme: check that EUI/GUID/UUID are globally unique"). The fix implemented in this commit ensure that when host issues ns-id descriptor list command, the EUID/NGUID/UUID are cleared by passthru target. In fact, the function nvmet_passthru_override_id_descs() which clears those unique ids already exits, so we just need to ensure that ns-id descriptor list command falls through the corretc code path. And while we're at it, we also combines the three passthru admin command cases together which shares the same code. Reviewed-by: Chaitanya Kulkarni Reviewed-by: Christoph Hellwig Signed-off-by: Nilay Shroff Signed-off-by: Keith Busch commit 68a16708d2503b6303d67abd43801e2ca40c208d Author: Ben Dooks Date: Tue Sep 24 14:40:08 2024 +0100 spi: s3c64xx: fix timeout counters in flush_fifo In the s3c64xx_flush_fifo() code, the loops counter is post-decremented in the do { } while(test && loops--) condition. This means the loops is left at the unsigned equivalent of -1 if the loop times out. The test after will never pass as if tests for loops == 0. Signed-off-by: Ben Dooks Fixes: 230d42d422e7 ("spi: Add s3c64xx SPI Controller driver") Reviewed-by: Andi Shyti Link: https://patch.msgid.link/20240924134009.116247-2-ben.dooks@codethink.co.uk Signed-off-by: Mark Brown commit aafbb9af7c370f3fe62f595842d7a0b798224adb Merge: 72455e33173c1a cccb586f513cd9 Author: Mark Brown Date: Tue Oct 1 18:54:52 2024 +0100 ASoC: Intel: soc-acpi: Fix missing empty terminators Merge series from Bard Liao : There is no links_num in struct snd_soc_acpi_mach {}, and we test !link->num_adr as a condition to end the loop in hda_sdw_machine_select(). So an empty item in struct snd_soc_acpi_link_adr array is required. commit d6e7ac65d4c106149d08a0ffba39fc516ae3d21b Author: Leo Martins Date: Tue Sep 24 16:42:29 2024 -0700 btrfs: disable rate limiting when debug enabled Disable ratelimiting for btrfs_printk when CONFIG_BTRFS_DEBUG is enabled. This allows for more verbose output which is often needed by functions like btrfs_dump_space_info(). Reviewed-by: Qu Wenruo Signed-off-by: Leo Martins Reviewed-by: David Sterba Signed-off-by: David Sterba commit 41fd1e94066a815a7ab0a7025359e9b40e4b3576 Author: Filipe Manana Date: Tue Oct 1 11:06:52 2024 +0100 btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at close_ctree(), we have the following steps in this order: 1) Park the cleaner kthread - this doesn't destroy the kthread, it basically halts its execution (wake ups against it work but do nothing); 2) We stop the cleaner kthread - this results in freeing the respective struct task_struct; 3) We call btrfs_stop_all_workers() which waits for any jobs running in all the work queues and then free the work queues. Syzbot reported a case where a fixup worker resulted in a crash when doing a delayed iput on its inode while attempting to wake up the cleaner at btrfs_add_delayed_iput(), because the task_struct of the cleaner kthread was already freed. This can happen during unmount because we don't wait for any fixup workers still running before we call kthread_stop() against the cleaner kthread, which stops and free all its resources. Fix this by waiting for any fixup workers at close_ctree() before we call kthread_stop() against the cleaner and run pending delayed iputs. The stack traces reported by syzbot were the following: BUG: KASAN: slab-use-after-free in __lock_acquire+0x77/0x2050 kernel/locking/lockdep.c:5065 Read of size 8 at addr ffff8880272a8a18 by task kworker/u8:3/52 CPU: 1 UID: 0 PID: 52 Comm: kworker/u8:3 Not tainted 6.12.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Workqueue: btrfs-fixup btrfs_work_helper Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 __lock_acquire+0x77/0x2050 kernel/locking/lockdep.c:5065 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162 class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:551 [inline] try_to_wake_up+0xb0/0x1480 kernel/sched/core.c:4154 btrfs_writepage_fixup_worker+0xc16/0xdf0 fs/btrfs/inode.c:2842 btrfs_work_helper+0x390/0xc50 fs/btrfs/async-thread.c:314 process_one_work kernel/workqueue.c:3229 [inline] process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310 worker_thread+0x870/0xd30 kernel/workqueue.c:3391 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Allocated by task 2: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 unpoison_slab_object mm/kasan/common.c:319 [inline] __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:345 kasan_slab_alloc include/linux/kasan.h:247 [inline] slab_post_alloc_hook mm/slub.c:4086 [inline] slab_alloc_node mm/slub.c:4135 [inline] kmem_cache_alloc_node_noprof+0x16b/0x320 mm/slub.c:4187 alloc_task_struct_node kernel/fork.c:180 [inline] dup_task_struct+0x57/0x8c0 kernel/fork.c:1107 copy_process+0x5d1/0x3d50 kernel/fork.c:2206 kernel_clone+0x223/0x880 kernel/fork.c:2787 kernel_thread+0x1bc/0x240 kernel/fork.c:2849 create_kthread kernel/kthread.c:412 [inline] kthreadd+0x60d/0x810 kernel/kthread.c:765 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Freed by task 61: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579 poison_slab_object mm/kasan/common.c:247 [inline] __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264 kasan_slab_free include/linux/kasan.h:230 [inline] slab_free_hook mm/slub.c:2343 [inline] slab_free mm/slub.c:4580 [inline] kmem_cache_free+0x1a2/0x420 mm/slub.c:4682 put_task_struct include/linux/sched/task.h:144 [inline] delayed_put_task_struct+0x125/0x300 kernel/exit.c:228 rcu_do_batch kernel/rcu/tree.c:2567 [inline] rcu_core+0xaaa/0x17a0 kernel/rcu/tree.c:2823 handle_softirqs+0x2c5/0x980 kernel/softirq.c:554 __do_softirq kernel/softirq.c:588 [inline] invoke_softirq kernel/softirq.c:428 [inline] __irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637 irq_exit_rcu+0x9/0x30 kernel/softirq.c:649 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1037 [inline] sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1037 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 Last potentially related work creation: kasan_save_stack+0x3f/0x60 mm/kasan/common.c:47 __kasan_record_aux_stack+0xac/0xc0 mm/kasan/generic.c:541 __call_rcu_common kernel/rcu/tree.c:3086 [inline] call_rcu+0x167/0xa70 kernel/rcu/tree.c:3190 context_switch kernel/sched/core.c:5318 [inline] __schedule+0x184b/0x4ae0 kernel/sched/core.c:6675 schedule_idle+0x56/0x90 kernel/sched/core.c:6793 do_idle+0x56a/0x5d0 kernel/sched/idle.c:354 cpu_startup_entry+0x42/0x60 kernel/sched/idle.c:424 start_secondary+0x102/0x110 arch/x86/kernel/smpboot.c:314 common_startup_64+0x13e/0x147 The buggy address belongs to the object at ffff8880272a8000 which belongs to the cache task_struct of size 7424 The buggy address is located 2584 bytes inside of freed 7424-byte region [ffff8880272a8000, ffff8880272a9d00) The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x272a8 head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) page_type: f5(slab) raw: 00fff00000000040 ffff88801bafa500 dead000000000122 0000000000000000 raw: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 head: 00fff00000000040 ffff88801bafa500 dead000000000122 0000000000000000 head: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 head: 00fff00000000003 ffffea00009caa01 ffffffffffffffff 0000000000000000 head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: kasan: bad access detected page_owner tracks the page as allocated page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2, tgid 2 (kthreadd), ts 71247381401, free_ts 71214998153 set_page_owner include/linux/page_owner.h:32 [inline] post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1537 prep_new_page mm/page_alloc.c:1545 [inline] get_page_from_freelist+0x3039/0x3180 mm/page_alloc.c:3457 __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4733 alloc_pages_mpol_noprof+0x3e8/0x680 mm/mempolicy.c:2265 alloc_slab_page+0x6a/0x120 mm/slub.c:2413 allocate_slab+0x5a/0x2f0 mm/slub.c:2579 new_slab mm/slub.c:2632 [inline] ___slab_alloc+0xcd1/0x14b0 mm/slub.c:3819 __slab_alloc+0x58/0xa0 mm/slub.c:3909 __slab_alloc_node mm/slub.c:3962 [inline] slab_alloc_node mm/slub.c:4123 [inline] kmem_cache_alloc_node_noprof+0x1fe/0x320 mm/slub.c:4187 alloc_task_struct_node kernel/fork.c:180 [inline] dup_task_struct+0x57/0x8c0 kernel/fork.c:1107 copy_process+0x5d1/0x3d50 kernel/fork.c:2206 kernel_clone+0x223/0x880 kernel/fork.c:2787 kernel_thread+0x1bc/0x240 kernel/fork.c:2849 create_kthread kernel/kthread.c:412 [inline] kthreadd+0x60d/0x810 kernel/kthread.c:765 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 page last free pid 5230 tgid 5230 stack trace: reset_page_owner include/linux/page_owner.h:25 [inline] free_pages_prepare mm/page_alloc.c:1108 [inline] free_unref_page+0xcd0/0xf00 mm/page_alloc.c:2638 discard_slab mm/slub.c:2678 [inline] __put_partials+0xeb/0x130 mm/slub.c:3146 put_cpu_partial+0x17c/0x250 mm/slub.c:3221 __slab_free+0x2ea/0x3d0 mm/slub.c:4450 qlink_free mm/kasan/quarantine.c:163 [inline] qlist_free_all+0x9a/0x140 mm/kasan/quarantine.c:179 kasan_quarantine_reduce+0x14f/0x170 mm/kasan/quarantine.c:286 __kasan_slab_alloc+0x23/0x80 mm/kasan/common.c:329 kasan_slab_alloc include/linux/kasan.h:247 [inline] slab_post_alloc_hook mm/slub.c:4086 [inline] slab_alloc_node mm/slub.c:4135 [inline] kmem_cache_alloc_noprof+0x135/0x2a0 mm/slub.c:4142 getname_flags+0xb7/0x540 fs/namei.c:139 do_sys_openat2+0xd2/0x1d0 fs/open.c:1409 do_sys_open fs/open.c:1430 [inline] __do_sys_openat fs/open.c:1446 [inline] __se_sys_openat fs/open.c:1441 [inline] __x64_sys_openat+0x247/0x2a0 fs/open.c:1441 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Memory state around the buggy address: ffff8880272a8900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff8880272a8980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb >ffff8880272a8a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff8880272a8a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff8880272a8b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ================================================================== Reported-by: syzbot+8aaf2df2ef0164ffe1fb@syzkaller.appspotmail.com Link: https://lore.kernel.org/linux-btrfs/66fb36b1.050a0220.aab67.003b.GAE@google.com/ CC: stable@vger.kernel.org # 4.19+ Reviewed-by: Qu Wenruo Reviewed-by: Johannes Thumshirn Reviewed-by: David Sterba Signed-off-by: Filipe Manana Reviewed-by: David Sterba Signed-off-by: David Sterba commit c3b47f49e83197e8dffd023ec568403bcdbb774b Author: Qu Wenruo Date: Sat Sep 28 08:05:58 2024 +0930 btrfs: fix a NULL pointer dereference when failed to start a new trasacntion [BUG] Syzbot reported a NULL pointer dereference with the following crash: FAULT_INJECTION: forcing a failure. start_transaction+0x830/0x1670 fs/btrfs/transaction.c:676 prepare_to_relocate+0x31f/0x4c0 fs/btrfs/relocation.c:3642 relocate_block_group+0x169/0xd20 fs/btrfs/relocation.c:3678 ... BTRFS info (device loop0): balance: ended with status: -12 Oops: general protection fault, probably for non-canonical address 0xdffffc00000000cc: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000660-0x0000000000000667] RIP: 0010:btrfs_update_reloc_root+0x362/0xa80 fs/btrfs/relocation.c:926 Call Trace: commit_fs_roots+0x2ee/0x720 fs/btrfs/transaction.c:1496 btrfs_commit_transaction+0xfaf/0x3740 fs/btrfs/transaction.c:2430 del_balance_item fs/btrfs/volumes.c:3678 [inline] reset_balance_state+0x25e/0x3c0 fs/btrfs/volumes.c:3742 btrfs_balance+0xead/0x10c0 fs/btrfs/volumes.c:4574 btrfs_ioctl_balance+0x493/0x7c0 fs/btrfs/ioctl.c:3673 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f [CAUSE] The allocation failure happens at the start_transaction() inside prepare_to_relocate(), and during the error handling we call unset_reloc_control(), which makes fs_info->balance_ctl to be NULL. Then we continue the error path cleanup in btrfs_balance() by calling reset_balance_state() which will call del_balance_item() to fully delete the balance item in the root tree. However during the small window between set_reloc_contrl() and unset_reloc_control(), we can have a subvolume tree update and created a reloc_root for that subvolume. Then we go into the final btrfs_commit_transaction() of del_balance_item(), and into btrfs_update_reloc_root() inside commit_fs_roots(). That function checks if fs_info->reloc_ctl is in the merge_reloc_tree stage, but since fs_info->reloc_ctl is NULL, it results a NULL pointer dereference. [FIX] Just add extra check on fs_info->reloc_ctl inside btrfs_update_reloc_root(), before checking fs_info->reloc_ctl->merge_reloc_tree. That DEAD_RELOC_TREE handling is to prevent further modification to the reloc tree during merge stage, but since there is no reloc_ctl at all, we do not need to bother that. Reported-by: syzbot+283673dbc38527ef9f3d@syzkaller.appspotmail.com Link: https://lore.kernel.org/linux-btrfs/66f6bfa7.050a0220.38ace9.0019.GAE@google.com/ CC: stable@vger.kernel.org # 4.19+ Reviewed-by: Josef Bacik Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit fa630df665aa9ddce3a96ce7b54e10a38e4d2a2b Author: Filipe Manana Date: Fri Sep 27 10:50:12 2024 +0100 btrfs: send: fix invalid clone operation for file that got its size decreased During an incremental send we may end up sending an invalid clone operation, for the last extent of a file which ends at an unaligned offset that matches the final i_size of the file in the send snapshot, in case the file had its initial size (the size in the parent snapshot) decreased in the send snapshot. In this case the destination will fail to apply the clone operation because its end offset is not sector size aligned and it ends before the current size of the file. Sending the truncate operation always happens when we finish processing an inode, after we process all its extents (and xattrs, names, etc). So fix this by ensuring the file has a valid size before we send a clone operation for an unaligned extent that ends at the final i_size of the file. The size we truncate to matches the start offset of the clone range but it could be any value between that start offset and the final size of the file since the clone operation will expand the i_size if the current size is smaller than the end offset. The start offset of the range was chosen because it's always sector size aligned and avoids a truncation into the middle of a page, which results in dirtying the page due to filling part of it with zeroes and then making the clone operation at the receiver trigger IO. The following test reproduces the issue: $ cat test.sh #!/bin/bash DEV=/dev/sdi MNT=/mnt/sdi mkfs.btrfs -f $DEV mount $DEV $MNT # Create a file with a size of 256K + 5 bytes, having two extents, one # with a size of 128K and another one with a size of 128K + 5 bytes. last_ext_size=$((128 * 1024 + 5)) xfs_io -f -d -c "pwrite -S 0xab -b 128K 0 128K" \ -c "pwrite -S 0xcd -b $last_ext_size 128K $last_ext_size" \ $MNT/foo # Another file which we will later clone foo into, but initially with # a larger size than foo. xfs_io -f -c "pwrite -S 0xef 0 1M" $MNT/bar btrfs subvolume snapshot -r $MNT/ $MNT/snap1 # Now resize bar and clone foo into it. xfs_io -c "truncate 0" \ -c "reflink $MNT/foo" $MNT/bar btrfs subvolume snapshot -r $MNT/ $MNT/snap2 rm -f /tmp/send-full /tmp/send-inc btrfs send -f /tmp/send-full $MNT/snap1 btrfs send -p $MNT/snap1 -f /tmp/send-inc $MNT/snap2 umount $MNT mkfs.btrfs -f $DEV mount $DEV $MNT btrfs receive -f /tmp/send-full $MNT btrfs receive -f /tmp/send-inc $MNT umount $MNT Running it before this patch: $ ./test.sh (...) At subvol snap1 At snapshot snap2 ERROR: failed to clone extents to bar: Invalid argument A test case for fstests will be sent soon. Reported-by: Ben Millwood Link: https://lore.kernel.org/linux-btrfs/CAJhrHS2z+WViO2h=ojYvBPDLsATwLbg+7JaNCyYomv0fUxEpQQ@mail.gmail.com/ Fixes: 46a6e10a1ab1 ("btrfs: send: allow cloning non-aligned extent if it ends at i_size") CC: stable@vger.kernel.org # 6.11 Reviewed-by: Qu Wenruo Signed-off-by: Filipe Manana Signed-off-by: David Sterba commit 50c6f6e6806c65e41a039f0edef0816974403253 Author: Filipe Manana Date: Wed Sep 25 11:38:55 2024 +0100 btrfs: tracepoints: end assignment with semicolon at btrfs_qgroup_extent event class While running checkpatch.pl against a patch that modifies the btrfs_qgroup_extent event class, it complained about using a comma instead of a semicolon: $ ./scripts/checkpatch.pl qgroups/0003-btrfs-qgroups-remove-bytenr-field-from-struct-btrfs_.patch WARNING: Possible comma where semicolon could be used #215: FILE: include/trace/events/btrfs.h:1720: + __entry->bytenr = bytenr, __entry->num_bytes = rec->num_bytes; total: 0 errors, 1 warnings, 184 lines checked So replace the comma with a semicolon to silence checkpatch and possibly other tools. It also makes the code consistent with the rest. Reviewed-by: Qu Wenruo Signed-off-by: Filipe Manana Reviewed-by: David Sterba Signed-off-by: David Sterba commit db7e68b522c01eb666cfe1f31637775f18997811 Author: Josef Bacik Date: Tue Sep 24 16:50:22 2024 -0400 btrfs: drop the backref cache during relocation if we commit Since the inception of relocation we have maintained the backref cache across transaction commits, updating the backref cache with the new bytenr whenever we COWed blocks that were in the cache, and then updating their bytenr once we detected a transaction id change. This works as long as we're only ever modifying blocks, not changing the structure of the tree. However relocation does in fact change the structure of the tree. For example, if we are relocating a data extent, we will look up all the leaves that point to this data extent. We will then call do_relocation() on each of these leaves, which will COW down to the leaf and then update the file extent location. But, a key feature of do_relocation() is the pending list. This is all the pending nodes that we modified when we updated the file extent item. We will then process all of these blocks via finish_pending_nodes, which calls do_relocation() on all of the nodes that led up to that leaf. The purpose of this is to make sure we don't break sharing unless we absolutely have to. Consider the case that we have 3 snapshots that all point to this leaf through the same nodes, the initial COW would have created a whole new path. If we did this for all 3 snapshots we would end up with 3x the number of nodes we had originally. To avoid this we will cycle through each of the snapshots that point to each of these nodes and update their pointers to point at the new nodes. Once we update the pointer to the new node we will drop the node we removed the link for and all of its children via btrfs_drop_subtree(). This is essentially just btrfs_drop_snapshot(), but for an arbitrary point in the snapshot. The problem with this is that we will never reflect this in the backref cache. If we do this btrfs_drop_snapshot() for a node that is in the backref tree, we will leave the node in the backref tree. This becomes a problem when we change the transid, as now the backref cache has entire subtrees that no longer exist, but exist as if they still are pointed to by the same roots. In the best case scenario you end up with "adding refs to an existing tree ref" errors from insert_inline_extent_backref(), where we attempt to link in nodes on roots that are no longer valid. Worst case you will double free some random block and re-use it when there's still references to the block. This is extremely subtle, and the consequences are quite bad. There isn't a way to make sure our backref cache is consistent between transid's. In order to fix this we need to simply evict the entire backref cache anytime we cross transid's. This reduces performance in that we have to rebuild this backref cache every time we change transid's, but fixes the bug. This has existed since relocation was added, and is a pretty critical bug. There's a lot more cleanup that can be done now that this functionality is going away, but this patch is as small as possible in order to fix the problem and make it easy for us to backport it to all the kernels it needs to be backported to. Followup series will dismantle more of this code and simplify relocation drastically to remove this functionality. We have a reproducer that reproduced the corruption within a few minutes of running. With this patch it survives several iterations/hours of running the reproducer. Fixes: 3fd0a5585eb9 ("Btrfs: Metadata ENOSPC handling for balance") CC: stable@vger.kernel.org Reviewed-by: Boris Burkov Signed-off-by: Josef Bacik Signed-off-by: David Sterba commit 97f9782276fc9cb0de37a5eecb82204e48a5a612 Author: Johannes Thumshirn Date: Thu Sep 19 12:16:38 2024 +0200 btrfs: also add stripe entries for NOCOW writes NOCOW writes do not generate stripe_extent entries in the RAID stripe tree, as the RAID stripe-tree feature initially was designed with a zoned filesystem in mind and on a zoned filesystem, we do not allow NOCOW writes. But the RAID stripe-tree feature is independent from the zoned feature, so we must also do NOCOW writes for RAID stripe-tree filesystems. Reviewed-by: Naohiro Aota Signed-off-by: Johannes Thumshirn Signed-off-by: David Sterba commit 96c6ca71572a3556ed0c37237305657ff47174b7 Author: Filipe Manana Date: Thu Sep 19 22:20:34 2024 +0100 btrfs: send: fix buffer overflow detection when copying path to cache entry Starting with commit c0247d289e73 ("btrfs: send: annotate struct name_cache_entry with __counted_by()") we annotated the variable length array "name" from the name_cache_entry structure with __counted_by() to improve overflow detection. However that alone was not correct, because the length of that array does not match the "name_len" field - it matches that plus 1 to include the NUL string terminator, so that makes a fortified kernel think there's an overflow and report a splat like this: strcpy: detected buffer overflow: 20 byte write of buffer size 19 WARNING: CPU: 3 PID: 3310 at __fortify_report+0x45/0x50 CPU: 3 UID: 0 PID: 3310 Comm: btrfs Not tainted 6.11.0-prnet #1 Hardware name: CompuLab Ltd. sbc-ihsw/Intense-PC2 (IPC2), BIOS IPC2_3.330.7 X64 03/15/2018 RIP: 0010:__fortify_report+0x45/0x50 Code: 48 8b 34 (...) RSP: 0018:ffff97ebc0d6f650 EFLAGS: 00010246 RAX: 7749924ef60fa600 RBX: ffff8bf5446a521a RCX: 0000000000000027 RDX: 00000000ffffdfff RSI: ffff97ebc0d6f548 RDI: ffff8bf84e7a1cc8 RBP: ffff8bf548574080 R08: ffffffffa8c40e10 R09: 0000000000005ffd R10: 0000000000000004 R11: ffffffffa8c70e10 R12: ffff8bf551eef400 R13: 0000000000000000 R14: 0000000000000013 R15: 00000000000003a8 FS: 00007fae144de8c0(0000) GS:ffff8bf84e780000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fae14691690 CR3: 00000001027a2003 CR4: 00000000001706f0 Call Trace: ? __warn+0x12a/0x1d0 ? __fortify_report+0x45/0x50 ? report_bug+0x154/0x1c0 ? handle_bug+0x42/0x70 ? exc_invalid_op+0x1a/0x50 ? asm_exc_invalid_op+0x1a/0x20 ? __fortify_report+0x45/0x50 __fortify_panic+0x9/0x10 __get_cur_name_and_parent+0x3bc/0x3c0 get_cur_path+0x207/0x3b0 send_extent_data+0x709/0x10d0 ? find_parent_nodes+0x22df/0x25d0 ? mas_nomem+0x13/0x90 ? mtree_insert_range+0xa5/0x110 ? btrfs_lru_cache_store+0x5f/0x1e0 ? iterate_extent_inodes+0x52d/0x5a0 process_extent+0xa96/0x11a0 ? __pfx_lookup_backref_cache+0x10/0x10 ? __pfx_store_backref_cache+0x10/0x10 ? __pfx_iterate_backrefs+0x10/0x10 ? __pfx_check_extent_item+0x10/0x10 changed_cb+0x6fa/0x930 ? tree_advance+0x362/0x390 ? memcmp_extent_buffer+0xd7/0x160 send_subvol+0xf0a/0x1520 btrfs_ioctl_send+0x106b/0x11d0 ? __pfx___clone_root_cmp_sort+0x10/0x10 _btrfs_ioctl_send+0x1ac/0x240 btrfs_ioctl+0x75b/0x850 __se_sys_ioctl+0xca/0x150 do_syscall_64+0x85/0x160 ? __count_memcg_events+0x69/0x100 ? handle_mm_fault+0x1327/0x15c0 ? __se_sys_rt_sigprocmask+0xf1/0x180 ? syscall_exit_to_user_mode+0x75/0xa0 ? do_syscall_64+0x91/0x160 ? do_user_addr_fault+0x21d/0x630 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7fae145eeb4f Code: 00 48 89 (...) RSP: 002b:00007ffdf1cb09b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fae145eeb4f RDX: 00007ffdf1cb0ad0 RSI: 0000000040489426 RDI: 0000000000000004 RBP: 00000000000078fe R08: 00007fae144006c0 R09: 00007ffdf1cb0927 R10: 0000000000000008 R11: 0000000000000246 R12: 00007ffdf1cb1ce8 R13: 0000000000000003 R14: 000055c499fab2e0 R15: 0000000000000004 Fix this by not storing the NUL string terminator since we don't actually need it for name cache entries, this way "name_len" corresponds to the actual size of the "name" array. This requires marking the "name" array field with __nonstring and using memcpy() instead of strcpy() as recommended by the guidelines at: https://github.com/KSPP/linux/issues/90 Reported-by: David Arendt Link: https://lore.kernel.org/linux-btrfs/cee4591a-3088-49ba-99b8-d86b4242b8bd@prnet.org/ Fixes: c0247d289e73 ("btrfs: send: annotate struct name_cache_entry with __counted_by()") CC: stable@vger.kernel.org # 6.11 Tested-by: David Arendt Reviewed-by: Josef Bacik Reviewed-by: Qu Wenruo Signed-off-by: Filipe Manana Reviewed-by: David Sterba Signed-off-by: David Sterba commit f9e7ac6e2e9986c2ee63224992cb5c8276e46b2a Author: Boris Brezillon Date: Thu Sep 5 09:01:54 2024 +0200 drm/panthor: Don't add write fences to the shared BOs The only user (the mesa gallium driver) is already assuming explicit synchronization and doing the export/import dance on shared BOs. The only reason we were registering ourselves as writers on external BOs is because Xe, which was the reference back when we developed Panthor, was doing so. Turns out Xe was wrong, and we really want bookkeep on all registered fences, so userspace can explicitly upgrade those to read/write when needed. Fixes: 4bdca1150792 ("drm/panthor: Add the driver frontend block") Cc: Matthew Brost Cc: Simona Vetter Cc: Signed-off-by: Boris Brezillon Reviewed-by: Steven Price Reviewed-by: Liviu Dudau Link: https://patchwork.freedesktop.org/patch/msgid/20240905070155.3254011-1-boris.brezillon@collabora.com commit 7a1f30afe97294281a2ba05977688385744f9844 Author: Boris Brezillon Date: Thu Sep 5 09:19:14 2024 +0200 drm/panthor: Don't declare a queue blocked if deferred operations are pending If deferred operations are pending, we want to wait for those to land before declaring the queue blocked on a SYNC_WAIT. We need this to deal with the case where the sync object is signalled through a deferred SYNC_{ADD,SET} from the same queue. If we don't do that and the group gets scheduled out before the deferred SYNC_{SET,ADD} is executed, we'll end up with a timeout, because no external SYNC_{SET,ADD} will make the scheduler reconsider the group for execution. Fixes: de8548813824 ("drm/panthor: Add the scheduler logical block") Cc: Signed-off-by: Boris Brezillon Reviewed-by: Steven Price Reviewed-by: Liviu Dudau Link: https://patchwork.freedesktop.org/patch/msgid/20240905071914.3278599-1-boris.brezillon@collabora.com commit 282864cc5d3f144af0cdea1868ee2dc2c5110f0d Author: Boris Brezillon Date: Mon Sep 30 18:37:42 2024 +0200 drm/panthor: Fix access to uninitialized variable in tick_ctx_cleanup() The group variable can't be used to retrieve ptdev in our second loop, because it points to the previously iterated list_head, not a valid group. Get the ptdev object from the scheduler instead. Cc: Fixes: d72f049087d4 ("drm/panthor: Allow driver compilation") Reported-by: kernel test robot Reported-by: Julia Lawall Closes: https://lore.kernel.org/r/202409302306.UDikqa03-lkp@intel.com/ Signed-off-by: Boris Brezillon Reviewed-by: Liviu Dudau Link: https://patchwork.freedesktop.org/patch/msgid/20240930163742.87036-1-boris.brezillon@collabora.com commit fa998a9eac8809da4f219aad49836fcad2a9bf5c Author: Boris Brezillon Date: Fri Sep 13 13:27:22 2024 +0200 drm/panthor: Lock the VM resv before calling drm_gpuvm_bo_obtain_prealloc() drm_gpuvm_bo_obtain_prealloc() will call drm_gpuvm_bo_put() on our pre-allocated BO if the association exists. Given we only have one ref on preallocated_vm_bo, drm_gpuvm_bo_destroy() will be called immediately, and we have to hold the VM resv lock when calling this function. Fixes: 647810ec2476 ("drm/panthor: Add the MMU/VM logical block") Signed-off-by: Boris Brezillon Reviewed-by: Liviu Dudau Reviewed-by: Steven Price Link: https://patchwork.freedesktop.org/patch/msgid/20240913112722.492144-1-boris.brezillon@collabora.com commit 2b55639a4e25ff02ee496368b03456bd28ebdc0b Author: Liviu Dudau Date: Fri Sep 20 11:28:02 2024 +0100 drm/panthor: Add FOP_UNSIGNED_OFFSET to fop_flags Since commit 641bb4394f40 ("fs: move FMODE_UNSIGNED_OFFSET to fop_flags") the FMODE_UNSIGNED_OFFSET flag has been moved to fop_flags and renamed, but the patch failed to make the changes for the panthor driver. When user space opens the render node the WARN() added by the patch gets triggered. Fixes: 641bb4394f40 ("fs: move FMODE_UNSIGNED_OFFSET to fop_flags") Cc: Christian Brauner Signed-off-by: Liviu Dudau Reviewed-by: Boris Brezillon Reviewed-by: Steven Price Reviewed-by: Christian Brauner Tested-by: Heiko Stuebner Signed-off-by: Boris Brezillon Link: https://patchwork.freedesktop.org/patch/msgid/20240920102802.2483367-1-liviu.dudau@arm.com commit 3c5d61ae919cc377c71118ccc76fa6e8518023f8 Author: Uladzislau Rezki (Sony) Date: Mon Sep 30 13:37:10 2024 +0200 rcu/kvfree: Refactor kvfree_rcu_queue_batch() Improve readability of kvfree_rcu_queue_batch() function in away that, after a first batch queuing, the loop is break and success value is returned to a caller. There is no reason to loop and check batches further as all outstanding objects have already been picked and attached to a certain batch to complete an offloading. Fixes: 2b55d6a42d14 ("rcu/kvfree: Add kvfree_rcu_barrier() API") Suggested-by: Linus Torvalds Closes: https://lore.kernel.org/lkml/ZvWUt2oyXRsvJRNc@pc636/T/ Signed-off-by: Uladzislau Rezki (Sony) Signed-off-by: Vlastimil Babka commit 77ced98f0f03fdc196561d1afbe652899c318073 Author: Nilay Shroff Date: Tue Oct 1 19:32:35 2024 +0530 mm, slab: fix use of SLAB_SUPPORTS_SYSFS in kmem_cache_release() The fix implemented in commit 4ec10268ed98 ("mm, slab: unlink slabinfo, sysfs and debugfs immediately") caused a subtle side effect due to which while destroying the kmem cache, the code path would never get into sysfs_slab_release() function even though SLAB_SUPPORTS_SYSFS is defined and slab state is FULL. Due to this side effect, we would never release kobject defined for kmem cache and leak the associated memory. The issue here's with the use of __is_defined() macro in kmem_cache_ release(). The __is_defined() macro expands to __take_second_arg( arg1_or_junk 1, 0). If "arg1_or_junk" is defined to 1 then it expands to __take_second_arg(0, 1, 0) and returns 1. If "arg1_or_junk" is NOT defined to any value then it expands to __take_second_arg(... 1, 0) and returns 0. In this particular issue, SLAB_SUPPORTS_SYSFS is defined without any associated value and that causes __is_defined(SLAB_SUPPORTS_SYSFS) to always evaluate to 0 and hence it would never invoke sysfs_slab_release(). This patch helps fix this issue by defining SLAB_SUPPORTS_SYSFS to 1. Fixes: 4ec10268ed98 ("mm, slab: unlink slabinfo, sysfs and debugfs immediately") Reported-by: Yi Zhang Closes: https://lore.kernel.org/all/CAHj4cs9YCCcfmdxN43-9H3HnTYQsRtTYw1Kzq-L468GfLKAENA@mail.gmail.com/ Signed-off-by: Nilay Shroff Reviewed-by: Hyeonggon Yoo <42.hyeyoo@gmail.com> Tested-by: Yi Zhang Signed-off-by: Vlastimil Babka commit 2cd86f02c017bf9733e5cd891381b7d40f6f37ad Merge: abf201f6ce14c4 43102a2012c2e2 Author: Maarten Lankhorst Date: Tue Oct 1 18:09:41 2024 +0200 Merge remote-tracking branch 'drm/drm-fixes' into drm-misc-fixes Required for a panthor fix that broke when FOP_UNSIGNED_OFFSET was added in place of FMODE_UNSIGNED_OFFSET. Signed-off-by: Maarten Lankhorst commit a41b3828ec056a631ad22413d4560017fed5c3bd Author: Eduard Zingerman Date: Tue Sep 24 14:08:44 2024 -0700 selftests/bpf: Verify that sync_linked_regs preserves subreg_def This test was added because of a bug in verifier.c:sync_linked_regs(), upon range propagation it destroyed subreg_def marks for registers. The test is written in a way to return an upper half of a register that is affected by range propagation and must have it's subreg_def preserved. This gives a return value of 0 and leads to undefined return value if subreg_def mark is not preserved. Signed-off-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20240924210844.1758441-2-eddyz87@gmail.com commit e9bd9c498cb0f5843996dbe5cbce7a1836a83c70 Author: Eduard Zingerman Date: Tue Sep 24 14:08:43 2024 -0700 bpf: sync_linked_regs() must preserve subreg_def Range propagation must not affect subreg_def marks, otherwise the following example is rewritten by verifier incorrectly when BPF_F_TEST_RND_HI32 flag is set: 0: call bpf_ktime_get_ns call bpf_ktime_get_ns 1: r0 &= 0x7fffffff after verifier r0 &= 0x7fffffff 2: w1 = w0 rewrites w1 = w0 3: if w0 < 10 goto +0 --------------> r11 = 0x2f5674a6 (r) 4: r1 >>= 32 r11 <<= 32 (r) 5: r0 = r1 r1 |= r11 (r) 6: exit; if w0 < 0xa goto pc+0 r1 >>= 32 r0 = r1 exit (or zero extension of w1 at (2) is missing for architectures that require zero extension for upper register half). The following happens w/o this patch: - r0 is marked as not a subreg at (0); - w1 is marked as subreg at (2); - w1 subreg_def is overridden at (3) by copy_register_state(); - w1 is read at (5) but mark_insn_zext() does not mark (2) for zero extension, because w1 subreg_def is not set; - because of BPF_F_TEST_RND_HI32 flag verifier inserts random value for hi32 bits of (2) (marked (r)); - this random value is read at (5). Fixes: 75748837b7e5 ("bpf: Propagate scalar ranges through register assignments.") Reported-by: Lonial Con Signed-off-by: Lonial Con Signed-off-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Daniel Borkmann Closes: https://lore.kernel.org/bpf/7e2aa30a62d740db182c170fdd8f81c596df280d.camel@gmail.com Link: https://lore.kernel.org/bpf/20240924210844.1758441-1-eddyz87@gmail.com commit 76f972c2cfdf4beba8221c94b983e10a0de797c5 Author: Mark Brown Date: Mon Sep 30 19:10:33 2024 +0100 KVM: selftests: Fix build on architectures other than x86_64 The recent addition of support for testing with the x86 specific quirk KVM_X86_QUIRK_SLOT_ZAP_ALL disabled in the generic memslot tests broke the build of the KVM selftests for all other architectures: In file included from include/kvm_util.h:8, from include/memstress.h:13, from memslot_modification_stress_test.c:21: memslot_modification_stress_test.c: In function ‘main’: memslot_modification_stress_test.c:176:38: error: ‘KVM_X86_QUIRK_SLOT_ZAP_ALL’ undeclared (first use in this function) 176 | KVM_X86_QUIRK_SLOT_ZAP_ALL); | ^~~~~~~~~~~~~~~~~~~~~~~~~~ Add __x86_64__ guard defines to avoid building the relevant code on other architectures. Fixes: 61de4c34b51c ("KVM: selftests: Test memslot move in memslot_perf_test with quirk disabled") Fixes: 218f6415004a ("KVM: selftests: Allow slot modification stress test with quirk disabled") Reported-by: Aishwarya TCV Signed-off-by: Mark Brown Message-ID: <20240930-kvm-build-breakage-v1-1-866fad3cc164@kernel.org> Signed-off-by: Paolo Bonzini commit 59d39b9259e4d15b6e4c6da758ab318a76a10ca4 Author: Christian Brauner Date: Tue Oct 1 17:04:32 2024 +0200 Documentation: add missing folio_queue entry Add missing folio_queue entry. Reported-by: Stephen Rothwell Link: https://lore.kernel.org/r/20241001133920.6e28637b@canb.auug.org.au Signed-off-by: Christian Brauner commit f5c82730bedbc4a424cb94d2653bcb8be9dbd2ec Author: Christian Brauner Date: Tue Oct 1 17:01:40 2024 +0200 folio_queue: fix documentation s/folioq_count/folioq_full/ Reported-by: Stephen Rothwell Link: https://lore.kernel.org/r/20241001134729.3f65ae78@canb.auug.org.au Signed-off-by: Christian Brauner commit c684771630e64bc39bddffeb65dd8a6612a6b249 Author: Nuno Sa Date: Tue Oct 1 07:47:23 2024 -0700 Input: adp5589-keys - fix adp5589_gpio_get_value() The adp5589 seems to have the same behavior as similar devices as explained in commit 910a9f5636f5 ("Input: adp5588-keys - get value from data out when dir is out"). Basically, when the gpio is set as output we need to get the value from ADP5589_GPO_DATA_OUT_A register instead of ADP5589_GPI_STATUS_A. Fixes: 9d2e173644bb ("Input: ADP5589 - new driver for I2C Keypad Decoder and I/O Expander") Signed-off-by: Nuno Sa Link: https://lore.kernel.org/r/20241001-b4-dev-adp5589-fw-conversion-v1-2-fca0149dfc47@analog.com Cc: stable@vger.kernel.org Signed-off-by: Dmitry Torokhov commit fb5cc65f973661241e4a2b7390b429aa7b330c69 Author: Nuno Sa Date: Tue Oct 1 07:46:44 2024 -0700 Input: adp5589-keys - fix NULL pointer dereference We register a devm action to call adp5589_clear_config() and then pass the i2c client as argument so that we can call i2c_get_clientdata() in order to get our device object. However, i2c_set_clientdata() is only being set at the end of the probe function which means that we'll get a NULL pointer dereference in case the probe function fails early. Fixes: 30df385e35a4 ("Input: adp5589-keys - use devm_add_action_or_reset() for register clear") Signed-off-by: Nuno Sa Link: https://lore.kernel.org/r/20241001-b4-dev-adp5589-fw-conversion-v1-1-fca0149dfc47@analog.com Cc: stable@vger.kernel.org Signed-off-by: Dmitry Torokhov commit 160c826b4dd0d570f0f51cf002cb49bda807e9f5 Author: Yun Lu Date: Sun Sep 29 16:55:49 2024 +0800 selftest: hid: add missing run-hid-tools-tests.sh HID test cases run tests using the run-hid-tools-tests.sh script. When installed with "make install", the run-hid-tools-tests.sh script will not be copied over, resulting in the following error message. make -C tools/testing/selftests/ TARGETS=hid install \ INSTALL_PATH=$KSFT_INSTALL_PATH cd $KSFT_INSTALL_PATH ./run_kselftest.sh -c hid selftests: hid: hid-core.sh bash: ./run-hid-tools-tests.sh: No such file or directory Add the run-hid-tools-tests.sh script to the TEST_FILES in the Makefile for it to be installed. Fixes: ffb85d5c9e80 ("selftests: hid: import hid-tools hid-core tests") Signed-off-by: Yun Lu Acked-by: Benjamin Tissoires Signed-off-by: Shuah Khan commit 048bbbdbf85e5e00258dfb12f5e368f908801d7b Author: Marek Vasut Date: Mon Sep 30 21:27:41 2024 +0200 i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume In case there is any sort of clock controller attached to this I2C bus controller, for example Versaclock or even an AIC32x4 I2C codec, then an I2C transfer triggered from the clock controller clk_ops .prepare callback may trigger a deadlock on drivers/clk/clk.c prepare_lock mutex. This is because the clock controller first grabs the prepare_lock mutex and then performs the prepare operation, including its I2C access. The I2C access resumes this I2C bus controller via .runtime_resume callback, which calls clk_prepare_enable(), which attempts to grab the prepare_lock mutex again and deadlocks. Since the clock are already prepared since probe() and unprepared in remove(), use simple clk_enable()/clk_disable() calls to enable and disable the clock on runtime suspend and resume, to avoid hitting the prepare_lock mutex. Acked-by: Alain Volmat Signed-off-by: Marek Vasut Fixes: 4e7bca6fc07b ("i2c: i2c-stm32f7: add PM Runtime support") Cc: # v5.0+ Signed-off-by: Andi Shyti commit a18c835779e1a2ecf8e83c18f5af6a3b05699aaa Author: Jason A. Donenfeld Date: Sun Sep 29 04:55:49 2024 +0200 selftests: vDSO: align getrandom states to cache line This prevents false sharing, which makes a large difference on machines with several NUMA nodes, such as on a dual socket Intel(R) Xeon(R) Gold 6338 CPU @ 2.00GHz, where the "bench-multi" test goes from 2.7s down to 1.9s. While this is just test code, it also forms the basis of how folks will wind up implementing this in libraries, so we should implement this simple cache alignment improvement here. Suggested-by: Florian Weimer Cc: Adhemerval Zanella Signed-off-by: Jason A. Donenfeld Signed-off-by: Shuah Khan commit 64a1d716615ee234a743b2528e95d8c3a9bef95f Author: Marc Zyngier Date: Fri Sep 27 11:49:56 2024 +0100 KVM: arm64: Another reviewer reshuffle It has been a while since James had any significant bandwidth to review KVM/arm64 patches. But in the meantime, Joey has stepped up and did a really good job reviewing some terrifying patch series. Having talked with the interested parties, it appears that James is unlikely to have time for KVM in the near future, and that Joey is willing to take more responsibilities. So let's appoint Joey as an official reviewer, and give James some breathing space, as well as my personal thanks. I'm sure he will be back one way or another! Cc: Suzuki K Poulose Cc: Zenghui Yu Cc: Will Deacon Cc: Catalin Marinas Acked-by: Oliver Upton Acked-by: Joey Gouly Acked-by: Zenghui Yu Link: https://lore.kernel.org/r/20240927104956.1223658-1-maz@kernel.org Signed-off-by: Marc Zyngier commit a9f41588a902f386b48f021f56a4c14735cd9371 Author: Mark Brown Date: Thu Sep 12 12:39:35 2024 +0100 KVM: arm64: Constrain the host to the maximum shared SVE VL with pKVM When pKVM saves and restores the host floating point state on a SVE system, it programs the vector length in ZCR_EL2.LEN to be whatever the maximum VL for the PE is. But it uses a buffer allocated with kvm_host_sve_max_vl, the maximum VL shared by all PEs in the system. This means that if we run on a system where the maximum VLs are not consistent, we will overflow the buffer on PEs which support larger VLs. Since the host will not currently attempt to make use of non-shared VLs, fix this by explicitly setting the EL2 VL to be the maximum shared VL when we save and restore. This will enforce the limit on host VL usage. Should we wish to support asymmetric VLs, this code will need to be updated along with the required changes for the host: https://lore.kernel.org/r/20240730-kvm-arm64-fix-pkvm-sve-vl-v6-0-cae8a2e0bd66@kernel.org Fixes: b5b9955617bc ("KVM: arm64: Eagerly restore host fpsimd/sve state in pKVM") Signed-off-by: Mark Brown Tested-by: Fuad Tabba Reviewed-by: Fuad Tabba Link: https://lore.kernel.org/r/20240912-kvm-arm64-limit-guest-vl-v2-1-dd2c29cb2ac9@kernel.org [maz: added punctuation to the commit message] Signed-off-by: Marc Zyngier commit 78fee4198bb4d29cf82c457086d07e009955a682 Author: Vincent Donnefort Date: Thu Sep 19 12:05:00 2024 +0100 KVM: arm64: Fix __pkvm_init_vcpu cptr_el2 error path On an error, hyp_vcpu will be accessed while this memory has already been relinquished to the host and unmapped from the hypervisor. Protect the CPTR assignment with an early return. Fixes: b5b9955617bc ("KVM: arm64: Eagerly restore host fpsimd/sve state in pKVM") Reviewed-by: Oliver Upton Signed-off-by: Vincent Donnefort Link: https://lore.kernel.org/r/20240919110500.2345927-1-vdonnefort@google.com Signed-off-by: Marc Zyngier commit f6023535b52f5a066fa52fcfd0dc51c7f7894ce6 Author: Chang Yu Date: Mon Sep 30 23:31:52 2024 -0700 netfs: Fix a KMSAN uninit-value error in netfs_clear_buffer Use folioq_count instead of folioq_nr_slots to fix a KMSAN uninit-value error in netfs_clear_buffer Signed-off-by: Chang Yu Link: https://lore.kernel.org/r/ZvuXWC2bYpvQsWgS@gmail.com Fixes: cd0277ed0c18 ("netfs: Use new folio_queue data type and iterator instead of xarray iter") Acked-by: David Howells Reported-by: syzbot+921873345a95f4dae7e9@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=921873345a95f4dae7e9 Signed-off-by: Christian Brauner commit a04dae6fa4fc56c6a29cd40e133ef6a77f2c7e4e Author: Dan Carpenter Date: Mon Sep 30 10:19:58 2024 +0300 ALSA: silence integer wrapping warning This patch doesn't change runtime at all, it's just for kernel hardening. The "count" here comes from the user and on 32bit systems, it leads to integer wrapping when we pass it to compute_user_elem_size(): alloc_size = compute_user_elem_size(private_size, count); However, the integer over is harmless because later "count" is checked when we pass it to snd_ctl_new(): err = snd_ctl_new(&kctl, count, access, file); These days as part of kernel hardening we're trying to avoid integer overflows when they affect size_t type. So to avoid the integer overflow copy the check from snd_ctl_new() and do it at the start of the snd_ctl_elem_add() function as well. Signed-off-by: Dan Carpenter Reviewed-by: Jaroslav Kysela Link: https://patch.msgid.link/5457e8c1-01ff-4dd9-b49c-15b817f65ee7@stanley.mountain Signed-off-by: Takashi Iwai commit b0f0e3f0552a566def55c844b0d44250c58e4df6 Author: Ma Ke Date: Fri Sep 6 18:03:26 2024 +0800 pinctrl: stm32: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code review. Cc: stable@vger.kernel.org Fixes: 32c170ff15b0 ("pinctrl: stm32: set default gpio line names using pin names") Signed-off-by: Ma Ke Link: https://lore.kernel.org/20240906100326.624445-1-make24@iscas.ac.cn Signed-off-by: Linus Walleij commit 665a58fe663ac7a9ea618dc0b29881649324b116 Author: Ma Ke Date: Thu Sep 5 10:09:17 2024 +0800 pinctrl: apple: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code review. Cc: stable@vger.kernel.org Fixes: a0f160ffcb83 ("pinctrl: add pinctrl/GPIO driver for Apple SoCs") Signed-off-by: Ma Ke Reviewed-by: Christophe JAILLET Link: https://lore.kernel.org/20240905020917.356534-1-make24@iscas.ac.cn Signed-off-by: Linus Walleij commit b3d6121eaeb22aee8a02f46706745b1968cc0292 Author: Mark Rutland Date: Mon Sep 30 13:04:48 2024 +0100 arm64: fix selection of HAVE_DYNAMIC_FTRACE_WITH_ARGS The Kconfig logic to select HAVE_DYNAMIC_FTRACE_WITH_ARGS is incorrect, and HAVE_DYNAMIC_FTRACE_WITH_ARGS may be selected when it is not supported by the combination of clang and GNU LD, resulting in link-time errors: aarch64-linux-gnu-ld: .init.data has both ordered [`__patchable_function_entries' in init/main.o] and unordered [`.meminit.data' in mm/sparse.o] sections aarch64-linux-gnu-ld: final link failed: bad value ... which can be seen when building with CC=clang using a binutils version older than 2.36. We originally fixed that in commit: 45bd8951806eb5e8 ("arm64: Improve HAVE_DYNAMIC_FTRACE_WITH_REGS selection for clang") ... by splitting the "select HAVE_DYNAMIC_FTRACE_WITH_ARGS" statement into separete CLANG_SUPPORTS_DYNAMIC_FTRACE_WITH_ARGS and GCC_SUPPORTS_DYNAMIC_FTRACE_WITH_ARGS options which individually select HAVE_DYNAMIC_FTRACE_WITH_ARGS. Subsequently we accidentally re-introduced the common "select HAVE_DYNAMIC_FTRACE_WITH_ARGS" statement in commit: 26299b3f6ba26bfc ("ftrace: arm64: move from REGS to ARGS") ... then we removed it again in commit: 68a63a412d18bd2e ("arm64: Fix build with CC=clang, CONFIG_FTRACE=y and CONFIG_STACK_TRACER=y") ... then we accidentally re-introduced it again in commit: 2aa6ac03516d078c ("arm64: ftrace: Add direct call support") Fix this for the third time by keeping the unified select statement and making this depend onf either GCC_SUPPORTS_DYNAMIC_FTRACE_WITH_ARGS or CLANG_SUPPORTS_DYNAMIC_FTRACE_WITH_ARGS. This is more consistent with usual style and less likely to go wrong in future. Fixes: 2aa6ac03516d ("arm64: ftrace: Add direct call support") Cc: # 6.4.x Signed-off-by: Mark Rutland Cc: Will Deacon Link: https://lore.kernel.org/r/20240930120448.3352564-1-mark.rutland@arm.com Signed-off-by: Catalin Marinas commit 081eb7932c2b244f63317a982c5e3990e2c7fbdd Author: Mark Rutland Date: Mon Sep 30 12:17:05 2024 +0100 arm64: errata: Expand speculative SSBS workaround once more A number of Arm Ltd CPUs suffer from errata whereby an MSR to the SSBS special-purpose register does not affect subsequent speculative instructions, permitting speculative store bypassing for a window of time. We worked around this for a number of CPUs in commits: * 7187bb7d0b5c7dfa ("arm64: errata: Add workaround for Arm errata 3194386 and 3312417") * 75b3c43eab594bfb ("arm64: errata: Expand speculative SSBS workaround") * 145502cac7ea70b5 ("arm64: errata: Expand speculative SSBS workaround (again)") Since then, a (hopefully final) batch of updates have been published, with two more affected CPUs. For the affected CPUs the existing mitigation is sufficient, as described in their respective Software Developer Errata Notice (SDEN) documents: * Cortex-A715 (MP148) SDEN v15.0, erratum 3456084 https://developer.arm.com/documentation/SDEN-2148827/1500/ * Neoverse-N3 (MP195) SDEN v5.0, erratum 3456111 https://developer.arm.com/documentation/SDEN-3050973/0500/ Enable the existing mitigation by adding the relevant MIDRs to erratum_spec_ssbs_list, and update silicon-errata.rst and the Kconfig text accordingly. Signed-off-by: Mark Rutland Cc: James Morse Cc: Will Deacon Link: https://lore.kernel.org/r/20240930111705.3352047-3-mark.rutland@arm.com Signed-off-by: Catalin Marinas commit 924725707d80bc2588cefafef76ff3f164d299bc Author: Mark Rutland Date: Mon Sep 30 12:17:04 2024 +0100 arm64: cputype: Add Neoverse-N3 definitions Add cputype definitions for Neoverse-N3. These will be used for errata detection in subsequent patches. These values can be found in Table A-261 ("MIDR_EL1 bit descriptions") in issue 02 of the Neoverse-N3 TRM, which can be found at: https://developer.arm.com/documentation/107997/0000/?lang=en Signed-off-by: Mark Rutland Cc: James Morse Cc: Will Deacon Link: https://lore.kernel.org/r/20240930111705.3352047-2-mark.rutland@arm.com Signed-off-by: Catalin Marinas commit 9abe390e689f4f5c23c5f507754f8678431b4f72 Author: Mark Rutland Date: Fri Sep 27 11:18:38 2024 +0100 arm64: Force position-independent veneers Certain portions of code always need to be position-independent regardless of CONFIG_RELOCATABLE, including code which is executed in an idmap or which is executed before relocations are applied. In some kernel configurations the LLD linker generates position-dependent veneers for such code, and when executed these result in early boot-time failures. Marc Zyngier encountered a boot failure resulting from this when building a (particularly cursed) configuration with LLVM, as he reported to the list: https://lore.kernel.org/linux-arm-kernel/86wmjwvatn.wl-maz@kernel.org/ In Marc's kernel configuration, the .head.text and .rodata.text sections end up more than 128MiB apart, requiring a veneer to branch between the two: | [mark@lakrids:~/src/linux]% usekorg 14.1.0 aarch64-linux-objdump -t vmlinux | grep -w _text | ffff800080000000 g .head.text 0000000000000000 _text | [mark@lakrids:~/src/linux]% usekorg 14.1.0 aarch64-linux-objdump -t vmlinux | grep -w primary_entry | ffff8000889df0e0 g .rodata.text 000000000000006c primary_entry, ... consequently, LLD inserts a position-dependent veneer for the branch from _stext (in .head.text) to primary_entry (in .rodata.text): | ffff800080000000 <_text>: | ffff800080000000: fa405a4d ccmp x18, #0x0, #0xd, pl // pl = nfrst | ffff800080000004: 14003fff b ffff800080010000 <__AArch64AbsLongThunk_primary_entry> ... | ffff800080010000 <__AArch64AbsLongThunk_primary_entry>: | ffff800080010000: 58000050 ldr x16, ffff800080010008 <__AArch64AbsLongThunk_primary_entry+0x8> | ffff800080010004: d61f0200 br x16 | ffff800080010008: 889df0e0 .word 0x889df0e0 | ffff80008001000c: ffff8000 .word 0xffff8000 ... and as this is executed early in boot before the kernel is mapped in TTBR1 this results in a silent boot failure. Fix this by passing '--pic-veneer' to the linker, which will cause the linker to use position-independent veneers, e.g. | ffff800080000000 <_text>: | ffff800080000000: fa405a4d ccmp x18, #0x0, #0xd, pl // pl = nfrst | ffff800080000004: 14003fff b ffff800080010000 <__AArch64ADRPThunk_primary_entry> ... | ffff800080010000 <__AArch64ADRPThunk_primary_entry>: | ffff800080010000: f004e3f0 adrp x16, ffff800089c8f000 <__idmap_text_start> | ffff800080010004: 91038210 add x16, x16, #0xe0 | ffff800080010008: d61f0200 br x16 I've opted to pass '--pic-veneer' unconditionally, as: * In addition to solving the boot failure, these sequences are generally nicer as they require fewer instructions and don't need to perform data accesses. * While the position-independent veneer sequences have a limited +/-2GiB range, this is not a new restriction. Even kernels built with CONFIG_RELOCATABLE=n are limited to 2GiB in size as we have several structues using 32-bit relative offsets and PPREL32 relocations, which are similarly limited to +/-2GiB in range. These include extable entries, jump table entries, and alt_instr entries. * GNU LD defaults to using position-independent veneers, and supports the same '--pic-veneer' option, so this change is not expected to adversely affect GNU LD. I've tested with GNU LD 2.30 to 2.42 inclusive and LLVM 13.0.1 to 19.1.0 inclusive, using the kernel.org binaries from: * https://mirrors.edge.kernel.org/pub/tools/crosstool/ * https://mirrors.edge.kernel.org/pub/tools/llvm/ Signed-off-by: Mark Rutland Reported-by: Marc Zyngier Cc: Ard Biesheuvel Cc: Nathan Chancellor Cc: Nick Desaulniers Cc: Will Deacon Acked-by: Ard Biesheuvel Reviewed-by: Nathan Chancellor Link: https://lore.kernel.org/r/20240927101838.3061054-1-mark.rutland@arm.com Signed-off-by: Catalin Marinas commit 162d9b5d2308c7e48efbc97d36babbf4d73b2c61 Author: Alexander Dahl Date: Thu Sep 26 11:03:56 2024 +0200 spi: atmel-quadspi: Fix wrong register value written to MR aq->mr should go to MR, nothing else. Fixes: 329ca3eed4a9 ("spi: atmel-quadspi: Avoid overwriting delay register settings") Signed-off-by: Alexander Dahl Link: https://lore.kernel.org/linux-spi/20240926-macarena-wincing-7c4995487a29@thorsis.com/T/#u Link: https://patch.msgid.link/20240926090356.105789-1-ada@thorsis.com Signed-off-by: Mark Brown commit cccb586f513cd999b9dade82e5a25b711d90a76f Author: Charles Keepax Date: Tue Oct 1 14:17:38 2024 +0800 ASoC: Intel: soc-acpi: arl: Fix some missing empty terminators Fixes: c0524067653d ("ASoC: Intel: soc-acpi: arl: Add match entries for new cs42l43 laptops") Signed-off-by: Charles Keepax Signed-off-by: Bard Liao Link: https://patch.msgid.link/20241001061738.34854-3-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 5afc29ba44fdd1bcbad4e07246c395d946301580 Author: Bard Liao Date: Tue Oct 1 14:17:37 2024 +0800 ASoC: Intel: soc-acpi-intel-rpl-match: add missing empty item There is no links_num in struct snd_soc_acpi_mach {}, and we test !link->num_adr as a condition to end the loop in hda_sdw_machine_select(). So an empty item in struct snd_soc_acpi_link_adr array is required. Fixes: 65ab45b90656 ("ASoC: Intel: soc-acpi: Add match entries for some cs42l43 laptops") Signed-off-by: Bard Liao Reviewed-by: Péter Ujfalusi Reviewed-by: Charles Keepax Link: https://patch.msgid.link/20241001061738.34854-2-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit c4a14f6d9d17ad1e41a36182dd3b8a5fd91efbd7 Author: Anton Danilov Date: Wed Sep 25 02:51:59 2024 +0300 ipv4: ip_gre: Fix drops of small packets in ipgre_xmit Regression Description: Depending on the options specified for the GRE tunnel device, small packets may be dropped. This occurs because the pskb_network_may_pull function fails due to the packet's insufficient length. For example, if only the okey option is specified for the tunnel device, original (before encapsulation) packets smaller than 28 bytes (including the IPv4 header) will be dropped. This happens because the required length is calculated relative to the network header, not the skb->head. Here is how the required length is computed and checked: * The pull_len variable is set to 28 bytes, consisting of: * IPv4 header: 20 bytes * GRE header with Key field: 8 bytes * The pskb_network_may_pull function adds the network offset, shifting the checkable space further to the beginning of the network header and extending it to the beginning of the packet. As a result, the end of the checkable space occurs beyond the actual end of the packet. Instead of ensuring that 28 bytes are present in skb->head, the function is requesting these 28 bytes starting from the network header. For small packets, this requested length exceeds the actual packet size, causing the check to fail and the packets to be dropped. This issue affects both locally originated and forwarded packets in DMVPN-like setups. How to reproduce (for local originated packets): ip link add dev gre1 type gre ikey 1.9.8.4 okey 1.9.8.4 \ local remote 0.0.0.0 ip link set mtu 1400 dev gre1 ip link set up dev gre1 ip address add 192.168.13.1/24 dev gre1 ip neighbor add 192.168.13.2 lladdr dev gre1 ping -s 1374 -c 10 192.168.13.2 tcpdump -vni gre1 tcpdump -vni 'ip proto 47' ip -s -s -d link show dev gre1 Solution: Use the pskb_may_pull function instead the pskb_network_may_pull. Fixes: 80d875cfc9d3 ("ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit()") Signed-off-by: Anton Danilov Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240924235158.106062-1-littlesmilingcloud@gmail.com Signed-off-by: Paolo Abeni commit a3f9a74d210bf5b80046a840d3e9949b5fe0a67c Author: Dmitry Torokhov Date: Tue Oct 1 03:54:05 2024 -0700 Revert "Input: Add driver for PixArt PS/2 touchpad" This reverts commit 740ff03d7238214a318cdcfd96dec51832b053d2 because current PixArt detection is too greedy and claims devices that are not PixArt. Reported-by: Benjamin Tissoires Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2314756 Signed-off-by: Dmitry Torokhov commit 4c1b56671b68ffcbe6b78308bfdda6bcce6491ae Author: Shenwei Wang Date: Tue Sep 24 15:54:24 2024 -0500 net: stmmac: dwmac4: extend timeout for VLAN Tag register busy bit check Increase the timeout for checking the busy bit of the VLAN Tag register from 10µs to 500ms. This change is necessary to accommodate scenarios where Energy Efficient Ethernet (EEE) is enabled. Overnight testing revealed that when EEE is active, the busy bit can remain set for up to approximately 300ms. The new 500ms timeout provides a safety margin. Fixes: ed64639bc1e0 ("net: stmmac: Add support for VLAN Rx filtering") Reviewed-by: Andrew Lunn Signed-off-by: Shenwei Wang Link: https://patch.msgid.link/20240924205424.573913-1-shenwei.wang@nxp.com Signed-off-by: Paolo Abeni commit 0d24852bd71ec85ca0016b6d6fc997e6a3381552 Author: Omar Sandoval Date: Mon Sep 30 11:55:00 2024 -0700 iov_iter: fix advancing slot in iter_folioq_get_pages() iter_folioq_get_pages() decides to advance to the next folioq slot when it has reached the end of the current folio. However, it is checking offset, which is the beginning of the current part, instead of iov_offset, which is adjusted to the end of the current part, so it doesn't advance the slot when it's supposed to. As a result, on the next iteration, we'll use the same folio with an out-of-bounds offset and return an unrelated page. This manifested as various crashes and other failures in 9pfs in drgn's VM testing setup and BPF CI. Fixes: db0aa2e9566f ("mm: Define struct folio_queue and ITER_FOLIOQ to handle a sequence of folios") Link: https://lore.kernel.org/linux-fsdevel/20240923183432.1876750-1-chantr4@gmail.com/ Tested-by: Manu Bretelle Signed-off-by: Omar Sandoval Link: https://lore.kernel.org/r/cbaf141ba6c0e2e209717d02746584072844841a.1727722269.git.osandov@fb.com Tested-by: Eduard Zingerman Tested-by: Leon Romanovsky Tested-by: Joey Gouly Acked-by: David Howells Signed-off-by: Christian Brauner commit c625154993d0d24a962b1830cd5ed92adda2cf86 Author: Pu Lehui Date: Sat Aug 31 07:15:20 2024 +0000 drivers/perf: riscv: Align errno for unsupported perf event RISC-V perf driver does not yet support PERF_TYPE_BREAKPOINT. It would be more appropriate to return -EOPNOTSUPP or -ENOENT for this type in pmu_sbi_event_map. Considering that other implementations return -ENOENT for unsupported perf types, let's synchronize this behavior. Due to this reason, a riscv bpf testcases perf_skip fail. Meanwhile, align that behavior to the rest of proper place. Signed-off-by: Pu Lehui Reviewed-by: Atish Patra Fixes: 9b3e150e310e ("RISC-V: Add a simple platform driver for RISC-V legacy perf") Fixes: 16d3b1af0944 ("perf: RISC-V: Check standard event availability") Fixes: e9991434596f ("RISC-V: Add perf platform driver based on SBI PMU extension") Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240831071520.1630360-1-pulehui@huaweicloud.com Signed-off-by: Palmer Dabbelt commit 23e19f2473c8762438baa1bcf3f71ee16dfcd535 Merge: e9d591b16c0ed8 ab9a9a9e964739 Author: Paolo Abeni Date: Tue Oct 1 11:47:08 2024 +0200 Merge branch 'net-two-fixes-for-qdisc_pkt_len_init' Eric Dumazet says: ==================== net: two fixes for qdisc_pkt_len_init() Inspired by one syzbot report. At least one qdisc (fq_codel) depends on qdisc_skb_cb(skb)->pkt_len having a sane value (not zero) With the help of af_packet, syzbot was able to fool qdisc_pkt_len_init() to precisely set qdisc_skb_cb(skb)->pkt_len to zero. First patch fixes this issue. Second one (a separate one to help future bisections) adds more sanity check to SKB_GSO_DODGY users. ==================== Link: https://patch.msgid.link/20240924150257.1059524-1-edumazet@google.com Signed-off-by: Paolo Abeni commit ab9a9a9e9647392a19e7a885b08000e89c86b535 Author: Eric Dumazet Date: Tue Sep 24 15:02:57 2024 +0000 net: add more sanity checks to qdisc_pkt_len_init() One path takes care of SKB_GSO_DODGY, assuming skb->len is bigger than hdr_len. virtio_net_hdr_to_skb() does not fully dissect TCP headers, it only make sure it is at least 20 bytes. It is possible for an user to provide a malicious 'GSO' packet, total length of 80 bytes. - 20 bytes of IPv4 header - 60 bytes TCP header - a small gso_size like 8 virtio_net_hdr_to_skb() would declare this packet as a normal GSO packet, because it would see 40 bytes of payload, bigger than gso_size. We need to make detect this case to not underflow qdisc_skb_cb(skb)->pkt_len. Fixes: 1def9238d4aa ("net_sched: more precise pkt_len computation") Signed-off-by: Eric Dumazet Reviewed-by: Willem de Bruijn Reviewed-by: David Ahern Signed-off-by: Paolo Abeni commit c20029db28399ecc50e556964eaba75c43b1e2f1 Author: Eric Dumazet Date: Tue Sep 24 15:02:56 2024 +0000 net: avoid potential underflow in qdisc_pkt_len_init() with UFO After commit 7c6d2ecbda83 ("net: be more gentle about silly gso requests coming from user") virtio_net_hdr_to_skb() had sanity check to detect malicious attempts from user space to cook a bad GSO packet. Then commit cf9acc90c80ec ("net: virtio_net_hdr_to_skb: count transport header in UFO") while fixing one issue, allowed user space to cook a GSO packet with the following characteristic : IPv4 SKB_GSO_UDP, gso_size=3, skb->len = 28. When this packet arrives in qdisc_pkt_len_init(), we end up with hdr_len = 28 (IPv4 header + UDP header), matching skb->len Then the following sets gso_segs to 0 : gso_segs = DIV_ROUND_UP(skb->len - hdr_len, shinfo->gso_size); Then later we set qdisc_skb_cb(skb)->pkt_len to back to zero :/ qdisc_skb_cb(skb)->pkt_len += (gso_segs - 1) * hdr_len; This leads to the following crash in fq_codel [1] qdisc_pkt_len_init() is best effort, we only want an estimation of the bytes sent on the wire, not crashing the kernel. This patch is fixing this particular issue, a following one adds more sanity checks for another potential bug. [1] [ 70.724101] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 70.724561] #PF: supervisor read access in kernel mode [ 70.724561] #PF: error_code(0x0000) - not-present page [ 70.724561] PGD 10ac61067 P4D 10ac61067 PUD 107ee2067 PMD 0 [ 70.724561] Oops: Oops: 0000 [#1] SMP NOPTI [ 70.724561] CPU: 11 UID: 0 PID: 2163 Comm: b358537762 Not tainted 6.11.0-virtme #991 [ 70.724561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 70.724561] RIP: 0010:fq_codel_enqueue (net/sched/sch_fq_codel.c:120 net/sched/sch_fq_codel.c:168 net/sched/sch_fq_codel.c:230) sch_fq_codel [ 70.724561] Code: 24 08 49 c1 e1 06 44 89 7c 24 18 45 31 ed 45 31 c0 31 ff 89 44 24 14 4c 03 8b 90 01 00 00 eb 04 39 ca 73 37 4d 8b 39 83 c7 01 <49> 8b 17 49 89 11 41 8b 57 28 45 8b 5f 34 49 c7 07 00 00 00 00 49 All code ======== 0: 24 08 and $0x8,%al 2: 49 c1 e1 06 shl $0x6,%r9 6: 44 89 7c 24 18 mov %r15d,0x18(%rsp) b: 45 31 ed xor %r13d,%r13d e: 45 31 c0 xor %r8d,%r8d 11: 31 ff xor %edi,%edi 13: 89 44 24 14 mov %eax,0x14(%rsp) 17: 4c 03 8b 90 01 00 00 add 0x190(%rbx),%r9 1e: eb 04 jmp 0x24 20: 39 ca cmp %ecx,%edx 22: 73 37 jae 0x5b 24: 4d 8b 39 mov (%r9),%r15 27: 83 c7 01 add $0x1,%edi 2a:* 49 8b 17 mov (%r15),%rdx <-- trapping instruction 2d: 49 89 11 mov %rdx,(%r9) 30: 41 8b 57 28 mov 0x28(%r15),%edx 34: 45 8b 5f 34 mov 0x34(%r15),%r11d 38: 49 c7 07 00 00 00 00 movq $0x0,(%r15) 3f: 49 rex.WB Code starting with the faulting instruction =========================================== 0: 49 8b 17 mov (%r15),%rdx 3: 49 89 11 mov %rdx,(%r9) 6: 41 8b 57 28 mov 0x28(%r15),%edx a: 45 8b 5f 34 mov 0x34(%r15),%r11d e: 49 c7 07 00 00 00 00 movq $0x0,(%r15) 15: 49 rex.WB [ 70.724561] RSP: 0018:ffff95ae85e6fb90 EFLAGS: 00000202 [ 70.724561] RAX: 0000000002000000 RBX: ffff95ae841de000 RCX: 0000000000000000 [ 70.724561] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 70.724561] RBP: ffff95ae85e6fbf8 R08: 0000000000000000 R09: ffff95b710a30000 [ 70.724561] R10: 0000000000000000 R11: bdf289445ce31881 R12: ffff95ae85e6fc58 [ 70.724561] R13: 0000000000000000 R14: 0000000000000040 R15: 0000000000000000 [ 70.724561] FS: 000000002c5c1380(0000) GS:ffff95bd7fcc0000(0000) knlGS:0000000000000000 [ 70.724561] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.724561] CR2: 0000000000000000 CR3: 000000010c568000 CR4: 00000000000006f0 [ 70.724561] Call Trace: [ 70.724561] [ 70.724561] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434) [ 70.724561] ? page_fault_oops (arch/x86/mm/fault.c:715) [ 70.724561] ? exc_page_fault (./arch/x86/include/asm/irqflags.h:26 ./arch/x86/include/asm/irqflags.h:87 ./arch/x86/include/asm/irqflags.h:147 arch/x86/mm/fault.c:1489 arch/x86/mm/fault.c:1539) [ 70.724561] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623) [ 70.724561] ? fq_codel_enqueue (net/sched/sch_fq_codel.c:120 net/sched/sch_fq_codel.c:168 net/sched/sch_fq_codel.c:230) sch_fq_codel [ 70.724561] dev_qdisc_enqueue (net/core/dev.c:3784) [ 70.724561] __dev_queue_xmit (net/core/dev.c:3880 (discriminator 2) net/core/dev.c:4390 (discriminator 2)) [ 70.724561] ? irqentry_enter (kernel/entry/common.c:237) [ 70.724561] ? sysvec_apic_timer_interrupt (./arch/x86/include/asm/hardirq.h:74 (discriminator 2) arch/x86/kernel/apic/apic.c:1043 (discriminator 2) arch/x86/kernel/apic/apic.c:1043 (discriminator 2)) [ 70.724561] ? trace_hardirqs_on (kernel/trace/trace_preemptirq.c:58 (discriminator 4)) [ 70.724561] ? asm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702) [ 70.724561] ? virtio_net_hdr_to_skb.constprop.0 (./include/linux/virtio_net.h:129 (discriminator 1)) [ 70.724561] packet_sendmsg (net/packet/af_packet.c:3145 (discriminator 1) net/packet/af_packet.c:3177 (discriminator 1)) [ 70.724561] ? _raw_spin_lock_bh (./arch/x86/include/asm/atomic.h:107 (discriminator 4) ./include/linux/atomic/atomic-arch-fallback.h:2170 (discriminator 4) ./include/linux/atomic/atomic-instrumented.h:1302 (discriminator 4) ./include/asm-generic/qspinlock.h:111 (discriminator 4) ./include/linux/spinlock.h:187 (discriminator 4) ./include/linux/spinlock_api_smp.h:127 (discriminator 4) kernel/locking/spinlock.c:178 (discriminator 4)) [ 70.724561] ? netdev_name_node_lookup_rcu (net/core/dev.c:325 (discriminator 1)) [ 70.724561] __sys_sendto (net/socket.c:730 (discriminator 1) net/socket.c:745 (discriminator 1) net/socket.c:2210 (discriminator 1)) [ 70.724561] ? __sys_setsockopt (./include/linux/file.h:34 net/socket.c:2355) [ 70.724561] __x64_sys_sendto (net/socket.c:2222 (discriminator 1) net/socket.c:2218 (discriminator 1) net/socket.c:2218 (discriminator 1)) [ 70.724561] do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1)) [ 70.724561] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) [ 70.724561] RIP: 0033:0x41ae09 Fixes: cf9acc90c80ec ("net: virtio_net_hdr_to_skb: count transport header in UFO") Reported-by: syzbot Signed-off-by: Eric Dumazet Cc: Jonathan Davies Reviewed-by: Willem de Bruijn Reviewed-by: Jonathan Davies Reviewed-by: David Ahern Signed-off-by: Paolo Abeni commit e9d591b16c0ed8489aedc86cac237145815d14dc Author: Roger Quadros Date: Tue Sep 24 15:28:48 2024 +0300 net: ethernet: ti: cpsw_ale: Fix warning on some platforms The number of register fields cannot be assumed to be ALE_FIELDS_MAX as some platforms can have lesser fields. Solve this by embedding the actual number of fields available in platform data and use that instead of ALE_FIELDS_MAX. Gets rid of the below warning on BeagleBone Black [ 1.007735] WARNING: CPU: 0 PID: 33 at drivers/base/regmap/regmap.c:1208 regmap_field_init+0x88/0x9c [ 1.007802] invalid empty mask defined [ 1.007812] Modules linked in: [ 1.007842] CPU: 0 UID: 0 PID: 33 Comm: kworker/u4:3 Not tainted 6.11.0-01459-g508403ab7b74-dirty #840 [ 1.007867] Hardware name: Generic AM33XX (Flattened Device Tree) [ 1.007890] Workqueue: events_unbound deferred_probe_work_func [ 1.007935] Call trace: [ 1.007957] unwind_backtrace from show_stack+0x10/0x14 [ 1.007999] show_stack from dump_stack_lvl+0x50/0x64 [ 1.008033] dump_stack_lvl from __warn+0x70/0x124 [ 1.008077] __warn from warn_slowpath_fmt+0x194/0x1a8 [ 1.008113] warn_slowpath_fmt from regmap_field_init+0x88/0x9c [ 1.008154] regmap_field_init from devm_regmap_field_alloc+0x48/0x64 [ 1.008193] devm_regmap_field_alloc from cpsw_ale_create+0xfc/0x320 [ 1.008251] cpsw_ale_create from cpsw_init_common+0x214/0x354 [ 1.008286] cpsw_init_common from cpsw_probe+0x4ac/0xb88 Reported-by: Geert Uytterhoeven Closes: https://lore.kernel.org/netdev/CAMuHMdUf-tKRDzkz2_m8qdFTFutefddU0NTratVrEjRTzA3yQQ@mail.gmail.com/ Fixes: 11cbcfeaa79e ("net: ethernet: ti: cpsw_ale: use regfields for number of Entries and Policers") Signed-off-by: Roger Quadros Tested-by: Geert Uytterhoeven Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240924-am65-cpsw-multi-rx-fix-v1-1-0ca3fa9a1398@kernel.org Signed-off-by: Paolo Abeni commit 1910bd470a0acea01b88722be61f0dfa29089730 Author: Geert Uytterhoeven Date: Tue Sep 24 11:59:09 2024 +0200 net: microchip: Make FDMA config symbol invisible There is no need to ask the user about enabling Microchip FDMA functionality, as all drivers that use it select the FDMA symbol. Hence make the symbol invisible, unless when compile-testing. Fixes: 30e48a75df9c6ead ("net: microchip: add FDMA library") Signed-off-by: Geert Uytterhoeven Reviewed-by: Daniel Machon Link: https://patch.msgid.link/8e2bcd8899c417a962b7ee3f75b29f35b25d7933.1727171879.git.geert+renesas@glider.be Signed-off-by: Paolo Abeni commit d9335d0232d2da605585eea1518ac6733518f938 Author: Csókás, Bence Date: Tue Sep 24 11:37:06 2024 +0200 net: fec: Reload PTP registers after link-state change On link-state change, the controller gets reset, which clears all PTP registers, including PHC time, calibrated clock correction values etc. For correct IEEE 1588 operation we need to restore these after the reset. Fixes: 6605b730c061 ("FEC: Add time stamping code and a PTP hardware clock") Signed-off-by: Csókás, Bence Reviewed-by: Wei Fang Link: https://patch.msgid.link/20240924093705.2897329-2-csokas.bence@prolan.hu Signed-off-by: Paolo Abeni commit a1477dc87dc4996dcf65a4893d4e2c3a6b593002 Author: Csókás, Bence Date: Tue Sep 24 11:37:04 2024 +0200 net: fec: Restart PPS after link state change On link state change, the controller gets reset, causing PPS to drop out. Re-enable PPS if it was enabled before the controller reset. Fixes: 6605b730c061 ("FEC: Add time stamping code and a PTP hardware clock") Signed-off-by: Csókás, Bence Link: https://patch.msgid.link/20240924093705.2897329-1-csokas.bence@prolan.hu Signed-off-by: Paolo Abeni commit 48dbc127836a6f311414bc03eae386023d05ed30 Author: Konstantin Komarov Date: Thu Sep 5 14:44:50 2024 +0300 fs/ntfs3: Format output messages like others fs in kernel Signed-off-by: Konstantin Komarov commit 031d6f608290c847ba6378322d0986d08d1a645a Author: Konstantin Komarov Date: Wed Sep 4 12:57:31 2024 +0300 fs/ntfs3: Additional check in ntfs_file_release Reported-by: syzbot+8c652f14a0fde76ff11d@syzkaller.appspotmail.com Signed-off-by: Konstantin Komarov commit a33fb016e49e37aafab18dc3c8314d6399cb4727 Author: Konstantin Komarov Date: Fri Aug 30 13:50:18 2024 +0300 fs/ntfs3: Fix general protection fault in run_is_mapped_full Fixed deleating of a non-resident attribute in ntfs_create_inode() rollback. Reported-by: syzbot+9af29acd8f27fbce94bc@syzkaller.appspotmail.com Signed-off-by: Konstantin Komarov commit 090f612756a9720ec18b0b130e28be49839d7cb5 Author: Konstantin Komarov Date: Thu Sep 5 15:03:48 2024 +0300 fs/ntfs3: Sequential field availability check in mi_enum_attr() The code is slightly reformatted to consistently check field availability without duplication. Fixes: 556bdf27c2dd ("ntfs3: Add bounds checking to mi_enum_attr()") Signed-off-by: Konstantin Komarov commit d178944db36b3369b78a08ba520de109b89bf2a9 Author: Konstantin Komarov Date: Mon Sep 9 15:39:10 2024 +0300 fs/ntfs3: Additional check in ni_clear() Checking of NTFS_FLAGS_LOG_REPLAYING added to prevent access to uninitialized bitmap during replay process. Reported-by: syzbot+3bfd2cc059ab93efcdb4@syzkaller.appspotmail.com Signed-off-by: Konstantin Komarov commit 03b097099eef255fbf85ea6a786ae3c91b11f041 Author: Konstantin Komarov Date: Wed Aug 28 11:55:53 2024 +0300 fs/ntfs3: Fix possible deadlock in mi_read Mutex lock with another subclass used in ni_lock_dir(). Reported-by: syzbot+bc7ca0ae4591cb2550f9@syzkaller.appspotmail.com Signed-off-by: Konstantin Komarov commit 589996bf8c459deb5bbc9747d8f1c51658608103 Author: Diogo Jahchan Koike Date: Mon Sep 2 14:19:32 2024 -0300 ntfs3: Change to non-blocking allocation in ntfs_d_hash d_hash is done while under "rcu-walk" and should not sleep. __get_name() allocates using GFP_KERNEL, having the possibility to sleep when under memory pressure. Change the allocation to GFP_NOWAIT. Reported-by: syzbot+7f71f79bbfb4427b00e1@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=7f71f79bbfb4427b00e1 Fixes: d392e85fd1e8 ("fs/ntfs3: Fix the format of the "nocase" mount option") Signed-off-by: Diogo Jahchan Koike Signed-off-by: Konstantin Komarov commit bdd6baf7408c69d403365d156447a22982d45430 Author: Dr. David Alan Gilbert Date: Fri Sep 13 21:50:06 2024 +0100 fs/ntfs3: Remove unused al_delete_le 'al_delete_le' was added by: Commit be71b5cba2e6 ("fs/ntfs3: Add attrib operations") but has remained unused; there is an al_remove_le which seems to be being used instead. Remove 'al_delete_le'. Signed-off-by: Dr. David Alan Gilbert commit 93ef6ee5c20e9330477930ec6347672c9e0cf5a6 Author: Jiawen Wu Date: Tue Sep 24 10:28:57 2024 +0800 net: pcs: xpcs: fix the wrong register that was written back The value is read from the register TXGBE_RX_GEN_CTL3, and it should be written back to TXGBE_RX_GEN_CTL3 when it changes some fields. Cc: stable@vger.kernel.org Fixes: f629acc6f210 ("net: pcs: xpcs: support to switch mode for Wangxun NICs") Signed-off-by: Jiawen Wu Reported-by: Russell King (Oracle) Reviewed-by: Russell King (Oracle) Link: https://patch.msgid.link/20240924022857.865422-1-jiawenwu@trustnetic.com Signed-off-by: Paolo Abeni commit 45c0de18ff2dc9af01236380404bbd6a46502c69 Author: Aleksander Jan Bajkowski Date: Mon Sep 23 23:49:49 2024 +0200 net: ethernet: lantiq_etop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skb_put_padto() to pad Ethernet frames properly. The mentioned function zeroes the expanded buffer. In case the packet cannot be padded it is silently dropped. Statistics are also not incremented. This driver does not support statistics in the old 32-bit format or the new 64-bit format. These will be added in the future. In its current form, the patch should be easily backported to stable versions. Ethernet MACs on Amazon-SE and Danube cannot do padding of the packets in hardware, so software padding must be applied. Fixes: 504d4721ee8e ("MIPS: Lantiq: Add ethernet driver") Signed-off-by: Aleksander Jan Bajkowski Reviewed-by: Jacob Keller Reviewed-by: Florian Fainelli Link: https://patch.msgid.link/20240923214949.231511-2-olek2@wp.pl Signed-off-by: Paolo Abeni commit e609c959a939660c7519895f853dfa5624c6827a Author: Daniel Borkmann Date: Mon Sep 23 23:22:42 2024 +0200 net: Fix gso_features_check to check for both dev->gso_{ipv4_,}max_size Commit 24ab059d2ebd ("net: check dev->gso_max_size in gso_features_check()") added a dev->gso_max_size test to gso_features_check() in order to fall back to GSO when needed. This was added as it was noticed that some drivers could misbehave if TSO packets get too big. However, the check doesn't respect dev->gso_ipv4_max_size limit. For instance, a device could be configured with BIG TCP for IPv4, but not IPv6. Therefore, add a netif_get_gso_max_size() equivalent to netif_get_gro_max_size() and use the helper to respect both limits before falling back to GSO engine. Fixes: 24ab059d2ebd ("net: check dev->gso_max_size in gso_features_check()") Signed-off-by: Daniel Borkmann Cc: Eric Dumazet Cc: Paolo Abeni Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240923212242.15669-2-daniel@iogearbox.net Signed-off-by: Paolo Abeni commit e8d4d34df715133c319fabcf63fdec684be75ff8 Author: Daniel Borkmann Date: Mon Sep 23 23:22:41 2024 +0200 net: Add netif_get_gro_max_size helper for GRO Add a small netif_get_gro_max_size() helper which returns the maximum IPv4 or IPv6 GRO size of the netdevice. We later add a netif_get_gso_max_size() equivalent as well for GSO, so that these helpers can be used consistently instead of open-coded checks. Signed-off-by: Daniel Borkmann Cc: Eric Dumazet Cc: Paolo Abeni Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240923212242.15669-1-daniel@iogearbox.net Signed-off-by: Paolo Abeni commit da724c33b685463720b1c625ac440e894dc57ec0 Author: Masahiro Yamada Date: Tue Oct 1 02:02:23 2024 +0900 kconfig: qconf: move conf_read() before drawing tree pain The constructor of ConfigMainWindow() calls show*View(), which needs to calculate symbol values. conf_read() must be called before that. Fixes: 060e05c3b422 ("kconfig: qconf: remove initial call to conf_changed()") Signed-off-by: Masahiro Yamada commit 8d095547debdd26583171a6b589acbc9fd76aa9f Author: Masahiro Yamada Date: Tue Oct 1 02:02:22 2024 +0900 kconfig: clear expr::val_is_valid when allocated Since commit 95573cac25c6 ("kconfig: cache expression values"), xconfig emits a lot of false-positive "unmet direct dependencies" warnings. While conf_read() clears val_is_valid flags, 'make xconfig' calculates symbol values even before the conf_read() call. This is another issue that should be addressed separately, but it has revealed that the val_is_valid field is not initialized. Fixes: 95573cac25c6 ("kconfig: cache expression values") Signed-off-by: Masahiro Yamada commit 6c24a03a61a245fe34d47582898331fa034b6ccd Author: Vladimir Oltean Date: Fri Sep 13 23:35:49 2024 +0300 net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is unique among DSA drivers in that it calls dev_get_drvdata() at "arbitrary runtime" (not probe, not shutdown, not remove): phy_state_machine() -> ... -> dsa_user_phy_read() -> ds->ops->phy_read() -> lan9303_phy_read() -> chip->ops->phy_read() -> lan9303_mdio_phy_read() -> dev_get_drvdata() But we never stop the phy_state_machine(), so it may continue to run after dsa_switch_shutdown(). Our common pattern in all DSA drivers is to set drvdata to NULL to suppress the remove() method that may come afterwards. But in this case it will result in an NPD. The second problem is that the way in which we set dp->conduit->dsa_ptr = NULL; is concurrent with receive packet processing. dsa_switch_rcv() checks once whether dev->dsa_ptr is NULL, but afterwards, rather than continuing to use that non-NULL value, dev->dsa_ptr is dereferenced again and again without NULL checks: dsa_conduit_find_user() and many other places. In between dereferences, there is no locking to ensure that what was valid once continues to be valid. Both problems have the common aspect that closing the conduit interface solves them. In the first case, dev_close(conduit) triggers the NETDEV_GOING_DOWN event in dsa_user_netdevice_event() which closes user ports as well. dsa_port_disable_rt() calls phylink_stop(), which synchronously stops the phylink state machine, and ds->ops->phy_read() will thus no longer call into the driver after this point. In the second case, dev_close(conduit) should do this, as per Documentation/networking/driver.rst: | Quiescence | ---------- | | After the ndo_stop routine has been called, the hardware must | not receive or transmit any data. All in flight packets must | be aborted. If necessary, poll or wait for completion of | any reset commands. So it should be sufficient to ensure that later, when we zeroize conduit->dsa_ptr, there will be no concurrent dsa_switch_rcv() call on this conduit. The addition of the netif_device_detach() function is to ensure that ioctls, rtnetlinks and ethtool requests on the user ports no longer propagate down to the driver - we're no longer prepared to handle them. The race condition actually did not exist when commit 0650bf52b31f ("net: dsa: be compatible with masters which unregister on shutdown") first introduced dsa_switch_shutdown(). It was created later, when we stopped unregistering the user interfaces from a bad spot, and we just replaced that sequence with a racy zeroization of conduit->dsa_ptr (one which doesn't ensure that the interfaces aren't up). Reported-by: Alexander Sverdlin Closes: https://lore.kernel.org/netdev/2d2e3bba17203c14a5ffdabc174e3b6bbb9ad438.camel@siemens.com/ Closes: https://lore.kernel.org/netdev/c1bf4de54e829111e0e4a70e7bd1cf523c9550ff.camel@siemens.com/ Fixes: ee534378f005 ("net: dsa: fix panic when DSA master device unbinds on shutdown") Reviewed-by: Alexander Sverdlin Tested-by: Alexander Sverdlin Signed-off-by: Vladimir Oltean Link: https://patch.msgid.link/20240913203549.3081071-1-vladimir.oltean@nxp.com Signed-off-by: Paolo Abeni commit 394b52462020b6cceff1f7f47fdebd03589574f3 Author: Jani Nikula Date: Wed Sep 18 20:35:43 2024 +0300 drm/i915/gem: fix bitwise and logical AND mixup CONFIG_DRM_I915_USERFAULT_AUTOSUSPEND is an int, defaulting to 250. When the wakeref is non-zero, it's either -1 or a dynamically allocated pointer, depending on CONFIG_DRM_I915_DEBUG_RUNTIME_PM. It's likely that the code works by coincidence with the bitwise AND, but with CONFIG_DRM_I915_DEBUG_RUNTIME_PM=y, there's the off chance that the condition evaluates to false, and intel_wakeref_auto() doesn't get called. Switch to the intended logical AND. v2: Use != to avoid clang -Wconstant-logical-operand (Nathan) Fixes: ad74457a6b5a ("drm/i915/dgfx: Release mmap on rpm suspend") Cc: Matthew Auld Cc: Rodrigo Vivi Cc: Anshuman Gupta Cc: Andi Shyti Cc: Nathan Chancellor Cc: stable@vger.kernel.org # v6.1+ Reviewed-by: Matthew Auld Reviewed-by: Andi Shyti # v1 Link: https://patchwork.freedesktop.org/patch/msgid/643cc0a4d12f47fd8403d42581e83b1e9c4543c7.1726680898.git.jani.nikula@intel.com Signed-off-by: Jani Nikula (cherry picked from commit 4c1bfe259ed1d2ade826f95d437e1c41b274df04) Signed-off-by: Joonas Lahtinen commit e694d2b5c58ba2d1e995d068707c8d966e7f5f2a Author: Charles Han Date: Sun Sep 29 15:23:49 2024 +0800 soc: qcom: Add check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value in qcom_socinfo_probe() is not checked. Signed-off-by: Charles Han Link: https://lore.kernel.org/r/20240929072349.202520-1-hanchunchao@inspur.com Signed-off-by: Bjorn Andersson commit c9432ad5e32f066875b1bf95939c363bc46d6a45 Author: Pali Rohár Date: Mon Sep 30 22:25:10 2024 +0200 cifs: Remove intermediate object of failed create reparse call If CREATE was successful but SMB2_OP_SET_REPARSE failed then remove the intermediate object created by CREATE. Otherwise empty object stay on the server when reparse call failed. This ensures that if the creating of special files is unsupported by the server then no empty file stay on the server as a result of unsupported operation. Fixes: 102466f303ff ("smb: client: allow creating special files via reparse points") Signed-off-by: Pali Rohár Acked-by: Paulo Alcantara (Red Hat) Signed-off-by: Steve French commit 1eecd880a3ffb42e8cfbc4895998bdb178449b8b Author: Steve French Date: Mon Sep 30 20:03:44 2024 -0500 Revert "smb: client: make SHA-512 TFM ephemeral" The original patch causes a crash with signed mounts when using the SMB2.1 dialect RIP: 0010:smb2_calc_signature+0x10e/0x460 [cifs] Code: 46 30 00 00 00 00 49 c7 46 38 00 00 00 00 0f 85 3e 01 00 00 48 8b 83 a8 02 00 00 48 89 85 68 ff ff ff 49 8b b4 24 58 01 00 00 <48> 8b 38 ba 10 00 00 00 e8 55 0f 0c e0 41 89 c7 85 c0 0f 85 44 01 RSP: 0018:ffffb349422fb5c8 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff98028765b800 RCX: 0000000000000000 RDX: 0000000000000000 RSI: ffff980200f2b100 RDI: 0000000000000000 RBP: ffffb349422fb680 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffff980235e37800 R13: ffffb349422fb900 R14: ffff98027c160700 R15: ffff98028765b820 FS: 000074139b98f780(0000) GS:ffff98097b980000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 000000011cb78006 CR4: 00000000003726f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ? show_regs+0x6c/0x80 ? __die+0x24/0x80 ? page_fault_oops+0x175/0x5c0 ? hrtimer_try_to_cancel.part.0+0x55/0xf0 ? do_user_addr_fault+0x4b2/0x870 ? exc_page_fault+0x85/0x1c0 ? asm_exc_page_fault+0x27/0x30 ? smb2_calc_signature+0x10e/0x460 [cifs] ? smb2_calc_signature+0xa7/0x460 [cifs] ? kmem_cache_alloc_noprof+0x101/0x300 smb2_sign_rqst+0xa2/0xe0 [cifs] smb2_setup_request+0x12d/0x240 [cifs] compound_send_recv+0x304/0x1220 [cifs] cifs_send_recv+0x22/0x40 [cifs] SMB2_tcon+0x2d9/0x8c0 [cifs] cifs_get_smb_ses+0x910/0xef0 [cifs] ? cifs_get_smb_ses+0x910/0xef0 [cifs] cifs_mount_get_session+0x6a/0x250 [cifs] Reported-by: Paulo Alcantara (Red Hat) Suggested-by: Paulo Alcantara (Red Hat) Signed-off-by: Steve French This reverts commit 220d83b52c7d16ec3c168b82f4e6ce59c645f7ab. commit 274e58cc226c54c849760d9a6ec7be23b221cb12 Author: Simon Horman Date: Sun Sep 8 21:14:14 2024 +0100 MAINTAINERS: Qualcomm SoC: Match reserved-memory bindings commit 8b90269ee6d7 ("MAINTAINERS: Split Qualcomm SoC and linux-arm-msm entries") included an entry for .../bindings/reserved-memory/qcom. However, it appears that this should have been a glob as although there are files that start with that path, no file matches that exact path. Address this by making the entry a glob. Flagged by make htmldocs as: Warning: MAINTAINERS references a file that doesn't exist: Documentation/devicetree/bindings/reserved-memory/qcom Cc: Konrad Dybcio Cc: Bjorn Andersson Cc: Rob Herring Cc: Krzysztof Kozlowski Cc: Conor Dooley Cc: linux-arm-msm@vger.kernel.org Cc: devicetree@vger.kernel.org Signed-off-by: Simon Horman Link: https://lore.kernel.org/r/20240908-qcom-glob-v1-1-94a390f36744@kernel.org Signed-off-by: Bjorn Andersson commit 72455e33173c1a00c0ce93d2b0198eb45d5f4195 Author: Shengjiu Wang Date: Mon Sep 30 14:08:28 2024 +0800 ASoC: fsl_sai: Enable 'FIFO continue on error' FCONT bit FCONT=1 means On FIFO error, the SAI will continue from the same word that caused the FIFO error to set after the FIFO warning flag has been cleared. Set FCONT bit in control register to avoid the channel swap issue after SAI xrun. Signed-off-by: Shengjiu Wang Link: https://patch.msgid.link/1727676508-22830-1-git-send-email-shengjiu.wang@nxp.com Signed-off-by: Mark Brown commit 43102a2012c2e2f8424d7eef52aede8e73cf2fed Merge: 9852d85ec9d492 ad604f0a4c040d Author: Dave Airlie Date: Tue Oct 1 08:15:46 2024 +1000 Merge tag 'drm-misc-fixes-2024-09-26' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-fixes Short summary of fixes pull: atomic: - Use correct type when reading damage rectangles display: - Fix kernel docs dp-mst: - Fix DSC decompression detection hdmi: - Fix infoframe size panthor: - Fix locking sched: - Update maintainers - Fix race condition whne queueing up jobs sysfb: - Disable sysfb if framebuffer parent device is unknown vbox: - Fix VLA handling Signed-off-by: Dave Airlie From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240926121045.GA561653@localhost.localdomain commit 09d0fb5cb30ebcaed4a33028ae383f5a1463e2b2 Author: Larysa Zaremba Date: Wed Sep 4 11:54:17 2024 +0200 idpf: deinit virtchnl transaction manager after vport and vectors When the device is removed, idpf is supposed to make certain virtchnl requests e.g. VIRTCHNL2_OP_DEALLOC_VECTORS and VIRTCHNL2_OP_DESTROY_VPORT. However, this does not happen due to the referenced commit introducing virtchnl transaction manager and placing its deinitialization before those messages are sent. Then the sending is impossible due to no transactions being available. Lack of cleanup can lead to the FW becoming unresponsive from e.g. unloading-loading the driver and creating-destroying VFs afterwards. Move transaction manager deinitialization to after other virtchnl-related cleanup is done. Fixes: 34c21fa894a1 ("idpf: implement virtchnl transaction manager") Reviewed-by: Przemek Kitszel Signed-off-by: Larysa Zaremba Tested-by: Krishneil Singh Signed-off-by: Tony Nguyen commit 640f70063e6d3a76a63f57e130fba43ba8c7e980 Author: Joshua Hay Date: Tue Sep 3 11:49:56 2024 -0700 idpf: use actual mbx receive payload length When a mailbox message is received, the driver is checking for a non 0 datalen in the controlq descriptor. If it is valid, the payload is attached to the ctlq message to give to the upper layer. However, the payload response size given to the upper layer was taken from the buffer metadata which is _always_ the max buffer size. This meant the API was returning 4K as the payload size for all messages. This went unnoticed since the virtchnl exchange response logic was checking for a response size less than 0 (error), not less than exact size, or not greater than or equal to the max mailbox buffer size (4K). All of these checks will pass in the success case since the size provided is always 4K. However, this breaks anyone that wants to validate the exact response size. Fetch the actual payload length from the value provided in the descriptor data_len field (instead of the buffer metadata). Unfortunately, this means we lose some extra error parsing for variable sized virtchnl responses such as create vport and get ptypes. However, the original checks weren't really helping anyways since the size was _always_ 4K. Fixes: 34c21fa894a1 ("idpf: implement virtchnl transaction manager") Cc: stable@vger.kernel.org # 6.9+ Signed-off-by: Joshua Hay Reviewed-by: Przemek Kitszel Tested-by: Krishneil Singh Signed-off-by: Tony Nguyen commit d382c7bc236d4fc7b087ddad2732c84d222a4dc9 Author: Ahmed Zaki Date: Wed Aug 28 16:38:25 2024 -0600 idpf: fix VF dynamic interrupt ctl register initialization The VF's dynamic interrupt ctl "dyn_ctl_intrvl_s" is not initialized in idpf_vf_intr_reg_init(). This resulted in the following UBSAN error whenever a VF is created: [ 564.345655] UBSAN: shift-out-of-bounds in drivers/net/ethernet/intel/idpf/idpf_txrx.c:3654:10 [ 564.345663] shift exponent 4294967295 is too large for 32-bit type 'int' [ 564.345671] CPU: 33 UID: 0 PID: 2458 Comm: NetworkManager Not tainted 6.11.0-rc4+ #1 [ 564.345678] Hardware name: Intel Corporation M50CYP2SBSTD/M50CYP2SBSTD, BIOS SE5C6200.86B.0027.P10.2201070222 01/07/2022 [ 564.345683] Call Trace: [ 564.345688] [ 564.345693] dump_stack_lvl+0x91/0xb0 [ 564.345708] __ubsan_handle_shift_out_of_bounds+0x16b/0x320 [ 564.345730] idpf_vport_intr_update_itr_ena_irq.cold+0x13/0x39 [idpf] [ 564.345755] ? __pfx_idpf_vport_intr_update_itr_ena_irq+0x10/0x10 [idpf] [ 564.345771] ? static_obj+0x95/0xd0 [ 564.345782] ? lockdep_init_map_type+0x1a5/0x800 [ 564.345794] idpf_vport_intr_ena+0x5ef/0x9f0 [idpf] [ 564.345814] idpf_vport_open+0x2cc/0x1240 [idpf] [ 564.345837] idpf_open+0x6d/0xc0 [idpf] [ 564.345850] __dev_open+0x241/0x420 Fixes: d4d558718266 ("idpf: initialize interrupts and enable vport") Reviewed-by: Przemek Kitszel Signed-off-by: Ahmed Zaki Reviewed-by: Simon Horman Tested-by: Krishneil Singh Signed-off-by: Tony Nguyen commit 0eae2c136cb624e4050092feb59f18159b4f2512 Author: Dave Ertman Date: Wed Sep 18 14:02:56 2024 -0400 ice: fix VLAN replay after reset There is a bug currently when there are more than one VLAN defined and any reset that affects the PF is initiated, after the reset rebuild no traffic will pass on any VLAN but the last one created. This is caused by the iteration though the VLANs during replay each clearing the vsi_map bitmap of the VSI that is being replayed. The problem is that during rhe replay, the pointer to the vsi_map bitmap is used by each successive vlan to determine if it should be replayed on this VSI. The logic was that the replay of the VLAN would replace the bit in the map before the next VLAN would iterate through. But, since the replay copies the old bitmap pointer to filt_replay_rules and creates a new one for the recreated VLANS, it does not do this, and leaves the old bitmap broken to be used to replay the remaining VLANs. Since the old bitmap will be cleaned up in post replay cleanup, there is no need to alter it and break following VLAN replay, so don't clear the bit. Fixes: 334cb0626de1 ("ice: Implement VSI replay framework") Reviewed-by: Przemek Kitszel Signed-off-by: Dave Ertman Reviewed-by: Jacob Keller Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit afe6e30e7701979f536f8fbf6fdef7212441f61a Author: Arkadiusz Kubalewski Date: Thu Sep 12 10:54:28 2024 +0200 ice: disallow DPLL_PIN_STATE_SELECTABLE for dpll output pins Currently the user may request DPLL_PIN_STATE_SELECTABLE for an output pin, and this would actually set the DISCONNECTED state instead. It doesn't make any sense. SELECTABLE is valid only in case of input pins (on AUTOMATIC type dpll), where dpll itself would select best valid input. For the output pin only CONNECTED/DISCONNECTED are expected. Fixes: d7999f5ea64b ("ice: implement dpll interface to control cgu") Reviewed-by: Aleksandr Loktionov Reviewed-by: Paul Menzel Signed-off-by: Arkadiusz Kubalewski Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit c188afdc36113760873ec78cbc036f6b05f77621 Author: Przemek Kitszel Date: Tue Sep 10 15:57:21 2024 +0200 ice: fix memleak in ice_init_tx_topology() Fix leak of the FW blob (DDP pkg). Make ice_cfg_tx_topo() const-correct, so ice_init_tx_topology() can avoid copying whole FW blob. Copy just the topology section, and only when needed. Reuse the buffer allocated for the read of the current topology. This was found by kmemleak, with the following trace for each PF: [] kmemdup_noprof+0x1d/0x50 [] ice_init_ddp_config+0x100/0x220 [ice] [] ice_init_dev+0x6f/0x200 [ice] [] ice_init+0x29/0x560 [ice] [] ice_probe+0x21d/0x310 [ice] Constify ice_cfg_tx_topo() @buf parameter. This cascades further down to few more functions. Fixes: cc5776fe1832 ("ice: Enable switching default Tx scheduler topology") CC: Larysa Zaremba CC: Jacob Keller CC: Pucha Himasekhar Reddy CC: Mateusz Polchlopek Signed-off-by: Przemek Kitszel Reviewed-by: Jacob Keller Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit d019b1a9128d65956f04679ec2bb8b0800f13358 Author: Michal Swiatkowski Date: Fri Sep 6 14:57:06 2024 +0200 ice: clear port vlan config during reset Since commit 2a2cb4c6c181 ("ice: replace ice_vf_recreate_vsi() with ice_vf_reconfig_vsi()") VF VSI is only reconfigured instead of recreated. The context configuration from previous setting is still the same. If any of the config needs to be cleared it needs to be cleared explicitly. Previously there was assumption that port vlan will be cleared automatically. Now, when VSI is only reconfigured we have to do it in the code. Not clearing port vlan configuration leads to situation when the driver VSI config is different than the VSI config in HW. Traffic can't be passed after setting and clearing port vlan, because of invalid VSI config in HW. Example reproduction: > ip a a dev $(VF) $(VF_IP_ADDRESS) > ip l s dev $(VF) up > ping $(VF_IP_ADDRESS) ping is working fine here > ip link set eth5 vf 0 vlan 100 > ip link set eth5 vf 0 vlan 0 > ping $(VF_IP_ADDRESS) ping isn't working Fixes: 2a2cb4c6c181 ("ice: replace ice_vf_recreate_vsi() with ice_vf_reconfig_vsi()") Signed-off-by: Michal Swiatkowski Reviewed-by: Wojciech Drewek Tested-by: Piotr Tyda Signed-off-by: Tony Nguyen commit d517cf89874c6039e6294b18d66f40988e62502a Author: Gui-Dong Han Date: Tue Sep 3 11:59:43 2024 +0000 ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count() This patch addresses an issue with improper reference count handling in the ice_sriov_set_msix_vec_count() function. First, the function calls ice_get_vf_by_id(), which increments the reference count of the vf pointer. If the subsequent call to ice_get_vf_vsi() fails, the function currently returns an error without decrementing the reference count of the vf pointer, leading to a reference count leak. The correct behavior, as implemented in this patch, is to decrement the reference count using ice_put_vf(vf) before returning an error when vsi is NULL. Second, the function calls ice_sriov_get_irqs(), which sets vf->first_vector_idx. If this call returns a negative value, indicating an error, the function returns an error without decrementing the reference count of the vf pointer, resulting in another reference count leak. The patch addresses this by adding a call to ice_put_vf(vf) before returning an error when vf->first_vector_idx < 0. This bug was identified by an experimental static analysis tool developed by our team. The tool specializes in analyzing reference count operations and identifying potential mismanagement of reference counts. In this case, the tool flagged the missing decrement operation as a potential issue, leading to this patch. Fixes: 4035c72dc1ba ("ice: reconfig host after changing MSI-X on VF") Fixes: 4d38cb44bd32 ("ice: manage VFs MSI-X using resource tracking") Cc: stable@vger.kernel.org Signed-off-by: Gui-Dong Han Reviewed-by: Simon Horman Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit ccca30a18e36a742e606d5bf0630e75be7711d0a Author: Gui-Dong Han Date: Tue Sep 3 11:48:43 2024 +0000 ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins() This patch addresses a reference count handling issue in the ice_dpll_init_rclk_pins() function. The function calls ice_dpll_get_pins(), which increments the reference count of the relevant resources. However, if the condition WARN_ON((!vsi || !vsi->netdev)) is met, the function currently returns an error without properly releasing the resources acquired by ice_dpll_get_pins(), leading to a reference count leak. To resolve this, the check has been moved to the top of the function. This ensures that the function verifies the state before any resources are acquired, avoiding the need for additional resource management in the error path. This bug was identified by an experimental static analysis tool developed by our team. The tool specializes in analyzing reference count operations and detecting potential issues where resources are not properly managed. In this case, the tool flagged the missing release operation as a potential problem, which led to the development of this patch. Fixes: d7999f5ea64b ("ice: implement dpll interface to control cgu") Cc: stable@vger.kernel.org Signed-off-by: Gui-Dong Han Reviewed-by: Simon Horman Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit 839e3f9bee425c90a0423d14b102a42fe6635c73 Author: Michal Swiatkowski Date: Mon Aug 19 12:14:01 2024 +0200 ice: set correct dst VSI in only LAN filters The filters set that will reproduce the problem: $ tc filter add dev $VF0_PR ingress protocol arp prio 0 flower \ skip_sw dst_mac ff:ff:ff:ff:ff:ff action mirred egress \ redirect dev $PF0 $ tc filter add dev $VF0_PR ingress protocol arp prio 0 flower \ skip_sw dst_mac ff:ff:ff:ff:ff:ff src_mac 52:54:00:00:00:10 \ action mirred egress mirror dev $VF1_PR Expected behaviour is to set all broadcast from VF0 to the LAN. If the src_mac match the value from filters, send packet to LAN and to VF1. In this case both LAN_EN and LB_EN flags in switch is set in case of packet matching both filters. As dst VSI for the only LAN enable bit is PF VSI, the packet is being seen on PF. To fix this change dst VSI to the source VSI. It will block receiving any packet even when LB_EN is set by switch, because local loopback is clear on VF VSI during normal operation. Side note: if the second filters action is redirect instead of mirror LAN_EN is clear, because switch is AND-ing LAN_EN from each matched filters and OR-ing LB_EN. Reviewed-by: Przemek Kitszel Fixes: 73b483b79029 ("ice: Manage act flags for switchdev offloads") Signed-off-by: Michal Swiatkowski Reviewed-by: Jacob Keller Tested-by: Sujai Buvaneswaran Signed-off-by: Tony Nguyen commit 3eae4a916fc0eb6f85b5d399e10335dbd24dd765 Author: Jinjie Ruan Date: Mon Sep 23 12:00:15 2024 +0800 spi: spi-cadence: Fix missing spi_controller_is_target() check The spi_controller_is_target() check is missing for pm_runtime_disable() in cdns_spi_remove(), add it. Fixes: b1b90514eaa3 ("spi: spi-cadence: Add support for Slave mode") Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240923040015.3009329-4-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 67d4a70faa662df07451e83db1546d3ca0695e08 Author: Jinjie Ruan Date: Mon Sep 23 12:00:14 2024 +0800 spi: spi-cadence: Fix pm_runtime_set_suspended() with runtime pm enabled It is not valid to call pm_runtime_set_suspended() for devices with runtime PM enabled because it returns -EAGAIN if it is enabled already and working. So, call pm_runtime_disable() before to fix it. Fixes: d36ccd9f7ea4 ("spi: cadence: Runtime pm adaptation") Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240923040015.3009329-3-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit b6e05ba0844139dde138625906015c974c86aa93 Author: Jinjie Ruan Date: Mon Sep 23 12:00:13 2024 +0800 spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled It is not valid to call pm_runtime_set_suspended() for devices with runtime PM enabled because it returns -EAGAIN if it is enabled already and working. So, call pm_runtime_disable() before to fix it. Fixes: 43b6bf406cd0 ("spi: imx: fix runtime pm support for !CONFIG_PM") Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240923040015.3009329-2-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit a36614bf88cd4b43984f24fd960c7aa0e43b5fb7 Author: Wolfram Sang Date: Thu Sep 26 13:32:41 2024 +0200 ASoC: dt-bindings: renesas,rsnd: correct reg-names for R-Car Gen1 The device at 0xffd90000 is named SRU, both in the datasheet and SoC DTSI. Fix the typo in the bindings to avoid the false positive report: sound@ffd90000: reg-names:0: 'sru' is not one of ['scu', 'ssi', 'adg'] Signed-off-by: Wolfram Sang Acked-by: Kuninori Morimoto Reviewed-by: Geert Uytterhoeven Acked-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240926113241.24060-2-wsa+renesas@sang-engineering.com Signed-off-by: Mark Brown commit d1648688799dd14075c43e2d091be815c794f331 Author: Arnaldo Carvalho de Melo Date: Mon Sep 30 13:14:30 2024 -0300 perf beauty: Update copy of linux/socket.h with the kernel sources To pick the changes in: 8f0b3cc9a4c102c2 ("tcp: RX path for devmem TCP") That don't result in any changes in the tables generated from that header. But while updating I noticed we need to support the new MSG_SOCK_DEVMEM flag in the hard coded table for the msg flags table, add it. This silences this perf build warning: Warning: Kernel ABI header differences: diff -u tools/perf/trace/beauty/include/linux/socket.h include/linux/socket.h Please see tools/include/uapi/README for details. Cc: Adrian Hunter Cc: Ian Rogers Cc: Jakub Kicinski Cc: Jiri Olsa Cc: Kan Liang Cc: Mina Almasry Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/ZvrO_eT9e_41xrNv@x1 Signed-off-by: Arnaldo Carvalho de Melo commit dc1e764b398e0548b1bb12fb234ed0b673cd60fb Author: Arnaldo Carvalho de Melo Date: Mon Sep 30 13:08:39 2024 -0300 tools headers UAPI: Sync the linux/in.h with the kernel sources Picking the changes from: 70d0bb45fae87a3b ("net: Correct spelling in headers") Just a comment fix, addressing this perf build warning: Warning: Kernel ABI header differences: diff -u tools/include/uapi/linux/in.h include/uapi/linux/in.h Please see tools/include/uapi/README for details. Cc: Adrian Hunter Cc: Ian Rogers Cc: Jakub Kicinski Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Simon Horman Link: https://lore.kernel.org/lkml/ZvrNlLdtXAZ1sIIj@x1 Signed-off-by: Arnaldo Carvalho de Melo commit c94cd9508b1335b949fd13ebd269313c65492df0 Author: Arnaldo Carvalho de Melo Date: Mon Sep 30 12:54:57 2024 -0300 perf trace beauty: Update the arch/x86/include/asm/irq_vectors.h copy with the kernel sources To pick up the change in: a1fab3e69d9d0e9b ("x86/irq: Fix comment on IRQ vector layout") That just adds some comments, so no changes in perf tooling, just silences this build warning: diff -u tools/perf/trace/beauty/arch/x86/include/asm/irq_vectors.h arch/x86/include/asm/irq_vectors.h Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Sohil Mehta Cc: Thomas Gleixner Link: https://lore.kernel.org/lkml/ZvrKT7oQc1AOv6Vk@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 744a6a1f2a8385a99803c3be08fae1921a746e15 Author: Arnaldo Carvalho de Melo Date: Mon Sep 30 12:50:56 2024 -0300 tools arch x86: Sync the msr-index.h copy with the kernel sources To pick up the changes from these csets: 0a3e4e94d137daac ("platform/x86/intel/ifs: Add SBAF test image loading support") That cause no changes to tooling: $ tools/perf/trace/beauty/tracepoints/x86_msr.sh > before $ cp arch/x86/include/asm/msr-index.h tools/arch/x86/include/asm/msr-index.h $ tools/perf/trace/beauty/tracepoints/x86_msr.sh > after $ diff -u before after $ Just silences this perf build warning: Warning: Kernel ABI header differences: diff -u tools/arch/x86/include/asm/msr-index.h arch/x86/include/asm/msr-index.h Cc: Adrian Hunter Cc: Hans de Goede Cc: Ian Rogers Cc: Jiri Olsa Cc: Jithu Joseph Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/ZvrJY68Btx3a_yV4@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 58f969b7a83e3680f1de5f1f0d382d783cc15f6c Author: Arnaldo Carvalho de Melo Date: Mon Sep 30 12:15:18 2024 -0300 tools include UAPI: Sync linux/fcntl.h copy with the kernel sources Picking the changes from: 4356d575ef0f39a3 ("fhandle: expose u64 mount id to name_to_handle_at(2)") b4fef22c2fb97fa2 ("uapi: explain how per-syscall AT_* flags should be allocated") 820a185896b77814 ("fcntl: add F_CREATED_QUERY") It just moves AT_REMOVEDIR around, and adds a bunch more AT_ for renameat2() and name_to_handle_at(). We need to improve this situation, as not all AT_ defines are applicable to all fs flags... This adds support for those new AT_ defines, addressing this build warning: diff -u tools/perf/trace/beauty/include/uapi/sound/asound.h include/uapi/sound/asound.h Reviewed-by: Aleksa Sarai Cc: Adrian Hunter Cc: Christian Brauner Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Tejun Heo Link: https://lore.kernel.org/lkml/ZvrIKL3cREoRHIQd@x1 Signed-off-by: Arnaldo Carvalho de Melo commit e32cde8d2bd7d251a8f9b434143977ddf13dcec6 Merge: 190ecde722dd05 95b873693a0841 Author: Linus Torvalds Date: Mon Sep 30 12:58:17 2024 -0700 Merge tag 'sched_ext-for-6.12-rc1-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext Pull sched_ext fixes from Tejun Heo: - When sched_ext is in bypass mode (e.g. while disabling the BPF scheduler), it was using one DSQ to implement global FIFO scheduling as all it has to do is guaranteeing reasonable forward progress. On multi-socket machines, this can lead to live-lock conditions under certain workloads. Fixed by splitting the queue used for FIFO scheduling per NUMA node. This required several preparation patches. - Hotplug tests on powerpc could reliably trigger deadlock while enabling a BPF scheduler. This was caused by cpu_hotplug_lock nesting inside scx_fork_rwsem and then CPU hotplug path trying to fork a new thread while holding cpu_hotplug_lock. Fixed by restructuring locking in enable and disable paths so that the two locks are not coupled. This required several preparation patches which also fixed a couple other issues in the enable path. - A build fix for !CONFIG_SMP - Userspace tooling sync and updates * tag 'sched_ext-for-6.12-rc1-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext: sched_ext: Remove redundant p->nr_cpus_allowed checker sched_ext: Decouple locks in scx_ops_enable() sched_ext: Decouple locks in scx_ops_disable_workfn() sched_ext: Add scx_cgroup_enabled to gate cgroup operations and fix scx_tg_online() sched_ext: Enable scx_ops_init_task() separately sched_ext: Fix SCX_TASK_INIT -> SCX_TASK_READY transitions in scx_ops_enable() sched_ext: Initialize in bypass mode sched_ext: Remove SCX_OPS_PREPPING sched_ext: Relocate check_hotplug_seq() call in scx_ops_enable() sched_ext: Use shorter slice while bypassing sched_ext: Split the global DSQ per NUMA node sched_ext: Relocate find_user_dsq() sched_ext: Allow only user DSQs for scx_bpf_consume(), scx_bpf_dsq_nr_queued() and bpf_iter_scx_dsq_new() scx_flatcg: Use a user DSQ for fallback instead of SCX_DSQ_GLOBAL tools/sched_ext: Receive misc updates from SCX repo sched_ext: Add __COMPAT helpers for features added during v6.12 devel cycle sched_ext: Build fix for !CONFIG_SMP commit 1d498df44e709d9708c0bf666012933bbc7ef1d6 Author: NeilBrown Date: Fri Sep 27 16:49:01 2024 +1000 sunrpc: fix prog selection loop in svc_process_common If the rq_prog is not in the list of programs, then we use the last program in the list and we don't get the expected rpc_prog_unavail error as the subsequent tests on 'progp' being NULL are ineffective. We should only assign progp when we find the right program, and we should initialize it to NULL Reported-by: Dan Carpenter Fixes: 86ab08beb3f0 ("SUNRPC: replace program list with program array") Signed-off-by: NeilBrown Acked-by: Chuck Lever Signed-off-by: Anna Schumaker commit 37578c682cf47bafe29fef29d177b1f38b021db9 Author: Yang Li Date: Wed Sep 25 08:38:04 2024 +0800 nfs: Remove duplicated include in localio.c The header files linux/module.h is included twice in localio.c, so one inclusion of each can be removed. Reported-by: Abaci Robot Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=11073 Signed-off-by: Yang Li Signed-off-by: Anna Schumaker commit 056301e7c7c886f96d799edd36f3406cc30e1822 Author: Hans de Goede Date: Fri Sep 27 16:16:06 2024 +0200 ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] Like other Asus ExpertBook models the B2502CVA has its keybopard IRQ (1) described as ActiveLow in the DSDT, which the kernel overrides to EdgeHigh which breaks the keyboard. Add the B2502CVA to the irq1_level_low_skip_override[] quirk table to fix this. Closes: https://bugzilla.kernel.org/show_bug.cgi?id=217760 Cc: All applicable Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20240927141606.66826-4-hdegoede@redhat.com Signed-off-by: Rafael J. Wysocki commit 2f80ce0b78c340e332f04a5801dee5e4ac8cfaeb Author: Hans de Goede Date: Fri Sep 27 16:16:05 2024 +0200 ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] Like other Asus Vivobook models the X1704VAP has its keybopard IRQ (1) described as ActiveLow in the DSDT, which the kernel overrides to EdgeHigh which breaks the keyboard. Add the X1704VAP to the irq1_level_low_skip_override[] quirk table to fix this. Reported-by: Lamome Julien Closes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078696 Closes: https://lore.kernel.org/all/1226760b-4699-4529-bf57-6423938157a3@wanadoo.fr/ Cc: All applicable Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20240927141606.66826-3-hdegoede@redhat.com Signed-off-by: Rafael J. Wysocki commit 63539defee17bf0cbd8e24078cf103efee9c6633 Author: Hans de Goede Date: Fri Sep 27 16:16:04 2024 +0200 ACPI: resource: Loosen the Asus E1404GAB DMI match to also cover the E1404GA Like other Asus Vivobooks, the Asus Vivobook Go E1404GA has a DSDT describing IRQ 1 as ActiveLow, while the kernel overrides to Edge_High. $ sudo dmesg | grep DMI:.*BIOS [ 0.000000] DMI: ASUSTeK COMPUTER INC. Vivobook Go E1404GA_E1404GA/E1404GA, BIOS E1404GA.302 08/23/2023 $ sudo cp /sys/firmware/acpi/tables/DSDT dsdt.dat $ iasl -d dsdt.dat $ grep -A 30 PS2K dsdt.dsl | grep IRQ -A 1 IRQ (Level, ActiveLow, Exclusive, ) {1} There already is an entry in the irq1_level_low_skip_override[] DMI match table for the "E1404GAB", change this to match on "E1404GA" to cover the E1404GA model as well (DMI_MATCH() does a substring match). Reported-by: Paul Menzel Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219224 Cc: All applicable Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20240927141606.66826-2-hdegoede@redhat.com Signed-off-by: Rafael J. Wysocki commit 65bdebf38e5fac7c56a9e05d3479a707e6dc783c Author: Hans de Goede Date: Fri Sep 27 16:16:03 2024 +0200 ACPI: resource: Remove duplicate Asus E1504GAB IRQ override Commit d2aaf1996504 ("ACPI: resource: Add DMI quirks for ASUS Vivobook E1504GA and E1504GAB") does exactly what the subject says, adding DMI matches for both the E1504GA and E1504GAB. But DMI_MATCH() does a substring match, so checking for E1504GA will also match E1504GAB. Drop the unnecessary E1504GAB entry since that is covered already by the E1504GA entry. Fixes: d2aaf1996504 ("ACPI: resource: Add DMI quirks for ASUS Vivobook E1504GA and E1504GAB") Cc: All applicable Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20240927141606.66826-1-hdegoede@redhat.com Signed-off-by: Rafael J. Wysocki commit 190ecde722dd0531d087a9964537560aa35c769b Merge: a5f24c795513ff 34820304cc2cd1 Author: Linus Torvalds Date: Mon Sep 30 11:06:01 2024 -0700 Merge tag 'probes-fixes-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull probes fix from Masami Hiramatsu: - uprobes: fix kernel info leak via "[uprobes]" vma Fix uprobes not to expose the uninitialized page for trampoline buffer to user space, which can leak kernel info. * tag 'probes-fixes-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: uprobes: fix kernel info leak via "[uprobes]" vma commit a5f24c795513ff098dc8e350e5733aec8796fbf8 Merge: 2007d28ec0095c f801850bc263d7 Author: Linus Torvalds Date: Mon Sep 30 10:59:44 2024 -0700 Merge tag 'vfs-6.12-rc2.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs fixes from Christian Brauner: "afs: - Fix setting of the server responding flag - Remove unused struct afs_address_list and afs_put_address_list() function - Fix infinite loop because of unresponsive servers - Ensure that afs_retry_request() function is correctly added to the afs_req_ops netfs operations table netfs: - Fix netfs_folio tracepoint handling to handle NULL mappings - Add a missing folio_queue API documentation - Ensure that netfs_write_folio() correctly advances the iterator via iov_iter_advance() - Fix a dentry leak during concurrent cull and cookie lookup operations in cachefiles pidfs: - Correctly handle accessing another task's pid namespace" * tag 'vfs-6.12-rc2.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: netfs: Fix the netfs_folio tracepoint to handle NULL mapping netfs: Add folio_queue API documentation netfs: Advance iterator correctly rather than jumping it afs: Fix the setting of the server responding flag afs: Remove unused struct and function prototype afs: Fix possible infinite loop with unresponsive servers pidfs: check for valid pid namespace afs: Fix missing wire-up of afs_retry_request() cachefiles: fix dentry leak in cachefiles_open_file() commit 45a8897db67d43aad3a17a792fe06a6306f483d6 Author: Javier Carrasco Date: Wed Sep 25 23:55:15 2024 +0200 selftests: exec: update gitignore for load_address The name of the "load_address" objects has been modified, but the corresponding entry in the gitignore file must be updated. Update the load_address entry in the gitignore file to account for the new names, adding an exception to keep on tracking load_address.c. Signed-off-by: Javier Carrasco Signed-off-by: Shuah Khan commit b79a038de6a6e826fc832223d5fea435c2a0fa17 Author: Javier Carrasco Date: Wed Sep 25 23:55:11 2024 +0200 selftests: core: add unshare_test to gitignore This executable is missing from the corresponding gitignore file. Add unshare_test to the core gitignore list. Signed-off-by: Javier Carrasco Signed-off-by: Shuah Khan commit 74923546a0f5affe867a15e83e21c2f043f9298a Author: Ba Jing Date: Tue Sep 3 11:36:28 2024 +0800 clone3: clone3_cap_checkpoint_restore: remove unused MAX_PID_NS_LEVEL macro The macro MAX_PID_NS_LEVEL is never referenced in the code, so remove it. Signed-off-by: Ba Jing Reviewed-by: Christian Brauner Signed-off-by: Shuah Khan commit ba872972002bd1e9ae89c397307a079e04ee289a Author: Shuah Khan Date: Tue Sep 24 09:56:46 2024 -0600 selftests:timers: posix_timers: Fix warn_unused_result in __fatal_error() __fatal_error routine doesn't check strerror_r() return value, which results in the following compile time warning: posix_timers.c: In function ‘__fatal_error’: posix_timers.c:31:9: warning: ignoring return value of ‘strerror_r’ declared with attribute ‘warn_unused_result’ [-Wunused-result] 31 | strerror_r(errno, buf, sizeof(buf)); Fix this by adding a check for return value and error handling appropriate for the GNU-specific strerror_r() in use in __fatal_error(). Check if return string is null and handle accordingly. From Linux strerror_r() manual page: "The GNU-specific strerror_r() returns a pointer to a string containing the error message. This may be either a pointer to a string that the function stores in buf, or a pointer to some (immutable) static string (in which case buf is unused). If the function stores a string in buf, then at most buflen bytes are stored (the string may be truncated if buflen is too small and errnum is unknown). The string always includes a terminating null byte." Signed-off-by: Shuah Khan Acked-by: John Stultz Acked-by: Thomas Gleixner Signed-off-by: Shuah Khan commit 1ad999870a86d58246b6a614a435d055a9edf269 Author: Joseph Jang Date: Thu May 23 18:38:07 2024 -0700 selftest: rtc: Check if could access /dev/rtc0 before testing The rtctest requires the read permission on /dev/rtc0. The rtctest will be skipped if the /dev/rtc0 is not readable. Reviewed-by: Koba Ko Reviewed-by: Matthew R. Ochs Signed-off-by: Joseph Jang Acked-by: Alexandre Belloni Signed-off-by: Shuah Khan commit 7ae76b32f9796449a5653c88847c6d784f38b7d3 Author: Arnaldo Carvalho de Melo Date: Mon Sep 30 12:15:18 2024 -0300 tools include UAPI: Sync linux/sched.h copy with the kernel sources Picking the changes from: f0e1a0643a59bf1f ("sched_ext: Implement BPF extensible scheduler class") The inclusion of the SCHED_EXT define doesn't cause any change in behaviour in tools/perf. This just silences this perf tools build warning: diff -u tools/perf/trace/beauty/include/uapi/sound/asound.h include/uapi/sound/asound.h Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Tejun Heo Link: https://lore.kernel.org/lkml/ZvrDShNVXotZpiwk@x1 Signed-off-by: Arnaldo Carvalho de Melo commit c850897b6cc275aea01c068732894b286bca44d1 Author: Arnaldo Carvalho de Melo Date: Mon Sep 30 12:15:18 2024 -0300 tools include UAPI: Sync sound/asound.h copy with the kernel sources Picking the changes from: 37745918e0e7575b ("ALSA: timer: Introduce virtual userspace-driven timers") Which entails no changes in the tooling side as it only introduces new SNDRV_TIMER_IOCTL_ ioctls, and the ones tracked by scripts in tools/perf/trace/beauty/ are only SNDRV_PCM_IOCTL_ and SNDRV_CTL_IOCTL_, we still need to support SNDRV_TIMER_IOCTL_ ones, but that probably will be one of the first for a BTF enumeration based approach :-) This silences this perf tools build warning: diff -u tools/perf/trace/beauty/include/uapi/sound/asound.h include/uapi/sound/asound.h Cc: Adrian Hunter Cc: Ian Rogers Cc: Ivan Orlov Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Takashi Iwai Link: https://lore.kernel.org/lkml/ZvrB-g_E7g2ArlYW@x1 Signed-off-by: Arnaldo Carvalho de Melo commit c314094cb4cfa6fc5a17f4881ead2dfebfa717a7 Author: Jens Axboe Date: Thu Sep 26 07:08:10 2024 -0600 io_uring/net: harden multishot termination case for recv If the recv returns zero, or an error, then it doesn't matter if more data has already been received for this buffer. A condition like that should terminate the multishot receive. Rather than pass in the collected return value, pass in whether to terminate or keep the recv going separately. Note that this isn't a bug right now, as the only way to get there is via setting MSG_WAITALL with multishot receive. And if an application does that, then -EINVAL is returned anyway. But it seems like an easy bug to introduce, so let's make it a bit more explicit. Link: https://github.com/axboe/liburing/issues/1246 Cc: stable@vger.kernel.org Fixes: b3fdea6ecb55 ("io_uring: multishot recv") Signed-off-by: Jens Axboe commit 8a193d8e351d185d75186bf0bdfa979e19d8fba8 Author: Julia Lawall Date: Mon Sep 30 13:20:50 2024 +0200 ALSA: Reorganize kerneldoc parameter names Reorganize kerneldoc parameter names to match the parameter order in the function header. Problems identified using Coccinelle. Signed-off-by: Julia Lawall Link: https://patch.msgid.link/20240930112121.95324-5-Julia.Lawall@inria.fr Signed-off-by: Takashi Iwai commit 05df9732a0894846c46d0062d4af535c5002799d Author: Oder Chiou Date: Mon Sep 30 18:50:39 2024 +0800 ALSA: hda/realtek: Fix the push button function for the ALC257 The headset push button cannot work properly in case of the ALC257. This patch reverted the previous commit to correct the side effect. Fixes: ef9718b3d54e ("ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7") Signed-off-by: Oder Chiou Link: https://patch.msgid.link/20240930105039.3473266-1-oder_chiou@realtek.com Signed-off-by: Takashi Iwai commit 73253f2fd1d0a44708735c842e37163712e3f03b Author: Oldherl Oh Date: Mon Sep 30 16:41:32 2024 +0800 ALSA: hda/conexant: fix some typos Fix some typos in patch_conexant.c Signed-off-by: Oldherl Oh Link: https://patch.msgid.link/20240930084132.3373750-1-me@oldherl.one Signed-off-by: Takashi Iwai commit 875ea82c75f56697fa500f30fabaa49f82f9b229 Author: Sam Edwards Date: Thu Sep 12 11:01:48 2024 -0700 arm64: dts: rockchip: Designate Turing RK1's system power controller Currently, the Turing RK1 board reboots when told to power off. Resolve this by designating the RK806 as the system power controller, so that the relevant driver can handle system shutdown requests. Fixes: 2806a69f3fef ("arm64: dts: rockchip: Add Turing RK1 SoM support") Signed-off-by: Sam Edwards Link: https://lore.kernel.org/r/20240912180148.205957-1-CFSworks@gmail.com Signed-off-by: Heiko Stuebner commit abf201f6ce14c4ceeccde5471bdf59614b83a3d8 Author: Christian König Date: Mon Sep 30 15:07:49 2024 +0200 drm/sched: revert "Always increment correct scheduler score" This reverts commit 087913e0ba2b3b9d7ccbafb2acf5dab9e35ae1d5. It turned out that the original code was correct since the rq can only change when there is no armed job for an entity. This change here broke the logic since we only incremented the counter for the first job, so revert it. Signed-off-by: Christian König Acked-by: Tvrtko Ursulin Link: https://patchwork.freedesktop.org/patch/msgid/20240930131451.536150-1-christian.koenig@amd.com commit ee1e3c46ed19c096be22472c728fa7f68b1352c4 Author: Ben Cheatham Date: Fri Sep 27 11:34:28 2024 -0500 EINJ, CXL: Fix CXL device SBDF calculation The SBDF of the target CXL 2.0 compliant root port is required to inject a CXL protocol error as per ACPI 6.5. The SBDF given has to be in the following format: 31 24 23 16 15 11 10 8 7 0 +-------------------------------------------------+ | segment | bus | device | function | reserved | +-------------------------------------------------+ The SBDF calculated in cxl_dport_get_sbdf() doesn't account for the reserved bits currently, causing the wrong SBDF to be used. Fix said calculation to properly shift the SBDF. Without this fix, error injection into CXL 2.0 root ports through the CXL debugfs interface (/cxl) is broken. Injection through the legacy interface (/apei/einj/) will still work because the SBDF is manually provided by the user. Fixes: 12fb28ea6b1cf ("EINJ: Add CXL error type support") Signed-off-by: Ben Cheatham Reviewed-by: Dan Williams Tested-by: Srinivasulu Thanneeru Reviewed-by: Srinivasulu Thanneeru Link: https://patch.msgid.link/20240927163428.366557-1-Benjamin.Cheatham@amd.com Signed-off-by: Ira Weiny commit 2cf59663660799ce16f4dfbed97cdceac7a7fa11 Author: Changhuang Liang Date: Wed Sep 25 04:24:42 2024 -0700 reset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC data->asserted will be NULL on JH7110 SoC since commit 82327b127d41 ("reset: starfive: Add StarFive JH7110 reset driver") was added. Add the judgment condition to avoid errors when calling reset_control_status on JH7110 SoC. Fixes: 82327b127d41 ("reset: starfive: Add StarFive JH7110 reset driver") Signed-off-by: Changhuang Liang Acked-by: Hal Feng Reviewed-by: Philipp Zabel Link: https://lore.kernel.org/r/20240925112442.1732416-1-changhuang.liang@starfivetech.com Signed-off-by: Philipp Zabel commit e7b71bf181d03b4835e2d424fa587f4db2438fb2 Author: Yan Zhen Date: Mon Sep 9 14:12:58 2024 +0800 reset: npcm: convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Yan Zhen Reviewed-by: Philipp Zabel Link: https://lore.kernel.org/r/20240909061258.2246292-1-yanzhen@vivo.com Signed-off-by: Philipp Zabel commit f801850bc263d7fa0a4e6d9a36cddf4966c79c14 Author: David Howells Date: Mon Sep 30 12:59:16 2024 +0100 netfs: Fix the netfs_folio tracepoint to handle NULL mapping Fix the netfs_folio tracepoint to handle folios that have a NULL mapping pointer. In such a case, just substitute a zero inode number. Fixes: c38f4e96e605 ("netfs: Provide func to copy data to pagecache for buffered write") Signed-off-by: David Howells Link: https://lore.kernel.org/r/2917423.1727697556@warthog.procyon.org.uk cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Signed-off-by: Christian Brauner commit 28e8c5c095ec28edeedab5e976e62e0419a89fc1 Author: David Howells Date: Mon Sep 30 11:14:41 2024 +0100 netfs: Add folio_queue API documentation Add API documentation for folio_queue. Signed-off-by: David Howells Link: https://lore.kernel.org/r/2912369.1727691281@warthog.procyon.org.uk cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-doc@vger.kernel.org cc: linux-fsdevel@vger.kernel.org cc: linux-mm@kvack.org Signed-off-by: Christian Brauner commit 3360d41f4ac490282fddc3ccc0b58679aa5c065d Author: Emanuele Ghidoli Date: Wed Aug 28 15:32:07 2024 +0200 gpio: davinci: fix lazy disable On a few platforms such as TI's AM69 device, disable_irq() fails to keep track of the interrupts that happen between disable_irq() and enable_irq() and those interrupts are missed. Use the ->irq_unmask() and ->irq_mask() methods instead of ->irq_enable() and ->irq_disable() to correctly keep track of edges when disable_irq is called. This solves the issue of disable_irq() not working as expected on such platforms. Fixes: 23265442b02b ("ARM: davinci: irq_data conversion.") Signed-off-by: Emanuele Ghidoli Signed-off-by: Parth Pancholi Acked-by: Keerthy Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240828133207.493961-1-parth105105@gmail.com Signed-off-by: Bartosz Golaszewski commit 4d46b5b623e0adee1153b1d80689211e5094ae44 Author: Masahiro Yamada Date: Wed Sep 25 20:25:31 2024 +0900 kconfig: fix infinite loop in sym_calc_choice() Since commit f79dc03fe68c ("kconfig: refactor choice value calculation"), Kconfig for ARCH=powerpc may result in an infinite loop. This occurs because there are two entries for POWERPC64_CPU in a choice block. If the same symbol appears twice in a choice block, the ->choice_link node is added twice to ->choice_members, resulting a corrupted linked list. A simple test case is: choice prompt "choice" config A bool "A" config B bool "B 1" config B bool "B 2" endchoice Running 'make defconfig' results in an infinite loop. One solution is to replace the current two entries: config POWERPC64_CPU bool "Generic (POWER5 and PowerPC 970 and above)" depends on PPC_BOOK3S_64 && !CPU_LITTLE_ENDIAN select PPC_64S_HASH_MMU config POWERPC64_CPU bool "Generic (POWER8 and above)" depends on PPC_BOOK3S_64 && CPU_LITTLE_ENDIAN select ARCH_HAS_FAST_MULTIPLIER select PPC_64S_HASH_MMU select PPC_HAS_LBARX_LHARX with the following single entry: config POWERPC64_CPU bool "Generic 64 bit powerpc" depends on PPC_BOOK3S_64 select ARCH_HAS_FAST_MULTIPLIER if CPU_LITTLE_ENDIAN select PPC_64S_HASH_MMU select PPC_HAS_LBARX_LHARX if CPU_LITTLE_ENDIAN In my opinion, the latter looks cleaner, but PowerPC maintainers may prefer to display different prompts depending on CPU_LITTLE_ENDIAN. For now, this commit fixes the issue in Kconfig, restoring the original behavior. I will reconsider whether such a use case is worth supporting. Fixes: f79dc03fe68c ("kconfig: refactor choice value calculation") Reported-by: Marco Bonelli Closes: https://lore.kernel.org/all/1763151587.3581913.1727224126288@privateemail.com/ Signed-off-by: Masahiro Yamada commit 7fb1d1e0382c2841906fbc1bad7d902b21fe67de Author: Masahiro Yamada Date: Mon Sep 23 16:56:02 2024 +0900 kbuild: move non-boot built-in DTBs to .rodata section Commit aab94339cd85 ("of: Add support for linking device tree blobs into vmlinux") introduced a mechanism to embed DTBs into vmlinux. Initially, it was used for wrapping boot DTBs in arch/*/boot/dts/, but it is now reused for more generic purposes, such as testing. Built-in DTBs are discarded because KERNEL_DTB() is part of INIT_DATA, as defined in include/asm-generic/vmlinux.lds.h. This has not been an issue so far because OF unittests are triggered during boot, as defined by late_initcall(of_unittest). However, the recent clk KUnit test additions have caused problems because KUnit can execute test suites after boot. For example: # echo > /sys/kernel/debug/kunit/clk_register_clk_parent_data_device/run This command triggers a stack trace because built-in DTBs have already been freed. While it is possible to move such test suites from kunit_test_suites to kunit_test_init_section_suites, it would be preferable to avoid usage limitations. This commit moves non-boot built-in DTBs to the .rodata section. Since these generic DTBs are looked up by name, they do not need to be placed in the special .dtb.init.rodata section. Boot DTBs should remain in .dtb.init.rodata because the arch boot code generally does not know the DT name, thus it uses the __dtb_start symbol to locate it. This separation also ensures that the __dtb_start symbol references the boot DTB. Currently, the .dtb.init.rodata is a mixture of both boot and non-boot DTBs. The __dtb_start symbol must be followed by the boot DTB, but we currently rely on the link order (i.e., the order in Makefiles), which is very fragile. The implementation is kind of cheesy; the section is .dtb.init.rodata when $(obj) starts with arch/$(SRCARCH)/boot/dts, and .rodata section otherwise. This will be refactored later. Fixes: 5c9dd72d8385 ("of: Add a KUnit test for overlays and test managed APIs") Fixes: 5776526beb95 ("clk: Add KUnit tests for clk fixed rate basic type") Fixes: 274aff8711b2 ("clk: Add KUnit tests for clks registered with struct clk_parent_data") Signed-off-by: Masahiro Yamada Acked-by: Rob Herring (Arm) commit 21dcd49fb4aa1630ea3217d5c4467cd71105afe1 Merge: 9852d85ec9d492 d594de8956883f Author: Andy Shevchenko Date: Mon Sep 30 14:35:38 2024 +0300 Merge patch series "pinctrl: intel: platform: fix error path in device_for_each_child_node()" Javier Carrasco says: This series fixes an error path where the reference of a child node is not decremented upon early return. When at it, a trivial comma/semicolon substitution I found by chance has been added to improve code clarity. Link: https://lore.kernel.org/r/20240926-intel-pinctrl-platform-scoped-v1-0-5ee4c936eea3@gmail.com Signed-off-by: Andy Shevchenko commit d594de8956883f233f30b2559a10266dc0fc446a Author: Javier Carrasco Date: Thu Sep 26 16:11:03 2024 +0200 pinctrl: intel: platform: use semicolon instead of comma in ncommunities assignment Substitute the comma with a semicolon in the `ncommunities` assignment for better readability and consistency with common C coding style. Signed-off-by: Javier Carrasco Acked-by: Mika Westerberg Signed-off-by: Andy Shevchenko commit 16a6d2e685e8f9a2f51dd5a363d3f97fcad35e22 Author: Javier Carrasco Date: Thu Sep 26 16:11:02 2024 +0200 pinctrl: intel: platform: fix error path in device_for_each_child_node() The device_for_each_child_node() loop requires calls to fwnode_handle_put() upon early returns to decrement the refcount of the child node and avoid leaking memory if that error path is triggered. There is one early returns within that loop in intel_platform_pinctrl_prepare_community(), but fwnode_handle_put() is missing. Instead of adding the missing call, the scoped version of the loop can be used to simplify the code and avoid mistakes in the future if new early returns are added, as the child node is only used for parsing, and it is never assigned. Cc: stable@vger.kernel.org Fixes: c5860e4a2737 ("pinctrl: intel: Add a generic Intel pin control platform driver") Signed-off-by: Javier Carrasco Acked-by: Mika Westerberg Signed-off-by: Andy Shevchenko commit a03c246d4ec836ae5827a4a16f6b9e730ec5ee8c Author: Jinjie Ruan Date: Fri Sep 27 18:21:04 2024 +0800 clk: samsung: Fix out-of-bound access of of_match_node() Currently, there is no terminator entry for exynosautov920_cmu_of_match, hence facing below KASAN warning, BUG: KASAN: global-out-of-bounds in of_match_node+0x120/0x13c Read of size 1 at addr ffffffe31cc9e628 by task swapper/0/1 CPU: 1 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.11.0+ #334 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace+0x94/0xec show_stack+0x18/0x24 dump_stack_lvl+0x90/0xd0 print_report+0x1f4/0x5b4 kasan_report+0xc8/0x110 __asan_report_load1_noabort+0x20/0x2c of_match_node+0x120/0x13c of_match_device+0x70/0xb4 platform_match+0xa0/0x25c __device_attach_driver+0x7c/0x2d4 bus_for_each_drv+0x100/0x188 __device_attach+0x174/0x364 device_initial_probe+0x14/0x20 bus_probe_device+0x128/0x158 device_add+0xb3c/0x10fc of_device_add+0xdc/0x150 of_platform_device_create_pdata+0x120/0x20c of_platform_bus_create+0x2bc/0x620 of_platform_populate+0x58/0x108 of_platform_default_populate_init+0x100/0x120 do_one_initcall+0x110/0x788 kernel_init_freeable+0x44c/0x61c kernel_init+0x24/0x1e4 ret_from_fork+0x10/0x20 The buggy address belongs to the variable: exynosautov920_cmu_of_match+0xc8/0x2c80 Add a dummy terminator entry at the end to assist of_match_node() in traversing up to the terminator entry without accessing an out-of-boundary index. Fixes: 485e13fe2fb6 ("clk: samsung: add top clock support for ExynosAuto v920 SoC") Signed-off-by: Jinjie Ruan Acked-by: Mark Rutland Link: https://lore.kernel.org/r/20240927102104.3268790-1-ruanjinjie@huawei.com [krzk: drop trailing comma] Signed-off-by: Krzysztof Kozlowski commit 6be82067254cba14f7b9ca00613bdb7caac9501f Author: Dragan Simic Date: Sat Sep 21 23:39:05 2024 +0200 arm64: dts: rockchip: Start cooling maps numbering from zero on ROCK 5B The package cooling maps for the Radxa ROCK 5B were mistakenly named map1 and map2. Their numbering should start from zero instead, because there are no package cooling maps defined in the parent RK3588 SoC dtsi file, so let's rename these cooling maps to map0 and map1. Fixes: 4a152231b050 ("arm64: dts: rockchip: enable automatic fan control on Rock 5B") Signed-off-by: Dragan Simic Link: https://lore.kernel.org/r/335ecd5841ab55f333e17bb391d0e1264fac257b.1726954592.git.dsimic@manjaro.org Signed-off-by: Heiko Stuebner commit df5f6f2f62b9b50cef78f32909485b00fc7cf7f2 Author: Dragan Simic Date: Thu Sep 26 12:29:13 2024 +0200 arm64: dts: rockchip: Move L3 cache outside CPUs in RK3588(S) SoC dtsi Move the "l3_cache" node outside the "cpus" node in the base dtsi file for Rockchip RK3588(S) SoCs. The A55 and A76 CPU cores in these SoCs belong to the ARM DynamIQ IP core lineup, which places the L3 cache outside the CPUs and into the DynamIQ Shared Unit (DSU). [1] Thus, moving the L3 cache DT node one level higher in the DT improves the way the physical topology of the RK3588(S) SoCs is represented in the SoC dtsi files. While there, add a comment that explains it briefly, to save curious readers from the need to reference the repository log for a clarification. [1] ARM DynamIQ Shared Unit revision r4p0 TRM, version 0400-02 Fixes: c9211fa2602b ("arm64: dts: rockchip: Add base DT for rk3588 SoC") Helped-by: Robin Murphy Signed-off-by: Dragan Simic Link: https://lore.kernel.org/r/84264d0713fb51ae2b9b731e28fc14681beea853.1727345965.git.dsimic@manjaro.org Signed-off-by: Heiko Stuebner commit 577b5761679da90e691acc939ebbe7879fff5f31 Author: Geert Uytterhoeven Date: Thu Sep 26 15:48:41 2024 +0200 arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator There are no DT bindings and driver support for a "rockchip,rt5651" codec. Replace "rockchip,rt5651" by "realtek,rt5651", which matches the "simple-audio-card,name" property in the "rt5651-sound" node. Fixes: 0a3c78e251b3a266 ("arm64: dts: rockchip: Add support for rk3399 excavator main board") Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/r/abc6c89811b3911785601d6d590483eacb145102.1727358193.git.geert+renesas@glider.be Signed-off-by: Heiko Stuebner commit 2f39bba3b4f037d6c3c9174eed5befcef1c79abb Author: Geert Uytterhoeven Date: Thu Sep 26 15:48:40 2024 +0200 arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-eaidk-610 There are no DT bindings and driver support for a "rockchip,rt5651" codec. Replace "rockchip,rt5651" by "realtek,rt5651", which matches the "simple-audio-card,name" property in the "rt5651-sound" node. Fixes: 904f983256fdd24b ("arm64: dts: rockchip: Add dts for a rk3399 based board EAIDK-610") Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/r/a9877b8b1bd0de279d2ec8294d5be14587203a82.1727358193.git.geert+renesas@glider.be Signed-off-by: Heiko Stuebner commit 4b058c9f281f5b100efbf665dd5a1a05e1654d6d Author: Jason A. Donenfeld Date: Wed Sep 25 19:50:22 2024 +0200 powerpc/vdso: allow r30 in vDSO code generation of getrandom For gettimeofday, -ffixed-r30 was passed to work around a bug in Go code, where the vDSO trampoline forgot to save and restore this register across function calls. But Go requires a different trampoline for every call, and there's no reason that new Go code needs to be broken and add more bugs. So remove -ffixed-r30 for getrandom. Fixes: 8072b39c3a75 ("powerpc/vdso: Wire up getrandom() vDSO implementation on VDSO64") Signed-off-by: Jason A. Donenfeld Signed-off-by: Michael Ellerman Link: https://msgid.link/20240925175021.1526936-2-Jason@zx2c4.com commit d6bf6983b3949baab4b791b80a2aa0a077b00ced Author: Jonathan Cameron Date: Sun Sep 29 18:21:05 2024 +0100 iio: pressure: sdp500: Add missing select CRC8 Fix: sh4-linux-ld: drivers/iio/pressure/sdp500.o: in function `sdp500_probe': >> drivers/iio/pressure/sdp500.c:130:(.text+0xe8): undefined reference to `crc8_populate_msb' sh4-linux-ld: drivers/iio/pressure/sdp500.o: in function `sdp500_read_raw': >> drivers/iio/pressure/sdp500.c:74:(.text+0x200): undefined reference to `crc8' by adding missing select. Reviewed-by: Javier Carrasco Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409271341.0dhpXk7G-lkp@intel.com/ Link: https://patch.msgid.link/20240929172105.1819259-1-jic23@kernel.org Signed-off-by: Jonathan Cameron commit c9e9746f275c45108f2b0633a4855d65d9ae0736 Author: Javier Carrasco Date: Mon Sep 23 00:17:49 2024 +0200 iio: light: veml6030: fix ALS sensor resolution The driver still uses the sensor resolution provided in the datasheet until Rev. 1.6, 28-Apr-2022, which was updated with Rev 1.7, 28-Nov-2023. The original ambient light resolution has been updated from 0.0036 lx/ct to 0.0042 lx/ct, which is the value that can be found in the current device datasheet. Update the default resolution for IT = 100 ms and GAIN = 1/8 from the original 4608 mlux/cnt to the current value from the "Resolution and maximum detection range" table (Application Note 84367, page 5), 5376 mlux/cnt. Cc: Fixes: 7b779f573c48 ("iio: light: add driver for veml6030 ambient light sensor") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20240923-veml6035-v2-1-58c72a0df31c@gmail.com Signed-off-by: Jonathan Cameron commit 50161b2768d0f5381e095c04a3048fba9e19900e Author: Dan Carpenter Date: Mon Sep 16 17:09:15 2024 +0300 iio: bmi323: fix reversed if statement in bmi323_core_runtime_resume() This reversed if statement means that the function just returns success without writing to the registers. Fixes: 16531118ba63 ("iio: bmi323: peripheral in lowest power state on suspend") Signed-off-by: Dan Carpenter Link: https://patch.msgid.link/689a2122-6e2f-4b0c-9a1c-39a98621c6c1@stanley.mountain Signed-off-by: Jonathan Cameron commit 506a1ac4c4464a61e4336e135841067dbc040aaa Author: Dan Carpenter Date: Mon Sep 16 17:09:10 2024 +0300 iio: bmi323: fix copy and paste bugs in suspend resume This code is using bmi323_reg_savestate[] and ->reg_settings[] instead of bmi323_ext_reg_savestate[] and ->ext_reg_settings[]. This was discovered by Smatch: drivers/iio/imu/bmi323/bmi323_core.c:2202 bmi323_core_runtime_suspend() error: buffer overflow 'bmi323_reg_savestate' 9 <= 11 Fixes: 16531118ba63 ("iio: bmi323: peripheral in lowest power state on suspend") Signed-off-by: Dan Carpenter Link: https://patch.msgid.link/7175b8ec-85cf-4fbf-a4e1-c4c43c3b665c@stanley.mountain Signed-off-by: Jonathan Cameron commit cd8247cd41bc983398f5eb572f660752adfe7a1a Author: Nathan Chancellor Date: Tue Sep 10 10:22:54 2024 -0700 iio: bmi323: Drop CONFIG_PM guards around runtime functions When building with clang and CONFIG_PM disabled (such as with s390), it warns: drivers/iio/imu/bmi323/bmi323_core.c:121:27: warning: variable 'bmi323_reg_savestate' is not needed and will not be emitted [-Wunneeded-internal-declaration] 121 | static const unsigned int bmi323_reg_savestate[] = { | ^~~~~~~~~~~~~~~~~~~~ drivers/iio/imu/bmi323/bmi323_core.c:133:27: warning: variable 'bmi323_ext_reg_savestate' is not needed and will not be emitted [-Wunneeded-internal-declaration] 133 | static const unsigned int bmi323_ext_reg_savestate[] = { | ^~~~~~~~~~~~~~~~~~~~~~~~ These arrays have no references outside of sizeof(), which will be evaluated at compile time. To avoid these warnings, remove the CONFIG_PM ifdef guard and use the RUNTIME_PM_OPS macro to ensure these functions always appear used to the compiler, which allows the references to the arrays to be visible as well. This results in no difference in runtime behavior because bmi323_core_pm_ops is only used when CONFIG_PM is set with the pm_ptr() macro. Fixes: b09999ee1e86 ("iio: bmi323: suspend and resume triggering on relevant pm operations") Signed-off-by: Nathan Chancellor Link: https://patch.msgid.link/20240910-iio-bmi323-remove-config_pm-guards-v1-1-0552249207af@kernel.org Signed-off-by: Jonathan Cameron commit 9de32f48c5896e033b78a31da59a6594a805753f Author: Rob Herring (Arm) Date: Tue Sep 10 18:44:39 2024 -0500 dt-bindings: iio: dac: adi,ad56xx: Fix duplicate compatible strings adi,ad5686.yaml and adi,ad5696.yaml duplicate all the I2C device compatible strings with the exception of "adi,ad5337r". Since adi,ad5686.yaml references spi-peripheral-props.yaml, drop the I2C devices from it making it only SPI devices. Update the titles to make the distinction clear. Signed-off-by: Rob Herring (Arm) Reviewed-by: Nuno Sa Acked-by: Conor Dooley Link: https://patch.msgid.link/20240910234440.1045098-1-robh@kernel.org Signed-off-by: Jonathan Cameron commit 530688e39c644543b71bdd9cb45fdfb458a28eaa Author: Emil Gedenryd Date: Fri Sep 13 11:57:02 2024 +0200 iio: light: opt3001: add missing full-scale range value The opt3001 driver uses predetermined full-scale range values to determine what exponent to use for event trigger threshold values. The problem is that one of the values specified in the datasheet is missing from the implementation. This causes larger values to be scaled down to an incorrect exponent, effectively reducing the maximum settable threshold value by a factor of 2. Add missing full-scale range array value. Fixes: 94a9b7b1809f ("iio: light: add support for TI's opt3001 light sensor") Signed-off-by: Emil Gedenryd Cc: Link: https://patch.msgid.link/20240913-add_opt3002-v2-1-69e04f840360@axis.com Signed-off-by: Jonathan Cameron commit c7c44e57750c31de43906d97813273fdffcf7d02 Author: Javier Carrasco Date: Fri Sep 13 15:18:58 2024 +0200 iio: light: veml6030: fix IIO device retrieval from embedded device The dev pointer that is received as an argument in the in_illuminance_period_available_show function references the device embedded in the IIO device, not in the i2c client. dev_to_iio_dev() must be used to accessthe right data. The current implementation leads to a segmentation fault on every attempt to read the attribute because indio_dev gets a NULL assignment. This bug has been present since the first appearance of the driver, apparently since the last version (V6) before getting applied. A constant attribute was used until then, and the last modifications might have not been tested again. Cc: stable@vger.kernel.org Fixes: 7b779f573c48 ("iio: light: add driver for veml6030 ambient light sensor") Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20240913-veml6035-v1-3-0b09c0c90418@gmail.com Signed-off-by: Jonathan Cameron commit db9795a43dc944f048a37b65e06707f60f713e34 Author: Mikhail Lobanov Date: Tue Sep 10 04:36:20 2024 -0400 iio: accel: bma400: Fix uninitialized variable field_value in tap event handling. In the current implementation, the local variable field_value is used without prior initialization, which may lead to reading uninitialized memory. Specifically, in the macro set_mask_bits, the initial (potentially uninitialized) value of the buffer is copied into old__, and a mask is applied to calculate new__. A similar issue was resolved in commit 6ee2a7058fea ("iio: accel: bma400: Fix smatch warning based on use of unintialized value."). Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 961db2da159d ("iio: accel: bma400: Add support for single and double tap events") Signed-off-by: Mikhail Lobanov Link: https://patch.msgid.link/20240910083624.27224-1-m.lobanov@rosalinux.ru Signed-off-by: Jonathan Cameron commit 368e4663c557de4a33f321b44e7eeec0a21b2e4e Author: Christophe JAILLET Date: Thu Sep 26 20:17:36 2024 +0200 ALSA: mixer_oss: Remove some incorrect kfree_const() usages "assigned" and "assigned->name" are allocated in snd_mixer_oss_proc_write() using kmalloc() and kstrdup(), so there is no point in using kfree_const() to free these resources. Switch to the more standard kfree() to free these resources. This could avoid a memory leak. Fixes: 454f5ec1d2b7 ("ALSA: mixer: oss: Constify snd_mixer_oss_assign_table definition") Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/63ac20f64234b7c9ea87a7fa9baf41e8255852f7.1727374631.git.christophe.jaillet@wanadoo.fr Signed-off-by: Takashi Iwai commit dee476950cbd83125655a3f49e00d63b79f6114e Author: Ai Chao Date: Thu Sep 26 14:02:52 2024 +0800 ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 The headset mic requires a fixup to be properly detected/used. Signed-off-by: Ai Chao Cc: Link: https://patch.msgid.link/20240926060252.25630-1-aichao@kylinos.cn Signed-off-by: Takashi Iwai commit 73385f3e0d8088b715ae8f3f66d533c482a376ab Author: Lianqin Hu Date: Wed Sep 25 03:16:29 2024 +0000 ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET Audio control requests that sets sampling frequency sometimes fail on this card. Adding delay between control messages eliminates that problem. Signed-off-by: Lianqin Hu Cc: Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/TYUPR06MB62177E629E9DEF2401333BF7D2692@TYUPR06MB6217.apcprd06.prod.outlook.com commit 73c6e9e16f5bd8709c8cf3861d4b97f6ee23e2b7 Author: Yu Jiaoliang Date: Tue Sep 24 12:17:45 2024 +0800 ALSA: Fix typos in comments across various files This patch fixes typos in comments within the ALSA subsystem. These changes improve code readability without affecting functionality. Signed-off-by: Yu Jiaoliang Link: https://patch.msgid.link/20240924041749.3125507-1-yujiaoliang@vivo.com Signed-off-by: Takashi Iwai commit 2a94a0898b14f2d5dee10bf36d00ab5e766af94b Author: Abdul Rahim Date: Mon Sep 23 04:28:18 2024 +0530 selftest: alsa: check if user has alsa installed Currently, if alsa development package is not installed on the user's system then the make command would print a `pagefull` of errors. In particular one error message is repeated 3 times. This error is returned by `pkg-config` and since it is not being handeled appropriately, repeated calls to `pkg-config` prints the same message again. This patch adds check for alsa package installation. If alsa is not installed, a short and consize error is returned. Also, it does not affect the compilation of other tests. Signed-off-by: Abdul Rahim Reviewed-by: Shuah Khan Link: https://patch.msgid.link/20240922225824.18918-1-abdul.rahim@myyahoo.com Signed-off-by: Takashi Iwai commit 2007d28ec0095c6db0a24fd8bb8fe280c65446cd Author: Guenter Roeck Date: Sun Sep 29 17:39:02 2024 -0700 bcachefs: rename version -> bversion for big endian builds Builds on big endian systems fail as follows. fs/bcachefs/bkey.h: In function 'bch2_bkey_format_add_key': fs/bcachefs/bkey.h:557:41: error: 'const struct bkey' has no member named 'bversion' The original commit only renamed the variable for little endian builds. Rename it for big endian builds as well to fix the problem. Fixes: cf49f8a8c277 ("bcachefs: rename version -> bversion") Cc: Kent Overstreet Signed-off-by: Guenter Roeck Signed-off-by: Kent Overstreet commit 678379e1d4f7443b170939525d3312cfc37bf86b Author: Al Viro Date: Fri Aug 16 15:17:00 2024 -0400 close_range(): fix the logics in descriptor table trimming Cloning a descriptor table picks the size that would cover all currently opened files. That's fine for clone() and unshare(), but for close_range() there's an additional twist - we clone before we close, and it would be a shame to have close_range(3, ~0U, CLOSE_RANGE_UNSHARE) leave us with a huge descriptor table when we are not going to keep anything past stderr, just because some large file descriptor used to be open before our call has taken it out. Unfortunately, it had been dealt with in an inherently racy way - sane_fdtable_size() gets a "don't copy anything past that" argument (passed via unshare_fd() and dup_fd()), close_range() decides how much should be trimmed and passes that to unshare_fd(). The problem is, a range that used to extend to the end of descriptor table back when close_range() had looked at it might very well have stuff grown after it by the time dup_fd() has allocated a new files_struct and started to figure out the capacity of fdtable to be attached to that. That leads to interesting pathological cases; at the very least it's a QoI issue, since unshare(CLONE_FILES) is atomic in a sense that it takes a snapshot of descriptor table one might have observed at some point. Since CLOSE_RANGE_UNSHARE close_range() is supposed to be a combination of unshare(CLONE_FILES) with plain close_range(), ending up with a weird state that would never occur with unshare(2) is confusing, to put it mildly. It's not hard to get rid of - all it takes is passing both ends of the range down to sane_fdtable_size(). There we are under ->files_lock, so the race is trivially avoided. So we do the following: * switch close_files() from calling unshare_fd() to calling dup_fd(). * undo the calling convention change done to unshare_fd() in 60997c3d45d9 "close_range: add CLOSE_RANGE_UNSHARE" * introduce struct fd_range, pass a pointer to that to dup_fd() and sane_fdtable_size() instead of "trim everything past that point" they are currently getting. NULL means "we are not going to be punching any holes"; NR_OPEN_MAX is gone. * make sane_fdtable_size() use find_last_bit() instead of open-coding it; it's easier to follow that way. * while we are at it, have dup_fd() report errors by returning ERR_PTR(), no need to use a separate int *errorp argument. Fixes: 60997c3d45d9 "close_range: add CLOSE_RANGE_UNSHARE" Cc: stable@vger.kernel.org Signed-off-by: Al Viro commit 34820304cc2cd1804ee1f8f3504ec77813d29c8e Author: Oleg Nesterov Date: Sun Sep 29 18:20:47 2024 +0200 uprobes: fix kernel info leak via "[uprobes]" vma xol_add_vma() maps the uninitialized page allocated by __create_xol_area() into userspace. On some architectures (x86) this memory is readable even without VM_READ, VM_EXEC results in the same pgprot_t as VM_EXEC|VM_READ, although this doesn't really matter, debugger can read this memory anyway. Link: https://lore.kernel.org/all/20240929162047.GA12611@redhat.com/ Reported-by: Will Deacon Fixes: d4b3b6384f98 ("uprobes/core: Allocate XOL slots for uprobes use") Cc: stable@vger.kernel.org Acked-by: Masami Hiramatsu (Google) Signed-off-by: Oleg Nesterov Signed-off-by: Masami Hiramatsu (Google) commit 46f2dd5ce5723a2c07051d332f8f1c4c4ce548f3 Merge: 9852d85ec9d492 e249786b218810 Author: Mark Brown Date: Sun Sep 29 23:34:33 2024 +0100 Merge existing fixes from asoc/for-6.12 into new branch commit dd0d7edb866db2b9d23dc50553cbdd3f6a159fba Author: Pali Rohár Date: Sat Sep 28 23:59:41 2024 +0200 smb: Update comments about some reparse point tags NFS-style reparse points are recognized only by the Windows NFS server 2012 and new. Windows 8 does not contain Windows NFS server, so these reparse points are not used on Windows 8. Reparse points with IO_REPARSE_TAG_AF_UNIX tag were primarily introduced for native Win32 AF_UNIX sockets and later were re-used by also by WSL: https://devblogs.microsoft.com/commandline/af_unix-comes-to-windows/ https://devblogs.microsoft.com/commandline/windowswsl-interop-with-af_unix/ Signed-off-by: Pali Rohár Signed-off-by: Steve French commit a9023656bcd28aaf184974a121d3c2f2ec1ded46 Author: Pali Rohár Date: Fri Sep 27 20:20:39 2024 +0200 cifs: Check for UTF-16 null codepoint in SFU symlink target location Check that read buffer of SFU symlink target location does not contain UTF-16 null codepoint (via UniStrnlen() call) because Linux cannot process symlink with null byte, it truncates everything in buffer after null byte. Fixes: cf2ce67345d6 ("cifs: Add support for reading SFU symlink location") Signed-off-by: Pali Rohár Signed-off-by: Steve French commit 9852d85ec9d492ebef56dc5f229416c925758edc Author: Linus Torvalds Date: Sun Sep 29 15:06:19 2024 -0700 Linux 6.12-rc1 commit 3f749befb0998472470d850b11b430477c0718cc Author: Linus Torvalds Date: Sun Sep 29 14:47:33 2024 -0700 x86: kvm: fix build error The cpu_emergency_register_virt_callback() function is used unconditionally by the x86 kvm code, but it is declared (and defined) conditionally: #if IS_ENABLED(CONFIG_KVM_INTEL) || IS_ENABLED(CONFIG_KVM_AMD) void cpu_emergency_register_virt_callback(cpu_emergency_virt_cb *callback); ... leading to a build error when neither KVM_INTEL nor KVM_AMD support is enabled: arch/x86/kvm/x86.c: In function ‘kvm_arch_enable_virtualization’: arch/x86/kvm/x86.c:12517:9: error: implicit declaration of function ‘cpu_emergency_register_virt_callback’ [-Wimplicit-function-declaration] 12517 | cpu_emergency_register_virt_callback(kvm_x86_ops.emergency_disable_virtualization_cpu); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ arch/x86/kvm/x86.c: In function ‘kvm_arch_disable_virtualization’: arch/x86/kvm/x86.c:12522:9: error: implicit declaration of function ‘cpu_emergency_unregister_virt_callback’ [-Wimplicit-function-declaration] 12522 | cpu_emergency_unregister_virt_callback(kvm_x86_ops.emergency_disable_virtualization_cpu); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Fix the build by defining empty helper functions the same way the old cpu_emergency_disable_virtualization() function was dealt with for the same situation. Maybe we could instead have made the call sites conditional, since the callers (kvm_arch_{en,dis}able_virtualization()) have an empty weak fallback. I'll leave that to the kvm people to argue about, this at least gets the build going for that particular config. Fixes: 590b09b1d88e ("KVM: x86: Register "emergency disable" callbacks when virt is enabled") Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Kai Huang Cc: Chao Gao Cc: Farrah Chen Signed-off-by: Linus Torvalds commit e7ed343658792771cf1b868df061661b7bcc5cef Merge: 907537f570c667 54595f2807d203 Author: Linus Torvalds Date: Sun Sep 29 09:53:04 2024 -0700 Merge tag 'mailbox-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/jassibrar/mailbox Pull mailbox updates from Jassi Brar: - fix kconfig dependencies (mhu-v3, omap2+) - use devie name instead of genereic imx_mu_chan as interrupt name (imx) - enable sa8255p and qcs8300 ipc controllers (qcom) - Fix timeout during suspend mode (bcm2835) - convert to use use of_property_match_string (mailbox) - enable mt8188 (mediatek) - use devm_clk_get_enabled helpers (spreadtrum) - fix device-id typo (rockchip) * tag 'mailbox-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/jassibrar/mailbox: mailbox, remoteproc: omap2+: fix compile testing dt-bindings: mailbox: qcom-ipcc: Document QCS8300 IPCC dt-bindings: mailbox: qcom-ipcc: document the support for SA8255p dt-bindings: mailbox: mtk,adsp-mbox: Add compatible for MT8188 mailbox: Use of_property_match_string() instead of open-coding mailbox: bcm2835: Fix timeout during suspend mode mailbox: sprd: Use devm_clk_get_enabled() helpers mailbox: rockchip: fix a typo in module autoloading mailbox: imx: use device name in interrupt name mailbox: ARM_MHU_V3 should depend on ARM64 commit 907537f570c66703844eb6d3858fcb0e70abd0d4 Merge: b81b78dacc44b3 26de8614d83f1f Author: Linus Torvalds Date: Sun Sep 29 09:47:33 2024 -0700 Merge tag 'i2c-for-6.12-rc1-additional_fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux Pull i2c fixes from Wolfram Sang: - fix DesignWare driver ENABLE-ABORT sequence, ensuring ABORT can always be sent when needed - check for PCLK in the SynQuacer controller as an optional clock, allowing ACPI to directly provide the clock rate - KEBA driver Kconfig dependency fix - fix XIIC driver power suspend sequence * tag 'i2c-for-6.12-rc1-additional_fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: i2c: xiic: Fix pm_runtime_set_suspended() with runtime pm enabled i2c: keba: I2C_KEBA should depend on KEBA_CP500 i2c: synquacer: Deal with optional PCLK correctly i2c: designware: fix controller is holding SCL low while ENABLE bit is disabled commit b81b78dacc44b30b32c8137b29f36712cc1ea980 Merge: 3ed7df085225ea bfc4a245a79484 Author: Linus Torvalds Date: Sun Sep 29 09:35:10 2024 -0700 Merge tag 'dma-mapping-6.12-2024-09-29' of git://git.infradead.org/users/hch/dma-mapping Pull dma-mapping fix from Christoph Hellwig: - handle chained SGLs in the new tracing code (Christoph Hellwig) * tag 'dma-mapping-6.12-2024-09-29' of git://git.infradead.org/users/hch/dma-mapping: dma-mapping: fix DMA API tracing for chained scatterlists commit 3ed7df085225ea8736b80d1e1a247a40d91281c8 Merge: 9f9a53472452b8 359aeb86480da0 Author: Linus Torvalds Date: Sun Sep 29 09:22:34 2024 -0700 Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi Pull more SCSI updates from James Bottomley: "These are mostly minor updates. There are two drivers (lpfc and mpi3mr) which missed the initial pull and a core change to retry a start/stop unit which affect suspend/resume" * tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: (32 commits) scsi: lpfc: Update lpfc version to 14.4.0.5 scsi: lpfc: Support loopback tests with VMID enabled scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() scsi: mpi3mr: Update driver version to 8.12.0.0.50 scsi: mpi3mr: Improve wait logic while controller transitions to READY state scsi: mpi3mr: Update MPI Headers to revision 34 scsi: mpi3mr: Use firmware-provided timestamp update interval scsi: mpi3mr: Enhance the Enable Controller retry logic scsi: sd: Fix off-by-one error in sd_read_block_characteristics() scsi: pm8001: Do not overwrite PCI queue mapping scsi: scsi_debug: Remove a useless memset() scsi: pmcraid: Convert comma to semicolon scsi: sd: Retry START STOP UNIT commands scsi: mpi3mr: A performance fix scsi: ufs: qcom: Update MODE_MAX cfg_bw value ... commit 9f9a53472452b83d44d5e1d77b6dea6eaa043204 Merge: d37421e655cec0 3a5895e3ac2bb4 Author: Linus Torvalds Date: Sun Sep 29 09:17:44 2024 -0700 Merge tag 'bcachefs-2024-09-28' of git://evilpiepirate.org/bcachefs Pull more bcachefs updates from Kent Overstreet: "Assorted minor syzbot fixes, and for bigger stuff: Fix two disk accounting rewrite bugs: - Disk accounting keys use the version field of bkey so that journal replay can tell which updates have been applied to the btree. This is set in the transaction commit path, after we've gotten our journal reservation (and our time ordering), but the BCH_TRANS_COMMIT_skip_accounting_apply flag that journal replay uses was incorrectly skipping this for new updates generated prior to journal replay. This fixes the underlying cause of an assertion pop in disk_accounting_read. - A couple of fixes for disk accounting + device removal. Checking if acocunting replicas entries were marked in the superblock was being done at the wrong point, when deltas in the journal could still zero them out, and then additionally we'd try to add a missing replicas entry to the superblock without checking if it referred to an invalid (removed) device. A whole slew of repair fixes: - fix infinite loop in propagate_key_to_snapshot_leaves(), this fixes an infinite loop when repairing a filesystem with many snapshots - fix incorrect transaction restart handling leading to occasional "fsck counted ..." warnings - fix warning in __bch2_fsck_err() for bkey fsck errors - check_inode() in fsck now correctly checks if the filesystem was clean - there shouldn't be pending logged ops if the fs was clean, we now check for this - remove_backpointer() doesn't remove a dirent that doesn't actually point to the inode - many more fsck errors are AUTOFIX" * tag 'bcachefs-2024-09-28' of git://evilpiepirate.org/bcachefs: (35 commits) bcachefs: check_subvol_path() now prints subvol root inode bcachefs: remove_backpointer() now checks if dirent points to inode bcachefs: dirent_points_to_inode() now warns on mismatch bcachefs: Fix lost wake up bcachefs: Check for logged ops when clean bcachefs: BCH_FS_clean_recovery bcachefs: Convert disk accounting BUG_ON() to WARN_ON() bcachefs: Fix BCH_TRANS_COMMIT_skip_accounting_apply bcachefs: Check for accounting keys with bversion=0 bcachefs: rename version -> bversion bcachefs: Don't delete unlinked inodes before logged op resume bcachefs: Fix BCH_SB_ERRS() so we can reorder bcachefs: Fix fsck warnings from bkey validation bcachefs: Move transaction commit path validation to as late as possible bcachefs: Fix disk accounting attempting to mark invalid replicas entry bcachefs: Fix unlocked access to c->disk_sb.sb in bch2_replicas_entry_validate() bcachefs: Fix accounting read + device removal bcachefs: bch_accounting_mode bcachefs: fix transaction restart handling in check_extents(), check_dirents() bcachefs: kill inode_walker_entry.seen_this_pos ... commit d37421e655cec032084bba2601e46ea61e6f9044 Merge: ec03de73b1e11e d1fb034b75a8a9 Author: Linus Torvalds Date: Sun Sep 29 09:10:00 2024 -0700 Merge tag 'x86-urgent-2024-09-29' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fixes from Ingo Molnar: "Fix TDX MMIO #VE fault handling, and add two new Intel model numbers for 'Pantherlake' and 'Diamond Rapids'" * tag 'x86-urgent-2024-09-29' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/cpu: Add two Intel CPU model numbers x86/tdx: Fix "in-kernel MMIO" check commit ec03de73b1e11e5b0c30d3c35e09dffe7496bb06 Merge: 68e4b0e024e3ee ae39e0bd150bd2 Author: Linus Torvalds Date: Sun Sep 29 08:51:30 2024 -0700 Merge tag 'locking-urgent-2024-09-29' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull locking updates from Ingo Molnar: "lockdep: - Fix potential deadlock between lockdep and RCU (Zhiguo Niu) - Use str_plural() to address Coccinelle warning (Thorsten Blum) - Add debuggability enhancement (Luis Claudio R. Goncalves) static keys & calls: - Fix static_key_slow_dec() yet again (Peter Zijlstra) - Handle module init failure correctly in static_call_del_module() (Thomas Gleixner) - Replace pointless WARN_ON() in static_call_module_notify() (Thomas Gleixner) : - Add usage and style documentation (Dan Williams) rwsems: - Move is_rwsem_reader_owned() and rwsem_owner() under CONFIG_DEBUG_RWSEMS (Waiman Long) atomic ops, x86: - Redeclare x86_32 arch_atomic64_{add,sub}() as void (Uros Bizjak) - Introduce the read64_nonatomic macro to x86_32 with cx8 (Uros Bizjak)" Signed-off-by: Ingo Molnar * tag 'locking-urgent-2024-09-29' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: locking/rwsem: Move is_rwsem_reader_owned() and rwsem_owner() under CONFIG_DEBUG_RWSEMS jump_label: Fix static_key_slow_dec() yet again static_call: Replace pointless WARN_ON() in static_call_module_notify() static_call: Handle module init failure correctly in static_call_del_module() locking/lockdep: Simplify character output in seq_line() lockdep: fix deadlock issue between lockdep and rcu lockdep: Use str_plural() to fix Coccinelle warning cleanup: Add usage and style documentation lockdep: suggest the fix for "lockdep bfs error:-1" on print_bfs_bug locking/atomic/x86: Redeclare x86_32 arch_atomic64_{add,sub}() as void locking/atomic/x86: Introduce the read64_nonatomic macro to x86_32 with cx8 commit 68e4b0e024e3ee4d4bc8bf212f4db63e0e3ad094 Merge: e7ebdb5161bcb9 4003ba664bd16f Author: Linus Torvalds Date: Sun Sep 29 08:44:28 2024 -0700 Merge tag 'cocci-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/jlawall/linux Pull coccinelle updates from Julia Lawall: "Extend string_choices.cocci to use more available helpers Ten patches from Hongbo Li extending string_choices.cocci with the complete set of functions offered by include/linux/string_choices.h. One patch from myself reducing the number of redundant cases that are checked by Coccinelle, giving a small performance improvement" * tag 'cocci-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/jlawall/linux: Reduce Coccinelle choices in string_choices.cocci coccinelle: Remove unnecessary parentheses for only one possible change. coccinelle: Add rules to find str_yes_no() replacements coccinelle: Add rules to find str_on_off() replacements coccinelle: Add rules to find str_write_read() replacements coccinelle: Add rules to find str_read_write() replacements coccinelle: Add rules to find str_enable{d}_disable{d}() replacements coccinelle: Add rules to find str_lo{w}_hi{gh}() replacements coccinelle: Add rules to find str_hi{gh}_lo{w}() replacements coccinelle: Add rules to find str_false_true() replacements coccinelle: Add rules to find str_true_false() replacements commit e7ebdb5161bcb98cb27b7490459419e38dee5b9a Merge: 3efc57369a0ce8 4b721fcc094e9e Author: Linus Torvalds Date: Sun Sep 29 08:37:03 2024 -0700 Merge tag 'linux_kselftest-next-6.12-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull kselftest fix from Shuah Khan: "One urgent fix to vDSO as automated testing is failing due to this bug" * tag 'linux_kselftest-next-6.12-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: selftests: vDSO: align stack for O2-optimized memcpy commit ae39e0bd150bd2739582f72ad70b5a0b15e74576 Merge: 1d7f856c2ca449 d00b83d416e73b Author: Ingo Molnar Date: Sun Sep 29 08:57:18 2024 +0200 Merge branch 'locking/core' into locking/urgent, to pick up pending commits Merge all pending locking commits into a single branch. Signed-off-by: Ingo Molnar commit 045244dd5d75c61ae37b7b96fe0a95805bd1842d Author: Nathan Chancellor Date: Sat Sep 28 11:26:09 2024 -0700 MAINTAINERS: Add security/Kconfig.hardening to hardening section When running get_maintainer.pl on security/Kconfig.hardening, only the security subsystem folks show up, even though they have never taken patches to this file: $ scripts/get_maintainer.pl security/Kconfig.hardening Paul Moore <...> (supporter:SECURITY SUBSYSTEM) James Morris <...> (supporter:SECURITY SUBSYSTEM) "Serge E. Hallyn" <...> (supporter:SECURITY SUBSYSTEM) linux-security-module@vger.kernel.org (open list:SECURITY SUBSYSTEM) linux-kernel@vger.kernel.org (open list) $ git log --format=%cn --no-merges security/Kconfig.hardening | sort | uniq -c 3 Andrew Morton 1 Greg Kroah-Hartman 18 Kees Cook 2 Linus Torvald Add it to the hardening section so that the KSPP folks are also shown, which matches reality over who should comment on and take said patches if necessary. Signed-off-by: Nathan Chancellor Link: https://lore.kernel.org/r/20240928-maintainers-security-kconfig-hardening-v1-1-c8c64071cc02@kernel.org Signed-off-by: Kees Cook commit dd3a7ee91e0ce0b03d22e974a79e8247cc99959b Author: Nathan Chancellor Date: Sat Sep 28 11:13:13 2024 -0700 hardening: Adjust dependencies in selection of MODVERSIONS MODVERSIONS recently grew a dependency on !COMPILE_TEST so that Rust could be more easily tested. However, this introduces a Kconfig warning when building allmodconfig with a clang version that supports RANDSTRUCT natively because RANDSTRUCT_FULL and RANDSTRUCT_PERFORMANCE select MODVERSIONS when MODULES is enabled, bypassing the !COMPILE_TEST dependency: WARNING: unmet direct dependencies detected for MODVERSIONS Depends on [n]: MODULES [=y] && !COMPILE_TEST [=y] Selected by [y]: - RANDSTRUCT_FULL [=y] && (CC_HAS_RANDSTRUCT [=y] || GCC_PLUGINS [=n]) && MODULES [=y] Add the !COMPILE_TEST dependency to the selections to clear up the warning. Fixes: 1f9c4a996756 ("Kbuild: make MODVERSIONS support depend on not being a compile test build") Signed-off-by: Nathan Chancellor Link: https://lore.kernel.org/r/20240928-fix-randstruct-modversions-kconfig-warning-v1-1-27d3edc8571e@kernel.org Signed-off-by: Kees Cook commit 4003ba664bd16f5a969cc883295a9eb5a5aef19e Author: Julia Lawall Date: Sat Sep 28 21:26:22 2024 +0200 Reduce Coccinelle choices in string_choices.cocci The isomorphism neg_if_exp negates the test of a ?: conditional, making it unnecessary to have an explicit case for a negated test with the branches inverted. At the same time, we can disable neg_if_exp in cases where a different API function may be more suitable for a negated test. Finally, in the non-patch cases, E matches an expression with parentheses around it, so there is no need to mention () explicitly in the pattern. The () are still needed in the patch cases, because we want to drop them, if they are present. Signed-off-by: Julia Lawall commit f584e3752ca7bb1f8849a85816b3c974f1aa67ec Author: Hongbo Li Date: Wed Sep 11 09:09:27 2024 +0800 coccinelle: Remove unnecessary parentheses for only one possible change. The parentheses are only needed if there is a disjunction, ie a set of possible changes. If there is only one pattern, we can remove these parentheses. Just like the format: - x + y not: ( - x + y ) Signed-off-by: Hongbo Li Signed-off-by: Julia Lawall commit 253244cdf16a755039f9078b0a785176712f2584 Author: Hongbo Li Date: Wed Sep 11 09:09:26 2024 +0800 coccinelle: Add rules to find str_yes_no() replacements As other rules done, we add rules for str_yes_no() to check the relative opportunities. Signed-off-by: Hongbo Li Signed-off-by: Julia Lawall commit 9b5b4810559d3716aef9fdc8d555e4db1a031749 Author: Hongbo Li Date: Wed Sep 11 09:09:25 2024 +0800 coccinelle: Add rules to find str_on_off() replacements As other rules done, we add rules for str_on_off() to check the relative opportunities. Signed-off-by: Hongbo Li Signed-off-by: Julia Lawall commit c81ca023c30691dcae543bd770e7a3a4c63263ff Author: Hongbo Li Date: Wed Sep 11 09:09:24 2024 +0800 coccinelle: Add rules to find str_write_read() replacements As other rules done, we add rules for str_write_read() to check the relative opportunities. Signed-off-by: Hongbo Li Signed-off-by: Julia Lawall commit ba4b514a6f4ac420d872b8f16245e3ffa05c10a5 Author: Hongbo Li Date: Wed Sep 11 09:09:23 2024 +0800 coccinelle: Add rules to find str_read_write() replacements As other rules done, we add rules for str_read_write() to check the relative opportunities. Signed-off-by: Hongbo Li Signed-off-by: Julia Lawall commit dd2275d349c2f02ceb6cd37f89b8b9920c602488 Author: Hongbo Li Date: Wed Sep 11 09:09:22 2024 +0800 coccinelle: Add rules to find str_enable{d}_disable{d}() replacements As other rules done, we add rules for str_enable{d}_ disable{d}() to check the relative opportunities. Signed-off-by: Hongbo Li Signed-off-by: Julia Lawall commit 5b7ca4507d64de729011c145d8ee9a2731f9502f Author: Hongbo Li Date: Wed Sep 11 09:09:21 2024 +0800 coccinelle: Add rules to find str_lo{w}_hi{gh}() replacements As other rules done, we add rules for str_lo{w}_hi{gh}() to check the relative opportunities. Signed-off-by: Hongbo Li Signed-off-by: Julia Lawall commit d4c7544002db32dedbb162b2b89e655ac437ab08 Author: Hongbo Li Date: Wed Sep 11 09:09:20 2024 +0800 coccinelle: Add rules to find str_hi{gh}_lo{w}() replacements As other rules done, we add rules for str_hi{gh}_lo{w}() to check the relative opportunities. Signed-off-by: Hongbo Li Signed-off-by: Julia Lawall commit 8a0236bab4d6f0761f29eae4d55d1ba32c1ecd47 Author: Hongbo Li Date: Wed Sep 11 09:09:19 2024 +0800 coccinelle: Add rules to find str_false_true() replacements As done with str_true_false(), add checks for str_false_true() opportunities. A simple test can find over 9 cases currently exist in the tree. Signed-off-by: Hongbo Li Signed-off-by: Julia Lawall commit 716bf84ef39218a56fadaa413f70da008ad85888 Author: Hongbo Li Date: Wed Sep 11 09:09:18 2024 +0800 coccinelle: Add rules to find str_true_false() replacements After str_true_false() has been introduced in the tree, we can add rules for finding places where str_true_false() can be used. A simple test can find over 10 locations. Signed-off-by: Hongbo Li Signed-off-by: Julia Lawall commit 3efc57369a0ce8f76bf0804f7e673982384e4ac9 Merge: e08d227840bb93 efbc6bd090f48c Author: Linus Torvalds Date: Sat Sep 28 09:20:14 2024 -0700 Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm Pull x86 kvm updates from Paolo Bonzini: "x86: - KVM currently invalidates the entirety of the page tables, not just those for the memslot being touched, when a memslot is moved or deleted. This does not traditionally have particularly noticeable overhead, but Intel's TDX will require the guest to re-accept private pages if they are dropped from the secure EPT, which is a non starter. Actually, the only reason why this is not already being done is a bug which was never fully investigated and caused VM instability with assigned GeForce GPUs, so allow userspace to opt into the new behavior. - Advertise AVX10.1 to userspace (effectively prep work for the "real" AVX10 functionality that is on the horizon) - Rework common MSR handling code to suppress errors on userspace accesses to unsupported-but-advertised MSRs This will allow removing (almost?) all of KVM's exemptions for userspace access to MSRs that shouldn't exist based on the vCPU model (the actual cleanup is non-trivial future work) - Rework KVM's handling of x2APIC ICR, again, because AMD (x2AVIC) splits the 64-bit value into the legacy ICR and ICR2 storage, whereas Intel (APICv) stores the entire 64-bit value at the ICR offset - Fix a bug where KVM would fail to exit to userspace if one was triggered by a fastpath exit handler - Add fastpath handling of HLT VM-Exit to expedite re-entering the guest when there's already a pending wake event at the time of the exit - Fix a WARN caused by RSM entering a nested guest from SMM with invalid guest state, by forcing the vCPU out of guest mode prior to signalling SHUTDOWN (the SHUTDOWN hits the VM altogether, not the nested guest) - Overhaul the "unprotect and retry" logic to more precisely identify cases where retrying is actually helpful, and to harden all retry paths against putting the guest into an infinite retry loop - Add support for yielding, e.g. to honor NEED_RESCHED, when zapping rmaps in the shadow MMU - Refactor pieces of the shadow MMU related to aging SPTEs in prepartion for adding multi generation LRU support in KVM - Don't stuff the RSB after VM-Exit when RETPOLINE=y and AutoIBRS is enabled, i.e. when the CPU has already flushed the RSB - Trace the per-CPU host save area as a VMCB pointer to improve readability and cleanup the retrieval of the SEV-ES host save area - Remove unnecessary accounting of temporary nested VMCB related allocations - Set FINAL/PAGE in the page fault error code for EPT violations if and only if the GVA is valid. If the GVA is NOT valid, there is no guest-side page table walk and so stuffing paging related metadata is nonsensical - Fix a bug where KVM would incorrectly synthesize a nested VM-Exit instead of emulating posted interrupt delivery to L2 - Add a lockdep assertion to detect unsafe accesses of vmcs12 structures - Harden eVMCS loading against an impossible NULL pointer deref (really truly should be impossible) - Minor SGX fix and a cleanup - Misc cleanups Generic: - Register KVM's cpuhp and syscore callbacks when enabling virtualization in hardware, as the sole purpose of said callbacks is to disable and re-enable virtualization as needed - Enable virtualization when KVM is loaded, not right before the first VM is created Together with the previous change, this simplifies a lot the logic of the callbacks, because their very existence implies virtualization is enabled - Fix a bug that results in KVM prematurely exiting to userspace for coalesced MMIO/PIO in many cases, clean up the related code, and add a testcase - Fix a bug in kvm_clear_guest() where it would trigger a buffer overflow _if_ the gpa+len crosses a page boundary, which thankfully is guaranteed to not happen in the current code base. Add WARNs in more helpers that read/write guest memory to detect similar bugs Selftests: - Fix a goof that caused some Hyper-V tests to be skipped when run on bare metal, i.e. NOT in a VM - Add a regression test for KVM's handling of SHUTDOWN for an SEV-ES guest - Explicitly include one-off assets in .gitignore. Past Sean was completely wrong about not being able to detect missing .gitignore entries - Verify userspace single-stepping works when KVM happens to handle a VM-Exit in its fastpath - Misc cleanups" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (127 commits) Documentation: KVM: fix warning in "make htmldocs" s390: Enable KVM_S390_UCONTROL config in debug_defconfig selftests: kvm: s390: Add VM run test case KVM: SVM: let alternatives handle the cases when RSB filling is required KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if the GVA is valid KVM: x86/mmu: Use KVM_PAGES_PER_HPAGE() instead of an open coded equivalent KVM: x86/mmu: Add KVM_RMAP_MANY to replace open coded '1' and '1ul' literals KVM: x86/mmu: Fold mmu_spte_age() into kvm_rmap_age_gfn_range() KVM: x86/mmu: Morph kvm_handle_gfn_range() into an aging specific helper KVM: x86/mmu: Honor NEED_RESCHED when zapping rmaps and blocking is allowed KVM: x86/mmu: Add a helper to walk and zap rmaps for a memslot KVM: x86/mmu: Plumb a @can_yield parameter into __walk_slot_rmaps() KVM: x86/mmu: Move walk_slot_rmaps() up near for_each_slot_rmap_range() KVM: x86/mmu: WARN on MMIO cache hit when emulating write-protected gfn KVM: x86/mmu: Detect if unprotect will do anything based on invalid_list KVM: x86/mmu: Subsume kvm_mmu_unprotect_page() into the and_retry() version KVM: x86: Rename reexecute_instruction()=>kvm_unprotect_and_retry_on_failure() KVM: x86: Update retry protection fields when forcing retry on emulation failure KVM: x86: Apply retry protection to "unprotect on failure" path KVM: x86: Check EMULTYPE_WRITE_PF_TO_SP before unprotecting gfn ... commit e08d227840bb9366c6321ae1e480b37ba5eec29b Merge: 6f81a446f86106 2d8721364ce839 Author: Linus Torvalds Date: Sat Sep 28 09:11:46 2024 -0700 Merge tag 's390-6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux Pull more s390 updates from Vasily Gorbik: - Clean up and improve vdso code: use SYM_* macros for function and data annotations, add CFI annotations to fix GDB unwinding, optimize the chacha20 implementation - Add vfio-ap driver feature advertisement for use by libvirt and mdevctl * tag 's390-6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: s390/vfio-ap: Driver feature advertisement s390/vdso: Use one large alternative instead of an alternative branch s390/vdso: Use SYM_DATA_START_LOCAL()/SYM_DATA_END() for data objects tools: Add additional SYM_*() stubs to linkage.h s390/vdso: Use macros for annotation of asm functions s390/vdso: Add CFI annotations to __arch_chacha20_blocks_nostack() s390/vdso: Fix comment within __arch_chacha20_blocks_nostack() s390/vdso: Get rid of permutation constants commit 6f81a446f86106c68630032e114024ec7a557077 Merge: f95c139099f8da b319cea80539df Author: Linus Torvalds Date: Sat Sep 28 09:06:15 2024 -0700 Merge tag 'modules-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux Pull module updates from Luis Chamberlain: "There are a few fixes / cleanups from Vincent, Chunhui, and Petr, but the most important part of this pull request is the Rust community stepping up to help maintain both C / Rust code for future Rust module support. We grow the set of modules maintainers by three now, and with this hope to scale to help address what's needed to properly support future Rust module support. A lot of exciting stuff coming in future kernel releases. This has been on linux-next for ~ 3 weeks now with no issues" * tag 'modules-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux: module: Refine kmemleak scanned areas module: abort module loading when sysfs setup suffer errors MAINTAINERS: scale modules with more reviewers module: Clean up the description of MODULE_SIG_ module: Split modules_install compression and in-kernel decompression commit f95c139099f8dad235191caec9e9268ca717beb9 Merge: 994aeacbb3c039 9cf14f5a2746c1 Author: Linus Torvalds Date: Sat Sep 28 09:00:38 2024 -0700 Merge tag 'fbdev-for-6.12-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev Pull fbdev fixes from Helge Deller: - crash fix in fbcon_putcs - avoid a possible string memory overflow in sisfb - minor code optimizations in omapfb and fbcon * tag 'fbdev-for-6.12-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev: fbdev: sisfb: Fix strbuf array overflow fbcon: break earlier in search_fb_in_map and search_for_mapped_con fbdev: omapfb: Call of_node_put(ep) only once in omapdss_of_find_source_for_first_ep() fbcon: Fix a NULL pointer dereference issue in fbcon_putcs commit 994aeacbb3c039b4f3e02e76e6d39407920e76c6 Merge: 894b3c35d1de9c e7268dd9bb9953 Author: Linus Torvalds Date: Sat Sep 28 08:47:46 2024 -0700 Merge tag 'drm-next-2024-09-28' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes from Dave Airlie: "Regular fixes for the week to end the merge window, i915 and xe have a few each, amdgpu makes up most of it with a bunch of SR-IOV related fixes amongst others. i915: - Fix BMG support to UHBR13.5 - Two PSR fixes - Fix colorimetry detection for DP xe: - Fix macro for checking minimum GuC version - Fix CCS offset calculation for some BMG SKUs - Fix locking on memory usage reporting via fdinfo and BO destroy - Fix GPU page fault handler on a closed VM - Fix overflow in oa batch buffer amdgpu: - MES 12 fix - KFD fence sync fix - SR-IOV fixes - VCN 4.0.6 fix - SDMA 7.x fix - Bump driver version to note cleared VRAM support - SWSMU fix - CU occupancy logic fix - SDMA queue fix" * tag 'drm-next-2024-09-28' of https://gitlab.freedesktop.org/drm/kernel: (79 commits) drm/amd/pm: update workload mask after the setting drm/amdgpu: bump driver version for cleared VRAM drm/amdgpu: fix vbios fetching for SR-IOV drm/amdgpu: fix PTE copy corruption for sdma 7 drm/amdkfd: Add SDMA queue quantum support for GFX12 drm/amdgpu/vcn: enable AV1 on both instances drm/amdkfd: Fix CU occupancy for GFX 9.4.3 drm/amdkfd: Update logic for CU occupancy calculations drm/amdgpu: skip coredump after job timeout in SRIOV drm/amdgpu: sync to KFD fences before clearing PTEs drm/amdgpu/mes12: set enable_level_process_quantum_check drm/i915/dp: Fix colorimetry detection drm/amdgpu/mes12: reduce timeout drm/amdgpu/mes11: reduce timeout drm/amdgpu: use GEM references instead of TTMs v2 drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` drm/amd/display: Fix kdoc entry for 'tps' in 'dc_process_dmub_dpia_set_tps_notification' drm/amdgpu: update golden regs for gfx12 drm/amdgpu: clean up vbios fetching code drm/amd/display: handle nulled pipe context in DCE110's set_drr() ... commit 894b3c35d1de9cfa4f72b21e280d80d278879c20 Merge: 9717d5343849be c08dfb1b49492c Author: Linus Torvalds Date: Sat Sep 28 08:40:36 2024 -0700 Merge tag 'ceph-for-6.12-rc1' of https://github.com/ceph/ceph-client Pull ceph updates from Ilya Dryomov: "Three CephFS fixes from Xiubo and Luis and a bunch of assorted cleanups" * tag 'ceph-for-6.12-rc1' of https://github.com/ceph/ceph-client: ceph: remove the incorrect Fw reference check when dirtying pages ceph: Remove empty definition in header file ceph: Fix typo in the comment ceph: fix a memory leak on cap_auths in MDS client ceph: flush all caps releases when syncing the whole filesystem ceph: rename ceph_flush_cap_releases() to ceph_flush_session_cap_releases() libceph: use min() to simplify code in ceph_dns_resolve_name() ceph: Convert to use jiffies macro ceph: Remove unused declarations commit 9717d5343849beb4ccf96df7bbf347660fd8898d Merge: f04ff5a02b66f9 9e676e571d39eb Author: Linus Torvalds Date: Sat Sep 28 08:35:21 2024 -0700 Merge tag 'v6.12-rc-ksmbd-server-fixes' of git://git.samba.org/ksmbd Pull smb server fixes from Steve French: - fix querying dentry for char/block special files - small cleanup patches * tag 'v6.12-rc-ksmbd-server-fixes' of git://git.samba.org/ksmbd: ksmbd: Correct typos in multiple comments across various files ksmbd: fix open failure from block and char device file ksmbd: remove unsafe_memcpy use in session setup ksmbd: Replace one-element arrays with flexible-array members ksmbd: fix warning: comparison of distinct pointer types lacks a cast commit f04ff5a02b66f99fce7c3293025169e440da8096 Merge: ad46e8f95e931e 220d83b52c7d16 Author: Linus Torvalds Date: Sat Sep 28 08:30:27 2024 -0700 Merge tag '6.12rc-more-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6 Pull xmb client fixes from Steve French: - Noisy log message cleanup - Important netfs fix for cifs crash in generic/074 - Three minor improvements to use of hashing (multichannel and mount improvements) - Fix decryption crash for large read with small esize * tag '6.12rc-more-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6: smb: client: make SHA-512 TFM ephemeral smb: client: make HMAC-MD5 TFM ephemeral smb: client: stop flooding dmesg in smb2_calc_signature() smb: client: allocate crypto only for primary server smb: client: fix UAF in async decryption netfs: Fix write oops in generic/346 (9p) and generic/074 (cifs) commit 3a5895e3ac2bb4b252a4e816575eeec6ac3deeec Author: Kent Overstreet Date: Mon Sep 23 22:32:47 2024 -0400 bcachefs: check_subvol_path() now prints subvol root inode Signed-off-by: Kent Overstreet commit 0b0f0ad93c0833ed3b5457eb308274f340535988 Author: Kent Overstreet Date: Mon Sep 23 22:27:13 2024 -0400 bcachefs: remove_backpointer() now checks if dirent points to inode Signed-off-by: Kent Overstreet commit a6508079b1b6b231d16c438c384d718d3508573c Author: Kent Overstreet Date: Mon Sep 23 22:22:00 2024 -0400 bcachefs: dirent_points_to_inode() now warns on mismatch if an inode backpointer points to a dirent that doesn't point back, that's an error we should warn about. Signed-off-by: Kent Overstreet commit e057a290ef715d2765560778625e1660b7352994 Author: Alan Huang Date: Tue Aug 27 23:14:48 2024 +0800 bcachefs: Fix lost wake up If the reader acquires the read lock and then the writer enters the slow path, while the reader proceeds to the unlock path, the following scenario can occur without the change: writer: pcpu_read_count(lock) return 1 (so __do_six_trylock will return 0) reader: this_cpu_dec(*lock->readers) reader: smp_mb() reader: state = atomic_read(&lock->state) (there is no waiting flag set) writer: six_set_bitmask() then the writer will sleep forever. Signed-off-by: Alan Huang Signed-off-by: Kent Overstreet commit d50d7a5fa4df3190b6b6c6d6551b631fda4a4ed2 Author: Kent Overstreet Date: Thu Sep 26 16:23:30 2024 -0400 bcachefs: Check for logged ops when clean If we shut down successfully, there shouldn't be any logged ops to resume. Signed-off-by: Kent Overstreet commit 1c0ee43b2c9057473e551e2464f24f717accabf6 Author: Kent Overstreet Date: Thu Sep 26 16:19:58 2024 -0400 bcachefs: BCH_FS_clean_recovery Add a filesystem flag to indicate whether we did a clean recovery - using c->sb.clean after we've got rw is incorrect, since c->sb is updated whenever we write the superblock. Signed-off-by: Kent Overstreet commit 9773547b16b1e1b27f002733623cd0e8e6d0f69c Author: Kent Overstreet Date: Fri Sep 27 21:05:59 2024 -0400 bcachefs: Convert disk accounting BUG_ON() to WARN_ON() We had a bug where disk accounting keys didn't always have their version field set in journal replay; change the BUG_ON() to a WARN(), and exclude this case since it's now checked for elsewhere (in the bkey validate function). Signed-off-by: Kent Overstreet commit a3581ca35d2b7e854e071dec2df7de7152aaa5c3 Author: Kent Overstreet Date: Thu Sep 26 15:59:29 2024 -0400 bcachefs: Fix BCH_TRANS_COMMIT_skip_accounting_apply This was added to avoid double-counting accounting keys in journal replay. But applied incorrectly (easily done since it applies to the transaction commit, not a particular update), it leads to skipping in-mem accounting for real accounting updates, and failure to give them a version number - which leads to journal replay becoming very confused the next time around. Signed-off-by: Kent Overstreet commit f8911ad88de3acea7a67451f59649bb54da0741b Author: Kent Overstreet Date: Thu Sep 26 15:58:02 2024 -0400 bcachefs: Check for accounting keys with bversion=0 Signed-off-by: Kent Overstreet commit cf49f8a8c277f9f2b78e2a56189a741a508a9820 Author: Kent Overstreet Date: Thu Sep 26 15:49:17 2024 -0400 bcachefs: rename version -> bversion give bversions a more distinct name, to aid in grepping Signed-off-by: Kent Overstreet commit fd65378db9998a6deafdc4910ee1b01b377d6fee Author: Kent Overstreet Date: Thu Sep 26 15:19:17 2024 -0400 bcachefs: Don't delete unlinked inodes before logged op resume Previously, check_inode() would delete unlinked inodes if they weren't on the deleted list - this code dating from before there was a deleted list. But, if we crash during a logged op (truncate or finsert/fcollapse) of an unlinked file, logged op resume will get confused if the inode has already been deleted - instead, just add it to the deleted list if it needs to be there; delete_dead_inodes runs after logged op resume. Signed-off-by: Kent Overstreet commit 8d65b15f8d93638cfa9dae20a4274d5059c3b9d2 Author: Kent Overstreet Date: Thu Sep 26 15:30:17 2024 -0400 bcachefs: Fix BCH_SB_ERRS() so we can reorder BCH_SB_ERRS() has a field for the actual enum val so that we can reorder to reorganize, but the way BCH_SB_ERR_MAX was defined didn't allow for this. Signed-off-by: Kent Overstreet commit 5612daafb76420c6793dc48ce6d0c20f36cc7981 Author: Kent Overstreet Date: Thu Sep 26 16:51:19 2024 -0400 bcachefs: Fix fsck warnings from bkey validation __bch2_fsck_err() warns if the current task has a btree_trans object and it wasn't passed in, because if it has to prompt for user input it has to be able to unlock it. But plumbing the btree_trans through bkey_validate(), as well as transaction restarts, is problematic - so instead make bkey fsck errors FSCK_AUTOFIX, which doesn't need to warn. Signed-off-by: Kent Overstreet commit 7c980a43e936e32741a62bf5a047c5f5ad572ec8 Author: Kent Overstreet Date: Thu Sep 26 16:50:29 2024 -0400 bcachefs: Move transaction commit path validation to as late as possible In order to check for accounting keys with version=0, we need to run validation after they've been assigned version numbers. Signed-off-by: Kent Overstreet commit 431312b59cf54f9cc99352d0c3d80ed30e9b7df5 Author: Kent Overstreet Date: Wed Sep 25 18:17:52 2024 -0400 bcachefs: Fix disk accounting attempting to mark invalid replicas entry This fixes the following bug, where a disk accounting key has an invalid replicas entry, and we attempt to add it to the superblock: bcachefs (3c0860e8-07ca-4276-8954-11c1774be868): starting version 1.12: rebalance_work_acct_fix opts=metadata_replicas=2,data_replicas=2,foreground_target=ssd,background_target=hdd,nopromote_whole_extents,verbose,fsck,fix_errors=yes bcachefs (3c0860e8-07ca-4276-8954-11c1774be868): recovering from clean shutdown, journal seq 15211644 bcachefs (3c0860e8-07ca-4276-8954-11c1774be868): accounting_read... accounting not marked in superblock replicas replicas cached: 1/1 [0], fixing bcachefs (3c0860e8-07ca-4276-8954-11c1774be868): sb invalid before write: Invalid superblock section replicas_v0: invalid device 0 in entry cached: 1/1 [0] replicas_v0 (size 88): user: 2 [3 5] user: 2 [1 4] cached: 1 [2] btree: 2 [1 2] user: 2 [2 5] cached: 1 [0] cached: 1 [4] journal: 2 [1 5] user: 2 [1 2] user: 2 [2 3] user: 2 [3 4] user: 2 [4 5] cached: 1 [1] cached: 1 [3] cached: 1 [5] journal: 2 [1 2] journal: 2 [2 5] btree: 2 [2 5] user: 2 [1 3] user: 2 [1 5] user: 2 [2 4] bcachefs (3c0860e8-07ca-4276-8954-11c1774be868): inconsistency detected - emergency read only at journal seq 15211644 accounting not marked in superblock replicas replicas user: 1/1 [3], fixing bcachefs (3c0860e8-07ca-4276-8954-11c1774be868): sb invalid before write: Invalid superblock section replicas_v0: invalid device 0 in entry cached: 1/1 [0] replicas_v0 (size 96): user: 2 [3 5] user: 2 [1 3] cached: 1 [2] btree: 2 [1 2] user: 2 [2 4] cached: 1 [0] cached: 1 [4] journal: 2 [1 5] user: 1 [3] user: 2 [1 5] user: 2 [3 4] user: 2 [4 5] cached: 1 [1] cached: 1 [3] cached: 1 [5] journal: 2 [1 2] journal: 2 [2 5] btree: 2 [2 5] user: 2 [1 2] user: 2 [1 4] user: 2 [2 3] user: 2 [2 5] accounting not marked in superblock replicas replicas user: 1/2 [3 7], fixing bcachefs (3c0860e8-07ca-4276-8954-11c1774be868): sb invalid before write: Invalid superblock section replicas_v0: invalid device 7 in entry user: 1/2 [3 7] replicas_v0 (size 96): user: 2 [3 7] user: 2 [1 3] cached: 1 [2] btree: 2 [1 2] user: 2 [2 4] cached: 1 [0] cached: 1 [4] journal: 2 [1 5] user: 1 [3] user: 2 [1 5] user: 2 [3 4] user: 2 [4 5] cached: 1 [1] cached: 1 [3] cached: 1 [5] journal: 2 [1 2] journal: 2 [2 5] btree: 2 [2 5] user: 2 [1 2] user: 2 [1 4] user: 2 [2 3] user: 2 [2 5] user: 2 [3 5] done bcachefs (3c0860e8-07ca-4276-8954-11c1774be868): alloc_read... done bcachefs (3c0860e8-07ca-4276-8954-11c1774be868): stripes_read... done bcachefs (3c0860e8-07ca-4276-8954-11c1774be868): snapshots_read... done Signed-off-by: Kent Overstreet commit 49fd90b2cc332b8607a616d99d4bb792f18208b9 Author: Kent Overstreet Date: Wed Sep 25 18:17:31 2024 -0400 bcachefs: Fix unlocked access to c->disk_sb.sb in bch2_replicas_entry_validate() Signed-off-by: Kent Overstreet commit 9104fc1928704ee5708ec7f43ab8dfbdc66e2ce8 Author: Kent Overstreet Date: Wed Sep 25 16:46:06 2024 -0400 bcachefs: Fix accounting read + device removal accounting read was checking if accounting replicas entries were marked in the superblock prior to applying accounting from the journal, which meant that a recently removed device could spuriously trigger a "not marked in superblocked" error (when journal entries zero out the offending counter). Signed-off-by: Kent Overstreet commit 1e0272ef4774eed8314e8d10a8856c979deeaf35 Author: Kent Overstreet Date: Tue Sep 24 22:53:56 2024 -0400 bcachefs: bch_accounting_mode Minor refactoring - replace multiple bool arguments with an enum; prep work for fixing a bug in accounting read. Signed-off-by: Kent Overstreet commit 3672bda8f5edd8ed23c745965500ceb53286d48d Author: Kent Overstreet Date: Mon Sep 23 22:32:58 2024 -0400 bcachefs: fix transaction restart handling in check_extents(), check_dirents() Dealing with outside state within a btree transaction is always tricky. check_extents() and check_dirents() have to accumulate counters for i_sectors and i_nlink (for subdirectories). There were two bugs: - transaction commit may return a restart; therefore we have to commit before accumulating to those counters - get_inode_all_snapshots() may return a transaction restart, before updating w->last_pos; then, on the restart, check_i_sectors()/check_subdir_count() would see inodes that were not for w->last_pos Signed-off-by: Kent Overstreet commit 22a507d68eb8dc9d05b7e91e9a7c9b2566d48c81 Author: Kent Overstreet Date: Mon Sep 23 22:29:05 2024 -0400 bcachefs: kill inode_walker_entry.seen_this_pos dead code Signed-off-by: Kent Overstreet commit b29c30ab48e0395a22ecf0b94443d16a8f493fb6 Author: Kent Overstreet Date: Tue Sep 24 19:31:22 2024 -0400 bcachefs: Fix incorrect IS_ERR_OR_NULL usage Returning a positive integer instead of an error code causes error paths to become very confused. Closes: syzbot+c0360e8367d6d8d04a66@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet commit dc5bfdf8eaed76cf527c9477952c535f75e0e499 Author: Hongbo Li Date: Tue Sep 24 09:41:46 2024 +0800 bcachefs: fix the memory leak in exception case The pointer clean points the memory allocated by kmemdup, when the return value of bch2_sb_clean_validate_late is not zero. The memory pointed by clean is leaked. So we should free it in this case. Fixes: a37ad1a3aba9 ("bcachefs: sb-clean.c") Signed-off-by: Hongbo Li Signed-off-by: Kent Overstreet commit 3125c95ea69141c4cbbde854674c90531034ec47 Author: Hongbo Li Date: Tue Sep 24 09:42:24 2024 +0800 bcachefs: fast exit when darray_make_room failed In downgrade_table_extra, the return value is needed. When it return failed, we should exit immediately. Fixes: 7773df19c35f ("bcachefs: metadata version bucket_stripe_sectors") Signed-off-by: Hongbo Li Signed-off-by: Kent Overstreet commit 951dd86e7c59a6490d8b6d056d8afd5f0cd49293 Author: Kent Overstreet Date: Mon Sep 23 22:05:14 2024 -0400 bcachefs: Fix iterator leak in check_subvol() A couple small error handling fixes Signed-off-by: Kent Overstreet commit 2a1df873463a28fe5a053d6245290f9a907a5a17 Author: Kent Overstreet Date: Mon Sep 23 22:06:04 2024 -0400 bcachefs: Add snapshot to bch_inode_unpacked this allows for various cleanups in fsck Signed-off-by: Kent Overstreet commit 40d40c6bea19ff1e40fb3d33b35b354a5b35025f Author: Diogo Jahchan Koike Date: Mon Sep 23 19:22:14 2024 -0300 bcachefs: assign return error when iterating through layout syzbot reported a null ptr deref in __copy_user [0] In __bch2_read_super, when a corrupt backup superblock matches the default opts offset, no error is assigned to ret and the freed superblock gets through, possibly being assigned as the best sb in bch2_fs_open and being later dereferenced, causing a fault. Assign EINVALID to ret when iterating through layout. [0]: https://syzkaller.appspot.com/bug?extid=18a5c5e8a9c856944876 Reported-by: syzbot+18a5c5e8a9c856944876@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=18a5c5e8a9c856944876 Signed-off-by: Diogo Jahchan Koike Signed-off-by: Kent Overstreet commit c6040447c56496f4929db2d73ee445d898dd8a98 Author: Kent Overstreet Date: Mon Sep 23 18:42:39 2024 -0400 bcachefs: Fix srcu warning in check_topology check_topology doesn't need the srcu lock and doesn't use normal btree transactions - we can just drop the srcu lock. Signed-off-by: Kent Overstreet commit 18c520f408fa8f4b7379a108b1676052e82677aa Author: Kent Overstreet Date: Mon Sep 23 18:41:46 2024 -0400 bcachefs: Fix error path in check_dirent_inode_dirent() fsck_err() jumps to the fsck_err label when bailing out; need to make sure bp_iter was initialized... Signed-off-by: Kent Overstreet commit 0696a18a8cc3f0941efe64008a997dc4701f9587 Author: Piotr Zalewski Date: Sun Sep 22 15:18:01 2024 +0000 bcachefs: memset bounce buffer portion to 0 after key_sort_fix_overlapping Zero-initialize part of allocated bounce buffer which wasn't touched by subsequent bch2_key_sort_fix_overlapping to mitigate later uinit-value use KMSAN bug[1]. After applying the patch reproducer still triggers stack overflow[2] but it seems unrelated to the uninit-value use warning. After further investigation it was found that stack overflow occurs because KMSAN adds too many function calls[3]. Backtrace of where the stack magic number gets smashed was added as a reply to syzkaller thread[3]. It was confirmed that task's stack magic number gets smashed after the code path where KSMAN detects uninit-value use is executed, so it can be assumed that it doesn't contribute in any way to uninit-value use detection. [1] https://syzkaller.appspot.com/bug?extid=6f655a60d3244d0c6718 [2] https://lore.kernel.org/lkml/66e57e46.050a0220.115905.0002.GAE@google.com [3] https://lore.kernel.org/all/rVaWgPULej8K7HqMPNIu8kVNyXNjjCiTB-QBtItLFBmk0alH6fV2tk4joVPk97Evnuv4ZRDd8HB5uDCkiFG6u81xKdzDj-KrtIMJSlF6Kt8=@proton.me Reported-by: syzbot+6f655a60d3244d0c6718@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=6f655a60d3244d0c6718 Fixes: ec4edd7b9d20 ("bcachefs: Prep work for variable size btree node buffers") Suggested-by: Kent Overstreet Signed-off-by: Piotr Zalewski Signed-off-by: Kent Overstreet commit 51b7cc7c0f964fed976399a3ab876ae4a308fb1b Author: Kent Overstreet Date: Mon Sep 23 17:33:02 2024 -0400 bcachefs: Improve bch2_is_inode_open() warning message Signed-off-by: Kent Overstreet commit 4a8f8fafbd6ba6f3433c986b00195e0a8dee96bf Author: Kent Overstreet Date: Mon Sep 23 17:30:59 2024 -0400 bcachefs: Add extra padding in bkey_make_mut_noupdate() This fixes a kasan splat in propagate_key_to_snapshot_leaves() - varint_decode_fast() does reads (that it never uses) up to 7 bytes past the end of the integer. Signed-off-by: Kent Overstreet commit f890c8513f45e06c96ac225db3cdfa34e3be5f45 Author: Kent Overstreet Date: Mon Sep 23 16:40:47 2024 -0400 bcachefs: Mark inode errors as autofix Most or all errors will be autofix in the future, we're currently just doing the ones that we know are well tested. Signed-off-by: Kent Overstreet commit e7268dd9bb9953a9eb0df9948abf5195bf474538 Merge: 22512c3ee0f47f d7d2688bf4ea58 Author: Dave Airlie Date: Sat Sep 28 08:42:46 2024 +1000 Merge tag 'amd-drm-fixes-6.12-2024-09-27' of https://gitlab.freedesktop.org/agd5f/linux into drm-next amd-drm-fixes-6.12-2024-09-27: amdgpu: - MES 12 fix - KFD fence sync fix - SR-IOV fixes - VCN 4.0.6 fix - SDMA 7.x fix - Bump driver version to note cleared VRAM support - SWSMU fix amdgpu: - CU occupancy logic fix - SDMA queue fix Signed-off-by: Dave Airlie From: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20240927202819.2978109-1-alexander.deucher@amd.com commit 9cf14f5a2746c19455ce9cb44341b5527b5e19c3 Author: Andrey Shumilin Date: Fri Sep 27 22:34:24 2024 +0300 fbdev: sisfb: Fix strbuf array overflow The values of the variables xres and yres are placed in strbuf. These variables are obtained from strbuf1. The strbuf1 array contains digit characters and a space if the array contains non-digit characters. Then, when executing sprintf(strbuf, "%ux%ux8", xres, yres); more than 16 bytes will be written to strbuf. It is suggested to increase the size of the strbuf array to 24. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Andrey Shumilin Signed-off-by: Helge Deller commit ad46e8f95e931e113cb98253daf6d443ac244cde Merge: 12cc5240f41a90 4c411cca33cf1c Author: Linus Torvalds Date: Fri Sep 27 13:30:07 2024 -0700 Merge tag 'pm-6.12-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull power management fix from Rafael Wysocki: "Fix idle states enumeration in the intel_idle driver on platforms supporting multiple flavors of the C6 idle state (Artem Bityutskiy)" * tag 'pm-6.12-rc1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: intel_idle: fix ACPI _CST matching for newer Xeon platforms commit 95b873693a0841e02b812e693296a884362fdd51 Author: Zhang Qiao Date: Thu Sep 26 18:39:49 2024 +0800 sched_ext: Remove redundant p->nr_cpus_allowed checker select_rq_task() already checked that 'p->nr_cpus_allowed > 1', 'p->nr_cpus_allowed == 1' checker in scx_select_cpu_dfl() is redundant. Signed-off-by: Zhang Qiao Signed-off-by: Tejun Heo commit efe231d9debf6db812bebb262407c95b21cdb8a2 Author: Tejun Heo Date: Fri Sep 27 10:02:40 2024 -1000 sched_ext: Decouple locks in scx_ops_enable() The enable path uses three big locks - scx_fork_rwsem, scx_cgroup_rwsem and cpus_read_lock. Currently, the locks are grabbed together which is prone to locking order problems. For example, currently, there is a possible deadlock involving scx_fork_rwsem and cpus_read_lock. cpus_read_lock has to nest inside scx_fork_rwsem due to locking order existing in other subsystems. However, there exists a dependency in the other direction during hotplug if hotplug needs to fork a new task, which happens in some cases. This leads to the following deadlock: scx_ops_enable() hotplug percpu_down_write(&cpu_hotplug_lock) percpu_down_write(&scx_fork_rwsem) block on cpu_hotplug_lock kthread_create() waits for kthreadd kthreadd blocks on scx_fork_rwsem Note that this doesn't trigger lockdep because the hotplug side dependency bounces through kthreadd. With the preceding scx_cgroup_enabled change, this can be solved by decoupling cpus_read_lock, which is needed for static_key manipulations, from the other two locks. - Move the first block of static_key manipulations outside of scx_fork_rwsem and scx_cgroup_rwsem. This is now safe with the preceding scx_cgroup_enabled change. - Drop scx_cgroup_rwsem and scx_fork_rwsem between the two task iteration blocks so that __scx_ops_enabled static_key enabling is outside the two rwsems. Signed-off-by: Tejun Heo Reported-and-tested-by: Aboorva Devarajan Link: http://lkml.kernel.org/r/8cd0ec0c4c7c1bc0119e61fbef0bee9d5e24022d.camel@linux.ibm.com commit 160216568cddc9d6e7f36133ba41d25459d90de4 Author: Tejun Heo Date: Fri Sep 27 10:02:40 2024 -1000 sched_ext: Decouple locks in scx_ops_disable_workfn() The disable path uses three big locks - scx_fork_rwsem, scx_cgroup_rwsem and cpus_read_lock. Currently, the locks are grabbed together which is prone to locking order problems. With the preceding scx_cgroup_enabled change, we can decouple them: - As cgroup disabling no longer requires modifying a static_key which requires cpus_read_lock(), no need to grab cpus_read_lock() before grabbing scx_cgroup_rwsem. - cgroup can now be independently disabled before tasks are moved back to the fair class. Relocate scx_cgroup_exit() invocation before scx_fork_rwsem is grabbed, drop now unnecessary cpus_read_lock() and move static_key operations out of scx_fork_rwsem. This decouples all three locks in the disable path. Signed-off-by: Tejun Heo Reported-and-tested-by: Aboorva Devarajan Link: http://lkml.kernel.org/r/8cd0ec0c4c7c1bc0119e61fbef0bee9d5e24022d.camel@linux.ibm.com commit 568894edbe48f0878f787ed533dc9dbfd09c0fbe Author: Tejun Heo Date: Fri Sep 27 10:02:40 2024 -1000 sched_ext: Add scx_cgroup_enabled to gate cgroup operations and fix scx_tg_online() If the BPF scheduler does not implement ops.cgroup_init(), scx_tg_online() didn't set SCX_TG_INITED which meant that ops.cgroup_exit(), even if implemented, won't be called from scx_tg_offline(). This is because SCX_HAS_OP(cgroupt_init) is used to test both whether SCX cgroup operations are enabled and ops.cgroup_init() exists. Fix it by introducing a separate bool scx_cgroup_enabled to gate cgroup operations and use SCX_HAS_OP(cgroup_init) only to test whether ops.cgroup_init() exists. Make all cgroup operations consistently use scx_cgroup_enabled to test whether cgroup operations are enabled. scx_cgroup_enabled is added instead of using scx_enabled() to ease planned locking updates. Signed-off-by: Tejun Heo commit 4269c603cc26df154e0db303a9347e6ec3cc805e Author: Tejun Heo Date: Fri Sep 27 10:02:40 2024 -1000 sched_ext: Enable scx_ops_init_task() separately scx_ops_init_task() and the follow-up scx_ops_enable_task() in the fork path were gated by scx_enabled() test and thus __scx_ops_enabled had to be turned on before the first scx_ops_init_task() loop in scx_ops_enable(). However, if an external entity causes sched_class switch before the loop is complete, tasks which are not initialized could be switched to SCX. The following can be reproduced by running a program which keeps toggling a process between SCHED_OTHER and SCHED_EXT using sched_setscheduler(2). sched_ext: Invalid task state transition 0 -> 3 for fish[1623] WARNING: CPU: 1 PID: 1650 at kernel/sched/ext.c:3392 scx_ops_enable_task+0x1a1/0x200 ... Sched_ext: simple (enabling) RIP: 0010:scx_ops_enable_task+0x1a1/0x200 ... switching_to_scx+0x13/0xa0 __sched_setscheduler+0x850/0xa50 do_sched_setscheduler+0x104/0x1c0 __x64_sys_sched_setscheduler+0x18/0x30 do_syscall_64+0x7b/0x140 entry_SYSCALL_64_after_hwframe+0x76/0x7e Fix it by gating scx_ops_init_task() separately using scx_ops_init_task_enabled. __scx_ops_enabled is now set after all tasks are finished with scx_ops_init_task(). Signed-off-by: Tejun Heo commit 9753358a6a2b011478e8efdabbb489216252426f Author: Tejun Heo Date: Fri Sep 27 10:02:40 2024 -1000 sched_ext: Fix SCX_TASK_INIT -> SCX_TASK_READY transitions in scx_ops_enable() scx_ops_enable() has two task iteration loops. The first one calls scx_ops_init_task() on every task and the latter switches the eligible ones into SCX. The first loop left the tasks in SCX_TASK_INIT state and then the second loop switched it into READY before switching the task into SCX. The distinction between INIT and READY is only meaningful in the fork path where it's used to tell whether the task finished forking so that we can tell ops.exit_task() accordingly. Leaving task in INIT state between the two loops is incosistent with the fork path and incorrect. The following can be triggered by running a program which keeps toggling a task between SCHED_OTHER and SCHED_SCX while enabling a task: sched_ext: Invalid task state transition 1 -> 3 for fish[1526] WARNING: CPU: 2 PID: 1615 at kernel/sched/ext.c:3393 scx_ops_enable_task+0x1a1/0x200 ... Sched_ext: qmap (enabling+all) RIP: 0010:scx_ops_enable_task+0x1a1/0x200 ... switching_to_scx+0x13/0xa0 __sched_setscheduler+0x850/0xa50 do_sched_setscheduler+0x104/0x1c0 __x64_sys_sched_setscheduler+0x18/0x30 do_syscall_64+0x7b/0x140 entry_SYSCALL_64_after_hwframe+0x76/0x7e Fix it by transitioning to READY in the first loop right after scx_ops_init_task() succeeds. Signed-off-by: Tejun Heo Cc: David Vernet commit 8c2090c504e998c8f34ec870bae71dafcc96a6e0 Author: Tejun Heo Date: Fri Sep 27 10:02:40 2024 -1000 sched_ext: Initialize in bypass mode scx_ops_enable() used preempt_disable() around the task iteration loop to switch tasks into SCX to guarantee forward progress of the task which is running scx_ops_enable(). However, in the gap between setting __scx_ops_enabled and preeempt_disable(), an external entity can put tasks including the enabling one into SCX prematurely, which can lead to malfunctions including stalls. The bypass mode can wrap the entire enabling operation and guarantee forward progress no matter what the BPF scheduler does. Use the bypass mode instead to guarantee forward progress while enabling. While at it, release and regrab scx_tasks_lock between the two task iteration locks in scx_ops_enable() for clarity as there is no reason to keep holding the lock between them. Signed-off-by: Tejun Heo commit fc1fcebead344360979ea9407029f9c8a99d718f Author: Tejun Heo Date: Fri Sep 27 10:02:39 2024 -1000 sched_ext: Remove SCX_OPS_PREPPING The distinction between SCX_OPS_PREPPING and SCX_OPS_ENABLING is not used anywhere and only adds confusion. Drop SCX_OPS_PREPPING. Signed-off-by: Tejun Heo commit 1bbcfe620e03aafc542b1c649dea0a9499a4490f Author: Tejun Heo Date: Fri Sep 27 10:02:39 2024 -1000 sched_ext: Relocate check_hotplug_seq() call in scx_ops_enable() check_hotplug_seq() is used to detect CPU hotplug event which occurred while the BPF scheduler is being loaded so that initialization can be retried if CPU hotplug events take place before the CPU hotplug callbacks are online. As such, the best place to call it is in the same cpu_read_lock() section that enables the CPU hotplug ops. Currently, it is called in the next cpus_read_lock() block in scx_ops_enable(). The side effect of this placement is a small window in which hotplug sequence detection can trigger unnecessarily, which isn't critical. Move check_hotplug_seq() invocation to the same cpus_read_lock() block as the hotplug operation enablement to close the window and get the invocation out of the way for planned locking updates. Signed-off-by: Tejun Heo Cc: David Vernet commit 12cc5240f41a90b7fabc075c92c04846670c6932 Merge: 0c33037c825e47 381d2f95c8aa57 Author: Linus Torvalds Date: Fri Sep 27 12:48:48 2024 -0700 Merge tag 'uml-for-linus-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/uml/linux Pull UML updates from Richard Weinberger: - Removal of dead code (TT mode leftovers, etc) - Fixes for the network vector driver - Fixes for time-travel mode * tag 'uml-for-linus-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/uml/linux: um: fix time-travel syscall scheduling hack um: Remove outdated asm/sysrq.h header um: Remove the declaration of user_thread function um: Remove the call to SUBARCH_EXECVE1 macro um: Remove unused mm_fd field from mm_id um: Remove unused fields from thread_struct um: Remove the redundant newpage check in update_pte_range um: Remove unused kpte_clear_flush macro um: Remove obsoleted declaration for execute_syscall_skas user_mode_linux_howto_v2: add VDE vector support in doc vector_user: add VDE support um: remove ARCH_NO_PREEMPT_DYNAMIC um: vector: Fix NAPI budget handling um: vector: Replace locks guarding queue depth with atomics um: remove variable stack array in os_rcv_fd_msg() commit 0c33037c825e47f64f426999db7192604e6d3188 Author: Amir Goldstein Date: Fri Sep 27 13:54:23 2024 +0200 ovl: fix file leak in ovl_real_fdget_meta() ovl_open_realfile() is wrongly called twice after conversion to new struct fd. Fixes: 88a2f6468d01 ("struct fd: representation change") Reported-by: syzbot+d9efec94dcbfa0de1c07@syzkaller.appspotmail.com Signed-off-by: Amir Goldstein Signed-off-by: Linus Torvalds commit 34e1a5d43c5deec563b94f3330b690dde9d1de53 Merge: 9c44575c78dbcd 9805f39d423a30 Author: Linus Torvalds Date: Fri Sep 27 12:32:06 2024 -0700 Merge tag 'random-6.12-rc1-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/crng/random Pull more random number generator updates from Jason Donenfeld: - Christophe realized that the LoongArch64 instructions could be scheduled more similar to how GCC generates code, which Ruoyao implemented, for a 5% speedup from basically some rearrangements - An update to MAINTAINERS to match the right files * tag 'random-6.12-rc1-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/crng/random: LoongArch: vDSO: Tune chacha implementation MAINTAINERS: make vDSO getrandom matches more generic commit 9c44575c78dbcdf89bd9f9bc3869ce8ab5cc1272 Merge: ba33a49fcd42a9 d7bcc37436c7d3 Author: Linus Torvalds Date: Fri Sep 27 12:10:45 2024 -0700 Merge tag 'bitmap-for-6.12' of https://github.com/norov/linux Pull bitmap updates from Yury Norov: - switch all bitmamp APIs from inline to __always_inline (Brian Norris) The __always_inline series improves on code generation, and now with the latest compiler versions is required to avoid compilation warnings. It spent enough in my backlog, and I'm thankful to Brian Norris for taking over and moving it forward. - introduce GENMASK_U128() macro (Anshuman Khandual) GENMASK_U128() is a prerequisite needed for arm64 development * tag 'bitmap-for-6.12' of https://github.com/norov/linux: lib/test_bits.c: Add tests for GENMASK_U128() uapi: Define GENMASK_U128 nodemask: Switch from inline to __always_inline cpumask: Switch from inline to __always_inline bitmap: Switch from inline to __always_inline find: Switch from inline to __always_inline commit ba33a49fcd42a94d405221cd0677388db1b69ed2 Merge: 033af36def3e86 ada1986d07976d Author: Linus Torvalds Date: Fri Sep 27 12:03:48 2024 -0700 Merge tag 'tomoyo-pr-20240927' of git://git.code.sf.net/p/tomoyo/tomoyo Pull tomoyo updates from Tetsuo Handa: "One bugfix patch, one preparation patch, and one conversion patch. TOMOYO is useful as an analysis tool for learning how a Linux system works. My boss was hoping that SELinux's policy is generated from what TOMOYO has observed. A translated paper describing it is available at https://master.dl.sourceforge.net/project/tomoyo/docs/nsf2003-en.pdf/nsf2003-en.pdf?viasf=1 Although that attempt failed due to mapping problem between inode and pathname, TOMOYO remains as an access restriction tool due to ability to write custom policy by individuals. I was delivering pure LKM version of TOMOYO (named AKARI) to users who cannot afford rebuilding their distro kernels with TOMOYO enabled. But since the LSM framework was converted to static calls, it became more difficult to deliver AKARI to such users. Therefore, I decided to update TOMOYO so that people can use mostly LKM version of TOMOYO with minimal burden for both distributors and users" * tag 'tomoyo-pr-20240927' of git://git.code.sf.net/p/tomoyo/tomoyo: tomoyo: fallback to realpath if symlink's pathname does not exist tomoyo: allow building as a loadable LSM module tomoyo: preparation step for building as a loadable LSM module commit 033af36def3e8676b344f4b4817b5ad81ed22aa7 Merge: eee280841e1c81 2c70677dabb5e3 Author: Linus Torvalds Date: Fri Sep 27 11:42:03 2024 -0700 Merge tag 'cxl-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/cxl/cxl Pull compute express link (cxl) updates from Dave Jiang: "Major changes address HDM decoder initialization from DVSEC ranges, refactoring the code related to cxl mailboxes to be independent of the memory devices, and adding support for shared upstream link access_coordinate calculation, as well as a change to remove locking from memory notifier callback. In addition, a number of misc cleanups and refactoring of the code are also included. Address HDM decoder initialization from DVSEC ranges: - Only register non-zero DVSEC ranges - Remove duplicate implementation of waiting for memory_info_valid - Simplify the checking of mem_enabled in cxl_hdm_decode_init() Refactor the code related to cxl mailboxes to be independent of the memory devices: - Move cxl headers in include/linux/ to include/cxl - Move all mailbox related data to 'struct cxl_mailbox' - Refactor mailbox APIs with 'struct cxl_mailbox' as input instead of memory device state Add support for shared upstream link access_coordinate calculation for configurations that have multiple targets under a switch or a root port where the aggregated bandwidth can be greater than the upstream link of the switch/RP upstream link: - Preserve the CDAT access_coordinate from an endpoint - Add the support for shared upstream link access_coordinate calculation - Add documentation to explain how the calculations are done Remove locking from memory notifier callback. Misc cleanups: - Convert devm_cxl_add_root() to return using ERR_CAST() - cxl_test use dev_is_platform() instead of open coding - Remove duplicate include of header core.h in core/cdat.c - use scoped resource management to drop put_device() for cxl_port - Use scoped_guard to drop device_lock() for cxl_port - Refactor __devm_cxl_add_port() to drop gotos - Rename cxl_setup_parent_dport to cxl_dport_init_aer and cxl_dport_map_regs() to cxl_dport_map_ras() - Refactor cxl_dport_init_aer() to be more concise - Remove duplicate host_bridge->native_aer checking in cxl_dport_init_ras_reporting() - Fix comment for cxl_query_cmd()" * tag 'cxl-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/cxl/cxl: (21 commits) cxl: Add documentation to explain the shared link bandwidth calculation cxl: Calculate region bandwidth of targets with shared upstream link cxl: Preserve the CDAT access_coordinate for an endpoint cxl: Fix comment regarding cxl_query_cmd() return data cxl: Convert cxl_internal_send_cmd() to use 'struct cxl_mailbox' as input cxl: Move mailbox related bits to the same context cxl: move cxl headers to new include/cxl/ directory cxl/region: Remove lock from memory notifier callback cxl/pci: simplify the check of mem_enabled in cxl_hdm_decode_init() cxl/pci: Check Mem_info_valid bit for each applicable DVSEC cxl/pci: Remove duplicated implementation of waiting for memory_info_valid cxl/pci: Fix to record only non-zero ranges cxl/pci: Remove duplicate host_bridge->native_aer checking cxl/pci: cxl_dport_map_rch_aer() cleanup cxl/pci: Rename cxl_setup_parent_dport() and cxl_dport_map_regs() cxl/port: Refactor __devm_cxl_add_port() to drop goto pattern cxl/port: Use scoped_guard()/guard() to drop device_lock() for cxl_port cxl/port: Use __free() to drop put_device() for cxl_port cxl: Remove duplicate included header file core.h tools/testing/cxl: Use dev_is_platform() ... commit 424aafb61a0b98d7d242f447fdb84bb8b323e8a8 Author: Ian Rogers Date: Thu Sep 12 11:27:57 2024 -0700 perf vdso: Missed put on 32-bit dsos If the dso type doesn't match then NULL is returned but the dso should be put first. Fixes: f649ed80f3cabbf1 ("perf dsos: Tidy reference counting and locking") Signed-off-by: Ian Rogers Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240912182757.762369-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 52c996d3f40b40f87ef9dc80596903309682acc3 Merge: 5363c306787c88 eee280841e1c81 Author: Arnaldo Carvalho de Melo Date: Fri Sep 27 15:36:52 2024 -0300 Merge remote-tracking branch 'torvalds/master' into perf-tools To pick up changes in other trees that may affect perf, such as libbpf and in general the header files that perf has copies of, so that we can do the sync with the kernel sources. Signed-off-by: Arnaldo Carvalho de Melo commit 4b721fcc094e9eb6dd4702df8d79ab11e120833d Author: Jason A. Donenfeld Date: Tue Sep 24 13:47:23 2024 +0200 selftests: vDSO: align stack for O2-optimized memcpy When switching on -O2, gcc generates SSE2 instructions that assume a 16-byte aligned stack, which the standalone test's start point wasn't aligning. Fix this with the usual alignment sequence. Fixes: ecb8bd70d51 ("selftests: vDSO: build tests with O2 optimization") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202409241558.98e13f6f-oliver.sang@intel.com Signed-off-by: Jason A. Donenfeld Signed-off-by: Shuah Khan commit acd5f76fd5292c91628e04da83e8b78c986cfa2b Author: Benjamin Tissoires Date: Fri Sep 27 16:17:41 2024 +0200 HID: bpf: fix cfi stubs for hid_bpf_ops With the introduction of commit e42ac1418055 ("bpf: Check unsupported ops from the bpf_struct_ops's cfi_stubs"), a HID-BPF struct_ops containing a .hid_hw_request() or a .hid_hw_output_report() was failing to load as the cfi stubs were not defined. Fix that by defining those simple static functions and restore HID-BPF functionality. This was detected with the HID selftests suddenly failing on Linus' tree. Cc: stable@vger.kernel.org # v6.11+ Fixes: 9286675a2aed ("HID: bpf: add HID-BPF hooks for hid_hw_output_report") Fixes: 8bd0488b5ea5 ("HID: bpf: add HID-BPF hooks for hid_hw_raw_requests") Signed-off-by: Benjamin Tissoires Signed-off-by: Jiri Kosina commit eee280841e1c8188fe9af5536c193d07d184e874 Merge: 3630400697a3d3 2af148ef8549a1 Author: Linus Torvalds Date: Fri Sep 27 10:27:22 2024 -0700 Merge tag 'mm-hotfixes-stable-2024-09-27-09-45' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull misc fixes from Andrew Morton: "19 hotfixes. 13 are cc:stable. There's a focus on fixes for the memfd_pin_folios() work which was added into 6.11. Apart from that, the usual shower of singleton fixes" * tag 'mm-hotfixes-stable-2024-09-27-09-45' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: ocfs2: fix uninit-value in ocfs2_get_block() zram: don't free statically defined names memory tiers: use default_dram_perf_ref_source in log message Revert "list: test: fix tests for list_cut_position()" kselftests: mm: fix wrong __NR_userfaultfd value compiler.h: specify correct attribute for .rodata..c_jump_table mm/damon/Kconfig: update DAMON doc URL mm: kfence: fix elapsed time for allocated/freed track ocfs2: fix deadlock in ocfs2_get_system_file_inode ocfs2: reserve space for inline xattr before attaching reflink tree mm: migrate: annotate data-race in migrate_folio_unmap() mm/hugetlb: simplify refs in memfd_alloc_folio mm/gup: fix memfd_pin_folios alloc race panic mm/gup: fix memfd_pin_folios hugetlb page allocation mm/hugetlb: fix memfd_pin_folios resv_huge_pages leak mm/hugetlb: fix memfd_pin_folios free_huge_pages leak mm/filemap: fix filemap_get_folios_contig THP panic mm: make SPLIT_PTE_PTLOCKS depend on SMP tools: fix shared radix-tree build commit 3630400697a3d334a391c1dba1b601d852145f2c Merge: ec38498450a96a f339bd3b51dac6 Author: Linus Torvalds Date: Fri Sep 27 10:14:35 2024 -0700 Merge tag 'loongarch-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson Pull LoongArch updates from Huacai Chen: - Fix objtool about do_syscall() and Clang - Enable generic CPU vulnerabilites support - Enable ACPI BGRT handling - Rework CPU feature probe from CPUCFG/IOCSR - Add ARCH_HAS_SET_MEMORY support - Add ARCH_HAS_SET_DIRECT_MAP support - Improve hardware page table walker - Simplify _percpu_read() and _percpu_write() - Add advanced extended IRQ model documentions - Some bug fixes and other small changes * tag 'loongarch-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson: Docs/LoongArch: Add advanced extended IRQ model description LoongArch: Remove posix_types.h include from sigcontext.h LoongArch: Fix memleak in pci_acpi_scan_root() LoongArch: Simplify _percpu_read() and _percpu_write() LoongArch: Improve hardware page table walker LoongArch: Add ARCH_HAS_SET_DIRECT_MAP support LoongArch: Add ARCH_HAS_SET_MEMORY support LoongArch: Rework CPU feature probe from CPUCFG/IOCSR LoongArch: Enable ACPI BGRT handling LoongArch: Enable generic CPU vulnerabilites support LoongArch: Remove STACK_FRAME_NON_STANDARD(do_syscall) LoongArch: Set AS_HAS_THIN_ADD_SUB as y if AS_IS_LLVM LoongArch: Enable objtool for Clang objtool: Handle frame pointer related instructions commit ec38498450a96a8d85f0409d9e4a41415cde9c1d Merge: 653608c67ae3dc c3e878ca7b6663 Author: Linus Torvalds Date: Fri Sep 27 10:10:21 2024 -0700 Merge tag 'sh-for-v6.12-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/glaubitz/sh-linux Pull sh updates from John Paul Adrian Glaubitz: "The first change by Gaosheng Cui removes unused declarations which have been obsoleted since commit 5a4053b23262 ("sh: Kill off dead boards.") and the second by his colleague Hongbo Li replaces the use of the unsafe simple_strtoul() with the safer kstrtoul() function in the sh interrupt controller driver code" * tag 'sh-for-v6.12-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/glaubitz/sh-linux: sh: intc: Replace simple_strtoul() with kstrtoul() sh: Remove unused declarations for make_maskreg_irq() and irq_mask_register commit 26de8614d83f1f1a0b0b0a300e3be40a95b9a340 Merge: 075dbe9f6e3c21 0c8d604dea437b Author: Wolfram Sang Date: Fri Sep 27 18:57:38 2024 +0200 Merge tag 'i2c-host-fixes-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/andi.shyti/linux into i2c/for-current I2C host fixes for v6.12-rc1 The DesignWare driver now has the correct ENABLE-ABORT sequence, ensuring ABORT can always be sent when needed. In the SynQuacer controller we now check for PCLK as an optional clock, allowing ACPI to directly provide the clock rate. The recent KEBA driver required a dependency fix in Kconfig. The XIIC driver now has a corrected power suspend sequence. commit 653608c67ae3dce1c5dee8c620ce6016e174bbd1 Merge: e477dba5442c0a 47ffe0578aee45 Author: Linus Torvalds Date: Fri Sep 27 09:55:30 2024 -0700 Merge tag 'for-linus-6.12-rc1a-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip Pull more xen updates from Juergen Gross: "A second round of Xen related changes and features: - a small fix of the xen-pciback driver for a warning issued by sparse - support PCI passthrough when using a PVH dom0 - enable loading the kernel in PVH mode at arbitrary addresses, avoiding conflicts with the memory map when running as a Xen dom0 using the host memory layout" * tag 'for-linus-6.12-rc1a-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip: x86/pvh: Add 64bit relocation page tables x86/kernel: Move page table macros to header x86/pvh: Set phys_base when calling xen_prepare_pvh() x86/pvh: Make PVH entrypoint PIC for x86-64 xen: sync elfnote.h from xen tree xen/pciback: fix cast to restricted pci_ers_result_t and pci_power_t xen/privcmd: Add new syscall to get gsi from dev xen/pvh: Setup gsi for passthrough device xen/pci: Add a function to reset device for xen commit 9fffa4e9b3b158f63334e603e610da7d529a0f9a Author: David Howells Date: Fri Sep 27 09:08:42 2024 +0100 netfs: Advance iterator correctly rather than jumping it In netfs_write_folio(), use iov_iter_advance() to advance the folio as we split bits of it off to subrequests rather than manually jumping the ->iov_offset value around. This becomes more problematic when we use a bounce buffer made out of single-page folios to cover a multipage pagecache folio. Signed-off-by: David Howells Link: https://lore.kernel.org/r/2238548.1727424522@warthog.procyon.org.uk cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Signed-off-by: Christian Brauner commit ff98751bae40faed1ba9c6a7287e84430f7dec64 Author: David Howells Date: Mon Sep 23 16:07:50 2024 +0100 afs: Fix the setting of the server responding flag In afs_wait_for_operation(), we set transcribe the call responded flag to the server record that we used after doing the fileserver iteration loop - but it's possible to exit the loop having had a response from the server that we've discarded (e.g. it returned an abort or we started receiving data, but the call didn't complete). This means that op->server might be NULL, but we don't check that before attempting to set the server flag. Fixes: 98f9fda2057b ("afs: Fold the afs_addr_cursor struct in") Signed-off-by: David Howells Link: https://lore.kernel.org/r/20240923150756.902363-7-dhowells@redhat.com cc: Marc Dionne cc: linux-afs@lists.infradead.org Signed-off-by: Christian Brauner commit 19dcfb9c1685d45ba96852e021415134865b0a95 Author: Thorsten Blum Date: Mon Sep 23 16:07:48 2024 +0100 afs: Remove unused struct and function prototype The struct afs_address_list and the function prototype afs_put_address_list() are not used anymore and can be removed. Remove them. Signed-off-by: Thorsten Blum Signed-off-by: David Howells Link: https://lore.kernel.org/r/20240911095046.3749-2-thorsten.blum@toblux.com/ Link: https://lore.kernel.org/r/20240923150756.902363-5-dhowells@redhat.com cc: Marc Dionne cc: linux-afs@lists.infradead.org cc: linux-fsdevel@vger.kernel.org Signed-off-by: Christian Brauner commit f94d54208f25dc93f3bcae9e725a582380a503b1 Author: Marc Dionne Date: Mon Sep 23 16:07:49 2024 +0100 afs: Fix possible infinite loop with unresponsive servers A return code of 0 from afs_wait_for_one_fs_probe is an indication that the endpoint state attached to the operation is stale and has been superseded. In that case the iteration needs to be restarted so that the newer probe result state gets used. Failure to do so can result in an tight infinite loop around the iterate_address label, where all addresses are thought to be responsive and have been tried, with nothing to refresh the endpoint state. Fixes: 495f2ae9e355 ("afs: Fix fileserver rotation") Reported-by: Markus Suvanto Link: https://lists.infradead.org/pipermail/linux-afs/2024-July/008628.html cc: linux-afs@lists.infradead.org Signed-off-by: Marc Dionne Signed-off-by: David Howells Link: https://lore.kernel.org/r/20240906134019.131553-1-marc.dionne@auristor.com/ Link: https://lore.kernel.org/r/20240923150756.902363-6-dhowells@redhat.com Signed-off-by: Christian Brauner commit 8a46067783bdff222d1fb8f8c20e3b7b711e3ce5 Author: Christian Brauner Date: Thu Sep 26 18:51:46 2024 +0200 pidfs: check for valid pid namespace When we access a no-current task's pid namespace we need check that the task hasn't been reaped in the meantime and it's pid namespace isn't accessible anymore. The user namespace is fine because it is only released when the last reference to struct task_struct is put and exit_creds() is called. Link: https://lore.kernel.org/r/20240926-klebt-altgedienten-0415ad4d273c@brauner Fixes: 5b08bd408534 ("pidfs: allow retrieval of namespace file descriptors") CC: stable@vger.kernel.org # v6.11 Signed-off-by: Christian Brauner commit 2cf36327ee1e47733aba96092d7bd082a4056ff5 Author: David Howells Date: Sat Sep 14 21:40:02 2024 +0100 afs: Fix missing wire-up of afs_retry_request() afs_retry_request() is supposed to be pointed to by the afs_req_ops netfs operations table, but the pointer got lost somewhere. The function is used during writeback to rotate through the authentication keys that were in force when the file was modified locally. Fix this by adding the pointer to the function. Fixes: 1ecb146f7cd8 ("netfs, afs: Use writeback retry to deal with alternate keys") Reported-by: Dr. David Alan Gilbert Signed-off-by: David Howells Link: https://lore.kernel.org/r/1690847.1726346402@warthog.procyon.org.uk cc: Marc Dionne cc: Jeff Layton cc: linux-afs@lists.infradead.org cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Signed-off-by: Christian Brauner commit da6ef2dffe6056aad3435e6cf7c6471c2a62187c Author: Baokun Li Date: Thu Aug 29 16:34:09 2024 +0800 cachefiles: fix dentry leak in cachefiles_open_file() A dentry leak may be caused when a lookup cookie and a cull are concurrent: P1 | P2 ----------------------------------------------------------- cachefiles_lookup_cookie cachefiles_look_up_object lookup_one_positive_unlocked // get dentry cachefiles_cull inode->i_flags |= S_KERNEL_FILE; cachefiles_open_file cachefiles_mark_inode_in_use __cachefiles_mark_inode_in_use can_use = false if (!(inode->i_flags & S_KERNEL_FILE)) can_use = true return false return false // Returns an error but doesn't put dentry After that the following WARNING will be triggered when the backend folder is umounted: ================================================================== BUG: Dentry 000000008ad87947{i=7a,n=Dx_1_1.img} still in use (1) [unmount of ext4 sda] WARNING: CPU: 4 PID: 359261 at fs/dcache.c:1767 umount_check+0x5d/0x70 CPU: 4 PID: 359261 Comm: umount Not tainted 6.6.0-dirty #25 RIP: 0010:umount_check+0x5d/0x70 Call Trace: d_walk+0xda/0x2b0 do_one_tree+0x20/0x40 shrink_dcache_for_umount+0x2c/0x90 generic_shutdown_super+0x20/0x160 kill_block_super+0x1a/0x40 ext4_kill_sb+0x22/0x40 deactivate_locked_super+0x35/0x80 cleanup_mnt+0x104/0x160 ================================================================== Whether cachefiles_open_file() returns true or false, the reference count obtained by lookup_positive_unlocked() in cachefiles_look_up_object() should be released. Therefore release that reference count in cachefiles_look_up_object() to fix the above issue and simplify the code. Fixes: 1f08c925e7a3 ("cachefiles: Implement backing file wrangling") Cc: stable@kernel.org Signed-off-by: Baokun Li Link: https://lore.kernel.org/r/20240829083409.3788142-1-libaokun@huaweicloud.com Acked-by: David Howells Signed-off-by: Christian Brauner commit e477dba5442c0af7acb9e8bbbbde1108a37ed39c Merge: b6c49fca9f810c 579b2ba40ece57 Author: Linus Torvalds Date: Fri Sep 27 09:12:51 2024 -0700 Merge tag 'for-6.12/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm Pull device mapper updates from Mikulas Patocka: - Misc VDO fixes - Remove unused declarations dm_get_rq_mapinfo() and dm_zone_map_bio() - Dm-delay: Improve kernel documentation - Dm-crypt: Allow to specify the integrity key size as an option - Dm-bufio: Remove pointless NULL check - Small code cleanups: Use ERR_CAST; remove unlikely() around IS_ERR; use __assign_bit - Dm-integrity: Fix gcc 5 warning; convert comma to semicolon; fix smatch warning - Dm-integrity: Support recalculation in the 'I' mode - Revert "dm: requeue IO if mapping table not yet available" - Dm-crypt: Small refactoring to make the code more readable - Dm-cache: Remove pointless error check - Dm: Fix spelling errors - Dm-verity: Restart or panic on an I/O error if restart or panic was requested - Dm-verity: Fallback to platform keyring also if key in trusted keyring is rejected * tag 'for-6.12/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm: (26 commits) dm verity: fallback to platform keyring also if key in trusted keyring is rejected dm-verity: restart or panic on an I/O error dm: fix spelling errors dm-cache: remove pointless error check dm vdo: handle unaligned discards correctly dm vdo indexer: Convert comma to semicolon dm-crypt: Use common error handling code in crypt_set_keyring_key() dm-crypt: Use up_read() together with key_put() only once in crypt_set_keyring_key() Revert "dm: requeue IO if mapping table not yet available" dm-integrity: check mac_size against HASH_MAX_DIGESTSIZE in sb_mac() dm-integrity: support recalculation in the 'I' mode dm integrity: Convert comma to semicolon dm integrity: fix gcc 5 warning dm: Make use of __assign_bit() API dm integrity: Remove extra unlikely helper dm: Convert to use ERR_CAST() dm bufio: Remove NULL check of list_entry() dm-crypt: Allow to specify the integrity key size as option dm: Remove unused declaration and empty definition "dm_zone_map_bio" dm delay: enhance kernel documentation ... commit b6c49fca9f810c7279ea59937dd3a01a2906d11a Merge: e5f0e38e7ece5b 0e9a2990a93f27 Author: Linus Torvalds Date: Fri Sep 27 09:05:18 2024 -0700 Merge tag 'ata-6.12-rc1-part2' of git://git.kernel.org/pub/scm/linux/kernel/git/libata/linux Pull ata fixes from Damien Le Moal: - Fix a NULL pointer dereference introduced by the recent cleanups of the command duration limits feature handling (me) - Fix incorrect generation of the mode sense data for the ALL_SUB_MPAGES page (me) * tag 'ata-6.12-rc1-part2' of git://git.kernel.org/pub/scm/linux/kernel/git/libata/linux: ata: libata-scsi: Fix ata_msense_control() CDL page reporting ata: libata-scsi: Fix ata_msense_control_spgt2() commit e5f0e38e7ece5b35577faa9bfbe5ec56091ec76b Merge: cb787f4ac0c2e4 eb46cb321f1f3f Author: Linus Torvalds Date: Fri Sep 27 08:48:37 2024 -0700 Merge tag 'driver-core-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core Pull driver core updates from Greg KH: "Here is a small set of patches for the driver core code for 6.12-rc1. This set is the one that caused the most delay on my side, due to lots of last-minute reports of problems in the async shutdown feature that was added. In the end, I've reverted all of the patches in that series so we are back to "normal" and the patch set is being reworked for the next merge window. Other than the async shutdown patches that were reverted, included in here are: - minor driver core cleanups - minor driver core bus and class api cleanups and simplifications for some callbacks - some const markings of structures - other even more minor cleanups All of these, including the last minute reverts, have been in linux-next, but all of the reports of problems in linux-next were before the reverts happened. After the reverts, all is good" * tag 'driver-core-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: (32 commits) Revert "driver core: don't always lock parent in shutdown" Revert "driver core: separate function to shutdown one device" Revert "driver core: shut down devices asynchronously" Revert "nvme-pci: Make driver prefer asynchronous shutdown" Revert "driver core: fix async device shutdown hang" driver core: fix async device shutdown hang driver core: attribute_container: Remove unused functions driver core: Trivially simplify ((struct device_private *)curr)->device->p to @curr devres: Correclty strip percpu address space of devm_free_percpu() argument driver core: Make parameter check consistent for API cluster device_(for_each|find)_child() bus: fsl-mc: make fsl_mc_bus_type const nvme-pci: Make driver prefer asynchronous shutdown driver core: shut down devices asynchronously driver core: separate function to shutdown one device driver core: don't always lock parent in shutdown platform: Make platform_bus_type constant driver core: class: Check namespace relevant parameters in class_register() driver:base:core: Adding a "Return:" line in comment for device_link_add() drivers/base: Introduce device_match_t for device finding APIs firmware_loader: Block path traversal ... commit efbc6bd090f48ccf64f7a8dd5daea775821d57ec Author: Paolo Bonzini Date: Fri Sep 27 11:45:45 2024 -0400 Documentation: KVM: fix warning in "make htmldocs" The warning Documentation/virt/kvm/locking.rst:31: ERROR: Unexpected indentation. is caused by incorrectly treating a line as the continuation of a paragraph, rather than as the first line in a bullet list. Fixed: 44d174596260 ("KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock") Signed-off-by: Paolo Bonzini commit cb787f4ac0c2e439ea8d7e6387b925f74576bdf8 Author: Al Viro Date: Fri Sep 27 02:56:11 2024 +0100 [tree-wide] finally take no_llseek out no_llseek had been defined to NULL two years ago, in commit 868941b14441 ("fs: remove no_llseek") To quote that commit, At -rc1 we'll need do a mechanical removal of no_llseek - git grep -l -w no_llseek | grep -v porting.rst | while read i; do sed -i '/\/d' $i done would do it. Unfortunately, that hadn't been done. Linus, could you do that now, so that we could finally put that thing to rest? All instances are of the form .llseek = no_llseek, so it's obviously safe. Signed-off-by: Al Viro Signed-off-by: Linus Torvalds commit b25e11f978b63cb7857890edb3a698599cddb10e Author: Luiz Augusto von Dentz Date: Thu Sep 12 12:17:00 2024 -0400 Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This aligned BR/EDR JUST_WORKS method with LE which since 92516cd97fd4 ("Bluetooth: Always request for user confirmation for Just Works") always request user confirmation with confirm_hint set since the likes of bluetoothd have dedicated policy around JUST_WORKS method (e.g. main.conf:JustWorksRepairing). CVE: CVE-2024-8805 Cc: stable@vger.kernel.org Fixes: ba15a58b179e ("Bluetooth: Fix SSP acceptor just-works confirmation without MITM") Signed-off-by: Luiz Augusto von Dentz Tested-by: Kiran K commit 7b1ab460592ca818e7b52f27cd3ec86af79220d1 Author: Jinjie Ruan Date: Thu Sep 12 11:12:04 2024 +0800 Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() disable_irq() after request_irq() still has a time gap in which interrupts can come. request_irq() with IRQF_NO_AUTOEN flag will disable IRQ auto-enable when request IRQ. Fixes: bb7f4f0bcee6 ("btmrvl: add platform specific wakeup interrupt support") Signed-off-by: Jinjie Ruan Signed-off-by: Luiz Augusto von Dentz commit 333b4fd11e89b29c84c269123f871883a30be586 Author: Luiz Augusto von Dentz Date: Mon Sep 23 12:47:39 2024 -0400 Bluetooth: L2CAP: Fix uaf in l2cap_connect [Syzbot reported] BUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949 Read of size 8 at addr ffff8880241e9800 by task kworker/u9:0/54 CPU: 0 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.11.0-rc6-syzkaller-00268-g788220eee30d #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 Workqueue: hci2 hci_rx_work Call Trace: __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119 print_address_description mm/kasan/report.c:377 [inline] print_report+0xc3/0x620 mm/kasan/report.c:488 kasan_report+0xd9/0x110 mm/kasan/report.c:601 l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949 l2cap_connect_req net/bluetooth/l2cap_core.c:4080 [inline] l2cap_bredr_sig_cmd net/bluetooth/l2cap_core.c:4772 [inline] l2cap_sig_channel net/bluetooth/l2cap_core.c:5543 [inline] l2cap_recv_frame+0xf0b/0x8eb0 net/bluetooth/l2cap_core.c:6825 l2cap_recv_acldata+0x9b4/0xb70 net/bluetooth/l2cap_core.c:7514 hci_acldata_packet net/bluetooth/hci_core.c:3791 [inline] hci_rx_work+0xaab/0x1610 net/bluetooth/hci_core.c:4028 process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231 process_scheduled_works kernel/workqueue.c:3312 [inline] worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389 kthread+0x2c1/0x3a0 kernel/kthread.c:389 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 ... Freed by task 5245: kasan_save_stack+0x33/0x60 mm/kasan/common.c:47 kasan_save_track+0x14/0x30 mm/kasan/common.c:68 kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579 poison_slab_object+0xf7/0x160 mm/kasan/common.c:240 __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256 kasan_slab_free include/linux/kasan.h:184 [inline] slab_free_hook mm/slub.c:2256 [inline] slab_free mm/slub.c:4477 [inline] kfree+0x12a/0x3b0 mm/slub.c:4598 l2cap_conn_free net/bluetooth/l2cap_core.c:1810 [inline] kref_put include/linux/kref.h:65 [inline] l2cap_conn_put net/bluetooth/l2cap_core.c:1822 [inline] l2cap_conn_del+0x59d/0x730 net/bluetooth/l2cap_core.c:1802 l2cap_connect_cfm+0x9e6/0xf80 net/bluetooth/l2cap_core.c:7241 hci_connect_cfm include/net/bluetooth/hci_core.h:1960 [inline] hci_conn_failed+0x1c3/0x370 net/bluetooth/hci_conn.c:1265 hci_abort_conn_sync+0x75a/0xb50 net/bluetooth/hci_sync.c:5583 abort_conn_sync+0x197/0x360 net/bluetooth/hci_conn.c:2917 hci_cmd_sync_work+0x1a4/0x410 net/bluetooth/hci_sync.c:328 process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231 process_scheduled_works kernel/workqueue.c:3312 [inline] worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389 kthread+0x2c1/0x3a0 kernel/kthread.c:389 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Reported-by: syzbot+c12e2f941af1feb5632c@syzkaller.appspotmail.com Tested-by: syzbot+c12e2f941af1feb5632c@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=c12e2f941af1feb5632c Fixes: 7b064edae38d ("Bluetooth: Fix authentication if acl data comes before remote feature evt") Signed-off-by: Luiz Augusto von Dentz commit f53e1c9c726d83092167f2226f32bd3b73f26c21 Author: Luiz Augusto von Dentz Date: Thu Sep 12 12:34:42 2024 -0400 Bluetooth: MGMT: Fix possible crash on mgmt_index_removed If mgmt_index_removed is called while there are commands queued on cmd_sync it could lead to crashes like the bellow trace: 0x0000053D: __list_del_entry_valid_or_report+0x98/0xdc 0x0000053D: mgmt_pending_remove+0x18/0x58 [bluetooth] 0x0000053E: mgmt_remove_adv_monitor_complete+0x80/0x108 [bluetooth] 0x0000053E: hci_cmd_sync_work+0xbc/0x164 [bluetooth] So while handling mgmt_index_removed this attempts to dequeue commands passed as user_data to cmd_sync. Fixes: 7cf5c2978f23 ("Bluetooth: hci_sync: Refactor remove Adv Monitor") Reported-by: jiaymao Signed-off-by: Luiz Augusto von Dentz commit 54595f2807d203770ee50486cb23dc5763916d72 Author: Arnd Bergmann Date: Mon Sep 9 20:38:09 2024 +0000 mailbox, remoteproc: omap2+: fix compile testing Selecting CONFIG_OMAP2PLUS_MBOX while compile testing causes a build failure: WARNING: unmet direct dependencies detected for OMAP2PLUS_MBOX Depends on [n]: MAILBOX [=y] && (ARCH_OMAP2PLUS || ARCH_K3) Selected by [m]: - TI_K3_M4_REMOTEPROC [=m] && REMOTEPROC [=y] && (ARCH_K3 || COMPILE_TEST [=y]) Using 'select' to force-enable another subsystem is generally a mistake and causes problems such as this one, so change the three drivers that link against this driver to use 'depends on' instead, and ensure the driver itself can be compile tested regardless of the platform. When compile-testing without CONFIG_TI_SCI_PROTOCOL=m, there is a chance for a link failure, so add a careful dependency on that. arm-linux-gnueabi-ld: drivers/remoteproc/ti_k3_m4_remoteproc.o: in function `k3_m4_rproc_probe': ti_k3_m4_remoteproc.c:(.text.k3_m4_rproc_probe+0x76): undefined reference to `devm_ti_sci_get_by_phandle' Fixes: ebcf9008a895 ("remoteproc: k3-m4: Add a remoteproc driver for M4F subsystem") Signed-off-by: Arnd Bergmann Reviewed-by: Mathieu Poirier Reviewed-by: Andrew Davis Reviewed-by: Martyn Welch Signed-off-by: Jassi Brar commit 10dbd23633f0433f8d13c2803d687b36a675ef60 Author: zhang jiao Date: Fri Sep 27 11:22:05 2024 +0800 selftests: netfilter: Add missing return value There is no return value in count_entries, just add it. Fixes: eff3c558bb7e ("netfilter: ctnetlink: support filtering by zone") Signed-off-by: zhang jiao Signed-off-by: Pablo Neira Ayuso commit 92ceba94de6fb4cee2bf40b485979c342f44a492 Author: Eric Dumazet Date: Thu Sep 26 18:56:11 2024 +0000 netfilter: nf_tables: prevent nf_skb_duplicated corruption syzbot found that nf_dup_ipv4() or nf_dup_ipv6() could write per-cpu variable nf_skb_duplicated in an unsafe way [1]. Disabling preemption as hinted by the splat is not enough, we have to disable soft interrupts as well. [1] BUG: using __this_cpu_write() in preemptible [00000000] code: syz.4.282/6316 caller is nf_dup_ipv4+0x651/0x8f0 net/ipv4/netfilter/nf_dup_ipv4.c:87 CPU: 0 UID: 0 PID: 6316 Comm: syz.4.282 Not tainted 6.11.0-rc7-syzkaller-00104-g7052622fccb1 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 Call Trace: __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119 check_preemption_disabled+0x10e/0x120 lib/smp_processor_id.c:49 nf_dup_ipv4+0x651/0x8f0 net/ipv4/netfilter/nf_dup_ipv4.c:87 nft_dup_ipv4_eval+0x1db/0x300 net/ipv4/netfilter/nft_dup_ipv4.c:30 expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline] nft_do_chain+0x4ad/0x1da0 net/netfilter/nf_tables_core.c:288 nft_do_chain_ipv4+0x202/0x320 net/netfilter/nft_chain_filter.c:23 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626 nf_hook+0x2c4/0x450 include/linux/netfilter.h:269 NF_HOOK_COND include/linux/netfilter.h:302 [inline] ip_output+0x185/0x230 net/ipv4/ip_output.c:433 ip_local_out net/ipv4/ip_output.c:129 [inline] ip_send_skb+0x74/0x100 net/ipv4/ip_output.c:1495 udp_send_skb+0xacf/0x1650 net/ipv4/udp.c:981 udp_sendmsg+0x1c21/0x2a60 net/ipv4/udp.c:1269 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg+0x1a6/0x270 net/socket.c:745 ____sys_sendmsg+0x525/0x7d0 net/socket.c:2597 ___sys_sendmsg net/socket.c:2651 [inline] __sys_sendmmsg+0x3b2/0x740 net/socket.c:2737 __do_sys_sendmmsg net/socket.c:2766 [inline] __se_sys_sendmmsg net/socket.c:2763 [inline] __x64_sys_sendmmsg+0xa0/0xb0 net/socket.c:2763 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f4ce4f7def9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f4ce5d4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 RAX: ffffffffffffffda RBX: 00007f4ce5135f80 RCX: 00007f4ce4f7def9 RDX: 0000000000000001 RSI: 0000000020005d40 RDI: 0000000000000006 RBP: 00007f4ce4ff0b76 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f4ce5135f80 R15: 00007ffd4cbc6d68 Fixes: d877f07112f1 ("netfilter: nf_tables: add nft_dup expression") Reported-by: syzbot Signed-off-by: Eric Dumazet Signed-off-by: Pablo Neira Ayuso commit 8a89015644513ef69193a037eb966f2d55fe385a Author: Phil Sutter Date: Thu Sep 26 18:56:31 2024 +0200 selftests: netfilter: Fix nft_audit.sh for newer nft binaries As a side-effect of nftables' commit dbff26bfba833 ("cache: consolidate reset command"), audit logs changed when more objects were reset than fit into a single netlink message. Since the objects' distribution in netlink messages is not relevant, implement a summarizing function which combines repeated audit logs into a single one with summed up 'entries=' value. Fixes: 203bb9d39866 ("selftests: netfilter: Extend nft_audit.sh") Signed-off-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso commit d505d3593b52b6c43507f119572409087416ba28 Author: Jinjie Ruan Date: Mon Sep 23 19:57:43 2024 +0800 net: wwan: qcom_bam_dmux: Fix missing pm_runtime_disable() It's important to undo pm_runtime_use_autosuspend() with pm_runtime_dont_use_autosuspend() at driver exit time. But the pm_runtime_disable() and pm_runtime_dont_use_autosuspend() is missing in the error path for bam_dmux_probe(). So add it. Found by code review. Compile-tested only. Fixes: 21a0ffd9b38c ("net: wwan: Add Qualcomm BAM-DMUX WWAN network driver") Suggested-by: Stephan Gerhold Signed-off-by: Jinjie Ruan Reviewed-by: Stephan Gerhold Reviewed-by: Sergey Ryazanov Signed-off-by: David S. Miller commit 8be007c8e0911d0450b402ca8cbb1a8cbd00e8f2 Author: Keith Busch Date: Sun Sep 22 07:18:00 2024 -0700 block: fix blk_rq_map_integrity_sg kernel-doc Fix the documentation to match the new function signature. Fixes: 76c313f658d2752 ("blk-integrity: improved sg segment mapping") Signed-off-by: Keith Busch Reviewed-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240922141800.3622319-1-kbusch@meta.com Signed-off-by: Jens Axboe commit 0c8d604dea437b69a861479b413d629bc9b3da70 Author: Jinjie Ruan Date: Mon Sep 23 11:42:50 2024 +0800 i2c: xiic: Fix pm_runtime_set_suspended() with runtime pm enabled It is not valid to call pm_runtime_set_suspended() for devices with runtime PM enabled because it returns -EAGAIN if it is enabled already and working. So, call pm_runtime_disable() before to fix it. Fixes: 36ecbcab84d0 ("i2c: xiic: Implement power management") Cc: # v4.6+ Signed-off-by: Jinjie Ruan Signed-off-by: Andi Shyti commit 6d3405415f887aef5774c04ae9fefae63d82bdaf Author: Geert Uytterhoeven Date: Tue Sep 24 11:34:18 2024 +0200 i2c: keba: I2C_KEBA should depend on KEBA_CP500 The KEBA I2C controller is only present on KEBA PLC devices. Hence add a dependency on KEBA_CP500, to prevent asking the user about this driver when configuring a kernel without KEBA CP500 system FPGA support. Fixes: c7e08c816cd2fdf8 ("i2c: keba: Add KEBA I2C controller support") Signed-off-by: Geert Uytterhoeven Reviewed-by: Gerhard Engleder Signed-off-by: Andi Shyti commit 09573b1cc76e7ff8f056ab29ea1cdc152ec8c653 Author: Jinjie Ruan Date: Wed Sep 11 17:42:34 2024 +0800 net: ieee802154: mcr20a: Use IRQF_NO_AUTOEN flag in request_irq() disable_irq() after request_irq() still has a time gap in which interrupts can come. request_irq() with IRQF_NO_AUTOEN flag will disable IRQ auto-enable when request IRQ. Fixes: 8c6ad9cc5157 ("ieee802154: Add NXP MCR20A IEEE 802.15.4 transceiver driver") Reviewed-by: Miquel Raynal Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/20240911094234.1922418-1-ruanjinjie@huawei.com Signed-off-by: Stefan Schmidt commit 3a39d672e7f48b8d6b91a09afa4b55352773b4b5 Merge: 151ac45348afc5 62a0e2fa40c5c0 Author: Paolo Abeni Date: Fri Sep 27 08:13:52 2024 +0200 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Cross-merge networking fixes after downstream PR. No conflicts and no adjacent changes. Signed-off-by: Paolo Abeni commit 220d83b52c7d16ec3c168b82f4e6ce59c645f7ab Author: Enzo Matsumiya Date: Thu Sep 26 14:46:16 2024 -0300 smb: client: make SHA-512 TFM ephemeral The SHA-512 shash TFM is used only briefly during Session Setup stage, when computing SMB 3.1.1 preauth hash. There's no need to keep it allocated in servers' secmech the whole time, so keep its lifetime inside smb311_update_preauth_hash(). This also makes smb311_crypto_shash_allocate() redundant, so expose smb3_crypto_shash_allocate() and use that. Signed-off-by: Enzo Matsumiya Signed-off-by: Steve French commit db44ca9f7bc00a368d345b9fa1ecee0c4e75ac48 Author: Enzo Matsumiya Date: Thu Sep 26 14:46:15 2024 -0300 smb: client: make HMAC-MD5 TFM ephemeral The HMAC-MD5 shash TFM is used only briefly during Session Setup stage, when computing NTLMv2 hashes. There's no need to keep it allocated in servers' secmech the whole time, so keep its lifetime inside setup_ntlmv2_rsp(). Signed-off-by: Enzo Matsumiya Signed-off-by: Steve French commit a13ca780afab350f37f8be9eda2bf79d1aed9bdd Author: Paulo Alcantara Date: Wed Sep 18 02:04:01 2024 -0300 smb: client: stop flooding dmesg in smb2_calc_signature() When having several mounts that share same credential and the client couldn't re-establish an SMB session due to an expired kerberos ticket or rotated password, smb2_calc_signature() will end up flooding dmesg when not finding SMB sessions to calculate signatures. Signed-off-by: Paulo Alcantara (Red Hat) Signed-off-by: Steve French commit f7025d861694362348efc14eaad6a17840c4e9a4 Author: Enzo Matsumiya Date: Thu Sep 26 14:46:14 2024 -0300 smb: client: allocate crypto only for primary server For extra channels, point ->secmech.{enc,dec} to the primary server ones. Signed-off-by: Enzo Matsumiya Signed-off-by: Steve French commit b0abcd65ec545701b8793e12bc27dc98042b151a Author: Enzo Matsumiya Date: Thu Sep 26 14:46:13 2024 -0300 smb: client: fix UAF in async decryption Doing an async decryption (large read) crashes with a slab-use-after-free way down in the crypto API. Reproducer: # mount.cifs -o ...,seal,esize=1 //srv/share /mnt # dd if=/mnt/largefile of=/dev/null ... [ 194.196391] ================================================================== [ 194.196844] BUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xc1/0x110 [ 194.197269] Read of size 8 at addr ffff888112bd0448 by task kworker/u77:2/899 [ 194.197707] [ 194.197818] CPU: 12 UID: 0 PID: 899 Comm: kworker/u77:2 Not tainted 6.11.0-lku-00028-gfca3ca14a17a-dirty #43 [ 194.198400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014 [ 194.199046] Workqueue: smb3decryptd smb2_decrypt_offload [cifs] [ 194.200032] Call Trace: [ 194.200191] [ 194.200327] dump_stack_lvl+0x4e/0x70 [ 194.200558] ? gf128mul_4k_lle+0xc1/0x110 [ 194.200809] print_report+0x174/0x505 [ 194.201040] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 194.201352] ? srso_return_thunk+0x5/0x5f [ 194.201604] ? __virt_addr_valid+0xdf/0x1c0 [ 194.201868] ? gf128mul_4k_lle+0xc1/0x110 [ 194.202128] kasan_report+0xc8/0x150 [ 194.202361] ? gf128mul_4k_lle+0xc1/0x110 [ 194.202616] gf128mul_4k_lle+0xc1/0x110 [ 194.202863] ghash_update+0x184/0x210 [ 194.203103] shash_ahash_update+0x184/0x2a0 [ 194.203377] ? __pfx_shash_ahash_update+0x10/0x10 [ 194.203651] ? srso_return_thunk+0x5/0x5f [ 194.203877] ? crypto_gcm_init_common+0x1ba/0x340 [ 194.204142] gcm_hash_assoc_remain_continue+0x10a/0x140 [ 194.204434] crypt_message+0xec1/0x10a0 [cifs] [ 194.206489] ? __pfx_crypt_message+0x10/0x10 [cifs] [ 194.208507] ? srso_return_thunk+0x5/0x5f [ 194.209205] ? srso_return_thunk+0x5/0x5f [ 194.209925] ? srso_return_thunk+0x5/0x5f [ 194.210443] ? srso_return_thunk+0x5/0x5f [ 194.211037] decrypt_raw_data+0x15f/0x250 [cifs] [ 194.212906] ? __pfx_decrypt_raw_data+0x10/0x10 [cifs] [ 194.214670] ? srso_return_thunk+0x5/0x5f [ 194.215193] smb2_decrypt_offload+0x12a/0x6c0 [cifs] This is because TFM is being used in parallel. Fix this by allocating a new AEAD TFM for async decryption, but keep the existing one for synchronous READ cases (similar to what is done in smb3_calc_signature()). Also remove the calls to aead_request_set_callback() and crypto_wait_req() since it's always going to be a synchronous operation. Signed-off-by: Enzo Matsumiya Signed-off-by: Steve French commit 6f34d8d382d64e7d8e77f5a9ddfd06f4c04937b0 Author: Tejun Heo Date: Thu Sep 26 12:56:46 2024 -1000 sched_ext: Use shorter slice while bypassing While bypassing, tasks are scheduled in FIFO order which favors tasks that hog CPUs. This can slow down e.g. unloading of the BPF scheduler. While bypassing, guaranteeing timely forward progress is the main goal. There's no point in giving long slices. Shorten the time slice used while bypassing from 20ms to 5ms. Signed-off-by: Tejun Heo Acked-by: David Vernet commit b7b3b2dbae73b412c2d24b3d0ebf1110991e4510 Author: Tejun Heo Date: Thu Sep 26 12:56:46 2024 -1000 sched_ext: Split the global DSQ per NUMA node In the bypass mode, the global DSQ is used to schedule all tasks in simple FIFO order. All tasks are queued into the global DSQ and all CPUs try to execute tasks from it. This creates a lot of cross-node cacheline accesses and scheduling across the node boundaries, and can lead to live-lock conditions where the system takes tens of minutes to disable the BPF scheduler while executing in the bypass mode. Split the global DSQ per NUMA node. Each node has its own global DSQ. When a task is dispatched to SCX_DSQ_GLOBAL, it's put into the global DSQ local to the task's CPU and all CPUs in a node only consume its node-local global DSQ. This resolves a livelock condition which could be reliably triggered on an 2x EPYC 7642 system by running `stress-ng --race-sched 1024` together with `stress-ng --workload 80 --workload-threads 10` while repeatedly enabling and disabling a SCX scheduler. Signed-off-by: Tejun Heo Acked-by: David Vernet commit bba26bf356d1c1314a7bb24041c64c5784febbb0 Author: Tejun Heo Date: Thu Sep 26 12:56:46 2024 -1000 sched_ext: Relocate find_user_dsq() To prepare for the addition of find_global_dsq(). No functional changes. Signed-off-by: tejun heo Acked-by: David Vernet commit 63fb3ec80516b256e9fc91de48567f5eda61d135 Author: Tejun Heo Date: Thu Sep 26 12:56:46 2024 -1000 sched_ext: Allow only user DSQs for scx_bpf_consume(), scx_bpf_dsq_nr_queued() and bpf_iter_scx_dsq_new() SCX_DSQ_GLOBAL is special in that it can't be used as a priority queue and is consumed implicitly, but all BPF DSQ related kfuncs could be used on it. SCX_DSQ_GLOBAL will be split per-node for scalability and those operations won't make sense anymore. Disallow SCX_DSQ_GLOBAL on scx_bpf_consume(), scx_bpf_dsq_nr_queued() and bpf_iter_scx_dsq_new(). This means that SCX_DSQ_GLOBAL can only be used as a dispatch target from BPF schedulers. With scx_flatcg, which was using SCX_DSQ_GLOBAL as the fallback DSQ, updated, this shouldn't affect any schedulers. This leaves find_dsq_for_dispatch() the only user of find_non_local_dsq(). Open code and remove find_non_local_dsq(). Signed-off-by: tejun heo Acked-by: David Vernet commit c9c809f4137c3c0f962226c10d245d3ce2fd5b7c Author: Tejun Heo Date: Thu Sep 26 12:56:46 2024 -1000 scx_flatcg: Use a user DSQ for fallback instead of SCX_DSQ_GLOBAL scx_flatcg was using SCX_DSQ_GLOBAL for fallback handling. However, it is assuming that SCX_DSQ_GLOBAL isn't automatically consumed, which was true a while ago but is no longer the case. Also, there are further changes planned for SCX_DSQ_GLOBAL which will disallow explicit consumption from it. Switch to a user DSQ for fallback. Signed-off-by: Tejun Heo Acked-by: David Vernet commit df9b455633aee0bad3e5c3dc9fc1c860b13c96d2 Author: David Howells Date: Thu Sep 26 14:58:30 2024 +0100 netfs: Fix write oops in generic/346 (9p) and generic/074 (cifs) In netfslib, a buffered writeback operation has a 'write queue' of folios that are being written, held in a linear sequence of folio_queue structs. The 'issuer' adds new folio_queues on the leading edge of the queue and populates each one progressively; the 'collector' pops them off the trailing edge and discards them and the folios they point to as they are consumed. The queue is required to always retain at least one folio_queue structure. This allows the queue to be accessed without locking and with just a bit of barriering. When a new subrequest is prepared, its ->io_iter iterator is pointed at the current end of the write queue and then the iterator is extended as more data is added to the queue until the subrequest is committed. Now, the problem is that the folio_queue at the leading edge of the write queue when a subrequest is prepared might have been entirely consumed - but not yet removed from the queue as it is the only remaining one and is preventing the queue from collapsing. So, what happens is that subreq->io_iter is pointed at the spent folio_queue, then a new folio_queue is added, and, at that point, the collector is at entirely at liberty to immediately delete the spent folio_queue. This leaves the subreq->io_iter pointing at a freed object. If the system is lucky, iterate_folioq() sees ->io_iter, sees the as-yet uncorrupted freed object and advances to the next folio_queue in the queue. In the case seen, however, the freed object gets recycled and put back onto the queue at the tail and filled to the end. This confuses iterate_folioq() and it tries to step ->next, which may be NULL - resulting in an oops. Fix this by the following means: (1) When preparing a write subrequest, make sure there's a folio_queue struct with space in it at the leading edge of the queue. A function to make space is split out of the function to append a folio so that it can be called for this purpose. (2) If the request struct iterator is pointing to a completely spent folio_queue when we make space, then advance the iterator to the newly allocated folio_queue. The subrequest's iterator will then be set from this. The oops could be triggered using the generic/346 xfstest with a filesystem on9P over TCP with cache=loose. The oops looked something like: BUG: kernel NULL pointer dereference, address: 0000000000000008 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page ... RIP: 0010:_copy_from_iter+0x2db/0x530 ... Call Trace: ... p9pdu_vwritef+0x3d8/0x5d0 p9_client_prepare_req+0xa8/0x140 p9_client_rpc+0x81/0x280 p9_client_write+0xcf/0x1c0 v9fs_issue_write+0x87/0xc0 netfs_advance_write+0xa0/0xb0 netfs_write_folio.isra.0+0x42d/0x500 netfs_writepages+0x15a/0x1f0 do_writepages+0xd1/0x220 filemap_fdatawrite_wbc+0x5c/0x80 v9fs_mmap_vm_close+0x7d/0xb0 remove_vma+0x35/0x70 vms_complete_munmap_vmas+0x11a/0x170 do_vmi_align_munmap+0x17d/0x1c0 do_vmi_munmap+0x13e/0x150 __vm_munmap+0x92/0xd0 __x64_sys_munmap+0x17/0x20 do_syscall_64+0x80/0xe0 entry_SYSCALL_64_after_hwframe+0x71/0x79 This also fixed a similar-looking issue with cifs and generic/074. Fixes: cd0277ed0c18 ("netfs: Use new folio_queue data type and iterator instead of xarray iter") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202409180928.f20b5a08-oliver.sang@intel.com Closes: https://lore.kernel.org/oe-lkp/202409131438.3f225fbf-oliver.sang@intel.com Signed-off-by: David Howells Tested-by: kernel test robot cc: Eric Van Hensbergen cc: Latchesar Ionkov cc: Dominique Martinet cc: Christian Schoenebeck cc: Paulo Alcantara cc: Jeff Layton cc: v9fs@lists.linux.dev cc: linux-cifs@vger.kernel.org cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Signed-off-by: Steve French commit d7d2688bf4ea58734d73e18edcbf4684b1496d30 Author: Kenneth Feng Date: Fri Sep 20 19:05:37 2024 +0800 drm/amd/pm: update workload mask after the setting update workload mask after the setting. Link: https://gitlab.freedesktop.org/drm/amd/-/issues/3625 Signed-off-by: Kenneth Feng Acked-by: Alex Deucher Signed-off-by: Alex Deucher Cc: stable@vger.kernel.org commit 34ad56a467c320d07db22146cfb99ee01704a5de Author: Alex Deucher Date: Fri Sep 6 13:51:06 2024 -0400 drm/amdgpu: bump driver version for cleared VRAM Driver now clears VRAM on allocation. Bump the driver version so mesa knows when it will get cleared vram by default. Reviewed-by: Marek Olšák Reviewed-by: Rajneesh Bhardwaj Signed-off-by: Alex Deucher Cc: stable@vger.kernel.org # 6.11.x commit a8387ddc0d15a365dd04baaa325a863d3612e020 Author: Alex Deucher Date: Wed Sep 25 14:17:53 2024 -0400 drm/amdgpu: fix vbios fetching for SR-IOV SR-IOV fetches the vbios from VRAM in some cases. Re-enable the VRAM path for dGPUs and rename the function to make it clear that it is not IGP specific. Fixes: 042658d17a54 ("drm/amdgpu: clean up vbios fetching code") Reviewed-by: Yang Wang Tested-by: Yang Wang Signed-off-by: Alex Deucher commit 3cb576bc6dfb8940228b8130638860b631dd428a Author: Frank Min Date: Wed Sep 25 11:39:06 2024 +0800 drm/amdgpu: fix PTE copy corruption for sdma 7 Without setting dcc bit, there is ramdon PTE copy corruption on sdma 7. so add this bit and update the packet format accordingly. Acked-by: Alex Deucher Signed-off-by: Frank Min Reviewed-by: Christian König Signed-off-by: Alex Deucher Cc: stable@vger.kernel.org # 6.11.x commit 2af148ef8549a12f8025286b8825c2833ee6bcb8 Author: Joseph Qi Date: Wed Sep 25 17:06:00 2024 +0800 ocfs2: fix uninit-value in ocfs2_get_block() syzbot reported an uninit-value BUG: BUG: KMSAN: uninit-value in ocfs2_get_block+0xed2/0x2710 fs/ocfs2/aops.c:159 ocfs2_get_block+0xed2/0x2710 fs/ocfs2/aops.c:159 do_mpage_readpage+0xc45/0x2780 fs/mpage.c:225 mpage_readahead+0x43f/0x840 fs/mpage.c:374 ocfs2_readahead+0x269/0x320 fs/ocfs2/aops.c:381 read_pages+0x193/0x1110 mm/readahead.c:160 page_cache_ra_unbounded+0x901/0x9f0 mm/readahead.c:273 do_page_cache_ra mm/readahead.c:303 [inline] force_page_cache_ra+0x3b1/0x4b0 mm/readahead.c:332 force_page_cache_readahead mm/internal.h:347 [inline] generic_fadvise+0x6b0/0xa90 mm/fadvise.c:106 vfs_fadvise mm/fadvise.c:185 [inline] ksys_fadvise64_64 mm/fadvise.c:199 [inline] __do_sys_fadvise64 mm/fadvise.c:214 [inline] __se_sys_fadvise64 mm/fadvise.c:212 [inline] __x64_sys_fadvise64+0x1fb/0x3a0 mm/fadvise.c:212 x64_sys_call+0xe11/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:222 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f This is because when ocfs2_extent_map_get_blocks() fails, p_blkno is uninitialized. So the error log will trigger the above uninit-value access. The error log is out-of-date since get_blocks() was removed long time ago. And the error code will be logged in ocfs2_extent_map_get_blocks() once ocfs2_get_cluster() fails, so fix this by only logging inode and block. Link: https://syzkaller.appspot.com/bug?extid=9709e73bae885b05314b Link: https://lkml.kernel.org/r/20240925090600.3643376-1-joseph.qi@linux.alibaba.com Fixes: ccd979bdbce9 ("[PATCH] OCFS2: The Second Oracle Cluster Filesystem") Signed-off-by: Joseph Qi Reported-by: syzbot+9709e73bae885b05314b@syzkaller.appspotmail.com Tested-by: syzbot+9709e73bae885b05314b@syzkaller.appspotmail.com Cc: Heming Zhao Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Cc: Changwei Ge Cc: Gang He Cc: Jun Piao Cc: Signed-off-by: Andrew Morton commit 486fd58af7ac1098b68370b1d4d9f94a2a1c7124 Author: Andrey Skvortsov Date: Mon Sep 23 19:48:43 2024 +0300 zram: don't free statically defined names When CONFIG_ZRAM_MULTI_COMP isn't set ZRAM_SECONDARY_COMP can hold default_compressor, because it's the same offset as ZRAM_PRIMARY_COMP, so we need to make sure that we don't attempt to kfree() the statically defined compressor name. This is detected by KASAN. ================================================================== Call trace: kfree+0x60/0x3a0 zram_destroy_comps+0x98/0x198 [zram] zram_reset_device+0x22c/0x4a8 [zram] reset_store+0x1bc/0x2d8 [zram] dev_attr_store+0x44/0x80 sysfs_kf_write+0xfc/0x188 kernfs_fop_write_iter+0x28c/0x428 vfs_write+0x4dc/0x9b8 ksys_write+0x100/0x1f8 __arm64_sys_write+0x74/0xb8 invoke_syscall+0xd8/0x260 el0_svc_common.constprop.0+0xb4/0x240 do_el0_svc+0x48/0x68 el0_svc+0x40/0xc8 el0t_64_sync_handler+0x120/0x130 el0t_64_sync+0x190/0x198 ================================================================== Link: https://lkml.kernel.org/r/20240923164843.1117010-1-andrej.skvortzov@gmail.com Fixes: 684826f8271a ("zram: free secondary algorithms names") Signed-off-by: Andrey Skvortsov Reviewed-by: Sergey Senozhatsky Reported-by: Venkat Rao Bagalkote Closes: https://lore.kernel.org/lkml/57130e48-dbb6-4047-a8c7-ebf5aaea93f4@linux.vnet.ibm.com/ Tested-by: Venkat Rao Bagalkote Cc: Christophe JAILLET Cc: Jens Axboe Cc: Minchan Kim Cc: Sergey Senozhatsky Cc: Venkat Rao Bagalkote Cc: Chris Li Signed-off-by: Andrew Morton commit a530bbc53826c607f64e8ee466c3351efaf6aea5 Author: Huang Ying Date: Fri Sep 20 09:47:40 2024 +0800 memory tiers: use default_dram_perf_ref_source in log message Commit 3718c02dbd4c ("acpi, hmat: calculate abstract distance with HMAT") added a default_dram_perf_ref_source variable that was initialized but never used. This causes kmemleak to report the following memory leak: unreferenced object 0xff11000225a47b60 (size 16): comm "swapper/0", pid 1, jiffies 4294761654 hex dump (first 16 bytes): 41 43 50 49 20 48 4d 41 54 00 c1 4b 7d b7 75 7c ACPI HMAT..K}.u| backtrace (crc e6d0e7b2): [] __kmalloc_node_track_caller_noprof+0x36b/0x440 [] kstrdup+0x36/0x60 [] mt_set_default_dram_perf+0x23a/0x2c0 [] hmat_init+0x2b3/0x660 [] do_one_initcall+0x11c/0x5c0 [] do_initcalls+0x1b4/0x1f0 [] kernel_init_freeable+0x4ae/0x520 [] kernel_init+0x1c/0x150 [] ret_from_fork+0x31/0x70 [] ret_from_fork_asm+0x1a/0x30 This reminds us that we forget to use the performance data source information. So, use the variable in the error log message to help identify the root cause of inconsistent performance number. Link: https://lkml.kernel.org/r/87y13mvo0n.fsf@yhuang6-desk2.ccr.corp.intel.com Fixes: 3718c02dbd4c ("acpi, hmat: calculate abstract distance with HMAT") Signed-off-by: "Huang, Ying" Reported-by: Waiman Long Acked-by: Waiman Long Cc: Alistair Popple Cc: Dave Jiang Signed-off-by: Andrew Morton commit c509f67df398f985717601563db577e91e67787f Author: Guenter Roeck Date: Sun Sep 22 08:05:07 2024 -0700 Revert "list: test: fix tests for list_cut_position()" This reverts commit e620799c414a035dea1208bcb51c869744931dbb. The commit introduces unit test failures. Expected cur == &entries[i], but cur == 0000037fffadfd80 &entries[i] == 0000037fffadfd60 # list_test_list_cut_position: pass:0 fail:1 skip:0 total:1 not ok 21 list_test_list_cut_position # list_test_list_cut_before: EXPECTATION FAILED at lib/list-test.c:444 Expected cur == &entries[i], but cur == 0000037fffa9fd70 &entries[i] == 0000037fffa9fd60 # list_test_list_cut_before: EXPECTATION FAILED at lib/list-test.c:444 Expected cur == &entries[i], but cur == 0000037fffa9fd80 &entries[i] == 0000037fffa9fd70 Revert it. Link: https://lkml.kernel.org/r/20240922150507.553814-1-linux@roeck-us.net Fixes: e620799c414a ("list: test: fix tests for list_cut_position()") Signed-off-by: Guenter Roeck Cc: I Hsin Cheng Cc: David Gow Signed-off-by: Andrew Morton commit f30beffd977e98c33550bbeb6f278d157ff54844 Author: Muhammad Usama Anjum Date: Mon Sep 23 10:38:36 2024 +0500 kselftests: mm: fix wrong __NR_userfaultfd value grep -rnIF "#define __NR_userfaultfd" tools/include/uapi/asm-generic/unistd.h:681:#define __NR_userfaultfd 282 arch/x86/include/generated/uapi/asm/unistd_32.h:374:#define __NR_userfaultfd 374 arch/x86/include/generated/uapi/asm/unistd_64.h:327:#define __NR_userfaultfd 323 arch/x86/include/generated/uapi/asm/unistd_x32.h:282:#define __NR_userfaultfd (__X32_SYSCALL_BIT + 323) arch/arm/include/generated/uapi/asm/unistd-eabi.h:347:#define __NR_userfaultfd (__NR_SYSCALL_BASE + 388) arch/arm/include/generated/uapi/asm/unistd-oabi.h:359:#define __NR_userfaultfd (__NR_SYSCALL_BASE + 388) include/uapi/asm-generic/unistd.h:681:#define __NR_userfaultfd 282 The number is dependent on the architecture. The above data shows that: x86 374 x86_64 323 The value of __NR_userfaultfd was changed to 282 when asm-generic/unistd.h was included. It makes the test to fail every time as the correct number of this syscall on x86_64 is 323. Fix the header to asm/unistd.h. Link: https://lkml.kernel.org/r/20240923053836.3270393-1-usama.anjum@collabora.com Fixes: a5c6bc590094 ("selftests/mm: remove local __NR_* definitions") Signed-off-by: Muhammad Usama Anjum Reviewed-by: Shuah Khan Reviewed-by: David Hildenbrand Cc: John Hubbard Cc: Signed-off-by: Andrew Morton commit c5b1184decc819756ae549ba54c63b6790c4ddfd Author: Tiezhu Yang Date: Tue Sep 24 14:27:10 2024 +0800 compiler.h: specify correct attribute for .rodata..c_jump_table Currently, there is an assembler message when generating kernel/bpf/core.o under CONFIG_OBJTOOL with LoongArch compiler toolchain: Warning: setting incorrect section attributes for .rodata..c_jump_table This is because the section ".rodata..c_jump_table" should be readonly, but there is a "W" (writable) part of the flags: $ readelf -S kernel/bpf/core.o | grep -A 1 "rodata..c" [34] .rodata..c_j[...] PROGBITS 0000000000000000 0000d2e0 0000000000000800 0000000000000000 WA 0 0 8 There is no above issue on x86 due to the generated section flag is only "A" (allocatable). In order to silence the warning on LoongArch, specify the attribute like ".rodata..c_jump_table,\"a\",@progbits #" explicitly, then the section attribute of ".rodata..c_jump_table" must be readonly in the kernel/bpf/core.o file. Before: $ objdump -h kernel/bpf/core.o | grep -A 1 "rodata..c" 21 .rodata..c_jump_table 00000800 0000000000000000 0000000000000000 0000d2e0 2**3 CONTENTS, ALLOC, LOAD, RELOC, DATA After: $ objdump -h kernel/bpf/core.o | grep -A 1 "rodata..c" 21 .rodata..c_jump_table 00000800 0000000000000000 0000000000000000 0000d2e0 2**3 CONTENTS, ALLOC, LOAD, RELOC, READONLY, DATA By the way, AFAICT, maybe the root cause is related with the different compiler behavior of various archs, so to some extent this change is a workaround for LoongArch, and also there is no effect for x86 which is the only port supported by objtool before LoongArch with this patch. Link: https://lkml.kernel.org/r/20240924062710.1243-1-yangtiezhu@loongson.cn Signed-off-by: Tiezhu Yang Cc: Josh Poimboeuf Cc: Peter Zijlstra Cc: [6.9+] Signed-off-by: Andrew Morton commit 6901cf55de224b2ca51a5675b86c8ef241ae640c Author: Diederik de Haas Date: Tue Sep 24 10:21:46 2024 +0200 mm/damon/Kconfig: update DAMON doc URL The old URL doesn't really work anymore and as the documentation has been integrated in the main kernel documentation site, change the URL to point to that. Link: https://lkml.kernel.org/r/20240924082331.11499-1-didi.debian@cknow.org Signed-off-by: Diederik de Haas Reviewed-by: SeongJae Park Signed-off-by: Andrew Morton commit ff7f5ad7bce4fd14f8ed057f1f593ade2840e84d Author: qiwu.chen Date: Tue Sep 24 16:50:04 2024 +0800 mm: kfence: fix elapsed time for allocated/freed track Fix elapsed time for the allocated/freed track introduced by commit 62e73fd85d7bf. Link: https://lkml.kernel.org/r/20240924085004.75401-1-qiwu.chen@transsion.com Fixes: 62e73fd85d7b ("mm: kfence: print the elapsed time for allocated/freed track") Signed-off-by: qiwu.chen Reviewed-by: Marco Elver Cc: Alexander Potapenko Cc: Dmitry Vyukov Signed-off-by: Andrew Morton commit 7bf1823e010e8db2fb649c790bd1b449a75f52d8 Author: Mohammed Anees Date: Tue Sep 24 09:32:57 2024 +0000 ocfs2: fix deadlock in ocfs2_get_system_file_inode syzbot has found a possible deadlock in ocfs2_get_system_file_inode [1]. The scenario is depicted here, CPU0 CPU1 lock(&ocfs2_file_ip_alloc_sem_key); lock(&osb->system_file_mutex); lock(&ocfs2_file_ip_alloc_sem_key); lock(&osb->system_file_mutex); The function calls which could lead to this are: CPU0 ocfs2_mknod - lock(&ocfs2_file_ip_alloc_sem_key); . . . ocfs2_get_system_file_inode - lock(&osb->system_file_mutex); CPU1 - ocfs2_fill_super - lock(&osb->system_file_mutex); . . . ocfs2_read_virt_blocks - lock(&ocfs2_file_ip_alloc_sem_key); This issue can be resolved by making the down_read -> down_read_try in the ocfs2_read_virt_blocks. [1] https://syzkaller.appspot.com/bug?extid=e0055ea09f1f5e6fabdd Link: https://lkml.kernel.org/r/20240924093257.7181-1-pvmohammedanees2003@gmail.com Signed-off-by: Mohammed Anees Reviewed-by: Joseph Qi Reported-by: Closes: https://syzkaller.appspot.com/bug?extid=e0055ea09f1f5e6fabdd Tested-by: syzbot+e0055ea09f1f5e6fabdd@syzkaller.appspotmail.com Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Cc: Changwei Ge Cc: Gang He Cc: Jun Piao Cc: Signed-off-by: Andrew Morton commit 5ca60b86f57a4d9648f68418a725b3a7de2816b0 Author: Gautham Ananthakrishna Date: Wed Sep 18 06:38:44 2024 +0000 ocfs2: reserve space for inline xattr before attaching reflink tree One of our customers reported a crash and a corrupted ocfs2 filesystem. The crash was due to the detection of corruption. Upon troubleshooting, the fsck -fn output showed the below corruption [EXTENT_LIST_FREE] Extent list in owner 33080590 claims 230 as the next free chain record, but fsck believes the largest valid value is 227. Clamp the next record value? n The stat output from the debugfs.ocfs2 showed the following corruption where the "Next Free Rec:" had overshot the "Count:" in the root metadata block. Inode: 33080590 Mode: 0640 Generation: 2619713622 (0x9c25a856) FS Generation: 904309833 (0x35e6ac49) CRC32: 00000000 ECC: 0000 Type: Regular Attr: 0x0 Flags: Valid Dynamic Features: (0x16) HasXattr InlineXattr Refcounted Extended Attributes Block: 0 Extended Attributes Inline Size: 256 User: 0 (root) Group: 0 (root) Size: 281320357888 Links: 1 Clusters: 141738 ctime: 0x66911b56 0x316edcb8 -- Fri Jul 12 06:02:30.829349048 2024 atime: 0x66911d6b 0x7f7a28d -- Fri Jul 12 06:11:23.133669517 2024 mtime: 0x66911b56 0x12ed75d7 -- Fri Jul 12 06:02:30.317552087 2024 dtime: 0x0 -- Wed Dec 31 17:00:00 1969 Refcount Block: 2777346 Last Extblk: 2886943 Orphan Slot: 0 Sub Alloc Slot: 0 Sub Alloc Bit: 14 Tree Depth: 1 Count: 227 Next Free Rec: 230 ## Offset Clusters Block# 0 0 2310 2776351 1 2310 2139 2777375 2 4449 1221 2778399 3 5670 731 2779423 4 6401 566 2780447 ....... .... ....... ....... .... ....... The issue was in the reflink workfow while reserving space for inline xattr. The problematic function is ocfs2_reflink_xattr_inline(). By the time this function is called the reflink tree is already recreated at the destination inode from the source inode. At this point, this function reserves space for inline xattrs at the destination inode without even checking if there is space at the root metadata block. It simply reduces the l_count from 243 to 227 thereby making space of 256 bytes for inline xattr whereas the inode already has extents beyond this index (in this case up to 230), thereby causing corruption. The fix for this is to reserve space for inline metadata at the destination inode before the reflink tree gets recreated. The customer has verified the fix. Link: https://lkml.kernel.org/r/20240918063844.1830332-1-gautham.ananthakrishna@oracle.com Fixes: ef962df057aa ("ocfs2: xattr: fix inlined xattr reflink") Signed-off-by: Gautham Ananthakrishna Reviewed-by: Joseph Qi Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Cc: Changwei Ge Cc: Gang He Cc: Jun Piao Cc: Signed-off-by: Andrew Morton commit 8001070cfbec5cd4ea00b8b48ea51df91122f265 Author: Jeongjun Park Date: Tue Sep 24 22:00:53 2024 +0900 mm: migrate: annotate data-race in migrate_folio_unmap() I found a report from syzbot [1] This report shows that the value can be changed, but in reality, the value of __folio_set_movable() cannot be changed because it holds the folio refcount. Therefore, it is appropriate to add an annotate to make KCSAN ignore that data-race. [1] ================================================================== BUG: KCSAN: data-race in __filemap_remove_folio / migrate_pages_batch write to 0xffffea0004b81dd8 of 8 bytes by task 6348 on cpu 0: page_cache_delete mm/filemap.c:153 [inline] __filemap_remove_folio+0x1ac/0x2c0 mm/filemap.c:233 filemap_remove_folio+0x6b/0x1f0 mm/filemap.c:265 truncate_inode_folio+0x42/0x50 mm/truncate.c:178 shmem_undo_range+0x25b/0xa70 mm/shmem.c:1028 shmem_truncate_range mm/shmem.c:1144 [inline] shmem_evict_inode+0x14d/0x530 mm/shmem.c:1272 evict+0x2f0/0x580 fs/inode.c:731 iput_final fs/inode.c:1883 [inline] iput+0x42a/0x5b0 fs/inode.c:1909 dentry_unlink_inode+0x24f/0x260 fs/dcache.c:412 __dentry_kill+0x18b/0x4c0 fs/dcache.c:615 dput+0x5c/0xd0 fs/dcache.c:857 __fput+0x3fb/0x6d0 fs/file_table.c:439 ____fput+0x1c/0x30 fs/file_table.c:459 task_work_run+0x13a/0x1a0 kernel/task_work.c:228 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] exit_to_user_mode_loop kernel/entry/common.c:114 [inline] exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline] syscall_exit_to_user_mode+0xbe/0x130 kernel/entry/common.c:218 do_syscall_64+0xd6/0x1c0 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffffea0004b81dd8 of 8 bytes by task 6342 on cpu 1: __folio_test_movable include/linux/page-flags.h:699 [inline] migrate_folio_unmap mm/migrate.c:1199 [inline] migrate_pages_batch+0x24c/0x1940 mm/migrate.c:1797 migrate_pages_sync mm/migrate.c:1963 [inline] migrate_pages+0xff1/0x1820 mm/migrate.c:2072 do_mbind mm/mempolicy.c:1390 [inline] kernel_mbind mm/mempolicy.c:1533 [inline] __do_sys_mbind mm/mempolicy.c:1607 [inline] __se_sys_mbind+0xf76/0x1160 mm/mempolicy.c:1603 __x64_sys_mbind+0x78/0x90 mm/mempolicy.c:1603 x64_sys_call+0x2b4d/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:238 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0xffff888127601078 -> 0x0000000000000000 Link: https://lkml.kernel.org/r/20240924130053.107490-1-aha310510@gmail.com Fixes: 7e2a5e5ab217 ("mm: migrate: use __folio_test_movable()") Signed-off-by: Jeongjun Park Reported-by: syzbot Acked-by: David Hildenbrand Cc: Kefeng Wang Cc: Matthew Wilcox Cc: Zi Yan Cc: Signed-off-by: Andrew Morton commit dc677b5f3765cfd0944c8873d1ea57f1a3439676 Author: Steve Sistare Date: Wed Sep 4 12:41:08 2024 -0700 mm/hugetlb: simplify refs in memfd_alloc_folio The folio_try_get in memfd_alloc_folio is not necessary. Delete it, and delete the matching folio_put in memfd_pin_folios. This also avoids leaking a ref if the memfd_alloc_folio call to hugetlb_add_to_page_cache fails. That error path is also broken in a second way -- when its folio_put causes the ref to become 0, it will implicitly call free_huge_folio, but then the path *explicitly* calls free_huge_folio. Delete the latter. This is a continuation of the fix "mm/hugetlb: fix memfd_pin_folios free_huge_pages leak" [steven.sistare@oracle.com: remove explicit call to free_huge_folio(), per Matthew] Link: https://lkml.kernel.org/r/Zti-7nPVMcGgpcbi@casper.infradead.org Link: https://lkml.kernel.org/r/1725481920-82506-1-git-send-email-steven.sistare@oracle.com Link: https://lkml.kernel.org/r/1725478868-61732-1-git-send-email-steven.sistare@oracle.com Fixes: 89c1905d9c14 ("mm/gup: introduce memfd_pin_folios() for pinning memfd folios") Signed-off-by: Steve Sistare Suggested-by: Vivek Kasireddy Cc: David Hildenbrand Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Muchun Song Cc: Peter Xu Cc: Signed-off-by: Andrew Morton commit ce645b9fdc78ec5d28067286e92871ddae6817d5 Author: Steve Sistare Date: Tue Sep 3 07:25:21 2024 -0700 mm/gup: fix memfd_pin_folios alloc race panic If memfd_pin_folios tries to create a hugetlb page, but someone else already did, then folio gets the value -EEXIST here: folio = memfd_alloc_folio(memfd, start_idx); if (IS_ERR(folio)) { ret = PTR_ERR(folio); if (ret != -EEXIST) goto err; then on the next trip through the "while start_idx" loop we panic here: if (folio) { folio_put(folio); To fix, set the folio to NULL on error. Link: https://lkml.kernel.org/r/1725373521-451395-6-git-send-email-steven.sistare@oracle.com Fixes: 89c1905d9c14 ("mm/gup: introduce memfd_pin_folios() for pinning memfd folios") Signed-off-by: Steve Sistare Acked-by: Vivek Kasireddy Cc: David Hildenbrand Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Muchun Song Cc: Peter Xu Cc: Signed-off-by: Andrew Morton commit 9289f020da47ef04b28865589eeee3d56d4bafea Author: Steve Sistare Date: Tue Sep 3 07:25:20 2024 -0700 mm/gup: fix memfd_pin_folios hugetlb page allocation When memfd_pin_folios -> memfd_alloc_folio creates a hugetlb page, the index is wrong. The subsequent call to filemap_get_folios_contig thus cannot find it, and fails, and memfd_pin_folios loops forever. To fix, adjust the index for the huge_page_order. memfd_alloc_folio also forgets to unlock the folio, so the next touch of the page calls hugetlb_fault which blocks forever trying to take the lock. Unlock it. Link: https://lkml.kernel.org/r/1725373521-451395-5-git-send-email-steven.sistare@oracle.com Fixes: 89c1905d9c14 ("mm/gup: introduce memfd_pin_folios() for pinning memfd folios") Signed-off-by: Steve Sistare Acked-by: Vivek Kasireddy Cc: David Hildenbrand Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Muchun Song Cc: Peter Xu Cc: Signed-off-by: Andrew Morton commit 26a8ea80929c518bdec5e53a5776f95919b7c88e Author: Steve Sistare Date: Tue Sep 3 07:25:19 2024 -0700 mm/hugetlb: fix memfd_pin_folios resv_huge_pages leak memfd_pin_folios followed by unpin_folios leaves resv_huge_pages elevated if the pages were not already faulted in. During a normal page fault, resv_huge_pages is consumed here: hugetlb_fault() alloc_hugetlb_folio() dequeue_hugetlb_folio_vma() dequeue_hugetlb_folio_nodemask() dequeue_hugetlb_folio_node_exact() free_huge_pages-- resv_huge_pages-- During memfd_pin_folios, the page is created by calling alloc_hugetlb_folio_nodemask instead of alloc_hugetlb_folio, and resv_huge_pages is not modified: memfd_alloc_folio() alloc_hugetlb_folio_nodemask() dequeue_hugetlb_folio_nodemask() dequeue_hugetlb_folio_node_exact() free_huge_pages-- alloc_hugetlb_folio_nodemask has other callers that must not modify resv_huge_pages. Therefore, to fix, define an alternate version of alloc_hugetlb_folio_nodemask for this call site that adjusts resv_huge_pages. Link: https://lkml.kernel.org/r/1725373521-451395-4-git-send-email-steven.sistare@oracle.com Fixes: 89c1905d9c14 ("mm/gup: introduce memfd_pin_folios() for pinning memfd folios") Signed-off-by: Steve Sistare Acked-by: Vivek Kasireddy Cc: David Hildenbrand Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Muchun Song Cc: Peter Xu Cc: Signed-off-by: Andrew Morton commit c56b6f3d801d7ec8965993342bdd9e2972b6cb8e Author: Steve Sistare Date: Tue Sep 3 07:25:18 2024 -0700 mm/hugetlb: fix memfd_pin_folios free_huge_pages leak memfd_pin_folios followed by unpin_folios fails to restore free_huge_pages if the pages were not already faulted in, because the folio refcount for pages created by memfd_alloc_folio never goes to 0. memfd_pin_folios needs another folio_put to undo the folio_try_get below: memfd_alloc_folio() alloc_hugetlb_folio_nodemask() dequeue_hugetlb_folio_nodemask() dequeue_hugetlb_folio_node_exact() folio_ref_unfreeze(folio, 1); ; adds 1 refcount folio_try_get() ; adds 1 refcount hugetlb_add_to_page_cache() ; adds 512 refcount (on x86) With the fix, after memfd_pin_folios + unpin_folios, the refcount for the (unfaulted) page is 512, which is correct, as the refcount for a faulted unpinned page is 513. Link: https://lkml.kernel.org/r/1725373521-451395-3-git-send-email-steven.sistare@oracle.com Fixes: 89c1905d9c14 ("mm/gup: introduce memfd_pin_folios() for pinning memfd folios") Signed-off-by: Steve Sistare Acked-by: Vivek Kasireddy Cc: David Hildenbrand Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Muchun Song Cc: Peter Xu Cc: Signed-off-by: Andrew Morton commit c225c4f6056b46a8a5bf2ed35abf17a2d6887691 Author: Steve Sistare Date: Tue Sep 3 07:25:17 2024 -0700 mm/filemap: fix filemap_get_folios_contig THP panic Patch series "memfd-pin huge page fixes". Fix multiple bugs that occur when using memfd_pin_folios with hugetlb pages and THP. The hugetlb bugs only bite when the page is not yet faulted in when memfd_pin_folios is called. The THP bug bites when the starting offset passed to memfd_pin_folios is not huge page aligned. See the commit messages for details. This patch (of 5): memfd_pin_folios on memory backed by THP panics if the requested start offset is not huge page aligned: BUG: kernel NULL pointer dereference, address: 0000000000000036 RIP: 0010:filemap_get_folios_contig+0xdf/0x290 RSP: 0018:ffffc9002092fbe8 EFLAGS: 00010202 RAX: 0000000000000002 RBX: 0000000000000002 RCX: 0000000000000002 The fault occurs here, because xas_load returns a folio with value 2: filemap_get_folios_contig() for (folio = xas_load(&xas); folio && xas.xa_index <= end; folio = xas_next(&xas)) { ... if (!folio_try_get(folio)) <-- BOOM "2" is an xarray sibling entry. We get it because memfd_pin_folios does not round the indices passed to filemap_get_folios_contig to huge page boundaries for THP, so we load from the middle of a huge page range see a sibling. (It does round for hugetlbfs, at the is_file_hugepages test). To fix, if the folio is a sibling, then return the next index as the starting point for the next call to filemap_get_folios_contig. Link: https://lkml.kernel.org/r/1725373521-451395-1-git-send-email-steven.sistare@oracle.com Link: https://lkml.kernel.org/r/1725373521-451395-2-git-send-email-steven.sistare@oracle.com Fixes: 89c1905d9c14 ("mm/gup: introduce memfd_pin_folios() for pinning memfd folios") Signed-off-by: Steve Sistare Cc: David Hildenbrand Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Muchun Song Cc: Peter Xu Cc: Vivek Kasireddy Cc: Signed-off-by: Andrew Morton commit a3344078101ceee46d14a93f7e3a3b91a55d215b Author: Guenter Roeck Date: Tue Sep 24 08:42:05 2024 -0700 mm: make SPLIT_PTE_PTLOCKS depend on SMP SPLIT_PTE_PTLOCKS depends on "NR_CPUS >= 4". Unfortunately, that evaluates to true if there is no NR_CPUS configuration option. This results in CONFIG_SPLIT_PTE_PTLOCKS=y for mac_defconfig. This in turn causes the m68k "q800" and "virt" machines to crash in qemu if debugging options are enabled. Making CONFIG_SPLIT_PTE_PTLOCKS dependent on the existence of NR_CPUS does not work since a dependency on the existence of a numeric Kconfig entry always evaluates to false. Example: config HAVE_NO_NR_CPUS def_bool y depends on !NR_CPUS After adding this to a Kconfig file, "make defconfig" includes: $ grep NR_CPUS .config CONFIG_NR_CPUS=64 CONFIG_HAVE_NO_NR_CPUS=y Defining NR_CPUS for m68k does not help either since many architectures define NR_CPUS only for SMP configurations. Make SPLIT_PTE_PTLOCKS depend on SMP instead to solve the problem. Link: https://lkml.kernel.org/r/20240924154205.1491376-1-linux@roeck-us.net Fixes: 394290cba966 ("mm: turn USE_SPLIT_PTE_PTLOCKS / USE_SPLIT_PTE_PTLOCKS into Kconfig options") Signed-off-by: Guenter Roeck Acked-by: David Hildenbrand Reviewed-by: Geert Uytterhoeven Tested-by: Geert Uytterhoeven Signed-off-by: Andrew Morton commit c234c6534040b1c1f8adcaf44702fc3e584cb1fe Author: Lorenzo Stoakes Date: Tue Sep 24 19:07:24 2024 +0100 tools: fix shared radix-tree build The shared radix-tree build is not correctly recompiling when lib/maple_tree.c and lib/test_maple_tree.c are modified - fix this by adding these core components to the SHARED_DEPS list. Additionally, add missing header guards to shared header files. Link: https://lkml.kernel.org/r/20240924180724.112169-1-lorenzo.stoakes@oracle.com Fixes: 74579d8dab47 ("tools: separate out shared radix-tree components") Signed-off-by: Lorenzo Stoakes Tested-by: Sidhartha Kumar Cc: "Liam R. Howlett" Cc: Matthew Wilcox Cc: Vlastimil Babka Cc: Signed-off-by: Andrew Morton commit 22512c3ee0f47faab5def71c4453638923c62522 Merge: d7126c0cfc137a e860513f56d842 Author: Dave Airlie Date: Fri Sep 27 06:30:21 2024 +1000 Merge tag 'drm-intel-next-fixes-2024-09-26' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-next - Fix colorimetry detection for DP Signed-off-by: Dave Airlie From: Joonas Lahtinen Link: https://patchwork.freedesktop.org/patch/msgid/ZvURJYm5lo-XIzbY@jlahtine-mobl.ger.corp.intel.com commit 4c66f8307ac099f89038878b7789d72163a74751 Author: Alice Ryhl Date: Wed Sep 25 08:10:18 2024 +0000 cfi: encode cfi normalized integers + kasan/gcov bug in Kconfig There is a bug in the LLVM implementation of KASAN and GCOV that makes these options incompatible with the CFI_ICALL_NORMALIZE_INTEGERS option. The bug has already been fixed in llvm/clang [1] and rustc [2]. However, Kconfig currently has no way to gate features on the LLVM version inside rustc, so we cannot write down a precise `depends on` clause in this case. Instead, a `def_bool` option is defined for whether CFI_ICALL_NORMALIZE_INTEGERS is available, and its default value is set to false when GCOV or KASAN are turned on. End users using a patched clang/rustc can turn on the HAVE_CFI_ICALL_NORMALIZE_INTEGERS option directly to override this. An alternative solution is to inspect a binary created by clang or rustc to see whether the faulty CFI tags are in the binary. This would be a precise check, but it would involve hard-coding the *hashed* version of the CFI tag. This is because there's no way to get clang or rustc to output the unhased version of the CFI tag. Relying on the precise hashing algorithm using by CFI seems too fragile, so I have not pursued this option. Besides, this kind of hack is exactly what lead to the LLVM bug in the first place. If the CFI_ICALL_NORMALIZE_INTEGERS option is used without CONFIG_RUST, then we actually can perform a precise check today: just compare the clang version number. This works since clang and llvm are always updated in lockstep. However, encoding this in Kconfig would give the HAVE_CFI_ICALL_NORMALIZE_INTEGERS option a dependency on CONFIG_RUST, which is not possible as the reverse dependency already exists. HAVE_CFI_ICALL_NORMALIZE_INTEGERS is defined to be a `def_bool` instead of `bool` to avoid asking end users whether they want to turn on the option. Turning it on explicitly is something only experts should do, so making it hard to do so is not an issue. I added a `depends on CFI_CLANG` clause to the new Kconfig option. I'm not sure whether that makes sense or not, but it doesn't seem to make a big difference. In a future kernel release, I would like to add a Kconfig option similar to CLANG_VERSION/RUSTC_VERSION for inspecting the version of the LLVM inside rustc. Once that feature lands, this logic will be replaced with a precise version check. This check is not being introduced here to avoid introducing a new _VERSION constant in a fix. Link: https://github.com/llvm/llvm-project/pull/104826 [1] Link: https://github.com/rust-lang/rust/pull/129373 [2] Fixes: ce4a2620985c ("cfi: add CONFIG_CFI_ICALL_NORMALIZE_INTEGERS") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202409231044.4f064459-oliver.sang@intel.com Signed-off-by: Alice Ryhl Reviewed-by: Sami Tolvanen Link: https://lore.kernel.org/r/20240925-cfi-norm-kasan-fix-v1-1-0328985cdf33@google.com Signed-off-by: Miguel Ojeda commit 93e34a0b5c0e79ce765f01fd10f7817863fba23d Author: Alice Ryhl Date: Thu Sep 26 09:38:49 2024 +0000 rust: KASAN+RETHUNK requires rustc 1.83.0 When enabling both KASAN and RETHUNK, objtool emits the following warnings: rust/core.o: warning: objtool: asan.module_ctor+0x13: 'naked' return found in MITIGATION_RETHUNK build rust/core.o: warning: objtool: asan.module_dtor+0x13: 'naked' return found in MITIGATION_RETHUNK build This is caused by the -Zfunction-return=thunk-extern flag in rustc not informing LLVM about the mitigation at the module level (it does so at the function level only currently, which covers most cases, but both are required), which means that the KASAN functions asan.module_ctor and asan.module_dtor are generated without the rethunk mitigation. The other mitigations that we enabled for Rust (SLS, RETPOLINE) do not have the same bug, as they're being applied through the target-feature functionality instead. This is being fixed for rustc 1.83.0, so update Kconfig to reject this configuration on older compilers. Link: https://github.com/rust-lang/rust/pull/130824 Fixes: d7868550d573 ("x86/rust: support MITIGATION_RETHUNK") Reported-by: Miguel Ojeda Closes: https://lore.kernel.org/all/CANiq72myZL4_poCMuNFevtpYYc0V0embjSuKb7y=C+m3vVA_8g@mail.gmail.com/ Signed-off-by: Alice Ryhl Link: https://lore.kernel.org/r/20240926093849.1192264-1-aliceryhl@google.com [ Reworded to add the details mentioned in the list. - Miguel ] Signed-off-by: Miguel Ojeda commit af6017b6a315e9102582afb92640221d057f84f6 Author: Miguel Ojeda Date: Wed Sep 25 16:19:44 2024 +0200 rust: cfi: fix `patchable-function-entry` starting version The `-Zpatchable-function-entry` flag is available since Rust 1.81.0, not Rust 1.80.0, i.e. commit ac7595fdb1ee ("Support for -Z patchable-function-entry") in upstream Rust. Fixes: ca627e636551 ("rust: cfi: add support for CFI_CLANG with Rust") Reviewed-by: Alice Ryhl Reviewed-by: Fiona Behrens Link: https://lore.kernel.org/r/20240925141944.277936-1-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit d065cc76054d21e48a839a2a19ba99dbc51a4d11 Author: Dirk Behme Date: Mon Sep 16 09:37:52 2024 +0200 rust: mutex: fix __mutex_init() usage in case of PREEMPT_RT In case CONFIG_PREEMPT_RT is enabled __mutex_init() becomes a macro instead of an extern function (simplified from include/linux/mutex.h): #ifndef CONFIG_PREEMPT_RT extern void __mutex_init(struct mutex *lock, const char *name, struct lock_class_key *key); #else #define __mutex_init(mutex, name, key) \ do { \ rt_mutex_base_init(&(mutex)->rtmutex); \ __mutex_rt_init((mutex), name, key); \ } while (0) #endif The macro isn't resolved by bindgen, then. What results in a build error: error[E0425]: cannot find function `__mutex_init` in crate `bindings` --> rust/kernel/sync/lock/mutex.rs:104:28 | 104 | unsafe { bindings::__mutex_init(ptr, name, key) } | ^^^^^^^^^^^^ help: a function with a similar name exists: `__mutex_rt_init` | ::: rust/bindings/bindings_generated.rs:23722:5 | 23722 | / pub fn __mutex_rt_init( 23723 | | lock: *mut mutex, 23724 | | name: *const core::ffi::c_char, 23725 | | key: *mut lock_class_key, 23726 | | ); | |_____- similarly named function `__mutex_rt_init` defined here Fix this by adding a helper. As explained by Gary Guo in [1] no #ifdef CONFIG_PREEMPT_RT is needed here as rust/bindings/lib.rs prefers externed function to helpers if an externed function exists. Reported-by: Conor Dooley Link: https://lore.kernel.org/rust-for-linux/20240913-shack-estate-b376a65921b1@spud/ Link: https://lore.kernel.org/rust-for-linux/20240915123626.1a170103.gary@garyguo.net/ [1] Fixes: 6d20d629c6d8 ("rust: lock: introduce `Mutex`") Signed-off-by: Dirk Behme Tested-by: Conor Dooley Reviewed-by: Gary Guo Link: https://lore.kernel.org/r/20240916073752.3123484-1-dirk.behme@de.bosch.com [ Reworded to include the proper example by Dirk. - Miguel ] Signed-off-by: Miguel Ojeda commit 075dbe9f6e3c21596c5245826a4ee1f1c1676eb8 Merge: 348325d6444413 e3eb39e6bab564 Author: Linus Torvalds Date: Thu Sep 26 12:00:25 2024 -0700 Merge tag 'soc-ep93xx-dt-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull SoC update from Arnd Bergmann: "Convert ep93xx to devicetree This concludes a long journey towards replacing the old board files with devictree description on the Cirrus Logic EP93xx platform. Nikita Shubin has been working on this for a long time, for details see the last post on https://lore.kernel.org/lkml/20240909-ep93xx-v12-0-e86ab2423d4b@maquefel.me/" * tag 'soc-ep93xx-dt-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (47 commits) dt-bindings: gpio: ep9301: Add missing "#interrupt-cells" to examples MAINTAINERS: Update EP93XX ARM ARCHITECTURE maintainer soc: ep93xx: drop reference to removed EP93XX_SOC_COMMON config net: cirrus: use u8 for addr to calm down sparse dmaengine: cirrus: use snprintf() to calm down gcc 13.3.0 dmaengine: ep93xx: Fix a NULL vs IS_ERR() check in probe() pinctrl: ep93xx: Fix raster pins typo spi: ep93xx: update kerneldoc comments for ep93xx_spi clk: ep93xx: Fix off by one in ep93xx_div_recalc_rate() clk: ep93xx: add module license dmaengine: cirrus: remove platform code ASoC: cirrus: edb93xx: Delete driver ARM: ep93xx: soc: drop defines ARM: ep93xx: delete all boardfiles ata: pata_ep93xx: remove legacy pinctrl use pwm: ep93xx: drop legacy pinctrl ARM: ep93xx: DT for the Cirrus ep93xx SoC platforms ARM: dts: ep93xx: Add EDB9302 DT ARM: dts: ep93xx: add ts7250 board ARM: dts: add Cirrus EP93XX SoC .dtsi ... commit 348325d6444413caed020665b79603a2aaf00e2c Merge: 1abcb8c9934cc3 92a10d3861491d Author: Linus Torvalds Date: Thu Sep 26 11:54:40 2024 -0700 Merge tag 'asm-generic-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic Pull asm-generic updates from Arnd Bergmann: "These are only two small patches, one cleanup for arch/alpha and a preparation patch cleaning up the handling of runtime constants in the linker scripts" * tag 'asm-generic-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic: runtime constants: move list of constants to vmlinux.lds.h alpha: no need to include asm/xchg.h twice commit 1abcb8c9934cc3bd51f1bdc8916fa749b2e82cab Merge: a78282e2c94f4c 04736f7d194572 Author: Linus Torvalds Date: Thu Sep 26 11:44:55 2024 -0700 Merge tag 'efi-next-for-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi Pull EFI updates from Ard Biesheuvel: "Not a lot happening in EFI land this cycle. - Prevent kexec from crashing on a corrupted TPM log by using a memory type that is reserved by default - Log correctable errors reported via CPER - A couple of cosmetic fixes" * tag 'efi-next-for-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi: efi: Remove redundant null pointer checks in efi_debugfs_init() efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption efi/cper: Print correctable AER information efi: Remove unused declaration efi_initialize_iomem_resources() commit a78282e2c94f4ca80a2d7c56e4d1e9546be5596d Author: Linus Torvalds Date: Thu Sep 26 11:39:02 2024 -0700 Revert "binfmt_elf, coredump: Log the reason of the failed core dumps" This reverts commit fb97d2eb542faf19a8725afbd75cbc2518903210. The logging was questionable to begin with, but it seems to actively deadlock on the task lock. "On second thought, let's not log core dump failures. 'Tis a silly place" because if you can't tell your core dump is truncated, maybe you should just fix your debugger instead of adding bugs to the kernel. Reported-by: Vegard Nossum Link: https://lore.kernel.org/all/d122ece6-3606-49de-ae4d-8da88846bef2@oracle.com/ Signed-off-by: Linus Torvalds commit bfc4a245a794841cba5cf287034a0f60d3087402 Author: Christoph Hellwig Date: Thu Sep 26 08:35:24 2024 +0200 dma-mapping: fix DMA API tracing for chained scatterlists scatterlist allocations can be chained, and thus all iterations need to use the chain-aware iterators. Switch the newly added tracing to use the proper iterators so that they work with chained scatterlists. Fixes: 038eb433dc14 ("dma-mapping: add tracing for dma-mapping API calls") Reported-by: syzbot+95e4ef83a3024384ec7a@syzkaller.appspotmail.com Signed-off-by: Christoph Hellwig Reviewed-by: Sean Anderson Tested-by: syzbot+95e4ef83a3024384ec7a@syzkaller.appspotmail.com commit d1fb034b75a8a96fcb4bf01a7c0e1421eef833a3 Author: Tony Luck Date: Mon Sep 23 10:37:50 2024 -0700 x86/cpu: Add two Intel CPU model numbers Pantherlake is a mobile CPU. Diamond Rapids next generation Xeon. Signed-off-by: Tony Luck Signed-off-by: Dave Hansen Link: https://lore.kernel.org/all/20240923173750.16874-1-tony.luck%40intel.com commit 62a0e2fa40c5c06742b8b4997ba5095a3ec28503 Merge: 5e5466433d2660 aef3a58b06fa9d Author: Linus Torvalds Date: Thu Sep 26 10:27:10 2024 -0700 Merge tag 'net-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from Paolo Abeni: "Including fixes from netfilter. It looks like that most people are still traveling: both the ML volume and the processing capacity are low. Previous releases - regressions: - netfilter: - nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() - nf_tables: keep deleted flowtable hooks until after RCU - tcp: check skb is non-NULL in tcp_rto_delta_us() - phy: aquantia: fix -ETIMEDOUT PHY probe failure when firmware not present - eth: virtio_net: fix mismatched buf address when unmapping for small packets - eth: stmmac: fix zero-division error when disabling tc cbs - eth: bonding: fix unnecessary warnings and logs from bond_xdp_get_xmit_slave() Previous releases - always broken: - netfilter: - fix clash resolution for bidirectional flows - fix allocation with no memcg accounting - eth: r8169: add tally counter fields added with RTL8125 - eth: ravb: fix rx and tx frame size limit" * tag 'net-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (35 commits) selftests: netfilter: Avoid hanging ipvs.sh kselftest: add test for nfqueue induced conntrack race netfilter: nfnetlink_queue: remove old clash resolution logic netfilter: nf_tables: missing objects with no memcg accounting netfilter: nf_tables: use rcu chain hook list iterator from netlink dump path netfilter: ctnetlink: compile ctnetlink_label_size with CONFIG_NF_CONNTRACK_EVENTS netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n netfilter: nf_tables: Keep deleted flowtable hooks until after RCU docs: tproxy: ignore non-transparent sockets in iptables netfilter: ctnetlink: Guard possible unused functions selftests: netfilter: nft_tproxy.sh: add tcp tests selftests: netfilter: add reverse-clash resolution test case netfilter: conntrack: add clash resolution for reverse collisions netfilter: nf_nat: don't try nat source port reallocation for reverse dir clash selftests/net: packetdrill: increase timing tolerance in debug mode usbnet: fix cyclical race on disconnect with work queue net: stmmac: set PP_FLAG_DMA_SYNC_DEV only if XDP is enabled virtio_net: Fix mismatched buf address when unmapping for small packets bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave() r8169: add missing MODULE_FIRMWARE entry for RTL8126A rev.b ... commit 5e5466433d266046790c0af40a15af0a6be139a1 Merge: b707512b8b0739 0cf7befa3ea2e7 Author: Linus Torvalds Date: Thu Sep 26 10:13:08 2024 -0700 Merge tag 'char-misc-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc Pull char / misc driver updates from Greg KH: "Here is the "big" set of char/misc and other driver subsystem changes for 6.12-rc1. Lots of changes in here, primarily dominated by the usual IIO driver updates and additions, but there are also small driver subsystem updates all over the place. Included in here are: - lots and lots of new IIO drivers and updates to existing ones - interconnect subsystem updates and new drivers - nvmem subsystem updates and new drivers - mhi driver updates - power supply subsystem updates - kobj_type const work for many different small subsystems - comedi driver fix - coresight subsystem and driver updates - fpga subsystem improvements - slimbus fixups - binder new feature addition for "frozen" notifications - lots and lots of other small driver updates and cleanups All of these have been in linux-next for a long time with no reported problems" * tag 'char-misc-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (354 commits) greybus: gb-beagleplay: Add firmware upload API arm64: dts: ti: k3-am625-beagleplay: Add bootloader-backdoor-gpios to cc1352p7 dt-bindings: net: ti,cc1352p7: Add bootloader-backdoor-gpios MAINTAINERS: Update path for U-Boot environment variables YAML nvmem: layouts: add U-Boot env layout comedi: ni_routing: tools: Check when the file could not be opened ocxl: Remove the unused declarations in headr file hpet: Fix the wrong format specifier uio: Constify struct kobj_type cxl: Constify struct kobj_type binder: modify the comment for binder_proc_unlock iio: adc: axp20x_adc: add support for AXP717 ADC dt-bindings: iio: adc: Add AXP717 compatible iio: adc: axp20x_adc: Add adc_en1 and adc_en2 to axp_data w1: ds2482: Drop explicit initialization of struct i2c_device_id::driver_data to 0 tools: iio: rm .*.cmd when make clean iio: adc: standardize on formatting for id match tables iio: proximity: aw96103: Add support for aw96103/aw96105 proximity sensor bus: mhi: host: pci_generic: Enable EDL trigger for Foxconn modems bus: mhi: host: pci_generic: Update EDL firmware path for Foxconn modems ... commit b707512b8b07396f8982103a84285a165a1bd94c Merge: 356a0319456810 b4fdf9b1cd8b21 Author: Linus Torvalds Date: Thu Sep 26 10:04:35 2024 -0700 Merge tag 'staging-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging Pull staging driver updates from Greg KH: "Here is the big set of staging driver cleanups and removals for 6.12-rc1. Nothing exciting here, just slow, constant, forward progress in removing code and cleaning up some old drivers, along with removing one of them that was not being used anymore at all. In discussions with some developers this past week, even more deletions will be happening for the next major merge window, as we seems to have code here that obviously no one is using anymore. Along with the normal cleanups is the good vme_user code forward progress, the one major bright spot in the staging subsystem for code that people rely on, and is getting good development behind it. Hopefully it can graduate out of staging "soon". All of these changes have been in linux-next for a long time with no reported problems" * tag 'staging-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: (141 commits) staging: vt6655: Rename variable apTD1Rings staging: vt6655: Rename variable apTD0Rings staging: rtl8723bs: remove unused 'poll_cnt' from rtw_set_rpwm() staging: rtl8723bs: remove unused cnt from recv_func() staging: rtl8723bs: remove unused efuseValue from efuse_OneByteWrite() staging: rtl8712: remove unused drvinfo_sz from update_recvframe_attrib staging: vt6655: mac.h: Fix possible precedence issue in macros staging: rtl8723bs: include: Remove spaces before tabs in rtw_security.h staging: rtl8723bs: include: Fix trailing */ position in rtw_security.h staging: rtl8723bs: include: Fix indent for else block struct in rtw_security.h staging: rtl8723bs: include: Fix indent for struct _byte_ in rtw_security.h staging: rtl8723bs: include: Fix use of tabs for indent in rtw_security.h staging: rtl8723bs: include: Fix indent for switch block in rtw_security.h staging: rtl8723bs: include: Fix indent for switch case in rtw_security.h staging: rtl8723bs: include: Fix open brace position in rtw_security.h staging: nvec: Use IRQF_NO_AUTOEN flag in request_irq() staging: rtl8723bs: Remove unused file rtw_rf.c staging: rtl8723bs: Remove unused function rtw_ch2freq staging: rtl8723bs: Remove unused files rtw_debug.c and rtw_debug.h staging: rtl8723bs: Remove unused function dump_4_regs ... commit 356a0319456810f3a5618353f6ca3b0ef9965479 Merge: 4965ddb1669925 5ed771f174726a Author: Linus Torvalds Date: Thu Sep 26 09:59:50 2024 -0700 Merge tag 'tty-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty Pull tty / serial driver updates from Greg KH: "Here is the "big" set of tty/serial driver updates for 6.12-rc1. Nothing major in here, just nice forward progress in the slow cleanup of the serial apis, and lots of other driver updates and fixes. Included in here are: - serial api updates from Jiri to make things more uniform and sane - 8250_platform driver cleanups - samsung serial driver fixes and updates - qcom-geni serial driver fixes from Johan for the bizarre UART engine that that chip seems to have. Hopefully it's in a better state now, but hardware designers still seem to come up with more ways to make broken UARTS 40+ years after this all should have finished. - sc16is7xx driver updates - omap 8250 driver updates - 8250_bcm2835aux driver updates - a few new serial driver bindings added - other serial minor driver updates All of these have been in linux-next for a long time with no reported problems" * tag 'tty-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: (65 commits) tty: serial: samsung: Fix serial rx on Apple A7-A9 tty: serial: samsung: Fix A7-A11 serial earlycon SError tty: serial: samsung: Use bit manipulation macros for APPLE_S5L_* tty: rp2: Fix reset with non forgiving PCIe host bridges serial: 8250_aspeed_vuart: Enable module autoloading serial: qcom-geni: fix polled console corruption serial: qcom-geni: disable interrupts during console writes serial: qcom-geni: fix console corruption serial: qcom-geni: introduce qcom_geni_serial_poll_bitfield() serial: qcom-geni: fix arg types for qcom_geni_serial_poll_bit() soc: qcom: geni-se: add GP_LENGTH/IRQ_EN_SET/IRQ_EN_CLEAR registers serial: qcom-geni: fix false console tx restart serial: qcom-geni: fix fifo polling timeout tty: hvc: convert comma to semicolon mxser: convert comma to semicolon serial: 8250_bcm2835aux: Fix clock imbalance in PM resume serial: sc16is7xx: convert bitmask definitions to use BIT() macro serial: sc16is7xx: fix copy-paste errors in EFR_SWFLOWx_BIT constants serial: sc16is7xx: remove SC16IS7XX_MSR_DELTA_MASK serial: xilinx_uartps: Make cdns_rs485_supported static ... commit 4965ddb166992557a25848049f1a70e56050eb7a Merge: 13882369ceb9b0 68d4209158f43a Author: Linus Torvalds Date: Thu Sep 26 09:45:36 2024 -0700 Merge tag 'usb-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb Pull USB/Thunderbolt updates from Greg KH: "Here is the large set of USB and Thunderbolt changes for 6.12-rc1. Nothing "major" in here, except for a new 9p network gadget that has been worked on for a long time (all of the needed acks are here) Other than that, it's the usual set of: - Thunderbolt / USB4 driver updates and additions for new hardware - dwc3 driver updates and new features added - xhci driver updates - typec driver updates - USB gadget updates and api additions to make some gadgets more configurable by userspace - dwc2 driver updates - usb phy driver updates - usbip feature additions - other minor USB driver updates All of these have been in linux-next for a long time with no reported issues" * tag 'usb-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (145 commits) sub: cdns3: Use predefined PCI vendor ID constant sub: cdns2: Use predefined PCI vendor ID constant USB: misc: yurex: fix race between read and write USB: misc: cypress_cy7c63: check for short transfer USB: appledisplay: close race between probe and completion handler USB: class: CDC-ACM: fix race between get_serial and set_serial usb: r8a66597-hcd: make read-only const arrays static usb: typec: ucsi: Fix busy loop on ASUS VivoBooks usb: dwc3: rtk: Clean up error code in __get_dwc3_maximum_speed() usb: storage: ene_ub6250: Fix right shift warnings usb: roles: Improve the fix for a false positive recursive locking complaint locking/mutex: Introduce mutex_init_with_key() locking/mutex: Define mutex_init() once net/9p/usbg: fix CONFIG_USB_GADGET dependency usb: xhci: fix loss of data on Cadence xHC usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host usb: dwc3: imx8mp: disable SS_CON and U3 wakeup for system sleep usb: dwc3: imx8mp: add 2 software managed quirk properties for host mode usb: host: xhci-plat: Parse xhci-missing_cas_quirk and apply quirk usb: misc: onboard_usb_dev: add Microchip usb5744 SMBus programming support ... commit d4fc4d01471528da8a9797a065982e05090e1d81 Author: Alexey Gladkov (Intel) Date: Fri Sep 13 19:05:56 2024 +0200 x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handle_mmio() function checks if the #VE exception occurred in the kernel and rejects the operation if it did not. However, userspace can deceive the kernel into performing MMIO on its behalf. For example, if userspace can point a syscall to an MMIO address, syscall does get_user() or put_user() on it, triggering MMIO #VE. The kernel will treat the #VE as in-kernel MMIO. Ensure that the target MMIO address is within the kernel before decoding instruction. Fixes: 31d58c4e557d ("x86/tdx: Handle in-kernel MMIO") Signed-off-by: Alexey Gladkov (Intel) Signed-off-by: Dave Hansen Reviewed-by: Kirill A. Shutemov Acked-by: Dave Hansen Cc:stable@vger.kernel.org Link: https://lore.kernel.org/all/565a804b80387970460a4ebc67c88d1380f61ad1.1726237595.git.legion%40kernel.org commit 13882369ceb9b0953f9f5ff8563bbccfd80d0ffd Merge: ac34bb40f74859 1ee68f172482ab Author: Linus Torvalds Date: Thu Sep 26 09:25:28 2024 -0700 Merge tag 'hid-for-linus-2024092601' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid Pull HID fix from Jiri Kosina: "A revert of Device Tree binding for Goodix SPI HID driver (while keeping ACPI still available), as it conflicted with already existing binding and the original submitter didn't respond in time with a fix. We will be looking into ways how to reintroduce it properly (we have to agree on a way how to handle cases where vendor uses the very same product ID for I2C and SPI parts, leading to this kind conflict). But before that is settled, let's revert the to unbreak everybody else (Krzysztof Kozlowski)" * tag 'hid-for-linus-2024092601' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid: dt-bindings: input: Revert "dt-bindings: input: Goodix SPI HID Touchscreen" HID: hid-goodix: drop unsupported and undocumented DT part commit 2555906fd53e0a5239431d44fad695b420e94fdd Author: Qianqiang Liu Date: Thu Sep 26 19:59:11 2024 +0800 fbcon: break earlier in search_fb_in_map and search_for_mapped_con Break the for loop immediately upon finding the target, making the process more efficient. Signed-off-by: Qianqiang Liu Signed-off-by: Helge Deller commit f1ebbe4cd07d058f42174cc5b8c5efcf83de8ffa Author: Markus Elfring Date: Wed Sep 25 21:12:36 2024 +0200 fbdev: omapfb: Call of_node_put(ep) only once in omapdss_of_find_source_for_first_ep() An of_node_put(ep) call was immediately used after a pointer check for a of_graph_get_remote_port() call in this function implementation. Thus call such a function only once instead directly before the check. This issue was transformed by using the Coccinelle software. Signed-off-by: Markus Elfring Signed-off-by: Helge Deller commit 5b97eebcce1b4f3f07a71f635d6aa3af96c236e7 Author: Qianqiang Liu Date: Wed Sep 25 13:29:36 2024 +0800 fbcon: Fix a NULL pointer dereference issue in fbcon_putcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param { uint8_t type; struct tiocl_selection ts; }; int main() { struct fb_con2fbmap con2fb; struct param param; int fd = open("/dev/fb1", 0, 0); con2fb.console = 0x19; con2fb.framebuffer = 0; ioctl(fd, FBIOPUT_CON2FBMAP, &con2fb); param.type = 2; param.ts.xs = 0; param.ts.ys = 0; param.ts.xe = 0; param.ts.ye = 0; param.ts.sel_mode = 0; int fd1 = open("/dev/tty1", O_RDWR, 0); ioctl(fd1, TIOCLINUX, ¶m); con2fb.console = 1; con2fb.framebuffer = 0; ioctl(fd, FBIOPUT_CON2FBMAP, &con2fb); return 0; } After calling ioctl(fd1, TIOCLINUX, ¶m), the subsequent ioctl(fd, FBIOPUT_CON2FBMAP, &con2fb) causes the kernel to follow a different execution path: set_con2fb_map -> con2fb_init_display -> fbcon_set_disp -> redraw_screen -> hide_cursor -> clear_selection -> highlight -> invert_screen -> do_update_region -> fbcon_putcs -> ops->putcs Since ops->putcs is a NULL pointer, this leads to a kernel panic. To prevent this, we need to call set_blitting_type() within set_con2fb_map() to properly initialize ops->putcs. Reported-by: syzbot+3d613ae53c031502687a@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=3d613ae53c031502687a Tested-by: syzbot+3d613ae53c031502687a@syzkaller.appspotmail.com Signed-off-by: Qianqiang Liu Signed-off-by: Helge Deller commit ac34bb40f748593e585f4c414a59cf4404249a15 Merge: 5159938e10d876 665db14d0712ac Author: Linus Torvalds Date: Thu Sep 26 09:20:19 2024 -0700 Merge tag 'v6.12-rc-smb3-client-fixes-part2' of git://git.samba.org/sfrench/cifs-2.6 Pull smb client fixes from Steve French: "Most are from the recent SMB3.1.1 test event, and also an important netfs fix for a cifs mtime write regression - fix mode reported by stat of readonly directories and files - DFS (global namespace) related fixes - fixes for special file support via reparse points - mount improvement and reconnect fix - fix for noisy log message on umount - two netfs related fixes, one fixing a recent regression, and add new write tracepoint" * tag 'v6.12-rc-smb3-client-fixes-part2' of git://git.samba.org/sfrench/cifs-2.6: netfs, cifs: Fix mtime/ctime update for mmapped writes cifs: update internal version number smb: client: print failed session logoffs with FYI cifs: Fix reversion of the iter in cifs_readv_receive(). smb3: fix incorrect mode displayed for read-only files smb: client: fix parsing of device numbers smb: client: set correct device number on nfs reparse points smb: client: propagate error from cifs_construct_tcon() smb: client: fix DFS failover in multiuser mounts cifs: Make the write_{enter,done,err} tracepoints display netfs info smb: client: fix DFS interlink failover smb: client: improve purging of cached referrals smb: client: avoid unnecessary reconnects when refreshing referrals commit 5159938e10d876fd23d3a5474689a9f6e18a446e Merge: 0181f8c809d611 4e78dd6b4c27c5 Author: Linus Torvalds Date: Thu Sep 26 08:55:36 2024 -0700 Merge tag 'probes-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull probes updates from Masami Hiramatsu: - uprobes: make trace_uprobe->nhit counter a per-CPU one This makes uprobe event's hit counter per-CPU for improving scalability on multi-core environment - kprobes: Remove obsoleted declaration for init_test_probes Remove unused init_test_probes() from header - Raw tracepoint probe supports raw tracepoint events on modules: - add a function for iterating over all tracepoints in all modules - add a function for iterating over tracepoints in a module - support raw tracepoint events on modules - support raw tracepoints on future loaded modules - add a test for tracepoint events on modules" * tag 'probes-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: sefltests/tracing: Add a test for tracepoint events on modules tracing/fprobe: Support raw tracepoints on future loaded modules tracing/fprobe: Support raw tracepoint events on modules tracepoint: Support iterating tracepoints in a loading module tracepoint: Support iterating over tracepoints on modules kprobes: Remove obsoleted declaration for init_test_probes uprobes: turn trace_uprobe's nhit counter to be per-CPU one commit 732cd686cdd60f9d8c36edac2a14d8f5eea57ee1 Author: Gary Guo Date: Mon Sep 16 01:33:46 2024 +0100 rust: fix `ARCH_SLAB_MINALIGN` multiple definition error We use const helpers in form of const size_t RUST_CONST_HELPER_ARCH_SLAB_MINALIGN = ARCH_SLAB_MINALIGN; to aid generation of constants by bindgen because it is otherwise a macro definition of an expression and bindgen doesn't expand the constant. The helpers are then have `RUST_CONST_HELPER` prefix stripped and exposed to Rust code as if `ARCH_SLAB_MISALIGN` is generated natively by bindgen. This works well for most constants, but on RISC-V, `ARCH_SLAB_MINALIGN` is defined directly as literal constant if `!CONFIG_MMU`, and bindgen would generate `ARCH_SLAB_MINALIGN` directly, thus conflict with the one generated through the helper. To fix this, we simply need to block bindgen from generating directly without going through helper. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409160804.eSg9zh1e-lkp@intel.com/ Signed-off-by: Gary Guo Reviewed-by: Christian Schrefl Link: https://lore.kernel.org/r/20240916003347.1744345-1-gary@garyguo.net Signed-off-by: Miguel Ojeda commit a8ee30f45d5d57467ddb7877ed6914d0eba0af7f Author: Alice Ryhl Date: Sun Sep 15 14:41:28 2024 +0000 rust: sync: require `T: Sync` for `LockedBy::access` The `LockedBy::access` method only requires a shared reference to the owner, so if we have shared access to the `LockedBy` from several threads at once, then two threads could call `access` in parallel and both obtain a shared reference to the inner value. Thus, require that `T: Sync` when calling the `access` method. An alternative is to require `T: Sync` in the `impl Sync for LockedBy`. This patch does not choose that approach as it gives up the ability to use `LockedBy` with `!Sync` types, which is okay as long as you only use `access_mut`. Cc: stable@vger.kernel.org Fixes: 7b1f55e3a984 ("rust: sync: introduce `LockedBy`") Signed-off-by: Alice Ryhl Suggested-by: Boqun Feng Reviewed-by: Gary Guo Link: https://lore.kernel.org/r/20240915-locked-by-sync-fix-v2-1-1a8d89710392@google.com Signed-off-by: Miguel Ojeda commit ece207a83e464af710d641f29e32b7a144c48e79 Author: Miguel Ojeda Date: Thu Sep 26 14:47:51 2024 +0200 rust: kernel: sort Rust modules Rust modules are intended to be sorted, thus do so. This makes `rustfmtcheck` to pass again. Fixes: 570172569238 ("Merge tag 'rust-6.12' of https://github.com/Rust-for-Linux/linux") Reviewed-by: Alice Ryhl Link: https://lore.kernel.org/r/20240926124751.345471-1-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit 0181f8c809d6116a8347d8beb25a8c35ed22f7d7 Merge: 11a299a7933e03 efcd71af38be40 Author: Linus Torvalds Date: Thu Sep 26 08:43:17 2024 -0700 Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost Pull virtio updates from Michael Tsirkin: "Several new features here: - virtio-balloon supports new stats - vdpa supports setting mac address - vdpa/mlx5 suspend/resume as well as MKEY ops are now faster - virtio_fs supports new sysfs entries for queue info - virtio/vsock performance has been improved And fixes, cleanups all over the place" * tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost: (34 commits) vsock/virtio: avoid queuing packets when intermediate queue is empty vsock/virtio: refactor virtio_transport_send_pkt_work fw_cfg: Constify struct kobj_type vdpa/mlx5: Postpone MR deletion vdpa/mlx5: Introduce init/destroy for MR resources vdpa/mlx5: Rename mr_mtx -> lock vdpa/mlx5: Extract mr members in own resource struct vdpa/mlx5: Rename function vdpa/mlx5: Delete direct MKEYs in parallel vdpa/mlx5: Create direct MKEYs in parallel MAINTAINERS: add virtio-vsock driver in the VIRTIO CORE section virtio_fs: add sysfs entries for queue information virtio_fs: introduce virtio_fs_put_locked helper vdpa: Remove unused declarations vdpa/mlx5: Parallelize VQ suspend/resume for CVQ MQ command vdpa/mlx5: Small improvement for change_num_qps() vdpa/mlx5: Keep notifiers during suspend but ignore vdpa/mlx5: Parallelize device resume vdpa/mlx5: Parallelize device suspend vdpa/mlx5: Use async API for vq modify commands ... commit 579b2ba40ece57f3f9150f59dfe327e60a5445b5 Author: Luca Boccassi Date: Sun Sep 22 18:17:53 2024 +0200 dm verity: fallback to platform keyring also if key in trusted keyring is rejected If enabled, we fallback to the platform keyring if the trusted keyring doesn't have the key used to sign the roothash. But if pkcs7_verify() rejects the key for other reasons, such as usage restrictions, we do not fallback. Do so. Follow-up for 6fce1f40e95182ebbfe1ee3096b8fc0b37903269 Suggested-by: Serge Hallyn Signed-off-by: Luca Boccassi Acked-by: Jarkko Sakkinen Signed-off-by: Mikulas Patocka commit e6a3531dd542cb127c8de32ab1e54a48ae19962b Author: Mikulas Patocka Date: Tue Sep 24 15:18:29 2024 +0200 dm-verity: restart or panic on an I/O error Maxim Suhanov reported that dm-verity doesn't crash if an I/O error happens. In theory, this could be used to subvert security, because an attacker can create sectors that return error with the Write Uncorrectable command. Some programs may misbehave if they have to deal with EIO. This commit fixes dm-verity, so that if "panic_on_corruption" or "restart_on_corruption" was specified and an I/O error happens, the machine will panic or restart. This commit also changes kernel_restart to emergency_restart - kernel_restart calls reboot notifiers and these reboot notifiers may wait for the bio that failed. emergency_restart doesn't call the notifiers. Reported-by: Maxim Suhanov Signed-off-by: Mikulas Patocka Cc: stable@vger.kernel.org commit 0a92e5cdeef9fa4cba8bef6cd1d91cff6b5d300b Author: Shen Lichuan Date: Tue Sep 24 15:21:11 2024 +0200 dm: fix spelling errors Fixed some confusing spelling errors that were currently identified, the details are as follows: -in the code comments: dm-cache-target.c: 1371: exclussive ==> exclusive dm-raid.c: 2522: repective ==> respective Signed-off-by: Shen Lichuan Signed-off-by: Mikulas Patocka commit 4feb014bc79a42485b15bc3912dd3b0bca592520 Author: Dipendra Khadka Date: Sun Sep 22 16:47:01 2024 +0000 dm-cache: remove pointless error check Smatch reported following: ''' drivers/md/dm-cache-target.c:3204 parse_cblock_range() warn: sscanf doesn't return error codes drivers/md/dm-cache-target.c:3217 parse_cblock_range() warn: sscanf doesn't return error codes ''' Sscanf doesn't return negative values at all. Signed-off-by: Dipendra Khadka Signed-off-by: Mikulas Patocka commit c3e878ca7b6663d2ad77a6e17460fc47a2347f4a Author: Hongbo Li Date: Mon Sep 2 10:45:34 2024 +0800 sh: intc: Replace simple_strtoul() with kstrtoul() The function simple_strtoul() performs no error checking in scenarios where the input value overflows the intended output variable. We can replace the use of simple_strtoul() with the safer alternative kstrtoul(). This also allows us to print an error message in case of failure. Signed-off-by: Hongbo Li Reviewed-by: Geert Uytterhoeven Reviewed-by: John Paul Adrian Glaubitz Signed-off-by: John Paul Adrian Glaubitz commit 977fae6d611764d41de19b9ba01699b1618148f7 Author: Gaosheng Cui Date: Sat Aug 24 20:06:09 2024 +0800 sh: Remove unused declarations for make_maskreg_irq() and irq_mask_register make_maskreg_irq() and irq_mask_register have been removed since commit 5a4053b23262 ("sh: Kill off dead boards."), so remove the unused declarations. Signed-off-by: Gaosheng Cui Reviewed-by: John Paul Adrian Glaubitz Signed-off-by: John Paul Adrian Glaubitz commit 76f1ed087b562a469f2153076f179854b749c09a Author: Phil Sutter Date: Wed Sep 25 20:01:20 2024 +0200 netfilter: uapi: NFTA_FLOWTABLE_HOOK is NLA_NESTED Fix the comment which incorrectly defines it as NLA_U32. Fixes: 3b49e2e94e6e ("netfilter: nf_tables: add flow table netlink frontend") Signed-off-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso commit e3eb39e6bab564ed430172f37be835f84e923c23 Author: Rob Herring Date: Wed Sep 25 12:35:10 2024 -0500 dt-bindings: gpio: ep9301: Add missing "#interrupt-cells" to examples Enabling dtc interrupt_provider check reveals the examples are missing the "#interrupt-cells" property as it is a dependency of "interrupt-controller". Some of the indentation is off, so fix that too. Signed-off-by: Rob Herring (Arm) Reviewed-by: Nikita Shubin Signed-off-by: Arnd Bergmann commit aef3a58b06fa9d452ba863999ac34be1d0c65172 Merge: 72ef07554c5dca fc786304ad9803 Author: Paolo Abeni Date: Thu Sep 26 15:47:10 2024 +0200 Merge tag 'nf-24-09-26' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf Pablo Neira Ayuso says: ==================== Netfilter fixes for net v2: with kdoc fixes per Paolo Abeni. The following patchset contains Netfilter fixes for net: Patch #1 and #2 handle an esoteric scenario: Given two tasks sending UDP packets to one another, two packets of the same flow in each direction handled by different CPUs that result in two conntrack objects in NEW state, where reply packet loses race. Then, patch #3 adds a testcase for this scenario. Series from Florian Westphal. 1) NAT engine can falsely detect a port collision if it happens to pick up a reply packet as NEW rather than ESTABLISHED. Add extra code to detect this and suppress port reallocation in this case. 2) To complete the clash resolution in the reply direction, extend conntrack logic to detect clashing conntrack in the reply direction to existing entry. 3) Adds a test case. Then, an assorted list of fixes follow: 4) Add a selftest for tproxy, from Antonio Ojea. 5) Guard ctnetlink_*_size() functions under #if defined(CONFIG_NETFILTER_NETLINK_GLUE_CT) || defined(CONFIG_NF_CONNTRACK_EVENTS) From Andy Shevchenko. 6) Use -m socket --transparent in iptables tproxy documentation. From XIE Zhibang. 7) Call kfree_rcu() when releasing flowtable hooks to address race with netlink dump path, from Phil Sutter. 8) Fix compilation warning in nf_reject with CONFIG_BRIDGE_NETFILTER=n. From Simon Horman. 9) Guard ctnetlink_label_size() under CONFIG_NF_CONNTRACK_EVENTS which is its only user, to address a compilation warning. From Simon Horman. 10) Use rcu-protected list iteration over basechain hooks from netlink dump path. 11) Fix memcg for nf_tables, use GFP_KERNEL_ACCOUNT is not complete. 12) Remove old nfqueue conntrack clash resolution. Instead trying to use same destination address consistently which requires double DNAT, use the existing clash resolution which allows clashing packets go through with different destination. Antonio Ojea originally reported an issue from the postrouting chain, I proposed a fix: https://lore.kernel.org/netfilter-devel/ZuwSwAqKgCB2a51-@calendula/T/ which he reported it did not work for him. 13) Adds a selftest for patch 12. 14) Fixes ipvs.sh selftest. netfilter pull request 24-09-26 * tag 'nf-24-09-26' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: selftests: netfilter: Avoid hanging ipvs.sh kselftest: add test for nfqueue induced conntrack race netfilter: nfnetlink_queue: remove old clash resolution logic netfilter: nf_tables: missing objects with no memcg accounting netfilter: nf_tables: use rcu chain hook list iterator from netlink dump path netfilter: ctnetlink: compile ctnetlink_label_size with CONFIG_NF_CONNTRACK_EVENTS netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n netfilter: nf_tables: Keep deleted flowtable hooks until after RCU docs: tproxy: ignore non-transparent sockets in iptables netfilter: ctnetlink: Guard possible unused functions selftests: netfilter: nft_tproxy.sh: add tcp tests selftests: netfilter: add reverse-clash resolution test case netfilter: conntrack: add clash resolution for reverse collisions netfilter: nf_nat: don't try nat source port reallocation for reverse dir clash ==================== Link: https://patch.msgid.link/20240926110717.102194-1-pablo@netfilter.org Signed-off-by: Paolo Abeni commit a481b9d2baf77d8153361ff19634530bc7272899 Author: Nikita Shubin Date: Tue Sep 17 19:34:01 2024 +0300 MAINTAINERS: Update EP93XX ARM ARCHITECTURE maintainer Add myself as maintainer of EP93XX ARCHITECTURE. CC: Alexander Sverdlin CC: Arnd Bergmann Signed-off-by: Nikita Shubin Acked-by: Alexander Sverdlin Signed-off-by: Arnd Bergmann commit 84db6f27b26b5bebeeb85d1b6f6c035daa6f2ac2 Author: Lukas Bulwahn Date: Tue Sep 24 11:24:23 2024 +0200 soc: ep93xx: drop reference to removed EP93XX_SOC_COMMON config Commit 6eab0ce6e1c6 ("soc: Add SoC driver for Cirrus ep93xx") adds the config EP93XX_SOC referring to the config EP93XX_SOC_COMMON. Within the same patch series of the commit above, the commit 046322f1e1d9 ("ARM: ep93xx: DT for the Cirrus ep93xx SoC platforms") then removes the config EP93XX_SOC_COMMON. With that the reference to this config is obsolete. Simplify the expression in the EP93XX_SOC config definition. Signed-off-by: Lukas Bulwahn Reviewed-by: Nikita Shubin Signed-off-by: Arnd Bergmann commit 087913e0ba2b3b9d7ccbafb2acf5dab9e35ae1d5 Author: Tvrtko Ursulin Date: Tue Sep 24 11:19:09 2024 +0100 drm/sched: Always increment correct scheduler score Entities run queue can change during drm_sched_entity_push_job() so make sure to update the score consistently. Signed-off-by: Tvrtko Ursulin Fixes: d41a39dda140 ("drm/scheduler: improve job distribution with multiple queues") Cc: Nirmoy Das Cc: Christian König Cc: Luben Tuikov Cc: Matthew Brost Cc: David Airlie Cc: Daniel Vetter Cc: dri-devel@lists.freedesktop.org Cc: # v5.9+ Reviewed-by: Christian König Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240924101914.2713-4-tursulin@igalia.com Signed-off-by: Christian König commit cbc8764e29c2318229261a679b2aafd0f9072885 Author: Tvrtko Ursulin Date: Tue Sep 24 11:19:08 2024 +0100 drm/sched: Always wake up correct scheduler in drm_sched_entity_push_job Since drm_sched_entity_modify_sched() can modify the entities run queue, lets make sure to only dereference the pointer once so both adding and waking up are guaranteed to be consistent. Alternative of moving the spin_unlock to after the wake up would for now be more problematic since the same lock is taken inside drm_sched_rq_update_fifo(). v2: * Improve commit message. (Philipp) * Cache the scheduler pointer directly. (Christian) Signed-off-by: Tvrtko Ursulin Fixes: b37aced31eb0 ("drm/scheduler: implement a function to modify sched list") Cc: Christian König Cc: Alex Deucher Cc: Luben Tuikov Cc: Matthew Brost Cc: David Airlie Cc: Daniel Vetter Cc: Philipp Stanner Cc: dri-devel@lists.freedesktop.org Cc: # v5.7+ Reviewed-by: Christian König Link: https://patchwork.freedesktop.org/patch/msgid/20240924101914.2713-3-tursulin@igalia.com Signed-off-by: Christian König commit 4286cc2c953983d44d248c9de1c81d3a9643345c Author: Tvrtko Ursulin Date: Fri Sep 13 17:05:52 2024 +0100 drm/sched: Add locking to drm_sched_entity_modify_sched Without the locking amdgpu currently can race between amdgpu_ctx_set_entity_priority() (via drm_sched_entity_modify_sched()) and drm_sched_job_arm(), leading to the latter accesing potentially inconsitent entity->sched_list and entity->num_sched_list pair. v2: * Improve commit message. (Philipp) Signed-off-by: Tvrtko Ursulin Fixes: b37aced31eb0 ("drm/scheduler: implement a function to modify sched list") Cc: Christian König Cc: Alex Deucher Cc: Luben Tuikov Cc: Matthew Brost Cc: David Airlie Cc: Daniel Vetter Cc: dri-devel@lists.freedesktop.org Cc: Philipp Stanner Cc: # v5.7+ Reviewed-by: Christian König Link: https://patchwork.freedesktop.org/patch/msgid/20240913160559.49054-2-tursulin@igalia.com Signed-off-by: Christian König commit fc786304ad9803e8bb86b8599bc64d1c1746c75f Author: Phil Sutter Date: Thu Sep 19 14:40:00 2024 +0200 selftests: netfilter: Avoid hanging ipvs.sh If the client can't reach the server, the latter remains listening forever. Kill it after 5s of waiting. Fixes: 867d2190799a ("selftests: netfilter: add ipvs test script") Signed-off-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso commit e306e3739d9a35c89176281f9ff6c600fcc859a4 Author: Florian Westphal Date: Wed Sep 18 15:16:33 2024 +0200 kselftest: add test for nfqueue induced conntrack race The netfilter race happens when two packets with the same tuple are DNATed and enqueued with nfqueue in the postrouting hook. Once one of the packet is reinjected it may be DNATed again to a different destination, but the conntrack entry remains the same and the return packet was dropped. Based on earlier patch from Antonio Ojea. Link: https://bugzilla.netfilter.org/show_bug.cgi?id=1766 Co-developed-by: Antonio Ojea Signed-off-by: Antonio Ojea Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit 8af79d3edb5fd2dce35ea0a71595b6d4f9962350 Author: Florian Westphal Date: Wed Sep 18 15:13:39 2024 +0200 netfilter: nfnetlink_queue: remove old clash resolution logic For historical reasons there are two clash resolution spots in netfilter, one in nfnetlink_queue and one in conntrack core. nfnetlink_queue one was added first: If a colliding entry is found, NAT NAT transformation is reversed by calling nat engine again with altered tuple. See commit 368982cd7d1b ("netfilter: nfnetlink_queue: resolve clash for unconfirmed conntracks") for details. One problem is that nf_reroute() won't take an action if the queueing doesn't occur in the OUTPUT hook, i.e. when queueing in forward or postrouting, packet will be sent via the wrong path. Another problem is that the scenario addressed (2nd UDP packet sent with identical addresses while first packet is still being processed) can also occur without any nfqueue involvement due to threaded resolvers doing A and AAAA requests back-to-back. This lead us to add clash resolution logic to the conntrack core, see commit 6a757c07e51f ("netfilter: conntrack: allow insertion of clashing entries"). Instead of fixing the nfqueue based logic, lets remove it and let conntrack core handle this instead. Retain the ->update hook for sake of nfqueue based conntrack helpers. We could axe this hook completely but we'd have to split confirm and helper logic again, see commit ee04805ff54a ("netfilter: conntrack: make conntrack userspace helpers work again"). This SHOULD NOT be backported to kernels earlier than v5.6; they lack adequate clash resolution handling. Patch was originally written by Pablo Neira Ayuso. Reported-by: Antonio Ojea Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1766 Signed-off-by: Florian Westphal Tested-by: Antonio Ojea Signed-off-by: Pablo Neira Ayuso commit 69e687cea79fc99a17dfb0116c8644b9391b915e Author: Pablo Neira Ayuso Date: Wed Sep 18 14:19:45 2024 +0200 netfilter: nf_tables: missing objects with no memcg accounting Several ruleset objects are still not using GFP_KERNEL_ACCOUNT for memory accounting, update them. This includes: - catchall elements - compat match large info area - log prefix - meta secctx - numgen counters - pipapo set backend datastructure - tunnel private objects Fixes: 33758c891479 ("memcg: enable accounting for nft objects") Signed-off-by: Pablo Neira Ayuso commit 4ffcf5ca81c3b83180473eb0d3c010a1a7c6c4de Author: Pablo Neira Ayuso Date: Tue Sep 17 23:07:46 2024 +0200 netfilter: nf_tables: use rcu chain hook list iterator from netlink dump path Lockless iteration over hook list is possible from netlink dump path, use rcu variant to iterate over the hook list as is done with flowtable hooks. Fixes: b9703ed44ffb ("netfilter: nf_tables: support for adding new devices to an existing netdev chain") Reported-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso commit e1f1ee0e9ad8cbe660f5c104e791c5f1a7cf4c31 Author: Simon Horman Date: Mon Sep 16 16:14:41 2024 +0100 netfilter: ctnetlink: compile ctnetlink_label_size with CONFIG_NF_CONNTRACK_EVENTS Only provide ctnetlink_label_size when it is used, which is when CONFIG_NF_CONNTRACK_EVENTS is configured. Flagged by clang-18 W=1 builds as: .../nf_conntrack_netlink.c:385:19: warning: unused function 'ctnetlink_label_size' [-Wunused-function] 385 | static inline int ctnetlink_label_size(const struct nf_conn *ct) | ^~~~~~~~~~~~~~~~~~~~ The condition on CONFIG_NF_CONNTRACK_LABELS being removed by this patch guards compilation of non-trivial implementations of ctnetlink_dump_labels() and ctnetlink_label_size(). However, this is not necessary as each of these functions will always return 0 if CONFIG_NF_CONNTRACK_LABELS is not defined as each function starts with the equivalent of: struct nf_conn_labels *labels = nf_ct_labels_find(ct); if (!labels) return 0; And nf_ct_labels_find always returns NULL if CONFIG_NF_CONNTRACK_LABELS is not enabled. So I believe that the compiler optimises the code away in such cases anyway. Found by inspection. Compile tested only. Originally splitted in two patches, Pablo Neira Ayuso collapsed them and added Fixes: tag. Fixes: 0ceabd83875b ("netfilter: ctnetlink: deliver labels to userspace") Link: https://lore.kernel.org/netfilter-devel/20240909151712.GZ2097826@kernel.org/ Signed-off-by: Simon Horman Signed-off-by: Pablo Neira Ayuso commit fc56878ca1c288e49b5cbb43860a5938e3463654 Author: Simon Horman Date: Mon Sep 16 10:50:34 2024 +0100 netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n If CONFIG_BRIDGE_NETFILTER is not enabled, which is the case for x86_64 defconfig, then building nf_reject_ipv4.c and nf_reject_ipv6.c with W=1 using gcc-14 results in the following warnings, which are treated as errors: net/ipv4/netfilter/nf_reject_ipv4.c: In function 'nf_send_reset': net/ipv4/netfilter/nf_reject_ipv4.c:243:23: error: variable 'niph' set but not used [-Werror=unused-but-set-variable] 243 | struct iphdr *niph; | ^~~~ cc1: all warnings being treated as errors net/ipv6/netfilter/nf_reject_ipv6.c: In function 'nf_send_reset6': net/ipv6/netfilter/nf_reject_ipv6.c:286:25: error: variable 'ip6h' set but not used [-Werror=unused-but-set-variable] 286 | struct ipv6hdr *ip6h; | ^~~~ cc1: all warnings being treated as errors Address this by reducing the scope of these local variables to where they are used, which is code only compiled when CONFIG_BRIDGE_NETFILTER enabled. Compile tested and run through netfilter selftests. Reported-by: Andy Shevchenko Closes: https://lore.kernel.org/netfilter-devel/20240906145513.567781-1-andriy.shevchenko@linux.intel.com/ Signed-off-by: Simon Horman Signed-off-by: Pablo Neira Ayuso commit 642c89c475419b4d0c0d90e29d9c1a0e4351f379 Author: Phil Sutter Date: Thu Sep 12 14:21:33 2024 +0200 netfilter: nf_tables: Keep deleted flowtable hooks until after RCU Documentation of list_del_rcu() warns callers to not immediately free the deleted list item. While it seems not necessary to use the RCU-variant of list_del() here in the first place, doing so seems to require calling kfree_rcu() on the deleted item as well. Fixes: 3f0465a9ef02 ("netfilter: nf_tables: dynamically allocate hooks per net_device in flowtables") Signed-off-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso commit aa758763be6ddcc1c500c6e4e8a15d604e8eadba Author: 谢致邦 (XIE Zhibang) Date: Thu Sep 12 11:59:33 2024 +0000 docs: tproxy: ignore non-transparent sockets in iptables The iptables example was added in commit d2f26037a38a (netfilter: Add documentation for tproxy, 2008-10-08), but xt_socket 'transparent' option was added in commit a31e1ffd2231 (netfilter: xt_socket: added new revision of the 'socket' match supporting flags, 2009-06-09). Now add the 'transparent' option to the iptables example to ignore non-transparent sockets, which is also consistent with the nft example. Signed-off-by: 谢致邦 (XIE Zhibang) Signed-off-by: Pablo Neira Ayuso commit 2cadd3b17738a9160597e17b267876d6a10b7be5 Author: Andy Shevchenko Date: Tue Sep 10 11:35:33 2024 +0300 netfilter: ctnetlink: Guard possible unused functions Some of the functions may be unused (CONFIG_NETFILTER_NETLINK_GLUE_CT=n and CONFIG_NF_CONNTRACK_EVENTS=n), it prevents kernel builds with clang, `make W=1` and CONFIG_WERROR=y: net/netfilter/nf_conntrack_netlink.c:657:22: error: unused function 'ctnetlink_acct_size' [-Werror,-Wunused-function] 657 | static inline size_t ctnetlink_acct_size(const struct nf_conn *ct) | ^~~~~~~~~~~~~~~~~~~ net/netfilter/nf_conntrack_netlink.c:667:19: error: unused function 'ctnetlink_secctx_size' [-Werror,-Wunused-function] 667 | static inline int ctnetlink_secctx_size(const struct nf_conn *ct) | ^~~~~~~~~~~~~~~~~~~~~ net/netfilter/nf_conntrack_netlink.c:683:22: error: unused function 'ctnetlink_timestamp_size' [-Werror,-Wunused-function] 683 | static inline size_t ctnetlink_timestamp_size(const struct nf_conn *ct) | ^~~~~~~~~~~~~~~~~~~~~~~~ Fix this by guarding possible unused functions with ifdeffery. See also commit 6863f5643dd7 ("kbuild: allow Clang to find unused static inline functions for W=1 build"). Signed-off-by: Andy Shevchenko Reviewed-by: Simon Horman Signed-off-by: Pablo Neira Ayuso commit 7e37e0eacd22c41e354e4b5d6d448b13a201954a Author: Antonio Ojea Date: Thu Sep 12 06:17:54 2024 +0000 selftests: netfilter: nft_tproxy.sh: add tcp tests The TPROXY functionality is widely used, however, there are only mptcp selftests covering this feature. The selftests represent the most common scenarios and can also be used as selfdocumentation of the feature. UDP and TCP testcases are split in different files because of the different nature of the protocols, specially due to the challenges that present to reliable test UDP due to the connectionless nature of the protocol. UDP only covers the scenarios involving the prerouting hook. The UDP tests are signfinicantly slower than the TCP ones, hence they use a larger timeout, it takes 20 seconds to run the full UDP suite on a 48 vCPU Intel(R) Xeon(R) CPU @2.60GHz. Signed-off-by: Antonio Ojea Signed-off-by: Pablo Neira Ayuso commit a57856c0bbc238779e56ec9e48a7ba8e06d8bebf Author: Florian Westphal Date: Tue Sep 10 11:38:16 2024 +0200 selftests: netfilter: add reverse-clash resolution test case Add test program that is sending UDP packets in both directions and check that packets arrive without source port modification. Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit a4e6a1031e7769c63d17b8e97d79e25dd7271fd3 Author: Florian Westphal Date: Tue Sep 10 11:38:15 2024 +0200 netfilter: conntrack: add clash resolution for reverse collisions Given existing entry: ORIGIN: a:b -> c:d REPLY: c:d -> a:b And colliding entry: ORIGIN: c:d -> a:b REPLY: a:b -> c:d The colliding ct (and the associated skb) get dropped on insert. Permit this by checking if the colliding entry matches the reply direction. Happens when both ends send packets at same time, both requests are picked up as NEW, rather than NEW for the 'first' and 'ESTABLISHED' for the second packet. This is an esoteric condition, as ruleset must permit NEW connections in either direction and both peers must already have a bidirectional traffic flow at the time conntrack gets enabled. Allow the 'reverse' skb to pass and assign the existing (clashing) entry. While at it, also drop the extra 'dying' check, this is already tested earlier by the calling function. Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit d8f84a9bc7c4e07fdc4edc00f9e868b8db974ccb Author: Florian Westphal Date: Tue Sep 10 11:38:14 2024 +0200 netfilter: nf_nat: don't try nat source port reallocation for reverse dir clash A conntrack entry can be inserted to the connection tracking table if there is no existing entry with an identical tuple in either direction. Example: INITIATOR -> NAT/PAT -> RESPONDER Initiator passes through NAT/PAT ("us") and SNAT is done (saddr rewrite). Then, later, NAT/PAT machine itself also wants to connect to RESPONDER. This will not work if the SNAT done earlier has same IP:PORT source pair. Conntrack table has: ORIGINAL: $IP_INITATOR:$SPORT -> $IP_RESPONDER:$DPORT REPLY: $IP_RESPONDER:$DPORT -> $IP_NAT:$SPORT and new locally originating connection wants: ORIGINAL: $IP_NAT:$SPORT -> $IP_RESPONDER:$DPORT REPLY: $IP_RESPONDER:$DPORT -> $IP_NAT:$SPORT This is handled by the NAT engine which will do a source port reallocation for the locally originating connection that is colliding with an existing tuple by attempting a source port rewrite. This is done even if this new connection attempt did not go through a masquerade/snat rule. There is a rare race condition with connection-less protocols like UDP, where we do the port reallocation even though its not needed. This happens when new packets from the same, pre-existing flow are received in both directions at the exact same time on different CPUs after the conntrack table was flushed (or conntrack becomes active for first time). With strict ordering/single cpu, the first packet creates new ct entry and second packet is resolved as established reply packet. With parallel processing, both packets are picked up as new and both get their own ct entry. In this case, the 'reply' packet (picked up as ORIGINAL) can be mangled by NAT engine because a port collision is detected. This change isn't enough to prevent a packet drop later during nf_conntrack_confirm(), the existing clash resolution strategy will not detect such reverse clash case. This is resolved by a followup patch. Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit 72ef07554c5dcabb0053a147c4fd221a8e39bcfd Author: Willem de Bruijn Date: Thu Sep 19 08:43:42 2024 -0400 selftests/net: packetdrill: increase timing tolerance in debug mode Some packetdrill tests are flaky in debug mode. As discussed, increase tolerance. We have been doing this for debug builds outside ksft too. Previous setting was 10000. A manual 50 runs in virtme-ng showed two failures that needed 12000. To be on the safe side, Increase to 14000. Link: https://lore.kernel.org/netdev/Zuhhe4-MQHd3EkfN@mini-arch/ Fixes: 1e42f73fd3c2 ("selftests/net: packetdrill: import tcp/zerocopy") Reported-by: Stanislav Fomichev Signed-off-by: Willem de Bruijn Reviewed-by: Simon Horman Acked-by: Stanislav Fomichev Acked-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240919124412.3014326-1-willemdebruijn.kernel@gmail.com Signed-off-by: Paolo Abeni commit 04e906839a053f092ef53f4fb2d610983412b904 Author: Oliver Neukum Date: Thu Sep 19 14:33:42 2024 +0200 usbnet: fix cyclical race on disconnect with work queue The work can submit URBs and the URBs can schedule the work. This cycle needs to be broken, when a device is to be stopped. Use a flag to do so. This is a design issue as old as the driver. Signed-off-by: Oliver Neukum Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") CC: stable@vger.kernel.org Link: https://patch.msgid.link/20240919123525.688065-1-oneukum@suse.com Signed-off-by: Paolo Abeni commit b514c47ebf41a6536551ed28a05758036e6eca7c Author: Furong Xu <0x1207@gmail.com> Date: Thu Sep 19 20:10:28 2024 +0800 net: stmmac: set PP_FLAG_DMA_SYNC_DEV only if XDP is enabled Commit 5fabb01207a2 ("net: stmmac: Add initial XDP support") sets PP_FLAG_DMA_SYNC_DEV flag for page_pool unconditionally, page_pool_recycle_direct() will call page_pool_dma_sync_for_device() on every page even the page is not going to be reused by XDP program. When XDP is not enabled, the page which holds the received buffer will be recycled once the buffer is copied into new SKB by skb_copy_to_linear_data(), then the MAC core will never reuse this page any longer. Always setting PP_FLAG_DMA_SYNC_DEV wastes CPU cycles on unnecessary calling of page_pool_dma_sync_for_device(). After this patch, up to 9% noticeable performance improvement was observed on certain platforms. Fixes: 5fabb01207a2 ("net: stmmac: Add initial XDP support") Signed-off-by: Furong Xu <0x1207@gmail.com> Link: https://patch.msgid.link/20240919121028.1348023-1-0x1207@gmail.com Signed-off-by: Paolo Abeni commit c11a49d58ad229a1be1ebe08a2b68fedf83db6c8 Author: Wenbo Li Date: Thu Sep 19 16:13:51 2024 +0800 virtio_net: Fix mismatched buf address when unmapping for small packets Currently, the virtio-net driver will perform a pre-dma-mapping for small or mergeable RX buffer. But for small packets, a mismatched address without VIRTNET_RX_PAD and xdp_headroom is used for unmapping. That will result in unsynchronized buffers when SWIOTLB is enabled, for example, when running as a TDX guest. This patch unifies the address passed to the virtio core as the address of the virtnet header and fixes the mismatched buffer address. Changes from v2: unify the buf that passed to the virtio core in small and merge mode. Changes from v1: Use ctx to get xdp_headroom. Fixes: 295525e29a5b ("virtio_net: merge dma operations when filling mergeable buffers") Signed-off-by: Wenbo Li Signed-off-by: Jiahui Cen Signed-off-by: Ying Fang Reviewed-by: Xuan Zhuo Link: https://patch.msgid.link/20240919081351.51772-1-liwenbo.martin@bytedance.com Signed-off-by: Paolo Abeni commit ad604f0a4c040dcb8faf44dc72db25e457c28076 Author: Thomas Zimmermann Date: Tue Sep 24 10:41:03 2024 +0200 firmware/sysfb: Disable sysfb for firmware buffers with unknown parent The sysfb framebuffer handling only operates on graphics devices that provide the system's firmware framebuffer. If that device is not known, assume that any graphics device has been initialized by firmware. Fixes a problem on i915 where sysfb does not release the firmware framebuffer after the native graphics driver loaded. Reported-by: Borah, Chaitanya Kumar Closes: https://lore.kernel.org/dri-devel/SJ1PR11MB6129EFB8CE63D1EF6D932F94B96F2@SJ1PR11MB6129.namprd11.prod.outlook.com/ Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/12160 Signed-off-by: Thomas Zimmermann Fixes: b49420d6a1ae ("video/aperture: optionally match the device in sysfb_disable()") Cc: Javier Martinez Canillas Cc: Thomas Zimmermann Cc: Helge Deller Cc: Sam Ravnborg Cc: Daniel Vetter Cc: Alex Deucher Cc: dri-devel@lists.freedesktop.org Cc: Linux regression tracking (Thorsten Leemhuis) Cc: # v6.11+ Acked-by: Alex Deucher Reviewed-by: Javier Martinez Canillas Link: https://patchwork.freedesktop.org/patch/msgid/20240924084227.262271-1-tzimmermann@suse.de commit 9e676e571d39eb6189bf6d55a9c401ba2dd13410 Author: Shen Lichuan Date: Wed Sep 25 15:43:23 2024 +0800 ksmbd: Correct typos in multiple comments across various files Fixed some confusing typos that were currently identified witch codespell, the details are as follows: -in the code comments: fs/smb/common/smb2pdu.h:9: specfication ==> specification fs/smb/common/smb2pdu.h:494: usally ==> usually fs/smb/common/smb2pdu.h:1064: Attrubutes ==> Attributes fs/smb/server/connection.c:28: cleand ==> cleaned fs/smb/server/ksmbd_netlink.h:216: struture ==> structure fs/smb/server/oplock.c:799: conains ==> contains fs/smb/server/oplock.c:1487: containted ==> contained fs/smb/server/server.c:282: proccessing ==> processing fs/smb/server/smb_common.c:491: comforms ==> conforms fs/smb/server/xattr.h:102: ATTRIBUITE ==> ATTRIBUTE Signed-off-by: Shen Lichuan Acked-by: Namjae Jeon Signed-off-by: Steve French commit 8e2f6a0e2dc9db663b4ba2225822e7a3c4047bfb Author: Namjae Jeon Date: Tue Sep 24 22:39:29 2024 +0900 ksmbd: fix open failure from block and char device file char/block device file can't be opened with dentry_open() if device driver is not loaded. Use O_PATH flags for fake opening file to handle it if file is a block or char file. Signed-off-by: Namjae Jeon Signed-off-by: Steve French commit d782d6e1d9078d6b82f8468dd6421050165e7d75 Author: Namjae Jeon Date: Mon Sep 23 22:39:11 2024 +0900 ksmbd: remove unsafe_memcpy use in session setup Kees pointed out to just use directly ->Buffer instead of pointing ->Buffer using offset not to use unsafe_memcpy(). Suggested-by: Kees Cook Signed-off-by: Namjae Jeon Signed-off-by: Steve French commit a748db0c8c6a88da66c3ab3791bd1a229f4a7fee Author: Tejun Heo Date: Wed Sep 25 12:22:37 2024 -1000 tools/sched_ext: Receive misc updates from SCX repo Receive misc tools/sched_ext updates from https://github.com/sched-ext/scx to sync userspace bits. - LSP macros to help language servers. - bpf_cpumask_weight() declaration and cast_mask() helper. - Cosmetic updates to scx_flatcg.bpf.c. Signed-off-by: Tejun Heo commit 1e123fd73deb16cb362ecefb55c90c9196f4a6c2 Author: Tejun Heo Date: Wed Sep 25 11:58:44 2024 -1000 sched_ext: Add __COMPAT helpers for features added during v6.12 devel cycle cgroup support and scx_bpf_dispatch[_vtime]_from_dsq() are newly added since 8bb30798fd6e ("sched_ext: Fixes incorrect type in bpf_scx_init()") which is the current earliest commit targeted by BPF schedulers. Add compat helpers for them and apply them in the example schedulers. These will be dropped after a few kernel releases. The exact backward compatibility window hasn't been decided yet. Signed-off-by: Tejun Heo commit 11a299a7933e03c83818b431e6a1c53ad387423d Merge: fe29393877be63 a045553362b53f Author: Linus Torvalds Date: Wed Sep 25 14:56:40 2024 -0700 Merge tag 'for-6.12/block-20240925' of git://git.kernel.dk/linux Pull more block updates from Jens Axboe: - Improve blk-integrity segment counting and merging (Keith) - NVMe pull request via Keith: - Multipath fixes (Hannes) - Sysfs attribute list NULL terminate fix (Shin'ichiro) - Remove problematic read-back (Keith) - Fix for a regression with the IO scheduler switching freezing from 6.11 (Damien) - Use a raw spinlock for sbitmap, as it may get called from preempt disabled context (Ming) - Cleanup for bd_claiming waiting, using var_waitqueue() rather than the bit waitqueues, as that more accurately describes that it does (Neil) - Various cleanups (Kanchan, Qiu-ji, David) * tag 'for-6.12/block-20240925' of git://git.kernel.dk/linux: nvme: remove CC register read-back during enabling nvme: null terminate nvme_tls_attrs nvme-multipath: avoid hang on inaccessible namespaces nvme-multipath: system fails to create generic nvme device lib/sbitmap: define swap_lock as raw_spinlock_t block: Remove unused blk_limits_io_{min,opt} drbd: Fix atomicity violation in drbd_uuid_set_bm() block: Fix elv_iosched_local_module handling of "none" scheduler block: remove bogus union block: change wait on bd_claiming to use a var_waitqueue blk-integrity: improved sg segment mapping block: unexport blk_rq_count_integrity_sg nvme-rdma: use request to get integrity segments scsi: use request to get integrity segments block: provide a request helper for user integrity segments blk-integrity: consider entire bio list for merging blk-integrity: properly account for segments blk-mq: set the nr_integrity_segments from bio blk-mq: unconditional nr_integrity_segments commit fe29393877be63363247510b99ae9a8068cacb31 Merge: b2149f948c2d60 329ca3eed4a9a1 Author: Linus Torvalds Date: Wed Sep 25 14:49:34 2024 -0700 Merge tag 'spi-fix-v6.12-merge-window' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi Pull spi fixes from Mark Brown: "Some driver specific fixes that came in during the merge window. Lorenzo Bianconi did some extra testing on the recently added arioha driver and found some issues, Alexander Dahl fixed some issues with signal delays in the Atmel QSPI driver and Jinjie Ruan has been fixing some nits with runtime PM cleanup" * tag 'spi-fix-v6.12-merge-window' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi: spi: atmel-quadspi: Avoid overwriting delay register settings spi: airoha: remove read cache in airoha_snand_dirmap_read() spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time spi: atmel-quadspi: Undo runtime PM changes at driver exit time spi: airoha: fix airoha_snand_{write,read}_data data_len estimation spi: airoha: fix dirmap_{read,write} operations commit b2149f948c2d60880f94a68cc784eeefe1e78b77 Merge: aa486552a110fd 690286214916f3 Author: Linus Torvalds Date: Wed Sep 25 14:38:37 2024 -0700 Merge tag 'rtc-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux Pull RTC updates from Alexandre Belloni: "More conversions of DT bindings to yaml. There is one new driver, for the DFRobot SD2405AL and support for important features of the stm32 RTC. Summary: New driver: - DFRobot SD2405AL Drivers: - stm32: add alarm A out and LSCO support - sun6i: disable automatic clock input switching - m48t59: set range" * tag 'rtc-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux: rtc: rc5t619: use proper module tables rtc: m48t59: set range dt-bindings: rtc: microcrystal,rv3028: add #clock-cells property rtc: m48t59: Remove division condition with direct comparison rtc: at91sam9: fix OF node leak in probe() error path rtc: sun6i: disable automatic clock input switching dt-bindings: rtc: Drop non-trivial duplicate compatibles dt-bindings: vendor-prefixes: Add DFRobot. dt-bindings: rtc: Add support for SD2405AL. rtc: Add driver for SD2405AL rtc: s35390a: Drop vendorless compatible string from match table rtc: twl: convert comma to semicolon dt-bindings: rtc: sprd,sc2731-rtc: convert to YAML rtc: stm32: add alarm A out feature rtc: stm32: add Low Speed Clock Output (LSCO) support rtc: stm32: add pinctrl and pinmux interfaces dt-bindings: rtc: stm32: describe pinmux nodes commit 1ee68f172482ab3d165468b989026fe67d6ea908 Author: Krzysztof Kozlowski Date: Wed Sep 25 21:49:21 2024 +0200 dt-bindings: input: Revert "dt-bindings: input: Goodix SPI HID Touchscreen" This reverts commit 9184b17fbc23 ("dt-bindings: input: Goodix SPI HID Touchscreen") because it duplicates existing binding leadings to errors: goodix,gt7986u.example.dtb: touchscreen@0: compatible: 'oneOf' conditional failed, one must be fixed: ['goodix,gt7986u'] is too short 'goodix,gt7375p' was expected This was reported on mailing list on 6th of September, but no reaction happened from contributor or maintainer to fix it. Therefore let's drop binding which breaks and duplicates existing one. Fixes: 9184b17fbc23 ("dt-bindings: input: Goodix SPI HID Touchscreen") Reported-by: Rob Herring Closes: https://lore.kernel.org/all/CAL_Jsq+QfTtRj_JCqXzktQ49H8VUnztVuaBjvvkg3fwEHniUHw@mail.gmail.com/ Signed-off-by: Krzysztof Kozlowski Signed-off-by: Jiri Kosina commit c6bae35fd67087e2dd2d874d0553e59b2f132424 Author: Krzysztof Kozlowski Date: Wed Sep 25 21:49:20 2024 +0200 HID: hid-goodix: drop unsupported and undocumented DT part Drop support for Devicetree from, because the binding is being reverted (on basis of duplicating existing binding) and property was not added to the original binding. Signed-off-by: Krzysztof Kozlowski Signed-off-by: Jiri Kosina commit 4c411cca33cf1c21946b710b2eb59aca9f646703 Author: Artem Bityutskiy Date: Fri Sep 13 19:51:43 2024 +0300 intel_idle: fix ACPI _CST matching for newer Xeon platforms Background ~~~~~~~~~~ The driver uses 'use_acpi = true' in C-state custom table for all Xeon platforms. The meaning of this flag is as follows. 1. If a C-state from the custom table is defined in ACPI _CST (matched by the mwait hint), then enable this C-state. 2. Otherwise, disable this C-state, unless the C-sate definition in the custom table has the 'CPUIDLE_FLAG_ALWAYS_ENABLE' flag set, in which case enabled it. The goal is to honor BIOS C6 settings - If BIOS disables C6, disable it by default in the OS too (but it can be enabled via sysfs). This works well on Xeons that expose only one flavor of C6. This are all Xeons except for the newest Granite Rapids (GNR) and Sierra Forest (SRF). The problem ~~~~~~~~~~~ GNR and SRF have 2 flavors of C6: C6/C6P on GNR, C6S/C6SP on SRF. The the "P" flavor allows for the package C6, while the "non-P" flavor allows only for core/module C6. As far as this patch is concerned, both GNR and SRF platforms are handled the same way. Therefore, further discussion is focused on GNR, but it applies to SRF as well. On Intel Xeon platforms, BIOS exposes only 2 ACPI C-states: C1 and C2. Well, depending on BIOS settings, C2 may be named as C3. But there still will be only 2 states - C1 and C3. But this is a non-essential detail, so further discussion is focused on the ACPI C1 and C2 case. On pre-GNR/SRF Xeon platforms, ACPI C1 is mapped to C1 or C1E, and ACPI C2 is mapped to C6. The 'use_acpi' flag works just fine: * If ACPI C2 enabled, enable C6. * Otherwise, disable C6. However, on GNR there are 2 flavors of C6, so BIOS maps ACPI C2 to either C6 or C6P, depending on the user settings. As a result, due to the 'use_acpi' flag, 'intel_idle' disables least one of the C6 flavors. BIOS | OS | Verdict ----------------------------------------------------|--------- ACPI C2 disabled | C6 disabled, C6P disabled | OK ACPI C2 mapped to C6 | C6 enabled, C6P disabled | Not OK ACPI C2 mapped to C6P | C6 disabled, C6P enabled | Not OK The goal of 'use_acpi' is to honor BIOS ACPI C2 disabled case, which works fine. But if ACPI C2 is enabled, the goal is to enable all flavors of C6, not just one of the flavors. This was overlooked when enabling GNR/SRF platforms. In other words, before GNR/SRF, the ACPI C2 status was binary - enabled or disabled. But it is not binary on GNR/SRF, however the goal is to continue treat it as binary. The fix ~~~~~~~ Notice, that current algorithm matches ACPI and custom table C-states by the mwait hint. However, mwait hint consists of the 'state' and 'sub-state' parts, and all C6 flavors have the same state value of 0x20, but different sub-state values. Introduce new C-state table flag - CPUIDLE_FLAG_PARTIAL_HINT_MATCH and add it to both C6 flavors of the GNR/SRF platforms. When matching ACPI _CST and custom table C-states, match only the start part if the C-state has CPUIDLE_FLAG_PARTIAL_HINT_MATCH, other wise match both state and sub-state parts (as before). With this fix, GNR C-states enabled/disabled status looks like this. BIOS | OS ---------------------------------------------------- ACPI C2 disabled | C6 disabled, C6P disabled ACPI C2 mapped to C6 | C6 enabled, C6P enabled ACPI C2 mapped to C6P | C6 enabled, C6P enabled Possible alternative ~~~~~~~~~~~~~~~~~~~~ The alternative would be to remove 'use_acpi' flag for GNR and SRF. This would be a simpler solution, but it would violate the principle of least surprise - users of Xeon platforms are used to the fact that intel_idle honors C6 enabled/disabled flag. It is more consistent user experience if GNR/SRF continue doing so. How tested ~~~~~~~~~~ Tested on GNR and SRF platform with all the 3 BIOS configurations: ACPI C2 disabled, mapped to C6/C6S, mapped to C6P/C6SP. Tested on Ice lake Xeon and Sapphire Rapids Xeon platforms with ACPI C2 enabled and disabled, just to verify that the patch does not break older Xeons. Fixes: 92813fd5b156 ("intel_idle: add Sierra Forest SoC support") Fixes: 370406bf5738 ("intel_idle: add Granite Rapids Xeon support") Cc: 6.8+ # 6.8+ Signed-off-by: Artem Bityutskiy Link: https://patch.msgid.link/20240913165143.4140073-1-dedekind1@gmail.com [ rjw: Changelog edits ] Signed-off-by: Rafael J. Wysocki commit 7b124695db40d5c9c5295a94ae928a8d67a01c3d Author: Jianbo Liu Date: Mon Sep 2 09:40:58 2024 +0300 net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice The km.state is not checked in driver's delayed work. When xfrm_state_check_expire() is called, the state can be reset to XFRM_STATE_EXPIRED, even if it is XFRM_STATE_DEAD already. This happens when xfrm state is deleted, but not freed yet. As __xfrm_state_delete() is called again in xfrm timer, the following crash occurs. To fix this issue, skip xfrm_state_check_expire() if km.state is not XFRM_STATE_VALID. Oops: general protection fault, probably for non-canonical address 0xdead000000000108: 0000 [#1] SMP CPU: 5 UID: 0 PID: 7448 Comm: kworker/u102:2 Not tainted 6.11.0-rc2+ #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 Workqueue: mlx5e_ipsec: eth%d mlx5e_ipsec_handle_sw_limits [mlx5_core] RIP: 0010:__xfrm_state_delete+0x3d/0x1b0 Code: 0f 84 8b 01 00 00 48 89 fd c6 87 c8 00 00 00 05 48 8d bb 40 10 00 00 e8 11 04 1a 00 48 8b 95 b8 00 00 00 48 8b 85 c0 00 00 00 <48> 89 42 08 48 89 10 48 8b 55 10 48 b8 00 01 00 00 00 00 ad de 48 RSP: 0018:ffff88885f945ec8 EFLAGS: 00010246 RAX: dead000000000122 RBX: ffffffff82afa940 RCX: 0000000000000036 RDX: dead000000000100 RSI: 0000000000000000 RDI: ffffffff82afb980 RBP: ffff888109a20340 R08: ffff88885f945ea0 R09: 0000000000000000 R10: 0000000000000000 R11: ffff88885f945ff8 R12: 0000000000000246 R13: ffff888109a20340 R14: ffff88885f95f420 R15: ffff88885f95f400 FS: 0000000000000000(0000) GS:ffff88885f940000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f2163102430 CR3: 00000001128d6001 CR4: 0000000000370eb0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ? die_addr+0x33/0x90 ? exc_general_protection+0x1a2/0x390 ? asm_exc_general_protection+0x22/0x30 ? __xfrm_state_delete+0x3d/0x1b0 ? __xfrm_state_delete+0x2f/0x1b0 xfrm_timer_handler+0x174/0x350 ? __xfrm_state_delete+0x1b0/0x1b0 __hrtimer_run_queues+0x121/0x270 hrtimer_run_softirq+0x88/0xd0 handle_softirqs+0xcc/0x270 do_softirq+0x3c/0x50 __local_bh_enable_ip+0x47/0x50 mlx5e_ipsec_handle_sw_limits+0x7d/0x90 [mlx5_core] process_one_work+0x137/0x2d0 worker_thread+0x28d/0x3a0 ? rescuer_thread+0x480/0x480 kthread+0xb8/0xe0 ? kthread_park+0x80/0x80 ret_from_fork+0x2d/0x50 ? kthread_park+0x80/0x80 ret_from_fork_asm+0x11/0x20 Fixes: b2f7b01d36a9 ("net/mlx5e: Simulate missing IPsec TX limits hardware functionality") Signed-off-by: Jianbo Liu Reviewed-by: Leon Romanovsky Signed-off-by: Saeed Mahameed commit 023d2a43ed0d9ab73d4a35757121e4c8e01298e5 Author: Dragos Tatulea Date: Tue Aug 13 13:34:54 2024 +0300 net/mlx5e: SHAMPO, Fix overflow of hd_per_wq When having larger RQ sizes and small MTUs sizes, the hd_per_wq variable can overflow. Like in the following case: $> ethtool --set-ring eth1 rx 8192 $> ip link set dev eth1 mtu 144 $> ethtool --features eth1 rx-gro-hw on ... yields in dmesg: mlx5_core 0000:08:00.1: mlx5_cmd_out_err:808:(pid 194797): CREATE_MKEY(0x200) op_mod(0x0) failed, status bad parameter(0x3), syndrome (0x3bf6f), err(-22) because hd_per_wq is 64K which overflows to 0 and makes the command fail. This patch increases the variable size to 32 bit. Fixes: 99be56171fa9 ("net/mlx5e: SHAMPO, Re-enable HW-GRO") Signed-off-by: Dragos Tatulea Reviewed-by: Tariq Toukan Signed-off-by: Saeed Mahameed commit d15525f300109fac5477dce1b8fef244c5dc9ec3 Author: Yevgeny Kliteynik Date: Mon Sep 16 14:13:39 2024 +0300 net/mlx5: HWS, changed E2BIG error to a negative return code Fixed all the 'E2BIG' returns in error flow of functions to the negative '-E2BIG' as we are using negative error codes everywhere in HWS code. This also fixes the following smatch warnings: "warn: was negative '-E2BIG' intended?" Fixes: 74a778b4a63f ("net/mlx5: HWS, added definers handling") Reported-by: Dan Carpenter Closes: https://lore.kernel.org/all/f8c77688-7d83-4937-baba-ac844dfe2e0b@stanley.mountain/ Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit d8c561741ef83980114b3f7f95ffac54600f3f16 Author: Yevgeny Kliteynik Date: Thu Sep 19 12:17:59 2024 +0300 net/mlx5: HWS, fixed double-free in error flow of creating SQ When SQ creation fails, call the appropriate mlx5_core destroy function. This fixes the following smatch warnings: divers/net/ethernet/mellanox/mlx5/core/steering/hws/mlx5hws_send.c:739 hws_send_ring_open_sq() warn: 'sq->dep_wqe' double freed hws_send_ring_open_sq() warn: 'sq->wq_ctrl.buf.frags' double freed hws_send_ring_open_sq() warn: 'sq->wr_priv' double freed Fixes: 2ca62599aa0b ("net/mlx5: HWS, added send engine and context handling") Reported-by: Dan Carpenter Closes: https://lore.kernel.org/all/e4ebc227-4b25-49bf-9e4c-14b7ea5c6a07@stanley.mountain/ Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit 19da17010a55924f2b5540b0f61652cc5781af85 Author: Yevgeny Kliteynik Date: Mon Sep 23 11:44:30 2024 +0300 net/mlx5: Fix wrong reserved field in hca_cap_2 in mlx5_ifc Fixing the wrong size of a field in hca_cap_2. The bug was introduced by adding new fields for HWS and not fixing the reserved field size. Fixes: 34c626c3004a ("net/mlx5: Added missing mlx5_ifc definition for HW Steering") Signed-off-by: Yevgeny Kliteynik Reviewed-by: Tariq Toukan Signed-off-by: Saeed Mahameed commit f25389e779500cf4a59ef9804534237841bce536 Author: Elena Salomatkina Date: Tue Sep 24 19:00:18 2024 +0300 net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() In mlx5e_tir_builder_alloc() kvzalloc() may return NULL which is dereferenced on the next line in a reference to the modify field. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: a6696735d694 ("net/mlx5e: Convert TIR to a dedicated object") Signed-off-by: Elena Salomatkina Reviewed-by: Simon Horman Reviewed-by: Kalesh AP Reviewed-by: Tariq Toukan Reviewed-by: Gal Pressman Signed-off-by: Saeed Mahameed commit ec793155894140df7421d25903de2e6bc12c695b Author: Mohamed Khalfella Date: Wed Sep 4 22:02:48 2024 -0600 net/mlx5: Added cond_resched() to crdump collection Collecting crdump involves reading vsc registers from pci config space of mlx device, which can take long time to complete. This might result in starving other threads waiting to run on the cpu. Numbers I got from testing ConnectX-5 Ex MCX516A-CDAT in the lab: - mlx5_vsc_gw_read_block_fast() was called with length = 1310716. - mlx5_vsc_gw_read_fast() reads 4 bytes at a time. It was not used to read the entire 1310716 bytes. It was called 53813 times because there are jumps in read_addr. - On average mlx5_vsc_gw_read_fast() took 35284.4ns. - In total mlx5_vsc_wait_on_flag() called vsc_read() 54707 times. The average time for each call was 17548.3ns. In some instances vsc_read() was called more than one time when the flag was not set. As expected the thread released the cpu after 16 iterations in mlx5_vsc_wait_on_flag(). - Total time to read crdump was 35284.4ns * 53813 ~= 1.898s. It was seen in the field that crdump can take more than 5 seconds to complete. During that time mlx5_vsc_wait_on_flag() did not release the cpu because it did not complete 16 iterations. It is believed that pci config reads were slow. Adding cond_resched() every 128 register read improves the situation. In the common case the, crdump takes ~1.8989s, the thread yields the cpu every ~4.51ms. If crdump takes ~5s, the thread yields the cpu every ~18.0ms. Fixes: 8b9d8baae1de ("net/mlx5: Add Crdump support") Reviewed-by: Yuanyuan Zhong Signed-off-by: Mohamed Khalfella Reviewed-by: Moshe Shemesh Signed-off-by: Saeed Mahameed commit 2bcae12c795f32ddfbf8c80d1b5f1d3286341c32 Author: Gerd Bayer Date: Tue Sep 10 10:53:51 2024 +0200 net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This could fail, e.g. under memory pressure, when the IOMMU driver just can't allocate more memory for page tables. While the code tries to handle this in the path below the err_unmap label it erroneously unmaps one entry from the sq's FIFO list of active mappings. Since the current map attempt failed this unmap is removing some random DMA mapping that might still be required. If the PCI function now presents that IOVA, the IOMMU may assumes a rogue DMA access and e.g. on s390 puts the PCI function in error state. The erroneous behavior was seen in a stress-test environment that created memory pressure. Fixes: 5af75c747e2a ("net/mlx5e: Enhanced TX MPWQE for SKBs") Signed-off-by: Gerd Bayer Reviewed-by: Zhu Yanjun Acked-by: Maxim Mikityanskiy Signed-off-by: Saeed Mahameed commit aa486552a110fd6e625bb66b7edf0e0df7389a1a Merge: eb5b0f9812fff7 cb088e38aab4c7 Author: Linus Torvalds Date: Wed Sep 25 11:35:19 2024 -0700 Merge tag 'memblock-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock Pull memblock updates from Mike Rapoport: - new memblock_estimated_nr_free_pages() helper to replace totalram_pages() which is less accurate when CONFIG_DEFERRED_STRUCT_PAGE_INIT is set - fixes for memblock tests * tag 'memblock-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock: s390/mm: get estimated free pages by memblock api kernel/fork.c: get estimated free pages by memblock api mm/memblock: introduce a new helper memblock_estimated_nr_free_pages() memblock test: fix implicit declaration of function 'strscpy' memblock test: fix implicit declaration of function 'isspace' memblock test: fix implicit declaration of function 'memparse' memblock test: add the definition of __setup() memblock test: fix implicit declaration of function 'virt_to_phys' tools/testing: abstract two init.h into common include directory memblock tests: include export.h in linkage.h as kernel dose memblock tests: include memory_hotplug.h in mmzone.h as kernel dose commit eb5b0f9812fff72f82e6ecc9ad4dafaf4971a16a Merge: 4ffc45808373e3 d21dffe51baabf Author: Linus Torvalds Date: Wed Sep 25 11:21:06 2024 -0700 Merge tag 'sparc-for-6.12-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/alarsson/linux-sparc Pull sparc32 update from Andreas Larsson: - Remove an unused variable for sparc32 * tag 'sparc-for-6.12-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/alarsson/linux-sparc: arch/sparc: remove unused varible paddrbase in function leon_swprobe() commit 4ffc45808373e32112500756d6f02fe56c42f371 Merge: e520813b2de1d5 3af2e2f68cc6ba Author: Linus Torvalds Date: Wed Sep 25 11:17:25 2024 -0700 Merge tag 'powerpc-6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux Pull powerpc fixes from Michael Ellerman: - Fix build error in vdso32 when building 64-bit with COMPAT=y and -Os - Fix build error in pseries EEH when CONFIG_DEBUG_FS is not set Thanks to Christophe Leroy, Narayana Murty N, Christian Zigotzky, and Ritesh Harjani. * tag 'powerpc-6.12-2' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux: powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block powerpc/vdso32: Fix use of crtsavres for PPC64 commit e520813b2de1d58712c29f1b469d38d8dacecf0c Merge: 1f9c4a99675686 c147f663b6a581 Author: Linus Torvalds Date: Wed Sep 25 11:10:39 2024 -0700 Merge tag 'clang-format-6.12' of https://github.com/ojeda/linux Pull clang-format updates from Miguel Ojeda: "A routine update of the 'for_each' macro list" * tag 'clang-format-6.12' of https://github.com/ojeda/linux: clang-format: Update with v6.11-rc1's `for_each` macro list commit 1f9c4a996756867d678833c0513eabe4e8f1ed60 Author: Linus Torvalds Date: Wed Sep 25 11:08:28 2024 -0700 Kbuild: make MODVERSIONS support depend on not being a compile test build Currently the Rust support is gated on not having MODVERSIONS enabled, and as a result an "allmodconfig" build will disable Rust build tests. While MODVERSIONS configurations are worth build testing, the feature is not actually meaningful unless you run the result, and I'd rather get build coverage of Rust than MODVERSIONS. So let's disable MODVERSIONS for build testing until the Rust side clears up. Signed-off-by: Linus Torvalds commit 570172569238c66a482ec3eb5d766cc9cf255f69 Merge: 684a64bf32b6e4 a2f11547052001 Author: Linus Torvalds Date: Wed Sep 25 10:25:40 2024 -0700 Merge tag 'rust-6.12' of https://github.com/Rust-for-Linux/linux Pull Rust updates from Miguel Ojeda: "Toolchain and infrastructure: - Support 'MITIGATION_{RETHUNK,RETPOLINE,SLS}' (which cleans up objtool warnings), teach objtool about 'noreturn' Rust symbols and mimic '___ADDRESSABLE()' for 'module_{init,exit}'. With that, we should be objtool-warning-free, so enable it to run for all Rust object files. - KASAN (no 'SW_TAGS'), KCFI and shadow call sanitizer support. - Support 'RUSTC_VERSION', including re-config and re-build on change. - Split helpers file into several files in a folder, to avoid conflicts in it. Eventually those files will be moved to the right places with the new build system. In addition, remove the need to manually export the symbols defined there, reusing existing machinery for that. - Relax restriction on configurations with Rust + GCC plugins to just the RANDSTRUCT plugin. 'kernel' crate: - New 'list' module: doubly-linked linked list for use with reference counted values, which is heavily used by the upcoming Rust Binder. This includes 'ListArc' (a wrapper around 'Arc' that is guaranteed unique for the given ID), 'AtomicTracker' (tracks whether a 'ListArc' exists using an atomic), 'ListLinks' (the prev/next pointers for an item in a linked list), 'List' (the linked list itself), 'Iter' (an iterator over a 'List'), 'Cursor' (a cursor into a 'List' that allows to remove elements), 'ListArcField' (a field exclusively owned by a 'ListArc'), as well as support for heterogeneous lists. - New 'rbtree' module: red-black tree abstractions used by the upcoming Rust Binder. This includes 'RBTree' (the red-black tree itself), 'RBTreeNode' (a node), 'RBTreeNodeReservation' (a memory reservation for a node), 'Iter' and 'IterMut' (immutable and mutable iterators), 'Cursor' (bidirectional cursor that allows to remove elements), as well as an entry API similar to the Rust standard library one. - 'init' module: add 'write_[pin_]init' methods and the 'InPlaceWrite' trait. Add the 'assert_pinned!' macro. - 'sync' module: implement the 'InPlaceInit' trait for 'Arc' by introducing an associated type in the trait. - 'alloc' module: add 'drop_contents' method to 'BoxExt'. - 'types' module: implement the 'ForeignOwnable' trait for 'Pin>' and improve the trait's documentation. In addition, add the 'into_raw' method to the 'ARef' type. - 'error' module: in preparation for the upcoming Rust support for 32-bit architectures, like arm, locally allow Clippy lint for those. Documentation: - https://rust.docs.kernel.org has been announced, so link to it. - Enable rustdoc's "jump to definition" feature, making its output a bit closer to the experience in a cross-referencer. - Debian Testing now also provides recent Rust releases (outside of the freeze period), so add it to the list. MAINTAINERS: - Trevor is joining as reviewer of the "RUST" entry. And a few other small bits" * tag 'rust-6.12' of https://github.com/Rust-for-Linux/linux: (54 commits) kasan: rust: Add KASAN smoke test via UAF kbuild: rust: Enable KASAN support rust: kasan: Rust does not support KHWASAN kbuild: rust: Define probing macros for rustc kasan: simplify and clarify Makefile rust: cfi: add support for CFI_CLANG with Rust cfi: add CONFIG_CFI_ICALL_NORMALIZE_INTEGERS rust: support for shadow call stack sanitizer docs: rust: include other expressions in conditional compilation section kbuild: rust: replace proc macros dependency on `core.o` with the version text kbuild: rust: rebuild if the version text changes kbuild: rust: re-run Kconfig if the version text changes kbuild: rust: add `CONFIG_RUSTC_VERSION` rust: avoid `box_uninit_write` feature MAINTAINERS: add Trevor Gross as Rust reviewer rust: rbtree: add `RBTree::entry` rust: rbtree: add cursor rust: rbtree: add mutable iterator rust: rbtree: add iterator rust: rbtree: add red-black tree implementation backed by the C version ... commit d52ac79053a2f3eba04c1e7b56334df84d1d289f Author: Sreekant Somasekharan Date: Fri Sep 20 01:53:17 2024 -0400 drm/amdkfd: Add SDMA queue quantum support for GFX12 program SDMAx_QUEUEx_SCHEDULE_CNTL for context switch due to quantum in KFD for GFX12. Signed-off-by: Sreekant Somasekharan Reviewed-by: Harish Kasiviswanathan Signed-off-by: Alex Deucher Cc: stable@vger.kernel.org # 6.11.x commit 8048e5ade8224969023902b0b3f64470f9c250a7 Author: Saleemkhan Jamadar Date: Fri Sep 20 18:40:18 2024 +0530 drm/amdgpu/vcn: enable AV1 on both instances v1 - remove cs parse code (Christian) On VCN v4_0_6 AV1 is supported on both the instances. Remove cs IB parse code since explict handling of AV1 schedule is not required. Signed-off-by: Saleemkhan Jamadar Reviewed-by: Leo Liu Signed-off-by: Alex Deucher Cc: stable@vger.kernel.org commit e45b011d2c4146442a388113657b70f0c7cad09b Author: Mukul Joshi Date: Fri Sep 20 14:59:29 2024 -0400 drm/amdkfd: Fix CU occupancy for GFX 9.4.3 Make CU occupancy calculations work on GFX 9.4.3 by updating the logic to handle multiple XCCs correctly. Signed-off-by: Mukul Joshi Reviewed-by: Harish Kasiviswanathan Signed-off-by: Alex Deucher commit 6ae9e1aba97e4cdaa31a0bfdc07497ad0e915c84 Author: Mukul Joshi Date: Mon Sep 16 14:33:58 2024 -0400 drm/amdkfd: Update logic for CU occupancy calculations Currently, the code uses the IH_VMID_X_LUT register to map a queue's vmid to the corresponding PASID. This logic is racy since CP can update the VMID-PASID mapping anytime especially when there are more processes than number of vmids. Update the logic to calculate CU occupancy by matching doorbell offset of the queue with valid wave counts against the process's queues. Signed-off-by: Mukul Joshi Reviewed-by: Harish Kasiviswanathan Signed-off-by: Alex Deucher commit e1d27f7a9cea1e0c06699164e3b177862e7b4096 Author: ZhenGuo Yin Date: Thu Sep 19 11:38:04 2024 +0800 drm/amdgpu: skip coredump after job timeout in SRIOV VF FLR will be triggered by host driver before job timeout, hence the error status of GPU get cleared. Performing a coredump here is unnecessary. Signed-off-by: ZhenGuo Yin Acked-by: Alex Deucher Signed-off-by: Alex Deucher commit 126be9b2bef9c7068fdd464790d82e6d70f9d8e6 Author: Christian König Date: Wed Aug 21 13:55:41 2024 +0200 drm/amdgpu: sync to KFD fences before clearing PTEs This patch tries to solve the basic problem we also need to sync to the KFD fences of the BO because otherwise it can be that we clear PTEs while the KFD queues are still running. Signed-off-by: Christian König Acked-by: Felix Kuehling Signed-off-by: Alex Deucher commit 4771d2ecb7b9e4c2c73ede2908d7e7c989460981 Author: Jack Xiao Date: Wed Sep 18 17:07:13 2024 +0800 drm/amdgpu/mes12: set enable_level_process_quantum_check enable_level_process_quantum_check is requried to enable process quantum based scheduling. Signed-off-by: Jack Xiao Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher Cc: stable@vger.kernel.org # 6.11.x commit 4e78dd6b4c27c5a6d057f179ff6c1ddd75a7a2ab Author: Masami Hiramatsu (Google) Date: Sun Aug 18 19:43:35 2024 +0900 sefltests/tracing: Add a test for tracepoint events on modules Add a test case for tracepoint events on modules. This checks if it can add and remove the events correctly. Link: https://lore.kernel.org/all/172397781494.286558.7581515061075998225.stgit@devnote2/ Signed-off-by: Masami Hiramatsu (Google) commit 57a7e6de9e30cb40fd4b45e24e9eefedb84cdde5 Author: Masami Hiramatsu (Google) Date: Sun Aug 18 19:43:26 2024 +0900 tracing/fprobe: Support raw tracepoints on future loaded modules Support raw tracepoint events on future loaded (unloaded) modules. This allows user to create raw tracepoint events which can be used from module's __init functions. Note: since the kernel does not have any information about the tracepoints in the unloaded modules, fprobe events can not check whether the tracepoint exists nor extend the BTF based arguments. Link: https://lore.kernel.org/all/172397780593.286558.18360375226968537828.stgit@devnote2/ Suggested-by: Mathieu Desnoyers Signed-off-by: Masami Hiramatsu (Google) commit 67e9a9ee476e862fda27803bdce888c04e4b3380 Author: Masami Hiramatsu (Google) Date: Sun Aug 18 19:43:16 2024 +0900 tracing/fprobe: Support raw tracepoint events on modules Support raw tracepoint event on module by fprobe events. Since it only uses for_each_kernel_tracepoint() to find a tracepoint, the tracepoints on modules are not handled. Thus if user specified a tracepoint on a module, it shows an error. This adds new for_each_module_tracepoint() API to tracepoint subsystem, and uses it to find tracepoints on modules. Link: https://lore.kernel.org/all/172397779651.286558.15903703620679186867.stgit@devnote2/ Reported-by: don Closes: https://lore.kernel.org/all/20240530215718.aeec973a1d0bf058d39cb1e3@kernel.org/ Signed-off-by: Masami Hiramatsu (Google) commit d4df54f338e43c790460674a3cc7db35b8395421 Author: Masami Hiramatsu (Google) Date: Sun Aug 18 19:43:07 2024 +0900 tracepoint: Support iterating tracepoints in a loading module Add for_each_tracepoint_in_module() function to iterate tracepoints in a module. This API is needed for handling tracepoints in a loading module from tracepoint_module_notifier callback function. This also update for_each_module_tracepoint() to pass the module to callback function so that it can find module easily. Link: https://lore.kernel.org/all/172397778740.286558.15781131277732977643.stgit@devnote2/ Signed-off-by: Masami Hiramatsu (Google) commit d5dbf8b48a4620db771f399ed7fce32d447f04a6 Author: Masami Hiramatsu (Google) Date: Sun Aug 18 19:42:58 2024 +0900 tracepoint: Support iterating over tracepoints on modules Add for_each_module_tracepoint() for iterating over tracepoints on modules. This is similar to the for_each_kernel_tracepoint() but only for the tracepoints on modules (not including kernel built-in tracepoints). Link: https://lore.kernel.org/all/172397777800.286558.14554748203446214056.stgit@devnote2/ Signed-off-by: Masami Hiramatsu (Google) commit 47ffe0578aee45fed3a06d5dcff76cdebb303163 Author: Jason Andryuk Date: Fri Aug 23 15:36:30 2024 -0400 x86/pvh: Add 64bit relocation page tables The PVH entry point is 32bit. For a 64bit kernel, the entry point must switch to 64bit mode, which requires a set of page tables. In the past, PVH used init_top_pgt. This works fine when the kernel is loaded at LOAD_PHYSICAL_ADDR, as the page tables are prebuilt for this address. If the kernel is loaded at a different address, they need to be adjusted. __startup_64() adjusts the prebuilt page tables for the physical load address, but it is 64bit code. The 32bit PVH entry code can't call it to adjust the page tables, so it can't readily be re-used. 64bit PVH entry needs page tables set up for identity map, the kernel high map and the direct map. pvh_start_xen() enters identity mapped. Inside xen_prepare_pvh(), it jumps through a pv_ops function pointer into the highmap. The direct map is used for __va() on the initramfs and other guest physical addresses. Add a dedicated set of prebuild page tables for PVH entry. They are adjusted in assembly before loading. Add XEN_ELFNOTE_PHYS32_RELOC to indicate support for relocation along with the kernel's loading constraints. The maximum load address, KERNEL_IMAGE_SIZE - 1, is determined by a single pvh_level2_ident_pgt page. It could be larger with more pages. Signed-off-by: Jason Andryuk Reviewed-by: Juergen Gross Message-ID: <20240823193630.2583107-6-jason.andryuk@amd.com> Signed-off-by: Juergen Gross commit e3e8cd90f8e2eef67ded38f9c1a5f5520a407a62 Author: Jason Andryuk Date: Fri Aug 23 15:36:29 2024 -0400 x86/kernel: Move page table macros to header The PVH entry point will need an additional set of prebuild page tables. Move the macros and defines to pgtable_64.h, so they can be re-used. Signed-off-by: Jason Andryuk Reviewed-by: Juergen Gross Acked-by: Dave Hansen Message-ID: <20240823193630.2583107-5-jason.andryuk@amd.com> Signed-off-by: Juergen Gross commit ada1986d07976d60bed5017aa38b7f7cf27883f7 Author: Tetsuo Handa Date: Wed Sep 25 22:30:59 2024 +0900 tomoyo: fallback to realpath if symlink's pathname does not exist Alfred Agrell found that TOMOYO cannot handle execveat(AT_EMPTY_PATH) inside chroot environment where /dev and /proc are not mounted, for commit 51f39a1f0cea ("syscalls: implement execveat() system call") missed that TOMOYO tries to canonicalize argv[0] when the filename fed to the executed program as argv[0] is supplied using potentially nonexistent pathname. Since "/dev/fd/" already lost symlink information used for obtaining that , it is too late to reconstruct symlink's pathname. Although part of "/dev/fd//" might not be canonicalized, TOMOYO cannot use tomoyo_realpath_nofollow() when /dev or /proc is not mounted. Therefore, fallback to tomoyo_realpath_from_path() when tomoyo_realpath_nofollow() failed. Reported-by: Alfred Agrell Closes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082001 Fixes: 51f39a1f0cea ("syscalls: implement execveat() system call") Cc: stable@vger.kernel.org # v3.19+ Signed-off-by: Tetsuo Handa commit e249786b2188107a7c50e7174d35f955a60988a1 Author: Alexey Klimov Date: Wed Sep 25 05:38:23 2024 +0100 ASoC: codecs: lpass-rx-macro: add missing CDC_RX_BCL_VBAT_RF_PROC2 to default regs values CDC_RX_BCL_VBAT_RF_PROC1 is listed twice and its default value is 0x2a which is overwriten by its next occurence in rx_defaults[]. The second one should be missing CDC_RX_BCL_VBAT_RF_PROC2 instead and its default value is expected 0x0. Signed-off-by: Alexey Klimov Link: https://patch.msgid.link/20240925043823.520218-2-alexey.klimov@linaro.org Signed-off-by: Mark Brown commit b464b461d27d564125db760938643374864c1b1f Author: Jason Andryuk Date: Fri Aug 23 15:36:28 2024 -0400 x86/pvh: Set phys_base when calling xen_prepare_pvh() phys_base needs to be set for __pa() to work in xen_pvh_init() when finding the hypercall page. Set it before calling into xen_prepare_pvh(), which calls xen_pvh_init(). Clear it afterward to avoid __startup_64() adding to it and creating an incorrect value. Signed-off-by: Jason Andryuk Reviewed-by: Juergen Gross Message-ID: <20240823193630.2583107-4-jason.andryuk@amd.com> Signed-off-by: Juergen Gross commit 1db29f99edb056d8445876292f53a63459142309 Author: Jason Andryuk Date: Fri Aug 23 15:36:27 2024 -0400 x86/pvh: Make PVH entrypoint PIC for x86-64 The PVH entrypoint is 32bit non-PIC code running the uncompressed vmlinux at its load address CONFIG_PHYSICAL_START - default 0x1000000 (16MB). The kernel is loaded at that physical address inside the VM by the VMM software (Xen/QEMU). When running a Xen PVH Dom0, the host reserved addresses are mapped 1-1 into the PVH container. There exist system firmwares (Coreboot/EDK2) with reserved memory at 16MB. This creates a conflict where the PVH kernel cannot be loaded at that address. Modify the PVH entrypoint to be position-indepedent to allow flexibility in load address. Only the 64bit entry path is converted. A 32bit kernel is not PIC, so calling into other parts of the kernel, like xen_prepare_pvh() and mk_pgtable_32(), don't work properly when relocated. This makes the code PIC, but the page tables need to be updated as well to handle running from the kernel high map. The UNWIND_HINT_END_OF_STACK is to silence: vmlinux.o: warning: objtool: pvh_start_xen+0x7f: unreachable instruction after the lret into 64bit code. Signed-off-by: Jason Andryuk Reviewed-by: Juergen Gross Message-ID: <20240823193630.2583107-3-jason.andryuk@amd.com> Signed-off-by: Juergen Gross commit 08377ed24feef66866d0c6aabcae0aec515cf2ca Author: Jason Andryuk Date: Fri Aug 23 15:36:26 2024 -0400 xen: sync elfnote.h from xen tree Sync Xen's elfnote.h header from xen.git to pull in the XEN_ELFNOTE_PHYS32_RELOC define. xen commit dfc9fab00378 ("x86/PVH: Support relocatable dom0 kernels") This is a copy except for the removal of the emacs editor config at the end of the file. Signed-off-by: Jason Andryuk Reviewed-by: Juergen Gross Message-ID: <20240823193630.2583107-2-jason.andryuk@amd.com> Signed-off-by: Juergen Gross commit ce4db753de21abfb7516ef64aff907813e8a8e3e Author: Gaosheng Cui Date: Mon Aug 26 11:25:52 2024 +0800 kprobes: Remove obsoleted declaration for init_test_probes The init_test_probes() have been removed since commit e44e81c5b90f ("kprobes: convert tests to kunit"), and now it is useless, so remove it. Link: https://lore.kernel.org/all/20240826032552.4016314-1-cuigaosheng1@huawei.com/ Signed-off-by: Gaosheng Cui Signed-off-by: Masami Hiramatsu (Google) commit 10cdb82aa77f313dcfe947a17f7fc12c5affb38e Author: Andrii Nakryiko Date: Tue Aug 13 13:34:09 2024 -0700 uprobes: turn trace_uprobe's nhit counter to be per-CPU one trace_uprobe->nhit counter is not incremented atomically, so its value is questionable in when uprobe is hit on multiple CPUs simultaneously. Also, doing this shared counter increment across many CPUs causes heavy cache line bouncing, limiting uprobe/uretprobe performance scaling with number of CPUs. Solve both problems by making this a per-CPU counter. Link: https://lore.kernel.org/all/20240813203409.3985398-1-andrii@kernel.org/ Reviewed-by: Oleg Nesterov Signed-off-by: Andrii Nakryiko Signed-off-by: Masami Hiramatsu (Google) commit b9efbe2b8f0177fa97bfab290d60858900aa196b Author: Michael S. Tsirkin Date: Mon Sep 16 14:16:44 2024 -0400 virtio_console: fix misc probe bugs This fixes the following issue discovered by code review: after vqs have been created, a buggy device can send an interrupt. A control vq callback will then try to schedule control_work which has not been initialized yet. Similarly for config interrupt. Further, in and out vq callbacks invoke find_port_by_vq which attempts to take ports_lock which also has not been initialized. To fix, init all locks and work before creating vqs. Message-ID: Fixes: 17634ba25544 ("virtio: console: Add a new MULTIPORT feature, support for generic ports") Signed-off-by: Michael S. Tsirkin commit efcd71af38be403fa52223092f79ada446e121ba Author: Luigi Leonardi Date: Tue Jul 30 21:47:32 2024 +0200 vsock/virtio: avoid queuing packets when intermediate queue is empty When the driver needs to send new packets to the device, it always queues the new sk_buffs into an intermediate queue (send_pkt_queue) and schedules a worker (send_pkt_work) to then queue them into the virtqueue exposed to the device. This increases the chance of batching, but also introduces a lot of latency into the communication. So we can optimize this path by adding a fast path to be taken when there is no element in the intermediate queue, there is space available in the virtqueue, and no other process that is sending packets (tx_lock held). The following benchmarks were run to check improvements in latency and throughput. The test bed is a host with Intel i7-10700KF CPU @ 3.80GHz and L1 guest running on QEMU/KVM with vhost process and all vCPUs pinned individually to pCPUs. - Latency Tool: Fio version 3.37-56 Mode: pingpong (h-g-h) Test runs: 50 Runtime-per-test: 50s Type: SOCK_STREAM In the following fio benchmark (pingpong mode) the host sends a payload to the guest and waits for the same payload back. fio process pinned both inside the host and the guest system. Before: Linux 6.9.8 Payload 64B: 1st perc. overall 99th perc. Before 12.91 16.78 42.24 us After 9.77 13.57 39.17 us Payload 512B: 1st perc. overall 99th perc. Before 13.35 17.35 41.52 us After 10.25 14.11 39.58 us Payload 4K: 1st perc. overall 99th perc. Before 14.71 19.87 41.52 us After 10.51 14.96 40.81 us - Throughput Tool: iperf-vsock The size represents the buffer length (-l) to read/write P represents the number of parallel streams P=1 4K 64K 128K Before 6.87 29.3 29.5 Gb/s After 10.5 39.4 39.9 Gb/s P=2 4K 64K 128K Before 10.5 32.8 33.2 Gb/s After 17.8 47.7 48.5 Gb/s P=4 4K 64K 128K Before 12.7 33.6 34.2 Gb/s After 16.9 48.1 50.5 Gb/s The performance improvement is related to this optimization, I used a ebpf kretprobe on virtio_transport_send_skb to check that each packet was sent directly to the virtqueue Co-developed-by: Marco Pinna Signed-off-by: Marco Pinna Signed-off-by: Luigi Leonardi Message-Id: <20240730-pinna-v4-2-5c9179164db5@outlook.com> Signed-off-by: Michael S. Tsirkin Reviewed-by: Stefano Garzarella commit 83c334ed521638c8dffe545ddf49d61430680308 Author: Michael S. Tsirkin Date: Thu Sep 12 10:37:53 2024 -0400 virtio_ring: tag event_triggered as racy for KCSAN Setting event_triggered from the interrupt handler is fundamentally racy. There are races of 2 types: 1. vq processing can read false value while interrupt triggered and set it to true. result will be a bit of extra work when disabling cbs, no big deal. 1. vq processing can set false value then interrupt immediately sets true value since interrupt then triggers a callback which will process buffers, this is also not an issue. However, looks like KCSAN can not figure all this out, and warns about the race between the write and the read. Tag the access data_racy for now. We should probably look at ways to make this more straight-forwardly correct. Message-ID: <6bdd771a4fb7625a9227971b3cf4745c34c31a32.1726153334.git.mst@redhat.com> Reported-by: syzbot+8a02104389c2e0ef5049@syzkaller.appspotmail.com Signed-off-by: Michael S. Tsirkin Acked-by: Jason Wang Acked-by: Marco Elver commit 26618da3b2f3d510a3082a1cb0abafc0f92e8362 Author: Marco Pinna Date: Tue Jul 30 21:47:31 2024 +0200 vsock/virtio: refactor virtio_transport_send_pkt_work Preliminary patch to introduce an optimization to the enqueue system. All the code used to enqueue a packet into the virtqueue is removed from virtio_transport_send_pkt_work() and moved to the new virtio_transport_send_skb() function. Co-developed-by: Luigi Leonardi Signed-off-by: Luigi Leonardi Signed-off-by: Marco Pinna Reviewed-by: Stefano Garzarella Message-Id: <20240730-pinna-v4-1-5c9179164db5@outlook.com> Signed-off-by: Michael S. Tsirkin commit bc0dcbc5c2c539f37004f2cce0e6e245b2e50b6c Author: Srujana Challa Date: Mon Sep 16 21:52:55 2024 +0530 vdpa/octeon_ep: Fix format specifier for pointers in debug messages Updates the debug messages in octep_vdpa_hw.c to use the %p format specifier for pointers instead of casting them to u64. Fixes smatch warning: octep_hw_caps_read() warn: argument 3 to %016llx specifier is cast from pointer Fixes: 8b6c724cdab8 ("virtio: vdpa: vDPA driver for Marvell OCTEON DPU devices") Reported-by: kernel test robot Reported-by: Dan Carpenter Closes: https://lore.kernel.org/r/202409160431.bRhZWhiU-lkp@intel.com/ Signed-off-by: Srujana Challa Message-Id: <20240916162255.677774-1-schalla@marvell.com> Signed-off-by: Michael S. Tsirkin commit 4a21d31d7bcb4c245783119252b0389255964cd2 Author: Hongbo Li Date: Wed Sep 4 09:17:43 2024 +0800 fw_cfg: Constify struct kobj_type This 'struct kobj_type' is not modified. It is only used in kobject_init_and_add() which takes a 'const struct kobj_type *ktype' parameter. Constifying this structure and moving it to a read-only section, and this can increase over all security. ``` [Before] text data bss dec hex filename 5974 1008 96 7078 1ba6 drivers/firmware/qemu_fw_cfg.o [After] text data bss dec hex filename 6038 944 96 7078 1ba6 drivers/firmware/qemu_fw_cfg.o ``` Signed-off-by: Hongbo Li Message-Id: <20240904011743.2010319-1-lihongbo22@huawei.com> Signed-off-by: Michael S. Tsirkin commit 62111654481d5df4be3776a898cb88b5e4974103 Author: Dragos Tatulea Date: Fri Aug 30 13:58:38 2024 +0300 vdpa/mlx5: Postpone MR deletion Currently, when a new MR is set up, the old MR is deleted. MR deletion is about 30-40% the time of MR creation. As deleting the old MR is not important for the process of setting up the new MR, this operation can be postponed. This series adds a workqueue that does MR garbage collection at a later point. If the MR lock is taken, the handler will back off and reschedule. The exception during shutdown: then the handler must not postpone the work. Note that this is only a speculative optimization: if there is some mapping operation that is triggered while the garbage collector handler has the lock taken, this operation it will have to wait for the handler to finish. Signed-off-by: Dragos Tatulea Reviewed-by: Cosmin Ratiu Message-Id: <20240830105838.2666587-9-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin commit f30a1232b6979c7fc14e821cb349c40073c6191d Author: Dragos Tatulea Date: Fri Aug 30 13:58:37 2024 +0300 vdpa/mlx5: Introduce init/destroy for MR resources There's currently not a lot of action happening during the init/destroy of MR resources. But more will be added in the upcoming patches. As the mr mutex lock init/destroy has been moved to these new functions, the lifetime has now shifted away from mlx5_vdpa_alloc_resources() / mlx5_vdpa_free_resources() into these new functions. However, the lifetime at the outer scope remains the same: mlx5_vdpa_dev_add() / mlx5_vdpa_dev_free() Signed-off-by: Dragos Tatulea Reviewed-by: Cosmin Ratiu Message-Id: <20240830105838.2666587-8-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin commit 58d4d50e758ab1e880b30ba815d733d46f5cbfac Author: Dragos Tatulea Date: Fri Aug 30 13:58:36 2024 +0300 vdpa/mlx5: Rename mr_mtx -> lock Now that the mr resources have their own namespace in the struct, give the lock a clearer name. Signed-off-by: Dragos Tatulea Reviewed-by: Cosmin Ratiu Acked-by: Eugenio Pérez Message-Id: <20240830105838.2666587-7-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin commit 5fc85679076623a5c39ec09277144fb0bbf0c6ed Author: Dragos Tatulea Date: Fri Aug 30 13:58:35 2024 +0300 vdpa/mlx5: Extract mr members in own resource struct Group all mapping related resources into their own structure. Upcoming patches will add more members in this new structure. Signed-off-by: Dragos Tatulea Reviewed-by: Cosmin Ratiu Acked-by: Eugenio Pérez Message-Id: <20240830105838.2666587-6-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin commit 0b916a9c45d92c69270f2b44a35468fe6e331c2f Author: Dragos Tatulea Date: Fri Aug 30 13:58:34 2024 +0300 vdpa/mlx5: Rename function A followup patch will use this name for something else. Signed-off-by: Dragos Tatulea Reviewed-by: Cosmin Ratiu Message-Id: <20240830105838.2666587-5-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin commit e1ba5c947e56ccb09773eebfb730cae458b6a4fd Author: Dragos Tatulea Date: Fri Aug 30 13:58:33 2024 +0300 vdpa/mlx5: Delete direct MKEYs in parallel Use the async interface to issue MTT MKEY deletion. This makes destroy_user_mr() on average 8x times faster. This number is also dependent on the size of the MR being deleted. Signed-off-by: Dragos Tatulea Reviewed-by: Cosmin Ratiu Acked-by: Eugenio Pérez Message-Id: <20240830105838.2666587-4-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin commit 0071b138d44af4296bf871e6624369ce697b4b15 Author: Dragos Tatulea Date: Fri Aug 30 13:58:32 2024 +0300 vdpa/mlx5: Create direct MKEYs in parallel Use the async interface to issue MTT MKEY creation. Extra care is taken at the allocation of FW input commands due to the MTT tables having variable sizes depending on MR. The indirect MKEY is still created synchronously at the end as the direct MKEYs need to be filled in. This makes create_user_mr() 3-5x faster, depending on the size of the MR. Signed-off-by: Dragos Tatulea Reviewed-by: Cosmin Ratiu Message-Id: <20240830105838.2666587-3-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin commit db0a314f845abf9572d5826f4cfdecb93b838952 Author: Stefano Garzarella Date: Thu Aug 29 16:37:57 2024 +0200 MAINTAINERS: add virtio-vsock driver in the VIRTIO CORE section The virtio-vsock driver is already under VM SOCKETS (AF_VSOCK), managed pricipally with the net tree, and VIRTIO AND VHOST VSOCK DRIVER. However, changes that only affect the virtio part usually go with Michael's tree, so let's also put the driver in the VIRTIO CORE section to have its maintainers in CC for changes to the virtio-vsock driver. Cc: "Michael S. Tsirkin" Cc: Jason Wang Signed-off-by: Stefano Garzarella Message-Id: <20240829143757.85844-1-sgarzare@redhat.com> Signed-off-by: Michael S. Tsirkin Reviewed-by: Stefan Hajnoczi Acked-by: Jason Wang commit 87cbdc396a31ce29b0849705e565c81564d5ed4b Author: Max Gurtovoy Date: Sun Aug 25 16:07:16 2024 +0300 virtio_fs: add sysfs entries for queue information Introduce sysfs entries to provide visibility to the multiple queues used by the Virtio FS device. This enhancement allows users to query information about these queues. Specifically, add two sysfs entries: 1. Queue name: Provides the name of each queue (e.g. hiprio/requests.8). 2. CPU list: Shows the list of CPUs that can process requests for each queue. The CPU list feature is inspired by similar functionality in the block MQ layer, which provides analogous sysfs entries for block devices. These new sysfs entries will improve observability and aid in debugging and performance tuning of Virtio FS devices. Reviewed-by: Idan Zach Reviewed-by: Shai Malin Signed-off-by: Max Gurtovoy Message-Id: <20240825130716.9506-2-mgurtovoy@nvidia.com> Signed-off-by: Michael S. Tsirkin commit 4045b6429874e07f14b5b41e326d4e6f866f8bbf Author: Max Gurtovoy Date: Sun Aug 25 16:07:15 2024 +0300 virtio_fs: introduce virtio_fs_put_locked helper Introduce a new helper function virtio_fs_put_locked to encapsulate the common pattern of releasing a virtio_fs reference while holding a lock. The existing virtio_fs_put helper will be used to release a virtio_fs reference while not holding a lock. Also add an assertion in case the lock is not taken when it should. Reviewed-by: Idan Zach Reviewed-by: Shai Malin Signed-off-by: Max Gurtovoy Message-Id: <20240825130716.9506-1-mgurtovoy@nvidia.com> Signed-off-by: Michael S. Tsirkin Reviewed-by: Stefan Hajnoczi commit 561a16366ef57caad66d0dfe49275cd3f809c138 Author: Yue Haibing Date: Mon Aug 19 22:09:30 2024 +0800 vdpa: Remove unused declarations There is no caller and implementation in tree. Signed-off-by: Yue Haibing Message-Id: <20240819140930.122019-1-yuehaibing@huawei.com> Signed-off-by: Michael S. Tsirkin Reviewed-by: Shannon Nelson Reviewed-by: Zhu Lingshan Reviewed-by: Shannon Nelson <shannon.nelson@amd.com>
Reviewed-by: Zhu Lingshan commit 9dba41951ab64596c58f170f79a696c2cf83ff4a Author: Dragos Tatulea Date: Fri Aug 16 12:01:59 2024 +0300 vdpa/mlx5: Parallelize VQ suspend/resume for CVQ MQ command change_num_qps() is still suspending/resuming VQs one by one. This change switches to parallel suspend/resume. When increasing the number of queues the flow has changed a bit for simplicity: the setup_vq() function will always be called before resume_vqs(). If the VQ is initialized, setup_vq() will exit early. If the VQ is not initialized, setup_vq() will create it and resume_vqs() will resume it. Signed-off-by: Dragos Tatulea Reviewed-by: Tariq Toukan Message-Id: <20240816090159.1967650-11-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin Acked-by: Eugenio Pérez Tested-by: Lei Yang commit 74c89072f22600cc3d83fc70617b1b6c2f500013 Author: Dragos Tatulea Date: Fri Aug 16 12:01:58 2024 +0300 vdpa/mlx5: Small improvement for change_num_qps() change_num_qps() has a lot of multiplications by 2 to convert the number of VQ pairs to number of VQs. This patch simplifies the code by doing the VQP -> VQ count conversion at the beginning in a variable. Signed-off-by: Dragos Tatulea Reviewed-by: Tariq Toukan Message-Id: <20240816090159.1967650-10-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin Acked-by: Eugenio Pérez Tested-by: Lei Yang commit 55a7cb05b0a6c6cd6e3f482551cf93c398f1b4c9 Author: Dragos Tatulea Date: Fri Aug 16 12:01:57 2024 +0300 vdpa/mlx5: Keep notifiers during suspend but ignore Unregistering notifiers is a costly operation. Instead of removing the notifiers during device suspend and adding them back at resume, simply ignore the call when the device is suspended. At resume time call queue_link_work() to make sure that the device state is propagated in case there were changes. For 1 vDPA device x 32 VQs (16 VQPs) attached to a large VM (256 GB RAM, 32 CPUs x 2 threads per core), the device suspend time is reduced from ~13 ms to ~2.5 ms. Signed-off-by: Dragos Tatulea Reviewed-by: Tariq Toukan Acked-by: Eugenio Pérez Message-Id: <20240816090159.1967650-9-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin Tested-by: Lei Yang commit 5eb8c7eb1ec74ac6b9e7337674cb7a33e82a1e68 Author: Dragos Tatulea Date: Fri Aug 16 12:01:56 2024 +0300 vdpa/mlx5: Parallelize device resume Currently device resume works on vqs serially. Building up on previous changes that converted vq operations to the async api, this patch parallelizes the device resume. For 1 vDPA device x 32 VQs (16 VQPs) attached to a large VM (256 GB RAM, 32 CPUs x 2 threads per core), the device resume time is reduced from ~16 ms to ~4.5 ms. Signed-off-by: Dragos Tatulea Reviewed-by: Tariq Toukan Acked-by: Eugenio Pérez Message-Id: <20240816090159.1967650-8-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin Tested-by: Lei Yang commit dcf3eac01f063df0a60ea779399331d2ac535784 Author: Dragos Tatulea Date: Fri Aug 16 12:01:55 2024 +0300 vdpa/mlx5: Parallelize device suspend Currently device suspend works on vqs serially. Building up on previous changes that converted vq operations to the async api, this patch parallelizes the device suspend: 1) Suspend all active vqs parallel. 2) Query suspended vqs in parallel. For 1 vDPA device x 32 VQs (16 VQPs) attached to a large VM (256 GB RAM, 32 CPUs x 2 threads per core), the device suspend time is reduced from ~37 ms to ~13 ms. A later patch will remove the link unregister operation which will make it even faster. Signed-off-by: Dragos Tatulea Reviewed-by: Tariq Toukan Acked-by: Eugenio Pérez Message-Id: <20240816090159.1967650-7-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin Tested-by: Lei Yang commit 61674c154bb7f19fad612242022276e8bd9e10d2 Author: Dragos Tatulea Date: Fri Aug 16 12:01:54 2024 +0300 vdpa/mlx5: Use async API for vq modify commands Switch firmware vq modify command to be issued via the async API to allow future parallelization. The new refactored function applies the modify on a range of vqs and waits for their execution to complete. For now the command is still used in a serial fashion. A later patch will switch to modifying multiple vqs in parallel. Signed-off-by: Dragos Tatulea Reviewed-by: Tariq Toukan Message-Id: <20240816090159.1967650-6-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin Acked-by: Eugenio Pérez Tested-by: Lei Yang commit 1fcdf43ea69e976aae4f2d76ebb199cc0d4c5a88 Author: Dragos Tatulea Date: Fri Aug 16 12:01:53 2024 +0300 vdpa/mlx5: Use async API for vq query command Switch firmware vq query command to be issued via the async API to allow future parallelization. For now the command is still serial but the infrastructure is there to issue commands in parallel, including ratelimiting the number of issued async commands to firmware. A later patch will switch to issuing more commands at a time. Signed-off-by: Dragos Tatulea Reviewed-by: Tariq Toukan Message-Id: <20240816090159.1967650-5-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin Tested-by: Lei Yang commit d89d58f4888cde693e7707e13623eb50bb6435c2 Author: Dragos Tatulea Date: Fri Aug 16 12:01:52 2024 +0300 vdpa/mlx5: Introduce async fw command wrapper Introduce a new function mlx5_vdpa_exec_async_cmds() which wraps the mlx5_core async firmware command API in a way that will be used to parallelize certain operation in this driver. The wrapper deals with the case when mlx5_cmd_exec_cb() returns EBUSY due to the command being throttled. Signed-off-by: Dragos Tatulea Reviewed-by: Tariq Toukan Message-Id: <20240816090159.1967650-4-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin Acked-by: Eugenio Pérez Tested-by: Lei Yang commit de2cd39fc11b2f55b7f40f2a3036ca27327e4461 Author: Dragos Tatulea Date: Fri Aug 16 12:01:51 2024 +0300 vdpa/mlx5: Introduce error logging function mlx5_vdpa_err() was missing. This patch adds it and uses it in the necessary places. Signed-off-by: Dragos Tatulea Reviewed-by: Tariq Toukan Acked-by: Eugenio Pérez Message-Id: <20240816090159.1967650-3-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin Tested-by: Lei Yang commit 7d627137dc1062aba6276a7d2ebe7f5ff8d542c5 Author: Dragos Tatulea Date: Fri Aug 16 12:01:50 2024 +0300 net/mlx5: Support throttled commands from async API Currently, commands that qualify as throttled can't be used via the async API. That's due to the fact that the throttle semaphore can sleep but the async API can't. This patch allows throttling in the async API by using the tentative variant of the semaphore and upon failure (semaphore at 0) returns EBUSY to signal to the caller that they need to wait for the completion of previously issued commands. Furthermore, make sure that the semaphore is released in the callback. Signed-off-by: Dragos Tatulea Cc: Leon Romanovsky Reviewed-by: Tariq Toukan Message-Id: <20240816090159.1967650-2-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin Tested-by: Lei Yang commit 8b0d2f61545545ab5eef923ed6e59fc3be2385e0 Author: Thomas Zimmermann Date: Mon Sep 23 09:58:14 2024 +0200 drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS FB_DAMAGE_CLIPS is a plane property for damage handling. Its UAPI should only use UAPI types. Hence replace struct drm_rect with struct drm_mode_rect in drm_atomic_plane_set_property(). Both types are identical in practice, so there's no change in behavior. Reported-by: Ville Syrjälä Closes: https://lore.kernel.org/dri-devel/Zu1Ke1TuThbtz15E@intel.com/ Signed-off-by: Thomas Zimmermann Fixes: d3b21767821e ("drm: Add a new plane property to send damage during plane update") Cc: Lukasz Spintzyk Cc: Deepak Rawat Cc: Daniel Vetter Cc: Thomas Hellstrom Cc: David Airlie Cc: Simona Vetter Cc: Maarten Lankhorst Cc: Maxime Ripard Cc: Thomas Zimmermann Cc: dri-devel@lists.freedesktop.org Cc: # v5.0+ Reviewed-by: Dmitry Baryshkov Link: https://patchwork.freedesktop.org/patch/msgid/20240923075841.16231-1-tzimmermann@suse.de commit 8b62645b09f870d70c7910e7550289d444239a46 Author: Wander Lairson Costa Date: Fri Sep 20 16:06:59 2024 -0300 bpf: Use raw_spinlock_t in ringbuf The function __bpf_ringbuf_reserve is invoked from a tracepoint, which disables preemption. Using spinlock_t in this context can lead to a "sleep in atomic" warning in the RT variant. This issue is illustrated in the example below: BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 556208, name: test_progs preempt_count: 1, expected: 0 RCU nest depth: 1, expected: 1 INFO: lockdep is turned off. Preemption disabled at: [] migrate_enable+0xc0/0x39c CPU: 7 PID: 556208 Comm: test_progs Tainted: G Hardware name: Qualcomm SA8775P Ride (DT) Call trace: dump_backtrace+0xac/0x130 show_stack+0x1c/0x30 dump_stack_lvl+0xac/0xe8 dump_stack+0x18/0x30 __might_resched+0x3bc/0x4fc rt_spin_lock+0x8c/0x1a4 __bpf_ringbuf_reserve+0xc4/0x254 bpf_ringbuf_reserve_dynptr+0x5c/0xdc bpf_prog_ac3d15160d62622a_test_read_write+0x104/0x238 trace_call_bpf+0x238/0x774 perf_call_bpf_enter.isra.0+0x104/0x194 perf_syscall_enter+0x2f8/0x510 trace_sys_enter+0x39c/0x564 syscall_trace_enter+0x220/0x3c0 do_el0_svc+0x138/0x1dc el0_svc+0x54/0x130 el0t_64_sync_handler+0x134/0x150 el0t_64_sync+0x17c/0x180 Switch the spinlock to raw_spinlock_t to avoid this error. Fixes: 457f44363a88 ("bpf: Implement BPF ring buffer and verifier support for it") Reported-by: Brian Grech Signed-off-by: Wander Lairson Costa Signed-off-by: Wander Lairson Costa Signed-off-by: Daniel Borkmann Acked-by: Daniel Borkmann Link: https://lore.kernel.org/r/20240920190700.617253-1-wander@redhat.com commit 8f2f74f2f3ebd9bb7159301cb7560db75d2e801a Author: Min-Hua Chen Date: Wed Sep 18 07:36:50 2024 +0800 xen/pciback: fix cast to restricted pci_ers_result_t and pci_power_t This patch fix the following sparse warning by applying __force cast to pci_ers_result_t and pci_power_t. drivers/xen/xen-pciback/pci_stub.c:760:16: sparse: warning: cast to restricted pci_ers_result_t drivers/xen/xen-pciback/conf_space_capability.c:125:22: sparse: warning: cast to restricted pci_power_t No functional changes intended. Signed-off-by: Min-Hua Chen Reviewed-by: Juergen Gross Message-ID: <20240917233653.61630-1-minhuadotchen@gmail.com> Signed-off-by: Juergen Gross commit a045553362b53fb8f34bb1c3e5de5e020af79550 Merge: 65f666c6203600 9064610348b163 Author: Jens Axboe Date: Wed Sep 25 03:29:17 2024 -0600 Merge tag 'nvme-6.12-2024-09-25' of git://git.infradead.org/nvme into for-6.12/block Pull NVMe fixes from Keith: "nvme fixes for Linux 6.12 - Multipath fixes (Hannes) - Sysfs attribute list NULL terminate fix (Shin'ichiro) - Remove problematic read-back (Keith)" * tag 'nvme-6.12-2024-09-25' of git://git.infradead.org/nvme: nvme: remove CC register read-back during enabling nvme: null terminate nvme_tls_attrs nvme-multipath: avoid hang on inaccessible namespaces nvme-multipath: system fails to create generic nvme device commit eb46cb321f1f3f3102f4ad3d61dd5c8c06cdbf17 Author: Greg Kroah-Hartman Date: Wed Sep 25 10:57:02 2024 +0200 Revert "driver core: don't always lock parent in shutdown" This reverts commit ba6353748e71bd1d7e422fec2b5c2e2dfc2e3bd9. The series is being reverted before -rc1 as there are still reports of lockups on shutdown, so it's not quite ready for "prime time." Reported-by: Andrey Skvortsov Link: https://lore.kernel.org/r/ZvMkkhyJrohaajuk@skv.local Cc: Christoph Hellwig Cc: David Jeffery Cc: Keith Busch Cc: Laurence Oberman Cc: Nathan Chancellor Cc: Sagi Grimberg Cc: Stuart Hayes Signed-off-by: Greg Kroah-Hartman commit 56d16d44fe8d8012dabd32700ea143c7caa35ba3 Author: Greg Kroah-Hartman Date: Wed Sep 25 10:57:01 2024 +0200 Revert "driver core: separate function to shutdown one device" This reverts commit 95dc7565253a8564911190ebd1e4ffceb4de208a. The series is being reverted before -rc1 as there are still reports of lockups on shutdown, so it's not quite ready for "prime time." Reported-by: Andrey Skvortsov Link: https://lore.kernel.org/r/ZvMkkhyJrohaajuk@skv.local Cc: Christoph Hellwig Cc: David Jeffery Cc: Keith Busch Cc: Laurence Oberman Cc: Nathan Chancellor Cc: Sagi Grimberg Cc: Stuart Hayes Signed-off-by: Greg Kroah-Hartman commit 2efddb5575cd9f5f4d61ad417c92365a5f18d2f1 Author: Greg Kroah-Hartman Date: Wed Sep 25 10:57:00 2024 +0200 Revert "driver core: shut down devices asynchronously" This reverts commit 8064952c65045f05ee2671fe437770e50c151776. The series is being reverted before -rc1 as there are still reports of lockups on shutdown, so it's not quite ready for "prime time." Reported-by: Andrey Skvortsov Link: https://lore.kernel.org/r/ZvMkkhyJrohaajuk@skv.local Cc: Christoph Hellwig Cc: David Jeffery Cc: Keith Busch Cc: Laurence Oberman Cc: Nathan Chancellor Cc: Sagi Grimberg Cc: Stuart Hayes Signed-off-by: Greg Kroah-Hartman commit ec1fcbae1918084b5dea2e72cc6297c32f7792da Author: Greg Kroah-Hartman Date: Wed Sep 25 10:56:59 2024 +0200 Revert "nvme-pci: Make driver prefer asynchronous shutdown" This reverts commit ba82e10c3c6b5b5d2c8279a8bd0dae5c2abaacfc. The series is being reverted before -rc1 as there are still reports of lockups on shutdown, so it's not quite ready for "prime time." Reported-by: Andrey Skvortsov Link: https://lore.kernel.org/r/ZvMkkhyJrohaajuk@skv.local Cc: Christoph Hellwig Cc: David Jeffery Cc: Keith Busch Cc: Laurence Oberman Cc: Nathan Chancellor Cc: Sagi Grimberg Cc: Stuart Hayes Signed-off-by: Greg Kroah-Hartman commit e11daafdbf5b683a5da33a080862769b696b1621 Author: Greg Kroah-Hartman Date: Wed Sep 25 10:56:57 2024 +0200 Revert "driver core: fix async device shutdown hang" This reverts commit 4f2c346e621624315e2a1405e98616a0c5ac146f. The series is being reverted before -rc1 as there are still reports of lockups on shutdown, so it's not quite ready for "prime time." Reported-by: Andrey Skvortsov Link: https://lore.kernel.org/r/ZvMkkhyJrohaajuk@skv.local Cc: Christoph Hellwig Cc: David Jeffery Cc: Keith Busch Cc: Laurence Oberman Cc: Nathan Chancellor Cc: Sagi Grimberg Cc: Stuart Hayes Signed-off-by: Greg Kroah-Hartman commit e860513f56d8428fcb2bd0282ac8ab691a53fc6c Author: Ville Syrjälä Date: Wed Sep 18 22:04:39 2024 +0300 drm/i915/dp: Fix colorimetry detection intel_dp_init_connector() is no place for detecting stuff via DPCD (except perhaps for eDP). Move the colorimetry stuff into a more appropriate place. Cc: Jouni Högander Fixes: 00076671a648 ("drm/i915/display: Move colorimetry_support from intel_psr to intel_dp") Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240918190441.29071-1-ville.syrjala@linux.intel.com Reviewed-by: Jouni Högander (cherry picked from commit 35dba4834bded843d5416e8caadfe82bd0ce1904) Signed-off-by: Joonas Lahtinen commit 2fae6bb7be320270801b3c3b040189bd7daa8056 Author: Jiqian Chen Date: Tue Sep 24 14:14:37 2024 +0800 xen/privcmd: Add new syscall to get gsi from dev On PVH dom0, when passthrough a device to domU, QEMU and xl tools want to use gsi number to do pirq mapping, see QEMU code xen_pt_realize->xc_physdev_map_pirq, and xl code pci_add_dm_done->xc_physdev_map_pirq, but in current codes, the gsi number is got from file /sys/bus/pci/devices//irq, that is wrong, because irq is not equal with gsi, they are in different spaces, so pirq mapping fails. And in current linux codes, there is no method to get gsi for userspace. For above purpose, record gsi of pcistub devices when init pcistub and add a new syscall into privcmd to let userspace can get gsi when they have a need. Signed-off-by: Jiqian Chen Signed-off-by: Huang Rui Signed-off-by: Jiqian Chen Reviewed-by: Stefano Stabellini Message-ID: <20240924061437.2636766-4-Jiqian.Chen@amd.com> Signed-off-by: Juergen Gross commit b166b8ab4189743a717cb93f50d6fcca3a46770d Author: Jiqian Chen Date: Tue Sep 24 14:14:36 2024 +0800 xen/pvh: Setup gsi for passthrough device In PVH dom0, the gsis don't get registered, but the gsi of a passthrough device must be configured for it to be able to be mapped into a domU. When assigning a device to passthrough, proactively setup the gsi of the device during that process. Signed-off-by: Jiqian Chen Signed-off-by: Huang Rui Signed-off-by: Jiqian Chen Reviewed-by: Stefano Stabellini Message-ID: <20240924061437.2636766-3-Jiqian.Chen@amd.com> Signed-off-by: Juergen Gross commit 88801d043b1d16caae76a5e2e5991e8b1f55ce7f Author: Jiqian Chen Date: Tue Sep 24 14:14:35 2024 +0800 xen/pci: Add a function to reset device for xen When device on dom0 side has been reset, the vpci on Xen side won't get notification, so that the cached state in vpci is all out of date with the real device state. To solve that problem, add a new function to clear all vpci device state when device is reset on dom0 side. And call that function in pcistub_init_device. Because when using "pci-assignable-add" to assign a passthrough device in Xen, it will reset passthrough device and the vpci state will out of date, and then device will fail to restore bar state. Signed-off-by: Jiqian Chen Signed-off-by: Huang Rui Signed-off-by: Jiqian Chen Reviewed-by: Stefano Stabellini Message-ID: <20240924061437.2636766-2-Jiqian.Chen@amd.com> Signed-off-by: Juergen Gross commit 9064610348b16356d43e59e286aedfec31825541 Author: Keith Busch Date: Wed Sep 4 14:48:50 2024 -0700 nvme: remove CC register read-back during enabling Any non-posted read should flush the previous write, so we don't necessarily need to read back the value we just wrote. I've found at least some controllers that respond with 0 for short moments after writing the CC register with EN (enable) cleared, so the read-back is overwriting our valid ctrl_config value and ends up breaking on the subsequent enabling. Reviewed-by: Christoph Hellwig Signed-off-by: Keith Busch commit 83340d9c6178107df581c3ebbae0e28d0b15e879 Author: Shin'ichiro Kawasaki Date: Tue Sep 24 18:01:34 2024 +0900 nvme: null terminate nvme_tls_attrs Commit 1e48b34c9bc7 ("nvme: split off TLS sysfs attributes into a separate group") introduced the struct attribute array nvme_tls_attrs. However, the array was not null terminated and caused BUG KASAN global- out-of-bounds. To avoid the BUG, null terminate the array. Reported-by: Yi Zhang Closes: https://lore.kernel.org/linux-nvme/jhllwfxcedrcxcnbajwl4x2l2ujcqowqcd4ps574zrafrqhjna@f4icvecutekm/ Fixes: 1e48b34c9bc7 ("nvme: split off TLS sysfs attributes into a separate group") Signed-off-by: Shin'ichiro Kawasaki Tested-by: Yi Zhang Reviewed-by: Hannes Reinecke Reviewed-by: Christoph Hellwig Signed-off-by: Keith Busch commit 3b97f5a05cfc55e7729ff3769f63eef64e2178bb Author: Hannes Reinecke Date: Sat Sep 14 14:01:23 2024 +0200 nvme-multipath: avoid hang on inaccessible namespaces During repetitive namespace remapping operations on the target the namespace might have changed between the time the initial scan was performed, and partition scan was invoked by device_add_disk() in nvme_mpath_set_live(). We then end up with a stuck scanning process: [<0>] folio_wait_bit_common+0x12a/0x310 [<0>] filemap_read_folio+0x97/0xd0 [<0>] do_read_cache_folio+0x108/0x390 [<0>] read_part_sector+0x31/0xa0 [<0>] read_lba+0xc5/0x160 [<0>] efi_partition+0xd9/0x8f0 [<0>] bdev_disk_changed+0x23d/0x6d0 [<0>] blkdev_get_whole+0x78/0xc0 [<0>] bdev_open+0x2c6/0x3b0 [<0>] bdev_file_open_by_dev+0xcb/0x120 [<0>] disk_scan_partitions+0x5d/0x100 [<0>] device_add_disk+0x402/0x420 [<0>] nvme_mpath_set_live+0x4f/0x1f0 [nvme_core] [<0>] nvme_mpath_add_disk+0x107/0x120 [nvme_core] [<0>] nvme_alloc_ns+0xac6/0xe60 [nvme_core] [<0>] nvme_scan_ns+0x2dd/0x3e0 [nvme_core] [<0>] nvme_scan_work+0x1a3/0x490 [nvme_core] This happens when we have several paths, some of which are inaccessible, and the active paths are removed first. Then nvme_find_path() will requeue I/O in the ns_head (as paths are present), but the requeue list is never triggered as all remaining paths are inactive. This patch checks for NVME_NSHEAD_DISK_LIVE in nvme_available_path(), and requeue I/O after NVME_NSHEAD_DISK_LIVE has been cleared once the last path has been removed to properly terminate pending I/O. Signed-off-by: Hannes Reinecke Reviewed-by: Sagi Grimberg Signed-off-by: Keith Busch commit 63bcf9014e95a7d279d10d8e2caa5d88db2b1855 Author: Hannes Reinecke Date: Sat Sep 14 14:01:22 2024 +0200 nvme-multipath: system fails to create generic nvme device NVME_NSHEAD_DISK_LIVE is a flag for struct nvme_ns_head, not nvme_ns. The current code has a typo causing NVME_NSHEAD_DISK_LIVE never to be cleared once device_add_disk_fails, causing the system never to create the 'generic' character device. Even several rescan attempts will change the situation and the system has to be rebooted to fix the issue. Fixes: 11384580e332 ("nvme-multipath: add error handling support for add_disk()") Signed-off-by: Hannes Reinecke Reviewed-by: Sagi Grimberg Reviewed-by: Christoph Hellwig Signed-off-by: Keith Busch commit 665db14d0712ac27f6a0081510bd811efb3faa3c Author: David Howells Date: Tue Sep 17 08:54:28 2024 +0100 netfs, cifs: Fix mtime/ctime update for mmapped writes The cifs flag CIFS_INO_MODIFIED_ATTR, which indicates that the mtime and ctime need to be written back on close, got taken over by netfs as NETFS_ICTX_MODIFIED_ATTR to avoid the need to call a function pointer to set it. The flag gets set correctly on buffered writes, but doesn't get set by netfs_page_mkwrite(), leading to occasional failures in generic/080 and generic/215. Fix this by setting the flag in netfs_page_mkwrite(). Fixes: 73425800ac94 ("netfs, cifs: Move CIFS_INO_MODIFIED_ATTR to netfs_inode") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202409161629.98887b2-oliver.sang@intel.com Signed-off-by: David Howells Reviewed-by: Paulo Alcantara (Red Hat) cc: Jeff Layton cc: linux-cifs@vger.kernel.org cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Signed-off-by: Steve French commit 387676fabf15f8e772fd22dd05794639115e4216 Author: Steve French Date: Fri Jul 26 18:44:16 2024 -0500 cifs: update internal version number To 2.51 Signed-off-by: Steve French commit 6c7f1b994a025a2d7748104ea9fc5e7d5808092a Author: Paulo Alcantara Date: Wed Sep 18 02:04:06 2024 -0300 smb: client: print failed session logoffs with FYI Do not flood dmesg with failed session logoffs as kerberos tickets getting expired or passwords being rotated is a very common scenario. Signed-off-by: Paulo Alcantara (Red Hat) Signed-off-by: Steve French commit 307f77e7f5855cd42c62fee3f97e4dea5a04a15b Author: David Howells Date: Mon Sep 23 16:07:51 2024 +0100 cifs: Fix reversion of the iter in cifs_readv_receive(). cifs_read_iter_from_socket() copies the iterator that's passed in for the socket to modify as and if it will, and then advances the original iterator by the amount sent. However, both callers revert the advancement (although receive_encrypted_read() zeros beyond the iterator first). The problem is, though, that cifs_readv_receive() reverts by the original length, not the amount transmitted which can cause an oops in iov_iter_revert(). Fix this by: (1) Remove the iov_iter_advance() from cifs_read_iter_from_socket(). (2) Remove the iov_iter_revert() from both callers. This fixes the bug in cifs_readv_receive(). (3) In receive_encrypted_read(), if we didn't get back as much data as the buffer will hold, copy the iterator, advance the copy and use the copy to drive iov_iter_zero(). As a bonus, this gets rid of some unnecessary work. This was triggered by generic/074 with the "-o sign" mount option. Fixes: 3ee1a1fc3981 ("cifs: Cut over to using netfslib") Signed-off-by: David Howells cc: Steve French cc: Paulo Alcantara cc: Shyam Prasad N cc: Rohith Surabattula cc: Jeff Layton cc: linux-cifs@vger.kernel.org cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Signed-off-by: Steve French commit 2f3017e7cc7515e0110a3733d8dca84de2a1d23d Author: Steve French Date: Sat Sep 21 23:28:32 2024 -0500 smb3: fix incorrect mode displayed for read-only files Commands like "chmod 0444" mark a file readonly via the attribute flag (when mapping of mode bits into the ACL are not set, or POSIX extensions are not negotiated), but they were not reported correctly for stat of directories (they were reported ok for files and for "ls"). See example below: root:~# ls /mnt2 -l total 12 drwxr-xr-x 2 root root 0 Sep 21 18:03 normaldir -rwxr-xr-x 1 root root 0 Sep 21 23:24 normalfile dr-xr-xr-x 2 root root 0 Sep 21 17:55 readonly-dir -r-xr-xr-x 1 root root 209716224 Sep 21 18:15 readonly-file root:~# stat -c %a /mnt2/readonly-dir 755 root:~# stat -c %a /mnt2/readonly-file 555 This fixes the stat of directories when ATTR_READONLY is set (in cases where the mode can not be obtained other ways). root:~# stat -c %a /mnt2/readonly-dir 555 Cc: stable@vger.kernel.org Signed-off-by: Steve French commit 663f295e35594f4c2584fc68c28546b747b637cd Author: Paulo Alcantara Date: Wed Sep 18 21:57:43 2024 -0300 smb: client: fix parsing of device numbers Report correct major and minor numbers from special files created with NFS reparse points. Signed-off-by: Paulo Alcantara (Red Hat) Signed-off-by: Steve French commit a9de67336a4aa3ff2e706ba023fb5f7ff681a954 Author: Paulo Alcantara Date: Wed Sep 18 21:53:35 2024 -0300 smb: client: set correct device number on nfs reparse points Fix major and minor numbers set on special files created with NFS reparse points. Signed-off-by: Paulo Alcantara (Red Hat) Signed-off-by: Steve French commit 4e3ba580f5ab2d74e1e2210aba869aad235349d5 Author: Paulo Alcantara Date: Wed Sep 18 02:04:27 2024 -0300 smb: client: propagate error from cifs_construct_tcon() Propagate error from cifs_construct_tcon() in cifs_sb_tlink() instead of always returning -EACCES. Signed-off-by: Paulo Alcantara (Red Hat) Signed-off-by: Steve French commit 0826b134c0b039db4850fb762e79766a45d847c5 Author: Paulo Alcantara Date: Wed Sep 18 02:04:23 2024 -0300 smb: client: fix DFS failover in multiuser mounts For sessions and tcons created on behalf of new users accessing a multiuser mount, matching their sessions in tcon_super_cb() with master tcon will always lead to false as every new user will have its own session and tcon. All multiuser sessions, however, will inherit ->dfs_root_ses from master tcon, so match it instead. Signed-off-by: Paulo Alcantara (Red Hat) Signed-off-by: Steve French commit 85633c00ad03049019df632f2bdcf5ff7efc7796 Author: David Howells Date: Wed Sep 18 20:24:24 2024 +0100 cifs: Make the write_{enter,done,err} tracepoints display netfs info Make the write RPC tracepoints use the same trace macro complexes as the read tracepoints and display the netfs request and subrequest IDs where available (see commit 519be989717c "cifs: Add a tracepoint to track credits involved in R/W requests"). Signed-off-by: David Howells cc: Steve French cc: Paulo Alcantara (Red Hat) cc: Jeff Layton cc: linux-cifs@vger.kernel.org cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Signed-off-by: Steve French commit 4f42a8b54b5c6e36519aef3cb1f6210e54abd451 Author: Paulo Alcantara Date: Wed Sep 18 02:03:55 2024 -0300 smb: client: fix DFS interlink failover The DFS interlinks point to different DFS namespaces so make sure to use the correct DFS root server to chase any DFS links under it by storing the SMB session in dfs_ref_walk structure and then using it on every referral walk. Signed-off-by: Paulo Alcantara (Red Hat) Signed-off-by: Steve French commit 9190cc0c97aafdae06015d468c6ca3991e32a23a Author: Paulo Alcantara Date: Wed Sep 18 02:03:45 2024 -0300 smb: client: improve purging of cached referrals Purge cached referrals that have a single target when reaching maximum of cache size as the client won't need them to failover. Otherwise remove oldest cache entry. Signed-off-by: Paulo Alcantara (Red Hat) Signed-off-by: Steve French commit 242d23efc987151ecd34bc0cae4c0b737494fc40 Author: Paulo Alcantara Date: Wed Sep 18 02:03:35 2024 -0300 smb: client: avoid unnecessary reconnects when refreshing referrals Do not mark tcons for reconnect when current connection matches any of the targets returned by new referral even when there is no cached entry. Signed-off-by: Paulo Alcantara (Red Hat) Signed-off-by: Steve French commit d7126c0cfc137a580eba92bd82b6d288bd43961d Merge: 338aae5478befe 6c10ba06bb1b48 Author: Dave Airlie Date: Wed Sep 25 12:11:06 2024 +1000 Merge tag 'drm-xe-next-fixes-2024-09-19' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-next Driver Changes: - Fix macro for checking minimum GuC version (Michal Wajdeczko) - Fix CCS offset calculation for some BMG SKUs (Matthew Auld) - Fix locking on memory usage reporting via fdinfo and BO destroy (Matthew Auld) - Fix GPU page fault handler on a closed VM (Matthew Brost) - Fix overflow in oa batch buffer (José) Signed-off-by: Dave Airlie From: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/lr6vhd7x5eb7gubd7utfmnwzvfqfslji4kssxyqisynzlvqjni@svgm6jot7r66 commit 338aae5478befee9e0e66afb78c2ad1e8d69825c Merge: ae2c6d8b3b88c1 ec2231b8dd2dc5 Author: Dave Airlie Date: Wed Sep 25 12:00:36 2024 +1000 Merge tag 'drm-intel-next-fixes-2024-09-19' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-next - Fix BMG support to UHBR13.5 - Two PSR fixes Signed-off-by: Dave Airlie From: Joonas Lahtinen Link: https://patchwork.freedesktop.org/patch/msgid/ZuvzjAbx2pmjahxK@jlahtine-mobl.ger.corp.intel.com commit 684a64bf32b6e488004e0ad7f0d7e922798f65b6 Merge: f7fccaa772718f 68898131d2df70 Author: Linus Torvalds Date: Tue Sep 24 15:44:18 2024 -0700 Merge tag 'nfs-for-6.12-1' of git://git.linux-nfs.org/projects/anna/linux-nfs Pull NFS client updates from Anna Schumaker: "New Features: - Add a 'noalignwrite' mount option for lock-less 'lost writes' prevention - Add support for the LOCALIO protocol extention Bugfixes: - Fix memory leak in error path of nfs4_do_reclaim() - Simplify and guarantee lock owner uniqueness - Fix -Wformat-truncation warning - Fix folio refcounts by using folio_attach_private() - Fix failing the mount system call when the server is down - Fix detection of "Proxying of Times" server support Cleanups: - Annotate struct nfs_cache_array with __counted_by() - Remove unnecessary NULL checks before kfree() - Convert RPC_TASK_* constants to an enum - Remove obsolete or misleading comments and declerations" * tag 'nfs-for-6.12-1' of git://git.linux-nfs.org/projects/anna/linux-nfs: (41 commits) nfs: Fix `make htmldocs` warnings in the localio documentation nfs: add "NFS Client and Server Interlock" section to localio.rst nfs: add FAQ section to Documentation/filesystems/nfs/localio.rst nfs: add Documentation/filesystems/nfs/localio.rst nfs: implement client support for NFS_LOCALIO_PROGRAM nfs/localio: use dedicated workqueues for filesystem read and write pnfs/flexfiles: enable localio support nfs: enable localio for non-pNFS IO nfs: add LOCALIO support nfs: pass struct nfsd_file to nfs_init_pgio and nfs_init_commit nfsd: implement server support for NFS_LOCALIO_PROGRAM nfsd: add LOCALIO support nfs_common: prepare for the NFS client to use nfsd_file for LOCALIO nfs_common: add NFS LOCALIO auxiliary protocol enablement SUNRPC: replace program list with program array SUNRPC: add svcauth_map_clnt_to_svc_cred_local SUNRPC: remove call_allocate() BUG_ONs nfsd: add nfsd_serv_try_get and nfsd_serv_put nfsd: add nfsd_file_acquire_local() nfsd: factor out __fh_verify to allow NULL rqstp to be passed ... commit f7fccaa772718f6d2e798dece4a5210fe4c406ec Merge: 4165cee7ecb112 2f3d8ff457982f Author: Linus Torvalds Date: Tue Sep 24 15:29:42 2024 -0700 Merge tag 'fuse-update-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse Pull fuse updates from Miklos Szeredi: - Add support for idmapped fuse mounts (Alexander Mikhalitsyn) - Add optimization when checking for writeback (yangyun) - Add tracepoints (Josef Bacik) - Clean up writeback code (Joanne Koong) - Clean up request queuing (me) - Misc fixes * tag 'fuse-update-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse: (32 commits) fuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set fuse: clear FR_PENDING if abort is detected when sending request fs/fuse: convert to use invalid_mnt_idmap fs/mnt_idmapping: introduce an invalid_mnt_idmap fs/fuse: introduce and use fuse_simple_idmap_request() helper fs/fuse: fix null-ptr-deref when checking SB_I_NOIDMAP flag fuse: allow O_PATH fd for FUSE_DEV_IOC_BACKING_OPEN virtio_fs: allow idmapped mounts fuse: allow idmapped mounts fuse: warn if fuse_access is called when idmapped mounts are allowed fuse: handle idmappings properly in ->write_iter() fuse: support idmapped ->rename op fuse: support idmapped ->set_acl fuse: drop idmap argument from __fuse_get_acl fuse: support idmapped ->setattr op fuse: support idmapped ->permission inode op fuse: support idmapped getattr inode op fuse: support idmap for mkdir/mknod/symlink/create/tmpfile fuse: support idmapped FUSE_EXT_GROUPS fuse: add an idmap argument to fuse_simple_request ... commit 4165cee7ecb112c20bc1a05fa8d93d16d11b68c2 Merge: 79952bdcbcea53 cb7d85014fb1ca Author: Linus Torvalds Date: Tue Sep 24 15:26:04 2024 -0700 Merge tag 'exfat-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/linkinjeon/exfat Pull exfat updates from Namjae Jeon: - Clean-up unnecessary codes as ->valid_size is supported - buffered-IO fallback is no longer needed when using direct-IO - Move ->valid_size extension from mmap to ->page_mkwrite. This improves the overhead caused by unnecessary zero-out during mmap. - Fix memleaks from exfat_load_bitmap() and exfat_create_upcase_table() - Add sops->shutdown and ioctl - Add Yuezhang Mo as a reviwer * tag 'exfat-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/linkinjeon/exfat: MAINTAINERS: exfat: add myself as reviewer exfat: resolve memory leak from exfat_create_upcase_table() exfat: move extend valid_size into ->page_mkwrite() exfat: fix memory leak in exfat_load_bitmap() exfat: Implement sops->shutdown and ioctl exfat: do not fallback to buffered write exfat: drop ->i_size_ondisk commit 79952bdcbcea53e57c2ca97e7448f8a6bdb6106a Merge: fa8380a06bd052 ae87b9c2dc9800 Author: Linus Torvalds Date: Tue Sep 24 15:12:38 2024 -0700 Merge tag 'f2fs-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs Pull f2fs updates from Jaegeuk Kim: "The main changes include converting major IO paths to use folio, and adding various knobs to control GC more flexibly for Zoned devices. In addition, there are several patches to address corner cases of atomic file operations and better support for file pinning on zoned device. Enhancement: - add knobs to tune foreground/background GCs for Zoned devices - convert IO paths to use folio - reduce expensive checkpoint trigger frequency - allow F2FS_IPU_NOCACHE for pinned file - forcibly migrate to secure space for zoned device file pinning - get rid of buffer_head use - add write priority option based on zone UFS - get rid of online repair on corrupted directory Bug fixes: - fix to don't panic system for no free segment fault injection - fix to don't set SB_RDONLY in f2fs_handle_critical_error() - avoid unused block when dio write in LFS mode - compress: don't redirty sparse cluster during {,de}compress - check discard support for conventional zones - atomic: prevent atomic file from being dirtied before commit - atomic: fix to check atomic_file in f2fs ioctl interfaces - atomic: fix to forbid dio in atomic_file - atomic: fix to truncate pagecache before on-disk metadata truncation - atomic: create COW inode from parent dentry - atomic: fix to avoid racing w/ GC - atomic: require FMODE_WRITE for atomic write ioctls - fix to wait page writeback before setting gcing flag - fix to avoid racing in between read and OPU dio write, dio completion - fix several potential integer overflows in file offsets and dir_block_index - fix to avoid use-after-free in f2fs_stop_gc_thread() As usual, there are several code clean-ups and refactorings" * tag 'f2fs-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs: (60 commits) f2fs: allow F2FS_IPU_NOCACHE for pinned file f2fs: forcibly migrate to secure space for zoned device file pinning f2fs: remove unused parameters f2fs: fix to don't panic system for no free segment fault injection f2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error() f2fs: add valid block ratio not to do excessive GC for one time GC f2fs: create gc_no_zoned_gc_percent and gc_boost_zoned_gc_percent f2fs: do FG_GC when GC boosting is required for zoned devices f2fs: increase BG GC migration window granularity when boosted for zoned devices f2fs: add reserved_segments sysfs node f2fs: introduce migration_window_granularity f2fs: make BG GC more aggressive for zoned devices f2fs: avoid unused block when dio write in LFS mode f2fs: fix to check atomic_file in f2fs ioctl interfaces f2fs: get rid of online repaire on corrupted directory f2fs: prevent atomic file from being dirtied before commit f2fs: get rid of page->index f2fs: convert read_node_page() to use folio f2fs: convert __write_node_page() to use folio f2fs: convert f2fs_write_data_page() to use folio ... commit fa8380a06bd0523e51f826520aac1beb8c585521 Merge: 68e5c7d4cefb66 37d3dd663f7485 Author: Linus Torvalds Date: Tue Sep 24 14:54:26 2024 -0700 Merge tag 'bpf-next-6.12-struct-fd' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Pull bpf 'struct fd' updates from Alexei Starovoitov: "This includes struct_fd BPF changes from Al and Andrii" * tag 'bpf-next-6.12-struct-fd' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next: bpf: convert bpf_token_create() to CLASS(fd, ...) security,bpf: constify struct path in bpf_token_create() LSM hook bpf: more trivial fdget() conversions bpf: trivial conversions for fdget() bpf: switch maps to CLASS(fd, ...) bpf: factor out fetching bpf_map from FD and adding it to used_maps list bpf: switch fdget_raw() uses to CLASS(fd_raw, ...) bpf: convert __bpf_prog_get() to CLASS(fd, ...) commit 42268ad0eb4142245ea40ab01a5690a40e9c3b41 Author: Tejun Heo Date: Tue Sep 24 11:10:07 2024 -1000 sched_ext: Build fix for !CONFIG_SMP move_remote_task_to_local_dsq() is only defined on SMP configs but scx_disaptch_from_dsq() was calling move_remote_task_to_local_dsq() on UP configs too causing build failures. Add a dummy move_remote_task_to_local_dsq() which triggers a warning. Signed-off-by: Tejun Heo Fixes: 4c30f5ce4f7a ("sched_ext: Implement scx_bpf_dispatch[_vtime]_from_dsq()") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409241108.jaocHiDJ-lkp@intel.com/ commit c08dfb1b49492c09cf13838c71897493ea3b424e Author: Xiubo Li Date: Thu Sep 5 06:22:18 2024 +0800 ceph: remove the incorrect Fw reference check when dirtying pages When doing the direct-io reads it will also try to mark pages dirty, but for the read path it won't hold the Fw caps and there is case will it get the Fw reference. Fixes: 5dda377cf0a6 ("ceph: set i_head_snapc when getting CEPH_CAP_FILE_WR reference") Signed-off-by: Xiubo Li Reviewed-by: Patrick Donnelly Signed-off-by: Ilya Dryomov commit 74249188f31827cf1eeeee8e06474c2fbe2fc1d2 Author: Zhang Zekun Date: Fri Sep 6 14:01:34 2024 +0800 ceph: Remove empty definition in header file The real definition of ceph_acl_chmod() has been removed since commit 4db658ea0ca2 ("ceph: Fix up after semantic merge conflict"), remain the empty definition untouched in the header files. Let's remove the empty definition. Signed-off-by: Zhang Zekun Reviewed-by: Xiubo Li Signed-off-by: Ilya Dryomov commit 0039aebfe87129fae1e3567cb6de7a99dbb3ba28 Author: Yan Zhen Date: Thu Sep 5 19:32:27 2024 +0800 ceph: Fix typo in the comment Correctly spelled comments make it easier for the reader to understand the code. replace 'tagert' with 'target' in the comment & replace 'vaild' with 'valid' in the comment & replace 'carefull' with 'careful' in the comment & replace 'trsaverse' with 'traverse' in the comment. Signed-off-by: Yan Zhen Reviewed-by: Xiubo Li Signed-off-by: Ilya Dryomov commit d97079e97eab20e08afc507f2bed4501e2824717 Author: Luis Henriques (SUSE) Date: Mon Aug 19 10:52:17 2024 +0100 ceph: fix a memory leak on cap_auths in MDS client The cap_auths that are allocated during an MDS session opening are never released, causing a memory leak detected by kmemleak. Fix this by freeing the memory allocated when shutting down the MDS client. Fixes: 1d17de9534cb ("ceph: save cap_auths in MDS client when session is opened") Signed-off-by: Luis Henriques (SUSE) Reviewed-by: Xiubo Li Signed-off-by: Ilya Dryomov commit adc52461767f675264f2876d61e7220c113023e8 Author: Xiubo Li Date: Mon Jul 29 16:04:11 2024 +0800 ceph: flush all caps releases when syncing the whole filesystem We have hit a race between cap releases and cap revoke request that will cause the check_caps() to miss sending a cap revoke ack to MDS. And the client will depend on the cap release to release that revoking caps, which could be delayed for some unknown reasons. In Kclient we have figured out the RCA about race and we need a way to explictly trigger this manually could help to get rid of the caps revoke stuck issue. Link: https://tracker.ceph.com/issues/67221 Signed-off-by: Xiubo Li Reviewed-by: Ilya Dryomov Signed-off-by: Ilya Dryomov commit c085f6ca956f75d40422db96eaa6298867db8dca Author: Xiubo Li Date: Mon Jul 29 16:02:02 2024 +0800 ceph: rename ceph_flush_cap_releases() to ceph_flush_session_cap_releases() Prepare for adding a helper to flush the cap releases for all sessions. Signed-off-by: Xiubo Li Reviewed-by: Ilya Dryomov Signed-off-by: Ilya Dryomov commit 68e5c7d4cefb66de3953a874e670ec8f1ce86a24 Merge: 7f8de2bf072530 fa911d1f377bbe Author: Linus Torvalds Date: Tue Sep 24 13:02:06 2024 -0700 Merge tag 'kbuild-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild Pull Kbuild updates from Masahiro Yamada: - Support cross-compiling linux-headers Debian package and kernel-devel RPM package - Add support for the linux-debug Pacman package - Improve module rebuilding speed by factoring out the common code to scripts/module-common.c - Separate device tree build rules into scripts/Makefile.dtbs - Add a new script to generate modules.builtin.ranges, which is useful for tracing tools to find symbols in built-in modules - Refactor Kconfig and misc tools - Update Kbuild and Kconfig documentation * tag 'kbuild-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild: (51 commits) kbuild: doc: replace "gcc" in external module description kbuild: doc: describe the -C option precisely for external module builds kbuild: doc: remove the description about shipped files kbuild: doc: drop section numbering, use references in modules.rst kbuild: doc: throw out the local table of contents in modules.rst kbuild: doc: remove outdated description of the limitation on -I usage kbuild: doc: remove description about grepping CONFIG options kbuild: doc: update the description about Kbuild/Makefile split kbuild: remove unnecessary export of RUST_LIB_SRC kbuild: remove append operation on cmd_ld_ko_o kconfig: cache expression values kconfig: use hash table to reuse expressions kconfig: refactor expr_eliminate_dups() kconfig: add comments to expression transformations kconfig: change some expr_*() functions to bool scripts: move hash function from scripts/kconfig/ to scripts/include/ kallsyms: change overflow variable to bool type kallsyms: squash output_address() kbuild: add install target for modules.builtin.ranges scripts: add verifier script for builtin module range data ... commit 7f8de2bf072530a48f53a5658db8528af598b75f Merge: cd3d6477298155 6c56fb4434f59d Author: Linus Torvalds Date: Tue Sep 24 12:57:46 2024 -0700 Merge tag 'linux-cpupower-6.12-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux Pull cpupower updates from Shuah Khan "The 'raw_pylibcpupower.i' file was being removed by "make mrproper". That was because '*.i', '.s' and '*.o' files are generated during kernel compile and removed when the repo is cleaned by mrproper. Rename it to use .swg extension instead to avoid the problem. A second patch removes references to it from .gitignore" * tag 'linux-cpupower-6.12-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux: pm: cpupower: Clean up bindings gitignore pm: cpupower: rename raw_pylibcpupower.i commit cd3d6477298155482b772eae481ce01c9e764129 Merge: ba0c0cb56f227d 61850725779709 Author: Linus Torvalds Date: Tue Sep 24 12:53:54 2024 -0700 Merge tag 'i3c/for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/i3c/linux Pull i3c updates from Alexandre Belloni: "This adds support for the I3C HCI controller of the AMD SoC which as expected requires quirks. Also fixes for the other drivers, including rate selection fixes for svc. Core: - allow adjusting first broadcast address speed Drivers: - cdns: few fixes - mipi-i3c-hci: Add AMD SoC I3C controller support and quirks, fix get_i3c_mode - svc: adjust rates, fix race condition" * tag 'i3c/for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/i3c/linux: i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition i3c: master: svc: adjust SDR according to i3c spec i3c: master: svc: use slow speed for first broadcast address i3c: master: support to adjust first broadcast address speed i3c/master: cmd_v1: Fix the rule for getting i3c mode i3c: master: cdns: fix module autoloading i3c: mipi-i3c-hci: Add a quirk to set Response buffer threshold i3c: mipi-i3c-hci: Add a quirk to set timing parameters i3c: mipi-i3c-hci: Relocate helper macros to HCI header file i3c: mipi-i3c-hci: Add a quirk to set PIO mode i3c: mipi-i3c-hci: Read HC_CONTROL_PIO_MODE only after i3c hci v1.1 i3c: mipi-i3c-hci: Add AMDI5017 ACPI ID to the I3C Support List commit ba0c0cb56f227d9af9c19a276fac982c492c079f Author: Linus Torvalds Date: Tue Sep 24 12:48:35 2024 -0700 remoteproc: k3-m4: use the proper dependencies The TI_K3_M4_REMOTEPROC Kconfig entry selects OMAP2PLUS_MBOX, but that driver in turn depends on other things, which the k4-m4 driver didn't. This causes a Kconfig time warning: WARNING: unmet direct dependencies detected for OMAP2PLUS_MBOX Depends on [n]: MAILBOX [=y] && (ARCH_OMAP2PLUS || ARCH_K3) Selected by [m]: - TI_K3_M4_REMOTEPROC [=m] && REMOTEPROC [=y] && (ARCH_K3 || COMPILE_TEST [=y]) because you can't select something that is unavailable. Make the dependencies for TI_K3_M4_REMOTEPROC match those of the OMAP2PLUS_MBOX driver that it needs. Fixes: ebcf9008a895 ("remoteproc: k3-m4: Add a remoteproc driver for M4F subsystem") Cc: Bjorn Andersson Cc: Martyn Welch Cc: Hari Nagalla Cc: Andrew Davis Cc: Mathieu Poirier Signed-off-by: Linus Torvalds commit 9ae2940cbcb332aee3c9d9a0bb0f2d7dc6a82e44 Merge: 6db6a19f1ae31e 358800b702506c Author: Linus Torvalds Date: Tue Sep 24 12:42:35 2024 -0700 Merge tag 'input-for-v6.12-rc0' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input Pull input updates from Dmitry Torokhov: - support for PixArt PS/2 touchpad - updates to tsc2004/5, usbtouchscreen, and zforce_ts drivers - support for GPIO-only mode for ADP55888 controller - support for touch keys in Zinitix driver - support for querying density of Synaptics sensors - sysfs interface for Goodex "Berlin" devices to read and write touch IC registers - more quirks to i8042 to handle various Tuxedo laptops - a number of drivers have been converted to using "guard" notation when acquiring various locks, as well as using other cleanup functions to simplify releasing of resources (with more drivers to follow) - evdev will limit amount of data that can be written into an evdev instance at a given time to 4096 bytes (170 input events) to avoid holding evdev->mutex for too long and starving other users - Spitz has been converted to use software nodes/properties to describe its matrix keypad and GPIO-connected LEDs - msc5000_ts, msc_touchkey and keypad-nomadik-ske drivers have been removed since noone in mainline have been using them - other assorted cleanups and fixes * tag 'input-for-v6.12-rc0' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: (98 commits) ARM: spitz: fix compile error when matrix keypad driver is enabled Input: hynitron_cstxxx - drop explicit initialization of struct i2c_device_id::driver_data to 0 Input: adp5588-keys - fix check on return code Input: Convert comma to semicolon Input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042 quirk table Input: i8042 - add another board name for TUXEDO Stellaris Gen5 AMD line Input: tegra-kbc - use of_property_read_variable_u32_array() and of_property_present() Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() Input: ims-pcu - fix calling interruptible mutex Input: zforce_ts - switch to using asynchronous probing Input: zforce_ts - remove assert/deassert wrappers Input: zforce_ts - do not hardcode interrupt level Input: zforce_ts - switch to using devm_regulator_get_enable() Input: zforce_ts - stop treating VDD regulator as optional Input: zforce_ts - make zforce_idtable constant Input: zforce_ts - use dev_err_probe() where appropriate Input: zforce_ts - do not ignore errors when acquiring regulator Input: zforce_ts - make parsing of contacts less confusing Input: zforce_ts - switch to using get_unaligned_le16 Input: zforce_ts - use guard notation when acquiring mutexes ... commit 6db6a19f1ae31e29857b0f6f3e3896c22543be21 Merge: 6e10aa1fee979a 8dc1bffd6e15da Author: Linus Torvalds Date: Tue Sep 24 12:33:22 2024 -0700 Merge tag 'hwlock-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/remoteproc/linux Pull hwspinlock update from Bjorn Andersson: "This converts the Spreadtrum hardware spinlock DeviceTree binding to YAML, to allow validation of related DeviceTree source" * tag 'hwlock-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/remoteproc/linux: dt-bindings: hwlock: sprd-hwspinlock: convert to YAML commit 17ea56b752b6ba58fdd1fcfd24f0fd2fa2b0ade2 Author: Min-Hua Chen Date: Sun Sep 22 18:41:29 2024 +0800 io_uring: fix casts to io_req_flags_t Apply __force cast to restricted io_req_flags_t type to fix the following sparse warning: io_uring/io_uring.c:2026:23: sparse: warning: cast to restricted io_req_flags_t No functional changes intended. Signed-off-by: Min-Hua Chen Link: https://lore.kernel.org/r/20240922104132.157055-1-minhuadotchen@gmail.com Signed-off-by: Jens Axboe commit 3a87e264290d71ec86a210ab3e8d23b715ad266d Author: Guixin Liu Date: Mon Sep 23 18:05:12 2024 +0800 io_uring: fix memory leak when cache init fail Exit the percpu ref when cache init fails to free the data memory with in struct percpu_ref. Fixes: 206aefde4f88 ("io_uring: reduce/pack size of io_ring_ctx") Signed-off-by: Guixin Liu Reviewed-by: Gabriel Krisman Bertazi Link: https://lore.kernel.org/r/20240923100512.64638-1-kanie@linux.alibaba.com Signed-off-by: Jens Axboe commit 6e10aa1fee979a898b06a4c8f2083de16e16df69 Merge: 5c480f1da82c15 c1ddb29709e675 Author: Linus Torvalds Date: Tue Sep 24 12:24:32 2024 -0700 Merge tag 'rpmsg-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/remoteproc/linux Pull rpmsg updates from Bjorn Andersson: - Minor cleanup/refactor to the Qualcomm GLINK code, in order to add trace events related to the messages exchange with the remote side, useful for debugging a range of interoperability issues - Rewrite the nested structs with flexible array members in order to avoid the risk of invalid accesses * tag 'rpmsg-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/remoteproc/linux: rpmsg: glink: Avoid -Wflex-array-member-not-at-end warnings rpmsg: glink: Introduce packet tracepoints rpmsg: glink: Pass channel to qcom_glink_send_close_ack() rpmsg: glink: Tidy up RX advance handling commit 5c480f1da82c15f635a2b663740cb2bb241cc416 Merge: 7bc21c5e1f9435 38a0e38b31d3f9 Author: Linus Torvalds Date: Tue Sep 24 12:16:49 2024 -0700 Merge tag 'rproc-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/remoteproc/linux Pull remoteproc updates from Bjorn Andersson: - Add remoteproc support for the Cortex M4F found in AM62x and AM64x of the TI K3 family, support for the modem remoteproc in the Qualcomm SDX75, and audio, compute and general-purpose DSPs of the Qualcomm SA8775P. - Add support for blocking and non-blocking mailbox transmissions to the i.MX remoteproc driver, and implement poweroff and reboot mechanisms using them. Plus a few bug fixes and minor improvements. - Cleanups and bug fixes for the TI K3 DSP and R5F drivers - Support mapping SRAM regions into the AMD-Xilinx Zynqmp R5 cores - Use devres helpers for various allocations in the Ingenic, TI DA8xx, TI Keystone, TI K3, ST slim drivers - Replace uses of of_{find,get}_property() with of_property_present() where possible * tag 'rproc-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/remoteproc/linux: (25 commits) remoteporc: ingenic: Use devm_platform_ioremap_resource_byname() remoteproc: da8xx: Use devm_platform_ioremap_resource_byname() remoteproc: st_slim: Use devm_platform_ioremap_resource_byname() remoteproc: xlnx: Add sram support remoteproc: k3-r5: Fix error handling when power-up failed remoteproc: imx_rproc: Add support for poweroff and reboot remoteproc: imx_rproc: Allow setting of the mailbox transmit mode remoteproc: k3-r5: Delay notification of wakeup event remoteproc: k3-m4: Add a remoteproc driver for M4F subsystem remoteproc: k3: Factor out TI-SCI processor control OF get function dt-bindings: remoteproc: k3-m4f: Add K3 AM64x SoCs remoteproc: k3-dsp: Acquire mailbox handle during probe routine remoteproc: k3-r5: Acquire mailbox handle during probe routine remoteproc: k3-r5: Use devm_rproc_alloc() helper remoteproc: qcom: pas: Add support for SA8775p ADSP, CDSP and GPDSP remoteproc: qcom: pas: Add SDX75 remoteproc support dt-bindings: remoteproc: qcom,sm8550-pas: document the SDX75 PAS remoteproc: keystone: Use devm_rproc_alloc() helper remoteproc: keystone: Use devm_kasprintf() to build name string dt-bindings: remoteproc: xlnx,zynqmp-r5fss: Add missing "additionalProperties" on child nodes ... commit 7bc21c5e1f94351b04b6082c16c5d4887c28a414 Merge: 4491b85480c8ca aab439ffa1ca10 Author: Linus Torvalds Date: Tue Sep 24 12:07:47 2024 -0700 Merge tag 'vfio-v6.12-rc1' of https://github.com/awilliam/linux-vfio Pull VFIO updates from Alex Williamson: "Just a few cleanups this cycle: - Remove several unused structure and function declarations, and unused variables (Dr. David Alan Gilbert, Yue Haibing, Zhang Zekun) - Constify unmodified structure in mdev (Hongbo Li) - Convert to unsigned type to catch overflow with less fanfare than passing a negative value to kcalloc() (Dan Carpenter)" * tag 'vfio-v6.12-rc1' of https://github.com/awilliam/linux-vfio: vfio/pci: clean up a type in vfio_pci_ioctl_pci_hot_reset_groups() vfio/mdev: Constify struct kobj_type vfio: mdev: Remove unused function declarations vfio/fsl-mc: Remove unused variable 'hwirq' vfio/pci: Remove unused struct 'vfio_pci_mmap_vma' commit 4491b85480c8ca2d85b2a06262828ec1af5c00ba Merge: db78436bed0670 b348b6d17fd1d5 Author: Linus Torvalds Date: Tue Sep 24 12:00:37 2024 -0700 Merge tag 'dma-mapping-6.12-2024-09-24' of git://git.infradead.org/users/hch/dma-mapping Pull dma-mapping fixes from Christoph Hellwig: - sort out a few issues with the direct calls to iommu-dma (Christoph Hellwig, Leon Romanovsky) * tag 'dma-mapping-6.12-2024-09-24' of git://git.infradead.org/users/hch/dma-mapping: dma-mapping: report unlimited DMA addressing in IOMMU DMA path iommu/dma: remove most stubs in iommu-dma.h dma-mapping: fix vmap and mmap of noncontiougs allocations commit db78436bed06708a8cadb61c60881d568fb4ae27 Merge: 54d7e8190ecfe7 79805c1bbbf984 Author: Linus Torvalds Date: Tue Sep 24 11:55:26 2024 -0700 Merge tag 'for-linus-iommufd' of git://git.kernel.org/pub/scm/linux/kernel/git/jgg/iommufd Pull iommufd updates from Jason Gunthorpe: "Collection of small cleanup and one fix: - Sort headers and struct forward declarations - Fix random selftest failures in some cases due to dirty tracking tests - Have the reserved IOVA regions mechanism work when a HWPT is used as a nesting parent. This updates the nesting parent's IOAS with the reserved regions of the device and will also install the ITS doorbell page on ARM. - Add missed validation of parent domain ops against the current iommu - Fix a syzkaller bug related to integer overflow during ALIGN() - Tidy two iommu_domain attach paths" * tag 'for-linus-iommufd' of git://git.kernel.org/pub/scm/linux/kernel/git/jgg/iommufd: iommu: Set iommu_attach_handle->domain in core iommufd: Avoid duplicated __iommu_group_set_core_domain() call iommufd: Protect against overflow of ALIGN() during iova allocation iommufd: Reorder struct forward declarations iommufd: Check the domain owner of the parent before creating a nesting domain iommufd/device: Enforce reserved IOVA also when attached to hwpt_nested iommufd/selftest: Fix buffer read overrrun in the dirty test iommufd: Reorder include files commit 54d7e8190ecfe72ff0dab96545e782f7298cb69a Merge: 6fa6588e596447 70920941923316 Author: Linus Torvalds Date: Tue Sep 24 11:48:00 2024 -0700 Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma Pull rdma updates from Jason Gunthorpe: "Usual collection of small improvements and fixes, nothing especially stands out to me here. The new multipath PCI feature is a sign of things to come, I think we will see more of this in the next 10 years. Broadcom and HNS continue to update their drivers for their new HW generations. Summary: - Bug fixes and minor improvments in cxgb4, siw, mlx5, rxe, efa, rts, hfi, erdma, hns, irdma - Code cleanups/typos/etc. Tidy alloc_ordered_workqueue() calls - Multipath PCI for mlx5 - Variable size work queue, SRQ changes, and relaxed ordering for new bnxt HW - New ODP fault resolution FW protocol in mlx5 - New 'rdma monitor' netlink mechanism" * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma: (99 commits) RDMA/bnxt_re: Remove the unused variable en_dev RDMA/nldev: Add missing break in rdma_nl_notify_err_msg() RDMA/irdma: fix error message in irdma_modify_qp_roce() RDMA/cxgb4: Added NULL check for lookup_atid RDMA/hns: Fix ah error counter in sw stat not increasing RDMA/bnxt_re: Recover the device when FW error is detected RDMA/bnxt_re: Group all operations under add_device and remove_device RDMA/bnxt_re: Use the aux device for L2 ULP callbacks RDMA/bnxt_re: Change aux driver data to en_info to hold more information RDMA/nldev: Expose whether RDMA monitoring is supported RDMA/nldev: Add support for RDMA monitoring RDMA/mlx5: Use IB set_netdev and get_netdev functions RDMA/device: Remove optimization in ib_device_get_netdev() RDMA/mlx5: Initialize phys_port_cnt earlier in RDMA device creation RDMA/mlx5: Obtain upper net device only when needed RDMA/mlx5: Check RoCE LAG status before getting netdev RDMA/mlx5: Consider the query_vuid cap for data_direct net/mlx5: Handle memory scheme ODP capabilities RDMA/mlx5: Add implicit MR handling to ODP memory scheme RDMA/mlx5: Add handling for memory scheme page fault events ... commit 6fa6588e5964473356f0e2a02093ea42a5b3fd56 Merge: 3147a0689dd979 431844b65f4c1b Author: Linus Torvalds Date: Tue Sep 24 11:33:50 2024 -0700 Merge tag 'sched_ext-for-6.12-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext Pull sched_ext fixes from Tejun Heo: - Three build fixes - The fix for a stall bug introduced by a recent optimization in sched core (SM_IDLE) - Addition of /sys/kernel/sched_ext/enable_seq. While not a fix, it is a simple addition that distro people want to be able to tell whether an SCX scheduler has ever been loaded on the system * tag 'sched_ext-for-6.12-rc1-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext: sched_ext: Provide a sysfs enable_seq counter sched_ext: Fix build when !CONFIG_STACKTRACE sched, sched_ext: Disable SM_IDLE/rq empty path when scx_enabled() sched: Put task_group::idle under CONFIG_GROUP_SCHED_WEIGHT sched: Add dummy version of sched_group_set_idle() commit 3147a0689dd9793990ff954369ffcdf2de984b46 Merge: 172d513936c707 eac2ca2d682f94 Author: Linus Torvalds Date: Tue Sep 24 11:11:38 2024 -0700 Merge tag 'for-6.12/io_uring-20240922' of git://git.kernel.dk/linux Pull more io_uring updates from Jens Axboe: "Mostly just a set of fixes in here, or little changes that didn't get included in the initial pull request. This contains: - Move the SQPOLL napi polling outside the submission lock (Olivier) - Rename of the "copy buffers" API that got added in the 6.12 merge window. There's really no copying going on, it's just referencing the buffers. After a bit of consideration, decided that it was better to simply rename this to avoid potential confusion (me) - Shrink struct io_mapped_ubuf from 48 to 32 bytes, by changing it to start + len tracking rather than having start / end in there, and by removing the caching of folio_mask when we can just calculate it from folio_shift when we need it (me) - Fixes for the SQPOLL affinity checking (me, Felix) - Fix for how cqring waiting checks for the presence of task_work. Just check it directly rather than check for a specific notification mechanism (me) - Tweak to how request linking is represented in tracing (me) - Fix a syzbot report that deliberately sets up a huge list of overflow entries, and then hits rcu stalls when flushing this list. Just check for the need to preempt, and drop/reacquire locks in the loop. There's no state maintained over the loop itself, and each entry is yanked from head-of-list (me)" * tag 'for-6.12/io_uring-20240922' of git://git.kernel.dk/linux: io_uring: check if we need to reschedule during overflow flush io_uring: improve request linking trace io_uring: check for presence of task_work rather than TIF_NOTIFY_SIGNAL io_uring/sqpoll: do the napi busy poll outside the submission block io_uring: clean up a type in io_uring_register_get_file() io_uring/sqpoll: do not put cpumask on stack io_uring/sqpoll: retain test for whether the CPU is valid io_uring/rsrc: change ubuf->ubuf_end to length tracking io_uring/rsrc: get rid of io_mapped_ubuf->folio_mask io_uring: rename "copy buffers" to "clone buffers" commit 172d513936c707e991c3eca1b79cd8a153171862 Merge: 97d8894b6f4c44 732b47db1d6c26 Author: Linus Torvalds Date: Tue Sep 24 11:08:40 2024 -0700 Merge tag 'sysctl-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/sysctl/sysctl Pull sysctl update from Joel Granados: - Avoid evaluating non-mount ctl_tables as a sysctl_mount_point by removing the unlikely (but possible) chance that the permanently empty ctl_table array shares its address with another ctl_table - Update Joel Granados' contact info in MAINTAINERS * tag 'sysctl-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/sysctl/sysctl: MAINTAINERS: update email for Joel Granados sysctl: avoid spurious permanent empty tables commit 97d8894b6f4c44762fd48f5d29e73358d6181dbb Merge: 7108fff8848bc3 b3f835cd733991 Author: Linus Torvalds Date: Tue Sep 24 10:59:17 2024 -0700 Merge tag 'riscv-for-linus-6.12-mw1' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux Pull RISC-V updates from Palmer Dabbelt: - Support using Zkr to seed KASLR - Support IPI-triggered CPU backtracing - Support for generic CPU vulnerabilities reporting to userspace - A few cleanups for missing licenses - The size limit on the XIP kernel has been removed - Support for tracing userspace stacks - Support for the Svvptc extension - Various cleanups and fixes throughout the tree * tag 'riscv-for-linus-6.12-mw1' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux: (47 commits) crash: Fix riscv64 crash memory reserve dead loop perf/riscv-sbi: Add platform specific firmware event handling tools: Optimize ring buffer for riscv tools: Add riscv barrier implementation RISC-V: Don't have MAX_PHYSMEM_BITS exceed phys_addr_t ACPI: NUMA: initialize all values of acpi_early_node_map to NUMA_NO_NODE riscv: Enable bitops instrumentation riscv: Omit optimized string routines when using KASAN ACPI: RISCV: Make acpi_numa_get_nid() to be static riscv: Randomize lower bits of stack address selftests: riscv: Allow mmap test to compile on 32-bit riscv: Make riscv_isa_vendor_ext_andes array static riscv: Use LIST_HEAD() to simplify code riscv: defconfig: Disable RZ/Five peripheral support RISC-V: Implement kgdb_roundup_cpus() to enable future NMI Roundup riscv: avoid Imbalance in RAS riscv: cacheinfo: Add back init_cache_level() function riscv: Remove unused _TIF_WORK_MASK drivers/perf: riscv: Remove redundant macro check riscv: define ILLEGAL_POINTER_VALUE for 64bit ... commit 7108fff8848bc3bd958789f4db6beff94bdae521 Merge: 1cfb46051db9dd aa99969ef591ca Author: Linus Torvalds Date: Tue Sep 24 10:48:44 2024 -0700 Merge tag 'm68knommu-for-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommu Pull m68knommu fixlet from Greg Ungerer: "Only a single change, cleaning up white space in debug message" * tag 'm68knommu-for-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommu: m68k: remove trailing space after \n newline commit 1cfb46051db9ddb68e297eaf17270e09874ec5f3 Merge: e1b061b444fb01 44ac4625ea002d Author: Linus Torvalds Date: Tue Sep 24 10:46:54 2024 -0700 Merge tag 'v6.12-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto fixes from Herbert Xu: - Disable buggy p10 aes-gcm code on powerpc - Fix module aliases in paes_s390 - Fix buffer overread in caam * tag 'v6.12-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 crypto: s390/paes - Fix module aliases crypto: caam - Pad SG length when allocating hash edesc commit e1b061b444fb01c237838f0d8238653afe6a8094 Merge: 24f772dec31591 1ca980815e1f28 Author: Linus Torvalds Date: Tue Sep 24 10:40:11 2024 -0700 Merge tag 'landlock-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux Pull landlock updates from Mickaël Salaün: "We can now scope a Landlock domain thanks to a new "scoped" field that can deny interactions with resources outside of this domain. The LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET flag denies connections to an abstract UNIX socket created outside of the current scoped domain, and the LANDLOCK_SCOPE_SIGNAL flag denies sending a signal to processes outside of the current scoped domain. These restrictions also apply to nested domains according to their scope. The related changes will also be useful to support other kind of IPC isolations" * tag 'landlock-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux: landlock: Document LANDLOCK_SCOPE_SIGNAL samples/landlock: Add support for signal scoping selftests/landlock: Test signal created by out-of-bound message selftests/landlock: Test signal scoping for threads selftests/landlock: Test signal scoping landlock: Add signal scoping landlock: Document LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET samples/landlock: Add support for abstract UNIX socket scoping selftests/landlock: Test inherited restriction of abstract UNIX socket selftests/landlock: Test connected and unconnected datagram UNIX socket selftests/landlock: Test UNIX sockets with any address formats selftests/landlock: Test abstract UNIX socket scoping selftests/landlock: Test handling of unknown scope landlock: Add abstract UNIX socket scoping commit 24f772dec31591f9268a9c9e4943dc5dc47eaf9b Merge: 5c36498d06b9b0 558bdc45dfb266 Author: Linus Torvalds Date: Tue Sep 24 10:26:01 2024 -0700 Merge tag 'keys-next-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd Pull key updates from Jarkko Sakkinen: "The bulk of this is OpenSSL 3.0 compatibility fixes for the signing and certificates" * tag 'keys-next-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd: sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3 sign-file,extract-cert: avoid using deprecated ERR_get_error_line() sign-file,extract-cert: move common SSL helper functions to a header KEYS: prevent NULL pointer dereference in find_asymmetric_key() KEYS: Remove unused declarations commit 5c36498d06b9b00393c2f35edbf16b28194375fa Merge: abf2050f51fdca f89722faa31466 Author: Linus Torvalds Date: Tue Sep 24 10:18:15 2024 -0700 Merge tag 'lsm-pr-20240923' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm Pull LSM fixes from Paul Moore: - Add a missing security_mmap_file() check to the remap_file_pages() syscall - Properly reference the SELinux and Smack LSM blobs in the security_watch_key() LSM hook - Fix a random IPE selftest crash caused by a missing list terminator in the test * tag 'lsm-pr-20240923' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm: ipe: Add missing terminator to list of unit tests selinux,smack: properly reference the LSM blob in security_watch_key() mm: call the security_mmap_file() LSM hook in remap_file_pages() commit 68898131d2df70d1a9ad5c2f93f0f54dd6d5c336 Author: Anna Schumaker Date: Tue Sep 24 11:16:34 2024 -0400 nfs: Fix `make htmldocs` warnings in the localio documentation Reported-by: Stephen Rothwell Fixes: 92945bd81ca4 ("nfs: add Documentation/filesystems/nfs/localio.rst") Signed-off-by: Anna Schumaker commit f2990f8630531a99cad4dc5c44cb2a11ded42492 Author: Ard Biesheuvel Date: Thu Sep 12 12:46:31 2024 +0200 i2c: synquacer: Deal with optional PCLK correctly ACPI boot does not provide clocks and regulators, but instead, provides the PCLK rate directly, and enables the clock in firmware. So deal gracefully with this. Fixes: 55750148e559 ("i2c: synquacer: Fix an error handling path in synquacer_i2c_probe()") Cc: stable@vger.kernel.org # v6.10+ Cc: Andi Shyti Cc: Christophe JAILLET Signed-off-by: Ard Biesheuvel Signed-off-by: Andi Shyti commit 5d69d5a00f80488ddcb4dee7d1374a0709398178 Author: Kimriver Liu Date: Fri Sep 13 11:31:46 2024 +0800 i2c: designware: fix controller is holding SCL low while ENABLE bit is disabled It was observed that issuing the ABORT bit (IC_ENABLE[1]) will not work when IC_ENABLE is already disabled. Check if the ENABLE bit (IC_ENABLE[0]) is disabled when the controller is holding SCL low. If the ENABLE bit is disabled, the software needs to enable it before trying to issue the ABORT bit. otherwise, the controller ignores any write to ABORT bit. These kernel logs show up whenever an I2C transaction is attempted after this failure. i2c_designware e95e0000.i2c: timeout waiting for bus ready i2c_designware e95e0000.i2c: timeout in disabling adapter The patch fixes the issue where the controller cannot be disabled while SCL is held low if the ENABLE bit is already disabled. Fixes: 2409205acd3c ("i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low") Signed-off-by: Kimriver Liu Cc: # v6.6+ Reviewed-by: Mika Westerberg Acked-by: Jarkko Nikula Reviewed-by: Andy Shevchenko Signed-off-by: Andi Shyti commit f0fa69b5011a45394554fb8061d74fee4d7cd72c Author: Derek Foreman Date: Tue Aug 27 11:39:04 2024 -0500 drm/connector: hdmi: Fix writing Dynamic Range Mastering infoframes The largest infoframe we create is the DRM (Dynamic Range Mastering) infoframe which is 26 bytes + a 4 byte header, for a total of 30 bytes. With HDMI_MAX_INFOFRAME_SIZE set to 29 bytes, as it is now, we allocate too little space to pack a DRM infoframe in write_device_infoframe(), leading to an ENOSPC return from hdmi_infoframe_pack(), and never calling the connector's write_infoframe() vfunc. Instead of having HDMI_MAX_INFOFRAME_SIZE defined in two places, replace HDMI_MAX_INFOFRAME_SIZE with HDMI_INFOFRAME_SIZE(MAX) and make MAX 27 bytes - which is defined by the HDMI specification to be the largest infoframe payload. Fixes: f378b77227bc ("drm/connector: hdmi: Add Infoframes generation") Fixes: c602e4959a0c ("drm/connector: hdmi: Create Infoframe DebugFS entries") Signed-off-by: Derek Foreman Acked-by: Maxime Ripard Reviewed-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240827163918.48160-1-derek.foreman@collabora.com Signed-off-by: Maxime Ripard commit 8b985bbfabbe46c8b9200d7d299030232c8ebd05 Author: Tetsuo Handa Date: Mon Sep 23 19:55:50 2024 +0900 tomoyo: allow building as a loadable LSM module One of concerns for enabling TOMOYO in prebuilt kernels is that distributor wants to avoid bloating kernel packages. Although boot-time kernel command line options allows selecting built-in LSMs to enable, file size increase of vmlinux and memory footprint increase of vmlinux caused by builtin-but- not-enabled LSMs remains. If it becomes possible to make LSMs dynamically appendable after boot using loadable kernel modules, these problems will go away. Another of concerns for enabling TOMOYO in prebuilt kernels is that who can provide support when distributor cannot provide support. Due to "those who compiled kernel code is expected to provide support for that kernel code" spell, TOMOYO is failing to get enabled in Fedora distribution [1]. The point of loadable kernel module is to share the workload. If it becomes possible to make LSMs dynamically appendable after boot using loadable kernel modules, as with people can use device drivers not supported by distributors but provided by third party device vendors, we can break this spell and can lower the barrier for using TOMOYO. This patch is intended for demonstrating that there is nothing difficult for supporting TOMOYO-like loadable LSM modules. For now we need to live with a mixture of built-in part and loadable part because fully loadable LSM modules are not supported since Linux 2.6.24 [2] and number of LSMs which can reserve static call slots is determined at compile time in Linux 6.12. Major changes in this patch are described below. There are no behavior changes as long as TOMOYO is built into vmlinux. Add CONFIG_SECURITY_TOMOYO_LKM as "bool" instead of changing CONFIG_SECURITY_TOMOYO from "bool" to "tristate", for something went wrong with how Makefile is evaluated if I choose "tristate". Add proxy.c for serving as a bridge between vmlinux and tomoyo.ko . Move callback functions from init.c to proxy.c when building as a loadable LSM module. init.c is built-in part and remains for reserving static call slots. proxy.c contains module's init function and tells init.c location of callback functions, making it possible to use static call for tomoyo.ko . By deferring initialization of "struct tomoyo_task" until tomoyo.ko is loaded, threads created between init.c reserved LSM hooks and proxy.c updates LSM hooks will have NULL "struct tomoyo_task" instances. Assuming that tomoyo.ko is loaded by the moment when the global init process starts, initialize "struct tomoyo_task" instance for current thread as a kernel thread when tomoyo_task(current) is called for the first time. There is a hack for exporting currently not-exported functions. This hack will be removed after all relevant functions are exported. Link: https://bugzilla.redhat.com/show_bug.cgi?id=542986 [1] Link: https://lkml.kernel.org/r/caafb609-8bef-4840-a080-81537356fc60@I-love.SAKURA.ne.jp [2] Signed-off-by: Tetsuo Handa commit 0cbfd45fbcf0cb26d85c981b91c62fe73cdee01c Author: Jiwon Kim Date: Wed Sep 18 14:06:02 2024 +0000 bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave() syzbot reported a WARNING in bond_xdp_get_xmit_slave. To reproduce this[1], one bond device (bond1) has xdpdrv, which increases bpf_master_redirect_enabled_key. Another bond device (bond0) which is unsupported by XDP but its slave (veth3) has xdpgeneric that returns XDP_TX. This triggers WARN_ON_ONCE() from the xdp_master_redirect(). To reduce unnecessary warnings and improve log management, we need to delete the WARN_ON_ONCE() and add ratelimit to the netdev_err(). [1] Steps to reproduce: # Needs tx_xdp with return XDP_TX; ip l add veth0 type veth peer veth1 ip l add veth3 type veth peer veth4 ip l add bond0 type bond mode 6 # BOND_MODE_ALB, unsupported by XDP ip l add bond1 type bond # BOND_MODE_ROUNDROBIN by default ip l set veth0 master bond1 ip l set bond1 up # Increases bpf_master_redirect_enabled_key ip l set dev bond1 xdpdrv object tx_xdp.o section xdp_tx ip l set veth3 master bond0 ip l set bond0 up ip l set veth4 up # Triggers WARN_ON_ONCE() from the xdp_master_redirect() ip l set veth3 xdpgeneric object tx_xdp.o section xdp_tx Reported-by: syzbot+c187823a52ed505b2257@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=c187823a52ed505b2257 Fixes: 9e2ee5c7e7c3 ("net, bonding: Add XDP support to the bonding driver") Signed-off-by: Jiwon Kim Signed-off-by: Nikolay Aleksandrov Link: https://patch.msgid.link/20240918140602.18644-1-jiwonaid0@gmail.com Signed-off-by: Paolo Abeni commit 9805f39d423a30a7189158905ec3d71774fe98a1 Author: Xi Ruoyao Date: Thu Sep 19 17:13:59 2024 +0800 LoongArch: vDSO: Tune chacha implementation As Christophe pointed out, tuning the chacha implementation by scheduling the instructions like what GCC does can improve the performance. The tuning does not introduce too much complexity (basically it's just reordering some instructions). And the tuning does not hurt readibility too much: actually the tuned code looks even more similar to a textbook-style implementation based on 128-bit vectors. So overall it's a good deal to me. Tested with vdso_test_getchacha and benched with vdso_test_getrandom. On a LA664 the speedup is 5%, and I expect a larger speedup on LA[2-4]64 with a lower issue rate. Suggested-by: Christophe Leroy Link: https://lore.kernel.org/all/77655d9e-fc05-4300-8f0d-7b2ad840d091@csgroup.eu/ Signed-off-by: Xi Ruoyao Reviewed-by: Huacai Chen Signed-off-by: Jason A. Donenfeld commit 09cfc6a532d249a51d3af5022d37ebbe9c3d31f6 Author: Andrei Simion Date: Tue Sep 24 11:12:38 2024 +0300 ASoC: atmel: mchp-pdmc: Skip ALSA restoration if substream runtime is uninitialized Update the driver to prevent alsa-restore.service from failing when reading data from /var/lib/alsa/asound.state at boot. Ensure that the restoration of ALSA mixer configurations is skipped if substream->runtime is NULL. Fixes: 50291652af52 ("ASoC: atmel: mchp-pdmc: add PDMC driver") Signed-off-by: Andrei Simion Link: https://patch.msgid.link/20240924081237.50046-1-andrei.simion@microchip.com Signed-off-by: Mark Brown commit 2f3d8ff457982f4055fe8f7bf19d3821ba22c376 Author: yangyun Date: Sat Sep 14 16:51:31 2024 +0800 fuse: use exclusive lock when FUSE_I_CACHE_IO_MODE is set This may be a typo. The comment has said shared locks are not allowed when this bit is set. If using shared lock, the wait in `fuse_file_cached_io_open` may be forever. Fixes: 205c1d802683 ("fuse: allow parallel dio writes with FUSE_DIRECT_IO_ALLOW_MMAP") CC: stable@vger.kernel.org # v6.9 Signed-off-by: yangyun Reviewed-by: Bernd Schubert Signed-off-by: Miklos Szeredi commit 3b067536daa4842adbf685accf47c899a26367d3 Author: Heiner Kallweit Date: Wed Sep 18 20:45:15 2024 +0200 r8169: add missing MODULE_FIRMWARE entry for RTL8126A rev.b Add a missing MODULE_FIRMWARE entry. Fixes: 69cb89981c7a ("r8169: add support for RTL8126A rev.b") Signed-off-by: Heiner Kallweit Link: https://patch.msgid.link/bb307611-d129-43f5-a7ff-bdb6b4044fce@gmail.com Signed-off-by: Paolo Abeni commit bfde62650c73a9524c52e4a324349e99c7c39a48 Merge: 675faf5a14c14a ec8234717db858 Author: Paolo Abeni Date: Tue Sep 24 11:55:15 2024 +0200 Merge branch 'fix-maximum-tx-rx-frame-sizes-in-ravb-driver' Paul Barker says: ==================== Fix maximum TX/RX frame sizes in ravb driver These patches fix a couple of bugs in the maximum supported TX/RX frame sizes in the ravb driver. * For the GbEth IP, we were advertising a maximum TX frame size/MTU that was larger that the maximum the hardware can transmit. * For the R-Car AVB IP, we were unnecessarily setting the maximum RX frame size/MRU based on the MTU, which by default is smaller than the maximum the hardware can receive. For the R-Car AVB IP, the maximum TX frame size should be 2047 (not 2048), but additional work will be required to validate that change so it is not included in this series. Changes v2->v3: * Pick up Reviewed-by tag and suggested comment improvement from Niklas. Changes v1->v2: * Rebase on net tree as these are both bugfixes. * Pick up Reviewed-by tags. ==================== Link: https://patch.msgid.link/20240918081839.259-1-paul.barker.ct@bp.renesas.com Signed-off-by: Paolo Abeni commit ec8234717db8589078d08b17efa528a235c61f4f Author: Paul Barker Date: Wed Sep 18 09:18:39 2024 +0100 net: ravb: Fix R-Car RX frame size limit The RX frame size limit should not be based on the current MTU setting. Instead it should be based on the hardware capabilities. While we're here, improve the description of the receive frame length setting as suggested by Niklas. Fixes: c156633f1353 ("Renesas Ethernet AVB driver proper") Reviewed-by: Sergey Shtylyov Reviewed-by: Niklas Söderlund Signed-off-by: Paul Barker Reviewed-by: Simon Horman Signed-off-by: Paolo Abeni commit 1d63864299cafa7c8cbde56491c9932afdbff7ea Author: Paul Barker Date: Wed Sep 18 09:18:38 2024 +0100 net: ravb: Fix maximum TX frame size for GbEth devices The datasheets for all SoCs using the GbEth IP specify a maximum transmission frame size of 1.5 kByte. I've confirmed through internal discussions that support for 1522 byte frames has been validated, which allows us to support the default MTU of 1500 bytes after reserving space for the Ethernet header, frame checksums and an optional VLAN tag. Fixes: 2e95e08ac009 ("ravb: Add rx_max_buf_size to struct ravb_hw_info") Reviewed-by: Niklas Söderlund Reviewed-by: Sergey Shtylyov Signed-off-by: Paul Barker Reviewed-by: Simon Horman Signed-off-by: Paolo Abeni commit bff1709b3980bd7f80be6786f64cc9a9ee9e56da Author: Jiawei Ye Date: Tue Sep 24 06:58:05 2024 +0000 mac802154: Fix potential RCU dereference issue in mac802154_scan_worker In the `mac802154_scan_worker` function, the `scan_req->type` field was accessed after the RCU read-side critical section was unlocked. According to RCU usage rules, this is illegal and can lead to unpredictable behavior, such as accessing memory that has been updated or causing use-after-free issues. This possible bug was identified using a static analysis tool developed by myself, specifically designed to detect RCU-related issues. To address this, the `scan_req->type` value is now stored in a local variable `scan_req_type` while still within the RCU read-side critical section. The `scan_req_type` is then used after the RCU lock is released, ensuring that the type value is safely accessed without violating RCU rules. Fixes: e2c3e6f53a7a ("mac802154: Handle active scanning") Cc: stable@vger.kernel.org Signed-off-by: Jiawei Ye Acked-by: Miquel Raynal Reviewed-by: Przemek Kitszel Link: https://lore.kernel.org/tencent_3B2F4F2B4DA30FAE2F51A9634A16B3AD4908@qq.com Signed-off-by: Stefan Schmidt commit 675faf5a14c14a2be0b870db30a70764df81e2df Author: KhaiWenTan Date: Wed Sep 18 14:14:22 2024 +0800 net: stmmac: Fix zero-division error when disabling tc cbs The commit b8c43360f6e4 ("net: stmmac: No need to calculate speed divider when offload is disabled") allows the "port_transmit_rate_kbps" to be set to a value of 0, which is then passed to the "div_s64" function when tc-cbs is disabled. This leads to a zero-division error. When tc-cbs is disabled, the idleslope, sendslope, and credit values the credit values are not required to be configured. Therefore, adding a return statement after setting the txQ mode to DCB when tc-cbs is disabled would prevent a zero-division error. Fixes: b8c43360f6e4 ("net: stmmac: No need to calculate speed divider when offload is disabled") Cc: Co-developed-by: Choong Yong Liang Signed-off-by: Choong Yong Liang Signed-off-by: KhaiWenTan Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240918061422.1589662-1-khai.wen.tan@linux.intel.com Signed-off-by: Paolo Abeni commit ced8e8b8f40accfcce4a2bbd8b150aa76d5eff9a Author: Heiner Kallweit Date: Tue Sep 17 23:04:46 2024 +0200 r8169: add tally counter fields added with RTL8125 RTL8125 added fields to the tally counter, what may result in the chip dma'ing these new fields to unallocated memory. Therefore make sure that the allocated memory area is big enough to hold all of the tally counter values, even if we use only parts of it. Fixes: f1bce4ad2f1c ("r8169: add support for RTL8125") Cc: stable@vger.kernel.org Signed-off-by: Heiner Kallweit Reviewed-by: Simon Horman Link: https://patch.msgid.link/741d26a9-2b2b-485d-91d9-ecb302e345b5@gmail.com Signed-off-by: Paolo Abeni commit fcd2d9e1fdcd7cada612f2e8737fb13a2bce7d0e Author: Miklos Szeredi Date: Tue Sep 24 10:47:23 2024 +0200 fuse: clear FR_PENDING if abort is detected when sending request The (!fiq->connected) check was moved into the queuing method resulting in the following: Fixes: 5de8acb41c86 ("fuse: cleanup request queuing towards virtiofs") Reported-by: Lai, Yi Closes: https://lore.kernel.org/all/ZvFEAM6JfrBKsOU0@ly-workstation/ Signed-off-by: Miklos Szeredi commit 6f9defaf99122d1af9c2562181c77bc99be0672d Author: Daniel Golle Date: Tue Sep 17 14:49:55 2024 +0100 net: phy: aquantia: fix applying active_low bit after reset for_each_set_bit was used wrongly in aqr107_config_init() when iterating over LEDs. Drop misleading 'index' variable and call aqr_phy_led_active_low_set() for each set bit representing an LED which is driven by VDD instead of GND pin. Fixes: 61578f679378 ("net: phy: aquantia: add support for PHY LEDs") Signed-off-by: Daniel Golle Reviewed-by: Russell King (Oracle) Link: https://patch.msgid.link/9b1f0cd91f4cda54c8be56b4fe780480baf4aa0f.1726580902.git.daniel@makrotopia.org Signed-off-by: Paolo Abeni commit d2b366c43443a21d9bcf047f3ee1f09cf9792dc4 Author: Daniel Golle Date: Tue Sep 17 14:49:40 2024 +0100 net: phy: aquantia: fix setting active_low bit phy_modify_mmd was used wrongly in aqr_phy_led_active_low_set() resulting in a no-op instead of setting the VEND1_GLOBAL_LED_DRIVE_VDD bit. Correctly set VEND1_GLOBAL_LED_DRIVE_VDD bit. Fixes: 61578f679378 ("net: phy: aquantia: add support for PHY LEDs") Signed-off-by: Daniel Golle Reviewed-by: Russell King (Oracle) Link: https://patch.msgid.link/ab963584b0a7e3b4dac39472a4b82ca264d79630.1726580902.git.daniel@makrotopia.org Signed-off-by: Paolo Abeni commit f011b313e8ebd5b7abd8521b5119aecef403de45 Author: Youssef Samir Date: Mon Sep 16 19:08:58 2024 +0200 net: qrtr: Update packets cloning when broadcasting When broadcasting data to multiple nodes via MHI, using skb_clone() causes all nodes to receive the same header data. This can result in packets being discarded by endpoints, leading to lost data. This issue occurs when a socket is closed, and a QRTR_TYPE_DEL_CLIENT packet is broadcasted. All nodes receive the same destination node ID, causing the node connected to the client to discard the packet and remain unaware of the client's deletion. Replace skb_clone() with pskb_copy(), to create a separate copy of the header for each sk_buff. Fixes: bdabad3e363d ("net: Add Qualcomm IPC router") Signed-off-by: Youssef Samir Reviewed-by: Jeffery Hugo Reviewed-by: Carl Vanderlip Reviewed-by: Chris Lew Link: https://patch.msgid.link/20240916170858.2382247-1-quic_yabdulra@quicinc.com Signed-off-by: Paolo Abeni commit 645546a05b0370391c0eac0f14f5b9ddf8d00731 Author: Florian Westphal Date: Wed Sep 18 11:12:49 2024 +0200 xfrm: policy: remove last remnants of pernet inexact list xfrm_net still contained the no-longer-used inexact policy list heads, remove them. Fixes: a54ad727f745 ("xfrm: policy: remove remaining use of inexact list") Signed-off-by: Florian Westphal Signed-off-by: Steffen Klassert commit 0e9a2990a93f27daa643b6fa73cfa47b128947a7 Author: Damien Le Moal Date: Mon Sep 23 18:14:36 2024 +0900 ata: libata-scsi: Fix ata_msense_control() CDL page reporting When the user requests the ALL_SUB_MPAGES mode sense page, ata_msense_control() adds the CDL_T2A_SUB_MPAGE twice instead of adding the CDL_T2A_SUB_MPAGE and CDL_T2B_SUB_MPAGE pages information. Correct the second call to ata_msense_control_spgt2() to report the CDL_T2B_SUB_MPAGE page. Fixes: 673b2fe6ff1d ("scsi: ata: libata-scsi: Add support for CDL pages mode sense") Cc: stable@vger.kernel.org Signed-off-by: Damien Le Moal Reviewed-by: Hannes Reinecke commit 03a9cfc1314bf75cc7a83995f3a029a7ebf49c05 Author: Damien Le Moal Date: Mon Sep 23 18:06:46 2024 +0900 ata: libata-scsi: Fix ata_msense_control_spgt2() ata_msense_control_spgt2() can be called even for devices that do not support CDL when the user requests the ALL_SUB_MPAGES mode sense page, but for such device, this will cause a NULL pointer dereference as dev->cdl is NULL. Similarly, we should not return any data if ata_msense_control_spgt2() is called when the user requested the CDL_T2A_SUB_MPAGE or CDL_T2B_SUB_MPAGE pages for a device that does not support CDL. Avoid this potential NULL pointer dereference by checking if the device support CDL on entry to ata_msense_control_spgt2() and return 0 if it does not support CDL. Reported-by: syzbot+37757dc11ee77ef850bb@syzkaller.appspotmail.com Tested-by: syzbot+37757dc11ee77ef850bb@syzkaller.appspotmail.com Fixes: 602bcf212637 ("ata: libata: Improve CDL resource management") Signed-off-by: Damien Le Moal Reviewed-by: Hannes Reinecke commit f339bd3b51dac675fbbc08b861d2371ae3df0c0b Author: Huacai Chen Date: Tue Sep 24 15:32:20 2024 +0800 Docs/LoongArch: Add advanced extended IRQ model description Introduce the advanced extended interrupt controllers (AVECINTC). This feature will allow each core to have 256 independent interrupt vectors and MSI interrupts can be independently routed to any vector on any CPU. The whole topology of irqchips in LoongArch machines looks like this if AVECINTC is supported: +-----+ +-----------------------+ +-------+ | IPI | --> | CPUINTC | <-- | Timer | +-----+ +-----------------------+ +-------+ ^ ^ ^ | | | +---------+ +----------+ +---------+ +-------+ | EIOINTC | | AVECINTC | | LIOINTC | <-- | UARTs | +---------+ +----------+ +---------+ +-------+ ^ ^ | | +---------+ +---------+ | PCH-PIC | | PCH-MSI | +---------+ +---------+ ^ ^ ^ | | | +---------+ +---------+ +---------+ | Devices | | PCH-LPC | | Devices | +---------+ +---------+ +---------+ ^ | +---------+ | Devices | +---------+ Signed-off-by: Huacai Chen Signed-off-by: Tianyang Zhang commit 64c35d6c0ff95e9507f5fb3cce4936c7c62f3d3a Author: Xi Ruoyao Date: Tue Sep 24 15:32:20 2024 +0800 LoongArch: Remove posix_types.h include from sigcontext.h Nothing in sigcontext.h seems to require anything from linux/posix_types.h. This include seems a MIPS relic originated from an error in Linux 2.6.11-rc2 (in 2005). The unneeded include was found debugging some vDSO self test build failure (it's not the root cause though). Link: https://lore.kernel.org/linux-mips/20240828030413.143930-2-xry111@xry111.site/ Link: https://lore.kernel.org/loongarch/0b540679ec8cfccec75aeb3463810924f6ff71e6.camel@xry111.site/ Signed-off-by: Xi Ruoyao Signed-off-by: Huacai Chen commit 5016c3a31a6d74eaf2fdfdec673eae8fcf90379e Author: Wentao Guan Date: Tue Sep 24 15:32:20 2024 +0800 LoongArch: Fix memleak in pci_acpi_scan_root() Add kfree(root_ops) in this case to avoid memleak of root_ops, leaks when pci_find_bus() != 0. Signed-off-by: Yuli Wang Signed-off-by: Wentao Guan Signed-off-by: Huacai Chen commit d4f31acf1302088a5b16d1e4de890729acfa9638 Author: Uros Bizjak Date: Tue Sep 24 15:32:20 2024 +0800 LoongArch: Simplify _percpu_read() and _percpu_write() Now _percpu_read() and _percpu_write() macros call __percpu_read() and __percpu_write() static inline functions that result in a single assembly instruction. However, percpu infrastructure expects its leaf definitions to encode the size of their percpu variable, so the patch merges all the asm clauses from the static inline function into the corresponding leaf macros. The secondary effect of this change is to avoid explicit __percpu annotations for function arguments. Currently, __percpu macro is defined in include/linux/compiler_types.h, but with proposed patch [1], __percpu definition will need macros from include/asm-generic/percpu.h, creating forward dependency loop. The proposed solution is the same as x86 architecture uses. [1] https://lore.kernel.org/lkml/20240812115945.484051-4-ubizjak@gmail.com/ Tested-by: Xi Ruoyao Signed-off-by: Uros Bizjak Signed-off-by: Huacai Chen commit f93f67d06b1023313ef1662eac490e29c025c030 Author: Huacai Chen Date: Tue Sep 24 15:32:20 2024 +0800 LoongArch: Improve hardware page table walker LoongArch has similar problems explained in commit 7f0b1bf04511348995d6 ("arm64: Fix barriers used for page table modifications"), when hardware page table walker (PTW) enabled, speculative accesses may cause spurious page fault in kernel space. Theoretically, in order to completely avoid spurious page fault we need a "dbar + ibar" pair between the page table modifications and the subsequent memory accesses using the corresponding virtual address. But "ibar" is too heavy for performace, so we only use a "dbar 0b11000" in set_pte(). And let spurious_fault() filter the rest rare spurious page faults which should be avoided by "ibar". Besides, we replace the llsc loop with amo in set_pte() which has better performace, and refactor mmu_context.h to 1) avoid any load/store/branch instructions between the writing of CSR.ASID & CSR.PGDL, 2) ensure flush tlb operation is after updating ASID. Signed-off-by: Huacai Chen commit f04de6d8f252ec6434b846895474cc205527b8b8 Author: Huacai Chen Date: Tue Sep 24 15:32:20 2024 +0800 LoongArch: Add ARCH_HAS_SET_DIRECT_MAP support Add set_direct_map_*() functions for setting the direct map alias for the page to its default permissions and to an invalid state that cannot be cached in a TLB. (See d253ca0c3 ("x86/mm/cpa: Add set_direct_map_*() functions")) Add a similar implementation for LoongArch. This fixes the KFENCE warnings during hibernation: ================================================================== BUG: KFENCE: invalid read in swsusp_save+0x368/0x4d8 Invalid read at 0x00000000f7b89a3c: swsusp_save+0x368/0x4d8 hibernation_snapshot+0x3f0/0x4e0 hibernate+0x20c/0x440 state_store+0x128/0x140 kernfs_fop_write_iter+0x160/0x260 vfs_write+0x2c0/0x520 ksys_write+0x74/0x160 do_syscall+0xb0/0x160 CPU: 0 UID: 0 PID: 812 Comm: bash Tainted: G B 6.11.0-rc1+ #1566 Tainted: [B]=BAD_PAGE Hardware name: Loongson-LS3A5000-7A1000-1w-CRB, BIOS vUDK2018-LoongArch-V2.0.0 10/21/2022 ================================================================== Note: We can only set permissions for KVRANGE/XKVRANGE kernel addresses. Signed-off-by: Huacai Chen commit e86935f705fa732d8c7c3ecf0c50ea461ffab76f Author: Huacai Chen Date: Tue Sep 24 15:32:20 2024 +0800 LoongArch: Add ARCH_HAS_SET_MEMORY support Add set_memory_ro/rw/x/nx architecture hooks to change the page attribution. Use own set_memory.h rather than generic set_memory.h (i.e. include/asm-generic/set_memory.h), because we want to add other function prototypes here. Note: We can only set attributes for KVRANGE/XKVRANGE kernel addresses. Signed-off-by: Huacai Chen commit 34e3c4500cdc06094b37a41b622598098308ba8f Author: Jiaxun Yang Date: Tue Sep 24 15:32:20 2024 +0800 LoongArch: Rework CPU feature probe from CPUCFG/IOCSR Probe ISA level, TLB, IOCSR information from CPUCFG to improve kernel resilience to different core implementations. BTW, IOCSR register definition appears to be a platform-specific spec instead of an architecture spec, even for the Loongson CPUs there is no guarantee that IOCSR will always present. Thus it's dangerous to perform IOCSR probing without checking CPU type and instruction availability. Signed-off-by: Jiaxun Yang Signed-off-by: Huacai Chen commit d0bb0b600081bc7c246b97b2901abbb6c357ff7b Author: Bibo Mao Date: Tue Sep 24 15:32:06 2024 +0800 LoongArch: Enable ACPI BGRT handling Add ACPI BGRT support on LoongArch so it can display image provied by acpi table at boot stage and switch to graphical UI smoothly. Signed-off-by: Bibo Mao Signed-off-by: Huacai Chen commit e8dd556c74325f29597665c2c557a8ea699a0686 Author: Tiezhu Yang Date: Tue Sep 24 15:31:51 2024 +0800 LoongArch: Enable generic CPU vulnerabilites support Currently, many architectures support generic CPU vulnerabilites, such as x86, arm64 and riscv: commit 61dc0f555b5c ("x86/cpu: Implement CPU vulnerabilites sysfs functions") commit 61ae1321f06c ("arm64: enable generic CPU vulnerabilites support") commit 0e3f3649d44b ("riscv: Enable generic CPU vulnerabilites support") All LoongArch CPUs (since Loongson-3A5000) implement a special mechanism in the processor core to prevent "Meltdown" and "Spectre" attacks, so it can enable generic CPU vulnerabilites support for LoongArch too. Without this patch, there are no user interfaces of vulnerabilities to check on LoongArch. The output of those files reflects the state of the CPUs in the system, the output value "Not affected" means "CPU is not affected by the vulnerability". Before: # cat /sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow cat: /sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow: No such file or directory # cat /sys/devices/system/cpu/vulnerabilities/spec_store_bypass cat: /sys/devices/system/cpu/vulnerabilities/spec_store_bypass: No such file or directory # cat /sys/devices/system/cpu/vulnerabilities/meltdown cat: /sys/devices/system/cpu/vulnerabilities/meltdown: No such file or directory After: # cat /sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow Not affected # cat /sys/devices/system/cpu/vulnerabilities/spec_store_bypass Not affected # cat /sys/devices/system/cpu/vulnerabilities/meltdown Not affected Link: https://www.loongson.cn/EN/news/show?id=633 Signed-off-by: Tiezhu Yang Signed-off-by: Huacai Chen commit 440d52b370b03b366fd26ace36bab20552116145 Author: Rob Clark Date: Fri Sep 13 13:23:01 2024 -0700 drm/sched: Fix dynamic job-flow control race Fixes a race condition reported here: https://github.com/AsahiLinux/linux/issues/309#issuecomment-2238968609 The whole premise of lockless access to a single-producer-single- consumer queue is that there is just a single producer and single consumer. That means we can't call drm_sched_can_queue() (which is about queueing more work to the hw, not to the spsc queue) from anywhere other than the consumer (wq). This call in the producer is just an optimization to avoid scheduling the consuming worker if it cannot yet queue more work to the hw. It is safe to drop this optimization to avoid the race condition. Suggested-by: Asahi Lina Fixes: a78422e9dff3 ("drm/sched: implement dynamic job-flow control") Closes: https://github.com/AsahiLinux/linux/issues/309 Cc: stable@vger.kernel.org Signed-off-by: Rob Clark Reviewed-by: Danilo Krummrich Tested-by: Janne Grunau Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240913202301.16772-1-robdclark@gmail.com commit a3096328462b1e022c6294898c440708ea11509a Author: Philipp Stanner Date: Mon Sep 16 20:52:00 2024 +0200 MAINTAINERS: drm/sched: Add new maintainers DRM's GPU scheduler is arguably in need of more intensive maintenance. Danilo and Philipp volunteer to help with the maintainership. Signed-off-by: Philipp Stanner Cc: Christian König Cc: Luben Tuikov Cc: Matthew Brost Cc: Danilo Krummrich Cc: Tvrtko Ursulin Acked-by: Christian König Acked-by: Alex Deucher Acked-by: Matthew Brost Acked-by: Danilo Krummrich Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240916185159.35727-3-pstanner@redhat.com commit 7eb4a319db65566005989121563ead344ca79140 Author: Kent Overstreet Date: Mon Sep 23 16:39:49 2024 -0400 bcachefs: Fix infinite loop in propagate_key_to_snapshot_leaves() As we iterate we need to mark that we no longer need iterators - otherwise we'll infinite loop via the "too many iters" check when there's many snapshots. Signed-off-by: Kent Overstreet commit 6d12d7ace99ec74cb1f479bb851b5ed65b3bc105 Author: Kent Overstreet Date: Sun Sep 22 02:10:30 2024 -0400 bcachefs: Ensure BCH_FS_accounting_replay_done is always set if it doesn't get set we'll never be able to flush the btree write buffer; this only happens in fake rw mode, but prevents us from shutting down. Signed-off-by: Kent Overstreet commit abf2050f51fdca0fd146388f83cddd95a57a008d Merge: 9ab27b018649c9 81ee62e8d09ee3 Author: Linus Torvalds Date: Mon Sep 23 15:27:58 2024 -0700 Merge tag 'media/v6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media Pull media updates from Mauro Carvalho Chehab: - New CEC driver: Extron DA HD 4K Plus - Lots of driver fixes, cleanups and improvements * tag 'media/v6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media: (179 commits) media: atomisp: Use clamp() in ia_css_eed1_8_vmem_encode() media: atomisp: Fix eed1_8 code assigning signed values to an unsigned variable media: atomisp: set lock before calling vb2_queue_init() media: atomisp: Improve binary finding debug logging media: atomisp: Drop dev_dbg() calls from hmm_[alloc|free]() media: atomisp: csi2-bridge: Add DMI quirk for t4ka3 on Xiaomi Mipad2 media: atomisp: add missing wait_prepare/finish ops media: atomisp: Remove unused declaration media: atomisp: use clamp() in compute_coring() media: atomisp: use clamp() in ia_css_eed1_8_encode() media: atomisp: Simplify ia_css_pipe_create_cas_scaler_desc_single_output() media: atomisp: Replace rarely used macro from math_support.h media: atomisp: Remove duplicated leftover, i.e. sh_css_dvs_info.h media: atomisp: bnr: fix trailing statement media: atomisp: move trailing */ to separate lines media: atomisp: move trailing statement to next line. media: atomisp: Fix trailing statement in ia_css_de.host.c media: atomisp: Fix spelling mistakes in atomisp.h media: atomisp: Fix spelling mistakes in atomisp_platform.h media: atomisp: Fix spelling mistake in csi_rx_public.h ... commit 9ab27b018649c9504e894496cb4d7d8afcffd897 Merge: 4e2c9cd7dce6c7 f00b45db02ae4e Author: Linus Torvalds Date: Mon Sep 23 15:01:48 2024 -0700 Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux Pull clk updates from Stephen Boyd: "The core clk framework is left largely untouched this time around except for support for the newly ratified DT property 'assigned-clock-rates-u64'. I'm much more excited about the support for loading DT overlays from KUnit tests so that we can test how the clk framework parses DT nodes during clk registration. The clk framework has some places that are highly DeviceTree dependent so this charts the path to extend the KUnit tests to cover even more framework code in the future. I've got some more tests on the list that use the DT overlay support, but they uncovered issues with clk unregistration that I'm still working on fixing. Outside the core, the clk driver update pile is dominated by Qualcomm and Renesas SoCs, making it fairly usual. Looking closer, there are fixes for things all over the place, like adding missing clk frequencies or moving defines for the number of clks out of DT binding headers into the drivers. There are even conversions of DT bindings to YAML and migration away from strings to describe clk topology. Overall it doesn't look unusual so I expect the new drivers to be where we'll have fixes in the coming weeks. Core: - KUnit tests for clk registration and fixed rate basic clk type - A couple more devm helpers, one consumer and one provider - Support for assigned-clock-rates-u64 New Drivers: - Camera, display and GPU clocks on Qualcomm SM4450 - Camera clocks on Qualcomm SM8150 - Rockchip rk3576 clks - Microchip SAM9X7 clks - Renesas RZ/V2H(P) (R9A09G057) clks Updates: - Mark a bunch of struct freq_tbl const to reduce .data usage - Add Qualcomm MSM8226 A7PLL and Regera PLL support - Fix the Qualcomm Lucid 5LPE PLL configuration sequence to not reuse Trion, as they do differ - A number of fixes to the Qualcomm SM8550 display clock driver - Fold Qualcomm SM8650 display clock driver into SM8550 one - Add missing clocks and GDSCs needed for audio on Qualcomm MSM8998 - Add missing USB MP resets, GPLL9, and QUPv3 DFS to Qualcomm SC8180X - Fix sdcc clk frequency tables on Qualcomm SC8180X - Drop the Qualcomm SM8150 gcc_cpuss_ahb_clk_src - Mark Qualcomm PCIe GDSCs as RET_ON on sm8250 and sm8540 to avoid them turning off during suspend - Use the HW_CTRL mechanism on Qualcomm SM8550 video clock controller GDSCs - Get rid of CLK_NR_CLKS defines in Rockchip DT binding headers - Some fixes for Rockchip rk3228 and rk3588 - Exynos850: Add clock for Thermal Management Unit - Exynos7885: Fix duplicated ID in the header, add missing TOP PLLs and add clocks for USB block in the FSYS clock controller - ExynosAutov9: Add DPUM clock controller - ExynosAutov920: Add new (first) clock controllers: TOP and PERIC0 (and a bit more complete bindings) - Use clk_hw pointer instead of fw_name for acm_aud_clk[0-1]_sel clocks on i.MX8Q as parents in ACM provider - Add i.MX95 NETCMIX support to the block control provider - Fix parents for ENETx_REF_SEL clocks on i.MX6UL - Add USB clocks, resets and power domains on Renesas RZ/G3S - Add Generic Timer (GTM), I2C Bus Interface (RIIC), SD/MMC Host Interface (SDHI) and Watchdog Timer (WDT) clocks and resets on Renesas RZ/V2H - Add PCIe, PWM, and CAN-FD clocks on Renesas R-Car V4M - Add LCD controller clocks and resets on Renesas RZ/G2UL - Add DMA clocks and resets on Renesas RZ/G3S - Add fractional multiplication PLL support on Renesas R-Car Gen4 - Document support for the Renesas RZ/G2M v3.0 (r8a774a3) SoC - Support for the Microchip SAM9X7 SoC as follows: - Updates for the Microchip PLL drivers - DT binding documentation updates (for the new clock driver and for the slow clock controller that SAM9X7 is using) - A fix for the Microchip SAMA7G5 clock driver to avoid allocating more memory than necessary - Constify some Amlogic structs - Add SM1 eARC clocks for Amlogic - Introduce a symbol namespace for Amlogic clock specific symbols - Add reset controller support to audiomix block control on i.MX - Add CLK_SET_RATE_PARENT flag to all audiomix clocks and to i.MX7D lcdif_pixel_src clock - Fix parent clocks for earc_phy and audpll on i.MX8MP - Fix default parents for enet[12]_ref_sel on i.MX6UL - Add ops in composite 8M and 93 that allow no-op on disable - Add check for PCC present bit on composite 7ULP register - Fix fractional part for fracn-gppll on prepare in i.MX - Fix clock tree update for TF-A managed clocks on i.MX8M - Drop CLK_SET_PARENT_GATE for DRAM mux on i.MX7D - Add the SAI7 IPG clock for i.MX8MN - Mark the 'nand_usdhc_bus' clock as non-critical on i.MX8MM - Add LVDS bypass clocks on i.MX8QXP - Add muxes for MIPI and PHY ref clocks on i.MX - Reorder dc0_bypass0_clk, lcd_pxl and dc1_disp clocks on i.MX8QXP - Add 1039.5MHz and 800MHz rates to fracn-gppll table on i.MX - Add CLK_SET_RATE_PARENT for media_disp pixel clocks on i.MX8QXP - Add some module descriptions to the i.MX generic and the i.MXRT1050 driver - Fix return value for bypass for composite i.MX7ULP - Move Mediatek clk bindings to clock/ - Convert some more clk bindings to dt schema" * tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux: (180 commits) clk: Switch back to struct platform_driver::remove() dt-bindings: clock, reset: fix top-comment indentation rk3576 headers clk: rockchip: remove unused mclk_pdm0_p/pdm0_p definitions clk: provide devm_clk_get_optional_enabled_with_rate() clk: fixed-rate: add devm_clk_hw_register_fixed_rate_parent_data() clk: imx6ul: fix clock parent for IMX6UL_CLK_ENETx_REF_SEL clk: renesas: r9a09g057: Add clock and reset entries for GTM/RIIC/SDHI/WDT clk: renesas: rzv2h: Add support for dynamic switching divider clocks clk: renesas: r9a08g045: Add clocks, resets and power domains for USB clk: rockchip: fix error for unknown clocks clk: rockchip: rk3588: drop unused code clk: rockchip: Add clock controller for the RK3576 clk: rockchip: Add new pll type pll_rk3588_ddr dt-bindings: clock, reset: Add support for rk3576 dt-bindings: clock: rockchip,rk3588-cru: drop unneeded assigned-clocks clk: rockchip: rk3588: Fix 32k clock name for pmu_24m_32k_100m_src_p clk: imx95: enable the clock of NETCMIX block control dt-bindings: clock: add RMII clock selection dt-bindings: clock: add i.MX95 NETCMIX block control clk: imx: imx8: Use clk_hw pointer for self registered clock in clk_parent_data ... commit 4e2c9cd7dce6c7480f236c3ead196ff4e92ed597 Merge: 00b43f85f287f4 c24999e61b2187 Author: Linus Torvalds Date: Mon Sep 23 14:34:19 2024 -0700 Merge tag 'i2c-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux Pull i2c updates from Wolfram Sang: "I2C core: - finally remove the I2C_COMPAT symbol after 15 years of deprecation - lock client addresses during initialization to prevent race conditions between different kinds of instantiation - use scoped foreach OF child loops - testunit cleanups and documentation improvements, as well as two new tests, one for repeated start and one for triggering SMBusAlert interrupts I2C host drivers: - DesignWare and Renesas I2C driver updates. The first has has undergone through a series of cleanups that have been sent to the mailing list a year ago for the first time and finally get merged in this pull request. They are many, from typos (e.g. i2/i2c), to cosmetics, to refactoring (e.g. move inline functions to librarieas) and many others. - all the DesignWare Kconfig options have been grouped under the I2C_DESIGNWARE_CORE and this required some adaptation in many of the kernel configuration files for different arm and mips boards Cleanups: - improve the exit path in the runtime resume function for the Qualcomm Geni platform - get rid of the unused "target_addr" parameter in the Intel LJCA driver - intialize the restart_flag in the MediaTek controller in one single place - constify a few global data structures in the virtio driver - simplify the bus speed handling in the Renesas driver init function making it more readable - improved probe function of the Renesas R-Car driver - switch the iMX/MXC driver to use RUNTIME_PM_OPS() instead of SET_RUNTIME_PM_OPS() - iMX/MXC driver cleanups - use devm_clk_get_enabled() to simplify the Renesas EMEV2, Ingenic and MPC drivers Refactoring: - Fix a potential out of boundary array access in the Nuvoton driver. This is not a bug fix because the issue could never occur due to hardware not having the properties listed in the array. The change makes the driver more future proof and, at the same time, silences code analyzers. Improvements: - several patches improving the runtime power management handling of the Renesas I2C (riic) driver - use a more descriptive adapter name in the Intel i801 driver to show the presence of the IDF feature - kill pending transactions when irq's can't complete their handling in the Intel Denverton (ismt) driver, triggering a timeout New Feature: - support fast mode plus in the Renesas I2C (riic) driver New support: - Added support for: - Renesas R9A08G045 - Rockchip RK3576 - KEBA I2C - Theobroma Systems Mule Multiplexer. - new i2c-keba.c driver - new driver for The Mule i2c multiplexer Core I2C framework: - move runtime PM functions in order to allow them to be accessed during device add Devicetree: - nVidia and Qualcomm binding improvements - get rid of redundant "multi-master" property in the aspeed binding - convert i2c-sprd binding to YAML AT24 updates: - document a new model from giantec in DT bindings" * tag 'i2c-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: (69 commits) i2c: designware: Use pci_get_drvdata() i2c: designware: Propagate firmware node i2c: designware: Uninline i2c_dw_probe() i2c: ljca: Remove unused "target_addr" parameter i2c: keba: Add KEBA I2C controller support i2c: i801: Use a different adapter-name for IDF adapters i2c: core: Setup i2c_adapter runtime-pm before calling device_add() dt-bindings: i2c: i2c-sprd: convert to YAML i2c: ismt: kill transaction in hardware on timeout i2c: designware: Group all DesignWare drivers under a single option net: txgbe: Fix I2C Kconfig dependencies RISC-V: configs: enable I2C_DESIGNWARE_CORE with I2C_DESIGNWARE_PLATFORM mips: configs: enable I2C_DESIGNWARE_CORE with I2C_DESIGNWARE_PLATFORM arm64: defconfig: enable I2C_DESIGNWARE_CORE with I2C_DESIGNWARE_PLATFORM ARM: configs: enable I2C_DESIGNWARE_CORE with I2C_DESIGNWARE_PLATFORM ARC: configs: enable I2C_DESIGNWARE_CORE with I2C_DESIGNWARE_PLATFORM i2c: virtio: Constify struct i2c_algorithm and struct virtio_device_id i2c: rcar: tidyup priv->devtype handling on rcar_i2c_probe() i2c: imx: Convert comma to semicolon i2c: jz4780: Use devm_clk_get_enabled() helpers ... commit 00b43f85f287f4b661f1a2485bed1a476d308427 Merge: 20d9ba738b9696 447b167bb60d0b Author: Linus Torvalds Date: Mon Sep 23 14:31:38 2024 -0700 Merge tag 'libnvdimm-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm Pull libnvdimm updates from Ira Weiny: - use Open Firmware helper routines - fix memory leak when nvdimm labels are incorrect - remove some dead code * tag 'libnvdimm-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm: nvdimm: Remove dead code for ENODEV checking in scan_labels() nvdimm: Fix devs leaks in scan_labels() nvdimm: Use of_property_present() and of_property_read_bool() commit 20d9ba738b9696ee882c6ecf55cfae8fb8b64040 Merge: f2debe057fcc96 fea88a13a5d14b Author: Linus Torvalds Date: Mon Sep 23 14:29:11 2024 -0700 Merge tag 'backlight-next-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/backlight Pull backlight update from Lee Jones: - Added a check for the return value of spi_setup() in the l4f00242t03 driver to catch errors * tag 'backlight-next-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/backlight: backlight: l4f00242t03: Add check for spi_setup commit f2debe057fcc962e865d57800e39e029887812b4 Merge: b0a53b4f3f3df6 64c38866500b0b Author: Linus Torvalds Date: Mon Sep 23 14:20:11 2024 -0700 Merge tag 'leds-next-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/leds Pull LED updates from Lee Jones: - Limited LED current based on thermal conditions in the QCOM flash LED driver - Fixed device child node usage in the BD2606MVV and PCA995x drivers - Used device_for_each_child_node_scoped() to access child nodes in the IS31FL319X driver - Reset the LED controller during the probe in the LM3601X driver - Used device_for_each_child_node() to access device child nodes in the PCA995X driver - Fixed CONFIG_LEDS_CLASS_MULTICOLOR dependency in the BlinkM driver - Replaced msleep() with usleep_range() in the SUN50I-A100 driver - Used scoped device node handling to simplify error paths in the AAT1290, KTD2692, and MC13783 drivers - Added missing of_node_get for probe duration in the MAX77693 driver - Simplified using for_each_available_child_of_node_scoped() loops when iterating over device nodes - Used devm_clk_get_enabled() helpers in the LP55XX driver - Converted DT bindings from TXT to YAML format for various drivers, including LM3692x and SC2731-BLTC - Set num_leds after allocation in the GPIO driver - Removed irrelevant blink configuration error message in the PCA9532 driver - Fixed module autoloading with MODULE_DEVICE_TABLE() in the Turris Omnia driver * tag 'leds-next-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/leds: (38 commits) leds: turris-omnia: Fix module autoloading with MODULE_DEVICE_TABLE() leds: pca9532: Remove irrelevant blink configuration error message leds: gpio: Set num_leds after allocation dt-bindings: leds: Convert leds-lm3692x to YAML format leds: lp55xx: Use devm_clk_get_enabled() helpers leds: as3645a: Use device_* to iterate over device child nodes leds: qcom-lpg: Simplify with scoped for each OF child loop leds: turris-omnia: Simplify with scoped for each OF child loop leds: sc27xx: Simplify with scoped for each OF child loop leds: pca9532: Simplify with scoped for each OF child loop leds: netxbig: Simplify with scoped for each OF child loop leds: mt6323: Simplify with scoped for each OF child loop leds: mc13783: Use scoped device node handling to simplify error paths leds: lp55xx: Simplify with scoped for each OF child loop leds: is31fl32xx: Simplify with scoped for each OF child loop leds: bcm6358: Simplify with scoped for each OF child loop leds: bcm6328: Simplify with scoped for each OF child loop leds: aw2013: Simplify with scoped for each OF child loop leds: 88pm860x: Simplify with scoped for each OF child loop leds: max77693: Simplify with scoped for each OF child loop ... commit b0a53b4f3f3df6b9da31f2e406da8a490122c807 Merge: 8874d92b579bf8 91dba615c3431d Author: Linus Torvalds Date: Mon Sep 23 14:17:08 2024 -0700 Merge tag 'mfd-next-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/mfd Pull MFD updates from Lee Jones: - Added support for the Analog Devices ADP5585 GPIO and PWM functions - Added parsing of GPIO hogs for the ADP5585 - Fixed module autoloading in the MAX14577 driver - Simplified and cleaned up the CROS_EC driver - Made the Lenovo Yoga Tab 3 X90F DMI match less strict in the INTEL_SOC_PMIC_CHTWC driver - Added support for the RK806 PMIC on the I2C bus - Removed the remaining header file for the DS1WM driver - Added compatible strings for various devices in the device tree bindings - Fixed a comma-related issue in the 88PM860X_CORE driver - Constified read-only regmap structs in various drivers - Used scoped variables with memory allocators to simplify error paths in the MT6360 and SYSCON drivers - Added Intel Arrow Lake-H and Panther Lake LPSS PCI IDs * tag 'mfd-next-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/mfd: (44 commits) mfd: atc260x: Convert a bunch of commas to semicolons dt-bindings: mfd: qcom,tcsr: Add compatible for sa8775p mfd: intel-lpss: Add Intel Panther Lake LPSS PCI IDs mfd: intel-lpss: Add Intel Arrow Lake-H LPSS PCI IDs dt-bindings: mfd: syscon: Add rk3576 QoS register compatible dt-bindings: mfd: adp5585: Add parsing of hogs mfd: tc3589x: Drop vendorless compatible string from match table mfd: qcom-spmi-pmic: Use for_each_child_of_node_scoped() mfd: max77620: Use for_each_child_of_node_scoped() mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI match less strict mfd: cros_ec: Update module description mfd: cros_ec: Simplify and clean-up cros_ec_dev_init() mfd: max14577: Provide MODULE_DEVICE_TABLE() to fix module autoloading mfd: rk8xx: Add support for rk806 on i2c bus dt-bindings: mfd: syscon: Add ti,j784s4-acspcie-proxy-ctrl compatible mfd: ds1wm: Remove remaining header file MAINTAINERS: Repair file entry in MARVELL 88PM886 PMIC DRIVER mfd: 88pm860x-core: Convert comma to semicolon mfd: syscon: Use scoped variables with memory allocators to simplify error paths mfd: mt6360: Use scoped variables with memory allocators to simplify error paths ... commit 8874d92b579bf86f61f044ab43a4cd961d112269 Merge: fbb86b0d5f3818 e0bee4bcdc3238 Author: Linus Torvalds Date: Mon Sep 23 14:08:08 2024 -0700 Merge tag 'dmaengine-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/dmaengine Pull dmaengine updates from Vinod Koul: "Unusually, more new driver and device support than updates. Couple of new device support, AMD, Rcar, Intel and New drivers in Freescale, Loonsoon, AMD and LPC32XX with DT conversion and mode updates etc. New support: - Support for AMD Versal Gen 2 DMA IP - Rcar RZ/G3S SoC dma controller - Support for Intel Diamond Rapids and Granite Rapids-D dma controllers - Support for Freescale ls1021a-qdma controller - New driver for Loongson-1 APB DMA - New driver for AMD QDMA - Pl08x in LPC32XX router dma driver Updates: - Support for dpdma cyclic dma mode - XML conversion for marvell xor dma bindings - Dma clocks documentation for imx dma" * tag 'dmaengine-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/dmaengine: (24 commits) dmaengine: loongson1-apb-dma: Fix the build warning caused by the size of pdev_irqname dmaengine: Fix spelling mistakes dmaengine: Add dma router for pl08x in LPC32XX SoC dmaengine: fsl-edma: add edma src ID check at request channel dmaengine: fsl-edma: change to guard(mutex) within fsl_edma3_xlate() dmaengine: avoid non-constant format string dmaengine: imx-dma: Remove i.MX21 support dt-bindings: dma: fsl,imx-dma: Document the DMA clocks dmaengine: Loongson1: Add Loongson-1 APB DMA driver dt-bindings: dma: Add Loongson-1 APB DMA dmaengine: zynqmp_dma: Add support for AMD Versal Gen 2 DMA IP dt-bindings: dmaengine: zynqmp_dma: Add a new compatible string dmaengine: idxd: Add new DSA and IAA device IDs for Diamond Rapids platform dmaengine: idxd: Add a new DSA device ID for Granite Rapids-D platform dmaengine: ti: k3-udma: Remove unused declarations dmaengine: amd: qdma: Add AMD QDMA driver dmaengine: xilinx: dpdma: Add support for cyclic dma mode dma: ipu: Remove include/linux/dma/ipu-dma.h dt-bindings: dma: fsl-mxs-dma: Add compatible string "fsl,imx8qxp-dma-apbh" dt-bindings: fsl-qdma: allow compatible string fallback to fsl,ls1021a-qdma ... commit fbb86b0d5f38184873772a84ae50d5edd6a8b046 Merge: 7116747a686e3d 3c2ea12a625dbf Author: Linus Torvalds Date: Mon Sep 23 14:05:10 2024 -0700 Merge tag 'phy-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/phy/linux-phy Pull phy updates from Vinod Koul: "New hw support: - Rcar usb2 support for RZ/G3S SoC - Nuvoton MA35 SoC USB 2.0 PHY driver Removed: - obsolete qcom,usb-8x16-phy bindings Updates: - 4 lane PCIe support for Qualcomm X1E80100 - Constify structure in subsystem update - Subsystem simplification with scoped for each OF child loop update - Yaml conversion for Qualcomm sata phy, Hiilicon hi3798cv200-combphy bindings" * tag 'phy-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/phy/linux-phy: (40 commits) phy: renesas: rcar-gen3-usb2: Add support for the RZ/G3S SoC dt-bindings: phy: renesas,usb2-phy: Document RZ/G3S phy bindings phy: renesas: rcar-gen3-usb2: Add support to initialize the bus phy: ti: j721e-wiz: Simplify with scoped for each OF child loop phy: ti: j721e-wiz: Drop OF node reference earlier for simpler code phy: ti: gmii-sel: Simplify with dev_err_probe() phy: ti: am654-serdes: Use scoped device node handling to simplify error paths phy: qcom: qmp-pcie-msm8996: Simplify with scoped for each OF child loop phy: mediatek: xsphy: Simplify with scoped for each OF child loop phy: mediatek: tphy: Simplify with scoped for each OF child loop phy: hisilicon: usb2: Simplify with scoped for each OF child loop phy: cadence: sierra: Simplify with scoped for each OF child loop phy: broadcom: brcm-sata: Simplify with scoped for each OF child loop phy: broadcom: bcm-cygnus-pcie: Simplify with scoped for each OF child loop phy: nuvoton: add new driver for the Nuvoton MA35 SoC USB 2.0 PHY dt-bindings: phy: nuvoton,ma35-usb2-phy: add new bindings phy: qcom: qmp-pcie: Configure all tables on port B PHY phy: airoha: adjust initialization delay in airoha_pcie_phy_init() dt-bindings: phy: socionext,uniphier: add top-level constraints phy: qcom: qmp-pcie: Add Gen4 4-lanes mode for X1E80100 ... commit 7116747a686e3d5decc354e6812f078dd0c44c6e Merge: f34c51252189e6 5aedb8d8336b0a Author: Linus Torvalds Date: Mon Sep 23 14:00:46 2024 -0700 Merge tag 'soundwire-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/soundwire Pull soundwire updates from Vinod Koul: - bus cleanup for warnings and probe deferral errors suppression - cadence recheck for status with a delayed work - intel interrupt rework on reset exit * tag 'soundwire-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vkoul/soundwire: soundwire: intel_bus_common: enable interrupts before exiting reset soundwire: cadence: re-check Peripheral status with delayed_work soundwire: bus: clean up probe warnings soundwire: bus: drop unused driver name field soundwire: bus: suppress probe deferral errors commit f34c51252189e6f18f3983f7cb7cc46f2e54ffe9 Merge: 962ad08780a5bf 134d2531ef8204 Author: Linus Torvalds Date: Mon Sep 23 13:19:37 2024 -0700 Merge tag 'linux-watchdog-6.12-rc1' of git://www.linux-watchdog.org/linux-watchdog Pull watchdog updates from Wim Van Sebroeck: - Add Watchdog Timer driver for RZ/V2H(P) - Add Cirrus EP93x - Some small fixes and improvements * tag 'linux-watchdog-6.12-rc1' of git://www.linux-watchdog.org/linux-watchdog: watchdog: Convert comma to semicolon watchdog: rzv2h_wdt: Add missing MODULE_LICENSE tag to fix modpost error dt-bindings: watchdog: Add Cirrus EP93x dt-bindings: watchdog: stm32-iwdg: Document interrupt and wakeup properties drivers: watchdog: marvell_gti: Convert comma to semicolon watchdog: iTCO_wdt: Convert comma to semicolon watchdog: Add Watchdog Timer driver for RZ/V2H(P) dt-bindings: watchdog: renesas,wdt: Document RZ/V2H(P) SoC watchdog: imx_sc_wdt: detect if already running watchdog: imx2_wdt: Remove __maybe_unused notations watchdog: imx_sc_wdt: Don't disable WDT in suspend watchdog: imx7ulp_wdt: move post_rcs_wait into struct imx_wdt_hw_feature commit 962ad08780a5bfb3240bc793e565181eacfceafb Merge: 5f153b63302af2 264c13114bd71d Author: Linus Torvalds Date: Mon Sep 23 13:15:23 2024 -0700 Merge tag 'pinctrl-v6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl Pull pin control updates from Linus Walleij: "Core changes: - Add support for "input-schmitt-microvolt" property, as used in the Sophgo SoC New drivers: - Mobileye EyeQ5 pin controller, I think this is an automotive SoC - Rockchip rk3576 pin control support - Sophgo CV1800 series pin controllers: CV1800B, CV1812H and SG2000 Improvements: - Gradual improvements to Renesas, Samsung, Qualcomm, Nuvoton and a few other drivers" * tag 'pinctrl-v6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl: (67 commits) pinctrl: intel: Constify struct intel_pinctrl parameter pinctrl: Remove redundant null pointer checks in pinctrl_remove_device_debugfs() pinctrl: baytrail: Drop duplicate return statement pinctrl: intel: Inline intel_gpio_community_irq_handler() dt-bindings: pinctrl: qcom: add missing type to GPIO hogs pinctrl: madera: Simplify with dev_err_probe() pinctrl: k210: Use devm_clk_get_enabled() helpers pinctrl: Join split messages and remove double whitespace pinctrl: renesas: rzg2l: Move pinconf_to_config_argument() call outside of switch cases pinctrl: renesas: rzg2l: Introduce single macro for digital noise filter configuration pinctrl: renesas: rzg2l: Replace of_node_to_fwnode() with more suitable API pinctrl: mvebu: Fix devinit_dove_pinctrl_probe function pinctrl: sunxi: Use devm_clk_get_enabled() helpers pinctrl: sophgo: cv18xx: fix missed __iomem type identifier pinctrl: stmfx: Use string_choices API instead of ternary operator pinctrl: nomadik: Use kmemdup_array instead of kmemdup for multiple allocation pinctrl: intel: Introduce for_each_intel_gpio_group() helper et al. pinctrl: intel: Constify intel_get_community() returned object pinctrl: intel: Implement high impedance support pinctrl: intel: Add __intel_gpio_get_direction() helper ... commit 5f153b63302af24e7f807b0208f380f5c8654df4 Merge: d7dfb07d4dacfc 061a785a114f15 Author: Linus Torvalds Date: Mon Sep 23 13:10:49 2024 -0700 Merge tag 'ntb-6.12' of https://github.com/jonmason/ntb Pull PCIe non-transparent bridge updates from Jon Mason: "Bug fixes for intel ntb driver debugfs, use after free in switchtec driver, ntb transport rx ring buffers. Also, cleanups in printks, kernel-docs, and idt driver comment" * tag 'ntb-6.12' of https://github.com/jonmason/ntb: ntb: Force physically contiguous allocation of rx ring buffers ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition ntb: idt: Fix the cacography in ntb_hw_idt.c NTB: epf: don't misuse kernel-doc marker NTB: ntb_transport: fix all kernel-doc warnings ntb: Constify struct bus_type ntb_perf: Fix printk format ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() commit d7dfb07d4dacfc3d8fa553fe76f055724e2c7210 Merge: 3a37872316c2e3 f1cba5212e2522 Author: Linus Torvalds Date: Mon Sep 23 12:55:27 2024 -0700 Merge tag 'firewire-updates-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394 Pull firewire updates from Takashi Sakamoto: "In the FireWire subsystem, tasklets have been used as the bottom half of 1394 OHCi hardIRQ. In recent kernel updates, BH workqueues have become available, and some developers have proposed replacing the tasklet with a BH workqueue. As a first step towards dropping tasklet use, the 1394 OHCI isochronous context can use regular workqueues. In this context, the batch of packets is processed in the specific queue, thus the timing jitter caused by task scheduling is not so critical. Additionally, DMA transmission can be scheduled per-packet basis, therefore the context can be sleep between the operation of transmissions. Furthermore, in-kernel protocol implementation involves some CPU-bound tasks, which can sometimes consumes CPU time so long. These characteristics suggest that normal workqueues are suitable, through BH workqueues are not. The replacement with a workqueue allows unit drivers to process the content of packets in non-atomic context. It brings some reliefs to some drivers in sound subsystem that spin-lock is not mandatory anymore during isochronous packet processing. Summary: - Replace tasklet with workqueue for isochronous context - Replace IDR with XArray - Utilize guard macro where possible - Print deprecation warning when enabling debug parameter of firewire-ohci module - Switch to nonatomic PCM operation" * tag 'firewire-updates-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394: (55 commits) firewire: core: rename cause flag of tracepoints event firewire: core: update documentation of kernel APIs for flushing completions firewire: core: add helper function to retire descriptors Revert "firewire: core: move workqueue handler from 1394 OHCI driver to core function" Revert "firewire: core: use mutex to coordinate concurrent calls to flush completions" firewire: core: use mutex to coordinate concurrent calls to flush completions firewire: core: move workqueue handler from 1394 OHCI driver to core function firewire: core: fulfill documentation of fw_iso_context_flush_completions() firewire: core: expose kernel API to schedule work item to process isochronous context firewire: core: use WARN_ON_ONCE() to avoid superfluous dumps ALSA: firewire: use nonatomic PCM operation firewire: core: non-atomic memory allocation for isochronous event to user client firewire: ohci: operate IT/IR events in sleepable work process instead of tasklet softIRQ firewire: core: add local API to queue work item to workqueue specific to isochronous contexts firewire: core: allocate workqueue to handle isochronous contexts in card firewire: ohci: obsolete direct usage of printk_ratelimit() firewire: ohci: deprecate debug parameter firewire: core: update fw_device outside of device_find_child() firewire: ohci: fix error path to detect initiated reset in TI TSB41BA3D phy firewire: core/ohci: minor refactoring for computation of configuration ROM size ... commit f89722faa31466ff41aed21bdeb9cf34c2312858 Author: Guenter Roeck Date: Sun Sep 22 07:52:26 2024 -0700 ipe: Add missing terminator to list of unit tests Add missing terminator to list of unit tests to avoid random crashes seen when running the test. Fixes: 10ca05a76065 ("ipe: kunit test for parser") Cc: Deven Bowers Cc: Paul Moore Cc: Fan Wu Signed-off-by: Guenter Roeck Acked-by: Fan Wu Signed-off-by: Paul Moore commit 3a37872316c2e3288e09a1322221c83e5929768d Merge: 18ba6034468e79 81e53c0da8f8b1 Author: Linus Torvalds Date: Mon Sep 23 12:47:06 2024 -0700 Merge tag 'pci-v6.12-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci Pull pci updates from Bjorn Helgaas: "Enumeration: - Wait for device readiness after reset by polling Vendor ID and looking for Configuration RRS instead of polling the Command register and looking for non-error completions, to avoid hardware retries done for RRS on non-Vendor ID reads (Bjorn Helgaas) - Rename CRS Completion Status to RRS ('Request Retry Status') to match PCIe r6.0 spec usage (Bjorn Helgaas) - Clear LBMS bit after a manual link retrain so we don't try to retrain a link when there's no downstream device anymore (Maciej W. Rozycki) - Revert to the original link speed after retraining fails instead of leaving it restricted to 2.5GT/s, so a future device has a chance to use higher speeds (Maciej W. Rozycki) - Wait for each level of downstream bus, not just the first, to become accessible before restoring devices on that bus (Ilpo Järvinen) - Add ARCH_PCI_DEV_GROUPS so s390 can add its own attribute_groups without having to stomp on the core's pdev->dev.groups (Lukas Wunner) Driver binding: - Export pcim_request_region(), a managed counterpart of pci_request_region(), for use by drivers (Philipp Stanner) - Export pcim_iomap_region() and deprecate pcim_iomap_regions() (Philipp Stanner) - Request the PCI BAR used by xboxvideo (Philipp Stanner) - Request and map drm/ast BARs with pcim_iomap_region() (Philipp Stanner) MSI: - Add MSI_FLAG_NO_AFFINITY flag for devices that mux MSIs onto a single IRQ line and cannot set the affinity of each MSI to a specific CPU core (Marek Vasut) - Use MSI_FLAG_NO_AFFINITY and remove unnecessary .irq_set_affinity() implementations in aardvark, altera, brcmstb, dwc, mediatek-gen3, mediatek, mobiveil, plda, rcar, tegra, vmd, xilinx-nwl, xilinx-xdma, and xilinx drivers to avoid 'IRQ: set affinity failed' warnings (Marek Vasut) Power management: - Add pwrctl support for ATH11K inside the WCN6855 package (Konrad Dybcio) PCI device hotplug: - Remove unnecessary hpc_ops struct from shpchp (ngn) - Check for PCI_POSSIBLE_ERROR(), not 0xffffffff, in cpqphp (weiyufeng) Virtualization: - Mark Creative Labs EMU20k2 INTx masking as broken (Alex Williamson) - Add an ACS quirk for Qualcomm SA8775P, which doesn't advertise ACS but does provide ACS-like features (Subramanian Ananthanarayanan) IOMMU: - Add function 0 DMA alias quirk for Glenfly Arise audio function, which uses the function 0 Requester ID (WangYuli) NPEM: - Add Native PCIe Enclosure Management (NPEM) support for sysfs control of NVMe RAID storage indicators (ok/fail/locate/ rebuild/etc) (Mariusz Tkaczyk) - Add support for the ACPI _DSM PCIe SSD status LED management, which is functionally similar to NPEM but mediated by platform firmware (Mariusz Tkaczyk) Device trees: - Drop minItems and maxItems from ranges in PCI generic host binding since host bridges may have several MMIO and I/O port apertures (Frank Li) - Add kirin, rcar-gen2, uniphier DT binding top-level constraints for clocks (Krzysztof Kozlowski) Altera PCIe controller driver: - Convert altera DT bindings from text to YAML (Matthew Gerlach) - Replace TLP_REQ_ID() with macro PCI_DEVID(), which does the same thing and is what other drivers use (Jinjie Ruan) Broadcom STB PCIe controller driver: - Add DT binding maxItems for reset controllers (Jim Quinlan) - Use the 'bridge' reset method if described in the DT (Jim Quinlan) - Use the 'swinit' reset method if described in the DT (Jim Quinlan) - Add 'has_phy' so the existence of a 'rescal' reset controller doesn't imply software control of it (Jim Quinlan) - Add support for many inbound DMA windows (Jim Quinlan) - Rename SoC 'type' to 'soc_base' express the fact that SoCs come in families of multiple similar devices (Jim Quinlan) - Add Broadcom 7712 DT description and driver support (Jim Quinlan) - Sort enums, pcie_offsets[], pcie_cfg_data, .compatible strings for maintainability (Bjorn Helgaas) Freescale i.MX6 PCIe controller driver: - Add imx6q-pcie 'dbi2' and 'atu' reg-names for i.MX8M Endpoints (Richard Zhu) - Fix a code restructuring error that caused i.MX8MM and i.MX8MP Endpoints to fail to establish link (Richard Zhu) - Fix i.MX8MP Endpoint occasional failure to trigger MSI by enforcing outbound alignment requirement (Richard Zhu) - Call phy_power_off() in the .probe() error path (Frank Li) - Rename internal names from imx6_* to imx_* since i.MX7/8/9 are also supported (Frank Li) - Manage Refclk by using SoC-specific callbacks instead of switch statements (Frank Li) - Manage core reset by using SoC-specific callbacks instead of switch statements (Frank Li) - Expand comments for erratum ERR010728 workaround (Frank Li) - Use generic PHY APIs to configure mode, speed, and submode, which is harmless for devices that implement their own internal PHY management and don't set the generic imx_pcie->phy (Frank Li) - Add i.MX8Q (i.MX8QM, i.MX8QXP, and i.MX8DXL) DT binding and driver Root Complex support (Richard Zhu) Freescale Layerscape PCIe controller driver: - Replace layerscape-pcie DT binding compatible fsl,lx2160a-pcie with fsl,lx2160ar2-pcie (Frank Li) - Add layerscape-pcie DT binding deprecated 'num-viewport' property to address a DT checker warning (Frank Li) - Change layerscape-pcie DT binding 'fsl,pcie-scfg' to phandle-array (Frank Li) Loongson PCIe controller driver: - Increase max PCI hosts to 8 for Loongson-3C6000 and newer chipsets (Huacai Chen) Marvell Aardvark PCIe controller driver: - Fix issue with emulating Configuration RRS for two-byte reads of Vendor ID; previously it only worked for four-byte reads (Bjorn Helgaas) MediaTek PCIe Gen3 controller driver: - Add per-SoC struct mtk_gen3_pcie_pdata to support multiple SoC types (Lorenzo Bianconi) - Use reset_bulk APIs to manage PHY reset lines (Lorenzo Bianconi) - Add DT and driver support for Airoha EN7581 PCIe controller (Lorenzo Bianconi) Qualcomm PCIe controller driver: - Update qcom,pcie-sc7280 DT binding with eight interrupts (Rayyan Ansari) - Add back DT 'vddpe-3v3-supply', which was incorrectly removed earlier (Johan Hovold) - Drop endpoint redundant masking of global IRQ events (Manivannan Sadhasivam) - Clarify unknown global IRQ message and only log it once to avoid a flood (Manivannan Sadhasivam) - Add 'linux,pci-domain' property to endpoint DT binding (Manivannan Sadhasivam) - Assign PCI domain number for endpoint controllers (Manivannan Sadhasivam) - Add 'qcom_pcie_ep' and the PCI domain number to IRQ names for endpoint controller (Manivannan Sadhasivam) - Add global SPI interrupt for PCIe link events to DT binding (Manivannan Sadhasivam) - Add global RC interrupt handler to handle 'Link up' events and automatically enumerate hot-added devices (Manivannan Sadhasivam) - Avoid mirroring of DBI and iATU register space so it doesn't overlap BAR MMIO space (Prudhvi Yarlagadda) - Enable controller resources like PHY only after PERST# is deasserted to partially avoid the problem that the endpoint SoC crashes when accessing things when Refclk is absent (Manivannan Sadhasivam) - Add 16.0 GT/s equalization and RX lane margining settings (Shashank Babu Chinta Venkata) - Pass domain number to pci_bus_release_domain_nr() explicitly to avoid a NULL pointer dereference (Manivannan Sadhasivam) Renesas R-Car PCIe controller driver: - Make the read-only const array 'check_addr' static (Colin Ian King) - Add R-Car V4M (R8A779H0) PCIe host and endpoint to DT binding (Yoshihiro Shimoda) TI DRA7xx PCIe controller driver: - Request IRQF_ONESHOT for 'dra7xx-pcie-main' IRQ since the primary handler is NULL (Siddharth Vadapalli) - Handle IRQ request errors during root port and endpoint probe (Siddharth Vadapalli) TI J721E PCIe driver: - Add DT 'ti,syscon-acspcie-proxy-ctrl' and driver support to enable the ACSPCIE module to drive Refclk for the Endpoint (Siddharth Vadapalli) - Extract the cadence link setup from cdns_pcie_host_setup() so link setup can be done separately during resume (Thomas Richard) - Add T_PERST_CLK_US definition for the mandatory delay between Refclk becoming stable and PERST# being deasserted (Thomas Richard) - Add j721e suspend and resume support (Théo Lebrun) TI Keystone PCIe controller driver: - Fix NULL pointer checking when applying MRRS limitation quirk for AM65x SR 1.0 Errata #i2037 (Dan Carpenter) Xilinx NWL PCIe controller driver: - Fix off-by-one error in INTx IRQ handler that caused INTx interrupts to be lost or delivered as the wrong interrupt (Sean Anderson) - Rate-limit misc interrupt messages (Sean Anderson) - Turn off the clock on probe failure and device removal (Sean Anderson) - Add DT binding and driver support for enabling/disabling PHYs (Sean Anderson) - Add PCIe phy bindings for the ZCU102 (Sean Anderson) Xilinx XDMA PCIe controller driver: - Add support for Xilinx QDMA Soft IP PCIe Root Port Bridge to DT binding and xilinx-dma-pl driver (Thippeswamy Havalige) Miscellaneous: - Fix buffer overflow in kirin_pcie_parse_port() (Alexandra Diupina) - Fix minor kerneldoc issues and typos (Bjorn Helgaas) - Use PCI_DEVID() macro in aer_inject() instead of open-coding it (Jinjie Ruan) - Check pcie_find_root_port() return in x86 fixups to avoid NULL pointer dereferences (Samasth Norway Ananda) - Make pci_bus_type constant (Kunwu Chan) - Remove unused declarations of __pci_pme_wakeup() and pci_vpd_release() (Yue Haibing) - Remove any leftover .*.cmd files with make clean (zhang jiao) - Remove unused BILLION macro (zhang jiao)" * tag 'pci-v6.12-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/pci/pci: (132 commits) PCI: Fix typos dt-bindings: PCI: qcom: Allow 'vddpe-3v3-supply' again tools: PCI: Remove unused BILLION macro tools: PCI: Remove .*.cmd files with make clean PCI: Pass domain number to pci_bus_release_domain_nr() explicitly PCI: dra7xx: Fix error handling when IRQ request fails in probe PCI: dra7xx: Fix threaded IRQ request for "dra7xx-pcie-main" IRQ PCI: qcom: Add RX lane margining settings for 16.0 GT/s PCI: qcom: Add equalization settings for 16.0 GT/s PCI: dwc: Always cache the maximum link speed value in dw_pcie::max_link_speed PCI: dwc: Rename 'dw_pcie::link_gen' to 'dw_pcie::max_link_speed' PCI: qcom-ep: Enable controller resources like PHY only after refclk is available PCI: Mark Creative Labs EMU20k2 INTx masking as broken dt-bindings: PCI: imx6q-pcie: Add reg-name "dbi2" and "atu" for i.MX8M PCIe Endpoint dt-bindings: PCI: altera: msi: Convert to YAML PCI: imx6: Add i.MX8Q PCIe Root Complex (RC) support PCI: Rename CRS Completion Status to RRS PCI: aardvark: Correct Configuration RRS checking PCI: Wait for device readiness with Configuration RRS PCI: brcmstb: Sort enums, pcie_offsets[], pcie_cfg_data, .compatible strings ... commit 736cd2c1ae7f911df9aae0e647899b49bdbccdb8 Author: Mike Snitzer Date: Thu Sep 5 15:10:00 2024 -0400 nfs: add "NFS Client and Server Interlock" section to localio.rst This section answers a new FAQ entry: 9. How does LOCALIO make certain that object lifetimes are managed properly given NFSD and NFS operate in different contexts? See the detailed "NFS Client and Server Interlock" section below. The first half of the section details NeilBrown's elegant design for LOCALIO's nfs_uuid_t based interlock and is heavily based on Neil's "net namespace refcounting" description here: https://marc.info/?l=linux-nfs&m=172498546024767&w=2 The second half of the section details the per-cpu-refcount introduced to ensure NFSD's nfsd_serv isn't destroyed while in use by a LOCALIO client. Signed-off-by: Mike Snitzer Reviewed-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit f7128262b15287e4be501e30f9e1f0258606a593 Author: Trond Myklebust Date: Thu Sep 5 15:09:59 2024 -0400 nfs: add FAQ section to Documentation/filesystems/nfs/localio.rst Add a FAQ section to give answers to questions that have been raised during review of the localio feature. Signed-off-by: Trond Myklebust Co-developed-by: Mike Snitzer Signed-off-by: Mike Snitzer Reviewed-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit 92945bd81ca418ace7995bf5234ac311f6197d5d Author: Mike Snitzer Date: Thu Sep 5 15:09:58 2024 -0400 nfs: add Documentation/filesystems/nfs/localio.rst This document gives an overview of the LOCALIO auxiliary RPC protocol added to the Linux NFS client and server to allow them to reliably handshake to determine if they are on the same host. Once an NFS client and server handshake as "local", the client will bypass the network RPC protocol for read, write and commit operations. Due to this XDR and RPC bypass, these operations will operate faster. Signed-off-by: Mike Snitzer Reviewed-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit 56bcd0f07fdbf9770284bedb982236ab881ef909 Author: Mike Snitzer Date: Thu Sep 5 15:09:57 2024 -0400 nfs: implement client support for NFS_LOCALIO_PROGRAM The LOCALIO auxiliary RPC protocol consists of a single "UUID_IS_LOCAL" RPC method that allows the Linux NFS client to verify the local Linux NFS server can see the nonce (single-use UUID) the client generated and made available in nfs_common for subsequent lookup and verification by the NFS server. If matched, the NFS server populates members in the nfs_uuid_t struct. The NFS client then transfers these nfs_uuid_t struct member pointers to the nfs_client struct and cleans up the nfs_uuid_t struct. See: fs/nfs/localio.c:nfs_local_probe() This protocol isn't part of an IETF standard, nor does it need to be considering it is Linux-to-Linux auxiliary RPC protocol that amounts to an implementation detail. Localio is only supported when UNIX-style authentication (AUTH_UNIX, aka AUTH_SYS) is used (enforced by fs/nfs/localio.c:nfs_local_probe()). The UUID_IS_LOCAL method encodes the client generated uuid_t in terms of the fixed UUID_SIZE (16 bytes). The fixed size opaque encode and decode XDR methods are used instead of the less efficient variable sized methods. Having a nonce (single-use uuid) is better than using the same uuid for the life of the server, and sending it proactively by client rather than reactively by the server is also safer. Signed-off-by: Mike Snitzer Co-developed-by: NeilBrown Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit b9f5dd57f4a52990963eeb1f1b58d00f717ece69 Author: Trond Myklebust Date: Thu Sep 5 15:09:56 2024 -0400 nfs/localio: use dedicated workqueues for filesystem read and write For localio access, don't call filesystem read() and write() routines directly. This solves two problems: 1) localio writes need to use a normal (non-memreclaim) unbound workqueue. This avoids imposing new requirements on how underlying filesystems process frontend IO, which would cause a large amount of work to update all filesystems. Without this change, when XFS starts getting low on space, XFS flushes work on a non-memreclaim work queue, which causes a priority inversion problem: 00573 workqueue: WQ_MEM_RECLAIM writeback:wb_workfn is flushing !WQ_MEM_RECLAIM xfs-sync/vdc:xfs_flush_inodes_worker 00573 WARNING: CPU: 6 PID: 8525 at kernel/workqueue.c:3706 check_flush_dependency+0x2a4/0x328 00573 Modules linked in: 00573 CPU: 6 PID: 8525 Comm: kworker/u71:5 Not tainted 6.10.0-rc3-ktest-00032-g2b0a133403ab #18502 00573 Hardware name: linux,dummy-virt (DT) 00573 Workqueue: writeback wb_workfn (flush-0:33) 00573 pstate: 400010c5 (nZcv daIF -PAN -UAO -TCO -DIT +SSBS BTYPE=--) 00573 pc : check_flush_dependency+0x2a4/0x328 00573 lr : check_flush_dependency+0x2a4/0x328 00573 sp : ffff0000c5f06bb0 00573 x29: ffff0000c5f06bb0 x28: ffff0000c998a908 x27: 1fffe00019331521 00573 x26: ffff0000d0620900 x25: ffff0000c5f06ca0 x24: ffff8000828848c0 00573 x23: 1fffe00018be0d8e x22: ffff0000c1210000 x21: ffff0000c75fde00 00573 x20: ffff800080bfd258 x19: ffff0000cad63400 x18: ffff0000cd3a4810 00573 x17: 0000000000000000 x16: 0000000000000000 x15: ffff800080508d98 00573 x14: 0000000000000000 x13: 204d49414c434552 x12: 1fffe0001b6eeab2 00573 x11: ffff60001b6eeab2 x10: dfff800000000000 x9 : ffff60001b6eeab3 00573 x8 : 0000000000000001 x7 : 00009fffe491154e x6 : ffff0000db775593 00573 x5 : ffff0000db775590 x4 : ffff0000db775590 x3 : 0000000000000000 00573 x2 : 0000000000000027 x1 : ffff600018be0d62 x0 : dfff800000000000 00573 Call trace: 00573 check_flush_dependency+0x2a4/0x328 00573 __flush_work+0x184/0x5c8 00573 flush_work+0x18/0x28 00573 xfs_flush_inodes+0x68/0x88 00573 xfs_file_buffered_write+0x128/0x6f0 00573 xfs_file_write_iter+0x358/0x448 00573 nfs_local_doio+0x854/0x1568 00573 nfs_initiate_pgio+0x214/0x418 00573 nfs_generic_pg_pgios+0x304/0x480 00573 nfs_pageio_doio+0xe8/0x240 00573 nfs_pageio_complete+0x160/0x480 00573 nfs_writepages+0x300/0x4f0 00573 do_writepages+0x12c/0x4a0 00573 __writeback_single_inode+0xd4/0xa68 00573 writeback_sb_inodes+0x470/0xcb0 00573 __writeback_inodes_wb+0xb0/0x1d0 00573 wb_writeback+0x594/0x808 00573 wb_workfn+0x5e8/0x9e0 00573 process_scheduled_works+0x53c/0xd90 00573 worker_thread+0x370/0x8c8 00573 kthread+0x258/0x2e8 00573 ret_from_fork+0x10/0x20 2) Some filesystem writeback routines can end up taking up a lot of stack space (particularly XFS). Instead of risking running over due to the extra overhead from the NFS stack, we should just call these routines from a workqueue job. Since we need to do this to address 1) above we're able to avoid possibly blowing the stack "for free". Use of dedicated workqueues improves performance over using the system_unbound_wq. Also, the creds used to open the file are used to override_creds() in both nfs_local_call_read() and nfs_local_call_write() -- otherwise the workqueue could have elevated capabilities (which the caller may not). Lastly, care is taken to set PF_LOCAL_THROTTLE | PF_MEMALLOC_NOIO in nfs_do_local_write() to avoid writeback deadlocks. The PF_LOCAL_THROTTLE flag prevents deadlocks in balance_dirty_pages() by causing writes to only be throttled against other writes to the same bdi (it keeps the throttling local). Normally all writes to bdi(s) are throttled equally (after throughput factors are allowed for). The PF_MEMALLOC_NOIO flag prevents the lower filesystem IO from causing memory reclaim to re-enter filesystems or IO devices and so prevents deadlocks from occuring where IO that cleans pages is waiting on IO to complete. Signed-off-by: Trond Myklebust Co-developed-by: Mike Snitzer Signed-off-by: Mike Snitzer Co-developed-by: NeilBrown Signed-off-by: NeilBrown # eliminated wait_for_completion Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit d488b9d01fbc2ff5ccf15bcd47422eb156726c0d Author: Trond Myklebust Date: Thu Sep 5 15:09:55 2024 -0400 pnfs/flexfiles: enable localio support If the DS is local to this client use localio to write the data. Signed-off-by: Trond Myklebust Signed-off-by: Mike Snitzer Reviewed-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit fa88a7d6ae089c07aba872fff30a1342d3503e80 Author: Trond Myklebust Date: Thu Sep 5 15:09:54 2024 -0400 nfs: enable localio for non-pNFS IO Try a local open of the file being written to, and if it succeeds, then use localio to issue IO. Signed-off-by: Trond Myklebust Signed-off-by: Mike Snitzer Reviewed-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit 70ba381e1a431245c137ed597ec6a05991c79bd9 Author: Weston Andros Adamson Date: Thu Sep 5 15:09:53 2024 -0400 nfs: add LOCALIO support Add client support for bypassing NFS for localhost reads, writes, and commits. This is only useful when the client and the server are running on the same host. nfs_local_probe() is stubbed out, later commits will enable client and server handshake via a Linux-only LOCALIO auxiliary RPC protocol. This has dynamic binding with the nfsd module (via nfs_localio module which is part of nfs_common). LOCALIO will only work if nfsd is already loaded. The "localio_enabled" nfs kernel module parameter can be used to disable and enable the ability to use LOCALIO support. CONFIG_NFS_LOCALIO enables NFS client support for LOCALIO. Lastly, LOCALIO uses an nfsd_file to initiate all IO. To make proper use of nfsd_file (and nfsd's filecache) its lifetime (duration before nfsd_file_put is called) must extend until after commit, read and write operations. So rather than immediately drop the nfsd_file reference in nfs_local_open_fh(), that doesn't happen until nfs_local_pgio_release() for read/write and not until nfs_local_release_commit_data() for commit. The same applies to the reference held on nfsd's nn->nfsd_serv. Both objects' lifetimes and associated references are managed through calls to nfs_to->nfsd_file_put_local(). Signed-off-by: Weston Andros Adamson Signed-off-by: Trond Myklebust Co-developed-by: Mike Snitzer Signed-off-by: Mike Snitzer Signed-off-by: NeilBrown # nfs_open_local_fh Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit df24c483e28f7f9a421afde15d0497e61bc2d3ea Author: Mike Snitzer Date: Thu Sep 5 15:09:52 2024 -0400 nfs: pass struct nfsd_file to nfs_init_pgio and nfs_init_commit The nfsd_file will be passed, in future commits, by callers that enable LOCALIO support (for both regular NFS and pNFS IO). [Derived from patch authored by Weston Andros Adamson, but switched from passing struct file to struct nfsd_file] Signed-off-by: Mike Snitzer Reviewed-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit 946af9b3a0e7571c01447107d5e8968401e659ba Author: Mike Snitzer Date: Thu Sep 5 15:09:51 2024 -0400 nfsd: implement server support for NFS_LOCALIO_PROGRAM The LOCALIO auxiliary RPC protocol consists of a single "UUID_IS_LOCAL" RPC method that allows the Linux NFS client to verify the local Linux NFS server can see the nonce (single-use UUID) the client generated and made available in nfs_common. The server expects this protocol to use the same transport as NFS and NFSACL for its RPCs. This protocol isn't part of an IETF standard, nor does it need to be considering it is Linux-to-Linux auxiliary RPC protocol that amounts to an implementation detail. The UUID_IS_LOCAL method encodes the client generated uuid_t in terms of the fixed UUID_SIZE (16 bytes). The fixed size opaque encode and decode XDR methods are used instead of the less efficient variable sized methods. The RPC program number for the NFS_LOCALIO_PROGRAM is 400122 (as assigned by IANA, see https://www.iana.org/assignments/rpc-program-numbers/ ): Linux Kernel Organization 400122 nfslocalio Signed-off-by: Mike Snitzer [neilb: factored out and simplified single localio protocol] Co-developed-by: NeilBrown Signed-off-by: NeilBrown Acked-by: Chuck Lever Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit fa4983862e506d395acc1b8d14dbebf63acc2e82 Author: Weston Andros Adamson Date: Thu Sep 5 15:09:50 2024 -0400 nfsd: add LOCALIO support Add server support for bypassing NFS for localhost reads, writes, and commits. This is only useful when both the client and server are running on the same host. If nfsd_open_local_fh() fails then the NFS client will both retry and fallback to normal network-based read, write and commit operations if localio is no longer supported. Care is taken to ensure the same NFS security mechanisms are used (authentication, etc) regardless of whether localio or regular NFS access is used. The auth_domain established as part of the traditional NFS client access to the NFS server is also used for localio. Store auth_domain for localio in nfsd_uuid_t and transfer it to the client if it is local to the server. Relative to containers, localio gives the client access to the network namespace the server has. This is required to allow the client to access the server's per-namespace nfsd_net struct. This commit also introduces the use of NFSD's percpu_ref to interlock nfsd_destroy_serv and nfsd_open_local_fh, to ensure nn->nfsd_serv is not destroyed while in use by nfsd_open_local_fh and other LOCALIO client code. CONFIG_NFS_LOCALIO enables NFS server support for LOCALIO. Signed-off-by: Weston Andros Adamson Signed-off-by: Trond Myklebust Co-developed-by: Mike Snitzer Signed-off-by: Mike Snitzer Co-developed-by: NeilBrown Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Acked-by: Chuck Lever Signed-off-by: Anna Schumaker commit a61e147e6be6e763d9c6dec8061d2893c0bb3423 Author: Mike Snitzer Date: Thu Sep 5 15:09:49 2024 -0400 nfs_common: prepare for the NFS client to use nfsd_file for LOCALIO The next commit will introduce nfsd_open_local_fh() which returns an nfsd_file structure. This commit exposes LOCALIO's required NFSD symbols to the NFS client: - Make nfsd_open_local_fh() symbol and other required NFSD symbols available to NFS in a global 'nfs_to' nfsd_localio_operations struct (global access suggested by Trond, nfsd_localio_operations suggested by NeilBrown). The next commit will also introduce nfsd_localio_ops_init() that init_nfsd() will call to initialize 'nfs_to'. - Introduce nfsd_file_file() that provides access to nfsd_file's backing file. Keeps nfsd_file structure opaque to NFS client (as suggested by Jeff Layton). - Introduce nfsd_file_put_local() that will put the reference to the nfsd_file's associated nn->nfsd_serv and then put the reference to the nfsd_file (as suggested by NeilBrown). Suggested-by: Trond Myklebust # nfs_to Suggested-by: NeilBrown # nfsd_localio_operations Suggested-by: Jeff Layton # nfsd_file_file Signed-off-by: Mike Snitzer Reviewed-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit 2a33a85be45178198245e1f656e6224c899895e4 Author: Mike Snitzer Date: Thu Sep 5 15:09:48 2024 -0400 nfs_common: add NFS LOCALIO auxiliary protocol enablement fs/nfs_common/nfslocalio.c provides interfaces that enable an NFS client to generate a nonce (single-use UUID) and associated nfs_uuid_t struct, register it with nfs_common for subsequent lookup and verification by the NFS server and if matched the NFS server populates members in the nfs_uuid_t struct. nfs_common's nfs_uuids list is the basis for localio enablement, as such it has members that point to nfsd memory for direct use by the client (e.g. 'net' is the server's network namespace, through it the client can access nn->nfsd_serv). This commit also provides the base nfs_uuid_t interfaces to allow proper net namespace refcounting for the LOCALIO use case. CONFIG_NFS_LOCALIO controls the nfs_common, NFS server and NFS client enablement for LOCALIO. If both NFS_FS=m and NFSD=m then NFS_COMMON_LOCALIO_SUPPORT=m and nfs_localio.ko is built (and provides nfs_common's LOCALIO support). # lsmod | grep nfs_localio nfs_localio 12288 2 nfsd,nfs sunrpc 745472 35 nfs_localio,nfsd,auth_rpcgss,lockd,nfsv3,nfs Signed-off-by: Mike Snitzer Co-developed-by: NeilBrown Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit 86ab08beb3f07f6e51922a8b8f662a5ec7012d35 Author: NeilBrown Date: Thu Sep 5 15:09:47 2024 -0400 SUNRPC: replace program list with program array A service created with svc_create_pooled() can be given a linked list of programs and all of these will be served. Using a linked list makes it cumbersome when there are several programs that can be optionally selected with CONFIG settings. After this patch is applied, API consumers must use only svc_create_pooled() when creating an RPC service that listens for more than one RPC program. Signed-off-by: NeilBrown Signed-off-by: Mike Snitzer Acked-by: Chuck Lever Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit 199f2128741077087a2ab33889a6868830465033 Author: Weston Andros Adamson Date: Thu Sep 5 15:09:46 2024 -0400 SUNRPC: add svcauth_map_clnt_to_svc_cred_local Add new funtion svcauth_map_clnt_to_svc_cred_local which maps a generic cred to a svc_cred suitable for use in nfsd. This is needed by the localio code to map nfs client creds to nfs server credentials. Following from net/sunrpc/auth_unix.c:unx_marshal() it is clear that ->fsuid and ->fsgid must be used (rather than ->uid and ->gid). In addition, these uid and gid must be translated with from_kuid_munged() so local client uses correct uid and gid when acting as local server. Jeff Layton noted: This is where the magic happens. Since we're working in kuid_t/kgid_t, we don't need to worry about further idmapping. Suggested-by: NeilBrown # to approximate unx_marshal() Signed-off-by: Weston Andros Adamson Signed-off-by: Trond Myklebust Co-developed-by: Mike Snitzer Signed-off-by: Mike Snitzer Reviewed-by: Chuck Lever Reviewed-by: Jeff Layton Reviewed-by: NeilBrown Signed-off-by: Anna Schumaker commit 2c8919848de1e5c881fe3473645c26a1c2a927f2 Author: Mike Snitzer Date: Thu Sep 5 15:09:45 2024 -0400 SUNRPC: remove call_allocate() BUG_ONs Remove BUG_ON if p_arglen=0 to allow RPC with void arg. Remove BUG_ON if p_replen=0 to allow RPC with void return. The former was needed for the first revision of the LOCALIO protocol which had an RPC that took a void arg: /* raw RFC 9562 UUID */ typedef u8 uuid_t; program NFS_LOCALIO_PROGRAM { version LOCALIO_V1 { void NULL(void) = 0; uuid_t GETUUID(void) = 1; } = 1; } = 400122; The latter is needed for the final revision of the LOCALIO protocol which has a UUID_IS_LOCAL RPC which returns a void: /* raw RFC 9562 UUID */ typedef u8 uuid_t; program NFS_LOCALIO_PROGRAM { version LOCALIO_V1 { void NULL(void) = 0; void UUID_IS_LOCAL(uuid_t) = 1; } = 1; } = 400122; There is really no value in triggering a BUG_ON in response to either of these previously unsupported conditions. NeilBrown would like the entire 'if (proc->p_proc != 0)' branch removed (not just the one BUG_ON that must be removed for LOCALIO's immediate needs of returning void). Signed-off-by: Mike Snitzer Reviewed-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit 47e988147f409f70e0f01a5e6dc5940375e02343 Author: Mike Snitzer Date: Thu Sep 5 15:09:44 2024 -0400 nfsd: add nfsd_serv_try_get and nfsd_serv_put Introduce nfsd_serv_try_get and nfsd_serv_put and update the nfsd code to prevent nfsd_destroy_serv from destroying nn->nfsd_serv until any caller of nfsd_serv_try_get releases their reference using nfsd_serv_put. A percpu_ref is used to implement the interlock between nfsd_destroy_serv and any caller of nfsd_serv_try_get. This interlock is needed to properly wait for the completion of client initiated localio calls to nfsd (that are _not_ in the context of nfsd). Signed-off-by: Mike Snitzer Reviewed-by: Chuck Lever Reviewed-by: Jeff Layton Reviewed-by: NeilBrown Signed-off-by: Anna Schumaker commit c63f0e48febfaea8a3cd4146abda9cc7a329b0e3 Author: NeilBrown Date: Thu Sep 5 15:09:43 2024 -0400 nfsd: add nfsd_file_acquire_local() nfsd_file_acquire_local() can be used to look up a file by filehandle without having a struct svc_rqst. This can be used by NFS LOCALIO to allow the NFS client to bypass the NFS protocol to directly access a file provided by the NFS server which is running in the same kernel. In nfsd_file_do_acquire() care is taken to always use fh_verify() if rqstp is not NULL (as is the case for non-LOCALIO callers). Otherwise the non-LOCALIO callers will not supply the correct and required arguments to __fh_verify (e.g. gssclient isn't passed). Introduce fh_verify_local() wrapper around __fh_verify to make it clear that LOCALIO is intended caller. Also, use GC for nfsd_file returned by nfsd_file_acquire_local. GC offers performance improvements if/when a file is reopened before launderette cleans it from the filecache's LRU. Suggested-by: Jeff Layton # use filecache's GC Signed-off-by: NeilBrown Co-developed-by: Mike Snitzer Signed-off-by: Mike Snitzer Signed-off-by: Chuck Lever Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit 5e66d2d92a1c331ed86d943ce3703c654876b20a Author: NeilBrown Date: Thu Sep 5 15:09:42 2024 -0400 nfsd: factor out __fh_verify to allow NULL rqstp to be passed __fh_verify() offers an interface like fh_verify() but doesn't require a struct svc_rqst *, instead it also takes the specific parts as explicit required arguments. So it is safe to call __fh_verify() with a NULL rqstp, but the net, cred, and client args must not be NULL. __fh_verify() does not use SVC_NET(), nor does the functions it calls. Rather than using rqstp->rq_client pass the client and gssclient explicitly to __fh_verify and then to nfsd_set_fh_dentry(). Lastly, it should be noted that the previous commit prepared for 4 associated tracepoints to only be used if rqstp is not NULL (this is a stop-gap that should be properly fixed so localio also benefits from the utility these tracepoints provide when debugging fh_verify issues). Signed-off-by: NeilBrown Co-developed-by: Mike Snitzer Signed-off-by: Mike Snitzer Signed-off-by: Chuck Lever Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit 71c61a0077eb11e8bcc4d03e92ebc0c16df46abe Author: Chuck Lever Date: Thu Sep 5 15:09:41 2024 -0400 NFSD: Short-circuit fh_verify tracepoints for LOCALIO LOCALIO will be able to call fh_verify() with a NULL rqstp. In this case, the existing trace points need to be skipped because they want to dereference the address fields in the passed-in rqstp. Temporarily make these trace points conditional to avoid a seg fault in this case. Putting the "rqstp != NULL" check in the trace points themselves makes the check more efficient. Signed-off-by: Chuck Lever Signed-off-by: Mike Snitzer Acked-by: Jeff Layton Reviewed-by: NeilBrown Signed-off-by: Anna Schumaker commit 7c0b07b49b2da108438e2504452effe0e6cbb764 Author: Chuck Lever Date: Thu Sep 5 15:09:40 2024 -0400 NFSD: Avoid using rqstp->rq_vers in nfsd_set_fh_dentry() Currently, fh_verify() makes some daring assumptions about which version of file handle the caller wants, based on the things it can find in the passed-in rqstp. The about-to-be-introduced LOCALIO use case sometimes has no svc_rqst context, so this logic won't work in that case. Instead, examine the passed-in file handle. It's .max_size field should carry information to allow nfsd_set_fh_dentry() to initialize the file handle appropriately. The file handle used by lockd and the one created by write_filehandle never need any of the version-specific fields (which affect things like write and getattr requests and pre/post attributes). Signed-off-by: Chuck Lever Signed-off-by: Mike Snitzer Reviewed-by: Jeff Layton Reviewed-by: NeilBrown Signed-off-by: Anna Schumaker commit b0d87dbd8bd311d4126f5b34a8494043c487695f Author: NeilBrown Date: Thu Sep 5 15:09:39 2024 -0400 NFSD: Refactor nfsd_setuser_and_check_port() There are several places where __fh_verify unconditionally dereferences rqstp to check that the connection is suitably secure. They look at rqstp->rq_xprt which is not meaningful in the target use case of "localio" NFS in which the client talks directly to the local server. Prepare these to always succeed when rqstp is NULL. Signed-off-by: NeilBrown Co-developed-by: Mike Snitzer Signed-off-by: Mike Snitzer Signed-off-by: Chuck Lever Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit 0a183f24a7ae48b7c0f2327989754b5db5de02b8 Author: NeilBrown Date: Thu Sep 5 15:09:38 2024 -0400 NFSD: Handle @rqstp == NULL in check_nfsd_access() LOCALIO-initiated open operations are not running in an nfsd thread and thus do not have an associated svc_rqst context. Signed-off-by: NeilBrown Co-developed-by: Mike Snitzer Signed-off-by: Mike Snitzer Signed-off-by: Chuck Lever Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit 1545e488b1f908b10f6dff0c278c6b7a37122de8 Author: Mike Snitzer Date: Thu Sep 5 15:09:37 2024 -0400 nfs: factor out {encode,decode}_opaque_fixed to nfs_xdr.h Eliminates duplicate functions in various files to allow for additional callers. Signed-off-by: Mike Snitzer Reviewed-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit 1fcb16674e37e434efe68ec3e142229f35b6b9e1 Author: Mike Snitzer Date: Thu Sep 5 15:09:36 2024 -0400 nfs_common: factor out nfs4_errtbl and nfs4_stat_to_errno Common nfs4_stat_to_errno() is used by fs/nfs/nfs4xdr.c and will be used by fs/nfs/localio.c Signed-off-by: Mike Snitzer Reviewed-by: Jeff Layton Reviewed-by: NeilBrown Signed-off-by: Anna Schumaker commit 4806ded4c14c5e8fdc6ce885d83221a78c06a428 Author: Mike Snitzer Date: Thu Sep 5 15:09:35 2024 -0400 nfs_common: factor out nfs_errtbl and nfs_stat_to_errno Common nfs_stat_to_errno() is used by both fs/nfs/nfs2xdr.c and fs/nfs/nfs3xdr.c Will also be used by fs/nfsd/localio.c Signed-off-by: Mike Snitzer Reviewed-by: Jeff Layton Reviewed-by: NeilBrown Signed-off-by: Anna Schumaker commit dfb07e990a0d019d7ae9b78dd4260620ce32e79a Author: Dan Aloni Date: Wed Jul 24 14:07:12 2024 +0300 nfs: add 'noalignwrite' option for lock-less 'lost writes' prevention There are some applications that write to predefined non-overlapping file offsets from multiple clients and therefore don't need to rely on file locking. However, if these applications want non-aligned offsets and sizes they need to either use locks or risk data corruption, as the NFS client defaults to extending writes to whole pages. This commit adds a new mount option `noalignwrite`, which allows to turn that off and avoid the need of locking, as long as these applications don't overlap on offsets. Signed-off-by: Dan Aloni Reviewed-by: Jeff Layton Reviewed-by: Sagi Grimberg Reviewed-by: Christoph Hellwig Signed-off-by: Anna Schumaker commit 6d26c5e4d83cd39006bfd2ecbc97fbfac34aaefa Author: Li Lingfeng Date: Sat Aug 24 09:43:35 2024 +0800 nfs: fix the comment of nfs_get_root The comment for nfs_get_root() needs to be updated as it would also be used by NFS4 as follows: @x[ nfs_get_root+1 nfs_get_tree_common+1819 nfs_get_tree+2594 vfs_get_tree+73 fc_mount+23 do_nfs4_mount+498 nfs4_try_get_tree+134 nfs_get_tree+2562 vfs_get_tree+73 path_mount+2776 do_mount+226 __se_sys_mount+343 __x64_sys_mount+106 do_syscall_64+69 entry_SYSCALL_64_after_hwframe+97 , mount.nfs4]: 1 Signed-off-by: Li Lingfeng Acked-by: Jeff Layton Signed-off-by: Anna Schumaker commit 615e693b14ba22e1332c3bd5a4e038284bbc3e07 Author: Roi Azarzar Date: Sun Sep 15 10:27:35 2024 +0000 NFSv4.2: Fix detection of "Proxying of Times" server support According to draft-ietf-nfsv4-delstid-07: If a server informs the client via the fattr4_open_arguments attribute that it supports OPEN_ARGS_SHARE_ACCESS_WANT_DELEG_TIMESTAMPS and it returns a valid delegation stateid for an OPEN operation which sets the OPEN4_SHARE_ACCESS_WANT_DELEG_TIMESTAMPS flag, then it MUST query the client via a CB_GETATTR for the fattr4_time_deleg_access (see Section 5.2) attribute and fattr4_time_deleg_modify attribute (see Section 5.2). Thus, we should look that the server supports proxying of times via OPEN4_SHARE_ACCESS_WANT_DELEG_TIMESTAMPS. We want to be extra pedantic and continue to check that FATTR4_TIME_DELEG_ACCESS and FATTR4_TIME_DELEG_MODIFY are set. The server needs to expose both for the client to correctly detect "Proxying of Times" support. Signed-off-by: Roi Azarzar Reviewed-by: Jeff Layton Fixes: dcb3c20f7419 ("NFSv4: Add a capability for delegated attributes") Signed-off-by: Anna Schumaker commit af94dca79b1296a6db7b8b47cd43be8e94fce8bb Author: Trond Myklebust Date: Mon Sep 9 13:47:07 2024 -0400 NFSv4: Fail mounts if the lease setup times out If the server is down when the client is trying to mount, so that the calls to exchange_id or create_session fail, then we should allow the mount system call to fail rather than hang and block other mount/umount calls. Reported-by: Oleksandr Tymoshenko Signed-off-by: Trond Myklebust Signed-off-by: Anna Schumaker commit 03e02b94171b1985dd0aa184296fe94425b855a3 Author: Zhaoyang Huang Date: Fri Aug 30 11:27:47 2024 +0800 fs: nfs: fix missing refcnt by replacing folio_set_private by folio_attach_private This patch is inspired by a code review of fs codes which aims at folio's extra refcnt that could introduce unwanted behavious when judging refcnt, such as[1].That is, the folio passed to mapping_evict_folio carries the refcnts from find_lock_entries, page_cache, corresponding to PTEs and folio's private if has. However, current code doesn't take the refcnt for folio's private which could have mapping_evict_folio miss the one to only PTE and lead to call filemap_release_folio wrongly. [1] long mapping_evict_folio(struct address_space *mapping, struct folio *folio) { ... //current code will misjudge here if there is one pte on the folio which is be deemed as the one as folio's private if (folio_ref_count(folio) > folio_nr_pages(folio) + folio_has_private(folio) + 1) return 0; if (!filemap_release_folio(folio, 0)) return 0; return remove_mapping(mapping, folio); } Signed-off-by: Zhaoyang Huang Signed-off-by: Anna Schumaker commit 40c80881ebef97a2ad4bba1e34edb80fd8585e8c Author: Gaosheng Cui Date: Mon Aug 26 11:21:57 2024 +0800 nfs: Remove obsoleted declaration for nfs_read_prepare The nfs_read_prepare() have been removed since commit a4cdda59111f ("NFS: Create a common pgio_rpc_prepare function"), and now it is useless, so remove it. Signed-off-by: Gaosheng Cui Signed-off-by: Anna Schumaker commit 64a3ab99675ef7b833f64cd3b84db66b6a351529 Author: Hongbo Li Date: Tue Aug 27 17:52:18 2024 +0800 net/sunrpc: make use of the helper macro LIST_HEAD() list_head can be initialized automatically with LIST_HEAD() instead of calling INIT_LIST_HEAD(). Here we can simplify the code. Signed-off-by: Hongbo Li Signed-off-by: Anna Schumaker commit 2e001972e8ebc318de3b5542887ac06ea309aff8 Author: Siddh Raman Pant Date: Mon Sep 2 15:02:48 2024 +0530 SUNRPC: clnt.c: Remove misleading comment destroy_wait doesn't store all RPC clients. There was a list named "all_clients" above it, which got moved to struct sunrpc_net in 2012, but the comment was never removed. Fixes: 70abc49b4f4a ("SUNRPC: make SUNPRC clients list per network namespace context") Signed-off-by: Siddh Raman Pant Signed-off-by: Anna Schumaker commit 0b108e83795c9c23101f584ef7e3ab4f1f120ef0 Author: Stephen Brennan Date: Mon Aug 19 08:58:59 2024 -0700 SUNRPC: convert RPC_TASK_* constants to enum The RPC_TASK_* constants are defined as macros, which means that most kernel builds will not contain their definitions in the debuginfo. However, it's quite useful for debuggers to be able to view the task state constant and interpret it correctly. Conversion to an enum will ensure the constants are present in debuginfo and can be interpreted by debuggers without needing to hard-code them and track their changes. Signed-off-by: Stephen Brennan Signed-off-by: Anna Schumaker commit 9090a7f78623b5312562861d54a4476d905c7c4c Author: Kunwu Chan Date: Fri Aug 16 10:07:40 2024 +0800 SUNRPC: Fix -Wformat-truncation warning Increase size of the servername array to avoid truncated output warning. net/sunrpc/clnt.c:582:75: error:‘%s’ directive output may be truncated writing up to 107 bytes into a region of size 48 [-Werror=format-truncation=] 582 | snprintf(servername, sizeof(servername), "%s", | ^~ net/sunrpc/clnt.c:582:33: note:‘snprintf’ output between 1 and 108 bytes into a destination of size 48 582 | snprintf(servername, sizeof(servername), "%s", | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 583 | sun->sun_path); Signed-off-by: Kunwu Chan Suggested-by: NeilBrown Signed-off-by: Anna Schumaker commit e343678ee990912a132e94236fe028efe78696b0 Author: Thorsten Blum Date: Sun Sep 1 18:19:13 2024 +0200 nfs: Remove unnecessary NULL check before kfree() Since kfree() already checks if its argument is NULL, an additional check before calling kfree() is unnecessary and can be removed. Remove it and thus also the following Coccinelle/coccicheck warning reported by ifnullfree.cocci: WARNING: NULL check before some freeing functions is not needed Reviewed-by: Benjamin Coddington Signed-off-by: Thorsten Blum Reviewed-by: Jeff Layton Signed-off-by: Anna Schumaker commit bb8e4ce500cb09950c2b51a3be0e94e337a215aa Author: Thorsten Blum Date: Wed Aug 14 12:01:28 2024 +0200 nfs: Annotate struct nfs_cache_array with __counted_by() Add the __counted_by compiler attribute to the flexible array member array to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Increment size before adding a new struct to the array. Signed-off-by: Thorsten Blum Signed-off-by: Anna Schumaker commit d98f72272500f505cd7e152ffa456e64ee3855f0 Author: NeilBrown Date: Fri Sep 6 12:32:03 2024 +1000 nfs: simplify and guarantee owner uniqueness. I have evidence of an Linux NFS client getting NFS4ERR_BAD_SEQID to a v4.0 LOCK request to a Linux server (which had fixed the problem with RELEASE_LOCKOWNER bug fixed). The LOCK request presented a "new" lock owner so there are two seq ids in the request: that for the open file, and that for the new lock. Given the context I am confident that the new lock owner was reported to have the wrong seqid. As lock owner identifiers are reused, the server must still have a lock owner active which the client thinks is no longer active. I wasn't able to determine a root-cause but the simplest fix seems to be to ensure lock owners are always unique much as open owners are (thanks to a time stamp). The easiest way to ensure uniqueness is with a 64bit counter for each server. That will never cycle (if updated once a nanosecond the last 584 years. A single NFS server would not handle open/lock requests nearly that fast, and a Linux node is unlikely to have an uptime approaching that). This patch removes the 2 ida and instead uses a per-server atomic64_t to provide uniqueness. Note that the lock owner already encodes the id as 64 bits even though it is a 32bit value. So changing to a 64bit value does not change the encoding of the lock owner. The open owner encoding is now 4 bytes larger. Signed-off-by: NeilBrown Signed-off-by: Anna Schumaker commit 8f6a7c9467eaf39da4c14e5474e46190ab3fb529 Author: Li Lingfeng Date: Wed Sep 4 20:34:57 2024 +0800 nfs: fix memory leak in error path of nfs4_do_reclaim Commit c77e22834ae9 ("NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim()") separate out the freeing of the state owners from nfs4_purge_state_owners() and finish it outside the rcu lock. However, the error path is omitted. As a result, the state owners in "freeme" will not be released. Fix it by adding freeing in the error path. Fixes: c77e22834ae9 ("NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim()") Signed-off-by: Li Lingfeng Cc: stable@vger.kernel.org # v5.3+ Signed-off-by: Anna Schumaker commit 18ba6034468e7949a9e2c2cf28e2e123b4fe7a50 Merge: 721068dec4ec3c 509abfc7a0ba66 Author: Linus Torvalds Date: Mon Sep 23 12:01:45 2024 -0700 Merge tag 'nfsd-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux Pull nfsd updates from Chuck Lever: "Notable features of this release include: - Pre-requisites for automatically determining the RPC server thread count - Clean-up and preparation for supporting LOCALIO, which will be merged via the NFS client tree - Enhancements and fixes to NFSv4.2 COPY offload - A new Python-based tool for generating kernel SunRPC XDR encoding and decoding functions, added as an aid for prototyping features in protocols based on the Linux kernel's SunRPC implementation As always I am grateful to the NFSD contributors, reviewers, testers, and bug reporters who participated during this cycle" * tag 'nfsd-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux: (57 commits) xdrgen: Prevent reordering of encoder and decoder functions xdrgen: typedefs should use the built-in string and opaque functions xdrgen: Fix return code checking in built-in XDR decoders tools: Add xdrgen nfsd: fix delegation_blocked() to block correctly for at least 30 seconds nfsd: fix initial getattr on write delegation nfsd: untangle code in nfsd4_deleg_getattr_conflict() nfsd: enforce upper limit for namelen in __cld_pipe_inprogress_downcall() nfsd: return -EINVAL when namelen is 0 NFSD: Wrap async copy operations with trace points NFSD: Clean up extra whitespace in trace_nfsd_copy_done NFSD: Record the callback stateid in copy tracepoints NFSD: Display copy stateids with conventional print formatting NFSD: Limit the number of concurrent async COPY operations NFSD: Async COPY result needs to return a write verifier nfsd: avoid races with wake_up_var() nfsd: use clear_and_wake_up_bit() sunrpc: xprtrdma: Use ERR_CAST() to return NFSD: Annotate struct pnfs_block_deviceaddr with __counted_by() nfsd: call cache_put if xdr_reserve_space returns NULL ... commit 8c04a6d6e07ce565928ea98ae8c534cac871af19 Merge: da3ea35007d0af 509abfc7a0ba66 Author: Anna Schumaker Date: Mon Sep 23 15:00:07 2024 -0400 Merge tag 'nfsd-6.12' into linux-next-with-localio NFSD 6.12 Release Notes Notable features of this release include: - Pre-requisites for automatically determining the RPC server thread count - Clean-up and preparation for supporting LOCALIO, which will be merged via the NFS client tree - Enhancements and fixes to NFSv4.2 COPY offload - A new Python-based tool for generating kernel SunRPC XDR encoding and decoding functions, added as an aid for prototyping features in protocols based on the Linux kernel's SunRPC implementation. As always I am grateful to the NFSD contributors, reviewers, testers, and bug reporters who participated during this cycle. commit 721068dec4ec3cc625d8737d4dfa0ff0aa795cd1 Merge: a1fb2fcbb60650 6888c1e85f5db1 Author: Linus Torvalds Date: Mon Sep 23 11:55:17 2024 -0700 Merge tag 'gfs2-v6.10-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2 Pull gfs2 update from Andreas Gruenbacher: - Convert the writepage address space operation to writepages (Matthew Wilcox) - A syzkaller fix (by Julian Sun) and a minor cleanup (Andreas Gruenbacher) * tag 'gfs2-v6.10-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2: gfs2: Remove gfs2_aspace_writepage() gfs2: Remove gfs2_jdata_writepage() gfs2: Remove __gfs2_writepage() gfs2: Add gfs2_aspace_writepages() gfs2: fix double destroy_workqueue error gfs2: Minor gfs2_glock_cb cleanup commit a1fb2fcbb60650621a7e3238629a8bfb94147b8e Merge: d0359e4ca0f26a 7f1b63f981b828 Author: Linus Torvalds Date: Mon Sep 23 11:49:02 2024 -0700 Merge tag 'for-6.12-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux Pull btrfs fixes from David Sterba: - fix dangling pointer to rb-tree of defragmented inodes after cleanup - a followup fix to handle concurrent lseek on the same fd that could leak memory under some conditions - fix wrong root id reported in tree checker when verifying dref * tag 'for-6.12-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux: btrfs: fix use-after-free on rbtree that tracks inodes for auto defrag btrfs: tree-checker: fix the wrong output of data backref objectid btrfs: fix race setting file private on concurrent lseek using same fd commit fa911d1f377bbe4cc47e58afbd8fff7750b7ac62 Author: Masahiro Yamada Date: Fri Sep 20 02:37:18 2024 +0900 kbuild: doc: replace "gcc" in external module description Avoid "gcc" since it is not the only compiler supported by Kbuild. Signed-off-by: Masahiro Yamada Reviewed-by: Nicolas Schier commit 2eb5d7f2429945aeb4730c7c310a0e1b5ae4c8d0 Author: Masahiro Yamada Date: Fri Sep 20 02:37:17 2024 +0900 kbuild: doc: describe the -C option precisely for external module builds Building external modules is typically done using this command: $ make -C M= Here, refers to the output directory where the kernel was built, not the kernel source directory. When the kernel is built in the source tree, there is no ambiguity, as the output directory and the source directory are the same. If the kernel was built in a separate build directory, should be the kernel output directory. Otherwise, Kbuild cannot locate necessary build artifacts. This has been the method for building external modules against a pre-built kernel in a separate directory for over 20 years. [1] If you pass the kernel source directory to the -C option, you must also specify the kernel build directory using the O= option. This approach works as well, though it results in a slightly longer command: $ make -C O= M= Some people mistakenly believe that O= should specify a build directory for external modules when used together with M=. This commit adds more clarification to Documentation/kbuild/kbuild.rst. [1]: https://git.kernel.org/pub/scm/linux/kernel/git/history/history.git/commit/?id=e321b2ec2eb2993b3d0116e5163c78ad923e3c54 Signed-off-by: Masahiro Yamada Reviewed-by: Nicolas Schier commit e873fb948283a595bba6228efc69ed1191f45689 Author: Masahiro Yamada Date: Fri Sep 20 02:37:16 2024 +0900 kbuild: doc: remove the description about shipped files The use of shipped files is discouraged in the upstream kernel these days. [1] Downstream Makefiles have the freedom to use shipped files or other options to handle binaries, but this should not be advertised in the upstream document. [1]: https://lore.kernel.org/all/CAHk-=wgSEi_ZrHdqr=20xv+d6dr5G895CbOAi8ok+7-CQUN=fQ@mail.gmail.com/ Signed-off-by: Masahiro Yamada Reviewed-by: Nicolas Schier commit 803d5059529aaabd53aabd5cd2c7b405824601b7 Author: Masahiro Yamada Date: Fri Sep 20 02:37:15 2024 +0900 kbuild: doc: drop section numbering, use references in modules.rst Do similar to commit 1a4c1c9df72e ("docs/kbuild/makefiles: drop section numbering, use references"). Signed-off-by: Masahiro Yamada commit 7813cd68ea7ae909676aea19411b5c9c20436ebb Author: Masahiro Yamada Date: Fri Sep 20 02:37:14 2024 +0900 kbuild: doc: throw out the local table of contents in modules.rst Do similar to commit 5e8f0ba38a4d ("docs/kbuild/makefiles: throw out the local table of contents"). Signed-off-by: Masahiro Yamada commit a866eda43f4f0d0c4dd53af81f15375a4b799eb8 Author: Masahiro Yamada Date: Tue Sep 17 23:16:31 2024 +0900 kbuild: doc: remove outdated description of the limitation on -I usage Kbuild used to manipulate header search paths, enforcing the odd limitation of "no space after -I". Commit cdd750bfb1f7 ("kbuild: remove 'addtree' and 'flags' magic for header search paths") stopped doing that. This limitation no longer exists. Instead, you need to accurately specify the header search path. (In this case, $(src)/include) Signed-off-by: Masahiro Yamada Reviewed-by: Nicolas Schier commit 1a59bd3ca5d8fde10d082e56c3073f7fa563e73b Author: Masahiro Yamada Date: Tue Sep 17 23:16:30 2024 +0900 kbuild: doc: remove description about grepping CONFIG options This description was added 20 years ago [1]. It does not convey any useful information except for a feeling of nostalgia. [1]: https://git.kernel.org/pub/scm/linux/kernel/git/history/history.git/commit/?id=65e433436b5794ae056d22ddba60fe9194bba007 Signed-off-by: Masahiro Yamada Reviewed-by: Nicolas Schier commit 062a1481cf275d39d3cda99f8357f2f8bdd8f611 Author: Masahiro Yamada Date: Tue Sep 17 23:16:29 2024 +0900 kbuild: doc: update the description about Kbuild/Makefile split The phrase "In newer versions of the kernel" was added 14 years ago, by commit efdf02cf0651 ("Documentation/kbuild: major edit of modules.txt sections 1-4"). This feature is no longer new, so remove it and update the paragraph. Example 3 was written 20 years ago [1]. There is no need to note about backward compatibility with such an old build system. Remove Example 3 entirely. [1]: https://git.kernel.org/pub/scm/linux/kernel/git/history/history.git/commit/?id=65e433436b5794ae056d22ddba60fe9194bba007 Signed-off-by: Masahiro Yamada Reviewed-by: Nicolas Schier commit fc1c79be45485565dc145fd03ee38bca89be8fbd Author: Masahiro Yamada Date: Sat Sep 14 03:06:20 2024 +0900 kbuild: remove unnecessary export of RUST_LIB_SRC If RUST_LIB_SRC is defined in the top-level Makefile (via an environment variable or command line), it is already exported. The only situation where it is defined but not exported is when the top-level Makefile is wrapped by another Makefile (e.g., GNUmakefile). I cannot think of any other use cases. I know some people use this tip to define custom variables. However, even in that case, you can export it directly in the wrapper Makefile. Example GNUmakefile: export RUST_LIB_SRC = /path/to/your/sysroot/lib/rustlib/src/rust/library include Makefile Signed-off-by: Masahiro Yamada Reviewed-by: Nicolas Schier Reviewed-by: Alice Ryhl commit d0359e4ca0f26aaf3118124dfb562e3b3dca1c06 Merge: b3f391fddf3cfa 116249b12939a8 Author: Linus Torvalds Date: Mon Sep 23 10:49:28 2024 -0700 Merge tag 'fs_for_v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs Pull quota and isofs updates from Jan Kara: "A few small cleanups in quota and isofs" * tag 'fs_for_v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs: isofs: Annotate struct SL_component with __counted_by() quota: remove unnecessary error code translation in dquot_quota_enable quota: remove redundant return at end of void function quota: remove unneeded return value of register_quota_format quota: avoid missing put_quota_format when DQUOT_SUSPENDED is passed commit b3f391fddf3cfaadda59ec8da8fd17f4520bbf42 Merge: f8ffbc365f703d 025c55a4c7f11e Author: Linus Torvalds Date: Mon Sep 23 10:05:41 2024 -0700 Merge tag 'bcachefs-2024-09-21' of git://evilpiepirate.org/bcachefs Pull bcachefs updates from Kent Overstreet: - rcu_pending, btree key cache rework: this solves lock contenting in the key cache, eliminating the biggest source of the srcu lock hold time warnings, and drastically improving performance on some metadata heavy workloads - on multithreaded creates we're now 3-4x faster than xfs. - We're now using an rhashtable instead of the system inode hash table; this is another significant performance improvement on multithreaded metadata workloads, eliminating more lock contention. - for_each_btree_key_in_subvolume_upto(): new helper for iterating over keys within a specific subvolume, eliminating a lot of open coded "subvolume_get_snapshot()" and also fixing another source of srcu lock time warnings, by running each loop iteration in its own transaction (as the existing for_each_btree_key() does). - More work on btree_trans locking asserts; we now assert that we don't hold btree node locks when trans->locked is false, which is important because we don't use lockdep for tracking individual btree node locks. - Some cleanups and improvements in the bset.c btree node lookup code, from Alan. - Rework of btree node pinning, which we use in backpointers fsck. The old hacky implementation, where the shrinker just skipped over nodes in the pinned range, was causing OOMs; instead we now use another shrinker with a much higher seeks number for pinned nodes. - Rebalance now uses BCH_WRITE_ONLY_SPECIFIED_DEVS; this fixes an issue where rebalance would sometimes fall back to allocating from the full filesystem, which is not what we want when it's trying to move data to a specific target. - Use __GFP_ACCOUNT, GFP_RECLAIMABLE for btree node, key cache allocations. - Idmap mounts are now supported (Hongbo Li) - Rename whiteouts are now supported (Hongbo Li) - Erasure coding can now handle devices being marked as failed, or forcibly removed. We still need the evacuate path for erasure coding, but it's getting very close to ready for people to start using. * tag 'bcachefs-2024-09-21' of git://evilpiepirate.org/bcachefs: (99 commits) bcachefs: return err ptr instead of null in read sb clean bcachefs: Remove duplicated include in backpointers.c bcachefs: Don't drop devices with stripe pointers bcachefs: bch2_ec_stripe_head_get() now checks for change in rw devices bcachefs: bch_fs.rw_devs_change_count bcachefs: bch2_dev_remove_stripes() bcachefs: bch2_trigger_ptr() calculates sectors even when no device bcachefs: improve error messages in bch2_ec_read_extent() bcachefs: improve error message on too few devices for ec bcachefs: improve bch2_new_stripe_to_text() bcachefs: ec_stripe_head.nr_created bcachefs: bch_stripe.disk_label bcachefs: stripe_to_mem() bcachefs: EIO errcode cleanup bcachefs: Rework btree node pinning bcachefs: split up btree cache counters for live, freeable bcachefs: btree cache counters should be size_t bcachefs: Don't count "skipped access bit" as touched in btree cache scan bcachefs: Failed devices no longer require mounting in degraded mode bcachefs: bch2_dev_rcu_noerror() ... commit 431844b65f4c1b988ccd886f2ed29c138f7bb262 Author: Andrea Righi Date: Sat Sep 21 21:39:21 2024 +0200 sched_ext: Provide a sysfs enable_seq counter As discussed during the distro-centric session within the sched_ext Microconference at LPC 2024, introduce a sequence counter that is incremented every time a BPF scheduler is loaded. This feature can help distributions in diagnosing potential performance regressions by identifying systems where users are running (or have ran) custom BPF schedulers. Example: arighi@virtme-ng~> cat /sys/kernel/sched_ext/enable_seq 0 arighi@virtme-ng~> sudo scx_simple local=1 global=0 ^CEXIT: unregistered from user space arighi@virtme-ng~> cat /sys/kernel/sched_ext/enable_seq 1 In this way user-space tools (such as Ubuntu's apport and similar) are able to gather and include this information in bug reports. Cc: Giovanni Gherdovich Cc: Kleber Sacilotto de Souza Cc: Marcelo Henrique Cerri Cc: Phil Auld Signed-off-by: Andrea Righi Signed-off-by: Tejun Heo commit 62d3726d4cd66f3e48dfe0f0401e0d74e58c2170 Author: Tejun Heo Date: Mon Sep 23 06:45:22 2024 -1000 sched_ext: Fix build when !CONFIG_STACKTRACE a2f4b16e736d ("sched_ext: Build fix on !CONFIG_STACKTRACE[_SUPPORT]") tried fixing build when !CONFIG_STACKTRACE but didn't so fully. Also put stack_trace_print() and stack_trace_save() inside CONFIG_STACKTRACE to fix build when !CONFIG_STACKTRACE. Signed-off-by: Tejun Heo Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409220642.fDW2OmWc-lkp@intel.com/ commit f8ffbc365f703d74ecca8ca787318d05bbee2bf7 Merge: f8eb5bd9a818cc de12c3391bce10 Author: Linus Torvalds Date: Mon Sep 23 09:35:36 2024 -0700 Merge tag 'pull-stable-struct_fd' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs Pull 'struct fd' updates from Al Viro: "Just the 'struct fd' layout change, with conversion to accessor helpers" * tag 'pull-stable-struct_fd' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: add struct fd constructors, get rid of __to_fd() struct fd: representation change introduce fd_file(), convert all accessors to it. commit f8eb5bd9a818cc5f2a1e50b22b0091830b28cc36 Author: Linus Torvalds Date: Mon Sep 23 08:58:31 2024 -0700 mm: fix build on 32-bit targets without MAX_PHYSMEM_BITS The merge resolution to deal with the conflict between commits ea72ce5da228 ("x86/kaslr: Expose and use the end of the physical memory address space") and 99185c10d5d9 ("resource, kunit: add test case for region_intersects()") ended up being broken in configurations didn't define a MAX_PHYSMEM_BITS and that had a 32-bit 'phys_addr_t'. The fallback to using all bits set (ie "(-1ULL)") ended up causing a build error: kernel/resource.c: In function ‘gfr_start’: include/linux/minmax.h:93:30: error: conversion from ‘long long unsigned int’ to ‘resource_size_t’ {aka ‘unsigned int’} changes value from ‘18446744073709551615’ to ‘4294967295’ [-Werror=overflow] this was reported by Geert for m68k, but he points out that it happens on other 32-bit architectures too, eg mips, xtensa, parisc, and powerpc. Limiting 'PHYSMEM_END' to a 'phys_addr_t' (which is the same as 'resource_size_t') fixes the build, but Geert points out that it will then cause a silent overflow in mm/sparse.c: unsigned long max_sparsemem_pfn = (PHYSMEM_END + 1) >> PAGE_SHIFT; so we actually do want PHYSMEM_END to be defined a 64-bit type - just not all ones, and not larger than 'phys_addr_t'. The proper fix is probably to not have some kind of default fallback at all, but just make sure every architecture has a valid MAX_PHYSMEM_BITS. But in the meantime, this just applies the rule that PHYSMEM_END is the largest value that fits in a 'phys_addr_t', but does not have the high bit set in 64 bits. Ugly, ugly. Reported-by: Geert Uytterhoeven Cc: Andrew Morton Cc: Huang Ying Cc: Thomas Gleixner Signed-off-by: Linus Torvalds commit 2d8721364ce83956d0a184a64052928589ef15df Author: Jason J. Herne Date: Mon Sep 16 08:01:23 2024 -0400 s390/vfio-ap: Driver feature advertisement Advertise features of the driver for the benefit of automated tooling like Libvirt and mdevctl. Signed-off-by: Jason J. Herne Reviewed-by: Anthony Krowiak Reviewed-by: Boris Fiuczynski Link: https://lore.kernel.org/r/20240916120123.11484-1-jjherne@linux.ibm.com Signed-off-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit d714abee5fb64c4817dce477bd7f2bd1bb4fe814 Author: Heiko Carstens Date: Thu Sep 19 14:40:10 2024 +0200 s390/vdso: Use one large alternative instead of an alternative branch Replace the alternative branch with a larger alternative that contains both paths. That way the two paths are closer together and it is easier to change both paths if the need should arise. Signed-off-by: Heiko Carstens Reviewed-by: Jens Remus Signed-off-by: Vasily Gorbik commit c902b578eebfe0739e8ec491b60f2f37dfeb09c0 Author: Heiko Carstens Date: Thu Sep 19 14:40:09 2024 +0200 s390/vdso: Use SYM_DATA_START_LOCAL()/SYM_DATA_END() for data objects Use SYM_DATA_START_LOCAL()/SYM_DATA_END() in vgetrandom-chacha.S so that the constants end up in an object with correct size: readelf -Ws vgetrandom-chacha.o Num: Value Size Type Bind Vis Ndx Name ... 5: 0000000000000000 32 OBJECT LOCAL DEFAULT 5 chacha20_constants Signed-off-by: Heiko Carstens Reviewed-by: Jens Remus Signed-off-by: Vasily Gorbik commit e08ec26928554c36e34e089f663dc9114d77b68c Author: Heiko Carstens Date: Thu Sep 19 14:40:08 2024 +0200 tools: Add additional SYM_*() stubs to linkage.h Similar to commit f8d92fc527ff ("selftests: vDSO: fix include order in build of test_vdso_chacha") add SYM_DATA_START, SYM_DATA_START_LOCAL, and SYM_DATA_END stubs to tools/include/linux/linkage.h so that the proper macros can be used within the kernel's vdso code as well as in the vdso_test_chacha selftest. Signed-off-by: Heiko Carstens Reviewed-by: Jens Remus Signed-off-by: Vasily Gorbik commit d361390d9f2a332b52458cc69f1fe8e76d6c2943 Author: Jens Remus Date: Thu Sep 19 14:40:07 2024 +0200 s390/vdso: Use macros for annotation of asm functions Use the macros SYM_FUNC_START() and SYM_FUNC_END() to annotate the functions in assembly. Signed-off-by: Jens Remus Signed-off-by: Heiko Carstens Acked-by: Vasily Gorbik Signed-off-by: Vasily Gorbik commit 5cccfc8be6d256e91d155313edef20c1a89064b2 Author: Jens Remus Date: Thu Sep 19 14:40:06 2024 +0200 s390/vdso: Add CFI annotations to __arch_chacha20_blocks_nostack() This allows proper unwinding, for instance when using a debugger such as GDB. Signed-off-by: Jens Remus Signed-off-by: Heiko Carstens Acked-by: Vasily Gorbik Signed-off-by: Vasily Gorbik commit ff35a3f0ca5c88145c6da6630f3420071dfa296c Author: Heiko Carstens Date: Thu Sep 19 14:40:05 2024 +0200 s390/vdso: Fix comment within __arch_chacha20_blocks_nostack() Fix comment within __arch_chacha20_blocks_nostack() so the comment reflects what the code is doing. Signed-off-by: Heiko Carstens Reviewed-by: Jens Remus Signed-off-by: Vasily Gorbik commit 8e391ae0607fc820e9ece87d1415e6a1ff274e69 Author: Heiko Carstens Date: Thu Sep 19 14:40:04 2024 +0200 s390/vdso: Get rid of permutation constants The three byte masks for VECTOR PERMUTE are not needed, since the instruction VECTOR SHIFT LEFT DOUBLE BY BYTE can be used to implement the required "rotate left" easily. Signed-off-by: Heiko Carstens Reviewed-by: Jens Remus Signed-off-by: Vasily Gorbik commit ae87b9c2dc9800e6ab52febd09341140599ff8e3 Author: Jaegeuk Kim Date: Sat Sep 14 21:44:10 2024 +0000 f2fs: allow F2FS_IPU_NOCACHE for pinned file This patch allows f2fs to submit bios of in-place writes on pinned file. Reviewed-by: Daeho Jeong Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit edf1c586e92675c4e0eb27758fcdb55a56838de1 Author: Pat Somaru Date: Fri Sep 20 15:41:59 2024 -0400 sched, sched_ext: Disable SM_IDLE/rq empty path when scx_enabled() Disable the rq empty path when scx is enabled. SCX must consult the BPF scheduler (via the dispatch path in balance) to determine if rq is empty. This fixes stalls when scx is enabled. Signed-off-by: Pat Somaru Fixes: 3dcac251b066 ("sched/core: Introduce SM_IDLE and an idle re-entry fast-path in __schedule()") Signed-off-by: Tejun Heo commit 7ebd84d627e40cb9fb12b338588e81b6cca371e3 Author: Yu Liao Date: Mon Sep 23 21:54:31 2024 +0800 sched: Put task_group::idle under CONFIG_GROUP_SCHED_WEIGHT When build with CONFIG_GROUP_SCHED_WEIGHT && !CONFIG_FAIR_GROUP_SCHED, the idle member is not defined: kernel/sched/ext.c:3701:16: error: 'struct task_group' has no member named 'idle' 3701 | if (!tg->idle) | ^~ Fix this by putting 'idle' under new CONFIG_GROUP_SCHED_WEIGHT. tj: Move idle field upward to avoid breaking up CONFIG_FAIR_GROUP_SCHED block. Fixes: e179e80c5d4f ("sched: Introduce CONFIG_GROUP_SCHED_WEIGHT") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409220859.UiCAoFOW-lkp@intel.com/ Signed-off-by: Yu Liao Signed-off-by: Tejun Heo commit 91dba615c3431daf0132349812f6adc83e123eaf Author: Chen Ni Date: Mon Sep 2 16:50:19 2024 +0800 mfd: atc260x: Convert a bunch of commas to semicolons Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Reviewed-by: Cristian Ciocaltea Link: https://lore.kernel.org/r/20240902085019.4111445-1-nichen@iscas.ac.cn Signed-off-by: Lee Jones commit abd4107a1d0ebbd4c44fe23c861b817a0e2843d7 Author: Mukesh Ojha Date: Fri Aug 30 19:09:07 2024 +0530 dt-bindings: mfd: qcom,tcsr: Add compatible for sa8775p Document the compatible for sa8775p SoC. Reviewed-by: Elliot Berman Signed-off-by: Mukesh Ojha Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240830133908.2246139-1-quic_mojha@quicinc.com Signed-off-by: Lee Jones commit db6a186505c8156e55681a3b93ada431863b85c1 Author: Ilpo Järvinen Date: Thu Aug 29 12:57:19 2024 +0300 mfd: intel-lpss: Add Intel Panther Lake LPSS PCI IDs Add Intel Panther Lake-H/P PCI IDs. Signed-off-by: Ilpo Järvinen Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240829095719.1557-3-ilpo.jarvinen@linux.intel.com Signed-off-by: Lee Jones commit 6112597f5ba84b70870fade5069ccc9c8b534a33 Author: Ilpo Järvinen Date: Thu Aug 29 12:57:18 2024 +0300 mfd: intel-lpss: Add Intel Arrow Lake-H LPSS PCI IDs Add Intel Arrow Lake-H PCI IDs. Signed-off-by: Ilpo Järvinen Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240829095719.1557-2-ilpo.jarvinen@linux.intel.com Signed-off-by: Lee Jones commit 33d05f2abf229b4531809d1da771a5027ded6d31 Author: Detlev Casanova Date: Wed Aug 28 15:10:55 2024 +0000 dt-bindings: mfd: syscon: Add rk3576 QoS register compatible Document rk3576 compatible for QoS registers. Signed-off-by: Detlev Casanova Reviewed-by: Krzysztof Kozlowski Acked-by: Heiko Stuebner Link: https://lore.kernel.org/r/01020191998a2fd4-4d7b091c-9c4c-4067-b8d9-fe7482074d6d-000000@eu-west-1.amazonses.com Signed-off-by: Lee Jones commit 9ca84b355d607330321a205fdd93f8c2ad1e57af Author: Haibo Chen Date: Wed Aug 28 11:04:05 2024 +0800 dt-bindings: mfd: adp5585: Add parsing of hogs Allow parsing GPIO controller children nodes with GPIO hogs. Signed-off-by: Haibo Chen Reviewed-by: Laurent Pinchart Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240828030405.2851611-1-haibo.chen@nxp.com Signed-off-by: Lee Jones commit 04bb1800e6dae2172c24752122eace0b038a42b0 Author: Rob Herring (Arm) Date: Mon Aug 26 14:13:00 2024 -0500 mfd: tc3589x: Drop vendorless compatible string from match table There's no need to list "tc3589x" in the DT match table. The I2C core will strip any vendor prefix and match against the i2c_device_id table which has an "tc3589x" entry. Probably "tc3589x" and TC3589X_UNKNOWN could be removed altogether. Use of that compatible was only on some STE platforms and was dropped in 2013. There were ABI breaks in 2014 claiming no DTs in the wild. See commit 1637d480f873 ("pinctrl: nomadik: force-convert to generic config bindings"). Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240826191300.1410222-1-robh@kernel.org Signed-off-by: Lee Jones commit 015d18800269cf47a370dc885766eea36c11f7da Author: Jinjie Ruan Date: Mon Aug 26 17:27:34 2024 +0800 mfd: qcom-spmi-pmic: Use for_each_child_of_node_scoped() Avoids the need for manual cleanup of_node_put() in early exits from the loop. Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/r/20240826092734.2899562-3-ruanjinjie@huawei.com Signed-off-by: Lee Jones commit 0db28e963a3bd5237e68e0d0bd36bc3bed695b35 Author: Jinjie Ruan Date: Mon Aug 26 17:27:33 2024 +0800 mfd: max77620: Use for_each_child_of_node_scoped() Avoids the need for manual cleanup of_node_put() in early exits from the loop. Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/r/20240826092734.2899562-2-ruanjinjie@huawei.com Signed-off-by: Lee Jones commit ae7eee56cdcfcb6a886f76232778d6517fd58690 Author: Hans de Goede Date: Sun Aug 25 15:26:17 2024 +0200 mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI match less strict There are 2G and 4G RAM versions of the Lenovo Yoga Tab 3 X90F and it turns out that the 2G version has a DMI product name of "CHERRYVIEW D1 PLATFORM" where as the 4G version has "CHERRYVIEW C0 PLATFORM". The sys-vendor + product-version check are unique enough that the product-name check is not necessary. Drop the product-name check so that the existing DMI match for the 4G RAM version also matches the 2G RAM version. Signed-off-by: Hans de Goede Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240825132617.8809-1-hdegoede@redhat.com Signed-off-by: Lee Jones commit fd0fec405dbdf5750b863c2c143054dc1eaa60a0 Author: Tzung-Bi Shih Date: Thu Aug 22 20:15:39 2024 +0800 mfd: cros_ec: Update module description The module description can be backtracked to commit e7c256fbfb15 ("platform/chrome: Add Chrome OS EC userspace device interface"). The description became out-of-date after a bunch of changes e.g: - commit 5668bfdd90cd ("platform/chrome: cros_ec_dev - Register cros-ec sensors"). - commit ea01a31b9058 ("cros_ec: Split cros_ec_devs module"). - commit 5e0115581bbc ("cros_ec: Move cros_ec_dev module to drivers/mfd"). Update the description. Signed-off-by: Tzung-Bi Shih Link: https://lore.kernel.org/r/20240822121539.4265-1-tzungbi@kernel.org Signed-off-by: Lee Jones commit dc98e25bc37b9674f7984b88d04793f466734728 Author: Tzung-Bi Shih Date: Mon Aug 19 18:23:26 2024 +0800 mfd: cros_ec: Simplify and clean-up cros_ec_dev_init() Simplify cros_ec_dev_init() by the following changes: - Get rid of label `failed_devreg`. - Remove a redundant space and comment. - Use `if (ret)` instead of `if (ret < 0)`. Signed-off-by: Tzung-Bi Shih Link: https://lore.kernel.org/r/20240819102326.5235-1-tzungbi@kernel.org Signed-off-by: Lee Jones commit 607638b73cb097e727b19e4c09f2c68bddae941e Author: Liao Chen Date: Wed Aug 14 02:57:10 2024 +0000 mfd: max14577: Provide MODULE_DEVICE_TABLE() to fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240814025710.3875859-1-liaochen4@huawei.com Signed-off-by: Lee Jones commit 6fc9bb82a3ef0691fc2297cd7404d3873c95b7be Author: Detlev Casanova Date: Fri Aug 2 09:47:36 2024 -0400 mfd: rk8xx: Add support for rk806 on i2c bus The ArmSoM Sige 5 board connects the rk806 PMIC on an i2c bus. Signed-off-by: Detlev Casanova Link: https://lore.kernel.org/r/20240802134736.283851-1-detlev.casanova@collabora.com Signed-off-by: Lee Jones commit bdeb868c0ddf04c4777bf651834495baaf4f991b Author: Yu Liao Date: Mon Sep 23 21:54:30 2024 +0800 sched: Add dummy version of sched_group_set_idle() Fix the following error when build with CONFIG_GROUP_SCHED_WEIGHT && !CONFIG_FAIR_GROUP_SCHED: kernel/sched/core.c:9634:15: error: implicit declaration of function 'sched_group_set_idle'; did you mean 'scx_group_set_idle'? [-Wimplicit-function-declaration] 9634 | ret = sched_group_set_idle(css_tg(css), idle); | ^~~~~~~~~~~~~~~~~~~~ | scx_group_set_idle Fixes: e179e80c5d4f ("sched: Introduce CONFIG_GROUP_SCHED_WEIGHT") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409220859.UiCAoFOW-lkp@intel.com/ Signed-off-by: Yu Liao Signed-off-by: Tejun Heo commit 9631042b91c359f7f1eda8f30c0932ef90bc4089 Author: Guenter Roeck Date: Mon Sep 23 06:52:35 2024 -0700 hexagon: vdso: Fix build failure Hexagon images fail to build with the following error. arch/hexagon/kernel/vdso.c:57:3: error: use of undeclared identifier 'name' name = "[vdso]", ^ Add the missing '.' to fix the problem. Fixes: 497258dfafcc ("mm: remove legacy install_special_mapping() code") Cc: Linus Torvalds Signed-off-by: Guenter Roeck Reviewed-by: Brian Cain Signed-off-by: Linus Torvalds commit cac075706f298948898b1f63e81709df42afa75d Author: Steven Price Date: Mon Sep 23 11:34:06 2024 +0100 drm/panthor: Fix race when converting group handle to group object XArray provides it's own internal lock which protects the internal array when entries are being simultaneously added and removed. However there is still a race between retrieving the pointer from the XArray and incrementing the reference count. To avoid this race simply hold the internal XArray lock when incrementing the reference count, this ensures there cannot be a racing call to xa_erase(). Fixes: de8548813824 ("drm/panthor: Add the scheduler logical block") Signed-off-by: Steven Price Reviewed-by: Boris Brezillon Reviewed-by: Liviu Dudau Link: https://patchwork.freedesktop.org/patch/msgid/20240923103406.2509906-1-steven.price@arm.com commit 6c56fb4434f59df9c777eded5f77cc812882cef3 Author: John B. Wyatt IV Date: Thu Sep 19 15:56:24 2024 -0400 pm: cpupower: Clean up bindings gitignore Add SPDX identifier to the gitignore. Remove the comment and .i file since the file it references was removed in another patch. This patch depends on Min-Hua Chen's 'pm: cpupower: rename raw_pylibcpupower.i'. Signed-off-by: John B. Wyatt IV Signed-off-by: John B. Wyatt IV Signed-off-by: Shuah Khan commit 53e4e17557049d7688ca9dadeae80864d40cf0b7 Author: NeilBrown Date: Mon Sep 23 09:46:05 2024 +1000 nfsd: nfsd_destroy_serv() must call svc_destroy() even if nfsd_startup_net() failed If nfsd_startup_net() fails and so ->nfsd_net_up is false, nfsd_destroy_serv() doesn't currently call svc_destroy(). It should. Fixes: 1e3577a4521e ("SUNRPC: discard sv_refcnt, and svc_get/svc_put") Signed-off-by: NeilBrown Signed-off-by: Chuck Lever commit dc0d0f885aa422f621bc1c2124133eff566b0bc8 Author: Chuck Lever Date: Sat Sep 21 14:25:37 2024 -0400 NFSD: Mark filecache "down" if init fails NeilBrown says: > The handling of NFSD_FILE_CACHE_UP is strange. nfsd_file_cache_init() > sets it, but doesn't clear it on failure. So if nfsd_file_cache_init() > fails for some reason, nfsd_file_cache_shutdown() would still try to > clean up if it was called. Reported-by: NeilBrown Fixes: c7b824c3d06c ("NFSD: Replace the "init once" mechanism") Signed-off-by: Chuck Lever commit 66cac80698cd1e31ae9bc5c271e83209903d4861 Author: Matthew Sakai Date: Tue Sep 17 23:24:37 2024 -0400 dm vdo: handle unaligned discards correctly Reset the data_vio properly for each discard block, and delay acknowledgement and cleanup until all discard blocks are complete. Signed-off-by: Matthew Sakai Signed-off-by: Mikulas Patocka commit cb7d85014fb1ca3387f7ff5f6067337b3d7f3c5a Author: Yuezhang Mo Date: Sat Sep 14 09:42:01 2024 +0800 MAINTAINERS: exfat: add myself as reviewer I have been contributing to exfat for sometime and I would like to help with code reviews as well. Signed-off-by: Yuezhang Mo Acked-by: Sungjong Seo Signed-off-by: Namjae Jeon commit c290fe508eee36df1640c3cb35dc8f89e073c8a8 Author: Daniel Yang Date: Mon Sep 16 16:05:06 2024 -0700 exfat: resolve memory leak from exfat_create_upcase_table() If exfat_load_upcase_table reaches end and returns -EINVAL, allocated memory doesn't get freed and while exfat_load_default_upcase_table allocates more memory, leading to a memory leak. Here's link to syzkaller crash report illustrating this issue: https://syzkaller.appspot.com/text?tag=CrashReport&x=1406c201980000 Reported-by: syzbot+e1c69cadec0f1a078e3d@syzkaller.appspotmail.com Fixes: a13d1a4de3b0 ("exfat: move freeing sbi, upcase table and dropping nls into rcu-delayed helper") Cc: stable@vger.kernel.org Signed-off-by: Daniel Yang Signed-off-by: Namjae Jeon commit 6630ea49103c3d45461e29b0f6eb0ce750aeb8f5 Author: Yuezhang Mo Date: Mon Sep 23 21:37:32 2024 +0900 exfat: move extend valid_size into ->page_mkwrite() It is not a good way to extend valid_size to the end of the mmap area by writing zeros in mmap. Because after calling mmap, no data may be written, or only a small amount of data may be written to the head of the mmap area. This commit moves extending valid_size to exfat_page_mkwrite(). In exfat_page_mkwrite() only extend valid_size to the starting position of new data writing, which reduces unnecessary writing of zeros. If the block is not mapped and is marked as new after being mapped for writing, block_write_begin() will zero the page cache corresponding to the block, so there is no need to call zero_user_segment() in exfat_file_zeroed_range(). And after moving extending valid_size to exfat_page_mkwrite(), the data written by mmap will be copied to the page cache but the page cache may be not mapped to the disk. Calling zero_user_segment() will cause the data written by mmap to be cleared. So this commit removes calling zero_user_segment() from exfat_file_zeroed_range() and renames exfat_file_zeroed_range() to exfat_extend_valid_size(). Signed-off-by: Yuezhang Mo Signed-off-by: Namjae Jeon commit c8770db2d54437a5f49417ae7b46f7de23d14db6 Author: Josh Hunt Date: Tue Sep 10 15:08:22 2024 -0400 tcp: check skb is non-NULL in tcp_rto_delta_us() We have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic kernel that are running ceph and recently hit a null ptr dereference in tcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also saw it getting hit from the RACK case as well. Here are examples of the oops messages we saw in each of those cases: Jul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020 Jul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode Jul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page Jul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0 Jul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI Jul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu Jul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023 Jul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160 Jul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 <48> 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3 Jul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246 Jul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000 Jul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60 Jul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8 Jul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900 Jul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30 Jul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000 Jul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Jul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0 Jul 26 15:05:02 rx [11061395.913822] PKRU: 55555554 Jul 26 15:05:02 rx [11061395.916786] Call Trace: Jul 26 15:05:02 rx [11061395.919488] Jul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f Jul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9 Jul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380 Jul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0 Jul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50 Jul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0 Jul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20 Jul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450 Jul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140 Jul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90 Jul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0 Jul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40 Jul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160 Jul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160 Jul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220 Jul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240 Jul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0 Jul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240 Jul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130 Jul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280 Jul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10 Jul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30 Jul 26 15:05:02 rx [11061396.017718] ? lapic_next_event+0x21/0x30 Jul 26 15:05:02 rx [11061396.021984] ? clockevents_program_event+0x8f/0xe0 Jul 26 15:05:02 rx [11061396.027035] run_timer_softirq+0x2a/0x50 Jul 26 15:05:02 rx [11061396.031212] __do_softirq+0xd1/0x2c1 Jul 26 15:05:02 rx [11061396.035044] do_softirq_own_stack+0x2a/0x40 Jul 26 15:05:02 rx [11061396.039480] Jul 26 15:05:02 rx [11061396.041840] do_softirq.part.0+0x46/0x50 Jul 26 15:05:02 rx [11061396.046022] __local_bh_enable_ip+0x50/0x60 Jul 26 15:05:02 rx [11061396.050460] _raw_spin_unlock_bh+0x1e/0x20 Jul 26 15:05:02 rx [11061396.054817] nf_conntrack_tcp_packet+0x29e/0xbe0 [nf_conntrack] Jul 26 15:05:02 rx [11061396.060994] ? get_l4proto+0xe7/0x190 [nf_conntrack] Jul 26 15:05:02 rx [11061396.066220] nf_conntrack_in+0xe9/0x670 [nf_conntrack] Jul 26 15:05:02 rx [11061396.071618] ipv6_conntrack_local+0x14/0x20 [nf_conntrack] Jul 26 15:05:02 rx [11061396.077356] nf_hook_slow+0x45/0xb0 Jul 26 15:05:02 rx [11061396.081098] ip6_xmit+0x3f0/0x5d0 Jul 26 15:05:02 rx [11061396.084670] ? ipv6_anycast_cleanup+0x50/0x50 Jul 26 15:05:02 rx [11061396.089282] ? __sk_dst_check+0x38/0x70 Jul 26 15:05:02 rx [11061396.093381] ? inet6_csk_route_socket+0x13b/0x200 Jul 26 15:05:02 rx [11061396.098346] inet6_csk_xmit+0xa7/0xf0 Jul 26 15:05:02 rx [11061396.102263] __tcp_transmit_skb+0x550/0xb30 Jul 26 15:05:02 rx [11061396.106701] tcp_write_xmit+0x3c6/0xc20 Jul 26 15:05:02 rx [11061396.110792] ? __alloc_skb+0x98/0x1d0 Jul 26 15:05:02 rx [11061396.114708] __tcp_push_pending_frames+0x37/0x100 Jul 26 15:05:02 rx [11061396.119667] tcp_push+0xfd/0x100 Jul 26 15:05:02 rx [11061396.123150] tcp_sendmsg_locked+0xc70/0xdd0 Jul 26 15:05:02 rx [11061396.127588] tcp_sendmsg+0x2d/0x50 Jul 26 15:05:02 rx [11061396.131245] inet6_sendmsg+0x43/0x70 Jul 26 15:05:02 rx [11061396.135075] __sock_sendmsg+0x48/0x70 Jul 26 15:05:02 rx [11061396.138994] ____sys_sendmsg+0x212/0x280 Jul 26 15:05:02 rx [11061396.143172] ___sys_sendmsg+0x88/0xd0 Jul 26 15:05:02 rx [11061396.147098] ? __seccomp_filter+0x7e/0x6b0 Jul 26 15:05:02 rx [11061396.151446] ? __switch_to+0x39c/0x460 Jul 26 15:05:02 rx [11061396.155453] ? __switch_to_asm+0x42/0x80 Jul 26 15:05:02 rx [11061396.159636] ? __switch_to_asm+0x5a/0x80 Jul 26 15:05:02 rx [11061396.163816] __sys_sendmsg+0x5c/0xa0 Jul 26 15:05:02 rx [11061396.167647] __x64_sys_sendmsg+0x1f/0x30 Jul 26 15:05:02 rx [11061396.171832] do_syscall_64+0x57/0x190 Jul 26 15:05:02 rx [11061396.175748] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 Jul 26 15:05:02 rx [11061396.181055] RIP: 0033:0x7f1ef692618d Jul 26 15:05:02 rx [11061396.184893] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 ca ee ff ff 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 2f 44 89 c7 48 89 44 24 08 e8 fe ee ff ff 48 Jul 26 15:05:02 rx [11061396.203889] RSP: 002b:00007f1ef4a26aa0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e Jul 26 15:05:02 rx [11061396.211708] RAX: ffffffffffffffda RBX: 000000000000084b RCX: 00007f1ef692618d Jul 26 15:05:02 rx [11061396.219091] RDX: 0000000000004000 RSI: 00007f1ef4a26b10 RDI: 0000000000000275 Jul 26 15:05:02 rx [11061396.226475] RBP: 0000000000004000 R08: 0000000000000000 R09: 0000000000000020 Jul 26 15:05:02 rx [11061396.233859] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000084b Jul 26 15:05:02 rx [11061396.241243] R13: 00007f1ef4a26b10 R14: 0000000000000275 R15: 000055592030f1e8 Jul 26 15:05:02 rx [11061396.248628] Modules linked in: vrf bridge stp llc vxlan ip6_udp_tunnel udp_tunnel nls_iso8859_1 amd64_edac_mod edac_mce_amd kvm_amd kvm crct10dif_pclmul ghash_clmulni_intel aesni_intel crypto_simd cryptd glue_helper wmi_bmof ipmi_ssif input_leds joydev rndis_host cdc_ether usbnet mii ast drm_vram_helper ttm drm_kms_helper i2c_algo_bit fb_sys_fops syscopyarea sysfillrect sysimgblt ccp mac_hid ipmi_si ipmi_devintf ipmi_msghandler nft_ct sch_fq_codel nf_tables_set nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink ramoops reed_solomon efi_pstore drm ip_tables x_tables autofs4 raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid0 multipath linear mlx5_ib ib_uverbs ib_core raid1 mlx5_core hid_generic pci_hyperv_intf crc32_pclmul tls usbhid ahci mlxfw bnxt_en libahci hid nvme i2c_piix4 nvme_core wmi Jul 26 15:05:02 rx [11061396.324334] CR2: 0000000000000020 Jul 26 15:05:02 rx [11061396.327944] ---[ end trace 68a2b679d1cfb4f1 ]--- Jul 26 15:05:02 rx [11061396.433435] RIP: 0010:tcp_rearm_rto+0xe4/0x160 Jul 26 15:05:02 rx [11061396.438137] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 <48> 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3 Jul 26 15:05:02 rx [11061396.457144] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246 Jul 26 15:05:02 rx [11061396.462629] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000 Jul 26 15:05:02 rx [11061396.470012] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60 Jul 26 15:05:02 rx [11061396.477396] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8 Jul 26 15:05:02 rx [11061396.484779] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900 Jul 26 15:05:02 rx [11061396.492164] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30 Jul 26 15:05:02 rx [11061396.499547] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000 Jul 26 15:05:02 rx [11061396.507886] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Jul 26 15:05:02 rx [11061396.513884] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0 Jul 26 15:05:02 rx [11061396.521267] PKRU: 55555554 Jul 26 15:05:02 rx [11061396.524230] Kernel panic - not syncing: Fatal exception in interrupt Jul 26 15:05:02 rx [11061396.530885] Kernel Offset: 0x1b200000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) Jul 26 15:05:03 rx [11061396.660181] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- After we hit this we disabled TLP by setting tcp_early_retrans to 0 and then hit the crash in the RACK case: Aug 7 07:26:16 rx [1006006.265582] BUG: kernel NULL pointer dereference, address: 0000000000000020 Aug 7 07:26:16 rx [1006006.272719] #PF: supervisor read access in kernel mode Aug 7 07:26:16 rx [1006006.278030] #PF: error_code(0x0000) - not-present page Aug 7 07:26:16 rx [1006006.283343] PGD 0 P4D 0 Aug 7 07:26:16 rx [1006006.286057] Oops: 0000 [#1] SMP NOPTI Aug 7 07:26:16 rx [1006006.289896] CPU: 5 PID: 0 Comm: swapper/5 Tainted: G W 5.4.0-174-generic #193-Ubuntu Aug 7 07:26:16 rx [1006006.299107] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023 Aug 7 07:26:16 rx [1006006.309970] RIP: 0010:tcp_rearm_rto+0xe4/0x160 Aug 7 07:26:16 rx [1006006.314584] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 <48> 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3 Aug 7 07:26:16 rx [1006006.333499] RSP: 0018:ffffb42600a50960 EFLAGS: 00010246 Aug 7 07:26:16 rx [1006006.338895] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000 Aug 7 07:26:16 rx [1006006.346193] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff92d687ed8160 Aug 7 07:26:16 rx [1006006.353489] RBP: ffffb42600a50978 R08: 0000000000000000 R09: 00000000cd896dcc Aug 7 07:26:16 rx [1006006.360786] R10: ffff92dc3404f400 R11: 0000000000000001 R12: ffff92d687ed8000 Aug 7 07:26:16 rx [1006006.368084] R13: ffff92d687ed8160 R14: 00000000cd896dcc R15: 00000000cd8fca81 Aug 7 07:26:16 rx [1006006.375381] FS: 0000000000000000(0000) GS:ffff93158ad40000(0000) knlGS:0000000000000000 Aug 7 07:26:16 rx [1006006.383632] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Aug 7 07:26:16 rx [1006006.389544] CR2: 0000000000000020 CR3: 0000003e775ce006 CR4: 0000000000760ee0 Aug 7 07:26:16 rx [1006006.396839] PKRU: 55555554 Aug 7 07:26:16 rx [1006006.399717] Call Trace: Aug 7 07:26:16 rx [1006006.402335] Aug 7 07:26:16 rx [1006006.404525] ? show_regs.cold+0x1a/0x1f Aug 7 07:26:16 rx [1006006.408532] ? __die+0x90/0xd9 Aug 7 07:26:16 rx [1006006.411760] ? no_context+0x196/0x380 Aug 7 07:26:16 rx [1006006.415599] ? __bad_area_nosemaphore+0x50/0x1a0 Aug 7 07:26:16 rx [1006006.420392] ? _raw_spin_lock+0x1e/0x30 Aug 7 07:26:16 rx [1006006.424401] ? bad_area_nosemaphore+0x16/0x20 Aug 7 07:26:16 rx [1006006.428927] ? do_user_addr_fault+0x267/0x450 Aug 7 07:26:16 rx [1006006.433450] ? __do_page_fault+0x58/0x90 Aug 7 07:26:16 rx [1006006.437542] ? do_page_fault+0x2c/0xe0 Aug 7 07:26:16 rx [1006006.441470] ? page_fault+0x34/0x40 Aug 7 07:26:16 rx [1006006.445134] ? tcp_rearm_rto+0xe4/0x160 Aug 7 07:26:16 rx [1006006.449145] tcp_ack+0xa32/0xb30 Aug 7 07:26:16 rx [1006006.452542] tcp_rcv_established+0x13c/0x670 Aug 7 07:26:16 rx [1006006.456981] ? sk_filter_trim_cap+0x48/0x220 Aug 7 07:26:16 rx [1006006.461419] tcp_v6_do_rcv+0xdb/0x450 Aug 7 07:26:16 rx [1006006.465257] tcp_v6_rcv+0xc2b/0xd10 Aug 7 07:26:16 rx [1006006.468918] ip6_protocol_deliver_rcu+0xd3/0x4e0 Aug 7 07:26:16 rx [1006006.473706] ip6_input_finish+0x15/0x20 Aug 7 07:26:16 rx [1006006.477710] ip6_input+0xa2/0xb0 Aug 7 07:26:16 rx [1006006.481109] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0 Aug 7 07:26:16 rx [1006006.486151] ip6_sublist_rcv_finish+0x3d/0x50 Aug 7 07:26:16 rx [1006006.490679] ip6_sublist_rcv+0x1aa/0x250 Aug 7 07:26:16 rx [1006006.494779] ? ip6_rcv_finish_core.isra.0+0xa0/0xa0 Aug 7 07:26:16 rx [1006006.499828] ipv6_list_rcv+0x112/0x140 Aug 7 07:26:16 rx [1006006.503748] __netif_receive_skb_list_core+0x1a4/0x250 Aug 7 07:26:16 rx [1006006.509057] netif_receive_skb_list_internal+0x1a1/0x2b0 Aug 7 07:26:16 rx [1006006.514538] gro_normal_list.part.0+0x1e/0x40 Aug 7 07:26:16 rx [1006006.519068] napi_complete_done+0x91/0x130 Aug 7 07:26:16 rx [1006006.523352] mlx5e_napi_poll+0x18e/0x610 [mlx5_core] Aug 7 07:26:16 rx [1006006.528481] net_rx_action+0x142/0x390 Aug 7 07:26:16 rx [1006006.532398] __do_softirq+0xd1/0x2c1 Aug 7 07:26:16 rx [1006006.536142] irq_exit+0xae/0xb0 Aug 7 07:26:16 rx [1006006.539452] do_IRQ+0x5a/0xf0 Aug 7 07:26:16 rx [1006006.542590] common_interrupt+0xf/0xf Aug 7 07:26:16 rx [1006006.546421] Aug 7 07:26:16 rx [1006006.548695] RIP: 0010:native_safe_halt+0xe/0x10 Aug 7 07:26:16 rx [1006006.553399] Code: 7b ff ff ff eb bd 90 90 90 90 90 90 e9 07 00 00 00 0f 00 2d 36 2c 50 00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d 26 2c 50 00 fb f4 90 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 53 e8 dd 5e 61 ff 65 Aug 7 07:26:16 rx [1006006.572309] RSP: 0018:ffffb42600177e70 EFLAGS: 00000246 ORIG_RAX: ffffffffffffffc2 Aug 7 07:26:16 rx [1006006.580040] RAX: ffffffff8ed08b20 RBX: 0000000000000005 RCX: 0000000000000001 Aug 7 07:26:16 rx [1006006.587337] RDX: 00000000f48eeca2 RSI: 0000000000000082 RDI: 0000000000000082 Aug 7 07:26:16 rx [1006006.594635] RBP: ffffb42600177e90 R08: 0000000000000000 R09: 000000000000020f Aug 7 07:26:16 rx [1006006.601931] R10: 0000000000100000 R11: 0000000000000000 R12: 0000000000000005 Aug 7 07:26:16 rx [1006006.609229] R13: ffff93157deb5f00 R14: 0000000000000000 R15: 0000000000000000 Aug 7 07:26:16 rx [1006006.616530] ? __cpuidle_text_start+0x8/0x8 Aug 7 07:26:16 rx [1006006.620886] ? default_idle+0x20/0x140 Aug 7 07:26:16 rx [1006006.624804] arch_cpu_idle+0x15/0x20 Aug 7 07:26:16 rx [1006006.628545] default_idle_call+0x23/0x30 Aug 7 07:26:16 rx [1006006.632640] do_idle+0x1fb/0x270 Aug 7 07:26:16 rx [1006006.636035] cpu_startup_entry+0x20/0x30 Aug 7 07:26:16 rx [1006006.640126] start_secondary+0x178/0x1d0 Aug 7 07:26:16 rx [1006006.644218] secondary_startup_64+0xa4/0xb0 Aug 7 07:26:17 rx [1006006.648568] Modules linked in: vrf bridge stp llc vxlan ip6_udp_tunnel udp_tunnel nls_iso8859_1 nft_ct amd64_edac_mod edac_mce_amd kvm_amd kvm crct10dif_pclmul ghash_clmulni_intel aesni_intel crypto_simd cryptd glue_helper wmi_bmof ipmi_ssif input_leds joydev rndis_host cdc_ether usbnet ast mii drm_vram_helper ttm drm_kms_helper i2c_algo_bit fb_sys_fops syscopyarea sysfillrect sysimgblt ccp mac_hid ipmi_si ipmi_devintf ipmi_msghandler sch_fq_codel nf_tables_set nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink ramoops reed_solomon efi_pstore drm ip_tables x_tables autofs4 raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid0 multipath linear mlx5_ib ib_uverbs ib_core raid1 hid_generic mlx5_core pci_hyperv_intf crc32_pclmul usbhid ahci tls mlxfw bnxt_en hid libahci nvme i2c_piix4 nvme_core wmi [last unloaded: cpuid] Aug 7 07:26:17 rx [1006006.726180] CR2: 0000000000000020 Aug 7 07:26:17 rx [1006006.729718] ---[ end trace e0e2e37e4e612984 ]--- Prior to seeing the first crash and on other machines we also see the warning in tcp_send_loss_probe() where packets_out is non-zero, but both transmit and retrans queues are empty so we know the box is seeing some accounting issue in this area: Jul 26 09:15:27 kernel: ------------[ cut here ]------------ Jul 26 09:15:27 kernel: invalid inflight: 2 state 1 cwnd 68 mss 8988 Jul 26 09:15:27 kernel: WARNING: CPU: 16 PID: 0 at net/ipv4/tcp_output.c:2605 tcp_send_loss_probe+0x214/0x220 Jul 26 09:15:27 kernel: Modules linked in: vrf bridge stp llc vxlan ip6_udp_tunnel udp_tunnel nls_iso8859_1 nft_ct amd64_edac_mod edac_mce_amd kvm_amd kvm crct10dif_pclmul ghash_clmulni_intel aesni_intel crypto_simd cryptd glue_helper wmi_bmof ipmi_ssif joydev input_leds rndis_host cdc_ether usbnet mii ast drm_vram_helper ttm drm_kms_he> Jul 26 09:15:27 kernel: CPU: 16 PID: 0 Comm: swapper/16 Not tainted 5.4.0-174-generic #193-Ubuntu Jul 26 09:15:27 kernel: Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023 Jul 26 09:15:27 kernel: RIP: 0010:tcp_send_loss_probe+0x214/0x220 Jul 26 09:15:27 kernel: Code: 08 26 01 00 75 e2 41 0f b6 54 24 12 41 8b 8c 24 c0 06 00 00 45 89 f0 48 c7 c7 e0 b4 20 a7 c6 05 8d 08 26 01 01 e8 4a c0 0f 00 <0f> 0b eb ba 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 55 48 89 e5 41 Jul 26 09:15:27 kernel: RSP: 0018:ffffb7838088ce00 EFLAGS: 00010286 Jul 26 09:15:27 kernel: RAX: 0000000000000000 RBX: ffff9b84b5630430 RCX: 0000000000000006 Jul 26 09:15:27 kernel: RDX: 0000000000000007 RSI: 0000000000000096 RDI: ffff9b8e4621c8c0 Jul 26 09:15:27 kernel: RBP: ffffb7838088ce18 R08: 0000000000000927 R09: 0000000000000004 Jul 26 09:15:27 kernel: R10: 0000000000000000 R11: 0000000000000001 R12: ffff9b84b5630000 Jul 26 09:15:27 kernel: R13: 0000000000000000 R14: 000000000000231c R15: ffff9b84b5630430 Jul 26 09:15:27 kernel: FS: 0000000000000000(0000) GS:ffff9b8e46200000(0000) knlGS:0000000000000000 Jul 26 09:15:27 kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Jul 26 09:15:27 kernel: CR2: 000056238cec2380 CR3: 0000003e49ede005 CR4: 0000000000760ee0 Jul 26 09:15:27 kernel: PKRU: 55555554 Jul 26 09:15:27 kernel: Call Trace: Jul 26 09:15:27 kernel: Jul 26 09:15:27 kernel: ? show_regs.cold+0x1a/0x1f Jul 26 09:15:27 kernel: ? __warn+0x98/0xe0 Jul 26 09:15:27 kernel: ? tcp_send_loss_probe+0x214/0x220 Jul 26 09:15:27 kernel: ? report_bug+0xd1/0x100 Jul 26 09:15:27 kernel: ? do_error_trap+0x9b/0xc0 Jul 26 09:15:27 kernel: ? do_invalid_op+0x3c/0x50 Jul 26 09:15:27 kernel: ? tcp_send_loss_probe+0x214/0x220 Jul 26 09:15:27 kernel: ? invalid_op+0x1e/0x30 Jul 26 09:15:27 kernel: ? tcp_send_loss_probe+0x214/0x220 Jul 26 09:15:27 kernel: tcp_write_timer_handler+0x1b4/0x240 Jul 26 09:15:27 kernel: tcp_write_timer+0x9e/0xe0 Jul 26 09:15:27 kernel: ? tcp_write_timer_handler+0x240/0x240 Jul 26 09:15:27 kernel: call_timer_fn+0x32/0x130 Jul 26 09:15:27 kernel: __run_timers.part.0+0x180/0x280 Jul 26 09:15:27 kernel: ? timerqueue_add+0x9b/0xb0 Jul 26 09:15:27 kernel: ? enqueue_hrtimer+0x3d/0x90 Jul 26 09:15:27 kernel: ? do_error_trap+0x9b/0xc0 Jul 26 09:15:27 kernel: ? do_invalid_op+0x3c/0x50 Jul 26 09:15:27 kernel: ? tcp_send_loss_probe+0x214/0x220 Jul 26 09:15:27 kernel: ? invalid_op+0x1e/0x30 Jul 26 09:15:27 kernel: ? tcp_send_loss_probe+0x214/0x220 Jul 26 09:15:27 kernel: tcp_write_timer_handler+0x1b4/0x240 Jul 26 09:15:27 kernel: tcp_write_timer+0x9e/0xe0 Jul 26 09:15:27 kernel: ? tcp_write_timer_handler+0x240/0x240 Jul 26 09:15:27 kernel: call_timer_fn+0x32/0x130 Jul 26 09:15:27 kernel: __run_timers.part.0+0x180/0x280 Jul 26 09:15:27 kernel: ? timerqueue_add+0x9b/0xb0 Jul 26 09:15:27 kernel: ? enqueue_hrtimer+0x3d/0x90 Jul 26 09:15:27 kernel: ? recalibrate_cpu_khz+0x10/0x10 Jul 26 09:15:27 kernel: ? ktime_get+0x3e/0xa0 Jul 26 09:15:27 kernel: ? native_x2apic_icr_write+0x30/0x30 Jul 26 09:15:27 kernel: run_timer_softirq+0x2a/0x50 Jul 26 09:15:27 kernel: __do_softirq+0xd1/0x2c1 Jul 26 09:15:27 kernel: irq_exit+0xae/0xb0 Jul 26 09:15:27 kernel: smp_apic_timer_interrupt+0x7b/0x140 Jul 26 09:15:27 kernel: apic_timer_interrupt+0xf/0x20 Jul 26 09:15:27 kernel: Jul 26 09:15:27 kernel: RIP: 0010:native_safe_halt+0xe/0x10 Jul 26 09:15:27 kernel: Code: 7b ff ff ff eb bd 90 90 90 90 90 90 e9 07 00 00 00 0f 00 2d 36 2c 50 00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d 26 2c 50 00 fb f4 90 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 53 e8 dd 5e 61 ff 65 Jul 26 09:15:27 kernel: RSP: 0018:ffffb783801cfe70 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 Jul 26 09:15:27 kernel: RAX: ffffffffa6908b20 RBX: 0000000000000010 RCX: 0000000000000001 Jul 26 09:15:27 kernel: RDX: 000000006fc0c97e RSI: 0000000000000082 RDI: 0000000000000082 Jul 26 09:15:27 kernel: RBP: ffffb783801cfe90 R08: 0000000000000000 R09: 0000000000000225 Jul 26 09:15:27 kernel: R10: 0000000000100000 R11: 0000000000000000 R12: 0000000000000010 Jul 26 09:15:27 kernel: R13: ffff9b8e390b0000 R14: 0000000000000000 R15: 0000000000000000 Jul 26 09:15:27 kernel: ? __cpuidle_text_start+0x8/0x8 Jul 26 09:15:27 kernel: ? default_idle+0x20/0x140 Jul 26 09:15:27 kernel: arch_cpu_idle+0x15/0x20 Jul 26 09:15:27 kernel: default_idle_call+0x23/0x30 Jul 26 09:15:27 kernel: do_idle+0x1fb/0x270 Jul 26 09:15:27 kernel: cpu_startup_entry+0x20/0x30 Jul 26 09:15:27 kernel: start_secondary+0x178/0x1d0 Jul 26 09:15:27 kernel: secondary_startup_64+0xa4/0xb0 Jul 26 09:15:27 kernel: ---[ end trace e7ac822987e33be1 ]--- The NULL ptr deref is coming from tcp_rto_delta_us() attempting to pull an skb off the head of the retransmit queue and then dereferencing that skb to get the skb_mstamp_ns value via tcp_skb_timestamp_us(skb). The crash is the same one that was reported a # of years ago here: https://lore.kernel.org/netdev/86c0f836-9a7c-438b-d81a-839be45f1f58@gmail.com/T/#t and the kernel we're running has the fix which was added to resolve this issue. Unfortunately we've been unsuccessful so far in reproducing this problem in the lab and do not have the luxury of pushing out a new kernel to try and test if newer kernels resolve this issue at the moment. I realize this is a report against both an Ubuntu kernel and also an older 5.4 kernel. I have reported this issue to Ubuntu here: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2077657 however I feel like since this issue has possibly cropped up again it makes sense to build in some protection in this path (even on the latest kernel versions) since the code in question just blindly assumes there's a valid skb without testing if it's NULL b/f it looks at the timestamp. Given we have seen crashes in this path before and now this case it seems like we should protect ourselves for when packets_out accounting is incorrect. While we should fix that root cause we should also just make sure the skb is not NULL before dereferencing it. Also add a warn once here to capture some information if/when the problem case is hit again. Fixes: e1a10ef7fa87 ("tcp: introduce tcp_rto_delta_us() helper for xmit timer fix") Signed-off-by: Josh Hunt Acked-by: Neal Cardwell Signed-off-by: David S. Miller commit 268225a1de1a021bac4884e7d61fe047345cc9be Author: Tetsuo Handa Date: Mon Sep 23 19:00:21 2024 +0900 tomoyo: preparation step for building as a loadable LSM module In order to allow Makefile to generate tomoyo.ko as output, rename tomoyo.c to hooks.h and cut out LSM hook registration part that will be built into vmlinux from hooks.h to init.c . Also, update comments and relocate some variables. No behavior changes. Signed-off-by: Tetsuo Handa commit 106e4593ed1b9925ca732a74f490e4f52ea4e65c Author: Alexander Mikhalitsyn Date: Fri Sep 6 16:34:53 2024 +0200 fs/fuse: convert to use invalid_mnt_idmap We should convert fs/fuse code to use a newly introduced invalid_mnt_idmap instead of passing a NULL as idmap pointer. Suggested-by: Christian Brauner Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Signed-off-by: Miklos Szeredi commit 358800b702506c829c8ce21c125420d2abce2090 Author: Dmitry Torokhov Date: Mon Sep 23 02:07:13 2024 -0700 ARM: spitz: fix compile error when matrix keypad driver is enabled The correct macro name for creating a u32 array property entry is PROPERTY_ENTRY_U32_ARRAY(). Reported-by: kernel test robot Fixes: 1b05a7013751 ("ARM: spitz: Use software nodes/properties for the matrix keypad") Closes: https://lore.kernel.org/oe-kbuild-all/202409230614.BBJikfMj-lkp@intel.com/ Signed-off-by: Dmitry Torokhov commit ffcdc4c628e1a30489da10dd78358e89c823b341 Author: Alexander Mikhalitsyn Date: Fri Sep 6 16:34:52 2024 +0200 fs/mnt_idmapping: introduce an invalid_mnt_idmap Link: https://lore.kernel.org/linux-fsdevel/20240904-baugrube-erhoben-b3c1c49a2645@brauner/ Suggested-by: Christian Brauner Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Signed-off-by: Miklos Szeredi commit 0c6793823d2b0eb079f4c6f54d9cdf6b2beec9d8 Author: Alexander Mikhalitsyn Date: Fri Sep 6 16:34:51 2024 +0200 fs/fuse: introduce and use fuse_simple_idmap_request() helper Let's convert all existing callers properly. No functional changes intended. Suggested-by: Christian Brauner Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Signed-off-by: Miklos Szeredi commit 3988a60d3aaabd6cca64fbd8f7be65c0c878d87b Author: Alexander Mikhalitsyn Date: Thu Sep 12 16:58:24 2024 +0200 fs/fuse: fix null-ptr-deref when checking SB_I_NOIDMAP flag It was reported [1] that on linux-next/fs-next the following crash is reproducible: [ 42.659136] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 42.660501] fbcon: Taking over console [ 42.660930] KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f] [ 42.661752] CPU: 1 UID: 0 PID: 1589 Comm: dtprobed Not tainted 6.11.0-rc6+ #1 [ 42.662565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.6.6 08/22/2023 [ 42.663472] RIP: 0010:fuse_get_req+0x36b/0x990 [fuse] [ 42.664046] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 8c 05 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 6d 08 48 8d 7d 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 4d 05 00 00 f6 45 59 20 0f 85 06 03 00 00 48 83 [ 42.666945] RSP: 0018:ffffc900009a7730 EFLAGS: 00010212 [ 42.668837] RAX: dffffc0000000000 RBX: 1ffff92000134eed RCX: ffffffffc20dec9a [ 42.670122] RDX: 000000000000000b RSI: 0000000000000008 RDI: 0000000000000058 [ 42.672154] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1022110172 [ 42.672160] R10: ffff888110880b97 R11: ffffc900009a737a R12: 0000000000000001 [ 42.672179] R13: ffff888110880b60 R14: ffff888110880b90 R15: ffff888169973840 [ 42.672186] FS: 00007f28cd21d7c0(0000) GS:ffff8883ef280000(0000) knlGS:0000000000000000 [ 42.672191] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.[ CR02: ;32m00007f3237366208 CR3: 0 OK 79e001 CR4: 0000000000770ef0 [ 42.672214] PKRU: 55555554 [ 42.672218] Call Trace: [ 42.672223] [ 42.672226] ? die_addr+0x41/0xa0 [ 42.672238] ? exc_general_protection+0x14c/0x230 [ 42.672250] ? asm_exc_general_protection+0x26/0x30 [ 42.672260] ? fuse_get_req+0x77a/0x990 [fuse] [ 42.672281] ? fuse_get_req+0x36b/0x990 [fuse] [ 42.672300] ? kasan_unpoison+0x27/0x60 [ 42.672310] ? __pfx_fuse_get_req+0x10/0x10 [fuse] [ 42.672327] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.672333] ? alloc_pages_mpol_noprof+0x195/0x440 [ 42.672340] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.672345] ? kasan_unpoison+0x27/0x60 [ 42.672350] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.672355] ? __kasan_slab_alloc+0x4d/0x90 [ 42.672362] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.672367] ? __kmalloc_cache_noprof+0x134/0x350 [ 42.672376] fuse_simple_background+0xe7/0x180 [fuse] [ 42.672406] cuse_channel_open+0x540/0x710 [cuse] [ 42.672415] misc_open+0x2a7/0x3a0 [ 42.672424] chrdev_open+0x1ef/0x5f0 [ 42.672432] ? __pfx_chrdev_open+0x10/0x10 [ 42.672439] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.672443] ? security_file_open+0x3bb/0x720 [ 42.672451] do_dentry_open+0x43d/0x1200 [ 42.672459] ? __pfx_chrdev_open+0x10/0x10 [ 42.672468] vfs_open+0x79/0x340 [ 42.672475] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.672482] do_open+0x68c/0x11e0 [ 42.672489] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.672495] ? __pfx_do_open+0x10/0x10 [ 42.672501] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.672506] ? open_last_lookups+0x2a2/0x1370 [ 42.672515] path_openat+0x24f/0x640 [ 42.672522] ? __pfx_path_openat+0x10/0x10 [ 42.723972] ? stack_depot_save_flags+0x45/0x4b0 [ 42.724787] ? __fput+0x43c/0xa70 [ 42.725100] do_filp_open+0x1b3/0x3e0 [ 42.725710] ? poison_slab_object+0x10d/0x190 [ 42.726145] ? __kasan_slab_free+0x33/0x50 [ 42.726570] ? __pfx_do_filp_open+0x10/0x10 [ 42.726981] ? do_syscall_64+0x64/0x170 [ 42.727418] ? entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 42.728018] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.728505] ? do_raw_spin_lock+0x131/0x270 [ 42.728922] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 42.729494] ? do_raw_spin_unlock+0x14c/0x1f0 [ 42.729992] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.730889] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.732178] ? alloc_fd+0x176/0x5e0 [ 42.732585] do_sys_openat2+0x122/0x160 [ 42.732929] ? __pfx_do_sys_openat2+0x10/0x10 [ 42.733448] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.734013] ? __pfx_map_id_up+0x10/0x10 [ 42.734482] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.735529] ? __memcg_slab_free_hook+0x292/0x500 [ 42.736131] __x64_sys_openat+0x123/0x1e0 [ 42.736526] ? __pfx___x64_sys_openat+0x10/0x10 [ 42.737369] ? __x64_sys_close+0x7c/0xd0 [ 42.737717] ? srso_alias_return_thunk+0x5/0xfbef5 [ 42.738192] ? syscall_trace_enter+0x11e/0x1b0 [ 42.738739] do_syscall_64+0x64/0x170 [ 42.739113] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 42.739638] RIP: 0033:0x7f28cd13e87b [ 42.740038] Code: 25 00 00 41 00 3d 00 00 41 00 74 4b 64 8b 04 25 18 00 00 00 85 c0 75 67 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 91 00 00 00 48 8b 54 24 28 64 48 2b 14 25 [ 42.741943] RSP: 002b:00007ffc992546c0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 42.742951] RAX: ffffffffffffffda RBX: 00007f28cd44f1ee RCX: 00007f28cd13e87b [ 42.743660] RDX: 0000000000000002 RSI: 00007f28cd44f2fa RDI: 00000000ffffff9c [ 42.744518] RBP: 00007f28cd44f2fa R08: 0000000000000000 R09: 0000000000000001 [ 42.745211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 42.745920] R13: 00007f28cd44f2fa R14: 0000000000000000 R15: 0000000000000003 [ 42.746708] [ 42.746937] Modules linked in: cuse vfat fat ext4 mbcache jbd2 intel_rapl_msr intel_rapl_common kvm_amd ccp bochs drm_vram_helper kvm drm_ttm_helper ttm pcspkr i2c_piix4 drm_kms_helper i2c_smbus pvpanic_mmio pvpanic joydev sch_fq_codel drm fuse xfs nvme_tcp nvme_fabrics nvme_core sd_mod sg virtio_net net_failover virtio_scsi failover crct10dif_pclmul crc32_pclmul ata_generic pata_acpi ata_piix ghash_clmulni_intel virtio_pci sha512_ssse3 virtio_pci_legacy_dev sha256_ssse3 virtio_pci_modern_dev sha1_ssse3 libata serio_raw dm_multipath btrfs blake2b_generic xor zstd_compress raid6_pq sunrpc dm_mirror dm_region_hash dm_log dm_mod be2iscsi bnx2i cnic uio cxgb4i cxgb4 tls cxgb3i cxgb3 mdio libcxgbi libcxgb qla4xxx iscsi_boot_sysfs iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi qemu_fw_cfg aesni_intel crypto_simd cryptd [ 42.754333] ---[ end trace 0000000000000000 ]--- [ 42.756899] RIP: 0010:fuse_get_req+0x36b/0x990 [fuse] [ 42.757851] Code: 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 8c 05 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 6d 08 48 8d 7d 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 4d 05 00 00 f6 45 59 20 0f 85 06 03 00 00 48 83 [ 42.760334] RSP: 0018:ffffc900009a7730 EFLAGS: 00010212 [ 42.760940] RAX: dffffc0000000000 RBX: 1ffff92000134eed RCX: ffffffffc20dec9a [ 42.761697] RDX: 000000000000000b RSI: 0000000000000008 RDI: 0000000000000058 [ 42.763009] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed1022110172 [ 42.763920] R10: ffff888110880b97 R11: ffffc900009a737a R12: 0000000000000001 [ 42.764839] R13: ffff888110880b60 R14: ffff888110880b90 R15: ffff888169973840 [ 42.765716] FS: 00007f28cd21d7c0(0000) GS:ffff8883ef280000(0000) knlGS:0000000000000000 [ 42.766890] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 42.767828] CR2: 00007f3237366208 CR3: 000000012c79e001 CR4: 0000000000770ef0 [ 42.768730] PKRU: 55555554 [ 42.769022] Kernel panic - not syncing: Fatal exception [ 42.770758] Kernel Offset: 0x7200000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 42.771947] ---[ end Kernel panic - not syncing: Fatal exception ]--- It's obviously CUSE related callstack. For CUSE case, we don't have superblock and our checks for SB_I_NOIDMAP flag does not make any sense. Let's handle this case gracefully. Fixes: aa16880d9f13 ("fuse: add basic infrastructure to support idmappings") Link: https://lore.kernel.org/linux-next/87v7z586py.fsf@debian-BULLSEYE-live-builder-AMD64/ [1] Reported-by: Chandan Babu R Reported-by: syzbot+20c7e20cc8f5296dca12@syzkaller.appspotmail.com Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Signed-off-by: Miklos Szeredi commit 878716d40cdd4d7923f4e910fe4f6841ae7686f1 Author: Nikita Shubin Date: Sun Sep 22 09:52:12 2024 +0300 net: cirrus: use u8 for addr to calm down sparse ep93xx_eth.c:805:40: sparse: sparse: incorrect type in argument 2 (different address spaces) ep93xx_eth.c:805:40: sparse: expected unsigned char const [usertype] *addr ep93xx_eth.c:805:40: sparse: got void [noderef] __iomem * Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409212354.9CiUem7B-lkp@intel.com/ Fixes: 858555bb5598 ("net: cirrus: add DT support for Cirrus EP93xx") Signed-off-by: Nikita Shubin Acked-by: Alexander Sverdlin Signed-off-by: Arnd Bergmann commit b348b6d17fd1d5d89b86db602f02bea54a754bd8 Author: Leon Romanovsky Date: Sun Sep 22 21:09:48 2024 +0300 dma-mapping: report unlimited DMA addressing in IOMMU DMA path While using the IOMMU DMA path, the dma_addressing_limited() function checks ops struct which doesn't exist in the IOMMU case. This causes to the kernel panic while loading ADMGPU driver. BUG: kernel NULL pointer dereference, address: 00000000000000a0 PGD 0 P4D 0 Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 10 UID: 0 PID: 611 Comm: (udev-worker) Tainted: G T 6.11.0-clang-07154-g726e2d0cf2bb #257 Tainted: [T]=RANDSTRUCT Hardware name: ASUS System Product Name/ROG STRIX Z690-G GAMING WIFI, BIOS 3701 07/03/2024 RIP: 0010:dma_addressing_limited+0x53/0xa0 Code: 8b 93 48 02 00 00 48 39 d1 49 89 d6 4c 0f 42 f1 48 85 d2 4c 0f 44 f1 f6 83 fc 02 00 00 40 75 0a 48 89 df e8 1f 09 00 00 eb 24 <4c> 8b 1c 25 a0 00 00 00 4d 85 db 74 17 48 89 df 41 ba 8b 84 2d 55 RSP: 0018:ffffa8d2c12cf740 EFLAGS: 00010202 RAX: 00000000ffffffff RBX: ffff8948820220c8 RCX: 000000ffffffffff RDX: 0000000000000000 RSI: ffffffffc124dc6d RDI: ffff8948820220c8 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffff894883c3f040 R13: ffff89488dac8828 R14: 000000ffffffffff R15: ffff8948820220c8 FS: 00007fe6ba881900(0000) GS:ffff894fdf700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000000a0 CR3: 0000000111984000 CR4: 0000000000f50ef0 PKRU: 55555554 Call Trace: ? __die_body+0x65/0xc0 ? page_fault_oops+0x3b9/0x450 ? _prb_read_valid+0x212/0x390 ? do_user_addr_fault+0x608/0x680 ? exc_page_fault+0x4e/0xa0 ? asm_exc_page_fault+0x26/0x30 ? dma_addressing_limited+0x53/0xa0 amdgpu_ttm_init+0x56/0x4b0 [amdgpu] gmc_v8_0_sw_init+0x561/0x670 [amdgpu] amdgpu_device_ip_init+0xf5/0x570 [amdgpu] amdgpu_device_init+0x1a57/0x1ea0 [amdgpu] ? _raw_spin_unlock_irqrestore+0x1a/0x40 ? pci_conf1_read+0xc0/0xe0 ? pci_bus_read_config_word+0x52/0xa0 amdgpu_driver_load_kms+0x15/0xa0 [amdgpu] amdgpu_pci_probe+0x1b7/0x4c0 [amdgpu] pci_device_probe+0x1c5/0x260 really_probe+0x130/0x470 __driver_probe_device+0x77/0x150 driver_probe_device+0x19/0x120 __driver_attach+0xb1/0x1e0 ? __cfi___driver_attach+0x10/0x10 bus_for_each_dev+0x115/0x170 bus_add_driver+0x192/0x2d0 driver_register+0x5c/0xf0 ? __cfi_init_module+0x10/0x10 [amdgpu] do_one_initcall+0x128/0x380 ? idr_alloc_cyclic+0x139/0x1d0 ? security_kernfs_init_security+0x42/0x140 ? __kernfs_new_node+0x1be/0x250 ? sysvec_apic_timer_interrupt+0xb6/0xc0 ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 ? _raw_spin_unlock+0x11/0x30 ? free_unref_page+0x283/0x650 ? kfree+0x274/0x3a0 ? kfree+0x274/0x3a0 ? kfree+0x274/0x3a0 ? load_module+0xf2e/0x1130 ? __kmalloc_cache_noprof+0x12a/0x2e0 do_init_module+0x7d/0x240 __se_sys_init_module+0x19e/0x220 do_syscall_64+0x8a/0x150 ? __irq_exit_rcu+0x5e/0x100 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7fe6bb5980ee Code: 48 8b 0d 3d ed 12 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 af 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 0a ed 12 00 f7 d8 64 89 01 48 RSP: 002b:00007ffd462219d8 EFLAGS: 00000206 ORIG_RAX: 00000000000000af RAX: ffffffffffffffda RBX: 0000556caf0d0670 RCX: 00007fe6bb5980ee RDX: 0000556caf0d3080 RSI: 0000000002893458 RDI: 00007fe6b3400010 RBP: 0000000000020000 R08: 0000000000020010 R09: 0000000000000080 R10: c26073c166186e00 R11: 0000000000000206 R12: 0000556caf0d3430 R13: 0000556caf0d0670 R14: 0000556caf0d3080 R15: 0000556caf0ce700 Modules linked in: amdgpu(+) i915(+) drm_suballoc_helper intel_gtt drm_exec drm_buddy iTCO_wdt i2c_algo_bit intel_pmc_bxt drm_display_helper iTCO_vendor_support gpu_sched drm_ttm_helper cec ttm amdxcp video backlight pinctrl_alderlake nct6775 hwmon_vid nct6775_core coretemp CR2: 00000000000000a0 ---[ end trace 0000000000000000 ]--- RIP: 0010:dma_addressing_limited+0x53/0xa0 Code: 8b 93 48 02 00 00 48 39 d1 49 89 d6 4c 0f 42 f1 48 85 d2 4c 0f 44 f1 f6 83 fc 02 00 00 40 75 0a 48 89 df e8 1f 09 00 00 eb 24 <4c> 8b 1c 25 a0 00 00 00 4d 85 db 74 17 48 89 df 41 ba 8b 84 2d 55 RSP: 0018:ffffa8d2c12cf740 EFLAGS: 00010202 RAX: 00000000ffffffff RBX: ffff8948820220c8 RCX: 000000ffffffffff RDX: 0000000000000000 RSI: ffffffffc124dc6d RDI: ffff8948820220c8 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffff894883c3f040 R13: ffff89488dac8828 R14: 000000ffffffffff R15: ffff8948820220c8 FS: 00007fe6ba881900(0000) GS:ffff894fdf700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000000a0 CR3: 0000000111984000 CR4: 0000000000f50ef0 PKRU: 55555554 Fixes: b5c58b2fdc42 ("dma-mapping: direct calls for dma-iommu") Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219292 Reported-by: Niklāvs Koļesņikovs Signed-off-by: Leon Romanovsky Signed-off-by: Christoph Hellwig Tested-by: Niklāvs Koļesņikovs commit b8469721034300bbb6dec5b4bf32492c95e16a0c Author: Eyal Birger Date: Mon Sep 2 17:07:10 2024 -0700 xfrm: respect ip protocols rules criteria when performing dst lookups The series in the "fixes" tag added the ability to consider L4 attributes in routing rules. The dst lookup on the outer packet of encapsulated traffic in the xfrm code was not adapted to this change, thus routing behavior that relies on L4 information is not respected. Pass the ip protocol information when performing dst lookups. Fixes: a25724b05af0 ("Merge branch 'fib_rules-support-sport-dport-and-proto-match'") Signed-off-by: Eyal Birger Tested-by: Antony Antony Signed-off-by: Steffen Klassert commit e509996b16728e37d5a909a5c63c1bd64f23b306 Author: Eyal Birger Date: Mon Sep 2 17:07:09 2024 -0700 xfrm: extract dst lookup parameters into a struct Preparation for adding more fields to dst lookup functions without changing their signatures. Signed-off-by: Eyal Birger Signed-off-by: Steffen Klassert commit 2c70677dabb5e326467160e28915b804b925b53b Author: Dave Jiang Date: Tue Sep 3 17:11:52 2024 -0700 cxl: Add documentation to explain the shared link bandwidth calculation Create a kernel documentation to describe how the CXL shared upstream link bandwidth is calculated. Suggested-by: Dan Williams Reviewed-by: Alison Schofield Acked-by: Dan Williams Link: https://patch.msgid.link/20240904001316.1688225-4-dave.jiang@intel.com Signed-off-by: Dave Jiang commit a5ab0de0ebaa65e0a75ec0761a2745c66a9d17dc Author: Dave Jiang Date: Tue Sep 3 17:11:51 2024 -0700 cxl: Calculate region bandwidth of targets with shared upstream link The current bandwidth calculation aggregates all the targets. This simple method does not take into account where multiple targets sharing under a switch or a root port where the aggregated bandwidth can be greater than the upstream link of the switch. To accurately account for the shared upstream uplink cases, a new update function is introduced by walking from the leaves to the root of the hierarchy and clamp the bandwidth in the process as needed. This process is done when all the targets for a region are present but before the final values are send to the HMAT handling code cached access_coordinate targets. The original perf calculation path was kept to calculate the latency performance data that does not require the shared link consideration. The shared upstream link calculation is done as a second pass when all the endpoints have arrived. Testing is done via qemu with CXL hierarchy. run_qemu[1] is modified to support several CXL hierarchy layouts. The following layouts are tested: HB: Host Bridge RP: Root Port SW: Switch EP: End Point 2 HB 2 RP 2 EP: resulting bandwidth: 624 1 HB 2 RP 2 EP: resulting bandwidth: 624 2 HB 2 RP 2 SW 4 EP: resulting bandwidth: 624 Current testing, perf number from SRAT/HMAT is hacked into the kernel code. However with new QEMU support of Generic Target Port that's incoming, the perf data injection is no longer needed. [1]: https://github.com/pmem/run_qemu Suggested-by: Jonathan Cameron Link: https://lore.kernel.org/linux-cxl/20240501152503.00002e60@Huawei.com/ Reviewed-by: Jonathan Cameron Reviewed-by: Alison Schofield Acked-by: Dan Williams Link: https://patch.msgid.link/20240904001316.1688225-3-dave.jiang@intel.com Signed-off-by: Dave Jiang commit e91be3ed30d79ccd3e87e3970a26dea844c04919 Author: Dave Jiang Date: Tue Sep 3 17:11:50 2024 -0700 cxl: Preserve the CDAT access_coordinate for an endpoint Keep the access_coordinate from the CDAT tables for region perf calculations. The region perf calculation requires all participating endpoints to have arrived in order to determine if there are limitations of bandwidth data due to shared uplink. Reviewed-by: Jonathan Cameron Reviewed-by: Ira Weiny Acked-by: Dan Williams Link: https://patch.msgid.link/20240904001316.1688225-2-dave.jiang@intel.com Signed-off-by: Dave Jiang commit 5232544ea368b54b517dc504308c9e62bc6e87eb Author: Jingyi Wang Date: Wed Sep 11 15:25:15 2024 +0800 dt-bindings: mailbox: qcom-ipcc: Document QCS8300 IPCC Document the Inter-Processor Communication Controller on the Qualcomm QCS8300 Platform, which will be used to route interrupts across various subsystems found on the SoC. Signed-off-by: Jingyi Wang Reviewed-by: Krzysztof Kozlowski Signed-off-by: Jassi Brar commit 4116ab5e8a48db72ca366ac042641dea8cf92f67 Author: Nikunj Kela Date: Thu Sep 5 11:47:36 2024 -0700 dt-bindings: mailbox: qcom-ipcc: document the support for SA8255p Add a compatible for the ipcc on SA8255p platforms. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Nikunj Kela Signed-off-by: Jassi Brar commit c13c196d5e5c96356386a8099e14690e393a5148 Author: Fei Shao Date: Wed Sep 11 22:33:55 2024 +0800 dt-bindings: mailbox: mtk,adsp-mbox: Add compatible for MT8188 Add compatible string for ADSP mailbox on MT8188 SoC, which is compatible with the one used on MT8186. Acked-by: Rob Herring (Arm) Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Fei Shao Signed-off-by: Jassi Brar commit 263dbd3cc88da7ea7413494eea66418b4f1b2e6d Author: Rob Herring (Arm) Date: Wed Jul 31 14:16:08 2024 -0600 mailbox: Use of_property_match_string() instead of open-coding Use of_property_match_string() instead of open-coding the search. With this, of_get_property() can be removed as there is no need to check for "mbox-names" presence first. This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Signed-off-by: Jassi Brar commit dc09f007caed3b2f6a3b6bd7e13777557ae22bfd Author: Stefan Wahren Date: Wed Aug 21 23:40:44 2024 +0200 mailbox: bcm2835: Fix timeout during suspend mode During noirq suspend phase the Raspberry Pi power driver suffer of firmware property timeouts. The reason is that the IRQ of the underlying BCM2835 mailbox is disabled and rpi_firmware_property_list() will always run into a timeout [1]. Since the VideoCore side isn't consider as a wakeup source, set the IRQF_NO_SUSPEND flag for the mailbox IRQ in order to keep it enabled during suspend-resume cycle. [1] PM: late suspend of devices complete after 1.754 msecs WARNING: CPU: 0 PID: 438 at drivers/firmware/raspberrypi.c:128 rpi_firmware_property_list+0x204/0x22c Firmware transaction 0x00028001 timeout Modules linked in: CPU: 0 PID: 438 Comm: bash Tainted: G C 6.9.3-dirty #17 Hardware name: BCM2835 Call trace: unwind_backtrace from show_stack+0x18/0x1c show_stack from dump_stack_lvl+0x34/0x44 dump_stack_lvl from __warn+0x88/0xec __warn from warn_slowpath_fmt+0x7c/0xb0 warn_slowpath_fmt from rpi_firmware_property_list+0x204/0x22c rpi_firmware_property_list from rpi_firmware_property+0x68/0x8c rpi_firmware_property from rpi_firmware_set_power+0x54/0xc0 rpi_firmware_set_power from _genpd_power_off+0xe4/0x148 _genpd_power_off from genpd_sync_power_off+0x7c/0x11c genpd_sync_power_off from genpd_finish_suspend+0xcc/0xe0 genpd_finish_suspend from dpm_run_callback+0x78/0xd0 dpm_run_callback from device_suspend_noirq+0xc0/0x238 device_suspend_noirq from dpm_suspend_noirq+0xb0/0x168 dpm_suspend_noirq from suspend_devices_and_enter+0x1b8/0x5ac suspend_devices_and_enter from pm_suspend+0x254/0x2e4 pm_suspend from state_store+0xa8/0xd4 state_store from kernfs_fop_write_iter+0x154/0x1a0 kernfs_fop_write_iter from vfs_write+0x12c/0x184 vfs_write from ksys_write+0x78/0xc0 ksys_write from ret_fast_syscall+0x0/0x54 Exception stack(0xcc93dfa8 to 0xcc93dff0) [...] PM: noirq suspend of devices complete after 3095.584 msecs Link: https://github.com/raspberrypi/firmware/issues/1894 Fixes: 0bae6af6d704 ("mailbox: Enable BCM2835 mailbox support") Signed-off-by: Stefan Wahren Reviewed-by: Florian Fainelli Signed-off-by: Jassi Brar commit 0d97651b7577148242571b8692aae4a8b9ee0979 Author: Huan Yang Date: Thu Aug 22 09:59:55 2024 +0800 mailbox: sprd: Use devm_clk_get_enabled() helpers The devm_clk_get_enabled() helpers: - call devm_clk_get() - call clk_prepare_enable() and register what is needed in order to call clk_disable_unprepare() when needed, as a managed resource. This simplifies the code and avoids the calls to clk_disable_unprepare(). Due to clk only used in probe, not in suspend\resume, this pointer can remove from sprd_mbox_priv to save a little memory. Signed-off-by: Huan Yang Reviewed-by: Christophe JAILLET Reviewed-by: Baolin Wang Signed-off-by: Jassi Brar commit e92d87c9c5d769e4cb1dd7c90faa38dddd7e52e3 Author: Liao Chen Date: Wed Aug 14 02:51:47 2024 +0000 mailbox: rockchip: fix a typo in module autoloading MODULE_DEVICE_TABLE(of, rockchip_mbox_of_match) could let the module properly autoloaded based on the alias from of_device_id table. It should be 'rockchip_mbox_of_match' instead of 'rockchp_mbox_of_match', just fix it. Fixes: f70ed3b5dc8b ("mailbox: rockchip: Add Rockchip mailbox driver") Signed-off-by: Liao Chen Reviewed-by: Heiko Stuebner Signed-off-by: Jassi Brar commit 39d7d6177f0cc25a567a4b3d2b2323489d4615f7 Author: Peng Fan Date: Mon Jul 29 15:47:09 2024 +0800 mailbox: imx: use device name in interrupt name There are several MUs for different usage, SCMI MU, ELE MU, RemotePROC MU. Using "imx_mu_chan" in interrupt name would be hard to identify which MU triggers interrupt, so use device name to make it easy to know which MU triggers which interrupt. Signed-off-by: Peng Fan Signed-off-by: Jassi Brar commit 0e4ed48292c55eeb0afab22f8930b556f17eaad2 Author: Geert Uytterhoeven Date: Thu Aug 29 15:58:53 2024 +0200 mailbox: ARM_MHU_V3 should depend on ARM64 The ARM MHUv3 controller is only present on ARM64 SoCs. Hence add a dependency on ARM64, to prevent asking the user about this driver when configuring a kernel for a different architecture than ARM64. Fixes: ca1a8680b134b5e6 ("mailbox: arm_mhuv3: Add driver") Signed-off-by: Geert Uytterhoeven Acked-by: Sudeep Holla Signed-off-by: Jassi Brar commit 886d518ca9a6b433736f74723813d8917e407f40 Author: Kees Cook Date: Sun Sep 22 16:14:12 2024 -0700 MAINTAINERS: Add unsafe_memcpy() to the FORTIFY review list Usually it's possible to avoid adding an unsafe_memcpy() uses, so give the FORTIFY reviewers a chance to help avoid lying to the compiler about the destination buffer's type/size/etc. Signed-off-by: Kees Cook --- commit 5363c306787c88d41a41493f81b4308643696f6e Author: Namhyung Kim Date: Fri Apr 26 14:51:38 2024 -0700 perf symbol: Set binary_type of dso when loading For the kernel dso, it sets the binary type of dso when loading the symbol table. But it seems not to do that for user DSOs. Actually it sets the symtab type only. It's not clear why we want to maintain the two separately but it uses the binary type info before getting the disassembly. Let's use the symtab type as binary type too if it's not set. I think it's ok to set the binary type when it founds a symsrc whether or not it has actual symbols. Signed-off-by: Namhyung Kim Tested-by: Alexander Monakov Link: https://lore.kernel.org/r/20240426215139.1271039-1-namhyung@kernel.org Cc: Ian Rogers Cc: Peter Zijlstra Cc: Adrian Hunter Cc: Arnaldo Carvalho de Melo Cc: Jiri Olsa Cc: Ingo Molnar Cc: Kan Liang Cc: LKML Cc: Signed-off-by: Arnaldo Carvalho de Melo commit 79efebae4afc2221fa814c3cae001bede66ab259 Author: Pedro Falcato Date: Wed Aug 7 10:47:25 2024 +0100 9p: Avoid creating multiple slab caches with the same name In the spirit of [1], avoid creating multiple slab caches with the same name. Instead, add the dev_name into the mix. [1]: https://lore.kernel.org/all/20240807090746.2146479-1-pedro.falcato@gmail.com/ Signed-off-by: Pedro Falcato Reported-by: syzbot+3c5d43e97993e1fa612b@syzkaller.appspotmail.com Message-ID: <20240807094725.2193423-1-pedro.falcato@gmail.com> Signed-off-by: Dominique Martinet commit 1325e4a91a405f88f1b18626904d37860a4f9069 Author: David Howells Date: Thu Jun 20 18:31:24 2024 +0100 9p: Enable multipage folios Enable support for multipage folios on the 9P filesystem. This is all handled through netfslib and is already enabled on AFS and CIFS also. Signed-off-by: David Howells cc: Eric Van Hensbergen cc: Latchesar Ionkov cc: Dominique Martinet cc: Christian Schoenebeck cc: Jeff Layton cc: Matthew Wilcox cc: v9fs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org cc: linux-mm@kvack.org Message-ID: <20240620173137.610345-7-dhowells@redhat.com> Signed-off-by: Dominique Martinet commit 38d222b3163f7b7d737e5d999ffc890a12870e36 Author: Dominique Martinet Date: Thu May 23 20:31:38 2024 +0900 9p: v9fs_fid_find: also lookup by inode if not found dentry It's possible for v9fs_fid_find "find by dentry" branch to not turn up anything despite having an entry set (because e.g. uid doesn't match), in which case the calling code will generally make an extra lookup to the server. In this case we might have had better luck looking by inode, so fall back to look up by inode if we have one and the lookup by dentry failed. Message-Id: <20240523210024.1214386-1-asmadeus@codewreck.org> Reviewed-by: Christian Schoenebeck Signed-off-by: Dominique Martinet commit d0dd066a0fa26d55c19ace9e89dedd9504c5bcba Author: Christoph Lameter (Ampere) Date: Wed Jun 12 09:49:56 2024 -0700 seqcount: replace smp_rmb() in read_seqcount() with load acquire Many architectures support load acquire which can replace a memory barrier and save some cycles. A typical sequence do { seq = read_seqcount_begin(&s); } while (read_seqcount_retry(&s, seq); requires 13 cycles on an N1 Neoverse arm64 core (Ampere Altra, to be specific) for an empty loop. Two read memory barriers are needed. One for each of the seqcount_* functions. We can replace the first read barrier with a load acquire of the seqcount which saves us one barrier. On the Altra doing so reduces the cycle count from 13 to 8. According to ARM, this is a general improvement for the ARM64 architecture and not specific to a certain processor. See https://developer.arm.com/documentation/102336/0100/Load-Acquire-and-Store-Release-instructions "Weaker ordering requirements that are imposed by Load-Acquire and Store-Release instructions allow for micro-architectural optimizations, which could reduce some of the performance impacts that are otherwise imposed by an explicit memory barrier. If the ordering requirement is satisfied using either a Load-Acquire or Store-Release, then it would be preferable to use these instructions instead of a DMB" [ NOTE! This is my original minimal patch that unconditionally switches over to using smp_load_acquire(), instead of the much more involved and subtle patch that Christoph Lameter wrote that made it conditional. But Christoph gets authorship credit because I had initially thought that we needed the more complex model, and Christoph ran with it it and did the work. Only after looking at code generation for all the relevant architectures, did I come to the conclusion that nobody actually really needs the old "smp_rmb()" model. Even architectures without load-acquire support generally do as well or better with smp_load_acquire(). So credit to Christoph, but if this then causes issues on other architectures, put the blame solidly on me. Also note as part of the ruthless simplification, this gets rid of the overly subtle optimization where some code uses a non-barrier version of the sequence count (see the __read_seqcount_begin() users in fs/namei.c). They then play games with their own barriers and/or with nested sequence counts. Those optimizations are literally meaningless on x86, and questionable elsewhere. If somebody can show that they matter, we need to re-do them more cleanly than "use an internal helper". - Linus ] Signed-off-by: Christoph Lameter (Ampere) Link: https://lore.kernel.org/all/20240912-seq_optimize-v3-1-8ee25e04dffa@gentwo.org/ Signed-off-by: Linus Torvalds commit 7ebf44c910690a7097442d4dd68f12315569b2f4 Author: Lukas Bulwahn Date: Tue Sep 17 13:15:03 2024 +0200 MAINTAINERS: adjust file entry of the oa_tc6 header Commit aa58bec064ab ("net: ethernet: oa_tc6: implement register write operation") adds two new file entries to OPEN ALLIANCE 10BASE-T1S MACPHY SERIAL INTERFACE FRAMEWORK. One of the two entries mistakenly refers to drivers/include/linux/oa_tc6.h, whereas the intent is clearly to refer to include/linux/oa_tc6.h. Hence, ./scripts/get_maintainer.pl --self-test=patterns complains about a broken reference. Adjust the file entry to the intended location. Signed-off-by: Lukas Bulwahn Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit 151ac45348afc5b56baa584c7cd4876addf461ff Author: Aakash Menon Date: Mon Sep 16 22:18:29 2024 -0700 net: sparx5: Fix invalid timestamps Bit 270-271 are occasionally unexpectedly set by the hardware. This issue was observed with 10G SFPs causing huge time errors (> 30ms) in PTP. Only 30 bits are needed for the nanosecond part of the timestamp, clear 2 most significant bits before extracting timestamp from the internal frame header. Fixes: 70dfe25cd866 ("net: sparx5: Update extraction/injection for timestamping") Signed-off-by: Aakash Menon Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller commit 93c21077bb9ba08807c459982d440dbbee4c7af3 Author: Thomas Weißschuh Date: Mon Sep 16 20:57:13 2024 +0200 net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL The rpl sr tunnel code contains calls to dst_cache_*() which are only present when the dst cache is built. Select DST_CACHE to build the dst cache, similar to other kconfig options in the same file. Compiling the rpl sr tunnel without DST_CACHE will lead to linker errors. Fixes: a7a29f9c361f ("net: ipv6: add rpl sr tunnel") Signed-off-by: Thomas Weißschuh Reviewed-by: Simon Horman Tested-by: Simon Horman # build-tested Signed-off-by: David S. Miller commit de5cb0dcb74c294ec527eddfe5094acfdb21ff21 Merge: af9c191ac2a0c8 533ab223aa1a03 Author: Linus Torvalds Date: Sun Sep 22 11:19:35 2024 -0700 Merge branch 'address-masking' Merge user access fast validation using address masking. This allows architectures to optionally use a data dependent address masking model instead of a conditional branch for validating user accesses. That avoids the Spectre-v1 speculation barriers. Right now only x86-64 takes advantage of this, and not all architectures will be able to do it. It requires a guard region between the user and kernel address spaces (so that you can't overflow from one to the other), and an easy way to generate a guaranteed-to-fault address for invalid user pointers. Also note that this currently assumes that there is no difference between user read and write accesses. If extended to architectures like powerpc, we'll also need to separate out the user read-vs-write cases. * address-masking: x86: make the masked_user_access_begin() macro use its argument only once x86: do the user address masking outside the user access area x86: support user address masking instead of non-speculative conditional commit 533ab223aa1a036cfe5d6747fa3be92069f80988 Author: Linus Torvalds Date: Sun Sep 22 10:55:42 2024 -0700 x86: make the masked_user_access_begin() macro use its argument only once This doesn't actually matter for any of the current users, but before merging it mainline, make sure we don't have any surprising semantics. We don't actually want to use an inline function here, because we want to allow - but not require - const pointer arguments, and return them as such. But we already had a local auto-type variable, so let's just use it to avoid any possible double evaluation. Signed-off-by: Linus Torvalds commit 3d09ff45469eb2912ce2227c47efac297230d6d6 Author: Christoph Hellwig Date: Sun Sep 22 09:21:10 2024 +0200 iommu/dma: remove most stubs in iommu-dma.h The direct calls from mapping.c all guarded by use_dma_iommu(), so don't bother to provide stubs, but instead just expose the prototypes unconditionally. Signed-off-by: Christoph Hellwig Reviewed-by: Leon Romanovsky commit bb0e391975f8da826305cbaa3e3d34b03c47e2a6 Author: Christoph Hellwig Date: Sun Sep 22 09:10:17 2024 +0200 dma-mapping: fix vmap and mmap of noncontiougs allocations Commit b5c58b2fdc42 ("dma-mapping: direct calls for dma-iommu") switched to use direct calls to dma-iommu, but missed the dma_vmap_noncontiguous, dma_vunmap_noncontiguous and dma_mmap_noncontiguous behavior keyed off the presence of the alloc_noncontiguous method. Fix this by removing the now unused alloc_noncontiguous and free_noncontiguous methods and moving the vmapping and mmaping of the noncontiguous allocations into the iommu code, as it is the only provider of actually noncontiguous allocations. Fixes: b5c58b2fdc42 ("dma-mapping: direct calls for dma-iommu") Reported-by: Xi Ruoyao Signed-off-by: Christoph Hellwig Reviewed-by: Leon Romanovsky Tested-by: Xi Ruoyao commit af9c191ac2a0c857f59d75b6812fef078ab1cefe Merge: dd609b8a3a1fc0 75d7ff9aa0ae1a Author: Linus Torvalds Date: Sun Sep 22 09:47:16 2024 -0700 Merge tag 'trace-ring-buffer-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace Pull ring-buffer updates from Steven Rostedt: - tracing/ring-buffer: persistent buffer across reboots This allows for the tracing instance ring buffer to stay persistent across reboots. The way this is done is by adding to the kernel command line: trace_instance=boot_map@0x285400000:12M This will reserve 12 megabytes at the address 0x285400000, and then map the tracing instance "boot_map" ring buffer to that memory. This will appear as a normal instance in the tracefs system: /sys/kernel/tracing/instances/boot_map A user could enable tracing in that instance, and on reboot or kernel crash, if the memory is not wiped by the firmware, it will recreate the trace in that instance. For example, if one was debugging a shutdown of a kernel reboot: # cd /sys/kernel/tracing # echo function > instances/boot_map/current_tracer # reboot [..] # cd /sys/kernel/tracing # tail instances/boot_map/trace swapper/0-1 [000] d..1. 164.549800: restore_boot_irq_mode <-native_machine_shutdown swapper/0-1 [000] d..1. 164.549801: native_restore_boot_irq_mode <-native_machine_shutdown swapper/0-1 [000] d..1. 164.549802: disconnect_bsp_APIC <-native_machine_shutdown swapper/0-1 [000] d..1. 164.549811: hpet_disable <-native_machine_shutdown swapper/0-1 [000] d..1. 164.549812: iommu_shutdown_noop <-native_machine_restart swapper/0-1 [000] d..1. 164.549813: native_machine_emergency_restart <-__do_sys_reboot swapper/0-1 [000] d..1. 164.549813: tboot_shutdown <-native_machine_emergency_restart swapper/0-1 [000] d..1. 164.549820: acpi_reboot <-native_machine_emergency_restart swapper/0-1 [000] d..1. 164.549821: acpi_reset <-acpi_reboot swapper/0-1 [000] d..1. 164.549822: acpi_os_write_port <-acpi_reboot On reboot, the buffer is examined to make sure it is valid. The validation check even steps through every event to make sure the meta data of the event is correct. If any test fails, it will simply reset the buffer, and the buffer will be empty on boot. - Allow the tracing persistent boot buffer to use the "reserve_mem" option Instead of having the admin find a physical address to store the persistent buffer, which can be very tedious if they have to administrate several different machines, allow them to use the "reserve_mem" option that will find a location for them. It is not as reliable because of KASLR, as the loading of the kernel in different locations can cause the memory allocated to be inconsistent. Booting with "nokaslr" can make reserve_mem more reliable. - Have function graph tracer handle offsets from a previous boot. The ring buffer output from a previous boot may have different addresses due to kaslr. Have the function graph tracer handle these by using the delta from the previous boot to the new boot address space. - Only reset the saved meta offset when the buffer is started or reset In the persistent memory meta data, it holds the previous address space information, so that it can calculate the delta to have function tracing work. But this gets updated after being read to hold the new address space. But if the buffer isn't used for that boot, on reboot, the delta is now calculated from the previous boot and not the boot that holds the data in the ring buffer. This causes the functions not to be shown. Do not save the address space information of the current kernel until it is being recorded. - Add a magic variable to test the valid meta data Add a magic variable in the meta data that can also be used for validation. The validator of the previous buffer doesn't need this magic data, but it can be used if the meta data is changed by a new kernel, which may have the same format that passes the validator but is used differently. This magic number can also be used as a "versioning" of the meta data. - Align user space mapped ring buffer sub buffers to improve TLB entries Linus mentioned that the mapped ring buffer sub buffers were misaligned between the meta page and the sub-buffers, so that if the sub-buffers were bigger than PAGE_SIZE, it wouldn't allow the TLB to use bigger entries. - Add new kernel command line "traceoff" to disable tracing on boot for instances If tracing is enabled for a boot instance, there needs a way to be able to disable it on boot so that new events do not get entered into the ring buffer and be mixed with events from a previous boot, as that can be confusing. - Allow trace_printk() to go to other instances Currently, trace_printk() can only go to the top level instance. When debugging with a persistent buffer, it is really useful to be able to add trace_printk() to go to that buffer, so that you have access to them after a crash. - Do not use "bin_printk()" for traces to a boot instance The bin_printk() saves only a pointer to the printk format in the ring buffer, as the reader of the buffer can still have access to it. But this is not the case if the buffer is from a previous boot. If the trace_printk() is going to a "persistent" buffer, it will use the slower version that writes the printk format into the buffer. - Add command line option to allow trace_printk() to go to an instance Allow the kernel command line to define which instance the trace_printk() goes to, instead of forcing the admin to set it for every boot via the tracefs options. - Start a document that explains how to use tracefs to debug the kernel - Add some more kernel selftests to test user mapped ring buffer * tag 'trace-ring-buffer-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace: (28 commits) selftests/ring-buffer: Handle meta-page bigger than the system selftests/ring-buffer: Verify the entire meta-page padding tracing/Documentation: Start a document on how to debug with tracing tracing: Add option to set an instance to be the trace_printk destination tracing: Have trace_printk not use binary prints if boot buffer tracing: Allow trace_printk() to go to other instance buffers tracing: Add "traceoff" flag to boot time tracing instances ring-buffer: Align meta-page to sub-buffers for improved TLB usage ring-buffer: Add magic and struct size to boot up meta data ring-buffer: Don't reset persistent ring-buffer meta saved addresses tracing/fgraph: Have fgraph handle previous boot function addresses tracing: Allow boot instances to use reserve_mem boot memory tracing: Fix ifdef of snapshots to not prevent last_boot_info file ring-buffer: Use vma_pages() helper function tracing: Fix NULL vs IS_ERR() check in enable_instances() tracing: Add last boot delta offset for stack traces tracing: Update function tracing output for previous boot buffer tracing: Handle old buffer mappings for event strings and functions tracing/ring-buffer: Add last_boot_info file to boot instance ring-buffer: Save text and data locations in mapped meta data ... commit dd609b8a3a1fc087df1f136686df77ad42f79a7d Merge: 891e8abed53242 2351e8c65404aa Author: Linus Torvalds Date: Sun Sep 22 09:36:15 2024 -0700 Merge tag 'ktest-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-ktest Pull ktest updates from Steven Rostedt: - Add notification of build warnings for all tests Currently, the build will only fail on warnings if the ktest config file states that it should fail or if the compile is done with '-Werror'. This has allowed warnings to sneak in if it doesn't fail. Add a notification at the end of the test that will state that warnings were found in the build so that the developer will be aware of it. - Fix the grub2 parser to not return the wrong kernel index ktest.pl can read the grub.cfg file to know what kernel to boot to via grub-reboot. This requires knowing the index that the kernel is referenced by in the grub.cfg file. Some distros have logic to determine the menuentry that can cause the ktest.pl to come up with the wrong index and boot the wrong kernel. * tag 'ktest-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-ktest: ktest.pl: Avoid false positives with grub2 skip regex ktest.pl: Always warn on build warnings commit 891e8abed532423d3b918b0c445dc8919bc445b5 Merge: 673a5009cf2f02 1de5b5dcb8353f Author: Linus Torvalds Date: Sun Sep 22 09:11:14 2024 -0700 Merge tag 'perf-tools-for-v6.12-1-2024-09-19' of git://git.kernel.org/pub/scm/linux/kernel/git/perf/perf-tools Pull perf tools updates from Arnaldo Carvalho de Melo: - Use BPF + BTF to collect and pretty print syscall and tracepoint arguments in 'perf trace', done as an GSoC activity - Data-type profiling improvements: - Cache debuginfo to speed up data type resolution - Add the 'typecln' sort order, to show which cacheline in a target is hot or cold. The following shows members in the cfs_rq's first cache line: $ perf report -s type,typecln,typeoff -H ... - 2.67% struct cfs_rq + 1.23% struct cfs_rq: cache-line 2 + 0.57% struct cfs_rq: cache-line 4 + 0.46% struct cfs_rq: cache-line 6 - 0.41% struct cfs_rq: cache-line 0 0.39% struct cfs_rq +0x14 (h_nr_running) 0.02% struct cfs_rq +0x38 (tasks_timeline.rb_leftmost) - When a typedef resolves to a unnamed struct, use the typedef name - When a struct has just one basic type field (int, etc), resolve the type sort order to the name of the struct, not the type of the field - Support type folding/unfolding in the data-type annotation TUI - Fix bitfields offsets and sizes - Initial support for PowerPC, using libcapstone and the usual objdump disassembly parsing routines - Add support for disassembling and addr2line using the LLVM libraries, speeding up those operations - Support --addr2line option in 'perf script' as with other tools - Intel branch counters (LBR event logging) support, only available in recent Intel processors, for instance, the new "brcntr" field can be asked from 'perf script' to print the information collected from this feature: $ perf script -F +brstackinsn,+brcntr # Branch counter abbr list: # branch-instructions:ppp = A # branch-misses = B # '-' No event occurs # '+' Event occurrences may be lost due to branch counter saturated tchain_edit 332203 3366329.405674: 53030 branch-instructions:ppp: 401781 f3+0x2c (home/sdp/test/tchain_edit) f3+31: 0000000000401774 insn: eb 04 br_cntr: AA # PRED 5 cycles [5] 000000000040177a insn: 81 7d fc 0f 27 00 00 0000000000401781 insn: 7e e3 br_cntr: A # PRED 1 cycles [6] 2.00 IPC 0000000000401766 insn: 8b 45 fc 0000000000401769 insn: 83 e0 01 000000000040176c insn: 85 c0 000000000040176e insn: 74 06 br_cntr: A # PRED 1 cycles [7] 4.00 IPC 0000000000401776 insn: 83 45 fc 01 000000000040177a insn: 81 7d fc 0f 27 00 00 0000000000401781 insn: 7e e3 br_cntr: A # PRED 7 cycles [14] 0.43 IPC - Support Timed PEBS (Precise Event-Based Sampling), a recent hardware feature in Intel processors - Add 'perf ftrace profile' subcommand, using ftrace's function-graph tracer so that users can see the total, average, max execution time as well as the number of invocations easily, for instance: $ sudo perf ftrace profile -G __x64_sys_perf_event_open -- \ perf stat -e cycles -C1 true 2> /dev/null | head # Total (us) Avg (us) Max (us) Count Function 65.611 65.611 65.611 1 __x64_sys_perf_event_open 30.527 30.527 30.527 1 anon_inode_getfile 30.260 30.260 30.260 1 __anon_inode_getfile 29.700 29.700 29.700 1 alloc_file_pseudo 17.578 17.578 17.578 1 d_alloc_pseudo 17.382 17.382 17.382 1 __d_alloc 16.738 16.738 16.738 1 kmem_cache_alloc_lru 15.686 15.686 15.686 1 perf_event_alloc 14.012 7.006 11.264 2 obj_cgroup_charge - 'perf sched timehist' improvements, including the addition of priority showing/filtering command line options - Varios improvements to the 'perf probe', including 'perf test' regression testings - Introduce the 'perf check', initially to check if some feature is in place, using it in 'perf test' - Various fixes for 32-bit systems - Address more leak sanitizer failures - Fix memory leaks (LBR, disasm lock ops, etc) - More reference counting fixes (branch_info, etc) - Constify 'struct perf_tool' parameters to improve code generation and reduce the chances of having its internals changed, which isn't expected - More constifications in various other places - Add more build tests, including for JEVENTS - Add more 'perf test' entries ('perf record LBR', pipe/inject, --setup-filter, 'perf ftrace', 'cgroup sampling', etc) - Inject build ids for all entries in a call chain in 'perf inject', not just for the main sample - Improve the BPF based sample filter, allowing root to setup filters in bpffs that then can be used by non-root users - Allow filtering by cgroups with the BPF based sample filter - Allow a more compact way for 'perf mem report' using the -T/--type-profile and also provide a --sort option similar to the one in 'perf report', 'perf top', to setup the sort order manually - Fix --group behavior in 'perf annotate' when leader has no samples, where it was not showing anything even when other events in the group had samples - Fix spinlock and rwlock accounting in 'perf lock contention' - Fix libsubcmd fixdep Makefile dependencies - Improve 'perf ftrace' error message when ftrace isn't available - Update various Intel JSON vendor event files - ARM64 CoreSight hardware tracing infrastructure improvements, mostly not visible to users - Update power10 JSON events * tag 'perf-tools-for-v6.12-1-2024-09-19' of git://git.kernel.org/pub/scm/linux/kernel/git/perf/perf-tools: (310 commits) perf trace: Mark the 'head' arg in the set_robust_list syscall as coming from user space perf trace: Mark the 'rseq' arg in the rseq syscall as coming from user space perf env: Find correct branch counter info on hybrid perf evlist: Print hint for group tools: Drop nonsensical -O6 perf pmu: To info add event_type_desc perf evsel: Add accessor for tool_event perf pmus: Fake PMU clean up perf list: Avoid potential out of bounds memory read perf help: Fix a typo ("bellow") perf ftrace: Detect whether ftrace is enabled on system perf test shell probe_vfs_getname: Remove extraneous '=' from probe line number regex perf build: Require at least clang 16.0.6 to build BPF skeletons perf trace: If a syscall arg is marked as 'const', assume it is coming _from_ userspace perf parse-events: Remove duplicated include in parse-events.c perf callchain: Allow symbols to be optional when resolving a callchain perf inject: Lazy build-id mmap2 event insertion perf inject: Add new mmap2-buildid-all option perf inject: Fix build ID injection perf annotate-data: Add pr_debug_scope() ... commit 673a5009cf2f020dac440cd79e70c4c8b8e20d08 Author: Kan Liang Date: Thu Sep 12 07:50:25 2024 -0700 perf: Fix topology_sibling_cpumask check warning on ARM The below warning is triggered when building with arm multi_v7_defconfig. kernel/events/core.c: In function 'perf_event_setup_cpumask': kernel/events/core.c:14012:13: warning: the comparison will always evaluate as 'true' for the address of 'thread_sibling' will never be NULL [-Waddress] 14012 | if (!topology_sibling_cpumask(cpu)) { The perf_event_init_cpu() may be invoked at the early boot stage, while the topology_*_cpumask hasn't been initialized yet. The check is to specially handle the case, and initialize the perf_online__masks on the boot CPU. X86 uses a per-cpu cpumask pointer, which could be NULL at the early boot stage. However, ARM uses a global variable, which never be NULL. Use perf_online_mask as an indicator instead. Only initialize the perf_online__masks when perf_online_mask is empty. Fix a typo as well. Fixes: 4ba4f1afb6a9 ("perf: Generic hotplug support for a PMU with a scope") Reported-by: Stephen Rothwell Closes: https://lore.kernel.org/lkml/20240911153854.240bbc1f@canb.auug.org.au/ Reported-by: Steven Price Closes: https://lore.kernel.org/lkml/1835eb6d-3e05-47f3-9eae-507ce165c3bf@arm.com/ Signed-off-by: Kan Liang Tested-by: Steven Price Signed-off-by: Linus Torvalds commit 70920941923316b760bc7a804eb3d49a126d8712 Author: Jiapeng Chong Date: Wed Sep 18 10:16:32 2024 +0800 RDMA/bnxt_re: Remove the unused variable en_dev Variable en_dev is not effectively used, so delete it. drivers/infiniband/hw/bnxt_re/main.c:1980:22: warning: variable ‘en_dev’ set but not used. Reported-by: Abaci Robot Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=10867 Signed-off-by: Jiapeng Chong Link: https://patch.msgid.link/20240918021632.36091-1-jiapeng.chong@linux.alibaba.com Signed-off-by: Leon Romanovsky commit b2142a22ef22466575feaccc74a2995c62cae7e8 Author: Uwe Kleine-König Date: Fri Sep 20 17:34:30 2024 +0200 Input: hynitron_cstxxx - drop explicit initialization of struct i2c_device_id::driver_data to 0 These drivers don't use the driver_data member of struct i2c_device_id, so don't explicitly initialize this member. This prepares putting driver_data in an anonymous union which requires either no initialization or named designators. But it's also a nice cleanup on its own. Signed-off-by: Uwe Kleine-König Link: https://lore.kernel.org/r/20240920153430.503212-12-u.kleine-koenig@baylibre.com Signed-off-by: Dmitry Torokhov commit 690286214916f32d75de2667ec0fcfa9c3f4eefb Author: Andreas Kemnade Date: Wed Sep 18 23:21:59 2024 +0200 rtc: rc5t619: use proper module tables Avoid requiring MODULE_ALIASES by declaring proper device id tables. Signed-off-by: Andreas Kemnade Link: https://lore.kernel.org/r/20240918212159.1191637-1-andreas@kemnade.info Signed-off-by: Alexandre Belloni commit b242650dfa17d8591d92e8e151438d1f8e54997a Author: Alexandre Belloni Date: Thu Sep 12 00:48:36 2024 +0200 rtc: m48t59: set range The m48t59 leap year calculation will fail in 2100 Link: https://lore.kernel.org/r/20240911224836.1571831-1-alexandre.belloni@bootlin.com Signed-off-by: Alexandre Belloni commit f00b45db02ae4e0288bb719a9935b966733c7e91 Author: Uwe Kleine-König Date: Mon Sep 9 16:40:25 2024 +0200 clk: Switch back to struct platform_driver::remove() After commit 0edb555a65d1 ("platform: Make platform_driver::remove() return void") .remove() is (again) the right callback to implement for platform drivers. Convert all clk drivers to use .remove(), with the eventual goal to drop struct platform_driver::remove_new(). As .remove() and .remove_new() have the same prototypes, conversion is done by just changing the structure member name in the driver initializer. Signed-off-by: Uwe Kleine-König Link: https://lore.kernel.org/r/20240909144026.870565-2-u.kleine-koenig@baylibre.com Acked-by: Geert Uytterhoeven # renesas Signed-off-by: Stephen Boyd commit 1b189f71e19c431ee5777f85d1d800a43bee58b9 Merge: 6629108252e529 9934a1bd45b2b0 4e52054f8db198 eb3b3f52051800 82cf3b8afc35bf Author: Stephen Boyd Date: Sat Sep 21 14:11:05 2024 -0700 Merge branches 'clk-devm', 'clk-samsung', 'clk-rockchip' and 'clk-qcom' into clk-next * clk-devm: clk: provide devm_clk_get_optional_enabled_with_rate() clk: fixed-rate: add devm_clk_hw_register_fixed_rate_parent_data() * clk-samsung: clk: samsung: add top clock support for ExynosAuto v920 SoC clk: samsung: clk-pll: Add support for pll_531x dt-bindings: clock: add ExynosAuto v920 SoC CMU bindings clk: samsung: exynos7885: Add USB related clocks to CMU_FSYS clk: samsung: clk-pll: Add support for pll_1418x clk: samsung: exynosautov9: add dpum clock support dt-bindings: clock: exynosautov9: add dpum clock clk: samsung: exynos7885: Add missing MUX clocks from PLLs in CMU_TOP clk: samsung: exynos7885: Update CLKS_NR_FSYS after bindings fix dt-bindings: clock: exynos7885: Add indices for USB clocks dt-bindings: clock: exynos7885: Add CMU_TOP PLL MUX indices dt-bindings: clock: exynos7885: Fix duplicated binding clk: samsung: exynos850: Add TMU clock dt-bindings: clock: exynos850: Add TMU clock * clk-rockchip: dt-bindings: clock, reset: fix top-comment indentation rk3576 headers clk: rockchip: remove unused mclk_pdm0_p/pdm0_p definitions clk: rockchip: fix error for unknown clocks clk: rockchip: rk3588: drop unused code clk: rockchip: Add clock controller for the RK3576 clk: rockchip: Add new pll type pll_rk3588_ddr dt-bindings: clock, reset: Add support for rk3576 dt-bindings: clock: rockchip,rk3588-cru: drop unneeded assigned-clocks clk: rockchip: rk3588: Fix 32k clock name for pmu_24m_32k_100m_src_p dt-bindings: clock: rockchip: remove CLK_NR_CLKS and CLKPMU_NR_CLKS clk: rockchip: rk3399: Drop CLK_NR_CLKS CLKPMU_NR_CLKS usage clk: rockchip: rk3368: Drop CLK_NR_CLKS usage clk: rockchip: rk3328: Drop CLK_NR_CLKS usage clk: rockchip: rk3308: Drop CLK_NR_CLKS usage clk: rockchip: rk3288: Drop CLK_NR_CLKS usage clk: rockchip: rk3228: Drop CLK_NR_CLKS usage clk: rockchip: rk3036: Drop CLK_NR_CLKS usage clk: rockchip: px30: Drop CLK_NR_CLKS CLKPMU_NR_CLKS usage clk: rockchip: Set parent rate for DCLK_VOP clock on RK3228 * clk-qcom: (47 commits) clk: qcom: videocc-sm8550: Use HW_CTRL_TRIGGER flag for video GDSC's clk: qcom: dispcc-sm8250: use special function for Lucid 5LPE PLL clk: qcom: dispcc-sm8250: use CLK_SET_RATE_PARENT for branch clocks clk: qcom: ipq5332: Use icc-clk for enabling NoC related clocks clk: qcom: ipq5332: Register gcc_qdss_tsctr_clk_src dt-bindings: usb: qcom,dwc3: Update ipq5332 clock details dt-bindings: interconnect: Add Qualcomm IPQ5332 support clk: qcom: gcc-msm8998: Add Q6 BIMC and LPASS core, ADSP SMMU clocks dt-bindings: clock: gcc-msm8998: Add Q6 and LPASS clocks definitions clk: qcom: Fix SM_CAMCC_8150 dependencies clk: qcom: gcc-sm8150: De-register gcc_cpuss_ahb_clk_src clk: qcom: gcc-sc8180x: Fix the sdcc2 and sdcc4 clocks freq table clk: qcom: gcc-sc8180x: Add GPLL9 support dt-bindings: clock: qcom: Add GPLL9 support on gcc-sc8180x clk: qcom: gcc-sc8180x: Register QUPv3 RCGs for DFS on sc8180x clk: qcom: clk-rpmh: Fix overflow in BCM vote dt-bindings: clock: qcom: Drop required-opps in required on SM8650 camcc dt-bindings: clock: qcom: Drop required-opps in required on sm8650 videocc dt-bindings: clock: qcom,qcs404-turingcc: convert to dtschema dt-bindings: clock: Add x1e80100 LPASSCC reset controller ... commit 6629108252e529c1e0951613b3dc1182e2eb68d3 Merge: c7183ff52f253f 554bc24708dc01 1d777b05da6adf a09e3cf770bcff Author: Stephen Boyd Date: Sat Sep 21 14:10:59 2024 -0700 Merge branches 'clk-amlogic', 'clk-microchip' and 'clk-imx' into clk-next * clk-amlogic: clk: meson: introduce symbol namespace for amlogic clocks clk: meson: axg-audio: add sm1 earcrx clocks clk: meson: axg-audio: setup regmap max_register based on the SoC dt-bindings: clock: axg-audio: add earcrx clock ids clk: meson: s4: pll: Constify struct regmap_config clk: meson: s4: peripherals: Constify struct regmap_config clk: meson: c3: pll: Constify struct regmap_config clk: meson: c3: peripherals: Constify struct regmap_config clk: meson: a1: pll: Constify struct regmap_config clk: meson: a1: peripherals: Constify struct regmap_config * clk-microchip: clk: at91: sama7g5: Allocate only the needed amount of memory for PLLs clk: at91: sam9x7: add sam9x7 pmc driver dt-bindings: clock: at91: Allow PLLs to be exported and referenced in DT clk: at91: sama7g5: move mux table macros to header file clk: at91: sam9x7: add support for HW PLL freq dividers clk: at91: clk-sam9x60-pll: re-factor to support individual core freq outputs dt-bindings: clocks: atmel,at91rm9200-pmc: add sam9x7 clock controller dt-bindings: clocks: atmel,at91sam9x5-sckc: add sam9x7 * clk-imx: (27 commits) clk: imx6ul: fix clock parent for IMX6UL_CLK_ENETx_REF_SEL clk: imx95: enable the clock of NETCMIX block control dt-bindings: clock: add RMII clock selection dt-bindings: clock: add i.MX95 NETCMIX block control clk: imx: imx8: Use clk_hw pointer for self registered clock in clk_parent_data clk: imx: composite-7ulp: Use NULL instead of 0 clk: imx: add missing MODULE_DESCRIPTION() macros clk: imx: clk-imx8mp: Allow media_disp pixel clock reconfigure parent rate clk: imx: fracn-gppll: update rate table clk: imx: imx8qxp: Parent should be initialized earlier than the clock clk: imx: imx8qxp: Register dc0_bypass0_clk before disp clk clk: imx: imx8qxp: Add clock muxes for MIPI and PHY ref clocks clk: imx: imx8qxp: Add LVDS bypass clocks clk: imx: imx8mm: Change the 'nand_usdhc_bus' clock to non-critical one clk: imx: imx8mn: add sai7_ipg_clk clock settings clk: imx: add CLK_SET_RATE_PARENT for lcdif_pixel_src for i.MX7D clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D clk: imx: imx8mp: fix clock tree update of TF-A managed clocks clk: imx: fracn-gppll: fix fractional part of PLL getting lost clk: imx: composite-7ulp: Check the PCC present bit ... commit c7183ff52f253f146084be1bfb4b80de7ffbd346 Merge: a2b88026f74867 965e063743f6fb f37213104a370c fc953d40bd4318 Author: Stephen Boyd Date: Sat Sep 21 14:10:53 2024 -0700 Merge branches 'clk-assigned-rates', 'clk-renesas' and 'clk-scmi' into clk-next * clk-assigned-rates: clk: clk-conf: support assigned-clock-rates-u64 * clk-renesas: (34 commits) clk: renesas: r9a09g057: Add clock and reset entries for GTM/RIIC/SDHI/WDT clk: renesas: rzv2h: Add support for dynamic switching divider clocks clk: renesas: r9a08g045: Add clocks, resets and power domains for USB dt-bindings: clock: renesas,cpg-clocks: Add top-level constraints clk: renesas: r8a779h0: Add CANFD clock clk: renesas: Add RZ/V2H(P) CPG driver clk: renesas: Add family-specific clock driver for RZ/V2H(P) dt-bindings: clock: renesas: Document RZ/V2H(P) SoC CPG clk: renesas: r8a779h0: Add PWM clock dt-bindings: clock: renesas,cpg-mssr: Document RZ/G2M v3.0 (r8a774a3) clock clk: renesas: rcar-gen4: Remove unused default PLL2/3/4/6 configs clk: renesas: rcar-gen4: Remove unused fixed PLL clock types clk: renesas: rcar-gen4: Remove unused variable PLL2 clock type clk: renesas: r8a779h0: Model PLL1/2/3/4/6 as fractional PLLs clk: renesas: r8a779g0: Model PLL1/3/4/6 as fractional PLLs clk: renesas: r8a779f0: Model PLL1/2/3/6 as fractional PLLs clk: renesas: r8a779a0: Use defines for PLL control registers clk: renesas: rcar-gen4: Add support for fractional 9.24 PLLs clk: renesas: rcar-gen4: Add support for fixed variable PLLs clk: renesas: rcar-gen4: Add support for variable fractional PLLs ... * clk-scmi: clk: scmi: add is_prepared hook commit a2b88026f74867fbf77e886076d0b8c11f56a166 Merge: 274aff8711b2e7 cd86437cde1310 55c312c1b2be6d 4844ab3fe7cc6b Author: Stephen Boyd Date: Sat Sep 21 14:10:42 2024 -0700 Merge branches 'clk-kunit', 'clk-mediatek', 'clk-cleanup' and 'clk-bindings' into clk-next - KUnit tests for clk registration and fixed rate basic clk type * clk-kunit: clk: Add KUnit tests for clks registered with struct clk_parent_data clk: Add KUnit tests for clk fixed rate basic type clk: Add test managed clk provider/consumer APIs platform: Add test managed platform_device/driver APIs of: Add a KUnit test for overlays and test managed APIs dt-bindings: vendor-prefixes: Add "test" vendor for KUnit and friends of: Add test managed wrappers for of_overlay_apply()/of_node_put() of/platform: Allow overlays to create platform devices from the root node * clk-mediatek: dt-bindings: clock: mediatek: Convert MediaTek clock syscons to schema dt-bindings: Move Mediatek clock controllers to "clock" directory dt-bindings: clock: mediatek,apmixedsys: Fix "mediatek,mt6779-apmixed" compatible clk: mediatek: reset: Remove unused mtk_register_reset_controller() clk: mediatek: reset: Return regmap's error code * clk-cleanup: clk: starfive: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage clk: ti: dra7-atl: Fix leak of of_nodes clk:davinci: make use of dev_err_cast_probe() clk: bcm: bcm53573: fix OF node leak in init clk: lmk04832: Use devm_clk_get_enabled() helpers clk: visconti: Switch to use kmemdup_array() clk: mmp: Switch to use kmemdup_array() clk: hisilicon: Remove unnecessary local variable clk: use clk_core_unlink_consumer() helper clk: Use of_property_present() clk: at91: Use of_property_count_u32_elems() to get property length da8xx-cfgchip.c: replace of_node_put with __free improves cleanup * clk-bindings: dt-bindings: clock: st,stm32mp1-rcc: add top-level constraints dt-bindings: clock: cirrus,lochnagar: add top-level constraints dt-bindings: clock: baikal,bt1-ccu-div: add top-level constraints dt-bindings: clock: nxp,lpc3220-usb-clk: Convert bindings to dtschema dt-bindings: clock: nxp,lpc3220-clk: Convert bindings to DT schema commit 39c3aad43f6f9bcddd660f5874dcd760e8c04a94 Author: Ahmed Ehab Date: Sun Sep 22 00:00:36 2024 +0300 bcachefs: Hold read lock in bch2_snapshot_tree_oldest_subvol() Syzbot reports a problem that a warning is triggered due to suspicious use of rcu_dereference_check(). That is triggered by a call of bch2_snapshot_tree_oldest_subvol(). The cause of the warning is that inside bch2_snapshot_tree_oldest_subvol(), snapshot_t() is called which calls rcu_dereference() that requires a read lock to be held. Also, the call of bch2_snapshot_tree_next() eventually calls snapshot_t(). To fix this, call rcu_read_lock() before calling snapshot_t(). Then, release the lock after the termination of the while loop. Reported-by: Signed-off-by: Ahmed Ehab Signed-off-by: Kent Overstreet commit 88264981f2082248e892a706b2c5004650faac54 Merge: 440b65232829fa 902d67a2d40f5b Author: Linus Torvalds Date: Sat Sep 21 09:44:57 2024 -0700 Merge tag 'sched_ext-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext Pull sched_ext support from Tejun Heo: "This implements a new scheduler class called ‘ext_sched_class’, or sched_ext, which allows scheduling policies to be implemented as BPF programs. The goals of this are: - Ease of experimentation and exploration: Enabling rapid iteration of new scheduling policies. - Customization: Building application-specific schedulers which implement policies that are not applicable to general-purpose schedulers. - Rapid scheduler deployments: Non-disruptive swap outs of scheduling policies in production environments" See individual commits for more documentation, but also the cover letter for the latest series: Link: https://lore.kernel.org/all/20240618212056.2833381-1-tj@kernel.org/ * tag 'sched_ext-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/sched_ext: (110 commits) sched: Move update_other_load_avgs() to kernel/sched/pelt.c sched_ext: Don't trigger ops.quiescent/runnable() on migrations sched_ext: Synchronize bypass state changes with rq lock scx_qmap: Implement highpri boosting sched_ext: Implement scx_bpf_dispatch[_vtime]_from_dsq() sched_ext: Compact struct bpf_iter_scx_dsq_kern sched_ext: Replace consume_local_task() with move_local_task_to_local_dsq() sched_ext: Move consume_local_task() upward sched_ext: Move sanity check and dsq_mod_nr() into task_unlink_from_dsq() sched_ext: Reorder args for consume_local/remote_task() sched_ext: Restructure dispatch_to_local_dsq() sched_ext: Fix processs_ddsp_deferred_locals() by unifying DTL_INVALID handling sched_ext: Make find_dsq_for_dispatch() handle SCX_DSQ_LOCAL_ON sched_ext: Refactor consume_remote_task() sched_ext: Rename scx_kfunc_set_sleepable to unlocked and relocate sched_ext: Add missing static to scx_dump_data sched_ext: Add missing static to scx_has_op[] sched_ext: Temporarily work around pick_task_scx() being called without balance_scx() sched_ext: Add a cgroup scheduler which uses flattened hierarchy sched_ext: Add cgroup support ... commit 440b65232829fad69947b8de983c13a525cc8871 Merge: 1ec6d097897a35 5277d130947ba8 Author: Linus Torvalds Date: Sat Sep 21 09:27:50 2024 -0700 Merge tag 'bpf-next-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Pull bpf updates from Alexei Starovoitov: - Introduce '__attribute__((bpf_fastcall))' for helpers and kfuncs with corresponding support in LLVM. It is similar to existing 'no_caller_saved_registers' attribute in GCC/LLVM with a provision for backward compatibility. It allows compilers generate more efficient BPF code assuming the verifier or JITs will inline or partially inline a helper/kfunc with such attribute. bpf_cast_to_kern_ctx, bpf_rdonly_cast, bpf_get_smp_processor_id are the first set of such helpers. - Harden and extend ELF build ID parsing logic. When called from sleepable context the relevants parts of ELF file will be read to find and fetch .note.gnu.build-id information. Also harden the logic to avoid TOCTOU, overflow, out-of-bounds problems. - Improvements and fixes for sched-ext: - Allow passing BPF iterators as kfunc arguments - Make the pointer returned from iter_next method trusted - Fix x86 JIT convergence issue due to growing/shrinking conditional jumps in variable length encoding - BPF_LSM related: - Introduce few VFS kfuncs and consolidate them in fs/bpf_fs_kfuncs.c - Enforce correct range of return values from certain LSM hooks - Disallow attaching to other LSM hooks - Prerequisite work for upcoming Qdisc in BPF: - Allow kptrs in program provided structs - Support for gen_epilogue in verifier_ops - Important fixes: - Fix uprobe multi pid filter check - Fix bpf_strtol and bpf_strtoul helpers - Track equal scalars history on per-instruction level - Fix tailcall hierarchy on x86 and arm64 - Fix signed division overflow to prevent INT_MIN/-1 trap on x86 - Fix get kernel stack in BPF progs attached to tracepoint:syscall - Selftests: - Add uprobe bench/stress tool - Generate file dependencies to drastically improve re-build time - Match JIT-ed and BPF asm with __xlated/__jited keywords - Convert older tests to test_progs framework - Add support for RISC-V - Few fixes when BPF programs are compiled with GCC-BPF backend (support for GCC-BPF in BPF CI is ongoing in parallel) - Add traffic monitor - Enable cross compile and musl libc * tag 'bpf-next-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next: (260 commits) btf: require pahole 1.21+ for DEBUG_INFO_BTF with default DWARF version btf: move pahole check in scripts/link-vmlinux.sh to lib/Kconfig.debug btf: remove redundant CONFIG_BPF test in scripts/link-vmlinux.sh bpf: Call the missed kfree() when there is no special field in btf bpf: Call the missed btf_record_free() when map creation fails selftests/bpf: Add a test case to write mtu result into .rodata selftests/bpf: Add a test case to write strtol result into .rodata selftests/bpf: Rename ARG_PTR_TO_LONG test description selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types bpf: Fix helper writes to read-only maps bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit selftests/bpf: Add tests for sdiv/smod overflow cases bpf: Fix a sdiv overflow issue libbpf: Add bpf_object__token_fd accessor docs/bpf: Add missing BPF program types to docs docs/bpf: Add constant values for linkages bpf: Use fake pt_regs when doing bpf syscall tracepoint tracing ... commit 1ec6d097897a35dfb55c4c31fc8633cf5be46497 Merge: 7856a565416e0c 9fed8d7c46f371 Author: Linus Torvalds Date: Sat Sep 21 09:02:54 2024 -0700 Merge tag 's390-6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux Pull s390 updates from Vasily Gorbik: - Optimize ftrace and kprobes code patching and avoid stop machine for kprobes if sequential instruction fetching facility is available - Add hiperdispatch feature to dynamically adjust CPU capacity in vertical polarization to improve scheduling efficiency and overall performance. Also add infrastructure for handling warning track interrupts (WTI), allowing for graceful CPU preemption - Rework crypto code pkey module and split it into separate, independent modules for sysfs, PCKMO, CCA, and EP11, allowing modules to load only when the relevant hardware is available - Add hardware acceleration for HMAC modes and the full AES-XTS cipher, utilizing message-security assist extensions (MSA) 10 and 11. It introduces new shash implementations for HMAC-SHA224/256/384/512 and registers the hardware-accelerated AES-XTS cipher as the preferred option. Also add clear key token support - Add MSA 10 and 11 processor activity instrumentation counters to perf and update PAI Extension 1 NNPA counters - Cleanup cpu sampling facility code and rework debug/WARN_ON_ONCE statements - Add support for SHA3 performance enhancements introduced with MSA 12 - Add support for the query authentication information feature of MSA 13 and introduce the KDSA CPACF instruction. Provide query and query authentication information in sysfs, enabling tools like cpacfinfo to present this data in a human-readable form - Update kernel disassembler instructions - Always enable EXPOLINE_EXTERN if supported by the compiler to ensure kpatch compatibility - Add missing warning handling and relocated lowcore support to the early program check handler - Optimize ftrace_return_address() and avoid calling unwinder - Make modules use kernel ftrace trampolines - Strip relocs from the final vmlinux ELF file to make it roughly 2 times smaller - Dump register contents and call trace for early crashes to the console - Generate ptdump address marker array dynamically - Fix rcu_sched stalls that might occur when adding or removing large amounts of pages at once to or from the CMM balloon - Fix deadlock caused by recursive lock of the AP bus scan mutex - Unify sync and async register save areas in entry code - Cleanup debug prints in crypto code - Various cleanup and sanitizing patches for the decompressor - Various small ftrace cleanups * tag 's390-6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: (84 commits) s390/crypto: Display Query and Query Authentication Information in sysfs s390/crypto: Add Support for Query Authentication Information s390/crypto: Rework RRE and RRF CPACF inline functions s390/crypto: Add KDSA CPACF Instruction s390/disassembler: Remove duplicate instruction format RSY_RDRU s390/boot: Move boot_printk() code to own file s390/boot: Use boot_printk() instead of sclp_early_printk() s390/boot: Rename decompressor_printk() to boot_printk() s390/boot: Compile all files with the same march flag s390: Use MARCH_HAS_*_FEATURES defines s390: Provide MARCH_HAS_*_FEATURES defines s390/facility: Disable compile time optimization for decompressor code s390/boot: Increase minimum architecture to z10 s390/als: Remove obsolete comment s390/sha3: Fix SHA3 selftests failures s390/pkey: Add AES xts and HMAC clear key token support s390/cpacf: Add MSA 10 and 11 new PCKMO functions s390/mm: Add cond_resched() to cmm_alloc/free_pages() s390/pai_ext: Update PAI extension 1 counters s390/pai_crypto: Add support for MSA 10 and 11 pai counters ... commit 025c55a4c7f11ea38521c6e797f3192ad8768c93 Author: Diogo Jahchan Koike Date: Tue Sep 10 18:18:34 2024 -0300 bcachefs: return err ptr instead of null in read sb clean syzbot reported a null-ptr-deref in bch2_fs_start. [0] When a sb is marked clear but doesn't have a clean section bch2_read_superblock_clean returns NULL which PTR_ERR_OR_ZERO lets through, eventually leading to a null ptr dereference down the line. Adjust read sb clean to return an ERR_PTR indicating the invalid clean section. [0] https://syzkaller.appspot.com/bug?extid=1cecc37d87c4286e5543 Reported-by: syzbot+1cecc37d87c4286e5543@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=1cecc37d87c4286e5543 Signed-off-by: Diogo Jahchan Koike Signed-off-by: Kent Overstreet commit abb43dd677f3c5508dc369a61f82f89a8b16b811 Author: Yang Li Date: Mon Sep 9 08:58:02 2024 +0800 bcachefs: Remove duplicated include in backpointers.c The header files bbpos.h is included twice in backpointers.c, so one inclusion of each can be removed. Reported-by: Abaci Robot Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=10783 Signed-off-by: Yang Li Signed-off-by: Kent Overstreet commit d5c5b337f8da6c9eebbe6cf9dfbd38fd9503eb35 Author: Kent Overstreet Date: Fri Sep 6 20:22:26 2024 -0400 bcachefs: Don't drop devices with stripe pointers Signed-off-by: Kent Overstreet commit 035d72f72c9172a29bba4e09620d286ed8496356 Author: Kent Overstreet Date: Fri Sep 6 19:14:36 2024 -0400 bcachefs: bch2_ec_stripe_head_get() now checks for change in rw devices This factors out ec_strie_head_devs_update(), which initializes the bitmap of devices we're allocating from, and runs it every time c->rw_devs_change_count changes. We also cancel pending, not allocated stripes, since they may refer to devices that are no longer available. Signed-off-by: Kent Overstreet commit 83ccd9b31d5356f9943b8fd0f996ec9fefcb25f1 Author: Kent Overstreet Date: Fri Sep 6 19:12:53 2024 -0400 bcachefs: bch_fs.rw_devs_change_count Add a counter that's incremented whenever rw devices change; this will be used for erasure coding so that it can keep ec_stripe_head in sync and not deadlock on a new stripe when a device it wants goes away. Signed-off-by: Kent Overstreet commit ad8d1f77fc425f42d1b297486eea36864ae82c41 Author: Kent Overstreet Date: Sun Sep 1 18:35:52 2024 -0400 bcachefs: bch2_dev_remove_stripes() We can now correctly force-remove a device that has stripes on it; this uses the new BCH_SB_MEMBER_INVALID sentinal value. Signed-off-by: Kent Overstreet commit 934137b0c066de53c6df3191c922f6e371fa45a7 Author: Kent Overstreet Date: Sat Sep 7 21:51:46 2024 -0400 bcachefs: bch2_trigger_ptr() calculates sectors even when no device This is necessary for erasure coded pointers to devices that have been removed. Signed-off-by: Kent Overstreet commit 2aee59eb212266992c018f1ae2cf9c7f6c4ed1a9 Author: Kent Overstreet Date: Sat Sep 7 16:31:47 2024 -0400 bcachefs: improve error messages in bch2_ec_read_extent() Signed-off-by: Kent Overstreet commit cb771fe891f97d847eda643553b31e99661f312d Author: Kent Overstreet Date: Sun Sep 1 17:42:01 2024 -0400 bcachefs: improve error message on too few devices for ec Signed-off-by: Kent Overstreet commit c9cabfb215d5ba6d972186f8eefea835e4697220 Author: Kent Overstreet Date: Sun Sep 1 16:45:34 2024 -0400 bcachefs: improve bch2_new_stripe_to_text() also print out the new stripe key Signed-off-by: Kent Overstreet commit a4b7a0c0378a3f73004b5c5263ec2b4e5a476fa8 Author: Kent Overstreet Date: Sun Sep 1 16:44:36 2024 -0400 bcachefs: ec_stripe_head.nr_created additional debug stat Signed-off-by: Kent Overstreet commit fa85c473977c0afb5104a630f019f593fe33a8b0 Author: Kent Overstreet Date: Sun Sep 1 14:54:42 2024 -0400 bcachefs: bch_stripe.disk_label When reshaping existing stripes, we should keep them on the same target that they were allocated on; to do this, we need to add a field to the btree stripe type. This is a tad awkward, because we only have 8 bits left, and targets are 16 bits - but we only need to store a label, not a full target. Signed-off-by: Kent Overstreet commit 1b11c4d3654877f4deb6f9bec12f6ec487d62030 Author: Kent Overstreet Date: Sun Sep 1 14:51:45 2024 -0400 bcachefs: stripe_to_mem() factor out a common helper Signed-off-by: Kent Overstreet commit 54a12984a9a29d6b7a363e8860506f0c77f334d7 Author: Kent Overstreet Date: Wed Sep 4 17:51:47 2024 -0400 bcachefs: EIO errcode cleanup We want to be using private errcodes whenever possible, for better error messages. Signed-off-by: Kent Overstreet commit 7a51608d0125469664e2daf8e060d6d783924c98 Author: Kent Overstreet Date: Wed Sep 4 20:49:37 2024 -0400 bcachefs: Rework btree node pinning In backpointers fsck, we do a seqential scan of one btree, and check references to another: extents <-> backpointers Checking references generates random lookups, so we want to pin that btree in memory (or only a range, if it doesn't fit in ram). Previously, this was done with a simple check in the shrinker - "if btree node is in range being pinned, don't free it" - but this generated OOMs, as our shrinker wasn't well behaved if there was less memory available than expected. Instead, we now have two different shrinkers and lru lists; the second shrinker being for pinned nodes, with seeks set much higher than normal - so they can still be freed if necessary, but we'll prefer not to. Signed-off-by: Kent Overstreet commit 91ddd7151000c0e538cec7fb2f3f86e2268af4d4 Author: Kent Overstreet Date: Thu Sep 5 19:37:56 2024 -0400 bcachefs: split up btree cache counters for live, freeable this is prep for introducing a second live list and shrinker for pinned nodes Signed-off-by: Kent Overstreet commit 691f2cba229189033c55f19b904bc6f4bd68b480 Author: Kent Overstreet Date: Thu Sep 5 19:25:01 2024 -0400 bcachefs: btree cache counters should be size_t 32 bits won't overflow any time soon, but size_t is the correct type for counting objects in memory. Signed-off-by: Kent Overstreet commit ad5dbe3ce533ec13abacad78076050672e3d39eb Author: Kent Overstreet Date: Wed Sep 4 17:19:24 2024 -0400 bcachefs: Don't count "skipped access bit" as touched in btree cache scan Signed-off-by: Kent Overstreet commit e92e5056e4f75c1990d54ea5bc03360fca55b891 Author: Kent Overstreet Date: Sat Sep 7 11:45:21 2024 -0400 bcachefs: Failed devices no longer require mounting in degraded mode Signed-off-by: Kent Overstreet commit 805ddc204287e74ebd2640c0f088e04f94e98b48 Author: Kent Overstreet Date: Sun Sep 1 18:12:26 2024 -0400 bcachefs: bch2_dev_rcu_noerror() bch2_dev_rcu() now properly errors if the device is invalid Signed-off-by: Kent Overstreet commit b99a94fd7ae91951d4f96b39e6ff50ac2fa8decb Author: Kent Overstreet Date: Tue Aug 27 20:21:03 2024 -0400 bcachefs: Progress indicator for extents_to_backpointers Signed-off-by: Kent Overstreet commit 3621ecc10f831f4fd27784083dfaf5b8481098b5 Author: Kent Overstreet Date: Sat Sep 7 20:27:23 2024 -0400 bcachefs: bch2_opts_to_text() Factor out bch2_show_options() into a generic helper, for debugging option passing issues. Signed-off-by: Kent Overstreet commit bf611567b791f3dabf4197ce70021e3bf2ce69a5 Author: Kent Overstreet Date: Fri Sep 6 18:32:49 2024 -0400 bcachefs: improve "no device to read from" message Signed-off-by: Kent Overstreet commit b161ca80968b55e551b82955e65264e8fc5f8660 Author: Hongbo Li Date: Wed Sep 4 15:15:32 2024 +0800 bcachefs: Fix compilation error for bch2_sb_member_alloc Fix the following compilation error: ``` fs/bcachefs/sb-members.c: In function ‘bch2_sb_member_alloc’: fs/bcachefs/sb-members.c:508:2: error: a label can only be part of a statement and a declaration is not a statement 508 | unsigned nr_devices = max_t(unsigned, dev_idx + 1, c->sb.nr_devices); ``` Fixes: a7d364a133c7 ("bcachefs: bch2_sb_member_alloc()") Signed-off-by: Hongbo Li Signed-off-by: Kent Overstreet commit 17405279e82aaa302e134655f74e713a0968a16c Author: Kent Overstreet Date: Sun Sep 1 18:08:25 2024 -0400 bcachefs: bch2_sb_member_alloc() refactoring Signed-off-by: Kent Overstreet commit 6b812f1dcebfee45d9ef6856404fa666797ac979 Author: Kent Overstreet Date: Sun Sep 1 17:56:27 2024 -0400 bcachefs: bch2_dev_remove_alloc() -> alloc_background.c Signed-off-by: Kent Overstreet commit 8ed4ba3663318f1e89cec1a5e6a13b84e91fc012 Author: Kent Overstreet Date: Wed Sep 4 17:51:16 2024 -0400 bcachefs: Move tabstop setup to bch2_dev_usage_to_text() No reason for it not to be where it's needed. Signed-off-by: Kent Overstreet commit 4f19a60c3226733917aac815fc156a0ea03b335e Author: Kent Overstreet Date: Sun Sep 1 22:39:42 2024 -0400 bcachefs: Options for recovery_passes, recovery_passes_exclude This adds mount options for specifying recovery passes to run, or exclude; the immediate need for this is that backpointers fsck is having trouble completing, so we need a way to skip it. Signed-off-by: Kent Overstreet commit ff7f756f2be5b37e323ff8215e500ee564551db9 Author: Kent Overstreet Date: Wed Sep 4 15:30:48 2024 -0400 bcachefs: Use mm_account_reclaimed_pages() when freeing btree nodes When freeing in a shrinker callback, we need to notify memory reclaim, so it knows forward progress has been made. Normally this is done in e.g. slab code, but we're not freeing through slab - or rather we are, but these allocations are big, and use the kmalloc_large() path. This is really a bug in the slub code, but we're working around it here for now. Signed-off-by: Kent Overstreet commit 895fbf1cf02f0c913bb443e9ae18a230bbd174c1 Author: Kent Overstreet Date: Tue Sep 3 17:42:53 2024 -0400 bcachefs: Use __GFP_ACCOUNT for reclaimable memory Signed-off-by: Kent Overstreet commit 4645855df01eda7c421c182515215682e0451b9b Author: Sasha Finkelstein Date: Sun Aug 18 19:09:02 2024 +0200 bcachefs: Hook up RENAME_WHITEOUT in rename. This is needed for overlayfs, which is used by container managers. Signed-off-by: Sasha Finkelstein Signed-off-by: Kent Overstreet commit d90c8acd351c042f4bf1676e71c3f80fb3492403 Author: Kent Overstreet Date: Sun Sep 1 16:55:35 2024 -0400 bcachefs: rebalance writes use BCH_WRITE_ONLY_SPECIFIED_DEVS this was an oversight: rebalance is moving data to a specific device, so we don't want it falling back to the full filesystem Signed-off-by: Kent Overstreet commit a977f3e162924ef82536ad23448364f2b3e9f026 Author: Kent Overstreet Date: Sun Sep 1 17:32:22 2024 -0400 bcachefs: BCH_WRITE_ALLOC_NOWAIT no longer applies to open bucket allocation rebalance writes must be BCH_WRITE_ALLOC_NOWAIT because they don't allocate from the full filesystem - but we don't want spurious allocation failures due to open buckets. Signed-off-by: Kent Overstreet commit 2e95497e81010a0f409a7c0ab39404ef591371e9 Author: Kent Overstreet Date: Sun Sep 1 17:06:28 2024 -0400 bcachefs: fix prototype to bch2_alloc_sectors_start_trans() Signed-off-by: Kent Overstreet commit da2d20c98d32bbedc187f2b8fdb70d08fdeff057 Author: Kent Overstreet Date: Sun Sep 1 15:09:11 2024 -0400 bcachefs: kill redundant is_vmalloc_addr() Signed-off-by: Kent Overstreet commit af05633d4065673697c3f17de5db09938f96ebca Author: Kent Overstreet Date: Sun Sep 1 15:33:17 2024 -0400 bcachefs: convert __bch2_encrypt_bio() to darray like the previous patch, kill use of bare arrays; the encryption code likes to work in big batches, so this is a small performance improvement. Signed-off-by: Kent Overstreet commit b7d8092a1b3f0fe848eddacc225044a2a885bc02 Author: Kent Overstreet Date: Sun Sep 1 15:24:11 2024 -0400 bcachefs: do_encrypt() now handles allocation failures convert to darray, and add a fallback when allocation fails Signed-off-by: Kent Overstreet commit 3340dee2350954c549b12c41206e98ed86d3b63e Author: Kent Overstreet Date: Sun Sep 1 13:36:42 2024 -0400 bcachefs: Add pinned to btree cache not freed counters Signed-off-by: Kent Overstreet commit 7856a565416e0cf091f825b0e25c7a1b7abb650e Merge: 617a814f14b891 5e06e08939df1c Author: Linus Torvalds Date: Sat Sep 21 08:20:50 2024 -0700 Merge tag 'mm-nonmm-stable-2024-09-21-07-52' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull non-MM updates from Andrew Morton: "Many singleton patches - please see the various changelogs for details. Quite a lot of nilfs2 work this time around. Notable patch series in this pull request are: - "mul_u64_u64_div_u64: new implementation" by Nicolas Pitre, with assistance from Uwe Kleine-König. Reimplement mul_u64_u64_div_u64() to provide (much) more accurate results. The current implementation was causing Uwe some issues in the PWM drivers. - "xz: Updates to license, filters, and compression options" from Lasse Collin. Miscellaneous maintenance and kinor feature work to the xz decompressor. - "Fix some GDB command error and add some GDB commands" from Kuan-Ying Lee. Fixes and enhancements to the gdb scripts. - "treewide: add missing MODULE_DESCRIPTION() macros" from Jeff Johnson. Adds lots of MODULE_DESCRIPTIONs, thus fixing lots of warnings about this. - "nilfs2: add support for some common ioctls" from Ryusuke Konishi. Adds various commonly-available ioctls to nilfs2. - "This series fixes a number of formatting issues in kernel doc comments" from Ryusuke Konishi does that. - "nilfs2: prevent unexpected ENOENT propagation" from Ryusuke Konishi. Fix issues where -ENOENT was being unintentionally and inappropriately returned to userspace. - "nilfs2: assorted cleanups" from Huang Xiaojia. - "nilfs2: fix potential issues with empty b-tree nodes" from Ryusuke Konishi fixes some issues which can occur on corrupted nilfs2 filesystems. - "scripts/decode_stacktrace.sh: improve error reporting and usability" from Luca Ceresoli does those things" * tag 'mm-nonmm-stable-2024-09-21-07-52' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: (103 commits) list: test: increase coverage of list_test_list_replace*() list: test: fix tests for list_cut_position() proc: use __auto_type more treewide: correct the typo 'retun' ocfs2: cleanup return value and mlog in ocfs2_global_read_info() nilfs2: remove duplicate 'unlikely()' usage nilfs2: fix potential oob read in nilfs_btree_check_delete() nilfs2: determine empty node blocks as corrupted nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() user_namespace: use kmemdup_array() instead of kmemdup() for multiple allocation tools/mm: rm thp_swap_allocator_test when make clean squashfs: fix percpu address space issues in decompressor_multi_percpu.c lib: glob.c: added null check for character class nilfs2: refactor nilfs_segctor_thread() nilfs2: use kthread_create and kthread_stop for the log writer thread nilfs2: remove sc_timer_task nilfs2: do not repair reserved inode bitmap in nilfs_new_inode() nilfs2: eliminate the shared counter and spinlock for i_generation nilfs2: separate inode type information from i_state field nilfs2: use the BITS_PER_LONG macro ... commit 617a814f14b8914271f7a70366d72c6196d17663 Merge: 1868f9d0260e9a 684826f8271ad9 Author: Linus Torvalds Date: Sat Sep 21 07:29:05 2024 -0700 Merge tag 'mm-stable-2024-09-20-02-31' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull MM updates from Andrew Morton: "Along with the usual shower of singleton patches, notable patch series in this pull request are: - "Align kvrealloc() with krealloc()" from Danilo Krummrich. Adds consistency to the APIs and behaviour of these two core allocation functions. This also simplifies/enables Rustification. - "Some cleanups for shmem" from Baolin Wang. No functional changes - mode code reuse, better function naming, logic simplifications. - "mm: some small page fault cleanups" from Josef Bacik. No functional changes - code cleanups only. - "Various memory tiering fixes" from Zi Yan. A small fix and a little cleanup. - "mm/swap: remove boilerplate" from Yu Zhao. Code cleanups and simplifications and .text shrinkage. - "Kernel stack usage histogram" from Pasha Tatashin and Shakeel Butt. This is a feature, it adds new feilds to /proc/vmstat such as $ grep kstack /proc/vmstat kstack_1k 3 kstack_2k 188 kstack_4k 11391 kstack_8k 243 kstack_16k 0 which tells us that 11391 processes used 4k of stack while none at all used 16k. Useful for some system tuning things, but partivularly useful for "the dynamic kernel stack project". - "kmemleak: support for percpu memory leak detect" from Pavel Tikhomirov. Teaches kmemleak to detect leaksage of percpu memory. - "mm: memcg: page counters optimizations" from Roman Gushchin. "3 independent small optimizations of page counters". - "mm: split PTE/PMD PT table Kconfig cleanups+clarifications" from David Hildenbrand. Improves PTE/PMD splitlock detection, makes powerpc/8xx work correctly by design rather than by accident. - "mm: remove arch_make_page_accessible()" from David Hildenbrand. Some folio conversions which make arch_make_page_accessible() unneeded. - "mm, memcg: cg2 memory{.swap,}.peak write handlers" fro David Finkel. Cleans up and fixes our handling of the resetting of the cgroup/process peak-memory-use detector. - "Make core VMA operations internal and testable" from Lorenzo Stoakes. Rationalizaion and encapsulation of the VMA manipulation APIs. With a view to better enable testing of the VMA functions, even from a userspace-only harness. - "mm: zswap: fixes for global shrinker" from Takero Funaki. Fix issues in the zswap global shrinker, resulting in improved performance. - "mm: print the promo watermark in zoneinfo" from Kaiyang Zhao. Fill in some missing info in /proc/zoneinfo. - "mm: replace follow_page() by folio_walk" from David Hildenbrand. Code cleanups and rationalizations (conversion to folio_walk()) resulting in the removal of follow_page(). - "improving dynamic zswap shrinker protection scheme" from Nhat Pham. Some tuning to improve zswap's dynamic shrinker. Significant reductions in swapin and improvements in performance are shown. - "mm: Fix several issues with unaccepted memory" from Kirill Shutemov. Improvements to the new unaccepted memory feature, - "mm/mprotect: Fix dax puds" from Peter Xu. Implements mprotect on DAX PUDs. This was missing, although nobody seems to have notied yet. - "Introduce a store type enum for the Maple tree" from Sidhartha Kumar. Cleanups and modest performance improvements for the maple tree library code. - "memcg: further decouple v1 code from v2" from Shakeel Butt. Move more cgroup v1 remnants away from the v2 memcg code. - "memcg: initiate deprecation of v1 features" from Shakeel Butt. Adds various warnings telling users that memcg v1 features are deprecated. - "mm: swap: mTHP swap allocator base on swap cluster order" from Chris Li. Greatly improves the success rate of the mTHP swap allocation. - "mm: introduce numa_memblks" from Mike Rapoport. Moves various disparate per-arch implementations of numa_memblk code into generic code. - "mm: batch free swaps for zap_pte_range()" from Barry Song. Greatly improves the performance of munmap() of swap-filled ptes. - "support large folio swap-out and swap-in for shmem" from Baolin Wang. With this series we no longer split shmem large folios into simgle-page folios when swapping out shmem. - "mm/hugetlb: alloc/free gigantic folios" from Yu Zhao. Nice performance improvements and code reductions for gigantic folios. - "support shmem mTHP collapse" from Baolin Wang. Adds support for khugepaged's collapsing of shmem mTHP folios. - "mm: Optimize mseal checks" from Pedro Falcato. Fixes an mprotect() performance regression due to the addition of mseal(). - "Increase the number of bits available in page_type" from Matthew Wilcox. Increases the number of bits available in page_type! - "Simplify the page flags a little" from Matthew Wilcox. Many legacy page flags are now folio flags, so the page-based flags and their accessors/mutators can be removed. - "mm: store zero pages to be swapped out in a bitmap" from Usama Arif. An optimization which permits us to avoid writing/reading zero-filled zswap pages to backing store. - "Avoid MAP_FIXED gap exposure" from Liam Howlett. Fixes a race window which occurs when a MAP_FIXED operqtion is occurring during an unrelated vma tree walk. - "mm: remove vma_merge()" from Lorenzo Stoakes. Major rotorooting of the vma_merge() functionality, making ot cleaner, more testable and better tested. - "misc fixups for DAMON {self,kunit} tests" from SeongJae Park. Minor fixups of DAMON selftests and kunit tests. - "mm: memory_hotplug: improve do_migrate_range()" from Kefeng Wang. Code cleanups and folio conversions. - "Shmem mTHP controls and stats improvements" from Ryan Roberts. Cleanups for shmem controls and stats. - "mm: count the number of anonymous THPs per size" from Barry Song. Expose additional anon THP stats to userspace for improved tuning. - "mm: finish isolate/putback_lru_page()" from Kefeng Wang: more folio conversions and removal of now-unused page-based APIs. - "replace per-quota region priorities histogram buffer with per-context one" from SeongJae Park. DAMON histogram rationalization. - "Docs/damon: update GitHub repo URLs and maintainer-profile" from SeongJae Park. DAMON documentation updates. - "mm/vdpa: correct misuse of non-direct-reclaim __GFP_NOFAIL and improve related doc and warn" from Jason Wang: fixes usage of page allocator __GFP_NOFAIL and GFP_ATOMIC flags. - "mm: split underused THPs" from Yu Zhao. Improve THP=always policy. This was overprovisioning THPs in sparsely accessed memory areas. - "zram: introduce custom comp backends API" frm Sergey Senozhatsky. Add support for zram run-time compression algorithm tuning. - "mm: Care about shadow stack guard gap when getting an unmapped area" from Mark Brown. Fix up the various arch_get_unmapped_area() implementations to better respect guard areas. - "Improve mem_cgroup_iter()" from Kinsey Ho. Improve the reliability of mem_cgroup_iter() and various code cleanups. - "mm: Support huge pfnmaps" from Peter Xu. Extends the usage of huge pfnmap support. - "resource: Fix region_intersects() vs add_memory_driver_managed()" from Huang Ying. Fix a bug in region_intersects() for systems with CXL memory. - "mm: hwpoison: two more poison recovery" from Kefeng Wang. Teaches a couple more code paths to correctly recover from the encountering of poisoned memry. - "mm: enable large folios swap-in support" from Barry Song. Support the swapin of mTHP memory into appropriately-sized folios, rather than into single-page folios" * tag 'mm-stable-2024-09-20-02-31' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: (416 commits) zram: free secondary algorithms names uprobes: turn xol_area->pages[2] into xol_area->page uprobes: introduce the global struct vm_special_mapping xol_mapping Revert "uprobes: use vm_special_mapping close() functionality" mm: support large folios swap-in for sync io devices mm: add nr argument in mem_cgroup_swapin_uncharge_swap() helper to support large folios mm: fix swap_read_folio_zeromap() for large folios with partial zeromap mm/debug_vm_pgtable: Use pxdp_get() for accessing page table entries set_memory: add __must_check to generic stubs mm/vma: return the exact errno in vms_gather_munmap_vmas() memcg: cleanup with !CONFIG_MEMCG_V1 mm/show_mem.c: report alloc tags in human readable units mm: support poison recovery from copy_present_page() mm: support poison recovery from do_cow_fault() resource, kunit: add test case for region_intersects() resource: make alloc_free_mem_region() works for iomem_resource mm: z3fold: deprecate CONFIG_Z3FOLD vfio/pci: implement huge_fault support mm/arm64: support large pfn mappings mm/x86: support large pfn mappings ... commit c24999e61b2187578fe4256b7bc6190a046c4b93 Merge: 7e722083fcc3e1 f56f4ba2fc1dbe Author: Wolfram Sang Date: Sat Sep 21 12:46:00 2024 +0200 Merge tag 'i2c-host-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/andi.shyti/linux into i2c/for-mergewindow The DesignWare and the Renesas I2C drivers have received most of the changes in this pull request. The first has has undergone through a series of cleanups that have been sent to the mailing list a year ago for the first time and finally get merged in this pull request. They are many, from typos (e.g. i2/i2c), to cosmetics, to refactoring (e.g. move inline functions to librarieas) and many others. Besides that, all the DesignWare Kconfig options have been grouped under the I2C_DESIGNWARE_CORE and this required some adaptation in many of the kernel configuration files for different arm and mips boards. Follows the list of the rest of the changes grouped by type of change. Cleanups -------- The Qualcomm Geni platform improves the exit path in the runtime resume function. The Intel LJCA driver loses "target_addr" parameter in ljca_i2c_stop() because it was unused. The MediaTek controller intializes the restart_flag in the transfer function using the ternary conditional operator ("? :") instead of initializing it in different parts. Constified a few global data structures in the virtio driver. The Renesas driver simplifies the bus speed handling in the init function making it more readable. Improved an if/else statement in probe function of the Renesas R-Car driver. The iMX/MXC driver switches to using the RUNTIME_PM_OPS() instead of SET_RUNTIME_PM_OPS(). Still in the iMX/MXC driver a comma ',' has been replaced by a semicolon ';', while in different drivers the ',' has been removed from the '{ }' delimiters. Finally three devm_clk_get_enabled() have been used to simplify the devm_clk_get/clk_prepare_enable tuple in the Renesas EMEV2, Ingenic and MPC drivers. Refactors --------- The Nuvoton fixes a potential out of boundary array access. This is not a bug fix because the issue could never occur due to hardware not having the properties listed in the array. The change makes the driver more future proof and, at the same time, silences code analyzers. Improvements ------------ The Renesas I2C (riic) driver undergoes several patches improving the runtime power management handling. The Intel i801 driver uses a more descriptive adapter's name to show the presence of the IDF feature. In the Intel Denverton (ismt) adapter the pending transactions are killed when irq's can't complete their handling, triggering a timeout. This could have been considered as a bug fix, but because, standing to Vasily, it's very sporadic, I preferred considering the patch rather as an improvement. New Feature ----------- The Renesas I2C (riic) driver now supports the fast mode plus. New support ----------- Added support for: - Renesas R9A08G045 - Rockchip RK3576 - KEBA I2C - Theobroma Systems Mule Multiplexer. The Keba comes with a new driver, i2c-keba.c. The Mule is an i2c multiplexer and it also comes with a new driver, mux/i2c-mux-mule.c. Core patch ---------- This pull request includes also a patch in the I2C framework, in i2c-core-base.c where the runtime PM functions have been replaced in order to allow to be accessed during the device add. Devicetree ---------- Some cleanups in the devicetree, as well. nVidia and Qualcomm bindings improve their "if:then:" blocks. While the aspeed binding loses the "multi-master" property because it was redundant. The i2c-sprd binding has been converted to YAML. commit 44ac4625ea002deecd0c227336c95b724206c698 Author: Danny Tsen Date: Thu Sep 19 07:36:37 2024 -0400 crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 Data mismatch found when testing ipsec tunnel with AES/GCM crypto. Disabling CRYPTO_AES_GCM_P10 in Kconfig for this feature. Fixes: fd0e9b3e2ee6 ("crypto: p10-aes-gcm - An accelerated AES/GCM stitched implementation") Fixes: cdcecfd9991f ("crypto: p10-aes-gcm - Glue code for AES/GCM stitched implementation") Fixes: 45a4672b9a6e2 ("crypto: p10-aes-gcm - Update Kconfig and Makefile") Signed-off-by: Danny Tsen Signed-off-by: Herbert Xu commit 4330869a2dd9e3abfde820fb5d93888e7d98ffa1 Author: Herbert Xu Date: Wed Sep 18 12:01:47 2024 +0800 crypto: s390/paes - Fix module aliases The paes_s390 module didn't declare the correct aliases for the algorithms that it registered. Instead it declared an alias for the non-existent paes algorithm. The Crypto API will eventually try to load the paes algorithm, to construct the cbc(paes) instance. But because the module does not actually contain a "paes" algorithm, this will fail. Previously this failure was hidden and the the cbc(paes) lookup will be retried. This was fixed recently, thus exposing the buggy alias in paes_s390. Replace the bogus paes alias with aliases for the actual algorithms. Reported-by: Ingo Franzki Fixes: e7a4142b35ce ("crypto: api - Fix generic algorithm self-test races") Signed-off-by: Herbert Xu Tested-by: Ingo Franzki Reviewed-by: Ingo Franzki Signed-off-by: Herbert Xu commit 5124bc96162667766f6120b19f57a640c2eccb2a Author: Herbert Xu Date: Thu Sep 12 17:57:13 2024 +0800 crypto: caam - Pad SG length when allocating hash edesc Because hardware will read in multiples of 4 SG entries, ensure the allocated length is always padded. This was already done by some callers of ahash_edesc_alloc, but ahash_digest was conspicuously missing. In any case, doing it in the allocation function ensures that the memory is always there. Reported-by: Guangwu Zhang Fixes: a5e5c13398f3 ("crypto: caam - fix S/G table passing page boundary") Signed-off-by: Herbert Xu commit 4f2c346e621624315e2a1405e98616a0c5ac146f Author: Stuart Hayes Date: Wed Sep 18 23:31:43 2024 -0500 driver core: fix async device shutdown hang Modify device_shutdown() so that supplier devices do not wait for consumer devices to be shut down first when the devlink is sync state only, since the consumer is not dependent on the supplier in this case. Without this change, a circular dependency could hang the system. Fixes: 8064952c6504 ("driver core: shut down devices asynchronously") Signed-off-by: Stuart Hayes Tested-by: Laurence Oberman Tested-by: Nathan Chancellor Link: https://lore.kernel.org/r/20240919043143.1194950-1-stuart.w.hayes@gmail.com Signed-off-by: Greg Kroah-Hartman commit 8bb04fb2b7e346ffcf00164b91129ab151ceaa46 Author: Thorsten Blum Date: Tue Aug 20 21:15:20 2024 +0200 ksmbd: Replace one-element arrays with flexible-array members Replace the deprecated one-element arrays with flexible-array members in the structs copychunk_ioctl_req and smb2_ea_info_req. There are no binary differences after this conversion. Link: https://github.com/KSPP/linux/issues/79 Signed-off-by: Thorsten Blum Acked-by: Namjae Jeon Signed-off-by: Steve French commit 289ebd9afeb94862d96c89217068943f1937df5b Author: Namjae Jeon Date: Thu Sep 19 09:22:57 2024 +0900 ksmbd: fix warning: comparison of distinct pointer types lacks a cast smb2pdu.c: In function ‘smb2_open’: ./include/linux/minmax.h:20:28: warning: comparison of distinct pointer types lacks a cast 20 | (!!(sizeof((typeof(x) *)1 == (typeof(y) *)1))) | ^~ ./include/linux/minmax.h:26:4: note: in expansion of macro ‘__typecheck’ 26 | (__typecheck(x, y) && __no_side_effects(x, y)) | ^~~~~~~~~~~ ./include/linux/minmax.h:36:24: note: in expansion of macro ‘__safe_cmp’ 36 | __builtin_choose_expr(__safe_cmp(x, y), \ | ^~~~~~~~~~ ./include/linux/minmax.h:45:19: note: in expansion of macro ‘__careful_cmp’ 45 | #define min(x, y) __careful_cmp(x, y, <) | ^~~~~~~~~~~~~ /home/linkinjeon/git/smbd_work/ksmbd/smb2pdu.c:3713:27: note: in expansion of macro ‘min’ 3713 | fp->durable_timeout = min(dh_info.timeout, Fixes: c8efcc786146 ("ksmbd: add support for durable handles v1/v2") Signed-off-by: Namjae Jeon Signed-off-by: Steve French commit 1868f9d0260e9afaf7c6436d14923ae12eaea465 Merge: 056f8c437dc33e 96319dacaf15f6 Author: Linus Torvalds Date: Fri Sep 20 19:34:00 2024 -0700 Merge tag 'for-linux-6.12-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux Pull orangefs update from Mike Marshall: "Constify struct kobj_type" * tag 'for-linux-6.12-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux: orangefs: Constify struct kobj_type commit 056f8c437dc33e9e8e64b9344e816d7d46c06c16 Merge: 171754c3808214 ff2beee206d23f Author: Linus Torvalds Date: Fri Sep 20 19:26:45 2024 -0700 Merge tag 'ext4_for_linus-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 Pull ext4 updates from Ted Ts'o: "Lots of cleanups and bug fixes this cycle, primarily in the block allocation, extent management, fast commit, and journalling" * tag 'ext4_for_linus-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4: (93 commits) ext4: convert EXT4_B2C(sbi->s_stripe) users to EXT4_NUM_B2C ext4: check stripe size compatibility on remount as well ext4: fix i_data_sem unlock order in ext4_ind_migrate() ext4: remove the special buffer dirty handling in do_journal_get_write_access ext4: fix a potential assertion failure due to improperly dirtied buffer ext4: hoist ext4_block_write_begin and replace the __block_write_begin ext4: persist the new uptodate buffers in ext4_journalled_zero_new_buffers ext4: dax: keep orphan list before truncate overflow allocated blocks ext4: fix error message when rejecting the default hash ext4: save unnecessary indentation in ext4_ext_create_new_leaf() ext4: make some fast commit functions reuse extents path ext4: refactor ext4_swap_extents() to reuse extents path ext4: get rid of ppath in convert_initialized_extent() ext4: get rid of ppath in ext4_ext_handle_unwritten_extents() ext4: get rid of ppath in ext4_ext_convert_to_initialized() ext4: get rid of ppath in ext4_convert_unwritten_extents_endio() ext4: get rid of ppath in ext4_split_convert_extents() ext4: get rid of ppath in ext4_split_extent() ext4: get rid of ppath in ext4_force_split_extent_at() ext4: get rid of ppath in ext4_split_extent_at() ... commit 171754c3808214d4fd8843eab584599a429deb52 Merge: baeb9a7d8b60b0 71fdfcdd0dc834 Author: Linus Torvalds Date: Fri Sep 20 17:53:17 2024 -0700 Merge tag 'vfs-6.12.blocksize' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs Pull vfs blocksize updates from Christian Brauner: "This contains the vfs infrastructure as well as the xfs bits to enable support for block sizes (bs) larger than page sizes (ps) plus a few fixes to related infrastructure. There has been efforts over the last 16 years to enable enable Large Block Sizes (LBS), that is block sizes in filesystems where bs > page size. Through these efforts we have learned that one of the main blockers to supporting bs > ps in filesystems has been a way to allocate pages that are at least the filesystem block size on the page cache where bs > ps. Thanks to various previous efforts it is possible to support bs > ps in XFS with only a few changes in XFS itself. Most changes are to the page cache to support minimum order folio support for the target block size on the filesystem. A motivation for Large Block Sizes today is to support high-capacity (large amount of Terabytes) QLC SSDs where the internal Indirection Unit (IU) are typically greater than 4k to help reduce DRAM and so in turn cost and space. In practice this then allows different architectures to use a base page size of 4k while still enabling support for block sizes aligned to the larger IUs by relying on high order folios on the page cache when needed. It also allows to take advantage of the drive's support for atomics larger than 4k with buffered IO support in Linux. As described this year at LSFMM, supporting large atomics greater than 4k enables databases to remove the need to rely on their own journaling, so they can disable double buffered writes, which is a feature different cloud providers are already enabling through custom storage solutions" * tag 'vfs-6.12.blocksize' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs: (22 commits) Documentation: iomap: fix a typo iomap: remove the iomap_file_buffered_write_punch_delalloc return value iomap: pass the iomap to the punch callback iomap: pass flags to iomap_file_buffered_write_punch_delalloc iomap: improve shared block detection in iomap_unshare_iter iomap: handle a post-direct I/O invalidate race in iomap_write_delalloc_release docs:filesystems: fix spelling and grammar mistakes in iomap design page filemap: fix htmldoc warning for mapping_align_index() iomap: make zero range flush conditional on unwritten mappings iomap: fix handling of dirty folios over unwritten extents iomap: add a private argument for iomap_file_buffered_write iomap: remove set_memor_ro() on zero page xfs: enable block size larger than page size support xfs: make the calculation generic in xfs_sb_validate_fsb_count() xfs: expose block size in stat xfs: use kvmalloc for xattr buffers iomap: fix iomap_dio_zero() for fs bs > system page size filemap: cap PTE range to be created to allowed zero fill in folio_map_range() mm: split a folio in minimum folio order chunks readahead: allocate folios with mapping_min_order in readahead ... commit 509abfc7a0ba66afa648e8216306acdc55ec54ed Author: Chuck Lever Date: Fri Sep 13 13:50:56 2024 -0400 xdrgen: Prevent reordering of encoder and decoder functions I noticed that "xdrgen source" reorders the procedure encoder and decoder functions every time it is run. I would prefer that the generated code be more deterministic: it enables a reader to better see exactly what has changed between runs of the tool. The problem is that Python sets are not ordered. I use a Python set to ensure that, when multiple procedures use a particular argument or result type, the encoder/decoder for that type is emitted only once. Sets aren't ordered, but I can use Python dictionaries for this purpose to ensure the procedure functions are always emitted in the same order if the .x file does not change. Signed-off-by: Chuck Lever commit fed8a17c61ffa2ba53dc749068b6f07ecf40e3bf Author: Chuck Lever Date: Tue Sep 10 15:51:46 2024 -0400 xdrgen: typedefs should use the built-in string and opaque functions 'typedef opaque yada' should use xdrgen's built-in opaque encoder and decoder, to enable better compiler optimization. Signed-off-by: Chuck Lever commit 663ad8b1df8724cd5e01df66ea67ce0424fbcdf6 Author: Chuck Lever Date: Tue Sep 10 15:31:19 2024 -0400 xdrgen: Fix return code checking in built-in XDR decoders xdr_stream_encode_u32() returns XDR_UNIT on success. xdr_stream_decode_u32() returns zero or -EMSGSIZE, but never XDR_UNIT. Signed-off-by: Chuck Lever commit 4b132aacb0768ac1e652cf517097ea6f237214b9 Author: Chuck Lever Date: Fri Sep 13 14:08:13 2024 -0400 tools: Add xdrgen Add a Python-based tool for translating XDR specifications into XDR encoder and decoder functions written in the Linux kernel's C coding style. The generator attempts to match the usual C coding style of the Linux kernel's SunRPC consumers. This approach is similar to the netlink code generator in tools/net/ynl . The maintainability benefits of machine-generated XDR code include: - Stronger type checking - Reduces the number of bugs introduced by human error - Makes the XDR code easier to audit and analyze - Enables rapid prototyping of new RPC-based protocols - Hardens the layering between protocol logic and marshaling - Makes it easier to add observability on demand - Unit tests might be built for both the tool and (automatically) for the generated code In addition, converting the XDR layer to use memory-safe languages such as Rust will be easier if much of the code can be converted automatically. Tested-by: Jeff Layton Signed-off-by: Chuck Lever commit 45bb63ed20e02ae146336412889fe5450316a84f Author: NeilBrown Date: Mon Sep 9 15:06:36 2024 +1000 nfsd: fix delegation_blocked() to block correctly for at least 30 seconds The pair of bloom filtered used by delegation_blocked() was intended to block delegations on given filehandles for between 30 and 60 seconds. A new filehandle would be recorded in the "new" bit set. That would then be switch to the "old" bit set between 0 and 30 seconds later, and it would remain as the "old" bit set for 30 seconds. Unfortunately the code intended to clear the old bit set once it reached 30 seconds old, preparing it to be the next new bit set, instead cleared the *new* bit set before switching it to be the old bit set. This means that the "old" bit set is always empty and delegations are blocked between 0 and 30 seconds. This patch updates bd->new before clearing the set with that index, instead of afterwards. Reported-by: Olga Kornievskaia Cc: stable@vger.kernel.org Fixes: 6282cd565553 ("NFSD: Don't hand out delegations for 30 seconds after recalling them.") Signed-off-by: NeilBrown Reviewed-by: Benjamin Coddington Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit bf92e5008b17f935a6de8b708551e02c2294121c Author: Jeff Layton Date: Mon Sep 9 10:40:53 2024 -0400 nfsd: fix initial getattr on write delegation At this point in compound processing, currentfh refers to the parent of the file, not the file itself. Get the correct dentry from the delegation stateid instead. Fixes: c5967721e106 ("NFSD: handle GETATTR conflict with write delegation") Signed-off-by: Jeff Layton Signed-off-by: Chuck Lever commit a078a7dc0eaa9db288ae45319f7f7503968af546 Author: NeilBrown Date: Thu Aug 29 09:26:40 2024 -0400 nfsd: untangle code in nfsd4_deleg_getattr_conflict() The code in nfsd4_deleg_getattr_conflict() is convoluted and buggy. With this patch we: - properly handle non-nfsd leases. We must not assume flc_owner is a delegation unless fl_lmops == &nfsd_lease_mng_ops - move the main code out of the for loop - have a single exit which calls nfs4_put_stid() (and other exits which don't need to call that) [ jlayton: refactored on top of Neil's other patch: nfsd: fix nfsd4_deleg_getattr_conflict in presence of third party lease ] Fixes: c5967721e106 ("NFSD: handle GETATTR conflict with write delegation") Signed-off-by: NeilBrown Signed-off-by: Jeff Layton Signed-off-by: Chuck Lever commit 5559c157b79907a901578f93f83eb6732bfcbc1a Author: Scott Mayhew Date: Mon Sep 9 16:28:54 2024 -0400 nfsd: enforce upper limit for namelen in __cld_pipe_inprogress_downcall() This patch is intended to go on top of "nfsd: return -EINVAL when namelen is 0" from Li Lingfeng. Li's patch checks for 0, but we should be enforcing an upper bound as well. Note that if nfsdcld somehow gets an id > NFS4_OPAQUE_LIMIT in its database, it'll truncate it to NFS4_OPAQUE_LIMIT when it does the downcall anyway. Signed-off-by: Scott Mayhew Signed-off-by: Chuck Lever commit 22451a16b7ab7debefce660672566be887db1637 Author: Li Lingfeng Date: Tue Sep 3 19:14:46 2024 +0800 nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdup_user() to return ZERO_SIZE_PTR. When we access the name.data that has been assigned the value of ZERO_SIZE_PTR in nfs4_client_to_reclaim(), null pointer dereference is triggered. [ T1205] ================================================================== [ T1205] BUG: KASAN: null-ptr-deref in nfs4_client_to_reclaim+0xe9/0x260 [ T1205] Read of size 1 at addr 0000000000000010 by task nfsdcld/1205 [ T1205] [ T1205] CPU: 11 PID: 1205 Comm: nfsdcld Not tainted 5.10.0-00003-g2c1423731b8d #406 [ T1205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014 [ T1205] Call Trace: [ T1205] dump_stack+0x9a/0xd0 [ T1205] ? nfs4_client_to_reclaim+0xe9/0x260 [ T1205] __kasan_report.cold+0x34/0x84 [ T1205] ? nfs4_client_to_reclaim+0xe9/0x260 [ T1205] kasan_report+0x3a/0x50 [ T1205] nfs4_client_to_reclaim+0xe9/0x260 [ T1205] ? nfsd4_release_lockowner+0x410/0x410 [ T1205] cld_pipe_downcall+0x5ca/0x760 [ T1205] ? nfsd4_cld_tracking_exit+0x1d0/0x1d0 [ T1205] ? down_write_killable_nested+0x170/0x170 [ T1205] ? avc_policy_seqno+0x28/0x40 [ T1205] ? selinux_file_permission+0x1b4/0x1e0 [ T1205] rpc_pipe_write+0x84/0xb0 [ T1205] vfs_write+0x143/0x520 [ T1205] ksys_write+0xc9/0x170 [ T1205] ? __ia32_sys_read+0x50/0x50 [ T1205] ? ktime_get_coarse_real_ts64+0xfe/0x110 [ T1205] ? ktime_get_coarse_real_ts64+0xa2/0x110 [ T1205] do_syscall_64+0x33/0x40 [ T1205] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ T1205] RIP: 0033:0x7fdbdb761bc7 [ T1205] Code: 0f 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 514 [ T1205] RSP: 002b:00007fff8c4b7248 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ T1205] RAX: ffffffffffffffda RBX: 000000000000042b RCX: 00007fdbdb761bc7 [ T1205] RDX: 000000000000042b RSI: 00007fff8c4b75f0 RDI: 0000000000000008 [ T1205] RBP: 00007fdbdb761bb0 R08: 0000000000000000 R09: 0000000000000001 [ T1205] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000042b [ T1205] R13: 0000000000000008 R14: 00007fff8c4b75f0 R15: 0000000000000000 [ T1205] ================================================================== Fix it by checking namelen. Signed-off-by: Li Lingfeng Fixes: 74725959c33c ("nfsd: un-deprecate nfsdcld") Reviewed-by: Jeff Layton Reviewed-by: Scott Mayhew Tested-by: Scott Mayhew Signed-off-by: Chuck Lever commit 0505de9615fa3d216828bfa9ddf502e918675986 Author: Chuck Lever Date: Wed Aug 28 13:40:09 2024 -0400 NFSD: Wrap async copy operations with trace points Add an nfsd_copy_async_done to record the timestamp, the final status code, and the callback stateid of an async copy. Rename the nfsd_copy_do_async tracepoint to match that naming convention to make it easier to enable both of these with a single glob. Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit d3c430aa97e547614808831d28f43db26a854457 Author: Chuck Lever Date: Wed Aug 28 13:40:07 2024 -0400 NFSD: Clean up extra whitespace in trace_nfsd_copy_done Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit e1d2697c53c0a74ece4402b2ae0047bfdaddb89b Author: Chuck Lever Date: Wed Aug 28 13:40:06 2024 -0400 NFSD: Record the callback stateid in copy tracepoints Match COPY operations up with CB_OFFLOAD operations. Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit 11848e985ca03deec5ee3552c8f8d34541dd8d35 Author: Chuck Lever Date: Wed Aug 28 13:40:05 2024 -0400 NFSD: Display copy stateids with conventional print formatting Make it easier to grep for s2s COPY stateids in trace logs: Use the same display format in nfsd_copy_class as is used to display other stateids. Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit aadc3bbea163b6caaaebfdd2b6c4667fbc726752 Author: Chuck Lever Date: Wed Aug 28 13:40:04 2024 -0400 NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimited number of 4MB chunks, so can run for a long time. Thus IMO async COPY can become a DoS vector. Add a restriction mechanism that bounds the number of concurrent background COPY operations. Start simple and try to be fair -- this patch implements a per-namespace limit. An async COPY request that occurs while this limit is exceeded gets NFS4ERR_DELAY. The requesting client can choose to send the request again after a delay or fall back to a traditional read/write style copy. If there is need to make the mechanism more sophisticated, we can visit that in future patches. Cc: stable@vger.kernel.org Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit 9ed666eba4e0a2bb8ffaa3739d830b64d4f2aaad Author: Chuck Lever Date: Wed Aug 28 13:40:03 2024 -0400 NFSD: Async COPY result needs to return a write verifier Currently, when NFSD handles an asynchronous COPY, it returns a zero write verifier, relying on the subsequent CB_OFFLOAD callback to pass the write verifier and a stable_how4 value to the client. However, if the CB_OFFLOAD never arrives at the client (for example, if a network partition occurs just as the server sends the CB_OFFLOAD operation), the client will never receive this verifier. Thus, if the client sends a follow-up COMMIT, there is no way for the client to assess the COMMIT result. The usual recovery for a missing CB_OFFLOAD is for the client to send an OFFLOAD_STATUS operation, but that operation does not carry a write verifier in its result. Neither does it carry a stable_how4 value, so the client /must/ send a COMMIT in this case -- which will always fail because currently there's still no write verifier in the COPY result. Thus the server needs to return a normal write verifier in its COPY result even if the COPY operation is to be performed asynchronously. If the server recognizes the callback stateid in subsequent OFFLOAD_STATUS operations, then obviously it has not restarted, and the write verifier the client received in the COPY result is still valid and can be used to assess a COMMIT of the copied data, if one is needed. Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit 15392c8cd13449bf0c09faf8e78ca2fdfb023284 Author: NeilBrown Date: Fri Aug 30 17:03:17 2024 +1000 nfsd: avoid races with wake_up_var() wake_up_var() needs a barrier after the important change is made in the var and before wake_up_var() is called, else it is possible that a wake up won't be sent when it should. In each case here the var is changed in an "atomic" manner, so smb_mb__after_atomic() is sufficient. In one case the important change (removing the lease) is performed *after* the wake_up, which is backwards. The code survives in part because the wait_var_event is given a timeout. This patch adds the required barriers and calls destroy_delegation() *before* waking any threads waiting for the delegation to be destroyed. Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit 985eeae9c874157bb8ece9060020856f68aa08d5 Author: NeilBrown Date: Fri Aug 30 17:03:16 2024 +1000 nfsd: use clear_and_wake_up_bit() nfsd has two places that open-code clear_and_wake_up_bit(). One has the required memory barriers. The other does not. Change both to use clear_and_wake_up_bit() so we have the barriers without the noise. Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit aeddf8e6c5662d60d434ce59f7e08ea020162323 Author: Yan Zhen Date: Fri Aug 30 09:43:56 2024 +0800 sunrpc: xprtrdma: Use ERR_CAST() to return Using ERR_CAST() is more reasonable and safer, When it is necessary to convert the type of an error pointer and return it. Signed-off-by: Yan Zhen Signed-off-by: Chuck Lever commit 2869b3a00e202ee8d3d90ab7d88f4057c4bb3135 Author: Thorsten Blum Date: Wed Aug 28 23:42:55 2024 +0200 NFSD: Annotate struct pnfs_block_deviceaddr with __counted_by() Add the __counted_by compiler attribute to the flexible array member volumes to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Use struct_size() instead of manually calculating the number of bytes to allocate for a pnfs_block_deviceaddr with a single volume. Signed-off-by: Thorsten Blum Reviewed-by: Gustavo A. R. Silva Acked-by: Jeff Layton Signed-off-by: Chuck Lever commit d078cbf5c38de83bc31f83c47dcd2184c04a50c7 Author: Guoqing Jiang Date: Wed Aug 21 22:03:18 2024 +0800 nfsd: call cache_put if xdr_reserve_space returns NULL If not enough buffer space available, but idmap_lookup has triggered lookup_fn which calls cache_get and returns successfully. Then we missed to call cache_put here which pairs with cache_get. Fixes: ddd1ea563672 ("nfsd4: use xdr_reserve_space in attribute encoding") Signed-off-by: Guoqing Jiang Reviwed-by: Jeff Layton Signed-off-by: Chuck Lever commit ba017fd391e05aba3d8a96c06d0287ffeeb8458c Author: Jeff Layton Date: Mon Aug 26 08:50:13 2024 -0400 nfsd: add more nfsd_cb tracepoints Add some tracepoints in the callback client RPC operations. Also add a tracepoint to nfsd4_cb_getattr_done. Signed-off-by: Jeff Layton Signed-off-by: Chuck Lever commit c1c9f3ea7405b5069925ab2fd6326e3b980b28b0 Author: Jeff Layton Date: Mon Aug 26 08:50:12 2024 -0400 nfsd: track the main opcode for callbacks Keep track of the "main" opcode for the callback, and display it in the tracepoint. This makes it simpler to discern what's happening when there is more than one callback in flight. The one special case is the CB_NULL RPC. That's not a CB_COMPOUND opcode, so designate the value 0 for that. Signed-off-by: Jeff Layton Signed-off-by: Chuck Lever commit e8581a9124470b751db8ec46044720d1597dbbfe Author: Jeff Layton Date: Mon Aug 26 08:50:11 2024 -0400 nfsd: add more info to WARN_ON_ONCE on failed callbacks Currently, you get the warning and stack trace, but nothing is printed about the relevant error codes. Add that in. Signed-off-by: Jeff Layton Signed-off-by: Chuck Lever commit 76a3f3f164d470ef1f22a34dbdb13549934cf339 Author: Li Lingfeng Date: Sat Aug 24 09:43:36 2024 +0800 nfsd: fix some spelling errors in comments Fix spelling errors in comments of nfsd4_release_lockowner and nfs4_set_delegation. Signed-off-by: Li Lingfeng Signed-off-by: Chuck Lever commit eb059a413c06af1c59b26cb85ddb7cf73d82b92e Author: Li Lingfeng Date: Fri Aug 23 15:00:49 2024 +0800 nfsd: remove unused parameter of nfsd_file_mark_find_or_create Commit 427f5f83a319 ("NFSD: Ensure nf_inode is never dereferenced") passes inode directly to nfsd_file_mark_find_or_create instead of getting it from nf, so there is no need to pass nf. Signed-off-by: Li Lingfeng Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit c2feb7ee39151005786f202bb1a373d96b653cd6 Author: Hongbo Li Date: Wed Aug 21 14:53:26 2024 +0800 nfsd: use LIST_HEAD() to simplify code list_head can be initialized automatically with LIST_HEAD() instead of calling INIT_LIST_HEAD(). Signed-off-by: Hongbo Li Signed-off-by: Chuck Lever commit 340e61e44c1d2a15c42ec72ade9195ad525fd048 Author: Li Lingfeng Date: Sat Aug 17 14:27:13 2024 +0800 nfsd: map the EBADMSG to nfserr_io to avoid warning Ext4 will throw -EBADMSG through ext4_readdir when a checksum error occurs, resulting in the following WARNING. Fix it by mapping EBADMSG to nfserr_io. nfsd_buffered_readdir iterate_dir // -EBADMSG -74 ext4_readdir // .iterate_shared ext4_dx_readdir ext4_htree_fill_tree htree_dirblock_to_tree ext4_read_dirblock __ext4_read_dirblock ext4_dirblock_csum_verify warn_no_space_for_csum __warn_no_space_for_csum return ERR_PTR(-EFSBADCRC) // -EBADMSG -74 nfserrno // WARNING [ 161.115610] ------------[ cut here ]------------ [ 161.116465] nfsd: non-standard errno: -74 [ 161.117315] WARNING: CPU: 1 PID: 780 at fs/nfsd/nfsproc.c:878 nfserrno+0x9d/0xd0 [ 161.118596] Modules linked in: [ 161.119243] CPU: 1 PID: 780 Comm: nfsd Not tainted 5.10.0-00014-g79679361fd5d #138 [ 161.120684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qe mu.org 04/01/2014 [ 161.123601] RIP: 0010:nfserrno+0x9d/0xd0 [ 161.124676] Code: 0f 87 da 30 dd 00 83 e3 01 b8 00 00 00 05 75 d7 44 89 ee 48 c7 c7 c0 57 24 98 89 44 24 04 c6 05 ce 2b 61 03 01 e8 99 20 d8 00 <0f> 0b 8b 44 24 04 eb b5 4c 89 e6 48 c7 c7 a0 6d a4 99 e8 cc 15 33 [ 161.127797] RSP: 0018:ffffc90000e2f9c0 EFLAGS: 00010286 [ 161.128794] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 161.130089] RDX: 1ffff1103ee16f6d RSI: 0000000000000008 RDI: fffff520001c5f2a [ 161.131379] RBP: 0000000000000022 R08: 0000000000000001 R09: ffff8881f70c1827 [ 161.132664] R10: ffffed103ee18304 R11: 0000000000000001 R12: 0000000000000021 [ 161.133949] R13: 00000000ffffffb6 R14: ffff8881317c0000 R15: ffffc90000e2fbd8 [ 161.135244] FS: 0000000000000000(0000) GS:ffff8881f7080000(0000) knlGS:0000000000000000 [ 161.136695] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.137761] CR2: 00007fcaad70b348 CR3: 0000000144256006 CR4: 0000000000770ee0 [ 161.139041] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 161.140291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 161.141519] PKRU: 55555554 [ 161.142076] Call Trace: [ 161.142575] ? __warn+0x9b/0x140 [ 161.143229] ? nfserrno+0x9d/0xd0 [ 161.143872] ? report_bug+0x125/0x150 [ 161.144595] ? handle_bug+0x41/0x90 [ 161.145284] ? exc_invalid_op+0x14/0x70 [ 161.146009] ? asm_exc_invalid_op+0x12/0x20 [ 161.146816] ? nfserrno+0x9d/0xd0 [ 161.147487] nfsd_buffered_readdir+0x28b/0x2b0 [ 161.148333] ? nfsd4_encode_dirent_fattr+0x380/0x380 [ 161.149258] ? nfsd_buffered_filldir+0xf0/0xf0 [ 161.150093] ? wait_for_concurrent_writes+0x170/0x170 [ 161.151004] ? generic_file_llseek_size+0x48/0x160 [ 161.151895] nfsd_readdir+0x132/0x190 [ 161.152606] ? nfsd4_encode_dirent_fattr+0x380/0x380 [ 161.153516] ? nfsd_unlink+0x380/0x380 [ 161.154256] ? override_creds+0x45/0x60 [ 161.155006] nfsd4_encode_readdir+0x21a/0x3d0 [ 161.155850] ? nfsd4_encode_readlink+0x210/0x210 [ 161.156731] ? write_bytes_to_xdr_buf+0x97/0xe0 [ 161.157598] ? __write_bytes_to_xdr_buf+0xd0/0xd0 [ 161.158494] ? lock_downgrade+0x90/0x90 [ 161.159232] ? nfs4svc_decode_voidarg+0x10/0x10 [ 161.160092] nfsd4_encode_operation+0x15a/0x440 [ 161.160959] nfsd4_proc_compound+0x718/0xe90 [ 161.161818] nfsd_dispatch+0x18e/0x2c0 [ 161.162586] svc_process_common+0x786/0xc50 [ 161.163403] ? nfsd_svc+0x380/0x380 [ 161.164137] ? svc_printk+0x160/0x160 [ 161.164846] ? svc_xprt_do_enqueue.part.0+0x365/0x380 [ 161.165808] ? nfsd_svc+0x380/0x380 [ 161.166523] ? rcu_is_watching+0x23/0x40 [ 161.167309] svc_process+0x1a5/0x200 [ 161.168019] nfsd+0x1f5/0x380 [ 161.168663] ? nfsd_shutdown_threads+0x260/0x260 [ 161.169554] kthread+0x1c4/0x210 [ 161.170224] ? kthread_insert_work_sanity_check+0x80/0x80 [ 161.171246] ret_from_fork+0x1f/0x30 Signed-off-by: Li Lingfeng Reviewed-by: Jeff Layton Cc: stable@vger.kernel.org Signed-off-by: Chuck Lever commit 2039c5da5dc110ba56aa811f1688c184eed5d2f5 Author: Li Lingfeng Date: Wed Aug 14 19:29:07 2024 +0800 NFSD: remove redundant assignment operation Commit 5826e09bf3dd ("NFSD: OP_CB_RECALL_ANY should recall both read and write delegations") added a new assignment statement to add RCA4_TYPE_MASK_WDATA_DLG to ra_bmval bitmask of OP_CB_RECALL_ANY. So the old one should be removed. Signed-off-by: Li Lingfeng Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit ecbf84940575e107df13f308121682f7e8c0d20b Author: Chuck Lever Date: Tue Aug 13 17:55:45 2024 -0400 .mailmap: Add an entry for my work email address Collect a few very old previous employers as well. Signed-off-by: Chuck Lever commit 202f39039a11402dcbcd5fece8d9fa6be83f49ae Author: Chuck Lever Date: Sun Aug 11 13:11:07 2024 -0400 NFSD: Fix NFSv4's PUTPUBFH operation According to RFC 8881, all minor versions of NFSv4 support PUTPUBFH. Replace the XDR decoder for PUTPUBFH with a "noop" since we no longer want the minorversion check, and PUTPUBFH has no arguments to decode. (Ideally nfsd4_decode_noop should really be called nfsd4_decode_void). PUTPUBFH should now behave just like PUTROOTFH. Reported-by: Cedric Blancher Fixes: e1a90ebd8b23 ("NFSD: Combine decode operations for v4 and v4.1") Cc: Dan Shelton Cc: Roland Mainz Cc: stable@vger.kernel.org Signed-off-by: Chuck Lever commit 32b34fa485645221e4f4b2e7ba8a02260920dce9 Author: Mark Grimes Date: Tue Aug 6 18:58:34 2024 -0700 nfsd: Add quotes to client info 'callback address' The 'callback address' in client_info_show is output without quotes causing yaml parsers to fail on processing IPv6 addresses. Adding quotes to 'callback address' also matches that used by the 'address' field. Signed-off-by: Mark Grimes Reviewed-by: Jeff Layton Reviewed-by: NeilBrown Signed-off-by: Chuck Lever commit c4de97f7c45434985e5dbf2d6ccc9eca676e37fe Author: Chuck Lever Date: Mon Jul 29 16:52:32 2024 -0400 svcrdma: Handle device removal outside of the CM event handler Synchronously wait for all disconnects to complete to ensure the transports have divested all hardware resources before the underlying RDMA device can safely be removed. Reviewed-by: Sagi Grimberg Signed-off-by: Chuck Lever commit 438f81e0e92a780b117097503599eb030b77dabe Author: NeilBrown Date: Wed Aug 14 09:21:01 2024 -0400 nfsd: move error choice for incorrect object types to version-specific code. If an NFS operation expects a particular sort of object (file, dir, link, etc) but gets a file handle for a different sort of object, it must return an error. The actual error varies among NFS versions in non-trivial ways. For v2 and v3 there are ISDIR and NOTDIR errors and, for NFSv4 only, INVAL is suitable. For v4.0 there is also NFS4ERR_SYMLINK which should be used if a SYMLINK was found when not expected. This take precedence over NOTDIR. For v4.1+ there is also NFS4ERR_WRONG_TYPE which should be used in preference to EINVAL when none of the specific error codes apply. When nfsd_mode_check() finds a symlink where it expected a directory it needs to return an error code that can be converted to NOTDIR for v2 or v3 but will be SYMLINK for v4. It must be different from the error code returns when it finds a symlink but expects a regular file - that must be converted to EINVAL or SYMLINK. So we introduce an internal error code nfserr_symlink_not_dir which each version converts as appropriate. nfsd_check_obj_isreg() is similar to nfsd_mode_check() except that it is only used by NFSv4 and only for OPEN. NFSERR_INVAL is never a suitable error if the object is the wrong time. For v4.0 we use nfserr_symlink for non-dirs even if not a symlink. For v4.1 we have nfserr_wrong_type. We handle this difference in-place in nfsd_check_obj_isreg() as there is nothing to be gained by delaying the choice to nfsd4_map_status(). As a result of these changes, nfsd_mode_check() doesn't need an rqstp arg any more. Note that NFSv4 operations are actually performed in the xdr code(!!!) so to the only place that we can map the status code successfully is in nfsd4_encode_operation(). Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit 36ffa3d0de54c1cf516ea32a5ec556f5c9874795 Author: NeilBrown Date: Mon Jul 29 11:47:23 2024 +1000 nfsd: be more systematic about selecting error codes for internal use. Rather than using ad hoc values for internal errors (30000, 11000, ...) use 'enum' to sequentially allocate numbers starting from the first known available number - now visible as NFS4ERR_FIRST_FREE. The goal is values that are distinct from all be32 error codes. To get those we must first select integers that are not already used, then convert them with cpu_to_be32(). Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Reviewed-by: Christoph Hellwig Signed-off-by: Chuck Lever commit 1459ad57673b8019fbfcfddc345c99630d29e716 Author: NeilBrown Date: Mon Jul 29 11:47:22 2024 +1000 nfsd: Move error code mapping to per-version proc code. There is code scattered around nfsd which chooses an error status based on the particular version of nfs being used. It is cleaner to have the version specific choices in version specific code. With this patch common code returns the most specific error code possible and the version specific code maps that if necessary. Both v2 (nfsproc.c) and v3 (nfs3proc.c) now have a "map_status()" function which is called to map the resp->status before each non-trivial nfsd_proc_* or nfsd3_proc_* function returns. NFS4ERR_SYMLINK and NFS4ERR_WRONG_TYPE introduce extra complications and are left for a later patch. Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Reviewed-by: Christoph Hellwig Signed-off-by: Chuck Lever commit ef7f6c4904d03ccd7478e1ac20ed75f79c4ac444 Author: NeilBrown Date: Fri Jul 26 12:21:35 2024 +1000 nfsd: move V4ROOT version check to nfsd_set_fh_dentry() This further centralizes version number checks. Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit c689bdd3bffad887207bc5b36abdc0efeb2e54d5 Author: NeilBrown Date: Fri Jul 26 12:21:34 2024 +1000 nfsd: further centralize protocol version checks. With this patch the only places that test ->rq_vers against a specific version are nfsd_v4client() and nfsd_set_fh_dentry(). The latter sets some flags in the svc_fh, which now includes: fh_64bit_cookies fh_use_wgather Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit 4f67d24f723b27ed50962db32718d180d0e869da Author: NeilBrown Date: Fri Jul 26 12:21:33 2024 +1000 nfsd: use nfsd_v4client() in nfsd_breaker_owns_lease() nfsd_breaker_owns_lease() currently open-codes the same test that nfsd_v4client() performs. With this patch we use nfsd_v4client() instead. Also as i_am_nfsd() is only used in combination with kthread_data(), replace it with nfsd_current_rqst() which combines the two and returns a valid svc_rqst, or NULL. The test for NULL is moved into nfsd_v4client() for code clarity. Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit 9fd45c16f3e3b95b458e049c77f4d7dfef673a52 Author: NeilBrown Date: Fri Jul 26 12:21:31 2024 +1000 nfsd: Pass 'cred' instead of 'rqstp' to some functions. nfsd_permission(), exp_rdonly(), nfsd_setuser(), and nfsexp_flags() only ever need the cred out of rqstp, so pass it explicitly instead of the whole rqstp. This makes the interfaces cleaner. Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit c55aeef7766cdc52847d03dd1326859c55811a52 Author: NeilBrown Date: Fri Jul 26 12:21:30 2024 +1000 nfsd: Don't pass all of rqst into rqst_exp_find() Rather than passing the whole rqst, pass the pieces that are actually needed. This makes the inputs to rqst_exp_find() more obvious. Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit 11673b2a917d2351d8e29d4788a129c973852215 Author: Sagi Grimberg Date: Wed Jul 24 10:01:37 2024 -0700 nfsd: don't assume copy notify when preprocessing the stateid Move the stateid handling to nfsd4_copy_notify. If nfs4_preprocess_stateid_op did not produce an output stateid, error out. Copy notify specifically does not permit the use of special stateids, so enforce that outside generic stateid pre-processing. Signed-off-by: Sagi Grimberg Reviewed-by: Jeff Layton Reviewed-by: Olga Kornievskaia Signed-off-by: Chuck Lever commit 3391fc92db8e761f1a2df5612fcb999dac6bc00a Author: NeilBrown Date: Mon Sep 16 09:45:40 2024 +1000 sunrpc: allow svc threads to fail initialisation cleanly If an svc thread needs to perform some initialisation that might fail, it has no good way to handle the failure. Before the thread can exit it must call svc_exit_thread(), but that requires the service mutex to be held. The thread cannot simply take the mutex as that could deadlock if there is a concurrent attempt to shut down all threads (which is unlikely, but not impossible). nfsd currently call svc_exit_thread() unprotected in the unlikely event that unshare_fs_struct() fails. We can clean this up by introducing svc_thread_init_status() by which an svc thread can report whether initialisation has succeeded. If it has, it continues normally into the action loop. If it has not, svc_thread_init_status() immediately aborts the thread. svc_start_kthread() waits for either of these to happen, and calls svc_exit_thread() (under the mutex) if the thread aborted. Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit 59f3b138160d37435b353e95c62d9ebf7f80b117 Author: NeilBrown Date: Tue Jul 30 07:19:41 2024 +1000 sunrpc: merge svc_rqst_alloc() into svc_prepare_thread() The only caller of svc_rqst_alloc() is svc_prepare_thread(). So merge the one into the other and simplify. Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit 9dcbc4e07087f750010c32b1c56fe1af8792a0ca Author: NeilBrown Date: Mon Jul 15 17:14:19 2024 +1000 sunrpc: don't take ->sv_lock when updating ->sv_nrthreads. As documented in svc_xprt.c, sv_nrthreads is protected by the service mutex, and it does not need ->sv_lock. (->sv_lock is needed only for sv_permsocks, sv_tempsocks, and sv_tmpcnt). So remove the unnecessary locking. Signed-off-by: NeilBrown Signed-off-by: Chuck Lever commit 60749cbe3d8ae572a6c7dda675de3e8b25797a18 Author: NeilBrown Date: Mon Jul 15 17:14:18 2024 +1000 sunrpc: change sp_nrthreads from atomic_t to unsigned int. sp_nrthreads is only ever accessed under the service mutex nlmsvc_mutex nfs_callback_mutex nfsd_mutex so these is no need for it to be an atomic_t. The fact that all code using it is single-threaded means that we can simplify svc_pool_victim and remove the temporary elevation of sp_nrthreads. Signed-off-by: NeilBrown Signed-off-by: Chuck Lever commit 16ef80eedcd34799db69990e13f69b812d2690f1 Author: NeilBrown Date: Fri Jul 26 13:59:55 2024 +1000 sunrpc: document locking rules for svc_exit_thread() The locking required for svc_exit_thread() is not obvious, so document it in a kdoc comment. Signed-off-by: NeilBrown Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit 73598a0cfb21fb21928e638f7f21be6021ac2a16 Author: NeilBrown Date: Tue Aug 6 21:11:32 2024 -0400 nfsd: don't allocate the versions array. Instead of using kmalloc to allocate an array for storing active version info, just declare an array to the max size - it is only 5 or so. Signed-off-by: NeilBrown Signed-off-by: Chuck Lever commit 558bdc45dfb2669e1741384a0c80be9c82fa052c Author: Jan Stancek Date: Fri Sep 20 19:52:48 2024 +0300 sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3 ENGINE API has been deprecated since OpenSSL version 3.0 [1]. Distros have started dropping support from headers and in future it will likely disappear also from library. It has been superseded by the PROVIDER API, so use it instead for OPENSSL MAJOR >= 3. [1] https://github.com/openssl/openssl/blob/master/README-ENGINES.md [jarkko: fixed up alignment issues reported by checkpatch.pl --strict] Signed-off-by: Jan Stancek Reviewed-by: Jarkko Sakkinen Tested-by: R Nageswara Sastry Reviewed-by: Neal Gompa Signed-off-by: Jarkko Sakkinen commit 467d60eddf55588add232feda325da7215ddaf30 Author: Jan Stancek Date: Fri Jul 12 09:11:15 2024 +0200 sign-file,extract-cert: avoid using deprecated ERR_get_error_line() ERR_get_error_line() is deprecated since OpenSSL 3.0. Use ERR_peek_error_line() instead, and combine display_openssl_errors() and drain_openssl_errors() to a single function where parameter decides if it should consume errors silently. Signed-off-by: Jan Stancek Reviewed-by: Jarkko Sakkinen Tested-by: R Nageswara Sastry Reviewed-by: Neal Gompa Signed-off-by: Jarkko Sakkinen commit 300e6d4116f956b035281ec94297dc4dc8d4e1d3 Author: Jan Stancek Date: Fri Jul 12 09:11:14 2024 +0200 sign-file,extract-cert: move common SSL helper functions to a header Couple error handling helpers are repeated in both tools, so move them to a common header. Signed-off-by: Jan Stancek Reviewed-by: Jarkko Sakkinen Tested-by: R Nageswara Sastry Reviewed-by: Neal Gompa Signed-off-by: Jarkko Sakkinen commit 70fd1966c93bf3bfe3fe6d753eb3d83a76597eef Author: Roman Smirnov Date: Tue Sep 17 18:54:53 2024 +0300 KEYS: prevent NULL pointer dereference in find_asymmetric_key() In find_asymmetric_key(), if all NULLs are passed in the id_{0,1,2} arguments, the kernel will first emit WARN but then have an oops because id_2 gets dereferenced anyway. Add the missing id_2 check and move WARN_ON() to the final else branch to avoid duplicate NULL checks. Found by Linux Verification Center (linuxtesting.org) with Svace static analysis tool. Cc: stable@vger.kernel.org # v5.17+ Fixes: 7d30198ee24f ("keys: X.509 public key issuer lookup without AKID") Suggested-by: Sergey Shtylyov Signed-off-by: Roman Smirnov Reviewed-by: Sergey Shtylyov Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen commit bf36793fa260cb68cc817f311f1f683788261796 Author: Uwe Kleine-König Date: Fri Sep 20 17:10:08 2024 +0200 ALSA: Drop explicit initialization of struct i2c_device_id::driver_data to 0 These drivers don't use the driver_data member of struct i2c_device_id, so don't explicitly initialize this member. This prepares putting driver_data in an anonymous union which requires either no initialization or named designators. But it's also a nice cleanup on its own. Signed-off-by: Uwe Kleine-König Link: https://patch.msgid.link/20240920151009.499188-2-u.kleine-koenig@baylibre.com Signed-off-by: Takashi Iwai commit 652bfcb76fe689f4d85b6f3688025a87fb94f9a1 Author: Yue Haibing Date: Wed Jul 31 15:43:13 2024 +0800 KEYS: Remove unused declarations These declarations are never implemented, remove it. Signed-off-by: Yue Haibing Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen commit 061a785a114f159e990ea8ed8d1b7dca4b41120f Author: Dave Jiang Date: Thu Sep 5 14:22:07 2024 -0700 ntb: Force physically contiguous allocation of rx ring buffers Physical addresses under IOVA on x86 platform are mapped contiguously as a side effect before the patch that removed CONFIG_DMA_REMAP. The NTB rx buffer ring is a single chunk DMA buffer that is allocated against the NTB PCI device. If the receive side is using a DMA device, then the buffers are remapped against the DMA device before being submitted via the dmaengine API. This scheme becomes a problem when the physical memory is discontiguous. When dma_map_page() is called on the kernel virtual address from the dma_alloc_coherent() call, the new IOVA mapping no longer points to all the physical memory allocated due to being discontiguous. Change dma_alloc_coherent() to dma_alloc_attrs() in order to force DMA_ATTR_FORCE_CONTIGUOUS attribute. This is the best fix for the circumstance. A potential future solution may be having the DMA mapping API providing a way to alias an existing IOVA mapping to a new device perhaps. This fix is not to fix the patch pointed to by the fixes tag, but to fix the issue arised in the ntb_transport driver on x86 platforms after the said patch is applied. Reported-by: Jerry Dai Fixes: f5ff79fddf0e ("dma-mapping: remove CONFIG_DMA_REMAP") Tested-by: Jerry Dai Signed-off-by: Dave Jiang Signed-off-by: Jon Mason commit e51aded92d42784313ba16c12f4f88cc4f973bbb Author: Kaixin Wang Date: Tue Sep 10 01:20:07 2024 +0800 ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition In the switchtec_ntb_add function, it can call switchtec_ntb_init_sndev function, then &sndev->check_link_status_work is bound with check_link_status_work. switchtec_ntb_link_notification may be called to start the work. If we remove the module which will call switchtec_ntb_remove to make cleanup, it will free sndev through kfree(sndev), while the work mentioned above will be used. The sequence of operations that may lead to a UAF bug is as follows: CPU0 CPU1 | check_link_status_work switchtec_ntb_remove | kfree(sndev); | | if (sndev->link_force_down) | // use sndev Fix it by ensuring that the work is canceled before proceeding with the cleanup in switchtec_ntb_remove. Signed-off-by: Kaixin Wang Reviewed-by: Logan Gunthorpe Signed-off-by: Jon Mason commit 87a7d7150589f68cd7938b208310c93d1e4c3773 Author: zhang jiao Date: Wed Sep 4 14:54:42 2024 +0800 ntb: idt: Fix the cacography in ntb_hw_idt.c The word 'swtich' is wrong, so fix it. Signed-off-by: zhang jiao Acked-by: Serge Semin Reviewed-by: Dave Jiang Signed-off-by: Jon Mason commit b669fafd51b454f45fde5b0c6ba228ffa19e859d Author: Randy Dunlap Date: Tue Dec 5 21:59:34 2023 -0800 NTB: epf: don't misuse kernel-doc marker Use "/*" instead of "/**" for common C comments to prevent warnings from scripts/kernel-doc. ntb_hw_epf.c:15: warning: expecting prototype for Host side endpoint driver to implement Non(). Prototype was for NTB_EPF_COMMAND() instead Signed-off-by: Randy Dunlap Cc: Jon Mason Cc: Dave Jiang Cc: Allen Hubbe Cc: ntb@lists.linux.dev Signed-off-by: Jon Mason commit f407048235a3ac626078139b0c5cf313b946eba2 Author: Randy Dunlap Date: Thu Jan 18 19:28:45 2024 -0800 NTB: ntb_transport: fix all kernel-doc warnings Fix all kernel-doc warnings in ntb_transport.c. The function parameters for ntb_transport_create_queue() changed, so update them in the kernel-doc comments. Add a Returns: comment for ntb_transport_register_client_dev(). ntb_transport.c:382: warning: No description found for return value of 'ntb_transport_register_client_dev' ntb_transport.c:1984: warning: Excess function parameter 'rx_handler' description in 'ntb_transport_create_queue' ntb_transport.c:1984: warning: Excess function parameter 'tx_handler' description in 'ntb_transport_create_queue' ntb_transport.c:1984: warning: Excess function parameter 'event_handler' description in 'ntb_transport_create_queue' Signed-off-by: Randy Dunlap Cc: Jon Mason Cc: Dave Jiang Cc: Allen Hubbe Cc: ntb@lists.linux.dev Reviewed-by: Dave Jiang Signed-off-by: Jon Mason commit 35c87cb80d65859342611cbb7bd501d490452120 Author: Christophe JAILLET Date: Sat Jul 20 12:59:36 2024 +0200 ntb: Constify struct bus_type 'struct bus_type' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security, especially when the structure holds some function pointers. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 69682 4593 152 74427 122bb drivers/ntb/ntb_transport.o 5847 448 32 6327 18b7 drivers/ntb/core.o After: ===== text data bss dec hex filename 69858 4433 152 74443 122cb drivers/ntb/ntb_transport.o 6007 288 32 6327 18b7 drivers/ntb/core.o Signed-off-by: Christophe JAILLET Reviewed-by: Dave Jiang Signed-off-by: Jon Mason commit 1501ae7479c8d0f66efdbfdc9ae8d6136cefbd37 Author: Max Hawking Date: Sun Oct 8 20:45:16 2023 -0700 ntb_perf: Fix printk format The correct printk format is %pa or %pap, but not %pa[p]. Fixes: 99a06056124d ("NTB: ntb_perf: Fix address err in perf_copy_chunk") Signed-off-by: Max Hawking Signed-off-by: Jon Mason commit e229897d373a87ee09ec5cc4ecd4bb2f895fc16b Author: Jinjie Ruan Date: Thu Aug 31 20:39:27 2023 +0800 ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() The debugfs_create_dir() function returns error pointers. It never returns NULL. So use IS_ERR() to check it. Fixes: e26a5843f7f5 ("NTB: Split ntb_hw_intel and ntb_transport drivers") Signed-off-by: Jinjie Ruan Reviewed-by: Dave Jiang Signed-off-by: Jon Mason commit b3f835cd7339919561866252a11831ead72e7073 Author: Jinjie Ruan Date: Mon Aug 12 14:20:17 2024 +0800 crash: Fix riscv64 crash memory reserve dead loop On RISCV64 Qemu machine with 512MB memory, cmdline "crashkernel=500M,high" will cause system stall as below: Zone ranges: DMA32 [mem 0x0000000080000000-0x000000009fffffff] Normal empty Movable zone start for each node Early memory node ranges node 0: [mem 0x0000000080000000-0x000000008005ffff] node 0: [mem 0x0000000080060000-0x000000009fffffff] Initmem setup node 0 [mem 0x0000000080000000-0x000000009fffffff] (stall here) commit 5d99cadf1568 ("crash: fix x86_32 crash memory reserve dead loop bug") fix this on 32-bit architecture. However, the problem is not completely solved. If `CRASH_ADDR_LOW_MAX = CRASH_ADDR_HIGH_MAX` on 64-bit architecture, for example, when system memory is equal to CRASH_ADDR_LOW_MAX on RISCV64, the following infinite loop will also occur: -> reserve_crashkernel_generic() and high is true -> alloc at [CRASH_ADDR_LOW_MAX, CRASH_ADDR_HIGH_MAX] fail -> alloc at [0, CRASH_ADDR_LOW_MAX] fail and repeatedly (because CRASH_ADDR_LOW_MAX = CRASH_ADDR_HIGH_MAX). As Catalin suggested, do not remove the ",high" reservation fallback to ",low" logic which will change arm64's kdump behavior, but fix it by skipping the above situation similar to commit d2f32f23190b ("crash: fix x86_32 crash memory reserve dead loop"). After this patch, it print: cannot allocate crashkernel (size:0x1f400000) Signed-off-by: Jinjie Ruan Suggested-by: Catalin Marinas Reviewed-by: Catalin Marinas Acked-by: Baoquan He Link: https://lore.kernel.org/r/20240812062017.2674441-1-ruanjinjie@huawei.com Signed-off-by: Palmer Dabbelt commit f0c9363db2ddfb07723c00cb153c84c8179e92d4 Author: Mayuresh Chitale Date: Mon Aug 12 05:11:09 2024 +0000 perf/riscv-sbi: Add platform specific firmware event handling The SBI v2.0 specification pointed to by the link below reserves the event code 0xffff for platform specific firmware events. Update the driver to be able to parse and program such events. The platform specific firmware events must now be specified in the perf command as below: perf stat -e rCxxx ... where bits[63:62] = 0x3 of the event config indicate a platform specific firmware event and xxx indicate the actual event code which is passed as the event data. Signed-off-by: Mayuresh Chitale Link: https://github.com/riscv-non-isa/riscv-sbi-doc/releases/download/v2.0/riscv-sbi.pdf Link: https://lore.kernel.org/r/20240812051109.6496-1-mchitale@ventanamicro.com Signed-off-by: Palmer Dabbelt commit 47b9533ccd1a5e9c2e7944686ccf491b27a892f3 Merge: ad380f6a0a5e82 aa5736dc7aa4d6 Author: Palmer Dabbelt Date: Fri Sep 20 01:46:50 2024 -0700 Merge patch series "tools: Add barrier implementations for riscv" Charlie Jenkins says: Add support for riscv specific barrier implementations to the tools tree, so that fence instructions can be emitted for synchronization. * b4-shazam-merge: tools: Optimize ring buffer for riscv tools: Add riscv barrier implementation Link: https://lore.kernel.org/r/20240806-optimize_ring_buffer_read_riscv-v2-0-ca7e193ae198@rivosinc.com Signed-off-by: Palmer Dabbelt commit 732b47db1d6c26985faca1ae5820bcfa10f6335d Author: Joel Granados Date: Thu Jun 27 12:29:43 2024 +0200 MAINTAINERS: update email for Joel Granados Change my contact email in MAINTAINERS and .mailmap to my kernel.org. This in order to avoid cumbersome corporate email policies. Signed-off-by: Joel Granados commit 329ca3eed4a9a161515a8714be6ba182321385c7 Author: Alexander Dahl Date: Wed Sep 18 10:27:43 2024 +0200 spi: atmel-quadspi: Avoid overwriting delay register settings Previously the MR and SCR registers were just set with the supposedly required values, from cached register values (cached reg content initialized to zero). All parts fixed here did not consider the current register (cache) content, which would make future support of cs_setup, cs_hold, and cs_inactive impossible. Setting SCBR in atmel_qspi_setup() erases a possible DLYBS setting from atmel_qspi_set_cs_timing(). The DLYBS setting is applied by ORing over the current setting, without resetting the bits first. All writes to MR did not consider possible settings of DLYCS and DLYBCT. Signed-off-by: Alexander Dahl Fixes: f732646d0ccd ("spi: atmel-quadspi: Add support for configuring CS timing") Link: https://patch.msgid.link/20240918082744.379610-2-ada@thorsis.com Signed-off-by: Mark Brown commit 3af2e2f68cc6baf0a11f662d30b0bf981f77bfea Author: Narayana Murty N Date: Tue Sep 17 09:24:45 2024 -0400 powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block Makes pseries_eeh_err_inject() available even when debugfs is disabled (CONFIG_DEBUG_FS=n). It moves eeh_debugfs_break_device() and eeh_pe_inject_mmio_error() out of the CONFIG_DEBUG_FS block and renames it as eeh_break_device(). Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409170509.VWC6jadC-lkp@intel.com/ Fixes: b0e2b828dfca ("powerpc/pseries/eeh: Fix pseries_eeh_err_inject") Signed-off-by: Narayana Murty N Reviewed-by: Ritesh Harjani (IBM) Signed-off-by: Michael Ellerman Link: https://msgid.link/20240917132445.3868016-1-nnmlinux@linux.ibm.com commit 699d53f04829d6b8855ff458f86e4b75ef3e5f0c Author: Christophe Leroy Date: Thu Sep 19 20:55:57 2024 +0200 powerpc/vdso32: Fix use of crtsavres for PPC64 crtsavres.S content is encloded by a #ifndef CONFIG_PPC64 To be used on VDSO32 on PPC64 it's content must available on PPC64 as well. Replace #ifndef CONFIG_PPC64 by #ifndef __powerpc64__ as __powerpc64__ is not set when building VDSO32 on PPC64. Reported-by: Christian Zigotzky Closes: https://lore.kernel.org/linuxppc-dev/047b7503-af0c-4bb0-b12a-2f6b1e461752@csgroup.eu/T/ Fixes: b163596a5b6f ("powerpc/vdso32: Add crtsavres") Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/aded2b257018fe654db759fdfa4ab1a0b5426b1b.1726772140.git.christophe.leroy@csgroup.eu commit eac2ca2d682f94f46b1973bdf5e77d85d77b8e53 Author: Jens Axboe Date: Fri Sep 20 02:51:20 2024 -0600 io_uring: check if we need to reschedule during overflow flush In terms of normal application usage, this list will always be empty. And if an application does overflow a bit, it'll have a few entries. However, nothing obviously prevents syzbot from running a test case that generates a ton of overflow entries, and then flushing them can take quite a while. Check for needing to reschedule while flushing, and drop our locks and do so if necessary. There's no state to maintain here as overflows always prune from head-of-list, hence it's fine to drop and reacquire the locks at the end of the loop. Link: https://lore.kernel.org/io-uring/66ed061d.050a0220.29194.0053.GAE@google.com/ Reported-by: syzbot+5fca234bd7eb378ff78e@syzkaller.appspotmail.com Signed-off-by: Jens Axboe commit aa5736dc7aa4d6f0e5e4e4147d9aef42bb82deab Author: Charlie Jenkins Date: Tue Aug 6 15:01:24 2024 -0700 tools: Optimize ring buffer for riscv Now that the riscv tools tree supports optimized barriers, use them in the ring buffer. Signed-off-by: Charlie Jenkins Reviewed-by: Andrea Parri Link: https://lore.kernel.org/r/20240806-optimize_ring_buffer_read_riscv-v2-2-ca7e193ae198@rivosinc.com Signed-off-by: Palmer Dabbelt commit 6d74d178fe6eaf61e384f3be6ba64150bddce8a6 Author: Charlie Jenkins Date: Tue Aug 6 15:01:23 2024 -0700 tools: Add riscv barrier implementation Many of the other architectures use their custom barrier implementations. Use the barrier code from the kernel sources to optimize barriers in tools. Signed-off-by: Charlie Jenkins Reviewed-by: Andrea Parri Link: https://lore.kernel.org/r/20240806-optimize_ring_buffer_read_riscv-v2-1-ca7e193ae198@rivosinc.com Signed-off-by: Palmer Dabbelt commit ad380f6a0a5e82e794b45bb2eaec24ed51a56846 Author: Palmer Dabbelt Date: Wed Jul 31 09:22:00 2024 -0700 RISC-V: Don't have MAX_PHYSMEM_BITS exceed phys_addr_t I recently ended up with a warning on some compilers along the lines of CC kernel/resource.o In file included from include/linux/ioport.h:16, from kernel/resource.c:15: kernel/resource.c: In function 'gfr_start': include/linux/minmax.h:49:37: error: conversion from 'long long unsigned int' to 'resource_size_t' {aka 'unsigned int'} changes value from '17179869183' to '4294967295' [-Werror=overflow] 49 | ({ type ux = (x); type uy = (y); __cmp(op, ux, uy); }) | ^ include/linux/minmax.h:52:9: note: in expansion of macro '__cmp_once_unique' 52 | __cmp_once_unique(op, type, x, y, __UNIQUE_ID(x_), __UNIQUE_ID(y_)) | ^~~~~~~~~~~~~~~~~ include/linux/minmax.h:161:27: note: in expansion of macro '__cmp_once' 161 | #define min_t(type, x, y) __cmp_once(min, type, x, y) | ^~~~~~~~~~ kernel/resource.c:1829:23: note: in expansion of macro 'min_t' 1829 | end = min_t(resource_size_t, base->end, | ^~~~~ kernel/resource.c: In function 'gfr_continue': include/linux/minmax.h:49:37: error: conversion from 'long long unsigned int' to 'resource_size_t' {aka 'unsigned int'} changes value from '17179869183' to '4294967295' [-Werror=overflow] 49 | ({ type ux = (x); type uy = (y); __cmp(op, ux, uy); }) | ^ include/linux/minmax.h:52:9: note: in expansion of macro '__cmp_once_unique' 52 | __cmp_once_unique(op, type, x, y, __UNIQUE_ID(x_), __UNIQUE_ID(y_)) | ^~~~~~~~~~~~~~~~~ include/linux/minmax.h:161:27: note: in expansion of macro '__cmp_once' 161 | #define min_t(type, x, y) __cmp_once(min, type, x, y) | ^~~~~~~~~~ kernel/resource.c:1847:24: note: in expansion of macro 'min_t' 1847 | addr <= min_t(resource_size_t, base->end, | ^~~~~ cc1: all warnings being treated as errors which looks like a real problem: our phys_addr_t is only 32 bits now, so having 34-bit masks is just going to result in overflows. Reviewed-by: Charlie Jenkins Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/20240731162159.9235-2-palmer@rivosinc.com Signed-off-by: Palmer Dabbelt commit 732b177663e1757950d73e7763fa0de26272439f Author: Haibo Xu Date: Mon Jul 29 11:59:55 2024 +0800 ACPI: NUMA: initialize all values of acpi_early_node_map to NUMA_NO_NODE Currently, only acpi_early_node_map[0] was initialized to NUMA_NO_NODE. To ensure all the values were properly initialized, switch to initialize all of them to NUMA_NO_NODE. Suggested-by: Andrew Jones Signed-off-by: Haibo Xu Reviewed-by: Anshuman Khandual (arm64 platform) Reviewed-by: Sunil V L Reviewed-by: Andrew Jones Link: https://lore.kernel.org/r/20240729035958.1957185-1-haibo1.xu@intel.com Signed-off-by: Palmer Dabbelt commit 36ec807b627b4c0a0a382f0ae48eac7187d14b2b Merge: eb017f4ea13b1a 55bef83509f0cb Author: Dmitry Torokhov Date: Fri Sep 20 01:24:24 2024 -0700 Merge branch 'next' into for-linus Prepare input updates for 6.12 merge window. commit eb017f4ea13b1a5ad7f4332279f2e4c67b44bdea Author: Nuno Sa Date: Fri Sep 20 09:22:52 2024 +0200 Input: adp5588-keys - fix check on return code During adp5588_setup(), we read all the events to clear the event FIFO. However, adp5588_read() just calls i2c_smbus_read_byte_data() which returns the byte read in case everything goes well. Hence, we need to explicitly check for a negative error code instead of checking for something different than 0. Fixes: e960309ce318 ("Input: adp5588-keys - bail out on returned error") Cc: stable@vger.kernel.org Signed-off-by: Nuno Sa Link: https://lore.kernel.org/r/20240920-fix-adp5588-err-check-v1-1-81f6e957ef24@analog.com Signed-off-by: Dmitry Torokhov commit fffca269e4f31c3633c6d810833ba1b184407915 Author: Lorenzo Bianconi Date: Thu Sep 19 18:57:16 2024 +0200 spi: airoha: remove read cache in airoha_snand_dirmap_read() Current upstream driver reports errors running mtd_oobtest kernel module test: root@OpenWrt:/# insmod mtd_test.ko root@OpenWrt:/# insmod mtd_oobtest.ko dev=5 [ 7023.730584] ================================================= [ 7023.736399] mtd_oobtest: MTD device: 5 [ 7023.740160] mtd_oobtest: MTD device size 3670016, eraseblock size 131072, page size 2048, count of eraseblocks 28, pages per eraseblock 64, OOB size 128 [ 7023.753837] mtd_test: scanning for bad eraseblocks [ 7023.758636] mtd_test: scanned 28 eraseblocks, 0 are bad [ 7023.763861] mtd_oobtest: test 1 of 5 [ 7024.042076] mtd_oobtest: writing OOBs of whole device [ 7024.682069] mtd_oobtest: written up to eraseblock 0 [ 7041.962077] mtd_oobtest: written 28 eraseblocks [ 7041.966626] mtd_oobtest: verifying all eraseblocks [ 7041.972276] mtd_oobtest: error @addr[0x0:0x0] 0xff -> 0xe diff 0xf1 [ 7041.978550] mtd_oobtest: error @addr[0x0:0x1] 0xff -> 0x10 diff 0xef [ 7041.984932] mtd_oobtest: error @addr[0x0:0x2] 0xff -> 0x82 diff 0x7d [ 7041.991293] mtd_oobtest: error @addr[0x0:0x3] 0xff -> 0x10 diff 0xef [ 7041.997659] mtd_oobtest: error @addr[0x0:0x4] 0xff -> 0x0 diff 0xff [ 7042.003942] mtd_oobtest: error @addr[0x0:0x5] 0xff -> 0x8a diff 0x75 [ 7042.010294] mtd_oobtest: error @addr[0x0:0x6] 0xff -> 0x20 diff 0xdf [ 7042.016659] mtd_oobtest: error @addr[0x0:0x7] 0xff -> 0x1 diff 0xfe [ 7042.022935] mtd_oobtest: error @addr[0x0:0x8] 0xff -> 0x2e diff 0xd1 [ 7042.029295] mtd_oobtest: error @addr[0x0:0x9] 0xff -> 0x40 diff 0xbf [ 7042.035661] mtd_oobtest: error @addr[0x0:0xa] 0xff -> 0x0 diff 0xff [ 7042.041935] mtd_oobtest: error @addr[0x0:0xb] 0xff -> 0x89 diff 0x76 [ 7042.048300] mtd_oobtest: error @addr[0x0:0xc] 0xff -> 0x82 diff 0x7d [ 7042.054662] mtd_oobtest: error @addr[0x0:0xd] 0xff -> 0x15 diff 0xea [ 7042.061014] mtd_oobtest: error @addr[0x0:0xe] 0xff -> 0x90 diff 0x6f [ 7042.067380] mtd_oobtest: error @addr[0x0:0xf] 0xff -> 0x0 diff 0xff .... [ 7432.421369] mtd_oobtest: error @addr[0x237800:0x36] 0xff -> 0x5f diff 0xa0 [ 7432.428242] mtd_oobtest: error @addr[0x237800:0x37] 0xff -> 0x21 diff 0xde [ 7432.435118] mtd_oobtest: error: verify failed at 0x237800 [ 7432.440510] mtd_oobtest: error: too many errors [ 7432.445053] mtd_oobtest: error -1 occurred The above errors are due to the buggy logic in the 'read cache' available in airoha_snand_dirmap_read() routine since there are some corner cases where we are missing data updates. Since we do not get any read/write speed improvement using the cache (according to the mtd_speedtest kernel module test), in order to fix the mtd_oobtest test, remove the 'read cache' in airoha_snand_dirmap_read routine. Now the driver is passing all the tests available in mtd_test suite. Fixes: a403997c1201 ("spi: airoha: add SPI-NAND Flash controller driver") Tested-by: Christian Marangi Signed-off-by: Lorenzo Bianconi Link: https://patch.msgid.link/20240919-airoha-spi-fixes-v2-1-cb0f0ed9920a@kernel.org Signed-off-by: Mark Brown commit 65f666c6203600053478ce8e34a1db269a8701c9 Author: Ming Lei Date: Thu Sep 19 10:17:09 2024 +0800 lib/sbitmap: define swap_lock as raw_spinlock_t When called from sbitmap_queue_get(), sbitmap_deferred_clear() may be run with preempt disabled. In RT kernel, spin_lock() can sleep, then warning of "BUG: sleeping function called from invalid context" can be triggered. Fix it by replacing it with raw_spin_lock. Cc: Yang Yang Fixes: 72d04bdcf3f7 ("sbitmap: fix io hung due to race on sbitmap_word::cleared") Signed-off-by: Ming Lei Reviewed-by: Yang Yang Link: https://lore.kernel.org/r/20240919021709.511329-1-ming.lei@redhat.com Signed-off-by: Jens Axboe commit 9ba5dcc722de4390a1d3211b2ee3c864f84f5461 Author: Dr. David Alan Gilbert Date: Fri Sep 20 01:48:17 2024 +0100 block: Remove unused blk_limits_io_{min,opt} blk_limits_io_min and blk_limits_io_opt are unused since the recent commit 0a94a469a4f0 ("dm: stop using blk_limits_io_{min,opt}") Remove them. Signed-off-by: Dr. David Alan Gilbert Link: https://lore.kernel.org/r/20240920004817.676216-1-linux@treblig.org Signed-off-by: Jens Axboe commit eed138d67d99312f07ed3bc326903b6808885571 Author: Jens Axboe Date: Thu Sep 19 23:38:01 2024 -0600 io_uring: improve request linking trace Right now any link trace is listed as being linked after the head request in the chain, but it's more useful to note explicitly which request a given new request is chained to. Change the link trace to dump the tail request so that chains are immediately apparent when looking at traces. Signed-off-by: Jens Axboe commit baeb9a7d8b60b021d907127509c44507539c15e5 Merge: 2004cef11ea072 2638e4e6b18233 Author: Linus Torvalds Date: Fri Sep 20 06:04:27 2024 +0200 Merge tag 'sched-rt-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull RT enablement from Thomas Gleixner: "Enable PREEMPT_RT on supported architectures: After twenty years of development we finally reached the point to enable PREEMPT_RT support in the mainline kernel. All prerequisites are merged, so enable it on the supported architectures ARM64, RISCV and X86(32/64-bit)" * tag 'sched-rt-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: riscv: Allow to enable PREEMPT_RT. arm64: Allow to enable PREEMPT_RT. x86: Allow to enable PREEMPT_RT. commit cc6d281fcc7319babc6dde8f95a8b7feb1eeffd0 Author: Thomas Weißschuh Date: Sun Sep 8 15:26:00 2024 +0200 kbuild: remove append operation on cmd_ld_ko_o The append operation was introduced in commit b1a1a1a09b46 ("kbuild: lto: postpone objtool") when the command was created from two parts. In commit 850ded46c642 ("kbuild: Fix TRIM_UNUSED_KSYMS with LTO_CLANG") however the first part was removed again, making the append operation unnecessary. To keep this command definition aligned with all other command definitions, remove the append again. Signed-off-by: Thomas Weißschuh Signed-off-by: Masahiro Yamada commit 95573cac25c6b11f02d599d18e9a1c778706e838 Author: Masahiro Yamada Date: Sun Sep 8 21:43:21 2024 +0900 kconfig: cache expression values Cache expression values to avoid recalculating them repeatedly. Signed-off-by: Masahiro Yamada commit f93d6bfbd2f74d79041c153a59df5336f6e9a14a Author: Masahiro Yamada Date: Sun Sep 8 21:43:20 2024 +0900 kconfig: use hash table to reuse expressions Currently, every expression in Kconfig files produces a new abstract syntax tree (AST), even if it is identical to a previously encountered one. Consider the following code: config FOO bool "FOO" depends on (A || B) && C config BAR bool "BAR" depends on (A || B) && C config BAZ bool "BAZ" depends on A || B The "depends on" lines are similar, but currently a separate AST is allocated for each one. The current data structure looks like this: FOO->dep ==> AND BAR->dep ==> AND BAZ->dep ==> OR / \ / \ / \ OR C OR C A B / \ / \ A B A B This is redundant; FOO->dep and BAR->dep have identical ASTs but different memory instances. We can optimize this; FOO->dep and BAR->dep can share the same AST, and BAZ->dep can reference its sub tree. The optimized data structure looks like this: FOO->dep, BAR->dep ==> AND / \ BAZ->dep ==> OR C / \ A B This commit introduces a hash table to keep track of allocated expressions. If an identical expression is found, it is reused. This does not necessarily result in memory savings, as menu_finalize() transforms expressions without freeing up stale ones. This will be addressed later. One optimization that can be easily implemented is caching the expression's value. Once FOO's dependency, (A || B) && C, is calculated, it can be cached, eliminating the need to recalculate it for BAR. This commit also reverts commit e983b7b17ad1 ("kconfig/menu.c: fix multiple references to expressions in menu_add_prop()"). Signed-off-by: Masahiro Yamada commit 440f67ccdcd31ca33d8d0439b16e4b6d4d7aba17 Author: Masahiro Yamada Date: Sun Sep 8 21:43:19 2024 +0900 kconfig: refactor expr_eliminate_dups() Currently, expr_eliminate_dups() passes two identical pointers down to expr_eliminate_dups1(), which later skips processing identical leaves. This approach is somewhat tricky and, more importantly, it will not work with the refactoring made in the next commit. This commit slightly changes the recursion logic; it deduplicates both the left and right arms, and then passes them to expr_eliminate_dups1(). expr_eliminate_dups() should produce the same result. Signed-off-by: Masahiro Yamada commit 4fa146eaecaee6301e8f5b104fe63b41afdf83e6 Author: Masahiro Yamada Date: Sun Sep 8 21:43:18 2024 +0900 kconfig: add comments to expression transformations Provide explanations for complex transformations. Signed-off-by: Masahiro Yamada commit d607e0e7a8d2ea6565f11064d28b0825a95748aa Author: Masahiro Yamada Date: Sun Sep 8 21:43:17 2024 +0900 kconfig: change some expr_*() functions to bool This clarifies the behavior of these functions. Signed-off-by: Masahiro Yamada commit a16219bdd34777cce35b9b6a704bfbaad28adb72 Author: Masahiro Yamada Date: Sun Sep 8 21:43:16 2024 +0900 scripts: move hash function from scripts/kconfig/ to scripts/include/ This function was originally added by commit 8af27e1dc4e4 ("fixdep: use hash table instead of a single array"). Move it to scripts/include/ so that other host programs can use it. Signed-off-by: Masahiro Yamada commit 9a418218dadf913fe78dbe6ad6b2e31e721b84ef Author: Masahiro Yamada Date: Sat Sep 7 17:53:23 2024 +0900 kallsyms: change overflow variable to bool type Change the 'overflow' variable to bool. Also, remove unnecessary parentheses. Signed-off-by: Masahiro Yamada commit 327df5bf540e1cde17ae35d5a043ece773c80ff6 Author: Masahiro Yamada Date: Sat Sep 7 17:53:22 2024 +0900 kallsyms: squash output_address() After commit 64e166099b69 ("kallsyms: get rid of code for absolute, kallsyms"), there is only one call site for output_address(). Squash it. Signed-off-by: Masahiro Yamada commit ae70d708c932e7bc08b6c1975e1a010ee0b4e272 Author: Kris Van Hees Date: Fri Sep 6 10:45:05 2024 -0400 kbuild: add install target for modules.builtin.ranges When CONFIG_BUILTIN_MODULE_RANGES is enabled, the modules.builtin.ranges file should be installed in the module install location. Signed-off-by: Kris Van Hees Reviewed-by: Nick Alcock Tested-by: Sam James Reviewed-by: Sami Tolvanen Tested-by: Sami Tolvanen Signed-off-by: Masahiro Yamada commit ac7bd0945e3db5253bd03bfc40e71afafb08d225 Author: Kris Van Hees Date: Fri Sep 6 10:45:04 2024 -0400 scripts: add verifier script for builtin module range data The modules.builtin.ranges offset range data for builtin modules is generated at compile time based on the list of built-in modules and the vmlinux.map and vmlinux.o.map linker maps. This data can be used to determine whether a symbol at a particular address belongs to module code that was configured to be compiled into the kernel proper as a built-in module (rather than as a standalone module). This patch adds a script that uses the generated modules.builtin.ranges data to annotate the symbols in the System.map with module names if their address falls within a range that belongs to one or more built-in modules. It then processes the vmlinux.map (and if needed, vmlinux.o.map) to verify the annotation: - For each top-level section: - For each object in the section: - Determine whether the object is part of a built-in module (using modules.builtin and the .*.cmd file used to compile the object as suggested in [0]) - For each symbol in that object, verify that the built-in module association (or lack thereof) matches the annotation given to the symbol. Signed-off-by: Kris Van Hees Reviewed-by: Nick Alcock Reviewed-by: Alan Maguire Tested-by: Sam James Reviewed-by: Sami Tolvanen Tested-by: Sami Tolvanen Signed-off-by: Masahiro Yamada commit 5f5e7344322f0b0676579af054c787ed57d1c1df Author: Kris Van Hees Date: Fri Sep 6 10:45:03 2024 -0400 kbuild: generate offset range data for builtin modules Create file module.builtin.ranges that can be used to find where built-in modules are located by their addresses. This will be useful for tracing tools to find what functions are for various built-in modules. The offset range data for builtin modules is generated using: - modules.builtin: associates object files with module names - vmlinux.map: provides load order of sections and offset of first member per section - vmlinux.o.map: provides offset of object file content per section - .*.cmd: build cmd file with KBUILD_MODFILE The generated data will look like: .text 00000000-00000000 = _text .text 0000baf0-0000cb10 amd_uncore .text 0009bd10-0009c8e0 iosf_mbi ... .text 00b9f080-00ba011a intel_skl_int3472_discrete .text 00ba0120-00ba03c0 intel_skl_int3472_discrete intel_skl_int3472_tps68470 .text 00ba03c0-00ba08d6 intel_skl_int3472_tps68470 ... .data 00000000-00000000 = _sdata .data 0000f020-0000f680 amd_uncore For each ELF section, it lists the offset of the first symbol. This can be used to determine the base address of the section at runtime. Next, it lists (in strict ascending order) offset ranges in that section that cover the symbols of one or more builtin modules. Multiple ranges can apply to a single module, and ranges can be shared between modules. The CONFIG_BUILTIN_MODULE_RANGES option controls whether offset range data is generated for kernel modules that are built into the kernel image. How it works: 1. The modules.builtin file is parsed to obtain a list of built-in module names and their associated object names (the .ko file that the module would be in if it were a loadable module, hereafter referred to as ). This object name can be used to identify objects in the kernel compile because any C or assembler code that ends up into a built-in module will have the option -DKBUILD_MODFILE= present in its build command, and those can be found in the ..cmd file in the kernel build tree. If an object is part of multiple modules, they will all be listed in the KBUILD_MODFILE option argument. This allows us to conclusively determine whether an object in the kernel build belong to any modules, and which. 2. The vmlinux.map is parsed next to determine the base address of each top level section so that all addresses into the section can be turned into offsets. This makes it possible to handle sections getting loaded at different addresses at system boot. We also determine an 'anchor' symbol at the beginning of each section to make it possible to calculate the true base address of a section at runtime (i.e. symbol address - symbol offset). We collect start addresses of sections that are included in the top level section. This is used when vmlinux is linked using vmlinux.o, because in that case, we need to look at the vmlinux.o linker map to know what object a symbol is found in. And finally, we process each symbol that is listed in vmlinux.map (or vmlinux.o.map) based on the following structure: vmlinux linked from vmlinux.a: vmlinux.map: -- might be same as top level section) -- built-in association known -- belongs to module(s) object belongs to ... vmlinux linked from vmlinux.o: vmlinux.map: -- might be same as top level section) vmlinux.o -- need to use vmlinux.o.map -- ignored ... vmlinux.o.map:
-- built-in association known -- belongs to module(s) object belongs to ... 3. As sections, objects, and symbols are processed, offset ranges are constructed in a straight-forward way: - If the symbol belongs to one or more built-in modules: - If we were working on the same module(s), extend the range to include this object - If we were working on another module(s), close that range, and start the new one - If the symbol does not belong to any built-in modules: - If we were working on a module(s) range, close that range Signed-off-by: Kris Van Hees Reviewed-by: Nick Alcock Reviewed-by: Alan Maguire Reviewed-by: Steven Rostedt (Google) Tested-by: Sam James Reviewed-by: Sami Tolvanen Tested-by: Sami Tolvanen Signed-off-by: Masahiro Yamada commit 8a23c9e1ba4642b60420e8caa75859883a509c24 Author: Paul Moore Date: Thu Sep 19 11:37:11 2024 -0400 selinux,smack: properly reference the LSM blob in security_watch_key() Unfortunately when we migrated the lifecycle management of the key LSM blob to the LSM framework we forgot to convert the security_watch_key() callbacks for SELinux and Smack. This patch corrects this by making use of the selinux_key() and smack_key() helper functions respectively. This patch also removes some input checking in the Smack callback as it is no longer needed. Fixes: 5f8d28f6d7d5 ("lsm: infrastructure management of the key security blob") Reported-by: syzbot+044fdf24e96093584232@syzkaller.appspotmail.com Tested-by: syzbot+044fdf24e96093584232@syzkaller.appspotmail.com Reviewed-by: Casey Schaufler Signed-off-by: Paul Moore commit 81e53c0da8f8b153e049036e5ca5ca20e811c0c8 Merge: 5dc07a20ac1c68 d0aac667f2e02f Author: Bjorn Helgaas Date: Thu Sep 19 14:25:34 2024 -0500 Merge branch 'pci/tools' - Remove .*.cmd files with make clean (zhang jiao) - Remove the unused BILLION macro (zhang jiao) * pci/tools: tools: PCI: Remove unused BILLION macro tools: PCI: Remove .*.cmd files with make clean commit 5dc07a20ac1c6882e191f821f9c75edde958224d Merge: ca5c65687e3e03 5c7bdac783be8d Author: Bjorn Helgaas Date: Thu Sep 19 14:25:34 2024 -0500 Merge branch 'pci/misc' - Check pcie_find_root_port() return in x86 fixups to avoid NULL pointer dereferences (Samasth Norway Ananda) - Make pci_bus_type constant (Kunwu Chan) - Remove unused declarations of __pci_pme_wakeup() and pci_vpd_release() (Yue Haibing) - Remove any leftover .*.cmd files with make clean (zhang jiao) * pci/misc: PCI: Fix typos PCI/VPD: Remove pci_vpd_release() unused declarations PCI/PM: Remove __pci_pme_wakeup() unused declarations PCI: Make pci_bus_type constant x86/PCI: Check pcie_find_root_port() return for NULL commit ca5c65687e3e0370623e9e5d4e1a2aab8ebe20fd Merge: bb78146c18ac67 2910306655a707 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:34 2024 -0500 Merge branch 'pci/quirks' - Add an ACS quirk for Qualcomm SA8775P, which doesn't advertise ACS but does provide ACS-like features (Subramanian Ananthanarayanan) - Mark Creative Labs EMU20k2 INTx masking as broken (Alex Williamson) * pci/quirks: PCI: Mark Creative Labs EMU20k2 INTx masking as broken PCI: Add ACS quirk for Qualcomm SA8775P commit bb78146c18ac67f22cabb2448b501bcac30f8801 Merge: 11e32bbe785854 6ac721795d7375 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:33 2024 -0500 Merge branch 'pci/controller/xilinx' - Fix off-by-one error in INTx IRQ handler that caused INTx interrupts to be lost or delivered as the wrong interrupt (Sean Anderson) - Rate-limit misc interrupt messages (Sean Anderson) - Turn off the clock on probe failure and device removal (Sean Anderson) - Add DT binding and driver support for enabling/disabling PHYs (Sean Anderson) - Add PCIe phy bindings for the ZCU102 (Sean Anderson) - Add support for Xilinx QDMA Soft IP PCIe Root Port Bridge to DT binding and xilinx-dma-pl driver (Thippeswamy Havalige) * pci/controller/xilinx: PCI: xilinx-xdma: Add Xilinx QDMA Root Port driver dt-bindings: PCI: xilinx-xdma: Add schemas for Xilinx QDMA PCIe Root Port Bridge arm64: zynqmp: Add PCIe phys property for ZCU102 PCI: xilinx-nwl: Add PHY support dt-bindings: pci: xilinx-nwl: Add phys property PCI: xilinx-nwl: Clean up clock on probe failure/removal PCI: xilinx-nwl: Rate-limit misc interrupt messages PCI: xilinx-nwl: Fix register misspelling PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler commit 11e32bbe785854f2d9911c65ee2377e6395a62ff Merge: 187b811570db74 4654cf52cbd07c Author: Bjorn Helgaas Date: Thu Sep 19 14:25:33 2024 -0500 Merge branch 'pci/controller/vmd' - Fix whitespace indentation issues (Riyan Dhiman) * pci/controller/vmd: PCI: vmd: Fix indentation issue in vmd_shutdown() commit 187b811570db7476da902ac68f7c1e163e071db8 Merge: 45e981b86df3fa 05a01639b8f5fa Author: Bjorn Helgaas Date: Thu Sep 19 14:25:33 2024 -0500 Merge branch 'pci/controller/rcar-gen4' - Make the read-only const array 'check_addr' static (Colin Ian King) - Add R-Car V4M (R8A779H0) PCIe host and endpoint to DT binding (Yoshihiro Shimoda) * pci/controller/rcar-gen4: dt-bindings: PCI: rcar-gen4-pci-ep: Add R-Car V4M compatible dt-bindings: PCI: rcar-gen4-pci-host: Add R-Car V4M compatible PCI: rcar-gen4: Make read-only const array check_addr static commit 45e981b86df3fa04ac581b8a462be6f32453bf53 Merge: 1bcf23315491a2 0cca961a026177 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:32 2024 -0500 Merge branch 'pci/controller/qcom' - Drop endpoint redundant masking of global IRQ events (Manivannan Sadhasivam) - Clarify unknown global IRQ message and only log it once to avoid a flood (Manivannan Sadhasivam) - Add Manivannan Sadhasivam as maintainer of qcom endpoint driver (Manivannan Sadhasivam) - Add 'linux,pci-domain' property to endpoint DT binding (Manivannan Sadhasivam) - Assign PCI domain number for endpoint controllers (Manivannan Sadhasivam) - Add 'qcom_pcie_ep' and the PCI domain number to IRQ names for endpoint controller (Manivannan Sadhasivam) - Add global SPI interrupt for PCIe link events to DT binding (Manivannan Sadhasivam) - Add global RC interrupt handler to handle 'Link up' events and automatically enumerate hot-added devices (Manivannan Sadhasivam) - Avoid mirroring of DBI and iATU register space so it doesn't overlap BAR MMIO space (Prudhvi Yarlagadda) - Enable controller resources like PHY only after PERST# is deasserted to partially avoid the problem that the endpoint SoC crashes when accessing things when Refclk is absent (Manivannan Sadhasivam) - Rename dw_pcie.link_gen to max_link_speed to avoid ambiguity (Manivannan Sadhasivam) - Cache maximum link speed value in dw_pcie.max_link_speed for use by vendor drivers (Manivannan Sadhasivam) - Add 16.0 GT/s equalization and RX lane margining settings (Shashank Babu Chinta Venkata) - Pass domain number to pci_bus_release_domain_nr() explicitly to avoid a NULL pointer dereference (Manivannan Sadhasivam) * pci/controller/qcom: PCI: Pass domain number to pci_bus_release_domain_nr() explicitly PCI: qcom: Add RX lane margining settings for 16.0 GT/s PCI: qcom: Add equalization settings for 16.0 GT/s PCI: dwc: Always cache the maximum link speed value in dw_pcie::max_link_speed PCI: dwc: Rename 'dw_pcie::link_gen' to 'dw_pcie::max_link_speed' PCI: qcom-ep: Enable controller resources like PHY only after refclk is available PCI: qcom: Disable mirroring of DBI and iATU register space in BAR region PCI: qcom: Enumerate endpoints based on Link up event in 'global_irq' interrupt dt-bindings: PCI: qcom,pcie-sm8450: Add 'global' interrupt PCI: qcom-ep: Modify 'global_irq' and 'perst_irq' IRQ device names PCI: endpoint: Assign PCI domain number for endpoint controllers dt-bindings: PCI: pci-ep: Document 'linux,pci-domain' property dt-bindings: PCI: pci-ep: Update Maintainers PCI: qcom-ep: Reword the error message for receiving unknown global IRQ event PCI: qcom-ep: Drop the redundant masking of global IRQ events commit 1bcf23315491a2e9e29fb6130cfc48bab0a4124e Merge: 487ce3e500b054 f6ab898356dd70 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:32 2024 -0500 Merge branch 'pci/controller/mediatek-gen3' - Add per-SoC struct mtk_gen3_pcie_pdata to support multiple SoC types (Lorenzo Bianconi) - Use reset_bulk APIs to manage PHY reset lines (Lorenzo Bianconi) - Add DT and driver support for Airoha EN7581 PCIe controller (Lorenzo Bianconi) * pci/controller/mediatek-gen3: PCI: mediatek-gen3: Add Airoha EN7581 support PCI: mediatek-gen3: Rely on reset_bulk APIs for PHY reset lines PCI: mediatek-gen3: Add mtk_gen3_pcie_pdata data structure dt-bindings: PCI: mediatek-gen3: Add support for Airoha EN7581 commit 487ce3e500b0549b824deb86b48513ec23f23658 Merge: 97b9d65e77e038 dd9d80408b7d60 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:31 2024 -0500 Merge branch 'pci/controller/mediatek' - Drop excess mtk_pcie.mem kerneldoc description (Bjorn Helgaas) * pci/controller/mediatek: PCI: mediatek: Drop excess mtk_pcie.mem kerneldoc description commit 97b9d65e77e0381deab63a9004ddb2e1f792af48 Merge: af649194407275 1f35a0c74e441e Author: Bjorn Helgaas Date: Thu Sep 19 14:25:31 2024 -0500 Merge branch 'pci/controller/loongson' - Increase max PCI hosts to 8 for Loongson-3C6000 and newer chipsets (Huacai Chen) * pci/controller/loongson: PCI/ACPI: Increase Loongson max PCI hosts to 8 commit af6491944072755032c4b2f3a96bbced4148e9c9 Merge: e5f8d1c75b29b6 c500a86693a126 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:31 2024 -0500 Merge branch 'pci/controller/kirin' - Fix potential buffer overflow in kirin_pcie_parse_port() (Alexandra Diupina) * pci/controller/kirin: PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() commit e5f8d1c75b29b65e29aed7599130fc709b93c84d Merge: d1624da381cb1d 6188a1c762eb9b Author: Bjorn Helgaas Date: Thu Sep 19 14:25:31 2024 -0500 Merge branch 'pci/controller/keystone' - Fix NULL pointer checking when applying MRRS limitation quirk for AM65x SR 1.0 Errata #i2037 (Dan Carpenter) * pci/controller/keystone: PCI: keystone: Fix if-statement expression in ks_pcie_quirk() commit d1624da381cb1d9c877e631ec07ee10cb3664bbb Merge: f8ca62bff229d5 c538d40f365b5b Author: Bjorn Helgaas Date: Thu Sep 19 14:25:30 2024 -0500 Merge branch 'pci/controller/j721e' - Add DT "ti,syscon-acspcie-proxy-ctrl" and driver support to enable the ACSPCIE module to drive Refclk for the Endpoint (Siddharth Vadapalli) - Extract the cadence link setup from cdns_pcie_host_setup() so link setup can be done separately during resume (Thomas Richard) - Use dev_err_probe() to simplify j721e probe (Thomas Richard) - Add T_PERST_CLK_US definition for the mandatory delay between Refclk becoming stable and PERST# being deasserted (Thomas Richard) - Add j721e suspend and resume support (Théo Lebrun) * pci/controller/j721e: PCI: j721e: Add suspend and resume support PCI: j721e: Use T_PERST_CLK_US macro PCI: Add T_PERST_CLK_US macro PCI: j721e: Add reset GPIO to struct j721e_pcie PCI: j721e: Use dev_err_probe() in the probe() function PCI: cadence: Set cdns_pcie_host_init() global PCI: cadence: Extract link setup sequence from cdns_pcie_host_setup() PCI: j721e: Enable ACSPCIE Refclk if "ti,syscon-acspcie-proxy-ctrl" exists dt-bindings: PCI: ti,j721e-pci-host: Add ACSPCIE proxy control property commit f8ca62bff229d5afbbfe275d0931357a9ec04f55 Merge: 5ec58799e83226 c2699778e6be47 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:30 2024 -0500 Merge branch 'pci/controller/imx6' - Fix a code restructuring error that caused i.MX8MM and i.MX8MP Endpoints to fail to establish link (Richard Zhu) - Fix i.MX8MP Endpoint occasional failure to trigger MSI by enforcing outbound alignment requirement (Richard Zhu) - Call phy_power_off() in the .probe() error path (Frank Li) - Rename internal names from imx6_* to imx_* since i.MX7/8/9 are also supported (Frank Li) - Manage Refclk by using SoC-specific callbacks instead of switch statements (Frank Li) - Manage core reset by using SoC-specific callbacks instead of switch statements (Frank Li) - Expand comments for erratum ERR010728 workaround (Frank Li) - Use generic PHY APIs to configure mode, speed, and submode, which is harmless for devices that implement their own internal PHY management and don't set the generic imx_pcie->phy (Frank Li) - Add i.MX8Q (i.MX8QM, i.MX8QXP, and i.MX8DXL) DT binding and driver Root Complex support (Richard Zhu) * pci/controller/imx6: PCI: imx6: Add i.MX8Q PCIe Root Complex (RC) support PCI: imx6: Call common PHY API to set mode, speed, and submode dt-bindings: PCI: imx6q-pcie: Add i.MX8Q PCIe compatible string PCI: imx6: Consolidate redundant if-checks PCI: imx6: Improve comment for workaround ERR010728 PCI: imx6: Simplify switch-case logic by involve core_reset callback PCI: imx6: Introduce SoC specific callbacks for controlling REFCLK PCI: imx6: Rename imx6_* with imx_* PCI: imx6: Fix missing call to phy_power_off() in error handling PCI: imx6: Fix i.MX8MP PCIe EP's occasional failure to trigger MSI PCI: imx6: Fix establish link failure in EP mode for i.MX8MM and i.MX8MP commit 5ec58799e8322639ee8686dd73f9668ead2d9e35 Merge: da71957c8b8bab 4d60f6d4b8fa4d Author: Bjorn Helgaas Date: Thu Sep 19 14:25:30 2024 -0500 Merge branch 'pci/controller/dra7xx' - Request IRQF_ONESHOT for 'dra7xx-pcie-main' IRQ since the primary handler is NULL (Siddharth Vadapalli) - Handle IRQ request errors during root port and endpoint probe (Siddharth Vadapalli) * pci/controller/dra7xx: PCI: dra7xx: Fix error handling when IRQ request fails in probe PCI: dra7xx: Fix threaded IRQ request for "dra7xx-pcie-main" IRQ commit da71957c8b8bab6e6c8b2f1c97846066f6a03f1b Merge: b893f8ea38c530 c3d95aa93fd854 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:29 2024 -0500 Merge branch 'pci/controller/cadence' - Drop excess cdns_pcie_rc.dev kerneldoc description (Bjorn Helgaas) * pci/controller/cadence: PCI: cadence: Drop excess cdns_pcie_rc.dev kerneldoc description commit b893f8ea38c530c2c8a337c3429f9f37e6bf65e8 Merge: 37b35d4d2ce228 2a0091f9419cb6 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:29 2024 -0500 Merge branch 'pci/controller/brcmstb' - Change DT binding maintainer to Jim Quinlan (Jim Quinlan) - Add DT binding maxItems for reset controllers (Jim Quinlan) - Refactor .probe() error handling (Jim Quinlan) - Use the 'bridge' reset method if described in the DT (Jim Quinlan) - Use the 'swinit' reset method if described in the DT (Jim Quinlan) - Add SoC-specific HARD_DEBUG, INTR2_CPU_BASE register offsets (Jim Quinlan) - Drop unused RGR1_SW_INIT_1_INIT_MASK, RGR1_SW_INIT_1_INIT_SHIFT offsets (Jim Quinlan) - Add 'has_phy' so the existence of a 'rescal' reset controller doesn't imply software control of it (Jim Quinlan) - Add support for many inbound DMA windows (Jim Quinlan) - Check return values of all reset_control_*() calls (Jim Quinlan) - Rename SoC 'type' to 'soc_base' express the fact that SoCs come in families of multiple similar devices (Jim Quinlan) - Add Broadcom 7712 DT description and driver support (Jim Quinlan) - Sort enums, pcie_offsets[], pcie_cfg_data, .compatible strings for maintainability (Bjorn Helgaas) * pci/controller/brcmstb: PCI: brcmstb: Sort enums, pcie_offsets[], pcie_cfg_data, .compatible strings PCI: brcmstb: Enable 7712 SoCs PCI: brcmstb: Change field name from 'type' to 'soc_base' PCI: brcmstb: Check return value of all reset_control_* calls PCI: brcmstb: Refactor for chips with many regular inbound windows PCI: brcmstb: Don't conflate the reset rescal with PHY ctrl PCI: brcmstb: Remove two unused constants from driver PCI: brcmstb: PCI: brcmstb: Make HARD_DEBUG, INTR2_CPU_BASE offsets SoC-specific PCI: brcmstb: Use swinit reset if available PCI: brcmstb: Use bridge reset if available PCI: brcmstb: Use common error handling code in brcm_pcie_probe() dt-bindings: PCI: brcm,stb-pcie: Add 7712 SoC description dt-bindings: PCI: brcm,stb-pcie: Use maxItems for reset controllers dt-bindings: PCI: brcm,stb-pcie: Change brcmstb maintainer and cleanup commit 37b35d4d2ce228e650b338d5289425264c40f381 Merge: f045bc60d5078a 8745aaab60a63f Author: Bjorn Helgaas Date: Thu Sep 19 14:25:29 2024 -0500 Merge branch 'pci/controller/altera' - Replace TLP_REQ_ID() with macro PCI_DEVID(), which does the same thing and is what other drivers use (Jinjie Ruan) * pci/controller/altera: PCI: altera: Replace TLP_REQ_ID() with macro PCI_DEVID() commit f045bc60d5078a851edeca6db50eda65c0b034da Merge: 94d6a3a0601f7e abd9b9d94bc604 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:28 2024 -0500 Merge branch 'pci/controller/affinity' - Add MSI_FLAG_NO_AFFINITY flag for devices that mux MSIs onto a single IRQ line and cannot set the affinity of each MSI to a specific CPU core (Marek Vasut) - Use MSI_FLAG_NO_AFFINITY and remove unnecessary .irq_set_affinity() implementations in aardvark, altera, brcmstb, dwc, mediatek-gen3, mediatek, mobiveil, plda, rcar, tegra, vmd, xilinx-nwl, xilinx-xdma, and xilinx drivers to avoid "IRQ: set affinity failed" warnings (Marek Vasut) * pci/controller/affinity: PCI: xilinx: Silence 'set affinity failed' warning PCI: xilinx-xdma: Silence 'set affinity failed' warning PCI: xilinx-nwl: Silence 'set affinity failed' warning PCI: vmd: Silence 'set affinity failed' warning PCI: tegra: Silence 'set affinity failed' warning PCI: rcar-host: Silence 'set affinity failed' warning PCI: plda: Silence 'set affinity failed' warning PCI: mobiveil: Silence 'set affinity failed' warning PCI: mediatek: Silence 'set affinity failed' warning PCI: mediatek-gen3: Silence 'set affinity failed' warning PCI: dwc: Silence 'set affinity failed' warning PCI: brcmstb: Silence 'set affinity failed' warning PCI: altera-msi: Silence 'set affinity failed' warning PCI: aardvark: Silence 'set affinity failed' warning genirq/msi: Silence 'set affinity failed' warning commit 94d6a3a0601f7e931a31cf67f2adf9a1c3312d19 Merge: 207bcb73fb0884 7cb9b5fa218caa Author: Bjorn Helgaas Date: Thu Sep 19 14:25:28 2024 -0500 Merge branch 'pci/controller/endpoint' - Fix enum pci_epc_bar_type kerneldoc (Bjorn Helgaas) * pci/controller/endpoint: PCI: endpoint: Fix enum pci_epc_bar_type kerneldoc commit 207bcb73fb08841e242fa1d66e1d0381836da562 Merge: ed072e447e112f 3cd3b49989fef8 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:28 2024 -0500 Merge branch 'pci/dt-bindings' - Drop minItems and maxItems from ranges in PCI generic host binding since host bridges may have several MMIO and I/O port apertures (Frank Li) - Add kirin, rcar-gen2, uniphier DT binding top-level constraints for clocks (Krzysztof Kozlowski) - Replace layerscape-pcie DT binding compatible fsl,lx2160a-pcie with fsl,lx2160ar2-pcie (Frank Li) - Add layerscape-pcie DT binding deprecated 'num-viewport' property to address a DT checker warning (Frank Li) - Change layerscape-pcie DT binding 'fsl,pcie-scfg' to phandle-array (Frank Li) - Update qcom,pcie-sc7280 DT binding with eight interrupts (Rayyan Ansari) - Convert altera DT bindings from text to YAML (Matthew Gerlach) - Add imx6q-pcie 'dbi2' and 'atu' reg-names for i.MX8M Endpoints (Richard Zhu) - Add back qcom 'vddpe-3v3-supply', which was incorrectly removed earlier (Johan Hovold) * pci/dt-bindings: dt-bindings: PCI: qcom: Allow 'vddpe-3v3-supply' again dt-bindings: PCI: imx6q-pcie: Add reg-name "dbi2" and "atu" for i.MX8M PCIe Endpoint dt-bindings: PCI: altera: msi: Convert to YAML dt-bindings: PCI: altera: Convert to YAML dt-bindings: PCI: qcom,pcie-sc7280: Update bindings adding eight interrupts dt-bindings: PCI: layerscape-pci: Change property 'fsl,pcie-scfg' type dt-bindings: PCI: layerscape-pci: Add deprecated property 'num-viewport' dt-bindings: PCI: layerscape-pci: Replace fsl,lx2160a-pcie with fsl,lx2160ar2-pcie dt-bindings: PCI: socionext,uniphier-pcie-ep: Add top-level constraints dt-bindings: PCI: renesas,pci-rcar-gen2: Add top-level constraints dt-bindings: PCI: hisilicon,kirin-pcie: Add top-level constraints dt-bindings: PCI: host-generic-pci: Drop minItems and maxItems of ranges commit ed072e447e112f6a6f84e7cc4fc9a1f6e1e653ac Merge: f2a3ce1597b3e1 265baca69a0735 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:27 2024 -0500 Merge branch 'pci/sysfs' - Add ARCH_PCI_DEV_GROUPS so s390 can add its own attribute_groups without having to stomp on the core's pdev->dev.groups (Lukas Wunner) * pci/sysfs: s390/pci: Stop usurping pdev->dev.groups commit f2a3ce1597b3e1aec96458f80c6cda31a3542b79 Merge: d774674f349274 3e40aa29d47e23 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:27 2024 -0500 Merge branch 'pci/reset' - Wait for each level of downstream bus, not just the first, to become accessible before restoring devices on that bus (Ilpo Järvinen) * pci/reset: PCI: Wait for Link before restoring Downstream Buses commit d774674f3492740503a3cd3f5da131d088202f1b Merge: 9d4f1c0747e293 0da59840f10141 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:27 2024 -0500 Merge branch 'pci/pwrctl' - Add pwrctl support for ATH11K inside the WCN6855 package (Konrad Dybcio) * pci/pwrctl: PCI/pwrctl: Add WCN6855 support commit 9d4f1c0747e2937c830d135a460d727002caed3d Merge: e642aa6b38762a 759ec28242894f Author: Bjorn Helgaas Date: Thu Sep 19 14:25:26 2024 -0500 Merge branch 'pci/npem' - Initialize leds class earlier (with an unfortunate Makefile ordering change) so the PCI NPEM driver can use it (Mariusz Tkaczyk) - Add Native PCIe Enclosure Management (NPEM) support for sysfs control of NVMe RAID storage indicators (ok/fail/locate/rebuild/etc) (Mariusz Tkaczyk) - Add support for the ACPI _DSM PCIe SSD status LED management, which is functionally similar to NPEM but mediated by platform firmware (Mariusz Tkaczyk) * pci/npem: PCI/NPEM: Add _DSM PCIe SSD status LED management PCI/NPEM: Add Native PCIe Enclosure Management support leds: Init leds class earlier commit e642aa6b38762a2af3a7e0c5e6dac5841c15dea0 Merge: 15a724aa435072 9246b487ab3c3b Author: Bjorn Helgaas Date: Thu Sep 19 14:25:26 2024 -0500 Merge branch 'pci/iommu' - Add function 0 DMA alias quirk for Glenfly Arise audio function, which uses the function 0 Requester ID (WangYuli) * pci/iommu: PCI: Add function 0 DMA alias quirk for Glenfly Arise chip commit 15a724aa435072b722749f55e65a787888466ee2 Merge: dffe4cca2e36e5 87d5403378cccc Author: Bjorn Helgaas Date: Thu Sep 19 14:25:26 2024 -0500 Merge branch 'pci/hotplug' - Remove unnecessary hpc_ops struct from shpchp (ngn) - Check for PCI_POSSIBLE_ERROR(), not 0xffffffff, in cpqphp (weiyufeng) * pci/hotplug: PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads PCI: shpchp: Remove hpc_ops commit dffe4cca2e36e5a546fccf3f39a444731887ba9a Merge: dceed69701ac2a 59100eb248c0b1 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:25 2024 -0500 Merge branch 'pci/enumeration' - Clear LBMS bit after a manual link retrain so we don't try to retrain a link when there's no downstream device anymore (Maciej W. Rozycki) - Revert to the original link speed after retraining fails instead of leaving it restricted to 2.5GT/s, so a future device has a chance to use higher speeds (Maciej W. Rozycki) - Correct interpretation of pcie_retrain_link() return status and update it to return 0/errno instead of true/false (Maciej W. Rozycki) * pci/enumeration: PCI: Use an error code with PCIe failed link retraining PCI: Correct error reporting with PCIe failed link retraining PCI: Revert to the original speed after PCIe failed link retraining PCI: Clear the LBMS bit after a link retrain commit dceed69701ac2ac357c062117a3f201096c4bdab Merge: 59b748cd62e4b1 2eb20b96d7696d Author: Bjorn Helgaas Date: Thu Sep 19 14:25:25 2024 -0500 Merge branch 'pci/devres' - Export pcim_request_region(), a managed counterpart of pci_request_region(), for use by drivers (Philipp Stanner) - Request the PCI BAR used by xboxvideo (Philipp Stanner) - Export pcim_iomap_region() and deprecate pcim_iomap_regions() (Philipp Stanner) - Request and map drm/ast BARs with pcim_iomap_region() (Philipp Stanner) * pci/devres: drm/ast: Request PCI BAR with devres PCI: Deprecate pcim_iomap_regions() in favor of pcim_iomap_region() drm/vboxvideo: Add PCI region request PCI: Make pcim_request_region() a public function commit 59b748cd62e4b1af6fb4992ce9d07b4f4c2189b3 Merge: 1a3465598e7501 87f10faf166a91 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:24 2024 -0500 Merge branch 'pci/crs' - Wait for device readiness after reset by polling Vendor ID and looking for Configuration RRS instead of polling the Command register and looking for non-error completions (Bjorn Helgaas) - Fix an aardvark issue with emulating Configuration RRS for two-byte reads of Vendor ID; previously it only worked for four-byte reads (Bjorn Helgaas) - Rename CRS Completion Status to RRS to match spec usage (Bjorn Helgaas) * pci/crs: PCI: Rename CRS Completion Status to RRS PCI: aardvark: Correct Configuration RRS checking PCI: Wait for device readiness with Configuration RRS commit 1a3465598e7501aa51a4088cd9b77627b821b33b Merge: 8400291e289ee6 3ee1a6b5d78f07 Author: Bjorn Helgaas Date: Thu Sep 19 14:25:24 2024 -0500 Merge branch 'pci/aer' - Use PCI_DEVID() macro in aer_inject() instead of open-coding it (Jinjie Ruan) * pci/aer: PCI/AER: Use PCI_DEVID() macro in aer_inject() commit 5c7bdac783be8dcba1427460e7971445f839a5e2 Author: Bjorn Helgaas Date: Thu Mar 14 14:54:46 2024 -0500 PCI: Fix typos Fix typos. Signed-off-by: Bjorn Helgaas commit 04beb6e0e08c30c6f845f50afb7d7953603d7a6f Author: Jens Axboe Date: Wed Sep 18 11:58:19 2024 -0600 io_uring: check for presence of task_work rather than TIF_NOTIFY_SIGNAL If some part of the kernel adds task_work that needs executing, in terms of signaling it'll generally use TWA_SIGNAL or TWA_RESUME. Those two directly translate to TIF_NOTIFY_SIGNAL or TIF_NOTIFY_RESUME, and can be used for a variety of use case outside of task_work. However, io_cqring_wait_schedule() only tests explicitly for TIF_NOTIFY_SIGNAL. This means it can miss if task_work got added for the task, but used a different kind of signaling mechanism (or none at all). Normally this doesn't matter as any task_work will be run once the task exits to userspace, except if: 1) The ring is setup with DEFER_TASKRUN 2) The local work item may generate normal task_work For condition 2, this can happen when closing a file and it's the final put of that file, for example. This can cause stalls where a task is waiting to make progress inside io_cqring_wait(), but there's nothing else that will wake it up. Hence change the "should we schedule or loop around" check to check for the presence of task_work explicitly, rather than just TIF_NOTIFY_SIGNAL as the mechanism. While in there, also change the ordering of what type of task_work first in terms of ordering, to both make it consistent with other task_work runs in io_uring, but also to better handle the case of defer task_work generating normal task_work, like in the above example. Reported-by: Jan Hendrik Farr Link: https://github.com/axboe/liburing/issues/1235 Cc: stable@vger.kernel.org Fixes: 846072f16eed ("io_uring: mimimise io_cqring_wait_schedule") Signed-off-by: Jens Axboe commit 01e709aeaf913a4d0e04f9957d399cf6fc3b5455 Author: Ricardo Rivera-Matos Date: Thu Sep 19 15:16:52 2024 +0000 ASoC: cs35l45: Corrects cs35l45_get_clk_freq_id function data type Changes cs35l45_get_clk_freq_id() function data type from unsigned int to int. This function is returns a positive index value if successful or a negative error code if unsuccessful. Functionally there should be no difference as long as the unsigned int return is interpreted as an int, however it should be corrected for readability. Signed-off-by: Ricardo Rivera-Matos Link: https://patch.msgid.link/20240919151654.197337-1-rriveram@opensource.cirrus.com Signed-off-by: Mark Brown commit 2004cef11ea072838f99bd95cefa5c8e45df0847 Merge: 509d2cd12a10d0 bc9057da1a220f Author: Linus Torvalds Date: Thu Sep 19 15:55:58 2024 +0200 Merge tag 'sched-core-2024-09-19' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull scheduler updates from Ingo Molnar: - Implement the SCHED_DEADLINE server infrastructure - Daniel Bristot de Oliveira's last major contribution to the kernel: "SCHED_DEADLINE servers can help fixing starvation issues of low priority tasks (e.g., SCHED_OTHER) when higher priority tasks monopolize CPU cycles. Today we have RT Throttling; DEADLINE servers should be able to replace and improve that." (Daniel Bristot de Oliveira, Peter Zijlstra, Joel Fernandes, Youssef Esmat, Huang Shijie) - Preparatory changes for sched_ext integration: - Use set_next_task(.first) where required - Fix up set_next_task() implementations - Clean up DL server vs. core sched - Split up put_prev_task_balance() - Rework pick_next_task() - Combine the last put_prev_task() and the first set_next_task() - Rework dl_server - Add put_prev_task(.next) (Peter Zijlstra, with a fix by Tejun Heo) - Complete the EEVDF transition and refine EEVDF scheduling: - Implement delayed dequeue - Allow shorter slices to wakeup-preempt - Use sched_attr::sched_runtime to set request/slice suggestion - Document the new feature flags - Remove unused and duplicate-functionality fields - Simplify & unify pick_next_task_fair() - Misc debuggability enhancements (Peter Zijlstra, with fixes/cleanups by Dietmar Eggemann, Valentin Schneider and Chuyi Zhou) - Initialize the vruntime of a new task when it is first enqueued, resulting in significant decrease in latency of newly woken tasks (Zhang Qiao) - Introduce SM_IDLE and an idle re-entry fast-path in __schedule() (K Prateek Nayak, Peter Zijlstra) - Clean up and clarify the usage of Clean up usage of rt_task() (Qais Yousef) - Preempt SCHED_IDLE entities in strict cgroup hierarchies (Tianchen Ding) - Clarify the documentation of time units for deadline scheduler parameters (Christian Loehle) - Remove the HZ_BW chicken-bit feature flag introduced a year ago, the original change seems to be working fine (Phil Auld) - Misc fixes and cleanups (Chen Yu, Dan Carpenter, Huang Shijie, Peilin He, Qais Yousefm and Vincent Guittot) * tag 'sched-core-2024-09-19' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (64 commits) sched/cpufreq: Use NSEC_PER_MSEC for deadline task cpufreq/cppc: Use NSEC_PER_MSEC for deadline task sched/deadline: Clarify nanoseconds in uapi sched/deadline: Convert schedtool example to chrt sched/debug: Fix the runnable tasks output sched: Fix sched_delayed vs sched_core kernel/sched: Fix util_est accounting for DELAY_DEQUEUE kthread: Fix task state in kthread worker if being frozen sched/pelt: Use rq_clock_task() for hw_pressure sched/fair: Move effective_cpu_util() and effective_cpu_util() in fair.c sched/core: Introduce SM_IDLE and an idle re-entry fast-path in __schedule() sched: Add put_prev_task(.next) sched: Rework dl_server sched: Combine the last put_prev_task() and the first set_next_task() sched: Rework pick_next_task() sched: Split up put_prev_task_balance() sched: Clean up DL server vs core sched sched: Fixup set_next_task() implementations sched: Use set_next_task(.first) where required sched/fair: Properly deactivate sched_delayed task upon class change ... commit b5109b60ee4fcb2f2bb24f589575e10cc5283ad4 Author: Kaixin Wang Date: Sun Sep 15 22:40:46 2024 +0800 net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition In the ether3_probe function, a timer is initialized with a callback function ether3_ledoff, bound to &prev(dev)->timer. Once the timer is started, there is a risk of a race condition if the module or device is removed, triggering the ether3_remove function to perform cleanup. The sequence of operations that may lead to a UAF bug is as follows: CPU0 CPU1 | ether3_ledoff ether3_remove | free_netdev(dev); | put_devic | kfree(dev); | | ether3_outw(priv(dev)->regs.config2 |= CFG2_CTRLO, REG_CONFIG2); | // use dev Fix it by ensuring that the timer is canceled before proceeding with the cleanup in ether3_remove. Fixes: 6fd9c53f7186 ("net: seeq: Convert timers to use timer_setup()") Signed-off-by: Kaixin Wang Link: https://patch.msgid.link/20240915144045.451-1-kxwang23@m.fudan.edu.cn Signed-off-by: Paolo Abeni commit 49f5ee951f11f4d6a124f00f71b2590507811a55 Author: Baojun Xu Date: Thu Sep 19 15:57:43 2024 +0800 ALSA: hda/tas2781: Add new quirk for Lenovo Y990 Laptop Add new vendor_id and subsystem_id in quirk for Lenovo Y990 Laptop. Signed-off-by: Baojun Xu Cc: Link: https://patch.msgid.link/20240919075743.259-1-baojun.xu@ti.com Signed-off-by: Takashi Iwai commit 509d2cd12a10d057fdf72f565b930f9a81140d59 Merge: 7f52bb9de57dc1 2749749afa071f Author: Linus Torvalds Date: Thu Sep 19 13:09:19 2024 +0200 Merge tag 'Smack-for-6.12' of https://github.com/cschaufler/smack-next Pull smack updates from Casey Schaufler: "Two patches: one is a simple indentation correction, the other corrects a potentially rcu unsafe pointer assignment" * tag 'Smack-for-6.12' of https://github.com/cschaufler/smack-next: smackfs: Use rcu_assign_pointer() to ensure safe assignment in smk_set_cipso security: smack: Fix indentation in smack_netfilter.c commit 9c778fe48d20ef362047e3376dee56d77f8500d4 Author: Eric Dumazet Date: Fri Sep 13 17:06:15 2024 +0000 netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on the four reserved tcp bits (th->res1) Use skb_put_zero() to clear the whole TCP header, as done in nf_reject_ip_tcphdr_put() BUG: KMSAN: uninit-value in nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255 nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255 nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344 nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48 expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline] nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288 nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook include/linux/netfilter.h:269 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310 __netif_receive_skb_one_core net/core/dev.c:5661 [inline] __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5775 process_backlog+0x4ad/0xa50 net/core/dev.c:6108 __napi_poll+0xe7/0x980 net/core/dev.c:6772 napi_poll net/core/dev.c:6841 [inline] net_rx_action+0xa5a/0x19b0 net/core/dev.c:6963 handle_softirqs+0x1ce/0x800 kernel/softirq.c:554 __do_softirq+0x14/0x1a kernel/softirq.c:588 do_softirq+0x9a/0x100 kernel/softirq.c:455 __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:382 local_bh_enable include/linux/bottom_half.h:33 [inline] rcu_read_unlock_bh include/linux/rcupdate.h:908 [inline] __dev_queue_xmit+0x2692/0x5610 net/core/dev.c:4450 dev_queue_xmit include/linux/netdevice.h:3105 [inline] neigh_resolve_output+0x9ca/0xae0 net/core/neighbour.c:1565 neigh_output include/net/neighbour.h:542 [inline] ip6_finish_output2+0x2347/0x2ba0 net/ipv6/ip6_output.c:141 __ip6_finish_output net/ipv6/ip6_output.c:215 [inline] ip6_finish_output+0xbb8/0x14b0 net/ipv6/ip6_output.c:226 NF_HOOK_COND include/linux/netfilter.h:303 [inline] ip6_output+0x356/0x620 net/ipv6/ip6_output.c:247 dst_output include/net/dst.h:450 [inline] NF_HOOK include/linux/netfilter.h:314 [inline] ip6_xmit+0x1ba6/0x25d0 net/ipv6/ip6_output.c:366 inet6_csk_xmit+0x442/0x530 net/ipv6/inet6_connection_sock.c:135 __tcp_transmit_skb+0x3b07/0x4880 net/ipv4/tcp_output.c:1466 tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline] tcp_connect+0x35b6/0x7130 net/ipv4/tcp_output.c:4143 tcp_v6_connect+0x1bcc/0x1e40 net/ipv6/tcp_ipv6.c:333 __inet_stream_connect+0x2ef/0x1730 net/ipv4/af_inet.c:679 inet_stream_connect+0x6a/0xd0 net/ipv4/af_inet.c:750 __sys_connect_file net/socket.c:2061 [inline] __sys_connect+0x606/0x690 net/socket.c:2078 __do_sys_connect net/socket.c:2088 [inline] __se_sys_connect net/socket.c:2085 [inline] __x64_sys_connect+0x91/0xe0 net/socket.c:2085 x64_sys_call+0x27a5/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:43 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was stored to memory at: nf_reject_ip6_tcphdr_put+0x60c/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:249 nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344 nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48 expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline] nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288 nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook include/linux/netfilter.h:269 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310 __netif_receive_skb_one_core net/core/dev.c:5661 [inline] __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5775 process_backlog+0x4ad/0xa50 net/core/dev.c:6108 __napi_poll+0xe7/0x980 net/core/dev.c:6772 napi_poll net/core/dev.c:6841 [inline] net_rx_action+0xa5a/0x19b0 net/core/dev.c:6963 handle_softirqs+0x1ce/0x800 kernel/softirq.c:554 __do_softirq+0x14/0x1a kernel/softirq.c:588 Uninit was stored to memory at: nf_reject_ip6_tcphdr_put+0x2ca/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:231 nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344 nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48 expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline] nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288 nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook include/linux/netfilter.h:269 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310 __netif_receive_skb_one_core net/core/dev.c:5661 [inline] __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5775 process_backlog+0x4ad/0xa50 net/core/dev.c:6108 __napi_poll+0xe7/0x980 net/core/dev.c:6772 napi_poll net/core/dev.c:6841 [inline] net_rx_action+0xa5a/0x19b0 net/core/dev.c:6963 handle_softirqs+0x1ce/0x800 kernel/softirq.c:554 __do_softirq+0x14/0x1a kernel/softirq.c:588 Uninit was created at: slab_post_alloc_hook mm/slub.c:3998 [inline] slab_alloc_node mm/slub.c:4041 [inline] kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4084 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:583 __alloc_skb+0x363/0x7b0 net/core/skbuff.c:674 alloc_skb include/linux/skbuff.h:1320 [inline] nf_send_reset6+0x98d/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:327 nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48 expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline] nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288 nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook include/linux/netfilter.h:269 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310 __netif_receive_skb_one_core net/core/dev.c:5661 [inline] __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5775 process_backlog+0x4ad/0xa50 net/core/dev.c:6108 __napi_poll+0xe7/0x980 net/core/dev.c:6772 napi_poll net/core/dev.c:6841 [inline] net_rx_action+0xa5a/0x19b0 net/core/dev.c:6963 handle_softirqs+0x1ce/0x800 kernel/softirq.c:554 __do_softirq+0x14/0x1a kernel/softirq.c:588 Fixes: c8d7b98bec43 ("netfilter: move nf_send_resetX() code to nf_reject_ipvX modules") Reported-by: syzbot Signed-off-by: Eric Dumazet Reviewed-by: Simon Horman Reviewed-by: Pablo Neira Ayuso Link: https://patch.msgid.link/20240913170615.3670897-1-edumazet@google.com Signed-off-by: Paolo Abeni commit 85109780543b5100aba1d0842b6a7c3142be74d2 Author: Tang Bin Date: Sat Sep 14 16:16:08 2024 +0800 ASoC: topology: Fix incorrect addressing assignments The variable 'kc' is handled in the function soc_tplg_control_dbytes_create(), and 'kc->private_value' is assigned to 'sbe', so In the function soc_tplg_dbytes_create(), the right 'sbe' should be 'kc.private_value', the same logical error in the function soc_tplg_dmixer_create(), thus fix them. Fixes: 0867278200f7 ("ASoC: topology: Unify code for creating standalone and widget bytes control") Fixes: 4654ca7cc8d6 ("ASoC: topology: Unify code for creating standalone and widget mixer control") Signed-off-by: Tang Bin Reviewed-by: Amadeusz Sławiński Link: https://patch.msgid.link/20240914081608.3514-1-tangbin@cmss.chinamobile.com Signed-off-by: Mark Brown commit 5a6caa2cfabb559309b5ce29ee7c8e9ce1a9a9df Author: Sean Anderson Date: Fri Sep 13 10:51:56 2024 -0400 net: xilinx: axienet: Fix packet counting axienet_free_tx_chain returns the number of DMA descriptors it's handled. However, axienet_tx_poll treats the return as the number of packets. When scatter-gather SKBs are enabled, a single packet may use multiple DMA descriptors, which causes incorrect packet counts. Fix this by explicitly keepting track of the number of packets processed as separate from the DMA descriptors. Budget does not affect the number of Tx completions we can process for NAPI, so we use the ring size as the limit instead of budget. As we no longer return the number of descriptors processed to axienet_tx_poll, we now update tx_bd_ci in axienet_free_tx_chain. Fixes: 8a3b7a252dca ("drivers/net/ethernet/xilinx: added Xilinx AXI Ethernet driver") Signed-off-by: Sean Anderson Link: https://patch.msgid.link/20240913145156.2283067-1-sean.anderson@linux.dev Signed-off-by: Paolo Abeni commit ba0da2dc934ec5ac32bbeecbd0670da16ba03565 Author: Sean Anderson Date: Fri Sep 13 10:57:11 2024 -0400 net: xilinx: axienet: Schedule NAPI in two steps As advised by Documentation/networking/napi.rst, masking IRQs after calling napi_schedule can be racy. Avoid this by only masking/scheduling if napi_schedule_prep returns true. Fixes: 9e2bc267e780 ("net: axienet: Use NAPI for TX completion path") Fixes: cc37610caaf8 ("net: axienet: implement NAPI and GRO receive") Signed-off-by: Sean Anderson Reviewed-by: Shannon Nelson Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240913145711.2284295-1-sean.anderson@linux.dev Signed-off-by: Paolo Abeni commit 7f52bb9de57dc1851a83e20e53491ad8df321e4e Merge: 839c4f596f898e e03ad65cea610b Author: Linus Torvalds Date: Thu Sep 19 12:52:23 2024 +0200 Merge tag 'i2c-for-6.11-final-but-missed-it' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux Pull i2c fixes from Wolfram Sang: "The Aspeed driver tracks the controller's state (stop, pending, start, etc.). Previously, when the stop command was sent, the state was not updated. The fix ensures the driver's state is aligned with the device status. The Intel SCH driver receives a new look, and among the cleanups, there is a fix where, due to an oversight, an if/else statement was missing the else, causing it to move forward instead of exiting the function in case of an error. The Qualcomm GENI I2C driver adds the IRQF_NO_AUTOEN flag to the IRQ setup to prevent unwanted interrupts during probe. The Xilinx XPS controller fixes TX FIFO handling to avoid missed NAKs. Another fix ensures the controller is reinitialized when the bus appears busy" * tag 'i2c-for-6.11-final-but-missed-it' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() i2c: isch: Add missed 'else' i2c: xiic: Try re-initialization on bus busy timeout i2c: xiic: Wait for TX empty to avoid missed TX NAKs i2c: aspeed: Update the stop sw state when the bus recovery occurs commit 3b577de206d52dbde9428664b6d823d35a803d75 Author: Jinjie Ruan Date: Fri Sep 6 10:12:51 2024 +0800 spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time It's important to undo pm_runtime_use_autosuspend() with pm_runtime_dont_use_autosuspend() at driver exit time unless driver initially enabled pm_runtime with devm_pm_runtime_enable() (which handles it for you). Hence, call pm_runtime_dont_use_autosuspend() at driver exit time to fix it. Fixes: 944c01a889d9 ("spi: lpspi: enable runtime pm for lpspi") Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240906021251.610462-1-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 438efb23f9581659495b85f1f6c7d5946200660c Author: Jinjie Ruan Date: Fri Sep 6 10:39:56 2024 +0800 spi: atmel-quadspi: Undo runtime PM changes at driver exit time It's important to undo pm_runtime_use_autosuspend() with pm_runtime_dont_use_autosuspend() at driver exit time unless driver initially enabled pm_runtime with devm_pm_runtime_enable() (which handles it for you). Hence, call pm_runtime_dont_use_autosuspend() at driver exit time to fix it. Fixes: 4a2f83b7f780 ("spi: atmel-quadspi: add runtime pm support") Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240906023956.1004440-1-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 194ef9d0de9021df4a0ba8b112f91e56adaddd22 Author: Vladimir Oltean Date: Fri Sep 13 15:12:30 2024 +0300 net: phy: aquantia: fix -ETIMEDOUT PHY probe failure when firmware not present The author of the blamed commit apparently did not notice something about aqr_wait_reset_complete(): it polls the exact same register - MDIO_MMD_VEND1:VEND1_GLOBAL_FW_ID - as aqr_firmware_load(). Thus, the entire logic after the introduction of aqr_wait_reset_complete() is now completely side-stepped, because if aqr_wait_reset_complete() succeeds, MDIO_MMD_VEND1:VEND1_GLOBAL_FW_ID could have only been a non-zero value. The handling of the case where the register reads as 0 is dead code, due to the previous -ETIMEDOUT having stopped execution and returning a fatal error to the caller. We never attempt to load new firmware if no firmware is present. Based on static code analysis, I guess we should simply introduce a switch/case statement based on the return code from aqr_wait_reset_complete(), to determine whether to load firmware or not. I am not intending to change the procedure through which the driver determines whether to load firmware or not, as I am unaware of alternative possibilities. At the same time, Russell King suggests that if aqr_wait_reset_complete() is expected to return -ETIMEDOUT as part of normal operation and not just catastrophic failure, the use of phy_read_mmd_poll_timeout() is improper, since that has an embedded print inside. Just open-code a call to read_poll_timeout() to avoid printing -ETIMEDOUT, but continue printing actual read errors from the MDIO bus. Fixes: ad649a1fac37 ("net: phy: aquantia: wait for FW reset before checking the vendor ID") Reported-by: Clark Wang Reported-by: Jon Hunter Closes: https://lore.kernel.org/netdev/8ac00a45-ac61-41b4-9f74-d18157b8b6bf@nvidia.com/ Reported-by: Hans-Frieder Vogt Closes: https://lore.kernel.org/netdev/c7c1a3ae-be97-4929-8d89-04c8aa870209@gmx.net/ Signed-off-by: Vladimir Oltean Tested-by: Bartosz Golaszewski Tested-by: Hans-Frieder Vogt Link: https://patch.msgid.link/20240913121230.2620122-1-vladimir.oltean@nxp.com Signed-off-by: Paolo Abeni commit 839c4f596f898edc424070dc8b517381572f8502 Merge: a1d1eb2f57501b 22af8caff7d1ca Author: Linus Torvalds Date: Thu Sep 19 11:35:31 2024 +0200 Merge tag 'mm-hotfixes-stable-2024-09-19-00-31' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull misc hotfixes from Andrew Morton: "12 hotfixes, 11 of which are cc:stable. Four fixes for longstanding ocfs2 issues and the remainder address random MM things" * tag 'mm-hotfixes-stable-2024-09-19-00-31' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: mm/madvise: process_madvise() drop capability check if same mm mm/huge_memory: ensure huge_zero_folio won't have large_rmappable flag set mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway mm: change vmf_anon_prepare() to __vmf_anon_prepare() resource: fix region_intersects() vs add_memory_driver_managed() zsmalloc: use unique zsmalloc caches names mm/damon/vaddr: protect vma traversal in __damon_va_thre_regions() with rcu read lock mm: vmscan.c: fix OOM on swap stress test ocfs2: cancel dqi_sync_work before freeing oinfo ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate ocfs2: remove unreasonable unlock in ocfs2_read_blocks ocfs2: fix null-ptr-deref when journal load failed. commit a1d1eb2f57501b2e7e2076ce89b3f3a666ddbfdd Merge: 726e2d0cf2bbc1 cff06a799dbe81 Author: Linus Torvalds Date: Thu Sep 19 11:28:51 2024 +0200 Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi Pull SCSI updates from James Bottomley: "Updates to the usual drivers (ufs, smartpqi, NCR5380, mac_scsi, lpfc, mpi3mr). There are no user visible core changes and a whole series of minor updates and fixes. The largest core change is probably the simplification of the workqueue allocation path" * tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: (86 commits) scsi: smartpqi: update driver version to 2.1.30-031 scsi: smartpqi: fix volume size updates scsi: smartpqi: fix rare system hang during LUN reset scsi: smartpqi: add new controller PCI IDs scsi: smartpqi: add counter for parity write stream requests scsi: smartpqi: correct stream detection scsi: smartpqi: Add fw log to kdump scsi: bnx2fc: Remove some unused fields in struct bnx2fc_rport scsi: qla2xxx: Remove the unused 'del_list_entry' field in struct fc_port scsi: ufs: core: Remove ufshcd_urgent_bkops() scsi: core: Remove obsoleted declaration for scsi_driverbyte_string() scsi: bnx2i: Remove unused declarations scsi: core: Simplify an alloc_workqueue() invocation scsi: ufs: Simplify alloc*_workqueue() invocation scsi: stex: Simplify an alloc_ordered_workqueue() invocation scsi: scsi_transport_fc: Simplify alloc_workqueue() invocations scsi: snic: Simplify alloc_workqueue() invocations scsi: qedi: Simplify an alloc_workqueue() invocation scsi: qedf: Simplify alloc_workqueue() invocations scsi: myrs: Simplify an alloc_ordered_workqueue() invocation ... commit 726e2d0cf2bbc14e3bf38491cddda1a56fe18663 Merge: de848da12f7521 a5fb217f13f74b Author: Linus Torvalds Date: Thu Sep 19 11:12:49 2024 +0200 Merge tag 'dma-mapping-6.12-2024-09-19' of git://git.infradead.org/users/hch/dma-mapping Pull dma-mapping updates from Christoph Hellwig: - support DMA zones for arm64 systems where memory starts at > 4GB (Baruch Siach, Catalin Marinas) - support direct calls into dma-iommu and thus obsolete dma_map_ops for many common configurations (Leon Romanovsky) - add DMA-API tracing (Sean Anderson) - remove the not very useful return value from various dma_set_* APIs (Christoph Hellwig) - misc cleanups and minor optimizations (Chen Y, Yosry Ahmed, Christoph Hellwig) * tag 'dma-mapping-6.12-2024-09-19' of git://git.infradead.org/users/hch/dma-mapping: dma-mapping: reflow dma_supported dma-mapping: reliably inform about DMA support for IOMMU dma-mapping: add tracing for dma-mapping API calls dma-mapping: use IOMMU DMA calls for common alloc/free page calls dma-direct: optimize page freeing when it is not addressable dma-mapping: clearly mark DMA ops as an architecture feature vdpa_sim: don't select DMA_OPS arm64: mm: keep low RAM dma zone dma-mapping: don't return errors from dma_set_max_seg_size dma-mapping: don't return errors from dma_set_seg_boundary dma-mapping: don't return errors from dma_set_min_align_mask scsi: check that busses support the DMA API before setting dma parameters arm64: mm: fix DMA zone when dma-ranges is missing dma-mapping: direct calls for dma-iommu dma-mapping: call ->unmap_page and ->unmap_sg unconditionally arm64: support DMA zone above 4GB dma-mapping: replace zone_dma_bits by zone_dma_limit dma-mapping: use bit masking to check VM_DMA_COHERENT commit d4cdc46ca16a5c78b36c5b9b6ad8cac09d6130a0 Author: Ben Hutchings Date: Thu Sep 12 01:01:21 2024 +0200 wifi: iwlegacy: Fix "field-spanning write" warning in il_enqueue_hcmd() iwlegacy uses command buffers with a payload size of 320 bytes (default) or 4092 bytes (huge). The struct il_device_cmd type describes the default buffers and there is no separate type describing the huge buffers. The il_enqueue_hcmd() function works with both default and huge buffers, and has a memcpy() to the buffer payload. The size of this copy may exceed 320 bytes when using a huge buffer, which now results in a run-time warning: memcpy: detected field-spanning write (size 1014) of single field "&out_cmd->cmd.payload" at drivers/net/wireless/intel/iwlegacy/common.c:3170 (size 320) To fix this: - Define a new struct type for huge buffers, with a correctly sized payload field - When using a huge buffer in il_enqueue_hcmd(), cast the command buffer pointer to that type when looking up the payload field Reported-by: Martin-Éric Racine References: https://bugs.debian.org/1062421 References: https://bugzilla.kernel.org/show_bug.cgi?id=219124 Signed-off-by: Ben Hutchings Fixes: 54d9469bc515 ("fortify: Add run-time WARN for cross-field memcpy()") Tested-by: Martin-Éric Racine Tested-by: Brandon Nielsen Acked-by: Stanislaw Gruszka Signed-off-by: Kalle Valo Link: https://patch.msgid.link/ZuIhQRi/791vlUhE@decadent.org.uk commit 84e8d59651879b2ff8499bddbbc9549b7f1a646b Author: David Lawrence Glanzman Date: Tue Sep 17 00:44:08 2024 -0400 ASoC: amd: yc: Add quirk for HP Dragonfly pro one Adds a quirk entry to enable the mic on HP Dragonfly pro one laptop Signed-off-by: David Lawrence Glanzman Link: https://patch.msgid.link/1249c09bd6bf696b59d087a4f546ae397828656c.camel@yahoo.com Signed-off-by: Mark Brown commit de848da12f752170c2ebe114804a985314fd5a6a Merge: 176000734ee297 ae2c6d8b3b88c1 Author: Linus Torvalds Date: Thu Sep 19 10:18:15 2024 +0200 Merge tag 'drm-next-2024-09-19' of https://gitlab.freedesktop.org/drm/kernel Pull drm updates from Dave Airlie: "This adds a couple of patches outside the drm core, all should be acked appropriately, the string and pstore ones are the main ones that come to mind. Otherwise it's the usual drivers, xe is getting enabled by default on some new hardware, we've changed the device number handling to allow more devices, and we added some optional rust code to create QR codes in the panic handler, an idea first suggested I think 10 years ago :-) string: - add mem_is_zero() core: - support more device numbers - use XArray for minor ids - add backlight constants - Split dma fence array creation into alloc and arm fbdev: - remove usage of old fbdev hooks kms: - Add might_fault() to drm_modeset_lock priming - Add dynamic per-crtc vblank configuration support dma-buf: - docs cleanup buddy: - Add start address support for trim function printk: - pass description to kmsg_dump scheduler: - Remove full_recover from drm_sched_start ttm: - Make LRU walk restartable after dropping locks - Allow direct reclaim to allocate local memory panic: - add display QR code (in rust) displayport: - mst: GUID improvements bridge: - Silence error message on -EPROBE_DEFER - analogix: Clean aup - bridge-connector: Fix double free - lt6505: Disable interrupt when powered off - tc358767: Make default DP port preemphasis configurable - lt9611uxc: require DRM_BRIDGE_ATTACH_NO_CONNECTOR - anx7625: simplify OF array handling - dw-hdmi: simplify clock handling - lontium-lt8912b: fix mode validation - nwl-dsi: fix mode vsync/hsync polarity xe: - Enable LunarLake and Battlemage support - Introducing Xe2 ccs modifiers for integrated and discrete graphics - rename xe perf to xe observation - use wb caching on DGFX for system memory - add fence timeouts - Lunar Lake graphics/media/display workarounds - Battlemage workarounds - Battlemage GSC support - GSC and HuC fw updates for LL/BM - use dma_fence_chain_free - refactor hw engine lookup and mmio access - enable priority mem read for Xe2 - Add first GuC BMG fw - fix dma-resv lock - Fix DGFX display suspend/resume - Use xe_managed for kernel BOs - Use reserved copy engine for user binds on faulting devices - Allow mixing dma-fence jobs and long-running faulting jobs - fix media TLB invalidation - fix rpm in TTM swapout path - track resources and VF state by PF i915: - Type-C programming fix for MTL+ - FBC cleanup - Calc vblank delay more accurately - On DP MST, Enable LT fallback for UHBR<->non-UHBR rates - Fix DP LTTPR detection - limit relocations to INT_MAX - fix long hangs in buddy allocator on DG2/A380 amdgpu: - Per-queue reset support - SDMA devcoredump support - DCN 4.0.1 updates - GFX12/VCN4/JPEG4 updates - Convert vbios embedded EDID to drm_edid - GFX9.3/9.4 devcoredump support - process isolation framework for GFX 9.4.3/4 - take IOMMU mappings into account for P2P DMA amdkfd: - CRIU fixes - HMM fix - Enable process isolation support for GFX 9.4.3/4 - Allow users to target recommended SDMA engines - KFD support for targetting queues on recommended SDMA engines radeon: - remove .load and drm_dev_alloc - Fix vbios embedded EDID size handling - Convert vbios embedded EDID to drm_edid - Use GEM references instead of TTM - r100 cp init cleanup - Fix potential overflows in evergreen CS offset tracking msm: - DPU: - implement DP/PHY mapping on SC8180X - Enable writeback on SM8150, SC8180X, SM6125, SM6350 - DP: - Enable widebus on all relevant chipsets - MSM8998 HDMI support - GPU: - A642L speedbin support - A615/A306/A621 support - A7xx devcoredump support ast: - astdp: Support AST2600 with VGA - Clean up HPD - Fix timeout loop for DP link training - reorganize output code by type (VGA, DP, etc) - convert to struct drm_edid - fix BMC handling for all outputs exynos: - drop stale MAINTAINERS pattern - constify struct loongson: - use GEM refcount over TTM mgag200: - Improve BMC handling - Support VBLANK intterupts - transparently support BMC outputs nouveau: - Refactor and clean up internals - Use GEM refcount over TTM's gm12u320: - convert to struct drm_edid gma500: - update i2c terms lcdif: - pixel clock fix host1x: - fix syncpoint IRQ during resume - use iommu_paging_domain_alloc() imx: - ipuv3: convert to struct drm_edid omapdrm: - improve error handling - use common helper for_each_endpoint_of_node() panel: - add support for BOE TV101WUM-LL2 plus DT bindings - novatek-nt35950: improve error handling - nv3051d: improve error handling - panel-edp: - add support for BOE NE140WUM-N6G - revert support for SDC ATNA45AF01 - visionox-vtdr6130: - improve error handling - use devm_regulator_bulk_get_const() - boe-th101mb31ig002: - Support for starry-er88577 MIPI-DSI panel plus DT - Fix porch parameter - edp: Support AOU B116XTN02.3, AUO B116XAN06.1, AOU B116XAT04.1, BOE NV140WUM-N41, BOE NV133WUM-N63, BOE NV116WHM-A4D, CMN N116BCA-EA2, CMN N116BCP-EA2, CSW MNB601LS1-4 - himax-hx8394: Support Microchip AC40T08A MIPI Display panel plus DT - ilitek-ili9806e: Support Densitron DMT028VGHMCMI-1D TFT plus DT - jd9365da: - Support Melfas lmfbx101117480 MIPI-DSI panel plus DT - Refactor for code sharing - panel-edp: fix name for HKC MB116AN01 - jd9365da: fix "exit sleep" commands - jdi-fhd-r63452: simplify error handling with DSI multi-style helpers - mantix-mlaf057we51: simplify error handling with DSI multi-style helpers - simple: - support Innolux G070ACE-LH3 plus DT bindings - support On Tat Industrial Company KD50G21-40NT-A1 plus DT bindings - st7701: - decouple DSI and DRM code - add SPI support - support Anbernic RG28XX plus DT bindings mediatek: - support alpha blending - remove cl in struct cmdq_pkt - ovl adaptor fix - add power domain binding for mediatek DPI controller renesas: - rz-du: add support for RZ/G2UL plus DT bindings rockchip: - Improve DP sink-capability reporting - dw_hdmi: Support 4k@60Hz - vop: - Support RGB display on Rockchip RK3066 - Support 4096px width sti: - convert to struct drm_edid stm: - Avoid UAF wih managed plane and CRTC helpers - Fix module owner - Fix error handling in probe - Depend on COMMON_CLK - ltdc: - Fix transparency after disabling plane - Remove unused interrupt tegra: - gr3d: improve PM domain handling - convert to struct drm_edid - Call drm_atomic_helper_shutdown() vc4: - fix PM during detect - replace DRM_ERROR() with drm_error() - v3d: simplify clock retrieval v3d: - Clean up perfmon virtio: - add DRM capset" * tag 'drm-next-2024-09-19' of https://gitlab.freedesktop.org/drm/kernel: (1326 commits) drm/xe: Fix missing conversion to xe_display_pm_runtime_resume drm/xe/xe2hpg: Add Wa_15016589081 drm/xe: Don't keep stale pointer to bo->ggtt_node drm/xe: fix missing 'xe_vm_put' drm/xe: fix build warning with CONFIG_PM=n drm/xe: Suppress missing outer rpm protection warning drm/xe: prevent potential UAF in pf_provision_vf_ggtt() drm/amd/display: Add all planes on CRTC to state for overlay cursor drm/i915/bios: fix printk format width drm/i915/display: Fix BMG CCS modifiers drm/amdgpu: get rid of bogus includes of fdtable.h drm/amdkfd: CRIU fixes drm/amdgpu: fix a race in kfd_mem_export_dmabuf() drm: new helper: drm_gem_prime_handle_to_dmabuf() drm/amdgpu/atomfirmware: Silence UBSAN warning drm/amdgpu: Fix kdoc entry in 'amdgpu_vm_cpu_prepare' drm/amd/amdgpu: apply command submission parser for JPEG v1 drm/amd/amdgpu: apply command submission parser for JPEG v2+ drm/amd/pm: fix the pp_dpm_pcie issue on smu v14.0.2/3 drm/amd/pm: update the features set on smu v14.0.2/3 ... commit 583543760976a4ba111d5e2e1b2c6cfb665fcc45 Merge: 21d98d658f9e59 77514915b72c51 Author: Palmer Dabbelt Date: Thu Sep 19 01:10:44 2024 -0700 Merge patch series "riscv: Improve KASAN coverage to fix unit tests" Samuel Holland says: This series fixes two areas where uninstrumented assembly routines caused gaps in KASAN coverage on RISC-V, which were caught by KUnit tests. The KASAN KUnit test suite passes after applying this series. This series fixes the following test failures: # kasan_strings: EXPECTATION FAILED at mm/kasan/kasan_test.c:1520 KASAN failure expected in "kasan_int_result = strcmp(ptr, "2")", but none occurred # kasan_strings: EXPECTATION FAILED at mm/kasan/kasan_test.c:1524 KASAN failure expected in "kasan_int_result = strlen(ptr)", but none occurred not ok 60 kasan_strings # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1531 KASAN failure expected in "set_bit(nr, addr)", but none occurred # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1533 KASAN failure expected in "clear_bit(nr, addr)", but none occurred # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1535 KASAN failure expected in "clear_bit_unlock(nr, addr)", but none occurred # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1536 KASAN failure expected in "__clear_bit_unlock(nr, addr)", but none occurred # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1537 KASAN failure expected in "change_bit(nr, addr)", but none occurred # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1543 KASAN failure expected in "test_and_set_bit(nr, addr)", but none occurred # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1545 KASAN failure expected in "test_and_set_bit_lock(nr, addr)", but none occurred # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1546 KASAN failure expected in "test_and_clear_bit(nr, addr)", but none occurred # kasan_bitops_generic: EXPECTATION FAILED at mm/kasan/kasan_test.c:1548 KASAN failure expected in "test_and_change_bit(nr, addr)", but none occurred not ok 61 kasan_bitops_generic Samuel Holland (2): riscv: Omit optimized string routines when using KASAN riscv: Enable bitops instrumentation arch/riscv/include/asm/bitops.h | 43 ++++++++++++++++++--------------- arch/riscv/include/asm/string.h | 2 ++ arch/riscv/kernel/riscv_ksyms.c | 3 --- arch/riscv/lib/Makefile | 2 ++ arch/riscv/lib/strcmp.S | 1 + arch/riscv/lib/strlen.S | 1 + arch/riscv/lib/strncmp.S | 1 + arch/riscv/purgatory/Makefile | 2 ++ 8 files changed, 32 insertions(+), 23 deletions(-) * b4-shazam-merge: riscv: Enable bitops instrumentation riscv: Omit optimized string routines when using KASAN Link: https://lore.kernel.org/r/20240801033725.28816-1-samuel.holland@sifive.com Signed-off-by: Palmer Dabbelt commit ea7e2d5e49c05e5db1922387b09ca74aa40f46e2 Author: Shu Han Date: Tue Sep 17 17:41:04 2024 +0800 mm: call the security_mmap_file() LSM hook in remap_file_pages() The remap_file_pages syscall handler calls do_mmap() directly, which doesn't contain the LSM security check. And if the process has called personality(READ_IMPLIES_EXEC) before and remap_file_pages() is called for RW pages, this will actually result in remapping the pages to RWX, bypassing a W^X policy enforced by SELinux. So we should check prot by security_mmap_file LSM hook in the remap_file_pages syscall handler before do_mmap() is called. Otherwise, it potentially permits an attacker to bypass a W^X policy enforced by SELinux. The bypass is similar to CVE-2016-10044, which bypass the same thing via AIO and can be found in [1]. The PoC: $ cat > test.c int main(void) { size_t pagesz = sysconf(_SC_PAGE_SIZE); int mfd = syscall(SYS_memfd_create, "test", 0); const char *buf = mmap(NULL, 4 * pagesz, PROT_READ | PROT_WRITE, MAP_SHARED, mfd, 0); unsigned int old = syscall(SYS_personality, 0xffffffff); syscall(SYS_personality, READ_IMPLIES_EXEC | old); syscall(SYS_remap_file_pages, buf, pagesz, 0, 2, 0); syscall(SYS_personality, old); // show the RWX page exists even if W^X policy is enforced int fd = open("/proc/self/maps", O_RDONLY); unsigned char buf2[1024]; while (1) { int ret = read(fd, buf2, 1024); if (ret <= 0) break; write(1, buf2, ret); } close(fd); } $ gcc test.c -o test $ ./test | grep rwx 7f1836c34000-7f1836c35000 rwxs 00002000 00:01 2050 /memfd:test (deleted) Link: https://project-zero.issues.chromium.org/issues/42452389 [1] Cc: stable@vger.kernel.org Signed-off-by: Shu Han Acked-by: Stephen Smalley [PM: subject line tweaks] Signed-off-by: Paul Moore commit 77514915b72c51ebc1c30a67a54d4a90ca2a4a39 Author: Samuel Holland Date: Wed Jul 31 20:37:00 2024 -0700 riscv: Enable bitops instrumentation Instead of implementing the bitops functions directly in assembly, provide the arch_-prefixed versions and use the wrappers from asm-generic to add instrumentation. This improves KASAN coverage and fixes the kasan_bitops_generic() unit test. Signed-off-by: Samuel Holland Reviewed-by: Alexandre Ghiti Tested-by: Alexandre Ghiti Link: https://lore.kernel.org/r/20240801033725.28816-3-samuel.holland@sifive.com Signed-off-by: Palmer Dabbelt commit 58ff537109ac863d4ec83baf8413b17dcc10101c Author: Samuel Holland Date: Wed Jul 31 20:36:59 2024 -0700 riscv: Omit optimized string routines when using KASAN The optimized string routines are implemented in assembly, so they are not instrumented for use with KASAN. Fall back to the C version of the routines in order to improve KASAN coverage. This fixes the kasan_strings() unit test. Signed-off-by: Samuel Holland Reviewed-by: Alexandre Ghiti Tested-by: Alexandre Ghiti Link: https://lore.kernel.org/r/20240801033725.28816-2-samuel.holland@sifive.com Signed-off-by: Palmer Dabbelt commit 176000734ee2978121fde22a954eb1eabb204329 Merge: a65b3c3ed49a3b e5dd410acb34c7 Author: Linus Torvalds Date: Thu Sep 19 09:49:10 2024 +0200 Merge tag 'ata-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/libata/linux Pull ata updates from Damien Le Moal: - Convert the qcom AHCI controller DT bindings to DT schema (from Rayyan) - Cleanup of libata core and drivers code handling controller and device quirks to rename "blacklist" to the more neutral "quirk" and to replace the rarely used "horkage" term with the more common "quirk" naming (me) - Add libata-core message to print the quirks applied to a controller or device (me) - Remove the not-so-useful function ata_noop_qc_prep() from libata core (me) - ahci_imx driver cleanup, improvements and DT bindings compatible strings update (Richard and Dan) - libahci_platform improvements (Zhang) - Remove obsolete functions declarations from libata header files (from Gaosheng) - Improve teh ahci_brcm driver using managed device resources funetions (Zhang) - Introduce new helper function to improve libata EH code readability (Niklas) - Enable module autoloading for the pata_ftide010, pata_ixp4xx and sata_gemini drivers (Liao) - Move SATA related functions and data declaraions from libata-core to libata-sata (me) - Rename the function handling the sense data for successful NCQ commands log to better reflect that function actions (me) - Reduce libata memory usage by moving port resources to struct ata_device and by optimizing the management of resources for CDL capable devices (me) - Improve libata-eh handling of failed ATA passthrough commands (Niklas) * tag 'ata-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/libata/linux: (39 commits) ata: libata: Clear DID_TIME_OUT for ATA PT commands with sense data ata: libata: Fix W=1 compilation warning ata: libata: Improve CDL resource management ata: libata: Introduce ata_dev_free_resources ata: libata: Move sector_buf from struct ata_port to struct ata_device ata: libata: Rename ata_eh_read_sense_success_ncq_log() ata: libata: Move sata_std_hardreset() definition to libata-sata.c ata: libata: Move sata_down_spd_limit() to libata-sata.c ata: libata: Improve __ata_qc_complete() ata: libata-scsi: Improve ata_scsi_handle_link_detach() ata: libata: Cleanup libata-transport ata: sata_gemini: Enable module autoloading ata: pata_ixp4xx: Enable module autoloading ata: pata_ftide010: Enable module autoloading ata: libata: Add helper ata_eh_decide_disposition() ata: ahci_brcm: Use devm_platform_ioremap_resource_byname() helper function ata: libata: Remove obsolete function declarations ata: ahci_imx: Fix error code in probe() ata: libahci_platform: Simplify code with for_each_child_of_node_scoped() ata: ahci_imx: Correct the email address ... commit a65b3c3ed49a3b8068c002e98c90f8594927ff25 Merge: d5e65d1fb75ffb 0aa04373bca504 Author: Linus Torvalds Date: Thu Sep 19 09:42:21 2024 +0200 Merge tag 'hid-for-linus-2024091602' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid Pull HID updates from Jiri Kosina: - New HID over SPI driver for Goodix devices that don't follow Microsoft's HID-over-SPI specification, so a separate driver is needed. Currently supported device is GT7986U touchscreen (Charles Wang) - support for new hardware features in Wacom driver (high-res wheel scrolling, touchstrings with relative motions, support for two touchrings) (Jason Gerecke) - support for customized vendor firmware loading in intel-ish driver (Zhang Lixu) - fix for theoretical race condition in i2c-hid (Dmitry Torokhov) - support for HIDIOCREVOKE -- evdev's EVIOCREVOKE equivalent in hidraw (Peter Hutterer) - initial hidraw selftest implementation (Benjamin Tissoires) - constification of device-specific report descriptors (Thomas Weißschuh) - other small assorted fixes and device ID / quirk additions * tag 'hid-for-linus-2024091602' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid: (54 commits) hid: cp2112: Use irq_get_trigger_type() helper HID: i2c-hid: ensure various commands do not interfere with each other HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio HID: wacom: Do not warn about dropped packets for first packet HID: wacom: Support sequence numbers smaller than 16-bit HID: lg: constify fixed up report descriptor HID: uclogic: constify fixed up report descriptor HID: waltop: constify fixed up report descriptor HID: sony: constify fixed up report descriptor HID: pxrc: constify fixed up report descriptor HID: steelseries: constify fixed up report descriptor HID: viewsonic: constify fixed up report descriptor HID: vrc2: constify fixed up report descriptor HID: xiaomi: constify fixed up report descriptor HID: maltron: constify fixed up report descriptor HID: keytouch: constify fixed up report descriptor HID: holtek-kbd: constify fixed up report descriptor HID: dr: constify fixed up report descriptor HID: bigbenff: constify fixed up report descriptor HID: picoLCD: Use backlight power constants ... commit d5e65d1fb75ffbe3aba33de81a72752ace28295e Merge: 18aa0ddd4ca605 f168c000d27f81 Author: Linus Torvalds Date: Thu Sep 19 09:38:34 2024 +0200 Merge tag 'tpmdd-next-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd Pull tpm updates from Jarkko Sakkinen: "Just updates and fixes, no major changes" * tag 'tpmdd-next-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd: tpm: export tpm2_sessions_init() to fix ibmvtpm building tpm: Drop explicit initialization of struct i2c_device_id::driver_data to 0 selftests: tpm2: test_smoke: Run only when TPM2 is avaialable. MAINTAINERS: Add selftest files to TPM section tpm: Clean up TPM space after command failure commit efad7153bf93db8565128f7567aab1d23e221098 Author: Miklos Szeredi Date: Fri Sep 13 12:47:01 2024 +0200 fuse: allow O_PATH fd for FUSE_DEV_IOC_BACKING_OPEN Only f_path is used from backing files registered with FUSE_DEV_IOC_BACKING_OPEN, so it makes sense to allow O_PATH descriptors. O_PATH files have an empty f_op, so don't check read_iter/write_iter. Reviewed-by: Amir Goldstein Signed-off-by: Miklos Szeredi commit 18aa0ddd4ca60571516ba7e41157c3f746e2036a Merge: 84bbfe6b643565 64dce81f8c373c Author: Linus Torvalds Date: Thu Sep 19 09:33:44 2024 +0200 Merge tag 'for-linus-6.12-1' of https://github.com/cminyard/linux-ipmi Pull IPMI updates from Corey Minyard: "Some minor fixes and cleanups for IPMI. Nothing big. Handle a bogus BMC a little better, fix autoload on some systems, remove some deprecated interfaces from the docs" * tag 'for-linus-6.12-1' of https://github.com/cminyard/linux-ipmi: ipmi: docs: don't advertise deprecated sysfs entries ipmi:ssif: Improve detecting during probing ipmi: ipmi_ssif: fix module autoloading commit 84bbfe6b6435658132df2880258d34babe46d3e0 Merge: 2a17bb8c204f2b 837acb691c844d Author: Linus Torvalds Date: Thu Sep 19 09:16:04 2024 +0200 Merge tag 'platform-drivers-x86-v6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86 Pull x86 platform drivers updates from Hans de Goede: - asus-wmi: Add support for vivobook fan profiles - dell-laptop: Add knobs to change battery charge settings - lg-laptop: Add operation region support - intel-uncore-freq: Add support for efficiency latency control - intel/ifs: Add SBAF test support - intel/pmc: Ignore all LTRs during suspend - platform/surface: Support for arm64 based Surface devices - wmi: Pass event data directly to legacy notify handlers - x86/platform/geode: switch GPIO buttons and LEDs to software properties - bunch of small cleanups, fixes, hw-id additions, etc. * tag 'platform-drivers-x86-v6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86: (65 commits) MAINTAINERS: adjust file entry in INTEL MID PLATFORM platform/x86: x86-android-tablets: Adjust Xiaomi Pad 2 bottom bezel touch buttons LED platform/mellanox: mlxbf-pmc: fix lockdep warning platform/x86/amd: pmf: Add quirk for TUF Gaming A14 platform/x86: touchscreen_dmi: add nanote-next quirk platform/x86: asus-wmi: don't fail if platform_profile already registered platform/x86: asus-wmi: add debug print in more key places platform/x86: intel_scu_wdt: Move intel_scu_wdt.h to x86 subfolder platform/x86: intel_scu_ipc: Move intel_scu_ipc.h out of arch/x86/include/asm MAINTAINERS: Add Intel MID section platform/x86: panasonic-laptop: Add support for programmable buttons platform/olpc: Remove redundant null pointer checks in olpc_ec_setup_debugfs() platform/x86: intel/pmc: Ignore all LTRs during suspend platform/x86: wmi: Call both legacy and WMI driver notify handlers platform/x86: wmi: Merge get_event_data() with wmi_get_notify_data() platform/x86: wmi: Remove wmi_get_event_data() platform/x86: wmi: Pass event data directly to legacy notify handlers platform/x86: thinkpad_acpi: Fix uninitialized symbol 's' warning platform/x86: x86-android-tablets: Fix spelling in the comments platform/x86: ideapad-laptop: Make the scope_guard() clear of its scope ... commit 2a17bb8c204f2b6461524a1b52ace2dbe097eaf7 Merge: 19a519ca87b59a 0c36680c0e2d95 Author: Linus Torvalds Date: Thu Sep 19 08:38:51 2024 +0200 Merge tag 'devicetree-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux Pull devicetree updates from Rob Herring: "DT Bindings: - Drop duplicate devices in trivial-devices.yaml - Add a common serial peripheral device schema and reference it in serial device schemas. - Convert nxp,lpc1850-wdt, zii,rave-wdt, ti,davinci-wdt, snps,archs-pct, fsl,bcsr, fsl,fpga-qixis-i2c, fsl,fpga-qixis, fsl,cpm-enet, fsl,cpm-mdio, fsl,ucc-hdlc, maxim,ds26522, aspeed,ast2400-cvic, aspeed,ast2400-vic, fsl,ftm-timer, ti,davinci-timer, fsl,rcpm, and qcom,ebi2 to DT schema - Add support for rockchip,rk3576-wdt, qcom,apss-wdt-sa8255p, fsl,imx8qm-irqsteer, qcom,pm6150-vib, qcom,sa8255p-pdc, isil,isl69260, ti,tps546d24, and lpc32xx DMA mux - Drop duplicate nvidia,tegra186-ccplex-cluster.yaml and mediatek,mt6795-sys-clock.yaml - Add arm,gic ESPI and EPPI interrupt type specifiers - Add another batch of legacy compatible strings which we have no intention of documenting - Add dmas/dma-names properties to FSL lcdif - Fix wakeup-source reference to m8921-keypad.yaml - Treewide fixes of typos in bindings DT Core: - Update dtc/libfdt to upstream version v1.7.0-95-gbcd02b523429 - More conversions to scoped iterators and __free() initializer - Handle overflows in address resources on 32-bit systems - Extend extracting compatible strings in sources from function parameters - Use of_property_present() in DT unittest - Clean-up of_irq_to_resource() to use helpers - Support #msi-cells=<0> in of_msi_get_domain() - Improve the kerneldoc for of_property_match_string() - kselftest: Ignore nodes that have ancestors disabled" * tag 'devicetree-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux: (59 commits) dt-bindings: watchdog: Add rockchip,rk3576-wdt compatible dt-bindings: cpu: Drop duplicate nvidia,tegra186-ccplex-cluster.yaml dt-bindings: clock: mediatek: Drop duplicate mediatek,mt6795-sys-clock.yaml of/irq: Use helper to define resources of/irq: Make use of irq_get_trigger_type() dt-bindings: clk: vc5: Make SD/OE pin configuration properties not required drivers/of: Improve documentation for match_string of: property: Do some clean up with use of __free() dt-bindings: watchdog: qcom-wdt: document support on SA8255p dt-bindings: interrupt-controller: fsl,irqsteer: Document fsl,imx8qm-irqsteer dt-bindings: interrupt-controller: arm,gic: add ESPI and EPPI specifiers dt-bindings: dma: Add lpc32xx DMA mux binding dt-bindings: trivial-devices: Drop duplicate "maxim,max1237" dt-bindings: trivial-devices: Drop duplicate LM75 compatible devices dt-bindings: trivial-devices: Deprecate "ad,ad7414" dt-bindings: trivial-devices: Drop incorrect and duplicate at24 compatibles dt-bindings: wakeup-source: update reference to m8921-keypad.yaml dt-bindings: interrupt-controller: qcom-pdc: document support for SA8255p dt-bindings: Fix various typos of: address: Unify resource bounds overflow checking ... commit 19a519ca87b59a0031e1295674b1af0d6da83f70 Merge: 1d7bb2bf7ad8c9 c3dea3d54f4d39 Author: Linus Torvalds Date: Thu Sep 19 08:20:31 2024 +0200 Merge tag 'for-linus-6.12-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip Pull xen updates from Juergen Gross: - fix a boot problem as a Xen dom0 on some AMD systems - fix Xen PVH boot problems with KASAN enabled - fix for a build warning - fixes to swiotlb-xen * tag 'for-linus-6.12-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip: xen/swiotlb: fix allocated size xen/swiotlb: add alignment check for dma buffers xen/pci: Avoid -Wflex-array-member-not-at-end warning xen/xenbus: Convert to use ERR_CAST() xen, pvh: fix unbootable VMs by inlining memset() in xen_prepare_pvh() x86/cpu: fix unbootable VMs by inlining memcmp() in hypervisor_cpuid_base() xen, pvh: fix unbootable VMs (PVH + KASAN - AMD_MEM_ENCRYPT) xen: tolerate ACPI NVS memory overlapping with Xen allocated memory xen: allow mapping ACPI data using a different physical address xen: add capability to remap non-RAM pages to different PFNs xen: move max_pfn in xen_memory_setup() out of function scope xen: move checks for e820 conflicts further up xen: introduce generic helper checking for memory map conflicts xen: use correct end address of kernel for conflict checking commit 1d7bb2bf7ad8c95cd50e97a83461610385b5259d Merge: 3a7101e9b27fe9 94e86b174d103d Author: Linus Torvalds Date: Thu Sep 19 08:15:30 2024 +0200 Merge tag 'hyperv-next-signed-20240916' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux Pull Hyper-V updates from Wei Liu: - Optimize boot time by concurrent execution of hv_synic_init() (Saurabh Sengar) - Use helpers to read control registers in hv_snp_boot_ap() (Yosry Ahmed) - Add memory allocation check in hv_fcopy_start (Zhu Jun) * tag 'hyperv-next-signed-20240916' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux: tools/hv: Add memory allocation check in hv_fcopy_start x86/hyperv: use helpers to read control registers in hv_snp_boot_ap() Drivers: hv: vmbus: Optimize boot time by concurrent execution of hv_synic_init() commit 3a7101e9b27fe97240c2fd430c71e61262447dd1 Merge: 54450af662369e 39190ac7cff1fd Author: Linus Torvalds Date: Thu Sep 19 08:03:00 2024 +0200 Merge tag 'powerpc-6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux Pull powerpc updates from Michael Ellerman: - Reduce alignment constraints on STRICT_KERNEL_RWX and speed-up TLB misses on 8xx and 603 - Replace kretprobe code with rethook and enable fprobe - Remove the "fast endian switch" syscall - Handle DLPAR device tree updates in kernel, allowing the deprecation of the binary /proc/powerpc/ofdt interface Thanks to Abhishek Dubey, Alex Shi, Benjamin Gray, Christophe Leroy, Gaosheng Cui, Gautam Menghani, Geert Uytterhoeven, Haren Myneni, Hari Bathini, Huang Xiaojia, Jinjie Ruan, Madhavan Srinivasan, Miguel Ojeda, Mina Almasry, Narayana Murty N, Naveen Rao, Rob Herring (Arm), Scott Cheloha, Segher Boessenkool, Stephen Rothwell, Thomas Zimmermann, Uwe Kleine-König, Vaibhav Jain, and Zhang Zekun. * tag 'powerpc-6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux: (59 commits) powerpc/atomic: Use YZ constraints for DS-form instructions MAINTAINERS: powerpc: Add Maddy powerpc: Switch back to struct platform_driver::remove() powerpc/pseries/eeh: Fix pseries_eeh_err_inject selftests/powerpc: Allow building without static libc macintosh/via-pmu: register_pmu_pm_ops() can be __init powerpc: Stop using no_llseek powerpc/64s: Remove the "fast endian switch" syscall powerpc/mm/64s: Restrict THP to Radix or HPT w/64K pages powerpc/mm/64s: Move THP reqs into a separate symbol powerpc/64s: Make mmu_hash_ops __ro_after_init powerpc: Replace kretprobe code with rethook on powerpc powerpc: pseries: Constify struct kobj_type powerpc: powernv: Constify struct kobj_type powerpc: Constify struct kobj_type powerpc/pseries/dlpar: Add device tree nodes for DLPAR IO add powerpc/pseries/dlpar: Remove device tree node for DLPAR IO remove powerpc/pseries: Use correct data types from pseries_hp_errorlog struct powerpc/vdso: Inconditionally use CFUNC macro powerpc/32: Implement validation of emergency stack ... commit 54450af662369efbd4cb438ce7b553dfffa00f07 Merge: 932d2d1fcb2bbb 5d698966fa7b45 Author: Linus Torvalds Date: Thu Sep 19 07:43:13 2024 +0200 Merge tag 'parisc-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux Pull parisc architecture updates from Helge Deller: - On parisc we now use the generic clockevent framework for timekeeping - Although there is no 64-bit glibc/userspace for parisc yet, for testing purposes one can run statically linked 64-bit binaries. This patchset contains two patches which fix 64-bit userspace which has been broken since kernel 4.19 - Fix the userspace stack position and size when the ADDR_NO_RANDOMIZE personality is enabled - On other architectures mmap(MAP_GROWSDOWN | MAP_STACK) creates a downward-growing stack. On parisc mmap(MAP_STACK) is now sufficient to create an upward-growing stack * tag 'parisc-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux: parisc: Allow mmap(MAP_STACK) memory to automatically expand upwards parisc: Use PRIV_USER instead of hardcoded value parisc: Fix itlb miss handler for 64-bit programs parisc: Fix 64-bit userspace syscall path parisc: Fix stack start for ADDR_NO_RANDOMIZE personality parisc: Convert to generic clockevents parisc: pdc_stable: Constify struct kobj_type commit 932d2d1fcb2bbbc3cb30a762302a5d2eac7720bb Merge: 8751b21ad9dc33 652b0ae675fede Author: Linus Torvalds Date: Thu Sep 19 07:09:39 2024 +0200 Merge tag 'dlm-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/teigland/linux-dlm Pull dlm updates from David Teigland: - Remove some unnecesary hold/unhold rsb refcounting in cases where an existing refcount is known to exist - Remove some unnecessary checking for zero nodeids, which should never exist, and add some warning if they do - Make the slow freeing of structs in release_lockspace() async, run from a workqueue - Prior rcu freeing allows some further struct lookups to run without a lock - Use blocking kernel_connect on sockets to avoid EINPROGRESS * tag 'dlm-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/teigland/linux-dlm: dlm: add missing -ENOMEM if alloc_workqueue() fails dlm: do synchronized socket connect call dlm: move lkb xarray lookup out of lock dlm: move dlm_search_rsb_tree() out of lock dlm: use RSB_HASHED to avoid lookup twice dlm: async freeing of lockspace resources dlm: drop kobject release callback handling dlm: warn about invalid nodeid comparsions dlm: never return invalid nodeid by dlm_our_nodeid() dlm: remove unnecessary refcounts dlm: cleanup memory allocation helpers commit 8751b21ad9dc33f31dff20297dcae2063cbbcfc9 Merge: 4e0373f1f92081 90fa22da6d6b41 Author: Linus Torvalds Date: Thu Sep 19 07:03:55 2024 +0200 Merge tag 'xfs-6.12-merge-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux Pull xfs updates from Chandan Babu: "New code: - Introduce new ioctls to exchange contents of two files. The first ioctl does the preparation work to exchange the contents of two files while the second ioctl performs the actual exchange if the target file has not been changed since a given sampling point. Fixes: - Fix bugs associated with calculating the maximum range of realtime extents to scan for free space. - Copy keys instead of records when resizing the incore BMBT root block. - Do not report FITRIMming more bytes than possibly exist in the filesystem. - Modify xfs_fs.h to prevent C++ compilation errors. - Do not over eagerly free post-EOF speculative preallocation. - Ensure st_blocks never goes to zero during COW writes Cleanups/refactors: - Use Xarray to hold per-AG data instead of a Radix tree. - Cleanups to: - realtime bitmap - inode allocator - quota - inode rooted btree code" * tag 'xfs-6.12-merge-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: (61 commits) xfs: ensure st_blocks never goes to zero during COW writes xfs: use xas_for_each_marked in xfs_reclaim_inodes_count xfs: convert perag lookup to xarray xfs: simplify tagged perag iteration xfs: move the tagged perag lookup helpers to xfs_icache.c xfs: use kfree_rcu_mightsleep to free the perag structures xfs: use LIST_HEAD() to simplify code xfs: Remove duplicate xfs_trans_priv.h header xfs: remove unnecessary check xfs: Use xfs set and clear mp state helpers xfs: reclaim speculative preallocations for append only files xfs: simplify extent lookup in xfs_can_free_eofblocks xfs: check XFS_EOFBLOCKS_RELEASED earlier in xfs_release_eofblocks xfs: only free posteof blocks on first close xfs: don't free post-EOF blocks on read close xfs: skip all of xfs_file_release when shut down xfs: don't bother returning errors from xfs_file_release xfs: refactor f_op->release handling xfs: remove the i_mode check in xfs_release xfs: standardize the btree maxrecs function parameters ... commit 4e0373f1f920811a67fef0c3383f1ad602b3845e Merge: 39898f092589dc 5ac1f99fdd09d8 Author: Linus Torvalds Date: Thu Sep 19 06:53:40 2024 +0200 Merge tag 'v6.12-rc-smb3-client-fixes-part1' of git://git.samba.org/sfrench/cifs-2.6 Pull smb client updates from Steve French: - cleanups (moving duplicated code, removing unused code etc) - fixes relating to "sfu" mount options (for better handling special file types) - SMB3.1.1 compression fixes/improvements * tag 'v6.12-rc-smb3-client-fixes-part1' of git://git.samba.org/sfrench/cifs-2.6: (24 commits) smb: client: fix compression heuristic functions cifs: Update SFU comments about fifos and sockets cifs: Add support for creating SFU symlinks smb: use LIST_HEAD() to simplify code cifs: Recognize SFU socket type cifs: Show debug message when SFU Fifo type was detected cifs: Put explicit zero byte into SFU block/char types cifs: Add support for reading SFU symlink location cifs: Fix recognizing SFU symlinks smb: client: compress: fix an "illegal accesses" issue smb: client: compress: fix a potential issue of freeing an invalid pointer smb: client: compress: LZ77 code improvements cleanup smb: client: insert compression check/call on write requests smb3: mark compression as CONFIG_EXPERIMENTAL and fix missing compression operation cifs: Remove obsoleted declaration for cifs_dir_open smb: client: Use min() macro cifs: convert to use ERR_CAST() smb: add comment to STATUS_MCA_OCCURED smb: move SMB2 Status code to common header file smb: move some duplicate definitions to common/smbacl.h ... commit 39898f092589dcfbf1a51d04c6167e0401ca45b1 Merge: cc3804443b4b36 c5a709f08d40b1 Author: Linus Torvalds Date: Thu Sep 19 06:48:28 2024 +0200 Merge tag '6.12-rc-ksmbd-server-fixes-part1' of git://git.samba.org/ksmbd Pull smb server updates from Steve French: "Four ksmbd server fixes, three for stable: - Fix an issue where the directory can't be deleted if the share is on a file system that does not provide dot and dotdot entries - Fix file creation failure if the parent name of pathname is case sensitive - Fix write failure with FILE_APPEND_DATA flags - Add reference count to connection struct to protect UAF of oplocks on multichannel" * tag '6.12-rc-ksmbd-server-fixes-part1' of git://git.samba.org/ksmbd: ksmbd: handle caseless file creation ksmbd: make __dir_empty() compatible with POSIX ksmbd: add refcnt to ksmbd_conn struct ksmbd: allow write with FILE_APPEND_DATA commit cc3804443b4b367aba9eed58bb98959376bce1d1 Merge: 45d986d11313ff 2b59ffad47db1c Author: Linus Torvalds Date: Thu Sep 19 06:38:43 2024 +0200 Merge tag 'jfs-6.12' of github.com:kleikamp/linux-shaggy Pull jfs updates from David Kleikamp: "A few fixes for jfs" * tag 'jfs-6.12' of github.com:kleikamp/linux-shaggy: jfs: Fix uninit-value access of new_ea in ea_buffer jfs: check if leafidx greater than num leaves per dmap tree jfs: Fix uaf in dbFreeBits jfs: fix out-of-bounds in dbNextAG() and diAlloc() jfs: UBSAN: shift-out-of-bounds in dbFindBits commit 45d986d11313ff2d8ed2cf6a34e2aefdc4639a99 Merge: 4a39ac5b7d6267 6c4a5f96450415 Author: Linus Torvalds Date: Thu Sep 19 06:33:18 2024 +0200 Merge tag 'ovl-update-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/overlayfs/vfs Pull overlayfs updates from Amir Goldstein: - Increase robustness of overlayfs to crashes in the case of underlying filesystems that to not guarantee metadata ordering to persistent storage (problem was reported with ubifs). - Deny mount inside container with features that require root privileges to work properly, instead of failing operations later. - Some clarifications to overlayfs documentation. * tag 'ovl-update-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/overlayfs/vfs: ovl: fail if trusted xattrs are needed but caller lacks permission overlayfs.rst: update metacopy section in overlayfs documentation ovl: fsync after metadata copy-up ovl: don't set the superblock's errseq_t manually commit 423c9baae4c7fe73d5812e28610418fd2e8050bd Author: Dave Jiang Date: Fri Sep 13 15:32:16 2024 -0700 cxl: Fix comment regarding cxl_query_cmd() return data The code indicates that the min of n_commands and total commands is returned. The comment incorrectly says it's the max(). Correct comment to min(). Reviewed-by: Alison Schofield Link: https://patch.msgid.link/20240913223216.3234173-1-dave.jiang@intel.com Signed-off-by: Dave Jiang commit 0c36680c0e2d959cc264a1e65628c825f7f87add Author: Detlev Casanova Date: Tue Sep 3 11:22:36 2024 -0400 dt-bindings: watchdog: Add rockchip,rk3576-wdt compatible It is compatible with the other rockchip SoCs. Signed-off-by: Detlev Casanova Acked-by: Krzysztof Kozlowski Acked-by: Guenter Roeck Link: https://lore.kernel.org/r/20240903152308.13565-7-detlev.casanova@collabora.com Signed-off-by: Rob Herring (Arm) commit 84f76408abe989809de19d02e476b044fd985adc Author: Alex Deucher Date: Wed Sep 18 09:37:31 2024 -0400 drm/amdgpu/mes12: reduce timeout The firmware timeout is 2s. Reduce the driver timeout to 2.1 seconds to avoid back pressure on queue submissions. Fixes: 94b51a3d01ed ("drm/amdgpu/mes12: increase mes submission timeout") Acked-by: Christian König Signed-off-by: Alex Deucher Cc: stable@vger.kernel.org # 6.11.x commit 856265caa94a3c78feaa23ec1acd799fe1989201 Author: Alex Deucher Date: Mon Sep 16 10:52:24 2024 -0400 drm/amdgpu/mes11: reduce timeout The firmware timeout is 2s. Reduce the driver timeout to 2.1 seconds to avoid back pressure on queue submissions. Link: https://gitlab.freedesktop.org/drm/amd/-/issues/3627 Fixes: f7c161a4c250 ("drm/amdgpu: increase mes submission timeout") Acked-by: Christian König Signed-off-by: Alex Deucher Cc: stable@vger.kernel.org commit 6dcba0975d39b30be65dd038fed69e1aa111c73a Author: Christian König Date: Thu Jul 11 14:39:43 2024 +0200 drm/amdgpu: use GEM references instead of TTMs v2 Instead of a TTM reference grab a GEM reference whenever necessary. v2: fix typo in amdgpu_bo_unref pointed out by Vitaly, initialize the GEM funcs for kernel allocations as well. Signed-off-by: Christian König Reviewed-by: Daniel Vetter (v1) Signed-off-by: Alex Deucher commit 87d749a6aab73d8069d0345afaa98297816cb220 Author: Mario Limonciello Date: Sun Sep 15 14:28:37 2024 -0500 drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` The issue with panel power savings compatibility below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` happens at `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` as well. That issue will be fixed separately, so don't prevent the backlight brightness from going that low. Cc: Harry Wentland Cc: Thomas Weißschuh Link: https://lore.kernel.org/amd-gfx/be04226a-a9e3-4a45-a83b-6d263c6557d8@t-8ch.de/T/#m400dee4e2fc61fe9470334d20a7c8c89c9aef44f Reviewed-by: Harry Wentland Signed-off-by: Mario Limonciello Signed-off-by: Alex Deucher commit d5a29e6a61028887bb8480e7c4af3547d6f3862d Author: Srinivasan Shanmugam Date: Tue Sep 17 18:39:07 2024 +0530 drm/amd/display: Fix kdoc entry for 'tps' in 'dc_process_dmub_dpia_set_tps_notification' Correct the parameter descriptor for the function `dc_process_dmub_dpia_set_tps_notification` to match the actual parameters used. Fixes the below with gcc W=1: drivers/gpu/drm/amd/amdgpu/../display/dc/core/dc.c:5768: warning: Function parameter or struct member 'tps' not described in 'dc_process_dmub_dpia_set_tps_notification' drivers/gpu/drm/amd/amdgpu/../display/dc/core/dc.c:5768: warning: Excess function parameter 'ts' description in 'dc_process_dmub_dpia_set_tps_notification' Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit 7b6df1d73290961ff0a00fd0022f28dd19e37181 Author: Frank Min Date: Wed Sep 4 10:50:33 2024 +0800 drm/amdgpu: update golden regs for gfx12 update golden regs for gfx12 Signed-off-by: Frank Min Reviewed-by: Likun Gao Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher Cc: stable@vger.kernel.org # 6.11.x commit 042658d17a54c9dc8c028986dfbde49f4aa01871 Author: Alex Deucher Date: Tue Sep 17 08:53:21 2024 -0400 drm/amdgpu: clean up vbios fetching code After splitting the logic between APU and dGPU, clean up some of the APU and dGPU specific logic that no longer applied. Reviewed-by: Lijo Lazar Signed-off-by: Alex Deucher commit e7d4e1438533abe448813bdc45691f9c230aa307 Author: Tobias Jakobi Date: Mon Sep 16 14:54:05 2024 +0200 drm/amd/display: handle nulled pipe context in DCE110's set_drr() As set_drr() is called from IRQ context, it can happen that the pipe context has been nulled by dc_state_destruct(). Apply the same protection here that is already present for dcn35_set_drr() and dcn10_set_drr(). I.e. fetch the tg pointer first (to avoid a race with dc_state_destruct()), and then check the local copy before using it. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3142 Fixes: 06ad7e164256 ("drm/amd/display: Destroy DC context while keeping DML and DML2") Acked-by: Alex Deucher Signed-off-by: Tobias Jakobi Signed-off-by: Alex Deucher commit 375b035f689735fd7a87ff31ccac3a42717252bf Author: Alex Deucher Date: Fri Sep 13 16:22:01 2024 -0400 drm/amdgpu/bios: split vbios fetching between APU and dGPU We need some different logic for dGPUs and the APU path can be simplified because there are some methods which are never used on APUs. This also fixes a regression on some older APUs causing the driver to fetch the unpatched ROM image rather than the patched image. Fixes: 9c081c11c621 ("drm/amdgpu: Reorder to read EFI exported ROM first") Reviewed-by: George Zhang Signed-off-by: Alex Deucher commit f2be7b39e43893ab5361115de2b95e7c5c86f190 Author: Christian König Date: Wed Jun 5 16:34:49 2024 +0200 drm/amdgpu: remove amdgpu_pin_restricted() We haven't used the functionality to pin BOs in a certain range at all while the driver existed. Just nuke it. Signed-off-by: Christian König Acked-by: Lijo Lazar Signed-off-by: Alex Deucher commit 54b86443fd4437c051aefd3f462cfff4defd420c Author: Christian König Date: Wed Jun 5 16:26:22 2024 +0200 drm/amdgpu: explicitely set the AMDGPU_GEM_CREATE_VRAM_CONTIGUOUS flag Instead of having that in the amdgpu_bo_pin() function applied for all pinned BOs. Signed-off-by: Christian König Acked-by: Lijo Lazar Signed-off-by: Alex Deucher commit 42ac749d5b8bf78b347ac8a52eb15cc397b157a0 Author: Lijo Lazar Date: Wed Sep 11 13:49:51 2024 +0530 drm/amdgpu: Fix XCP instance mask calculation Fix instance mask calculation for VCN IP. There are cases where VCN instance could be shared across partitions. Fix here so that other blocks don't need to check for any shared instances based on partition mode. Signed-off-by: Lijo Lazar Reviewed-by: Asad Kamal Signed-off-by: Alex Deucher commit ef126c06a98bde1a41303970eb0fc0ac33c3cc02 Author: Asad Kamal Date: Mon Jul 22 19:45:11 2024 +0800 drm/amdgpu: Fix get each xcp macro Fix get each xcp macro to loop over each partition correctly Fixes: 4bdca2057933 ("drm/amdgpu: Add utility functions for xcp") Signed-off-by: Asad Kamal Reviewed-by: Lijo Lazar Signed-off-by: Alex Deucher commit 06c9aeb57fe894e6e442cd66870cd3e863bbf08c Author: Aric Cyr Date: Sun Sep 8 21:40:21 2024 -0400 drm/amd/display: 3.2.301 - Clear cached watermark after resume - Update IPS default mode for DCN35/DCN351 - Use full update for swizzle mode change - Skip to enable dsc if it has been off - Fix underflow when setting underscan on DCN401 - Remove always-false branches - Check null pointer before dereferencing se Acked-by: Alex Hung Signed-off-by: Aric Cyr Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit fa8a4d3659d0c1ad73d5f59b2e0a6d408de5b317 Author: Charlene Liu Date: Thu Sep 5 17:28:12 2024 -0400 drm/amd/display: Clear cached watermark after resume [WHY] Driver could skip program watermarks when resume from S0i3/S4. [HOW] Clear the cached one first to make sure new value gets applied. Reviewed-by: Alvin Lee Reviewed-by: Roman Li Signed-off-by: Charlene Liu Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 199888aa25b3a3315360224bda9134a9b58c9306 Author: Roman Li Date: Thu Sep 5 14:22:30 2024 -0400 drm/amd/display: Update IPS default mode for DCN35/DCN351 [WHY] RCG state of IPX in idle is more stable for DCN351 and some variants of DCN35 than IPS2. [HOW] Rework dm_get_default_ips_mode() to specify default per ASIC and update DCN35/DCN351 defaults accordingly. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Sun peng Li Signed-off-by: Roman Li Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 327e62f47eb57ae5ff63de82b0815557104e439a Author: Mario Limonciello Date: Fri Sep 13 13:00:39 2024 -0500 drm/amd/display: Validate backlight caps are sane Currently amdgpu takes backlight caps provided by the ACPI tables on systems as is. If the firmware sets maximums that are too low this means that users don't get a good experience. To avoid having to maintain a quirk list of such systems, do a sanity check on the values. Check that the spread is at least half of the values that amdgpu would use if no ACPI table was found and if not use the amdgpu defaults. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3020 Reviewed-by: Harry Wentland Signed-off-by: Mario Limonciello Signed-off-by: Alex Deucher Cc: stable@vger.kernel.org commit b74571a83fd3e50f804f090aae60c864d458187c Author: Charlene Liu Date: Wed Sep 4 15:58:25 2024 -0400 drm/amd/display: Use full update for swizzle mode change [WHY & HOW] 1) We did linear/non linear transition properly long ago 2) We used that path to handle SystemDisplayEnable 3) We fixed a SystemDisplayEnable inability to fallback to passive by impacting the transition flow generically 4) AFMF later relied on the generic transition behavior Separating the two flows to make (3) non-generic is the best immediate coarse of action. DC can discern SSAMPO3 very easily from SDE. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Chris Park Signed-off-by: Charlene Liu Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 4bdc5b504af7de1f649004cfdd37445d36db6703 Author: Zhikai Zhai Date: Tue Aug 27 14:06:01 2024 +0800 drm/amd/display: Skip to enable dsc if it has been off [WHY] It makes DSC enable when we commit the stream which need keep power off, and then it will skip to disable DSC if pipe reset at this situation as power has been off. It may cause the DSC unexpected enable on the pipe with the next new stream which doesn't support DSC. [HOW] Check the DSC used on current pipe status when update stream. Skip to enable if it has been off. The operation enable DSC should happen when set power on. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Wenjing Liu Signed-off-by: Zhikai Zhai Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit f510dd5c210bf8cc22e4be48cbbda3cb754219f5 Author: Aurabindo Pillai Date: Tue Sep 3 10:10:44 2024 -0400 drm/amd/display: Fix underflow when setting underscan on DCN401 [WHY & HOW] When underscan is set through xrandr, it causes the stream destination rect to change in a way it becomes complicated to handle the calculations for subvp. Since this is a corner case, disable subvp when underscan is set. Fix the existing check that is supposed to catch this corner case by adding a check based on the parameters in the stream Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Dillon Varone Reviewed-by: Rodrigo Siqueira Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit b6499840cafca25175f43ebd601913bf31d06f16 Author: Alex Hung Date: Thu Aug 29 16:35:51 2024 -0600 drm/amd/display: Remove always-false branches [WHAT & HOW] req128_c is always set to false and its branch is never taken. Similarly, MacroTileSizeBytes is set to either 256 or 65535 and it is never 4096 and it's branch is not taken. Therefore, their branches are removed. This fixes 3 DEADCODE issues reported by Coverity. Acked-by: Alex Hung Reviewed-by: Alvin Lee Reviewed-by: Rodrigo Siqueira Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit ff599ef6970ee000fa5bc38d02fa5ff5f3fc7575 Author: Alex Hung Date: Thu Aug 29 17:30:26 2024 -0600 drm/amd/display: Check null pointer before dereferencing se [WHAT & HOW] se is null checked previously in the same function, indicating it might be null; therefore, it must be checked when used again. This fixes 1 FORWARD_NULL issue reported by Coverity. Acked-by: Alex Hung Reviewed-by: Rodrigo Siqueira Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit ce83ae29f93772d604b4ea73459fb17822d6a6b0 Author: Aric Cyr Date: Tue Sep 3 08:45:48 2024 -0400 drm/amd/display: 3.2.300 - Add HDMI DSC native YCbCr422 support - Add fullscreen only sharpening policy - Restructure dpia link training - Disable SYMCLK32_LE root clock gating - Clean up dsc blocks in accelerated mode - Block dynamic IPS2 on DCN35 for incompatible FW versions - Add debug options to change sharpen policies - Block timing sync for different output formats in pmo - Enable DML2 override_det_buffer_size_kbytes - Add dmub hpd sense callback - Emulate Display Hotplug Hang - Implement new DPCD register handling - Use SDR white level to calculate matrix coefficients - Round calculated vtotal Reviewed-by: Alex Hung Signed-off-by: Aric Cyr Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 07bfa9cdbf3cd2daadfaaba0601f126f45951ffa Author: Leo Ma Date: Mon Aug 19 13:25:27 2024 -0400 drm/amd/display: Add HDMI DSC native YCbCr422 support [WHY && HOW] For some HDMI OVT timing, YCbCr422 encoding fails at the DSC bandwidth check. The root cause is our DSC policy for timing doesn't account for HDMI YCbCr422 native support. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Chris Park Signed-off-by: Leo Ma Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit e79563bf5fb17d1a199c7c0f7d5a7a98c077302a Author: Relja Vojvodic Date: Wed Aug 28 11:42:26 2024 -0400 drm/amd/display: Add fullscreen only sharpening policy [WHAT & HOW] Disable sharpening if not in fullscreen if this policy is selected Reviewed-by: Samson Tam Signed-off-by: Relja Vojvodic Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit cf4cebcec619d963fa7496018f03cb0ff00dc257 Author: Peichen Huang Date: Thu Aug 22 14:50:07 2024 +0800 drm/amd/display: Restructure dpia link training [WHY] We intend to consolidate dp tunneling and conventional dp link training. [HOW] 1. Use the same link training entry for both dp and dpia 2. Move SET_CONFIG of non-transparent mode to dmub side 3. Add set_tps_notification dmub_cmd to notify tps request for non-transparent dpia link training 4. Check dpcd request result and abort link training early if dpia aux tunneling fails 5. Add option to avoid affect old product 6. Separately handle wait_time_microsec for dpia Reviewed-by: Cruise Hung Reviewed-by: George Shen Reviewed-by: Meenakshikumar Somasundaram Signed-off-by: Peichen Huang Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit ae5100805f98641ea4112241e350485c97936bbe Author: Sung Joon Kim Date: Tue Aug 27 14:49:44 2024 -0400 drm/amd/display: Disable SYMCLK32_LE root clock gating [WHY & HOW] On display on sequence, enabling SYMCLK32_LE root clock gating causes issue in link training so disabling it is needed. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Nicholas Kazlauskas Signed-off-by: Sung Joon Kim Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 3766a840e093d30e1a2522f650d8a6ac892a8719 Author: Martin Tsai Date: Mon Jul 22 14:12:25 2024 +0800 drm/amd/display: Clean up dsc blocks in accelerated mode [WHY] DSC on eDP could be enabled during VBIOS post. The enabled DSC may not be disabled when enter to OS, once the system was in second screen only mode before entering to S4. In this case, OS will not send setTimings to reset eDP path again. The enabled DSC HW will make a new stream without DSC cannot output normally if it reused this pipe with enabled DSC. [HOW] In accelerated mode, to clean up DSC blocks if eDP is on link but not active when we are not in fast boot and seamless boot. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Charlene Liu Signed-off-by: Martin Tsai Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 401c90c4d64f2227fc2f4c02d2ad23296bf5ca6f Author: Nicholas Kazlauskas Date: Tue Aug 27 14:13:10 2024 -0400 drm/amd/display: Block dynamic IPS2 on DCN35 for incompatible FW versions [WHY] Hangs with Z8 can occur if running an older unfixed PMFW version. [HOW] Fallback to RCG only for dynamic IPS2 states if it's not newer than 93.12. Limit to DCN35. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Charlene Liu Signed-off-by: Nicholas Kazlauskas Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 09cb922c4e14e6531979bff4e6bb3babcd9cb188 Author: Samson Tam Date: Tue Aug 27 11:53:10 2024 -0400 drm/amd/display: Add debug options to change sharpen policies [WHY] Add options to change sharpen policy based on surface format and scaling ratios. [HOW] Add sharpen_policy to change policy based on surface format and scale_to_sharpness_policy based on scaling ratios. Reviewed-by: Jun Lei Signed-off-by: Samson Tam Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 0765b2afc1118a6ab5fee624e206c782d70db28a Author: Dillon Varone Date: Mon Aug 26 17:08:33 2024 -0400 drm/amd/display: Block timing sync for different output formats in pmo [WHY & HOW] If the output format is different for HDMI TMDS signals, they are not synchronizable. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Alvin Lee Signed-off-by: Dillon Varone Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit f57b77d667dc6bd2b114d08d04b03869539209f6 Author: Yihan Zhu Date: Mon Aug 26 14:44:04 2024 -0400 drm/amd/display: Enable DML2 override_det_buffer_size_kbytes [WHY] Corrupted screen will be observed when 4k144 DP/HDMI display and 4k144 eDP are connected, changing eDP refresh rate from 60Hz to 144Hz. [HOW] override_det_buffer_size_kbytes should be true for DCN35/DCN351. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Roman Li Reviewed-by: Nicholas Kazlauskas Signed-off-by: Yihan Zhu Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 5a3d3e11349c2e298c0b6b4d37c8241f44d37e3d Author: Roman Li Date: Wed Aug 21 10:53:15 2024 -0400 drm/amd/display: Add dmub hpd sense callback [WHY] HPD sense notification has been implemented in DMUB, which can occur during low power states and need to be notified from firmware to driver. [HOW] Define callback and register new HPD sense notification. Reviewed-by: Nicholas Kazlauskas Signed-off-by: Roman Li Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit d18a56b247f4f3f7dbdd3adeeebd05c23f1e3d3e Author: Daniel Sa Date: Fri Aug 23 11:29:23 2024 -0400 drm/amd/display: Emulate Display Hotplug Hang [WHY] Driver reports 0 display when the virtual display is still present, and causes P-state hang in FW. [HOW] When enumerating through streams, check for active planes and use that to indicate number of displays. Reviewed-by: Dillon Varone Signed-off-by: Daniel Sa Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit f588da30a20cf184f150420e4098b694908a4207 Author: Ryan Seto Date: Mon Aug 19 17:06:56 2024 -0400 drm/amd/display: Implement new DPCD register handling [WHY] There are some monitor timings that seem to be supported without DSC but actually require DSC to be displayed. A VESA SCR introduced a new max uncompressed pixel rate cap register that we can use to handle these edge cases. [HOW] SST: Read caps from link and invalidate timings that exceed the max limit but do not support DSC. Then check for options override when determining BPP. MST: Read caps from virtual DPCD peer device or daisy chained SST monitor and set validation set BPPs to max if pixel rate exceeds uncompressed limit. Validation set optimization continues as normal. Reviewed-by: Wenjing Liu Signed-off-by: Ryan Seto Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit c2ed7002c0614c5eab6c8f62a7a76be5df5805cf Author: Samson Tam Date: Fri Aug 23 16:57:33 2024 -0400 drm/amd/display: Use SDR white level to calculate matrix coefficients [WHY] Certain profiles have higher HDR multiplier than SDR white level max which is not currently supported. [HOW] Use SDR white level when calculating matrix coefficients for HDR RGB MPO path instead of HDR multiplier. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Jun Lei Signed-off-by: Samson Tam Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit c03fca619fc687338a3b6511fdbed94096abdf79 Author: Robin Chen Date: Fri Aug 23 15:00:28 2024 +0800 drm/amd/display: Round calculated vtotal [WHY] The calculated vtotal may has 1 line deviation. To get precisely vtotal number, round the vtotal result. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Anthony Koo Signed-off-by: Robin Chen Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 2778701b165eda674756537054d460fb4b0cf2e2 Author: Le Ma Date: Tue Sep 10 20:10:45 2024 +0800 drm/amdgpu: load sos binary properly on the basis of pmfw version To be compatible with legacy IFWI, driver needs to carry legacy tOS and query pmfw version to load them accordingly. Add psp_firmware_header_v2_1 to handle the combined sos binary. Double the sos count limit for the case of aux sos fw packed. v2: pass the correct fw_bin_desc to parse_sos_bin_descriptor Signed-off-by: Le Ma Reviewed-by: Lijo Lazar Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 2ae6cd583c4c86c2b7e879b07effb8ffb10756bc Author: Le Ma Date: Tue Sep 10 17:53:42 2024 +0800 drm/amdgpu: add psp funcs callback to check if aux fw is needed Query pmfw version to determine if aux sos fw needs to be loaded in psp v13.0. v2: refine callback to check if aux_fw loading is needed instead of getting pmfw version barely v3: return the comparison directly Signed-off-by: Le Ma Reviewed-by: Lijo Lazar Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 151b1813919d4ab932e69ca4032761ee0789b04c Author: Asad Kamal Date: Thu Jul 18 18:09:17 2024 +0800 drm/amd/pm: Update SMUv13.0.6 PMFW headers Update PMFW interface headers for updated metrics table with gfx activity per xcd Signed-off-by: Asad Kamal Reviewed-by: Lijo Lazar Signed-off-by: Alex Deucher commit 7181faaa4703705939580abffaf9cb5d6b50dbb7 Author: Christian König Date: Tue Aug 27 16:12:11 2024 +0200 drm/amdgpu: nuke the VM PD/PT shadow handling This was only used as workaround for recovering the page tables after VRAM was lost and is no longer necessary after the function amdgpu_vm_bo_reset_state_machine() started to do the same. Compute never used shadows either, so the only proplematic case left is SVM and that is most likely not recoverable in any way when VRAM is lost. Signed-off-by: Christian König Acked-by: Lijo Lazar Signed-off-by: Alex Deucher commit c1de938fb7e5edc4c71d33f73e9fc5c77feb02a0 Author: Alex Deucher Date: Thu Sep 12 16:15:55 2024 -0400 drm/amdgpu/gfx9.4.3: Explicitly halt MEC before init Need to make sure it's halted as we don't know what state the GPU may have been left in previously. Tested-by: Amber Lin Acked-by: Amber Lin Signed-off-by: Alex Deucher commit 797fb1533315571ff9e55e80154f48cd47f3dbe5 Author: Alex Deucher Date: Thu Sep 12 13:08:12 2024 -0400 drm/amdgpu/gfx9.4.3: set additional bits on MEC halt Need to set the pipe reset and cache invalidation bits on halt otherwise we can get stale state if the CP firmware changes (e.g., on module unload and reload). Tested-by: Amber Lin Reviewed-by: Amber Lin Signed-off-by: Alex Deucher commit 03b5038c0ad069380fab7e251d2bf3f1540d20f4 Author: David Belanger Date: Wed Sep 11 11:16:50 2024 -0400 drm/amdgpu: Fix selfring initialization sequence on soc24 Move enable_doorbell_selfring_aperture from common_hw_init to common_late_init in soc24, otherwise selfring aperture is initialized with an incorrect doorbell aperture base. Port changes from this commit from soc21 to soc24: commit 1c312e816c40 ("drm/amdgpu: Enable doorbell selfring after resize FB BAR") Signed-off-by: David Belanger Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher Cc: stable@vger.kernel.org # 6.11.x commit 3c75518cf27aa5a7e22e1f8f33339ded3779079b Author: Jack Xiao Date: Wed Sep 11 16:24:35 2024 +0800 drm/amdgpu/mes12: switch SET_SHADER_DEBUGGER pkt to mes schq pipe The SET_SHADER_DEBUGGER packet must work with the added hardware queue, switch the packet submitting to mes schq pipe. Signed-off-by: Jack Xiao Acked-by: Alex Deucher Signed-off-by: Alex Deucher Cc: stable@vger.kernel.org # 6.11.x commit 2ed186df27f078eb75c52d09e04aa7b0f9920f57 Author: Kent Russell Date: Tue Sep 10 09:32:13 2024 -0400 drm/amdgpu: Retry i2c transfer once if it fails on SMU13.0.6 During init, there can be some collisions on the i2c bus that result in the EEPROM read failing. This has been mitigated in the PMFW to a degree, but there is still a small chance that the bus will be busy. When the read fails during RAS init, that disables page retirement altogether, which is obviously not ideal. To try to avoid that situation, set the eeprom_read function to retry once if the first read fails, specifically for smu_v13_0_6. Signed-off-by: Kent Russell Reviewed-by: Lijo Lazar Signed-off-by: Alex Deucher commit c77a46bebe99e70600e636a3a1f285637c479f46 Author: Yan Zhen Date: Thu Sep 12 15:12:09 2024 +0800 drm/amd/display: fix typo in the comment Correctly spelled comments make it easier for the reader to understand the code. Replace 'maxium' with 'maximum' in the comment & replace 'diffculty' with 'difficulty' in the comment & replace 'suppluy' with 'supply' in the comment & replace 'Congiuration' with 'Configuration' in the comment & replace 'eanbled' with 'enabled' in the comment. Signed-off-by: Yan Zhen Signed-off-by: Alex Deucher commit c400ec6990fb04a2ec9929b253dafa7e77c7f555 Author: Andrew Kreimer Date: Tue Sep 10 01:41:05 2024 +0300 drm/amdgpu: Fix a typo Fix a typo in comments. Reported-by: Matthew Wilcox Signed-off-by: Andrew Kreimer Signed-off-by: Alex Deucher commit 0110ac11952f06419d267f51a3989e989b17e67a Author: Yan Zhen Date: Wed Sep 11 12:27:38 2024 +0800 drm/amdgpu: fix typo in the comment Correctly spelled comments make it easier for the reader to understand the code. Replace 'udpate' with 'update' in the comment & replace 'recieved' with 'received' in the comment & replace 'dsiable' with 'disable' in the comment & replace 'Initiailize' with 'Initialize' in the comment & replace 'disble' with 'disable' in the comment & replace 'Disbale' with 'Disable' in the comment & replace 'enogh' with 'enough' in the comment & replace 'availabe' with 'available' in the comment. Acked-by: Christian König Signed-off-by: Yan Zhen Signed-off-by: Alex Deucher commit 902b4027216aeaabe1562e1db070550c06f3ec89 Author: Alex Deucher Date: Tue Sep 10 10:19:43 2024 -0400 drm/amdgpu: fix spelling in amd_shared.h Fix spelling in documentation. Reviewed-by: Kent Russell Signed-off-by: Alex Deucher commit bfc00a7754c40544c7446d3b664049d6e00ee0bd Author: Alex Deucher Date: Tue Sep 10 09:33:30 2024 -0400 drm/amdgpu/gfx9.4.3: drop extra wrapper Drop wrapper used in one place. gfx_v9_4_3_xcc_cp_enable() is used in one place. gfx_v9_4_3_xcc_cp_compute_enable() is used everywhere else. Reviewed-by: Lijo Lazar Signed-off-by: Alex Deucher commit 82cf3b8afc35bfc62fc1a91eac9e01edf22e1980 Merge: 8400291e289ee6 d628455ab3c22b Author: Stephen Boyd Date: Wed Sep 18 09:44:48 2024 -0700 Merge tag 'qcom-clk-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux into clk-qcom Pull Qualcomm clk driver updates from Bjorn Andersson: - Add camera, display and GPU clock drivers for Qualcomm SM4450 - Add a camera clock driver for Qualcomm SM8150 - Mark a bunch of struct freq_tbl const to reduce .data usage - Add Qualcomm MSM8226 A7PLL and Regera PLL support - Fix the Qualcomm Lucid 5LPE PLL configuration sequence to not reuse Trion, as they do differ - A number of fixes to the Qualcomm SM8550 display clock driver - Fold Qualcomm SM8650 display clock driver into SM8550 one - Add missing clocks and GDSCs needed for audio on Qualcomm MSM8998 - Add missing USB MP resets, GPLL9, and QUPv3 DFS to Qualcomm SC8180X - Fix sdcc clk frequency tables on Qualcomm SC8180X - Drop the Qualcomm SM8150 gcc_cpuss_ahb_clk_src - Mark Qualcomm PCIe GDSCs as RET_ON on sm8250 and sm8540 to avoid them turning off during suspend - Use the HW_CTRL mechanism on Qualcomm SM8550 video clock controller GDSCs * tag 'qcom-clk-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux: (47 commits) clk: qcom: videocc-sm8550: Use HW_CTRL_TRIGGER flag for video GDSC's clk: qcom: dispcc-sm8250: use special function for Lucid 5LPE PLL clk: qcom: dispcc-sm8250: use CLK_SET_RATE_PARENT for branch clocks clk: qcom: ipq5332: Use icc-clk for enabling NoC related clocks clk: qcom: ipq5332: Register gcc_qdss_tsctr_clk_src dt-bindings: usb: qcom,dwc3: Update ipq5332 clock details dt-bindings: interconnect: Add Qualcomm IPQ5332 support clk: qcom: gcc-msm8998: Add Q6 BIMC and LPASS core, ADSP SMMU clocks dt-bindings: clock: gcc-msm8998: Add Q6 and LPASS clocks definitions clk: qcom: Fix SM_CAMCC_8150 dependencies clk: qcom: gcc-sm8150: De-register gcc_cpuss_ahb_clk_src clk: qcom: gcc-sc8180x: Fix the sdcc2 and sdcc4 clocks freq table clk: qcom: gcc-sc8180x: Add GPLL9 support dt-bindings: clock: qcom: Add GPLL9 support on gcc-sc8180x clk: qcom: gcc-sc8180x: Register QUPv3 RCGs for DFS on sc8180x clk: qcom: clk-rpmh: Fix overflow in BCM vote dt-bindings: clock: qcom: Drop required-opps in required on SM8650 camcc dt-bindings: clock: qcom: Drop required-opps in required on sm8650 videocc dt-bindings: clock: qcom,qcs404-turingcc: convert to dtschema dt-bindings: clock: Add x1e80100 LPASSCC reset controller ... commit 9bcd923952078e08cd4570e15f751a6c9ec7633f Author: Shen Lichuan Date: Sat Sep 14 14:38:08 2024 +0800 dm vdo indexer: Convert comma to semicolon To ensure code clarity and prevent potential errors, it's advisable to employ the ';' as a statement separator, except when ',' are intentionally used for specific purposes. Signed-off-by: Shen Lichuan Signed-off-by: Mikulas Patocka commit 5d49054ef616095d160c1072ba458e16e2f825de Author: Markus Elfring Date: Wed Sep 18 15:34:45 2024 +0200 dm-crypt: Use common error handling code in crypt_set_keyring_key() Add a jump target so that a bit of exception handling can be better reused at the end of this function implementation. Signed-off-by: Markus Elfring Signed-off-by: Mikulas Patocka commit c5391c0e04f1b6ede3623962192b08a4eb224491 Author: Markus Elfring Date: Wed Sep 18 15:05:29 2024 +0200 dm-crypt: Use up_read() together with key_put() only once in crypt_set_keyring_key() The combination of the calls “up_read(&key->sem)” and “key_put(key)” was immediately used after a return code check for a set_key() call in this function implementation. Thus use such a function call pair only once instead directly before the check. This issue was transformed by using the Coccinelle software. Signed-off-by: Markus Elfring Signed-off-by: Mikulas Patocka commit 6ff2c290147a65027fb04b154a52723a6efabced Author: Jason A. Donenfeld Date: Mon Sep 16 15:28:00 2024 +0200 MAINTAINERS: make vDSO getrandom matches more generic Rather than specifying matches for every architecture, what we actually want is an extglob-like thing, such as: F: **/vdso/*getrandom* Unfortunately, this isn't possible, but get_maintainers.pl does support a "N:" directive that uses regexes, so just encode that extglob statement as an ordinary regex. Signed-off-by: Jason A. Donenfeld commit 34b69548108480ebb36cb6a067974a88ec745897 Author: Felix Fietkau Date: Tue Sep 17 13:09:42 2024 +0200 wifi: mt76: do not increase mcu skb refcount if retry is not supported If mcu_skb_prepare_msg is not implemented, incrementing skb refcount does not work for mcu message retry. In some cases (e.g. on SDIO), shared skbs can trigger a BUG_ON, crashing the system. Fix this by only incrementing refcount if retry is actually supported. Fixes: 3688c18b65ae ("wifi: mt76: mt7915: retry mcu messages") Closes: https://lore.kernel.org/r/d907b13a-f8be-4cb8-a0bb-560a21278041@notapiano/ Reported-by: Nícolas F. R. A. Prado #KernelCI Tested-by: Alper Nebi Yasak Signed-off-by: Felix Fietkau Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240917110942.22077-1-nbd@nbd.name commit 5575058ba95bb016243e54e5ca3371b9884ded56 Author: Ping-Ke Shih Date: Thu Sep 12 10:16:26 2024 +0800 wifi: rtw89: coex: add debug message of link counts on 2/5GHz bands for wl_info v7 The counts will be used by MLO, and it is ongoing to add the code, so add debug message in todo part to avoid warnings reported by clang: coex.c:6323:23: warning: variable 'cnt_2g' set but not used [-Wunused-but-set-variable] 6323 | u8 i, mode, cnt = 0, cnt_2g = 0, cnt_5g = 0, ... | ^ coex.c:6323:35: warning: variable 'cnt_5g' set but not used [-Wunused-but-set-variable] 6323 | u8 i, mode, cnt = 0, cnt_2g = 0, cnt_5g = 0, ... | ^ Signed-off-by: Ping-Ke Shih Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240912021626.10494-1-pkshih@realtek.com commit 4a39ac5b7d62679c07a3e3d12b0f6982377d8a7d Merge: c8d8a35d094626 210860e7f7337e Author: Linus Torvalds Date: Wed Sep 18 15:26:31 2024 +0200 Merge tag 'random-6.12-rc1-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/crng/random Pull random number generator updates from Jason Donenfeld: "Originally I'd planned on sending each of the vDSO getrandom() architecture ports to their respective arch trees. But as we started to work on this, we found lots of interesting issues in the shared code and infrastructure, the fixes for which the various archs needed to base their work. So in the end, this turned into a nice collaborative effort fixing up issues and porting to 5 new architectures -- arm64, powerpc64, powerpc32, s390x, and loongarch64 -- with everybody pitching in and commenting on each other's code. It was a fun development cycle. This contains: - Numerous fixups to the vDSO selftest infrastructure, getting it running successfully on more platforms, and fixing bugs in it. - Additions to the vDSO getrandom & chacha selftests. Basically every time manual review unearthed a bug in a revision of an arch patch, or an ambiguity, the tests were augmented. By the time the last arch was submitted for review, s390x, v1 of the series was essentially fine right out of the gate. - Fixes to the the generic C implementation of vDSO getrandom, to build and run successfully on all archs, decoupling it from assumptions we had (unintentionally) made on x86_64 that didn't carry through to the other architectures. - Port of vDSO getrandom to LoongArch64, from Xi Ruoyao and acked by Huacai Chen. - Port of vDSO getrandom to ARM64, from Adhemerval Zanella and acked by Will Deacon. - Port of vDSO getrandom to PowerPC, in both 32-bit and 64-bit varieties, from Christophe Leroy and acked by Michael Ellerman. - Port of vDSO getrandom to S390X from Heiko Carstens, the arch maintainer. While it'd be natural for there to be things to fix up over the course of the development cycle, these patches got a decent amount of review from a fairly diverse crew of folks on the mailing lists, and, for the most part, they've been cooking in linux-next, which has been helpful for ironing out build issues. In terms of architectures, I think that mostly takes care of the important 64-bit archs with hardware still being produced and running production loads in settings where vDSO getrandom is likely to help. Arguably there's still RISC-V left, and we'll see for 6.13 whether they find it useful and submit a port" * tag 'random-6.12-rc1-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/crng/random: (47 commits) selftests: vDSO: check cpu caps before running chacha test s390/vdso: Wire up getrandom() vdso implementation s390/vdso: Move vdso symbol handling to separate header file s390/vdso: Allow alternatives in vdso code s390/module: Provide find_section() helper s390/facility: Let test_facility() generate static branch if possible s390/alternatives: Remove ALT_FACILITY_EARLY s390/facility: Disable compile time optimization for decompressor code selftests: vDSO: fix vdso_config for s390 selftests: vDSO: fix ELF hash table entry size for s390x powerpc/vdso: Wire up getrandom() vDSO implementation on VDSO64 powerpc/vdso: Wire up getrandom() vDSO implementation on VDSO32 powerpc/vdso: Refactor CFLAGS for CVDSO build powerpc/vdso32: Add crtsavres mm: Define VM_DROPPABLE for powerpc/32 powerpc/vdso: Fix VDSO data access when running in a non-root time namespace selftests: vDSO: don't include generated headers for chacha test arm64: vDSO: Wire up getrandom() vDSO implementation arm64: alternative: make alternative_has_cap_likely() VDSO compatible selftests: vDSO: also test counter in vdso_test_chacha ... commit c8d8a35d094626808cd07ed0758e14c7e4cf61ac Merge: 9f0c253ddddca6 3360211b2a955a Author: Linus Torvalds Date: Wed Sep 18 15:24:02 2024 +0200 Merge tag 'livepatching-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching Pull livepatching update from Petr Mladek: - Small documentation improvement * tag 'livepatching-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/livepatching/livepatching: Documentation: livepatch: Correct release locks antonym commit 0e58637eb968c636725dcd6c7055249b4e5326fb Author: Lorenzo Bianconi Date: Fri Sep 13 23:07:14 2024 +0200 spi: airoha: fix airoha_snand_{write,read}_data data_len estimation Fix data length written and read in airoha_snand_write_data and airoha_snand_read_data routines respectively if it is bigger than SPI_MAX_TRANSFER_SIZE. Fixes: a403997c1201 ("spi: airoha: add SPI-NAND Flash controller driver") Tested-by: Christian Marangi Signed-off-by: Lorenzo Bianconi Link: https://patch.msgid.link/20240913-airoha-spi-fixes-v1-2-de2e74ed4664@kernel.org Signed-off-by: Mark Brown commit 2e6bbfe7b0c0607001b784082c2685b134174fac Author: Lorenzo Bianconi Date: Fri Sep 13 23:07:13 2024 +0200 spi: airoha: fix dirmap_{read,write} operations SPI_NFI_READ_FROM_CACHE_DONE bit must be written at the end of dirmap_read operation even if it is already set. In the same way, SPI_NFI_LOAD_TO_CACHE_DONE bit must be written at the end of dirmap_write operation even if it is already set. For this reason use regmap_write_bits() instead of regmap_set_bits(). This patch fixes mtd_pagetest kernel module test. Fixes: a403997c1201 ("spi: airoha: add SPI-NAND Flash controller driver") Tested-by: Christian Marangi Signed-off-by: Lorenzo Bianconi Link: https://patch.msgid.link/20240913-airoha-spi-fixes-v1-1-de2e74ed4664@kernel.org Signed-off-by: Mark Brown commit 9f0c253ddddca608457a42e509267bed2dee0a50 Merge: 941c122da5c835 5e645f31139183 Author: Linus Torvalds Date: Wed Sep 18 15:03:58 2024 +0200 Merge tag 'perf-core-2024-09-18' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull perf events updates from Ingo Molnar: - Implement per-PMU context rescheduling to significantly improve single-PMU performance, and related cleanups/fixes (Peter Zijlstra and Namhyung Kim) - Fix ancient bug resulting in a lot of events being dropped erroneously at higher sampling frequencies (Luo Gengkun) - uprobes enhancements: - Implement RCU-protected hot path optimizations for better performance: "For baseline vs SRCU, peak througput increased from 3.7 M/s (million uprobe triggerings per second) up to about 8 M/s. For uretprobes it's a bit more modest with bump from 2.4 M/s to 5 M/s. For SRCU vs RCU Tasks Trace, peak throughput for uprobes increases further from 8 M/s to 10.3 M/s (+28%!), and for uretprobes from 5.3 M/s to 5.8 M/s (+11%), as we have more work to do on uretprobes side. Even single-thread (no contention) performance is slightly better: 3.276 M/s to 3.396 M/s (+3.5%) for uprobes, and 2.055 M/s to 2.174 M/s (+5.8%) for uretprobes." (Andrii Nakryiko et al) - Document mmap_lock, don't abuse get_user_pages_remote() (Oleg Nesterov) - Cleanups & fixes to prepare for future work: - Remove uprobe_register_refctr() - Simplify error handling for alloc_uprobe() - Make uprobe_register() return struct uprobe * - Fold __uprobe_unregister() into uprobe_unregister() - Shift put_uprobe() from delete_uprobe() to uprobe_unregister() - BPF: Fix use-after-free in bpf_uprobe_multi_link_attach() (Oleg Nesterov) - New feature & ABI extension: allow events to use PERF_SAMPLE READ with inheritance, enabling sample based profiling of a group of counters over a hierarchy of processes or threads (Ben Gainey) - Intel uncore & power events updates: - Add Arrow Lake and Lunar Lake support - Add PERF_EV_CAP_READ_SCOPE - Clean up and enhance cpumask and hotplug support (Kan Liang) - Add LNL uncore iMC freerunning support - Use D0:F0 as a default device (Zhenyu Wang) - Intel PT: fix AUX snapshot handling race (Adrian Hunter) - Misc fixes and cleanups (James Clark, Jiri Olsa, Oleg Nesterov and Peter Zijlstra) * tag 'perf-core-2024-09-18' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (40 commits) dmaengine: idxd: Clean up cpumask and hotplug for perfmon iommu/vt-d: Clean up cpumask and hotplug for perfmon perf/x86/intel/cstate: Clean up cpumask and hotplug perf: Add PERF_EV_CAP_READ_SCOPE perf: Generic hotplug support for a PMU with a scope uprobes: perform lockless SRCU-protected uprobes_tree lookup rbtree: provide rb_find_rcu() / rb_find_add_rcu() perf/uprobe: split uprobe_unregister() uprobes: travers uprobe's consumer list locklessly under SRCU protection uprobes: get rid of enum uprobe_filter_ctx in uprobe filter callbacks uprobes: protected uprobe lifetime with SRCU uprobes: revamp uprobe refcounting and lifetime management bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() perf/core: Fix small negative period being ignored perf: Really fix event_function_call() locking perf: Optimize __pmu_ctx_sched_out() perf: Add context time freeze perf: Fix event_function_call() locking perf: Extract a few helpers perf: Optimize context reschedule for single PMU cases ... commit 941c122da5c8355335dc16011c1c291a32cd1118 Merge: 9f39757957c116 ef493f4b122d6b Author: Linus Torvalds Date: Wed Sep 18 15:00:50 2024 +0200 Merge tag 'perf-urgent-2024-09-18' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull perf event fixes from Ingo Molnar: "Left over from the v6.11 cycle: - Fix energy-pkg event enumeration on certain AMD CPUs - Set up the LBR branch stack for BPF counting events too" * tag 'perf-urgent-2024-09-18' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: perf/x86/intel: Allow to setup LBR for counting event for BPF perf/x86/rapl: Fix the energy-pkg event for AMD CPUs commit 9f39757957c11677ceb4600c81888db12b2fef5d Merge: f4960b002ce81f d1b35e6d34e9b4 Author: Linus Torvalds Date: Wed Sep 18 12:57:04 2024 +0200 Merge tag 'chrome-platform-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/chrome-platform/linux Pull chrome platform updates from Tzung-Bi Shih: - Adjust DMI match table for Framework Laptop for improving maintainabilities for both legacy and new models - Add .remove driver callback for cros_ec_typec in order to allow the driver to be rebound - Use kmemdup_array() for taking care possible overflows * tag 'chrome-platform-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/chrome-platform/linux: platform/chrome: chromeos_laptop: Use kmemdup_array platform/chrome: cros_ec_typec: add remove driver hook platform/chrome: cros_ec_lpc: switch primary DMI data for Framework Laptop commit f4960b002ce81f8e51245bfad0fb7eb4103962ff Merge: eec91e22fe9f05 de5e89b6654ea0 Author: Linus Torvalds Date: Wed Sep 18 12:53:22 2024 +0200 Merge tag 'fbdev-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev Pull fbdev updates from Helge Deller: - video: Reduce code when CONFIG_HAS_IOPORT=n - xenfb: Fix crash by assigning fb_info->device - pxafb: Fix possible use after free in pxafb_task() - efifb: Introduce and use new devm_register_framebuffer() function - mmpfb: Utilize devm_clk_get_enabled() helpers - various typo fixes and code cleanups * tag 'fbdev-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev: fbdev: omapfb: Fix typo in comment fbdev: pxafb: Fix possible use after free in pxafb_task() fbdev: xen-fbfront: Assign fb_info->device fbdev: hyperv_fb: Convert comma to semicolon fbdev: imsttfb: convert comma to semicolon fbdev: pxa3xx-gcu: Convert comma to semicolon fbdev: efifb: Use driver-private screen_info for sysfs fbdev: efifb: Use devm_register_framebuffer() fbdev: efifb: Register sysfs groups through driver core fbdev: Introduce devm_register_framebuffer() fbdev: omapfb: Use sysfs_emit_at() to simplify code fbdev: omapfb: panel-sony-acx565akm: Simplify show_cabc_available_modes() fbdev: mmp: Use devm_clk_get_enabled() helpers fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() video: Handle HAS_IOPORT dependencies commit 55bef83509f0cbe4cc54a583ac0313389dabee66 Author: Shen Lichuan Date: Wed Sep 18 03:45:39 2024 -0700 Input: Convert comma to semicolon To ensure code clarity and prevent potential errors, it's advisable to employ the ';' as a statement separator, except when ',' are intentionally used for specific purposes. Signed-off-by: Shen Lichuan Link: https://lore.kernel.org/r/20240918032246.9147-1-shenlichuan@vivo.com Signed-off-by: Dmitry Torokhov commit eec91e22fe9f05846a7410beab671f26bef7ba7b Merge: c27ea952c61477 97162f6093d263 Author: Linus Torvalds Date: Wed Sep 18 12:45:52 2024 +0200 Merge tag 'iommu-updates-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/iommu/linux Pull iommu updates from Joerg Roedel: "Core changes: - Allow ATS on VF when parent device is identity mapped - Optimize unmap path on ARM io-pagetable implementation - Use of_property_present() ARM-SMMU changes: - SMMUv2: - Devicetree binding updates for Qualcomm MMU-500 implementations - Extend workarounds for broken Qualcomm hypervisor to avoid touching features that are not available (e.g. 16KiB page support, reserved context banks) - SMMUv3: - Support for NVIDIA's custom virtual command queue hardware - Fix Stage-2 stall configuration and extend tests to cover this area - A bunch of driver cleanups, including simplification of the master rbtree code - Minor cleanups and fixes across both drivers Intel VT-d changes: - Retire si_domain and convert to use static identity domain - Batched IOTLB/dev-IOTLB invalidation - Small code refactoring and cleanups AMD-Vi changes: - Cleanup and refactoring of io-pagetable code - Add parameter to limit the used io-pagesizes - Other cleanups and fixes" * tag 'iommu-updates-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/iommu/linux: (77 commits) dt-bindings: arm-smmu: Add compatible for QCS8300 SoC iommu/amd: Test for PAGING domains before freeing a domain iommu/amd: Fix argument order in amd_iommu_dev_flush_pasid_all() iommu/amd: Add kernel parameters to limit V1 page-sizes iommu/arm-smmu-v3: Reorganize struct arm_smmu_ctx_desc_cfg iommu/arm-smmu-v3: Add types for each level of the CD table iommu/arm-smmu-v3: Shrink the cdtab l1_desc array iommu/arm-smmu-v3: Do not use devm for the cd table allocations iommu/arm-smmu-v3: Remove strtab_base/cfg iommu/arm-smmu-v3: Reorganize struct arm_smmu_strtab_cfg iommu/arm-smmu-v3: Add types for each level of the 2 level stream table iommu/arm-smmu-v3: Add arm_smmu_strtab_l1/2_idx() iommu/arm-smmu-qcom: apply num_context_bank fixes for SDM630 / SDM660 iommu/arm-smmu-v3: Use the new rb tree helpers dt-bindings: arm-smmu: document the support on SA8255p iommu/tegra241-cmdqv: Do not allocate vcmdq until dma_set_mask_and_coherent iommu/tegra241-cmdqv: Drop static at local variable iommu/tegra241-cmdqv: Fix ioremap() error handling in probe() iommu/amd: Do not set the D bit on AMD v2 table entries iommu/amd: Correct the reported page sizes from the V1 table ... commit c27ea952c614779db84bc2326e686ba7cc1c865c Merge: 39b3f4e0db5d85 2cb4acf2140be8 Author: Linus Torvalds Date: Wed Sep 18 12:40:48 2024 +0200 Merge tag 'hwmon-for-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging Pull hwmon updates from Guenter Roeck: "New drivers: - driver for Sophgo SG2042 external hardware monitor - thermal sensor driver for Surface Aggregator Module Added support to existing drivers: - oxp-sensors: Support for multiple new devices. - nct6775: Added G15CF to ASUS WMI monitoring list Modernizations: - driver cleanup and update to use with_info API: ina2xx, lm92, lm95234, max1619, max1668, and max6697. API updates: - removed unused devm_hwmon_device_unregister() API function Other notable changes - implement and use generic bus access delay for pmbus drivers - use with scoped for each OF child loop in several drivers - module unloading fixes for gsc-hwmon and ntc_thermistor drivers - converted various drivers to use multi-byte regmap operations - adt7475: Improved devicetree based configuration - ltc2947: Move to firmware agnostic API - ltc2978: Converted devicetree description to yaml - max16065: Addressed overflows when writing limit attributes Various other minor cleanups, fixes and improvements" * tag 'hwmon-for-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging: (96 commits) hwmon: Remove devm_hwmon_device_unregister() API function hwmon: (sch5636) Print unknown ID in error string via %*pE hwmon: (sht21) Use %*ph to print small buffer hwmon: (pmbus/mpq7932) Constify struct regulator_desc hwmon: pmbus: pli12096bc: Add write delay hwmon: pmbus: zl6100: Use generic code hwmon: pmbus: ucd9000: Use generic code hwmon: pmbus: max15301: Use generic code hwmon: pmbus: Implement generic bus access delay hwmon: (ina2xx) Use shunt voltage to calculate current hwmon: (ina2xx) Add support for current limits hwmon: (ina2xx) Pass register to alert limit write functions hwmon: (ina2xx) Convert to use with_info hwmon API hwmon: (ina2xx) Move ina2xx_get_value() hwmon: (ina2xx) Set alert latch hwmon: (ina2xx) Consolidate chip initialization code hwmon: (ina2xx) Fix various overflow issues hwmon: (ina2xx) Re-initialize chip using regmap functions hwmon: (ina2xx) Use local regmap pointer if used more than once hwmon: (ina2xx) Mark regmap_config as const ... commit 2f02b5af3a4482b216e6a466edecf6ba8450fa45 Author: Qiu-ji Chen Date: Fri Sep 13 16:35:04 2024 +0800 drbd: Fix atomicity violation in drbd_uuid_set_bm() The violation of atomicity occurs when the drbd_uuid_set_bm function is executed simultaneously with modifying the value of device->ldev->md.uuid[UI_BITMAP]. Consider a scenario where, while device->ldev->md.uuid[UI_BITMAP] passes the validity check when its value is not zero, the value of device->ldev->md.uuid[UI_BITMAP] is written to zero. In this case, the check in drbd_uuid_set_bm might refer to the old value of device->ldev->md.uuid[UI_BITMAP] (before locking), which allows an invalid value to pass the validity check, resulting in inconsistency. To address this issue, it is recommended to include the data validity check within the locked section of the function. This modification ensures that the value of device->ldev->md.uuid[UI_BITMAP] does not change during the validation process, thereby maintaining its integrity. This possible bug is found by an experimental static analysis tool developed by our team. This tool analyzes the locking APIs to extract function pairs that can be concurrently executed, and then analyzes the instructions in the paired functions to identify possible concurrency bugs including data races and atomicity violations. Fixes: 9f2247bb9b75 ("drbd: Protect accesses to the uuid set with a spinlock") Cc: stable@vger.kernel.org Signed-off-by: Qiu-ji Chen Reviewed-by: Philipp Reisner Link: https://lore.kernel.org/r/20240913083504.10549-1-chenqiuji666@gmail.com Signed-off-by: Jens Axboe commit 39b3f4e0db5d85aa82678d9e7bc59f5e56667e2e Merge: 667495de218c25 c121d5cc3a993c Author: Linus Torvalds Date: Wed Sep 18 12:12:41 2024 +0200 Merge tag 'hardening-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull hardening updates from Kees Cook: - lib/string_choices: - Add str_up_down() helper (Michal Wajdeczko) - Add str_true_false()/str_false_true() helper (Hongbo Li) - Introduce several opposite string choice helpers (Hongbo Li) - lib/string_helpers: - rework overflow-dependent code (Justin Stitt) - fortify: refactor test_fortify Makefile to fix some build problems (Masahiro Yamada) - string: Check for "nonstring" attribute on strscpy() arguments - virt: vbox: Replace 1-element arrays with flexible arrays - media: venus: hfi_cmds: Replace 1-element arrays with flexible arrays * tag 'hardening-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: lib/string_choices: Add some comments to make more clear for string choices helpers. lib/string_choices: Introduce several opposite string choice helpers lib/string_choices: Add str_true_false()/str_false_true() helper string: Check for "nonstring" attribute on strscpy() arguments media: venus: hfi_cmds: struct hfi_session_release_buffer_pkt: Add __counted_by annotation media: venus: hfi_cmds: struct hfi_session_release_buffer_pkt: Replace 1-element array with flexible array virt: vbox: struct vmmdev_hgcm_pagelist: Replace 1-element array with flexible array lib/string_helpers: rework overflow-dependent code coccinelle: Add rules to find str_down_up() replacements string_choices: Add wrapper for str_down_up() coccinelle: Add rules to find str_up_down() replacements lib/string_choices: Add str_up_down() helper fortify: use if_changed_dep to record header dependency in *.cmd files fortify: move test_fortify.sh to lib/test_fortify/ fortify: refactor test_fortify Makefile to fix some build problems commit 667495de218c25e909c6b33ed647b592a8a71a02 Merge: 7c9026b2b05454 44f65d90069827 Author: Linus Torvalds Date: Wed Sep 18 11:53:31 2024 +0200 Merge tag 'execve-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull execve updates from Kees Cook: - binfmt_elf: Dump smaller VMAs first in ELF cores (Brian Mak) - binfmt_elf: mseal address zero (Jeff Xu) - binfmt_elf, coredump: Log the reason of the failed core dumps (Roman Kisel) * tag 'execve-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: binfmt_elf: mseal address zero binfmt_elf: Dump smaller VMAs first in ELF cores binfmt_elf, coredump: Log the reason of the failed core dumps coredump: Standartize and fix logging commit 7c9026b2b054540bb25203eee1b073a32da84020 Merge: 200289db261f0c 1bf8012fc6997f Author: Linus Torvalds Date: Wed Sep 18 11:47:03 2024 +0200 Merge tag 'pstore-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull pstore updates from Kees Cook: - ramoops: Fix .rst typo (Steven Rostedt) - pstore: replace spinlock_t by raw_spinlock_t (Wen Yang) * tag 'pstore-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: pstore: replace spinlock_t by raw_spinlock_t pstore/ramoops: Fix typo as there is no "reserver" commit 8451a3c7879d8883fd3fbd9dd7cbe7ecc31e89ce Author: Vijendar Mukunda Date: Mon Sep 16 11:43:18 2024 +0530 ASoC: amd: acp: don't set card long_name UCM can load a board-specific file based on the card long_name. Remove the constant "AMD Soundwire SOF" long_name so that the ASoC core can set the long_name based on DMI information. Signed-off-by: Vijendar Mukunda Link: https://patch.msgid.link/20240916061318.3147988-1-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 200289db261f0c8131a5756133e9d30966289c3b Merge: 2fe3c78a2c26dd c6ccb691d48454 Author: Linus Torvalds Date: Wed Sep 18 10:49:45 2024 +0200 Merge tag 'pmdomain-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm Pull pmdomain updates from Ulf Hansson: "pmdomain core: - Add support for s2idle for CPU PM domains on PREEMPT_RT - Add device managed version of dev_pm_domain_attach|detach_list() - Improve layout of the debugfs summary table pmdomain providers: - amlogic: Remove obsolete vpu domain driver - bcm: raspberrypi: Add support for devices used as wakeup-sources - imx: Fixup clock handling for imx93 at driver remove - rockchip: Add gating support for RK3576 - rockchip: Add support for RK3576 SoC - Some OF parsing simplifications - Some simplifications by using dev_err_probe() and guard() pmdomain consumers: - qcom/media/venus: Convert to the device managed APIs for PM domains cpuidle-psci: - Add support for s2idle/s2ram for the hierarchical topology on PREEMPT_RT - Some OF parsing simplifications" * tag 'pmdomain-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/linux-pm: (39 commits) pmdomain: core: Reduce debug summary table width pmdomain: core: Move mode_status_str() pmdomain: core: Fix "managed by" alignment in debug summary pmdomain: core: Harden inter-column space in debug summary pmdomain: rockchip: Add gating masks for rk3576 pmdomain: rockchip: Add gating support pmdomain: rockchip: Simplify dropping OF node reference pmdomain: mediatek: make use of dev_err_cast_probe() pmdomain: imx93-pd: drop the context variable "init_off" pmdomain: imx93-pd: don't unprepare clocks on driver remove pmdomain: imx93-pd: replace dev_err() with dev_err_probe() pmdomain: qcom: rpmpd: Simplify locking with guard() pmdomain: qcom: rpmhpd: Simplify locking with guard() pmdomain: qcom: cpr: Simplify locking with guard() pmdomain: qcom: cpr: Simplify with dev_err_probe() pmdomain: imx: gpcv2: Simplify with scoped for each OF child loop pmdomain: imx: gpc: Simplify with scoped for each OF child loop pmdomain: rockchip: SimplUlf Hanssonify locking with guard() pmdomain: rockchip: Simplify with scoped for each OF child loop pmdomain: qcom-cpr: Use scope based of_node_put() to simplify code. ... commit 4015580e983daa699d7e1693328dd81f0e295589 Author: Karthikeyan Krishnasamy Date: Thu Sep 12 19:54:48 2024 +0530 dt-bindings: rtc: microcrystal,rv3028: add #clock-cells property RV3028 RTC has a clock out features, the clk out can be controlled using clkout register, to consume the clock out from rv3028 '#clock-cells' property is added. Acked-by: Conor Dooley Signed-off-by: Karthikeyan Krishnasamy Acked-by: Alexandre Belloni Link: https://lore.kernel.org/r/20240912142451.2952633-4-karthikeyan@linumiz.com Signed-off-by: Alexandre Belloni commit 2fe3c78a2c26dd5ee811024a1b7d6cfb4d654319 Merge: 9b08f8327f71bf 8b7e0a6c443e85 Author: Linus Torvalds Date: Wed Sep 18 10:46:27 2024 +0200 Merge tag 'pwrseq-updates-for-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux Pull power sequencing updates from Bartosz Golaszewski: "There's one change adding support for a new PMU model and another adding documentation for the subsystem which probably should have been part of the initial commit but better late than never: - add support for the new PMU variant inside the WCN6855 chipset - add documentation for the subsystem" * tag 'pwrseq-updates-for-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux: Documentation: add a driver API doc for the power sequencing subsystem power: sequencing: qcom-wcn: add support for the WCN6855 PMU commit 9b08f8327f71bf3b091567f0a9ddb72ca60f4fb2 Merge: cc52dc2fe39ff5 6b5e97c020060c Author: Linus Torvalds Date: Wed Sep 18 10:43:07 2024 +0200 Merge tag 'gpio-updates-for-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux Pull gpio updates from Bartosz Golaszewski: "Core GPIOLIB: - provide and add users for a macro allowing to iterate over accepted GPIO property names of consumer device nodes - remove legacy definitions that are no longer used - put legacy GPIO devres helpers together with the rest of the deprecated code - implement and use swnode_gpio_get_reference(): a wrapper simplifying the underlying calls to fwnode_property_get_reference_args() - use IS_ERR_OR_NULL() where it makes sense - replace of_find_property() with of_property_present() - simplify code with the scoped variant of OF-node children iterator Documentation: - update GPIO kerneldocs with Return sections - fix "Excess struct member description" warnings now being triggered with W=1 New drivers: - add support for Analog Devices ADP5585 Driver improvements: - add support for wake-on-GPIO to gpio-mpc8xxx - use GPIO_LOOKUP_IDX() in gpio-virtuser - use devm_clk_get_[optional_]enabled() where applicable in several drivers - replace OF-specific functions with provider-agnostic alternatives where possible - drop support for legacy platform data from gpio-ath79 and gpio-davinci - refactor gpio-stmpe - improve error reporting in gpio-pca953x - add support for reading the direction of pins for some models to gpio-vf610 DT bindings: - convert the bindings for nxp,lpc3220 to YAML - add gpio-reserved-ranges to gpio-davinci - simplify the GPIO hog schema - fix a GPIO hog issue in bindings for fcs,fxl6408 Other: - fix format specifiers in user-space tools - remove leftover files on make clean in tools/gpio/" * tag 'gpio-updates-for-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux: (54 commits) gpio: mpc8xxx: switch to using DEFINE_RUNTIME_DEV_PM_OPS() gpio: xilinx: Use helper function devm_clk_get_optional_enabled() gpio: mb86s7x: Use helper function devm_clk_get_optional_enabled() gpio: lpc18xx: Use helper function devm_clk_get_enabled() gpio: cadence: Use helper function devm_clk_get_enabled() gpio: sama5d2-piobu: convert comma to semicolon gpio: mpc8xxx: order headers alphabetically gpio: davinci: use devm_clk_get_enabled() gpio: davinci: drop platform data support gpio: stmpe: Sort headers gpio: stmpe: Make use of device properties gpio: stmpe: Utilise temporary variable for struct device gpio: stmpe: Remove unused 'dev' member of struct stmpe_gpio gpio: stmpe: Fix IRQ related error messages gpio: pch: kerneldoc fixes for excess members gpio: zynq: Simplify using devm_clk_get_enabled() gpio: mpc8xxx: Add wake on GPIO support gpio: syscon: fix excess struct member build warning gpio: stp-xway: Simplify using devm_clk_get_enabled() gpiolib: legacy: Consolidate devm_gpio_*() with other legacy APIs ... commit cc52dc2fe39ff5dee9916ac2d9381ec3cbf650c0 Merge: 7fced2a78a2663 d242feaf81d63b Author: Linus Torvalds Date: Wed Sep 18 10:39:35 2024 +0200 Merge tag 'pwm/for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ukleinek/linux Pull pwm updates from Uwe Kleine-König: "This contains some cleanups to the core and some mostly minor updates to a bunch of drivers and device tree bindings. One thing worth pointing out is that it contains an immutable branch containing support for a new mfd chip (Analog Devices ADP5585) with several sub drivers. Thanks go to Andrew Kreimer, Clark Wang, Conor Dooley, David Lechner, Dmitry Rokosov, Frank Li, Geert Uytterhoeven, George Stark, Jiapeng Chong, Krzysztof Kozlowski, Laurent Pinchart, Liao Chen, Liu Ying, Rob Herring and Wolfram Sang for code contributions and reviews and to Lee Jones for preparing the above mentioned immutable branch" * tag 'pwm/for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ukleinek/linux: (21 commits) pwm: stm32: Fix a typo dt-bindings: pwm: amlogic: Add new bindings for meson A1 PWM dt-bindings: pwm: amlogic: Add optional power-domains pwm: Switch back to struct platform_driver::remove() dt-bindings: pwm: allwinner,sun4i-a10-pwm: add top-level constraints pwm: axi-pwmgen: use shared macro for version reg pwm: atmel-hlcdc: Drop trailing comma pwm: atmel-hlcdc: Enable module autoloading pwm: omap-dmtimer: Use of_property_read_bool() pwm: adp5585: Set OSC_EN bit to 1 when PWM state is enabled pwm: lp3943: Fix an incorrect type in lp3943_pwm_parse_dt() pwm: Simplify pwm_capture() pwm: lp3943: Use of_property_count_u32_elems() to get property length pwm: Don't export pwm_capture() pwm: Make info in traces about affected pwm more useful dt-bindings: pwm: renesas,tpu: Add r8a779h0 support dt-bindings: pwm: renesas,pwm-rcar: Add r8a779h0 support pwm: adp5585: Add Analog Devices ADP5585 support gpio: adp5585: Add Analog Devices ADP5585 support mfd: adp5585: Add Analog Devices ADP5585 core support ... commit 7fced2a78a26630a01f872abe21bb3366acacc82 Merge: 2471d2b3b2b888 cd3689b6772fbc Author: Linus Torvalds Date: Wed Sep 18 10:36:30 2024 +0200 Merge tag 'mmc-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc Pull MMC updates from Ulf Hansson: "MMC core: - Add documentation for the mmc-test driver - Register the eMMC RPMB partition with the RPMB subsystem - Some various cleanups MMC host: - dw_mmc-rockchip: Add support for the RK3576 variant - renesas_sdhi: Add support for the RZ/V2H(P) variant - sdhci_am654: Add a retry mechanism for tuning - sdhci-atmel: Convert DT bindings to json schema - sdhci-of-dwcmshc: - Add eMMC HW reset support for BlueField-3 SoC - Add support for the RK3576 variant - Add support for the Sophgo SG2042 variant - sdhci-of-ma35d1: Add new driver for the Nuvoton MA35D1 SDHCI Misc/Tee: - Add Replay Protected Memory Block (RPMB) subsystem - Let optee probe RPMB device using RPMB subsystem" * tag 'mmc-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc: (41 commits) mmc: core: Use dev_err_probe for deferred regulators optee: Fix a NULL vs IS_ERR() check mmc: sdhci_am654: Add prints to tuning algorithm mmc: sdhci_am654: Add retry tuning dt-bindings: mmc: Add support for rk3576 eMMC Documentation: mmc: Add mmc-test doc rpmb: fix error path in rpmb_dev_register() optee: add RPMB dependency mmc: block: add RPMB dependency mmc: core Convert UNSTUFF_BITS macro to inline function dt-bindings: mmc: sdhci-atmel: Convert to json schema mmc: core: Convert simple_stroul to kstroul mmc: core: Calculate size from pointer mmc: cqhci: Make use of cqhci_halted() routine mmc: core: Replace the argument of mmc_sd_switch() with defines mmc: dw_mmc-rockchip: Add support for rk3576 SoCs mmc: dw_mmc-rockchip: Add internal phase support dt-bindings: mmc: Add support for rk3576 dw-mshc mmc: sdhci-of-dwcmshc: Add hw_reset() support for BlueField-3 SoC mmc: core: remove left-over data structure declarations ... commit 2471d2b3b2b88802a66e9ff97b32387e1e233470 Merge: 288cb34ead03c0 869acb874f2b61 Author: Linus Torvalds Date: Wed Sep 18 10:30:40 2024 +0200 Merge tag 'mtd/for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux Pull MTD updates from Miquel Raynal: "MTD changes: - No particularly important patchset this cycle, but we have a few usual improvements: like using a better/more recent helper or checking a return value. Raw NAND changes: - The use of for_each_child_of_node_scoped() has been spread into the subsystem drivers - a couple of exit path have been fixed (mtk, denali) - TI GPMC bindings have been enhanced to comply with up-to-date partition descriptions - a load of small and misc fixes SPI-NAND changes: - The most impacting series this cycle is bringing support for continuous reads in the SPI-NAND subsystem. This is a feature already merged in the raw NAND subsystem which allows optimizing the internal fetch times in the chip while reading sequential pages within an eraseblock. For now only Macronix NANDs benefit from this feature. While we are talking about Macronix, some of their chip need an explicit action for selecting a different plane, and support for it has also been brought. - The bitflip threshold has also been set to the same arbitrary level as in the raw NAND subsystem to optimize wear leveling decisions - Add upport for a new Winbond chip SPI NOR changes: - Add Write Protect support for N25Q064A. - New flash support for Zetta ZD25Q128C and Spansion S28HS256T. - Fix a NULL dereference in probe path for flashes without a name. The probe path tries to access the name without checking its existence first. S28HS256T is the first flash to define its entry without a name, uncovering this issue" * tag 'mtd/for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux: (41 commits) mtd: spi-nor: fix flash probing mtd: spi-nor: spansion: Add support for S28HS256T mtd: spi-nor: winbond: add Zetta ZD25Q128C support mtd: spi-nor: micron-st: Add n25q064a WP support mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()` mtd: spinand: macronix: Flag parts needing explicit plane select mtd: spinand: Add support for setting plane select bits dt-bindings: mtd: ti, gpmc-nand: support partitions node mtd: rawnand: mtk: Fix init error path mtd: powernv: Add check devm_kasprintf() returned value mtd: rawnand: mtk: Factorize out the logic cleaning mtk chips mtd: rawnand: atmel: Add message on DMA usage mtd: rawnand: meson: Fix typo in function name mtd: spi-nand: macronix: Continuous read support mtd: spi-nand: macronix: Add a possible bitflip status flag mtd: spi-nand: macronix: Extract the bitflip retrieval logic mtd: spi-nand: macronix: Fix helper name mtd: spi-nand: Expose spinand_write_reg_op() mtd: spi-nand: Add continuous read support mtd: spi-nand: Isolate the MTD read logic in a helper ... commit 862b9a8eb900d347af5be0eb1aeef9b161a83e77 Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:26 2024 +0200 virtio_fs: allow idmapped mounts Allow idmapped mounts for virtiofs. It's absolutely safe as for virtiofs we have the same feature negotiation mechanism as for classical fuse filesystems. This does not affect any existing setups anyhow. virtiofsd support: https://gitlab.com/virtio-fs/virtiofsd/-/merge_requests/245 Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Reviewed-by: Stefan Hajnoczi Signed-off-by: Miklos Szeredi commit 288cb34ead03c0d09932317b239f1f4d38fc9d4f Merge: bfbb96324a4a8d e50a57d16f897e Author: Linus Torvalds Date: Wed Sep 18 10:24:22 2024 +0200 Merge tag 'for-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supply Pull power supply and reset updates from Sebastian Reichel: "Power-supply core: - introduce power_supply_show_enum_with_available() helper - change usb_types from an array into a bitmask - fix early usage of power_supply_property_is_writeable() resulting in sysfs files not being writable - fix missing temp1_max_alarm attribute in power-supply's hwmon devices Drivers: - max1720x: expose nvmem device - brcmstb: cleanup driver to use latest APIs - max77693: expose input and charging current limit - max17042_battery: fix state of charge reading for devices without current sensing - axp20x_battery: add AXP717 support - axp20x_battery: fix min/max voltage properties - axp20x_usb_power: add AXP717 support - axp20x_usb_power: add DT based input current limit Documentation updates Misc minor cleanups and fixes" * tag 'for-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supply: (38 commits) power: supply: hwmon: Fix missing temp1_max_alarm attribute power: supply: Drop use_cnt check from power_supply_property_is_writeable() power: supply: ab8500: Constify struct kobj_type power: supply: max1720x: fix a double free on error in probe() power: supply: axp20x_battery: add support for AXP717 power: supply: axp20x_usb_power: Add support for AXP717 dt-bindings: power: supply: axp20x: Add AXP717 compatible dt-bindings: power: supply: axp20x: Add AXP717 compatible power: supply: axp20x_usb_power: Fix spelling mistake "reqested" -> "requested" power: supply: Change usb_types from an array into a bitmask power: supply: sysfs: Move power_supply_show_enum_with_available() up power: supply: sysfs: Add power_supply_show_enum_with_available() helper power: supply: rt9467-charger: Remove "usb_type" property write support power: supply: ucs1002: Adjust ucs1002_set_usb_type() to accept string values power: supply: "usb_type" property may be written to power: supply: max1720x: add read support for nvmem mfd: axp20x: Add ADC, BAT, and USB cells for AXP717 power: supply: core: constify psy_tzd_ops power: reset: brcmstb: Do not go into infinite loop if reset fails power: reset: brcmstb: Use devm_register_sys_off_handler() ... commit cb2deca056d579fe008c8d0a4ceb04d2b368fe42 Author: Nikolai Afanasenkov Date: Mon Sep 16 13:50:42 2024 -0600 ALSA: hda/realtek: fix mute/micmute LED for HP mt645 G8 The HP Elite mt645 G8 Mobile Thin Client uses an ALC236 codec and needs the ALC236_FIXUP_HP_MUTE_LED_MICMUTE_VREF quirk to enable the mute and micmute LED functionality. This patch adds the system ID of the HP Elite mt645 G8 to the `alc269_fixup_tbl` in `patch_realtek.c` to enable the required quirk. Cc: stable@vger.kernel.org Signed-off-by: Nikolai Afanasenkov Link: https://patch.msgid.link/20240916195042.4050-1-nikolai.afanasenkov@hp.com Signed-off-by: Takashi Iwai commit bfbb96324a4a8dfd44c88f64e4e0ef8ea4ab128b Merge: bdf56c7580d267 c3eddf5e8c30ad Author: Linus Torvalds Date: Wed Sep 18 10:09:48 2024 +0200 Merge tag 'hsi-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-hsi Pull HSI update from Sebastian Reichel: - omap-ssi: remove unnecessary debugfs_create_dir() error check * tag 'hsi-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-hsi: HSI: omap-ssi: Remove unnecessary debugfs_create_dir() error check commit bdf56c7580d267a123cc71ca0f2459c797b76fde Merge: efdfcd40ad5e14 ecc4d6af979b3b Author: Linus Torvalds Date: Wed Sep 18 08:53:53 2024 +0200 Merge tag 'slab-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab Pull slab updates from Vlastimil Babka: "This time it's mostly refactoring and improving APIs for slab users in the kernel, along with some debugging improvements. - kmem_cache_create() refactoring (Christian Brauner) Over the years have been growing new parameters to kmem_cache_create() where most of them are needed only for a small number of caches - most recently the rcu_freeptr_offset parameter. To avoid adding new parameters to kmem_cache_create() and adjusting all its callers, or creating new wrappers such as kmem_cache_create_rcu(), we can now pass extra parameters using the new struct kmem_cache_args. Not explicitly initialized fields default to values interpreted as unused. kmem_cache_create() is for now a wrapper that works both with the new form: kmem_cache_create(name, object_size, args, flags) and the legacy form: kmem_cache_create(name, object_size, align, flags, ctor) - kmem_cache_destroy() waits for kfree_rcu()'s in flight (Vlastimil Babka, Uladislau Rezki) Since SLOB removal, kfree() is allowed for freeing objects allocated by kmem_cache_create(). By extension kfree_rcu() as allowed as well, which can allow converting simple call_rcu() callbacks that only do kmem_cache_free(), as there was never a kmem_cache_free_rcu() variant. However, for caches that can be destroyed e.g. on module removal, the cache owners knew to issue rcu_barrier() first to wait for the pending call_rcu()'s, and this is not sufficient for pending kfree_rcu()'s due to its internal batching optimizations. Ulad has provided a new kvfree_rcu_barrier() and to make the usage less error-prone, kmem_cache_destroy() calls it. Additionally, destroying SLAB_TYPESAFE_BY_RCU caches now again issues rcu_barrier() synchronously instead of using an async work, because the past motivation for async work no longer applies. Users of custom call_rcu() callbacks should however keep calling rcu_barrier() before cache destruction. - Debugging use-after-free in SLAB_TYPESAFE_BY_RCU caches (Jann Horn) Currently, KASAN cannot catch UAFs in such caches as it is legal to access them within a grace period, and we only track the grace period when trying to free the underlying slab page. The new CONFIG_SLUB_RCU_DEBUG option changes the freeing of individual object to be RCU-delayed, after which KASAN can poison them. - Delayed memcg charging (Shakeel Butt) In some cases, the memcg is uknown at allocation time, such as receiving network packets in softirq context. With kmem_cache_charge() these may be now charged later when the user and its memcg is known. - Misc fixes and improvements (Pedro Falcato, Axel Rasmussen, Christoph Lameter, Yan Zhen, Peng Fan, Xavier)" * tag 'slab-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab: (34 commits) mm, slab: restore kerneldoc for kmem_cache_create() io_uring: port to struct kmem_cache_args slab: make __kmem_cache_create() static inline slab: make kmem_cache_create_usercopy() static inline slab: remove kmem_cache_create_rcu() file: port to struct kmem_cache_args slab: create kmem_cache_create() compatibility layer slab: port KMEM_CACHE_USERCOPY() to struct kmem_cache_args slab: port KMEM_CACHE() to struct kmem_cache_args slab: remove rcu_freeptr_offset from struct kmem_cache slab: pass struct kmem_cache_args to do_kmem_cache_create() slab: pull kmem_cache_open() into do_kmem_cache_create() slab: pass struct kmem_cache_args to create_cache() slab: port kmem_cache_create_usercopy() to struct kmem_cache_args slab: port kmem_cache_create_rcu() to struct kmem_cache_args slab: port kmem_cache_create() to struct kmem_cache_args slab: add struct kmem_cache_args slab: s/__kmem_cache_create/do_kmem_cache_create/g memcg: add charging of already allocated slab objects mm/slab: Optimize the code logic in find_mergeable() ... commit efdfcd40ad5e14d66f2e66e1fbbfb375c26bd3d7 Merge: 6d450d120f0a9f a49f48cc7d2627 Author: Linus Torvalds Date: Wed Sep 18 08:34:45 2024 +0200 Merge tag 'lkmm.2024.09.14b' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu Pull memory model doc updates from Paul McKenney: "lkmm: Add documentation and mailing list This contains documentation updates from Andrea Parri and Akira Yokosawa. Also, there is now an lkmm@lists.linux.dev, and Boqun Feng's update adds this to the LKMM MAINTAINERS entry. Not included are a couple of more commits from Puranjay Mohan adding more atomic operations to LKMM, but these await a herdtools7 release that includes tool-side support for this functionality. With luck, I will send a separate pull request for these later in the merge window" * tag 'lkmm.2024.09.14b' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu: MAINTAINERS: Add the dedicated maillist info for LKMM docs/memory-barriers.txt: Remove left-over references to "CACHE COHERENCY" tools/memory-model: simple.txt: Fix stale reference to recipes-pairs.txt tools/memory-model: Add locking.txt and glossary.txt to README tools/memory-model: Document herd7 (abstract) representation commit 6d450d120f0a9f661cd78cfa4bcdf5c6e31e4b31 Merge: e651e0a47348ce b8e753128ed074 Author: Linus Torvalds Date: Wed Sep 18 08:31:57 2024 +0200 Merge tag 'misc.2024.09.14a' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu Pull core dump update from Paul McKenney: "Sleep at TASK_IDLE when waiting for application core dump This causes the coredump_task_exit() function to sleep at TASK_IDLE, thus preventing task-blocked splats in case of large core dumps to slow devices" * tag 'misc.2024.09.14a' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu: exit: Sleep at TASK_IDLE when waiting for application core dump commit e651e0a47348cea260837ed5b463a489b1e8095e Merge: 067610ebaaec53 43d631bf06ec96 Author: Linus Torvalds Date: Wed Sep 18 08:28:59 2024 +0200 Merge tag 'kcsan.2024.09.14a' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu Pull kcsan update from Paul McKenney: "Use min() to fix Coccinelle warning. Courtesy of Thorsten Blum" * tag 'kcsan.2024.09.14a' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu: kcsan: Use min() to fix Coccinelle warning commit 067610ebaaec53809794807842a2fcf5f1f5b9eb Merge: 85a77db95af491 355debb83bf798 Author: Linus Torvalds Date: Wed Sep 18 07:52:24 2024 +0200 Merge tag 'rcu.release.v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/rcu/linux Pull RCU updates from Neeraj Upadhyay: "Context tracking: - rename context tracking state related symbols and remove references to "dynticks" in various context tracking state variables and related helpers - force context_tracking_enabled_this_cpu() to be inlined to avoid leaving a noinstr section CSD lock: - enhance CSD-lock diagnostic reports - add an API to provide an indication of ongoing CSD-lock stall nocb: - update and simplify RCU nocb code to handle (de-)offloading of callbacks only for offline CPUs - fix RT throttling hrtimer being armed from offline CPU rcutorture: - remove redundant rcu_torture_ops get_gp_completed fields - add SRCU ->same_gp_state and ->get_comp_state functions - add generic test for NUM_ACTIVE_*RCU_POLL* for testing RCU and SRCU polled grace periods - add CFcommon.arch for arch-specific Kconfig options - print number of update types in rcu_torture_write_types() - add rcutree.nohz_full_patience_delay testing to the TREE07 scenario - add a stall_cpu_repeat module parameter to test repeated CPU stalls - add argument to limit number of CPUs a guest OS can use in torture.sh rcustall: - abbreviate RCU CPU stall warnings during CSD-lock stalls - Allow dump_cpu_task() to be called without disabling preemption - defer printing stall-warning backtrace when holding rcu_node lock srcu: - make SRCU gp seq wrap-around faster - add KCSAN checks for concurrent updates to ->srcu_n_exp_nodelay and ->reschedule_count which are used in heuristics governing auto-expediting of normal SRCU grace periods and grace-period-state-machine delays - mark idle SRCU-barrier callbacks to help identify stuck SRCU-barrier callback rcu tasks: - remove RCU Tasks Rude asynchronous APIs as they are no longer used - stop testing RCU Tasks Rude asynchronous APIs - fix access to non-existent percpu regions - check processor-ID assumptions during chosen CPU calculation for callback enqueuing - update description of rtp->tasks_gp_seq grace-period sequence number - add rcu_barrier_cb_is_done() to identify whether a given rcu_barrier callback is stuck - mark idle Tasks-RCU-barrier callbacks - add *torture_stats_print() functions to print detailed diagnostics for Tasks-RCU variants - capture start time of rcu_barrier_tasks*() operation to help distinguish a hung barrier operation from a long series of barrier operations refscale: - add a TINY scenario to support tests of Tiny RCU and Tiny SRCU - optimize process_durations() operation rcuscale: - dump stacks of stalled rcu_scale_writer() instances and grace-period statistics when rcu_scale_writer() stalls - mark idle RCU-barrier callbacks to identify stuck RCU-barrier callbacks - print detailed grace-period and barrier diagnostics on rcu_scale_writer() hangs for Tasks-RCU variants - warn if async module parameter is specified for RCU implementations that do not have async primitives such as RCU Tasks Rude - make all writer tasks report upon hang - tolerate repeated GFP_KERNEL failure in rcu_scale_writer() - use special allocator for rcu_scale_writer() - NULL out top-level pointers to heap memory to avoid double-free bugs on modprobe failures - maintain per-task instead of per-CPU callbacks count to avoid any issues with migration of either tasks or callbacks - constify struct ref_scale_ops Fixes: - use system_unbound_wq for kfree_rcu work to avoid disturbing isolated CPUs Misc: - warn on unexpected rcu_state.srs_done_tail state - better define "atomic" for list_replace_rcu() and hlist_replace_rcu() routines - annotate struct kvfree_rcu_bulk_data with __counted_by()" * tag 'rcu.release.v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/rcu/linux: (90 commits) rcu: Defer printing stall-warning backtrace when holding rcu_node lock rcu/nocb: Remove superfluous memory barrier after bypass enqueue rcu/nocb: Conditionally wake up rcuo if not already waiting on GP rcu/nocb: Fix RT throttling hrtimer armed from offline CPU rcu/nocb: Simplify (de-)offloading state machine context_tracking: Tag context_tracking_enabled_this_cpu() __always_inline context_tracking, rcu: Rename rcu_dyntick trace event into rcu_watching rcu: Update stray documentation references to rcu_dynticks_eqs_{enter, exit}() rcu: Rename rcu_momentary_dyntick_idle() into rcu_momentary_eqs() rcu: Rename rcu_implicit_dynticks_qs() into rcu_watching_snap_recheck() rcu: Rename dyntick_save_progress_counter() into rcu_watching_snap_save() rcu: Rename struct rcu_data .exp_dynticks_snap into .exp_watching_snap rcu: Rename struct rcu_data .dynticks_snap into .watching_snap rcu: Rename rcu_dynticks_zero_in_eqs() into rcu_watching_zero_in_eqs() rcu: Rename rcu_dynticks_in_eqs_since() into rcu_watching_snap_stopped_since() rcu: Rename rcu_dynticks_in_eqs() into rcu_watching_snap_in_eqs() rcu: Rename rcu_dynticks_eqs_online() into rcu_watching_online() context_tracking, rcu: Rename rcu_dynticks_curr_cpu_in_eqs() into rcu_is_watching_curr_cpu() context_tracking, rcu: Rename rcu_dynticks_task*() into rcu_task*() refscale: Constify struct ref_scale_ops ... commit 85a77db95af4915b235b3cffb7eff9a1a2206d14 Merge: 78567e2bc723b4 b4722b8593b881 Author: Linus Torvalds Date: Wed Sep 18 06:59:44 2024 +0200 Merge tag 'wq-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq Pull workqueue updates from Tejun Heo: "Nothing major: - workqueue.panic_on_stall boot param added - alloc_workqueue_lockdep_map() added (used by DRM) - Other cleanusp and doc updates" * tag 'wq-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq: kernel/workqueue.c: fix DEFINE_PER_CPU_SHARED_ALIGNED expansion workqueue: Fix another htmldocs build warning workqueue: fix null-ptr-deref on __alloc_workqueue() error workqueue: Don't call va_start / va_end twice workqueue: Fix htmldocs build warning workqueue: Add interface for user-defined workqueue lockdep map workqueue: Change workqueue lockdep map to pointer workqueue: Split alloc_workqueue into internal function and lockdep init Documentation: kernel-parameters: add workqueue.panic_on_stall workqueue: add cmdline parameter workqueue.panic_on_stall commit 78567e2bc723b444228644d2e34ae5255d4ab8a0 Merge: 2f27fce67173bb af000ce85293b8 Author: Linus Torvalds Date: Wed Sep 18 06:39:03 2024 +0200 Merge tag 'cgroup-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup Pull cgroup updates from Tejun Heo: - cpuset isolation improvements - cpuset cgroup1 support is split into its own file behind the new config option CONFIG_CPUSET_V1. This makes it the second controller which makes cgroup1 support optional after memcg - Handling of unavailable v1 controller handling improved during cgroup1 mount operations - union_find applied to cpuset. It makes code simpler and more efficient - Reduce spurious events in pids.events - Cleanups and other misc changes - Contains a merge of cgroup/for-6.11-fixes to receive cpuset fixes that further changes build upon * tag 'cgroup-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup: (34 commits) cgroup: Do not report unavailable v1 controllers in /proc/cgroups cgroup: Disallow mounting v1 hierarchies without controller implementation cgroup/cpuset: Expose cpuset filesystem with cpuset v1 only cgroup/cpuset: Move cpu.h include to cpuset-internal.h cgroup/cpuset: add sefltest for cpuset v1 cgroup/cpuset: guard cpuset-v1 code under CONFIG_CPUSETS_V1 cgroup/cpuset: rename functions shared between v1 and v2 cgroup/cpuset: move v1 interfaces to cpuset-v1.c cgroup/cpuset: move validate_change_legacy to cpuset-v1.c cgroup/cpuset: move legacy hotplug update to cpuset-v1.c cgroup/cpuset: add callback_lock helper cgroup/cpuset: move memory_spread to cpuset-v1.c cgroup/cpuset: move relax_domain_level to cpuset-v1.c cgroup/cpuset: move memory_pressure to cpuset-v1.c cgroup/cpuset: move common code to cpuset-internal.h cgroup/cpuset: introduce cpuset-v1.c selftest/cgroup: Make test_cpuset_prs.sh deal with pre-isolated CPUs cgroup/cpuset: Account for boot time isolated CPUs cgroup/cpuset: remove use_parent_ecpus of cpuset cgroup/cpuset: remove fetch_xcpus ... commit 6c10ba06bb1b48acce6d4d9c1e33beb9954f1788 Author: José Roberto de Souza Date: Thu Sep 12 08:38:42 2024 -0700 drm/xe/oa: Fix overflow in oa batch buffer By default xe_bb_create_job() appends a MI_BATCH_BUFFER_END to batch buffer, this is not a problem if batch buffer is only used once but oa reuses the batch buffer for the same metric and at each call it appends a MI_BATCH_BUFFER_END, printing the warning below and then overflowing. [ 381.072016] ------------[ cut here ]------------ [ 381.072019] xe 0000:00:02.0: [drm] Assertion `bb->len * 4 + bb_prefetch(q->gt) <= size` failed! platform: LUNARLAKE subplatform: 1 graphics: Xe2_LPG / Xe2_HPG 20.04 step B0 media: Xe2_LPM / Xe2_HPM 20.00 step B0 tile: 0 VRAM 0 B GT: 0 type 1 So here checking if batch buffer already have MI_BATCH_BUFFER_END if not append it. v2: - simply fix, suggestion from Ashutosh Cc: Ashutosh Dixit Signed-off-by: José Roberto de Souza Reviewed-by: Ashutosh Dixit Link: https://patchwork.freedesktop.org/patch/msgid/20240912153842.35813-1-jose.souza@intel.com (cherry picked from commit 9ba0e0f30ca42a98af3689460063edfb6315718a) Signed-off-by: Lucas De Marchi commit 9460f4bd5970f2e46fe190a0cb9814697bd7f21a Author: Matthew Brost Date: Tue Sep 10 18:18:20 2024 -0700 drm/xe: Do not run GPU page fault handler on a closed VM Closing a VM removes page table memory thus we shouldn't touch page tables when a VM is closed. Do not run the GPU page fault handler once the VM is closed to avoid touching page tables. Signed-off-by: Matthew Brost Reviewed-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240911011820.825127-1-matthew.brost@intel.com (cherry picked from commit f96dbf7c321d70834d46f3aedb75a671e839b51e) Signed-off-by: Lucas De Marchi commit ddc73c465628ab3e60f7eb5b4063b644c18b6336 Author: Matthew Auld Date: Wed Sep 11 16:55:30 2024 +0100 drm/xe/bo: add some annotations in bo_put() If the put() triggers bo destroy then there is at least one potential sleeping lock. Also annotate bos_lock and ggtt lock. Signed-off-by: Matthew Auld Cc: Himal Prasad Ghimiray Cc: Tejas Upadhyay Cc: "Thomas Hellström" Reviewed-by: Matthew Brost Reviewed-by: Tejas Upadhyay Link: https://patchwork.freedesktop.org/patch/msgid/20240911155527.178910-8-matthew.auld@intel.com (cherry picked from commit 3b04c2cfd71c54117237c72f2a08ff0ae1f602e2) Signed-off-by: Lucas De Marchi commit 73d10c7788f6d2b7badf9973afbdea7ca433c15d Author: Matthew Auld Date: Wed Sep 11 16:55:29 2024 +0100 drm/xe/client: use mem_type from the current resource Rather extract the mem_type from the current resource. Checking the first potential placement doesn't really tell us where the bo is currently allocated, especially if there are multiple potential placements. Signed-off-by: Matthew Auld Cc: Himal Prasad Ghimiray Cc: Tejas Upadhyay Cc: "Thomas Hellström" Reviewed-by: Matthew Brost Reviewed-by: Tejas Upadhyay Link: https://patchwork.freedesktop.org/patch/msgid/20240911155527.178910-7-matthew.auld@intel.com (cherry picked from commit fbd73b7d2ae29ef0f604f376bcc22b886a49329e) Signed-off-by: Lucas De Marchi commit 69bbe3adf36de47315498c9384f99a1ff9171694 Author: Matthew Auld Date: Wed Sep 11 16:55:28 2024 +0100 drm/xe/client: add missing bo locking in show_meminfo() bo_meminfo() wants to inspect bo state like tt and the ttm resource, however this state can change at any point leading to stuff like NPD and UAF, if the bo lock is not held. Grab the bo lock when calling bo_meminfo(), ensuring we drop any spinlocks first. In the case of object_idr we now also need to hold a ref. v2 (MattB) - Also add xe_bo_assert_held() Fixes: 0845233388f8 ("drm/xe: Implement fdinfo memory stats printing") Signed-off-by: Matthew Auld Cc: Himal Prasad Ghimiray Cc: Tejas Upadhyay Cc: "Thomas Hellström" Cc: # v6.8+ Reviewed-by: Matthew Brost Reviewed-by: Tejas Upadhyay Link: https://patchwork.freedesktop.org/patch/msgid/20240911155527.178910-6-matthew.auld@intel.com (cherry picked from commit 4f63d712fa104c3ebefcb289d1e733e86d8698c7) Signed-off-by: Lucas De Marchi commit 99b1f7493bfa757b03d41ee6d7f7d00f81fcba5d Author: Matthew Auld Date: Wed Sep 11 16:55:27 2024 +0100 drm/xe/client: fix deadlock in show_meminfo() There is a real deadlock as well as sleeping in atomic() bug in here, if the bo put happens to be the last ref, since bo destruction wants to grab the same spinlock and sleeping locks. Fix that by dropping the ref using xe_bo_put_deferred(), and moving the final commit outside of the lock. Dropping the lock around the put is tricky since the bo can go out of scope and delete itself from the list, making it difficult to navigate to the next list entry. Fixes: 0845233388f8 ("drm/xe: Implement fdinfo memory stats printing") Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2727 Signed-off-by: Matthew Auld Cc: Himal Prasad Ghimiray Cc: Tejas Upadhyay Cc: "Thomas Hellström" Cc: # v6.8+ Reviewed-by: Matthew Brost Reviewed-by: Tejas Upadhyay Link: https://patchwork.freedesktop.org/patch/msgid/20240911155527.178910-5-matthew.auld@intel.com (cherry picked from commit 0083b8e6f11d7662283a267d4ce7c966812ffd8a) Signed-off-by: Lucas De Marchi commit ee06c09ded3c2f722be4e240ed06287e23596bda Author: Matthew Auld Date: Mon Sep 16 09:49:12 2024 +0100 drm/xe/vram: fix ccs offset calculation Spec says SW is expected to round up to the nearest 128K, if not already aligned for the CC unit view of CCS. We are seeing the assert sometimes pop on BMG to tell us that there is a hole between GSM and CCS, as well as popping other asserts with having a vram size with strange alignment, which is likely caused by misaligned offset here. v2 (Shuicheng): - Do the round_up() on final SW address. BSpec: 68023 Fixes: b5c2ca0372dc ("drm/xe/xe2hpg: Determine flat ccs offset for vram") Signed-off-by: Matthew Auld Cc: Himal Prasad Ghimiray Cc: Akshata Jahagirdar Cc: Lucas De Marchi Cc: Shuicheng Lin Cc: Matt Roper Cc: stable@vger.kernel.org # v6.10+ Reviewed-by: Himal Prasad Ghimiray Tested-by: Shuicheng Lin Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240916084911.13119-2-matthew.auld@intel.com Signed-off-by: Lucas De Marchi (cherry picked from commit 37173392741c425191b959acb3adf70c9a4610c0) Signed-off-by: Lucas De Marchi commit 7ab9ebc580617831355843f19224f1e31bb8e983 Author: Michal Wajdeczko Date: Thu Sep 12 22:38:12 2024 +0200 drm/xe/guc: Fix GUC_{SUBMIT,FIRMWARE}_VER helper macros Those macros rely on non-existing MAKE_VER_STRUCT macro, while the correct one that should be used is named MAKE_GUC_VER_STRUCT. Fixes: 4eb0aab6e443 ("drm/xe/guc: Bump minimum required GuC version to v70.29.2") Signed-off-by: Michal Wajdeczko Cc: Julia Filipchuk Cc: John Harrison Reviewed-by: Michał Winiarski Link: https://patchwork.freedesktop.org/patch/msgid/20240912203817.1880-2-michal.wajdeczko@intel.com (cherry picked from commit 02fdf821ed79f59c40d766a85947aa7cc25d4364) Signed-off-by: Lucas De Marchi commit d2b537b3e533f28e0d97293fe9293161fe8cd137 Author: Yuezhang Mo Date: Tue Sep 3 15:01:09 2024 +0800 exfat: fix memory leak in exfat_load_bitmap() If the first directory entry in the root directory is not a bitmap directory entry, 'bh' will not be released and reassigned, which will cause a memory leak. Fixes: 1e49a94cf707 ("exfat: add bitmap operations") Cc: stable@vger.kernel.org Signed-off-by: Yuezhang Mo Reviewed-by: Aoyama Wataru Signed-off-by: Namjae Jeon commit f761fcdd289d07e8547fef7ac76c3760fc7803f2 Author: Dongliang Cui Date: Wed Sep 18 07:40:05 2024 +0900 exfat: Implement sops->shutdown and ioctl We found that when writing a large file through buffer write, if the disk is inaccessible, exFAT does not return an error normally, which leads to the writing process not stopping properly. To easily reproduce this issue, you can follow the steps below: 1. format a device to exFAT and then mount (with a full disk erase) 2. dd if=/dev/zero of=/exfat_mount/test.img bs=1M count=8192 3. eject the device You may find that the dd process does not stop immediately and may continue for a long time. The root cause of this issue is that during buffer write process, exFAT does not need to access the disk to look up directory entries or the FAT table (whereas FAT would do) every time data is written. Instead, exFAT simply marks the buffer as dirty and returns, delegating the writeback operation to the writeback process. If the disk cannot be accessed at this time, the error will only be returned to the writeback process, and the original process will not receive the error, so it cannot be returned to the user side. When the disk cannot be accessed normally, an error should be returned to stop the writing process. Implement sops->shutdown and ioctl to shut down the file system when underlying block device is marked dead. Signed-off-by: Dongliang Cui Signed-off-by: Zhiguo Niu Signed-off-by: Namjae Jeon commit 21d98d658f9e5967dc30c321bc258b50740c6665 Author: Hanjun Guo Date: Sun Aug 11 11:18:04 2024 +0800 ACPI: RISCV: Make acpi_numa_get_nid() to be static acpi_numa_get_nid() is only called in acpi_numa.c for riscv, no need to add it in head file, so make it static and remove related functions in the asm/acpi.h. Spotted by doing some cleanup for arm64 ACPI. Signed-off-by: Hanjun Guo Reviewed-by: Haibo Xu Link: https://lore.kernel.org/r/20240811031804.3347298-1-guohanjun@huawei.com Signed-off-by: Palmer Dabbelt commit 3f8df6285271d9d8f17d733433e5213a63b83a0b Merge: 55e6f8f29d6ac7 f3009482512eb0 Author: Paolo Bonzini Date: Sat Sep 14 09:56:06 2024 -0400 Merge tag 'kvm-x86-vmx-6.12' of https://github.com/kvm-x86/linux into HEAD KVM VMX changes for 6.12: - Set FINAL/PAGE in the page fault error code for EPT Violations if and only if the GVA is valid. If the GVA is NOT valid, there is no guest-side page table walk and so stuffing paging related metadata is nonsensical. - Fix a bug where KVM would incorrectly synthesize a nested VM-Exit instead of emulating posted interrupt delivery to L2. - Add a lockdep assertion to detect unsafe accesses of vmcs12 structures. - Harden eVMCS loading against an impossible NULL pointer deref (really truly should be impossible). - Minor SGX fix and a cleanup. commit 55e6f8f29d6ac76126ad1c8000b4c3626cf4b176 Merge: 43d97b2ebd3066 4440337af4d415 Author: Paolo Bonzini Date: Sat Sep 14 09:56:04 2024 -0400 Merge tag 'kvm-x86-svm-6.12' of https://github.com/kvm-x86/linux into HEAD KVM SVM changes for 6.12: - Don't stuff the RSB after VM-Exit when RETPOLINE=y and AutoIBRS is enabled, i.e. when the CPU has already flushed the RSB. - Trace the per-CPU host save area as a VMCB pointer to improve readability and cleanup the retrieval of the SEV-ES host save area. - Remove unnecessary accounting of temporary nested VMCB related allocations. commit 43d97b2ebd3066d0328bbc1c622341d59292ca48 Merge: 5d55a052e369ff 566975f6ecd852 Author: Paolo Bonzini Date: Sat Sep 14 09:56:01 2024 -0400 Merge tag 'kvm-x86-pat_vmx_msrs-6.12' of https://github.com/kvm-x86/linux into HEAD KVM VMX and x86 PAT MSR macro cleanup for 6.12: - Add common defines for the x86 architectural memory types, i.e. the types that are shared across PAT, MTRRs, VMCSes, and EPTPs. - Clean up the various VMX MSR macros to make the code self-documenting (inasmuch as possible), and to make it less painful to add new macros. commit 5d55a052e369ff0d98a4dbd614635bc931c45d11 Merge: c345344e831717 9a5bff7f5ec238 Author: Paolo Bonzini Date: Sat Sep 14 09:38:43 2024 -0400 Merge tag 'kvm-x86-mmu-6.12' of https://github.com/kvm-x86/linux into HEAD KVM x86 MMU changes for 6.12: - Overhaul the "unprotect and retry" logic to more precisely identify cases where retrying is actually helpful, and to harden all retry paths against putting the guest into an infinite retry loop. - Add support for yielding, e.g. to honor NEED_RESCHED, when zapping rmaps in the shadow MMU. - Refactor pieces of the shadow MMU related to aging SPTEs in prepartion for adding MGLRU support in KVM. - Misc cleanups commit f168c000d27f8134160d4a52dfc474a948a3d7e9 Author: Kexy Biscuit Date: Mon Sep 9 20:28:30 2024 +0300 tpm: export tpm2_sessions_init() to fix ibmvtpm building Commit 08d08e2e9f0a ("tpm: ibmvtpm: Call tpm2_sessions_init() to initialize session support") adds call to tpm2_sessions_init() in ibmvtpm, which could be built as a module. However, tpm2_sessions_init() wasn't exported, causing libmvtpm to fail to build as a module: ERROR: modpost: "tpm2_sessions_init" [drivers/char/tpm/tpm_ibmvtpm.ko] undefined! Export tpm2_sessions_init() to resolve the issue. Cc: stable@vger.kernel.org # v6.10+ Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408051735.ZJkAPQ3b-lkp@intel.com/ Fixes: 08d08e2e9f0a ("tpm: ibmvtpm: Call tpm2_sessions_init() to initialize session support") Signed-off-by: Kexy Biscuit Signed-off-by: Mingcong Bai Reviewed-by: Stefan Berger Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen commit e5d76ae8822cf52e4f56a507205d27e8d8b53ec8 Author: Uwe Kleine-König Date: Mon Sep 9 20:26:47 2024 +0300 tpm: Drop explicit initialization of struct i2c_device_id::driver_data to 0 These drivers don't use the driver_data member of struct i2c_device_id, so don't explicitly initialize this member. This prepares putting driver_data in an anonymous union which requires either no initialization or named designators. But it's also a nice cleanup on its own. Signed-off-by: Uwe Kleine-König Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen commit 27141f1950b8e40499a7aa95341cd5a37029a097 Author: Michal Suchanek Date: Wed Aug 28 13:23:20 2024 +0200 selftests: tpm2: test_smoke: Run only when TPM2 is avaialable. Since Linux 5.6 tpm_version_major sysfs file is avaialble which gives the TPM version. Using this file the test can be skipped on systems with TPM 1.2. Signed-off-by: Michal Suchanek Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen commit 5e515e13eba3b335aa97e2a2e57b86118522cf28 Author: Michal Suchanek Date: Wed Aug 28 13:23:19 2024 +0200 MAINTAINERS: Add selftest files to TPM section tools/testing/selftests/tpm2/ is TPM-specific test Signed-off-by: Michal Suchanek Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen commit e3aaebcbb7c6b403416f442d1de70d437ce313a7 Author: Jonathan McDowell Date: Fri Aug 16 12:55:46 2024 +0100 tpm: Clean up TPM space after command failure tpm_dev_transmit prepares the TPM space before attempting command transmission. However if the command fails no rollback of this preparation is done. This can result in transient handles being leaked if the device is subsequently closed with no further commands performed. Fix this by flushing the space in the event of command transmission failure. Fixes: 745b361e989a ("tpm: infrastructure for TPM spaces") Signed-off-by: Jonathan McDowell Reviewed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen commit c345344e8317176944be33f46e18812c0343dc63 Merge: 41786cc5ea89b7 c32e028057f144 Author: Paolo Bonzini Date: Sat Sep 14 09:38:16 2024 -0400 Merge tag 'kvm-x86-selftests-6.12' of https://github.com/kvm-x86/linux into HEAD KVM selftests changes for 6.12: - Fix a goof that caused some Hyper-V tests to be skipped when run on bare metal, i.e. NOT in a VM. - Add a regression test for KVM's handling of SHUTDOWN for an SEV-ES guest. - Explicitly include one-off assets in .gitignore. Past Sean was completely wrong about not being able to detect missing .gitignore entries. - Verify userspace single-stepping works when KVM happens to handle a VM-Exit in its fastpath. - Misc cleanups commit 41786cc5ea89b71437dd6fece444f3766edb4db7 Merge: 7056c4e2a13a61 4ca077f26d885c Author: Paolo Bonzini Date: Sat Sep 14 09:38:08 2024 -0400 Merge tag 'kvm-x86-misc-6.12' of https://github.com/kvm-x86/linux into HEAD KVM x86 misc changes for 6.12 - Advertise AVX10.1 to userspace (effectively prep work for the "real" AVX10 functionality that is on the horizon). - Rework common MSR handling code to suppress errors on userspace accesses to unsupported-but-advertised MSRs. This will allow removing (almost?) all of KVM's exemptions for userspace access to MSRs that shouldn't exist based on the vCPU model (the actual cleanup is non-trivial future work). - Rework KVM's handling of x2APIC ICR, again, because AMD (x2AVIC) splits the 64-bit value into the legacy ICR and ICR2 storage, whereas Intel (APICv) stores the entire 64-bit value a the ICR offset. - Fix a bug where KVM would fail to exit to userspace if one was triggered by a fastpath exit handler. - Add fastpath handling of HLT VM-Exit to expedite re-entering the guest when there's already a pending wake event at the time of the exit. - Finally fix the RSM vs. nested VM-Enter WARN by forcing the vCPU out of guest mode prior to signalling SHUTDOWN (architecturally, the SHUTDOWN is supposed to hit L1, not L2). commit 7056c4e2a13a61f4e8a9e8ce27cd499f27e0e63b Merge: c09dd2bb574807 025dde582bbf31 Author: Paolo Bonzini Date: Sat Sep 14 09:34:30 2024 -0400 Merge tag 'kvm-x86-generic-6.12' of https://github.com/kvm-x86/linux into HEAD KVK generic changes for 6.12: - Fix a bug that results in KVM prematurely exiting to userspace for coalesced MMIO/PIO in many cases, clean up the related code, and add a testcase. - Fix a bug in kvm_clear_guest() where it would trigger a buffer overflow _if_ the gpa+len crosses a page boundary, which thankfully is guaranteed to not happen in the current code base. Add WARNs in more helpers that read/write guest memory to detect similar bugs. commit c09dd2bb5748075d995ae46c2d18423032230f9b Merge: 55f50b2f86929a 590b09b1d88e18 Author: Paolo Bonzini Date: Thu Sep 12 11:13:05 2024 -0400 Merge branch 'kvm-redo-enable-virt' into HEAD Register KVM's cpuhp and syscore callbacks when enabling virtualization in hardware, as the sole purpose of said callbacks is to disable and re-enable virtualization as needed. The primary motivation for this series is to simplify dealing with enabling virtualization for Intel's TDX, which needs to enable virtualization when kvm-intel.ko is loaded, i.e. long before the first VM is created. That said, this is a nice cleanup on its own. By registering the callbacks on-demand, the callbacks themselves don't need to check kvm_usage_count, because their very existence implies a non-zero count. Patch 1 (re)adds a dedicated lock for kvm_usage_count. This avoids a lock ordering issue between cpus_read_lock() and kvm_lock. The lock ordering issue still exist in very rare cases, and will be fixed for good by switching vm_list to an (S)RCU-protected list. Signed-off-by: Paolo Bonzini commit 55f50b2f86929ae042cd2eee8b2e8ffe00b5a885 Merge: 356dab4efd1a66 61de4c34b51c5b Author: Paolo Bonzini Date: Thu Sep 12 11:07:15 2024 -0400 Merge branch 'kvm-memslot-zap-quirk' into HEAD Today whenever a memslot is moved or deleted, KVM invalidates the entire page tables and generates fresh ones based on the new memslot layout. This behavior traditionally was kept because of a bug which was never fully investigated and caused VM instability with assigned GeForce GPUs. It generally does not have a huge overhead, because the old MMU is able to reuse cached page tables and the new one is more scalabale and can resolve EPT violations/nested page faults in parallel, but it has worse performance if the guest frequently deletes and adds small memslots, and it's entirely not viable for TDX. This is because TDX requires re-accepting of private pages after page dropping. For non-TDX VMs, this series therefore introduces the KVM_X86_QUIRK_SLOT_ZAP_ALL quirk, enabling users to control the behavior of memslot zapping when a memslot is moved/deleted. The quirk is turned on by default, leading to the zapping of all SPTEs when a memslot is moved/deleted; users however have the option to turn off the quirk, which limits the zapping only to those SPTEs hat lie within the range of memslot being moved/deleted. Signed-off-by: Paolo Bonzini commit 356dab4efd1a661c7882010c34594fe9cb0048f3 Merge: 0cdcc99eeaedf2 f9b56b2c31e573 Author: Paolo Bonzini Date: Tue Sep 17 11:37:03 2024 -0400 Merge tag 'kvm-s390-next-6.12-1' of https://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux into HEAD * New ucontrol selftest * Inline assembly touchups commit 7f1b63f981b8284c6d8238cb49b5cb156d9a833e Author: Filipe Manana Date: Sun Sep 15 20:52:53 2024 +0100 btrfs: fix use-after-free on rbtree that tracks inodes for auto defrag When cleaning up defrag inodes at btrfs_cleanup_defrag_inodes(), called during remount and unmount, we are freeing every node from the rbtree that tracks inodes for auto defrag using rbtree_postorder_for_each_entry_safe(), which doesn't modify the tree itself. So once we unlock the lock that protects the rbtree, we have a tree pointing to a root that was freed (and a root pointing to freed nodes, and their children pointing to other freed nodes, and so on). This makes further access to the tree result in a use-after-free with unpredictable results. Fix this by initializing the rbtree to an empty root after the call to rbtree_postorder_for_each_entry_safe() and before unlocking. Fixes: 276940915f23 ("btrfs: clear defragmented inodes using postorder in btrfs_cleanup_defrag_inodes()") Reported-by: syzbot+ad7966ca1f5dd8b001b3@syzkaller.appspotmail.com Link: https://lore.kernel.org/linux-btrfs/000000000000f9aad406223eabff@google.com/ Reviewed-by: Qu Wenruo Signed-off-by: Filipe Manana Reviewed-by: David Sterba Signed-off-by: David Sterba commit b0b595e61d97de61c15b379b754b2caa90e83e5c Author: Qu Wenruo Date: Wed Sep 11 07:06:45 2024 +0930 btrfs: tree-checker: fix the wrong output of data backref objectid [BUG] There are some reports about invalid data backref objectids, the report looks like this: BTRFS critical (device sda): corrupt leaf: block=333654787489792 slot=110 extent bytenr=333413935558656 len=65536 invalid data ref objectid value 2543 The data ref objectid is the inode number inside the subvolume. But in above case, the value is completely sane, not really showing the problem. [CAUSE] The root cause of the problem is the deprecated feature, inode cache. This feature results a special inode number, -12ULL, and it's no longer recognized by tree-checker, triggering the error. The direct problem here is the output of data ref objectid. The value shown is in fact the dref_root (subvolume id), not the dref_objectid (inode number). [FIX] Fix the output to use dref_objectid instead. Reported-by: Neil Parton Reported-by: Archange Link: https://lore.kernel.org/linux-btrfs/CAAYHqBbrrgmh6UmW3ANbysJX9qG9Pbg3ZwnKsV=5mOpv_qix_Q@mail.gmail.com/ Link: https://lore.kernel.org/linux-btrfs/9541deea-9056-406e-be16-a996b549614d@archlinux.org/ Fixes: f333a3c7e832 ("btrfs: tree-checker: validate dref root and objectid") CC: stable@vger.kernel.org # 6.11 Reviewed-by: Filipe Manana Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit 7ee85f5515e86a4e2a2f51969795920733912bad Author: Filipe Manana Date: Tue Sep 3 10:55:36 2024 +0100 btrfs: fix race setting file private on concurrent lseek using same fd When doing concurrent lseek(2) system calls against the same file descriptor, using multiple threads belonging to the same process, we have a short time window where a race happens and can result in a memory leak. The race happens like this: 1) A program opens a file descriptor for a file and then spawns two threads (with the pthreads library for example), lets call them task A and task B; 2) Task A calls lseek with SEEK_DATA or SEEK_HOLE and ends up at file.c:find_desired_extent() while holding a read lock on the inode; 3) At the start of find_desired_extent(), it extracts the file's private_data pointer into a local variable named 'private', which has a value of NULL; 4) Task B also calls lseek with SEEK_DATA or SEEK_HOLE, locks the inode in shared mode and enters file.c:find_desired_extent(), where it also extracts file->private_data into its local variable 'private', which has a NULL value; 5) Because it saw a NULL file private, task A allocates a private structure and assigns to the file structure; 6) Task B also saw a NULL file private so it also allocates its own file private and then assigns it to the same file structure, since both tasks are using the same file descriptor. At this point we leak the private structure allocated by task A. Besides the memory leak, there's also the detail that both tasks end up using the same cached state record in the private structure (struct btrfs_file_private::llseek_cached_state), which can result in a use-after-free problem since one task can free it while the other is still using it (only one task took a reference count on it). Also, sharing the cached state is not a good idea since it could result in incorrect results in the future - right now it should not be a problem because it end ups being used only in extent-io-tree.c:count_range_bits() where we do range validation before using the cached state. Fix this by protecting the private assignment and check of a file while holding the inode's spinlock and keep track of the task that allocated the private, so that it's used only by that task in order to prevent user-after-free issues with the cached state record as well as potentially using it incorrectly in the future. Fixes: 3c32c7212f16 ("btrfs: use cached state when looking for delalloc ranges with lseek") CC: stable@vger.kernel.org # 6.6+ Reviewed-by: Josef Bacik Signed-off-by: Filipe Manana Signed-off-by: David Sterba commit 048e2906d4caf57018e92f49c9a0f998ebb83f9b Author: Yunhui Cui Date: Tue Jun 25 11:05:02 2024 +0800 riscv: Randomize lower bits of stack address Implement arch_align_stack() to randomize the lower bits of the stack address. Signed-off-by: Yunhui Cui Link: https://lore.kernel.org/r/20240625030502.68988-1-cuiyunhui@bytedance.com Signed-off-by: Palmer Dabbelt commit 11c2dbd7f2415731ac8213d3de0dbd5f5dd0ddc7 Author: Charlie Jenkins Date: Thu Aug 8 11:41:40 2024 -0700 selftests: riscv: Allow mmap test to compile on 32-bit Macros needed for 32-bit compilations were hidden behind 64-bit riscv ifdefs. Fix the 32-bit compilations by moving macros to allow the memory_layout test to run on 32-bit. Signed-off-by: Charlie Jenkins Fixes: 73d05262a2ca ("selftests: riscv: Generalize mm selftests") Link: https://lore.kernel.org/r/20240808-mmap_tests__fixes-v1-1-b1344b642a84@rivosinc.com Signed-off-by: Palmer Dabbelt commit 594ffcf4efe5094876f5b549a36262416104cd3d Author: Charlie Jenkins Date: Wed Aug 7 17:27:42 2024 -0700 riscv: Make riscv_isa_vendor_ext_andes array static Since this array is only used in this file, it should be static. Signed-off-by: Charlie Jenkins Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202407241530.ej5SVgX1-lkp@intel.com/ Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/20240807-make_andes_static-v1-1-b64bf4c3d941@rivosinc.com Signed-off-by: Palmer Dabbelt commit 2f27fce67173bbb05d5a0ee03dae5c021202c912 Merge: 194fcd20ebccbc 64c0ce555ad2d8 Author: Linus Torvalds Date: Tue Sep 17 17:03:43 2024 +0200 Merge tag 'sound-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound Pull sound updates from Takashi Iwai: "A fairly big update at this time, both in core and driver sides. The core received rewrites in PCM buffer allocation handling and locking optimizations, PCM rate updates followed by lots of cleanups. In ASoC side, the legacy Intel drivers have been deprecated by AVS drivers which leaded to the significant amount of code reduction. SoundWire driver updates and other cleanups contributed more code reduction, too. USB-audio driver received a large cleanup of its big quirk table, and the old snd_print*() API usages in many legacy drivers are replaced with the standard print API. Here are some highlights: Core: - More optimized locking in ALSA control code - Rewrites of memalloc helpers for better DMA API usage - Drop of obsoleted vmalloc PCM buffer helper API - Continued MIDI2 UMP updates - Support of a new user-space driven timer instance - Update for more PCM support rates and cleanups - Xrun counter report in the proc files ASoC: - Continued simplification and cleanup works for ASoC - Extensive cleanups and refactoring of the Soundwire drivers - Removal of Intel machine support obsoleted by the AVS driver - Lots of DT schema conversions - Machine support for many AMD and Intel x86 platforms - Support for AMD ACP 7.1, Mediatek MT6367 and MT8365, Realtek RTL1320 SoundWire and rev C, and Texas Instruments TAS2563 USB-audio: - Add support of multiple control interfaces - A large rewrite of quirk table with macros - Support for RME Digiface USB HD-audio: - Cleanup of quirk code for Samsung Galaxy laptops - Clean up of detection of Cirrus codecs - C-Media CM9825 HD-audio codec support Others: - Rewrites to standard print API in a lot of legacy drivers" * tag 'sound-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: (410 commits) ASoC: topology: Fix redundant logical jump ASoC: tas2781: Add Calibration Kcontrols for Chromebook ASoC: amd: acp: refactor SoundWire machine driver code ASoC: sdw_utils/intel: move soundwire endpoint parsing helper functions ASoC: sdw_util/intel: move soundwire endpoint and dai link structures ASoC: intel: sof_sdw: rename soundwire parsing helper functions ASoC: intel: sof_sdw: rename soundwire endpoint and dailink structures ASoC: atmel: mchp-pdmc: Retain Non-Runtime Controls ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) ASoC: mediatek: mt7986-afe-pcm: Remove redundant error message ALSA: memalloc: Use proper DMA mapping API for x86 S/G buffer allocations ALSA: memalloc: Use proper DMA mapping API for x86 WC buffer allocations ALSA: usb-audio: Add logitech Audio profile quirk ASoc: mediatek: mt8365: Remove unneeded assignment ASoC: Intel: ARL: Add entry for HDMI-In capture support to non-I2S codec boards. ASoC: Intel: sof_rt5682: Add HDMI-In capture with rt5682 support for ARL. ASoC: SOF: Intel: hda: remove common_hdmi_codec_drv ASoC: Intel: sof_pcm512x: do not check common_hdmi_codec_drv ASoC: Intel: ehl_rt5660: do not check common_hdmi_codec_drv ASoC: Intel: skl_hda_dsp_generic: use common module for DAI links ... commit 194fcd20ebccbc34bba80d7d9b203920087bb01d Merge: 32b72debef5ab9 7fcc9b53216cd8 Author: Linus Torvalds Date: Tue Sep 17 16:52:24 2024 +0200 Merge tag 'linux_kselftest-kunit-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull kunit updates from Shuah Khan: - a new int_pow test suite - documentation update to clarify filename best practices - kernel-doc fix for EXPORT_SYMBOL_IF_KUNIT - change to build compile_commands.json automatically instead of requiring a manual build * tag 'linux_kselftest-kunit-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: lib/math: Add int_pow test suite kunit: tool: Build compile_commands.json kunit: Fix kernel-doc for EXPORT_SYMBOL_IF_KUNIT Documentation: KUnit: Update filename best practices commit 61850725779709369c7e907ae8c7c75dc7cec4f3 Author: Kaixin Wang Date: Sun Sep 15 00:39:33 2024 +0800 i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition In the svc_i3c_master_probe function, &master->hj_work is bound with svc_i3c_master_hj_work, &master->ibi_work is bound with svc_i3c_master_ibi_work. And svc_i3c_master_ibi_work can start the hj_work, svc_i3c_master_irq_handler can start the ibi_work. If we remove the module which will call svc_i3c_master_remove to make cleanup, it will free master->base through i3c_master_unregister while the work mentioned above will be used. The sequence of operations that may lead to a UAF bug is as follows: CPU0 CPU1 | svc_i3c_master_hj_work svc_i3c_master_remove | i3c_master_unregister(&master->base)| device_unregister(&master->dev) | device_release | //free master->base | | i3c_master_do_daa(&master->base) | //use master->base Fix it by ensuring that the work is canceled before proceeding with the cleanup in svc_i3c_master_remove. Fixes: 0f74f8b6675c ("i3c: Make i3c_master_unregister() return void") Cc: stable@vger.kernel.org Signed-off-by: Kaixin Wang Reviewed-by: Miquel Raynal Reviewed-by: Frank Li Link: https://lore.kernel.org/stable/20240914154030.180-1-kxwang23%40m.fudan.edu.cn Link: https://lore.kernel.org/r/20240914163932.253-1-kxwang23@m.fudan.edu.cn Signed-off-by: Alexandre Belloni commit 609366e7a06d035990df78f1562291c3bf0d4a12 Author: Kaixin Wang Date: Wed Sep 11 23:35:44 2024 +0800 i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition In the cdns_i3c_master_probe function, &master->hj_work is bound with cdns_i3c_master_hj. And cdns_i3c_master_interrupt can call cnds_i3c_master_demux_ibis function to start the work. If we remove the module which will call cdns_i3c_master_remove to make cleanup, it will free master->base through i3c_master_unregister while the work mentioned above will be used. The sequence of operations that may lead to a UAF bug is as follows: CPU0 CPU1 | cdns_i3c_master_hj cdns_i3c_master_remove | i3c_master_unregister(&master->base) | device_unregister(&master->dev) | device_release | //free master->base | | i3c_master_do_daa(&master->base) | //use master->base Fix it by ensuring that the work is canceled before proceeding with the cleanup in cdns_i3c_master_remove. Signed-off-by: Kaixin Wang Link: https://lore.kernel.org/r/20240911153544.848398-1-kxwang23@m.fudan.edu.cn Signed-off-by: Alexandre Belloni commit 32b72debef5ab9b8bec32fcf3c5d4a62da8a4db2 Merge: 395b15778e8f1b a0474b8d5974e1 Author: Linus Torvalds Date: Tue Sep 17 16:49:56 2024 +0200 Merge tag 'linux_kselftest-next-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull kselftest update from Shuah Khan: - test coverage for dup_fd() failure handling in unshare_fd() - new selftest for the acct() syscall - basic uprobe testcase - several small fixes and cleanups to existing tests - user and strscpy removal as they became kunit tests - fixes to build failures and warnings * tag 'linux_kselftest-next-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: (21 commits) selftests: kselftest: Use strerror() on nolibc selftests/timers: Remove unused NSEC_PER_SEC macro selftests:resctrl: Fix build failure on archs without __cpuid_count() selftests/ftrace: Fix eventfs ownership testcase to find mount point selftests: filesystems: fix warn_unused_result build warnings selftests:core: test coverage for dup_fd() failure handling in unshare_fd() selftests/ftrace: Fix test to handle both old and new kernels kselftest: timers: Fix const correctness selftests/ftrace: Add required dependency for kprobe tests selftests: rust: config: disable GCC_PLUGINS selftests: rust: config: add trailing newline tracing/selftests: Run the ownership test twice selftests/uprobes: Add a basic uprobe testcase selftests: harness: rename __constructor_order for clarification selftests: harness: remove unneeded __constructor_order_last() selftest: acct: Add selftest for the acct() syscall selftests: lib: remove strscpy test selftests: user: remove user suite kselftest: cpufreq: Add RTC wakeup alarm selftests/exec: Fix grammar in an error message. ... commit 96267f358c14e88e07f1d96ed6f1827da59e9ecc Author: Carlos Song Date: Fri Jul 19 16:02:33 2024 +0800 i3c: master: svc: adjust SDR according to i3c spec According to I3C Specification(Version 1.1) 5.1.2.4 "Use of Clock Speed to Prevent Legacy I2C Devices From Seeing I3C traffic", when slow i2c devices(FM/FM+ rate i2c frequency without 50ns filter) works on i3c bus, i3c SDR should work at FM/FM+ rate. Adjust timing for difference mode. Signed-off-by: Clark Wang Signed-off-by: Carlos Song Signed-off-by: Frank Li Acked-by: Miquel Raynal Link: https://lore.kernel.org/r/20240719080233.842771-1-carlos.song@nxp.com Signed-off-by: Alexandre Belloni commit 395b15778e8f1b580334c558c9a6e9f1b28fcc76 Merge: d58db3f3a00af0 248f6b935bbd8f Author: Linus Torvalds Date: Tue Sep 17 16:47:17 2024 +0200 Merge tag 'linux_kselftest-nolibc-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest Pull nolibc updates from Shuah Khan: "Highlights: - Clang support (including LTO) Other Changes: - stdbool.h support - argc/argv/envp arguments for constructors - Small #include ordering fix" * tag 'linux_kselftest-nolibc-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/shuah/linux-kselftest: (21 commits) tools/nolibc: x86_64: use local label in memcpy/memmove tools/nolibc: stackprotector: mark implicitly used symbols as used tools/nolibc: crt: mark _start_c() as used selftests/nolibc: run-tests.sh: allow building through LLVM selftests/nolibc: use correct clang target for s390/systemz selftests/nolibc: don't use libgcc when building with clang selftests/nolibc: run-tests.sh: avoid overwriting CFLAGS_EXTRA selftests/nolibc: add cc-option compatible with clang cross builds selftests/nolibc: add support for LLVM= parameter selftests/nolibc: determine $(srctree) first selftests/nolibc: avoid passing NULL to printf("%s") selftests/nolibc: report failure if no testcase passed tools/nolibc: compiler: use attribute((naked)) if available tools/nolibc: move entrypoint specifics to compiler.h tools/nolibc: compiler: introduce __nolibc_has_attribute() tools/nolibc: powerpc: limit stack-protector workaround to GCC tools/nolibc: mips: load current function to $t9 tools/nolibc: arm: use clang-compatible asm syntax tools/nolibc: pass argc, argv and envp to constructors tools/nolibc: add stdbool.h header ... commit 20ade67bb1645f5ce8f37fa79ddfebbc5b5b24ef Author: Carlos Song Date: Tue Sep 10 13:16:26 2024 +0800 i3c: master: svc: use slow speed for first broadcast address I3C controller should support adjusting open drain timing for the first broadcast address to make I3C device working as a i2c device can see slow broadcast address to close its Spike Filter to change working at i3c mode. Signed-off-by: Carlos Song Reviewed-by: Frank Li Link: https://lore.kernel.org/r/20240910051626.4052552-2-carlos.song@nxp.com Signed-off-by: Alexandre Belloni commit aef79e189ba2b32f78bd35daf2c0b41f3868a321 Author: Carlos Song Date: Tue Sep 10 13:16:25 2024 +0800 i3c: master: support to adjust first broadcast address speed According to I3C spec 6.2 Timing Specification, the Open Drain High Period of SCL Clock timing for first broadcast address should be adjusted to 200ns at least. I3C device working as i2c device will see the broadcast to close its Spike Filter then change to work at I3C mode. After that I3C open drain SCL high level should be adjusted back. Signed-off-by: Carlos Song Reviewed-by: Miquel Raynal Reviewed-by: Frank Li Link: https://lore.kernel.org/r/20240910051626.4052552-1-carlos.song@nxp.com Signed-off-by: Alexandre Belloni commit d58db3f3a00af00fce5f914c9d1a946ef7feecb6 Merge: 8202cc803f3d0a 4f77c3462308c6 Author: Linus Torvalds Date: Tue Sep 17 16:44:08 2024 +0200 Merge tag 'docs-6.12' of git://git.lwn.net/linux Pull documentation update from Jonathan Corbet: "Another relatively mundane cycle for docs: - The beginning of an EEVDF scheduler document - More Chinese translations - A rethrashing of our bisection documentation ...plus the usual array of smaller fixes, and more than the usual number of typo fixes" * tag 'docs-6.12' of git://git.lwn.net/linux: (48 commits) Remove duplicate "and" in 'Linux NVMe docs. docs:filesystems: fix spelling and grammar mistakes docs:filesystem: fix mispelled words on autofs page docs:mm: fixed spelling and grammar mistakes on vmalloc kernel stack page Documentation: PCI: fix typo in pci.rst docs/zh_CN: add the translation of kbuild/gcc-plugins.rst docs/process: fix typos docs:mm: fix spelling mistakes in heterogeneous memory management page accel/qaic: Fix a typo docs/zh_CN: update the translation of security-bugs docs: block: Fix grammar and spelling mistakes in bfq-iosched.rst Documentation: Fix spelling mistakes Documentation/gpu: Fix typo in Documentation/gpu/komeda-kms.rst scripts: sphinx-pre-install: remove unnecessary double check for $cur_version Loongarch: KVM: Add KVM hypercalls documentation for LoongArch Documentation: Document the kernel flag bdev_allow_write_mounted docs: scheduler: completion: Update member of struct completion docs: kerneldoc-preamble.sty: Suppress extra spaces in CJK literal blocks docs: submitting-patches: Advertise b4 docs: update dev-tools/kcsan.rst url about KTSAN ... commit 8202cc803f3d0a0a7f7e4c08ce575634a0220406 Merge: fc1dc0d50780a9 b90fae5df91744 Author: Linus Torvalds Date: Tue Sep 17 16:41:46 2024 +0200 Merge tag 'm68k-for-v6.12-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k Pull m68k updates from Geert Uytterhoeven: - Use swap() helper for __arch_xchg() - Fix kernel_clone_args.flags in m68k_clone() - defconfig updates * tag 'm68k-for-v6.12-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k: m68k: defconfig: Update defconfigs for v6.11-rc1 m68k: Fix kernel_clone_args.flags in m68k_clone() m68k: cmpxchg: Use swap() to improve code commit e3accac1a976e65491a9b9fba82ce8ddbd3d2389 Author: Damien Le Moal Date: Tue Sep 17 22:32:31 2024 +0900 block: Fix elv_iosched_local_module handling of "none" scheduler Commit 734e1a860312 ("block: Prevent deadlocks when switching elevators") introduced the function elv_iosched_load_module() to allow loading an elevator module outside of elv_iosched_store() with the target device queue not frozen, to avoid deadlocks. However, the "none" scheduler does not have a module and as a result, elv_iosched_load_module() always returns an error when trying to switch to this valid scheduler. Fix this by ignoring the return value of the request_module() call done by elv_iosched_load_module(). This restores the behavior before commit 734e1a860312, which was to ignore the request_module() result and instead rely on elevator_change() to handle the "none" scheduler case. Reported-by: Shin'ichiro Kawasaki Fixes: 734e1a860312 ("block: Prevent deadlocks when switching elevators") Cc: stable@vger.kernel.org Signed-off-by: Damien Le Moal Reviewed-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240917133231.134806-1-dlemoal@kernel.org Signed-off-by: Jens Axboe commit 42b16d3ac371a2fac9b6f08fd75f23f34ba3955a Merge: 4208c562a27899 98f7e32f20d28e Author: Jens Axboe Date: Tue Sep 17 08:32:53 2024 -0600 Merge tag 'v6.11' into for-6.12/block Merge in 6.11 final to get the fix for preventing deadlocks on an elevator switch, as there's a fixup for that patch. * tag 'v6.11': (1788 commits) Linux 6.11 Revert "KVM: VMX: Always honor guest PAT on CPUs that support self-snoop" pinctrl: pinctrl-cy8c95x0: Fix regcache cifs: Fix signature miscalculation mm: avoid leaving partial pfn mappings around in error case drm/xe/client: add missing bo locking in show_meminfo() drm/xe/client: fix deadlock in show_meminfo() drm/xe/oa: Enable Xe2+ PES disaggregation drm/xe/display: fix compat IS_DISPLAY_STEP() range end drm/xe: Fix access_ok check in user_fence_create drm/xe: Fix possible UAF in guc_exec_queue_process_msg drm/xe: Remove fence check from send_tlb_invalidation drm/xe/gt: Remove double include net: netfilter: move nf flowtable bpf initialization in nf_flow_table_module_init() PCI: Fix potential deadlock in pcim_intx() workqueue: Clear worker->pool in the worker thread context net: tighten bad gso csum offset check in virtio_net_hdr netlink: specs: mptcp: fix port endianness net: dpaa: Pad packets to ETH_ZLEN mptcp: pm: Fix uaf in __timer_delete_sync ... commit 0eb0bd21e8382d10be8108952a0bb819915e1e2d Author: Tiezhu Yang Date: Tue Sep 17 22:23:10 2024 +0800 LoongArch: Remove STACK_FRAME_NON_STANDARD(do_syscall) For now, we can remove STACK_FRAME_NON_STANDARD(do_syscall) because there is no objtool warning "do_syscall+0x11c: return with modified stack frame", then there is handle_syscall() which is the previous frame of do_syscall() in the call trace when executing the command "echo l > /proc/sysrq-trigger". Fixes: a0f7085f6a63 ("LoongArch: Add RANDOMIZE_KSTACK_OFFSET support") Signed-off-by: Tiezhu Yang Signed-off-by: Huacai Chen commit a7e0837724562ea8c1d869dd1a5cb1119ef651c3 Author: Tiezhu Yang Date: Tue Sep 17 22:23:09 2024 +0800 LoongArch: Set AS_HAS_THIN_ADD_SUB as y if AS_IS_LLVM When building kernel with "make CC=clang defconfig", LLVM Assembler is used due to LLVM_IAS=0 is not specified, then AS_HAS_THIN_ADD_SUB is not set, thus objtool can not be built after enable it for Clang. config AS_HAS_THIN_ADD_SUB is to check whether -mthin-add-sub option is available to know R_LARCH_{32,64}_PCREL are supported for GNU Assembler, there is no such an option for LLVM Assembler. The minimal version of Clang is 18 for building LoongArch kernel, and Clang >= 17 has already supported R_LARCH_{32,64}_PCREL, that is to say, there is no need to depend on AS_HAS_THIN_ADD_SUB for Clang, so just set AS_HAS_THIN_ADD_SUB as y if AS_IS_LLVM. Fixes: 120dd4118e58 ("LoongArch: Only allow OBJTOOL & ORC unwinder if toolchain supports -mthin-add-sub") Signed-off-by: Tiezhu Yang Signed-off-by: Huacai Chen commit b8468bd92ae19939d4844899fa05147888732519 Author: Tiezhu Yang Date: Tue Sep 17 22:23:09 2024 +0800 LoongArch: Enable objtool for Clang For now, it can enable objtool for Clang, just remove !CC_IS_CLANG for HAVE_OBJTOOL in arch/loongarch/Kconfig. Signed-off-by: Tiezhu Yang Signed-off-by: Huacai Chen commit da5b2ad1c2f18834cb1ce429e2e5a5cf5cbdf21b Author: Tiezhu Yang Date: Tue Sep 17 22:23:09 2024 +0800 objtool: Handle frame pointer related instructions After commit a0f7085f6a63 ("LoongArch: Add RANDOMIZE_KSTACK_OFFSET support"), there are three new instructions "addi.d $fp, $sp, 32", "sub.d $sp, $sp, $t0" and "addi.d $sp, $fp, -32" for the secondary stack in do_syscall(), then there is a objtool warning "return with modified stack frame" and no handle_syscall() which is the previous frame of do_syscall() in the call trace when executing the command "echo l > /proc/sysrq-trigger". objdump shows something like this: 0000000000000000 : 0: 02ff8063 addi.d $sp, $sp, -32 4: 29c04076 st.d $fp, $sp, 16 8: 29c02077 st.d $s0, $sp, 8 c: 29c06061 st.d $ra, $sp, 24 10: 02c08076 addi.d $fp, $sp, 32 ... 74: 0011b063 sub.d $sp, $sp, $t0 ... a8: 4c000181 jirl $ra, $t0, 0 ... dc: 02ff82c3 addi.d $sp, $fp, -32 e0: 28c06061 ld.d $ra, $sp, 24 e4: 28c04076 ld.d $fp, $sp, 16 e8: 28c02077 ld.d $s0, $sp, 8 ec: 02c08063 addi.d $sp, $sp, 32 f0: 4c000020 jirl $zero, $ra, 0 The instruction "sub.d $sp, $sp, $t0" changes the stack bottom and the new stack size is a random value, in order to find the return address of do_syscall() which is stored in the original stack frame after executing "jirl $ra, $t0, 0", it should use fp which points to the original stack top. At the beginning, the thought is tended to decode the secondary stack instruction "sub.d $sp, $sp, $t0" and set it as a label, then check this label for the two frame pointer instructions to change the cfa base and cfa offset during the period of secondary stack in update_cfi_state(). This is valid for GCC but invalid for Clang due to there are different secondary stack instructions for ClangBuiltLinux on LoongArch, something like this: 0000000000000000 : ... 88: 00119064 sub.d $a0, $sp, $a0 8c: 00150083 or $sp, $a0, $zero ... Actually, it equals to a single instruction "sub.d $sp, $sp, $a0", but there is no proper condition to check it as a label like GCC, and so the beginning thought is not a good way. Essentially, there are two special frame pointer instructions which are "addi.d $fp, $sp, imm" and "addi.d $sp, $fp, imm", the first one points fp to the original stack top and the second one restores the original stack bottom from fp. Based on the above analysis, in order to avoid adding an arch-specific update_cfi_state(), we just add a member "frame_pointer" in the "struct symbol" as a label to avoid affecting the current normal case, then set it as true only if there is "addi.d $sp, $fp, imm". The last is to check this label for the two frame pointer instructions to change the cfa base and cfa offset in update_cfi_state(). Tested with the following two configs: (1) CONFIG_RANDOMIZE_KSTACK_OFFSET=y && CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT=n (2) CONFIG_RANDOMIZE_KSTACK_OFFSET=y && CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT=y By the way, there is no effect for x86 with this patch, tested on the x86 machine with Fedora 40 system. Cc: stable@vger.kernel.org # 6.9+ Signed-off-by: Tiezhu Yang Signed-off-by: Huacai Chen commit 987cbafe628ae67fe6cad0ce1dcc41743147ef3e Merge: 98f7e32f20d28e a6fe30d1e36579 Author: Huacai Chen Date: Tue Sep 17 22:20:12 2024 +0800 Merge tag 'irq-core-2024-09-16' into loongarch-next LoongArch architecture changes for 6.12 depend on the irq core changes about AVEC irqchip to avoid confliction, so merge them to create a base. commit 28b0ef922738b74335c20b8ed4bf8e259353a3a3 Author: Bob Zhou Date: Fri Sep 6 17:48:20 2024 +0800 drm/amdgpu: Fix missing check pcie_p2p module param The module param pcie_p2p should be checked for kfd p2p feature, so add it. Fixes: 75f0efbc4b3b ("drm/amdgpu: Take IOMMU remapping into account for p2p checks") Signed-off-by: Bob Zhou Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit c389a0604cfbcdb1f8f53a76560eb31e0700e206 Author: Tao Zhou Date: Mon Sep 9 18:51:42 2024 +0800 drm/amdgpu: disable GPU RAS bad page feature for specific ASIC The feature is not applicable to specific app platform. v2: update the disablement condition and commit description v3: move the setting to amdgpu_ras_check_supported Signed-off-by: Tao Zhou Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 0da531c82a0fcac65407d28ecdb2a1e19c833df5 Author: Tim Huang Date: Wed Aug 7 17:33:42 2024 +0800 drm/amdgpu: ensure the connector is not null before using it This resolves the dereference null return value warning reported by Coverity. Signed-off-by: Tim Huang Reviewed-by: Jesse Zhang Signed-off-by: Alex Deucher commit 52755373ea6197dac40b9804ce967611b5e989bf Author: Jesse Zhang Date: Tue Sep 10 13:17:30 2024 +0800 drm/amdkfd: clean up code for interrupt v10 Variable hub_inst is unused. Fixes: e28604d8337e ("drm/amdkfd: Drop poison hanlding from gfx v10") Signed-off-by: Jesse Zhang Reviewed-by: Tim Huang Signed-off-by: Alex Deucher commit 21d1d72475809734a5149ecfffdc7551503b042b Author: Kent Russell Date: Tue Sep 10 09:21:25 2024 -0400 drm/amdkfd: Move queue fs deletion after destroy check We were removing the kernfs entry for queue info before checking if the queue could be destroyed. If it failed to get destroyed (e.g. during some GPU resets), then we would try to delete it later during pqm teardown, but the file was already removed. This led to a kernel WARN trying to remove size, gpuid and type. Move the remove to after the destroy check. Signed-off-by: Kent Russell Reviewed-by: Jonathan Kim Signed-off-by: Alex Deucher commit fc1dc0d50780a9b215322bcc315f07ad8e4c6c13 Merge: b5075354745361 e7ff4ebffe3bed Author: Linus Torvalds Date: Tue Sep 17 15:27:01 2024 +0200 Merge tag 'x86-timers-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 timer updates from Thomas Gleixner: - Use the topology information of number of packages for making the decision about TSC trust instead of using the number of online nodes which is not reflecting the real topology. - Stop the PIT timer 0 when its not in use as to stop pointless emulation in the VMM. - Fix the PIT timer stop sequence for timer 0 so it truly stops both real hardware and buggy VMM emulations. * tag 'x86-timers-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/tsc: Check for sockets instead of CPUs to make code match comment clockevents/drivers/i8253: Fix stop sequence for timer 0 x86/i8253: Disable PIT timer 0 when not in use x86/tsc: Use topology_max_packages() to get package number commit 3cc754c237e9552ee0f2f6c2f37b3454bee39e67 Author: Jinjie Ruan Date: Wed Sep 4 09:33:44 2024 +0800 riscv: Use LIST_HEAD() to simplify code list_head can be initialized automatically with LIST_HEAD() instead of calling INIT_LIST_HEAD(). Signed-off-by: Jinjie Ruan Tested-by: Charlie Jenkins Reviewed-by: Charlie Jenkins Link: https://lore.kernel.org/r/20240904013344.2026738-1-ruanjinjie@huawei.com Signed-off-by: Palmer Dabbelt commit b50753547453613eb5d0fada99d55583852c42df Merge: a3233da6c014b4 4460e8538ef17c Author: Linus Torvalds Date: Tue Sep 17 15:18:45 2024 +0200 Merge tag 'x86-misc-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull misc x86 updates from Thomas Gleixner: - Rework kcpuid to handle the the autogenerated CSV file correctly and update the CSV file to cover the whole zoo of CPUID. - Avoid memcpy() for ia32 syscall_get_arguments() and use direct assignments as fortified memcpy() is unhappy about writing/reading beyond the end of the addresses destination/source struct member - A few new PCI IDs for AMD - Update MAINTAINERS to cover x86 specific selftests * tag 'x86-misc-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: MAINTAINERS: Add selftests/x86 entry x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h-70h x86/syscall: Avoid memcpy() for ia32 syscall_get_arguments() MAINTAINERS: Add x86 cpuid database entry tools/x86/kcpuid: Introduce a complete cpuid bitfields CSV file tools/x86/kcpuid: Parse subleaf ranges if provided tools/x86/kcpuid: Recognize all leaves with subleaves tools/x86/kcpuid: Strip bitfield names leading/trailing whitespace tools/x86/kcpuid: Protect against faulty "max subleaf" values tools/x86/kcpuid: Set max possible subleaves count to 64 tools/x86/kcpuid: Properly align long-description columns tools/x86/kcpuid: Remove unused variable x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h commit e36ddf3226864e095c5f18a7d46feb1e75fe91b2 Author: Geert Uytterhoeven Date: Tue Jul 30 17:37:26 2024 +0200 riscv: defconfig: Disable RZ/Five peripheral support There is not much point in keeping support for RZ/Five peripherals enabled, as the RZ/Five platform option (ARCH_R9A07G043) is gated behind NONPORTABLE. Hence drop all config options that enable built-in or modular support for peripherals found on RZ/Five SoCs. Disable USB_XHCI_RCAR explicitly, as its value defaults to the value of ARCH_RENESAS, which is still enabled. Signed-off-by: Geert Uytterhoeven Reviewed-by: Lad Prabhakar Link: https://lore.kernel.org/r/89ad70c7d6e8078208fecfd41dc03f6028531729.1722353710.git.geert+renesas@glider.be Signed-off-by: Palmer Dabbelt commit a3233da6c014b421f16dce27955fa4a803b50474 Merge: 70f43ea3a360c5 22f42697265589 Author: Linus Torvalds Date: Tue Sep 17 15:13:14 2024 +0200 Merge tag 'x86-platform-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 platform update from Thomas Gleixner: "Remove a stale declaration from the UV platform code" * tag 'x86-platform-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/platform/uv: Remove unused declaration uv_irq_2_mmr_info() commit 70f43ea3a360c5a7d3474b0cfbabb80be6424596 Merge: b136021126b990 50c6dbdfd16e31 Author: Linus Torvalds Date: Tue Sep 17 15:03:01 2024 +0200 Merge tag 'x86-mm-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 memory management updates from Thomas Gleixner: - Make LAM enablement safe vs. kernel threads using a process mm temporarily as switching back to the process would not update CR3 and therefore not enable LAM causing faults in user space when using tagged pointers. Cure it by synchronizing LAM enablement via IPIs to all CPUs which use the related mm. - Cure a LAM harmless inconsistency between CR3 and the state during context switch. It's both confusing and prone to lead to real bugs - Handle alt stack handling for threads which run with a non-zero protection key. The non-zero key prevents the kernel to access the alternate stack. Cure it by temporarily enabling all protection keys for the alternate stack setup/restore operations. - Provide a EFI config table identity mapping for kexec kernel to prevent kexec fails because the new kernel cannot access the config table array - Use GB pages only when a full GB is mapped in the identity map as otherwise the CPU can speculate into reserved areas after the end of memory which causes malfunction on UV systems. - Remove the noisy and pointless SRAT table dump during boot - Use is_ioremap_addr() for iounmap() address range checks instead of high_memory. is_ioremap_addr() is more precise. * tag 'x86-mm-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/ioremap: Improve iounmap() address range checks x86/mm: Remove duplicate check from build_cr3() x86/mm: Remove unused NX related declarations x86/mm: Remove unused CR3_HW_ASID_BITS x86/mm: Don't print out SRAT table information x86/mm/ident_map: Use gbpages only where full GB page should be mapped. x86/kexec: Add EFI config table identity mapping for kexec kernel selftests/mm: Add new testcases for pkeys x86/pkeys: Restore altstack access in sigreturn() x86/pkeys: Update PKRU to enable all pkeys before XSAVE x86/pkeys: Add helper functions to update PKRU on the sigframe x86/pkeys: Add PKRU as a parameter in signal handling functions x86/mm: Cleanup prctl_enable_tagged_addr() nr_bits error checking x86/mm: Fix LAM inconsistency during context switch x86/mm: Use IPIs to synchronize LAM enablement commit b136021126b99072da705f693a8be07c6285e47c Merge: c3056a7d1494e9 fe85ee391966c4 Author: Linus Torvalds Date: Tue Sep 17 14:55:59 2024 +0200 Merge tag 'x86-fred-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 FRED updates from Thomas Gleixner: - Enable FRED right after init_mem_mapping() because at that point the early IDT fault handler is replaced by the real fault handler. The real fault handler retrieves the faulting address from the stack frame and not from CR2 when the FRED feature is set. But that obviously only works when FRED is enabled in the CPU as well. - Set SS to __KERNEL_DS when enabling FRED to prevent a corner case where ERETS can observe a SS mismatch and raises a #GP. * tag 'x86-fred-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/entry: Set FRED RSP0 on return to userspace instead of context switch x86/msr: Switch between WRMSRNS and WRMSR with the alternatives mechanism x86/entry: Test ti_work for zero before processing individual bits x86/fred: Set SS to __KERNEL_DS when enabling FRED x86/fred: Enable FRED right after init_mem_mapping() x86/fred: Move FRED RSP initialization into a separate function x86/fred: Parse cmdline param "fred=" in cpu_parse_early_param() commit 983f12149942a58c66e9db7638a10667aae0d958 Author: Jinjie Ruan Date: Sat Jul 27 14:34:38 2024 +0800 RISC-V: Implement kgdb_roundup_cpus() to enable future NMI Roundup Until now, the generic weak kgdb_roundup_cpus() has been used for kgdb on RISCV. A custom one allows to debug CPUs that are stuck with interrupts disabled with NMI support in the future. And using an IPI is better than the generic one since it avoids the potential situation described in the generic kgdb_call_nmi_hook(). As Andrew pointed out, once there is NMI support, we can easily extend this and the CPU backtrace support to use NMIs. After this patch, the kgdb test show that: # echo g > /proc/sysrq-trigger [2]kdb> btc btc: cpu status: Currently on cpu 2 Available cpus: 0-1(-), 2, 3(-) Stack traceback for pid 0 0xffffffff81c13a40 0 0 1 0 - 0xffffffff81c14510 swapper/0 CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.10.0-g3120273055b6-dirty #51 Hardware name: riscv-virtio,qemu (DT) Call Trace: [] dump_backtrace+0x28/0x30 [] show_stack+0x38/0x44 [] dump_stack_lvl+0x58/0x7a [] dump_stack+0x18/0x20 [] kgdb_cpu_enter+0x682/0x6b2 [] kgdb_nmicallback+0xa0/0xac [] handle_IPI+0x9c/0x120 [] handle_percpu_devid_irq+0xa4/0x1e4 [] generic_handle_domain_irq+0x28/0x36 [] ipi_mux_process+0xe8/0x110 [] imsic_handle_irq+0xf8/0x13a [] generic_handle_domain_irq+0x28/0x36 [] riscv_intc_aia_irq+0x2e/0x40 [] handle_riscv_irq+0x54/0x86 [] call_on_irq_stack+0x32/0x40 Rebased on Ryo Takakura's "RISC-V: Enable IPI CPU Backtrace" patch. Signed-off-by: Jinjie Ruan Reviewed-by: Andrew Jones Link: https://lore.kernel.org/r/20240727063438.886155-1-ruanjinjie@huawei.com Signed-off-by: Palmer Dabbelt commit c3056a7d1494e9b5511e4dba358834c5ef68949a Merge: dea435d397ab90 ba386777a30b38 Author: Linus Torvalds Date: Tue Sep 17 14:46:17 2024 +0200 Merge tag 'x86-fpu-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fpu updates from Thomas Gleixner: "Provide FPU buffer layout in core dumps: Debuggers have guess the FPU buffer layout in core dumps, which is error prone. This is because AMD and Intel layouts differ. To avoid buggy heuristics add a ELF section which describes the buffer layout which can be retrieved by tools" * tag 'x86-fpu-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/elf: Add a new FPU buffer layout info to x86 core files commit 39190ac7cff1fd15135fa8e658030d9646fdb5f2 Author: Michael Ellerman Date: Mon Sep 16 22:05:10 2024 +1000 powerpc/atomic: Use YZ constraints for DS-form instructions The 'ld' and 'std' instructions require a 4-byte aligned displacement because they are DS-form instructions. But the "m" asm constraint doesn't enforce that. That can lead to build errors if the compiler chooses a non-aligned displacement, as seen with GCC 14: /tmp/ccuSzwiR.s: Assembler messages: /tmp/ccuSzwiR.s:2579: Error: operand out of domain (39 is not a multiple of 4) make[5]: *** [scripts/Makefile.build:229: net/core/page_pool.o] Error 1 Dumping the generated assembler shows: ld 8,39(8) # MEM[(const struct atomic64_t *)_29].counter, t Use the YZ constraints to tell the compiler either to generate a DS-form displacement, or use an X-form instruction, either of which prevents the build error. See commit 2d43cc701b96 ("powerpc/uaccess: Fix build errors seen with GCC 13/14") for more details on the constraint letters. Fixes: 9f0cbea0d8cc ("[POWERPC] Implement atomic{, 64}_{read, write}() without volatile") Cc: stable@vger.kernel.org # v2.6.24+ Reported-by: Stephen Rothwell Closes: https://lore.kernel.org/all/20240913125302.0a06b4c7@canb.auug.org.au Tested-by: Mina Almasry Reviewed-by: Segher Boessenkool Signed-off-by: Michael Ellerman Link: https://msgid.link/20240916120510.2017749-1-mpe@ellerman.id.au commit b77d36bb9a3de774950ba712a0e47f9d33c6f6d7 Author: Michael Ellerman Date: Tue Aug 27 16:36:51 2024 +1000 MAINTAINERS: powerpc: Add Maddy Maddy will be helping out with upstream maintenance, add him as a reviewer. Acked-by: Madhavan Srinivasan Signed-off-by: Michael Ellerman Link: https://msgid.link/20240827063651.28985-1-mpe@ellerman.id.au commit 134d2531ef82043e8bf219497a4f1eb8fe21a6b7 Author: Shen Lichuan Date: Tue Sep 10 15:00:58 2024 +0800 watchdog: Convert comma to semicolon To ensure code clarity and prevent potential errors, it's advisable to employ the ';' as a statement separator, except when ',' are intentionally used for specific purposes. Signed-off-by: Shen Lichuan Reviewed-by: Wim Van Sebroeck Link: https://lore.kernel.org/r/20240910070058.40867-1-shenlichuan@vivo.com Signed-off-by: Guenter Roeck Signed-off-by: Wim Van Sebroeck commit 95c588f69ee5bf5ba5884ca156ac9d5c9309f6da Author: Lad Prabhakar Date: Wed Sep 11 14:20:31 2024 +0100 watchdog: rzv2h_wdt: Add missing MODULE_LICENSE tag to fix modpost error Add the missing `MODULE_LICENSE()` tag to the `rzv2h_wdt` driver, which resolves the following modpost error when built as a module: ERROR: modpost: missing MODULE_LICENSE() in drivers/watchdog/rzv2h_wdt.o Fixes: f6febd0a30b6 ("watchdog: Add Watchdog Timer driver for RZ/V2H(P)") Reported-by: Stephen Rothwell Signed-off-by: Lad Prabhakar Reviewed-by: Guenter Roeck Link: https://lore.kernel.org/r/20240911132031.544479-1-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Guenter Roeck Signed-off-by: Wim Van Sebroeck commit 74baa9c6c5bf801d8cfb4906f01e8c8d8215dd06 Author: Nikita Shubin Date: Mon Sep 9 11:10:35 2024 +0300 dt-bindings: watchdog: Add Cirrus EP93x Add device tree bindings for the Cirrus Logic EP93xx watchdog block used in these SoCs. Signed-off-by: Nikita Shubin Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240909-ep93xx-v12-10-e86ab2423d4b@maquefel.me Signed-off-by: Wim Van Sebroeck commit 6c8def1e8ef124975c815c798ab10af0e62df710 Author: Marek Vasut Date: Fri Jul 5 13:50:31 2024 +0200 dt-bindings: watchdog: stm32-iwdg: Document interrupt and wakeup properties The watchdog IP can generate pre-timeout interrupt and can be used as a wake up source. Document both properties. Signed-off-by: Marek Vasut Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240705115052.116705-1-marex@denx.de Signed-off-by: Wim Van Sebroeck commit dea435d397ab90d8e682e4162a5b9835d24b1e3a Merge: 61d1ea914b3556 7424fc6b86c898 Author: Linus Torvalds Date: Tue Sep 17 13:17:27 2024 +0200 Merge tag 'x86-core-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 core update from Thomas Gleixner: "Enable UBSAN traps for x86, which provides better reporting through metadata encodeded into UD1" * tag 'x86-core-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/traps: Enable UBSAN traps on x86 commit 61d1ea914b3556c44f9ca04277ab990a60afb44d Merge: 0279aa780df436 a1fab3e69d9d0e Author: Linus Torvalds Date: Tue Sep 17 13:09:49 2024 +0200 Merge tag 'x86-apic-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 APIC updates from Thomas Gleixner: - Handle an allocation failure in the IO/APIC code gracefully instead of crashing the machine. - Remove support for APIC local destination mode on 64bit Logical destination mode of the local APIC is used for systems with up to 8 CPUs. It has an advantage over physical destination mode as it allows to target multiple CPUs at once with IPIs. That advantage was definitely worth it when systems with up to 8 CPUs were state of the art for servers and workstations, but that's history. In the recent past there were quite some reports of new laptops failing to boot with logical destination mode, but they work fine with physical destination mode. That's not a suprise because physical destination mode is guaranteed to work as it's the only way to get a CPU up and running via the INIT/INIT/STARTUP sequence. Some of the affected systems were cured by BIOS updates, but not all OEMs provide them. As the number of CPUs keep increasing, logical destination mode becomes less used and the benefit for small systems, like laptops, is not really worth the trouble. So just remove logical destination mode support for 64bit and be done with it. - Code and comment cleanups in the APIC area. * tag 'x86-apic-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/irq: Fix comment on IRQ vector layout x86/apic: Remove unused extern declarations x86/apic: Remove logical destination mode for 64-bit x86/apic: Remove unused inline function apic_set_eoi_cb() x86/ioapic: Cleanup remaining coding style issues x86/ioapic: Cleanup line breaks x86/ioapic: Cleanup bracket usage x86/ioapic: Cleanup comments x86/ioapic: Move replace_pin_at_irq_node() to the call site iommu/vt-d: Cleanup apic_printk() x86/mpparse: Cleanup apic_printk()s x86/ioapic: Cleanup guarded debug printk()s x86/ioapic: Cleanup apic_printk()s x86/apic: Cleanup apic_printk()s x86/apic: Provide apic_printk() helpers x86/ioapic: Use guard() for locking where applicable x86/ioapic: Cleanup structs x86/ioapic: Mark mp_alloc_timer_irq() __init x86/ioapic: Handle allocation failures gracefully commit 0279aa780df4362f218b5645c07e5265859937f6 Merge: 5ba202a7c986fc a678164aadbf68 Author: Linus Torvalds Date: Tue Sep 17 13:00:12 2024 +0200 Merge tag 'x86-cleanups-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 cleanups from Thomas Gleixner: "A set of cleanups across x86: - Use memremap() for the EISA probe instead of ioremap(). EISA is strictly memory and not MMIO - Cleanups and enhancement all over the place" * tag 'x86-cleanups-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/EISA: Dereference memory directly instead of using readl() x86/extable: Remove unused declaration fixup_bug() x86/boot/64: Strip percpu address space when setting up GDT descriptors x86/cpu: Clarify the error message when BIOS does not support SGX x86/kexec: Add comments around swap_pages() assembly to improve readability x86/kexec: Fix a comment of swap_pages() assembly x86/sgx: Fix a W=1 build warning in function comment x86/EISA: Use memremap() to probe for the EISA BIOS signature x86/mtrr: Remove obsolete declaration for mtrr_bp_restore() x86/cpu_entry_area: Annotate percpu_setup_exception_stacks() as __init commit 837acb691c844d0525f4ac86f2a2ce55a9706908 Author: Lukas Bulwahn Date: Tue Sep 17 12:39:55 2024 +0200 MAINTAINERS: adjust file entry in INTEL MID PLATFORM Commit 5f1cda51107f ("platform/x86: intel_scu_wdt: Move intel_scu_wdt.h to x86 subfolder") moves intel-mid_wdt.h in ./include/linux/platform_data into the x86 subdirectory, but misses to adjust the INTEL MID PLATFORM section, which is referring to this file. Hence, ./scripts/get_maintainer.pl --self-test=patterns complains about a broken reference. Adjust the file entry to this header file movement. Signed-off-by: Lukas Bulwahn Link: https://lore.kernel.org/r/20240917103955.102921-1-lukas.bulwahn@redhat.com Signed-off-by: Hans de Goede commit 5ba202a7c986fc58dd2fd1571c99667ab2699995 Merge: a940d9a43e623d ae94b263f5f69c Author: Linus Torvalds Date: Tue Sep 17 12:40:34 2024 +0200 Merge tag 'x86-build-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 build updates from Thomas Gleixner: "Updates for KCOV instrumentation on x86: - Prevent spurious KCOV coverage in common_interrupt() - Fixup the KCOV Makefile directive which got stale due to a source file rename - Exclude stack unwinding from KCOV as it creates large amounts of uninteresting coverage - Provide a self test to validate that KCOV coverage of the interrupt handling code starts not before preempt count got updated" * tag 'x86-build-2024-09-17' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86: Ignore stack unwinding in KCOV module: Fix KCOV-ignored file name kcov: Add interrupt handling self test x86/entry: Remove unwanted instrumentation in common_interrupt() commit a940d9a43e623d1ba1e5c499aa843516656c0ae4 Merge: 38ea77ab07480f 46d2efc4efc00e Author: Linus Torvalds Date: Tue Sep 17 11:41:47 2024 +0200 Merge tag 'soc-arm-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull SoC ARM platform updates from Arnd Bergmann: "Most of these updates are for removing dead code on the Samsung S3C, NXP i.MX, TI OMAP and TI DaVinci platforms, though this appears to be a coincidence. There are also cleanups for the Marvell Orion family and the Arm integrator series and a Kconfig change for Broadcom" * tag 'soc-arm-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: ARM: dove: Drop a write-only variable ARM: orion5x: Switch to new sys-off handler API ARM: mvebu: Warn about memory chunks too small for DDR training ARM: imx: Annotate imx7d_enet_init() as __init ARM: OMAP1: Remove unused declarations in arch/arm/mach-omap1/pm.h ARM: s3c: remove unused s3c2410_cpu_suspend() declaration ARM: s3c: remove unused declarations for s3c6400 ARM: s3c: Remove unused s3c_init_uart_irqs() declaration ARM: davinci: remove unused cpuidle code ARM: davinci: remove unused davinci_init_ide() declaration ARM: davinci: remove unused davinci_cfg_reg_list() declaration ARM: mach-imx: imx6sx: Remove Ethernet refclock setting MAINTAINERS: Add entry for Samsung Exynos850 SoC ARM: bcm: Select ARM_GIC_V3 for ARCH_BRCMSTB ARM: omap2: Switch to use kmemdup_array() ARM: omap1: Remove unused struct 'dma_link_info' ARM: s3c: Drop explicit initialization of struct i2c_device_id::driver_data to 0 commit 2638e4e6b18233d7ec54edb953f253ae9515bac2 Author: Sebastian Andrzej Siewior Date: Fri Sep 6 12:59:06 2024 +0200 riscv: Allow to enable PREEMPT_RT. It is really time. riscv has all the required architecture related changes, that have been identified over time, in order to enable PREEMPT_RT. With the recent printk changes, the last known road block has been addressed. Allow to enable PREEMPT_RT on riscv. Signed-off-by: Sebastian Andrzej Siewior Signed-off-by: Thomas Gleixner Tested-by: Nam Cao # Visionfive 2 Link: https://lore.kernel.org/all/20240906111841.562402-4-bigeasy@linutronix.de commit d8fccd9ca5f905533dc6c26cfd1f91beb8691c95 Author: Sebastian Andrzej Siewior Date: Fri Sep 6 12:59:05 2024 +0200 arm64: Allow to enable PREEMPT_RT. It is really time. arm64 has all the required architecture related changes, that have been identified over time, in order to enable PREEMPT_RT. With the recent printk changes, the last known road block has been addressed. Allow to enable PREEMPT_RT on arm64. Signed-off-by: Sebastian Andrzej Siewior Signed-off-by: Thomas Gleixner Acked-by: Will Deacon Link: https://lore.kernel.org/all/20240906111841.562402-3-bigeasy@linutronix.de commit d2d6422f8bd17c6bb205133e290625a564194496 Author: Sebastian Andrzej Siewior Date: Fri Sep 6 12:59:04 2024 +0200 x86: Allow to enable PREEMPT_RT. It is really time. x86 has all the required architecture related changes, that have been identified over time, in order to enable PREEMPT_RT. With the recent printk changes, the last known road block has been addressed. Allow to enable PREEMPT_RT on x86. Signed-off-by: Sebastian Andrzej Siewior Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240906111841.562402-2-bigeasy@linutronix.de commit 38ea77ab07480fa57a80bbdc2706ab2807ebc9e6 Merge: b8979c6b4d0d1b 7eee0f8bbd1b69 Author: Linus Torvalds Date: Tue Sep 17 10:53:21 2024 +0200 Merge tag 'soc-defconfig-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull SoC defconfig updates from Arnd Bergmann: "The updates to the defconfig files are fairly small, enabling drivers for eight of the arm and riscv based platforms" * tag 'soc-defconfig-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: arm64: defconfig: enable mt8365 sound riscv: defconfig: Enable pinctrl support for CV18XX Series SoC arm64: defconfig: Enable ADP5585 GPIO and PWM drivers arm64: defconfig: Enable Tegra194 PCIe Endpoint arm64: defconfig: Enable E5010 JPEG Encoder riscv: defconfig: sophgo: enable clks for sg2042 arm64: defconfig: build CONFIG_REGULATOR_QCOM_REFGEN as module ARM: configs: at91: enable config flags for sam9x7 SoC family arm64: defconfig: Enable R-Car Ethernet-TSN support ARM: shmobile: defconfig: Enable slab hardening and kmalloc buckets arm64: defconfig: Enable AK4619 codec support commit b8979c6b4d0d1b36e94f5bc483fd86e38107e554 Merge: 7b17f5ebd5fc5e b62800736f6152 Author: Linus Torvalds Date: Tue Sep 17 10:48:09 2024 +0200 Merge tag 'soc-drivers-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull SoC driver updates from Arnd Bergmann: "The driver updates seem larger this time around, with changes is many of the SoC specific drivers, both the custom drivers/soc ones and the closely related subsystems (memory, bus, firmware, reset, ...). The at91 platform gains support for sam9x7 chips in the soc and power management code. This is the latest variant of one of the oldest still supported SoC families, using the ARM9 (ARMv5) core. As usual, the qualcomm snapdragon platform gets a ton of updates in many of their drivers to add more features and additional SoC support. Most of these are somewhat firmware related as the platform has a number of firmware based interfaces to the kernel. A notable addition here is the inclusion of trace events to two of these drivers. Herve Codina and Christophe Leroy are now sending updates for drivers/soc/fsl/ code through the SoC tree, this contains both PowerPC and Arm specific platforms and has previously been problematic to maintain. The first update here contains support for newer PowerPC variants and some cleanups. The turris mox firmware driver has a number of updates, mostly cleanups. The Arm SCMI firmware driver gets a major rework to modularize the existing code into separately loadable drivers for the various transports, the addition of custom NXP i.MX9 interfaces and a number of smaller updates. The Arm FF-A firmware driver gets a feature update to support the v1.2 version of the specification. The reset controller drivers have some smaller cleanups and a newly added driver for the Intel/Mobileye EyeQ5/EyeQ6 MIPS SoCs. The memory controller drivers get some cleanups and refactoring for Tegra, TI, Freescale/NXP and a couple more platforms. Finally there are lots of minor updates to firmware (raspberry pi, tegra, imx), bus (sunxi, omap, tegra) and soc (rockchips, tegra, amlogic, mediatek) drivers and their DT bindings" * tag 'soc-drivers-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (212 commits) firmware: imx: remove duplicate scmi_imx_misc_ctrl_get() platform: cznic: turris-omnia-mcu: Fix error check in omnia_mcu_register_trng() bus: sunxi-rsb: Simplify code with dev_err_probe() soc: fsl: qe: ucc: Export ucc_mux_set_grant_tsa_bkpt soc: fsl: cpm1: qmc: Fix dependency on fsl_soc.h dt-bindings: arm: rockchip: Add rk3576 compatible string to pmu.yaml soc: fsl: qbman: Remove redundant warnings soc: fsl: qbman: Use iommu_paging_domain_alloc() MAINTAINERS: Add QE files related to the Freescale QMC controller soc: fsl: cpm1: qmc: Handle QUICC Engine (QE) soft-qmc firmware soc: fsl: cpm1: qmc: Add support for QUICC Engine (QE) implementation soc: fsl: qe: Add missing PUSHSCHED command soc: fsl: qe: Add resource-managed muram allocators soc: fsl: cpm1: qmc: Introduce qmc_version soc: fsl: cpm1: qmc: Rename SCC_GSMRL_MODE_QMC soc: fsl: cpm1: qmc: Handle RPACK initialization soc: fsl: cpm1: qmc: Rename qmc_chan_command() soc: fsl: cpm1: qmc: Introduce qmc_{init,exit}_xcc() and their CPM1 version soc: fsl: cpm1: qmc: Introduce qmc_init_resource() and its CPM1 version soc: fsl: cpm1: qmc: Re-order probe() operations ... commit 7b17f5ebd5fc5e9275eaa5af3d0771f2a7b01bbf Merge: 303ba85c60442e 168c3e0d443599 Author: Linus Torvalds Date: Tue Sep 17 10:41:21 2024 +0200 Merge tag 'soc-dt-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull SoC devicetree updates from Arnd Bergmann: "New SoC support for Broadcom bcm2712 (Raspberry Pi 5) and Renesas R9A09G057 (RZ/V2H(P)) and Qualcomm Snapdragon 414 (MSM8929), all three of these are variants of already supported chips, in particular the last one is almost identical to MSM8939. Lots of updates to Mediatek, ASpeed, Rockchips, Amlogic, Qualcomm, STM32, NXP i.MX, Sophgo, TI K3, Renesas, Microchip at91, NVIDIA Tegra, and T-HEAD. The added Qualcomm platform support once again dominates the changes, with seven phones and three laptops getting added in addition to many new features on existing machines. The Snapdragon X1E support specifically keeps improving. The other new machines are: - eight new machines using various 64-bit Rockchips SoCs, both on the consumer/gaming side and developer boards - three industrial boards with 64-bit i.MX, which is a very low number for them. - four more servers using a 32-bit Speed BMC - three boards using STM32MP1 SoCs - one new machine each using allwinner, amlogic, broadcom and renesas chips" * tag 'soc-dt-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (672 commits) arm64: dts: allwinner: h5: NanoPi NEO Plus2: Use regulators for pio arm64: dts: mediatek: add audio support for mt8365-evk arm64: dts: mediatek: add afe support for mt8365 SoC arm64: dts: mediatek: mt8186-corsola: Disable DPI display interface arm64: dts: mediatek: mt8186: Add svs node arm64: dts: mediatek: mt8186: Add power domain for DPI arm64: dts: mediatek: mt8195: Correct clock order for dp_intf* arm64: dts: mt8183: add dpi node to mt8183 arm64: dts: allwinner: h5: NanoPi Neo Plus2: Fix regulators arm64: dts: rockchip: add CAN0 and CAN1 interfaces to mecsbc board arm64: dts: rockchip: add CAN-FD controller nodes to rk3568 arm64: dts: nuvoton: ma35d1: Add uart pinctrl settings arm64: dts: nuvoton: ma35d1: Add pinctrl and gpio nodes arm64: dts: nuvoton: Add syscon to the system-management node ARM: dts: Fix undocumented LM75 compatible nodes arm64: dts: toshiba: Fix pl011 and pl022 clocks ARM: dts: stm32: Use SAI to generate bit and frame clock on STM32MP15xx DHCOM PDK2 ARM: dts: stm32: Switch bitclock/frame-master to flag on STM32MP15xx DHCOM PDK2 ARM: dts: stm32: Sort properties in audio endpoints on STM32MP15xx DHCOM PDK2 ARM: dts: stm32: Add MECIO1 and MECT1S board variants ... commit 303ba85c60442ecdca77231f227126a83ba39bd3 Merge: 6df928086070b4 07f1eb718db281 Author: Linus Torvalds Date: Tue Sep 17 10:31:31 2024 +0200 Merge tag 'spi-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi Pull spi updates from Mark Brown: "This is quite a quiet release for SPI. The one new core feature here is support for configuring the state of the MOSI pin when the bus is idle, there are some devices which are very fragile in this regard even when the chip select signal is not asserted. Otherwise we have some new driver support, a bunch of small fixes and some general cleanup work. - Support for configuring the state of the MOSI pin when the the bus is idle - Add the Elgin JG0309-01 in spidev - Support for Marvell xSPI, Mediatek MTK7981, Microchip PIC64GX, NXP i.MX8ULP, and Rockchip RK3576 controllers I also accidentally pulled in an IIO DT bindings update due to a typo when applying the MOSI idle state patches" * tag 'spi-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi: (65 commits) spi: geni-qcom: Use devm functions to simplify code spi: remove spi_controller_is_slave() and spi_slave_abort() platform/olpc: olpc-xo175-ec: switch to use spi_target_abort(). spi: slave-mt27xx: switch to use target_abort spi: spidev: switch to use spi_target_abort() spi: slave-system-control: switch to use spi_target_abort() spi: slave-time: switch to use spi_target_abort() spi: switch to use spi_controller_is_target() spi: fspi: add support for imx8ulp spi: fspi: involve lut_num for struct nxp_fspi_devtype_data dt-bindings: spi: nxp-fspi: add imx8ulp support spi: spidev_fdx: Fix the wrong format specifier spi: mxs: Switch to RUNTIME/SYSTEM_SLEEP_PM_OPS() spi: dt-bindings: Add rockchip,rk3576-spi compatible spi: Revert "spi: Insert the missing pci_dev_put()before return" spi: zynq-qspi: Replace kzalloc with kmalloc for buffer allocation spi: ppc4xx: Sort headers spi: ppc4xx: Revert "handle irq_of_parse_and_map() errors" spi: zynqmp-gqspi: Simplify with dev_err_probe() spi: zynqmp-gqspi: Use devm_spi_alloc_host() ... commit 6df928086070b4db8cadc31a4424524f57c584ae Merge: 9179b73aa72add 4591a2271f2e4c Author: Linus Torvalds Date: Tue Sep 17 10:26:21 2024 +0200 Merge tag 'regulator-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator Pull regulator updates from Mark Brown: "This release is almost all cleanup work of various kinds, while the diffstat for the core is quite large this is almost all cleanups and documentation improvments with some small fixes rather than any new feature work. We do have support for a couple of new devices but these are small additions to existing drivers rather than new drivers. - Removal of the SM5703 driver which does not have it's dependencies available. - Support for Allwinner AXP717, and Qualcomm WCN6855. The Allwinner support shares some commits with the MFD tree" * tag 'regulator-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator: (66 commits) regulator: sm5703: Remove because it is unused and fails to build regulator: Split up _regulator_get() regulator: update some comments ([gs]et_voltage_vsel vs [gs]et_voltage_sel) regulator: max8973: Use irq_get_trigger_type() helper regulator: core: fix the broken behavior of regulator_dev_lookup() regulator: max77650: Use container_of and constify static data regulator: hi6421v530: Use container_of and constify static data regulator: hi6421v530: Drop unused 'eco_microamp' regulator: qcom-refgen: Constify static data regulator: pfuze100: Constify static data regulator: pcap: Constify static data regulator: mtk-dvfsrc: Constify static data regulator: max77826: Constify static data regulator: max77826: Drop unused 'rdesc' in 'struct max77826_regulator_info' regulator: tps65023: Constify static data regulator: hi6421v600: Constify static data regulator: hi6421: Constify static data regulator: da9121: Constify static data regulator: da9063: Constify static data regulator: da9055: Constify static data ... commit 9179b73aa72add1bd54d8fa15d7f47a1fa602248 Merge: c903327d3295b1 c7edb7ac8472a5 Author: Linus Torvalds Date: Tue Sep 17 10:18:01 2024 +0200 Merge tag 'regmap-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regmap Pull regmap updates from Mark Brown: "The main update here is Matti's work allowing regmap irqdomains to be given custom names (allowing multiple interrupt controllers associatd with a single struct device), this pulls in some commits from Thomas' tree which it depends on. Otherwise there's a bit of work on improving handling of regmaps protected with spinlocks when used with complex cache types, fixing some valid but harmless lockdep reports seen with some new driver work" * tag 'regmap-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regmap: regmap: kunit: Add coverage of spinlocked regmaps regcache: use map->alloc_flags also for allocating cache regmap: Use locking during kunit tests regmap: Hold the regmap lock when allocating and freeing the cache regmap: Allow setting IRQ domain name suffix commit 5e06e08939df1cafef97a8e04f4b88c2806b538a Author: I Hsin Cheng Date: Tue Sep 10 12:08:18 2024 +0800 list: test: increase coverage of list_test_list_replace*() Increase the test coverage of list_test_list_replace*() by adding the checks to compare the pointer of "a_new.next" and "a_new.prev" to make sure a perfect circular doubly linked list is formed after the replacement. Link: https://lkml.kernel.org/r/20240910040818.65723-1-richard120310@gmail.com Signed-off-by: I Hsin Cheng Cc: David Gow Signed-off-by: Andrew Morton commit e620799c414a035dea1208bcb51c869744931dbb Author: I Hsin Cheng Date: Tue Sep 10 12:35:31 2024 +0800 list: test: fix tests for list_cut_position() Fix test for list_cut_position*() for the missing check of integer "i" after the second loop. The variable should be checked for second time to make sure both lists after the cut operation are formed as expected. Link: https://lkml.kernel.org/r/20240910043531.71343-1-richard120310@gmail.com Signed-off-by: I Hsin Cheng Cc: David Gow Signed-off-by: Andrew Morton commit 13309764720624caf2c5afba99b198f3f9fcd9f0 Author: Alexey Dobriyan Date: Sun Sep 8 12:26:22 2024 +0300 proc: use __auto_type more Switch away from quite chatty declarations using typeof_member(). In theory this is faster to compile too because there is no macro expansion and there is less type checking. Link: https://lkml.kernel.org/r/81bf02fd-8724-4f4d-a2bb-c59620b7d716@p183 Signed-off-by: Alexey Dobriyan Signed-off-by: Andrew Morton commit 684826f8271ad97580b138b9ffd462005e470b99 Author: Sergey Senozhatsky Date: Wed Sep 11 11:54:56 2024 +0900 zram: free secondary algorithms names We need to kfree() secondary algorithms names when reset zram device that had multi-streams, otherwise we leak memory. [senozhatsky@chromium.org: kfree(NULL) is legal] Link: https://lkml.kernel.org/r/20240917013021.868769-1-senozhatsky@chromium.org Link: https://lkml.kernel.org/r/20240911025600.3681789-1-senozhatsky@chromium.org Fixes: 001d92735701 ("zram: add recompression algorithm sysfs knob") Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Signed-off-by: Andrew Morton commit 2abbcc099ec60844ca7c15214ab12955d3c11e68 Author: Oleg Nesterov Date: Wed Sep 11 15:14:37 2024 +0200 uprobes: turn xol_area->pages[2] into xol_area->page Now that xol_mapping has its own ->fault() method we no longer need xol_area->pages[1] == NULL, we need a single page. Link: https://lkml.kernel.org/r/20240911131437.GC3448@redhat.com Signed-off-by: Oleg Nesterov Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Andrii Nakryiko Cc: Arnaldo Carvalho de Melo Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Linus Torvalds Cc: Mark Rutland Cc: Masami Hiramatsu Cc: Michael Ellerman Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Sven Schnelle Signed-off-by: Andrew Morton commit 6d27a31ef195951c9b03098edfdf986549a213b7 Author: Oleg Nesterov Date: Wed Sep 11 15:14:07 2024 +0200 uprobes: introduce the global struct vm_special_mapping xol_mapping Currently each xol_area has its own instance of vm_special_mapping, this is suboptimal and ugly. Kill xol_area->xol_mapping and add a single global instance of vm_special_mapping, the ->fault() method can use area->pages rather than xol_mapping->pages. As a side effect this fixes the problem introduced by the recent commit 223febc6e557 ("mm: add optional close() to struct vm_special_mapping"), if special_mapping_close() is called from the __mmput() paths, it will use vma->vm_private_data = &area->xol_mapping freed by uprobe_clear_state(). Link: https://lkml.kernel.org/r/20240911131407.GB3448@redhat.com Fixes: 223febc6e557 ("mm: add optional close() to struct vm_special_mapping") Signed-off-by: Oleg Nesterov Reported-by: Sven Schnelle Closes: https://lore.kernel.org/all/yt9dy149vprr.fsf@linux.ibm.com/ Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Andrii Nakryiko Cc: Arnaldo Carvalho de Melo Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Linus Torvalds Cc: Mark Rutland Cc: Masami Hiramatsu Cc: Michael Ellerman Cc: Namhyung Kim Cc: Peter Zijlstra Signed-off-by: Andrew Morton commit ed8d5b0ce1d738e13c60d6b1a901a56d832e5070 Author: Oleg Nesterov Date: Wed Sep 11 15:13:20 2024 +0200 Revert "uprobes: use vm_special_mapping close() functionality" This reverts commit 08e28de1160a712724268fd33d77b32f1bc84d1c. A malicious application can munmap() its "[uprobes]" vma and in this case xol_mapping.close == uprobe_clear_state() will free the memory which can be used by another thread, or the same thread when it hits the uprobe bp afterwards. Link: https://lkml.kernel.org/r/20240911131320.GA3448@redhat.com Signed-off-by: Oleg Nesterov Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Andrii Nakryiko Cc: Arnaldo Carvalho de Melo Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Linus Torvalds Cc: Mark Rutland Cc: Masami Hiramatsu Cc: Michael Ellerman Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Sven Schnelle Signed-off-by: Andrew Morton commit 242d12c98174584a18965cfab95778893872d650 Author: Chuanhua Han Date: Mon Sep 9 11:21:19 2024 +1200 mm: support large folios swap-in for sync io devices Currently, we have mTHP features, but unfortunately, without support for large folio swap-ins, once these large folios are swapped out, they are lost because mTHP swap is a one-way process. The lack of mTHP swap-in functionality prevents mTHP from being used on devices like Android that heavily rely on swap. This patch introduces mTHP swap-in support. It starts from sync devices such as zRAM. This is probably the simplest and most common use case, benefiting billions of Android phones and similar devices with minimal implementation cost. In this straightforward scenario, large folios are always exclusive, eliminating the need to handle complex rmap and swapcache issues. It offers several benefits: 1. Enables bidirectional mTHP swapping, allowing retrieval of mTHP after swap-out and swap-in. Large folios in the buddy system are also preserved as much as possible, rather than being fragmented due to swap-in. 2. Eliminates fragmentation in swap slots and supports successful THP_SWPOUT. w/o this patch (Refer to the data from Chris's and Kairui's latest swap allocator optimization while running ./thp_swap_allocator_test w/o "-a" option [1]): ./thp_swap_allocator_test Iteration 1: swpout inc: 233, swpout fallback inc: 0, Fallback percentage: 0.00% Iteration 2: swpout inc: 131, swpout fallback inc: 101, Fallback percentage: 43.53% Iteration 3: swpout inc: 71, swpout fallback inc: 155, Fallback percentage: 68.58% Iteration 4: swpout inc: 55, swpout fallback inc: 168, Fallback percentage: 75.34% Iteration 5: swpout inc: 35, swpout fallback inc: 191, Fallback percentage: 84.51% Iteration 6: swpout inc: 25, swpout fallback inc: 199, Fallback percentage: 88.84% Iteration 7: swpout inc: 23, swpout fallback inc: 205, Fallback percentage: 89.91% Iteration 8: swpout inc: 9, swpout fallback inc: 219, Fallback percentage: 96.05% Iteration 9: swpout inc: 13, swpout fallback inc: 213, Fallback percentage: 94.25% Iteration 10: swpout inc: 12, swpout fallback inc: 216, Fallback percentage: 94.74% Iteration 11: swpout inc: 16, swpout fallback inc: 213, Fallback percentage: 93.01% Iteration 12: swpout inc: 10, swpout fallback inc: 210, Fallback percentage: 95.45% Iteration 13: swpout inc: 16, swpout fallback inc: 212, Fallback percentage: 92.98% Iteration 14: swpout inc: 12, swpout fallback inc: 212, Fallback percentage: 94.64% Iteration 15: swpout inc: 15, swpout fallback inc: 211, Fallback percentage: 93.36% Iteration 16: swpout inc: 15, swpout fallback inc: 200, Fallback percentage: 93.02% Iteration 17: swpout inc: 9, swpout fallback inc: 220, Fallback percentage: 96.07% w/ this patch (always 0%): Iteration 1: swpout inc: 948, swpout fallback inc: 0, Fallback percentage: 0.00% Iteration 2: swpout inc: 953, swpout fallback inc: 0, Fallback percentage: 0.00% Iteration 3: swpout inc: 950, swpout fallback inc: 0, Fallback percentage: 0.00% Iteration 4: swpout inc: 952, swpout fallback inc: 0, Fallback percentage: 0.00% Iteration 5: swpout inc: 950, swpout fallback inc: 0, Fallback percentage: 0.00% Iteration 6: swpout inc: 950, swpout fallback inc: 0, Fallback percentage: 0.00% Iteration 7: swpout inc: 947, swpout fallback inc: 0, Fallback percentage: 0.00% Iteration 8: swpout inc: 950, swpout fallback inc: 0, Fallback percentage: 0.00% Iteration 9: swpout inc: 950, swpout fallback inc: 0, Fallback percentage: 0.00% Iteration 10: swpout inc: 945, swpout fallback inc: 0, Fallback percentage: 0.00% Iteration 11: swpout inc: 947, swpout fallback inc: 0, Fallback percentage: 0.00% ... 3. With both mTHP swap-out and swap-in supported, we offer the option to enable zsmalloc compression/decompression with larger granularity[2]. The upcoming optimization in zsmalloc will significantly increase swap speed and improve compression efficiency. Tested by running 100 iterations of swapping 100MiB of anon memory, the swap speed improved dramatically: time consumption of swapin(ms) time consumption of swapout(ms) lz4 4k 45274 90540 lz4 64k 22942 55667 zstdn 4k 85035 186585 zstdn 64k 46558 118533 The compression ratio also improved, as evaluated with 1 GiB of data: granularity orig_data_size compr_data_size 4KiB-zstd 1048576000 246876055 64KiB-zstd 1048576000 199763892 Without mTHP swap-in, the potential optimizations in zsmalloc cannot be realized. 4. Even mTHP swap-in itself can reduce swap-in page faults by a factor of nr_pages. Swapping in content filled with the same data 0x11, w/o and w/ the patch for five rounds (Since the content is the same, decompression will be very fast. This primarily assesses the impact of reduced page faults): swp in bandwidth(bytes/ms) w/o w/ round1 624152 1127501 round2 631672 1127501 round3 620459 1139756 round4 606113 1139756 round5 624152 1152281 avg 621310 1137359 +83% 5. With both mTHP swap-out and swap-in supported, we offer the option to enable hardware accelerators(Intel IAA) to do parallel decompression with which Kanchana reported 7X improvement on zRAM read latency[3]. [1] https://lore.kernel.org/all/20240730-swap-allocator-v5-0-cb9c148b9297@kernel.org/ [2] https://lore.kernel.org/all/20240327214816.31191-1-21cnbao@gmail.com/ [3] https://lore.kernel.org/all/cover.1714581792.git.andre.glover@linux.intel.com/ Link: https://lkml.kernel.org/r/20240908232119.2157-4-21cnbao@gmail.com Signed-off-by: Chuanhua Han Co-developed-by: Barry Song Signed-off-by: Barry Song Cc: Baolin Wang Cc: Chris Li Cc: Christoph Hellwig Cc: David Hildenbrand Cc: Gao Xiang Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Johannes Weiner Cc: Kairui Song Cc: Kalesh Singh Cc: Matthew Wilcox (Oracle) Cc: Michal Hocko Cc: Minchan Kim Cc: Nhat Pham Cc: Ryan Roberts Cc: Sergey Senozhatsky Cc: Shakeel Butt Cc: Suren Baghdasaryan Cc: Yang Shi Cc: Yosry Ahmed Cc: Usama Arif Cc: Kanchana P Sridhar Cc: Kairui Song Signed-off-by: Andrew Morton commit 325efb16da2c840e165d9b620fec8049d4d664cc Author: Barry Song Date: Mon Sep 9 11:21:18 2024 +1200 mm: add nr argument in mem_cgroup_swapin_uncharge_swap() helper to support large folios With large folios swap-in, we might need to uncharge multiple entries all together, add nr argument in mem_cgroup_swapin_uncharge_swap(). For the existing two users, just pass nr=1. Link: https://lkml.kernel.org/r/20240908232119.2157-3-21cnbao@gmail.com Signed-off-by: Barry Song Acked-by: Chris Li Reviewed-by: Yosry Ahmed Cc: Shakeel Butt Cc: Baolin Wang Cc: Christoph Hellwig Cc: David Hildenbrand Cc: Gao Xiang Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Johannes Weiner Cc: Kairui Song Cc: Kairui Song Cc: Kalesh Singh Cc: Matthew Wilcox (Oracle) Cc: Michal Hocko Cc: Minchan Kim Cc: Nhat Pham Cc: Ryan Roberts Cc: Sergey Senozhatsky Cc: Suren Baghdasaryan Cc: Yang Shi Cc: Chuanhua Han Cc: Kanchana P Sridhar Cc: Usama Arif Signed-off-by: Andrew Morton commit 9d57090e73d5e00e946d7fdd6398c2c0bc3b5525 Author: Barry Song Date: Mon Sep 9 11:21:17 2024 +1200 mm: fix swap_read_folio_zeromap() for large folios with partial zeromap Patch series "mm: enable large folios swap-in support", v9. Currently, we support mTHP swapout but not swapin. This means that once mTHP is swapped out, it will come back as small folios when swapped in. This is particularly detrimental for devices like Android, where more than half of the memory is in swap. The lack of mTHP swapin functionality makes mTHP a showstopper in scenarios that heavily rely on swap. This patchset introduces mTHP swap-in support. It starts with synchronous devices similar to zRAM, aiming to benefit as many users as possible with minimal changes. This patch (of 3): There could be a corner case where the first entry is non-zeromap, but a subsequent entry is zeromap. In this case, we should not let swap_read_folio_zeromap() return false since we will still read corrupted data. Additionally, the iteration of test_bit() is unnecessary and can be replaced with bitmap operations, which are more efficient. We can adopt the style of swap_pte_batch() and folio_pte_batch() to introduce swap_zeromap_batch() which seems to provide the greatest flexibility for the caller. This approach allows the caller to either check if the zeromap status of all entries is consistent or determine the number of contiguous entries with the same status. Since swap_read_folio() can't handle reading a large folio that's partially zeromap and partially non-zeromap, we've moved the code to mm/swap.h so that others, like those working on swap-in, can access it. Link: https://lkml.kernel.org/r/20240908232119.2157-1-21cnbao@gmail.com Link: https://lkml.kernel.org/r/20240908232119.2157-2-21cnbao@gmail.com Fixes: 0ca0c24e3211 ("mm: store zero pages to be swapped out in a bitmap") Signed-off-by: Barry Song Reviewed-by: Yosry Ahmed Reviewed-by: Usama Arif Cc: Baolin Wang Cc: Chris Li Cc: Christoph Hellwig Cc: Chuanhua Han Cc: David Hildenbrand Cc: Gao Xiang Cc: Huang Ying Cc: Hugh Dickins Cc: Johannes Weiner Cc: Kairui Song Cc: Kairui Song Cc: Kalesh Singh Cc: Matthew Wilcox Cc: Michal Hocko Cc: Minchan Kim Cc: Nhat Pham Cc: Ryan Roberts Cc: Sergey Senozhatsky Cc: Shakeel Butt Cc: Suren Baghdasaryan Cc: Yang Shi Cc: Kanchana P Sridhar Signed-off-by: Andrew Morton commit a0c9fd22e312caa5566d4f3924e37d8158b997cc Author: Anshuman Khandual Date: Tue Sep 10 17:27:46 2024 +0530 mm/debug_vm_pgtable: Use pxdp_get() for accessing page table entries This replaces all the existing READ_ONCE() based page table accesses with respective pxdp_get() helpers. Although these helpers might also fallback to READ_ONCE() as default, but they do provide an opportunity for various platforms to override when required. This change is a step in direction to replace all page table entry accesses with respective pxdp_get() helpers. Link: https://lkml.kernel.org/r/20240910115746.514454-1-anshuman.khandual@arm.com Signed-off-by: Anshuman Khandual Acked-by: David Hildenbrand Cc: Ryan Roberts Signed-off-by: Andrew Morton commit 82ce8e2f31a1eb05b1527c3d807bea40031df913 Author: Christophe Leroy Date: Sat Sep 7 17:40:42 2024 +0200 set_memory: add __must_check to generic stubs Following query shows that architectures that don't provide asm/set_memory.h don't use set_memory_...() functions. $ git grep set_memory_ alpha arc csky hexagon loongarch m68k microblaze mips nios2 openrisc parisc sh sparc um xtensa Following query shows that all core users of set_memory_...() functions always take returned value into account: $ git grep -w -e set_memory_ro -e set_memory_rw -e set_memory_x -e set_memory_nx -e set_memory_rox `find . -maxdepth 1 -type d | grep -v arch | grep /` set_memory_...() functions can fail, leaving the memory attributes unchanged. Make sure all callers check the returned code. Link: https://github.com/KSPP/linux/issues/7 Link: https://lkml.kernel.org/r/6a89ffc69666de84721216947c6b6c7dcca39d7d.1725723347.git.christophe.leroy@csgroup.eu Signed-off-by: Christophe Leroy Cc: Arnd Bergmann Cc: Kees Cook Signed-off-by: Andrew Morton commit 659c55ef981bb63355a65ffc3b3b5cad562b806a Author: Xiao Yang Date: Mon Sep 9 21:56:21 2024 +0900 mm/vma: return the exact errno in vms_gather_munmap_vmas() __split_vma() and mas_store_gfp() returns several types of errno on failure so don't ignore them in vms_gather_munmap_vmas(). For example, __split_vma() returns -EINVAL when an unaligned huge page is unmapped. This issue is reproduced by ltp memfd_create03 test. Don't initialise the error variable and assign it when a failure actually occurs. [akpm@linux-foundation.org: fix whitespace, per Liam] Link: https://lkml.kernel.org/r/20240909125621.1994-1-ice_yangxiao@163.com Fixes: 6898c9039bc8 ("mm/vma: extract the gathering of vmas from do_vmi_align_munmap()") Signed-off-by: Xiao Yang Suggested-by: Lorenzo Stoakes Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202409081536.d283a0fb-oliver.sang@intel.com Cc: "Liam R. Howlett" Signed-off-by: Andrew Morton commit f2c5101be43677c227974912a043da29a62743ef Author: Michal Koutný Date: Mon Sep 9 18:32:20 2024 +0200 memcg: cleanup with !CONFIG_MEMCG_V1 Extern declarations have no definitions with !CONFIG_MEMCG_V1 and no users, drop them altogether. Link: https://lkml.kernel.org/r/20240909163223.3693529-1-mkoutny@suse.com Link: https://lkml.kernel.org/r/20240909163223.3693529-2-mkoutny@suse.com Signed-off-by: Michal Koutný Acked-by: Shakeel Butt Acked-by: Tejun Heo Cc: Chen Ridong Cc: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Cc: Roman Gushchin Cc: Zefan Li Cc: Waiman Long Signed-off-by: Andrew Morton commit fd00be9afa1d64c90ae20a1307da1bdb809b3d55 Author: Kent Overstreet Date: Thu Sep 5 20:53:37 2024 -0400 mm/show_mem.c: report alloc tags in human readable units We already do this when reporting slab info - more consistent and more readable. Link: https://lkml.kernel.org/r/20240906005337.1220091-1-kent.overstreet@linux.dev Signed-off-by: Kent Overstreet Reviewed-by: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 658be46520ce480a44fe405730a1725166298f27 Author: Kefeng Wang Date: Fri Sep 6 10:42:01 2024 +0800 mm: support poison recovery from copy_present_page() Similar to other poison recovery, use copy_mc_user_highpage() to avoid potentially kernel panic during copy page in copy_present_page() from fork, once copy failed due to hwpoison in source page, we need to break out of copy in copy_pte_range() and release prealloc folio, so copy_mc_user_highpage() is moved ahead before set *prealloc to NULL. Link: https://lkml.kernel.org/r/20240906024201.1214712-3-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Reviewed-by: Jane Chu Reviewed-by: Miaohe Lin Cc: David Hildenbrand Cc: Jiaqi Yan Cc: Naoya Horiguchi Cc: Tony Luck Signed-off-by: Andrew Morton commit aa549f923f5e037a459dcd588932db9abfa8c158 Author: Kefeng Wang Date: Fri Sep 6 10:42:00 2024 +0800 mm: support poison recovery from do_cow_fault() Patch series "mm: hwpoison: two more poison recovery". One more CoW path to support poison recorvery in do_cow_fault(), and the last copy_user_highpage() user is replaced to copy_mc_user_highpage() from copy_present_page() during fork to support poison recorvery too. This patch (of 2): Like commit a873dfe1032a ("mm, hwpoison: try to recover from copy-on write faults"), there is another path which could crash because it does not have recovery code where poison is consumed by the kernel in do_cow_fault(), a crash calltrace shown below on old kernel, but it could be happened in the lastest mainline code, CPU: 7 PID: 3248 Comm: mpi Kdump: loaded Tainted: G OE 5.10.0 #1 pc : copy_page+0xc/0xbc lr : copy_user_highpage+0x50/0x9c Call trace: copy_page+0xc/0xbc do_cow_fault+0x118/0x2bc do_fault+0x40/0x1a4 handle_pte_fault+0x154/0x230 __handle_mm_fault+0x1a8/0x38c handle_mm_fault+0xf0/0x250 do_page_fault+0x184/0x454 do_translation_fault+0xac/0xd4 do_mem_abort+0x44/0xbc Fix it by using copy_mc_user_highpage() to handle this case and return VM_FAULT_HWPOISON for cow fault. [wangkefeng.wang@huawei.com: unlock/put vmf->page, per Miaohe] Link: https://lkml.kernel.org/r/20240910021541.234300-1-wangkefeng.wang@huawei.com Link: https://lkml.kernel.org/r/20240906024201.1214712-1-wangkefeng.wang@huawei.com Link: https://lkml.kernel.org/r/20240906024201.1214712-2-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Reviewed-by: Jane Chu Reviewed-by: Miaohe Lin Cc: David Hildenbrand Cc: Jiaqi Yan Cc: Naoya Horiguchi Cc: Tony Luck Signed-off-by: Andrew Morton commit 99185c10d5d9214d0d0c8b7866660203e344ee3b Author: Huang Ying Date: Fri Sep 6 11:07:13 2024 +0800 resource, kunit: add test case for region_intersects() Patch series "resource: Fix region_intersects() vs add_memory_driver_managed()", v3. The patchset fixes a bug of region_intersects() for systems with CXL memory. The details of the bug can be found in [1/3]. To avoid similar bugs in the future. A kunit test case for region_intersects() is added in [3/3]. [2/3] is a preparation patch for [3/3]. This patch (of 3): region_intersects() is important because it's used for /dev/mem permission checking. To avoid possible bug of region_intersects() in the future, a kunit test case for region_intersects() is added. Link: https://lkml.kernel.org/r/20240906030713.204292-1-ying.huang@intel.com Link: https://lkml.kernel.org/r/20240906030713.204292-4-ying.huang@intel.com Signed-off-by: "Huang, Ying" Cc: Dan Williams Cc: David Hildenbrand Cc: Davidlohr Bueso Cc: Jonathan Cameron Cc: Dave Jiang Cc: Alison Schofield Cc: Vishal Verma Cc: Ira Weiny Cc: Alistair Popple Cc: Andy Shevchenko Cc: Bjorn Helgaas Cc: Baoquan He Signed-off-by: Andrew Morton commit bacf9c3cbb18f7e3f67521516d881892f46bbcef Author: Huang Ying Date: Fri Sep 6 11:07:12 2024 +0800 resource: make alloc_free_mem_region() works for iomem_resource During developing a kunit test case for region_intersects(), some fake resources need to be inserted into iomem_resource. To do that, a resource hole needs to be found first in iomem_resource. However, alloc_free_mem_region() cannot work for iomem_resource now. Because the start address to check cannot be 0 to detect address wrapping 0 in gfr_continue(), while iomem_resource.start == 0. To make alloc_free_mem_region() works for iomem_resource, gfr_start() is changed to avoid to return 0 even if base->start == 0. We don't need to check 0 as start address. Link: https://lkml.kernel.org/r/20240906030713.204292-3-ying.huang@intel.com Signed-off-by: "Huang, Ying" Cc: Dan Williams Cc: David Hildenbrand Cc: Davidlohr Bueso Cc: Jonathan Cameron Cc: Dave Jiang Cc: Alison Schofield Cc: Vishal Verma Cc: Ira Weiny Cc: Alistair Popple Cc: Andy Shevchenko Cc: Bjorn Helgaas Cc: Baoquan He Signed-off-by: Andrew Morton commit 7a2369b74abf76cd3e54c45b30f6addb497f831b Author: Yosry Ahmed Date: Wed Sep 4 23:33:43 2024 +0000 mm: z3fold: deprecate CONFIG_Z3FOLD The z3fold compressed pages allocator is rarely used, most users use zsmalloc. The only disadvantage of zsmalloc in comparison is the dependency on MMU, and zbud is a more common option for !MMU as it was the default zswap allocator for a long time. Historically, zsmalloc had worse latency than zbud and z3fold but offered better memory savings. This is no longer the case as shown by a simple recent analysis [1]. That analysis showed that z3fold does not have any advantage over zsmalloc or zbud considering both performance and memory usage. In a kernel build test on tmpfs in a limited cgroup, z3fold took 3% more time and used 1.8% more memory. The latency of zswap_load() was 7% higher, and that of zswap_store() was 10% higher. Zsmalloc is better in all metrics. Moreover, z3fold apparently has latent bugs, which was made noticeable by a recent soft lockup bug report with z3fold [2]. Switching to zsmalloc not only fixed the problem, but also reduced the swap usage from 6~8G to 1~2G. Other users have also reported being bitten by mistakenly enabling z3fold. Other than hurting users, z3fold is repeatedly causing wasted engineering effort. Apart from investigating the above bug, it came up in multiple development discussions (e.g. [3]) as something we need to handle, when there aren't any legit users (at least not intentionally). The natural course of action is to deprecate z3fold, and remove in a few cycles if no objections are raised from active users. Next on the list should be zbud, as it offers marginal latency gains at the cost of huge memory waste when compared to zsmalloc. That one will need to wait until zsmalloc does not depend on MMU. Rename the user-visible config option from CONFIG_Z3FOLD to CONFIG_Z3FOLD_DEPRECATED so that users with CONFIG_Z3FOLD=y get a new prompt with explanation during make oldconfig. Also, remove CONFIG_Z3FOLD=y from defconfigs. [1]https://lore.kernel.org/lkml/CAJD7tkbRF6od-2x_L8-A1QL3=2Ww13sCj4S3i4bNndqF+3+_Vg@mail.gmail.com/ [2]https://lore.kernel.org/lkml/EF0ABD3E-A239-4111-A8AB-5C442E759CF3@gmail.com/ [3]https://lore.kernel.org/lkml/CAJD7tkbnmeVugfunffSovJf9FAgy9rhBVt_tx=nxUveLUfqVsA@mail.gmail.com/ [arnd@arndb.de: deprecate ZSWAP_ZPOOL_DEFAULT_Z3FOLD as well] Link: https://lkml.kernel.org/r/20240909202625.1054880-1-arnd@kernel.org Link: https://lkml.kernel.org/r/20240904233343.933462-1-yosryahmed@google.com Signed-off-by: Yosry Ahmed Signed-off-by: Arnd Bergmann Acked-by: Chris Down Acked-by: Nhat Pham Acked-by: Johannes Weiner Acked-by: Vitaly Wool Acked-by: Christoph Hellwig Cc: Aneesh Kumar K.V Cc: Christophe Leroy Cc: Huacai Chen Cc: Miaohe Lin Cc: Michael Ellerman Cc: Naveen N. Rao Cc: Nicholas Piggin Cc: Sergey Senozhatsky Cc: WANG Xuerui Cc: Signed-off-by: Andrew Morton commit f9e54c3a2f5b79ecc57c7bc7d0d3521e461a2101 Author: Alex Williamson Date: Mon Aug 26 16:43:53 2024 -0400 vfio/pci: implement huge_fault support With the addition of pfnmap support in vmf_insert_pfn_{pmd,pud}() we can take advantage of PMD and PUD faults to PCI BAR mmaps and create more efficient mappings. PCI BARs are always a power of two and will typically get at least PMD alignment without userspace even trying. Userspace alignment for PUD mappings is also not too difficult. Consolidate faults through a single handler with a new wrapper for standard single page faults. The pre-faulting behavior of commit d71a989cf5d9 ("vfio/pci: Insert full vma on mmap'd MMIO fault") is removed in this refactoring since huge_fault will cover the bulk of the faults and results in more efficient page table usage. We also want to avoid that pre-faulted single page mappings preempt huge page mappings. Link: https://lkml.kernel.org/r/20240826204353.2228736-20-peterx@redhat.com Signed-off-by: Alex Williamson Signed-off-by: Peter Xu Cc: Alexander Gordeev Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: David Hildenbrand Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit 3e509c9b03f9abc7804c80bed266a6cc4286a5a8 Author: Peter Xu Date: Mon Aug 26 16:43:52 2024 -0400 mm/arm64: support large pfn mappings Support huge pfnmaps by using bit 56 (PTE_SPECIAL) for "special" on pmds/puds. Provide the pmd/pud helpers to set/get special bit. There's one more thing missing for arm64 which is the pxx_pgprot() for pmd/pud. Add them too, which is mostly the same as the pte version by dropping the pfn field. These helpers are essential to be used in the new follow_pfnmap*() API to report valid pgprot_t results. Note that arm64 doesn't yet support huge PUD yet, but it's still straightforward to provide the pud helpers that we need altogether. Only PMD helpers will make an immediate benefit until arm64 will support huge PUDs first in general (e.g. in THPs). Link: https://lkml.kernel.org/r/20240826204353.2228736-19-peterx@redhat.com Signed-off-by: Peter Xu Cc: Catalin Marinas Cc: Will Deacon Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Christian Borntraeger Cc: Dave Hansen Cc: David Hildenbrand Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Zi Yan Signed-off-by: Andrew Morton commit 75182022a0439788415b2dd1db3086e07aa506f7 Author: Peter Xu Date: Mon Aug 26 16:43:51 2024 -0400 mm/x86: support large pfn mappings Helpers to install and detect special pmd/pud entries. In short, bit 9 on x86 is not used for pmd/pud, so we can directly define them the same as the pte level. One note is that it's also used in _PAGE_BIT_CPA_TEST but that is only used in the debug test, and shouldn't conflict in this case. One note is that pxx_set|clear_flags() for pmd/pud will need to be moved upper so that they can be referenced by the new special bit helpers. There's no change in the code that was moved. Link: https://lkml.kernel.org/r/20240826204353.2228736-18-peterx@redhat.com Signed-off-by: Peter Xu Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Catalin Marinas Cc: Christian Borntraeger Cc: David Hildenbrand Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit b0a1c0d0edcd75a0f8ec5fd19dbd64b8d097f534 Author: Peter Xu Date: Mon Aug 26 16:43:50 2024 -0400 mm: remove follow_pte() follow_pte() users have been converted to follow_pfnmap*(). Remove the API. Link: https://lkml.kernel.org/r/20240826204353.2228736-17-peterx@redhat.com Signed-off-by: Peter Xu Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: David Hildenbrand Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit b17269a51cc7f046a6f2cf9a6c314a0de885e5a5 Author: Peter Xu Date: Mon Aug 26 16:43:49 2024 -0400 mm/access_process_vm: use the new follow_pfnmap API Use the new API that can understand huge pfn mappings. Link: https://lkml.kernel.org/r/20240826204353.2228736-16-peterx@redhat.com Signed-off-by: Peter Xu Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: David Hildenbrand Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit e6bc784c24fdabdad923aaa45c1928b2cde8a0c9 Author: Peter Xu Date: Mon Aug 26 16:43:48 2024 -0400 acrn: use the new follow_pfnmap API Use the new API that can understand huge pfn mappings. Link: https://lkml.kernel.org/r/20240826204353.2228736-15-peterx@redhat.com Signed-off-by: Peter Xu Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: David Hildenbrand Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit a77f9489f1d7873a56e1d6640cc0c4865f64176b Author: Peter Xu Date: Mon Aug 26 16:43:47 2024 -0400 vfio: use the new follow_pfnmap API Use the new API that can understand huge pfn mappings. Link: https://lkml.kernel.org/r/20240826204353.2228736-14-peterx@redhat.com Signed-off-by: Peter Xu Cc: Alex Williamson Cc: Jason Gunthorpe Cc: Alexander Gordeev Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: David Hildenbrand Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit cbea8536d933d546ceb1005bf9c04f9d01da8092 Author: Peter Xu Date: Mon Aug 26 16:43:46 2024 -0400 mm/x86/pat: use the new follow_pfnmap API Use the new API that can understand huge pfn mappings. Link: https://lkml.kernel.org/r/20240826204353.2228736-13-peterx@redhat.com Signed-off-by: Peter Xu Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Catalin Marinas Cc: Christian Borntraeger Cc: David Hildenbrand Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit bd8c2d18bf5cccd8842d00b17d6f222beb98b1b3 Author: Peter Xu Date: Mon Aug 26 16:43:45 2024 -0400 s390/pci_mmio: use follow_pfnmap API Use the new API that can understand huge pfn mappings. Link: https://lkml.kernel.org/r/20240826204353.2228736-12-peterx@redhat.com Signed-off-by: Peter Xu Cc: Niklas Schnelle Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Sven Schnelle Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Dave Hansen Cc: David Hildenbrand Cc: Gavin Shan Cc: Ingo Molnar Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Thomas Gleixner Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit 5731aacd54a883dd2c1a5e8c85e1fe78fc728dc7 Author: Peter Xu Date: Mon Aug 26 16:43:44 2024 -0400 KVM: use follow_pfnmap API Use the new pfnmap API to allow huge MMIO mappings for VMs. The rest work is done perfectly on the other side (host_pfn_mapping_level()). Link: https://lkml.kernel.org/r/20240826204353.2228736-11-peterx@redhat.com Signed-off-by: Peter Xu Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: David Hildenbrand Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Ryan Roberts Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit 6da8e9634bb7e3fdad9ae0e4db873a05036c4343 Author: Peter Xu Date: Mon Aug 26 16:43:43 2024 -0400 mm: new follow_pfnmap API Introduce a pair of APIs to follow pfn mappings to get entry information. It's very similar to what follow_pte() does before, but different in that it recognizes huge pfn mappings. Link: https://lkml.kernel.org/r/20240826204353.2228736-10-peterx@redhat.com Signed-off-by: Peter Xu Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: David Hildenbrand Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit 0515e022e167cfacf1fee092eb93aa9514e23c0a Author: Peter Xu Date: Mon Aug 26 16:43:42 2024 -0400 mm: always define pxx_pgprot() There're: - 8 archs (arc, arm64, include, mips, powerpc, s390, sh, x86) that support pte_pgprot(). - 2 archs (x86, sparc) that support pmd_pgprot(). - 1 arch (x86) that support pud_pgprot(). Always define them to be used in generic code, and then we don't need to fiddle with "#ifdef"s when doing so. Link: https://lkml.kernel.org/r/20240826204353.2228736-9-peterx@redhat.com Signed-off-by: Peter Xu Reviewed-by: Jason Gunthorpe Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: David Hildenbrand Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit bc02afbd4d73c4424ea12a0c35fa96e27172e8cb Author: Peter Xu Date: Mon Aug 26 16:43:41 2024 -0400 mm/fork: accept huge pfnmap entries Teach the fork code to properly copy pfnmaps for pmd/pud levels. Pud is much easier, the write bit needs to be persisted though for writable and shared pud mappings like PFNMAP ones, otherwise a follow up write in either parent or child process will trigger a write fault. Do the same for pmd level. Link: https://lkml.kernel.org/r/20240826204353.2228736-8-peterx@redhat.com Signed-off-by: Peter Xu Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: David Hildenbrand Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit 10d83d7781a8a6ff02bafd172c1ab183b27f8d5a Author: Peter Xu Date: Mon Aug 26 16:43:40 2024 -0400 mm/pagewalk: check pfnmap for folio_walk_start() Teach folio_walk_start() to recognize special pmd/pud mappings, and fail them properly as it means there's no folio backing them. [peterx@redhat.com: remove some stale comments, per David] Link: https://lkml.kernel.org/r/20240829202237.2640288-1-peterx@redhat.com Link: https://lkml.kernel.org/r/20240826204353.2228736-7-peterx@redhat.com Signed-off-by: Peter Xu Cc: David Hildenbrand Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit ae3c99e650da4a8f4deb3670c29059de375a88be Author: Peter Xu Date: Mon Aug 26 16:43:39 2024 -0400 mm/gup: detect huge pfnmap entries in gup-fast Since gup-fast doesn't have the vma reference, teach it to detect such huge pfnmaps by checking the special bit for pmd/pud too, just like ptes. Link: https://lkml.kernel.org/r/20240826204353.2228736-6-peterx@redhat.com Signed-off-by: Peter Xu Acked-by: David Hildenbrand Reviewed-by: Jason Gunthorpe Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit 5dd40721f147e83733ad34848330913cb633046e Author: Peter Xu Date: Mon Aug 26 16:43:38 2024 -0400 mm: allow THP orders for PFNMAPs This enables PFNMAPs to be mapped at either pmd/pud layers. Generalize the dax case into vma_is_special_huge() so as to cover both. Meanwhile, rename the macro to THP_ORDERS_ALL_SPECIAL. Link: https://lkml.kernel.org/r/20240826204353.2228736-5-peterx@redhat.com Signed-off-by: Peter Xu Reviewed-by: Jason Gunthorpe Acked-by: David Hildenbrand Cc: Matthew Wilcox Cc: Gavin Shan Cc: Ryan Roberts Cc: Zi Yan Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 3c8e44c9b369b3d422516b3f2bf47a6e3c61d1ea Author: Peter Xu Date: Mon Aug 26 16:43:37 2024 -0400 mm: mark special bits for huge pfn mappings when inject We need these special bits to be around on pfnmaps. Mark properly for !devmap case, reflecting that there's no page struct backing the entry. Link: https://lkml.kernel.org/r/20240826204353.2228736-4-peterx@redhat.com Reviewed-by: Jason Gunthorpe Signed-off-by: Peter Xu Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit ef713ec3a566d3e5e011c5d6201eb661ebf94c1f Author: Peter Xu Date: Mon Aug 26 16:43:36 2024 -0400 mm: drop is_huge_zero_pud() It constantly returns false since 2017. One assertion is added in 2019 but it should never have triggered, IOW it means what is checked should be asserted instead. If it didn't exist for 7 years maybe it's good idea to remove it and only add it when it comes. Link: https://lkml.kernel.org/r/20240826204353.2228736-3-peterx@redhat.com Signed-off-by: Peter Xu Reviewed-by: Jason Gunthorpe Acked-by: David Hildenbrand Cc: Matthew Wilcox Cc: Aneesh Kumar K.V Cc: Alexander Gordeev Cc: Alex Williamson Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit 6857be5fecaebd9773ff27b6d29b6fff3b1abbce Author: Peter Xu Date: Mon Aug 26 16:43:35 2024 -0400 mm: introduce ARCH_SUPPORTS_HUGE_PFNMAP and special bits to pmd/pud Patch series "mm: Support huge pfnmaps", v2. Overview ======== This series implements huge pfnmaps support for mm in general. Huge pfnmap allows e.g. VM_PFNMAP vmas to map in either PMD or PUD levels, similar to what we do with dax / thp / hugetlb so far to benefit from TLB hits. Now we extend that idea to PFN mappings, e.g. PCI MMIO bars where it can grow as large as 8GB or even bigger. Currently, only x86_64 (1G+2M) and arm64 (2M) are supported. The last patch (from Alex Williamson) will be the first user of huge pfnmap, so as to enable vfio-pci driver to fault in huge pfn mappings. Implementation ============== In reality, it's relatively simple to add such support comparing to many other types of mappings, because of PFNMAP's specialties when there's no vmemmap backing it, so that most of the kernel routines on huge mappings should simply already fail for them, like GUPs or old-school follow_page() (which is recently rewritten to be folio_walk* APIs by David). One trick here is that we're still unmature on PUDs in generic paths here and there, as DAX is so far the only user. This patchset will add the 2nd user of it. Hugetlb can be a 3rd user if the hugetlb unification work can go on smoothly, but to be discussed later. The other trick is how to allow gup-fast working for such huge mappings even if there's no direct sign of knowing whether it's a normal page or MMIO mapping. This series chose to keep the pte_special solution, so that it reuses similar idea on setting a special bit to pfnmap PMDs/PUDs so that gup-fast will be able to identify them and fail properly. Along the way, we'll also notice that the major pgtable pfn walker, aka, follow_pte(), will need to retire soon due to the fact that it only works with ptes. A new set of simple API is introduced (follow_pfnmap* API) to be able to do whatever follow_pte() can already do, plus that it can also process huge pfnmaps now. Half of this series is about that and converting all existing pfnmap walkers to use the new API properly. Hopefully the new API also looks better to avoid exposing e.g. pgtable lock details into the callers, so that it can be used in an even more straightforward way. Here, three more options will be introduced and involved in huge pfnmap: - ARCH_SUPPORTS_HUGE_PFNMAP Arch developers will need to select this option when huge pfnmap is supported in arch's Kconfig. After this patchset applied, both x86_64 and arm64 will start to enable it by default. - ARCH_SUPPORTS_PMD_PFNMAP / ARCH_SUPPORTS_PUD_PFNMAP These options are for driver developers to identify whether current arch / config supports huge pfnmaps, making decision on whether it can use the huge pfnmap APIs to inject them. One can refer to the last vfio-pci patch from Alex on the use of them properly in a device driver. So after the whole set applied, and if one would enable some dynamic debug lines in vfio-pci core files, we should observe things like: vfio-pci 0000:00:06.0: vfio_pci_mmap_huge_fault(,order = 9) BAR 0 page offset 0x0: 0x100 vfio-pci 0000:00:06.0: vfio_pci_mmap_huge_fault(,order = 9) BAR 0 page offset 0x200: 0x100 vfio-pci 0000:00:06.0: vfio_pci_mmap_huge_fault(,order = 9) BAR 0 page offset 0x400: 0x100 In this specific case, it says that vfio-pci faults in PMDs properly for a few BAR0 offsets. Patch Layout ============ Patch 1: Introduce the new options mentioned above for huge PFNMAPs Patch 2: A tiny cleanup Patch 3-8: Preparation patches for huge pfnmap (include introduce special bit for pmd/pud) Patch 9-16: Introduce follow_pfnmap*() API, use it everywhere, and then drop follow_pte() API Patch 17: Add huge pfnmap support for x86_64 Patch 18: Add huge pfnmap support for arm64 Patch 19: Add vfio-pci support for all kinds of huge pfnmaps (Alex) TODO ==== More architectures / More page sizes ------------------------------------ Currently only x86_64 (2M+1G) and arm64 (2M) are supported. There seems to have plan to support arm64 1G later on top of this series [2]. Any arch will need to first support THP / THP_1G, then provide a special bit in pmds/puds to support huge pfnmaps. remap_pfn_range() support ------------------------- Currently, remap_pfn_range() still only maps PTEs. With the new option, remap_pfn_range() can logically start to inject either PMDs or PUDs when the alignment requirements match on the VAs. When the support is there, it should be able to silently benefit all drivers that is using remap_pfn_range() in its mmap() handler on better TLB hit rate and overall faster MMIO accesses similar to processor on hugepages. More driver support ------------------- VFIO is so far the only consumer for the huge pfnmaps after this series applied. Besides above remap_pfn_range() generic optimization, device driver can also try to optimize its mmap() on a better VA alignment for either PMD/PUD sizes. This may, iiuc, normally require userspace changes, as the driver doesn't normally decide the VA to map a bar. But I don't think I know all the drivers to know the full picture. Credits all go to Alex on help testing the GPU/NIC use cases above. [0] https://lore.kernel.org/r/73ad9540-3fb8-4154-9a4f-30a0a2b03d41@lucifer.local [1] https://lore.kernel.org/r/20240807194812.819412-1-peterx@redhat.com [2] https://lore.kernel.org/r/498e0731-81a4-4f75-95b4-a8ad0bcc7665@huawei.com This patch (of 19): This patch introduces the option to introduce special pte bit into pmd/puds. Archs can start to define pmd_special / pud_special when supported by selecting the new option. Per-arch support will be added later. Before that, create fallbacks for these helpers so that they are always available. Link: https://lkml.kernel.org/r/20240826204353.2228736-1-peterx@redhat.com Link: https://lkml.kernel.org/r/20240826204353.2228736-2-peterx@redhat.com Signed-off-by: Peter Xu Cc: Alexander Gordeev Cc: Alex Williamson Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christian Borntraeger Cc: Dave Hansen Cc: David Hildenbrand Cc: Gavin Shan Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Ingo Molnar Cc: Jason Gunthorpe Cc: Matthew Wilcox Cc: Niklas Schnelle Cc: Paolo Bonzini Cc: Ryan Roberts Cc: Sean Christopherson Cc: Sven Schnelle Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit 22af8caff7d1ca22a1ff1a554180e53f7a6555af Author: Lorenzo Stoakes Date: Fri Sep 13 15:06:28 2024 +0100 mm/madvise: process_madvise() drop capability check if same mm In commit 96cfe2c0fd23 ("mm/madvise: replace ptrace attach requirement for process_madvise") process_madvise() was updated to require the caller to possess the CAP_SYS_NICE capability to perform the operation, in addition to a check against PTRACE_MODE_READ performed by mm_access(). The mm_access() function explicitly checks to see if the address space of the process being referenced is the current one, in which case no check is performed. We, however, do not do this when checking the CAP_SYS_NICE capability. This means that we insist on the caller possessing this capability in order to perform madvise() operations on its own address space, which seems nonsensical. Simply add a check to allow for an invocation of this function with pidfd set to the current process without elevation. Link: https://lkml.kernel.org/r/20240913140628.77047-1-lorenzo.stoakes@oracle.com Fixes: 96cfe2c0fd23 ("mm/madvise: replace ptrace attach requirement for process_madvise") Signed-off-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Acked-by: Vlastimil Babka Acked-by: Shakeel Butt Acked-by: David Rientjes Cc: Kees Cook Cc: Minchan Kim Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 2a1b8648d9be9f37f808a36c0f74adb8c53d06e6 Author: Miaohe Lin Date: Sat Sep 14 09:53:06 2024 +0800 mm/huge_memory: ensure huge_zero_folio won't have large_rmappable flag set Ensure huge_zero_folio won't have large_rmappable flag set. So it can be reported as thp,zero correctly through stable_page_flags(). Link: https://lkml.kernel.org/r/20240914015306.3656791-1-linmiaohe@huawei.com Fixes: 5691753d73a2 ("mm: convert huge_zero_page to huge_zero_folio") Signed-off-by: Miaohe Lin Cc: David Hildenbrand Cc: Matthew Wilcox (Oracle) Cc: Signed-off-by: Andrew Morton commit 98b74bb4d7e96b4da5ef3126511febe55b76b807 Author: Vishal Moola (Oracle) Date: Sat Sep 14 12:41:19 2024 -0700 mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway Syzbot reports a UAF in hugetlb_fault(). This happens because vmf_anon_prepare() could drop the per-VMA lock and allow the current VMA to be freed before hugetlb_vma_unlock_read() is called. We can fix this by using a modified version of vmf_anon_prepare() that doesn't release the VMA lock on failure, and then release it ourselves after hugetlb_vma_unlock_read(). Link: https://lkml.kernel.org/r/20240914194243.245-2-vishal.moola@gmail.com Fixes: 9acad7ba3e25 ("hugetlb: use vmf_anon_prepare() instead of anon_vma_prepare()") Reported-by: syzbot+2dab93857ee95f2eeb08@syzkaller.appspotmail.com Closes: https://lore.kernel.org/linux-mm/00000000000067c20b06219fbc26@google.com/ Signed-off-by: Vishal Moola (Oracle) Cc: Muchun Song Cc: Signed-off-by: Andrew Morton commit 2a058ab3286d6475b2082b90c2d2182d2fea4b39 Author: Vishal Moola (Oracle) Date: Sat Sep 14 12:41:18 2024 -0700 mm: change vmf_anon_prepare() to __vmf_anon_prepare() Some callers of vmf_anon_prepare() may not want us to release the per-VMA lock ourselves. Rename vmf_anon_prepare() to __vmf_anon_prepare() and let the callers drop the lock when desired. Also, make vmf_anon_prepare() a wrapper that releases the per-VMA lock itself for any callers that don't care. This is in preparation to fix this bug reported by syzbot: https://lore.kernel.org/linux-mm/00000000000067c20b06219fbc26@google.com/ Link: https://lkml.kernel.org/r/20240914194243.245-1-vishal.moola@gmail.com Fixes: 9acad7ba3e25 ("hugetlb: use vmf_anon_prepare() instead of anon_vma_prepare()") Reported-by: syzbot+2dab93857ee95f2eeb08@syzkaller.appspotmail.com Closes: https://lore.kernel.org/linux-mm/00000000000067c20b06219fbc26@google.com/ Signed-off-by: Vishal Moola (Oracle) Cc: Muchun Song Cc: Signed-off-by: Andrew Morton commit b4afe4183ec77f230851ea139d91e5cf2644c68b Author: Huang Ying Date: Fri Sep 6 11:07:11 2024 +0800 resource: fix region_intersects() vs add_memory_driver_managed() On a system with CXL memory, the resource tree (/proc/iomem) related to CXL memory may look like something as follows. 490000000-50fffffff : CXL Window 0 490000000-50fffffff : region0 490000000-50fffffff : dax0.0 490000000-50fffffff : System RAM (kmem) Because drivers/dax/kmem.c calls add_memory_driver_managed() during onlining CXL memory, which makes "System RAM (kmem)" a descendant of "CXL Window X". This confuses region_intersects(), which expects all "System RAM" resources to be at the top level of iomem_resource. This can lead to bugs. For example, when the following command line is executed to write some memory in CXL memory range via /dev/mem, $ dd if=data of=/dev/mem bs=$((1 << 10)) seek=$((0x490000000 >> 10)) count=1 dd: error writing '/dev/mem': Bad address 1+0 records in 0+0 records out 0 bytes copied, 0.0283507 s, 0.0 kB/s the command fails as expected. However, the error code is wrong. It should be "Operation not permitted" instead of "Bad address". More seriously, the /dev/mem permission checking in devmem_is_allowed() passes incorrectly. Although the accessing is prevented later because ioremap() isn't allowed to map system RAM, it is a potential security issue. During command executing, the following warning is reported in the kernel log for calling ioremap() on system RAM. ioremap on RAM at 0x0000000490000000 - 0x0000000490000fff WARNING: CPU: 2 PID: 416 at arch/x86/mm/ioremap.c:216 __ioremap_caller.constprop.0+0x131/0x35d Call Trace: memremap+0xcb/0x184 xlate_dev_mem_ptr+0x25/0x2f write_mem+0x94/0xfb vfs_write+0x128/0x26d ksys_write+0xac/0xfe do_syscall_64+0x9a/0xfd entry_SYSCALL_64_after_hwframe+0x4b/0x53 The details of command execution process are as follows. In the above resource tree, "System RAM" is a descendant of "CXL Window 0" instead of a top level resource. So, region_intersects() will report no System RAM resources in the CXL memory region incorrectly, because it only checks the top level resources. Consequently, devmem_is_allowed() will return 1 (allow access via /dev/mem) for CXL memory region incorrectly. Fortunately, ioremap() doesn't allow to map System RAM and reject the access. So, region_intersects() needs to be fixed to work correctly with the resource tree with "System RAM" not at top level as above. To fix it, if we found a unmatched resource in the top level, we will continue to search matched resources in its descendant resources. So, we will not miss any matched resources in resource tree anymore. In the new implementation, an example resource tree |------------- "CXL Window 0" ------------| |-- "System RAM" --| will behave similar as the following fake resource tree for region_intersects(, IORESOURCE_SYSTEM_RAM, ), |-- "System RAM" --||-- "CXL Window 0a" --| Where "CXL Window 0a" is part of the original "CXL Window 0" that isn't covered by "System RAM". Link: https://lkml.kernel.org/r/20240906030713.204292-2-ying.huang@intel.com Fixes: c221c0b0308f ("device-dax: "Hotplug" persistent memory for use like normal RAM") Signed-off-by: "Huang, Ying" Cc: Dan Williams Cc: David Hildenbrand Cc: Davidlohr Bueso Cc: Jonathan Cameron Cc: Dave Jiang Cc: Alison Schofield Cc: Vishal Verma Cc: Ira Weiny Cc: Alistair Popple Cc: Andy Shevchenko Cc: Bjorn Helgaas Cc: Baoquan He Cc: Signed-off-by: Andrew Morton commit 6040f650c56862a4ac40b00c37ef6ab1ddfcebb5 Author: Sergey Senozhatsky Date: Fri Sep 6 12:45:44 2024 +0900 zsmalloc: use unique zsmalloc caches names Each zsmalloc pool maintains several named kmem-caches for zs_handle-s and zspage-s. On a system with multiple zsmalloc pools and CONFIG_DEBUG_VM this triggers kmem_cache_sanity_check(): kmem_cache of name 'zspage' already exists WARNING: at mm/slab_common.c:108 do_kmem_cache_create_usercopy+0xb5/0x310 ... kmem_cache of name 'zs_handle' already exists WARNING: at mm/slab_common.c:108 do_kmem_cache_create_usercopy+0xb5/0x310 ... We provide zram device name when init its zsmalloc pool, so we can use that same name for zsmalloc caches and, hence, create unique names that can easily be linked to zram device that has created them. So instead of having this cat /proc/slabinfo slabinfo - version: 2.1 zspage 46 46 ... zs_handle 128 128 ... zspage 34270 34270 ... zs_handle 34816 34816 ... zspage 0 0 ... zs_handle 0 0 ... We now have this cat /proc/slabinfo slabinfo - version: 2.1 zspage-zram2 46 46 ... zs_handle-zram2 128 128 ... zspage-zram0 34270 34270 ... zs_handle-zram0 34816 34816 ... zspage-zram1 0 0 ... zs_handle-zram1 0 0 ... Link: https://lkml.kernel.org/r/20240906035103.2435557-1-senozhatsky@chromium.org Fixes: 2e40e163a25a ("zsmalloc: decouple handle and object") Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Signed-off-by: Andrew Morton commit c3dea3d54f4d399f8044547f0f1abdccbdfb0fee Author: Juergen Gross Date: Sun Sep 15 13:06:44 2024 +0200 xen/swiotlb: fix allocated size The allocated size in xen_swiotlb_alloc_coherent() and xen_swiotlb_free_coherent() is calculated wrong for the case of XEN_PAGE_SIZE not matching PAGE_SIZE. Fix that. Fixes: 7250f422da04 ("xen-swiotlb: use actually allocated size on check physical continuous") Reported-by: Jan Beulich Signed-off-by: Juergen Gross Reviewed-by: Jan Beulich Reviewed-by: Stefano Stabellini Signed-off-by: Juergen Gross commit 9f40ec84a7976d95c34e7cc070939deb103652b0 Author: Juergen Gross Date: Fri Sep 13 12:05:02 2024 +0200 xen/swiotlb: add alignment check for dma buffers When checking a memory buffer to be consecutive in machine memory, the alignment needs to be checked, too. Failing to do so might result in DMA memory not being aligned according to its requested size, leading to error messages like: 4xxx 0000:2b:00.0: enabling device (0140 -> 0142) 4xxx 0000:2b:00.0: Ring address not aligned 4xxx 0000:2b:00.0: Failed to initialise service qat_crypto 4xxx 0000:2b:00.0: Resetting device qat_dev0 4xxx: probe of 0000:2b:00.0 failed with error -14 Fixes: 9435cce87950 ("xen/swiotlb: Add support for 64KB page granularity") Signed-off-by: Juergen Gross Reviewed-by: Stefano Stabellini Signed-off-by: Juergen Gross commit c903327d3295b135eb8c81ebe0b68c1837718eb8 Merge: daa394f0f9d3cb daeed1595b4ddf Author: Linus Torvalds Date: Tue Sep 17 08:52:28 2024 +0200 Merge tag 'printk-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/printk/linux Pull printk updates from Petr Mladek: "This is the "last" part of the support for the new nbcon consoles. Where "nbcon" stays for "No Big console lock CONsoles" aka not under the console_lock. New callbacks are added to struct console: - write_thread() for flushing nbcon consoles in task context. - write_atomic() for flushing nbcon consoles in atomic context, including NMI. - con->device_lock() and device_unlock() for taking the driver specific lock, for example, port->lock. New printk-specific kthreads are created: - per-console kthreads which get responsible for flushing normal priority messages on nbcon consoles. - thread which gets responsible for flushing normal priority messages on all consoles when CONFIG_RT enabled. The new callbacks are called under a special per-console lock which has already been added back in v6.7. It allows to distinguish three severities: normal, emergency, and panic. A context with a higher priority could take over the ownership when it is safe even in the middle of handling a record. The panic context could do it even when it is not safe. But it is allowed only for the final desperate flush before entering the infinite loop. The new lock helps to flush the messages directly in emergency and panic contexts. But it is not enough in all situations: - console_lock() is still need for synchronization against boot consoles. - con->device_lock() is need for synchronization against other operations on the same HW, e.g. serial port speed setting, non-printk related read/write. The dependency on con->device_lock() is mutual. Any code taking the driver specific lock has to acquire the related nbcon console context as well. For example, see the new uart_port_lock() API. It provides the necessary synchronization against emergency and panic contexts where the messages are flushed only under the new per-console lock. Maybe surprisingly, a quite tricky part is the decision how to flush the consoles in various situations. It has to take into account: - message priority: normal, emergency, panic - scheduling context: task, atomic, deferred_legacy - registered consoles: boot, legacy, nbcon - threads are running: early boot, suspend, shutdown, panic - caller: printk(), pr_flush(), printk_flush_in_panic(), console_unlock(), console_start(), ... The primary decision is made in printk_get_console_flush_type(). It creates a hint what the caller should do: - flush nbcon consoles directly or via the kthread - call the legacy loop (console_unlock()) directly or via irq_work The existing behavior is preserved for the legacy consoles. The only exception is that they are not longer flushed directly from printk() in panic() before CPUs are stopped. But this blocking happens only when at least one nbcon console is registered. The motivation is to increase a chance to produce the crash dump. They legacy consoles might create a deadlock in compare with nbcon consoles. The nbcon console should allow to see the messages even when the crash dump fails. There are three possible ways how nbcon consoles are flushed: - The per-nbcon-console kthread is responsible for flushing messages added with the normal priority. This is the default mode. - The legacy loop, aka console_unlock(), is used when there is still a boot console registered. There is no easy way how to match an early console driver with a nbcon console driver. And the console_lock() provides the only reliable serialization at the moment. The legacy loop uses either con->write_atomic() or con->write_thread() callbacks depending on whether it is allowed to schedule. The atomic variant has to be used from printk(). - In other situations, the messages are flushed directly using write_atomic() which can be called in any context, including NMI. It is primary needed during early boot or shutdown, in emergency situations, and panic. The emergency priority is used by a code called within nbcon_cpu_emergency_enter()/exit(). At the moment, it is used in four situations: WARN(), Oops, lockdep, and RCU stall reports. Finally, there is no nbcon console at the moment. It means that the changes should _not_ modify the existing behavior. The only exception is CONFIG_RT which would force offloading the legacy loop, for normal priority context, into the dedicated kthread" * tag 'printk-for-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/printk/linux: (54 commits) printk: Avoid false positive lockdep report for legacy printing printk: nbcon: Assign nice -20 for printing threads printk: Implement legacy printer kthread for PREEMPT_RT tty: sysfs: Add nbcon support for 'active' proc: Add nbcon support for /proc/consoles proc: consoles: Add notation to c_start/c_stop printk: nbcon: Show replay message on takeover printk: Provide helper for message prepending printk: nbcon: Rely on kthreads for normal operation printk: nbcon: Use thread callback if in task context for legacy printk: nbcon: Relocate nbcon_atomic_emit_one() printk: nbcon: Introduce printer kthreads printk: nbcon: Init @nbcon_seq to highest possible printk: nbcon: Add context to usable() and emit() printk: Flush console on unregister_console() printk: Fail pr_flush() if before SYSTEM_SCHEDULING printk: nbcon: Add function for printers to reacquire ownership printk: nbcon: Use raw_cpu_ptr() instead of open coding printk: Use the BITS_PER_LONG macro lockdep: Mark emergency sections in lockdep splats ... commit daa394f0f9d3cb002c72e2d3db99972e2ee42862 Merge: 9ea925c806dbb8 63a4a9b52c3c7f Author: Linus Torvalds Date: Tue Sep 17 08:14:00 2024 +0200 Merge tag 'core-debugobjects-2024-09-16' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull debugobjects updates from Thomas Gleixner: - Use the threshold to check for the pool refill condition and not the run time recorded all time low fill value, which is lower than the threshold and therefore causes refills to be delayed. - KCSAN annotation updates and simplification of the fill_pool() code. * tag 'core-debugobjects-2024-09-16' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: debugobjects: Remove redundant checks in fill_pool() debugobjects: Fix conditions in fill_pool() debugobjects: Fix the compilation attributes of some global variables commit 231eb762bbe8fa232e672e5a399eed16a0c0c45a Author: Yuezhang Mo Date: Tue Sep 17 14:58:56 2024 +0900 exfat: do not fallback to buffered write After commit(11a347fb6cef exfat: change to get file size from DataLength), the remaining area or hole had been filled with zeros before calling exfat_direct_IO(), so there is no need to fallback to buffered write, and ->i_size_aligned is no longer needed, drop it. Signed-off-by: Yuezhang Mo Signed-off-by: Namjae Jeon commit fba27cf005038a5fedf001b49636594819dbb1d5 Author: Yuezhang Mo Date: Fri Jan 12 10:32:58 2024 +0800 exfat: drop ->i_size_ondisk ->i_size_ondisk is no longer used by exfat_write_begin() after commit(11a347fb6cef exfat: change to get file size from DataLength), drop it. Signed-off-by: Yuezhang Mo Signed-off-by: Namjae Jeon commit 9ea925c806dbb8fee6797f59148daaf7f648832e Merge: cb69d86550b3f4 35b603f8a78b0b Author: Linus Torvalds Date: Tue Sep 17 07:25:37 2024 +0200 Merge tag 'timers-core-2024-09-16' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull timer updates from Thomas Gleixner: "Core: - Overhaul of posix-timers in preparation of removing the workaround for periodic timers which have signal delivery ignored. - Remove the historical extra jiffie in msleep() msleep() adds an extra jiffie to the timeout value to ensure minimal sleep time. The timer wheel ensures minimal sleep time since the large rewrite to a non-cascading wheel, but the extra jiffie in msleep() remained unnoticed. Remove it. - Make the timer slack handling correct for realtime tasks. The procfs interface is inconsistent and does neither reflect reality nor conforms to the man page. Show the correct 0 slack for real time tasks and enforce it at the core level instead of having inconsistent individual checks in various timer setup functions. - The usual set of updates and enhancements all over the place. Drivers: - Allow the ACPI PM timer to be turned off during suspend - No new drivers - The usual updates and enhancements in various drivers" * tag 'timers-core-2024-09-16' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (43 commits) ntp: Make sure RTC is synchronized when time goes backwards treewide: Fix wrong singular form of jiffies in comments cpu: Use already existing usleep_range() timers: Rename next_expiry_recalc() to be unique platform/x86:intel/pmc: Fix comment for the pmc_core_acpi_pm_timer_suspend_resume function clocksource/drivers/jcore: Use request_percpu_irq() clocksource/drivers/cadence-ttc: Add missing clk_disable_unprepare in ttc_setup_clockevent clocksource/drivers/asm9260: Add missing clk_disable_unprepare in asm9260_timer_init clocksource/drivers/qcom: Add missing iounmap() on errors in msm_dt_timer_init() clocksource/drivers/ingenic: Use devm_clk_get_enabled() helpers platform/x86:intel/pmc: Enable the ACPI PM Timer to be turned off when suspended clocksource: acpi_pm: Add external callback for suspend/resume clocksource/drivers/arm_arch_timer: Using for_each_available_child_of_node_scoped() dt-bindings: timer: rockchip: Add rk3576 compatible timers: Annotate possible non critical data race of next_expiry timers: Remove historical extra jiffie for timeout in msleep() hrtimer: Use and report correct timerslack values for realtime tasks hrtimer: Annotate hrtimer_cpu_base_.*_expiry() for sparse. timers: Add sparse annotation for timer_sync_wait_running(). signal: Replace BUG_ON()s ... commit cb69d86550b3f47be50fa5751d31ebbdb71b18ee Merge: a64405b78be95d a6fe30d1e36579 Author: Linus Torvalds Date: Tue Sep 17 07:09:17 2024 +0200 Merge tag 'irq-core-2024-09-16' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull irq updates from Thomas Gleixner: "Core: - Remove a global lock in the affinity setting code The lock protects a cpumask for intermediate results and the lock causes a bottleneck on simultaneous start of multiple virtual machines. Replace the lock and the static cpumask with a per CPU cpumask which is nicely serialized by raw spinlock held when executing this code. - Provide support for giving a suffix to interrupt domain names. That's required to support devices with subfunctions so that the domain names are distinct even if they originate from the same device node. - The usual set of cleanups and enhancements all over the place Drivers: - Support for longarch AVEC interrupt chip - Refurbishment of the Armada driver so it can be extended for new variants. - The usual set of cleanups and enhancements all over the place" * tag 'irq-core-2024-09-16' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (73 commits) genirq: Use cpumask_intersects() genirq/cpuhotplug: Use cpumask_intersects() irqchip/apple-aic: Only access system registers on SoCs which provide them irqchip/apple-aic: Add a new "Global fast IPIs only" feature level irqchip/apple-aic: Skip unnecessary enabling of use_fast_ipi dt-bindings: apple,aic: Document A7-A11 compatibles irqdomain: Use IS_ERR_OR_NULL() in irq_domain_trim_hierarchy() genirq/msi: Use kmemdup_array() instead of kmemdup() genirq/proc: Change the return value for set affinity permission error genirq/proc: Use irq_move_pending() in show_irq_affinity() genirq/proc: Correctly set file permissions for affinity control files genirq: Get rid of global lock in irq_do_set_affinity() genirq: Fix typo in struct comment irqchip/loongarch-avec: Add AVEC irqchip support irqchip/loongson-pch-msi: Prepare get_pch_msi_handle() for AVECINTC irqchip/loongson-eiointc: Rename CPUHP_AP_IRQ_LOONGARCH_STARTING LoongArch: Architectural preparation for AVEC irqchip LoongArch: Move irqchip function prototypes to irq-loongson.h irqchip/loongson-pch-msi: Switch to MSI parent domains softirq: Remove unused 'action' parameter from action callback ... commit 4208c562a27899212e8046080555e0f204e0579a Author: Kanchan Joshi Date: Tue Sep 17 10:24:57 2024 +0530 block: remove bogus union The union around bi_integrity field is pointless. Remove it. Signed-off-by: Kanchan Joshi Link: https://lore.kernel.org/r/20240917045457.429698-1-joshi.k@samsung.com Signed-off-by: Jens Axboe commit a64405b78be95d786e15b2fd0a12999240b28ea5 Merge: 97e17c08a428b1 4ac1dd3245b906 Author: Linus Torvalds Date: Tue Sep 17 07:05:08 2024 +0200 Merge tag 'timers-clocksource-2024-09-16' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull clocksource watchdog updates from Thomas Gleixner: - Make the uncertainty margin handling more robust to prevent false positives - Clarify comments * tag 'timers-clocksource-2024-09-16' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin clocksource: Fix comments on WATCHDOG_THRESHOLD & WATCHDOG_MAX_SKEW clocksource: Improve comments for watchdog skew bounds commit 97e17c08a428b17531894b59990d6b9ff3e95eab Merge: a430d95c5efa2b 1d07085402d122 Author: Linus Torvalds Date: Tue Sep 17 06:56:31 2024 +0200 Merge tag 'smp-core-2024-09-16' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull CPU hotplug updates from Thomas Gleixner: - Prepare the core for supporting parallel hotplug on loongarch - A small set of cleanups and enhancements * tag 'smp-core-2024-09-16' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: smp: Mark smp_prepare_boot_cpu() __init cpu: Fix W=1 build kernel-doc warning cpu/hotplug: Provide weak fallback for arch_cpuhp_init_parallel_bringup() cpu/hotplug: Make HOTPLUG_PARALLEL independent of HOTPLUG_SMT commit ae2c6d8b3b88c176dff92028941a4023f1b4cb91 Merge: 26df39de93bb87 f1a4dceeb2bd4b Author: Dave Airlie Date: Tue Sep 17 14:53:29 2024 +1000 Merge tag 'drm-xe-next-fixes-2024-09-12' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-next Driver Changes: - Fix usefafter-free when provisioning VF (Matthew Auld) - Suppress rpm warning on false positive (Rodrigo) - Fix memleak on ioctl error path (Dafna) - Fix use-after-free while inserting ggtt (Michal Wajdeczko) - Add Wa_15016589081 workaround (Tejas) - Fix error path on suspend (Maarten) Signed-off-by: Dave Airlie From: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/az6xs2z6zj3brq2h5wgaaoxwnqktrwbvxoyckrz7gbywsso734@a6v7gytqbcd6 commit aa3d8a36780ab568d528348dd8115560f63ea16b Author: NeilBrown Date: Mon Aug 26 16:30:58 2024 +1000 block: change wait on bd_claiming to use a var_waitqueue bd_prepare_to_claim() waits for a var to change, not for a bit to be cleared. Change from bit_waitqueue() to __var_waitqueue() and correspondingly use wake_up_var(). This will allow a future patch which change the "bit" function to expect an "unsigned long *" instead of "void *". Signed-off-by: NeilBrown Link: https://lore.kernel.org/r/20240826063659.15327-2-neilb@suse.de Signed-off-by: Jens Axboe commit 53d69bdd5b19bb17602cb224e01aeed730ff3289 Author: Olivier Langlois Date: Mon Sep 16 15:17:56 2024 -0400 io_uring/sqpoll: do the napi busy poll outside the submission block there are many small reasons justifying this change. 1. busy poll must be performed even on rings that have no iopoll and no new sqe. It is quite possible that a ring configured for inbound traffic with multishot be several hours without receiving new request submissions 2. NAPI busy poll does not perform any credential validation 3. If the thread is awaken by task work, processing the task work is prioritary over NAPI busy loop. This is why a second loop has been created after the io_sq_tw() call instead of doing the busy loop in __io_sq_thread() outside its credential acquisition block. Signed-off-by: Olivier Langlois Link: https://lore.kernel.org/r/de7679adf1249446bd47426db01d82b9603b7224.1726161831.git.olivier@trillion01.com Signed-off-by: Jens Axboe commit 5ac1f99fdd09d80223e8f47dffaea41a6563aace Author: Enzo Matsumiya Date: Mon Sep 16 13:30:49 2024 -0300 smb: client: fix compression heuristic functions Change is_compressible() return type to bool, use WARN_ON_ONCE(1) for internal errors and return false for those. Renames: check_repeated_data -> has_repeated_data check_ascii_bytes -> is_mostly_ascii (also refactor into a single loop) calc_shannon_entropy -> has_low_entropy Also wraps "wreq->Length" in le32_to_cpu() in should_compress() (caught by sparse). Signed-off-by: Enzo Matsumiya Suggested-by: Dan Carpenter Signed-off-by: Steve French commit 37408843f2ae03b027777f2ffa460e2eb0f3b292 Author: Pali Rohár Date: Sun Sep 15 21:45:45 2024 +0200 cifs: Update SFU comments about fifos and sockets In SFU mode, activated by -o sfu mount option is now also support for creating new fifos and sockets. Signed-off-by: Pali Rohár Signed-off-by: Steve French commit 41d3f256c6a5e41eb32b87168399c0facd512dc0 Author: Pali Rohár Date: Sun Sep 15 21:45:42 2024 +0200 cifs: Add support for creating SFU symlinks Linux cifs client can already detect SFU symlinks and reads it content (target location). But currently is not able to create new symlink. So implement this missing support. When 'sfu' mount option is specified and 'mfsymlinks' is not specified then create new symlinks in SFU-style. This will provide full SFU compatibility of symlinks when mounting cifs share with 'sfu' option. 'mfsymlinks' option override SFU for better Apple compatibility as explained in fs_context.c file in smb3_update_mnt_flags() function. Extend __cifs_sfu_make_node() function, which now can handle also S_IFLNK type and refactor structures passed to sync_write() in this function, by splitting SFU type and SFU data from original combined struct win_dev as combined fixed-length struct cannot be used for variable-length symlinks. Signed-off-by: Pali Rohár Signed-off-by: Steve French commit 1ca980815e1f284dddcb5e678c91bbd3e3f3a6a6 Author: Tahera Fahimi Date: Fri Sep 6 15:30:08 2024 -0600 landlock: Document LANDLOCK_SCOPE_SIGNAL Extend documentation for Landlock ABI version 6 with signal scoping. Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/dae0dbe1a78be2ce5506b90fc4ffd12c82fa1061.1725657728.git.fahimitahera@gmail.com [mic: Improve documentation] Signed-off-by: Mickaël Salaün commit f490e205bcbada6eb6dca8b75a2511685e6bd0f0 Author: Tahera Fahimi Date: Fri Sep 6 15:30:07 2024 -0600 samples/landlock: Add support for signal scoping The sandboxer can receive the character "s" as input from the environment variable LL_SCOPE to restrict sandboxed processes from sending signals to processes outside of the sandbox. Example ======= Create a sandboxed shell and pass the character "s" to LL_SCOPED: LL_FS_RO=/ LL_FS_RW=. LL_SCOPED="s" ./sandboxer /bin/bash Try to send a SIGTRAP to a process with process ID through: kill -SIGTRAP The sandboxed process should not be able to send the signal. Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/1f3f1992b2abeb8e5d7aa61b854e1b0721978b9a.1725657728.git.fahimitahera@gmail.com [mic: Improve commit message, simplify code, rebase on previous sample change] Signed-off-by: Mickaël Salaün commit f34e9ce5f4794387121120b2d2ff5aa265ef6ce9 Author: Tahera Fahimi Date: Fri Sep 6 15:30:06 2024 -0600 selftests/landlock: Test signal created by out-of-bound message Add a test to verify that the SIGURG signal created by an out-of-bound message in UNIX sockets is well controlled by the file_send_sigiotask hook. Test coverage for security/landlock is 92.2% of 1046 lines according to gcc/gcov-14. Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/50daeed4d4f60d71e9564d0f24004a373fc5f7d5.1725657728.git.fahimitahera@gmail.com [mic: Improve commit message and add test coverage, improve test with four variants to fully cover the hook, use abstract unix socket to avoid managing a file, use dedicated variable per process, add comments, avoid negative ASSERT, move close calls] Co-developed-by: Mickaël Salaün Signed-off-by: Mickaël Salaün commit c8994965013ee62cfb0f3cec01aa447f9077a869 Author: Tahera Fahimi Date: Fri Sep 6 15:30:05 2024 -0600 selftests/landlock: Test signal scoping for threads Expand the signal scoping tests with pthread_kill(3). Test if a scoped thread can send signal to a process in the same scoped domain, or a non-sandboxed thread. Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/c15e9eafbb2da1210e46ba8db7b8907f5ea11009.1725657728.git.fahimitahera@gmail.com [mic: Improve commit message] Signed-off-by: Mickaël Salaün commit ea292363c322d82663e021c5dc532894c30d4e59 Author: Tahera Fahimi Date: Fri Sep 6 15:30:04 2024 -0600 selftests/landlock: Test signal scoping Provide tests for the signal scoping. If the signal is 0, no signal will be sent, but the permission of a process to send a signal will be checked. Likewise, this test consider one signal for each signal category: SIGTRAP, SIGURG, SIGHUP, and SIGTSTP. Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/15dc202bb7f0a462ddeaa0c1cd630d2a7c6fa5c5.1725657728.git.fahimitahera@gmail.com [mic: Fix commit message, use dedicated variables per process, properly close FDs, extend send_sig_to_parent to make sure scoping works as expected] Signed-off-by: Mickaël Salaün commit 54a6e6bbf3bef25c8eb65619edde70af49bd3db0 Author: Tahera Fahimi Date: Fri Sep 6 15:30:03 2024 -0600 landlock: Add signal scoping Currently, a sandbox process is not restricted to sending a signal (e.g. SIGKILL) to a process outside the sandbox environment. The ability to send a signal for a sandboxed process should be scoped the same way abstract UNIX sockets are scoped. Therefore, we extend the "scoped" field in a ruleset with LANDLOCK_SCOPE_SIGNAL to specify that a ruleset will deny sending any signal from within a sandbox process to its parent (i.e. any parent sandbox or non-sandboxed processes). This patch adds file_set_fowner and file_free_security hooks to set and release a pointer to the file owner's domain. This pointer, fown_domain in landlock_file_security will be used in file_send_sigiotask to check if the process can send a signal. The ruleset_with_unknown_scope test is updated to support LANDLOCK_SCOPE_SIGNAL. This depends on two new changes: - commit 1934b212615d ("file: reclaim 24 bytes from f_owner"): replace container_of(fown, struct file, f_owner) with fown->file . - commit 26f204380a3c ("fs: Fix file_set_fowner LSM hook inconsistencies"): lock before calling the hook. Signed-off-by: Tahera Fahimi Closes: https://github.com/landlock-lsm/linux/issues/8 Link: https://lore.kernel.org/r/df2b4f880a2ed3042992689a793ea0951f6798a5.1725657727.git.fahimitahera@gmail.com [mic: Update landlock_get_current_domain()'s return type, improve and fix locking in hook_file_set_fowner(), simplify and fix sleepable call and locking issue in hook_file_send_sigiotask() and rebase on the latest VFS tree, simplify hook_task_kill() and quickly return when not sandboxed, improve comments, rename LANDLOCK_SCOPED_SIGNAL] Co-developed-by: Mickaël Salaün Signed-off-by: Mickaël Salaün commit dba40c77003861b1b435de43101aaa05b769dda9 Author: Tahera Fahimi Date: Wed Sep 4 18:14:02 2024 -0600 landlock: Document LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET Introduce LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET as an IPC scoping mechanism available since Landlock ABI version 6. Update ruleset_attr, Landlock ABI version, and access rights code blocks based on that. Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/ac75151861724c19ed62b500cfe497612d9a6607.1725494372.git.fahimitahera@gmail.com [mic: Improve commit message and documentation, add a missing fallthrough, reformat to 80 columns, improve some wording] Signed-off-by: Mickaël Salaün commit 369b48b43a09f995876bb2e88d78845eb2a80212 Author: Tahera Fahimi Date: Wed Sep 4 18:14:01 2024 -0600 samples/landlock: Add support for abstract UNIX socket scoping The sandboxer can receive the character "a" as input from the environment variable LL_SCOPE to restrict sandboxed processes from connecting to an abstract UNIX socket created by a process outside of the sandbox. Example ======= Create an abstract UNIX socket to listen with socat(1): socat abstract-listen:mysocket - Create a sandboxed shell and pass the character "a" to LL_SCOPED: LL_FS_RO=/ LL_FS_RW=. LL_SCOPED="a" ./sandboxer /bin/bash Note that any other form of input (e.g. "a:a", "aa", etc) is not acceptable. If the sandboxed process tries to connect to the listening socket, the connection will fail: socat - abstract-connect:mysocket Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/d8af908f00b77415caa3eb0f4de631c3794e4909.1725494372.git.fahimitahera@gmail.com [mic: Improve commit message, simplify check_ruleset_scope() with inverted error code and only one scoped change, always unset environment variable] Signed-off-by: Mickaël Salaün commit 644a728506c794e9e4f5fb9845ed4f7014cf46d9 Author: Tahera Fahimi Date: Wed Sep 4 18:14:00 2024 -0600 selftests/landlock: Test inherited restriction of abstract UNIX socket A socket can be shared between multiple processes, so it can connect and send data to them. Provide a test scenario where a sandboxed process inherits a socket's file descriptor. The process cannot connect or send data to the inherited socket since the process is scoped. Test coverage for security/landlock is 92.0% of 1013 lines according to gcc/gcov-14. Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/1428574deec13603b6ab2f2ed68ecbfa3b63bcb3.1725494372.git.fahimitahera@gmail.com [mic: Remove negative ASSERT, fix potential race condition because of closed connections, remove useless buffer, add test coverage] Signed-off-by: Mickaël Salaün commit d1cc0ef80f2377a6970737ed88d95014ca461993 Author: Tahera Fahimi Date: Wed Sep 4 18:13:59 2024 -0600 selftests/landlock: Test connected and unconnected datagram UNIX socket Check the specific case where a scoped datagram socket is connected and send(2) works, whereas sendto(2) is denied if the datagram socket is not connected. Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/c28c9cd8feef67dd25e115c401a2389a75f9983b.1725494372.git.fahimitahera@gmail.com [mic: Use more EXPECT and avoid negative ASSERT, use variables dedicated per process, remove useless buffer] Signed-off-by: Mickaël Salaün commit 4f9a5b50d3b39027c5fdb44b33835209665fe069 Author: Tahera Fahimi Date: Wed Sep 4 18:13:58 2024 -0600 selftests/landlock: Test UNIX sockets with any address formats Expand abstract UNIX socket restriction tests by examining different scenarios for UNIX sockets with pathname or unnamed address formats connection with scoped domain. The various_address_sockets tests ensure that UNIX sockets bound to a filesystem pathname and unnamed sockets created by socketpair can still connect to a socket outside of their scoped domain, meaning that even if the domain is scoped with LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET, the socket can connect to a socket outside the scoped domain. Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/a9e8016aaa5846252623b158c8f1ce0d666944f4.1725494372.git.fahimitahera@gmail.com [mic: Remove useless clang-format tags, fix unlink/rmdir calls, drop capabilities, rename variables, remove useless mknod/unlink calls, clean up fixture, test write/read on sockets, test sendto() on datagram sockets, close sockets as soon as possible] Co-developed-by: Mickaël Salaün Signed-off-by: Mickaël Salaün commit fefcf0f7cf470845b3675286c298484a056a7b13 Author: Tahera Fahimi Date: Wed Sep 4 18:13:57 2024 -0600 selftests/landlock: Test abstract UNIX socket scoping Add three tests that examine different scenarios for abstract UNIX socket: 1) scoped_domains: Base tests of the abstract socket scoping mechanism for a landlocked process, same as the ptrace test. 2) scoped_vs_unscoped: Generates three processes with different domains and tests if a process with a non-scoped domain can connect to other processes. 3) outside_socket: Since the socket's creator credentials are used for scoping sockets, this test examines the cases where the socket's credentials are different from the process using it. Move protocol_variant, service_fixture, and sys_gettid() from net_test.c to common.h, and factor out code into a new set_unix_address() helper. Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/9321c3d3bcd9212ceb4b50693e29349f8d625e16.1725494372.git.fahimitahera@gmail.com [mic: Fix commit message, remove useless clang-format tags, move drop_caps() calls, move and rename variables, rename variants, use more EXPECT, improve comments, simplify the outside_socket test] Signed-off-by: Mickaël Salaün commit 5b6b63cd64bbaf9894e799b198cb4562733cab03 Author: Tahera Fahimi Date: Wed Sep 4 18:13:56 2024 -0600 selftests/landlock: Test handling of unknown scope Add a new ruleset_with_unknown_scope test designed to validate the behaviour of landlock_create_ruleset(2) when called with an unsupported or unknown scope mask. Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/74b363aaa7ddf80e1e5e132ce3d550a3a8bbf6da.1725494372.git.fahimitahera@gmail.com Signed-off-by: Mickaël Salaün commit 21d52e295ad2afc76bbd105da82a003b96f6ac77 Author: Tahera Fahimi Date: Wed Sep 4 18:13:55 2024 -0600 landlock: Add abstract UNIX socket scoping Introduce a new "scoped" member to landlock_ruleset_attr that can specify LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET to restrict connection to abstract UNIX sockets from a process outside of the socket's domain. Two hooks are implemented to enforce these restrictions: unix_stream_connect and unix_may_send. Closes: https://github.com/landlock-lsm/linux/issues/7 Signed-off-by: Tahera Fahimi Link: https://lore.kernel.org/r/5f7ad85243b78427242275b93481cfc7c127764b.1725494372.git.fahimitahera@gmail.com [mic: Fix commit message formatting, improve documentation, simplify hook_unix_may_send(), and cosmetic fixes including rename of LANDLOCK_SCOPED_ABSTRACT_UNIX_SOCKET] Co-developed-by: Mickaël Salaün Signed-off-by: Mickaël Salaün commit 5d698966fa7b452035c44c937d704910bf3440dd Author: Helge Deller Date: Sun Sep 8 20:51:17 2024 +0200 parisc: Allow mmap(MAP_STACK) memory to automatically expand upwards When userspace allocates memory with mmap() in order to be used for stack, allow this memory region to automatically expand upwards up until the current maximum process stack size. The fault handler checks if the VM_GROWSUP bit is set in the vm_flags field of a memory area before it allows it to expand. This patch modifies the parisc specific code only. A RFC for a generic patch to modify mmap() for all architectures was sent to the mailing list but did not get enough Acks. Reported-by: Camm Maguire Signed-off-by: Helge Deller Cc: stable@vger.kernel.org # v5.10+ commit 75f653f0c6318ae0acfd6277efba3f9bd7cf837c Author: Helge Deller Date: Tue Sep 10 18:42:05 2024 +0200 parisc: Use PRIV_USER instead of hardcoded value Signed-off-by: Helge Deller commit 9542130937e9dc707dd7c6b7af73326437da2d50 Author: Helge Deller Date: Tue Sep 10 18:32:24 2024 +0200 parisc: Fix itlb miss handler for 64-bit programs For an itlb miss when executing code above 4 Gb on ILP64 adjust the iasq/iaoq in the same way isr/ior was adjusted. This fixes signal delivery for the 64-bit static test program from http://ftp.parisc-linux.org/src/64bit.tar.gz. Note that signals are handled by the signal trampoline code in the 64-bit VDSO which is mapped into high userspace memory region above 4GB for 64-bit processes. Signed-off-by: Helge Deller Cc: stable@vger.kernel.org # v4.19+ commit 2f6a55e4235f596b7dd9e8a7cf3e07f39ac5e9c2 Author: Dan Carpenter Date: Mon Sep 16 17:07:10 2024 +0300 io_uring: clean up a type in io_uring_register_get_file() Originally "fd" was unsigned int but it was changed to int when we pulled this code into a separate function in commit 0b6d253e084a ("io_uring/register: provide helper to get io_ring_ctx from 'fd'"). This doesn't really cause a runtime problem because the call to array_index_nospec() will clamp negative fds to 0 and nothing else uses the negative values. Signed-off-by: Dan Carpenter Link: https://lore.kernel.org/r/6f6cb630-079f-4fdf-bf95-1082e0a3fc6e@stanley.mountain Signed-off-by: Jens Axboe commit 7acad3c442df6d5158c5b732a7a0ccf3a01d9b30 Author: Nathan Chancellor Date: Mon Sep 16 06:24:34 2024 -0700 RDMA/nldev: Add missing break in rdma_nl_notify_err_msg() Clang warns (or errors with CONFIG_WERROR=y): drivers/infiniband/core/nldev.c:2795:2: error: unannotated fall-through between switch labels [-Werror,-Wimplicit-fallthrough] 2795 | default: | ^ Clang is a little more pedantic than GCC, which does not warn when falling through to a case that is just break or return. Clang's version is more in line with the kernel's own stance in deprecated.rst, which states that all switch/case blocks must end in either break, fallthrough, continue, goto, or return. Add the missing break to silence the warning. Fixes: 9cbed5aab5ae ("RDMA/nldev: Add support for RDMA monitoring") Signed-off-by: Nathan Chancellor Link: https://patch.msgid.link/20240916-rdma-fix-clang-fallthrough-nl_notify_err_msg-v1-1-89de6a7423f1@kernel.org Signed-off-by: Leon Romanovsky commit 9f0eafe86ea0a589676209d0cff1a1ed49a037d3 Author: Vitaliy Shevtsov Date: Mon Sep 16 21:58:05 2024 +0500 RDMA/irdma: fix error message in irdma_modify_qp_roce() Use a correct field max_dest_rd_atomic instead of max_rd_atomic for the error output. Found by Linux Verification Center (linuxtesting.org) with Svace. Fixes: b48c24c2d710 ("RDMA/irdma: Implement device supported verb APIs") Signed-off-by: Vitaliy Shevtsov Link: https://lore.kernel.org/stable/20240916165817.14691-1-v.shevtsov%40maxima.ru Link: https://patch.msgid.link/20240916165817.14691-1-v.shevtsov@maxima.ru Signed-off-by: Leon Romanovsky commit a430d95c5efa2b545d26a094eb5f624e36732af0 Merge: ad060dbbcfcfcb 19c9d55d72a904 Author: Linus Torvalds Date: Mon Sep 16 18:19:47 2024 +0200 Merge tag 'lsm-pr-20240911' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm Pull lsm updates from Paul Moore: - Move the LSM framework to static calls This transitions the vast majority of the LSM callbacks into static calls. Those callbacks which haven't been converted were left as-is due to the general ugliness of the changes required to support the static call conversion; we can revisit those callbacks at a future date. - Add the Integrity Policy Enforcement (IPE) LSM This adds a new LSM, Integrity Policy Enforcement (IPE). There is plenty of documentation about IPE in this patches, so I'll refrain from going into too much detail here, but the basic motivation behind IPE is to provide a mechanism such that administrators can restrict execution to only those binaries which come from integrity protected storage, e.g. a dm-verity protected filesystem. You will notice that IPE requires additional LSM hooks in the initramfs, dm-verity, and fs-verity code, with the associated patches carrying ACK/review tags from the associated maintainers. We couldn't find an obvious maintainer for the initramfs code, but the IPE patchset has been widely posted over several years. Both Deven Bowers and Fan Wu have contributed to IPE's development over the past several years, with Fan Wu agreeing to serve as the IPE maintainer moving forward. Once IPE is accepted into your tree, I'll start working with Fan to ensure he has the necessary accounts, keys, etc. so that he can start submitting IPE pull requests to you directly during the next merge window. - Move the lifecycle management of the LSM blobs to the LSM framework Management of the LSM blobs (the LSM state buffers attached to various kernel structs, typically via a void pointer named "security" or similar) has been mixed, some blobs were allocated/managed by individual LSMs, others were managed by the LSM framework itself. Starting with this pull we move management of all the LSM blobs, minus the XFRM blob, into the framework itself, improving consistency across LSMs, and reducing the amount of duplicated code across LSMs. Due to some additional work required to migrate the XFRM blob, it has been left as a todo item for a later date; from a practical standpoint this omission should have little impact as only SELinux provides a XFRM LSM implementation. - Fix problems with the LSM's handling of F_SETOWN The LSM hook for the fcntl(F_SETOWN) operation had a couple of problems: it was racy with itself, and it was disconnected from the associated DAC related logic in such a way that the LSM state could be updated in cases where the DAC state would not. We fix both of these problems by moving the security_file_set_fowner() hook into the same section of code where the DAC attributes are updated. Not only does this resolve the DAC/LSM synchronization issue, but as that code block is protected by a lock, it also resolve the race condition. - Fix potential problems with the security_inode_free() LSM hook Due to use of RCU to protect inodes and the placement of the LSM hook associated with freeing the inode, there is a bit of a challenge when it comes to managing any LSM state associated with an inode. The VFS folks are not open to relocating the LSM hook so we have to get creative when it comes to releasing an inode's LSM state. Traditionally we have used a single LSM callback within the hook that is triggered when the inode is "marked for death", but not actually released due to RCU. Unfortunately, this causes problems for LSMs which want to take an action when the inode's associated LSM state is actually released; so we add an additional LSM callback, inode_free_security_rcu(), that is called when the inode's LSM state is released in the RCU free callback. - Refactor two LSM hooks to better fit the LSM return value patterns The vast majority of the LSM hooks follow the "return 0 on success, negative values on failure" pattern, however, there are a small handful that have unique return value behaviors which has caused confusion in the past and makes it difficult for the BPF verifier to properly vet BPF LSM programs. This includes patches to convert two of these"special" LSM hooks to the common 0/-ERRNO pattern. - Various cleanups and improvements A handful of patches to remove redundant code, better leverage the IS_ERR_OR_NULL() helper, add missing "static" markings, and do some minor style fixups. * tag 'lsm-pr-20240911' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm: (40 commits) security: Update file_set_fowner documentation fs: Fix file_set_fowner LSM hook inconsistencies lsm: Use IS_ERR_OR_NULL() helper function lsm: remove LSM_COUNT and LSM_CONFIG_COUNT ipe: Remove duplicated include in ipe.c lsm: replace indirect LSM hook calls with static calls lsm: count the LSMs enabled at compile time kernel: Add helper macros for loop unrolling init/main.c: Initialize early LSMs after arch code, static keys and calls. MAINTAINERS: add IPE entry with Fan Wu as maintainer documentation: add IPE documentation ipe: kunit test for parser scripts: add boot policy generation program ipe: enable support for fs-verity as a trust provider fsverity: expose verified fsverity built-in signatures to LSMs lsm: add security_inode_setintegrity() hook ipe: add support for dm-verity as a trust provider dm-verity: expose root hash digest and signature data to LSMs block,lsm: add LSM blob and new LSM hooks for block devices ipe: add permissive toggle ... commit a2f11547052001bd448ccec81dd1e68409078fbb Author: Matthew Maurer Date: Tue Aug 20 19:48:59 2024 +0000 kasan: rust: Add KASAN smoke test via UAF Adds a smoke test to ensure that KASAN in Rust is actually detecting a Rust-native UAF. There is significant room to expand this test suite, but this will at least ensure that flags are having the intended effect. The rename from kasan_test.c to kasan_test_c.c is in order to allow the single kasan_test.ko test suite to contain both a .o file produced by the C compiler and one produced by rustc. Signed-off-by: Matthew Maurer Reviewed-by: Andrey Konovalov Link: https://lore.kernel.org/r/20240820194910.187826-5-mmaurer@google.com [ Applied empty line nit, removed double empty line, applied `rustfmt` and formatted crate comment. - Miguel ] Signed-off-by: Miguel Ojeda commit e3117404b41124c88a4d834fc3222669a880addc Author: Matthew Maurer Date: Tue Aug 20 19:48:58 2024 +0000 kbuild: rust: Enable KASAN support Rust supports KASAN via LLVM, but prior to this patch, the flags aren't set properly. Suggested-by: Miguel Ojeda Signed-off-by: Matthew Maurer Reviewed-by: Andrey Konovalov Link: https://lore.kernel.org/r/20240820194910.187826-4-mmaurer@google.com [ Applied "SW_TAGS KASAN" nit. - Miguel ] Signed-off-by: Miguel Ojeda commit f64e2f3a66e30319023b7924d438d159ac742d63 Author: Matthew Maurer Date: Tue Aug 20 19:48:57 2024 +0000 rust: kasan: Rust does not support KHWASAN Rust does not yet have support for software tags. Prevent RUST from being selected if KASAN_SW_TAGS is enabled. Signed-off-by: Matthew Maurer Reviewed-by: Andrey Konovalov Link: https://lore.kernel.org/r/20240820194910.187826-3-mmaurer@google.com Signed-off-by: Miguel Ojeda commit c42297438aee70e2d391225de3d35ffeb2bdbaf9 Author: Matthew Maurer Date: Tue Aug 20 19:48:56 2024 +0000 kbuild: rust: Define probing macros for rustc Creates flag probe macro variants for `rustc`. These are helpful because: 1. The kernel now supports a minimum `rustc` version rather than a single version. 2. `rustc` links against a range of LLVM revisions, occasionally even ones without an official release number. Since the availability of some Rust flags depends on which LLVM it has been linked against, probing is necessary. Signed-off-by: Matthew Maurer Link: https://github.com/Rust-for-Linux/linux/pull/1087 Link: https://lore.kernel.org/r/20240820194910.187826-2-mmaurer@google.com Signed-off-by: Miguel Ojeda commit cc1d98f9fe30467a2224184336b3166ef4adbc25 Author: Andrey Konovalov Date: Wed Aug 14 18:10:52 2024 +0200 kasan: simplify and clarify Makefile When KASAN support was being added to the Linux kernel, GCC did not yet support all of the KASAN-related compiler options. Thus, the KASAN Makefile had to probe the compiler for supported options. Nowadays, the Linux kernel GCC version requirement is 5.1+, and thus we don't need the probing of the -fasan-shadow-offset parameter: it exists in all 5.1+ GCCs. Simplify the KASAN Makefile to drop CFLAGS_KASAN_MINIMAL. Also add a few more comments and unify the indentation. Signed-off-by: Andrey Konovalov Acked-by: Marco Elver Link: https://lore.kernel.org/r/20240814161052.10374-1-andrey.konovalov@linux.dev Signed-off-by: Miguel Ojeda commit ca627e636551e74b528f150d744f67d9a63f0ae7 Author: Matthew Maurer Date: Thu Sep 12 21:00:44 2024 +0200 rust: cfi: add support for CFI_CLANG with Rust Make it possible to use the Control Flow Integrity (CFI) sanitizer when Rust is enabled. Enabling CFI with Rust requires that CFI is configured to normalize integer types so that all integer types of the same size and signedness are compatible under CFI. Rust and C use the same LLVM backend for code generation, so Rust KCFI is compatible with the KCFI used in the kernel for C. In the case of FineIBT, CFI also depends on -Zpatchable-function-entry for rewriting the function prologue, so we set that flag for Rust as well. The flag for FineIBT requires rustc 1.80.0 or later, so include a Kconfig requirement for that. Enabling Rust will select CFI_ICALL_NORMALIZE_INTEGERS because the flag is required to use Rust with CFI. Using select rather than `depends on` avoids the case where Rust is not visible in menuconfig due to CFI_ICALL_NORMALIZE_INTEGERS not being enabled. One disadvantage of select is that RUST must `depends on` all of the things that CFI_ICALL_NORMALIZE_INTEGERS depends on to avoid invalid configurations. Alice has been using KCFI on her phone for several months, so it is reasonably well tested on arm64. Signed-off-by: Matthew Maurer Co-developed-by: Alice Ryhl Signed-off-by: Alice Ryhl Reviewed-by: Sami Tolvanen Tested-by: Gatlin Newhouse Acked-by: Kees Cook Acked-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240801-kcfi-v2-2-c93caed3d121@google.com [ Replaced `!FINEIBT` requirement with `!CALL_PADDING` to prevent a build error on older Rust compilers. Fixed typo. - Miguel ] Signed-off-by: Miguel Ojeda commit 26df39de93bb8763bb3088db6c76eb98d4cd7213 Merge: bf05aeac230e39 0c8c5bdd7eaf29 Author: Dave Airlie Date: Tue Sep 17 01:05:31 2024 +1000 Merge tag 'amd-drm-next-6.12-2024-09-13' of https://gitlab.freedesktop.org/agd5f/linux into drm-next amd-drm-next-6.12-2024-09-13: amdgpu: - GPUVM sync fixes - kdoc fixes - Misc spelling mistakes - Add some raven GFXOFF quirks - Use clamp helper - DC fixes - JPEG fixes - Process isolation fix - Queue reset fix - W=1 cleanup - SMU14 fixes - JPEG fixes amdkfd: - Fetch cacheline info from IP discovery - Queue reset fix - RAS fix - Document SVM events - CRIU fixes - Race fix in dma-buf handling drm: - dma-buf fd race fixes Signed-off-by: Dave Airlie From: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20240913134139.2861073-1-alexander.deucher@amd.com commit ad060dbbcfcfcba624ef1a75e1d71365a98b86d8 Merge: dc644fba3cf837 d19a9e25a722d6 Author: Linus Torvalds Date: Mon Sep 16 16:55:42 2024 +0200 Merge tag 'selinux-pr-20240911' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux Pull selinux updates from Paul Moore: - Ensure that both IPv4 and IPv6 connections are properly initialized While we always properly initialized IPv4 connections early in their life, we missed the necessary IPv6 change when we were adding IPv6 support. - Annotate the SELinux inode revalidation function to quiet KCSAN KCSAN correctly identifies a race in __inode_security_revalidate() when we check to see if an inode's SELinux has been properly initialized. While KCSAN is correct, it is an intentional choice made for performance reasons; if necessary, we check the state a second time, this time with a lock held, before initializing the inode's state. - Code cleanups, simplification, etc. A handful of individual patches to simplify some SELinux kernel logic, improve return code granularity via ERR_PTR(), follow the guidance on using KMEM_CACHE(), and correct some minor style problems. * tag 'selinux-pr-20240911' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: fix style problems in security/selinux/include/audit.h selinux: simplify avc_xperms_audit_required() selinux: mark both IPv4 and IPv6 accepted connection sockets as labeled selinux: replace kmem_cache_create() with KMEM_CACHE() selinux: annotate false positive data race to avoid KCSAN warnings selinux: refactor code to return ERR_PTR in selinux_netlbl_sock_genattr selinux: Streamline type determination in security_compute_sid commit dc644fba3cf837f22d14991cab3c4c65af37ae21 Merge: 43a64bd02f9369 8c1867a2f0fd42 Author: Linus Torvalds Date: Mon Sep 16 16:52:37 2024 +0200 Merge tag 'audit-pr-20240911' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit Pull audit updates from Paul Moore: - Fix some remaining problems with PID/TGID reporting When most users think about PIDs, what they are really thinking about is the TGID. This commit shifts the audit PID logging and filtering to use the TGID value which should provide a more meaningful audit stream and filtering experience for users. - Migrate to the str_enabled_disabled() helper Evidently we have helper functions that help ensure if we mistype "enabled" or "disabled" it is now caught at compile time. I guess we're fancy now. * tag 'audit-pr-20240911' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit: audit: Make use of str_enabled_disabled() helper audit: use task_tgid_nr() instead of task_pid_nr() commit 43a64bd02f9369be02c4c9312fc0965f78f65ad5 Author: David Howells Date: Mon Sep 16 15:02:06 2024 +0100 cifs: Remove redundant setting of NETFS_SREQ_HIT_EOF Fix an upstream merge resolution issue[1]. The NETFS_SREQ_HIT_EOF flag, and code to set it, got added via two different paths. The original path saw it added in the netfslib read improvements[2], but it was also added, and slightly differently, in a fix that was committed before v6.11: 1da29f2c39b67b846b74205c81bf0ccd96d34727 netfs, cifs: Fix handling of short DIO read However, the code added to smb2_readv_callback() to set the flag in didn't get removed when the netfs read improvements series was rebased to take account of the cifs fixes. The proposed merge resolution[2] deleted it rather than rebase the patches. Fix this by removing the redundant lines. Code to set the bit that derives from the fix patch is still there, a few lines above in the source. Fixes: 35219bc5c71f ("Merge tag 'vfs-6.12.netfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs") Signed-off-by: David Howells cc: Steve French cc: Paulo Alcantara cc: Christian Brauner cc: Jeff Layton cc: linux-cifs@vger.kernel.org cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/CAHk-=wjr8fxk20-wx=63mZruW1LTvBvAKya1GQ1EhyzXb-okMA@mail.gmail.com/ [1] Link: https://lore.kernel.org/linux-fsdevel/20240913-vfs-netfs-39ef6f974061@brauner/ [2] Signed-off-by: Linus Torvalds commit dc1a456dc1870942d19e8cea257554d9d8d1597a Author: David Howells Date: Mon Sep 16 14:50:16 2024 +0100 cifs: Fix cifs readv callback merge resolution issue Fix an upstream merge resolution issue[1]. Prior to the netfs read healpers, the SMB1 asynchronous read callback, cifs_readv_worker() performed the cleanup for the operation in the network message processing loop, potentially slowing down the processing of incoming SMB messages. With commit a68c74865f51 ("cifs: Fix SMB1 readv/writev callback in the same way as SMB2/3"), this was moved to a worker thread (as is done in the SMB2/3 transport variant). However, the "was_async" argument to netfs_subreq_terminated (which was originally incorrectly "false" got flipped to "true" - which was then incorrect because, being in a kernel thread, it's not in an async context). This got corrected in the sample merge[2], but Linus, not unreasonably, switched it back to its previous value. Note that this value tells netfslib whether or not it can run sleepable stuff or stuff that takes a long time, such as retries and cleanups, in the calling thread, or whether it should offload to a worker thread. Fix this so that it is "false". The callback to netfslib in both SMB1 and SMB2/3 now gets offloaded from the network message thread to a separate worker thread and thus it's fine to do the slow work in this thread. Fixes: 35219bc5c71f ("Merge tag 'vfs-6.12.netfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs") Signed-off-by: David Howells cc: Steve French cc: Paulo Alcantara cc: Christian Brauner cc: Jeff Layton cc: linux-cifs@vger.kernel.org cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/CAHk-=wjr8fxk20-wx=63mZruW1LTvBvAKya1GQ1EhyzXb-okMA@mail.gmail.com/ [1] Link: https://lore.kernel.org/linux-fsdevel/20240913-vfs-netfs-39ef6f974061@brauner/ [2] Signed-off-by: Linus Torvalds commit 7f44beadcc11adb98220556d2ddbe9c97aa6d42d Author: Felix Moessbauer Date: Mon Sep 16 13:11:50 2024 +0200 io_uring/sqpoll: do not put cpumask on stack Putting the cpumask on the stack is deprecated for a long time (since 2d3854a37e8), as these can be big. Given that, change the on-stack allocation of allowed_mask to be dynamically allocated. Fixes: f011c9cf04c0 ("io_uring/sqpoll: do not allow pinning outside of cpuset") Signed-off-by: Felix Moessbauer Link: https://lore.kernel.org/r/20240916111150.1266191-1-felix.moessbauer@siemens.com Signed-off-by: Jens Axboe commit d242feaf81d63b25d8c1fb1a68738dc33966a376 Author: Andrew Kreimer Date: Thu Sep 12 15:49:34 2024 +0300 pwm: stm32: Fix a typo Fix a typo in comments. Reported-by: Matthew Wilcox Signed-off-by: Andrew Kreimer Link: https://lore.kernel.org/r/20240912124944.43284-1-algonell@gmail.com Signed-off-by: Uwe Kleine-König commit a4cf667d7791cd1fbb501f89a957d18797e6f111 Author: George Stark Date: Thu Jul 11 02:41:15 2024 +0300 dt-bindings: pwm: amlogic: Add new bindings for meson A1 PWM The chip has 3 dual-channel PWM modules PWM_AB, PWM_CD, PWM_EF. Signed-off-by: George Stark Signed-off-by: Dmitry Rokosov Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240710234116.2370655-3-gnstark@salutedevices.com Signed-off-by: Uwe Kleine-König commit 6e50721426e48f63be53b4732bd08029633933d1 Author: George Stark Date: Thu Jul 11 02:41:14 2024 +0300 dt-bindings: pwm: amlogic: Add optional power-domains On newer SoCs, the PWM hardware can require a power domain to operate so add corresponding optional property. Signed-off-by: George Stark Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240710234116.2370655-2-gnstark@salutedevices.com Signed-off-by: Uwe Kleine-König commit 8db7fdffaaf6cc9f21be5f601c7ef12b173074a5 Author: Uwe Kleine-König Date: Mon Sep 9 09:31:24 2024 +0200 pwm: Switch back to struct platform_driver::remove() After commit 0edb555a65d1 ("platform: Make platform_driver::remove() return void") .remove() is (again) the right callback to implement for platform drivers. Convert all pwm drivers to use .remove(), with the eventual goal to drop struct platform_driver::remove_new(). As .remove() and .remove_new() have the same prototypes, conversion is done by just changing the structure member name in the driver initializer. Signed-off-by: Uwe Kleine-König Link: https://lore.kernel.org/r/20240909073125.382040-2-u.kleine-koenig@baylibre.com Signed-off-by: Uwe Kleine-König commit edeedfaa0c3ab7a7468ba876b664ffb2f0f5e0d5 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:28:28 2024 +0200 dt-bindings: pwm: allwinner,sun4i-a10-pwm: add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clock-names. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240818172828.121728-1-krzysztof.kozlowski@linaro.org Signed-off-by: Uwe Kleine-König commit 34d973c9c1850971c0ee27150ee33bd85cd7e2b7 Author: David Lechner Date: Fri Aug 16 12:30:58 2024 -0500 pwm: axi-pwmgen: use shared macro for version reg The linux/fpga/adi-axi-common.h header already defines a macro for the version register offset. Use this macro in the axi-pwmgen driver instead of defining it again. Signed-off-by: David Lechner Link: https://lore.kernel.org/r/20240816-pwm-axi-pwmgen-use-shared-macro-v1-1-994153ebc3a7@baylibre.com Signed-off-by: Uwe Kleine-König commit 60cd67a40b74f99afeca91e73bee415341a43993 Author: Liao Chen Date: Sat Aug 31 07:50:59 2024 +0000 pwm: atmel-hlcdc: Drop trailing comma Drop the trailing comma in the terminator entry for the ID table to make code robust against misrebases. Signed-off-by: Liao Chen Link: https://lore.kernel.org/r/20240831075059.790861-3-liaochen4@huawei.com Signed-off-by: Uwe Kleine-König commit 433f1f79050d4d0a19fee6c0ddf1b7988bc04dd6 Author: Liao Chen Date: Sat Aug 31 07:50:58 2024 +0000 pwm: atmel-hlcdc: Enable module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Link: https://lore.kernel.org/r/20240831075059.790861-2-liaochen4@huawei.com Signed-off-by: Uwe Kleine-König commit 89deb4c8d09eb6d3548e18db76f03a782c3467ce Author: Rob Herring (Arm) Date: Wed Jul 31 13:13:03 2024 -0600 pwm: omap-dmtimer: Use of_property_read_bool() Use of_property_read_bool() to read boolean properties rather than of_get_property(). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731191312.1710417-25-robh@kernel.org Signed-off-by: Uwe Kleine-König commit 59921a7397074e90030659bbb74aad372effdeee Author: Liu Ying Date: Mon Aug 26 16:33:37 2024 +0800 pwm: adp5585: Set OSC_EN bit to 1 when PWM state is enabled It turns out that OSC_EN bit in GERNERAL_CFG register has to be set to 1 when PWM state is enabled, otherwise PWM signal won't be generated. Fixes: e9b503879fd2 ("pwm: adp5585: Add Analog Devices ADP5585 support") Signed-off-by: Liu Ying Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/r/20240826083337.1835405-1-victor.liu@nxp.com Signed-off-by: Uwe Kleine-König commit 4c82005f17ec40863ee9bd5c82efcee1edd5282c Merge: a550d6ae4d73dc e9b503879fd2b6 Author: Uwe Kleine-König Date: Mon Sep 16 15:24:38 2024 +0200 Merge tag 'ib-mfd-gpio-pwm-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/lee/mfd Immutable branch between MFD, GPIO and PWM due for the v6.12 merge window commit a550d6ae4d73dc4b9f1a2b3ad3d8d9e355b396be Author: Jiapeng Chong Date: Fri Aug 9 16:05:23 2024 +0800 pwm: lp3943: Fix an incorrect type in lp3943_pwm_parse_dt() The return value from the call to of_property_count_u32_elems() is int. However, the return value is being assigned to an u32 variable 'num_outputs', so making 'num_outputs' an int. ./drivers/pwm/pwm-lp3943.c:238:6-17: WARNING: Unsigned expression compared with zero: num_outputs <= 0. Reported-by: Abaci Robot Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=9710 Signed-off-by: Jiapeng Chong Fixes: 75f0cb339b78 ("pwm: lp3943: Use of_property_count_u32_elems() to get property length") Link: https://lore.kernel.org/r/20240809080523.32717-1-jiapeng.chong@linux.alibaba.com Signed-off-by: Uwe Kleine-König commit df40a23cc34c200cfde559eda7ca540f3ae7bd9e Author: Hans de Goede Date: Mon Sep 16 11:02:55 2024 +0200 platform/x86: x86-android-tablets: Adjust Xiaomi Pad 2 bottom bezel touch buttons LED The "input-events" LED trigger used to turn on the backlight LEDs had to be rewritten to use led_trigger_register_simple() + led_trigger_event() to fix a serious locking issue. This means it no longer supports using blink_brightness to set a per LED brightness for the trigger and it no longer sets LED_CORE_SUSPENDRESUME. Adjust the MiPad 2 bottom bezel touch buttons LED class device to match: 1. Make LED_FULL the maximum brightness to fix the LED brightness being very low when on. 2. Set flags = LED_CORE_SUSPENDRESUME. Signed-off-by: Hans de Goede Link: https://lore.kernel.org/r/20240916090255.35548-1-hdegoede@redhat.com commit e03ad65cea610b24c6991aebf432d5c6824cd002 Merge: 5be63fc19fcaa4 e2c85d85a05f16 Author: Wolfram Sang Date: Mon Sep 16 14:06:04 2024 +0200 Merge tag 'i2c-host-fixes-6.11-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/andi.shyti/linux into i2c/for-current The Aspeed driver tracks the controller's state (stop, pending, start, etc.). Previously, when the stop command was sent, the state was not updated. The fix in this pull request ensures the driver's state is aligned with the device status. The Intel SCH driver receives a new look, and among the cleanups, there is a fix where, due to an oversight, an if/else statement was missing the else, causing it to move forward instead of exiting the function in case of an error. The Qualcomm GENI I2C driver adds the IRQF_NO_AUTOEN flag to the IRQ setup to prevent unwanted interrupts during probe. The Xilinx XPS controller fixes TX FIFO handling to avoid missed NAKs. Another fix ensures the controller is reinitialized when the bus appears busy. commit adfc3ded5c33d67e822525f95404ef0becb099b8 Merge: 26bb0d3f38a764 50c52250e2d74b Author: Linus Torvalds Date: Mon Sep 16 13:50:14 2024 +0200 Merge tag 'for-6.12/io_uring-discard-20240913' of git://git.kernel.dk/linux Pull io_uring async discard support from Jens Axboe: "Sitting on top of both the 6.12 block and io_uring core branches, here's support for async discard through io_uring. This allows applications to issue async discards, rather than rely on the blocking sync ioctl discards we already have. The sync support is difficult to use outside of idle/cleanup periods. On a real (but slow) device, testing shows the following results when compared to sync discard: qd64 sync discard: 21K IOPS, lat avg 3 msec (max 21 msec) qd64 async discard: 76K IOPS, lat avg 845 usec (max 2.2 msec) qd64 sync discard: 14K IOPS, lat avg 5 msec (max 25 msec) qd64 async discard: 56K IOPS, lat avg 1153 usec (max 3.6 msec) and synthetic null_blk testing with the same queue depth and block size settings as above shows: Type Trim size IOPS Lat avg (usec) Lat Max (usec) ============================================================== sync 4k 144K 444 20314 async 4k 1353K 47 595 sync 1M 56K 1136 21031 async 1M 94K 680 760" * tag 'for-6.12/io_uring-discard-20240913' of git://git.kernel.dk/linux: block: implement async io_uring discard cmd block: introduce blk_validate_byte_range() filemap: introduce filemap_invalidate_pages io_uring/cmd: give inline space in request to cmds io_uring/cmd: expose iowq to cmds commit 26bb0d3f38a764b743a3ad5c8b6e5b5044d7ceb4 Merge: 3a4d319a8fb5a9 d4d7c03f7ee1d7 Author: Linus Torvalds Date: Mon Sep 16 13:33:06 2024 +0200 Merge tag 'for-6.12/block-20240913' of git://git.kernel.dk/linux Pull block updates from Jens Axboe: - MD changes via Song: - md-bitmap refactoring (Yu Kuai) - raid5 performance optimization (Artur Paszkiewicz) - Other small fixes (Yu Kuai, Chen Ni) - Add a sysfs entry 'new_level' (Xiao Ni) - Improve information reported in /proc/mdstat (Mateusz Kusiak) - NVMe changes via Keith: - Asynchronous namespace scanning (Stuart) - TCP TLS updates (Hannes) - RDMA queue controller validation (Niklas) - Align field names to the spec (Anuj) - Metadata support validation (Puranjay) - A syntax cleanup (Shen) - Fix a Kconfig linking error (Arnd) - New queue-depth quirk (Keith) - Add missing unplug trace event (Keith) - blk-iocost fixes (Colin, Konstantin) - t10-pi modular removal and fixes (Alexey) - Fix for potential BLKSECDISCARD overflow (Alexey) - bio splitting cleanups and fixes (Christoph) - Deal with folios rather than rather than pages, speeding up how the block layer handles bigger IOs (Kundan) - Use spinlocks rather than bit spinlocks in zram (Sebastian, Mike) - Reduce zoned device overhead in ublk (Ming) - Add and use sendpages_ok() for drbd and nvme-tcp (Ofir) - Fix regression in partition error pointer checking (Riyan) - Add support for write zeroes and rotational status in nbd (Wouter) - Add Yu Kuai as new BFQ maintainer. The scheduler has been unmaintained for quite a while. - Various sets of fixes for BFQ (Yu Kuai) - Misc fixes and cleanups (Alvaro, Christophe, Li, Md Haris, Mikhail, Yang) * tag 'for-6.12/block-20240913' of git://git.kernel.dk/linux: (120 commits) nvme-pci: qdepth 1 quirk block: fix potential invalid pointer dereference in blk_add_partition blk_iocost: make read-only static array vrate_adj_pct const block: unpin user pages belonging to a folio at once mm: release number of pages of a folio block: introduce folio awareness and add a bigger size from folio block: Added folio-ized version of bio_add_hw_page() block, bfq: factor out a helper to split bfqq in bfq_init_rq() block, bfq: remove local variable 'bfqq_already_existing' in bfq_init_rq() block, bfq: remove local variable 'split' in bfq_init_rq() block, bfq: remove bfq_log_bfqg() block, bfq: merge bfq_release_process_ref() into bfq_put_cooperator() block, bfq: fix procress reference leakage for bfqq in merge chain block, bfq: fix uaf for accessing waker_bfqq after splitting blk-throttle: support prioritized processing of metadata blk-throttle: remove last_low_overflow_time drbd: Add NULL check for net_conf to prevent dereference in state validation nvme-tcp: fix link failure for TCP auth blk-mq: add missing unplug trace event mtip32xx: Remove redundant null pointer checks in mtip_hw_debugfs_init() ... commit 3a4d319a8fb5a9bbdf5b31ef32841eb286b1dcc2 Merge: 69a3a0a45a2f72 7cc2a6eadcd7a5 Author: Linus Torvalds Date: Mon Sep 16 13:29:00 2024 +0200 Merge tag 'for-6.12/io_uring-20240913' of git://git.kernel.dk/linux Pull io_uring updates from Jens Axboe: - NAPI fixes and cleanups (Pavel, Olivier) - Add support for absolute timeouts (Pavel) - Fixes for io-wq/sqpoll affinities (Felix) - Efficiency improvements for dealing with huge pages (Chenliang) - Support for a minwait mode, where the application essentially has two timouts - one smaller one that defines the batch timeout, and the overall large one similar to what we had before. This enables efficient use of batching based on count + timeout, while still working well with periods of less intensive workloads - Use ITER_UBUF for single segment sends - Add support for incremental buffer consumption. Right now each operation will always consume a full buffer. With incremental consumption, a recv/read operation only consumes the part of the buffer that it needs to satisfy the operation - Add support for GCOV for io_uring, to help retain a high coverage of test to code ratio - Fix regression with ocfs2, where an odd -EOPNOTSUPP wasn't correctly converted to a blocking retry - Add support for cloning registered buffers from one ring to another - Misc cleanups (Anuj, me) * tag 'for-6.12/io_uring-20240913' of git://git.kernel.dk/linux: (35 commits) io_uring: add IORING_REGISTER_COPY_BUFFERS method io_uring/register: provide helper to get io_ring_ctx from 'fd' io_uring/rsrc: add reference count to struct io_mapped_ubuf io_uring/rsrc: clear 'slot' entry upfront io_uring/io-wq: inherit cpuset of cgroup in io worker io_uring/io-wq: do not allow pinning outside of cpuset io_uring/rw: drop -EOPNOTSUPP check in __io_complete_rw_common() io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN io_uring/sqpoll: do not allow pinning outside of cpuset io_uring/eventfd: move refs to refcount_t io_uring: remove unused rsrc_put_fn io_uring: add new line after variable declaration io_uring: add GCOV_PROFILE_URING Kconfig option io_uring/kbuf: add support for incremental buffer consumption io_uring/kbuf: pass in 'len' argument for buffer commit Revert "io_uring: Require zeroed sqe->len on provided-buffers send" io_uring/kbuf: move io_ring_head_to_buf() to kbuf.h io_uring/kbuf: add io_kbuf_commit() helper io_uring/kbuf: shrink nr_iovs/mode in struct buf_sel_arg io_uring: wire up min batch wake timeout ... commit 210860e7f7337e47e77577fa5bb168767e2d8a1e Author: Jason A. Donenfeld Date: Sun Sep 15 01:07:27 2024 +0200 selftests: vDSO: check cpu caps before running chacha test Some archs -- arm64 and s390x -- implemented chacha using instructions that are available most places, but aren't always available. The kernel handles this just fine, but the selftest does not. Check the hwcaps before running, and skip the test if the cpu doesn't support it. As well, on s390x, always emit the fallback instructions of an alternative block, to ensure maximum compatibility. Co-developed-by: Heiko Carstens Signed-off-by: Heiko Carstens Signed-off-by: Jason A. Donenfeld commit d7333f9d33772ba93f0144b1e3969866f80fdb9a Author: Alexander Sverdlin Date: Thu Sep 12 16:21:06 2024 +0200 dmaengine: cirrus: use snprintf() to calm down gcc 13.3.0 Even though it's a false positive (highest channel number is "9"), refer to "struct ep93xx_edma_data edma_m2p", we can avoid new warning by using snprintf(). drivers/dma/ep93xx_dma.c: In function 'ep93xx_dma_of_probe': >> drivers/dma/ep93xx_dma.c:1365:51: warning: '%u' directive writing between 1 and 8 bytes into a region of size 2 [-Wformat-overflow=] 1365 | sprintf(dma_clk_name, "m2p%u", i); | ^~ drivers/dma/ep93xx_dma.c:1365:47: note: directive argument in the range [0, 16777216] 1365 | sprintf(dma_clk_name, "m2p%u", i); | ^~~~~~~ drivers/dma/ep93xx_dma.c:1365:25: note: 'sprintf' output between 5 and 12 bytes into a destination of size 5 1365 | sprintf(dma_clk_name, "m2p%u", i); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Fixes: 4e8ad5ed845b ("dmaengine: cirrus: Convert to DT for Cirrus EP93xx") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409122133.NctarRoK-lkp@intel.com/ Signed-off-by: Alexander Sverdlin Signed-off-by: Arnd Bergmann commit f3eeba0645dcb48c90f64ae6193148bf881429a8 Author: Dan Carpenter Date: Fri Sep 13 17:35:11 2024 +0300 dmaengine: ep93xx: Fix a NULL vs IS_ERR() check in probe() This was intended to be an IS_ERR() check, not a NULL check. The ep93xx_dma_of_probe() function doesn't return NULL pointers. Fixes: 4e8ad5ed845b ("dmaengine: cirrus: Convert to DT for Cirrus EP93xx") Signed-off-by: Dan Carpenter Reviewed-by: Alexander Sverdlin Signed-off-by: Arnd Bergmann commit 69a3a0a45a2f72412c2ba31761cc9193bb746fef Merge: 7a40974fd0efa3 025497e1d176a9 Author: Linus Torvalds Date: Mon Sep 16 13:17:11 2024 +0200 Merge tag 'erofs-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs Pull erofs updates from Gao Xiang: "In this cycle, we add file-backed mount support, which has has been a strong requirement for years. It is especially useful when there are thousands of images running on the same host for containers and other sandbox use cases, unlike OS image use cases. Without file-backed mounts, it's hard for container runtimes to manage and isolate so many unnecessary virtual block devices safely and efficiently, therefore file-backed mounts are highly preferred. For EROFS users, ComposeFS [1], containerd, and Android APEXes [2] will directly benefit from it, and I've seen no risk in implementing it as a completely immutable filesystem. The previous experimental feature "EROFS over fscache" is now marked as deprecated because: - Fscache is no longer an independent subsystem and has been merged into netfs, which was somewhat unexpected when it was proposed. - New HSM "fanotify pre-content hooks" [3] will be landed upstream. These hooks will replace "EROFS over fscache" in a simpler way, as EROFS won't be bother with kernel caching anymore. Userspace programs can also manage their own caching hierarchy more flexibly. Once the HSM "fanotify pre-content hooks" is landed, I will remove the fscache backend entirely as an internal dependency cleanup. More backgrounds are listed in the original patchset [4]. In addition to that, there are bugfixes and cleanups as usual. Summary: - Support file-backed mounts for containers and sandboxes - Mark the experimental fscache backend as deprecated - Handle overlapped pclusters caused by crafted images properly - Fix a failure path which could cause infinite loops in z_erofs_init_decompressor() - Get rid of unnecessary NOFAILs - Harmless on-disk hardening & minor cleanups" * tag 'erofs-for-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs: erofs: reject inodes with negative i_size erofs: restrict pcluster size limitations erofs: allocate more short-lived pages from reserved pool first erofs: sunset unneeded NOFAILs erofs: simplify erofs_map_blocks_flatmode() erofs: refactor read_inode calling convention erofs: use kmemdup_nul in erofs_fill_symlink erofs: mark experimental fscache backend deprecated erofs: support compressed inodes for fileio erofs: support unencoded inodes for fileio erofs: add file-backed mount support erofs: handle overlapped pclusters out of crafted images properly erofs: fix error handling in z_erofs_init_decompressor erofs: clean up erofs_register_sysfs() erofs: fix incorrect symlink detection in fast symlink commit 7427c5b34fbe191451a48c69c392c85b648caa4f Author: Nikita Shubin Date: Fri Sep 13 07:58:29 2024 +0300 pinctrl: ep93xx: Fix raster pins typo Fix raster_on_sdram0_pins used in PMX_GROUP() instead of raster_on_sdram3_pins as it should be. Fixes: d1661439f5a3 ("pinctrl: add a Cirrus ep93xx SoC pin controller") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409130426.1OzNAC9M-lkp@intel.com/ Signed-off-by: Nikita Shubin Acked-by: Alexander Sverdlin Link: https://lore.kernel.org/r/20240913045829.11904-1-nikita.shubin@maquefel.me Signed-off-by: Arnd Bergmann commit 7a40974fd0efa3698de4c6d1d0ee0436bcc4445d Merge: effdcd5275ed64 bd610c0937aaf0 Author: Linus Torvalds Date: Mon Sep 16 13:10:46 2024 +0200 Merge tag 'for-6.12-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux Pull btrfs updates from David Sterba: "This brings mostly refactoring, cleanups, minor performance optimizations and usual fixes. The folio API conversions are most noticeable. There's one less visible change that could have a high impact. The extent lock scope for read is reduced, not held for the entire operation. In the buffered read case it's left to page or inode lock, some direct io read synchronization is still needed. This used to prevent deadlocks induced by page faults during direct io, so there was a 4K limitation on the requests, e.g. for io_uring. In the future this will allow smoother integration with iomap where the extent read lock was a major obstacle. User visible changes: - the FSTRIM ioctl updates the processed range even after an error or interruption - cleaner thread is woken up in SYNC ioctl instead of waking the transaction thread that can take some delay before waking up the cleaner, this can speed up cleaning of deleted subvolumes - print an error message when opening a device fail, e.g. when it's unexpectedly read-only Core changes: - improved extent map handling in various ways (locking, iteration, ...) - new assertions and locking annotations - raid-stripe-tree locking fixes - use xarray for tracking dirty qgroup extents, switched from rb-tree - turn the subpage test to compile-time condition if possible (e.g. on x86_64 with 4K pages), this allows to skip a lot of ifs and remove dead code - more preparatory work for compression in subpage mode Cleanups and refactoring - folio API conversions, many simple cases where page is passed so switch it to folios - more subpage code refactoring, update page state bitmap processing - introduce auto free for btrfs_path structure, use for the simple cases" * tag 'for-6.12-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux: (110 commits) btrfs: only unlock the to-be-submitted ranges inside a folio btrfs: merge btrfs_folio_unlock_writer() into btrfs_folio_end_writer_lock() btrfs: BTRFS_PATH_AUTO_FREE in orphan.c btrfs: use btrfs_path auto free in zoned.c btrfs: DEFINE_FREE for struct btrfs_path btrfs: remove btrfs_folio_end_all_writers() btrfs: constify more pointer parameters btrfs: rework BTRFS_I as macro to preserve parameter const btrfs: add and use helper to verify the calling task has locked the inode btrfs: always update fstrim_range on failure in FITRIM ioctl btrfs: convert copy_inline_to_page() to use folio btrfs: convert btrfs_decompress() to take a folio btrfs: convert zstd_decompress() to take a folio btrfs: convert lzo_decompress() to take a folio btrfs: convert zlib_decompress() to take a folio btrfs: convert try_release_extent_mapping() to take a folio btrfs: convert try_release_extent_state() to take a folio btrfs: convert submit_eb_page() to take a folio btrfs: convert submit_eb_subpage() to take a folio btrfs: convert read_key_bytes() to take a folio ... commit effdcd5275ed645f6e0f8e8ce690b97795722197 Merge: 35219bc5c71f41 bf751ad062b58d Author: Linus Torvalds Date: Mon Sep 16 13:07:59 2024 +0200 Merge tag 'affs-for-6.12-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux Pull affs updates from David Sterba: "Cleanups removing unused code and updating the definition of a flexible struct array" * tag 'affs-for-6.12-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux: affs: Replace one-element array with flexible-array member affs: Remove unused macros GET_END_PTR, AFFS_GET_HASHENTRY commit 35219bc5c71f4197c8bd10297597de797c1eece5 Merge: 9020d0d844ad58 4b40d43d9f951d Author: Linus Torvalds Date: Mon Sep 16 12:13:31 2024 +0200 Merge tag 'vfs-6.12.netfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull netfs updates from Christian Brauner: "This contains the work to improve read/write performance for the new netfs library. The main performance enhancing changes are: - Define a structure, struct folio_queue, and a new iterator type, ITER_FOLIOQ, to hold a buffer as a replacement for ITER_XARRAY. See that patch for questions about naming and form. ITER_FOLIOQ is provided as a replacement for ITER_XARRAY. The problem with an xarray is that accessing it requires the use of a lock (typically the RCU read lock) - and this means that we can't supply iterate_and_advance() with a step function that might sleep (crypto for example) without having to drop the lock between pages. ITER_FOLIOQ is the iterator for a chain of folio_queue structs, where each folio_queue holds a small list of folios. A folio_queue struct is a simpler structure than xarray and is not subject to concurrent manipulation by the VM. folio_queue is used rather than a bvec[] as it can form lists of indefinite size, adding to one end and removing from the other on the fly. - Provide a copy_folio_from_iter() wrapper. - Make cifs RDMA support ITER_FOLIOQ. - Use folio queues in the write-side helpers instead of xarrays. - Add a function to reset the iterator in a subrequest. - Simplify the write-side helpers to use sheaves to skip gaps rather than trying to work out where gaps are. - In afs, make the read subrequests asynchronous, putting them into work items to allow the next patch to do progressive unlocking/reading. - Overhaul the read-side helpers to improve performance. - Fix the caching of a partial block at the end of a file. - Allow a store to be cancelled. Then some changes for cifs to make it use folio queues instead of xarrays for crypto bufferage: - Use raw iteration functions rather than manually coding iteration when hashing data. - Switch to using folio_queue for crypto buffers. - Remove the xarray bits. Make some adjustments to the /proc/fs/netfs/stats file such that: - All the netfs stats lines begin 'Netfs:' but change this to something a bit more useful. - Add a couple of stats counters to track the numbers of skips and waits on the per-inode writeback serialisation lock to make it easier to check for this as a source of performance loss. Miscellaneous work: - Ensure that the sb_writers lock is taken around vfs_{set,remove}xattr() in the cachefiles code. - Reduce the number of conditional branches in netfs_perform_write(). - Move the CIFS_INO_MODIFIED_ATTR flag to the netfs_inode struct and remove cifs_post_modify(). - Move the max_len/max_nr_segs members from netfs_io_subrequest to netfs_io_request as they're only needed for one subreq at a time. - Add an 'unknown' source value for tracing purposes. - Remove NETFS_COPY_TO_CACHE as it's no longer used. - Set the request work function up front at allocation time. - Use bh-disabling spinlocks for rreq->lock as cachefiles completion may be run from block-filesystem DIO completion in softirq context. - Remove fs/netfs/io.c" * tag 'vfs-6.12.netfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: (25 commits) docs: filesystems: corrected grammar of netfs page cifs: Don't support ITER_XARRAY cifs: Switch crypto buffer to use a folio_queue rather than an xarray cifs: Use iterate_and_advance*() routines directly for hashing netfs: Cancel dirty folios that have no storage destination cachefiles, netfs: Fix write to partial block at EOF netfs: Remove fs/netfs/io.c netfs: Speed up buffered reading afs: Make read subreqs async netfs: Simplify the writeback code netfs: Provide an iterator-reset function netfs: Use new folio_queue data type and iterator instead of xarray iter cifs: Provide the capability to extract from ITER_FOLIOQ to RDMA SGEs iov_iter: Provide copy_folio_from_iter() mm: Define struct folio_queue and ITER_FOLIOQ to handle a sequence of folios netfs: Use bh-disabling spinlocks for rreq->lock netfs: Set the request work function upon allocation netfs: Remove NETFS_COPY_TO_CACHE netfs: Reserve netfs_sreq_source 0 as unset/unknown netfs: Move max_len/max_nr_segs from netfs_io_subrequest to netfs_io_stream ... commit 9020d0d844ad58a051f90b1e5b82ba34123925b9 Merge: e8fc317dfca902 49224a345c488a Author: Linus Torvalds Date: Mon Sep 16 11:15:26 2024 +0200 Merge tag 'vfs-6.12.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs mount updates from Christian Brauner: "Recently, we added the ability to list mounts in other mount namespaces and the ability to retrieve namespace file descriptors without having to go through procfs by deriving them from pidfds. This extends nsfs in two ways: (1) Add the ability to retrieve information about a mount namespace via NS_MNT_GET_INFO. This will return the mount namespace id and the number of mounts currently in the mount namespace. The number of mounts can be used to size the buffer that needs to be used for listmount() and is in general useful without having to actually iterate through all the mounts. The structure is extensible. (2) Add the ability to iterate through all mount namespaces over which the caller holds privilege returning the file descriptor for the next or previous mount namespace. To retrieve a mount namespace the caller must be privileged wrt to it's owning user namespace. This means that PID 1 on the host can list all mounts in all mount namespaces or that a container can list all mounts of its nested containers. Optionally pass a structure for NS_MNT_GET_INFO with NS_MNT_GET_{PREV,NEXT} to retrieve information about the mount namespace in one go. (1) and (2) can be implemented for other namespace types easily. Together with recent api additions this means one can iterate through all mounts in all mount namespaces without ever touching procfs. The commit message in 49224a345c48 ('Merge patch series "nsfs: iterate through mount namespaces"') contains example code how to do this" * tag 'vfs-6.12.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: nsfs: iterate through mount namespaces file: add fput() cleanup helper fs: add put_mnt_ns() cleanup helper fs: allow mount namespace fd commit a09c17240bdf2e9fa6d0591afa9448b59785f7d4 Author: Jens Axboe Date: Mon Sep 16 02:58:06 2024 -0600 io_uring/sqpoll: retain test for whether the CPU is valid A recent commit ensured that SQPOLL cannot be setup with a CPU that isn't in the current tasks cpuset, but it also dropped testing whether the CPU is valid in the first place. Without that, if a task passes in a CPU value that is too high, the following KASAN splat can get triggered: BUG: KASAN: stack-out-of-bounds in io_sq_offload_create+0x858/0xaa4 Read of size 8 at addr ffff800089bc7b90 by task wq-aff.t/1391 CPU: 4 UID: 1000 PID: 1391 Comm: wq-aff.t Not tainted 6.11.0-rc7-00227-g371c468f4db6 #7080 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace.part.0+0xcc/0xe0 show_stack+0x14/0x1c dump_stack_lvl+0x58/0x74 print_report+0x16c/0x4c8 kasan_report+0x9c/0xe4 __asan_report_load8_noabort+0x1c/0x24 io_sq_offload_create+0x858/0xaa4 io_uring_setup+0x1394/0x17c4 __arm64_sys_io_uring_setup+0x6c/0x180 invoke_syscall+0x6c/0x260 el0_svc_common.constprop.0+0x158/0x224 do_el0_svc+0x3c/0x5c el0_svc+0x34/0x70 el0t_64_sync_handler+0x118/0x124 el0t_64_sync+0x168/0x16c The buggy address belongs to stack of task wq-aff.t/1391 and is located at offset 48 in frame: io_sq_offload_create+0x0/0xaa4 This frame has 1 object: [32, 40) 'allowed_mask' The buggy address belongs to the virtual mapping at [ffff800089bc0000, ffff800089bc9000) created by: kernel_clone+0x124/0x7e0 The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff0000d740af80 pfn:0x11740a memcg:ffff0000c2706f02 flags: 0xbffe00000000000(node=0|zone=2|lastcpupid=0x1fff) raw: 0bffe00000000000 0000000000000000 dead000000000122 0000000000000000 raw: ffff0000d740af80 0000000000000000 00000001ffffffff ffff0000c2706f02 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff800089bc7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff800089bc7b00: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 >ffff800089bc7b80: 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 ^ ffff800089bc7c00: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 ffff800089bc7c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f3 Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202409161632.cbeeca0d-lkp@intel.com Fixes: f011c9cf04c0 ("io_uring/sqpoll: do not allow pinning outside of cpuset") Tested-by: Felix Moessbauer Signed-off-by: Jens Axboe commit e766e6a92410ca269161de059fff0843b8ddd65f Author: Mikhail Lobanov Date: Thu Sep 12 10:58:39 2024 -0400 RDMA/cxgb4: Added NULL check for lookup_atid The lookup_atid() function can return NULL if the ATID is invalid or does not exist in the identifier table, which could lead to dereferencing a null pointer without a check in the `act_establish()` and `act_open_rpl()` functions. Add a NULL check to prevent null pointer dereferencing. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: cfdda9d76436 ("RDMA/cxgb4: Add driver for Chelsio T4 RNIC") Signed-off-by: Mikhail Lobanov Link: https://patch.msgid.link/20240912145844.77516-1-m.lobanov@rosalinux.ru Signed-off-by: Leon Romanovsky commit f9b56b2c31e5733c04464da1b73bafb9eff6569f Author: Christoph Schlameuss Date: Wed Aug 7 17:45:12 2024 +0200 s390: Enable KVM_S390_UCONTROL config in debug_defconfig To simplify testing enable UCONTROL KVM by default in debug kernels. Signed-off-by: Christoph Schlameuss Reviewed-by: Janosch Frank Link: https://lore.kernel.org/r/20240807154512.316936-11-schlameuss@linux.ibm.com Signed-off-by: Janosch Frank Message-ID: <20240807154512.316936-11-schlameuss@linux.ibm.com> commit 5bab087507ae99250579f1d36071eb6c867065b1 Author: Christoph Schlameuss Date: Wed Aug 7 17:45:08 2024 +0200 selftests: kvm: s390: Add VM run test case Add test case running code interacting with registers within a ucontrol VM. * Add uc_gprs test case The test uses the same VM setup using the fixture and debug macros introduced in earlier patches in this series. Signed-off-by: Christoph Schlameuss Reviewed-by: Janosch Frank Link: https://lore.kernel.org/r/20240807154512.316936-7-schlameuss@linux.ibm.com [frankja@linux.ibm.com: Removed leftover comment line] Signed-off-by: Janosch Frank Message-ID: <20240807154512.316936-7-schlameuss@linux.ibm.com> commit 39c047d4047a1242aeefa87513174b56a91080ab Author: Junxian Huang Date: Thu Sep 12 19:57:00 2024 +0800 RDMA/hns: Fix ah error counter in sw stat not increasing There are several error cases where hns_roce_create_ah() returns directly without jumping to sw stat path, thus leading to a problem that the ah error counter does not increase. Fixes: ee20cc17e9d8 ("RDMA/hns: Support DSCP") Fixes: eb7854d63db5 ("RDMA/hns: Support SW stats with debugfs") Signed-off-by: Junxian Huang Link: https://patch.msgid.link/20240912115700.2016443-1-huangjunxian6@hisilicon.com Signed-off-by: Leon Romanovsky commit e8fc317dfca9021f0ea9ed77061d8df677e47a9f Merge: ee25861f26e7a2 4ad5f9a021bd7e Author: Linus Torvalds Date: Mon Sep 16 09:36:59 2024 +0200 Merge tag 'vfs-6.12.procfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull procfs updates from Christian Brauner: "This contains the following changes for procfs: - Add config options and parameters to block forcing memory writes. This adds a Kconfig option and boot param to allow removing the FOLL_FORCE flag from /proc//mem write calls as this can be used in various attacks. The traditional forcing behavior is kept as default because it can break GDB and some other use cases. This is the simpler version that you had requested. - Restrict overmounting of ephemeral entities. It is currently possible to mount on top of various ephemeral entities in procfs. This specifically includes magic links. To recap, magic links are links of the form /proc//fd/. They serve as references to a target file and during path lookup they cause a jump to the target path. Such magic links disappear if the corresponding file descriptor is closed. Currently it is possible to overmount such magic links. This is mostly interesting for an attacker that wants to somehow trick a process into e.g., reopening something that it didn't intend to reopen or to hide a malicious file descriptor. But also it risks leaking mounts for long-running processes. When overmounting a magic link like above, the mount will not be detached when the file descriptor is closed. Only the target mountpoint will disappear. Which has the consequence of making it impossible to unmount that mount afterwards. So the mount will stick around until the process exits and the /proc// directory is cleaned up during proc_flush_pid() when the dentries are pruned and invalidated. That in turn means it's possible for a program to accidentally leak mounts and it's also possible to make a task leak mounts without it's knowledge if the attacker just keeps overmounting things under /proc//fd/. Disallow overmounting of such ephemeral entities. - Cleanup the readdir method naming in some procfs file operations. - Replace kmalloc() and strcpy() with a simple kmemdup() call" * tag 'vfs-6.12.procfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: proc: fold kmalloc() + strcpy() into kmemdup() proc: block mounting on top of /proc//fdinfo/* proc: block mounting on top of /proc//fd/* proc: block mounting on top of /proc//map_files/* proc: add proc_splice_unmountable() proc: proc_readfdinfo() -> proc_fdinfo_iterate() proc: proc_readfd() -> proc_fd_iterate() proc: add config & param to block forcing mem writes commit ee25861f26e7a2213b97ce21ee1ccd98331a75b1 Merge: 3352633ce6b221 7fbabbb4ae2a72 Author: Linus Torvalds Date: Mon Sep 16 09:34:08 2024 +0200 Merge tag 'vfs-6.12.fallocate' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs fallocate updates from Christian Brauner: "This contains work to try and cleanup some the fallocate mode handling. Currently, it confusingly mixes operation modes and an optional flag. The work here tries to better define operation modes and optional flags allowing the core and filesystem code to use switch statements to switch on the operation mode" * tag 'vfs-6.12.fallocate' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: xfs: refactor xfs_file_fallocate xfs: move the xfs_is_always_cow_inode check into xfs_alloc_file_space xfs: call xfs_flush_unmap_range from xfs_free_file_space fs: sort out the fallocate mode vs flag mess ext4: remove tracing for FALLOC_FL_NO_HIDE_STALE block: remove checks for FALLOC_FL_NO_HIDE_STALE commit 3352633ce6b221d64bf40644d412d9670e7d56e3 Merge: 2775df6e5e324b 24a988f75c8a5f Author: Linus Torvalds Date: Mon Sep 16 09:14:02 2024 +0200 Merge tag 'vfs-6.12.file' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs file updates from Christian Brauner: "This is the work to cleanup and shrink struct file significantly. Right now, (focusing on x86) struct file is 232 bytes. After this series struct file will be 184 bytes aka 3 cacheline and a spare 8 bytes for future extensions at the end of the struct. With struct file being as ubiquitous as it is this should make a difference for file heavy workloads and allow further optimizations in the future. - struct fown_struct was embedded into struct file letting it take up 32 bytes in total when really it shouldn't even be embedded in struct file in the first place. Instead, actual users of struct fown_struct now allocate the struct on demand. This frees up 24 bytes. - Move struct file_ra_state into the union containg the cleanup hooks and move f_iocb_flags out of the union. This closes a 4 byte hole we created earlier and brings struct file to 192 bytes. Which means struct file is 3 cachelines and we managed to shrink it by 40 bytes. - Reorder struct file so that nothing crosses a cacheline. I suspect that in the future we will end up reordering some members to mitigate false sharing issues or just because someone does actually provide really good perf data. - Shrinking struct file to 192 bytes is only part of the work. Files use a slab that is SLAB_TYPESAFE_BY_RCU and when a kmem cache is created with SLAB_TYPESAFE_BY_RCU the free pointer must be located outside of the object because the cache doesn't know what part of the memory can safely be overwritten as it may be needed to prevent object recycling. That has the consequence that SLAB_TYPESAFE_BY_RCU may end up adding a new cacheline. So this also contains work to add a new kmem_cache_create_rcu() function that allows the caller to specify an offset where the freelist pointer is supposed to be placed. Thus avoiding the implicit addition of a fourth cacheline. - And finally this removes the f_version member in struct file. The f_version member isn't particularly well-defined. It is mainly used as a cookie to detect concurrent seeks when iterating directories. But it is also abused by some subsystems for completely unrelated things. It is mostly a directory and filesystem specific thing that doesn't really need to live in struct file and with its wonky semantics it really lacks a specific function. For pipes, f_version is (ab)used to defer poll notifications until a write has happened. And struct pipe_inode_info is used by multiple struct files in their ->private_data so there's no chance of pushing that down into file->private_data without introducing another pointer indirection. But pipes don't rely on f_pos_lock so this adds a union into struct file encompassing f_pos_lock and a pipe specific f_pipe member that pipes can use. This union of course can be extended to other file types and is similar to what we do in struct inode already" * tag 'vfs-6.12.file' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: (26 commits) fs: remove f_version pipe: use f_pipe fs: add f_pipe ubifs: store cookie in private data ufs: store cookie in private data udf: store cookie in private data proc: store cookie in private data ocfs2: store cookie in private data input: remove f_version abuse ext4: store cookie in private data ext2: store cookie in private data affs: store cookie in private data fs: add generic_llseek_cookie() fs: use must_set_pos() fs: add must_set_pos() fs: add vfs_setpos_cookie() s390: remove unused f_version ceph: remove unused f_version adi: remove unused f_version mm: Removed @freeptr_offset to prevent doc warning ... commit 2775df6e5e324be9dc375f7db2c8d3042df72bbf Merge: 8f72c31f45a575 84e0e03b308816 Author: Linus Torvalds Date: Mon Sep 16 08:54:30 2024 +0200 Merge tag 'vfs-6.12.folio' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs Pull vfs folio updates from Christian Brauner: "This contains work to port write_begin and write_end to rely on folios for various filesystems. This converts ocfs2, vboxfs, orangefs, jffs2, hostfs, fuse, f2fs, ecryptfs, ntfs3, nilfs2, reiserfs, minixfs, qnx6, sysv, ufs, and squashfs. After this series lands a bunch of the filesystems in this list do not mention struct page anymore" * tag 'vfs-6.12.folio' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs: (61 commits) Squashfs: Ensure all readahead pages have been used Squashfs: Rewrite and update squashfs_readahead_fragment() to not use page->index Squashfs: Update squashfs_readpage_block() to not use page->index Squashfs: Update squashfs_readahead() to not use page->index Squashfs: Update page_actor to not use page->index jffs2: Use a folio in jffs2_garbage_collect_dnode() jffs2: Convert jffs2_do_readpage_nolock to take a folio buffer: Convert __block_write_begin() to take a folio ocfs2: Convert ocfs2_write_zero_page to use a folio fs: Convert aops->write_begin to take a folio fs: Convert aops->write_end to take a folio vboxsf: Use a folio in vboxsf_write_end() orangefs: Convert orangefs_write_begin() to use a folio orangefs: Convert orangefs_write_end() to use a folio jffs2: Convert jffs2_write_begin() to use a folio jffs2: Convert jffs2_write_end() to use a folio hostfs: Convert hostfs_write_end() to use a folio fuse: Convert fuse_write_begin() to use a folio fuse: Convert fuse_write_end() to use a folio f2fs: Convert f2fs_write_begin() to use a folio ... commit 8f72c31f45a575d156cfe964099b4cfcc02e03eb Merge: d22300518d875f 2077006d4725c8 Author: Linus Torvalds Date: Mon Sep 16 08:35:09 2024 +0200 Merge tag 'vfs-6.12.misc' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs Pull misc vfs updates from Christian Brauner: "This contains the usual pile of misc updates: Features: - Add F_CREATED_QUERY fcntl() that allows userspace to query whether a file was actually created. Often userspace wants to know whether an O_CREATE request did actually create a file without using O_EXCL. The current logic is that to first attempts to open the file without O_CREAT | O_EXCL and if ENOENT is returned userspace tries again with both flags. If that succeeds all is well. If it now reports EEXIST it retries. That works fairly well but some corner cases make this more involved. If this operates on a dangling symlink the first openat() without O_CREAT | O_EXCL will return ENOENT but the second openat() with O_CREAT | O_EXCL will fail with EEXIST. The reason is that openat() without O_CREAT | O_EXCL follows the symlink while O_CREAT | O_EXCL doesn't for security reasons. So it's not something we can really change unless we add an explicit opt-in via O_FOLLOW which seems really ugly. All available workarounds are really nasty (fanotify, bpf lsm etc) so add a simple fcntl(). - Try an opportunistic lookup for O_CREAT. Today, when opening a file we'll typically do a fast lookup, but if O_CREAT is set, the kernel always takes the exclusive inode lock. This was likely done with the expectation that O_CREAT means that we always expect to do the create, but that's often not the case. Many programs set O_CREAT even in scenarios where the file already exists (see related F_CREATED_QUERY patch motivation above). The series contained in the pr rearranges the pathwalk-for-open code to also attempt a fast_lookup in certain O_CREAT cases. If a positive dentry is found, the inode_lock can be avoided altogether and it can stay in rcuwalk mode for the last step_into. - Expose the 64 bit mount id via name_to_handle_at() Now that we provide a unique 64-bit mount ID interface in statx(2), we can now provide a race-free way for name_to_handle_at(2) to provide a file handle and corresponding mount without needing to worry about racing with /proc/mountinfo parsing or having to open a file just to do statx(2). While this is not necessary if you are using AT_EMPTY_PATH and don't care about an extra statx(2) call, users that pass full paths into name_to_handle_at(2) need to know which mount the file handle comes from (to make sure they don't try to open_by_handle_at a file handle from a different filesystem) and switching to AT_EMPTY_PATH would require allocating a file for every name_to_handle_at(2) call - Add a per dentry expire timeout to autofs There are two fairly well known automounter map formats, the autofs format and the amd format (more or less System V and Berkley). Some time ago Linux autofs added an amd map format parser that implemented a fair amount of the amd functionality. This was done within the autofs infrastructure and some functionality wasn't implemented because it either didn't make sense or required extra kernel changes. The idea was to restrict changes to be within the existing autofs functionality as much as possible and leave changes with a wider scope to be considered later. One of these changes is implementing the amd options: 1) "unmount", expire this mount according to a timeout (same as the current autofs default). 2) "nounmount", don't expire this mount (same as setting the autofs timeout to 0 except only for this specific mount) . 3) "utimeout=", expire this mount using the specified timeout (again same as setting the autofs timeout but only for this mount) To implement these options per-dentry expire timeouts need to be implemented for autofs indirect mounts. This is because all map keys (mounts) for autofs indirect mounts use an expire timeout stored in the autofs mount super block info. structure and all indirect mounts use the same expire timeout. Fixes: - Fix missing fput for FSCONFIG_SET_FD in autofs - Use param->file for FSCONFIG_SET_FD in coda - Delete the 'fs/netfs' proc subtreee when netfs module exits - Make sure that struct uid_gid_map fits into a single cacheline - Don't flush in-flight wb switches for superblocks without cgroup writeback - Correcting the idmapping mount example in the idmapping documentation - Fix a race between evice_inodes() and find_inode() and iput() - Refine the show_inode_state() macro definition in writeback code - Prevent dump_mapping() from accessing invalid dentry.d_name.name - Show actual source for debugfs in /proc/mounts - Annotate data-race of busy_poll_usecs in eventpoll - Don't WARN for racy path_noexec check in exec code - Handle OOM on mnt_warn_timestamp_expiry() - Fix some spelling in the iomap design documentation - Fix typo in procfs comment - Fix typo in fs/namespace.c comment Cleanups: - Add the VFS git tree to the MAINTAINERS file - Move FMODE_UNSIGNED_OFFSET to fop_flags freeing up another f_mode bit in struct file bringing us to 5 free f_mode bits - Remove the __I_DIO_WAKEUP bit from i_state flags as we can simplify the wait mechanism - Remove the unused path_put_init() helper - Replace a __u32 with u32 for s_fsnotify_mask as __u32 is uapi specific - Replace the unsigned long i_state member with a u32 i_state member in struct inode freeing up 4 bytes in struct inode. Instead of using the bit based wait apis we're now using the var event apis and using the individual bytes of the i_state member to wait on state changes - Explain how per-syscall AT_* flags should be allocated - Use in_group_or_capable() helper to simplify the posix acl mode update code - Switch to LIST_HEAD() in fsync_buffers_list() to simplify the code - Removed comment about d_rcu_to_refcount() as that function doesn't exist anymore - Add kernel documentation for lookup_fast() - Don't re-zero evenpoll fields - Remove outdated comment after close_fd() - Fix imprecise wording in comment about the pipe filesystem - Drop GFP_NOFAIL mode from alloc_page_buffers - Missing blank line warnings and struct declaration improved in file_table - Annotate struct poll_list with __counted_by() - Remove the unused read parameter in percpu-rwsem - Remove linux/prefetch.h include from direct-io code - Use kmemdup_array instead of kmemdup for multiple allocation in mnt_idmapping code - Remove unused mnt_cursor_del() declaration Performance tweaks: - Dodge smp_mb in break_lease and break_deleg in the common case - Only read fops once in fops_{get,put}() - Use RCU in ilookup() - Elide smp_mb in iversion handling in the common case - Drop one lock trip in evict()" * tag 'vfs-6.12.misc' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs: (58 commits) uidgid: make sure we fit into one cacheline proc: Fix typo in the comment fs/pipe: Correct imprecise wording in comment fhandle: expose u64 mount id to name_to_handle_at(2) uapi: explain how per-syscall AT_* flags should be allocated fs: drop GFP_NOFAIL mode from alloc_page_buffers writeback: Refine the show_inode_state() macro definition fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name mnt_idmapping: Use kmemdup_array instead of kmemdup for multiple allocation netfs: Delete subtree of 'fs/netfs' when netfs module exits fs: use LIST_HEAD() to simplify code inode: make i_state a u32 inode: port __I_LRU_ISOLATING to var event vfs: fix race between evice_inodes() and find_inode()&iput() inode: port __I_NEW to var event inode: port __I_SYNC to var event fs: reorder i_state bits fs: add i_state helpers MAINTAINERS: add the VFS git tree fs: s/__u32/u32/ for s_fsnotify_mask ... commit ec2231b8dd2dc515912ff7816c420153b4a95e92 Author: Imre Deak Date: Tue Sep 10 14:18:47 2024 +0300 drm/i915/dp: Fix AUX IO power enabling for eDP PSR Panel Self Refresh on eDP requires the AUX IO power to be enabled whenever the output (main link) is enabled. This is required by the AUX_PHY_WAKE/ML_PHY_LOCK signaling initiated by the HW automatically to re-enable the main link after it got disabled in power saving states (see eDP v1.4b, sections 5.1, 6.1.3.3.1.1). The Panel Replay mode on non-eDP outputs on the other hand is only supported by keeping the main link active, thus not requiring the above AUX_PHY_WAKE/ML_PHY_LOCK signaling (eDP v1.4b, section 6.1.3.3.1.2). Thus enabling the AUX IO power for this case is not required either. Based on the above enable the AUX IO power only for eDP/PSR outputs. Bspec: 49274, 53370 v2: - Add a TODO comment to adjust the requirement for AUX IO based on whether the ALPM/main-link off mode gets enabled. (Rodrigo) Cc: Animesh Manna Fixes: b8cf5b5d266e ("drm/i915/panelreplay: Initializaton and compute config for panel replay") Reviewed-by: Rodrigo Vivi Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240910111847.2995725-1-imre.deak@intel.com (cherry picked from commit f7c2ed9d4ce80a2570c492825de239dc8b500f2e) Signed-off-by: Joonas Lahtinen commit fcd33d434d31a210bc9f209b5bfd92f3b91a2dda Author: Arun R Murthy Date: Tue Aug 27 13:42:05 2024 +0530 drm/i915/display: BMG supports UHBR13.5 UHBR20 is not supported by battlemage and the maximum link rate supported is UHBR13.5 v2: Replace IS_DGFX with IS_BATTLEMAGE (Jani) HSD: 16023263677 Signed-off-by: Arun R Murthy Reviewed-by: Mika Kahola Fixes: 98b1c87a5e51 ("drm/i915/xe2hpd: Set maximum DP rate to UHBR13.5") Signed-off-by: Suraj Kandpal Link: https://patchwork.freedesktop.org/patch/msgid/20240827081205.136569-1-arun.r.murthy@intel.com (cherry picked from commit 9c2338ac4543e0fab3a1e0f9f025591e0f0d9f8f) Signed-off-by: Joonas Lahtinen commit 9498f2e24ee0133d486667c9fa4c27ecdaadc272 Author: Jouni Högander Date: Fri Sep 6 10:00:33 2024 +0300 drm/i915/psr: Do not wait for PSR being idle on on Panel Replay We do not have ALPM on DP Panel Replay. Due to this SRD_STATUS[SRD State] doesn't change from SRDENT_ON after Panel Replay is enabled until it gets disabled. On eDP Panel Replay DEEP_SLEEP is not reached. _psr2_ready_for_pipe_update_locked is waiting DEEP_SLEEP bit getting reset. Take these into account in Panel Replay code by not waiting PSR getting idle after enabling VBI. Fixes: 29fb595d4875 ("drm/i915/psr: Panel replay uses SRD_STATUS to track it's status") Cc: Animesh Manna Signed-off-by: Jouni Högander Reviewed-by: Animesh Manna Link: https://patchwork.freedesktop.org/patch/msgid/20240906070033.289015-5-jouni.hogander@intel.com (cherry picked from commit a2d98feb4b0013ef4f9db0d8f642a8ac1f5ecbb9) Signed-off-by: Joonas Lahtinen commit d22300518d875f78203e9afacb5aa0b0316da523 Merge: 02824a5fd11f99 3bc5ed15bdc507 Author: Linus Torvalds Date: Mon Sep 16 08:05:54 2024 +0200 Merge tag 'thermal-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull thermal control updates from Rafael Wysocki: "These mostly continue to rework the thermal core and the thermal zone driver interface to make the code more straightforward and reduce bloat The most significant piece of this work is a change of the code related to binding cooling devices to thermal zones which, among other things, replaces two previously existing thermal zone operations with one allowing driver implementations to be much simpler There is also a new thermal core testing module allowing mock thermal zones to be created and controlled via debugfs in order to exercise the thermal core functionality. It is expected to be used for implementing thermal core self tests in the future Apart from the above, there are assorted thermal driver updates Specifics: - Update some thermal drivers to eliminate thermal_zone_get_trip() calls from them and get rid of that function (Rafael Wysocki) - Update the thermal sysfs code to store trip point attributes in trip descriptors and get to trip points via attribute pointers (Rafael Wysocki) - Move the computation of the low and high boundaries for thermal_zone_set_trips() to __thermal_zone_device_update() (Daniel Lezcano) - Introduce a debugfs-based facility for thermal core testing (Rafael Wysocki) - Replace the thermal zone .bind() and .unbind() callbacks for binding cooling devices to thermal zones with one .should_bind() callback used for deciding whether or not a given cooling devices should be bound to a given trip point in a given thermal zone (Rafael Wysocki) - Eliminate code that has no more users after the other changes, drop some redundant checks from the thermal core and clean it up (Rafael Wysocki) - Fix rounding of delay jiffies in the thermal core (Rafael Wysocki) - Refuse to accept trip point temperature or hysteresis that would lead to an invalid threshold value when setting them via sysfs (Rafael Wysocki) - Adjust states of all uninitialized instances in the .manage() callback of the Bang-bang thermal governor (Rafael Wysocki) - Drop a couple of redundant checks along with the code depending on them from the thermal core (Rafael Wysocki) - Rearrange the thermal core to avoid redundant checks and simplify control flow in a couple of code paths (Rafael Wysocki) - Add power domain DT bindings for new Amlogic SoCs (Georges Stark) - Switch from CONFIG_PM_SLEEP guards to pm_sleep_ptr() in the ST driver and add a Kconfig dependency on THERMAL_OF subsystem for the STi driver (Raphael Gallais-Pou) - Simplify the error code path in the probe functions in the brcmstb driver with the helo of dev_err_probe() (Yan Zhen) - Make imx_sc_thermal use dev_err_probe() (Alexander Stein) - Remove trailing space after \n newline in the Renesas driver (Colin Ian King) - Add DT binding compatible string for the SA8255p to the tsens thermal driver (Nikunj Kela) - Use the devm_clk_get_enabled() helpers to simplify the init routine in the sprd thermal driver (Huan Yang) - Remove __maybe_unused notations for the functions by using the new RUNTIME_PM_OPS() and SYSTEM_SLEEP_PM_OPS() macros on the IMx and Qoriq drivers (Fabio Estevam) - Remove unused declarations from the ti-soc-thermal driver's header file as the functions in question were removed previously (Zhang Zekun)" * tag 'thermal-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: (48 commits) thermal: core: Drop thermal_zone_device_is_enabled() thermal: core: Check passive delay in monitor_thermal_zone() thermal: core: Drop dead code from monitor_thermal_zone() thermal: core: Drop redundant lockdep_assert_held() thermal: gov_bang_bang: Adjust states of all uninitialized instances thermal: sysfs: Add sanity checks for trip temperature and hysteresis thermal/drivers/imx_sc_thermal: Use dev_err_probe thermal/drivers/ti-soc-thermal: Remove unused declarations thermal/drivers/imx: Remove __maybe_unused notations thermal/drivers/qoriq: Remove __maybe_unused notations thermal/drivers/sprd: Use devm_clk_get_enabled() helpers dt-bindings: thermal: tsens: document support on SA8255p thermal/drivers/renesas: Remove trailing space after \n newline thermal/drivers/brcmstb_thermal: Simplify with dev_err_probe() thermal/drivers/sti: Depend on THERMAL_OF subsystem thermal/drivers/st: Switch from CONFIG_PM_SLEEP guards to pm_sleep_ptr() dt-bindings: thermal: amlogic,thermal: add optional power-domains thermal: core: Drop tz field from struct thermal_instance thermal: core: Drop redundant checks from thermal_bind_cdev_to_trip() thermal: core: Rename cdev-to-thermal-zone bind/unbind functions ... commit 02824a5fd11f99b4637668926a59aab3698b46a9 Merge: 11b3125073d169 0a06811d664b86 Author: Linus Torvalds Date: Mon Sep 16 07:47:50 2024 +0200 Merge tag 'pm-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull power management updates from Rafael Wysocki: "By the number of new lines of code, the most visible change here is the addition of hybrid CPU capacity scaling support to the intel_pstate driver. Next are the amd-pstate driver changes related to the calculation of the AMD boost numerator and preferred core detection. As far as new hardware support is concerned, the intel_idle driver will now handle Granite Rapids Xeon processors natively, the intel_rapl power capping driver will recognize family 1Ah of AMD processors and Intel ArrowLake-U chipos, and intel_pstate will handle Granite Rapids and Sierra Forest chips in the out-of-band (OOB) mode. Apart from the above, there is a usual collection of assorted fixes and code cleanups in many places and there are tooling updates. Specifics: - Remove LATENCY_MULTIPLIER from cpufreq (Qais Yousef) - Add support for Granite Rapids and Sierra Forest in OOB mode to the intel_pstate cpufreq driver (Srinivas Pandruvada) - Add basic support for CPU capacity scaling on x86 and make the intel_pstate driver set asymmetric CPU capacity on hybrid systems without SMT (Rafael Wysocki) - Add missing MODULE_DESCRIPTION() macros to the powerpc cpufreq driver (Jeff Johnson) - Several OF related cleanups in cpufreq drivers (Rob Herring) - Enable COMPILE_TEST for ARM drivers (Rob Herrring) - Introduce quirks for syscon failures and use socinfo to get revision for TI cpufreq driver (Dhruva Gole, Nishanth Menon) - Minor cleanups in amd-pstate driver (Anastasia Belova, Dhananjay Ugwekar) - Minor cleanups for loongson, cpufreq-dt and powernv cpufreq drivers (Danila Tikhonov, Huacai Chen, and Liu Jing) - Make amd-pstate validate return of any attempt to update EPP limits, which fixes the masking hardware problems (Mario Limonciello) - Move the calculation of the AMD boost numerator outside of amd-pstate, correcting acpi-cpufreq on systems with preferred cores (Mario Limonciello) - Harden preferred core detection in amd-pstate to avoid potential false positives (Mario Limonciello) - Add extra unit test coverage for mode state machine (Mario Limonciello) - Fix an "Uninitialized variables" issue in amd-pstste (Qianqiang Liu) - Add Granite Rapids Xeon support to intel_idle (Artem Bityutskiy) - Disable promotion to C1E on Jasper Lake and Elkhart Lake in intel_idle (Kai-Heng Feng) - Use scoped device node handling to fix missing of_node_put() and simplify walking OF children in the riscv-sbi cpuidle driver (Krzysztof Kozlowski) - Remove dead code from cpuidle_enter_state() (Dhruva Gole) - Change an error pointer to NULL to fix error handling in the intel_rapl power capping driver (Dan Carpenter) - Fix off by one in get_rpi() in the intel_rapl power capping driver (Dan Carpenter) - Add support for ArrowLake-U to the intel_rapl power capping driver (Sumeet Pawnikar) - Fix the energy-pkg event for AMD CPUs in the intel_rapl power capping driver (Dhananjay Ugwekar) - Add support for AMD family 1Ah processors to the intel_rapl power capping driver (Dhananjay Ugwekar) - Remove unused stub for saveable_highmem_page() and remove deprecated macros from power management documentation (Andy Shevchenko) - Use ysfs_emit() and sysfs_emit_at() in "show" functions in the PM sysfs interface (Xueqin Luo) - Update the maintainers information for the operating-points-v2-ti-cpu DT binding (Dhruva Gole) - Drop unnecessary of_match_ptr() from ti-opp-supply (Rob Herring) - Add missing MODULE_DESCRIPTION() macros to devfreq governors (Jeff Johnson) - Use devm_clk_get_enabled() in the exynos-bus devfreq driver (Anand Moon) - Use of_property_present() instead of of_get_property() in the imx-bus devfreq driver (Rob Herring) - Update directory handling and installation process in the pm-graph Makefile and add .gitignore to ignore sleepgraph.py artifacts to pm-graph (Amit Vadhavana, Yo-Jung Lin) - Make cpupower display residency value in idle-info (Aboorva Devarajan) - Add missing powercap_set_enabled() stub function to cpupower (John B. Wyatt IV) - Add SWIG support to cpupower (John B. Wyatt IV)" * tag 'pm-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: (62 commits) cpufreq/amd-pstate-ut: Fix an "Uninitialized variables" issue cpufreq/amd-pstate-ut: Add test case for mode switches cpufreq/amd-pstate: Export symbols for changing modes amd-pstate: Add missing documentation for `amd_pstate_prefcore_ranking` cpufreq: amd-pstate: Add documentation for `amd_pstate_hw_prefcore` cpufreq: amd-pstate: Optimize amd_pstate_update_limits() cpufreq: amd-pstate: Merge amd_pstate_highest_perf_set() into amd_get_boost_ratio_numerator() x86/amd: Detect preferred cores in amd_get_boost_ratio_numerator() x86/amd: Move amd_get_highest_perf() out of amd-pstate ACPI: CPPC: Adjust debug messages in amd_set_max_freq_ratio() to warn ACPI: CPPC: Drop check for non zero perf ratio x86/amd: Rename amd_get_highest_perf() to amd_get_boost_ratio_numerator() ACPI: CPPC: Adjust return code for inline functions in !CONFIG_ACPI_CPPC_LIB x86/amd: Move amd_get_highest_perf() from amd.c to cppc.c PM: hibernate: Remove unused stub for saveable_highmem_page() pm:cpupower: Add error warning when SWIG is not installed MAINTAINERS: Add Maintainers for SWIG Python bindings pm:cpupower: Include test_raw_pylibcpupower.py pm:cpupower: Add SWIG bindings files for libcpupower pm:cpupower: Add missing powercap_set_enabled() stub function ... commit 11b3125073d16929403d3aa7b2ae6a482060a937 Merge: 64dd3b6a79f090 3dd2fcf496359d Author: Linus Torvalds Date: Mon Sep 16 07:41:48 2024 +0200 Merge tag 'acpi-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull ACPI updates from Rafael Wysocki: "These update the ACPICA code in the kernel to upstream version 20240827, add support for ACPI-based enumeration of interrupt controllers on RISC-V along with some related irqchip updates, clean up the ACPI device object sysfs interface, add some quirks for backlight handling and IRQ overrides, fix assorted issues and clean up code. Specifics: - Check return value in acpi_db_convert_to_package() (Pei Xiao) - Detect FACS and allow setting the waking vector on reduced-hardware ACPI platforms (Jiaqing Zhao) - Allow ACPICA to represent semaphores as integers (Adrien Destugues) - Complete CXL 3.0 CXIMS structures support in ACPICA (Zhang Rui) - Make ACPICA support SPCR version 4 and add RISC-V SBI Subtype to DBG2 (Sia Jee Heng) - Implement the Dword_PCC Resource Descriptor Macro in ACPICA (Jose Marinho) - Correct the typo in struct acpi_mpam_msc_node member (Punit Agrawal) - Implement ACPI_WARNING_ONCE() and ACPI_ERROR_ONCE() and use them to prevent a Stall() violation warning from being printed every time this takes place (Vasily Khoruzhick) - Allow PCC Data Type in MCTP resource (Adam Young) - Fix memory leaks on acpi_ps_get_next_namepath() and acpi_ps_get_next_field() failures (Armin Wolf) - Add support for supressing leading zeros in hex strings when converting them to integers and update integer-to-hex-string conversions in ACPICA (Armin Wolf) - Add support for Windows 11 22H2 _OSI string (Armin Wolf) - Avoid warning for Dump Functions in ACPICA (Adam Lackorzynski) - Add extended linear address mode to HMAT MSCIS in ACPICA (Dave Jiang) - Handle empty connection_node in iasl (Aleksandrs Vinarskis) - Allow for more flexibility in _DSM args (Saket Dumbre) - Setup for ACPICA release 20240827 (Saket Dumbre) - Add ACPI device enumeration support for interrupt controller probing including taking dependencies into account (Sunil V L) - Implement ACPI-based interrupt controller probing on RISC-V (Sunil V L) - Add ACPI support for AIA in riscv-intc and add ACPI support to riscv-imsic, riscv-aplic, and sifive-plic (Sunil V L) - Do not release locks during operation region accesses in the ACPI EC driver (Rafael Wysocki) - Fix up the _STR handling in the ACPI device object sysfs interface, make it represent the device object attributes as an attribute group and make it rely on driver core functionality for sysfs attrubute management (Thomas Weißschuh) - Extend error messages printed to the kernel log when acpi_evaluate_dsm() fails to include revision and function number (David Wang) - Add a new AMDI0015 platform device ID to the ACPi APD driver for AMD SoCs (Shyam Sundar S K) - Use the driver core for the async probing management in the ACPI battery driver (Thomas Weißschuh) - Remove redundant initalizations of a local variable to NULL from the ACPI battery driver (Ilpo Järvinen) - Remove unneeded check in tps68470_pmic_opregion_probe() (Aleksandr Mishin) - Add support for setting the EPP register through the ACPI CPPC sysfs interface if it is in FFH (Mario Limonciello) - Fix MASK_VAL() usage in the ACPI CPPC library (Clément Léger) - Reduce the log level of a per-CPU message about idle states in the ACPI processor driver (Li RongQing) - Fix crash in exit_round_robin() in the ACPI processor aggregator device (PAD) driver (Seiji Nishikawa) - Add force_vendor quirk for Panasonic Toughbook CF-18 in the ACPI backlight driver (Hans de Goede) - Make the DMI checks related to backlight handling on Lenovo Yoga Tab 3 X90F less strict (Hans de Goede) - Enforce native backlight handling on Apple MacbookPro9,2 (Esther Shimanovich) - Add IRQ override quirks for Asus Vivobook Go E1404GAB and MECHREV GM7XG0M, and refine the TongFang GMxXGxx quirk (Li Chen, Tamim Khan, Werner Sembach) - Quirk ASUS ROG M16 to default to S3 sleep (Luke D. Jones) - Define and use symbols for device and class name lengths in the ACPI bus type code and make the code use strscpy() instead of strcpy() in several places (Muhammad Qasim Abdul Majeed)" * tag 'acpi-6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: (70 commits) ACPI: resource: Add another DMI match for the TongFang GMxXGxx ACPI: CPPC: Add support for setting EPP register in FFH ACPI: PM: Quirk ASUS ROG M16 to default to S3 sleep ACPI: video: Add force_vendor quirk for Panasonic Toughbook CF-18 ACPI: battery: use driver core managed async probing ACPI: button: Use strscpy() instead of strcpy() ACPI: resource: Skip IRQ override on Asus Vivobook Go E1404GAB ACPI: CPPC: Fix MASK_VAL() usage irqchip/sifive-plic: Add ACPI support ACPICA: Setup for ACPICA release 20240827 ACPICA: Allow for more flexibility in _DSM args ACPICA: iasl: handle empty connection_node ACPICA: HMAT: Add extended linear address mode to MSCIS ACPICA: Avoid warning for Dump Functions ACPICA: Add support for Windows 11 22H2 _OSI string ACPICA: Update integer-to-hex-string conversions ACPICA: Add support for supressing leading zeros in hex strings ACPICA: Allow for supressing leading zeros when using acpi_ex_convert_to_ascii() ACPICA: Fix memory leak if acpi_ps_get_next_field() fails ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails ... commit 64dd3b6a79f0907d36de481b0f15fab323a53e5a Merge: 980bcd35ae0a21 0cdcc99eeaedf2 Author: Linus Torvalds Date: Mon Sep 16 07:38:18 2024 +0200 Merge tag 'for-linus-non-x86' of git://git.kernel.org/pub/scm/virt/kvm/kvm Pull kvm updates from Paolo Bonzini: "These are the non-x86 changes (mostly ARM, as is usually the case). The generic and x86 changes will come later" ARM: - New Stage-2 page table dumper, reusing the main ptdump infrastructure - FP8 support - Nested virtualization now supports the address translation (FEAT_ATS1A) family of instructions - Add selftest checks for a bunch of timer emulation corner cases - Fix multiple cases where KVM/arm64 doesn't correctly handle the guest trying to use a GICv3 that wasn't advertised - Remove REG_HIDDEN_USER from the sysreg infrastructure, making things little simpler - Prevent MTE tags being restored by userspace if we are actively logging writes, as that's a recipe for disaster - Correct the refcount on a page that is not considered for MTE tag copying (such as a device) - When walking a page table to split block mappings, synchronize only at the end the walk rather than on every store - Fix boundary check when transfering memory using FFA - Fix pKVM TLB invalidation, only affecting currently out of tree code but worth addressing for peace of mind LoongArch: - Revert qspinlock to test-and-set simple lock on VM. - Add Loongson Binary Translation extension support. - Add PMU support for guest. - Enable paravirt feature control from VMM. - Implement function kvm_para_has_feature(). RISC-V: - Fix sbiret init before forwarding to userspace - Don't zero-out PMU snapshot area before freeing data - Allow legacy PMU access from guest - Fix to allow hpmcounter31 from the guest" * tag 'for-linus-non-x86' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (64 commits) LoongArch: KVM: Implement function kvm_para_has_feature() LoongArch: KVM: Enable paravirt feature control from VMM LoongArch: KVM: Add PMU support for guest KVM: arm64: Get rid of REG_HIDDEN_USER visibility qualifier KVM: arm64: Simplify visibility handling of AArch32 SPSR_* KVM: arm64: Simplify handling of CNTKCTL_EL12 LoongArch: KVM: Add vm migration support for LBT registers LoongArch: KVM: Add Binary Translation extension support LoongArch: KVM: Add VM feature detection function LoongArch: Revert qspinlock to test-and-set simple lock on VM KVM: arm64: Register ptdump with debugfs on guest creation arm64: ptdump: Don't override the level when operating on the stage-2 tables arm64: ptdump: Use the ptdump description from a local context arm64: ptdump: Expose the attribute parsing functionality KVM: arm64: Add memory length checks and remove inline in do_ffa_mem_xfer KVM: arm64: Move pagetable definitions to common header KVM: arm64: nv: Add support for FEAT_ATS1A KVM: arm64: nv: Plumb handling of AT S1* traps from EL2 KVM: arm64: nv: Make AT+PAN instructions aware of FEAT_PAN3 KVM: arm64: nv: Sanitise SCTLR_EL1.EPAN according to VM configuration ... commit 980bcd35ae0a21da9a22155e386c8ff17019d545 Merge: 114143a595895c e799bef0d9c85b Author: Linus Torvalds Date: Mon Sep 16 07:34:24 2024 +0200 Merge tag 'cmpxchg.2024.09.15a' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu Pull byte cmpxchg updates from Paul McKenney: "ARC/sh/xtensa: Provide one-byte cmpxchg emulation This series provides emulated one-byte cmpxchg() support for ARM, sh, and xtensa using the cmpxchg_emu_u8() function that uses a four-byte cmpxchg() to emulate the one-byte variant. This covers all architectures" * tag 'cmpxchg.2024.09.15a' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu: xtensa: Emulate one-byte cmpxchg sh: Emulate one-byte cmpxchg ARC: Emulate one-byte cmpxchg commit 114143a595895c03fbefccfd8346fc51fb4908ed Merge: 8617d7d6298f54 75078ba2b38a38 Author: Linus Torvalds Date: Mon Sep 16 06:55:07 2024 +0200 Merge tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux Pull arm64 updates from Will Deacon: "The highlights are support for Arm's "Permission Overlay Extension" using memory protection keys, support for running as a protected guest on Android as well as perf support for a bunch of new interconnect PMUs. Summary: ACPI: - Enable PMCG erratum workaround for HiSilicon HIP10 and 11 platforms. - Ensure arm64-specific IORT header is covered by MAINTAINERS. CPU Errata: - Enable workaround for hardware access/dirty issue on Ampere-1A cores. Memory management: - Define PHYSMEM_END to fix a crash in the amdgpu driver. - Avoid tripping over invalid kernel mappings on the kexec() path. - Userspace support for the Permission Overlay Extension (POE) using protection keys. Perf and PMUs: - Add support for the "fixed instruction counter" extension in the CPU PMU architecture. - Extend and fix the event encodings for Apple's M1 CPU PMU. - Allow LSM hooks to decide on SPE permissions for physical profiling. - Add support for the CMN S3 and NI-700 PMUs. Confidential Computing: - Add support for booting an arm64 kernel as a protected guest under Android's "Protected KVM" (pKVM) hypervisor. Selftests: - Fix vector length issues in the SVE/SME sigreturn tests - Fix build warning in the ptrace tests. Timers: - Add support for PR_{G,S}ET_TSC so that 'rr' can deal with non-determinism arising from the architected counter. Miscellaneous: - Rework our IPI-based CPU stopping code to try NMIs if regular IPIs don't succeed. - Minor fixes and cleanups" * tag 'arm64-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: (94 commits) perf: arm-ni: Fix an NULL vs IS_ERR() bug arm64: hibernate: Fix warning for cast from restricted gfp_t arm64: esr: Define ESR_ELx_EC_* constants as UL arm64: pkeys: remove redundant WARN perf: arm_pmuv3: Use BR_RETIRED for HW branch event if enabled MAINTAINERS: List Arm interconnect PMUs as supported perf: Add driver for Arm NI-700 interconnect PMU dt-bindings/perf: Add Arm NI-700 PMU perf/arm-cmn: Improve format attr printing perf/arm-cmn: Clean up unnecessary NUMA_NO_NODE check arm64/mm: use lm_alias() with addresses passed to memblock_free() mm: arm64: document why pte is not advanced in contpte_ptep_set_access_flags() arm64: Expose the end of the linear map in PHYSMEM_END arm64: trans_pgd: mark PTEs entries as valid to avoid dead kexec() arm64/mm: Delete __init region from memblock.reserved perf/arm-cmn: Support CMN S3 dt-bindings: perf: arm-cmn: Add CMN S3 perf/arm-cmn: Refactor DTC PMU register access perf/arm-cmn: Make cycle counts less surprising perf/arm-cmn: Improve build-time assertion ... commit 8617d7d6298f54dfef4038281863270b5864fe83 Merge: a4ebad655b98c9 439667fb943cfe Author: Linus Torvalds Date: Mon Sep 16 06:53:14 2024 +0200 Merge tag 'mips_6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/mips/linux Pull MIPS updates from Thomas Bogendoerfer: - use devm_clk_get_enabled() helper - prototype fixes - cleanup unused stuff * tag 'mips_6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/mips/linux: mips: Remove posix_types.h include from sigcontext.h bus: bt1-apb: change to use devm_clk_get_enabled() helper bus: bt1-axi: change to use devm_clk_get_enabled() helper MIPS: dec: prom: Remove unused unregister_prom_console() declaration MIPS: Remove unused mips_display/_scroll_message() declarations MIPS: Remove unused declarations in asm/cmp.h MIPS: MT: Remove unused function mips_mt_regdump() mips/jazz: remove unused jazz_handle_int() declaration MIPS: Remove unused function dump_au1000_dma_channel() in dma.c MIPS: ralink: Fix missing `get_c0_perfcount_int` prototype MIPS: ralink: Fix missing `plat_time_init` prototype commit a4ebad655b98c91c10cf0690e66c11b0891c76ee Merge: 963d0d60d690ce c8ddc99eeba5f0 Author: Linus Torvalds Date: Mon Sep 16 06:51:10 2024 +0200 Merge tag 'x86_sgx_for_6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 SGX updates from Dave Hansen: "These fix a deadlock in the SGX NUMA allocator. It's probably only triggerable today on servers with buggy BIOSes, but it's theoretically possible it can happen on less goofy systems" * tag 'x86_sgx_for_6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/sgx: Log information when a node lacks an EPC section x86/sgx: Fix deadlock in SGX NUMA node search commit 963d0d60d690ce2525a8fbcc0a63c4ae22f4670c Merge: d580d74ea2836e 1dbb6b1495d472 Author: Linus Torvalds Date: Mon Sep 16 06:48:38 2024 +0200 Merge tag 'x86_bugs_for_v6.12_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 hw mitigation updates from Borislav Petkov: - Add CONFIG_ option for every hw CPU mitigation. The intent is to support configurations and scenarios where the mitigations code is irrelevant - Other small fixlets and improvements * tag 'x86_bugs_for_v6.12_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/bugs: Fix handling when SRSO mitigation is disabled x86/bugs: Add missing NO_SSB flag Documentation/srso: Document a method for checking safe RET operates properly x86/bugs: Add a separate config for GDS x86/bugs: Remove GDS Force Kconfig option x86/bugs: Add a separate config for SSB x86/bugs: Add a separate config for Spectre V2 x86/bugs: Add a separate config for SRBDS x86/bugs: Add a separate config for Spectre v1 x86/bugs: Add a separate config for RETBLEED x86/bugs: Add a separate config for L1TF x86/bugs: Add a separate config for MMIO Stable Data x86/bugs: Add a separate config for TAA x86/bugs: Add a separate config for MDS commit d580d74ea2836edbbd49cd791eb5d0acad7b14aa Merge: b56dff267d1246 db4001f9cc32e3 Author: Linus Torvalds Date: Mon Sep 16 06:47:03 2024 +0200 Merge tag 'x86_cpu_for_v6.12_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 cpuid updates from Borislav Petkov: - Add the final conversions to the new Intel VFM CPU model matching macros which include the vendor and finally drop the old ones which hardcode family 6 * tag 'x86_cpu_for_v6.12_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/cpu/vfm: Delete all the *_FAM6_ CPU #defines x86/cpu/vfm: Delete X86_MATCH_INTEL_FAM6_MODEL[_STEPPING]() macros extcon: axp288: Switch to new Intel CPU model defines x86/cpu/intel: Replace PAT erratum model/family magic numbers with symbolic IFM references commit b56dff267d1246a6cd4a6ae1f850e12893dadf94 Merge: d0a63f0e1a9506 2b9ac0b84c2cae Author: Linus Torvalds Date: Mon Sep 16 06:45:25 2024 +0200 Merge tag 'x86_sev_for_v6.12_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 SEV updates from Borislav Petkov: - A bunch of cleanups to the sev-guest driver. All in preparation for future SEV work * tag 'x86_sev_for_v6.12_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: virt: sev-guest: Ensure the SNP guest messages do not exceed a page virt: sev-guest: Fix user-visible strings virt: sev-guest: Rename local guest message variables virt: sev-guest: Replace dev_dbg() with pr_debug() commit d0a63f0e1a9506c79df997e70f7fad95a8236b1c Merge: 79f1a6adef3718 793aa4bf192d0a Author: Linus Torvalds Date: Mon Sep 16 06:43:40 2024 +0200 Merge tag 'ras_core_for_v6.12_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 RAS updates from Borislav Petkov: - Reorganize the struct mce populating functions so that MCA errors reported through BIOS' BERT method can report the correct CPU number the error has been detected on * tag 'ras_core_for_v6.12_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/mce: Use mce_prep_record() helpers for apei_smca_report_x86_error() x86/mce: Define mce_prep_record() helpers for common and per-CPU fields x86/mce: Rename mce_setup() to mce_prep_record() commit 79f1a6adef3718c295b2ffb403049f15d5a2797d Merge: 7dfc15c47372e8 5343558a868e7e Author: Linus Torvalds Date: Mon Sep 16 06:41:49 2024 +0200 Merge tag 'x86_microcode_for_v6.12_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 microcode loading updates from Borislav Petkov: - Simplify microcode patches loading on AMD Zen and newer by using the family, model and stepping encoded in the patch revision number - Fix a silly clang warning * tag 'x86_microcode_for_v6.12_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID commit 7dfc15c47372e8bf8a693ca3dfaaec33a68ee116 Merge: 1636f57c784110 92f8358bce13da Author: Linus Torvalds Date: Mon Sep 16 06:36:37 2024 +0200 Merge tag 'edac_updates_for_v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras Pull EDAC updates from Borislav Petkov: - Drop a now obsolete ppc4xx_edac driver - Fix conversion to physical memory addresses on Intel's Elkhart Lake and Ice Lake hardware when the system address is above the (Top-Of-Memory) TOM address - Pay attention to the memory hole on Zynq UltraScale+ MPSoC DDR controllers when injecting errors for testing purposes - Add support for translating normalized error addresses reported by an AMD memory controller into system physical addresses using an UEFI mechanism called platform runtime mechanism (PRM). - The usual cleanups and fixes * tag 'edac_updates_for_v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras: EDAC: Drop obsolete PPC4xx driver EDAC/sb_edac: Fix the compile warning of large frame size EDAC/{skx_common,i10nm}: Remove the AMAP register for determing DDR5 EDAC/{skx_common,skx,i10nm}: Move the common debug code to skx_common EDAC/igen6: Fix conversion of system address to physical memory address EDAC/synopsys: Fix error injection on Zynq UltraScale+ RAS/AMD/ATL: Translate normalized to system physical addresses using PRM ACPI: PRM: Add PRM handler direct call support commit 1636f57c7841101af8bd4872aafb79cfc74bf389 Merge: 85ffc6e4ed3712 61a3fc796c739a Author: Linus Torvalds Date: Mon Sep 16 06:32:08 2024 +0200 Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rmk/linux Pull ARM updates from Russell King: - clean up TTBCR magic numbers and use u32 for this register - fix clang issue in VFP code leading to kernel oops, caused by compiler instruction scheduling. - switch 32-bit Arm to use GENERIC_CPU_DEVICES and use the arch_cpu_is_hotpluggable() hook. - pass struct device to arm_iommu_create_mapping() and move over to use iommu_paging_domain_alloc() rather than iommu_domain_alloc() - make amba_bustype constant * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rmk/linux: ARM: 9418/1: dma-mapping: Use iommu_paging_domain_alloc() ARM: 9417/1: dma-mapping: Pass device to arm_iommu_create_mapping() ARM: 9416/1: amba: make amba_bustype constant ARM: 9412/1: Convert to arch_cpu_is_hotpluggable() ARM: 9411/1: Switch over to GENERIC_CPU_DEVICES using arch_register_cpu() ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros ARM: 9409/1: mmu: Do not use magic number for TTBCR settings commit 85ffc6e4ed3712f8b3fedb3fbe42afae644a699c Merge: 9410645520e9b8 ce212d2afca47a Author: Linus Torvalds Date: Mon Sep 16 06:28:28 2024 +0200 Merge tag 'v6.12-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto update from Herbert Xu" "API: - Make self-test asynchronous Algorithms: - Remove MPI functions added for SM3 - Add allocation error checks to remaining MPI functions (introduced for SM3) - Set default Jitter RNG OSR to 3 Drivers: - Add hwrng driver for Rockchip RK3568 SoC - Allow disabling SR-IOV VFs through sysfs in qat - Fix device reset bugs in hisilicon - Fix authenc key parsing by using generic helper in octeontx* Others: - Fix xor benchmarking on parisc" * tag 'v6.12-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (96 commits) crypto: n2 - Set err to EINVAL if snprintf fails for hmac crypto: camm/qi - Use ERR_CAST() to return error-valued pointer crypto: mips/crc32 - Clean up useless assignment operations crypto: qcom-rng - rename *_of_data to *_match_data crypto: qcom-rng - fix support for ACPI-based systems dt-bindings: crypto: qcom,prng: document support for SA8255p crypto: aegis128 - Fix indentation issue in crypto_aegis128_process_crypt() crypto: octeontx* - Select CRYPTO_AUTHENC crypto: testmgr - Hide ENOENT errors crypto: qat - Remove trailing space after \n newline crypto: hisilicon/sec - Remove trailing space after \n newline crypto: algboss - Pass instance creation error up crypto: api - Fix generic algorithm self-test races crypto: hisilicon/qm - inject error before stopping queue crypto: hisilicon/hpre - mask cluster timeout error crypto: hisilicon/qm - reset device before enabling it crypto: hisilicon/trng - modifying the order of header files crypto: hisilicon - add a lock for the qp send operation crypto: hisilicon - fix missed error branch crypto: ccp - do not request interrupt on cmd completion when irqs disabled ... commit 9410645520e9b820069761f3450ef6661418e279 Merge: 98f7e32f20d28e 3561373114c8b3 Author: Linus Torvalds Date: Mon Sep 16 06:02:27 2024 +0200 Merge tag 'net-next-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next Pull networking updates from Jakub Kicinski: "The zero-copy changes are relatively significant, but regression risk should be contained. The feature needs to be used to cause trouble. Also it feels like we got an order of magnitude more semi-automated "refactoring" chaff than usual, I wonder if it's just us. Core & protocols: - Support Device Memory TCP, ability to zero-copy receive TCP payloads to a DMABUF region of memory while packet headers land separately in normal kernel buffers, and TCP processes then as usual. - The ability to read the PTP PHC (Physical Hardware Clock) alongside MONOTONIC_RAW timestamps with PTP_SYS_OFFSET_EXTENDED. Previously only CLOCK_REALTIME was supported. - Allow matching on all bits of IP DSCP for routing decisions. Previously we only supported on matching TOS bits in IPv4 which is a narrower interpretation of the same header field. - Increase the range of weights used for multi-path routing from 8 bits to 16 bits. - Add support for IPv6 PIO p flag in the Prefix Information Option per draft-ietf-6man-pio-pflag. - IPv6 IOAM6 support for new tunsrc encap mode for better performance. - Detect destinations which blackhole MPTCP traffic and avoid initiating MPTCP connections to them for a certain period of time, 1h by default. - Improve IPsec control path performance by removing the inexact policies list. - AF_VSOCK: add support for SIOCOUTQ ioctl. - Add enum for reasons TCP reset was sent for easier tracing. - Add SMC ringbufs usage statistics. Drivers: - Handle netconsole setup failures more gracefully, don't fail loading, retain the specified target as disabled. - Extend bonding's IPsec offload pass thru capabilities (ESN, stats). Filtering: - Add TCP_BPF_SOCK_OPS_CB_FLAGS to bpf_*sockopt() to address the case when long-lived sockets miss a chance to set additional callbacks if a sockops program was not attached early in their lifetime. - Support using BPF skb helpers in tracepoints. - Conntrack Netlink: support CTA_FILTER for flush. - Improve SCTP support in nfnetlink_queue. - Improve performance of large nftables flush transactions. Things we sprinkled into general kernel code: - selftests: support setting an "interpreter" for script files; make it easy to run as separate cases tests where one "interpreter" is fed various test descriptions (in our case packet sequences). Driver API: - Extend core and ethtool APIs to support many PHYs connected to a single interface (PHY topologies). - Extend cable diagnostics to specify whether Time Domain Reflectometry (TDR) or Active Link Cable Diagnostic (ALCD) was used. - Add library for implementing MAC-PHY Ethernet drivers for SPI devices compatible with Open Alliance 10BASE-T1x MAC-PHY Serial Interface (TC6) standard. - Add helpers to the PHY framework, for PHYs following the Open Alliance standards: - 1000BaseT1 link settings - cable test and diagnostics - Support listing / dumping all allocated RSS contexts. - Add configuration for frequency Embedded SYNC in DPLL, which magically embeds sync pulses into Ethernet signaling. Device drivers: - Ethernet high-speed NICs: - Broadcom (bnxt): - use better FW APIs for queue reset - support QOS and TPID settings for the SR-IOV VLAN - support dynamic MSI-X allocation - Intel (100G, ice, idpf): - ice: support PCIe subfunctions - iavf: add support for TC U32 filters on VFs - ice: support Embedded SYNC in DPLL - nVidia/Mellanox (mlx5): - support HW managed steering tables - support PCIe PTM cross timestamping - AMD/Pensando: - ionic: use page_pool to increase Rx performance - Cisco (enic): - report per-queue statistics - Ethernet virtual: - Microsoft vNIC: - mana: support configuring ring length - netvsc: enable more channels on systems with many CPUs - IBM veth: - optimize polling to improve TCP_RR performance - optimize performance of Tx handling - VirtIO net: - synchronize the operstate with the admin state to allow a lower virtio-net to propagate the link status to an upper device like macvlan - Ethernet NICs consumer, and embedded: - Add driver for Realtek automotive PCIe devices (RTL9054, RTL9068, RTL9072, RTL9075, RTL9068, RTL9071) - Add driver for Microchip LAN8650/1 10BASE-T1S MAC-PHY. - Microchip: - lan743x: use phylink - support WOL, EEE, pause, link settings - add Wake-on-LAN support for KSZ87xx family - add KSZ8895/KSZ8864 switch support - factor out FDMA code and use it in sparx5 and lan966x (including DCB support in both) - Synopsys (stmmac): - support frame preemption (configured using TC and ethtool) - support Loongson DWMAC (GMAC v3.73) - support RockChips RK3576 DWMAC - TI: - am65-cpsw: add multi queue RX support - icssg-prueth: HSR offload support - Cadence (macb): - enable software (hrtimer based) IRQ coalescing by default - Xilinx (axinet): - expose HW statistics - improve multicast filtering - relax Rx checksum offload constraints - MediaTek: - mt7530: add EN7581 support - Aspeed (ftgmac100): - report link speed and duplex - Intel: - igc: add mqprio offload - igc: report EEE configuration - RealTek (r8169): - add support for RTL8126A rev.b - Vitesse (vsc73xx): - implement FDB add/del/dump operations - Freescale (fs_enet): - use phylink - Ethernet PHYs: - vitesse: implement downshift and MDI-X in vsc73xx PHYs - microchip: support LAN887x, supporting IEEE 802.3bw (100BASE-T1) and IEEE 802.3bp (1000BASE-T1) specifications - add Applied Micro QT2025 PHY driver (in Rust) - add Motorcomm yt8821 2.5G Ethernet PHY driver - CAN: - add driver for Rockchip RK3568 CAN-FD controller - flexcan: add wakeup support for imx95 - kvaser_usb: set hardware timestamp on transmitted packets - WiFi: - mac80211/cfg80211: - EHT rate support in AQL airtime fairness - handle DFS (radar detection) per link in Multi-Link Operation - RealTek (rtw89): - support RTL8852BT and 8852BE-VT (WiFi 6) - support hardware rfkill - support HW encryption in unicast management frames - support Wake-on-WLAN with supported network detection - RealTek (rtw89): - improve Rx performance by using USB frame aggregation - support USB 3 with RTL8822CU/RTL8822BU - Intel (iwlwifi/mvm): - offload RLC/SMPS functionality to firmware - Marvell (mwifiex): - add host based MLME to enable WPA3 - Bluetooth: - add support for Amlogic HCI UART protocol - add support for ISO data/packets to Intel and NXP drivers" * tag 'net-next-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next: (1303 commits) net/mlx5: HWS, check the correct variable in hws_send_ring_alloc_sq() netfilter: nft_socket: Fix a NULL vs IS_ERR() bug in nft_socket_cgroup_subtree_level() ice: Fix a NULL vs IS_ERR() check in probe() ice: Fix a couple NULL vs IS_ERR() bugs net: ethernet: fs_enet: Make the per clock optional net: ti: icssg-prueth: Add multicast filtering support in HSR mode net: ti: icssg-prueth: Enable HSR Tx duplication, Tx Tag and Rx Tag offload net: ti: icssg-prueth: Add support for HSR frame forward offload net: ti: icssg-prueth: Stop hardcoding def_inc net: ti: icss-iep: Move icss_iep structure net: ibm: emac: get rid of wol_irq net: ibm: emac: remove all waiting code net: ibm: emac: replace of_get_property net: ibm: emac: use netdev's phydev directly net: ibm: emac: use devm for register_netdev net: ibm: emac: remove mii_bus with devm net: ibm: emac: use devm for of_iomap net: ibm: emac: manage emac_irq with devm net: ibm: emac: use devm for alloc_etherdev octeontx2-af: debugfs: Add Channel info to RPM map ... commit 8f1534e7440382d118c3d655d3a6014128b2086d Author: Jisheng Zhang Date: Sun Jul 21 01:06:59 2024 +0800 riscv: avoid Imbalance in RAS Inspired by[1], modify the code to remove the code of modifying ra to avoid imbalance RAS (return address stack) which may lead to incorret predictions on return. Link: https://lore.kernel.org/linux-riscv/20240607061335.2197383-1-cyrilbur@tenstorrent.com/ [1] Signed-off-by: Jisheng Zhang Reviewed-by: Cyril Bur Link: https://lore.kernel.org/r/20240720170659.1522-1-jszhang@kernel.org Signed-off-by: Palmer Dabbelt commit 7e340f4fad46b766705be96f5d1c764a397a7a36 Merge: 1845d381f28063 7a21b2e370dab7 Author: Palmer Dabbelt Date: Sun Sep 15 20:16:12 2024 -0700 Merge patch series "Svvptc extension to remove preventive sfence.vma" Alexandre Ghiti says: In RISC-V, after a new mapping is established, a sfence.vma needs to be emitted for different reasons: - if the uarch caches invalid entries, we need to invalidate it otherwise we would trap on this invalid entry, - if the uarch does not cache invalid entries, a reordered access could fail to see the new mapping and then trap (sfence.vma acts as a fence). We can actually avoid emitting those (mostly) useless and costly sfence.vma by handling the traps instead: - for new kernel mappings: only vmalloc mappings need to be taken care of, other new mapping are rare and already emit the required sfence.vma if needed. That must be achieved very early in the exception path as explained in patch 3, and this also fixes our fragile way of dealing with vmalloc faults. - for new user mappings: Svvptc makes update_mmu_cache() a no-op but we can take some gratuitous page faults (which are very unlikely though). Patch 1 and 2 introduce Svvptc extension probing. On our uarch that does not cache invalid entries and a 6.5 kernel, the gains are measurable: * Kernel boot: 6% * ltp - mmapstress01: 8% * lmbench - lat_pagefault: 20% * lmbench - lat_mmap: 5% Here are the corresponding numbers of sfence.vma emitted: * Ubuntu boot to login: Before: ~630k sfence.vma After: ~200k sfence.vma * ltp - mmapstress01 Before: ~45k After: ~6.3k * lmbench - lat_pagefault Before: ~665k After: 832 (!) * lmbench - lat_mmap Before: ~546k After: 718 (!) Thanks to Ved and Matt Evans for triggering the discussion that led to this patchset! * b4-shazam-merge: riscv: Stop emitting preventive sfence.vma for new userspace mappings with Svvptc riscv: Stop emitting preventive sfence.vma for new vmalloc mappings dt-bindings: riscv: Add Svvptc ISA extension description riscv: Add ISA extension parsing for Svvptc Link: https://lore.kernel.org/r/20240717060125.139416-1-alexghiti@rivosinc.com Signed-off-by: Palmer Dabbelt commit 1845d381f28063a3b68e9e148d5a7f01d6be8721 Author: Steffen Persvold Date: Sun Jul 7 02:35:15 2024 +0200 riscv: cacheinfo: Add back init_cache_level() function commit 5944ce092b97 (arch_topology: Build cacheinfo from primary CPU) removed the init_cache_level() function from arch/riscv/kernel/cacheinfo.c and relies on the init_cpu_topology() function in drivers/base/arch_topology.c to call fetch_cache_info() which in turn calls init_of_cache_level() to populate the cache hierarchy information. However, init_cpu_topology() is only called from smpboot.c:smp_prepare_cpus() and thus only available when CONFIG_SMP is defined. To support non-SMP enabled kernels to still detect cache hierarchy, we add back the init_cache_level() function. The init_level_allocate_ci() function handles this gracefully on SMP-enabled kernels anyway where fetch_cache_info() is called from init_cpu_topology() earlier in the boot phase. Signed-off-by: Steffen Persvold Link: https://lore.kernel.org/r/20240707003515.5058-1-spersvold@gmail.com Signed-off-by: Palmer Dabbelt commit cea9d27705d62984faf6137963c10bf26b967996 Author: Jinjie Ruan Date: Thu Jul 11 19:15:08 2024 +0800 riscv: Remove unused _TIF_WORK_MASK Since commit f0bddf50586d ("riscv: entry: Convert to generic entry"), _TIF_WORK_MASK is no longer used, so remove it. Fixes: f0bddf50586d ("riscv: entry: Convert to generic entry") Signed-off-by: Jinjie Ruan Reviewed-by: Guo Ren Reviewed-by: Andy Chiu Link: https://lore.kernel.org/r/20240711111508.1373322-1-ruanjinjie@huawei.com Signed-off-by: Palmer Dabbelt commit 9b2863e2cc46b8c0e2ce6700ecfe41c76b51904c Merge: 1e206fad765b29 7c9d980e467030 Author: Palmer Dabbelt Date: Sun Sep 15 00:03:25 2024 -0700 Merge patch series "riscv: select ARCH_USE_SYM_ANNOTATIONS" Jisheng Zhang says: commit 76329c693924 ("riscv: Use SYM_*() assembly macros instead of deprecated ones"), most riscv has been to converted the new style SYM_ assembler annotations. The remaining one is sifive's errata_cip_453.S, so convert to new style SYM_ annotations as well. After that select ARCH_USE_SYM_ANNOTATIONS. * b4-shazam-merge: riscv: select ARCH_USE_SYM_ANNOTATIONS riscv: errata: sifive: Use SYM_*() assembly macros Link: https://lore.kernel.org/r/20240709160536.3690-1-jszhang@kernel.org Signed-off-by: Palmer Dabbelt commit 1e206fad765b293aa169ec08917761021f52399a Author: Xiao Wang Date: Mon Jul 8 20:12:24 2024 +0800 drivers/perf: riscv: Remove redundant macro check The macro CONFIG_RISCV_PMU must have been defined when riscv_pmu.c gets compiled, so this patch removes the redundant check. Signed-off-by: Xiao Wang Reviewed-by: Atish Patra Link: https://lore.kernel.org/r/20240708121224.1148154-1-xiao.w.wang@intel.com Signed-off-by: Palmer Dabbelt commit f25170a05310b7715f9f06996548130570e704f6 Merge: 5c178472af247c 1a7483318274d0 Author: Palmer Dabbelt Date: Sat Sep 14 23:57:19 2024 -0700 Merge patch series "riscv: stacktrace: Add USER_STACKTRACE support" Jinjie Ruan says: Add RISC-V USER_STACKTRACE support, and fix the fp alignment bug in perf_callchain_user() by the way as Björn pointed out. * b4-shazam-merge: riscv: stacktrace: Add USER_STACKTRACE support riscv: Fix fp alignment bug in perf_callchain_user() Link: https://lore.kernel.org/r/20240708032847.2998158-1-ruanjinjie@huawei.com Signed-off-by: Palmer Dabbelt commit 5c178472af247c7b50f962495bb7462ba453b9fb Author: Jisheng Zhang Date: Sat Jul 6 01:02:10 2024 +0800 riscv: define ILLEGAL_POINTER_VALUE for 64bit This is used in poison.h for poison pointer offset. Based on current SV39, SV48 and SV57 vm layout, 0xdead000000000000 is a proper value that is not mappable, this can avoid potentially turning an oops to an expolit. Signed-off-by: Jisheng Zhang Fixes: fbe934d69eb7 ("RISC-V: Build Infrastructure") Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240705170210.3236-1-jszhang@kernel.org Signed-off-by: Palmer Dabbelt commit c8691cd0fc11197515ed148de0780d927bfca38b Author: Mikulas Patocka Date: Fri Sep 13 15:05:18 2024 +0200 Revert "dm: requeue IO if mapping table not yet available" This reverts commit fa247089de9936a46e290d4724cb5f0b845600f5. The following sequence of commands causes a livelock - there will be workqueue process looping and consuming 100% CPU: dmsetup create --notable test truncate -s 1MiB testdata losetup /dev/loop0 testdata dmsetup load test --table '0 2048 linear /dev/loop0 0' dd if=/dev/zero of=/dev/dm-0 bs=16k count=1 conv=fdatasync The livelock is caused by the commit fa247089de99. The commit claims that it fixes a race condition, however, it is unknown what the actual race condition is and what program is involved in the race condition. When the inactive table is loaded, the nodes /dev/dm-0 and /sys/block/dm-0 are created. /dev/dm-0 has zero size at this point. When the device is suspended and resumed, the nodes /dev/mapper/test and /dev/disk/* are created. If some program opens a block device before it is created by dmsetup or lvm, the program is buggy, so dm could just report an error as it used to do before. Reported-by: Zdenek Kabelac Signed-off-by: Mikulas Patocka Fixes: fa247089de99 ("dm: requeue IO if mapping table not yet available") commit 3561373114c8b3359114e2da27259317dc51145a Merge: be461814aa4cb3 7052622fccb1ef Author: Jakub Kicinski Date: Sun Sep 15 09:12:21 2024 -0700 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Merge in late fixes to prepare for the 6.12 net-next PR. No conflicts or adjacent changes. Signed-off-by: Jakub Kicinski commit 21dcbc17eba3cc8283747bc77e864ac7596b95ff Author: Hongbo Li Date: Wed Aug 21 14:56:37 2024 +0800 smb: use LIST_HEAD() to simplify code list_head can be initialized automatically with LIST_HEAD() instead of calling INIT_LIST_HEAD(). No functional impact. Signed-off-by: Hongbo Li Reviewed-by: Dan Carpenter Signed-off-by: Steve French commit 2ba0d8947efd49d44babe7a2e72637c630fcfc42 Author: Pali Rohár Date: Thu Sep 12 14:05:46 2024 +0200 cifs: Recognize SFU socket type SFU since its (first) version 3.0 supports AF_LOCAL sockets and stores them on filesytem as system file with one zero byte. Add support for detecting this SFU socket type into cifs_sfu_type() function. With this change cifs_sfu_type() would correctly detect all special file types created by SFU: fifo, socket, symlink, block and char. Signed-off-by: Pali Rohár Signed-off-by: Steve French commit 25f6bd0fb016d4746025a02ed2eb9e7ce642c348 Author: Pali Rohár Date: Thu Sep 12 14:05:45 2024 +0200 cifs: Show debug message when SFU Fifo type was detected For debugging purposes it is a good idea to show detected SFU type also for Fifo. Debug message is already print for all other special types. Signed-off-by: Pali Rohár Signed-off-by: Steve French commit bb68327053a24734d5a146620f8a29219361dd3e Author: Pali Rohár Date: Thu Sep 12 14:05:44 2024 +0200 cifs: Put explicit zero byte into SFU block/char types SFU types IntxCHR and IntxBLK are 8 bytes with zero as last byte. Make it explicit in memcpy and memset calls, so the zero byte is visible in the code (and not hidden as string trailing nul byte). It is important for reader to show the last byte for block and char types because it differs from the last byte of symlink type (which has it 0x01). Also it is important to show that the type is not nul-term string, but rather 8 bytes (with some printable bytes). Signed-off-by: Pali Rohár Signed-off-by: Steve French commit cf2ce67345d6a1af0853d8a7aef9ab8e6ea597d5 Author: Pali Rohár Date: Thu Sep 12 14:05:43 2024 +0200 cifs: Add support for reading SFU symlink location Currently when sfu mount option is specified then CIFS can recognize SFU symlink, but is not able to read symlink target location. readlink() syscall just returns that operation is not supported. Implement this missing functionality in cifs_sfu_type() function. Read target location of SFU-style symlink, parse it and fill into fattr's cf_symlink_target member. SFU-style symlink is file which has system attribute set and file content is buffer "IntxLNK\1" (8th byte is 0x01) followed by the target location encoded in little endian UCS-2/UTF-16. This format was introduced in Interix 3.0 subsystem, as part of the Microsoft SFU 3.0 and is used also by all later versions. Previous versions had no symlink support. Signed-off-by: Pali Rohár Signed-off-by: Steve French commit 89c601ab7cb3f520d59a653ddde2dfddd50986fb Author: Pali Rohár Date: Thu Sep 12 14:05:42 2024 +0200 cifs: Fix recognizing SFU symlinks SFU symlinks have 8 byte prefix: "IntxLNK\1". So check also the last 8th byte 0x01. Signed-off-by: Pali Rohár Signed-off-by: Steve French commit 9b4af913465cc5f903227237d833b4911430fd97 Author: Qianqiang Liu Date: Fri Sep 13 11:27:51 2024 +0800 smb: client: compress: fix an "illegal accesses" issue Using uninitialized value "bkt" when calling "kfree" Fixes: 13b68d44990d ("smb: client: compress: LZ77 code improvements cleanup") Signed-off-by: Qianqiang Liu Reviewed-by: Dan Carpenter Signed-off-by: Steve French commit 590efcd3c75f0e1f7208cf1c8dff5452818b70f2 Author: Qianqiang Liu Date: Fri Sep 13 08:00:54 2024 +0800 smb: client: compress: fix a potential issue of freeing an invalid pointer The dst pointer may not be initialized when calling kvfree(dst) Fixes: 13b68d44990d9 ("smb: client: compress: LZ77 code improvements cleanup") Signed-off-by: Qianqiang Liu Signed-off-by: Steve French commit 94ae8c3fee94a87bdf982d5559f8037c6c562657 Author: Enzo Matsumiya Date: Fri Sep 6 14:41:50 2024 -0300 smb: client: compress: LZ77 code improvements cleanup - Check data compressibility with some heuristics (copied from btrfs): - should_compress() final decision is is_compressible(data) - Cleanup compress/lz77.h leaving only lz77_compress() exposed: - Move parts to compress/lz77.c, while removing the rest of it because they were either unused, used only once, were implemented wrong (thanks to David Howells for the help) - Updated the compression parameters (still compatible with Windows implementation) trading off ~20% compression ratio for ~40% performance: - min match len: 3 -> 4 - max distance: 8KiB -> 1KiB - hash table type: u32 * -> u64 * Known bugs: This implementation currently works fine in general, but breaks with some payloads used during testing. Investigation ongoing, to be fixed in a next commit. Signed-off-by: Enzo Matsumiya Co-developed-by: David Howells Signed-off-by: David Howells Signed-off-by: Steve French commit f046d71e84e1e94cf23335129a27f5cfe3e8b75f Author: Enzo Matsumiya Date: Wed Sep 11 16:10:24 2024 -0500 smb: client: insert compression check/call on write requests On smb2_async_writev(), set CIFS_COMPRESS_REQ on request flags if should_compress() returns true. On smb_send_rqst() check the flags, and compress and send the request to the server. (*) If the compression fails with -EMSGSIZE (i.e. compressed size is >= uncompressed size), the original uncompressed request is sent instead. Signed-off-by: Enzo Matsumiya Signed-off-by: Steve French commit d14bbfff259cadb5af84413658699159556da156 Author: Steve French Date: Fri Jul 26 16:30:23 2024 -0500 smb3: mark compression as CONFIG_EXPERIMENTAL and fix missing compression operation Move SMB3.1.1 compression code into experimental config option, and fix the compress mount option. Implement unchained LZ77 "plain" compression algorithm as per MS-XCA specification section "2.3 Plain LZ77 Compression Algorithm Details". Signed-off-by: Enzo Matsumiya Signed-off-by: Steve French commit 6795dab403924e98ea32f23254d1fe5749e78a74 Author: Gaosheng Cui Date: Mon Aug 26 11:28:03 2024 +0800 cifs: Remove obsoleted declaration for cifs_dir_open The cifs_dir_open() have been removed since commit 737b758c965a ("[PATCH] cifs: character mapping of special characters (part 3 of 3)"), and now it is useless, so remove it. Signed-off-by: Gaosheng Cui Signed-off-by: Steve French commit 25e68c37caf2b87c7dbcd99c54ec3102db7e4296 Author: Shen Lichuan Date: Tue Aug 27 16:54:20 2024 +0800 smb: client: Use min() macro Use the min() macro to simplify the function and improve its readability. Signed-off-by: Shen Lichuan Signed-off-by: Steve French commit 9290038be2f91917d384b48f85665c4498c378f3 Author: Yuesong Li Date: Thu Aug 29 19:52:41 2024 +0800 cifs: convert to use ERR_CAST() Use ERR_CAST() as it is designed for casting an error pointer to another type. This macro uses the __force and __must_check modifiers, which are used to tell the compiler to check for errors where this macro is used. Signed-off-by: Yuesong Li Signed-off-by: Steve French commit e2fcd3fa0351ea2133d1238fcc6a9f140c52d36f Author: ChenXiaoSong Date: Thu Aug 22 08:21:01 2024 +0000 smb: add comment to STATUS_MCA_OCCURED Explained why the typo was not corrected. Signed-off-by: ChenXiaoSong Reviewed-by: Namjae Jeon Signed-off-by: Steve French commit 78181a5504a401e421e65d0257a33f904e0e7c29 Author: ChenXiaoSong Date: Thu Aug 22 08:21:00 2024 +0000 smb: move SMB2 Status code to common header file There are only 4 different definitions between the client and server: - STATUS_SERVER_UNAVAILABLE: from client/smb2status.h - STATUS_FILE_NOT_AVAILABLE: from client/smb2status.h - STATUS_NO_PREAUTH_INTEGRITY_HASH_OVERLAP: from server/smbstatus.h - STATUS_INVALID_LOCK_RANGE: from server/smbstatus.h Rename client/smb2status.h to common/smb2status.h, and merge the 2 different definitions of server to common header file. Signed-off-by: ChenXiaoSong Acked-by: Namjae Jeon Signed-off-by: Steve French commit b51174da743b6b7cd87c02e882ebe60dcb99f8bf Author: ChenXiaoSong Date: Thu Aug 22 08:20:59 2024 +0000 smb: move some duplicate definitions to common/smbacl.h In order to maintain the code more easily, move duplicate definitions to new common header file. Signed-off-by: ChenXiaoSong Acked-by: Namjae Jeon Signed-off-by: Steve French commit 09bedafc1e2c5c82aad3cbfe1359e2b0bf752f3a Author: ChenXiaoSong Date: Thu Aug 22 08:20:58 2024 +0000 smb/client: rename cifs_ace to smb_ace Preparation for moving acl definitions to new common header file. Use the following shell command to rename: find fs/smb/client -type f -exec sed -i \ 's/struct cifs_ace/struct smb_ace/g' {} + Signed-off-by: ChenXiaoSong Reviewed-by: Namjae Jeon Signed-off-by: Steve French commit 251b93ae73805b216e84ed2190b525f319da4c87 Author: ChenXiaoSong Date: Thu Aug 22 08:20:57 2024 +0000 smb/client: rename cifs_acl to smb_acl Preparation for moving acl definitions to new common header file. Use the following shell command to rename: find fs/smb/client -type f -exec sed -i \ 's/struct cifs_acl/struct smb_acl/g' {} + Signed-off-by: ChenXiaoSong Reviewed-by: Namjae Jeon Signed-off-by: Steve French commit 7f599d8fb3e087aff5be4e1392baaae3f8d42419 Author: ChenXiaoSong Date: Thu Aug 22 08:20:56 2024 +0000 smb/client: rename cifs_sid to smb_sid Preparation for moving acl definitions to new common header file. Use the following shell command to rename: find fs/smb/client -type f -exec sed -i \ 's/struct cifs_sid/struct smb_sid/g' {} + Signed-off-by: ChenXiaoSong Reviewed-by: Namjae Jeon Signed-off-by: Steve French commit 3651487607ae778df1051a0a38bb34a5bd34e3b7 Author: ChenXiaoSong Date: Thu Aug 22 08:20:55 2024 +0000 smb/client: rename cifs_ntsd to smb_ntsd Preparation for moving acl definitions to new common header file. Use the following shell command to rename: find fs/smb/client -type f -exec sed -i \ 's/struct cifs_ntsd/struct smb_ntsd/g' {} + Signed-off-by: ChenXiaoSong Reviewed-by: Namjae Jeon Signed-off-by: Steve French commit be461814aa4cb32aae061404b9a6a83ef3895018 Author: Dan Carpenter Date: Sat Sep 14 12:58:26 2024 +0300 net/mlx5: HWS, check the correct variable in hws_send_ring_alloc_sq() There is a copy and paste bug so this code checks "sq->dep_wqe" where "sq->wr_priv" was intended. It could result in a NULL pointer dereference. Fixes: 2ca62599aa0b ("net/mlx5: HWS, added send engine and context handling") Signed-off-by: Dan Carpenter Reviewed-by: Simon Horman Link: https://patch.msgid.link/da822315-02b7-4f5b-9c86-0d5176c5069d@stanley.mountain Signed-off-by: Jakub Kicinski commit 7052622fccb1efb850c6b55de477f65d03525a30 Author: Dan Carpenter Date: Sat Sep 14 12:56:51 2024 +0300 netfilter: nft_socket: Fix a NULL vs IS_ERR() bug in nft_socket_cgroup_subtree_level() The cgroup_get_from_path() function never returns NULL, it returns error pointers. Update the error handling to match. Fixes: 7f3287db6543 ("netfilter: nft_socket: make cgroupsv2 matching work with namespaces") Signed-off-by: Dan Carpenter Acked-by: Florian Westphal Acked-by: Pablo Neira Ayuso Link: https://patch.msgid.link/bbc0c4e0-05cc-4f44-8797-2f4b3920a820@stanley.mountain Signed-off-by: Jakub Kicinski commit 472d455e7c6f32e6ae4738de8e6ba212db372661 Author: Dan Carpenter Date: Sat Sep 14 12:57:56 2024 +0300 ice: Fix a NULL vs IS_ERR() check in probe() The ice_allocate_sf() function returns error pointers on error. It doesn't return NULL. Update the check to match. Fixes: 177ef7f1e2a0 ("ice: base subfunction aux driver") Signed-off-by: Dan Carpenter Reviewed-by: Simon Horman Link: https://patch.msgid.link/6951d217-ac06-4482-a35d-15d757fd90a3@stanley.mountain Signed-off-by: Jakub Kicinski commit 75834577c0870c9087274f015887b6f4106b3a24 Author: Dan Carpenter Date: Sat Sep 14 12:57:28 2024 +0300 ice: Fix a couple NULL vs IS_ERR() bugs The ice_repr_create() function returns error pointers. It never returns NULL. Fix the callers to check for IS_ERR(). Fixes: 977514fb0fa8 ("ice: create port representor for SF") Fixes: 415db8399d06 ("ice: make representor code generic") Signed-off-by: Dan Carpenter Reviewed-by: Simon Horman Link: https://patch.msgid.link/7f7aeb91-8771-47b8-9275-9d9f64f947dd@stanley.mountain Signed-off-by: Jakub Kicinski commit c209847b8974d2d5e784e3105d4683835673b18d Author: Maxime Chevallier Date: Sat Sep 14 10:18:20 2024 +0200 net: ethernet: fs_enet: Make the per clock optional Some platforms that use fs_enet don't have the PER register clock. This optional dependency on the clock was incorrectly made mandatory when switching to devm_ accessors. Reported-by: Christophe JAILLET Closes: https://lore.kernel.org/netdev/4e4defa9-ef2f-4ff1-95ca-6627c24db20c@wanadoo.fr/ Fixes: c614acf6e8e1 ("net: ethernet: fs_enet: simplify clock handling with devm accessors") Signed-off-by: Maxime Chevallier Reviewed-by: Christophe JAILLET Link: https://patch.msgid.link/20240914081821.209130-1-maxime.chevallier@bootlin.com Signed-off-by: Jakub Kicinski commit 9753c642a53bc4fbdef06d372d389dce7d8cddc2 Author: Jens Axboe Date: Sun Sep 15 08:53:45 2024 -0600 io_uring/rsrc: change ubuf->ubuf_end to length tracking If we change it to tracking ubuf->start + ubuf->len, then we can reduce the size of struct io_mapped_ubuf by another 4 bytes, effectively 8 bytes, as a hole is eliminated too. This shrinks io_mapped_ubuf to 32 bytes. Signed-off-by: Jens Axboe commit 8b0c6025a02ddec2b497f83e7d2f27a07f1d0653 Author: Jens Axboe Date: Sun Sep 15 08:51:20 2024 -0600 io_uring/rsrc: get rid of io_mapped_ubuf->folio_mask We don't really need to cache this, let's reclaim 8 bytes from struct io_mapped_ubuf and just calculate it when we need it. The only hot path here is io_import_fixed(). Signed-off-by: Jens Axboe commit 869acb874f2b61c34063b677c2bd29595bf446a1 Merge: 5d09909a1995e3 475aadeba5df68 Author: Miquel Raynal Date: Sun Sep 15 12:38:22 2024 +0200 Merge tag 'nand/for-6.12' into mtd/next * Raw NAND changes The use of for_each_child_of_node_scoped() has been spread into the subsystem drivers. Aside from that, a couple of exit path have been fixed (mtk, denali), the TI GPMC bindings have been enhanced to comply with up-to-date partition descriptions and as always there is a load of small and misc fixes. * SPI-NAND changes The most impacting series this cycle is bringing support for continuous reads in the SPI-NAND subsystem. This is a feature already merged in the raw NAND subsystem which allows optimizing the internal fetch times in the chip while reading sequential pages within an eraseblock. For now only Macronix NANDs benefit from this feature. While we are talking about Macronix, some of their chip need an explicit action for selecting a different plane, and support for it has also been brought. The bitflip threshold has also been set to the same arbitrary level as in the raw NAND subsystem to optimize wear leveling decisions, and finally support for a new Winbond chip has been added. commit 5d09909a1995e3b6565d33f31b0d86d1cf2124ff Merge: 395999829880a1 ac5bfa968b60fb Author: Miquel Raynal Date: Sun Sep 15 12:37:29 2024 +0200 Merge tag 'spi-nor/for-6.12' into mtd/next SPI NOR changes for 6.12 Notable changes: - Add Write Protect support for N25Q064A. - New flash support for Zetta ZD25Q128C and Spansion S28HS256T. - Fix a NULL dereference in probe path for flashes without a name. The probe path tries to access the name without checking its existence first. S28HS256T is the first flash to define its entry without a name, uncovering this issue. commit 7a21b2e370dab780ddb3aa80f2a4c8ff97bddccc Author: Alexandre Ghiti Date: Wed Jul 17 08:01:25 2024 +0200 riscv: Stop emitting preventive sfence.vma for new userspace mappings with Svvptc The preventive sfence.vma were emitted because new mappings must be made visible to the page table walker but Svvptc guarantees that it will happen within a bounded timeframe, so no need to sfence.vma for the uarchs that implement this extension, we will then take gratuitous (but very unlikely) page faults, similarly to x86 and arm64. This allows to drastically reduce the number of sfence.vma emitted: * Ubuntu boot to login: Before: ~630k sfence.vma After: ~200k sfence.vma * ltp - mmapstress01 Before: ~45k After: ~6.3k * lmbench - lat_pagefault Before: ~665k After: 832 (!) * lmbench - lat_mmap Before: ~546k After: 718 (!) Signed-off-by: Alexandre Ghiti Link: https://lore.kernel.org/r/20240717060125.139416-5-alexghiti@rivosinc.com Signed-off-by: Palmer Dabbelt commit 503638e0babf364061bc50fca5103b00a56cc50a Author: Alexandre Ghiti Date: Wed Jul 17 08:01:24 2024 +0200 riscv: Stop emitting preventive sfence.vma for new vmalloc mappings In 6.5, we removed the vmalloc fault path because that can't work (see [1] [2]). Then in order to make sure that new page table entries were seen by the page table walker, we had to preventively emit a sfence.vma on all harts [3] but this solution is very costly since it relies on IPI. And even there, we could end up in a loop of vmalloc faults if a vmalloc allocation is done in the IPI path (for example if it is traced, see [4]), which could result in a kernel stack overflow. Those preventive sfence.vma needed to be emitted because: - if the uarch caches invalid entries, the new mapping may not be observed by the page table walker and an invalidation may be needed. - if the uarch does not cache invalid entries, a reordered access could "miss" the new mapping and traps: in that case, we would actually only need to retry the access, no sfence.vma is required. So this patch removes those preventive sfence.vma and actually handles the possible (and unlikely) exceptions. And since the kernel stacks mappings lie in the vmalloc area, this handling must be done very early when the trap is taken, at the very beginning of handle_exception: this also rules out the vmalloc allocations in the fault path. Link: https://lore.kernel.org/linux-riscv/20230531093817.665799-1-bjorn@kernel.org/ [1] Link: https://lore.kernel.org/linux-riscv/20230801090927.2018653-1-dylan@andestech.com [2] Link: https://lore.kernel.org/linux-riscv/20230725132246.817726-1-alexghiti@rivosinc.com/ [3] Link: https://lore.kernel.org/lkml/20200508144043.13893-1-joro@8bytes.org/ [4] Signed-off-by: Alexandre Ghiti Reviewed-by: Yunhui Cui Link: https://lore.kernel.org/r/20240717060125.139416-4-alexghiti@rivosinc.com Signed-off-by: Palmer Dabbelt commit d25599b5933fb5f89d4b4c720564d613a795f502 Author: Alexandre Ghiti Date: Wed Jul 17 08:01:23 2024 +0200 dt-bindings: riscv: Add Svvptc ISA extension description Add description for the Svvptc ISA extension which was ratified recently. Signed-off-by: Alexandre Ghiti Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240717060125.139416-3-alexghiti@rivosinc.com Signed-off-by: Palmer Dabbelt commit a6efe33cc5945c8d435d2441ecc4e0ca7c49e040 Author: Alexandre Ghiti Date: Wed Jul 17 08:01:22 2024 +0200 riscv: Add ISA extension parsing for Svvptc Add support to parse the Svvptc string in the riscv,isa string. Signed-off-by: Alexandre Ghiti Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240717060125.139416-2-alexghiti@rivosinc.com Signed-off-by: Palmer Dabbelt commit 7c9d980e46703029e9f149ecf26c6a263d8923b6 Author: Jisheng Zhang Date: Wed Jul 10 00:05:22 2024 +0800 riscv: select ARCH_USE_SYM_ANNOTATIONS Now, riscv has been converted to the new style SYM_ assembler annotations. So select ARCH_USE_SYM_ANNOTATIONS to ensure the deprecated macros such as ENTRY(), END(), WEAK() and so on are not available and we don't regress. Signed-off-by: Jisheng Zhang Reviewed-By: Clément Léger Link: https://lore.kernel.org/r/20240709160536.3690-3-jszhang@kernel.org Signed-off-by: Palmer Dabbelt commit 6868d12e0205765c1296c7c5e81e515ec015ab89 Author: Jisheng Zhang Date: Wed Jul 10 00:05:21 2024 +0800 riscv: errata: sifive: Use SYM_*() assembly macros ENTRY()/END() macros are deprecated and we should make use of the new SYM_*() macros [1] for better annotation of symbols. Replace the deprecated ones with the new ones. [1] https://docs.kernel.org/core-api/asm-annotations.html Signed-off-by: Jisheng Zhang Reviewed-By: Clément Léger Link: https://lore.kernel.org/r/20240709160536.3690-2-jszhang@kernel.org Signed-off-by: Palmer Dabbelt commit 1a7483318274d0ec60f160e604c2a1dbce27fc0a Author: Jinjie Ruan Date: Mon Jul 8 11:28:47 2024 +0800 riscv: stacktrace: Add USER_STACKTRACE support Currently, userstacktrace is unsupported for riscv. So use the perf_callchain_user() code as blueprint to implement the arch_stack_walk_user() which add userstacktrace support on riscv. Meanwhile, we can use arch_stack_walk_user() to simplify the implementation of perf_callchain_user(). A ftrace test case is shown as below: # cd /sys/kernel/debug/tracing # echo 1 > options/userstacktrace # echo 1 > options/sym-userobj # echo 1 > events/sched/sched_process_fork/enable # cat trace ...... bash-178 [000] ...1. 97.968395: sched_process_fork: comm=bash pid=178 child_comm=bash child_pid=231 bash-178 [000] ...1. 97.970075: => /lib/libc.so.6[+0xb5090] Also a simple perf test is ok as below: # perf record -e cpu-clock --call-graph fp top # perf report --call-graph ..... [[31m 66.54%[[m 0.00% top [kernel.kallsyms] [k] ret_from_exception | ---ret_from_exception | |--[[31m58.97%[[m--do_trap_ecall_u | | | |--[[31m17.34%[[m--__riscv_sys_read | | ksys_read | | | | | --[[31m16.88%[[m--vfs_read | | | | | |--[[31m10.90%[[m--seq_read Signed-off-by: Jinjie Ruan Tested-by: Jinjie Ruan Cc: Björn Töpel Link: https://lore.kernel.org/r/20240708032847.2998158-3-ruanjinjie@huawei.com Signed-off-by: Palmer Dabbelt commit 22ab08955ea13be04a8efd20cc30890e0afaa49c Author: Jinjie Ruan Date: Mon Jul 8 11:28:46 2024 +0800 riscv: Fix fp alignment bug in perf_callchain_user() The standard RISC-V calling convention said: "The stack grows downward and the stack pointer is always kept 16-byte aligned". So perf_callchain_user() should check whether 16-byte aligned for fp. Link: https://riscv.org/wp-content/uploads/2015/01/riscv-calling.pdf Fixes: dbeb90b0c1eb ("riscv: Add perf callchain support") Signed-off-by: Jinjie Ruan Cc: Björn Töpel Link: https://lore.kernel.org/r/20240708032847.2998158-2-ruanjinjie@huawei.com Signed-off-by: Palmer Dabbelt commit 0cdcc99eeaedf2422c80d75760293fdbb476cec1 Merge: 1a371190a375f9 5aa09297a3dcc7 Author: Paolo Bonzini Date: Sat Sep 14 09:56:08 2024 -0400 Merge tag 'kvm-riscv-6.12-1' of https://github.com/kvm-riscv/linux into HEAD KVM/riscv changes for 6.12 - Fix sbiret init before forwarding to userspace - Don't zero-out PMU snapshot area before freeing data - Allow legacy PMU access from guest - Fix to allow hpmcounter31 from the guest commit 1a371190a375f98c9b106f758ea41558c3f92556 Merge: 091b2ecaa3081b 3abb708ec0be25 Author: Paolo Bonzini Date: Sat Sep 14 09:33:46 2024 -0400 Merge tag 'loongarch-kvm-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson into HEAD LoongArch KVM changes for v6.12 1. Revert qspinlock to test-and-set simple lock on VM. 2. Add Loongson Binary Translation extension support. 3. Add PMU support for guest. 4. Enable paravirt feature control from VMM. 5. Implement function kvm_para_has_feature(). commit 091b2ecaa3081b8dee90c4fb31e782e8e3107a77 Merge: 15e1c3d6597552 17a00056449940 Author: Paolo Bonzini Date: Sat Sep 14 09:32:13 2024 -0400 Merge tag 'kvmarm-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD KVM/arm64 updates for 6.12 * New features: - Add a Stage-2 page table dumper, reusing the main ptdump infrastructure, and allowing easier debugging of the our page-table infrastructure - Add FP8 support to the KVM/arm64 floating point handling. - Add NV support for the AT family of instructions, which mostly results in adding a page table walker that deals with most of the complexity of the architecture. * Improvements, fixes and cleanups: - Add selftest checks for a bunch of timer emulation corner cases - Fix the multiple of cases where KVM/arm64 doesn't correctly handle the guest trying to use a GICv3 that isn't advertised - Remove REG_HIDDEN_USER from the sysreg infrastructure, making things little more simple - Prevent MTE tags being restored by userspace if we are actively logging writes, as that's a recipe for disaster - Correct the refcount on a page that is not considered for MTE tag copying (such as a device) - Relax the synchronisation when walking a page table to split block mappings, moving it at the end the walk, as there is no need to perform it on every store. - Fix boundary check when transfering memory using FFA - Fix pKVM TLB invalidation, only affecting currently out of tree code but worth addressing for peace of mind commit 3254ce83899b2d7eae83877a67f454908350c538 Merge: 34c44eb31de9cb 1d6ae9652780e9 Author: Jakub Kicinski Date: Sat Sep 14 15:14:13 2024 -0700 Merge branch 'introduce-hsr-offload-support-for-icssg' MD Danish Anwar says: ==================== Introduce HSR offload support for ICSSG This series introduces HSR offload support for ICSSG driver. To support HSR offload to hardware, ICSSG HSR firmware is used. This series introduces, 1. HSR frame offload support for ICSSG driver. 2. HSR Tx Packet duplication offload 3. HSR Tx Tag and Rx Tag offload 4. Multicast filtering support in HSR offload mode. 5. Dependencies related to IEP. HSR Test Setup: -------------- ___________ ___________ ___________ | | Link AB | | Link BC | | __| AM64* |_________| AM64 |_________| AM64* |___ | | Station A | | Station B | | Station C | | | |___________| |___________| |___________| | | | |______________________________________________________________| Link CA *Could be any device that supports two ethernet interfaces. Steps to switch to HSR frame forward offload mode: ------------------------------------------------- Example assuming eth1, eth2 ports of ICSSG1 on AM64-EVM 1) Enable HSR offload for both interfaces ethtool -K eth1 hsr-fwd-offload on ethtool -K eth1 hsr-dup-offload on ethtool -K eth1 hsr-tag-ins-offload on ethtool -K eth1 hsr-tag-rm-offload on ethtool -K eth2 hsr-fwd-offload on ethtool -K eth2 hsr-dup-offload on ethtool -K eth2 hsr-tag-ins-offload on ethtool -K eth2 hsr-tag-rm-offload on 2) Create HSR interface and add slave interfaces to it ip link add name hsr0 type hsr slave1 eth1 slave2 eth2 \ supervision 45 version 1 3) Add IP address to the HSR interface ip addr add /24 dev hsr0 4) Bring up the HSR interface ip link set hsr0 up Switching back to previous mode: -------------------------------- 1) Delete HSR interface ip link delete hsr0 2) Disable HSR port-to-port offloading mode, packet duplication ethtool -K eth1 hsr-fwd-offload off ethtool -K eth1 hsr-dup-offload off ethtool -K eth1 hsr-tag-ins-offload off ethtool -K eth1 hsr-tag-rm-offload off ethtool -K eth2 hsr-fwd-offload off ethtool -K eth2 hsr-dup-offload off ethtool -K eth2 hsr-tag-ins-offload off ethtool -K eth2 hsr-tag-rm-offload off Testing the port-to-port frame forward offload feature: ----------------------------------------------------- 1) Connect the LAN cables as shown in the test setup. 2) Configure Station A and Station C in HSR non-offload mode. 3) Configure Station B is HSR offload mode. 4) Since HSR is a redundancy protocol, disconnect cable "Link CA", to ensure frames from Station A reach Station C only through Station B. 5) Run iperf3 Server on Station C and client on station A. 7) Check the CPU usage on Station B. CPU usage report on Station B using mpstat when running UDP iperf3: ------------------------------------------------------------------- 1) Non-Offload case ------------------- CPU %usr %nice %sys %iowait %irq %soft %steal %guest %idle all 0.00 0.00 0.50 0.00 3.52 29.15 0.00 0.00 66.83 0 0.00 0.00 0.00 0.00 7.00 58.00 0.00 0.00 35.00 1 0.00 0.00 0.99 0.00 0.99 0.00 0.00 0.00 98.02 2) Offload case --------------- CPU %usr %nice %sys %iowait %irq %soft %steal %guest %idle all 0.00 0.00 0.00 0.00 0.50 0.00 0.00 0.00 99.50 0 0.00 0.00 0.99 0.00 0.00 0.00 0.00 0.00 99.01 1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 100.00 Note: 1) At the very least, hsr-fwd-offload must be enabled. Without offloading the port-to-port offload, other HSR offloads cannot be enabled. 2) hsr-tag-ins-offload and hsr-dup-offload are tightly coupled in the firmware implementation. They both need to be enabled / disabled together. v1: https://lore.kernel.org/20240808110800.1281716-1-danishanwar@ti.com/ v2: https://lore.kernel.org/20240813074233.2473876-1-danishanwar@ti.com v3: https://lore.kernel.org/20240828091901.3120935-1-danishanwar@ti.com/ v4: https://lore.kernel.org/20240904100506.3665892-1-danishanwar@ti.com/ v5: https://lore.kernel.org/20240906111538.1259418-1-danishanwar@ti.com/ [0] https://lore.kernel.org/202409061658.vSwcFJiK-lkp@intel.com/ [1] https://lore.kernel.org/20240828091901.3120935-5-danishanwar@ti.com/ [2] https://lore.kernel.org/20240828091901.3120935-7-danishanwar@ti.com/ [3] https://lore.kernel.org/20240813074233.2473876-2-danishanwar@ti.com/ [4] https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=e846be0fba85 ==================== Link: https://patch.msgid.link/20240911081603.2521729-1-danishanwar@ti.com Signed-off-by: Jakub Kicinski commit 1d6ae9652780e97302b7e02610d9b6b74020b9ff Author: MD Danish Anwar Date: Wed Sep 11 13:46:03 2024 +0530 net: ti: icssg-prueth: Add multicast filtering support in HSR mode Add support for multicast filtering in HSR mode Reviewed-by: Roger Quadros Signed-off-by: MD Danish Anwar Link: https://patch.msgid.link/20240911081603.2521729-6-danishanwar@ti.com Signed-off-by: Jakub Kicinski commit 56375086d093478d67366bdbafee4db657b9d1b1 Author: Ravi Gunasekaran Date: Wed Sep 11 13:46:02 2024 +0530 net: ti: icssg-prueth: Enable HSR Tx duplication, Tx Tag and Rx Tag offload The HSR stack allows to offload its Tx packet duplication functionality to the hardware. Enable this offloading feature for ICSSG driver. Add support to offload HSR Tx Tag Insertion and Rx Tag Removal and duplicate discard. hsr tag insertion offload and hsr dup offload are tightly coupled in firmware implementation. Both these features need to be enabled / disabled together. Duplicate discard is done as part of RX tag removal and it is done by the firmware. When driver sends the r30 command ICSSG_EMAC_HSR_RX_OFFLOAD_ENABLE, firmware does RX tag removal as well as duplicate discard. Signed-off-by: Ravi Gunasekaran Signed-off-by: MD Danish Anwar Reviewed-by: Roger Quadros Link: https://patch.msgid.link/20240911081603.2521729-5-danishanwar@ti.com Signed-off-by: Jakub Kicinski commit 95540ad6747c09225e21800d9ce325921645dda2 Author: MD Danish Anwar Date: Wed Sep 11 13:46:01 2024 +0530 net: ti: icssg-prueth: Add support for HSR frame forward offload Add support for offloading HSR port-to-port frame forward to hardware. When the slave interfaces are added to the HSR interface, the PRU cores will be stopped and ICSSG HSR firmwares will be loaded to them. Similarly, when HSR interface is deleted, the PRU cores will be restarted and the last used firmwares will be reloaded. PRUeth interfaces will be back to the last used mode. This commit also renames some APIs that are common between switch and hsr mode with '_fw_offload' suffix. Signed-off-by: MD Danish Anwar Reviewed-by: Roger Quadros Link: https://patch.msgid.link/20240911081603.2521729-4-danishanwar@ti.com Signed-off-by: Jakub Kicinski commit 4ebe0599fc36ea3ff51e76e8554a2127e8126778 Author: MD Danish Anwar Date: Wed Sep 11 13:46:00 2024 +0530 net: ti: icssg-prueth: Stop hardcoding def_inc The def_inc is stored in icss_iep structure. Currently default increment (ns per clock tick) is hardcoded to 4 (Clock frequency being 250 MHz). Change this to use the iep->def_inc variable as the iep structure is now accessible to the driver files. Reviewed-by: Roger Quadros Signed-off-by: MD Danish Anwar Link: https://patch.msgid.link/20240911081603.2521729-3-danishanwar@ti.com Signed-off-by: Jakub Kicinski commit 8f88c072c2ba9201c1db27dec35f5015489776ec Author: MD Danish Anwar Date: Wed Sep 11 13:45:59 2024 +0530 net: ti: icss-iep: Move icss_iep structure Move icss_iep structure definition and to icss_iep.h file so that the structure members can be used / accessed by all icssg driver files. Reviewed-by: Simon Horman Reviewed-by: Jacob Keller Reviewed-by: Roger Quadros Signed-off-by: MD Danish Anwar Link: https://patch.msgid.link/20240911081603.2521729-2-danishanwar@ti.com Signed-off-by: Jakub Kicinski commit 305790dd91057a3f7497c9d128614a4f8486b62b Author: Luiz Capitulino Date: Thu Sep 12 15:05:32 2024 -0400 platform/mellanox: mlxbf-pmc: fix lockdep warning It seems the mlxbf-pmc driver is missing initializing sysfs attributes which causes the warning below when CONFIG_LOCKDEP and CONFIG_DEBUG_LOCK_ALLOC are enabled. This commit fixes it. [ 155.380843] BUG: key ffff470f45dfa6d8 has not been registered! [ 155.386749] ------------[ cut here ]------------ [ 155.391361] DEBUG_LOCKS_WARN_ON(1) [ 155.391381] WARNING: CPU: 4 PID: 1828 at kernel/locking/lockdep.c:4894 lockdep_init_map_type+0x1d0/0x288 [ 155.404254] Modules linked in: mlxbf_pmc(+) xfs libcrc32c mmc_block mlx5_core crct10dif_ce mlxfw ghash_ce virtio_net tls net_failover sha2 _ce failover psample sha256_arm64 dw_mmc_bluefield pci_hyperv_intf sha1_ce dw_mmc_pltfm sbsa_gwdt dw_mmc micrel mmc_core nfit i2c_mlxbf pwr_m lxbf gpio_generic libnvdimm mlxbf_tmfifo mlxbf_gige dm_mirror dm_region_hash dm_log dm_mod [ 155.436786] CPU: 4 UID: 0 PID: 1828 Comm: modprobe Kdump: loaded Not tainted 6.11.0-rc7-rep1+ #1 [ 155.445562] Hardware name: https://www.mellanox.com BlueField SoC/BlueField SoC, BIOS 4.8.0.13249 Aug 7 2024 [ 155.455463] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 155.462413] pc : lockdep_init_map_type+0x1d0/0x288 [ 155.467196] lr : lockdep_init_map_type+0x1d0/0x288 [ 155.471976] sp : ffff80008a1734e0 [ 155.475279] x29: ffff80008a1734e0 x28: ffff470f45df0240 x27: 00000000ffffee4b [ 155.482406] x26: 00000000000011b4 x25: 0000000000000000 x24: 0000000000000000 [ 155.489532] x23: ffff470f45dfa6d8 x22: 0000000000000000 x21: ffffd54ef6bea000 [ 155.496659] x20: ffff470f45dfa6d8 x19: ffff470f49cdc638 x18: ffffffffffffffff [ 155.503784] x17: 2f30303a31444642 x16: ffffd54ef48a65e8 x15: ffff80010a172fe7 [ 155.510911] x14: 0000000000000000 x13: 284e4f5f4e524157 x12: 5f534b434f4c5f47 [ 155.518037] x11: 0000000000000001 x10: 0000000000000001 x9 : ffffd54ef3f48a14 [ 155.525163] x8 : 00000000000bffe8 x7 : c0000000ffff7fff x6 : 00000000002bffa8 [ 155.532289] x5 : ffff4712bdcb6088 x4 : 0000000000000000 x3 : 0000000000000027 [ 155.539416] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff470f43e5be00 [ 155.546542] Call trace: [ 155.548976] lockdep_init_map_type+0x1d0/0x288 [ 155.553410] __kernfs_create_file+0x80/0x138 [ 155.557673] sysfs_add_file_mode_ns+0x94/0x150 [ 155.562106] create_files+0xb0/0x248 [ 155.565672] internal_create_group+0x10c/0x328 [ 155.570105] internal_create_groups.part.0+0x50/0xc8 [ 155.575060] sysfs_create_groups+0x20/0x38 [ 155.579146] device_add_attrs+0x1b8/0x228 [ 155.583146] device_add+0x2a4/0x690 [ 155.586625] device_register+0x24/0x38 [ 155.590362] __hwmon_device_register+0x1e0/0x3c8 [ 155.594969] devm_hwmon_device_register_with_groups+0x78/0xe0 [ 155.600703] mlxbf_pmc_probe+0x224/0x3a0 [mlxbf_pmc] [ 155.605669] platform_probe+0x6c/0xe0 [ 155.609320] really_probe+0xc4/0x398 [ 155.612887] __driver_probe_device+0x80/0x168 [ 155.617233] driver_probe_device+0x44/0x120 [ 155.621405] __driver_attach+0xf4/0x200 [ 155.625230] bus_for_each_dev+0x7c/0xe8 [ 155.629055] driver_attach+0x28/0x38 [ 155.632619] bus_add_driver+0x110/0x238 [ 155.636445] driver_register+0x64/0x128 [ 155.640270] __platform_driver_register+0x2c/0x40 [ 155.644965] pmc_driver_init+0x24/0xff8 [mlxbf_pmc] [ 155.649833] do_one_initcall+0x70/0x3d0 [ 155.653660] do_init_module+0x64/0x220 [ 155.657400] load_module+0x628/0x6a8 [ 155.660964] init_module_from_file+0x8c/0xd8 [ 155.665222] idempotent_init_module+0x194/0x290 [ 155.669742] __arm64_sys_finit_module+0x6c/0xd8 [ 155.674261] invoke_syscall.constprop.0+0x74/0xd0 [ 155.678957] do_el0_svc+0xb4/0xd0 [ 155.682262] el0_svc+0x5c/0x248 [ 155.685394] el0t_64_sync_handler+0x134/0x150 [ 155.689739] el0t_64_sync+0x17c/0x180 [ 155.693390] irq event stamp: 6407 [ 155.696693] hardirqs last enabled at (6407): [] console_unlock+0x154/0x1b8 [ 155.705207] hardirqs last disabled at (6406): [] console_unlock+0x19c/0x1b8 [ 155.713719] softirqs last enabled at (6404): [] handle_softirqs+0x4f4/0x518 [ 155.722320] softirqs last disabled at (6395): [] __do_softirq+0x18/0x20 [ 155.730484] ---[ end trace 0000000000000000 ]--- Signed-off-by: Luiz Capitulino Link: https://lore.kernel.org/r/20240912190532.377097-1-luizcap@redhat.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 06369503d644068abd9e90918c6611274d94c126 Author: aln8 Date: Thu Sep 12 15:36:01 2024 +0800 platform/x86/amd: pmf: Add quirk for TUF Gaming A14 The ASUS TUF Gaming A14 has the same issue as the ROG Zephyrus G14 where it advertises SPS support but doesn't use it. Signed-off-by: aln8 Acked-by: Shyam Sundar S K Link: https://lore.kernel.org/r/20240912073601.65656-1-aln8un@gmail.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit c11619af35bae5884029bd14170c3e4b55ddf6f3 Author: Ckath Date: Wed Sep 11 21:12:40 2024 +0200 platform/x86: touchscreen_dmi: add nanote-next quirk Add touschscreen info for the nanote next (UMPC-03-SR). After checking with multiple owners the DMI info really is this generic. Signed-off-by: Ckath Link: https://lore.kernel.org/r/e8dda83a-10ae-42cf-a061-5d29be0d193a@yandex.ru Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit ac5bfa968b60fba409942ab594ad98479b4e1223 Author: Michael Walle Date: Mon Sep 9 09:28:54 2024 +0200 mtd: spi-nor: fix flash probing Fix flash probing by name. Flash entries without a name are allowed since commit 15eb8303bb42 ("mtd: spi-nor: mark the flash name as obsolete"). But it was just until recently that a flash entry without a name was actually introduced. This triggers a bug in the legacy probe by name path. Skip entries without a name to fix it. Fixes: 2095e7da8049 ("mtd: spi-nor: spansion: Add support for S28HS256T") Reported-by: Jon Hunter Closes: https://lore.kernel.org/r/66c8ebb0-1324-4ad9-9926-8d4eb7e1e63a@nvidia.com/ Tested-by: Jon Hunter Signed-off-by: Michael Walle Reviewed-by: Tudor Ambarus Reviewed-by: Pratyush Yadav Signed-off-by: Pratyush Yadav Link: https://lore.kernel.org/r/20240909072854.812206-1-mwalle@kernel.org commit 1dc6cd4f94ad5c9432dc7c7a1e1ed6c52ec856ad Author: Takahiro Kuwano Date: Fri Aug 30 17:04:28 2024 +0900 mtd: spi-nor: spansion: Add support for S28HS256T Infineon S28HS256T is 256Mb Octal SPI device which has same functionalities with 512Mb and 1Gb parts. Link: https://www.infineon.com/dgdl/Infineon-S28HS256T_S28HL256T_256Mb_SEMPER_Flash_Octal_interface_1_8V_3-DataSheet-v02_00-EN.pdf?fileId=8ac78c8c8fc2dd9c018fc66787aa0657 Signed-off-by: Takahiro Kuwano Reviewed-by: Michael Walle Signed-off-by: Pratyush Yadav Link: https://lore.kernel.org/r/20240830080428.6994-1-Takahiro.Kuwano@infineon.com commit a84d45217c8fbfab3f522dc84767f7f08ab1a85e Author: Michael Walle Date: Mon Aug 5 00:15:35 2024 +0200 mtd: spi-nor: winbond: add Zetta ZD25Q128C support Zetta normally uses BAh as its vendor ID. But for the ZD25Q128C they took the one from Winbond and messed up the size parameters in SFDP. Most functions seem compatible with the W25Q128, we just have to fix up the size. Link: http://www.zettadevice.com/upload/file/20150821/DS_Zetta_25Q128_RevA.pdf Link: https://www.lcsc.com/datasheet/lcsc_datasheet_2312081757_Zetta-ZD25Q128CSIGT_C19626875.pdf Signed-off-by: Michael Walle Reviewed-by: Pratyush Yadav Signed-off-by: Pratyush Yadav Link: https://lore.kernel.org/r/20240804221535.291923-1-mwalle@kernel.org commit 86fd0e6410b453fed93cf8085de1e5b0cfdbb6b9 Author: Brian Norris Date: Fri Jul 26 11:58:18 2024 -0700 mtd: spi-nor: micron-st: Add n25q064a WP support These flash chips are used on Google / TP-Link / ASUS OnHub devices, and OnHub devices are write-protected by default (same as any other ChromeOS/Chromebook system). I've referred to datasheets, and tested on OnHub devices. Signed-off-by: Brian Norris Reviewed-by: Michael Walle Signed-off-by: Pratyush Yadav Link: https://lore.kernel.org/r/20240726185825.142733-1-computersforpeace@gmail.com commit 18bcb4aa54eab75dce41e5c176a1c2bff94f0f79 Author: Csókás, Bence Date: Wed Jul 10 11:14:01 2024 +0200 mtd: spi-nor: sst: Factor out common write operation to `sst_nor_write_data()` Writing to the Flash in `sst_nor_write()` is a 3-step process: first an optional one-byte write to get 2-byte-aligned, then the bulk of the data is written out in vendor-specific 2-byte writes. Finally, if there's a byte left over, another one-byte write. This was implemented 3 times in the body of `sst_nor_write()`. To reduce code duplication, factor out these sub-steps to their own function. Signed-off-by: Csókás, Bence Reviewed-by: Pratyush Yadav [pratyush@kernel.org: fixup whitespace, use %zu instead of %i in WARN()] Signed-off-by: Pratyush Yadav Link: https://lore.kernel.org/r/20240710091401.1282824-1-csokas.bence@prolan.hu commit 636119af94f2fbf3e4458be66a1bc740ba69ce6d Author: Jens Axboe Date: Sat Sep 14 08:51:15 2024 -0600 io_uring: rename "copy buffers" to "clone buffers" A recent commit added support for copying registered buffers from one ring to another. But that term is a bit confusing, as no copying of buffer data is done here. What is being done is simply cloning the buffer registrations from one ring to another. Rename it while we still can, so that it's more descriptive. No functional changes in this patch. Fixes: 7cc2a6eadcd7 ("io_uring: add IORING_REGISTER_COPY_BUFFERS method") Signed-off-by: Jens Axboe commit d92b90f9a54d9300a6e883258e79f36dab53bfae Author: Hans de Goede Date: Tue Aug 27 12:45:23 2024 +0200 drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA Replace the fake VLA at end of the vbva_mouse_pointer_shape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: [ 13.319813] memcpy: detected field-spanning write (size 16896) of single field "p->data" at drivers/gpu/drm/vboxvideo/hgsmi_base.c:154 (size 4) [ 13.319841] WARNING: CPU: 0 PID: 1105 at drivers/gpu/drm/vboxvideo/hgsmi_base.c:154 hgsmi_update_pointer_shape+0x192/0x1c0 [vboxvideo] [ 13.320038] Call Trace: [ 13.320173] hgsmi_update_pointer_shape [vboxvideo] [ 13.320184] vbox_cursor_atomic_update [vboxvideo] Note as mentioned in the added comment it seems the original length calculation for the allocated and send hgsmi buffer is 4 bytes too large. Changing this is not the goal of this patch, so this behavior is kept. Signed-off-by: Hans de Goede Reviewed-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240827104523.17442-1-hdegoede@redhat.com commit e50a57d16f897e45de1112eb6478577b197fab52 Author: Hans de Goede Date: Sun Sep 8 20:53:37 2024 +0200 power: supply: hwmon: Fix missing temp1_max_alarm attribute Temp channel 0 aka temp1 can have a temp1_max_alarm attribute for power_supply devices which have a POWER_SUPPLY_PROP_TEMP_ALERT_MAX property. HWMON_T_MAX_ALARM was missing from power_supply_hwmon_info for temp channel 0, causing the hwmon temp1_max_alarm attribute to be missing from such power_supply devices. Add this to power_supply_hwmon_info to fix this. Fixes: f1d33ae806ec ("power: supply: remove duplicated argument in power_supply_hwmon_info") Cc: stable@vger.kernel.org Signed-off-by: Hans de Goede Link: https://lore.kernel.org/r/20240908185337.103696-2-hdegoede@redhat.com Signed-off-by: Sebastian Reichel commit 78f281e5bdeb6476fab97a2c3fcece1094b42aaf Author: Hans de Goede Date: Sun Sep 8 20:53:36 2024 +0200 power: supply: Drop use_cnt check from power_supply_property_is_writeable() power_supply_property_is_writeable() gets called from the is_visible() callback for the sysfs attributes of power_supply class devices and for the sysfs attributes of power_supply core instantiated hwmon class devices. These sysfs attributes get registered by the device_add() respectively power_supply_add_hwmon_sysfs() calls in power_supply_register(). use_cnt gets initialized to 0 and is incremented only after these calls. So when power_supply_property_is_writeable() gets called it always return -ENODEV because of use_cnt == 0. This causes all the attributes to have permissions of 444 even those which should be writable. This used to be a problem only for hwmon sysfs attributes but since commit be6299c6e55e ("power: supply: sysfs: use power_supply_property_is_writeable()") this now also impacts power_supply class sysfs attributes. Fixes: be6299c6e55e ("power: supply: sysfs: use power_supply_property_is_writeable()") Fixes: e67d4dfc9ff1 ("power: supply: Add HWMON compatibility layer") Cc: stable@vger.kernel.org Cc: Thomas Weißschuh Cc: Andrey Smirnov Signed-off-by: Hans de Goede Link: https://lore.kernel.org/stable/20240908185337.103696-1-hdegoede%40redhat.com Link: https://lore.kernel.org/r/20240908185337.103696-1-hdegoede@redhat.com Signed-off-by: Sebastian Reichel commit 64c0ce555ad2d84f497f5f584ddd31e87ac690a2 Merge: 1a529af6f81e54 134536c21275bb Author: Takashi Iwai Date: Sat Sep 14 10:16:12 2024 +0200 Merge branch 'for-linus' into for-next Pull 6.11 fixes to 6.12-devel branch Signed-off-by: Takashi Iwai commit d6a1928134a1c626ff369129d7a80951b2949a48 Author: Stuart Menefy Date: Mon Jun 24 13:17:23 2024 +0100 riscv: Remove redundant restriction on memory size The original reason for reserving the top 4GiB of the direct map (space for modules/BPF/kernel) hasn't applied since the address map was reworked for KASAN. Signed-off-by: Stuart Menefy Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/20240624121723.2186279-1-stuart.menefy@codasip.com Signed-off-by: Palmer Dabbelt commit 7587a3602bf2f12e798ea955b17521948ddb56a5 Author: Changbin Du Date: Tue Jun 11 12:09:47 2024 +0800 riscv: vdso: do not strip debugging info for vdso.so.dbg The vdso.so.dbg is a debug version of vdso and could be used for debugging purpose. For example, perf-annotate requires debugging info to show source lines. So let's keep its debugging info. Signed-off-by: Changbin Du Reviewed-by: Cyril Bur Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/20240611040947.3024710-1-changbin.du@huawei.com Signed-off-by: Palmer Dabbelt commit 1a529af6f81e54f15df162a0c703459937941c54 Merge: 5740434e1e0f51 2772ee6de6cf94 Author: Takashi Iwai Date: Sat Sep 14 09:09:59 2024 +0200 Merge tag 'asoc-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-next ASoC: Updates for v6.12 This is a very large set of changes, almost all in drivers rather than the core. Even with the addition of several quite large drivers the overall diffstat is negative thanks to the removal of some old Intel board support which has been obsoleted by the AVS driver, helped a bit by some factoring out into helpers (especially around the Soundwire machine drivers for x86). Highlights include: - More simplifications and cleanups throughout the subsystem from Morimoto-san. - Extensive cleanups and refactoring of the Soundwire drivers to make better use of helpers. - Removal of Intel machine support obsoleted by the AVS driver. - Lots of DT schema conversions. - Machine support for many AMD and Intel x86 platforms. - Support for AMD ACP 7.1, Mediatek MT6367 and MT8365, Realtek RTL1320 SoundWire and rev C, and Texas Instruments TAS2563 commit a49f48cc7d26270bee727d30ce830d4129b33d4a Author: Boqun Feng Date: Wed Jul 3 09:26:16 2024 -0700 MAINTAINERS: Add the dedicated maillist info for LKMM A dedicated mail list has been created for Linux kernel memory model discussion, which could help people more easily track memory model related discussions. This could also help bring memory model discussions to a broader audience. Therefore, add the list information to the LKMM maintainers entry. Signed-off-by: Boqun Feng Signed-off-by: Paul E. McKenney Acked-by: Andrea Parri commit 2040c9cb140ec2925be9c6c18479d796ced15126 Author: Akira Yokosawa Date: Tue Jul 2 20:42:44 2024 +0900 docs/memory-barriers.txt: Remove left-over references to "CACHE COHERENCY" Commit 8ca924aeb4f2 ("Documentation/barriers: Remove references to [smp_]read_barrier_depends()") removed the entire section of "CACHE COHERENCY", without getting rid of its traces. Remove them. Signed-off-by: Akira Yokosawa Cc: Will Deacon Signed-off-by: Paul E. McKenney Acked-by: Andrea Parri commit b9a6e87af5eaf4239a11ebc029d59e8ace761f1f Author: Akira Yokosawa Date: Tue Jun 25 17:59:37 2024 +0900 tools/memory-model: simple.txt: Fix stale reference to recipes-pairs.txt There has never been recipes-paris.txt at least since v5.11. Fix the typo. Signed-off-by: Akira Yokosawa Acked-by: Andrea Parri Signed-off-by: Paul E. McKenney commit 9bc931e9e161ca9788ebed1d2a88b5aa1b4439b2 Author: Akira Yokosawa Date: Tue Jun 25 17:58:21 2024 +0900 tools/memory-model: Add locking.txt and glossary.txt to README locking.txt and glossary.txt have been in LKMM's documentation for quite a while. Add them in README's introduction of docs and the list of docs at the bottom. Add access-marking.txt in the former as well. Signed-off-by: Akira Yokosawa Acked-by: Andrea Parri Cc: Marco Elver Signed-off-by: Paul E. McKenney commit e8adbac0d44fe5f275902c004d04b0cfc33fce8d Author: Andrea Parri Date: Wed Jun 19 03:06:04 2024 +0200 tools/memory-model: Document herd7 (abstract) representation The Linux-kernel memory model (LKMM) source code and the herd7 tool are closely linked in that the latter is responsible for (pre)processing each C-like macro of a litmus test, and for providing the LKMM with a set of events, or "representation", corresponding to the given macro. This commit therefore provides herd-representation.txt to document the representations of the concurrency macros, following their "classification" in Documentation/atomic_t.txt. Link: https://lore.kernel.org/all/ZnFZPJlILp5B9scN@andrea/ Suggested-by: Hernan Ponce de Leon Signed-off-by: Andrea Parri Reviewed-by: Boqun Feng Reviewed-by: Hernan Ponce de Leon Signed-off-by: Paul E. McKenney commit 3870e2850b56306d1d1e435c5a1ccbccd7c59291 Author: Werner Sembach Date: Tue Sep 10 11:40:08 2024 +0200 Input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042 quirk table The Gen6 devices have the same problem and the same Solution as the Gen5 ones. Some TongFang barebones have touchpad and/or keyboard issues after suspend, fixable with nomux + reset + noloop + nopnp. Luckily, none of them have an external PS/2 port so this can safely be set for all of them. I'm not entirely sure if every device listed really needs all four quirks, but after testing and production use, no negative effects could be observed when setting all four. Signed-off-by: Werner Sembach Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240910094008.1601230-3-wse@tuxedocomputers.com Signed-off-by: Dmitry Torokhov commit 01eed86d50af9fab27d876fd677b86259ebe9de3 Author: Werner Sembach Date: Tue Sep 10 11:40:07 2024 +0200 Input: i8042 - add another board name for TUXEDO Stellaris Gen5 AMD line There might be devices out in the wild where the board name is GMxXGxx instead of GMxXGxX. Adding both to be on the safe side. Signed-off-by: Werner Sembach Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240910094008.1601230-2-wse@tuxedocomputers.com Signed-off-by: Dmitry Torokhov commit c7c878ff329239e28d7ab9fae7f7f49f114b12ff Author: Rob Herring (Arm) Date: Fri Sep 13 15:08:26 2024 -0500 Input: tegra-kbc - use of_property_read_variable_u32_array() and of_property_present() There's no need to get the length of an DT array property before parsing the array. of_property_read_variable_u32_array() takes a minimum and maximum length and returns the actual length (or error code). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Acked-by: Thierry Reding Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240913200827.546649-1-robh@kernel.org Signed-off-by: Dmitry Torokhov commit c5a709f08d40b1a082e44ffcde1aea4d2822ddd5 Author: Namjae Jeon Date: Sun Sep 8 15:23:48 2024 +0900 ksmbd: handle caseless file creation Ray Zhang reported ksmbd can not create file if parent filename is caseless. Y:\>mkdir A Y:\>echo 123 >a\b.txt The system cannot find the path specified. Y:\>echo 123 >A\b.txt This patch convert name obtained by caseless lookup to parent name. Cc: stable@vger.kernel.org # v5.15+ Reported-by: Ray Zhang Signed-off-by: Namjae Jeon Signed-off-by: Steve French commit ca4974ca954561e79f8871d220bb08f14f64f57c Author: Hobin Woo Date: Wed Sep 4 13:36:35 2024 +0900 ksmbd: make __dir_empty() compatible with POSIX Some file systems may not provide dot (.) and dot-dot (..) as they are optional in POSIX. ksmbd can misjudge emptiness of a directory in those file systems, since it assumes there are always at least two entries: dot and dot-dot. Just don't count dot and dot-dot. Cc: stable@vger.kernel.org # v6.1+ Signed-off-by: Hobin Woo Acked-by: Namjae Jeon Signed-off-by: Steve French commit ee426bfb9d09b29987369b897fe9b6485ac2be27 Author: Namjae Jeon Date: Tue Sep 3 20:28:08 2024 +0900 ksmbd: add refcnt to ksmbd_conn struct When sending an oplock break request, opinfo->conn is used, But freed ->conn can be used on multichannel. This patch add a reference count to the ksmbd_conn struct so that it can be freed when it is no longer used. Signed-off-by: Namjae Jeon Signed-off-by: Steve French commit 2fb9b5dc80cabcee636a6ccd020740dd925b4580 Author: Namjae Jeon Date: Tue Sep 3 20:26:33 2024 +0900 ksmbd: allow write with FILE_APPEND_DATA Windows client write with FILE_APPEND_DATA when using git. ksmbd should allow write it with this flags. Z:\test>git commit -m "test" fatal: cannot update the ref 'HEAD': unable to append to '.git/logs/HEAD': Bad file descriptor Fixes: 0626e6641f6b ("cifsd: add server handler for central processing and tranport layers") Cc: stable@vger.kernel.org # v5.15+ Signed-off-by: Namjae Jeon Signed-off-by: Steve French commit 34c44eb31de9cb7202ff070900463d6c706392c4 Merge: beb2baa9e54d73 39b9b78065cdf4 Author: Jakub Kicinski Date: Fri Sep 13 21:49:00 2024 -0700 Merge branch 'net-ibm-emac-modernize-a-bit' Rosen Penev says: ==================== net: ibm: emac: modernize a bit ==================== Link: https://patch.msgid.link/20240912024903.6201-1-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 39b9b78065cdf4a701879bbe471aa7a0794a8b0f Author: Rosen Penev Date: Wed Sep 11 19:49:03 2024 -0700 net: ibm: emac: get rid of wol_irq This is completely unused. Signed-off-by: Rosen Penev Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240912024903.6201-10-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit c092d0be38f4f754cdbdc76dc6df628ca48ac0eb Author: Rosen Penev Date: Wed Sep 11 19:49:02 2024 -0700 net: ibm: emac: remove all waiting code EPROBE_DEFER, which probably wasn't available when this driver was written, can be used instead of waiting manually. Signed-off-by: Rosen Penev Link: https://patch.msgid.link/20240912024903.6201-9-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit cc0c92ff662d642dec2e3b85ef14265677ba7fb9 Author: Rosen Penev Date: Wed Sep 11 19:49:01 2024 -0700 net: ibm: emac: replace of_get_property of_property_read_u32 can be used. Signed-off-by: Rosen Penev Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240912024903.6201-8-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit baab9de385a880d1ce9c5fe6108b79e13f8a106d Author: Rosen Penev Date: Wed Sep 11 19:49:00 2024 -0700 net: ibm: emac: use netdev's phydev directly Avoids having to use own struct member. Signed-off-by: Rosen Penev Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240912024903.6201-7-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit a4dd8535a527061a01f2fd335596fa77ca240a96 Author: Rosen Penev Date: Wed Sep 11 19:48:59 2024 -0700 net: ibm: emac: use devm for register_netdev Cleans it up automatically. No need to handle manually. Signed-off-by: Rosen Penev Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240912024903.6201-6-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 93a6d4e03629067590219189eae6feba218650e1 Author: Rosen Penev Date: Wed Sep 11 19:48:58 2024 -0700 net: ibm: emac: remove mii_bus with devm Switching to devm management of mii_bus allows to remove mdiobus_unregister calls and thus avoids needing a mii_bus global struct member. Signed-off-by: Rosen Penev Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240912024903.6201-5-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 969b002d7b65062ab16fc6b6a444602a56b1e628 Author: Rosen Penev Date: Wed Sep 11 19:48:57 2024 -0700 net: ibm: emac: use devm for of_iomap Allows removing manual iounmap. Signed-off-by: Rosen Penev Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240912024903.6201-4-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit dcc34ef7c83473222027f475014a2bf8ab798372 Author: Rosen Penev Date: Wed Sep 11 19:48:56 2024 -0700 net: ibm: emac: manage emac_irq with devm It's the last to go in remove. Safe to let devm handle it. Also move request_irq to probe for clarity. It's removed in _remove not close. Use dev_err_probe instead of printk. Handles EPROBE_DEFER automatically. Signed-off-by: Rosen Penev Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240912024903.6201-3-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit b9758c434284272e24d6fdc9e71166c7e4f40ffb Author: Rosen Penev Date: Wed Sep 11 19:48:55 2024 -0700 net: ibm: emac: use devm for alloc_etherdev Allows to simplify the code slightly. This is safe to do as free_netdev gets called last. Signed-off-by: Rosen Penev Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240912024903.6201-2-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit beb2baa9e54d7383618589f2f78721654231452e Author: Linu Cherian Date: Thu Sep 12 21:44:50 2024 +0530 octeontx2-af: debugfs: Add Channel info to RPM map Display channel info in the RPM map debugfs output. With this, cat /sys/kernel/debug/cn10k/rvu_pf_rpm_map would display channel number for each device in addition to the existing data. Sample output: PCI dev RVU PF Func NIX block rpm LMAC CHAN 0002:02:00.0 0x400 NIX0 rpm0 LMAC0 256 Signed-off-by: Linu Cherian Link: https://patch.msgid.link/20240912161450.164402-3-lcherian@marvell.com Signed-off-by: Jakub Kicinski commit 1ad84a151af7f4b3933983677bc75074f957bdf5 Author: Maxime Chevallier Date: Fri Sep 13 12:05:14 2024 +0200 net: ethtool: phy: Don't set the context dev pointer for unfiltered DUMP The context info allows continuing DUMP requests, shall they fill the netlink buffer. In the case of filtered DUMP requests, a reference on the netdev is grabbed in the .start() callback and release in .done(). Unfiltered DUMP request don't need the dev pointer to be set in the context info, doing so will trigger an unwanted netdev_put() in .done(). Reported-by: syzbot+e9ed4e4368d450c8f9db@syzkaller.appspotmail.com Closes: https://lore.kernel.org/netdev/000000000000d3bf150621d361a7@google.com/ Fixes: 17194be4c8e1 ("net: ethtool: Introduce a command to list PHYs on an interface") Signed-off-by: Maxime Chevallier Reviewed-by: Vadim Fedorenko Link: https://patch.msgid.link/20240913100515.167341-1-maxime.chevallier@bootlin.com Signed-off-by: Jakub Kicinski commit 06a104d55d56aae199ebac1078ca19f0f45202bc Merge: 37551b4540bdc1 2b2a9a08f8f0b9 Author: Jakub Kicinski Date: Fri Sep 13 21:27:10 2024 -0700 Merge tag 'linux-can-next-for-6.12-20240911' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next Marc Kleine-Budde says: ==================== pull-request: can-next 2024-09-11 The first patch is by Uwe Kleine-König targets all CAN platform driver and switches back the remove function to struct platform_driver::remove(). A patch by Stefan Mätje fixes the help text of the ESD USB driver. Jake Hamby's patch masks an unneeded interrupt in the m_can driver. The last 2 patches target the rockchip_canfd driver. Arnd Bergmann's patch reworks the delay calculation for the timekeeping worker, a patch by me fixes the decoding of the error code register. * tag 'linux-can-next-for-6.12-20240911' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next: can: rockchip_canfd: rkcanfd_handle_error_int_reg_ec(): fix decoding of error code register can: rockchip_canfd: rkcanfd_timestamp_init(): rework delay calculation can: m_can: m_can_chip_config(): mask timestamp wraparound IRQ can: usb: Kconfig: Fix list of devices for esd_usb driver can: Switch back to struct platform_driver::remove() ==================== Link: https://patch.msgid.link/20240912080438.2826895-1-mkl@pengutronix.de Signed-off-by: Jakub Kicinski commit 37551b4540bdc14c9fc530eca824124cf4ccfd35 Author: Dan Carpenter Date: Thu Sep 12 11:57:06 2024 +0300 rtase: Fix error code in rtase_init_board() Return an error if dma_set_mask_and_coherent() fails. Don't return success. Fixes: a36e9f5cfe9e ("rtase: Add support for a pci table in this module") Signed-off-by: Dan Carpenter Reviewed-by: Simon Horman Link: https://patch.msgid.link/f53ed942-5ac2-424b-a1ed-9473c599905e@stanley.mountain Signed-off-by: Jakub Kicinski commit 36f6b72cb8554575f571f14796939ed22ea3da3a Merge: 04ccecfa959d3b 717338e2b23309 Author: Jakub Kicinski Date: Fri Sep 13 21:20:13 2024 -0700 Merge tag 'linux-can-fixes-for-6.11-20240912' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can Marc Kleine-Budde says: ==================== pull-request: can 2024-09-12 Kuniyuki Iwashima's patch fixes an incomplete bug fix in the CAN BCM protocol, which was introduced during v6.11. A patch by Stefan Mätje removes the unsupported CAN_CTRLMODE_3_SAMPLES mode for CAN-USB/3-FD devices in the esd_usb driver. The next patch is by Martin Jocic and enables 64-bit DMA addressing for the kvaser_pciefd driver. The last two patches both affect the m_can driver. Jake Hamby's patch activates NAPI before interrupts are activated, a patch by me moves the stopping of the clock after the device has been shut down. * tag 'linux-can-fixes-for-6.11-20240912' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can: can: m_can: m_can_close(): stop clocks after device has been shut down can: m_can: enable NAPI before enabling interrupts can: kvaser_pciefd: Enable 64-bit DMA addressing can: esd_usb: Remove CAN_CTRLMODE_3_SAMPLES for CAN-USB/3-FD can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). ==================== Link: https://patch.msgid.link/20240912075804.2825408-1-mkl@pengutronix.de Signed-off-by: Jakub Kicinski commit 1b8c9cb3151a541a4197d2bb449233064f747832 Author: Gaosheng Cui Date: Thu Sep 12 09:19:49 2024 +0800 MIPS: Remove the obsoleted code for include/linux/mv643xx.h Most of the drivers which used this header have been deleted, most of these code is obsoleted, move the only defines that are actually used into arch/powerpc/platforms/chrp/pegasos_eth.c and delete the file completely. Signed-off-by: Gaosheng Cui Link: https://patch.msgid.link/20240912011949.2726928-1-cuigaosheng1@huawei.com Signed-off-by: Jakub Kicinski commit 158135dcb497572463256f54fd0807d119e1a4cd Merge: 7bb50f30c1239f bde04d9876c05e Author: Jakub Kicinski Date: Fri Sep 13 21:17:14 2024 -0700 Merge branch 'enic-report-per-queue-stats' Nelson Escobar says: ==================== enic: Report per queue stats Patch #1: Use a macro instead of static const variables for array sizes. I didn't want to add more static const variables in the next patch so clean up the existing ones first. Patch #2: Collect per queue statistics Patch #3: Report per queue stats in netdev qstats Patch #4: Report some per queue stats in ethtool # NETIF="eno6" tools/testing/selftests/drivers/net/stats.py KTAP version 1 1..5 ok 1 stats.check_pause # XFAIL pause not supported by the device ok 2 stats.check_fec # XFAIL FEC not supported by the device ok 3 stats.pkt_byte_sum ok 4 stats.qstat_by_ifindex ok 5 stats.check_down # tools/net/ynl/cli.py --spec Documentation/netlink/specs/netdev.yaml \ --dump qstats-get --json '{"ifindex": "34"}' [{'ifindex': 34, 'rx-bytes': 66762680, 'rx-csum-unnecessary': 1009345, 'rx-hw-drop-overruns': 0, 'rx-hw-drops': 0, 'rx-packets': 1009673, 'tx-bytes': 137936674899, 'tx-csum-none': 125, 'tx-hw-gso-packets': 2408712, 'tx-needs-csum': 2431531, 'tx-packets': 15475466, 'tx-stop': 0, 'tx-wake': 0}] v2: https://lore.kernel.org/20240905010900.24152-1-neescoba@cisco.com v1: https://lore.kernel.org/20240823235401.29996-1-neescoba@cisco.com ==================== Link: https://patch.msgid.link/20240912005039.10797-1-neescoba@cisco.com Signed-off-by: Jakub Kicinski commit bde04d9876c05e5fdb8fdf7c6db84ac26a9800b0 Author: Nelson Escobar Date: Wed Sep 11 17:50:39 2024 -0700 enic: Report some per queue statistics in ethtool Make 'ethtool -S ' output show some per rq/wq statistics that don't exist in the netdev qstats. Signed-off-by: Nelson Escobar Signed-off-by: John Daley Signed-off-by: Satish Kharat Link: https://patch.msgid.link/20240912005039.10797-5-neescoba@cisco.com Signed-off-by: Jakub Kicinski commit 77805ddb57552ae4606a8d738ac240188c52a9e1 Author: Nelson Escobar Date: Wed Sep 11 17:50:38 2024 -0700 enic: Report per queue statistics in netdev qstats Report per queue wq/rq statistics in netdev qstats. Signed-off-by: Nelson Escobar Signed-off-by: John Daley Signed-off-by: Satish Kharat Link: https://patch.msgid.link/20240912005039.10797-4-neescoba@cisco.com Signed-off-by: Jakub Kicinski commit f3f9150994961e8252008d8c669846c144dbde27 Author: Nelson Escobar Date: Wed Sep 11 17:50:37 2024 -0700 enic: Collect per queue statistics Collect and per rq/wq statistics. Signed-off-by: Nelson Escobar Signed-off-by: John Daley Signed-off-by: Satish Kharat Link: https://patch.msgid.link/20240912005039.10797-3-neescoba@cisco.com Signed-off-by: Jakub Kicinski commit a59571ad6dfcd830c6a9ca12ac0e1484584a7223 Author: Nelson Escobar Date: Wed Sep 11 17:50:36 2024 -0700 enic: Use macro instead of static const variables for array sizes In enic_ethtool.c there is no need to use static const variables to store array sizes when a macro can be used instead. Signed-off-by: Nelson Escobar Signed-off-by: John Daley Signed-off-by: Satish Kharat Link: https://patch.msgid.link/20240912005039.10797-2-neescoba@cisco.com Signed-off-by: Jakub Kicinski commit 7bb50f30c1239ff941c90a0b6b12d12121c8f6ab Merge: 716425d6f3fb73 2bf1259a6ea110 Author: Jakub Kicinski Date: Fri Sep 13 21:15:47 2024 -0700 Merge branch 'net-fib_rules-add-dscp-selector-support' Ido Schimmel says: ==================== net: fib_rules: Add DSCP selector support Currently, the kernel rejects IPv4 FIB rules that try to match on the upper three DSCP bits: # ip -4 rule add tos 0x1c table 100 # ip -4 rule add tos 0x3c table 100 Error: Invalid tos. The reason for that is that historically users of the FIB lookup API only populated the lower three DSCP bits in the TOS field of the IPv4 flow key ('flowi4_tos'), which fits the TOS definition from the initial IPv4 specification (RFC 791). This is not very useful nowadays and instead some users want to be able to match on the six bits DSCP field, which replaced the TOS and IP precedence fields over 25 years ago (RFC 2474). In addition, the current behavior differs between IPv4 and IPv6 which does allow users to match on the entire DSCP field using the TOS selector. Recent patchsets made sure that callers of the FIB lookup API now populate the entire DSCP field in the IPv4 flow key. Therefore, it is now possible to extend FIB rules to match on DSCP. This is done by adding a new DSCP attribute which is implemented for both IPv4 and IPv6 to provide user space programs a consistent behavior between both address families. The behavior of the old TOS selector is unchanged and IPv4 FIB rules using it will only match on the lower three DSCP bits. The kernel will reject rules that try to use both selectors. Patch #1 adds the new DSCP attribute but rejects its usage. Patches #2-#3 implement IPv4 and IPv6 support. Patch #4 allows user space to use the new attribute. Patches #5-#6 add selftests. ==================== Link: https://patch.msgid.link/20240911093748.3662015-1-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 2bf1259a6ea1104c55d1a5318eec1ef29e85cf76 Author: Ido Schimmel Date: Wed Sep 11 12:37:48 2024 +0300 selftests: fib_rule_tests: Add DSCP selector connect tests Test that locally generated traffic from a socket that specifies a DS Field using the IP_TOS / IPV6_TCLASS socket options is correctly redirected using a FIB rule that matches on DSCP. Add negative tests to verify that the rule is not it when it should not. Test with both IPv4 and IPv6 and with both TCP and UDP sockets. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Reviewed-by: David Ahern Link: https://patch.msgid.link/20240911093748.3662015-7-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit ac6ad3f3b5b11731312d9a4d3cfda74e22421b14 Author: Ido Schimmel Date: Wed Sep 11 12:37:47 2024 +0300 selftests: fib_rule_tests: Add DSCP selector match tests Add tests for the new FIB rule DSCP selector. Test with both IPv4 and IPv6 and with both input and output routes. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Reviewed-by: David Ahern Link: https://patch.msgid.link/20240911093748.3662015-6-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 4b041d286e918340a21d778e83c00649da2b58cb Author: Ido Schimmel Date: Wed Sep 11 12:37:46 2024 +0300 net: fib_rules: Enable DSCP selector usage Now that both IPv4 and IPv6 support the new DSCP selector, enable user space to configure FIB rules that make use of it by changing the policy of the new DSCP attribute so that it accepts values in the range of [0, 63]. Use NLA_U8 rather than NLA_UINT as the field is of fixed size. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Reviewed-by: David Ahern Link: https://patch.msgid.link/20240911093748.3662015-5-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 2cf630034e4ebcc52e0b69b776cafd90dc4f3919 Author: Ido Schimmel Date: Wed Sep 11 12:37:45 2024 +0300 ipv6: fib_rules: Add DSCP selector support Implement support for the new DSCP selector that allows IPv6 FIB rules to match on the entire DSCP field. This is done despite the fact that the above can be achieved using the existing TOS selector, so that user space program will be able to work with IPv4 and IPv6 rules in the same way. Differentiate between both selectors by adding a new bit in the IPv6 FIB rule structure that is only set when the 'FRA_DSCP' attribute is specified by user space. Reject rules that use both selectors. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Reviewed-by: David Ahern Link: https://patch.msgid.link/20240911093748.3662015-4-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit b9455fef8b1fc662369d982fe97dc66e6c332699 Author: Ido Schimmel Date: Wed Sep 11 12:37:44 2024 +0300 ipv4: fib_rules: Add DSCP selector support Implement support for the new DSCP selector that allows IPv4 FIB rules to match on the entire DSCP field, unlike the existing TOS selector that only matches on the three lower DSCP bits. Differentiate between both selectors by adding a new bit in the IPv4 FIB rule structure (in an existing one byte hole) that is only set when the 'FRA_DSCP' attribute is specified by user space. Reject rules that use both selectors. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Reviewed-by: David Ahern Link: https://patch.msgid.link/20240911093748.3662015-3-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit c951a29f6ba52b86223eb00bbcff43142d59a901 Author: Ido Schimmel Date: Wed Sep 11 12:37:43 2024 +0300 net: fib_rules: Add DSCP selector attribute The FIB rule TOS selector is implemented differently between IPv4 and IPv6. In IPv4 it is used to match on the three "Type of Services" bits specified in RFC 791, while in IPv6 is it is used to match on the six DSCP bits specified in RFC 2474. Add a new FIB rule attribute to allow matching on DSCP. The attribute will be used to implement a 'dscp' selector in ip-rule with a consistent behavior between IPv4 and IPv6. For now, set the type of the attribute to 'NLA_REJECT' so that user space will not be able to configure it. This restriction will be lifted once both IPv4 and IPv6 support the new attribute. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Reviewed-by: David Ahern Link: https://patch.msgid.link/20240911093748.3662015-2-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 716425d6f3fb7354023069042f240eddbc557504 Author: Danielle Ratson Date: Tue Sep 10 12:10:44 2024 +0300 net: ethtool: Enhance error messages sent to user space During the firmware flashing process, notifications are sent to user space to provide progress updates. When an error occurs, an error message is sent to indicate what went wrong. In some cases, appropriate error messages are missing. Add relevant error messages where applicable, allowing user space to better understand the issues encountered. Signed-off-by: Danielle Ratson Reviewed-by: Petr Machata Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240910091044.3044568-1-danieller@nvidia.com Signed-off-by: Jakub Kicinski commit 6503734916cc751bec825ff314d7cadaa587f2d0 Author: Andy Shevchenko Date: Fri Sep 13 15:51:46 2024 +0300 net: macb: Use predefined PCI vendor ID constant The PCI vendor ID for Cadence is defined in pci_ids.h. Use it. While at it, move to PCI_VDEVICE() macro and usual pattern for PCI device ID. Signed-off-by: Andy Shevchenko Link: https://patch.msgid.link/20240913125146.3628751-1-andriy.shevchenko@linux.intel.com Signed-off-by: Jakub Kicinski commit 04ccecfa959d3b9ae7348780d8e379c6486176ac Author: Eric Dumazet Date: Fri Sep 13 08:31:47 2024 +0000 ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() Blamed commit accidentally removed a check for rt->rt6i_idev being NULL, as spotted by syzbot: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] CPU: 1 UID: 0 PID: 10998 Comm: syz-executor Not tainted 6.11.0-rc6-syzkaller-00208-g625403177711 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 RIP: 0010:rt6_uncached_list_flush_dev net/ipv6/route.c:177 [inline] RIP: 0010:rt6_disable_ip+0x33e/0x7e0 net/ipv6/route.c:4914 Code: 41 80 3c 04 00 74 0a e8 90 d0 9b f7 48 8b 7c 24 08 48 8b 07 48 89 44 24 10 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 f7 e8 64 d0 9b f7 48 8b 44 24 18 49 39 06 RSP: 0018:ffffc900047374e0 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 1ffff1100fdf8f33 RCX: dffffc0000000000 RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88807efc78c0 RBP: ffffc900047375d0 R08: 0000000000000003 R09: fffff520008e6e8c R10: dffffc0000000000 R11: fffff520008e6e8c R12: 1ffff1100fdf8f18 R13: ffff88807efc7998 R14: 0000000000000000 R15: ffff88807efc7930 FS: 0000000000000000(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020002a80 CR3: 0000000022f62000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: addrconf_ifdown+0x15d/0x1bd0 net/ipv6/addrconf.c:3856 addrconf_notify+0x3cb/0x1020 notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93 call_netdevice_notifiers_extack net/core/dev.c:2032 [inline] call_netdevice_notifiers net/core/dev.c:2046 [inline] unregister_netdevice_many_notify+0xd81/0x1c40 net/core/dev.c:11352 unregister_netdevice_many net/core/dev.c:11414 [inline] unregister_netdevice_queue+0x303/0x370 net/core/dev.c:11289 unregister_netdevice include/linux/netdevice.h:3129 [inline] __tun_detach+0x6b9/0x1600 drivers/net/tun.c:685 tun_detach drivers/net/tun.c:701 [inline] tun_chr_close+0x108/0x1b0 drivers/net/tun.c:3510 __fput+0x24a/0x8a0 fs/file_table.c:422 task_work_run+0x24f/0x310 kernel/task_work.c:228 exit_task_work include/linux/task_work.h:40 [inline] do_exit+0xa2f/0x27f0 kernel/exit.c:882 do_group_exit+0x207/0x2c0 kernel/exit.c:1031 __do_sys_exit_group kernel/exit.c:1042 [inline] __se_sys_exit_group kernel/exit.c:1040 [inline] __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1040 x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f1acc77def9 Code: Unable to access opcode bytes at 0x7f1acc77decf. RSP: 002b:00007ffeb26fa738 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1acc77def9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 RBP: 00007f1acc7dd508 R08: 00007ffeb26f84d7 R09: 0000000000000003 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 0000000000000003 R14: 00000000ffffffff R15: 00007ffeb26fa8e0 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:rt6_uncached_list_flush_dev net/ipv6/route.c:177 [inline] RIP: 0010:rt6_disable_ip+0x33e/0x7e0 net/ipv6/route.c:4914 Code: 41 80 3c 04 00 74 0a e8 90 d0 9b f7 48 8b 7c 24 08 48 8b 07 48 89 44 24 10 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 f7 e8 64 d0 9b f7 48 8b 44 24 18 49 39 06 RSP: 0018:ffffc900047374e0 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 1ffff1100fdf8f33 RCX: dffffc0000000000 RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88807efc78c0 RBP: ffffc900047375d0 R08: 0000000000000003 R09: fffff520008e6e8c R10: dffffc0000000000 R11: fffff520008e6e8c R12: 1ffff1100fdf8f18 R13: ffff88807efc7998 R14: 0000000000000000 R15: ffff88807efc7930 FS: 0000000000000000(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020002a80 CR3: 0000000022f62000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Fixes: e332bc67cf5e ("ipv6: Don't call with rt6_uncached_list_flush_dev") Signed-off-by: Eric Dumazet Reviewed-by: Simon Horman Reviewed-by: David Ahern Acked-by: Martin KaFai Lau Link: https://patch.msgid.link/20240913083147.3095442-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit 99655a304e450baaae6b396cb942b9e47659d644 Author: Su Hui Date: Thu Sep 12 19:01:20 2024 +0800 net: tipc: avoid possible garbage value Clang static checker (scan-build) warning: net/tipc/bcast.c:305:4: The expression is an uninitialized value. The computed value will also be garbage [core.uninitialized.Assign] 305 | (*cong_link_cnt)++; | ^~~~~~~~~~~~~~~~~~ tipc_rcast_xmit() will increase cong_link_cnt's value, but cong_link_cnt is uninitialized. Although it won't really cause a problem, it's better to fix it. Fixes: dca4a17d24ee ("tipc: fix potential hanging after b/rcast changing") Signed-off-by: Su Hui Reviewed-by: Justin Stitt Link: https://patch.msgid.link/20240912110119.2025503-1-suhui@nfschina.com Signed-off-by: Jakub Kicinski commit 5277d130947ba8c0d54c16eed89eb97f0b6d2e5a Author: Masahiro Yamada Date: Sat Sep 14 02:37:54 2024 +0900 btf: require pahole 1.21+ for DEBUG_INFO_BTF with default DWARF version As described in commit 42d9b379e3e1 ("lib/Kconfig.debug: Allow BTF + DWARF5 with pahole 1.21+"), the combination of CONFIG_DEBUG_INFO_BTF and CONFIG_DEBUG_INFO_DWARF5 requires pahole 1.21+. GCC 11+ and Clang 14+ default to DWARF 5 when the -g flag is passed. For the same reason, the combination of CONFIG_DEBUG_INFO_BTF and CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT is also likely to require pahole 1.21+ these days. (At least, it is uncertain whether the actual requirement is pahole 1.16+ or 1.21+.) Signed-off-by: Masahiro Yamada Reviewed-by: Alan Maguire Acked-by: Andrii Nakryiko Reviewed-by: Nathan Chancellor Link: https://lore.kernel.org/r/20240913173759.1316390-3-masahiroy@kernel.org Signed-off-by: Alexei Starovoitov commit 42450f7a9086cf38e97c3aeeaabd229af7abbbad Author: Masahiro Yamada Date: Sat Sep 14 02:37:53 2024 +0900 btf: move pahole check in scripts/link-vmlinux.sh to lib/Kconfig.debug When DEBUG_INFO_DWARF5 is selected, pahole 1.21+ is required to enable DEBUG_INFO_BTF. When DEBUG_INFO_DWARF4 or DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT is selected, DEBUG_INFO_BTF can be enabled without pahole installed, but a build error will occur in scripts/link-vmlinux.sh: LD .tmp_vmlinux1 BTF: .tmp_vmlinux1: pahole (pahole) is not available Failed to generate BTF for vmlinux Try to disable CONFIG_DEBUG_INFO_BTF We did not guard DEBUG_INFO_BTF by PAHOLE_VERSION when previously discussed [1]. However, commit 613fe1692377 ("kbuild: Add CONFIG_PAHOLE_VERSION") added CONFIG_PAHOLE_VERSION after all. Now several CONFIG options, as well as the combination of DEBUG_INFO_BTF and DEBUG_INFO_DWARF5, are guarded by PAHOLE_VERSION. The remaining compile-time check in scripts/link-vmlinux.sh now appears to be an awkward inconsistency. This commit adopts Nathan's original work. [1]: https://lore.kernel.org/lkml/20210111180609.713998-1-natechancellor@gmail.com/ Signed-off-by: Masahiro Yamada Reviewed-by: Alan Maguire Acked-by: Andrii Nakryiko Reviewed-by: Nathan Chancellor Link: https://lore.kernel.org/r/20240913173759.1316390-2-masahiroy@kernel.org Signed-off-by: Alexei Starovoitov commit c980dc9c67a94ab716ffc06767cb435480bda09d Author: Masahiro Yamada Date: Sat Sep 14 02:37:52 2024 +0900 btf: remove redundant CONFIG_BPF test in scripts/link-vmlinux.sh CONFIG_DEBUG_INFO_BTF depends on CONFIG_BPF_SYSCALL, which in turn selects CONFIG_BPF. When CONFIG_DEBUG_INFO_BTF=y, CONFIG_BPF=y is always met. Signed-off-by: Masahiro Yamada Reviewed-by: Alan Maguire Acked-by: Andrii Nakryiko Reviewed-by: Nathan Chancellor Link: https://lore.kernel.org/r/20240913173759.1316390-1-masahiroy@kernel.org Signed-off-by: Alexei Starovoitov commit 9c699a8f3b273c62f7b364ff999e873501a1e834 Author: Martyn Welch Date: Thu Sep 12 18:37:40 2024 +0100 net: enetc: Replace ifdef with IS_ENABLED The enetc driver uses ifdefs when checking whether CONFIG_FSL_ENETC_PTP_CLOCK is enabled in a number of places. This works if the driver is built-in but fails if the driver is available as a kernel module. Replace the instances of ifdef with use of the IS_ENABLED macro, that will evaluate as true when this feature is built as a kernel module and follows the kernel's coding style. Reviewed-by: Vadim Fedorenko Signed-off-by: Martyn Welch Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240912173742.484549-1-martyn.welch@collabora.com Signed-off-by: Jakub Kicinski commit 9f3e7f11f21ac83cd99428390165177d4953b005 Author: Brett Creeley Date: Thu Sep 12 10:49:22 2024 -0700 fbnic: Set napi irq value after calling netif_napi_add The driver calls netif_napi_set_irq() and then calls netif_napi_add(), which calls netif_napi_add_weight(). At the end of netif_napi_add_weight() is a call to netif_napi_set_irq(napi, -1), which clears the previously set napi->irq value. Fix this by calling netif_napi_set_irq() after calling netif_napi_add(). This was found when reviewing another patch and I have no way to test this, but the fix seemed relatively straight forward. Fixes: bc6107771bb4 ("eth: fbnic: Allocate a netdevice and napi vectors with queues") Signed-off-by: Brett Creeley Reviewed-by: Joe Damato Reviewed-by: Vadim Fedorenko Link: https://patch.msgid.link/20240912174922.10550-1-brett.creeley@amd.com Signed-off-by: Jakub Kicinski commit 9297886f9fcd20176a2eb68961c79f4f0b99e117 Author: Kory Maincent Date: Thu Sep 12 11:05:50 2024 +0200 Documentation: networking: Fix missing PSE documentation and grammar issues Fix a missing end of phrase in the documentation. It describes the ETHTOOL_A_C33_PSE_ACTUAL_PW attribute, which was not fully explained. Also, fix grammar issues by using simple present tense instead of present continuous. Reviewed-by: Oleksij Rempel Signed-off-by: Kory Maincent Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240912090550.743174-1-kory.maincent@bootlin.com Signed-off-by: Jakub Kicinski commit 2c84b0aa28b9e73e8c4b4ce038269469434ae372 Author: Justin Iurman Date: Wed Sep 11 19:45:57 2024 +0200 net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input Free the skb before returning from rpl_input when skb_cow_head() fails. Use a "drop" label and goto instructions. Fixes: a7a29f9c361f ("net: ipv6: add rpl sr tunnel") Signed-off-by: Justin Iurman Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240911174557.11536-1-justin.iurman@uliege.be Signed-off-by: Jakub Kicinski commit b9c7ac4fe22c608acf6153a3329df2b6b6cd416c Author: Heiner Kallweit Date: Wed Sep 11 15:51:11 2024 +0200 r8169: disable ALDPS per default for RTL8125 En-Wei reported that traffic breaks if cable is unplugged for more than 3s and then re-plugged. This was supposed to be fixed by 621735f59064 ("r8169: fix rare issue with broken rx after link-down on RTL8125"). But apparently this didn't fix the issue for everybody. The 3s threshold rang a bell, as this is the delay after which ALDPS kicks in. And indeed disabling ALDPS fixes the issue for this user. Maybe this fixes the issue in general. In a follow-up step we could remove the first fix attempt and see whether anybody complains. Fixes: f1bce4ad2f1c ("r8169: add support for RTL8125") Tested-by: En-Wei WU Signed-off-by: Heiner Kallweit Link: https://patch.msgid.link/778b9d86-05c4-4856-be59-cde4487b9e52@gmail.com Signed-off-by: Jakub Kicinski commit 7fd551a87ba427fee2df8af4d83f4b7c220cc9dd Author: Qianqiang Liu Date: Fri Sep 13 09:47:32 2024 +0800 net: ag71xx: remove dead code path The "err" is always zero, so the following branch can never be executed: if (err) { ndev->stats.rx_dropped++; kfree_skb(skb); } Therefore, the "if" statement can be removed. Use "ndev->stats.rx_errors" to count "napi_build_skb()" failure Reviewed-by: Andrew Lunn Reviewed-by: Vadim Fedorenko Reviewed-by: Oleksij Rempel Link: https://lore.kernel.org/20240911135828.378317-1-usama.anjum@collabora.com Signed-off-by: Qianqiang Liu Link: https://patch.msgid.link/20240913014731.149739-1-qianqiang.liu@163.com Signed-off-by: Jakub Kicinski commit ef17c3d22cee57a857f3fbd3483d430fd5a44e1b Merge: 26d7460222a0be 7ffaa200251871 Author: Jakub Kicinski Date: Fri Sep 13 19:50:25 2024 -0700 Merge tag 'for-net-next-2024-09-12' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next Luiz Augusto von Dentz says: ==================== bluetooth-next pull request for net-next: - btusb: Add MediaTek MT7925-B22M support ID 0x13d3:0x3604 - btusb: Add Realtek RTL8852C support ID 0x0489:0xe122 - btrtl: Add the support for RTL8922A - btusb: Add 2 USB HW IDs for MT7925 (0xe118/e) - btnxpuart: Add support for ISO packets - btusb: Add Mediatek MT7925 support ID 0x13d3:0x3608 - btsdio: Do not bind to non-removable CYW4373 - hci_uart: Add support for Amlogic HCI UART * tag 'for-net-next-2024-09-12' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next: (27 commits) Bluetooth: btintel_pcie: Allocate memory for driver private data Bluetooth: btusb: Fix not handling ZPL/short-transfer Bluetooth: btusb: Add 2 USB HW IDs for MT7925 (0xe118/e) Bluetooth: btsdio: Do not bind to non-removable CYW4373 Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL Bluetooth: CMTP: Mark BT_CMTP as DEPRECATED Bluetooth: replace deprecated strncpy with strscpy_pad Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED Bluetooth: btrtl: Set msft ext address filter quirk for RTL8852B Bluetooth: Use led_set_brightness() in LED trigger activate() callback Bluetooth: btrtl: Use kvmemdup to simplify the code Bluetooth: btusb: Add Mediatek MT7925 support ID 0x13d3:0x3608 Bluetooth: btrtl: Add the support for RTL8922A Bluetooth: hci_ldisc: Use speed set by btattach as oper_speed Bluetooth: hci_conn: Remove redundant memset after kzalloc Bluetooth: L2CAP: Remove unused declarations dt-bindings: bluetooth: bring the HW description closer to reality for wcn6855 Bluetooth: btnxpuart: Add support for ISO packets Bluetooth: hci_h4: Add support for ISO packets in h4_recv.h Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0489:0xe122 ... ==================== Link: https://patch.msgid.link/20240912214317.3054060-1-luiz.dentz@gmail.com Signed-off-by: Jakub Kicinski commit 157f29152b61ca41809dd7ead29f5733adeced19 Author: Breno Leitao Date: Thu Sep 12 08:56:19 2024 -0700 netkit: Assign missing bpf_net_context During the introduction of struct bpf_net_context handling for XDP-redirect, the netkit driver has been missed, which also requires it because NETKIT_REDIRECT invokes skb_do_redirect() which is accessing the per-CPU variables. Otherwise we see the following crash: BUG: kernel NULL pointer dereference, address: 0000000000000038 bpf_redirect() netkit_xmit() dev_hard_start_xmit() Set the bpf_net_context before invoking netkit_xmit() program within the netkit driver. Fixes: 401cb7dae813 ("net: Reference bpf_redirect_info via task_struct on PREEMPT_RT.") Signed-off-by: Breno Leitao Acked-by: Daniel Borkmann Reviewed-by: Sebastian Andrzej Siewior Reviewed-by: Toke Høiland-Jørgensen Acked-by: Nikolay Aleksandrov Acked-by: Martin KaFai Lau Link: https://patch.msgid.link/20240912155620.1334587-1-leitao@debian.org Signed-off-by: Jakub Kicinski commit 4144a1059b47e821c82c3c82eb23a4c7312dce3a Author: Maciej Fijalkowski Date: Wed Sep 11 21:10:19 2024 +0200 xsk: fix batch alloc API on non-coherent systems In cases when synchronizing DMA operations is necessary, xsk_buff_alloc_batch() returns a single buffer instead of the requested count. This puts the pressure on drivers that use batch API as they have to check for this corner case on their side and take care of allocations by themselves, which feels counter productive. Let us improve the core by looping over xp_alloc() @max times when slow path needs to be taken. Another issue with current interface, as spotted and fixed by Dries, was that when driver called xsk_buff_alloc_batch() with @max == 0, for slow path case it still allocated and returned a single buffer, which should not happen. By introducing the logic from first paragraph we kill two birds with one stone and address this problem as well. Fixes: 47e4075df300 ("xsk: Batched buffer allocation for the pool") Reported-and-tested-by: Dries De Winter Co-developed-by: Dries De Winter Signed-off-by: Dries De Winter Signed-off-by: Maciej Fijalkowski Acked-by: Magnus Karlsson Acked-by: Alexei Starovoitov Link: https://patch.msgid.link/20240911191019.296480-1-maciej.fijalkowski@intel.com Signed-off-by: Jakub Kicinski commit 3cd3b49989fef8556b018fb8038581195b253b8d Author: Johan Hovold Date: Tue Jul 23 17:13:28 2024 +0200 dt-bindings: PCI: qcom: Allow 'vddpe-3v3-supply' again Commit 756485bfbb85 ("dt-bindings: PCI: qcom,pcie-sc7280: Move SC7280 to dedicated schema") incorrectly removed 'vddpe-3v3-supply' from the bindings, which results in DT checker warnings like: arch/arm64/boot/dts/qcom/msm8996-sony-xperia-tone-dora.dtb: pcie@600000: Unevaluated properties are not allowed ('vddpe-3v3-supply' was unexpected) from schema $id: http://devicetree.org/schemas/pci/qcom,pcie.yaml# Note that this property has been part of the Qualcomm PCIe bindings since 2018 and would need to be deprecated rather than simply removed if there is a desire to replace it with 'vpcie3v3' which is used for some non-Qualcomm controllers. Link: https://lore.kernel.org/lkml/Zp_LPixNnh-2Fy5N@hovoldconsulting.com/ Fixes: 756485bfbb85 ("dt-bindings: PCI: qcom,pcie-sc7280: Move SC7280 to dedicated schema") Link: https://lore.kernel.org/r/20240723151328.684-1-johan+linaro@kernel.org Signed-off-by: Johan Hovold Signed-off-by: Bjorn Helgaas Reviewed-by: Krzysztof Kozlowski Reviewed-by: Manivannan Sadhasivam commit ca7a5bac4528f45efbc19401c926f4cbed291c95 Merge: 211bf9cf178a98 986deb297d48ae Author: Alexei Starovoitov Date: Fri Sep 13 16:51:08 2024 -0700 Merge branch 'two-tiny-fixes-for-btf-record' Hou Tao says: ==================== The tiny patch set aims to fix two problems found during the development of supporting dynptr key in hash table. Patch #1 fixes the missed btf_record_free() when map creation fails and patch #2 fixes the missed kfree() when there is no special field in the passed btf. ==================== Link: https://lore.kernel.org/r/20240912012845.3458483-1-houtao@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 986deb297d48ae7039ab975f00c14f0bfe069125 Author: Hou Tao Date: Thu Sep 12 09:28:45 2024 +0800 bpf: Call the missed kfree() when there is no special field in btf Call the missed kfree() in btf_parse_struct_metas() when there is no special field in btf, otherwise will get the following kmemleak report: unreferenced object 0xffff888101033620 (size 8): comm "test_progs", pid 604, jiffies 4295127011 ...... backtrace (crc e77dc444): [<00000000186f90f3>] kmemleak_alloc+0x4b/0x80 [<00000000ac8e9c4d>] __kmalloc_cache_noprof+0x2a1/0x310 [<00000000d99d68d6>] btf_new_fd+0x72d/0xe90 [<00000000f010b7f8>] __sys_bpf+0xec3/0x2410 [<00000000e077ed6f>] __x64_sys_bpf+0x1f/0x30 [<00000000a12f9e55>] x64_sys_call+0x199/0x9f0 [<00000000f3029ea6>] do_syscall_64+0x3b/0xc0 [<000000005640913a>] entry_SYSCALL_64_after_hwframe+0x4b/0x53 Fixes: 7a851ecb1806 ("bpf: Search for kptrs in prog BTF structs") Signed-off-by: Hou Tao Acked-by: Jiri Olsa Link: https://lore.kernel.org/r/20240912012845.3458483-3-houtao@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 87e9675a0dfd0bf4a36550e4a0e673038ec67aee Author: Hou Tao Date: Thu Sep 12 09:28:44 2024 +0800 bpf: Call the missed btf_record_free() when map creation fails When security_bpf_map_create() in map_create() fails, map_create() will call btf_put() and ->map_free() callback to free the map. It doesn't free the btf_record of map value, so add the missed btf_record_free() when map creation fails. However btf_record_free() needs to be called after ->map_free() just like bpf_map_free_deferred() did, because ->map_free() may use the btf_record to free the special fields in preallocated map value. So factor out bpf_map_free() helper to free the map, btf_record, and btf orderly and use the helper in both map_create() and bpf_map_free_deferred(). Signed-off-by: Hou Tao Acked-by: Jiri Olsa Link: https://lore.kernel.org/r/20240912012845.3458483-2-houtao@huaweicloud.com Signed-off-by: Alexei Starovoitov commit d0aac667f2e02f114bc6c3bf8c085a6060599aef Author: zhang jiao Date: Wed Sep 11 14:04:01 2024 +0800 tools: PCI: Remove unused BILLION macro The macro BILLION is never referenced in the code. Remove it. Link: https://lore.kernel.org/r/20240911060401.9230-1-zhangjiao2@cmss.chinamobile.com Signed-off-by: zhang jiao Signed-off-by: Bjorn Helgaas Signed-off-by: Krzysztof Wilczyński commit 5dd15cce0c5426fff7b30c792d908e93646cd8c5 Author: zhang jiao Date: Mon Sep 2 12:12:40 2024 +0800 tools: PCI: Remove .*.cmd files with make clean Remove any leftover .*.cmd files with make clean. No functional changes intended. Link: https://lore.kernel.org/linux-pci/20240902041240.5475-1-zhangjiao2@cmss.chinamobile.com Signed-off-by: zhang jiao [kwilczynski: commit log, move .*.cmd before .*.d to align with other Makefiles, don't remove the newline] Signed-off-by: Krzysztof Wilczyński commit 0cca961a026177af69044f10d6ae76d8ce043764 Author: Manivannan Sadhasivam Date: Thu Sep 12 11:00:25 2024 +0530 PCI: Pass domain number to pci_bus_release_domain_nr() explicitly The pci_bus_release_domain_nr() API is supposed to free the domain number allocated by pci_bus_find_domain_nr(). Most of the callers of pci_bus_find_domain_nr(), store the domain number in pci_bus::domain_nr. As such, the pci_bus_release_domain_nr() implicitly frees the domain number by dereferencing 'struct pci_bus'. However, one of the callers of this API, the PCI endpoint subsystem, doesn't have 'struct pci_bus', so it only passes NULL. Due to this, the API will end up dereferencing the NULL pointer. To fix this issue, pass the domain number to this API explicitly. Since 'struct pci_bus' is not used for anything else other than extracting the domain number, it makes sense to pass the domain number directly. Fixes: 0328947c5032 ("PCI: endpoint: Assign PCI domain number for endpoint controllers") Closes: https://lore.kernel.org/linux-pci/c0c40ddb-bf64-4b22-9dd1-8dbb18aa2813@stanley.mountain Link: https://lore.kernel.org/linux-pci/20240912053025.25314-1-manivannan.sadhasivam@linaro.org Reported-by: Dan Carpenter Signed-off-by: Manivannan Sadhasivam [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński commit 4d60f6d4b8fa4d7bad4aeb2b3ee5c10425bc60a4 Author: Siddharth Vadapalli Date: Tue Aug 27 17:54:22 2024 +0530 PCI: dra7xx: Fix error handling when IRQ request fails in probe Commit d4c7d1a089d6 ("PCI: dwc: dra7xx: Push request_irq() call to the bottom of probe") moved the IRQ request for "dra7xx-pcie-main" towards the end of dra7xx_pcie_probe(). However, the error handling does not take into account the initialization performed by either dra7xx_add_pcie_port() or dra7xx_add_pcie_ep(), depending on the mode of operation. Fix the error handling to address this. Fixes: d4c7d1a089d6 ("PCI: dwc: dra7xx: Push request_irq() call to the bottom of probe") Link: https://lore.kernel.org/linux-pci/20240827122422.985547-3-s-vadapalli@ti.com Tested-by: Udit Kumar Signed-off-by: Siddharth Vadapalli [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Kevin Hilman Reviewed-by: Manivannan Sadhasivam Cc: stable@vger.kernel.org commit 03f84b3baba7836bdfc162c19288d5ce1aa92890 Author: Siddharth Vadapalli Date: Tue Aug 27 17:54:21 2024 +0530 PCI: dra7xx: Fix threaded IRQ request for "dra7xx-pcie-main" IRQ Commit da87d35a6e51 ("PCI: dra7xx: Use threaded IRQ handler for "dra7xx-pcie-main" IRQ") switched from devm_request_irq() to devm_request_threaded_irq() for the "dra7xx-pcie-main" interrupt. Since the primary handler was set to NULL, the "IRQF_ONESHOT" flag should have also been set. Fix this. Fixes: da87d35a6e51 ("PCI: dra7xx: Use threaded IRQ handler for "dra7xx-pcie-main" IRQ") Suggested-by: Vignesh Raghavendra Link: https://lore.kernel.org/linux-pci/20240827122422.985547-2-s-vadapalli@ti.com Reported-by: Udit Kumar Signed-off-by: Siddharth Vadapalli Signed-off-by: Krzysztof Wilczyński Reviewed-by: Kevin Hilman Reviewed-by: Manivannan Sadhasivam Cc: stable@vger.kernel.org commit c1ddb29709e675ea2a406e3114dbf5c8c705dd59 Author: Gustavo A. R. Silva Date: Wed Aug 7 09:19:07 2024 -0600 rpmsg: glink: Avoid -Wflex-array-member-not-at-end warnings -Wflex-array-member-not-at-end was introduced in GCC-14, and we are getting ready to enable it, globally. So, in order to avoid ending up with a flexible-array member in the middle of multiple other structs, we use the `__struct_group()` helper to create a new tagged `struct glink_msg_hdr`. This structure groups together all the members of the flexible `struct glink_msg` except the flexible array. As a result, the array is effectively separated from the rest of the members without modifying the memory layout of the flexible structure. We then change the type of the middle struct members currently causing trouble from `struct glink_msg` to `struct glink_msg_hdr`. We also want to ensure that when new members need to be added to the flexible structure, they are always included within the newly created tagged struct. For this, we use `static_assert()`. This ensures that the memory layout for both the flexible structure and the new tagged struct is the same after any changes. This approach avoids having to implement `struct glink_msg_hdr` as a completely separate structure, thus preventing having to maintain two independent but basically identical structures, closing the door to potential bugs in the future. We also use `container_of()` whenever we need to retrieve a pointer to the flexible structure, through which we can access the flexible-array member, if necessary. Additionally, we use the `DEFINE_RAW_FLEX()` helper for an on-stack definition of a flexible structure where the size for the flexible-array member is known at compile-time. So, with these changes, fix the following warnings: drivers/rpmsg/qcom_glink_native.c:51:26: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/rpmsg/qcom_glink_native.c:459:34: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/rpmsg/qcom_glink_native.c:846:34: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/rpmsg/qcom_glink_native.c:968:34: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/rpmsg/qcom_glink_native.c:1380:34: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva Reviewed-by: Kees Cook Link: https://lore.kernel.org/r/ZrOQa2gew5yadyt3@cute Signed-off-by: Bjorn Andersson commit 313312c84b42d7b8ee1fb03ab30befc2bd0db211 Author: Min-Hua Chen Date: Sat Sep 14 04:17:02 2024 +0800 pm: cpupower: rename raw_pylibcpupower.i The raw_pylibcpupower.i is removed unexpectedly after 'make mrproper' We can reproduce the error by performing the following steps: cd linux-next make mrproper cd tools/power/cpupower/bindings/python make We will get an error message: make: *** No rule to make target 'raw_pylibcpupower.i', needed by 'raw_pylibcpupower_wrap.c'. Stop. The root cause: The *.i files are already used for pre-processor output files and the kernel removes all the *.i files by 'make mrproper'. That explains why the raw_pylibcpupower.i is removed by 'make mrproper'. To fix it, Follow John's suggestion to rename raw_pylibcpupower.i to raw_pylibcpupower.swg. See: https://www.swig.org/Doc4.2/SWIG.html Reviewed-by: John B. Wyatt IV Reviewed-by: John B. Wyatt IV Tested-by: John B. Wyatt IV Tested-by: John B. Wyatt IV Signed-off-by: Min-Hua Chen Signed-off-by: Shuah Khan commit 211bf9cf178a986f025b65cee11012d4e3d6b1f8 Author: Daniel Borkmann Date: Fri Sep 13 21:17:54 2024 +0200 selftests/bpf: Add a test case to write mtu result into .rodata Add a test which attempts to call bpf_check_mtu() and writes the MTU into .rodata section of the BPF program, and for comparison this adds test cases also for .bss and .data section again. The bpf_check_mtu() is a bit more special in that the passed mtu argument is read and written by the helper (instead of just written to). Assert that writes into .rodata remain rejected by the verifier. # ./vmtest.sh -- ./test_progs -t verifier_const [...] ./test_progs -t verifier_const [ 1.657367] bpf_testmod: loading out-of-tree module taints kernel. [ 1.657773] bpf_testmod: module verification failed: signature and/or required key missing - tainting kernel #473/1 verifier_const/rodata/strtol: write rejected:OK #473/2 verifier_const/bss/strtol: write accepted:OK #473/3 verifier_const/data/strtol: write accepted:OK #473/4 verifier_const/rodata/mtu: write rejected:OK #473/5 verifier_const/bss/mtu: write accepted:OK #473/6 verifier_const/data/mtu: write accepted:OK #473 verifier_const:OK [...] Summary: 2/10 PASSED, 0 SKIPPED, 0 FAILED For comparison, without the MEM_UNINIT on bpf_check_mtu's proto: # ./vmtest.sh -- ./test_progs -t verifier_const [...] #473/3 verifier_const/data/strtol: write accepted:OK run_subtest:PASS:obj_open_mem 0 nsec run_subtest:FAIL:unexpected_load_success unexpected success: 0 #473/4 verifier_const/rodata/mtu: write rejected:FAIL #473/5 verifier_const/bss/mtu: write accepted:OK #473/6 verifier_const/data/mtu: write accepted:OK #473 verifier_const:FAIL [...] Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/r/20240913191754.13290-9-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit 2e3f066020478316d7e13e0e2b9fe571c2f7f5af Author: Daniel Borkmann Date: Fri Sep 13 21:17:53 2024 +0200 selftests/bpf: Add a test case to write strtol result into .rodata Add a test case which attempts to write into .rodata section of the BPF program, and for comparison this adds test cases also for .bss and .data section. Before fix: # ./vmtest.sh -- ./test_progs -t verifier_const [...] ./test_progs -t verifier_const tester_init:PASS:tester_log_buf 0 nsec process_subtest:PASS:obj_open_mem 0 nsec process_subtest:PASS:specs_alloc 0 nsec run_subtest:PASS:obj_open_mem 0 nsec run_subtest:FAIL:unexpected_load_success unexpected success: 0 #465/1 verifier_const/rodata: write rejected:FAIL #465/2 verifier_const/bss: write accepted:OK #465/3 verifier_const/data: write accepted:OK #465 verifier_const:FAIL [...] After fix: # ./vmtest.sh -- ./test_progs -t verifier_const [...] ./test_progs -t verifier_const #465/1 verifier_const/rodata: write rejected:OK #465/2 verifier_const/bss: write accepted:OK #465/3 verifier_const/data: write accepted:OK #465 verifier_const:OK [...] Signed-off-by: Daniel Borkmann Acked-by: Shung-Hsi Yu Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240913191754.13290-8-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit b073b82d4d3cee703d17e099c7e739082f15bd2e Author: Daniel Borkmann Date: Fri Sep 13 21:17:52 2024 +0200 selftests/bpf: Rename ARG_PTR_TO_LONG test description Given we got rid of ARG_PTR_TO_LONG, change the test case description to avoid potential confusion: # ./vmtest.sh -- ./test_progs -t verifier_int_ptr [...] ./test_progs -t verifier_int_ptr [ 1.610563] bpf_testmod: loading out-of-tree module taints kernel. [ 1.611049] bpf_testmod: module verification failed: signature and/or required key missing - tainting kernel #489/1 verifier_int_ptr/arg pointer to long uninitialized:OK #489/2 verifier_int_ptr/arg pointer to long half-uninitialized:OK #489/3 verifier_int_ptr/arg pointer to long misaligned:OK #489/4 verifier_int_ptr/arg pointer to long size < sizeof(long):OK #489/5 verifier_int_ptr/arg pointer to long initialized:OK #489 verifier_int_ptr:OK Summary: 1/5 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/r/20240913191754.13290-7-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit b8e188f023e07a733b47d5865311ade51878fe40 Author: Daniel Borkmann Date: Fri Sep 13 21:17:51 2024 +0200 selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test The assumption of 'in privileged mode reads from uninitialized stack locations are permitted' is not quite correct since the verifier was probing for read access rather than write access. Both tests need to be annotated as __success for privileged and unprivileged. Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240913191754.13290-6-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit 4b3786a6c5397dc220b1483d8e2f4867743e966f Author: Daniel Borkmann Date: Fri Sep 13 21:17:50 2024 +0200 bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error For all non-tracing helpers which formerly had ARG_PTR_TO_{LONG,INT} as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, it is not needed given CAP_PERFMON can already read all kernel memory anyway hence bpf_get_func_arg() and bpf_get_func_ret() is skipped in here. Also, the MTU helpers mtu_len pointer value is being written but also read. Technically, the MEM_UNINIT should not be there in order to always force init. Removing MEM_UNINIT needs more verifier rework though: MEM_UNINIT right now implies two things actually: i) write into memory, ii) memory does not have to be initialized. If we lift MEM_UNINIT, it then becomes: i) read into memory, ii) memory must be initialized. This means that for bpf_*_check_mtu() we're readding the issue we're trying to fix, that is, it would then be able to write back into things like .rodata BPF maps. Follow-up work will rework the MEM_UNINIT semantics such that the intent can be better expressed. For now just clear the *mtu_len on error path which can be lifted later again. Fixes: 8a67f2de9b1d ("bpf: expose bpf_strtol and bpf_strtoul to all program types") Fixes: d7a4cb9b6705 ("bpf: Introduce bpf_strtol and bpf_strtoul helpers") Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/e5edd241-59e7-5e39-0ee5-a51e31b6840a@iogearbox.net Link: https://lore.kernel.org/r/20240913191754.13290-5-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit 18752d73c1898fd001569195ba4b0b8c43255f4a Author: Daniel Borkmann Date: Fri Sep 13 21:17:49 2024 +0200 bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types When checking malformed helper function signatures, also take other argument types into account aside from just ARG_PTR_TO_UNINIT_MEM. This concerns (formerly) ARG_PTR_TO_{INT,LONG} given uninitialized memory can be passed there, too. The func proto sanity check goes back to commit 435faee1aae9 ("bpf, verifier: add ARG_PTR_TO_RAW_STACK type"), and its purpose was to detect wrong func protos which had more than just one MEM_UNINIT-tagged type as arguments. The reason more than one is currently not supported is as we mark stack slots with STACK_MISC in check_helper_call() in case of raw mode based on meta.access_size to allow uninitialized stack memory to be passed to helpers when they just write into the buffer. Probing for base type as well as MEM_UNINIT tagging ensures that other types do not get missed (as it used to be the case for ARG_PTR_TO_{INT,LONG}). Fixes: 57c3bb725a3d ("bpf: Introduce ARG_PTR_TO_{INT,LONG} arg types") Reported-by: Shung-Hsi Yu Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Acked-by: Shung-Hsi Yu Link: https://lore.kernel.org/r/20240913191754.13290-4-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit 32556ce93bc45c730829083cb60f95a2728ea48b Author: Daniel Borkmann Date: Fri Sep 13 21:17:48 2024 +0200 bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map (like in case of .rodata), it was still possible to write into it from a BPF program side through specific helpers having ARG_PTR_TO_{LONG,INT} as arguments. In check_func_arg() when the argument is as mentioned, the meta->raw_mode is never set. Later, check_helper_mem_access(), under the case of PTR_TO_MAP_VALUE as register base type, it assumes BPF_READ for the subsequent call to check_map_access_type() and given the BPF map is read-only it succeeds. The helpers really need to be annotated as ARG_PTR_TO_{LONG,INT} | MEM_UNINIT when results are written into them as opposed to read out of them. The latter indicates that it's okay to pass a pointer to uninitialized memory as the memory is written to anyway. However, ARG_PTR_TO_{LONG,INT} is a special case of ARG_PTR_TO_FIXED_SIZE_MEM just with additional alignment requirement. So it is better to just get rid of the ARG_PTR_TO_{LONG,INT} special cases altogether and reuse the fixed size memory types. For this, add MEM_ALIGNED to additionally ensure alignment given these helpers write directly into the args via * = val. The .arg*_size has been initialized reflecting the actual sizeof(*). MEM_ALIGNED can only be used in combination with MEM_FIXED_SIZE annotated argument types, since in !MEM_FIXED_SIZE cases the verifier does not know the buffer size a priori and therefore cannot blindly write * = val. Fixes: 57c3bb725a3d ("bpf: Introduce ARG_PTR_TO_{INT,LONG} arg types") Reported-by: Lonial Con Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Acked-by: Shung-Hsi Yu Link: https://lore.kernel.org/r/20240913191754.13290-3-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit 7d71f59e028028f1160602121f40f45e89b3664e Author: Daniel Borkmann Date: Fri Sep 13 21:17:47 2024 +0200 bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers Both bpf_strtol() and bpf_strtoul() helpers passed a temporary "long long" respectively "unsigned long long" to __bpf_strtoll() / __bpf_strtoull(). Later, the result was checked for truncation via _res != ({unsigned,} long)_res as the destination buffer for the BPF helpers was of type {unsigned,} long which is 32bit on 32bit architectures. Given the latter was a bug in the helper signatures where the destination buffer got adjusted to {s,u}64, the truncation check can now be removed. Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240913191754.13290-2-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit cfe69c50b05510b24e26ccb427c7cc70beafd6c1 Author: Daniel Borkmann Date: Fri Sep 13 21:17:46 2024 +0200 bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit The bpf_strtol() and bpf_strtoul() helpers are currently broken on 32bit: The argument type ARG_PTR_TO_LONG is BPF-side "long", not kernel-side "long" and therefore always considered fixed 64bit no matter if 64 or 32bit underlying architecture. This contract breaks in case of the two mentioned helpers since their BPF_CALL definition for the helpers was added with {unsigned,}long *res. Meaning, the transition from BPF-side "long" (BPF program) to kernel-side "long" (BPF helper) breaks here. Both helpers call __bpf_strtoll() with "long long" correctly, but later assigning the result into 32-bit "*(long *)" on 32bit architectures. From a BPF program point of view, this means upper bits will be seen as uninitialised. Therefore, fix both BPF_CALL signatures to {s,u}64 types to fix this situation. Now, changing also uapi/bpf.h helper documentation which generates bpf_helper_defs.h for BPF programs is tricky: Changing signatures there to __{s,u}64 would trigger compiler warnings (incompatible pointer types passing 'long *' to parameter of type '__s64 *' (aka 'long long *')) for existing BPF programs. Leaving the signatures as-is would be fine as from BPF program point of view it is still BPF-side "long" and thus equivalent to __{s,u}64 on 64 or 32bit underlying architectures. Note that bpf_strtol() and bpf_strtoul() are the only helpers with this issue. Fixes: d7a4cb9b6705 ("bpf: Introduce bpf_strtol and bpf_strtoul helpers") Reported-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/481fcec8-c12c-9abb-8ecb-76c71c009959@iogearbox.net Link: https://lore.kernel.org/r/20240913191754.13290-1-daniel@iogearbox.net Signed-off-by: Alexei Starovoitov commit a18062d54a0ba35d22d2c7d3450964ada2a2ad7c Author: Yonghong Song Date: Fri Sep 13 08:03:32 2024 -0700 selftests/bpf: Add tests for sdiv/smod overflow cases Subtests are added to exercise the patched code which handles - LLONG_MIN/-1 - INT_MIN/-1 - LLONG_MIN%-1 - INT_MIN%-1 where -1 could be an immediate or in a register. Without the previous patch, all these cases will crash the kernel on x86_64 platform. Additional tests are added to use small values (e.g. -5/-1, 5%-1, etc.) in order to exercise the additional logic with patched insns. Signed-off-by: Yonghong Song Link: https://lore.kernel.org/r/20240913150332.1188102-1-yonghong.song@linux.dev Signed-off-by: Alexei Starovoitov commit 7dd34d7b7dcf9309fc6224caf4dd5b35bedddcb7 Author: Yonghong Song Date: Fri Sep 13 08:03:26 2024 -0700 bpf: Fix a sdiv overflow issue Zac Ecob reported a problem where a bpf program may cause kernel crash due to the following error: Oops: divide error: 0000 [#1] PREEMPT SMP KASAN PTI The failure is due to the below signed divide: LLONG_MIN/-1 where LLONG_MIN equals to -9,223,372,036,854,775,808. LLONG_MIN/-1 is supposed to give a positive number 9,223,372,036,854,775,808, but it is impossible since for 64-bit system, the maximum positive number is 9,223,372,036,854,775,807. On x86_64, LLONG_MIN/-1 will cause a kernel exception. On arm64, the result for LLONG_MIN/-1 is LLONG_MIN. Further investigation found all the following sdiv/smod cases may trigger an exception when bpf program is running on x86_64 platform: - LLONG_MIN/-1 for 64bit operation - INT_MIN/-1 for 32bit operation - LLONG_MIN%-1 for 64bit operation - INT_MIN%-1 for 32bit operation where -1 can be an immediate or in a register. On arm64, there are no exceptions: - LLONG_MIN/-1 = LLONG_MIN - INT_MIN/-1 = INT_MIN - LLONG_MIN%-1 = 0 - INT_MIN%-1 = 0 where -1 can be an immediate or in a register. Insn patching is needed to handle the above cases and the patched codes produced results aligned with above arm64 result. The below are pseudo codes to handle sdiv/smod exceptions including both divisor -1 and divisor 0 and the divisor is stored in a register. sdiv: tmp = rX tmp += 1 /* [-1, 0] -> [0, 1] if tmp >(unsigned) 1 goto L2 if tmp == 0 goto L1 rY = 0 L1: rY = -rY; goto L3 L2: rY /= rX L3: smod: tmp = rX tmp += 1 /* [-1, 0] -> [0, 1] if tmp >(unsigned) 1 goto L1 if tmp == 1 (is64 ? goto L2 : goto L3) rY = 0; goto L2 L1: rY %= rX L2: goto L4 // only when !is64 L3: wY = wY // only when !is64 L4: [1] https://lore.kernel.org/bpf/tPJLTEh7S_DxFEqAI2Ji5MBSoZVg7_G-Py2iaZpAaWtM961fFTWtsnlzwvTbzBzaUzwQAoNATXKUlt0LZOFgnDcIyKCswAnAGdUF3LBrhGQ=@protonmail.com/ Reported-by: Zac Ecob Signed-off-by: Yonghong Song Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240913150326.1187788-1-yonghong.song@linux.dev Signed-off-by: Alexei Starovoitov commit 8887042373e20b4f959aa4773ae02257069346d5 Author: Rob Herring (Arm) Date: Tue Sep 10 18:44:21 2024 -0500 dt-bindings: cpu: Drop duplicate nvidia,tegra186-ccplex-cluster.yaml "nvidia,tegra186-ccplex-cluster" is also documented in arm/tegra/nvidia,tegra-ccplex-cluster.yaml. As it covers Tegra234 as well, drop nvidia,tegra186-ccplex-cluster.yaml. Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240910234422.1042486-1-robh@kernel.org Signed-off-by: Rob Herring (Arm) commit 227e1ac07eaeedba2ee1c7de2b23cb5f0c5feb6c Author: Rob Herring (Arm) Date: Tue Sep 10 18:42:37 2024 -0500 dt-bindings: clock: mediatek: Drop duplicate mediatek,mt6795-sys-clock.yaml The compatible strings for mt6795 clocks are also documented in other schemas: "mediatek,mt6795-apmixedsys" in clock/mediatek,apmixedsys.yaml "mediatek,mt6795-topckgen" in clock/mediatek,topckgen.yaml "mediatek,mt6795-pericfg" in clock/mediatek,pericfg.yaml "mediatek,mt6795-infracfg" in clock/mediatek,infracfg.yaml The only difference is #reset-cells is not allowed in some of these, but that aligns with actual users in .dts files. Reviewed-by: AngeloGioacchino Del Regno Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240910234238.1028422-1-robh@kernel.org Signed-off-by: Rob Herring (Arm) commit 0423caceb4599fca7c9575e8d8477e88784c8ae8 Author: Vasileios Amoiridis Date: Fri Sep 13 00:16:05 2024 +0200 of/irq: Use helper to define resources Resources definition can become simpler and more organised by using the dedicated helpers. Suggested-by: Andy Shevchenko Signed-off-by: Vasileios Amoiridis Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240912221605.27089-3-vassilisamir@gmail.com Signed-off-by: Rob Herring (Arm) commit ba3c92ba09fecf9286f54ef54a03638711e11da8 Author: Vasileios Amoiridis Date: Fri Sep 13 00:16:04 2024 +0200 of/irq: Make use of irq_get_trigger_type() Convert irqd_get_trigger_type(irq_get_irq_data(irq)) cases to the more simple irq_get_trigger_type(irq). Suggested-by: Andy Shevchenko Reviewed-by: Krzysztof Kozlowski Signed-off-by: Vasileios Amoiridis Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240912221605.27089-2-vassilisamir@gmail.com Signed-off-by: Rob Herring (Arm) commit 5f949556ed38bfa3d89dfe46a18accf52b04fa42 Author: Geert Uytterhoeven Date: Wed Jan 11 16:55:17 2023 +0100 dt-bindings: clk: vc5: Make SD/OE pin configuration properties not required "make dtbs_check": arch/arm64/boot/dts/renesas/r8a77951-salvator-xs.dtb: clock-generator@6a: 'idt,shutdown' is a required property From schema: Documentation/devicetree/bindings/clock/idt,versaclock5.yaml arch/arm64/boot/dts/renesas/r8a77951-salvator-xs.dtb: clock-generator@6a: 'idt,output-enable-active' is a required property From schema: Documentation/devicetree/bindings/clock/idt,versaclock5.yaml Versaclock 5 clock generators can have their configuration stored in One-Time Programmable (OTP) memory. Hence there is no need to specify DT properties for manual configuration if the OTP has been programmed before. Likewise, the Linux driver does not touch the SD/OE bits if the corresponding properties are not specified, cfr. commit d83e561d43bc71e5 ("clk: vc5: Add properties for configuring SD/OE behavior"). Reflect this in the bindings by making the "idt,shutdown" and "idt,output-enable-active" properties not required, just like the various "idt,*" properties in the per-output child nodes. Fixes: 275e4e2dc0411508 ("dt-bindings: clk: vc5: Add properties for configuring the SD/OE pin") Signed-off-by: Geert Uytterhoeven Acked-by: Krzysztof Kozlowski Reviewed-by: Luca Ceresoli Link: https://lore.kernel.org/r/68037ad181991fe0b792f6d003e3e9e538d5ffd7.1673452118.git.geert+renesas@glider.be Signed-off-by: Rob Herring (Arm) commit 76c313f658d2752e8527610677164aa7094ef7a5 Author: Keith Busch Date: Fri Sep 13 12:17:46 2024 -0700 blk-integrity: improved sg segment mapping Make the integrity mapping more like data mapping, blk_rq_map_sg. Use the request to validate the segment count, and update the callers so they don't have to. Reviewed-by: Christoph Hellwig Reviewed-by: Martin K. Petersen Signed-off-by: Keith Busch Link: https://lore.kernel.org/r/20240913191746.2628196-1-kbusch@meta.com Signed-off-by: Jens Axboe commit 6417edb5d185917c4d7f72b81a4b6ebda26f7856 Author: Miquel Sabaté Solà Date: Wed Sep 11 22:49:38 2024 +0200 drivers/of: Improve documentation for match_string The description of the function now explicitly states that it's an *exact* match for the given string (i.e. not a submatch). It also better states all the possible return values. Signed-off-by: Miquel Sabaté Solà Link: https://lore.kernel.org/r/20240911204938.9172-1-mikisabate@gmail.com Signed-off-by: Rob Herring (Arm) commit 69b860034c33429b5bf7eb89fb8c0ad269ad9cbd Author: Zhang Zekun Date: Fri Aug 30 10:06:26 2024 +0800 of: property: Do some clean up with use of __free() __free() provides a scoped of_node_put() functionality to put the device_node automatically, and we don't need to call of_node_put() directly. Let's simplify the code a bit with the use of __free(). Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240830020626.115933-4-zhangzekun11@huawei.com Signed-off-by: Rob Herring (Arm) commit 0a543ac529fe18c7a6616d3d7af8fb08f1319fba Author: Nikunj Kela Date: Tue Sep 10 09:59:26 2024 -0700 dt-bindings: watchdog: qcom-wdt: document support on SA8255p Add a compatible for the SA8255p platform's KPSS watchdog. Reviewed-by: Krzysztof Kozlowski Reviewed-by: Guenter Roeck Signed-off-by: Nikunj Kela Link: https://lore.kernel.org/r/20240910165926.2408630-1-quic_nkela@quicinc.com Signed-off-by: Rob Herring (Arm) commit eeedbb1e80a84496f0d74979617efd4eb0096f5a Author: Fabio Estevam Date: Mon Jul 1 17:41:06 2024 -0300 dt-bindings: interrupt-controller: fsl,irqsteer: Document fsl,imx8qm-irqsteer Add an entry to fsl,imx8qm-irqsteer. This fixes the following dt-schema warning: failed to match any schema with compatible: ['fsl,imx8qm-irqsteer', 'fsl,imx-irqsteer'] Signed-off-by: Fabio Estevam Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240701204106.160128-1-festevam@gmail.com Signed-off-by: Rob Herring (Arm) commit 58b3ac2447c22189cd3a26ac1babb2dae13fd514 Author: Nikunj Kela Date: Tue Sep 10 09:26:37 2024 -0700 dt-bindings: interrupt-controller: arm,gic: add ESPI and EPPI specifiers Extended SPI and extended PPI interrupts are in the range [0-1023] and [0-127] respectively, supported by GICv3.1. Qualcomm SA8255p platform uses extended SPI for SCMI 'a2p' doorbells. Signed-off-by: Nikunj Kela Link: https://lore.kernel.org/r/20240910162637.2382656-1-quic_nkela@quicinc.com Signed-off-by: Rob Herring (Arm) commit def1baeb25cfe310ee608a99059354ea131d4317 Author: Piotr Wojtaszczyk Date: Thu Jun 27 17:00:20 2024 +0200 dt-bindings: dma: Add lpc32xx DMA mux binding LPC32XX SoCs use pl080 dma controller which have few request signals multiplexed between peripherals. This binding describes how devices can use the multiplexed request signals. Signed-off-by: Piotr Wojtaszczyk Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240627150046.258795-3-piotr.wojtaszczyk@timesys.com Signed-off-by: Rob Herring (Arm) commit f8fd66468fc21a978f01fe29ce8eee63c9569da5 Author: Rob Herring (Arm) Date: Tue Sep 3 16:52:08 2024 -0500 dt-bindings: trivial-devices: Drop duplicate "maxim,max1237" "maxim,max1237" is already documented in iio/adc/maxim,max1238.yaml, so drop it from trivial-devices.yaml. Link: https://lore.kernel.org/r/20240903-dt-trivial-devices-v1-4-ad684c754b9c@kernel.org Signed-off-by: Rob Herring (Arm) commit 7a75cd6f986133c68b80e68a2f31b633b5150e1c Author: Rob Herring (Arm) Date: Tue Sep 3 16:52:07 2024 -0500 dt-bindings: trivial-devices: Drop duplicate LM75 compatible devices Drop LM75 compatible devices which are already documented in lm75.yaml. Link: https://lore.kernel.org/r/20240903-dt-trivial-devices-v1-3-ad684c754b9c@kernel.org Signed-off-by: Rob Herring (Arm) commit 86ab4c5eb70a03efdd75f166efadd87fa91af2fe Author: Rob Herring (Arm) Date: Tue Sep 3 16:52:06 2024 -0500 dt-bindings: trivial-devices: Deprecate "ad,ad7414" The correct vendor prefix for Analog Devices is "adi", not "ad". Both forms are in use. Add the "adi,ad7414" version and deprecate the "ad,ad7414" version. Keep them together even though it breaks strict alphabetical ordering. Link: https://lore.kernel.org/r/20240903-dt-trivial-devices-v1-2-ad684c754b9c@kernel.org Signed-off-by: Rob Herring (Arm) commit 4d9b28c93e22ef6f65a0edb30c1ed84ff3298b15 Author: Rob Herring (Arm) Date: Tue Sep 3 16:52:05 2024 -0500 dt-bindings: trivial-devices: Drop incorrect and duplicate at24 compatibles "at,24c08" does not have a correct vendor prefix. The correct compatible string would be "atmel,24c08" which is already documented in at24.yaml. It is also unused anywhere, so just drop it. "st,24c256" is already documented in at24.yaml, so drop it as well. Link: https://lore.kernel.org/r/20240903-dt-trivial-devices-v1-1-ad684c754b9c@kernel.org Signed-off-by: Rob Herring (Arm) commit a4bd83e12c559a9dcaeaaec8d6cd5e248089d4db Author: Simon Horman Date: Sun Sep 8 21:25:16 2024 +0100 dt-bindings: wakeup-source: update reference to m8921-keypad.yaml commit 53ed3233e6b5 ("dt-bindings: input: qcom,pm8921-keypad: convert to YAML format") resulted in a renaming of the output .txt file from qcom,pm8xxx-keypad.txt to qcom,pm8921-keypad.yaml. This patch makes a corresponding update to the link to that .txt file in wakeup-source.txt. Flagged by make htmldocs: Warning: Documentation/devicetree/bindings/power/wakeup-source.txt references a file that doesn't exist: Documentation/devicetree/bindings/input/qcom,pm8xxx-keypad.txt Signed-off-by: Simon Horman Link: https://lore.kernel.org/r/20240908-keypad-wakeup-ref-v1-1-762e4641468a@kernel.org Signed-off-by: Rob Herring (Arm) commit 7bab88f173af2991df1ef4ff5d81292f58114d10 Author: Nikunj Kela Date: Thu Sep 5 12:15:10 2024 -0700 dt-bindings: interrupt-controller: qcom-pdc: document support for SA8255p Add compatible for pdc interrupt controller representing support on SA8255p. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Nikunj Kela Link: https://lore.kernel.org/r/20240905191510.3775179-1-quic_nkela@quicinc.com Signed-off-by: Rob Herring (Arm) commit a7fcc23274299209b19171911911fcd6b6c26bf7 Author: Yu-Chun Lin Date: Thu Sep 5 23:19:43 2024 +0800 dt-bindings: Fix various typos Corrected several typos in Documentation/devicetree/bindings files. Reviewed-by: Krzysztof Kozlowski Reviewed-by: Kuan-Wei Chiu Reviewed-by: Matti Vaittinen Signed-off-by: Yu-Chun Lin Link: https://lore.kernel.org/r/20240905151943.2792056-1-eleanor15x@gmail.com Signed-off-by: Rob Herring (Arm) commit 1a52a094c2f0821860d9ce15fffe01103a146f1f Author: Thomas Weißschuh Date: Fri Sep 6 14:25:19 2024 +0200 of: address: Unify resource bounds overflow checking The members "start" and "end" of struct resource are of type "resource_size_t" which can be 32bit wide. Values read from OF however are always 64bit wide. Refactor the diff overflow checks into a helper function. Also extend the checks to validate each calculation step. Signed-off-by: Thomas Weißschuh Link: https://lore.kernel.org/r/20240906-of-address-overflow-v1-1-19567aaa61da@linutronix.de [robh: Fix to not return error on 0 sized resource] Signed-off-by: Rob Herring (Arm) commit b920aa77be6d57d407b6b6be5d8b4ccc17749cce Author: Heiko Carstens Date: Fri Sep 13 15:05:43 2024 +0200 s390/vdso: Wire up getrandom() vdso implementation Provide the s390 specific vdso getrandom() architecture backend. _vdso_rng_data required data is placed within the _vdso_data vvar page, by using a hardcoded offset larger than vdso_data. As required the chacha20 implementation does not write to the stack. The implementation follows more or less the arm64 implementations and makes use of vector instructions. It has a fallback to the getrandom() system call for machines where the vector facility is not installed. The check if the vector facility is installed, as well as an optimization for machines with the vector-enhancements facility 2, is implemented with alternatives, avoiding runtime checks. Note that __kernel_getrandom() is implemented without the vdso user wrapper which would setup a stack frame for odd cases (aka very old glibc variants) where the caller has not done that. All callers of __kernel_getrandom() are required to setup a stack frame, like the C ABI requires it. The vdso testcases vdso_test_getrandom and vdso_test_chacha pass. Benchmark on a z16: $ ./vdso_test_getrandom bench-single vdso: 25000000 times in 0.493703559 seconds syscall: 25000000 times in 6.584025337 seconds Signed-off-by: Heiko Carstens Reviewed-by: Harald Freudenberger Signed-off-by: Jason A. Donenfeld commit 26d7460222a0be34ff61a92a1fcc4469797ad937 Author: Mina Almasry Date: Fri Sep 13 06:07:45 2024 +0000 memory-provider: disable building dmabuf mp on !CONFIG_PAGE_POOL When CONFIG_TRACEPOINTS=y but CONFIG_PAGE_POOL=n, we end up with this build failure that is reported by the 0-day bot: ld: vmlinux.o: in function `mp_dmabuf_devmem_alloc_netmems': >> (.text+0xc37286): undefined reference to `__tracepoint_page_pool_state_hold' >> ld: (.text+0xc3729a): undefined reference to `__SCT__tp_func_page_pool_state_hold' >> ld: vmlinux.o:(__jump_table+0x10c48): undefined reference to `__tracepoint_page_pool_state_hold' >> ld: vmlinux.o:(.static_call_sites+0xb824): undefined reference to `__SCK__tp_func_page_pool_state_hold' The root cause is that in this configuration, traces are enabled but the page_pool specific trace_page_pool_state_hold is not registered. There is no reason to build the dmabuf memory provider when CONFIG_PAGE_POOL is not present, as it's really a provider to the page_pool. In fact the whole NET_DEVMEM is RX path-only at the moment, so we can make the entire config dependent on the PAGE_POOL. Note that this may need to be revisited after/while devmem TX is added, as devmem TX likely does not need CONFIG_PAGE_POOL. For now this build fix is sufficient. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409131239.ysHQh4Tv-lkp@intel.com/ Signed-off-by: Mina Almasry Reviewed-by: Simon Horman Tested-by: Simon Horman # build-tested Link: https://patch.msgid.link/20240913060746.2574191-1-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 2772ee6de6cf94e5f2a0c0ce6067d0796a4170ba Author: Tang Bin Date: Sun Sep 8 22:02:59 2024 +0800 ASoC: topology: Fix redundant logical jump In the function soc_tplg_dai_config, the logical jump of 'goto err' is redundant, so remove it. Signed-off-by: Tang Bin Link: https://patch.msgid.link/20240908140259.3859-1-tangbin@cmss.chinamobile.com Signed-off-by: Mark Brown commit db5197b554fcb8fde0182af65e8e94bec414e342 Author: Keith Busch Date: Fri Sep 13 11:28:53 2024 -0700 block: unexport blk_rq_count_integrity_sg There are no external users of this. Reviewed-by: Christoph Hellwig Reviewed-by: Martin K. Petersen Signed-off-by: Keith Busch Link: https://lore.kernel.org/r/20240913182854.2445457-9-kbusch@meta.com Signed-off-by: Jens Axboe commit f4330766bc0d14b5eb9459e616060d697e7b128e Author: Keith Busch Date: Fri Sep 13 11:28:52 2024 -0700 nvme-rdma: use request to get integrity segments The request tracks the integrity segments already, so no need to recount the segments again. Reviewed-by: Christoph Hellwig Reviewed-by: Martin K. Petersen Reviewed-by: Kanchan Joshi Signed-off-by: Keith Busch Link: https://lore.kernel.org/r/20240913182854.2445457-8-kbusch@meta.com Signed-off-by: Jens Axboe commit 27c3785e94f003c664d9d867fbd62d1494546876 Author: Keith Busch Date: Fri Sep 13 11:28:51 2024 -0700 scsi: use request to get integrity segments The request tracks the integrity segments already, so no need to recount the segments again. Reviewed-by: Christoph Hellwig Reviewed-by: Martin K. Petersen Reviewed-by: Kanchan Joshi Signed-off-by: Keith Busch Link: https://lore.kernel.org/r/20240913182854.2445457-7-kbusch@meta.com Signed-off-by: Jens Axboe commit d2c5b1faccd5ef6352456f817e941945d3b3fe62 Author: Keith Busch Date: Fri Sep 13 11:28:50 2024 -0700 block: provide a request helper for user integrity segments Provide a helper to keep the request flags and nr_integrity_segments in sync with the bio's integrity payload. This is an integrity equivalent to the normal data helper function, 'blk_rq_map_user()'. Reviewed-by: Christoph Hellwig Reviewed-by: Martin K. Petersen Reviewed-by: Kanchan Joshi Signed-off-by: Keith Busch Link: https://lore.kernel.org/r/20240913182854.2445457-6-kbusch@meta.com Signed-off-by: Jens Axboe commit 0d7cb52fe417dde4bc9e8d01fadd8c0ec69612cd Author: Keith Busch Date: Fri Sep 13 11:28:49 2024 -0700 blk-integrity: consider entire bio list for merging If a bio is merged to a request, the entire bio list is merged, so don't temporarily detach it from its list when counting segments. In most cases, bi_next will already be NULL, so detaching is usually a no-op. But if the bio does have a list, the current code is miscounting the segments for the resulting merge. Reviewed-by: Christoph Hellwig Reviewed-by: Martin K. Petersen Signed-off-by: Keith Busch Link: https://lore.kernel.org/r/20240913182854.2445457-5-kbusch@meta.com Signed-off-by: Jens Axboe commit d148d7503456556859c7e4d354115215d8fb5016 Author: Keith Busch Date: Fri Sep 13 11:28:48 2024 -0700 blk-integrity: properly account for segments Both types of merging when integrity data is used are miscounting the segments: Merging two requests wasn't accounting for the new segment count, so add the "next" segment count to the first on a successful merge to ensure this value is accurate. Merging a bio into an existing request was double counting the bio's segments, even if the merge failed later on. Move the segment accounting to the end when the merge is successful. Reviewed-by: Christoph Hellwig Reviewed-by: Martin K. Petersen Signed-off-by: Keith Busch Link: https://lore.kernel.org/r/20240913182854.2445457-4-kbusch@meta.com Signed-off-by: Jens Axboe commit 9c297eced59817f461be33e4c241820c5be4bcc1 Author: Keith Busch Date: Fri Sep 13 11:28:47 2024 -0700 blk-mq: set the nr_integrity_segments from bio This value is used for merging considerations, so it needs to be accurate. Reviewed-by: Christoph Hellwig Reviewed-by: Martin K. Petersen Signed-off-by: Keith Busch Link: https://lore.kernel.org/r/20240913182854.2445457-3-kbusch@meta.com Signed-off-by: Jens Axboe commit 2b018086143d638de8d67ae5be6e8c1afb413193 Author: Keith Busch Date: Fri Sep 13 11:28:46 2024 -0700 blk-mq: unconditional nr_integrity_segments Always defining the field will make using it easier and less error prone in future patches. There shouldn't be any downside to this: the field fits in what would otherwise be a 2-byte hole, so we're not saving space by conditionally leaving it out. Reviewed-by: Christoph Hellwig Reviewed-by: Martin K. Petersen Signed-off-by: Keith Busch Link: https://lore.kernel.org/r/20240913182854.2445457-2-kbusch@meta.com Signed-off-by: Jens Axboe commit d21dffe51baabf6729a95585181507f24bd695a0 Author: Alex Shi Date: Mon Jul 29 14:49:26 2024 +0800 arch/sparc: remove unused varible paddrbase in function leon_swprobe() commit f22ed71cd602 ("sparc32,leon: SRMMU MMU Table probe fix") change return value from paddrbase to 'pte', but left the varible here. That causes a build warning for this varible, so we may remove it. make --keep-going CROSS_COMPILE=/home/alexs/0day/gcc-14.1.0-nolibc/sparc-linux/bin/sparc-linux- --jobs=16 KCFLAGS= -Wtautological-compare -Wno-error=return-type -Wreturn-type -Wcast-function-type -funsigned-char -Wundef -fstrict-flex-arrays=3 -Wformat-overflow -Wformat-truncation -Wrestrict -Wenum-conversion W=1 O=sparc ARCH=sparc defconfig SHELL=/bin/bash arch/sparc/mm/ mm/ -s :1519:2: warning: #warning syscall clone3 not implemented [-Wcpp] ../arch/sparc/mm/leon_mm.c: In function 'leon_swprobe': ../arch/sparc/mm/leon_mm.c:42:32: warning: variable 'paddrbase' set but not used [-Wunused-but-set-variable] 42 | unsigned int lvl, pte, paddrbase; | ^~~~~~~~~ Signed-off-by: Alex Shi To: linux-kernel@vger.kernel.org To: sparclinux@vger.kernel.org To: Christian Brauner To: Andreas Larsson To: David S. Miller Reviewed-by: Andreas Larsson Tested-by: Andreas Larsson Link: https://lore.kernel.org/r/20240729064926.3126528-1-alexs@kernel.org Signed-off-by: Andreas Larsson commit 4591a2271f2e4c320eaa63c348169e4e6e6f2852 Author: Christophe JAILLET Date: Mon Sep 9 21:30:51 2024 +0200 regulator: sm5703: Remove because it is unused and fails to build This file does not compile because is missing. In KConfig, it depends on MFD_SM5703. Both MFD_SM5703 and the missing include rely on another patch that never got merged. The last iteration related to this patch is [1]. So remove this dead-code and undo commit e8858ba89ca3 ("regulator: sm5703-regulator: Add regulators support for SM5703 MFD") [1]: https://lore.kernel.org/lkml/20220423085319.483524-5-markuss.broks@gmail.com/ Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/0f5da91a05e7343d290c88e3c583b674cf6219ac.1725910247.git.christophe.jaillet@wanadoo.fr Signed-off-by: Mark Brown commit dcd18a3fb1228409dfc24373c5c6868a655810b0 Author: Jinjie Ruan Date: Thu Sep 12 11:30:13 2024 +0800 Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() disable_irq() after request_irq() still has a time gap in which interrupts can come. request_irq() with IRQF_NO_AUTOEN flag will disable IRQ auto-enable when request IRQ. Fixes: 9ee0a0558819 ("Input: PS/2 gpio bit banging driver for serio bus") Signed-off-by: Jinjie Ruan Acked-by: Danilo Krummrich Link: https://lore.kernel.org/r/20240912033013.2610949-1-ruanjinjie@huawei.com Signed-off-by: Dmitry Torokhov commit b319cea80539df9bea0ad98cb5e4b2fcb7e1a34b Author: Vincent Donnefort Date: Tue Sep 10 08:31:23 2024 +0100 module: Refine kmemleak scanned areas commit ac3b43283923 ("module: replace module_layout with module_memory") introduced a set of memory regions for the module layout sharing the same attributes. However, it didn't update the kmemleak scanned areas which intended to limit kmemleak scan to sections containing writable data. This means sections such as .text and .rodata are scanned by kmemleak. Refine the scanned areas for modules by limiting it to MOD_TEXT and MOD_INIT_TEXT mod_mem regions. CC: Song Liu Reviewed-by: Catalin Marinas Signed-off-by: Vincent Donnefort Signed-off-by: Luis Chamberlain commit ce47f7cbbcadbc716325ccdd3be5d71f1e10a966 Author: Chunhui Li Date: Wed Sep 11 11:28:02 2024 +0800 module: abort module loading when sysfs setup suffer errors When insmod a kernel module, if fails in add_notes_attrs or add_sysfs_attrs such as memory allocation fail, mod_sysfs_setup will still return success, but we can't access user interface on android device. Patch for make mod_sysfs_setup can check the error of add_notes_attrs and add_sysfs_attrs [mcgrof: the section stuff comes from linux history.git [0]] Fixes: 3f7b0672086b ("Module section offsets in /sys/module") [0] Fixes: 6d76013381ed ("Add /sys/module/name/notes") Acked-by: Luis Chamberlain Reviewed-by: Petr Pavlu Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409010016.3XIFSmRA-lkp@intel.com/ Closes: https://lore.kernel.org/oe-kbuild-all/202409072018.qfEzZbO7-lkp@intel.com/ Link: https://git.kernel.org/pub/scm/linux/kernel/git/history/history.git/commit/?id=3f7b0672086b97b2d7f322bdc289cbfa203f10ef [0] Signed-off-by: Xion Wang Signed-off-by: Chunhui Li Signed-off-by: Luis Chamberlain commit 2a1de5678944147c2a41b6006127d2d0b618e83b Author: Chen-Yu Tsai Date: Wed Sep 11 15:27:41 2024 +0800 regulator: Split up _regulator_get() _regulator_get() contains a lot of common code doing checks prior to the regulator lookup and housekeeping work after the lookup. Almost all the code could be shared with a OF-specific variant of _regulator_get(). Split out the common parts so that they can be reused. The OF-specific version of _regulator_get() will be added in a subsequent patch. No functional changes were made. Signed-off-by: Chen-Yu Tsai Reviewed-by: Andy Shevchenko Link: https://patch.msgid.link/20240911072751.365361-4-wenst@chromium.org Signed-off-by: Mark Brown commit 49e2e353fb0dbef8dced3e8e65365580349c4b14 Author: Shenghao Ding Date: Thu Sep 12 07:27:37 2024 +0800 ASoC: tas2781: Add Calibration Kcontrols for Chromebook Add calibration related kcontrol for speaker impedance calibration and speaker leakage check for Chromebook. Signed-off-by: Shenghao Ding Link: https://patch.msgid.link/20240911232739.1509-1-shenghao-ding@ti.com Signed-off-by: Mark Brown commit 5cc69a27abfa91abbb39fc584f82d6c867b60f47 Author: Daeho Jeong Date: Thu Sep 12 09:59:58 2024 -0700 f2fs: forcibly migrate to secure space for zoned device file pinning We need to migrate data blocks even though it is full to secure space for zoned device file pinning. Fixes: 9703d69d9d15 ("f2fs: support file pinning for zoned devices") Signed-off-by: Daeho Jeong Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 0b117e58409efce351f435618e2b6023804c0988 Merge: 2ed1a4a5c0058d 6d8348ddc56ed4 Author: Mark Brown Date: Fri Sep 13 16:59:45 2024 +0100 AMD SoundWire machine driver code refactor Merge series from Vijendar Mukunda : This patch series moves common Soundwire endpoint parsing and dai creation logic to common placeholder from Intel generic SoundWire machine driver code to make it generic. AMD SoundWire machine driver code is refactored to use these functions for SoundWire endpoint parsing and dai creation logic. Link: https://github.com/thesofproject/linux/pull/5171 commit c1ae1b4ef5bf541c71ced84d087abed029f13b1a Author: Heiko Carstens Date: Fri Sep 13 15:05:42 2024 +0200 s390/vdso: Move vdso symbol handling to separate header file The vdso.h header file, which is included at many places, includes generated header files. This can easily lead to recursive header file inclusions if the vdso code is changed. Therefore move the vdso symbol code, which requires the generated header files, to a separate header file, and include it at the two locations which require it. Signed-off-by: Heiko Carstens Signed-off-by: Jason A. Donenfeld commit e10863fffe3a377a828f876a39cc1c47567b556f Author: Heiko Carstens Date: Fri Sep 13 15:05:41 2024 +0200 s390/vdso: Allow alternatives in vdso code Implement the infrastructure required to allow alternatives in vdso code. Signed-off-by: Heiko Carstens Signed-off-by: Jason A. Donenfeld commit a919390e9194209bac163ec8e19520bdb3fb738b Author: Heiko Carstens Date: Fri Sep 13 15:05:40 2024 +0200 s390/module: Provide find_section() helper Provide find_section() helper function which can be used to find a section by name, similar to other architectures. Signed-off-by: Heiko Carstens Signed-off-by: Jason A. Donenfeld commit 94c7755b1e8f9a8953c25f0900650be009e7be7a Author: Heiko Carstens Date: Fri Sep 13 15:05:39 2024 +0200 s390/facility: Let test_facility() generate static branch if possible Let test_facility() generate a branch instruction if the tested facility is a constant, and where the result cannot be evaluated during compile time. The branch instruction defaults to "false" and is patched to nop (branch not taken) if the tested facility is available. This avoids runtime checks and is similar to x86's static_cpu_has() and arm64's alternative_has_cap_likely(). Signed-off-by: Heiko Carstens Signed-off-by: Jason A. Donenfeld commit 013e984397a27129972cb1d89589d2b5be95a40e Author: Heiko Carstens Date: Fri Sep 13 15:05:38 2024 +0200 s390/alternatives: Remove ALT_FACILITY_EARLY Patch all alternatives which depend on facilities from the decompressor. There is no technical reason which enforces to split patching of such alternatives to the decompressor and the kernel. This simplifies alternative handling a bit, since one alternative type is removed. Signed-off-by: Heiko Carstens Signed-off-by: Jason A. Donenfeld commit 26d4959681e34a8479b8b7a9ef25ab27550562f6 Author: Heiko Carstens Date: Fri Sep 13 15:05:37 2024 +0200 s390/facility: Disable compile time optimization for decompressor code Disable compile time optimizations of test_facility() for the decompressor. The decompressor should not contain any optimized code depending on the architecture level set the kernel image is compiled for to avoid unexpected operation exceptions. Add a __DECOMPRESSOR check to test_facility() to enforce that facilities are always checked during runtime for the decompressor. Reviewed-by: Sven Schnelle Signed-off-by: Heiko Carstens Signed-off-by: Jason A. Donenfeld commit a6e23fb8d3c0e3904da70beaf5d7e840a983c97f Author: Heiko Carstens Date: Wed Sep 11 10:50:15 2024 +0200 selftests: vDSO: fix vdso_config for s390 Running vdso_test_correctness on s390x (aka s390 64 bit) emits a warning: Warning: failed to find clock_gettime64 in vDSO This is caused by the "#elif defined (__s390__)" check in vdso_config.h which the defines VDSO_32BIT. If __s390x__ is defined also __s390__ is defined. Therefore the correct check must make sure that only __s390__ is defined. Therefore add the missing !defined(__s390x__). Also use common __s390x__ define instead of __s390X__. Signed-off-by: Heiko Carstens Fixes: 693f5ca08ca0 ("kselftest: Extend vDSO selftest") Signed-off-by: Jason A. Donenfeld commit 14be4e6f35221c4731b004553ecf7cbc6dc1d2d8 Author: Jens Remus Date: Wed Sep 11 10:50:14 2024 +0200 selftests: vDSO: fix ELF hash table entry size for s390x The vDSO self tests fail on s390x for a vDSO linked with the GNU linker ld as follows: # ./vdso_test_gettimeofday Floating point exception (core dumped) On s390x the ELF hash table entries are 64 bits instead of 32 bits in size (see Glibc sysdeps/unix/sysv/linux/s390/bits/elfclass.h). Fixes: 40723419f407 ("kselftest: Enable vDSO test on non x86 platforms") Reported-by: Heiko Carstens Tested-by: Heiko Carstens Signed-off-by: Jens Remus Signed-off-by: Heiko Carstens Signed-off-by: Jason A. Donenfeld commit 8072b39c3a75b63bc08737a74b24c263b7909ba0 Author: Christophe Leroy Date: Mon Sep 2 21:17:22 2024 +0200 powerpc/vdso: Wire up getrandom() vDSO implementation on VDSO64 Extend getrandom() vDSO implementation to VDSO64. Tested on QEMU on both ppc64_defconfig and ppc64le_defconfig. Results from a Power9 (PowerNV): ~ # ./vdso_test_getrandom bench-single    vdso: 25000000 times in 0.787943615 seconds    libc: 25000000 times in 14.101887252 seconds    syscall: 25000000 times in 14.047475082 seconds Signed-off-by: Christophe Leroy Tested-by: Madhavan Srinivasan Acked-by: Michael Ellerman Signed-off-by: Jason A. Donenfeld commit 53cee505ae0c4d19a2c894501a363782410c4a29 Author: Christophe Leroy Date: Mon Sep 2 21:17:21 2024 +0200 powerpc/vdso: Wire up getrandom() vDSO implementation on VDSO32 To be consistent with other VDSO functions, the function is called __kernel_getrandom() __arch_chacha20_blocks_nostack() fonction is implemented basically with 32 bits operations. It performs 4 QUARTERROUND operations in parallele. There are enough registers to avoid using the stack: On input: r3: output bytes r4: 32-byte key input r5: 8-byte counter input/output r6: number of 64-byte blocks to write to output During operation: stack: pointer to counter (r5) and non-volatile registers (r14-131) r0: counter of blocks (initialised with r6) r4: Value '4' after key has been read, used for indexing r5-r12: key r14-r15: block counter r16-r31: chacha state At the end: r0, r6-r12: Zeroised r5, r14-r31: Restored Performance on powerpc 885 (using kernel selftest): ~# ./vdso_test_getrandom bench-single vdso: 25000000 times in 62.938002291 seconds libc: 25000000 times in 535.581916866 seconds syscall: 25000000 times in 531.525042806 seconds Performance on powerpc 8321 (using kernel selftest): ~# ./vdso_test_getrandom bench-single vdso: 25000000 times in 16.899318858 seconds libc: 25000000 times in 131.050596522 seconds syscall: 25000000 times in 129.794790389 seconds This first patch adds support for VDSO32. As selftests cannot easily be generated only for VDSO32, and because the following patch brings support for VDSO64 anyway, this patch opts out all code in __arch_chacha20_blocks_nostack() so that vdso_test_chacha will not fail to compile and will not crash on PPC64/PPC64LE, allthough the selftest itself will fail. Signed-off-by: Christophe Leroy Acked-by: Michael Ellerman Signed-off-by: Jason A. Donenfeld commit a6b67eb09963af29991625862cbb4f56b85954ed Author: Christophe Leroy Date: Mon Sep 2 21:17:20 2024 +0200 powerpc/vdso: Refactor CFLAGS for CVDSO build In order to avoid two much duplication when we add new VDSO functionnalities in C like getrandom, refactor common CFLAGS. Signed-off-by: Christophe Leroy Acked-by: Michael Ellerman Signed-off-by: Jason A. Donenfeld commit b163596a5b6f27aa6a9eac4198a6c6ec0ce3d5f2 Author: Christophe Leroy Date: Mon Sep 2 21:17:19 2024 +0200 powerpc/vdso32: Add crtsavres Commit 08c18b63d965 ("powerpc/vdso32: Add missing _restgpr_31_x to fix build failure") added _restgpr_31_x to the vdso for gettimeofday, but the work on getrandom shows that we will need more of those functions. Remove _restgpr_31_x and link in crtsavres.o so that we get all save/restore functions when optimising the kernel for size. Signed-off-by: Christophe Leroy Acked-by: Ard Biesheuvel Acked-by: Michael Ellerman Signed-off-by: Jason A. Donenfeld commit d175ee98fe545d2c56df22751314584cce228307 Author: Christophe Leroy Date: Mon Sep 2 21:17:18 2024 +0200 mm: Define VM_DROPPABLE for powerpc/32 Commit 9651fcedf7b9 ("mm: add MAP_DROPPABLE for designating always lazily freeable mappings") only adds VM_DROPPABLE for 64 bits architectures. In order to also use the getrandom vDSO implementation on powerpc/32, use VM_ARCH_1 for VM_DROPPABLE on powerpc/32. This is possible because VM_ARCH_1 is used for VM_SAO on powerpc and VM_SAO is only for powerpc/64. It is used in combination with PROT_SAO in some parts of code that are restricted to CONFIG_PPC64 through #ifdefs, it is therefore possible to define VM_SAO for CONFIG_PPC64 only. Signed-off-by: Christophe Leroy Acked-by: Michael Ellerman Signed-off-by: Jason A. Donenfeld commit c73049389e58c01e2e3bbfae900c8daeee177191 Author: Christophe Leroy Date: Fri Sep 6 10:33:43 2024 +0200 powerpc/vdso: Fix VDSO data access when running in a non-root time namespace When running in a non-root time namespace, the global VDSO data page is replaced by a dedicated namespace data page and the global data page is mapped next to it. Detailed explanations can be found at commit 660fd04f9317 ("lib/vdso: Prepare for time namespace support"). When it happens, __kernel_get_syscall_map and __kernel_get_tbfreq and __kernel_sync_dicache don't work anymore because they read 0 instead of the data they need. To address that, clock_mode has to be read. When it is set to VDSO_CLOCKMODE_TIMENS, it means it is a dedicated namespace data page and the global data is located on the following page. Add a macro called get_realdatapage which reads clock_mode and add PAGE_SIZE to the pointer provided by get_datapage macro when clock_mode is equal to VDSO_CLOCKMODE_TIMENS. Use this new macro instead of get_datapage macro except for time functions as they handle it internally. Fixes: 74205b3fc2ef ("powerpc/vdso: Add support for time namespaces") Reported-by: Jason A. Donenfeld Closes: https://lore.kernel.org/all/ZtnYqZI-nrsNslwy@zx2c4.com/ Signed-off-by: Christophe Leroy Acked-by: Michael Ellerman Signed-off-by: Jason A. Donenfeld commit 8bc7c5e525584903ea83332e18a2118ed3b1985e Author: Jason A. Donenfeld Date: Tue Sep 3 14:52:45 2024 +0200 selftests: vDSO: don't include generated headers for chacha test It's not correct to use $(top_srcdir) for generated header files, for builds that are done out of tree via O=, and $(objtree) isn't valid in the selftests context. Instead, just obviate the need for these generated header files by defining empty stubs in tools/include, which is the same thing that's done for rwlock.h. Reviewed-by: Adhemerval Zanella Signed-off-by: Jason A. Donenfeld commit 712676ea2bb3882a852bcf49862c4247317fc9b2 Author: Adhemerval Zanella Date: Tue Sep 3 12:09:17 2024 +0000 arm64: vDSO: Wire up getrandom() vDSO implementation Hook up the generic vDSO implementation to the aarch64 vDSO data page. The _vdso_rng_data required data is placed within the _vdso_data vvar page, by using a offset larger than the vdso_data. The vDSO function requires a ChaCha20 implementation that does not write to the stack, and that can do an entire ChaCha20 permutation. The one provided uses NEON on the permute operation, with a fallback to the syscall for chips that do not support AdvSIMD. This also passes the vdso_test_chacha test along with vdso_test_getrandom. The vdso_test_getrandom bench-single result on Neoverse-N1 shows: vdso: 25000000 times in 0.783884250 seconds libc: 25000000 times in 8.780275399 seconds syscall: 25000000 times in 8.786581518 seconds A small fixup to arch/arm64/include/asm/mman.h was required to avoid pulling kernel code into the vDSO, similar to what's already done in arch/arm64/include/asm/rwonce.h. Signed-off-by: Adhemerval Zanella Reviewed-by: Ard Biesheuvel Acked-by: Will Deacon Signed-off-by: Jason A. Donenfeld commit 2c2ca3416b4090aef8c646adccfc3be4b712db8a Author: Mark Rutland Date: Tue Sep 3 12:09:16 2024 +0000 arm64: alternative: make alternative_has_cap_likely() VDSO compatible Currently alternative_has_cap_unlikely() can be used in VDSO code, but alternative_has_cap_likely() cannot as it references alt_cb_patch_nops, which is not available when linking the VDSO. This is unfortunate as it would be useful to have alternative_has_cap_likely() available in VDSO code. The use of alt_cb_patch_nops was added in commit: d926079f17bf8aa4 ("arm64: alternatives: add shared NOP callback") ... as removing duplicate NOPs within the kernel Image saved areasonable amount of space. Given the VDSO code will have nowhere near as many alternative branches as the main kernel image, this isn't much of a concern, and a few extra nops isn't a massive problem. Change alternative_has_cap_likely() to only use alt_cb_patch_nops for the main kernel image, and allow duplicate NOPs in VDSO code. Signed-off-by: Mark Rutland Signed-off-by: Adhemerval Zanella Acked-by: Will Deacon Signed-off-by: Jason A. Donenfeld commit bb10ffe01bf2d2436190958c7eae694515e1ebb7 Author: Christophe Leroy Date: Sun Sep 1 19:40:33 2024 +0200 selftests: vDSO: also test counter in vdso_test_chacha The chacha vDSO selftest doesn't check the way the counter is handled by __arch_chacha20_blocks_nostack(). It indirectly checks that the counter is writen on exit and read back on new entry, but it doesn't check that the format is correct. When implementing this function on powerpc, I missed a case where the counter was writen and read in wrong byte order. Also, the counter uses two words, but the tests with a zero counter and uses a small amount of blocks, so at the end the upper part of the counter is always 0, so it is not checked. Add a verification of counter's content in addition to the verification of the output. Also add two tests where the counter crosses the u32 upper limit. The first test verifies that the function properly writes back the upper word, the second test verifies that the function properly reads back the upper word. Signed-off-by: Christophe Leroy Signed-off-by: Jason A. Donenfeld commit ecb8bd70d51ccf9009219a6097cef293deada65b Author: Christophe Leroy Date: Sun Sep 1 19:24:03 2024 +0200 selftests: vDSO: build tests with O2 optimization Without -O2, the generated code for testing chacha function is awful. GCC even implements rol32() as a function of 20 instructions instead of just using the rotlwi instruction. ~# time ./vdso_test_chacha TAP version 13 1..1 ok 1 chacha: PASS real 0m 37.16s user 0m 36.89s sys 0m 0.26s Several other selftests directory add -O2, and the kernel is also always built with optimisation active. Do the same for vDSO selftests. With this patch the time is reduced by approximately 15%. ~# time ./vdso_test_chacha TAP version 13 1..1 ok 1 chacha: PASS real 0m 32.09s user 0m 31.86s sys 0m 0.22s Signed-off-by: Christophe Leroy Signed-off-by: Jason A. Donenfeld commit 18efd0b10e0fd77fe649a375f9f17a387b5d1609 Author: Xi Ruoyao Date: Sun Sep 1 14:13:11 2024 +0800 LoongArch: vDSO: Wire up getrandom() vDSO implementation Hook up the generic vDSO implementation to the LoongArch vDSO data page by providing the required __arch_chacha20_blocks_nostack, __arch_get_k_vdso_rng_data, and getrandom_syscall implementations. Also wire up the selftests. Signed-off-by: Xi Ruoyao Acked-by: Huacai Chen Signed-off-by: Jason A. Donenfeld commit 4d456f0c87c95efb6197a30cd76b5b6ee5fb012e Author: Xi Ruoyao Date: Sun Sep 1 14:13:10 2024 +0800 random: vDSO: add a __vdso_getrandom prototype for all architectures Without a prototype, we'll have to add a prototype for each architecture implementing vDSO getrandom. As most architectures will likely have the vDSO getrandom implemented in a near future, and we'd like to keep the declarations compatible everywhere (to ease the libc implementor work), we should really just have one copy of the prototype. This also is what's already done inside of include/vdso/gettime.h for those vDSO functions, so this continues that convention. Suggested-by: Huacai Chen Signed-off-by: Xi Ruoyao Acked-by: Huacai Chen [Jason: rewrite docbook comment for prototype.] Signed-off-by: Jason A. Donenfeld commit 67a121ac8fe136f17e505e6595b8cf1a1f65f40c Author: Jason A. Donenfeld Date: Sun Sep 1 15:05:01 2024 +0200 selftests: vDSO: fix cross build for getrandom and chacha tests Unlike the check for the standalone x86 test, the check for building the vDSO getrandom and chacaha tests looks at the architecture for the host rather than the architecture for the target when deciding if they should be built. Since the chacha test includes some assembler code this means that cross building with x86 as either the target or host is broken. There's also some additional complications, where ARCH can legitimately be either x86_64 or x86, but the source code we need to compile lives in a directory path containing arch/x86. The standard SRCARCH variable handles that. And actually, all these variables and proper substitutions are already described in tools/scripts/Makefile.arch, so just include that to handle it. Similarly, ARCH=x86 can actually describe ARCH=x86_64, just with CONFIG_64BIT, so we can't rely on ARCH for selecting non-32-bit tests. For that, check against $(ARCH)$(CONFIG_X86_32). This won't help for people manually running this inside the vDSO selftest directory (which isn't really supported anyway and has problems on various archs), but it should work for builds of the kselftests, where the CONFIG_* variables are defined. On x86_64 machines, $(ARCH)$(CONFIG_X86_32) will evaluate to x86. On arm64 machines, it will evaluate to arm64. On 32-bit x86 machines, it will evaluate to x86y, which won't match the filter list. Reported-by: Mark Brown Reported-by: Christophe Leroy Signed-off-by: Jason A. Donenfeld commit 7f053812dab3946cb704520b72c381f605ecdf95 Author: Christophe Leroy Date: Tue Aug 27 09:31:47 2024 +0200 random: vDSO: minimize and simplify header includes Depending on the architecture, building a 32-bit vDSO on a 64-bit kernel is problematic when some system headers are included. Minimise the amount of headers by moving needed items, such as __{get,put}_unaligned_t, into dedicated common headers and in general use more specific headers, similar to what was done in commit 8165b57bca21 ("linux/const.h: Extract common header for vDSO") and commit 8c59ab839f52 ("lib/vdso: Enable common headers"). On some architectures this results in missing PAGE_SIZE, as was described by commit 8b3843ae3634 ("vdso/datapage: Quick fix - use asm/page-def.h for ARM64"), so define this if necessary, in the same way as done prior by commit cffaefd15a8f ("vdso: Use CONFIG_PAGE_SHIFT in vdso/datapage.h"). Removing linux/time64.h leads to missing 'struct timespec64' in x86's asm/pvclock.h. Add a forward declaration of that struct in that file. Signed-off-by: Christophe Leroy Signed-off-by: Jason A. Donenfeld commit b7bad082e113640fc81200ff869e5c2d7a9c29a2 Author: Christophe Leroy Date: Thu Aug 22 09:13:13 2024 +0200 random: vDSO: avoid call to out of line memset() With the current implementation, __cvdso_getrandom_data() calls memset() on certain architectures, which is unexpected in the VDSO. Rather than providing a memset(), simply rewrite opaque data initialization to avoid memset(). Signed-off-by: Christophe Leroy Acked-by: Ard Biesheuvel Signed-off-by: Jason A. Donenfeld commit 81723e3ac388271cf1fe9d9ca8f4e9c74689ea0e Author: Christophe Leroy Date: Thu Aug 22 09:13:12 2024 +0200 random: vDSO: add missing c-getrandom-y in Makefile Same as for the gettimeofday CVDSO implementation, add c-getrandom-y to ease the inclusion of lib/vdso/getrandom.c in architectures' VDSO builds. Signed-off-by: Christophe Leroy Signed-off-by: Jason A. Donenfeld commit b757959f192daf4d107dd5198b562032bd757a5e Author: Christophe Leroy Date: Thu Aug 22 09:13:11 2024 +0200 random: vDSO: add __arch_get_k_vdso_rng_data() helper for data page access _vdso_data is specific to x86 and __arch_get_k_vdso_data() is provided so that all architectures can provide the requested pointer. Do the same with _vdso_rng_data, provide __arch_get_k_vdso_rng_data() and don't use x86 _vdso_rng_data directly. Until now vdso/vsyscall.h was only included by time/vsyscall.c but now it will also be included in char/random.c, leading to a duplicate declaration of _vdso_data and _vdso_rng_data. To fix this issue, move the declaration in a C file. vma.c looks like the most appropriate candidate. We don't need to replace the definitions in vsyscall.h by declarations as declarations are already in asm/vvar.h. Signed-off-by: Christophe Leroy Signed-off-by: Jason A. Donenfeld commit 81c6896049b6ca69a9e737656ac33b3fd96a277c Author: Christophe Leroy Date: Tue Aug 27 09:31:50 2024 +0200 random: vDSO: don't use 64-bit atomics on 32-bit architectures Performing SMP atomic operations on u64 fails on powerpc32: CC drivers/char/random.o In file included from : drivers/char/random.c: In function 'crng_reseed': ././include/linux/compiler_types.h:510:45: error: call to '__compiletime_assert_391' declared with attribute error: Need native word sized stores/loads for atomicity. 510 | _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__) | ^ ././include/linux/compiler_types.h:491:25: note: in definition of macro '__compiletime_assert' 491 | prefix ## suffix(); \ | ^~~~~~ ././include/linux/compiler_types.h:510:9: note: in expansion of macro '_compiletime_assert' 510 | _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__) | ^~~~~~~~~~~~~~~~~~~ ././include/linux/compiler_types.h:513:9: note: in expansion of macro 'compiletime_assert' 513 | compiletime_assert(__native_word(t), \ | ^~~~~~~~~~~~~~~~~~ ./arch/powerpc/include/asm/barrier.h:74:9: note: in expansion of macro 'compiletime_assert_atomic_type' 74 | compiletime_assert_atomic_type(*p); \ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ./include/asm-generic/barrier.h:172:55: note: in expansion of macro '__smp_store_release' 172 | #define smp_store_release(p, v) do { kcsan_release(); __smp_store_release(p, v); } while (0) | ^~~~~~~~~~~~~~~~~~~ drivers/char/random.c:286:9: note: in expansion of macro 'smp_store_release' 286 | smp_store_release(&__arch_get_k_vdso_rng_data()->generation, next_gen + 1); | ^~~~~~~~~~~~~~~~~ The kernel-side generation counter in the random driver is handled as an unsigned long, not as a u64, in base_crng and struct crng. But on the vDSO side, it needs to be an u64, not just an unsigned long, in order to support a 32-bit vDSO atop a 64-bit kernel. On kernel side, however, it is an unsigned long, hence a 32-bit value on 32-bit architectures, so just cast it to unsigned long for the smp_store_release(). A side effect is that on big endian architectures the store will be performed in the upper 32 bits. It is not an issue on its own because the vDSO site doesn't mind the value, as it only checks differences. Just make sure that the vDSO side checks the full 64 bits. For that, the local current_generation has to be u64 as well. Signed-off-by: Christophe Leroy Suggested-by: Thomas Gleixner Signed-off-by: Jason A. Donenfeld commit 7fe5b3e4e7a61f3640d7645c434ac8c982f1388e Author: Jason A. Donenfeld Date: Wed Aug 28 15:49:32 2024 +0200 selftests: vDSO: open code basic chacha instead of linking to libsodium Linking to libsodium makes building this test annoying in cross compilation environments and is just way too much. Since this is just a basic correctness test, simply open code a simple, unoptimized, dumb chacha, rather than linking to libsodium. This also fixes a correctness issue on big endian systems. The kernel's random.c doesn't bother doing a le32_to_cpu operation on the random bytes that are passed as the key, and consequently neither does vgetrandom-chacha.S. However, libsodium's chacha _does_ do this, since it takes the key as an array of bytes. This meant that the test was broken on big endian systems, which this commit rectifies. Signed-off-by: Jason A. Donenfeld commit 6fd13b282f62bd840f2410692deaa23a42fd91fa Author: Jason A. Donenfeld Date: Tue Aug 27 17:14:18 2024 +0200 random: vDSO: move prototype of arch chacha function to vdso/getrandom.h Having the prototype for __arch_chacha20_blocks_nostack in arch/x86/include/asm/vdso/getrandom.h meant that the prototype and large doc comment were cloned by every architecture, which has been causing unnecessary churn. Instead move it into include/vdso/getrandom.h, where it can be shared by all archs implementing it. As a side bonus, this then lets us use that prototype in the vdso_test_chacha self test, to ensure that it matches the source, and indeed doing so turned up some inconsistencies, which are rectified here. Suggested-by: Christophe Leroy Signed-off-by: Jason A. Donenfeld commit 2aec90036dcd2cb7047a6e28625fba6c64756665 Author: Jason A. Donenfeld Date: Thu Sep 5 19:17:24 2024 +0200 selftests: vDSO: ensure vgetrandom works in a time namespace After verifying that vDSO getrandom does work, which ensures that the RNG is initialized, test to see if it also works inside of a time namespace. This is important to test, because the vvar pages get swizzled around there. If the arch code isn't careful, the RNG will appear uninitialized inside of a time namespace. Because broken code makes the RNG appear uninitialized, test that everything works by issuing a call to vgetrandom from a fork in a time namespace, and use ptrace to ensure that the actual syscall getrandom doesn't get called. If it doesn't get called, then the test succeeds. Signed-off-by: Jason A. Donenfeld commit d14bc28af34fb8b599c1cc4ce24a2833e60ade8f Author: Shashank Babu Chinta Venkata Date: Wed Sep 11 20:56:29 2024 +0530 PCI: qcom: Add RX lane margining settings for 16.0 GT/s Add RX lane margining settings for 16.0 GT/s (GEN 4) data rate. These settings improve link stability while operating at high date rates and helps to improve signal quality. Link: https://lore.kernel.org/linux-pci/20240911-pci-qcom-gen4-stability-v7-4-743f5c1fd027@linaro.org Tested-by: Johan Hovold Signed-off-by: Shashank Babu Chinta Venkata [mani: dropped the code refactoring and minor changes] Signed-off-by: Manivannan Sadhasivam [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Johan Hovold Reviewed-by: Manivannan Sadhasivam commit d45736b5984954da71292d858f277bac9c70cd2e Author: Shashank Babu Chinta Venkata Date: Wed Sep 11 20:56:28 2024 +0530 PCI: qcom: Add equalization settings for 16.0 GT/s During high data transmission rates such as 16.0 GT/s, there is an increased risk of signal loss due to poor channel quality and interference. This can impact receiver's ability to capture signals accurately. Hence, as signal compensation is achieved through appropriate lane equalization, apply lane equalization settings at both transmitter and receiver which results in an increase in the PCIe signal strength. While at it, modify the pcie-tegra194 driver to make use of the common GEN3_EQ_CONTROL_OFF definitions in pcie-designware.h. Link: https://lore.kernel.org/linux-pci/20240911-pci-qcom-gen4-stability-v7-3-743f5c1fd027@linaro.org Tested-by: Johan Hovold Signed-off-by: Shashank Babu Chinta Venkata [mani: dropped the code refactoring and minor changes] Signed-off-by: Manivannan Sadhasivam [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Johan Hovold Reviewed-by: Manivannan Sadhasivam commit 19a69cbd9d436fe503e5cb6dade76fe371244d4f Author: Manivannan Sadhasivam Date: Wed Sep 11 20:56:27 2024 +0530 PCI: dwc: Always cache the maximum link speed value in dw_pcie::max_link_speed Currently, the dw_pcie::max_link_speed has a valid value only if the controller driver restricts the maximum link speed in the driver or if the platform does so in the devicetree using the 'max-link-speed' property. But having the maximum supported link speed of the platform would be helpful for the vendor drivers to configure any link specific settings. So in the case of non-valid value in dw_pcie::max_link_speed, just cache the hardware default value from Link Capability register. While at it, remove the 'max_link_speed' argument to the dw_pcie_link_set_max_speed() function since the value can be retrieved within the function. Link: https://lore.kernel.org/linux-pci/20240911-pci-qcom-gen4-stability-v7-2-743f5c1fd027@linaro.org Tested-by: Johan Hovold Signed-off-by: Manivannan Sadhasivam [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Frank Li Reviewed-by: Johan Hovold commit 2cebf68a24abb0552ea59cf928829acd51f8b175 Author: Manivannan Sadhasivam Date: Wed Sep 11 20:56:26 2024 +0530 PCI: dwc: Rename 'dw_pcie::link_gen' to 'dw_pcie::max_link_speed' The 'link_gen' field is now holding the maximum supported link speed set either by the controller driver or by DT through 'max-link-speed' property. However, the name 'link_gen' sounds like the negotiated link speed of the PCIe link. So rename it to 'max_link_speed' to make it clear that it holds the maximum supported link speed of the controller. Link: https://lore.kernel.org/linux-pci/20240911-pci-qcom-gen4-stability-v7-1-743f5c1fd027@linaro.org Tested-by: Johan Hovold Signed-off-by: Manivannan Sadhasivam [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Frank Li Reviewed-by: Johan Hovold commit d4d7c03f7ee1d7f16b7b6e885b1e00968f72b93c Merge: 26e197b7f9240a 83bdfcbdbe5d90 Author: Jens Axboe Date: Fri Sep 13 08:39:09 2024 -0600 Merge tag 'nvme-6.12-2024-09-13' of git://git.infradead.org/nvme into for-6.12/block Pull NVMe fixes from Keith: "nvme fixes for Linux 6.12 - A syntax cleanup (Shen) - Fix a Kconfig linking error (Arnd) - New queue-depth quirk (Keith)" * tag 'nvme-6.12-2024-09-13' of git://git.infradead.org/nvme: nvme-pci: qdepth 1 quirk nvme-tcp: fix link failure for TCP auth nvme: Convert comma to semicolon commit 83bdfcbdbe5d901c5fa432decf12e1725a840a56 Author: Keith Busch Date: Wed Sep 11 10:39:59 2024 -0700 nvme-pci: qdepth 1 quirk Another device has been reported to be unreliable if we have more than one outstanding command. In this new case, data corruption may occur. Since we have two devices now needing this quirky behavior, make a generic quirk flag. The same Apple quirk is clearly not "temporary", so update the comment while moving it. Link: https://lore.kernel.org/linux-nvme/191d810a4e3.fcc6066c765804.973611676137075390@collabora.com/ Reported-by: Robert Beckett Reviewed-by: Christoph Hellwig hch@lst.de> Signed-off-by: Keith Busch commit 2cb4acf2140be8a4f299c0b887cc314845ef6ec8 Author: Guenter Roeck Date: Fri Sep 13 07:11:42 2024 -0700 hwmon: Remove devm_hwmon_device_unregister() API function devm_hwmon_device_unregister() has no in-tree user, and its implementation is wrong since it does not pass the to-be-removed hardware monitoring device as parameter. I do not envision a valid use for it; drivers needing it should not have called devm_hwmon_device_register_with_info() in the first place. Remove it. Reported-by: Matthew Sanders Closes: https://lore.kernel.org/linux-hwmon/488b3bdf870ea76c4b943dbe5fd15ac8113019dc.camel@kernel.org/ Signed-off-by: Guenter Roeck commit 04736f7d1945722117def1462fd3602c72c02272 Author: Li Zetao Date: Tue Sep 3 22:41:15 2024 +0800 efi: Remove redundant null pointer checks in efi_debugfs_init() Since the debugfs_create_dir() never returns a null pointer, checking the return value for a null pointer is redundant, and using IS_ERR is safe enough. Signed-off-by: Li Zetao Signed-off-by: Ard Biesheuvel commit d3745e3ae6c0eec517d431be926742b6e8b9b64a Author: Manivannan Sadhasivam Date: Fri Aug 30 13:53:19 2024 +0530 PCI: qcom-ep: Enable controller resources like PHY only after refclk is available qcom_pcie_enable_resources() is called by qcom_pcie_ep_probe() and it enables the controller resources like clocks, regulator, PHY. On one of the new unreleased Qcom SoC, PHY enablement depends on the active refclk. And on all of the supported Qcom endpoint SoCs, refclk comes from the host (RC). So calling qcom_pcie_enable_resources() without refclk causes the NoC (Network On Chip) error in the endpoint SoC and in turn results in a whole SoC crash and rebooting into EDL (Emergency Download) mode which is an unrecoverable state. But qcom_pcie_enable_resources() is already called by qcom_pcie_perst_deassert() when PERST# is deasserted, and refclk is available at that time. Hence, remove the unnecessary call to qcom_pcie_enable_resources() from qcom_pcie_ep_probe() to prevent the above mentioned crash. It should be noted that this commit prevents the crash only under normal working condition (booting endpoint before host), but the crash may also occur if PERST# assert happens at the wrong time. For avoiding the crash completely, it is recommended to use SRIS mode which allows the endpoint SoC to generate its own refclk. The driver is not supporting SRIS mode currently, but will be added in the future. Fixes: 869bc5253406 ("PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host") Link: https://lore.kernel.org/linux-pci/20240830082319.51387-1-manivannan.sadhasivam@linaro.org Tested-by: Dmitry Baryshkov Signed-off-by: Manivannan Sadhasivam Signed-off-by: Krzysztof Wilczyński commit 6d8348ddc56ed43ba39d1e8adda13299201f32ed Author: Vijendar Mukunda Date: Fri Sep 13 14:36:31 2024 +0530 ASoC: amd: acp: refactor SoundWire machine driver code Refactor Soundwire machine driver code by using common SoundWire endpoint parsing helper functions. Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Link: https://patch.msgid.link/20240913090631.1834543-6-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 13b24f84782d6c0373f62eb645353883d94d1dcd Author: Vijendar Mukunda Date: Fri Sep 13 14:36:30 2024 +0530 ASoC: sdw_utils/intel: move soundwire endpoint parsing helper functions Move SoundWire endpoint parsing helper functions to common place holder. These functions will be used by other platform machine driver code. Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Link: https://patch.msgid.link/20240913090631.1834543-5-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 7860df5b29945cfab40dd667f576af31401d7c43 Author: Vijendar Mukunda Date: Fri Sep 13 14:36:29 2024 +0530 ASoC: sdw_util/intel: move soundwire endpoint and dai link structures Move Soundwire endpoint and dai link structures from Intel generic machine driver code to common place holder(soc_sdw_utils.h). These structures will be used in other platform SoundWire machine driver code. Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Link: https://patch.msgid.link/20240913090631.1834543-4-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 23f020bd607b7aec5f301699227ed196430fbc40 Author: Vijendar Mukunda Date: Fri Sep 13 14:36:28 2024 +0530 ASoC: intel: sof_sdw: rename soundwire parsing helper functions Rename SoundWire parsing helper functions with 'asoc_sdw' tag to make it generic. Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Link: https://patch.msgid.link/20240913090631.1834543-3-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit f5c05fd7e9d20a3a8f3401b467fec2d24f49ea5a Author: Vijendar Mukunda Date: Fri Sep 13 14:36:27 2024 +0530 ASoC: intel: sof_sdw: rename soundwire endpoint and dailink structures Rename SoundWire endpoint and dai link structures with asoc tag to make it generic. Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Link: https://patch.msgid.link/20240913090631.1834543-2-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit e799bef0d9c85b963938d8f31806a898385a5b09 Author: Paul E. McKenney Date: Wed Mar 27 15:28:04 2024 -0700 xtensa: Emulate one-byte cmpxchg Use the new cmpxchg_emu_u8() to emulate one-byte cmpxchg() on xtensa. [ paulmck: Apply kernel test robot feedback. ] [ paulmck: Drop two-byte support per Arnd Bergmann feedback. ] [ Apply Geert Uytterhoeven feedback. ] Signed-off-by: Paul E. McKenney Tested-by: Yujie Liu Cc: Andi Shyti Cc: Geert Uytterhoeven Cc: Arnd Bergmann Cc: "Peter Zijlstra (Intel)" commit c81a748edefd098ea21dd35d4bba03f69412fc26 Author: Paul E. McKenney Date: Wed Mar 27 15:21:31 2024 -0700 sh: Emulate one-byte cmpxchg Use the new cmpxchg_emu_u8() to emulate one-byte cmpxchg() on sh. [ paulmck: Drop two-byte support per Arnd Bergmann feedback. ] [ paulmck: Apply feedback from Naresh Kamboju. ] [ Apply Geert Uytterhoeven feedback. ] Signed-off-by: Paul E. McKenney Cc: Andi Shyti Cc: Palmer Dabbelt Cc: Masami Hiramatsu Cc: Arnd Bergmann Cc: Acked-by: John Paul Adrian Glaubitz commit f2519d4d4fc4d36f2b58c5614357de9f5b4032fc Author: Paul E. McKenney Date: Mon Mar 18 01:27:35 2024 -0700 ARC: Emulate one-byte cmpxchg Use the new cmpxchg_emu_u8() to emulate one-byte cmpxchg() on arc. [ paulmck: Drop two-byte support per Arnd Bergmann feedback. ] [ paulmck: Apply feedback from Naresh Kamboju. ] [ paulmck: Apply kernel test robot feedback. ] [ paulmck: Apply feedback from Vineet Gupta. ] Signed-off-by: Paul E. McKenney Cc: Andi Shyti Cc: Andrzej Hajda Cc: Arnd Bergmann Cc: Palmer Dabbelt Cc: Acked-by: Vineet Gupta commit 2ed1a4a5c0058dfd78f5037576d668a37d0ec609 Author: Codrin Ciubotariu Date: Fri Sep 13 15:06:22 2024 +0300 ASoC: atmel: mchp-pdmc: Retain Non-Runtime Controls Avoid removing these controls, as doing so can cause issues if the stream is initiated from another control. Ensure these controls remain intact when the stream is started or finished. Instead of removing them, return an -EBUSY error code to indicate that the controller is busy, especially when the audio filter and the SINC filter are in use. [andrei.simion@microchip.com: Reword the commit title and the commit message. Replace spinlock and busy variable with atomic_t busy_stream.] Signed-off-by: Codrin Ciubotariu Signed-off-by: Andrei Simion Link: https://patch.msgid.link/20240913120621.79088-1-andrei.simion@microchip.com Signed-off-by: Mark Brown commit 0aa04373bca5044a3cb4d5125de792872e971ed2 Merge: ce28dae326afd4 e9a081c80cb377 Author: Benjamin Tissoires Date: Fri Sep 13 16:04:30 2024 +0200 Merge branch 'for-6.12/cp2112' into for-linus - Use irq_get_trigger_type() helper (Jinjie Ruan) commit fb9ce84a01582c9d67dc51d5330136ea684172ef Author: André Draszik Date: Fri Sep 13 12:43:58 2024 +0100 regulator: update some comments ([gs]et_voltage_vsel vs [gs]et_voltage_sel) Some comments here are referring to a non-existent regulator_ops::get_voltage_vsel() where ::get_voltage_sel() is meant, and similar for ::set_voltage_vsel() / ::set_voltage_sel(). Update the comments. Signed-off-by: André Draszik Link: https://patch.msgid.link/20240913-regulator-typos-v1-1-92781c93f638@linaro.org Signed-off-by: Mark Brown commit ff97b9c0df585d14c4c6b9c4cdcbeba43f7b885a Author: Jinjie Ruan Date: Fri Sep 13 09:35:03 2024 +0800 regulator: max8973: Use irq_get_trigger_type() helper Use irq_get_trigger_type() to replace irq_get_irq_data() and then irqd_get_trigger_type(), if the irq data is NULL it will return 0. Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240913013503.3754712-1-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 6a36d828bdef0e02b1e6c12e2160f5b83be6aab5 Author: Dr. David Alan Gilbert Date: Fri Sep 13 02:09:55 2024 +0100 driver core: attribute_container: Remove unused functions I can't find any use of 'attribute_container_add_class_device_adapter' or 'attribute_container_trigger' in git history. Their export decls went in 2006: commit 1740757e8f94 ("[PATCH] Driver Core: remove unused exports") and their docs disappeared in 2016: commit 47cb398dd75a ("Docs: sphinxify device-drivers.tmpl") Remove them. Signed-off-by: Dr. David Alan Gilbert Link: https://lore.kernel.org/r/20240913010955.1393995-1-linux@treblig.org Signed-off-by: Greg Kroah-Hartman commit e9a081c80cb377b84ead0ba46e8ec892184318bd Author: Jinjie Ruan Date: Fri Sep 13 15:46:32 2024 +0800 hid: cp2112: Use irq_get_trigger_type() helper Use irq_get_trigger_type() to replace irq_get_irq_data() and then irqd_get_trigger_type(), if the irq data is NULL it will return 0. No functional changed. Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240913074632.3779321-1-ruanjinjie@huawei.com Signed-off-by: Benjamin Tissoires commit 68d4209158f43a558c5553ea95ab0c8975eab18c Author: Andy Shevchenko Date: Fri Sep 13 16:17:10 2024 +0300 sub: cdns3: Use predefined PCI vendor ID constant The PCI vendor ID for Cadence is defined in pci_ids.h. Use it. While at it, move to PCI_DEVICE() macro and usual pattern for PCI class and device IDs. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240913131710.3630560-1-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit d2a18bbc5279ddc090f1b776740f6909d2248c3b Author: Andy Shevchenko Date: Fri Sep 13 16:21:25 2024 +0300 sub: cdns2: Use predefined PCI vendor ID constant The PCI vendor ID for Cadence is defined in pci_ids.h. Use it. While at it, move to PCI_DEVICE() macro and usual pattern for PCI class and device IDs. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240913132125.3630860-1-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit ce28dae326afd4d7087b9e57e6834050da657b28 Merge: c9ce59650e5d57 28a7eeb9eb40fc Author: Benjamin Tissoires Date: Fri Sep 13 15:28:14 2024 +0200 Merge branch 'for-6.12/picolcd' into for-linus - Use backlight power constants (Thomas Zimmermann) commit c9ce59650e5d57b986fdd4a599a46e28ccabb4d6 Merge: 54ab9273529d24 d06651bebf99e5 Author: Benjamin Tissoires Date: Fri Sep 13 15:27:27 2024 +0200 Merge branch 'for-6.12/elan' into for-linus - Add support for one new Elan device (ekth6a12nay) (Zhaoxiong Lv) commit 54ab9273529d24e36f0490c8acf00c1e50d09278 Merge: fe9c6249e81081 2933aa8b77be95 Author: Benjamin Tissoires Date: Fri Sep 13 15:26:35 2024 +0200 Merge branch 'for-6.12/hid-playstation' into for-linus - Enhance compatibility with clone controllers (Max Staudt) commit fe9c6249e810818fe67bfeaf9319a40eb0bdae03 Merge: 1a811edf4f7561 252ed1f7f7c657 Author: Benjamin Tissoires Date: Fri Sep 13 15:24:03 2024 +0200 Merge branch 'for-6.12/goodix-spi' into for-linus - Add support for a new Goodix HID over SPI driver (Charles Wang) Note: this driver doesn't rely on the spefication of HID over SPI provided by Microsoft, thus needs a separate driver, not a generic bus transport low level driver. commit 1a811edf4f756196ef38f3a8edee35326a328e1a Merge: 8357632ef957e1 84aecf2d251a33 Author: Benjamin Tissoires Date: Fri Sep 13 15:21:44 2024 +0200 Merge branch 'for-6.12/wacom' into for-linus Various Wacom fixes (Jason Gerecke): - Support for high-resolution wheel scrolling - Support touchrings with relative motion - Support devices with two touchrings - Support sequence numbers smaller than 16-bit commit 8357632ef957e11e20245b59cf2bc8cdea05c04e Merge: 1b6ff737e201ed 8417b265e1e6cf Author: Benjamin Tissoires Date: Fri Sep 13 15:20:58 2024 +0200 Merge branch 'for-6.12/amd_sfh' into for-linus - Convert comma to semicolon (Chen Ni) commit 1b6ff737e201edfa545824a7d8998bcd82eb2d92 Merge: b169410962b229 aa4674c525e1e9 Author: Benjamin Tissoires Date: Fri Sep 13 15:20:01 2024 +0200 Merge branch 'for-6.12/intel-ish' into for-linus - Add support for vendor customized firmware loading (Zhang Lixu) commit b169410962b2295d866023bfb3df9470c20e0d68 Merge: 6937a82d48e30c b4ed18a3d56eab Author: Benjamin Tissoires Date: Fri Sep 13 15:18:33 2024 +0200 Merge branch 'i2c-hid' into for-linus - ensure various commands do not interfere with each other (Dmitry Torokhov) commit 6937a82d48e30c7cae4947e0a7f0a3be6006ce0a Merge: 054e0bd3457735 321f7798cfb8d8 Author: Benjamin Tissoires Date: Fri Sep 13 15:16:56 2024 +0200 Merge branch 'for-6.12/hidraw' into for-linus - introduction of HIDIOCREVOKE ioctl to revoke a hidraw fd opened by a regular (non-root) application (Peter Hutterer) commit 054e0bd3457735ee03879c49e36f15f649fe9c86 Merge: 37c25a50313c4f 9f5305ed80108a Author: Benjamin Tissoires Date: Fri Sep 13 15:14:56 2024 +0200 Merge branch 'for-6.12/constify-rdesc' into for-linus - Constification of report descriptors so drivers can use read-only memory when declaring report descriptors fixups (Thomas Weißschuh) commit 37c25a50313c4f11904c403dd55b06a539ba349f Merge: 8f7ec7fe25d2eb 6edb8cd87cca5d Author: Benjamin Tissoires Date: Fri Sep 13 15:14:06 2024 +0200 Merge branch 'for-6.12/core' into for-linus - add helper for finding a field with a certain usage (Kerem Karabay) commit 8f7ec7fe25d2eb07496ccc8bdd69f636186d6a21 Merge: 10a5fd6e984260 b35e0dc548aa34 Author: Benjamin Tissoires Date: Fri Sep 13 15:11:46 2024 +0200 Merge branch 'for-6.11/bpf' into for-linus One leftover which should have gone earlier: - fix HID-BPF samples (Benjamin Tissoires) commit 10a5fd6e984260dcb3b9f246ca53798ef65d7119 Merge: 6e4436539ae182 65b72ea91a257a Author: Benjamin Tissoires Date: Fri Sep 13 15:07:09 2024 +0200 Merge branch 'for-6.11/upstream-fixes' into for-linus Small fixes for drivers/hid: - Add support for 3 multitouch panels (He Lugang, tammy tseng and Vishnu Sankar) - Unused declarations cleanups (Yue Haibing) - Fix comma vs semicolon (Chen Ni) commit 2910306655a7072640021563ec9501bfa67f0cb1 Author: Alex Williamson Date: Thu Sep 12 15:53:27 2024 -0600 PCI: Mark Creative Labs EMU20k2 INTx masking as broken Per user reports, the Creative Labs EMU20k2 (Sound Blaster X-Fi Titanium Series) generates spurious interrupts when used with vfio-pci unless DisINTx masking support is disabled. Thus, quirk the device to mark INTx masking as broken. Closes: https://lore.kernel.org/all/VI1PR10MB8207C507DB5420AB4C7281E0DB9A2@VI1PR10MB8207.EURPRD10.PROD.OUTLOOK.COM Link: https://lore.kernel.org/linux-pci/20240912215331.839220-1-alex.williamson@redhat.com Reported-by: zdravko delineshev Signed-off-by: Alex Williamson [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński commit f500a2f1282750fb344ce535d78071cf1493efd1 Author: Richard Zhu Date: Tue Aug 13 15:42:20 2024 +0800 dt-bindings: PCI: imx6q-pcie: Add reg-name "dbi2" and "atu" for i.MX8M PCIe Endpoint Add reg-name: "dbi2", "atu" for i.MX8M PCIe Endpoint. For i.MX8M PCIe EP, the dbi2 and atu addresses are pre-defined in the driver. This method is not good. In commit b7d67c6130ee ("PCI: imx6: Add iMX95 Endpoint (EP) support"), Frank suggests to fetch the dbi2 and atu from DT directly. This commit is preparation to do that for i.MX8M PCIe EP. These changes wouldn't break driver function. When "dbi2" and "atu" properties are present, i.MX PCIe driver would fetch the according base addresses from DT directly. If only two reg properties are provided, i.MX PCIe driver would fall back to the old method. Link: https://lore.kernel.org/linux-pci/1723534943-28499-2-git-send-email-hongxing.zhu@nxp.com Signed-off-by: Richard Zhu Signed-off-by: Krzysztof Wilczyński Reviewed-by: Frank Li Reviewed-by: Rob Herring (Arm) commit dff07b5e4bb8da01fc93786e6712af6de01eaf7d Author: Matthew Gerlach Date: Wed Jul 17 13:17:56 2024 -0500 dt-bindings: PCI: altera: msi: Convert to YAML Convert the devicetree bindings for the Altera PCIe MSI controller from text to YAML. Link: https://lore.kernel.org/linux-pci/20240717181756.2177553-1-matthew.gerlach@linux.intel.com Signed-off-by: Matthew Gerlach [kwilczynski: remove unused msi0 label] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Conor Dooley commit cd3689b6772fbc1a4513934a5204fd2fa5b4426b Author: Alexander Stein Date: Wed Sep 11 11:09:09 2024 +0200 mmc: core: Use dev_err_probe for deferred regulators In case vmmc or vqmmc regulator is not available yet, use dev_err_probe in order to set a deferred probe reason. This is a helpful hint in /sys/kernel/debug/devices_deferred Signed-off-by: Alexander Stein Link: https://lore.kernel.org/r/20240911090910.3060749-1-alexander.stein@ew.tq-group.com Signed-off-by: Ulf Hansson commit c6ccb691d484544636bc4a097574c5c135ccccda Author: Geert Uytterhoeven Date: Wed Sep 4 16:30:48 2024 +0200 pmdomain: core: Reduce debug summary table width Commit 9094e53ff5c86ebe ("pmdomain: core: Use dev_name() instead of kobject_get_path() in debugfs") severely shortened the names of devices in a PM Domain. Now the most common format[1] consists of a 32-bit unit-address (8 characters), followed by a dot and a node name (20 characters for "air-pollution-sensor" and "interrupt-controller", which are the longest generic node names documented in the Devicetree Specification), for a typical maximum of 29 characters. This offers a good opportunity to reduce the table width of the debug summary: - Reduce the device name field width from 50 to 30 characters, which matches the PM Domain name width, - Reduce the large inter-column space between the "performance" and "managed by" columns. Visual impact: - The "performance" column now starts at a position that is a multiple of 16, just like the "status" and "children" columns, - All of the "/device", "runtime status", and "managed by" columns are now indented 4 characters more than the columns right above them, - Everything fits in (one less than) 80 characters again ;-) [1] Note that some device names (e.g. TI AM335x interconnect target modules) do not follow this convention, and may be much longer, but these didn't fit in the old 50-character column width either. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/r/f8e1821364b6d5d11350447c128f6d2b470f33fe.1725459707.git.geert+renesas@glider.be Signed-off-by: Ulf Hansson commit 2fc934190e7118f7c7ddd748302df44bde1015f6 Author: Geert Uytterhoeven Date: Wed Sep 4 16:30:47 2024 +0200 pmdomain: core: Move mode_status_str() Move mode_status_str() below perf_status_str(), to make declaration order match calling order of the various *_status_str() helpers. While at it, add a blank line for consistency among the three helpers. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/r/18ed6fb2bb92860f3af1bc7e5e4a01e9dacf2126.1725459707.git.geert+renesas@glider.be Signed-off-by: Ulf Hansson commit 987a43e89ec67cc68518c0558db42ba542581597 Author: Geert Uytterhoeven Date: Wed Sep 4 16:30:46 2024 +0200 pmdomain: core: Fix "managed by" alignment in debug summary The "performance" column contains variable-width values. Hence when their printed values contain more than one digit, all values in successive columns become misaligned. Fix this by formatting it as a fixed-width field. Adjust successive spaces and field widths to retain the exiting layout. Fixes: 0155aaf95a2a ("PM: domains: Add the domain HW-managed mode to the summary") Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/r/e004f9d2a75e9a49c269507bb8a4514001751e85.1725459707.git.geert+renesas@glider.be Signed-off-by: Ulf Hansson commit 692c20c4d075bd452acfbbc68200fc226c7c9496 Author: Geert Uytterhoeven Date: Wed Sep 4 16:30:45 2024 +0200 pmdomain: core: Harden inter-column space in debug summary The inter-column space in the debug summary is two spaces. However, in one case, the extra space is handled implicitly in a field width specifier. Make inter-column space explicit to ease future maintenance. Fixes: 45fbc464b047 ("PM: domains: Add "performance" column to debug summary") Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/r/ae61eb363621b981edde878e1e74d701702a579f.1725459707.git.geert+renesas@glider.be Signed-off-by: Ulf Hansson commit d030e94d8127d79d941a94211250060431720614 Author: Detlev Casanova Date: Thu Aug 29 16:20:48 2024 -0400 pmdomain: rockchip: Add gating masks for rk3576 The RK3576 SoC needs to ungate the power domains before their status can be modified. The values have been taken from the rockchip downstream driver. Signed-off-by: Detlev Casanova Link: https://lore.kernel.org/r/20240829202732.75961-3-detlev.casanova@collabora.com Signed-off-by: Ulf Hansson commit 8b579881de295d49a75f6312547f7813b1551a83 Author: Detlev Casanova Date: Thu Aug 29 16:20:47 2024 -0400 pmdomain: rockchip: Add gating support Some rockchip SoC need to ungate power domains before their power status can be changed. Each power domain has a gate mask that is set to 1 to ungate it when manipulating power status, then set back to 0 to gate it again. Signed-off-by: Detlev Casanova Link: https://lore.kernel.org/r/20240829202732.75961-2-detlev.casanova@collabora.com Signed-off-by: Ulf Hansson commit 97162f6093d263aa1c2c7e883912f922ea633512 Merge: 8386207f37e984 f1c6cf8e7ab9d7 705c1cdf1e73c4 3ab9d8d1b50b51 04f4f33c941c22 Author: Joerg Roedel Date: Fri Sep 13 12:53:05 2024 +0200 Merge branches 'fixes', 'arm/smmu', 'intel/vt-d', 'amd/amd-vi' and 'core' into next commit 4c621d6e667af6a41a0434fed6774abec7857801 Author: Krzysztof Kozlowski Date: Sun Aug 25 20:31:16 2024 +0200 pmdomain: rockchip: Simplify dropping OF node reference Drop OF node reference immediately after using it in syscon_node_to_regmap(), which is both simpler and typical/expected code pattern. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240825183116.102953-1-krzysztof.kozlowski@linaro.org Signed-off-by: Ulf Hansson commit 391a2e64d757a0d22a99676930b5aee29f4a4f35 Author: Hongbo Li Date: Wed Aug 28 20:12:30 2024 +0800 pmdomain: mediatek: make use of dev_err_cast_probe() Using dev_err_cast_probe() to simplify the code. Signed-off-by: Hongbo Li Reviewed-by: Matthias Brugger Link: https://lore.kernel.org/r/20240828121230.3696315-1-lihongbo22@huawei.com Signed-off-by: Ulf Hansson commit 1a2e369aa2f7a187f0737355ec951bdb1bbc2e84 Author: Dario Binacchi Date: Sun Aug 25 16:34:02 2024 +0200 pmdomain: imx93-pd: drop the context variable "init_off" This variable is only used within the probe() function, so let's remove it from the context and define it locally within the same function. Signed-off-by: Dario Binacchi Link: https://lore.kernel.org/r/20240825143428.556439-3-dario.binacchi@amarulasolutions.com Signed-off-by: Ulf Hansson commit 28717ec8b948eedca5855ac4f587b45bcb1d57e5 Author: Dario Binacchi Date: Sun Aug 25 16:34:01 2024 +0200 pmdomain: imx93-pd: don't unprepare clocks on driver remove The removed code was added to handle the case where the power domain is already on during the driver's probing. In this use case, the "is_off" parameter is passed as false to pm_genpd_init() to inform it not to call the power_on() callback, as it's unnecessary to perform the hardware power-on procedure since the power domain is already on. Therefore, with the call to clk_bulk_prepare_enable() by probe(), the system is in the same operational state as when "is_off" is passed as true after the power_on() callback execution: probe() -> is_off == true -> clk_bulk_prepare_enable() called by power_on() probe() -> is_off == false -> clk_bulk_prepare_enable() called by probe() Reaching the same logical and operational state, it follows that upon driver removal, there is no need to perform different actions depending on the power domain's on/off state during probing. Signed-off-by: Dario Binacchi Link: https://lore.kernel.org/r/20240825143428.556439-2-dario.binacchi@amarulasolutions.com Signed-off-by: Ulf Hansson commit 06cee3c6b3844b0ee46dc15ce1bf938eeba2bb28 Author: Dario Binacchi Date: Sun Aug 25 16:34:00 2024 +0200 pmdomain: imx93-pd: replace dev_err() with dev_err_probe() This way, the code becomes more compact, and dev_err_probe() is used in every error path of the probe() function. Signed-off-by: Dario Binacchi Acked-by: Uwe Kleine-König Link: https://lore.kernel.org/r/20240825143428.556439-1-dario.binacchi@amarulasolutions.com Signed-off-by: Ulf Hansson commit 5740434e1e0f51db1282436a7783658e6c139fd1 Author: Joshua Grisham Date: Fri Sep 13 10:00:55 2024 +0200 ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) Adds support for GB2Pro Arc variant (NP950XEE) based on successful test and information provided by Github user drewdrew0 [1]. [1]: https://github.com/thesofproject/linux/issues/4055#issuecomment-2346890020 Signed-off-by: Joshua Grisham Link: https://patch.msgid.link/20240913080055.10807-1-josh@joshuagrisham.com Signed-off-by: Takashi Iwai commit ce212d2afca47acd366a2e74c76fe82c31f785ab Author: Herbert Xu Date: Tue Sep 10 17:30:24 2024 +0800 crypto: n2 - Set err to EINVAL if snprintf fails for hmac Return EINVAL if the snprintf check fails when constructing the algorithm names. Fixes: 8c20982caca4 ("crypto: n2 - Silence gcc format-truncation false positive warnings") Reported-by: kernel test robot Reported-by: Dan Carpenter Closes: https://lore.kernel.org/r/202409090726.TP0WfY7p-lkp@intel.com/ Signed-off-by: Herbert Xu commit e2b19a4840650ba1d679562d4a8959f3f6070064 Author: Chen Yufan Date: Fri Sep 6 18:43:24 2024 +0800 crypto: camm/qi - Use ERR_CAST() to return error-valued pointer Instead of directly casting and returning (void *) pointer, use ERR_CAST to explicitly return an error-valued pointer. This makes the error handling more explicit and improves code clarity. Signed-off-by: Chen Yufan Signed-off-by: Herbert Xu commit ca459e5f826f262f044bda85ede8460af7f4bec9 Author: WangYuli Date: Fri Sep 6 14:40:02 2024 +0800 crypto: mips/crc32 - Clean up useless assignment operations When entering the "len & sizeof(u32)" branch, len must be less than 8. So after one operation, len must be less than 4. At this time, "len -= sizeof(u32)" is not necessary for 64-bit CPUs. After that, replace `while' loops with equivalent `for' to make the code structure a little bit better by the way. Suggested-by: Maciej W. Rozycki Link: https://lore.kernel.org/all/alpine.DEB.2.21.2406281713040.43454@angie.orcam.me.uk/ Suggested-by: Herbert Xu Link: https://lore.kernel.org/all/ZtqZpzMH_qMQqzyc@gondor.apana.org.au/ Signed-off-by: Guan Wentao Signed-off-by: WangYuli Signed-off-by: Herbert Xu commit f29ca8f762d19f7e26913ee49325806cb55f2d8f Author: Brian Masney Date: Thu Sep 5 20:25:21 2024 -0400 crypto: qcom-rng - rename *_of_data to *_match_data The qcom-rng driver supports both ACPI and device tree based systems. Let's rename all instances of *of_data to *match_data so that it's not implied that this driver only supports device tree-based systems. Signed-off-by: Brian Masney Reviewed-by: Dmitry Baryshkov Signed-off-by: Herbert Xu commit 3e87031a6ce68f13722155497cd511a00b56a2ae Author: Brian Masney Date: Thu Sep 5 20:25:20 2024 -0400 crypto: qcom-rng - fix support for ACPI-based systems The qcom-rng driver supports both ACPI and device tree-based systems. ACPI support was broken when the hw_random interface support was added. Let's go ahead and fix this by adding the appropriate driver data to the ACPI match table, and change the of_device_get_match_data() call to device_get_match_data() so that it will also work on ACPI-based systems. This fix was boot tested on a Qualcomm Amberwing server (ACPI based) and on a Qualcomm SA8775p Automotive Development Board (DT based). I also verified that qcom-rng shows up in /proc/crypto on both systems. Fixes: f29cd5bb64c2 ("crypto: qcom-rng - Add hw_random interface support") Reported-by: Ernesto A. Fernández Closes: https://lore.kernel.org/linux-arm-msm/20240828184019.GA21181@eaf/ Cc: stable@vger.kernel.org Signed-off-by: Brian Masney Reviewed-by: Dmitry Baryshkov Signed-off-by: Herbert Xu commit 48b8843a0b74b0c2ff6aa44b31b27158f7d26306 Author: Nikunj Kela Date: Thu Sep 5 12:06:05 2024 -0700 dt-bindings: crypto: qcom,prng: document support for SA8255p Document SA8255p compatible for the True Random Number Generator. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Nikunj Kela Signed-off-by: Herbert Xu commit 30fed346a3ffcf27da9e7a74466502116186146e Author: Riyan Dhiman Date: Tue Sep 3 18:25:39 2024 +0530 crypto: aegis128 - Fix indentation issue in crypto_aegis128_process_crypt() The code in crypto_aegis128_process_crypt() had an indentation issue where spaces were used instead of tabs. This commit corrects the indentation to use tabs, adhering to the Linux kernel coding style guidelines. Issue reported by checkpatch: - ERROR: code indent should use tabs where possible No functional changes are intended. Signed-off-by: Riyan Dhiman Signed-off-by: Herbert Xu commit a8d0b5eb3f9f838d3781be7d3d24b22fe492a916 Author: Gustavo A. R. Silva Date: Tue Aug 20 18:50:56 2024 -0600 xen/pci: Avoid -Wflex-array-member-not-at-end warning Use the `DEFINE_RAW_FLEX()` helper for an on-stack definition of a flexible structure where the size of the flexible-array member is known at compile-time, and refactor the rest of the code, accordingly. So, with this, fix the following warning: drivers/xen/pci.c:48:55: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva Reviewed-by: Kees Cook Message-ID: Signed-off-by: Juergen Gross commit f3185222ccce1026cf077baa7fc438c12fa4cf59 Author: Krzysztof Kozlowski Date: Fri Aug 23 14:51:12 2024 +0200 pmdomain: qcom: rpmpd: Simplify locking with guard() Simplify error handling (less gotos) over locks with guard(). Signed-off-by: Krzysztof Kozlowski Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240823-cleanup-h-guard-pm-domain-v1-8-8320722eaf39@linaro.org Signed-off-by: Ulf Hansson commit 005d29ac591a8d3cf0fb6f34c2045d0690992148 Author: Krzysztof Kozlowski Date: Fri Aug 23 14:51:11 2024 +0200 pmdomain: qcom: rpmhpd: Simplify locking with guard() Simplify error handling (less gotos) over locks with guard(). Signed-off-by: Krzysztof Kozlowski Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240823-cleanup-h-guard-pm-domain-v1-7-8320722eaf39@linaro.org Signed-off-by: Ulf Hansson commit ba3a65c69bdbff04ea5699597bf491de5cbe82e9 Author: Krzysztof Kozlowski Date: Fri Aug 23 14:51:10 2024 +0200 pmdomain: qcom: cpr: Simplify locking with guard() Simplify error handling (less gotos) over locks with guard(). Signed-off-by: Krzysztof Kozlowski Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240823-cleanup-h-guard-pm-domain-v1-6-8320722eaf39@linaro.org Signed-off-by: Ulf Hansson commit 584dc41b3d5750a5a57be46c96708eee1092eb30 Author: Krzysztof Kozlowski Date: Fri Aug 23 14:51:09 2024 +0200 pmdomain: qcom: cpr: Simplify with dev_err_probe() Use dev_err_probe() to make defer code handling simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240823-cleanup-h-guard-pm-domain-v1-5-8320722eaf39@linaro.org Signed-off-by: Ulf Hansson commit 13bd778c900537f3fff7cfb671ff2eb0e92feee6 Author: Krzysztof Kozlowski Date: Fri Aug 23 14:51:08 2024 +0200 pmdomain: imx: gpcv2: Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240823-cleanup-h-guard-pm-domain-v1-4-8320722eaf39@linaro.org Signed-off-by: Ulf Hansson commit 3e4d109ee8fca30b59f5f0382498a9a9ee90f3ea Author: Krzysztof Kozlowski Date: Fri Aug 23 14:51:07 2024 +0200 pmdomain: imx: gpc: Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240823-cleanup-h-guard-pm-domain-v1-3-8320722eaf39@linaro.org Signed-off-by: Ulf Hansson commit da64dae42672a03eb877ebf21bde847215f5fa29 Author: Krzysztof Kozlowski Date: Fri Aug 23 14:51:06 2024 +0200 pmdomain: rockchip: Simplify locking with guard() Simplify error handling (smaller error handling) over locks with guard(). Signed-off-by: Krzysztof Kozlowski Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240823-cleanup-h-guard-pm-domain-v1-2-8320722eaf39@linaro.org Signed-off-by: Ulf Hansson commit 0d946ef4646092a23de2baf7b9d3063fe5571e82 Author: Krzysztof Kozlowski Date: Fri Aug 23 14:51:05 2024 +0200 pmdomain: rockchip: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() and for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240823-cleanup-h-guard-pm-domain-v1-1-8320722eaf39@linaro.org Signed-off-by: Ulf Hansson commit 181c8148556a2a7dd3047ea687873937b1be4f00 Author: Zhang Zekun Date: Wed Aug 21 11:40:22 2024 +0800 pmdomain: qcom-cpr: Use scope based of_node_put() to simplify code. Use scope based of_node_put() to simplify the code logic, and we don't need to call of_node_put(). This will simplify the code a lot. Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240821034022.27394-3-zhangzekun11@huawei.com Signed-off-by: Ulf Hansson commit f253f6d922da29d0d7091801cbc9b4166c3959fe Author: Zhang Zekun Date: Wed Aug 21 11:40:21 2024 +0800 pmdomain: qcom-cpr: Use helper function for_each_available_child_of_node() for_each_available_child_of_node() can help to iterate through the device_node, and we don't need to use while loop. Besides, the purpose of the while loop is to find a device_node which fits the condition "child_req_np == ref_np", we can just read the property of "child_np" directly in for_each_available_child_of_node(). No functional change with such conversion. Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240821034022.27394-2-zhangzekun11@huawei.com Signed-off-by: Ulf Hansson commit bdf2ba157eb7db4c7bc603fef001c10fa9444ee2 Merge: 52fa3b6532ec6f b7468c0fe148f9 Author: David S. Miller Date: Fri Sep 13 10:49:01 2024 +0100 Merge branch 'am65-cpsw-rx-mq' Roger Quadros says: ==================== net: ethernet: ti: am65-cpsw: Add multi queue RX support am65-cpsw can support up to 8 queues at Rx. So far we have been using only one queue (i.e. default flow) for all RX traffic. This series adds multi-queue support. The driver starts with 1 RX queue by default. User can increase the RX queues via ethtool, e.g. 'ethtool -L ethx rx ' The series also adds regmap and regfield support to some of the ALE registers. It adds Policer/Classifier registers and fields. Converting the existing ALE control APIs to regfields can be a separate exercise. Some helper functions are added to read/write to the Policer/Classifier registers and a default Classifier setup function is added that routes packets based on their PCP/DSCP priority to different RX queues. Signed-off-by: Roger Quadros --- Changes in v4: - Use single macro AM65_CPSW_MAX_QUEUES for both TX and RX queues to simplify code - reuse am65_cpsw_get/set_per_queue_coalesce for am65_cpsw_get/set_coalesce. - return -EINVAL if unsupported tx/rx_coalesce_usecs in am65_cpsw_set_coalesce. - reverse Xmas tree declaration order fixes in cpsw_ale - Link to v3: https://lore.kernel.org/r/20240703-am65-cpsw-multi-rx-v3-0-f11cd860fd72@kernel.org Changes in v3: - code style fixes - squashed patches 5 and 6 - added comment about priority to thread mapping table. - Added Reviewed-by Simon Horman. - Link to v2: https://lore.kernel.org/r/20240628-am65-cpsw-multi-rx-v2-0-c399cb77db56@kernel.org Changes in v2: - rebase to net/next - fixed RX stall issue during iperf - Link to v1: https://lore.kernel.org/r/20240606-am65-cpsw-multi-rx-v1-0-0704b0cb6fdc@kernel.org ==================== Signed-off-by: David S. Miller commit b7468c0fe148f9f627921357f8cb97690c19d480 Author: Roger Quadros Date: Tue Sep 10 12:24:03 2024 +0300 net: ethernet: ti: am65-cpsw: setup priority to flow mapping Now that we support multiple RX queues, enable default priority to flow mapping so that higher priority packets come on higher channels (flows). The Classifier checks for PCP/DSCP priority in the packet and routes them to the appropriate flow. Signed-off-by: Roger Quadros Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit 961d4187c7029a55cf72d991b40c0b820f398887 Author: Roger Quadros Date: Tue Sep 10 12:24:02 2024 +0300 net: ethernet: ti: cpsw_ale: add policer/classifier helpers and setup defaults The Policer registers in the ALE register space are just shadow registers and use an index field in the policer table control register to read/write to the actual Polier registers. Add helper functions to Read and Write to Policer registers. Also add a helper function to set the thread value to classifier/policer mapping. Any packet that first matches the classifier will be sent to the thread (flow) that is set in the classifier to thread mapping table. If not set then it goes to the default flow. Default behaviour is to have 8 classifiers to map 8 DSCP/PCP priorities to N receive threads (flows). N depends on number of RX channels enabled for the port. As per the standard [1] User prioritie 1 (Background) and 2 (Spare) have lower priority than the user priority 0 (default). User priority 1 being of the lowest priority. [1] IEEE802.1D-2004, IEEE Standard for Local and metropolitan area networks Table G-2 - Traffic type acronyms Table G-3 - Defining traffic types Signed-off-by: Roger Quadros Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit eb41dd76abce6a13bd7ad9c779dd560136caf60a Author: Roger Quadros Date: Tue Sep 10 12:24:01 2024 +0300 net: ethernet: ti: cpsw_ale: add Policer and Thread control register fields Adds regfileds for Policer registers and Thread mapping/control registers. Signed-off-by: Roger Quadros Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit 11cbcfeaa79e5c76cb3bce85dfc10de61b0b0a2b Author: Roger Quadros Date: Tue Sep 10 12:24:00 2024 +0300 net: ethernet: ti: cpsw_ale: use regfields for number of Entries and Policers Use regfields for number of ALE Entries and Policers. The variants that support Policers/Classifiers have the number of policers encoded in the ALE_STATUS register. Use that and show the number of Policers in the ALE info message. Signed-off-by: Roger Quadros Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit bbfc7e2b9ebe16669e33d9332275d87b660a3c8b Author: Roger Quadros Date: Tue Sep 10 12:23:59 2024 +0300 net: ethernet: ti: cpsw_ale: use regfields for ALE registers Map the entire ALE registerspace using regmap. Add regfields for Major and Minor Version fields. Signed-off-by: Roger Quadros Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit da70d184a8c330d6945ed98f39265dada61850a0 Author: Roger Quadros Date: Tue Sep 10 12:23:58 2024 +0300 net: ethernet: ti: am65-cpsw: Introduce multi queue Rx am65-cpsw can support up to 8 queues at Rx. Use a macro AM65_CPSW_MAX_RX_QUEUES to indicate that. As there is only one DMA channel for RX traffic, the 8 queues come as 8 flows in that channel. By default, we will start with 1 flow as defined by the macro AM65_CPSW_DEFAULT_RX_CHN_FLOWS. User can change the number of flows by ethtool like so 'ethtool -L ethx rx ' All traffic will still come on flow 0. To get traffic on different flows the Classifiers will need to be set up. Signed-off-by: Roger Quadros Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit ecc4d6af979b3bd4d239ff80bbba455c90d3f4f3 Merge: a715e94dbda4ec 4b7ff9ab98af11 Author: Vlastimil Babka Date: Fri Sep 13 11:13:03 2024 +0200 Merge branch 'slab/for-6.12/kmem_cache_args' into slab/for-next Merge kmem_cache_create() refactoring by Christian Brauner. Note this includes a merge of the vfs.file tree that contains the prerequisity kmem_cache_create_rcu() work. commit a715e94dbda4ece41aac49b7b7ff8ddb55a7fe08 Merge: e02147cb703412 9028cdeb38e1f3 Author: Vlastimil Babka Date: Fri Sep 13 11:08:27 2024 +0200 Merge branch 'slab/for-6.12/rcu_barriers' into slab/for-next Merge most of SLUB feature work for 6.12: - Barrier for pending kfree_rcu() in kmem_cache_destroy() and associated refactoring of the destroy path (Vlastimil Babka) - CONFIG_SLUB_RCU_DEBUG to allow KASAN catching UAF bugs in SLAB_TYPESAFE_BY_RCU caches (Jann Horn) - kmem_cache_charge() for delayed kmemcg charging (Shakeel Butt) commit 4b7ff9ab98af11a477d50f08382bcc4c2f899926 Author: Vlastimil Babka Date: Fri Sep 13 10:15:56 2024 +0200 mm, slab: restore kerneldoc for kmem_cache_create() As kmem_cache_create() became a _Generic() wrapper macro, it currently has no kerneldoc despite being the main API to use. Add it. Also adjust kmem_cache_create_usercopy() kerneldoc to indicate it is now a legacy wrapper. Also expand the kerneldoc for struct kmem_cache_args, especially for the freeptr_offset field, where important details were removed with the removal of kmem_cache_create_rcu(). Signed-off-by: Vlastimil Babka Reviewed-by: Christian Brauner commit 77d48d39e99170b528e4f2e9fc5d1d64cdedd386 Author: Ard Biesheuvel Date: Thu Sep 12 17:45:49 2024 +0200 efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog() boot service is cached in memory, and passed on to the OS using an EFI configuration table. The use of EFI_LOADER_DATA here results in the region being left unreserved in the E820 memory map constructed by the EFI stub, and this is the memory description that is passed on to the incoming kernel by kexec, which is therefore unaware that the region should be reserved. Even though the utility of the TPM2 event log after a kexec is questionable, any corruption might send the parsing code off into the weeds and crash the kernel. So let's use EFI_ACPI_RECLAIM_MEMORY instead, which is always treated as reserved by the E820 conversion logic. Cc: Reported-by: Breno Leitao Tested-by: Usama Arif Reviewed-by: Ilias Apalodimas Signed-off-by: Ard Biesheuvel commit bf05aeac230e390a5aee4bd3dc978b0c4d7e745f Merge: b615b9c36cae04 0289507609dcb7 Author: Dave Airlie Date: Fri Sep 13 16:26:04 2024 +1000 Merge tag 'drm-intel-next-fixes-2024-09-12' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-next - Add missing I915_FORMAT_MOD_4_TILED_BMG_CCS modifier for BMG - Printk formatting fix Signed-off-by: Dave Airlie From: Joonas Lahtinen Link: https://patchwork.freedesktop.org/patch/msgid/ZuKtfPJZ7vp79lWN@jlahtine-mobl.ger.corp.intel.com commit 93907620b308609c72ba4b95b09a6aa2658bb553 Author: Oliver Neukum Date: Thu Sep 12 15:21:22 2024 +0200 USB: misc: yurex: fix race between read and write The write code path touches the bbu member in a non atomic manner without taking the spinlock. Fix it. The bug is as old as the driver. Signed-off-by: Oliver Neukum CC: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240912132126.1034743-1-oneukum@suse.com Signed-off-by: Greg Kroah-Hartman commit 49cd2f4d747eeb3050b76245a7f72aa99dbd3310 Author: Oliver Neukum Date: Thu Sep 12 14:54:43 2024 +0200 USB: misc: cypress_cy7c63: check for short transfer As we process the second byte of a control transfer, transfers of less than 2 bytes must be discarded. This bug is as old as the driver. SIgned-off-by: Oliver Neukum CC: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240912125449.1030536-1-oneukum@suse.com Signed-off-by: Greg Kroah-Hartman commit 8265d06b7794493d82c5c21a12d7ba43eccc30cb Author: Oliver Neukum Date: Thu Sep 12 14:32:59 2024 +0200 USB: appledisplay: close race between probe and completion handler There is a small window during probing when IO is running but the backlight is not registered. Processing events during that time will crash. The completion handler needs to check for a backlight before scheduling work. The bug is as old as the driver. Signed-off-by: Oliver Neukum CC: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240912123317.1026049-1-oneukum@suse.com Signed-off-by: Greg Kroah-Hartman commit b41c1fa155ba56d125885b0191aabaf3c508d0a3 Author: Oliver Neukum Date: Thu Sep 12 16:19:06 2024 +0200 USB: class: CDC-ACM: fix race between get_serial and set_serial TIOCGSERIAL is an ioctl. Thus it must be atomic. It returns two values. Racing with set_serial it can return an inconsistent result. The mutex must be taken. In terms of logic the bug is as old as the driver. In terms of code it goes back to the conversion to the get_serial and set_serial methods. Signed-off-by: Oliver Neukum Cc: stable Fixes: 99f75a1fcd865 ("cdc-acm: switch to ->[sg]et_serial()") Link: https://lore.kernel.org/r/20240912141916.1044393-1-oneukum@suse.com Signed-off-by: Greg Kroah-Hartman commit 9ae0f262fc3f36c1f0b131c7017fbe75245a39df Author: Colin Ian King Date: Thu Sep 12 14:23:45 2024 +0100 usb: r8a66597-hcd: make read-only const arrays static Don't populate the read-only const arrays fifoaddr, fifosel and fifoctr on the stack at run time, instead make them static. Signed-off-by: Colin Ian King Link: https://lore.kernel.org/r/20240912132345.589397-1-colin.i.king@gmail.com Signed-off-by: Greg Kroah-Hartman commit 7fa6b25dfb43dafc0e16510e2fcfd63634fc95c2 Author: Christian A. Ehrhardt Date: Thu Sep 12 09:41:32 2024 +0200 usb: typec: ucsi: Fix busy loop on ASUS VivoBooks If the busy indicator is set, all other fields in CCI should be clear according to the spec. However, some UCSI implementations do not follow this rule and report bogus data in CCI along with the busy indicator. Ignore the contents of CCI if the busy indicator is set. If a command timeout is hit it is possible that the EVENT_PENDING bit is cleared while connector work is still scheduled which can cause the EVENT_PENDING bit to go out of sync with scheduled connector work. Check and set the EVENT_PENDING bit on entry to ucsi_handle_connector_change() to fix this. Finally, check UCSI_CCI_BUSY before the return code of ->sync_control. This ensures that the command is cancelled even if ->sync_control returns an error (most likely -ETIMEDOUT). Reported-by: Anurag Bijea Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219108 Bisected-by: Christian Heusel Tested-by: Anurag Bijea Fixes: de52aca4d9d5 ("usb: typec: ucsi: Never send a lone connector change ack") Cc: stable@vger.kernel.org Signed-off-by: Christian A. Ehrhardt Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240912074132.722855-1-lk@c--e.de Signed-off-by: Greg Kroah-Hartman commit e8afd5ace118fe3a508cd6f2aa21e2da150bed48 Author: Dan Carpenter Date: Thu Sep 12 11:54:09 2024 +0300 usb: dwc3: rtk: Clean up error code in __get_dwc3_maximum_speed() The __get_dwc3_maximum_speed() function returns an enum type which, in this context here, is basically unsigned int. On error cases, it's supposed to return USB_SPEED_UNKNOWN, but it was accidentally changed to return negative error codes in commit f93e96c544ca ("usb: dwc3: rtk: use scoped device node handling to simplify error paths"). There is only one caller and because of the way that the types work out, returning negative error codes is not a problem. They will be treated as greater than USB_SPEED_HIGH and ignored as invalid. So this patch does not affect run time behavior, it's just a clean up. Signed-off-by: Dan Carpenter Link: https://lore.kernel.org/r/865e56dc-37cc-47b1-8d35-9047ecb1984a@stanley.mountain Signed-off-by: Greg Kroah-Hartman commit 9027afa89bfe9e50e46714b72179761c67ebf4ad Author: Abhishek Tamboli Date: Thu Sep 12 20:22:47 2024 +0530 usb: storage: ene_ub6250: Fix right shift warnings Change bl_len from u16 to u32 to accommodate the necessary bit shifts. Fix the following smatch warnings: drivers/usb/storage/ene_ub6250.c:1509 ms_scsi_read_capacity() warn: right shifting more than type allows 16 vs 24 drivers/usb/storage/ene_ub6250.c:1510 ms_scsi_read_capacity() warn: right shifting more than type allows 16 vs 16 Signed-off-by: Abhishek Tamboli Acked-by: Alan Stern Link: https://lore.kernel.org/r/20240912145247.15544-1-abhishektamboli9@gmail.com Signed-off-by: Greg Kroah-Hartman commit 7d01ef789bdcdd02ac42b98ae5b7f98310a0e3d2 Author: Bart Van Assche Date: Thu Sep 12 15:39:56 2024 -0700 usb: roles: Improve the fix for a false positive recursive locking complaint Improve commit fc88bb116179 ("usb: roles: add lockdep class key to struct usb_role_switch") as follows: * Move the lock class key declaration just above the mutex declaration such that the declaration order of these objects matches their initialization order. * Destroy the mutex and lock class key just before these objects are freed. This makes it easier to verify that the destruction calls happen after the last use of these objects. * Instead of switching the mutex key to the dynamic lock class key after initialization of the mutex has completed, initialize the mutex with the dynamic lock class key. Cc: Amit Sunil Dhamne Cc: Badhri Jagan Sridharan Cc: Hans de Goede Cc: Andy Shevchenko Cc: Heikki Krogerus Cc: Greg Kroah-Hartman Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240912223956.3554086-4-bvanassche@acm.org Signed-off-by: Greg Kroah-Hartman commit e837d833a13461c10f265a65ce6612e6dd43e76f Author: Bart Van Assche Date: Thu Sep 12 15:39:55 2024 -0700 locking/mutex: Introduce mutex_init_with_key() The following pattern occurs 5 times in kernel drivers: lockdep_register_key(key); __mutex_init(mutex, name, key); In several cases the 'name' argument matches #mutex. Hence, introduce the mutex_init_with_key() macro. This macro derives the 'name' argument from the 'mutex' argument. Suggested-by: Andy Shevchenko Acked-by: Peter Zijlstra (Intel) Reviewed-by: Andy Shevchenko Cc: Thomas Gleixner Cc: Ingo Molnar Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240912223956.3554086-3-bvanassche@acm.org Signed-off-by: Greg Kroah-Hartman commit 96f8052822e03c6f49b6b28fc1d6e5e0522ecbb9 Author: Bart Van Assche Date: Thu Sep 12 15:39:54 2024 -0700 locking/mutex: Define mutex_init() once With CONFIG_PREEMPT_RT disabled __mutex_init() is a function. With CONFIG_PREEMPT_RT enabled, __mutex_init() is a macro. I assume this is why mutex_init() is defined twice as exactly the same macro. Prepare for introducing a new macro for mutex initialization by combining the two identical mutex_init() definitions into a single definition. This patch does not change any functionality because the C preprocessor expands macros when it encounters the macro name and not when a macro definition is encountered. See also commit bb630f9f7a7d ("locking/rtmutex: Add mutex variant for RT"). Acked-by: Peter Zijlstra (Intel) Cc: Thomas Gleixner Cc: Ingo Molnar Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240912223956.3554086-2-bvanassche@acm.org Signed-off-by: Greg Kroah-Hartman commit b4fdf9b1cd8b21a6569290a06b2a7df0eb071d6e Author: Xingquan Liu Date: Fri Sep 13 09:23:42 2024 +0800 staging: vt6655: Rename variable apTD1Rings Rename variable apTD1Rings to ap_td1_rings to fix checkpatch warning Avoid CamelCase. Signed-off-by: Xingquan Liu Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240913012343.42579-2-b1n@b1n.io Signed-off-by: Greg Kroah-Hartman commit 6c36c1bdabe15ec77046b9d5d66f274b777115fe Author: Xingquan Liu Date: Fri Sep 13 09:23:41 2024 +0800 staging: vt6655: Rename variable apTD0Rings Rename variable apTD0Rings to ap_td0_rings to fix checkpatch warning Avoid CamelCase. Signed-off-by: Xingquan Liu Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240913012343.42579-1-b1n@b1n.io Signed-off-by: Greg Kroah-Hartman commit ea0fca507967d2d4354f97f688cabddcf1dc5f9a Author: Ping-Ke Shih Date: Fri Sep 13 08:28:15 2024 +0800 staging: rtl8723bs: remove unused 'poll_cnt' from rtw_set_rpwm() The 'poll_cnt' is used to assist in polling hardware state. Current code uses jiffies to determine timeout, so removing this value is safe. Otherwise, clang warns: core/rtw_pwrctrl.c:288:6: warning: variable 'poll_cnt' set but not used [-Wunused-but-set-variable] 288 | u8 poll_cnt = 0; | ^ Signed-off-by: Ping-Ke Shih Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240913002815.5149-5-pkshih@realtek.com Signed-off-by: Greg Kroah-Hartman commit 0b4d1ed30d8ddf0204afd2842a91c2113d997254 Author: Ping-Ke Shih Date: Fri Sep 13 08:28:14 2024 +0800 staging: rtl8723bs: remove unused cnt from recv_func() The 'cnt' is used to show how many pending frames are processed, and the debug code has been removed, so removing 'cnt' is safe. Otherwise, clang warns: core/rtw_recv.c:2030:7: warning: variable 'cnt' set but not used [-Wunused-but-set-variable] 2030 | int cnt = 0; | ^ Signed-off-by: Ping-Ke Shih Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240913002815.5149-4-pkshih@realtek.com Signed-off-by: Greg Kroah-Hartman commit aa947d717a498644b019591768be10a1aac713a9 Author: Ping-Ke Shih Date: Fri Sep 13 08:28:13 2024 +0800 staging: rtl8723bs: remove unused efuseValue from efuse_OneByteWrite() The efuseValue is to store value from register EFUSE_CTRL, and set control bits including address and write bit. This is no need for RTL8723BS, so the consumer has been removed. Thus, remove these unused codes are safe. Otherwiese, clang warns: rtw_efuse.c:285:6: warning: variable 'efuseValue' set but not used [-Wunused-but-set-variable] 285 | u32 efuseValue; | ^ Signed-off-by: Ping-Ke Shih Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240913002815.5149-3-pkshih@realtek.com Signed-off-by: Greg Kroah-Hartman commit bfa0290f4fc4c84e1283077eecd44147ec27a8c9 Author: Ping-Ke Shih Date: Fri Sep 13 08:28:12 2024 +0800 staging: rtl8712: remove unused drvinfo_sz from update_recvframe_attrib The drvinfo_sz is a size of hardware generated data putting in front of real RX data. The functions r8712_rxcmd_event_hdl() and recvbuf2recvframe() have its own parsing code to get drvinfo_sz to access real RX data, so removing this unused drvinfo_sz is safe. Otherwise, clang report: rtl8712_recv.c:139:6: warning: variable 'drvinfo_sz' set but not used [-Wunused-but-set-variable] 139 | u16 drvinfo_sz; | ^ Signed-off-by: Ping-Ke Shih Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240913002815.5149-2-pkshih@realtek.com Signed-off-by: Greg Kroah-Hartman commit 81c05e4776adf8b439e5c439ac46e5025af57020 Author: Dominik Karol Piątkowski Date: Wed Sep 11 18:02:19 2024 +0000 staging: vt6655: mac.h: Fix possible precedence issue in macros It is safer to put macro arguments in parentheses. This way, accidental operator precedence issues can be avoided. Signed-off-by: Dominik Karol Piątkowski Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240911180149.14474-1-dominik.karol.piatkowski@protonmail.com Signed-off-by: Greg Kroah-Hartman commit e6e639934664938335fa32d3576f87fc66055183 Author: Sayyad Abid Date: Thu Sep 12 09:34:09 2024 +0530 staging: rtl8723bs: include: Remove spaces before tabs in rtw_security.h This change improves code readability and ensures consistent indentation. Reported by `checkpatch.pl`: WARNING: spaces should not be used before a tab for indentation. Signed-off-by: Sayyad Abid Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240912040409.3315067-9-sayyad.abid16@gmail.com Signed-off-by: Greg Kroah-Hartman commit 056cd1481b281e36f8ec3ac055bdb94df9832541 Author: Sayyad Abid Date: Thu Sep 12 09:34:08 2024 +0530 staging: rtl8723bs: include: Fix trailing */ position in rtw_security.h This change enhances readability and conforms to the standard commenting style in the kernel. Reported by `checkpatch.pl`: WARNING: trailing `*/` should be on a separate line. Signed-off-by: Sayyad Abid Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240912040409.3315067-8-sayyad.abid16@gmail.com Signed-off-by: Greg Kroah-Hartman commit d958ae0dd027afe208d14a4db7076ee370d42882 Author: Sayyad Abid Date: Thu Sep 12 09:34:07 2024 +0530 staging: rtl8723bs: include: Fix indent for else block struct in rtw_security.h This change improves code readability and maintains consistency with the kernel's coding guidelines. Reported by `checkpatch.pl`: WARNING: please, no spaces at the start of a line Signed-off-by: Sayyad Abid Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240912040409.3315067-7-sayyad.abid16@gmail.com Signed-off-by: Greg Kroah-Hartman commit f7ecef7f49bbe071f0daab749deb9ee42f748e38 Author: Sayyad Abid Date: Thu Sep 12 09:34:06 2024 +0530 staging: rtl8723bs: include: Fix indent for struct _byte_ in rtw_security.h This change ensures consistent formatting of the struct declaration. Improves code readability. Reported by `checkpatch.pl`: WARNING: please, no spaces at the start of a line Signed-off-by: Sayyad Abid Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240912040409.3315067-6-sayyad.abid16@gmail.com Signed-off-by: Greg Kroah-Hartman commit b5f23bf433d7dbb655c06d509a10016b7f1eb63f Author: Sayyad Abid Date: Thu Sep 12 09:34:05 2024 +0530 staging: rtl8723bs: include: Fix use of tabs for indent in rtw_security.h This change ensures that the code is properly indented and easy to follow. Reported by `checkpatch.pl`: WARNING: please, use tabs instead of spaces for indentation. Signed-off-by: Sayyad Abid Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240912040409.3315067-5-sayyad.abid16@gmail.com Signed-off-by: Greg Kroah-Hartman commit a77f871b966c2809af18c790da77b8805087f674 Author: Sayyad Abid Date: Thu Sep 12 09:34:04 2024 +0530 staging: rtl8723bs: include: Fix indent for switch block in rtw_security.h This improves code readability by ensuring consistent formatting. Reported by `checkpatch.pl`: WARNING: switch blocks should be indented with a single tab. Signed-off-by: Sayyad Abid Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240912040409.3315067-4-sayyad.abid16@gmail.com Signed-off-by: Greg Kroah-Hartman commit ec06bf59068ce0a3e0aee3d5f7c02d4cee895577 Author: Sayyad Abid Date: Thu Sep 12 09:34:03 2024 +0530 staging: rtl8723bs: include: Fix indent for switch case in rtw_security.h This change ensures proper formatting for better readability and maintainability. Reported by `checkpatch.pl`: WARNING: switch and case statements should be indented with tabs. Signed-off-by: Sayyad Abid Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240912040409.3315067-3-sayyad.abid16@gmail.com Signed-off-by: Greg Kroah-Hartman commit fd64620992a9b938a6a4aac335d224ce07643c15 Author: Sayyad Abid Date: Thu Sep 12 09:34:02 2024 +0530 staging: rtl8723bs: include: Fix open brace position in rtw_security.h This change improves code readability and consistency with the rest of the kernel codebase. Reported by `checkpatch.pl`: WARNING: open brace '{' following function definitions or control statements should be on the next line. Signed-off-by: Sayyad Abid Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240912040409.3315067-2-sayyad.abid16@gmail.com Signed-off-by: Greg Kroah-Hartman commit 33512ed157457af8960c7ac123d0213c72cf052f Author: Jinjie Ruan Date: Thu Sep 12 11:17:31 2024 +0800 staging: nvec: Use IRQF_NO_AUTOEN flag in request_irq() disable_irq() after request_irq() still has a time gap in which interrupts can come. request_irq() with IRQF_NO_AUTOEN flag will disable IRQ auto-enable when request IRQ. Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/r/20240912031731.2211698-1-ruanjinjie@huawei.com Signed-off-by: Greg Kroah-Hartman commit cc5b9b48d44756a87170f3901c6c2fd99e6b89b2 Author: Selvin Xavier Date: Tue Sep 10 21:08:30 2024 -0700 RDMA/bnxt_re: Recover the device when FW error is detected If the FW crashes, L2 driver gets notified and it notifies the RoCE driver. Currently driver doesn't re-initialize the device. Add support for re-initialize the RoCE device. RoCE device is removed and re-attached in the ulp_stop and ulp_start respectively. The recovery logic expects the RoCE driver to be registered with L2 driver while its being removed. So the driver avoids unregistering with L2 driver in the recovery path. Signed-off-by: Chandramohan Akula Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Link: https://patch.msgid.link/1726027710-2292-5-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Leon Romanovsky commit 94a9dc6ac8f7e6801c88d05c42ed9ceaa4b5f609 Author: Selvin Xavier Date: Tue Sep 10 21:08:29 2024 -0700 RDMA/bnxt_re: Group all operations under add_device and remove_device Adding and removing device need to be handled from multiple contexts when Firmware error recovery is supported. So group all the add and remove operations to add_device and remove_device function. Signed-off-by: Chandramohan Akula Reviewed-by: Kalesh AP Signed-off-by: Selvin Xavier Link: https://patch.msgid.link/1726027710-2292-4-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Leon Romanovsky commit 532929ad0a23b9b94ab840e50ca0486033611914 Author: Chandramohan Akula Date: Tue Sep 10 21:08:28 2024 -0700 RDMA/bnxt_re: Use the aux device for L2 ULP callbacks While registering with the L2 for ULP operations, use the aux device pointer as the handle. Aux device has the data bnxt_re_en_dev_info, which is used to store required information for the bnxt_re_suspend and bnxt_re_resume functions. Signed-off-by: Chandramohan Akula Reviewed-by: Kalesh AP Reviewed-by: Kashyap Desai Signed-off-by: Selvin Xavier Link: https://patch.msgid.link/1726027710-2292-3-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Leon Romanovsky commit dee3da3422d5e8658b996243dd1ddc774bbf31f3 Author: Chandramohan Akula Date: Tue Sep 10 21:08:27 2024 -0700 RDMA/bnxt_re: Change aux driver data to en_info to hold more information rdev will be destroyed and recreated during the FW error recovery scenarios. So to keep the state, if any, use an en_info structure which gets created/freed based on auxiliary device initialization/de-initialization. Signed-off-by: Chandramohan Akula Reviewed-by: Kashyap Desai Reviewed-by: Kalesh AP Signed-off-by: Selvin Xavier Link: https://patch.msgid.link/1726027710-2292-2-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Leon Romanovsky commit 12fb1153c53bf9b53e299c9775b84fa7838640f7 Author: Chiara Meiohas Date: Mon Sep 9 20:30:25 2024 +0300 RDMA/nldev: Expose whether RDMA monitoring is supported Extend the "rdma sys" command to display whether RDMA monitoring is supported. RDMA monitoring is not supported in mlx4 because it does not use the ib_device_set_netdev() API, which sends the RDMA events. Example output for kernel where monitoring is supported: $ rdma sys show netns shared privileged-qkey off monitor on copy-on-fork on Example output for kernel where monitoring is not supported: $ rdma sys show netns shared privileged-qkey off monitor off copy-on-fork on Signed-off-by: Chiara Meiohas Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909173025.30422-8-michaelgur@nvidia.com Signed-off-by: Leon Romanovsky commit 9cbed5aab5aeea420d0aa945733bf608449d44fb Author: Chiara Meiohas Date: Mon Sep 9 20:30:24 2024 +0300 RDMA/nldev: Add support for RDMA monitoring Introduce a new netlink command to allow rdma event monitoring. The rdma events supported now are IB device registration/unregistration and net device attachment/detachment. Example output of rdma monitor and the commands which trigger the events: $ rdma monitor $ rmmod mlx5_ib [UNREGISTER] dev 1 rocep8s0f1 [UNREGISTER] dev 0 rocep8s0f0 $ modprobe mlx5_ib [REGISTER] dev 2 mlx5_0 [NETDEV_ATTACH] dev 2 mlx5_0 port 1 netdev 4 eth2 [REGISTER] dev 3 mlx5_1 [NETDEV_ATTACH] dev 3 mlx5_1 port 1 netdev 5 eth3 $ devlink dev eswitch set pci/0000:08:00.0 mode switchdev [UNREGISTER] dev 2 rocep8s0f0 [REGISTER] dev 4 mlx5_0 [NETDEV_ATTACH] dev 4 mlx5_0 port 30 netdev 4 eth2 $ echo 4 > /sys/class/net/eth2/device/sriov_numvfs [NETDEV_ATTACH] dev 4 rdmap8s0f0 port 2 netdev 7 eth4 [NETDEV_ATTACH] dev 4 rdmap8s0f0 port 3 netdev 8 eth5 [NETDEV_ATTACH] dev 4 rdmap8s0f0 port 4 netdev 9 eth6 [NETDEV_ATTACH] dev 4 rdmap8s0f0 port 5 netdev 10 eth7 [REGISTER] dev 5 mlx5_0 [NETDEV_ATTACH] dev 5 mlx5_0 port 1 netdev 11 eth8 [REGISTER] dev 6 mlx5_0 [NETDEV_ATTACH] dev 6 mlx5_0 port 1 netdev 12 eth9 [REGISTER] dev 7 mlx5_0 [NETDEV_ATTACH] dev 7 mlx5_0 port 1 netdev 13 eth10 [REGISTER] dev 8 mlx5_0 [NETDEV_ATTACH] dev 8 mlx5_0 port 1 netdev 14 eth11 $ echo 0 > /sys/class/net/eth2/device/sriov_numvfs [UNREGISTER] dev 5 rocep8s0f0v0 [UNREGISTER] dev 6 rocep8s0f0v1 [UNREGISTER] dev 7 rocep8s0f0v2 [UNREGISTER] dev 8 rocep8s0f0v3 [NETDEV_DETACH] dev 4 rdmap8s0f0 port 2 [NETDEV_DETACH] dev 4 rdmap8s0f0 port 3 [NETDEV_DETACH] dev 4 rdmap8s0f0 port 4 [NETDEV_DETACH] dev 4 rdmap8s0f0 port 5 Signed-off-by: Chiara Meiohas Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909173025.30422-7-michaelgur@nvidia.com Signed-off-by: Leon Romanovsky commit 8d159eb2117b2e3697a31785662b653938f007cb Author: Chiara Meiohas Date: Mon Sep 9 20:30:23 2024 +0300 RDMA/mlx5: Use IB set_netdev and get_netdev functions The IB layer provides a common interface to store and get net devices associated to an IB device port (ib_device_set_netdev() and ib_device_get_netdev()). Previously, mlx5_ib stored and managed the associated net devices internally. Replace internal net device management in mlx5_ib with ib_device_set_netdev() when attaching/detaching a net device and ib_device_get_netdev() when retrieving the net device. Export ib_device_get_netdev(). For mlx5 representors/PFs/VFs and lag creation we replace the netdev assignments with the IB set/get netdev functions. In active-backup mode lag the active slave net device is stored in the lag itself. To assure the net device stored in a lag bond IB device is the active slave we implement the following: - mlx5_core: when modifying the slave of a bond we send the internal driver event MLX5_DRIVER_EVENT_ACTIVE_BACKUP_LAG_CHANGE_LOWERSTATE. - mlx5_ib: when catching the event call ib_device_set_netdev() This patch also ensures the correct IB events are sent in switchdev lag. While at it, when in multiport eswitch mode, only a single IB device is created for all ports. The said IB device will receive all netdev events of its VFs once loaded, thus to avoid overwriting the mapping of PF IB device to PF netdev, ignore NETDEV_REGISTER events if the ib device has already been mapped to a netdev. Signed-off-by: Chiara Meiohas Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909173025.30422-6-michaelgur@nvidia.com Signed-off-by: Leon Romanovsky commit 5f8ca04fdd3c66a322ea318b5f1cb684dd56e5b2 Author: Chiara Meiohas Date: Mon Sep 9 20:30:22 2024 +0300 RDMA/device: Remove optimization in ib_device_get_netdev() The caller of ib_device_get_netdev() relies on its result to accurately match a given netdev with the ib device associated netdev. ib_device_get_netdev returns NULL when the IB device associated netdev is unregistering, preventing the caller of matching netdevs properly. Thus, remove this optimization and return the netdev even if it is undergoing unregistration, allowing matching by the caller. This change ensures proper netdev matching and reference count handling by the caller of ib_device_get_netdev/ib_device_set_netdev API. Signed-off-by: Maher Sanalla Signed-off-by: Chiara Meiohas Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909173025.30422-5-michaelgur@nvidia.com Reviewed-by: Kalesh AP Signed-off-by: Leon Romanovsky commit 91b4b2c62613dab3e1ec8083f1e96e5f5b2eee36 Author: Chiara Meiohas Date: Mon Sep 9 20:30:21 2024 +0300 RDMA/mlx5: Initialize phys_port_cnt earlier in RDMA device creation phys_port_cnt of the IB device must be initialized before calling ib_device_set_netdev(). Previously, phys_port_cnt was initialized in the mlx5_ib init function. Remove this initialization to allow setting it separately, providing the flexibility to call ib_device_set_netdev before registering the IB device. Signed-off-by: Chiara Meiohas Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909173025.30422-4-michaelgur@nvidia.com Signed-off-by: Leon Romanovsky commit 3ed7f9e239938a0cfaf3689e2f545229ecabec06 Author: Mark Bloch Date: Mon Sep 9 20:30:20 2024 +0300 RDMA/mlx5: Obtain upper net device only when needed Report the upper device's state as the RDMA port state only in RoCE LAG or switchdev LAG. Fixes: 27f9e0ccb6da ("net/mlx5: Lag, Add single RDMA device in multiport mode") Signed-off-by: Mark Bloch Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909173025.30422-3-michaelgur@nvidia.com Reviewed-by: Kalesh AP Signed-off-by: Leon Romanovsky commit 303ee44ac4b98196a4a311c670d3db0dc38cee84 Author: Mark Bloch Date: Mon Sep 9 20:30:19 2024 +0300 RDMA/mlx5: Check RoCE LAG status before getting netdev Check if RoCE LAG is active before calling the LAG layer for netdev. This clarifies if LAG is active. No behavior changes with this patch. Signed-off-by: Mark Bloch Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909173025.30422-2-michaelgur@nvidia.com Reviewed-by: Kalesh AP Signed-off-by: Leon Romanovsky commit c77aec65e828bd82726f664585e3bb425d17be7f Author: Yishai Hadas Date: Mon Sep 9 21:47:33 2024 +0300 RDMA/mlx5: Consider the query_vuid cap for data_direct Consider also the query_vuid cap before enabling the data_direct functionality. This may prevent a syndrome from the FW in case the query_vuid command is not supported. (e.g. migratable VF) Signed-off-by: Yishai Hadas Reviewed-by: Gal Shalom Link: https://patch.msgid.link/274c4f6f1ac0b1078243dd296695a49dbe58e7d1.1725907637.git.leonro@nvidia.com Signed-off-by: Leon Romanovsky commit 907936b6f4e630718cc31ddea79cc76a3e32080a Author: Michael Guralnik Date: Mon Sep 9 13:05:04 2024 +0300 net/mlx5: Handle memory scheme ODP capabilities When running over new FW that supports the new memory scheme ODP, set the cap in the FW to signal the FW we are working in the new scheme. In the memory scheme ODP the per_transport_service capabilities are RO for the driver so we skip their setting. Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909100504.29797-9-michaelgur@nvidia.com Signed-off-by: Leon Romanovsky commit 52fa3b6532ec6f3a1e39bf869b304d3560dd983b Author: Mina Almasry Date: Fri Sep 13 03:28:24 2024 +0000 memory-provider: fix compilation issue without SYSFS When CONFIG_SYSFS is not set, the kernel fails to compile: net/core/page_pool_user.c:368:45: error: implicit declaration of function 'get_netdev_rx_queue_index' [-Werror=implicit-function-declaration] 368 | if (pool->slow.queue_idx == get_netdev_rx_queue_index(rxq)) { | ^~~~~~~~~~~~~~~~~~~~~~~~~ When CONFIG_SYSFS is not set, get_netdev_rx_queue_index() is not defined as well. Fix by removing the ifdef around get_netdev_rx_queue_index(). It is not needed anymore after commit e817f85652c1 ("xdp: generic XDP handling of xdp_rxq_info") removed most of the CONFIG_SYSFS ifdefs. Fixes: 0f9214046893 ("memory-provider: dmabuf devmem memory provider") Cc: Matthieu Baerts (NGI0) Signed-off-by: Mina Almasry Link: https://patch.msgid.link/20240913032824.2117095-1-almasrymina@google.com Signed-off-by: Jakub Kicinski commit b523f23f5c747d83c76b609dd268a76f7ec34975 Merge: f0c7de5a5f892f cc181291893003 Author: Jakub Kicinski Date: Thu Sep 12 20:48:33 2024 -0700 Merge branch 'mlx5-updates-2024-09-11' Saeed Mahameed says: ==================== Misc updates to mlx5 driver: 1) Fix HW steering ret value and align with kdoc 2) Flow steering cleanups and add support for no append at software level 3) Support for sync reset using hot reset 4) RX SW counter to cover no-split events in header/data split mode 5) Make affinity of SFs configurable ==================== Link: https://patch.msgid.link/20240911201757.1505453-1-saeed@kernel.org Signed-off-by: Jakub Kicinski commit cc1812918930036af55ba4b4c29b8c8a96ee2086 Author: Rahul Rameshbabu Date: Wed Sep 11 13:17:57 2024 -0700 net/mlx5e: Match cleanup order in mlx5e_free_rq in reverse of mlx5e_alloc_rq mlx5e_free_rq previously cleaned resources in an order that was not the reverse of the resource allocation order in mlx5e_alloc_rq. Signed-off-by: Rahul Rameshbabu Signed-off-by: Tariq Toukan Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240911201757.1505453-16-saeed@kernel.org Signed-off-by: Jakub Kicinski commit 909fc8d107b77c6dee43d063b50c15ddbec0fea1 Author: Dragos Tatulea Date: Wed Sep 11 13:17:56 2024 -0700 net/mlx5e: SHAMPO, Add no-split ethtool counters for header/data split When SHAMPO can't identify the protocol/header of a packet, it will yield a packet that is not split - all the packet is in the data part. Count this value in packets and bytes. Signed-off-by: Dragos Tatulea Signed-off-by: Tariq Toukan Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240911201757.1505453-15-saeed@kernel.org Signed-off-by: Jakub Kicinski commit 5bd877093fd0b2e9e5f0c03b466669f761b5849c Author: Shay Drory Date: Wed Sep 11 13:17:55 2024 -0700 net/mlx5: Add NOT_READY command return status Add a new command status MLX5_CMD_STAT_NOT_READY to handle cases where the firmware is not ready. Signed-off-by: Shay Drory Signed-off-by: Tariq Toukan Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Reviewed-by: Kalesh AP Link: https://patch.msgid.link/20240911201757.1505453-14-saeed@kernel.org Signed-off-by: Jakub Kicinski commit 9c754d0970736539de9c4773fa813ad8b9bb04e2 Author: Shay Drory Date: Wed Sep 11 13:17:54 2024 -0700 net/mlx5: Allow users to configure affinity for SFs SFs didn't allow to configure IRQ affinity for its vectors. Allow users to configure the affinity of the SFs irqs. Signed-off-by: Shay Drory Signed-off-by: Tariq Toukan Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Reviewed-by: Kalesh AP Link: https://patch.msgid.link/20240911201757.1505453-13-saeed@kernel.org Signed-off-by: Jakub Kicinski commit 48bb52b0bc6693afb17a6024bab925b25fec44a1 Author: Moshe Shemesh Date: Wed Sep 11 13:17:53 2024 -0700 net/mlx5: Skip HotPlug check on sync reset using hot reset Sync reset request is nacked by the driver when PCIe bridge connected to mlx5 device has HotPlug interrupt enabled. However, when using reset method of hot reset this check can be skipped as Hotplug is supported on this reset method. Signed-off-by: Moshe Shemesh Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240911201757.1505453-12-saeed@kernel.org Signed-off-by: Jakub Kicinski commit 57502f62678ced0149d415324931bde37b42885a Author: Moshe Shemesh Date: Wed Sep 11 13:17:52 2024 -0700 net/mlx5: Add support for sync reset using hot reset On device that supports sync reset for firmware activate using hot reset, the driver queries the required reset method while handling the sync reset request. If the required reset method is hot reset, the driver will use pci_reset_bus() to reset the PCI link instead of the link toggle. Signed-off-by: Moshe Shemesh Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240911201757.1505453-11-saeed@kernel.org Signed-off-by: Jakub Kicinski commit 9947204cdad97d22d171039019a4aad4d6899cdd Author: Moshe Shemesh Date: Wed Sep 11 13:17:51 2024 -0700 net/mlx5: Add device cap for supporting hot reset in sync reset flow New devices with new FW can support sync reset for firmware activate using hot reset. Add capability for supporting it and add MFRL field to query from FW which type of PCI reset method to use while handling sync reset events. Signed-off-by: Moshe Shemesh Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240911201757.1505453-10-saeed@kernel.org Signed-off-by: Jakub Kicinski commit 1217e6989c99c1c4b76866ea395dda757c79deb4 Author: Mark Bloch Date: Wed Sep 11 13:17:50 2024 -0700 net/mlx5: fs, add support for no append at software level Native capability for some steering engines lacks support for adding an additional match with the same value to the same flow group. To accommodate the NO APPEND flag in these scenarios, we include the new rule in the existing flow table entry (fte) without immediate hardware commitment. When a request is made to delete the corresponding hardware rule, we then commit the pending rule to hardware. Only one pending rule is supported because NO_APPEND is primarily used during replacement operations. In this scenario, a rule is initially added. When it needs replacement, the new rule is added with NO_APPEND set. Only after the insertion of the new rule is the original rule deleted. Signed-off-by: Mark Bloch Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240911201757.1505453-9-saeed@kernel.org Signed-off-by: Jakub Kicinski commit ef7b79b924e50bef444dfdc04bb24693ad50365d Author: Mark Bloch Date: Wed Sep 11 13:17:49 2024 -0700 net/mlx5: fs, separate action and destination into distinct struct Introduce a dedicated structure to encapsulate flow context, actions, destination count, and modification mask. This refactoring lays the groundwork for forthcoming patches that will integrate the NO APPEND software logic. Future modifications should focus solely on these specific fields. Signed-off-by: Mark Bloch Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240911201757.1505453-8-saeed@kernel.org Signed-off-by: Jakub Kicinski commit 8ad0e9608c2c528e708a622952657d4450b04f7f Author: Mark Bloch Date: Wed Sep 11 13:17:48 2024 -0700 net/mlx5: fs, remove unused member Counter is in struct fte, remove it. Signed-off-by: Mark Bloch Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240911201757.1505453-7-saeed@kernel.org Signed-off-by: Jakub Kicinski commit 940390d976902e184e1186d0f7dab3ba884dec84 Author: Mark Bloch Date: Wed Sep 11 13:17:47 2024 -0700 net/mlx5: fs, move hardware fte deletion function reset Downstream patches will need this as we might not want to reset it when a pending rule is connected to the FTE. Signed-off-by: Mark Bloch Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240911201757.1505453-6-saeed@kernel.org Signed-off-by: Jakub Kicinski commit da2f660b3ba1be33310452959ab72d1d7ce39350 Author: Moshe Shemesh Date: Wed Sep 11 13:17:46 2024 -0700 net/mlx5: fs, make get_root_namespace API function As preparation for HW Steering support, where the function get_root_namespace() is needed to get root FDB, make it an API function and rename it to mlx5_get_root_namespace(). Reviewed-by: Yevgeny Kliteynik Signed-off-by: Moshe Shemesh Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Reviewed-by: Kalesh AP Link: https://patch.msgid.link/20240911201757.1505453-5-saeed@kernel.org Signed-off-by: Jakub Kicinski commit 48eb74e878e0ef9b173e3a99d9c7c64280c4e749 Author: Moshe Shemesh Date: Wed Sep 11 13:17:45 2024 -0700 net/mlx5: fs, move steering common function to fs_cmd.h As preparation for HW steering support in fs core level, move SW steering helper function that can be reused by HW steering to fs_cmd.h. The function mlx5_fs_cmd_is_fw_term_table() checks if a flow table is a flow steering termination table and so should be handled by FW steering. Reviewed-by: Yevgeny Kliteynik Signed-off-by: Moshe Shemesh Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240911201757.1505453-4-saeed@kernel.org Signed-off-by: Jakub Kicinski commit 3f4c38df5b0f51823df48851a56fd489f0e97545 Author: Yevgeny Kliteynik Date: Wed Sep 11 13:17:44 2024 -0700 net/mlx5: HWS, fixed error flow return values of some functions Fixed all the '-ret' returns in error flow of functions to 'ret', as the internal functions are already returning negative error values (e.g. -EINVAL) Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240911201757.1505453-3-saeed@kernel.org Signed-off-by: Jakub Kicinski commit e2e9ddf8775b2f6c28e24b2fabbf2fc8302a679e Author: Yevgeny Kliteynik Date: Wed Sep 11 13:17:43 2024 -0700 net/mlx5: HWS, updated API functions comments to kernel doc Changed all the functions comments to adhere with kernel-doc formatting. Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240911201757.1505453-2-saeed@kernel.org Signed-off-by: Jakub Kicinski commit f0c7de5a5f892f7cf60a0593d06430119a22d23e Merge: 5905c024a776c7 daaba19d357f09 Author: Jakub Kicinski Date: Thu Sep 12 20:35:09 2024 -0700 Merge branch 'net-use-irqf_no_autoen-flag-in-request_irq' Jinjie Ruan says: ==================== net: Use IRQF_NO_AUTOEN flag in request_irq() As commit cbe16f35bee6 ("genirq: Add IRQF_NO_AUTOEN for request_irq/nmi()") said, reqeust_irq() and then disable_irq() is unsafe. IRQF_NO_AUTOEN flag can be used by drivers to request_irq(). It prevents the automatic enabling of the requested interrupt in the same safe way. With that the usage can be simplified and corrected. ==================== Link: https://patch.msgid.link/20240911094445.1922476-1-ruanjinjie@huawei.com Signed-off-by: Jakub Kicinski commit daaba19d357f0900b303a530ced96c78086267ea Author: Jinjie Ruan Date: Wed Sep 11 17:44:45 2024 +0800 nfp: Use IRQF_NO_AUTOEN flag in request_irq() disable_irq() after request_irq() still has a time gap in which interrupts can come. request_irq() with IRQF_NO_AUTOEN flag will disable IRQ auto-enable when request IRQ. Reviewed-by: Louis Peens Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240911094445.1922476-4-ruanjinjie@huawei.com Signed-off-by: Jakub Kicinski commit 799a9225997799f7b1b579bc50a93b78b4fb2a01 Author: Jinjie Ruan Date: Wed Sep 11 17:44:44 2024 +0800 net: enetc: Use IRQF_NO_AUTOEN flag in request_irq() disable_irq() after request_irq() still has a time gap in which interrupts can come. request_irq() with IRQF_NO_AUTOEN flag will disable IRQ auto-enable when request IRQ. Fixes: bbb96dc7fa1a ("enetc: Factor out the traffic start/stop procedures") Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240911094445.1922476-3-ruanjinjie@huawei.com Signed-off-by: Jakub Kicinski commit e08ec0597badf325ad103c447cedeb5b7d7add45 Author: Jinjie Ruan Date: Wed Sep 11 17:44:43 2024 +0800 net: apple: bmac: Use IRQF_NO_AUTOEN flag in request_irq() disable_irq() after request_irq() still has a time gap in which interrupts can come. request_irq() with IRQF_NO_AUTOEN flag will disable IRQ auto-enable when request IRQ. Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240911094445.1922476-2-ruanjinjie@huawei.com Signed-off-by: Jakub Kicinski commit 1f2e900ac26fed3b1d11dbcb9f25589644330112 Merge: 5abfdfd402699c c471236b2359e6 Author: Jakub Kicinski Date: Thu Sep 12 20:30:32 2024 -0700 Merge branch 'bareudp-pull-inner-ip-header-on-xmit-recv' Guillaume Nault says: ==================== bareudp: Pull inner IP header on xmit/recv. Bareudp accesses the inner IP header in its xmit and recv paths. However it doesn't ensure that this header is part of skb->head. Both vxlan and geneve have received fixes for similar problems in the past. This series fixes bareudp using the same approach. ==================== Link: https://patch.msgid.link/cover.1726046181.git.gnault@redhat.com Signed-off-by: Jakub Kicinski commit c471236b2359e6b27388475dd04fff0a5e2bf922 Author: Guillaume Nault Date: Wed Sep 11 11:21:05 2024 +0200 bareudp: Pull inner IP header on xmit. Both bareudp_xmit_skb() and bareudp6_xmit_skb() read their skb's inner IP header to get its ECN value (with ip_tunnel_ecn_encap()). Therefore we need to ensure that the inner IP header is part of the skb's linear data. Fixes: 571912c69f0e ("net: UDP tunnel encapsulation module for tunnelling different protocols like MPLS, IP, NSH etc.") Signed-off-by: Guillaume Nault Reviewed-by: Willem de Bruijn Link: https://patch.msgid.link/267328222f0a11519c6de04c640a4f87a38ea9ed.1726046181.git.gnault@redhat.com Signed-off-by: Jakub Kicinski commit 45fa29c85117170b0508790f878b13ec6593c888 Author: Guillaume Nault Date: Wed Sep 11 11:20:58 2024 +0200 bareudp: Pull inner IP header in bareudp_udp_encap_recv(). Bareudp reads the inner IP header to get the ECN value. Therefore, it needs to ensure that it's part of the skb's linear data. This is similar to the vxlan and geneve fixes for that same problem: * commit f7789419137b ("vxlan: Pull inner IP header in vxlan_rcv().") * commit 1ca1ba465e55 ("geneve: make sure to pull inner header in geneve_rx()") Fixes: 571912c69f0e ("net: UDP tunnel encapsulation module for tunnelling different protocols like MPLS, IP, NSH etc.") Signed-off-by: Guillaume Nault Reviewed-by: Willem de Bruijn Link: https://patch.msgid.link/5205940067c40218a70fbb888080466b2fc288db.1726046181.git.gnault@redhat.com Signed-off-by: Jakub Kicinski commit 5905c024a776c7f592581551993817aaf0cd1f36 Author: Jakub Kicinski Date: Tue Sep 10 18:52:28 2024 -0700 net: caif: remove unused name Justin sent a patch to use strscpy_pad() instead of strncpy() on the name field. Simon rightly asked why the _pad() version is used, and looking closer name seems completely unused, the last code which referred to it was removed in commit 8391c4aab1aa ("caif: Bugfixes in CAIF netdevice for close and flow control") Link: https://lore.kernel.org/20240909-strncpy-net-caif-chnl_net-c-v1-1-438eb870c155@google.com Reviewed-by: Simon Horman Acked-by: Justin Stitt Link: https://patch.msgid.link/20240911015228.1555779-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit b2155807893aac40f1a1cdf43f7fcc270cbfc05a Author: Jakub Kicinski Date: Tue Sep 10 17:21:42 2024 -0700 uapi: libc-compat: remove ipx leftovers The uAPI headers for IPX were deleted 3 years ago in commit 6c9b40844751 ("net: Remove net/ipx.h and uapi/linux/ipx.h header files") Delete the leftover defines from libc-compat.h Link: https://patch.msgid.link/20240911002142.1508694-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit 3b7dc7000e7ebbabc2bc5d4efa95178333844724 Merge: f1bcd486c807f2 b1339be951ad31 Author: Jakub Kicinski Date: Thu Sep 12 20:21:50 2024 -0700 Merge tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Daniel Borkmann says: ==================== pull-request: bpf-next 2024-09-11 We've added 12 non-merge commits during the last 16 day(s) which contain a total of 20 files changed, 228 insertions(+), 30 deletions(-). There's a minor merge conflict in drivers/net/netkit.c: 00d066a4d4ed ("netdev_features: convert NETIF_F_LLTX to dev->lltx") d96608794889 ("netkit: Disable netpoll support") The main changes are: 1) Enable bpf_dynptr_from_skb for tp_btf such that this can be used to easily parse skbs in BPF programs attached to tracepoints, from Philo Lu. 2) Add a cond_resched() point in BPF's sock_hash_free() as there have been several syzbot soft lockup reports recently, from Eric Dumazet. 3) Fix xsk_buff_can_alloc() to account for queue_empty_descs which got noticed when zero copy ice driver started to use it, from Maciej Fijalkowski. 4) Move the xdp:xdp_cpumap_kthread tracepoint before cpumap pushes skbs up via netif_receive_skb_list() to better measure latencies, from Daniel Xu. 5) Follow-up to disable netpoll support from netkit, from Daniel Borkmann. 6) Improve xsk selftests to not assume a fixed MAX_SKB_FRAGS of 17 but instead gather the actual value via /proc/sys/net/core/max_skb_frags, also from Maciej Fijalkowski. * tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next: sock_map: Add a cond_resched() in sock_hash_free() selftests/bpf: Expand skb dynptr selftests for tp_btf bpf: Allow bpf_dynptr_from_skb() for tp_btf tcp: Use skb__nullable in trace_tcp_send_reset selftests/bpf: Add test for __nullable suffix in tp_btf bpf: Support __nullable argument suffix for tp_btf bpf, cpumap: Move xdp:xdp_cpumap_kthread tracepoint before rcv selftests/xsk: Read current MAX_SKB_FRAGS from sysctl knob xsk: Bump xsk_queue::queue_empty_descs in xp_can_alloc() tcp_bpf: Remove an unused parameter for bpf_tcp_ingress() bpf, sockmap: Correct spelling skmsg.c netkit: Disable netpoll support Signed-off-by: Jakub Kicinski ==================== Link: https://patch.msgid.link/20240911211525.13834-1-daniel@iogearbox.net Signed-off-by: Jakub Kicinski commit ea02a946873ba6709080e9db7b22449f1ac69fd4 Author: Ihor Solodrai Date: Fri Sep 13 00:19:02 2024 +0000 libbpf: Add bpf_object__token_fd accessor Add a LIBBPF_API function to retrieve the token_fd from a bpf_object. Without this accessor, if user needs a token FD they have to get it manually via bpf_token_create, even though a token might have been already created by bpf_object__load. Suggested-by: Andrii Nakryiko Signed-off-by: Ihor Solodrai Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240913001858.3345583-1-ihor.solodrai@pm.me commit f1bcd486c807f26034aff5aeb2224ef3c1d010f5 Merge: eda5891f5296a1 e874be276ee4f2 Author: Jakub Kicinski Date: Thu Sep 12 19:04:39 2024 -0700 Merge branch 'selftests-net-packetdrill-netns-and-two-imports' Willem de Bruijn says: ==================== selftests/net: packetdrill: netns and two imports From: Willem de Bruijn 1/3: run in nets, as discussed, and add missing CONFIGs 2/3: import tcp/zerocopy 3/3: import tcp/slow_start ==================== Link: https://patch.msgid.link/20240912005317.1253001-1-willemdebruijn.kernel@gmail.com Signed-off-by: Jakub Kicinski commit e874be276ee4f22de2bdf3c3a876a41a71c3207f Author: Willem de Bruijn Date: Wed Sep 11 20:52:42 2024 -0400 selftests/net: packetdrill: import tcp/slow_start Same import process as previous tests. Also add CONFIG_NET_SCH_FQ to config, as one test uses that. Same test process as previous tests. Both with and without debug mode. Recording the steps once: make mrproper vng --build \ --config tools/testing/selftests/net/packetdrill/config \ --config kernel/configs/debug.config vng -v --run . --user root --cpus 4 -- \ make -C tools/testing/selftests TARGETS=net/packetdrill run_tests Link: https://github.com/linux-netdev/nipa/wiki/How-to-run-netdev-selftests-CI-style#how-to-build Signed-off-by: Willem de Bruijn Acked-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240912005317.1253001-4-willemdebruijn.kernel@gmail.com Signed-off-by: Jakub Kicinski commit 1e42f73fd3c26e567c910e2ab9c91e9f56eae315 Author: Willem de Bruijn Date: Wed Sep 11 20:52:41 2024 -0400 selftests/net: packetdrill: import tcp/zerocopy Same as initial tests, import verbatim from github.com/google/packetdrill, aside from: - update `source ./defaults.sh` path to adjust for flat dir - add SPDX headers - remove author statements if any - drop blank lines at EOF (new) Also import set_sysctls.py, which many scripts depend on to set sysctls and then restore them later. This is no longer strictly needed for namespacified sysctl. But not all sysctls are namespacified, and doesn't hurt if they are. Signed-off-by: Willem de Bruijn Acked-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240912005317.1253001-3-willemdebruijn.kernel@gmail.com Signed-off-by: Jakub Kicinski commit cded7e0479c9340d7859841f2c0fd1aabf8f6294 Author: Willem de Bruijn Date: Wed Sep 11 20:52:40 2024 -0400 selftests/net: packetdrill: run in netns and expand config Run packetdrill tests inside netns. They may change system settings, such as sysctl. Also expand config with a few more needed CONFIGs. Link: https://lore.kernel.org/netdev/20240910152640.429920be@kernel.org/ Signed-off-by: Willem de Bruijn Acked-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240912005317.1253001-2-willemdebruijn.kernel@gmail.com Signed-off-by: Jakub Kicinski commit 37d3dd663f7485bf3e444f40abee3c68f53158cb Author: Al Viro Date: Tue Jul 30 01:16:21 2024 -0400 bpf: convert bpf_token_create() to CLASS(fd, ...) Keep file reference through the entire thing, don't bother with grabbing struct path reference and while we are at it, don't confuse the hell out of readers by random mix of path.dentry->d_sb and path.mnt->mnt_sb uses - these two are equal, so just put one of those into a local variable and use that. Reviewed-by: Christian Brauner Acked-by: Andrii Nakryiko Signed-off-by: Al Viro Signed-off-by: Andrii Nakryiko commit 433d7ce2d86d21274838c9e8c796f4232cd13cdb Author: Andrii Nakryiko Date: Tue Aug 6 15:38:12 2024 -0700 security,bpf: constify struct path in bpf_token_create() LSM hook There is no reason why struct path pointer shouldn't be const-qualified when being passed into bpf_token_create() LSM hook. Add that const. Acked-by: Paul Moore (LSM/SELinux) Suggested-by: Al Viro Signed-off-by: Andrii Nakryiko commit 359aeb86480da0cba043a79c87a65806f158e931 Merge: 95474648b802fb b071c1a9099c7b Author: Martin K. Petersen Date: Thu Sep 12 21:22:25 2024 -0400 Merge patch series "Update lpfc to revision 14.4.0.5" Justin Tee says: Update lpfc to revision 14.4.0.5 This patch set contains bug fixes related to HBA state clean ups, FCP discovery on older adapters, kref imbalances, log message improvements, and support for a new diagnostic loopback testing mode. The patches were cut against Martin's 6.12/scsi-queue tree. Link: https://lore.kernel.org/r/20240912232447.45607-1-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit b071c1a9099c7bc5fe24089117e7a15e52d4198f Author: Justin Tee Date: Thu Sep 12 16:24:47 2024 -0700 scsi: lpfc: Update lpfc version to 14.4.0.5 Update lpfc version to 14.4.0.5 Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240912232447.45607-9-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit eeb85c658e1bceaccb6ca3ffc1796741abd7b687 Author: Justin Tee Date: Thu Sep 12 16:24:46 2024 -0700 scsi: lpfc: Support loopback tests with VMID enabled The VMID feature adds an extra application services header to each frame. As such, the loopback test path is updated to accommodate the extra application header. Changes include filling in APPID and WQES bit fields for XMIT_SEQUENCE64 commands, a special loopback source APPID for verifying received loopback data matches what is sent, and increasing ELS WQ size to accommodate the APPID field in loopback test mode. Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240912232447.45607-8-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit 1af9af1f8ab38f1285b27581a5e6920ec58296ba Author: Justin Tee Date: Thu Sep 12 16:24:45 2024 -0700 scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING Revise certain log messages marked as KERN_ERR LOG_TRACE_EVENT to KERN_WARNING and use the lpfc_vlog_msg() macro to still log the event. The benefit is that events of interest are still logged and the entire trace buffer is not dumped with extraneous logging information when using default lpfc_log_verbose driver parameter settings. Also, delete the keyword "fail" from such log messages as they aren't really causes for concern. The log messages are more for warnings to a SAN admin about SAN activity. Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240912232447.45607-7-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit 0a3c84f71680684c1d41abb92db05f95c09111e8 Author: Justin Tee Date: Thu Sep 12 16:24:44 2024 -0700 scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down. Failure to release fabric ndlps beforehand opens kref imbalance race conditions. Fix by forcing the DA_ID to complete synchronously with usage of wait_queue. Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240912232447.45607-6-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit d1a2ef63fc8b3e3dc5b74b7e08636896b32acbdc Author: Justin Tee Date: Thu Sep 12 16:24:43 2024 -0700 scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler With a FLOGI outstanding and loss of physical link connection to the fabric for the duration of dev_loss_tmo, there is a fabric ndlp kref imbalance that decrements the kref and sets the NLP_IN_RECOV_POST_DEV_LOSS flag at the same time. The issue is that when the FLOGI completion routine executes, the fabric ndlp could already be freed because of the final kref put from the dev_loss_tmo handler. Fix by early returning before the ndlp kref put if the ndlp is deemed a candidate for NLP_IN_RECOV_POST_DEV_LOSS in the FLOGI completion routine. Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240912232447.45607-5-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit 05ab4e7846f1103377133c00295a9a910cc6dfc2 Author: Justin Tee Date: Thu Sep 12 16:24:42 2024 -0700 scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs An older generation of HBAs are failing FCP discovery due to usage of an outdated field in FCP command WQEs. Fix by checking the SLI Interface Type register for applicable support of 32 Byte CDB commands, and restore a setting for a WQE path using normal 16 byte CDBs. Fixes: af20bb73ac25 ("scsi: lpfc: Add support for 32 byte CDBs") Cc: stable@vger.kernel.org # v6.10+ Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240912232447.45607-4-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit fc318cac66ac50398f9fc7cbec7b339e6d08a7e6 Author: Justin Tee Date: Thu Sep 12 16:24:41 2024 -0700 scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE It's possible for the driver to send a CMF_SYNC_WQE to nonresponsive firmware during reset of the adapter. The phba link_state conditional check is currently a strict == LPFC_LINK_DOWN, which does not cover initialization states before reaching the LPFC_LINK_UP state. Update the phba->link_state conditional to < LPFC_LINK_UP so that all initialization states are covered before allowing sending CMF_SYNC_WQE. Update taking of the hbalock to be during this link_state check as well. Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240912232447.45607-3-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit 93bcc5f3984bf4f51da1529700aec351872dbfff Author: Justin Tee Date: Thu Sep 12 16:24:40 2024 -0700 scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() During HBA stress testing, a spam of received PLOGIs exposes a resource recovery bug causing leakage of lpfc_sqlq entries from the global phba->sli4_hba.lpfc_els_sgl_list. The issue is in lpfc_els_flush_cmd(), where the driver attempts to recover outstanding ELS sgls when walking the txcmplq. Only CMD_ELS_REQUEST64_CRs and CMD_GEN_REQUEST64_CRs are added to the abort and cancel lists. A check for CMD_XMIT_ELS_RSP64_WQE is missing in order to recover LS_ACC usages of the phba->sli4_hba.lpfc_els_sgl_list too. Fix by adding CMD_XMIT_ELS_RSP64_WQE as part of the txcmplq walk when adding WQEs to the abort and cancel list in lpfc_els_flush_cmd(). Also, update naming convention from CRs to WQEs. Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240912232447.45607-2-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit 95474648b802fb4a6d1e50fdfe57b8d73b2d7620 Merge: f81eaf08385ddd e7d67f3f9f9c89 Author: Martin K. Petersen Date: Thu Sep 12 21:11:28 2024 -0400 Merge patch series "mpi3mr: Few Enhancements and minor fix" Ranjan Kumar says: Few Enhancements and minor fix of mpi3mr driver. Link: https://lore.kernel.org/r/20240905102753.105310-1-ranjan.kumar@broadcom.com Signed-off-by: Martin K. Petersen commit e7d67f3f9f9c89726c2ebcf5fce48db7798a49df Author: Ranjan Kumar Date: Thu Sep 5 15:57:53 2024 +0530 scsi: mpi3mr: Update driver version to 8.12.0.0.50 Update driver version to 8.12.0.0.50. Signed-off-by: Ranjan Kumar Link: https://lore.kernel.org/r/20240905102753.105310-6-ranjan.kumar@broadcom.com Signed-off-by: Martin K. Petersen commit 4616a4b3cb8aa736882f8dc392cf146365ead2a4 Author: Ranjan Kumar Date: Thu Sep 5 15:57:52 2024 +0530 scsi: mpi3mr: Improve wait logic while controller transitions to READY state During controller transitioning to READY state, if the controller is found in transient states ("becoming ready" or "reset requested"), driver waits for 510 secs even if the controller transitions out of these states early. This causes an unnecessary delay of 510 secs in the overall firmware initialization sequence. Poll the controller state periodically (every 100 milliseconds) while waiting for the controller to come out of the mentioned transient states. Once the controller transits out of the transient states, come out of the wait loop. Signed-off-by: Sumit Saxena Signed-off-by: Ranjan Kumar Link: https://lore.kernel.org/r/20240905102753.105310-5-ranjan.kumar@broadcom.com Signed-off-by: Martin K. Petersen commit 6e4c825f267ed151596fe2554cfa457b9aaa7edf Author: Ranjan Kumar Date: Thu Sep 5 15:57:51 2024 +0530 scsi: mpi3mr: Update MPI Headers to revision 34 Update MPI Headers to revision 34. Signed-off-by: Prayas Patel Signed-off-by: Ranjan Kumar Link: https://lore.kernel.org/r/20240905102753.105310-4-ranjan.kumar@broadcom.com Signed-off-by: Martin K. Petersen commit fc1ddda330941b8a1571368bcbade16d377a5eaa Author: Ranjan Kumar Date: Thu Sep 5 15:57:50 2024 +0530 scsi: mpi3mr: Use firmware-provided timestamp update interval Make driver use the timestamp update interval value provided by firmware in the driver page 1. If firmware fails to provide non-zero value, then the driver will fall back to the driver defined macro. Signed-off-by: Prayas Patel Signed-off-by: Ranjan Kumar Link: https://lore.kernel.org/r/20240905102753.105310-3-ranjan.kumar@broadcom.com Signed-off-by: Martin K. Petersen commit 9634bb07083cfae38933d4e944709e06e4c30e74 Author: Ranjan Kumar Date: Thu Sep 5 15:57:49 2024 +0530 scsi: mpi3mr: Enhance the Enable Controller retry logic When enabling the IOC request and polling for controller ready status, poll for controller fault and reset history bit. If the controller is faulted or the reset history bit is set, retry the initialization a maximum of three times (2 retries) or if the cumulative time taken for all retries exceeds 510 seconds. Signed-off-by: Prayas Patel Signed-off-by: Ranjan Kumar Link: https://lore.kernel.org/r/20240905102753.105310-2-ranjan.kumar@broadcom.com Signed-off-by: Martin K. Petersen commit eda5891f5296a124fef981dc88dc80d1c4c3e340 Merge: 46ae4d0a489741 403cdc41773b4b Author: Jakub Kicinski Date: Thu Sep 12 18:01:19 2024 -0700 Merge branch 'ena-driver-metrics-changes' David Arinzon says: ==================== ENA driver metrics changes This patchset contains an introduction of new metrics available to ENA users. ==================== Link: https://patch.msgid.link/20240909084704.13856-1-darinzon@amazon.com Signed-off-by: Jakub Kicinski commit 403cdc41773b4b2c58e4f204ffe72f9aa1d0b9a1 Author: David Arinzon Date: Mon Sep 9 11:47:04 2024 +0300 net: ena: Extend customer metrics reporting support ENA currently supports the following customer metrics: - `bw_in_allowance_exceeded` - `bw_out_allowance_exceeded` - `conntrack_allowance_exceeded` - `linklocal_allowance_exceeded` - `pps_allowance_exceeded` This patch adds a new metric named: `conntrack_allowance_available`. Information about these metrics is available in [1]. In addition, the interface between the driver and the device has been upgraded to allow more flexibility and expendability to additional metrics in the future. [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-network-performance-ena.html#network-performance-metrics Signed-off-by: Ron Beider Signed-off-by: Shahar Itzko Signed-off-by: David Arinzon Link: https://patch.msgid.link/20240909084704.13856-3-darinzon@amazon.com Signed-off-by: Jakub Kicinski commit 49f66e1216ff9d616247189a90581306de641da9 Author: David Arinzon Date: Mon Sep 9 11:47:03 2024 +0300 net: ena: Add ENA Express metrics support ENA Express metrics, called `ena_srd` are exposed to customers via `ethtool`. The metrics allow customers to check the configuration (mode), tx/rx counters as well as resource utilization. The documentation is also updated to provide a general explanation about ENA Express as well as links for further information about metrics and configurations. Signed-off-by: Igor Chauskin Signed-off-by: David Arinzon Link: https://patch.msgid.link/20240909084704.13856-2-darinzon@amazon.com Signed-off-by: Jakub Kicinski commit f81eaf08385ddd474a2f41595a7757502870c0eb Author: Martin Wilck Date: Thu Sep 12 15:43:08 2024 +0200 scsi: sd: Fix off-by-one error in sd_read_block_characteristics() Ff the device returns page 0xb1 with length 8 (happens with qemu v2.x, for example), sd_read_block_characteristics() may attempt an out-of-bounds memory access when accessing the zoned field at offset 8. Fixes: 7fb019c46eee ("scsi: sd: Switch to using scsi_device VPD pages") Cc: stable@vger.kernel.org Signed-off-by: Martin Wilck Link: https://lore.kernel.org/r/20240912134308.282824-1-mwilck@suse.com Signed-off-by: Martin K. Petersen commit a141c17a543332fc1238eb5cba562bfc66879126 Author: Daniel Wagner Date: Thu Sep 12 10:58:28 2024 +0200 scsi: pm8001: Do not overwrite PCI queue mapping blk_mq_pci_map_queues() maps all queues but right after this, we overwrite these mappings by calling blk_mq_map_queues(). Just use one helper but not both. Fixes: 42f22fe36d51 ("scsi: pm8001: Expose hardware queues for pm80xx") Reviewed-by: Christoph Hellwig Reviewed-by: John Garry Signed-off-by: Daniel Wagner Link: https://lore.kernel.org/r/20240912-do-not-overwrite-pci-mapping-v1-1-85724b6cec49@suse.de Signed-off-by: Martin K. Petersen commit bba20b894e3c2e20f1ac914561b9ac241e0e359e Author: Christophe JAILLET Date: Sat Sep 7 08:27:22 2024 +0200 scsi: scsi_debug: Remove a useless memset() 'arr' is kzalloc()'ed, so there is no need to call memset(.., 0, ...) on it. It is already cleared. This is a follow up of commit b952eb270df3 ("scsi: scsi_debug: Allocate the MODE SENSE response from the heap"). Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/6296722174e39a51cac74b7fc68b0d75bd0db2a3.1725690433.git.christophe.jaillet@wanadoo.fr Signed-off-by: Martin K. Petersen commit 4708c9332d975aabc8498ddb85936631535fdc20 Author: Chen Ni Date: Thu Sep 5 10:35:21 2024 +0800 scsi: pmcraid: Convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Signed-off-by: Chen Ni Link: https://lore.kernel.org/r/20240905023521.1642862-1-nichen@iscas.ac.cn Signed-off-by: Martin K. Petersen commit a8598aefae31f3bf27bad1a4cebf2b04a4cdf220 Author: Bart Van Assche Date: Wed Sep 4 14:03:04 2024 -0700 scsi: sd: Retry START STOP UNIT commands During system resume, sd_start_stop_device() submits a START STOP UNIT command to the SCSI device that is being resumed. That command is not retried in case of a unit attention and hence may fail. An example: [16575.983359] sd 0:0:0:3: [sdd] Starting disk [16575.983693] sd 0:0:0:3: [sdd] Start/Stop Unit failed: Result: hostbyte=0x00 driverbyte=DRIVER_OK [16575.983712] sd 0:0:0:3: [sdd] Sense Key : 0x6 [16575.983730] sd 0:0:0:3: [sdd] ASC=0x29 ASCQ=0x0 [16575.983738] sd 0:0:0:3: PM: dpm_run_callback(): scsi_bus_resume+0x0/0xa0 returns -5 [16575.983783] sd 0:0:0:3: PM: failed to resume async: error -5 Make the SCSI core retry the START STOP UNIT command if the device reports that it has been powered on or that it has been reset. Cc: Damien Le Moal Cc: Mike Christie Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240904210304.2947789-1-bvanassche@acm.org Reviewed-by: Damien Le Moal Signed-off-by: Martin K. Petersen commit 24d7071d964574cca41fa72a10c211221af37aec Author: Tomas Henzl Date: Tue Sep 3 16:47:29 2024 +0200 scsi: mpi3mr: A performance fix Commit 0c52310f2600 ("hrtimer: Ignore slack time for RT tasks in schedule_hrtimeout_range()") effectivelly shortens a sleep in a polling function in the driver. That is causing a performance regression as the new value of just 2us is too low, in certain tests the perf drop is ~30%. Fix this by adjusting the sleep to 20us (close to the previous value). Reported-by: Jan Jurca Signed-off-by: Tomas Henzl Acked-by: Sumit Saxena Link: https://lore.kernel.org/r/20240903144729.37218-1-thenzl@redhat.com Signed-off-by: Martin K. Petersen commit 0c40f079f1c808e7e480c795a79009f200366eb1 Author: Manish Pandey Date: Tue Sep 3 12:07:09 2024 +0530 scsi: ufs: qcom: Update MODE_MAX cfg_bw value Commit 8db8f6ce556a ("scsi: ufs: qcom: Add missing interconnect bandwidth values for Gear 5") updated the ufs_qcom_bw_table for Gear 5. However, it missed updating the cfg_bw value for the max mode. Hence update the cfg_bw value for the max mode for UFS 4.x devices. Fixes: 8db8f6ce556a ("scsi: ufs: qcom: Add missing interconnect bandwidth values for Gear 5") Cc: stable@vger.kernel.org Signed-off-by: Manish Pandey Link: https://lore.kernel.org/r/20240903063709.4335-1-quic_mapa@quicinc.com Reviewed-by: Manivannan Sadhasivam Signed-off-by: Martin K. Petersen commit 0557f49870714c8c8cddfdc3c4b805aeae6c3e4e Author: Colin Ian King Date: Mon Sep 2 18:27:08 2024 +0100 scsi: mpt3sas: Remove trailing space after \n newline There is a extraneous space after a newline in an ioc_info message. Remove it and join to split literal strings into one. Signed-off-by: Colin Ian King Link: https://lore.kernel.org/r/20240902172708.369741-1-colin.i.king@gmail.com Signed-off-by: Martin K. Petersen commit c7c846fa94c9f71c4cfab3f15cffc5030cd01e39 Author: Colin Ian King Date: Mon Sep 2 16:00:42 2024 +0100 scsi: lpfc: Remove trailing space after \n newline There is a extraneous space after a newline in two lpfc_printf_log() messages. Remove the space. Signed-off-by: Colin Ian King Link: https://lore.kernel.org/r/20240902150042.311157-1-colin.i.king@gmail.com Reviewed-by: Justin Tee Signed-off-by: Martin K. Petersen commit fa557da6b05034538ea4ecbf55bac4c23d391e2d Author: Colin Ian King Date: Mon Sep 2 15:51:38 2024 +0100 scsi: qedf: Remove trailing space after \n newline There is a extraneous space after a newline in a QEDF_INFO message. Remove it. Signed-off-by: Colin Ian King Link: https://lore.kernel.org/r/20240902145138.310883-1-colin.i.king@gmail.com Signed-off-by: Martin K. Petersen commit d2ce0e5ab505ddaf153c9c20b4f627f0ed034a1e Author: Colin Ian King Date: Mon Sep 2 15:41:53 2024 +0100 scsi: hisi_sas: Remove trailing space after \n newline There is a extraneous space after a newline in a dev_info message. Remove it. Signed-off-by: Colin Ian King Link: https://lore.kernel.org/r/20240902144153.309920-1-colin.i.king@gmail.com Signed-off-by: Martin K. Petersen commit 571d81b482f00dfe8912ecbc3de090f99181ee7a Author: Colin Ian King Date: Mon Sep 2 15:22:52 2024 +0100 scsi: megaraid_sas: Remove trailing space after \n newline There is a extraneous space after a newline in a dev_err message. Remove it. Signed-off-by: Colin Ian King Link: https://lore.kernel.org/r/20240902142252.309232-1-colin.i.king@gmail.com Signed-off-by: Martin K. Petersen commit 34f04a9b6e39d0085df5a2a5e6e4e1878d808132 Author: Colin Ian King Date: Mon Sep 2 15:15:37 2024 +0100 scsi: pm8001: Remove trailing space after \n newline There is a extraneous space after a newline in a pm8001_dbg message. Remove it. Signed-off-by: Colin Ian King Link: https://lore.kernel.org/r/20240902141537.308914-1-colin.i.king@gmail.com Acked-by: Jack Wang Signed-off-by: Martin K. Petersen commit 57bada8a5e69e6cb0668436b206db1fbdbf7ebfd Author: Colin Ian King Date: Mon Sep 2 15:12:02 2024 +0100 scsi: zalon: Remove trailing space after \n newline There is a extraneous space after a newline in a dev_printk message, remove it. Also fix non-tabbed indentation of the statement. Signed-off-by: Colin Ian King Link: https://lore.kernel.org/r/20240902141202.308632-1-colin.i.king@gmail.com Signed-off-by: Martin K. Petersen commit e88ed594328900959f8aae72c2e6240703a91f33 Author: Yan Zhen Date: Mon Sep 2 09:33:03 2024 +0800 scsi: fusion: mptctl: Use min() macro Using the real macro is usually more intuitive and readable when the original file is guaranteed to contain the minmax.h header file and compile correctly. Signed-off-by: Yan Zhen Link: https://lore.kernel.org/r/20240902013303.909316-1-yanzhen@vivo.com Signed-off-by: Martin K. Petersen commit 45fad027df61f848fa9e036e8de6ba009cd1a134 Author: Christophe JAILLET Date: Sun Sep 1 22:45:27 2024 +0200 scsi: libcxgbi: Remove an unused field in struct cxgbi_device Usage of .dev_ddp_cleanup() in libcxgbi was removed by commit 5999299f1ce9 ("cxgb3i,cxgb4i,libcxgbi: remove iSCSI DDP support") on 2016-07. .csk_rx_pdu_ready() and debugfs_root have apparently never been used since introduction by commit 9ba682f01e2f ("[SCSI] libcxgbi: common library for cxgb3i and cxgb4i") Remove the now unused function pointer from struct cxgbi_device. Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/58f77f690d85e2c653447e3e3fc4f8d3c3ce8563.1725223504.git.christophe.jaillet@wanadoo.fr Signed-off-by: Martin K. Petersen commit e3684006945414153a33c5c4d1202dda2b80650f Author: Brian King Date: Tue Sep 3 08:47:09 2024 -0500 scsi: ibmvfc: Add max_sectors module parameter There are some scenarios that can occur, such as performing an upgrade of the virtual I/O server, where the supported max transfer of the backing device for an ibmvfc HBA can change. If the max transfer of the backing device decreases, this can cause issues with previously discovered LUNs. This patch accomplishes two things. First, it changes the default ibmvfc max transfer value to 1MB. This is generally supported by all backing devices, which should mitigate this issue out of the box. Secondly, it adds a module parameter, enabling a user to increase the max transfer value to values that are larger than 1MB, as long as they have configured these larger values on the virtual I/O server as well. [mkp: fix checkpatch warnings] Signed-off-by: Brian King Link: https://lore.kernel.org/r/20240903134708.139645-2-brking@linux.ibm.com Reviewed-by: Martin Wilck Reviewed-by: Hannes Reinecke Signed-off-by: Martin K. Petersen commit 46ae4d0a489741565520195bddebc3414781e603 Merge: 3cfb5aa10cb785 5abfdfd402699c Author: Jakub Kicinski Date: Thu Sep 5 20:27:09 2024 -0700 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Cross-merge networking fixes after downstream PR. No conflicts (sort of) and no adjacent changes. This merge reverts commit b3c9e65eb227 ("net: hsr: remove seqnr_lock") from net, as it was superseded by commit 430d67bdcb04 ("net: hsr: Use the seqnr lock for frames received via interlink port.") in net-next. Signed-off-by: Jakub Kicinski commit b112947ffc30e9632d5c2acd0e9081e3e6bee01e Author: Hongbo Li Date: Fri Aug 30 15:58:58 2024 +0800 scsi: sd: Remove duplicate included header file linux/bio-integrity.h The header file linux/bio-integrity.h is included twice. Remove the last one. The compilation test has passed. Signed-off-by: Hongbo Li Link: https://lore.kernel.org/r/20240830075858.3541907-1-lihongbo22@huawei.com Signed-off-by: Martin K. Petersen commit 3d882cca73be830549833517ddccb3ac4668c04e Author: Rafael Rocha Date: Thu Sep 5 12:39:21 2024 -0500 scsi: st: Fix input/output error on empty drive reset A previous change was introduced to prevent data loss during a power-on reset when a tape is present inside the drive. This commit set the "pos_unknown" flag to true to avoid operations that could compromise data by performing actions from an untracked position. The relevant change is commit 9604eea5bd3a ("scsi: st: Add third party poweron reset handling") As a consequence of this change, a new issue has surfaced: the driver now returns an "Input/output error" even for empty drives when the drive, host, or bus is reset. This issue stems from the "flush_buffer" function, which first checks whether the "pos_unknown" flag is set. If the flag is set, the user will encounter an "Input/output error" until the tape position is known again. This behavior differs from the previous implementation, where empty drives were not affected at system start up time, allowing tape software to send commands to the driver to retrieve the drive's status and other information. The current behavior prioritizes the "pos_unknown" flag over the "ST_NO_TAPE" status, leading to issues for software that detects drives during system startup. This software will receive an "Input/output error" until a tape is loaded and its position is known. To resolve this, the "ST_NO_TAPE" status should take priority when the drive is empty, allowing communication with the drive following a power-on reset. At the same time, the change should continue to protect data by maintaining the "pos_unknown" flag when the drive contains a tape and its position is unknown. Signed-off-by: Rafael Rocha Link: https://lore.kernel.org/r/20240905173921.10944-1-rrochavi@fnal.gov Fixes: 9604eea5bd3a ("scsi: st: Add third party poweron reset handling") Acked-by: Kai Mäkisara Signed-off-by: Martin K. Petersen commit f1a4dceeb2bd4b4478e4f0c77dac55569d153fb3 Author: Maarten Lankhorst Date: Thu Sep 5 17:00:49 2024 +0200 drm/xe: Fix missing conversion to xe_display_pm_runtime_resume This error path was missed when converting away from xe_display_pm_resume with second argument. Fixes: 66a0f6b9f5fc ("drm/xe/display: handle HPD polling in display runtime suspend/resume") Cc: Arun R Murthy Cc: Vinod Govindapillai Signed-off-by: Maarten Lankhorst Reviewed-by: Lucas De Marchi Reviewed-by: Vinod Govindapillai Link: https://patchwork.freedesktop.org/patch/msgid/20240905150052.174895-2-maarten.lankhorst@linux.intel.com (cherry picked from commit 474f64cb988a410db8a0b779d6afdaa2a7fc5759) Signed-off-by: Lucas De Marchi commit da9a73b7b25eab574cb9c984fcce0b5e240bdd2c Author: Tejas Upadhyay Date: Wed Sep 4 15:43:33 2024 +0530 drm/xe/xe2hpg: Add Wa_15016589081 Wa_15016589081 applies to xe2_hpg renderCS V2(Gustavo) - rename bit macro Signed-off-by: Tejas Upadhyay Reviewed-by: Gustavo Sousa Reviewed-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240904101333.2049655-1-tejas.upadhyay@intel.com Signed-off-by: Nirmoy Das (cherry picked from commit 9db969b36b2fbca13ad4088aff725ebd5e8142f5) Signed-off-by: Lucas De Marchi commit 70b4ab5489da0fe5b699a8466aa4f73ea304ae65 Author: Michal Wajdeczko Date: Sat Sep 7 00:03:48 2024 +0200 drm/xe: Don't keep stale pointer to bo->ggtt_node When we fail to map a BO in the GGTT, we release our GGTT node placeholder, but leave stale bo->ggtt_node pointer to it, which triggers an assert immediately followed by a crash, due to UAF: [ ] xe 0000:00:02.0: [drm] Assertion `bo->ggtt_node->base.size == bo->size` failed! [ ] WARNING: CPU: 4 PID: 126 at drivers/gpu/drm/xe/xe_ggtt.c:689 xe_ggtt_remove_bo+0x1d9/0x250 [xe] [ ] RIP: 0010:xe_ggtt_remove_bo+0x1d9/0x250 [xe] [ ] Call Trace: [ ] [ ] ? __warn+0x88/0x190 [ ] ? xe_ggtt_remove_bo+0x1d9/0x250 [xe] [ ] ? report_bug+0x1c3/0x1d0 [ ] ? handle_bug+0x42/0x70 [ ] ? exc_invalid_op+0x14/0x70 [ ] ? asm_exc_invalid_op+0x16/0x20 [ ] ? xe_ggtt_remove_bo+0x1d9/0x250 [xe] [ ] ? xe_ggtt_remove_bo+0x1d9/0x250 [xe] [ ] xe_ttm_bo_destroy+0x11f/0x260 [xe] [ ] ? ttm_bo_release+0x31c/0x350 [ttm] [ ] ? __mutex_unlock_slowpath+0x35/0x270 [ ] __xe_bo_create_locked+0x4a0/0x550 [xe] [ ] ? mark_held_locks+0x49/0x80 [ ] xe_bo_create_pin_map_at+0x37/0x200 [xe] [ ] xe_bo_create_pin_map+0x11/0x20 [xe] While around, for similar reason, also don't keep an error pointer if we fail to allocate ggtt_node placeholder. Fixes: 34e804220f69 ("drm/xe: Make xe_ggtt_node struct independent") Signed-off-by: Michal Wajdeczko Cc: Rodrigo Vivi Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240906220348.1836-1-michal.wajdeczko@intel.com (cherry picked from commit f2710d95724ebbfa35d6d4b82017eeab70994509) Signed-off-by: Lucas De Marchi commit 2efba0c095419f93f8913f1cbae8bf3fb030db20 Author: Dafna Hirschfeld Date: Sun Sep 1 07:42:27 2024 +0300 drm/xe: fix missing 'xe_vm_put' Fix memleak caused by missing xe_vm_put Fixes: 852856e3b6f6 ("drm/xe: Use reserved copy engine for user binds on faulting devices") Signed-off-by: Dafna Hirschfeld Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240901044227.1177211-1-dhirschfeld@habana.ai Signed-off-by: Rodrigo Vivi (cherry picked from commit 249df8cbecf0ab4877eab66cae857748631831a9) Signed-off-by: Lucas De Marchi commit 457ca96d04f599d2f95bd61144851f2181ccacc4 Author: Arnd Bergmann Date: Mon Sep 9 20:25:08 2024 +0000 drm/xe: fix build warning with CONFIG_PM=n The 'runtime_status' field is an implementation detail of the power management code, so a device driver should not normally touch this: drivers/gpu/drm/xe/xe_pm.c: In function 'xe_pm_suspending_or_resuming': drivers/gpu/drm/xe/xe_pm.c:606:26: error: 'struct dev_pm_info' has no member named 'runtime_status' 606 | return dev->power.runtime_status == RPM_SUSPENDING || | ^ drivers/gpu/drm/xe/xe_pm.c:607:27: error: 'struct dev_pm_info' has no member named 'runtime_status' 607 | dev->power.runtime_status == RPM_RESUMING; | ^ drivers/gpu/drm/xe/xe_pm.c:608:1: error: control reaches end of non-void function [-Werror=return-type] Add an #ifdef check to avoid the build regression. Fixes: ad92f5231261 ("drm/xe: Suppress missing outer rpm protection warning") Reviewed-by: Rodrigo Vivi Signed-off-by: Arnd Bergmann Link: https://patchwork.freedesktop.org/patch/msgid/20240909202521.1018439-1-arnd@kernel.org Signed-off-by: Rodrigo Vivi (cherry picked from commit 1c129ed07de47684ff2471e32b52fa823533aa06) Signed-off-by: Lucas De Marchi commit ce4a2620985cdf06c200ec0b6dce80374237697c Author: Alice Ryhl Date: Thu Aug 1 13:35:17 2024 +0000 cfi: add CONFIG_CFI_ICALL_NORMALIZE_INTEGERS Introduce a Kconfig option for enabling the experimental option to normalize integer types. This ensures that integer types of the same size and signedness are considered compatible by the Control Flow Integrity sanitizer. The security impact of this flag is minimal. When Sami Tolvanen looked into it, he found that integer normalization reduced the number of unique type hashes in the kernel by ~1%, which is acceptable. This option exists for compatibility with Rust, as C and Rust do not have the same set of integer types. There are cases where C has two different integer types of the same size and signedness, but Rust only has one integer type of that size and signedness. When Rust calls into C functions using such types in their signature, this results in CFI failures. One example is 'unsigned long long' and 'unsigned long' which are both 64-bit on LP64 targets, so on those targets this flag will give both types the same CFI tag. This flag changes the ABI heavily. It is not applied automatically when CONFIG_RUST is turned on to make sure that the CONFIG_RUST option does not change the ABI of C code. For example, some build may need to make other changes atomically with toggling this flag. Having it be a separate option makes it possible to first turn on normalized integer tags, and then later turn on CONFIG_RUST. Similarly, when turning on CONFIG_RUST in a build, you may need a few attempts where the RUST=y commit gets reverted a few times. It is inconvenient if reverting RUST=y also requires reverting the changes you made to support normalized integer tags. To avoid having this flag impact builds that don't care about this, the next patch in this series will make CONFIG_RUST turn on this option using `select` rather than `depends on`. Signed-off-by: Alice Ryhl Reviewed-by: Sami Tolvanen Tested-by: Gatlin Newhouse Acked-by: Kees Cook Acked-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240801-kcfi-v2-1-c93caed3d121@google.com Signed-off-by: Miguel Ojeda commit d077242d68a31075ef5f5da041bf8f6fc19aa231 Author: Alice Ryhl Date: Thu Aug 29 08:22:45 2024 +0000 rust: support for shadow call stack sanitizer Add all of the flags that are needed to support the shadow call stack (SCS) sanitizer with Rust, and updates Kconfig to allow only configurations that work. The -Zfixed-x18 flag is required to use SCS on arm64, and requires rustc version 1.80.0 or greater. This restriction is reflected in Kconfig. When CONFIG_DYNAMIC_SCS is enabled, the build will be configured to include unwind tables in the build artifacts. Dynamic SCS uses the unwind tables at boot to find all places that need to be patched. The -Cforce-unwind-tables=y flag ensures that unwind tables are available for Rust code. In non-dynamic mode, the -Zsanitizer=shadow-call-stack flag is what enables the SCS sanitizer. Using this flag requires rustc version 1.82.0 or greater on the targets used by Rust in the kernel. This restriction is reflected in Kconfig. It is possible to avoid the requirement of rustc 1.80.0 by using -Ctarget-feature=+reserve-x18 instead of -Zfixed-x18. However, this flag emits a warning during the build, so this patch does not add support for using it and instead requires 1.80.0 or greater. The dependency is placed on `select HAVE_RUST` to avoid a situation where enabling Rust silently turns off the sanitizer. Instead, turning on the sanitizer results in Rust being disabled. We generally do not want changes to CONFIG_RUST to result in any mitigations being changed or turned off. At the time of writing, rustc 1.82.0 only exists via the nightly release channel. There is a chance that the -Zsanitizer=shadow-call-stack flag will end up needing 1.83.0 instead, but I think it is small. Reviewed-by: Sami Tolvanen Reviewed-by: Ard Biesheuvel Reviewed-by: Kees Cook Acked-by: Will Deacon Signed-off-by: Alice Ryhl Link: https://lore.kernel.org/r/20240829-shadow-call-stack-v7-1-2f62a4432abf@google.com [ Fixed indentation using spaces. - Miguel ] Signed-off-by: Miguel Ojeda commit 7ffaa200251871980af12e57649ad57c70bf0f43 Author: Kiran K Date: Thu Sep 12 16:21:00 2024 +0530 Bluetooth: btintel_pcie: Allocate memory for driver private data Fix driver not allocating memory for struct btintel_data which is used to store internal data. Fixes: 6e65a09f9275 ("Bluetooth: btintel_pcie: Add *setup* function to download firmware") Signed-off-by: Kiran K Signed-off-by: Luiz Augusto von Dentz commit 3017d28d6c0fe995703a1f34275e1cade424dc35 Author: Andy Shevchenko Date: Wed Sep 11 23:19:03 2024 +0300 hwmon: (sch5636) Print unknown ID in error string via %*pE Instead of custom approach this allows to print escaped strings via %*pE extension. With this the unknown ID will be printed as a string. Nonetheless, leave hex values to be printed as well. Signed-off-by: Andy Shevchenko Message-ID: <20240911201903.2886874-1-andriy.shevchenko@linux.intel.com> Signed-off-by: Guenter Roeck commit 38f9fa39afe119f6b2771c9065e638414226c86d Author: Andy Shevchenko Date: Wed Sep 11 22:46:27 2024 +0300 hwmon: (sht21) Use %*ph to print small buffer Use %*ph format to print small buffer as hex string. Signed-off-by: Andy Shevchenko Message-ID: <20240911194627.2885506-1-andriy.shevchenko@linux.intel.com> Signed-off-by: Guenter Roeck commit aab439ffa1ca1067c0114773d4044828fab582af Author: Dan Carpenter Date: Thu Sep 12 11:49:10 2024 +0300 vfio/pci: clean up a type in vfio_pci_ioctl_pci_hot_reset_groups() The "array_count" value comes from the copy_from_user() in vfio_pci_ioctl_pci_hot_reset(). If the user passes a value larger than INT_MAX then we'll pass a negative value to kcalloc() which triggers an allocation failure and a stack trace. It's better to make the type unsigned so that if (array_count > count) returns -EINVAL instead. Signed-off-by: Dan Carpenter Reviewed-by: Jason Gunthorpe Link: https://lore.kernel.org/r/262ada03-d848-4369-9c37-81edeeed2da2@stanley.mountain Signed-off-by: Alex Williamson commit 49b2597a9e53a2491cbec29451766af898eedb44 Merge: f6e2e7397d0019 322706e16988f6 Author: Mark Brown Date: Thu Sep 12 19:59:49 2024 +0100 ASoC: Intel: boards: updates for 6.12 - part 2 Merge series from Bard Liao : Cleanup from Brent Lu and add HDMI-In capture supports from Balamurugan C. commit 381d2f95c8aa575d5d42bf1fe0ea9a70c4bec0cf Author: Johannes Berg Date: Tue Aug 27 16:05:01 2024 +0200 um: fix time-travel syscall scheduling hack The schedule() call there really never did anything at least since the introduction of the EEVDF scheduler, but now I found a case where we permanently hang in a loop of -ERESTARTNOINTR (due to locking.) Work around it by making any syscalls with error return take time (and then schedule after) so we cannot hang in such a loop forever. Signed-off-by: Johannes Berg Signed-off-by: Richard Weinberger commit ae0dc67c2512e09fee26226e1b2d78b82ebebf66 Author: Tiwei Bie Date: Mon Aug 26 18:08:15 2024 +0800 um: Remove outdated asm/sysrq.h header This header no longer serves a purpose after show_trace was removed by commit 9d1ee8ce92e1 ("um: Rewrite show_stack()"). Signed-off-by: Tiwei Bie Signed-off-by: Richard Weinberger commit fe6abeba24996f826473630b2054699828fd9f18 Author: Tiwei Bie Date: Mon Aug 26 18:08:14 2024 +0800 um: Remove the declaration of user_thread function This function has never been defined since its declaration was introduced by commit 1da177e4c3f4 ("Linux-2.6.12-rc2"). Signed-off-by: Tiwei Bie Signed-off-by: Richard Weinberger commit bf67dbf4f7c0fe61e4e94b30f5913ca1c539f433 Author: Tiwei Bie Date: Mon Aug 26 18:08:13 2024 +0800 um: Remove the call to SUBARCH_EXECVE1 macro This macro has never been defined by any supported sub-architectures in tree since it was introduced by commit 1d3468a6643a ("[PATCH uml: move _kern.c files"). Signed-off-by: Tiwei Bie Signed-off-by: Richard Weinberger commit 59376fb2a71b81dfc018db6fe9b6fa9cd3f41ce7 Author: Tiwei Bie Date: Mon Aug 26 18:08:12 2024 +0800 um: Remove unused mm_fd field from mm_id It's no longer used since the removal of the SKAS3/4 support. Signed-off-by: Tiwei Bie Signed-off-by: Richard Weinberger commit 94090f418fc80c50ca7ea3f8a6d7ff547260a801 Author: Tiwei Bie Date: Mon Aug 26 18:08:11 2024 +0800 um: Remove unused fields from thread_struct These fields are no longer used since the removal of tt mode. Signed-off-by: Tiwei Bie Signed-off-by: Richard Weinberger commit 669afa4e8715c5730fb353166f9aaaa14d4fed64 Author: Tiwei Bie Date: Mon Aug 26 18:08:10 2024 +0800 um: Remove the redundant newpage check in update_pte_range The two checks have been identical since commit ef714f15027c ("um: remove force_flush_all from fork_handler"). And the inner one isn't necessary anymore. Signed-off-by: Tiwei Bie Signed-off-by: Richard Weinberger commit 2fcd16fbab9f448c7174bf4c3eeda53ef84e28ee Author: Tiwei Bie Date: Mon Aug 26 18:08:09 2024 +0800 um: Remove unused kpte_clear_flush macro This macro has no users, and __flush_tlb_one doesn't exist either. Signed-off-by: Tiwei Bie Signed-off-by: Richard Weinberger commit ad92f52312614b0ef6eee07ee64f1e7661072a49 Author: Rodrigo Vivi Date: Thu Sep 5 10:02:15 2024 -0400 drm/xe: Suppress missing outer rpm protection warning Do not raise a WARN if we are likely within suspending or resuming path. This is likely this false positive: rpm_status: 0000:03:00.0 status=RPM_SUSPENDING console: xe_bo_evict_all (called from suspend) xe_sched_job_create: dev=0000:03:00.0, ... xe_sched_job_exec: dev=0000:03:00.0, ... xe_pm_runtime_put: dev=0000:03:00.0, ... xe_sched_job_run: dev=0000:03:00.0, ... rpm_usage: 0000:03:00.0 flags-0 cnt-2 ... rpm_usage: 0000:03:00.0 flags-0 cnt-2 ... rpm_usage: 0000:03:00.0 flags-0 cnt-2 ... console: xe 0000:03:00.0: [drm] Missing outer runtime PM protection console: xe_guc_ct_send+0x15/0x50 [xe] console: guc_exec_queue_run_job+0x1509/0x3950 [xe] [snip] console: drm_sched_run_job_work+0x649/0xc20 At this point, BOs are getting evicted from VRAM with rpm usage-counter = 2, but rpm status = SUSPENDING. The xe->pm_callback_task won't be equal 'current' because this call is coming from a work queue. So, pm_runtime_get_if_active() will be called and return 0 because rpm status != ACTIVE (but equal SUSPENDING or RESUMING). v2: Still get the reference even on non suspending/resuming path (Jonathan, Brost). Cc: Matthew Brost Cc: Matthew Auld Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240905140215.56404-1-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi (cherry picked from commit cb85e39dc5d1717fab82810984cce0e54712a3c2) Signed-off-by: Lucas De Marchi commit 2df8c8d118c750054fdf2c047d2eb3c0ed854dc7 Author: Gaosheng Cui Date: Sat Aug 24 20:04:49 2024 +0800 um: Remove obsoleted declaration for execute_syscall_skas The execute_syscall_skas() have been removed since commit e32dacb9f481 ("[PATCH] uml: system call path cleanup"), and now it is useless, so remove it. Signed-off-by: Gaosheng Cui Reviewed-by: Geert Uytterhoeven Signed-off-by: Richard Weinberger commit cccf19f8b568a4edabb16a998a81bc5d4c4c7e01 Author: Renzo Davoli Date: Tue Jul 30 15:55:04 2024 +0200 user_mode_linux_howto_v2: add VDE vector support in doc Add a description of the VDE vector transport in user_mode_linux_howto_v2.rst. Signed-off-by: Renzo Davoli Signed-off-by: Renzo Davoi Acked-by: Randy Dunlap Signed-off-by: Richard Weinberger commit ab1d5895cf6cdd1df4b6ce0ac8763828e2bf7e62 Author: Renzo Davoli Date: Tue Jul 30 15:54:54 2024 +0200 vector_user: add VDE support This is the actual implementation of VDE support as a vector transport. Signed-off-by: Renzo Davoli Acked-By: Anton Ivanov Signed-off-by: Richard Weinberger commit 64dcf0b8779363ca07dfb5649a4cc71f9fdf390b Author: Johannes Berg Date: Tue Jul 23 14:24:56 2024 +0200 um: remove ARCH_NO_PREEMPT_DYNAMIC There's no such symbol and we currently don't have any of the mechanisms to make boot-time selection cheap enough, so we can't have HAVE_PREEMPT_DYNAMIC_CALL or HAVE_PREEMPT_DYNAMIC_KEY. Remove the select statement. Reported-by: Lukas Bulwahn Fixes: cd01672d64a3 ("um: Enable preemption in UML") Signed-off-by: Johannes Berg Signed-off-by: Richard Weinberger commit 671cd5eed9db3415b42826747114a330bc303ae9 Author: Anton Ivanov Date: Sat Jul 6 10:12:00 2024 +0100 um: vector: Fix NAPI budget handling Fix the handling of NAPI budget. Signed-off-by: Anton Ivanov Signed-off-by: Richard Weinberger commit 6182e0b80f9b5c8da19ab3a60db2e4cc10b259e8 Author: Donald Hunter Date: Thu Sep 12 10:59:44 2024 +0100 docs/bpf: Add missing BPF program types to docs Update the table of program types in the libbpf documentation with the recently added program types. Signed-off-by: Donald Hunter Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240912095944.6386-1-donald.hunter@gmail.com commit 612a8c8e0b43ba7e3d0e51f6f76a5fec4912d439 Author: Anton Ivanov Date: Fri Jul 5 11:53:31 2024 +0100 um: vector: Replace locks guarding queue depth with atomics UML vector drivers use ring buffer structures which map preallocated skbs onto mmsg vectors for use with sendmmsg and recvmmsg. They are designed around a single consumer, single producer pattern allowing simultaneous enqueue and dequeue. Lock debugging with preemption showed possible races when locking the queue depth. This patch addresses this by removing extra locks, adding barriers and making queue depth inc/dec and access atomic. Signed-off-by: Anton Ivanov Signed-off-by: Richard Weinberger commit ec24b988eb26e21f37707d090ec3ab53c51fd386 Author: Johannes Berg Date: Thu Jul 4 12:20:36 2024 +0200 um: remove variable stack array in os_rcv_fd_msg() When generalizing this, I was in the mindset of this being "userspace" code, but even there we should not use variable arrays as the kernel is moving away from allowing that. Simply reserve (but not use) enough space for the maximum two descriptors we might need now, and return an error if attempting to receive more than that. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202407041459.3SYg4TEi-lkp@intel.com/ Signed-off-by: Johannes Berg Signed-off-by: Richard Weinberger commit 83dcf232cc7919725a331359a300fb3929651b6e Author: Matthew Auld Date: Wed Aug 28 11:43:42 2024 +0100 drm/xe: prevent potential UAF in pf_provision_vf_ggtt() The node ptr can point to an already freed ptr, if we hit the path with an already allocated node. We later dereference that pointer with: xe_gt_assert(gt, !xe_ggtt_node_allocated(node)); which is a potential UAF. Fix this by not stashing the ptr for node. Also since it is likely a bad idea to leave config->ggtt_region pointing to a stale ptr, also set that to NULL by calling pf_release_vf_config_ggtt() instead of pf_release_ggtt(). Fixes: 34e804220f69 ("drm/xe: Make xe_ggtt_node struct independent") Signed-off-by: Matthew Auld Cc: Matthew Brost Cc: Rodrigo Vivi Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240828104341.180111-2-matthew.auld@intel.com (cherry picked from commit 89076b5a8b4e0a01040585e156a0b014cd472fd3) Signed-off-by: Lucas De Marchi commit f6e2e7397d00192bda11166d5fb3e2e67a8cf92e Author: Tang Bin Date: Thu Sep 12 16:41:10 2024 +0800 ASoC: mediatek: mt7986-afe-pcm: Remove redundant error message In the function mt7986_afe_pcm_dev_probe, when get irq failed, the function platform_get_irq() logs an error message, so remove redundant one here. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Tang Bin Link: https://patch.msgid.link/20240912084110.1854-1-tangbin@cmss.chinamobile.com Signed-off-by: Mark Brown commit 7b05933340f4490ef5b09e84d644d12484b05fdf Author: Luiz Augusto von Dentz Date: Mon Sep 9 16:51:52 2024 -0400 Bluetooth: btusb: Fix not handling ZPL/short-transfer Requesting transfers of the exact same size of wMaxPacketSize may result in ZPL/short-transfer since the USB stack cannot handle it as we are limiting the buffer size to be the same as wMaxPacketSize. Also, in terms of throughput this change has the same effect to interrupt endpoint as 290ba200815f "Bluetooth: Improve USB driver throughput by increasing the frame size" had for the bulk endpoint, so users of the advertisement bearer (e.g. BT Mesh) may benefit from this change. Fixes: 5e23b923da03 ("[Bluetooth] Add generic driver for Bluetooth USB devices") Signed-off-by: Luiz Augusto von Dentz Tested-by: Kiran K commit 39e4bfb466741a1364e0f690ea22961b93d2e73b Author: Michael Burch Date: Sun Sep 1 04:28:47 2024 +0000 Bluetooth: btusb: Add 2 USB HW IDs for MT7925 (0xe118/e) Add 2 USB HW IDs for MT7925 (0xe118/e) to ensure proper recognition. These HW IDs are extracted from Windows driver inf file: https://dlcdnets.asus.com/pub/ASUS/nb/Image/Driver/Bluetooth/39389/Bluetooth_DCH_MediaTek_B_V1.1037.0.433Sub2_39389.exe?model=H7606WV Patch has been tested successfully on an Asus ProArt P16 model H7606WV. Controller is recognized devices pair successfully. Signed-off-by: Michael Burch Signed-off-by: Luiz Augusto von Dentz commit 9a53d1ff631f5b85019bb243ccb8c66af5010e97 Author: Scott Ehlert Date: Thu Sep 5 11:01:00 2024 -0700 Bluetooth: btsdio: Do not bind to non-removable CYW4373 CYW4373 devices soldered onto the PCB (non-removable), use a UART connection for Bluetooth and the advertised btsdio support as an SDIO function should be ignored. Signed-off-by: Scott Ehlert Signed-off-by: Tim Harvey Signed-off-by: Luiz Augusto von Dentz commit 7cc2a6eadcd7a5aa36ac63e6659f5c6138c7f4d2 Author: Jens Axboe Date: Wed Sep 11 13:56:08 2024 -0600 io_uring: add IORING_REGISTER_COPY_BUFFERS method Buffers can get registered with io_uring, which allows to skip the repeated pin_pages, unpin/unref pages for each O_DIRECT operation. This reduces the overhead of O_DIRECT IO. However, registrering buffers can take some time. Normally this isn't an issue as it's done at initialization time (and hence less critical), but for cases where rings can be created and destroyed as part of an IO thread pool, registering the same buffers for multiple rings become a more time sensitive proposition. As an example, let's say an application has an IO memory pool of 500G. Initial registration takes: Got 500 huge pages (each 1024MB) Registered 500 pages in 409 msec or about 0.4 seconds. If we go higher to 900 1GB huge pages being registered: Registered 900 pages in 738 msec which is, as expected, a fully linear scaling. Rather than have each ring pin/map/register the same buffer pool, provide an io_uring_register(2) opcode to simply duplicate the buffers that are registered with another ring. Adding the same 900GB of registered buffers to the target ring can then be accomplished in: Copied 900 pages in 17 usec While timing differs a bit, this provides around a 25,000-40,000x speedup for this use case. Signed-off-by: Jens Axboe commit 0b6d253e084a97a05f4970dee06d9a75d29a7bda Author: Jens Axboe Date: Thu Sep 12 09:29:29 2024 -0600 io_uring/register: provide helper to get io_ring_ctx from 'fd' Can be done in one of two ways: 1) Regular file descriptor, just fget() 2) Registered ring, index our own table for that In preparation for adding another register use of needing to get a ctx from a file descriptor, abstract out this helper and use it in the main register syscall as well. Signed-off-by: Jens Axboe commit 7fcc9b53216cd87f73cc6dbb404220350ddc93b8 Author: Luis Felipe Hernandez Date: Mon Sep 9 21:10:34 2024 -0400 lib/math: Add int_pow test suite Adds test suite for integer based power function which performs integer exponentiation. The test suite is designed to verify that the implementation of int_pow correctly computes the power of a given base raised to a given exponent. The tests check various scenarios and edge cases to ensure the accuracy and reliability of the exponentiation function. Updated commit with test information at commit time: Shuah Khan Signed-off-by: Luis Felipe Hernandez Reviewed-by: David Gow Signed-off-by: Shuah Khan commit 0b9f2bd00fc3677e38ae5e46ff79b8d48d9cb02e Author: Takashi Iwai Date: Thu Sep 12 17:52:25 2024 +0200 ALSA: memalloc: Use proper DMA mapping API for x86 S/G buffer allocations The fallback S/G buffer allocation for x86 used the addresses deduced from the page allocations blindly. It broke the allocations on IOMMU and made us to work around with a hackish DMA ops check. For cleaning up those messes, this patch switches to the proper DMA mapping API usages with the standard sg-table instead. By introducing the sg-table, the address table isn't needed, but for keeping the original allocation sizes for freeing, replace it with the array keeping the number of pages. The get_addr callback is changed to use the existing one for non-contiguous buffers. (Also it's the reason sg_table is put at the beginning of struct snd_dma_sg_fallback.) And finally, the hackish workaround that checks the DMA ops is dropped now. Link: https://patch.msgid.link/20240912155227.4078-3-tiwai@suse.de Signed-off-by: Takashi Iwai commit c880a5146642e9d35f88aaa353ae98ffd4fc3f99 Author: Takashi Iwai Date: Thu Sep 12 17:52:24 2024 +0200 ALSA: memalloc: Use proper DMA mapping API for x86 WC buffer allocations The x86 WC page allocation assumes incorrectly the DMA address directly taken from the page. Also it checks the DMA ops inappropriately for switching to the own method. This patch rewrites the stuff to use the proper DMA mapping API instead. Link: https://patch.msgid.link/20240912155227.4078-2-tiwai@suse.de Signed-off-by: Takashi Iwai commit a51c925c11d7b855167e64b63eb4378e5adfc11d Author: Joshua Pius Date: Thu Sep 12 15:26:28 2024 +0000 ALSA: usb-audio: Add logitech Audio profile quirk Specify shortnames for the following Logitech Devices: Rally bar, Rally bar mini, Tap, MeetUp and Huddle. Signed-off-by: Joshua Pius Link: https://patch.msgid.link/20240912152635.1859737-1-joshuapius@google.com Signed-off-by: Takashi Iwai commit e4835f1da425fbc75e37ce8258c9927170de5bfe Author: Brendan Jackman Date: Thu May 16 19:40:53 2024 +0000 kunit: tool: Build compile_commands.json compile_commands.json is used by clangd[1] to provide code navigation and completion functionality to editors. See [2] for an example configuration that includes this functionality for VSCode. It can currently be built manually when using kunit.py, by running: ./scripts/clang-tools/gen_compile_commands.py -d .kunit With this change however, it's built automatically so you don't need to manually keep it up to date. Unlike the manual approach, having make build the compile_commands.json means that it appears in the build output tree instead of at the root of the source tree, so you'll need to add --compile-commands-dir=.kunit to your clangd args for it to be found. This might turn out to be pretty annoying, I'm not sure yet. If so maybe we can later add some hackery to kunit.py to work around it. [1] https://clangd.llvm.org/ [2] https://github.com/FlorentRevest/linux-kernel-vscode Signed-off-by: Brendan Jackman Reviewed-by: Nathan Chancellor Signed-off-by: Shuah Khan commit b5209da36b19b573cf25fe7e698e3a45b0f40a75 Author: Dave Jiang Date: Thu Sep 5 15:35:47 2024 -0700 cxl: Convert cxl_internal_send_cmd() to use 'struct cxl_mailbox' as input With the CXL mailbox context split out, cxl_internal_send_cmd() can take 'struct cxl_mailbox' as an input parameter rather than 'struct memdev_dev_state'. Change input parameter for cxl_internal_send_cmd() and fixup all impacted call sites. Reviewed-by: Fan Ni Reviewed-by: Jonathan Cameron Reviewed-by: Alison Schofield Reviewed-by: Ira Weiny Link: https://patch.msgid.link/20240905223711.1990186-4-dave.jiang@intel.com Signed-off-by: Dave Jiang commit 8d8081cecfb9940beeb4a8a700db34e615a96056 Author: Dave Jiang Date: Thu Sep 5 15:35:46 2024 -0700 cxl: Move mailbox related bits to the same context Create a new 'struct cxl_mailbox' and move all mailbox related bits to it. This allows isolation of all CXL mailbox data in order to export some of the calls to external kernel callers and avoid exporting of CXL driver specific bits such has device states. The allocation of 'struct cxl_mailbox' is also split out with cxl_mailbox_init() so the mailbox can be created independently. Reviewed-by: Jonathan Cameron Reviewed-by: Alejandro Lucero Reviewed-by: Fan Ni Reviewed-by: Alison Schofield Reviewed-by: Ira Weiny Link: https://patch.msgid.link/20240905223711.1990186-3-dave.jiang@intel.com Signed-off-by: Dave Jiang commit 025497e1d176a9e063d1e60699527e2f3a871935 Author: Gao Xiang Date: Thu Sep 12 16:35:38 2024 +0800 erofs: reject inodes with negative i_size Negative i_size is never supported, although crafted images with inodes having negative i_size will NOT lead to security issues in our current codebase: The following image can verify this (gzip+base64 encoded): H4sICCmk4mYAA3Rlc3QuaW1nAGNgGAWjYBSMVPDo4dcH3jP2aTED2TwMKgxMUHHNJY/SQDQX LxcDIw3tZwXit44MDNpQ/n8gQJZ/vxjijosPuSyZ0DUDgQqcZoKzVYFsDShbHeh6PT29ktTi Eqz2g/y2pBFiLxDMh4lhs5+W4TAKRsEoGAWjYBSMglEwCkYBPQAAS2DbowAQAAA= Mark as bad inodes for such corrupted inodes explicitly. Reviewed-by: Chao Yu Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20240912083538.3011860-1-hsiangkao@linux.alibaba.com commit 7c3ca1838a7831855cbf2e6927a10e0e4723edf6 Author: Gao Xiang Date: Thu Sep 12 15:41:56 2024 +0800 erofs: restrict pcluster size limitations Error out if {en,de}encoded size of a pcluster is unsupported: Maximum supported encoded size (of a pcluster): 1 MiB Maximum supported decoded size (of a pcluster): 12 MiB Users can still choose to use supported large configurations (e.g., for archival purposes), but there may be performance penalties in low-memory scenarios compared to smaller pclusters. Reviewed-by: Chao Yu Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20240912074156.2925394-1-hsiangkao@linux.alibaba.com commit 79f504a2cd3c0b7d953d0015618a2a41559a2cfd Author: Chunhai Guo Date: Fri Sep 6 06:11:10 2024 -0600 erofs: allocate more short-lived pages from reserved pool first This patch aims to allocate bvpages and short-lived compressed pages from the reserved pool first. After applying this patch, there are three benefits. 1. It reduces the page allocation time. The bvpages and short-lived compressed pages account for about 4% of the pages allocated from the system in the multi-app launch benchmarks [1]. It reduces the page allocation time accordingly and lowers the likelihood of blockage by page allocation in low memory scenarios. 2. The pages in the reserved pool will be allocated on demand. Currently, bvpages and short-lived compressed pages are short-lived pages allocated from the system, and the pages in the reserved pool all originate from short-lived pages. Consequently, the number of reserved pool pages will increase to z_erofs_rsv_nrpages over time. With this patch, all short-lived pages are allocated from the reserved pool first, so the number of reserved pool pages will only increase when there are not enough pages. Thus, even if z_erofs_rsv_nrpages is set to a large number for specific reasons, the actual number of reserved pool pages may remain low as per demand. In the multi-app launch benchmarks [1], z_erofs_rsv_nrpages is set at 256, while the number of reserved pool pages remains below 64. 3. When erofs cache decompression is disabled (EROFS_ZIP_CACHE_DISABLED), all pages will *only* be allocated from the reserved pool for erofs. This will significantly reduce the memory pressure from erofs. [1] For additional details on the multi-app launch benchmarks, please refer to commit 0f6273ab4637 ("erofs: add a reserved buffer pool for lz4 decompression"). Signed-off-by: Chunhai Guo Reviewed-by: Gao Xiang Reviewed-by: Chao Yu Link: https://lore.kernel.org/r/20240906121110.3701889-1-guochunhai@vivo.com Signed-off-by: Gao Xiang commit 3abb708ec0be25da16a1ee9f1ab5cbc93f3256f3 Author: Bibo Mao Date: Thu Sep 12 22:56:14 2024 +0800 LoongArch: KVM: Implement function kvm_para_has_feature() Implement function kvm_para_has_feature() to detect supported paravirt features. It can be used by device driver to detect and enable paravirt features, such as the EIOINTC irqchip driver is able to detect feature KVM_FEATURE_VIRT_EXTIOI and do some optimization. Signed-off-by: Bibo Mao Signed-off-by: Huacai Chen commit 26e197b7f9240a4ac301dd0ad520c0c697c2ea7d Author: Riyan Dhiman Date: Wed Sep 11 18:59:54 2024 +0530 block: fix potential invalid pointer dereference in blk_add_partition The blk_add_partition() function initially used a single if-condition (IS_ERR(part)) to check for errors when adding a partition. This was modified to handle the specific case of -ENXIO separately, allowing the function to proceed without logging the error in this case. However, this change unintentionally left a path where md_autodetect_dev() could be called without confirming that part is a valid pointer. This commit separates the error handling logic by splitting the initial if-condition, improving code readability and handling specific error scenarios explicitly. The function now distinguishes the general error case from -ENXIO without altering the existing behavior of md_autodetect_dev() calls. Fixes: b72053072c0b (block: allow partitions on host aware zone devices) Signed-off-by: Riyan Dhiman Reviewed-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240911132954.5874-1-riyandhiman14@gmail.com Signed-off-by: Jens Axboe commit 2af583afcf9d54b988b68d1033101e73edd72a9b Author: liuderong Date: Wed Sep 11 10:40:20 2024 +0800 f2fs: remove unused parameters Remove unused parameter segno from f2fs_usable_segs_in_sec. Signed-off-by: liuderong Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit ba091a81f8237a6db1ccff37c2485791788107dd Author: Arnd Bergmann Date: Thu Sep 12 13:19:12 2024 +0000 spi: ep93xx: update kerneldoc comments for ep93xx_spi Two fields got removed but are still documented: drivers/spi/spi-ep93xx.c:98: warning: Excess struct member 'dma_rx_data' description in 'ep93xx_spi' drivers/spi/spi-ep93xx.c:98: warning: Excess struct member 'dma_tx_data' description in 'ep93xx_spi' Fixes: 3cfe73256905 ("spi: ep93xx: add DT support for Cirrus EP93xx") Reported-by: kernel test robot Signed-off-by: Arnd Bergmann commit 53cf1dc480a5bdebad457cf6754ed3018b2533ba Author: Dan Carpenter Date: Wed Sep 11 10:39:15 2024 +0300 clk: ep93xx: Fix off by one in ep93xx_div_recalc_rate() The psc->div[] array has psc->num_div elements. These values come from when we call clk_hw_register_div(). It's adc_divisors and ARRAY_SIZE(adc_divisors)) and so on. So this condition needs to be >= instead of > to prevent an out of bounds read. Fixes: 9645ccc7bd7a ("ep93xx: clock: convert in-place to COMMON_CLK") Signed-off-by: Dan Carpenter Acked-by: Alexander Sverdlin Reviewed-by: Nikita Shubin Signed-off-by: Alexander Sverdlin Link: https://lore.kernel.org/r/1caf01ad4c0a8069535813c26c7f0b8ea011155e.camel@linaro.org [arnd: the original patch was for arch/arm/mach-ep93xx/clock.c, but the same bug ended up in arch/arm/mach-ep93xx/clock.c. Signed-off-by: Arnd Bergmann commit e2a79105903a9122c2717515454f9c05dd9081e4 Author: Arnd Bergmann Date: Wed Sep 11 12:04:50 2024 +0000 clk: ep93xx: add module license When configured as a lodable module, this driver produces a build time warning: ERROR: modpost: missing MODULE_LICENSE() in drivers/clk/clk-ep93xx.o All all three tags for license, author and description based on the header. Acked-by: Alexander Sverdlin Signed-off-by: Arnd Bergmann commit a015b1828653b591de0aa5303c0dbc4235935f94 Author: Nikita Shubin Date: Mon Sep 9 11:11:03 2024 +0300 dmaengine: cirrus: remove platform code Remove DMA platform header, from now on we use device tree for DMA clients. Acked-by: Vinod Koul Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Signed-off-by: Arnd Bergmann commit 29ed9cec87253eb3dcc597a681961b3cc9f52f40 Author: Alexander Sverdlin Date: Mon Sep 9 11:11:02 2024 +0300 ASoC: cirrus: edb93xx: Delete driver Can be replaced with "simple-audio-card" for the rates up to 50kHz, refer to commit "ARM: dts: ep93xx: Add EDB9302 DT". Signed-off-by: Alexander Sverdlin Signed-off-by: Nikita Shubin Acked-by: Mark Brown Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 43528a72526152f17a918973b3b8b6f383b90f98 Author: Nikita Shubin Date: Mon Sep 9 11:11:01 2024 +0300 ARM: ep93xx: soc: drop defines Remove unnecessary defines, as we dropped board files. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit e5ef574dda702e62081d5c7991949cbdb7f65c08 Author: Nikita Shubin Date: Mon Sep 9 11:11:00 2024 +0300 ARM: ep93xx: delete all boardfiles Delete the ep93xx board files. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit a632229be268dde8f6d407638b5cfba8b78201d6 Author: Nikita Shubin Date: Mon Sep 9 11:10:59 2024 +0300 ata: pata_ep93xx: remove legacy pinctrl use Drop legacy acquire/release since we are using pinctrl for this now. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Sergey Shtylyov Reviewed-by: Linus Walleij Reviewed-by: Andy Shevchenko Reviewed-by: Mark Brown Reviewed-by: Krzysztof Kozlowski Reviewed-by: Andy Shevchenko Acked-by: Damien Le Moal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit a48ac3dc569771c18fcafbc8351d820cc343c54a Author: Nikita Shubin Date: Mon Sep 9 11:10:58 2024 +0300 pwm: ep93xx: drop legacy pinctrl Drop legacy gpio request/free since we are using pinctrl for this now. Signed-off-by: Nikita Shubin Acked-by: Uwe Kleine-König Acked-by: Thierry Reding Acked-by: Linus Walleij Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 046322f1e1d9879b8a598a0c57fcb81f87fd3f59 Author: Nikita Shubin Date: Mon Sep 9 11:10:57 2024 +0300 ARM: ep93xx: DT for the Cirrus ep93xx SoC platforms Add compulsory device tree support to the Cirrus ep93xx ARMv4 platform. - select PINCTRL_EP93xx - select COMMON_CLK_EP93XX, as clock driver moved out of platform code - select ARCH_HAS_RESET_CONTROLLER Select ARM_ATAG_DTB_COMPAT to update device tree with information about memory passed from bootloader. We have to leave all MACH options as they are used for board checking before decomp, to turn off watchdog and ethernet DMA. Tested-by: Alexander Sverdlin Signed-off-by: Nikita Shubin Tested-by: Michael Peters Reviewed-by: Andy Shevchenko Reviewed-by: Krzysztof Kozlowski Reviewed-by: Guenter Roeck Reviewed-by: Mark Brown Reviewed-by: Andy Shevchenko Reviewed-by: Linus Walleij Reviewed-by: Kris Bahnsen Reviewed-by: Andrew Lunn Reviewed-by: Sergey Shtylyov Acked-by: Miquel Raynal Acked-by: Alexander Sverdlin Acked-by: Uwe Kleine-König Acked-by: Damien Le Moal Acked-by: Sebastian Reichel Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit bd8511fba09ae399fc6812bcf4f8d60a803a6871 Author: Alexander Sverdlin Date: Mon Sep 9 11:10:56 2024 +0300 ARM: dts: ep93xx: Add EDB9302 DT Add device tree for Cirrus EDB9302. Signed-off-by: Alexander Sverdlin Signed-off-by: Nikita Shubin Signed-off-by: Arnd Bergmann commit 454b61d84484a5f761c86b89966eaac93177ca6f Author: Nikita Shubin Date: Mon Sep 9 11:10:55 2024 +0300 ARM: dts: ep93xx: add ts7250 board Add device tree file for Technologic Systems ts7250 board and Liebherr bk3 board which have many in common, both are based on ep9302 SoC variant. Signed-off-by: Nikita Shubin Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit ed5244a1d63796deb56ca1822637b94e8c7cd424 Author: Nikita Shubin Date: Mon Sep 9 11:10:54 2024 +0300 ARM: dts: add Cirrus EP93XX SoC .dtsi Add support for Cirrus Logic EP93XX SoC's family. Co-developed-by: Alexander Sverdlin Signed-off-by: Alexander Sverdlin Signed-off-by: Nikita Shubin Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit fae4d65a042d488c2234352e6a10e1d5ab499bcc Author: Alexander Sverdlin Date: Mon Sep 9 11:10:53 2024 +0300 ASoC: ep93xx: Drop legacy DMA support And rely on OF DMA. Signed-off-by: Alexander Sverdlin Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Andy Shevchenko Reviewed-by: Krzysztof Kozlowski Reviewed-by: Guenter Roeck Reviewed-by: Mark Brown Reviewed-by: Andy Shevchenko Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit fb37c3a9c20c2b9650f283c2f4e9b656182dfee8 Author: Nikita Shubin Date: Mon Sep 9 11:10:52 2024 +0300 ASoC: dt-bindings: ep93xx: Document Audio Port support Document Audio Graph Port support in binding document. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Krzysztof Kozlowski Reviewed-by: Andy Shevchenko Reviewed-by: Guenter Roeck Reviewed-by: Mark Brown Reviewed-by: Andy Shevchenko Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit bae9f789b6c4c365e6a6daa2dfd64a51d2c712de Author: Nikita Shubin Date: Mon Sep 9 11:10:51 2024 +0300 ASoC: dt-bindings: ep93xx: Document DMA support Document DMA support in binding document. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Krzysztof Kozlowski Reviewed-by: Mark Brown Reviewed-by: Andy Shevchenko Reviewed-by: Guenter Roeck Reviewed-by: Andy Shevchenko Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 8f67b1f028190d679a2ad3254cf8da41c8b41f49 Author: Nikita Shubin Date: Mon Sep 9 11:10:50 2024 +0300 gpio: ep93xx: add DT support for gpio-ep93xx Add OF ID match table. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Andy Shevchenko Reviewed-by: Linus Walleij Reviewed-by: Andy Shevchenko Reviewed-by: Krzysztof Kozlowski Reviewed-by: Guenter Roeck Reviewed-by: Mark Brown Reviewed-by: Andy Shevchenko Acked-by: Bartosz Golaszewski Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 177c20d761c538fd3c8e7f35c8036c0e551f5e0e Author: Nikita Shubin Date: Mon Sep 9 11:10:49 2024 +0300 wdt: ts72xx: add DT support for ts72xx Add OF ID match table. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Guenter Roeck Reviewed-by: Andy Shevchenko Reviewed-by: Krzysztof Kozlowski Reviewed-by: Mark Brown Reviewed-by: Andy Shevchenko Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit b3ab5787e7acb02874ae86cbe13969d4dd01a585 Author: Nikita Shubin Date: Mon Sep 9 11:10:48 2024 +0300 input: keypad: ep93xx: add DT support for Cirrus EP93xx - drop flags, they were not used anyway - add OF ID match table - process "autorepeat", "debounce-delay-ms", prescale from device tree - drop platform data usage and it's header - keymap goes from device tree now on Signed-off-by: Nikita Shubin Acked-by: Dmitry Torokhov Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 9cefdd1a952aa1d103ce5f14f4b54e0011cf11e5 Author: Nikita Shubin Date: Mon Sep 9 11:10:47 2024 +0300 dt-bindings: input: Add Cirrus EP93xx keypad Add YAML bindings for ep93xx SoC keypad. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Krzysztof Kozlowski Reviewed-by: Andy Shevchenko Reviewed-by: Guenter Roeck Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 9963113e3a9248785518ef8add920a4acb8c3ca4 Author: Nikita Shubin Date: Mon Sep 9 11:10:46 2024 +0300 ata: pata_ep93xx: add device tree support - add OF ID match table - drop platform DMA and filters - change DMA setup to OF, so we can defer probe Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Sergey Shtylyov Acked-by: Damien Le Moal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit f4da2b6055635738e5ce5ac9352cdb7d5bfd7ce3 Author: Nikita Shubin Date: Mon Sep 9 11:10:45 2024 +0300 dt-bindings: ata: Add Cirrus EP93xx Add YAML bindings for ep93xx SoC PATA. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Krzysztof Kozlowski Reviewed-by: Andy Shevchenko Reviewed-by: Guenter Roeck Reviewed-by: Mark Brown Reviewed-by: Andy Shevchenko Acked-by: Damien Le Moal Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 853034c7d8c0022f0cf84cf041572975eb3c2dba Author: Nikita Shubin Date: Mon Sep 9 11:10:44 2024 +0300 mtd: rawnand: add support for ts72xx Technologic Systems has it's own nand controller implementation in CPLD. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 1d4f2ff1bbed825c5dc3fb47800639a6856a2ebb Author: Nikita Shubin Date: Mon Sep 9 11:10:43 2024 +0300 dt-bindings: mtd: Add ts7200 nand-controller Add YAML bindings for ts7200 NAND Controller. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Krzysztof Kozlowski Reviewed-by: Andy Shevchenko Reviewed-by: Guenter Roeck Reviewed-by: Mark Brown Reviewed-by: Andy Shevchenko Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 770e709e38bf90d3144d82218550730290bc1918 Author: Nikita Shubin Date: Mon Sep 9 11:10:42 2024 +0300 net: cirrus: add DT support for Cirrus EP93xx - add OF ID match table - get phy_id from the device tree, as part of mdio - copy_addr is now always used, as there is no SoC/board that aren't - dropped platform header Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Andrew Lunn Reviewed-by: Linus Walleij Reviewed-by: Andy Shevchenko Reviewed-by: Krzysztof Kozlowski Reviewed-by: Guenter Roeck Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 099747ceb0226a3e99fceba16ee4b3f49e598bcc Author: Nikita Shubin Date: Mon Sep 9 11:10:41 2024 +0300 dt-bindings: net: Add Cirrus EP93xx Add YAML bindings for ep93xx SoC Ethernet Controller. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Krzysztof Kozlowski Reviewed-by: Andy Shevchenko Reviewed-by: Guenter Roeck Reviewed-by: Mark Brown Reviewed-by: Andy Shevchenko Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit e79e7c2df6277ee1ad9364a231f6183da4492415 Author: Nikita Shubin Date: Mon Sep 9 11:10:40 2024 +0300 spi: ep93xx: add DT support for Cirrus EP93xx - add OF ID match table - add device tree DMA request, so we can probe defer, in case DMA is not ready yet - drop DMA platform code Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Linus Walleij Reviewed-by: Mark Brown Acked-by: Alexander Sverdlin Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit cb0291776fa691027ad1de8da6e8678a20ca89c3 Author: Nikita Shubin Date: Mon Sep 9 11:10:39 2024 +0300 dt-bindings: spi: Add Cirrus EP93xx Add YAML bindings for ep93xx SoC SPI. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Krzysztof Kozlowski Reviewed-by: Mark Brown Reviewed-by: Andy Shevchenko Reviewed-by: Guenter Roeck Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 4a0f1f0993f532890e7746a30dee8a826149cd3b Author: Nikita Shubin Date: Mon Sep 9 11:10:38 2024 +0300 pwm: ep93xx: add DT support for Cirrus EP93xx Add OF ID match table. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Tested-by: Michael Peters Reviewed-by: Uwe Kleine-König Reviewed-by: Andy Shevchenko Reviewed-by: Andy Shevchenko Reviewed-by: Krzysztof Kozlowski Reviewed-by: Guenter Roeck Reviewed-by: Mark Brown Reviewed-by: Andy Shevchenko Reviewed-by: Linus Walleij Reviewed-by: Kris Bahnsen Reviewed-by: Andrew Lunn Reviewed-by: Sergey Shtylyov Acked-by: Uwe Kleine-König Acked-by: Miquel Raynal Acked-by: Alexander Sverdlin Acked-by: Damien Le Moal Acked-by: Sebastian Reichel Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 824ccabd73aa2aea35ec5ef979ef67be6b691d15 Author: Nikita Shubin Date: Mon Sep 9 11:10:37 2024 +0300 dt-bindings: pwm: Add Cirrus EP93xx Add YAML bindings for ep93xx SoC PWM. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Krzysztof Kozlowski Reviewed-by: Andy Shevchenko Reviewed-by: Guenter Roeck Acked-by: Uwe Kleine-König Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 2e7f55ce430240a5547b8a94b4c532fc8c20b18b Author: Nikita Shubin Date: Mon Sep 9 11:10:34 2024 +0300 dmaengine: cirrus: Convert to DT for Cirrus EP93xx Convert Cirrus EP93xx DMA to device tree usage: - add OF ID match table with data - add of_probe for device tree - add xlate for m2m/m2p - drop subsys_initcall code - drop platform probe - drop platform structs usage >From now on it only supports device tree probing. Co-developed-by: Alexander Sverdlin Signed-off-by: Alexander Sverdlin Acked-by: Vinod Koul Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Signed-off-by: Arnd Bergmann commit 581e2ff84f2d708885da10414c65cb41b3c13dc3 Author: Nikita Shubin Date: Mon Sep 9 11:10:33 2024 +0300 dt-bindings: dma: Add Cirrus EP93xx Add YAML bindings for ep93xx SoC DMA. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Krzysztof Kozlowski Reviewed-by: Andy Shevchenko Reviewed-by: Guenter Roeck Acked-by: Vinod Koul Acked-by: Miquel Raynal Signed-off-by: Arnd Bergmann commit 6eab0ce6e1c6358f4fb3d9f301bfcf3d527f3da9 Author: Nikita Shubin Date: Mon Sep 9 11:10:32 2024 +0300 soc: Add SoC driver for Cirrus ep93xx Add an SoC driver for the ep93xx. Currently there is only one thing not fitting into any other framework, and that is the swlock setting. Used for clock settings, pinctrl and restart. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Linus Walleij Acked-by: Alexander Sverdlin Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit eeb3dd5b32e68989bae1a3d4420204cf3a90ce73 Author: Nikita Shubin Date: Mon Sep 9 11:10:31 2024 +0300 dt-bindings: soc: Add Cirrus EP93xx Add device tree bindings for the Cirrus Logic EP93xx SoC. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Krzysztof Kozlowski Reviewed-by: Stephen Boyd Reviewed-by: Andy Shevchenko Reviewed-by: Guenter Roeck Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 9fa7cdb4368f5da184e5050856ca3329318de1ed Author: Nikita Shubin Date: Mon Sep 9 11:10:30 2024 +0300 power: reset: Add a driver for the ep93xx reset Implement the reset behaviour of the various EP93xx SoCS in drivers/power/reset. It used to be located in arch/arm/mach-ep93xx. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Acked-by: Sebastian Reichel Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 035f90076fd1cafb17468a2dcef7aad189190980 Author: Nikita Shubin Date: Mon Sep 9 11:10:29 2024 +0300 pinctrl: add a Cirrus ep93xx SoC pin controller Add a pin control (only multiplexing) driver for ep93xx SoC so we can fully convert ep93xx to device tree. This driver is capable of muxing ep9301/ep9302/ep9307/ep9312/ep9315 variants, this is chosen based on "compatible" in device tree. Co-developed-by: Alexander Sverdlin Signed-off-by: Alexander Sverdlin Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Linus Walleij Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit 8a6b7e2b3acfc1bd6f653a4d12c04aa1df736b84 Author: Nikita Shubin Date: Mon Sep 9 11:10:28 2024 +0300 clk: ep93xx: add DT support for Cirrus EP93xx Rewrite EP93xx clock driver located in arch/arm/mach-ep93xx/clock.c trying to do everything the device tree way: - provide clock acces via of - drop clk_hw_register_clkdev - drop init code and use module_auxiliary_driver Co-developed-by: Alexander Sverdlin Signed-off-by: Alexander Sverdlin Signed-off-by: Nikita Shubin Signed-off-by: Arnd Bergmann commit ede5bbe488d162bcd572880e58f9044c9df84050 Author: Nikita Shubin Date: Mon Sep 9 11:10:27 2024 +0300 ARM: ep93xx: add regmap aux_dev The following driver's should be instantiated by ep93xx syscon driver: - reboot - pinctrl - clock They all require access to DEVCFG register with a shared lock held, to avoid conflict writing to swlocked parts of DEVCFG. Provide common resources such as base, regmap and spinlock via auxiliary bus framework. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Linus Walleij Reviewed-by: Stephen Boyd Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit cbe8e464eb29057f0f368e493277bdaa6dc5d656 Author: Nikita Shubin Date: Mon Sep 9 11:10:26 2024 +0300 gpio: ep93xx: split device in multiple Prepare ep93xx SOC gpio to convert into device tree driver: - dropped banks and legacy defines - split AB IRQ and make it shared We are relying on IRQ number information A, B ports have single shared IRQ, while F port have dedicated IRQ for each line. Also we had to split single ep93xx platform_device into multiple, one for each port, without this we can't do a full working transition from legacy platform code into device tree capable. All GPIO_LOOKUP were change to match new chip namings. Signed-off-by: Nikita Shubin Tested-by: Alexander Sverdlin Reviewed-by: Linus Walleij Reviewed-by: Andy Shevchenko Reviewed-by: Andy Shevchenko Reviewed-by: Krzysztof Kozlowski Reviewed-by: Guenter Roeck Acked-by: Bartosz Golaszewski Acked-by: Miquel Raynal Acked-by: Vinod Koul Signed-off-by: Arnd Bergmann commit a8c39443a38bf21465ccf395e9ebc8e0a52d63ff Merge: c7f06284a64274 706ae6446494b4 Author: Arnd Bergmann Date: Thu Sep 12 12:24:44 2024 +0000 Merge branch 'ep93xx/clk-dependency' into ep93xx/dt-conversion This is a dependency for clk driver Signed-off-by: Arnd Bergmann commit a5fb217f13f74b2af2ab366ffad522bae717f93c Author: Christoph Hellwig Date: Thu Sep 12 09:21:18 2024 +0200 dma-mapping: reflow dma_supported dma_supported has become too much spaghetti for my taste. Reflow it to remove the duplicate use_dma_iommu condition and make the main path more obvious. Signed-off-by: Christoph Hellwig Reviewed-by: Leon Romanovsky commit 168c3e0d443599dd370710243fbf5c815fad7890 Merge: af0103eccc101b 605f56405a6719 Author: Arnd Bergmann Date: Thu Sep 12 14:25:35 2024 +0000 Merge tag 'sunxi-dt-for-6.12-2' of https://git.kernel.org/pub/scm/linux/kernel/git/sunxi/linux into soc/dt Allwinner SoC device tree changes for 6.12 part 2 ARM64 device tree and binding-only changes - Add system and pin voltage regulator supplies for NanoPi NEO Plus2 * tag 'sunxi-dt-for-6.12-2' of https://git.kernel.org/pub/scm/linux/kernel/git/sunxi/linux: arm64: dts: allwinner: h5: NanoPi NEO Plus2: Use regulators for pio arm64: dts: allwinner: h5: NanoPi Neo Plus2: Fix regulators Link: https://lore.kernel.org/r/ZuKmwD8VQrvNx8ir@wens.tw Signed-off-by: Arnd Bergmann commit 9ea7b92b77df7d2eee3c31ef4a19f0f12ec74190 Merge: 4ffc8a34229864 b635a84bde6f0b Author: Palmer Dabbelt Date: Thu Sep 12 07:23:05 2024 -0700 Merge patch series "remove size limit on XIP kernel" Nam Cao says: Hi, For XIP kernel, the writable data section is always at offset specified in XIP_OFFSET, which is hard-coded to 32MB. Unfortunately, this means the read-only section (placed before the writable section) is restricted in size. This causes build failure if the kernel gets too large. This series remove the use of XIP_OFFSET one by one, then remove this macro entirely at the end, with the goal of lifting this size restriction. Also some cleanup and documentation along the way. * b4-shazam-merge riscv: remove limit on the size of read-only section for XIP kernel riscv: drop the use of XIP_OFFSET in create_kernel_page_table() riscv: drop the use of XIP_OFFSET in kernel_mapping_va_to_pa() riscv: drop the use of XIP_OFFSET in XIP_FIXUP_FLASH_OFFSET riscv: drop the use of XIP_OFFSET in XIP_FIXUP_OFFSET riscv: replace misleading va_kernel_pa_offset on XIP kernel riscv: don't export va_kernel_pa_offset in vmcoreinfo for XIP kernel riscv: cleanup XIP_FIXUP macro riscv: change XIP's kernel_map.size to be size of the entire kernel ... Link: https://lore.kernel.org/r/cover.1717789719.git.namcao@linutronix.de Signed-off-by: Palmer Dabbelt commit b635a84bde6f0b94944b5d960f4e6a52ac3555c6 Author: Nam Cao Date: Fri Jun 7 22:22:13 2024 +0200 riscv: remove limit on the size of read-only section for XIP kernel XIP_OFFSET is the hard-coded offset of writable data section within the kernel. By hard-coding this value, the read-only section of the kernel (which is placed before the writable data section) is restricted in size. This causes build failures if the kernel gets too big [1]. Remove this limit. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202404211031.J6l2AfJk-lkp@intel.com [1] Signed-off-by: Nam Cao Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/3bf3a77be10ebb0d8086c028500baa16e7a8e648.1717789719.git.namcao@linutronix.de Signed-off-by: Palmer Dabbelt commit a7cfb999433ad3a1aa7ca86ecdaf3e061ab7076a Author: Nam Cao Date: Fri Jun 7 22:22:12 2024 +0200 riscv: drop the use of XIP_OFFSET in create_kernel_page_table() XIP_OFFSET is the hard-coded offset of writable data section within the kernel. By hard-coding this value, the read-only section of the kernel (which is placed before the writable data section) is restricted in size. As a preparation to remove this hard-coded value entirely, stop using XIP_OFFSET in create_kernel_page_table(). Instead use _sdata and _start to do the same thing. Signed-off-by: Nam Cao Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/4ea3f222a7eb9f91c04b155ff2e4d3ef19158acc.1717789719.git.namcao@linutronix.de Signed-off-by: Palmer Dabbelt commit 75fdf791dff08470c035996f5d3e92c64491ce19 Author: Nam Cao Date: Fri Jun 7 22:22:11 2024 +0200 riscv: drop the use of XIP_OFFSET in kernel_mapping_va_to_pa() XIP_OFFSET is the hard-coded offset of writable data section within the kernel. By hard-coding this value, the read-only section of the kernel (which is placed before the writable data section) is restricted in size. As a preparation to remove this hard-coded macro XIP_OFFSET entirely, remove the use of XIP_OFFSET in kernel_mapping_va_to_pa(). The macro XIP_OFFSET is used in this case to check if the virtual address is mapped to Flash or to RAM. The same check can be done with kernel_map.xiprom_sz. Signed-off-by: Nam Cao Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/644c13d9467525a06f5d63d157875a35b2edb4bc.1717789719.git.namcao@linutronix.de Signed-off-by: Palmer Dabbelt commit 23311f57ee132b2584915d38955b6cf125e76022 Author: Nam Cao Date: Fri Jun 7 22:22:10 2024 +0200 riscv: drop the use of XIP_OFFSET in XIP_FIXUP_FLASH_OFFSET XIP_OFFSET is the hard-coded offset of writable data section within the kernel. By hard-coding this value, the read-only section of the kernel (which is placed before the writable data section) is restricted in size. As a preparation to remove this hard-coded macro XIP_OFFSET entirely, stop using XIP_OFFSET in XIP_FIXUP_FLASH_OFFSET. Instead, use __data_loc and _sdata to do the same thing. While at it, also add a description for XIP_FIXUP_FLASH_OFFSET. Signed-off-by: Nam Cao Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/7b3319657edd1822f3457e7e7c07aaa326cc2f87.1717789719.git.namcao@linutronix.de Signed-off-by: Palmer Dabbelt commit e4eac34feda4959fad754004435512b24af73fe6 Author: Nam Cao Date: Fri Jun 7 22:22:09 2024 +0200 riscv: drop the use of XIP_OFFSET in XIP_FIXUP_OFFSET XIP_OFFSET is the hard-coded offset of writable data section within the kernel. By hard-coding this value, the read-only section of the kernel (which is placed before the writable data section) is restricted in size. As a preparation to remove this hard-coded macro XIP_OFFSET entirely, stop using XIP_OFFSET in XIP_FIXUP_OFFSET. Instead, use CONFIG_PHYS_RAM_BASE and _sdata to do the same thing. While at it, also add a description for XIP_FIXUP_OFFSET. Signed-off-by: Nam Cao Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/dba0409518b14ee83b346e099b1f7f934daf7b74.1717789719.git.namcao@linutronix.de Signed-off-by: Palmer Dabbelt commit 5cf089672119808c2f5b7035c91adcc0cc7287e1 Author: Nam Cao Date: Fri Jun 7 22:22:08 2024 +0200 riscv: replace misleading va_kernel_pa_offset on XIP kernel On XIP kernel, the name "va_kernel_pa_offset" is misleading: unlike "normal" kernel, it is not the virtual-physical address offset of kernel mapping, it is the offset of kernel mapping's first virtual address to first physical address in DRAM, which is not meaningful because the kernel's first physical address is not in DRAM. For XIP kernel, there are 2 different offsets because the read-only part of the kernel resides in ROM while the rest is in RAM. The offset to ROM is in kernel_map.va_kernel_xip_pa_offset, while the offset to RAM is not stored anywhere: it is calculated on-the-fly. Remove this confusing "va_kernel_pa_offset" and add "va_kernel_xip_data_pa_offset" as its replacement. This new variable is the offset of virtual mapping of the kernel's data portion to the corresponding physical addresses. With the introduction of this new variable, also rename va_kernel_xip_pa_offset -> va_kernel_xip_text_pa_offset to make it clear that this one is about the .text section. Signed-off-by: Nam Cao Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/84e5d005c1386d88d7b2531e0b6707ec5352ee54.1717789719.git.namcao@linutronix.de Signed-off-by: Palmer Dabbelt commit f2df5b4fdd74a3490c35498de935ebf4f9b7c382 Author: Nam Cao Date: Fri Jun 7 22:22:07 2024 +0200 riscv: don't export va_kernel_pa_offset in vmcoreinfo for XIP kernel The crash utility uses va_kernel_pa_offset to translate virtual addresses. This is incorrect in the case of XIP kernel, because va_kernel_pa_offset is not the virtual-physical address offset (yes, the name is misleading; this variable will be removed for XIP in a following commit). Stop exporting this variable for XIP kernel. The replacement is to be determined, note it as a TODO for now. Signed-off-by: Nam Cao Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/8f8760d3f9a11af4ea0acbc247e4f49ff5d317e9.1717789719.git.namcao@linutronix.de Signed-off-by: Palmer Dabbelt commit aa3457f22f00b9c9039672b1ff942fd72a5330d8 Author: Nam Cao Date: Fri Jun 7 22:22:06 2024 +0200 riscv: cleanup XIP_FIXUP macro The XIP_FIXUP macro is used to fix addresses early during boot before MMU: generated code "thinks" the data section is in ROM while it is actually in RAM. So this macro corrects the addresses in the data section. This macro determines if the address needs to be fixed by checking if it is within the range starting from ROM address up to the size of (2 * XIP_OFFSET). This means if the kernel size is bigger than (2 * XIP_OFFSET), some addresses would not be fixed up. XIP kernel can still work if the above scenario does not happen. But this macro is obviously incorrect. Rewrite this macro to only fix up addresses within the data section. Signed-off-by: Nam Cao Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/95f50a4ec8204ec4fcbf2a80c9addea0e0609e3b.1717789719.git.namcao@linutronix.de Signed-off-by: Palmer Dabbelt commit 4a33aa34e4ac2c2bd746a305d4b39fb60dedc091 Author: Dmitry Baryshkov Date: Wed Sep 11 13:16:48 2024 +0300 drm/display: fix kerneldocs references The commit 9da7ec9b19d8 ("drm/bridge-connector: move to DRM_DISPLAY_HELPER module") changed location of the drm_bridge_connector.c file, but didn't update the kerneldocs. Fix that. Fixes: 9da7ec9b19d8 ("drm/bridge-connector: move to DRM_DISPLAY_HELPER module") Reported-by: Stephen Rothwell Closes: https://lore.kernel.org/dri-devel/20240904163018.214efaa7@canb.auug.org.au/ Acked-by: Thomas Zimmermann Reviewed-By: Carlos Bilbao Link: https://patchwork.freedesktop.org/patch/msgid/20240911-drm-fix-dbc-docs-v1-1-ae5cb82fce1e@linaro.org Signed-off-by: Dmitry Baryshkov commit d69f11e8c57e9459c9e60bffc0f2c6c3aa02f4b1 Author: Muhammad Usama Anjum Date: Wed Sep 11 17:36:22 2024 +0500 ASoc: mediatek: mt8365: Remove unneeded assignment The ret is being assigned, but not being used. Remove the assignment. One of the reviewer mentioned that dev_warn should be replaced with dev_info. Make this change as well. Fixes: 1bf6dbd75f76 ("ASoc: mediatek: mt8365: Add a specific soundcard for EVK") Signed-off-by: Muhammad Usama Anjum Reviewed-by: AngeloGioacchino Del Regno Link: https://patch.msgid.link/20240911123629.125686-1-usama.anjum@collabora.com Reviewed-by: Alexandre Mergnat Signed-off-by: Mark Brown commit f1cba5212e252243a539e079813bc96fbf53e241 Author: Takashi Sakamoto Date: Thu Sep 12 22:30:38 2024 +0900 firewire: core: rename cause flag of tracepoints event The flag of FW_ISO_CONTEXT_COMPLETIONS_CAUSE_IRQ directly causes hardIRQ request by 1394 OHCI hardware when the corresponding isochronous packet is transferred, however it is not so directly associated to hardIRQ processing itself. This commit renames the flag so that it relates to interrupt parameter of internal packet data. Link: https://lore.kernel.org/r/20240912133038.238786-6-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 4010cb1efda08ec6fd02ec5db9da909322ef352e Author: Takashi Sakamoto Date: Thu Sep 12 22:30:37 2024 +0900 firewire: core: update documentation of kernel APIs for flushing completions There is a slight difference between fw_iso_context_flush_completions() and fw_iso_context_schedule_flush_completions(). This commit updates the documentations for them. Link: https://lore.kernel.org/r/20240912133038.238786-5-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 5d567654be41ea59cc15a63779209af45615f47e Author: Takashi Sakamoto Date: Thu Sep 12 22:30:36 2024 +0900 firewire: core: add helper function to retire descriptors Both IR/IT contexts use the same code to retire completed descriptors as AT context uses. This commit adds a helper function to reduce the duplicated codes. Link: https://lore.kernel.org/r/20240912133038.238786-4-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 6ffa9bd6ebce0626e62358dda59effe5758ebfc5 Author: Takashi Sakamoto Date: Thu Sep 12 22:30:35 2024 +0900 Revert "firewire: core: move workqueue handler from 1394 OHCI driver to core function" This reverts commit 767bfb9ef27ebf760290d9f8bc303828b018c312. It appears that the call of ohci_flush_iso_completions() in the work item scheduled by hardIRQ of 1394 OHCI for any isochronous context changes the timing to queue events in the view of user space application. Link: https://lore.kernel.org/r/20240912133038.238786-3-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit c45b9a07b6392fa224ca76b89f24dae1046eef09 Author: Takashi Sakamoto Date: Thu Sep 12 22:30:34 2024 +0900 Revert "firewire: core: use mutex to coordinate concurrent calls to flush completions" This reverts commit d9605d67562505e27dcc0f71af418118d3db91e5, since this commit is on the following reverted changes. Link: https://lore.kernel.org/r/20240912133038.238786-2-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit cdc118f802410525cca872e0861a14d76d12c574 Author: Bibo Mao Date: Thu Sep 12 20:53:40 2024 +0800 LoongArch: KVM: Enable paravirt feature control from VMM Export kernel paravirt features to user space, so that VMM can control each single paravirt feature. By default paravirt features will be the same with kvm supported features if VMM does not set it. Also a new feature KVM_FEATURE_VIRT_EXTIOI is added which can be set from user space. This feature indicates that the virt EIOINTC can route interrupts to 256 vCPUs, rather than 4 vCPUs like with real HW. Signed-off-by: Bibo Mao Signed-off-by: Huacai Chen commit f4e40ea9f78fed585e953bf38575e47d24922e1a Author: Song Gao Date: Thu Sep 12 20:53:40 2024 +0800 LoongArch: KVM: Add PMU support for guest On LoongArch, the host and guest have their own PMU CSRs registers and they share PMU hardware resources. A set of PMU CSRs consists of a CTRL register and a CNTR register. We can set which PMU CSRs are used by the guest by writing to the GCFG register [24:26] bits. On KVM side: - Save the host PMU CSRs into structure kvm_context. - If the host supports the PMU feature. - When entering guest mode, save the host PMU CSRs and restore the guest PMU CSRs. - When exiting guest mode, save the guest PMU CSRs and restore the host PMU CSRs. Reviewed-by: Bibo Mao Signed-off-by: Song Gao Signed-off-by: Huacai Chen commit 75078ba2b38a38d94017bd334f71aaed205e30a4 Merge: 2ef52ca02cfb1d 3e9e67e129434f Author: Will Deacon Date: Thu Sep 12 13:44:03 2024 +0100 Merge branch 'for-next/timers' into for-next/core * for-next/timers: arm64: Implement prctl(PR_{G,S}ET_TSC) commit 2ef52ca02cfb1d13dbdfb96878fabe3a420b3da7 Merge: 982a847c71d43e d736d4fc763090 Author: Will Deacon Date: Thu Sep 12 13:43:57 2024 +0100 Merge branch 'for-next/selftests' into for-next/core * for-next/selftests: kselftest/arm64: Fix build warnings for ptrace kselftest/arm64: Actually test SME vector length changes via sigreturn kselftest/arm64: signal: fix/refactor SVE vector length enumeration commit 982a847c71d43eefd530e865314cbf31309619e2 Merge: 3175e051c37660 10166c23f41367 Author: Will Deacon Date: Thu Sep 12 13:43:41 2024 +0100 Merge branch 'for-next/poe' into for-next/core * for-next/poe: (31 commits) arm64: pkeys: remove redundant WARN kselftest/arm64: Add test case for POR_EL0 signal frame records kselftest/arm64: parse POE_MAGIC in a signal frame kselftest/arm64: add HWCAP test for FEAT_S1POE selftests: mm: make protection_keys test work on arm64 selftests: mm: move fpregs printing kselftest/arm64: move get_header() arm64: add Permission Overlay Extension Kconfig arm64: enable PKEY support for CPUs with S1POE arm64: enable POE and PIE to coexist arm64/ptrace: add support for FEAT_POE arm64: add POE signal support arm64: implement PKEYS support arm64: add pte_access_permitted_no_overlay() arm64: handle PKEY/POE faults arm64: mask out POIndex when modifying a PTE arm64: convert protection key into vm_flags and pgprot values arm64: add POIndex defines arm64: re-order MTE VM_ flags arm64: enable the Permission Overlay Extension for EL0 ... commit 3175e051c3766047f645020d4a80a86321f7dcff Merge: 119e3eef326210 21be9f7110d4c0 Author: Will Deacon Date: Thu Sep 12 13:43:22 2024 +0100 Merge branch 'for-next/pkvm-guest' into for-next/core * for-next/pkvm-guest: arm64: smccc: Reserve block of KVM "vendor" services for pKVM hypercalls drivers/virt: pkvm: Intercept ioremap using pKVM MMIO_GUARD hypercall arm64: mm: Add confidential computing hook to ioremap_prot() drivers/virt: pkvm: Hook up mem_encrypt API using pKVM hypercalls arm64: mm: Add top-level dispatcher for internal mem_encrypt API drivers/virt: pkvm: Add initial support for running as a protected guest firmware/smccc: Call arch-specific hook on discovering KVM services commit 119e3eef3262108c74d3f832372d8b74b7169c45 Merge: c2c94023692d48 2e091a805febb9 Author: Will Deacon Date: Thu Sep 12 13:43:16 2024 +0100 Merge branch 'for-next/perf' into for-next/core * for-next/perf: (33 commits) perf: arm-ni: Fix an NULL vs IS_ERR() bug perf: arm_pmuv3: Use BR_RETIRED for HW branch event if enabled MAINTAINERS: List Arm interconnect PMUs as supported perf: Add driver for Arm NI-700 interconnect PMU dt-bindings/perf: Add Arm NI-700 PMU perf/arm-cmn: Improve format attr printing perf/arm-cmn: Clean up unnecessary NUMA_NO_NODE check perf/arm-cmn: Support CMN S3 dt-bindings: perf: arm-cmn: Add CMN S3 perf/arm-cmn: Refactor DTC PMU register access perf/arm-cmn: Make cycle counts less surprising perf/arm-cmn: Improve build-time assertion perf/arm-cmn: Ensure dtm_idx is big enough perf/arm-cmn: Fix CCLA register offset perf/arm-cmn: Refactor node ID handling. Again. drivers/perf: hisi_pcie: Export supported Root Ports [bdf_min, bdf_max] drivers/perf: hisi_pcie: Fix TLP headers bandwidth counting drivers/perf: hisi_pcie: Record hardware counts correctly drivers/perf: arm_spe: Use perf_allow_kernel() for permissions perf/dwc_pcie: Add support for QCOM vendor devices ... commit c2c94023692d483eabf33ba396bb56961c415698 Merge: f661eb5f8d049e c02e7c5c6da8c6 Author: Will Deacon Date: Thu Sep 12 13:43:08 2024 +0100 Merge branch 'for-next/mm' into for-next/core * for-next/mm: arm64/mm: use lm_alias() with addresses passed to memblock_free() mm: arm64: document why pte is not advanced in contpte_ptep_set_access_flags() arm64: Expose the end of the linear map in PHYSMEM_END arm64: trans_pgd: mark PTEs entries as valid to avoid dead kexec() arm64/mm: Delete __init region from memblock.reserved commit f661eb5f8d049edbe8b1b7554861e04ab61d1a10 Merge: dd22f4448572a3 ecdd16df45649e Author: Will Deacon Date: Thu Sep 12 13:42:57 2024 +0100 Merge branch 'for-next/misc' into for-next/core * for-next/misc: arm64: hibernate: Fix warning for cast from restricted gfp_t arm64: esr: Define ESR_ELx_EC_* constants as UL arm64: Constify struct kobj_type arm64: smp: smp_send_stop() and crash_smp_send_stop() should try non-NMI first arm64/sve: Remove unused declaration read_smcr_features() arm64: mm: Remove unused declaration early_io_map() arm64: el2_setup.h: Rename some labels to be more diff-friendly arm64: signal: Fix some under-bracketed UAPI macros arm64/mm: Drop TCR_SMP_FLAGS arm64/mm: Drop PMD_SECT_VALID commit dd22f4448572a35b74efac078ecf30c32ea0dfe0 Merge: d2ea63804bc9d7 db0d8a84348b87 Author: Will Deacon Date: Thu Sep 12 13:42:50 2024 +0100 Merge branch 'for-next/errata' into for-next/core * for-next/errata: arm64: errata: Enable the AC03_CPU_38 workaround for ampere1a commit d2ea63804bc9d706e441cff8c941028ec70ab99f Merge: 7c626ce4bae1ac f3b78b470f28bb Author: Will Deacon Date: Thu Sep 12 13:42:42 2024 +0100 Merge branch 'for-next/acpi' into for-next/core * for-next/acpi: ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 ACPI: ARM64: add acpi_iort.h to MAINTAINERS ACPI/IORT: Switch to use kmemdup_array() commit 322706e16988f6156ddd8fdcc6d06f87efc058f6 Author: Balamurugan C Date: Thu Sep 12 20:03:08 2024 +0800 ASoC: Intel: ARL: Add entry for HDMI-In capture support to non-I2S codec boards. Adding HDMI-In capture support for the ARL products which doesn't have onboard I2S codec. But need to support HDMI-In capture via I2S and audio playback through HDMI/DP monitor. Signed-off-by: Balamurugan C Reviewed-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240912120308.134762-8-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 47d94c13d5f1f9f9c2bc29e26ebbd4efe912256c Author: Balamurugan C Date: Thu Sep 12 20:03:07 2024 +0800 ASoC: Intel: sof_rt5682: Add HDMI-In capture with rt5682 support for ARL. Added match table entry on arl machines to support HDMI-In capture with rt5682 I2S audio codec. also added the respective quirk configuration in rt5682 machine driver. Signed-off-by: Balamurugan C Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240912120308.134762-7-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit dfa1a7f456f10018229d0d5b3c36dd36a9b5344f Author: Brent Lu Date: Thu Sep 12 20:03:06 2024 +0800 ASoC: SOF: Intel: hda: remove common_hdmi_codec_drv Do not set common_hdmi_codec_drv in SOF platform driver since no machine driver needs it. Remove member variable common_hdmi_codec_drv from snd_soc_acpi_mach_params structure. Signed-off-by: Brent Lu Reviewed-by: Péter Ujfalusi Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240912120308.134762-6-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit f22a351fe2193dac803fc919096b734ff2947958 Author: Brent Lu Date: Thu Sep 12 20:03:05 2024 +0800 ASoC: Intel: sof_pcm512x: do not check common_hdmi_codec_drv The variable common_hdmi_codec_drv is always true on SOF platform so we could remove the reference in machine driver. Signed-off-by: Brent Lu Reviewed-by: Péter Ujfalusi Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240912120308.134762-5-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 2c80bcc27557b5db4aca8a0c621fc7d5cd10cf7e Author: Brent Lu Date: Thu Sep 12 20:03:04 2024 +0800 ASoC: Intel: ehl_rt5660: do not check common_hdmi_codec_drv The variable common_hdmi_codec_drv is always true on SOF platform so we could remove the reference in machine driver. Signed-off-by: Brent Lu Reviewed-by: Péter Ujfalusi Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240912120308.134762-4-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit b28b23dea31497548010c248398162ef4c25cfd2 Author: Brent Lu Date: Thu Sep 12 20:03:03 2024 +0800 ASoC: Intel: skl_hda_dsp_generic: use common module for DAI links Use intel_board module to create DAI link array for Intel iDisp HDMI, HDA external codec, DMIC01, DMIC16K, and BT audio offload DAI BE links. Signed-off-by: Brent Lu Reviewed-by: Péter Ujfalusi Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240912120308.134762-3-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit bd07676ddade417c7cfefb58fb87c27751395bb3 Author: Brent Lu Date: Thu Sep 12 20:03:02 2024 +0800 ASoC: Intel: board_helpers: support HDA link initialization Add a helper function for machine drivers to initialize HDA external codec DAI link. Signed-off-by: Brent Lu Reviewed-by: Péter Ujfalusi Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240912120308.134762-2-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 2349d2fa02db19ebc5e9033ddc3ed09e22c4abb5 Author: Gao Xiang Date: Thu Sep 5 16:47:32 2024 +0800 erofs: sunset unneeded NOFAILs With iterative development, our codebase can now deal with compressed buffer misses properly if both in-place I/O and compressed buffer allocation fail. Note that if readahead fails (with non-uptodate folios), the original request will then fall back to synchronous read, and `.read_folio()` should return appropriate errnos; otherwise -EIO will be passed to user space, which is unexpected. To simplify rarely encountered failure paths, a mimic decompression will be just used. Before that, failure reasons are recorded in compressed_bvecs[] and they also act as placeholders to avoid in-place pages. They will be parsed just before decompression and then pass back to `.read_folio()`. Reviewed-by: Chao Yu Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20240905084732.2684515-1-hsiangkao@linux.alibaba.com commit 9fed8d7c46f37151037334ef5e8b30b945baaceb Author: Finn Callies Date: Wed Sep 11 09:21:09 2024 +0200 s390/crypto: Display Query and Query Authentication Information in sysfs Displays the query (fc=0) and query authentication information (fc=127) as binary in sysfs per CPACF instruction. Files are located in /sys/devices/system/cpu/cpacf/. These information can be fetched via asm already except for PCKMO because this instruction is privileged. To offer a unified interface all CPACF instructions will have this information displayed in sysfs in files _query_raw and _query_auth_info_raw. A new tool introduced into s390-tools called cpacfinfo will use this information to convert and display in human readable form. Suggested-by: Harald Freudenberger Reviewed-by: Harald Freudenberger Acked-by: Heiko Carstens Signed-off-by: Finn Callies Signed-off-by: Vasily Gorbik commit 9bbd1bfb865555df64fe4740c528f6d53529ad17 Author: Finn Callies Date: Wed Sep 11 09:21:08 2024 +0200 s390/crypto: Add Support for Query Authentication Information Introduce functions __cpacf_qai() and wrapper cpacf_qai() to the respective existing functions __cpacf_query() and cpacf_query() are introduced to support the Query Authentication Information feature of MSA 13. Suggested-by: Harald Freudenberger Reviewed-by: Harald Freudenberger Acked-by: Heiko Carstens Signed-off-by: Finn Callies Signed-off-by: Vasily Gorbik commit 27aad7f7a4bbaae910bbac88247a05081bb8b21e Author: Finn Callies Date: Wed Sep 11 09:21:07 2024 +0200 s390/crypto: Rework RRE and RRF CPACF inline functions Rework of the __cpacf_query_rre() and __cpacf_query_rrf() functions to support additional function codes. A function code is passed as a new parameter to specify which subfunction of the supplied Instruction is to be called. Suggested-by: Harald Freudenberger Reviewed-by: Harald Freudenberger Acked-by: Heiko Carstens Signed-off-by: Finn Callies Signed-off-by: Vasily Gorbik commit d2dec49d76f741c746ba375abe009cdcc69fb3a9 Author: Finn Callies Date: Wed Sep 11 09:21:06 2024 +0200 s390/crypto: Add KDSA CPACF Instruction Add the function code definitions for using the KDSA function to the CPACF header file. Suggested-by: Harald Freudenberger Reviewed-by: Harald Freudenberger Acked-by: Heiko Carstens Signed-off-by: Finn Callies Signed-off-by: Vasily Gorbik commit ab22f8d90878a882775fb0380572725a56104fb1 Author: Jens Remus Date: Tue Sep 10 15:41:17 2024 +0200 s390/disassembler: Remove duplicate instruction format RSY_RDRU Instruction format RSY_RDRU is a duplicate of RSY_RURD2. Use the latter, as it follows the s390-specific conventions for instruction format naming used in binutils. Reviewed-by: Heiko Carstens Signed-off-by: Jens Remus Signed-off-by: Vasily Gorbik commit b4ed18a3d56eabd18cfd9841ff05111e3cfbe8f9 Author: Dmitry Torokhov Date: Mon Sep 9 13:37:40 2024 -0700 HID: i2c-hid: ensure various commands do not interfere with each other i2c-hid uses 2 shared buffers: command and "raw" input buffer for sending requests to peripherals and read data from peripherals when executing variety of commands. Such commands include reading of HID registers, requesting particular power mode, getting and setting reports and so on. Because all such requests use the same 2 buffers they should not execute simultaneously. Fix this by introducing "cmd_lock" mutex and acquire it whenever we needs to access ihid->cmdbuf or idid->rawbuf. Signed-off-by: Dmitry Torokhov Reviewed-by: Hans de Goede Signed-off-by: Jiri Kosina commit 71fdfcdd0dc8344ce6a7887b4675c7700efeffa6 Author: Pankaj Raghav Date: Tue Aug 20 18:13:29 2024 +0200 Documentation: iomap: fix a typo Change voidw -> void. Signed-off-by: Pankaj Raghav Link: https://lore.kernel.org/r/20240820161329.1293718-1-kernel@pankajraghav.com Reviewed-by: Darrick J. Wong Signed-off-by: Christian Brauner commit 5af16d4bab58961e4b25dd5410296b8569e1ce96 Merge: 01d34cc9363917 46765aaec4d78b Author: Michael Ellerman Date: Thu Sep 12 21:57:53 2024 +1000 Merge branch 'topic/ppc-kvm' into next commit f1c6cf8e7ab9d7498ee70c69d5093165952d3595 Merge: e3b1be2e73dbe5 4638a0474d3424 Author: Will Deacon Date: Thu Sep 12 12:54:14 2024 +0100 Merge branch 'for-joerg/arm-smmu/bindings' into for-joerg/arm-smmu/updates * for-joerg/arm-smmu/bindings: dt-bindings: arm-smmu: Add compatible for QCS8300 SoC dt-bindings: arm-smmu: document the support on SA8255p commit 4638a0474d342492060c03f84656ebe9b58a7636 Author: Zhenhua Huang Date: Wed Sep 11 15:18:54 2024 +0800 dt-bindings: arm-smmu: Add compatible for QCS8300 SoC Qualcomm QCS8300 SoC includes apps smmu that implements arm,mmu-500, which is used to translate device-visible virtual addresses to physical addresses. Add compatible for it. Signed-off-by: Zhenhua Huang Signed-off-by: Jingyi Wang Link: https://lore.kernel.org/r/20240911-qcs8300_smmu_binding-v2-1-f53dd9c047ba@quicinc.com Signed-off-by: Will Deacon commit 2e091a805febb9a91cc7de2735d8d4ef0e640241 Author: Dan Carpenter Date: Wed Sep 11 10:39:59 2024 +0300 perf: arm-ni: Fix an NULL vs IS_ERR() bug The devm_ioremap() function never returns error pointers, it returns a NULL pointer if there is an error. Fixes: 4d5a7680f2b4 ("perf: Add driver for Arm NI-700 interconnect PMU") Signed-off-by: Dan Carpenter Reviewed-by: Robin Murphy Link: https://lore.kernel.org/r/04d6ccc3-6d31-4f0f-ab0f-7a88342cc09a@stanley.mountain Signed-off-by: Will Deacon commit ecdd16df45649e344e38ec59a3022e13419a695a Author: Min-Hua Chen Date: Wed Sep 11 07:25:05 2024 +0800 arm64: hibernate: Fix warning for cast from restricted gfp_t This patch fixes the following warning by adding __force to the cast: arch/arm64/kernel/hibernate.c:410:44: sparse: warning: cast from restricted gfp_t No functional change intended. Signed-off-by: Min-Hua Chen Link: https://lore.kernel.org/r/20240910232507.313555-1-minhuadotchen@gmail.com Signed-off-by: Will Deacon commit 07f1eb718db281c3e0cdb068ea7d73c30921a81c Author: Jinjie Ruan Date: Thu Sep 12 17:17:01 2024 +0800 spi: geni-qcom: Use devm functions to simplify code Use devm_pm_runtime_enable(), devm_request_irq() and devm_spi_register_controller() to simplify code. And also register a callback spi_geni_release_dma_chan() with devm_add_action_or_reset(), to release dma channel in both error and device detach path, which can make sure the release sequence is consistent with the original one. 1. Unregister spi controller. 2. Free the IRQ. 3. Free DMA chans 4. Disable runtime PM. So the remove function can also be removed. Reviewed-by: Douglas Anderson Suggested-by: Doug Anderson Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240912091701.3720857-1-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit f10d52087cbe85dcff2af3dc94c5b9d06e6d4b9a Merge: 740c1c84bfa3d8 b787a33864121a Author: Mark Brown Date: Thu Sep 12 12:38:44 2024 +0100 spi: Merge up fixes A patch for Qualcomm depends on some fixes. commit 32d5f79aafebb928eeb9325bb390d509f2d5c0a9 Merge: 448aa89af07b83 e6b95bdc1e333e Author: Mark Brown Date: Thu Sep 12 12:11:38 2024 +0100 ASoC: Improvements for mchp-pdmc Merge series from Andrei Simion : This patch set is intended to enhance the functionality and maintainability of the mchp-pdmc driver: - Enhances performance by refining maxburst logic. - Introduces a name for better identification and management. commit 4b40d43d9f951d87ae8dc414c2ef5ae50303a266 Author: Dennis Lam Date: Wed Sep 11 21:25:51 2024 -0400 docs: filesystems: corrected grammar of netfs page Fixed the word "aren't" to "isn't" based on singular word "bufferage". Signed-off-by: Dennis Lam Link: https://lore.kernel.org/r/20240912012550.13748-2-dennis.lamerice@gmail.com Signed-off-by: Christian Brauner commit 3956e7284c41629eb8f1e7104f1e73332bd1ce97 Merge: 4356ab331c8f0d 4aa571d67e81b5 Author: Christian Brauner Date: Tue Sep 3 20:28:01 2024 +0200 Merge branch 'netfs-writeback' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs into vfs.netfs Merge patch series "netfs: Read/write improvements" from David Howells . * 'netfs-writeback' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs: (25 commits) cifs: Don't support ITER_XARRAY cifs: Switch crypto buffer to use a folio_queue rather than an xarray cifs: Use iterate_and_advance*() routines directly for hashing netfs: Cancel dirty folios that have no storage destination cachefiles, netfs: Fix write to partial block at EOF netfs: Remove fs/netfs/io.c netfs: Speed up buffered reading afs: Make read subreqs async netfs: Simplify the writeback code netfs: Provide an iterator-reset function netfs: Use new folio_queue data type and iterator instead of xarray iter cifs: Provide the capability to extract from ITER_FOLIOQ to RDMA SGEs iov_iter: Provide copy_folio_from_iter() mm: Define struct folio_queue and ITER_FOLIOQ to handle a sequence of folios netfs: Use bh-disabling spinlocks for rreq->lock netfs: Set the request work function upon allocation netfs: Remove NETFS_COPY_TO_CACHE netfs: Reserve netfs_sreq_source 0 as unset/unknown netfs: Move max_len/max_nr_segs from netfs_io_subrequest to netfs_io_stream netfs, cifs: Move CIFS_INO_MODIFIED_ATTR to netfs_inode ... Signed-off-by: Christian Brauner commit 4aa571d67e81b5b213abf9b4daa5523beb0e58e8 Author: David Howells Date: Fri Jul 26 22:15:48 2024 +0100 cifs: Don't support ITER_XARRAY There's now no need to support ITER_XARRAY in cifs as netfslib hands down ITER_FOLIOQ instead - and that's simpler to use with iterate_and_advance() as it doesn't hold the RCU read lock over the step function. This is part of the process of phasing out ITER_XARRAY. Signed-off-by: David Howells cc: Steve French cc: Paulo Alcantara cc: Tom Talpey cc: Enzo Matsumiya cc: linux-cifs@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-26-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit a2906d3316fc19bf0ade84618bb73eab604c447e Author: David Howells Date: Fri Jul 26 17:46:42 2024 +0100 cifs: Switch crypto buffer to use a folio_queue rather than an xarray Switch cifs from using an xarray to hold the transport crypto buffer to using a folio_queue and use ITER_FOLIOQ rather than ITER_XARRAY. This is part of the process of phasing out ITER_XARRAY. Signed-off-by: David Howells cc: Steve French cc: Paulo Alcantara cc: Tom Talpey cc: Enzo Matsumiya cc: linux-cifs@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-25-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 2982c8c19bab020e38da9d503aa21a3b389c53ac Author: David Howells Date: Fri Jul 26 20:03:07 2024 +0100 cifs: Use iterate_and_advance*() routines directly for hashing Replace the bespoke cifs iterators of ITER_BVEC and ITER_KVEC to do hashing with iterate_and_advance_kernel() - a variant on iterate_and_advance() that only supports kernel-internal ITER_* types and not UBUF/IOVEC types. The bespoke ITER_XARRAY is left because we don't really want to be calling crypto_shash_update() under the RCU read lock for large amounts of data; besides, ITER_XARRAY is going to be phased out. Signed-off-by: David Howells cc: Steve French cc: Paulo Alcantara cc: Tom Talpey cc: Enzo Matsumiya cc: linux-cifs@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-24-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 8f246b7c0a1be0882374f2ff831a61f0dbe77678 Author: David Howells Date: Mon Jul 29 12:23:11 2024 +0100 netfs: Cancel dirty folios that have no storage destination Kafs wants to be able to cache the contents of directories (and symlinks), but whilst these are downloaded from the server with the FS.FetchData RPC op and similar, the same as for regular files, they can't be updated by FS.StoreData, but rather have special operations (FS.MakeDir, etc.). Now, rather than redownloading a directory's content after each change made to that directory, kafs modifies the local blob. This blob can be saved out to the cache, and since it's using netfslib, kafs just marks the folios dirty and lets ->writepages() on the directory take care of it, as for an regular file. This is fine as long as there's a cache as although the upload stream is disabled, there's a cache stream to drive the procedure. But if the cache goes away in the meantime, suddenly there's no way do any writes and the code gets confused, complains "R=%x: No submit" to dmesg and leaves the dirty folio hanging. Fix this by just cancelling the store of the folio if neither stream is active. (If there's no cache at the time of dirtying, we should just not mark the folio dirty). Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-23-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit c4f1450ecccc5311db87f806998eda1c824c4e35 Author: David Howells Date: Fri Jul 12 12:44:30 2024 +0100 cachefiles, netfs: Fix write to partial block at EOF Because it uses DIO writes, cachefiles is unable to make a write to the backing file if that write is not aligned to and sized according to the backing file's DIO block alignment. This makes it tricky to handle a write to the cache where the EOF on the network file is not correctly aligned. To get around this, netfslib attempts to tell the driver it is calling how much more data there is available beyond the EOF that it can use to pad the write (netfslib preclears the part of the folio above the EOF). However, it tries to tell the cache what the maximum length is, but doesn't calculate this correctly; and, in any case, cachefiles actually ignores the value and just skips the block. Fix this by: (1) Change the value passed to indicate the amount of extra data that can be added to the operation (now ->submit_extendable_to). This is much simpler to calculate as it's just the end of the folio minus the top of the data within the folio - rather than having to account for data spread over multiple folios. (2) Make cachefiles add some of this data if the subrequest it is given ends at the network file's i_size if the extra data is sufficient to pad out to a whole block. Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-22-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 86b374d061ee0dc1cf15b56659ab13542518770a Author: David Howells Date: Thu Jul 4 16:22:51 2024 +0100 netfs: Remove fs/netfs/io.c Remove fs/netfs/io.c as it is no longer used. Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-21-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit ee4cdf7ba857a894ad1650d6ab77669cbbfa329e Author: David Howells Date: Tue Jul 2 00:40:22 2024 +0100 netfs: Speed up buffered reading Improve the efficiency of buffered reads in a number of ways: (1) Overhaul the algorithm in general so that it's a lot more compact and split the read submission code between buffered and unbuffered versions. The unbuffered version can be vastly simplified. (2) Read-result collection is handed off to a work queue rather than being done in the I/O thread. Multiple subrequests can be processes simultaneously. (3) When a subrequest is collected, any folios it fully spans are collected and "spare" data on either side is donated to either the previous or the next subrequest in the sequence. Notes: (*) Readahead expansion is massively slows down fio, presumably because it causes a load of extra allocations, both folio and xarray, up front before RPC requests can be transmitted. (*) RDMA with cifs does appear to work, both with SIW and RXE. (*) PG_private_2-based reading and copy-to-cache is split out into its own file and altered to use folio_queue. Note that the copy to the cache now creates a new write transaction against the cache and adds the folios to be copied into it. This allows it to use part of the writeback I/O code. Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-20-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 2e45b922977c07bb339d76fd45e68f9b907fef7d Author: David Howells Date: Thu Jun 13 16:58:34 2024 +0100 afs: Make read subreqs async Perform AFS read subrequests in a work item rather than in the calling thread. For normal buffered reads, this will allow the calling thread to copy data from the pagecache to the application at the same time as the demarshalling thread is shovelling data from skbuffs into the pagecache. This will also allow the RA mark to trigger a new read before we've finished shovelling the data from the current one. Note: This would be a bit safer if the FS.FetchData RPC ops returned the metadata (including the data version number) before returning the data. This would allow me to flush the pagecache before installing the new data. In future, it may be possible to asynchronously flush the pagecache either side of the region being read. Signed-off-by: David Howells cc: Marc Dionne cc: Jeff Layton cc: linux-afs@lists.infradead.org cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-19-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 983cdcf8fe141b0ce16bc71959a5dc55bcb0764d Author: David Howells Date: Thu Jun 6 07:48:55 2024 +0100 netfs: Simplify the writeback code Use the new folio_queue structures to simplify the writeback code. The problem with referring to the i_pages xarray directly is that we may have gaps in the sequence of folios we're writing from that we need to skip when we're removing the writeback mark from the folios we're writing back from. At the moment the code tries to deal with this by carefully tracking the gaps in each writeback stream (eg. write to server and write to cache) and divining when there's a gap that spans folios (something that's not helped by folios not being a consistent size). Instead, the folio_queue buffer contains pointers only the folios we're dealing with, has them in ascending order and indicates a gap by placing non-consequitive folios next to each other. This makes it possible to track where we need to clean up to by just keeping track of where we've processed to on each stream and taking the minimum. Note that the I/O iterator is always rounded up to the end of the folio, even if that is beyond the EOF position, so that the cache can do DIO from the page. The excess space is cleared, though mmapped writes clobber it. Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-18-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit bfaa33b8ba196f9506a45e5a36e968f087c8cd16 Author: David Howells Date: Mon Jul 8 14:49:45 2024 +0100 netfs: Provide an iterator-reset function Provide a function to reset the iterator on a subrequest. Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-17-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit cd0277ed0c188dd40e7744e89299af7b78831ca4 Author: David Howells Date: Wed May 29 21:47:07 2024 +0100 netfs: Use new folio_queue data type and iterator instead of xarray iter Make the netfs write-side routines use the new folio_queue struct to hold a rolling buffer of folios, with the issuer adding folios at the tail and the collector removing them from the head as they're processed instead of using an xarray. This will allow a subsequent patch to simplify the write collector. The primary mark (as tested by folioq_is_marked()) is used to note if the corresponding folio needs putting. Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-16-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit c45ebd636c32d33c75e51ce977520ff146bd41a1 Author: David Howells Date: Fri Jul 26 22:20:54 2024 +0100 cifs: Provide the capability to extract from ITER_FOLIOQ to RDMA SGEs Make smb_extract_iter_to_rdma() extract page fragments from an ITER_FOLIOQ iterator into RDMA SGEs. Signed-off-by: David Howells cc: Steve French cc: Paulo Alcantara cc: Tom Talpey cc: Enzo Matsumiya cc: linux-cifs@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-15-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 197a3de607d92b3d72e69edf5470e0a8fae548cc Author: David Howells Date: Wed Aug 14 16:14:21 2024 +0100 iov_iter: Provide copy_folio_from_iter() Provide a copy_folio_from_iter() wrapper. Signed-off-by: David Howells cc: Alexander Viro cc: Christian Brauner cc: Matthew Wilcox cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org cc: linux-mm@kvack.org Link: https://lore.kernel.org/r/20240814203850.2240469-14-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit db0aa2e9566fda2d23dc8f6c102856ead95578a4 Author: David Howells Date: Wed Jun 19 00:20:42 2024 +0100 mm: Define struct folio_queue and ITER_FOLIOQ to handle a sequence of folios Define a data structure, struct folio_queue, to represent a sequence of folios and a kernel-internal I/O iterator type, ITER_FOLIOQ, to allow a list of folio_queue structures to be used to provide a buffer to iov_iter-taking functions, such as sendmsg and recvmsg. The folio_queue structure looks like: struct folio_queue { struct folio_batch vec; u8 orders[PAGEVEC_SIZE]; struct folio_queue *next; struct folio_queue *prev; unsigned long marks; unsigned long marks2; }; It does not use a list_head so that next and/or prev can be set to NULL at the ends of the list, allowing iov_iter-handling routines to determine that they *are* the ends without needing to store a head pointer in the iov_iter struct. A folio_batch struct is used to hold the folio pointers which allows the batch to be passed to batch handling functions. Two mark bits are available per slot. The intention is to use at least one of them to mark folios that need putting, but that might not be ultimately necessary. Accessor functions are used to access the slots to do the masking and an additional accessor function is used to indicate the size of the array. The order of each folio is also stored in the structure to avoid the need for iov_iter_advance() and iov_iter_revert() to have to query each folio to find its size. With careful barriering, this can be used as an extending buffer with new folios inserted and new folio_queue structs added without the need for a lock. Further, provided we always keep at least one struct in the buffer, we can also remove consumed folios and consumed structs from the head end as we without the need for locks. [Questions/thoughts] (1) To manage this, I need a head pointer, a tail pointer, a tail slot number (assuming insertion happens at the tail end and the next pointers point from head to tail). Should I put these into a struct of their own, say "folio_queue_head" or "rolling_buffer"? I will end up with two of these in netfs_io_request eventually, one keeping track of the pagecache I'm dealing with for buffered I/O and the other to hold a bounce buffer when we need one. (2) Should I make the slots {folio,off,len} or bio_vec? (3) This is intended to replace ITER_XARRAY eventually. Using an xarray in I/O iteration requires the taking of the RCU read lock, doing copying under the RCU read lock, walking the xarray (which may change under us), handling retries and dealing with special values. The advantage of ITER_XARRAY is that when we're dealing with the pagecache directly, we don't need any allocation - but if we're doing encrypted comms, there's a good chance we'd be using a bounce buffer anyway. This will require afs, erofs, cifs, orangefs and fscache to be converted to not use this. afs still uses it for dirs and symlinks; some of erofs usages should be easy to change, but there's one which won't be so easy; ceph's use via fscache can be fixed by porting ceph to netfslib; cifs is using xarray as a bounce buffer - that can be moved to use sheaves instead; and orangefs has a similar problem to erofs - maybe orangefs could use netfslib? Signed-off-by: David Howells cc: Matthew Wilcox cc: Jeff Layton cc: Steve French cc: Ilya Dryomov cc: Gao Xiang cc: Mike Marshall cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org cc: linux-mm@kvack.org cc: linux-afs@lists.infradead.org cc: linux-cifs@vger.kernel.org cc: ceph-devel@vger.kernel.org cc: linux-erofs@lists.ozlabs.org cc: devel@lists.orangefs.org Link: https://lore.kernel.org/r/20240814203850.2240469-13-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 70a6587dca37a3cf12ab323f7fd73266abfc274f Author: Imre Deak Date: Mon Sep 9 17:46:50 2024 +0300 drm/dp_mst: Fix DSC decompression detection in Synaptics branch devices Atm it's assumed that all Synaptics MST branch devices support DSC, which is not exposed via a DP-to-DP peer device, rather a control flag in the branch device's UFP DPCD applying to all the streams going through it. This isn't true for all adapters with this branch device though (for instance the Cakitte USBC->2xHDMI adapter reported in the Closes link below doesn't support DSC). Fix the above by advertising the DSC decompression support only if the capability flag for this in the UFP DPCD is actually set. Cc: Lyude Paul Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/12047 Signed-off-by: Imre Deak Reviewed-by: Lyude Paul Link: https://patchwork.freedesktop.org/patch/msgid/20240909144650.2931258-1-imre.deak@intel.com commit 2077006d4725c82c6e9612cec3a6c140921b067f Author: Christian Brauner Date: Tue Sep 10 10:16:39 2024 +0200 uidgid: make sure we fit into one cacheline When I expanded uidgid mappings I intended for a struct uid_gid_map to fit into a single cacheline on x86 as they tend to be pretty performance sensitive (idmapped mounts etc). But a 4 byte hole was added that brought it over 64 bytes. Fix that by adding the static extent array and the extent counter into a substruct. C's type punning for unions guarantees that we can access ->nr_extents even if the last written to member wasn't within the same object. This is also what we rely on in struct_group() and friends. This of course relies on non-strict aliasing which we don't do. 99) If the member used to read the contents of a union object is not the same as the member last used to store a value in the object, the appropriate part of the object representation of the value is reinterpreted as an object representation in the new type as described in 6.2.6 (a process sometimes called "type punning"). Link: https://www.open-std.org/jtc1/sc22/wg14/www/docs/n2310.pdf Link: https://lore.kernel.org/r/20240910-work-uid_gid_map-v1-1-e6bc761363ed@kernel.org Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 24a988f75c8a5f16ef935c51039700e985767eb9 Merge: 0f389adb4b80ee 11068e0b64cbb5 Author: Christian Brauner Date: Sun Sep 8 08:58:01 2024 +0200 Merge patch series "file: remove f_version" Christian Brauner says: The f_version member in struct file isn't particularly well-defined. It is mainly used as a cookie to detect concurrent seeks when iterating directories. But it is also abused by some subsystems for completely unrelated things. It is mostly a directory specific thing that doesn't really need to live in struct file and with its wonky semantics it really lacks a specific function. For pipes, f_version is (ab)used to defer poll notifications until a write has happened. And struct pipe_inode_info is used by multiple struct files in their ->private_data so there's no chance of pushing that down into file->private_data without introducing another pointer indirection. But this should be a solvable problem. Only regular files with FMODE_ATOMIC_POS and directories require f_pos_lock. Pipes and other files don't. So this adds a union into struct file encompassing f_pos_lock and a pipe specific f_pipe member that pipes can use. This union of course can be extended to other file types and is similar to what we do in struct inode already. * patches from https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-0-6d3e4816aa7b@kernel.org: fs: remove f_version pipe: use f_pipe fs: add f_pipe ubifs: store cookie in private data ufs: store cookie in private data udf: store cookie in private data proc: store cookie in private data ocfs2: store cookie in private data input: remove f_version abuse ext4: store cookie in private data ext2: store cookie in private data affs: store cookie in private data fs: add generic_llseek_cookie() fs: use must_set_pos() fs: add must_set_pos() fs: add vfs_setpos_cookie() s390: remove unused f_version ceph: remove unused f_version adi: remove unused f_version file: remove pointless comment Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-0-6d3e4816aa7b@kernel.org Signed-off-by: Christian Brauner commit 11068e0b64cbb540b96e577fcca0926242ecaf58 Author: Christian Brauner Date: Fri Aug 30 15:05:01 2024 +0200 fs: remove f_version Now that detecting concurrent seeks is done by the filesystems that require it we can remove f_version and free up 8 bytes for future extensions. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-20-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 5a957bbac3ab9808a8df711a269e4d18f84e9e4a Author: Christian Brauner Date: Fri Aug 30 15:05:00 2024 +0200 pipe: use f_pipe Pipes use f_version to defer poll notifications until a write has been observed. Since multiple file's refer to the same struct pipe_inode_info in their ->private_data moving it into their isn't feasible since we would need to introduce an additional pointer indirection. However, since pipes don't require f_pos_lock we placed a new f_pipe member into a union with f_pos_lock that pipes can use. This is similar to what we already do for struct inode where we have additional fields per file type. This will allow us to fully remove f_version in the next step. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-19-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 5e9b50dea970ae6d3e1309d4254157099734a2af Author: Christian Brauner Date: Fri Aug 30 15:04:59 2024 +0200 fs: add f_pipe Only regular files with FMODE_ATOMIC_POS and directories need f_pos_lock. Place a new f_pipe member in a union with f_pos_lock that they can use and make them stop abusing f_version in follow-up patches. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-18-6d3e4816aa7b@kernel.org Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 1146e5a69efca76501378f748388fd7742ad09cf Author: Christian Brauner Date: Fri Aug 30 15:04:58 2024 +0200 ubifs: store cookie in private data Store the cookie to detect concurrent seeks on directories in file->private_data. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-17-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 0bea8287df6c86cacaf34eef167f23dcc5dbcede Author: Christian Brauner Date: Fri Aug 30 15:04:57 2024 +0200 ufs: store cookie in private data Store the cookie to detect concurrent seeks on directories in file->private_data. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-16-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 3dd4624ffcd2e6e5d2cee5a6c234774ce27e1f04 Author: Christian Brauner Date: Fri Aug 30 15:04:56 2024 +0200 udf: store cookie in private data Store the cookie to detect concurrent seeks on directories in file->private_data. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-15-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit b4dba2efa8106002076b070fdff24ed6bf1ea87b Author: Christian Brauner Date: Fri Aug 30 15:04:55 2024 +0200 proc: store cookie in private data Store the cookie to detect concurrent seeks on directories in file->private_data. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-14-6d3e4816aa7b@kernel.org Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit ceaa5e80db7c73321c89fda39c3c8c78817aecd2 Author: Christian Brauner Date: Fri Aug 30 15:04:54 2024 +0200 ocfs2: store cookie in private data Store the cookie to detect concurrent seeks on directories in file->private_data. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-13-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 7a7ce8b3ba66754f5d275a71630b4ee8b507d266 Author: Christian Brauner Date: Fri Aug 30 15:04:53 2024 +0200 input: remove f_version abuse f_version is removed from struct file. Make input stop abusing f_version for stashing information for poll. Move the input state counter into input_seq_state and allocate it via seq_private_open() and free via seq_release_private(). Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-12-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 717338e2b23309470e218f0c58177ece62b8d458 Merge: d0fa06408ccf96 2c09b50efcad98 Author: Marc Kleine-Budde Date: Thu Sep 12 09:47:36 2024 +0200 Merge patch series "can: m_can: fix struct net_device_ops::{open,stop} callbacks under high bus load" Marc Kleine-Budde says: Under high CAN-bus load the struct net_device_ops::{open,stop} callbacks (m_can_open(), m_can_close()) don't properly start and shutdown the device. Fix the problems by re-arranging the order of functions in m_can_open() and m_can_close(). Link: https://patch.msgid.link/20240910-can-m_can-fix-ifup-v3-0-6c1720ba45ce@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 2c09b50efcad985cf920ca88baa9aa52b1999dcc Author: Marc Kleine-Budde Date: Mon Sep 9 15:07:41 2024 +0200 can: m_can: m_can_close(): stop clocks after device has been shut down After calling m_can_stop() an interrupt may be pending or NAPI might still be executed. This means the driver might still touch registers of the IP core after the clocks have been disabled. This is not good practice and might lead to aborts depending on the SoC integration. To avoid these potential problems, make m_can_close() symmetric to m_can_open(), i.e. stop the clocks at the end, right before shutting down the transceiver. Fixes: e0d1f4816f2a ("can: m_can: add Bosch M_CAN controller support") Link: https://patch.msgid.link/20240910-can-m_can-fix-ifup-v3-2-6c1720ba45ce@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 801ad2f87b0c6d0c34a75a4efd6bfd3a2d9f9298 Author: Jake Hamby Date: Fri Sep 6 23:19:51 2024 +0000 can: m_can: enable NAPI before enabling interrupts If an interrupt (RX-complete or error flag) is set when bringing up the CAN device, e.g. due to CAN bus traffic before initializing the device, when m_can_start() is called and interrupts are enabled, m_can_isr() is called immediately, which disables all CAN interrupts and calls napi_schedule(). Because napi_enable() isn't called until later in m_can_open(), the call to napi_schedule() never schedules the m_can_poll() callback and the device is left with interrupts disabled and can't receive any CAN packets until rebooted. This can be verified by running "cansend" from another device before setting the bitrate and calling "ip link set up can0" on the test device. Adding debug lines to m_can_isr() shows it's called with flags (IR_EP | IR_EW | IR_CRCE), which calls m_can_disable_all_interrupts() and napi_schedule(), and then m_can_poll() is never called. Move the call to napi_enable() above the call to m_can_start() to enable any initial interrupt flags to be handled by m_can_poll() so that interrupts are reenabled. Add a call to napi_disable() in the error handling section of m_can_open(), to handle the case where later functions return errors. Also, in m_can_close(), move the call to napi_disable() below the call to m_can_stop() to ensure all interrupts are handled when bringing down the device. This race condition is much less likely to occur. Tested on a Microchip SAMA7G54 MPU. The fix should be applicable to any SoC with a Bosch M_CAN controller. Signed-off-by: Jake Hamby Fixes: e0d1f4816f2a ("can: m_can: add Bosch M_CAN controller support") Link: https://patch.msgid.link/20240910-can-m_can-fix-ifup-v3-1-6c1720ba45ce@pengutronix.de Signed-off-by: Marc Kleine-Budde commit d0fa06408ccf96b1d3d93d97fad6618e942efd38 Author: Martin Jocic Date: Mon Sep 9 13:35:12 2024 +0200 can: kvaser_pciefd: Enable 64-bit DMA addressing Enabling 64-bit addressing for DMA buffers will prevent issues on some memory constrained platforms like e.g. Raspberry Pi 5, where the driver won't load because it cannot allocate enough continuous memory in the default 32-bit memory address range. Signed-off-by: Martin Jocic Link: https://patch.msgid.link/d7340f78e3db305bfeeb8229d2dd1c9077e10b92.1725875278.git.martin.jocic@kvaser.com Signed-off-by: Marc Kleine-Budde commit 75b3189540578f96b4996e4849b6649998f49455 Author: Stefan Mätje Date: Thu Sep 5 00:27:40 2024 +0200 can: esd_usb: Remove CAN_CTRLMODE_3_SAMPLES for CAN-USB/3-FD Remove the CAN_CTRLMODE_3_SAMPLES announcement for CAN-USB/3-FD devices because these devices don't support it. The hardware has a Microchip SAM E70 microcontroller that uses a Bosch MCAN IP core as CAN FD controller. But this MCAN core doesn't support triple sampling. Fixes: 80662d943075 ("can: esd_usb: Add support for esd CAN-USB/3") Cc: stable@vger.kernel.org Signed-off-by: Stefan Mätje Reviewed-by: Vincent Mailhol Link: https://patch.msgid.link/20240904222740.2985864-2-stefan.maetje@esd.eu Signed-off-by: Marc Kleine-Budde commit 94b0818fa63555a65f6ba107080659ea6bcca63e Author: Kuniyuki Iwashima Date: Wed Sep 4 18:22:37 2024 -0700 can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). syzbot reported a warning in bcm_release(). [0] The blamed change fixed another warning that is triggered when connect() is issued again for a socket whose connect()ed device has been unregistered. However, if the socket is just close()d without the 2nd connect(), the remaining bo->bcm_proc_read triggers unnecessary remove_proc_entry() in bcm_release(). Let's clear bo->bcm_proc_read after remove_proc_entry() in bcm_notify(). [0] name '4986' WARNING: CPU: 0 PID: 5234 at fs/proc/generic.c:711 remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711 Modules linked in: CPU: 0 UID: 0 PID: 5234 Comm: syz-executor606 Not tainted 6.11.0-rc5-syzkaller-00178-g5517ae241919 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 RIP: 0010:remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711 Code: ff eb 05 e8 cb 1e 5e ff 48 8b 5c 24 10 48 c7 c7 e0 f7 aa 8e e8 2a 38 8e 09 90 48 c7 c7 60 3a 1b 8c 48 89 de e8 da 42 20 ff 90 <0f> 0b 90 90 48 8b 44 24 18 48 c7 44 24 40 0e 36 e0 45 49 c7 04 07 RSP: 0018:ffffc9000345fa20 EFLAGS: 00010246 RAX: 2a2d0aee2eb64600 RBX: ffff888032f1f548 RCX: ffff888029431e00 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffffc9000345fb08 R08: ffffffff8155b2f2 R09: 1ffff1101710519a R10: dffffc0000000000 R11: ffffed101710519b R12: ffff888011d38640 R13: 0000000000000004 R14: 0000000000000000 R15: dffffc0000000000 FS: 0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fcfb52722f0 CR3: 000000000e734000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: bcm_release+0x250/0x880 net/can/bcm.c:1578 __sock_release net/socket.c:659 [inline] sock_close+0xbc/0x240 net/socket.c:1421 __fput+0x24a/0x8a0 fs/file_table.c:422 task_work_run+0x24f/0x310 kernel/task_work.c:228 exit_task_work include/linux/task_work.h:40 [inline] do_exit+0xa2f/0x27f0 kernel/exit.c:882 do_group_exit+0x207/0x2c0 kernel/exit.c:1031 __do_sys_exit_group kernel/exit.c:1042 [inline] __se_sys_exit_group kernel/exit.c:1040 [inline] __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1040 x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fcfb51ee969 Code: Unable to access opcode bytes at 0x7fcfb51ee93f. RSP: 002b:00007ffce0109ca8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fcfb51ee969 RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 RBP: 00007fcfb526f3b0 R08: ffffffffffffffb8 R09: 0000555500000000 R10: 0000555500000000 R11: 0000000000000246 R12: 00007fcfb526f3b0 R13: 0000000000000000 R14: 00007fcfb5271ee0 R15: 00007fcfb51bf160 Fixes: 76fe372ccb81 ("can: bcm: Remove proc entry when dev is unregistered.") Reported-by: syzbot+0532ac7a06fb1a03187e@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=0532ac7a06fb1a03187e Tested-by: syzbot+0532ac7a06fb1a03187e@syzkaller.appspotmail.com Signed-off-by: Kuniyuki Iwashima Reviewed-by: Vincent Mailhol Link: https://patch.msgid.link/20240905012237.79683-1-kuniyu@amazon.com Signed-off-by: Marc Kleine-Budde commit 17a0005644994087794f6552d7a5e105d6976184 Merge: f6254690512663 0746096faca018 Author: Marc Zyngier Date: Thu Sep 12 08:38:17 2024 +0100 Merge branch kvm-arm64/visibility-cleanups into kvmarm-master/next * kvm-arm64/visibility-cleanups: : . : Remove REG_HIDDEN_USER from the sysreg infrastructure, making things : a little more simple. From the cover letter: : : "Since 4d4f52052ba8 ("KVM: arm64: nv: Drop EL12 register traps that are : redirected to VNCR") and the admission that KVM would never be supporting : the original FEAT_NV, REG_HIDDEN_USER only had a few users, all of which : could either be replaced by a more ad-hoc mechanism, or removed altogether." : . KVM: arm64: Get rid of REG_HIDDEN_USER visibility qualifier KVM: arm64: Simplify visibility handling of AArch32 SPSR_* KVM: arm64: Simplify handling of CNTKCTL_EL12 Signed-off-by: Marc Zyngier commit f625469051266311e19245ef427f23a6a3c3f4aa Merge: 2e0f239457c107 7c4f73548ed154 Author: Marc Zyngier Date: Thu Sep 12 08:38:02 2024 +0100 Merge branch kvm-arm64/s2-ptdump into kvmarm-master/next * kvm-arm64/s2-ptdump: : . : Stage-2 page table dumper, reusing the main ptdump infrastructure, : courtesy of Sebastian Ene. From the cover letter: : : "This series extends the ptdump support to allow dumping the guest : stage-2 pagetables. When CONFIG_PTDUMP_STAGE2_DEBUGFS is enabled, ptdump : registers the new following files under debugfs: : - /sys/debug/kvm//stage2_page_tables : - /sys/debug/kvm//stage2_levels : - /sys/debug/kvm//ipa_range : : This allows userspace tools (eg. cat) to dump the stage-2 pagetables by : reading the 'stage2_page_tables' file. : [...]" : . KVM: arm64: Register ptdump with debugfs on guest creation arm64: ptdump: Don't override the level when operating on the stage-2 tables arm64: ptdump: Use the ptdump description from a local context arm64: ptdump: Expose the attribute parsing functionality KVM: arm64: Move pagetable definitions to common header Signed-off-by: Marc Zyngier commit 2e0f239457c1076e09b36350cbbdb2ed25997a1f Merge: f77e63e2748be6 ff987ffc0c18c9 Author: Marc Zyngier Date: Thu Sep 12 08:37:47 2024 +0100 Merge branch kvm-arm64/nv-at-pan into kvmarm-master/next * kvm-arm64/nv-at-pan: : . : Add NV support for the AT family of instructions, which mostly results : in adding a page table walker that deals with most of the complexity : of the architecture. : : From the cover letter: : : "Another task that a hypervisor supporting NV on arm64 has to deal with : is to emulate the AT instruction, because we multiplex all the S1 : translations on a single set of registers, and the guest S2 is never : truly resident on the CPU. : : So given that we lie about page tables, we also have to lie about : translation instructions, hence the emulation. Things are made : complicated by the fact that guest S1 page tables can be swapped out, : and that our shadow S2 is likely to be incomplete. So while using AT : to emulate AT is tempting (and useful), it is not going to always : work, and we thus need a fallback in the shape of a SW S1 walker." : . KVM: arm64: nv: Add support for FEAT_ATS1A KVM: arm64: nv: Plumb handling of AT S1* traps from EL2 KVM: arm64: nv: Make AT+PAN instructions aware of FEAT_PAN3 KVM: arm64: nv: Sanitise SCTLR_EL1.EPAN according to VM configuration KVM: arm64: nv: Add SW walker for AT S1 emulation KVM: arm64: nv: Make ps_to_output_size() generally available KVM: arm64: nv: Add emulation of AT S12E{0,1}{R,W} KVM: arm64: nv: Add basic emulation of AT S1E2{R,W} KVM: arm64: nv: Add basic emulation of AT S1E1{R,W}P KVM: arm64: nv: Add basic emulation of AT S1E{0,1}{R,W} KVM: arm64: nv: Honor absence of FEAT_PAN2 KVM: arm64: nv: Turn upper_attr for S2 walk into the full descriptor KVM: arm64: nv: Enforce S2 alignment when contiguous bit is set arm64: Add ESR_ELx_FSC_ADDRSZ_L() helper arm64: Add system register encoding for PSTATE.PAN arm64: Add PAR_EL1 field description arm64: Add missing APTable and TCR_ELx.HPD masks KVM: arm64: Make kvm_at() take an OP_AT_* Signed-off-by: Marc Zyngier # Conflicts: # arch/arm64/kvm/nested.c commit f77e63e2748be6768e6e15158a3aacb2e21e4259 Merge: acf2ab289970a0 54306f564441f6 Author: Marc Zyngier Date: Thu Sep 12 08:37:20 2024 +0100 Merge branch kvm-arm64/selftests-6.12 into kvmarm-master/next * kvm-arm64/selftests-6.12: : . : KVM/arm64 selftest updates for 6.12 : : - Check for a bunch of timer emulation corner cases (COlton Lewis) : . KVM: arm64: selftests: Add arch_timer_edge_cases selftest KVM: arm64: selftests: Ensure pending interrupts are handled in arch_timer test Signed-off-by: Marc Zyngier commit acf2ab289970a0c1c1ec797dccdaacd194524d6b Merge: 091258a0a0f894 4641c7ea88d102 Author: Marc Zyngier Date: Thu Sep 12 08:37:06 2024 +0100 Merge branch kvm-arm64/vgic-sre-traps into kvmarm-master/next * kvm-arm64/vgic-sre-traps: : . : Fix the multiple of cases where KVM/arm64 doesn't correctly : handle the guest trying to use a GICv3 that isn't advertised. : : From the cover letter: : : "It recently appeared that, when running on a GICv3-equipped platform : (which is what non-ancient arm64 HW has), *not* configuring a GICv3 : for the guest could result in less than desirable outcomes. : : We have multiple issues to fix: : : - for registers that *always* trap (the SGI registers) or that *may* : trap (the SRE register), we need to check whether a GICv3 has been : instantiated before acting upon the trap. : : - for registers that only conditionally trap, we must actively trap : them even in the absence of a GICv3 being instantiated, and handle : those traps accordingly. : : - finally, ID registers must reflect the absence of a GICv3, so that : we are consistent. : : This series goes through all these requirements. The main complexity : here is to apply a GICv3 configuration on the host in the absence of a : GICv3 in the guest. This is pretty hackish, but I don't have a much : better solution so far. : : As part of making wider use of of the trap bits, we fully define the : trap routing as per the architecture, something that we eventually : need for NV anyway." : . KVM: arm64: selftests: Cope with lack of GICv3 in set_id_regs KVM: arm64: Add selftest checking how the absence of GICv3 is handled KVM: arm64: Unify UNDEF injection helpers KVM: arm64: Make most GICv3 accesses UNDEF if they trap KVM: arm64: Honor guest requested traps in GICv3 emulation KVM: arm64: Add trap routing information for ICH_HCR_EL2 KVM: arm64: Add ICH_HCR_EL2 to the vcpu state KVM: arm64: Zero ID_AA64PFR0_EL1.GIC when no GICv3 is presented to the guest KVM: arm64: Add helper for last ditch idreg adjustments KVM: arm64: Force GICv3 trap activation when no irqchip is configured on VHE KVM: arm64: Force SRE traps when SRE access is not enabled KVM: arm64: Move GICv3 trap configuration to kvm_calculate_traps() Signed-off-by: Marc Zyngier commit 091258a0a0f894981e2dc7e35a1c709fc0257aa6 Merge: 8884fd12f2807b 13c7a51eeb747e Author: Marc Zyngier Date: Thu Sep 12 08:36:41 2024 +0100 Merge branch kvm-arm64/fpmr into kvmarm-master/next * kvm-arm64/fpmr: : . : Add FP8 support to the KVM/arm64 floating point handling. : : This includes new ID registers (ID_AA64PFR2_EL1 ID_AA64FPFR0_EL1) : being made visible to guests, as well as a new confrol register : (FPMR) which gets context-switched. : . KVM: arm64: Expose ID_AA64PFR2_EL1 to userspace and guests KVM: arm64: Enable FP8 support when available and configured KVM: arm64: Expose ID_AA64FPFR0_EL1 as a writable ID reg KVM: arm64: Honor trap routing for FPMR KVM: arm64: Add save/restore support for FPMR KVM: arm64: Move FPMR into the sysreg array KVM: arm64: Add predicate for FPMR support in a VM KVM: arm64: Move SVCR into the sysreg array Signed-off-by: Marc Zyngier commit 8884fd12f2807be3f7ba76bee7387d68e61e4a31 Merge: 0d56099ed557ce f26a525b77e040 Author: Marc Zyngier Date: Thu Sep 12 08:36:36 2024 +0100 Merge branch kvm-arm64/mmu-misc-6.12 into kvmarm-master/next * kvm-arm64/mmu-misc-6.12: : . : Various minor MMU improvements and bug-fixes: : : - Prevent MTE tags being restored by userspace if we are actively : logging writes, as that's a recipe for disaster : : - Correct the refcount on a page that is not considered for MTE : tag copying (such as a device) : : - When walking a page table to split blocks, keep the DSB at the end : the walk, as there is no need to perform it on every store. : : - Fix boundary check when transfering memory using FFA : . KVM: arm64: Add memory length checks and remove inline in do_ffa_mem_xfer KVM: arm64: Disallow copying MTE to guest memory while KVM is dirty logging KVM: arm64: Release pfn, i.e. put page, if copying MTE tags hits ZONE_DEVICE KVM: arm64: Move data barrier to end of split walk Signed-off-by: Marc Zyngier commit 3ab9d8d1b50b516507655b10e19d8e624ad1d79c Author: Jason Gunthorpe Date: Tue Sep 10 17:00:34 2024 -0300 iommu/amd: Test for PAGING domains before freeing a domain This domain free function can be called for IDENTITY and SVA domains too, and they don't have page tables. For now protect against this by checking the type. Eventually the different types should have their own free functions. Fixes: 485534bfccb2 ("iommu/amd: Remove conditions from domain free paths") Reported-by: Vasant Hegde Signed-off-by: Jason Gunthorpe Reviewed-by: Vasant Hegde Link: https://lore.kernel.org/r/0-v1-ad9884ee5f5b+da-amd_iopgtbl_fix_jgg@nvidia.com Signed-off-by: Joerg Roedel commit 8386207f37e98453e1de3f51e50eeeea089103f9 Author: Eliav Bar-ilan Date: Tue Sep 10 16:44:16 2024 -0300 iommu/amd: Fix argument order in amd_iommu_dev_flush_pasid_all() An incorrect argument order calling amd_iommu_dev_flush_pasid_pages() causes improper flushing of the IOMMU, leaving the old value of GCR3 from a previous process attached to the same PASID. The function has the signature: void amd_iommu_dev_flush_pasid_pages(struct iommu_dev_data *dev_data, ioasid_t pasid, u64 address, size_t size) Correct the argument order. Cc: stable@vger.kernel.org Fixes: 474bf01ed9f0 ("iommu/amd: Add support for device based TLB invalidation") Signed-off-by: Eliav Bar-ilan Signed-off-by: Jason Gunthorpe Reviewed-by: Vasant Hegde Link: https://lore.kernel.org/r/0-v1-fc6bc37d8208+250b-amd_pasid_flush_jgg@nvidia.com Signed-off-by: Joerg Roedel commit f45cfab28fcd5ac67a38750b6c68316b26d35ac8 Author: Leon Romanovsky Date: Wed Sep 11 13:15:00 2024 +0300 dma-mapping: reliably inform about DMA support for IOMMU If the DMA IOMMU path is going to be used, the appropriate check should return that DMA is supported. Fixes: b5c58b2fdc42 ("dma-mapping: direct calls for dma-iommu") Closes: https://lore.kernel.org/all/181e06ff-35a3-434f-b505-672f430bd1cb@notapiano Reported-by: Nícolas F. R. A. Prado #KernelCI Signed-off-by: Leon Romanovsky Reviewed-by: Robin Murphy Tested-by: Nícolas F. R. A. Prado Signed-off-by: Christoph Hellwig commit e2c85d85a05f16af2223fcc0195ff50a7938b372 Author: Jinjie Ruan Date: Thu Sep 12 11:34:59 2024 +0800 i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() disable_irq() after request_irq() still has a time gap in which interrupts can come. request_irq() with IRQF_NO_AUTOEN flag will disable IRQ auto-enable when request IRQ. Fixes: 37692de5d523 ("i2c: i2c-qcom-geni: Add bus driver for the Qualcomm GENI I2C controller") Signed-off-by: Jinjie Ruan Cc: # v4.19+ Acked-by: Mukesh Kumar Savaliya Reviewed-by: Vladimir Zapolskiy Signed-off-by: Andi Shyti commit 0cf7befa3ea2e7284d8ba5b8f45a546865b09edb Author: Ayush Singh Date: Tue Sep 3 15:02:20 2024 +0530 greybus: gb-beagleplay: Add firmware upload API Register with firmware upload API to allow updating firmware on cc1352p7 without resorting to overlay for using the userspace flasher. Communication with the bootloader can be moved out of gb-beagleplay driver if required, but I am keeping it here since there are no immediate plans to use the on-board cc1352p7 for anything other than greybus (BeagleConnect Technology). Additionally, there do not seem to any other devices using cc1352p7 or it's cousins as a co-processor. Boot and Reset GPIOs are used to enable cc1352p7 bootloader backdoor for flashing. The delays while starting bootloader are taken from the userspace flasher since the technical specification does not provide sufficient information regarding it. Flashing is skipped in case we are trying to flash the same image as the one that is currently present. This is determined by CRC32 calculation of the supplied firmware and Flash data. We also do a CRC32 check after flashing to ensure that the firmware was flashed properly. Firmware size should be 704 KB. Link: https://www.ti.com/lit/ug/swcu192/swcu192.pdf Ti CC1352p7 Tecnical Specification Link: https://openbeagle.org/beagleconnect/cc1352-flasher Userspace Flasher Signed-off-by: Ayush Singh Link: https://lore.kernel.org/r/20240903-beagleplay_fw_upgrade-v4-3-526fc62204a7@beagleboard.org Signed-off-by: Greg Kroah-Hartman commit bc65745dc685d09a341dc1d4f83229e631a83fe3 Author: Ayush Singh Date: Tue Sep 3 15:02:19 2024 +0530 arm64: dts: ti: k3-am625-beagleplay: Add bootloader-backdoor-gpios to cc1352p7 Add bootloader-backdoor-gpios which is required for enabling bootloader backdoor for flashing firmware to cc1352p7. Also fix the incorrect reset-gpio. Signed-off-by: Ayush Singh Reviewed-by: Dhruva Gole Link: https://lore.kernel.org/r/20240903-beagleplay_fw_upgrade-v4-2-526fc62204a7@beagleboard.org Signed-off-by: Greg Kroah-Hartman commit e1fa41ba54b170a67a095fdddb2553d08d2d9c79 Author: Ayush Singh Date: Tue Sep 3 15:02:18 2024 +0530 dt-bindings: net: ti,cc1352p7: Add bootloader-backdoor-gpios bootloader-backdoor-gpio (along with reset-gpio) is used to enable bootloader backdoor for flashing new firmware. The pin and pin level to enable bootloader backdoor is configured using the following CCFG variables in cc1352p7: - SET_CCFG_BL_CONFIG_BL_PIN_NO - SET_CCFG_BL_CONFIG_BL_LEVEL Acked-by: Conor Dooley Acked-by: Rob Herring (Arm) Signed-off-by: Ayush Singh Reviewed-by: Dhruva Gole Link: https://lore.kernel.org/r/20240903-beagleplay_fw_upgrade-v4-1-526fc62204a7@beagleboard.org Signed-off-by: Greg Kroah-Hartman commit 12647a7cfbaa865cb291bd36a4c5d8496e28d61b Author: Andy Shevchenko Date: Wed Sep 11 22:50:39 2024 +0300 ALSA: ump: Use %*ph to print small buffer Use %*ph format to print small buffer as hex string. Signed-off-by: Andy Shevchenko Link: https://patch.msgid.link/20240911195039.2885979-1-andriy.shevchenko@linux.intel.com Signed-off-by: Takashi Iwai commit 3adc73efad83534c3f6df6580009482e2c08187d Author: Shen Lichuan Date: Thu Aug 29 16:47:10 2024 +0800 xen/xenbus: Convert to use ERR_CAST() Use ERR_CAST() as it is designed for casting an error pointer to another type. This macro utilizes the __force and __must_check modifiers, which instruct the compiler to verify for errors at the locations where it is employed. Signed-off-by: Shen Lichuan Reviewed-by: Juergen Gross Message-ID: <20240829084710.30312-1-shenlichuan@vivo.com> Signed-off-by: Juergen Gross commit fbe5a6dfe492eff8b0adef85fcabd84e246f1102 Author: Alexey Dobriyan Date: Fri Aug 2 18:42:53 2024 +0300 xen, pvh: fix unbootable VMs by inlining memset() in xen_prepare_pvh() If this memset() is not inlined than PVH early boot code can call into KASAN-instrumented memset() which results in unbootable VMs. Signed-off-by: Alexey Dobriyan Acked-by: Juergen Gross Message-ID: <20240802154253.482658-3-adobriyan@gmail.com> Signed-off-by: Juergen Gross commit 416a33c9afcef24d8b48e414d08d4ae4472aa669 Author: Alexey Dobriyan Date: Fri Aug 2 18:42:52 2024 +0300 x86/cpu: fix unbootable VMs by inlining memcmp() in hypervisor_cpuid_base() If this memcmp() is not inlined then PVH early boot code can call into KASAN-instrumented memcmp() which results in unbootable VMs: pvh_start_xen xen_prepare_pvh xen_cpuid_base hypervisor_cpuid_base memcmp Signed-off-by: Alexey Dobriyan Acked-by: Juergen Gross Message-ID: <20240802154253.482658-2-adobriyan@gmail.com> Signed-off-by: Juergen Gross commit 661362e3dcab464d6b6976c019fd5b5433bda85f Author: Alexey Dobriyan Date: Fri Aug 2 18:42:51 2024 +0300 xen, pvh: fix unbootable VMs (PVH + KASAN - AMD_MEM_ENCRYPT) Uninstrument arch/x86/platform/pvh/enlighten.c: KASAN has not been setup _this_ early in the boot process. Steps to reproduce: make allnoconfig make sure CONFIG_AMD_MEM_ENCRYPT is disabled AMD_MEM_ENCRYPT independently uninstruments lib/string.o so PVH boot code calls into uninstrumented memset() and memcmp() which can make the bug disappear depending on the compiler. enable CONFIG_PVH enable CONFIG_KASAN enable serial console this is fun exercise if you never done it from nothing :^) make qemu-system-x86_64 \ -enable-kvm \ -cpu host \ -smp cpus=1 \ -m 4096 \ -serial stdio \ -kernel vmlinux \ -append 'console=ttyS0 ignore_loglevel' Messages on serial console will easily tell OK kernel from unbootable kernel. In bad case qemu hangs in an infinite loop stroboscoping "SeaBIOS" message. Signed-off-by: Alexey Dobriyan Acked-by: Juergen Gross Message-ID: <20240802154253.482658-1-adobriyan@gmail.com> Signed-off-by: Juergen Gross commit be35d91c8880650404f3bf813573222dfb106935 Author: Juergen Gross Date: Fri Aug 2 20:14:22 2024 +0200 xen: tolerate ACPI NVS memory overlapping with Xen allocated memory In order to minimize required special handling for running as Xen PV dom0, the memory layout is modified to match that of the host. This requires to have only RAM at the locations where Xen allocated memory is living. Unfortunately there seem to be some machines, where ACPI NVS is located at 64 MB, resulting in a conflict with the loaded kernel or the initial page tables built by Xen. Avoid this conflict by swapping the ACPI NVS area in the memory map with unused RAM. This is possible via modification of the dom0 P2M map. Accesses to the ACPI NVS area are done either for saving and restoring it across suspend operations (this will work the same way as before), or by ACPI code when NVS memory is referenced from other ACPI tables. The latter case is handled by a Xen specific indirection of acpi_os_ioremap(). While the E820 map can (and should) be modified right away, the P2M map can be updated only after memory allocation is working, as the P2M map might need to be extended. Fixes: 808fdb71936c ("xen: check for kernel memory conflicting with memory layout") Signed-off-by: Juergen Gross Tested-by: Marek Marczykowski-Górecki Reviewed-by: Jan Beulich Signed-off-by: Juergen Gross commit 9221222c717dbddac1e3c49906525475d87a3a44 Author: Juergen Gross Date: Fri Aug 9 17:52:55 2024 +0200 xen: allow mapping ACPI data using a different physical address When running as a Xen PV dom0 the system needs to map ACPI data of the host using host physical addresses, while those addresses can conflict with the guest physical addresses of the loaded linux kernel. The same problem might apply in case a PV guest is configured to use the host memory map. This conflict can be solved by mapping the ACPI data to a different guest physical address, but mapping the data via acpi_os_ioremap() must still be possible using the host physical address, as this address might be generated by AML when referencing some of the ACPI data. When configured to support running as a Xen PV domain, have an implementation of acpi_os_ioremap() being aware of the possibility to need above mentioned translation of a host physical address to the guest physical address. This modification requires to #include linux/acpi.h in some sources which need to include asm/acpi.h directly. Signed-off-by: Juergen Gross Reviewed-by: Jan Beulich Signed-off-by: Juergen Gross commit 902d67a2d40f5b0815f4f627b26d91f96cc51fb3 Author: Tejun Heo Date: Wed Sep 11 09:36:43 2024 -1000 sched: Move update_other_load_avgs() to kernel/sched/pelt.c 96fd6c65efc6 ("sched: Factor out update_other_load_avgs() from __update_blocked_others()") added update_other_load_avgs() in kernel/sched/syscalls.c right above effective_cpu_util(). This location didn't fit that well in the first place, and with 5d871a63997f ("sched/fair: Move effective_cpu_util() and effective_cpu_util() in fair.c") moving effective_cpu_util() to kernel/sched/fair.c, it looks even more out of place. Relocate the function to kernel/sched/pelt.c where all its callees are. No functional changes. Signed-off-by: Tejun Heo Cc: Peter Zijlstra Cc: Ingo Molnar commit 3cfb5aa10cb78571e214e48a3a6e42c11d5288a1 Merge: e331673ad68e47 ac49b950bea9e7 Author: Jakub Kicinski Date: Wed Sep 11 20:54:36 2024 -0700 Merge branch 'add-support-for-open-alliance-10base-t1x-macphy-serial-interface' Parthiban Veerasooran says: ==================== Add support for OPEN Alliance 10BASE-T1x MACPHY Serial Interface This patch series contain the below updates, - Adds support for OPEN Alliance 10BASE-T1x MACPHY Serial Interface in the net/ethernet/oa_tc6.c. Link to the spec: ----------------- https://opensig.org/download/document/OPEN_Alliance_10BASET1x_MAC-PHY_Serial_Interface_V1.1.pdf - Adds driver support for Microchip LAN8650/1 Rev.B1 10BASE-T1S MACPHY Ethernet driver in the net/ethernet/microchip/lan865x/lan865x.c. Link to the product: -------------------- https://www.microchip.com/en-us/product/lan8650 Testing Details: ---------------- The driver performance was tested using iperf3 in the below two setups separately. Setup 1: -------- Node 0 - Raspberry Pi 4 with LAN8650 MAC-PHY Node 1 - Raspberry Pi 4 with EVB-LAN8670-USB USB Stick Setup 2: -------- Node 0 - SAMA7G54-EK with LAN8650 MAC-PHY Node 1 - Raspberry Pi 4 with EVB-LAN8670-USB USB Stick Achieved maximum of 9.4 Mbps. Some systems like Raspberry Pi 4 need performance mode enabled to get the proper clock speed for SPI. Refer below link for more details. https://github.com/raspberrypi/linux/issues/3381#issuecomment-1144723750 ==================== Link: https://patch.msgid.link/20240909082514.262942-1-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit ac49b950bea9e76ae435b9f9c340a4da7261364b Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:14 2024 +0530 dt-bindings: net: add Microchip's LAN865X 10BASE-T1S MACPHY The LAN8650/1 combines a Media Access Controller (MAC) and an Ethernet PHY to enable 10BASE-T1S networks. The Ethernet Media Access Controller (MAC) module implements a 10 Mbps half duplex Ethernet MAC, compatible with the IEEE 802.3 standard and a 10BASE-T1S physical layer transceiver integrated into the LAN8650/1. The communication between the Host and the MAC-PHY is specified in the OPEN Alliance 10BASE-T1x MACPHY Serial Interface (TC6). Reviewed-by: Conor Dooley Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-15-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit 5cd2340cb6a383d04fd88e48fabc2a21a909d6a1 Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:13 2024 +0530 microchip: lan865x: add driver support for Microchip's LAN865X MAC-PHY The LAN8650/1 is designed to conform to the OPEN Alliance 10BASE-T1x MAC-PHY Serial Interface specification, Version 1.1. The IEEE Clause 4 MAC integration provides the low pin count standard SPI interface to any microcontroller therefore providing Ethernet functionality without requiring MAC integration within the microcontroller. The LAN8650/1 operates as an SPI client supporting SCLK clock rates up to a maximum of 25 MHz. This SPI interface supports the transfer of both data (Ethernet frames) and control (register access). By default, the chunk data payload is 64 bytes in size. The Ethernet Media Access Controller (MAC) module implements a 10 Mbps half duplex Ethernet MAC, compatible with the IEEE 802.3 standard. 10BASE-T1S physical layer transceiver integrated is into the LAN8650/1. The PHY and MAC are connected via an internal Media Independent Interface (MII). Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-14-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit afd42170c8a6e68edd3f3a7f2aacd2bfbedb58b2 Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:12 2024 +0530 net: ethernet: oa_tc6: add helper function to enable zero align rx frame Zero align receive frame feature can be enabled to align all receive ethernet frames data to start at the beginning of any receive data chunk payload with a start word offset (SWO) of zero. Receive frames may begin anywhere within the receive data chunk payload when this feature is not enabled. Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-13-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit 2c6ce535445362dc58a58c9813e58bb3da28eab7 Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:11 2024 +0530 net: ethernet: oa_tc6: implement mac-phy interrupt The MAC-PHY interrupt is asserted when the following conditions are met. Receive chunks available - This interrupt is asserted when the previous data footer had no receive data chunks available and once the receive data chunks become available for reading. On reception of the first data header this interrupt will be deasserted. Transmit chunk credits available - This interrupt is asserted when the previous data footer indicated no transmit credits available and once the transmit credits become available for transmitting transmit data chunks. On reception of the first data header this interrupt will be deasserted. Extended status event - This interrupt is asserted when the previous data footer indicated no extended status and once the extended event become available. In this case the host should read status #0 register to know the corresponding error/event. On reception of the first data header this interrupt will be deasserted. Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-12-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit d70a0d8f2f2d1b9bb6e3e9dfed25ae3ca3303770 Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:10 2024 +0530 net: ethernet: oa_tc6: implement receive path to receive rx ethernet frames SPI rx data buffer can contain one or more receive data chunks. A receive data chunk consists a 64 bytes receive data chunk payload followed a 4 bytes data footer at the end. The data footer contains the information needed to determine the validity and location of the receive frame data within the receive data chunk payload and the host can use these information to generate ethernet frame. Initially the receive chunks available will be updated from the buffer status register and then it will be updated from the footer received on each spi data transfer. Tx data valid or empty chunks equal to the number receive chunks available will be transmitted in the MOSI to receive all the rx chunks. Additionally the receive data footer contains the below information as well. The received footer will be examined for the receive errors if any. Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-11-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit 53fbde8ab21e8c2c6187159cc17fc10cbf20900a Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:09 2024 +0530 net: ethernet: oa_tc6: implement transmit path to transfer tx ethernet frames The transmit ethernet frame will be converted into multiple transmit data chunks. Each transmit data chunk consists of a 4 bytes header followed by a 64 bytes transmit data chunk payload. The 4 bytes data header occurs at the beginning of each transmit data chunk on MOSI. The data header contains the information needed to determine the validity and location of the transmit frame data within the data chunk payload. The number of transmit data chunks transmitted to mac-phy is limited to the number transmit credits available in the mac-phy. Initially the transmit credits will be updated from the buffer status register and then it will be updated from the footer received on each spi data transfer. The received footer will be examined for the transmit errors if any. Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-10-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit f845a027de66d1efeb8cb22020e2c50baebdc441 Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:08 2024 +0530 net: ethernet: oa_tc6: enable open alliance tc6 data communication Enabling Configuration Synchronization bit (SYNC) in the Configuration Register #0 enables data communication in the MAC-PHY. The state of this bit is reflected in the data footer SYNC bit. Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-9-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit 18a918762fab8248e504edbe03c8df966d9666c9 Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:07 2024 +0530 net: phy: microchip_t1s: add c45 direct access in LAN865x internal PHY This patch adds c45 registers direct access support in Microchip's LAN865x internal PHY. OPEN Alliance 10BASE-T1x compliance MAC-PHYs will have both C22 and C45 registers space. If the PHY is discovered via C22 bus protocol it assumes it uses C22 protocol and always uses C22 registers indirect access to access C45 registers. This is because, we don't have a clean separation between C22/C45 register space and C22/C45 MDIO bus protocols. Resulting, PHY C45 registers direct access can't be used which can save multiple SPI bus access. To support this feature, set .read_mmd/.write_mmd in the PHY driver to call .read_c45/.write_c45 in the OPEN Alliance framework drivers/net/ethernet/oa_tc6.c Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-8-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit 8f9bf857e43b3f75a098e3af3a6fec2d03203a1e Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:06 2024 +0530 net: ethernet: oa_tc6: implement internal PHY initialization Internal PHY is initialized as per the PHY register capability supported by the MAC-PHY. Direct PHY Register Access Capability indicates if PHY registers are directly accessible within the SPI register memory space. Indirect PHY Register Access Capability indicates if PHY registers are indirectly accessible through the MDIO/MDC registers MDIOACCn defined in OPEN Alliance specification. Currently the direct register access is only supported. Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-7-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit 86c03a0f07f4c9874f58826a9956bda30993a358 Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:05 2024 +0530 net: ethernet: oa_tc6: implement error interrupts unmasking This will unmask the following error interrupts from the MAC-PHY. tx protocol error rx buffer overflow error loss of framing error header error The MAC-PHY will signal an error by setting the EXST bit in the receive data footer which will then allow the host to read the STATUS0 register to find the source of the error. Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-6-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit 1f9c4eed9c115960b485fca42ad49c1a713dd099 Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:04 2024 +0530 net: ethernet: oa_tc6: implement software reset Reset complete bit is set when the MAC-PHY reset completes and ready for configuration. Additionally reset complete bit in the STS0 register has to be written by one upon reset complete to clear the interrupt. Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-5-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit 375d1e0278cca70ce801d52c6b95c7a3c00f249c Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:03 2024 +0530 net: ethernet: oa_tc6: implement register read operation Implement register read operation according to the control communication specified in the OPEN Alliance 10BASE-T1x MACPHY Serial Interface document. Control read commands are used by the SPI host to read registers within the MAC-PHY. Each control read commands are composed of a 32 bits control command header. The MAC-PHY ignores all data from the SPI host following the control header for the remainder of the control read command. Control read commands can read either a single register or multiple consecutive registers. When multiple consecutive registers are read, the address is automatically post-incremented by the MAC-PHY. Reading any unimplemented or undefined registers shall return zero. Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-4-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit aa58bec064ab16224645776ce8e0af2fee46136a Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:02 2024 +0530 net: ethernet: oa_tc6: implement register write operation Implement register write operation according to the control communication specified in the OPEN Alliance 10BASE-T1x MACPHY Serial Interface document. Control write commands are used by the SPI host to write registers within the MAC-PHY. Each control write commands are composed of a 32 bits control command header followed by register write data. The MAC-PHY ignores the final 32 bits of data from the SPI host at the end of the control write command. The write command and data is also echoed from the MAC-PHY back to the SPI host to enable the SPI host to identify which register write failed in the case of any bus errors. Control write commands can write either a single register or multiple consecutive registers. When multiple consecutive registers are written, the address is automatically post-incremented by the MAC-PHY. Writing to any unimplemented or undefined registers shall be ignored and yield no effect. Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-3-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit b3e33f2c54c68318ccf06473a84c79f3c7d29cc1 Author: Parthiban Veerasooran Date: Mon Sep 9 13:55:01 2024 +0530 Documentation: networking: add OPEN Alliance 10BASE-T1x MAC-PHY serial interface The IEEE 802.3cg project defines two 10 Mbit/s PHYs operating over a single pair of conductors. The 10BASE-T1L (Clause 146) is a long reach PHY supporting full duplex point-to-point operation over 1 km of single balanced pair of conductors. The 10BASE-T1S (Clause 147) is a short reach PHY supporting full / half duplex point-to-point operation over 15 m of single balanced pair of conductors, or half duplex multidrop bus operation over 25 m of single balanced pair of conductors. Furthermore, the IEEE 802.3cg project defines the new Physical Layer Collision Avoidance (PLCA) Reconciliation Sublayer (Clause 148) meant to provide improved determinism to the CSMA/CD media access method. PLCA works in conjunction with the 10BASE-T1S PHY operating in multidrop mode. The aforementioned PHYs are intended to cover the low-speed / low-cost applications in industrial and automotive environment. The large number of pins (16) required by the MII interface, which is specified by the IEEE 802.3 in Clause 22, is one of the major cost factors that need to be addressed to fulfil this objective. The MAC-PHY solution integrates an IEEE Clause 4 MAC and a 10BASE-T1x PHY exposing a low pin count Serial Peripheral Interface (SPI) to the host microcontroller. This also enables the addition of Ethernet functionality to existing low-end microcontrollers which do not integrate a MAC controller. Reviewed-by: Andrew Lunn Signed-off-by: Parthiban Veerasooran Link: https://patch.msgid.link/20240909082514.262942-2-Parthiban.Veerasooran@microchip.com Signed-off-by: Jakub Kicinski commit e331673ad68e47a926bc34aaeca926a57a779cf0 Merge: 24b8c19314fa92 d0caf9876a1c9f Author: Jakub Kicinski Date: Wed Sep 11 20:44:34 2024 -0700 Merge branch 'device-memory-tcp' Mina Almasry says: ==================== Device Memory TCP Device memory TCP (devmem TCP) is a proposal for transferring data to and/or from device memory efficiently, without bouncing the data to a host memory buffer. * Problem: A large amount of data transfers have device memory as the source and/or destination. Accelerators drastically increased the volume of such transfers. Some examples include: - ML accelerators transferring large amounts of training data from storage into GPU/TPU memory. In some cases ML training setup time can be as long as 50% of TPU compute time, improving data transfer throughput & efficiency can help improving GPU/TPU utilization. - Distributed training, where ML accelerators, such as GPUs on different hosts, exchange data among them. - Distributed raw block storage applications transfer large amounts of data with remote SSDs, much of this data does not require host processing. Today, the majority of the Device-to-Device data transfers the network are implemented as the following low level operations: Device-to-Host copy, Host-to-Host network transfer, and Host-to-Device copy. The implementation is suboptimal, especially for bulk data transfers, and can put significant strains on system resources, such as host memory bandwidth, PCIe bandwidth, etc. One important reason behind the current state is the kernel’s lack of semantics to express device to network transfers. * Proposal: In this patch series we attempt to optimize this use case by implementing socket APIs that enable the user to: 1. send device memory across the network directly, and 2. receive incoming network packets directly into device memory. Packet _payloads_ go directly from the NIC to device memory for receive and from device memory to NIC for transmit. Packet _headers_ go to/from host memory and are processed by the TCP/IP stack normally. The NIC _must_ support header split to achieve this. Advantages: - Alleviate host memory bandwidth pressure, compared to existing network-transfer + device-copy semantics. - Alleviate PCIe BW pressure, by limiting data transfer to the lowest level of the PCIe tree, compared to traditional path which sends data through the root complex. * Patch overview: ** Part 1: netlink API Gives user ability to bind dma-buf to an RX queue. ** Part 2: scatterlist support Currently the standard for device memory sharing is DMABUF, which doesn't generate struct pages. On the other hand, networking stack (skbs, drivers, and page pool) operate on pages. We have 2 options: 1. Generate struct pages for dmabuf device memory, or, 2. Modify the networking stack to process scatterlist. Approach #1 was attempted in RFC v1. RFC v2 implements approach #2. ** part 3: page pool support We piggy back on page pool memory providers proposal: https://github.com/kuba-moo/linux/tree/pp-providers It allows the page pool to define a memory provider that provides the page allocation and freeing. It helps abstract most of the device memory TCP changes from the driver. ** part 4: support for unreadable skb frags Page pool iovs are not accessible by the host; we implement changes throughput the networking stack to correctly handle skbs with unreadable frags. ** Part 5: recvmsg() APIs We define user APIs for the user to send and receive device memory. Not included with this series is the GVE devmem TCP support, just to simplify the review. Code available here if desired: https://github.com/mina/linux/tree/tcpdevmem This series is built on top of net-next with Jakub's pp-providers changes cherry-picked. * NIC dependencies: 1. (strict) Devmem TCP require the NIC to support header split, i.e. the capability to split incoming packets into a header + payload and to put each into a separate buffer. Devmem TCP works by using device memory for the packet payload, and host memory for the packet headers. 2. (optional) Devmem TCP works better with flow steering support & RSS support, i.e. the NIC's ability to steer flows into certain rx queues. This allows the sysadmin to enable devmem TCP on a subset of the rx queues, and steer devmem TCP traffic onto these queues and non devmem TCP elsewhere. The NIC I have access to with these properties is the GVE with DQO support running in Google Cloud, but any NIC that supports these features would suffice. I may be able to help reviewers bring up devmem TCP on their NICs. * Testing: The series includes a udmabuf kselftest that show a simple use case of devmem TCP and validates the entire data path end to end without a dependency on a specific dmabuf provider. ** Test Setup Kernel: net-next with this series and memory provider API cherry-picked locally. Hardware: Google Cloud A3 VMs. NIC: GVE with header split & RSS & flow steering support. ==================== Link: https://patch.msgid.link/20240910171458.219195-1-almasrymina@google.com Signed-off-by: Jakub Kicinski commit d0caf9876a1c9f844307effb598ad1312d9e0025 Author: Mina Almasry Date: Tue Sep 10 17:14:57 2024 +0000 netdev: add dmabuf introspection Add dmabuf information to page_pool stats: $ ./cli.py --spec ../netlink/specs/netdev.yaml --dump page-pool-get ... {'dmabuf': 10, 'id': 456, 'ifindex': 3, 'inflight': 1023, 'inflight-mem': 4190208}, {'dmabuf': 10, 'id': 455, 'ifindex': 3, 'inflight': 1023, 'inflight-mem': 4190208}, {'dmabuf': 10, 'id': 454, 'ifindex': 3, 'inflight': 1023, 'inflight-mem': 4190208}, {'dmabuf': 10, 'id': 453, 'ifindex': 3, 'inflight': 1023, 'inflight-mem': 4190208}, {'dmabuf': 10, 'id': 452, 'ifindex': 3, 'inflight': 1023, 'inflight-mem': 4190208}, {'dmabuf': 10, 'id': 451, 'ifindex': 3, 'inflight': 1023, 'inflight-mem': 4190208}, {'dmabuf': 10, 'id': 450, 'ifindex': 3, 'inflight': 1023, 'inflight-mem': 4190208}, {'dmabuf': 10, 'id': 449, 'ifindex': 3, 'inflight': 1023, 'inflight-mem': 4190208}, And queue stats: $ ./cli.py --spec ../netlink/specs/netdev.yaml --dump queue-get ... {'dmabuf': 10, 'id': 8, 'ifindex': 3, 'type': 'rx'}, {'dmabuf': 10, 'id': 9, 'ifindex': 3, 'type': 'rx'}, {'dmabuf': 10, 'id': 10, 'ifindex': 3, 'type': 'rx'}, {'dmabuf': 10, 'id': 11, 'ifindex': 3, 'type': 'rx'}, {'dmabuf': 10, 'id': 12, 'ifindex': 3, 'type': 'rx'}, {'dmabuf': 10, 'id': 13, 'ifindex': 3, 'type': 'rx'}, {'dmabuf': 10, 'id': 14, 'ifindex': 3, 'type': 'rx'}, {'dmabuf': 10, 'id': 15, 'ifindex': 3, 'type': 'rx'}, Suggested-by: Jakub Kicinski Signed-off-by: Mina Almasry Reviewed-by: Jakub Kicinski Link: https://patch.msgid.link/20240910171458.219195-14-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 85585b4bc8d80095a825028e2088b568035ac467 Author: Mina Almasry Date: Tue Sep 10 17:14:56 2024 +0000 selftests: add ncdevmem, netcat for devmem TCP ncdevmem is a devmem TCP netcat. It works similarly to netcat, but it sends and receives data using the devmem TCP APIs. It uses udmabuf as the dmabuf provider. It is compatible with a regular netcat running on a peer, or a ncdevmem running on a peer. In addition to normal netcat support, ncdevmem has a validation mode, where it sends a specific pattern and validates this pattern on the receiver side to ensure data integrity. Suggested-by: Stanislav Fomichev Signed-off-by: Mina Almasry Link: https://patch.msgid.link/20240910171458.219195-13-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 09d1db26b5e52072d703af14a2b65204d167e5a1 Author: Mina Almasry Date: Tue Sep 10 17:14:55 2024 +0000 net: add devmem TCP documentation Add documentation outlining the usage and details of devmem TCP. Signed-off-by: Mina Almasry Reviewed-by: Bagas Sanjaya Reviewed-by: Donald Hunter Link: https://patch.msgid.link/20240910171458.219195-12-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 678f6e28b5f6fc2316f2c0fed8f8903101f1e128 Author: Mina Almasry Date: Tue Sep 10 17:14:54 2024 +0000 net: add SO_DEVMEM_DONTNEED setsockopt to release RX frags Add an interface for the user to notify the kernel that it is done reading the devmem dmabuf frags returned as cmsg. The kernel will drop the reference on the frags to make them available for reuse. Signed-off-by: Willem de Bruijn Signed-off-by: Kaiyuan Zhang Signed-off-by: Mina Almasry Reviewed-by: Pavel Begunkov Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240910171458.219195-11-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 8f0b3cc9a4c102c24808c87f1bc943659d7a7f9f Author: Mina Almasry Date: Tue Sep 10 17:14:53 2024 +0000 tcp: RX path for devmem TCP In tcp_recvmsg_locked(), detect if the skb being received by the user is a devmem skb. In this case - if the user provided the MSG_SOCK_DEVMEM flag - pass it to tcp_recvmsg_devmem() for custom handling. tcp_recvmsg_devmem() copies any data in the skb header to the linear buffer, and returns a cmsg to the user indicating the number of bytes returned in the linear buffer. tcp_recvmsg_devmem() then loops over the unaccessible devmem skb frags, and returns to the user a cmsg_devmem indicating the location of the data in the dmabuf device memory. cmsg_devmem contains this information: 1. the offset into the dmabuf where the payload starts. 'frag_offset'. 2. the size of the frag. 'frag_size'. 3. an opaque token 'frag_token' to return to the kernel when the buffer is to be released. The pages awaiting freeing are stored in the newly added sk->sk_user_frags, and each page passed to userspace is get_page()'d. This reference is dropped once the userspace indicates that it is done reading this page. All pages are released when the socket is destroyed. Signed-off-by: Willem de Bruijn Signed-off-by: Kaiyuan Zhang Signed-off-by: Mina Almasry Reviewed-by: Pavel Begunkov Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240910171458.219195-10-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 65249feb6b3df9e17bab5911ee56fa7b0971e231 Author: Mina Almasry Date: Tue Sep 10 17:14:52 2024 +0000 net: add support for skbs with unreadable frags For device memory TCP, we expect the skb headers to be available in host memory for access, and we expect the skb frags to be in device memory and unaccessible to the host. We expect there to be no mixing and matching of device memory frags (unaccessible) with host memory frags (accessible) in the same skb. Add a skb->devmem flag which indicates whether the frags in this skb are device memory frags or not. __skb_fill_netmem_desc() now checks frags added to skbs for net_iov, and marks the skb as skb->devmem accordingly. Add checks through the network stack to avoid accessing the frags of devmem skbs and avoid coalescing devmem skbs with non devmem skbs. Signed-off-by: Willem de Bruijn Signed-off-by: Kaiyuan Zhang Signed-off-by: Mina Almasry Reviewed-by: Eric Dumazet Reviewed-by: Jakub Kicinski Link: https://patch.msgid.link/20240910171458.219195-9-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 9f6b619edf2e85746f261b42ae8f818a59d126f7 Author: Mina Almasry Date: Tue Sep 10 17:14:51 2024 +0000 net: support non paged skb frags Make skb_frag_page() fail in the case where the frag is not backed by a page, and fix its relevant callers to handle this case. Signed-off-by: Mina Almasry Reviewed-by: Eric Dumazet Reviewed-by: Jakub Kicinski Link: https://patch.msgid.link/20240910171458.219195-8-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 0f921404689398943257793f7240db239a23b609 Author: Mina Almasry Date: Tue Sep 10 17:14:50 2024 +0000 memory-provider: dmabuf devmem memory provider Implement a memory provider that allocates dmabuf devmem in the form of net_iov. The provider receives a reference to the struct netdev_dmabuf_binding via the pool->mp_priv pointer. The driver needs to set this pointer for the provider in the net_iov. The provider obtains a reference on the netdev_dmabuf_binding which guarantees the binding and the underlying mapping remains alive until the provider is destroyed. Usage of PP_FLAG_DMA_MAP is required for this memory provide such that the page_pool can provide the driver with the dma-addrs of the devmem. Support for PP_FLAG_DMA_SYNC_DEV is omitted for simplicity & p.order != 0. Signed-off-by: Willem de Bruijn Signed-off-by: Kaiyuan Zhang Signed-off-by: Mina Almasry Reviewed-by: Pavel Begunkov Reviewed-by: Jakub Kicinski Link: https://patch.msgid.link/20240910171458.219195-7-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 8ab79ed50cf10f338465c296012500de1081646f Author: Mina Almasry Date: Tue Sep 10 17:14:49 2024 +0000 page_pool: devmem support Convert netmem to be a union of struct page and struct netmem. Overload the LSB of struct netmem* to indicate that it's a net_iov, otherwise it's a page. Currently these entries in struct page are rented by the page_pool and used exclusively by the net stack: struct { unsigned long pp_magic; struct page_pool *pp; unsigned long _pp_mapping_pad; unsigned long dma_addr; atomic_long_t pp_ref_count; }; Mirror these (and only these) entries into struct net_iov and implement netmem helpers that can access these common fields regardless of whether the underlying type is page or net_iov. Implement checks for net_iov in netmem helpers which delegate to mm APIs, to ensure net_iov are never passed to the mm stack. Signed-off-by: Mina Almasry Reviewed-by: Pavel Begunkov Acked-by: Jakub Kicinski Link: https://patch.msgid.link/20240910171458.219195-6-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 28c5c74eeaa0a2aad8b9cd9ede22a4c623f2a7fc Author: Mina Almasry Date: Tue Sep 10 17:14:48 2024 +0000 netdev: netdevice devmem allocator Implement netdev devmem allocator. The allocator takes a given struct netdev_dmabuf_binding as input and allocates net_iov from that binding. The allocation simply delegates to the binding's genpool for the allocation logic and wraps the returned memory region in a net_iov struct. Signed-off-by: Willem de Bruijn Signed-off-by: Kaiyuan Zhang Signed-off-by: Mina Almasry Reviewed-by: Pavel Begunkov Reviewed-by: Jakub Kicinski Link: https://patch.msgid.link/20240910171458.219195-5-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 170aafe35cb98e0f3fbacb446ea86389fbce22ea Author: Mina Almasry Date: Tue Sep 10 17:14:47 2024 +0000 netdev: support binding dma-buf to netdevice Add a netdev_dmabuf_binding struct which represents the dma-buf-to-netdevice binding. The netlink API will bind the dma-buf to rx queues on the netdevice. On the binding, the dma_buf_attach & dma_buf_map_attachment will occur. The entries in the sg_table from mapping will be inserted into a genpool to make it ready for allocation. The chunks in the genpool are owned by a dmabuf_chunk_owner struct which holds the dma-buf offset of the base of the chunk and the dma_addr of the chunk. Both are needed to use allocations that come from this chunk. We create a new type that represents an allocation from the genpool: net_iov. We setup the net_iov allocation size in the genpool to PAGE_SIZE for simplicity: to match the PAGE_SIZE normally allocated by the page pool and given to the drivers. The user can unbind the dmabuf from the netdevice by closing the netlink socket that established the binding. We do this so that the binding is automatically unbound even if the userspace process crashes. The binding and unbinding leaves an indicator in struct netdev_rx_queue that the given queue is bound, and the binding is actuated by resetting the rx queue using the queue API. The netdev_dmabuf_binding struct is refcounted, and releases its resources only when all the refs are released. Signed-off-by: Willem de Bruijn Signed-off-by: Kaiyuan Zhang Signed-off-by: Mina Almasry Reviewed-by: Pavel Begunkov # excluding netlink Acked-by: Daniel Vetter Reviewed-by: Jakub Kicinski Link: https://patch.msgid.link/20240910171458.219195-4-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 3efd7ab46d0aebc3e567a9846e79a98dbad3291c Author: Mina Almasry Date: Tue Sep 10 17:14:46 2024 +0000 net: netdev netlink api to bind dma-buf to a net device API takes the dma-buf fd as input, and binds it to the netdevice. The user can specify the rx queues to bind the dma-buf to. Suggested-by: Stanislav Fomichev Signed-off-by: Mina Almasry Reviewed-by: Donald Hunter Reviewed-by: Jakub Kicinski Link: https://patch.msgid.link/20240910171458.219195-3-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 7c88f86576f382a5037f7acf2fce796ccafba4db Author: Mina Almasry Date: Tue Sep 10 17:14:45 2024 +0000 netdev: add netdev_rx_queue_restart() Add netdev_rx_queue_restart(), which resets an rx queue using the queue API recently merged[1]. The queue API was merged to enable the core net stack to reset individual rx queues to actuate changes in the rx queue's configuration. In later patches in this series, we will use netdev_rx_queue_restart() to reset rx queues after binding or unbinding dmabuf configuration, which will cause reallocation of the page_pool to repopulate its memory using the new configuration. [1] https://lore.kernel.org/netdev/20240430231420.699177-1-shailend@google.com/T/ Signed-off-by: David Wei Signed-off-by: Mina Almasry Reviewed-by: Pavel Begunkov Reviewed-by: Jakub Kicinski Link: https://patch.msgid.link/20240910171458.219195-2-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 24b8c19314fa92baf03f2cea19d017789889a5b3 Merge: b2c8a506f6a70d 9c4a27da0ecc40 Author: Jakub Kicinski Date: Wed Sep 11 20:24:43 2024 -0700 Merge branch '200GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue Tony Nguyen says: ==================== idpf: XDP chapter II: convert Tx completion to libeth Alexander Lobakin says: XDP for idpf is currently 5 chapters: * convert Rx to libeth; * convert Tx completion to libeth (this); * generic XDP and XSk code changes; * actual XDP for idpf via libeth_xdp; * XSk for idpf (^). Part II does the following: * adds generic libeth Tx completion routines; * converts idpf to use generic libeth Tx comp routines; * fixes Tx queue timeouts and robustifies Tx completion in general; * fixes Tx event/descriptor flushes (writebacks). Most idpf patches again remove more lines than adds. Generic Tx completion helpers and structs are needed as libeth_xdp (Ch. III) makes use of them. WB_ON_ITR is needed since XDPSQs don't want to work without it at all. Tx queue timeouts fixes are needed since without them, it's way easier to catch a Tx timeout event when WB_ON_ITR is enabled. * '200GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue: idpf: enable WB_ON_ITR idpf: fix netdev Tx queue stop/wake idpf: refactor Tx completion routines netdevice: add netdev_tx_reset_subqueue() shorthand idpf: convert to libeth Tx buffer completion libeth: add Tx buffer completion helpers ==================== Link: https://patch.msgid.link/20240909205323.3110312-1-anthony.l.nguyen@intel.com Signed-off-by: Jakub Kicinski commit b2c8a506f6a70d60583aa2d8abfd4aca01b578fb Author: Divya Koppera Date: Mon Sep 9 17:13:39 2024 +0530 net: phy: microchip_t1: Cable Diagnostics for lan887x Add support for cable diagnostics in lan887x PHY. Using this we can diagnose connected/open/short wires and also length where cable fault is occurred. Signed-off-by: Divya Koppera Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240909114339.3446-1-divya.koppera@microchip.com Signed-off-by: Jakub Kicinski commit fce1e9f86af13cbd6696ef0c8775990559108f45 Author: Maxime Chevallier Date: Tue Sep 10 19:46:35 2024 +0200 net: ethtool: phy: Check the req_info.pdn field for GET commands When processing the netlink GET requests to get PHY info, the req_info.pdn pointer is NULL when no PHY matches the requested parameters, such as when the phy_index is invalid, or there's simply no PHY attached to the interface. Therefore, check the req_info.pdn pointer for NULL instead of dereferencing it. Suggested-by: Eric Dumazet Reported-by: Eric Dumazet Closes: https://lore.kernel.org/netdev/CANn89iKRW0WpGAh1tKqY345D8WkYCPm3Y9ym--Si42JZrQAu1g@mail.gmail.com/T/#mfced87d607d18ea32b3b4934dfa18d7b36669285 Fixes: 17194be4c8e1 ("net: ethtool: Introduce a command to list PHYs on an interface") Signed-off-by: Maxime Chevallier Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240910174636.857352-1-maxime.chevallier@bootlin.com Signed-off-by: Jakub Kicinski commit 79805c1bbbf9846fe91c16933d64614cbbff1dee Author: Yi Liu Date: Sun Sep 8 04:42:56 2024 -0700 iommu: Set iommu_attach_handle->domain in core The IOMMU core sets the iommu_attach_handle->domain for the iommu_attach_group_handle() path, while the iommu_replace_group_handle() sets it on the caller side. Make the two paths aligned on it. Link: https://patch.msgid.link/r/20240908114256.979518-3-yi.l.liu@intel.com Signed-off-by: Yi Liu Reviewed-by: Lu Baolu Reviewed-by: Kevin Tian Signed-off-by: Jason Gunthorpe commit d9dfb5e6225a0a99e08dc2a538b0c30a5a9a460c Author: Yi Liu Date: Sun Sep 8 04:42:55 2024 -0700 iommufd: Avoid duplicated __iommu_group_set_core_domain() call For the fault-capable hwpts, the iommufd_hwpt_detach_device() calls both iommufd_fault_domain_detach_dev() and iommu_detach_group(). This would have duplicated __iommu_group_set_core_domain() call since both functions call it in the end. This looks no harm as the __iommu_group_set_core_domain() returns if the new domain equals to the existing one. But it makes sense to avoid such duplicated calls in caller side. Link: https://patch.msgid.link/r/20240908114256.979518-2-yi.l.liu@intel.com Signed-off-by: Yi Liu Reviewed-by: Lu Baolu Reviewed-by: Kevin Tian Signed-off-by: Jason Gunthorpe commit b2d9544070d052804a12a7859aa212e952b96691 Author: Rosen Penev Date: Tue Sep 10 15:09:13 2024 -0700 net: gianfar: fix NVMEM mac address If nvmem loads after the ethernet driver, mac address assignments will not take effect. of_get_ethdev_address returns EPROBE_DEFER in such a case so we need to handle that to avoid eth_hw_addr_random. Signed-off-by: Rosen Penev Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240910220913.14101-1-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit cf06766f1525d35542cbb15fe6103caf44840376 Author: Jonathan Cooper Date: Tue Sep 10 16:30:13 2024 +0100 sfc: Add X4 PF support Add X4 series. Most functionality is the same as previous EF10 nics but enough is different to warrant a new nic type struct and revision; for example legacy interrupts and SRIOV are not supported. Most removed features will be re-added later as new implementations. Signed-off-by: Jonathan Cooper Acked-by: Edward Cree Acked-by: Martin Habets Link: https://patch.msgid.link/20240910153014.12803-1-jonathan.s.cooper@amd.com Signed-off-by: Jakub Kicinski commit af647fe240a9c9ea5f63bb9194b971049098955e Author: Colin Ian King Date: Tue Sep 10 13:06:35 2024 +0100 qlcnic: make read-only const array key static Don't populate the const read-only array key on the stack at run time, instead make it static. Signed-off-by: Colin Ian King Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240910120635.115266-1-colin.i.king@gmail.com Signed-off-by: Jakub Kicinski commit 9ee926213fc814d2c27fc67257ba5cc00a0ec910 Merge: 8b5d2e5cf04f61 27069e7cb3d1ce Author: Jakub Kicinski Date: Wed Sep 11 15:57:53 2024 -0700 Merge branch 'mptcp-fallback-to-tcp-after-3-mpc-drop-cache' Matthieu Baerts says: ==================== mptcp: fallback to TCP after 3 MPC drop + cache The SYN + MPTCP_CAPABLE packets could be explicitly dropped by firewalls somewhere in the network, e.g. if they decide to drop packets based on the TCP options, instead of stripping them off. The idea of this series is to fallback to TCP after 3 SYN+MPC drop (patch 2). If the connection succeeds after the fallback, it very likely means a blackhole has been detected. In this case (patch 3), MPTCP can be disabled for a certain period of time, 1h by default. If after this period, MPTCP is still blocked, the period is doubled. This technique is inspired by the one used by TCP FastOpen. This should help applications which want to use MPTCP by default on the client side if available. ==================== Link: https://patch.msgid.link/20240909-net-next-mptcp-fallback-x-mpc-v1-0-da7ebb4cd2a3@kernel.org Signed-off-by: Jakub Kicinski commit 27069e7cb3d1cea9377069266acf19b9cc5ad0ae Author: Matthieu Baerts (NGI0) Date: Mon Sep 9 22:09:23 2024 +0200 mptcp: disable active MPTCP in case of blackhole An MPTCP firewall blackhole can be detected if the following SYN retransmission after a fallback to "plain" TCP is accepted. In case of blackhole, a similar technique to the one in place with TFO is now used: MPTCP can be disabled for a certain period of time, 1h by default. This time period will grow exponentially when more blackhole issues get detected right after MPTCP is re-enabled and will reset to the initial value when the blackhole issue goes away. The blackhole period can be modified thanks to a new sysctl knob: blackhole_timeout. Two new MIB counters help understanding what's happening: - 'Blackhole', incremented when a blackhole is detected. - 'MPCapableSYNTXDisabled', incremented when an MPTCP connection directly falls back to TCP during the blackhole period. Because the technique is inspired by the one used by TFO, an important part of the new code is similar to what can find in tcp_fastopen.c, with some adaptations to the MPTCP case. Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/57 Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240909-net-next-mptcp-fallback-x-mpc-v1-3-da7ebb4cd2a3@kernel.org Signed-off-by: Jakub Kicinski commit 6982826fe5e53ef115836de7dd397bd970030937 Author: Matthieu Baerts (NGI0) Date: Mon Sep 9 22:09:22 2024 +0200 mptcp: fallback to TCP after SYN+MPC drops Some middleboxes might be nasty with MPTCP, and decide to drop packets with MPTCP options, instead of just dropping the MPTCP options (or letting them pass...). In this case, it sounds better to fallback to "plain" TCP after 2 retransmissions, and try again. Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/477 Signed-off-by: Matthieu Baerts (NGI0) Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240909-net-next-mptcp-fallback-x-mpc-v1-2-da7ebb4cd2a3@kernel.org Signed-off-by: Jakub Kicinski commit 65b02260a0e0c7cbb2faafd6c84ad95f68a2acae Author: Matthieu Baerts (NGI0) Date: Mon Sep 9 22:09:21 2024 +0200 mptcp: export mptcp_subflow_early_fallback() This helper will be used outside protocol.h in the following commit. While at it, also add a 'pr_fallback()' debug print, to help identifying fallbacks. Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240909-net-next-mptcp-fallback-x-mpc-v1-1-da7ebb4cd2a3@kernel.org Signed-off-by: Jakub Kicinski commit 8b5d2e5cf04f61af75c751cc8fcb1886f8bcef5a Merge: a18c097eda4230 35e24f28c2e9b2 Author: Jakub Kicinski Date: Wed Sep 11 15:49:09 2024 -0700 Merge branch 'net-hsr-use-the-seqnr-lock-for-frames-received-via-interlink-port' Sebastian Andrzej Siewior says: ==================== net: hsr: Use the seqnr lock for frames received via interlink port. This is follow-up to the thread at https://lore.kernel.org/all/20240904133725.1073963-1-edumazet@google.com/ ==================== Link: https://patch.msgid.link/20240906132816.657485-1-bigeasy@linutronix.de Signed-off-by: Jakub Kicinski commit 35e24f28c2e9b2c3b711200b07e4f9926f464c6b Author: Eric Dumazet Date: Fri Sep 6 15:25:32 2024 +0200 net: hsr: Remove interlink_sequence_nr. Remove interlink_sequence_nr which is unused. [ bigeasy: split out from Eric's patch ]. Signed-off-by: Eric Dumazet Signed-off-by: Sebastian Andrzej Siewior Link: https://patch.msgid.link/20240906132816.657485-3-bigeasy@linutronix.de Signed-off-by: Jakub Kicinski commit 430d67bdcb04ee8502c2b10dcbaced4253649189 Author: Sebastian Andrzej Siewior Date: Fri Sep 6 15:25:31 2024 +0200 net: hsr: Use the seqnr lock for frames received via interlink port. syzbot reported that the seqnr_lock is not acquire for frames received over the interlink port. In the interlink case a new seqnr is generated and assigned to the frame. Frames, which are received over the slave port have already a sequence number assigned so the lock is not required. Acquire the hsr_priv::seqnr_lock during in the invocation of hsr_forward_skb() if a packet has been received from the interlink port. Reported-by: syzbot+3d602af7549af539274e@syzkaller.appspotmail.com Closes: https://groups.google.com/g/syzkaller-bugs/c/KppVvGviGg4/m/EItSdCZdBAAJ Fixes: 5055cccfc2d1c ("net: hsr: Provide RedBox support (HSR-SAN)") Signed-off-by: Sebastian Andrzej Siewior Reviewed-by: Lukasz Majewski Tested-by: Lukasz Majewski Link: https://patch.msgid.link/20240906132816.657485-2-bigeasy@linutronix.de Signed-off-by: Jakub Kicinski commit 60a06efc56d7d336d13fae58f9e90c8a4e21619e Author: Abhishek Tamboli Date: Fri Aug 9 21:26:31 2024 +0530 rtc: m48t59: Remove division condition with direct comparison Replace 'year / 100' with a direct comparison 'year >= 100' in m48t59_rtc_set_time() function. Improve the code clarity and eliminate division overhead. Fix the following smatch warning: drivers/rtc/rtc-m48t59.c:135 m48t59_rtc_set_time() warn: replace divide condition 'year / 100' with 'year >= 100' Signed-off-by: Abhishek Tamboli Link: https://lore.kernel.org/r/20240809155631.548044-1-abhishektamboli9@gmail.com Signed-off-by: Alexandre Belloni commit 73580e2ee6adfb40276bd420da3bb1abae204e10 Author: Krzysztof Kozlowski Date: Sun Aug 25 20:31:03 2024 +0200 rtc: at91sam9: fix OF node leak in probe() error path Driver is leaking an OF node reference obtained from of_parse_phandle_with_fixed_args(). Fixes: 43e112bb3dea ("rtc: at91sam9: make use of syscon/regmap to access GPBR registers") Cc: stable@vger.kernel.org Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240825183103.102904-1-krzysztof.kozlowski@linaro.org Signed-off-by: Alexandre Belloni commit 80bf13c07c07c43cc959b253305b64922cb20a92 Author: Michael Walle Date: Tue Jul 30 21:49:05 2024 +0200 rtc: sun6i: disable automatic clock input switching The V3(s) will detect a valid external low frequency clock and if it is not present will automatically switch to the internal one. This might hide bugs and (hardware) configuration errors. It's even worse because the internal RTC runs significantly slower (32.000Hz vs 32.768Hz). Fortunately for us, the V3(s) has an (undocumented) bypass of this switching and the driver already supports it by setting the .has_auto_swt flag. Signed-off-by: Michael Walle Acked-by: Chen-Yu Tsai Link: https://lore.kernel.org/r/20240730194905.2587202-1-mwalle@kernel.org Signed-off-by: Alexandre Belloni commit 0cfd26cc06ff353e9b59d0ee57a4950df2abd616 Author: Rob Herring (Arm) Date: Tue Sep 10 18:44:31 2024 -0500 dt-bindings: rtc: Drop non-trivial duplicate compatibles Several compatibles documented in trivial-rtc.yaml are documented elsewhere and are not trivial, so drop them. Signed-off-by: Rob Herring (Arm) Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240910234431.1043923-1-robh@kernel.org Signed-off-by: Alexandre Belloni commit 864f40bfdc5a7863ea4503e8893ee96f62f96522 Author: Tóth János Date: Fri Aug 30 10:36:41 2024 +0200 dt-bindings: vendor-prefixes: Add DFRobot. Link: https://www.dfrobot.com/about-us Acked-by: Conor Dooley Signed-off-by: Tóth János Link: https://lore.kernel.org/r/20240830-rtc-sd2405al-v7-3-2f7102621b1d@gmail.com Signed-off-by: Alexandre Belloni commit 0bb7e903e8a820fd5fa18ebc6820d4dfbfcaeae5 Author: Tóth János Date: Fri Aug 30 10:36:40 2024 +0200 dt-bindings: rtc: Add support for SD2405AL. Add the necessary documentation for SD2405AL. Acked-by: Conor Dooley Signed-off-by: Tóth János Link: https://lore.kernel.org/r/20240830-rtc-sd2405al-v7-2-2f7102621b1d@gmail.com Signed-off-by: Alexandre Belloni commit 5af858acea22bc5d8a2ebddcad57babca1442dd1 Author: Tóth János Date: Fri Aug 30 10:36:39 2024 +0200 rtc: Add driver for SD2405AL Add support for the DFRobot SD2405AL I2C RTC Module. Datasheet: https://image.dfrobot.com/image/data/TOY0021/SD2405AL%20datasheet%20(Angelo%20v0.1).pdf Product: https://www.dfrobot.com/product-1600.html To instantiate (assuming device is connected to I2C-1) as root: echo sd2405al 0x32 > /sys/bus/i2c/devices/i2c-1/new_device as user: echo 'sd2405al 0x32' | sudo tee /sys/class/i2c-adapter/i2c-1/new_device The driver is tested with: + hwclock + tools/testing/selftests/rtc/setdate + tools/testing/selftests/rtc/rtctest Reviewed-by: Csókás Bence Signed-off-by: Tóth János Link: https://lore.kernel.org/r/20240830-rtc-sd2405al-v7-1-2f7102621b1d@gmail.com Signed-off-by: Alexandre Belloni commit da1531ecf18612572c53878d5ef8e94673bf86ce Author: Rob Herring (Arm) Date: Mon Aug 26 14:13:20 2024 -0500 rtc: s35390a: Drop vendorless compatible string from match table There's no need to list "s35390a" in the DT match table. The I2C core will strip any vendor prefix and match against the i2c_device_id table which has an "s35390a" entry. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240826191321.1410668-1-robh@kernel.org Signed-off-by: Alexandre Belloni commit 2d611fbe9a85971a38fe93a29512bd241e4d7035 Author: Chen Ni Date: Tue Jul 16 11:02:52 2024 +0800 rtc: twl: convert comma to semicolon Replace a comma between expression statements by a semicolon. Fixes: 7130856f5605 ("rtc: twl: add NVRAM support") Signed-off-by: Chen Ni Link: https://lore.kernel.org/r/20240716030252.400340-1-nichen@iscas.ac.cn Signed-off-by: Alexandre Belloni commit adab39e1f48224d5a89b10d171cdd78c0c215539 Author: Stanislav Jakubek Date: Sat Jul 6 18:11:52 2024 +0200 dt-bindings: rtc: sprd,sc2731-rtc: convert to YAML Convert the Spreadtrum SC2731 RTC bindings to DT schema. Rename file to match compatible. Signed-off-by: Stanislav Jakubek Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/ZolsyEC8eeJWNIb6@standask-GA-A55M-S2HP Signed-off-by: Alexandre Belloni commit cc089684664ebd379f1451aab65eb50f4008b381 Author: Colin Ian King Date: Wed Sep 11 22:41:24 2024 +0100 blk_iocost: make read-only static array vrate_adj_pct const The static array vrate_adj_pct is read-only, so make it const as well. Signed-off-by: Colin Ian King Acked-by: Tejun Heo Link: https://lore.kernel.org/r/20240911214124.197403-1-colin.i.king@gmail.com Signed-off-by: Jens Axboe commit 1db4da55070d6a2754efeb3743f5312fc32f5961 Author: Andy Shevchenko Date: Wed Sep 11 18:39:14 2024 +0300 i2c: isch: Add missed 'else' In accordance with the existing comment and code analysis it is quite likely that there is a missed 'else' when adapter times out. Add it. Fixes: 5bc1200852c3 ("i2c: Add Intel SCH SMBus support") Signed-off-by: Andy Shevchenko Cc: # v2.6.27+ Signed-off-by: Andi Shyti commit c229c17a76e9c52950ea345323d5a19993610f57 Author: Will Hawkins Date: Wed Sep 11 01:50:32 2024 -0400 docs/bpf: Add constant values for linkages Make the values of the symbolic constants that define the valid linkages for functions and variables explicit. Signed-off-by: Will Hawkins Signed-off-by: Andrii Nakryiko Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20240911055033.2084881-1-hawkinsw@obs.cr commit a18c097eda4230e4c4eed5f2b093735bdaaeb2a1 Merge: bf73478b539b4a fe57beb026ef5f Author: Jakub Kicinski Date: Wed Sep 11 13:46:56 2024 -0700 Merge tag 'wireless-next-2024-09-11' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless-next Kalle Valo says: ==================== wireless-next patches for v6.12 The last -next "new features" pull request for v6.12. The stack now supports DFS on MLO but otherwise nothing really standing out. Major changes: cfg80211/mac80211 * EHT rate support in AQL airtime * DFS support for MLO rtw89 * complete BT-coexistence code for RTL8852BT * RTL8922A WoWLAN net-detect support * tag 'wireless-next-2024-09-11' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless-next: (105 commits) wifi: brcmfmac: cfg80211: Convert comma to semicolon wifi: rsi: Remove an unused field in struct rsi_debugfs wifi: libertas: Cleanup unused declarations wifi: wilc1000: Convert using devm_clk_get_optional_enabled() in wilc_bus_probe() wifi: wilc1000: Convert using devm_clk_get_optional_enabled() in wilc_sdio_probe() wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors wifi: cfg80211: fix kernel-doc for per-link data wifi: mt76: mt7925: replace chan config with extend txpower config for clc wifi: mt76: mt7925: fix a potential array-index-out-of-bounds issue for clc wifi: mt76: mt7615: check devm_kasprintf() returned value wifi: mt76: mt7925: convert comma to semicolon wifi: mt76: mt7925: fix a potential association failure upon resuming wifi: mt76: Avoid multiple -Wflex-array-member-not-at-end warnings wifi: mt76: mt7921: Check devm_kasprintf() returned value wifi: mt76: mt7915: check devm_kasprintf() returned value wifi: mt76: mt7915: avoid long MCU command timeouts during SER wifi: mt76: mt7996: fix uninitialized TLV data ... ==================== Link: https://patch.msgid.link/20240911084147.A205DC4AF0F@smtp.kernel.org Signed-off-by: Jakub Kicinski commit 376bd59e2a0404b09767cc991cf5aed394cf0cf2 Author: Yonghong Song Date: Tue Sep 10 14:40:37 2024 -0700 bpf: Use fake pt_regs when doing bpf syscall tracepoint tracing Salvatore Benedetto reported an issue that when doing syscall tracepoint tracing the kernel stack is empty. For example, using the following command line bpftrace -e 'tracepoint:syscalls:sys_enter_read { print("Kernel Stack\n"); print(kstack()); }' bpftrace -e 'tracepoint:syscalls:sys_exit_read { print("Kernel Stack\n"); print(kstack()); }' the output for both commands is === Kernel Stack === Further analysis shows that pt_regs used for bpf syscall tracepoint tracing is from the one constructed during user->kernel transition. The call stack looks like perf_syscall_enter+0x88/0x7c0 trace_sys_enter+0x41/0x80 syscall_trace_enter+0x100/0x160 do_syscall_64+0x38/0xf0 entry_SYSCALL_64_after_hwframe+0x76/0x7e The ip address stored in pt_regs is from user space hence no kernel stack is printed. To fix the issue, kernel address from pt_regs is required. In kernel repo, there are already a few cases like this. For example, in kernel/trace/bpf_trace.c, several perf_fetch_caller_regs(fake_regs_ptr) instances are used to supply ip address or use ip address to construct call stack. Instead of allocate fake_regs in the stack which may consume a lot of bytes, the function perf_trace_buf_alloc() in perf_syscall_{enter, exit}() is leveraged to create fake_regs, which will be passed to perf_call_bpf_{enter,exit}(). For the above bpftrace script, I got the following output with this patch: for tracepoint:syscalls:sys_enter_read === Kernel Stack syscall_trace_enter+407 syscall_trace_enter+407 do_syscall_64+74 entry_SYSCALL_64_after_hwframe+75 === and for tracepoint:syscalls:sys_exit_read === Kernel Stack syscall_exit_work+185 syscall_exit_work+185 syscall_exit_to_user_mode+305 do_syscall_64+118 entry_SYSCALL_64_after_hwframe+75 === Reported-by: Salvatore Benedetto Suggested-by: Andrii Nakryiko Signed-off-by: Yonghong Song Signed-off-by: Andrii Nakryiko Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240910214037.3663272-1-yonghong.song@linux.dev commit 1de5b5dcb8353f36581c963df2d359a5f151a0be Author: Arnaldo Carvalho de Melo Date: Wed Sep 11 17:10:33 2024 -0300 perf trace: Mark the 'head' arg in the set_robust_list syscall as coming from user space With that it uses the generic BTF based pretty printer: This one we need to think about, not being acquainted with this syscall, should we _traverse_ that list somehow? Would that be useful? root@number:~# perf trace -e set_robust_list sleep 1 0.000 ( 0.004 ms): sleep/1206493 set_robust_list(head: (struct robust_list_head){.list = (struct robust_list){.next = (struct robust_list *)0x7f48a9a02a20,},.futex_offset = (long int)-32,}, len: 24) = root@number:~# strace prints the default integer args: root@number:~# strace -e set_robust_list sleep 1 set_robust_list(0x7efd99559a20, 24) = 0 +++ exited with 0 +++ root@number:~# Cc: Adrian Hunter Cc: Alan Maguire Cc: Howard Chu Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim commit 2bea33f907a0185b3341075d764ab5f45334e0cc Merge: 300a90b2cb5d44 7eab3a58ac7b38 Author: Andrii Nakryiko Date: Wed Sep 11 13:22:23 2024 -0700 Merge branch 'bpf-add-percpu-map-value-size-check' Tao Chen says: ==================== bpf: Add percpu map value size check Check percpu map value size first and add the test case in selftest. Change list: - v2 -> v3: - use bpf_map_create API and mv test case in map_percpu_stats.c - v1 -> v2: - round up map value size with 8 bytes in patch 1 - add selftest case in patch 2 ==================== Link: https://lore.kernel.org/r/20240910144111.1464912-1-chen.dylane@gmail.com Signed-off-by: Andrii Nakryiko commit 7eab3a58ac7b389517ae2241e47ed491f065baa0 Author: Tao Chen Date: Tue Sep 10 22:41:11 2024 +0800 bpf/selftests: Check errno when percpu map value size exceeds This test case checks the errno message when percpu map value size exceeds PCPU_MIN_UNIT_SIZE. root@debian:~# ./test_maps ... test_map_percpu_stats_hash_of_maps:PASS test_map_percpu_stats_map_value_size:PASS test_sk_storage_map:PASS Signed-off-by: Jinke Han Signed-off-by: Tao Chen Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240910144111.1464912-3-chen.dylane@gmail.com commit 1d244784be6b01162b732a5a7d637dfc024c3203 Author: Tao Chen Date: Tue Sep 10 22:41:10 2024 +0800 bpf: Check percpu map value size first Percpu map is often used, but the map value size limit often ignored, like issue: https://github.com/iovisor/bcc/issues/2519. Actually, percpu map value size is bound by PCPU_MIN_UNIT_SIZE, so we can check the value size whether it exceeds PCPU_MIN_UNIT_SIZE first, like percpu map of local_storage. Maybe the error message seems clearer compared with "cannot allocate memory". Signed-off-by: Jinke Han Signed-off-by: Tao Chen Signed-off-by: Andrii Nakryiko Acked-by: Jiri Olsa Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240910144111.1464912-2-chen.dylane@gmail.com commit 1d4a1adbed2582444aaf97671858b7d12915bd05 Author: Robert Hancock Date: Wed Sep 11 22:16:53 2024 +0200 i2c: xiic: Try re-initialization on bus busy timeout In the event that the I2C bus was powered down when the I2C controller driver loads, or some spurious pulses occur on the I2C bus, it's possible that the controller detects a spurious I2C "start" condition. In this situation it may continue to report the bus is busy indefinitely and block the controller from working. The "single-master" DT flag can be specified to disable bus busy checks entirely, but this may not be safe to use in situations where other I2C masters may potentially exist. In the event that the controller reports "bus busy" for too long when starting a transaction, we can try reinitializing the controller to see if the busy condition clears. This allows recovering from this scenario. Fixes: e1d5b6598cdc ("i2c: Add support for Xilinx XPS IIC Bus Interface") Signed-off-by: Robert Hancock Cc: # v2.6.34+ Reviewed-by: Manikanta Guntupalli Acked-by: Michal Simek Signed-off-by: Andi Shyti commit 521da1e9225450bd323db5fa5bca942b1dc485b7 Author: Robert Hancock Date: Tue Nov 21 18:11:16 2023 +0000 i2c: xiic: Wait for TX empty to avoid missed TX NAKs Frequently an I2C write will be followed by a read, such as a register address write followed by a read of the register value. In this driver, when the TX FIFO half empty interrupt was raised and it was determined that there was enough space in the TX FIFO to send the following read command, it would do so without waiting for the TX FIFO to actually empty. Unfortunately it appears that in some cases this can result in a NAK that was raised by the target device on the write, such as due to an unsupported register address, being ignored and the subsequent read being done anyway. This can potentially put the I2C bus into an invalid state and/or result in invalid read data being processed. To avoid this, once a message has been fully written to the TX FIFO, wait for the TX FIFO empty interrupt before moving on to the next message, to ensure NAKs are handled properly. Fixes: e1d5b6598cdc ("i2c: Add support for Xilinx XPS IIC Bus Interface") Signed-off-by: Robert Hancock Cc: # v2.6.34+ Reviewed-by: Manikanta Guntupalli Acked-by: Michal Simek Signed-off-by: Andi Shyti commit b1339be951ad31947ae19bc25cb08769bf255100 Author: Eric Dumazet Date: Fri Sep 6 15:44:49 2024 +0000 sock_map: Add a cond_resched() in sock_hash_free() Several syzbot soft lockup reports all have in common sock_hash_free() If a map with a large number of buckets is destroyed, we need to yield the cpu when needed. Fixes: 75e68e5bf2c7 ("bpf, sockhash: Synchronize delete from bucket list on map free") Reported-by: syzbot Signed-off-by: Eric Dumazet Signed-off-by: Daniel Borkmann Acked-by: Martin KaFai Lau Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20240906154449.3742932-1-edumazet@google.com commit 0c1019e3463b263a89e71d3b4543c28408ebe9a1 Author: Arnaldo Carvalho de Melo Date: Wed Sep 11 16:34:16 2024 -0300 perf trace: Mark the 'rseq' arg in the rseq syscall as coming from user space With that it uses the generic BTF based pretty printer: root@number:~# grep -w rseq /sys/kernel/tracing/events/syscalls/sys_enter_rseq/format field:struct rseq * rseq; offset:16; size:8; signed:0; print fmt: "rseq: 0x%08lx, rseq_len: 0x%08lx, flags: 0x%08lx, sig: 0x%08lx", ((unsigned long)(REC->rseq)), ((unsigned long)(REC->rseq_len)), ((unsigned long)(REC->flags)), ((unsigned long)(REC->sig)) root@number:~# Before: root@number:~# perf trace -e rseq 0.000 ( 0.017 ms): Isolated Web C/1195452 rseq(rseq: 0x7ff0ecfe6fe0, rseq_len: 32, sig: 1392848979) = 0 74.018 ( 0.006 ms): :1195453/1195453 rseq(rseq: 0x7f2af20fffe0, rseq_len: 32, sig: 1392848979) = 0 1817.220 ( 0.009 ms): Isolated Web C/1195454 rseq(rseq: 0x7f5c9ec7dfe0, rseq_len: 32, sig: 1392848979) = 0 2515.526 ( 0.034 ms): :1195455/1195455 rseq(rseq: 0x7f61503fffe0, rseq_len: 32, sig: 1392848979) = 0 ^Croot@number:~# After: root@number:~# perf trace -e rseq 0.000 ( 0.019 ms): Isolated Web C/1197258 rseq(rseq: (struct rseq){.cpu_id_start = (__u32)4,.cpu_id = (__u32)4,.mm_cid = (__u32)5,}, rseq_len: 32, sig: 1392848979) = 0 1663.835 ( 0.019 ms): Isolated Web C/1197259 rseq(rseq: (struct rseq){.cpu_id_start = (__u32)24,.cpu_id = (__u32)24,.mm_cid = (__u32)2,}, rseq_len: 32, sig: 1392848979) = 0 4750.444 ( 0.018 ms): Isolated Web C/1197260 rseq(rseq: (struct rseq){.cpu_id_start = (__u32)8,.cpu_id = (__u32)8,.mm_cid = (__u32)4,}, rseq_len: 32, sig: 1392848979) = 0 4994.132 ( 0.018 ms): Isolated Web C/1197261 rseq(rseq: (struct rseq){.cpu_id_start = (__u32)10,.cpu_id = (__u32)10,.mm_cid = (__u32)1,}, rseq_len: 32, sig: 1392848979) = 0 4997.578 ( 0.011 ms): Isolated Web C/1197263 rseq(rseq: (struct rseq){.cpu_id_start = (__u32)16,.cpu_id = (__u32)16,.mm_cid = (__u32)4,}, rseq_len: 32, sig: 1392848979) = 0 4997.462 ( 0.014 ms): Isolated Web C/1197262 rseq(rseq: (struct rseq){.cpu_id_start = (__u32)17,.cpu_id = (__u32)17,.mm_cid = (__u32)3,}, rseq_len: 32, sig: 1392848979) = 0 ^Croot@number:~# We'll probably need to come up with some way for using the BTF info to synthesize a test that then gets used and captures the output of the 'perf trace' output to check if the arguments are the ones synthesized, randomically, for now, lets make do manually: root@number:~# cat ~acme/c/rseq.c #include /* Definition of SYS_* constants */ #include #include #include #include #include #include /* Provide own rseq stub because glibc doesn't */ __attribute__((weak)) int sys_rseq(struct rseq *rseq, __u32 rseq_len, int flags, __u32 sig) { return syscall(SYS_rseq, rseq, rseq_len, flags, sig); } int main(int argc, char *argv[]) { struct rseq rseq = { .cpu_id_start = 12, .cpu_id = 34, .rseq_cs = 56, .flags = 78, .node_id = 90, .mm_cid = 12, }; int err = sys_rseq(&rseq, sizeof(rseq), 98765, 0xdeadbeaf); printf("sys_rseq({ .cpu_id_start = 12, .cpu_id = 34, .rseq_cs = 56, .flags = 78, .node_id = 90, .mm_cid = 12, }, %d, 0) = %d (%s)\n", sizeof(rseq), err, strerror(errno)); return err; } root@number:~# perf trace -e rseq ~acme/c/rseq sys_rseq({ .cpu_id_start = 12, .cpu_id = 34, .rseq_cs = 56, .flags = 78, .node_id = 90, .mm_cid = 12, }, 32, 0) = -1 (Invalid argument) 0.000 ( 0.003 ms): rseq/1200640 rseq(rseq: (struct rseq){}, rseq_len: 32, sig: 1392848979) = 0.064 ( 0.001 ms): rseq/1200640 rseq(rseq: (struct rseq){.cpu_id_start = (__u32)12,.cpu_id = (__u32)34,.rseq_cs = (__u64)56,.flags = (__u32)78,.node_id = (__u32)90,.mm_cid = (__u32)12,}, rseq_len: 32, flags: 98765, sig: 3735928495) = -1 EINVAL (Invalid argument) root@number:~#root@number:~# cat ~acme/c/rseq.c #include /* Definition of SYS_* constants */ #include #include #include #include #include #include /* Provide own rseq stub because glibc doesn't */ __attribute__((weak)) int sys_rseq(struct rseq *rseq, __u32 rseq_len, int flags, __u32 sig) { return syscall(SYS_rseq, rseq, rseq_len, flags, sig); } int main(int argc, char *argv[]) { struct rseq rseq = { .cpu_id_start = 12, .cpu_id = 34, .rseq_cs = 56, .flags = 78, .node_id = 90, .mm_cid = 12, }; int err = sys_rseq(&rseq, sizeof(rseq), 98765, 0xdeadbeaf); printf("sys_rseq({ .cpu_id_start = 12, .cpu_id = 34, .rseq_cs = 56, .flags = 78, .node_id = 90, .mm_cid = 12, }, %d, 0) = %d (%s)\n", sizeof(rseq), err, strerror(errno)); return err; } root@number:~# perf trace -e rseq ~acme/c/rseq sys_rseq({ .cpu_id_start = 12, .cpu_id = 34, .rseq_cs = 56, .flags = 78, .node_id = 90, .mm_cid = 12, }, 32, 0) = -1 (Invalid argument) 0.000 ( 0.003 ms): rseq/1200640 rseq(rseq: (struct rseq){}, rseq_len: 32, sig: 1392848979) = 0.064 ( 0.001 ms): rseq/1200640 rseq(rseq: (struct rseq){.cpu_id_start = (__u32)12,.cpu_id = (__u32)34,.rseq_cs = (__u64)56,.flags = (__u32)78,.node_id = (__u32)90,.mm_cid = (__u32)12,}, rseq_len: 32, flags: 98765, sig: 3735928495) = -1 EINVAL (Invalid argument) root@number:~# Interesting, glibc seems to be using rseq here, as in addition to the totally fake one this test case uses, we have this one, around these other syscalls: 0.175 ( 0.001 ms): rseq/1201095 set_tid_address(tidptr: 0x7f6def759a10) = 1201095 (rseq) 0.177 ( 0.001 ms): rseq/1201095 set_robust_list(head: 0x7f6def759a20, len: 24) = 0 0.178 ( 0.001 ms): rseq/1201095 rseq(rseq: (struct rseq){}, rseq_len: 32, sig: 1392848979) = 0.231 ( 0.005 ms): rseq/1201095 mprotect(start: 0x7f6def93f000, len: 16384, prot: READ) = 0 0.238 ( 0.003 ms): rseq/1201095 mprotect(start: 0x403000, len: 4096, prot: READ) = 0 0.244 ( 0.004 ms): rseq/1201095 mprotect(start: 0x7f6def99c000, len: 8192, prot: READ) Matches strace (well, not really as the strace in fedora:40 doesn't know about rseq, printing just integer values in hex): set_robust_list(0x7fbc6acc7a20, 24) = 0 rseq(0x7fbc6acc8060, 0x20, 0, 0x53053053) = 0 mprotect(0x7fbc6aead000, 16384, PROT_READ) = 0 mprotect(0x403000, 4096, PROT_READ) = 0 mprotect(0x7fbc6af0a000, 8192, PROT_READ) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 munmap(0x7fbc6aebd000, 81563) = 0 rseq(0x7fff15bb9920, 0x20, 0x181cd, 0xdeadbeaf) = -1 EINVAL (Invalid argument) fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x9), ...}) = 0 getrandom("\xd0\x34\x97\x17\x61\xc2\x2b\x10", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x18ff4000 brk(0x19015000) = 0x19015000 write(1, "sys_rseq({ .cpu_id_start = 12, ."..., 136sys_rseq({ .cpu_id_start = 12, .cpu_id = 34, .rseq_cs = 56, .flags = 78, .node_id = 90, .mm_cid = 12, }, 32, 0) = -1 (Invalid argument) ) = 136 exit_group(-1) = ? +++ exited with 255 +++ root@number:~# And also the focus for the v6.13 should be to have a better, strace like BTF pretty printer as one of the outputs we can get from the libbpf BTF dumper. Cc: Adrian Hunter Cc: Alan Maguire Cc: Howard Chu Cc: Jiri Olsa Cc: Kan Liang Cc: Mathieu Desnoyers Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/ZuH2K1LLt1pIDkbd@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 3dd2fcf496359d2e196acd33e53dc921d6e39cff Merge: bb19180d718542 eb7b0f12e13ba9 a98cfe6ff15b62 0a2ed70a549e61 7fcf82e7348766 Author: Rafael J. Wysocki Date: Wed Sep 11 22:05:16 2024 +0200 Merge branches 'acpi-video', 'acpi-resource', 'acpi-pad' and 'acpi-misc' Merge ACPI backlight (video) driver update, ACPI resource management updates, an ACPI processor aggregator device (PAD) driver fix, and miscellaneous ACPI updates for 6.12-rc1: - Add force_vendor quirk for Panasonic Toughbook CF-18 in the ACPI backlight driver (Hans de Goede). - Make the DMI checks related to backlight handling on Lenovo Yoga Tab 3 X90F less strict (Hans de Goede). - Enforce native backlight handling on Apple MacbookPro9,2 (Esther Shimanovich). - Add IRQ override quirks for Asus Vivobook Go E1404GAB and MECHREV GM7XG0M, and refine the TongFang GMxXGxx quirk (Li Chen, Tamim Khan, Werner Sembach). - Fix crash in exit_round_robin() in the ACPI processor aggregator device (PAD) driver (Seiji Nishikawa). - Define and use symbols for device and class name lengths in the ACPI bus type code and make the code use strscpy() instead of strcpy() in several places (Muhammad Qasim Abdul Majeed). * acpi-video: ACPI: video: Add force_vendor quirk for Panasonic Toughbook CF-18 ACPI: x86: Make Lenovo Yoga Tab 3 X90F DMI match less strict ACPI: video: Make Lenovo Yoga Tab 3 X90F DMI match less strict ACPI: video: force native for Apple MacbookPro9,2 * acpi-resource: ACPI: resource: Add another DMI match for the TongFang GMxXGxx ACPI: resource: Skip IRQ override on Asus Vivobook Go E1404GAB ACPI: resource: Do IRQ override on MECHREV GM7XG0M * acpi-pad: ACPI: PAD: fix crash in exit_round_robin() * acpi-misc: ACPI: button: Use strscpy() instead of strcpy() ACPI: bus: Define and use symbols for device and class name lengths ACPI: battery : Use strscpy() instead of strcpy() ACPI: acpi_processor: Use strscpy instead() of strcpy() ACPI: PAD: Use strscpy() instead of strcpy() ACPI: AC: Use strscpy() instead of strcpy() commit bfc0aa7a512f9a4462a88ca7352b00b83f8d68fd Author: Jens Axboe Date: Wed Sep 11 13:54:32 2024 -0600 io_uring/rsrc: add reference count to struct io_mapped_ubuf Currently there's a single ring owner of a mapped buffer, and hence the reference count will always be 1 when it's torn down and freed. However, in preparation for being able to link io_mapped_ubuf to different spots, add a reference count to manage the lifetime of it. Signed-off-by: Jens Axboe commit 021b153f7d4115d99efa0d57ae2da6de1228295d Author: Jens Axboe Date: Wed Sep 11 13:52:17 2024 -0600 io_uring/rsrc: clear 'slot' entry upfront No functional changes in this patch, but clearing the slot pointer earlier will be required by a later change. Signed-off-by: Jens Axboe commit bb19180d718542a24f8f5564def08e815676be50 Merge: 4ed63b31dca820 eea3d532d87ada 07442c46abad1d aaf21ac93909e0 5ac5f3f80aea25 Author: Rafael J. Wysocki Date: Wed Sep 11 21:46:56 2024 +0200 Merge branches 'acpi-battery', 'acpi-pmic', 'acpi-cppc' and 'acpi-processor' Merge ACPI battery driver, ACPI PMIC driver, ACPI processor driver and ACPI CPPC library updates for 6.12-rc1: - Use the driver core for the async probing management in the ACPI battery driver (Thomas Weißschuh). - Remove redundant initalizations of a local variable to NULL from the ACPI battery driver (Ilpo Järvinen). - Use strscpy() instead of strcpy() in the ACPI battery driver (Muhammad Qasim Abdul Majeed). - Remove unneeded check in tps68470_pmic_opregion_probe() (Aleksandr Mishin). - Add support for setting the EPP register through the ACPI CPPC sysfs interface if it is in FFH (Mario Limonciello). - Fix MASK_VAL() usage in the ACPI CPPC library (Clément Léger). - Reduce the log level of a per-CPU message about idle states in the ACPI processor driver (Li RongQing). * acpi-battery: ACPI: battery: use driver core managed async probing ACPI: battery: Remove redundant NULL initalizations ACPI: battery: Use strscpy() instead of strcpy() * acpi-pmic: ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() * acpi-cppc: ACPI: CPPC: Add support for setting EPP register in FFH ACPI: CPPC: Fix MASK_VAL() usage * acpi-processor: ACPI: processor: Reduce the log level of a per-CPU message about idle states commit 4ed63b31dca820323fb73129808ceb0e3cd1a5ea Merge: 45de40574febfb f0121bfe11b384 bb664e50a9e047 eeef9150a174a0 8eea417b574802 Author: Rafael J. Wysocki Date: Wed Sep 11 21:45:36 2024 +0200 Merge branches 'acpi-ec', 'acpi-sysfs', 'acpi-utils' and 'acpi-soc' Merge an ACPI EC driver update, ACPI sysfs interface updates, an ACPI library function update, and an ACPI APD driver update for 6.12-rc1: - Do not release locks during operation region accesses in the ACPI EC driver (Rafael Wysocki). - Fix up the _STR handling in the ACPI device object sysfs interface, make it represent the device object attributes as an attribute group and make it rely on driver core functionality for sysfs attrubute management (Thomas Weißschuh). - Extend error messages printed to the kernel log when acpi_evaluate_dsm() fails to include revision and function number (David Wang). - Add a new AMDI0015 platform device ID to the ACPi APD driver for AMD SoCs (Shyam Sundar S K). * acpi-ec: ACPI: EC: Do not release locks during operation region accesses * acpi-sysfs: ACPI: sysfs: remove return value of acpi_device_setup_files() ACPI: sysfs: manage sysfs attributes through device core ACPI: sysfs: manage attributes as attribute_group ACPI: sysfs: evaluate _STR on each sysfs access ACPI: sysfs: validate return type of _STR method * acpi-utils: ACPI: utils: Add rev/func to message when acpi_evaluate_dsm() fails * acpi-soc: ACPI: APD: Add AMDI0015 as platform device commit 45de40574febfba3e07dd72f680b1d044797e008 Merge: 13f4eb6b538ed9 206dd13a101196 Author: Rafael J. Wysocki Date: Wed Sep 11 21:44:22 2024 +0200 Merge branch 'acpi-riscv' Merge ACPI and irqchip updates related to external interrupt controller support on RISC-V: - Add ACPI device enumeration support for interrupt controller probing including taking dependencies into account (Sunil V L). - Implement ACPI-based interrupt controller probing on RISC-V (Sunil V L). - Add ACPI support for AIA in riscv-intc and add ACPI support to riscv-imsic, riscv-aplic, and sifive-plic (Sunil V L). * acpi-riscv: irqchip/sifive-plic: Add ACPI support irqchip/riscv-aplic: Add ACPI support irqchip/riscv-imsic: Add ACPI support irqchip/riscv-imsic-state: Create separate function for DT irqchip/riscv-intc: Add ACPI support for AIA ACPI: RISC-V: Implement function to add implicit dependencies ACPI: RISC-V: Initialize GSI mapping structures ACPI: RISC-V: Implement function to reorder irqchip probe entries ACPI: RISC-V: Implement PCI related functionality ACPI: pci_link: Clear the dependencies after probe ACPI: bus: Add RINTC IRQ model for RISC-V ACPI: scan: Define weak function to populate dependencies ACPI: scan: Add RISC-V interrupt controllers to honor list ACPI: scan: Refactor dependency creation ACPI: bus: Add acpi_riscv_init() function ACPI: scan: Add a weak arch_sort_irqchip_probe() to order the IRQCHIP probe arm64: PCI: Migrate ACPI related functions to pci-acpi.c commit 13f4eb6b538ed947fe1b26d53dd1bb137ca15b88 Merge: 6924e9b2ac6081 9af32b4a25f59e Author: Rafael J. Wysocki Date: Wed Sep 11 21:42:20 2024 +0200 Merge branch 'acpica' Merge ACPICA updates for 6.12-rc1: - Check return value in acpi_db_convert_to_package() (Pei Xiao). - Detect FACS and allow setting the waking vector on reduced-hardware ACPI platforms (Jiaqing Zhao). - Allow ACPICA to represent semaphores as integers (Adrien Destugues). - Complete CXL 3.0 CXIMS structures support in ACPICA (Zhang Rui). - Make ACPICA support SPCR version 4 and add RISC-V SBI Subtype to DBG2 (Sia Jee Heng). - Implement the Dword_PCC Resource Descriptor Macro in ACPICA (Jose Marinho). - Correct the typo in struct acpi_mpam_msc_node member (Punit Agrawal). - Implement ACPI_WARNING_ONCE() and ACPI_ERROR_ONCE() and use them to prevent a Stall() violation warning from being printed every time this takes place (Vasily Khoruzhick). - Allow PCC Data Type in MCTP resource (Adam Young). - Fix memory leaks on acpi_ps_get_next_namepath() and acpi_ps_get_next_field() failures (Armin Wolf). - Add support for supressing leading zeros in hex strings when converting them to integers and update integer-to-hex-string conversions in ACPICA (Armin Wolf). - Add support for Windows 11 22H2 _OSI string (Armin Wolf). - Avoid warning for Dump Functions in ACPICA (Adam Lackorzynski). - Add extended linear address mode to HMAT MSCIS in ACPICA (Dave Jiang). - Handle empty connection_node in iasl (Aleksandrs Vinarskis). - Allow for more flexibility in _DSM args (Saket Dumbre). - Setup for ACPICA release 20240827 (Saket Dumbre). * acpica: (23 commits) ACPICA: Setup for ACPICA release 20240827 ACPICA: Allow for more flexibility in _DSM args ACPICA: iasl: handle empty connection_node ACPICA: HMAT: Add extended linear address mode to MSCIS ACPICA: Avoid warning for Dump Functions ACPICA: Add support for Windows 11 22H2 _OSI string ACPICA: Update integer-to-hex-string conversions ACPICA: Add support for supressing leading zeros in hex strings ACPICA: Allow for supressing leading zeros when using acpi_ex_convert_to_ascii() ACPICA: Fix memory leak if acpi_ps_get_next_field() fails ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails ACPICA: Allow PCC Data Type in MCTP resource. ACPICA: executer/exsystem: Don't nag user about every Stall() violating the spec ACPICA: Implement ACPI_WARNING_ONCE and ACPI_ERROR_ONCE ACPICA: MPAM: Correct the typo in struct acpi_mpam_msc_node member ACPICA: Implement the Dword_PCC Resource Descriptor Macro ACPICA: Headers: Add RISC-V SBI Subtype to DBG2 ACPICA: SPCR: Update the SPCR table to version 4 ACPICA: Complete CXL 3.0 CXIMS structures ACPICA: haiku: Fix invalid value used for semaphores ... commit de5e89b6654ea0b021a5737e0f55fc6bed625550 Author: Andrew Kreimer Date: Wed Sep 11 21:24:37 2024 +0300 fbdev: omapfb: Fix typo in comment Reported-by: Matthew Wilcox Signed-off-by: Andrew Kreimer Signed-off-by: Helge Deller commit 0746096faca01823021f662282e1f067a69b965b Author: Marc Zyngier Date: Wed Sep 4 09:24:19 2024 +0100 KVM: arm64: Get rid of REG_HIDDEN_USER visibility qualifier Now that REG_HIDDEN_USER has no direct user anymore, remove it entirely and update all users of sysreg_hidden_user() to call sysreg_hidden() instead. Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240904082419.1982402-4-maz@kernel.org Signed-off-by: Marc Zyngier commit 84ed45456cee7e77effea8407f4f32b262f2e2ea Author: Marc Zyngier Date: Wed Sep 4 09:24:18 2024 +0100 KVM: arm64: Simplify visibility handling of AArch32 SPSR_* Since SPSR_* are not associated with any register in the sysreg array, nor do they have .get_user()/.set_user() helpers, they are invisible to userspace with that encoding. Therefore hidden_user_visibility() serves no purpose here, and can be safely removed. Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240904082419.1982402-3-maz@kernel.org Signed-off-by: Marc Zyngier commit 989fce63b2cb5061701c9fa04711d992dfaff5c6 Author: Marc Zyngier Date: Wed Sep 4 09:24:17 2024 +0100 KVM: arm64: Simplify handling of CNTKCTL_EL12 We go trough a great deal of effort to map CNTKCTL_EL12 to CNTKCTL_EL1 while hidding this mapping from userspace via a special visibility helper. However, it would be far simpler to just provide an accessor doing the mapping job, removing the need for a visibility helper. With that done, we can also remove the EL12_REG() macro which serves no purpose. Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240904082419.1982402-2-maz@kernel.org Signed-off-by: Marc Zyngier commit 0b1777f0fa045c561fd26c8fda61f5eb7a930ed3 Merge: 513ed0c7ccc103 bc9057da1a220f Author: Tejun Heo Date: Wed Sep 11 08:43:26 2024 -1000 Merge branch 'tip/sched/core' into sched_ext/for-6.12 Pull in tip/sched/core to resolve two merge conflicts: - 96fd6c65efc6 ("sched: Factor out update_other_load_avgs() from __update_blocked_others()") 5d871a63997f ("sched/fair: Move effective_cpu_util() and effective_cpu_util() in fair.c") A simple context conflict. The former added __update_blocked_others() in the same #ifdef CONFIG_SMP block that effective_cpu_util() and sched_cpu_util() are in and the latter moved those functions to fair.c. This makes __update_blocked_others() more out of place. Will follow up with a patch to relocate. - 96fd6c65efc6 ("sched: Factor out update_other_load_avgs() from __update_blocked_others()") 84d265281d6c ("sched/pelt: Use rq_clock_task() for hw_pressure") The former factored out the body of __update_blocked_others() into update_other_load_avgs(). The latter changed how update_hw_load_avg() is called in the body. Resolved by applying the change to update_other_load_avgs() instead. Signed-off-by: Tejun Heo commit b4722b8593b8815785bbadf87f13c88e89a0ebef Author: Baoquan He Date: Wed Sep 11 13:07:28 2024 +0800 kernel/workqueue.c: fix DEFINE_PER_CPU_SHARED_ALIGNED expansion Make tags always produces below annoying warnings: ctags: Warning: kernel/workqueue.c:470: null expansion of name pattern "\1" ctags: Warning: kernel/workqueue.c:474: null expansion of name pattern "\1" ctags: Warning: kernel/workqueue.c:478: null expansion of name pattern "\1" In commit 25528213fe9f ("tags: Fix DEFINE_PER_CPU expansions"), codes in places have been adjusted including cpu_worker_pools definition. I noticed in commit 4cb1ef64609f ("workqueue: Implement BH workqueues to eventually replace tasklets"), cpu_worker_pools definition was unfolded back. Not sure if it was intentionally done or ignored carelessly. Makes change to mute them specifically. Signed-off-by: Baoquan He Signed-off-by: Tejun Heo commit 4a6921095eb04a900e0000da83d9475eb958e61e Author: Kaixin Wang Date: Wed Sep 11 22:29:52 2024 +0800 fbdev: pxafb: Fix possible use after free in pxafb_task() In the pxafb_probe function, it calls the pxafb_init_fbinfo function, after which &fbi->task is associated with pxafb_task. Moreover, within this pxafb_init_fbinfo function, the pxafb_blank function within the &pxafb_ops struct is capable of scheduling work. If we remove the module which will call pxafb_remove to make cleanup, it will call unregister_framebuffer function which can call do_unregister_framebuffer to free fbi->fb through put_fb_info(fb_info), while the work mentioned above will be used. The sequence of operations that may lead to a UAF bug is as follows: CPU0 CPU1 | pxafb_task pxafb_remove | unregister_framebuffer(info) | do_unregister_framebuffer(fb_info) | put_fb_info(fb_info) | // free fbi->fb | set_ctrlr_state(fbi, state) | __pxafb_lcd_power(fbi, 0) | fbi->lcd_power(on, &fbi->fb.var) | //use fbi->fb Fix it by ensuring that the work is canceled before proceeding with the cleanup in pxafb_remove. Note that only root user can remove the driver at runtime. Signed-off-by: Kaixin Wang Signed-off-by: Helge Deller commit 300a90b2cb5d442879e6398920c49aebbd5c8e40 Author: Song Liu Date: Tue Sep 10 22:55:08 2024 -0700 bpf: lsm: Set bpf_lsm_blob_sizes.lbs_task to 0 bpf task local storage is now using task_struct->bpf_storage, so bpf_lsm_blob_sizes.lbs_task is no longer needed. Remove it to save some memory. Fixes: a10787e6d58c ("bpf: Enable task local storage for tracing programs") Cc: stable@vger.kernel.org Cc: KP Singh Cc: Matt Bobrowski Signed-off-by: Song Liu Acked-by: Matt Bobrowski Link: https://lore.kernel.org/r/20240911055508.9588-1-song@kernel.org Signed-off-by: Alexei Starovoitov commit 2897b1e2a2f44c16e15f8b875b976d9d3f536506 Author: Yonghong Song Date: Mon Sep 9 15:34:31 2024 -0700 selftests/bpf: Fix arena_atomics failure due to llvm change llvm change [1] made a change such that __sync_fetch_and_{and,or,xor}() will generate atomic_fetch_*() insns even if the return value is not used. This is a deliberate choice to make sure barrier semantics are preserved from source code to asm insn. But the change in [1] caused arena_atomics selftest failure. test_arena_atomics:PASS:arena atomics skeleton open 0 nsec libbpf: prog 'and': BPF program load failed: Permission denied libbpf: prog 'and': -- BEGIN PROG LOAD LOG -- arg#0 reference type('UNKNOWN ') size cannot be determined: -22 0: R1=ctx() R10=fp0 ; if (pid != (bpf_get_current_pid_tgid() >> 32)) @ arena_atomics.c:87 0: (18) r1 = 0xffffc90000064000 ; R1_w=map_value(map=arena_at.bss,ks=4,vs=4) 2: (61) r6 = *(u32 *)(r1 +0) ; R1_w=map_value(map=arena_at.bss,ks=4,vs=4) R6_w=scalar(smin=0,smax=umax=0xffffffff,v ar_off=(0x0; 0xffffffff)) 3: (85) call bpf_get_current_pid_tgid#14 ; R0_w=scalar() 4: (77) r0 >>= 32 ; R0_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) 5: (5d) if r0 != r6 goto pc+11 ; R0_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0x) ; __sync_fetch_and_and(&and64_value, 0x011ull << 32); @ arena_atomics.c:91 6: (18) r1 = 0x100000000060 ; R1_w=scalar() 8: (bf) r1 = addr_space_cast(r1, 0, 1) ; R1_w=arena 9: (18) r2 = 0x1100000000 ; R2_w=0x1100000000 11: (db) r2 = atomic64_fetch_and((u64 *)(r1 +0), r2) BPF_ATOMIC stores into R1 arena is not allowed processed 9 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0 -- END PROG LOAD LOG -- libbpf: prog 'and': failed to load: -13 libbpf: failed to load object 'arena_atomics' libbpf: failed to load BPF skeleton 'arena_atomics': -13 test_arena_atomics:FAIL:arena atomics skeleton load unexpected error: -13 (errno 13) #3 arena_atomics:FAIL The reason of the failure is due to [2] where atomic{64,}_fetch_{and,or,xor}() are not allowed by arena addresses. Version 2 of the patch fixed the issue by using inline asm ([3]). But further discussion suggested to find a way from source to generate locked insn which is more user friendly. So in not-merged llvm patch ([4]), if relax memory ordering is used and the return value is not used, locked insn could be generated. So with llvm patch [4] to compile the bpf selftest, the following code __c11_atomic_fetch_and(&and64_value, 0x011ull << 32, memory_order_relaxed); is able to generate locked insn, hence fixing the selftest failure. [1] https://github.com/llvm/llvm-project/pull/106494 [2] d503a04f8bc0 ("bpf: Add support for certain atomics in bpf_arena to x86 JIT") [3] https://lore.kernel.org/bpf/20240803025928.4184433-1-yonghong.song@linux.dev/ [4] https://github.com/llvm/llvm-project/pull/107343 Signed-off-by: Yonghong Song Link: https://lore.kernel.org/r/20240909223431.1666305-1-yonghong.song@linux.dev Signed-off-by: Alexei Starovoitov commit 0a06811d664b8695a7612d3e59c1defb4382f4e0 Merge: 52f1192887f825 c3565a35d97102 339d9d8792aef5 ffa1f26d3ddf64 Author: Rafael J. Wysocki Date: Wed Sep 11 19:02:23 2024 +0200 Merge branches 'pm-sleep', 'pm-opp' and 'pm-tools' Merge updates related to system sleep, operating performance points (OPP) updates, and PM tooling updates for 6.12-rc1: - Remove unused stub for saveable_highmem_page() and remove deprecated macros from power management documentation (Andy Shevchenko). - Use ysfs_emit() and sysfs_emit_at() in "show" functions in the PM sysfs interface (Xueqin Luo). - Update the maintainers information for the operating-points-v2-ti-cpu DT binding (Dhruva Gole). - Drop unnecessary of_match_ptr() from ti-opp-supply (Rob Herring). - Update directory handling and installation process in the pm-graph Makefile and add .gitignore to ignore sleepgraph.py artifacts to pm-graph (Amit Vadhavana, Yo-Jung Lin). - Make cpupower display residency value in idle-info (Aboorva Devarajan). - Add missing powercap_set_enabled() stub function to cpupower (John B. Wyatt IV). - Add SWIG support to cpupower (John B. Wyatt IV). * pm-sleep: PM: hibernate: Remove unused stub for saveable_highmem_page() Documentation: PM: Discourage use of deprecated macros PM: sleep: Use sysfs_emit() and sysfs_emit_at() in "show" functions PM: hibernate: Use sysfs_emit() and sysfs_emit_at() in "show" functions * pm-opp: dt-bindings: opp: operating-points-v2-ti-cpu: Update maintainers opp: ti: Drop unnecessary of_match_ptr() * pm-tools: pm:cpupower: Add error warning when SWIG is not installed MAINTAINERS: Add Maintainers for SWIG Python bindings pm:cpupower: Include test_raw_pylibcpupower.py pm:cpupower: Add SWIG bindings files for libcpupower pm:cpupower: Add missing powercap_set_enabled() stub function pm-graph: Update directory handling and installation process in Makefile pm-graph: Make git ignore sleepgraph.py artifacts tools/cpupower: display residency value in idle-info commit f765274d0c9436bc130911abbd97e52b1648d13c Merge: 58ff04e2e22319 3c217a182018e6 Author: Alexei Starovoitov Date: Wed Sep 11 09:58:31 2024 -0700 Merge branch 'harden-and-extend-elf-build-id-parsing-logic' Andrii Nakryiko says: ==================== Harden and extend ELF build ID parsing logic The goal of this patch set is to extend existing ELF build ID parsing logic, currently mostly used by BPF subsystem, with support for working in sleepable mode in which memory faults are allowed and can be relied upon to fetch relevant parts of ELF file to find and fetch .note.gnu.build-id information. This is useful and important for BPF subsystem itself, but also for PROCMAP_QUERY ioctl(), built atop of /proc//maps functionality (see [0]), which makes use of the same build_id_parse() functionality. PROCMAP_QUERY is always called from sleepable user process context, so it doesn't have to suffer from current restrictions of build_id_parse() which are due to the NMI context assumption. Along the way, we harden the logic to avoid TOCTOU, overflow, out-of-bounds access problems. This is the very first patch, which can be backported to older releases, if necessary. We also lift existing limitations of only working as long as ELF program headers and build ID note section is contained strictly within the very first page of ELF file. We achieve all of the above without duplication of logic between sleepable and non-sleepable modes through freader abstraction that manages underlying folio from page cache (on demand) and gives a simple to use direct memory access interface. With that, single page restrictions and adding sleepable mode support is rather straightforward. We also extend existing set of BPF selftests with a few tests targeting build ID logic across sleepable and non-sleepabe contexts (we utilize sleepable and non-sleepable uprobes for that). [0] https://lore.kernel.org/linux-mm/20240627170900.1672542-4-andrii@kernel.org/ v6->v7: - added filemap_invalidate_{lock,unlock}_shared() around read_cache_folio and kept Eduard's Reviewed-by (Eduard); v5->v6: - use local phnum variable in get_build_id_32() (Jann); - switch memcmp() instead of strcmp() in parse_build_id() (Jann); v4->v5: - pass proper file reference to read_cache_folio() (Shakeel); - fix another potential overflow due to two u32 additions (Andi); - add PageUptodate() check to patch #1 (Jann); v3->v4: - fix few more potential overflow and out-of-bounds access issues (Andi); - use purely folio-based implementation for freader (Matthew); v2->v3: - remove unneeded READ_ONCE()s and force phoff to u64 for 32-bit mode (Andi); - moved hardening fixes to the front for easier backporting (Jann); - call freader_cleanup() from build_id_parse_buf() for consistency (Jiri); v1->v2: - ensure MADV_PAGEOUT works reliably by paging data in first (Shakeel); - to fix BPF CI build optionally define MADV_POPULATE_READ in selftest. ==================== Link: https://lore.kernel.org/r/20240829174232.3133883-1-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit 3c217a182018e6c6d381b3fdc32626275eefbfb0 Author: Andrii Nakryiko Date: Thu Aug 29 10:42:32 2024 -0700 selftests/bpf: add build ID tests Add a new set of tests validating behavior of capturing stack traces with build ID. We extend uprobe_multi target binary with ability to trigger uprobe (so that we can capture stack traces from it), but also we allow to force build ID data to be either resident or non-resident in memory (see also a comment about quirks of MADV_PAGEOUT). That way we can validate that in non-sleepable context we won't get build ID (as expected), but with sleepable uprobes we will get that build ID regardless of it being physically present in memory. Also, we add a small add-on linker script which reorders .note.gnu.build-id section and puts it after (big) .text section, putting build ID data outside of the very first page of ELF file. This will test all the relaxations we did in build ID parsing logic in kernel thanks to freader abstraction. Reviewed-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240829174232.3133883-11-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit d4dd9775ec242425576af93daadb80a34083a53c Author: Andrii Nakryiko Date: Thu Aug 29 10:42:31 2024 -0700 bpf: wire up sleepable bpf_get_stack() and bpf_get_task_stack() helpers Add sleepable implementations of bpf_get_stack() and bpf_get_task_stack() helpers and allow them to be used from sleepable BPF program (e.g., sleepable uprobes). Note, the stack trace IPs capturing itself is not sleepable (that would need to be a separate project), only build ID fetching is sleepable and thus more reliable, as it will wait for data to be paged in, if necessary. For that we make use of sleepable build_id_parse() implementation. Now that build ID related internals in kernel/bpf/stackmap.c can be used both in sleepable and non-sleepable contexts, we need to add additional rcu_read_lock()/rcu_read_unlock() protection around fetching perf_callchain_entry, but with the refactoring in previous commit it's now pretty straightforward. We make sure to do rcu_read_unlock (in sleepable mode only) right before stack_map_get_build_id_offset() call which can sleep. By that time we don't have any more use of perf_callchain_entry. Note, bpf_get_task_stack() will fail for user mode if task != current. And for kernel mode build ID are irrelevant. So in that sense adding sleepable bpf_get_task_stack() implementation is a no-op. It feel right to wire this up for symmetry and completeness, but I'm open to just dropping it until we support `user && crosstask` condition. Reviewed-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240829174232.3133883-10-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit 4f4c4fc0153fb11ac40b16c24a24543dc9689d8c Author: Andrii Nakryiko Date: Thu Aug 29 10:42:30 2024 -0700 bpf: decouple stack_map_get_build_id_offset() from perf_callchain_entry Change stack_map_get_build_id_offset() which is used to convert stack trace IP addresses into build ID+offset pairs. Right now this function accepts an array of u64s as an input, and uses array of struct bpf_stack_build_id as an output. This is problematic because u64 array is coming from perf_callchain_entry, which is (non-sleepable) RCU protected, so once we allows sleepable build ID fetching, this all breaks down. But its actually pretty easy to make stack_map_get_build_id_offset() works with array of struct bpf_stack_build_id as both input and output. Which is what this patch is doing, eliminating the dependency on perf_callchain_entry. We require caller to fill out bpf_stack_build_id.ip fields (all other can be left uninitialized), and update in place as we do build ID resolution. We make sure to READ_ONCE() and cache locally current IP value as we used it in a few places to find matching VMA and so on. Given this data is directly accessible and modifiable by user's BPF code, we should make sure to have a consistent view of it. Reviewed-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240829174232.3133883-9-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit cdbb44f9a74fe7d01090ae492672e89cf7d83ce5 Author: Andrii Nakryiko Date: Thu Aug 29 10:42:29 2024 -0700 lib/buildid: don't limit .note.gnu.build-id to the first page in ELF With freader we don't need to restrict ourselves to a single page, so let's allow ELF notes to be at any valid position with the file. We also merge parse_build_id() and parse_build_id_buf() as now the only difference between them is note offset overflow, which makes sense to check in all situations. Reviewed-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240829174232.3133883-8-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit ad41251c290dfe3c01472c94d2439a59de23fe97 Author: Andrii Nakryiko Date: Thu Aug 29 10:42:28 2024 -0700 lib/buildid: implement sleepable build_id_parse() API Extend freader with a flag specifying whether it's OK to cause page fault to fetch file data that is not already physically present in memory. With this, it's now easy to wait for data if the caller is running in sleepable (faultable) context. We utilize read_cache_folio() to bring the desired folio into page cache, after which the rest of the logic works just the same at folio level. Suggested-by: Omar Sandoval Cc: Shakeel Butt Cc: Johannes Weiner Reviewed-by: Eduard Zingerman Reviewed-by: Shakeel Butt Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240829174232.3133883-7-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit 45b8fc3096542a53bfd245a9ad8ef870384b4897 Author: Andrii Nakryiko Date: Thu Aug 29 10:42:27 2024 -0700 lib/buildid: rename build_id_parse() into build_id_parse_nofault() Make it clear that build_id_parse() assumes that it can take no page fault by renaming it and current few users to build_id_parse_nofault(). Also add build_id_parse() stub which for now falls back to non-sleepable implementation, but will be changed in subsequent patches to take advantage of sleepable context. PROCMAP_QUERY ioctl() on /proc//maps file is using build_id_parse() and will automatically take advantage of more reliable sleepable context implementation. Reviewed-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240829174232.3133883-6-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit 4e9d360c4cdf2dc11a30fd5caf39e8c31f0896cb Author: Andrii Nakryiko Date: Thu Aug 29 10:42:26 2024 -0700 lib/buildid: remove single-page limit for PHDR search Now that freader allows to access multiple pages transparently, there is no need to limit program headers to the very first ELF file page. Remove this limitation, but still put some sane limit on amount of program headers that we are willing to iterate over (set arbitrarily to 256). Reviewed-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240829174232.3133883-5-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit d4deb82423416e3ace7889816eea630af81fe702 Author: Andrii Nakryiko Date: Thu Aug 29 10:42:25 2024 -0700 lib/buildid: take into account e_phoff when fetching program headers Current code assumption is that program (segment) headers are following ELF header immediately. This is a common case, but is not guaranteed. So take into account e_phoff field of the ELF header when accessing program headers. Reviewed-by: Eduard Zingerman Reported-by: Alexey Dobriyan Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240829174232.3133883-4-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit de3ec364c3c37971dbba1e37a55ae5b646c6f24e Author: Andrii Nakryiko Date: Thu Aug 29 10:42:24 2024 -0700 lib/buildid: add single folio-based file reader abstraction Add freader abstraction that transparently manages fetching and local mapping of the underlying file page(s) and provides a simple direct data access interface. freader_fetch() is the only and single interface necessary. It accepts file offset and desired number of bytes that should be accessed, and will return a kernel mapped pointer that caller can use to dereference data up to requested size. Requested size can't be bigger than the size of the extra buffer provided during initialization (because, worst case, all requested data has to be copied into it, so it's better to flag wrongly sized buffer unconditionally, regardless if requested data range is crossing page boundaries or not). If folio is not paged in, or some of the conditions are not satisfied, NULL is returned and more detailed error code can be accessed through freader->err field. This approach makes the usage of freader_fetch() cleaner. To accommodate accessing file data that crosses folio boundaries, user has to provide an extra buffer that will be used to make a local copy, if necessary. This is done to maintain a simple linear pointer data access interface. We switch existing build ID parsing logic to it, without changing or lifting any of the existing constraints, yet. This will be done separately. Given existing code was written with the assumption that it's always working with a single (first) page of the underlying ELF file, logic passes direct pointers around, which doesn't really work well with freader approach and would be limiting when removing the single page (folio) limitation. So we adjust all the logic to work in terms of file offsets. There is also a memory buffer-based version (freader_init_from_mem()) for cases when desired data is already available in kernel memory. This is used for parsing vmlinux's own build ID note. In this mode assumption is that provided data starts at "file offset" zero, which works great when parsing ELF notes sections, as all the parsing logic is relative to note section's start. Reviewed-by: Eduard Zingerman Reviewed-by: Shakeel Butt Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240829174232.3133883-3-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit 905415ff3ffb1d7e5afa62bacabd79776bd24606 Author: Andrii Nakryiko Date: Thu Aug 29 10:42:23 2024 -0700 lib/buildid: harden build ID parsing logic Harden build ID parsing logic, adding explicit READ_ONCE() where it's important to have a consistent value read and validated just once. Also, as pointed out by Andi Kleen, we need to make sure that entire ELF note is within a page bounds, so move the overflow check up and add an extra note_size boundaries validation. Fixes tag below points to the code that moved this code into lib/buildid.c, and then subsequently was used in perf subsystem, making this code exposed to perf_event_open() users in v5.12+. Cc: stable@vger.kernel.org Reviewed-by: Eduard Zingerman Reviewed-by: Jann Horn Suggested-by: Andi Kleen Fixes: bd7525dacd7e ("bpf: Move stack_map_get_build_id into lib") Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240829174232.3133883-2-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit 52f1192887f825bd29c1e72303d9e62f8382ba20 Merge: 415dff1c96cc55 6baacf9391c03f 6b08b4ee5e60d8 Author: Rafael J. Wysocki Date: Wed Sep 11 18:50:02 2024 +0200 Merge branches 'pm-cpuidle' and 'pm-powercap' Merge cpuidle updates and power capping updates for 6.12-rc1: - Add Granite Rapids Xeon support to intel_idle (Artem Bityutskiy). - Disable promotion to C1E on Jasper Lake and Elkhart Lake in intel_idle (Kai-Heng Feng). - Use scoped device node handling to fix missing of_node_put() and simplify walking OF children in the riscv-sbi cpuidle driver (Krzysztof Kozlowski). - Remove dead code from cpuidle_enter_state() (Dhruva Gole). - Change an error pointer to NULL to fix error handling in the intel_rapl power capping driver (Dan Carpenter). - Fix off by one in get_rpi() in the intel_rapl power capping driver (Dan Carpenter). - Add support for ArrowLake-U to the intel_rapl power capping driver (Sumeet Pawnikar). - Fix the energy-pkg event for AMD CPUs in the intel_rapl power capping driver (Dhananjay Ugwekar). - Add support for AMD family 1Ah processors to the intel_rapl power capping driver (Dhananjay Ugwekar). * pm-cpuidle: cpuidle: remove dead code from cpuidle_enter_state() cpuidle: riscv-sbi: Simplify with scoped for each OF child loop cpuidle: riscv-sbi: Use scoped device node handling to fix missing of_node_put intel_idle: Disable promotion to C1E on Jasper Lake and Elkhart Lake intel_idle: add Granite Rapids Xeon support * pm-powercap: powercap: intel_rapl: Change an error pointer to NULL powercap: intel_rapl: Fix off by one in get_rpi() powercap: intel_rapl: Add support for ArrowLake-U platform powercap/intel_rapl: Fix the energy-pkg event for AMD CPUs powercap/intel_rapl: Add support for AMD family 1Ah commit 50c52250e2d74b098465841163c18f4b4e9ad430 Author: Pavel Begunkov Date: Wed Sep 11 17:34:41 2024 +0100 block: implement async io_uring discard cmd io_uring allows implementing custom file specific asynchronous operations via the fops->uring_cmd callback, a.k.a. IORING_OP_URING_CMD requests or just io_uring commands. Use it to add support for async discards. Normally, it first tries to queue up bios in a non-blocking context, and if that fails, we'd retry from a blocking context by returning -EAGAIN to the core io_uring. We always get the result from bios asynchronously by setting a custom bi_end_io callback, at which point we drag the request into the task context to either reissue or complete it and post a completion to the user. Unlike ioctl(BLKDISCARD) with stronger guarantees against races, we only do a best effort attempt to invalidate page cache, and it can race with any writes and reads and leave page cache stale. It's the same kind of races we allow to direct writes. Also, apart from cases where discarding is not allowed at all, e.g. discards are not supported or the file/device is read only, the user should assume that the sector range on disk is not valid anymore, even when an error was returned to the user. Suggested-by: Conrad Meyer Signed-off-by: Pavel Begunkov Link: https://lore.kernel.org/r/2b5210443e4fa0257934f73dfafcc18a77cd0e09.1726072086.git.asml.silence@gmail.com Signed-off-by: Jens Axboe commit 7a07210bbcb35c0075830bb94b5321978164cb60 Author: Pavel Begunkov Date: Wed Sep 11 17:34:40 2024 +0100 block: introduce blk_validate_byte_range() In preparation to further changes extract a helper function out of blk_ioctl_discard() that validates if we can do IO against the given range of disk byte addresses. Signed-off-by: Pavel Begunkov Link: https://lore.kernel.org/r/19a7779323c71e742a2f511e4cf49efcfd68cfd4.1726072086.git.asml.silence@gmail.com Signed-off-by: Jens Axboe commit a12c883a0a6a005cfb3ad01feaf783e2248bfc3e Author: Pavel Begunkov Date: Wed Sep 11 17:34:39 2024 +0100 filemap: introduce filemap_invalidate_pages kiocb_invalidate_pages() is useful for the write path, however not everything is backed by kiocb and we want to reuse the function for bio based discard implementation. Extract and and reuse a new helper called filemap_invalidate_pages(), which takes a argument indicating whether it should be non-blocking and might return -EAGAIN. Signed-off-by: Pavel Begunkov Link: https://lore.kernel.org/r/f81374b52c92d0dce0f01a279d1eed42b54056aa.1726072086.git.asml.silence@gmail.com Signed-off-by: Jens Axboe commit a6ccb48e13662bcb98282e051512b9686b02d353 Author: Pavel Begunkov Date: Wed Sep 11 17:34:38 2024 +0100 io_uring/cmd: give inline space in request to cmds Some io_uring commands can use some inline space in io_kiocb. We have 32 bytes in struct io_uring_cmd, expose it. Signed-off-by: Pavel Begunkov Link: https://lore.kernel.org/r/7ca779a61ee5e166e535d70df9c7f07b15d8a0ce.1726072086.git.asml.silence@gmail.com Signed-off-by: Jens Axboe commit 6746ee4c3a189f8b60694f01e7e29bc5ff7972e0 Author: Pavel Begunkov Date: Wed Sep 11 17:34:37 2024 +0100 io_uring/cmd: expose iowq to cmds When an io_uring request needs blocking context we offload it to the io_uring's thread pool called io-wq. We can get there off ->uring_cmd by returning -EAGAIN, but there is no straightforward way of doing that from an asynchronous callback. Add a helper that would transfer a command to a blocking context. Note, we do an extra hop via task_work before io_queue_iowq(), that's a limitation of io_uring infra we have that can likely be lifted later if that would ever become a problem. Signed-off-by: Pavel Begunkov Link: https://lore.kernel.org/r/f735f807d7c8ba50c9452c69dfe5d3e9e535037b.1726072086.git.asml.silence@gmail.com Signed-off-by: Jens Axboe commit 6d0f8dcb3a634bbee46fcb028c5984c463f47812 Merge: 318ad4283a6efe 84eacf177faa60 Author: Jens Axboe Date: Wed Sep 11 10:42:40 2024 -0600 Merge branch 'for-6.12/io_uring' into for-6.12/io_uring-discard * for-6.12/io_uring: (31 commits) io_uring/io-wq: inherit cpuset of cgroup in io worker io_uring/io-wq: do not allow pinning outside of cpuset io_uring/rw: drop -EOPNOTSUPP check in __io_complete_rw_common() io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN io_uring/sqpoll: do not allow pinning outside of cpuset io_uring/eventfd: move refs to refcount_t io_uring: remove unused rsrc_put_fn io_uring: add new line after variable declaration io_uring: add GCOV_PROFILE_URING Kconfig option io_uring/kbuf: add support for incremental buffer consumption io_uring/kbuf: pass in 'len' argument for buffer commit Revert "io_uring: Require zeroed sqe->len on provided-buffers send" io_uring/kbuf: move io_ring_head_to_buf() to kbuf.h io_uring/kbuf: add io_kbuf_commit() helper io_uring/kbuf: shrink nr_iovs/mode in struct buf_sel_arg io_uring: wire up min batch wake timeout io_uring: add support for batch wait timeout io_uring: implement our own schedule timeout handling io_uring: move schedule wait logic into helper io_uring: encapsulate extraneous wait flags into a separate struct ... commit 318ad4283a6efea8ce5ec2b3c65b6cb19df6b07e Merge: bc83b4d1f08695 eb1d46fcd5d672 Author: Jens Axboe Date: Wed Sep 11 10:42:37 2024 -0600 Merge branch 'for-6.12/block' into for-6.12/io_uring-discard * for-6.12/block: (115 commits) block: unpin user pages belonging to a folio at once mm: release number of pages of a folio block: introduce folio awareness and add a bigger size from folio block: Added folio-ized version of bio_add_hw_page() block, bfq: factor out a helper to split bfqq in bfq_init_rq() block, bfq: remove local variable 'bfqq_already_existing' in bfq_init_rq() block, bfq: remove local variable 'split' in bfq_init_rq() block, bfq: remove bfq_log_bfqg() block, bfq: merge bfq_release_process_ref() into bfq_put_cooperator() block, bfq: fix procress reference leakage for bfqq in merge chain block, bfq: fix uaf for accessing waker_bfqq after splitting blk-throttle: support prioritized processing of metadata blk-throttle: remove last_low_overflow_time drbd: Add NULL check for net_conf to prevent dereference in state validation blk-mq: add missing unplug trace event mtip32xx: Remove redundant null pointer checks in mtip_hw_debugfs_init() md: Add new_level sysfs interface zram: Shrink zram_table_entry::flags. zram: Remove ZRAM_LOCK zram: Replace bit spinlocks with a spinlock_t. ... commit 415dff1c96cc553b52e13685495fef5d66c875f7 Merge: 83710aaff08a5b 9bcf30348f3276 Author: Rafael J. Wysocki Date: Wed Sep 11 18:25:54 2024 +0200 Merge branch 'pm-cpufreq' Merge cpufreq updates for 6.12-rc1: - Remove LATENCY_MULTIPLIER from cpufreq (Qais Yousef). - Add support for Granite Rapids and Sierra Forest in OOB mode to the intel_pstate cpufreq driver (Srinivas Pandruvada). - Add basic support for CPU capacity scaling on x86 and make the intel_pstate driver set asymmetric CPU capacity on hybrid systems without SMT (Rafael Wysocki). - Add missing MODULE_DESCRIPTION() macros to the powerpc cpufreq driver (Jeff Johnson). - Several OF related cleanups in cpufreq drivers (Rob Herring). - Enable COMPILE_TEST for ARM drivers (Rob Herrring). - Introduce quirks for syscon failures and use socinfo to get revision for TI cpufreq driver (Dhruva Gole, Nishanth Menon). - Minor cleanups in amd-pstate driver (Anastasia Belova, Dhananjay Ugwekar). - Minor cleanups for loongson, cpufreq-dt and powernv cpufreq drivers (Danila Tikhonov, Huacai Chen, and Liu Jing). - Make amd-pstate validate return of any attempt to update EPP limits, which fixes the masking hardware problems (Mario Limonciello). - Move the calculation of the AMD boost numerator outside of amd-pstate, correcting acpi-cpufreq on systems with preferred cores (Mario Limonciello). - Harden preferred core detection in amd-pstate to avoid potential false positives (Mario Limonciello). - Add extra unit test coverage for mode state machine (Mario Limonciello). - Fix an "Uninitialized variables" issue in amd-pstste (Qianqiang Liu). * pm-cpufreq: (35 commits) cpufreq/amd-pstate-ut: Fix an "Uninitialized variables" issue cpufreq/amd-pstate-ut: Add test case for mode switches cpufreq/amd-pstate: Export symbols for changing modes amd-pstate: Add missing documentation for `amd_pstate_prefcore_ranking` cpufreq: amd-pstate: Add documentation for `amd_pstate_hw_prefcore` cpufreq: amd-pstate: Optimize amd_pstate_update_limits() cpufreq: amd-pstate: Merge amd_pstate_highest_perf_set() into amd_get_boost_ratio_numerator() x86/amd: Detect preferred cores in amd_get_boost_ratio_numerator() x86/amd: Move amd_get_highest_perf() out of amd-pstate ACPI: CPPC: Adjust debug messages in amd_set_max_freq_ratio() to warn ACPI: CPPC: Drop check for non zero perf ratio x86/amd: Rename amd_get_highest_perf() to amd_get_boost_ratio_numerator() ACPI: CPPC: Adjust return code for inline functions in !CONFIG_ACPI_CPPC_LIB x86/amd: Move amd_get_highest_perf() from amd.c to cppc.c cpufreq/amd-pstate: Catch failures for amd_pstate_epp_update_limit() cpufreq: ti-cpufreq: Use socinfo to get revision in AM62 family cpufreq: Fix the cacography in powernv-cpufreq.c cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately cpufreq: loongson3: Use raw_smp_processor_id() in do_service_request() cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value ... commit 75d7ff9aa0ae1a8d1b3f9c8c87dde3a4fbe9a2cf Author: Vincent Donnefort Date: Tue Sep 10 17:23:35 2024 +0100 selftests/ring-buffer: Handle meta-page bigger than the system Handle the case where the meta-page content is bigger than the system page-size. This prepares the ground for extending features covered by the meta-page. Cc: Shuah Khan Cc: linux-kselftest@vger.kernel.org Link: https://lore.kernel.org/20240910162335.2993310-3-vdonnefort@google.com Acked-by: Shuah Khan Signed-off-by: Vincent Donnefort Signed-off-by: Steven Rostedt (Google) commit 21ff365b5c88c0bf8447989aadb5d8fe401c9cfc Author: Vincent Donnefort Date: Tue Sep 10 17:23:34 2024 +0100 selftests/ring-buffer: Verify the entire meta-page padding Improve the ring-buffer meta-page test coverage by checking for the entire padding region to be 0 instead of just looking at the first 4 bytes. Cc: linux-kselftest@vger.kernel.org Link: https://lore.kernel.org/20240910162335.2993310-2-vdonnefort@google.com Acked-by: Shuah Khan Signed-off-by: Vincent Donnefort Signed-off-by: Steven Rostedt (Google) commit 9bcf30348f327658c93894fca6392e147f4383a5 Merge: 6af3aab6c7cfdd 93497752dfed19 Author: Rafael J. Wysocki Date: Wed Sep 11 18:22:23 2024 +0200 Merge tag 'amd-pstate-v6.12-2024-09-11' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/superm1/linux Merge the second round of amd-pstate changes for 6.12 from Mario Limonciello: "* Move the calculation of the AMD boost numerator outside of amd-pstate, correcting acpi-cpufreq on systems with preferred cores * Harden preferred core detection to avoid potential false positives * Add extra unit test coverage for mode state machine" * tag 'amd-pstate-v6.12-2024-09-11' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/superm1/linux: cpufreq/amd-pstate-ut: Fix an "Uninitialized variables" issue cpufreq/amd-pstate-ut: Add test case for mode switches cpufreq/amd-pstate: Export symbols for changing modes amd-pstate: Add missing documentation for `amd_pstate_prefcore_ranking` cpufreq: amd-pstate: Add documentation for `amd_pstate_hw_prefcore` cpufreq: amd-pstate: Optimize amd_pstate_update_limits() cpufreq: amd-pstate: Merge amd_pstate_highest_perf_set() into amd_get_boost_ratio_numerator() x86/amd: Detect preferred cores in amd_get_boost_ratio_numerator() x86/amd: Move amd_get_highest_perf() out of amd-pstate ACPI: CPPC: Adjust debug messages in amd_set_max_freq_ratio() to warn ACPI: CPPC: Drop check for non zero perf ratio x86/amd: Rename amd_get_highest_perf() to amd_get_boost_ratio_numerator() ACPI: CPPC: Adjust return code for inline functions in !CONFIG_ACPI_CPPC_LIB x86/amd: Move amd_get_highest_perf() from amd.c to cppc.c commit edf3ce0ed38e2d04a817984e4ea7f05b18102926 Author: Kan Liang Date: Mon Sep 9 11:42:00 2024 -0700 perf env: Find correct branch counter info on hybrid No event is printed in the "Branch Counter" column on hybrid machines. For example, $ perf record -e "{cpu_core/branch-instructions/pp,cpu_core/branches/}:S" -j any,counter $ perf report --total-cycles # Branch counter abbr list: # cpu_core/branch-instructions/pp = A # cpu_core/branches/ = B # '-' No event occurs # '+' Event occurrences may be lost due to branch counter saturated # # Sampled Cycles% Sampled Cycles Avg Cycles% Avg Cycles Branch Counter # ............... .............. ........... .......... .............. 44.54% 727.1K 0.00% 1 |+ |+ | 36.31% 592.7K 0.00% 2 |+ |+ | 17.83% 291.1K 0.00% 1 |+ |+ | The branch counter information (br_cntr_width and br_cntr_nr) in the perf_env is retrieved from the CPU_PMU_CAPS. However, the CPU_PMU_CAPS is not available on hybrid machines. Without the width information, the number of occurrences of an event cannot be calculated. For a hybrid machine, the caps information should be retrieved from the PMU_CAPS, and stored in the perf_env->pmu_caps. Add a perf_env__find_br_cntr_info() to return the correct branch counter information from the corresponding fields. Committer notes: While testing I couldn't s ee those "Branch counter" columns enabled by pressing 'B' on the TUI, after reporting it to the list Kan explained the situation: For a hybrid client, the "Branch Counter" feature is only supported starting from the just released Lunar Lake. Perf falls back to only "ANY" on your Raptor Lake. The "The branch counter is not available" message is expected. Here is the 'perf evlist' result from my Lunar Lake machine, # perf evlist -v cpu_core/branch-instructions/pp: type: 4 (cpu_core), size: 136, config: 0xc4 (branch-instructions), { sample_period, sample_freq }: 4000, sample_type: IP|TID|TIME|READ|PERIOD|BRANCH_STACK|IDENTIFIER, read_format: ID|GROUP|LOST, disabled: 1, freq: 1, enable_on_exec: 1, precise_ip: 2, sample_id_all: 1, exclude_guest: 1, branch_sample_type: ANY|COUNTERS # Fixes: 6f9d8d1de2c61288 ("perf script: Add branch counters") Reviewed-by: Ian Rogers Signed-off-by: Kan Liang Cc: Adrian Hunter Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240909184201.553519-1-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 9953807c9e016759c86ec0d0ab6bfe223e19f0ba Author: Kan Liang Date: Sun Sep 8 13:28:47 2024 -0700 perf evlist: Print hint for group An event group is a critical relationship. There is a -g option that can display the relationship. But it's hard for a user to know when should this option be applied. If there is an event group in the perf record, print a hint to suggest the user apply the -g to display the group information. With the patch, $ perf record -e "{cycles,instructions},instructions" sleep 1 [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.024 MB perf.data (4 samples) ] $ $ perf evlist cycles instructions instructions # Tip: use 'perf evlist -g' to show group information $ perf evlist -g {cycles,instructions} instructions $ Committer testing: So for a perf.data file _with_ a group: root@number:~# perf evlist -g {cpu_core/branch-instructions/pp,cpu_core/branches/} dummy:u root@number:~# perf evlist cpu_core/branch-instructions/pp cpu_core/branches/ dummy:u # Tip: use 'perf evlist -g' to show group information root@number:~# Then for something _without_ a group, no hint: root@number:~# perf record ls [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.035 MB perf.data (7 samples) ] root@number:~# perf evlist cpu_atom/cycles/P cpu_core/cycles/P dummy:u root@number:~# No suggestion, good. Suggested-by: Arnaldo Carvalho de Melo Reviewed-by: Ian Rogers Signed-off-by: Kan Liang Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Jiri Olsa Cc: Namhyung Kim Closes: https://lore.kernel.org/lkml/ZttgvduaKsVn1r4p@x1/ Link: https://lore.kernel.org/r/20240908202847.176280-1-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit eb9b9a6f5ab35db7a431184456fe410b792be03f Author: Sam James Date: Sun Sep 8 19:46:41 2024 +0100 tools: Drop nonsensical -O6 -O6 is very much not-a-thing. Really, this should've been dropped entirely in 49b3cd306e60b9d8 ("tools: Set the maximum optimization level according to the compiler being used") instead of just passing it for not-Clang. Just collapse it down to -O3, instead of "-O6 unless Clang, in which case -O3". GCC interprets > -O3 as -O3. It doesn't even interpret > -O3 as -Ofast, which is a good thing, given -Ofast has specific (non-)requirements for code built using it. So, this does nothing except look a bit daft. Remove the silliness and also save a few lines in the Makefiles accordingly. Reviewed-by: Ian Rogers Reviewed-by: Jesper Juhl Signed-off-by: Sam James Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Bill Wendling Cc: Ingo Molnar Cc: Jiri Olsa Cc: Justin Stitt Cc: Kan Liang Cc: Mark Rutland Cc: Nathan Chancellor Cc: Nick Desaulniers Cc: Peter Zijlstra Cc: llvm@lists.linux.dev Link: https://lore.kernel.org/r/4f01524fa4ea91c7146a41e26ceaf9dae4c127e4.1725821201.git.sam@gentoo.org Signed-off-by: Arnaldo Carvalho de Melo commit fdfd9d82a43a7a50b9d0989a0440d12a3d68ea15 Merge: 23dc9867329c72 83dff601715bdc Author: Martin KaFai Lau Date: Wed Sep 11 08:48:50 2024 -0700 Merge branch 'bpf: Allow skb dynptr for tp_btf' Philo Lu says: ==================== This makes bpf_dynptr_from_skb usable for tp_btf, so that we can easily parse skb in tracepoints. This has been discussed in [0], and Martin suggested to use dynptr (instead of helpers like bpf_skb_load_bytes). For safety, skb dynptr shouldn't be used in fentry/fexit. This is achieved by add KF_TRUSTED_ARGS flag in bpf_dynptr_from_skb defination, because pointers passed by tracepoint are trusted (PTR_TRUSTED) while those of fentry/fexit are not. Another problem raises that NULL pointers could be passed to tracepoint, such as trace_tcp_send_reset, and we need to recognize them. This is done by add a "__nullable" suffix in the func_proto of the tracepoint, discussed in [1]. 2 Test cases are added, one for "__nullable" suffix, and the other for using skb dynptr in tp_btf. changelog v2 -> v3 (Andrii Nakryiko): Patch 1: - Remove prog type check in prog_arg_maybe_null() - Add bpf_put_raw_tracepoint() after get() - Use kallsyms_lookup() instead of sprintf("%ps") Patch 2: Add separate test "tp_btf_nullable", and use full failure msg v1 -> v2: - Add "__nullable" suffix support (Alexei Starovoitov) - Replace "struct __sk_buff*" with "void*" in test (Martin KaFai Lau) [0] https://lore.kernel.org/all/20240205121038.41344-1-lulie@linux.alibaba.com/T/ [1] https://lore.kernel.org/all/20240430121805.104618-1-lulie@linux.alibaba.com/T/ ==================== Signed-off-by: Martin KaFai Lau commit 83dff601715bdc086dc1fc470ee3aaff42215e65 Author: Philo Lu Date: Wed Sep 11 11:37:19 2024 +0800 selftests/bpf: Expand skb dynptr selftests for tp_btf Add 3 test cases for skb dynptr used in tp_btf: - test_dynptr_skb_tp_btf: use skb dynptr in tp_btf and make sure it is read-only. - skb_invalid_ctx_fentry/skb_invalid_ctx_fexit: bpf_dynptr_from_skb should fail in fentry/fexit. In test_dynptr_skb_tp_btf, to trigger the tracepoint in kfree_skb, test_pkt_access is used for its test_run, as in kfree_skb.c. Because the test process is different from others, a new setup type is defined, i.e., SETUP_SKB_PROG_TP. The result is like: $ ./test_progs -t 'dynptr/test_dynptr_skb_tp_btf' #84/14 dynptr/test_dynptr_skb_tp_btf:OK #84 dynptr:OK #127 kfunc_dynptr_param:OK Summary: 2/1 PASSED, 0 SKIPPED, 0 FAILED $ ./test_progs -t 'dynptr/skb_invalid_ctx_f' #84/85 dynptr/skb_invalid_ctx_fentry:OK #84/86 dynptr/skb_invalid_ctx_fexit:OK #84 dynptr:OK #127 kfunc_dynptr_param:OK Summary: 2/2 PASSED, 0 SKIPPED, 0 FAILED Also fix two coding style nits (change spaces to tabs). Signed-off-by: Philo Lu Link: https://lore.kernel.org/r/20240911033719.91468-6-lulie@linux.alibaba.com Signed-off-by: Martin KaFai Lau commit ffc83860d8c09705d8e83474b8c6ec4d1d3dca41 Author: Philo Lu Date: Wed Sep 11 11:37:18 2024 +0800 bpf: Allow bpf_dynptr_from_skb() for tp_btf Making tp_btf able to use bpf_dynptr_from_skb(), which is useful for skb parsing, especially for non-linear paged skb data. This is achieved by adding KF_TRUSTED_ARGS flag to bpf_dynptr_from_skb and registering it for TRACING progs. With KF_TRUSTED_ARGS, args from fentry/fexit are excluded, so that unsafe progs like fexit/__kfree_skb are not allowed. We also need the skb dynptr to be read-only in tp_btf. Because may_access_direct_pkt_data() returns false by default when checking bpf_dynptr_from_skb, there is no need to add BPF_PROG_TYPE_TRACING to it explicitly. Suggested-by: Martin KaFai Lau Signed-off-by: Philo Lu Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240911033719.91468-5-lulie@linux.alibaba.com Signed-off-by: Martin KaFai Lau commit edd3f6f7588c713477e1299c38c84dcd91a7f148 Author: Philo Lu Date: Wed Sep 11 11:37:17 2024 +0800 tcp: Use skb__nullable in trace_tcp_send_reset Replace skb with skb__nullable as the argument name. The suffix tells bpf verifier through btf that the arg could be NULL and should be checked in tp_btf prog. For now, this is the only nullable argument in tcp tracepoints. Signed-off-by: Philo Lu Acked-by: Jakub Kicinski Link: https://lore.kernel.org/r/20240911033719.91468-4-lulie@linux.alibaba.com Signed-off-by: Martin KaFai Lau commit 2060f07f861a237345922023e9347a204c0795af Author: Philo Lu Date: Wed Sep 11 11:37:16 2024 +0800 selftests/bpf: Add test for __nullable suffix in tp_btf Add a tracepoint with __nullable suffix in bpf_testmod, and add cases for it: $ ./test_progs -t "tp_btf_nullable" #406/1 tp_btf_nullable/handle_tp_btf_nullable_bare1:OK #406/2 tp_btf_nullable/handle_tp_btf_nullable_bare2:OK #406 tp_btf_nullable:OK Summary: 1/2 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Philo Lu Link: https://lore.kernel.org/r/20240911033719.91468-3-lulie@linux.alibaba.com Signed-off-by: Martin KaFai Lau commit 8aeaed21befc90f27f4fca6dd190850d97d2e9e3 Author: Philo Lu Date: Wed Sep 11 11:37:15 2024 +0800 bpf: Support __nullable argument suffix for tp_btf Pointers passed to tp_btf were trusted to be valid, but some tracepoints do take NULL pointer as input, such as trace_tcp_send_reset(). Then the invalid memory access cannot be detected by verifier. This patch fix it by add a suffix "__nullable" to the unreliable argument. The suffix is shown in btf, and PTR_MAYBE_NULL will be added to nullable arguments. Then users must check the pointer before use it. A problem here is that we use "btf_trace_##call" to search func_proto. As it is a typedef, argument names as well as the suffix are not recorded. To solve this, I use bpf_raw_event_map to find "__bpf_trace##template" from "btf_trace_##call", and then we can see the suffix. Suggested-by: Alexei Starovoitov Signed-off-by: Philo Lu Link: https://lore.kernel.org/r/20240911033719.91468-2-lulie@linux.alibaba.com Signed-off-by: Martin KaFai Lau commit 93701d3b84ac5f3ea07259d4ced405c53d757985 Author: Tommy Huang Date: Wed Sep 11 17:39:51 2024 +0800 i2c: aspeed: Update the stop sw state when the bus recovery occurs When the i2c bus recovery occurs, driver will send i2c stop command in the scl low condition. In this case the sw state will still keep original situation. Under multi-master usage, i2c bus recovery will be called when i2c transfer timeout occurs. Update the stop command calling with aspeed_i2c_do_stop function to update master_state. Fixes: f327c686d3ba ("i2c: aspeed: added driver for Aspeed I2C") Cc: stable@vger.kernel.org # v4.13+ Signed-off-by: Tommy Huang Signed-off-by: Andi Shyti commit 93497752dfed196b41d2804503e80b9a04318adb Author: Qianqiang Liu Date: Wed Sep 11 07:39:24 2024 +0800 cpufreq/amd-pstate-ut: Fix an "Uninitialized variables" issue Using uninitialized value "mode2" when calling "amd_pstate_get_mode_string". Set "mode2" to "AMD_PSTATE_DISABLE" by default. Signed-off-by: Qianqiang Liu Link: https://lore.kernel.org/r/20240910233923.46470-1-qianqiang.liu@163.com Acked-by: Mario Limonciello Signed-off-by: Mario Limonciello commit a0474b8d5974e142461ac7584c996feea167bcc1 Author: zhang jiao Date: Wed Sep 11 12:42:30 2024 +0800 selftests: kselftest: Use strerror() on nolibc Nolibc gained an implementation of strerror() recently. Use it and drop the ifndef. Signed-off-by: zhang jiao Acked-by: Thomas Weißschuh Signed-off-by: Shuah Khan commit 3e39e68dfbb6d4fe8c1943003d2f2a6f3255c902 Author: Mario Limonciello Date: Sat Aug 31 21:49:12 2024 -0500 cpufreq/amd-pstate-ut: Add test case for mode switches There is a state machine in the amd-pstate driver utilized for switches for all modes. To make sure that cleanup and setup works properly for each mode add a unit test case that tries all combinations. Reviewed-by: Perry Yuan Signed-off-by: Mario Limonciello commit acc7f20d54a3eeceec7602b11d6e3462e7fba862 Author: Bibo Mao Date: Wed Sep 11 23:26:32 2024 +0800 LoongArch: KVM: Add vm migration support for LBT registers Every vcpu has separate LBT registers. And there are four scr registers, one flags and ftop register for LBT extension. When VM migrates, VMM needs to get LBT registers for every vcpu. Here macro KVM_REG_LOONGARCH_LBT is added for new vcpu lbt register type, the following macro is added to get/put LBT registers. KVM_REG_LOONGARCH_LBT_SCR0 KVM_REG_LOONGARCH_LBT_SCR1 KVM_REG_LOONGARCH_LBT_SCR2 KVM_REG_LOONGARCH_LBT_SCR3 KVM_REG_LOONGARCH_LBT_EFLAGS KVM_REG_LOONGARCH_LBT_FTOP Signed-off-by: Bibo Mao Signed-off-by: Huacai Chen commit b67ee19a907ddb7dab8b1bb4b35659d8372bfc46 Author: Bibo Mao Date: Wed Sep 11 23:26:32 2024 +0800 LoongArch: KVM: Add Binary Translation extension support Loongson Binary Translation (LBT) is used to accelerate binary translation, which contains 4 scratch registers (scr0 to scr3), x86/ARM eflags (eflags) and x87 fpu stack pointer (ftop). Like FPU extension, here a lazy enabling method is used for LBT. the LBT context is saved/restored on the vcpu context switch path. Signed-off-by: Bibo Mao Signed-off-by: Huacai Chen commit a53f48b6327c12437c9f429da2283e526eda2362 Author: Bibo Mao Date: Wed Sep 11 23:26:32 2024 +0800 LoongArch: KVM: Add VM feature detection function Loongson SIMD Extension (LSX), Loongson Advanced SIMD Extension (LASX) and Loongson Binary Translation (LBT) features are defined in register CPUCFG2. Two kinds of LSX/LASX/LBT feature detection are added here, one is VCPU feature, and the other is VM feature. VCPU feature dection can only work with VCPU thread itself, and requires VCPU thread is created already. So LSX/LASX/LBT feature detection for VM is added also, it can be done even if VM is not created, and also can be done by any threads besides VCPU threads. Here ioctl command KVM_HAS_DEVICE_ATTR is added for VM, and macro KVM_LOONGARCH_VM_FEAT_CTRL is added to check supported feature. And five sub-features relative with LSX/LASX/LBT are added as following: KVM_LOONGARCH_VM_FEAT_LSX KVM_LOONGARCH_VM_FEAT_LASX KVM_LOONGARCH_VM_FEAT_X86BT KVM_LOONGARCH_VM_FEAT_ARMBT KVM_LOONGARCH_VM_FEAT_MIPSBT Signed-off-by: Bibo Mao Signed-off-by: Huacai Chen commit e5ba90abb2ebdfd3c19481319b349d4885312bef Author: Bibo Mao Date: Wed Sep 11 23:26:32 2024 +0800 LoongArch: Revert qspinlock to test-and-set simple lock on VM Similar with x86, when VM is detected, revert to a simple test-and-set lock to avoid the horrors of queue preemption. Tested on 3C5000 Dual-way machine with 32 cores and 2 numa nodes, test case is kcbench on kernel mainline 6.10, the detailed command is "kcbench --src /root/src/linux" Performance on host machine kernel compile time performance impact Original 150.29 seconds With patch 150.19 seconds almost no impact Performance on virtual machine: 1. 1 VM with 32 vCPUs and 2 numa node, numa node pinned kernel compile time performance impact Original 170.87 seconds With patch 171.73 seconds almost no impact 2. 2 VMs, each VM with 32 vCPUs and 2 numa node, numa node pinned kernel compile time performance impact Original 2362.04 seconds With patch 354.73 seconds +565% Signed-off-by: Bibo Mao Signed-off-by: Huacai Chen commit 8d916815b0afad2a12a9f1b945c79fffc144dba8 Author: Mario Limonciello Date: Sat Aug 31 21:49:11 2024 -0500 cpufreq/amd-pstate: Export symbols for changing modes In order to effectively test all mode switch combinations export everything necessarily for amd-pstate-ut to trigger a mode switch. Reviewed-by: Perry Yuan Signed-off-by: Mario Limonciello commit 15a2b764ea7c16dd2b1ecfd86ba27809f5bd8580 Author: Mario Limonciello Date: Tue Sep 3 14:43:10 2024 -0500 amd-pstate: Add missing documentation for `amd_pstate_prefcore_ranking` `amd_pstate_prefcore_ranking` reflects the dynamic rankings of a CPU core based on platform conditions. Explicitly include it in the documentation. Reviewed-by: Gautham R. Shenoy Signed-off-by: Mario Limonciello commit b96b82d1af7fbf35e3c7d50368275005bd6b6a03 Author: Mario Limonciello Date: Mon Aug 26 16:13:58 2024 -0500 cpufreq: amd-pstate: Add documentation for `amd_pstate_hw_prefcore` Explain that the sysfs file represents both preferred core being enabled by the user and supported by the hardware. Reviewed-by: Gautham R. Shenoy Signed-off-by: Mario Limonciello commit 45722e777fd99ea863fe653c1838d39f678506e2 Author: Mario Limonciello Date: Mon Aug 26 16:13:57 2024 -0500 cpufreq: amd-pstate: Optimize amd_pstate_update_limits() Don't take and release the mutex when prefcore isn't present and avoid initialization of variables that will be initially set in the function. Reviewed-by: Gautham R. Shenoy Reviewed-by: Perry Yuan Signed-off-by: Mario Limonciello commit ad4caad58d91d3293880f8074f7ad125490ce636 Author: Mario Limonciello Date: Mon Aug 26 16:13:56 2024 -0500 cpufreq: amd-pstate: Merge amd_pstate_highest_perf_set() into amd_get_boost_ratio_numerator() The special case in amd_pstate_highest_perf_set() is the value used for calculating the boost numerator. Merge this into amd_get_boost_ratio_numerator() and then use that to calculate boost ratio. This allows dropping more special casing of the highest perf value. Reviewed-by: Gautham R. Shenoy Signed-off-by: Mario Limonciello commit 279f838a61f96cbfeb1f9ba060e4a452e6e041d0 Author: Mario Limonciello Date: Mon Aug 26 16:13:55 2024 -0500 x86/amd: Detect preferred cores in amd_get_boost_ratio_numerator() AMD systems that support preferred cores will use "166" as their numerator for max frequency calculations instead of "255". Add a function for detecting preferred cores by looking at the highest perf value on all cores. If preferred cores are enabled return 166 and if disabled the value in the highest perf register. As the function will be called multiple times, cache the values for the boost numerator and if preferred cores will be enabled in global variables. Reviewed-by: Gautham R. Shenoy Signed-off-by: Mario Limonciello commit 2819bfef6483c66c55064ca678f2630a1a09f3f9 Author: Mario Limonciello Date: Mon Aug 26 16:13:54 2024 -0500 x86/amd: Move amd_get_highest_perf() out of amd-pstate amd_pstate_get_highest_perf() is a helper used to get the highest perf value on AMD systems. It's used in amd-pstate as part of preferred core handling, but applicable for acpi-cpufreq as well. Move it out to cppc handling code as amd_get_highest_perf(). Reviewed-by: Perry Yuan Reviewed-by: Gautham R. Shenoy Signed-off-by: Mario Limonciello commit 21fb59ab4b9767085f4fe1edbdbe3177fbb9ec97 Author: Mario Limonciello Date: Mon Aug 26 16:13:53 2024 -0500 ACPI: CPPC: Adjust debug messages in amd_set_max_freq_ratio() to warn If the boost ratio isn't calculated properly for the system for any reason this can cause other problems that are non-obvious. Raise all messages to warn instead. Suggested-by: Perry Yuan Reviewed-by: Perry Yuan Reviewed-by: Gautham R. Shenoy Signed-off-by: Mario Limonciello commit 3355ac2541052154b6ca0b1263be5bf49dfa0158 Author: Mario Limonciello Date: Tue Aug 27 13:50:45 2024 -0500 ACPI: CPPC: Drop check for non zero perf ratio perf_ratio is a u64 and SCHED_CAPACITY_SCALE is a large number. Shifting by one will never have a zero value. Drop the check. Suggested-by: Gautham R. Shenoy Reviewed-by: Gautham R. Shenoy Signed-off-by: Mario Limonciello commit 6c09e3b445a1a647a5b57ea6afd23e846225dd8f Author: Mario Limonciello Date: Mon Aug 26 16:13:52 2024 -0500 x86/amd: Rename amd_get_highest_perf() to amd_get_boost_ratio_numerator() The function name is ambiguous because it returns an intermediate value for calculating maximum frequency rather than the CPPC 'Highest Perf' register. Rename the function to clarify its use and allow the function to return errors. Adjust the consumer in acpi-cpufreq to catch errors. Reviewed-by: Gautham R. Shenoy Signed-off-by: Mario Limonciello commit 01ced022e125f7b328335bb2944a107afcafe351 Author: Mario Limonciello Date: Tue Sep 3 15:32:16 2024 -0500 ACPI: CPPC: Adjust return code for inline functions in !CONFIG_ACPI_CPPC_LIB Checkpath emits the following warning: ``` WARNING: ENOTSUPP is not a SUSV4 error code, prefer EOPNOTSUPP ``` Adjust the code accordingly. Reviewed-by: Gautham R. Shenoy Signed-off-by: Mario Limonciello commit 2bcec09cc4ae62229e149213499e45b74190a24a Author: Mario Limonciello Date: Mon Aug 26 16:13:51 2024 -0500 x86/amd: Move amd_get_highest_perf() from amd.c to cppc.c To prepare to let amd_get_highest_perf() detect preferred cores it will require CPPC functions. Move amd_get_highest_perf() to cppc.c to prepare for 'preferred core detection' rework. No functional changes intended. Reviewed-by: Perry Yuan Reviewed-by: Gautham R. Shenoy Signed-off-by: Mario Limonciello commit 448aa89af07b83be84a58155c60001743342fca0 Author: Andrei Simion Date: Tue Sep 10 11:22:03 2024 +0300 ASoC: dt-bindings: microchip,sama7g5-spdifrx: Add common DAI reference Update the spdifrx yaml file to reference the dai-common.yaml schema, enabling the use of the 'sound-name-prefix' property Signed-off-by: Andrei Simion Acked-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240910082202.45972-1-andrei.simion@microchip.com Signed-off-by: Mark Brown commit a2187d0dadfc308551bbb1b8d6caee69e2ad4744 Author: Kuninori Morimoto Date: Mon Sep 9 23:13:47 2024 +0000 ASoC: dt-bindings: renesas,rsnd: add post-init-providers property At least if rsnd is using DPCM connection on Audio-Graph-Card2, fw_devlink might doesn't have enough information to break the cycle (Same problem might occur with Multi-CPU/Codec or Codec2Codec). In such case, rsnd driver will not be probed. Add post-init-providers support to break the link cycle. Signed-off-by: Kuninori Morimoto Reviewed-by: Rob Herring (Arm) Link: https://patch.msgid.link/87wmjkifob.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit 92556bd800fe4ce1c3fd18332b42a4eb85633951 Merge: 5c4e15e63216e7 851e3a2a4490b0 Author: Mark Brown Date: Wed Sep 11 15:53:59 2024 +0100 Add support for primary mi2s on SM8250 Merge series from Jens Reidel : This patch adds support for the primary mi2s interface on devices using SM8250 audio drivers. Tested on SM7150 (xiaomi-davinci). SM7150 sound is close to SM8250 and we intend to use it as a fallback in the future. To: Srinivas Kandagatla To: Liam Girdwood To: Mark Brown To: Jaroslav Kysela To: Takashi Iwai Cc: alsa-devel@alsa-project.org Cc: linux-arm-msm@vger.kernel.org Cc: linux-sound@vger.kernel.org Cc: linux-kernel@vger.kernel.org Cc: linux@mainlining.org Jens Reidel (1): ASoC: qcom: sm8250: enable primary mi2s sound/soc/qcom/sm8250.c | 8 ++++++++ 1 file changed, 8 insertions(+) -- 2.46.0 commit a1d12410d9b1ecff87d39f80b0d1cec895012ffa Author: Wei Fang Date: Wed Sep 11 20:03:38 2024 +0800 regulator: core: fix the broken behavior of regulator_dev_lookup() The behavior of regulator_dev_lookup() for non-DT way has been broken since the commit b8c325545714 ("regulator: Move OF-specific regulator lookup code to of_regulator.c"). Before the commit, of_get_regulator() was used to get the regulator, which returns NULL if the regulator is not found. So the regulator will be looked up through regulator_lookup_by_name() if no matching regulator is found in regulator_map_list. However, currently, of_regulator_dev_lookup() is used to instead of of_get_regulator(), but the variable 'r' is set to ERR_PTR(-ENODEV) instead of NULL if the regulator is not found. In this case, if no regulator is found in regulator_map_list, the variable 'r' is still ERR_PTR(-ENODEV), So regulator_dev_lookup() returns the value of 'r' directly instead of continuing to look up the regulator through regulator_lookup_by_name(). Fixes: b8c325545714 ("regulator: Move OF-specific regulator lookup code to of_regulator.c") Signed-off-by: Wei Fang Link: https://patch.msgid.link/20240911120338.526384-1-wei.fang@nxp.com Signed-off-by: Mark Brown commit e6b95bdc1e333e14e4fdf71fd4e8962429d9b6cd Author: Codrin Ciubotariu Date: Wed Sep 11 15:29:08 2024 +0300 ASoC: atmel: mchp-pdmc: Add snd_soc_dai_driver name Set snd_soc_dai_driver name to improve controller's display of the DAI name. Signed-off-by: Codrin Ciubotariu Signed-off-by: Andrei Simion Link: https://patch.msgid.link/20240911122909.133399-3-andrei.simion@microchip.com Signed-off-by: Mark Brown commit 8f0280c84607afe122788e508a171ba163d71be6 Author: Codrin Ciubotariu Date: Wed Sep 11 15:29:07 2024 +0300 ASoC: atmel: mchp-pdmc: Improve maxburst calculation for better performance Improve the DMA descriptor calculation by dividing the period size by the product of sample size and DMA chunk size, rather than just DMA chunk size. Ensure that all DMA descriptors start from a well-aligned address to improve the reliability and efficiency of DMA operations and avoid potential issues related to misaligned descriptors. [andrei.simion@microchip.com: Adjust the commit title. Reword the commit message. Add MACROS for each DMA size chunk supported by mchp-pdmc. Add DMA_BURST_ALIGNED preprocesor function to check the alignment of the DMA burst.] Signed-off-by: Codrin Ciubotariu Signed-off-by: Andrei Simion Link: https://patch.msgid.link/20240911122909.133399-2-andrei.simion@microchip.com Signed-off-by: Mark Brown commit 0c8c5bdd7eaf291b6f727e98506fb68acee3a4cc Author: Leo Li Date: Wed Sep 11 09:06:50 2024 -0400 drm/amd/display: Add all planes on CRTC to state for overlay cursor [Why] DC has a special commit path for native cursor, which use the built-in cursor pipe within DCN planes. This update path does not require all enabled planes to be added to the list of surface updates sent to DC. This is not the case for overlay cursor; it uses the same path as MPO commits. This update path requires all enabled planes to be added to the list of surface updates sent to DC. Otherwise, DC will disable planes not inside the list. [How] If overlay cursor is needed, add all planes on the same CRTC as this cursor to the atomic state. This is already done for non-cursor planes (MPO), just before the added lines. Fixes: 1b04dcca4fb1 ("drm/amd/display: Introduce overlay cursor mode") Closes: https://lore.kernel.org/lkml/f68020a3-c413-482d-beb2-5432d98a1d3e@amd.com Reviewed-by: Harry Wentland Signed-off-by: Leo Li Tested-by: Mikhail Gavrilov Signed-off-by: Alex Deucher commit 23dc9867329c72b48e5039ac93fbf50d9099cdb3 Author: Daniel Xu Date: Thu Sep 5 19:22:44 2024 -0600 bpf, cpumap: Move xdp:xdp_cpumap_kthread tracepoint before rcv cpumap takes RX processing out of softirq and onto a separate kthread. Since the kthread needs to be scheduled in order to run (versus softirq which does not), we can theoretically experience extra latency if the system is under load and the scheduler is being unfair to us. Moving the tracepoint to before passing the skb list up the stack allows users to more accurately measure enqueue/dequeue latency introduced by cpumap via xdp:xdp_cpumap_enqueue and xdp:xdp_cpumap_kthread tracepoints. f9419f7bd7a5 ("bpf: cpumap add tracepoints") which added the tracepoints states that the intent behind them was for general observability and for a feedback loop to see if the queues are being overwhelmed. This change does not mess with either of those use cases but rather adds a third one. Signed-off-by: Daniel Xu Signed-off-by: Daniel Borkmann Acked-by: Jesper Dangaard Brouer Link: https://lore.kernel.org/bpf/47615d5b5e302e4bd30220473779e98b492d47cd.1725585718.git.dxu@dxuuu.xyz commit efb0b309fa0d8a92f9b303d292944cda08349eed Author: Zijun Hu Date: Sun Sep 8 10:48:47 2024 +0800 driver core: Trivially simplify ((struct device_private *)curr)->device->p to @curr Trivially simplify ((struct device_private *)curr)->device->p to @curr in deferred_devs_show() since both are same. Signed-off-by: Zijun Hu Link: https://lore.kernel.org/r/20240908-trivial_simpli-v1-1-53e0f1363299@quicinc.com Signed-off-by: Greg Kroah-Hartman commit 89c0a55e550ebb1fd19bba72fc08c8f6e2d3b1db Author: Ian Rogers Date: Fri Sep 6 22:08:19 2024 -0700 perf pmu: To info add event_type_desc All PMU events are assumed to be "Kernel PMU event", however, this isn't true for fake PMUs and won't be true with the addition of more software PMUs. Make the PMU's type description name configurable - largely for printing callbacks. Signed-off-by: Ian Rogers Link: https://lore.kernel.org/r/20240907050830.6752-5-irogers@google.com Cc: Ravi Bangoria Cc: Sandipan Das Cc: Mark Rutland Cc: Yang Jihong Cc: Dominique Martinet Cc: Clément Le Goffic Cc: Colin Ian King Cc: Howard Chu Cc: Ze Gao Cc: Yicong Yang Cc: Changbin Du Cc: Junhao He Cc: Peter Zijlstra Cc: Adrian Hunter Cc: Weilin Wang Cc: Arnaldo Carvalho de Melo Cc: Jiri Olsa Cc: Namhyung Kim Cc: Will Deacon Cc: James Clark Cc: Mike Leach Cc: Jing Zhang Cc: Leo Yan Cc: Oliver Upton Cc: Benjamin Gray Cc: Andi Kleen Cc: Alexander Shishkin Cc: Kan Liang Cc: Athira Jajeev Cc: linux-arm-kernel@lists.infradead.org Cc: Sun Haiyong Cc: Tiezhu Yang Cc: Xu Yang Cc: John Garry Cc: Ingo Molnar Cc: Veronika Molnarova Cc: Dr. David Alan Gilbert Cc: linux-kernel@vger.kernel.org Cc: linux-perf-users@vger.kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit f08cc258431df0ac498a4700d2d5b6f6aebb4889 Author: Ian Rogers Date: Fri Sep 6 22:08:18 2024 -0700 perf evsel: Add accessor for tool_event Currently tool events use a dedicated variable within the evsel. Later changes will move this to the unused struct perf_event_attr config for these events. Add an accessor to allow the later change to be well typed and avoid changing all uses. Signed-off-by: Ian Rogers Link: https://lore.kernel.org/r/20240907050830.6752-4-irogers@google.com Cc: Ravi Bangoria Cc: Sandipan Das Cc: Mark Rutland Cc: Yang Jihong Cc: Dominique Martinet Cc: Clément Le Goffic Cc: Colin Ian King Cc: Howard Chu Cc: Ze Gao Cc: Yicong Yang Cc: Changbin Du Cc: Junhao He Cc: Peter Zijlstra Cc: Adrian Hunter Cc: Weilin Wang Cc: Arnaldo Carvalho de Melo Cc: Jiri Olsa Cc: Namhyung Kim Cc: Will Deacon Cc: James Clark Cc: Mike Leach Cc: Jing Zhang Cc: Leo Yan Cc: Oliver Upton Cc: Benjamin Gray Cc: Andi Kleen Cc: Alexander Shishkin Cc: Kan Liang Cc: Athira Jajeev Cc: linux-arm-kernel@lists.infradead.org Cc: Sun Haiyong Cc: Tiezhu Yang Cc: Xu Yang Cc: John Garry Cc: Ingo Molnar Cc: Veronika Molnarova Cc: Dr. David Alan Gilbert Cc: linux-kernel@vger.kernel.org Cc: linux-perf-users@vger.kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 925320737ae290ab4bcf9c277c2a7718113717ae Author: Ian Rogers Date: Fri Sep 6 22:08:17 2024 -0700 perf pmus: Fake PMU clean up Rather than passing a fake PMU around, just pass that the fake PMU should be used - true when doing testing. Move the fake PMU into pmus.[ch] and try to abstract the PMU's properties in pmu.c, ie so there is less "if fake_pmu" in non-PMU code. Give the fake PMU a made up type number. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Andi Kleen Cc: Athira Rajeev Cc: Benjamin Gray Cc: Changbin Du Cc: Clément Le Goffic Cc: Colin Ian King Cc: Dominique Martinet Cc: Dr. David Alan Gilbert Cc: Howard Chu Cc: Ingo Molnar Cc: James Clark Cc: Jing Zhang Cc: Jiri Olsa Cc: John Garry Cc: Junhao He Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Oliver Upton Cc: Peter Zijlstra Cc: Ravi Bangoria Cc: Sandipan Das Cc: Sun Haiyong Cc: Tiezhu Yang Cc: Veronika Molnarova Cc: Weilin Wang Cc: Will Deacon Cc: Xu Yang Cc: Yang Jihong Cc: Yicong Yang Cc: Ze Gao Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240907050830.6752-3-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit d3d5c1a00fcdbae92456a6e78a7d440880fff18a Author: Ian Rogers Date: Fri Sep 6 22:08:16 2024 -0700 perf list: Avoid potential out of bounds memory read If a desc string is 0 length then -1 will be out of bounds, add a check. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Andi Kleen Cc: Athira Rajeev Cc: Benjamin Gray Cc: Changbin Du Cc: Clément Le Goffic Cc: Colin Ian King Cc: Dominique Martinet Cc: Dr. David Alan Gilbert Cc: Howard Chu Cc: Ingo Molnar Cc: James Clark Cc: Jing Zhang Cc: Jiri Olsa Cc: John Garry Cc: Junhao He Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Oliver Upton Cc: Peter Zijlstra Cc: Ravi Bangoria Cc: Sandipan Das Cc: Sun Haiyong Cc: Tiezhu Yang Cc: Veronika Molnarova Cc: Weilin Wang Cc: Will Deacon Cc: Xu Yang Cc: Yang Jihong Cc: Yicong Yang Cc: Ze Gao Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240907050830.6752-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 4ae354d73a8e16b925f1fd1542105d6889eff7c1 Author: Andrew Kreimer Date: Sat Sep 7 16:10:01 2024 +0300 perf help: Fix a typo ("bellow") Fix a typo in comments. Reported-by: Matthew Wilcox Reviewed-by: Ian Rogers Signed-off-by: Andrew Kreimer Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Cc: kernel-janitors@vger.kernel.org Link: https://lore.kernel.org/r/20240907131006.18510-1-algonell@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit 9a26234423b87e111351eac0e95775e6ba14d752 Author: Takashi Iwai Date: Wed Sep 11 15:57:52 2024 +0200 ALSA: pcm: Fix breakage of PCM rates used for topology It turned out that the topology ABI takes the standard PCM rate bits as is, and it means that the recent change of the PCM rate bits would lead to the inconsistent rate values used for topology. This patch reverts the original PCM rate bit definitions while adding the new rates to the extended bits instead. This needed the change of snd_pcm_known_rates, too. And this also required to fix the handling in snd_pcm_hw_limit_rates() that blindly assumed that the list is sorted while it became unsorted now. Fixes: 090624b7dc83 ("ALSA: pcm: add more sample rate definitions") Reported-by: Pierre-Louis Bossart Closes: https://lore.kernel.org/1ab3efaa-863c-4dd0-8f81-b50fd9775fad@linux.intel.com Reviewed-by: Jaroslav Kysela Tested-by: Jerome Brunet Tested-by: Bard Liao Link: https://patch.msgid.link/20240911135756.24434-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit c5b4a5dff691df24bc2ef4a933157b65e993c571 Author: Rafał Miłecki Date: Mon Sep 2 15:29:48 2024 +0100 MAINTAINERS: Update path for U-Boot environment variables YAML This file was moved to the layouts/ subdirectory. Signed-off-by: Rafał Miłecki Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240902142952.71639-6-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit 5f15811286aff4664bf275a7ede64e1b8858151b Author: Rafał Miłecki Date: Mon Sep 2 15:29:47 2024 +0100 nvmem: layouts: add U-Boot env layout U-Boot environment variables are stored in a specific format. Actual data can be placed in various storage sources (MTD, UBI volume, EEPROM, NVRAM, etc.). Move all generic (NVMEM device independent) code from NVMEM device driver to an NVMEM layout driver. Then add a simple NVMEM layout code on top of it. This allows using NVMEM layout for parsing U-Boot env data stored in any kind of NVMEM device. The old NVMEM glue driver stays in place for handling bindings in the MTD context. To avoid code duplication it uses exported layout parsing function. Please note that handling MTD & NVMEM layout bindings may be refactored in the future. Signed-off-by: Rafał Miłecki Reviewed-by: Miquel Raynal Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240902142952.71639-5-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit c2699778e6be4757ee0b16449ab8777c6b46e6d0 Author: Richard Zhu Date: Mon Jul 29 16:18:18 2024 -0400 PCI: imx6: Add i.MX8Q PCIe Root Complex (RC) support Implement i.MX8Q (i.MX8QM, i.MX8QXP, and i.MX8DXL) PCIe Root Complex (RC) support. While the controller resembles that of i.MX8MP, the PHY differs significantly. Also, there's a distinction between PCI bus addresses and CPU addresses. Introduce IMX_PCIE_FLAG_CPU_ADDR_FIXUP in drvdata::flags to indicate driver need the cpu_addr_fixup() callback to facilitate CPU address to PCI bus address conversion according to "ranges" property. Link: https://lore.kernel.org/linux-pci/20240729-pci2_upstream-v8-11-b68ee5ef2b4d@nxp.com Signed-off-by: Richard Zhu Signed-off-by: Frank Li Signed-off-by: Krzysztof Wilczyński [bhelgaas: check resource_list_first_type() for NULL] Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam commit 5baeb157b341b1d26a5815aeaa4d3bb9e0444fda Author: Ruffalo Lavoisier Date: Sat Sep 7 05:30:25 2024 +0900 comedi: ni_routing: tools: Check when the file could not be opened - After fopen check NULL before using the file pointer use Signed-off-by: Ruffalo Lavoisier Link: https://lore.kernel.org/r/20240906203025.89588-1-RuffaloLavoisier@gmail.com Signed-off-by: Greg Kroah-Hartman commit 0bad57708d7c16a409a2770e9e8c477a30b257c0 Author: Zhang Zekun Date: Sat Sep 7 16:25:55 2024 +0800 ocxl: Remove the unused declarations in headr file The definition of ocxl_create_cdev() and ocxl_destroy_cdev() has been removed since commit 75ca758adbaf ("ocxl: Create a clear delineation between ocxl backend & frontend"). So, let's remove the empty declarations. Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240907082555.60836-1-zhangzekun11@huawei.com Signed-off-by: Greg Kroah-Hartman commit 619bac6a97b4eb32bdbbe4525eaecfcef59edc1b Author: zhang jiao Date: Thu Sep 5 14:51:59 2024 +0800 hpet: Fix the wrong format specifier The unsigned int should use "%u" instead of "%d". Signed-off-by: zhang jiao Link: https://lore.kernel.org/r/20240905065159.45774-1-zhangjiao2@cmss.chinamobile.com Signed-off-by: Greg Kroah-Hartman commit 89ec686a17914a6b663b11b8bdaf3f966546da32 Author: Hongbo Li Date: Wed Sep 4 09:22:00 2024 +0800 uio: Constify struct kobj_type These 'struct kobj_type' are not modified. They are only used in kobject_init() which takes a 'const struct kobj_type *ktype' parameter. Constifying these structure and moving them to a read-only section (from data to text), and can increase over all security. ``` [Before] text data bss dec hex filename 10330 1908 20 12258 2fe2 drivers/uio/uio.o [After] text data bss dec hex filename 10458 1844 20 12322 3022 drivers/uio/uio.o ``` Signed-off-by: Hongbo Li Link: https://lore.kernel.org/r/20240904012200.2010916-1-lihongbo22@huawei.com Signed-off-by: Greg Kroah-Hartman commit 5c09cfa5d21cfd820c183bd188be6f215d99770e Author: Hongbo Li Date: Wed Sep 4 09:19:51 2024 +0800 cxl: Constify struct kobj_type This 'struct kobj_type' is not modified. It is only used in kobject_init_and_add() which takes a 'const struct kobj_type *ktype' parameter. Constifying this structure and moving it to a read-only section, and can increase over all security. Signed-off-by: Hongbo Li Link: https://lore.kernel.org/r/20240904011951.2010646-1-lihongbo22@huawei.com Signed-off-by: Greg Kroah-Hartman commit e9e46ed220abe2bac542d1b682d6dff68145c19f Author: Ba Jing Date: Mon Sep 2 13:23:30 2024 +0800 binder: modify the comment for binder_proc_unlock Modify the comment for binder_proc_unlock() to clearly indicate which spinlock it releases and to better match the acquire comment block in binder_proc_lock(). Signed-off-by: Ba Jing Acked-by: Carlos Llamas Link: https://lore.kernel.org/r/20240902052330.3115-1-bajing@cmss.chinamobile.com Signed-off-by: Greg Kroah-Hartman commit 2193ede180dde21b7f866cc457eb9e13341e663b Author: Arnd Bergmann Date: Mon Sep 9 11:17:38 2024 +0000 net/9p/usbg: fix CONFIG_USB_GADGET dependency When USB gadget support is in a loadable module, 9pfs cannot link to it as a built-in driver: x86_64-linux-ld: vmlinux.o: in function `usb9pfs_free_func': trans_usbg.c:(.text+0x1070012): undefined reference to `usb_free_all_descriptors' x86_64-linux-ld: vmlinux.o: in function `disable_ep': trans_usbg.c:(.text+0x1070528): undefined reference to `usb_ep_disable' x86_64-linux-ld: vmlinux.o: in function `usb9pfs_func_unbind': trans_usbg.c:(.text+0x10705df): undefined reference to `usb_ep_free_request' x86_64-linux-ld: trans_usbg.c:(.text+0x107061f): undefined reference to `usb_ep_free_request' x86_64-linux-ld: vmlinux.o: in function `usb9pfs_func_bind': trans_usbg.c:(.text+0x107069f): undefined reference to `usb_interface_id' x86_64-linux-ld: trans_usbg.c:(.text+0x10706b5): undefined reference to `usb_string_id' Change the Kconfig dependency to only allow this to be enabled when it can successfully link and work. Fixes: a3be076dc174 ("net/9p/usbg: Add new usb gadget function transport") Signed-off-by: Arnd Bergmann Link: https://lore.kernel.org/r/20240909111745.248952-1-arnd@kernel.org Signed-off-by: Greg Kroah-Hartman commit 17a1d7c5a49cae46b46a36eb4c4ee0add1565488 Author: Philipp Hortmann Date: Tue Sep 10 07:58:04 2024 +0200 staging: rtl8723bs: Remove unused file rtw_rf.c Remove unused file rtw_rf.c Signed-off-by: Philipp Hortmann Link: https://lore.kernel.org/r/2a31866e3e6f65e90d612f7473501066f6bc5937.1725826273.git.philipp.g.hortmann@gmail.com Signed-off-by: Greg Kroah-Hartman commit 717ab65eb82b09c157ee43961686d65c005536a1 Author: Philipp Hortmann Date: Tue Sep 10 07:57:56 2024 +0200 staging: rtl8723bs: Remove unused function rtw_ch2freq Remove unused function rtw_ch2freq with array ch_freq_map and comments. Signed-off-by: Philipp Hortmann Link: https://lore.kernel.org/r/53a8ee320803ae3efe22b648f2a4555482efaf46.1725826273.git.philipp.g.hortmann@gmail.com Signed-off-by: Greg Kroah-Hartman commit 211b4ed0572c39f9f49883ac00f18eeb9c6adc30 Author: Philipp Hortmann Date: Tue Sep 10 07:57:50 2024 +0200 staging: rtl8723bs: Remove unused files rtw_debug.c and rtw_debug.h Remove unused files rtw_debug.c and rtw_debug.h. Signed-off-by: Philipp Hortmann Link: https://lore.kernel.org/r/ab3d501e2ef0bb3980d8d271fb667ce20ed8dca5.1725826273.git.philipp.g.hortmann@gmail.com Signed-off-by: Greg Kroah-Hartman commit 41087c3d42e357d1b9962d799bc8c2c83317071c Author: Philipp Hortmann Date: Tue Sep 10 07:57:44 2024 +0200 staging: rtl8723bs: Remove unused function dump_4_regs Remove unused function dump_4_regs. Signed-off-by: Philipp Hortmann Link: https://lore.kernel.org/r/583ba389a269a11f4c2497ae5152ad8299d88455.1725826273.git.philipp.g.hortmann@gmail.com Signed-off-by: Greg Kroah-Hartman commit a5f6f2f1ec6a1dbdd8e03a8d612f4b1aeb698b95 Author: Philipp Hortmann Date: Tue Sep 10 07:57:37 2024 +0200 staging: rtl8723bs: Remove unused function mac_reg_dump Remove unused function mac_reg_dump. Signed-off-by: Philipp Hortmann Link: https://lore.kernel.org/r/80e89052b30d8c495f375e43fc4c1deeea75a624.1725826273.git.philipp.g.hortmann@gmail.com Signed-off-by: Greg Kroah-Hartman commit 75758f449760181a9baacd999d5150e6c75dd7e3 Author: Philipp Hortmann Date: Tue Sep 10 07:57:27 2024 +0200 staging: rtl8723bs: Remove unused function bb_reg_dump Remove unused function bb_reg_dump. Signed-off-by: Philipp Hortmann Link: https://lore.kernel.org/r/e0372c46a62df20ecce9a9e66846cbd3484eb85d.1725826273.git.philipp.g.hortmann@gmail.com Signed-off-by: Greg Kroah-Hartman commit 14adc53f4ccd8bf7357835ca2900a449b3095f67 Author: Philipp Hortmann Date: Tue Sep 10 07:57:13 2024 +0200 staging: rtl8723bs: Remove unused function dump_4_rf_regs Remove unused function dump_4_rf_regs. Signed-off-by: Philipp Hortmann Link: https://lore.kernel.org/r/b660342da763d1e03c44f2b3fdac0378b077e6b9.1725826273.git.philipp.g.hortmann@gmail.com Signed-off-by: Greg Kroah-Hartman commit 370c7a835f781bcc3fbcdbbc536c260d8a430a3e Author: Philipp Hortmann Date: Tue Sep 10 07:57:05 2024 +0200 staging: rtl8723bs: Remove unused function rf_reg_dump Remove unused function rf_reg_dump. Signed-off-by: Philipp Hortmann Link: https://lore.kernel.org/r/b66d915668366258523095adf388acef945dc0fa.1725826273.git.philipp.g.hortmann@gmail.com Signed-off-by: Greg Kroah-Hartman commit 7e902396f389b0148d17c77de992bf05eeba6fe5 Author: Philipp Hortmann Date: Tue Sep 10 07:56:55 2024 +0200 staging: rtl8723bs: Remove unused function rtw_hal_get_odm_var Remove unused function rtw_hal_get_odm_var. Signed-off-by: Philipp Hortmann Link: https://lore.kernel.org/r/adbeaac00054c87e4c55714817ffb85f68d37c4a.1725826273.git.philipp.g.hortmann@gmail.com Signed-off-by: Greg Kroah-Hartman commit 0d52df8c877b27fdb4992e70cc387a1fc78b1c3c Author: Philipp Hortmann Date: Tue Sep 10 07:56:48 2024 +0200 staging: rtl8723bs: Remove unused function rxmem_to_recvframe Remove unused function rxmem_to_recvframe and its comment. Signed-off-by: Philipp Hortmann Link: https://lore.kernel.org/r/1016603607501abe08334f9577728dd3c4209572.1725826273.git.philipp.g.hortmann@gmail.com Signed-off-by: Greg Kroah-Hartman commit a51942deb92682ef09b44c360bc223812e3f1499 Author: Philipp Hortmann Date: Tue Sep 10 07:56:41 2024 +0200 staging: rtl8723bs: Remove unused function RTW_DISABLE_FUNC Remove unused function RTW_DISABLE_FUNC and its comment. Signed-off-by: Philipp Hortmann Link: https://lore.kernel.org/r/46545805edb962ae97b15be60e0a3446aae42701.1725826273.git.philipp.g.hortmann@gmail.com Signed-off-by: Greg Kroah-Hartman commit bbc75685d573695f0e201dd43c8b78e2b4575d1a Author: Roshan Khatri Date: Tue Sep 10 09:50:24 2024 +0545 staging: rtl8723bs: core: Fix spelling mistake in rtw_xmit.c This patch fixes spelling mistake to increase code readability and searching. Signed-off-by: Roshan Khatri Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/90f26f7bce03d80848e3c0fc166c5ab584b83446.1725933169.git.topofeverest8848@gmail.com Signed-off-by: Greg Kroah-Hartman commit e958a0e6748941461c1779224c84b0f05e4657b0 Author: Roshan Khatri Date: Tue Sep 10 09:50:01 2024 +0545 staging: rtl8723bs: include: Fix spelling mistake in rtw_mlme.h This patch fixes spelling mistake to increase code readability and searching. Signed-off-by: Roshan Khatri Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/8b9184ba4e489d7eec389389ae435fa4d9232113.1725933169.git.topofeverest8848@gmail.com Signed-off-by: Greg Kroah-Hartman commit ac4e97535f43ed766022fd90fdbf1fdf57783b86 Author: Roshan Khatri Date: Tue Sep 10 09:49:41 2024 +0545 staging: rtl8723bs: include: Fix spelling mistake in rtw_io.h This patch fixes spelling mistake to increase code readability and searching. Signed-off-by: Roshan Khatri Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/f77f1155d07de7780726562d628e8ed3a3ce4b4f.1725933169.git.topofeverest8848@gmail.com Signed-off-by: Greg Kroah-Hartman commit e737c2be0d3a5ffce47191d576e839f67c5e3693 Author: Roshan Khatri Date: Tue Sep 10 09:49:15 2024 +0545 staging: rtl8723bs: include: Fix spelling mistake in rtw_xmit.h This patch fixes spelling mistake to increase code readability and searching. Signed-off-by: Roshan Khatri Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/93a1b568ec96dea13dfc75232a08bbf42e270599.1725933169.git.topofeverest8848@gmail.com Signed-off-by: Greg Kroah-Hartman commit b95150a3742980cfe5c95e3e645f4ef9a38575e4 Author: Johan Hovold Date: Mon Sep 9 14:48:53 2024 +0200 Revert "staging: greybus: Fix capitalization and punctuation inconsistencies" This reverts commit 30db8460f984a7f5299b6e07ea8a57cd09fc9557. The offending commit tried to make the error messages of a few Greybus drivers in staging more consistent by capitalising messages, but the rest of the Greybus code do not follow this style so the change ended up introducing an inconsistency instead. Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20240909124853.9213-1-johan@kernel.org Signed-off-by: Greg Kroah-Hartman commit 5e6bf74d63c21c75e021498bbc111233629dee36 Author: Tree Davies Date: Sun Sep 8 12:26:33 2024 -0700 Staging: rtl8192e: Rename variable RxDrvInfoSize Rename variable RxDrvInfoSize to rx_drv_info_size to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-17-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 212d1ded75252f1fc3490809aa538ae575a577be Author: Tree Davies Date: Sun Sep 8 12:26:32 2024 -0700 Staging: rtl8192e: Rename variable RxBufShift Rename variable RxBufShift to rx_buf_shift to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-16-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 463380d4cd39b147dc9a4a1f9cfe1f68a142c8b0 Author: Tree Davies Date: Sun Sep 8 12:26:31 2024 -0700 Staging: rtl8192e: Rename variable bAddNewTs Rename variable bAddNewTs to add_new_ts to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-15-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit a035ddbdbed31afdf0587820af37d1b776caa379 Author: Tree Davies Date: Sun Sep 8 12:26:30 2024 -0700 Staging: rtl8192e: Rename variable nStuckCount Rename variable nStuckCount to stuck_count to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-14-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 8c8aef9f6ef1fc06d2867a1feaa8577632ca741f Author: Tree Davies Date: Sun Sep 8 12:26:29 2024 -0700 Staging: rtl8192e: Rename variable isEncrypt Rename variable isEncrypt to is_encrypt to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-13-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 1085ae8294da27e0e0b397eedc506f7e7cfd4d70 Author: Tree Davies Date: Sun Sep 8 12:26:28 2024 -0700 Staging: rtl8192e: Rename variable SignalQuality Rename variable SignalQuality to signal_quality to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-12-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 712d14fbcb26fbc919a5dde44045869c0dc27ec4 Author: Tree Davies Date: Sun Sep 8 12:26:27 2024 -0700 Staging: rtl8192e: Rename variable bAssoc Rename variable bAssoc to assoc to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-11-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 0e0a2b347cdf5bc2f268c20beb0b930b84a2846c Author: Tree Davies Date: Sun Sep 8 12:26:26 2024 -0700 Staging: rtl8192e: Rename variable Operation Rename variable Operation to operation to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-10-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit de510b77692c9df6a9cee29e6b0b89e74bac7aff Author: Tree Davies Date: Sun Sep 8 12:26:25 2024 -0700 Staging: rtl8192e: Rename variable ScanOperationBackupHandler Rename variable ScanOperationBackupHandler to scan_operation_backup_handler to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-9-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 86ad674dfaeb27314030114eebda6709f64de2a3 Author: Tree Davies Date: Sun Sep 8 12:26:24 2024 -0700 Staging: rtl8192e: Rename variable Para2 Rename variable Para2 to para2 to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-8-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit dcfa53c19c46443a6157cc72fae88f29b159738a Author: Tree Davies Date: Sun Sep 8 12:26:23 2024 -0700 Staging: rtl8192e: Rename variable Para1 Rename variable Para1 to para1 to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-7-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 63879b44f109033286744320247b64d65b0433f5 Author: Tree Davies Date: Sun Sep 8 12:26:22 2024 -0700 Staging: rtl8192e: Rename variable bPacketToSelf Rename variable bPacketToSelf to packet_to_self to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-6-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit bdb3b3873416eec05fc249fe0e7eb02dd7a45ed5 Author: Tree Davies Date: Sun Sep 8 12:26:21 2024 -0700 Staging: rtl8192e: Rename variable pFrame Rename variable pFrame to frame to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-5-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit dda795ccb5b01e9ed68d408e845186bd6076ab9f Author: Tree Davies Date: Sun Sep 8 12:26:20 2024 -0700 Staging: rtl8192e: Rename variable SignalStrength Rename variable SignalStrength to signal_strength to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-4-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit bae23beb98ad96eb991916cb11f85ffa0899350f Author: Tree Davies Date: Sun Sep 8 12:26:19 2024 -0700 Staging: rtl8192e: Rename variable SeqNum Rename variable SeqNum to seq_num to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-3-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 1ca30a5f0da05db739e93699722964a77680372b Author: Tree Davies Date: Sun Sep 8 12:26:18 2024 -0700 Staging: rtl8192e: Rename variable pReorderEntry Rename variable pReorderEntry to reorder_entry to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240908192633.94144-2-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit f95ca85843d08632b4065089d86b342f4f8ddd32 Author: Umang Jain Date: Tue Sep 10 10:40:07 2024 +0530 staging: vchiq_core: Pass enumerated flag instead of int Pass proper enumerated flag which exists, instead of an integer while calling queue_message(). It helps with readability of the code. Signed-off-by: Umang Jain Reviewed-by: Stefan Wahren Tested-by: Stefan Wahren Link: https://lore.kernel.org/r/20240910051007.297227-8-umang.jain@ideasonboard.com Signed-off-by: Greg Kroah-Hartman commit 1732d864be1d1ecf5f1a8aa4ff023245e5548cb0 Author: Umang Jain Date: Tue Sep 10 10:40:06 2024 +0530 staging: vchiq_core: Remove unused function argument The argument 'is_blocking' in queue_message_sync() is not used in the function. Drop it. Signed-off-by: Umang Jain Reviewed-by: Stefan Wahren Tested-by: Stefan Wahren Link: https://lore.kernel.org/r/20240910051007.297227-7-umang.jain@ideasonboard.com Signed-off-by: Greg Kroah-Hartman commit d82caab7abf86e1abd04caf8f0212f71f67fe3a8 Author: Umang Jain Date: Tue Sep 10 10:40:05 2024 +0530 staging: vchiq_core: Drop vchiq_bulk_transfer() Drop vchiq_bulk_transfer() as every VCHIQ_BULK_MODE_* mode now have their own dedicated functions to execute bulk transfers. Also, drop the temporary label we introduced earlier in vchiq-dev.c to jump over the vchiq_bulk_transfer() call when each separate mode helper was being developed. Signed-off-by: Umang Jain Tested-by: Stefan Wahren Link: https://lore.kernel.org/r/20240910051007.297227-6-umang.jain@ideasonboard.com Signed-off-by: Greg Kroah-Hartman commit 22f3f2ef01ef56e2e79163d3be0d91492601782b Author: Umang Jain Date: Tue Sep 10 10:40:04 2024 +0530 staging: vchiq_core: Factor out bulk transfer for (no/)callback mode Factor out bulk transfer for VCHIQ_BULK_MODE_NOCALLBACK and VCHIQ_BULK_MODE_CALLBACK mode into a separate dedicated function bulk_xfer_callback_interruptible(). It is suffixed by "_interruptible" to denote that it can be interrupted and -EAGAIN can be returned. It would be up to the users of the function to retry the call in those cases. bulk_xfer_callback_interruptible() also takes in 'mode' parameter to differentiate between VCHIQ_BULK_MODE_NOCALLBACK and VCHIQ_BULK_MODE_CALLBACK, which then is directly passed to vchiq_bulk_xfer_queue_msg_interruptible() inside the function. Adjust the calls to vchiq-dev.c ioctl interface and vchiq_arm.c for the respective bulk transfers. Signed-off-by: Umang Jain Tested-by: Stefan Wahren Link: https://lore.kernel.org/r/20240910051007.297227-5-umang.jain@ideasonboard.com Signed-off-by: Greg Kroah-Hartman commit 206030f6a92bd97997fba8ebb86e78058edecb97 Author: Umang Jain Date: Tue Sep 10 10:40:03 2024 +0530 staging: vchiq_core: Factor out bulk transfer for blocking mode Factor out bulk transfer for blocking mode into a separate dedicated function bulk_xfer_blocking_interruptible(). It is suffixed by "_interruptible" to denote that it can be interrupted and -EAGAIN can be returned. It would be up to the users of the function to retry the call in those cases. Adjust the calls to vchiq-dev.c ioctl interface and vchiq_arm.c for blocking bulk transfers. Signed-off-by: Umang Jain Tested-by: Stefan Wahren Link: https://lore.kernel.org/r/20240910051007.297227-4-umang.jain@ideasonboard.com Signed-off-by: Greg Kroah-Hartman commit fbaf8bf6cbc034cf9dbe6dbd4b4ff946835447d2 Author: Umang Jain Date: Tue Sep 10 10:40:02 2024 +0530 staging: vchiq_core: Simplify vchiq_bulk_transfer() Factor out core logic for preparing bulk data transfer(mutex locking, waits on vchiq_bulk_queue wait-queue, initialising the bulk transfer) out of the vchiq_bulk_transfer(). This simplifies the existing vchiq_bulk_transfer() and makes it more readable since all the core logic is handled in vchiq_bulk_xfer_queue_msg_interruptible(). It will also help us to refactor vchiq_bulk_transfer() easily for different vchiq bulk transfer modes. No functional changes intended in this patch. Signed-off-by: Umang Jain Tested-by: Stefan Wahren Link: https://lore.kernel.org/r/20240910051007.297227-3-umang.jain@ideasonboard.com Signed-off-by: Greg Kroah-Hartman commit 27056fef611c1e15b2fd6e8785850df562410d58 Author: Umang Jain Date: Tue Sep 10 10:40:01 2024 +0530 staging: vchiq: Factor out bulk transfer for VCHIQ_BULK_MODE_WAITING The bulk transfer is VCHIQ_BULK_MODE_WAITING is used by VCHIQ ioctl interface. It is factored out to a separate function from vchiq_bulk_transfer() to bulk_xfer_waiting_interruptible(). This is a part of vchiq_bulk_transfer refactoring. Each bulk mode will have their dedicated functions to execute bulk transfers. Each mode will be handled separately in subsequent patches. bulk_xfer_waiting_interruptible() is suffixed with "_interruptible" to denote that it can be interrupted when a signal is received. -EAGAIN maybe returned in those cases, similar to what vchiq_bulk_transfer() does. Adjust the vchiq_irq_queue_bulk_tx_rx() in the vchiq-dev.c to call bulk_xfer_waiting_interruptible() for waiting mode. A temporary goto label has been introduced to jump the call execution over vchiq_bulk_transfer() for waiting mode only. When all dedicated bulk transfer calls are introduced, this label shall be dropped. No function changes intended in this patch. Signed-off-by: Umang Jain Tested-by: Stefan Wahren Link: https://lore.kernel.org/r/20240910051007.297227-2-umang.jain@ideasonboard.com Signed-off-by: Greg Kroah-Hartman commit d41905b3bb890a32c87b65228b241daad8837fb0 Author: Maciej Fijalkowski Date: Tue Sep 10 14:41:29 2024 +0200 selftests/xsk: Read current MAX_SKB_FRAGS from sysctl knob Currently, xskxceiver assumes that MAX_SKB_FRAGS value is always 17 which is not true - since the introduction of BIG TCP this can now take any value between 17 to 45 via CONFIG_MAX_SKB_FRAGS. Adjust the TOO_MANY_FRAGS test case to read the currently configured MAX_SKB_FRAGS value by reading it from /proc/sys/net/core/max_skb_frags. If running system does not provide that sysctl file then let us try running the test with a default value. Signed-off-by: Maciej Fijalkowski Signed-off-by: Daniel Borkmann Acked-by: Magnus Karlsson Link: https://lore.kernel.org/bpf/20240910124129.289874-1-maciej.fijalkowski@intel.com commit 5ed771f174726ae879945d4f148a9005ac909cb7 Author: Nick Chan Date: Wed Sep 11 13:02:13 2024 +0800 tty: serial: samsung: Fix serial rx on Apple A7-A9 Apple's older A7-A9 SoCs seems to use bit 3 in UTRSTAT as RXTO, which is enabled by bit 11 in UCON. Access these bits in addition to the original RXTO and RXTO enable bits, to allow serial rx to function on A7-A9 SoCs. This change does not appear to affect the A10 SoC and up. Tested-by: Janne Grunau Reviewed-by: Neal Gompa Signed-off-by: Nick Chan Reviewed-by: Andi Shyti Link: https://lore.kernel.org/r/20240911050741.14477-4-towinchenmi@gmail.com Signed-off-by: Greg Kroah-Hartman commit 86d4ac2c0c31649f73bcbb424f9e1fb68c07cd60 Author: Nick Chan Date: Wed Sep 11 13:02:12 2024 +0800 tty: serial: samsung: Fix A7-A11 serial earlycon SError Apple's earlier SoCs, like A7-A11, requires 32-bit writes for the serial port. Otherwise, a SError happens when writing to UTXH (+0x20). This only manifested in earlycon as reg-io-width in the device tree is consulted for normal serial writes. Change the iotype of the port to UPIO_MEM32, to allow the serial port to function on A7-A11 SoCs. This change does not appear to affect Apple M1 and above. Reviewed-by: Krzysztof Kozlowski Reviewed-by: Neal Gompa Tested-by: Janne Grunau Signed-off-by: Nick Chan Reviewed-by: Andi Shyti Link: https://lore.kernel.org/r/20240911050741.14477-3-towinchenmi@gmail.com Signed-off-by: Greg Kroah-Hartman commit 4c59c59ef3ab9275f2a8f84dcffbd16c285ce8ea Author: Nick Chan Date: Wed Sep 11 13:02:11 2024 +0800 tty: serial: samsung: Use bit manipulation macros for APPLE_S5L_* New entries using BIT() will be added soon, so change the existing ones to use bit manipulation macros including BIT() and GENMASK() for consistency. Suggested-by: Krzysztof Kozlowski Tested-by: Janne Grunau Reviewed-by: Neal Gompa Signed-off-by: Nick Chan Reviewed-by: Andi Shyti Link: https://lore.kernel.org/r/20240911050741.14477-2-towinchenmi@gmail.com Signed-off-by: Greg Kroah-Hartman commit f16dd10ba342c429b1e36ada545fb36d4d1f0e63 Author: Florian Fainelli Date: Fri Sep 6 15:54:33 2024 -0700 tty: rp2: Fix reset with non forgiving PCIe host bridges The write to RP2_GLOBAL_CMD followed by an immediate read of RP2_GLOBAL_CMD in rp2_reset_asic() is intented to flush out the write, however by then the device is already in reset and cannot respond to a memory cycle access. On platforms such as the Raspberry Pi 4 and others using the pcie-brcmstb.c driver, any memory access to a device that cannot respond is met with a fatal system error, rather than being substituted with all 1s as is usually the case on PC platforms. Swapping the delay and the read ensures that the device has finished resetting before we attempt to read from it. Fixes: 7d9f49afa451 ("serial: rp2: New driver for Comtrol RocketPort 2 cards") Cc: stable Suggested-by: Jim Quinlan Signed-off-by: Florian Fainelli Link: https://lore.kernel.org/r/20240906225435.707837-1-florian.fainelli@broadcom.com Signed-off-by: Greg Kroah-Hartman commit a799585e8f462d5eced84b817f4ae09096493d47 Author: Liao Chen Date: Tue Sep 3 13:15:03 2024 +0000 serial: 8250_aspeed_vuart: Enable module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Acked-by: Uwe Kleine-König Link: https://lore.kernel.org/r/20240903131503.961178-1-liaochen4@huawei.com Signed-off-by: Greg Kroah-Hartman commit 63d14d974d3d82d0feeae8c73b055d330051e1b4 Author: Johan Hovold Date: Fri Sep 6 15:13:36 2024 +0200 serial: qcom-geni: fix polled console corruption The polled UART operations are used by the kernel debugger (KDB, KGDB), which can interrupt the kernel at any point in time. The current Qualcomm GENI implementation does not really work when there is on-going serial output as it inadvertently "hijacks" the current tx command, which can result in both the initial debugger output being corrupted as well as the corruption of any on-going serial output (up to 4k characters) when execution resumes: 0190: abcdefghijklmnopqrstuvwxyz0123456789 0190: abcdefghijklmnopqrstuvwxyz0123456789 0191: abcdefghijklmnop[ 50.825552] sysrq: DEBUG qrstuvwxyz0123456789 0191: abcdefghijklmnopqrstuvwxyz0123456789 Entering kdb (current=0xffff53510b4cd280, pid 640) on processor 2 due to Keyboard Entry [2]kdb> go omlji3h3h2g2g1f1f0e0ezdzdycycxbxbwawav :t72r2rp o9n976k5j5j4i4i3h3h2g2g1f1f0e0ezdzdycycxbxbwawavu:t7t8s8s8r2r2q0q0p o9n9n8ml6k6k5j5j4i4i3h3h2g2g1f1f0e0ezdzdycycxbxbwawav v u:u:t9t0s4s4rq0p o9n9n8m8m7l7l6k6k5j5j40q0p p o o9n9n8m8m7l7l6k6k5j5j4i4i3h3h2g2g1f1f0e0ezdzdycycxbxbwawav :t8t9s4s4r4r4q0q0p Fix this by making sure that the polled output implementation waits for the tx fifo to drain before cancelling any on-going longer transfers. As the polled code cannot take any locks, leave the state variables as they are and instead make sure that the interrupt handler always starts a new tx command when there is data in the write buffer. Since the debugger can interrupt the interrupt handler when it is writing data to the tx fifo, it is currently not possible to fully prevent losing up to 64 bytes of tty output on resume. Fixes: c4f528795d1a ("tty: serial: msm_geni_serial: Add serial driver support for GENI based QUP") Cc: stable@vger.kernel.org # 4.17 Reviewed-by: Douglas Anderson Tested-by: Nícolas F. R. A. Prado Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20240906131336.23625-9-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit 6f3c3cafb115c72f9222295a556d62d5d1e00f7a Author: Johan Hovold Date: Fri Sep 6 15:13:35 2024 +0200 serial: qcom-geni: disable interrupts during console writes Disable the GENI interrupts during console writes to reduce the risk of having interrupt handlers spinning on the port lock on other cores for extended periods of time. This can, for example, reduce the total amount of time spent in the interrupt handler during boot of the x1e80100 CRD by up to a factor nine (e.g. from 274 ms to 30 ms) while the worst case processing time drops from 19 ms to 8 ms. Fixes: c4f528795d1a ("tty: serial: msm_geni_serial: Add serial driver support for GENI based QUP") Reviewed-by: Douglas Anderson Tested-by: Nícolas F. R. A. Prado Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20240906131336.23625-8-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit cc4a0e5754a16bbc1e215c091349a7c83a2c5e14 Author: Johan Hovold Date: Fri Sep 6 15:13:34 2024 +0200 serial: qcom-geni: fix console corruption The Qualcomm serial console implementation is broken and can lose characters when the serial port is also used for tty output. Specifically, the console code only waits for the current tx command to complete when all data has already been written to the fifo. When there are on-going longer transfers this often means that console output is lost when the console code inadvertently "hijacks" the current tx command instead of starting a new one. This can, for example, be observed during boot when console output that should have been interspersed with init output is truncated: [ 9.462317] qcom-snps-eusb2-hsphy fde000.phy: Registered Qcom-eUSB2 phy [ OK ] Found device KBG50ZNS256G KIOXIA Wi[ 9.471743ndows. [ 9.539915] xhci-hcd xhci-hcd.0.auto: xHCI Host Controller Add a new state variable to track how much data has been written to the fifo and use it to determine when the fifo and shift register are both empty. This is needed since there is currently no other known way to determine when the shift register is empty. This in turn allows the console code to interrupt long transfers without losing data. Note that the oops-in-progress case is similarly broken as it does not cancel any active command and also waits for the wrong status flag when attempting to drain the fifo (TX_FIFO_NOT_EMPTY_EN is only set when cancelling a command leaves data in the fifo). Fixes: c4f528795d1a ("tty: serial: msm_geni_serial: Add serial driver support for GENI based QUP") Fixes: a1fee899e5be ("tty: serial: qcom_geni_serial: Fix softlock") Fixes: 9e957a155005 ("serial: qcom-geni: Don't cancel/abort if we can't get the port lock") Cc: stable@vger.kernel.org # 4.17 Reviewed-by: Douglas Anderson Tested-by: Nícolas F. R. A. Prado Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20240906131336.23625-7-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit b26d1ad1221273c88c2c4f5b4080338b8ca23859 Author: Douglas Anderson Date: Fri Sep 6 15:13:33 2024 +0200 serial: qcom-geni: introduce qcom_geni_serial_poll_bitfield() With a small modification the qcom_geni_serial_poll_bit() function could be used to poll more than just a single bit. Let's generalize it. We'll make the qcom_geni_serial_poll_bit() into just a wrapper of the general function. Signed-off-by: Douglas Anderson Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240610152420.v4.5.Ic6411eab8d9d37acc451705f583fb535cd6dadb2@changeid Tested-by: Nícolas F. R. A. Prado Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20240906131336.23625-6-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit c2eaf5e01275ae13f1ec5b1434f6c49cfff57430 Author: Douglas Anderson Date: Fri Sep 6 15:13:32 2024 +0200 serial: qcom-geni: fix arg types for qcom_geni_serial_poll_bit() The "offset" passed in should be unsigned since it's always a positive offset from our memory mapped IO. The "field" should be u32 since we're anding it with a 32-bit value read from the device. Suggested-by: Stephen Boyd Signed-off-by: Douglas Anderson Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240610152420.v4.4.I24a0de52dd7336908df180fa6b698e001f3aff82@changeid Tested-by: Nícolas F. R. A. Prado Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20240906131336.23625-5-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit b03ffc76b83c1a7d058454efbcf1bf0e345ef1c2 Author: Douglas Anderson Date: Fri Sep 6 15:13:31 2024 +0200 soc: qcom: geni-se: add GP_LENGTH/IRQ_EN_SET/IRQ_EN_CLEAR registers For UART devices the M_GP_LENGTH is the TX word count. For other devices this is the transaction word count. For UART devices the S_GP_LENGTH is the RX word count. The IRQ_EN set/clear registers allow you to set or clear bits in the IRQ_EN register without needing a read-modify-write. Acked-by: Bjorn Andersson Signed-off-by: Douglas Anderson Link: https://lore.kernel.org/r/20240610152420.v4.1.Ife7ced506aef1be3158712aa3ff34a006b973559@changeid Tested-by: Nícolas F. R. A. Prado Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20240906131336.23625-4-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit f97cdbbf187fefcf1fe19689cd9fdca11fe9c3eb Author: Johan Hovold Date: Fri Sep 6 15:13:30 2024 +0200 serial: qcom-geni: fix false console tx restart Commit 663abb1a7a7f ("tty: serial: qcom_geni_serial: Fix UART hang") addressed an issue with stalled tx after the console code interrupted the last bytes of a tx command by reenabling the watermark interrupt if there is data in write buffer. This can however break software flow control by re-enabling tx after the user has stopped it. Address the original issue by not clearing the CMD_DONE flag after polling for command completion. This allows the interrupt handler to start another transfer when the CMD_DONE interrupt has not been disabled due to flow control. Fixes: c4f528795d1a ("tty: serial: msm_geni_serial: Add serial driver support for GENI based QUP") Fixes: 663abb1a7a7f ("tty: serial: qcom_geni_serial: Fix UART hang") Cc: stable@vger.kernel.org # 4.17 Reviewed-by: Douglas Anderson Tested-by: Nícolas F. R. A. Prado Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20240906131336.23625-3-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit c80ee36ac8f9e9c27d8e097a2eaaf198e7534c83 Author: Johan Hovold Date: Fri Sep 6 15:13:29 2024 +0200 serial: qcom-geni: fix fifo polling timeout The qcom_geni_serial_poll_bit() can be used to wait for events like command completion and is supposed to wait for the time it takes to clear a full fifo before timing out. As noted by Doug, the current implementation does not account for start, stop and parity bits when determining the timeout. The helper also does not currently account for the shift register and the two-word intermediate transfer register. A too short timeout can specifically lead to lost characters when waiting for a transfer to complete as the transfer is cancelled on timeout. Instead of determining the poll timeout on every call, store the fifo timeout when updating it in set_termios() and make sure to take the shift and intermediate registers into account. Note that serial core has already added a 20 ms margin to the fifo timeout. Also note that the current uart_fifo_timeout() interface does unnecessary calculations on every call and did not exist in earlier kernels so only store its result once. This facilitates backports too as earlier kernels can derive the timeout from uport->timeout, which has since been removed. Fixes: c4f528795d1a ("tty: serial: msm_geni_serial: Add serial driver support for GENI based QUP") Cc: stable@vger.kernel.org # 4.17 Reported-by: Douglas Anderson Tested-by: Nícolas F. R. A. Prado Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20240906131336.23625-2-johan+linaro@kernel.org Signed-off-by: Greg Kroah-Hartman commit e5fa8db0be3e8757e8641600c518425a4589b85c Author: Pawel Laszczak Date: Thu Sep 5 07:03:28 2024 +0000 usb: xhci: fix loss of data on Cadence xHC Streams should flush their TRB cache, re-read TRBs, and start executing TRBs from the beginning of the new dequeue pointer after a 'Set TR Dequeue Pointer' command. Cadence controllers may fail to start from the beginning of the dequeue TRB as it doesn't clear the Opaque 'RsvdO' field of the stream context during 'Set TR Dequeue' command. This stream context area is where xHC stores information about the last partially executed TD when a stream is stopped. xHC uses this information to resume the transfer where it left mid TD, when the stream is restarted. Patch fixes this by clearing out all RsvdO fields before initializing new Stream transfer using a 'Set TR Dequeue Pointer' command. Fixes: 3d82904559f4 ("usb: cdnsp: cdns3 Add main part of Cadence USBSSP DRD Driver") cc: stable@vger.kernel.org Signed-off-by: Pawel Laszczak Reviewed-by: Peter Chen Link: https://lore.kernel.org/r/PH7PR07MB95386A40146E3EC64086F409DD9D2@PH7PR07MB9538.namprd07.prod.outlook.com Signed-off-by: Greg Kroah-Hartman commit 118ecef16cc221a23f96617016f7a205b070109f Author: WangYuli Date: Thu Sep 5 12:09:16 2024 +0800 usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host The resume operation of Phytium Px210 xHCI host would failed to restore state. Use the XHCI_RESET_ON_RESUME quirk to skip it and reset the controller after resume. Co-developed-by: Chen Baozi Signed-off-by: Chen Baozi Co-developed-by: Wang Zhimin Signed-off-by: Wang Zhimin Co-developed-by: Chen Zhenhua Signed-off-by: Chen Zhenhua Co-developed-by: Wang Yinfeng Signed-off-by: Wang Yinfeng Co-developed-by: Jiakun Shuai Signed-off-by: Jiakun Shuai Signed-off-by: WangYuli Link: https://lore.kernel.org/r/2C1FDC3BB34715BE+20240905040916.63199-1-wangyuli@uniontech.com Cc: stable Signed-off-by: Greg Kroah-Hartman commit 4664b73859dc2f05c2e178e4ca16362f89cff561 Author: Li Jun Date: Fri Sep 6 12:30:39 2024 -0400 usb: dwc3: imx8mp: disable SS_CON and U3 wakeup for system sleep SS_CON and U3 wakeup need 'ref_clk' on. iMX8MP turn off it while system sleep, So disable these wakeup source and only enable DP/DM wakeup source for host mode. Reviewed-by: Xu Yang Signed-off-by: Li Jun Acked-by: Thinh Nguyen Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20240906-dwc-mp-v5-3-ea8ec6774e7b@nxp.com Signed-off-by: Greg Kroah-Hartman commit a9400f1979a0820113a7216a69385cad3a9badde Author: Frank Li Date: Fri Sep 6 12:30:38 2024 -0400 usb: dwc3: imx8mp: add 2 software managed quirk properties for host mode Add 2 software manage quirk properties (xhci-missing-cas-quirk and xhci-skip-phy-init-quirk) for xhci host. dwc3 driver have PHY management to cover both device and host mode, so add xhci-skip-phy-init-quirk to skip PHY management from HCD core. Cold Attach Status (CAS) bit can't be set at i.MX8MP after resume from suspend state. So set xhci-missing-cas-quirk. Signed-off-by: Frank Li Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240906-dwc-mp-v5-2-ea8ec6774e7b@nxp.com Signed-off-by: Greg Kroah-Hartman commit a6cd2b3fa89468b5f28b83d211bd25cc589f9eba Author: Frank Li Date: Fri Sep 6 12:30:37 2024 -0400 usb: host: xhci-plat: Parse xhci-missing_cas_quirk and apply quirk Parse software managed property 'xhci-skip-phy-init-quirk' and 'xhci-skip-phy-init-quirk' to apply related quirk. It allows usb glue layer driver apply these quirk. Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20240906-dwc-mp-v5-1-ea8ec6774e7b@nxp.com Signed-off-by: Greg Kroah-Hartman commit 6782311d04dfbb01d379836ee5c564f49e66648c Author: Radhey Shyam Pandey Date: Sat Sep 7 23:33:16 2024 +0530 usb: misc: onboard_usb_dev: add Microchip usb5744 SMBus programming support usb5744 supports SMBus Configuration and it may be configured via the SMBus slave interface during the hub start-up configuration stage. To program it driver uses i2c-bus phandle (added in commit '02be19e914b8 dt-bindings: usb: Add support for Microchip usb5744 hub controller') to get i2c client device and then based on usb5744 compatible check calls usb5744 i2c default initialization sequence. Apart from the USB command attach, prevent the hub from suspend. when the USB Attach with SMBus (0xAA56) command is issued to the hub, the hub is getting enumerated and then it puts in a suspend mode. This causes the hub to NAK any SMBus access made by the SMBus Master during this period and not able to see the hub's slave address while running the "i2c probe" command. Prevent the MCU from putting the HUB in suspend mode through register write. The BYPASS_UDC_SUSPEND bit (Bit 3) of the RuntimeFlags2 register at address 0x411D controls this aspect of the hub. The BYPASS_UDC_SUSPEND bit in register 0x411Dh must be set to ensure that the MCU is always enabled and ready to respond to SMBus runtime commands. This register needs to be written before the USB attach command is issued. The byte sequence is as follows: Slave addr: 0x2d 00 00 05 00 01 41 1D 08 Slave addr: 0x2d 99 37 00 Slave addr: 0x2d AA 56 00 Also since usb5744 i2c initialization routine uses i2c SMBus APIs invoke these APIs only when i2c driver is enabled in the kernel configuration. Signed-off-by: Radhey Shyam Pandey Link: https://lore.kernel.org/r/1725732196-70975-3-git-send-email-radhey.shyam.pandey@amd.com Signed-off-by: Greg Kroah-Hartman commit 908f61bedb2c40c6d856bbfd7f870b967a4cb498 Author: Radhey Shyam Pandey Date: Sat Sep 7 23:33:15 2024 +0530 usb: misc: onboard_dev: extend platform data to add power on delay field Introduce dedicated field 'power_on_delay_us' in onboard platform data and update its delay for USB5744 configuration. Hub itself requires some delay after reset to get to state where configuration data is going to be accepted. Without delay upcoming support for configuration via SMBUS is reporting a failure on the first SMBus write. i2c 2-002d: error -ENXIO: BYPASS_UDC_SUSPEND bit configuration failed Similar delay is likely also required for default configuration but because there is enough time (code execution) between reset and usage of the hub any issue is not visible but it doesn't mean delay shouldn't be reflected. Signed-off-by: Radhey Shyam Pandey Suggested-by: Matthias Kaehlcke Link: https://lore.kernel.org/r/1725732196-70975-2-git-send-email-radhey.shyam.pandey@amd.com Signed-off-by: Greg Kroah-Hartman commit 2c6b6afa59e78bebcb65bbc8a76b3459f139547c Author: Tomas Marek Date: Fri Sep 6 07:50:25 2024 +0200 usb: dwc2: drd: fix clock gating on USB role switch The dwc2_handle_usb_suspend_intr() function disables gadget clocks in USB peripheral mode when no other power-down mode is available (introduced by commit 0112b7ce68ea ("usb: dwc2: Update dwc2_handle_usb_suspend_intr function.")). However, the dwc2_drd_role_sw_set() USB role update handler attempts to read DWC2 registers if the USB role has changed while the USB is in suspend mode (when the clocks are gated). This causes the system to hang. Release the gadget clocks before handling the USB role update. Fixes: 0112b7ce68ea ("usb: dwc2: Update dwc2_handle_usb_suspend_intr function.") Cc: stable@vger.kernel.org Signed-off-by: Tomas Marek Link: https://lore.kernel.org/r/20240906055025.25057-1-tomas.marek@elrest.cz Signed-off-by: Greg Kroah-Hartman commit 1702bec4477cc7d31adb4a760d14d33fac928b7a Author: Pawel Laszczak Date: Fri Sep 6 06:48:54 2024 +0000 usb: cdnsp: Fix incorrect usb_request status Fix changes incorrect usb_request->status returned during disabling endpoints. Before fix the status returned during dequeuing requests while disabling endpoint was ECONNRESET. Patch change it to ESHUTDOWN. Patch fixes issue detected during testing UVC gadget. During stopping streaming the class starts dequeuing usb requests and controller driver returns the -ECONNRESET status. After completion requests the class or application "uvc-gadget" try to queue this request again. Changing this status to ESHUTDOWN cause that UVC assumes that endpoint is disabled, or device is disconnected and stops re-queuing usb requests. Fixes: 3d82904559f4 ("usb: cdnsp: cdns3 Add main part of Cadence USBSSP DRD Driver") cc: stable@vger.kernel.org Signed-off-by: Pawel Laszczak Reviewed-by: Peter Chen Link: https://lore.kernel.org/r/PH7PR07MB9538E8CA7A2096AAF6A3718FDD9E2@PH7PR07MB9538.namprd07.prod.outlook.com Signed-off-by: Greg Kroah-Hartman commit 77e85107a7717ecb755cf77a2752a2aadd28c4e3 Author: Emanuele Ghidoli Date: Thu Sep 5 08:53:28 2024 +0200 usb: typec: tcpci: support edge irq TCPCI USB PHY - PTN5110 could be used with SOCs that only support the edge-triggered GPIO interrupts such as TI's K3 device AM69. Move the interrupt configuration to the firmware which would allow to accommodate edge triggered interrupts for such SOCs. In order to support the edge interrupts, register irq line in advance and keep track of occurrence during port registering. When the edge interrupts are used, it is observed that some of the interrupts are missed when tcpci_irq() is serving the current interrupt. Therefore, check the status register at the end of tcpci_irq() and re-run the function if the status is not clear i.e. pending interrupt. Signed-off-by: Emanuele Ghidoli Signed-off-by: Parth Pancholi Reviewed-by: Heikki Krogerus Reviewed-by: Francesco Dolcini Link: https://lore.kernel.org/r/20240905065328.7116-1-parth105105@gmail.com Signed-off-by: Greg Kroah-Hartman commit 7793472be315c5bddbb5cabb55e61ea9a7dca755 Author: Andreas Kühn Date: Tue Sep 3 15:25:15 2024 +0200 usb: chipidea: npcm: Fix coding style with clarification of data type Fixed coding style issue: unsigned to unsigned int. Signed-off-by: Andreas Kühn Acked-by: Peter Chen Link: https://lore.kernel.org/r/20240903132535.15554-1-andreas.kuehn@diekuehnen.com Signed-off-by: Greg Kroah-Hartman commit 64fa3bc36d3cf6b58f9981d9c5d353777de7952e Author: Andy Shevchenko Date: Tue Sep 3 21:31:36 2024 +0300 usb: common: Switch to device_property_match_property_string() Replace open coded device_property_match_property_string(). Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240903183136.3641770-1-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 625fa77151f00c1bd00d34d60d6f2e710b3f9aad Author: Edward Adam Davis Date: Sun Sep 8 17:17:41 2024 +0800 USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmc_write, we need to clear the structure before filling fields. Fixes: 4ddc645f40e9 ("usb: usbtmc: Add ioctl for vendor specific write") Reported-and-tested-by: syzbot+9d34f80f841e948c3fdb@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=9d34f80f841e948c3fdb Signed-off-by: Edward Adam Davis Cc: stable Link: https://lore.kernel.org/r/tencent_9649AA6EC56EDECCA8A7D106C792D1C66B06@qq.com Signed-off-by: Greg Kroah-Hartman commit 0088d7581b12c6b310fb57a25b7c07622655c23d Author: Bagas Sanjaya Date: Sun Sep 8 18:34:23 2024 +0700 tools: usb: p9_fwd: wrap USBG shell command examples in literal code blocks Stephen Rothwell reported htmldocs warning when merging usb tree: Documentation/filesystems/9p.rst:99: ERROR: Unexpected indentation. That's because Sphinx tries rendering p9_fwd.py output as a grid table instead. Wrap shell commands in "USBG Example" section in literal code blocks to fix above warning and to be in line with rest of commands in the doc. Reported-by: Stephen Rothwell Closes: https://lore.kernel.org/linux-next/20240905184059.0f30ff9a@canb.auug.org.au/ Fixes: 673f0c3ffc75 ("tools: usb: p9_fwd: add usb gadget packet forwarder script") Signed-off-by: Bagas Sanjaya Acked-by: Michael Grzeschik Link: https://lore.kernel.org/r/20240908113423.158352-1-bagasdotme@gmail.com Signed-off-by: Greg Kroah-Hartman commit 84eacf177faa605853c58e5b1c0d9544b88c16fd Author: Felix Moessbauer Date: Tue Sep 10 19:11:57 2024 +0200 io_uring/io-wq: inherit cpuset of cgroup in io worker The io worker threads are userland threads that just never exit to the userland. By that, they are also assigned to a cgroup (the group of the creating task). When creating a new io worker, this worker should inherit the cpuset of the cgroup. Fixes: da64d6db3bd3 ("io_uring: One wqe per wq") Signed-off-by: Felix Moessbauer Link: https://lore.kernel.org/r/20240910171157.166423-3-felix.moessbauer@siemens.com Signed-off-by: Jens Axboe commit 0997aa5497c714edbb349ca366d28bd550ba3408 Author: Felix Moessbauer Date: Tue Sep 10 19:11:56 2024 +0200 io_uring/io-wq: do not allow pinning outside of cpuset The io worker threads are userland threads that just never exit to the userland. By that, they are also assigned to a cgroup (the group of the creating task). When changing the affinity of the io_wq thread via syscall, we must only allow cpumasks within the limits defined by the cpuset controller of the cgroup (if enabled). Fixes: da64d6db3bd3 ("io_uring: One wqe per wq") Signed-off-by: Felix Moessbauer Link: https://lore.kernel.org/r/20240910171157.166423-2-felix.moessbauer@siemens.com Signed-off-by: Jens Axboe commit 7b24a3bce42b9a0cbafd1bd12de349b82c649b79 Author: Lin Ruifeng Date: Sat Sep 7 16:13:51 2024 +0800 usb: musb: mediatek: Simplify code with dev_err_probe() The combination of dev_err() and the returned error code could be replaced by dev_err_probe() in driver's probe function. Let's, converting to dev_err_probe() to make code more simple. Signed-off-by: Lin Ruifeng Reviewed-by: AngeloGioacchino Del Regno Reviewed-by: Matthias Brugger Link: https://lore.kernel.org/r/20240907081351.19879-1-linruifeng4@huawei.com Signed-off-by: Greg Kroah-Hartman commit eb1d46fcd5d672c9da84925ec38f1aca35d40940 Author: Kundan Kumar Date: Wed Sep 11 12:19:35 2024 +0530 block: unpin user pages belonging to a folio at once Use newly added mm function unpin_user_folio() to put refs by npages count. Signed-off-by: Kundan Kumar Tested-by: Luis Chamberlain Link: https://lore.kernel.org/r/20240911064935.5630-5-kundan.kumar@samsung.com Signed-off-by: Jens Axboe commit d3bfbfb1248498656cd25c51e41c1e31219bd0dd Author: Kundan Kumar Date: Wed Sep 11 12:19:34 2024 +0530 mm: release number of pages of a folio Add a new function unpin_user_folio() to put the refs of a folio by npages count. The check for BIO_PAGE_PINNED flag is removed as it is already checked in bio_release_pages(). Signed-off-by: Kundan Kumar Tested-by: Luis Chamberlain Reviewed-by: Matthew Wilcox (Oracle) Link: https://lore.kernel.org/r/20240911064935.5630-4-kundan.kumar@samsung.com Signed-off-by: Jens Axboe commit ed9832bc08db29874600eb066b74918fe6fc2060 Author: Kundan Kumar Date: Wed Sep 11 12:19:33 2024 +0530 block: introduce folio awareness and add a bigger size from folio Add a bigger size from folio to bio and skip merge processing for pages. Fetch the offset of page within a folio. Depending on the size of folio and folio_offset, fetch a larger length. This length may consist of multiple contiguous pages if folio is multiorder. Using the length calculate number of pages which will be added to bio and increment the loop counter to skip those pages. This technique helps to avoid overhead of merging pages which belong to same large order folio. Also folio-ize the functions bio_iov_add_page() and bio_iov_add_zone_append_page() Signed-off-by: Kundan Kumar Tested-by: Luis Chamberlain Reviewed-by: Christoph Hellwig Reviewed-by: Matthew Wilcox (Oracle) Link: https://lore.kernel.org/r/20240911064935.5630-3-kundan.kumar@samsung.com Signed-off-by: Jens Axboe commit 7de98954687fe152c5f38afd719b3fdf9f34020a Author: Kundan Kumar Date: Wed Sep 11 12:19:32 2024 +0530 block: Added folio-ized version of bio_add_hw_page() Added new bio_add_hw_folio() function as a wrapper around bio_add_hw_page(). This is a prep patch. Signed-off-by: Kundan Kumar Tested-by: Luis Chamberlain Reviewed-by: Matthew Wilcox (Oracle) Link: https://lore.kernel.org/r/20240911064935.5630-2-kundan.kumar@samsung.com Signed-off-by: Jens Axboe commit b8a93e8028feef925ea5a2c212fafbe14a76f46e Merge: 7de106b768e299 7d47d22444bb7d Author: Greg Kroah-Hartman Date: Wed Sep 11 15:19:45 2024 +0200 Merge tag 'usb-serial-6.12-rc1-2' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial into usb-next Johan writes: USB-serial device id for 6.12-rc1 Here's a new pl2303 device id. This one has been in linux-next with no reported issues. * tag 'usb-serial-6.12-rc1-2' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial: USB: serial: pl2303: add device id for Macrosilicon MS3020 commit 7de106b768e299400798f995bd7a50b43d4bdd6b Merge: 761fd871015f41 4c0d9477ba69a4 Author: Greg Kroah-Hartman Date: Wed Sep 11 15:18:32 2024 +0200 Merge tag 'usb-serial-6.12-rc1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial into usb-next Johan writes: USB-serial updates for 6.12-rc1 Here are the USB-serial updates for 6.12-rc1, including: - fix kobil_sct initial terminal settings - set driver owner when registering drivers All have been in linux-next with no reported issues. * tag 'usb-serial-6.12-rc1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial: USB: serial: kobil_sct: restore initial terminal settings USB: serial: drop driver owner initialization USB: serial: set driver owner when registering drivers commit 761fd871015f4102725b52b81c4373513ad8991f Merge: f299cd11f75394 10904df3f20cf3 Author: Greg Kroah-Hartman Date: Wed Sep 11 15:17:43 2024 +0200 Merge tag 'thunderbolt-for-v6.12-rc1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/westeri/thunderbolt into usb-next Mika writes: thunderbolt: Changes for v6.12 merge window This includes following USB4/Thunderbolt changes for the v6.12 merge window: - Improvements for software receiver lane margining - Enable support for optional voltage offset range for receiver lane margining. All these have been in linux-next with no reported issues. * tag 'thunderbolt-for-v6.12-rc1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/westeri/thunderbolt: thunderbolt: Improve software receiver lane margining thunderbolt: Add optional voltage offset range for receiver lane margining thunderbolt: Consolidate margining parameters into a structure thunderbolt: Add missing usb4_port_sb_read() to usb4_port_sw_margin() commit 5c4e15e63216e7268bb2f1132ee8fad0ec46bbb7 Author: Muhammad Usama Anjum Date: Wed Sep 11 16:13:07 2024 +0500 ASoC: mediatek: mt8365: check validity before usage of i2s_data There may be a case where i2s_data may not get initialized by the for loop which will cause the kernel crash. Initialize the i2s_data to NULL and abort execute if it isn't found. Fixes: 402bbb13a195 ("ASoC: mediatek: mt8365: Add I2S DAI support") Signed-off-by: Muhammad Usama Anjum Reviewed-by: AngeloGioacchino Del Regno Link: https://patch.msgid.link/20240911111317.4072349-1-usama.anjum@collabora.com Signed-off-by: Mark Brown commit 74298dd8acb875dc9b0486437945e50811b31794 Author: Changbin Du Date: Wed Sep 11 18:01:26 2024 +0800 perf ftrace: Detect whether ftrace is enabled on system To make error messages more accurate, this change detects whether ftrace is enabled on system by checking trace file "set_ftrace_pid". Before: # perf ftrace failed to reset ftrace # After: # perf ftrace ftrace is not supported on this system # Committer testing: Doing it in an unprivileged toolbox container on Fedora 40: Before: acme@number:~/git/perf-tools-next$ toolbox enter perf ⬢[acme@toolbox perf-tools-next]$ sudo su - ⬢[root@toolbox ~]# ~acme/bin/perf ftrace failed to reset ftrace ⬢[root@toolbox ~]# After this patch: ⬢[root@toolbox ~]# ~acme/bin/perf ftrace ftrace is not supported on this system ⬢[root@toolbox ~]# Maybe we could check if we are in such as situation, inside an unprivileged container, and provide a HINT line? Reviewed-by: James Clark Signed-off-by: Changbin Du Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Changbin Du Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240911100126.900779-1-changbin.du@huawei.com Signed-off-by: Arnaldo Carvalho de Melo commit 83420d5f586344f3781b35f5d78b67aea55bff2b Author: Arnaldo Carvalho de Melo Date: Tue Sep 10 17:18:26 2024 -0300 perf test shell probe_vfs_getname: Remove extraneous '=' from probe line number regex Thomas reported the vfs_getname perf tests failing on s/390, it seems it was just to some extraneous '=' somehow getting into the regexp, remove it, now: root@x1:~# perf test getname 91: Add vfs_getname probe to get syscall args filenames : Ok 93: Use vfs_getname probe to get syscall args filenames : FAILED! 126: Check open filename arg using perf trace + vfs_getname : Ok root@x1:~# Second one remains a mistery, have to take some time to nail it down. Reported-by: Thomas Richter Tested-by: Thomas Richter Cc: Adrian Hunter Cc: Alexander Gordeev Cc: Heiko Carstens Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Vasily Gorbik , Link: https://lore.kernel.org/lkml/1d7f3b7b-9edc-4d90-955c-9345428563f1@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 9327f0ecad48517d4f6f9dfa7b194d0cf53092ea Author: Arnaldo Carvalho de Melo Date: Tue Sep 10 16:44:21 2024 -0300 perf build: Require at least clang 16.0.6 to build BPF skeletons Howard reported problems using perf features that use BPF: perf $ clang -v Debian clang version 15.0.6 Target: x86_64-pc-linux-gnu Thread model: posix InstalledDir: /bin Found candidate GCC installation: /bin/../lib/gcc/x86_64-linux-gnu/12 Selected GCC installation: /bin/../lib/gcc/x86_64-linux-gnu/12 Candidate multilib: .;@m64 Selected multilib: .;@m64 perf $ ./perf trace -e write --max-events=1 libbpf: prog 'sys_enter_rename': BPF program load failed: Permission denied libbpf: prog 'sys_enter_rename': -- BEGIN PROG LOAD LOG -- 0: R1=ctx() R10=fp0 But it works with: perf $ clang -v Debian clang version 16.0.6 (15~deb12u1) Target: x86_64-pc-linux-gnu Thread model: posix InstalledDir: /bin Found candidate GCC installation: /bin/../lib/gcc/x86_64-linux-gnu/12 Selected GCC installation: /bin/../lib/gcc/x86_64-linux-gnu/12 Candidate multilib: .;@m64 Selected multilib: .;@m64 perf $ ./perf trace -e write --max-events=1 0.000 ( 0.009 ms): gmain/1448 write(fd: 4, buf: \1\0\0\0\0\0\0\0, count: 8) = 8 (kworker/0:0-eve) perf $ So lets make that the required version, if you happen to have a slightly older version where this work, please report so that we can adjust the minimum required version. Reported-by: Howard Chu Cc: Ian Rogers Cc: Adrian Hunter Cc: Alan Maguire Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/ZuGL9ROeTV2uXoSp@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 4c1af9bf97eb56d069421c3233ce61608458d5c8 Author: Arnaldo Carvalho de Melo Date: Tue Sep 10 13:54:23 2024 -0300 perf trace: If a syscall arg is marked as 'const', assume it is coming _from_ userspace We need to decide where to copy syscall arg contents, if at the syscalls:sys_entry hook, meaning is something that is coming from user to kernel space, or if it is a response, i.e. if it is something the _kernel_ is filling in and thus going to userspace. Since we have 'const' used in those syscalls, and unsure about this being consistent, doing: root@number:~# echo $(grep const /sys/kernel/tracing/events/syscalls/sys_enter_*/format | grep struct | cut -c47- | cut -d'/' -f1) clock_nanosleep clock_settime epoll_pwait2 futex io_pgetevents landlock_create_ruleset listmount mq_getsetattr mq_notify mq_timedreceive mq_timedsend preadv2 preadv prlimit64 process_madvise process_vm_readv process_vm_readv process_vm_writev process_vm_writev pwritev2 pwritev readv rt_sigaction rt_sigtimedwait semtimedop statmount timerfd_settime timer_settime vmsplice writev root@number:~# Seems to indicate that we can use that for the ones that have the 'const' to mark it as coming from user space, do it. Most notable/frequent syscall that now gets BTF pretty printed in a system wide 'perf trace' session is: root@number:~# perf trace 21.160 ( ): MediaSu~isor #/1028597 futex(uaddr: 0x7f49e1dfe964, op: WAIT_BITSET|PRIVATE_FLAG, utime: (struct __kernel_timespec){.tv_sec = (__kernel_time64_t)50290,.tv_nsec = (long long int)810362837,}, val3: MATCH_ANY) ... 21.166 ( 0.000 ms): RemVidChild/6995 futex(uaddr: 0x7f49fcc7fa00, op: WAKE|PRIVATE_FLAG, val: 1) = 0 21.169 ( 0.001 ms): RemVidChild/6995 sendmsg(fd: 25, msg: 0x7f49e9af9da0, flags: DONTWAIT) = 280 21.172 ( 0.289 ms): RemVidChild/6995 futex(uaddr: 0x7f49fcc7fa58, op: WAIT_BITSET|PRIVATE_FLAG|CLOCK_REALTIME, val3: MATCH_ANY) = 0 21.463 ( 0.000 ms): RemVidChild/6995 futex(uaddr: 0x7f49fcc7fa00, op: WAKE|PRIVATE_FLAG, val: 1) = 0 21.467 ( 0.001 ms): RemVidChild/6995 futex(uaddr: 0x7f49e28bb964, op: WAKE|PRIVATE_FLAG, val: 1) = 1 21.160 ( 0.314 ms): MediaSu~isor #/1028597 ... [continued]: futex()) = 0 21.469 ( ): RemVidChild/6995 futex(uaddr: 0x7f49fcc7fa5c, op: WAIT_BITSET|PRIVATE_FLAG|CLOCK_REALTIME, val3: MATCH_ANY) ... 21.475 ( 0.000 ms): MediaSu~isor #/1028597 futex(uaddr: 0x7f49d0223040, op: WAKE|PRIVATE_FLAG, val: 1) = 0 21.478 ( 0.001 ms): MediaSu~isor #/1028597 futex(uaddr: 0x7f49e26ac964, op: WAKE|PRIVATE_FLAG, val: 1) = 1 ^Croot@number:~# root@number:~# cat /sys/kernel/tracing/events/syscalls/sys_enter_futex/format name: sys_enter_futex ID: 454 format: field:unsigned short common_type; offset:0; size:2; signed:0; field:unsigned char common_flags; offset:2; size:1; signed:0; field:unsigned char common_preempt_count; offset:3; size:1; signed:0; field:int common_pid; offset:4; size:4; signed:1; field:int __syscall_nr; offset:8; size:4; signed:1; field:u32 * uaddr; offset:16; size:8; signed:0; field:int op; offset:24; size:8; signed:0; field:u32 val; offset:32; size:8; signed:0; field:const struct __kernel_timespec * utime; offset:40; size:8; signed:0; field:u32 * uaddr2; offset:48; size:8; signed:0; field:u32 val3; offset:56; size:8; signed:0; print fmt: "uaddr: 0x%08lx, op: 0x%08lx, val: 0x%08lx, utime: 0x%08lx, uaddr2: 0x%08lx, val3: 0x%08lx", ((unsigned long)(REC->uaddr)), ((unsigned long)(REC->op)), ((unsigned long)(REC->val)), ((unsigned long)(REC->utime)), ((unsigned long)(REC->uaddr2)), ((unsigned long)(REC->val3)) root@number:~# Suggested-by: Ian Rogers Reviewed-by: Ian Rogers Cc: Adrian Hunter Cc: Alan Maguire Cc: Howard Chu Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/CAP-5=fWnuQrrBoTn6Rrn6vM_xQ2fCoc9i-AitD7abTcNi-4o1Q@mail.gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit e37b315c17df21c3906e4798b3531c5b6d1da489 Author: Yang Li Date: Tue Sep 10 08:55:22 2024 +0800 perf parse-events: Remove duplicated include in parse-events.c The header files parse-events.h is included twice in parse-events.c, so one inclusion of each can be removed. Reported-by: Abaci Robot Signed-off-by: Yang Li Reviewed-by: James Clark Cc: Ingo Molnar Cc: Namhyung Kim Cc: Peter Zijlstra Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=10822 Link: https://lore.kernel.org/r/20240910005522.35994-1-yang.lee@linux.alibaba.com Signed-off-by: Arnaldo Carvalho de Melo commit 8e8895c9dc81a7fdbeb15adb394139e79f5281b6 Author: Luke D. Jones Date: Tue Sep 10 16:54:43 2024 +1200 platform/x86: asus-wmi: don't fail if platform_profile already registered On some newer laptops ASUS laptops SPS support is advertised but not actually used, causing the AMD driver to register as a platform_profile handler. If this happens then the asus_wmi driver would error with -EEXIST when trying to register its own handler leaving the user with a possibly unusable system. This is especially true for laptops with an MCU that emit a stream of HID packets, some of which can be misinterpreted as shutdown signals. We can safely continue loading the driver instead of bombing out. Signed-off-by: Luke D. Jones Link: https://lore.kernel.org/r/20240910045443.678145-1-luke@ljones.dev Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit f965e5bf656984c594e9010f1bb54a6de4c48e7b Author: Luke D. Jones Date: Tue Sep 10 17:05:07 2024 +1200 platform/x86: asus-wmi: add debug print in more key places Add more verbose debug print in the WMI method calls. This helps a lot with debugging various issues working with regular users as the WMI methods can be traced now. Signed-off-by: Luke D. Jones Link: https://lore.kernel.org/r/20240910050507.685069-1-luke@ljones.dev Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 5f1cda51107fd5e53cd012bd1f6f39aede96bdbe Author: Andy Shevchenko Date: Mon Sep 9 15:41:06 2024 +0300 platform/x86: intel_scu_wdt: Move intel_scu_wdt.h to x86 subfolder This is a platform/x86 library that can only be used on x86 devices. so it makes sense that it lives under the platform_data/x86/ directory instead. No functional changes intended. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240909124952.1152017-4-andriy.shevchenko@linux.intel.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit c912ac66b3fc92acb0079fff7d030e9be0756c36 Author: Mika Westerberg Date: Mon Sep 9 15:41:05 2024 +0300 platform/x86: intel_scu_ipc: Move intel_scu_ipc.h out of arch/x86/include/asm This is a platform/x86 library that is mostly being used by other drivers not directly under arch/x86 anyway (with the exception of the Intel MID setup code) so it makes sense that it lives under the platform_data/x86/ directory instead. No functional changes intended. Suggested-by: Andy Shevchenko Signed-off-by: Mika Westerberg Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240909124952.1152017-3-andriy.shevchenko@linux.intel.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit d35b0b0e1445492e746a6999dde9bfa82b7949e5 Author: Andy Shevchenko Date: Mon Sep 9 15:41:04 2024 +0300 MAINTAINERS: Add Intel MID section The different drivers are spread over the kernel. I would like to be informed about the changes in them, which are done not by me. Also, most of them I indeed support. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240909124952.1152017-2-andriy.shevchenko@linux.intel.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit b522dd730b9680fdbd525ba2a1e781ccba5b69cb Author: James Harmison Date: Mon Sep 9 13:32:27 2024 +0200 platform/x86: panasonic-laptop: Add support for programmable buttons The value returned by "HINF" contains press/release information in bit 7 and a keycode in bits 0-6. Change the code to retrieve the keycode to use all 7 keycode bits instead of only using bits 0-3 and add mappings for the higher keycodes used by the programmable buttons found on newer panasonic toughbook models. Tested-by: James Harmison Signed-off-by: James Harmison Signed-off-by: Hans de Goede Link: https://lore.kernel.org/r/20240909113227.254470-3-hdegoede@redhat.com commit c7f06284a6427475e3df742215535ec3f6cd9662 Author: Dan Carpenter Date: Wed Sep 11 10:39:15 2024 +0300 ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() The psc->div[] array has psc->num_div elements. These values come from when we call clk_hw_register_div(). It's adc_divisors and ARRAY_SIZE(adc_divisors)) and so on. So this condition needs to be >= instead of > to prevent an out of bounds read. Fixes: 9645ccc7bd7a ("ep93xx: clock: convert in-place to COMMON_CLK") Signed-off-by: Dan Carpenter Acked-by: Alexander Sverdlin Reviewed-by: Nikita Shubin Signed-off-by: Alexander Sverdlin Link: https://lore.kernel.org/r/1caf01ad4c0a8069535813c26c7f0b8ea011155e.camel@linaro.org Signed-off-by: Arnd Bergmann commit f80d7100f091e96b54beb32dc6d136520453582f Author: Li Zetao Date: Sat Sep 7 11:09:59 2024 +0800 platform/olpc: Remove redundant null pointer checks in olpc_ec_setup_debugfs() Since the debugfs_create_dir() never returns a null pointer, checking the return value for a null pointer is redundant. Since debugfs_create_file() can deal with a ERR_PTR() style pointer, drop the check. Signed-off-by: Li Zetao Link: https://lore.kernel.org/r/20240907031009.3591057-2-lizetao1@huawei.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 65b72ea91a257a5f0cb5a26b01194d3dd4b85298 Author: Vishnu Sankar Date: Sun Aug 18 16:27:29 2024 +0900 HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio This applies similar quirks used by previous generation device, so that Trackpoint and buttons on the touchpad works. New USB KBD PID 0x61AE for Thinkpad X12 Tab is added. Signed-off-by: Vishnu Sankar Reviewed-by: Mark Pearson Signed-off-by: Jiri Kosina commit cedf233530cc375343c5a0b612fe94392f246c99 Author: Xi Pardee Date: Fri Sep 6 11:40:03 2024 -0700 platform/x86: intel/pmc: Ignore all LTRs during suspend Add support to ignore all LTRs before suspend and restore the previous LTR values after suspend. This feature could be turned off with module parameter ltr_ignore_all_suspend. LTR value is a mechanism for a device to indicate tolerance to access the corresponding resource. When system suspends, the resource is not available and therefore the LTR value could be ignored. Ignoring all LTR values prevents problematic device from blocking the system to get to the deepest package state during suspend. Suggested-by: Rafael J. Wysocki Signed-off-by: Xi Pardee Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20240906184016.268153-1-xi.pardee@linux.intel.com Signed-off-by: Hans de Goede commit 9c2010bccc0ce012f52de18ebd0c3add241f75b8 Author: Eric Biggers Date: Tue Sep 10 10:52:59 2024 -0700 dm-integrity: check mac_size against HASH_MAX_DIGESTSIZE in sb_mac() sb_mac() verifies that the superblock + MAC don't exceed 512 bytes. Because the superblock is currently 64 bytes, this really verifies mac_size <= 448. This confuses smatch into thinking that mac_size may be as large as 448, which is inconsistent with the later code that assumes the MAC fits in a buffer of size HASH_MAX_DIGESTSIZE (64). In fact mac_size <= HASH_MAX_DIGESTSIZE is guaranteed by the crypto API, as that is the whole point of HASH_MAX_DIGESTSIZE. But, let's be defensive and explicitly check for this. This suppresses the false positive smatch warning. It does not fix an actual bug. Reported-by: kernel test robot Reported-by: Dan Carpenter Closes: https://lore.kernel.org/r/202409061401.44rtN1bh-lkp@intel.com/ Signed-off-by: Eric Biggers Signed-off-by: Mikulas Patocka commit 6f2487bfafce5e6cd6f89e7238a82012f7b9f5ac Author: Michael Guralnik Date: Mon Sep 9 13:05:03 2024 +0300 RDMA/mlx5: Add implicit MR handling to ODP memory scheme Implicit MRs in ODP memory scheme require allocating a private null mkey and assigning the mkey and va differently in the KSM mkey. The page faults are received on the null mkey so we also add storing the null mkey in the odp_mkey xarray. Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909100504.29797-8-michaelgur@nvidia.com Signed-off-by: Leon Romanovsky commit e4fda2320f8e6bfc74f01770eb95a31cb327cc09 Author: Michael Guralnik Date: Mon Sep 9 13:05:02 2024 +0300 RDMA/mlx5: Add handling for memory scheme page fault events The memory scheme page fault event is a new approch in handling page fault on mkeys using the on-demand-paging feature. The major shift in handling the page fault in this scheme is that the HW is taking responsibilty for parsing the faulted mkey instead of the previous approach where the driver would read and parse the wqes and query the mkeys to get to the direct mkey that we need to handle. Therefore, the event we get from FW in this scheme will contain the direct mkey and address we need to handle and require much less work from driver. Additionally, to optimize performance, the FW can generate the event on a memory area that is larger than the faulted memory operation is requiring, to 'prefetch' memory that is around it and will likely be used soon. Unlike previous types of page fault, the memory page scheme fault does not always require a resume command after handling the page fault as the FW can post multiple events on same mkey and will set the 'last' flag only on the page fault that requires the resume command. Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909100504.29797-7-michaelgur@nvidia.com Signed-off-by: Leon Romanovsky commit 7f91510af938b4b308a3d716fd3dbc1b3614ca6d Author: Michael Guralnik Date: Mon Sep 9 13:05:01 2024 +0300 RDMA/mlx5: Split ODP mkey search logic Split the search for the ODP mkey when handling an rdma type page fault to a helper function, later to be used in other page fault types. Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909100504.29797-6-michaelgur@nvidia.com Signed-off-by: Leon Romanovsky commit 8c6d097d830f779fc1725fbaa1314f20a7a07b4b Author: Michael Guralnik Date: Mon Sep 9 13:05:00 2024 +0300 RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults The new memory scheme page faults are requesting the driver to fetch additinal pages to the faulted memory access. This is done in order to prefetch pages before and after the area that got the page fault, assuming this will reduce the total amount of page faults. The driver should ensure it handles only the pages that are within the umem range. Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909100504.29797-5-michaelgur@nvidia.com Signed-off-by: Leon Romanovsky commit 64c68385a39bb676c76da36164ab696e8da78842 Author: Michael Guralnik Date: Mon Sep 9 13:04:59 2024 +0300 RDMA/mlx5: Add new ODP memory scheme eqe format Add new fields to support the new memory scheme page fault and extend the token field to u64 as in the new scheme the token is 48 bit. Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909100504.29797-4-michaelgur@nvidia.com Signed-off-by: Leon Romanovsky commit 6cd9171d04cff79abe78c166927ab8563bf95fe5 Author: Michael Guralnik Date: Mon Sep 9 13:04:58 2024 +0300 net/mlx5: Expose HW bits for Memory scheme ODP Expose IFC bits to support the new memory scheme on demand paging. Change the macro reading odp capabilities to be able to read from the new IFC layout and align the code in upper layers to be compiled. Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909100504.29797-3-michaelgur@nvidia.com Signed-off-by: Leon Romanovsky commit cef7dde8836ab09a3bfe96ada4f18ef2496eacc9 Author: Michael Guralnik Date: Mon Sep 9 13:04:57 2024 +0300 net/mlx5: Expand mkey page size to support 6 bits Protect the usage of the 6th bit with the relevant capability to ensure we are using the new page sizes with FW that supports the bit extension. Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/20240909100504.29797-2-michaelgur@nvidia.com Signed-off-by: Leon Romanovsky commit 0b0aa67baa8904e3c1e13be48a2ca125f59ead3d Author: Vijendar Mukunda Date: Wed Sep 11 15:05:54 2024 +0530 ASoC: amd: acp: remove MODULE_ALIAS for sof based generic machine driver As module device table added for AMD sof based generic machine driver, MODULE_ALIAS is not required. Remove MODULE_ALIAS for AMD sof based generic machine driver. Signed-off-by: Vijendar Mukunda Link: https://patch.msgid.link/20240911093554.2076872-2-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit bacae49eccb9a3acaf74fc275893abc26c0420b5 Author: Vijendar Mukunda Date: Wed Sep 11 15:05:53 2024 +0530 ASoC: amd: acp: remove MODULE_ALIAS for legacy machine driver As module device table added for AMD legacy machine driver, MODULE_ALIAS is not required. Remove MODULE_ALIAS for AMD legacy machine driver. Signed-off-by: Vijendar Mukunda Link: https://patch.msgid.link/20240911093554.2076872-1-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit f56f4ba2fc1dbefd3242946f2fad35338a60e3bc Author: Andy Shevchenko Date: Tue Sep 10 19:28:46 2024 +0300 i2c: designware: Use pci_get_drvdata() Use the wrapper function for getting the driver data using pci_dev instead of using dev_get_drvdata() with &pdev->dev, so we can directly pass a struct pci_dev. This is a purely cosmetic change. Reviewed-by: Andi Shyti Signed-off-by: Andy Shevchenko Signed-off-by: Andi Shyti commit a6e690b0f784d70779ed23b76cf02a6b1cd23984 Author: Andy Shevchenko Date: Tue Sep 10 19:28:45 2024 +0300 i2c: designware: Propagate firmware node Propagate firmware node by using a specific API call, i.e. device_set_node(). Reviewed-by: Andi Shyti Signed-off-by: Andy Shevchenko Acked-by: Jarkko Nikula Tested-by: Serge Semin Signed-off-by: Andi Shyti commit 588e5a0621a3c8c9e936fc0e16a8faf0e4a09fe6 Author: Andy Shevchenko Date: Tue Sep 10 19:28:44 2024 +0300 i2c: designware: Uninline i2c_dw_probe() Since i2c_dw_probe() is going to be extended, uninline it to reduce the noise in the common header. Reviewed-by: Andi Shyti Signed-off-by: Andy Shevchenko Acked-by: Jarkko Nikula Tested-by: Serge Semin Signed-off-by: Andi Shyti commit 5faf6daf659a83bd036190172eb17b1f9b3a0b01 Merge: 886fee35251107 c4d6a804713ac0 Author: Mark Brown Date: Wed Sep 11 11:20:37 2024 +0100 regulator: Few constifications of static data Merge series from Krzysztof Kozlowski : Few cleanups (safer code), built tested. Last two patches should probably be tested. commit bf73478b539b4a13e0b4e104c82fe3c2833db562 Merge: f3b6129b7d252b f95f28d794ed0b Author: David S. Miller Date: Wed Sep 11 11:06:12 2024 +0100 Merge branch 'lan743x-phylink' Raju Lakkaraju says: ==================== Add support to PHYLINK for LAN743x/PCI11x1x chips This is the follow-up patch series of https://lkml.iu.edu/hypermail/linux/kernel/2310.2/02078.html Divide the PHYLINK adaptation and SFP modifications into two separate patch series. The current patch series focuses on transitioning the LAN743x driver's PHY support from phylib to phylink. Tested on PCI11010 Rev-1 Evaluation board Change List: ============ V5 -> V6: - Remove the lan743x_find_max_speed( ) function. Not require - Add EEE enable check before calling lan743x_mac_eee_enable( ) function V4 -> V5: - Remove the fixed_phy_unregister( ) function. Not require - Remove the "phydev->eee_enabled" check to update the MAC EEE enable/disable - Call lan743x_mac_eee_enable() with true after update tx_lpi_timer. - Add phy_support_eee() to initialize the EEE flags V3 -> V4: - Add fixed-link patch along with this series. Note: Note: This code was developed by Mr.Russell King Ref: https://lore.kernel.org/netdev/LV8PR11MB8700C786F5F1C274C73036CC9F8E2@LV8PR11MB8700.namprd11.prod.outlook.com/T/#me943adf54f1ea082edf294aba448fa003a116815 - Change phylink fixed-link function header's string from "Returns" to "Returns:" - Remove the EEE private variable from LAN743x adapter strcture and fix the EEE's set/get functions - set the individual caps (i.e. _RGMII, _RGMII_ID, _RGMII_RXID and __RGMII_TXID) replace with phy_interface_set_rgmii( ) function - Change lan743x_set_eee( ) to lan743x_mac_eee_enable( ) V2 -> V3: - Remove the unwanted parens in each of these if() sub-blocks - Replace "to_net_dev(config->dev)" with "netdev". - Add GMII_ID/RGMII_TXID/RGMII_RXID in supported_interfaces - Fix the lan743x_phy_handle_exists( ) return type V1 -> V2: - Fix the Russell King's comments i.e. remove the speed, duplex update in lan743x_phylink_mac_config( ) - pre-March 2020 legacy support has been removed V0 -> V1: - Integrate with Synopsys DesignWare XPCS drivers - Based on external review comments, - Changes made to SGMII interface support only 1G/100M/10M bps speed - Changes made to 2500Base-X interface support only 2.5Gbps speed - Add check for not is_sgmii_en with is_sfp_support_en support - Change the "pci11x1x_strap_get_status" function return type from void to int - Add ethtool phylink wol, eee, pause get/set functions ==================== Signed-off-by: David S. Miller commit f95f28d794ed0b3c71103646ee29e0bcc947c83a Author: Raju Lakkaraju Date: Fri Sep 6 16:05:11 2024 +0530 net: lan743x: Add support to ethtool phylink get and set settings Add support to ethtool phylink functions: - get/set settings like speed, duplex etc - get/set the wake-on-lan (WOL) - get/set the energy-efficient ethernet (EEE) - get/set the pause Reviewed-by: Andrew Lunn Signed-off-by: Raju Lakkaraju Signed-off-by: David S. Miller commit a5f199a8d8a03512199a9e7cdd4d8ea06c943295 Author: Raju Lakkaraju Date: Fri Sep 6 16:05:10 2024 +0530 net: lan743x: Migrate phylib to phylink Migrate phy support from phylib to phylink. Reviewed-by: Andrew Lunn Reviewed-by: Maxime Chevallier Signed-off-by: Raju Lakkaraju Signed-off-by: David S. Miller commit 92b740a43fea39949242a736d70cc6f483ffed04 Author: Raju Lakkaraju Date: Fri Sep 6 16:05:09 2024 +0530 net: lan743x: Create separate Link Speed Duplex state function Create separate Link Speed Duplex (LSD) update state function from lan743x_sgmii_config () to use as subroutine. Reviewed-by: Andrew Lunn Signed-off-by: Raju Lakkaraju Signed-off-by: David S. Miller commit ef0250456cc33f741d5cfd3dcc2d044ab7882758 Author: Raju Lakkaraju Date: Fri Sep 6 16:05:08 2024 +0530 net: lan743x: Create separate PCS power reset function Create separate PCS power reset function from lan743x_sgmii_config () to use as subroutine. Reviewed-by: Andrew Lunn Signed-off-by: Raju Lakkaraju Signed-off-by: David S. Miller commit 4b3fc475c61fa8733a9acc9d743f6cc9ca4915f5 Author: Russell King Date: Fri Sep 6 16:05:07 2024 +0530 net: phylink: Add phylink_set_fixed_link() to configure fixed link state in phylink The function allows for the configuration of a fixed link state for a given phylink instance. This addition is particularly useful for network devices that operate with a fixed link configuration, where the link parameters do not change dynamically. By using `phylink_set_fixed_link()`, drivers can easily set up the fixed link state during initialization or configuration changes. Reviewed-by: Andrew Lunn Signed-off-by: Russell King Signed-off-by: Raju Lakkaraju Signed-off-by: David S. Miller commit b62800736f61521547d50fd8cc332cf9b74cbaff Merge: 13e87440bf0fd8 32960b4f25c248 Author: Arnd Bergmann Date: Wed Sep 11 09:46:31 2024 +0000 Merge tag 'memory-controller-drv-6.12-2' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux-mem-ctrl into soc/drivers Memory controller drivers for v6.12, part two 1. Renesas RPC-IF: adjust default setting for pins to accommodate different flash devices, which should fix 4-bit flash writes with Renesas AT25QL128A flash. 2. Simplify a bit probe() in PL172 and PL353-SMC. * tag 'memory-controller-drv-6.12-2' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux-mem-ctrl: memory: pl353-smc: simplify with scoped for each OF child loop memory: pl172: simplify releasing AMBA regions with devm memory: renesas-rpc-if: Use Hi-Z state as the default setting for IOVF pins Link: https://lore.kernel.org/r/20240906140859.71712-1-krzysztof.kozlowski@linaro.org Signed-off-by: Arnd Bergmann commit bc9057da1a220ff2cb6c8885fd5352558aceba2c Author: Christian Loehle Date: Tue Aug 13 15:43:48 2024 +0100 sched/cpufreq: Use NSEC_PER_MSEC for deadline task Convert the sugov deadline task attributes to use the available definitions to make them more readable. No functional change. Signed-off-by: Christian Loehle Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Vincent Guittot Acked-by: Juri Lelli Acked-by: Rafael J. Wysocki Link: https://lore.kernel.org/r/20240813144348.1180344-5-christian.loehle@arm.com commit 4eb71e3b4550593d9a862cc0aa754fad98679783 Author: Christian Loehle Date: Tue Aug 13 15:43:47 2024 +0100 cpufreq/cppc: Use NSEC_PER_MSEC for deadline task Convert the cppc deadline task attributes to use the available definitions to make them more readable. No functional change. Signed-off-by: Christian Loehle Signed-off-by: Peter Zijlstra (Intel) Acked-by: Juri Lelli Acked-by: Rafael J. Wysocki Link: https://lore.kernel.org/r/20240813144348.1180344-4-christian.loehle@arm.com commit 6ebf2d021a13a77b495b4de15c6834e26b80d08e Author: Christian Loehle Date: Tue Aug 13 15:43:46 2024 +0100 sched/deadline: Clarify nanoseconds in uapi Specify the time values of the deadline parameters of deadline, runtime, and period as being in nanoseconds explicitly as they always have been. Signed-off-by: Christian Loehle Signed-off-by: Peter Zijlstra (Intel) Acked-by: Juri Lelli Acked-by: Rafael J. Wysocki Link: https://lore.kernel.org/r/20240813144348.1180344-3-christian.loehle@arm.com commit 8bee4ca5bd64afa6a08c40db621d3c6336685bcf Author: Christian Loehle Date: Tue Aug 13 15:43:45 2024 +0100 sched/deadline: Convert schedtool example to chrt chrt has SCHED_DEADLINE support so convert the example instead of relying on a schedtool fork. While at it fix the wrong mentioning of microseconds, it was nanoseconds for both schedtool and chrt. Signed-off-by: Christian Loehle Signed-off-by: Peter Zijlstra (Intel) Acked-by: Juri Lelli Acked-by: Rafael J. Wysocki Link: https://lore.kernel.org/r/20240813144348.1180344-2-christian.loehle@arm.com commit 7eee0f8bbd1b6946236624d25a938cb34c1ba2a9 Merge: 3c557d0062bc73 e6be129f4c1865 Author: Arnd Bergmann Date: Wed Sep 11 09:05:17 2024 +0000 Merge tag 'v6.11-next-defconfig' of https://git.kernel.org/pub/scm/linux/kernel/git/mediatek/linux into soc/defconfig mt8365: - Enable audio handled by the SoC and the PMIC codec. * tag 'v6.11-next-defconfig' of https://git.kernel.org/pub/scm/linux/kernel/git/mediatek/linux: arm64: defconfig: enable mt8365 sound Link: https://lore.kernel.org/r/ea168bd6-b54b-47d3-ba5d-e545a9b406c1@gmail.com Signed-off-by: Arnd Bergmann commit 3c557d0062bc73e430d496710819bc63ded439ca Merge: e4a82810c685f2 72160ec6cb1261 Author: Arnd Bergmann Date: Wed Sep 11 09:03:44 2024 +0000 Merge tag 'riscv-config-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/conor/linux into soc/defconfig RISC-V config for v6.12 Two patches, enabling clock and pinctrl support in defconfig for Sopghgo devices. Signed-off-by: Conor Dooley * tag 'riscv-config-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/conor/linux: riscv: defconfig: Enable pinctrl support for CV18XX Series SoC riscv: defconfig: sophgo: enable clks for sg2042 Link: https://lore.kernel.org/r/20240910-annex-ravage-07d63041a7c5@spud Signed-off-by: Arnd Bergmann commit 13e87440bf0fd8a45c939bfbb355f0b792113789 Merge: 80bc8215cecf6a 70c2cf283c2ff4 Author: Arnd Bergmann Date: Wed Sep 11 09:01:03 2024 +0000 Merge tag 'arm-soc/for-6.12/drivers' of https://github.com/Broadcom/stblinux into soc/drivers This pull request contains Broadcom SoC driver updates for 6.12, please pull the following: - Stefan improves the timeout warning within the Raspberry Pi firmware driver * tag 'arm-soc/for-6.12/drivers' of https://github.com/Broadcom/stblinux: firmware: raspberrypi: Improve timeout warning Link: https://lore.kernel.org/r/20240906180643.2275460-3-florian.fainelli@broadcom.com Signed-off-by: Arnd Bergmann commit 2b2a9a08f8f0b904ea2bc61db3374421b0f944a6 Merge: 709cbd5bb49b54 a63e10462af672 Author: Marc Kleine-Budde Date: Wed Sep 11 10:58:28 2024 +0200 Merge patch series "can: rockchip_canfd: rework delay calculation and decoding of error code register" Marc Kleine-Budde says: This series updates the delay calculation for the timekeeping delayed work and fixes the decoding of the error code register. Link: https://patch.msgid.link/20240911-can-rockchip_canfd-fixes-v1-0-5ce385b5ab10@pengutronix.de Signed-off-by: Marc Kleine-Budde commit a63e10462af67257b99b5330b32d1a47583803e2 Author: Marc Kleine-Budde Date: Wed Sep 11 10:09:48 2024 +0200 can: rockchip_canfd: rkcanfd_handle_error_int_reg_ec(): fix decoding of error code register Probably due to a copy/paste error rkcanfd_handle_error_int_reg_ec() checks twice if the RKCANFD_REG_ERROR_CODE_TX_ACK_EOF bit is set in reg_ec. Keep the correct check for RKCANFD_REG_ERROR_CODE_TX_ACK_EOF and remove the superfluous one. Reported-by: Dan Carpenter Closes: https://patch.msgid.link/9a46d10d-e4e3-40a5-8fb6-f4637959f124@stanley.mountain Fixes: ff60bfbaf67f ("can: rockchip_canfd: add driver for Rockchip CAN-FD controller") Link: https://patch.msgid.link/20240911-can-rockchip_canfd-fixes-v1-2-5ce385b5ab10@pengutronix.de Signed-off-by: Marc Kleine-Budde commit cd0983c7f8809d685bc57eda1f11cc1cdb67b9ac Author: Arnd Bergmann Date: Mon Sep 9 11:21:04 2024 +0000 can: rockchip_canfd: rkcanfd_timestamp_init(): rework delay calculation Rework the delay calculation to only require a single 64-bit division. Signed-off-by: Arnd Bergmann [mkl: port to on-top of existing 32-bit division fix] Link: https://patch.msgid.link/20240911-can-rockchip_canfd-fixes-v1-1-5ce385b5ab10@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 80bc8215cecf6a0ae541ac60ee8bb2a21129ee66 Merge: 5f79d76727ec9b 59420d8ad78098 Author: Arnd Bergmann Date: Wed Sep 11 08:56:50 2024 +0000 Merge tag 'v6.12-rockchip-drivers-2' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip into soc/drivers One new pmu compatible for rk3576 * tag 'v6.12-rockchip-drivers-2' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip: dt-bindings: arm: rockchip: Add rk3576 compatible string to pmu.yaml Link: https://lore.kernel.org/r/3004026.A7TYtsqqnE@diego Signed-off-by: Arnd Bergmann commit 5f79d76727ec9bdd424daf5b9edcf2015e62ba9c Merge: 540c830212edc9 d1e5d531d20b08 Author: Arnd Bergmann Date: Wed Sep 11 08:55:51 2024 +0000 Merge tag 'v6.11-next-soc' of https://git.kernel.org/pub/scm/linux/kernel/git/mediatek/linux into soc/drivers pmic warpper: - reduce size by constifying data structures - use devm_clk_bulk_det_all_enable mutex: - reduce size by changing variable bit size * tag 'v6.11-next-soc' of https://git.kernel.org/pub/scm/linux/kernel/git/mediatek/linux: soc: mediatek: mtk-mutex: Reduce type size for mtk_mutex_data members soc: mediatek: pwrap: Use devm_clk_bulk_get_all_enable() soc: mediatek: pwrap: Constify some struct int[] soc: mediatek: pwrap: Constify struct pmic_wrapper_type Link: https://lore.kernel.org/r/bfa9ab87-9de8-41fc-bfd1-de5ec324cfe0@gmail.com Signed-off-by: Arnd Bergmann commit 540c830212edc908361c39d40df21772a8bda308 Author: Arnd Bergmann Date: Mon Sep 9 20:30:18 2024 +0000 firmware: imx: remove duplicate scmi_imx_misc_ctrl_get() These two functions have a stub definition when CONFIG_IMX_SCMI_MISC_EXT is not set, which conflict with the global definition: In file included from drivers/firmware/imx/sm-misc.c:6: include/linux/firmware/imx/sm.h:30:1: error: expected identifier or '(' before '{' token 30 | { | ^ drivers/firmware/imx/sm-misc.c:26:5: error: redefinition of 'scmi_imx_misc_ctrl_get' 26 | int scmi_imx_misc_ctrl_get(u32 id, u32 *num, u32 *val) | ^~~~~~~~~~~~~~~~~~~~~~ include/linux/firmware/imx/sm.h:24:19: note: previous definition of 'scmi_imx_misc_ctrl_get' with type 'int(u32, u32 *, u32 *)' {aka 'int(unsigned int, unsigned int *, unsigned int *)'} 24 | static inline int scmi_imx_misc_ctrl_get(u32 id, u32 *num, u32 *val) | ^~~~~~~~~~~~~~~~~~~~~~ There is no real need for the #ifdef, and removing this avoids the build failure. Fixes: 0b4f8a68b292 ("firmware: imx: Add i.MX95 MISC driver") Link: https://lore.kernel.org/r/20240909203023.1275232-1-arnd@kernel.org Signed-off-by: Arnd Bergmann commit 605f56405a6719dfdc9f91464c082856cd929d6c Author: Kryštof Černý Date: Thu Sep 5 19:37:11 2024 +0200 arm64: dts: allwinner: h5: NanoPi NEO Plus2: Use regulators for pio Pin controllers pio and r_pio will have proper regulators assigned. Signed-off-by: Kryštof Černý Reviewed-by: Andre Przywara Link: https://lore.kernel.org/r/20240905-nanopi-neo-plus2-regfix-v3-2-1895dff59598@gmail.com [wens@csie.org: Make "h5" lowercase to match most commits] Signed-off-by: Chen-Yu Tsai commit 709cbd5bb49b54c3d73c1a89b8ebce09c10ed2ed Author: Jake Hamby Date: Fri Sep 6 23:19:51 2024 +0000 can: m_can: m_can_chip_config(): mask timestamp wraparound IRQ On the Microchip SAMA7G54 MPU the IR_TSW (timestamp wraparound) fires at about 1 Hz, but the driver doesn't care about it. Add it to the list of interrupts to disable in m_can_chip_config to reduce unneeded wakeups. Link: https://patch.msgid.link/DM8PR14MB5221D9DD3A7F2130EF161AF7EF9E2@DM8PR14MB5221.namprd14.prod.outlook.com Signed-off-by: Jake Hamby Link: https://patch.msgid.link/20240911-can-m_can-mask-timestamp-wraparound-irq-v1-1-0155b70dc827@pengutronix.de Signed-off-by: Marc Kleine-Budde commit af0103eccc101bb7802fb473b886e6008cfe968d Merge: d053652f386ed8 eb81f43c901ff7 Author: Arnd Bergmann Date: Wed Sep 11 08:49:39 2024 +0000 Merge tag 'arm-soc/for-6.12/devicetree-arm64' of https://github.com/Broadcom/stblinux into soc/dt This pull request contains Broadcom ARM64 SoCs Device Tree changes for 6.12, please pull the following: - Andrea adds a minimal Device Tree for the Raspberry Pi 5 (2712) - Stefan adjusts the bcm2837/bcm2712 bcm2836-l1-intc node name to conform to the binding changes * tag 'arm-soc/for-6.12/devicetree-arm64' of https://github.com/Broadcom/stblinux: ARM: dts: bcm2837/bcm2712: adjust local intc node names arm64: dts: broadcom: Add minimal support for Raspberry Pi 5 Link: https://lore.kernel.org/r/20240906180643.2275460-2-florian.fainelli@broadcom.com Signed-off-by: Arnd Bergmann commit fe1456451a111203860e124cda8396f8f2c9c16c Author: Stefan Mätje Date: Tue Sep 10 19:02:36 2024 +0200 can: usb: Kconfig: Fix list of devices for esd_usb driver The CAN-USB/3-FD was missing on the list of supported devices. Signed-off-by: Stefan Mätje Link: https://patch.msgid.link/20240910170236.2287637-1-stefan.maetje@esd.eu Signed-off-by: Marc Kleine-Budde commit d053652f386ed8d47026e152507055ac889e2421 Merge: 72e68896a787ab a9efc40fd601cf Author: Arnd Bergmann Date: Wed Sep 11 08:43:33 2024 +0000 Merge tag 'v6.11-next-dts64' of https://git.kernel.org/pub/scm/linux/kernel/git/mediatek/linux into soc/dt mt63xx: - add ADC node to the different PMICs mt7981: - Add SPI controller nodes. mt8183: - use referenced label for DSI endpoint. - disable soc_data efuse node, which does not has any cell definde (kukui). - fix the regulator tree (kukui). - fix potential deadlock by removing not needed clock in the MFG async power domain. - add DPI node. mt8186: - fix opp-supported-hw mask for GPU. - add lvts thermal sensor node. - add thermal zones. - fix reserved memory region of ADSP firmware (corsola). - add power domain to DPI node. - add SVS node. - fix internal display by disabling the external display temporarily (corsola). mt8188: - add thermal sensor for the AP. - add thermal zones. mt8195: - fix pull resistance for hdmi pins (cherry). - remove keyboard backlight node (cherry), this is detected through ChromeOS EC communication. - fix warning in mdp3 driver by providing a phandel to the SCP. - fix probe error of the USB controller by disabeling USB3 on the controller (cherry). - assign per default both phys to the USB controller (cherry). - fix binding validation by re-ordering the dp_intf clocks. mt8365: - add AFE audio controller. - add AFE and audio codec support (evk). mt8395: - fix probe error of the USB controller by disabeling USB3 on the controller (radax-nio-12l). - assign per default both phys to the USB controller (genio, kontron, radax). * tag 'v6.11-next-dts64' of https://git.kernel.org/pub/scm/linux/kernel/git/mediatek/linux: (25 commits) arm64: dts: mediatek: add audio support for mt8365-evk arm64: dts: mediatek: add afe support for mt8365 SoC arm64: dts: mediatek: mt8186-corsola: Disable DPI display interface arm64: dts: mediatek: mt8186: Add svs node arm64: dts: mediatek: mt8186: Add power domain for DPI arm64: dts: mediatek: mt8195: Correct clock order for dp_intf* arm64: dts: mt8183: add dpi node to mt8183 arm64: dts: mediatek: mt8186-corsola: Update ADSP reserved memory region arm64: dts: mediatek: mt8183: Remove clock from mfg_async power domain arm64: dts: mt8183-kukui: clean up regulator tree arm64: dts: mediatek: mt7981: add SPI controllers arm64: dts: mediatek: mt8183-kukui: Disable unused efuse at 8000000 arm64: dts: mediatek: mt8188: add default thermal zones arm64: dts: mediatek: mt8188: add lvts definitions arm64: dts: mediatek: mt8186: add default thermal zones arm64: dts: mediatek: mt8186: add lvts definitions arm64: dts: mediatek: mt8195: Assign USB 3.0 PHY to xhci1 by default arm64: dts: mediatek: mt8395-nio-12l: Mark USB 3.0 on xhci1 as disabled arm64: dts: mediatek: mt8195-cherry: Mark USB 3.0 on xhci1 as disabled arm64: dts: mediatek: mt8195: Add SCP phandle to MDP3 DMA controller ... Link: https://lore.kernel.org/r/059656ad-5365-4097-86a1-f4ba43edf5da@gmail.com Signed-off-by: Arnd Bergmann commit 72e68896a787abd444df693ba1302ab14c2db4fd Merge: 611347bb0e92ec b4c322c2783aed Author: Arnd Bergmann Date: Wed Sep 11 08:41:15 2024 +0000 Merge tag 'aspeed-6.12-devicetree' of https://git.kernel.org/pub/scm/linux/kernel/git/joel/bmc into soc/dt ASPEED device tree updates for 6.12 - New machines * IBM P11 AST2600 BMC machines, named Blueridge and Fuji * Meta's Catalina AST2600 BMC - Updates to harma, minerva, mtmitchell, mtjade, system1, SPC621D8HM3 - Various changes to the dtsi to keep the YAML checker happy * tag 'aspeed-6.12-devicetree' of https://git.kernel.org/pub/scm/linux/kernel/git/joel/bmc: (52 commits) ARM: dts: aspeed: catalina: Update io expander line names ARM: dts: aspeed: catalina: Add pdb cpld io expander ARM: dts: aspeed: harma: Remove pca9546 ARM: dts: aspeed: harma: Fix spi-gpio dtb_check warnings ARM: dts: aspeed: harma: Enable mctp controller ARM: dts: aspeed: harma: Add temperature device ARM: dts: aspeed: harma: Add fru device ARM: dts: aspeed: harma: Remove multi-host property ARM: dts: aspeed: harma: Add power monitor xdp710 ARM: dts: aspeed: harma: Add ina238 ARM: dts: aspeed: harma: Add sgpio name ARM: dts: aspeed: harma: Add VR devices ARM: dts: aspeed: harma: Revise hsc chip ARM: dts: aspeed-g6: Drop cells properties from ethernet nodes ARM: dts: aspeed-g6: Use generic 'ethernet' for ftgmac100 nodes ARM: dts: aspeed: Clean up AST2500 pinctrl properties ARM: dts: aspeed: Remove undocumented XDMA nodes ARM: dts: aspeed: Specify required properties for sram node ARM: dts: aspeed: Specify correct generic compatible for CVIC ARM: dts: aspeed: Fix coprocessor interrupt controller node name ... Link: https://lore.kernel.org/r/CACPK8XeGDUrbJ-OaxqQBR=aVVYyrKGnvT1ZKXO0vPHpsjQ_i9g@mail.gmail.com Signed-off-by: Arnd Bergmann commit 611347bb0e92ece675edf5b04fab062d89db9ced Merge: 05b24f63b49b75 898eb75f443eaf Author: Arnd Bergmann Date: Wed Sep 11 08:40:37 2024 +0000 Merge tag 'v6.12-rockchip-dts32-2' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip into soc/dt More pwm, i2s and i2c nodes for the RV1126 soc. * tag 'v6.12-rockchip-dts32-2' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip: ARM: dts: rockchip: Add pwm node for RV1126 ARM: dts: rockchip: Add i2s0 node for RV1126 ARM: dts: rockchip: Add i2c3 node for RV1126 Link: https://lore.kernel.org/r/1862312.dTVjPilprF@diego Signed-off-by: Arnd Bergmann commit 05b24f63b49b756a01563c2b792e9b4004271b2e Merge: ceb7d8adf640db e00bf111850334 Author: Arnd Bergmann Date: Wed Sep 11 08:39:16 2024 +0000 Merge tag 'v6.12-rockchip-dts64-2' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip into soc/dt New boards the Odroid-M2 and GameForce Ace, CAN on rk3568, RGA2 on rk3588 and some non-critical dts cleanups. * tag 'v6.12-rockchip-dts64-2' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip: arm64: dts: rockchip: add CAN0 and CAN1 interfaces to mecsbc board arm64: dts: rockchip: add CAN-FD controller nodes to rk3568 arm64: dts: rockchip: remove duplicate nodes from dts for ROCK 4SE arm64: dts: rockchip: Add GameForce Ace dt-bindings: arm: rockchip: Add GameForce Ace arm64: dts: rockchip: rk3588s fix sdio pins to pull up arm64: dts: rockchip: Add RGA2 support to rk3588 arm64: dts: rockchip: Add missing tshut props to tsadc on quartz64-b arm64: dts: rockchip: Add Hardkernel ODROID-M2 dt-bindings: arm: rockchip: Add Hardkernel ODROID-M2 arm64: dts: rockchip: drop hp-pin-name property from audio card on nanopc-t6 Link: https://lore.kernel.org/r/11663608.jrtcCam0TZ@diego Signed-off-by: Arnd Bergmann commit ceb7d8adf640dbbb926e535ce9443b8c93fc1f5a Merge: 79800fa98d7233 2192ef5e4bd140 Author: Arnd Bergmann Date: Wed Sep 11 08:36:32 2024 +0000 Merge tag 'arm-soc/for-6.12/devicetree' of https://github.com/Broadcom/stblinux into soc/dt This pull request contains Broadcom SoCs Device Tree changes for 6.12, please pull the following: - Krzysztof documents the AVS monitor binding present on 2711 (Raspberry Pi 4) - Rafal updates the Broadcom Northstar DTS files to use the recent NVMEM binding - Artur factors the nodes between the BCM21664 and BCM23550 SoCs since they are nearly identical - Stefan converts the bcm2835-system-timer and bcm2836-l1-intc to a YAML binding syntax * tag 'arm-soc/for-6.12/devicetree' of https://github.com/Broadcom/stblinux: dt-bindings: interrupt-controller: convert bcm2836-l1-intc to yaml dt-bindings: timer: convert bcm2835-system-timer bindings to YAML ARM: dts: bcm-mobile: Split out nodes used by both BCM21664 and BCM23550 ARM: dts: broadcom: bcm21664: Move chosen node into Garnet DTS ARM: dts: broadcom: convert NVMEM content to layout syntax dt-bindings: soc: bcm: document brcm,bcm2711-avs-monitor Link: https://lore.kernel.org/r/20240906180643.2275460-1-florian.fainelli@broadcom.com Signed-off-by: Arnd Bergmann commit 79800fa98d72332f4667f1979a9cd48bf5052db3 Merge: 765fbe81d78067 c7b44ed960ddec Author: Arnd Bergmann Date: Wed Sep 11 08:27:55 2024 +0000 Merge tag 'dt-cleanup-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux-dt into soc/dt Minor improvements in ARM DTS for v6.12 1. Realview: correct unit addresses (e.g. drop when not valid). 2. Nuvoton: correct node name to match bindings. * tag 'dt-cleanup-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux-dt: ARM: dts: nuvoton: wpcm450: align LED and GPIO keys node name with bindings arm: dts: realview: Add/drop missing/spurious unit-addreses Link: https://lore.kernel.org/r/20240906140513.71307-2-krzysztof.kozlowski@linaro.org Signed-off-by: Arnd Bergmann commit 264c13114bd71ddfd7b25c7b94f6cda4587eca25 Merge: 92f4368347a2a8 1652e95b17d566 Author: Linus Walleij Date: Wed Sep 11 10:27:30 2024 +0200 Merge tag 'intel-pinctrl-v6.12-1' of git://git.kernel.org/pub/scm/linux/kernel/git/pinctrl/intel into devel intel-pinctrl for v6.12-1 * Enable High Impedance pin configuration support for Intel pin control * Miscellaneous small improvements here and there The following is an automated git shortlog grouped by driver: baytrail: - Drop duplicate return statement intel: - Constify struct intel_pinctrl parameter - Inline intel_gpio_community_irq_handler() - Introduce for_each_intel_gpio_group() helper et al. - Constify intel_get_community() returned object - Implement high impedance support - Add __intel_gpio_get_direction() helper - Refactor __intel_gpio_set_direction() to be more useful - Move debounce validation out of the lock Signed-off-by: Linus Walleij commit 765fbe81d78067dc3cf381af120546bc808bb665 Merge: 15eb92636c60c5 a4b3f197bcd17e Author: Arnd Bergmann Date: Wed Sep 11 08:06:01 2024 +0000 Merge tag 'dt64-cleanup-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux-dt into soc/dt Minor improvements in ARM64 DTS for v6.12 1. APM: correct node name to match bindings. 2. Spreadtrum: correct node names to match bindings, order properties to match DTS coding style and put SPDX identifier at top of the file as expected usually. * tag 'dt64-cleanup-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux-dt: arm64: dts: sprd: move/add SPDX license to top of the file arm64: dts: sprd: reorder clock-names after clocks arm64: dts: sprd: rename SDHCI and fuel gauge nodes to match bindings arm64: dts: apm: storm: Rename menetphy@3 to ethernet-phy@3 Signed-off-by: Arnd Bergmann commit 0289507609dcb7690e45e79fbcc3680d9298ec77 Author: Jani Nikula Date: Thu Sep 5 14:25:19 2024 +0300 drm/i915/bios: fix printk format width s/0x04%x/0x%04x/ to use 0 prefixed width 4 instead of printing 04 verbatim. Fixes: 51f5748179d4 ("drm/i915/bios: create fake child devices on missing VBT") Cc: stable@vger.kernel.org # v5.13+ Reviewed-by: Vandita Kulkarni Link: https://patchwork.freedesktop.org/patch/msgid/20240905112519.4186408-1-jani.nikula@intel.com Signed-off-by: Jani Nikula (cherry picked from commit 54df34c5a2439b481f066476e67bfa21a0a640e5) Signed-off-by: Joonas Lahtinen commit f7e3885aa80559d5e497eec18e6909d594497c13 Author: Juha-Pekka Heikkila Date: Mon Sep 2 10:40:21 2024 +0300 drm/i915/display: Fix BMG CCS modifiers Let I915_FORMAT_MOD_4_TILED_BMG_CCS show up as supported modifier Fixes: 97c6efb36497 ("drm/i915/display: Plane capability for 64k phys alignment") Signed-off-by: Juha-Pekka Heikkila Reviewed-by: Maarten Lankhorst Link: https://patchwork.freedesktop.org/patch/msgid/20240902074021.459480-1-juhapekka.heikkila@gmail.com Signed-off-by: Maarten Lankhorst,,, (cherry picked from commit c4d37c54c3739530f8585ccf064fb712913f8375) Signed-off-by: Joonas Lahtinen commit 221013afb459e5deb8bd08e29b37050af5586d1c Author: Uwe Kleine-König Date: Mon Sep 9 09:27:41 2024 +0200 can: Switch back to struct platform_driver::remove() After commit 0edb555a65d1 ("platform: Make platform_driver::remove() return void") .remove() is (again) the right callback to implement for platform drivers. Convert all can drivers to use .remove(), with the eventual goal to drop struct platform_driver::remove_new(). As .remove() and .remove_new() have the same prototypes, conversion is done by just changing the structure member name in the driver initializer. Signed-off-by: Uwe Kleine-König Link: https://patch.msgid.link/20240909072742.381003-2-u.kleine-koenig@baylibre.com Signed-off-by: Marc Kleine-Budde commit b615b9c36cae0468491547206406a909a9a37f26 Merge: cd4ea49599a3b2 da3ea35007d0af Author: Simona Vetter Date: Wed Sep 11 09:18:15 2024 +0200 Merge v6.11-rc7 into drm-next Thomas needs 5a498d4d06d6 ("drm/fbdev-dma: Only install deferred I/O if necessary") in drm-misc, so start the backmerge cascade. Signed-off-by: Simona Vetter commit 9408ace468c317d60159c011b863b2982dae5e05 Author: Takashi Iwai Date: Tue Sep 10 13:30:59 2024 +0200 ALSA: memalloc: Drop Xen PV workaround again Since recently in the commit e469e2045f1b ("ALSA: memalloc: Let IOMMU handle S/G primarily"), the SG buffer allocation code was modified to use the standard DMA code primarily and the fallback is applied only limitedly. This made the Xen PV specific workarounds we took in the commit 53466ebdec61 ("ALSA: memalloc: Workaround for Xen PV") rather superfluous. It was a hackish workaround for the regression at that time, and it seems that it's causing another issues (reportedly memory corruptions). So it's better to clean it up, after all. Link: https://lore.kernel.org/20240906184209.25423-1-ariadne@ariadne.space Cc: Ariadne Conill Link: https://patch.msgid.link/20240910113100.32542-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 0ccbc99e05ec80a7a2348e12132f8341f5b890aa Author: Leo Tsai Date: Tue Sep 10 14:55:42 2024 +0800 ALSA: hda: Add a new CM9825 standard driver The CM9825 is a High Definition Audio Codec. There are 2 independent stereo outputs, one of the stereo outputs is cap-less with HP AMP, and the other is line out to connect the active speaker. The inputs can be Line-in and MIC-in. Signed-off-by: Leo Tsai Link: https://patch.msgid.link/20240910065542.6534-1-antivirus621@gmail.com Signed-off-by: Takashi Iwai commit c2af2a45560bd4046c2e109152acde029ed0acc2 Author: Jason Andryuk Date: Mon Sep 9 22:09:16 2024 -0400 fbdev: xen-fbfront: Assign fb_info->device Probing xen-fbfront faults in video_is_primary_device(). The passed-in struct device is NULL since xen-fbfront doesn't assign it and the memory is kzalloc()-ed. Assign fb_info->device to avoid this. This was exposed by the conversion of fb_is_primary_device() to video_is_primary_device() which dropped a NULL check for struct device. Fixes: f178e96de7f0 ("arch: Remove struct fb_info from video helpers") Reported-by: Arthur Borsboom Closes: https://lore.kernel.org/xen-devel/CALUcmUncX=LkXWeiSiTKsDY-cOe8QksWhFvcCneOKfrKd0ZajA@mail.gmail.com/ Tested-by: Arthur Borsboom CC: stable@vger.kernel.org Signed-off-by: Jason Andryuk Reviewed-by: Roger Pau Monné Reviewed-by: Thomas Zimmermann Signed-off-by: Helge Deller commit 65a6ce4726c27b45600303f06496fef46d00b57f Author: Chao Yu Date: Tue Sep 10 09:16:19 2024 +0800 f2fs: fix to don't panic system for no free segment fault injection f2fs: fix to don't panic system for no free segment fault injection syzbot reports a f2fs bug as below: F2FS-fs (loop0): inject no free segment in get_new_segment of __allocate_new_segment+0x1ce/0x940 fs/f2fs/segment.c:3167 F2FS-fs (loop0): Stopped filesystem due to reason: 7 ------------[ cut here ]------------ kernel BUG at fs/f2fs/segment.c:2748! CPU: 0 UID: 0 PID: 5109 Comm: syz-executor304 Not tainted 6.11.0-rc6-syzkaller-00363-g89f5e14d05b4 #0 RIP: 0010:get_new_segment fs/f2fs/segment.c:2748 [inline] RIP: 0010:new_curseg+0x1f61/0x1f70 fs/f2fs/segment.c:2836 Call Trace: __allocate_new_segment+0x1ce/0x940 fs/f2fs/segment.c:3167 f2fs_allocate_new_section fs/f2fs/segment.c:3181 [inline] f2fs_allocate_pinning_section+0xfa/0x4e0 fs/f2fs/segment.c:3195 f2fs_expand_inode_data+0x5d6/0xbb0 fs/f2fs/file.c:1799 f2fs_fallocate+0x448/0x960 fs/f2fs/file.c:1903 vfs_fallocate+0x553/0x6c0 fs/open.c:334 do_vfs_ioctl+0x2592/0x2e50 fs/ioctl.c:886 __do_sys_ioctl fs/ioctl.c:905 [inline] __se_sys_ioctl+0x81/0x170 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0010:get_new_segment fs/f2fs/segment.c:2748 [inline] RIP: 0010:new_curseg+0x1f61/0x1f70 fs/f2fs/segment.c:2836 The root cause is when we inject no free segment fault into f2fs, we should not panic system, fix it. Fixes: 8b10d3653735 ("f2fs: introduce FAULT_NO_SEGMENT") Reported-by: syzbot+341e5f32ebafbb46b81c@syzkaller.appspotmail.com Closes: https://lore.kernel.org/linux-f2fs-devel/000000000000f0ee5b0621ab694b@google.com Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 930c6ab93492c4b15436524e704950b364b2930c Author: Chao Yu Date: Tue Sep 10 11:07:13 2024 +0800 f2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error() syzbot reports a f2fs bug as below: ------------[ cut here ]------------ WARNING: CPU: 1 PID: 58 at kernel/rcu/sync.c:177 rcu_sync_dtor+0xcd/0x180 kernel/rcu/sync.c:177 CPU: 1 UID: 0 PID: 58 Comm: kworker/1:2 Not tainted 6.10.0-syzkaller-12562-g1722389b0d86 #0 Workqueue: events destroy_super_work RIP: 0010:rcu_sync_dtor+0xcd/0x180 kernel/rcu/sync.c:177 Call Trace: percpu_free_rwsem+0x41/0x80 kernel/locking/percpu-rwsem.c:42 destroy_super_work+0xec/0x130 fs/super.c:282 process_one_work kernel/workqueue.c:3231 [inline] process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312 worker_thread+0x86d/0xd40 kernel/workqueue.c:3390 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 As Christian Brauner pointed out [1]: the root cause is f2fs sets SB_RDONLY flag in internal function, rather than setting the flag covered w/ sb->s_umount semaphore via remount procedure, then below race condition causes this bug: - freeze_super() - sb_wait_write(sb, SB_FREEZE_WRITE) - sb_wait_write(sb, SB_FREEZE_PAGEFAULT) - sb_wait_write(sb, SB_FREEZE_FS) - f2fs_handle_critical_error - sb->s_flags |= SB_RDONLY - thaw_super - thaw_super_locked - sb_rdonly() is true, so it skips sb_freeze_unlock(sb, SB_FREEZE_FS) - deactivate_locked_super Since f2fs has almost the same logic as ext4 [2] when handling critical error in filesystem if it mounts w/ errors=remount-ro option: - set CP_ERROR_FLAG flag which indicates filesystem is stopped - record errors to superblock - set SB_RDONLY falg Once we set CP_ERROR_FLAG flag, all writable interfaces can detect the flag and stop any further updates on filesystem. So, it is safe to not set SB_RDONLY flag, let's remove the logic and keep in line w/ ext4 [3]. [1] https://lore.kernel.org/all/20240729-himbeeren-funknetz-96e62f9c7aee@brauner [2] https://lore.kernel.org/all/20240729132721.hxih6ehigadqf7wx@quack3 [3] https://lore.kernel.org/linux-ext4/20240805201241.27286-1-jack@suse.cz Fixes: b62e71be2110 ("f2fs: support errors=remount-ro|continue|panic mountoption") Reported-by: syzbot+20d7e439f76bbbd863a7@syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/000000000000b90a8e061e21d12f@google.com/ Cc: Jan Kara Cc: Christian Brauner Signed-off-by: Chao Yu Reviewed-by: Christian Brauner Signed-off-by: Jaegeuk Kim commit e791d00bd06cb2d3a10afa43e57f6364931d0ada Author: Daeho Jeong Date: Mon Sep 9 15:19:46 2024 -0700 f2fs: add valid block ratio not to do excessive GC for one time GC We need to introduce a valid block ratio threshold not to trigger excessive GC for zoned deivces. The initial value of it is 95%. So, F2FS will stop the thread from intiating GC for sections having valid blocks exceeding the ratio. Signed-off-by: Daeho Jeong Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 9a481a1c16f4653c3414d996c3603eb42926e28b Author: Daeho Jeong Date: Mon Sep 9 15:19:45 2024 -0700 f2fs: create gc_no_zoned_gc_percent and gc_boost_zoned_gc_percent Added control knobs for gc_no_zoned_gc_percent and gc_boost_zoned_gc_percent. Signed-off-by: Daeho Jeong Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 9748c2ddea4a3f46a498bff4cf2bf9a5629e3f8b Author: Daeho Jeong Date: Mon Sep 9 15:19:44 2024 -0700 f2fs: do FG_GC when GC boosting is required for zoned devices Under low free section count, we need to use FG_GC instead of BG_GC to recover free sections. Signed-off-by: Daeho Jeong Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 2223fe652f759649ae1d520e47e5f06727c0acbd Author: Daeho Jeong Date: Mon Sep 9 15:19:43 2024 -0700 f2fs: increase BG GC migration window granularity when boosted for zoned devices Need bigger BG GC migration window granularity when free section is running low. Signed-off-by: Daeho Jeong Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 4cdca5a904b1c72a0ba6ac51a121351128c02fd8 Author: Daeho Jeong Date: Mon Sep 9 15:19:42 2024 -0700 f2fs: add reserved_segments sysfs node For the fine tuning of GC behavior, add reserved_segments sysfs node. Signed-off-by: Daeho Jeong Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 8c890c4c60342719526520133fb1b6f69f196ab8 Author: Daeho Jeong Date: Mon Sep 9 15:19:41 2024 -0700 f2fs: introduce migration_window_granularity We can control the scanning window granularity for GC migration. For more frequent scanning and GC on zoned devices, we need a fine grained control knob for it. Signed-off-by: Daeho Jeong Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 5062b5bed4323275f2f89bc185c6a28d62cfcfd5 Author: Daeho Jeong Date: Mon Sep 9 15:19:40 2024 -0700 f2fs: make BG GC more aggressive for zoned devices Since we don't have any GC on device side for zoned devices, need more aggressive BG GC. So, tune the parameters for that. Signed-off-by: Daeho Jeong Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 0638a3197c194bed837c157c3574685e36febc7b Author: Daejun Park Date: Thu Sep 5 14:24:33 2024 +0900 f2fs: avoid unused block when dio write in LFS mode This patch addresses the problem that when using LFS mode, unused blocks may occur in f2fs_map_blocks() during block allocation for dio writes. If a new section is allocated during block allocation, it will not be included in the map struct by map_is_mergeable() if the LBA of the allocated block is not contiguous. However, the block already allocated in this process will remain unused due to the LFS mode. This patch avoids the possibility of unused blocks by escaping f2fs_map_blocks() when allocating the last block in a section. Signed-off-by: Daejun Park Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit bfe5c02654261bfb8bd9cb174a67f3279ea99e58 Author: Chao Yu Date: Wed Sep 4 11:20:47 2024 +0800 f2fs: fix to check atomic_file in f2fs ioctl interfaces Some f2fs ioctl interfaces like f2fs_ioc_set_pin_file(), f2fs_move_file_range(), and f2fs_defragment_range() missed to check atomic_write status, which may cause potential race issue, fix it. Cc: stable@vger.kernel.org Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 884ee6dc85b959bc152f15bca80c30f06069e6c4 Author: Chao Yu Date: Fri Sep 6 14:27:24 2024 +0800 f2fs: get rid of online repaire on corrupted directory syzbot reports a f2fs bug as below: kernel BUG at fs/f2fs/inode.c:896! RIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896 Call Trace: evict+0x532/0x950 fs/inode.c:704 dispose_list fs/inode.c:747 [inline] evict_inodes+0x5f9/0x690 fs/inode.c:797 generic_shutdown_super+0x9d/0x2d0 fs/super.c:627 kill_block_super+0x44/0x90 fs/super.c:1696 kill_f2fs_super+0x344/0x690 fs/f2fs/super.c:4898 deactivate_locked_super+0xc4/0x130 fs/super.c:473 cleanup_mnt+0x41f/0x4b0 fs/namespace.c:1373 task_work_run+0x24f/0x310 kernel/task_work.c:228 ptrace_notify+0x2d2/0x380 kernel/signal.c:2402 ptrace_report_syscall include/linux/ptrace.h:415 [inline] ptrace_report_syscall_exit include/linux/ptrace.h:477 [inline] syscall_exit_work+0xc6/0x190 kernel/entry/common.c:173 syscall_exit_to_user_mode_prepare kernel/entry/common.c:200 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:205 [inline] syscall_exit_to_user_mode+0x279/0x370 kernel/entry/common.c:218 do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0010:f2fs_evict_inode+0x1598/0x15c0 fs/f2fs/inode.c:896 Online repaire on corrupted directory in f2fs_lookup() can generate dirty data/meta while racing w/ readonly remount, it may leave dirty inode after filesystem becomes readonly, however, checkpoint() will skips flushing dirty inode in a state of readonly mode, result in above panic. Let's get rid of online repaire in f2fs_lookup(), and leave the work to fsck.f2fs. Fixes: 510022a85839 ("f2fs: add F2FS_INLINE_DOTS to recover missing dot dentries") Reported-by: syzbot+ebea2790904673d7c618@syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/000000000000a7b20f061ff2d56a@google.com Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit fccaa81de87e80b1809906f7e438e5766fbdc172 Author: Daeho Jeong Date: Wed Sep 4 08:33:06 2024 -0700 f2fs: prevent atomic file from being dirtied before commit Keep atomic file clean while updating and make it dirtied during commit in order to avoid unnecessary and excessive inode updates in the previous fix. Fixes: 4bf78322346f ("f2fs: mark inode dirty for FI_ATOMIC_COMMITTED flag") Signed-off-by: Daeho Jeong Signed-off-by: Jaegeuk Kim commit cd4ea49599a3b2233e5fb24a73b2f2d1ea3e35dc Merge: a436c77ea26b0c ba2b9de0c1ac2a Author: Dave Airlie Date: Wed Sep 11 13:21:55 2024 +1000 Merge tag 'drm-misc-next-fixes-2024-09-05' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-next Short summary of fixes pull: tegra: - Fix uninitialized variable in EDID code Signed-off-by: Dave Airlie From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240905113836.GA292407@linux.fritz.box commit a436c77ea26b0c4e9593a8b972eb2b6aca8c7da1 Merge: 741d73f587d5cc 94ebc3d3235c5c Author: Dave Airlie Date: Wed Sep 11 13:05:37 2024 +1000 Merge tag 'exynos-drm-next-for-v6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos into drm-next Three cleanups - Drop stale exynos file pattern from MAINTAINERS file The old "exynos" directory is removed from MAINTAINERS as Samsung Exynos display bindings have been relocated. This resolves a warning from get_maintainers.pl about no files matching the outdated directory. - Constify struct exynos_drm_ipp_funcs By making struct exynos_drm_ipp_funcs constant, the patch enhances security by moving the structure to a read-only section of memory. This change results in a slight reduction in the data section size. - Remove unnecessary code The function exynos_atomic_commit is removed as it became redundant after a previous update. This cleans up the code and eliminates unused function declarations. One fixup - Fix wrong assignment in gsc_bind() A double assignment in gsc_bind() was flagged by the cocci tool and corrected to fix an incorrect assignment, addressing a potential issue introduced in a prior commit. Signed-off-by: Dave Airlie From: Inki Dae Link: https://patchwork.freedesktop.org/patch/msgid/20240909004641.406858-1-inki.dae@samsung.com commit f3b6129b7d252b2fbdcac2e0005abc6804dc287c Merge: 474bb1aa4548e6 13acc5c4cdbecc Author: Jakub Kicinski Date: Tue Sep 10 20:05:09 2024 -0700 Merge branch '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue Tony Nguyen says: ==================== ice: support devlink subfunction Michal Swiatkowski says: Currently ice driver does not allow creating more than one networking device per physical function. The only way to have more hardware backed netdev is to use SR-IOV. Following patchset adds support for devlink port API. For each new pcisf type port, driver allocates new VSI, configures all resources needed, including dynamically MSIX vectors, program rules and registers new netdev. This series supports only one Tx/Rx queue pair per subfunction. Example commands: devlink port add pci/0000:31:00.1 flavour pcisf pfnum 1 sfnum 1000 devlink port function set pci/0000:31:00.1/1 hw_addr 00:00:00:00:03:14 devlink port function set pci/0000:31:00.1/1 state active devlink port function del pci/0000:31:00.1/1 Make the port representor and eswitch code generic to support subfunction representor type. VSI configuration is slightly different between VF and SF. It needs to be reflected in the code. * '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue: ice: subfunction activation and base devlink ops ice: basic support for VLAN in subfunctions ice: support subfunction devlink Tx topology ice: implement netdevice ops for SF representor ice: check if SF is ready in ethtool ops ice: don't set target VSI for subfunction ice: create port representor for SF ice: make representor code generic ice: implement netdev for subfunction ice: base subfunction aux driver ice: allocate devlink for subfunction ice: treat subfunction VSI the same as PF VSI ice: add basic devlink subfunctions support ice: export ice ndo_ops functions ice: add new VSI type for subfunctions ==================== Link: https://patch.msgid.link/20240906223010.2194591-1-anthony.l.nguyen@intel.com Signed-off-by: Jakub Kicinski commit 474bb1aa4548e6102c1b7e688595c820baf0f80f Merge: ea403549daa6e5 510f9f61a1121a Author: Jakub Kicinski Date: Tue Sep 10 20:01:15 2024 -0700 Merge tag 'mlx5-updates-2024-09-02' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux Saeed Mahameed says: ==================== mlx5-updates-2024-08-29 HW-Managed Flow Steering in mlx5 driver Yevgeny Kliteynik says: ======================= 1. Overview ----------- ConnectX devices support packet matching, modification, and redirection. This functionality is referred as Flow Steering. To configure a steering rule, the rule is written to the device-owned memory. This memory is accessed and cached by the device when processing a packet. The first implementation of Flow Steering was done in FW, and it is referred in the mlx5 driver as Device-Managed Flow Steering (DMFS). Later we introduced SW-managed Flow Steering (SWS or SMFS), where the driver is writing directly to the device's configuration memory (ICM) through RC QP using RDMA operations (RDMA-read and RDAM-write), thus achieving higher rates of rule insertion/deletion. Now we introduce a new flow steering implementation: HW-Managed Flow Steering (HWS or HMFS). In this new approach, the driver is configuring steering rules directly to the HW using the WQs with a special new type of WQE. This way we can reach higher rule insertion/deletion rate with much lower CPU utilization compared to SWS. The key benefits of HWS as opposed to SWS: + HW manages the steering decision tree - HW calculates CRC for each entry - HW handles tree hash collisions - HW & FW manage objects refcount + HW keeps cache coherency: - HW provides tree access locking and synchronization - HW provides notification on completion + Insertion rate isn’t affected by background traffic - Dedicated HW components that handle insertion 2. Performance -------------- Measuring Connection Tracking with simple IPv4 flows w/o NAT, we are able to get ~5 times more flows offloaded per second using HWS. 3. Configuration ---------------- The enablement of HWS mode in eswitch manager is done using the same devlink param that is already used for switching between FW-managed steering and SW-managed steering modes: # devlink dev param set pci/ name flow_steering_mode cmod runtime value hmfs 4. Upstream Submission ---------------------- HWS support consists of 3 main components: + Steering: - The lower layer that exposes HWS API to upper layers and implements all the management of flow steering building blocks + FS-Core - Implementation of fs_hws layer to enable fs_core to use HWS instead of FW or SW steering - Create HW steering action pools to utilize the ability of HWS to share steering actions among different rules - Add support for configuring HWS mode through devlink command, similar to configuring SWS mode + Connection Tracking - Implementation of CT support for HW steering - Hooks up the CT ops for the new steering mode and uses the HWS API to implement connection tracking. Because of the large number of patches, we need to perform the submission in several separate patch series. This series is the first submission that lays the ground work for the next submissions, where an actual user of HWS will be added. 5. Patches in this series ------------------------- This patch series contains implementation of the first bullet from above. ======================= * tag 'mlx5-updates-2024-09-02' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux: net/mlx5: HWS, added API and enabled HWS support net/mlx5: HWS, added send engine and context handling net/mlx5: HWS, added debug dump and internal headers net/mlx5: HWS, added backward-compatible API handling net/mlx5: HWS, added memory management handling net/mlx5: HWS, added vport handling net/mlx5: HWS, added modify header pattern and args handling net/mlx5: HWS, added FW commands handling net/mlx5: HWS, added matchers functionality net/mlx5: HWS, added definers handling net/mlx5: HWS, added rules handling net/mlx5: HWS, added tables handling net/mlx5: HWS, added actions handling net/mlx5: Added missing definitions in preparation for HW Steering net/mlx5: Added missing mlx5_ifc definition for HW Steering ==================== Link: https://patch.msgid.link/20240909181250.41596-1-saeed@kernel.org Signed-off-by: Jakub Kicinski commit ea403549daa6e546a33418d029dc1984309a35db Merge: e35b0515bbc406 e62d39332d4b94 Author: Jakub Kicinski Date: Tue Sep 10 19:00:47 2024 -0700 Merge tag 'ipsec-next-2024-09-10' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next Steffen Klassert says: ==================== pull request (net-next): ipsec-next 2024-09-10 1) Remove an unneeded WARN_ON on packet offload. From Patrisious Haddad. 2) Add a copy from skb_seq_state to buffer function. This is needed for the upcomming IPTFS patchset. From Christian Hopps. 3) Spelling fix in xfrm.h. From Simon Horman. 4) Speed up xfrm policy insertions. From Florian Westphal. 5) Add and revert a patch to support xfrm interfaces for packet offload. This patch was just half cooked. 6) Extend usage of the new xfrm_policy_is_dead_or_sk helper. From Florian Westphal. 7) Update comments on sdb and xfrm_policy. From Florian Westphal. 8) Fix a null pointer dereference in the new policy insertion code From Florian Westphal. 9) Fix an uninitialized variable in the new policy insertion code. From Nathan Chancellor. * tag 'ipsec-next-2024-09-10' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next: xfrm: policy: Restore dir assignments in xfrm_hash_rebuild() xfrm: policy: fix null dereference Revert "xfrm: add SA information to the offloaded packet" xfrm: minor update to sdb and xfrm_policy comments xfrm: policy: use recently added helper in more places xfrm: add SA information to the offloaded packet xfrm: policy: remove remaining use of inexact list xfrm: switch migrate to xfrm_policy_lookup_bytype xfrm: policy: don't iterate inexact policies twice at insert time selftests: add xfrm policy insertion speed test script xfrm: Correct spelling in xfrm.h net: add copy from skb_seq_state to buffer function xfrm: Remove documentation WARN_ON to limit return values for offloaded SA ==================== Link: https://patch.msgid.link/20240910065507.2436394-1-steffen.klassert@secunet.com Signed-off-by: Jakub Kicinski commit e35b0515bbc406de1b7e2703250e32c4acaeda38 Merge: 955f5b1508629c f77cdee5db06c6 Author: Jakub Kicinski Date: Tue Sep 10 18:42:48 2024 -0700 Merge branch 'bnxt_en-msix-improvements' Michael Chan says: ==================== bnxt_en: MSIX improvements This patchset makes some improvements related to MSIX. The first patch adjusts the default MSIX vectors assigned for RoCE. On the PF, the number of MSIX is increased to 64 from the current 9. The second patch allocates additional MSIX vectors ahead of time when changing ethtool channels if dynamic MSIX is supported. The 3rd patch makes sure that the IRQ name is not truncated. ==================== Link: https://patch.msgid.link/20240909202737.93852-1-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit f77cdee5db06c6e4c30573889964c4cf1e3042a3 Author: Edwin Peer Date: Mon Sep 9 13:27:37 2024 -0700 bnxt_en: resize bnxt_irq name field to fit format string The name field of struct bnxt_irq is written using snprintf in bnxt_setup_msix(). Make the field large enough to fit the maximal formatted string to prevent truncation. Truncated IRQ names are less meaningful to the user. For example, "enp4s0f0np0-TxRx-0" gets truncated to "enp4s0f0np0-TxRx-" with the existing code. Make sure we have space for the extra characters added to the IRQ names: - the characters introduced by the static format string: hyphens - the maximal static substituted ring type string: "TxRx" - the maximum length of an integer formatted as a string, even though reasonable ring numbers would never be as long as this. Signed-off-by: Edwin Peer Signed-off-by: Michael Chan Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240909202737.93852-4-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit 2d51eb0bd81cfbafc762592ede9e9234063cc853 Author: Michael Chan Date: Mon Sep 9 13:27:36 2024 -0700 bnxt_en: Add MSIX check in bnxt_check_rings() bnxt_check_rings() is called to ensure that we have the hardware ring resources before committing to reinitialize with the new number of rings. MSIX vectors are never checked at this point, because up until recently we must first disable MSIX before we can allocate the new set of MSIX vectors. Now that we support dynamic MSIX allocation, check to make sure we can dynamically allocate the new MSIX vectors as the last step in bnxt_check_rings() if dynamic MSIX is supported. For example, the IOMMU group may limit the number of MSIX vectors for the device. With this patch, the ring change will fail more gracefully when there is not enough MSIX vectors. It is also better to move bnxt_check_rings() to be called as the last step when changing ethtool rings. Reviewed-by: Somnath Kotur Reviewed-by: Kalesh AP Reviewed-by: Andy Gospodarek Signed-off-by: Michael Chan Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240909202737.93852-3-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit f775cb1bbfd50cbbdafd4b18c1650eb5477ba769 Author: Michael Chan Date: Mon Sep 9 13:27:35 2024 -0700 bnxt_en: Increase the number of MSIX vectors for RoCE device If RocE is supported on the device, set the number of RoCE MSIX vectors to the number of online CPUs + 1 and capped at these maximums: VF: 2 NPAR: 5 PF: 64 For the PF, the maximum is now increased from the previous value of 9 to get better performance for kernel applications. Remove the unnecessary check for BNXT_FLAG_ROCE_CAP. bnxt_set_dflt_ulp_msix() will only be called if the flag is set. Reviewed-by: Andy Gospodarek Signed-off-by: Michael Chan Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240909202737.93852-2-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit 955f5b1508629c27682c9e5f6bad47769908b47f Author: Rob Herring (Arm) Date: Mon Sep 9 12:23:42 2024 -0500 net: amlogic,meson-dwmac: Fix "amlogic,tx-delay-ns" schema The "amlogic,tx-delay-ns" property schema has unnecessary type reference as it's a standard unit suffix, and the constraints are in freeform text rather than schema. Signed-off-by: Rob Herring (Arm) Reviewed-by: Martin Blumenstingl Link: https://patch.msgid.link/20240909172342.487675-2-robh@kernel.org Signed-off-by: Jakub Kicinski commit 3a1f6f45519464fb2c85ab3706b17a27b4207ff3 Merge: d59239f8a4000e 736f0c7a8ec2d1 Author: Jakub Kicinski Date: Tue Sep 10 18:34:54 2024 -0700 Merge branch 'net-xilinx-axienet-partial-checksum-offload-improvements' Sean Anderson says: ==================== net: xilinx: axienet: Partial checksum offload improvements Partial checksum offload is not always used when it could be. Enable it in more cases. ==================== Link: https://patch.msgid.link/20240909161016.1149119-1-sean.anderson@linux.dev Signed-off-by: Jakub Kicinski commit 736f0c7a8ec2d1d39aed0b3fb67127a37eb5311b Author: Sean Anderson Date: Mon Sep 9 12:10:16 2024 -0400 net: xilinx: axienet: Relax partial rx checksum checks The partial rx checksum feature computes a checksum over the entire packet, regardless of the L3 protocol. Remove the check for IPv4. Additionally, testing with csum.py (from kselftests) shows no anomalies with 64-byte packets, so we can remove that check as well. Signed-off-by: Sean Anderson Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240909161016.1149119-5-sean.anderson@linux.dev Signed-off-by: Jakub Kicinski commit 06c069ff2f7013f85bd071e8bfccc4808ac59da4 Author: Sean Anderson Date: Mon Sep 9 12:10:15 2024 -0400 net: xilinx: axienet: Set RXCSUM in features When it is supported by hardware, we enable receive checksum offload unconditionally. Update features to reflect this. Signed-off-by: Sean Anderson Link: https://patch.msgid.link/20240909161016.1149119-4-sean.anderson@linux.dev Signed-off-by: Jakub Kicinski commit dd28f4c0e81f42ba998462db0d117d93af5b7cb8 Author: Sean Anderson Date: Mon Sep 9 12:10:14 2024 -0400 net: xilinx: axienet: Enable NETIF_F_HW_CSUM for partial tx checksumming Partial tx chechsumming is completely generic and does not depend on the L3/L4 protocol. Signal this to the net subsystem by enabling the more-generic offload feature (instead of restricting ourselves to TCP/UDP over IPv4 checksumming only like is necessary with full checksumming). Signed-off-by: Sean Anderson Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240909161016.1149119-3-sean.anderson@linux.dev Signed-off-by: Jakub Kicinski commit b1e455cd864c9a29a84673255715154374c76ab6 Author: Sean Anderson Date: Mon Sep 9 12:10:13 2024 -0400 net: xilinx: axienet: Remove unused checksum variables These variables are set but never used. Remove them. Signed-off-by: Sean Anderson Reviewed-by: Simon Horman Reviewed-by: Radhey Shyam Pandey Link: https://patch.msgid.link/20240909161016.1149119-2-sean.anderson@linux.dev Signed-off-by: Jakub Kicinski commit d59239f8a4000e080e5fc606d6e709fad4028fb7 Author: Colin Ian King Date: Mon Sep 9 14:46:12 2024 +0100 rtase: Fix spelling mistake: "tx_underun" -> "tx_underrun" There is a spelling mistake in the struct field tx_underun, rename it to tx_underrun. Signed-off-by: Colin Ian King Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240909134612.63912-1-colin.i.king@gmail.com Signed-off-by: Jakub Kicinski commit 8df9439389a44fb2cc4ef695e08d6a8870b1616c Author: Colin Ian King Date: Mon Sep 9 15:00:21 2024 +0100 r8169: Fix spelling mistake: "tx_underun" -> "tx_underrun" There is a spelling mistake in the struct field tx_underun, rename it to tx_underrun. Signed-off-by: Colin Ian King Reviewed-by: Simon Horman Reviewed-by: Heiner Kallweit Link: https://patch.msgid.link/20240909140021.64884-1-colin.i.king@gmail.com Signed-off-by: Jakub Kicinski commit c48994baefdc1e092d1ebd979ae573e73fcfb9c5 Author: Dave Taht Date: Mon Sep 9 11:16:28 2024 +0200 sch_cake: constify inverse square root cache sch_cake uses a cache of the first 16 values of the inverse square root calculation for the Cobalt AQM to save some cycles on the fast path. This cache is populated when the qdisc is first loaded, but there's really no reason why it can't just be pre-populated. So change it to be pre-populated with constants, which also makes it possible to constify it. This gives a modest space saving for the module (not counting debug data): .text: -224 bytes .rodata: +80 bytes .bss: -64 bytes Total: -192 bytes Signed-off-by: Dave Taht [ fixed up comment, rewrote commit message ] Signed-off-by: Toke Høiland-Jørgensen Link: https://patch.msgid.link/20240909091630.22177-1-toke@redhat.com Signed-off-by: Jakub Kicinski commit 741d73f587d5cc86db5e65cc107e031263302616 Merge: 32bd3eb5fbab95 7a199557643e99 Author: Dave Airlie Date: Wed Sep 11 11:21:55 2024 +1000 Merge tag 'amd-drm-next-6.12-2024-09-06' of https://gitlab.freedesktop.org/agd5f/linux into drm-next amd-drm-next-6.12-2024-09-06: amdgpu: - IPS updates - Post divider fix - DML2 updates - Misc static checker fixes - DCN 3.5 fixes - Replay fixes - DMCUB updates - SWSMU fixes - DP MST fixes - Add debug flag for per queue resets - devcoredump updates - SR-IOV fixes - MES fixes - Always allocate cleared VRAM for GEM - Pipe reset for GC 9.4.3 - ODM policy fixes - Per queue reset support for GC 10 - Per queue reset support for GC 11 - Per queue reset support for GC 12 - Display flickering fixes - MPO fixes - Display sharpening updates amdkfd: - SVM fix for IH for APUs Signed-off-by: Dave Airlie From: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20240906211008.3072097-1-alexander.deucher@amd.com commit 87f10faf166a9114aa0d4132298cad379de16fdd Author: Bjorn Helgaas Date: Tue Aug 27 18:48:48 2024 -0500 PCI: Rename CRS Completion Status to RRS PCIe r6.0 changed the abbreviation for "Configuration Request Retry Status" Completion Status from "CRS" to "RRS" and uses the terminology of "Configuration RRS Software Visibility" instead of "CRS Software Visibility". Align the Linux usage with the r6.0 spec language. No functional change intended. It's confusing to make this change, but I think "RRS" *is* a better abbreviation because it was easy to interpret "CRS" as "Completion Retry Status", which really didn't make any sense. Link: https://lore.kernel.org/r/20240827234848.4429-4-helgaas@kernel.org Signed-off-by: Bjorn Helgaas commit dd4e47eab886abf28859ccf8aad373983015f89e Author: Bjorn Helgaas Date: Tue Aug 27 18:48:47 2024 -0500 PCI: aardvark: Correct Configuration RRS checking Per PCIe r6.0, sec 2.3.2, when a Root Complex handles a Completion with Request Retry Status for a Configuration Read Request that includes both bytes of the Vendor ID field, it must complete the Request to the host by returning 0001h for the Vendor ID and all 1's for any additional bytes. Previously we only returned the 0001h Vendor ID value if we got an RRS completion for reads of exactly 4 bytes. A read of 2 bytes would not qualify, although the spec says it should. Check for reads of 2 or more bytes including the Vendor ID. I don't think this will fix any observable problems because RRS only applies to the first config reads after reset, and those are all currently dword (4-byte) reads. Link: https://lore.kernel.org/r/20240827234848.4429-3-helgaas@kernel.org Signed-off-by: Bjorn Helgaas commit d591f6804e7e1310881c9224d72247a2b65039af Author: Bjorn Helgaas Date: Tue Aug 27 18:48:46 2024 -0500 PCI: Wait for device readiness with Configuration RRS After a device reset, delays are required before the device can successfully complete config accesses. PCIe r6.0, sec 6.6, specifies some delays required before software can perform config accesses. Devices that require more time after those delays may respond to config accesses with Configuration Request Retry Status (RRS) completions. Callers of pci_dev_wait() are responsible for delays until the device can respond to config accesses. pci_dev_wait() waits any additional time until the device can successfully complete config accesses. Reading config space of devices that are not present or not ready typically returns ~0 (PCI_ERROR_RESPONSE). Previously we polled the Command register until we got a value other than ~0. This is sometimes a problem because Root Complex handling of RRS completions may include several retries and implementation-specific behavior that is invisible to software (see sec 2.3.2), so the exponential backoff in pci_dev_wait() may not work as intended. Linux enables Configuration RRS Software Visibility on all Root Ports that support it. If it is enabled, read the Vendor ID instead of the Command register. RRS completions cause immediate return of the 0x0001 reserved Vendor ID value, so the pci_dev_wait() backoff works correctly. When a read of Vendor ID eventually completes successfully by returning a non-0x0001 value (the Vendor ID or 0xffff for VFs), the device should be initialized and ready to respond to config requests. For conventional PCI devices or devices below Root Ports that don't support Configuration RRS Software Visibility, poll the Command register as before. This was developed independently, but is very similar to Stanislav Spassov's previous work at https://lore.kernel.org/linux-pci/20200223122057.6504-1-stanspas@amazon.com Link: https://lore.kernel.org/r/20240827234848.4429-2-helgaas@kernel.org Signed-off-by: Bjorn Helgaas Tested-by: Duc Dang commit 3f464b193d40e49299dcd087b10cc3b77cbbea68 Author: Pieter Van Trappen Date: Mon Sep 9 15:42:59 2024 +0200 net: dsa: microchip: update tag_ksz masks for KSZ9477 family Remove magic number 7 by introducing a GENMASK macro instead. Remove magic number 0x80 by using the BIT macro instead. Signed-off-by: Pieter Van Trappen Reviewed-by: Florian Fainelli Link: https://patch.msgid.link/20240909134301.75448-1-vtpieter@gmail.com Signed-off-by: Jakub Kicinski commit 97b1ebb1e27d71a34367f6401ddebbd837d076a9 Merge: e503f82e304b03 fffe8efd689f29 Author: Jakub Kicinski Date: Tue Sep 10 16:55:24 2024 -0700 Merge branch 'net-timestamp-introduce-a-flag-to-filter-out-rx-software-and-hardware-report' Jason Xing says: ==================== net-timestamp: introduce a flag to filter out rx software and hardware report When one socket is set SOF_TIMESTAMPING_RX_SOFTWARE which means the whole system turns on the netstamp_needed_key button, other sockets that only have SOF_TIMESTAMPING_SOFTWARE will be affected and then print the rx timestamp information even without setting SOF_TIMESTAMPING_RX_SOFTWARE generation flag. How to solve it without breaking users? We introduce a new flag named SOF_TIMESTAMPING_OPT_RX_FILTER. Using it together with SOF_TIMESTAMPING_SOFTWARE can stop reporting the rx software timestamp. Similarly, we also filter out the hardware case where one process enables the rx hardware generation flag, then another process only passing SOF_TIMESTAMPING_RAW_HARDWARE gets the timestamp. So we can set both SOF_TIMESTAMPING_RAW_HARDWARE and SOF_TIMESTAMPING_OPT_RX_FILTER to stop reporting rx hardware timestamp after this patch applied. v6: https://lore.kernel.org/20240906095640.77533-1-kerneljasonxing@gmail.com v5: https://lore.kernel.org/20240905071738.3725-1-kerneljasonxing@gmail.com v4: https://lore.kernel.org/20240830153751.86895-1-kerneljasonxing@gmail.com v3: https://lore.kernel.org/20240828160145.68805-1-kerneljasonxing@gmail.com v2: https://lore.kernel.org/20240825152440.93054-1-kerneljasonxing@gmail.com ==================== Link: https://patch.msgid.link/20240909015612.3856-1-kerneljasonxing@gmail.com Signed-off-by: Jakub Kicinski commit fffe8efd689f29553f59dc6b3ce2867307ad37a2 Author: Jason Xing Date: Mon Sep 9 09:56:12 2024 +0800 net-timestamp: add selftests for SOF_TIMESTAMPING_OPT_RX_FILTER Test a few possible cases where we use SOF_TIMESTAMPING_OPT_RX_FILTER with software or hardware report/generation flag. Signed-off-by: Jason Xing Reviewed-by: Willem de Bruijn Link: https://patch.msgid.link/20240909015612.3856-3-kerneljasonxing@gmail.com Signed-off-by: Jakub Kicinski commit be8e9eb3750639aa5cffb3f764ca080caed41bd0 Author: Jason Xing Date: Mon Sep 9 09:56:11 2024 +0800 net-timestamp: introduce SOF_TIMESTAMPING_OPT_RX_FILTER flag introduce a new flag SOF_TIMESTAMPING_OPT_RX_FILTER in the receive path. User can set it with SOF_TIMESTAMPING_SOFTWARE to filter out rx software timestamp report, especially after a process turns on netstamp_needed_key which can time stamp every incoming skb. Previously, we found out if an application starts first which turns on netstamp_needed_key, then another one only passing SOF_TIMESTAMPING_SOFTWARE could also get rx timestamp. Now we handle this case by introducing this new flag without breaking users. Quoting Willem to explain why we need the flag: "why a process would want to request software timestamp reporting, but not receive software timestamp generation. The only use I see is when the application does request SOF_TIMESTAMPING_SOFTWARE | SOF_TIMESTAMPING_TX_SOFTWARE." Similarly, this new flag could also be used for hardware case where we can set it with SOF_TIMESTAMPING_RAW_HARDWARE, then we won't receive hardware receive timestamp. Another thing about errqueue in this patch I have a few words to say: In this case, we need to handle the egress path carefully, or else reporting the tx timestamp will fail. Egress path and ingress path will finally call sock_recv_timestamp(). We have to distinguish them. Errqueue is a good indicator to reflect the flow direction. Suggested-by: Willem de Bruijn Signed-off-by: Jason Xing Reviewed-by: Willem de Bruijn Link: https://patch.msgid.link/20240909015612.3856-2-kerneljasonxing@gmail.com Signed-off-by: Jakub Kicinski commit e503f82e304b039332226008addac9d13ac68cb9 Author: Jason Xing Date: Sun Sep 8 20:41:41 2024 +0800 net-timestamp: correct the use of SOF_TIMESTAMPING_RAW_HARDWARE SOF_TIMESTAMPING_RAW_HARDWARE is a report flag which passes the timestamps generated by either SOF_TIMESTAMPING_TX_HARDWARE or SOF_TIMESTAMPING_RX_HARDWARE to the userspace all the time. So let us revise the doc here. Link: https://lore.kernel.org/all/66d8c21d3042a_163d93294cb@willemb.c.googlers.com.notmuch/ Suggested-by: Willem de Bruijn Reviewed-by: Willem de Bruijn Signed-off-by: Jason Xing Link: https://patch.msgid.link/20240908124141.39628-1-kerneljasonxing@gmail.com Signed-off-by: Jakub Kicinski commit cce2991e7e705bbfcc3e7800b025c68201d9998f Merge: 525034e2e2ee60 22a805d880c2f2 Author: Jakub Kicinski Date: Tue Sep 10 16:42:14 2024 -0700 Merge branch 'net-stmmac-fpe-via-ethtool-tc' Furong Xu says: ==================== net: stmmac: FPE via ethtool + tc Move the Frame Preemption(FPE) over to the new standard API which uses ethtool-mm/tc-mqprio/tc-taprio. ==================== Link: https://patch.msgid.link/cover.1725631883.git.0x1207@gmail.com Signed-off-by: Jakub Kicinski commit 22a805d880c2f2aaf37e0ed6a48aaecae98a0fe6 Author: Furong Xu <0x1207@gmail.com> Date: Fri Sep 6 22:30:12 2024 +0800 net: stmmac: silence FPE kernel logs ethtool --show-mm can get real-time state of FPE. fpe_irq_status logs should keep quiet. tc-taprio can always query driver state, delete unbalanced logs. Signed-off-by: Furong Xu <0x1207@gmail.com> Reviewed-by: Vladimir Oltean Link: https://patch.msgid.link/39943d7967f291674a97ef0572878aca273087e9.1725631883.git.0x1207@gmail.com Signed-off-by: Jakub Kicinski commit 15d8a407a54708cacefd5e36c069e7ba36a36050 Author: Furong Xu <0x1207@gmail.com> Date: Fri Sep 6 22:30:11 2024 +0800 net: stmmac: support fp parameter of tc-taprio tc-taprio can select whether traffic classes are express or preemptible. 0) tc qdisc add dev eth1 parent root handle 100 taprio \ num_tc 4 \ map 0 1 2 3 2 2 2 2 2 2 2 2 2 2 2 3 \ queues 1@0 1@1 1@2 1@3 \ base-time 1000000000 \ sched-entry S 03 10000000 \ sched-entry S 0e 10000000 \ flags 0x2 fp P E E E 1) After some traffic tests, MAC merge layer statistics are all good. Local device: [ { "ifname": "eth1", "pmac-enabled": true, "tx-enabled": true, "tx-active": true, "tx-min-frag-size": 60, "rx-min-frag-size": 60, "verify-enabled": true, "verify-time": 100, "max-verify-time": 128, "verify-status": "SUCCEEDED", "statistics": { "MACMergeFrameAssErrorCount": 0, "MACMergeFrameSmdErrorCount": 0, "MACMergeFrameAssOkCount": 0, "MACMergeFragCountRx": 0, "MACMergeFragCountTx": 17837, "MACMergeHoldCount": 18639 } } ] Remote device: [ { "ifname": "end1", "pmac-enabled": true, "tx-enabled": true, "tx-active": true, "tx-min-frag-size": 60, "rx-min-frag-size": 60, "verify-enabled": true, "verify-time": 100, "max-verify-time": 128, "verify-status": "SUCCEEDED", "statistics": { "MACMergeFrameAssErrorCount": 0, "MACMergeFrameSmdErrorCount": 0, "MACMergeFrameAssOkCount": 17189, "MACMergeFragCountRx": 17837, "MACMergeFragCountTx": 0, "MACMergeHoldCount": 0 } } ] Tested on DWMAC CORE 5.10a Signed-off-by: Furong Xu <0x1207@gmail.com> Reviewed-by: Vladimir Oltean Link: https://patch.msgid.link/0d21ae356fb3cab77337527e87d46748a4852055.1725631883.git.0x1207@gmail.com Signed-off-by: Jakub Kicinski commit 195e4f409a40f269bacc9a165f6ab77918b5422c Author: Furong Xu <0x1207@gmail.com> Date: Fri Sep 6 22:30:10 2024 +0800 net: stmmac: support fp parameter of tc-mqprio tc-mqprio can select whether traffic classes are express or preemptible. After some traffic tests, MAC merge layer statistics are all good. Local device: ethtool --include-statistics --json --show-mm eth1 [ { "ifname": "eth1", "pmac-enabled": true, "tx-enabled": true, "tx-active": true, "tx-min-frag-size": 60, "rx-min-frag-size": 60, "verify-enabled": true, "verify-time": 100, "max-verify-time": 128, "verify-status": "SUCCEEDED", "statistics": { "MACMergeFrameAssErrorCount": 0, "MACMergeFrameSmdErrorCount": 0, "MACMergeFrameAssOkCount": 0, "MACMergeFragCountRx": 0, "MACMergeFragCountTx": 35105, "MACMergeHoldCount": 0 } } ] Remote device: ethtool --include-statistics --json --show-mm end1 [ { "ifname": "end1", "pmac-enabled": true, "tx-enabled": true, "tx-active": true, "tx-min-frag-size": 60, "rx-min-frag-size": 60, "verify-enabled": true, "verify-time": 100, "max-verify-time": 128, "verify-status": "SUCCEEDED", "statistics": { "MACMergeFrameAssErrorCount": 0, "MACMergeFrameSmdErrorCount": 0, "MACMergeFrameAssOkCount": 35105, "MACMergeFragCountRx": 35105, "MACMergeFragCountTx": 0, "MACMergeHoldCount": 0 } } ] Tested on DWMAC CORE 5.10a Signed-off-by: Furong Xu <0x1207@gmail.com> Reviewed-by: Vladimir Oltean Link: https://patch.msgid.link/592965ea93ed8240f0a1b8f6f8ebb8914f69419b.1725631883.git.0x1207@gmail.com Signed-off-by: Jakub Kicinski commit 0f156aceeef7bb1789d25cf7e82e561679398d38 Author: Furong Xu <0x1207@gmail.com> Date: Fri Sep 6 22:30:09 2024 +0800 net: stmmac: configure FPE via ethtool-mm Implement ethtool --show-mm and --set-mm callbacks. NIC up/down, link up/down, suspend/resume, kselftest-ethtool_mm, all tested okay. Signed-off-by: Furong Xu <0x1207@gmail.com> Reviewed-by: Vladimir Oltean Link: https://patch.msgid.link/06ed409314fe0ee37b78b800922f2c0cce762532.1725631883.git.0x1207@gmail.com Signed-off-by: Jakub Kicinski commit 8d43e99a5a03ae8307b2d588ec080308f35ebc9e Author: Furong Xu <0x1207@gmail.com> Date: Fri Sep 6 22:30:08 2024 +0800 net: stmmac: refactor FPE verification process Drop driver defined stmmac_fpe_state, and switch to common ethtool_mm_verify_status for local TX verification status. Local side and remote side verification processes are completely independent. There is no reason at all to keep a local state and a remote state. Add a spinlock to avoid races among ISR, timer, link update and register configuration. This patch is based on Vladimir Oltean's proposal. Vladimir Oltean says: ==================== In the INITIAL state, the timer sends MPACKET_VERIFY. Eventually the stmmac_fpe_event_status() IRQ fires and advances the state to VERIFYING, then rearms the timer after verify_time ms. If a subsequent IRQ comes in and modifies the state to SUCCEEDED after getting MPACKET_RESPONSE, the timer sees this. It must enable the EFPE bit now. Otherwise, it decrements the verify_limit counter and tries again. Eventually it moves the status to FAILED, from which the IRQ cannot move it anywhere else, except for another stmmac_fpe_apply() call. ==================== Co-developed-by: Vladimir Oltean Signed-off-by: Vladimir Oltean Signed-off-by: Furong Xu <0x1207@gmail.com> Reviewed-by: Vladimir Oltean Link: https://patch.msgid.link/151f86c8428eba967039718c6bf90a7d841e703b.1725631883.git.0x1207@gmail.com Signed-off-by: Jakub Kicinski commit 59dd7fc932e54083b0e7d3e1f4ddf6ba3a158b0e Author: Furong Xu <0x1207@gmail.com> Date: Fri Sep 6 22:30:07 2024 +0800 net: stmmac: drop stmmac_fpe_handshake ethtool --set-mm can trigger FPE verification process by calling stmmac_fpe_send_mpacket, stmmac_fpe_handshake should be gone. Signed-off-by: Furong Xu <0x1207@gmail.com> Reviewed-by: Vladimir Oltean Link: https://patch.msgid.link/42018b1a15eb3ced567fd6a73798c7cd4e08799a.1725631883.git.0x1207@gmail.com Signed-off-by: Jakub Kicinski commit 070a5e6295e88a2b75cbfef04ff8b4ec05775e6d Author: Furong Xu <0x1207@gmail.com> Date: Fri Sep 6 22:30:06 2024 +0800 net: stmmac: move stmmac_fpe_cfg to stmmac_priv data By moving the fpe_cfg field to the stmmac_priv data, stmmac_fpe_cfg becomes platform-data eventually, instead of a run-time config. Suggested-by: Serge Semin Signed-off-by: Furong Xu <0x1207@gmail.com> Reviewed-by: Vladimir Oltean Reviewed-by: Serge Semin Link: https://patch.msgid.link/d9b3d7ecb308c5e39778a4c8ae9df288a2754379.1725631883.git.0x1207@gmail.com Signed-off-by: Jakub Kicinski commit 82abef590eb31d373e632743262ee7c42f49c289 Author: David Lechner Date: Tue Sep 10 16:58:47 2024 -0500 Input: ims-pcu - fix calling interruptible mutex Fix calling scoped_cond_guard() with mutex instead of mutex_intr. scoped_cond_guard(mutex, ...) will call mutex_lock() instead of mutex_lock_interruptible(). Fixes: 703f12672e1f ("Input: ims-pcu - switch to using cleanup functions") Signed-off-by: David Lechner Link: https://lore.kernel.org/r/20240910-input-misc-ims-pcu-fix-mutex-intr-v1-1-bdd983685c43@baylibre.com Signed-off-by: Dmitry Torokhov commit 32bd3eb5fbab954e68adba8c0b6a43cf03605c93 Merge: 2ef8d63da81d9e 596a7f1084e49c Author: Dave Airlie Date: Wed Sep 11 09:11:53 2024 +1000 Merge tag 'drm-intel-gt-next-2024-09-06' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-next Driver Changes: - Expose fan speed via hwmon (Raag) - Correction to Wa_14019159160 on ARL (John H) - Whitelist COMMON_SLICE_CHICKEN1 for UMD access on DG2/MTL/ARL (Dnyaneshwar) - Do not attempt to load the GSC multiple times to avoid hanging GSC HW (Daniele) - Populate /sys/class/drm/cardX/engines/ even if one engine fails (Andi) - Use kmemdup_array instead of kmemdup for multiple allocation (Yu) - Remove extra unlikely() (Hongbo) Signed-off-by: Dave Airlie From: Joonas Lahtinen Link: https://patchwork.freedesktop.org/patch/msgid/Ztrfr_Wuurfa-3Rv@jlahtine-mobl.ger.corp.intel.com commit e5dd410acb34c7341a0a93b429dcf3dabf9e3323 Author: Niklas Cassel Date: Mon Sep 9 17:42:38 2024 +0200 ata: libata: Clear DID_TIME_OUT for ATA PT commands with sense data When ata_qc_complete() schedules a command for EH using ata_qc_schedule_eh(), blk_abort_request() will be called, which leads to req->q->mq_ops->timeout() / scsi_timeout() being called. scsi_timeout(), if the LLDD has no abort handler (libata has no abort handler), will set host byte to DID_TIME_OUT, and then call scsi_eh_scmd_add() to add the command to EH. Thus, when commands first enter libata's EH strategy_handler, all the commands that have been added to EH will have DID_TIME_OUT set. libata has its own flag (AC_ERR_TIMEOUT), that it sets for commands that have not received a completion at the time of entering EH. Thus, libata doesn't really care about DID_TIME_OUT at all, and currently clears the host byte at the end of EH, in ata_scsi_qc_complete(), before scsi_eh_finish_cmd() is called. However, this clearing in ata_scsi_qc_complete() is currently only done for commands that are not ATA passthrough commands. Since the host byte is visible in the completion that we return to user space for ATA passthrough commands, for ATA passthrough commands that got completed via EH (commands with sense data), the user will incorrectly see: ATA pass-through(16): transport error: Host_status=0x03 [DID_TIME_OUT] Fix this by moving the clearing of the host byte (which is currently only done for commands that are not ATA passthrough commands) from ata_scsi_qc_complete() to the start of EH (regardless if the command is ATA passthrough or not). While at it, use the proper helper function to clear the host byte, rather than open coding the clearing. This will make sure that we: -Correctly clear DID_TIME_OUT for both ATA passthrough commands and commands that are not ATA passthrough commands. -Do not needlessly clear the host byte for commands that did not go via EH. ata_scsi_qc_complete() is called both for commands that are completed normally (without going via EH), and for commands that went via EH, however, only commands that went via EH will have DID_TIME_OUT set. Fixes: 24aeebbf8ea9 ("scsi: ata: libata: Change ata_eh_request_sense() to not set CHECK_CONDITION") Reported-by: Igor Pylypiv Closes: https://lore.kernel.org/linux-ide/ZttIN8He8TOZ7Lct@google.com/ Signed-off-by: Niklas Cassel Tested-by: Igor Pylypiv Reviewed-by: Hannes Reinecke Signed-off-by: Damien Le Moal commit 69f3014248f0f10e24f07a66ae650061ecaf732b Author: Andrew Kreimer Date: Wed Sep 11 00:12:41 2024 +0300 ASoC: tlv320aic31xx: Fix typos Fix typos in comments. Reported-by: Matthew Wilcox Signed-off-by: Andrew Kreimer Link: https://patch.msgid.link/20240910211302.8909-1-algonell@gmail.com Signed-off-by: Mark Brown commit a7609d2aec67ec16220036a5b1b14610883cdbd3 Author: Yu Kuai Date: Mon Sep 9 21:41:54 2024 +0800 block, bfq: factor out a helper to split bfqq in bfq_init_rq() Make code cleaner, there are no functional changes. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240909134154.954924-8-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit 3c61429c297582e0da7231fb29fc5ec1d2c7d1b2 Author: Yu Kuai Date: Mon Sep 9 21:41:53 2024 +0800 block, bfq: remove local variable 'bfqq_already_existing' in bfq_init_rq() Now that 'bfqq_already_existing' is only used in one branch, it can be removed. There are no functional changes. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240909134154.954924-7-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit e61e002a67da9ec36571af743c94a968cf1ce116 Author: Yu Kuai Date: Mon Sep 9 21:41:52 2024 +0800 block, bfq: remove local variable 'split' in bfq_init_rq() The local variable is used to call bfq_bfqq_resume_state() later, since 'bfqd->lock' is held, and bfqq status will not change between setting 'split' and calling bfq_bfqq_resume_state(), move forward bfq_bfqq_resume_state() so that 'split' can be removed. There are no functional chagnes. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240909134154.954924-6-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit 553a606c25f8ff5c518c7fcf488dd4dd5fbb4795 Author: Yu Kuai Date: Mon Sep 9 21:41:51 2024 +0800 block, bfq: remove bfq_log_bfqg() It's not used, hence can be removed. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240909134154.954924-5-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit bc3b1e9e7c50e1de0f573eea3871db61dd4787de Author: Yu Kuai Date: Mon Sep 9 21:41:50 2024 +0800 block, bfq: merge bfq_release_process_ref() into bfq_put_cooperator() Because bfq_put_cooperator() is always followed by bfq_release_process_ref(). Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240909134154.954924-4-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit 73aeab373557fa6ee4ae0b742c6211ccd9859280 Author: Yu Kuai Date: Mon Sep 9 21:41:49 2024 +0800 block, bfq: fix procress reference leakage for bfqq in merge chain Original state: Process 1 Process 2 Process 3 Process 4 (BIC1) (BIC2) (BIC3) (BIC4) Λ | | | \--------------\ \-------------\ \-------------\| V V V bfqq1--------->bfqq2---------->bfqq3----------->bfqq4 ref 0 1 2 4 After commit 0e456dba86c7 ("block, bfq: choose the last bfqq from merge chain in bfq_setup_cooperator()"), if P1 issues a new IO: Without the patch: Process 1 Process 2 Process 3 Process 4 (BIC1) (BIC2) (BIC3) (BIC4) Λ | | | \------------------------------\ \-------------\| V V bfqq1--------->bfqq2---------->bfqq3----------->bfqq4 ref 0 0 2 4 bfqq3 will be used to handle IO from P1, this is not expected, IO should be redirected to bfqq4; With the patch: ------------------------------------------- | | Process 1 Process 2 Process 3 | Process 4 (BIC1) (BIC2) (BIC3) | (BIC4) | | | | \-------------\ \-------------\| V V bfqq1--------->bfqq2---------->bfqq3----------->bfqq4 ref 0 0 2 4 IO is redirected to bfqq4, however, procress reference of bfqq3 is still 2, while there is only P2 using it. Fix the problem by calling bfq_merge_bfqqs() for each bfqq in the merge chain. Also change bfqq_merge_bfqqs() to return new_bfqq to simplify code. Fixes: 0e456dba86c7 ("block, bfq: choose the last bfqq from merge chain in bfq_setup_cooperator()") Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240909134154.954924-3-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit 1ba0403ac6447f2d63914fb760c44a3b19c44eaf Author: Yu Kuai Date: Mon Sep 9 21:41:48 2024 +0800 block, bfq: fix uaf for accessing waker_bfqq after splitting After commit 42c306ed7233 ("block, bfq: don't break merge chain in bfq_split_bfqq()"), if the current procress is the last holder of bfqq, the bfqq can be freed after bfq_split_bfqq(). Hence recored the bfqq and then access bfqq->waker_bfqq may trigger UAF. What's more, the waker_bfqq may in the merge chain of bfqq, hence just recored waker_bfqq is still not safe. Fix the problem by adding a helper bfq_waker_bfqq() to check if bfqq->waker_bfqq is in the merge chain, and current procress is the only holder. Fixes: 42c306ed7233 ("block, bfq: don't break merge chain in bfq_split_bfqq()") Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240909134154.954924-2-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit 29390bb5661d49d10424ad8e915230de1f7074c9 Author: Yu Kuai Date: Tue Sep 3 21:51:49 2024 +0800 blk-throttle: support prioritized processing of metadata Currently, blk-throttle handle all IO fifo, hence if data IO is throttled and then meta IO is dispatched, the meta IO will have to wait for the data IO, causing priority inversion problems. This patch support to handle metadata first and then pay debt while throttling data. Test script: use cgroup v1 to throttle root cgroup, then create new dir and file while write back is throttled test() { mkdir /mnt/test/xxx touch /mnt/test/xxx/1 sync /mnt/test/xxx sync /mnt/test/xxx } mkfs.ext4 -F /dev/nvme0n1 -E lazy_itable_init=0,lazy_journal_init=0 mount /dev/nvme0n1 /mnt/test echo "259:0 $((1024*1024))" > /sys/fs/cgroup/blkio/blkio.throttle.write_bps_device dd if=/dev/zero of=/mnt/test/foo1 bs=16M count=1 conv=fdatasync status=none & sleep 4 time test echo "259:0 0" > /sys/fs/cgroup/blkio/blkio.throttle.write_bps_device sleep 1 umount /dev/nvme0n1 Test result: time cost for creating new dir and file before this patch: 14s after this patch: 0.1s Signed-off-by: Yu Kuai Acked-by: Tejun Heo Link: https://lore.kernel.org/r/20240903135149.271857-3-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit 3bf73e6283ef0bae4e27dad62309e50e3bf7ee88 Author: Yu Kuai Date: Tue Sep 3 21:51:48 2024 +0800 blk-throttle: remove last_low_overflow_time last_low_overflow_time is not used anymore after commit bf20ab538c81 ("blk-throttle: remove CONFIG_BLK_DEV_THROTTLING_LOW"). Signed-off-by: Yu Kuai Acked-by: Tejun Heo Link: https://lore.kernel.org/r/20240903135149.271857-2-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit 84aecf2d251a3359bc78b7c8e58f54b9fc966e89 Author: Jason Gerecke Date: Mon Sep 9 13:32:08 2024 -0700 HID: wacom: Do not warn about dropped packets for first packet The driver currently assumes that the first sequence number it will see is going to be 0. This is not a realiable assumption and can break if, for example, the tablet has already been running for some time prior to the kernel driver connecting to the device. This commit initializes the expected sequence number to -1 and will only print the "Dropped" warning the it has been updated to a non-negative value. Signed-off-by: Jason Gerecke Tested-by: Joshua Dickens Fixes: 6d09085b38e5 ("HID: wacom: Adding Support for new usages") Signed-off-by: Jiri Kosina commit 359673ea3a203611b4f6d0f28922a4b9d2cfbcc8 Author: Jason Gerecke Date: Mon Sep 9 13:32:07 2024 -0700 HID: wacom: Support sequence numbers smaller than 16-bit The current dropped packet reporting assumes that all sequence numbers are 16 bits in length. This results in misleading "Dropped" messages if the hardware uses fewer bits. For example, if a tablet uses only 8 bits to store its sequence number, once it rolls over from 255 -> 0, the driver will still be expecting a packet "256". This patch adjusts the logic to reset the next expected packet to logical_minimum whenever it overflows beyond logical_maximum. Signed-off-by: Jason Gerecke Tested-by: Joshua Dickens Fixes: 6d09085b38e5 ("HID: wacom: Adding Support for new usages") Signed-off-by: Jiri Kosina commit 4f77c3462308c62ffe7129cc18b9ac937f44b5a5 Author: Shivam Chaudhary Date: Tue Sep 10 10:57:37 2024 +0530 Remove duplicate "and" in 'Linux NVMe docs. Remove duplicate occurrence of 'and' in 'Linux NVMe Feature and Quirk Policy' title heading. tested: Not breaking anything. Signed-off-by: Shivam Chaudhary Signed-off-by: Jonathan Corbet Message-ID: <20240910052737.30579-1-cvam0000@gmail.com> commit 2409952f645ec7235660a111f9e5474892efbe42 Author: Dennis Lam Date: Fri Sep 6 15:53:52 2024 -0400 docs:filesystems: fix spelling and grammar mistakes Signed-off-by: Dennis Lam Reviewed-by: Theodore Ts'o Signed-off-by: Jonathan Corbet Message-ID: <20240906195400.39949-1-dennis.lamerice@gmail.com> commit 0cac9253a03f762eda7051e4760a0bf059ee9176 Author: Dennis Lam Date: Sun Sep 8 14:37:42 2024 -0400 docs:filesystem: fix mispelled words on autofs page Signed-off-by: Dennis Lam Signed-off-by: Jonathan Corbet Message-ID: <20240908183741.15352-2-dennis.lamerice@gmail.com> commit bf78b46683229eec3a1074302851645bf43a6986 Author: Dennis Lam Date: Fri Sep 6 16:49:13 2024 -0400 docs:mm: fixed spelling and grammar mistakes on vmalloc kernel stack page Signed-off-by: Dennis Lam Reviewed-by: Randy Dunlap Signed-off-by: Jonathan Corbet Message-ID: <20240906204914.42698-2-dennis.lamerice@gmail.com> commit e6ba83cb81e84d9e2d003c5ed2749ca81843f555 Author: Abdul Rahim Date: Sat Sep 7 02:26:56 2024 +0530 Documentation: PCI: fix typo in pci.rst Fix typo: "follow" -> "following" in pci.rst Signed-off-by: Abdul Rahim Signed-off-by: Jonathan Corbet Message-ID: <20240906205656.8261-1-abdul.rahim@myyahoo.com> commit 58ff04e2e22319e63ea646d9a38890c17836a7f6 Author: Andrii Nakryiko Date: Mon Sep 9 12:04:26 2024 -0700 MAINTAINERS: record lib/buildid.c as owned by BPF subsystem Build ID fetching code originated from ([0]), and is still both owned and heavily relied upon by BPF subsystem. Fix the original omission in [0] to record this fact in MAINTAINERS. [0] bd7525dacd7e ("bpf: Move stack_map_get_build_id into lib") Signed-off-by: Andrii Nakryiko Acked-by: Song Liu Acked-by: Jiri Olsa Link: https://lore.kernel.org/r/20240909190426.2229940-1-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit 5d5f9229ab0143639ec7cd3beea88c8e763cf5a7 Author: Dongliang Mu Date: Sat Sep 7 15:02:08 2024 +0800 docs/zh_CN: add the translation of kbuild/gcc-plugins.rst Finish the translation of kbuild/gcc-plugins.rst and move gcc-plugins from TODO to the main body. Update to commit 3832d1fd84b6 ("docs/core-api: expand Fedora instructions for GCC plugins") Signed-off-by: Dongliang Mu Reviewed-by: Alex Shi Reviewed-by: Yanteng Si Signed-off-by: Jonathan Corbet Message-ID: <20240907070244.206808-1-dzm91@hust.edu.cn> commit c5d436f05a3f45053cfc820ae140899b916c6e00 Author: Andrew Kreimer Date: Sat Sep 7 15:21:39 2024 +0300 docs/process: fix typos Fix typos in documentation. Signed-off-by: Andrew Kreimer Signed-off-by: Jonathan Corbet Message-ID: <20240907122534.15998-1-algonell@gmail.com> commit 406c4c5ee4ea738b454646bc0ee5d7d81413cdad Author: Dennis Lam Date: Sun Sep 8 12:19:28 2024 -0400 docs:mm: fix spelling mistakes in heterogeneous memory management page Signed-off-by: Dennis Lam Reviewed-by: Lorenzo Stoakes Signed-off-by: Jonathan Corbet Message-ID: <20240908161928.3700-1-dennis.lamerice@gmail.com> commit 513ed0c7ccc103c2ff668154854ec410729a3170 Author: Tejun Heo Date: Mon Sep 9 13:40:44 2024 -1000 sched_ext: Don't trigger ops.quiescent/runnable() on migrations A task moving across CPUs should not trigger quiescent/runnable task state events as the task is staying runnable the whole time and just stopping and then starting on different CPUs. Suppress quiescent/runnable task state events if task_on_rq_migrating(). Signed-off-by: Tejun Heo Suggested-by: David Vernet Cc: Daniel Hodges Cc: Changwoo Min Cc: Andrea Righi Cc: Dan Schatzberg Signed-off-by: Tejun Heo commit 750a40d816de1567bd08f1017362f6e54e6549dc Author: Tejun Heo Date: Mon Sep 9 13:29:42 2024 -1000 sched_ext: Synchronize bypass state changes with rq lock While the BPF scheduler is being unloaded, the following warning messages trigger sometimes: NOHZ tick-stop error: local softirq work is pending, handler #80!!! This is caused by the CPU entering idle while there are pending softirqs. The main culprit is the bypassing state assertion not being synchronized with rq operations. As the BPF scheduler cannot be trusted in the disable path, the first step is entering the bypass mode where the BPF scheduler is ignored and scheduling becomes global FIFO. This is implemented by turning scx_ops_bypassing() true. However, the transition isn't synchronized against anything and it's possible for enqueue and dispatch paths to have different ideas on whether bypass mode is on. Make each rq track its own bypass state with SCX_RQ_BYPASSING which is modified while rq is locked. This removes most of the NOHZ tick-stop messages but not completely. I believe the stragglers are from the sched core bug where pick_task_scx() can be called without preceding balance_scx(). Once that bug is fixed, we should verify that all occurrences of this error message are gone too. v2: scx_enabled() test moved inside the for_each_possible_cpu() loop so that the per-cpu states are always synchronized with the global state. Signed-off-by: Tejun Heo Reported-by: David Vernet commit 7c4f73548ed15476daf1101f66648085eda65067 Author: Sebastian Ene Date: Mon Sep 9 12:47:21 2024 +0000 KVM: arm64: Register ptdump with debugfs on guest creation While arch/*/mem/ptdump handles the kernel pagetable dumping code, introduce KVM/ptdump to show the guest stage-2 pagetables. The separation is necessary because most of the definitions from the stage-2 pagetable reside in the KVM path and we will be invoking functionality specific to KVM. Introduce the PTDUMP_STAGE2_DEBUGFS config. When a guest is created, register a new file entry under the guest debugfs dir which allows userspace to show the contents of the guest stage-2 pagetables when accessed. [maz: moved function prototypes from kvm_host.h to kvm_mmu.h] Signed-off-by: Sebastian Ene Reviewed-by: Vincent Donnefort Link: https://lore.kernel.org/r/20240909124721.1672199-6-sebastianene@google.com Signed-off-by: Marc Zyngier commit 79c4c7284f92d5e780c8532c343ca2cacfaf5125 Author: Sebastian Ene Date: Mon Sep 9 12:47:20 2024 +0000 arm64: ptdump: Don't override the level when operating on the stage-2 tables Ptdump uses the init_mm structure directly to dump the kernel pagetables. When ptdump is called on the stage-2 pagetables, this mm argument is not used. Prevent the level from being overwritten by checking the argument against NULL. Signed-off-by: Sebastian Ene Acked-by: Will Deacon Link: https://lore.kernel.org/r/20240909124721.1672199-5-sebastianene@google.com Signed-off-by: Marc Zyngier commit 9182301a7bd2564fb050ade9820333c8b1adfcc2 Author: Sebastian Ene Date: Mon Sep 9 12:47:19 2024 +0000 arm64: ptdump: Use the ptdump description from a local context Rename the attributes description array to allow the parsing method to use the description from a local context. To be able to do this, store a pointer to the description array in the state structure. This will allow for the later introduced callers (stage_2 ptdump) to specify their own page table description format to the ptdump parser. Signed-off-by: Sebastian Ene Acked-by: Will Deacon Link: https://lore.kernel.org/r/20240909124721.1672199-4-sebastianene@google.com Signed-off-by: Marc Zyngier commit 02b2705017d2e5ad32c23067d4b44477ec20b637 Author: Ian Rogers Date: Mon Sep 9 13:37:40 2024 -0700 perf callchain: Allow symbols to be optional when resolving a callchain In uses like 'perf inject' it is not necessary to gather the symbol for each call chain location, the map for the sample IP is wanted so that build IDs and the like can be injected. Make gathering the symbol in the callchain_cursor optional. For a 'perf inject -B' command this lowers the peak RSS from 54.1MB to 29.6MB by avoiding loading symbols. Signed-off-by: Ian Rogers Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anne Macedo Cc: Casey Chen Cc: Colin Ian King Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Cc: Sun Haiyong Link: https://lore.kernel.org/r/20240909203740.143492-5-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 64eed019f3fce1248cd29443c8a8635d317cb70f Author: Ian Rogers Date: Mon Sep 9 13:37:39 2024 -0700 perf inject: Lazy build-id mmap2 event insertion Add -B option that lazily inserts mmap2 events thereby dropping all mmap events without samples. This is similar to the behavior of -b where only build_id events are inserted when a dso is accessed in a sample. File size savings can be significant in system-wide mode, consider: $ perf record -g -a -o perf.data sleep 1 $ perf inject -B -i perf.data -o perf.new.data $ ls -al perf.data perf.new.data 5147049 perf.data 2248493 perf.new.data Give test coverage of the new option in pipe test. Signed-off-by: Ian Rogers Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anne Macedo Cc: Casey Chen Cc: Colin Ian King Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Cc: Sun Haiyong Link: https://lore.kernel.org/r/20240909203740.143492-4-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit d762ba020d29ddb676805a90bf1450921817418f Author: Ian Rogers Date: Mon Sep 9 13:37:38 2024 -0700 perf inject: Add new mmap2-buildid-all option Add an option that allows all mmap or mmap2 events to be rewritten as mmap2 events with build IDs. This is similar to the existing -b/--build-ids and --buildid-all options except instead of adding a build_id event an existing mmap/mmap2 event is used as a template and a new mmap2 event synthesized from it. As mmap2 events are typical this avoids the insertion of build_id events. Add test coverage to the pipe test. Signed-off-by: Ian Rogers Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anne Macedo Cc: Casey Chen Cc: Colin Ian King Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Cc: Sun Haiyong Link: https://lore.kernel.org/r/20240909203740.143492-3-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit ae39ba16554eb4a2d97f752847e93aa428438912 Author: Ian Rogers Date: Mon Sep 9 13:37:37 2024 -0700 perf inject: Fix build ID injection Build ID injection wasn't inserting a sample ID and aligning events to 64 bytes rather than 8. No sample ID means events are unordered and two different build_id events for the same path, as happens when a file is replaced, can't be differentiated. Add in sample ID insertion for the build_id events alongside some refactoring. The refactoring better aligns the function arguments for different use cases, such as synthesizing build_id events without needing to have a dso. The misc bits are explicitly passed as with callchains the maps/dsos may span user and kernel land, so using sample->cpumode isn't good enough. Signed-off-by: Ian Rogers Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anne Macedo Cc: Casey Chen Cc: Colin Ian King Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Cc: Sun Haiyong Link: https://lore.kernel.org/r/20240909203740.143492-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 02648783c2e1ed24cba23477282fa8cbc1525a77 Author: Namhyung Kim Date: Mon Sep 9 14:42:51 2024 -0700 perf annotate-data: Add pr_debug_scope() The pr_debug_scope() is to print more information about the scope DIE during the instruction tracking so that it can help finding relevant debug info and the source code like inlined functions more easily. $ perf --debug type-profile annotate --data-type ... ----------------------------------------------------------- find data type for 0(reg0, reg12) at set_task_cpu+0xdd CU for kernel/sched/core.c (die:0x1268dae) frame base: cfa=1 fbreg=7 scope: [3/3] (die:12b6d28) [inlined] set_task_rq <<<--- (here) bb: [9f - dd] var [9f] reg3 type='struct task_struct*' size=0x8 (die:0x126aff0) var [9f] reg6 type='unsigned int' size=0x4 (die:0x1268e0d) Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240909214251.3033827-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit c8b9358778a82534251dc93ebc4601246d5ae04e Author: Namhyung Kim Date: Mon Sep 9 14:42:50 2024 -0700 perf annotate: Treat 'call' instruction as stack operation I found some portion of mem-store events sampled on CALL instruction which has no memory access. But it actually saves a return address into stack. It should be considered as a stack operation like RET instruction. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240909214251.3033827-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 332f60ac052f5d7bfc646502f377c600986f10c2 Author: James Clark Date: Tue Sep 10 15:04:01 2024 +0100 perf build: Remove unused feature test target llvm-version was removed in commit 56b11a2126bf ("perf bpf: Remove support for embedding clang for compiling BPF events (-e foo.c)") but some parts were left in the Makefile so finish removing them. Signed-off-by: James Clark Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Bill Wendling Cc: Changbin Du Cc: Daniel Wagner Cc: Guilherme Amadio Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Justin Stitt Cc: Kan Liang Cc: Leo Yan Cc: Manu Bretelle Cc: Mark Rutland Cc: Masami Hiramatsu Cc: Namhyung Kim Cc: Nathan Chancellor Cc: Nick Desaulniers Cc: Peter Zijlstra Cc: Quentin Monnet Cc: Steinar H. Gunderson Link: https://lore.kernel.org/r/20240910140405.568791-2-james.clark@linaro.org [ Removed one leftover, 'llvm-version' from FEATURE_TESTS_EXTRA ] Signed-off-by: Arnaldo Carvalho de Melo commit 206dcfca1f5cfac344bd88e5ed4b6a095014b91f Author: James Clark Date: Tue Sep 10 15:04:00 2024 +0100 perf build: Autodetect minimum required llvm-dev version The new LLVM addr2line feature requires a minimum version of 13 to compile. Add a feature check for the version so that NO_LLVM=1 doesn't need to be explicitly added. Leave the existing llvm feature check intact because it's used by tools other than Perf. This fixes the following compilation error when the llvm-dev version doesn't match: util/llvm-c-helpers.cpp: In function 'char* llvm_name_for_code(dso*, const char*, u64)': util/llvm-c-helpers.cpp:178:21: error: 'std::remove_reference_t' {aka 'struct llvm::DILineInfo'} has no member named 'StartAddress' 178 | addr, res_or_err->StartAddress ? *res_or_err->StartAddress : 0); Fixes: c3f8644c21df9b7d ("perf report: Support LLVM for addr2line()") Signed-off-by: James Clark Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Bill Wendling Cc: Changbin Du Cc: Guilherme Amadio Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Justin Stitt Cc: Kan Liang Cc: Leo Yan Cc: Manu Bretelle Cc: Mark Rutland Cc: Masami Hiramatsu Cc: Namhyung Kim Cc: Nathan Chancellor Cc: Nick Desaulniers Cc: Peter Zijlstra Cc: Quentin Monnet Cc: Steinar H. Gunderson Link: https://lore.kernel.org/r/20240910140405.568791-1-james.clark@linaro.org Signed-off-by: Arnaldo Carvalho de Melo commit 375f9262ac81f56f41dab41f089f0e43b2792ae6 Author: Arnaldo Carvalho de Melo Date: Tue Sep 10 10:52:27 2024 -0300 perf trace: Mark the rlim arg in the prlimit64 and setrlimit syscalls as coming from user space With that it uses the generic BTF based pretty printer: root@number:~# perf trace -e prlimit64 0.000 ( 0.004 ms): :3417020/3417020 prlimit64(resource: NOFILE, old_rlim: 0x7fb8842fe3b0) = 0 0.126 ( 0.003 ms): Chroot Helper/3417022 prlimit64(resource: NOFILE, old_rlim: 0x7fb8842fdfd0) = 0 12.557 ( 0.005 ms): firefox/3417020 prlimit64(resource: STACK, old_rlim: 0x7ffe9ade1b80) = 0 26.640 ( 0.006 ms): MainThread/3417020 prlimit64(resource: STACK, old_rlim: 0x7ffe9ade1780) = 0 27.553 ( 0.002 ms): Web Content/3417020 prlimit64(resource: AS, old_rlim: 0x7ffe9ade1660) = 0 29.405 ( 0.003 ms): Web Content/3417020 prlimit64(resource: NOFILE, old_rlim: 0x7ffe9ade0c80) = 0 30.471 ( 0.002 ms): Web Content/3417020 prlimit64(resource: RTTIME, old_rlim: 0x7ffe9ade1370) = 0 30.485 ( 0.001 ms): Web Content/3417020 prlimit64(resource: RTTIME, new_rlim: (struct rlimit64){.rlim_cur = (__u64)50000,.rlim_max = (__u64)200000,}) = 0 31.779 ( 0.001 ms): Web Content/3417020 prlimit64(resource: STACK, old_rlim: 0x7ffe9ade1670) = 0 ^Croot@number:~# Better than before, still needs improvements in the configurability of the libbpf BTF dumper to get it to the strace output standard. Cc: Adrian Hunter Cc: Alan Maguire Cc: Howard Chu Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/ZuBQI-f8CGpuhIdH@x1 Signed-off-by: Arnaldo Carvalho de Melo commit acc3d3a8176651a839056c7da4b925ea0bcc38c2 Author: Sebastian Ene Date: Mon Sep 9 12:47:18 2024 +0000 arm64: ptdump: Expose the attribute parsing functionality Reuse the descriptor parsing functionality to keep the same output format as the original ptdump code. In order for this to happen, move the state tracking objects into a common header. [maz: Fixed note_page() stub as suggested by Will] Signed-off-by: Sebastian Ene Acked-by: Will Deacon Link: https://lore.kernel.org/r/20240909124721.1672199-3-sebastianene@google.com Signed-off-by: Marc Zyngier commit f3f16112c65f5923f41d9d7222fe7e4f34bf73ad Author: Arnaldo Carvalho de Melo Date: Tue Sep 10 10:17:21 2024 -0300 perf trace: Support collecting 'union's with the BPF augmenter And reuse the BTF based struct pretty printer, with that we can offer initial support for the 'bpf' syscall's second argument, a 'union bpf_attr' pointer. But this is not that satisfactory as the libbpf btf dumper will pretty print _all_ the union, we need to have a way to say that the first arg selects the type for the union member to be pretty printed, something like what pahole does translating the PERF_RECORD_ selector into a name, and using that name to find a matching struct. In the case of 'union bpf_attr' it would map PROG_LOAD to one of the union members, but unfortunately there is no such mapping: root@number:~# pahole bpf_attr union bpf_attr { struct { __u32 map_type; /* 0 4 */ __u32 key_size; /* 4 4 */ __u32 value_size; /* 8 4 */ __u32 max_entries; /* 12 4 */ __u32 map_flags; /* 16 4 */ __u32 inner_map_fd; /* 20 4 */ __u32 numa_node; /* 24 4 */ char map_name[16]; /* 28 16 */ __u32 map_ifindex; /* 44 4 */ __u32 btf_fd; /* 48 4 */ __u32 btf_key_type_id; /* 52 4 */ __u32 btf_value_type_id; /* 56 4 */ __u32 btf_vmlinux_value_type_id; /* 60 4 */ /* --- cacheline 1 boundary (64 bytes) --- */ __u64 map_extra; /* 64 8 */ __s32 value_type_btf_obj_fd; /* 72 4 */ __s32 map_token_fd; /* 76 4 */ }; /* 0 80 */ struct { __u32 map_fd; /* 0 4 */ /* XXX 4 bytes hole, try to pack */ __u64 key; /* 8 8 */ union { __u64 value; /* 16 8 */ __u64 next_key; /* 16 8 */ }; /* 16 8 */ __u64 flags; /* 24 8 */ }; /* 0 32 */ struct { __u64 in_batch; /* 0 8 */ __u64 out_batch; /* 8 8 */ __u64 keys; /* 16 8 */ __u64 values; /* 24 8 */ __u32 count; /* 32 4 */ __u32 map_fd; /* 36 4 */ __u64 elem_flags; /* 40 8 */ __u64 flags; /* 48 8 */ } batch; /* 0 56 */ struct { __u32 prog_type; /* 0 4 */ __u32 insn_cnt; /* 4 4 */ __u64 insns; /* 8 8 */ __u64 license; /* 16 8 */ __u32 log_level; /* 24 4 */ __u32 log_size; /* 28 4 */ __u64 log_buf; /* 32 8 */ __u32 kern_version; /* 40 4 */ __u32 prog_flags; /* 44 4 */ char prog_name[16]; /* 48 16 */ /* --- cacheline 1 boundary (64 bytes) --- */ __u32 prog_ifindex; /* 64 4 */ __u32 expected_attach_type; /* 68 4 */ __u32 prog_btf_fd; /* 72 4 */ __u32 func_info_rec_size; /* 76 4 */ __u64 func_info; /* 80 8 */ __u32 func_info_cnt; /* 88 4 */ __u32 line_info_rec_size; /* 92 4 */ __u64 line_info; /* 96 8 */ __u32 line_info_cnt; /* 104 4 */ __u32 attach_btf_id; /* 108 4 */ union { __u32 attach_prog_fd; /* 112 4 */ __u32 attach_btf_obj_fd; /* 112 4 */ }; /* 112 4 */ __u32 core_relo_cnt; /* 116 4 */ __u64 fd_array; /* 120 8 */ /* --- cacheline 2 boundary (128 bytes) --- */ __u64 core_relos; /* 128 8 */ __u32 core_relo_rec_size; /* 136 4 */ __u32 log_true_size; /* 140 4 */ __s32 prog_token_fd; /* 144 4 */ }; /* 0 152 */ struct { __u64 pathname; /* 0 8 */ __u32 bpf_fd; /* 8 4 */ __u32 file_flags; /* 12 4 */ __s32 path_fd; /* 16 4 */ }; /* 0 24 */ struct { union { __u32 target_fd; /* 0 4 */ __u32 target_ifindex; /* 0 4 */ }; /* 0 4 */ __u32 attach_bpf_fd; /* 4 4 */ __u32 attach_type; /* 8 4 */ __u32 attach_flags; /* 12 4 */ __u32 replace_bpf_fd; /* 16 4 */ union { __u32 relative_fd; /* 20 4 */ __u32 relative_id; /* 20 4 */ }; /* 20 4 */ __u64 expected_revision; /* 24 8 */ }; /* 0 32 */ struct { __u32 prog_fd; /* 0 4 */ __u32 retval; /* 4 4 */ __u32 data_size_in; /* 8 4 */ __u32 data_size_out; /* 12 4 */ __u64 data_in; /* 16 8 */ __u64 data_out; /* 24 8 */ __u32 repeat; /* 32 4 */ __u32 duration; /* 36 4 */ __u32 ctx_size_in; /* 40 4 */ __u32 ctx_size_out; /* 44 4 */ __u64 ctx_in; /* 48 8 */ __u64 ctx_out; /* 56 8 */ /* --- cacheline 1 boundary (64 bytes) --- */ __u32 flags; /* 64 4 */ __u32 cpu; /* 68 4 */ __u32 batch_size; /* 72 4 */ } test; /* 0 80 */ struct { union { __u32 start_id; /* 0 4 */ __u32 prog_id; /* 0 4 */ __u32 map_id; /* 0 4 */ __u32 btf_id; /* 0 4 */ __u32 link_id; /* 0 4 */ }; /* 0 4 */ __u32 next_id; /* 4 4 */ __u32 open_flags; /* 8 4 */ }; /* 0 12 */ struct { __u32 bpf_fd; /* 0 4 */ __u32 info_len; /* 4 4 */ __u64 info; /* 8 8 */ } info; /* 0 16 */ struct { union { __u32 target_fd; /* 0 4 */ __u32 target_ifindex; /* 0 4 */ }; /* 0 4 */ __u32 attach_type; /* 4 4 */ __u32 query_flags; /* 8 4 */ __u32 attach_flags; /* 12 4 */ __u64 prog_ids; /* 16 8 */ union { __u32 prog_cnt; /* 24 4 */ __u32 count; /* 24 4 */ }; /* 24 4 */ /* XXX 4 bytes hole, try to pack */ __u64 prog_attach_flags; /* 32 8 */ __u64 link_ids; /* 40 8 */ __u64 link_attach_flags; /* 48 8 */ __u64 revision; /* 56 8 */ } query; /* 0 64 */ struct { __u64 name; /* 0 8 */ __u32 prog_fd; /* 8 4 */ /* XXX 4 bytes hole, try to pack */ __u64 cookie; /* 16 8 */ } raw_tracepoint; /* 0 24 */ struct { __u64 btf; /* 0 8 */ __u64 btf_log_buf; /* 8 8 */ __u32 btf_size; /* 16 4 */ __u32 btf_log_size; /* 20 4 */ __u32 btf_log_level; /* 24 4 */ __u32 btf_log_true_size; /* 28 4 */ __u32 btf_flags; /* 32 4 */ __s32 btf_token_fd; /* 36 4 */ }; /* 0 40 */ struct { __u32 pid; /* 0 4 */ __u32 fd; /* 4 4 */ __u32 flags; /* 8 4 */ __u32 buf_len; /* 12 4 */ __u64 buf; /* 16 8 */ __u32 prog_id; /* 24 4 */ __u32 fd_type; /* 28 4 */ __u64 probe_offset; /* 32 8 */ __u64 probe_addr; /* 40 8 */ } task_fd_query; /* 0 48 */ struct { union { __u32 prog_fd; /* 0 4 */ __u32 map_fd; /* 0 4 */ }; /* 0 4 */ union { __u32 target_fd; /* 4 4 */ __u32 target_ifindex; /* 4 4 */ }; /* 4 4 */ __u32 attach_type; /* 8 4 */ __u32 flags; /* 12 4 */ union { __u32 target_btf_id; /* 16 4 */ struct { __u64 iter_info; /* 16 8 */ __u32 iter_info_len; /* 24 4 */ }; /* 16 16 */ struct { __u64 bpf_cookie; /* 16 8 */ } perf_event; /* 16 8 */ struct { __u32 flags; /* 16 4 */ __u32 cnt; /* 20 4 */ __u64 syms; /* 24 8 */ __u64 addrs; /* 32 8 */ __u64 cookies; /* 40 8 */ } kprobe_multi; /* 16 32 */ struct { __u32 target_btf_id; /* 16 4 */ /* XXX 4 bytes hole, try to pack */ __u64 cookie; /* 24 8 */ } tracing; /* 16 16 */ struct { __u32 pf; /* 16 4 */ __u32 hooknum; /* 20 4 */ __s32 priority; /* 24 4 */ __u32 flags; /* 28 4 */ } netfilter; /* 16 16 */ struct { union { __u32 relative_fd; /* 16 4 */ __u32 relative_id; /* 16 4 */ }; /* 16 4 */ /* XXX 4 bytes hole, try to pack */ __u64 expected_revision; /* 24 8 */ } tcx; /* 16 16 */ struct { __u64 path; /* 16 8 */ __u64 offsets; /* 24 8 */ __u64 ref_ctr_offsets; /* 32 8 */ __u64 cookies; /* 40 8 */ __u32 cnt; /* 48 4 */ __u32 flags; /* 52 4 */ __u32 pid; /* 56 4 */ } uprobe_multi; /* 16 48 */ struct { union { __u32 relative_fd; /* 16 4 */ __u32 relative_id; /* 16 4 */ }; /* 16 4 */ /* XXX 4 bytes hole, try to pack */ __u64 expected_revision; /* 24 8 */ } netkit; /* 16 16 */ }; /* 16 48 */ } link_create; /* 0 64 */ struct { __u32 link_fd; /* 0 4 */ union { __u32 new_prog_fd; /* 4 4 */ __u32 new_map_fd; /* 4 4 */ }; /* 4 4 */ __u32 flags; /* 8 4 */ union { __u32 old_prog_fd; /* 12 4 */ __u32 old_map_fd; /* 12 4 */ }; /* 12 4 */ } link_update; /* 0 16 */ struct { __u32 link_fd; /* 0 4 */ } link_detach; /* 0 4 */ struct { __u32 type; /* 0 4 */ } enable_stats; /* 0 4 */ struct { __u32 link_fd; /* 0 4 */ __u32 flags; /* 4 4 */ } iter_create; /* 0 8 */ struct { __u32 prog_fd; /* 0 4 */ __u32 map_fd; /* 4 4 */ __u32 flags; /* 8 4 */ } prog_bind_map; /* 0 12 */ struct { __u32 flags; /* 0 4 */ __u32 bpffs_fd; /* 4 4 */ } token_create; /* 0 8 */ }; root@number:~# So this is one case where BTF gets us only that far, not getting all the way to automate the pretty printing of unions designed like 'union bpf_attr', we will need a custom pretty printer for this union, as using the libbpf union BTF dumper is way too verbose: root@number:~# perf trace --max-events 1 -e bpf bpftool map 0.000 ( 0.054 ms): bpftool/3409073 bpf(cmd: PROG_LOAD, uattr: (union bpf_attr){(struct){.map_type = (__u32)1,.key_size = (__u32)2,.value_size = (__u32)2755142048,.max_entries = (__u32)32764,.map_flags = (__u32)150263906,.inner_map_fd = (__u32)21920,},(struct){.map_fd = (__u32)1,.key = (__u64)140723063628192,(union){.value = (__u64)94145833392226,.next_key = (__u64)94145833392226,},},.batch = (struct){.in_batch = (__u64)8589934593,.out_batch = (__u64)140723063628192,.keys = (__u64)94145833392226,},(struct){.prog_type = (__u32)1,.insn_cnt = (__u32)2,.insns = (__u64)140723063628192,.license = (__u64)94145833392226,},(struct){.pathname = (__u64)8589934593,.bpf_fd = (__u32)2755142048,.file_flags = (__u32)32764,.path_fd = (__s32)150263906,},(struct){(union){.target_fd = (__u32)1,.target_ifindex = (__u32)1,},.attach_bpf_fd = (__u32)2,.attach_type = (__u32)2755142048,.attach_flags = (__u32)32764,.replace_bpf_fd = (__u32)150263906,(union){.relative_fd = (__u32)21920,.relative_id = (__u32)21920,},},.test = (struct){.prog_fd = (__u32)1,.retval = (__u32)2,.data_size_in = (__u32)2755142048,.data_size_out = (__u32)32764,.data_in = (__u64)94145833392226,},(struct){(union){.start_id = (__u32)1,.prog_id = (__u32)1,.map_id = (__u32)1,.btf_id = (__u32)1,.link_id = (__u32)1,},.next_id = (__u32)2,.open_flags = (__u32)2755142048,},.info = (struct){.bpf_fd = (__u32)1,.info_len = (__u32)2,.info = (__u64)140723063628192,},.query = (struct){(union){.target_fd = (__u32)1,.target_ifindex = (__u32)1,},.attach_type = (__u32)2,.query_flags = (__u32)2755142048,.attach_flags = (__u32)32764,.prog_ids = (__u64)94145833392226,},.raw_tracepoint = (struct){.name = (__u64)8589934593,.prog_fd = (__u32)2755142048,.cookie = (__u64)94145833392226,},(struct){.btf = (__u64)8589934593,.btf_log_buf = (__u64)140723063628192,.btf_size = (__u32)150263906,.btf_log_size = (__u32)21920,},.task_fd_query = (struct){.pid = (__u32)1,.fd = (__u32)2,.flags = (__u32)2755142048,.buf_len = (__u32)32764,.buf = (__u64)94145833392226,},.link_create = (struct){(union){.prog_fd = (__u32)1,.map_fd = (__u32)1,},(u) = 3 root@number:~# 2: prog_array name hid_jmp_table flags 0x0 key 4B value 4B max_entries 1024 memlock 8440B owner_prog_type tracing owner jited 13: hash_of_maps name cgroup_hash flags 0x0 key 8B value 4B max_entries 2048 memlock 167584B pids systemd(1) 960: array name libbpf_global flags 0x0 key 4B value 32B max_entries 1 memlock 280B 961: array name pid_iter.rodata flags 0x480 key 4B value 4B max_entries 1 memlock 8192B btf_id 1846 frozen pids bpftool(3409073) 962: array name libbpf_det_bind flags 0x0 key 4B value 32B max_entries 1 memlock 280B root@number:~# For simpler unions this may be better than not seeing any payload, so keep it there. Acked-by: Howard Chu Cc: Adrian Hunter Cc: Alan Maguire Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/ZuBLat8cbadILNLA@x1 [ Removed needless parenteses in the if block leading to the trace__btf_scnprintf() call, as per Howard's review comments ] Signed-off-by: Arnaldo Carvalho de Melo commit f26a525b77e040d584e967369af1e018d2d59112 Author: Snehal Koukuntla Date: Mon Sep 9 18:01:54 2024 +0000 KVM: arm64: Add memory length checks and remove inline in do_ffa_mem_xfer When we share memory through FF-A and the description of the buffers exceeds the size of the mapped buffer, the fragmentation API is used. The fragmentation API allows specifying chunks of descriptors in subsequent FF-A fragment calls and no upper limit has been established for this. The entire memory region transferred is identified by a handle which can be used to reclaim the transferred memory. To be able to reclaim the memory, the description of the buffers has to fit in the ffa_desc_buf. Add a bounds check on the FF-A sharing path to prevent the memory reclaim from failing. Also do_ffa_mem_xfer() does not need __always_inline, except for the BUILD_BUG_ON() aspect, which gets moved to a macro. [maz: fixed the BUILD_BUG_ON() breakage with LLVM, thanks to Wei-Lin Chang for the timely report] Fixes: 634d90cf0ac65 ("KVM: arm64: Handle FFA_MEM_LEND calls from the host") Cc: stable@vger.kernel.org Reviewed-by: Sebastian Ene Signed-off-by: Snehal Koukuntla Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240909180154.3267939-1-snehalreddy@google.com Signed-off-by: Marc Zyngier commit af000ce85293b8e608f696f0c6c280bc3a75887f Author: Michal Koutný Date: Mon Sep 9 18:32:23 2024 +0200 cgroup: Do not report unavailable v1 controllers in /proc/cgroups This is a followup to CONFIG-urability of cpuset and memory controllers for v1 hierarchies. Make the output in /proc/cgroups reflect that !CONFIG_CPUSETS_V1 is like !CONFIG_CPUSETS and !CONFIG_MEMCG_V1 is like !CONFIG_MEMCG. The intended effect is that hiding the unavailable controllers will hint users not to try mounting them on v1. Signed-off-by: Michal Koutný Reviewed-by: Waiman Long Signed-off-by: Tejun Heo commit 3c41382e920f1dd5c9f432948fe799c07af1cced Author: Michal Koutný Date: Mon Sep 9 18:32:22 2024 +0200 cgroup: Disallow mounting v1 hierarchies without controller implementation The configs that disable some v1 controllers would still allow mounting them but with no controller-specific files. (Making such hierarchies equivalent to named v1 hierarchies.) To achieve behavior consistent with actual out-compilation of a whole controller, the mounts should treat respective controllers as non-existent. Wrap implementation into a helper function, leverage legacy_files to detect compiled out controllers. The effect is that mounts on v1 would fail and produce a message like: [ 1543.999081] cgroup: Unknown subsys name 'memory' Signed-off-by: Michal Koutný Signed-off-by: Tejun Heo commit 659f90f863a628c007c49aff97b30cb5908a0480 Author: Michal Koutný Date: Mon Sep 9 18:32:21 2024 +0200 cgroup/cpuset: Expose cpuset filesystem with cpuset v1 only The cpuset filesystem is a legacy interface to cpuset controller with (pre-)v1 features. It makes little sense to co-mount it on systems without cpuset v1, so do not build it when cpuset v1 is not built neither. Signed-off-by: Michal Koutný Reviewed-by: Waiman Long Signed-off-by: Tejun Heo commit a5e61b50c9f44c5edb6e134ede6fee8806ffafa9 Author: Mikhail Lobanov Date: Mon Sep 9 09:37:36 2024 -0400 drbd: Add NULL check for net_conf to prevent dereference in state validation If the net_conf pointer is NULL and the code attempts to access its fields without a check, it will lead to a null pointer dereference. Add a NULL check before dereferencing the pointer. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 44ed167da748 ("drbd: rcu_read_lock() and rcu_dereference() for tconn->net_conf") Cc: stable@vger.kernel.org Signed-off-by: Mikhail Lobanov Link: https://lore.kernel.org/r/20240909133740.84297-1-m.lobanov@rosalinux.ru Signed-off-by: Jens Axboe commit f04e2ad394e2755d0bb2d858ecb5598718bf00d5 Author: Kuan-Wei Chiu Date: Tue Sep 10 23:02:07 2024 +0800 bpftool: Fix undefined behavior in qsort(NULL, 0, ...) When netfilter has no entry to display, qsort is called with qsort(NULL, 0, ...). This results in undefined behavior, as UBSan reports: net.c:827:2: runtime error: null pointer passed as argument 1, which is declared to never be null Although the C standard does not explicitly state whether calling qsort with a NULL pointer when the size is 0 constitutes undefined behavior, Section 7.1.4 of the C standard (Use of library functions) mentions: "Each of the following statements applies unless explicitly stated otherwise in the detailed descriptions that follow: If an argument to a function has an invalid value (such as a value outside the domain of the function, or a pointer outside the address space of the program, or a null pointer, or a pointer to non-modifiable storage when the corresponding parameter is not const-qualified) or a type (after promotion) not expected by a function with variable number of arguments, the behavior is undefined." To avoid this, add an early return when nf_link_info is NULL to prevent calling qsort with a NULL pointer. Signed-off-by: Kuan-Wei Chiu Signed-off-by: Andrii Nakryiko Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20240910150207.3179306-1-visitorckw@gmail.com commit 8c8b4759740359a6f2e7ffdf6531dea871130c63 Author: Jiri Olsa Date: Tue Sep 10 14:53:36 2024 +0200 libbpf: Fix uretprobe.multi.s programs auto attachment As reported by Andrii we don't currently recognize uretprobe.multi.s programs as return probes due to using (wrong) strcmp function. Using str_has_pfx() instead to match uretprobe.multi prefix. Tests are passing, because the return program was executed as entry program and all counts were incremented properly. Reported-by: Andrii Nakryiko Signed-off-by: Jiri Olsa Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240910125336.3056271-1-jolsa@kernel.org commit a98cfe6ff15b62f94a44d565607a16771c847bc6 Author: Werner Sembach Date: Tue Sep 10 11:40:06 2024 +0200 ACPI: resource: Add another DMI match for the TongFang GMxXGxx Internal documentation suggest that the TUXEDO Polaris 15 Gen5 AMD might have GMxXGxX as the board name instead of GMxXGxx. Adding both to be on the safe side. Signed-off-by: Werner Sembach Cc: All applicable Link: https://patch.msgid.link/20240910094008.1601230-1-wse@tuxedocomputers.com Signed-off-by: Rafael J. Wysocki commit aaf21ac93909e08a12931173336bdb52ac8499f1 Author: Mario Limonciello Date: Mon Sep 9 22:15:24 2024 -0500 ACPI: CPPC: Add support for setting EPP register in FFH Some Asus AMD systems are reported to not be able to change EPP values because the BIOS doesn't advertise support for the CPPC MSR and the PCC region is not configured. However the ACPI 6.2 specification allows CPC registers to be declared in FFH: ``` Starting with ACPI Specification 6.2, all _CPC registers can be in PCC, System Memory, System IO, or Functional Fixed Hardware address spaces. OSPM support for this more flexible register space scheme is indicated by the “Flexible Address Space for CPPC Registers” _OSC bit. ``` If this _OSC has been set allow using FFH to configure EPP. Reported-by: al0uette@outlook.com Closes: https://bugzilla.kernel.org/show_bug.cgi?id=218686 Suggested-by: al0uette@outlook.com Tested-by: vderp@icloud.com Tested-by: al0uette@outlook.com Signed-off-by: Mario Limonciello Link: https://patch.msgid.link/20240910031524.106387-1-superm1@kernel.org Signed-off-by: Rafael J. Wysocki commit 6924e9b2ac60817335a27f126274d8e88d5d818f Author: Luke D. Jones Date: Sun Sep 8 17:36:07 2024 +1200 ACPI: PM: Quirk ASUS ROG M16 to default to S3 sleep The 2023 ASUS ROG Zephyrus M16 can suffer from quite a variety of events causing wakeup from s2idle sleep. The events may come from the EC being noisey, from the MMC reader, from the AniMe matrix display on some models or from AC events. Defaulting to S3 sleep prevents all these wakeup issues. Signed-off-by: Luke D. Jones Link: https://patch.msgid.link/20240908053607.4213-1-luke@ljones.dev Signed-off-by: Rafael J. Wysocki commit eb7b0f12e13ba99e64e3a690c2166895ed63b437 Author: Hans de Goede Date: Sat Sep 7 14:44:19 2024 +0200 ACPI: video: Add force_vendor quirk for Panasonic Toughbook CF-18 The Panasonic Toughbook CF-18 advertises both native and vendor backlight control interfaces. But only the vendor one actually works. acpi_video_get_backlight_type() will pick the non working native backlight by default, add a quirk to select the working vendor backlight instead. Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20240907124419.21195-1-hdegoede@redhat.com Signed-off-by: Rafael J. Wysocki commit c3565a35d97102fbea69e324086d5e33ee2ab34e Author: Andy Shevchenko Date: Thu Sep 5 21:48:48 2024 +0300 PM: hibernate: Remove unused stub for saveable_highmem_page() When saveable_highmem_page() is unused, it prevents kernel builds with clang, `make W=1` and CONFIG_WERROR=y: kernel/power/snapshot.c:1369:21: error: unused function 'saveable_highmem_page' [-Werror,-Wunused-function] 1369 | static inline void *saveable_highmem_page(struct zone *z, unsigned long p) | ^~~~~~~~~~~~~~~~~~~~~ Fix this by removing unused stub. See also commit 6863f5643dd7 ("kbuild: allow Clang to find unused static inline functions for W=1 build"). Signed-off-by: Andy Shevchenko Link: https://patch.msgid.link/20240905184848.318978-1-andriy.shevchenko@linux.intel.com Signed-off-by: Rafael J. Wysocki commit ffa1f26d3ddf6416119f0354bd9ab340dbdb163e Merge: 6482439d3d19ff 80e67f1802d0fc Author: Rafael J. Wysocki Date: Tue Sep 10 19:59:16 2024 +0200 Merge tag 'linux-cpupower-6.12-rc1-2' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/shuah/linux Merge the second round of cpupower utility updates for 6.12-rc1 from Shuah Khan: "This cpupower second update for Linux 6.12-rc1 consists of a fix and a new feature. -- adds missing powercap_set_enabled() stub function -- adds SWIG bindings files for libcpupower SWIG is a tool packaged in Fedora and other distros that can generate bindings from C and C++ code for several languages including Python, Perl, and Go. These bindings allows users to easily write scripts that use and extend libcpupower's functionality. Currently, only Python is provided in the makefile, but additional languages may be added if there is demand. Note that while SWIG itself is GPL v3+ licensed; the resulting output, the bindings code, is permissively licensed + the license of the .o files. Please see the following for more details. - https://swig.org/legal.html. - https://lore.kernel.org/linux-pm/Zqv9BOjxLAgyNP5B@hatbackup" * tag 'linux-cpupower-6.12-rc1-2' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/shuah/linux: pm:cpupower: Add error warning when SWIG is not installed MAINTAINERS: Add Maintainers for SWIG Python bindings pm:cpupower: Include test_raw_pylibcpupower.py pm:cpupower: Add SWIG bindings files for libcpupower pm:cpupower: Add missing powercap_set_enabled() stub function commit 4c3140fea6277e1478ba206e8f45b9cf7a128cb9 Author: Al Viro Date: Mon Jun 3 21:49:16 2024 -0400 drm/amdgpu: get rid of bogus includes of fdtable.h Signed-off-by: Al Viro Signed-off-by: Alex Deucher commit a4500b82bc85f7a15cff0729315c96015849e9e8 Author: Al Viro Date: Mon Jun 3 21:43:53 2024 -0400 drm/amdkfd: CRIU fixes Instead of trying to use close_fd() on failure exits, just have criu_get_prime_handle() store the file reference without inserting it into descriptor table. Then, once the callers are past the last failure exit, they can go and either insert all those file references into the corresponding slots of descriptor table, or drop all those file references and free the unused descriptors. Reviewed-by: Felix Kuehling Signed-off-by: Al Viro Signed-off-by: Alex Deucher commit 6c6ca71bc1653d00623702ae031d0f9bde06a6fc Author: Al Viro Date: Mon Jun 3 21:37:49 2024 -0400 drm/amdgpu: fix a race in kfd_mem_export_dmabuf() Using drm_gem_prime_handle_to_fd() to set dmabuf up and insert it into descriptor table, only to have it looked up by file descriptor and remove it from descriptor table is not just too convoluted - it's racy; another thread might have modified the descriptor table while we'd been going through that song and dance. Switch kfd_mem_export_dmabuf() to using drm_gem_prime_handle_to_dmabuf() and leave the descriptor table alone... Reviewed-by: Felix Kuehling Signed-off-by: Al Viro Signed-off-by: Alex Deucher commit b2d4da31a1f40b05a61076efd4c79b88439003b7 Author: Al Viro Date: Fri Aug 2 09:56:28 2024 -0400 drm: new helper: drm_gem_prime_handle_to_dmabuf() Once something had been put into descriptor table, the only thing you can do with it is returning descriptor to userland - you can't withdraw it on subsequent failure exit, etc. You certainly can't count upon it staying in the same slot of descriptor table - another thread could've played with close(2)/dup2(2)/whatnot. drm_gem_prime_handle_to_fd() creates a dmabuf, allocates a descriptor and attaches dmabuf's file to it (the last two steps are done in dma_buf_fd()). That's nice when all you are going to do is passing a descriptor to userland. If you just need to work with the resulting object or have something else to be done that might fail, drm_gem_prime_handle_to_fd() is racy. The problem is analogous to one with anon_inode_getfd(), and solution is similar to what anon_inode_getfile() provides. Add drm_gem_prime_handle_to_dmabuf() - the "set dmabuf up" parts of drm_gem_prime_handle_to_fd() without the descriptor-related ones. Instead of inserting into descriptor table and returning the file descriptor it just returns the struct file. drm_gem_prime_handle_to_fd() becomes a wrapper for it. Other users will be introduced in the next commit. Acked-by: Thomas Zimmermann Signed-off-by: Al Viro Signed-off-by: Alex Deucher commit 81f7804ba84ee617ed594de934ed87bcc4f83531 Author: Alex Deucher Date: Fri Sep 6 10:42:45 2024 -0400 drm/amdgpu/atomfirmware: Silence UBSAN warning Per the comments, these are variable sized arrays. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3613 Reviewed-by: Harry Wentland Signed-off-by: Alex Deucher commit b8faa981a7e62848ca4ba1c77282dfdc71d0edf5 Author: Srinivasan Shanmugam Date: Wed Sep 4 13:01:13 2024 +0530 drm/amdgpu: Fix kdoc entry in 'amdgpu_vm_cpu_prepare' This commit updates described non-existent parameters 'resv' and 'sync_mode', and failed to describe the existing 'sync' parameter. Fixes the below with gcc W=1: drivers/gpu/drm/amd/amdgpu/amdgpu_vm_cpu.c:50: warning: Function parameter or struct member 'sync' not described in 'amdgpu_vm_cpu_prepare' drivers/gpu/drm/amd/amdgpu/amdgpu_vm_cpu.c:50: warning: Excess function parameter 'resv' description in 'amdgpu_vm_cpu_prepare' drivers/gpu/drm/amd/amdgpu/amdgpu_vm_cpu.c:50: warning: Excess function parameter 'sync_mode' description in 'amdgpu_vm_cpu_prepare' Cc: Christian König Cc: Alex Deucher Signed-off-by: Srinivasan Shanmugam Reviewed-by: Christian König Signed-off-by: Alex Deucher commit 3d5adbdf1d01708777f2eda375227cbf7a98b9fe Author: David (Ming Qiang) Wu Date: Thu Sep 5 16:57:28 2024 -0400 drm/amd/amdgpu: apply command submission parser for JPEG v1 Similar to jpeg_v2_dec_ring_parse_cs() but it has different register ranges and a few other registers access. Acked-by: Alex Deucher Signed-off-by: David (Ming Qiang) Wu Signed-off-by: Alex Deucher commit 88dcad2d07c8d82e6a097c8e74239eb67333bcf7 Author: David (Ming Qiang) Wu Date: Fri Aug 16 11:43:05 2024 -0400 drm/amd/amdgpu: apply command submission parser for JPEG v2+ This patch extends the same cs parser from JPEG v4.0.3 to other JPEG versions (v2 and above). Rename to more common name as jpeg_v2_dec_ring_parse_cs() from jpeg_v4_0_3_dec_ring_parse_cs(). Acked-by: Alex Deucher Signed-off-by: David (Ming Qiang) Wu Signed-off-by: Alex Deucher commit fedf6db3ea9dc5eda0b78cfbbb8f7a88b97e5b24 Author: Kenneth Feng Date: Fri Sep 6 20:46:54 2024 +0800 drm/amd/pm: fix the pp_dpm_pcie issue on smu v14.0.2/3 fix the pp_dpm_pcie issue on smu v14.0.2/3 as below: 0: 2.5GT/s, x4 250Mhz 1: 8.0GT/s, x4 616Mhz * 2: 8.0GT/s, x4 1143Mhz * the middle level can be removed since it is always skipped on smu v14.0.2/3 Signed-off-by: Kenneth Feng Acked-by: Alex Deucher Signed-off-by: Alex Deucher commit 25d48f2eb0af1f0e6f09f54a1a1716f48c0722c9 Author: Kenneth Feng Date: Thu Sep 5 15:38:18 2024 +0800 drm/amd/pm: update the features set on smu v14.0.2/3 update the features set on smu v14.0.2/3 Signed-off-by: Kenneth Feng Reviewed-by: Yang Wang Signed-off-by: Alex Deucher commit aa47fe8d3595365a935921a90d00bc33ee374728 Author: Jesse Zhang Date: Fri Sep 6 11:29:55 2024 +0800 drm/amdkfd: Fix resource leak in criu restore queue To avoid memory leaks, release q_extra_data when exiting the restore queue. v2: Correct the proto (Alex) Signed-off-by: Jesse Zhang Reviewed-by: Tim Huang Signed-off-by: Alex Deucher commit 4440337af4d415c8abf8b9b0e10c79b7518e6e3c Author: Amit Shah Date: Wed Aug 7 14:35:31 2024 +0200 KVM: SVM: let alternatives handle the cases when RSB filling is required Remove superfluous RSB filling after a VMEXIT when the CPU already has flushed the RSB after a VMEXIT when AutoIBRS is enabled. The initial implementation for adding RETPOLINES added an ALTERNATIVES implementation for filling the RSB after a VMEXIT in commit 117cc7a908c8 ("x86/retpoline: Fill return stack buffer on vmexit"). Later, X86_FEATURE_RSB_VMEXIT was added in commit 9756bba28470 ("x86/speculation: Fill RSB on vmexit for IBRS") to handle stuffing the RSB if RETPOLINE=y *or* KERNEL_IBRS=y, i.e. to also stuff the RSB if the kernel is configured to do IBRS mitigations on entry/exit. The AutoIBRS (on AMD) feature implementation added in commit e7862eda309e ("x86/cpu: Support AMD Automatic IBRS") used the already-implemented logic for EIBRS in spectre_v2_determine_rsb_fill_type_on_vmexit() -- but did not update the code at VMEXIT to act on the mode selected in that function -- resulting in VMEXITs continuing to clear the RSB when RETPOLINES are enabled, despite the presence of AutoIBRS. Signed-off-by: Amit Shah Link: https://lore.kernel.org/r/20240807123531.69677-1-amit@kernel.org [sean: massage changeloge, drop comment about AMD not needing RSB_VMEXIT_LITE] Signed-off-by: Sean Christopherson commit b6db3eb6c373b97d9e433530d748590421bbeea7 Author: Anastasia Belova Date: Tue Sep 10 11:50:16 2024 +0300 arm64: esr: Define ESR_ELx_EC_* constants as UL Add explicit casting to prevent expantion of 32th bit of u32 into highest half of u64 in several places. For example, in inject_abt64: ESR_ELx_EC_DABT_LOW << ESR_ELx_EC_SHIFT = 0x24 << 26. This operation's result is int with 1 in 32th bit. While casting this value into u64 (esr is u64) 1 fills 32 highest bits. Found by Linux Verification Center (linuxtesting.org) with SVACE. Cc: Fixes: aa8eff9bfbd5 ("arm64: KVM: fault injection into a guest") Signed-off-by: Anastasia Belova Acked-by: Marc Zyngier Link: https://lore.kernel.org/stable/20240910085016.32120-1-abelova%40astralinux.ru Link: https://lore.kernel.org/r/20240910085016.32120-1-abelova@astralinux.ru Signed-off-by: Will Deacon commit 10166c23f41367b6aaebd403af86caab22466c22 Author: Joey Gouly Date: Tue Sep 10 11:50:04 2024 +0100 arm64: pkeys: remove redundant WARN FEAT_PAN3 is present if FEAT_S1POE is, this WARN() was to represent that. However execute_only_pkey() is always called by mmap(), even on a CPU without POE support. Rather than making the WARN() conditional, just delete it. Reported-by: Naresh Kamboju Link: https://lore.kernel.org/linux-arm-kernel/CA+G9fYvarKEPN3u1Ogw2pcw4h6r3OMzg+5qJpYkAXRunAEF_0Q@mail.gmail.com/ Signed-off-by: Joey Gouly Cc: Will Deacon Cc: Catalin Marinas Link: https://lore.kernel.org/r/20240910105004.706981-1-joey.gouly@arm.com Signed-off-by: Will Deacon commit cfbfeee61582e638770a1a10deef866c9adb38f5 Author: Luiz Augusto von Dentz Date: Wed Aug 16 12:05:00 2023 -0700 Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL This ignores errors from HCI_OP_REMOTE_NAME_REQ_CANCEL since it shouldn't interfere with the stopping of discovery and in certain conditions it seems to be failing. Link: https://github.com/bluez/bluez/issues/575 Fixes: d0b137062b2d ("Bluetooth: hci_sync: Rework init stages") Signed-off-by: Luiz Augusto von Dentz commit 0023d340ba86cfe50b935829a73adea57ec2c629 Author: Luiz Augusto von Dentz Date: Tue Sep 10 10:22:36 2024 -0400 Bluetooth: CMTP: Mark BT_CMTP as DEPRECATED This marks BT_CMTP as DEPRECATED in preparation to get it removed. Signed-off-by: Luiz Augusto von Dentz commit a1f1c24368ec9b1d2bbc77075d2ba340ea9d0a83 Author: Justin Stitt Date: Thu Sep 5 15:54:40 2024 -0700 Bluetooth: replace deprecated strncpy with strscpy_pad strncpy() is deprecated for use on NUL-terminated destination strings [0] and as such we should prefer more robust and less ambiguous string interfaces. The CAPI (part II) [1] states that the manufacturer id should be a "zero-terminated ASCII string" and should "always [be] zero-terminated." Much the same for the serial number: "The serial number, a seven-digit number coded as a zero-terminated ASCII string". Along with this, its clear the original author intended for these buffers to be NUL-padded as well. To meet the specification as well as properly NUL-pad, use strscpy_pad(). In doing this, an opportunity to simplify this code is also present. Remove the min_t() and combine the length check into the main if. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [0] Link: https://capi.org/downloads.html [1] Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html Link: https://github.com/KSPP/linux/issues/90 Cc: linux-hardening@vger.kernel.org Signed-off-by: Justin Stitt Signed-off-by: Luiz Augusto von Dentz commit d47da6bd4cfa982fe903f33423b9e2ec541e9496 Author: Luiz Augusto von Dentz Date: Fri Aug 30 17:29:27 2024 -0400 Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED If HCI_CONN_MGMT_CONNECTED has been set then the event shall be HCI_CONN_MGMT_DISCONNECTED. Fixes: b644ba336997 ("Bluetooth: Update device_connected and device_found events to latest API") Signed-off-by: Luiz Augusto von Dentz commit 9a0570948c5def5c59e588dc0e009ed850a1f5a1 Author: Hilda Wu Date: Thu Aug 29 16:40:05 2024 +0800 Bluetooth: btrtl: Set msft ext address filter quirk for RTL8852B For tracking multiple devices concurrently with a condition. The patch enables the HCI_QUIRK_USE_MSFT_EXT_ADDRESS_FILTER quirk on RTL8852B controller. The quirk setting is based on commit 9e14606d8f38 ("Bluetooth: msft: Extended monitor tracking by address filter") With this setting, when a pattern monitor detects a device, this feature issues an address monitor for tracking that device. Let the original pattern monitor keep monitor new devices. Signed-off-by: Hilda Wu Signed-off-by: Luiz Augusto von Dentz commit 97c7ed86322440131f834d34c6670d1d472901dd Author: Hans de Goede Date: Tue Aug 27 12:52:48 2024 +0200 Bluetooth: Use led_set_brightness() in LED trigger activate() callback A LED trigger's activate() callback gets called when the LED trigger gets activated for a specific LED, so that the trigger code can ensure the LED state matches the current state of the trigger condition (LED_FULL when HCI_UP is set in this case). led_trigger_event() is intended for trigger condition state changes and iterates over _all_ LEDs which are controlled by this trigger changing the brightness of each of them. In the activate() case only the brightness of the LED which is being activated needs to change and that LED is passed as an argument to activate(), switch to led_set_brightness() to only change the brightness of the LED being activated. Signed-off-by: Hans de Goede Signed-off-by: Luiz Augusto von Dentz commit 52bc7d66659faac6e5a47e3ab38d8c8f590e94e5 Author: Li Zetao Date: Wed Aug 21 09:24:03 2024 +0800 Bluetooth: btrtl: Use kvmemdup to simplify the code Use kvmemdup instead of kvmalloc() + memcpy() to simplify the code. No functional change intended. Signed-off-by: Li Zetao Signed-off-by: Luiz Augusto von Dentz commit cb45396f96f9671f7a18df481702e19998eb0f4b Author: Pavel Nikulin Date: Wed Aug 21 15:08:56 2024 +0400 Bluetooth: btusb: Add Mediatek MT7925 support ID 0x13d3:0x3608 Add the support ID (0x13d3, 0x3608) to usb_device_id table for Realtek MT7925B14L found on AW-EM637 WiFi+BT modules in 2024 Asus laptops. The device info from /sys/kernel/debug/usb/devices as below. T: Bus=03 Lev=01 Prnt=01 Port=00 Cnt=01 Dev#= 2 Spd=480 MxCh= 0 D: Ver= 2.10 Cls=ef(misc ) Sub=02 Prot=01 MxPS=64 #Cfgs= 1 P: Vendor=13d3 ProdID=3608 Rev= 1.00 S: Manufacturer=MediaTek Inc. S: Product=Wireless_Device S: SerialNumber=000000000 C:* #Ifs= 3 Cfg#= 1 Atr=e0 MxPwr=100mA A: FirstIf#= 0 IfCount= 3 Cls=e0(wlcon) Sub=01 Prot=01 I:* If#= 0 Alt= 0 #EPs= 3 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=81(I) Atr=03(Int.) MxPS= 16 Ivl=125us E: Ad=82(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=02(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms I:* If#= 1 Alt= 0 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 0 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 0 Ivl=1ms I: If#= 1 Alt= 1 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 9 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 9 Ivl=1ms I: If#= 1 Alt= 2 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 17 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 17 Ivl=1ms I: If#= 1 Alt= 3 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 25 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 25 Ivl=1ms I: If#= 1 Alt= 4 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 33 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 33 Ivl=1ms I: If#= 1 Alt= 5 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 49 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 49 Ivl=1ms I: If#= 1 Alt= 6 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 63 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 63 Ivl=1ms I: If#= 2 Alt= 0 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=8a(I) Atr=03(Int.) MxPS= 64 Ivl=125us E: Ad=0a(O) Atr=03(Int.) MxPS= 64 Ivl=125us I:* If#= 2 Alt= 1 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=8a(I) Atr=03(Int.) MxPS= 512 Ivl=125us E: Ad=0a(O) Atr=03(Int.) MxPS= 512 Ivl=125us Signed-off-by: Pavel Nikulin Signed-off-by: Luiz Augusto von Dentz commit a30ce2992075b9bd8824a5f1025383e8d9bc05bc Author: Max Chou Date: Tue Aug 20 14:28:29 2024 +0800 Bluetooth: btrtl: Add the support for RTL8922A Add the support for RTL8922A BT controller on USB interface. The necessary firmware will be submitted to linux-firmware project. The device info from /sys/kernel/debug/usb/devices as below. T: Bus=01 Lev=02 Prnt=02 Port=02 Cnt=01 Dev#= 3 Spd=12 MxCh= 0 D: Ver= 1.00 Cls=e0(wlcon) Sub=01 Prot=01 MxPS=64 #Cfgs= 1 P: Vendor=0bda ProdID=8922 Rev= 0.00 S: Manufacturer=Realtek S: Product=Bluetooth Radio S: SerialNumber=00E04C885A01 C:* #Ifs= 2 Cfg#= 1 Atr=e0 MxPwr=500mA I:* If#= 0 Alt= 0 #EPs= 3 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=81(I) Atr=03(Int.) MxPS= 16 Ivl=1ms E: Ad=02(O) Atr=02(Bulk) MxPS= 64 Ivl=0ms E: Ad=82(I) Atr=02(Bulk) MxPS= 64 Ivl=0ms I:* If#= 1 Alt= 0 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 0 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 0 Ivl=1ms I: If#= 1 Alt= 1 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 9 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 9 Ivl=1ms I: If#= 1 Alt= 2 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 17 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 17 Ivl=1ms I: If#= 1 Alt= 3 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 25 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 25 Ivl=1ms I: If#= 1 Alt= 4 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 33 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 33 Ivl=1ms I: If#= 1 Alt= 5 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 49 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 49 Ivl=1ms I: If#= 1 Alt= 6 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 63 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 63 Ivl=1ms Signed-off-by: Max Chou Signed-off-by: Luiz Augusto von Dentz commit 0519376db710783ebc97f1c72a09424af0bc920a Author: Frédéric Danis Date: Tue Aug 20 16:17:16 2024 +0200 Bluetooth: hci_ldisc: Use speed set by btattach as oper_speed Starting a BCM UART controller not defined as a platform device or a serdev with "btattach -B /dev/ttyS1 -P bcm -S 3000000" works fine but the serial port remains at the init_speed, i.e. 115200. The oper_speed is only set if a device is declared in ACPI, device tree or as a platform device. This commit copies the serial port speed fixed by hciattach to the oper_speed on line discipline opening. Signed-off-by: Frédéric Danis Signed-off-by: Luiz Augusto von Dentz commit fe4408da5bfd495e0eeea684932a267254f76f11 Author: Kuan-Wei Chiu Date: Sat Aug 10 22:14:15 2024 +0800 Bluetooth: hci_conn: Remove redundant memset after kzalloc Since kzalloc already zeroes the allocated memory, the subsequent memset call is unnecessary. This patch removes the redundant memset to clean up the code and enhance efficiency. Signed-off-by: Kuan-Wei Chiu Signed-off-by: Luiz Augusto von Dentz commit 2fcb7936cef3a045ced9d5b8cdb644bced9f99b5 Author: Yue Haibing Date: Mon Aug 19 21:52:11 2024 +0800 Bluetooth: L2CAP: Remove unused declarations Commit e7b02296fb40 ("Bluetooth: Remove BT_HS") removed the implementations but leave declarations. Signed-off-by: Yue Haibing Signed-off-by: Luiz Augusto von Dentz commit 5f4f954bba12af7ca1e0e7c1352b73aefdce1d81 Author: Bartosz Golaszewski Date: Mon Aug 19 09:48:01 2024 +0200 dt-bindings: bluetooth: bring the HW description closer to reality for wcn6855 Describe the inputs from the PMU that the Bluetooth module on wcn6855 consumes and drop the ones from the host. This breaks the current contract but the only two users of wcn6855 upstream - sc8280xp based boards - will be updated in DTS patches sent separately while the hci_qca driver will remain backwards compatible with older DT sources. Acked-by: Rob Herring (Arm) Signed-off-by: Bartosz Golaszewski Signed-off-by: Luiz Augusto von Dentz commit 33b25739acb9bc4b1edfd39d25487d2520c7986b Author: Neeraj Sanjay Kale Date: Fri Aug 16 16:43:09 2024 +0530 Bluetooth: btnxpuart: Add support for ISO packets This enables btnxpuart driver to handle ISO RX packet when DUT is configured as audio sink. Tested IW612 on iMX8MMini platform and BlueZ-5.77 as follows: 1) Configured DUT with bap_bcast_sink role in pipewire configuration file. 2) Started pipewire and DUT is able to sync with Broadcast source through pipewire. 3) ISO data RX is seen in btmon. 4) Audio/Music is heard on audio jack. Signed-off-by: Neeraj Sanjay Kale Tested-by: Sarveshwar Bajaj Signed-off-by: Luiz Augusto von Dentz commit 61b27cdf025bf47d3caf0f1ceab078b48774ba13 Author: Neeraj Sanjay Kale Date: Fri Aug 16 16:43:08 2024 +0530 Bluetooth: hci_h4: Add support for ISO packets in h4_recv.h This adds ISO packet support in h4_recv.h, which was created before ISO packet handling was added to hci_h4.c and hci_uart.c Signed-off-by: Neeraj Sanjay Kale Signed-off-by: Luiz Augusto von Dentz commit bdf9557f70e7512bb2f754abf90d9e9958745316 Author: Hilda Wu Date: Fri Aug 16 16:58:22 2024 +0800 Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0489:0xe122 Add the support ID (0x0489, 0xe122) to usb_device_id table for Realtek RTL8852C. The device info from /sys/kernel/debug/usb/devices as below. T: Bus=03 Lev=01 Prnt=01 Port=02 Cnt=01 Dev#= 2 Spd=12 MxCh= 0 D: Ver= 1.00 Cls=e0(wlcon) Sub=01 Prot=01 MxPS=64 #Cfgs= 1 P: Vendor=0489 ProdID=e122 Rev= 0.00 S: Manufacturer=Realtek S: Product=Bluetooth Radio S: SerialNumber=00e04c000001 C:* #Ifs= 2 Cfg#= 1 Atr=e0 MxPwr=500mA I:* If#= 0 Alt= 0 #EPs= 3 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=81(I) Atr=03(Int.) MxPS= 16 Ivl=1ms E: Ad=02(O) Atr=02(Bulk) MxPS= 64 Ivl=0ms E: Ad=82(I) Atr=02(Bulk) MxPS= 64 Ivl=0ms I:* If#= 1 Alt= 0 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 0 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 0 Ivl=1ms I: If#= 1 Alt= 1 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 9 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 9 Ivl=1ms I: If#= 1 Alt= 2 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 17 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 17 Ivl=1ms I: If#= 1 Alt= 3 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 25 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 25 Ivl=1ms I: If#= 1 Alt= 4 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 33 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 33 Ivl=1ms I: If#= 1 Alt= 5 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=03(O) Atr=01(Isoc) MxPS= 49 Ivl=1ms E: Ad=83(I) Atr=01(Isoc) MxPS= 49 Ivl=1ms Signed-off-by: Hilda Wu Signed-off-by: Luiz Augusto von Dentz commit 0fec656d08aa59ad3ea1bba148a4f7e5618fd4d3 Author: Luiz Augusto von Dentz Date: Mon Aug 12 11:01:15 2024 -0400 Bluetooth: btusb: Invert LE State flag to set invalid rather then valid This inverts the LE State flag so by default we assume the controllers would report valid states rather than invalid so it is inline with the respective quirk (HCI_QUIRK_BROKEN_LE_STATES). Signed-off-by: Luiz Augusto von Dentz commit 7494ef879636e9fabaf5a1a7fdfee81b3c6b206b Author: Yang Li Date: Fri Aug 9 13:42:26 2024 +0800 MAINTAINERS: Add an entry for Amlogic HCI UART (M: Yang Li) Add Amlogic Bluetooth entry to MAINTAINERS to clarify the maintainers Signed-off-by: Yang Li Signed-off-by: Luiz Augusto von Dentz commit afe671ac3e9309e55d556d066250bd37d9c47d1a Author: Zhang Zekun Date: Tue Sep 10 20:23:30 2024 +0800 ASoC: meson: Remove unused declartion in header file The declaration of aiu_fifo_hw_free() has been removed since commit e05cde84eabc ("ASoC: meson: Use managed DMA buffer allocation"). Let's remove the unused declaration. Fixes: e05cde84eabc ("ASoC: meson: Use managed DMA buffer allocation") Signed-off-by: Zhang Zekun Reviewed-by: Jerome Brunet Link: https://patch.msgid.link/20240910122330.70684-1-zhangzekun11@huawei.com Signed-off-by: Mark Brown commit 29caeda359da15d16963096043cda39530f81cc4 Author: Sebastian Ene Date: Mon Sep 9 12:47:17 2024 +0000 KVM: arm64: Move pagetable definitions to common header In preparation for using the stage-2 definitions in ptdump, move some of these macros in the common header. Signed-off-by: Sebastian Ene Link: https://lore.kernel.org/r/20240909124721.1672199-2-sebastianene@google.com Signed-off-by: Marc Zyngier commit 37bac77e4649e8158698a60addc22ec4faf5649a Author: Yang Li Date: Fri Aug 9 13:42:25 2024 +0800 Bluetooth: hci_uart: Add support for Amlogic HCI UART Add a new HCI protocol HCI_UART_AML for the Amlogic Bluetooth controller. It works on the standard H4 protocol via a 4-wire UART interface, with baud rates up to 4 Mbps. The controller supports two types of commands: the TCI commands and the vendor command. The former is for initial setup including setting baud rates, downloading fw, starting chip and etc, while the latter is for dumping firmware versions and setting public address after firmware updates and normal startup. It was verified on board of T602 (S905X4 + W265S2). dmesg: .. [ 5.313450] Bluetooth: HCI UART protocol AML registered [ 6.506052] Bluetooth: hci0: fw_version: date = 42.28, number = 0xb2fd ... Co-developed-by: Ye He Signed-off-by: Ye He Signed-off-by: Yang Li Signed-off-by: Luiz Augusto von Dentz commit e5e465a1ae62d146f9652756289aae9b6453dc90 Author: Yang Li Date: Fri Aug 9 13:42:24 2024 +0800 dt-bindings: net: bluetooth: Add support for Amlogic Bluetooth Add binding document for Amlogic Bluetooth chipsets attached over UART. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Yang Li Signed-off-by: Luiz Augusto von Dentz commit f9685f315fd6a84d86c8a53eb5d8e17652858d53 Author: Alexander Hall Date: Tue Jul 30 15:08:25 2024 -0700 Bluetooth: btusb: Add MediaTek MT7925-B22M support ID 0x13d3:0x3604 This patch fixes bluetooth support on the MediaTek MT7925 WiFi 7 + BT 5.3 M.2 chipset that I purchased from aliexpress (and which arrived today). The PCB states that it is an MT7925B22M. Device from /sys/kernel/debug/usb/devices: T: Bus=03 Lev=02 Prnt=03 Port=02 Cnt=01 Dev#= 4 Spd=480 MxCh= 0 D: Ver= 2.10 Cls=ef(misc ) Sub=02 Prot=01 MxPS=64 #Cfgs= 1 P: Vendor=13d3 ProdID=3604 Rev= 1.00 S: Manufacturer=MediaTek Inc. S: Product=Wireless_Device S: SerialNumber=000000000 C:* #Ifs= 3 Cfg#= 1 Atr=e0 MxPwr=100mA A: FirstIf#= 0 IfCount= 3 Cls=e0(wlcon) Sub=01 Prot=01 I:* If#= 0 Alt= 0 #EPs= 3 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=81(I) Atr=03(Int.) MxPS= 16 Ivl=125us E: Ad=82(I) Atr=02(Bulk) MxPS= 512 Ivl=0ms E: Ad=02(O) Atr=02(Bulk) MxPS= 512 Ivl=0ms I:* If#= 1 Alt= 0 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 0 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 0 Ivl=1ms I: If#= 1 Alt= 1 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 9 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 9 Ivl=1ms I: If#= 1 Alt= 2 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 17 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 17 Ivl=1ms I: If#= 1 Alt= 3 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 25 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 25 Ivl=1ms I: If#= 1 Alt= 4 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 33 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 33 Ivl=1ms I: If#= 1 Alt= 5 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 49 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 49 Ivl=1ms I: If#= 1 Alt= 6 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb E: Ad=83(I) Atr=01(Isoc) MxPS= 63 Ivl=1ms E: Ad=03(O) Atr=01(Isoc) MxPS= 63 Ivl=1ms I:* If#= 2 Alt= 0 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=(none) E: Ad=8a(I) Atr=03(Int.) MxPS= 64 Ivl=125us E: Ad=0a(O) Atr=03(Int.) MxPS= 64 Ivl=125us I: If#= 2 Alt= 1 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=(none) E: Ad=8a(I) Atr=03(Int.) MxPS= 512 Ivl=125us E: Ad=0a(O) Atr=03(Int.) MxPS= 512 Ivl=125us High fidelity images I took of the chip itself for future reference: https://archive.org/details/MediaTek-MT7925B22M/ Webpage the chip was purchased from, note it is different from the images taken: https://web.archive.org/web/20240620021119/https://www.aliexpress. us/item/3256806821207897.html Signed-off-by: Alexander Hall Signed-off-by: Luiz Augusto von Dentz commit 861da2c11c64abe706a8d39645bbcd3141c2efb5 Author: Kiran Date: Fri Jul 26 16:13:26 2024 +0530 Bluetooth: btintel_pcie: Add support for ISO data Add support for handling ISO RX and TX packets. Signed-off-by: Kiran Signed-off-by: Luiz Augusto von Dentz commit 29aeb4e8918e6aeeaf0bb7a03b000a73596d54a3 Author: Kiran K Date: Fri Jul 26 16:13:24 2024 +0530 Bluetooth: Add a helper function to extract iso header Add a helper function hci_iso_hdr() to extract iso header from skb. Signed-off-by: Kiran K Signed-off-by: Luiz Augusto von Dentz commit 46d2efc4efc00e09a47e41f753af69a9fe169ec4 Merge: e494548a15ea1e 2b28fe75c7dbe7 Author: Arnd Bergmann Date: Tue Sep 10 16:39:45 2024 +0000 Merge tag 'arm-soc/for-6.12/soc' of https://github.com/Broadcom/stblinux into soc/arm This pull request contains Broadcom 32-bit SoC changes for 6.12, please pull the following: - Florian enables the ARM GICv3 driver since newer STB chips make use of a GIC-600 controller * tag 'arm-soc/for-6.12/soc' of https://github.com/Broadcom/stblinux: ARM: bcm: Select ARM_GIC_V3 for ARCH_BRCMSTB commit e494548a15ea1eb6cddd5f695ac6718452087ead Merge: f166da5c9dcdc1 dea56c781ed3d1 Author: Arnd Bergmann Date: Tue Sep 10 16:32:14 2024 +0000 Merge tag 'mvebu-arm-6.12-1' of https://git.kernel.org/pub/scm/linux/kernel/git/gclement/mvebu into soc/arm mvebu arm for 6.12 (part 1) Fix a few warning error with W=1 Switch orion5x to new sys-off handler API * tag 'mvebu-arm-6.12-1' of https://git.kernel.org/pub/scm/linux/kernel/git/gclement/mvebu: ARM: dove: Drop a write-only variable ARM: orion5x: Switch to new sys-off handler API ARM: mvebu: Warn about memory chunks too small for DDR training Signed-off-by: Arnd Bergmann commit 578aab4ecc73476393389440724b7a391cc0cea9 Author: Leo Li Date: Thu Sep 5 18:45:04 2024 -0400 drm/amd/display: Do not reset planes based on crtc zpos_changed [Why] drm_normalize_zpos will set the crtc_state->zpos_changed to 1 if any of it's assigned planes changes zpos, or is removed/added from it. To have amdgpu_dm request a plane reset on this is too broad. For example, if only the cursor plane was moved from one crtc to another, the crtc's zpos_changed will be set to true. But that does not mean that the underlying primary plane requires a reset. [How] Narrow it down so that only the plane that has a change in zpos will require a reset. As a future TODO, we can further optimize this by only requiring a reset on z-order change. Z-order is different from z-pos, since a zpos change doesn't necessarily mean the z-ordering changed, and DC should only require a reset if the z-ordering changed. For example, the following zpos update does not change z-ordering: Plane A: zpos 2 -> 3 Plane B: zpos 1 -> 2 => Plane A is still on top of plane B: no reset needed Whereas this one does change z-ordering: Plane A: zpos 2 -> 1 Plane B: zpos 1 -> 2 => Plane A changed from on top, to below plane B: reset needed Fixes: 38e0c3df6dbd ("drm/amd/display: Move PRIMARY plane zpos higher") Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3569 Signed-off-by: Leo Li Reviewed-by: Harry Wentland Signed-off-by: Alex Deucher commit 90bfb28d5fa8127a113a140c9791ea0b40ab156a Author: Jens Axboe Date: Tue Sep 10 08:57:04 2024 -0600 io_uring/rw: drop -EOPNOTSUPP check in __io_complete_rw_common() A recent change ensured that the necessary -EOPNOTSUPP -> -EAGAIN transformation happens inline on both the reader and writer side, and hence there's no need to check for both of these anymore on the completion handler side. Signed-off-by: Jens Axboe commit c0a9d496e0fece67db777bd48550376cf2960c47 Author: Jens Axboe Date: Tue Sep 10 08:30:57 2024 -0600 io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN Some file systems, ocfs2 in this case, will return -EOPNOTSUPP for an IOCB_NOWAIT read/write attempt. While this can be argued to be correct, the usual return value for something that requires blocking issue is -EAGAIN. A refactoring io_uring commit dropped calling kiocb_done() for negative return values, which is otherwise where we already do that transformation. To ensure we catch it in both spots, check it in __io_read() itself as well. Reported-by: Robert Sander Link: https://fosstodon.org/@gurubert@mastodon.gurubert.de/113112431889638440 Cc: stable@vger.kernel.org Fixes: a08d195b586a ("io_uring/rw: split io_read() into a helper") Signed-off-by: Jens Axboe commit 18024d60679a5ec34600ccd37cc1bf1f66f0eb6b Author: Andi Shyti Date: Thu Aug 8 01:00:41 2024 +0100 i2c: ljca: Remove unused "target_addr" parameter The stop command doesn't use any address on the target: w_packet->data[0] = 0; and indeed the targed_addr parameter was unused. Remove it. Cc: Wentong Wu Signed-off-by: Andi Shyti commit bd610c0937aaf03b2835638ada1fab8b0524c61a Author: Qu Wenruo Date: Mon Sep 2 14:29:06 2024 +0930 btrfs: only unlock the to-be-submitted ranges inside a folio [SUBPAGE COMPRESSION LIMITS] Currently inside writepage_delalloc(), if a delalloc range is going to be submitted asynchronously (inline or compression, the page dirty/writeback/unlock are all handled in at different time, not at the submission time), then we return 1 and extent_writepage() will skip the submission. This is fine if every sector matches page size, but if a sector is smaller than page size (aka, subpage case), then it can be very problematic, for example for the following 64K page: 0 16K 32K 48K 64K |/| |///////| |/| | | 4K 52K Where |/| is the dirty range we need to submit. In the above case, we need the following different handling for the 3 ranges: - [0, 4K) needs to be submitted for regular write A single sector cannot be compressed. - [16K, 32K) needs to be submitted for compressed write - [48K, 52K) needs to be submitted for regular write. Above, if we try to submit [16K, 32K) for compressed write, we will return 1 and immediately, and without submitting the remaining [48K, 52K) range. Furthermore, since extent_writepage() will exit without unlocking any sectors, the submitted range [0, 4K) will not have sector unlocked. That's the reason why for now subpage is only allowed for full page range. [ENHANCEMENT] - Introduce a submission bitmap at btrfs_bio_ctrl::submit_bitmap This records which sectors will be submitted by extent_writepage_io(). This allows us to track which sectors needs to be submitted thus later to be properly unlocked. For asynchronously submitted range (inline/compression), the corresponding bits will be cleared from that bitmap. - Only return 1 if no sector needs to be submitted in writepage_delalloc() - Only submit sectors marked by submission bitmap inside extent_writepage_io() So we won't touch the asynchronously submitted part. - Introduce btrfs_folio_end_writer_lock_bitmap() helper This will only unlock the involved sectors specified by @bitmap parameter, to avoid touching the range asynchronously submitted. Please note that, since subpage compression is still limited to page aligned range, this change is only a preparation for future sector perfect compression support for subpage. Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit 49a9907368a4633fe19c477159da7a3199c808ee Author: Qu Wenruo Date: Mon Sep 2 13:57:08 2024 +0930 btrfs: merge btrfs_folio_unlock_writer() into btrfs_folio_end_writer_lock() The function btrfs_folio_unlock_writer() is already calling btrfs_folio_end_writer_lock() to do the heavy lifting work, the only missing 0 writer check. Thus there is no need to keep two different functions, move the 0 writer check into btrfs_folio_end_writer_lock(), and remove btrfs_folio_unlock_writer(). Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit 68f32b9c98522b9689e82627abeb5c10b3501915 Author: Leo Martins Date: Tue Sep 3 11:19:07 2024 -0700 btrfs: BTRFS_PATH_AUTO_FREE in orphan.c All cleanup paths lead to btrfs_path_free so path can be defined with the automatic freeing callback in the following functions: - btrfs_insert_orphan_item() - btrfs_del_orphan_item() Signed-off-by: Leo Martins Reviewed-by: David Sterba Signed-off-by: David Sterba commit 45763a0cbb91ba3a5db928c376c3b0bba3ce9b45 Author: Leo Martins Date: Tue Sep 3 11:19:06 2024 -0700 btrfs: use btrfs_path auto free in zoned.c All cleanup paths lead to btrfs_path_free so path can be defined with the automatic freeing callback in the following functions: - calculate_emulated_zone_size() - calculate_alloc_pointer() Signed-off-by: Leo Martins Reviewed-by: David Sterba Signed-off-by: David Sterba commit 4c74a32ad323f89ac99b0f147e331f6ead100efa Author: Leo Martins Date: Tue Sep 3 11:19:05 2024 -0700 btrfs: DEFINE_FREE for struct btrfs_path Add a DEFINE_FREE for struct btrfs_path. This defines a function that can be called using the __free attribute. Define a macro BTRFS_PATH_AUTO_FREE to make the declaration of an auto freeing path very clear. The intended use is to define the auto free of path in cases where the path is allocated somewhere at the beginning and freed either on all error paths or at the end of the function. int func() { BTRFS_PATH_AUTO_FREE(path); if (...) return -ERROR; path = alloc_path(); ... if (...) return -ERROR; ... return 0; } Signed-off-by: Leo Martins [ update changelog ] Reviewed-by: David Sterba Signed-off-by: David Sterba commit ab6eac7c9111b75fca243e2590a17b55e96e9d31 Author: Qu Wenruo Date: Fri Aug 30 16:48:20 2024 +0930 btrfs: remove btrfs_folio_end_all_writers() The function btrfs_folio_end_all_writers() is only utilized in extent_writepage() as a way to unlock all subpage range (for both successful submission and error handling). Meanwhile we have a similar function, btrfs_folio_end_writer_lock(). The difference is, btrfs_folio_end_writer_lock() expects a range that is a subset of the already locked range. This limit on btrfs_folio_end_writer_lock() is a little overkilled, preventing it from being utilized for error paths. So here we enhance btrfs_folio_end_writer_lock() to accept a superset of the locked range, and only end the locked subset. This means we can replace btrfs_folio_end_all_writers() with btrfs_folio_end_writer_lock() instead. Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit ca283ea9920ac20ae23ed398b693db3121045019 Author: David Sterba Date: Wed Jun 26 23:39:11 2024 +0200 btrfs: constify more pointer parameters Continue adding const to parameters. This is for clarity and minor addition to safety. There are some minor effects, in the assembly code and .ko measured on release config. Signed-off-by: David Sterba commit 070969f17d82e4220f5800ea63139e513cdb17fd Author: David Sterba Date: Wed Jun 5 02:28:30 2024 +0200 btrfs: rework BTRFS_I as macro to preserve parameter const Currently BTRFS_I is a static inline function that takes a const inode and returns btrfs inode, dropping the 'const' qualifier. This can break assumptions of compiler though it seems there's no real case. To make the parameter and return type consistent regardint const we can use the container_of_const() that preserves it. However this would not check the parameter type. To fix that use the same _Generic construct but implement only the two expected types. Signed-off-by: David Sterba commit 1b6e068a0cc3d3888ddd5e4967357075fd6502da Author: Filipe Manana Date: Thu Aug 29 19:03:52 2024 +0100 btrfs: add and use helper to verify the calling task has locked the inode We have a few places that check if we have the inode locked by doing: ASSERT(inode_is_locked(vfs_inode)); This actually proved to be useful several times as if assertions are enabled (and by default they are in many distros) it immediately triggers a crash which is impossible for users to miss. However that doesn't check if the lock is held by the calling task, so the check passes if some other task locked the inode. Using one of the lockdep functions to check the lock is held, like lockdep_assert_held() for example, does check that the calling task holds the lock, and if that's not the case it produces a warning and stack trace in dmesg. However, despite the misleading "assert" in the name of the lockdep helpers, it does not trigger a crash/BUG_ON(), just a warning and splat in dmesg, which is easy to get unnoticed by users who may have lockdep enabled. So add a helper that does the ASSERT() and calls lockdep_assert_held() immediately after and use it every where we check the inode is locked. Like this if the lock is held by some other task we get the warning in dmesg which is caught by fstests, very helpful during development, and may also be occassionaly noticed by users with lockdep enabled. Reviewed-by: Josef Bacik Signed-off-by: Filipe Manana Signed-off-by: David Sterba commit 3368597206dc3c6c3c2247ee146beada14c67380 Author: Luca Stefani Date: Mon Sep 2 13:10:53 2024 +0200 btrfs: always update fstrim_range on failure in FITRIM ioctl Even in case of failure we could've discarded some data and userspace should be made aware of it, so copy fstrim_range to userspace regardless. Also make sure to update the trimmed bytes amount even if btrfs_trim_free_extents fails. CC: stable@vger.kernel.org # 5.15+ Reviewed-by: Qu Wenruo Signed-off-by: Luca Stefani Reviewed-by: David Sterba Signed-off-by: David Sterba commit faad57ae20190de6375e1c3a7144c7ae66ab4ddf Author: Li Zetao Date: Thu Aug 29 02:29:08 2024 +0800 btrfs: convert copy_inline_to_page() to use folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. Moreover find_or_create_page() is compatible API, and it can replaced with __filemap_get_folio(). Some interfaces have been converted to use folio before, so the conversion operation from page can be eliminated here. Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit aeb6d8814841ec106acc5ffea772d4102ffc72b6 Author: Li Zetao Date: Thu Aug 29 02:29:07 2024 +0800 btrfs: convert btrfs_decompress() to take a folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. Based on the previous patch, the compression path can be directly used in folio without converting to page. Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit b70f3a45464b012feb8e86f15f37e0c4b2f69fe1 Author: Li Zetao Date: Thu Aug 29 02:29:06 2024 +0800 btrfs: convert zstd_decompress() to take a folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. And memcpy_to_page() can be replaced with memcpy_to_folio(). But there is no memzero_folio(), but it can be replaced equivalently by folio_zero_range(). Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit 9f9a4e43a87082144e43320edaf38d980d18d069 Author: Li Zetao Date: Thu Aug 29 02:29:05 2024 +0800 btrfs: convert lzo_decompress() to take a folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. And memcpy_to_page() can be replaced with memcpy_to_folio(). But there is no memzero_folio(), but it can be replaced equivalently by folio_zero_range(). Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit 54c78d497b383f5828b019d41149a9e76cfc771c Author: Li Zetao Date: Thu Aug 29 02:29:04 2024 +0800 btrfs: convert zlib_decompress() to take a folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. And memcpy_to_page() can be replaced with memcpy_to_folio(). But there is no memzero_folio(), but it can be replaced equivalently by folio_zero_range(). Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit 046c0d65962504d8ec1e109cb673c81ba36da1e3 Author: Li Zetao Date: Thu Aug 29 02:29:03 2024 +0800 btrfs: convert try_release_extent_mapping() to take a folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. And page_to_inode() can be replaced with folio_to_inode() now. Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit dd0a8df455665fe896125e15dfe3847f1e18462f Author: Li Zetao Date: Thu Aug 29 02:29:02 2024 +0800 btrfs: convert try_release_extent_state() to take a folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. Moreover, use folio_pos() instead of page_offset(), which is more consistent with folio usage. Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit 08dd8507b11684427f5d0f07f18f1b1fb2d9f28a Author: Li Zetao Date: Thu Aug 29 02:29:01 2024 +0800 btrfs: convert submit_eb_page() to take a folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit 135873258c6127077e2b0db83ddd08e3e4215b3b Author: Li Zetao Date: Thu Aug 29 02:29:00 2024 +0800 btrfs: convert submit_eb_subpage() to take a folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. Moreover, use folio_pos() instead of page_offset(), which is more consistent with folio usage. Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit 884937793db595928961397dd3ec2287b40371c6 Author: Li Zetao Date: Thu Aug 29 02:28:59 2024 +0800 btrfs: convert read_key_bytes() to take a folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. Moreover, use kmap_local_folio() instead of kmap_local_page(), which is more consistent with folio usage. Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit b8ae2bfa685f1ba48d42660b163b7bec725fe697 Author: Li Zetao Date: Thu Aug 29 02:28:58 2024 +0800 btrfs: convert try_release_extent_buffer() to take a folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit 0145aa38cb39a041025747d02c276ac9a9acece2 Author: Li Zetao Date: Thu Aug 29 02:28:57 2024 +0800 btrfs: convert try_release_subpage_extent_buffer() to take a folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. And use folio_pos instead of page_offset, which is more consistent with folio usage. At the same time, folio_test_private() can handle folio directly without converting from page to folio first. Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit d4aeb5f7a7e67d780e3eaae0b6e7d4e2d31042ee Author: Li Zetao Date: Thu Aug 29 02:28:56 2024 +0800 btrfs: convert get_next_extent_buffer() to take a folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. Use folio_pos instead of page_offset, which is more consistent with folio usage. Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit 266a9361a4cb196ef5e5b4bb0a6c7f8bf2139825 Author: Li Zetao Date: Thu Aug 29 02:28:55 2024 +0800 btrfs: convert clear_page_extent_mapped() to take a folio The old page API is being gradually replaced and converted to use folio to improve code readability and avoid repeated conversion between page and folio. Now clear_page_extent_mapped() can deal with a folio directly, so change its name to clear_folio_extent_mapped(). Signed-off-by: Li Zetao Reviewed-by: David Sterba Signed-off-by: David Sterba commit fd1e75d0105d2289e24b6d63cee49e6f7952c8bf Author: Qu Wenruo Date: Wed May 29 17:03:47 2024 +0930 btrfs: make compression path to be subpage compatible Currently btrfs compression path is not really subpage compatible, every thing is still done in page unit. That's fine for regular sector size and subpage routine. As even for subpage routine compression is only enabled if the whole range is page aligned, so reading the page cache in page unit is totally fine. However in preparation for the future subpage perfect compression support, we need to change the compression routine to properly handle a subpage range. This patch would prepare both zlib and zstd to only read the subpage range for compression. Lzo is already doing subpage aware read, as lzo's on-disk format is already sectorsize dependent. Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit 9ca0e58cb752b09816f56f7a3147a39773d5e831 Author: Qu Wenruo Date: Sat Aug 24 19:36:43 2024 +0930 btrfs: merge btrfs_orig_bbio_end_io() into btrfs_bio_end_io() There are only two differences between the two functions: - btrfs_orig_bbio_end_io() does extra error propagation This is mostly to allow tolerance for write errors. - btrfs_orig_bbio_end_io() does extra pending_ios check This check can handle both the original bio, or the cloned one. (All accounting happens in the original one). This makes btrfs_orig_bbio_end_io() a much safer call. In fact we already had a double freeing error due to usage of btrfs_bio_end_io() in the error path of btrfs_submit_chunk(). So just move the whole content of btrfs_orig_bbio_end_io() into btrfs_bio_end_io(). For normal paths this brings no change, because they are already calling btrfs_orig_bbio_end_io() in the first place. For error paths (not only inside bio.c but also external callers), this change will introduce extra checks, especially for external callers, as they will error out without submitting the btrfs bio. But considering it's already in the error path, such slower but much safer checks are still an overall win. Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit ac325fc2aad513072722387a71bf857c938aae4e Author: Josef Bacik Date: Fri Aug 16 15:16:24 2024 -0400 btrfs: do not hold the extent lock for entire read Historically we've held the extent lock throughout the entire read. There's been a few reasons for this, but it's mostly just caused us problems. For example, this prevents us from allowing page faults during direct io reads, because we could deadlock. This has forced us to only allow 4k reads at a time for io_uring NOWAIT requests because we have no idea if we'll be forced to page fault and thus have to do a whole lot of work. On the buffered side we are protected by the page lock, as long as we're reading things like buffered writes, punch hole, and even direct IO to a certain degree will get hung up on the page lock while the page is in flight. On the direct side we have the dio extent lock, which acts much like the way the extent lock worked previously to this patch, however just for direct reads. This protects direct reads from concurrent direct writes, while we're protected from buffered writes via the inode lock. Now that we're protected in all cases, narrow the extent lock to the part where we're getting the extent map to submit the reads, no longer holding the extent lock for the entire read operation. Push the extent lock down into do_readpage() so that we're only grabbing it when looking up the extent map. This portion was contributed by Goldwyn. Co-developed-by: Goldwyn Rodrigues Reviewed-by: Goldwyn Rodrigues Signed-off-by: Josef Bacik Signed-off-by: David Sterba commit 07d399cb4e1881bba39910bcb4de68a5bd633e03 Author: Josef Bacik Date: Mon Aug 19 16:50:01 2024 -0400 btrfs: take the dio extent lock during O_DIRECT operations Currently we hold the extent lock for the entire duration of a read. This isn't really necessary in the buffered case, we're protected by the page lock, however it's necessary for O_DIRECT. For O_DIRECT reads, if we only locked the extent for the part where we get the extent, we could potentially race with an O_DIRECT write in the same region. This isn't really a problem, unless the read is delayed so much that the write does the COW, unpins the old extent, and some other application re-allocates the extent before the read is actually able to be submitted. At that point at best we'd have a checksum mismatch, but at worse we could read data that doesn't belong to us. To address this potential race we need to make sure we don't have overlapping, concurrent direct io reads and writes. To accomplish this use the new EXTENT_DIO_LOCKED bit in the direct IO case in the same spot as the current extent lock. The writes will take this while they're creating the ordered extent, which is also used to make sure concurrent buffered reads or concurrent direct reads are not allowed to occur, and drop it after the ordered extent is taken. For reads it will act as the current read behavior for the EXTENT_LOCKED bit, we set it when we're starting the read, we clear it in the end_io to allow other direct writes to continue. This still has the drawback of disallowing concurrent overlapping direct reads from occurring, but that exists with the current extent locking. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 7e2a59508472edae5557ff67c2f61f911148be2d Author: Josef Bacik Date: Mon Aug 19 14:15:52 2024 -0400 btrfs: introduce EXTENT_DIO_LOCKED In order to support dropping the extent lock during a read we need a way to make sure that direct reads and direct writes for overlapping ranges are protected from each other. To accomplish this introduce another lock bit specifically for direct io. Subsequent patches will utilize this to protect direct IO operations. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit df2825e98507d10cb037a308087ecd7cb3f6688d Author: David Sterba Date: Tue Aug 27 04:26:51 2024 +0200 btrfs: always pass readahead state to defrag Defrag ioctl passes readahead from the file, but autodefrag does not have a file so the readahead state is allocated when needed. The autodefrag loop in cleaner thread iterates over inodes so we can simply provide an on-stack readahead state and will not need to allocate it in btrfs_defrag_file(). The size is 32 bytes which is acceptable. Reviewed-by: Qu Wenruo Signed-off-by: David Sterba commit 11e3107d47cb266a284169f36c2293af3f397fdb Author: David Sterba Date: Tue Aug 27 04:13:44 2024 +0200 btrfs: drop transaction parameter from btrfs_add_inode_defrag() There's only one caller inode_should_defrag() that passes NULL to btrfs_add_inode_defrag() so we can drop it an simplify the code. Reviewed-by: Qu Wenruo Signed-off-by: David Sterba commit 91c9f2855ead841b27eefb8968079290725d4f2e Author: David Sterba Date: Tue Aug 27 04:10:11 2024 +0200 btrfs: return void from btrfs_add_inode_defrag() The potential memory allocation failure is not a fatal error, skipping autodefrag is fine and the caller inode_should_defrag() does not care about the errors. Further writes can attempt to add the inode back to the defragmentation list again. Reviewed-by: Qu Wenruo Signed-off-by: David Sterba commit 276940915f232f8569124811fd8a9524f27f5748 Author: David Sterba Date: Tue Aug 27 04:05:48 2024 +0200 btrfs: clear defragmented inodes using postorder in btrfs_cleanup_defrag_inodes() btrfs_cleanup_defrag_inodes() is not called frequently, only in remount or unmount, but the way it frees the inodes in fs_info->defrag_inodes is inefficient. Each time it needs to locate first node, remove it, potentially rebalance tree until it's done. This allows to do a conditional reschedule. For cleanups the rbtree_postorder_for_each_entry_safe() iterator is convenient but we can't reschedule and restart iteration because some of the tree nodes would be already freed. The cleanup operation is kmem_cache_free() which will likely take the fast path for most objects so rescheduling should not be necessary. Reviewed-by: Qu Wenruo Signed-off-by: David Sterba commit ffc531652d1039b2c5049a58814d74352f684837 Author: David Sterba Date: Tue Aug 27 03:51:38 2024 +0200 btrfs: rename __btrfs_run_defrag_inode() and drop double underscores The function does not follow the pattern where the underscores would be justified, so rename it. Reviewed-by: Qu Wenruo Signed-off-by: David Sterba commit 42257569026182a877e6eaea70a64fd58842a79f Author: David Sterba Date: Tue Aug 27 03:50:43 2024 +0200 btrfs: rename __btrfs_add_inode_defrag() and drop double underscores The function does not follow the pattern where the underscores would be justified, so rename it. Also update the misleading comment, the passed item is not freed, that's what the caller does. Reviewed-by: Qu Wenruo Signed-off-by: David Sterba commit 6d2f07e13c01b06c6e38117c83df78fea8e9d1a9 Author: David Sterba Date: Tue Aug 27 03:45:38 2024 +0200 btrfs: rename __need_auto_defrag() and drop double underscores The function does not follow the pattern where the underscores would be justified, so rename it. Reviewed-by: Qu Wenruo Signed-off-by: David Sterba commit b7164d9ab03137dc47faa970e25e6507f3c57590 Author: David Sterba Date: Tue Aug 27 03:44:30 2024 +0200 btrfs: constify arguments of compare_inode_defrag() A comparator function does not change its parameters, make them const. Reviewed-by: Qu Wenruo Signed-off-by: David Sterba commit a92914a80b137a447688d868274871f16ec152d5 Author: David Sterba Date: Tue Aug 27 03:44:15 2024 +0200 btrfs: rename __compare_inode_defrag() and drop double underscores The function does not follow the pattern where the underscores would be justified, so rename it. Reviewed-by: Qu Wenruo Signed-off-by: David Sterba commit 06de42c5a98a28060b314589241cabcacc3c4ff8 Author: David Sterba Date: Tue Aug 27 03:30:16 2024 +0200 btrfs: rename __extent_writepage() and drop double underscores The function does not follow the pattern where the underscores would be justified, so rename it. Reviewed-by: Qu Wenruo Signed-off-by: David Sterba commit 22b4ef50dc1d11376f09dd8e9e7cf18ef5ead48f Author: David Sterba Date: Tue Aug 27 03:41:45 2024 +0200 btrfs: rename __btrfs_submit_bio() and drop double underscores Previous patch freed the function name btrfs_submit_bio() so we can use it for a helper that submits struct bio. Reviewed-by: Qu Wenruo Signed-off-by: David Sterba commit 792e86ef31b91c98c529f8c4fb6aa14886584193 Author: David Sterba Date: Tue Aug 27 03:40:11 2024 +0200 btrfs: rename btrfs_submit_bio() to btrfs_submit_bbio() The function name is a bit misleading as it submits the btrfs_bio (bbio), rename it so we can use btrfs_submit_bio() when an actual bio is submitted. Reviewed-by: Qu Wenruo Signed-off-by: David Sterba commit ce4a71ee157e810ec28ad44e8148dfc55e77d4a0 Author: Qu Wenruo Date: Mon Aug 26 15:44:50 2024 +0930 btrfs: subpage: remove btrfs_fs_info::subpage_info member The member btrfs_fs_info::subpage_info stores the cached bitmap start position inside the merged bitmap. However in reality there is only one thing depending on the sectorsize, bitmap_nr_bits, which records the number of sectors that fit inside a page. The sequence of sub-bitmaps have fixed order, thus it's just a quick multiplication to calculate the start position of each sub-bitmaps. Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit 2c70fe16ea0c0d3f08659fc9d75b4840711fee05 Author: Qu Wenruo Date: Wed Aug 14 10:50:21 2024 +0930 btrfs: remove the nr_ret parameter from __extent_writepage_io() The parameter @nr_ret is used to tell the caller how many sectors have been submitted for IO. Then callers check @nr_ret value to determine if we need to manually clear the PAGECACHE_TAG_DIRTY, as if we submitted no sector (e.g. all sectors are beyond i_size) there is no folio_start_writeback() called thus PAGECACHE_TAG_DIRTY tag will not be cleared. Remove this parameter by: - Moving the btrfs_folio_clear_writeback() call into __extent_writepage_io() So that if we didn't submit any IO, then manually call btrfs_folio_set_writeback() to clear PAGECACHE_TAG_DIRTY when the page is no longer dirty. - Use a bool to record if we have submitted any sector Instead of an int. - Use subpage compatible helpers to end folio writeback. This brings no change to the behavior, just for the sake of consistency. As for the call site inside __extent_writepage(), we're always called for the whole page, so the existing full page helper folio_(start|end)_writeback() is totally fine. For the call site inside extent_write_locked_range(), although we can have subpage range, folio_start_writeback() will only clear PAGECACHE_TAG_DIRTY if the page is no longer dirty, and the full folio will still be dirty if there is any subpage dirty range. Only when the last dirty subpage sector is cleared, the folio_start_writeback() will clear PAGECACHE_TAG_DIRTY. So no matter if we call the full page or subpage helper, the result is still the same, then just use the subpage helpers for consistency. Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit e39ba5dfd0b57905fe002da9f80649b6ab388134 Author: Thorsten Blum Date: Wed Aug 14 10:13:29 2024 +0200 btrfs: send: fix grammar in comments Fix a few obvious grammar mistakes: a -> an, then -> than. Signed-off-by: Thorsten Blum Reviewed-by: David Sterba Signed-off-by: David Sterba commit 3cce39a8ca4e7565b6ac1fbcf858171bf07c3757 Author: Junchao Sun Date: Fri Jun 7 22:30:21 2024 +0800 btrfs: qgroup: use xarray to track dirty extents in transaction Use xarray to track dirty extents to reduce the size of the struct btrfs_qgroup_extent_record from 64 bytes to 40 bytes. The xarray is more cache line friendly, it also reduces the complexity of insertion and search code compared to rb tree. Another change introduced is about error handling. Before this patch, the result of btrfs_qgroup_trace_extent_nolock() is always a success. In this patch, because of this function calls the function xa_store() which has the possibility to fail, so mark qgroup as inconsistent if error happened and then free preallocated memory. Also we preallocate memory before spin_lock(), if memory preallcation failed, error handling is the same the existing code. Suggested-by: Qu Wenruo Signed-off-by: Junchao Sun Signed-off-by: David Sterba commit 14ed830d10322007565af3a0da39948f229a72d6 Author: Junchao Sun Date: Fri Jun 7 22:30:20 2024 +0800 btrfs: qgroup: use goto style to handle errors in add_delayed_ref() Clean up resources using goto to get rid of repeated code. Reviewed-by: Qu Wenruo Signed-off-by: Junchao Sun Reviewed-by: David Sterba Signed-off-by: David Sterba commit 8189197425e79f65281938ef29015ebfcf5deaa3 Author: Qu Wenruo Date: Wed Aug 7 14:31:54 2024 +0930 btrfs: refactor __extent_writepage_io() to do sector-by-sector submission Unlike the bitmap usage inside raid56, for __extent_writepage_io() we handle the subpage submission not sector-by-sector, but for each dirty range we found. This is not a big deal normally, as the subpage complex code is already mostly optimized out by the compiler for x86_64. However for the sake of consistency and for the future of subpage sector-perfect compression support, this patch does: - Extract the sector submission code into submit_one_sector() - Add the needed code to extract the dirty bitmap for subpage case There is a small pitfall for non-subpage case, as we cleared page dirty before starting writeback, so we have to manually set the default dirty_bitmap to 1 for such case. - Use bitmap_and() to calculate the target sectors we need to submit This is done for both subpage and non-subpage cases, and will later be expanded to skip inline/compression ranges. For x86_64, the dirty bitmap will be fixed to 1, with the length of 1, so we're still doing the same workload per sector. For larger page sizes, the overhead will be a little larger, as previous we only need to do one extent_map lookup per-dirty-range, but now it will be one extent_map lookup per-sector. But that is the same frequency as x86_64, so we're just aligning the behavior to x86_64. Reviewed-by: Josef Bacik Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit 77b0b98bb743f5d04d8f995ba1936e1143689d4a Author: Qu Wenruo Date: Fri Aug 30 16:35:48 2024 +0930 btrfs: subpage: fix the bitmap dump which can cause bitmap corruption In commit 75258f20fb70 ("btrfs: subpage: dump extra subpage bitmaps for debug") an internal macro GET_SUBPAGE_BITMAP() is introduced to grab the bitmap of each attribute. But that commit is using bitmap_cut() which will do the left shift of the larger bitmap, causing incorrect values. Thankfully this bitmap_cut() is only called for debug usage, and so far it's not yet causing problem. Fix it to use bitmap_read() to only grab the desired sub-bitmap. Fixes: 75258f20fb70 ("btrfs: subpage: dump extra subpage bitmaps for debug") CC: stable@vger.kernel.org # 6.6+ Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit 0ae653fbec2b9fbc72c65a0c99528990bfb2136d Author: Johannes Thumshirn Date: Tue Aug 13 13:36:40 2024 +0200 btrfs: reduce chunk_map lookups in btrfs_map_block() Currently we're calling btrfs_num_copies() before btrfs_get_chunk_map() in btrfs_map_block(). But btrfs_num_copies() itself does a chunk map lookup to be able to calculate the number of copies. So split out the code getting the number of copies from btrfs_num_copies() into a helper called btrfs_chunk_map_num_copies() and directly call it from btrfs_map_block() and btrfs_num_copies(). This saves us one rbtree lookup per btrfs_map_block() invocation. Reviewed-by: Qu Wenruo Reviewed-by: Filipe Manana Signed-off-by: Johannes Thumshirn Reviewed-by: David Sterba Signed-off-by: David Sterba commit 6d752cacae5eb8590c98866effaebf67410a9136 Author: Filipe Manana Date: Wed Aug 7 17:13:58 2024 +0100 btrfs: directly wake up cleaner kthread in the BTRFS_IOC_SYNC ioctl The BTRFS_IOC_SYNC ioctl wants to wake up the cleaner kthread so that it does any pending work (subvolume deletion, delayed iputs, etc), however it is waking up the transaction kthread, which in turn wakes up the cleaner. Since we don't have any transaction to commit, as any ongoing transaction was already committed when it called btrfs_sync_fs() and the goal is just to wake up the cleaner thread, directly wake up the cleaner instead of the transaction kthread. Reviewed-by: Boris Burkov Reviewed-by: Qu Wenruo Signed-off-by: Filipe Manana Reviewed-by: David Sterba Signed-off-by: David Sterba commit efffb803bf37d4514e025e3d59e067dabb59bcd1 Author: Qu Wenruo Date: Mon Aug 5 15:02:54 2024 +0930 btrfs: make btrfs_is_subpage() to return false directly for 4K page size Btrfs only supports sectorsize 4K, 8K, 16K, 32K, 64K for now, thus for systems with 4K page size, there is no way the fs is subpage (sectorsize < PAGE_SIZE). So here we define btrfs_is_subpage() different according to the PAGE_SIZE: - PAGE_SIZE > 4K We may hit real subpage cases, define btrfs_is_subpage() as a regular function and do the usual checks. - PAGE_SIZE == 4K (no smaller PAGE_SIZE support AFAIK) There is no way the fs is subpage, so just define btrfs_is_subpage() as an inline function which always return false. This saves about 7K bytes for x86_64 debug builds: text data bss dec hex filename Before: 1484452 168693 25776 1678921 199e49 fs/btrfs/btrfs.ko After: 1476605 168445 25776 1670826 197eaa fs/btrfs/btrfs.ko Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit 0c749585fc522b6cb32111abf2cd8f17cf30d3c5 Author: Johannes Thumshirn Date: Wed Jul 31 22:43:07 2024 +0200 btrfs: change RST lookup error message level to debug Now that RAID stripe-tree lookup failures are not treated as a fatal issue any more, change the RAID stripe-tree lookup error message to debug level. Reviewed-by: Josef Bacik Reviewed-by: Qu Wenruo Signed-off-by: Johannes Thumshirn Reviewed-by: David Sterba Signed-off-by: David Sterba commit 04915240e2c3a018e4c7f23418478d27226c8957 Author: Johannes Thumshirn Date: Wed Jul 31 22:43:06 2024 +0200 btrfs: don't readahead the relocation inode on RST On relocation we're doing readahead on the relocation inode, but if the filesystem is backed by a RAID stripe tree we can get ENOENT (e.g. due to preallocated extents not being mapped in the RST) from the lookup. But readahead doesn't handle the error and submits invalid reads to the device, causing an assertion in the scatter-gather list code: BTRFS info (device nvme1n1): balance: start -d -m -s BTRFS info (device nvme1n1): relocating block group 6480920576 flags data|raid0 BTRFS error (device nvme1n1): cannot find raid-stripe for logical [6481928192, 6481969152] devid 2, profile raid0 ------------[ cut here ]------------ kernel BUG at include/linux/scatterlist.h:115! Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI CPU: 0 PID: 1012 Comm: btrfs Not tainted 6.10.0-rc7+ #567 RIP: 0010:__blk_rq_map_sg+0x339/0x4a0 RSP: 0018:ffffc90001a43820 EFLAGS: 00010202 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffea00045d4802 RDX: 0000000117520000 RSI: 0000000000000000 RDI: ffff8881027d1000 RBP: 0000000000003000 R08: ffffea00045d4902 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000001000 R12: ffff8881003d10b8 R13: ffffc90001a438f0 R14: 0000000000000000 R15: 0000000000003000 FS: 00007fcc048a6900(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000002cd11000 CR3: 00000001109ea001 CR4: 0000000000370eb0 Call Trace: ? __die_body.cold+0x14/0x25 ? die+0x2e/0x50 ? do_trap+0xca/0x110 ? do_error_trap+0x65/0x80 ? __blk_rq_map_sg+0x339/0x4a0 ? exc_invalid_op+0x50/0x70 ? __blk_rq_map_sg+0x339/0x4a0 ? asm_exc_invalid_op+0x1a/0x20 ? __blk_rq_map_sg+0x339/0x4a0 nvme_prep_rq.part.0+0x9d/0x770 nvme_queue_rq+0x7d/0x1e0 __blk_mq_issue_directly+0x2a/0x90 ? blk_mq_get_budget_and_tag+0x61/0x90 blk_mq_try_issue_list_directly+0x56/0xf0 blk_mq_flush_plug_list.part.0+0x52b/0x5d0 __blk_flush_plug+0xc6/0x110 blk_finish_plug+0x28/0x40 read_pages+0x160/0x1c0 page_cache_ra_unbounded+0x109/0x180 relocate_file_extent_cluster+0x611/0x6a0 ? btrfs_search_slot+0xba4/0xd20 ? balance_dirty_pages_ratelimited_flags+0x26/0xb00 relocate_data_extent.constprop.0+0x134/0x160 relocate_block_group+0x3f2/0x500 btrfs_relocate_block_group+0x250/0x430 btrfs_relocate_chunk+0x3f/0x130 btrfs_balance+0x71b/0xef0 ? kmalloc_trace_noprof+0x13b/0x280 btrfs_ioctl+0x2c2e/0x3030 ? kvfree_call_rcu+0x1e6/0x340 ? list_lru_add_obj+0x66/0x80 ? mntput_no_expire+0x3a/0x220 __x64_sys_ioctl+0x96/0xc0 do_syscall_64+0x54/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7fcc04514f9b Code: Unable to access opcode bytes at 0x7fcc04514f71. RSP: 002b:00007ffeba923370 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fcc04514f9b RDX: 00007ffeba923460 RSI: 00000000c4009420 RDI: 0000000000000003 RBP: 0000000000000000 R08: 0000000000000013 R09: 0000000000000001 R10: 00007fcc043fbba8 R11: 0000000000000246 R12: 00007ffeba924fc5 R13: 00007ffeba923460 R14: 0000000000000002 R15: 00000000004d4bb0 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:__blk_rq_map_sg+0x339/0x4a0 RSP: 0018:ffffc90001a43820 EFLAGS: 00010202 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffea00045d4802 RDX: 0000000117520000 RSI: 0000000000000000 RDI: ffff8881027d1000 RBP: 0000000000003000 R08: ffffea00045d4902 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000001000 R12: ffff8881003d10b8 R13: ffffc90001a438f0 R14: 0000000000000000 R15: 0000000000003000 FS: 00007fcc048a6900(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fcc04514f71 CR3: 00000001109ea001 CR4: 0000000000370eb0 Kernel panic - not syncing: Fatal exception Kernel Offset: disabled ---[ end Kernel panic - not syncing: Fatal exception ]--- So in case of a relocation on a RAID stripe-tree based file system, skip the readahead. Reviewed-by: Josef Bacik Reviewed-by: Qu Wenruo Signed-off-by: Johannes Thumshirn Reviewed-by: David Sterba Signed-off-by: David Sterba commit f4d39cf1cebfb83f76ffdd632958248aff364e33 Author: Johannes Thumshirn Date: Wed Jul 31 22:43:05 2024 +0200 btrfs: set search_commit_root on stripe io in case of relocation Set rst_search_commit_root in the btrfs_io_stripe we're passing to btrfs_map_block() in case we're doing data relocation. Reviewed-by: Josef Bacik Reviewed-by: Qu Wenruo Signed-off-by: Johannes Thumshirn Signed-off-by: David Sterba commit d6106f0dc502c8ec375d6612418f7aa0e3e7d2b7 Author: Johannes Thumshirn Date: Wed Jul 31 22:43:04 2024 +0200 btrfs: rename btrfs_io_stripe::is_scrub to rst_search_commit_root Rename 'btrfs_io_stripe::is_scrub' to 'rst_search_commit_root'. While 'is_scrub' describes the state of the io_stripe (it is a stripe submitted by scrub) it does not describe the purpose, namely looking at the commit root when searching RAID stripe-tree entries. Renaming the stripe to rst_search_commit_root describes this purpose. Reviewed-by: Josef Bacik Reviewed-by: Qu Wenruo Signed-off-by: Johannes Thumshirn Reviewed-by: David Sterba Signed-off-by: David Sterba commit f8428360c8f9eca3bf355cdf10b789f880d61b47 Author: Johannes Thumshirn Date: Wed Jul 31 22:43:03 2024 +0200 btrfs: don't dump stripe-tree on lookup error This just creates unnecessary noise and doesn't provide any insights into debugging RAID stripe-tree related issues. Reviewed-by: Josef Bacik Reviewed-by: Qu Wenruo Signed-off-by: Johannes Thumshirn Reviewed-by: David Sterba Signed-off-by: David Sterba commit f8e9f4a76df65222764c947a1b166ceebb1256dd Author: Boris Burkov Date: Wed Jul 31 12:41:06 2024 -0700 btrfs: add comment about locking in cow_file_range_inline() Add a comment to document the complicated locked_page unlock logic in cow_file_range_inline. The specifically tricky part is that a caller just up the stack converts ret == 0 to ret == 1 and then another caller far up the callstack handles ret == 1 as a success, AND returns without cleanup in that case, both of which "feel" unnatural and led to the original bug. Try to document that somewhat specific callstack logic here to explain the weird un-setting of locked_folio on success. Reviewed-by: Qu Wenruo Signed-off-by: Boris Burkov Signed-off-by: David Sterba commit 68a505bb87f948f72e5d230dfd7b40debdb195ed Author: Filipe Manana Date: Thu Jul 25 11:48:10 2024 +0100 btrfs: more efficient chunk map iteration when device replace finishes When iterating the chunk maps when a device replace finishes we are doing a full rbtree search for each chunk map, which is not the most efficient thing to do, wasting CPU time. As we are holding a write lock on the tree during the whole iteration, we can simply start from the first node in the tree and then move to the next chunk map by doing a rb_next() call - the only exception is when we need to reschedule, in which case we have to do a full rbtree search since we dropped the write lock and the tree may have changed (chunk maps may have been removed and the tree got rebalanced). So just do that. Signed-off-by: Filipe Manana Reviewed-by: David Sterba Signed-off-by: David Sterba commit b79f1c2caadc5c6251241977c7987fefdeadc2d9 Author: Filipe Manana Date: Thu Jul 25 10:46:01 2024 +0100 btrfs: reschedule when updating chunk maps at the end of a device replace At the end of a device replace we must go over all the chunk maps and update their stripes to point to the target device instead of the source device. We iterate over the chunk maps while holding a write lock and we never reschedule, which can result in monopolizing a CPU for too long and blocking readers for too long (it's a rw lock, non-blocking). So improve on this by rescheduling if necessary. This is safe because at this point we are holding the chunk mutex, which means no new chunks can be allocated and therefore we don't risk missing a new chunk map that covers a range behind the last one we processed before rescheduling. Signed-off-by: Filipe Manana Reviewed-by: David Sterba Signed-off-by: David Sterba commit 5fe191244955f334e35bc4ebaadf3300f22b6b41 Author: Josef Bacik Date: Wed Jul 24 20:39:35 2024 -0400 btrfs: convert extent_range_clear_dirty_for_io() to use a folio Instead of getting a page and using that to clear dirty for io, use the folio helper and use the appropriate folio functions. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit c86d3aac8146ea5df911a037b9cf32881783d4e9 Author: Josef Bacik Date: Wed Jul 24 20:37:20 2024 -0400 btrfs: convert insert_inline_extent() to use a folio We only use a page to copy in the data for the inline extent. Use a folio for this instead. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 1bbf3a3aea3b5f40ad25edfe11bf652fed1b730d Author: Josef Bacik Date: Wed Jul 24 20:22:32 2024 -0400 btrfs: convert btrfs_set_range_writeback() to use a folio We already use a lot of functions here that use folios, update the function to use __filemap_get_folio instead of find_get_page and then use the folio directly. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit dfc9e3017aa71211a11d0b479552af6ee3f9d9b2 Author: Josef Bacik Date: Wed Jul 24 20:20:24 2024 -0400 btrfs: convert wait_subpage_spinlock() to only use a folio Currently this already uses a folio for most things, update it to take a folio and update all the page usage with the corresponding folio usage. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 1a48259d9b6a4331a932700cc884681433b26244 Author: Josef Bacik Date: Wed Jul 24 20:17:26 2024 -0400 btrfs: convert find_next_dirty_byte() to take a folio We already use a folio some in this function, replace all page usage with the folio and update the function to take the folio as an argument. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 7ed07d16624a6452ad048f9e1186eafd600582e5 Author: Josef Bacik Date: Wed Jul 24 19:28:26 2024 -0400 btrfs: convert __get_extent_map() to take a folio Now that btrfs_get_extent takes a folio, update __get_extent_map to take a folio as well. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit dce9ef941205db02c8e7b01e0091f8115d024be1 Author: Josef Bacik Date: Wed Jul 24 19:26:58 2024 -0400 btrfs: convert btrfs_get_extent() to take a folio We only pass this into read_inline_extent, change it to take a folio and update the callers. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 220e77c412d342c5961b6d5440935c2e466724b5 Author: Josef Bacik Date: Wed Jul 24 19:25:10 2024 -0400 btrfs: convert read_inline_extent() to use a folio Instead of using a page, use a folio instead, take a folio as an argument, and update the callers appropriately. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 752965824b6d7e1d7e144985dbd48e68f742ae35 Author: Josef Bacik Date: Wed Jul 24 17:38:46 2024 -0400 btrfs: convert uncompress_inline() to take a folio Update uncompress_inline to take a folio and update it's usage accordingly. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 1b5125bbd42541d4fb954e9636284d0387d2b7f7 Author: Josef Bacik Date: Wed Jul 24 17:28:05 2024 -0400 btrfs: convert struct btrfs_writepage_fixup to use a folio Now the fixup creator and consumer use folios, change this to use a folio as well. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit d71b53c3cb0ad0df8c0dfc1ea9a6507e010794da Author: Josef Bacik Date: Wed Jul 24 17:26:31 2024 -0400 btrfs: convert btrfs_writepage_cow_fixup() to use folio Instead of a page, use a folio for btrfs_writepage_cow_fixup. We already have a folio at the only caller, and the fixup worker uses folios. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 7d003cc2b3ef45e3ad78ec48ddeaaaae19f734cc Author: Josef Bacik Date: Wed Jul 24 17:21:25 2024 -0400 btrfs: convert btrfs_writepage_fixup_worker() to use a folio This function heavily messes with pages, instead update it to use a folio. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 0d1170681098c4747dd15d44741dc10e83229a58 Author: Josef Bacik Date: Wed Jul 24 17:13:17 2024 -0400 btrfs: convert submit_uncompressed_range() to take a folio This mostly uses folios already, update it to take a folio and update the rest of the function to use the folio instead of the page. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 3ed984b5d0cccdfe273e29bd19e588a704bc4b93 Author: Josef Bacik Date: Wed Jul 24 17:09:33 2024 -0400 btrfs: convert struct async_chunk to hold a folio Instead of passing in the page for ->locked_page, make it hold a locked_folio and then update the users of async_chunk to act accordingly. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 2609c9289f423e3d2d4044ddace4a0fb1939e9c3 Author: Josef Bacik Date: Wed Jul 24 16:56:32 2024 -0400 btrfs: convert btrfs_run_delalloc_range() to take a folio Now that every function that btrfs_run_delalloc_range calls takes a folio, update it to take a folio and update the callers. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit d9c750272d94792266b3f0c816d3a927e964bc78 Author: Josef Bacik Date: Wed Jul 24 16:52:57 2024 -0400 btrfs: convert run_delalloc_compressed() to take a folio This just passes the page into the compressed machinery to keep track of the locked page. Update this to take a folio and convert it to a page where appropriate. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 94cea66d1c742585a9d6ffc7345d816e6a7e1f1b Author: Josef Bacik Date: Wed Jul 24 16:49:54 2024 -0400 btrfs: convert btrfs_cleanup_ordered_extents() to take a folio Now that btrfs_cleanup_ordered_extents is operating mostly with folios, update it to use a folio instead of a page, and the update the function and the callers as appropriate. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit b38ec94ab95b6aa0c6d636ff264a3b150a32c8ca Author: Josef Bacik Date: Wed Jul 24 16:46:01 2024 -0400 btrfs: convert btrfs_cleanup_ordered_extents() to use folios We walk through pages in this function and clear ordered, and the function for this uses folios. Update the function to use a folio for this whole operation. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 42a5947b1c21d2cd156607058f0b844012ac7b6e Author: Josef Bacik Date: Wed Jul 24 16:42:23 2024 -0400 btrfs: convert run_delalloc_nocow() to take a folio Now all of the functions that use locked_page in run_delalloc_nocow take a folio, update it to take a folio and update the caller. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 39bbc56a9cb135a32d29ea534a9f219c4c406ea7 Author: Josef Bacik Date: Wed Jul 24 16:40:34 2024 -0400 btrfs: convert fallback_to_cow() to take a folio With this we can pass the folio directly into cow_file_range(). Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 4cf7e0562f5f1819d658f8bc6349a787bafc9da6 Author: Josef Bacik Date: Wed Jul 24 16:37:29 2024 -0400 btrfs: convert cow_file_range() to take a folio Convert this to take a folio and pass it into all of the various cleanup functions. Update the callers to pass in a folio instead. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 9f5db28074ade4edf8cf081927134f7eebd912f3 Author: Josef Bacik Date: Fri Jul 26 15:25:45 2024 -0400 btrfs: convert cow_file_range_inline() to take a folio Now that we want the folio in this function, convert it to take a folio directly and use that. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 2cdc1fbb1b1558b5ca1fe81d4fee723f09940bba Author: Josef Bacik Date: Wed Jul 24 16:34:15 2024 -0400 btrfs: convert run_delalloc_cow() to take a folio We pass the folio into extent_write_locked_range, go ahead and take a folio to pass along, and update the callers to pass in a folio. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 01e11841f0cf6c102821a7c8d9f7f49e7b2d0b5b Author: Josef Bacik Date: Wed Jul 24 16:31:44 2024 -0400 btrfs: convert extent_write_locked_range() to take a folio This mostly uses folios, convert it to take a folio instead and update the callers to pass in the folio. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit a67f5405827e5259dfe8a094f1f13e7b48d675df Author: Josef Bacik Date: Wed Jul 24 16:29:18 2024 -0400 btrfs: convert extent_clear_unlock_delalloc() to take a folio Instead of taking the locked page, take the locked folio so we can pass that into __process_folios_contig. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit c9ce51d67f385f513502a95bdc647c62345cb612 Author: Josef Bacik Date: Wed Jul 24 16:22:15 2024 -0400 btrfs: convert process_one_page() to operate only on folios Now that this mostly uses folios, update it to take folios, use the folios that are passed in, and rename from process_one_page => process_one_folio. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit a59ff7201a1586a76035140c8871e0e8c3a89449 Author: Josef Bacik Date: Wed Jul 24 16:20:02 2024 -0400 btrfs: convert __process_pages_contig() to take a folio This operates mostly on folios, update it to take a folio for the locked folio instead of the page, rename from __process_pages_contig => __process_folios_contig. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 79be4a28d834eacab2e827985f8fa7951a9122b5 Author: Josef Bacik Date: Wed Jul 24 16:17:43 2024 -0400 btrfs: convert __unlock_for_delalloc() to take a folio All of the callers have a folio at this point, update __unlock_for_delalloc to take a folio so that it's consistent with its callers. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit e4d80ebe50de25f1a3c32b7a307bcfc52c9d21ae Author: Josef Bacik Date: Wed Jul 24 16:15:13 2024 -0400 btrfs: convert lock_delalloc_pages() to take a folio Also rename lock_delalloc_pages => lock_delalloc_folios in the process, now that it exclusively works on folios. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit c987f1e6d4435a6f1f62d82705ef8177823ae703 Author: Josef Bacik Date: Wed Jul 24 16:08:13 2024 -0400 btrfs: convert find_lock_delalloc_range() to use a folio Instead of passing in a page for locked_page, pass in the folio instead. We only use the folio itself to validate some range assumptions, and then pass it into other functions. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit dc6c745447c57d115e48f23dbcad00c20c937cca Author: Josef Bacik Date: Wed Jul 24 16:03:04 2024 -0400 btrfs: convert writepage_delalloc() to take a folio We already use a folio heavily in this function, pass the folio in directly and use it everywhere, only passing the page down to functions that do not take a folio yet. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit a79228011c75f9123ba2dbfd010cba27ea87b973 Author: Josef Bacik Date: Wed Jul 24 15:57:10 2024 -0400 btrfs: convert btrfs_mark_ordered_io_finished() to take a folio We only need a folio now, make it take a folio as an argument and update all of the callers. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit aef665d69ad15afaebdc2c32b3e58fc526ba6c3d Author: Josef Bacik Date: Wed Jul 24 15:53:18 2024 -0400 btrfs: convert btrfs_finish_ordered_extent() to take a folio The callers and callee's of this now all use folios, update it to take a folio as well. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 0a577636a9399d40c1da68fc61ebfbe21f793739 Author: Josef Bacik Date: Wed Jul 24 15:49:47 2024 -0400 btrfs: convert can_finish_ordered_extent() to use a folio Pass in a folio instead, and use a folio instead of a page. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 7e755aa731f704e733768c4e58650910bebc9ce3 Author: Josef Bacik Date: Wed Jul 24 15:24:35 2024 -0400 btrfs: utilize folio more in btrfs_page_mkwrite() We already have a folio that we're using in btrfs_page_mkwrite, update the rest of the function to use folio everywhere else. This will make it easier on Willy when he drops page->index. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit c808c1dcb1b2fe7caf4729e895881d5a87b31621 Author: Josef Bacik Date: Wed Jul 24 15:16:40 2024 -0400 btrfs: convert add_ra_bio_pages() to use only folios Willy is going to get rid of page->index, and add_ra_bio_pages uses page->index. Make his life easier by converting add_ra_bio_pages to use folios so that we are no longer using page->index. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 9b320229c03bbc45e60c59041e79b3cedcea2fdf Author: Josef Bacik Date: Wed Jul 24 14:58:22 2024 -0400 btrfs: convert __extent_writepage() to be completely folio based Now that we've gotten most of the helpers updated to only take a folio, update __extent_writepage to only deal in folios. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit c1deaa1438916f263abfa48b389ef0625c2806ee Author: Josef Bacik Date: Wed Jul 24 14:50:51 2024 -0400 btrfs: convert extent_write_locked_range() to use folios Instead of using pages for everything, find a folio and use that. This makes things a bit cleaner as a lot of the functions calls here all take folios. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit b8a6263eae0e4290fd699a0ff55eb3f3e121f498 Author: Josef Bacik Date: Wed Jul 24 14:38:01 2024 -0400 btrfs: convert __extent_writepage_io() to take a folio __extent_writepage_io uses page everywhere, but a lot of these functions take a folio. Convert it to use the folio based helpers, and then change it to take a folio as an argument and update its callers. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 9e97e8b277a2235bbb562a4feb6f1216fb52d1b1 Author: Josef Bacik Date: Tue Jul 23 17:12:15 2024 -0400 btrfs: update the writepage tracepoint to take a folio Willy is wanting to get rid of page->index, convert the writepage tracepoint to take a folio so we can do folio->index instead of page->index. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 56a24a30a45603204bdee2f0fb280ee9eb723c11 Author: Josef Bacik Date: Tue Jul 23 17:06:03 2024 -0400 btrfs: convert btrfs_do_readpage() to only use a folio Now that the callers and helpers mostly use folio, convert btrfs_do_readpage to take a folio, and rename it to btrfs_do_read_folio. Update all of the page stuff to use the folio based helpers instead. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit b35397d1d325f43a360489bb6f740b40668d7005 Author: Josef Bacik Date: Tue Jul 23 16:32:29 2024 -0400 btrfs: convert submit_extent_page() to use a folio The callers of this helper are going to be converted to using a folio, so adjust submit_extent_page to become submit_extent_folio and update it to use all the relevant folio helpers. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit fcf50d161c622f18d8ecc4f0925b452349d9f1f0 Author: Josef Bacik Date: Tue Jul 23 16:19:12 2024 -0400 btrfs: convert begin_page_folio() to take a folio instead This already uses a folio internally, change it to take a folio as an argument instead. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 645006d87cd8236855eedc860ef16842c34e1296 Author: Josef Bacik Date: Tue Jul 23 16:16:20 2024 -0400 btrfs: convert end_page_read() to take a folio We have this helper function to set the page range uptodate once we're done reading it, as well as run fsverity against it. Half of these functions already take a folio, just rename this to end_folio_read and then rework it to take a folio instead, and update everything accordingly. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit e19317ed9e7c5b8646713d3d7b53b8312673faa4 Author: Josef Bacik Date: Tue Jul 23 15:59:34 2024 -0400 btrfs: convert btrfs_read_folio() to only use a folio Currently we're using the page for everything here. Convert this to use the folio helpers instead. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 03d6612648a48d0f5a60a013d4b583b4886807d2 Author: Josef Bacik Date: Tue Jul 23 15:55:33 2024 -0400 btrfs: convert btrfs_readahead() to only use folio We're the only user of readahead_page_batch(). Convert btrfs_readahead() to use the folio based helpers to do readahead. Signed-off-by: Josef Bacik Reviewed-by: David Sterba Signed-off-by: David Sterba commit 45714ff75c3618a191a952ce96ec15724bd4fdb3 Author: Li Zhang Date: Thu Jul 18 00:58:54 2024 +0800 btrfs: print message on device opening error during mount [ENHANCEMENT] When mounting a btrfs filesystem, the filesystem opens the block device, and if this fails, there is no message about it. Print a message about it to help debugging. [TEST] I have a btrfs filesystem on three block devices, one of which is write-protected, so regular mounts fail, but there is no message in dmesg. /dev/vdb normal /dev/vdc write protected /dev/vdd normal Before patch: $ sudo mount /dev/vdb /mnt/ mount: mount(2) failed: no such file or directory $ sudo dmesg # Show only messages about missing block devices .... [ 352.947196] BTRFS error (device vdb): devid 2 uuid 4ee2c625-a3b2-4fe0-b411-756b23e08533 missing .... After patch: $ sudo mount /dev/vdb /mnt/ mount: mount(2) failed: no such file or directory $ sudo dmesg # Show bdev_file_open_by_path failed. .... [ 352.944328] BTRFS error: failed to open device for path /dev/vdc with flags 0x3: -13 [ 352.947196] BTRFS error (device vdb): missing devid 2 uuid 4ee2c625-a3b2-4fe0-b411-756b23e08533 .... Signed-off-by: Li Zhang Reviewed-by: David Sterba Signed-off-by: David Sterba commit c92bf5df8a120f4ee91832faee373570d83cbb13 Author: Qu Wenruo Date: Wed Jul 24 14:29:02 2024 +0930 btrfs: move uuid tree related code to uuid-tree.[ch] Functions btrfs_uuid_scan_kthread() and btrfs_create_uuid_tree() are for UUID tree rescan and creation, it's not suitable for volumes.[ch]. Move them to uuid-tree.[ch] instead. Signed-off-by: Qu Wenruo Reviewed-by: David Sterba Signed-off-by: David Sterba commit ab094670fab468aef551aafc197cdf4cf1a2e611 Author: Filipe Manana Date: Tue Jul 23 15:21:22 2024 +0100 btrfs: reduce size and overhead of extent_map_block_end() At extent_map_block_end() we are calling the inline functions extent_map_block_start() and extent_map_block_len() multiple times, which results in expanding their code multiple times, increasing the compiled code size and repeating the computations those functions do. Improve this by caching their results in local variables. The size of the module before this change: $ size fs/btrfs/btrfs.ko text data bss dec hex filename 1755770 163800 16920 1936490 1d8c6a fs/btrfs/btrfs.ko And after this change: $ size fs/btrfs/btrfs.ko text data bss dec hex filename 1755656 163800 16920 1936376 1d8bf8 fs/btrfs/btrfs.ko Reviewed-by: Josef Bacik Reviewed-by: Qu Wenruo Signed-off-by: Filipe Manana Reviewed-by: David Sterba Signed-off-by: David Sterba commit 7fa5230b46f2c333f090716c52e99a0fbbee5fbd Author: Johannes Thumshirn Date: Tue Jul 9 09:40:34 2024 +0200 btrfs: update stripe_extent delete loop assumptions btrfs_delete_raid_extent() was written under the assumption, that it's call-chain always passes a start, length tuple that matches a single extent. But btrfs_delete_raid_extent() is called by do_free_extent_accounting() which in turn is called by __btrfs_free_extent(). But this call-chain passes in a start address and a length that can possibly match multiple on-disk extents. To make this possible, we have to adjust the start and length of each btree node lookup, to not delete beyond the requested range. Reviewed-by: Qu Wenruo Signed-off-by: Johannes Thumshirn Signed-off-by: David Sterba commit 8c4cba2adbb0ec63f3833cad7452a431580e9ffa Author: Johannes Thumshirn Date: Mon Jul 8 13:24:08 2024 +0200 btrfs: update stripe extents for existing logical addresses Update a stripe extent in case of an already existing logical address, but with different physical addresses and/or device id instead of bailing out with EEXIST. This can happen i.e. in case of a device replace operation, where data extents get rewritten to a new disk. Reviewed-by: Qu Wenruo Signed-off-by: Johannes Thumshirn Signed-off-by: David Sterba commit 2d5a333e09c388189238291577e443221baacba0 Author: Arnd Bergmann Date: Mon Sep 9 20:21:09 2024 +0000 nvme-tcp: fix link failure for TCP auth The nvme fabric driver calls the nvme_tls_key_lookup() function from nvmf_parse_key() when the keyring is enabled, but this is broken in a configuration with CONFIG_NVME_FABRICS=y and CONFIG_NVME_TCP=m because this leads to the function definition being in a loadable module: x86_64-linux-ld: vmlinux.o: in function `nvmf_parse_key': fabrics.c:(.text+0xb1bdec): undefined reference to `nvme_tls_key_lookup' Move the 'select' up to CONFIG_NVME_FABRICS itself to force this part to be built-in as well if needed. Fixes: 5bc46b49c828 ("nvme-tcp: check for invalidated or revoked key") Signed-off-by: Arnd Bergmann Reviewed-by: Sagi Grimberg Signed-off-by: Keith Busch commit f4ccc0a2a0c5977540f519588636b5bc81aae2db Author: Junxian Huang Date: Mon Sep 9 14:53:31 2024 +0800 RDMA/hns: Fix restricted __le16 degrades to integer issue Fix sparse warnings: restricted __le16 degrades to integer. Fixes: 5a87279591a1 ("RDMA/hns: Support hns HW stats") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409080508.g4mNSLwy-lkp@intel.com/ Signed-off-by: Junxian Huang Link: https://patch.msgid.link/20240909065331.3950268-1-huangjunxian6@hisilicon.com Signed-off-by: Leon Romanovsky commit 9cd30319bbd497b9fac13e822f184b84fd50ef88 Author: Zhang Zekun Date: Mon Sep 9 20:14:08 2024 +0800 IB/qib: Remove unused declarations in header file The definition of qib_rc_rnr_retry() has been removed since commit b4238e70579c ("IB/qib: Use new rdmavt timers"). Also, the definition of mr_rcu_callback() has been remove since commit 7c2e11fe2dbe ("IB/qib: Remove qp and mr functionality from qib"). So, let's remove the unused declartions. Signed-off-by: Zhang Zekun Link: https://patch.msgid.link/20240909121408.80079-3-zhangzekun11@huawei.com Signed-off-by: Leon Romanovsky commit e4ed570122544dc39ba953c99380a75a52c01db4 Author: Zhang Zekun Date: Mon Sep 9 20:14:07 2024 +0800 IB/iser: Remove unused declaration in header file The definition of iser_finalize_rdma_unaligned_sg() has been removed since commit dd0107a08996 ("IB/iser: set block queue_virt_boundary"). Let's remove the unused declaration in header file. Signed-off-by: Zhang Zekun Link: https://patch.msgid.link/20240909121408.80079-2-zhangzekun11@huawei.com Reviewed-by: Kalesh AP Reviewed-by: Sagi Grimberg Acked-by: Max Gurtovoy Signed-off-by: Leon Romanovsky commit d05208cf7f05420ad10cc7f9550f91d485523659 Author: Juergen Gross Date: Wed Aug 14 16:47:25 2024 +0200 xen: add capability to remap non-RAM pages to different PFNs When running as a Xen PV dom0 it can happen that the kernel is being loaded to a guest physical address conflicting with the host memory map. In order to be able to resolve this conflict, add the capability to remap non-RAM areas to different guest PFNs. A function to use this remapping information for other purposes than doing the remap will be added when needed. As the number of conflicts should be rather low (currently only machines with max. 1 conflict are known), save the remap data in a small statically allocated array. Signed-off-by: Juergen Gross Reviewed-by: Jan Beulich Signed-off-by: Juergen Gross commit 851e3a2a4490b03bb8dd0cda1b8b2a78f6a92805 Author: Jens Reidel Date: Mon Aug 26 15:49:20 2024 +0200 ASoC: qcom: sm8250: enable primary mi2s When using primary mi2s on sm8250-compatible SoCs, the correct clock needs to get enabled to be able to use the mi2s interface. Signed-off-by: Jens Reidel Tested-by: Danila Tikhonov # sm7325-nothing-spacewar Link: https://patch.msgid.link/20240826134920.55148-2-adrian@travitia.xyz Reviewed-by: Dmitry Baryshkov Signed-off-by: Mark Brown commit fe51f6254d81f5a69c31df16353d6539b2b51630 Author: Junxian Huang Date: Fri Sep 6 17:34:43 2024 +0800 RDMA/hns: Optimize hem allocation performance When allocating MTT hem, for each hop level of each hem that is being allocated, the driver iterates the hem list to find out whether the bt page has been allocated in this hop level. If not, allocate a new one and splice it to the list. The time complexity is O(n^2) in worst cases. Currently the allocation for-loop uses 'unit' as the step size. This actually has taken into account the reuse of last-hop-level MTT bt pages by multiple buffer pages. Thus pages of last hop level will never have been allocated, so there is no need to iterate the hem list in last hop level. Removing this unnecessary iteration can reduce the time complexity to O(n). Fixes: 38389eaa4db1 ("RDMA/hns: Add mtr support for mixed multihop addressing") Signed-off-by: Junxian Huang Link: https://patch.msgid.link/20240906093444.3571619-9-huangjunxian6@hisilicon.com Signed-off-by: Leon Romanovsky commit ce196f6297c7f3ab7780795e40efd6c521f60c8b Author: Chengchang Tang Date: Fri Sep 6 17:34:42 2024 +0800 RDMA/hns: Fix 1bit-ECC recovery address in non-4K OS The 1bit-ECC recovery address read from HW only contain bits 64:12, so it should be fixed left-shifted 12 bits when used. Currently, the driver will shift the address left by PAGE_SHIFT when used, which is wrong in non-4K OS. Fixes: 2de949abd6a5 ("RDMA/hns: Recover 1bit-ECC error of RAM on chip") Signed-off-by: Chengchang Tang Signed-off-by: Junxian Huang Link: https://patch.msgid.link/20240906093444.3571619-8-huangjunxian6@hisilicon.com Signed-off-by: Leon Romanovsky commit 4321feefa5501a746ebf6a7d8b59e6b955ae1860 Author: Junxian Huang Date: Fri Sep 6 17:34:41 2024 +0800 RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler In abnormal interrupt handler, a PF reset will be triggered even if the device is a VF. It should be a VF reset. Fixes: 2b9acb9a97fe ("RDMA/hns: Add the process of AEQ overflow for hip08") Signed-off-by: Junxian Huang Link: https://patch.msgid.link/20240906093444.3571619-7-huangjunxian6@hisilicon.com Signed-off-by: Leon Romanovsky commit 74d315b5af180220d561684d15897730135733a6 Author: Chengchang Tang Date: Fri Sep 6 17:34:40 2024 +0800 RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled Fix missuse of spin_lock_irq()/spin_unlock_irq() when spin_lock_irqsave()/spin_lock_irqrestore() was hold. This was discovered through the lock debugging, and the corresponding log is as follows: raw_local_irq_restore() called with IRQs enabled WARNING: CPU: 96 PID: 2074 at kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0x30/0x40 ... Call trace: warn_bogus_irq_restore+0x30/0x40 _raw_spin_unlock_irqrestore+0x84/0xc8 add_qp_to_list+0x11c/0x148 [hns_roce_hw_v2] hns_roce_create_qp_common.constprop.0+0x240/0x780 [hns_roce_hw_v2] hns_roce_create_qp+0x98/0x160 [hns_roce_hw_v2] create_qp+0x138/0x258 ib_create_qp_kernel+0x50/0xe8 create_mad_qp+0xa8/0x128 ib_mad_port_open+0x218/0x448 ib_mad_init_device+0x70/0x1f8 add_client_context+0xfc/0x220 enable_device_and_get+0xd0/0x140 ib_register_device.part.0+0xf4/0x1c8 ib_register_device+0x34/0x50 hns_roce_register_device+0x174/0x3d0 [hns_roce_hw_v2] hns_roce_init+0xfc/0x2c0 [hns_roce_hw_v2] __hns_roce_hw_v2_init_instance+0x7c/0x1d0 [hns_roce_hw_v2] hns_roce_hw_v2_init_instance+0x9c/0x180 [hns_roce_hw_v2] Fixes: 9a4435375cd1 ("IB/hns: Add driver files for hns RoCE driver") Signed-off-by: Chengchang Tang Signed-off-by: Junxian Huang Link: https://patch.msgid.link/20240906093444.3571619-6-huangjunxian6@hisilicon.com Signed-off-by: Leon Romanovsky commit d586628b169d14bbf36be64d2b3ec9d9d2fe0432 Author: wenglianfa Date: Fri Sep 6 17:34:39 2024 +0800 RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() The max value of 'unit' and 'hop_num' is 2^24 and 2, so the value of 'step' may exceed the range of u32. Change the type of 'step' to u64. Fixes: 38389eaa4db1 ("RDMA/hns: Add mtr support for mixed multihop addressing") Signed-off-by: wenglianfa Signed-off-by: Junxian Huang Link: https://patch.msgid.link/20240906093444.3571619-5-huangjunxian6@hisilicon.com Signed-off-by: Leon Romanovsky commit fd8489294dd2beefb70f12ec4f6132aeec61a4d0 Author: wenglianfa Date: Fri Sep 6 17:34:37 2024 +0800 RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 Currently rsv_qp is freed before ib_unregister_device() is called on HIP08. During the time interval, users can still dereg MR and rsv_qp will be used in this process, leading to a UAF. Move the release of rsv_qp after calling ib_unregister_device() to fix it. Fixes: 70f92521584f ("RDMA/hns: Use the reserved loopback QPs to free MR before destroying MPT") Signed-off-by: wenglianfa Signed-off-by: Junxian Huang Link: https://patch.msgid.link/20240906093444.3571619-3-huangjunxian6@hisilicon.com Signed-off-by: Leon Romanovsky commit 6928d264e328e0cb5ee7663003a6e46e4cba0a7e Author: Junxian Huang Date: Fri Sep 6 17:34:36 2024 +0800 RDMA/hns: Don't modify rq next block addr in HIP09 QPC The field 'rq next block addr' in QPC can be updated by driver only on HIP08. On HIP09 HW updates this field while driver is not allowed. Fixes: 926a01dc000d ("RDMA/hns: Add QP operations support for hip08 SoC") Signed-off-by: Junxian Huang Link: https://patch.msgid.link/20240906093444.3571619-2-huangjunxian6@hisilicon.com Signed-off-by: Leon Romanovsky commit 3278024540e882b21e915afb507522e8e01ca160 Author: Howard Chu Date: Sun Aug 25 00:33:21 2024 +0800 perf trace: Add --force-btf for debugging If --force-btf is enabled, prefer btf_dump general pretty printer to perf trace's customized pretty printers. Mostly for debug purposes. Committer testing: diff before/after shows we need several improvements to be able to compare the changes, first we need to cut off/disable mutable data such as pids and timestamps, then what is left are the buffer addresses passed from userspace, returned from kernel space, maybe we can ask 'perf trace' to go on making those reproducible. That would entail a Pointer Address Translation (PAT) like for networking, that would, for simple, reproducible if not for these details, workloads, that we would then use in our regression tests. Enough digression, this is one such diff: openat(dfd: CWD, filename: "/usr/share/locale/locale.alias", flags: RDONLY|CLOEXEC) = 3 -fstat(fd: 3, statbuf: 0x7fff01f212a0) = 0 -read(fd: 3, buf: 0x5596bab2d630, count: 4096) = 2998 -read(fd: 3, buf: 0x5596bab2d630, count: 4096) = 0 +fstat(fd: 3, statbuf: 0x7ffc163cf0e0) = 0 +read(fd: 3, buf: 0x55b4e0631630, count: 4096) = 2998 +read(fd: 3, buf: 0x55b4e0631630, count: 4096) = 0 close(fd: 3) = 0 openat(dfd: CWD, filename: "/usr/share/locale/en_US.UTF-8/LC_MESSAGES/coreutils.mo") = -1 ENOENT (No such file or directory) openat(dfd: CWD, filename: "/usr/share/locale/en_US.utf8/LC_MESSAGES/coreutils.mo") = -1 ENOENT (No such file or directory) @@ -45,7 +45,7 @@ openat(dfd: CWD, filename: "/usr/share/locale/en.UTF-8/LC_MESSAGES/coreutils.mo") = -1 ENOENT (No such file or directory) openat(dfd: CWD, filename: "/usr/share/locale/en.utf8/LC_MESSAGES/coreutils.mo") = -1 ENOENT (No such file or directory) openat(dfd: CWD, filename: "/usr/share/locale/en/LC_MESSAGES/coreutils.mo") = -1 ENOENT (No such file or directory) -{ .tv_sec: 1, .tv_nsec: 0 }, rmtp: 0x7fff01f21990) = 0 +(struct __kernel_timespec){.tv_sec = (__kernel_time64_t)1,}, rmtp: 0x7ffc163cf7d0) = The problem more close to our hands is to make the libbpf BTF pretty printer to have a mode that closely resembles what we're trying to resemble: strace output. Being able to run something with 'perf trace' and with 'strace' and get the exact same output should be of interest of anybody wanting to have strace and 'perf trace' regression tested against each other. That last part is 'perf trace' shot at being something so useful as strace... ;-) Suggested-by: Arnaldo Carvalho de Melo Signed-off-by: Howard Chu Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240824163322.60796-8-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit a68fd6a6cdd309bb51c72df4a39f49aa408728d0 Author: Howard Chu Date: Sun Aug 25 00:33:20 2024 +0800 perf trace: Collect augmented data using BPF Include trace_augment.h for TRACE_AUG_MAX_BUF, so that BPF reads TRACE_AUG_MAX_BUF bytes of buffer maximum. Determine what type of argument and how many bytes to read from user space, us ing the value in the beauty_map. This is the relation of parameter type and its corres ponding value in the beauty map, and how many bytes we read eventually: string: 1 -> size of string (till null) struct: size of struct -> size of struct buffer: -1 * (index of paired len) -> value of paired len (maximum: TRACE_AUG_ MAX_BUF) After reading from user space, we output the augmented data using bpf_perf_event_output(). If the struct augmenter, augment_sys_enter() failed, we fall back to using bpf_tail_call(). I have to make the payload 6 times the size of augmented_arg, to pass the BPF verifier. Signed-off-by: Howard Chu Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240815013626.935097-10-howardchu95@gmail.com Link: https://lore.kernel.org/r/20240824163322.60796-7-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit b257fac12f38d7f503b932313d704cee21092350 Author: Howard Chu Date: Sun Aug 25 00:33:19 2024 +0800 perf trace: Pretty print buffer data Define TRACE_AUG_MAX_BUF in trace_augment.h data, which is the maximum buffer size we can augment. BPF will include this header too. Print buffer in a way that's different than just printing a string, we print all the control characters in \digits (such as \0 for null, and \10 for newline, LF). For character that has a bigger value than 127, we print the digits instead of the character itself as well. Committer notes: Simplified the buffer scnprintf to avoid using multiple buffers as discussed in the patch review thread. We can't really all 'buf' args to SCA_BUF as we're collecting so far just on the sys_enter path, so we would be printing the previous 'read' arg buffer contents, not what the kernel puts there. So instead of: static int syscall_fmt__cmp(const void *name, const void *fmtp) @@ -1987,8 +1989,6 @@ syscall_arg_fmt__init_array(struct syscall_arg_fmt *arg, struct tep_format_field - else if (strstr(field->type, "char *") && strstr(field->name, "buf")) - arg->scnprintf = SCA_BUF; Do: static const struct syscall_fmt syscall_fmts[] = { + { .name = "write", .errpid = true, + .arg = { [1] = { .scnprintf = SCA_BUF /* buf */, from_user = true, }, }, }, Signed-off-by: Howard Chu Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240815013626.935097-8-howardchu95@gmail.com Link: https://lore.kernel.org/r/20240824163322.60796-6-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit cb32035214b9a09df29680a6a4da64d34579bb8f Author: Howard Chu Date: Sun Aug 25 00:33:18 2024 +0800 perf trace: Pretty print struct data Change the arg->augmented.args to arg->augmented.args->value to skip the header for customized pretty printers, since we collect data in BPF using the general augment_sys_enter(), which always adds the header. Use btf_dump API to pretty print augmented struct pointer. Prefer existed pretty-printer than btf general pretty-printer. set compact = true and skip_names = true, so that no newline character and argument name are printed. Committer notes: Simplified the btf_dump_snprintf callback to avoid using multiple buffers, as discussed in the thread accessible via the Link tag below. Also made it do: dump_data_opts.skip_names = !arg->trace->show_arg_names; I.e. show the type and struct field names according to that tunable, we probably need another tunable just for this, but for now if the user wants to see syscall names in addition to its value, it makes sense to see the struct field names according to that tunable. Committer testing: The following have explicitely set beautifiers (SCA_FILENAME, SCA_SOCKADDR and SCA_PERF_ATTR), SCA_FILENAME is here just because we have been wiring up the "renameat2" ("renameat" until recently), so it doesn't use the introduced generic fallback (btf_struct_scnprintf(), see the definition of SCA_PERF_ATTR, SCA_SOCKADDR to see the more feature rich beautifiers, that are not using BTF): root@number:~# rm -f 987654 ; touch 123456 ; perf trace -e rename* mv 123456 987654 0.000 ( 0.039 ms): mv/258478 renameat2(olddfd: CWD, oldname: "123456", newdfd: CWD, newname: "987654", flags: NOREPLACE) = 0 root@number:~# perf trace -e connect,sendto ping -c 1 www.google.com 0.000 ( 0.014 ms): ping/258481 connect(fd: 5, uservaddr: { .family: LOCAL, path: /run/systemd/resolve/io.systemd.Resolve }, addrlen: 42) = 0 0.040 ( 0.003 ms): ping/258481 sendto(fd: 5, buff: 0x55bc317a6980, len: 97, flags: DONTWAIT|NOSIGNAL) = 97 18.742 ( 0.020 ms): ping/258481 sendto(fd: 5, buff: 0x7ffc04768df0, len: 20, addr: { .family: NETLINK }, addr_len: 0xc) = 20 PING www.google.com (142.251.129.68) 56(84) bytes of data. 18.783 ( 0.012 ms): ping/258481 connect(fd: 5, uservaddr: { .family: INET6, port: 0, addr: 2800:3f0:4004:810::2004 }, addrlen: 28) = 0 18.797 ( 0.001 ms): ping/258481 connect(fd: 5, uservaddr: { .family: UNSPEC }, addrlen: 16) = 0 18.800 ( 0.004 ms): ping/258481 connect(fd: 5, uservaddr: { .family: INET, port: 0, addr: 142.251.129.68 }, addrlen: 16) = 0 18.815 ( 0.002 ms): ping/258481 connect(fd: 5, uservaddr: { .family: INET, port: 1025, addr: 142.251.129.68 }, addrlen: 16) = 0 18.862 ( 0.023 ms): ping/258481 sendto(fd: 3, buff: 0x55bc317a0ac0, len: 64, addr: { .family: INET, port: 0, addr: 142.251.129.68 }, addr_len: 0x10) = 64 63.330 ( 0.038 ms): ping/258481 connect(fd: 5, uservaddr: { .family: LOCAL, path: /run/systemd/resolve/io.systemd.Resolve }, addrlen: 42) = 0 63.435 ( 0.010 ms): ping/258481 sendto(fd: 5, buff: 0x55bc317a8340, len: 110, flags: DONTWAIT|NOSIGNAL) = 110 64 bytes from rio07s07-in-f4.1e100.net (142.251.129.68): icmp_seq=1 ttl=49 time=44.2 ms --- www.google.com ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 44.158/44.158/44.158/0.000 ms root@number:~# perf trace -e perf_event_open perf stat -e instructions,cache-misses,syscalls:sys_enter*sleep* sleep 1.23456789 0.000 ( 0.010 ms): :258487/258487 perf_event_open(attr_uptr: { type: 0 (PERF_TYPE_HARDWARE), config: 0xa00000000, disabled: 1, { bp_len, config2 }: 0x900000000, branch_sample_type: USER|COUNTERS, sample_regs_user: 0x3f1b7ffffffff, sample_stack_user: 258487, clockid: -599052088, sample_regs_intr: 0x60a000003eb, sample_max_stack: 14, sig_data: 120259084288 }, cpu: -1, group_fd: -1, flags: FD_CLOEXEC) = 3 0.016 ( 0.002 ms): :258487/258487 perf_event_open(attr_uptr: { type: 0 (PERF_TYPE_HARDWARE), config: 0x400000000, disabled: 1, { bp_len, config2 }: 0x900000000, branch_sample_type: USER|COUNTERS, sample_regs_user: 0x3f1b7ffffffff, sample_stack_user: 258487, clockid: -599044082, sample_regs_intr: 0x60a000003eb, sample_max_stack: 14, sig_data: 120259084288 }, cpu: -1, group_fd: -1, flags: FD_CLOEXEC) = 4 1.838 ( 0.006 ms): perf/258487 perf_event_open(attr_uptr: { type: 0 (PERF_TYPE_HARDWARE), size: 136, config: 0xa00000001, sample_type: IDENTIFIER, read_format: TOTAL_TIME_ENABLED|TOTAL_TIME_RUNNING, disabled: 1, inherit: 1, enable_on_exec: 1, exclude_guest: 1 }, pid: 258488 (perf), cpu: -1, group_fd: -1, flags: FD_CLOEXEC) = 5 1.846 ( 0.002 ms): perf/258487 perf_event_open(attr_uptr: { type: 0 (PERF_TYPE_HARDWARE), size: 136, config: 0x400000001, sample_type: IDENTIFIER, read_format: TOTAL_TIME_ENABLED|TOTAL_TIME_RUNNING, disabled: 1, inherit: 1, enable_on_exec: 1, exclude_guest: 1 }, pid: 258488 (perf), cpu: -1, group_fd: -1, flags: FD_CLOEXEC) = 6 1.849 ( 0.002 ms): perf/258487 perf_event_open(attr_uptr: { type: 0 (PERF_TYPE_HARDWARE), size: 136, config: 0xa00000003, sample_type: IDENTIFIER, read_format: TOTAL_TIME_ENABLED|TOTAL_TIME_RUNNING, disabled: 1, inherit: 1, enable_on_exec: 1, exclude_guest: 1 }, pid: 258488 (perf), cpu: -1, group_fd: -1, flags: FD_CLOEXEC) = 7 1.851 ( 0.002 ms): perf/258487 perf_event_open(attr_uptr: { type: 0 (PERF_TYPE_HARDWARE), size: 136, config: 0x400000003, sample_type: IDENTIFIER, read_format: TOTAL_TIME_ENABLED|TOTAL_TIME_RUNNING, disabled: 1, inherit: 1, enable_on_exec: 1, exclude_guest: 1 }, pid: 258488 (perf), cpu: -1, group_fd: -1, flags: FD_CLOEXEC) = 9 1.853 ( 0.600 ms): perf/258487 perf_event_open(attr_uptr: { type: 2 (tracepoint), size: 136, config: 0x190 (syscalls:sys_enter_nanosleep), sample_type: IDENTIFIER, read_format: TOTAL_TIME_ENABLED|TOTAL_TIME_RUNNING, disabled: 1, inherit: 1, enable_on_exec: 1, exclude_guest: 1 }, pid: 258488 (perf), cpu: -1, group_fd: -1, flags: FD_CLOEXEC) = 10 2.456 ( 0.016 ms): perf/258487 perf_event_open(attr_uptr: { type: 2 (tracepoint), size: 136, config: 0x196 (syscalls:sys_enter_clock_nanosleep), sample_type: IDENTIFIER, read_format: TOTAL_TIME_ENABLED|TOTAL_TIME_RUNNING, disabled: 1, inherit: 1, enable_on_exec: 1, exclude_guest: 1 }, pid: 258488 (perf), cpu: -1, group_fd: -1, flags: FD_CLOEXEC) = 11 Performance counter stats for 'sleep 1.23456789': 1,402,839 cpu_atom/instructions/ cpu_core/instructions/ (0.00%) 11,066 cpu_atom/cache-misses/ cpu_core/cache-misses/ (0.00%) 0 syscalls:sys_enter_nanosleep 1 syscalls:sys_enter_clock_nanosleep 1.236246714 seconds time elapsed 0.000000000 seconds user 0.001308000 seconds sys root@number:~# Now if we use it even for the ones we have a specific beautifier in tools/perf/trace/beauty, i.e. use btf_struct_scnprintf() for all structs, by adding the following patch: @@ -2316,7 +2316,7 @@ static size_t syscall__scnprintf_args(struct syscall *sc, char *bf, size_t size, default_scnprintf = sc->arg_fmt[arg.idx].scnprintf; - if (default_scnprintf == NULL || default_scnprintf == SCA_PTR) { + if (1 || (default_scnprintf == NULL || default_scnprintf == SCA_PTR)) { btf_printed = trace__btf_scnprintf(trace, &arg, bf + printed, size - printed, val, field->type); if (btf_printed) { We get: root@number:~# perf trace -e connect,sendto ping -c 1 www.google.com PING www.google.com (142.251.129.68) 56(84) bytes of data. 0.000 ( 0.015 ms): ping/283259 connect(fd: 5, uservaddr: (struct sockaddr){.sa_family = (sa_family_t)1,(union){.sa_data_min = (char[14])['/','r','u','n','/','s','y','s','t','e','m','d','/','r',],},}, addrlen: 42) = 0 0.046 ( 0.004 ms): ping/283259 sendto(fd: 5, buff: 0x559b008ae980, len: 97, flags: DONTWAIT|NOSIGNAL) = 97 0.353 ( 0.012 ms): ping/283259 sendto(fd: 5, buff: 0x7ffc01294960, len: 20, addr: (struct sockaddr){.sa_family = (sa_family_t)16,}, addr_len: 0xc) = 20 0.377 ( 0.006 ms): ping/283259 connect(fd: 5, uservaddr: (struct sockaddr){.sa_family = (sa_family_t)2,}, addrlen: 16) = 0 0.388 ( 0.010 ms): ping/283259 connect(fd: 5, uservaddr: (struct sockaddr){.sa_family = (sa_family_t)10,}, addrlen: 28) = 0 0.402 ( 0.001 ms): ping/283259 connect(fd: 5, uservaddr: (struct sockaddr){.sa_family = (sa_family_t)2,(union){.sa_data_min = (char[14])[4,1,142,251,129,'D',],},}, addrlen: 16) = 0 0.425 ( 0.045 ms): ping/283259 sendto(fd: 3, buff: 0x559b008a8ac0, len: 64, addr: (struct sockaddr){.sa_family = (sa_family_t)2,}, addr_len: 0x10) = 64 64 bytes from rio07s07-in-f4.1e100.net (142.251.129.68): icmp_seq=1 ttl=49 time=44.1 ms --- www.google.com ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 44.113/44.113/44.113/0.000 ms 44.849 ( 0.038 ms): ping/283259 connect(fd: 5, uservaddr: (struct sockaddr){.sa_family = (sa_family_t)1,(union){.sa_data_min = (char[14])['/','r','u','n','/','s','y','s','t','e','m','d','/','r',],},}, addrlen: 42) = 0 44.927 ( 0.006 ms): ping/283259 sendto(fd: 5, buff: 0x559b008b03d0, len: 110, flags: DONTWAIT|NOSIGNAL) = 110 root@number:~# Which looks sane, i.e.: 18.800 ( 0.004 ms): ping/258481 connect(fd: 5, uservaddr: { .family: INET, port: 0, addr: 142.251.129.68 }, addrlen: 16) = 0 Becomes: 0.402 ( 0.001 ms): ping/283259 connect(fd: 5, uservaddr: (struct sockaddr){.sa_family = (sa_family_t)2,(union){.sa_data_min = (char[14])[4,1,142,251,129,'D',],},}, addrlen: 16) = 0 And. #define AF_UNIX 1 /* Unix domain sockets */ #define AF_LOCAL 1 /* POSIX name for AF_UNIX */ #define AF_INET 2 /* Internet IP Protocol */ #define AF_INET6 10 /* IP version 6 */ And 'D' == 68, so the preexisting sockaddr BPF collector is working with the new generic BTF pretty printer (btf_struct_scnprintf()), its just that it doesn't know about 'struct sockaddr' besides what is in BTF, i.e. its an array of bytes, not an IPv4 address that needs extra massaging. Ditto for the 'struct perf_event_attr' case: 1.851 ( 0.002 ms): perf/258487 perf_event_open(attr_uptr: { type: 0 (PERF_TYPE_HARDWARE), size: 136, config: 0x400000003, sample_type: IDENTIFIER, read_format: TOTAL_TIME_ENABLED|TOTAL_TIME_RUNNING, disabled: 1, inherit: 1, enable_on_exec: 1, exclude_guest: 1 }, pid: 258488 (perf), cpu: -1, group_fd: -1, flags: FD_CLOEXEC) = 9 Becomes: 2.081 ( 0.002 ms): :283304/283304 perf_event_open(attr_uptr: (struct perf_event_attr){.size = (__u32)136,.config = (__u64)17179869187,.sample_type = (__u64)65536,.read_format = (__u64)3,.disabled = (__u64)0x1,.inherit = (__u64)0x1,.enable_on_exec = (__u64)0x1,.exclude_guest = (__u64)0x1,}, pid: 283305 (sleep), cpu: -1, group_fd: -1, flags: FD_CLOEXEC) = 9 hex(17179869187) = 0x400000003, etc. read_format: TOTAL_TIME_ENABLED|TOTAL_TIME_RUNNING is enum perf_event_read_format { PERF_FORMAT_TOTAL_TIME_ENABLED = 1U << 0, PERF_FORMAT_TOTAL_TIME_RUNNING = 1U << 1, and so on. We need to work with the libbpf btf dump api to get one output that matches the 'perf trace'/strace expectations/format, but having this in this current form is already an improvement to 'perf trace', so lets improve from what we have. Signed-off-by: Howard Chu Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240815013626.935097-7-howardchu95@gmail.com Link: https://lore.kernel.org/r/20240824163322.60796-5-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit 7f403067288f05335f7d8b8283ae1dac6cb1ab31 Author: Howard Chu Date: Sun Aug 25 00:33:16 2024 +0800 perf trace: Add trace__bpf_sys_enter_beauty_map() to prepare for fetching data in BPF Set up beauty_map, load it to BPF, in such format: if argument No.3 is a struct of size 32 bytes (of syscall number 114) beauty_map[114][2] = 32; if argument No.3 is a string (of syscall number 114) beauty_map[114][2] = 1; if argument No.3 is a buffer, its size is indicated by argument No.4 (of syscall number 114) beauty_map[114][2] = -4; /* -1 ~ -6, we'll read this buffer size in BPF */ Committer notes: Moved syscall_arg_fmt__cache_btf_struct() from a ifdef HAVE_LIBBPF_SUPPORT to closer to where it is used, that is ifdef'ed on HAVE_BPF_SKEL and thus breaks the build when building with BUILD_BPF_SKEL=0, as detected using 'make -C tools/perf build-test'. Also add 'struct beauty_map_enter' to tools/perf/util/bpf_skel/augmented_raw_syscalls.bpf.c as we're using it in this patch, otherwise we get this while trying to build at this point in the original patch series: builtin-trace.c: In function ‘trace__init_syscalls_bpf_prog_array_maps’: builtin-trace.c:3725:58: error: ‘struct ’ has no member named ‘beauty_map_enter’ 3725 | int beauty_map_fd = bpf_map__fd(trace->skel->maps.beauty_map_enter); | We also have to take into account syscall_arg_fmt.from_user when telling the kernel what to copy in the sys_enter generic collector, we don't want to collect bogus data in buffers that will only be available to us at sys_exit time, i.e. after the kernel has filled it, so leave this for when we have such a sys_exit based collector. Committer testing: Not wired up yet, so all continues to work, using the existing BPF collector and userspace beautifiers that are augmentation aware: root@number:~# rm -f 987654 ; touch 123456 ; perf trace -e rename* mv 123456 987654 0.000 ( 0.031 ms): mv/20888 renameat2(olddfd: CWD, oldname: "123456", newdfd: CWD, newname: "987654", flags: NOREPLACE) = 0 root@number:~# perf trace -e connect,sendto ping -c 1 www.google.com 0.000 ( 0.014 ms): ping/20892 connect(fd: 5, uservaddr: { .family: LOCAL, path: /run/systemd/resolve/io.systemd.Resolve }, addrlen: 42) = 0 0.040 ( 0.003 ms): ping/20892 sendto(fd: 5, buff: 0x560b4ff17980, len: 97, flags: DONTWAIT|NOSIGNAL) = 97 0.480 ( 0.017 ms): ping/20892 sendto(fd: 5, buff: 0x7ffd82d07150, len: 20, addr: { .family: NETLINK }, addr_len: 0xc) = 20 0.526 ( 0.014 ms): ping/20892 connect(fd: 5, uservaddr: { .family: INET6, port: 0, addr: 2800:3f0:4004:810::2004 }, addrlen: 28) = 0 0.542 ( 0.002 ms): ping/20892 connect(fd: 5, uservaddr: { .family: UNSPEC }, addrlen: 16) = 0 0.544 ( 0.004 ms): ping/20892 connect(fd: 5, uservaddr: { .family: INET, port: 0, addr: 142.251.135.100 }, addrlen: 16) = 0 0.559 ( 0.002 ms): ping/20892 connect(fd: 5, uservaddr: { .family: INET, port: 1025, addr: 142.251.135.100 }, addrlen: 16PING www.google.com (142.251.135.100) 56(84) bytes of data. ) = 0 0.589 ( 0.058 ms): ping/20892 sendto(fd: 3, buff: 0x560b4ff11ac0, len: 64, addr: { .family: INET, port: 0, addr: 142.251.135.100 }, addr_len: 0x10) = 64 45.250 ( 0.029 ms): ping/20892 connect(fd: 5, uservaddr: { .family: LOCAL, path: /run/systemd/resolve/io.systemd.Resolve }, addrlen: 42) = 0 45.344 ( 0.012 ms): ping/20892 sendto(fd: 5, buff: 0x560b4ff19340, len: 111, flags: DONTWAIT|NOSIGNAL) = 111 64 bytes from rio09s08-in-f4.1e100.net (142.251.135.100): icmp_seq=1 ttl=49 time=44.4 ms --- www.google.com ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 44.361/44.361/44.361/0.000 ms root@number:~# Signed-off-by: Howard Chu Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240815013626.935097-4-howardchu95@gmail.com Link: https://lore.kernel.org/r/20240824163322.60796-3-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit d92f490cba69fbab495ac21eefff01130be3ec31 Author: Arnaldo Carvalho de Melo Date: Tue Sep 10 09:50:29 2024 -0300 perf trace: Mark bpf's attr as from_user This one has no specific pretty printer right now, so will be handled by the generic BTF based one later in this patch series. Signed-off-by: Arnaldo Carvalho de Melo commit 35b603f8a78b0bd51566db277c4f7b56b3ff6bac Author: Benjamin ROBIN Date: Sun Sep 8 16:08:36 2024 +0200 ntp: Make sure RTC is synchronized when time goes backwards sync_hw_clock() is normally called every 11 minutes when time is synchronized. This issue is that this periodic timer uses the REALTIME clock, so when time moves backwards (the NTP server jumps into the past), the timer expires late. If the timer expires late, which can be days later, the RTC will no longer be updated, which is an issue if the device is abruptly powered OFF during this period. When the device will restart (when powered ON), it will have the date prior to the ADJ_SETOFFSET call. A normal NTP server should not jump in the past like that, but it is possible... Another way of reproducing this issue is to use phc2sys to synchronize the REALTIME clock with, for example, an IRIG timecode with the source always starting at the same date (not synchronized). Also, if the time jump in the future by less than 11 minutes, the RTC may not be updated immediately (minor issue). Consider the following scenario: - Time is synchronized, and sync_hw_clock() was just called (the timer expires in 11 minutes). - A time jump is realized in the future by a couple of minutes. - The time is synchronized again. - Users may expect that RTC to be updated as soon as possible, and not after 11 minutes (for the same reason, if a power loss occurs in this period). Cancel periodic timer on any time jump (ADJ_SETOFFSET) greater than or equal to 1s. The timer will be relaunched at the end of do_adjtimex() if NTP is still considered synced. Otherwise the timer will be relaunched later when NTP is synced. This way, when the time is synchronized again, the RTC is updated after less than 2 seconds. Signed-off-by: Benjamin ROBIN Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240908140836.203911-1-dev@benjarobin.fr commit 2f7eedca6cecbfad52d5b52c1550066d9252c947 Merge: bd7c8ff9fef4b2 da3ea35007d0af Author: Thomas Gleixner Date: Tue Sep 10 13:49:53 2024 +0200 Merge branch 'linus' into timers/core To update with the latest fixes. commit c4d6a804713ac080841d1711a98ae1a6ecaede38 Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:28 2024 +0200 regulator: max77650: Use container_of and constify static data Switch from rdev_get_drvdata() to container_of(), so the static 'struct max77650_regulator_desc' holding 'struct regulator_desc' can be made const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-17-8934704a5787@linaro.org Signed-off-by: Mark Brown commit 7dd36b3287182bc889953f7741bdcef037109210 Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:27 2024 +0200 regulator: hi6421v530: Use container_of and constify static data Switch from rdev_get_drvdata() to container_of(), so the static 'struct hi6421v530_regulator_info' holding 'struct regulator_desc' can be made const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-16-8934704a5787@linaro.org Signed-off-by: Mark Brown commit e9c7ff34c26d009c2f7c3d51236ed5a808dbc0d7 Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:26 2024 +0200 regulator: hi6421v530: Drop unused 'eco_microamp' The hi6421v530_regulator_info.eco_microamp is assigned once and never used again. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-15-8934704a5787@linaro.org Signed-off-by: Mark Brown commit 7eb5d065ec6725d7da9a4f7ba71b6ff4aaf7eb42 Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:25 2024 +0200 regulator: qcom-refgen: Constify static data Driver does not modify static data with regulator description (struct regulator_desc), so make it const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-14-8934704a5787@linaro.org Signed-off-by: Mark Brown commit 6f4fd2b8a5c08656d293ed491335747ff3d34104 Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:24 2024 +0200 regulator: pfuze100: Constify static data Driver does not modify static data with regulator description (struct pfuze_regulator), so make it const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-13-8934704a5787@linaro.org Signed-off-by: Mark Brown commit 7f1bfca46b1524a774d03eccd8042935c453843a Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:23 2024 +0200 regulator: pcap: Constify static data Driver does not modify static data with regulator description (struct pcap_regulator), so make it const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-12-8934704a5787@linaro.org Signed-off-by: Mark Brown commit 90b94a05b6cd54b6ae65d09df86d7b602a228ae1 Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:22 2024 +0200 regulator: mtk-dvfsrc: Constify static data Driver does not modify static data with regulator description (struct regulator_desc), so make it const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-11-8934704a5787@linaro.org Signed-off-by: Mark Brown commit 96d7ee7cb01203ae0b6078631738754424d89cf8 Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:21 2024 +0200 regulator: max77826: Constify static data Driver does not modify static data with regulator description (struct regulator_desc), so make it const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-10-8934704a5787@linaro.org Signed-off-by: Mark Brown commit 653976707d03f9c8e07f1c7733f27c89a1d5eb1c Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:20 2024 +0200 regulator: max77826: Drop unused 'rdesc' in 'struct max77826_regulator_info' The max77826_regulator_info.rdesc is assigned once and never used again. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-9-8934704a5787@linaro.org Signed-off-by: Mark Brown commit 7fb636dc26d6fc532fbc96fc74847afedc128154 Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:19 2024 +0200 regulator: tps65023: Constify static data Driver does not modify static data with regulator description (struct tps_driver_data), so make it const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-8-8934704a5787@linaro.org Signed-off-by: Mark Brown commit 5ec424afc95ab2490ae28b3e7756e6e9b271a5f0 Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:18 2024 +0200 regulator: hi6421v600: Constify static data Driver does not modify static data with regulator description (struct hi6421_spmi_reg_info), so make it const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-7-8934704a5787@linaro.org Signed-off-by: Mark Brown commit b94afa51cad448d7d9bcb600ce267153132369ad Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:17 2024 +0200 regulator: hi6421: Constify static data Driver does not modify static data with regulator description (struct hi6421_regulator_info), so make it const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-6-8934704a5787@linaro.org Signed-off-by: Mark Brown commit b3f1e8e32ef579907fe0c0c9c102bb13883454d6 Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:15 2024 +0200 regulator: da9121: Constify static data Driver does not modify static data with regulator description (struct da9121_range), so make it const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-4-8934704a5787@linaro.org Signed-off-by: Mark Brown commit 0601c1e5c4a1162c909675233645889237b003a2 Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:14 2024 +0200 regulator: da9063: Constify static data Driver does not modify static data with device variant description (struct da9063_dev_model), so make it const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-3-8934704a5787@linaro.org Signed-off-by: Mark Brown commit dfa9e708c63e7833c61f551069d3ff4b03af7895 Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:13 2024 +0200 regulator: da9055: Constify static data Driver does not modify static data with regulators description (struct da9055_regulator_info), so make it const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-2-8934704a5787@linaro.org Signed-off-by: Mark Brown commit 9653007e7d878609be205ced4803ca57be341845 Author: Krzysztof Kozlowski Date: Mon Sep 9 15:51:12 2024 +0200 regulator: da9052: Constify static data Driver does not modify static data with regulators description (struct da9052_regulator_info), so make it const for code safety. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240909-regulator-const-v1-1-8934704a5787@linaro.org Signed-off-by: Mark Brown commit 740c1c84bfa3d8c63bd3b01fb570e7452f51fbd8 Author: Yang Yingliang Date: Tue Sep 10 10:26:17 2024 +0800 spi: remove spi_controller_is_slave() and spi_slave_abort() spi_controller_is_slave() and spi_slave_abort() are all replaced, so they can be removed. No functional changed. Signed-off-by: Yang Yingliang Link: https://patch.msgid.link/20240910022618.1397-8-yangyingliang@huaweicloud.com Signed-off-by: Mark Brown commit 5b2e4d15154cb75e522701c13f66441e29f2caa8 Author: Yang Yingliang Date: Tue Sep 10 10:26:16 2024 +0800 platform/olpc: olpc-xo175-ec: switch to use spi_target_abort(). Switch to use modern name function spi_target_abort(). No functional changed. Signed-off-by: Yang Yingliang Acked-by: Hans de Goede Link: https://patch.msgid.link/20240910022618.1397-7-yangyingliang@huaweicloud.com Signed-off-by: Mark Brown commit be03763d247649b39e62ec55efecb1e7499e2e7f Author: Yang Yingliang Date: Tue Sep 10 10:26:15 2024 +0800 spi: slave-mt27xx: switch to use target_abort Switch to use modern name target_abort. No functional changed. Signed-off-by: Yang Yingliang Link: https://patch.msgid.link/20240910022618.1397-6-yangyingliang@huaweicloud.com Signed-off-by: Mark Brown commit 94628e5a07e71089a61951eb2d2e13685ff82760 Author: Yang Yingliang Date: Tue Sep 10 10:26:14 2024 +0800 spi: spidev: switch to use spi_target_abort() Switch to use modern name function spi_target_abort(). No functional changed. Signed-off-by: Yang Yingliang Link: https://patch.msgid.link/20240910022618.1397-5-yangyingliang@huaweicloud.com Signed-off-by: Mark Brown commit f4bf5454f852b86d3b4be69f058fd36a61cd81bf Author: Yang Yingliang Date: Tue Sep 10 10:26:13 2024 +0800 spi: slave-system-control: switch to use spi_target_abort() Switch to use modern name function spi_target_abort(). No functional changed. Signed-off-by: Yang Yingliang Link: https://patch.msgid.link/20240910022618.1397-4-yangyingliang@huaweicloud.com Signed-off-by: Mark Brown commit 6adfdf0780a7a8a8b185af62302317ab20f1d066 Author: Yang Yingliang Date: Tue Sep 10 10:26:12 2024 +0800 spi: slave-time: switch to use spi_target_abort() Switch to use modern name function spi_target_abort(). No functional changed. Signed-off-by: Yang Yingliang Link: https://patch.msgid.link/20240910022618.1397-3-yangyingliang@huaweicloud.com Signed-off-by: Mark Brown commit 1e0cc8d0a14271fbf6a50e680c8020458121a52b Author: Yang Yingliang Date: Tue Sep 10 10:26:11 2024 +0800 spi: switch to use spi_controller_is_target() Switch to use modern name function spi_controller_is_target(). No functional changed. Signed-off-by: Yang Yingliang Link: https://patch.msgid.link/20240910022618.1397-2-yangyingliang@huaweicloud.com Signed-off-by: Mark Brown commit 886fee35251107e169128723215b1f779a668be5 Author: Yu Jiaoliang Date: Tue Sep 10 14:46:30 2024 +0800 regulator: Fix typos in the comment Fixed some confusing typographical errors: comptabile->compatible, asignment->assignment, Verison->Version, meansurement->measurement, offets->offsets. Signed-off-by: Yu Jiaoliang Link: https://patch.msgid.link/20240910064631.3223441-1-yujiaoliang@vivo.com Signed-off-by: Mark Brown commit 5e6f78cb5f53c52a11090657e917d2d7202aea23 Author: Tang Bin Date: Tue Sep 10 10:11:04 2024 +0800 ASoC: loongson: Add the correct judgement return Use the function dev_err_probe can simplify code, but the error return should not be deleted, that is unreasonable, thus fix it. Fixes: 3d2528d6c021 ("ASoC: loongson: Simplify with dev_err_probe()") Signed-off-by: Tang Bin Link: https://patch.msgid.link/20240910021104.3400-1-tangbin@cmss.chinamobile.com Signed-off-by: Mark Brown commit 86a7f453e99c3c202ac1623557e4f57bd73fc88c Author: Tang Bin Date: Tue Sep 10 09:33:03 2024 +0800 ASoC: soc-ac97: Fix the incorrect description In the function snd_soc_alloc_ac97_component & snd_soc_new_ac97_component, the error return is ERR_PTR, so fix the incorrect description. Fixes: 47e039413cac ("ASoC: Add support for allocating AC'97 device before registering it") Fixes: 7361fbeaeaab ("ASoC: ac97: Add support for resetting device before registration") Signed-off-by: Tang Bin Link: https://patch.msgid.link/20240910013303.2044-1-tangbin@cmss.chinamobile.com Signed-off-by: Mark Brown commit 5ced8b914ed46edff0d265fb6f397bc851f5fd85 Author: Takashi Iwai Date: Tue Sep 10 13:31:41 2024 +0200 ALSA: memalloc: Move snd_malloc_ops definition into memalloc.c again The definition of struct snd_malloc_ops was moved out to memalloc_local.h since there was another code for S/G buffer allocation referring to the struct. But since the code change to use non-contiguous allocators, it's solely referred in memalloc.c, hence it makes little sense to have a separate header file. Let's move it back to memalloc.c. Link: https://patch.msgid.link/20240910113141.32618-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 5e645f31139183ac9a282238da18ca6bbc1c6f4a Merge: bbdd4df35c31fe 8d72eba1cf8cec Author: Ingo Molnar Date: Tue Sep 10 12:28:05 2024 +0200 Merge branch 'perf/urgent' into perf/core, to pick up fixes Signed-off-by: Ingo Molnar commit 525034e2e2ee60d31519af0919e374b0032a70de Author: Alexander Dahl Date: Fri Sep 6 08:22:56 2024 +0200 net: mdiobus: Debug print fwnode handle instead of raw pointer Was slightly misleading before, because printed is pointer to fwnode, not to phy device, as placement in message suggested. Include header for dev_dbg() declaration while at it. Output before: [ +0.001247] mdio_bus f802c000.ethernet-ffffffff: registered phy 2612f00a fwnode at address 3 Output after: [ +0.001229] mdio_bus f802c000.ethernet-ffffffff: registered phy fwnode /ahb/apb/ethernet@f802c000/ethernet-phy@3 at address 3 Reviewed-by: Florian Fainelli Reviewed-by: Andrew Lunn Signed-off-by: Alexander Dahl Link: https://patch.msgid.link/20240906062256.11289-1-ada@thorsis.com Signed-off-by: Paolo Abeni commit f8406a2fd279d05eb4a76c9b77cb740b6f350549 Author: D. Wythe Date: Fri Sep 6 10:35:35 2024 +0800 net/smc: add sysctl for smc_limit_hs In commit 48b6190a0042 ("net/smc: Limit SMC visits when handshake workqueue congested"), we introduce a mechanism to put constraint on SMC connections visit according to the pressure of SMC handshake process. At that time, we believed that controlling the feature through netlink was sufficient. However, most people have realized now that netlink is not convenient in container scenarios, and sysctl is a more suitable approach. In addition, since commit 462791bbfa35 ("net/smc: add sysctl interface for SMC") had introcuded smc_sysctl_net_init(), it is reasonable for us to initialize limit_smc_hs in it instead of initializing it in smc_pnet_net_int(). Signed-off-by: D. Wythe Reviewed-by: Wen Gu Reviewed-by: Jan Karcher Link: https://patch.msgid.link/1725590135-5631-1-git-send-email-alibuda@linux.alibaba.com Signed-off-by: Paolo Abeni commit d00b83d416e73bc3fa4d21b14bec920e88b70ce6 Author: Waiman Long Date: Mon Sep 9 14:29:05 2024 -0400 locking/rwsem: Move is_rwsem_reader_owned() and rwsem_owner() under CONFIG_DEBUG_RWSEMS Both is_rwsem_reader_owned() and rwsem_owner() are currently only used when CONFIG_DEBUG_RWSEMS is defined. This causes a compilation error with clang when `make W=1` and CONFIG_WERROR=y: kernel/locking/rwsem.c:187:20: error: unused function 'is_rwsem_reader_owned' [-Werror,-Wunused-function] 187 | static inline bool is_rwsem_reader_owned(struct rw_semaphore *sem) | ^~~~~~~~~~~~~~~~~~~~~ kernel/locking/rwsem.c:271:35: error: unused function 'rwsem_owner' [-Werror,-Wunused-function] 271 | static inline struct task_struct *rwsem_owner(struct rw_semaphore *sem) | ^~~~~~~~~~~ Fix this by moving these two functions under the CONFIG_DEBUG_RWSEMS define. Reported-by: Andy Shevchenko Signed-off-by: Waiman Long Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Andy Shevchenko Tested-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240909182905.161156-1-longman@redhat.com commit ef493f4b122d6b14a6de111d1acac1eab1d673b0 Author: Kan Liang Date: Mon Sep 9 08:58:48 2024 -0700 perf/x86/intel: Allow to setup LBR for counting event for BPF The BPF subsystem may capture LBR data on a counting event. However, the current implementation assumes that LBR can/should only be used with sampling events. For instance, retsnoop tool ([0]) makes an extensive use of this functionality and sets up perf event as follows: struct perf_event_attr attr; memset(&attr, 0, sizeof(attr)); attr.size = sizeof(attr); attr.type = PERF_TYPE_HARDWARE; attr.config = PERF_COUNT_HW_CPU_CYCLES; attr.sample_type = PERF_SAMPLE_BRANCH_STACK; attr.branch_sample_type = PERF_SAMPLE_BRANCH_KERNEL; To limit the LBR for a sampling event is to avoid unnecessary branch stack setup for a counting event in the sample read. Because LBR is only read in the sampling event's overflow. Although in most cases LBR is used in sampling, there is no HW limit to bind LBR to the sampling mode. Allow an LBR setup for a counting event unless in the sample read mode. Fixes: 85846b27072d ("perf/x86: Add PERF_X86_EVENT_NEEDS_BRANCH_STACK flag") Closes: https://lore.kernel.org/lkml/20240905180055.1221620-1-andrii@kernel.org/ Reported-by: Andrii Nakryiko Signed-off-by: Kan Liang Signed-off-by: Peter Zijlstra (Intel) Acked-by: Andrii Nakryiko Tested-by: Andrii Nakryiko Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240909155848.326640-1-kan.liang@linux.intel.com commit 0246388b9b7963babbdc0960d1f5bef676611346 Author: Lee Trager Date: Thu Sep 5 16:37:51 2024 -0700 eth: fbnic: Add devlink firmware version info This adds support to show firmware version information for both stored and running firmware versions. The version and commit is displayed separately to aid monitoring tools which only care about the version. Example output: # devlink dev info pci/0000:01:00.0: driver fbnic serial_number 88-25-08-ff-ff-01-50-92 versions: running: fw 24.07.15-017 fw.commit h999784ae9df0 fw.bootloader 24.07.10-000 fw.bootloader.commit hfef3ac835ce7 stored: fw 24.07.24-002 fw.commit hc9d14a68b3f2 fw.bootloader 24.07.22-000 fw.bootloader.commit h922f8493eb96 fw.undi 01.00.03-000 Signed-off-by: Lee Trager Reviewed-by: Jakub Kicinski Link: https://patch.msgid.link/20240905233820.1713043-1-lee@trager.us Signed-off-by: Paolo Abeni commit 1d7f856c2ca449f04a22d876e36b464b7a9d28b6 Author: Peter Zijlstra Date: Mon Sep 9 12:50:09 2024 +0200 jump_label: Fix static_key_slow_dec() yet again While commit 83ab38ef0a0b ("jump_label: Fix concurrency issues in static_key_slow_dec()") fixed one problem, it created yet another, notably the following is now possible: slow_dec if (try_dec) // dec_not_one-ish, false // enabled == 1 slow_inc if (inc_not_disabled) // inc_not_zero-ish // enabled == 2 return guard((mutex)(&jump_label_mutex); if (atomic_cmpxchg(1,0)==1) // false, we're 2 slow_dec if (try-dec) // dec_not_one, true // enabled == 1 return else try_dec() // dec_not_one, false WARN Use dec_and_test instead of cmpxchg(), like it was prior to 83ab38ef0a0b. Add a few WARNs for the paranoid. Fixes: 83ab38ef0a0b ("jump_label: Fix concurrency issues in static_key_slow_dec()") Reported-by: "Darrick J. Wong" Tested-by: Klara Modin Signed-off-by: Peter Zijlstra (Intel) commit f0295913c4b4f377c454e06f50c1a04f2f80d9df Author: Joerg Roedel Date: Thu Sep 5 09:22:40 2024 +0200 iommu/amd: Add kernel parameters to limit V1 page-sizes Add two new kernel command line parameters to limit the page-sizes used for v1 page-tables: nohugepages - Limits page-sizes to 4KiB v2_pgsizes_only - Limits page-sizes to 4Kib/2Mib/1GiB; The same as the sizes used with v2 page-tables This is needed for multiple scenarios. When assigning devices to SEV-SNP guests the IOMMU page-sizes need to match the sizes in the RMP table, otherwise the device will not be able to access all shared memory. Also, some ATS devices do not work properly with arbitrary IO page-sizes as supported by AMD-Vi, so limiting the sizes used by the driver is a suitable workaround. All-in-all, these parameters are only workarounds until the IOMMU core and related APIs gather the ability to negotiate the page-sizes in a better way. Signed-off-by: Joerg Roedel Reviewed-by: Vasant Hegde Link: https://lore.kernel.org/r/20240905072240.253313-1-joro@8bytes.org commit bbdd4df35c31fe502c1c70e4d3a8e3ebe5a270b7 Author: Kan Liang Date: Fri Aug 2 08:16:41 2024 -0700 dmaengine: idxd: Clean up cpumask and hotplug for perfmon The idxd PMU is system-wide scope, which is supported by the generic perf_event subsystem now. Set the scope for the idxd PMU and remove all the cpumask and hotplug codes. Signed-off-by: Kan Liang Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Dave Jiang Reviewed-by: Fenghua Yu Link: https://lore.kernel.org/r/20240802151643.1691631-6-kan.liang@linux.intel.com commit a8c73b82f7792400555143773d0152d5bc3ac068 Author: Kan Liang Date: Fri Aug 2 08:16:40 2024 -0700 iommu/vt-d: Clean up cpumask and hotplug for perfmon The iommu PMU is system-wide scope, which is supported by the generic perf_event subsystem now. Set the scope for the iommu PMU and remove all the cpumask and hotplug codes. Signed-off-by: Kan Liang Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Lu Baolu Link: https://lore.kernel.org/r/20240802151643.1691631-5-kan.liang@linux.intel.com commit 08155c7f2a2cc6ff99886ea5743da274be24ebe4 Author: Kan Liang Date: Fri Aug 2 08:16:39 2024 -0700 perf/x86/intel/cstate: Clean up cpumask and hotplug There are three cstate PMUs with different scopes, core, die and module. The scopes are supported by the generic perf_event subsystem now. Set the scope for each PMU and remove all the cpumask and hotplug codes. Signed-off-by: Kan Liang Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240802151643.1691631-4-kan.liang@linux.intel.com commit a48a36b316ae5d3ab83f9b545dba15998e96d59c Author: Kan Liang Date: Fri Aug 2 08:16:38 2024 -0700 perf: Add PERF_EV_CAP_READ_SCOPE Usually, an event can be read from any CPU of the scope. It doesn't need to be read from the advertised CPU. Add a new event cap, PERF_EV_CAP_READ_SCOPE. An event of a PMU with scope can be read from any active CPU in the scope. Signed-off-by: Kan Liang Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240802151643.1691631-3-kan.liang@linux.intel.com commit 4ba4f1afb6a9fed8ef896c2363076e36572f71da Author: Kan Liang Date: Fri Aug 2 08:16:37 2024 -0700 perf: Generic hotplug support for a PMU with a scope The perf subsystem assumes that the counters of a PMU are per-CPU. So the user space tool reads a counter from each CPU in the system wide mode. However, many PMUs don't have a per-CPU counter. The counter is effective for a scope, e.g., a die or a socket. To address this, a cpumask is exposed by the kernel driver to restrict to one CPU to stand for a specific scope. In case the given CPU is removed, the hotplug support has to be implemented for each such driver. The codes to support the cpumask and hotplug are very similar. - Expose a cpumask into sysfs - Pickup another CPU in the same scope if the given CPU is removed. - Invoke the perf_pmu_migrate_context() to migrate to a new CPU. - In event init, always set the CPU in the cpumask to event->cpu Similar duplicated codes are implemented for each such PMU driver. It would be good to introduce a generic infrastructure to avoid such duplication. 5 popular scopes are implemented here, core, die, cluster, pkg, and the system-wide. The scope can be set when a PMU is registered. If so, a "cpumask" is automatically exposed for the PMU. The "cpumask" is from the perf_online__mask, which is to track the active CPU for each scope. They are set when the first CPU of the scope is online via the generic perf hotplug support. When a corresponding CPU is removed, the perf_online__mask is updated accordingly and the PMU will be moved to a new CPU from the same scope if possible. Signed-off-by: Kan Liang Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240802151643.1691631-2-kan.liang@linux.intel.com commit a6711d1cd4e291f334ae900065e18f585732acfa Author: Christian Brauner Date: Thu Sep 5 09:57:00 2024 +0200 io_uring: port to struct kmem_cache_args Port req_cachep to struct kmem_cache_args. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Signed-off-by: Vlastimil Babka commit 781aee755638dbb6dbfe022bdd2f732621ec9534 Author: Christian Brauner Date: Thu Sep 5 09:56:59 2024 +0200 slab: make __kmem_cache_create() static inline Make __kmem_cache_create() a static inline function. Signed-off-by: Christian Brauner Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit 0c9050b09cfb1ddb3fe4b2d401dca1fb674c825a Author: Christian Brauner Date: Thu Sep 5 09:56:58 2024 +0200 slab: make kmem_cache_create_usercopy() static inline Make kmem_cache_create_usercopy() a static inline function. Signed-off-by: Christian Brauner Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit 3d453e60f1a9c377d670d5fe306d3b9eed477bc0 Author: Christian Brauner Date: Thu Sep 5 09:56:57 2024 +0200 slab: remove kmem_cache_create_rcu() Now that we have ported all users of kmem_cache_create_rcu() to struct kmem_cache_args the function is unused and can be removed. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit 5f7d25668217bb7841bc5784d2185618a01e336b Author: Christian Brauner Date: Thu Sep 5 09:56:56 2024 +0200 file: port to struct kmem_cache_args Port filp_cache to struct kmem_cache_args. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit b2e7456b5c25c41eda7a8a15f7ccaa4e7579949f Author: Christian Brauner Date: Thu Sep 5 09:56:55 2024 +0200 slab: create kmem_cache_create() compatibility layer Use _Generic() to create a compatibility layer that type switches on the third argument to either call __kmem_cache_create() or __kmem_cache_create_args(). If NULL is passed for the struct kmem_cache_args argument use default args making porting for callers that don't care about additional arguments easy. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Signed-off-by: Christian Brauner Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit 199cd13a745eb44fb4828bca373155293cdcfa5c Author: Christian Brauner Date: Thu Sep 5 09:56:54 2024 +0200 slab: port KMEM_CACHE_USERCOPY() to struct kmem_cache_args Make KMEM_CACHE_USERCOPY() use struct kmem_cache_args. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit 052d67b46bcd91b6785e8e6e047241814f6142a3 Author: Christian Brauner Date: Thu Sep 5 09:56:53 2024 +0200 slab: port KMEM_CACHE() to struct kmem_cache_args Make KMEM_CACHE() use struct kmem_cache_args. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit dacf472bcdfa4f3b08cd2c1beef034e3e5ab4bd0 Author: Christian Brauner Date: Thu Sep 5 09:56:52 2024 +0200 slab: remove rcu_freeptr_offset from struct kmem_cache Pass down struct kmem_cache_args to calculate_sizes() so we can use args->{use}_freeptr_offset directly. This allows us to remove ->rcu_freeptr_offset from struct kmem_cache. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit 3dbe2bad5785e4a9f62d99186e7d31410a8f1e2d Author: Christian Brauner Date: Thu Sep 5 09:56:51 2024 +0200 slab: pass struct kmem_cache_args to do_kmem_cache_create() and initialize most things in do_kmem_cache_create(). In a follow-up patch we'll remove rcu_freeptr_offset from struct kmem_cache. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit fc0eac57d08cad87b478a3be944899c81c950d43 Author: Christian Brauner Date: Thu Sep 5 09:56:50 2024 +0200 slab: pull kmem_cache_open() into do_kmem_cache_create() do_kmem_cache_create() is the only caller and we're going to pass down struct kmem_cache_args in a follow-up patch. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit 34410a906080e7f669330c45c8e38215fe09f481 Author: Christian Brauner Date: Thu Sep 5 09:56:49 2024 +0200 slab: pass struct kmem_cache_args to create_cache() Pass struct kmem_cache_args to create_cache() so that we can later simplify further helpers. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit 1d3d7645d789c9ce8fec48b16c0040b4a3dc6604 Author: Christian Brauner Date: Thu Sep 5 09:56:48 2024 +0200 slab: port kmem_cache_create_usercopy() to struct kmem_cache_args Port kmem_cache_create_usercopy() to struct kmem_cache_args and remove the now unused do_kmem_cache_create_usercopy() helper. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit 9816c3c4e778b2477fda1966bf7047a2d9772d14 Author: Christian Brauner Date: Thu Sep 5 09:56:47 2024 +0200 slab: port kmem_cache_create_rcu() to struct kmem_cache_args Port kmem_cache_create_rcu() to struct kmem_cache_args. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit f6cd98c9407f8b8118464c633b27765e751e2750 Author: Christian Brauner Date: Thu Sep 5 09:56:46 2024 +0200 slab: port kmem_cache_create() to struct kmem_cache_args Port kmem_cache_create() to struct kmem_cache_args. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit 879fb3c274c12cb0892718e1e54f85fc406e3c7b Author: Christian Brauner Date: Thu Sep 5 09:56:45 2024 +0200 slab: add struct kmem_cache_args Currently we have multiple kmem_cache_create*() variants that take up to seven separate parameters with one of the functions having to grow an eigth parameter in the future to handle both usercopy and a custom freelist pointer. Add a struct kmem_cache_args structure and move less common parameters into it. Core parameters such as name, object size, and flags continue to be passed separately. Add a new function __kmem_cache_create_args() that takes a struct kmem_cache_args pointer and port do_kmem_cache_create_usercopy() over to it. In follow-up patches we will port the other kmem_cache_create*() variants over to it as well. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit 53d3d210864e532ee5d8ae48f66168c12dd8f530 Author: Christian Brauner Date: Thu Sep 5 09:56:44 2024 +0200 slab: s/__kmem_cache_create/do_kmem_cache_create/g Free up reusing the double-underscore variant for follow-up patches. Reviewed-by: Kees Cook Reviewed-by: Jens Axboe Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner Reviewed-by: Roman Gushchin Signed-off-by: Vlastimil Babka commit e16f4f70987bce1f6a61609145d075c3926179d2 Merge: 5be63fc19fcaa4 0f389adb4b80ee Author: Vlastimil Babka Date: Thu Sep 5 11:31:32 2024 +0200 Merge branch 'vfs.file' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs into slab/for-6.12/kmem_cache_args Merge prerequisities from the vfs git tree for the following series that introduces kmem_cache_args. The vfs.file branch includes the addition of kmem_cache_create_rcu() which was needed in vfs for the filp cache optimization. The following series refactors this code. commit 23d93aa4b3b90b6e3dc8e6b6bb36580c1068bc07 Author: Kris Van Hees Date: Fri Sep 6 10:45:02 2024 -0400 kbuild: add mod(name,file)_flags to assembler flags for module objects In order to create the file at build time, modules.builtin.ranges, that contains the range of addresses for all built-in modules, there needs to be a way to identify what code is compiled into modules. To identify what code is compiled into modules during a kernel build, one can look for the presence of the -DKBUILD_MODFILE and -DKBUILD_MODNAME options in the compile command lines. A simple grep in .*.cmd files for those options is sufficient for this. Unfortunately, these options are only passed when compiling C source files. Various modules also include objects built from assembler source, and these options are not passed in that case. Adding $(modfile_flags) to modkern_aflags (similar to modkern_cflags), and adding $(modname_flags) to a_flags (similar to c_flags) makes it possible to identify which objects are compiled into modules for both C and assembler source files. While KBUILD_MODFILE is sufficient to generate the modules ranges data, KBUILD_MODNAME is passed as well for consistency with the C source code case. Signed-off-by: Kris Van Hees Reviewed-by: Steven Rostedt (Google) Tested-by: Sam James Reviewed-by: Sami Tolvanen Tested-by: Sami Tolvanen Signed-off-by: Masahiro Yamada commit 9028cdeb38e1f37d63cb3154799dd259b67e879e Author: Shakeel Butt Date: Thu Sep 5 10:34:22 2024 -0700 memcg: add charging of already allocated slab objects At the moment, the slab objects are charged to the memcg at the allocation time. However there are cases where slab objects are allocated at the time where the right target memcg to charge it to is not known. One such case is the network sockets for the incoming connection which are allocated in the softirq context. Couple hundred thousand connections are very normal on large loaded server and almost all of those sockets underlying those connections get allocated in the softirq context and thus not charged to any memcg. However later at the accept() time we know the right target memcg to charge. Let's add new API to charge already allocated objects, so we can have better accounting of the memory usage. To measure the performance impact of this change, tcp_crr is used from the neper [1] performance suite. Basically it is a network ping pong test with new connection for each ping pong. The server and the client are run inside 3 level of cgroup hierarchy using the following commands: Server: $ tcp_crr -6 Client: $ tcp_crr -6 -c -H ${server_ip} If the client and server run on different machines with 50 GBPS NIC, there is no visible impact of the change. For the same machine experiment with v6.11-rc5 as base. base (throughput) with-patch tcp_crr 14545 (+- 80) 14463 (+- 56) It seems like the performance impact is within the noise. Link: https://github.com/google/neper [1] Signed-off-by: Shakeel Butt Reviewed-by: Roman Gushchin Reviewed-by: Yosry Ahmed Acked-by: Paolo Abeni # net Signed-off-by: Vlastimil Babka commit 4bceb9ba05aca23652567fb5f899cc7fcb12c8d0 Author: Christoph Hellwig Date: Tue Sep 10 07:39:07 2024 +0300 iomap: remove the iomap_file_buffered_write_punch_delalloc return value iomap_file_buffered_write_punch_delalloc can only return errors if either the ->punch callback returned an error, or if someone changed the API of mapping_seek_hole_data to return a negative error code that is not -ENXIO. As the only instance of ->punch never returns an error, an such an error would be fatal anyway remove the entire error propagation and don't return an error code from iomap_file_buffered_write_punch_delalloc. Signed-off-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240910043949.3481298-6-hch@lst.de Reviewed-by: Darrick J. Wong Signed-off-by: Christian Brauner commit 492f53758fad4fde3e9a98696780f8b53f87cdae Author: Christoph Hellwig Date: Tue Sep 10 07:39:06 2024 +0300 iomap: pass the iomap to the punch callback XFS will need to look at the flags in the iomap structure, so pass it down all the way to the callback. Signed-off-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240910043949.3481298-5-hch@lst.de Reviewed-by: Darrick J. Wong Signed-off-by: Christian Brauner commit 11596dc3dfae572cc267dda2dc4dab9ae34668f3 Author: Christoph Hellwig Date: Tue Sep 10 07:39:05 2024 +0300 iomap: pass flags to iomap_file_buffered_write_punch_delalloc To fix short write error handling, We'll need to figure out what operation iomap_file_buffered_write_punch_delalloc is called for. Pass the flags argument on to it, and reorder the argument list to match that of ->iomap_end so that the compiler only has to add the new punch argument to the end of it instead of reshuffling the registers. Signed-off-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240910043949.3481298-4-hch@lst.de Reviewed-by: Darrick J. Wong Signed-off-by: Christian Brauner commit b53fdb215d13f8e9c29541434bf2d14dac8bcbdc Author: Christoph Hellwig Date: Tue Sep 10 07:39:04 2024 +0300 iomap: improve shared block detection in iomap_unshare_iter Currently iomap_unshare_iter relies on the IOMAP_F_SHARED flag to detect blocks to unshare. This is reasonable, but IOMAP_F_SHARED is also useful for the file system to do internal book keeping for out of place writes. XFS used to that, until it got removed in commit 72a048c1056a ("xfs: only set IOMAP_F_SHARED when providing a srcmap to a write") because unshare for incorrectly unshare such blocks. Add an extra safeguard by checking the explicitly provided srcmap instead of the fallback to the iomap for valid data, as that catches the case where we'd just copy from the same place we'd write to easily, allowing to reinstate setting IOMAP_F_SHARED for all XFS writes that go to the COW fork. Signed-off-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240910043949.3481298-3-hch@lst.de Reviewed-by: Darrick J. Wong Signed-off-by: Christian Brauner commit 7a9d43eace888a0ee6095035997bb138425844d3 Author: Christoph Hellwig Date: Tue Sep 10 07:39:03 2024 +0300 iomap: handle a post-direct I/O invalidate race in iomap_write_delalloc_release When direct I/O completions invalidates the page cache it holds neither the i_rwsem nor the invalidate_lock so it can be racing with iomap_write_delalloc_release. If the search for the end of the region that contains data returns the start offset we hit such a race and just need to look for the end of the newly created hole instead. Signed-off-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240910043949.3481298-2-hch@lst.de Reviewed-by: Darrick J. Wong Signed-off-by: Christian Brauner commit 3a0caeca0520b676368b32bd07185d64e013d1d9 Author: Chen Ni Date: Mon Sep 2 16:04:19 2024 +0800 drivers: watchdog: marvell_gti: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Reviewed-by: Guenter Roeck Link: https://lore.kernel.org/r/20240902080419.3824706-1-nichen@iscas.ac.cn Signed-off-by: Guenter Roeck Signed-off-by: Wim Van Sebroeck commit 35ff0ebfe6327b721667f3a69e92581c65fe4dab Author: Chen Ni Date: Mon Sep 2 16:10:51 2024 +0800 watchdog: iTCO_wdt: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Reviewed-by: Andy Shevchenko Reviewed-by: Guenter Roeck Link: https://lore.kernel.org/r/20240902081051.3824822-1-nichen@iscas.ac.cn Signed-off-by: Guenter Roeck Signed-off-by: Wim Van Sebroeck commit f6febd0a30b6e299a08076116256e3b36c24eada Author: Lad Prabhakar Date: Thu Aug 29 20:38:31 2024 +0100 watchdog: Add Watchdog Timer driver for RZ/V2H(P) Add Watchdog Timer driver for RZ/V2H(P) SoC. Signed-off-by: Lad Prabhakar Reviewed-by: Guenter Roeck Link: https://lore.kernel.org/r/20240829193831.80768-3-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Guenter Roeck Signed-off-by: Wim Van Sebroeck commit 892067cda23d02e1d5c4d90e504e9c8caff6f21c Author: Lad Prabhakar Date: Thu Aug 29 20:38:30 2024 +0100 dt-bindings: watchdog: renesas,wdt: Document RZ/V2H(P) SoC Add support for the Watchdog Timer (WDT) hardware found in the Renesas RZ/V2H(P) SoC to the `renesas,wdt` device tree bindings. Signed-off-by: Lad Prabhakar Reviewed-by: Conor Dooley Reviewed-by: Guenter Roeck Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/r/20240829193831.80768-2-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Guenter Roeck Signed-off-by: Wim Van Sebroeck commit db60d55e1f4880b1e199d3d5eefb59c700ba3e7d Author: Alexander Sverdlin Date: Wed Aug 28 08:02:10 2024 +0200 watchdog: imx_sc_wdt: detect if already running Firmware (SC) WDT can be already enabled in U-Boot. Detect this case and make CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED functional by setting WDOG_HW_RUNNING. Signed-off-by: Alexander Sverdlin Reviewed-by: Guenter Roeck Link: https://lore.kernel.org/r/20240828060212.108608-1-alexander.sverdlin@siemens.com Signed-off-by: Guenter Roeck Signed-off-by: Wim Van Sebroeck commit 6adb55917497047455712dd8a85d359034a415a0 Author: Fabio Estevam Date: Thu Aug 8 23:08:21 2024 -0300 watchdog: imx2_wdt: Remove __maybe_unused notations Use the DEFINE_SIMPLE_DEV_PM_OPS() and pm_sleep_ptr() macros to handle the .suspend/.resume callbacks. These macros allow the suspend and resume functions to be automatically dropped by the compiler when CONFIG_SUSPEND is disabled, without having to use __maybe_unused notation. Signed-off-by: Fabio Estevam Reviewed-by: Guenter Roeck Link: https://lore.kernel.org/r/20240809020822.335682-1-festevam@gmail.com Signed-off-by: Guenter Roeck Signed-off-by: Wim Van Sebroeck commit 2d9d6d300fb0a4ae4431bb308027ac9385746d42 Author: Jonas Blixt Date: Thu Aug 1 14:18:45 2024 +0200 watchdog: imx_sc_wdt: Don't disable WDT in suspend Parts of the suspend and resume chain is left unprotected if we disable the WDT here. >From experiments we can see that the SCU disables and re-enables the WDT when we enter and leave suspend to ram. By not touching the WDT here we are protected by the WDT all the way to the SCU. Signed-off-by: Jonas Blixt CC: Anson Huang Fixes: 986857acbc9a ("watchdog: imx_sc: Add i.MX system controller watchdog support") Reviewed-by: Guenter Roeck Link: https://lore.kernel.org/r/20240801121845.1465765-1-jonas.blixt@actia.se Signed-off-by: Guenter Roeck Signed-off-by: Wim Van Sebroeck commit 1f87c578d91b7e01a1bf1d0607a76a0764c68b18 Author: Frank Li Date: Tue Jul 30 10:56:10 2024 -0400 watchdog: imx7ulp_wdt: move post_rcs_wait into struct imx_wdt_hw_feature Move post_rcs_wait into struct imx_wdt_hw_feature to simple code logic for difference compatible string. i.MX93 watchdog needn't wait 2.5 clocks after RCS is done. So needn't set post_rcs_wait. Signed-off-by: Frank Li Signed-off-by: Alice Guo Reviewed-by: Ye Li Reviewed-by: Guenter Roeck Link: https://lore.kernel.org/r/20240730145610.2177627-1-Frank.Li@nxp.com Signed-off-by: Guenter Roeck Signed-off-by: Wim Van Sebroeck commit 92845948dd12d27e83838dc997ee4540b7d7051d Merge: a9b1fab3b69f16 89ba464fcf548d Author: Paolo Abeni Date: Tue Sep 10 11:04:18 2024 +0200 Merge branch 'net-lan966x-use-the-newly-introduced-fdma-library' Daniel Machon says: ==================== net: lan966x: use the newly introduced FDMA library This patch series is the second of a 2-part series [1], that adds a new common FDMA library for Microchip switch chips Sparx5 and lan966x. These chips share the same FDMA engine, and as such will benefit from a common library with a common implementation. This also has the benefit of removing a lot of open-coded bookkeeping and duplicate code for the two drivers. In this second series, the FDMA library will be taken into use by the lan966x switch driver. ################### # Example of use: # ################### - Initialize the rx and tx fdma structs with values for: number of DCB's, number of DB's, channel ID, DB size (data buffer size), and total size of the requested memory. Also provide two callbacks: nextptr_cb() and dataptr_cb() for getting the nextptr and dataptr. - Allocate memory using fdma_alloc_phys() or fdma_alloc_coherent(). - Initialize the DCB's with fdma_dcb_init(). - Add new DCB's with fdma_dcb_add(). - Free memory with fdma_free_phys() or fdma_free_coherent(). ##################### # Patch breakdown: # ##################### Patch #1: select FDMA library for lan966x. Patch #2: includes the fdma_api.h header and removes old symbols. Patch #3: replaces old rx and tx variables with equivalent ones from the fdma struct. Only the variables that can be changed without breaking traffic is changed in this patch. Patch #4: uses the library for allocation of rx buffers. This requires quite a bit of refactoring in this single patch. Patch #5: uses the library for adding DCB's in the rx path. Patch #6: uses the library for freeing rx buffers. Patch #7: uses the library for allocation of tx buffers. This requires quite a bit of refactoring in this single patch. Patch #8: uses the library for adding DCB's in the tx path. Patch #9: uses the library helpers in the tx path. Patch #10: ditch last_in_use variable and use library instead. Patch #11: uses library helpers throughout. Patch #12: refactor lan966x_fdma_reload() function. [1] https://lore.kernel.org/netdev/20240902-fdma-sparx5-v1-0-1e7d5e5a9f34@microchip.com/ Signed-off-by: Daniel Machon ==================== Link: https://patch.msgid.link/20240905-fdma-lan966x-v1-0-e083f8620165@microchip.com Signed-off-by: Paolo Abeni commit 89ba464fcf548d64bc7215dfe769f791330ae8b6 Author: Daniel Machon Date: Thu Sep 5 10:06:40 2024 +0200 net: lan966x: refactor buffer reload function Now that we store everything in the fdma structs, refactor lan966x_fdma_reload() to store and restore the entire struct. Signed-off-by: Daniel Machon Reviewed-by: Horatiu Vultur Signed-off-by: Paolo Abeni commit 9fbc5719f6aa2afbb5445e2b59fe577b4cb9d87c Author: Daniel Machon Date: Thu Sep 5 10:06:39 2024 +0200 net: lan966x: use a few FDMA helpers throughout The library provides helpers for a number of DCB and DB operations. Use these throughout the code and remove the old ones. Signed-off-by: Daniel Machon Reviewed-by: Horatiu Vultur Signed-off-by: Paolo Abeni commit c06fef96c7d599ac6d1cdfd42ffee8c8d59729fe Author: Daniel Machon Date: Thu Sep 5 10:06:38 2024 +0200 net: lan966x: ditch tx->last_in_use variable This variable is used in the tx path to determine the last used DCB. The library has the variable last_dcb for the exact same purpose. Ditch the last_in_use variable throughout. Signed-off-by: Daniel Machon Reviewed-by: Horatiu Vultur Signed-off-by: Paolo Abeni commit 8cdd0bd02283036130396d70183c15a97f3be6b7 Author: Daniel Machon Date: Thu Sep 5 10:06:37 2024 +0200 net: lan966x: use library helper for freeing tx buffers The library has the helper fdma_free_phys() for freeing physical FDMA memory. Use it in the exit path. Signed-off-by: Daniel Machon Reviewed-by: Horatiu Vultur Signed-off-by: Paolo Abeni commit 29cc3a66a81ddaa237a3fe3c14cf0fc582db25bf Author: Daniel Machon Date: Thu Sep 5 10:06:36 2024 +0200 net: lan966x: use FDMA library for adding DCB's in the tx path Use the fdma_dcb_add() function to add DCB's in the tx path. This gets rid of the open-coding of nextptr and dataptr handling and leaves it to the library. Signed-off-by: Daniel Machon Reviewed-by: Horatiu Vultur Signed-off-by: Paolo Abeni commit df2ddc1458c39eacb8678333bea668a76de540de Author: Daniel Machon Date: Thu Sep 5 10:06:35 2024 +0200 net: lan966x: use the FDMA library for allocation of tx buffers Use the two functions: fdma_alloc_phys() and fdma_dcb_init() for rx buffer allocation and use the new buffers throughout. In order to replace the old buffers with the new ones, we have to do the following refactoring: - use fdma_alloc_phys() and fdma_dcb_init() - replace the variables: tx->dma, tx->dcbs and tx->curr_entry with the equivalents from the FDMA struct. - add lan966x_fdma_tx_dataptr_cb callback for obtaining the dataptr. - Initialize FDMA struct values. Signed-off-by: Daniel Machon Reviewed-by: Horatiu Vultur Signed-off-by: Paolo Abeni commit f51293b3ea89b3028745d8f0c9206df4bdc16905 Author: Daniel Machon Date: Thu Sep 5 10:06:34 2024 +0200 net: lan966x: use library helper for freeing rx buffers The library has the helper fdma_free_phys() for freeing physical FDMA memory. Use it in the exit path. Signed-off-by: Daniel Machon Reviewed-by: Horatiu Vultur Signed-off-by: Paolo Abeni commit 2b5a09e67b72146161df176ba73ddb4d6607f3a0 Author: Daniel Machon Date: Thu Sep 5 10:06:33 2024 +0200 net: lan966x: use FDMA library for adding DCB's in the rx path Use the fdma_dcb_add() function to add DCB's in the rx path. This gets rid of the open-coding of nextptr and dataptr handling and the functions for adding DCB's. Signed-off-by: Daniel Machon Reviewed-by: Horatiu Vultur Signed-off-by: Paolo Abeni commit 01a70754327bd628610587b6b7ae5efe2a5e7d1c Author: Daniel Machon Date: Thu Sep 5 10:06:32 2024 +0200 net: lan966x: use the FDMA library for allocation of rx buffers Use the two functions: fdma_alloc_phys() and fdma_dcb_init() for rx buffer allocation and use the new buffers throughout. In order to replace the old buffers with the new ones, we have to do the following refactoring: - use fdma_alloc_phys() and fdma_dcb_init() - replace the variables: rx->dma, rx->dcbs and rx->last_entry with the equivalents from the FDMA struct. - make use of fdma->db_size for rx buffer size. - add lan966x_fdma_rx_dataptr_cb callback for obtaining the dataptr. - Initialize FDMA struct values. Signed-off-by: Daniel Machon Reviewed-by: Horatiu Vultur Signed-off-by: Paolo Abeni commit 8274d40eafa37b570ad7be8b7fe5fe507509c153 Author: Daniel Machon Date: Thu Sep 5 10:06:31 2024 +0200 net: lan966x: replace a few variables with new equivalent ones Replace the old rx and tx variables: channel_id, FDMA_DCB_MAX, FDMA_RX_DCB_MAX_DBS, FDMA_TX_DCB_MAX_DBS, dcb_index and db_index with the equivalents from the FDMA rx and tx structs. These variables are not entangled in any buffer allocation and can therefore be replaced in advance. Signed-off-by: Daniel Machon Reviewed-by: Horatiu Vultur Signed-off-by: Paolo Abeni commit 1dfe4ca8cb4af9d648b0f04e4449728e94eb516e Author: Daniel Machon Date: Thu Sep 5 10:06:30 2024 +0200 net: lan966x: use FDMA library symbols Include and use the new FDMA header, which now provides the required masks and bit offsets for operating on the DCB's and DB's. Signed-off-by: Daniel Machon Reviewed-by: Horatiu Vultur Signed-off-by: Paolo Abeni commit 63acda75801fa2f8ff10c4748cc8c420d34f6ea3 Author: Daniel Machon Date: Thu Sep 5 10:06:29 2024 +0200 net: lan966x: select FDMA library Select the newly introduced FDMA library. Signed-off-by: Daniel Machon Reviewed-by: Horatiu Vultur Signed-off-by: Paolo Abeni commit c7e08c816cd2fdf8b86f2762f4667ca0f748c286 Author: Gerhard Engleder Date: Fri Aug 9 07:23:03 2024 +0200 i2c: keba: Add KEBA I2C controller support The KEBA I2C controller is found in the system FPGA of KEBA PLC devices. It is used to connect EEPROMs and hardware monitoring chips. The It is a simple I2C controller with a fixed bus speed of 100 kbit/s. The whole message transmission is executed by the driver. The driver triggers all steps over control, status and data register. There are no FIFOs or interrupts. Signed-off-by: Gerhard Engleder Signed-off-by: Andi Shyti commit 3bc5ed15bdc5077d7ee621f44872f550babbea3e Merge: e3ee4ab0fd6ef2 7d8abc5f3b5ce0 Author: Rafael J. Wysocki Date: Tue Sep 10 10:54:15 2024 +0200 Merge tag 'thermal-v6.12-rc1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/thermal/linux into Merge thermal drivers changes for v6.12-rc1 from Daniel Lezcano: "- Add power domain DT bindings for new Amlogic SoCs (Georges Stark) - Switch from CONFIG_PM_SLEEP guards to pm_sleep_ptr() in the ST driver and add a Kconfig dependency on THERMAL_OF subsystem for the STi driver (Raphael Gallais-Pou) - Simplify with dev_err_probe() the error code path in the probe functions for the brcmstb driver (Yan Zhen) - Remove trailing space after \n newline in the Renesas driver (Colin Ian King) - Add DT binding compatible string for the SA8255p with the tsens driver (Nikunj Kela) - Use the devm_clk_get_enabled() helpers to simplify the init routine in the sprd driver (Huan Yang) - Remove __maybe_unused notations for the functions by using the new RUNTIME_PM_OPS() and SYSTEM_SLEEP_PM_OPS() macros on the IMx and Qoriq drivers (Fabio Estevam) - Remove unused declarations in the header file as the functions were removed in a previous change on the ti-soc-thermal driver (Zhang Zekun) - Simplify with dev_err_probe() the error code path in the probe functions for the imx_sc_thermal driver (Alexander Stein)" * tag 'thermal-v6.12-rc1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/thermal/linux: thermal/drivers/imx_sc_thermal: Use dev_err_probe thermal/drivers/ti-soc-thermal: Remove unused declarations thermal/drivers/imx: Remove __maybe_unused notations thermal/drivers/qoriq: Remove __maybe_unused notations thermal/drivers/sprd: Use devm_clk_get_enabled() helpers dt-bindings: thermal: tsens: document support on SA8255p thermal/drivers/renesas: Remove trailing space after \n newline thermal/drivers/brcmstb_thermal: Simplify with dev_err_probe() thermal/drivers/sti: Depend on THERMAL_OF subsystem thermal/drivers/st: Switch from CONFIG_PM_SLEEP guards to pm_sleep_ptr() dt-bindings: thermal: amlogic,thermal: add optional power-domains commit 7e4d4b32ab9532bd1babcd5d0763d727ebb04be0 Author: Joshua Grisham Date: Mon Sep 9 21:30:00 2024 +0200 ALSA: hda/realtek: Refactor and simplify Samsung Galaxy Book init I have done a lot of analysis for these type of devices and collaborated quite a bit with Nick Weihs (author of the first patch submitted for this including adding samsung_helper.c). More information can be found in the issue on Github [1] including additional rationale and testing. The existing implementation includes a large number of equalizer coef values that are not necessary to actually init and enable the speaker amps, as well as create a somewhat worse sound profile. Users have reported "muffled" or "muddy" sound; more information about this including my analysis of the differences can be found in the linked Github issue. This patch refactors the "v2" version of ALC298_FIXUP_SAMSUNG_AMP to a much simpler implementation which removes the new samsung_helper.c, reuses more of the existing patch_realtek.c, and sends significantly fewer unnecessary coef values (including removing all of these EQ-specific coef values). A pcm_playback_hook is used to dynamically enable and disable the speaker amps only when there will be audio playback; this is to match the behavior of how the driver for these devices is working in Windows, and is suspected but not yet tested or confirmed to help with power consumption. Support for models with 2 speaker amps vs 4 speaker amps is controlled by a specific quirk name for both types. A new int num_speaker_amps has been added to alc_spec so that the hooks can know how many speaker amps to enable or disable. This design was chosen to limit the number of places that subsystem ids will need to be maintained: like this, they can be maintained only once in the quirk table and there will not be another separate list of subsystem ids to maintain elsewhere in the code. Also updated the quirk name from ALC298_FIXUP_SAMSUNG_AMP2 to ALC298_FIXUP_SAMSUNG_AMP_V2_.. as this is not a quirk for "Amp #2" on ALC298 but is instead a different version of how to handle it. More devices have been added (see Github issue for testing confirmation), as well as a small cleanup to existing names. [1]: https://github.com/thesofproject/linux/issues/4055#issuecomment-2323411911 Signed-off-by: Joshua Grisham Link: https://patch.msgid.link/20240909193000.838815-1-josh@joshuagrisham.com Signed-off-by: Takashi Iwai commit fc09ea51ddc01119d7cbb3ff56d51af2de6f71d8 Author: Edson Juliano Drosdeck Date: Mon Sep 9 13:27:51 2024 -0300 ALSA: hda/realtek: Enable mic on Vaio VJFH52 Vaio VJFH52 is equipped with ACL256, and needs a fix to make the internal mic and headphone mic to work. Also must to limits the internal microphone boost. Signed-off-by: Edson Juliano Drosdeck Link: https://patch.msgid.link/20240909162751.4790-1-edson.drosdeck@gmail.com Signed-off-by: Takashi Iwai commit 5516e3f4763e3604b789b3567dafe4388eec4a8f Merge: 28fbfaf6bd1df9 c491b044cf5f82 Author: Takashi Iwai Date: Tue Sep 10 10:27:43 2024 +0200 Merge branch 'for-linus' into for-next Signed-off-by: Takashi Iwai commit 43dc2a0f479b9cd30f6674986d7a40517e999d31 Author: Juergen Gross Date: Tue Aug 6 10:24:41 2024 +0200 xen: move max_pfn in xen_memory_setup() out of function scope Instead of having max_pfn as a local variable of xen_memory_setup(), make it a static variable in setup.c instead. This avoids having to pass it to subfunctions, which will be needed in more cases in future. Rename it to ini_nr_pages, as the value denotes the currently usable number of memory pages as passed from the hypervisor at boot time. Signed-off-by: Juergen Gross Tested-by: Marek Marczykowski-Górecki Reviewed-by: Jan Beulich Signed-off-by: Juergen Gross commit c4498ae316da5b5786ccd448fc555f3339b8e4ca Author: Juergen Gross Date: Tue Aug 6 09:56:48 2024 +0200 xen: move checks for e820 conflicts further up Move the checks for e820 memory map conflicts using the xen_chk_is_e820_usable() helper further up in order to prepare resolving some of the possible conflicts by doing some e820 map modifications, which must happen before evaluating the RAM layout. Signed-off-by: Juergen Gross Tested-by: Marek Marczykowski-Górecki Reviewed-by: Jan Beulich Signed-off-by: Juergen Gross commit ba88829706e2c5b7238638fc2b0713edf596495e Author: Juergen Gross Date: Fri Aug 2 14:11:06 2024 +0200 xen: introduce generic helper checking for memory map conflicts When booting as a Xen PV dom0 the memory layout of the dom0 is modified to match that of the host, as this requires less changes in the kernel for supporting Xen. There are some cases, though, which are problematic, as it is the Xen hypervisor selecting the kernel's load address plus some other data, which might conflict with the host's memory map. These conflicts are detected at boot time and result in a boot error. In order to support handling at least some of these conflicts in future, introduce a generic helper function which will later gain the ability to adapt the memory layout when possible. Add the missing check for the xen_start_info area. Note that possible p2m map and initrd memory conflicts are handled already by copying the data to memory areas not conflicting with the memory map. The initial stack allocated by Xen doesn't need to be checked, as early boot code is switching to the statically allocated initial kernel stack. Initial page tables and the kernel itself will be handled later. Signed-off-by: Juergen Gross Tested-by: Marek Marczykowski-Górecki Reviewed-by: Jan Beulich Signed-off-by: Juergen Gross commit fac1bceeeb04886fc2ee952672e6e6c85ce41dca Author: Juergen Gross Date: Sat Aug 3 08:01:22 2024 +0200 xen: use correct end address of kernel for conflict checking When running as a Xen PV dom0 the kernel is loaded by the hypervisor using a different memory map than that of the host. In order to minimize the required changes in the kernel, the kernel adapts its memory map to that of the host. In order to do that it is checking for conflicts of its load address with the host memory map. Unfortunately the tested memory range does not include the .brk area, which might result in crashes or memory corruption when this area does conflict with the memory map of the host. Fix the test by using the _end label instead of __bss_stop. Fixes: 808fdb71936c ("xen: check for kernel memory conflicting with memory layout") Signed-off-by: Juergen Gross Tested-by: Marek Marczykowski-Górecki Reviewed-by: Jan Beulich Signed-off-by: Juergen Gross commit 2cab4bd024d23f658e40dce209dfd012f4e8b19a Author: Huang Shijie Date: Fri Sep 6 13:30:19 2024 +0800 sched/debug: Fix the runnable tasks output The current runnable tasks output looks like: runnable tasks: S task PID tree-key switches prio wait-time sum-exec sum-sleep ------------------------------------------------------------------------------------------------------------- Ikworker/R-rcu_g 4 0.129049 E 0.620179 0.750000 0.002920 2 100 0.000000 0.002920 0.000000 0.000000 0 0 / Ikworker/R-sync_ 5 0.125328 E 0.624147 0.750000 0.001840 2 100 0.000000 0.001840 0.000000 0.000000 0 0 / Ikworker/R-slub_ 6 0.120835 E 0.628680 0.750000 0.001800 2 100 0.000000 0.001800 0.000000 0.000000 0 0 / Ikworker/R-netns 7 0.114294 E 0.634701 0.750000 0.002400 2 100 0.000000 0.002400 0.000000 0.000000 0 0 / I kworker/0:1 9 508.781746 E 511.754666 3.000000 151.575240 224 120 0.000000 151.575240 0.000000 0.000000 0 0 / Which is messy. Remove the duplicate printing of sum_exec_runtime and tidy up the layout to make it look like: runnable tasks: S task PID vruntime eligible deadline slice sum-exec switches prio wait-time sum-sleep sum-block node group-id group-path ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- I kworker/0:3 1698 295.001459 E 297.977619 3.000000 38.862920 9 120 0.000000 0.000000 0.000000 0 0 / I kworker/0:4 1702 278.026303 E 281.026303 3.000000 9.918760 3 120 0.000000 0.000000 0.000000 0 0 / S NetworkManager 2646 0.377936 E 2.598104 3.000000 98.535880 314 120 0.000000 0.000000 0.000000 0 0 /system.slice/NetworkManager.service S virtqemud 2689 0.541016 E 2.440104 3.000000 50.967960 80 120 0.000000 0.000000 0.000000 0 0 /system.slice/virtqemud.service S gsd-smartcard 3058 73.604144 E 76.475904 3.000000 74.033320 88 120 0.000000 0.000000 0.000000 0 0 /user.slice/user-42.slice/session-c1.scope Reviewed-by: Christoph Lameter (Ampere) Signed-off-by: Huang Shijie Signed-off-by: Peter Zijlstra (Intel) Link: https://lkml.kernel.org/r/20240906053019.7874-1-shijie@os.amperecomputing.com commit c662e2b1e8cfc3b6329704dab06051f8c3ec2993 Author: Peter Zijlstra Date: Thu Sep 5 17:02:24 2024 +0200 sched: Fix sched_delayed vs sched_core Completely analogous to commit dfa0a574cbc4 ("sched/uclamg: Handle delayed dequeue"), avoid double dequeue for the sched_core entries. Fixes: 152e11f6df29 ("sched/fair: Implement delayed dequeue") Signed-off-by: Peter Zijlstra (Intel) commit 729288bc68560b4d5b094cb7a6f794c752ef22a2 Author: Dietmar Eggemann Date: Thu Sep 5 00:05:23 2024 +0200 kernel/sched: Fix util_est accounting for DELAY_DEQUEUE Remove delayed tasks from util_est even they are runnable. Exclude delayed task which are (a) migrating between rq's or (b) in a SAVE/RESTORE dequeue/enqueue. Signed-off-by: Dietmar Eggemann Signed-off-by: Peter Zijlstra (Intel) Link: https://lkml.kernel.org/r/c49ef5fe-a909-43f1-b02f-a765ab9cedbf@arm.com commit 6b9ccbc033cf179956a37fef3ee415bdc3029d2f Author: Chen Yu Date: Tue Aug 27 19:23:08 2024 +0800 kthread: Fix task state in kthread worker if being frozen When analyzing a kernel waring message, Peter pointed out that there is a race condition when the kworker is being frozen and falls into try_to_freeze() with TASK_INTERRUPTIBLE, which could trigger a might_sleep() warning in try_to_freeze(). Although the root cause is not related to freeze()[1], it is still worthy to fix this issue ahead. One possible race scenario: CPU 0 CPU 1 ----- ----- // kthread_worker_fn set_current_state(TASK_INTERRUPTIBLE); suspend_freeze_processes() freeze_processes static_branch_inc(&freezer_active); freeze_kernel_threads pm_nosig_freezing = true; if (work) { //false __set_current_state(TASK_RUNNING); } else if (!freezing(current)) //false, been frozen freezing(): if (static_branch_unlikely(&freezer_active)) if (pm_nosig_freezing) return true; schedule() } // state is still TASK_INTERRUPTIBLE try_to_freeze() might_sleep() <--- warning Fix this by explicitly set the TASK_RUNNING before entering try_to_freeze(). Fixes: b56c0d8937e6 ("kthread: implement kthread_worker") Suggested-by: Peter Zijlstra Suggested-by: Andrew Morton Signed-off-by: Chen Yu Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/lkml/Zs2ZoAcUsZMX2B%2FI@chenyu5-mobl2/ [1] commit 84d265281d6cea65353fc24146280e0d86ac50cb Author: Chen Yu Date: Tue Aug 27 19:26:07 2024 +0800 sched/pelt: Use rq_clock_task() for hw_pressure commit 97450eb90965 ("sched/pelt: Remove shift of thermal clock") removed the decay_shift for hw_pressure. This commit uses the sched_clock_task() in sched_tick() while it replaces the sched_clock_task() with rq_clock_pelt() in __update_blocked_others(). This could bring inconsistence. One possible scenario I can think of is in ___update_load_sum(): u64 delta = now - sa->last_update_time 'now' could be calculated by rq_clock_pelt() from __update_blocked_others(), and last_update_time was calculated by rq_clock_task() previously from sched_tick(). Usually the former chases after the latter, it cause a very large 'delta' and brings unexpected behavior. Fixes: 97450eb90965 ("sched/pelt: Remove shift of thermal clock") Signed-off-by: Chen Yu Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Hongyan Xia Reviewed-by: Vincent Guittot Link: https://lkml.kernel.org/r/20240827112607.181206-1-yu.c.chen@intel.com commit 5d871a63997fa8bcf80adb49ea1f2f7840dff932 Author: Vincent Guittot Date: Wed Sep 4 11:24:17 2024 +0200 sched/fair: Move effective_cpu_util() and effective_cpu_util() in fair.c Move effective_cpu_util() and sched_cpu_util() functions in fair.c file with others utilization related functions. No functional change. Signed-off-by: Vincent Guittot Signed-off-by: Peter Zijlstra (Intel) Link: https://lkml.kernel.org/r/20240904092417.20660-1-vincent.guittot@linaro.org commit 3dcac251b066b60dba6d44c97d76faeb00bf19c5 Author: Peter Zijlstra Date: Fri Aug 9 09:22:40 2024 +0000 sched/core: Introduce SM_IDLE and an idle re-entry fast-path in __schedule() Since commit b2a02fc43a1f ("smp: Optimize send_call_function_single_ipi()") an idle CPU in TIF_POLLING_NRFLAG mode can be pulled out of idle by setting TIF_NEED_RESCHED flag to service an IPI without actually sending an interrupt. Even in cases where the IPI handler does not queue a task on the idle CPU, do_idle() will call __schedule() since need_resched() returns true in these cases. Introduce and use SM_IDLE to identify call to __schedule() from schedule_idle() and shorten the idle re-entry time by skipping pick_next_task() when nr_running is 0 and the previous task is the idle task. With the SM_IDLE fast-path, the time taken to complete a fixed set of IPIs using ipistorm improves noticeably. Following are the numbers from a dual socket Intel Ice Lake Xeon server (2 x 32C/64T) and 3rd Generation AMD EPYC system (2 x 64C/128T) (boost on, C2 disabled) running ipistorm between CPU8 and CPU16: cmdline: insmod ipistorm.ko numipi=100000 single=1 offset=8 cpulist=8 wait=1 ================================================================== Test : ipistorm (modified) Units : Normalized runtime Interpretation: Lower is better Statistic : AMean ======================= Intel Ice Lake Xeon ====================== kernel: time [pct imp] tip:sched/core 1.00 [baseline] tip:sched/core + SM_IDLE 0.80 [20.51%] ==================== 3rd Generation AMD EPYC ===================== kernel: time [pct imp] tip:sched/core 1.00 [baseline] tip:sched/core + SM_IDLE 0.90 [10.17%] ================================================================== [ kprateek: Commit message, SM_RTLOCK_WAIT fix ] Signed-off-by: Peter Zijlstra (Intel) Not-yet-signed-off-by: Peter Zijlstra Signed-off-by: K Prateek Nayak Signed-off-by: Peter Zijlstra (Intel) Acked-by: Vincent Guittot Link: https://lore.kernel.org/r/20240809092240.6921-1-kprateek.nayak@amd.com commit 8bdb6a8393dc32e3ab2cf89081e5b0f95cb7221b Author: Hongzhen Luo Date: Thu Sep 5 11:03:39 2024 +0800 erofs: simplify erofs_map_blocks_flatmode() Get rid of redundant variables (nblocks, offset) and a dead branch (!tailendpacking). Signed-off-by: Hongzhen Luo Reviewed-by: Gao Xiang Reviewed-by: Chao Yu Link: https://lore.kernel.org/r/20240905030339.1474396-1-hongzhen@linux.alibaba.com Signed-off-by: Gao Xiang commit 53d514b970106976fd64f593ea13b55ebf26b3ff Author: Yiyang Wu Date: Mon Sep 2 17:34:12 2024 +0800 erofs: refactor read_inode calling convention Refactor out the iop binding behavior out of the erofs_fill_symlink and move erofs_buf into the erofs_read_inode, so that erofs_fill_inode can only deal with inode operation bindings and can be decoupled from metabuf operations. This results in better calling conventions. Note that after this patch, we do not need erofs_buf and ofs as parameters any more when calling erofs_read_inode as all the data operations are now included in itself. Suggested-by: Al Viro Link: https://lore.kernel.org/all/20240425222847.GN2118490@ZenIV/ Signed-off-by: Yiyang Wu Reviewed-by: Gao Xiang Reviewed-by: Chao Yu Link: https://lore.kernel.org/r/20240902093412.509083-1-toolmanp@tlmp.cc Signed-off-by: Gao Xiang commit b1bbb9a637a329873e14b596b7e6fa2fd44b87b4 Author: Yiyang Wu Date: Mon Sep 2 16:31:46 2024 +0800 erofs: use kmemdup_nul in erofs_fill_symlink Remove open coding in erofs_fill_symlink. Suggested-by: Al Viro Link: https://lore.kernel.org/all/20240425222847.GN2118490@ZenIV Signed-off-by: Yiyang Wu Link: https://lore.kernel.org/r/20240902083147.450558-2-toolmanp@tlmp.cc Reviewed-by: Gao Xiang Reviewed-by: Chao Yu Signed-off-by: Gao Xiang commit 0d442ce0b3027e99491520a3a8585e8c4ffd79dc Author: Gao Xiang Date: Fri Aug 30 11:28:40 2024 +0800 erofs: mark experimental fscache backend deprecated Although fscache is still described as "General Filesystem Caching" for network filesystems and other things such as ISO9660 filesystems, it has actually become a part of netfslib recently, which was unexpected at the time when "EROFS over fscache" proposed (2021) since EROFS is entirely a disk filesystem and the dependency is redundant. Mark it deprecated and it will be removed after "fanotify pre-content hooks" lands, which will provide the same functionality for EROFS. Reviewed-by: Sandeep Dhavale Reviewed-by: Chao Yu Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20240830032840.3783206-4-hsiangkao@linux.alibaba.com commit 283213718f5d618dfe88d16a3c63a077a12f15ec Author: Gao Xiang Date: Fri Aug 30 11:28:39 2024 +0800 erofs: support compressed inodes for fileio Use pseudo bios just like the previous fscache approach since merged bio_vecs can be filled properly with unique interfaces. Reviewed-by: Sandeep Dhavale Reviewed-by: Chao Yu Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20240830032840.3783206-3-hsiangkao@linux.alibaba.com commit ce63cb62d794c98c7631c2296fa845f2a8d0a4a1 Author: Gao Xiang Date: Thu Sep 5 17:30:31 2024 +0800 erofs: support unencoded inodes for fileio Since EROFS only needs to handle read requests in simple contexts, Just directly use vfs_iocb_iter_read() for data I/Os. Reviewed-by: Sandeep Dhavale Reviewed-by: Chao Yu Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20240905093031.2745929-1-hsiangkao@linux.alibaba.com commit fb176750266a3d7f42ebdcf28e8ba40350b27847 Author: Gao Xiang Date: Fri Aug 30 11:28:37 2024 +0800 erofs: add file-backed mount support It actually has been around for years: For containers and other sandbox use cases, there will be thousands (and even more) of authenticated (sub)images running on the same host, unlike OS images. Of course, all scenarios can use the same EROFS on-disk format, but bdev-backed mounts just work well for OS images since golden data is dumped into real block devices. However, it's somewhat hard for container runtimes to manage and isolate so many unnecessary virtual block devices safely and efficiently [1]: they just look like a burden to orchestrators and file-backed mounts are preferred indeed. There were already enough attempts such as Incremental FS, the original ComposeFS and PuzzleFS acting in the same way for immutable fses. As for current EROFS users, ComposeFS, containerd and Android APEXs will be directly benefited from it. On the other hand, previous experimental feature "erofs over fscache" was once also intended to provide a similar solution (inspired by Incremental FS discussion [2]), but the following facts show file-backed mounts will be a better approach: - Fscache infrastructure has recently been moved into new Netfslib which is an unexpected dependency to EROFS really, although it originally claims "it could be used for caching other things such as ISO9660 filesystems too." [3] - It takes an unexpectedly long time to upstream Fscache/Cachefiles enhancements. For example, the failover feature took more than one year, and the deamonless feature is still far behind now; - Ongoing HSM "fanotify pre-content hooks" [4] together with this will perfectly supersede "erofs over fscache" in a simpler way since developers (mainly containerd folks) could leverage their existing caching mechanism entirely in userspace instead of strictly following the predefined in-kernel caching tree hierarchy. After "fanotify pre-content hooks" lands upstream to provide the same functionality, "erofs over fscache" will be removed then (as an EROFS internal improvement and EROFS will not have to bother with on-demand fetching and/or caching improvements anymore.) [1] https://github.com/containers/storage/pull/2039 [2] https://lore.kernel.org/r/CAOQ4uxjbVxnubaPjVaGYiSwoGDTdpWbB=w_AeM6YM=zVixsUfQ@mail.gmail.com [3] https://docs.kernel.org/filesystems/caching/fscache.html [4] https://lore.kernel.org/r/cover.1723670362.git.josef@toxicpanda.com Closes: https://github.com/containers/composefs/issues/144 Reviewed-by: Sandeep Dhavale Reviewed-by: Chao Yu Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20240830032840.3783206-1-hsiangkao@linux.alibaba.com commit 9e2f9d34dd12e6e5b244ec488bcebd0c2d566c50 Author: Gao Xiang Date: Tue Sep 10 15:08:47 2024 +0800 erofs: handle overlapped pclusters out of crafted images properly syzbot reported a task hang issue due to a deadlock case where it is waiting for the folio lock of a cached folio that will be used for cache I/Os. After looking into the crafted fuzzed image, I found it's formed with several overlapped big pclusters as below: Ext: logical offset | length : physical offset | length 0: 0.. 16384 | 16384 : 151552.. 167936 | 16384 1: 16384.. 32768 | 16384 : 155648.. 172032 | 16384 2: 32768.. 49152 | 16384 : 537223168.. 537239552 | 16384 ... Here, extent 0/1 are physically overlapped although it's entirely _impossible_ for normal filesystem images generated by mkfs. First, managed folios containing compressed data will be marked as up-to-date and then unlocked immediately (unlike in-place folios) when compressed I/Os are complete. If physical blocks are not submitted in the incremental order, there should be separate BIOs to avoid dependency issues. However, the current code mis-arranges z_erofs_fill_bio_vec() and BIO submission which causes unexpected BIO waits. Second, managed folios will be connected to their own pclusters for efficient inter-queries. However, this is somewhat hard to implement easily if overlapped big pclusters exist. Again, these only appear in fuzzed images so let's simply fall back to temporary short-lived pages for correctness. Additionally, it justifies that referenced managed folios cannot be truncated for now and reverts part of commit 2080ca1ed3e4 ("erofs: tidy up `struct z_erofs_bvec`") for simplicity although it shouldn't be any difference. Reported-by: syzbot+4fc98ed414ae63d1ada2@syzkaller.appspotmail.com Reported-by: syzbot+de04e06b28cfecf2281c@syzkaller.appspotmail.com Reported-by: syzbot+c8c8238b394be4a1087d@syzkaller.appspotmail.com Tested-by: syzbot+4fc98ed414ae63d1ada2@syzkaller.appspotmail.com Closes: https://lore.kernel.org/r/0000000000002fda01061e334873@google.com Fixes: 8e6c8fa9f2e9 ("erofs: enable big pcluster feature") Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20240910070847.3356592-1-hsiangkao@linux.alibaba.com commit 6d17035a74028f0b0e77affefbfb5d71e6d32713 Author: Cindy Lu Date: Wed Jul 31 11:16:03 2024 +0800 vdpa/mlx5: Add the support of set mac address Add the function to support setting the MAC address. For vdpa/mlx5, the function will use mlx5_mpfs_add_mac to set the mac address Tested in ConnectX-6 Dx device Signed-off-by: Cindy Lu Message-Id: <20240731031653.1047692-4-lulu@redhat.com> Signed-off-by: Michael S. Tsirkin Acked-by: Jason Wang commit 218bb7ec17f1f66a63cb7421fb8a1d48032988e8 Author: Cindy Lu Date: Wed Jul 31 11:16:02 2024 +0800 vdpa_sim_net: Add the support of set mac address Add the function to support setting the MAC address. For vdpa_sim_net, the driver will write the MAC address to the config space, and other devices can implement their own functions to support this. Signed-off-by: Cindy Lu Message-Id: <20240731031653.1047692-3-lulu@redhat.com> Signed-off-by: Michael S. Tsirkin Acked-by: Jason Wang commit 2f87e9cf0c9e21ab9be1fb2ba8520a1525359497 Author: Cindy Lu Date: Wed Jul 31 11:16:01 2024 +0800 vdpa: support set mac address from vdpa tool Add new UAPI to support the mac address from vdpa tool Function vdpa_nl_cmd_dev_attr_set_doit() will get the new MAC address from the vdpa tool and then set it to the device. The usage is: vdpa dev set name vdpa_name mac **:**:**:**:**:** Here is example: root@L1# vdpa -jp dev config show vdpa0 { "config": { "vdpa0": { "mac": "82:4d:e9:5d:d7:e6", "link ": "up", "link_announce ": false, "mtu": 1500 } } } root@L1# vdpa dev set name vdpa0 mac 00:11:22:33:44:55 root@L1# vdpa -jp dev config show vdpa0 { "config": { "vdpa0": { "mac": "00:11:22:33:44:55", "link ": "up", "link_announce ": false, "mtu": 1500 } } } Signed-off-by: Cindy Lu Message-Id: <20240731031653.1047692-2-lulu@redhat.com> Signed-off-by: Michael S. Tsirkin Acked-by: Jason Wang commit a8927f69e85ec3508085e1042ca8ffe1c1ededae Author: Zhu Jun Date: Wed Jul 24 00:41:08 2024 -0700 tools/virtio:Fix the wrong format specifier The unsigned int should use "%u" instead of "%d". Signed-off-by: Zhu Jun Message-Id: <20240724074108.9530-1-zhujun2@cmss.chinamobile.com> Signed-off-by: Michael S. Tsirkin Reviewed-by: Eugenio Pérez Reviewed-by: Xuan Zhuo commit 74c025c5d7e4ac7c7ad269c1ee64da4bdfe4770c Author: zhenwei pi Date: Tue Apr 23 11:41:09 2024 +0800 virtio_balloon: introduce memory scan/reclaim info Expose memory scan/reclaim information to the host side via virtio balloon device. Now we have a metric to analyze the memory performance: y: counter increases n: counter does not changes h: the rate of counter change is high l: the rate of counter change is low OOM: VIRTIO_BALLOON_S_OOM_KILL STALL: VIRTIO_BALLOON_S_ALLOC_STALL ASCAN: VIRTIO_BALLOON_S_SCAN_ASYNC DSCAN: VIRTIO_BALLOON_S_SCAN_DIRECT ARCLM: VIRTIO_BALLOON_S_RECLAIM_ASYNC DRCLM: VIRTIO_BALLOON_S_RECLAIM_DIRECT - OOM[y], STALL[*], ASCAN[*], DSCAN[*], ARCLM[*], DRCLM[*]: the guest runs under really critial memory pressure - OOM[n], STALL[h], ASCAN[*], DSCAN[l], ARCLM[*], DRCLM[l]: the memory allocation stalls due to cgroup, not the global memory pressure. - OOM[n], STALL[h], ASCAN[*], DSCAN[h], ARCLM[*], DRCLM[h]: the memory allocation stalls due to global memory pressure. The performance gets hurt a lot. A high ratio between DRCLM/DSCAN shows quite effective memory reclaiming. - OOM[n], STALL[h], ASCAN[*], DSCAN[h], ARCLM[*], DRCLM[l]: the memory allocation stalls due to global memory pressure. the ratio between DRCLM/DSCAN gets low, the guest OS is thrashing heavily, the serious case leads poor performance and difficult trouble shooting. Ex, sshd may block on memory allocation when accepting new connections, a user can't login a VM by ssh command. - OOM[n], STALL[n], ASCAN[h], DSCAN[n], ARCLM[l], DRCLM[n]: the low ratio between ARCLM/ASCAN shows that the guest tries to reclaim more memory, but it can't. Once more memory is required in future, it will struggle to reclaim memory. Acked-by: David Hildenbrand Signed-off-by: zhenwei pi Message-Id: <20240423034109.1552866-5-pizhenwei@bytedance.com> Signed-off-by: Michael S. Tsirkin commit c5b70a26aac39f09a23fd72f44cfbb3d4d5a14d5 Author: zhenwei pi Date: Tue Apr 23 11:41:08 2024 +0800 virtio_balloon: introduce memory allocation stall counter Memory allocation stall counter represents the performance/latency of memory allocation, expose this counter to the host side by virtio balloon device via out-of-bound way. Acked-by: David Hildenbrand Signed-off-by: zhenwei pi Message-Id: <20240423034109.1552866-4-pizhenwei@bytedance.com> Signed-off-by: Michael S. Tsirkin commit 6cf1c97dad2ebc4de03105cc444b3dfaa83f3dc2 Author: zhenwei pi Date: Tue Apr 23 11:41:07 2024 +0800 virtio_balloon: introduce oom-kill invocations When the guest OS runs under critical memory pressure, the guest starts to kill processes. A guest monitor agent may scan 'oom_kill' from /proc/vmstat, and reports the OOM KILL event. However, the agent may be killed and we will loss this critical event(and the later events). For now we can also grep for magic words in guest kernel log from host side. Rather than this unstable way, virtio balloon reports OOM-KILL invocations instead. Acked-by: David Hildenbrand Signed-off-by: zhenwei pi Message-Id: <20240423034109.1552866-3-pizhenwei@bytedance.com> Signed-off-by: Michael S. Tsirkin commit e25fbcd97cf52c3c9824d44b5c56c19673c3dd50 Author: Philip Chen Date: Mon Aug 26 21:53:13 2024 +0000 virtio_pmem: Check device status before requesting flush If a pmem device is in a bad status, the driver side could wait for host ack forever in virtio_pmem_flush(), causing the system to hang. So add a status check in the beginning of virtio_pmem_flush() to return early if the device is not activated. Signed-off-by: Philip Chen Message-Id: <20240826215313.2673566-1-philipchen@chromium.org> Signed-off-by: Michael S. Tsirkin Acked-by: Pankaj Gupta Date: Fri Aug 16 11:19:00 2024 +0800 vhost_vdpa: assign irq bypass producer token correctly We used to call irq_bypass_unregister_producer() in vhost_vdpa_setup_vq_irq() which is problematic as we don't know if the token pointer is still valid or not. Actually, we use the eventfd_ctx as the token so the life cycle of the token should be bound to the VHOST_SET_VRING_CALL instead of vhost_vdpa_setup_vq_irq() which could be called by set_status(). Fixing this by setting up irq bypass producer's token when handling VHOST_SET_VRING_CALL and un-registering the producer before calling vhost_vring_ioctl() to prevent a possible use after free as eventfd could have been released in vhost_vring_ioctl(). And such registering and unregistering will only be done if DRIVER_OK is set. Reported-by: Dragos Tatulea Tested-by: Dragos Tatulea Reviewed-by: Dragos Tatulea Fixes: 2cf1ba9a4d15 ("vhost_vdpa: implement IRQ offloading in vhost_vdpa") Signed-off-by: Jason Wang Message-Id: <20240816031900.18013-1-jasowang@redhat.com> Signed-off-by: Michael S. Tsirkin commit dc12502905b7a3de9097ea6b98870470c2921e09 Author: Dragos Tatulea Date: Tue Aug 27 19:08:08 2024 +0300 vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5_vdpa_dev_add() can end up releasing mr resources which never got initialized in the first place. This patch adds the missing check in mlx5_vdpa_destroy_mr_resources() to block releasing non-initialized mr resources. Reference trace: mlx5_core 0000:08:00.2: mlx5_vdpa_dev_add:3274:(pid 2700) warning: No mac address provisioned? BUG: kernel NULL pointer dereference, address: 0000000000000000 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 140216067 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 8 PID: 2700 Comm: vdpa Kdump: loaded Not tainted 5.14.0-496.el9.x86_64 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 RIP: 0010:vhost_iotlb_del_range+0xf/0xe0 [vhost_iotlb] Code: [...] RSP: 0018:ff1c823ac23077f0 EFLAGS: 00010246 RAX: ffffffffc1a21a60 RBX: ffffffff899567a0 RCX: 0000000000000000 RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000000000000 RBP: ff1bda1f7c21e800 R08: 0000000000000000 R09: ff1c823ac2307670 R10: ff1c823ac2307668 R11: ffffffff8a9e7b68 R12: 0000000000000000 R13: 0000000000000000 R14: ff1bda1f43e341a0 R15: 00000000ffffffea FS: 00007f56eba7c740(0000) GS:ff1bda269f800000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000000104d90001 CR4: 0000000000771ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: ? show_trace_log_lvl+0x1c4/0x2df ? show_trace_log_lvl+0x1c4/0x2df ? mlx5_vdpa_free+0x3d/0x150 [mlx5_vdpa] ? __die_body.cold+0x8/0xd ? page_fault_oops+0x134/0x170 ? __irq_work_queue_local+0x2b/0xc0 ? irq_work_queue+0x2c/0x50 ? exc_page_fault+0x62/0x150 ? asm_exc_page_fault+0x22/0x30 ? __pfx_mlx5_vdpa_free+0x10/0x10 [mlx5_vdpa] ? vhost_iotlb_del_range+0xf/0xe0 [vhost_iotlb] mlx5_vdpa_free+0x3d/0x150 [mlx5_vdpa] vdpa_release_dev+0x1e/0x50 [vdpa] device_release+0x31/0x90 kobject_cleanup+0x37/0x130 mlx5_vdpa_dev_add+0x2d2/0x7a0 [mlx5_vdpa] vdpa_nl_cmd_dev_add_set_doit+0x277/0x4c0 [vdpa] genl_family_rcv_msg_doit+0xd9/0x130 genl_family_rcv_msg+0x14d/0x220 ? __pfx_vdpa_nl_cmd_dev_add_set_doit+0x10/0x10 [vdpa] ? _copy_to_user+0x1a/0x30 ? move_addr_to_user+0x4b/0xe0 genl_rcv_msg+0x47/0xa0 ? __import_iovec+0x46/0x150 ? __pfx_genl_rcv_msg+0x10/0x10 netlink_rcv_skb+0x54/0x100 genl_rcv+0x24/0x40 netlink_unicast+0x245/0x370 netlink_sendmsg+0x206/0x440 __sys_sendto+0x1dc/0x1f0 ? do_read_fault+0x10c/0x1d0 ? do_pte_missing+0x10d/0x190 __x64_sys_sendto+0x20/0x30 do_syscall_64+0x5c/0xf0 ? __count_memcg_events+0x4f/0xb0 ? mm_account_fault+0x6c/0x100 ? handle_mm_fault+0x116/0x270 ? do_user_addr_fault+0x1d6/0x6a0 ? do_syscall_64+0x6b/0xf0 ? clear_bhb_loop+0x25/0x80 ? clear_bhb_loop+0x25/0x80 ? clear_bhb_loop+0x25/0x80 ? clear_bhb_loop+0x25/0x80 ? clear_bhb_loop+0x25/0x80 entry_SYSCALL_64_after_hwframe+0x78/0x80 Fixes: 512c0cdd80c1 ("vdpa/mlx5: Decouple cvq iotlb handling from hw mapping code") Signed-off-by: Dragos Tatulea Reviewed-by: Cosmin Ratiu Message-Id: <20240827160808.2448017-2-dtatulea@nvidia.com> Signed-off-by: Michael S. Tsirkin Reviewed-by: Si-Wei Liu Acked-by: Jason Wang Reviewed-by: Shannon Nelson commit 81ee62e8d09ee3c7107d11c8bbfd64073ab601ad Author: Christophe JAILLET Date: Sat Jul 27 14:51:56 2024 +0200 media: atomisp: Use clamp() in ia_css_eed1_8_vmem_encode() Using clamp() instead of min_t(max_t()) is easier to read. It also reduces the size of the preprocessed files by ~ 193 ko. (see [1] for a discussion about it) $ ls -l ia_css_eed1_8.host*.i 4829993 27 juil. 14:36 ia_css_eed1_8.host.old.i 4636649 27 juil. 14:42 ia_css_eed1_8.host.new.i [1]: https://lore.kernel.org/all/23bdb6fc8d884ceebeb6e8b8653b8cfe@AcuMS.aculab.com/ Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/155aba6ab759e98f66349e6bb4f69e2410486c09.1722084704.git.christophe.jaillet@wanadoo.fr Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit ffe3dc5acaa2477276011d6eb61373220217cd9d Author: Hans de Goede Date: Sat Sep 7 13:17:01 2024 +0200 media: atomisp: Fix eed1_8 code assigning signed values to an unsigned variable ia_css_eed1_8_vmem_encode() is assigning values with a range of -8192 - 8191 to e_dew_enh_y and e_dew_enh_a both of which are of the VMEM_ARRAY type which maps to u16. This causes the following smatch warnings: drivers/staging/media/atomisp/pci/isp/kernels/eed1_8/ia_css_eed1_8.host.c: drivers/staging/media/atomisp/pci/isp/kernels/eed1_8/ia_css_eed1_8.host.c:177 ia_css_eed1_8_vmem_encode() warn: assigning (-8192) to unsigned variable 'to->e_dew_enh_y[0][base + j]' drivers/staging/media/atomisp/pci/isp/kernels/eed1_8/ia_css_eed1_8.host.c: drivers/staging/media/atomisp/pci/isp/kernels/eed1_8/ia_css_eed1_8.host.c:182 ia_css_eed1_8_vmem_encode() warn: assigning (-8192) to unsigned variable 'to->e_dew_enh_a[0][base + j]' Convert the e_dew_enh_y and e_dew_enh_a arrays to a new SVMEM_ARRAY type which maps to s16 to fix this. Link: https://lore.kernel.org/linux-media/20240907111701.8493-1-hdegoede@redhat.com Reported-by: Mauro Carvalho Chehab Closes: https://lore.kernel.org/linux-media/20240906081542.5cb0c142@foz.lan/ Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit 8a62d44588451095fd6645d6ed7ff8761edf62aa Author: Nick Desaulniers Date: Fri Sep 6 13:01:28 2024 +0200 scripts: subarch.include: fix SUBARCH on macOS hosts When building the Linux kernel on an aarch64 macOS based host, if we don't specify a value for ARCH when invoking make, we default to arm and thus multi_v7_defconfig rather than the expected arm64 and arm64's defconfig. This is because subarch.include invokes `uname -m` which on MacOS hosts evaluates to `arm64` but on Linux hosts evaluates to `aarch64`, This allows us to build ARCH=arm64 natively on macOS (as in ARCH need not be specified on an aarch64-based system). Avoid matching arm64 by excluding it from the arm.* sed expression. Signed-off-by: Nick Desaulniers Suggested-by: Nicolas Schier Signed-off-by: Daniel Gomez Signed-off-by: Masahiro Yamada commit 16ff3f606c7e639d815ede92c258b63484242783 Author: Masahiro Yamada Date: Thu Sep 5 08:54:48 2024 +0900 scripts: import more hash table macros Add more macros used for removing hash table entries. Signed-off-by: Masahiro Yamada commit 038eb433dc1474c4bc7d33188294e3d4778efdfd Author: Sean Anderson Date: Fri Sep 6 17:54:34 2024 -0400 dma-mapping: add tracing for dma-mapping API calls When debugging drivers, it can often be useful to trace when memory gets (un)mapped for DMA (and can be accessed by the device). Add some tracepoints for this purpose. Use u64 instead of phys_addr_t and dma_addr_t (and similarly %llx instead of %pa) because libtraceevent can't handle typedefs in all cases. Signed-off-by: Sean Anderson Signed-off-by: Christoph Hellwig commit f3009482512eb057e7161214a068c6bd7bae83a4 Author: Sean Christopherson Date: Fri Aug 30 17:15:16 2024 -0700 KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if the GVA is valid Set PFERR_GUEST_{FINAL,PAGE}_MASK based on EPT_VIOLATION_GVA_TRANSLATED if and only if EPT_VIOLATION_GVA_IS_VALID is also set in exit qualification. Per the SDM, bit 8 (EPT_VIOLATION_GVA_TRANSLATED) is valid if and only if bit 7 (EPT_VIOLATION_GVA_IS_VALID) is set, and is '0' if bit 7 is '0'. Bit 7 (a.k.a. EPT_VIOLATION_GVA_IS_VALID) Set if the guest linear-address field is valid. The guest linear-address field is valid for all EPT violations except those resulting from an attempt to load the guest PDPTEs as part of the execution of the MOV CR instruction and those due to trace-address pre-translation Bit 8 (a.k.a. EPT_VIOLATION_GVA_TRANSLATED) If bit 7 is 1: • Set if the access causing the EPT violation is to a guest-physical address that is the translation of a linear address. • Clear if the access causing the EPT violation is to a paging-structure entry as part of a page walk or the update of an accessed or dirty bit. Reserved if bit 7 is 0 (cleared to 0). Failure to guard the logic on GVA_IS_VALID results in KVM marking the page fault as PFERR_GUEST_PAGE_MASK when there is no known GVA, which can put the vCPU into an infinite loop due to kvm_mmu_page_fault() getting false positive on its PFERR_NESTED_GUEST_PAGE logic (though only because that logic is also buggy/flawed). In practice, this is largely a non-issue because so GVA_IS_VALID is almost always set. However, when TDX comes along, GVA_IS_VALID will *never* be set, as the TDX Module deliberately clears bits 12:7 in exit qualification, e.g. so that the faulting virtual address and other metadata that aren't practically useful for the hypervisor aren't leaked to the untrusted host. When exit is due to EPT violation, bits 12-7 of the exit qualification are cleared to 0. Fixes: eebed2438923 ("kvm: nVMX: Add support for fast unprotection of nested guest page tables") Reviewed-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-2-seanjc@google.com Signed-off-by: Sean Christopherson commit 9a5bff7f5ec2383e3edac5eda561b52e267ccbb5 Author: Sean Christopherson Date: Fri Aug 9 12:43:30 2024 -0700 KVM: x86/mmu: Use KVM_PAGES_PER_HPAGE() instead of an open coded equivalent Use KVM_PAGES_PER_HPAGE() instead of open coding equivalent logic that is anything but obvious. No functional change intended, and verified by compiling with the below assertions: BUILD_BUG_ON((1UL << KVM_HPAGE_GFN_SHIFT(PG_LEVEL_4K)) != KVM_PAGES_PER_HPAGE(PG_LEVEL_4K)); BUILD_BUG_ON((1UL << KVM_HPAGE_GFN_SHIFT(PG_LEVEL_2M)) != KVM_PAGES_PER_HPAGE(PG_LEVEL_2M)); BUILD_BUG_ON((1UL << KVM_HPAGE_GFN_SHIFT(PG_LEVEL_1G)) != KVM_PAGES_PER_HPAGE(PG_LEVEL_1G)); Link: https://lore.kernel.org/r/20240809194335.1726916-19-seanjc@google.com Signed-off-by: Sean Christopherson commit 7645829145a91a3e13fdc322492500dae46ca17c Author: Sean Christopherson Date: Fri Aug 9 12:43:28 2024 -0700 KVM: x86/mmu: Add KVM_RMAP_MANY to replace open coded '1' and '1ul' literals Replace all of the open coded '1' literals used to mark a PTE list as having many/multiple entries with a proper define. It's hard enough to read the code with one magic bit, and a future patch to support "locking" a single rmap will add another. No functional change intended. Link: https://lore.kernel.org/r/20240809194335.1726916-17-seanjc@google.com Signed-off-by: Sean Christopherson commit 7aac9dc680da9390a22515c3f822c9d1907c4f02 Author: Sean Christopherson Date: Fri Aug 9 12:43:27 2024 -0700 KVM: x86/mmu: Fold mmu_spte_age() into kvm_rmap_age_gfn_range() Fold mmu_spte_age() into its sole caller now that aging and testing for young SPTEs is handled in a common location, i.e. doesn't require more helpers. Opportunistically remove the use of mmu_spte_get_lockless(), as mmu_lock is held (for write!), and marking SPTEs for access tracking outside of mmu_lock is unsafe (at least, as written). I.e. using the lockless accessor is quite misleading. No functional change intended. Link: https://lore.kernel.org/r/20240809194335.1726916-16-seanjc@google.com Signed-off-by: Sean Christopherson commit c17f150000f6b06061dc109bc2dd2858898a62b2 Author: Sean Christopherson Date: Fri Aug 9 12:43:26 2024 -0700 KVM: x86/mmu: Morph kvm_handle_gfn_range() into an aging specific helper Rework kvm_handle_gfn_range() into an aging-specic helper, kvm_rmap_age_gfn_range(). In addition to purging a bunch of unnecessary boilerplate code, this sets the stage for aging rmap SPTEs outside of mmu_lock. Note, there's a small functional change, as kvm_test_age_gfn() will now return immediately if a young SPTE is found, whereas previously KVM would continue iterating over other levels. Link: https://lore.kernel.org/r/20240809194335.1726916-15-seanjc@google.com Signed-off-by: Sean Christopherson commit 548f87f667a38ffeb2f021d9cfbc1f1b34fb4cb5 Author: Sean Christopherson Date: Fri Aug 9 12:43:25 2024 -0700 KVM: x86/mmu: Honor NEED_RESCHED when zapping rmaps and blocking is allowed Convert kvm_unmap_gfn_range(), which is the helper that zaps rmap SPTEs in response to an mmu_notifier invalidation, to use __kvm_rmap_zap_gfn_range() and feed in range->may_block. In other words, honor NEED_RESCHED by way of cond_resched() when zapping rmaps. This fixes a long-standing issue where KVM could process an absurd number of rmap entries without ever yielding, e.g. if an mmu_notifier fired on a PUD (or larger) range. Opportunistically rename __kvm_zap_rmap() to kvm_zap_rmap(), and drop the old kvm_zap_rmap(). Ideally, the shuffling would be done in a different patch, but that just makes the compiler unhappy, e.g. arch/x86/kvm/mmu/mmu.c:1462:13: error: ‘kvm_zap_rmap’ defined but not used Reported-by: Peter Xu Link: https://lore.kernel.org/r/20240809194335.1726916-14-seanjc@google.com Signed-off-by: Sean Christopherson commit dd9eaad744f4ed30913cca423439a1765a760c71 Author: Sean Christopherson Date: Fri Aug 9 12:43:24 2024 -0700 KVM: x86/mmu: Add a helper to walk and zap rmaps for a memslot Add a dedicated helper to walk and zap rmaps for a given memslot so that the code can be shared between KVM-initiated zaps and mmu_notifier invalidations. No functional change intended. Link: https://lore.kernel.org/r/20240809194335.1726916-13-seanjc@google.com Signed-off-by: Sean Christopherson commit 5b1fb116e1a636701627a6eb202d17be93e8f7a8 Author: Sean Christopherson Date: Fri Aug 9 12:43:23 2024 -0700 KVM: x86/mmu: Plumb a @can_yield parameter into __walk_slot_rmaps() Add a @can_yield param to __walk_slot_rmaps() to control whether or not dropping mmu_lock and conditionally rescheduling is allowed. This will allow using __walk_slot_rmaps() and thus cond_resched() to handle mmu_notifier invalidations, which usually allow blocking/yielding, but not when invoked by the OOM killer. Link: https://lore.kernel.org/r/20240809194335.1726916-12-seanjc@google.com Signed-off-by: Sean Christopherson commit 0a37fffda14538036f5402a29920285284fe5d5b Author: Sean Christopherson Date: Fri Aug 9 12:43:22 2024 -0700 KVM: x86/mmu: Move walk_slot_rmaps() up near for_each_slot_rmap_range() Move walk_slot_rmaps() and friends up near for_each_slot_rmap_range() so that the walkers can be used to handle mmu_notifier invalidations, and so that similar function has some amount of locality in code. No functional change intended. Link: https://lore.kernel.org/r/20240809194335.1726916-11-seanjc@google.com Signed-off-by: Sean Christopherson commit 2ef8d63da81d9e89cbc1eb4867d638f88bf5dc78 Merge: af04e65f6b6633 34bb7b813ab398 Author: Dave Airlie Date: Tue Sep 10 13:17:56 2024 +1000 Merge tag 'drm-xe-next-2024-09-05' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-next Cross-subsystem Changes: - Split dma fence array creation into alloc and arm (Matthew Brost) Driver Changes: - Move kernel_lrc to execlist backend (Ilia) - Fix type width for pcode coommand (Karthik) - Make xe_drm.h include unambiguous (Jani) - Fixes and debug improvements for GSC load (Daniele) - Track resources and VF state by PF (Michal Wajdeczko) - Fix memory leak on error path (Nirmoy) - Cleanup header includes (Matt Roper) - Move pcode logic to tile scope (Matt Roper) - Move hwmon logic to device scope (Matt Roper) - Fix media TLB invalidation (Matthew Brost) - Threshold config fixes for PF (Michal Wajdeczko) - Remove extra "[drm]" from logs (Michal Wajdeczko) - Add missing runtime ref (Rodrigo Vivi) - Fix circular locking on runtime suspend (Rodrigo Vivi) - Fix rpm in TTM swapout path (Thomas) Signed-off-by: Dave Airlie From: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/eirx5vdvoflbbqlrzi5cip6bpu3zjojm2pxseufu3rlq4pp6xv@eytjvhizfyu6 commit 98a69b96caca3e07aff57ca91fd7cc3a3853871a Author: Sean Christopherson Date: Fri Aug 30 17:15:37 2024 -0700 KVM: x86/mmu: WARN on MMIO cache hit when emulating write-protected gfn WARN if KVM gets an MMIO cache hit on a RET_PF_WRITE_PROTECTED fault, as KVM should return RET_PF_WRITE_PROTECTED if and only if there is a memslot, and creating a memslot is supposed to invalidate the MMIO cache by virtue of changing the memslot generation. Keep the code around mainly to provide a convenient location to document why emulated MMIO should be impossible. Suggested-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-23-seanjc@google.com Signed-off-by: Sean Christopherson commit d859b16161c81ee929b7b02a85227b8e3250bc97 Author: Sean Christopherson Date: Fri Aug 30 17:15:36 2024 -0700 KVM: x86/mmu: Detect if unprotect will do anything based on invalid_list Explicitly query the list of to-be-zapped shadow pages when checking to see if unprotecting a gfn for retry has succeeded, i.e. if KVM should retry the faulting instruction. Add a comment to explain why the list needs to be checked before zapping, which is the primary motivation for this change. No functional change intended. Reviewed-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-22-seanjc@google.com Signed-off-by: Sean Christopherson commit 6b3dcabc10911711eba15816d808e2a18f130406 Author: Sean Christopherson Date: Fri Aug 30 17:15:35 2024 -0700 KVM: x86/mmu: Subsume kvm_mmu_unprotect_page() into the and_retry() version Fold kvm_mmu_unprotect_page() into kvm_mmu_unprotect_gfn_and_retry() now that all other direct usage is gone. No functional change intended. Link: https://lore.kernel.org/r/20240831001538.336683-21-seanjc@google.com Signed-off-by: Sean Christopherson commit 2876624e1adcd9a3a3ffa8c4fe3bf8dbba969d95 Author: Sean Christopherson Date: Fri Aug 30 17:15:34 2024 -0700 KVM: x86: Rename reexecute_instruction()=>kvm_unprotect_and_retry_on_failure() Rename reexecute_instruction() to kvm_unprotect_and_retry_on_failure() to make the intent and purpose of the helper much more obvious. No functional change intended. Reviewed-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-20-seanjc@google.com Signed-off-by: Sean Christopherson commit 4df685664bed04794ad72b58d8af1fa4fcc60261 Author: Sean Christopherson Date: Fri Aug 30 17:15:33 2024 -0700 KVM: x86: Update retry protection fields when forcing retry on emulation failure When retrying the faulting instruction after emulation failure, refresh the infinite loop protection fields even if no shadow pages were zapped, i.e. avoid hitting an infinite loop even when retrying the instruction as a last-ditch effort to avoid terminating the guest. Link: https://lore.kernel.org/r/20240831001538.336683-19-seanjc@google.com Signed-off-by: Sean Christopherson commit dabc4ff70c35756bc107bc5d035d0f0746396a9a Author: Sean Christopherson Date: Fri Aug 30 17:15:32 2024 -0700 KVM: x86: Apply retry protection to "unprotect on failure" path Use kvm_mmu_unprotect_gfn_and_retry() in reexecute_instruction() to pick up protection against infinite loops, e.g. if KVM somehow manages to encounter an unsupported instruction and unprotecting the gfn doesn't allow the vCPU to make forward progress. Other than that, the retry-on- failure logic is a functionally equivalent, open coded version of kvm_mmu_unprotect_gfn_and_retry(). Note, the emulation failure path still isn't fully protected, as KVM won't update the retry protection fields if no shadow pages are zapped (but this change is still a step forward). That flaw will be addressed in a future patch. Reviewed-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-18-seanjc@google.com Signed-off-by: Sean Christopherson commit 19ab2c8be070160be70a88027b3b93106fef7b89 Author: Sean Christopherson Date: Fri Aug 30 17:15:31 2024 -0700 KVM: x86: Check EMULTYPE_WRITE_PF_TO_SP before unprotecting gfn Don't bother unprotecting the target gfn if EMULTYPE_WRITE_PF_TO_SP is set, as KVM will simply report the emulation failure to userspace. This will allow converting reexecute_instruction() to use kvm_mmu_unprotect_gfn_instead_retry() instead of kvm_mmu_unprotect_page(). Link: https://lore.kernel.org/r/20240831001538.336683-17-seanjc@google.com Signed-off-by: Sean Christopherson commit 620525739521376a65a690df899e1596d56791f8 Author: Sean Christopherson Date: Fri Aug 30 17:15:30 2024 -0700 KVM: x86: Remove manual pfn lookup when retrying #PF after failed emulation Drop the manual pfn look when retrying an instruction that KVM failed to emulation in response to a #PF due to a write-protected gfn. Now that KVM sets EMULTYPE_ALLOW_RETRY_PF if and only if the page fault hit a write- protected gfn, i.e. if and only if there's a writable memslot, there's no need to redo the lookup to avoid retrying an instruction that failed on emulated MMIO (no slot, or a write to a read-only slot). I.e. KVM will never attempt to retry an instruction that failed on emulated MMIO, whereas that was not the case prior to the introduction of RET_PF_WRITE_PROTECTED. Reviewed-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-16-seanjc@google.com Signed-off-by: Sean Christopherson commit b299c273c06f005976cdc1b9e9299d492527607e Author: Sean Christopherson Date: Fri Aug 30 17:15:29 2024 -0700 KVM: x86/mmu: Move event re-injection unprotect+retry into common path Move the event re-injection unprotect+retry logic into kvm_mmu_write_protect_fault(), i.e. unprotect and retry if and only if the #PF actually hit a write-protected gfn. Note, there is a small possibility that the gfn was unprotected by a different tasking between hitting the #PF and acquiring mmu_lock, but in that case, KVM will resume the guest immediately anyways because KVM will treat the fault as spurious. As a bonus, unprotecting _after_ handling the page fault also addresses the case where the installing a SPTE to handle fault encounters a shadowed PTE, i.e. *creates* a read-only SPTE. Opportunstically add a comment explaining what on earth the intent of the code is, as based on the changelog from commit 577bdc496614 ("KVM: Avoid instruction emulation when event delivery is pending"). Link: https://lore.kernel.org/r/20240831001538.336683-15-seanjc@google.com Signed-off-by: Sean Christopherson commit 29e495bdf847ac6ad0e0d03e5db39a3ed9f12858 Author: Sean Christopherson Date: Fri Aug 30 17:15:28 2024 -0700 KVM: x86/mmu: Always walk guest PTEs with WRITE access when unprotecting When getting a gpa from a gva to unprotect the associated gfn when an event is awating reinjection, walk the guest PTEs for WRITE as there's no point in unprotecting the gfn if the guest is unable to write the page, i.e. if write-protection can't trigger emulation. Note, the entire flow should be guarded on the access being a write, and even better should be conditioned on actually triggering a write-protect fault. This will be addressed in a future commit. Reviewed-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-14-seanjc@google.com Signed-off-by: Sean Christopherson commit b7e948898e772ac900950c0dac4ca90e905cd0c0 Author: Sean Christopherson Date: Fri Aug 30 17:15:27 2024 -0700 KVM: x86/mmu: Don't try to unprotect an INVALID_GPA If getting the gpa for a gva fails, e.g. because the gva isn't mapped in the guest page tables, don't try to unprotect the invalid gfn. This is mostly a performance fix (avoids unnecessarily taking mmu_lock), as for_each_gfn_valid_sp_with_gptes() won't explode on garbage input, it's simply pointless. Link: https://lore.kernel.org/r/20240831001538.336683-13-seanjc@google.com Signed-off-by: Sean Christopherson commit 2df354e37c1398a85bb43cbbf1f913eb3f91d035 Author: Sean Christopherson Date: Fri Aug 30 17:15:26 2024 -0700 KVM: x86: Fold retry_instruction() into x86_emulate_instruction() Now that retry_instruction() is reasonably tiny, fold it into its sole caller, x86_emulate_instruction(). In addition to getting rid of the absurdly confusing retry_instruction() name, handling the retry in x86_emulate_instruction() pairs it back up with the code that resets last_retry_{eip,address}. No functional change intended. Reviewed-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-12-seanjc@google.com Signed-off-by: Sean Christopherson commit 41e6e367d576ce1801dc5c2b106e14cde35e3c80 Author: Sean Christopherson Date: Fri Aug 30 17:15:25 2024 -0700 KVM: x86: Move EMULTYPE_ALLOW_RETRY_PF to x86_emulate_instruction() Move the sanity checks for EMULTYPE_ALLOW_RETRY_PF to the top of x86_emulate_instruction(). In addition to deduplicating a small amount of code, this makes the connection between EMULTYPE_ALLOW_RETRY_PF and EMULTYPE_PF even more explicit, and will allow dropping retry_instruction() entirely. Reviewed-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-11-seanjc@google.com Signed-off-by: Sean Christopherson commit dfaae8447c53819749cf3ba10ce24d3c609752e3 Author: Sean Christopherson Date: Fri Aug 30 17:15:24 2024 -0700 KVM: x86/mmu: Try "unprotect for retry" iff there are indirect SPs Try to unprotect shadow pages if and only if indirect_shadow_pages is non- zero, i.e. iff there is at least one protected such shadow page. Pre- checking indirect_shadow_pages avoids taking mmu_lock for write when the gfn is write-protected by a third party, i.e. not for KVM shadow paging, and in the *extremely* unlikely case that a different task has already unprotected the last shadow page. Link: https://lore.kernel.org/r/20240831001538.336683-10-seanjc@google.com Signed-off-by: Sean Christopherson commit 01dd4d319207c4cfd51a1c9a1812909e944d8c86 Author: Sean Christopherson Date: Fri Aug 30 17:15:23 2024 -0700 KVM: x86/mmu: Apply retry protection to "fast nTDP unprotect" path Move the anti-infinite-loop protection provided by last_retry_{eip,addr} into kvm_mmu_write_protect_fault() so that it guards unprotect+retry that never hits the emulator, as well as reexecute_instruction(), which is the last ditch "might as well try it" logic that kicks in when emulation fails on an instruction that faulted on a write-protected gfn. Add a new helper, kvm_mmu_unprotect_gfn_and_retry(), to set the retry fields and deduplicate other code (with more to come). Link: https://lore.kernel.org/r/20240831001538.336683-9-seanjc@google.com Signed-off-by: Sean Christopherson commit 9c19129e535bfff85bdfcb5a804e19e5aae935b2 Author: Sean Christopherson Date: Fri Aug 30 17:15:22 2024 -0700 KVM: x86: Store gpa as gpa_t, not unsigned long, when unprotecting for retry Store the gpa used to unprotect the faulting gfn for retry as a gpa_t, not an unsigned long. This fixes a bug where 32-bit KVM would unprotect and retry the wrong gfn if the gpa had bits 63:32!=0. In practice, this bug is functionally benign, as unprotecting the wrong gfn is purely a performance issue (thanks to the anti-infinite-loop logic). And of course, almost no one runs 32-bit KVM these days. Reviewed-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-8-seanjc@google.com Signed-off-by: Sean Christopherson commit 019f3f84a40c88b68ca4d455306b92c20733e784 Author: Sean Christopherson Date: Fri Aug 30 17:15:21 2024 -0700 KVM: x86: Get RIP from vCPU state when storing it to last_retry_eip Read RIP from vCPU state instead of pulling it from the emulation context when filling last_retry_eip, which is part of the anti-infinite-loop protection used when unprotecting and retrying instructions that hit a write-protected gfn. This will allow reusing the anti-infinite-loop protection in flows that never make it into the emulator. No functional change intended, as ctxt->eip is set to kvm_rip_read() in init_emulate_ctxt(), and EMULTYPE_PF emulation is mutually exclusive with EMULTYPE_NO_DECODE and EMULTYPE_SKIP, i.e. always goes through x86_decode_emulated_instruction() and hasn't advanced ctxt->eip (yet). Reviewed-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-7-seanjc@google.com Signed-off-by: Sean Christopherson commit c1edcc41c3603c65f34000ae031a20971f4e56f9 Author: Sean Christopherson Date: Fri Aug 30 17:15:20 2024 -0700 KVM: x86: Retry to-be-emulated insn in "slow" unprotect path iff sp is zapped Resume the guest and thus skip emulation of a non-PTE-writing instruction if and only if unprotecting the gfn actually zapped at least one shadow page. If the gfn is write-protected for some reason other than shadow paging, attempting to unprotect the gfn will effectively fail, and thus retrying the instruction is all but guaranteed to be pointless. This bug has existed for a long time, but was effectively fudged around by the retry RIP+address anti-loop detection. Reviewed-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-6-seanjc@google.com Signed-off-by: Sean Christopherson commit 2fb2b7877b3a4cac4de070ef92437b38f13559b0 Author: Sean Christopherson Date: Fri Aug 30 17:15:19 2024 -0700 KVM: x86/mmu: Skip emulation on page fault iff 1+ SPs were unprotected When doing "fast unprotection" of nested TDP page tables, skip emulation if and only if at least one gfn was unprotected, i.e. continue with emulation if simply resuming is likely to hit the same fault and risk putting the vCPU into an infinite loop. Note, it's entirely possible to get a false negative, e.g. if a different vCPU faults on the same gfn and unprotects the gfn first, but that's a relatively rare edge case, and emulating is still functionally ok, i.e. saving a few cycles by avoiding emulation isn't worth the risk of putting the vCPU into an infinite loop. Opportunistically rewrite the relevant comment to document in gory detail exactly what scenario the "fast unprotect" logic is handling. Fixes: 147277540bbc ("kvm: svm: Add support for additional SVM NPF error codes") Cc: Yuan Yao Reviewed-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-5-seanjc@google.com Signed-off-by: Sean Christopherson commit 989a84c93f592e6b288fb3b96d2eeec827d75bef Author: Sean Christopherson Date: Fri Aug 30 17:15:18 2024 -0700 KVM: x86/mmu: Trigger unprotect logic only on write-protection page faults Trigger KVM's various "unprotect gfn" paths if and only if the page fault was a write to a write-protected gfn. To do so, add a new page fault return code, RET_PF_WRITE_PROTECTED, to explicitly and precisely track such page faults. If a page fault requires emulation for any MMIO (or any reason besides write-protection), trying to unprotect the gfn is pointless and risks putting the vCPU into an infinite loop. E.g. KVM will put the vCPU into an infinite loop if the vCPU manages to trigger MMIO on a page table walk. Fixes: 147277540bbc ("kvm: svm: Add support for additional SVM NPF error codes") Reviewed-by: Yuan Yao Link: https://lore.kernel.org/r/20240831001538.336683-4-seanjc@google.com Signed-off-by: Sean Christopherson commit 4ececec19a0914873634ad69bbaca5557c33e855 Author: Sean Christopherson Date: Fri Aug 30 17:15:17 2024 -0700 KVM: x86/mmu: Replace PFERR_NESTED_GUEST_PAGE with a more descriptive helper Drop the globally visible PFERR_NESTED_GUEST_PAGE and replace it with a more appropriately named is_write_to_guest_page_table(). The macro name is misleading, because while all nNPT walks match PAGE|WRITE|PRESENT, the reverse is not true. No functional change intended. Link: https://lore.kernel.org/r/20240831001538.336683-3-seanjc@google.com Signed-off-by: Sean Christopherson commit 025dde582bbf31e7618f9283594ef5e2408e384b Author: Sean Christopherson Date: Thu Aug 29 12:14:13 2024 -0700 KVM: Harden guest memory APIs against out-of-bounds accesses When reading or writing a guest page, WARN and bail if offset+len would result in a read to a different page so that KVM bugs are more likely to be detected, and so that any such bugs are less likely to escalate to an out-of-bounds access. E.g. if userspace isn't using guard pages and the target page is at the end of a memslot. Note, KVM already hardens itself in similar APIs, e.g. in the "cached" variants, it's just the vanilla APIs that are playing with fire. Link: https://lore.kernel.org/r/20240829191413.900740-3-seanjc@google.com Signed-off-by: Sean Christopherson commit ec495f2ab12290b008a691e826b39b895f458945 Author: Sean Christopherson Date: Thu Aug 29 12:14:12 2024 -0700 KVM: Write the per-page "segment" when clearing (part of) a guest page Pass "seg" instead of "len" when writing guest memory in kvm_clear_guest(), as "seg" holds the number of bytes to write for the current page, while "len" holds the total bytes remaining. Luckily, all users of kvm_clear_guest() are guaranteed to not cross a page boundary, and so the bug is unhittable in the current code base. Fixes: 2f5414423ef5 ("KVM: remove kvm_clear_guest_page") Reported-by: zyr_ms@outlook.com Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219104 Link: https://lore.kernel.org/r/20240829191413.900740-2-seanjc@google.com Signed-off-by: Sean Christopherson commit 3dde46a21aa72a3640bf3f6ff5ce7838af06a1f9 Author: Sean Christopherson Date: Thu Sep 5 21:34:13 2024 -0700 KVM: nVMX: Assert that vcpu->mutex is held when accessing secondary VMCSes Add lockdep assertions in get_vmcs12() and get_shadow_vmcs12() to verify the vCPU's mutex is held, as the returned VMCS objects are dynamically allocated/freed when nested VMX is turned on/off, i.e. accessing vmcs12 structures without holding vcpu->mutex is susceptible to use-after-free. Waive the assertion if the VM is being destroyed, as KVM currently forces a nested VM-Exit when freeing the vCPU. If/when that wart is fixed, the assertion can/should be converted to an unqualified lockdep assertion. See also https://lore.kernel.org/all/Zsd0TqCeY3B5Sb5b@google.com. Link: https://lore.kernel.org/r/20240906043413.1049633-8-seanjc@google.com Signed-off-by: Sean Christopherson commit 1ed0f119c5ff66bec663ba5507539ec4a4f33775 Author: Sean Christopherson Date: Thu Sep 5 21:34:12 2024 -0700 KVM: nVMX: Explicitly invalidate posted_intr_nv if PI is disabled at VM-Enter Explicitly invalidate posted_intr_nv when emulating nested VM-Enter and posted interrupts are disabled to make it clear that posted_intr_nv is valid if and only if nested posted interrupts are enabled, and as a cheap way to harden against KVM bugs. KVM initializes posted_intr_nv to -1 at vCPU creation and resets it to -1 when unloading vmcs12 and/or leaving nested mode, i.e. this is not a bug fix (or at least, it's not intended to be a bug fix). Note, tracking nested.posted_intr_nv as a u16 subtly adds a measure of safety, as it prevents unintentionally matching KVM's informal "no IRQ" vector of -1, stored as a signed int. Because a u16 can be always be represented as a signed int, the effective "invalid" value of posted_intr_nv, 65535, will be preserved as-is when comparing against an int, i.e. will be zero-extended, not sign-extended, and thus won't get a false positive if KVM is buggy and compares posted_intr_nv against -1. Opportunistically add a comment in vmx_deliver_nested_posted_interrupt() to call out that it must check vmx->nested.posted_intr_nv, not the vector in vmcs12, which is presumably the _entire_ reason nested.posted_intr_nv exists. E.g. vmcs12 is a KVM-controlled snapshot, so there are no TOCTOU races to worry about, the only potential badness is if the vCPU leaves nested and frees vmcs12 between the sender checking is_guest_mode() and dereferencing the vmcs12 pointer. Link: https://lore.kernel.org/r/20240906043413.1049633-7-seanjc@google.com Signed-off-by: Sean Christopherson commit aa9477966aabc344ae83555002bd31809f6a9546 Author: Sean Christopherson Date: Thu Sep 5 21:34:11 2024 -0700 KVM: x86: Fold kvm_get_apic_interrupt() into kvm_cpu_get_interrupt() Fold kvm_get_apic_interrupt() into kvm_cpu_get_interrupt() now that nVMX essentially open codes kvm_get_apic_interrupt() in order to correctly emulate nested posted interrupts. Opportunistically stop exporting kvm_cpu_get_interrupt(), as the aforementioned nVMX flow was the only user in vendor code. Link: https://lore.kernel.org/r/20240906043413.1049633-6-seanjc@google.com Signed-off-by: Sean Christopherson commit 6e0b456547f41bafdad2dc3a72adc7f69326ca4c Author: Sean Christopherson Date: Thu Sep 5 21:34:10 2024 -0700 KVM: nVMX: Detect nested posted interrupt NV at nested VM-Exit injection When synthensizing a nested VM-Exit due to an external interrupt, pend a nested posted interrupt if the external interrupt vector matches L2's PI notification vector, i.e. if the interrupt is a PI notification for L2. This fixes a bug where KVM will incorrectly inject VM-Exit instead of processing nested posted interrupt when IPI virtualization is enabled. Per the SDM, detection of the notification vector doesn't occur until the interrupt is acknowledge and deliver to the CPU core. If the external-interrupt exiting VM-execution control is 1, any unmasked external interrupt causes a VM exit (see Section 26.2). If the "process posted interrupts" VM-execution control is also 1, this behavior is changed and the processor handles an external interrupt as follows: 1. The local APIC is acknowledged; this provides the processor core with an interrupt vector, called here the physical vector. 2. If the physical vector equals the posted-interrupt notification vector, the logical processor continues to the next step. Otherwise, a VM exit occurs as it would normally due to an external interrupt; the vector is saved in the VM-exit interruption-information field. For the most part, KVM has avoided problems because a PI NV for L2 that arrives will L2 is active will be processed by hardware, and KVM checks for a pending notification vector during nested VM-Enter. Thus, to hit the bug, the PI NV interrupt needs to sneak its way into L1's vIRR while L2 is active. Without IPI virtualization, the scenario is practically impossible to hit, modulo L1 doing weird things (see below), as the ordering between vmx_deliver_posted_interrupt() and nested VM-Enter effectively guarantees that either the sender will see the vCPU as being in_guest_mode(), or the receiver will see the interrupt in its vIRR. With IPI virtualization, introduced by commit d588bb9be1da ("KVM: VMX: enable IPI virtualization"), the sending CPU effectively implements a rough equivalent of vmx_deliver_posted_interrupt(), sans the nested PI NV check. If the target vCPU has a valid PID, the CPU will send a PI NV interrupt based on _L1's_ PID, as the sender's because IPIv table points at L1 PIDs. PIR := 32 bytes at PID_ADDR; // under lock PIR[V] := 1; store PIR at PID_ADDR; // release lock NotifyInfo := 8 bytes at PID_ADDR + 32; // under lock IF NotifyInfo.ON = 0 AND NotifyInfo.SN = 0; THEN NotifyInfo.ON := 1; SendNotify := 1; ELSE SendNotify := 0; FI; store NotifyInfo at PID_ADDR + 32; // release lock IF SendNotify = 1; THEN send an IPI specified by NotifyInfo.NDST and NotifyInfo.NV; FI; As a result, the target vCPU ends up receiving an interrupt on KVM's POSTED_INTR_VECTOR while L2 is running, with an interrupt in L1's PIR for L2's nested PI NV. The POSTED_INTR_VECTOR interrupt triggers a VM-Exit from L2 to L0, KVM moves the interrupt from L1's PIR to vIRR, triggers a KVM_REQ_EVENT prior to re-entry to L2, and calls vmx_check_nested_events(), effectively bypassing all of KVM's "early" checks on nested PI NV. Without IPI virtualization, the bug can likely be hit only if L1 programs an assigned device to _post_ an interrupt to L2's notification vector, by way of L1's PID.PIR. Doing so would allow the interrupt to get into L1's vIRR without KVM checking vmcs12's NV. Which is architecturally allowed, but unlikely behavior for a hypervisor. Cc: Zeng Guang Reviewed-by: Chao Gao Link: https://lore.kernel.org/r/20240906043413.1049633-5-seanjc@google.com Signed-off-by: Sean Christopherson commit 8c23670f2b0004edb8f7135e314114f0c3452085 Author: Sean Christopherson Date: Thu Sep 5 21:34:09 2024 -0700 KVM: nVMX: Suppress external interrupt VM-Exit injection if there's no IRQ In the should-be-impossible scenario that kvm_cpu_get_interrupt() doesn't return a valid vector after checking kvm_cpu_has_interrupt(), skip VM-Exit injection to reduce the probability of crashing/confusing L1. Now that KVM gets the IRQ _before_ calling nested_vmx_vmexit(), squashing the VM-Exit injection is trivial since there are no actions that need to be undone. Reviewed-by: Chao Gao Link: https://lore.kernel.org/r/20240906043413.1049633-4-seanjc@google.com Signed-off-by: Sean Christopherson commit 363010e1dd0efd4778637c1a5a5aaffbcfcae919 Author: Sean Christopherson Date: Thu Sep 5 21:34:08 2024 -0700 KVM: nVMX: Get to-be-acknowledge IRQ for nested VM-Exit at injection site Move the logic to get the to-be-acknowledge IRQ for a nested VM-Exit from nested_vmx_vmexit() to vmx_check_nested_events(), which is subtly the one and only path where KVM invokes nested_vmx_vmexit() with EXIT_REASON_EXTERNAL_INTERRUPT. A future fix will perform a last-minute check on L2's nested posted interrupt notification vector, just before injecting a nested VM-Exit. To handle that scenario correctly, KVM needs to get the interrupt _before_ injecting VM-Exit, as simply querying the highest priority interrupt, via kvm_cpu_has_interrupt(), would result in TOCTOU bug, as a new, higher priority interrupt could arrive between kvm_cpu_has_interrupt() and kvm_cpu_get_interrupt(). Unfortunately, simply moving the call to kvm_cpu_get_interrupt() doesn't suffice, as a VMWRITE to GUEST_INTERRUPT_STATUS.SVI is hiding in kvm_get_apic_interrupt(), and acknowledging the interrupt before nested VM-Exit would cause the VMWRITE to hit vmcs02 instead of vmcs01. Open code a rough equivalent to kvm_cpu_get_interrupt() so that the IRQ is acknowledged after emulating VM-Exit, taking care to avoid the TOCTOU issue described above. Opportunistically convert the WARN_ON() to a WARN_ON_ONCE(). If KVM has a bug that results in a false positive from kvm_cpu_has_interrupt(), spamming dmesg won't help the situation. Note, nested_vmx_reflect_vmexit() can never reflect external interrupts as they are always "wanted" by L0. Link: https://lore.kernel.org/r/20240906043413.1049633-3-seanjc@google.com Signed-off-by: Sean Christopherson commit a194a3a13ce0b4cce4b52f328405891ef3a85cb9 Author: Sean Christopherson Date: Thu Sep 5 21:34:07 2024 -0700 KVM: x86: Move "ack" phase of local APIC IRQ delivery to separate API Split the "ack" phase, i.e. the movement of an interrupt from IRR=>ISR, out of kvm_get_apic_interrupt() and into a separate API so that nested VMX can acknowledge a specific interrupt _after_ emulating a VM-Exit from L2 to L1. To correctly emulate nested posted interrupts while APICv is active, KVM must: 1. find the highest pending interrupt. 2. check if that IRQ is L2's notification vector 3. emulate VM-Exit if the IRQ is NOT the notification vector 4. ACK the IRQ in L1 _after_ VM-Exit When APICv is active, the process of moving the IRQ from the IRR to the ISR also requires a VMWRITE to update vmcs01.GUEST_INTERRUPT_STATUS.SVI, and so acknowledging the interrupt before switching to vmcs01 would result in marking the IRQ as in-service in the wrong VMCS. KVM currently fudges around this issue by doing kvm_get_apic_interrupt() smack dab in the middle of emulating VM-Exit, but that hack doesn't play nice with nested posted interrupts, as notification vector IRQs don't trigger a VM-Exit in the first place. Cc: Nathan Chancellor Link: https://lore.kernel.org/r/20240906043413.1049633-2-seanjc@google.com Signed-off-by: Sean Christopherson commit 7efb4d8a392a18e37fcdb5e77c111af6e9a9e2f2 Author: Kai Huang Date: Fri Sep 6 00:08:37 2024 +1200 KVM: VMX: Also clear SGX EDECCSSA in KVM CPU caps when SGX is disabled When SGX EDECCSSA support was added to KVM in commit 16a7fe3728a8 ("KVM/VMX: Allow exposing EDECCSSA user leaf function to KVM guest"), it forgot to clear the X86_FEATURE_SGX_EDECCSSA bit in KVM CPU caps when KVM SGX is disabled. Fix it. Fixes: 16a7fe3728a8 ("KVM/VMX: Allow exposing EDECCSSA user leaf function to KVM guest") Signed-off-by: Kai Huang Link: https://lore.kernel.org/r/20240905120837.579102-1-kai.huang@intel.com Signed-off-by: Sean Christopherson commit 4ca077f26d885cbc97e742a5f3572aac244a0f8a Author: Yue Haibing Date: Fri Aug 30 10:25:37 2024 +0800 KVM: x86: Remove some unused declarations Commit 238adc77051a ("KVM: Cleanup LAPIC interface") removed kvm_lapic_get_base() but leave declaration. And other two declarations were never implenmented since introduction. Signed-off-by: Yue Haibing Link: https://lore.kernel.org/r/20240830022537.2403873-1-yuehaibing@huawei.com Signed-off-by: Sean Christopherson commit c32e028057f144f15c06e2f09dfec49b14311910 Author: Sean Christopherson Date: Thu Aug 29 21:44:48 2024 -0700 KVM: selftests: Verify single-stepping a fastpath VM-Exit exits to userspace In x86's debug_regs test, change the RDMSR(MISC_ENABLES) in the single-step testcase to a WRMSR(TSC_DEADLINE) in order to verify that KVM honors KVM_GUESTDBG_SINGLESTEP when handling a fastpath VM-Exit. Note, the extra coverage is effectively Intel-only, as KVM only handles TSC_DEADLINE in the fastpath when the timer is emulated via the hypervisor timer, a.k.a. the VMX preemption timer. Link: https://lore.kernel.org/r/20240830044448.130449-1-seanjc@google.com Signed-off-by: Sean Christopherson commit 3f6821aa147b6e6fe07e8b35999724518b74a632 Author: Sean Christopherson Date: Fri Sep 6 09:13:37 2024 -0700 KVM: x86: Forcibly leave nested if RSM to L2 hits shutdown Leave nested mode before synthesizing shutdown (a.k.a. TRIPLE_FAULT) if RSM fails when resuming L2 (a.k.a. guest mode). Architecturally, shutdown on RSM occurs _before_ the transition back to guest mode on both Intel and AMD. On Intel, per the SDM pseudocode, SMRAM state is loaded before critical VMX state: restore state normally from SMRAM; ... CR4.VMXE := value stored internally; IF internal storage indicates that the logical processor had been in VMX operation (root or non-root) THEN enter VMX operation (root or non-root); restore VMX-critical state as defined in Section 32.14.1; ... restore current VMCS pointer; FI; AMD's APM is both less clearcut and more explicit. Because AMD CPUs save VMCB and guest state in SMRAM itself, given the lack of anything in the APM to indicate a shutdown in guest mode is possible, a straightforward reading of the clause on invalid state is that _what_ state is invalid is irrelevant, i.e. all roads lead to shutdown. An RSM causes a processor shutdown if an invalid-state condition is found in the SMRAM state-save area. This fixes a bug found by syzkaller where synthesizing shutdown for L2 led to a nested VM-Exit (if L1 is intercepting shutdown), which in turn caused KVM to complain about trying to cancel a nested VM-Enter (see commit 759cbd59674a ("KVM: x86: nSVM/nVMX: set nested_run_pending on VM entry which is a result of RSM"). Note, Paolo pointed out that KVM shouldn't set nested_run_pending until after loading SMRAM state. But as above, that's only half the story, KVM shouldn't transition to guest mode either. Unfortunately, fixing that mess requires rewriting the nVMX and nSVM RSM flows to not piggyback their nested VM-Enter flows, as executing the nested VM-Enter flows after loading state from SMRAM would clobber much of said state. For now, add a FIXME to call out that transitioning to guest mode before loading state from SMRAM is wrong. Link: https://lore.kernel.org/all/CABgObfYaUHXyRmsmg8UjRomnpQ0Jnaog9-L2gMjsjkqChjDYUQ@mail.gmail.com Reported-by: syzbot+988d9efcdf137bc05f66@syzkaller.appspotmail.com Closes: https://lore.kernel.org/all/0000000000007a9acb06151e1670@google.com Reported-by: Zheyu Ma Closes: https://lore.kernel.org/all/CAMhUBjmXMYsEoVYw_M8hSZjBMHh24i88QYm-RY6HDta5YZ7Wgw@mail.gmail.com Analyzed-by: Michal Wilczynski Cc: Kishen Maloor Reviewed-by: Maxim Levitsky Link: https://lore.kernel.org/r/20240906161337.1118412-1-seanjc@google.com Signed-off-by: Sean Christopherson commit a9b1fab3b69f163bbe7a012d0c3f6b5204500c05 Merge: 760664b72c415e 3c0bf13f5d5fcd Author: Jakub Kicinski Date: Mon Sep 9 19:20:42 2024 -0700 Merge branch 'ionic-convert-rx-queue-buffers-to-use-page_pool' Brett Creeley says: ==================== ionic: convert Rx queue buffers to use page_pool Our home-grown buffer management needs to go away and we need to play nicely with the page_pool infrastructure. This patchset cleans up some of our API use and converts the Rx traffic queues to use page_pool. The first few patches are for tidying up things, then a small XDP configuration refactor, adding page_pool support, and finally adding support to hot swap an XDP program without having to reconfigure anything. The result is code that more closely follows current patterns, as well as a either a performance boost or equivalent performance as seen with iperf testing: mss netio tx_pps rx_pps total_pps tx_bw rx_bw total_bw ---- ------- ---------- ---------- ----------- ------- ------- ---------- Before: 256 bidir 13,839,293 15,515,227 29,354,520 34 38 71 512 bidir 13,913,249 14,671,693 28,584,942 62 65 127 1024 bidir 13,006,189 13,695,413 26,701,602 109 115 224 1448 bidir 12,489,905 12,791,734 25,281,639 145 149 294 2048 bidir 9,195,622 9,247,649 18,443,271 148 149 297 4096 bidir 5,149,716 5,247,917 10,397,633 160 163 323 8192 bidir 3,029,993 3,008,882 6,038,875 179 179 358 9000 bidir 2,789,358 2,800,744 5,590,102 181 180 361 After: 256 bidir 21,540,037 21,344,644 42,884,681 52 52 104 512 bidir 23,170,014 19,207,260 42,377,274 103 85 188 1024 bidir 17,934,280 17,819,247 35,753,527 150 149 299 1448 bidir 15,242,515 14,907,030 30,149,545 167 174 341 2048 bidir 10,692,542 10,663,023 21,355,565 177 176 353 4096 bidir 6,024,977 6,083,580 12,108,557 187 180 367 8192 bidir 3,090,449 3,048,266 6,138,715 180 176 356 9000 bidir 2,859,146 2,864,226 5,723,372 178 180 358 v2: https://lore.kernel.org/20240826184422.21895-1-brett.creeley@amd.com v1: https://lore.kernel.org/20240625165658.34598-1-shannon.nelson@amd.com ==================== Link: https://patch.msgid.link/20240906232623.39651-1-brett.creeley@amd.com Signed-off-by: Jakub Kicinski commit 3c0bf13f5d5fcd6722e83a7203bf3dbb3ef73b6f Author: Brett Creeley Date: Fri Sep 6 16:26:23 2024 -0700 ionic: Allow XDP program to be hot swapped Using examples of other driver(s), add the ability to hot-swap an XDP program without having to reconfigure the queues. To prevent the q->xdp_prog to be read/written more than once use READ_ONCE() and WRITE_ONCE() on the q->xdp_prog. The q->xdp_prog was being checked in multiple different for loops in the hot path. The change to allow xdp_prog hot swapping created the possibility for many READ_ONCE(q->xdp_prog) calls during a single napi callback. Refactor the Rx napi handling to allow a previous READ_ONCE(q->xdp_prog) (or NULL for hwstamp_rxq) to be passed into the relevant functions. Also, move other Rx related hotpath handling into the newly created ionic_rx_cq_service() function to reduce the scope of the xdp_prog local variable and put all Rx handling in one function similar to Tx. Signed-off-by: Brett Creeley Signed-off-by: Shannon Nelson Link: https://patch.msgid.link/20240906232623.39651-8-brett.creeley@amd.com Signed-off-by: Jakub Kicinski commit ac8813c0ab7d2816946379bff2677a5f725e37bf Author: Shannon Nelson Date: Fri Sep 6 16:26:22 2024 -0700 ionic: convert Rx queue buffers to use page_pool Our home-grown buffer management needs to go away and we need to be playing nicely with the page_pool infrastructure. This converts the Rx traffic queues to use page_pool. Also, since ionic_rx_buf_size() was removed, redefine IONIC_PAGE_SIZE to account for IONIC_MAX_BUF_LEN being the largest allowed buffer to prevent overflowing u16 variables, which could happen when PAGE_SIZE is defined as >= 64KB. include/linux/minmax.h:93:37: warning: conversion from 'long unsigned int' to 'u16' {aka 'short unsigned int'} changes value from '65536' to '0' [-Woverflow] Signed-off-by: Shannon Nelson Signed-off-by: Brett Creeley Link: https://patch.msgid.link/20240906232623.39651-7-brett.creeley@amd.com Signed-off-by: Jakub Kicinski commit a7f3f635f07afc73711c66c023c1046bd2187d72 Author: Brett Creeley Date: Fri Sep 6 16:26:21 2024 -0700 ionic: Fully reconfigure queues when going to/from a NULL XDP program Currently when going to/from a NULL XDP program the driver uses ionic_stop_queues_reconfig() and then ionic_start_queues_reconfig() in order to re-register the xdp_rxq_info and re-init the queues. This is fine until page_pool(s) are used in an upcoming patch. In preparation for adding page_pool support make sure to completely rebuild the queues when going to/from a NULL XDP program. Without this change the call to mem_allocator_disconnect() never happens when going to a NULL XDP program, which eventually results in xdp_rxq_info_reg_mem_model() failing with -ENOSPC due to the mem_id_pool ida having no remaining space. Signed-off-by: Brett Creeley Signed-off-by: Shannon Nelson Link: https://patch.msgid.link/20240906232623.39651-6-brett.creeley@amd.com Signed-off-by: Jakub Kicinski commit 668e423920de1b64f7c1b60fa323c50e8d10719e Author: Shannon Nelson Date: Fri Sep 6 16:26:20 2024 -0700 ionic: always use rxq_info Instead of setting up and tearing down the rxq_info only when the XDP program is loaded or unloaded, we will build the rxq_info whether or not XDP is in use. This is the more common use pattern and better supports future conversion to page_pool. Since the rxq_info wants the napi_id we re-order things slightly to tie this into the queue init and deinit functions where we do the add and delete of napi. Signed-off-by: Shannon Nelson Signed-off-by: Brett Creeley Link: https://patch.msgid.link/20240906232623.39651-5-brett.creeley@amd.com Signed-off-by: Jakub Kicinski commit 7b4ec51f165f37b0102f98df1b0c13b64b5178e8 Author: Shannon Nelson Date: Fri Sep 6 16:26:19 2024 -0700 ionic: use per-queue xdp_prog We originally were using a per-interface xdp_prog variable to track a loaded XDP program since we knew there would never be support for a per-queue XDP program. With that, we only built the per queue rxq_info struct when an XDP program was loaded and removed it on XDP program unload, and used the pointer as an indicator in the Rx hotpath to know to how build the buffers. However, that's really not the model generally used, and makes a conversion to page_pool Rx buffer cacheing a little problematic. This patch converts the driver to use the more common approach of using a per-queue xdp_prog pointer to work out buffer allocations and need for bpf_prog_run_xdp(). We jostle a couple of fields in the queue struct in order to keep the new xdp_prog pointer in a warm cacheline. Signed-off-by: Shannon Nelson Signed-off-by: Brett Creeley Link: https://patch.msgid.link/20240906232623.39651-4-brett.creeley@amd.com Signed-off-by: Jakub Kicinski commit 7639a6e058155614d638072de6be2fba485813d6 Author: Shannon Nelson Date: Fri Sep 6 16:26:18 2024 -0700 ionic: rename ionic_xdp_rx_put_bufs We aren't "putting" buf, we're just unlinking them from our tracking in order to let the XDP_TX and XDP_REDIRECT tx clean paths take care of the pages when they are done with them. This rename clears up the intent. Signed-off-by: Shannon Nelson Signed-off-by: Brett Creeley Link: https://patch.msgid.link/20240906232623.39651-3-brett.creeley@amd.com Signed-off-by: Jakub Kicinski commit 4a0ec34870a2d278373897cf182cbe662d559eb2 Author: Shannon Nelson Date: Fri Sep 6 16:26:17 2024 -0700 ionic: debug line for Tx completion errors Here's a little debugging aid in case the device starts throwing Tx completion errors. Signed-off-by: Shannon Nelson Signed-off-by: Brett Creeley Link: https://patch.msgid.link/20240906232623.39651-2-brett.creeley@amd.com Signed-off-by: Jakub Kicinski commit 01d34cc93639172272c3e47edd5cf1a3ffc6dc7a Author: Uwe Kleine-König Date: Mon Sep 9 15:09:02 2024 +0200 powerpc: Switch back to struct platform_driver::remove() After commit 0edb555a65d1 ("platform: Make platform_driver::remove() return void") .remove() is (again) the right callback to implement for platform drivers. Convert all pwm drivers to use .remove(), with the eventual goal to drop struct platform_driver::remove_new(). As .remove() and .remove_new() have the same prototypes, conversion is done by just changing the structure member name in the driver initializer. Signed-off-by: Uwe Kleine-König Signed-off-by: Michael Ellerman Link: https://msgid.link/20240909130902.851274-2-u.kleine-koenig@baylibre.com commit b0e2b828dfca645a228f8c89d12fbc2baecfb7ea Author: Narayana Murty N Date: Mon Sep 9 09:02:20 2024 -0500 powerpc/pseries/eeh: Fix pseries_eeh_err_inject VFIO_EEH_PE_INJECT_ERR ioctl is currently failing on pseries due to missing implementation of err_inject eeh_ops for pseries. This patch implements pseries_eeh_err_inject in eeh_ops/pseries eeh_ops. Implements support for injecting MMIO load/store error for testing from user space. The check on PCI error type (bus type) code is moved to platform code, since the eeh_pe_inject_err can be allowed to more error types depending on platform requirement. Removal of the check for 'type' in eeh_pe_inject_err() doesn't impact PowerNV as pnv_eeh_err_inject() already has an equivalent check in place. Signed-off-by: Narayana Murty N Reviewed-by: Vaibhav Jain Signed-off-by: Michael Ellerman Link: https://msgid.link/20240909140220.529333-1-nnmlinux@linux.ibm.com commit 2a0091f9419cb6dbbada3a4c8d9e86117b80ead4 Author: Bjorn Helgaas Date: Mon Sep 2 15:28:59 2024 -0500 PCI: brcmstb: Sort enums, pcie_offsets[], pcie_cfg_data, .compatible strings Sort enum pcie_soc_base values. Rename pcie_offsets_bmips_7425[] to pcie_offsets_bcm7425[] to match BCM7425 pcie_soc_base enum, bcm7425_cfg, and "brcm,bcm7425-pcie" .compatible string. Rename pcie_offset_bcm7278[] to pcie_offsets_bcm7278[] to match other "pcie_offsets" names. Rename pcie_offset_bcm7712[] to pcie_offsets_bcm7712[] to match other "pcie_offsets" names. Sort pcie_offsets_*[] by SoC name, move them all together, indent values for easy reading. Sort pcie_cfg_data structs by SoC name. Sort .compatible strings by SoC name. No functional change intended. Link: https://lore.kernel.org/r/20240902205456.227409-1-helgaas@kernel.org Signed-off-by: Bjorn Helgaas Reviewed-by: Florian Fainelli commit 760664b72c415e349dc4e64a74cd220c131f3948 Merge: 9e70eb4a9a8e61 f8e82440d95940 Author: Jakub Kicinski Date: Mon Sep 9 17:44:52 2024 -0700 Merge branch 'rx-software-timestamp-for-all-round-3' Gal Pressman says: ==================== RX software timestamp for all - round 3 Rounds 1 & 2 of drivers conversion were merged [1][2], this round will complete the work. [1] https://lore.kernel.org/netdev/20240901112803.212753-1-gal@nvidia.com/ [2] https://lore.kernel.org/netdev/20240904074922.256275-1-gal@nvidia.com/ ==================== Link: https://patch.msgid.link/20240906144632.404651-1-gal@nvidia.com Signed-off-by: Jakub Kicinski commit f8e82440d95940627672100ebf08b76a9702feae Author: Gal Pressman Date: Fri Sep 6 17:46:32 2024 +0300 ptp: ptp_ines: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Link: https://patch.msgid.link/20240906144632.404651-17-gal@nvidia.com Signed-off-by: Jakub Kicinski commit d25e9e178c2ad94be03900e5559e82aabde198a0 Author: Gal Pressman Date: Fri Sep 6 17:46:31 2024 +0300 ixp4xx_eth: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Acked-by: Richard Cochran Acked-by: Linus Walleij Link: https://patch.msgid.link/20240906144632.404651-16-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 9364fa7fcf127514e2b740bc606f719ae5bc5961 Author: Gal Pressman Date: Fri Sep 6 17:46:30 2024 +0300 net: stmmac: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Link: https://patch.msgid.link/20240906144632.404651-15-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 4c00bb4c519b243c5f7231d153ff43edb4b14ba9 Author: Gal Pressman Date: Fri Sep 6 17:46:29 2024 +0300 sfc/siena: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Martin Habets Link: https://patch.msgid.link/20240906144632.404651-14-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 9d02e6c9513932befd0a02b9673e0576f7b82658 Author: Gal Pressman Date: Fri Sep 6 17:46:28 2024 +0300 sfc: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Martin Habets Link: https://patch.msgid.link/20240906144632.404651-13-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 36d84998da9f4056bcb671316b3eaa1117e90140 Author: Gal Pressman Date: Fri Sep 6 17:46:27 2024 +0300 qede: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Link: https://patch.msgid.link/20240906144632.404651-12-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 0de3c713e9b8b1085a1454122268f16aeeb3ee9b Author: Gal Pressman Date: Fri Sep 6 17:46:26 2024 +0300 net: mscc: ocelot: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Link: https://patch.msgid.link/20240906144632.404651-11-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 6cba6812a335e9b00fad0b5ce14688d3b6d7be8f Author: Gal Pressman Date: Fri Sep 6 17:46:25 2024 +0300 net/funeth: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Link: https://patch.msgid.link/20240906144632.404651-10-gal@nvidia.com Signed-off-by: Jakub Kicinski commit e4e0145ac5ac75472693bc33c72af79f3d786805 Author: Gal Pressman Date: Fri Sep 6 17:46:24 2024 +0300 enic: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Link: https://patch.msgid.link/20240906144632.404651-9-gal@nvidia.com Signed-off-by: Jakub Kicinski commit fedc2e795fd59f0cb7339dc8b5c7642da419ab87 Author: Gal Pressman Date: Fri Sep 6 17:46:23 2024 +0300 net: thunderx: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Link: https://patch.msgid.link/20240906144632.404651-8-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 441d0a79c950fc01f96f1060cde0bb8258d5f9f1 Author: Gal Pressman Date: Fri Sep 6 17:46:22 2024 +0300 liquidio: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Link: https://patch.msgid.link/20240906144632.404651-7-gal@nvidia.com Signed-off-by: Jakub Kicinski commit a8fe0c07f56c1bd5e8d06fbbde2235ab56266575 Author: Gal Pressman Date: Fri Sep 6 17:46:21 2024 +0300 net: macb: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Acked-by: Nicolas Ferre Link: https://patch.msgid.link/20240906144632.404651-6-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 18eb4d0440d8a104e8a10e032b62c3a2217b1e3a Author: Gal Pressman Date: Fri Sep 6 17:46:20 2024 +0300 amd-xgbe: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Acked-by: Shyam Sundar S K Link: https://patch.msgid.link/20240906144632.404651-5-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 1db368a040662cff2f7df84e683b8352ba7de4a0 Author: Gal Pressman Date: Fri Sep 6 17:46:19 2024 +0300 bonding: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Link: https://patch.msgid.link/20240906144632.404651-4-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 0644646d91b2111bad2b776261e6213468b1eb39 Author: Gal Pressman Date: Fri Sep 6 17:46:18 2024 +0300 tg3: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Michael Chan Reviewed-by: Pavan Chebbi Link: https://patch.msgid.link/20240906144632.404651-3-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 3fc85527b08c71eea2bca140e8fd939859a1cdfc Author: Gal Pressman Date: Fri Sep 6 17:46:17 2024 +0300 bnxt_en: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Michael Chan Reviewed-by: Pavan Chebbi Link: https://patch.msgid.link/20240906144632.404651-2-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 9e70eb4a9a8e61105932def55f4667d9a0055381 Author: MD Danish Anwar Date: Fri Sep 6 15:06:49 2024 +0530 net: ti: icssg-prueth: Make pa_stats optional pa_stats is optional in dt bindings, make it optional in driver as well. Currently if pa_stats syscon regmap is not found driver returns -ENODEV. Fix this by not returning an error in case pa_stats is not found and continue generating ethtool stats without pa_stats. Fixes: 550ee90ac61c ("net: ti: icssg-prueth: Add support for PA Stats") Signed-off-by: MD Danish Anwar Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240906093649.870883-1-danishanwar@ti.com Signed-off-by: Jakub Kicinski commit 5aa3b55bb312c389bc7bf9d8c220d7cc5cab04a3 Author: Simon Horman Date: Fri Sep 6 08:36:09 2024 +0100 net: ibm: emac: Use __iomem annotation for emac_[xg]aht_base dev->emacp contains an __iomem pointer and values derived from it are used as __iomem pointers. So use this annotation in the return type for helpers that derive pointers from dev->emacp. Flagged by Sparse as: .../core.c:444:36: warning: incorrect type in argument 1 (different address spaces) .../core.c:444:36: expected unsigned int volatile [noderef] [usertype] __iomem *addr .../core.c:444:36: got unsigned int [usertype] * .../core.c: note: in included file: .../core.h:416:25: warning: cast removes address space '__iomem' of expression Compile tested only. No functional change intended. Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240906-emac-iomem-v1-1-207cc4f3fed0@kernel.org Signed-off-by: Jakub Kicinski commit ae18d300e579ddb86187114bab8fcecf6b3ca9f2 Merge: bcd138b179f270 8a405552fd3b1e Author: Jakub Kicinski Date: Mon Sep 9 17:38:03 2024 -0700 Merge branch 'selftests-net-add-packetdrill' Willem de Bruijn says: ==================== selftests/net: add packetdrill Lay the groundwork to import into kselftests the over 150 packetdrill TCP/IP conformance tests on github.com/google/packetdrill. 1/2: add kselftest infra for TEST_PROGS that need an interpreter 2/2: add the specific packetdrill tests ==================== Link: https://patch.msgid.link/20240905231653.2427327-1-willemdebruijn.kernel@gmail.com Signed-off-by: Jakub Kicinski commit 8a405552fd3b1eefe186e724343e88790f6be832 Author: Willem de Bruijn Date: Thu Sep 5 19:15:52 2024 -0400 selftests/net: integrate packetdrill with ksft Lay the groundwork to import into kselftests the over 150 packetdrill TCP/IP conformance tests on github.com/google/packetdrill. Florian recently added support for packetdrill tests in nf_conntrack, in commit a8a388c2aae49 ("selftests: netfilter: add packetdrill based conntrack tests"). This patch takes a slightly different approach. It relies on ksft_runner.sh to run every *.pkt file in the directory. Any future imports of packetdrill tests should require no additional coding. Just add the *.pkt files. Initially import only two features/directories from github. One with a single script, and one with two. This was the only reason to pick tcp/inq and tcp/md5. The path replaces the directory hierarchy in github with a flat space of files: $(subst /,_,$(wildcard tcp/**/*.pkt)). This is the most straightforward option to integrate with kselftests. The Linked thread reviewed two ways to maintain the hierarchy: TEST_PROGS_RECURSE and PRESERVE_TEST_DIRS. But both introduce significant changes to kselftest infra and with that risk to existing tests. Implementation notes: - restore alphabetical order when adding the new directory to tools/testing/selftests/Makefile - imported *.pkt files and support verbatim from the github project, except for - update `source ./defaults.sh` path (to adjust for flat dir) - add SPDX headers - remove one author statement - Acknowledgment: drop an e (checkpatch) Tested: make -C tools/testing/selftests \ TARGETS=net/packetdrill \ run_tests make -C tools/testing/selftests \ TARGETS=net/packetdrill \ install INSTALL_PATH=$KSFT_INSTALL_PATH # in virtme-ng ./run_kselftest.sh -c net/packetdrill ./run_kselftest.sh -t net/packetdrill:tcp_inq_client.pkt Link: https://lore.kernel.org/netdev/20240827193417.2792223-1-willemdebruijn.kernel@gmail.com/ Signed-off-by: Willem de Bruijn Link: https://patch.msgid.link/20240905231653.2427327-3-willemdebruijn.kernel@gmail.com Signed-off-by: Jakub Kicinski commit dbd61921a6adbd231d8ca91537f1e7b62e9fea61 Author: Willem de Bruijn Date: Thu Sep 5 19:15:51 2024 -0400 selftests: support interpreted scripts with ksft_runner.sh Support testcases that are themselves not executable, but need an interpreter to run them. If a test file is not executable, but an executable file ksft_runner.sh exists in the TARGET dir, kselftest will run ./ksft_runner.sh ./$BASENAME_TEST Packetdrill may add hundreds of packetdrill scripts for testing. These scripts must be passed to the packetdrill process. Have kselftest run each test directly, as it already solves common runner requirements like parallel execution and isolation (netns). A previous RFC added a wrapper in between, which would have to reimplement such functionality. Link: https://lore.kernel.org/netdev/66d4d97a4cac_3df182941a@willemb.c.googlers.com.notmuch/T/ Signed-off-by: Willem de Bruijn Link: https://patch.msgid.link/20240905231653.2427327-2-willemdebruijn.kernel@gmail.com Signed-off-by: Jakub Kicinski commit bcd138b179f2701459d404880d018d065a958fc9 Merge: 228fa9b1e86d13 8410adf2e38ad3 Author: Jakub Kicinski Date: Mon Sep 9 17:17:45 2024 -0700 Merge branch 'various-cleanups' Rosen Penev says: ==================== various cleanups Allow CI to build. Also a bugfix for dual GMAC devices. ==================== Link: https://patch.msgid.link/20240905194938.8453-1-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 8410adf2e38ad32f20edf6d90e049a8203f51d9e Author: Sven Eckelmann Date: Thu Sep 5 12:49:38 2024 -0700 net: ag71xx: disable napi interrupts during probe ag71xx_probe is registering ag71xx_interrupt as handler for gmac0/gmac1 interrupts. The handler is trying to use napi_schedule to handle the processing of packets. But the netif_napi_add for this device is called a lot later in ag71xx_probe. It can therefore happen that a still running gmac0/gmac1 is triggering the interrupt handler with a bit from AG71XX_INT_POLL set in AG71XX_REG_INT_STATUS. The handler will then call napi_schedule and the napi code will crash the system because the ag->napi is not yet initialized. The gmcc0/gmac1 must be brought in a state in which it doesn't signal a AG71XX_INT_POLL related status bits as interrupt before registering the interrupt handler. ag71xx_hw_start will take care of re-initializing the AG71XX_REG_INT_ENABLE. This will become relevant when dual GMAC devices get added here. Signed-off-by: Sven Eckelmann Signed-off-by: Rosen Penev Link: https://patch.msgid.link/20240905194938.8453-8-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 40f111cc6e1b35562e815170d8f7efb49bf0fb21 Author: Rosen Penev Date: Thu Sep 5 12:49:37 2024 -0700 net: ag71xx: remove always true branch The opposite of this condition is checked above and if true, function returns. Which means this can never be false. Signed-off-by: Rosen Penev Reviewed-by: Oleksij Rempel Link: https://patch.msgid.link/20240905194938.8453-7-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit bfff5d8e211189396c8f9841d0b027f13452b162 Author: Rosen Penev Date: Thu Sep 5 12:49:36 2024 -0700 net: ag71xx: get reset control using devm api Currently, the of variant is missing reset_control_put in error paths. The devm variant does not require it. Allows removing mdio_reset from the struct as it is not used outside the function. Signed-off-by: Rosen Penev Reviewed-by: Oleksij Rempel Link: https://patch.msgid.link/20240905194938.8453-6-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 441a2798623cc3eefd936b33a9cf8d1973b6688b Author: Rosen Penev Date: Thu Sep 5 12:49:35 2024 -0700 net: ag71xx: use ethtool_puts Allows simplifying get_strings and avoids manual pointer manipulation. Signed-off-by: Rosen Penev Reviewed-by: Oleksij Rempel Link: https://patch.msgid.link/20240905194938.8453-5-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 28540850577b269a881f5f7b579ba93ea670abb5 Author: Rosen Penev Date: Thu Sep 5 12:49:34 2024 -0700 net: ag71xx: update FIFO bits and descriptions Taken from QCA SDK. No functional difference as same bits get applied. Signed-off-by: Rosen Penev Reviewed-by: Oleksij Rempel Link: https://patch.msgid.link/20240905194938.8453-4-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 7c3736a12938112a4d1c007156272b7036ce4981 Author: Rosen Penev Date: Thu Sep 5 12:49:33 2024 -0700 net: ag71xx: add MODULE_DESCRIPTION Now that COMPILE_TEST is enabled, it gets flagged when building with allmodconfig W=1 builds. Text taken from the beginning of the file. Signed-off-by: Rosen Penev Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240905194938.8453-3-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 969431d2b0df7e926169b211164f534be5098f8e Author: Rosen Penev Date: Thu Sep 5 12:49:32 2024 -0700 net: ag71xx: add COMPILE_TEST to test compilation While this driver is meant for MIPS only, it can be compiled on x86 just fine. Remove pointless parentheses while at it. Enables CI building of this driver. Signed-off-by: Rosen Penev Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240905194938.8453-2-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 228fa9b1e86d13b4031f18793048643384eb4e51 Merge: e4225a8c46ec71 5aa57d9f2d5311 Author: Jakub Kicinski Date: Mon Sep 9 17:14:28 2024 -0700 Merge branch 'af_unix-correct-manage_oob-when-oob-follows-a-consumed-oob' Kuniyuki Iwashima says: ==================== af_unix: Correct manage_oob() when OOB follows a consumed OOB. Recently syzkaller reported UAF of OOB skb. The bug was introduced by commit 93c99f21db36 ("af_unix: Don't stop recv(MSG_DONTWAIT) if consumed OOB skb is at the head.") but uncovered by another recent commit 8594d9b85c07 ("af_unix: Don't call skb_get() for OOB skb."). [0]: https://lore.kernel.org/netdev/00000000000083b05a06214c9ddc@google.com/ ==================== Link: https://patch.msgid.link/20240905193240.17565-1-kuniyu@amazon.com Signed-off-by: Jakub Kicinski commit 5aa57d9f2d5311f19434d95b2a81610aa263e23b Author: Kuniyuki Iwashima Date: Thu Sep 5 12:32:40 2024 -0700 af_unix: Don't return OOB skb in manage_oob(). syzbot reported use-after-free in unix_stream_recv_urg(). [0] The scenario is 1. send(MSG_OOB) 2. recv(MSG_OOB) -> The consumed OOB remains in recv queue 3. send(MSG_OOB) 4. recv() -> manage_oob() returns the next skb of the consumed OOB -> This is also OOB, but unix_sk(sk)->oob_skb is not cleared 5. recv(MSG_OOB) -> unix_sk(sk)->oob_skb is used but already freed The recent commit 8594d9b85c07 ("af_unix: Don't call skb_get() for OOB skb.") uncovered the issue. If the OOB skb is consumed and the next skb is peeked in manage_oob(), we still need to check if the skb is OOB. Let's do so by falling back to the following checks in manage_oob() and add the test case in selftest. Note that we need to add a similar check for SIOCATMARK. [0]: BUG: KASAN: slab-use-after-free in unix_stream_read_actor+0xa6/0xb0 net/unix/af_unix.c:2959 Read of size 4 at addr ffff8880326abcc4 by task syz-executor178/5235 CPU: 0 UID: 0 PID: 5235 Comm: syz-executor178 Not tainted 6.11.0-rc5-syzkaller-00742-gfbdaffe41adc #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 Call Trace: __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 unix_stream_read_actor+0xa6/0xb0 net/unix/af_unix.c:2959 unix_stream_recv_urg+0x1df/0x320 net/unix/af_unix.c:2640 unix_stream_read_generic+0x2456/0x2520 net/unix/af_unix.c:2778 unix_stream_recvmsg+0x22b/0x2c0 net/unix/af_unix.c:2996 sock_recvmsg_nosec net/socket.c:1046 [inline] sock_recvmsg+0x22f/0x280 net/socket.c:1068 ____sys_recvmsg+0x1db/0x470 net/socket.c:2816 ___sys_recvmsg net/socket.c:2858 [inline] __sys_recvmsg+0x2f0/0x3e0 net/socket.c:2888 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f5360d6b4e9 Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fff29b3a458 EFLAGS: 00000246 ORIG_RAX: 000000000000002f RAX: ffffffffffffffda RBX: 00007fff29b3a638 RCX: 00007f5360d6b4e9 RDX: 0000000000002001 RSI: 0000000020000640 RDI: 0000000000000003 RBP: 00007f5360dde610 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00007fff29b3a628 R14: 0000000000000001 R15: 0000000000000001 Allocated by task 5235: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 unpoison_slab_object mm/kasan/common.c:312 [inline] __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:338 kasan_slab_alloc include/linux/kasan.h:201 [inline] slab_post_alloc_hook mm/slub.c:3988 [inline] slab_alloc_node mm/slub.c:4037 [inline] kmem_cache_alloc_node_noprof+0x16b/0x320 mm/slub.c:4080 __alloc_skb+0x1c3/0x440 net/core/skbuff.c:667 alloc_skb include/linux/skbuff.h:1320 [inline] alloc_skb_with_frags+0xc3/0x770 net/core/skbuff.c:6528 sock_alloc_send_pskb+0x91a/0xa60 net/core/sock.c:2815 sock_alloc_send_skb include/net/sock.h:1778 [inline] queue_oob+0x108/0x680 net/unix/af_unix.c:2198 unix_stream_sendmsg+0xd24/0xf80 net/unix/af_unix.c:2351 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:745 ____sys_sendmsg+0x525/0x7d0 net/socket.c:2597 ___sys_sendmsg net/socket.c:2651 [inline] __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2680 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Freed by task 5235: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579 poison_slab_object+0xe0/0x150 mm/kasan/common.c:240 __kasan_slab_free+0x37/0x60 mm/kasan/common.c:256 kasan_slab_free include/linux/kasan.h:184 [inline] slab_free_hook mm/slub.c:2252 [inline] slab_free mm/slub.c:4473 [inline] kmem_cache_free+0x145/0x350 mm/slub.c:4548 unix_stream_read_generic+0x1ef6/0x2520 net/unix/af_unix.c:2917 unix_stream_recvmsg+0x22b/0x2c0 net/unix/af_unix.c:2996 sock_recvmsg_nosec net/socket.c:1046 [inline] sock_recvmsg+0x22f/0x280 net/socket.c:1068 __sys_recvfrom+0x256/0x3e0 net/socket.c:2255 __do_sys_recvfrom net/socket.c:2273 [inline] __se_sys_recvfrom net/socket.c:2269 [inline] __x64_sys_recvfrom+0xde/0x100 net/socket.c:2269 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f The buggy address belongs to the object at ffff8880326abc80 which belongs to the cache skbuff_head_cache of size 240 The buggy address is located 68 bytes inside of freed 240-byte region [ffff8880326abc80, ffff8880326abd70) The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x326ab ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) page_type: 0xfdffffff(slab) raw: 00fff00000000000 ffff88801eaee780 ffffea0000b7dc80 dead000000000003 raw: 0000000000000000 00000000800c000c 00000001fdffffff 0000000000000000 page dumped because: kasan: bad access detected page_owner tracks the page as allocated page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 4686, tgid 4686 (udevadm), ts 32357469485, free_ts 28829011109 set_page_owner include/linux/page_owner.h:32 [inline] post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493 prep_new_page mm/page_alloc.c:1501 [inline] get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439 __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695 __alloc_pages_node_noprof include/linux/gfp.h:269 [inline] alloc_pages_node_noprof include/linux/gfp.h:296 [inline] alloc_slab_page+0x5f/0x120 mm/slub.c:2321 allocate_slab+0x5a/0x2f0 mm/slub.c:2484 new_slab mm/slub.c:2537 [inline] ___slab_alloc+0xcd1/0x14b0 mm/slub.c:3723 __slab_alloc+0x58/0xa0 mm/slub.c:3813 __slab_alloc_node mm/slub.c:3866 [inline] slab_alloc_node mm/slub.c:4025 [inline] kmem_cache_alloc_node_noprof+0x1fe/0x320 mm/slub.c:4080 __alloc_skb+0x1c3/0x440 net/core/skbuff.c:667 alloc_skb include/linux/skbuff.h:1320 [inline] alloc_uevent_skb+0x74/0x230 lib/kobject_uevent.c:289 uevent_net_broadcast_untagged lib/kobject_uevent.c:326 [inline] kobject_uevent_net_broadcast+0x2fd/0x580 lib/kobject_uevent.c:410 kobject_uevent_env+0x57d/0x8e0 lib/kobject_uevent.c:608 kobject_synth_uevent+0x4ef/0xae0 lib/kobject_uevent.c:207 uevent_store+0x4b/0x70 drivers/base/bus.c:633 kernfs_fop_write_iter+0x3a1/0x500 fs/kernfs/file.c:334 new_sync_write fs/read_write.c:497 [inline] vfs_write+0xa72/0xc90 fs/read_write.c:590 page last free pid 1 tgid 1 stack trace: reset_page_owner include/linux/page_owner.h:25 [inline] free_pages_prepare mm/page_alloc.c:1094 [inline] free_unref_page+0xd22/0xea0 mm/page_alloc.c:2612 kasan_depopulate_vmalloc_pte+0x74/0x90 mm/kasan/shadow.c:408 apply_to_pte_range mm/memory.c:2797 [inline] apply_to_pmd_range mm/memory.c:2841 [inline] apply_to_pud_range mm/memory.c:2877 [inline] apply_to_p4d_range mm/memory.c:2913 [inline] __apply_to_page_range+0x8a8/0xe50 mm/memory.c:2947 kasan_release_vmalloc+0x9a/0xb0 mm/kasan/shadow.c:525 purge_vmap_node+0x3e3/0x770 mm/vmalloc.c:2208 __purge_vmap_area_lazy+0x708/0xae0 mm/vmalloc.c:2290 _vm_unmap_aliases+0x79d/0x840 mm/vmalloc.c:2885 change_page_attr_set_clr+0x2fe/0xdb0 arch/x86/mm/pat/set_memory.c:1881 change_page_attr_set arch/x86/mm/pat/set_memory.c:1922 [inline] set_memory_nx+0xf2/0x130 arch/x86/mm/pat/set_memory.c:2110 free_init_pages arch/x86/mm/init.c:924 [inline] free_kernel_image_pages arch/x86/mm/init.c:943 [inline] free_initmem+0x79/0x110 arch/x86/mm/init.c:970 kernel_init+0x31/0x2b0 init/main.c:1476 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Memory state around the buggy address: ffff8880326abb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff8880326abc00: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc >ffff8880326abc80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff8880326abd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc ffff8880326abd80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb Fixes: 93c99f21db36 ("af_unix: Don't stop recv(MSG_DONTWAIT) if consumed OOB skb is at the head.") Reported-by: syzbot+8811381d455e3e9ec788@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=8811381d455e3e9ec788 Signed-off-by: Kuniyuki Iwashima Link: https://patch.msgid.link/20240905193240.17565-5-kuniyu@amazon.com Signed-off-by: Jakub Kicinski commit a0264a9f51fe0d196f22efd7538eb749e3448c2d Author: Kuniyuki Iwashima Date: Thu Sep 5 12:32:39 2024 -0700 af_unix: Move spin_lock() in manage_oob(). When OOB skb has been already consumed, manage_oob() returns the next skb if exists. In such a case, we need to fall back to the else branch below. Then, we want to keep holding spin_lock(&sk->sk_receive_queue.lock). Let's move it out of if-else branch and add lightweight check before spin_lock() for major use cases without OOB skb. Signed-off-by: Kuniyuki Iwashima Link: https://patch.msgid.link/20240905193240.17565-4-kuniyu@amazon.com Signed-off-by: Jakub Kicinski commit beb2c5f19b6ab033b187e770a659c730c3bd05ca Author: Kuniyuki Iwashima Date: Thu Sep 5 12:32:38 2024 -0700 af_unix: Rename unlinked_skb in manage_oob(). When OOB skb has been already consumed, manage_oob() returns the next skb if exists. In such a case, we need to fall back to the else branch below. Then, we need to keep two skbs and free them later with consume_skb() and kfree_skb(). Let's rename unlinked_skb accordingly. Signed-off-by: Kuniyuki Iwashima Link: https://patch.msgid.link/20240905193240.17565-3-kuniyu@amazon.com Signed-off-by: Jakub Kicinski commit 579770dd89855915096db8364261543c37ed34ef Author: Kuniyuki Iwashima Date: Thu Sep 5 12:32:37 2024 -0700 af_unix: Remove single nest in manage_oob(). This is a prep for the later fix. No functional change intended. Signed-off-by: Kuniyuki Iwashima Link: https://patch.msgid.link/20240905193240.17565-2-kuniyu@amazon.com Signed-off-by: Jakub Kicinski commit e4225a8c46ec7109fdf2e2ce6f92e52b25cb2363 Merge: 17245a195df4c8 9c100bc3ec1391 Author: Jakub Kicinski Date: Mon Sep 9 17:11:05 2024 -0700 Merge tag 'linux-can-next-for-6.12-20240909' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next Marc Kleine-Budde says: ==================== pull-request: can-next 2024-09-09 The first patch is by Rob Herring and simplifies the DT parsing in the cc770 driver. The next 2 patches both target the rockchip_canfd driver added in the last pull request to net-next. The first one is by Nathan Chancellor and fixes the return type of rkcanfd_start_xmit(), the second one is by me and fixes a 64 bit division on 32 bit platforms in rkcanfd_timestamp_init(). * tag 'linux-can-next-for-6.12-20240909' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next: can: rockchip_canfd: rkcanfd_timestamp_init(): fix 64 bit division on 32 bit platforms can: rockchip_canfd: fix return type of rkcanfd_start_xmit() net: can: cc770: Simplify parsing DT properties ==================== Link: https://patch.msgid.link/20240909063657.2287493-1-mkl@pengutronix.de Signed-off-by: Jakub Kicinski commit 17245a195df4c86b1fd38718d8cdc532c040c08e Author: Jakub Kicinski Date: Fri Sep 6 09:10:59 2024 -0700 net: remove dev_pick_tx_cpu_id() dev_pick_tx_cpu_id() has been introduced with two users by commit a4ea8a3dacc3 ("net: Add generic ndo_select_queue functions"). The use in AF_PACKET has been removed in 2019 by commit b71b5837f871 ("packet: rework packet_pick_tx_queue() to use common code selection") The other user was a Netlogic XLP driver, removed in 2021 by commit 47ac6f567c28 ("staging: Remove Netlogic XLP network driver"). It's relatively unlikely that any modern driver will need an .ndo_select_queue implementation which picks purely based on CPU ID and skips XPS, delete dev_pick_tx_cpu_id() Found by code inspection. Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240906161059.715546-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit 3e3353527fbddbb22b90b3953909a70a0155f2d8 Merge: a7e387375f22a4 a92d1db0c989d4 Author: Jakub Kicinski Date: Mon Sep 9 16:52:06 2024 -0700 Merge branch 'selftests-mptcp-add-time-per-subtests-in-tap-output' Matthieu Baerts says: ==================== selftests: mptcp: add time per subtests in TAP output Patches here add 'time=ms' in the diagnostic data of the TAP output, e.g. ok 1 - pm_netlink: defaults addr list # time=9ms This addition is useful to quickly identify which subtests are taking a longer time than the others, or more than expected. Note that there are no specific formats to follow to show this time according to the TAP 13, TAP 14 and KTAP specifications, but we follow the format being parsed by NIPA [1]. Patch 1 modifies mptcp_lib.sh to add this support to all MPTCP selftests. Patch 2 removes the now duplicated info in mptcp_connect.sh Patch 3 slightly improves the precision of the first subtests in all MPTCP subtests. Patches 4 and 5 remove duplicated spaces in TAP output, for the TAP parsers that cannot handle them properly. v1: https://lore.kernel.org/20240902-net-next-mptcp-ksft-subtest-time-v1-0-f1ed499a11b1@kernel.org Link: https://github.com/linux-netdev/nipa/pull/36 ==================== Link: https://patch.msgid.link/20240906-net-next-mptcp-ksft-subtest-time-v2-0-31d5ee4f3bdf@kernel.org Signed-off-by: Jakub Kicinski commit a92d1db0c989d4244d3a671d78f291606ed4ce35 Author: Matthieu Baerts (NGI0) Date: Fri Sep 6 20:46:11 2024 +0200 selftests: mptcp: connect: remove duplicated spaces in TAP output It is nice to have a visual alignment in the test output to present the different results, but it makes less sense in the TAP output that is there for computers. It sounds then better to remove the duplicated whitespaces in the TAP output, also because it can cause some issues with TAP parsers expecting only one space around the directive delimiter (#). While at it, change the variable name (result_msg) to something more explicit. Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240906-net-next-mptcp-ksft-subtest-time-v2-5-31d5ee4f3bdf@kernel.org Signed-off-by: Jakub Kicinski commit a5b6be42aac0fd3b94adaeec3cda4d847b304fd8 Author: Matthieu Baerts (NGI0) Date: Fri Sep 6 20:46:10 2024 +0200 selftests: mptcp: diag: remove trailing whitespace It doesn't need to be there, and it can cause some issues with TAP parsers expecting only one space around the directive delimiter (#). Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240906-net-next-mptcp-ksft-subtest-time-v2-4-31d5ee4f3bdf@kernel.org Signed-off-by: Jakub Kicinski commit d4e192728efc532bc9a93e664f81fac602786450 Author: Matthieu Baerts (NGI0) Date: Fri Sep 6 20:46:09 2024 +0200 selftests: mptcp: reset the last TS before the first test Just to slightly improve the precision of the duration of the first test. In mptcp_join.sh, the last append_prev_results is now done as soon as the last test is over: this will add the last result in the list, and get a more precise time for this last test. Reviewed-by: Mat Martineau Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240906-net-next-mptcp-ksft-subtest-time-v2-3-31d5ee4f3bdf@kernel.org Signed-off-by: Jakub Kicinski commit 1a38cee4bbd0adeb62e11aab429678b1fb4a12ae Author: Matthieu Baerts (NGI0) Date: Fri Sep 6 20:46:08 2024 +0200 selftests: mptcp: connect: remote time in TAP output It is now added by the MPTCP lib automatically, see the parent commit. The time in the TAP output might be slightly different from the one displayed before, but that's OK. Reviewed-by: Mat Martineau Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240906-net-next-mptcp-ksft-subtest-time-v2-2-31d5ee4f3bdf@kernel.org Signed-off-by: Jakub Kicinski commit f58817c852e9c9eb8116c24d8271a35159636605 Author: Matthieu Baerts (NGI0) Date: Fri Sep 6 20:46:07 2024 +0200 selftests: mptcp: lib: add time per subtests in TAP output It adds 'time=ms' in the diagnostic data of the TAP output, e.g. ok 1 - pm_netlink: defaults addr list # time=9ms This addition is useful to quickly identify which subtests are taking a longer time than the others, or more than expected. Note that there are no specific formats to follow to show this time according to the TAP 13 [1], TAP 14 [2] and KTAP [3] specifications. Let's then define this one here. Link: https://testanything.org/tap-version-13-specification.html [1] Link: https://testanything.org/tap-version-14-specification.html [2] Link: https://docs.kernel.org/dev-tools/ktap.html [3] Reviewed-by: Mat Martineau Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240906-net-next-mptcp-ksft-subtest-time-v2-1-31d5ee4f3bdf@kernel.org Signed-off-by: Jakub Kicinski commit dab2214fec6057d2ba816bba1d30aca73c08ad68 Author: WangYuli Date: Fri Sep 6 13:40:08 2024 +0800 treewide: correct the typo 'retun' There are some spelling mistakes of 'retun' in comments which should be instead of 'return'. Link: https://lkml.kernel.org/r/63D0F870EE8E87A0+20240906054008.390188-1-wangyuli@uniontech.com Signed-off-by: WangYuli Signed-off-by: Andrew Morton commit 73b4fcab4905e17f2a22af278efd75f1cd008e29 Author: Joseph Qi Date: Wed Sep 4 15:10:04 2024 +0800 ocfs2: cleanup return value and mlog in ocfs2_global_read_info() Return 0 instead of sizeof(ocfs2_global_disk_dqinfo) that .quota_read returns in normal case. Also cleanup mlog to make code more readable. Link: https://lkml.kernel.org/r/20240904071004.2067695-2-joseph.qi@linux.alibaba.com Signed-off-by: Joseph Qi Reviewed-by: Heming Zhao Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Cc: Changwei Ge Cc: Gang He Cc: Jun Piao Signed-off-by: Andrew Morton commit fd127b155523bbfaa91a5872f4d93a80f70b8238 Author: Kunwu Chan Date: Wed Sep 4 19:16:03 2024 +0900 nilfs2: remove duplicate 'unlikely()' usage Nested unlikely() calls, IS_ERR already uses unlikely() internally Link: https://lkml.kernel.org/r/20240904101618.17716-1-konishi.ryusuke@gmail.com Signed-off-by: Kunwu Chan Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit f9c96351aa6718b42a9f42eaf7adce0356bdb5e8 Author: Ryusuke Konishi Date: Wed Sep 4 17:13:09 2024 +0900 nilfs2: fix potential oob read in nilfs_btree_check_delete() The function nilfs_btree_check_delete(), which checks whether degeneration to direct mapping occurs before deleting a b-tree entry, causes memory access outside the block buffer when retrieving the maximum key if the root node has no entries. This does not usually happen because b-tree mappings with 0 child nodes are never created by mkfs.nilfs2 or nilfs2 itself. However, it can happen if the b-tree root node read from a device is configured that way, so fix this potential issue by adding a check for that case. Link: https://lkml.kernel.org/r/20240904081401.16682-4-konishi.ryusuke@gmail.com Fixes: 17c76b0104e4 ("nilfs2: B-tree based block mapping") Signed-off-by: Ryusuke Konishi Cc: Lizhi Xu Signed-off-by: Andrew Morton commit 111b812d3662f3a1b831d19208f83aa711583fe6 Author: Ryusuke Konishi Date: Wed Sep 4 17:13:08 2024 +0900 nilfs2: determine empty node blocks as corrupted Due to the nature of b-trees, nilfs2 itself and admin tools such as mkfs.nilfs2 will never create an intermediate b-tree node block with 0 child nodes, nor will they delete (key, pointer)-entries that would result in such a state. However, it is possible that a b-tree node block is corrupted on the backing device and is read with 0 child nodes. Because operation is not guaranteed if the number of child nodes is 0 for intermediate node blocks other than the root node, modify nilfs_btree_node_broken(), which performs sanity checks when reading a b-tree node block, so that such cases will be judged as metadata corruption. Link: https://lkml.kernel.org/r/20240904081401.16682-3-konishi.ryusuke@gmail.com Fixes: 17c76b0104e4 ("nilfs2: B-tree based block mapping") Signed-off-by: Ryusuke Konishi Cc: Lizhi Xu Signed-off-by: Andrew Morton commit 9403001ad65ae4f4c5de368bdda3a0636b51d51a Author: Ryusuke Konishi Date: Wed Sep 4 17:13:07 2024 +0900 nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() Patch series "nilfs2: fix potential issues with empty b-tree nodes". This series addresses three potential issues with empty b-tree nodes that can occur with corrupted filesystem images, including one recently discovered by syzbot. This patch (of 3): If a b-tree is broken on the device, and the b-tree height is greater than 2 (the level of the root node is greater than 1) even if the number of child nodes of the b-tree root is 0, a NULL pointer dereference occurs in nilfs_btree_prepare_insert(), which is called from nilfs_btree_insert(). This is because, when the number of child nodes of the b-tree root is 0, nilfs_btree_do_lookup() does not set the block buffer head in any of path[x].bp_bh, leaving it as the initial value of NULL, but if the level of the b-tree root node is greater than 1, nilfs_btree_get_nonroot_node(), which accesses the buffer memory of path[x].bp_bh, is called. Fix this issue by adding a check to nilfs_btree_root_broken(), which performs sanity checks when reading the root node from the device, to detect this inconsistency. Thanks to Lizhi Xu for trying to solve the bug and clarifying the cause early on. Link: https://lkml.kernel.org/r/20240904081401.16682-1-konishi.ryusuke@gmail.com Link: https://lkml.kernel.org/r/20240902084101.138971-1-lizhi.xu@windriver.com Link: https://lkml.kernel.org/r/20240904081401.16682-2-konishi.ryusuke@gmail.com Fixes: 17c76b0104e4 ("nilfs2: B-tree based block mapping") Signed-off-by: Ryusuke Konishi Reported-by: syzbot+9bff4c7b992038a7409f@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=9bff4c7b992038a7409f Cc: Lizhi Xu Signed-off-by: Andrew Morton commit 546f02823df82cddc411e8db236d296a51308dfa Author: Jinjie Ruan Date: Wed Aug 28 15:23:40 2024 +0800 user_namespace: use kmemdup_array() instead of kmemdup() for multiple allocation Let the kmemdup_array() take care about multiplication and possible overflows. Link: https://lkml.kernel.org/r/20240828072340.1249310-1-ruanjinjie@huawei.com Signed-off-by: Jinjie Ruan Reviewed-by: Kees Cook Cc: Alexey Dobriyan Cc: Christian Brauner Cc: Li zeming Cc: Randy Dunlap Signed-off-by: Andrew Morton commit 0aa75a2b3fafccc875d260e190b14faf5a856d45 Author: zhangjiao Date: Thu Aug 29 12:20:08 2024 +0800 tools/mm: rm thp_swap_allocator_test when make clean rm thp_swap_allocator_test when make clean Link: https://lkml.kernel.org/r/20240829042008.6937-1-zhangjiao2@cmss.chinamobile.com Signed-off-by: zhangjiao Signed-off-by: Andrew Morton commit 2a1eb111d2859b13e5ff87baa6cfe343317b07bf Author: Uros Bizjak Date: Fri Aug 30 11:10:50 2024 +0200 squashfs: fix percpu address space issues in decompressor_multi_percpu.c When strict percpu address space checks are enabled, then current direct casts between the percpu address space and the generic address space fail the compilation on x86_64 with: decompressor_multi_percpu.c: In function `squashfs_decompressor_create': decompressor_multi_percpu.c:49:16: error: cast to generic address space pointer from disjoint `__seg_gs' address space pointer decompressor_multi_percpu.c: In function `squashfs_decompressor_destroy': decompressor_multi_percpu.c:64:25: error: cast to `__seg_gs' address space pointer from disjoint generic address space pointer decompressor_multi_percpu.c: In function `squashfs_decompress': decompressor_multi_percpu.c:82:25: error: cast to `__seg_gs' address space pointer from disjoint generic address space pointer Add intermediate casts to unsigned long, as advised in [1] and [2]. Side note: sparse still requires __force when casting from the percpu address space, although the documentation [2] allows casts to unsigned long without __force attribute. Found by GCC's named address space checks. There were no changes in the resulting object file. [1] https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html#x86-Named-Address-Spaces [2] https://sparse.docs.kernel.org/en/latest/annotations.html#address-space-name Link: https://lkml.kernel.org/r/20240830091104.13049-1-ubizjak@gmail.com Signed-off-by: Uros Bizjak Cc: Phillip Lougher Signed-off-by: Andrew Morton commit 7b0a5b666959719043123a8882bae49ec699d948 Author: Alok Swaminathan Date: Mon Aug 26 11:57:09 2024 -0400 lib: glob.c: added null check for character class Add null check for character class. Previously, an inverted character class could result in a nul byte being matched and lead to the function reading past the end of the inputted string. Link: https://lkml.kernel.org/r/20240826155709.12383-1-swaminathanalok@gmail.com Signed-off-by: Alok Swaminathan Signed-off-by: Andrew Morton commit 2d285d561543d76b4a13263731b447e646c258f2 Author: Tejun Heo Date: Mon Sep 9 13:42:47 2024 -1000 scx_qmap: Implement highpri boosting Implement a silly boosting mechanism for nice -20 tasks. The only purpose is demonstrating and testing scx_bpf_dispatch_from_dsq(). The boosting only works within SHARED_DSQ and makes only minor differences with increased dispatch batch (-b). This exercises moving tasks to a user DSQ and all local DSQs from ops.dispatch() and BPF timerfn. v2: - Updated to use scx_bpf_dispatch_from_dsq_set_{slice|vtime}(). - Drop the workaround for the iterated tasks not being trusted by the verifier. The issue is fixed from BPF side. Signed-off-by: Tejun Heo Cc: Daniel Hodges Cc: David Vernet Cc: Changwoo Min Cc: Andrea Righi Cc: Dan Schatzberg commit 4c30f5ce4f7af4f639af99e0bdeada8b268b7361 Author: Tejun Heo Date: Mon Sep 9 13:42:47 2024 -1000 sched_ext: Implement scx_bpf_dispatch[_vtime]_from_dsq() Once a task is put into a DSQ, the allowed operations are fairly limited. Tasks in the built-in local and global DSQs are executed automatically and, ignoring dequeue, there is only one way a task in a user DSQ can be manipulated - scx_bpf_consume() moves the first task to the dispatching local DSQ. This inflexibility sometimes gets in the way and is an area where multiple feature requests have been made. Implement scx_bpf_dispatch[_vtime]_from_dsq(), which can be called during DSQ iteration and can move the task to any DSQ - local DSQs, global DSQ and user DSQs. The kfuncs can be called from ops.dispatch() and any BPF context which dosen't hold a rq lock including BPF timers and SYSCALL programs. This is an expansion of an earlier patch which only allowed moving into the dispatching local DSQ: http://lkml.kernel.org/r/Zn4Cw4FDTmvXnhaf@slm.duckdns.org v2: Remove @slice and @vtime from scx_bpf_dispatch_from_dsq[_vtime]() as they push scx_bpf_dispatch_from_dsq_vtime() over the kfunc argument count limit and often won't be needed anyway. Instead provide scx_bpf_dispatch_from_dsq_set_{slice|vtime}() kfuncs which can be called only when needed and override the specified parameter for the subsequent dispatch. Signed-off-by: Tejun Heo Cc: Daniel Hodges Cc: David Vernet Cc: Changwoo Min Cc: Andrea Righi Cc: Dan Schatzberg commit 6462dd53a26088a433f90a5c15822196f201037c Author: Tejun Heo Date: Mon Sep 9 13:42:47 2024 -1000 sched_ext: Compact struct bpf_iter_scx_dsq_kern struct scx_iter_scx_dsq is defined as 6 u64's and scx_dsq_iter_kern was using 5 of them. We want to add two more u64 fields but it's better if we do so while staying within scx_iter_scx_dsq to maintain binary compatibility. The way scx_iter_scx_dsq_kern is laid out is rather inefficient - the node field takes up three u64's but only one bit of the last u64 is used. Turn the bool into u32 flags and only use the lower 16 bits freeing up 48 bits - 16 bits for flags, 32 bits for a u32 - for use by struct bpf_iter_scx_dsq_kern. This allows moving the dsq_seq and flags fields of bpf_iter_scx_dsq_kern into the cursor field reducing the struct size by a full u64. No behavior changes intended. Signed-off-by: Tejun Heo commit cf3e94430dd994114e48f0b488f22e68e14b5976 Author: Tejun Heo Date: Mon Sep 9 13:42:47 2024 -1000 sched_ext: Replace consume_local_task() with move_local_task_to_local_dsq() - Rename move_task_to_local_dsq() to move_remote_task_to_local_dsq(). - Rename consume_local_task() to move_local_task_to_local_dsq() and remove task_unlink_from_dsq() and source DSQ unlocking from it. This is to make the migration code easier to reuse. No functional changes intended. Signed-off-by: Tejun Heo Acked-by: David Vernet commit d434210e13bb03b81cee85adbab23077e45a59e5 Author: Tejun Heo Date: Mon Sep 9 13:42:47 2024 -1000 sched_ext: Move consume_local_task() upward So that the local case comes first and two CONFIG_SMP blocks can be merged. No functional changes intended. Signed-off-by: Tejun Heo Acked-by: David Vernet commit 6557133ecd59b6d9922d5709b432b2de3a4d1316 Author: Tejun Heo Date: Mon Sep 9 13:42:47 2024 -1000 sched_ext: Move sanity check and dsq_mod_nr() into task_unlink_from_dsq() All task_unlink_from_dsq() users are doing dsq_mod_nr(dsq, -1). Move it into task_unlink_from_dsq(). Also move sanity check into it. No functional changes intended. Signed-off-by: Tejun Heo Acked-by: David Vernet commit 1389f49098981a525ca9fb752b86a4ae874125a8 Author: Tejun Heo Date: Mon Sep 9 13:42:47 2024 -1000 sched_ext: Reorder args for consume_local/remote_task() Reorder args for consistency in the order of: current_rq, p, src_[rq|dsq], dst_[rq|dsq]. No functional changes intended. Signed-off-by: Tejun Heo commit 18f856991d0596aa125cf63893ca08d7c74b85a2 Author: Tejun Heo Date: Mon Sep 9 13:42:47 2024 -1000 sched_ext: Restructure dispatch_to_local_dsq() Now that there's nothing left after the big if block, flip the if condition and unindent the body. No functional changes intended. v2: Add BUG() to clarify control can't reach the end of dispatch_to_local_dsq() in UP kernels per David. Signed-off-by: Tejun Heo Acked-by: David Vernet commit 0aab26309ee9ceafcd5292b81690ccdac0796803 Author: Tejun Heo Date: Mon Sep 9 13:42:47 2024 -1000 sched_ext: Fix processs_ddsp_deferred_locals() by unifying DTL_INVALID handling With the preceding update, the only return value which makes meaningful difference is DTL_INVALID, for which one caller, finish_dispatch(), falls back to the global DSQ and the other, process_ddsp_deferred_locals(), doesn't do anything. It should always fallback to the global DSQ. Move the global DSQ fallback into dispatch_to_local_dsq() and remove the return value. v2: Patch title and description updated to reflect the behavior fix for process_ddsp_deferred_locals(). Signed-off-by: Tejun Heo Acked-by: David Vernet commit e683949a4b8c954fcbaf6b3ba87bd925bf83e481 Author: Tejun Heo Date: Mon Sep 9 13:42:47 2024 -1000 sched_ext: Make find_dsq_for_dispatch() handle SCX_DSQ_LOCAL_ON find_dsq_for_dispatch() handles all DSQ IDs except SCX_DSQ_LOCAL_ON. Instead, each caller is hanlding SCX_DSQ_LOCAL_ON before calling it. Move SCX_DSQ_LOCAL_ON lookup into find_dsq_for_dispatch() to remove duplicate code in direct_dispatch() and dispatch_to_local_dsq(). No functional changes intended. Signed-off-by: Tejun Heo Acked-by: David Vernet commit 4d3ca89bdd31936dcb31cb655801c9e95fe413f3 Author: Tejun Heo Date: Mon Sep 9 13:42:47 2024 -1000 sched_ext: Refactor consume_remote_task() The tricky p->scx.holding_cpu handling was split across consume_remote_task() body and move_task_to_local_dsq(). Refactor such that: - All the tricky part is now in the new unlink_dsq_and_lock_src_rq() with consolidated documentation. - move_task_to_local_dsq() now implements straightforward task migration making it easier to use in other places. - dispatch_to_local_dsq() is another user move_task_to_local_dsq(). The usage is updated accordingly. This makes the local and remote cases more symmetric. No functional changes intended. v2: s/task_rq/src_rq/ for consistency. Signed-off-by: Tejun Heo Acked-by: David Vernet commit fdaedba2f96f6755f505c454ca7408930f4fe1bf Author: Tejun Heo Date: Mon Sep 9 13:42:47 2024 -1000 sched_ext: Rename scx_kfunc_set_sleepable to unlocked and relocate Sleepables don't need to be in its own kfunc set as each is tagged with KF_SLEEPABLE. Rename to scx_kfunc_set_unlocked indicating that rq lock is not held and relocate right above the any set. This will be used to add kfuncs that are allowed to be called from SYSCALL but not TRACING. No functional changes intended. Signed-off-by: Tejun Heo Acked-by: David Vernet commit a7e387375f22a4fd46c8ffcfa395a0ca8c186f9e Author: Jason Xing Date: Fri Sep 6 00:00:35 2024 +0800 selftests: return failure when timestamps can't be reported When I was trying to modify the tx timestamping feature, I found that running "./txtimestamp -4 -C -L 127.0.0.1" didn't reflect the error: I succeeded to generate timestamp stored in the skb but later failed to report it to the userspace (which means failed to put css into cmsg). It can happen when someone writes buggy codes in __sock_recv_timestamp(), for example. After adding the check so that running ./txtimestamp will reflect the result correctly like this if there is a bug in the reporting phase: protocol: TCP payload: 10 server port: 9000 family: INET test SND USR: 1725458477 s 667997 us (seq=0, len=0) Failed to report timestamps USR: 1725458477 s 718128 us (seq=0, len=0) Failed to report timestamps USR: 1725458477 s 768273 us (seq=0, len=0) Failed to report timestamps USR: 1725458477 s 818416 us (seq=0, len=0) Failed to report timestamps ... In the future, it will help us detect whether the new coming patch has bugs or not. Signed-off-by: Jason Xing Reviewed-by: Willem de Bruijn Link: https://patch.msgid.link/20240905160035.62407-1-kerneljasonxing@gmail.com Signed-off-by: Jakub Kicinski commit e0a955bf7f61cb034d228736d81c1ab3a47a3dca Author: Yu Zhao Date: Thu Sep 5 22:21:08 2024 -0600 mm/codetag: add pgalloc_tag_copy() Add pgalloc_tag_copy() to transfer the codetag from the old folio to the new one during migration. This makes original allocation sites persist cross migration rather than lump into the get_new_folio callbacks passed into migrate_pages(), e.g., compaction_alloc(): # echo 1 >/proc/sys/vm/compact_memory # grep compaction_alloc /proc/allocinfo Before this patch: 132968448 32463 mm/compaction.c:1880 func:compaction_alloc After this patch: 0 0 mm/compaction.c:1880 func:compaction_alloc Link: https://lkml.kernel.org/r/20240906042108.1150526-3-yuzhao@google.com Fixes: dcfe378c81f7 ("lib: introduce support for page allocation tagging") Signed-off-by: Yu Zhao Acked-by: Suren Baghdasaryan Cc: Kent Overstreet Cc: Muchun Song Cc: Signed-off-by: Andrew Morton commit 95599ef684d01136a8b77c16a7c853496786e173 Author: Yu Zhao Date: Thu Sep 5 22:21:07 2024 -0600 mm/codetag: fix pgalloc_tag_split() The current assumption is that a large folio can only be split into order-0 folios. That is not the case for hugeTLB demotion, nor for THP split: see commit c010d47f107f ("mm: thp: split huge page to any lower order pages"). When a large folio is split into ones of a lower non-zero order, only the new head pages should be tagged. Tagging tail pages can cause imbalanced "calls" counters, since only head pages are untagged by pgalloc_tag_sub() and the "calls" counts on tail pages are leaked, e.g., # echo 2048kB >/sys/kernel/mm/hugepages/hugepages-1048576kB/demote_size # echo 700 >/sys/kernel/mm/hugepages/hugepages-1048576kB/nr_hugepages # time echo 700 >/sys/kernel/mm/hugepages/hugepages-1048576kB/demote # echo 0 >/sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages # grep alloc_gigantic_folio /proc/allocinfo Before this patch: 0 549427200 mm/hugetlb.c:1549 func:alloc_gigantic_folio real 0m2.057s user 0m0.000s sys 0m2.051s After this patch: 0 0 mm/hugetlb.c:1549 func:alloc_gigantic_folio real 0m1.711s user 0m0.000s sys 0m1.704s Not tagging tail pages also improves the splitting time, e.g., by about 15% when demoting 1GB hugeTLB folios to 2MB ones, as shown above. Link: https://lkml.kernel.org/r/20240906042108.1150526-2-yuzhao@google.com Fixes: be25d1d4e822 ("mm: create new codetag references during page splitting") Signed-off-by: Yu Zhao Acked-by: Suren Baghdasaryan Cc: Kent Overstreet Cc: Muchun Song Cc: Signed-off-by: Andrew Morton commit eebc0f48468e68b93393d11f75ad17385a9acca8 Author: Yu Zhao Date: Thu Sep 5 22:21:06 2024 -0600 mm/codetag: fix a typo Link: https://lkml.kernel.org/r/20240906042108.1150526-1-yuzhao@google.com Fixes: 22d407b164ff ("lib: add allocation tagging support for memory allocation profiling") Signed-off-by: Yu Zhao Acked-by: Suren Baghdasaryan Acked-by: Muchun Song Cc: Kent Overstreet Signed-off-by: Andrew Morton commit 6004fe001d6c88ad8c51e1779989e69694cc9ced Author: Uladzislau Rezki (Sony) Date: Fri Sep 6 11:50:49 2024 +0200 mm/vmalloc.c: use "high-order" in description non 0-order pages In many places, in the comments, we use both "higher-order" and "high-order" to describe the non 0-order pages. That is confusing, because a "higher-order" statement does not reflect what it is compared with. Link: https://lkml.kernel.org/r/20240906095049.3486-1-urezki@gmail.com Signed-off-by: Uladzislau Rezki (Sony) Suggested-by: Baoquan He Reviewed-by: Baoquan He Cc: Christoph Hellwig Cc: Michal Hocko Cc: Oleksiy Avramchenko Signed-off-by: Andrew Morton commit b44f71e3fa35e1d8076b73316abff155ef1aa26c Author: ZhangPeng Date: Fri Sep 6 18:25:39 2024 +0800 mm/vmalloc.c: use helper function va_size() Use helper function va_size() to improve code readability. No functional modification involved. Link: https://lkml.kernel.org/r/20240906102539.3537207-1-zhangpeng362@huawei.com Signed-off-by: ZhangPeng Reviewed-by: Uladzislau Rezki (Sony) Cc: Christoph Hellwig Signed-off-by: Andrew Morton commit 354a595a4a4d9dfc0d3e5703c6c5520e6c2f52d8 Author: Shakeel Butt Date: Fri Sep 6 16:05:12 2024 -0700 mm: replace xa_get_order with xas_get_order where appropriate The tracing of invalidation and truncation operations on large files showed that xa_get_order() is among the top functions where kernel spends a lot of CPUs. xa_get_order() needs to traverse the tree to reach the right node for a given index and then extract the order of the entry. However it seems like at many places it is being called within an already happening tree traversal where there is no need to do another traversal. Just use xas_get_order() at those places. Link: https://lkml.kernel.org/r/20240906230512.124643-1-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Reviewed-by: Liam R. Howlett Cc: Baolin Wang Cc: Hugh Dickins Cc: Matthew Wilcox Cc: Nhat Pham Signed-off-by: Andrew Morton commit 1930c6ad93ad01f82bb7965bbc04eb5a763f856d Author: Liam R. Howlett Date: Fri Sep 6 22:15:06 2024 -0400 maple_tree: mark three functions as __maybe_unused People keep trying to remove three functions that are going to be used in a feature that is being developed. Dropping the functions entirely may end up with people trying to use the bit for other uses, as people have tried in the past. Adding __maybe_unused stops compilers complaining about the unused functions so they can be silently optimised out of the compiled code and people won't try to claim the bit for another use. Link: https://lore.kernel.org/all/20230726080916.17454-2-zhangpeng.00@bytedance.com/ Link: https://lore.kernel.org/all/202408310728.S7EE59BN-lkp@intel.com/ Link: https://lkml.kernel.org/r/20240907021506.4018676-1-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Reviewed-by: Kuan-Wei Chiu Signed-off-by: Andrew Morton commit aa50b501c0529677c27211c79c5b81de60af20a1 Author: Kinsey Ho Date: Thu Sep 5 00:30:54 2024 +0000 mm: clean up mem_cgroup_iter() A clean up to make variable names more clear and to improve code readability. No functional change. Link: https://lkml.kernel.org/r/20240905003058.1859929-6-kinseyho@google.com Signed-off-by: Kinsey Ho Reviewed-by: T.J. Mercier Cc: Johannes Weiner Cc: Michal Hocko Cc: Michal Koutný Cc: Muchun Song Cc: Roman Gushchin Cc: Shakeel Butt Cc: Tejun Heo Cc: Yosry Ahmed Cc: Zefan Li Cc: Hugh Dickins Signed-off-by: Andrew Morton commit ec0db74b4b1f249ffca4df450f54c17573114045 Author: Kinsey Ho Date: Thu Sep 5 00:30:53 2024 +0000 mm: restart if multiple traversals raced Currently, if multiple reclaimers raced on the same position, the reclaimers which detect the race will still reclaim from the same memcg. Instead, the reclaimers which detect the race should move on to the next memcg in the hierarchy. So, in the case where multiple traversals race, jump back to the start of the mem_cgroup_iter() function to find the next memcg in the hierarchy to reclaim from. Link: https://lkml.kernel.org/r/20240905003058.1859929-5-kinseyho@google.com Reported-by: syzbot+e099d407346c45275ce9@syzkaller.appspotmail.com Closes: https://lore.kernel.org/000000000000817cf10620e20d33@google.com/ Signed-off-by: Kinsey Ho Reviewed-by: T.J. Mercier Cc: Johannes Weiner Cc: Michal Hocko Cc: Michal Koutný Cc: Muchun Song Cc: Roman Gushchin Cc: Shakeel Butt Cc: Tejun Heo Cc: Yosry Ahmed Cc: Zefan Li Cc: Hugh Dickins Signed-off-by: Andrew Morton commit 3d150e31a1f62f0b39bdd8b968f563f8f3915d7a Author: Kinsey Ho Date: Thu Sep 5 00:30:52 2024 +0000 mm: increment gen # before restarting traversal The generation number in struct mem_cgroup_reclaim_iter should be incremented on every round-trip. Currently, it is possible for a concurrent reclaimer to jump in at the end of the hierarchy, causing a traversal restart (resetting the iteration position) without incrementing the generation number. By resetting the position without incrementing the generation, it's possible for another ongoing mem_cgroup_iter() thread to walk the tree twice. Move the traversal restart such that the generation number is incremented before the restart. Link: https://lkml.kernel.org/r/20240905003058.1859929-4-kinseyho@google.com Signed-off-by: Kinsey Ho Reviewed-by: T.J. Mercier Cc: Johannes Weiner Cc: Michal Hocko Cc: Michal Koutný Cc: Muchun Song Cc: Roman Gushchin Cc: Shakeel Butt Cc: Tejun Heo Cc: Yosry Ahmed Cc: Zefan Li Cc: Hugh Dickins Signed-off-by: Andrew Morton commit 4a2698b0133b5c477515ccbedff169fec722d0e7 Author: Kinsey Ho Date: Thu Sep 5 00:30:51 2024 +0000 mm: don't hold css->refcnt during traversal To obtain the pointer to the next memcg position, mem_cgroup_iter() currently holds css->refcnt during memcg traversal only to put css->refcnt at the end of the routine. This isn't necessary as an rcu_read_lock is already held throughout the function. The use of the RCU read lock with css_next_descendant_pre() guarantees that sibling linkage is safe without holding a ref on the passed-in @css. Remove css->refcnt usage during traversal by leveraging RCU. Link: https://lkml.kernel.org/r/20240905003058.1859929-3-kinseyho@google.com Signed-off-by: Kinsey Ho Reviewed-by: T.J. Mercier Cc: Johannes Weiner Cc: Michal Hocko Cc: Michal Koutný Cc: Muchun Song Cc: Roman Gushchin Cc: Shakeel Butt Cc: Tejun Heo Cc: Yosry Ahmed Cc: Zefan Li Cc: Hugh Dickins Signed-off-by: Andrew Morton commit 0e40cf2a8b2c847950e025d5aa594bd545118d26 Author: Kinsey Ho Date: Thu Sep 5 00:30:50 2024 +0000 cgroup: clarify css sibling linkage is protected by cgroup_mutex or RCU Patch series "Improve mem_cgroup_iter()", v4. Incremental cgroup iteration is being used again [1]. This patchset improves the reliability of mem_cgroup_iter(). It also improves simplicity and code readability. [1] https://lore.kernel.org/20240514202641.2821494-1-hannes@cmpxchg.org/ This patch (of 5): Explicitly document that css sibling/descendant linkage is protected by cgroup_mutex or RCU. Also, document in css_next_descendant_pre() and similar functions that it isn't necessary to hold a ref on @pos. The following changes in this patchset rely on this clarification for simplification in memcg iteration code. Link: https://lkml.kernel.org/r/20240905003058.1859929-1-kinseyho@google.com Link: https://lkml.kernel.org/r/20240905003058.1859929-2-kinseyho@google.com Suggested-by: Yosry Ahmed Reviewed-by: Michal Koutný Signed-off-by: Kinsey Ho Cc: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Cc: Roman Gushchin Cc: Shakeel Butt Cc: Tejun Heo Cc: Zefan Li Cc: Hugh Dickins Cc: T.J. Mercier Signed-off-by: Andrew Morton commit 6e94da943ba3ebd8c603872010ff6efcb682fe9c Author: Andrew Morton Date: Thu Sep 5 14:22:20 2024 -0700 mm/page_alloc: fix build with CONFIG_UNACCEPTED_MEMORY=n When has_unaccepted_memory() is unused, it prevents kernel builds with clang, `make W=1` and CONFIG_WERROR=y: mm/page_alloc.c:7036:20: error: unused function 'has_unaccepted_memory' [-Werror,-Wunused-function] 7036 | static inline bool has_unaccepted_memory(void) | ^~~~~~~~~~~~~~~~~~~~~ Fix it by removeing the CONFIG_UNACCEPTED_MEMORY=n stub. Link: https://lkml.kernel.org/r/20240905142220.49d93337a0abce5690e515d9@linux-foundation.org Reported-by: Andy Shevchenko Closes: https://lkml.kernel.org/r/20240905171553.275054-1-andriy.shevchenko@linux.intel.com Signed-off-by: Andrew Morton commit cfc8193898ca4511e6c3cc20101ef3554eda8efb Author: Kefeng Wang Date: Thu Sep 5 23:24:32 2024 +0800 mm: migrate: remove unused includes random.h is not needed since commit 6c542ab75714 ("mm/demotion: build demotion targets based on explicit memory tiers"), all functions moved into memory-tiers. nsproxy.h is not needed since commit 228ebcbe634a ("Uninline find_task_by_xxx set of functions"), no nsproxy, we only call find_task_by_vpid() now. hugetlb_cgroup.h is not needed since commit ab5ac90aecf5 ("mm, hugetlb: do not rely on overcommit limit during migration"), move_hugetlb_state() is called and it belongs to hugetlb.h, which is already included. balloon_compaction.h, we have more general movable_operations for non-lru movable page migration, so it could be dropped. memremap.h, userfaultfd_k.h and oom.h are introduced for zone device page migration, but all functions are moved into migrate_device.c, so no needed anymore too. Link: https://lkml.kernel.org/r/20240905152432.626877-1-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Signed-off-by: Andrew Morton commit e4bfc678579eb32360cdd09503c8fe62f943bc3f Author: Nanyong Sun Date: Thu Sep 5 23:30:28 2024 +0800 mm: thp: simplify split_huge_pages_pid() The helper find_get_task_by_vpid() can totally replace the task_struct find logic in split_huge_pages_pid(), so use it to simplify the code. Also delete the needless comments for the helper function name already explains what it's doing here. Link: https://lkml.kernel.org/r/20240905153028.1205128-1-sunnanyong@huawei.com Signed-off-by: Nanyong Sun Cc: Kefeng Wang Signed-off-by: Andrew Morton commit 46dcc7c92e63879a49cfbd99949858df0335a122 Author: Nanyong Sun Date: Thu Sep 5 23:31:18 2024 +0800 mm: migrate: simplify find_mm_struct() Use find_get_task_by_vpid() to replace the task_struct find logic in find_mm_struct(), note that this patch move the ptrace_may_access() call out from rcu_read_lock() scope, this is ok because it actually does not need it, find_get_task_by_vpid() already get the pid and task safely, ptrace_may_access() can use the task safely, like what sched_core_share_pid() similarly do. Link: https://lkml.kernel.org/r/20240905153118.1205173-1-sunnanyong@huawei.com Signed-off-by: Nanyong Sun Cc: Kefeng Wang Signed-off-by: Andrew Morton commit 25e8acbcf19c56fbf0d80615c8f409586aabbf86 Author: SeongJae Park Date: Thu Sep 5 09:24:23 2024 -0700 mm/damon/tests/core-kunit: skip damon_test_nr_accesses_to_accesses_bp() if aggr_interval is zero The aggregation interval of test purpose damon_attrs for damon_test_nr_accesses_to_accesses_bp() becomes zero on 32 bit architecture, since size of int and long types are same. As a result, damon_nr_accesses_to_accesses_bp() call with the test data triggers divide-by-zero exception. damon_nr_accesses_to_accesses_bp() shouldn't be called with such data, and the non-test code avoids that by checking the case on damon_update_monitoring_results(). Skip the test code in the case, and add an explicit caution of the case on the comment for the test target function. Link: https://lkml.kernel.org/r/20240905162423.74053-1-sj@kernel.org Fixes: 5e06ad590096 ("mm/damon/core-test: test max_nr_accesses overflow caused divide-by-zero") Signed-off-by: SeongJae Park Reported-by: Guenter Roeck Closes: https://lore.kernel.org/c771b962-a58f-435b-89e4-1211a9323181@roeck-us.net Cc: Brendan Higgins Cc: David Gow Cc: Guenter Roeck Signed-off-by: Andrew Morton commit 08e28de1160a712724268fd33d77b32f1bc84d1c Author: Sven Schnelle Date: Tue Sep 3 09:36:28 2024 +0200 uprobes: use vm_special_mapping close() functionality The following KASAN splat was shown: [ 44.505448] ================================================================== 20:37:27 [3421/145075] [ 44.505455] BUG: KASAN: slab-use-after-free in special_mapping_close+0x9c/0xc8 [ 44.505471] Read of size 8 at addr 00000000868dac48 by task sh/1384 [ 44.505479] [ 44.505486] CPU: 51 UID: 0 PID: 1384 Comm: sh Not tainted 6.11.0-rc6-next-20240902-dirty #1496 [ 44.505503] Hardware name: IBM 3931 A01 704 (z/VM 7.3.0) [ 44.505508] Call Trace: [ 44.505511] [<000b0324d2f78080>] dump_stack_lvl+0xd0/0x108 [ 44.505521] [<000b0324d2f5435c>] print_address_description.constprop.0+0x34/0x2e0 [ 44.505529] [<000b0324d2f5464c>] print_report+0x44/0x138 [ 44.505536] [<000b0324d1383192>] kasan_report+0xc2/0x140 [ 44.505543] [<000b0324d2f52904>] special_mapping_close+0x9c/0xc8 [ 44.505550] [<000b0324d12c7978>] remove_vma+0x78/0x120 [ 44.505557] [<000b0324d128a2c6>] exit_mmap+0x326/0x750 [ 44.505563] [<000b0324d0ba655a>] __mmput+0x9a/0x370 [ 44.505570] [<000b0324d0bbfbe0>] exit_mm+0x240/0x340 [ 44.505575] [<000b0324d0bc0228>] do_exit+0x548/0xd70 [ 44.505580] [<000b0324d0bc1102>] do_group_exit+0x132/0x390 [ 44.505586] [<000b0324d0bc13b6>] __s390x_sys_exit_group+0x56/0x60 [ 44.505592] [<000b0324d0adcbd6>] do_syscall+0x2f6/0x430 [ 44.505599] [<000b0324d2f78434>] __do_syscall+0xa4/0x170 [ 44.505606] [<000b0324d2f9454c>] system_call+0x74/0x98 [ 44.505614] [ 44.505616] Allocated by task 1384: [ 44.505621] kasan_save_stack+0x40/0x70 [ 44.505630] kasan_save_track+0x28/0x40 [ 44.505636] __kasan_kmalloc+0xa0/0xc0 [ 44.505642] __create_xol_area+0xfa/0x410 [ 44.505648] get_xol_area+0xb0/0xf0 [ 44.505652] uprobe_notify_resume+0x27a/0x470 [ 44.505657] irqentry_exit_to_user_mode+0x15e/0x1d0 [ 44.505664] pgm_check_handler+0x122/0x170 [ 44.505670] [ 44.505672] Freed by task 1384: [ 44.505676] kasan_save_stack+0x40/0x70 [ 44.505682] kasan_save_track+0x28/0x40 [ 44.505687] kasan_save_free_info+0x4a/0x70 [ 44.505693] __kasan_slab_free+0x5a/0x70 [ 44.505698] kfree+0xe8/0x3f0 [ 44.505704] __mmput+0x20/0x370 [ 44.505709] exit_mm+0x240/0x340 [ 44.505713] do_exit+0x548/0xd70 [ 44.505718] do_group_exit+0x132/0x390 [ 44.505722] __s390x_sys_exit_group+0x56/0x60 [ 44.505727] do_syscall+0x2f6/0x430 [ 44.505732] __do_syscall+0xa4/0x170 [ 44.505738] system_call+0x74/0x98 The problem is that uprobe_clear_state() kfree's struct xol_area, which contains struct vm_special_mapping *xol_mapping. This one is passed to _install_special_mapping() in xol_add_vma(). __mput reads: static inline void __mmput(struct mm_struct *mm) { VM_BUG_ON(atomic_read(&mm->mm_users)); uprobe_clear_state(mm); exit_aio(mm); ksm_exit(mm); khugepaged_exit(mm); /* must run before exit_mmap */ exit_mmap(mm); ... } So uprobe_clear_state() in the beginning free's the memory area containing the vm_special_mapping data, but exit_mmap() uses this address later via vma->vm_private_data (which was set in _install_special_mapping(). Fix this by moving uprobe_clear_state() to uprobes.c and use it as close() callback. [usama.anjum@collabora.com: remove unneeded condition] Link: https://lkml.kernel.org/r/20240906101825.177490-1-usama.anjum@collabora.com Link: https://lkml.kernel.org/r/20240903073629.2442754-1-svens@linux.ibm.com Fixes: 223febc6e557 ("mm: add optional close() to struct vm_special_mapping") Signed-off-by: Sven Schnelle Suggested-by: Linus Torvalds Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Arnaldo Carvalho de Melo Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Masami Hiramatsu Cc: Michael Ellerman Cc: Namhyung Kim Cc: Oleg Nesterov Cc: Peter Zijlstra Signed-off-by: Andrew Morton commit ec867977fed07b599fd9f24c6950628f88cbc29a Author: Yosry Ahmed Date: Wed Sep 4 20:54:19 2024 +0000 mm: page_alloc: fix missed updates of PGFREE in free_unref_{page/folios} PGFREE is currently updated in two code paths: - __free_pages_ok(): for pages freed to the buddy allocator. - free_unref_page_commit(): for pages freed to the pcplists. Before commit df1acc856923 ("mm/page_alloc: avoid conflating IRQs disabled with zone->lock"), free_unref_page_commit() used to fallback to freeing isolated pages directly to the buddy allocator through free_one_page(). This was done _after_ updating PGFREE, so the counter was correctly updated. However, that commit moved the fallback logic to its callers (now called free_unref_page() and free_unref_folios()), so PGFREE was no longer updated in this fallback case. Now that the code has developed, there are more cases in free_unref_page() and free_unref_folios() where we fallback to calling free_one_page() (e.g. !pcp_allowed_order(), pcp_spin_trylock() fails). These cases also miss updating PGFREE. To make sure PGFREE is updated in all cases where pages are freed to the buddy allocator, move the update down the stack to free_one_page(). This was noticed through code inspection, although it should be noticeable at runtime (at least with some workloads). Link: https://lkml.kernel.org/r/20240904205419.821776-1-yosryahmed@google.com Fixes: df1acc856923 ("mm/page_alloc: avoid conflating IRQs disabled with zone->lock") Signed-off-by: Yosry Ahmed Cc: Brendan Jackman Cc: Mel Gorman Cc: Peter Zijlstra Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit df7e1286b1dc3d6cff952cf3ef4f0c36831e2fbb Author: Mark Brown Date: Wed Sep 4 17:58:01 2024 +0100 mm: care about shadow stack guard gap when getting an unmapped area As covered in the commit log for c44357c2e76b ("x86/mm: care about shadow stack guard gap during placement") our current mmap() implementation does not take care to ensure that a new mapping isn't placed with existing mappings inside it's own guard gaps. This is particularly important for shadow stacks since if two shadow stacks end up getting placed adjacent to each other then they can overflow into each other which weakens the protection offered by the feature. On x86 there is a custom arch_get_unmapped_area() which was updated by the above commit to cover this case by specifying a start_gap for allocations with VM_SHADOW_STACK. Both arm64 and RISC-V have equivalent features and use the generic implementation of arch_get_unmapped_area() so let's make the equivalent change there so they also don't get shadow stack pages placed without guard pages. x86 uses a single page guard, this is also sufficient for arm64 where we either do single word pops and pushes or unconstrained writes. Architectures which do not have this feature will define VM_SHADOW_STACK to VM_NONE and hence be unaffected. Link: https://lkml.kernel.org/r/20240904-mm-generic-shadow-stack-guard-v2-3-a46b8b6dc0ed@kernel.org Signed-off-by: Mark Brown Suggested-by: Rick Edgecombe Acked-by: Lorenzo Stoakes Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Borislav Petkov Cc: Christian Borntraeger Cc: Christophe Leroy Cc: Chris Zankel Cc: Dave Hansen Cc: David S. Miller Cc: Gerald Schaefer Cc: Guo Ren Cc: Heiko Carstens Cc: Helge Deller Cc: "H. Peter Anvin" Cc: Huacai Chen Cc: Ingo Molnar Cc: Ivan Kokshaysky Cc: James Bottomley Cc: John Paul Adrian Glaubitz Cc: Liam R. Howlett Cc: Matt Turner Cc: Max Filippov Cc: Michael Ellerman Cc: Naveen N Rao Cc: Nicholas Piggin Cc: Richard Henderson Cc: Rich Felker Cc: Russell King Cc: Sven Schnelle Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Vineet Gupta Cc: Vlastimil Babka Cc: WANG Xuerui Cc: Yoshinori Sato Signed-off-by: Andrew Morton commit 540e00a729dfbefe0aa0d64b6dac1d1b620a1787 Author: Mark Brown Date: Wed Sep 4 17:58:00 2024 +0100 mm: pass vm_flags to generic_get_unmapped_area() In preparation for using vm_flags to ensure guard pages for shadow stacks supply them as an argument to generic_get_unmapped_area(). The only user outside of the core code is the PowerPC book3s64 implementation which is trivially wrapping the generic implementation in the radix_enabled() case. No functional changes. Link: https://lkml.kernel.org/r/20240904-mm-generic-shadow-stack-guard-v2-2-a46b8b6dc0ed@kernel.org Signed-off-by: Mark Brown Acked-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Acked-by: Michael Ellerman Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Borislav Petkov Cc: Christian Borntraeger Cc: Christophe Leroy Cc: Chris Zankel Cc: Dave Hansen Cc: David S. Miller Cc: "Edgecombe, Rick P" Cc: Gerald Schaefer Cc: Guo Ren Cc: Heiko Carstens Cc: Helge Deller Cc: "H. Peter Anvin" Cc: Huacai Chen Cc: Ingo Molnar Cc: Ivan Kokshaysky Cc: James Bottomley Cc: John Paul Adrian Glaubitz Cc: Matt Turner Cc: Max Filippov Cc: Naveen N Rao Cc: Nicholas Piggin Cc: Richard Henderson Cc: Rich Felker Cc: Russell King Cc: Sven Schnelle Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Vineet Gupta Cc: Vlastimil Babka Cc: WANG Xuerui Cc: Yoshinori Sato Signed-off-by: Andrew Morton commit 25d4054cc97484f2555709ac233f955f674e026a Author: Mark Brown Date: Wed Sep 4 17:57:59 2024 +0100 mm: make arch_get_unmapped_area() take vm_flags by default Patch series "mm: Care about shadow stack guard gap when getting an unmapped area", v2. As covered in the commit log for c44357c2e76b ("x86/mm: care about shadow stack guard gap during placement") our current mmap() implementation does not take care to ensure that a new mapping isn't placed with existing mappings inside it's own guard gaps. This is particularly important for shadow stacks since if two shadow stacks end up getting placed adjacent to each other then they can overflow into each other which weakens the protection offered by the feature. On x86 there is a custom arch_get_unmapped_area() which was updated by the above commit to cover this case by specifying a start_gap for allocations with VM_SHADOW_STACK. Both arm64 and RISC-V have equivalent features and use the generic implementation of arch_get_unmapped_area() so let's make the equivalent change there so they also don't get shadow stack pages placed without guard pages. The arm64 and RISC-V shadow stack implementations are currently on the list: https://lore.kernel.org/r/20240829-arm64-gcs-v12-0-42fec94743 https://lore.kernel.org/lkml/20240403234054.2020347-1-debug@rivosinc.com/ Given the addition of the use of vm_flags in the generic implementation we also simplify the set of possibilities that have to be dealt with in the core code by making arch_get_unmapped_area() take vm_flags as standard. This is a bit invasive since the prototype change touches quite a few architectures but since the parameter is ignored the change is straightforward, the simplification for the generic code seems worth it. This patch (of 3): When we introduced arch_get_unmapped_area_vmflags() in 961148704acd ("mm: introduce arch_get_unmapped_area_vmflags()") we did so as part of properly supporting guard pages for shadow stacks on x86_64, which uses a custom arch_get_unmapped_area(). Equivalent features are also present on both arm64 and RISC-V, both of which use the generic implementation of arch_get_unmapped_area() and will require equivalent modification there. Rather than continue to deal with having two versions of the functions let's bite the bullet and have all implementations of arch_get_unmapped_area() take vm_flags as a parameter. The new parameter is currently ignored by all implementations other than x86. The only caller that doesn't have a vm_flags available is mm_get_unmapped_area(), as for the x86 implementation and the wrapper used on other architectures this is modified to supply no flags. No functional changes. Link: https://lkml.kernel.org/r/20240904-mm-generic-shadow-stack-guard-v2-0-a46b8b6dc0ed@kernel.org Link: https://lkml.kernel.org/r/20240904-mm-generic-shadow-stack-guard-v2-1-a46b8b6dc0ed@kernel.org Signed-off-by: Mark Brown Acked-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Acked-by: Helge Deller [parisc] Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Borislav Petkov Cc: Christian Borntraeger Cc: Christophe Leroy Cc: Chris Zankel Cc: Dave Hansen Cc: David S. Miller Cc: "Edgecombe, Rick P" Cc: Gerald Schaefer Cc: Guo Ren Cc: Heiko Carstens Cc: "H. Peter Anvin" Cc: Huacai Chen Cc: Ingo Molnar Cc: Ivan Kokshaysky Cc: James Bottomley Cc: John Paul Adrian Glaubitz Cc: Matt Turner Cc: Max Filippov Cc: Michael Ellerman Cc: Naveen N Rao Cc: Nicholas Piggin Cc: Richard Henderson Cc: Rich Felker Cc: Russell King Cc: Sven Schnelle Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Vineet Gupta Cc: Vlastimil Babka Cc: WANG Xuerui Cc: Yoshinori Sato Signed-off-by: Andrew Morton commit f0679f9e6d88ae9e84fca35ada84f5859a19b227 Author: SeongJae Park Date: Wed Sep 4 10:29:31 2024 -0700 mm/damon/tests/vaddr-kunit: init maple tree without MT_FLAGS_LOCK_EXTERN damon_test_three_regions_in_vmas() initializes a maple tree with MM_MT_FLAGS. The flags contains MT_FLAGS_LOCK_EXTERN, which means mt_lock of the maple tree will not be used. And therefore the maple tree initialization code skips initialization of the mt_lock. However, __link_vmas(), which adds vmas for test to the maple tree, uses the mt_lock. In other words, the uninitialized spinlock is used. The problem becomes clear when spinlock debugging is turned on, since it reports spinlock bad magic bug. Fix the issue by excluding MT_FLAGS_LOCK_EXTERN from the maple tree initialization flags. Note that we don't use empty flags to make it further similar to the usage of mm maple tree, and to be prepared for possible future changes, as suggested by Liam. Link: https://lkml.kernel.org/r/20240904172931.1284-1-sj@kernel.org Fixes: d0cf3dd47f0d ("damon: convert __damon_va_three_regions to use the VMA iterator") Signed-off-by: SeongJae Park Reported-by: Guenter Roeck Closes: https://lore.kernel.org/1453b2b2-6119-4082-ad9e-f3c5239bf87e@roeck-us.net Suggested-by: Liam R. Howlett Tested-by: Guenter Roeck Signed-off-by: Andrew Morton commit 5ad7a998ba921e37d7e373a2d70d7da401b27f94 Author: Sergey Senozhatsky Date: Tue Sep 3 13:00:22 2024 +0900 mm: Kconfig: fixup zsmalloc configuration zsmalloc is not exclusive to zswap. Commit b3fbd58fcbb1 ("mm: Kconfig: simplify zswap configuration") made CONFIG_ZSMALLOC only visible when CONFIG_ZSWAP is selected, which makes it impossible to menuconfig zsmalloc-specific features (stats, chain-size, etc.) on systems that use ZRAM but don't have ZSWAP enabled. Make zsmalloc depend on both ZRAM and ZSWAP. Link: https://lkml.kernel.org/r/20240903040143.1580705-1-senozhatsky@chromium.org Fixes: b3fbd58fcbb1 ("mm: Kconfig: simplify zswap configuration") Signed-off-by: Sergey Senozhatsky Cc: Johannes Weiner Cc: Minchan Kim Signed-off-by: Andrew Morton commit fc1b43c422f3deee0cfc221b071c3863dc077646 Author: Takaya Saeki Date: Tue Sep 3 10:21:00 2024 +0000 filemap: fix the last_index of mm_filemap_get_pages In commit b6273b55d885 ("filemap: add trace events for get_pages, map_pages, and fault"), mm_filemap_get_pages was added to trace page cache access. However, it tracks an extra page beyond the end of the accessed range. This patch fixes it by replacing last_index with last_index - 1. Link: https://lkml.kernel.org/r/20240903102100.70405-1-takayas@chromium.org Fixes: b6273b55d885 ("filemap: add trace events for get_pages, map_pages, and fault") Signed-off-by: Takaya Saeki Cc: Junichi Uekawa Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Cc: Matthew Wilcox Cc: Steven Rostedt (Google) Signed-off-by: Andrew Morton commit e1e4cfd01a6e75dd4c810aeac115340805cf63ff Author: Rik van Riel Date: Tue Sep 3 11:19:28 2024 -0400 mm,tmpfs: consider end of file write in shmem_is_huge Take the end of a file write into consideration when deciding whether or not to use huge pages for tmpfs files when the tmpfs filesystem is mounted with huge=within_size This allows large writes that append to the end of a file to automatically use large pages. Doing 4MB sequential writes without fallocate to a 16GB tmpfs file with fio. The numbers without THP or with huge=always stay the same, but the performance with huge=within_size now matches that of huge=always. huge before after 4kB pages 1560 MB/s 1560 MB/s within_size 1560 MB/s 4720 MB/s always: 4720 MB/s 4720 MB/s [akpm@linux-foundation.org: coding-style cleanups] Link: https://lkml.kernel.org/r/20240903111928.7171e60c@imladris.surriel.com Signed-off-by: Rik van Riel Reviewed-by: Baolin Wang Tested-by: Baolin Wang Cc: Darrick J. Wong Cc: Hugh Dickins Cc: Matthew Wilcox Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit e899007a5e10084649f558593f7e8f26088492fc Author: Sergey Senozhatsky Date: Mon Sep 2 19:56:12 2024 +0900 zram: support priority parameter in recompression recompress device attribute supports alg=NAME parameter so that we can specify only one particular algorithm we want to perform recompression with. However, with algo params we now can have several exactly same secondary algorithms but each with its own params tuning (e.g. priority 1 configured to use more aggressive level, and priority 2 configured to use a pre-trained dictionary). Support priority=NUM parameter so that we can correctly determine which secondary algorithm we want to use. Link: https://lkml.kernel.org/r/20240902105656.1383858-25-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit 97ee4842f23837c80091d7ac04b01e58d56085a5 Author: Sergey Senozhatsky Date: Mon Sep 2 19:56:11 2024 +0900 Documentation/zram: add documentation for algorithm parameters Document brief description of compression algorithms' parameters: compression level and pre-trained dictionary. [senozhatsky@chromium.org: trivial fixup] Link: https://lkml.kernel.org/r/20240903063722.1603592-1-senozhatsky@chromium.org Link: https://lkml.kernel.org/r/20240902105656.1383858-24-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit 6a559ecd6e7ec26b691add74eab8ee3eb5dd2a87 Author: Sergey Senozhatsky Date: Mon Sep 2 19:56:10 2024 +0900 zram: add dictionary support to zstd backend This adds support for pre-trained zstd dictionaries [1] Dictionary is setup in params once (per-comp) and loaded to Cctx and Dctx by reference, so we don't allocate extra memory. TEST ==== *** zstd /sys/block/zram0/mm_stat 1750654976 504565092 514203648 0 514203648 1 0 34204 34204 *** zstd dict=/etc/zstd-dict-amd64 /sys/block/zram0/mm_stat 1750638592 465851259 475373568 0 475373568 1 0 34185 34185 *** zstd level=8 dict=/etc/zstd-dict-amd64 /sys/block/zram0/mm_stat 1750642688 430765171 439955456 0 439955456 1 0 34185 34185 [1] https://github.com/facebook/zstd/blob/dev/programs/zstd.1.md#dictionary-builder Link: https://lkml.kernel.org/r/20240902105656.1383858-23-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit 1e673c8cf7f9c1156f615b7c00f224a8110070da Author: Sergey Senozhatsky Date: Mon Sep 2 19:56:09 2024 +0900 zram: add dictionary support to lz4hc Support pre-trained dictionary param. Just like lz4, lz4hc doesn't mandate specific format of the dictionary and zstd --train can be used to train a dictionary for lz4, according to [1]. TEST ==== *** lz4hc /sys/block/zram0/mm_stat 1750638592 608954620 621031424 0 621031424 1 0 34288 34288 *** lz4hc dict=/etc/lz4-dict-amd64 /sys/block/zram0/mm_stat 1750671360 505068582 514994176 0 514994176 1 0 34278 34278 [1] https://github.com/lz4/lz4/issues/557 Link: https://lkml.kernel.org/r/20240902105656.1383858-22-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit fb4f644ee8dac4e896269b84f041eb5dd3f6249d Author: Sergey Senozhatsky Date: Mon Sep 2 19:56:08 2024 +0900 zram: add dictionary support to lz4 Support pre-trained dictionary param. lz4 doesn't mandate specific format of the dictionary and even zstd --train can be used to train a dictionary for lz4, according to [1]. TEST ==== *** lz4 /sys/block/zram0/mm_stat 1750654976 664188565 676864000 0 676864000 1 0 34288 34288 *** lz4 dict=/etc/lz4-dict-amd64 /sys/block/zram0/mm_stat 1750638592 619891141 632053760 0 632053760 1 0 34278 34278 *** lz4 level=5 dict=/etc/lz4-dict-amd64 /sys/block/zram0/mm_stat 1750638592 727174243 740810752 0 740810752 1 0 34437 34437 [1] https://github.com/lz4/lz4/issues/557 Link: https://lkml.kernel.org/r/20240902105656.1383858-21-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit b8f03cb703a160e14f87a467a4443adc5d940087 Author: Sergey Senozhatsky Date: Mon Sep 2 19:56:07 2024 +0900 zram: move immutable comp params away from per-CPU context Immutable params never change once comp has been allocated and setup, so we don't need to store multiple copies of them in each per-CPU backend context. Move those to per-comp zcomp_params and pass it to backends callbacks for requests execution. Basically, this means parameters sharing between different contexts. Also introduce two new backends callbacks: setup_params() and release_params(). First, we need to validate params in a driver-specific way; second, driver may want to allocate its specific representation of the params which is needed to execute requests. Link: https://lkml.kernel.org/r/20240902105656.1383858-20-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit 6a81bdfeb35094c3097650306a5fda9a990d8a97 Author: Sergey Senozhatsky Date: Mon Sep 2 19:56:06 2024 +0900 zram: introduce zcomp_ctx structure Keep run-time driver data (scratch buffers, etc.) in zcomp_ctx structure. This structure is allocated per-CPU because drivers (backends) need to modify its content during requests execution. We will split mutable and immutable driver data, this is a preparation path. Link: https://lkml.kernel.org/r/20240902105656.1383858-19-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit 52c7b4e2ba508a924c991e681db534e66a851adf Author: Sergey Senozhatsky Date: Mon Sep 2 19:56:05 2024 +0900 zram: introduce zcomp_req structure Encapsulate compression/decompression data in zcomp_req structure. Link: https://lkml.kernel.org/r/20240902105656.1383858-18-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit dea77d7aea9855af321b835e4fb2fff68cd94dac Author: Sergey Senozhatsky Date: Mon Sep 2 19:56:04 2024 +0900 zram: add support for dict comp config Handle dict=path algorithm param so that we can read a pre-trained compression algorithm dictionary which we then pass to the backend configuration. Link: https://lkml.kernel.org/r/20240902105656.1383858-17-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit 4eac932103a5d8c3a1bdf6776dbc1a178c31d896 Author: Sergey Senozhatsky Date: Mon Sep 2 19:56:03 2024 +0900 zram: introduce algorithm_params device attribute This attribute is used to setup compression algorithms' parameters, so we can tweak algorithms' characteristics. At this point only 'level' is supported (to be extended in the future). Each call sets up parameters for one particular algorithm, which should be specified either by the algorithm's priority or algo name. This is expected to be called after corresponding algorithm is selected via comp_algorithm or recomp_algorithm. echo "priority=0 level=1" > /sys/block/zram0/algorithm_params or echo "algo=zstd level=1" > /sys/block/zram0/algorithm_params Link: https://lkml.kernel.org/r/20240902105656.1383858-16-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit eb826a01909a2d39660ed5a486ebc43e831254bc Author: Sergey Senozhatsky Date: Mon Sep 2 19:56:02 2024 +0900 zram: recalculate zstd compression params once zstd compression params depends on level, but are constant for a given instance of zstd compression backend. Calculate once (during ctx creation). Link: https://lkml.kernel.org/r/20240902105656.1383858-15-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit f2bac7ad187d77e2a053d3cd04b158a06b683d26 Author: Sergey Senozhatsky Date: Mon Sep 2 19:56:01 2024 +0900 zram: introduce zcomp_params structure We will store a per-algorithm parameters there (compression level, dictionary, dictionary size, etc.). Link: https://lkml.kernel.org/r/20240902105656.1383858-14-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit 1a78390d8760c20c188f27feae74ddb44ae6f0bb Author: Sergey Senozhatsky Date: Mon Sep 2 19:56:00 2024 +0900 zram: check that backends array has at least one backend Make sure that backends array has anything apart from the sentinel NULL value. We also select LZO_BACKEND if none backends were selected. Link: https://lkml.kernel.org/r/20240902105656.1383858-13-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit 1d3100cf148de1afb7b2282dbc5941fdc4722949 Author: Sergey Senozhatsky Date: Mon Sep 2 19:55:59 2024 +0900 zram: add 842 compression backend support Add s/w 842 compression support. Link: https://lkml.kernel.org/r/20240902105656.1383858-12-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit 84112e314f69e1f86d532cee0ef6ea579aeea26d Author: Sergey Senozhatsky Date: Mon Sep 2 19:55:58 2024 +0900 zram: add zlib compression backend support Add s/w zlib (inflate/deflate) compression. Link: https://lkml.kernel.org/r/20240902105656.1383858-11-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit dbf2763cec21f4e56420c3a31bf6f0ebf81b5ab7 Author: Sergey Senozhatsky Date: Mon Sep 2 19:55:57 2024 +0900 zram: pass estimated src size hint to zstd zram works with PAGE_SIZE buffers, so we always know exact size of the source buffer and hence can pass estimated_src_size to zstd_get_params(). This hint on x86_64, for example, reduces the size of the work memory buffer from 1303520 bytes down to 90080 bytes. Given that compression streams are per-CPU that's quite some memory saving. Link: https://lkml.kernel.org/r/20240902105656.1383858-10-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit 73e7d81abbc80b04595cc7da09dcaa05a3a92602 Author: Sergey Senozhatsky Date: Mon Sep 2 19:55:56 2024 +0900 zram: add zstd compression backend support Add s/w zstd compression. Link: https://lkml.kernel.org/r/20240902105656.1383858-9-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit c60a4ef544464f03368ef399ccb8fc115ba9f070 Author: Sergey Senozhatsky Date: Mon Sep 2 19:55:55 2024 +0900 zram: add lz4hc compression backend support Add s/w lz4hc compression support. Link: https://lkml.kernel.org/r/20240902105656.1383858-8-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit 22d651c3b339ec9dcf259c61e7c9eb988acfacc1 Author: Sergey Senozhatsky Date: Mon Sep 2 19:55:54 2024 +0900 zram: add lz4 compression backend support Add s/w lz4 compression support. Link: https://lkml.kernel.org/r/20240902105656.1383858-7-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit 2152247c55b6bfc8d5178506787b1c38ea2679f1 Author: Sergey Senozhatsky Date: Mon Sep 2 19:55:53 2024 +0900 zram: add lzo and lzorle compression backends support Add s/w lzo/lzorle compression support. Link: https://lkml.kernel.org/r/20240902105656.1383858-6-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit 917a59e81c342f47a45be8af7792dae64d317984 Author: Sergey Senozhatsky Date: Mon Sep 2 19:55:52 2024 +0900 zram: introduce custom comp backends API Moving to custom backends implementation gives us ability to have our own minimalistic and extendable API, and algorithms tunings becomes possible. The list of compression backends is empty at this point, we will add backends in the followup patches. Link: https://lkml.kernel.org/r/20240902105656.1383858-5-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Minchan Kim Cc: Nick Terrell Signed-off-by: Andrew Morton commit f3c11cf5cae044668f888a50abb37b29600ca197 Author: Sergey Senozhatsky Date: Mon Sep 2 19:55:51 2024 +0900 lib: zstd: fix null-deref in ZSTD_createCDict_advanced2() ZSTD_createCDict_advanced2() must ensure that ZSTD_createCDict_advanced_internal() has successfully allocated cdict. customMalloc() may be called under low memory condition and may be unable to allocate workspace for cdict. Link: https://lkml.kernel.org/r/20240902105656.1383858-4-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Nick Terrell Cc: Minchan Kim Signed-off-by: Andrew Morton commit 751884743025deeb52f3a2ad39acaf0f57e6d496 Author: Sergey Senozhatsky Date: Mon Sep 2 19:55:50 2024 +0900 lib: lz4hc: export LZ4_resetStreamHC symbol This symbol is needed to enable lz4hc dictionary support. Link: https://lkml.kernel.org/r/20240902105656.1383858-3-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Nick Terrell Cc: Minchan Kim Signed-off-by: Andrew Morton commit 4fc4187984e5dbd7ad63c3acf0b228fa9bf298d3 Author: Sergey Senozhatsky Date: Mon Sep 2 19:55:49 2024 +0900 lib: zstd: export API needed for dictionary support Patch series "zram: introduce custom comp backends API", v7. This series introduces support for run-time compression algorithms tuning, so users, for instance, can adjust compression/acceleration levels and provide pre-trained compression/decompression dictionaries which certain algorithms support. At this point we stop supporting (old/deprecated) comp API. We may add new acomp API support in the future, but before that zram needs to undergo some major rework (we are not ready for async compression). Some benchmarks for reference (look at column #2) *** init zstd /sys/block/zram0/mm_stat 1750659072 504622188 514355200 0 514355200 1 0 34204 34204 *** init zstd dict=/home/ss/zstd-dict-amd64 /sys/block/zram0/mm_stat 1750650880 465908890 475398144 0 475398144 1 0 34185 34185 *** init zstd level=8 dict=/home/ss/zstd-dict-amd64 /sys/block/zram0/mm_stat 1750654976 430803319 439873536 0 439873536 1 0 34185 34185 *** init lz4 /sys/block/zram0/mm_stat 1750646784 664266564 677060608 0 677060608 1 0 34288 34288 *** init lz4 dict=/home/ss/lz4-dict-amd64 /sys/block/zram0/mm_stat 1750650880 619990300 632102912 0 632102912 1 0 34278 34278 *** init lz4hc /sys/block/zram0/mm_stat 1750630400 609023822 621232128 0 621232128 1 0 34288 34288 *** init lz4hc dict=/home/ss/lz4-dict-amd64 /sys/block/zram0/mm_stat 1750659072 505133172 515231744 0 515231744 1 0 34278 34278 Recompress init zram zstd (prio=0), zstd level=5 (prio 1), zstd with dict (prio 2) *** zstd /sys/block/zram0/mm_stat 1750982656 504630584 514269184 0 514269184 1 0 34204 34204 *** idle recompress priority=1 (zstd level=5) /sys/block/zram0/mm_stat 1750982656 488645601 525438976 0 514269184 1 0 34204 34204 *** idle recompress priority=2 (zstd dict) /sys/block/zram0/mm_stat 1750982656 460869640 517914624 0 514269184 1 0 34185 34204 This patch (of 24): We need to export a number of API functions that enable advanced zstd usage - C/D dictionaries, dictionaries sharing between contexts, etc. Link: https://lkml.kernel.org/r/20240902105656.1383858-1-senozhatsky@chromium.org Link: https://lkml.kernel.org/r/20240902105656.1383858-2-senozhatsky@chromium.org Signed-off-by: Sergey Senozhatsky Cc: Nick Terrell Cc: Minchan Kim Cc: Sergey Senozhatsky Signed-off-by: Andrew Morton commit 6050df6d706f58b2240bfabece9f406170104d57 Author: Wei Yang Date: Fri Aug 9 02:01:15 2024 +0000 maple_tree: fix comment typo on ma_flag of allocation tree The maple tree flag of allocation tree is MT_FLAGS_ALLOC_RANGE. Just correct it. Link: https://lkml.kernel.org/r/20240809020115.31575-1-richard.weiyang@gmail.com Signed-off-by: Wei Yang Reviewed-by: Liam R. Howlett Signed-off-by: Andrew Morton commit 0a6fff20d36bc81156a49649f622b152330fed3c Author: Kent Overstreet Date: Sun Sep 1 16:24:59 2024 -0400 mm: fix folio_alloc_noprof() folio_alloc_noprof) wasn't calling the _noprof version, causing allocations to be accounted here instead of to the caller Link: https://lkml.kernel.org/r/20240901202459.4867-1-kent.overstreet@linux.dev Signed-off-by: Kent Overstreet Signed-off-by: Andrew Morton commit 96ae4c9019c5651ded92e97828e341529d5863bc Author: Wei Yang Date: Fri Aug 30 22:04:00 2024 +0000 maple_tree: cleanup function descriptions This patch tries to cleanup some function description: * function name mismatch * parameter name mismatch * parameter all end up with ':' * not prefix '*' if parameter is a pointer There is still some missing description of parameters, I didn't add them since I am not sure the exact meaning. Link: https://lkml.kernel.org/r/20240830220400.2007-1-richard.weiyang@gmail.com Signed-off-by: Wei Yang Reviewed-by: Liam R. Howlett Signed-off-by: Andrew Morton commit 94deaf69dcd33462c61fa8cabb0883e3085a1046 Author: Huan Yang Date: Mon Aug 26 14:40:48 2024 +0800 mm: page_alloc: simpify page del and expand When page del from buddy and need expand, it will account free_pages in zone's migratetype. The current way is to subtract the page number of the current order when deleting, and then add it back when expanding. This is unnecessary, as when migrating the same type, we can directly record the difference between the high-order pages and the expand added, and then subtract it directly. This patch merge that, only when del and expand done, then account free_pages. Link: https://lkml.kernel.org/r/20240826064048.187790-1-link@vivo.com Signed-off-by: Huan Yang Reviewed-by: Vlastimil Babka Signed-off-by: Andrew Morton commit 536ab838a5b37b6ae3f8d53552560b7c51daeb41 Author: Dev Jain Date: Fri Aug 30 10:46:09 2024 +0530 selftests/mm: relax test to fail after 100 migration failures It was recently observed at [1] that during the folio unmapping stage of migration, when the PTEs are cleared, a racing thread faulting on that folio may increase the refcount of the folio, sleep on the folio lock (the migration path has the lock), and migration ultimately fails when asserting the actual refcount against the expected. Thereby, the migration selftest fails on shared-anon mappings. The above enforces the fact that migration is a best-effort service, therefore, it is wrong to fail the test for just a single failure; hence, fail the test after 100 consecutive failures (where 100 is still a subjective choice). Note that, this has no effect on the execution time of the test since that is controlled by a timeout. [1] https://lore.kernel.org/all/20240801081657.1386743-1-dev.jain@arm.com/ Link: https://lkml.kernel.org/r/20240830051609.4037834-1-dev.jain@arm.com Signed-off-by: Dev Jain Suggested-by: David Hildenbrand Reviewed-by: Ryan Roberts Tested-by: Ryan Roberts Cc: Alistair Popple Cc: Aneesh Kumar K.V Cc: Anshuman Khandual Cc: Baolin Wang Cc: Barry Song Cc: Catalin Marinas Cc: Christoph Lameter Cc: Dave Hansen Cc: Gavin Shan Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kirill A. Shutemov Cc: Lance Yang Cc: Mark Brown Cc: Mark Rutland Cc: Matthew Wilcox Cc: Mel Gorman Cc: Michal Hocko Cc: Oscar Salvador Cc: Shuah Khan Cc: Vlastimil Babka Cc: Will Deacon Cc: Yang Shi Signed-off-by: Andrew Morton commit 7ae12a57c56e0b87e6e698479c1f8b65434a608f Author: Hongbo Li Date: Wed Aug 28 12:12:16 2024 +0800 mm/vmalloc.c: make use of the helper macro LIST_HEAD() list_head can be initialized automatically with LIST_HEAD() instead of calling INIT_LIST_HEAD(). Here we can simplify the code. Link: https://lkml.kernel.org/r/20240828041216.1222582-1-lihongbo22@huawei.com Signed-off-by: Hongbo Li Reviewed-by: Uladzislau Rezki (Sony) Cc: Christoph Hellwig Signed-off-by: Andrew Morton commit 81d3ff3c6f76306b22138d69e980634f53bf17fa Author: Usama Arif Date: Fri Aug 30 11:03:40 2024 +0100 mm: add sysfs entry to disable splitting underused THPs If disabled, THPs faulted in or collapsed will not be added to _deferred_list, and therefore won't be considered for splitting under memory pressure if underused. Link: https://lkml.kernel.org/r/20240830100438.3623486-7-usamaarif642@gmail.com Signed-off-by: Usama Arif Cc: Alexander Zhu Cc: Barry Song Cc: David Hildenbrand Cc: Domenico Cerasuolo Cc: Johannes Weiner Cc: Jonathan Corbet Cc: Kairui Song Cc: Matthew Wilcox Cc: Mike Rapoport Cc: Nico Pache Cc: Rik van Riel Cc: Roman Gushchin Cc: Ryan Roberts Cc: Shakeel Butt Cc: Shuang Zhai Cc: Shuang Zhai Cc: Yu Zhao Cc: Hugh Dickins Signed-off-by: Andrew Morton commit dafff3f4c850c98e15501bc6ee20581f9a013dcc Author: Usama Arif Date: Fri Aug 30 11:03:39 2024 +0100 mm: split underused THPs This is an attempt to mitigate the issue of running out of memory when THP is always enabled. During runtime whenever a THP is being faulted in (__do_huge_pmd_anonymous_page) or collapsed by khugepaged (collapse_huge_page), the THP is added to _deferred_list. Whenever memory reclaim happens in linux, the kernel runs the deferred_split shrinker which goes through the _deferred_list. If the folio was partially mapped, the shrinker attempts to split it. If the folio is not partially mapped, the shrinker checks if the THP was underused, i.e. how many of the base 4K pages of the entire THP were zero-filled. If this number goes above a certain threshold (decided by /sys/kernel/mm/transparent_hugepage/khugepaged/max_ptes_none), the shrinker will attempt to split that THP. Then at remap time, the pages that were zero-filled are mapped to the shared zeropage, hence saving memory. Link: https://lkml.kernel.org/r/20240830100438.3623486-6-usamaarif642@gmail.com Signed-off-by: Usama Arif Suggested-by: Rik van Riel Co-authored-by: Johannes Weiner Cc: Alexander Zhu Cc: Barry Song Cc: David Hildenbrand Cc: Domenico Cerasuolo Cc: Jonathan Corbet Cc: Kairui Song Cc: Matthew Wilcox Cc: Mike Rapoport Cc: Nico Pache Cc: Roman Gushchin Cc: Ryan Roberts Cc: Shakeel Butt Cc: Shuang Zhai Cc: Yu Zhao Cc: Shuang Zhai Cc: Hugh Dickins Signed-off-by: Andrew Morton commit 8422acdc97ed5839692b45f800dbfb78abe65a94 Author: Usama Arif Date: Fri Aug 30 11:03:38 2024 +0100 mm: introduce a pageflag for partially mapped folios Currently folio->_deferred_list is used to keep track of partially_mapped folios that are going to be split under memory pressure. In the next patch, all THPs that are faulted in and collapsed by khugepaged are also going to be tracked using _deferred_list. This patch introduces a pageflag to be able to distinguish between partially mapped folios and others in the deferred_list at split time in deferred_split_scan. Its needed as __folio_remove_rmap decrements _mapcount, _large_mapcount and _entire_mapcount, hence it won't be possible to distinguish between partially mapped folios and others in deferred_split_scan. Eventhough it introduces an extra flag to track if the folio is partially mapped, there is no functional change intended with this patch and the flag is not useful in this patch itself, it will become useful in the next patch when _deferred_list has non partially mapped folios. Link: https://lkml.kernel.org/r/20240830100438.3623486-5-usamaarif642@gmail.com Signed-off-by: Usama Arif Cc: Alexander Zhu Cc: Barry Song Cc: David Hildenbrand Cc: Domenico Cerasuolo Cc: Johannes Weiner Cc: Jonathan Corbet Cc: Kairui Song Cc: Matthew Wilcox Cc: Mike Rapoport Cc: Nico Pache Cc: Rik van Riel Cc: Roman Gushchin Cc: Ryan Roberts Cc: Shakeel Butt Cc: Shuang Zhai Cc: Yu Zhao Cc: Shuang Zhai Cc: Hugh Dickins Signed-off-by: Andrew Morton commit 391e86971161906e720f5d3c110ca9124c14fb55 Author: Alexander Zhu Date: Fri Aug 30 11:03:37 2024 +0100 mm: selftest to verify zero-filled pages are mapped to zeropage When a THP is split, any subpage that is zero-filled will be mapped to the shared zeropage, hence saving memory. Add selftest to verify this by allocating zero-filled THP and comparing RssAnon before and after split. Link: https://lkml.kernel.org/r/20240830100438.3623486-4-usamaarif642@gmail.com Signed-off-by: Alexander Zhu Signed-off-by: Usama Arif Acked-by: Rik van Riel Cc: Barry Song Cc: David Hildenbrand Cc: Domenico Cerasuolo Cc: Johannes Weiner Cc: Jonathan Corbet Cc: Kairui Song Cc: Matthew Wilcox Cc: Mike Rapoport Cc: Nico Pache Cc: Roman Gushchin Cc: Ryan Roberts Cc: Shakeel Butt Cc: Shuang Zhai Cc: Yu Zhao Cc: Shuang Zhai Cc: Hugh Dickins Signed-off-by: Andrew Morton commit b1f202060afeb7fcb98473929d26fd3d2093b067 Author: Yu Zhao Date: Fri Aug 30 11:03:36 2024 +0100 mm: remap unused subpages to shared zeropage when splitting isolated thp Patch series "mm: split underused THPs", v5. The current upstream default policy for THP is always. However, Meta uses madvise in production as the current THP=always policy vastly overprovisions THPs in sparsely accessed memory areas, resulting in excessive memory pressure and premature OOM killing. Using madvise + relying on khugepaged has certain drawbacks over THP=always. Using madvise hints mean THPs aren't "transparent" and require userspace changes. Waiting for khugepaged to scan memory and collapse pages into THP can be slow and unpredictable in terms of performance (i.e. you dont know when the collapse will happen), while production environments require predictable performance. If there is enough memory available, its better for both performance and predictability to have a THP from fault time, i.e. THP=always rather than wait for khugepaged to collapse it, and deal with sparsely populated THPs when the system is running out of memory. This patch series is an attempt to mitigate the issue of running out of memory when THP is always enabled. During runtime whenever a THP is being faulted in or collapsed by khugepaged, the THP is added to a list. Whenever memory reclaim happens, the kernel runs the deferred_split shrinker which goes through the list and checks if the THP was underused, i.e. how many of the base 4K pages of the entire THP were zero-filled. If this number goes above a certain threshold, the shrinker will attempt to split that THP. Then at remap time, the pages that were zero-filled are mapped to the shared zeropage, hence saving memory. This method avoids the downside of wasting memory in areas where THP is sparsely filled when THP is always enabled, while still providing the upside THPs like reduced TLB misses without having to use madvise. Meta production workloads that were CPU bound (>99% CPU utilzation) were tested with THP shrinker. The results after 2 hours are as follows: | THP=madvise | THP=always | THP=always | | | + shrinker series | | | + max_ptes_none=409 ----------------------------------------------------------------------------- Performance improvement | - | +1.8% | +1.7% (over THP=madvise) | | | ----------------------------------------------------------------------------- Memory usage | 54.6G | 58.8G (+7.7%) | 55.9G (+2.4%) ----------------------------------------------------------------------------- max_ptes_none=409 means that any THP that has more than 409 out of 512 (80%) zero filled filled pages will be split. To test out the patches, the below commands without the shrinker will invoke OOM killer immediately and kill stress, but will not fail with the shrinker: echo 450 > /sys/kernel/mm/transparent_hugepage/khugepaged/max_ptes_none mkdir /sys/fs/cgroup/test echo $$ > /sys/fs/cgroup/test/cgroup.procs echo 20M > /sys/fs/cgroup/test/memory.max echo 0 > /sys/fs/cgroup/test/memory.swap.max # allocate twice memory.max for each stress worker and touch 40/512 of # each THP, i.e. vm-stride 50K. # With the shrinker, max_ptes_none of 470 and below won't invoke OOM # killer. # Without the shrinker, OOM killer is invoked immediately irrespective # of max_ptes_none value and kills stress. stress --vm 1 --vm-bytes 40M --vm-stride 50K This patch (of 5): Here being unused means containing only zeros and inaccessible to userspace. When splitting an isolated thp under reclaim or migration, the unused subpages can be mapped to the shared zeropage, hence saving memory. This is particularly helpful when the internal fragmentation of a thp is high, i.e. it has many untouched subpages. This is also a prerequisite for THP low utilization shrinker which will be introduced in later patches, where underutilized THPs are split, and the zero-filled pages are freed saving memory. Link: https://lkml.kernel.org/r/20240830100438.3623486-1-usamaarif642@gmail.com Link: https://lkml.kernel.org/r/20240830100438.3623486-3-usamaarif642@gmail.com Signed-off-by: Yu Zhao Signed-off-by: Usama Arif Tested-by: Shuang Zhai Cc: Alexander Zhu Cc: Barry Song Cc: David Hildenbrand Cc: Domenico Cerasuolo Cc: Johannes Weiner Cc: Jonathan Corbet Cc: Kairui Song Cc: Matthew Wilcox Cc: Mike Rapoport Cc: Nico Pache Cc: Rik van Riel Cc: Roman Gushchin Cc: Ryan Roberts Cc: Shakeel Butt Cc: Shuang Zhai Cc: Hugh Dickins Signed-off-by: Andrew Morton commit 903edea6c53f097f5f0c847fdbbfab0c6c44f241 Author: Barry Song Date: Sat Aug 31 08:28:23 2024 +1200 mm: warn about illegal __GFP_NOFAIL usage in a more appropriate location and manner Three points for this change: 1. We should consolidate all warnings in one place. Currently, the order > 1 warning is in the hotpath, while others are in less likely scenarios. Moving all warnings to the slowpath will reduce the overhead for order > 1 and increase the visibility of other warnings. 2. We currently have two warnings for order: one for order > 1 in the hotpath and another for order > costly_order in the laziest path. I suggest standardizing on order > 1 since it's been in use for a long time. 3. We don't need to check for __GFP_NOWARN in this case. __GFP_NOWARN is meant to suppress allocation failure reports, but here we're dealing with bug detection, not allocation failures. So replace WARN_ON_ONCE_GFP by WARN_ON_ONCE. [v-songbaohua@oppo.com: also update the doc for __GFP_NOFAIL with order > 1] Link: https://lkml.kernel.org/r/20240903223935.1697-1-21cnbao@gmail.com Link: https://lkml.kernel.org/r/20240830202823.21478-4-21cnbao@gmail.com Signed-off-by: Barry Song Suggested-by: Vlastimil Babka Reviewed-by: Vlastimil Babka Acked-by: David Hildenbrand Acked-by: Michal Hocko Cc: Christoph Hellwig Cc: Christoph Lameter Cc: Davidlohr Bueso Cc: David Rientjes Cc: "Eugenio Pérez" Cc: Hailong.Liu Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Jason Wang Cc: Joonsoo Kim Cc: Kees Cook Cc: Linus Torvalds Cc: Lorenzo Stoakes Cc: Maxime Coquelin Cc: "Michael S. Tsirkin" Cc: Pekka Enberg Cc: Roman Gushchin Cc: Uladzislau Rezki (Sony) Cc: Xie Yongji Cc: Xuan Zhuo Cc: Yafang Shao Signed-off-by: Andrew Morton commit 17d75422604f0b92869aa17cb44f60958212f033 Author: Barry Song Date: Sat Aug 31 08:28:22 2024 +1200 mm: document __GFP_NOFAIL must be blockable Non-blocking allocation with __GFP_NOFAIL is not supported and may still result in NULL pointers (if we don't return NULL, we result in busy-loop within non-sleepable contexts): static inline struct page * __alloc_pages_slowpath(gfp_t gfp_mask, unsigned int order, struct alloc_context *ac) { ... /* * Make sure that __GFP_NOFAIL request doesn't leak out and make sure * we always retry */ if (gfp_mask & __GFP_NOFAIL) { /* * All existing users of the __GFP_NOFAIL are blockable, so warn * of any new users that actually require GFP_NOWAIT */ if (WARN_ON_ONCE_GFP(!can_direct_reclaim, gfp_mask)) goto fail; ... } ... fail: warn_alloc(gfp_mask, ac->nodemask, "page allocation failure: order:%u", order); got_pg: return page; } Highlight this in the documentation of __GFP_NOFAIL so that non-mm subsystems can reject any illegal usage of __GFP_NOFAIL with GFP_ATOMIC, GFP_NOWAIT, etc. Link: https://lkml.kernel.org/r/20240830202823.21478-3-21cnbao@gmail.com Signed-off-by: Barry Song Acked-by: Michal Hocko Reviewed-by: Christoph Hellwig Acked-by: Vlastimil Babka Acked-by: Davidlohr Bueso Acked-by: David Hildenbrand Cc: Christoph Lameter Cc: David Rientjes Cc: "Eugenio Pérez" Cc: Hailong.Liu Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Jason Wang Cc: Joonsoo Kim Cc: Kees Cook Cc: Linus Torvalds Cc: Lorenzo Stoakes Cc: Maxime Coquelin Cc: "Michael S. Tsirkin" Cc: Pekka Enberg Cc: Roman Gushchin Cc: Uladzislau Rezki (Sony) Cc: Xuan Zhuo Cc: Christoph Hellwig Cc: Xie Yongji Cc: Yafang Shao Signed-off-by: Andrew Morton commit 955abe0a1b41de5ba61fe4cd614ebc123084d499 Author: Jason Wang Date: Sat Aug 31 08:28:21 2024 +1200 vduse: avoid using __GFP_NOFAIL Patch series "mm/vdpa: correct misuse of non-direct-reclaim __GFP_NOFAIL and improve related doc and warn", v4. __GFP_NOFAIL carries the semantics of never failing, so its callers do not check the return value: %__GFP_NOFAIL: The VM implementation _must_ retry infinitely: the caller cannot handle allocation failures. The allocation could block indefinitely but will never return with failure. Testing for failure is pointless. However, __GFP_NOFAIL can sometimes fail if it exceeds size limits or is used with GFP_ATOMIC/GFP_NOWAIT in a non-sleepable context. This patchset handles illegal using __GFP_NOFAIL together with GFP_ATOMIC lacking __GFP_DIRECT_RECLAIM(without this, we can't do anything to reclaim memory to satisfy the nofail requirement) and improve related document and warnings. The proper size limits for __GFP_NOFAIL will be handled separately after more discussions. This patch (of 3): mm doesn't support non-blockable __GFP_NOFAIL allocation. Because persisting in providing __GFP_NOFAIL services for non-block users who cannot perform direct memory reclaim may only result in an endless busy loop. Therefore, in such cases, the current mm-core may directly return a NULL pointer: static inline struct page * __alloc_pages_slowpath(gfp_t gfp_mask, unsigned int order, struct alloc_context *ac) { ... if (gfp_mask & __GFP_NOFAIL) { /* * All existing users of the __GFP_NOFAIL are blockable, so warn * of any new users that actually require GFP_NOWAIT */ if (WARN_ON_ONCE_GFP(!can_direct_reclaim, gfp_mask)) goto fail; ... } ... fail: warn_alloc(gfp_mask, ac->nodemask, "page allocation failure: order:%u", order); got_pg: return page; } Unfortuantely, vpda does that nofail allocation under non-sleepable lock. A possible way to fix that is to move the pages allocation out of the lock into the caller, but having to allocate a huge number of pages and auxiliary page array seems to be problematic as well per Tetsuon: " You should implement proper error handling instead of using __GFP_NOFAIL if count can become large." So I chose another way, which does not release kernel bounce pages when user tries to register userspace bounce pages. Then we can avoid allocating in paths where failure is not expected.(e.g in the release). We pay this for more memory usage as we don't release kernel bounce pages but further optimizations could be done on top. [v-songbaohua@oppo.com: Refine the changelog] Link: https://lkml.kernel.org/r/20240830202823.21478-1-21cnbao@gmail.com Link: https://lkml.kernel.org/r/20240830202823.21478-2-21cnbao@gmail.com Fixes: 6c77ed22880d ("vduse: Support using userspace pages as bounce buffer") Signed-off-by: Barry Song Reviewed-by: Xie Yongji Tested-by: Xie Yongji Signed-off-by: Jason Wang Cc: Christoph Hellwig Cc: Christoph Lameter Cc: David Hildenbrand Cc: David Rientjes Cc: Hailong.Liu Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Joonsoo Kim Cc: Linus Torvalds Cc: Michal Hocko Cc: Pekka Enberg Cc: Roman Gushchin Cc: Uladzislau Rezki (Sony) Cc: Vlastimil Babka Cc: Yafang Shao Cc: Christoph Hellwig Cc: Davidlohr Bueso Cc: "Eugenio Pérez" Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Maxime Coquelin Cc: "Michael S. Tsirkin" Cc: Xuan Zhuo Signed-off-by: Andrew Morton commit 83362d223762fcb4048f135423862c760aa2780f Author: Mateusz Guzik Date: Wed Aug 28 18:07:04 2024 +0200 mm/hugetlb: sort out global lock annotations The mutex array pointer shares a cacheline with the spinlock: ffffffff84187480 B hugetlb_fault_mutex_table ffffffff84187488 B hugetlb_lock This is because the former is annotated with a macro forcing cacheline alignment. I suspect it was meant to be the variant which on top of it makes sure the object does not share the cacheline with anyone. Since array pointer itself is de facto read-only such an annotation does not make sense there anyway. Instead mark it __ro_after_init along with the size var. Do however move the spinlock out of the way. [akpm@linux-foundation.org: move section directives to the end of the definitions, per convention] [akpm@linux-foundation.org: DEFINE_SPINLOCK doesn't permit section modifiers at end-of-definition] Link: https://lkml.kernel.org/r/20240828160704.1425767-1-mjguzik@gmail.com Signed-off-by: Mateusz Guzik Cc: Davidlohr Bueso Cc: Muchun Song Signed-off-by: Andrew Morton commit 15444054a537aca115bb077a77e99a9cc5ae11e6 Author: Hugh Dickins Date: Sun Aug 25 16:25:39 2024 -0700 mm: shmem: extend shmem_unused_huge_shrink() to all sizes Although shmem_get_folio_gfp() is correctly putting inodes on the shrinklist according to the folio size, shmem_unused_huge_shrink() was still dealing with that shrinklist in terms of HPAGE_PMD_SIZE. Generalize that; and to handle the mixture of sizes more sensibly, shmem_alloc_and_add_folio() give it a number of pages to be freed (approximate: no need to minimize that with an exact calculation) instead of a number of inodes to split. [akpm@linux-foundation.org: comment tweak, per David] Link: https://lkml.kernel.org/r/d8c40850-6774-7a93-1e2c-8d941683b260@google.com Signed-off-by: Hugh Dickins Reviewed-by: David Hildenbrand Cc: Baolin Wang Cc: Hugh Dickins Cc: Kirill A. Shutemov Signed-off-by: Andrew Morton commit de5b85262e2038a5ae5d281ddf43d35acb2bfa60 Author: Hugh Dickins Date: Sun Aug 25 15:42:45 2024 -0700 mm: shmem: fix minor off-by-one in shrinkable calculation There has been a long-standing and very minor off-by-one, where shmem_get_folio_gfp() decides if a large folio extends beyond i_size far enough to leave a page or more for freeing later under pressure. This is not something needed for stable: but it will be proportionately more significant as support for smaller large folios is added, and is best fixed before duplicating the check in other places. Link: https://lkml.kernel.org/r/d8e75079-af2d-8519-56df-6be1dccc247a@google.com Fixes: 779750d20b93 ("shmem: split huge pages beyond i_size under memory pressure") Signed-off-by: Hugh Dickins Reviewed-by: David Hildenbrand Reviewed-by: Baolin Wang Signed-off-by: Andrew Morton commit 21a449bedf3f01ea30ed657deeb2e8942ad45936 Author: Wei Yang Date: Mon Aug 26 01:24:22 2024 +0000 maple_tree: dump error message based on format Just do what mt_dump_range64() does. Dump the error message based on format. Link: https://lkml.kernel.org/r/20240826012422.29935-2-richard.weiyang@gmail.com Signed-off-by: Wei Yang Cc: Liam R. Howlett Cc: Matthew Wilcox Signed-off-by: Andrew Morton commit 81528310698726e8f79b9c3de01ebe02567119dd Author: Wei Yang Date: Mon Aug 26 01:24:21 2024 +0000 maple_tree: arange64 node is not a leaf node mt_dump_arange64() only applies to an entry whose type is maple_arange_64, in which mte_is_leaf() must return false. Since mte_is_leaf() here is always false, we can remove this condition check. Link: https://lkml.kernel.org/r/20240826012422.29935-1-richard.weiyang@gmail.com Signed-off-by: Wei Yang Reviewed-by: Liam R. Howlett Cc: Matthew Wilcox Signed-off-by: Andrew Morton commit e9c0bfd704e360eb151ca2d65229fbe425c563e7 Author: SeongJae Park Date: Sun Aug 25 18:57:41 2024 -0700 Docs/damon/maintainer-profile: document Google calendar for bi-weekly meetups We added a public Google calendar for easy sharing of DAMON bi-weekly meetups[1]. Add it to the official document for a better visibility. [1] https://lore.kernel.org/all/20240717235812.53087-1-sj@kernel.org/ Link: https://lkml.kernel.org/r/20240826015741.80707-4-sj@kernel.org Signed-off-by: SeongJae Park Cc: Alex Shi Cc: Hu Haowen <2023002089@link.tyut.edu.cn> Cc: Jonathan Corbet Cc: Yanteng Si Signed-off-by: Andrew Morton commit 2e9b3d6e2e59934a315d2d14b805ea0a2f287426 Author: SeongJae Park Date: Sun Aug 25 18:57:40 2024 -0700 Docs/damon/maintainer-profile: add links in place maintainer-profile.rst for DAMON separates the links and target definitions. It is not really necessary, and only makes the readability worse. At least the definitions need the section title (say, "References"). Just add the links in place on the doc. Link: https://lkml.kernel.org/r/20240826015741.80707-3-sj@kernel.org Signed-off-by: SeongJae Park Cc: Alex Shi Cc: Hu Haowen <2023002089@link.tyut.edu.cn> Cc: Jonathan Corbet Cc: Yanteng Si Signed-off-by: Andrew Morton commit 23a425aab05f6d7da1f787b7f2c8d02d91871ca3 Author: SeongJae Park Date: Sun Aug 25 18:57:39 2024 -0700 Docs/damon: use damonitor GitHub organization instead of awslabs Patch series "Docs/damon: update GitHub repo URLs and maintainer-profile". Replace GitHub URLS on DAMON documents for none-kernel parts DAMON repos with new ones[1] via the first patch. With following two patches, wordsmith maitnainer-profile for better readability, and document the Google clendsar for bi-weekly meetups, respectively. [1] https://lore.kernel.org/20240813232158.83903-1-sj@kernel.org This patch (of 3): GitHub repos for non-kernel parts of DAMON project including 'damo', 'damon-tests' and 'damoos' will be moved[1] from 'awslabs' org to 'damonitor', by 2024-09-05. Update related URLs in kernel tree. [1] https://lore.kernel.org/20240813232158.83903-1-sj@kernel.org Link: https://lkml.kernel.org/r/20240826015741.80707-1-sj@kernel.org Link: https://lkml.kernel.org/r/20240826015741.80707-2-sj@kernel.org Signed-off-by: SeongJae Park Cc: Alex Shi Cc: Hu Haowen <2023002089@link.tyut.edu.cn> Cc: Jonathan Corbet Cc: Yanteng Si Signed-off-by: Andrew Morton commit 2986846437e21dcfdd7531d50a0020e98087b586 Author: SeongJae Park Date: Sun Aug 25 21:23:23 2024 -0700 Revert "mm/damon/lru_sort: adjust local variable to dynamic allocation" This reverts commit 0742cadf5e4c ("mm/damon/lru_sort: adjust local variable to dynamic allocation"). The commit was introduced to avoid unnecessary usage of stack memory for per-scheme region priorities histogram buffer. The fix is nice, but the point of the fix looks not very clear if the commit message is not read together. That's mainly because the buffer is a private field, which means it is hidden from the DAMON API users. That's not the fault of the fix but the underlying data structure. Now the per-scheme histogram buffer is gone, so the problem that the commit was fixing is also removed. The use of kmemdup() has no more point but just making the code bit difficult to understand. Revert the fix. Link: https://lkml.kernel.org/r/20240826042323.87025-5-sj@kernel.org Signed-off-by: SeongJae Park Signed-off-by: Andrew Morton commit e3bcb1672583f2e1cf456e4303ce562a3cc775c0 Author: SeongJae Park Date: Sun Aug 25 21:23:22 2024 -0700 mm/damon/core: remove per-scheme region priority histogram buffer Nobody is reading from or writing to the per-scheme region priorities histogram buffer. It is only wasting memory. Remove it. Link: https://lkml.kernel.org/r/20240826042323.87025-4-sj@kernel.org Signed-off-by: SeongJae Park Signed-off-by: Andrew Morton commit 304b95847f2852070a692beef10c98f5e36af631 Author: SeongJae Park Date: Sun Aug 25 21:23:21 2024 -0700 mm/damon/core: replace per-quota regions priority histogram buffer usage with per-context one Replace the usage of per-quota region priorities histogram buffer with the per-context one. After this change, the per-quota histogram is not used by anyone, and hence it is ready to be removed. Link: https://lkml.kernel.org/r/20240826042323.87025-3-sj@kernel.org Signed-off-by: SeongJae Park Signed-off-by: Andrew Morton commit b7315fbb64736acad3cd33851884b222b00dc0f4 Author: SeongJae Park Date: Sun Aug 25 21:23:20 2024 -0700 mm/damon/core: introduce per-context region priorities histogram buffer Patch series "replace per-quota region priorities histogram buffer with per-context one". Each DAMOS quota (struct damos_quota) maintains a histogram for total regions size per its prioritization score. DAMOS calcultes minimum prioritization score of regions that are ok to apply the DAMOS action to while respecting the quota. The histogram is constructed only for the calculation of the minimum score in damos_adjust_quota() for each quota which called by kdamond_fn(). Hence, there is no real reason to have per-quota histogram. Only per-kdamond histogram is needed, since parallel kdamonds could have races otherwise. The current implementation is only wasting the memory, and can easily cause unintended stack usage[1]. So, introducing a per-kdamond histogram and replacing the per-quota one with it would be the right solution for the issue. However, supporting multiple DAMON contexts per kdamond is still an ongoing work[2] without a clear estimated time of arrival. Meanwhile, per-context histogram could be an effective and straightforward solution having no blocker. Let's fix the problem first in the way. This patch (of 4): Introduce per-context buffer for region priority scores-total size histogram. Same to the per-quota one (->histogram of struct damos_quota), the new buffer is hidden from DAMON API users by being defined as a private field of DAMON context structure. It is dynamically allocated and de-allocated at the beginning and ending of the execution of the kdamond by kdamond_fn() itself. [1] commit 0742cadf5e4c ("mm/damon/lru_sort: adjust local variable to dynamic allocation") [2] https://lore.kernel.org/20240531122320.909060-1-yorha.op@gmail.com Link: https://lkml.kernel.org/r/20240826042323.87025-1-sj@kernel.org Link: https://lkml.kernel.org/r/20240826042323.87025-2-sj@kernel.org Signed-off-by: SeongJae Park Signed-off-by: Andrew Morton commit 24f937796c1ac8d16947495c39ffff416f7125ee Author: Kefeng Wang Date: Mon Aug 26 14:58:14 2024 +0800 mm: remove putback_lru_page() There are no more callers of putback_lru_page(), remove it. Link: https://lkml.kernel.org/r/20240826065814.1336616-7-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Acked-by: David Hildenbrand Reviewed-by: Vishal Moola (Oracle) Cc: Alistair Popple Cc: Baolin Wang Cc: Jonathan Corbet Cc: Matthew Wilcox (Oracle) Cc: Zi Yan Signed-off-by: Andrew Morton commit 775d28fd45a2f5e58d8927ce77693398b1f074a6 Author: Kefeng Wang Date: Mon Aug 26 14:58:13 2024 +0800 mm: remove isolate_lru_page() There are no more callers of isolate_lru_page(), remove it. [wangkefeng.wang@huawei.com: convert page to folio in comment and document, per Matthew] Link: https://lkml.kernel.org/r/20240826144114.1928071-1-wangkefeng.wang@huawei.com Link: https://lkml.kernel.org/r/20240826065814.1336616-6-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Reviewed-by: Vishal Moola (Oracle) Cc: Alistair Popple Cc: Baolin Wang Cc: David Hildenbrand Cc: Jonathan Corbet Cc: Matthew Wilcox (Oracle) Cc: Zi Yan Signed-off-by: Andrew Morton commit 58bf8c2bf47550bc94fea9cafd2bc7304d97102c Author: Kefeng Wang Date: Mon Aug 26 14:58:12 2024 +0800 mm: migrate_device: use more folio in migrate_device_finalize() Saves a couple of calls to compound_head() and remove last two callers of putback_lru_page(). Link: https://lkml.kernel.org/r/20240826065814.1336616-5-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Reviewed-by: Vishal Moola (Oracle) Reviewed-by: Alistair Popple Cc: Baolin Wang Cc: David Hildenbrand Cc: Jonathan Corbet Cc: Matthew Wilcox (Oracle) Cc: Zi Yan Signed-off-by: Andrew Morton commit 39e618d986e46b02d0f0efcdeb7693f65a51a917 Author: Kefeng Wang Date: Mon Aug 26 14:58:11 2024 +0800 mm: migrate_device: use more folio in migrate_device_unmap() The page for migrate_device_unmap() already has a reference, so it is safe to convert the page to folio to save a few calls to compound_head(), which removes the last isolate_lru_page() call. Link: https://lkml.kernel.org/r/20240826065814.1336616-4-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Acked-by: David Hildenbrand Reviewed-by: Vishal Moola (Oracle) Reviewed-by: Alistair Popple Cc: Baolin Wang Cc: Jonathan Corbet Cc: Matthew Wilcox (Oracle) Cc: Zi Yan Signed-off-by: Andrew Morton commit 53456b7b3f4c3427ff04ae5c92e6dba1b9bfbb23 Author: Kefeng Wang Date: Mon Aug 26 14:58:10 2024 +0800 mm: migrate_device: use a folio in migrate_device_range() Save two calls to compound_head() and use folio throughout. Link: https://lkml.kernel.org/r/20240826065814.1336616-3-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Acked-by: David Hildenbrand Reviewed-by: Vishal Moola (Oracle) Reviewed-by: Alistair Popple Cc: Baolin Wang Cc: Jonathan Corbet Cc: Matthew Wilcox (Oracle) Cc: Zi Yan Signed-off-by: Andrew Morton commit 5c8525a37b78ddfee84ff6927b8838013ff2521e Author: Kefeng Wang Date: Mon Aug 26 14:58:09 2024 +0800 mm: migrate_device: convert to migrate_device_coherent_folio() Patch series "mm: finish isolate/putback_lru_page()". Convert to use more folios in migrate_device.c, then we could remove isolate_lru_page() and putback_lru_page(). This patch (of 6): Save a few calls to compound_head() and use folio throughout. Link: https://lkml.kernel.org/r/20240826065814.1336616-1-wangkefeng.wang@huawei.com Link: https://lkml.kernel.org/r/20240826065814.1336616-2-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Acked-by: David Hildenbrand Reviewed-by: Vishal Moola (Oracle) Reviewed-by: Alistair Popple Cc: Baolin Wang Cc: Jonathan Corbet Cc: Matthew Wilcox (Oracle) Cc: Zi Yan Signed-off-by: Andrew Morton commit 97b76796ccd07727b58ed739fcd60f2174d5ac18 Author: Matthew Wilcox (Oracle) Date: Mon Aug 26 21:21:35 2024 +0100 swap: convert swapon() to use a folio Retrieve a folio from the page cache rather than a page. Saves a couple of conversions between page & folio. Link: https://lkml.kernel.org/r/20240826202138.3804238-1-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 8175ebfd302abe6fbdca9037f763ecbfdb8db572 Author: Barry Song Date: Sat Aug 24 13:04:41 2024 +1200 mm: count the number of partially mapped anonymous THPs per size When a THP is added to the deferred_list due to partially mapped, its partial pages are unused, leading to wasted memory and potentially increasing memory reclamation pressure. Detailing the specifics of how unmapping occurs is quite difficult and not that useful, so we adopt a simple approach: each time a THP enters the deferred_list, we increment the count by 1; whenever it leaves for any reason, we decrement the count by 1. Link: https://lkml.kernel.org/r/20240824010441.21308-3-21cnbao@gmail.com Signed-off-by: Barry Song Acked-by: David Hildenbrand Cc: Baolin Wang Cc: Chris Li Cc: Chuanhua Han Cc: Kairui Song Cc: Kalesh Singh Cc: Lance Yang Cc: Ryan Roberts Cc: Shuai Yuan Cc: Usama Arif Cc: Zi Yan Signed-off-by: Andrew Morton commit 5d65c8d758f2596c008009e39bb2614deed2c730 Author: Barry Song Date: Sat Aug 24 13:04:40 2024 +1200 mm: count the number of anonymous THPs per size Patch series "mm: count the number of anonymous THPs per size", v4. Knowing the number of transparent anon THPs in the system is crucial for performance analysis. It helps in understanding the ratio and distribution of THPs versus small folios throughout the system. Additionally, partial unmapping by userspace can lead to significant waste of THPs over time and increase memory reclamation pressure. We need this information for comprehensive system tuning. This patch (of 2): Let's track for each anonymous THP size, how many of them are currently allocated. We'll track the complete lifespan of an anon THP, starting when it becomes an anon THP ("large anon folio") (->mapping gets set), until it gets freed (->mapping gets cleared). Introduce a new "nr_anon" counter per THP size and adjust the corresponding counter in the following cases: * We allocate a new THP and call folio_add_new_anon_rmap() to map it the first time and turn it into an anon THP. * We split an anon THP into multiple smaller ones. * We migrate an anon THP, when we prepare the destination. * We free an anon THP back to the buddy. Note that AnonPages in /proc/meminfo currently tracks the total number of *mapped* anonymous *pages*, and therefore has slightly different semantics. In the future, we might also want to track "nr_anon_mapped" for each THP size, which might be helpful when comparing it to the number of allocated anon THPs (long-term pinning, stuck in swapcache, memory leaks, ...). Further note that for now, we only track anon THPs after they got their ->mapping set, for example via folio_add_new_anon_rmap(). If we would allocate some in the swapcache, they will only show up in the statistics for now after they have been mapped to user space the first time, where we call folio_add_new_anon_rmap(). [akpm@linux-foundation.org: documentation fixups, per David] Link: https://lkml.kernel.org/r/3e8add35-e26b-443b-8a04-1078f4bc78f6@redhat.com Link: https://lkml.kernel.org/r/20240824010441.21308-1-21cnbao@gmail.com Link: https://lkml.kernel.org/r/20240824010441.21308-2-21cnbao@gmail.com Signed-off-by: Barry Song Acked-by: David Hildenbrand Cc: Baolin Wang Cc: Chris Li Cc: Chuanhua Han Cc: Kairui Song Cc: Kalesh Singh Cc: Lance Yang Cc: Ryan Roberts Cc: Shuai Yuan Cc: Usama Arif Cc: Zi Yan Signed-off-by: Andrew Morton commit 70e59a75283bdcc49c8ee104c2d49a22e4912305 Author: Ryan Roberts Date: Thu Aug 8 12:18:47 2024 +0100 mm: tidy up shmem mTHP controls and stats Previously we had a situation where shmem mTHP controls and stats were not exposed for some supported sizes and were exposed for some unsupported sizes. So let's clean that up. Anon mTHP can support all large orders [2, PMD_ORDER]. But shmem can support all large orders [1, MAX_PAGECACHE_ORDER]. However, per-size shmem controls and stats were previously being exposed for all the anon mTHP orders, meaning order-1 was not present, and for arm64 64K base pages, orders 12 and 13 were exposed but were not supported internally. Tidy this all up by defining ctrl and stats attribute groups for anon and file separately. Anon ctrl and stats groups are populated for all orders in THP_ORDERS_ALL_ANON and file ctrl and stats groups are populated for all orders in THP_ORDERS_ALL_FILE_DEFAULT. Additionally, create "any" ctrl and stats attribute groups which are populated for all orders in (THP_ORDERS_ALL_ANON | THP_ORDERS_ALL_FILE_DEFAULT). swpout stats use this since they apply to anon and shmem. The side-effect of all this is that different hugepage-*kB directories contain different sets of controls and stats, depending on which memory types support that size. This approach is preferred over the alternative, which is to populate dummy controls and stats for memory types that do not support a given size. [ryan.roberts@arm.com: file pages and shmem can also be split] Link: https://lkml.kernel.org/r/f7ced14c-8bc5-405f-bee7-94f63980f525@arm.comLink: https://lkml.kernel.org/r/20240808111849.651867-3-ryan.roberts@arm.com Signed-off-by: Ryan Roberts Tested-by: Barry Song Reviewed-by: Baolin Wang Cc: David Hildenbrand Cc: Gavin Shan Cc: Hugh Dickins Cc: Lance Yang Cc: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 246d3aa3e53151fa150f10257ddd8a4facd31a6a Author: Ryan Roberts Date: Thu Aug 8 12:18:46 2024 +0100 mm: cleanup count_mthp_stat() definition Patch series "Shmem mTHP controls and stats improvements", v3. This is a small series to tidy up the way the shmem controls and stats are exposed. These patches were previously part of the series at [2], but I decided to split them out since they can go in independently. This patch (of 2): Let's move count_mthp_stat() so that it's always defined, even when THP is disabled. Previously uses of the function in files such as shmem.c, which are compiled even when THP is disabled, required ugly THP ifdeferry. With this cleanup, we can remove those ifdefs and the function resolves to a nop when THP is disabled. I shortly plan to call count_mthp_stat() from more THP-invariant source files. Link: https://lkml.kernel.org/r/20240808111849.651867-1-ryan.roberts@arm.com Link: https://lkml.kernel.org/r/20240808111849.651867-2-ryan.roberts@arm.com Signed-off-by: Ryan Roberts Acked-by: Barry Song Reviewed-by: Baolin Wang Reviewed-by: Lance Yang Acked-by: David Hildenbrand Cc: Gavin Shan Cc: Hugh Dickins Cc: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 3ac352797cf02b53ea4a6ca0b958a288eedda514 Author: Tejun Heo Date: Sat Sep 7 08:11:25 2024 -1000 sched_ext: Add missing static to scx_dump_data scx_dump_data is only used inside ext.c but doesn't have static. Add it. Signed-off-by: Tejun Heo Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409070218.RB5WsQ07-lkp@intel.com/ commit eb3b3f520518003cd363239fc160bdd7ed327319 Author: Heiko Stuebner Date: Tue Sep 10 00:31:49 2024 +0200 dt-bindings: clock, reset: fix top-comment indentation rk3576 headers Block comments should align the * on each line, as checkpatch rightfully pointed out, so fix that style issue on the newly added rk3576 headers. Fixes: 49c04453db81 ("dt-bindings: clock, reset: Add support for rk3576") Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240909223149.85364-1-heiko@sntech.de Signed-off-by: Stephen Boyd commit 41d0c4677feee1ea063e0f2c2af72dc953b1f1cc Author: Yusheng Zheng Date: Mon Sep 9 22:59:52 2024 +0000 libbpf: Fix some typos in comments Fix some spelling errors in the code comments of libbpf: betwen -> between paremeters -> parameters knowning -> knowing definiton -> definition compatiblity -> compatibility overriden -> overridden occured -> occurred proccess -> process managment -> management nessary -> necessary Signed-off-by: Yusheng Zheng Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240909225952.30324-1-yunwei356@gmail.com commit 72d8508ecd3b081dba03ec00930c6b07c1ad55d3 Author: Shahab Vahedi Date: Mon Sep 9 20:47:54 2024 +0200 MAINTAINERS: BPF ARC JIT: Update my e-mail address The previous e-mail address from Synopsys is not available anymore. Signed-off-by: Shahab Vahedi Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240909184754.27634-1-list+bpf@vahedi.org commit bee109b7b3e50739b88252a219fa07ecd78ad628 Author: Maxim Mikityanskiy Date: Mon Sep 9 16:39:09 2024 +0300 bpf: Fix error message on kfunc arg type mismatch When "arg#%d expected pointer to ctx, but got %s" error is printed, both template parts actually point to the type of the argument, therefore, it will also say "but got PTR", regardless of what was the actual register type. Fix the message to print the register type in the second part of the template, change the existing test to adapt to the new format, and add a new test to test the case when arg is a pointer to context, but reg is a scalar. Fixes: 00b85860feb8 ("bpf: Rewrite kfunc argument handling") Signed-off-by: Maxim Mikityanskiy Signed-off-by: Andrii Nakryiko Acked-by: Kumar Kartikeya Dwivedi Link: https://lore.kernel.org/bpf/20240909133909.1315460-1-maxim@isovalent.com commit f028d7716cdeae3be7d8d211482248916b25b1c2 Author: Andrew Kreimer Date: Mon Sep 9 12:24:41 2024 +0300 bpftool: Fix typos Fix typos in documentation. Reported-by: Matthew Wilcox Reported-by: Quentin Monnet Signed-off-by: Andrew Kreimer Signed-off-by: Andrii Nakryiko Acked-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20240909092452.4293-1-algonell@gmail.com commit 4cdc0e4ce5e893bc92255f5f734d983012f2bc2e Author: Kuan-Wei Chiu Date: Sun Sep 8 22:00:09 2024 +0800 bpftool: Fix undefined behavior caused by shifting into the sign bit Replace shifts of '1' with '1U' in bitwise operations within __show_dev_tc_bpf() to prevent undefined behavior caused by shifting into the sign bit of a signed integer. By using '1U', the operations are explicitly performed on unsigned integers, avoiding potential integer overflow or sign-related issues. Signed-off-by: Kuan-Wei Chiu Signed-off-by: Andrii Nakryiko Acked-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20240908140009.3149781-1-visitorckw@gmail.com commit 12707b9159e631af91c051fd102d469364b6ecc3 Author: Shuyi Cheng Date: Sun Sep 8 17:23:53 2024 +0800 libbpf: Fixed getting wrong return address on arm64 architecture ARM64 has a separate lr register to store the return address, so here you only need to read the lr register to get the return address, no need to dereference it again. Signed-off-by: Shuyi Cheng Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/1725787433-77262-1-git-send-email-chengshuyi@linux.alibaba.com commit 40a895fd9a358eea16901026360bd2cd3ca691a7 Author: Dave Jiang Date: Thu Sep 5 15:35:45 2024 -0700 cxl: move cxl headers to new include/cxl/ directory Group all cxl related kernel headers into include/cxl/ directory. Reviewed-by: Alison Schofield Reviewed-by: Ira Weiny Link: https://patch.msgid.link/20240905223711.1990186-2-dave.jiang@intel.com Signed-off-by: Dave Jiang commit 43457ada98c824f310adb7bd96bd5f2fcd9a3279 Author: Hans de Goede Date: Mon Aug 12 22:39:48 2024 +0200 i2c: i801: Use a different adapter-name for IDF adapters On chipsets with a second 'Integrated Device Function' SMBus controller use a different adapter-name for the second IDF adapter. This allows platform glue code which is looking for the primary i801 adapter to manually instantiate i2c_clients on to differentiate between the 2. This allows such code to find the primary i801 adapter by name, without needing to duplicate the PCI-ids to feature-flags mapping from i2c-i801.c. Reviewed-by: Pali Rohár Signed-off-by: Hans de Goede Acked-by: Wolfram Sang Signed-off-by: Andi Shyti commit 60f68597024d5af727c8a5f5f3b11f246265192b Author: Hans de Goede Date: Mon Aug 12 22:39:47 2024 +0200 i2c: core: Setup i2c_adapter runtime-pm before calling device_add() Platform glue code, which is not build into the kernel and thus cannot use i2c_register_board_info() may want to use bus_register_notifier() to listen for i2c-adapters to show up on which the platform code needs to manually instantiate platform specific i2c_clients. This results in calling i2c_new_client_device() from the bus notifier which happens near the device_add() call. If the i2c-core has not yet setup runtime-pm (specifically the no-callbacks and ignore-children flags) for the device embedded inside struct i2c_adapter and the driver for the i2c_client calls pm_runtime_set_active() this will trigger the following error inside __pm_runtime_set_status(): "runtime PM trying to activate child device %s but parent (%s) is not active\n" and the i2c_client's runtime-status will not be updated. Split the device_register() call for the adapter into device_initialize() and device_add() and move the pm-runtime init calls inbetween these 2 calls so that the runtime-status can be correctly set when a driver binds from the bus-notifier. Note the moved pm-runtime init calls just override the initial value of some flags in struct device set by device_initialize() and calling these before device_add() is safe. Reviewed-by: Pali Rohár Reviewed-by: Andi Shyti Signed-off-by: Hans de Goede Acked-by: Wolfram Sang Signed-off-by: Andi Shyti commit 15b882c6c873f49735a5133ea983a82f9dd65218 Author: Stanislav Jakubek Date: Thu Aug 15 13:45:56 2024 +0200 dt-bindings: i2c: i2c-sprd: convert to YAML Convert the Spreadtrum SC9860 I2C controller bindings to DT schema. Adjust filename to match compatible. Signed-off-by: Stanislav Jakubek Reviewed-by: Conor Dooley Signed-off-by: Andi Shyti commit 46b2dfc0aa79277c2ed119975de72f49bddd77c9 Author: Vasily Khoruzhick Date: Mon Aug 19 13:51:04 2024 -0700 i2c: ismt: kill transaction in hardware on timeout On Intel Denverton SoC ismt controller may enter weird state when transaction gets stuck. It times out in the driver, but unless transaction is explicitly killed in the controller, it won't be able to perform new transactions anymore. The issue is extremely difficult to reproduce and may take weeks of non- stop smbus traffic. Numerous hours with logic analyzer didn't yield any useful results, it looks like the controller stops toggling SCK line, i.e. the issue is likely in the controller, since device doesn't do clock stretching, so nothing is driving SCK except the host. Explicitly kill transaction on timeout to recover the controller from this state. Signed-off-by: Vasily Khoruzhick Signed-off-by: Andi Shyti commit 66049b33c042dab0df9a27117702f9398b9cab20 Author: Heikki Krogerus Date: Tue Sep 3 17:25:06 2024 +0300 i2c: designware: Group all DesignWare drivers under a single option There are quite a few drivers and options for the DesignWare I2C adapter in the Kconfig. Grouping all of them under the I2C_DESIGNWARE_CORE. That makes the menuconfig a bit more easier to understand. Signed-off-by: Heikki Krogerus Acked-by: Jarkko Nikula Signed-off-by: Andi Shyti commit 4b09647531ee8ba52fa334482dd5e1ff1ab824be Author: Heikki Krogerus Date: Tue Sep 3 17:25:05 2024 +0300 net: txgbe: Fix I2C Kconfig dependencies The dependency handling of the Synopsys DesignWare I2C adapter drivers is going to be changed so that the glue drivers for the platform and PCI buses depend on I2C_DESIGNWARE_CORE. Right now this driver prevents that update because it selects I2C_DESIGNWARE_PLATFORM. To make the dependency on I2C_DESIGNWARE_PLATFORM consistent with the other drivers in kernel that depend on it, and allow the dependency handling of the Synopsys DesignWare I2C drivers to be updated, change the "select" into "depends on". Cc: Jiawen Wu Cc: Mengyuan Lou Cc: David S. Miller Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: netdev@vger.kernel.org Signed-off-by: Heikki Krogerus Acked-by: Jarkko Nikula Signed-off-by: Andi Shyti commit 0175b1d3c6dffa3e0d40f1c8ba1e0ce23f1d786d Author: Heikki Krogerus Date: Tue Sep 3 17:25:04 2024 +0300 RISC-V: configs: enable I2C_DESIGNWARE_CORE with I2C_DESIGNWARE_PLATFORM The dependency handling of the Synopsys DesignWare I2C adapter drivers is going to be changed so that the glue drivers for the PCI and platform buses depend on I2C_DESIGNWARE_CORE. Cc: Paul Walmsley Cc: Palmer Dabbelt Cc: Albert Ou Cc: linux-riscv@lists.infradead.org Signed-off-by: Heikki Krogerus Acked-by: Jarkko Nikula Signed-off-by: Andi Shyti commit 9bee8b3a1b07d51131b85ded12b9b58aa8143f92 Author: Heikki Krogerus Date: Tue Sep 3 17:25:03 2024 +0300 mips: configs: enable I2C_DESIGNWARE_CORE with I2C_DESIGNWARE_PLATFORM The dependency handling of the Synopsys DesignWare I2C adapter drivers is going to be changed so that the glue drivers for the PCI and platform buses depend on I2C_DESIGNWARE_CORE. Cc: Alexandre Belloni Cc: UNGLinuxDriver@microchip.com Cc: Thomas Bogendoerfer Cc: linux-mips@vger.kernel.org Signed-off-by: Heikki Krogerus Acked-by: Jarkko Nikula Signed-off-by: Andi Shyti commit dd5e982dc81d73e91b45e41406b86a35911a377d Author: Heikki Krogerus Date: Tue Sep 3 17:25:02 2024 +0300 arm64: defconfig: enable I2C_DESIGNWARE_CORE with I2C_DESIGNWARE_PLATFORM The dependency handling of the Synopsys DesignWare I2C adapter drivers is going to be changed so that the glue drivers for the PCI and platform buses depend on I2C_DESIGNWARE_CORE. Cc: Catalin Marinas Cc: Will Deacon Cc: linux-arm-kernel@lists.infradead.org Signed-off-by: Heikki Krogerus Acked-by: Jarkko Nikula Signed-off-by: Andi Shyti commit 93447c64d15474ed0fb1e93495685697adc62cc7 Author: Heikki Krogerus Date: Tue Sep 3 17:25:01 2024 +0300 ARM: configs: enable I2C_DESIGNWARE_CORE with I2C_DESIGNWARE_PLATFORM The dependency handling of the Synopsys DesignWare I2C adapter drivers is going to be changed so that the glue drivers for the PCI and platform buses depend on I2C_DESIGNWARE_CORE. Cc: Russell King Cc: Dinh Nguyen Cc: linux-arm-kernel@lists.infradead.org Signed-off-by: Heikki Krogerus Acked-by: Jarkko Nikula Signed-off-by: Andi Shyti commit 5b16c703ce280f05029f7af8cf68ee2f6724d0c0 Author: Heikki Krogerus Date: Tue Sep 3 17:25:00 2024 +0300 ARC: configs: enable I2C_DESIGNWARE_CORE with I2C_DESIGNWARE_PLATFORM The dependency handling of the Synopsys DesignWare I2C adapter drivers is going to be changed so that the glue drivers for the PCI and platform buses depend on I2C_DESIGNWARE_CORE. Cc: Vineet Gupta Cc: linux-snps-arc@lists.infradead.org Signed-off-by: Heikki Krogerus Acked-by: Jarkko Nikula Signed-off-by: Andi Shyti commit 35b6c073cc6c854102dda5a9b57fe2fa9c39a468 Author: Christophe JAILLET Date: Sun Sep 8 08:52:07 2024 +0200 i2c: virtio: Constify struct i2c_algorithm and struct virtio_device_id 'struct i2c_algorithm' and 'struct virtio_device_id' are not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security, especially when the structure holds some function pointers, which is the case for struct i2c_algorithm. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 6663 568 16 7247 1c4f drivers/i2c/busses/i2c-virtio.o After: ===== text data bss dec hex filename 6735 472 16 7223 1c37 drivers/i2c/busses/i2c-virtio.o -- Compile tested only Signed-off-by: Christophe JAILLET Signed-off-by: Andi Shyti commit 1bae7589228fd942d8133c0a8660078ba421203d Author: Kuninori Morimoto Date: Mon Sep 9 04:42:45 2024 +0000 i2c: rcar: tidyup priv->devtype handling on rcar_i2c_probe() rcar_i2c_probe() has priv->devtype operation, but handling (A) and (C) in same place is more understandable ( (A) and (B) are independent). (A) if (priv->devtype < I2C_RCAR_GEN3) { ... } (B) ... (C) if (priv->devtype >= I2C_RCAR_GEN3) { ... } Let's merge it with if-else Signed-off-by: Kuninori Morimoto Reviewed-by: Geert Uytterhoeven Reviewed-by: Wolfram Sang Signed-off-by: Andi Shyti commit c9e8f5a553d05fcbb2bfa7635581ebcbcd2b234a Author: Shen Lichuan Date: Mon Sep 9 15:52:57 2024 +0800 i2c: imx: Convert comma to semicolon To ensure code clarity and prevent potential errors, it's advisable to employ the ';' as a statement separator, except when ',' are intentionally used for specific purposes. Signed-off-by: Shen Lichuan Signed-off-by: Andi Shyti commit 12729039bd88b563a6c4e88706c0915928c92825 Author: Rong Qianfeng Date: Tue Aug 27 11:48:40 2024 +0800 i2c: jz4780: Use devm_clk_get_enabled() helpers The devm_clk_get_enabled() helpers: - call devm_clk_get() - call clk_prepare_enable() and register what is needed in order to call clk_disable_unprepare() when needed, as a managed resource. This simplifies the code and avoids the calls to clk_disable_unprepare(). While at it, no more special handling needed here, remove the goto label "err:". Signed-off-by: Rong Qianfeng Acked-by: Paul Cercueil Signed-off-by: Andi Shyti commit f1f3dd1a0aae92851d5a9edd7f6896554020d610 Author: Rong Qianfeng Date: Tue Aug 27 11:48:39 2024 +0800 i2c: emev2: Use devm_clk_get_enabled() helpers The devm_clk_get_enabled() helpers: - call devm_clk_get() - call clk_prepare_enable() and register what is needed in order to call clk_disable_unprepare() when needed, as a managed resource. This simplifies the code and avoids the calls to clk_disable_unprepare(). While at it, no need to save clk pointer, drop sclk from struct em_i2c_device. Signed-off-by: Rong Qianfeng Reviewed-by: Geert Uytterhoeven Reviewed-by: Wolfram Sang Signed-off-by: Andi Shyti commit d0f8e97866bf258b420ebf2b46755399ca01e585 Author: Farouk Bouabid Date: Fri Sep 6 17:54:13 2024 +0200 i2c: muxes: add support for tsd,mule-i2c multiplexer Theobroma Systems Mule is an MCU that emulates a set of I2C devices, among which an amc6821 and devices that are reachable through an I2C-mux. The devices on the mux can be selected by writing the appropriate device number to an I2C config register (amc6821 reg 0xff). This driver is expected to be probed as a platform device with amc6821 as its parent i2c device. Add support for the mule-i2c-mux platform driver. The amc6821 driver support for the mux will be added in a later commit. Reviewed-by: Wolfram Sang Signed-off-by: Farouk Bouabid Signed-off-by: Andi Shyti commit 4a875cf15427a1a83e9122e5be9a6b08937a5bc5 Author: Farouk Bouabid Date: Fri Sep 6 17:54:12 2024 +0200 dt-bindings: i2c: add support for tsd,mule-i2c-mux Theobroma Systems Mule is an MCU that emulates a set of I2C devices, among which devices that are reachable through an I2C-mux. The devices on the mux can be selected by writing the appropriate device number to an I2C config register. Reviewed-by: Rob Herring (Arm) Acked-by: Wolfram Sang Signed-off-by: Farouk Bouabid Reviewed-by: Guenter Roeck Reviewed-by: Wolfram Sang Signed-off-by: Andi Shyti commit 8f65c4552d5d968572162bf1a65e53a80b72f937 Author: Tyrone Ting Date: Fri Aug 30 11:46:34 2024 +0800 i2c: npcm: restore slave addresses array length The smatch check warning is "buffer overflow 'npcm_i2caddr' 2 <= 9". The original design supports 10 target addresses although only 2 addresses are required for current implementation. Restore the npcm_i2caddr array length to fix the smatch warning. Reported-by: Dan Carpenter Closes: https://lore.kernel.org/r/202408130818.FgDP5uNm-lkp@intel.com/ Signed-off-by: Tyrone Ting Reviewed-by: Andi Shyti Signed-off-by: Andi Shyti commit 016b221209f43be864c880c521a3c0e1d9ef1c16 Author: Zhang Zekun Date: Wed Sep 4 20:22:26 2024 +0800 i2c: mpc: Use devm_clk_get_optional_enabled() to simplify code devm_clk_get_optional() and clk_prepare_enable() can be replaced by the helper function devm_clk_get_optional_enabled(). Let's simplify the code by using devm_clk_get_optional_enabled() and avoid calling clk_disable_unprepare(). Signed-off-by: Zhang Zekun Reviewed-by: Chris Packham Signed-off-by: Andi Shyti commit 2259ce0daa739f35d0ef80cfa5eb014cd0f01939 Author: Detlev Casanova Date: Tue Sep 3 11:22:33 2024 -0400 dt-bindings: i2c: i2c-rk3x: Add rk3576 compatible Just like RK356x and RK3588, RK3576 is compatible to the existing rk3399 binding. Signed-off-by: Detlev Casanova Acked-by: Krzysztof Kozlowski Acked-by: Heiko Stuebner Reviewed-by: Andi Shyti Acked-by: Guenter Roeck Reviewed-by: Krzysztof Kozlowski Signed-off-by: Shawn Lin Signed-off-by: Andi Shyti commit 534696e4c0bb7dee8f2ceacb1127ad6549f23f53 Author: Andy Shevchenko Date: Tue Aug 27 18:00:37 2024 +0300 i2c: designware: Consolidate PM ops We have the same (*) PM ops in the PCI and platform drivers. Instead, consolidate that PM ops under exported variable and deduplicate them. *) With the subtle ACPI and P-Unit behaviour differences in PCI case. But this is not a problem as for ACPI we need to take care of the P-Unit semaphore anyway and calling PM ops for PCI makes sense as it might provide specific operation regions in ACPI (however there are no known devices on market that are using it with PCI enabled I2C). Note, the clocks are not in use in the PCI case. Reviewed-by: Andi Shyti Signed-off-by: Andy Shevchenko Tested-by: Sanket Goswami Acked-by: Jarkko Nikula Signed-off-by: Andi Shyti commit 01e00b5db8608400665a9cc20d9a56b2eeec3186 Author: Krzysztof Kozlowski Date: Thu Aug 22 15:27:08 2024 +0200 dt-bindings: i2c: aspeed: drop redundant multi-master 'multi-master' property is defined by core i2c-controller schema in dtschema package, so binding which references it and has unevaluatedProperties:false, does not need to mention it. It is completely redundant here. Suggested-by: Andi Shyti Signed-off-by: Krzysztof Kozlowski Acked-by: Conor Dooley Signed-off-by: Andi Shyti commit 71dacb2565ed9d2839adb8e2a80ef30185c29035 Author: Geert Uytterhoeven Date: Thu Aug 22 16:45:54 2024 +0200 i2c: riic: Simplify unsupported bus speed handling Simplify checking for unsupported bus speeds and reporting errors by factoring out the calculation of the maximum bus speed, and by using the dev_err_probe() helper. While at it, use "%u" for u32, and improve the error message. Signed-off-by: Geert Uytterhoeven Reviewed-by: Claudiu Beznea Tested-by: Claudiu Beznea Reviewed-by: Wolfram Sang Signed-off-by: Andi Shyti commit bc07fb417007b323d34651be20b9135480a947dc Author: Andy Shevchenko Date: Thu Aug 22 20:58:41 2024 +0300 i2c: designware: Remove ->disable() callback Commit 90312351fd1e ("i2c: designware: MASTER mode as separated driver") introduced ->disable() callback but there is no real use for it. Both i2c-designware-master.c and i2c-designware-slave.c set it to the same i2c_dw_disable() and scope is inside the same kernel module. That said, replace the callback by explicitly calling the i2c_dw_disable(). Reviewed-by: Andi Shyti Signed-off-by: Andy Shevchenko Signed-off-by: Andi Shyti commit fd57a3325a779caf53bebb5e725c9a604c3ecea8 Author: Andy Shevchenko Date: Thu Aug 22 20:58:40 2024 +0300 i2c: designware: Move exports to I2C_DW namespaces Reduce scope of the I²C DesignWare driver exports to I2C_DW namespaces. This will prevent abuse of the symbols and clean up global namespace. Reviewed-by: Andi Shyti Signed-off-by: Andy Shevchenko Signed-off-by: Andi Shyti commit 1bc7bb89300f2adbcfdf30361d018ede43ca45f9 Author: Andy Shevchenko Date: Thu Aug 22 20:58:39 2024 +0300 i2c: designware: Unify the firmware type checks Instead of asymmetrical checks for the firmware type use the is_*_node() calls. Reviewed-by: Andi Shyti Reviewed-by: Mario Limonciello Signed-off-by: Andy Shevchenko Signed-off-by: Andi Shyti commit ebe508e42226bd1503fcef076d6d76e81b9dd5f8 Author: Andy Shevchenko Date: Thu Aug 22 20:58:38 2024 +0300 i2c: designware: Consolidate firmware parsing and configuring code We have the same code flows in the PCI and platform drivers. Moreover, the flow requires the common code to export a few functions. Instead, consolidate that flow under new function called i2c_dw_fw_parse_and_configure() and drop unneeded exports. Reviewed-by: Andi Shyti Reviewed-by: Mario Limonciello Signed-off-by: Andy Shevchenko Signed-off-by: Andi Shyti commit 628c248167b548a8774ca0302d70e60caf2ff97e Author: Andy Shevchenko Date: Thu Aug 22 20:58:37 2024 +0300 i2c: designware: Rename dw_i2c_of_configure() -> i2c_dw_of_configure() For the sake of consistency, rename dw_i2c_of_configure() and change its parameter to be aligned with the i2c_dw_acpi_configure(). Reviewed-by: Andi Shyti Reviewed-by: Mario Limonciello Acked-by: Jarkko Nikula Signed-off-by: Andy Shevchenko Signed-off-by: Andi Shyti commit c1a5e6ffdd4f02ca32ef526ad83320cf123f27b8 Author: Krzysztof Kozlowski Date: Tue Aug 20 08:31:24 2024 +0200 dt-bindings: i2c: qcom,i2c-cci: add missing clocks constraint in if:then: Top level defines clocks as variable from 3 to 6 items, so each clause in if:then: should narrow it further with explicit min and maxItems. Without minItems, the constrain from top-level is being applied, thus qcom,msm8996-cci allows between 3 and 4 clocks. Signed-off-by: Krzysztof Kozlowski Acked-by: Conor Dooley Signed-off-by: Andi Shyti commit 3a04293b14a120aa81e678b1b673c178cc5273f2 Author: Krzysztof Kozlowski Date: Tue Aug 20 10:44:26 2024 +0200 dt-bindings: i2c: nvidia,tegra20-i2c: define power-domains top-level Properties are expected to be defined in top-level "properties:" block and further customized in "if:then:". Only one variant has power domains, so add respective top-level property and disallow it for other devices. Signed-off-by: Krzysztof Kozlowski Acked-by: Conor Dooley Signed-off-by: Andi Shyti commit 6d88bb79b46c21b3f415b27cd477bb312737d95e Author: Krzysztof Kozlowski Date: Tue Aug 20 10:44:25 2024 +0200 dt-bindings: i2c: nvidia,tegra20-i2c: restrict also clocks in if:then: Both xxx and xxx-names properties with variable number of items should be constrained in each "if:then:". Add missing constraints for clocks, since we have such for clock-names. Signed-off-by: Krzysztof Kozlowski Acked-by: Conor Dooley Signed-off-by: Andi Shyti commit 13b09d0fe7b65d466f5df9689a0b8e3cea7babe6 Author: Krzysztof Kozlowski Date: Tue Aug 20 10:44:24 2024 +0200 dt-bindings: i2c: nvidia,tegra20-i2c: combine same if:then: clauses "if:then:" block for Tegra114 and Tegra120 I2C controllers has the same "then" part (same clocks), so combine them. Signed-off-by: Krzysztof Kozlowski Acked-by: Conor Dooley Signed-off-by: Andi Shyti commit 3e3c9bea659a48388a7444b6c2c41e967b263a24 Author: Claudiu Beznea Date: Tue Aug 20 13:19:15 2024 +0300 i2c: riic: Add support for fast mode plus Fast mode plus is available on most of the IP variants that RIIC driver is working with. The exception is (according to HW manuals of the SoCs where this IP is available) the Renesas RZ/A1H. For this, patch introduces the struct riic_of_data::fast_mode_plus. Fast mode plus was tested on RZ/G3S, RZ/G2{L,UL,LC}, RZ/Five by instantiating the RIIC frequency to 1MHz and issuing i2c reads on the fast mode plus capable devices (and the i2c clock frequency was checked on RZ/G3S). Signed-off-by: Claudiu Beznea Signed-off-by: Andi Shyti commit caad8883e4202c4ba002b9b1adc62e123f739394 Author: Claudiu Beznea Date: Tue Aug 20 13:19:14 2024 +0300 dt-bindings: i2c: renesas,riic: Document the R9A08G045 support Document the Renesas RZ/G3S (R9A08G045) RIIC IP. This is compatible with the version available on Renesas RZ/V2H (R9A09G075). Acked-by: Conor Dooley Signed-off-by: Claudiu Beznea Signed-off-by: Andi Shyti commit 88c5cf45927bb43328b869b0bda7276e47896c44 Author: Claudiu Beznea Date: Tue Aug 20 13:19:13 2024 +0300 i2c: riic: Define individual arrays to describe the register offsets Define individual arrays to describe the register offsets. In this way we can describe different IP variants that share the same register offsets but have differences in other characteristics. Commit prepares for the addition of fast mode plus. Reviewed-by: Wolfram Sang Signed-off-by: Claudiu Beznea Signed-off-by: Andi Shyti commit 53326135d0e041ebe7d08bf22f82529ae69a096e Author: Claudiu Beznea Date: Tue Aug 20 13:19:12 2024 +0300 i2c: riic: Add suspend/resume support Add suspend/resume support for the RIIC driver. This is necessary for the Renesas RZ/G3S SoC which support suspend to deep sleep state where power to most of the SoC components is turned off. As a result the I2C controller needs to be reconfigured after suspend/resume. For this, the reset line was stored in the driver private data structure as well as i2c timings. The reset line and I2C timings are necessary to re-initialize the controller after resume. Reviewed-by: Andi Shyti Signed-off-by: Claudiu Beznea Signed-off-by: Andi Shyti commit 10d5c8845d36ca71212f588849532c5f484111e4 Author: Claudiu Beznea Date: Tue Aug 20 13:19:11 2024 +0300 i2c: riic: Enable runtime PM autosuspend support Enable runtime PM autosuspend support for the RIIC driver. With this, in case there are consecutive xfer requests the device wouldn't be runtime enabled/disabled after each consecutive xfer but after the the delay configured by user. With this, we can avoid touching hardware registers involved in runtime PM suspend/resume saving in this way some cycles. The default chosen autosuspend delay is zero to keep the previous driver behavior. Reviewed-by: Wolfram Sang Signed-off-by: Claudiu Beznea Signed-off-by: Andi Shyti commit 3149a9cf36cf17411e8564e22ec698b5aa2175c5 Author: Claudiu Beznea Date: Tue Aug 20 13:19:10 2024 +0300 i2c: riic: Use pm_runtime_resume_and_get() pm_runtime_get_sync() may return with error. In case it returns with error dev->power.usage_count needs to be decremented. pm_runtime_resume_and_get() takes care of this. Thus use it. Reviewed-by: Wolfram Sang Signed-off-by: Claudiu Beznea Signed-off-by: Andi Shyti commit a1ecb041589017ce4e03d92f3b9a92a2a8a37ceb Author: Claudiu Beznea Date: Tue Aug 20 13:19:09 2024 +0300 i2c: riic: Call pm_runtime_get_sync() when need to access registers There is no need to runtime resume the device as long as the IP registers are not accessed. Calling pm_runtime_get_sync() at the register access time leads to a simpler error path. Reviewed-by: Andi Shyti Reviewed-by: Wolfram Sang Signed-off-by: Claudiu Beznea Signed-off-by: Andi Shyti commit b42ed9fd6cd111a312e4ef35d9a417756f581bef Author: Claudiu Beznea Date: Tue Aug 20 13:19:08 2024 +0300 i2c: riic: Use temporary variable for struct device Use a temporary variable for the struct device pointers to avoid dereferencing. Reviewed-by: Wolfram Sang Signed-off-by: Claudiu Beznea Signed-off-by: Andi Shyti commit 982959ffabfc34f9d8b2cc2d112c62b5ddef2bd6 Author: Andy Shevchenko Date: Mon Aug 19 21:45:13 2024 +0300 i2c: designware: Drop return value from dw_i2c_of_configure() dw_i2c_of_configure() is called without checking of the returned value, hence just drop it by converting to void. Reviewed-by: Andi Shyti Reviewed-by: Mario Limonciello Acked-by: Jarkko Nikula Signed-off-by: Andy Shevchenko Signed-off-by: Andi Shyti commit 5674e089bd9c093e253175436cfeac43c42203e4 Author: Andy Shevchenko Date: Mon Aug 19 21:45:12 2024 +0300 i2c: designware: Drop return value from i2c_dw_acpi_configure() i2c_dw_acpi_configure() is called without checking of the returned value, hence just drop it by converting to void. Reviewed-by: Andi Shyti Acked-by: Jarkko Nikula Signed-off-by: Andy Shevchenko Signed-off-by: Andi Shyti commit f2330bfbdd5765c01b01b79d7e81e2ad08b0a375 Author: Andy Shevchenko Date: Mon Aug 19 21:45:11 2024 +0300 i2c: designware: Always provide device ID tables There is no need to have ugly ifdeffery and additional macros for the device ID tables. Always provide them. Since we touch the ACPI table, make it sorted by ID. Reviewed-by: Andi Shyti Reviewed-by: Mario Limonciello Acked-by: Jarkko Nikula Signed-off-by: Andy Shevchenko Signed-off-by: Andi Shyti commit 949e9cde4164a39490c5074e6bb86b39edf0653e Author: Andy Shevchenko Date: Mon Aug 19 21:45:10 2024 +0300 i2c: designware: Unify terminator in device ID tables Make the terminator entry look the same in all device ID tables. Reviewed-by: Mario Limonciello Acked-by: Jarkko Nikula Reviewed-by: Andi Shyti Signed-off-by: Andy Shevchenko Signed-off-by: Andi Shyti commit fdc9be121005b17d492082dd840466a1165f3a7a Author: Andy Shevchenko Date: Mon Aug 19 21:45:09 2024 +0300 i2c: designware: Add missing 'c' into PCI IDs variable name Add missing 'c' into i2c_designware_pci_ids variable name. Acked-by: Jarkko Nikula Signed-off-by: Andy Shevchenko Reviewed-by: Andi Shyti Signed-off-by: Andi Shyti commit c2587420fe65391884389a7b90d0040d6a9c2312 Author: Andy Shevchenko Date: Mon Aug 19 21:45:08 2024 +0300 i2c: designware: Let PCI core to take care about interrupt vectors PCI core, after pcim_enable_device(), takes care about the allocated IRQ vectors, no need to do it explicitly and break the cleaning up order. Reviewed-by: Andi Shyti Signed-off-by: Andy Shevchenko Acked-by: Jarkko Nikula Tested-by: Jarkko Nikula Signed-off-by: Andi Shyti commit 1a2b14e9cedae93e73222a77ce474a99eb7e3eaa Author: Andy Shevchenko Date: Mon Aug 19 21:45:07 2024 +0300 i2c: designware: Replace a while-loop by for-loop Replace a while-loop by for-loop in i2c_dw_probe_lock_support() to save a few lines of code. Reviewed-by: Mario Limonciello Acked-by: Jarkko Nikula Reviewed-by: Andi Shyti Signed-off-by: Andy Shevchenko Signed-off-by: Andi Shyti commit 23cc961a08591976eb17ca8552a602425b1a780d Author: Andi Shyti Date: Mon Aug 12 21:40:29 2024 +0200 i2c: qcom-geni: Use goto for clearer exit path Refactor the code by using goto statements to reduce duplication and make the exit path clearer. Signed-off-by: Andi Shyti commit 2d30c638f98408c0d2ad5a8c3b2421328aa30213 Author: Fabio Estevam Date: Wed Aug 7 15:14:56 2024 -0300 i2c: imx: Switch to RUNTIME_PM_OPS() Replace SET_RUNTIME_PM_OPS() with its modern RUNTIME_PM_OPS() alternative. The combined usage of pm_ptr() and RUNTIME_PM_OPS() allows the compiler to evaluate if the runtime suspend/resume() functions are used at build time or are simply dead code. This allows removing the __maybe_unused notation from the runtime suspend/resume() functions. Signed-off-by: Fabio Estevam Acked-by: Oleksij Rempel Signed-off-by: Andi Shyti commit ab5bd055e4dbb849d5d77c9a6d908e6f3bed58ed Author: AngeloGioacchino Del Regno Date: Tue Aug 6 11:45:37 2024 +0200 i2c: mt65xx: Avoid double initialization of restart_flag in isr In the mtk_i2c_irq() handler, variable restart_flag is initialized to zero and then reassigned with I2C_RS_TRANSFER if and only if auto_restart is enabled. Avoid a double initialization of this variable by transferring the auto_restart check to the restart_flag declaration. This commit brings no functional changes. Signed-off-by: AngeloGioacchino Del Regno Signed-off-by: Andi Shyti commit 1dc8baa408a2e873f69fc356fbbc0bddb7813839 Author: Wolfram Sang Date: Wed Jul 31 00:01:59 2024 +0200 i2c: don't use ',' after delimiters Delimiters are meant to be last, no need for a ',' there. Remove a superfluous newline in the ali1535 driver while here. Signed-off-by: Wolfram Sang Acked-by: Andrew Jeffery Signed-off-by: Andi Shyti commit 4fec76e0985c638f3b9bb628a28b79b1658ffcca Author: Adrian Huang Date: Fri Aug 2 21:01:43 2024 +0800 i2c: designware: Fix wrong setting for {ss,fs,hs}_{h,l}cnt registers When disabling CONFIG_X86_AMD_PLATFORM_DEVICE option, the driver 'drivers/acpi/acpi_apd.c' won't be compiled. This leads to a situation where BMC (Baseboard Management Controller) cannot retrieve the memory temperature via the i2c interface after i2c DW driver is loaded. Note that BMC can retrieve the memory temperature before booting into OS. [Debugging Detail] 1. dev->pclk and dev->clk are NULL when calling devm_clk_get_optional() in dw_i2c_plat_probe(). 2. The callings of i2c_dw_scl_hcnt() in i2c_dw_set_timings_master() return 65528 (-8 in integer format) or 65533 (-3 in integer format). The following log shows SS's HCNT/LCNT: i2c_designware AMDI0010:01: Standard Mode HCNT:LCNT = 65533:65535 3. The callings of i2c_dw_scl_lcnt() in i2c_dw_set_timings_master() return 65535 (-1 in integer format). The following log shows SS's HCNT/LCNT: i2c_designware AMDI0010:01: Fast Mode HCNT:LCNT = 65533:65535 4. i2c_dw_init_master() configures the register IC_SS_SCL_HCNT with the value 65533. However, the DW i2c databook mentioned the value cannot be higher than 65525. Quote from the DW i2c databook: NOTE: This register must not be programmed to a value higher than 65525, because DW_apb_i2c uses a 16-bit counter to flag an I2C bus idle condition when this counter reaches a value of IC_SS_SCL_HCNT + 10. 5. Since ss_hcnt, ss_lcnt, fs_hcnt, and fs_lcnt are the invalid values, we should not write the corresponding registers. Fix the issue by reading dev->{ss,fs,hs}_hcnt and dev->{ss,fs,hs}_lcnt from HW registers if ic_clk is not set. Reported-by: Dong Wang Suggested-by: Jarkko Nikula Signed-off-by: Adrian Huang Tested-by: Dong Wang Acked-by: Jarkko Nikula Signed-off-by: Andi Shyti Link: https://lore.kernel.org/linux-i2c/8295cbe1-a7c5-4a35-a189-5d0bff51ede6@linux.intel.com/ commit c790f2bafb7a17d97c49c17607fa2ff919891f51 Author: Arnaldo Carvalho de Melo Date: Mon Sep 9 16:57:22 2024 -0300 perf trace: Introduce SCA_TIMESPEC_FROM_USER() to set .from_user = true Paving the way for the generic BPF BTF based syscall arg augmenter. Cc: Adrian Hunter Cc: Howard Chu Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Signed-off-by: Arnaldo Carvalho de Melo commit be14a71984e16b95ff725dbda19899868c5ec8a6 Author: Arnaldo Carvalho de Melo Date: Mon Sep 9 16:57:22 2024 -0300 perf trace: Introduce SCA_SOCKADDR_FROM_USER() to set .from_user = true Paving the way for the generic BPF BTF based syscall arg augmenter. Cc: Adrian Hunter Cc: Howard Chu Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Signed-off-by: Arnaldo Carvalho de Melo commit 690eda6508c23023586ab81b11cae86476754d0b Author: Arnaldo Carvalho de Melo Date: Mon Sep 9 16:57:22 2024 -0300 perf trace: Introduce SCA_PERF_ATTR_FROM_USER() to set .from_user = true Paving the way for the generic BPF BTF based syscall arg augmenter. Cc: Adrian Hunter Cc: Howard Chu Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Signed-off-by: Arnaldo Carvalho de Melo commit 2f2e439ba56f45b9d8aff300b39fa0bfa49ec2d8 Author: Arnaldo Carvalho de Melo Date: Mon Sep 9 16:29:44 2024 -0300 perf trace: Mark which syscall arguments go from user space to kernel space We need to know where to collect it in the BPF augmenters, if in the sys_enter hook or in the sys_exit hook. Start with the SCA_FILENAME one, that is just from user to kernel space. The alternative, better, but takes a bit more time than I have now, is to use the __user information that is already in the syscall args and encoded in BTF via a tag, do it later. Cc: Adrian Hunter Cc: Howard Chu Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Signed-off-by: Arnaldo Carvalho de Melo commit c90a88d33a23a8b3c58ee0e1d18d7392244b9b03 Author: Arnaldo Carvalho de Melo Date: Fri Sep 6 16:26:45 2024 -0300 perf trace: Use a common encoding for augmented arguments, with size + error + payload We were using a more compact format, without explicitely encoding the size and possible error in the payload for an argument. To do it generically, at least as Howard Chu did in his GSoC activities, it is more convenient to use the same model that was being used for string arguments, passing { size, error, payload }. So use that for the non string syscall args we have so far: struct timespec struct perf_event_attr struct sockaddr (this one has even a variable size) With this in place we have the userspace pretty printers: perf_event_attr___scnprintf() syscall_arg__scnprintf_augmented_sockaddr() syscall_arg__scnprintf_augmented_timespec() Ready to have the generic BPF collector in tools/perf/util/bpf_skel/augmented_raw_syscalls.bpf.c sending its generic payload and thus we'll use them instead of a generic libbpf btf_dump interface that doesn't know about about the sockaddr mux, perf_event_attr non-trivial fields (sample_type, etc), leaving it as a (useful) fallback that prints just basic types until we put in place a more sophisticated pretty printer infrastructure that associates synthesized enums to struct fields using the header scrapers we have in tools/perf/trace/beauty/, some of them in this list: $ ls tools/perf/trace/beauty/*.sh tools/perf/trace/beauty/arch_errno_names.sh tools/perf/trace/beauty/kcmp_type.sh tools/perf/trace/beauty/perf_ioctl.sh tools/perf/trace/beauty/statx_mask.sh tools/perf/trace/beauty/clone.sh tools/perf/trace/beauty/kvm_ioctl.sh tools/perf/trace/beauty/pkey_alloc_access_rights.sh tools/perf/trace/beauty/sync_file_range.sh tools/perf/trace/beauty/drm_ioctl.sh tools/perf/trace/beauty/madvise_behavior.sh tools/perf/trace/beauty/prctl_option.sh tools/perf/trace/beauty/usbdevfs_ioctl.sh tools/perf/trace/beauty/fadvise.sh tools/perf/trace/beauty/mmap_flags.sh tools/perf/trace/beauty/rename_flags.sh tools/perf/trace/beauty/vhost_virtio_ioctl.sh tools/perf/trace/beauty/fs_at_flags.sh tools/perf/trace/beauty/mmap_prot.sh tools/perf/trace/beauty/sndrv_ctl_ioctl.sh tools/perf/trace/beauty/x86_arch_prctl.sh tools/perf/trace/beauty/fsconfig.sh tools/perf/trace/beauty/mount_flags.sh tools/perf/trace/beauty/sndrv_pcm_ioctl.sh tools/perf/trace/beauty/fsmount.sh tools/perf/trace/beauty/move_mount_flags.sh tools/perf/trace/beauty/sockaddr.sh tools/perf/trace/beauty/fspick.sh tools/perf/trace/beauty/mremap_flags.sh tools/perf/trace/beauty/socket.sh $ Testing it: root@number:~# rm -f 987654 ; touch 123456 ; perf trace -e rename* mv 123456 987654 0.000 ( 0.031 ms): mv/1193096 renameat2(olddfd: CWD, oldname: "123456", newdfd: CWD, newname: "987654", flags: NOREPLACE) = 0 root@number:~# perf trace -e *nanosleep sleep 1.2345678901 0.000 (1234.654 ms): sleep/1192697 clock_nanosleep(rqtp: { .tv_sec: 1, .tv_nsec: 234567891 }, rmtp: 0x7ffe1ea80460) = 0 root@number:~# perf trace -e perf_event_open* perf stat -e cpu-clock sleep 1 0.000 ( 0.011 ms): perf/1192701 perf_event_open(attr_uptr: { type: 1 (software), size: 136, config: 0 (PERF_COUNT_SW_CPU_CLOCK), sample_type: IDENTIFIER, read_format: TOTAL_TIME_ENABLED|TOTAL_TIME_RUNNING, disabled: 1, inherit: 1, enable_on_exec: 1, exclude_guest: 1 }, pid: 1192702 (perf), cpu: -1, group_fd: -1, flags: FD_CLOEXEC) = 3 Performance counter stats for 'sleep 1': 0.51 msec cpu-clock # 0.001 CPUs utilized 1.001242090 seconds time elapsed 0.000000000 seconds user 0.001010000 seconds sys root@number:~# perf trace -e connect* ping -c 1 bsky.app 0.000 ( 0.130 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: LOCAL, path: /run/systemd/resolve/io.systemd.Resolve }, addrlen: 42) = 0 23.907 ( 0.006 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: INET, port: 0, addr: 3.20.108.158 }, addrlen: 16) = 0 23.915 PING bsky.app (3.20.108.158) 56(84) bytes of data. ( 0.001 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: UNSPEC }, addrlen: 16) = 0 23.917 ( 0.002 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: INET, port: 0, addr: 3.12.170.30 }, addrlen: 16) = 0 23.921 ( 0.001 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: UNSPEC }, addrlen: 16) = 0 23.923 ( 0.001 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: INET, port: 0, addr: 18.217.70.179 }, addrlen: 16) = 0 23.925 ( 0.001 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: UNSPEC }, addrlen: 16) = 0 23.927 ( 0.001 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: INET, port: 0, addr: 3.132.20.46 }, addrlen: 16) = 0 23.930 ( 0.001 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: UNSPEC }, addrlen: 16) = 0 23.931 ( 0.001 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: INET, port: 0, addr: 3.142.89.165 }, addrlen: 16) = 0 23.934 ( 0.001 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: UNSPEC }, addrlen: 16) = 0 23.935 ( 0.002 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: INET, port: 0, addr: 18.119.147.159 }, addrlen: 16) = 0 23.938 ( 0.001 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: UNSPEC }, addrlen: 16) = 0 23.940 ( 0.001 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: INET, port: 0, addr: 3.22.38.164 }, addrlen: 16) = 0 23.942 ( 0.001 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: UNSPEC }, addrlen: 16) = 0 23.944 ( 0.001 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: INET, port: 0, addr: 3.13.14.133 }, addrlen: 16) = 0 23.956 ( 0.001 ms): ping/1192740 connect(fd: 5, uservaddr: { .family: INET, port: 1025, addr: 3.20.108.158 }, addrlen: 16) = 0 ^C --- bsky.app ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms root@number:~# Reviewed-by: Ian Rogers Cc: Adrian Hunter Cc: Howard Chu Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/CAP-5=fW4=2GoP6foAN6qbrCiUzy0a_TzHbd8rvDsakTPfdzvfg@mail.gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit c1632cc5ed386cc8d85693ef578a106f4fb1932c Author: Arnaldo Carvalho de Melo Date: Fri Sep 6 15:37:43 2024 -0300 perf trace augmented_syscalls.bpf: Move the renameat aumenter to renameat2, temporarily While trying to shape Howard Chu's generic BPF augmenter transition into the codebase I got stuck with the renameat2 syscall. Until I noticed that the attempt at reusing augmenters were making it use the 'openat' syscall augmenter, that collect just one string syscall arg, for the 'renameat2' syscall, that takes two strings. So, for the moment, just to help in this transition period, since 'renameat2' is what is used these days in the 'mv' utility, just make the BPF collector be associated with the more widely used syscall, hopefully the transition to Howard's generic BPF augmenter will cure this, so get this out of the way for now! So now we still have that odd "reuse", but for something we're not testing so won't get in the way anymore: root@number:~# rm -f 987654 ; touch 123456 ; perf trace -vv -e rename* mv 123456 987654 |& grep renameat Reusing "openat" BPF sys_enter augmenter for "renameat" 0.000 ( 0.079 ms): mv/1158612 renameat2(olddfd: CWD, oldname: "123456", newdfd: CWD, newname: "987654", flags: NOREPLACE) = 0 root@number:~# Reviewed-by: Ian Rogers Cc: Adrian Hunter Cc: Howard Chu Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/CAP-5=fXjGYs=tpBgETK-P9U-CuXssytk9pSnTXpfphrmmOydWA@mail.gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit fb497d6db7c19c797cbd694b52d1af87c4eebcc6 Author: Liam R. Howlett Date: Wed Sep 4 17:12:04 2024 -0700 mm/damon/vaddr: protect vma traversal in __damon_va_thre_regions() with rcu read lock Traversing VMAs of a given maple tree should be protected by rcu read lock. However, __damon_va_three_regions() is not doing the protection. Hold the lock. Link: https://lkml.kernel.org/r/20240905001204.1481-1-sj@kernel.org Fixes: d0cf3dd47f0d ("damon: convert __damon_va_three_regions to use the VMA iterator") Signed-off-by: Liam R. Howlett Signed-off-by: SeongJae Park Reported-by: Guenter Roeck Closes: https://lore.kernel.org/b83651a0-5b24-4206-b860-cb54ffdf209b@roeck-us.net Tested-by: Guenter Roeck Cc: David Hildenbrand Cc: Matthew Wilcox Cc: Signed-off-by: Andrew Morton commit 0885ef4705607936fc36a38fd74356e1c465b023 Author: Chris Li Date: Thu Sep 5 01:08:17 2024 -0700 mm: vmscan.c: fix OOM on swap stress test I found a regression on mm-unstable during my swap stress test, using tmpfs to compile linux. The test OOM very soon after the make spawns many cc processes. It bisects down to this change: 33dfe9204f29b415bbc0abb1a50642d1ba94f5e9 (mm/gup: clear the LRU flag of a page before adding to LRU batch) Yu Zhao propose the fix: "I think this is one of the potential side effects -- Huge mentioned earlier about isolate_lru_folios():" I test that with it the swap stress test no longer OOM. Link: https://lore.kernel.org/r/CAOUHufYi9h0kz5uW3LHHS3ZrVwEq-kKp8S6N-MZUmErNAXoXmw@mail.gmail.com/ Link: https://lkml.kernel.org/r/20240905-lru-flag-v2-1-8a2d9046c594@kernel.org Fixes: 33dfe9204f29 ("mm/gup: clear the LRU flag of a page before adding to LRU batch") Signed-off-by: Chris Li Suggested-by: Yu Zhao Suggested-by: Hugh Dickins Closes: https://lore.kernel.org/all/CAF8kJuNP5iTj2p07QgHSGOJsiUfYpJ2f4R1Q5-3BN9JiD9W_KA@mail.gmail.com/ Signed-off-by: Andrew Morton commit 35fccce29feb3706f649726d410122dd81b92c18 Author: Joseph Qi Date: Wed Sep 4 15:10:03 2024 +0800 ocfs2: cancel dqi_sync_work before freeing oinfo ocfs2_global_read_info() will initialize and schedule dqi_sync_work at the end, if error occurs after successfully reading global quota, it will trigger the following warning with CONFIG_DEBUG_OBJECTS_* enabled: ODEBUG: free active (active state 0) object: 00000000d8b0ce28 object type: timer_list hint: qsync_work_fn+0x0/0x16c This reports that there is an active delayed work when freeing oinfo in error handling, so cancel dqi_sync_work first. BTW, return status instead of -1 when .read_file_info fails. Link: https://syzkaller.appspot.com/bug?extid=f7af59df5d6b25f0febd Link: https://lkml.kernel.org/r/20240904071004.2067695-1-joseph.qi@linux.alibaba.com Fixes: 171bf93ce11f ("ocfs2: Periodic quota syncing") Signed-off-by: Joseph Qi Reviewed-by: Heming Zhao Reported-by: syzbot+f7af59df5d6b25f0febd@syzkaller.appspotmail.com Tested-by: syzbot+f7af59df5d6b25f0febd@syzkaller.appspotmail.com Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Cc: Changwei Ge Cc: Gang He Cc: Jun Piao Cc: Signed-off-by: Andrew Morton commit 33b525cef4cff49e216e4133cc48452e11c0391e Author: Lizhi Xu Date: Mon Sep 2 10:36:36 2024 +0800 ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate When doing cleanup, if flags without OCFS2_BH_READAHEAD, it may trigger NULL pointer dereference in the following ocfs2_set_buffer_uptodate() if bh is NULL. Link: https://lkml.kernel.org/r/20240902023636.1843422-3-joseph.qi@linux.alibaba.com Fixes: cf76c78595ca ("ocfs2: don't put and assigning null to bh allocated outside") Signed-off-by: Lizhi Xu Signed-off-by: Joseph Qi Reviewed-by: Joseph Qi Reported-by: Heming Zhao Suggested-by: Heming Zhao Cc: [4.20+] Cc: Changwei Ge Cc: Gang He Cc: Joel Becker Cc: Jun Piao Cc: Junxiao Bi Cc: Mark Fasheh Signed-off-by: Andrew Morton commit c03a82b4a0c935774afa01fd6d128b444fd930a1 Author: Lizhi Xu Date: Mon Sep 2 10:36:35 2024 +0800 ocfs2: remove unreasonable unlock in ocfs2_read_blocks Patch series "Misc fixes for ocfs2_read_blocks", v5. This series contains 2 fixes for ocfs2_read_blocks(). The first patch fix the issue reported by syzbot, which detects bad unlock balance in ocfs2_read_blocks(). The second patch fixes an issue reported by Heming Zhao when reviewing above fix. This patch (of 2): There was a lock release before exiting, so remove the unreasonable unlock. Link: https://lkml.kernel.org/r/20240902023636.1843422-1-joseph.qi@linux.alibaba.com Link: https://lkml.kernel.org/r/20240902023636.1843422-2-joseph.qi@linux.alibaba.com Fixes: cf76c78595ca ("ocfs2: don't put and assigning null to bh allocated outside") Signed-off-by: Lizhi Xu Signed-off-by: Joseph Qi Reviewed-by: Heming Zhao Reviewed-by: Joseph Qi Reported-by: syzbot+ab134185af9ef88dfed5@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=ab134185af9ef88dfed5 Tested-by: syzbot+ab134185af9ef88dfed5@syzkaller.appspotmail.com Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Cc: Changwei Ge Cc: Gang He Cc: Jun Piao Cc: [4.20+] Signed-off-by: Andrew Morton commit 5784d9fcfd43bd853654bb80c87ef293b9e8e80a Author: Julian Sun Date: Mon Sep 2 11:08:44 2024 +0800 ocfs2: fix null-ptr-deref when journal load failed. During the mounting process, if journal_reset() fails because of too short journal, then lead to jbd2_journal_load() fails with NULL j_sb_buffer. Subsequently, ocfs2_journal_shutdown() calls jbd2_journal_flush()->jbd2_cleanup_journal_tail()-> __jbd2_update_log_tail()->jbd2_journal_update_sb_log_tail() ->lock_buffer(journal->j_sb_buffer), resulting in a null-pointer dereference error. To resolve this issue, we should check the JBD2_LOADED flag to ensure the journal was properly loaded. Additionally, use journal instead of osb->journal directly to simplify the code. Link: https://syzkaller.appspot.com/bug?extid=05b9b39d8bdfe1a0861f Link: https://lkml.kernel.org/r/20240902030844.422725-1-sunjunchao2870@gmail.com Fixes: f6f50e28f0cb ("jbd2: Fail to load a journal if it is too short") Signed-off-by: Julian Sun Reported-by: syzbot+05b9b39d8bdfe1a0861f@syzkaller.appspotmail.com Suggested-by: Joseph Qi Reviewed-by: Joseph Qi Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Cc: Changwei Ge Cc: Gang He Cc: Jun Piao Cc: Signed-off-by: Andrew Morton commit 4500f510d9bb4e8e283fb249a7adb4ecd6136f26 Author: Arnd Bergmann Date: Mon Sep 9 12:11:05 2024 +0000 clk: rockchip: remove unused mclk_pdm0_p/pdm0_p definitions When -Wunused-const-variable is enabled (not the default), there is a warning about two definitions in this file: In file included from drivers/clk/rockchip/clk-rk3576.c:14: drivers/clk/rockchip/clk-rk3576.c:334:7: error: 'mclk_pdm0_p' defined but not used [-Werror=unused-const-variable=] 334 | PNAME(mclk_pdm0_p) = { "mclk_pdm0_src_top", "xin24m" }; | ^~~~~~~~~~~ drivers/clk/rockchip/clk.h:564:43: note: in definition of macro 'PNAME' 564 | #define PNAME(x) static const char *const x[] __initconst | ^ drivers/clk/rockchip/clk-rk3576.c:333:7: error: 'pdm0_p' defined but not used [-Werror=unused-const-variable=] 333 | PNAME(pdm0_p) = { "clk_pdm0_src_top", "xin24m" }; | ^~~~~~ drivers/clk/rockchip/clk.h:564:43: note: in definition of macro 'PNAME' 564 | #define PNAME(x) static const char *const x[] __initconst | ^ Remove them for the moment. If they are needed later, they can be added back at that point. Fixes: cc40f5baa91b ("clk: rockchip: Add clock controller for the RK3576") Signed-off-by: Arnd Bergmann Link: https://lore.kernel.org/r/20240909121116.254036-1-arnd@kernel.org Signed-off-by: Stephen Boyd commit 16faf8cb4c1a82ffd799268197a42a214b1dcbbf Merge: 43fbb2c702663d 36fa259b214c37 Author: Mark Brown Date: Mon Sep 9 22:02:08 2024 +0100 ASoC: mt8365: Fix -Werror builds Merge series from Mark Brown : Nathan reported that the newly added mt8365 drivers were causing a number of warnings which break -Werror builds, these were only visible on arm64 since the drivers did not have COMPILE_TEST enabled. Fix this and some other minor stuff I noticed while doing so. commit 43fbb2c702663d7af844ee952aec224a0e059e26 Merge: 130af75b5c05ee 4c22b04e116e11 Author: Mark Brown Date: Mon Sep 9 22:02:01 2024 +0100 ASoC: loongson: Simplify code formatting Merge series from Binbin Zhou : This patchset attempts to improve code readability by simplifying code formatting. No functional changes. commit df947ad4cc0b6cf8a6e8dffb3b9095915253b8c8 Merge: 8400291e289ee6 12fd64babaca4d Author: Stephen Boyd Date: Mon Sep 9 13:58:25 2024 -0700 Merge tag 'v6.12-rockchip-clk1' of git://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip into clk-rockchip Pull Rockchip clk driver updates from Heiko Stübner: - Get rid of CLK_NR_CLKS defines in Rockchip DT binding headers - New clock controller driver for the rk3576 - Some fixes for rk3228 and rk3588 * tag 'v6.12-rockchip-clk1' of git://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip: clk: rockchip: fix error for unknown clocks clk: rockchip: rk3588: drop unused code clk: rockchip: Add clock controller for the RK3576 clk: rockchip: Add new pll type pll_rk3588_ddr dt-bindings: clock, reset: Add support for rk3576 dt-bindings: clock: rockchip,rk3588-cru: drop unneeded assigned-clocks clk: rockchip: rk3588: Fix 32k clock name for pmu_24m_32k_100m_src_p dt-bindings: clock: rockchip: remove CLK_NR_CLKS and CLKPMU_NR_CLKS clk: rockchip: rk3399: Drop CLK_NR_CLKS CLKPMU_NR_CLKS usage clk: rockchip: rk3368: Drop CLK_NR_CLKS usage clk: rockchip: rk3328: Drop CLK_NR_CLKS usage clk: rockchip: rk3308: Drop CLK_NR_CLKS usage clk: rockchip: rk3288: Drop CLK_NR_CLKS usage clk: rockchip: rk3228: Drop CLK_NR_CLKS usage clk: rockchip: rk3036: Drop CLK_NR_CLKS usage clk: rockchip: px30: Drop CLK_NR_CLKS CLKPMU_NR_CLKS usage clk: rockchip: Set parent rate for DCLK_VOP clock on RK3228 commit 9c4a27da0ecc4080dfcd63903dd94f01ba1399dd Author: Joshua Hay Date: Wed Sep 4 17:47:48 2024 +0200 idpf: enable WB_ON_ITR Tell hardware to write back completed descriptors even when interrupts are disabled. Otherwise, descriptors might not be written back until the hardware can flush a full cacheline of descriptors. This can cause unnecessary delays when traffic is light (or even trigger Tx queue timeout). The example scenario to reproduce the Tx timeout if the fix is not applied: - configure at least 2 Tx queues to be assigned to the same q_vector, - generate a huge Tx traffic on the first Tx queue - try to send a few packets using the second Tx queue. In such a case Tx timeout will appear on the second Tx queue because no completion descriptors are written back for that queue while interrupts are disabled due to NAPI polling. Fixes: c2d548cad150 ("idpf: add TX splitq napi poll support") Fixes: a5ab9ee0df0b ("idpf: add singleq start_xmit and napi poll") Signed-off-by: Joshua Hay Co-developed-by: Michal Kubiak Signed-off-by: Michal Kubiak Reviewed-by: Przemek Kitszel Signed-off-by: Alexander Lobakin Signed-off-by: Tony Nguyen commit e4b398dd82f5d5867bc5f442c43abc8fba30ed2c Author: Michal Kubiak Date: Wed Sep 4 17:47:47 2024 +0200 idpf: fix netdev Tx queue stop/wake netif_txq_maybe_stop() returns -1, 0, or 1, while idpf_tx_maybe_stop_common() says it returns 0 or -EBUSY. As a result, there sometimes are Tx queue timeout warnings despite that the queue is empty or there is at least enough space to restart it. Make idpf_tx_maybe_stop_common() inline and returning true or false, handling the return of netif_txq_maybe_stop() properly. Use a correct goto in idpf_tx_maybe_stop_splitq() to avoid stopping the queue or incrementing the stops counter twice. Fixes: 6818c4d5b3c2 ("idpf: add splitq start_xmit") Fixes: a5ab9ee0df0b ("idpf: add singleq start_xmit and napi poll") Cc: stable@vger.kernel.org # 6.7+ Signed-off-by: Michal Kubiak Reviewed-by: Przemek Kitszel Signed-off-by: Alexander Lobakin Signed-off-by: Tony Nguyen commit 24eb35b15152ed6a2473019413b86b8f1c9714be Author: Joshua Hay Date: Wed Sep 4 17:47:46 2024 +0200 idpf: refactor Tx completion routines Add a mechanism to guard against stashing partial packets into the hash table to make the driver more robust, with more efficient decision making when cleaning. Don't stash partial packets. This can happen when an RE (Report Event) completion is received in flow scheduling mode, or when an out of order RS (Report Status) completion is received. The first buffer with the skb is stashed, but some or all of its frags are not because the stack is out of reserve buffers. This leaves the ring in a weird state since the frags are still on the ring. Use the field libeth_sqe::nr_frags to track the number of fragments/tx_bufs representing the packet. The clean routines check to make sure there are enough reserve buffers on the stack before stashing any part of the packet. If there are not, next_to_clean is left pointing to the first buffer of the packet that failed to be stashed. This leaves the whole packet on the ring, and the next time around, cleaning will start from this packet. An RS completion is still expected for this packet in either case. So instead of being cleaned from the hash table, it will be cleaned from the ring directly. This should all still be fine since the DESC_UNUSED and BUFS_UNUSED will reflect the state of the ring. If we ever fall below the thresholds, the TxQ will still be stopped, giving the completion queue time to catch up. This may lead to stopping the queue more frequently, but it guarantees the Tx ring will always be in a good state. Also, always use the idpf_tx_splitq_clean function to clean descriptors, i.e. use it from clean_buf_ring as well. This way we avoid duplicating the logic and make sure we're using the same reserve buffers guard rail. This does require a switch from the s16 next_to_clean overflow descriptor ring wrap calculation to u16 and the normal ring size check. Signed-off-by: Joshua Hay Reviewed-by: Przemek Kitszel Signed-off-by: Alexander Lobakin Signed-off-by: Tony Nguyen commit 3dc95a3edd0a86b4a59670b3fafcc64c7d83e2e7 Author: Alexander Lobakin Date: Wed Sep 4 17:47:45 2024 +0200 netdevice: add netdev_tx_reset_subqueue() shorthand Add a shorthand similar to other net*_subqueue() helpers for resetting the queue by its index w/o obtaining &netdev_tx_queue beforehand manually. Reviewed-by: Przemek Kitszel Signed-off-by: Alexander Lobakin Signed-off-by: Tony Nguyen commit d9028db618a63e4bbe63eb56c0b0db2b4cb924bc Author: Alexander Lobakin Date: Wed Sep 4 17:47:44 2024 +0200 idpf: convert to libeth Tx buffer completion &idpf_tx_buffer is almost identical to the previous generations, as well as the way it's handled. Moreover, relying on dma_unmap_addr() and !!buf->skb instead of explicit defining of buffer's type was never good. Use the newly added libeth helpers to do it properly and reduce the copy-paste around the Tx code. Reviewed-by: Przemek Kitszel Signed-off-by: Alexander Lobakin Signed-off-by: Tony Nguyen commit 080d72f471c86f8906845bc822051f5790d0a90d Author: Alexander Lobakin Date: Wed Sep 4 17:47:43 2024 +0200 libeth: add Tx buffer completion helpers Software-side Tx buffers for storing DMA, frame size, skb pointers etc. are pretty much generic and every driver defines them the same way. The same can be said for software Tx completions -- same napi_consume_skb()s and all that... Add a couple simple wrappers for doing that to stop repeating the old tale at least within the Intel code. Drivers are free to use 'priv' member at the end of the structure. Reviewed-by: Przemek Kitszel Signed-off-by: Alexander Lobakin Signed-off-by: Tony Nguyen commit 63a68ee1c27f5d1a17b78a2c937b86b0fb1fd99a Author: Christophe JAILLET Date: Mon Sep 9 20:56:19 2024 +0200 regulator: tps6287x: Constify struct regulator_desc 'struct regulator_desc' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increases overall security, especially when the structure holds some function pointers. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 4974 736 16 5726 165e drivers/regulator/tps6287x-regulator.o After: ===== text data bss dec hex filename 5294 416 16 5726 165e drivers/regulator/tps6287x-regulator.o -- Compile tested only Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/7727e493490d37775a653905dfe0cc1d8478f8e0.1725908163.git.christophe.jaillet@wanadoo.fr Signed-off-by: Mark Brown commit 48cc042bd68e0225f1e6b137452e3d867e7c0942 Author: Christophe JAILLET Date: Mon Sep 9 20:35:08 2024 +0200 regulator: wm8400: Constify struct regulator_desc 'struct regulator_desc' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increases overall security, especially when the structure holds some function pointers. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 4419 2512 0 6931 1b13 drivers/regulator/wm8400-regulator.o After: ===== text data bss dec hex filename 6307 624 0 6931 1b13 drivers/regulator/wm8400-regulator.o -- Compile tested only Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/fde33ecfd9bbdbdc1da1620c9f3b1b7a72f9d805.1725906876.git.christophe.jaillet@wanadoo.fr Signed-off-by: Mark Brown commit addf89774e48c992316449ffab4f29c2309ebefb Author: Jinjie Ruan Date: Mon Sep 9 21:17:40 2024 +0800 ieee802154: Fix build error If REGMAP_SPI is m and IEEE802154_MCR20A is y, mcr20a.c:(.text+0x3ed6c5b): undefined reference to `__devm_regmap_init_spi' ld: mcr20a.c:(.text+0x3ed6cb5): undefined reference to `__devm_regmap_init_spi' Select REGMAP_SPI for IEEE802154_MCR20A to fix it. Fixes: 8c6ad9cc5157 ("ieee802154: Add NXP MCR20A IEEE 802.15.4 transceiver driver") Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/20240909131740.1296608-1-ruanjinjie@huawei.com Signed-off-by: Stefan Schmidt commit d9a476c837fab38856c6b6ff9f794c33907a9f81 Author: Ira Weiny Date: Wed Sep 4 09:47:54 2024 -0500 cxl/region: Remove lock from memory notifier callback In testing Dynamic Capacity Device (DCD) support, a lockdep splat revealed an ABBA issue between the memory notifiers and the DCD extent processing code.[0] Changing the lock ordering within DCD proved difficult because regions must be stable while searching for the proper region and then the device lock must be held to properly notify the DAX region driver of memory changes. Dan points out in the thread that notifiers should be able to trust that it is safe to access static data. Region data is static once the device is realized and until it's destruction. Thus it is better to manage the notifiers within the region driver. Remove the need for a lock by ensuring the notifiers are active only during the region's lifetime. Furthermore, remove cxl_region_nid() because resource can't be NULL while the region is stable. Link: https://lore.kernel.org/all/66b4cf539a79b_a36e829416@iweiny-mobl.notmuch/ [0] Cc: Ying Huang Suggested-by: Dan Williams Reviewed-by: Davidlohr Bueso Reviewed-by: Jonathan Cameron Reviewed-by: Ying Huang Signed-off-by: Ira Weiny Link: https://patch.msgid.link/20240904-fix-notifiers-v3-1-576b4e950266@intel.com Signed-off-by: Dave Jiang commit 3f9e07531778ce66e0100d93f482e9a299d10d8d Author: Yanfei Xu Date: Wed Aug 28 16:42:31 2024 +0800 cxl/pci: simplify the check of mem_enabled in cxl_hdm_decode_init() Cases can be divided into two categories which are DVSEC range enabled and not enabled when HDM decoders exist but is not enabled. To avoid checking info->mem_enabled, which indicates the enablement of DVSEC range, every time, we can check !info->mem_enabled once in advance. This simplification can make the code clearer. No functional change intended. Reviewed-by: Jonathan Cameron Signed-off-by: Yanfei Xu Reviewed-by: Alison Schofield Link: https://patch.msgid.link/20240828084231.1378789-5-yanfei.xu@intel.com Signed-off-by: Dave Jiang commit 99bf0eebc75c9085440d6dca014724e7e49b5116 Author: Yanfei Xu Date: Wed Aug 28 16:42:30 2024 +0800 cxl/pci: Check Mem_info_valid bit for each applicable DVSEC In theory a device might set the mem_info_valid bit for a first range after it is ready but before as second range has reached that state. Therefore, the correct approach is to check the Mem_info_valid bit for each applicable DVSEC range against HDM_COUNT, rather than only for the DVSEC range 1. Consequently, let's move the check into the "for loop" that handles each DVSEC range. Reviewed-by: Jonathan Cameron Signed-off-by: Yanfei Xu Reviewed-by: Alison Schofield Link: https://patch.msgid.link/20240828084231.1378789-4-yanfei.xu@intel.com Signed-off-by: Dave Jiang commit 5c6e3d5a5da118be2ae074bd70d111994147c708 Author: Yanfei Xu Date: Wed Aug 28 16:42:29 2024 +0800 cxl/pci: Remove duplicated implementation of waiting for memory_info_valid commit ce17ad0d5498 ("cxl: Wait Memory_Info_Valid before access memory related info") added another implementation, which is cxl_dvsec_mem_range_valid(), of waiting for memory_info_valid without realizing it duplicated wait_for_valid(). Remove wait_for_valid() and retain cxl_dvsec_mem_range_valid() as the former is hardcoded to check only the Memory_Info_Valid bit of DVSEC range 1, while the latter allows for selection between DVSEC range 1 or 2 via parameter. Suggested-by: Dan Williams Reviewed-by: Jonathan Cameron Signed-off-by: Yanfei Xu Reviewed-by: Alison Schofield Link: https://patch.msgid.link/20240828084231.1378789-3-yanfei.xu@intel.com Signed-off-by: Dave Jiang commit 55e268694e8b07026c88191f9b6949b6887d9ce3 Author: Yanfei Xu Date: Wed Aug 28 16:42:28 2024 +0800 cxl/pci: Fix to record only non-zero ranges The function cxl_dvsec_rr_decode() retrieves and records DVSEC ranges into info->dvsec_range[], regardless of whether it is non-zero range, and the variable info->ranges indicates the number of non-zero ranges. However, in cxl_hdm_decode_init(), the validation for info->dvsec_range[] occurs in a for loop that iterates based on info->ranges. It may result in zero range to be validated but non-zero range not be validated, in turn, the number of allowed ranges is to be 0. Address it by only record non-zero ranges. This fix is not urgent as it requires a configuration that zeroes out the first dvsec range while populating the second. This has not been observed, but it is theoretically possible. If this gets picked up for -stable, no harm done, but there is no urgency to backport. Fixes: 560f78559006 ("cxl/pci: Retrieve CXL DVSEC memory info") Reviewed-by: Jonathan Cameron Signed-off-by: Yanfei Xu Reviewed-by: Alison Schofield Link: https://patch.msgid.link/20240828084231.1378789-2-yanfei.xu@intel.com Signed-off-by: Dave Jiang commit 227f51743b61fe3f6fc481f0fb8086bf8c49b8c9 Author: Selvin Xavier Date: Wed Sep 4 03:04:13 2024 -0700 RDMA/bnxt_re: Fix the max WQE size for static WQE support When variable size WQE is supported, max_qp_sges reported is more than 6. For devices that supports variable size WQE, the Send WQE size calculation is wrong when an an older library that doesn't support variable size WQE is used. Set the WQE size to 128 when static WQE is supported. Fixes: de1d364c3815 ("RDMA/bnxt_re: Add support for Variable WQE in Genp7 adapters") Signed-off-by: Selvin Xavier Link: https://patch.msgid.link/1725444253-13221-3-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Leon Romanovsky commit c6b2b5c86d448630cea58bf6fdfc761da3e3efb5 Author: Selvin Xavier Date: Wed Sep 4 03:04:12 2024 -0700 RDMA/bnxt_re: Fix the compatibility flag for variable size WQE For older adapters that doesn't support variable size WQE, driver is wrongly reporting that variable WQE is supported, when the latest library is used. Report the variable WQE capability only if the driver supports it. Fixes: 10a104c0debb ("RDMA/bnxt_re: Enable variable size WQEs for user space applications") Signed-off-by: Selvin Xavier Link: https://patch.msgid.link/1725444253-13221-2-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Leon Romanovsky commit 7ebb00cea49db641b458edef0ede389f7004821d Author: Michael Guralnik Date: Tue Sep 3 14:24:50 2024 +0300 RDMA/mlx5: Fix MR cache temp entries cleanup Fix the cleanup of the temp cache entries that are dynamically created in the MR cache. The cleanup of the temp cache entries is currently scheduled only when a new entry is created. Since in the cleanup of the entries only the mkeys are destroyed and the cache entry stays in the cache, subsequent registrations might reuse the entry and it will eventually be filled with new mkeys without cleanup ever getting scheduled again. On workloads that register and deregister MRs with a wide range of properties we see the cache ends up holding many cache entries, each holding the max number of mkeys that were ever used through it. Additionally, as the cleanup work is scheduled to run over the whole cache, any mkey that is returned to the cache after the cleanup was scheduled will be held for less than the intended 30 seconds timeout. Solve both issues by dropping the existing remove_ent_work and reusing the existing per-entry work to also handle the temp entries cleanup. Schedule the work to run with a 30 seconds delay every time we push an mkey to a clean temp entry. This ensures the cleanup runs on each entry only 30 seconds after the first mkey was pushed to an empty entry. As we have already been distinguishing between persistent and temp entries when scheduling the cache_work_func, it is not being scheduled in any other flows for the temp entries. Another benefit from moving to a per-entry cleanup is we now not required to hold the rb_tree mutex, thus enabling other flow to run concurrently. Fixes: dd1b913fb0d0 ("RDMA/mlx5: Cache all user cacheable mkeys on dereg MR flow") Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/e4fa4bb03bebf20dceae320f26816cd2dde23a26.1725362530.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit ee6d57a2e13d11ce9050cfc3e3b69ef707a44a63 Author: Michael Guralnik Date: Tue Sep 3 14:24:49 2024 +0300 RDMA/mlx5: Limit usage of over-sized mkeys from the MR cache When searching the MR cache for suitable cache entries, don't use mkeys larger than twice the size required for the MR. This should ensure the usage of mkeys closer to the minimal required size and reduce memory waste. On driver init we create entries for mkeys with clear attributes and powers of 2 sizes from 4 to the max supported size. This solves the issue for anyone using mkeys that fit these requirements. In the use case where an MR is registered with different attributes, like an access flag we can't UMR, we'll create a new cache entry to store it upon dereg. Without this fix, any later registration with same attributes and smaller size will use the newly created cache entry and it's mkeys, disregarding the memory waste of using mkeys larger than required. For example, one worst-case scenario can be when registering and deregistering a 1GB mkey with ATS enabled which will cause the creation of a new cache entry to hold those type of mkeys. A user registering a 4k MR with ATS will end up using the new cache entry and an mkey that can support a 1GB MR, thus wasting x250k memory than actually needed in the HW. Additionally, allow all small registration to use the smallest size cache entry that is initialized on driver load even if size is larger than twice the required size. Fixes: 73d09b2fe833 ("RDMA/mlx5: Introduce mlx5r_cache_rb_key") Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/8ba3a6e3748aace2026de8b83da03aba084f78f4.1725362530.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit 6f5cd6ac9a4201e4ba6f10b76a9da8044d6e38b0 Author: Michael Guralnik Date: Tue Sep 3 14:24:48 2024 +0300 RDMA/mlx5: Fix counter update on MR cache mkey creation After an mkey is created, update the counter for pending mkeys before reshceduling the work that is filling the cache. Rescheduling the work with a full MR cache entry and a wrong 'pending' counter will cause us to miss disabling the fill_to_high_water flag. Thus leaving the cache full but with an indication that it's still needs to be filled up to it's full size (2 * limit). Next time an mkey will be taken from the cache, we'll unnecessarily continue the process of filling the cache to it's full size. Fixes: 57e7071683ef ("RDMA/mlx5: Implement mkeys management via LIFO queue") Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/0f44f462ba22e45f72cb3d0ec6a748634086b8d0.1725362530.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit 30e6bd8d3b5639f8f4261e5e6c0917ce264b8dc2 Author: Michael Guralnik Date: Tue Sep 3 14:24:47 2024 +0300 RDMA/mlx5: Drop redundant work canceling from clean_keys() The canceling of dealyed work in clean_keys() is a leftover from years back and was added to prevent races in the cleanup process of MR cache. The cleanup process was rewritten a few years ago and the canceling of delayed work and flushing of workqueue was added before the call to clean_keys(). Signed-off-by: Michael Guralnik Link: https://patch.msgid.link/943d21f5a9dba7b98a3e1d531e3561ffe9745d71.1725362530.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit e77127ff6416b17e0b3e630ac46ee5c9a6570f57 Author: Cheng Xu Date: Mon Sep 2 19:29:20 2024 +0800 RDMA/erdma: Return QP state in erdma_query_qp Fix qp_state and cur_qp_state to return correct values in struct ib_qp_attr. Fixes: 155055771704 ("RDMA/erdma: Add verbs implementation") Signed-off-by: Cheng Xu Link: https://patch.msgid.link/20240902112920.58749-4-chengyou@linux.alibaba.com Signed-off-by: Leon Romanovsky commit b80330f1051d4e89d234a191db99caad5fbd8cbc Author: Cheng Xu Date: Mon Sep 2 19:29:19 2024 +0800 RDMA/erdma: Add disassociate ucontext support All IO pages mapped to user space are handled by rdma_user_mmap_io, so add empty stub for disassociate ucontext. Signed-off-by: Cheng Xu Link: https://patch.msgid.link/20240902112920.58749-3-chengyou@linux.alibaba.com Signed-off-by: Leon Romanovsky commit b24506f1c3c4e3379babf7c59e4873c862e674cb Author: Cheng Xu Date: Mon Sep 2 19:29:18 2024 +0800 RDMA/erdma: Refactor the initialization and destruction of EQ We extracted the common parts of the initialization/destruction process to make the code cleaner. Signed-off-by: Cheng Xu Link: https://patch.msgid.link/20240902112920.58749-2-chengyou@linux.alibaba.com Signed-off-by: Leon Romanovsky commit 34efda1735a179cd233479a99f09728825748ea1 Author: Maher Sanalla Date: Mon Sep 2 13:37:03 2024 +0300 RDMA/mlx5: Enable ATS when allocating kernel MRs When creating kernel MRs, it is not definitive whether they will be used for peer-to-peer transactions or for other usecases, since address mapping is performed only after the MR is created. Since peer-to-peer transactions benefit significantly from ATS performance-wise, enable ATS on newly-allocated kernel MRs when supported. Signed-off-by: Maher Sanalla Reviewed-by: Gal Shalom Link: https://patch.msgid.link/fafd4c9f14cf438d2882d88649c2947e1d05d0b4.1725273403.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit 510f9f61a1121a296a45962760d5e2824277fa37 Author: Yevgeny Kliteynik Date: Thu Jun 20 02:46:40 2024 +0300 net/mlx5: HWS, added API and enabled HWS support Enabling HWS support in the mlx5 driver: - added HWS API header - added HWS files in the mlx5 driver makefile - added kconfig flag that enables HWS compilation Reviewed-by: Erez Shitrit Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit 2ca62599aa0bbc0e61595531614e0989ba6b3194 Author: Yevgeny Kliteynik Date: Thu Jun 20 02:35:50 2024 +0300 net/mlx5: HWS, added send engine and context handling Added implementation of send engine and handling of HWS context. Reviewed-by: Itamar Gozlan Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit d4a605e968e7f0af58f228ab7bf96d9d7d4f0b69 Author: Yevgeny Kliteynik Date: Thu Jun 20 02:40:54 2024 +0300 net/mlx5: HWS, added debug dump and internal headers Added debug dump of the existing HWS state, and all the required internal definitions. To dump the HWS state, cat the following debugfs node: cat /sys/kernel/debug/mlx5//steering/fdb/ctx_ Reviewed-by: Hamdan Agbariya Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit 2111bb970c787b16b002dc726c1d296ce87a00fb Author: Yevgeny Kliteynik Date: Thu Jun 20 02:43:36 2024 +0300 net/mlx5: HWS, added backward-compatible API handling Added implementation of backward-compatible (BWC) steering API. Native HWS API is very different from SWS API: - SWS is synchronous (rule creation/deletion API call returns when the rule is created/deleted), while HWS is asynchronous (it requires polling for completion in order to know when the rule creation/deletion happened) - SWS manages its own memory (it allocates/frees all the needed memory for steering rules, while HWS requires the rules memory to be allocated/freed outside the API In order to make HWS fit the existing fs-core steering API paradigm, this patch adds implementation of backward-compatible (BWC) steering API that has the bahaviour similar to SWS: among others, it encompasses all the rules' memory management and completion polling, presenting the usual synchronous API for the upper layer. A user that wishes to utilize the full speed potential of HWS can call the HWS async API and have rule insertion/deletion batching, lower memory management overhead, and lower CPU utilization. Such approach will be taken by the future Connection Tracking. Note that BWC steering doesn't support yet rules that require more than one match STE - complex rules. This support will be added later on. Reviewed-by: Erez Shitrit Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit c61afff94373641695cc81999e9bb10408ea84d5 Author: Yevgeny Kliteynik Date: Thu Jun 20 02:34:22 2024 +0300 net/mlx5: HWS, added memory management handling Added object pools and buddy allocator functionality. Reviewed-by: Itamar Gozlan Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit 6c5e68254027e7a82cb4580fd1a28cda3d417a97 Author: Yevgeny Kliteynik Date: Mon Aug 12 02:10:56 2024 +0300 net/mlx5: HWS, added vport handling Vport is a virtual eswitch port that is associated with its virtual function (VF), physical function (PF) or sub-function (SF). This patch adds handling of vports in HWS. Reviewed-by: Hamdan Agbariya Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit aefc15a0fa1cfab233f490a4675167e5ca5c42b2 Author: Yevgeny Kliteynik Date: Thu Jun 20 02:39:00 2024 +0300 net/mlx5: HWS, added modify header pattern and args handling Packet headers/metadta manipulations are split into two parts: - Header Modify Pattern: an object that describes which fields will be modified and in which way - Header Modify Argument: an object that provides the values to be used for header modification Reviewed-by: Hamdan Agbariya Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit 0869701cba3d4c9865a019d23b0d159aee90d23f Author: Yevgeny Kliteynik Date: Thu Jun 20 02:38:22 2024 +0300 net/mlx5: HWS, added FW commands handling This patch adds implementation of FW object handling, such as creation/destruction, modification, and querying. Reviewed-by: Hamdan Agbariya Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit 472dd792348f6601ccaa97d5626ee4faff891901 Author: Yevgeny Kliteynik Date: Thu Jun 20 02:37:18 2024 +0300 net/mlx5: HWS, added matchers functionality Matcher object encompasses all the building blocks that are needed in order to perform flow steering of a given flow: - flow table that serves as entering point of this matcher - Rule Table Context (RTC) objects to hold ll the Steering Table Entries (STEs), both for matching the flow and for performing actions - rules that describe the set of matching parameters for a flow and actions to perform in case of a hit. This patch adds implementation of matchers handling in HWS. Reviewed-by: Itamar Gozlan Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit 74a778b4a63faef9ff02aad0d332b209835f93e1 Author: Yevgeny Kliteynik Date: Thu Jun 20 02:36:51 2024 +0300 net/mlx5: HWS, added definers handling The Match Definer combines packet fields and a mask, creating a key which can be used for packet matching during steering flow processing. This patch adds handling of definer objects in HWS. Reviewed-by: Hamdan Agbariya Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit 49674803542c162a465819c1a5ca66b494ecf367 Author: Yevgeny Kliteynik Date: Thu Jun 20 02:33:11 2024 +0300 net/mlx5: HWS, added rules handling Steering rule is a concept that includes match parameters for a flow, and actions to perform on the flows that match these parameters. This patch adds rules handling part of HW Steering. Reviewed-by: Itamar Gozlan Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit 71a1372b8275dd1c57db045d4a710a5b8f124f52 Author: Yevgeny Kliteynik Date: Thu Jun 20 02:32:28 2024 +0300 net/mlx5: HWS, added tables handling Flow tables are SW objects that are comprised of list of matchers, that in turn define the properties of a flow to match on and set of actions to perform on the flows in case of match hit or miss. Reviewed-by: Itamar Gozlan Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit 504e536d90104c850731840d3fbc95acf251f11b Author: Yevgeny Kliteynik Date: Thu Jun 20 02:31:59 2024 +0300 net/mlx5: HWS, added actions handling When a packet matches a flow, the actions specified for the flow are applied. The supported actions include (but not limited to) the following: - drop: packet processing is stopped - go to vport: packet is forwarded to a specified vport - go to flow table: packet is forwarded to a specified table and processing continues there - push/pop vlan: add/remove vlan header respectively to/from the packet - insert/remove header: add/remove a user-defined header to/from the packet - counter: count the packet bytes in the specified counter - tag: tag the matching flow with a provided tag value - reformat: change the packet format by adding or removing some of its headers - modify header: modify the value of the packet headers with set/add/copy ops - range: match packet on range of values Reviewed-by: Erez Shitrit Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit 00b9f0daefd7670356e592d418c890acf9179c94 Author: Yevgeny Kliteynik Date: Tue Jan 17 17:14:51 2023 +0200 net/mlx5: Added missing definitions in preparation for HW Steering As part of preparation for HWS, added missing definitions in qp.h and fs_core.h: - FS_FT_FDB_RX/TX table types that are used by HWS in addition to an existing FS_FT_FDB - MLX5_WQE_CTRL_INITIATOR_SMALL_FENCE that is used by HWS to require fence in WQE Reviewed-by: Hamdan Agbariya Signed-off-by: Yevgeny Kliteynik Reviewed-by: Mark Bloch Signed-off-by: Saeed Mahameed commit 34c626c3004a73ee7da5072be48ddff9c2902902 Author: Yevgeny Kliteynik Date: Mon Jan 16 01:16:43 2023 +0200 net/mlx5: Added missing mlx5_ifc definition for HW Steering Add mlx5_ifc definitions that are required for HWS support. Note that due to change in the mlx5_ifc_flow_table_context_bits structure that now includes both SWS and HWS bits in a union, this patch also includes small change in one of SWS files that was required for compilation. Reviewed-by: Hamdan Agbariya Signed-off-by: Yevgeny Kliteynik Signed-off-by: Saeed Mahameed commit fe57beb026ef5f9614adfa23ee6f3c21faede2cf Merge: abbd838c579e49 02f454f9aa6255 Author: Kalle Valo Date: Mon Sep 9 20:40:12 2024 +0300 Merge tag 'ath-next-20240909' of git://git.kernel.org/pub/scm/linux/kernel/git/ath/ath ath.git patches for v6.12 This is once again a fairly light pull request since ath12k is still working on MLO-related changes, and the other drivers are mostly in maintenance mode. ath12k * Fix a frame-larger-than warning seen with debug builds * Fix flex-array-member-not-at-end warnings ath11k * Fix flex-array-member-not-at-end warnings ath9k * Fix a syzbot-reported issue on USB-based devices commit abbd838c579e491a6242f3916af7963e8a8fa9d5 Merge: 0af2b1b2029273 6bba05d651ef77 Author: Kalle Valo Date: Mon Sep 9 20:37:47 2024 +0300 Merge tag 'mt76-for-kvalo-2024-09-06' of https://github.com/nbd168/wireless mt76 patches for 6.12 - fixes - mt7915 .sta_state support - mt7915 hardware restart improvements commit 0c0966b5019f97e2af0ab802c1453162748b1166 Author: Christophe JAILLET Date: Sun Sep 8 10:41:11 2024 +0200 regulator: da9211: Constify struct regulator_desc 'struct regulator_desc' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security, especially when the structure holds some function pointers. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 13982 2118 16 16116 3ef4 drivers/regulator/da9211-regulator.o After: ===== text data bss dec hex filename 14622 1478 16 16116 3ef4 drivers/regulator/da9211-regulator.o -- Compile tested only Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/54258bfe11112d70d2f1eb1deda2791eb9ef99c1.1725784852.git.christophe.jaillet@wanadoo.fr Signed-off-by: Mark Brown commit 97e63bc35f4c086ab7ad3894c9693e18e79162d9 Author: Christophe JAILLET Date: Sun Sep 8 16:55:58 2024 +0200 regulator: mp5416: Constify struct regulator_desc 'struct regulator_desc' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security, especially when the structure holds some function pointers. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 3516 5320 32 8868 22a4 drivers/regulator/mp5416.o After: ===== text data bss dec hex filename 8508 320 32 8860 229c drivers/regulator/mp5416.o -- Compile tested only Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/fd8d1307f211ec7754f46b6678c04309556003bc.1725807320.git.christophe.jaillet@wanadoo.fr Signed-off-by: Mark Brown commit 130af75b5c05eef4ecd8593371f3e924bcd41241 Author: Uwe Kleine-König Date: Mon Sep 9 17:12:30 2024 +0200 ASoC: Switch back to struct platform_driver::remove() After commit 0edb555a65d1 ("platform: Make platform_driver::remove() return void") .remove() is (again) the right callback to implement for platform drivers. Convert all drivers below sound/soc to use .remove(), with the eventual goal to drop struct platform_driver::remove_new(). As .remove() and .remove_new() have the same prototypes, conversion is done by just changing the structure member name in the driver initializer. Signed-off-by: Uwe Kleine-König Link: https://patch.msgid.link/20240909151230.909818-2-u.kleine-koenig@baylibre.com Signed-off-by: Mark Brown commit b09c71f3e8413ac0a9749f9d0d06f6f0d0b2cc65 Author: Codrin Ciubotariu Date: Mon Sep 9 11:35:29 2024 +0300 ASoC: atmel: mchp-i2s-mcc: Remove interface name from stream_name Remove the interface name from the stream_name. The interface name (and the index of the interface) can be set in DT using the sound-name-prefix string property. [andrei.simion@microchip: Adjust the commit title] Signed-off-by: Codrin Ciubotariu Signed-off-by: Andrei Simion Link: https://patch.msgid.link/20240909083530.14695-2-andrei.simion@microchip.com Signed-off-by: Mark Brown commit 130eb72d3cb38a629205a2a192800b4b1b9bc5c9 Author: Tang Bin Date: Sun Sep 8 21:46:04 2024 +0800 ASoC: codecs: fix the right check and simplify code In the file drivers/base/platform.c, the return description of platform_get_irq is 'non-zero IRQ number on success, negative error number on failure.', so the check is wrong, fix it. And when get irq failed, the function platform_get_irq logs an error message. Fixes: 5e2404493f9f ("ASoC: codecs: add MT6357 support") Signed-off-by: Tang Bin Link: https://patch.msgid.link/20240908134604.3652-1-tangbin@cmss.chinamobile.com Signed-off-by: Mark Brown commit 3fc3e45fcdeaad4b7660b560fcbc827eb733f58e Author: Sandeep Dhavale Date: Wed Sep 4 23:00:25 2024 -0700 erofs: fix error handling in z_erofs_init_decompressor If we get a failure at the first decompressor init (i = 0), the clean up while loop could enter infinite loop due to wrong while check. Check the value of i now to see if we need any clean up at all. Fixes: 5a7cce827ee9 ("erofs: refine z_erofs_{init,exit}_subsystem()") Reported-by: liujinbao1 Signed-off-by: Sandeep Dhavale Reviewed-by: Gao Xiang Reviewed-by: Chao Yu Link: https://lore.kernel.org/r/20240905060027.2388893-1-dhavale@google.com Signed-off-by: Gao Xiang commit 59aadaa7ebafbc57e642d772cfc02c2b907e5b89 Author: Gao Xiang Date: Wed Aug 28 17:52:32 2024 +0800 erofs: clean up erofs_register_sysfs() After commit 684b290abc77 ("erofs: add support for FS_IOC_GETFSSYSFSPATH"), `sb->s_sysfs_name` is now valid. Just use it to get rid of duplicated logic. Reviewed-by: Sandeep Dhavale Reviewed-by: Chao Yu Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20240828095232.571946-1-hsiangkao@linux.alibaba.com commit 9ed50b8231e37b1ae863f5dec8153b98d9f389b4 Author: Gao Xiang Date: Mon Sep 9 11:19:11 2024 +0800 erofs: fix incorrect symlink detection in fast symlink Fast symlink can be used if the on-disk symlink data is stored in the same block as the on-disk inode, so we don’t need to trigger another I/O for symlink data. However, currently fs correction could be reported _incorrectly_ if inode xattrs are too large. In fact, these should be valid images although they cannot be handled as fast symlinks. Many thanks to Colin for reporting this! Reported-by: Colin Walters Reported-by: https://honggfuzz.dev/ Link: https://lore.kernel.org/r/bb2dd430-7de0-47da-ae5b-82ab2dd4d945@app.fastmail.com Fixes: 431339ba9042 ("staging: erofs: add inode operations") [ Note that it's a runtime misbehavior instead of a security issue. ] Signed-off-by: Gao Xiang Link: https://lore.kernel.org/r/20240909031911.1174718-1-hsiangkao@linux.alibaba.com commit 83710aaff08a5b650db166eed28e9ae377311da6 Merge: da3ea35007d0af d47552124bb0b9 Author: Rafael J. Wysocki Date: Mon Sep 9 18:33:15 2024 +0200 Merge tag 'devfreq-next-for-6.12' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/chanwoo/linux Merge devfreq updates for v6.12 from Chanwoo Choi: "Detailed description for this pull request: - Add missing MODULE_DESCRIPTION() macros for devfreq governors. - Use Use devm_clk_get_enabled() helpers for exyns-bus devfreq driver. - Use of_property_present() instead of of_get_property() for imx-bus devfreq driver." * tag 'devfreq-next-for-6.12' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/chanwoo/linux: PM / devfreq: imx-bus: Use of_property_present() PM / devfreq: exynos: Use Use devm_clk_get_enabled() helpers PM/devfreq: governor: add missing MODULE_DESCRIPTION() macros commit 19c9d55d72a9040cf9dc8de62633e6217381106b Author: Mickaël Salaün Date: Wed Aug 21 11:56:06 2024 +0200 security: Update file_set_fowner documentation Highlight that the file_set_fowner hook is now called with a lock held. Cc: Al Viro Cc: Casey Schaufler Cc: Christian Brauner Cc: James Morris Cc: Jann Horn Cc: Ondrej Mosnacek Cc: Paul Moore Cc: Serge E. Hallyn Cc: Stephen Smalley Signed-off-by: Mickaël Salaün Signed-off-by: Paul Moore commit 26f204380a3c182e5adf1a798db0724d6111b597 Author: Mickaël Salaün Date: Wed Aug 21 11:56:05 2024 +0200 fs: Fix file_set_fowner LSM hook inconsistencies The fcntl's F_SETOWN command sets the process that handle SIGIO/SIGURG for the related file descriptor. Before this change, the file_set_fowner LSM hook was always called, ignoring the VFS logic which may not actually change the process that handles SIGIO (e.g. TUN, TTY, dnotify), nor update the related UID/EUID. Moreover, because security_file_set_fowner() was called without lock (e.g. f_owner.lock), concurrent F_SETOWN commands could result to a race condition and inconsistent LSM states (e.g. SELinux's fown_sid) compared to struct fown_struct's UID/EUID. This change makes sure the LSM states are always in sync with the VFS state by moving the security_file_set_fowner() call close to the UID/EUID updates and using the same f_owner.lock . Rename f_modown() to __f_setown() to simplify code. Cc: stable@vger.kernel.org Cc: Al Viro Cc: Casey Schaufler Cc: Christian Brauner Cc: James Morris Cc: Jann Horn Cc: Ondrej Mosnacek Cc: Paul Moore Cc: Serge E. Hallyn Cc: Stephen Smalley Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Mickaël Salaün Signed-off-by: Paul Moore commit e3ee4ab0fd6ef257fc8b8d49166aef056d55c938 Merge: f5c05974349c8e 54fccad63ec889 Author: Rafael J. Wysocki Date: Mon Sep 9 18:18:49 2024 +0200 Merge branch 'thermal-core' Merge thermal core fixes and cleanups for 6.12: - Refuse to accept trip point temperature or hysteresis that would lead to an invalid threshold value when setting them via sysfs (Rafael Wysocki). - Adjust states of all uninitialized instances in the .manage() callback of the Bang-bang thermal governor (Rafael Wysocki). - Drop a couple of redundant checks along with the code depending on them from the thermal core (Rafael Wysocki). - Rearrange the thermal core to avoid redundant checks and simplify control flow in a couple of code paths (Rafael Wysocki). * thermal-core: thermal: core: Drop thermal_zone_device_is_enabled() thermal: core: Check passive delay in monitor_thermal_zone() thermal: core: Drop dead code from monitor_thermal_zone() thermal: core: Drop redundant lockdep_assert_held() thermal: gov_bang_bang: Adjust states of all uninitialized instances thermal: sysfs: Add sanity checks for trip temperature and hysteresis commit 36fa259b214c37bbae3e0b7a47e7fb49cb0ab462 Author: Mark Brown Date: Sat Sep 7 01:53:32 2024 +0100 ASoC: mt8365: Allow build coverage There is no build time dependency on anything specific to ARCH_MEDIATEK so enable COMPILE_TEST builds. Reviewed-by: AngeloGioacchino Del Regno Reviewed-by: Alexandre Mergnat Tested-by: Nathan Chancellor # build Signed-off-by: Mark Brown Link: https://patch.msgid.link/20240907-asoc-fix-mt8365-build-v1-7-7ad0bac20161@kernel.org Signed-off-by: Mark Brown commit d70ce6d3105a6bd02b1708c399105631643a550a Author: Mark Brown Date: Sat Sep 7 01:53:31 2024 +0100 ASoC: mt8365: Remove unused DMIC IIR coefficient configuration Nothing ever calls mt8365_dai_load_dmic_iirc_coeff_table() so the compiler warns about an unused static function. While it seems likely that something should be calling the function I don't know what and this is breaking -Werror builds like allmodconfig so let's just remove it. It can be added again along with the user. Reported-by: Nathan Chancellor Reviewed-by: AngeloGioacchino Del Regno Tested-by: Nathan Chancellor # build Signed-off-by: Mark Brown Link: https://patch.msgid.link/20240907-asoc-fix-mt8365-build-v1-6-7ad0bac20161@kernel.org Signed-off-by: Mark Brown commit 067d832806225cfaabeec8f5f683b7e2bc508a6d Author: Mark Brown Date: Sat Sep 7 01:53:30 2024 +0100 ASoC: mt8365: Remove unused variables Silence compiler warnings by removing unused variables. Reported-by: Nathan Chancellor Reviewed-by: Alexandre Mergnat Reviewed-by: AngeloGioacchino Del Regno Tested-by: Nathan Chancellor # build Signed-off-by: Mark Brown Link: https://patch.msgid.link/20240907-asoc-fix-mt8365-build-v1-5-7ad0bac20161@kernel.org Signed-off-by: Mark Brown commit 63157d994025639075b3faa372976a96186322c1 Author: Mark Brown Date: Sat Sep 7 01:53:29 2024 +0100 ASoC: mt8365: Make non-exported functions static The compilers warn if functions without a prototype are not static so add appropriate static declarations. Reported-by: Nathan Chancellor Reviewed-by: Alexandre Mergnat Reviewed-by: AngeloGioacchino Del Regno Tested-by: Nathan Chancellor # build Signed-off-by: Mark Brown Link: https://patch.msgid.link/20240907-asoc-fix-mt8365-build-v1-4-7ad0bac20161@kernel.org Signed-off-by: Mark Brown commit 3e61df7d2ff67875c770a7f548038054d05a0f15 Author: Mark Brown Date: Sat Sep 7 01:53:28 2024 +0100 ASoC: mt8365: Remove unused prototype for mt8365_afe_clk_group_48k() The function is not used outside of the file it is defined and the equivalent function for 44.1kHz is not prototyped so remove the prototype for this function. Reviewed-by: AngeloGioacchino Del Regno Reviewed-by: Alexandre Mergnat Tested-by: Nathan Chancellor # build Signed-off-by: Mark Brown Link: https://patch.msgid.link/20240907-asoc-fix-mt8365-build-v1-3-7ad0bac20161@kernel.org Signed-off-by: Mark Brown commit 1b084d8e3b98ca460b815cff14617719ebe605ad Author: Mark Brown Date: Sat Sep 7 01:53:27 2024 +0100 ASoC: mt8365: Remove spurious unsigned long casts The regmap APIs take unsigned ints not unsigned longs so casting their arguments to unsigned longs is not a good choice, the constants being cast here are all unsigned ints anyway. Reviewed-by: Alexandre Mergnat Reviewed-by: AngeloGioacchino Del Regno Tested-by: Nathan Chancellor # build Signed-off-by: Mark Brown Link: https://patch.msgid.link/20240907-asoc-fix-mt8365-build-v1-2-7ad0bac20161@kernel.org Signed-off-by: Mark Brown commit d01c6a398750aae265c17859b57d7409a6d9181d Author: Mark Brown Date: Sat Sep 7 01:53:26 2024 +0100 ASoC: mt8365: Open code BIT() to avoid spurious warnings The mt8365 driver uses bits.h to define bitfields but BIT() uses unsigned long constants so does not play well with being bitwise negated and converted to an unsigned int, the compiler complains about width reduction on a number of architectures. Just open code the shifting to avoid the issue. Generated with s/BIT(/(1U << / Reported-by: Nathan Chancellor Reviewed-by: Alexandre Mergnat Tested-by: Nathan Chancellor # build Signed-off-by: Mark Brown Link: https://patch.msgid.link/20240907-asoc-fix-mt8365-build-v1-1-7ad0bac20161@kernel.org Signed-off-by: Mark Brown commit 38a0e38b31d3f967525f6414711bed6f14dfa15e Author: Zhang Zekun Date: Fri Sep 6 19:34:05 2024 +0800 remoteporc: ingenic: Use devm_platform_ioremap_resource_byname() platform_get_resource_byname() and devm_ioremap_resource() can be replaced by devm_platform_ioremap_resource_byname(), which can simplify the code logic a bit, No functional change here. Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240906113405.92782-4-zhangzekun11@huawei.com [Fixed patch title] Signed-off-by: Mathieu Poirier commit 2de346a45ebf41a67809598c45412c19a95ca4a4 Author: Zhang Zekun Date: Fri Sep 6 19:34:04 2024 +0800 remoteproc: da8xx: Use devm_platform_ioremap_resource_byname() platform_get_resource_byname() and devm_ioremap_resource() can be replaced by devm_platform_ioremap_resource_byname(), which can simplify the code logic a bit, No functional change here. Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240906113405.92782-3-zhangzekun11@huawei.com [Fixed patch title] Signed-off-by: Mathieu Poirier commit b472e756ad53421528b632c37d0dc2fe058cd497 Author: Zhang Zekun Date: Fri Sep 6 19:34:03 2024 +0800 remoteproc: st_slim: Use devm_platform_ioremap_resource_byname() platform_get_resource_byname() and devm_ioremap_resource() can be replaced by devm_platform_ioremap_resource_byname(), which can simplify the code logic a bit, No functional change here. Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240906113405.92782-2-zhangzekun11@huawei.com [Fixed patch title] Signed-off-by: Mathieu Poirier commit 4c22b04e116e114f18d9cef15f913e1649ccb7ed Author: Binbin Zhou Date: Mon Sep 9 15:19:55 2024 +0800 ASoC: loongson: Factor out loongson i2s enable clock functions There are a few i2s clock enable operations in loongson_i2s_set_fmt(), convert them to simple helper functions called loongson_i2s_enable_mclk() and loongson_i2s_enable_bclk(). Signed-off-by: Binbin Zhou Link: https://patch.msgid.link/d6f6c818b0ecee87277f704b6a801cbbf5e712ce.1725844530.git.zhoubinbin@loongson.cn Signed-off-by: Mark Brown commit ddb538a3004b10a04a14a0d275c5f52a8d161e80 Author: Binbin Zhou Date: Mon Sep 9 15:19:37 2024 +0800 ASoC: loongson: Factor out loongson_card_acpi_find_device() function The operations for reading the cpu and codec nodes in loongson_card_parse_acpi() are similar, so we convert them into a simple helper function called loongson_card_acpi_find_device(). Signed-off-by: Binbin Zhou Link: https://patch.msgid.link/3b7da05e5fd4326e7944aa749bf06dd44e964f6c.1725844530.git.zhoubinbin@loongson.cn Signed-off-by: Mark Brown commit c7b626a8930d7029c096f0634ae6169af59d92b6 Author: Binbin Zhou Date: Mon Sep 9 15:19:36 2024 +0800 ASoC: loongson: Replace if with ternary operator Replace an if statement with a ternary operator, making the code a tiny bit shorter. Signed-off-by: Binbin Zhou Link: https://patch.msgid.link/94ec2ac178610f50af4815ef5b719695915bba31.1725844530.git.zhoubinbin@loongson.cn Signed-off-by: Mark Brown commit e28ee1b8a92e6797fc652fa64e536178dd627e89 Author: Binbin Zhou Date: Mon Sep 9 15:19:34 2024 +0800 ASoC: loongson: Simplify if statment in loongson_card_hw_params() Deal with illegal conditions first and put the normal process code outside the if condition to improve code readability. Signed-off-by: Binbin Zhou Link: https://patch.msgid.link/98b71f9643970f11bc500c01599c7aeb77ff2a58.1725844530.git.zhoubinbin@loongson.cn Signed-off-by: Mark Brown commit 3d2528d6c021cba141a7079ae1a5937190700899 Author: Binbin Zhou Date: Mon Sep 9 15:19:07 2024 +0800 ASoC: loongson: Simplify with dev_err_probe() Error handling in probe() can be a bit simpler with dev_err_probe(). Signed-off-by: Binbin Zhou Link: https://patch.msgid.link/07855aa6c290ec826d63e68b898e7f4afac5e30d.1725844530.git.zhoubinbin@loongson.cn Signed-off-by: Mark Brown commit ce3997ab8b4ae2312b8cdddd7db9b15eb11004a3 Author: Binbin Zhou Date: Mon Sep 9 15:19:06 2024 +0800 ASoC: loongson: Simplify probe() with local dev variable Simplify the probe() function by using local 'dev' instead of &pdev->dev. Signed-off-by: Binbin Zhou Link: https://patch.msgid.link/1984a20930da515e2a478b02159f83c02498f6be.1725844530.git.zhoubinbin@loongson.cn Signed-off-by: Mark Brown commit f2bd6f5b3777d800fb3cad17b9509e1e2128df62 Author: Binbin Zhou Date: Mon Sep 9 15:19:05 2024 +0800 ASoC: loongson: Use BIT() macro Where applicable, use BIT() macro instead of shift operation to improve readability. Signed-off-by: Binbin Zhou Link: https://patch.msgid.link/ccca555c96f18c0ecf5f1544c82945ba651d105f.1725844530.git.zhoubinbin@loongson.cn Signed-off-by: Mark Brown commit f011c9cf04c06f16b24f583d313d3c012e589e50 Author: Felix Moessbauer Date: Mon Sep 9 17:00:36 2024 +0200 io_uring/sqpoll: do not allow pinning outside of cpuset The submit queue polling threads are userland threads that just never exit to the userland. When creating the thread with IORING_SETUP_SQ_AFF, the affinity of the poller thread is set to the cpu specified in sq_thread_cpu. However, this CPU can be outside of the cpuset defined by the cgroup cpuset controller. This violates the rules defined by the cpuset controller and is a potential issue for realtime applications. In b7ed6d8ffd6 we fixed the default affinity of the poller thread, in case no explicit pinning is required by inheriting the one of the creating task. In case of explicit pinning, the check is more complicated, as also a cpu outside of the parent cpumask is allowed. We implemented this by using cpuset_cpus_allowed (that has support for cgroup cpusets) and testing if the requested cpu is in the set. Fixes: 37d1e2e3642e ("io_uring: move SQPOLL thread io-wq forked worker") Cc: stable@vger.kernel.org # 6.1+ Signed-off-by: Felix Moessbauer Link: https://lore.kernel.org/r/20240909150036.55921-1-felix.moessbauer@siemens.com Signed-off-by: Jens Axboe commit e3b1be2e73dbe599f8b8886e120d206aa87e90f9 Author: Jason Gunthorpe Date: Fri Sep 6 12:47:55 2024 -0300 iommu/arm-smmu-v3: Reorganize struct arm_smmu_ctx_desc_cfg The members here are being used for both the linear and the 2 level case, with the meaning of each item slightly different in the two cases. Split it into a clean union where both cases have their own struct with their own logical names and correct types. Adjust all the users to detect linear/2lvl and use the right sub structure and types consistently. Remove CTXDESC_CD_DWORDS by changing the last places to use sizeof(struct arm_smmu_cd). Tested-by: Nicolin Chen Reviewed-by: Nicolin Chen Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/8-v4-6416877274e1+1af-smmuv3_tidy_jgg@nvidia.com Signed-off-by: Will Deacon commit 7c567eb1e1d2a835140091ff8d4b73ac5454ba7b Author: Jason Gunthorpe Date: Fri Sep 6 12:47:54 2024 -0300 iommu/arm-smmu-v3: Add types for each level of the CD table As well as indexing helpers arm_smmu_cdtab_l1/2_idx(). Remove CTXDESC_L1_DESC_DWORDS and CTXDESC_CD_DWORDS replacing them all with type specific calculations. Tested-by: Nicolin Chen Reviewed-by: Nicolin Chen Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/7-v4-6416877274e1+1af-smmuv3_tidy_jgg@nvidia.com Signed-off-by: Will Deacon commit c0a25a96dee9c3af01fbcad227871fc0f222900b Author: Jason Gunthorpe Date: Fri Sep 6 12:47:53 2024 -0300 iommu/arm-smmu-v3: Shrink the cdtab l1_desc array The top of the 2 level CD table is (at most) 1024 entries big, and two high order allocations are required. One of __le64 which is programmed into the HW (8k) and one of struct arm_smmu_l1_ctx_desc which holds the CPU pointer (16k). There are two copies of the l2ptr_dma, one is stored in the struct arm_smmu_l1_ctx_desc, and another is encoded in the __le64 for the HW to use. Instead of storing two copies just decode the value from the __le64. Tested-by: Nicolin Chen Reviewed-by: Nicolin Chen Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/6-v4-6416877274e1+1af-smmuv3_tidy_jgg@nvidia.com Signed-off-by: Will Deacon commit 47b2de35cab2b683f69d03515c2658c2d8515323 Author: Jason Gunthorpe Date: Fri Sep 6 12:47:52 2024 -0300 iommu/arm-smmu-v3: Do not use devm for the cd table allocations The master->cd_table is entirely contained within the struct arm_smmu_master which is guaranteed to be freed by the core code under arm_smmu_release_device(). There is no reason to use devm here, arm_smmu_free_cd_tables() is reliably called to free the CD related memory. Remove it and save some memory. Tested-by: Nicolin Chen Reviewed-by: Nicolin Chen Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/5-v4-6416877274e1+1af-smmuv3_tidy_jgg@nvidia.com Signed-off-by: Will Deacon commit 8c153ef95697242b72646d2c4cf6c4b23ccf35a3 Author: Jason Gunthorpe Date: Fri Sep 6 12:47:51 2024 -0300 iommu/arm-smmu-v3: Remove strtab_base/cfg These values can be computed from the other values already stored in the config. Move the calculation to arm_smmu_write_strtab() and do it directly before writing the registers. This moves all the logic to calculate the two registers into one function from three and saves an unimportant 16 bytes from the arm_smmu_device. Suggested-by: Nicolin Chen Reviewed-by: Nicolin Chen Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/4-v4-6416877274e1+1af-smmuv3_tidy_jgg@nvidia.com Signed-off-by: Will Deacon commit 85196f54743d97b0678e7889df72fdcc58ab2b02 Author: Jason Gunthorpe Date: Fri Sep 6 12:47:50 2024 -0300 iommu/arm-smmu-v3: Reorganize struct arm_smmu_strtab_cfg The members here are being used for both the linear and the 2 level case, with the meaning of each item slightly different in the two cases. Split it into a clean union where both cases have their own struct with their own logical names and correct types. Adjust all the users to detect linear/2lvl and use the right sub structure and types consistently. Remove STRTAB_STE_DWORDS by changing the last places to use sizeof(struct arm_smmu_ste). Tested-by: Nicolin Chen Reviewed-by: Nicolin Chen Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/3-v4-6416877274e1+1af-smmuv3_tidy_jgg@nvidia.com Signed-off-by: Will Deacon commit abb4f9d323a8d53870cc842d3c5024f71c2d4951 Author: Jason Gunthorpe Date: Fri Sep 6 12:47:49 2024 -0300 iommu/arm-smmu-v3: Add types for each level of the 2 level stream table Add types struct arm_smmu_strtab_l1 and l2 to represent the HW layout of the descriptors, and use them in most places, following patches will get the remaing places. The size of the l1 and l2 HW allocations are sizeof(struct arm_smmu_strtab_l1/2). This provides some more clarity than having raw __le64 *'s and sizes computed via macros. Remove STRTAB_L1_DESC_DWORDS. Tested-by: Nicolin Chen Reviewed-by: Nicolin Chen Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/2-v4-6416877274e1+1af-smmuv3_tidy_jgg@nvidia.com Signed-off-by: Will Deacon commit ce410410f1a7db0259ca9282a285fb80fd553b8c Author: Jason Gunthorpe Date: Fri Sep 6 12:47:48 2024 -0300 iommu/arm-smmu-v3: Add arm_smmu_strtab_l1/2_idx() Don't open code the calculations of the indexes for each level, provide two functions to do that math and call them in all the places. Update all the places computing indexes. Calculate the L1 table size directly based on the max required index from the cap. Remove STRTAB_L1_SZ_SHIFT in favour of STRTAB_NUM_L2_STES. Use STRTAB_NUM_L2_STES to replace remaining open coded 1 << STRTAB_SPLIT. Tested-by: Nicolin Chen Reviewed-by: Nicolin Chen Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/1-v4-6416877274e1+1af-smmuv3_tidy_jgg@nvidia.com Signed-off-by: Will Deacon commit e6be129f4c1865ad6985a853439a75d1ad6fad78 Author: Alexandre Mergnat Date: Thu Sep 5 11:07:00 2024 +0200 arm64: defconfig: enable mt8365 sound Enable the MediaTek MT8365-EVK sound support. The audio feature is handled by the MT8365 SoC and the MT6357 PMIC codec audio. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://lore.kernel.org/r/20240226-audio-i350-v8-3-e80a57d026ce@baylibre.com Signed-off-by: Matthias Brugger commit e7e2941300d258d551dda6ca9a370e29e085fa73 Author: Masahiro Yamada Date: Thu Sep 5 08:47:38 2024 +0900 kbuild: split device tree build rules into scripts/Makefile.dtbs scripts/Makefile.lib is included not only from scripts/Makefile.build but also from scripts/Makefile.{modfinal,package,vmlinux,vmlinux_o}, where DT build rules are not required. Split the DT build rules out to scripts/Makefile.dtbs, and include it only when necessary. While I was here, I added $(DT_TMP_SCHEMA) as a prerequisite of $(multi-dtb-y). Signed-off-by: Masahiro Yamada Reviewed-by: Rob Herring (Arm) commit a9efc40fd601cf779eab4e420d8da3372e4302cf Author: Alexandre Mergnat Date: Thu Sep 5 11:07:02 2024 +0200 arm64: dts: mediatek: add audio support for mt8365-evk Add the sound node which is linked to the MT8365 SoC AFE and the MT6357 audio codec. Update the file header. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://lore.kernel.org/r/20240226-audio-i350-v8-5-e80a57d026ce@baylibre.com Signed-off-by: Matthias Brugger commit b4a3a52e5a6767fd86a7280e0156ce5c76ae7c1a Author: Alexandre Mergnat Date: Thu Sep 5 11:07:01 2024 +0200 arm64: dts: mediatek: add afe support for mt8365 SoC Add audio front end support of MT8365 SoC. Update the file header. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://lore.kernel.org/r/20240226-audio-i350-v8-4-e80a57d026ce@baylibre.com Signed-off-by: Matthias Brugger commit 3079fb09ddac159bd8bb87f6f15b924e265f8d4d Author: Chen-Yu Tsai Date: Wed Aug 21 12:28:34 2024 +0800 arm64: dts: mediatek: mt8186-corsola: Disable DPI display interface The DPI display interface feeds the external display pipeline. However the pipeline representation is currently incomplete. Efforts are still under way to come up with a way to represent the "creative" repurposing of the DP bridge chip's internal output mux, which is meant to support USB type-C orientation changes, to output to one of two type-C ports. Until that is finalized, the external display can't be fully described, and thus won't work. Even worse, the half complete graph potentially confuses the OS, breaking the internal display as well. Disable the external display interface across the whole Corsola family until the DP / USB Type-C muxing graph binding is ready. Reported-by: Alper Nebi Yasak Closes: https://lore.kernel.org/linux-mediatek/38a703a9-6efb-456a-a248-1dd3687e526d@gmail.com/ Fixes: 8855d01fb81f ("arm64: dts: mediatek: Add MT8186 Krabby platform based Tentacruel / Tentacool") Cc: Signed-off-by: Chen-Yu Tsai Tested-by: Alper Nebi Yasak Reviewed-by: Nícolas F. R. A. Prado Link: https://lore.kernel.org/r/20240821042836.2631815-1-wenst@chromium.org Signed-off-by: Matthias Brugger commit 14fde547d2aa116f7f74d3b31ea35a94e147a8a8 Author: Rohit Agarwal Date: Fri Aug 30 08:45:44 2024 +0000 arm64: dts: mediatek: mt8186: Add svs node Add clock/irq/efuse setting in svs nodes for mt8186 SoC. Signed-off-by: Rohit Agarwal Reviewed-by: Nícolas F. R. A. Prado Link: https://lore.kernel.org/r/20240830084544.2898512-4-rohiagar@chromium.org Signed-off-by: Matthias Brugger commit 7a3852a9ba2e40738fa4ddadb4e94ae68f3826a4 Author: Rohit Agarwal Date: Fri Aug 30 08:45:43 2024 +0000 arm64: dts: mediatek: mt8186: Add power domain for DPI Add power domain phandle to the DPI controller in mediatek mt8186 SoC. Signed-off-by: Rohit Agarwal Link: https://lore.kernel.org/r/20240830084544.2898512-3-rohiagar@chromium.org Signed-off-by: Matthias Brugger commit 51bc68debab9e30b50c6352315950f3cfc309b32 Author: Chen-Yu Tsai Date: Fri Aug 2 15:09:50 2024 +0800 arm64: dts: mediatek: mt8195: Correct clock order for dp_intf* The clocks for dp_intf* device nodes are given in the wrong order, causing the binding validation to fail. Fixes: 6c2503b5856a ("arm64: dts: mt8195: Add dp-intf nodes") Signed-off-by: Chen-Yu Tsai Reviewed-by: Nícolas F. R. A. Prado Link: https://lore.kernel.org/r/20240802070951.1086616-1-wenst@chromium.org Signed-off-by: Matthias Brugger commit 009d855a26fd6b79967b7293228f6c3029f86bfe Author: Pi-Hsun Shih Date: Mon Aug 19 20:05:55 2024 +0800 arm64: dts: mt8183: add dpi node to mt8183 Add dpi node to mt8183. Signed-off-by: Jitao Shi Signed-off-by: Pi-Hsun Shih Signed-off-by: Fabien Parent Signed-off-by: Pin-yen Lin Link: https://lore.kernel.org/r/20240819120735.1508789-1-treapking@chromium.org Signed-off-by: Matthias Brugger commit 63a4a9b52c3c7f86351710739011717a36652b72 Author: Zhen Lei Date: Wed Sep 4 21:39:41 2024 +0800 debugobjects: Remove redundant checks in fill_pool() fill_pool() checks locklessly at the beginning whether the pool has to be refilled. After that it checks locklessly in a loop whether the free list contains objects and repeats the refill check. If both conditions are true, it acquires the pool lock and tries to move objects from the free list to the pool repeating the same checks again. There are two redundant issues with that: 1) The repeated check for the fill condition 2) The loop processing The repeated check is pointless as it was just established that fill is required. The condition has to be re-evaluated under the lock anyway. The loop processing is not required either because there is practically zero chance that a repeated attempt will succeed if the checks under the lock terminate the moving of objects. Remove the redundant check and replace the loop with a simple if condition. [ tglx: Massaged change log ] Signed-off-by: Zhen Lei Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240904133944.2124-4-thunder.leizhen@huawei.com commit 684d28feb8546d1e9597aa363c3bfcf52fe250b7 Author: Zhen Lei Date: Wed Sep 4 21:39:40 2024 +0800 debugobjects: Fix conditions in fill_pool() fill_pool() uses 'obj_pool_min_free' to decide whether objects should be handed back to the kmem cache. But 'obj_pool_min_free' records the lowest historical value of the number of objects in the object pool and not the minimum number of objects which should be kept in the pool. Use 'debug_objects_pool_min_level' instead, which holds the minimum number which was scaled to the number of CPUs at boot time. [ tglx: Massage change log ] Fixes: d26bf5056fc0 ("debugobjects: Reduce number of pool_lock acquisitions in fill_pool()") Fixes: 36c4ead6f6df ("debugobjects: Add global free list and the counter") Signed-off-by: Zhen Lei Signed-off-by: Thomas Gleixner Cc: stable@vger.kernel.org Link: https://lore.kernel.org/all/20240904133944.2124-3-thunder.leizhen@huawei.com commit e4757c710ba27a1d499cf5941fc3950e9e542731 Author: Zhen Lei Date: Wed Sep 4 21:39:39 2024 +0800 debugobjects: Fix the compilation attributes of some global variables 1. Both debug_objects_pool_min_level and debug_objects_pool_size are read-only after initialization, change attribute '__read_mostly' to '__ro_after_init', and remove '__data_racy'. 2. Many global variables are read in the debug_stats_show() function, but didn't mask KCSAN's detection. Add '__data_racy' for them. Suggested-by: Thomas Gleixner Signed-off-by: Zhen Lei Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240904133944.2124-2-thunder.leizhen@huawei.com commit 5967a19f1c2ffb530f5d4589ddc4b4afbb6c7bd4 Author: Ilkka Koskinen Date: Fri Sep 6 12:15:39 2024 -0700 perf: arm_pmuv3: Use BR_RETIRED for HW branch event if enabled The PMU driver attempts to use PC_WRITE_RETIRED for the HW branch event, if enabled. However, PC_WRITE_RETIRED counts only taken branches, whereas BR_RETIRED counts also non-taken ones. Furthermore, perf uses HW branch event to calculate branch misses ratio, implying BR_RETIRED is the correct event to count. We keep PC_WRITE_RETIRED still as an option in case BR_RETIRED isn't implemented. Signed-off-by: Ilkka Koskinen Link: https://lore.kernel.org/r/20240906191539.4847-1-ilkka@os.amperecomputing.com Signed-off-by: Will Deacon commit 19eb465c969f3d6ed1b98506d3e470e863b41e16 Author: Dmitry Baryshkov Date: Sat Sep 7 21:48:12 2024 +0300 iommu/arm-smmu-qcom: apply num_context_bank fixes for SDM630 / SDM660 The Qualcomm SDM630 / SDM660 platform requires the same kind of workaround as MSM8998: some IOMMUs have context banks reserved by firmware / TZ, touching those banks resets the board. Apply the num_context_bank workaround to those two SMMU devices in order to allow them to be used by Linux. Fixes: b812834b5329 ("iommu: arm-smmu-qcom: Add sdm630/msm8998 compatibles for qcom quirks") Signed-off-by: Dmitry Baryshkov Reviewed-by: Bjorn Andersson Link: https://lore.kernel.org/r/20240907-sdm660-wifi-v1-1-e316055142f8@linaro.org Signed-off-by: Will Deacon commit 8026f2d8e8a95a638a6cb83858bc2bdeed60a865 Author: Frank Li Date: Mon Jul 29 16:18:17 2024 -0400 PCI: imx6: Call common PHY API to set mode, speed, and submode Invoke the common PHY API to configure mode, speed, and submode. While these functions are optional in the PHY interface, they are necessary for certain PHY drivers. Lack of support for these functions in a PHY driver does not cause harm. Link: https://lore.kernel.org/linux-pci/20240729-pci2_upstream-v8-10-b68ee5ef2b4d@nxp.com Signed-off-by: Frank Li Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam commit 4f1e478f75e9818983ce30b98ca6d2d8182952eb Author: Richard Zhu Date: Mon Jul 29 16:18:16 2024 -0400 dt-bindings: PCI: imx6q-pcie: Add i.MX8Q PCIe compatible string Add i.MX8Q PCIe "fsl,imx8q-pcie" compatible strings. clock-names align DesignWare Cores (DWC) common naming convension. Link: https://lore.kernel.org/linux-pci/20240729-pci2_upstream-v8-9-b68ee5ef2b4d@nxp.com Signed-off-by: Richard Zhu Signed-off-by: Frank Li [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam Reviewed-by: Rob Herring (Arm) Acked-by: Conor Dooley Acked-by: Manivannan Sadhasivam commit eea9ecebe2f8efed04a2ff67c2c9651f5cae571a Author: Frank Li Date: Mon Jul 29 16:18:15 2024 -0400 PCI: imx6: Consolidate redundant if-checks Consolidated redundant if-checks pertaining to imx_pcie->phy. Instead of two separate checks, merged them into one to improve code readability. Link: https://lore.kernel.org/linux-pci/20240729-pci2_upstream-v8-8-b68ee5ef2b4d@nxp.com Signed-off-by: Frank Li [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam commit 52ac41b5cd60e5182a5cd33d1ad44622c3d1cc05 Author: Frank Li Date: Mon Jul 29 16:18:14 2024 -0400 PCI: imx6: Improve comment for workaround ERR010728 Improve comment about workaround ERR010728 by using official errata document content, see: https://www.nxp.com/webapp/Download?colCode=IMX7DS_2N09P Link: https://lore.kernel.org/linux-pci/20240729-pci2_upstream-v8-7-b68ee5ef2b4d@nxp.com Signed-off-by: Frank Li [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam commit 5223084d1383a9b5a72989e173fb8b566766f49f Author: Frank Li Date: Mon Jul 29 16:18:13 2024 -0400 PCI: imx6: Simplify switch-case logic by involve core_reset callback Instead of using the switch case statement to assert/dassert the core reset handled by this driver itself, let's introduce a new callback core_reset() and define it for platforms that require it. This simplifies the code. Link: https://lore.kernel.org/linux-pci/20240729-pci2_upstream-v8-5-b68ee5ef2b4d@nxp.com Signed-off-by: Frank Li [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam commit 256867b74625a56ce1ff4bd89440c3fbbb357d18 Author: Frank Li Date: Mon Jul 29 16:18:12 2024 -0400 PCI: imx6: Introduce SoC specific callbacks for controlling REFCLK Instead of using the switch case statement to enable/disable the reference clock handled by this driver itself, let's introduce a new callback enable_ref_clk() and define it for platforms that require it. This simplifies the code. Link: https://lore.kernel.org/linux-pci/20240729-pci2_upstream-v8-5-b68ee5ef2b4d@nxp.com Signed-off-by: Frank Li [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam commit d657ea28d55037ef9a5e58d51aa757d981b8bfc2 Author: Frank Li Date: Mon Jul 29 16:18:11 2024 -0400 PCI: imx6: Rename imx6_* with imx_* Since this driver has evolved to support other i.MX SoCs such as i.MX7/8/9, thus rename the 'imx6' prefix to 'imx' to avoid confusion. The driver name is left unchanged to avoid breaking userspace. Link: https://lore.kernel.org/linux-pci/20240729-pci2_upstream-v8-3-b68ee5ef2b4d@nxp.com Signed-off-by: Frank Li [kwilczynski: commit log, refactor the IMX_* macros] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam commit 5b04d44d5c74e4d8aab1678496b84700b4b343fe Author: Frank Li Date: Mon Jul 29 16:18:10 2024 -0400 PCI: imx6: Fix missing call to phy_power_off() in error handling Fix missing call to phy_power_off() in the error path of imx6_pcie_host_init(). Remove unnecessary check for imx6_pcie->phy as the PHY API already handles NULL pointers. Fixes: cbcf8722b523 ("phy: freescale: imx8m-pcie: Fix the wrong order of phy_init() and phy_power_on()") Link: https://lore.kernel.org/linux-pci/20240729-pci2_upstream-v8-3-b68ee5ef2b4d@nxp.com Signed-off-by: Frank Li [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam Cc: # 6.1+ commit 5cb3aa92c7cf182940ae575c3f450d3708af087c Author: Richard Zhu Date: Mon Jul 29 16:18:09 2024 -0400 PCI: imx6: Fix i.MX8MP PCIe EP's occasional failure to trigger MSI Correct occasional MSI triggering failures in i.MX8MP PCIe EP by applying the correct hardware outbound alignment requirement. The i.MX platform has a restriction about outbound address translation. The pci-epc-mem uses page_size to manage it. Set the correct page_size for i.MX platform to meet the hardware requirement, which is the same as inbound address alignment. Thus, align it with epc_features::align. Fixes: 1bd0d43dcf3b ("PCI: imx6: Clean up addr_space retrieval code") Link: https://lore.kernel.org/linux-pci/20240729-pci2_upstream-v8-2-b68ee5ef2b4d@nxp.com Signed-off-by: Richard Zhu Signed-off-by: Frank Li [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam Acked-by: Jason Liu Cc: # 6.9+ commit 5214ff221a14cadab1e2ee29499750fd5e884feb Author: Richard Zhu Date: Mon Jul 29 16:18:08 2024 -0400 PCI: imx6: Fix establish link failure in EP mode for i.MX8MM and i.MX8MP Add IMX6_PCIE_FLAG_HAS_APP_RESET flag to IMX8MM_EP and IMX8MP_EP drvdata. This flag was overlooked during code restructuring. It is crucial to release the app-reset from the System Reset Controller before initiating LTSSM to rectify the issue. Fixes: 0c9651c21f2a ("PCI: imx6: Simplify reset handling by using *_FLAG_HAS_*_RESET") Link: https://lore.kernel.org/linux-pci/20240729-pci2_upstream-v8-1-b68ee5ef2b4d@nxp.com Signed-off-by: Richard Zhu Signed-off-by: Frank Li [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam Cc: # 6.9+ commit 59100eb248c0b15585affa546c7f6834b30eb5a4 Author: Maciej W. Rozycki Date: Fri Aug 9 14:25:02 2024 +0100 PCI: Use an error code with PCIe failed link retraining Given how the call place in pcie_wait_for_link_delay() got structured now, and that pcie_retrain_link() returns a potentially useful error code, convert pcie_failed_link_retrain() to return an error code rather than a boolean status, fixing handling at the call site mentioned. Update the other call site accordingly. Fixes: 1abb47390350 ("Merge branch 'pci/enumeration'") Link: https://lore.kernel.org/r/alpine.DEB.2.21.2408091156530.61955@angie.orcam.me.uk Reported-by: Ilpo Järvinen Link: https://lore.kernel.org/r/aa2d1c4e-9961-d54a-00c7-ddf8e858a9b0@linux.intel.com/ Signed-off-by: Maciej W. Rozycki Signed-off-by: Bjorn Helgaas Signed-off-by: Krzysztof Wilczyński Reviewed-by: Ilpo Järvinen Cc: # v6.5+ commit f877f1d81b2ffcac341ff62ae076d7ad5ba83f46 Author: Takashi Sakamoto Date: Mon Sep 9 23:00:18 2024 +0900 firewire: core: use mutex to coordinate concurrent calls to flush completions In current implementation, test_and_set_bit_lock() is used to mediate concurrent calls of ohci_flush_iso_completions(). However, the ad-hoc usage of atomic operations is not preferable. This commit uses mutex_trylock() as the similar operations. The core function is responsible for the mediation, instead of 1394 OHCI driver. Link: https://lore.kernel.org/r/20240909140018.65289-3-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit e97fb38fa1404abef72bac7de2c5bf2bbab4d93b Author: Takashi Sakamoto Date: Mon Sep 9 23:00:17 2024 +0900 firewire: core: move workqueue handler from 1394 OHCI driver to core function In current implementation, the work item for isochronous context executes the same procedure of fw_iso_context_flush_completions() internally. There is a space to refactor the implementation. This commit calls fw_iso_context_flush_completions() in the work item. It obsoletes fw_iso_context_init_work(). It also obsoletes a pair of disable_work_sync() and enable_work() since the usage of test_and_set_bit_lock() mediates concurrent call already. Link: https://lore.kernel.org/r/20240909140018.65289-2-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 712e49c967064a3a7a5738c6f65ac540a3f6a1df Author: Maciej W. Rozycki Date: Fri Aug 9 14:24:56 2024 +0100 PCI: Correct error reporting with PCIe failed link retraining Only return successful completion status from pcie_failed_link_retrain() if retraining has actually been done, preventing excessive delays from being triggered at call sites in a hope that communication will finally be established with the downstream device where in fact nothing has been done about the link in question that would justify such a hope. Fixes: a89c82249c37 ("PCI: Work around PCIe link training failures") Link: https://lore.kernel.org/r/alpine.DEB.2.21.2408091133260.61955@angie.orcam.me.uk Reported-by: Ilpo Järvinen Link: https://lore.kernel.org/r/aa2d1c4e-9961-d54a-00c7-ddf8e858a9b0@linux.intel.com/ Signed-off-by: Maciej W. Rozycki Signed-off-by: Bjorn Helgaas Signed-off-by: Krzysztof Wilczyński Reviewed-by: Ilpo Järvinen Cc: # v6.5+ commit f68dea13405c94381d08f42dbf0416261622bdad Author: Maciej W. Rozycki Date: Fri Aug 9 14:24:51 2024 +0100 PCI: Revert to the original speed after PCIe failed link retraining When `pcie_failed_link_retrain' has failed to retrain the link by hand it leaves the link speed restricted to 2.5GT/s, which will then affect any device that has been plugged in later on, which may not suffer from the problem that caused the speed restriction to have been attempted. Consequently such a downstream device will suffer from an unnecessary communication throughput limitation and therefore performance loss. Remove the speed restriction then and revert the Link Control 2 register to its original state if link retraining with the speed restriction in place has failed. Retrain the link again afterwards so as to remove any residual state, waiting on LT rather than DLLLA to avoid an excessive delay and ignoring the result as this training is supposed to fail anyway. Fixes: a89c82249c37 ("PCI: Work around PCIe link training failures") Link: https://lore.kernel.org/linux-pci/alpine.DEB.2.21.2408251412590.30766@angie.orcam.me.uk Reported-by: Matthew W Carlis Link: https://lore.kernel.org/r/20240806000659.30859-1-mattc@purestorage.com/ Link: https://lore.kernel.org/r/20240722193407.23255-1-mattc@purestorage.com/ Signed-off-by: Maciej W. Rozycki Signed-off-by: Bjorn Helgaas Signed-off-by: Krzysztof Wilczyński Reviewed-by: Ilpo Järvinen Cc: # v6.5+ commit 28fbfaf6bd1df94cccf1a5c009fe26b9bdccc2b6 Author: Takashi Iwai Date: Mon Sep 9 15:47:43 2024 +0200 ALSA: hda: Use non-SG allocation for the communication buffers The azx_bus->dma_type is referred only for allocating the communication buffers like CORB/RIRB, and the allocation size is small. Hence it doesn't have to be S/G buffer allocation, which is an obvious overkill. Use the standard SNDRV_DMA_TYPE_DEV_WC instead. This was changed to SNDRV_DMA_TYPE_DEV_WC_SG in the commit 37137ec26c2c ("ALSA: hda: Once again fix regression of page allocations with IOMMU") as a workaround for IOMMU-backed allocations. But this is no longer needed since the allocation with SNDRV_DMA_TYPE_DEV_WC itself was fixed in the commit 9c27301342a5 ("ALSA: memalloc: Use DMA API for x86 WC page allocations, too"). So this patch reverts the previous workaround in this piece of code. Link: https://patch.msgid.link/20240909134744.25426-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 8037ac08c2bbb3186f83a5a924f52d1048dbaec5 Author: Maciej W. Rozycki Date: Fri Aug 9 14:24:46 2024 +0100 PCI: Clear the LBMS bit after a link retrain The LBMS bit, where implemented, is set by hardware either in response to the completion of retraining caused by writing 1 to the Retrain Link bit or whenever hardware has changed the link speed or width in attempt to correct unreliable link operation. It is never cleared by hardware other than by software writing 1 to the bit position in the Link Status register and we never do such a write. We currently have two places, namely apply_bad_link_workaround() and pcie_failed_link_retrain() in drivers/pci/controller/dwc/pcie-tegra194.c and drivers/pci/quirks.c respectively where we check the state of the LBMS bit and neither is interested in the state of the bit resulting from the completion of retraining, both check for a link fault. And in particular pcie_failed_link_retrain() causes issues consequently, by trying to retrain a link where there's no downstream device anymore and the state of 1 in the LBMS bit has been retained from when there was a device downstream that has since been removed. Clear the LBMS bit then at the conclusion of pcie_retrain_link(), so that we have a single place that controls it and that our code can track link speed or width changes resulting from unreliable link operation. Fixes: a89c82249c37 ("PCI: Work around PCIe link training failures") Link: https://lore.kernel.org/r/alpine.DEB.2.21.2408091133140.61955@angie.orcam.me.uk Reported-by: Matthew W Carlis Link: https://lore.kernel.org/r/20240806000659.30859-1-mattc@purestorage.com/ Link: https://lore.kernel.org/r/20240722193407.23255-1-mattc@purestorage.com/ Signed-off-by: Maciej W. Rozycki Signed-off-by: Bjorn Helgaas Signed-off-by: Krzysztof Wilczyński Cc: # v6.5+ commit fa1ab1b46608f6fdc155203c6e4aa7f3da1db434 Author: Thorsten Blum Date: Mon Aug 26 12:11:36 2024 +0200 bcachefs: Annotate bch_replicas_entry_{v0,v1} with __counted_by() Add the __counted_by compiler attribute to the flexible array members devs to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Increment nr_devs before adding a new device to the devs array and adjust the array indexes accordingly. Add a helper macro for adding a new device. In bch2_journal_read(), explicitly set nr_devs to 0. Signed-off-by: Thorsten Blum Signed-off-by: Kent Overstreet commit c24adfa0dfc2754f11d91576eabe188671c97209 Author: Hongbo Li Date: Sat Aug 24 09:27:24 2024 +0800 bcachefs: support idmap mounts We enable idmapped mounts for bcachefs. Here, we just pass down the user_namespace argument from the VFS methods to the relevant helpers. The idmap test in bcachefs is as following: ``` 1. losetup /dev/loop1 bcachefs.img 2. ./bcachefs format /dev/loop1 3. mount -t bcachefs /dev/loop1 /mnt/bcachefs/ 4. ./mount-idmapped --map-mount b:0:1000:1 /mnt/bcachefs /mnt/idmapped1/ ll /mnt/bcachefs total 2 drwx------. 2 root root 0 Jun 14 14:10 lost+found -rw-r--r--. 1 root root 1945 Jun 14 14:12 profile ll /mnt/idmapped1/ total 2 drwx------. 2 1000 1000 0 Jun 14 14:10 lost+found -rw-r--r--. 1 1000 1000 1945 Jun 14 14:12 profile Signed-off-by: Hongbo Li Reviewed-by: Christian Brauner Signed-off-by: Kent Overstreet commit 86e92eeeb23741a072fe7532db663250ff2e726a Author: Thorsten Blum Date: Sat Aug 24 15:57:41 2024 +0200 bcachefs: Annotate struct bch_xattr with __counted_by() Add the __counted_by compiler attribute to the flexible array member x_name to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Signed-off-by: Thorsten Blum Signed-off-by: Kent Overstreet commit 2c6a7bff2a2eb2d7f183fbe1e9800ae278f415c7 Author: Kent Overstreet Date: Sat Aug 24 11:38:21 2024 -0400 bcachefs: Switch gc bucket array to a genradix A user with a 30 tb device is overflowing the INT_MAX limit on vmalloc allocations... Signed-off-by: Kent Overstreet commit a803fa551d53e4504a8dfca57817319f71030e2c Author: Kent Overstreet Date: Thu Aug 22 03:50:22 2024 -0400 bcachefs: darray: convert to alloc_hooks() better memory allocation profiling support Signed-off-by: Kent Overstreet commit 848c3ff8826b68a587f84f1b00556ab8af651bef Author: Chen Yufan Date: Thu Aug 22 10:57:31 2024 +0800 bcachefs: Convert to use jiffies macros Use jiffies macros instead of using jiffies directly to handle wraparound. Signed-off-by: Chen Yufan Signed-off-by: Kent Overstreet commit 94932a0842ccebe413cd8205632a537f275c100d Author: Alan Huang Date: Thu Aug 15 23:40:53 2024 +0800 bcachefs: Refactor bch2_bset_fix_lookup_table bch2_bset_fix_lookup_table is too complicated to be easily understood, the comment "l now > where" there is also incorrect when where == t->end_offset. This patch therefore refactor the function, the idea is that when where >= rw_aux_tree(b, t)[t->size - 1].offset, we don't need to adjust the rw aux tree. Signed-off-by: Alan Huang Signed-off-by: Kent Overstreet commit f1625637b85191a0ac6f9ebf2b30d8b335f08547 Author: Kent Overstreet Date: Sun Jun 30 09:25:56 2024 -0400 bcachefs: Assert that we don't lock nodes when !trans->locked We rely on the trans->locked to know if a trans has nodes locked for assertions about deadlocks; there can't be more than one trans in the same process that is locked. Signed-off-by: Kent Overstreet commit a8cdf0ff46643305be6ae2d580d140bb3832af39 Author: Matthew Wilcox (Oracle) Date: Tue Aug 20 05:10:11 2024 +0100 bcachefs: Do not check folio_has_private() folio_has_private() is an attractive nuisance; filesystem authors generally don't realise that it actually checks two flags (one of which is never set by bcachefs). There's no need to check the private flag at all; for folios owned by bcachefs, we know that folio->private is NULL when the private flag is clear and non-NULL when the private flag is set. Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Kent Overstreet commit fdbc9c390ade238383f5a24e4b32e49550dc90e4 Author: Kent Overstreet Date: Mon Aug 19 15:33:38 2024 -0400 bcachefs: bch2_time_stats_reset() Signed-off-by: Kent Overstreet commit b36f679c99889bbe9c48e09f7c175d1058823ae8 Author: Kent Overstreet Date: Mon Aug 19 15:11:20 2024 -0400 bcachefs: Drop memalloc_nofs_save() in bch2_btree_node_mem_alloc() It's really not needed: the only locks used here are the btree cache lock, which we drop for GFP_WAIT allocations, and btree node locks - but we also drop those for GFP_WAIT allocations. Signed-off-by: Kent Overstreet commit 42386fbaee1dd41f2c1ad41301a43454e808322c Author: Youling Tang Date: Thu Aug 15 16:57:44 2024 +0800 bcachefs: Simplify bch2_xattr_emit() implementation Use helper functions to make code more readable. Similar to commit a5488f29835c ("fs: simplify ->listxattr() implementation") Signed-off-by: Youling Tang Signed-off-by: Kent Overstreet commit d3f30f16294cc8e58ef14f934874ed7b3ec15b71 Author: Youling Tang Date: Thu Aug 15 16:57:43 2024 +0800 bcachefs: drop unused posix acl handlers Remove struct nop_posix_acl_{access,default} for bcachefs filesystem that don't depend on the xattr handler in their inode->i_op->listxattr() method in any way. There's nothing more to do than to simply remove the handler. It's been effectively unused ever since we introduced the new posix acl api. See [1] for details. Link [1]: https://patchwork.kernel.org/project/linux-fsdevel/cover/20230125-fs-acl-remove-generic-xattr-handlers-v3-0-f760cc58967d@kernel.org/ Signed-off-by: Youling Tang Signed-off-by: Kent Overstreet commit 5935bf3341b82bc76f1d816842273c06615aa727 Author: Alan Huang Date: Wed Aug 14 22:20:07 2024 +0800 bcachefs: Remove unused parameter iter here is unused, remove it. Signed-off-by: Alan Huang Signed-off-by: Kent Overstreet commit 3130303bd9b7bda1550b880c9843c44a16932feb Author: Alan Huang Date: Mon Aug 12 17:04:04 2024 +0800 bcachefs: Remove the prev array stuff After reducing the search range when building the aux tree, the prev array stuff is no longer useful, so remove it. Signed-off-by: Alan Huang Signed-off-by: Kent Overstreet commit 5d01101284a3286ee600e81bde4e4e7e46385ccc Author: Alan Huang Date: Mon Aug 12 16:06:09 2024 +0800 bcachefs: Minimize the search range used to calculate the mantissa When the search key's mantissa is larger than the node i's, we know that the search key is larger than the first key of the cacheline corresponding to node i, so that when we are calculating the mantissa of right side nodes of node i, the left side of the search range can be the first key of node i. Once the search range is minimized, the mantissa we are calculating can have more useful bits, thus reduce the slow path comparison. Besides, we can now remove all the prev array stuff. Signed-off-by: Alan Huang Signed-off-by: Kent Overstreet commit 288a6690eb51c507a28cb599944096e4d3c42e94 Author: Alan Huang Date: Sun Aug 11 00:11:46 2024 +0800 bcachefs: Convert open-coded extra computation to helper This patch replaces open-coded extra computation to eytzinger1_extra. Signed-off-by: Alan Huang Signed-off-by: Kent Overstreet commit 6cca8319e017d1732ef4c951952109d9ca8506c0 Author: Alan Huang Date: Sat Aug 10 23:51:40 2024 +0800 bcachefs: Remove dead code in __build_ro_aux_tree This logic is no longer useful since commit 3ce8b463e3e0 ("bcachefs: kill bset_tree->max_key"), so remove it. Signed-off-by: Alan Huang Signed-off-by: Kent Overstreet commit 89ae9a04b2fff507395ef0a6958bfc4f75886f7e Author: Alan Huang Date: Sun Aug 11 00:52:25 2024 +0800 bcachefs: Remove unused parameter of bkey_mantissa_bits_dropped The idx parameter of bkey_mantissa_bits_dropped is unused, remove it. Signed-off-by: Alan Huang Signed-off-by: Kent Overstreet commit 2a463e948a31b02bf9bb4f70b5e9ee71ce3f4ce1 Author: Alan Huang Date: Sun Aug 11 00:52:24 2024 +0800 bcachefs: Remove unused parameter of bkey_mantissa The idx parameter of bkey_mantissa became unused since commit b904a7991802 ("bcachefs: Go back to 16 bit mantissa bkey floats"), so remove it. Signed-off-by: Alan Huang Signed-off-by: Kent Overstreet commit 59a1a62a4227b4cb5c2e197de4aa1c727f68e4c7 Author: Kent Overstreet Date: Thu Aug 8 11:40:47 2024 -0400 bcachefs: bch2_sb_nr_devices() factoring out a helper Signed-off-by: Kent Overstreet commit 11827dba08e8b909076fe3a40f0a99a6e3d84eef Author: Kent Overstreet Date: Wed Aug 7 15:44:57 2024 -0400 bcachefs: trivial open_bucket_add_buckets() cleanup Signed-off-by: Kent Overstreet commit d89b35d83ee398bda2b4294ef7c6a2ab663044cf Author: Xiaxi Shen Date: Wed Aug 7 00:10:05 2024 -0700 bcachefs: Fix a spelling error in docs Signed-off-by: Xiaxi Shen Signed-off-by: Kent Overstreet commit c7652f253a6d590f5263b0f21ff78f58875ab412 Author: Kent Overstreet Date: Wed Jul 31 23:56:04 2024 -0400 bcachefs: promote_whole_extents is now a normal option Signed-off-by: Kent Overstreet commit cfd273f1ae8e5bb29a8ff3a7f7b57a55d065e117 Author: Kent Overstreet Date: Wed Jul 31 23:39:49 2024 -0400 bcachefs: Move rebalance_status out of sysfs/internal Signed-off-by: Kent Overstreet commit 26c0900d859c47d4bccc05acbc17ac33fa774852 Author: Julian Sun Date: Sun Jul 21 08:55:20 2024 -0400 bcachefs: remove the unused parameter in macro bkey_crc_next In the macro definition of bkey_crc_next, five parameters were accepted, but only four of them were used. Let's remove the unused one. The patch has only passed compilation tests, but it should be fine. Signed-off-by: Julian Sun Signed-off-by: Kent Overstreet commit 4d05a083b34f8f31a095402e75cc156fd9c3b257 Author: Julian Sun Date: Sun Jul 21 08:45:47 2024 -0400 bcachefs: fix macro definition allocate_dropping_locks The macro allocate_dropping_locks accepts a parameter _trans, but it was not used, rather the variable trans was directly used, which may be a local variable inside a function that calls the macros. Signed-off-by: Julian Sun Signed-off-by: Kent Overstreet commit ba8c52e2b115b88a5d5836485c1945f86df3ba5d Author: Julian Sun Date: Sun Jul 21 08:44:24 2024 -0400 bcachefs: fix macro definition allocate_dropping_locks_errcode The macro allocate_dropping_locks_errocode accepts a parameter _trans, but it was not used, rather the variable trans was directly used, which may be a local variable inside a function that calls the macros. Signed-off-by: Julian Sun Signed-off-by: Kent Overstreet commit 23fcd5f40aeff17e7a97d5fd24e0303799f6ece7 Author: Julian Sun Date: Sun Jul 21 08:43:24 2024 -0400 bcachefs: remove the unused macro definition macro bch2_kthread_wait_event_ioclock_timeout is no longer used, let's remove it. The patch has passed compilation test. Signed-off-by: Julian Sun Signed-off-by: Kent Overstreet commit 668c95515580be9f10b58dcd64cc28c03a733da8 Author: Kent Overstreet Date: Wed Jul 17 13:24:28 2024 -0400 bcachefs: quota_reserve_range() -> for_each_btree_key_in_subvolume_upto Signed-off-by: Kent Overstreet commit 093dd55d192c01f055476d7c6f017ca84fc9e167 Author: Kent Overstreet Date: Wed Jul 17 13:34:35 2024 -0400 bcachefs: bch2_folio_set() -> for_each_btree_key_in_subvolume_upto Signed-off-by: Kent Overstreet commit c95285d17ec6072054bb4e0423d2d0eab67f6aa6 Author: Kent Overstreet Date: Wed Jul 17 13:30:23 2024 -0400 bcachefs: range_has_data() -> for_each_btree_key_in_subvolume_upto Signed-off-by: Kent Overstreet commit 330405057fae56f2f21055851a5a816626679226 Author: Kent Overstreet Date: Wed Jul 17 13:28:23 2024 -0400 bcachefs: bch2_seek_hole() -> for_each_btree_key_in_subvolume_upto Signed-off-by: Kent Overstreet commit 9f9e7f50af0d62b357aff1d0c4afc8fe96bc8953 Author: Kent Overstreet Date: Wed Jul 17 13:26:54 2024 -0400 bcachefs: bch2_seek_data() -> for_each_btree_key_in_subvolume_upto Signed-off-by: Kent Overstreet commit 3da106cd1bde9654bcc7837aed62850519684526 Author: Kent Overstreet Date: Wed Jul 17 13:24:28 2024 -0400 bcachefs: bch2_xattr_list() -> for_each_btree_key_in_subvolume_upto Signed-off-by: Kent Overstreet commit efdb77a25baf78318bbf893e754a07158ab1bd01 Author: Kent Overstreet Date: Wed Jul 17 13:24:28 2024 -0400 bcachefs: bch2_readdir() -> for_each_btree_key_in_subvolume_upto Signed-off-by: Kent Overstreet commit 0215b91804621d443b96cee83e7e7d18445e856b Author: Kent Overstreet Date: Wed Jul 17 12:59:51 2024 -0400 bcachefs: for_each_btree_key_in_subvolume_upto() New helper for looping over keys in a given subvolume Signed-off-by: Kent Overstreet commit 1a3158ece59c7444b98124805d142be13c9d560b Author: Kent Overstreet Date: Wed Jul 17 11:50:54 2024 -0400 bcachefs: bch2_fiemap(): call trans_begin() on every loop iter Signed-off-by: Kent Overstreet commit 7e7595723c659e91d1f2597574b6fe77b67858bf Author: Kent Overstreet Date: Wed Jul 17 11:47:01 2024 -0400 bcachefs: bchfs_read(): call trans_begin() on every loop iter Same as the recent change for __bch2_read(); also, kill now unnecessary btree_trans_too_many_iters() calls. Signed-off-by: Kent Overstreet commit 804baca7458a45ab70b985a89ed5349c182b4837 Author: Kent Overstreet Date: Wed Jul 17 11:42:11 2024 -0400 bcachefs: kill bch2_btree_iter_peek_and_restart() dead code Signed-off-by: Kent Overstreet commit 32ed4a620c5405be73a59c6407bd2c6dae9d50c3 Author: Kent Overstreet Date: Wed Aug 10 19:57:46 2022 -0400 bcachefs: Btree path tracepoints Fastpath tracepoints, rarely needed, only enabled with CONFIG_BCACHEFS_PATH_TRACEPOINTS. Signed-off-by: Kent Overstreet commit abbfc4db50e27ab0d7b5315452bc8faa5eeb19df Author: Kent Overstreet Date: Tue Jul 16 17:23:10 2024 -0400 bcachefs: Add check for btree_path ref overflow Signed-off-by: Kent Overstreet commit 094c6a9f5cd567e9fe0e9f0616157a7e6369566e Author: Youling Tang Date: Wed Jul 3 15:09:55 2024 +0800 bcachefs: Mark bch_inode_info as SLAB_ACCOUNT After commit 230e9fc28604 ("slab: add SLAB_ACCOUNT flag"), we need to mark the inode cache as SLAB_ACCOUNT, similar to commit 5d097056c9a0 ("kmemcg: account for certain kmem allocations to memcg") Signed-off-by: Youling Tang Signed-off-by: Kent Overstreet commit 082330c361944a234db42750792b491f3b76d43b Author: Youling Tang Date: Tue Jul 16 10:58:16 2024 +0800 bcachefs: allocate inode by using alloc_inode_sb() The inode allocation is supposed to use alloc_inode_sb(), so convert kmem_cache_alloc() to alloc_inode_sb(). It will also fix [1] to avoid the NULL pointer dereference BUG in list_lru_add() when CONFIG_MEMCG is enabled. Links: [1]: https://lore.kernel.org/all/20589721-46c0-4344-b2ef-6ab48bbe2ea5@linux.dev/ [2]: https://lore.kernel.org/all/7db60e36-9c96-4938-a28d-a9745e287386@linux.dev/ Fixes: 86d81ec5f5f0 ("bcachefs: Mark bch_inode_info as SLAB_ACCOUNT") Signed-off-by: Youling Tang Signed-off-by: Kent Overstreet commit 9092a38a3dfd70326a47eb8d3ff57e995e770ed4 Author: Kent Overstreet Date: Mon Jul 15 19:54:51 2024 -0400 bcachefs: Opt_durability can now be set via bch2_opt_set_sb() Signed-off-by: Kent Overstreet commit 4aedeac5703e06f5e9c1eeee6f77136bcc15afdb Author: Kent Overstreet Date: Mon Jul 15 19:26:46 2024 -0400 bcachefs: bch2_opt_set_sb() can now set (some) device options Signed-off-by: Kent Overstreet commit afefc986b7d04c67de870558f76a7d0e7293eac5 Author: Kent Overstreet Date: Mon Jul 15 16:53:49 2024 -0400 bcachefs: data_allowed is now an opts.h option need this so cmd_option in userspace can handle it Signed-off-by: Kent Overstreet commit 8573dd3474e8ec067b3c0c80d591c6de1d94e1e9 Author: Thorsten Blum Date: Wed Aug 21 18:29:22 2024 +0200 bcachefs: Annotate struct bucket_array with __counted_by() Add the __counted_by compiler attribute to the flexible array member bucket to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Signed-off-by: Thorsten Blum Signed-off-by: Kent Overstreet commit 5396e5af3c1032b659bd6b1c1ec18e8af275a746 Author: Nathan Chancellor Date: Wed Aug 21 13:43:03 2024 -0700 bcachefs: Fix format specifier in bch2_btree_key_cache_to_text() When building for a 32-bit architecture, for which 'size_t' is 'unsigned int', there is a compiler warning due to use of '%lu': In file included from fs/bcachefs/vstructs.h:5, from fs/bcachefs/bcachefs_format.h:80, from fs/bcachefs/bcachefs.h:207, from fs/bcachefs/btree_key_cache.c:3: fs/bcachefs/btree_key_cache.c: In function 'bch2_btree_key_cache_to_text': fs/bcachefs/btree_key_cache.c:795:25: error: format '%lu' expects argument of type 'long unsigned int', but argument 3 has type 'size_t' {aka 'unsigned int'} [-Werror=format=] 795 | prt_printf(out, "pending:\t%lu\r\n", per_cpu_sum(bc->nr_pending)); | ^~~~~~~~~~~~~~~~~~~ fs/bcachefs/util.h:78:63: note: in definition of macro 'prt_printf' 78 | #define prt_printf(_out, ...) bch2_prt_printf(_out, __VA_ARGS__) | ^~~~~~~~~~~ fs/bcachefs/btree_key_cache.c:795:38: note: format string is defined here 795 | prt_printf(out, "pending:\t%lu\r\n", per_cpu_sum(bc->nr_pending)); | ~~^ | | | long unsigned int | %u cc1: all warnings being treated as errors Use the proper specifier, '%zu', to resolve the warning. Fixes: e447e49977b8 ("bcachefs: key cache can now allocate from pending") Signed-off-by: Nathan Chancellor Signed-off-by: Kent Overstreet commit 5f1929f1f077d3997ab8cd4a8136aad304b0e9df Author: Kent Overstreet Date: Thu Jun 13 15:35:47 2024 -0400 bcachefs: key cache can now allocate from pending btree_trans objects can hold the btree_trans_barrier srcu read lock for an extended amount of time (they shouldn't, but it's difficult to guarantee). the srcu barrier blocks memory reclaim, so to avoid too many stranded key cache items, this uses the new pending_rcu_items to allocate from pending items - like we did before, but now without a global lock on the key cache. Signed-off-by: Kent Overstreet commit f2bfe7e83765f3bd84382cc75d8ac3ca619de39a Author: Kent Overstreet Date: Sat Jun 8 22:32:40 2024 -0400 bcachefs: Rip out freelists from btree key cache Signed-off-by: Kent Overstreet commit d2ed0f206a9d8b3add18879f39dd128ff55e4d77 Author: Kent Overstreet Date: Fri Aug 23 18:21:31 2024 -0400 bcachefs: rcu_pending now works in userspace Signed-off-by: Kent Overstreet commit 8e973a4f3c74824ef03ed06006726321bc2346d6 Author: Kent Overstreet Date: Mon Jun 10 20:47:03 2024 -0400 bcachefs: rcu_pending Generic data structure for explicitly tracking pending RCU items, allowing items to be dequeued (i.e. allocate from items pending freeing). Works with conventional RCU and SRCU, and possibly other RCU flavors in the future, meaning this can serve as a more generic replacement for SLAB_TYPESAFE_BY_RCU. Pending items are tracked in radix trees; if memory allocation fails, we fall back to linked lists. A rcu_pending is initialized with a callback, which is invoked when pending items's grace periods have expired. Two types of callback processing are handled specially: - RCU_PENDING_KVFREE_FN New backend for kvfree_rcu(). Slightly faster, and eliminates the synchronize_rcu() slowpath in kvfree_rcu_mightsleep() - instead, an rcu_head is allocated if we don't have one and can't use the radix tree TODO: - add a shrinker (as in the existing kvfree_rcu implementation) so that memory reclaim can free expired objects if callback processing isn't keeping up, and to expedite a grace period if we're under memory pressure and too much memory is stranded by RCU - add a counter for amount of memory pending - RCU_PENDING_CALL_RCU_FN Accelerated backend for call_rcu() - pending callbacks are tracked in a radix tree to eliminate linked list overhead. to serve as replacement backends for kvfree_rcu() and call_rcu(); these may be of interest to other uses (e.g. SLAB_TYPESAFE_BY_RCU users). Note: Internally, we're using a single rearming call_rcu() callback for notifications from the core RCU subsystem for notifications when objects are ready to be processed. Ideally we would be getting a callback every time a grace period completes for which we have objects, but that would require multiple rcu_heads in flight, and since the number of gp sequence numbers with uncompleted callbacks is not bounded, we can't do that yet. Signed-off-by: Kent Overstreet commit b3f9da79e7783ca4f1c1d4214af976c548629c1d Author: Kent Overstreet Date: Sat Aug 10 23:14:44 2024 -0400 lib/generic-radix-tree.c: add preallocation Signed-off-by: Kent Overstreet commit f6594633817374a64a5fb31007bd810cad1425ff Author: Kent Overstreet Date: Mon Jun 17 19:00:33 2024 -0400 lib/generic-radix-tree.c: genradix_ptr_inlined() Provide an inlined fast path Signed-off-by: Kent Overstreet commit 54f7702466b3a10b9a81e3c1c2c9da33df7a655f Author: Kent Overstreet Date: Fri Aug 16 12:31:53 2024 -0400 bcachefs: Fix deadlock in __wait_on_freeing_inode() We can't call __wait_on_freeing_inode() with btree locks held; we're waiting on another thread that's in evict(), and before it clears that bit it needs to write that inode to flush timestamps - deadlock. Fixing this involves a fair amount of re-jiggering to plumb a new transaction restart. Signed-off-by: Kent Overstreet commit 112d21fd1a122f778c383aa44d5448f4da9518c3 Author: Kent Overstreet Date: Sat Jun 8 21:41:01 2024 -0400 bcachefs: switch to rhashtable for vfs inodes hash the standard vfs inode hash table suffers from painful lock contention - this is long overdue Signed-off-by: Kent Overstreet commit 88d2ae0e6eb84e1ed58f339c6a0de16c24fa2a60 Author: Kent Overstreet Date: Thu Aug 8 11:18:21 2024 -0400 inode: make __iget() a static inline bcachefs is switching to an rhashtable for vfs inodes instead of the standard inode.c hashtable, so we need this exported, or - a static inline makes more sense for a single atomic_inc(). Signed-off-by: Kent Overstreet commit 27663d7784b5dfd354a968e06b26452dc93f2a16 Author: Reed Riley Date: Thu Sep 5 16:59:29 2024 +0000 bcachefs: Replace div_u64 with div64_u64 where second param is u64 Bcachefs often uses this function to divide by nanosecond times - which can easily cause problems when cast to u32. For example, `cat /sys/fs/bcachefs/*/internal/rebalance_status` would return invalid data in the `duration waited` field because dividing by the number of nanoseconds in a minute requires the divisor parameter to be u64. Signed-off-by: Reed Riley Signed-off-by: Kent Overstreet commit 36f0af4f44a4e465b0af4bf188d780511c1ca189 Author: Feiko Nanninga Date: Sun Sep 1 19:08:05 2024 +0200 bcachefs: Fix sysfs rebalance duration waited formatting cat /sys/fs/bcachefs/*/internal/rebalance_status waiting io wait duration: 13.5 GiB io wait remaining: 627 MiB duration waited: 1392 m duration waited was increasing at a rate of about 14 times the expected rate. div_u64 takes a u32 divisor, but u->nsecs (from time_units[]) can be bigger than u32. Signed-off-by: Feiko Nanninga Signed-off-by: Kent Overstreet commit a3ed1cc4136df01e74a8b6df8c562db69e752bad Author: Alyssa Ross Date: Sat Sep 7 18:00:26 2024 +0200 bcachefs: Fix negative timespecs This fixes two problems in the handling of negative times: • rem is signed, but the rem * c->sb.nsec_per_time_unit operation produced a bogus unsigned result, because s32 * u32 = u32. • The timespec was not normalized (it could contain more than a billion nanoseconds). For example, { .tv_sec = -14245441, .tv_nsec = 750000000 }, after being round tripped through timespec_to_bch2_time and then bch2_time_to_timespec would come back as { .tv_sec = -14245440, .tv_nsec = 4044967296 } (more than 4 billion nanoseconds). Cc: stable@vger.kernel.org Fixes: 595c1e9bab7f ("bcachefs: Fix time handling") Closes: https://github.com/koverstreet/bcachefs/issues/743 Co-developed-by: Erin Shepherd Signed-off-by: Erin Shepherd Co-developed-by: Ryan Lahfa Signed-off-by: Ryan Lahfa Signed-off-by: Alyssa Ross Signed-off-by: Kent Overstreet commit e62d39332d4b9400a69ba902797aa17a1a0037e7 Author: Nathan Chancellor Date: Thu Aug 29 11:14:54 2024 -0700 xfrm: policy: Restore dir assignments in xfrm_hash_rebuild() Clang warns (or errors with CONFIG_WERROR): net/xfrm/xfrm_policy.c:1286:8: error: variable 'dir' is uninitialized when used here [-Werror,-Wuninitialized] 1286 | if ((dir & XFRM_POLICY_MASK) == XFRM_POLICY_OUT) { | ^~~ net/xfrm/xfrm_policy.c:1257:9: note: initialize the variable 'dir' to silence this warning 1257 | int dir; | ^ | = 0 1 error generated. A recent refactoring removed some assignments to dir because xfrm_policy_is_dead_or_sk() has a dir assignment in it. However, dir is used elsewhere in xfrm_hash_rebuild(), including within loops where it needs to be reloaded for each policy. Restore the assignments before the first use of dir to fix the warning and ensure dir is properly initialized throughout the function. Fixes: 08c2182cf0b4 ("xfrm: policy: use recently added helper in more places") Acked-by: Florian Westphal Signed-off-by: Nathan Chancellor Signed-off-by: Steffen Klassert commit 6a13f5afd39d17320316dbb8dd533fe7c6a613e6 Author: Florian Westphal Date: Fri Aug 30 16:39:10 2024 +0200 xfrm: policy: fix null dereference Julian Wiedmann says: > + if (!xfrm_pol_hold_rcu(ret)) Coverity spotted that ^^^ needs a s/ret/pol fix-up: > CID 1599386: Null pointer dereferences (FORWARD_NULL) > Passing null pointer "ret" to "xfrm_pol_hold_rcu", which dereferences it. Ditch the bogus 'ret' variable. Fixes: 563d5ca93e88 ("xfrm: switch migrate to xfrm_policy_lookup_bytype") Reported-by: Julian Wiedmann Closes: https://lore.kernel.org/netdev/06dc2499-c095-4bd4-aee3-a1d0e3ec87c4@gmail.com/ Signed-off-by: Florian Westphal Reviewed-by: Simon Horman Signed-off-by: Steffen Klassert commit bfba7bc8b7c2c100b76edb3a646fdce256392129 Merge: 8f088541991bc1 8b6d13cc8b3855 Author: David S. Miller Date: Mon Sep 9 14:14:54 2024 +0100 Merge branch 'unmask-dscp-part-four' Ido Schimmel says: ==================== Unmask upper DSCP bits - part 4 (last) tl;dr - This patchset finishes to unmask the upper DSCP bits in the IPv4 flow key in preparation for allowing IPv4 FIB rules to match on DSCP. No functional changes are expected. The TOS field in the IPv4 flow key ('flowi4_tos') is used during FIB lookup to match against the TOS selector in FIB rules and routes. It is currently impossible for user space to configure FIB rules that match on the DSCP value as the upper DSCP bits are either masked in the various call sites that initialize the IPv4 flow key or along the path to the FIB core. In preparation for adding a DSCP selector to IPv4 and IPv6 FIB rules, we need to make sure the entire DSCP value is present in the IPv4 flow key. This patchset finishes to unmask the upper DSCP bits by adjusting all the callers of ip_route_output_key() to properly initialize the full DSCP value in the IPv4 flow key. No functional changes are expected as commit 1fa3314c14c6 ("ipv4: Centralize TOS matching") moved the masking of the upper DSCP bits to the core where 'flowi4_tos' is matched against the TOS selector. ==================== Signed-off-by: David S. Miller commit 8b6d13cc8b3855862af583fed83d60b1df6f9ba2 Author: Ido Schimmel Date: Thu Sep 5 19:51:40 2024 +0300 sctp: Unmask upper DSCP bits in sctp_v4_get_dst() Unmask the upper DSCP bits when calling ip_route_output_key() so that in the future it could perform the FIB lookup according to the full DSCP value. Note that the 'tos' variable holds the full DS field. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Reviewed-by: Xin Long Signed-off-by: David S. Miller commit 2c60fc9ca21636e4bbb30357562dc1abb577f5fb Author: Ido Schimmel Date: Thu Sep 5 19:51:39 2024 +0300 ipv4: udp_tunnel: Unmask upper DSCP bits in udp_tunnel_dst_lookup() Unmask the upper DSCP bits when calling ip_route_output_key() so that in the future it could perform the FIB lookup according to the full DSCP value. Note that callers of udp_tunnel_dst_lookup() pass the entire DS field in the 'tos' argument. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit 345663e6a727f6baa70989a8412c2c047389ca65 Author: Ido Schimmel Date: Thu Sep 5 19:51:38 2024 +0300 netfilter: nf_dup4: Unmask upper DSCP bits in nf_dup_ipv4_route() Unmask the upper DSCP bits when calling ip_route_output_key() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit b7172768abfd8aecdc6af05c60403af1664a4976 Author: Ido Schimmel Date: Thu Sep 5 19:51:37 2024 +0300 netfilter: nft_flow_offload: Unmask upper DSCP bits in nft_flow_route() Unmask the upper DSCP bits when calling nf_route() which eventually calls ip_route_output_key() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit 4f0880766a971409684eeac0aa39378036d17cb4 Author: Ido Schimmel Date: Thu Sep 5 19:51:36 2024 +0300 ipv4: netfilter: Unmask upper DSCP bits in ip_route_me_harder() Unmask the upper DSCP bits when calling ip_route_output_key() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit c2b639f9f3b7a058ca9c7349b096f355773f2cd8 Author: Ido Schimmel Date: Thu Sep 5 19:51:35 2024 +0300 ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() Unmask the upper DSCP bits when initializing an IPv4 flow key via ip_tunnel_init_flow() before passing it to ip_route_output_key() so that in the future we could perform the FIB lookup according to the full DSCP value. Note that the 'tos' variable includes the full DS field. Either the one specified as part of the tunnel parameters or the one inherited from the inner packet. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit c34cfe72bb260fc49660d9e6a9ba95ba01669ae2 Author: Ido Schimmel Date: Thu Sep 5 19:51:34 2024 +0300 ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() Unmask the upper DSCP bits when initializing an IPv4 flow key via ip_tunnel_init_flow() before passing it to ip_route_output_key() so that in the future we could perform the FIB lookup according to the full DSCP value. Note that the 'tos' variable includes the full DS field. Either the one specified via the tunnel key or the one inherited from the inner packet. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit e7191e517a03d025405c7df730b400ad4118474e Author: Ido Schimmel Date: Thu Sep 5 19:51:33 2024 +0300 ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() Unmask the upper DSCP bits when initializing an IPv4 flow key via ip_tunnel_init_flow() before passing it to ip_route_output_key() so that in the future we could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit 848789d552bbfb47077993bb35ca99c854c37556 Author: Ido Schimmel Date: Thu Sep 5 19:51:32 2024 +0300 ipv4: icmp: Unmask upper DSCP bits in icmp_reply() Unmask the upper DSCP bits when calling ip_route_output_key() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit b3899830aa47333fa73e7f23eddc856003fd8bda Author: Ido Schimmel Date: Thu Sep 5 19:51:31 2024 +0300 bpf: lwtunnel: Unmask upper DSCP bits in bpf_lwt_xmit_reroute() Unmask the upper DSCP bits when calling ip_route_output_key() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit 25376a890119b616d5982c8cb59f805138ab81fa Author: Ido Schimmel Date: Thu Sep 5 19:51:30 2024 +0300 ipv4: ip_gre: Unmask upper DSCP bits in ipgre_open() Unmask the upper DSCP bits when calling ip_route_output_gre() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit 1f23a1909d7f5f7c5fa6809816d61712de1a2d5b Author: Ido Schimmel Date: Thu Sep 5 19:51:29 2024 +0300 netfilter: br_netfilter: Unmask upper DSCP bits in br_nf_pre_routing_finish() Unmask upper DSCP bits when calling ip_route_output() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit 0af2b1b20292736108edb4e508370fa8e1efc262 Merge: 4f0568492fc446 ed2e4bb17a4884 Author: Kalle Valo Date: Mon Sep 9 15:32:33 2024 +0300 Merge tag 'rtw-next-2024-09-05' of https://github.com/pkshih/rtw rtw-next patches for v6.12 The rtw89 is continuously adjusting code to support MLO. The major changes are listed below: rtw88: * fix USB not transmitting beacon in AP mode rtw89: * complete BT-coexistence code for RTL8852BT * fix throughput degrade of VHT rate for RTL8851B/8852A/8852B/8852BT * enable WoWLAN net-detect for more one chip, RTL8922A commit 4f0568492fc446b25b5538ba2e3a85c2dbe0ab5d Author: Chen Ni Date: Wed Sep 4 15:46:37 2024 +0800 wifi: brcmfmac: cfg80211: Convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Signed-off-by: Chen Ni Acked-by: Arend van Spriel Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240904074637.1352864-1-nichen@iscas.ac.cn commit eeccaa46cb6f8bdf635dc38b84e66ddb9fbbcee7 Author: Christophe JAILLET Date: Tue Sep 3 22:10:32 2024 +0200 wifi: rsi: Remove an unused field in struct rsi_debugfs dfs_get_ops has apparently never been used since its introduction by commit dad0d04fa7ba ("rsi: Add RS9113 wireless driver") in 2014-03. More-over struct rsi_dbg_ops is not defined. Remove the unused field from struct rsi_debugfs. Signed-off-by: Christophe JAILLET Signed-off-by: Kalle Valo Link: https://patch.msgid.link/15b0609d7b1569ec6c500a175caef4c9189f33e2.1725394207.git.christophe.jaillet@wanadoo.fr commit 54c9b9735246fd32dd020a6196d8128967bb3ff3 Author: Yue Haibing Date: Tue Sep 3 19:58:11 2024 +0800 wifi: libertas: Cleanup unused declarations There is no caller and implementation in tree. Signed-off-by: Yue Haibing Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240903115811.958692-1-yuehaibing@huawei.com commit ff63a5c727821bd1069a384695bb4557eaddb1a1 Author: Li Zetao Date: Tue Sep 3 19:02:05 2024 +0800 wifi: wilc1000: Convert using devm_clk_get_optional_enabled() in wilc_bus_probe() Use devm_clk_get_optional_enabled() instead of devm_clk_get_optional() + clk_prepare_enable(), which can make the clk consistent with the device life cycle and reduce the risk of unreleased clk resources. Since the device framework has automatically released the clk resource, there is no need to execute clk_disable_unprepare(clk) on the error path. Signed-off-by: Li Zetao Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240903110205.4127706-3-lizetao1@huawei.com commit 554475248177894513bbb495de577836e67a57c0 Author: Li Zetao Date: Tue Sep 3 19:02:04 2024 +0800 wifi: wilc1000: Convert using devm_clk_get_optional_enabled() in wilc_sdio_probe() Use devm_clk_get_optional_enabled() instead of devm_clk_get_optional() + clk_prepare_enable(), which can make the clk consistent with the device life cycle and reduce the risk of unreleased clk resources. Since the device framework has automatically released the clk resource, there is no need to execute clk_disable_unprepare(clk) on the error path, drop the clk_disable_unprepare label, and the original error process can change to dispose_irq. Signed-off-by: Li Zetao Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240903110205.4127706-2-lizetao1@huawei.com commit 6d7c6ae1efb1ff68bc01d79d94fdf0388f86cdd8 Author: Jiawei Ye Date: Thu Aug 29 08:17:09 2024 +0000 wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param In the `wilc_parse_join_bss_param` function, the TSF field of the `ies` structure is accessed after the RCU read-side critical section is unlocked. According to RCU usage rules, this is illegal. Reusing this pointer can lead to unpredictable behavior, including accessing memory that has been updated or causing use-after-free issues. This possible bug was identified using a static analysis tool developed by myself, specifically designed to detect RCU-related issues. To address this, the TSF value is now stored in a local variable `ies_tsf` before the RCU lock is released. The `param->tsf_lo` field is then assigned using this local variable, ensuring that the TSF value is safely accessed. Fixes: 205c50306acf ("wifi: wilc1000: fix RCU usage in connect path") Signed-off-by: Jiawei Ye Reviewed-by: Alexis Lothoré Signed-off-by: Kalle Valo Link: https://patch.msgid.link/tencent_466225AA599BA49627FB26F707EE17BC5407@qq.com commit 498365e52bebcbc36a93279fe7e9d6aec8479cee Author: Gustavo A. R. Silva Date: Wed Aug 21 15:23:51 2024 -0600 wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() Replace one-element array with a flexible-array member in `struct host_cmd_ds_802_11_scan_ext`. With this, fix the following warning: elo 16 17:51:58 surfacebook kernel: ------------[ cut here ]------------ elo 16 17:51:58 surfacebook kernel: memcpy: detected field-spanning write (size 243) of single field "ext_scan->tlv_buffer" at drivers/net/wireless/marvell/mwifiex/scan.c:2239 (size 1) elo 16 17:51:58 surfacebook kernel: WARNING: CPU: 0 PID: 498 at drivers/net/wireless/marvell/mwifiex/scan.c:2239 mwifiex_cmd_802_11_scan_ext+0x83/0x90 [mwifiex] Reported-by: Andy Shevchenko Closes: https://lore.kernel.org/linux-hardening/ZsZNgfnEwOcPdCly@black.fi.intel.com/ Signed-off-by: Gustavo A. R. Silva Reviewed-by: Andy Shevchenko Acked-by: Brian Norris Signed-off-by: Kalle Valo Link: https://patch.msgid.link/ZsZa5xRcsLq9D+RX@elsanto commit 72160ec6cb12613663f26d89049b95f8dc9fa000 Author: Inochi Amaoto Date: Fri Aug 30 16:57:38 2024 +0800 riscv: defconfig: Enable pinctrl support for CV18XX Series SoC Enable pinctrl driver for the whole CV18XX series. Signed-off-by: Inochi Amaoto Signed-off-by: Conor Dooley commit 876dec03fdfb7eeb592d01a95ba292c9e53b324b Author: Arnd Bergmann Date: Sat Sep 7 20:00:38 2024 +0000 ASoC: mediatek: mt8365: remove unused mt8365_i2s_hd_str The mt8365_i2s_enum and mt8365_i2s_hd_str variables are not used anywhere, but cause a warning when building with C=1 or when enabling -Wunused-const-variable: sound/soc/mediatek/mt8365/mt8365-dai-i2s.c:781:27: error: 'mt8365_i2s_hd_str' defined but not used [-Werror=unused-const-variable=] 781 | static const char * const mt8365_i2s_hd_str[] = { | ^~~~~~~~~~~~~~~~~ Remove these for the moment, they can be added back if a user comes up. Fixes: 402bbb13a195 ("ASoC: mediatek: mt8365: Add I2S DAI support") Signed-off-by: Arnd Bergmann Reviewed-by: Matthias Brugger Link: https://patch.msgid.link/20240907200053.3027553-1-arnd@kernel.org Signed-off-by: Mark Brown commit 6b31d6a4ca3b4d8abfb39127130889f9a9a38aa1 Author: Arnd Bergmann Date: Sun Sep 8 22:17:34 2024 +0000 ASoC: mediatek: mt8365: include linux/bitfield.h On x86, the header is not already included implicitly, breaking compile-testing: In file included from sound/soc/mediatek/mt8365/mt8365-afe-common.h:19, from sound/soc/mediatek/mt8365/mt8365-afe-pcm.c:18: sound/soc/mediatek/mt8365/mt8365-afe-pcm.c: In function 'mt8365_afe_cm2_mux_conn': sound/soc/mediatek/mt8365/mt8365-reg.h:952:41: error: implicit declaration of function 'FIELD_PREP' [-Wimplicit-function-declaration] 952 | #define CM2_AFE_CM2_CONN_CFG1(x) FIELD_PREP(CM2_AFE_CM2_CONN_CFG1_MASK, (x)) | ^~~~~~~~~~ Included it ahead of the field definitions. Fixes: 38c7c9ddc740 ("ASoC: mediatek: mt8365: Add common header") Signed-off-by: Arnd Bergmann Reviewed-by: Matthias Brugger Link: https://patch.msgid.link/20240908221754.2210857-1-arnd@kernel.org Signed-off-by: Mark Brown commit 77b696f489d2fd83bbcffeed363baac8f2f6ed4b Author: Romain Gantois Date: Fri Sep 6 14:20:58 2024 +0200 ASoC: tlv320aic31xx: Add support for loading filter coefficients The TLV320DAC3100 Audio DAC has 25 built-in digital audio processing blocks (PRBs). Each of these PRBs has a static filter structure with programmable coefficients. Once a PRB is selected for use by the DAC, its filter coefficients can be configured via a dedicated set of registers. Define a new optional firmware which can be loaded by the TLV320DAC driver. This firmware describes a full set of filter coefficients for all blocks used by the various PRBs. The firmware's binary format is heavily inspired by the one used in the peb2466 driver. It includes a version marker to allow for potential evolutions of the format. Note that adaptive filtering is not supported i.e. filter coefficients are loaded once before power-on and then cannot be changed while the DAC is powered. This is why only page A coefficients are modified. Page B coefficients are only used for adaptive filtering. Signed-off-by: Romain Gantois Link: https://patch.msgid.link/20240906-tlv320-filter-v1-1-6955f53ff435@bootlin.com Signed-off-by: Mark Brown commit 73048a832587520c6222bacbe1bc7121409d8861 Author: Dan Carpenter Date: Thu Sep 5 16:17:06 2024 +0300 optee: Fix a NULL vs IS_ERR() check The tee_shm_get_va() function never returns NULL, it returns error pointers. Update the check to match. Fixes: f0c8431568ee ("optee: probe RPMB device using RPMB subsystem") Signed-off-by: Dan Carpenter Reviewed-by: Jens Wiklander Link: https://lore.kernel.org/r/f8c12aed-b5d1-4522-bf95-622b8569706d@stanley.mountain Signed-off-by: Ulf Hansson commit 4f05ee2f82b470c20f7ff260bb0d866425b09d05 Author: Christian Brauner Date: Fri Aug 30 15:04:52 2024 +0200 ext4: store cookie in private data Store the cookie to detect concurrent seeks on directories in file->private_data. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-11-6d3e4816aa7b@kernel.org Acked-by: Theodore Ts'o Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 794576e07585bfb31f810e25c58ee0bcfc5e19d9 Author: Christian Brauner Date: Fri Aug 30 15:04:51 2024 +0200 ext2: store cookie in private data Store the cookie to detect concurrent seeks on directories in file->private_data. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-10-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit bad74142a04bf9b161237f52667473a111181b83 Author: Christian Brauner Date: Fri Aug 30 15:04:50 2024 +0200 affs: store cookie in private data Store the cookie to detect concurrent seeks on directories in file->private_data. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-9-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit d688d65a847ff910146eff51e70f4b7049895eb5 Author: Christian Brauner Date: Fri Aug 30 15:04:49 2024 +0200 fs: add generic_llseek_cookie() This is similar to generic_file_llseek() but allows the caller to specify a cookie that will be updated to indicate that a seek happened. Caller's requiring that information in their readdir implementations can use that. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-8-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit ed904935c3992ec4178a38f61eca8ce7303ae1a0 Author: Christian Brauner Date: Fri Aug 30 15:04:48 2024 +0200 fs: use must_set_pos() Make generic_file_llseek_size() use must_set_pos(). We'll use must_set_pos() in another helper in a minutes. Remove __maybe_unused from must_set_pos() now that it's used. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-7-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit b8c7451928ab2698653966a54ab5fff2fce484ff Author: Christian Brauner Date: Fri Aug 30 15:04:47 2024 +0200 fs: add must_set_pos() Add a new must_set_pos() helper. We will use it in follow-up patches. Temporarily mark it as unused. This is only done to keep the diff small and reviewable. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-6-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit d095a5be7533aa3e72f7358ddbcd595d67d56ff1 Author: Christian Brauner Date: Fri Aug 30 15:04:46 2024 +0200 fs: add vfs_setpos_cookie() Add a new helper and make vfs_setpos() call it. We will use it in follow-up patches. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-5-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 1c5a54af4717ff54b640986768b901aa6c294297 Author: Christian Brauner Date: Fri Aug 30 15:04:45 2024 +0200 s390: remove unused f_version It's not used so don't bother with it at all. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-4-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 387b499b789ce60c195db510b53f54ea728e10e3 Author: Christian Brauner Date: Fri Aug 30 15:04:44 2024 +0200 ceph: remove unused f_version It's not used for ceph so don't bother with it at all. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-3-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit db1faacb3a27863647845eb5bd17521e77ce430d Author: Christian Brauner Date: Fri Aug 30 15:04:43 2024 +0200 adi: remove unused f_version It's not used for adi so don't bother with it at all. Link: https://lore.kernel.org/r/20240830-vfs-file-f_version-v1-2-6d3e4816aa7b@kernel.org Reviewed-by: Jan Kara Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 475aadeba5df687524bd9bc5c77cba44c1736e08 Author: Cheng Ming Lin Date: Mon Sep 9 17:26:43 2024 +0800 mtd: spinand: macronix: Flag parts needing explicit plane select Macronix serial NAND flash with a two-plane structure requires insertion of the Plane Select bit into the column address during the write_to_cache operation. Additionally, for MX35{U,F}2G14AC and MX35LF2GE4AB, insertion of the Plane Select bit into the column address is required during the read_from_cache operation. Signed-off-by: Cheng Ming Lin Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240909092643.2434479-3-linchengming884@gmail.com commit ca229bdbef29be207c8666f106acc3bf50736c05 Author: Cheng Ming Lin Date: Mon Sep 9 17:26:42 2024 +0800 mtd: spinand: Add support for setting plane select bits Add two flags for inserting the Plane Select bit into the column address during the write_to_cache and the read_from_cache operation. Add the SPINAND_HAS_PROG_PLANE_SELECT_BIT flag for serial NAND flash that require inserting the Plane Select bit into the column address during the write_to_cache operation. Add the SPINAND_HAS_READ_PLANE_SELECT_BIT flag for serial NAND flash that require inserting the Plane Select bit into the column address during the read_from_cache operation. Signed-off-by: Cheng Ming Lin Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240909092643.2434479-2-linchengming884@gmail.com commit d53c35931b95b707df3b6cff061ff975843837d5 Author: Roger Quadros Date: Tue Sep 3 19:29:57 2024 +0300 dt-bindings: mtd: ti, gpmc-nand: support partitions node Allow fixed-partitions to be specified through a partitions node. Fixes the below dtbs_check warning: arch/arm64/boot/dts/ti/k3-am642-evm-nand.dtb: nand@0,0: Unevaluated properties are not allowed ('partitions' was unexpected) Signed-off-by: Roger Quadros Reviewed-by: Rob Herring (Arm) Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240903-gpmc-dtb-v2-1-8046c1915b96@kernel.org commit 2073ae37d550ea32e8545edaa94ef10b4fef7235 Author: Miquel Raynal Date: Mon Aug 26 17:30:19 2024 +0200 mtd: rawnand: mtk: Fix init error path Reviewing a series converting the for_each_chil_of_node() loops into their _scoped variants made me realize there was no cleanup of the already registered NAND devices upon error which may leak memory on systems with more than a chip when this error occurs. We should call the _nand_chips_cleanup() function when this happens. Fixes: 1d6b1e464950 ("mtd: mediatek: driver for MTK Smart Device") Signed-off-by: Miquel Raynal Reviewed-by: Pratyush Yadav Reviewed-by: Matthias Brugger Link: https://lore.kernel.org/linux-mtd/20240826153019.67106-2-miquel.raynal@bootlin.com commit 9d301de12da6e1bb069a9835c38359b8e8135121 Author: Dmitry Antipov Date: Fri Sep 6 15:31:51 2024 +0300 wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() Since '__dev_queue_xmit()' should be called with interrupts enabled, the following backtrace: ieee80211_do_stop() ... spin_lock_irqsave(&local->queue_stop_reason_lock, flags) ... ieee80211_free_txskb() ieee80211_report_used_skb() ieee80211_report_ack_skb() cfg80211_mgmt_tx_status_ext() nl80211_frame_tx_status() genlmsg_multicast_netns() genlmsg_multicast_netns_filtered() nlmsg_multicast_filtered() netlink_broadcast_filtered() do_one_broadcast() netlink_broadcast_deliver() __netlink_sendskb() netlink_deliver_tap() __netlink_deliver_tap_skb() dev_queue_xmit() __dev_queue_xmit() ; with IRQS disabled ... spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags) issues the warning (as reported by syzbot reproducer): WARNING: CPU: 2 PID: 5128 at kernel/softirq.c:362 __local_bh_enable_ip+0xc3/0x120 Fix this by implementing a two-phase skb reclamation in 'ieee80211_do_stop()', where actual work is performed outside of a section with interrupts disabled. Fixes: 5061b0c2b906 ("mac80211: cooperate more with network namespaces") Reported-by: syzbot+1a3986bbd3169c307819@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=1a3986bbd3169c307819 Signed-off-by: Dmitry Antipov Link: https://patch.msgid.link/20240906123151.351647-1-dmantipov@yandex.ru Signed-off-by: Johannes Berg commit 69716a3babe1165a9ab1b3770b55d303d5bb5fa3 Author: Steffen Klassert Date: Mon Sep 9 11:43:39 2024 +0200 Revert "xfrm: add SA information to the offloaded packet" This reverts commit e7cd191f83fd899c233dfbe7dc6d96ef703dcbbd. While supporting xfrm interfaces in the packet offload API is needed, this patch does not do the right thing. There are more things to do to really support xfrm interfaces, so revert it for now. Signed-off-by: Steffen Klassert commit 15ea13b1b1fbf6364d4cd568e65e4c8479632999 Author: Dmitry Antipov Date: Mon Sep 9 12:08:06 2024 +0300 wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors Although not reproduced in practice, these two cases may be considered by UBSAN as off-by-one errors. So fix them in the same way as in commit a26a5107bc52 ("wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan()"). Fixes: 807f8a8c3004 ("cfg80211/nl80211: add support for scheduled scans") Fixes: 5ba63533bbf6 ("cfg80211: fix alignment problem in scan request") Signed-off-by: Dmitry Antipov Link: https://patch.msgid.link/20240909090806.1091956-1-dmantipov@yandex.ru Signed-off-by: Johannes Berg commit 8f088541991bc1716a5ed570456d218241303851 Author: Zijun Hu Date: Thu Sep 5 07:35:38 2024 +0800 net: sysfs: Fix weird usage of class's namespace relevant fields Device class has two namespace relevant fields which are associated by the following usage: struct class { ... const struct kobj_ns_type_operations *ns_type; const void *(*namespace)(const struct device *dev); ... } if (dev->class && dev->class->ns_type) dev->class->namespace(dev); The usage looks weird since it checks @ns_type but calls namespace() it is found for all existing class definitions that the other filed is also assigned once one is assigned in current kernel tree, so fix this weird usage by checking @namespace to call namespace(). Signed-off-by: Zijun Hu Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit 4897313bdb2b82c83e3c52c9549ee293c4e47da6 Merge: c259acab839e57 41f5fbffd17778 Author: David S. Miller Date: Mon Sep 9 10:29:05 2024 +0100 Merge branch 'fs_enet-cleanup' Maxime Chevallier says: ==================== net: ethernet: fs_enet: Cleanup and phylink conversion This is V3 of a series that cleans-up fs_enet, with the ultimate goal of converting it to phylink (patch 8). The main changes compared to V2 are : - Reviewed-by tags from Andrew were gathered - Patch 5 now includes the removal of now unused includes, thanks Andrew for spotting this - Patch 4 is new, it reworks the adjust_link to move the spinlock acquisition to a more suitable location. Although this dissapears in the actual phylink port, it makes the phylink conversion clearer on that point - Patch 8 includes fixes in the tx_timeout cancellation, to prevent taking rtnl twice when canceling a pending tx_timeout. Thanks Jakub for spotting this. Link to V2: https://lore.kernel.org/netdev/20240829161531.610874-1-maxime.chevallier@bootlin.com/ Link to V1: https://lore.kernel.org/netdev/20240828095103.132625-1-maxime.chevallier@bootlin.com/ ==================== Signed-off-by: David S. Miller commit 41f5fbffd177785e9432e7b2d30bc83b06e6e65d Author: Maxime Chevallier Date: Wed Sep 4 19:18:21 2024 +0200 net: ethernet: fs_enet: phylink conversion fs_enet is a quite old but still used Ethernet driver found on some NXP devices. It has support for 10/100 Mbps ethernet, with half and full duplex. Some variants of it can use RMII, while other integrations are MII-only. Add phylink support, thus removing custom fixed-link hanldling. This also allows removing some internal flags such as the use_rmii flag. Acked-by: Christophe Leroy Signed-off-by: Maxime Chevallier Signed-off-by: David S. Miller commit c614acf6e8e175694db7ea21f3ddca6e075680fd Author: Maxime Chevallier Date: Wed Sep 4 19:18:20 2024 +0200 net: ethernet: fs_enet: simplify clock handling with devm accessors devm_clock_get_enabled() can be used to simplify clock handling for the PER register clock. Reviewed-by: Andrew Lunn Signed-off-by: Maxime Chevallier Signed-off-by: David S. Miller commit 21c6321459aaf712c48d8f96730bbefd07b7959c Author: Maxime Chevallier Date: Wed Sep 4 19:18:19 2024 +0200 net: ethernet: fs_enet: use macros for speed and duplex values The PHY speed and duplex should be manipulated using the SPEED_XXX and DUPLEX_XXX macros available. Use it in the fcc, fec and scc MAC for fs_enet. Acked-by: Christophe Leroy Reviewed-by: Christophe Leroy Reviewed-by: Andrew Lunn Signed-off-by: Maxime Chevallier Signed-off-by: David S. Miller commit 6b576b2d44303cad06273ea2e2d5fc08907ff845 Author: Maxime Chevallier Date: Wed Sep 4 19:18:18 2024 +0200 net: ethernet: fs_enet: drop unused phy_info and mii_if_info There's no user of the struct phy_info, the 'phy' field and the mii_if_info in the fs_enet driver, probably dating back when phylib wasn't as widely used. Drop these from the driver code. As the definition for struct mii_if_info is no longer required, drop the include for linux/mii.h altogether in the driver. Acked-by: Christophe Leroy Reviewed-by: Christophe Leroy Reviewed-by: Andrew Lunn Signed-off-by: Maxime Chevallier Signed-off-by: David S. Miller commit aa3672be731d473f65619ad198664a90771ab3d5 Author: Maxime Chevallier Date: Wed Sep 4 19:18:17 2024 +0200 net: ethernet: fs_enet: only protect the .restart() call in .adjust_link When .adjust_link() gets called, it runs in thread context, with the phydev->lock held. We only need to protect the fep->fecp/fccp/sccp register that are accessed within the .restart() function from concurrent access from the interrupts. These registers are being protected by the fep->lock spinlock, so we can move the spinlock protection around the .restart() call instead of the entire adjust_link() call. By doing so, we can simplify further the .adjust_link() callback and avoid the intermediate helper. Suggested-by: Andrew Lunn Signed-off-by: Maxime Chevallier Signed-off-by: David S. Miller commit 96bf0c4e9f485e286fef7c6677f16f37e7a7ff7c Author: Maxime Chevallier Date: Wed Sep 4 19:18:16 2024 +0200 net: ethernet: fs_enet: drop the .adjust_link custom fs_ops There's no in-tree user for the fs_ops .adjust_link() function, so we can always use the generic one in fe_enet-main. Acked-by: Christophe Leroy Reviewed-by: Christophe Leroy Reviewed-by: Andrew Lunn Signed-off-by: Maxime Chevallier Signed-off-by: David S. Miller commit 2b29ac68e786d8d16772bb92eee88ed7beda5d0d Author: Maxime Chevallier Date: Wed Sep 4 19:18:15 2024 +0200 net: ethernet: fs_enet: cosmetic cleanups Due to the age of the driver and the slow recent activity on it, the code has taken some layers of dust. Clean the main driver file up so that it passes checkpatch and also conforms with the net coding style. Changes include : - Re-ordering of the variable declarations for RCT - Fixing the comment styles to either one-line comments, or net-style comments - Adding braces around single-statement 'else' clauses - Aligning function/macro parameters on the opening parenthesis - Simplifying checks for NULL pointers - Splitting cascaded assignments into individual assignments - Fixing some typos - Fixing whitespace issues This is a cosmetic change and doesn't introduce any change in behaviour. Acked-by: Christophe Leroy Reviewed-by: Christophe Leroy Reviewed-by: Andrew Lunn Signed-off-by: Maxime Chevallier Signed-off-by: David S. Miller commit 30ba6d2f3463ee296243cbcb628f7122c49db4a7 Author: Maxime Chevallier Date: Wed Sep 4 19:18:14 2024 +0200 net: ethernet: fs_enet: convert to SPDX The ENET driver has SPDX tags in the header files, but they were missing in the C files. Change the licence information to SPDX format. Acked-by: Christophe Leroy Reviewed-by: Christophe Leroy Reviewed-by: Andrew Lunn Signed-off-by: Maxime Chevallier Signed-off-by: David S. Miller commit 4e1b5586051f0e9aef9b0ca375ef2cd1a8987e0c Author: Johannes Berg Date: Mon Sep 9 11:03:08 2024 +0200 wifi: cfg80211: fix kernel-doc for per-link data There cannot be brackets in kernel-doc, remove them. Reported-by: Stephen Rothwell Fixes: 62c16f219a73 ("wifi: cfg80211: move DFS related members to links[] in wireless_dev") Signed-off-by: Johannes Berg commit 92f8358bce13da0b2c37122573a2b2d7de0071df Merge: 26e43c9a894176 35e6dbfe1846ca a5f285d9cf11b1 Author: Borislav Petkov (AMD) Date: Mon Sep 9 10:51:30 2024 +0200 Merge remote-tracking branches 'ras/edac-amd-atl', 'ras/edac-misc' and 'ras/edac-drivers' into edac-updates * ras/edac-amd-atl: RAS/AMD/ATL: Translate normalized to system physical addresses using PRM ACPI: PRM: Add PRM handler direct call support * ras/edac-misc: EDAC/synopsys: Fix error injection on Zynq UltraScale+ * ras/edac-drivers: EDAC: Drop obsolete PPC4xx driver EDAC/sb_edac: Fix the compile warning of large frame size EDAC/{skx_common,i10nm}: Remove the AMAP register for determing DDR5 EDAC/{skx_common,skx,i10nm}: Move the common debug code to skx_common EDAC/igen6: Fix conversion of system address to physical memory address Signed-off-by: Borislav Petkov (AMD) commit 4ad5f9a021bd7e3a48a8d11c52cef36d5e05ffcc Author: Alexey Dobriyan Date: Sun Sep 8 12:27:45 2024 +0300 proc: fold kmalloc() + strcpy() into kmemdup() strcpy() will recalculate string length second time which is unnecessary in this case. Signed-off-by: Alexey Dobriyan Link: https://lore.kernel.org/r/90af27c1-0b86-47a6-a6c8-61a58b8aa747@p183 Signed-off-by: Christian Brauner commit b1daf3f8475fa2a4ffc1668043de738241f95d1d Author: Dennis Lam Date: Sun Sep 8 13:28:42 2024 -0400 docs:filesystems: fix spelling and grammar mistakes in iomap design page Signed-off-by: Dennis Lam Link: https://lore.kernel.org/r/20240908172841.9616-2-dennis.lamerice@gmail.com Signed-off-by: Christian Brauner commit 698e7d1680544ef114203b0cf656faa0c1216ebc Author: Yan Zhen Date: Mon Sep 9 14:33:53 2024 +0800 proc: Fix typo in the comment The deference here confuses me. Maybe here want to say that because show_fd_locks() does not dereference the files pointer, using the stale value of the files pointer is safe. Correctly spelled comments make it easier for the reader to understand the code. replace 'deferences' with 'dereferences' in the comment & replace 'inialized' with 'initialized' in the comment. Signed-off-by: Yan Zhen Link: https://lore.kernel.org/r/20240909063353.2246419-1-yanzhen@vivo.com Signed-off-by: Christian Brauner commit d24449864da5838936669618356b0e30ca2999c3 Author: Helge Deller Date: Sun Sep 8 00:40:38 2024 +0200 parisc: Fix 64-bit userspace syscall path Currently the glibc isn't yet ported to 64-bit for hppa, so there is no usable userspace available yet. But it's possible to manually build a static 64-bit binary and run that for testing. One such 64-bit test program is available at http://ftp.parisc-linux.org/src/64bit.tar.gz and it shows various issues with the existing 64-bit syscall path in the kernel. This patch fixes those issues. Signed-off-by: Helge Deller Cc: stable@vger.kernel.org # v4.19+ commit f31b256994acec6929306dfa86ac29716e7503d6 Author: Helge Deller Date: Sat Sep 7 18:28:11 2024 +0200 parisc: Fix stack start for ADDR_NO_RANDOMIZE personality Fix the stack start address calculation for the parisc architecture in setup_arg_pages() when address randomization is disabled. When the ADDR_NO_RANDOMIZE process personality is disabled there is no need to add additional space for the stack. Note that this patch touches code inside an #ifdef CONFIG_STACK_GROWSUP hunk, which is why only the parisc architecture is affected since it's the only Linux architecture where the stack grows upwards. Without this patch you will find the stack in the middle of some mapped libaries and suddenly limited to 6MB instead of 8MB: root@parisc:~# setarch -R /bin/bash -c "cat /proc/self/maps" 00010000-00019000 r-xp 00000000 08:05 1182034 /usr/bin/cat 00019000-0001a000 rwxp 00009000 08:05 1182034 /usr/bin/cat 0001a000-0003b000 rwxp 00000000 00:00 0 [heap] f90c4000-f9283000 r-xp 00000000 08:05 1573004 /usr/lib/hppa-linux-gnu/libc.so.6 f9283000-f9285000 r--p 001bf000 08:05 1573004 /usr/lib/hppa-linux-gnu/libc.so.6 f9285000-f928a000 rwxp 001c1000 08:05 1573004 /usr/lib/hppa-linux-gnu/libc.so.6 f928a000-f9294000 rwxp 00000000 00:00 0 f9301000-f9323000 rwxp 00000000 00:00 0 [stack] f98b4000-f98e4000 r-xp 00000000 08:05 1572869 /usr/lib/hppa-linux-gnu/ld.so.1 f98e4000-f98e5000 r--p 00030000 08:05 1572869 /usr/lib/hppa-linux-gnu/ld.so.1 f98e5000-f98e9000 rwxp 00031000 08:05 1572869 /usr/lib/hppa-linux-gnu/ld.so.1 f9ad8000-f9b00000 rw-p 00000000 00:00 0 f9b00000-f9b01000 r-xp 00000000 00:00 0 [vdso] With the patch the stack gets correctly mapped at the end of the process memory map: root@panama:~# setarch -R /bin/bash -c "cat /proc/self/maps" 00010000-00019000 r-xp 00000000 08:13 16385582 /usr/bin/cat 00019000-0001a000 rwxp 00009000 08:13 16385582 /usr/bin/cat 0001a000-0003b000 rwxp 00000000 00:00 0 [heap] fef29000-ff0eb000 r-xp 00000000 08:13 16122400 /usr/lib/hppa-linux-gnu/libc.so.6 ff0eb000-ff0ed000 r--p 001c2000 08:13 16122400 /usr/lib/hppa-linux-gnu/libc.so.6 ff0ed000-ff0f2000 rwxp 001c4000 08:13 16122400 /usr/lib/hppa-linux-gnu/libc.so.6 ff0f2000-ff0fc000 rwxp 00000000 00:00 0 ff4b4000-ff4e4000 r-xp 00000000 08:13 16121913 /usr/lib/hppa-linux-gnu/ld.so.1 ff4e4000-ff4e6000 r--p 00030000 08:13 16121913 /usr/lib/hppa-linux-gnu/ld.so.1 ff4e6000-ff4ea000 rwxp 00032000 08:13 16121913 /usr/lib/hppa-linux-gnu/ld.so.1 ff6d7000-ff6ff000 rw-p 00000000 00:00 0 ff6ff000-ff700000 r-xp 00000000 00:00 0 [vdso] ff700000-ff722000 rwxp 00000000 00:00 0 [stack] Reported-by: Camm Maguire Signed-off-by: Helge Deller Fixes: d045c77c1a69 ("parisc,metag: Fix crashes due to stack randomization on stack-grows-upwards architectures") Fixes: 17d9822d4b4c ("parisc: Consider stack randomization for mmap base only when necessary") Cc: stable@vger.kernel.org # v5.2+ commit b5ff52be891347f8847872c49d7a5c2fa29400a7 Author: Helge Deller Date: Sat Aug 31 14:26:53 2024 +0200 parisc: Convert to generic clockevents Convert parisc timer code to generic clockevents framework. Signed-off-by: Helge Deller commit 75df38aaf1f102af32919fad2e055153bee52e1f Author: Hongbo Li Date: Wed Sep 4 09:16:42 2024 +0800 parisc: pdc_stable: Constify struct kobj_type This 'struct kobj_type' is not modified. It is only used in kobject_init_and_add() which takes a 'const struct kobj_type *ktype' parameter. Constifying this structure and moving it to a read-only section, and can increase over all security. Signed-off-by: Hongbo Li Signed-off-by: Helge Deller commit f299cd11f7539482e87b2d2d527968a26b33f0ec Merge: 9c0c11bb87b09a da3ea35007d0af Author: Greg Kroah-Hartman Date: Mon Sep 9 08:40:22 2024 +0200 Merge 6.11-rc7 into usb-next We need the USB fixes in here as well, and this also resolves the merge conflict in: drivers/usb/typec/ucsi/ucsi.c Reported-by: Stephen Rothwell Signed-off-by: Greg Kroah-Hartman commit 895b4fae931a256f6c7c6c68f77a8e337980b5a1 Merge: 72486eb13b254d da3ea35007d0af Author: Greg Kroah-Hartman Date: Mon Sep 9 08:36:23 2024 +0200 Merge 6.11-rc7 into char-misc-next We need the char-misc fixes in here as well. Signed-off-by: Greg Kroah-Hartman commit 8c9c01ce695eea84d19482e7429e3d54ceb7585c Author: Madhavan Srinivasan Date: Mon Aug 12 15:11:52 2024 +0530 selftests/powerpc: Allow building without static libc Currently exec-target.c is linked statically with libc, which on Fedora at least requires installing an additional package (glibc-static). If that package is not installed the build fails with: CC exec_target /usr/bin/ld: cannot find -lc: No such file or directory collect2: error: ld returned 1 exit status All exec_target.c does is call sys_exit, which can be done easily enough using inline assembly, and removes the requirement for a static libc to be installed. Suggested-by: Michael Ellerman Signed-off-by: Madhavan Srinivasan Signed-off-by: Michael Ellerman Link: https://msgid.link/20240812094152.418586-1-maddy@linux.ibm.com commit 9c100bc3ec13914f9911a937ec5b38182a5c3d64 Author: Marc Kleine-Budde Date: Sun Sep 8 17:00:00 2024 +0200 can: rockchip_canfd: rkcanfd_timestamp_init(): fix 64 bit division on 32 bit platforms On some 32-bit platforms (at least on parisc), the compiler generates a call to __divdi3() from the u32 by 3 division in rkcanfd_timestamp_init(), which results in the following linker error: | ERROR: modpost: "__divdi3" [drivers/net/can/rockchip/rockchip_canfd.ko] undefined! As this code doesn't run in the hot path, a 64 bit by 32 bit division is OK, even on 32 bit platforms. Use an explicit call to div_u64() to fix linking. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409072304.lCQWyNLU-lkp@intel.com/ Link: https://patch.msgid.link/20240909-can-rockchip_canfd-fix-64-bit-division-v1-1-2748d9422b00@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 9a0e4c18cdec39b1d724703180e29156d86bb94b Author: Nathan Chancellor Date: Fri Sep 6 13:26:41 2024 -0700 can: rockchip_canfd: fix return type of rkcanfd_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. If they are not identical, there is a failure at run time, which manifests as either a kernel panic or thread getting killed. A warning in clang aims to catch these at compile time, which reveals: drivers/net/can/rockchip/rockchip_canfd-core.c:770:20: error: incompatible function pointer types initializing 'netdev_tx_t (*)(struct sk_buff *, struct net_device *)' (aka 'enum netdev_tx (*)(struct sk_buff *, struct net_device *)') with an expression of type 'int (struct sk_buff *, struct net_device *)' [-Werror,-Wincompatible-function-pointer-types-strict] 770 | .ndo_start_xmit = rkcanfd_start_xmit, | ^~~~~~~~~~~~~~~~~~ ->ndo_start_xmit() in 'struct net_device_ops' expects a return type of 'netdev_tx_t', not 'int' (although the types are ABI compatible). Adjust the return type of rkcanfd_start_xmit() to match the prototype's to resolve the warning. Fixes: ff60bfbaf67f ("can: rockchip_canfd: add driver for Rockchip CAN-FD controller") Signed-off-by: Nathan Chancellor Link: https://patch.msgid.link/20240906-rockchip-canfd-wifpts-v1-1-b1398da865b7@kernel.org Signed-off-by: Marc Kleine-Budde commit dfb970cc5f612a95fdf142f34610fccb3b2fc18c Author: Rob Herring (Arm) Date: Tue Sep 3 08:57:30 2024 -0500 net: can: cc770: Simplify parsing DT properties Use of the typed property accessors is preferred over of_get_property(). The existing code doesn't work on little endian systems either. Replace the of_get_property() calls with of_property_read_bool() and of_property_read_u32(). Signed-off-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240903135731.405635-1-robh@kernel.org Signed-off-by: Marc Kleine-Budde commit 94e86b174d103d941b4afc4f016af8af9e5352fa Author: Zhu Jun Date: Fri Sep 6 02:13:33 2024 -0700 tools/hv: Add memory allocation check in hv_fcopy_start Added error handling for memory allocation failures of file_name and path_name. Signed-off-by: Zhu Jun Reviewed-by: Dexuan Cui Tested-by: Saurabh Sengar Link: https://lore.kernel.org/r/20240906091333.11419-1-zhujun2@cmss.chinamobile.com Signed-off-by: Wei Liu Message-ID: <20240906091333.11419-1-zhujun2@cmss.chinamobile.com> commit d22bd451d5606411895ef55cb105277e4f4f6e54 Author: Christophe JAILLET Date: Sun Sep 8 10:32:38 2024 +0200 hwmon: (pmbus/mpq7932) Constify struct regulator_desc 'struct regulator_desc' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security, especially when the structure holds some function pointers. This also makes mpq7932_regulators_desc consistent with mpq7932_regulators_desc_one which is already a "static const struct regulator_desc". On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 3516 2264 0 5780 1694 drivers/hwmon/pmbus/mpq7932.o After: ===== text data bss dec hex filename 5396 384 0 5780 1694 drivers/hwmon/pmbus/mpq7932.o Signed-off-by: Christophe JAILLET Message-ID: Signed-off-by: Guenter Roeck commit 0e0bcf07ec5b305ce7612385b06580dcbe5bc6a5 Author: Jens Axboe Date: Sun Sep 8 16:34:55 2024 -0600 io_uring/eventfd: move refs to refcount_t atomic_t for the struct io_ev_fd references and there are no issues with it. While the ref getting and putting for the eventfd code is somewhat performance critical for cases where eventfd signaling is used (news flash, you should not...), it probably doesn't warrant using an atomic_t for this. Let's just move to it to refcount_t to get the added protection of over/underflows. Link: https://lore.kernel.org/lkml/202409082039.hnsaIJ3X-lkp@intel.com/ Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409082039.hnsaIJ3X-lkp@intel.com/ Signed-off-by: Jens Axboe commit aa99969ef591ca44cbafb320ceceb106792baee3 Author: Colin Ian King Date: Sun Sep 1 16:58:46 2024 +0100 m68k: remove trailing space after \n newline There is a extraneous space after a newline in a pr_debug message. Remove it. Signed-off-by: Colin Ian King Signed-off-by: Greg Ungerer commit bd7c8ff9fef4b21a97f9b30a7364845ee6eaaf23 Author: Anna-Maria Behnsen Date: Wed Sep 4 15:04:53 2024 +0200 treewide: Fix wrong singular form of jiffies in comments There are several comments all over the place, which uses a wrong singular form of jiffies. Replace 'jiffie' by 'jiffy'. No functional change. Signed-off-by: Anna-Maria Behnsen Signed-off-by: Thomas Gleixner Acked-by: Geert Uytterhoeven # m68k Link: https://lore.kernel.org/all/20240904-devel-anna-maria-b4-timers-flseep-v1-3-e98760256370@linutronix.de commit 662a1bfb907cd850da4de9b871640ad47a355bc0 Author: Anna-Maria Behnsen Date: Wed Sep 4 15:04:52 2024 +0200 cpu: Use already existing usleep_range() usleep_range() is a wrapper arount usleep_range_state() which hands in TASK_UNTINTERRUPTIBLE as state argument. Use already exising wrapper usleep_range(). No functional change. Signed-off-by: Anna-Maria Behnsen Signed-off-by: Thomas Gleixner Reviewed-by: Frederic Weisbecker Link: https://lore.kernel.org/all/20240904-devel-anna-maria-b4-timers-flseep-v1-2-e98760256370@linutronix.de commit fe90c5ba88ad43d42acefb21b57df837be86a61a Author: Anna-Maria Behnsen Date: Wed Sep 4 15:04:51 2024 +0200 timers: Rename next_expiry_recalc() to be unique next_expiry_recalc is the name of a function as well as the name of a struct member of struct timer_base. This might lead to confusion. Rename next_expiry_recalc() to timer_recalc_next_expiry(). No functional change. Signed-off-by: Anna-Maria Behnsen Signed-off-by: Thomas Gleixner Reviewed-by: Frederic Weisbecker Link: https://lore.kernel.org/all/20240904-devel-anna-maria-b4-timers-flseep-v1-1-e98760256370@linutronix.de commit 355debb83bf79853cde43579f88eed16adb1da29 Merge: 4040b1139904b3 7562eed272b49e 1c5144a066fd17 1ecd9d68eb44e4 e53cef031bfac2 8f35fefad06323 0aac9daef6763e fb579e6656a8d5 Author: Neeraj Upadhyay Date: Mon Sep 9 00:09:47 2024 +0530 Merge branches 'context_tracking.15.08.24a', 'csd.lock.15.08.24a', 'nocb.09.09.24a', 'rcutorture.14.08.24a', 'rcustall.09.09.24a', 'srcu.12.08.24a', 'rcu.tasks.14.08.24a', 'rcu_scaling_tests.15.08.24a', 'fixes.12.08.24a' and 'misc.11.08.24a' into next.09.09.24a commit 1ecd9d68eb44e4b7972aee2840eb4fdf29b9de2b Author: Paul E. McKenney Date: Fri Aug 23 14:15:12 2024 -0700 rcu: Defer printing stall-warning backtrace when holding rcu_node lock The rcu_dump_cpu_stacks() holds the leaf rcu_node structure's ->lock when dumping the stakcks of any CPUs stalling the current grace period. This lock is held to prevent confusion that would otherwise occur when the stalled CPU reported its quiescent state (and then went on to do unrelated things) just as the backtrace NMI was heading towards it. This has worked well, but on larger systems has recently been observed to cause severe lock contention resulting in CSD-lock stalls and other general unhappiness. This commit therefore does printk_deferred_enter() before acquiring the lock and printk_deferred_exit() after releasing it, thus deferring the overhead of actually outputting the stack trace out of that lock's critical section. Reported-by: Rik van Riel Suggested-by: Rik van Riel Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 7562eed272b49e233c430524e684b957f34f2fd2 Author: Frederic Weisbecker Date: Wed Aug 14 00:56:42 2024 +0200 rcu/nocb: Remove superfluous memory barrier after bypass enqueue Pre-GP accesses performed by the update side must be ordered against post-GP accesses performed by the readers. This is ensured by the bypass or nocb locking on enqueue time, followed by the fully ordered rnp locking initiated while callbacks are accelerated, and then propagated throughout the whole GP lifecyle associated with the callbacks. Therefore the explicit barrier advertizing ordering between bypass enqueue and rcuo wakeup is superfluous. If anything, it would even only order the first bypass callback enqueue against the rcuo wakeup and ignore all the subsequent ones. Remove the needless barrier. Signed-off-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 1b022b8763fde84c51ca06218306d7d88fb090cb Author: Frederic Weisbecker Date: Wed Aug 14 00:56:41 2024 +0200 rcu/nocb: Conditionally wake up rcuo if not already waiting on GP A callback enqueuer currently wakes up the rcuo kthread if it is adding the first non-done callback of a CPU, whether the kthread is waiting on a grace period or not (unless the CPU is offline). This looks like a desired behaviour because then the rcuo kthread doesn't wait for the end of the current grace period to handle the callback. It is accelerated right away and assigned to the next grace period. The GP kthread is notified about that fact and iterates with the upcoming GP without sleeping in-between. However this best-case scenario is contradicted by a few details, depending on the situation: 1) If the callback is a non-bypass one queued with IRQs enabled, the wake up only occurs if no other pending callbacks are on the list. Therefore the theoretical "optimization" actually applies on rare occasions. 2) If the callback is a non-bypass one queued with IRQs disabled, the situation is similar with even more uncertainty due to the deferred wake up. 3) If the callback is lazy, a few jiffies don't make any difference. 4) If the callback is bypass, the wake up timer is programmed 2 jiffies ahead by rcuo in case the regular pending queue has been handled in the meantime. The rare storm of callbacks can otherwise wait for the currently elapsing grace period to be flushed and handled. For all those reasons, the optimization is only theoretical and occasional. Therefore it is reasonable that callbacks enqueuers only wake up the rcuo kthread when it is not already waiting on a grace period to complete. Signed-off-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 9139f93209d1ffd7f489ab19dee01b7c3a1a43d2 Author: Frederic Weisbecker Date: Wed Aug 14 00:56:40 2024 +0200 rcu/nocb: Fix RT throttling hrtimer armed from offline CPU After a CPU is marked offline and until it reaches its final trip to idle, rcuo has several opportunities to be woken up, either because a callback has been queued in the meantime or because rcutree_report_cpu_dead() has issued the final deferred NOCB wake up. If RCU-boosting is enabled, RCU kthreads are set to SCHED_FIFO policy. And if RT-bandwidth is enabled, the related hrtimer might be armed. However this then happens after hrtimers have been migrated at the CPUHP_AP_HRTIMERS_DYING stage, which is broken as reported by the following warning: Call trace: enqueue_hrtimer+0x7c/0xf8 hrtimer_start_range_ns+0x2b8/0x300 enqueue_task_rt+0x298/0x3f0 enqueue_task+0x94/0x188 ttwu_do_activate+0xb4/0x27c try_to_wake_up+0x2d8/0x79c wake_up_process+0x18/0x28 __wake_nocb_gp+0x80/0x1a0 do_nocb_deferred_wakeup_common+0x3c/0xcc rcu_report_dead+0x68/0x1ac cpuhp_report_idle_dead+0x48/0x9c do_idle+0x288/0x294 cpu_startup_entry+0x34/0x3c secondary_start_kernel+0x138/0x158 Fix this with waking up rcuo using an IPI if necessary. Since the existing API to deal with this situation only handles swait queue, rcuo is only woken up from offline CPUs if it's not already waiting on a grace period. In the worst case some callbacks will just wait for a grace period to complete before being assigned to a subsequent one. Reported-by: "Cheng-Jui Wang (王正睿)" Fixes: 5c0930ccaad5 ("hrtimers: Push pending hrtimers away from outgoing CPU earlier") Signed-off-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 1fcb932c8b5ce86219d7dedcd63659351a43291c Author: Frederic Weisbecker Date: Thu Jul 4 00:56:40 2024 +0200 rcu/nocb: Simplify (de-)offloading state machine Now that the (de-)offloading process can only apply to offline CPUs, there is no more concurrency between rcu_core and nocb kthreads. Also the mutation now happens on empty queues. Therefore the state machine can be reduced to a single bit called SEGCBLIST_OFFLOADED. Simplify the transition as follows: * Upon offloading: queue the rdp to be added to the rcuog list and wait for the rcuog kthread to set the SEGCBLIST_OFFLOADED bit. Unpark rcuo kthread. * Upon de-offloading: Park rcuo kthread. Queue the rdp to be removed from the rcuog list and wait for the rcuog kthread to clear the SEGCBLIST_OFFLOADED bit. Signed-off-by: Frederic Weisbecker Signed-off-by: Paul E. McKenney Reviewed-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit c259acab839e57eab0318f32da4ae803a8d59397 Author: Mahesh Bandewar Date: Wed Sep 4 07:13:05 2024 -0700 ptp/ioctl: support MONOTONIC{,_RAW} timestamps for PTP_SYS_OFFSET_EXTENDED The ability to read the PHC (Physical Hardware Clock) alongside multiple system clocks is currently dependent on the specific hardware architecture. This limitation restricts the use of PTP_SYS_OFFSET_PRECISE to certain hardware configurations. The generic soultion which would work across all architectures is to read the PHC along with the latency to perform PHC-read as offered by PTP_SYS_OFFSET_EXTENDED which provides pre and post timestamps. However, these timestamps are currently limited to the CLOCK_REALTIME timebase. Since CLOCK_REALTIME is affected by NTP (or similar time synchronization services), it can experience significant jumps forward or backward. This hinders the precise latency measurements that PTP_SYS_OFFSET_EXTENDED is designed to provide. This problem could be addressed by supporting MONOTONIC_RAW timestamps within PTP_SYS_OFFSET_EXTENDED. Unlike CLOCK_REALTIME or CLOCK_MONOTONIC, the MONOTONIC_RAW timebase is unaffected by NTP adjustments. This enhancement can be implemented by utilizing one of the three reserved words within the PTP_SYS_OFFSET_EXTENDED struct to pass the clock-id for timestamps. The current behavior aligns with clock-id for CLOCK_REALTIME timebase (value of 0), ensuring backward compatibility of the UAPI. Signed-off-by: Mahesh Bandewar Signed-off-by: Vadim Fedorenko Signed-off-by: David S. Miller commit 72486eb13b254d0bee637a947f9ec46d01c37f04 Merge: ba26342a386a07 2e01ac83c1c716 Author: Greg Kroah-Hartman Date: Sun Sep 8 17:48:12 2024 +0200 Merge tag 'extcon-next-for-6.12' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/chanwoo/extcon into char-misc-next Chanwoo writes: Update extcon next for v6.12 Detailed description for this pull request: - Add missing child node port on exttcon-ptn5150 binding document - Convert extcon-usb-gpio.txt to yaml format for binding document - Add new LC824206XA microUSB switch driver : Add a new driver for the ON Semiconductor LC824206XA microUSB switch and accessory detector chip. It has been tested on a Lenovo Yoga Tablet 2 Pro 1380. And this driver is only used on x86/ACPI (non devicetree) devices, Therefor there is no devicetree bindings documentation. - Apply immutable branch between power_supply and extcon tree for extcon-lc824206xa.c * tag 'extcon-next-for-6.12' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/chanwoo/extcon: extcon: lc824206xa: Fix build error of POWER_SUPPLY_PROP_USB_TYPE dt-bindings: extcon: convert extcon-usb-gpio.txt to yaml format dt-bindings: extcon: ptn5150: add child node port extcon: Add LC824206XA microUSB switch driver power: supply: Change usb_types from an array into a bitmask power: supply: sysfs: Move power_supply_show_enum_with_available() up power: supply: sysfs: Add power_supply_show_enum_with_available() helper power: supply: rt9467-charger: Remove "usb_type" property write support power: supply: ucs1002: Adjust ucs1002_set_usb_type() to accept string values power: supply: "usb_type" property may be written to commit a6fe30d1e3657991c832702cecb44576128d7fa3 Author: Costa Shulyupin Date: Fri Sep 6 20:01:40 2024 +0300 genirq: Use cpumask_intersects() Replace `cpumask_any_and(a, b) >= nr_cpu_ids` and `cpumask_any_and(a, b) < nr_cpu_ids` with the more readable `!cpumask_intersects(a, b)` and `cpumask_intersects(a, b)` Signed-off-by: Costa Shulyupin Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240906170142.1135207-1-costa.shul@redhat.com commit 1d07085402d122f223bda3f8b72bea37a46ee0c9 Author: Bibo Mao Date: Sat Sep 7 16:27:20 2024 +0800 smp: Mark smp_prepare_boot_cpu() __init smp_prepare_boot_cpu() is only called during boot, hence mark it as __init. Signed-off-by: Bibo Mao Signed-off-by: Thomas Gleixner Reviewed-by: Huacai Chen Link: https://lore.kernel.org/all/20240907082720.452148-1-maobibo@loongson.cn commit 6c4a5f96450415735c31ed70ff354f0ee5cbf67b Author: Mike Baynton Date: Wed Jul 10 22:52:04 2024 -0500 ovl: fail if trusted xattrs are needed but caller lacks permission Some overlayfs features require permission to read/write trusted.* xattrs. These include redirect_dir, verity, metacopy, and data-only layers. This patch adds additional validations at mount time to stop overlays from mounting in certain cases where the resulting mount would not function according to the user's expectations because they lack permission to access trusted.* xattrs (for example, not global root.) Similar checks in ovl_make_workdir() that disable features instead of failing are still relevant and used in cases where the resulting mount can still work "reasonably well." Generally, if the feature was enabled through kernel config or module option, any mount that worked before will still work the same; this applies to redirect_dir and metacopy. The user must explicitly request these features in order to generate a mount failure. Verity and data-only layers on the other hand must be explictly requested and have no "reasonable" disabled or degraded alternative, so mounts attempting either always fail. "lower data-only dirs require metacopy support" moved down in case userxattr is set, which disables metacopy. Cc: stable@vger.kernel.org # v6.6+ Signed-off-by: Mike Baynton Signed-off-by: Amir Goldstein commit 930b7c32ea2b514fb2c37aa3d4b946d954ee7fa2 Author: Yuriy Belikov Date: Wed Sep 4 19:54:29 2024 +0300 overlayfs.rst: update metacopy section in overlayfs documentation - Provide info about trusted.overlay.metacopy extended attribute - Minor rephrasing regarding copy-up operation with metacopy=on Signed-off-by: Yuriy Belikov Signed-off-by: Amir Goldstein commit ba26342a386a07bdeed1ef8e55ec02a9a5abde07 Merge: b39121354f95cd 5ba0cb92584ba5 Author: Greg Kroah-Hartman Date: Sun Sep 8 13:23:57 2024 +0200 Merge tag 'iio-for-6.12b' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/jic23/iio into char-misc-next Jonathan writes: IIO: 2nd set of new device support features and cleanup for 6.12 Late pull request as I was planing to include another series that is waiting for a fix to end up in char-misc-next. That can wait for next cycle. Includes one immutable branch merge from MFD to get a necessary header change. Usual mix of a few new drivers, additional device support for existing drivers, new features and a bunch of cleanup across tree. New device support ================== asahi-kasei,ak8975 - A few minor fixes as precursors to support for the AK09118 magnetometer that is very similar to the already supported AK09112 awinic,aw96103 - New driver for this capacitive proximity sensor. x-powers,axp202 - Add support for the axp717 (including merge of MFD immutable branch). sophgo,saradc - New driver for this SOC ADC. Features ======== adi,ad4695 - Add calibration support. bosch,bmi323 - Ensure device is in lowest power state on suspend. Cleanup and minor fixes ======================= treewide - Start to standardize formatting of id tables (ADC drivers done so far). adi,ad5449 - Drop platform data support as long unused in upstream kernel. bosch,bmc150 - Use fwnode_irq_get_by_name() in place of of_ variant. - Use ACPI_HANDLE() to get the handle directly rather than via ACPI_COMPANION() google,cros_ec_mkbp_proximity - Include mod_devicetable.h instead of broader of.h mirochip,mcp320x - Drop vendorless compatible entries as not needed for backwards compatibility and should not be used in new boards. st,lsm6dsx - Use iio_read_acpi_mount_matrix() helper instead of open coding the same. - Drop some unnecessary dev_fwnode() calls to check if a fwnode is available. All the calls made handle this anyway. xilinx,ams - Use device_for_each_child_node_scoped() to avoid manual release of fwnode handle. tools,generic-buffer - Handle failure to allocate trigger name. - Cleanup .*.cmd files if present. * tag 'iio-for-6.12b' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/jic23/iio: (28 commits) iio: adc: axp20x_adc: add support for AXP717 ADC dt-bindings: iio: adc: Add AXP717 compatible iio: adc: axp20x_adc: Add adc_en1 and adc_en2 to axp_data tools: iio: rm .*.cmd when make clean iio: adc: standardize on formatting for id match tables iio: proximity: aw96103: Add support for aw96103/aw96105 proximity sensor dt-bindings: iio: aw96103: Add bindings for aw96103/aw96105 sensor iio: adc: sophgo-saradc: Add driver for Sophgo CV1800B SARADC dt-bindings: iio: adc: sophgo,cv1800b-saradc: Add Sophgo CV1800B SARADC tools/iio: Add memory allocation failure check for trigger_name iio: imu: st_lsm6dsx: Remove useless dev_fwnode() calls iio: imu: st_lsm6dsx: Use iio_read_acpi_mount_matrix() helper iio: adc: mcp320x: Drop vendorless compatible strings iio: dac: ad5449: drop support for platform data iio: adc: xilinx-ams: use device_* to iterate over device child nodes iio: ABI: document ad4695 new attributes doc: iio: ad4695: update for calibration support iio: adc: ad4695: implement calibration support iio: adc: ad4695: add 2nd regmap for 16-bit registers iio: bmi323: peripheral in lowest power state on suspend ... commit d5c4546062fd6f5dbce575c7ea52ad66d1968678 Author: Dmitry Antipov Date: Wed Sep 4 14:54:01 2024 +0300 net: sched: consistently use rcu_replace_pointer() in taprio_change() According to Vinicius (and carefully looking through the whole https://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa once again), txtime branch of 'taprio_change()' is not going to race against 'advance_sched()'. But using 'rcu_replace_pointer()' in the former may be a good idea as well. Suggested-by: Vinicius Costa Gomes Signed-off-by: Dmitry Antipov Acked-by: Vinicius Costa Gomes Signed-off-by: David S. Miller commit 0a131eb8551da832e3c04b385305f7d79e5edb89 Author: He Lugang Date: Sat Sep 7 22:28:54 2024 +0800 ALSA: rme9652: remove unused parameter in macro Parameter xindex is not used in macro HDSPM_TCO_LTC_FRAMES and HDSPM_TCO_VIDEO_INPUT_FORMAT,so just remove it to simplify the code. Signed-off-by: He Lugang Link: https://patch.msgid.link/F53E9F10DA24705D+20240907142854.17627-1-helugang@uniontech.com Signed-off-by: Takashi Iwai commit 7b713929bbd80a400ceb90f398bffe58e5cc8fc8 Author: Takashi Sakamoto Date: Sun Sep 8 13:05:49 2024 +0900 firewire: core: fulfill documentation of fw_iso_context_flush_completions() The fw_iso_context_flush_completions() is the counterpart of fw_iso_context_schedule_work() to process isochronous context in current process context. This commit fulfills its documentation. Link: https://lore.kernel.org/r/20240908040549.75304-3-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 446216bd8e5d4a3ffc9738f6adffc98fbfdcc582 Author: Takashi Sakamoto Date: Sun Sep 8 13:05:48 2024 +0900 firewire: core: expose kernel API to schedule work item to process isochronous context In packet-per-buffer mode for isochronous context of 1394 OHCI, software can schedule hardIRQ to the buffer in which the content of isochronous packet is processed. The actual behaviour is different between isochronous receive (IR) and transmit (IT) contexts in respect to isochronous cycle in which the hardIRQ occurs. In IR context, the hardIRQ occurs when the buffer is filled actually by the content of received packet. If there are any isochronous cycles in which the packet transmission is skipped, it is postponed to generate the hardIRQ in respect to the isochronous cycle. In IT context, software can schedule the content of packet every isochronous cycle including skipping, therefore the hardIRQ occurs in the isochronous cycle to which the software scheduled. ALSA firewire stack uses the packet-per-buffer mode for both IR/IT contexts. To process time stamp per packet (or per sample in some cases) steadily for media clock recovery against unexpected transmission skips, it uses an IT context to operate all of isochronous contexts by calls of fw_iso_context_flush_completions() in the bottom-half of hardIRQ for the IT context. Although it looks well to handle all of isochronous contexts in a single bottom-half context, it relatively takes longer time. In the future code integration (not yet), it is possible to apply parallelism method to process these context. In the case, it is useful to allow unit drivers to schedule work items to process these isochronous contexts. As a preparation, this commit exposes fw_iso_context_schedule_flush_completions() as a kernel API available by unit drivers. It is renamed from fw_iso_context_queue_work() since it is a counter part of fw_iso_context_flush_completions(). Link: https://lore.kernel.org/r/20240908040549.75304-2-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit fc41a0a7498636ac0af7c37be80ca8571c2f4173 Author: Masahiro Yamada Date: Thu Sep 5 08:47:37 2024 +0900 kbuild: add intermediate targets for Flex/Bison in scripts/Makefile.host Flex and Bison are used only for host programs. Move their intermediate target processing from scripts/Makefile.build to scripts/Makefile.host. Signed-off-by: Masahiro Yamada commit 37ed8e75c66099ffeca1fb51c7cc7999ec4315ac Author: Kryštof Černý Date: Thu Sep 5 19:37:10 2024 +0200 arm64: dts: allwinner: h5: NanoPi Neo Plus2: Fix regulators Added the main board 5 V supply regulator, a 2.5 V supply regulator for GMAC PHY IO and correct vin-supply elements. Signed-off-by: Kryštof Černý Reviewed-by: Andre Przywara Link: https://lore.kernel.org/r/20240905-nanopi-neo-plus2-regfix-v3-1-1895dff59598@gmail.com [wens@csie.org: Make "h5" lowercase to match most commits] Signed-off-by: Chen-Yu Tsai commit 91e5d15c7b198ecea27407e04cff2fed2d4c2c75 Author: Jim Quinlan Date: Thu Aug 15 18:57:26 2024 -0400 PCI: brcmstb: Enable 7712 SoCs The Broadcom STB 7712 is the sibling chip of the RPi 5 (2712). It has one PCIe controller with a single port, supports gen2 and one lane only. The current revision of the chip is "C0" or "C1". Link: https://lore.kernel.org/linux-pci/20240815225731.40276-14-james.quinlan@broadcom.com Signed-off-by: Jim Quinlan [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Florian Fainelli Reviewed-by: Krzysztof Kozlowski Reviewed-by: Manivannan Sadhasivam Reviewed-by: Stanimir Varbanov commit 8215851c74f9eb5a9e028834db0ab03d3a6e47e4 Author: Jim Quinlan Date: Thu Aug 15 18:57:25 2024 -0400 PCI: brcmstb: Change field name from 'type' to 'soc_base' The 'type' field used in the driver to discern SoC differences is confusing; change it to the more apt 'soc_base'. The 'base' is because some SoCs have the same characteristics as previous SoCs so it is convenient to classify them in the same group. Link: https://lore.kernel.org/linux-pci/20240815225731.40276-13-james.quinlan@broadcom.com Signed-off-by: Jim Quinlan [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Florian Fainelli Reviewed-by: Manivannan Sadhasivam commit 6f61062fce866e2ff1f3300b278e93d939a846a0 Author: Jim Quinlan Date: Thu Aug 15 18:57:24 2024 -0400 PCI: brcmstb: Check return value of all reset_control_* calls Always check the return value for invocations of reset_control_xxx() and propagate the error to the next level. Although the current functions in reset-brcmstb.c cannot fail, this may someday change. Link: https://lore.kernel.org/linux-pci/20240815225731.40276-12-james.quinlan@broadcom.com Signed-off-by: Jim Quinlan [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Florian Fainelli Reviewed-by: Manivannan Sadhasivam Reviewed-by: Stanimir Varbanov commit ae6476c6de187bea90c729e3e0188143300fa671 Author: Jim Quinlan Date: Thu Aug 15 18:57:23 2024 -0400 PCI: brcmstb: Refactor for chips with many regular inbound windows Provide support for new chips with multiple inbound windows while keeping the legacy support for the older chips. In existing chips there are three inbound windows with fixed purposes: the first was for mapping SoC internal registers, the second was for memory, and the third was for memory but with the endian swapped. Typically, only one window was used. Complicating the inbound window usage was the fact that the PCIe HW would do a baroque internal mapping of system memory, and concatenate the regions of multiple memory controllers. Newer chips such as the 7712 and Cable Modem SoCs take a step forward and drop the internal mapping while providing for multiple inbound windows. This works in concert with the dma-ranges property, where each provided range becomes an inbound window. Link: https://lore.kernel.org/linux-pci/20240815225731.40276-11-james.quinlan@broadcom.com Co-developed-by: Riyan Dhiman Signed-off-by: Riyan Dhiman Signed-off-by: Jim Quinlan [kwilczynski: commit log, wrap code comments to 80 columns] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Florian Fainelli Reviewed-by: Stanimir Varbanov Acked-by: Manivannan Sadhasivam commit 7e722083fcc3e148838fc3dc2486c498908c4677 Author: Heiner Kallweit Date: Wed Aug 21 22:13:04 2024 +0200 i2c: Remove I2C_COMPAT config symbol and related code This code was added with 2bb5095affdb ("i2c: Provide compatibility links for i2c adapters"). Commit message stated: Provide compatibility links for [...] the time being. We will remove them after a long transition period. 15 years should have been a long enough transition period. Signed-off-by: Heiner Kallweit Acked-by: Greg Kroah-Hartman Signed-off-by: Wolfram Sang commit 5c9a274202ca144764e98d4032fed76693e8cfc6 Author: Heiko Carstens Date: Wed Sep 4 11:39:30 2024 +0200 s390/boot: Move boot_printk() code to own file Keep the printk code separate from the program check code and move boot_printk() and helper functions to own printk.c file. Reviewed-by: Sven Schnelle Signed-off-by: Heiko Carstens commit dc7155550730dfab3b7cc59dfbf0d8c84ac67bf0 Author: Heiko Carstens Date: Wed Sep 4 11:39:29 2024 +0200 s390/boot: Use boot_printk() instead of sclp_early_printk() Consistently use boot_printk() everywhere instead of sclp_early_printk() at some places. For some places it was required (e.g. als.c), in order to stay in code compiled for the same architecture level, for other places it is not obvious why sclp_early_printk() was used instead of decompressor_printk(). Given that the whole decompressor code is compiled for the same architecture level, there is no requirement left to use different printk functions. Reviewed-by: Sven Schnelle Signed-off-by: Heiko Carstens commit bfda6108144628581ee50a127bb616cf097b1c7c Author: Heiko Carstens Date: Wed Sep 4 11:39:28 2024 +0200 s390/boot: Rename decompressor_printk() to boot_printk() Rename decompressor_printk() to boot_printk() just to have a shorter function name, which also makes the code more readable. Reviewed-by: Sven Schnelle Signed-off-by: Heiko Carstens commit fccb175bc89a0d37e3ff513bb6bf1f73b3a48950 Author: Heiko Carstens Date: Wed Sep 4 11:39:27 2024 +0200 s390/boot: Compile all files with the same march flag Only a couple of files of the decompressor are compiled with the minimum architecture level. This is problematic for potential function calls between compile units, especially if a target function is within a compile until compiled for a higher architecture level, since that may lead to an unexpected operation exception. Therefore compile all files of the decompressor for the same (minimum) architecture level. Reviewed-by: Sven Schnelle Signed-off-by: Heiko Carstens commit ebcc369f18919c92aeca2003618fcfeade04121b Author: Heiko Carstens Date: Wed Sep 4 11:39:26 2024 +0200 s390: Use MARCH_HAS_*_FEATURES defines Replace CONFIG_HAVE_MARCH_*_FEATURES with MARCH_HAS_*_FEATURES everywhere so code gets compiled correctly depending on if the target is the kernel or the decompressor. Reviewed-by: Sven Schnelle Signed-off-by: Heiko Carstens commit 697b37371f4af8b237f47cd4aa4a2255a273b4ce Author: Heiko Carstens Date: Wed Sep 4 11:39:25 2024 +0200 s390: Provide MARCH_HAS_*_FEATURES defines Provide MARCH_HAS_*_FEATURES defines which are supposed to be used everywhere instead of the CONFIG_HAVE_MARCH_*_FEATURES defines. Various header files contain code which depend on the CONFIG_HAVE_MARCH_*_FEATURES defines, allowing for compile time optimizations. If such code is used within the decompressor wrong code may be generated (the compiler may generate instructions which are not available for the minimum architecture level of the decompressor). Therefore provide a new header file with MARCH_HAS_*_FEATURES defines, which are only available if __DECOMPRESSOR is not defined. This way code generation for the kernel image is still optimized depending on CONFIG_HAVE_MARCH_*_FEATURES, while code generated for the decompressor is compiled for the minimum architecture level. Reviewed-by: Sven Schnelle Signed-off-by: Heiko Carstens commit 0147addc4fb72a39448b8873d8acdf3a0f29aa65 Author: Heiko Carstens Date: Wed Sep 4 11:39:24 2024 +0200 s390/facility: Disable compile time optimization for decompressor code Disable compile time optimizations of test_facility() for the decompressor. The decompressor should not contain any optimized code depending on the architecture level set the kernel image is compiled for to avoid unexpected operation exceptions. Add a __DECOMPRESSOR check to test_facility() to enforce that facilities are always checked during runtime for the decompressor. Reviewed-by: Sven Schnelle Signed-off-by: Heiko Carstens commit db545f5387472176cf1e7df76fe97a4f56b7158d Author: Heiko Carstens Date: Wed Sep 4 11:39:23 2024 +0200 s390/boot: Increase minimum architecture to z10 The decompressor code is partially compiled with march=z900 so it is possible to print an error message in case a kernel is booted on a machine which misses facilities to execute the kernel. Given that the decompressor code also includes header files from the core kernel this causes problems for inline assemblies and other code where the minimum assumed architecture level is set to z10 in the meantime. If such code is also used in the decompressor (e.g. inline functions) z900 support must be implemented again. In order to avoid this and to keep things simple just raise the minimum architecture level to z10 for the decompressor just like for the kernel. Reviewed-by: Sven Schnelle Signed-off-by: Heiko Carstens commit 6fa7aea6a9fc8eb49d879ac66bf27460e70c83b3 Author: Heiko Carstens Date: Wed Sep 4 11:39:22 2024 +0200 s390/als: Remove obsolete comment The bss section of the decompressor is part of the compressed kernel image since commit 980d5f9ab36b ("s390/boot: enable .bss section for compressed kernel"). Remove a now incorrect comment that states that the bss section must not be accessed. Reviewed-by: Sven Schnelle Signed-off-by: Heiko Carstens commit acc8c0a9887558966295e3c0881e633154c239a9 Author: Keith Busch Date: Fri Sep 6 12:45:40 2024 -0700 blk-mq: add missing unplug trace event The single-queue optimized list flush doesn't have an unplug trace event to pair with the plug event. Add one. In the unlikely event an error occurs and falls back to the less optimized plug flush path, it's possible a 2nd unplug trace event will be logged, but it will show the remainig count that weren't previously handled. Signed-off-by: Keith Busch Link: https://lore.kernel.org/r/20240906194540.3719642-1-kbusch@meta.com Signed-off-by: Jens Axboe commit a02e98bebc15f1d973c2a62005be9456a657e2b6 Author: Li Zetao Date: Sat Sep 7 11:40:46 2024 +0800 mtip32xx: Remove redundant null pointer checks in mtip_hw_debugfs_init() Since the debugfs_create_dir() never returns a null pointer, checking the return value for a null pointer is redundant. Since debugfs_create_file() can deal with a ERR_PTR() style pointer, drop the check. Since mtip_hw_debugfs_init does not pay attention to the return value, its return type can be changed to void. Signed-off-by: Li Zetao Link: https://lore.kernel.org/r/20240907034046.3595268-1-lizetao1@huawei.com Signed-off-by: Jens Axboe commit 5ba0cb92584ba5e107c97001e09013c1da0772a8 Author: Chris Morgan Date: Wed Aug 21 16:54:53 2024 -0500 iio: adc: axp20x_adc: add support for AXP717 ADC Add support for the AXP717 ADC. The AXP717 differs from other ADCs in this series by utilizing a 14 bit ADC for all channels (a full 16 bits with the first 2 digits reserved). It also differs by lacking a battery discharge current channel. Note that while the current charge channel itself is included in this driver for the AXP717 and listed in the datasheet, no scale or offset was given for this channel. For now no scale or offset is provided in this driver. Acked-by: Jonathan Cameron Signed-off-by: Chris Morgan Link: https://patch.msgid.link/20240821215456.962564-13-macroalpha82@gmail.com Signed-off-by: Jonathan Cameron commit 85d3af3e9fccdc42b9651640dc84ef1d7955b693 Author: Chris Morgan Date: Wed Aug 21 16:54:49 2024 -0500 dt-bindings: iio: adc: Add AXP717 compatible Add compatible binding for the axp717. Acked-by: Jonathan Cameron Acked-by: Krzysztof Kozlowski Signed-off-by: Chris Morgan Link: https://patch.msgid.link/20240821215456.962564-9-macroalpha82@gmail.com Signed-off-by: Jonathan Cameron commit c7ac44751d18c53230bd86b4e13b361abd9590bb Author: Chris Morgan Date: Wed Aug 21 16:54:42 2024 -0500 iio: adc: axp20x_adc: Add adc_en1 and adc_en2 to axp_data Add the register for adc_en1 and adc_en2 to the axp_data struct. This allows us to specify a different register to enable the adc channels for different devices such as the AXP717. Acked-by: Jonathan Cameron Signed-off-by: Chris Morgan Acked-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240821215456.962564-2-macroalpha82@gmail.com Signed-off-by: Jonathan Cameron commit d1360cc7ffc1837111d843058fbded1b38f387ba Merge: dfc58f467f7163 2e1a57d5b0adbb Author: Jonathan Cameron Date: Sat Sep 7 14:26:34 2024 +0100 Merge remote-tracking branch 'mfd/ib-mfd-for-iio-power-6.12' into togreg commit b12891c7b6d2c29a07b2da5589ee469d7bf37254 Author: Jerome Brunet Date: Fri Sep 6 11:34:16 2024 +0200 ALSA: IEC958 definition for consumer status channel update Add 128kHz, 352.4kHz, 384kHz and 705.6kHz. These definitions have been found working on eARC using a Murideo Seven Generator. Signed-off-by: Jerome Brunet Link: https://patch.msgid.link/20240906093422.2976550-1-jbrunet@baylibre.com Signed-off-by: Takashi Iwai commit 63e38d0787971d3026bb5e31c86663e0f1e62586 Author: Takashi Iwai Date: Sat Sep 7 10:40:47 2024 +0200 ALSA: hda: Allow the default preallocation for x86 again Since there are a few corner cases where the S/G buffer allocation isn't performed (e.g. depending on IOMMU implementations), it'd be better to allow the default buffer preallocation size for x86, too. The default for x86 is still kept to 0, as it should work in most cases. Link: https://patch.msgid.link/20240907084129.28802-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit fdf94e4403ece60b29ef9e2da95e2fcefe50817f Author: Thomas Weißschuh Date: Sun Sep 1 19:55:21 2024 +0200 kbuild: compile constant module information only once Various information about modules is compiled into the info sections. For that a dedicated .mod.c file is generated by modpost for each module and then linked into the module. However most of the information in the .mod.c is the same for all modules, internal and external. Split the shared information into a dedicated source file that is compiled once and then linked into all modules. This avoids frequent rebuilds for all .mod.c files when using CONFIG_LOCALVERSION_AUTO because the local version ends up in .mod.c through UTS_RELEASE and VERMAGIC_STRING. The modules are still relinked in this case. The code is also easier to maintain as it's now in a proper source file instead of an inline string literal. Signed-off-by: Thomas Weißschuh Signed-off-by: Masahiro Yamada commit cd615d7fcc7958107d1506c6eb5be50f4e920312 Author: Masahiro Yamada Date: Sat Aug 31 19:10:28 2024 +0900 ARC: update the help message for CONFIG_ARC_BUILTIN_DTB_NAME Commit abe11ddea1d7 ("ARC: [plat-arcfpga]: Enabling DeviceTree for Angel4 board") changed the default built-in DTB from "skeleton" to "angel4". Commit fd1557923b2e ("ARC: [plat_arcfpga]->[plat_sim]") changed it from "angel4" to "nsim_700". Signed-off-by: Masahiro Yamada Acked-by: Vineet Gupta commit dde60e7d103bf6cf820b2c4c4bb5658bad1759a9 Author: Tony Battersby Date: Thu Aug 29 09:51:25 2024 -0400 kbuild: remove recent dependency on "truncate" program Remove the recently-added dependency on the truncate program for building the kernel. truncate is not available when building the kernel under Yocto. It could be added, but it would be better just to avoid the unnecessary dependency. Fixes: 1472464c6248 ("kbuild: avoid scripts/kallsyms parsing /dev/null") Signed-off-by: Tony Battersby Reviewed-by: Nathan Chancellor Signed-off-by: Masahiro Yamada commit 4929f5b95f6b20ae10f2c409fb2ca58253e73706 Author: Jose Fernandez Date: Sat Aug 24 16:07:56 2024 -0600 kbuild: add debug package to pacman PKGBUILD Add a new debug package to the PKGBUILD for the pacman-pkg target. The debug package includes the non-stripped vmlinux file with debug symbols for kernel debugging and profiling. The file is installed at /usr/src/debug/${pkgbase}, with a symbolic link at /usr/lib/modules/$(uname -r)/build/vmlinux. The debug package is built by default. Signed-off-by: Jose Fernandez Reviewed-by: Peter Jung Acked-by: Thomas Weißschuh Signed-off-by: Masahiro Yamada commit d97eae80d57220477a02435e49b48ac6f01e289c Author: Stephen Brennan Date: Fri Aug 23 12:41:51 2024 -0700 Documentation: kconfig: explicitly document missing prompt There are a few lines in the kbuild-language.rst document which obliquely reference the behavior of config options without prompts. But there is nothing in the obvious location that explicitly calls out that users cannot edit config options unless they have a prompt. Signed-off-by: Stephen Brennan Reviewed-by: Nathan Chancellor Signed-off-by: Masahiro Yamada commit af04e65f6b66339080fba0d5f44a759647371652 Merge: 88a29f8c5ff97f 15302579373ed2 Author: Dave Airlie Date: Sat Sep 7 16:43:06 2024 +1000 Merge tag 'drm-msm-next-2024-09-02' of https://gitlab.freedesktop.org/drm/msm into drm-next Updates for v6.12 DPU: - Fix implement DP/PHY mapping on SC8180X - Enable writeback on SM8150, SC8180X, SM6125, SM6350 DP: - Enable widebus on all relevant chipsets DSI: - Fix PHY programming on SM8350 / SM8450 HDMI: - Add support for HDMI on MSM8998 MDP5: - NULL string fix GPU: - A642L speedbin support - A615 support - A306 support - A621 support - Expand UBWC uapi - A7xx GPU devcoredump fixes - A5xx preemption fixes - cleanups Signed-off-by: Dave Airlie From: Rob Clark Link: https://patchwork.freedesktop.org/patch/msgid/CAF6AEGudK7YMiKDhtvYgp=bY64OZZt0UQSkEkSxLo4rLmeVd9g@mail.gmail.com commit d647bdf4d080208b71a205ec19a1c9f18ca83f00 Author: Damien Le Moal Date: Sat Sep 7 10:56:32 2024 +0900 ata: libata: Fix W=1 compilation warning Commit c494708d1f68 ("ata: libata: Cleanup libata-transport") inadvertently changed the name of the link argument to ata_link in the kdoc description of ata_tlink_add(), causing warnings to be issue when compiling with W=1: drivers/ata/libata-transport.c:690: warning: Function parameter or struct member 'link' not described in 'ata_tlink_add' drivers/ata/libata-transport.c:690: warning: Excess function parameter 'ata_link' description in 'ata_tlink_add' Change the kdoc argument name to "link" to avoid these warnings. Fixes: c494708d1f68 ("ata: libata: Cleanup libata-transport") Signed-off-by: Damien Le Moal commit f723224742fc6d25f88a9d9036be4713398be65d Merge: aa05fe67bcd641 4201f3938914d8 Author: Jakub Kicinski Date: Fri Sep 6 18:39:31 2024 -0700 Merge tag 'nf-next-24-09-06' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next Pablo Neira Ayuso says: ==================== Netfilter updates for net-next The following patchset contains Netfilter updates for net-next: Patch #1 adds ctnetlink support for kernel side filtering for deletions, from Changliang Wu. Patch #2 updates nft_counter support to Use u64_stats_t, from Sebastian Andrzej Siewior. Patch #3 uses kmemdup_array() in all xtables frontends, from Yan Zhen. Patch #4 is a oneliner to use ERR_CAST() in nf_conntrack instead opencoded casting, from Shen Lichuan. Patch #5 removes unused argument in nftables .validate interface, from Florian Westphal. Patch #6 is a oneliner to correct a typo in nftables kdoc, from Simon Horman. Patch #7 fixes missing kdoc in nftables, also from Simon. Patch #8 updates nftables to handle timeout less than CONFIG_HZ. Patch #9 rejects element expiration if timeout is zero, otherwise it is silently ignored. Patch #10 disallows element expiration larger than timeout. Patch #11 removes unnecessary READ_ONCE annotation while mutex is held. Patch #12 adds missing READ_ONCE/WRITE_ONCE annotation in dynset. Patch #13 annotates data-races around element expiration. Patch #14 allocates timeout and expiration in one single set element extension, they are tighly couple, no reason to keep them separated anymore. Patch #15 updates nftables to interpret zero timeout element as never times out. Note that it is already possible to declare sets with elements that never time out but this generalizes to all kind of set with timeouts. Patch #16 supports for element timeout and expiration updates. * tag 'nf-next-24-09-06' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next: netfilter: nf_tables: set element timeout update support netfilter: nf_tables: zero timeout means element never times out netfilter: nf_tables: consolidate timeout extension for elements netfilter: nf_tables: annotate data-races around element expiration netfilter: nft_dynset: annotate data-races around set timeout netfilter: nf_tables: remove annotation to access set timeout while holding lock netfilter: nf_tables: reject expiration higher than timeout netfilter: nf_tables: reject element expiration with no timeout netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire netfilter: nf_tables: Add missing Kernel doc netfilter: nf_tables: Correct spelling in nf_tables.h netfilter: nf_tables: drop unused 3rd argument from validate callback ops netfilter: conntrack: Convert to use ERR_CAST() netfilter: Use kmemdup_array instead of kmemdup for multiple allocation netfilter: nft_counter: Use u64_stats_t for statistic. netfilter: ctnetlink: support CTA_FILTER for flush ==================== Link: https://patch.msgid.link/20240905232920.5481-1-pablo@netfilter.org Signed-off-by: Jakub Kicinski commit aa05fe67bcd641378454ca9d15b539125eb0933a Author: Vadim Fedorenko Date: Thu Sep 5 14:00:28 2024 +0000 ptp: ocp: Improve PCIe delay estimation The PCIe bus can be pretty busy during boot and probe function can see excessive delays. Let's find the minimal value out of several tests and use it as estimated value. Signed-off-by: Vadim Fedorenko Link: https://patch.msgid.link/20240905140028.560454-1-vadim.fedorenko@linux.dev Signed-off-by: Jakub Kicinski commit 9a95eedc81deb86af1ac56f2c2bfe8306b27b82a Author: Eric Dumazet Date: Thu Sep 5 08:49:09 2024 +0000 netpoll: remove netpoll_srcu netpoll_srcu is currently used from netpoll_poll_disable() and __netpoll_cleanup() Both functions run under RTNL, using netpoll_srcu adds confusion and no additional protection. Moreover the synchronize_srcu() call in __netpoll_cleanup() is performed before clearing np->dev->npinfo, which violates RCU rules. After this patch, netpoll_poll_disable() and netpoll_poll_enable() simply use rtnl_dereference(). This saves a big chunk of memory (more than 192KB on platforms with 512 cpus) Signed-off-by: Eric Dumazet Reviewed-by: Breno Leitao Link: https://patch.msgid.link/20240905084909.2082486-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit c6a1739778949d5fdfbb1443b41acf5c43879283 Merge: cca0d69baf950e 7baa90c616e54d Author: Jakub Kicinski Date: Fri Sep 6 18:23:51 2024 -0700 Merge branch 'octeontx2-address-some-warnings' Simon Horman says: ==================== octeontx2: Address some warnings This patchset addresses some warnings flagged by Sparse, gcc-14, and clang-18 in files touched by recent patch submissions. Although these changes do not alter the functionality of the code, by addressing them real problems introduced in future which are flagged by Sparse will stand out more readily. v1: https://lore.kernel.org/20240903-octeontx2-sparse-v1-0-f190309ecb0a@kernel.org ==================== Link: https://patch.msgid.link/20240904-octeontx2-sparse-v2-0-14f2305fe4b2@kernel.org Signed-off-by: Jakub Kicinski commit 7baa90c616e54defe0dc645d2f2cdcc77b05855f Author: Simon Horman Date: Wed Sep 4 19:29:37 2024 +0100 octeontx2-pf: Make iplen __be16 in otx2_sqe_add_ext() In otx2_sqe_add_ext() iplen is used to hold a 16-bit big-endian value, but it's type is u16, indicating a host byte order integer. Address this mismatch by changing the type of iplen to __be16. Flagged by Sparse as: .../otx2_txrx.c:699:31: warning: incorrect type in assignment (different base types) .../otx2_txrx.c:699:31: expected unsigned short [usertype] iplen .../otx2_txrx.c:699:31: got restricted __be16 [usertype] .../otx2_txrx.c:701:54: warning: incorrect type in assignment (different base types) .../otx2_txrx.c:701:54: expected restricted __be16 [usertype] tot_len .../otx2_txrx.c:701:54: got unsigned short [usertype] iplen .../otx2_txrx.c:704:60: warning: incorrect type in assignment (different base types) .../otx2_txrx.c:704:60: expected restricted __be16 [usertype] payload_len .../otx2_txrx.c:704:60: got unsigned short [usertype] iplen Introduced in commit dc1a9bf2c816 ("octeontx2-pf: Add UDP segmentation offload support") No functional change intended. Compile tested only by author. Tested-by: Geetha sowjanya Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240904-octeontx2-sparse-v2-2-14f2305fe4b2@kernel.org Signed-off-by: Jakub Kicinski commit 92218f108f510ac66715a7700479acacb18335f5 Author: Simon Horman Date: Wed Sep 4 19:29:36 2024 +0100 octeontx2-af: Pass string literal as format argument of alloc_workqueue() Recently I noticed that both gcc-14 and clang-18 report that passing a non-string literal as the format argument of alloc_workqueue() is potentially insecure. E.g. clang-18 says: .../rvu.c:2493:32: warning: format string is not a string literal (potentially insecure) [-Wformat-security] 2493 | mw->mbox_wq = alloc_workqueue(name, | ^~~~ .../rvu.c:2493:32: note: treat the string as an argument to avoid this 2493 | mw->mbox_wq = alloc_workqueue(name, | ^ | "%s", It is always the case where the contents of name is safe to pass as the format argument. That is, in my understanding, it never contains any format escape sequences. But, it seems better to be safe than sorry. And, as a bonus, compiler output becomes less verbose by addressing this issue as suggested by clang-18. Compile tested only by author. Tested-by: Geetha sowjanya Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240904-octeontx2-sparse-v2-1-14f2305fe4b2@kernel.org Signed-off-by: Jakub Kicinski commit cca0d69baf950e5a82c21d09917b4cc654c83fe9 Author: Rosen Penev Date: Wed Sep 4 13:56:59 2024 -0700 net: phy: qca83xx: use PHY_ID_MATCH_EXACT No need for the mask when there's already a macro for this. Signed-off-by: Rosen Penev Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240904205659.7470-1-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 32b81e4f0e5d8a50c2bd34e9d61dd52b5d82856f Author: Edward Cree Date: Wed Sep 4 19:11:56 2024 +0100 sfc: siena: rip out rss-context dead code Siena hardware does not support custom RSS contexts, but when the driver was forked from sfc.ko, some of the plumbing for them was copied across from the common code. Actually trying to use them would lead to EOPNOTSUPP as the relevant efx_nic_type methods were not populated. Remove this dead code from the Siena driver. Signed-off-by: Edward Cree Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240904181156.1993666-1-edward.cree@amd.com Signed-off-by: Jakub Kicinski commit 5953711258c7a50393706ab42bc6562f569f762b Merge: 54001d0f2fdbc7 f4bbf496f5fd66 Author: Jakub Kicinski Date: Fri Sep 6 18:21:47 2024 -0700 Merge branch 'use-functionality-of-irq_get_trigger_type' Vasileios Amoiridis says: ==================== Use functionality of irq_get_trigger_type() v1: https://lore.kernel.org/20240902225534.130383-1-vassilisamir@gmail.com ==================== Link: https://patch.msgid.link/20240904151018.71967-1-vassilisamir@gmail.com Signed-off-by: Jakub Kicinski commit f4bbf496f5fd66603f75a32a27c6075e0868c76b Author: Vasileios Amoiridis Date: Wed Sep 4 17:10:18 2024 +0200 net: smc91x: Make use of irq_get_trigger_type() Convert irqd_get_trigger_type(irq_get_irq_data(irq)) cases to the more simple irq_get_trigger_type(irq). Signed-off-by: Vasileios Amoiridis Reviewed-by: Alvin Šipraga Link: https://patch.msgid.link/20240904151018.71967-4-vassilisamir@gmail.com Signed-off-by: Jakub Kicinski commit 36a5faec5658736e8d3d9047c1387a69ffda3354 Author: Vasileios Amoiridis Date: Wed Sep 4 17:10:17 2024 +0200 net: dsa: realtek: rtl8366rb: Make use of irq_get_trigger_type() Convert irqd_get_trigger_type(irq_get_irq_data(irq)) cases to the more simple irq_get_trigger_type(irq). Reviewed-by: Alvin Šipraga Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240904151018.71967-3-vassilisamir@gmail.com Signed-off-by: Jakub Kicinski commit 517c29247557bf4a28065cb758a59ad545fe925d Author: Vasileios Amoiridis Date: Wed Sep 4 17:10:16 2024 +0200 net: dsa: realtek: rtl8365mb: Make use of irq_get_trigger_type() Convert irqd_get_trigger_type(irq_get_irq_data(irq)) cases to the more simple irq_get_trigger_type(irq). Signed-off-by: Vasileios Amoiridis Reviewed-by: Alvin Šipraga Link: https://patch.msgid.link/20240904151018.71967-2-vassilisamir@gmail.com Signed-off-by: Jakub Kicinski commit 54001d0f2fdbc7852136a00f3e6fc395a9547ae5 Author: Sascha Hauer Date: Wed Sep 4 14:17:41 2024 +0200 net: tls: wait for async completion on last message When asynchronous encryption is used KTLS sends out the final data at proto->close time. This becomes problematic when the task calling close() receives a signal. In this case it can happen that tcp_sendmsg_locked() called at close time returns -ERESTARTSYS and the final data is not sent. The described situation happens when KTLS is used in conjunction with io_uring, as io_uring uses task_work_add() to add work to the current userspace task. A discussion of the problem along with a reproducer can be found in [1] and [2] Fix this by waiting for the asynchronous encryption to be completed on the final message. With this there is no data left to be sent at close time. [1] https://lore.kernel.org/all/20231010141932.GD3114228@pengutronix.de/ [2] https://lore.kernel.org/all/20240315100159.3898944-1-s.hauer@pengutronix.de/ Signed-off-by: Sascha Hauer Link: https://patch.msgid.link/20240904-ktls-wait-async-v1-1-a62892833110@pengutronix.de Signed-off-by: Jakub Kicinski commit 602bcf212637633d537ee74bf39c6bc5722efb9b Author: Damien Le Moal Date: Wed Jul 17 17:55:31 2024 +0900 ata: libata: Improve CDL resource management The ncq_sense_buf buffer field of struct ata_port is allocated and used only for devices that support the Command Duration Limits (CDL) feature. However, the cdl buffer of struct ata_device, which is used to cache the command duration limits log page for devices supporting CDL is always allocated as part of struct ata_device, which is wasteful of memory for devices that do not support this feature. Clean this up by defining both buffers as part of the new ata_cdl structure and allocating this structure only for devices that support the CDL feature. This new structure is attached to struct ata_device using the cdl pointer. The functions ata_dev_init_cdl_resources() and ata_dev_cleanup_cdl_resources() are defined to manage this new structure allocation, initialization and freeing when a port is removed or a device disabled. ata_dev_init_cdl_resources() is called from ata_dev_config_cdl() only for devices that support CDL. ata_dev_cleanup_cdl_resources() is called from ata_dev_free_resources() to free the ata_cdl structure when a device is being disabled by EH. Note that the name of the former cdl log buffer of struct ata_device is changed to desc_log_buf to make it clearer that it is a buffer for the limit descriptors log page. This change reduces the size of struct ata_device, thus reducing memory usage for ATA devices that do not support the CDL feature. Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel commit 5f8319c4b3ec4e8fdc7f7bf61f47f985e1a6f074 Author: Damien Le Moal Date: Thu Sep 5 10:51:19 2024 +0900 ata: libata: Introduce ata_dev_free_resources Introduce the function ata_dev_free_resources() to free the resources allocated to support a device features. For now, this function is reduced to calling zpodd_exit() for devices that have this feature enabled. ata_dev_free_resources() is called from ata_eh_dev_disable() as this function is always called for all devices attached to a port that is being detached and for devices that are being disabled due to being removed (detached) from the system or due to errors. With this change, the call to zpodd_exit() done in ata_port_detach() and ata_scsi_handle_link_detach() are removed as these functions remove all devices attached to the link or port using libata EH, thus resulting in ata_eh_dev_disable() being called and the zpodd_exit() function being executed. Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel commit da65bbdd3bc1e8d2193e01167a413d90d9988c04 Author: Damien Le Moal Date: Wed Aug 28 11:07:43 2024 +0900 ata: libata: Move sector_buf from struct ata_port to struct ata_device The 512B buffer sector_buf field of struct ata_port is used for scanning devices as well as during error recovery with ata EH. This buffer is thus useless if a port does not have a device connected to it. And also given that commands using this buffer are issued to devices, and not to ports, move this buffer definition from struct ata_port to struct ata_device. This change slightly increases system memory usage for systems using a port-multiplier as in that case we do not need a per-device buffer for scanning devices (PMP does not allow parallel scanning) nor for EH (as when entering EH we are guaranteed that all commands to all devices connected to the PMP have completed or have been aborted). However, this change reduces memory usage on systems that have many ports with only few devices rives connected, which is a much more common use case than the PMP use case. Suggested-by: Niklas Cassel Signed-off-by: Damien Le Moal Reviewed-by: Hannes Reinecke Reviewed-by: Niklas Cassel commit 10e807637f288f9963340a30ae8da9bb06beca3c Author: Damien Le Moal Date: Mon Jun 10 19:11:31 2024 +0900 ata: libata: Rename ata_eh_read_sense_success_ncq_log() The function ata_eh_read_sense_success_ncq_log() does more that just reading the sense data for successful NCQ commands log page as it also sets the sense data for all commands listed in the log page. Rename this function to ata_eh_get_ncq_success_sense() to better describe what the function does. Furthermore, since this function is only called from ata_eh_get_success_sense() in libata-eh.c, there is no need to export it and its declaration can be moved to drivers/ata/libata.h. To be consistent with this change, the function ata_eh_read_sense_success_non_ncq() is also renamed to ata_eh_get_non_ncq_success_sense(). Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel Reviewed-by: Hannes Reinecke commit 78f76b09c915d7281317d8e082c4c02f325a0366 Author: Damien Le Moal Date: Wed Jul 17 17:48:16 2024 +0900 ata: libata: Move sata_std_hardreset() definition to libata-sata.c Unlike ata_std_prereset() and ata_std_postreset(), the function sata_std_hardreset() applies only to SATA devices, as its name implies. So move its definition to libata-sata.c. Together with this, also move the definition of sata_port_ops to libata-sata.c, where it belongs. Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel Reviewed-by: Hannes Reinecke commit b642212d8858059f652b2a81b0cb73541416d2e3 Author: Damien Le Moal Date: Wed Jul 17 17:39:29 2024 +0900 ata: libata: Move sata_down_spd_limit() to libata-sata.c Move the definition of the function sata_down_spd_limit() to libata-sata.c where it belongs, together with sata_set_spd(). The helper function ata_sstatus_online() is also changed to be an inline function defined in drivers/ata/libata.h. Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel Reviewed-by: Hannes Reinecke commit 5bb52d926598a018b1510fd6684dcbaed31d57f2 Author: Damien Le Moal Date: Tue Jun 25 21:07:32 2024 +0900 ata: libata: Improve __ata_qc_complete() The function __ata_qc_complete() is always called with a qc that already has been dereferenced and so is guaranteed to be non-NULL (as otherwise the kernel would have crashed). So remove the warning for a NULL qc as it is useless. Furthermore, the qc passed to __ata_qc_complete() must always be marked as active with the ATA_QCFLAG_ACTIVE flag. If that is not the case, in addition to the existing warning, return early so that we do not attempt to complete an invalid qc. Finally, fix the comment related to clearing the qc active flag as that operation applies to all devices, not just ATAPI ones. Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel Reviewed-by: Hannes Reinecke commit a16951510fae8fa9b934673404c4fc990d124ccd Author: Damien Le Moal Date: Thu Sep 5 11:00:59 2024 +0900 ata: libata-scsi: Improve ata_scsi_handle_link_detach() A struct ata_device flags should always be set and cleared with the device port locked. Testing for a flag should thus also be done while holding the device port lock. In accordance to this principle, modify ata_scsi_handle_link_detach() to test and clear the ATA_DFLAG_DETACHED flag while holding the device port lock. Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel commit c494708d1f680027c7cbbaa670198179774f7d4d Author: Damien Le Moal Date: Mon Aug 19 11:32:15 2024 +0900 ata: libata: Cleanup libata-transport Move the ATA link transport device related functions after the ATA transport device related functions to avoid the need for forward declaring ata_tdev_add() and ata_tdev_delete(). And while at it, do the following: 1) Change ata_is_ata_dev() and ata_is_link() to return a boolean 2) Fix a pointer declaration style in ata_is_ata_dev() 3) Improve the kdoc comments for ata_tdev_free(), ata_tdev_delete(), ata_tdev_add(), ata_tlink_delete() and ata_tlink_add() No functional changes are introduced by this cleanup. Signed-off-by: Damien Le Moal Reviewed-by: Hannes Reinecke Reviewed-by: Niklas Cassel commit 7ab50d5e884077b4c01931d16124a5f2cc86f1db Merge: be8a17fe994dbf 17f01391903de0 Author: Jakub Kicinski Date: Fri Sep 6 18:10:26 2024 -0700 Merge branch 'make-use-of-the-helper-macro-list_head' Hongbo Li says: ==================== make use of the helper macro LIST_HEAD() The macro LIST_HEAD() declares a list variable and initializes it, which can be used to simplify the steps of list initialization, thereby simplifying the code. These serials just do some equivalatent substitutions, and with no functional modifications. ==================== Link: https://patch.msgid.link/20240904093243.3345012-1-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit 17f01391903de08c8a33407de9f502fc1cc8b5ff Author: Hongbo Li Date: Wed Sep 4 17:32:43 2024 +0800 net/core: make use of the helper macro LIST_HEAD() list_head can be initialized automatically with LIST_HEAD() instead of calling INIT_LIST_HEAD(). Here we can simplify the code. Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240904093243.3345012-6-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit 2a7dd251b6fee7bcd2a3978600eaa98dd2b7b481 Author: Hongbo Li Date: Wed Sep 4 17:32:42 2024 +0800 net/ipv6: make use of the helper macro LIST_HEAD() list_head can be initialized automatically with LIST_HEAD() instead of calling INIT_LIST_HEAD(). Here we can simplify the code. Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240904093243.3345012-5-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit 8b51455bbd45e1b2d6980536698be4f4f332b385 Author: Hongbo Li Date: Wed Sep 4 17:32:41 2024 +0800 net/netfilter: make use of the helper macro LIST_HEAD() list_head can be initialized automatically with LIST_HEAD() instead of calling INIT_LIST_HEAD(). Here we can simplify the code. Signed-off-by: Hongbo Li Reviewed-by: Pablo Neira Ayuso Link: https://patch.msgid.link/20240904093243.3345012-4-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit e636ba1a15e764f72ecb3c2a689feaa6c9fdd058 Author: Hongbo Li Date: Wed Sep 4 17:32:40 2024 +0800 net/tipc: make use of the helper macro LIST_HEAD() list_head can be initialized automatically with LIST_HEAD() instead of calling INIT_LIST_HEAD(). Here we can simplify the code. Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240904093243.3345012-3-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit cecbe5c8c8039b2965c9fc27c802db6b9ec9dcb7 Author: Hongbo Li Date: Wed Sep 4 17:32:39 2024 +0800 net/ipv4: make use of the helper macro LIST_HEAD() list_head can be initialized automatically with LIST_HEAD() instead of calling INIT_LIST_HEAD(). Here we can simplify the code. Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240904093243.3345012-2-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit be8a17fe994dbffd2dfa0ad83bae9bbeef54c076 Author: Chen Ni Date: Wed Sep 4 16:49:51 2024 +0800 sfc: convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Signed-off-by: Chen Ni Acked-by: Edward Cree Link: https://patch.msgid.link/20240904084951.1353518-1-nichen@iscas.ac.cn Signed-off-by: Jakub Kicinski commit 96487cb211ce9561df5176a923dc5855cd75444e Author: Chen Ni Date: Wed Sep 4 16:40:34 2024 +0800 sfc/siena: Convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Signed-off-by: Chen Ni Acked-by: Edward Cree Link: https://patch.msgid.link/20240904084034.1353404-1-nichen@iscas.ac.cn Signed-off-by: Jakub Kicinski commit 62c9f50eabe080cb07ed5e6c55d1fd38ad04201b Author: Chen Ni Date: Wed Sep 4 16:17:28 2024 +0800 ionic: Convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Signed-off-by: Chen Ni Reviewed-by: Shannon Nelson Link: https://patch.msgid.link/20240904081728.1353260-1-nichen@iscas.ac.cn Signed-off-by: Jakub Kicinski commit aac0484423b7429808ca40a5017d603c14c1da1e Author: Chen Ni Date: Wed Sep 4 16:08:45 2024 +0800 net: atlantic: convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Signed-off-by: Chen Ni Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240904080845.1353144-1-nichen@iscas.ac.cn Signed-off-by: Jakub Kicinski commit 8651db0fcb60b2376f5be7934ecf68b19cb81124 Merge: 401d078eaf2edd 22dfe2ea1d63f1 Author: Mark Brown Date: Sat Sep 7 01:44:08 2024 +0100 regulator: Add AXP717 boost support Merge series from Andre Przywara : This is remainder of the AXP717 fix series, containing support for the boost regulator. This is meant to increase the battery voltage to the 5 volts required to provide the USB VBUS power. It's the usual trinity of DT bindings patch (1/3), the MFD part describing the PMIC registers (2/3) and the final patch to model the regulator (3/3). Compared to v2, this drops the merged patches, and just retains the boost related parts. It also changes the internal name of the register to AXP717_MODULE_EN_CONTROL_2, since there is another control register we will need later for battery support. commit 5697e94daab9e40cbf1fb368781d110f22fb6760 Author: Chao Yu Date: Tue Aug 20 22:55:07 2024 +0800 f2fs: get rid of page->index Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Reviewed-by: Li Zetao Signed-off-by: Jaegeuk Kim commit 2eaa98e5203979fd5fa6386f307f4f8277a72593 Author: Chao Yu Date: Tue Aug 20 22:55:06 2024 +0800 f2fs: convert read_node_page() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Reviewed-by: Li Zetao Signed-off-by: Jaegeuk Kim commit 4deccfbdc4464b66fe50d71e9d64240483efb07d Author: Chao Yu Date: Tue Aug 20 22:55:05 2024 +0800 f2fs: convert __write_node_page() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Reviewed-by: Li Zetao Signed-off-by: Jaegeuk Kim commit 2ac0aa31a15132b88de25f4b687ea24efd81c823 Author: Chao Yu Date: Tue Aug 20 22:55:04 2024 +0800 f2fs: convert f2fs_write_data_page() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Reviewed-by: Li Zetao Signed-off-by: Jaegeuk Kim commit bcf4d2dd840e5f4401a2d9425bd0ce94cab12336 Author: Chao Yu Date: Tue Aug 20 22:55:03 2024 +0800 f2fs: convert f2fs_do_write_data_page() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Reviewed-by: Li Zetao Signed-off-by: Jaegeuk Kim commit 1efc78310c9d25bdc2020202a50c012025602dd3 Author: Chao Yu Date: Tue Aug 20 22:55:02 2024 +0800 f2fs: convert f2fs_set_compressed_page() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Reviewed-by: Li Zetao Signed-off-by: Jaegeuk Kim commit 3c86d1eec7891c53ea9c71d7a2970c248413a855 Author: Chao Yu Date: Tue Aug 20 22:55:01 2024 +0800 f2fs: convert f2fs_write_end() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Reviewed-by: Li Zetao Signed-off-by: Jaegeuk Kim commit 12e61ce27137dc42c1f2fbd704d0285f8582df62 Author: Chao Yu Date: Tue Aug 20 22:55:00 2024 +0800 f2fs: convert f2fs_write_begin() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Reviewed-by: Li Zetao Signed-off-by: Jaegeuk Kim commit 1e5df24c1721d077d9a397982c8b68e486243daf Author: Chao Yu Date: Tue Aug 20 22:54:59 2024 +0800 f2fs: convert f2fs_submit_page_read() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Reviewed-by: Li Zetao Signed-off-by: Jaegeuk Kim commit 763a0dc792f9d7c79c1d85415c6cebc1f79bba16 Author: Chao Yu Date: Tue Aug 13 22:13:31 2024 +0800 f2fs: convert f2fs_handle_page_eio() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 3981e94285886cd712b563a82a2e99f902510c78 Author: Chao Yu Date: Wed Aug 14 21:50:59 2024 +0800 f2fs: convert f2fs_read_multi_pages() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 138a762e7f45474c33dfb269f3e6641741be1508 Author: Chao Yu Date: Tue Aug 13 22:13:29 2024 +0800 f2fs: convert __f2fs_write_meta_page() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit e55561d278f2b03c0131e5408df4ab9fed2ae51d Author: Chao Yu Date: Tue Aug 13 22:13:28 2024 +0800 f2fs: convert f2fs_do_write_meta_page() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 46a75ef866030b3500bf15fd3400c6779eb33752 Author: Chao Yu Date: Tue Aug 13 22:13:27 2024 +0800 f2fs: convert f2fs_write_single_data_page() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit b084662139ae964073bfdbcf633f3ca9fa1a6d27 Author: Chao Yu Date: Tue Aug 13 22:13:26 2024 +0800 f2fs: convert f2fs_write_inline_data() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit fd3a11aff4bef4df7dff25c71e4c51fe8d93e2e7 Author: Chao Yu Date: Tue Aug 13 22:13:25 2024 +0800 f2fs: convert f2fs_clear_page_cache_dirty_tag() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit aec5755951b74e3bbb5ddee39ac142a788547854 Author: Chao Yu Date: Tue Aug 13 22:13:24 2024 +0800 f2fs: convert f2fs_vm_page_mkwrite() to use folio Convert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 10de741a5d7ab110eb026ad214eea2c5e5fe7e9c Author: Chao Yu Date: Tue Aug 13 22:13:23 2024 +0800 f2fs: convert f2fs_compress_ctx_add_page() to use folio onvert to use folio, so that we can get rid of 'page->index' to prepare for removal of 'index' field in structure page [1]. [1] https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ Cc: Matthew Wilcox Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 4e52054f8db198f3b9cb70bd4c6245943a469573 Merge: 8400291e289ee6 485e13fe2fb649 Author: Stephen Boyd Date: Fri Sep 6 15:18:14 2024 -0700 Merge tag 'samsung-clk-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux into clk-samsung Pull Samsung clk driver updates from Krzysztof Kozlowski: - Exynos850: Add clock for Thermal Management Unit - Exynos7885: Fix duplicated ID in the header, add missing TOP PLLs and add clocks for USB block in the FSYS clock controller - ExynosAutov9: Add DPUM clock controller - ExynosAutov920: Add new (first) clock controllers: TOP and PERIC0 (and a bit more complete bindings) * tag 'samsung-clk-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux: clk: samsung: add top clock support for ExynosAuto v920 SoC clk: samsung: clk-pll: Add support for pll_531x dt-bindings: clock: add ExynosAuto v920 SoC CMU bindings clk: samsung: exynos7885: Add USB related clocks to CMU_FSYS clk: samsung: clk-pll: Add support for pll_1418x clk: samsung: exynosautov9: add dpum clock support dt-bindings: clock: exynosautov9: add dpum clock clk: samsung: exynos7885: Add missing MUX clocks from PLLs in CMU_TOP clk: samsung: exynos7885: Update CLKS_NR_FSYS after bindings fix dt-bindings: clock: exynos7885: Add indices for USB clocks dt-bindings: clock: exynos7885: Add CMU_TOP PLL MUX indices dt-bindings: clock: exynos7885: Fix duplicated binding clk: samsung: exynos850: Add TMU clock dt-bindings: clock: exynos850: Add TMU clock commit 0df8ef6e1b5dc7a6edc6242a95f47a257ffecff0 Author: Jani Nikula Date: Thu May 23 16:37:07 2024 +0300 drm/amdgpu: drop redundant W=1 warnings from Makefile Since commit a61ddb4393ad ("drm: enable (most) W=1 warnings by default across the subsystem"), most of the extra warnings in the driver Makefile are redundant. Remove them. Note that -Wmissing-declarations and -Wmissing-prototypes are always enabled by default in scripts/Makefile.extrawarn. Reviewed-by: Hamza Mahfooz Signed-off-by: Jani Nikula Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit 7ccde2e6c0a5e50e11b74353b456bfe602efe6aa Author: Christian König Date: Tue Aug 27 16:15:06 2024 +0200 drm/amdgpu: revert "use CPU for page table update if SDMA is unavailable" That is clearly not something we should do upstream. The SDMA is mandatory for the driver to work correctly. We could do this for emulation and bringup, but in those cases the engineer should probably enabled CPU based updates manually. This reverts commit 62eefd10ac1c7e976bda47ff311bd87cee40ab8d. Signed-off-by: Christian König Reviewed-by: Yifan Zhang Signed-off-by: Alex Deucher commit 27f9dcb9cc067d40077e116ac062e185ccd7a0d8 Author: Dan Carpenter Date: Wed Sep 4 11:01:43 2024 +0300 drm/amdgpu/mes11: Indent an if statment Indent the "break" statement one more tab. Signed-off-by: Dan Carpenter Signed-off-by: Alex Deucher commit 663b0f1e141dc60ce6c09ae6afc5f213b22d13ca Author: Philip Yang Date: Fri Feb 16 11:00:10 2024 -0500 drm/amdkfd: Document and define SVM events message macro Document how to use SMI system management interface to enable and receive SVM events. Document SVM event triggers. Define SVM events message string format macro that could be used by user mode for sscanf to parse the event. Add it to uAPI header file to make it obvious that is changing uAPI in future. No functional changes. Signed-off-by: Philip Yang Reviewed-by: James Zhu Signed-off-by: Alex Deucher commit 7eafe7a730bad6f0efb62b2d260f1ae3f2d09b95 Author: Hawking Zhang Date: Fri Sep 6 16:06:13 2024 +0800 drm/amdkfd: Select reset method for poison handling Driver mode-2 is only supported by relative new smc firmware. Signed-off-by: Hawking Zhang Reviewed-by: Tao Zhou Signed-off-by: Alex Deucher commit 101025e94b537e8b5426c73a985b26fc95c199cb Author: Jonathan Kim Date: Thu Aug 22 10:44:39 2024 -0400 drm/amdkfd: fix missed queue reset on queue destroy If a queue is being destroyed but causes a HWS hang on removal, the KFD may issue an unnecessary gpu reset if the destroyed queue can be fixed by a queue reset. This is because the queue has been removed from the KFD's queue list prior to the preemption action on destroy so the reset call will fail to match the HQD PQ reset information against the KFD's queue record to do the actual reset. To fix this, deactivate the queue prior to preemption since it's being destroyed anyways and remove the queue from the KFD's queue list after preemption. Signed-off-by: Jonathan Kim Reviewed-by: Felix Kuehling Signed-off-by: Alex Deucher commit 01be2b62c0f3c66832472ed3e48e61d631094606 Author: Ramesh Errabolu Date: Tue Aug 20 16:05:30 2024 -0500 drm/amdgpu: Surface svm_default_granularity, a RW module parameter Enables users to update SVM's default granularity, used in buffer migration and handling of recoverable page faults. Param value is set in terms of log(numPages(buffer)), e.g. 9 for a 2 MIB buffer Signed-off-by: Ramesh Errabolu Reviewed-by: Philip Yang Signed-off-by: Alex Deucher commit e8397d327e7b0d6132197c9d8fd7977f84f3dbd9 Author: Jesse Zhang Date: Wed Sep 4 17:47:06 2024 +0800 drm/amdgpu: fix queue reset issue by mmio Initialize the queue type before resetting the queue using mmio. Signed-off-by: Jesse Zhang Acked-by: Alex Deucher Signed-off-by: Alex Deucher commit e146a7ab218626827b7c06e189e69cd2abcd1d37 Author: Srinivasan Shanmugam Date: Wed Sep 4 13:10:59 2024 +0530 drm/amd/display: Add kdoc entry for 'program_isharp_1dlut' in 'dpp401_dscl_program_isharp' Added a descriptor for the 'program_isharp_1dlut' parameter, which is a flag used to determine whether to program the isharp 1D LUT. Fixes the below with gcc W=1: drivers/gpu/drm/amd/amdgpu/../display/dc/dpp/dcn401/dcn401_dpp_dscl.c:963: warning: Function parameter or struct member 'program_isharp_1dlut' not described in 'dpp401_dscl_program_isharp' Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit 559a285816af5b72284a6ed65eb82a68ee497d60 Author: Srinivasan Shanmugam Date: Wed Sep 4 12:30:16 2024 +0530 drm/amdgpu: Replace 'amdgpu_job_submit_direct' with 'drm_sched_entity' in cleaner shader This commit replaces the use of amdgpu_job_submit_direct which submits the job to the ring directly, with drm_sched_entity in the cleaner shader job submission process. The change allows the GPU scheduler to manage the cleaner shader job. - The job is then submitted to the GPU using the drm_sched_entity_push_job function, which allows the GPU scheduler to manage the job. This change improves the reliability of the cleaner shader job submission process by leveraging the capabilities of the GPU scheduler. Fixes: d361ad5d2fc0 ("drm/amdgpu: Add sysfs interface for running cleaner shader") Cc: Christian König Cc: Alex Deucher Signed-off-by: Srinivasan Shanmugam Suggested-by: Christian König Reviewed-by: Christian König Signed-off-by: Alex Deucher commit 2578487ebe6ca34fe9cd950bf68e8158639ddb1b Author: Srinivasan Shanmugam Date: Mon Aug 26 18:53:50 2024 +0530 drm/amdgpu/: Add missing kdoc entry in amdgpu_vm_handle_fault function This commit adds a description for the 'ts' parameter in the amdgpu_vm_handle_fault function's comment block. Fixes the below with gcc W=1: drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c:2781: warning: Function parameter or struct member 'ts' not described in 'amdgpu_vm_handle_fault' Cc: Xiaogang.Chen Cc: Christian König Cc: Alex Deucher Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408251419.vgZHg3GV-lkp@intel.com/ Signed-off-by: Srinivasan Shanmugam Reviewed-by: Xiaogang Chen Signed-off-by: Alex Deucher commit f5a972dfe3e993f09cf12bd36389a942ecd23350 Author: Qili Lu Date: Wed Aug 21 16:26:13 2024 -0400 drm/amd/display: fix dccg root clock optimization related hang [Why] enable dpp rcg before we disable dppclk in hw_init cause system hang/reboot [How] we remove dccg rcg related code from init into a separate function and call it after we init pipe Reviewed-by: Nicholas Kazlauskas Signed-off-by: Qili Lu Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit 5359d5bc975466e8791d7f870ea4a96f1b0973bf Author: Nicholas Susanto Date: Tue Aug 20 15:10:45 2024 -0400 drm/amd/display: Refactor dccg35_get_other_enabled_symclk_fe [Why] Function used to check the number of FEs connected to the current BE. This was then used to determine if the symclk could be disabled, if all FEs were disconnected. However, the function would skip over the primary FE and return 0 when the primary FE was still connected. This caused black screens on driver disable with an MST daisy chain hooked up. [How] Refactor the function to correctly return the number of FEs connected to the input BE. Also, rename it for clarity. Reviewed-by: Nicholas Kazlauskas Signed-off-by: Nicholas Susanto Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit 4481df364d2038eb4a8f5150367b47955940f027 Author: Lijo Lazar Date: Fri Aug 16 12:40:43 2024 +0530 drm/amdgpu: Normalize reg offsets on JPEG v4.0.3 On VFs and SOCs with GC 9.4.4, VCN RRMT is disabled. Only local register offsets should be used on JPEG v4.0.3 as they cannot handle remote access to other AIDs. Since only local offsets are used, the special write to MCM_ADDR register is no longer needed. Signed-off-by: Lijo Lazar Reviewed-by: Sathishkumar S Signed-off-by: Alex Deucher commit 0607a50c004798a96e62c089a4c34c220179dcb5 Author: Tobias Jakobi Date: Mon Sep 2 11:40:27 2024 +0200 drm/amd/display: Avoid race between dcn35_set_drr() and dc_state_destruct() dc_state_destruct() nulls the resource context of the DC state. The pipe context passed to dcn35_set_drr() is a member of this resource context. If dc_state_destruct() is called parallel to the IRQ processing (which calls dcn35_set_drr() at some point), we can end up using already nulled function callback fields of struct stream_resource. The logic in dcn35_set_drr() already tries to avoid this, by checking tg against NULL. But if the nulling happens exactly after the NULL check and before the next access, then we get a race. Avoid this by copying tg first to a local variable, and then use this variable for all the operations. This should work, as long as nobody frees the resource pool where the timing generators live. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3142 Fixes: 06ad7e164256 ("drm/amd/display: Destroy DC context while keeping DML and DML2") Signed-off-by: Tobias Jakobi Reviewed-by: Harry Wentland Signed-off-by: Mario Limonciello Signed-off-by: Alex Deucher commit a3cc326a43bdc48fbdf53443e1027a03e309b643 Author: Tobias Jakobi Date: Mon Sep 2 11:40:26 2024 +0200 drm/amd/display: Avoid race between dcn10_set_drr() and dc_state_destruct() dc_state_destruct() nulls the resource context of the DC state. The pipe context passed to dcn10_set_drr() is a member of this resource context. If dc_state_destruct() is called parallel to the IRQ processing (which calls dcn10_set_drr() at some point), we can end up using already nulled function callback fields of struct stream_resource. The logic in dcn10_set_drr() already tries to avoid this, by checking tg against NULL. But if the nulling happens exactly after the NULL check and before the next access, then we get a race. Avoid this by copying tg first to a local variable, and then use this variable for all the operations. This should work, as long as nobody frees the resource pool where the timing generators live. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3142 Fixes: 06ad7e164256 ("drm/amd/display: Destroy DC context while keeping DML and DML2") Signed-off-by: Tobias Jakobi Tested-by: Raoul van Rüschen Tested-by: Christopher Snowhill Reviewed-by: Harry Wentland Tested-by: Sefa Eyeoglu Signed-off-by: Mario Limonciello Signed-off-by: Alex Deucher commit 760e3c8b3288279841aa8a71e6d65c67a3934d01 Author: Li Zetao Date: Fri Aug 30 09:22:15 2024 +0800 drm/amdgpu: use clamp() in amdgpu_vm_adjust_size() When it needs to get a value within a certain interval, using clamp() makes the code easier to understand than min(max()). Reviewed-by: Christian König Signed-off-by: Li Zetao Signed-off-by: Alex Deucher commit 6fbbb660b1d423a777d7567b7475a6a01aa7fd91 Author: Li Zetao Date: Fri Aug 30 09:22:14 2024 +0800 drm/amd: use clamp() in amdgpu_pll_get_fb_ref_div() When it needs to get a value within a certain interval, using clamp() makes the code easier to understand than min(max()). Reviewed-by: Christian König Signed-off-by: Li Zetao Signed-off-by: Alex Deucher commit 2c7795e245d993bcba2f716a8c93a5891ef910c9 Author: Peng Liu Date: Fri Aug 30 15:27:08 2024 +0800 drm/amdgpu: enable gfxoff quirk on HP 705G4 Enabling gfxoff quirk results in perfectly usable graphical user interface on HP 705G4 DM with R5 2400G. Without the quirk, X server is completely unusable as every few seconds there is gpu reset due to ring gfx timeout. Signed-off-by: Peng Liu Signed-off-by: Alex Deucher commit 0126c0ae11e8b52ecfde9d1b174ee2f32d6c3a5d Author: Peng Liu Date: Fri Aug 30 15:25:54 2024 +0800 drm/amdgpu: add raven1 gfxoff quirk Fix screen corruption with openkylin. Link: https://bbs.openkylin.top/t/topic/171497 Signed-off-by: Peng Liu Signed-off-by: Alex Deucher commit 7b17e8f3a074ff4558527f6c595f49444a2c6fa0 Author: Colin Ian King Date: Wed Aug 28 10:32:50 2024 +0100 drm/amd/display: Fix spelling mistake "recompte" -> "recompute" There is a spelling mistake in a DRM_DEBUG_DRIVER message. Fix it. Signed-off-by: Colin Ian King Signed-off-by: Alex Deucher commit 4e9fadacddca96a2e6fcee9cc9488b78eb7a6953 Author: David Belanger Date: Fri Aug 23 13:50:03 2024 -0400 drm/amdkfd: Add cache line size info Populate cache line size info in topology based on information from IP discovery table. Signed-off-by: David Belanger Reviewed-by: Sreekant Somasekharan Signed-off-by: Alex Deucher commit 4c4e9cb58dd75c87300ca63307ef7d4f9656eda0 Author: Srinivasan Shanmugam Date: Wed Aug 28 16:55:23 2024 +0530 drm/amd/display: Add missing kdoc entry for 'bs_coeffs_updated' in dpp401_dscl_program_isharp This commit addresses a missing kdoc for the 'bs_coeffs_updated' parameter in the 'dpp401_dscl_program_isharp' function. The 'bs_coeffs_updated' is a flag indicating whether the Blur and Scale Coefficients have been updated. The 'dpp401_dscl_program_isharp' function is responsible for programming the isharp, which includes setting the isharp filter, noise gain, and blur and scale coefficients. If the 'bs_coeffs_updated' flag is set to true, the function updates the blur and scale coefficients. Fixes the below with gcc W=1: drivers/gpu/drm/amd/amdgpu/../display/dc/dpp/dcn401/dcn401_dpp_dscl.c:961: warning: Function parameter or struct member 'bs_coeffs_updated' not described in 'dpp401_dscl_program_isharp' Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Suggested-by: Tom Chung Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit 4453808d9eab0461dea338e89372ffc4a3c50acc Author: Lang Yu Date: Sun Sep 1 08:56:07 2024 -0400 drm/amdgpu: fix invalid fence handling in amdgpu_vm_tlb_flush CPU based update doesn't produce a fence, handle such cases properly. Fixes: d8a3f0a0348d ("drm/amdgpu: implement TLB flush fence") Signed-off-by: Lang Yu Reviewed-by: Christian König Signed-off-by: Alex Deucher commit 4da5a95bf125fd682249f60e296455c6413b4e10 Author: Christian König Date: Tue Aug 20 12:01:22 2024 +0200 drm/amdgpu: re-work VM syncing Rework how VM operations synchronize to submissions. Provide an amdgpu_sync container to the backends instead of an reservation object and fill in the amdgpu_sync object in the higher layers of the code. No intended functional change, just prepares for upcomming changes. Signed-off-by: Christian König Reviewed-by: Friedrich Vock Acked-by: Felix Kuehling Signed-off-by: Alex Deucher commit 389e72c5d1efcfd3962d29624c1b78cfa002911e Author: Shen Lichuan Date: Fri Sep 6 14:58:15 2024 +0800 nvme: Convert comma to semicolon To ensure code clarity and prevent potential errors, it's advisable to employ the ';' as a statement separator, except when ',' are intentionally used for specific purposes. Signed-off-by: Shen Lichuan Reviewed-by: Sagi Grimberg Signed-off-by: Keith Busch commit 22dfe2ea1d63f15d8b9661e7690ac0a03159db6a Author: Andre Przywara Date: Fri Aug 16 01:18:24 2024 +0100 regulator: axp20x: AXP717: Add boost regulator The AXP717 also contains an adjustable boost regulator, to provide the 5V USB VBUS rail when running on battery. Add the regulator description that states the voltage range this regulator can cover. Signed-off-by: Andre Przywara Reviewed-by: John Watts Reviewed-by: Chen-Yu Tsai Link: https://patch.msgid.link/20240816001824.6028-4-andre.przywara@arm.com Signed-off-by: Mark Brown commit bb2ac59f8205165fce5aee9135bd1e2ea9b1a74b Author: Andre Przywara Date: Fri Aug 16 01:18:23 2024 +0100 mfd: axp20x: AXP717: Add support for boost regulator The AXP717 also contains a boost regulator, to provide the 5V USB VBUS rail when running on battery. Add the registers to the MFD description to be able to use them from the regulator driver. Signed-off-by: Andre Przywara Reviewed-by: John Watts Acked-by: Lee Jones Reviewed-by: Chen-Yu Tsai Link: https://patch.msgid.link/20240816001824.6028-3-andre.przywara@arm.com Signed-off-by: Mark Brown commit b4c21faf69b8eec1016c776be4777f39f194e3b0 Author: Andre Przywara Date: Fri Aug 16 01:18:22 2024 +0100 dt-bindings: mfd: x-powers,axp152: add boost regulator The X-Powers AXP717 contains a boost regulator, that it meant to provide the 5V USB VBUS voltage when the devices operates on battery. Add the name "boost" to the regexp describing the allowed node names, to allow the regulator to be described in the devicetree. Signed-off-by: Andre Przywara Acked-by: Krzysztof Kozlowski Acked-by: Lee Jones Reviewed-by: Chen-Yu Tsai Link: https://patch.msgid.link/20240816001824.6028-2-andre.przywara@arm.com Signed-off-by: Mark Brown commit 8a3f14bb1e944f496d1a16096435ddb2e12e4753 Author: Sam James Date: Fri Sep 6 14:48:14 2024 +0100 libbpf: Workaround (another) -Wmaybe-uninitialized false positive We get this with GCC 15 -O3 (at least): ``` libbpf.c: In function ‘bpf_map__init_kern_struct_ops’: libbpf.c:1109:18: error: ‘mod_btf’ may be used uninitialized [-Werror=maybe-uninitialized] 1109 | kern_btf = mod_btf ? mod_btf->btf : obj->btf_vmlinux; | ~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ libbpf.c:1094:28: note: ‘mod_btf’ was declared here 1094 | struct module_btf *mod_btf; | ^~~~~~~ In function ‘find_struct_ops_kern_types’, inlined from ‘bpf_map__init_kern_struct_ops’ at libbpf.c:1102:8: libbpf.c:982:21: error: ‘btf’ may be used uninitialized [-Werror=maybe-uninitialized] 982 | kern_type = btf__type_by_id(btf, kern_type_id); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ libbpf.c: In function ‘bpf_map__init_kern_struct_ops’: libbpf.c:967:21: note: ‘btf’ was declared here 967 | struct btf *btf; | ^~~ ``` This is similar to the other libbpf fix from a few weeks ago for the same modelling-errno issue (fab45b962749184e1a1a57c7c583782b78fad539). Signed-off-by: Sam James Signed-off-by: Andrii Nakryiko Link: https://bugs.gentoo.org/939106 Link: https://lore.kernel.org/bpf/f6962729197ae7cdf4f6d1512625bd92f2322d31.1725630494.git.sam@gentoo.org commit f8c6b7913dfaa67475883f94261c278adbcaa0ae Author: Mykyta Yatsenko Date: Fri Sep 6 14:24:53 2024 +0100 bpftool: Improve btf c dump sorting stability Existing algorithm for BTF C dump sorting uses only types and names of the structs and unions for ordering. As dump contains structs with the same names but different contents, relative to each other ordering of those structs will be accidental. This patch addresses this problem by introducing a new sorting field that contains hash of the struct/union field names and types to disambiguate comparison of the non-unique named structs. Signed-off-by: Mykyta Yatsenko Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240906132453.146085-1-mykyta.yatsenko5@gmail.com commit 68f31e88917f5608eb8da0bef37249648ffd48d4 Merge: 981414306c05a6 d981ed8419303e Author: Jens Axboe Date: Fri Sep 6 14:43:16 2024 -0600 Merge tag 'md-6.12-20240906' of https://git.kernel.org/pub/scm/linux/kernel/git/song/md into for-6.12/block Pull MD updates from Song: "This patch, by Xiao Ni, adds a sysfs entry 'new_level'." * tag 'md-6.12-20240906' of https://git.kernel.org/pub/scm/linux/kernel/git/song/md: md: Add new_level sysfs interface commit 981414306c05a6cf2b18a6d63380888270c3ee9f Merge: 68d20eb60efbdc 7c2fd76048e95d Author: Jens Axboe Date: Fri Sep 6 14:42:33 2024 -0600 Merge tag 'nvme-6.12-2024-09-06' of git://git.infradead.org/nvme into for-6.12/block Pull NVMe updates from Keith: "nvme updates for Linux 6.12 - Asynchronous namespace scanning (Stuart) - TCP TLS updates (Hannes) - RDMA queue controller validation (Niklas) - Align field names to the spec (Anuj) - Metadata support validation (Puranjay)" * tag 'nvme-6.12-2024-09-06' of git://git.infradead.org/nvme: nvme: fix metadata handling in nvme-passthrough nvme: rename apptag and appmask to lbat and lbatm nvme-rdma: send cntlid in the RDMA_CM_REQUEST Private Data nvme-target: do not check authentication status for admin commands twice nvmet-auth: allow to clear DH-HMAC-CHAP keys nvme-sysfs: add 'tls_keyring' attribute nvme-sysfs: add 'tls_configured_key' sysfs attribute nvme: split off TLS sysfs attributes into a separate group nvme: add a newline to the 'tls_key' sysfs attribute nvme-tcp: check for invalidated or revoked key nvme-tcp: sanitize TLS key handling nvme-keyring: restrict match length for version '1' identifiers nvme_core: scan namespaces asynchronously commit af1ec38c6ccc31ec963ac4bcf8f6a7d8f44d210a Author: zhang jiao Date: Fri Sep 6 10:52:59 2024 +0800 selftests/timers: Remove unused NSEC_PER_SEC macro By reading the code, I found the macro NSEC_PER_SEC is never referenced in the code. Just remove it. Signed-off-by: zhang jiao Reviewed-by: Shuah Khan Acked-by: John Stultz Signed-off-by: Shuah Khan commit d895eb31ae563152d398e2584c707d1efe7911ed Author: Andrew Kreimer Date: Fri Sep 6 11:00:59 2024 +0300 accel/qaic: Fix a typo Fix a typo in documentation. Signed-off-by: Andrew Kreimer Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240906080136.4423-1-algonell@gmail.com commit 339d9d8792aef5b42909c8732ee7c228d0eca310 Merge: 431c1646e1f86b a84372012e9329 Author: Rafael J. Wysocki Date: Fri Sep 6 20:53:13 2024 +0200 Merge tag 'opp-updates-6.12' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/vireshk/pm Merge OPP Updates for 6.12 from Viresh Kumar: "- Update maintainers for operating-points-v2-ti-cpu file (Dhruva Gole). - Drop unnecessary of_match_ptr() for TI driver (Rob Herring)." * tag 'opp-updates-6.12' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/vireshk/pm: dt-bindings: opp: operating-points-v2-ti-cpu: Update maintainers opp: ti: Drop unnecessary of_match_ptr() commit 6af3aab6c7cfdd0daabd9f00e32e0ad46a6d176e Merge: 222caf5520c6f7 6b612d1bac67b0 Author: Rafael J. Wysocki Date: Fri Sep 6 20:50:46 2024 +0200 Merge tag 'cpufreq-arm-updates-6.12' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/vireshk/pm Merge ARM cpufreq updates for 6.12 from Viresh Kumar: "- Several OF related cleanups in cpufreq drivers (Rob Herring). - Enable COMPILE_TEST for ARM drivers (Rob Herrring). - Introduce quirks for syscon failures and use socinfo to get revision for TI cpufreq driver (Dhruva Gole and Nishanth Menon). - Minor cleanups in amd-pstate driver (Anastasia Belova and Dhananjay Ugwekar). - Minor cleanups for loongson, cpufreq-dt and powernv cpufreq drivers (Danila Tikhonov, Huacai Chen, and Liu Jing)." * tag 'cpufreq-arm-updates-6.12' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/vireshk/pm: cpufreq: ti-cpufreq: Use socinfo to get revision in AM62 family cpufreq: Fix the cacography in powernv-cpufreq.c cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately cpufreq: loongson3: Use raw_smp_processor_id() in do_service_request() cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value cpufreq: Add SM7325 to cpufreq-dt-platdev blocklist cpufreq: Fix warning on unused of_device_id tables for !CONFIG_OF cpufreq/amd-pstate: Add the missing cpufreq_cpu_put() cpufreq: Drop CONFIG_ARM and CONFIG_ARM64 dependency on Arm drivers cpufreq: Enable COMPILE_TEST on Arm drivers cpufreq: armada-8k: Avoid excessive stack usage cpufreq: omap: Drop asm includes cpufreq: qcom: Add explicit io.h include for readl/writel_relaxed cpufreq: spear: Use of_property_for_each_u32() instead of open coding cpufreq: Use of_property_present() commit d7b01b81bd2dad578642be6e47c1609f0ba6b7d1 Merge: 79f8b28e85f835 2376d871f8552a Author: Thomas Gleixner Date: Fri Sep 6 20:50:43 2024 +0200 Merge tag 'timers-v6.12-rc1' of https://git.linaro.org/people/daniel.lezcano/linux into timers/core Pull clockevent/clocksource updates from Daniel Lezcano: - Add the DT binding for the rk3576 compatible (Detlev Casanova) - Use for_each_available_child_of_node_scoped() to remove the of_node_put() calls in the loop (Zhang Zekun) - Add the ability to register external callbacks for suspend/resume on ACPI PM driver and enable to turn it off when suspended (Marek Maslanka) - Use the devm_clk_get_enabled() variant on the ingenic timer (Huan Yang) - Add missing iounmap() on errors in msm_dt_timer_init() (Ankit Agrawal) - Add missing clk_disable_unprepare() in init routine error code path on the asm9260 and the cadence_ttc timers (Gaosheng Cui) - Use request_percpu_irq() instead of request_irq() in order to fix a wrong address space access reported by sparse (Uros Bizjak) - Fix comment format for the pmc_core_acpi_pm_timer_suspend_resume() function (Marek Maslanka) Link: https://lore.kernel.org/all/6054852d-975f-4e83-850e-815f263a40c5@linaro.org commit 02e65e1c1282b8e38638de238ac7410846898348 Author: Tejun Heo Date: Fri Sep 6 08:18:55 2024 -1000 sched_ext: Add missing static to scx_has_op[] scx_has_op[] is only used inside ext.c but doesn't have static. Add it. Signed-off-by: Tejun Heo Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409062337.m7qqI88I-lkp@intel.com/ commit da330f5e4c197980ce4d343b1e557c9f33282770 Author: Tejun Heo Date: Fri Sep 6 08:17:09 2024 -1000 sched_ext: Temporarily work around pick_task_scx() being called without balance_scx() pick_task_scx() must be preceded by balance_scx() but there currently is a bug where fair could say yes on balance() but no on pick_task(), which then ends up calling pick_task_scx() without preceding balance_scx(). Work around by dropping WARN_ON_ONCE() and ignoring cases which don't make sense. This isn't great and can theoretically lead to stalls. However, for switch_all cases, this happens only while a BPF scheduler is being loaded or unloaded, and, for partial cases, fair will likely keep triggering this CPU. This will be reverted once the fair behavior is fixed. Signed-off-by: Tejun Heo Cc: Peter Zijlstra commit 13acc5c4cdbeccf3274cbbd4de2e2d316b8c4ce6 Author: Piotr Raczynski Date: Tue Aug 20 08:58:00 2024 +0200 ice: subfunction activation and base devlink ops Use previously implemented SF aux driver. It is probe during SF activation and remove after deactivation. Implement set/get hw_address and set/get state as basic devlink ops for subfunction. Reviewed-by: Simon Horman Signed-off-by: Piotr Raczynski Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 0c6a3cb6f181c8edb1246016d12dbd08366eb383 Author: Michal Swiatkowski Date: Tue Aug 20 08:57:59 2024 +0200 ice: basic support for VLAN in subfunctions Implement add / delete vlan for subfunction type VSI. Reviewed-by: Simon Horman Reviewed-by: Wojciech Drewek Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 7cde47431df52c73ce51287ccacdc572bb3ddd0a Author: Michal Swiatkowski Date: Tue Aug 20 08:57:58 2024 +0200 ice: support subfunction devlink Tx topology Flow for creating Tx topology is the same as for VF port representors, but the devlink port is stored in different place (sf->devlink_port). When creating VF devlink lock isn't taken, when creating subfunction it is. Setting Tx topology function needs to take this lock, check if it was taken before to not do it twice. Reviewed-by: Simon Horman Reviewed-by: Przemek Kitszel Reviewed-by: Wojciech Drewek Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 54f07712395216e1961b1daf8b92f8e76368655d Author: Michal Swiatkowski Date: Tue Aug 20 08:57:57 2024 +0200 ice: implement netdevice ops for SF representor Subfunction port representor needs the basic netdevice ops to work correctly. Create them. Reviewed-by: Wojciech Drewek Reviewed-by: Jiri Pirko Reviewed-by: Simon Horman Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 0f00a897c9fcbd20dcd47996a2cadde2b41adadc Author: Michal Swiatkowski Date: Tue Aug 20 08:57:56 2024 +0200 ice: check if SF is ready in ethtool ops Now there is another type of port representor. Correct checking if parent device is ready to reflect also new PR type. Reviewed-by: Simon Horman Reviewed-by: Wojciech Drewek Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit ef25090371725a340675a701b9ebd1a125a03ae1 Author: Michal Swiatkowski Date: Tue Aug 20 08:57:55 2024 +0200 ice: don't set target VSI for subfunction Add check for subfunction before setting target VSI. It is needed for PF in switchdev mode but not for subfunction (even in switchdev mode). Reviewed-by: Simon Horman Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 977514fb0fa84ca199262b1a9c1d6f3d8175e775 Author: Michal Swiatkowski Date: Tue Aug 20 08:57:54 2024 +0200 ice: create port representor for SF Implement attaching and detaching SF port representor. It is done in the same way as the VF port representor. SF port representor is always added or removed with devlink lock taken. Reviewed-by: Simon Horman Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 415db8399d06a45ebd7b7d26b951f831a4b01801 Author: Michal Swiatkowski Date: Tue Aug 20 08:57:53 2024 +0200 ice: make representor code generic Keep the same flow of port representor creation, but instead of general attach function create helpers for specific representor type. Store function pointer for add and remove representor. Type of port representor can be also known based on VSI type, but it is more clean to have it directly saved in port representor structure. Add devlink lock for whole port representor creation and destruction. Reviewed-by: Simon Horman Reviewed-by: Wojciech Drewek Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 8f9b681adb4437c8b2d1ad998d66b79558bc900a Author: Piotr Raczynski Date: Tue Aug 20 08:57:52 2024 +0200 ice: implement netdev for subfunction Configure netdevice for subfunction usecase. Mostly it is reusing ops from the PF netdevice. SF netdev is linked to devlink port registered after SF activation. Reviewed-by: Simon Horman Reviewed-by: Jiri Pirko Signed-off-by: Piotr Raczynski Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 177ef7f1e2a051e8962048ffd41973d29be3302c Author: Piotr Raczynski Date: Tue Aug 20 08:57:51 2024 +0200 ice: base subfunction aux driver Implement subfunction driver. It is probe when subfunction port is activated. VSI is already created. During the probe VSI is being configured. MAC unicast and broadcast filter is added to allow traffic to pass. Store subfunction pointer in VSI struct. The same is done for VF pointer. Make union of subfunction and VF pointer as only one of them can be set with one VSI. Reviewed-by: Simon Horman Reviewed-by: Jiri Pirko Signed-off-by: Piotr Raczynski Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit f43e3be662e6e75352e0242e2a58c936d7a9a65f Author: Piotr Raczynski Date: Tue Aug 20 08:57:50 2024 +0200 ice: allocate devlink for subfunction Allocate devlink for subfunction instance. Create header file for subfunction device. Define subfunction device structure there as it is needed for devlink allocation. Reviewed-by: Przemek Kitszel Reviewed-by: Jiri Pirko Signed-off-by: Piotr Raczynski Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 747967b0bbfae121d1f474b077001ddb24537259 Author: Michal Swiatkowski Date: Tue Aug 20 08:57:49 2024 +0200 ice: treat subfunction VSI the same as PF VSI When subfunction VSI is open the same code as for PF VSI should be executed. Also when up is complete. Reflect that in code by adding subfunction VSI to consideration. In case of stopping, PF doesn't have additional tasks, so the same is with subfunction VSI. Reviewed-by: Simon Horman Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit eda69d654c7edae21312f731e0308941cb2ee2a9 Author: Piotr Raczynski Date: Tue Aug 20 08:57:48 2024 +0200 ice: add basic devlink subfunctions support Implement devlink port handlers responsible for ethernet type devlink subfunctions. Create subfunction devlink port and setup all resources needed for a subfunction netdev to operate. Configure new VSI for each new subfunction, initialize and configure interrupts and Tx/Rx resources. Set correct MAC filters and create new netdev. For now, subfunction is limited to only one Tx/Rx queue pair. Only allocate new subfunction VSI with devlink port new command. Allocate and free subfunction MSIX interrupt vectors using new API calls with pci_msix_alloc_irq_at and pci_msix_free_irq. Support both automatic and manual subfunction numbers. If no subfunction number is provided, use xa_alloc to pick a number automatically. This will find the first free index and use that as the number. This reduces burden on users in the simple case where a specific number is not required. It may also be slightly faster to check that a number exists since xarray lookup should be faster than a linear scan of the dyn_ports xarray. Co-developed-by: Jacob Keller Signed-off-by: Jacob Keller Signed-off-by: Piotr Raczynski Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 004688c4cb5b2ef598fc33e4daf07ef76f79c16c Author: Piotr Raczynski Date: Tue Aug 20 08:57:47 2024 +0200 ice: export ice ndo_ops functions Make some of the netdevice_ops functions visible from outside for another VSI type created netdev. Reviewed-by: Simon Horman Reviewed-by: Przemek Kitszel Reviewed-by: Wojciech Drewek Signed-off-by: Piotr Raczynski Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 597b8af58bb2df443ebbdbdc4eef297f5d79d356 Author: Piotr Raczynski Date: Tue Aug 20 08:57:46 2024 +0200 ice: add new VSI type for subfunctions Add required plumbing for new VSI type dedicated to devlink subfunctions. Make sure that the vsi is properly configured and destroyed. Also allow loading XDP and AF_XDP sockets. The first implementation of devlink subfunctions supports only one Tx/Rx queue pair per given subfunction. Reviewed-by: Simon Horman Reviewed-by: Przemek Kitszel Reviewed-by: Wojciech Drewek Signed-off-by: Piotr Raczynski Signed-off-by: Michal Swiatkowski Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit d981ed8419303ed12351eea8541ad6cb76455fe3 Author: Xiao Ni Date: Thu Sep 5 07:54:53 2024 +0800 md: Add new_level sysfs interface Now reshape supports two ways: with backup file or without backup file. For the situation without backup file, it needs to change data offset. It doesn't need systemd service mdadm-grow-continue. So it can finish the reshape job in one process environment. It can know the new level from mdadm --grow command and can change to new level after reshape finishes. For the situation with backup file, it needs systemd service mdadm-grow-continue to monitor reshape progress. So there are two process envolved. One is mdadm --grow command whick kicks off reshape and wakes up mdadm-grow-continue service. The second process is the service, which doesn't know the new level from the first process. In kernel space mddev->new_level is used to record the new level when doing reshape. This patch adds a new interface to help mdadm update new_level and sync it to metadata. Then mdadm-grow-continue can read the right new_level. Commit log revised by Song Liu. Please refer to the link for more details. Signed-off-by: Xiao Ni Link: https://lore.kernel.org/r/20240904235453.99120-1-xni@redhat.com Signed-off-by: Song Liu commit b39121354f95cdca77d7576a979c5cbe387a9eed Author: Uwe Kleine-König Date: Fri Sep 6 16:11:33 2024 +0200 w1: ds2482: Drop explicit initialization of struct i2c_device_id::driver_data to 0 This driver doesn't use the driver_data member of struct i2c_device_id, so don't explicitly initialize this member. This prepares putting driver_data in an anonymous union which requires either no initialization or named designators. But it's also a nice cleanup on its own. Signed-off-by: Uwe Kleine-König Reviewed-by: Wolfram Sang Link: https://lore.kernel.org/r/20240725160909.326143-2-u.kleine-koenig@baylibre.com Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240906141135.72080-1-krzysztof.kozlowski@linaro.org Signed-off-by: Greg Kroah-Hartman commit 9d06852b249c24349ffcb162f0623d6d71f311b2 Merge: 3ff77190cc892f a5733950fe35d5 Author: Greg Kroah-Hartman Date: Fri Sep 6 19:17:16 2024 +0200 Merge tag 'icc-6.12-rc1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/djakov/icc into char-misc-next Georgi writes: interconnect changes for 6.12 This pull request contains the interconnect changes for the 6.12-rc1 merge window. It contains new drivers and fixes with the following highlights: Driver changes: - New driver for MSM8976 platforms - New driver for MSM8937 platforms - Enable sync_state for SM8250 platforms - Enable QoS support for QCS404 - Add ab_coeff bandwidth adjustments for MSM8953 - Drop the unsupported yet DISP nodes on SM8350 platforms - Fix missed num_nodes initialization in icc-clk driver - Misc DT and documentation fixes Signed-off-by: Georgi Djakov * tag 'icc-6.12-rc1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/djakov/icc: dt-bindings: interconnect: qcom: Do not require reg for sc8180x virt NoCs dt-bindings: interconnect: qcom-bwmon: Document SA8775p bwmon compatibles dt-bindings: interconnect: qcom: msm8953: Fix 'See also' in description interconnect: qcom: msm8953: Add ab_coeff dt-bindings: interconnect: qcom: msm8939: Fix example interconnect: qcom: qcs404: Add regmaps and more bus descriptions interconnect: qcom: qcs404: Mark AP-owned nodes as such interconnect: qcom: Add MSM8937 interconnect provider driver interconnect: qcom: sm8250: Enable sync_state dt-bindings: interconnect: qcom,sm8350: drop DISP nodes interconnect: qcom: sm8350: drop DISP nodes dt-bindings: interconnect: qcom: Add Qualcomm MSM8937 NoC interconnect: qcom: Add MSM8976 interconnect provider driver dt-bindings: interconnect: qcom: Add Qualcomm MSM8976 NoC interconnect: icc-clk: Add missed num_nodes initialization dt-bindings: interconnect: qcom,rpmh: correct sm8150 camnoc commit 80e67f1802d0fc21543216557a68320c71d7dbe1 Author: John B. Wyatt IV Date: Fri Sep 6 09:00:06 2024 -0400 pm:cpupower: Add error warning when SWIG is not installed Add error message to better explain to the user when SWIG and python-config is missing from the path. Makefile was cleaned up and unneeded elements were removed. Suggested-by: Shuah Khan Signed-off-by: John B. Wyatt IV Signed-off-by: John B. Wyatt IV Signed-off-by: Shuah Khan commit 7beaf1da074f7ea25454d6c11da142c3892d3c4e Author: Shuah Khan Date: Thu Sep 5 12:02:31 2024 -0600 selftests:resctrl: Fix build failure on archs without __cpuid_count() When resctrl is built on architectures without __cpuid_count() support, build fails. resctrl uses __cpuid_count() defined in kselftest.h. Even though the problem is seen while building resctrl on aarch64, this error can be seen on any platform that doesn't support CPUID. CPUID is a x86/x86-64 feature and code paths with CPUID asm commands will fail to build on all other architectures. All others tests call __cpuid_count() do so from x86/x86_64 code paths when _i386__ or __x86_64__ are defined. resctrl is an exception. Fix the problem by defining __cpuid_count() only when __i386__ or __x86_64__ are defined in kselftest.h and changing resctrl to call __cpuid_count() only when __i386__ or __x86_64__ are defined. In file included from resctrl.h:24, from cat_test.c:11: In function ‘arch_supports_noncont_cat’, inlined from ‘noncont_cat_run_test’ at cat_test.c:326:6: ../kselftest.h:74:9: error: impossible constraint in ‘asm’ 74 | __asm__ __volatile__ ("cpuid\n\t" \ | ^~~~~~~ cat_test.c:304:17: note: in expansion of macro ‘__cpuid_count’ 304 | __cpuid_count(0x10, 1, eax, ebx, ecx, edx); | ^~~~~~~~~~~~~ ../kselftest.h:74:9: error: impossible constraint in ‘asm’ 74 | __asm__ __volatile__ ("cpuid\n\t" \ | ^~~~~~~ cat_test.c:306:17: note: in expansion of macro ‘__cpuid_count’ 306 | __cpuid_count(0x10, 2, eax, ebx, ecx, edx); Fixes: ae638551ab64 ("selftests/resctrl: Add non-contiguous CBMs CAT test") Reported-by: Muhammad Usama Anjum Closes: https://lore.kernel.org/lkml/20240809071059.265914-1-usama.anjum@collabora.com/ Reported-by: Ilpo Järvinen Signed-off-by: Shuah Khan Acked-by: Reinette Chatre Reviewed-by: Muhammad Usama Anjum Reviewed-by: Ilpo Järvinen Signed-off-by: Shuah Khan commit 759ec28242894f2006a1606c1d6e9aca48cecfcf Author: Mariusz Tkaczyk Date: Wed Sep 4 12:48:48 2024 +0200 PCI/NPEM: Add _DSM PCIe SSD status LED management The PCIe SSD Status LED Management _DSM defined in PCI Firmware Spec r3.3 sec 4.7 provides a way to manage LEDs via ACPI. The design is similar to NPEM defined in PCIe Base Specification r6.1 sec 6.28: - Both standards are indication oriented, - _DSM supported bits correspond to NPEM capability register bits, - _DSM control bits correspond to NPEM control register bits. _DSM does not support enclosure-specific indications or the special NPEM commands NPEM_ENABLE and NPEM_RESET. _DSM is implemented as a second backend in NPEM driver. The backend used is logged with info priority. The same sysfs interface is used for both NPEM and _DSM. According to spec, _DSM has higher priority, and availability of _DSM in not limited to devices with NPEM support. The Dell implementation of DSM uses acpi ipmi, which may not be available immediately (in fact it may take up to 10s for this interface to be available). It can determine if DSM is supported (GET_SUPPORTED_STATES_DSM is working) but it cannot serve GET_STATE_DSM or SET_STATE_DSM commands in this time. From userspace application perspective (primarily configured by systemd service) it is better to have not working but configured interface rather than have it available after few seconds. For that reason, npem->active_indications cache is now loaded lazily, i.e. any GET or SET request want cache to be updated if it is not done yet. Link: https://lore.kernel.org/r/20240904104848.23480-4-mariusz.tkaczyk@linux.intel.com Suggested-by: Lukas Wunner Signed-off-by: Stuart Hayes Signed-off-by: Mariusz Tkaczyk Signed-off-by: Bjorn Helgaas Tested-by: Stuart Hayes Reviewed-by: Christoph Hellwig Reviewed-by: Ilpo Järvinen commit bf751ad062b58d0750a5b9fb77d1400532a0ea44 Author: Thorsten Blum Date: Tue Aug 27 14:48:40 2024 +0200 affs: Replace one-element array with flexible-array member Replace the deprecated one-element array with a modern flexible-array member in the struct affs_root_head. Add a comment that most struct members are not used, but kept as documentation. Link: https://github.com/KSPP/linux/issues/79 Signed-off-by: Thorsten Blum Reviewed-by: David Sterba Signed-off-by: David Sterba commit 112bcd25980e0568e5154837c03b534afb31cc39 Author: Thorsten Blum Date: Thu Aug 15 23:35:01 2024 +0200 affs: Remove unused macros GET_END_PTR, AFFS_GET_HASHENTRY The macros GET_END_PTR() and AFFS_GET_HASHENTRY() are not used anymore and can be removed. Remove them. Signed-off-by: Thorsten Blum Reviewed-by: David Sterba Signed-off-by: David Sterba commit 061dd21ca712cd7103c26ed77bb4a04d98930981 Author: Billy Tsai Date: Mon Aug 26 11:38:21 2024 +0800 i3c/master: cmd_v1: Fix the rule for getting i3c mode Based on the I3C TCRI specification, the rules for determining the I3C mode are as follows: I3C SCL rate > 8MHz: use SDR0, as SDR1 has a maximum data rate of 8MHz I3C SCL rate > 6MHz: use SDR1, as SDR2 has a maximum data rate of 6MHz I3C SCL rate > 4MHz: use SDR2, as SDR3 has a maximum data rate of 4MHz I3C SCL rate > 2MHz: use SDR3, as SDR4 has a maximum data rate of 2MHz Otherwise, use SDR4 Signed-off-by: Billy Tsai Link: https://lore.kernel.org/r/20240826033821.175591-1-billy_tsai@aspeedtech.com Signed-off-by: Alexandre Belloni commit 7d47d22444bb7dc1b6d768904a22070ef35e1fc0 Author: Junhao Xie Date: Tue Sep 3 23:06:38 2024 +0800 USB: serial: pl2303: add device id for Macrosilicon MS3020 Add the device id for the Macrosilicon MS3020 which is a PL2303HXN based device. Signed-off-by: Junhao Xie Cc: stable@vger.kernel.org Signed-off-by: Johan Hovold commit 395999829880a106bb95f0ce34e6e4c2b43c6a5d Author: Charles Han Date: Wed Aug 28 17:24:27 2024 +0800 mtd: powernv: Add check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fixes: acfe63ec1c59 ("mtd: Convert to using %pOFn instead of device_node.name") Signed-off-by: Charles Han Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240828092427.128177-1-hanchunchao@inspur.com commit 81cb3be3261e766a1f8efab9e3154a4f4fd9d03d Author: Miquel Raynal Date: Mon Aug 26 17:30:18 2024 +0200 mtd: rawnand: mtk: Factorize out the logic cleaning mtk chips There are some un-freed resources in one of the error path which would benefit from a helper going through all the registered mtk chips one by one and perform all the necessary cleanup. This is precisely what the remove path does, so let's extract the logic in a helper. There is no functional change. Signed-off-by: Miquel Raynal Reviewed-by: Pratyush Yadav Reviewed-by: Matthias Brugger Link: https://lore.kernel.org/linux-mtd/20240826153019.67106-1-miquel.raynal@bootlin.com commit 9b3c395096dcfd180877776d492173419a5251d2 Author: Alexander Dahl Date: Wed Aug 28 08:37:06 2024 +0200 mtd: rawnand: atmel: Add message on DMA usage Like for other atmel drivers (serial, crypto, mmc, …), too. Signed-off-by: Alexander Dahl Acked-by: Nicolas Ferre Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240828063707.73869-1-ada@thorsis.com commit 9ab52d9800b0d71deafb0f9a3ed4d29b69089ad2 Author: Miquel Raynal Date: Mon Aug 26 17:31:58 2024 +0200 mtd: rawnand: meson: Fix typo in function name There is a reason why sometime we write "NAND chip" with an 's'. It usually means several chips can be managed by the same controller. So when initializing a single chip at a time, the wording "chip" must be used, otherwise when talking about all the chips managed by the controller, we want to use "chips". Fix the function name to clarify the meson_nfc_nand_chip*s*_cleanup() helper intend. Signed-off-by: Miquel Raynal Reviewed-by: Pratyush Yadav Link: https://lore.kernel.org/linux-mtd/20240826153158.67334-1-miquel.raynal@bootlin.com commit 11813857864f4326c4f23ea5b2e3f276f83af5f7 Author: Miquel Raynal Date: Mon Aug 26 12:14:12 2024 +0200 mtd: spi-nand: macronix: Continuous read support Enabling continuous read support implies several changes which must be done atomically in order to keep the code base consistent and bisectable. 1/ Retrieving bitflips differently Improve the helper retrieving the number of bitflips to support the case where many pages have been read instead of just one. In this case, if there is one page with bitflips, we cannot know the detail and just get the information of the maximum number of bitflips corrected in the most corrupted chunk. Compatible Macronix flashes return: - the ECC status for the last page read (bits 0-3), - the amount of bitflips for the whole read operation (bits 4-7). Hence, when reading two consecutive pages, if there was 2 bits corrected at most in one chunk, we return this amount times (arbitrary) the number read pages. It is probably a very pessimistic calculation in most cases, but still less pessimistic than if we multiplied this amount by the number of chunks. Anyway, this is just for statistics, the important data is the maximum amount of bitflips, which leads to wear leveling. 2/ Configuring, enabling and disabling the feature Create an init function for allocating a vendor structure. Use this vendor structure to cache the internal continuous read state. The state is being used to discriminate between the two bitflips retrieval methods. Finally, helpers for enabling and disabling sequential reads are also created. 3/ Fill the chips table Flag all the chips supporting the feature with the ->set_cont_read() helper. In order to validate the changes, I modified the mtd-utils test suite with extended versions of nandbiterrs, nanddump and flash_speed in order to support, test and benchmark continuous reads. I also ran all the UBI tests successfully. The nandbiterrs tool allows to track the ECC efficiency and feedback. Here is its default output (stripped): Successfully corrected 0 bit errors per subpage Read reported 1 corrected bit errors Successfully corrected 1 bit errors per subpage Read reported 2 corrected bit errors Successfully corrected 2 bit errors per subpage Read reported 3 corrected bit errors Successfully corrected 3 bit errors per subpage Read reported 4 corrected bit errors Successfully corrected 4 bit errors per subpage Read reported 5 corrected bit errors Successfully corrected 5 bit errors per subpage Read reported 6 corrected bit errors Successfully corrected 6 bit errors per subpage Read reported 7 corrected bit errors Successfully corrected 7 bit errors per subpage Read reported 8 corrected bit errors Successfully corrected 8 bit errors per subpage Failed to recover 1 bitflips Read error after 9 bit errors per page The output using the continuous option over two pages (the second page is kept intact): Successfully corrected 0 bit errors per subpage Read reported 2 corrected bit errors Successfully corrected 1 bit errors per subpage Read reported 4 corrected bit errors Successfully corrected 2 bit errors per subpage Read reported 6 corrected bit errors Successfully corrected 3 bit errors per subpage Read reported 8 corrected bit errors Successfully corrected 4 bit errors per subpage Read reported 10 corrected bit errors Successfully corrected 5 bit errors per subpage Read reported 12 corrected bit errors Successfully corrected 6 bit errors per subpage Read reported 14 corrected bit errors Successfully corrected 7 bit errors per subpage Read reported 16 corrected bit errors Successfully corrected 8 bit errors per subpage Failed to recover 1 bitflips Read error after 9 bit errors per page Regarding the throughput improvements, tests have been conducted in 1-1-1 and 1-1-4 modes, reading a full block X pages at a time, X ranging from 1 to 64 (size of a block with the tested device). The percent value on the right is the comparison of the same test conducted without the continuous read feature, ie. reading X pages in one single user request, which got naturally split by the core whit the continuous read optimization disabled into single-page reads. * 1-1-1 result: 1 page read speed is 2634 KiB/s 2 page read speed is 2704 KiB/s (+3%) 3 page read speed is 2747 KiB/s (+5%) 4 page read speed is 2804 KiB/s (+7%) 5 page read speed is 2782 KiB/s 6 page read speed is 2826 KiB/s 7 page read speed is 2834 KiB/s 8 page read speed is 2821 KiB/s 9 page read speed is 2846 KiB/s 10 page read speed is 2819 KiB/s 11 page read speed is 2871 KiB/s (+10%) 12 page read speed is 2823 KiB/s 13 page read speed is 2880 KiB/s 14 page read speed is 2842 KiB/s 15 page read speed is 2862 KiB/s 16 page read speed is 2837 KiB/s 32 page read speed is 2879 KiB/s 64 page read speed is 2842 KiB/s * 1-1-4 result: 1 page read speed is 7562 KiB/s 2 page read speed is 8904 KiB/s (+15%) 3 page read speed is 9655 KiB/s (+25%) 4 page read speed is 10118 KiB/s (+30%) 5 page read speed is 10084 KiB/s 6 page read speed is 10300 KiB/s 7 page read speed is 10434 KiB/s (+35%) 8 page read speed is 10406 KiB/s 9 page read speed is 10769 KiB/s (+40%) 10 page read speed is 10666 KiB/s 11 page read speed is 10757 KiB/s 12 page read speed is 10835 KiB/s 13 page read speed is 10976 KiB/s 14 page read speed is 11200 KiB/s 15 page read speed is 11009 KiB/s 16 page read speed is 11082 KiB/s 32 page read speed is 11352 KiB/s (+45%) 64 page read speed is 11403 KiB/s This work has received support and could be achieved thanks to Alvin Zhou . Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826101412.20644-10-miquel.raynal@bootlin.com commit e1f251e1aad8b1cfb322cbd6057300e4613534f0 Author: Miquel Raynal Date: Mon Aug 26 12:14:11 2024 +0200 mtd: spi-nand: macronix: Add a possible bitflip status flag Macronix SPI-NANDs encode the ECC status into two bits. There are three standard situations (no bitflip, bitflips, error), and an additional possible situation which is only triggered when configuring the 0x10 configuration register, allowing to know, if there have been bitflips, whether the maximum amount of bitflips was above a configurable threshold or not. In all cases, for now, s this configuration register is unset, it means the same as "there are bitflips". This value is maybe standard, maybe not. For now, let's define it in the Macronix driver, we can safely move it to a shared place later if that is relevant. Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826101412.20644-9-miquel.raynal@bootlin.com commit 18073e395cd6d0de1427c4248380ccdbf937375d Author: Miquel Raynal Date: Mon Aug 26 12:14:10 2024 +0200 mtd: spi-nand: macronix: Extract the bitflip retrieval logic With GET_STATUS commands, SPI-NAND devices can tell the status of the last read operation, in particular if there was: - no bitflips - corrected bitflips - uncorrectable bitflips The next step then to read an ECC status register and retrieve the amount of bitflips, when relevant, if possible. The logic used here works well for now, but will no longer apply to continuous reads. In order to prepare the introduction of continuous reads, let's factorize out the code that is specific to single-page reads. Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826101412.20644-8-miquel.raynal@bootlin.com commit ed148d30eaf4ff55c95ae495ad9b9ffb970f7826 Author: Miquel Raynal Date: Mon Aug 26 12:14:09 2024 +0200 mtd: spi-nand: macronix: Fix helper name Use "macronix_" instead of "mx35lf1ge4ab_" as common prefix for the ->get_status() callback name. This callback is used by many different families, there is no variation in the implementation so far. Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826101412.20644-7-miquel.raynal@bootlin.com commit a06f2e7cc4de104b14971e08d37f9d08c256b053 Author: Miquel Raynal Date: Mon Aug 26 12:14:08 2024 +0200 mtd: spi-nand: Expose spinand_write_reg_op() This helper function will soon be used from a vendor driver, let's export it through the spinand.h header. No need for any export, as there is currently no reason for any module to need it. Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826101412.20644-6-miquel.raynal@bootlin.com commit 631cfdd0520d19b7f4fc13b834fd9c8b46c6dbac Author: Miquel Raynal Date: Mon Aug 26 12:14:07 2024 +0200 mtd: spi-nand: Add continuous read support A regular page read consist in: - Asking one page of content from the NAND array to be loaded in the chip's SRAM, - Waiting for the operation to be done, - Retrieving the data (I/O phase) from the chip's SRAM. When reading several sequential pages, the above operation is repeated over and over. There is however a way to optimize these accesses, by enabling continuous reads. The feature requires the NAND chip to have a second internal SRAM area plus a bit of additional internal logic to trigger another internal transfer between the NAND array and the second SRAM area while the I/O phase is ongoing. Once the first I/O phase is done, the host can continue reading more data, continuously, as the chip will automatically switch to the second SRAM content (which has already been loaded) and in turns trigger the next load into the first SRAM area again. From an instruction perspective, the command op-codes are different, but the same cycles are required. The only difference is that after a continuous read (which is stopped by a CS deassert), the host must observe a delay of tRST. However, because there is no guarantee in Linux regarding the actual state of the CS pin after a transfer (in order to speed-up the next transfer if targeting the same device), it was necessary to manually end the continuous read with a configuration register write operation. Continuous reads have two main drawbacks: * They only work on full pages (column address ignored) * Only the main data area is pulled, out-of-band bytes are not accessible. Said otherwise, the feature can only be useful with on-die ECC engines. Performance wise, measures have been performed on a Zynq platform using Macronix SPI-NAND controller with a Macronix chip (based on the flash_speed tool modified for testing sequential reads): - 1-1-1 mode: performances improved from +3% (2-pages) up to +10% after a dozen pages. - 1-1-4 mode: performances improved from +15% (2-pages) up to +40% after a dozen pages. This series is based on a previous work from Macronix engineer Jaime Liao. Signed-off-by: Miquel Raynal Reviewed-by: Pratyush Yadav Link: https://lore.kernel.org/linux-mtd/20240826101412.20644-5-miquel.raynal@bootlin.com commit 79da17072e22a802a321ca44c9082ee2e855e72b Author: Miquel Raynal Date: Mon Aug 26 12:14:06 2024 +0200 mtd: spi-nand: Isolate the MTD read logic in a helper There is currently only a single path for performing page reads as requested by the MTD layer. Soon there will be two: - a "regular" page read - a continuous page read Let's extract the page read logic in a dedicated helper, so the introduction of continuous page reads will be as easy as checking whether continuous reads shall/can be used and calling one helper or the other. There is not behavioral change intended. Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826101412.20644-4-miquel.raynal@bootlin.com commit 8adf1ac24ba8ee34b8fd36ebf159004ec472fca0 Author: Miquel Raynal Date: Mon Aug 26 12:14:05 2024 +0200 mtd: nand: Introduce a block iterator In order to be able to iterate easily across eraseblocks rather than pages, let's introduce a block iterator inspired from the page iterator. The main usage of this iterator will be for continuous/sequential reads, where it is interesting to use a single request rather than split the requests in smaller chunks (ie. pages) that can be hardly optimized. So a "continuous" boolean get's added for this purpose. Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826101412.20644-3-miquel.raynal@bootlin.com commit 3f4c0ad490cc55db5b375a2e19c67159cb255795 Author: Miquel Raynal Date: Mon Aug 26 12:14:04 2024 +0200 mtd: nand: Rename the NAND IO iteration helper Soon a helper for iterating over blocks will be needed (for continuous read purposes). In order to clarify the intend of this helper, let's rename it with the "page" wording inside. While at it, improve the doc and fix a typo. Signed-off-by: Miquel Raynal Reviewed-by: Pratyush Yadav Link: https://lore.kernel.org/linux-mtd/20240826101412.20644-2-miquel.raynal@bootlin.com commit b59fdc7f38812fa811a1f8d63ca2d42c9728c09c Author: Jinjie Ruan Date: Mon Aug 26 17:43:28 2024 +0800 mtd: rawnand: sunxi: Use for_each_child_of_node_scoped() Avoids the need for manual cleanup of_node_put() in early exits from the loop. Signed-off-by: Jinjie Ruan Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826094328.2991664-11-ruanjinjie@huawei.com commit f5b30c7f47f25751b4c35b69d5ad42b1ed81adac Author: Jinjie Ruan Date: Mon Aug 26 17:43:27 2024 +0800 mtd: rawnand: stm32_fmc2: Use for_each_child_of_node_scoped() Avoids the need for manual cleanup of_node_put() in early exits from the loop. Signed-off-by: Jinjie Ruan Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826094328.2991664-10-ruanjinjie@huawei.com commit f3b3c47ca41f696623e71596416d34fe1671d229 Author: Jinjie Ruan Date: Mon Aug 26 17:43:26 2024 +0800 mtd: rawnand: renesas: Use for_each_child_of_node_scoped() Avoids the need for manual cleanup of_node_put() in early exits from the loop. Signed-off-by: Jinjie Ruan Reviewed-by: Geert Uytterhoeven Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826094328.2991664-9-ruanjinjie@huawei.com commit 8795952679494b111b7b2ba08bb54ac408daca3b Author: Jinjie Ruan Date: Mon Aug 26 17:43:25 2024 +0800 mtd: rawnand: mtk: Use for_each_child_of_node_scoped() Avoids the need for manual cleanup of_node_put() in early exits from the loop. Signed-off-by: Jinjie Ruan Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826094328.2991664-8-ruanjinjie@huawei.com commit ee06c7821d0426d0f998593cbc442757247e7cd6 Author: Jinjie Ruan Date: Mon Aug 26 17:43:24 2024 +0800 mtd: rawnand: meson: Use for_each_child_of_node_scoped() Avoids the need for manual cleanup of_node_put() in early exits from the loop. Signed-off-by: Jinjie Ruan Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826094328.2991664-7-ruanjinjie@huawei.com commit 0d5c32b5c877d61afc954c760dc58f3b8626ec04 Author: Jinjie Ruan Date: Mon Aug 26 17:43:23 2024 +0800 mtd: rawnand: rockchip: Use for_each_child_of_node_scoped() Avoids the need for manual cleanup of_node_put() in early exits from the loop. Signed-off-by: Jinjie Ruan Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826094328.2991664-6-ruanjinjie@huawei.com commit 707f2d0720ed6831d736cca084b62ba97eb7fa23 Author: Jinjie Ruan Date: Mon Aug 26 17:43:22 2024 +0800 mtd: rawnand: marvell: drm/rockchip: Use for_each_child_of_node_scoped() Avoids the need for manual cleanup of_node_put() in early exits from the loop. Signed-off-by: Jinjie Ruan Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826094328.2991664-5-ruanjinjie@huawei.com commit e2e4eddf7b16a0cb431878e95e8bb80d893e4077 Author: Jinjie Ruan Date: Mon Aug 26 17:43:21 2024 +0800 mtd: rawnand: pl353: Use for_each_child_of_node_scoped() Avoids the need for manual cleanup of_node_put() in early exits from the loop by using for_each_child_of_node_scoped(). Signed-off-by: Jinjie Ruan Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826094328.2991664-4-ruanjinjie@huawei.com commit fc214e50e292550dcd77e459e59a2a385bda4735 Author: Jinjie Ruan Date: Mon Aug 26 17:43:20 2024 +0800 mtd: rawnand: cadence: Use for_each_child_of_node_scoped() Avoids the need for manual cleanup of_node_put() in early exits from the loop by using for_each_child_of_node_scoped(). Signed-off-by: Jinjie Ruan Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826094328.2991664-3-ruanjinjie@huawei.com commit 7021a797689d288a06cb48d0da44880d1dcaff8d Author: Jinjie Ruan Date: Mon Aug 26 17:43:19 2024 +0800 mtd: rawnand: arasan: Use for_each_child_of_node_scoped() Avoids the need for manual cleanup of_node_put() in early exits from the loop. Signed-off-by: Jinjie Ruan Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826094328.2991664-2-ruanjinjie@huawei.com commit 3c0e167c21721901413e8bc2293642f4ee6f983f Author: Jinjie Ruan Date: Mon Aug 26 16:04:08 2024 +0800 mtd: rawnand: denali: Use the devm_clk_get_enabled() helper function The devm_clk_get_enabled() helper: - calls devm_clk_get() - calls clk_prepare_enable() and registers what is needed in order to call clk_disable_unprepare() when needed, as a managed resource. This simplifies the code. Signed-off-by: Jinjie Ruan Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826080408.2522978-1-ruanjinjie@huawei.com commit d43b24f50da293009050e172e7c3769571db79c6 Author: Chen Ridong Date: Mon Aug 26 02:43:39 2024 +0000 mtd: rawnand: denali: Fix missing pci_release_regions in probe and remove The pci_release_regions was miss at error case, just add it. Signed-off-by: Chen Ridong Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240826024339.476921-1-chenridong@huawei.com commit 241c044e743f9c55886828763c99b51b0392c21d Author: ying zuxin <11154159@vivo.com> Date: Fri Sep 6 16:48:31 2024 +0800 ASoC: codecs: Use devm_clk_get_enabled() helpers The devm_clk_get_enabled() helpers: - call devm_clk_get() - call clk_prepare_enable() and register what is needed in order to call clk_disable_unprepare() when needed, as a managed resource. This simplifies the code and avoids the calls to clk_disable_unprepare(). Signed-off-by: ying zuxin <11154159@vivo.com> Link: https://patch.msgid.link/20240906084841.19248-1-yingzuxin@vivo.com Signed-off-by: Mark Brown commit 68d20eb60efbdc80662efedeb088353e9c4aa17f Author: Sebastian Andrzej Siewior Date: Fri Sep 6 16:14:45 2024 +0200 zram: Shrink zram_table_entry::flags. The zram_table_entry::flags member is of type long and uses 8 bytes on a 64bit architecture. With a PAGE_SIZE of 256KiB we have PAGE_SHIFT of 18 which in turn leads to __NR_ZRAM_PAGEFLAGS = 27. This still fits in an ordinary integer. By reducing the size of `flags' to four bytes, the size of the struct goes back to 16 bytes. The padding between the lock and ac_time (if enabled) is also gone. Make zram_table_entry::flags an unsigned int and update the build test to reflect the change. Reviewed-by: Sergey Senozhatsky Signed-off-by: Sebastian Andrzej Siewior Reviewed-by: Jens Axboe Link: https://lore.kernel.org/r/20240906141520.730009-4-bigeasy@linutronix.de Signed-off-by: Jens Axboe commit 6086aeb49e3d9e25165769b2a0a13ff67f98a1a2 Author: Sebastian Andrzej Siewior Date: Fri Sep 6 16:14:44 2024 +0200 zram: Remove ZRAM_LOCK The ZRAM_LOCK was used for locking and after the addition of spinlock_t the bit set and cleared but there no reader of it. Remove the ZRAM_LOCK bit. Reviewed-by: Sergey Senozhatsky Signed-off-by: Sebastian Andrzej Siewior Reviewed-by: Jens Axboe Link: https://lore.kernel.org/r/20240906141520.730009-3-bigeasy@linutronix.de Signed-off-by: Jens Axboe commit 9518e5bfaae19447d657983d0628062ab6712610 Author: Mike Galbraith Date: Fri Sep 6 16:14:43 2024 +0200 zram: Replace bit spinlocks with a spinlock_t. The bit spinlock disables preemption. The spinlock_t lock becomes a sleeping lock on PREEMPT_RT and it can not be acquired in this context. In this locked section, zs_free() acquires a zs_pool::lock, and there is access to zram::wb_limit_lock. Add a spinlock_t for locking. Keep the set/ clear ZRAM_LOCK bit after the lock has been acquired/ dropped. The size of struct zram_table_entry increases by 4 bytes due to lock and additional 4 bytes padding with CONFIG_ZRAM_TRACK_ENTRY_ACTIME enabled. Signed-off-by: Mike Galbraith Reviewed-by: Sergey Senozhatsky Signed-off-by: Sebastian Andrzej Siewior Reviewed-by: Jens Axboe Link: https://lore.kernel.org/r/20240906141520.730009-2-bigeasy@linutronix.de Signed-off-by: Jens Axboe commit 003265bb6f028d7bcd7cbd92d6ba2b4e26382796 Author: Kan Liang Date: Thu Sep 5 10:07:37 2024 -0700 perf mem: Fix the wrong reference in parse_record_events() A segmentation fault can be triggered when running 'perf mem record -e ldlat-loads' The commit 35b38a71c92fa033 ("perf mem: Rework command option handling") moves the OPT_CALLBACK of event from __cmd_record() to cmd_mem(). When invoking the __cmd_record(), the 'mem' has been referenced (&). So the &mem passed into the parse_record_events() is a double reference (&&) of the original struct perf_mem mem. But in the cmd_mem(), the &mem is the single reference (&) of the original struct perf_mem mem. Fixes: 35b38a71c92fa033 ("perf mem: Rework command option handling") Signed-off-by: Kan Liang Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240905170737.4070743-3-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 5ad7db2c3f941cde3045ce38a9c4c40b0c7d56b9 Author: Kan Liang Date: Thu Sep 5 10:07:36 2024 -0700 perf mem: Fix missed p-core mem events on ADL and RPL The p-core mem events are missed when launching 'perf mem record' on ADL and RPL. root@number:~# perf mem record sleep 1 Memory events are enabled on a subset of CPUs: 16-27 [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.032 MB perf.data ] root@number:~# perf evlist cpu_atom/mem-loads,ldlat=30/P cpu_atom/mem-stores/P dummy:u A variable 'record' in the 'struct perf_mem_event' is to indicate whether a mem event in a mem_events[] should be recorded. The current code only configure the variable for the first eligible PMU. It's good enough for a non-hybrid machine or a hybrid machine which has the same mem_events[]. However, if a different mem_events[] is used for different PMUs on a hybrid machine, e.g., ADL or RPL, the 'record' for the second PMU never get a chance to be set. The mem_events[] of the second PMU are always ignored. 'perf mem' doesn't support the per-PMU configuration now. A per-PMU mem_events[] 'record' variable doesn't make sense. Make it global. That could also avoid searching for the per-PMU mem_events[] via perf_pmu__mem_events_ptr every time. Committer testing: root@number:~# perf evlist -g cpu_atom/mem-loads,ldlat=30/P cpu_atom/mem-stores/P {cpu_core/mem-loads-aux/,cpu_core/mem-loads,ldlat=30/} cpu_core/mem-stores/P dummy:u root@number:~# The :S for '{cpu_core/mem-loads-aux/,cpu_core/mem-loads,ldlat=30/}' is not being added by 'perf evlist -g', to be checked. Fixes: abbdd79b786e036e ("perf mem: Clean up perf_mem_events__name()") Reported-by: Arnaldo Carvalho de Melo Signed-off-by: Kan Liang Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Namhyung Kim Closes: https://lore.kernel.org/lkml/Zthu81fA3kLC2CS2@x1/ Link: https://lore.kernel.org/r/20240905170737.4070743-2-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 6e05d28ff232cf445cc6ae59336b7f2081ef9b96 Author: Kan Liang Date: Thu Sep 5 10:07:35 2024 -0700 perf mem: Check mem_events for all eligible PMUs The current perf_pmu__mem_events_init() only checks the availability of the mem_events for the first eligible PMU. It works for non-hybrid machines and hybrid machines that have the same mem_events. However, it may bring issues if a hybrid machine has a different mem_events on different PMU, e.g., Alder Lake and Raptor Lake. A mem-loads-aux event is only required for the p-core. The mem_events on both e-core and p-core should be checked and marked. The issue was not found, because it's hidden by another bug, which only records the mem-events for the e-core. The wrong check for the p-core events didn't yell. Fixes: abbdd79b786e036e ("perf mem: Clean up perf_mem_events__name()") Signed-off-by: Kan Liang Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240905170737.4070743-1-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 4bef6168c145852cebefe2f0bd78f9aaeba52843 Author: Andi Kleen Date: Thu Sep 5 08:07:55 2024 -0700 perf script python: Avoid buffer overflow in python PEBS register interface Running a script that processes PEBS records gives buffer overflows in valgrind. The problem is that the allocation of the register string doesn't include the terminating 0 byte. Fix this. I also replaced the very magic "28" with a more reasonable larger buffer that should fit all registers. There's no need to conserve memory here. ==2106591== Memcheck, a memory error detector ==2106591== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al. ==2106591== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info ==2106591== Command: ../perf script -i tcall.data gcov.py tcall.gcov ==2106591== ==2106591== Invalid write of size 1 ==2106591== at 0x713354: regs_map (trace-event-python.c:748) ==2106591== by 0x7134EB: set_regs_in_dict (trace-event-python.c:784) ==2106591== by 0x713E58: get_perf_sample_dict (trace-event-python.c:940) ==2106591== by 0x716327: python_process_general_event (trace-event-python.c:1499) ==2106591== by 0x7164E1: python_process_event (trace-event-python.c:1531) ==2106591== by 0x44F9AF: process_sample_event (builtin-script.c:2549) ==2106591== by 0x6294DC: evlist__deliver_sample (session.c:1534) ==2106591== by 0x6296D0: machines__deliver_event (session.c:1573) ==2106591== by 0x629C39: perf_session__deliver_event (session.c:1655) ==2106591== by 0x625830: ordered_events__deliver_event (session.c:193) ==2106591== by 0x630B23: do_flush (ordered-events.c:245) ==2106591== by 0x630E7A: __ordered_events__flush (ordered-events.c:324) ==2106591== Address 0x7186fe0 is 0 bytes after a block of size 0 alloc'd ==2106591== at 0x484280F: malloc (vg_replace_malloc.c:442) ==2106591== by 0x7134AD: set_regs_in_dict (trace-event-python.c:780) ==2106591== by 0x713E58: get_perf_sample_dict (trace-event-python.c:940) ==2106591== by 0x716327: python_process_general_event (trace-event-python.c:1499) ==2106591== by 0x7164E1: python_process_event (trace-event-python.c:1531) ==2106591== by 0x44F9AF: process_sample_event (builtin-script.c:2549) ==2106591== by 0x6294DC: evlist__deliver_sample (session.c:1534) ==2106591== by 0x6296D0: machines__deliver_event (session.c:1573) ==2106591== by 0x629C39: perf_session__deliver_event (session.c:1655) ==2106591== by 0x625830: ordered_events__deliver_event (session.c:193) ==2106591== by 0x630B23: do_flush (ordered-events.c:245) ==2106591== by 0x630E7A: __ordered_events__flush (ordered-events.c:324) ==2106591== ==2106591== Invalid read of size 1 ==2106591== at 0x484B6C6: strlen (vg_replace_strmem.c:502) ==2106591== by 0x555D494: PyUnicode_FromString (unicodeobject.c:1899) ==2106591== by 0x7134F7: set_regs_in_dict (trace-event-python.c:786) ==2106591== by 0x713E58: get_perf_sample_dict (trace-event-python.c:940) ==2106591== by 0x716327: python_process_general_event (trace-event-python.c:1499) ==2106591== by 0x7164E1: python_process_event (trace-event-python.c:1531) ==2106591== by 0x44F9AF: process_sample_event (builtin-script.c:2549) ==2106591== by 0x6294DC: evlist__deliver_sample (session.c:1534) ==2106591== by 0x6296D0: machines__deliver_event (session.c:1573) ==2106591== by 0x629C39: perf_session__deliver_event (session.c:1655) ==2106591== by 0x625830: ordered_events__deliver_event (session.c:193) ==2106591== by 0x630B23: do_flush (ordered-events.c:245) ==2106591== Address 0x7186fe0 is 0 bytes after a block of size 0 alloc'd ==2106591== at 0x484280F: malloc (vg_replace_malloc.c:442) ==2106591== by 0x7134AD: set_regs_in_dict (trace-event-python.c:780) ==2106591== by 0x713E58: get_perf_sample_dict (trace-event-python.c:940) ==2106591== by 0x716327: python_process_general_event (trace-event-python.c:1499) ==2106591== by 0x7164E1: python_process_event (trace-event-python.c:1531) ==2106591== by 0x44F9AF: process_sample_event (builtin-script.c:2549) ==2106591== by 0x6294DC: evlist__deliver_sample (session.c:1534) ==2106591== by 0x6296D0: machines__deliver_event (session.c:1573) ==2106591== by 0x629C39: perf_session__deliver_event (session.c:1655) ==2106591== by 0x625830: ordered_events__deliver_event (session.c:193) ==2106591== by 0x630B23: do_flush (ordered-events.c:245) ==2106591== by 0x630E7A: __ordered_events__flush (ordered-events.c:324) ==2106591== ==2106591== Invalid write of size 1 ==2106591== at 0x713354: regs_map (trace-event-python.c:748) ==2106591== by 0x713539: set_regs_in_dict (trace-event-python.c:789) ==2106591== by 0x713E58: get_perf_sample_dict (trace-event-python.c:940) ==2106591== by 0x716327: python_process_general_event (trace-event-python.c:1499) ==2106591== by 0x7164E1: python_process_event (trace-event-python.c:1531) ==2106591== by 0x44F9AF: process_sample_event (builtin-script.c:2549) ==2106591== by 0x6294DC: evlist__deliver_sample (session.c:1534) ==2106591== by 0x6296D0: machines__deliver_event (session.c:1573) ==2106591== by 0x629C39: perf_session__deliver_event (session.c:1655) ==2106591== by 0x625830: ordered_events__deliver_event (session.c:193) ==2106591== by 0x630B23: do_flush (ordered-events.c:245) ==2106591== by 0x630E7A: __ordered_events__flush (ordered-events.c:324) ==2106591== Address 0x7186fe0 is 0 bytes after a block of size 0 alloc'd ==2106591== at 0x484280F: malloc (vg_replace_malloc.c:442) ==2106591== by 0x7134AD: set_regs_in_dict (trace-event-python.c:780) ==2106591== by 0x713E58: get_perf_sample_dict (trace-event-python.c:940) ==2106591== by 0x716327: python_process_general_event (trace-event-python.c:1499) ==2106591== by 0x7164E1: python_process_event (trace-event-python.c:1531) ==2106591== by 0x44F9AF: process_sample_event (builtin-script.c:2549) ==2106591== by 0x6294DC: evlist__deliver_sample (session.c:1534) ==2106591== by 0x6296D0: machines__deliver_event (session.c:1573) ==2106591== by 0x629C39: perf_session__deliver_event (session.c:1655) ==2106591== by 0x625830: ordered_events__deliver_event (session.c:193) ==2106591== by 0x630B23: do_flush (ordered-events.c:245) ==2106591== by 0x630E7A: __ordered_events__flush (ordered-events.c:324) ==2106591== ==2106591== Invalid read of size 1 ==2106591== at 0x484B6C6: strlen (vg_replace_strmem.c:502) ==2106591== by 0x555D494: PyUnicode_FromString (unicodeobject.c:1899) ==2106591== by 0x713545: set_regs_in_dict (trace-event-python.c:791) ==2106591== by 0x713E58: get_perf_sample_dict (trace-event-python.c:940) ==2106591== by 0x716327: python_process_general_event (trace-event-python.c:1499) ==2106591== by 0x7164E1: python_process_event (trace-event-python.c:1531) ==2106591== by 0x44F9AF: process_sample_event (builtin-script.c:2549) ==2106591== by 0x6294DC: evlist__deliver_sample (session.c:1534) ==2106591== by 0x6296D0: machines__deliver_event (session.c:1573) ==2106591== by 0x629C39: perf_session__deliver_event (session.c:1655) ==2106591== by 0x625830: ordered_events__deliver_event (session.c:193) ==2106591== by 0x630B23: do_flush (ordered-events.c:245) ==2106591== Address 0x7186fe0 is 0 bytes after a block of size 0 alloc'd ==2106591== at 0x484280F: malloc (vg_replace_malloc.c:442) ==2106591== by 0x7134AD: set_regs_in_dict (trace-event-python.c:780) ==2106591== by 0x713E58: get_perf_sample_dict (trace-event-python.c:940) ==2106591== by 0x716327: python_process_general_event (trace-event-python.c:1499) ==2106591== by 0x7164E1: python_process_event (trace-event-python.c:1531) ==2106591== by 0x44F9AF: process_sample_event (builtin-script.c:2549) ==2106591== by 0x6294DC: evlist__deliver_sample (session.c:1534) ==2106591== by 0x6296D0: machines__deliver_event (session.c:1573) ==2106591== by 0x629C39: perf_session__deliver_event (session.c:1655) ==2106591== by 0x625830: ordered_events__deliver_event (session.c:193) ==2106591== by 0x630B23: do_flush (ordered-events.c:245) ==2106591== by 0x630E7A: __ordered_events__flush (ordered-events.c:324) ==2106591== 73056 total, 29 ignored Signed-off-by: Andi Kleen Cc: Adrian Hunter Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240905151058.2127122-2-ak@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit f2dbc7790929b2e39a348a344311a8b70e6ed4b4 Author: Ian Rogers Date: Wed Sep 4 14:17:05 2024 -0700 perf jevents: Ignore sys when determining a model directory Existing sys directories aren't placed under a model directory like skylake. Placing a sys directory there causes the `is_leaf_dir` test to fail and consequently no events or metrics are generated for the model. Ignore sys directories in this case and update the comments to reflect why. This change has no affect, but when testing with a sys directory for a model people have reported running into the no event/metric issue. Reported-by: Stephane Eranian Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: Jing Zhang Cc: Jiri Olsa Cc: John Garry Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Sandipan Das Cc: Thomas Richter Cc: Xu Yang Link: https://lore.kernel.org/r/20240904211705.915101-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 92984e446857432b7e3257d609297355a7a14fc6 Merge: 35439fe4e29bca b831f83e40a24f Author: Arnaldo Carvalho de Melo Date: Fri Sep 6 11:42:59 2024 -0300 Merge remote-tracking branch 'torvalds/master' into perf-tools-next To pick up fixes from perf-tools/perf-tools, some of which were also in perf-tools-next but were then indentified as being more appropriate to go sooner, to fix regressions in v6.11. Resolve a simple merge conflict in tools/perf/tests/pmu.c where a more future proof approach to initialize all fields of a struct was used in perf-tools-next, the one that is going into v6.11 is enough for the segfault it addressed (using an uninitialized test_pmu.alias field). Signed-off-by: Arnaldo Carvalho de Melo commit 296dbc72d29085d5fc34430d0760423071e9e81d Author: Wouter Verhelst Date: Mon Aug 12 15:20:42 2024 +0200 nbd: correct the maximum value for discard sectors The version of the NBD protocol implemented by the kernel driver currently has a 32 bit field for length values. As the NBD protocol uses bytes as a unit of length, length values larger than 2^32 bytes cannot be expressed. Update the max_hw_discard_sectors field to match that. Signed-off-by: Wouter Verhelst Fixes: 268283244c0f ("nbd: use the atomic queue limits API in nbd_set_size") Reviewed-by: Damien Le Moal Cc: Eric Blake Link: https://lore.kernel.org/r/20240812133032.115134-8-w@uter.be Signed-off-by: Jens Axboe commit 41372f5c9a866365e212809b3543ae8cb5b2542b Author: Wouter Verhelst Date: Mon Aug 12 15:20:40 2024 +0200 nbd: nbd_bg_flags_show: add NBD_FLAG_ROTATIONAL Also handle NBD_FLAG_ROTATIONAL in our debug helper function Signed-off-by: Wouter Verhelst Cc: Eric Blake Link: https://lore.kernel.org/r/20240812133032.115134-6-w@uter.be Signed-off-by: Jens Axboe commit e49dacc71ec2621ce4c422cd5605d4d06f7807b0 Author: Wouter Verhelst Date: Mon Aug 12 15:20:37 2024 +0200 nbd: implement the WRITE_ZEROES command The NBD protocol defines a message for zeroing out a region of an export Add support to the kernel driver for that message. Signed-off-by: Wouter Verhelst Cc: Eric Blake Reviewed-by: Damien Le Moal Link: https://lore.kernel.org/r/20240812133032.115134-3-w@uter.be Signed-off-by: Jens Axboe commit fe513c2ef0a172a58f158e2e70465c4317f0a9a2 Author: Thomas Gleixner Date: Wed Sep 4 11:08:28 2024 +0200 static_call: Replace pointless WARN_ON() in static_call_module_notify() static_call_module_notify() triggers a WARN_ON(), when memory allocation fails in __static_call_add_module(). That's not really justified, because the failure case must be correctly handled by the well known call chain and the error code is passed through to the initiating userspace application. A memory allocation fail is not a fatal problem, but the WARN_ON() takes the machine out when panic_on_warn is set. Replace it with a pr_warn(). Fixes: 9183c3f9ed71 ("static_call: Add inline static call infrastructure") Signed-off-by: Thomas Gleixner Signed-off-by: Peter Zijlstra (Intel) Link: https://lkml.kernel.org/r/8734mf7pmb.ffs@tglx commit 4b30051c4864234ec57290c3d142db7c88f10d8a Author: Thomas Gleixner Date: Wed Sep 4 11:09:07 2024 +0200 static_call: Handle module init failure correctly in static_call_del_module() Module insertion invokes static_call_add_module() to initialize the static calls in a module. static_call_add_module() invokes __static_call_init(), which allocates a struct static_call_mod to either encapsulate the built-in static call sites of the associated key into it so further modules can be added or to append the module to the module chain. If that allocation fails the function returns with an error code and the module core invokes static_call_del_module() to clean up eventually added static_call_mod entries. This works correctly, when all keys used by the module were converted over to a module chain before the failure. If not then static_call_del_module() causes a #GP as it blindly assumes that key::mods points to a valid struct static_call_mod. The problem is that key::mods is not a individual struct member of struct static_call_key, it's part of a union to save space: union { /* bit 0: 0 = mods, 1 = sites */ unsigned long type; struct static_call_mod *mods; struct static_call_site *sites; }; key::sites is a pointer to the list of built-in usage sites of the static call. The type of the pointer is differentiated by bit 0. A mods pointer has the bit clear, the sites pointer has the bit set. As static_call_del_module() blidly assumes that the pointer is a valid static_call_mod type, it fails to check for this failure case and dereferences the pointer to the list of built-in call sites, which is obviously bogus. Cure it by checking whether the key has a sites or a mods pointer. If it's a sites pointer then the key is not to be touched. As the sites are walked in the same order as in __static_call_init() the site walk can be terminated because all subsequent sites have not been touched by the init code due to the error exit. If it was converted before the allocation fail, then the inner loop which searches for a module match will find nothing. A fail in the second allocation in __static_call_init() is harmless and does not require special treatment. The first allocation succeeded and converted the key to a module chain. That first entry has mod::mod == NULL and mod::next == NULL, so the inner loop of static_call_del_module() will neither find a module match nor a module chain. The next site in the walk was either already converted, but can't match the module, or it will exit the outer loop because it has a static_call_site pointer and not a static_call_mod pointer. Fixes: 9183c3f9ed71 ("static_call: Add inline static call infrastructure") Closes: https://lore.kernel.org/all/20230915082126.4187913-1-ruanjinjie@huawei.com Reported-by: Jinjie Ruan Signed-off-by: Thomas Gleixner Signed-off-by: Peter Zijlstra (Intel) Tested-by: Jinjie Ruan Link: https://lore.kernel.org/r/87zfon6b0s.ffs@tglx commit 87b5a153b862b7d937fc1dd499368297a1feae87 Author: Costa Shulyupin Date: Wed Sep 4 16:48:23 2024 +0300 genirq/cpuhotplug: Use cpumask_intersects() Replace `cpumask_any_and(a, b) >= nr_cpu_ids` with the more readable `!cpumask_intersects(a, b)`. [ tglx: Massaged change log ] Signed-off-by: Costa Shulyupin Signed-off-by: Thomas Gleixner Reviewed-by: Ming Lei Link: https://lore.kernel.org/all/20240904134823.777623-2-costa.shul@redhat.com commit 27a8204b26ac009e47e0bcde4cd24ff69d96fccf Author: Hongbo Li Date: Wed Sep 4 09:18:37 2024 +0800 vfio/mdev: Constify struct kobj_type This 'struct kobj_type' is not modified. It is only used in kobject_init_and_add() which takes a 'const struct kobj_type *ktype' parameter. Constifying this structure and moving it to a read-only section, and this can increase over all security. ``` [Before] text data bss dec hex filename 2372 600 0 2972 b9c drivers/vfio/mdev/mdev_sysfs.o [After] text data bss dec hex filename 2436 568 0 3004 bbc drivers/vfio/mdev/mdev_sysfs.o ``` Signed-off-by: Hongbo Li Reviewed-by: Jason Gunthorpe Link: https://lore.kernel.org/r/20240904011837.2010444-1-lihongbo22@huawei.com Signed-off-by: Alex Williamson commit 96319dacaf15f666bcba7275953d780e23fe9e75 Author: Huang Xiaojia Date: Mon Aug 26 23:04:18 2024 +0800 orangefs: Constify struct kobj_type 'struct kobj_type' is not modified. It is only used in kobject_init() which takes a 'const struct kobj_type *ktype' parameter. Constifying this structure moves some data to a read-only section, so increase over all security. On a x86_64, compiled with defconfig: Before: ====== text data bss dec hex filename 7036 2136 56 9228 240c fs/orangefs/orangefs-sysfs.o After: ====== text data bss dec hex filename 7484 1880 56 9420 24cc fs/orangefs/orangefs-sysfs.o Signed-off-by: Huang Xiaojia Signed-off-by: Mike Marshall commit 4849b2f78020cf0e3ba67777aadd07c620c91811 Author: Kuninori Morimoto Date: Thu Sep 5 05:14:29 2024 +0000 ASoC: makes rtd->initialized bit field rtd->initialized is used to know whether soc_init_pcm_runtime() was correctly fined, and used to call snd_soc_link_exit(). We don't need to have it as bool, let's make it bit-field same as other flags. Signed-off-by: Kuninori Morimoto Cc: Amadeusz Sławiński Cc: Cezary Rojewski Link: https://patch.msgid.link/87o752k7gq.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit f55d3b82ac2fe8e12fe784702a7a39ab36b7d4e1 Author: Yu Kuai Date: Fri Sep 6 18:21:53 2024 +0800 MAINTAINERS: Move the BFQ io scheduler to Odd Fixes state BFQ has been lacking active maintenance for approximately two years, and it was recently transitioned to the Orphan state. However, there are still many users, I have decided to step forward and assume the role of maintainer to ensure continued support and development. While I may not be the one with the most extensive knowledge of BFQ's internals, I have been actively involved in its development since 2021. Moreover, our team continues to rigorously test BFQ in downstream kernels, ensuring it's stability and performance. Despite my confidence to maintain BFQ, I believe it is prudent to classify its state as "Odd Fixes" to accurately reflect my relatively new position as the maintainer. By assuming this responsibility, I am committed to providing the necessary support and addressing any issues that may arise with BFQ. As time progresses, we will reassess the situation and determine the appropriate state. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240906102153.612997-1-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit a2bb820e862d61f9ca1499e500915f9f505a2655 Author: Jason Gunthorpe Date: Tue Aug 6 20:31:15 2024 -0300 iommu/arm-smmu-v3: Use the new rb tree helpers Since v5.12 the rbtree has gained some simplifying helpers aimed at making rb tree users write less convoluted boiler plate code. Instead the caller provides a single comparison function and the helpers generate the prior open-coded stuff. Update smmu->streams to use rb_find_add() and rb_find(). Tested-by: Nicolin Chen Reviewed-by: Mostafa Saleh Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/1-v3-9fef8cdc2ff6+150d1-smmuv3_tidy_jgg@nvidia.com Signed-off-by: Will Deacon commit 2376d871f8552aadea19f5bc0b1370db54a3a5f2 Author: Marek Maslanka Date: Wed Sep 4 09:47:53 2024 +0000 platform/x86:intel/pmc: Fix comment for the pmc_core_acpi_pm_timer_suspend_resume function Change incorrect kernel-doc comment to regular comment for the pmc_core_acpi_pm_timer_suspend_resume function. Signed-off-by: Marek Maslanka Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409031410.a9beukFc-lkp@intel.com/ Link: https://lore.kernel.org/r/20240904094753.1615549-1-mmaslanka@google.com Signed-off-by: Daniel Lezcano commit 69a9dcbd2d65217cf52f55dc57b50845dc9d8d3f Author: Uros Bizjak Date: Mon Sep 2 12:48:04 2024 +0200 clocksource/drivers/jcore: Use request_percpu_irq() Use request_percpu_irq() instead of request_irq() to solve the following sparse warning: jcore-pit.c:173:40: warning: incorrect type in argument 5 (different address spaces) jcore-pit.c:173:40: expected void *dev jcore-pit.c:173:40: got struct jcore_pit [noderef] __percpu *static [assigned] [toplevel] jcore_pit_percpu Compile tested only. Signed-off-by: Uros Bizjak Cc: Daniel Lezcano Cc: Thomas Gleixner Cc: Rich Felker Link: https://lore.kernel.org/r/20240902104810.21080-1-ubizjak@gmail.com Signed-off-by: Daniel Lezcano commit 2e02da1d86c97dfaa8ee083d98df1d069b28a526 Author: Gaosheng Cui Date: Sat Aug 3 14:42:53 2024 +0800 clocksource/drivers/cadence-ttc: Add missing clk_disable_unprepare in ttc_setup_clockevent Add the missing clk_disable_unprepare() before return in ttc_setup_clockevent(). Signed-off-by: Gaosheng Cui Reviewed-by: Michal Simek Link: https://lore.kernel.org/r/20240803064253.331946-3-cuigaosheng1@huawei.com Signed-off-by: Daniel Lezcano commit 6cc11b65e5e0a6f1487274d1ad91088f7ac01d18 Author: Gaosheng Cui Date: Sat Aug 3 14:42:52 2024 +0800 clocksource/drivers/asm9260: Add missing clk_disable_unprepare in asm9260_timer_init Add the missing clk_disable_unprepare() before return in asm9260_timer_init(). Signed-off-by: Gaosheng Cui Link: https://lore.kernel.org/r/20240803064253.331946-2-cuigaosheng1@huawei.com Signed-off-by: Daniel Lezcano commit ca140a0dc0a18acd4653b56db211fec9b2339986 Author: Ankit Agrawal Date: Sat Jul 13 15:27:13 2024 +0530 clocksource/drivers/qcom: Add missing iounmap() on errors in msm_dt_timer_init() Add the missing iounmap() when clock frequency fails to get read by the of_property_read_u32() call, or if the call to msm_timer_init() fails. Fixes: 6e3321631ac2 ("ARM: msm: Add DT support to msm_timer") Signed-off-by: Ankit Agrawal Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240713095713.GA430091@bnew-VirtualBox Signed-off-by: Daniel Lezcano commit 414b2fb4bb5aa09f39262c24ed90b831d18ff984 Author: Huan Yang Date: Tue Aug 20 17:46:03 2024 +0800 clocksource/drivers/ingenic: Use devm_clk_get_enabled() helpers The devm_clk_get_enabled() helpers: - call devm_clk_get() - call clk_prepare_enable() and register what is needed in order to call clk_disable_unprepare() when needed, as a managed resource. This simplifies the code and avoids the calls to clk_disable_unprepare(). Signed-off-by: Huan Yang Link: https://lore.kernel.org/r/20240820094603.103598-1-link@vivo.com Signed-off-by: Daniel Lezcano commit e86c8186d03a6ba018e881ed45f0962ad553e861 Author: Marek Maslanka Date: Mon Aug 12 18:42:00 2024 +0000 platform/x86:intel/pmc: Enable the ACPI PM Timer to be turned off when suspended Allow to disable ACPI PM Timer on suspend and enable on resume. A disabled timer helps optimise power consumption when the system is suspended. On resume the timer is only reactivated if it was activated prior to suspend, so unless the ACPI PM timer is enabled in the BIOS, this won't change anything. The ACPI PM timer is used by Intel's iTCO/wdat_wdt watchdog to drive the watchdog, so it doesn't need to run during suspend. Signed-off-by: Marek Maslanka Reviewed-by: Hans de Goede Link: https://lore.kernel.org/r/20240812184208.1080710-1-mmaslanka@google.com Signed-off-by: Daniel Lezcano commit 56bd72e9cd8272687aa2a8eccddabc5526cd7845 Author: Marek Maslanka Date: Mon Aug 12 18:41:42 2024 +0000 clocksource: acpi_pm: Add external callback for suspend/resume Provides the capability to register an external callback for the ACPI PM timer, which is called during the suspend and resume processes. Signed-off-by: Marek Maslanka Reviewed-by: Hans de Goede Link: https://lore.kernel.org/r/20240812184150.1079924-1-mmaslanka@google.com Signed-off-by: Daniel Lezcano commit a7456d7d1b8e781fdaa16c10947bd2363c6fd342 Author: Zhang Zekun Date: Wed Aug 7 15:46:55 2024 +0800 clocksource/drivers/arm_arch_timer: Using for_each_available_child_of_node_scoped() for_each_available_child_of_node_scoped() can put the device_node automatically. So, using it to make the code logic more simple and remove the device_node clean up code. Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240807074655.52157-1-zhangzekun11@huawei.com Signed-off-by: Daniel Lezcano commit 0c87282074be532eedc8d14ff4420c585c5c57fe Author: Detlev Casanova Date: Fri Aug 2 17:45:35 2024 -0400 dt-bindings: timer: rockchip: Add rk3576 compatible Add compatible string for Rockchip RK3576 timer. Signed-off-by: Detlev Casanova Acked-by: Krzysztof Kozlowski Acked-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240802214612.434179-9-detlev.casanova@collabora.com Signed-off-by: Daniel Lezcano commit 757c5ceedc69b089021f1093f03bad8a5543dc09 Author: Nikunj Kela Date: Thu Sep 5 12:36:56 2024 -0700 dt-bindings: arm-smmu: document the support on SA8255p Add compatible for smmu representing support on SA8255p. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Nikunj Kela Link: https://lore.kernel.org/r/20240905193656.3785537-1-quic_nkela@quicinc.com Signed-off-by: Will Deacon commit 6bba05d651ef77f2c3f3c67b9ace093fee4e01e1 Author: Ming Yen Hsieh Date: Mon Aug 19 09:53:34 2024 +0800 wifi: mt76: mt7925: replace chan config with extend txpower config for clc Since MT792x_CLC_CHAN is currently not in use, we have added an extension for setting txpower to replace it. Signed-off-by: Ming Yen Hsieh Link: https://patch.msgid.link/20240819015334.14580-2-mingyen.hsieh@mediatek.com Signed-off-by: Felix Fietkau commit 9679ca7326e52282cc923c4d71d81c999cb6cd55 Author: Ming Yen Hsieh Date: Mon Aug 19 09:53:33 2024 +0800 wifi: mt76: mt7925: fix a potential array-index-out-of-bounds issue for clc Due to the lack of checks on the clc array, if the firmware supports more clc configuration, it will cause illegal memory access. Cc: stable@vger.kernel.org Fixes: c948b5da6bbe ("wifi: mt76: mt7925: add Mediatek Wi-Fi7 driver for mt7925 chips") Signed-off-by: Ming Yen Hsieh Link: https://patch.msgid.link/20240819015334.14580-1-mingyen.hsieh@mediatek.com Signed-off-by: Felix Fietkau commit 5acdc432f832d810e0d638164c393b877291d9b4 Author: Ma Ke Date: Thu Sep 5 09:47:53 2024 +0800 wifi: mt76: mt7615: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code review. Cc: stable@vger.kernel.org Fixes: 0bb4e9187ea4 ("mt76: mt7615: fix hwmon temp sensor mem use-after-free") Signed-off-by: Ma Ke Reviewed-by: Matthias Brugger Link: https://patch.msgid.link/20240905014753.353271-1-make24@iscas.ac.cn Signed-off-by: Felix Fietkau commit df6b08670f76b77f7025ab543686ee4ef45a5724 Author: Chen Ni Date: Wed Sep 4 15:52:13 2024 +0800 wifi: mt76: mt7925: convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Signed-off-by: Chen Ni Reviewed-by: Matthias Brugger Link: https://patch.msgid.link/20240904075213.1352976-1-nichen@iscas.ac.cn Signed-off-by: Felix Fietkau commit 45064d19fd3af6aeb0887b35b5564927980cf150 Author: Michael Lo Date: Mon Sep 2 17:00:54 2024 +0800 wifi: mt76: mt7925: fix a potential association failure upon resuming In multi-channel scenarios, the granted channel must be aborted before suspending. Otherwise, the firmware will be put into a wrong state, resulting in an association failure after resuming. With this patch, the granted channel will be aborted before suspending if necessary. Cc: stable@vger.kernel.org Fixes: c948b5da6bbe ("wifi: mt76: mt7925: add Mediatek Wi-Fi7 driver for mt7925 chips") Signed-off-by: Michael Lo Signed-off-by: Ming Yen Hsieh Link: https://patch.msgid.link/20240902090054.15806-1-mingyen.hsieh@mediatek.com Signed-off-by: Felix Fietkau commit bb6fe2b92ae7bab4d95976a1a4d705d40731f690 Author: Gustavo A. R. Silva Date: Thu Aug 15 12:36:33 2024 -0600 wifi: mt76: Avoid multiple -Wflex-array-member-not-at-end warnings -Wflex-array-member-not-at-end was introduced in GCC-14, and we are getting ready to enable it, globally. So, in order to avoid ending up with a flexible-array member in the middle of multiple other structs, we use the `struct_group_tagged()` helper to create a new tagged `struct mt76_connac2_mcu_rxd_hdr`. This structure groups together all the members of the flexible `struct mt76_connac2_mcu_rxd` except the flexible array. As a result, the array is effectively separated from the rest of the members without modifying the memory layout of the flexible structure. We then change the type of the middle struct members currently causing trouble from `struct mt76_connac2_mcu_rxd` to `struct mt76_connac2_mcu_rxd_hdr`. We also want to ensure that when new members need to be added to the flexible structure, they are always included within the newly created tagged struct. For this, we use `static_assert()`. This ensures that the memory layout for both the flexible structure and the new tagged struct is the same after any changes. This approach avoids having to implement `struct mt76_connac2_mcu_rxd_hdr` as a completely separate structure, thus preventing having to maintain two independent but basically identical structures, closing the door to potential bugs in the future. So, with these changes, fix the following warnings: drivers/net/wireless/mediatek/mt76/mt7915/mcu.h:32:37: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/mediatek/mt76/mt7915/mcu.h:40:37: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/mediatek/mt76/mt7915/mcu.h:49:37: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/mediatek/mt76/mt7915/mcu.h:58:37: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva Link: https://patch.msgid.link/Zr5KsZugaEXrApQJ@elsanto Signed-off-by: Felix Fietkau commit 1ccc9e476ce76e8577ba4fdbd1f63cb3e3499d38 Author: Ma Ke Date: Tue Sep 3 09:44:55 2024 +0800 wifi: mt76: mt7921: Check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code review. Cc: stable@vger.kernel.org Fixes: 6ae39b7c7ed4 ("wifi: mt76: mt7921: Support temp sensor") Signed-off-by: Ma Ke Reviwed-by: Matthias Brugger Link: https://patch.msgid.link/20240903014455.4144536-1-make24@iscas.ac.cn Signed-off-by: Felix Fietkau commit 267efeda8c55f30e0e7c5b7fd03dea4efec6916c Author: Ma Ke Date: Tue Sep 3 09:49:55 2024 +0800 wifi: mt76: mt7915: check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value. Found by code review. Cc: stable@vger.kernel.org Fixes: 6ae39b7c7ed4 ("wifi: mt76: mt7921: Support temp sensor") Signed-off-by: Ma Ke Reviewed-by: Matthias Brugger Link: https://patch.msgid.link/20240903014955.4145423-1-make24@iscas.ac.cn Signed-off-by: Felix Fietkau commit b13cd593ef2402e413e5c5c63e1b5e9ab5ed0e6e Author: Felix Fietkau Date: Tue Aug 27 11:30:11 2024 +0200 wifi: mt76: mt7915: avoid long MCU command timeouts during SER Immediately abort MCU commands when firmware requests DMA restart. Link: https://patch.msgid.link/20240827093011.18621-24-nbd@nbd.name Signed-off-by: Felix Fietkau commit 9e461f4a2329109571f4b10f9bcad28d07e6ebb3 Author: Felix Fietkau Date: Tue Aug 27 11:30:10 2024 +0200 wifi: mt76: mt7996: fix uninitialized TLV data Use skb_put_zero instead of skb_put Fixes: 98686cd21624 ("wifi: mt76: mt7996: add driver for MediaTek Wi-Fi 7 (802.11be) devices") Link: https://patch.msgid.link/20240827093011.18621-23-nbd@nbd.name Signed-off-by: Felix Fietkau commit eeb672b50d32269516d345911d7c9ae15ac238b2 Author: Felix Fietkau Date: Tue Aug 27 11:30:09 2024 +0200 wifi: mt76: mt7915: always query station rx rate from firmware When offloading is enabled, the software rx path may not have the latest rate information. Link: https://patch.msgid.link/20240827093011.18621-22-nbd@nbd.name Signed-off-by: Felix Fietkau commit 6ac80fce713e875a316a58975b830720a3e27721 Author: Howard Hsu Date: Tue Aug 27 11:30:08 2024 +0200 wifi: mt76: mt7915: fix rx filter setting for bfee functionality Fix rx filter setting to prevent dropping NDPA frames. Without this change, bfee functionality may behave abnormally. Fixes: e57b7901469f ("mt76: add mac80211 driver for MT7915 PCIe-based chipsets") Signed-off-by: Howard Hsu Link: https://patch.msgid.link/20240827093011.18621-21-nbd@nbd.name Signed-off-by: Felix Fietkau commit c37784435277f040cda9552d8b22e21604dd54bd Author: Felix Fietkau Date: Tue Aug 27 11:30:07 2024 +0200 wifi: mt76: shrink mt76_queue_buf Reuse one bit from the length field for skip_unmap Link: https://patch.msgid.link/20240827093011.18621-20-nbd@nbd.name Signed-off-by: Felix Fietkau commit 328e35c7bfc673cde5a3a453318d044f8f83b505 Author: Felix Fietkau Date: Tue Aug 27 11:30:06 2024 +0200 wifi: mt76: mt7915: improve hardware restart reliability - use reconfig_complete to restart mac_work / queues - reset full wtbl after firmware init - clear wcid and vif mask to avoid leak - fix sta poll list corruption Link: https://patch.msgid.link/20240827093011.18621-19-nbd@nbd.name Signed-off-by: Felix Fietkau commit b2141eadf8be6285ff8980cab153079231cab4fd Author: Felix Fietkau Date: Tue Aug 27 11:30:05 2024 +0200 wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac Preparation for reusing it in mt7915 Link: https://patch.msgid.link/20240827093011.18621-18-nbd@nbd.name Signed-off-by: Felix Fietkau commit 8f7152f10cb434f954aeff85ca1be9cd4d01912b Author: Felix Fietkau Date: Tue Aug 27 11:30:04 2024 +0200 wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx worker Prevent racing against other functions disabling the same worker Link: https://patch.msgid.link/20240827093011.18621-17-nbd@nbd.name Signed-off-by: Felix Fietkau commit f2cc859149240d910fdc6405717673e0b84bfda8 Author: Benjamin Lin Date: Tue Aug 27 11:30:03 2024 +0200 wifi: mt76: mt7915: add dummy HW offload of IEEE 802.11 fragmentation Currently, CONNAC2 series do not support encryption for fragmented Tx frames. Therefore, add dummy function mt7915_set_frag_threshold() to prevent SW IEEE 802.11 fragmentation. Signed-off-by: Benjamin Lin Link: https://patch.msgid.link/20240827093011.18621-16-nbd@nbd.name Signed-off-by: Felix Fietkau commit 10f73bb3938f7c5cee78b8bdb7dca328c639c9e6 Author: Felix Fietkau Date: Tue Aug 27 11:30:02 2024 +0200 wifi: mt76: mt7915: reset the device after MCU timeout On MT7915, MCU hangs do not trigger watchdog interrupts, so they can only be detected through MCU message timeouts. Ensure that the hardware gets restarted when that happens in order to prevent a permanent stuck state. Link: https://patch.msgid.link/20240827093011.18621-15-nbd@nbd.name Signed-off-by: Felix Fietkau commit 3688c18b65aeb2a1f2fde108400afbab129a8cc1 Author: Felix Fietkau Date: Tue Aug 27 11:30:01 2024 +0200 wifi: mt76: mt7915: retry mcu messages In some cases MCU messages can get lost. Instead of failing completely, attempt to recover by re-sending them. Link: https://patch.msgid.link/20240827093011.18621-14-nbd@nbd.name Signed-off-by: Felix Fietkau commit 8351a4a40bdde127ef806e1017aefdb360978f93 Author: Felix Fietkau Date: Tue Aug 27 11:30:00 2024 +0200 wifi: mt76: mt7915: set MT76_MCU_RESET early in mt7915_mac_full_reset This avoids running into unnecessary timeouts waiting for MCU responses Link: https://patch.msgid.link/20240827093011.18621-13-nbd@nbd.name Signed-off-by: Felix Fietkau commit 33eb14f1029085bb32e745c6d7a69b06eb3caec4 Author: Felix Fietkau Date: Tue Aug 27 11:29:59 2024 +0200 wifi: mt76: mt7915: use mac80211 .sta_state op Allows adding stations before assoc, though they are not passed to the firmware yet at that point. Link: https://patch.msgid.link/20240827093011.18621-12-nbd@nbd.name Signed-off-by: Felix Fietkau commit 17b0f68a72ae1a13e53135418d5ae5322f220294 Author: Felix Fietkau Date: Tue Aug 27 11:29:58 2024 +0200 wifi: mt76: change .sta_assoc callback to .sta_event Also report auth/disassoc events, in order to give the driver more control over handling the station state. Link: https://patch.msgid.link/20240827093011.18621-11-nbd@nbd.name Signed-off-by: Felix Fietkau commit 8a977b3f9624e8e91d8fe54cbe4e59d41d41d0f1 Author: Felix Fietkau Date: Tue Aug 27 11:29:57 2024 +0200 wifi: mt76: connac: add support for passing connection state directly Preparation for improvements to sta handling. No functional changes. Link: https://patch.msgid.link/20240827093011.18621-10-nbd@nbd.name Signed-off-by: Felix Fietkau commit dfaf079a1aa0cf92d119a5322b45c6d45e636591 Author: Benjamin Lin Date: Tue Aug 27 11:29:56 2024 +0200 wifi: mt76: connac: add support for IEEE 802.11 fragmentation Add fragmentation index into TXD.DW2 to support IEEE 802.11 fragmentation. Signed-off-by: Benjamin Lin Link: https://patch.msgid.link/20240827093011.18621-9-nbd@nbd.name Signed-off-by: Felix Fietkau commit f3049b88b2b32326df97461813ae73e8bbc296fc Author: Felix Fietkau Date: Tue Aug 27 11:29:55 2024 +0200 wifi: mt76: mt7915: allocate vif wcid in the same range as stations Reduces the amount of unnecessary WTBL bank switching, while still reserving WTBL entries for vifs. Link: https://patch.msgid.link/20240827093011.18621-8-nbd@nbd.name Signed-off-by: Felix Fietkau commit 256cbd26fbafb30ba3314339106e5c594e9bd5f9 Author: Felix Fietkau Date: Tue Aug 27 11:29:54 2024 +0200 wifi: mt76: mt7915: disable tx worker during tx BA session enable/disable Avoids firmware race condition. Link: https://patch.msgid.link/20240827093011.18621-7-nbd@nbd.name Signed-off-by: Felix Fietkau commit 0b3be9d1d34e21dada69c539fbf51a5fe868028a Author: Felix Fietkau Date: Tue Aug 27 11:29:53 2024 +0200 wifi: mt76: add separate tx scheduling queue for off-channel tx Ensure that packets are not sent out to the wrong channel Link: https://patch.msgid.link/20240827093011.18621-6-nbd@nbd.name Signed-off-by: Felix Fietkau commit 91df34ef2d88e4208c3ad53c439e9d6dbc36bb55 Author: Robin Murphy Date: Wed Sep 4 18:34:04 2024 +0100 MAINTAINERS: List Arm interconnect PMUs as supported Whatever I may or may not have hoped for, looking after these drivers seems to have firmly stuck as one of the responsibilities of the job Arm pays me for, and I would still like to be aware of any other patches, so make it official. CC: Ilkka Koskinen CC: Jing Zhang Signed-off-by: Robin Murphy Link: https://lore.kernel.org/r/22ef1687ff3aa9da49b4577b3a179ccc055433ae.1725470837.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit 4d5a7680f2b4d0c2955e1d9f9a594b050d637436 Author: Robin Murphy Date: Wed Sep 4 18:34:03 2024 +0100 perf: Add driver for Arm NI-700 interconnect PMU The Arm NI-700 Network-on-Chip Interconnect has a relatively straightforward design with a hierarchy of voltage, power, and clock domains, where each clock domain then contains a number of interface units and a PMU which can monitor events thereon. As such, it begets a relatively straightforward driver to interface those PMUs with perf. Even more so than with arm-cmn, users will require detailed knowledge of the wider system topology in order to meaningfully analyse anything, since the interconnect itself cannot know what lies beyond the boundary of each inscrutably-numbered interface. Given that, for now they are also expected to refer to the NI-700 documentation for the relevant event IDs to provide as well. An identifier is implemented so we can come back and add jevents if anyone really wants to. Signed-off-by: Robin Murphy Link: https://lore.kernel.org/r/9933058d0ab8138c78a61cd6852ea5d5ff48e393.1725470837.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit abbe74dd105b45330dd269530060d30441d45b95 Author: Robin Murphy Date: Wed Sep 4 18:34:02 2024 +0100 dt-bindings/perf: Add Arm NI-700 PMU Add an initial binding for the Arm NI-700 interconnect PMU. As with the Arm CMN family, there are already future NI products on the roadmap, so the overall binding is named generically just in case any non-discoverable incompatibility between generations crops up. Cc: devicetree@vger.kernel.org Reviewed-by: Rob Herring (Arm) Signed-off-by: Robin Murphy Link: https://lore.kernel.org/r/5f86237580219116de37e5e54d8b7eb0c9ed580d.1725470837.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit f32efa3e4bba5b3432d7932dc89bd2e36c5c0f49 Author: Robin Murphy Date: Wed Sep 4 19:41:55 2024 +0100 perf/arm-cmn: Improve format attr printing Take full advantage of our formats being stored in bitfield form, and make the printing even more robust and simple by letting printk do all the hard work of formatting bitlists. Signed-off-by: Robin Murphy Reviewed-by: Ilkka Koskinen Link: https://lore.kernel.org/r/50459f2d48fc62310a566863dbf8a7c14361d363.1725474584.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit f04b611e66503336bbdac04eb5a76d62932ce2e3 Author: Robin Murphy Date: Wed Sep 4 19:41:54 2024 +0100 perf/arm-cmn: Clean up unnecessary NUMA_NO_NODE check Checking for NUMA_NO_NODE is a misleading and, on reflection, entirely unnecessary micro-optimisation. If it ever did happen that an incoming CPU has no NUMA affinity while the current CPU does, a questionably- useful PMU migration isn't the biggest thing wrong with that picture... Signed-off-by: Robin Murphy Link: https://lore.kernel.org/r/00634da33c21269a00844140afc7cc3a2ac1eb4d.1725474584.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit c02e7c5c6da8c637fec60158b0d4b330841de5ce Author: Joey Gouly Date: Thu Sep 5 16:29:35 2024 +0100 arm64/mm: use lm_alias() with addresses passed to memblock_free() The pointer argument to memblock_free() needs to be a linear map address, but in mem_init() we pass __init_begin/__init_end, which is a kernel image address. This results in warnings when building with CONFIG_DEBUG_VIRTUAL=y: virt_to_phys used for non-linear address: ffff800081270000 (set_reset_devices+0x0/0x10) WARNING: CPU: 0 PID: 1 at arch/arm64/mm/physaddr.c:12 __virt_to_phys+0x54/0x70 Modules linked in: CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.11.0-rc6-next-20240905 #5810 b1ebb0ad06653f35ce875413d5afad24668df3f3 Hardware name: FVP Base RevC (DT) pstate: 2161402005 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) pc : __virt_to_phys+0x54/0x70 lr : __virt_to_phys+0x54/0x70 sp : ffff80008169be20 ... Call trace: __virt_to_phys+0x54/0x70 memblock_free+0x18/0x30 free_initmem+0x3c/0x9c kernel_init+0x30/0x1cc ret_from_fork+0x10/0x20 Fix this by having mem_init() convert the pointers via lm_alias(). Fixes: 1db9716d4487 ("arm64/mm: Delete __init region from memblock.reserved") Signed-off-by: Joey Gouly Suggested-by: Mark Rutland Cc: Will Deacon Cc: Catalin Marinas Cc: Rong Qianfeng Reviewed-by: Mark Rutland Link: https://lore.kernel.org/r/20240905152935.4156469-1-joey.gouly@arm.com Signed-off-by: Will Deacon commit 70565f2be8807e5ea24dfb421197b881a02af5e2 Author: Barry Song Date: Thu Sep 5 20:11:24 2024 +1200 mm: arm64: document why pte is not advanced in contpte_ptep_set_access_flags() According to David and Ryan, there isn't a bug here, even though we don't advance the PTE entry, because __ptep_set_access_flags() only uses the access flags from the entry. However, we always check pte_same(pte, entry) using the first entry in __ptep_set_access_flags(). This means that the checks from 1 to nr - 1 are not comparing the same PTE indexes (thus, they always return false), which can be a bit confusing. To clarify the code, let's add some comments. Reviewed-by: Ryan Roberts Signed-off-by: Barry Song Cc: Ard Biesheuvel Cc: John Hubbard Cc: Mark Rutland Cc: Catalin Marinas Cc: David Hildenbrand Cc: Will Deacon Reviewed-by: David Hildenbrand Link: https://lore.kernel.org/r/20240905081124.9576-1-21cnbao@gmail.com Signed-off-by: Will Deacon commit 3c5a18a10a8c6fab27739e6e7bd0e4c0aa854d92 Author: Muhammad Usama Anjum Date: Fri Sep 6 15:37:24 2024 +0500 ASoC: amd: acp: Return in-case of error Return when error occurs instead of proceeding to for loop which will use val uninitialized. Fixes: f6f7d25b1103 ("ASoC: amd: acp: Add pte configuration for ACP7.0 platform") Signed-off-by: Muhammad Usama Anjum Link: https://patch.msgid.link/20240906103727.222749-1-usama.anjum@collabora.com Signed-off-by: Mark Brown commit 1798acef8f50af59abaa0ff4775e7a79a68db671 Author: Tang Bin Date: Fri Sep 6 18:05:23 2024 +0800 ASoC: loongson: remove redundant variable assignments In the function loongson_asoc_card_probe, it is simpler to return the value of function devm_snd_soc_register_card directly. Signed-off-by: Tang Bin Link: https://patch.msgid.link/20240906100523.2142-1-tangbin@cmss.chinamobile.com Signed-off-by: Mark Brown commit bca8bc0399ac2efd56e6adbed0307e10125a556c Author: Aditya Kumar Singh Date: Fri Sep 6 12:14:26 2024 +0530 wifi: mac80211: handle ieee80211_radar_detected() for MLO Currently DFS works under assumption there could be only one channel context in the hardware. Hence, drivers just calls the function ieee80211_radar_detected() passing the hardware structure. However, with MLO, this obviously will not work since number of channel contexts will be more than one and hence drivers would need to pass the channel information as well on which the radar is detected. Also, when radar is detected in one of the links, other link's CAC should not be cancelled. Hence, in order to support DFS with MLO, do the following changes - * Add channel context conf pointer as an argument to the function ieee80211_radar_detected(). During MLO, drivers would have to pass on which channel context conf radar is detected. Otherwise, drivers could just pass NULL. * ieee80211_radar_detected() will iterate over all channel contexts present and * if channel context conf is passed, only mark that as radar detected * if NULL is passed, then mark all channel contexts as radar detected * Then as usual, schedule the radar detected work. * In the worker, go over all the contexts again and for all such context which is marked with radar detected, cancel the ongoing CAC by calling ieee80211_dfs_cac_cancel() and then notify cfg80211 via cfg80211_radar_event(). * To cancel the CAC, pass the channel context as well where radar is detected to ieee80211_dfs_cac_cancel(). This ensures that CAC is canceled only on the links using the provided context, leaving other links unaffected. This would also help in scenarios where there is split phy 5 GHz radio, which is capable of DFS channels in both lower and upper band. In this case, simultaneous radars can be detected. Signed-off-by: Aditya Kumar Singh Link: https://patch.msgid.link/20240906064426.2101315-9-quic_adisi@quicinc.com Signed-off-by: Johannes Berg commit 0b7798232eee010d8c52e1ab5f96a1cce0d4183e Author: Aditya Kumar Singh Date: Fri Sep 6 12:14:25 2024 +0530 wifi: cfg80211/mac80211: use proper link ID for DFS Now that all APIs have support to handle DFS per link, use proper link ID instead of 0. Signed-off-by: Aditya Kumar Singh Link: https://patch.msgid.link/20240906064426.2101315-8-quic_adisi@quicinc.com Signed-off-by: Johannes Berg commit d74380ee99b59a2e46612c12c85e701ab213f4ea Author: Aditya Kumar Singh Date: Fri Sep 6 12:14:24 2024 +0530 wifi: mac80211: handle DFS per link In order to support DFS with MLO, handle the link ID now passed from cfg80211, adjust the code to do everything per link and call the notifications to cfg80211 correctly. Signed-off-by: Aditya Kumar Singh Link: https://patch.msgid.link/20240906064426.2101315-7-quic_adisi@quicinc.com Signed-off-by: Johannes Berg commit 81f67d60ebf290da068af96ad0c4a4e4faebdf1d Author: Aditya Kumar Singh Date: Fri Sep 6 12:14:23 2024 +0530 wifi: cfg80211: handle DFS per link Currently, during starting a radar detection, no link id information is parsed and passed down. In order to support starting radar detection during Multi Link Operation, it is required to pass link id as well. Add changes to first parse and then pass link id in the start radar detection path. Additionally, update notification APIs to allow drivers/mac80211 to pass the link ID. However, everything is handled at link 0 only until all API's are ready to handle it per link. Signed-off-by: Aditya Kumar Singh Link: https://patch.msgid.link/20240906064426.2101315-6-quic_adisi@quicinc.com Signed-off-by: Johannes Berg commit 62c16f219a73c237b5bef9bd160e32fbb38794f9 Author: Aditya Kumar Singh Date: Fri Sep 6 12:14:22 2024 +0530 wifi: cfg80211: move DFS related members to links[] in wireless_dev A few members related to DFS handling are currently under per wireless device data structure. However, in order to support DFS with MLO, there is a need to have them on a per-link manner. Hence, as a preliminary step, move members cac_started, cac_start_time and cac_time_ms to be on a per-link basis. Since currently, link ID is not known at all places, use default value of 0 for now. Signed-off-by: Aditya Kumar Singh Link: https://patch.msgid.link/20240906064426.2101315-5-quic_adisi@quicinc.com Signed-off-by: Johannes Berg commit f4bb650cfab4a3ffaf00b283f42b0941af1912c9 Author: Aditya Kumar Singh Date: Fri Sep 6 12:14:21 2024 +0530 wifi: trace: unlink rdev_end_cac trace event from wiphy_netdev_evt class rdev_end_cac trace event is linked with wiphy_netdev_evt event class. There is no option to pass link ID currently to wiphy_netdev_evt class. A subsequent change would pass link ID to rdev_end_cac event and hence it can no longer derive the event class from wiphy_netdev_evt. Therefore, unlink rdev_end_cac event from wiphy_netdev_evt and define it's own independent trace event. Link ID would be passed in subsequent change. Signed-off-by: Aditya Kumar Singh Link: https://patch.msgid.link/20240906064426.2101315-4-quic_adisi@quicinc.com Signed-off-by: Johannes Berg commit f403fed7f98eab72c4104ecc77aff6f87b12658f Author: Aditya Kumar Singh Date: Fri Sep 6 12:14:20 2024 +0530 wifi: mac80211: remove label usage in ieee80211_start_radar_detection() After locks rework [1], ieee80211_start_radar_detection() function is no longer acquiring any lock as such explicitly. Hence, it is not unlocking anything as well. However, label "out_unlock" is still used which creates confusion. Also, now there is no need of goto label as such. Get rid of the goto logic and use direct return statements. [1]: https://lore.kernel.org/all/20230828135928.b1c6efffe9ad.I4aec875e25abc9ef0b5ad1e70b5747fd483fbd3c@changeid/ Signed-off-by: Aditya Kumar Singh Link: https://patch.msgid.link/20240906064426.2101315-3-quic_adisi@quicinc.com Signed-off-by: Johannes Berg commit 6241d79f0043298e30679535472a8498d99161b0 Author: Aditya Kumar Singh Date: Fri Sep 6 12:14:19 2024 +0530 Revert "wifi: mac80211: move radar detect work to sdata" This reverts commit ce9e660ef32e ("wifi: mac80211: move radar detect work to sdata"). To enable radar detection with MLO, it’s essential to handle it on a per-link basis. This is because when using MLO, multiple links may already be active and beaconing. In this scenario, another link should be able to initiate a radar detection. Also, if underlying links are associated with different hardware devices but grouped together for MLO, they could potentially start radar detection simultaneously. Therefore, it makes sense to manage radar detection settings separately for each link by moving them back to a per-link data structure. Signed-off-by: Aditya Kumar Singh Link: https://patch.msgid.link/20240906064426.2101315-2-quic_adisi@quicinc.com Signed-off-by: Johannes Berg commit 3702a33216e6b76361690630e3ab1a33b0ef03af Author: Ming Yen Hsieh Date: Wed Sep 4 19:12:56 2024 +0800 wifi: mac80211: introduce EHT rate support in AQL airtime Add definitions related to EHT mode and airtime calculation according to the 802.11BE_D4.0. Co-developed-by: Bo Jiao Signed-off-by: Bo Jiao Signed-off-by: Deren Wu Signed-off-by: Quan Zhou Signed-off-by: Ming Yen Hsieh Link: https://patch.msgid.link/20240904111256.11734-1-mingyen.hsieh@mediatek.com Signed-off-by: Johannes Berg commit 450732abad6a75ff5a896a306be238123379e6db Author: Veerendranath Jakkam Date: Wed Sep 4 08:39:17 2024 +0530 wifi: cfg80211: avoid overriding direct/MBSSID BSS with per-STA profile BSS Avoid overriding BSS information generated from MBSSID or direct source with BSS information generated from per-STA profile source to avoid losing actual signal strength and information elements such as RNR and Basic ML elements. Signed-off-by: Veerendranath Jakkam Link: https://patch.msgid.link/20240904030917.3602369-4-quic_vjakkam@quicinc.com Signed-off-by: Johannes Berg commit bff93c89ab19886e17f0a86ea59f2e37141f2ab6 Author: Veerendranath Jakkam Date: Wed Sep 4 08:39:16 2024 +0530 wifi: cfg80211: skip indicating signal for per-STA profile BSSs Currently signal of the BSS entry generated from the per-STA profile indicated as zero, but userspace may consider it as high signal strength since 0 dBm is a valid RSSI value. To avoid this don't report the signal to userspace when the BSS entry created from a per-STA profile. Signed-off-by: Veerendranath Jakkam Link: https://patch.msgid.link/20240904030917.3602369-3-quic_vjakkam@quicinc.com Signed-off-by: Johannes Berg commit 0fdcc994a42cf1306bc0e9ca6c9adeec657f5f02 Author: Veerendranath Jakkam Date: Wed Sep 4 08:39:15 2024 +0530 wifi: cfg80211: make BSS source types public Define public enum with BSS source types in core.h. Upcoming patches need this to store BSS source type in struct cfg80211_internal_bss. Signed-off-by: Veerendranath Jakkam Link: https://patch.msgid.link/20240904030917.3602369-2-quic_vjakkam@quicinc.com Signed-off-by: Johannes Berg commit cac9544cecf6d0aa1ad629ba8f403b05b8bee005 Author: Emmanuel Grumbach Date: Sun Aug 25 19:17:03 2024 +0300 wifi: iwlwifi: mvm: replace CONFIG_PM by CONFIG_PM_SLEEP Replace the ifdef CONFIG_PM by CONFIG_PM_SLEEP. CONFIG_PM was useful when we had CONFIG_PM_RUNTIME but that was removed long ago. Use PM_SLEEP consistently across the driver. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240825191257.44e47ba584de.I64f985d0405345252b76b7157291b79677abd64d@changeid Signed-off-by: Johannes Berg commit f54a1baee098170b13b624ca5ed2afdb4d29edbc Author: Veerendranath Jakkam Date: Wed Sep 4 19:50:21 2024 +0530 wifi: cfg80211: Avoid RCU debug splat in __cfg80211_bss_update error paths Replace rcu_dereference() with rcu_access_pointer() since we already hold the lock and own the 'tmp' at this point. This is needed to avoid suspicious rcu_dereference_check warnings in__cfg80211_bss_update error paths. Signed-off-by: Veerendranath Jakkam Link: https://patch.msgid.link/20240904142021.3887360-1-quic_vjakkam@quicinc.com Signed-off-by: Johannes Berg commit a26a5107bc52922cf5f67361e307ad66547b51c7 Author: Dmitry Antipov Date: Thu Sep 5 18:04:00 2024 +0300 wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() Looking at https://syzkaller.appspot.com/bug?extid=1a3986bbd3169c307819 and running reproducer with CONFIG_UBSAN_BOUNDS, I've noticed the following: [ T4985] UBSAN: array-index-out-of-bounds in net/wireless/scan.c:3479:25 [ T4985] index 164 is out of range for type 'struct ieee80211_channel *[]' <...skipped...> [ T4985] Call Trace: [ T4985] [ T4985] dump_stack_lvl+0x1c2/0x2a0 [ T4985] ? __pfx_dump_stack_lvl+0x10/0x10 [ T4985] ? __pfx__printk+0x10/0x10 [ T4985] __ubsan_handle_out_of_bounds+0x127/0x150 [ T4985] cfg80211_wext_siwscan+0x11a4/0x1260 <...the rest is not too useful...> Even if we do 'creq->n_channels = n_channels' before 'creq->ssids = (void *)&creq->channels[n_channels]', UBSAN treats the latter as off-by-one error. Fix this by using pointer arithmetic rather than an expression with explicit array indexing and use convenient 'struct_size()' to simplify the math here and in 'kzalloc()' above. Fixes: 5ba63533bbf6 ("cfg80211: fix alignment problem in scan request") Signed-off-by: Dmitry Antipov Reviewed-by: Kees Cook Link: https://patch.msgid.link/20240905150400.126386-1-dmantipov@yandex.ru [fix coding style for multi-line calculation] Signed-off-by: Johannes Berg commit 90da77987dd59c8f6ec6d508d23d5a77c7af64f1 Author: Mikulas Patocka Date: Thu Sep 5 21:01:52 2024 +0200 dm-integrity: support recalculation in the 'I' mode In the kernel 6.11, dm-integrity was enhanced with an inline ('I') mode. This mode uses devices with non-power-of-2 sector size. The extra metadata after each sector are used to hold the integrity hash. This commit enhances the inline mode, so that there is automatic recalculation of the integrity hashes when the 'reclaculate' parameter is used. It allows us to activate the device instantly, and the recalculation is done on background. If the device is deactivated while recalculation is in progress, it will remember the point where it stopped and it will continue from this point when activated again. Signed-off-by: Mikulas Patocka commit a7722b82c2ca9ca771d6c698643883be76f61a7e Author: Chen Ni Date: Thu Sep 5 10:28:32 2024 +0800 dm integrity: Convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Signed-off-by: Chen Ni Reviewed-by: Mike Snitzer Signed-off-by: Mikulas Patocka commit b36c41c51e9d763393634359b90f02414ef470a3 Author: Hans Verkuil Date: Mon Sep 2 16:04:47 2024 +0200 media: atomisp: set lock before calling vb2_queue_init() The vb2_queue_init() will expect the vb2_queue lock pointer to be set in the future. So for those drivers that set the lock later, move it up to before the vb2_queue_init() call. Signed-off-by: Hans Verkuil Link: https://lore.kernel.org/r/90b8e7a40c3ed306cbeb96c2f4dad97eb7e53bfd.1725285495.git.hverkuil-cisco@xs4all.nl Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit 92eb52260b8c00b4a31cb1eac48b2f3073905432 Author: Hans de Goede Date: Mon Sep 2 11:52:29 2024 +0200 media: atomisp: Improve binary finding debug logging The atomisp firmware contains a number of different pipeline binaries inside its firmware file and the driver selects the right one depending on the selected pipeline configuration. Sometimes (e.g. when the selected output resolution is too big) it fails to find a binary. This happens especially when adding support for new sensors. Improve the logging when this happens to make debugging easier: 1. Replace ia_css_debug_dtrace(IA_CSS_DEBUG_TRACE, ...) with standard dev_dbg() calls so that the logs can be enabled with dyndbg 2. Do not dump_stack() when this fails, doing so adds no useful extra info 3. With the dump_stack() call gone, remove the wrapper and rename __ia_css_binary_find() to ia_css_binary_find() 4. On error use dev_err() instead of dev_dbg() so that when things fail it is clear why they fail without needing to enable dyndbg Signed-off-by: Hans de Goede Link: https://lore.kernel.org/r/20240902095229.59059-3-hdegoede@redhat.com Signed-off-by: Mauro Carvalho Chehab commit b8b2383c66602700919a276599ceefe84ab5d4c2 Author: Hans de Goede Date: Mon Sep 2 11:52:28 2024 +0200 media: atomisp: Drop dev_dbg() calls from hmm_[alloc|free]() Debug logging every alloc + free just polutes the debug logs without adding much value, remove the alloc + free dev_dbg() calls. Signed-off-by: Hans de Goede Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240902095229.59059-2-hdegoede@redhat.com Signed-off-by: Mauro Carvalho Chehab commit 41bcaff3164cf4737b032010150f0da01ead80de Author: Hans de Goede Date: Mon Sep 2 11:52:27 2024 +0200 media: atomisp: csi2-bridge: Add DMI quirk for t4ka3 on Xiaomi Mipad2 The t4ka3 sensor on the Xiaomi Mipad2 is used as a back facing sensor, it uses 4 CSI lanes, but the _DSM has CsiLanes set to 2. Extend the existing Xiaomi Mipad2 DMI quirk to override the wrong _DSM setting. Signed-off-by: Hans de Goede Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240902095229.59059-1-hdegoede@redhat.com Signed-off-by: Mauro Carvalho Chehab commit cf738cc7cfe07dda024778e7778f57f06fb042a2 Author: Hans Verkuil Date: Mon Sep 2 10:31:21 2024 +0200 media: atomisp: add missing wait_prepare/finish ops Without these ops the v4l2-compliance blocking wait test will fail. These ops are required to ensure that when VIDIOC_DQBUF has to wait for buffers to arrive, the queue lock is correctly released and retaken. Otherwise the wait for a buffer would block all other queue ioctls. Signed-off-by: Hans Verkuil Link: https://lore.kernel.org/r/9f401f3732dd728e3d2ca508002c97b80a2eae30.1725265884.git.hverkuil-cisco@xs4all.nl Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit d579ef05daa759612546728d9ec1e1996b288f82 Author: Zhang Zekun Date: Fri Aug 30 05:00:35 2024 +0200 media: atomisp: Remove unused declaration v4l2_get_acpi_sensor_info() has been removed since commit d80be6a10cd3 ("media: atomisp: Drop v4l2_get_acpi_sensor_info() function"), remain the declaration untouched in the header file. So, let's remove this unused declartion. Signed-off-by: Zhang Zekun Reviewed-by: Changhuang Liang Link: https://lore.kernel.org/r/20240830030035.15686-1-zhangzekun11@huawei.com Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit 9a5e69c030608aec545201398be626102272bf72 Author: Li Zetao Date: Fri Aug 30 03:17:52 2024 +0200 media: atomisp: use clamp() in compute_coring() When it needs to get a value within a certain interval, using clamp() makes the code easier to understand than min(max()). Signed-off-by: Li Zetao Link: https://lore.kernel.org/r/20240830011752.603433-3-lizetao1@huawei.com Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit 7adc7193537470839ec66ecbdb54f4dc9092e6f6 Author: Li Zetao Date: Fri Aug 30 03:17:51 2024 +0200 media: atomisp: use clamp() in ia_css_eed1_8_encode() When it needs to get a value within a certain interval, using clamp() makes the code easier to understand than min(max()). Signed-off-by: Li Zetao Link: https://lore.kernel.org/r/20240830011752.603433-2-lizetao1@huawei.com Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit 7483ce8fc72f8c56b3dbc14424d2ade15233ac69 Author: Andy Shevchenko Date: Tue Aug 13 10:56:15 2024 +0200 media: atomisp: Simplify ia_css_pipe_create_cas_scaler_desc_single_output() Make ia_css_pipe_create_cas_scaler_desc_single_output() easier to read by shortening parameter names. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240813085615.1546111-1-andriy.shevchenko@linux.intel.com Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit 1f24d0b3234b39b3404c965545d470c6022bcffd Author: Andy Shevchenko Date: Tue Aug 13 15:12:25 2024 +0200 media: atomisp: Replace rarely used macro from math_support.h Replace rarely used macro by generic ones from Linux kernel headers. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240813131225.2232817-1-andriy.shevchenko@linux.intel.com Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit 9e3513a58f71195d239426c347645ad44b0fe1ac Author: Andy Shevchenko Date: Tue Aug 13 10:54:58 2024 +0200 media: atomisp: Remove duplicated leftover, i.e. sh_css_dvs_info.h The contents of sh_css_dvs_info.h are already included in the solely user of this header, drop the former for good. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240813085458.1545949-1-andriy.shevchenko@linux.intel.com Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit cfc0ac5b9c3c99500ad56dfe440ca2db79d564fd Author: Kartik Kulkarni Date: Wed Jul 31 12:33:53 2024 +0200 media: atomisp: bnr: fix trailing statement Fix checkpatch error trailing statements should be on next line in ia_css_bnr.host.c:48 Signed-off-by: Kartik Kulkarni Link: https://lore.kernel.org/r/20240731103353.39245-1-kartik.koolks@gmail.com Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit 5788a2d2e2c733809660d884946d3e453a41c6d9 Author: Sergio de Almeida Cipriano Junior Date: Tue Jul 30 09:19:04 2024 +0200 media: atomisp: move trailing */ to separate lines Fix checkpatch diagnostic "WARNING: Block comments use a trailing */ on a separate line" in assert_support.h file. Signed-off-by: Sergio de Almeida Cipriano Junior Link: https://lore.kernel.org/r/20240730071904.1047-1-sergiosacj@riseup.net Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit 456b86d420fcaf2410949bea183d4c6dd0ba49e8 Author: Sakirnth Nagarasa Date: Tue Jul 30 10:42:20 2024 +0200 media: atomisp: move trailing statement to next line. Fix checkpath error "ERROR: trailing statements should be on next line" in ia_css_fpn.host.c:46. Signed-off-by: Sakirnth Nagarasa Link: https://lore.kernel.org/r/20240730084220.38204-1-sakirnth@gmail.com Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit f59ba45273ce37f28502306a3ed0e7a0eea3ff59 Author: Kathara Sasikumar Date: Tue Jul 30 10:27:25 2024 +0200 media: atomisp: Fix trailing statement in ia_css_de.host.c Fix checkpatch diagostic of Error : Trailing statements should be on the next line Signed-off-by: Kathara Sasikumar Link: https://lore.kernel.org/r/20240730082725.2524-1-katharasasikumar007@gmail.com Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit 83e80dc8fe1442f7ffd931c21a15eb57f46f21e2 Author: Roshan Khatri Date: Wed May 22 18:18:30 2024 +0200 media: atomisp: Fix spelling mistakes in atomisp.h codespell reported misspelled coefficients and vector in atomisp.h. This patch corrects the spellings to increase readability and searching. Signed-off-by: Roshan Khatri Link: https://lore.kernel.org/r/20240522161830.57434-1-topofeverest8848@gmail.com Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit 5943fc104dc89cb2cd7e82b0bcf543efe6d03785 Author: Roshan Khatri Date: Fri May 10 15:40:00 2024 +0200 media: atomisp: Fix spelling mistakes in atomisp_platform.h Codespell reported misspelled "streams" and "corresponding" in atomisp_platform.h. This patch fixes the misspellings. Signed-off-by: Roshan Khatri Link: https://lore.kernel.org/r/20240510134000.23848-1-topofeverest8848@gmail.com Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit b5a9c249bd9fd4b67739714f6eb9587c45d1f5d2 Author: Roshan Khatri Date: Thu May 2 06:34:15 2024 +0200 media: atomisp: Fix spelling mistake in csi_rx_public.h codespell reported misspelled "register" in csi_rx_public.h, fix misspellings. Signed-off-by: Roshan Khatri Link: https://lore.kernel.org/r/20240502043415.88434-1-topofeverest8848@gmail.com Signed-off-by: Hans de Goede Signed-off-by: Mauro Carvalho Chehab commit f4fdd7716290a2fb342ec84f55140c1d436e6f4b Author: Felix Fietkau Date: Wed Aug 28 08:34:22 2024 +0200 wifi: mt76: partially move channel change code to core This allows the core code to change the channel. Code deduplication and preparation for adding scanning code to the core. Link: https://patch.msgid.link/20240828063422.44813-1-nbd@nbd.name Signed-off-by: Felix Fietkau commit e43b87f6b7bbcde8a33a14c173e5f56c03fe9221 Author: Felix Fietkau Date: Tue Aug 27 11:29:51 2024 +0200 wifi: mt76: fix mt76_get_rate Do not assume that the first phy has 2 GHz support. Check sband->band instead of accessing dev->phy.sband_2g. Link: https://patch.msgid.link/20240827093011.18621-4-nbd@nbd.name Signed-off-by: Felix Fietkau commit 6ea13e6bd2af76e9e4de4534d9ac5500fb3266ba Author: Felix Fietkau Date: Tue Aug 27 11:29:50 2024 +0200 wifi: mt76: mt7603: initialize chainmask Fixes reported tx power by accounting for the combined output Link: https://patch.msgid.link/20240827093011.18621-3-nbd@nbd.name Signed-off-by: Felix Fietkau commit 3dd99b8f20154708ed51b5059ed5e260108d3bed Author: Felix Fietkau Date: Tue Aug 27 11:29:49 2024 +0200 wifi: mt76: mt7603: fix reading target power from eeprom If the ext-PA target power is unset, fall back to the standard EEPROM value. Link: https://patch.msgid.link/20240827093011.18621-2-nbd@nbd.name Signed-off-by: Felix Fietkau commit 9b8d932053b8b45d650360b36f701cf0f9b6470e Author: Felix Fietkau Date: Tue Aug 27 11:29:48 2024 +0200 wifi: mt76: mt7603: fix mixed declarations and code Move the qid variable declaration further up Fixes: b473c0e47f04 ("wifi: mt76: mt7603: fix tx queue of loopback packets") Link: https://patch.msgid.link/20240827093011.18621-1-nbd@nbd.name Signed-off-by: Felix Fietkau commit a04b920fbc707deb699292cdae47006e8ea57d87 Author: Peter Chiu Date: Fri Aug 16 17:50:40 2024 +0800 wifi: mt76: connac: fix checksum offload fields of connac3 RXD Fix incorrect RXD offset and bitfield related to RX checksum offload. Fixes: 98686cd21624 ("wifi: mt76: mt7996: add driver for MediaTek Wi-Fi 7 (802.11be) devices") Fixes: 4e9011fcdfc4 ("wifi: mt76: connac: move connac3 definitions in mt76_connac3_mac.h") Co-developed-by: Shayne Chen Signed-off-by: Shayne Chen Signed-off-by: Peter Chiu Link: https://patch.msgid.link/20240816095040.2574-1-shayne.chen@mediatek.com Signed-off-by: Felix Fietkau commit f503ae90c7355e8506e68498fe84c1357894cd5b Author: Ma Ke Date: Tue Aug 13 16:12:42 2024 +0800 wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he Fix the NULL pointer dereference in mt7996_mcu_sta_bfer_he routine adding an sta interface to the mt7996 driver. Found by code review. Cc: stable@vger.kernel.org Fixes: 98686cd21624 ("wifi: mt76: mt7996: add driver for MediaTek Wi-Fi 7 (802.11be) devices") Signed-off-by: Ma Ke Link: https://patch.msgid.link/20240813081242.3991814-1-make24@iscas.ac.cn Signed-off-by: Felix Fietkau commit dcd21b27f1364560570dd2fed09fd56ab9314cd3 Author: Michael-CY Lee Date: Fri Aug 16 17:46:35 2024 +0800 wifi: mt76: mt7996: set IEEE80211_KEY_FLAG_GENERATE_MMIE for other ciphers When beacon protection is enabled, FW checks MMIE tag & length in the beacon for every cipher mode. To pass the check, driver needs to set the key flag IEEE80211_KEY_GENERATE_MMIE to let mac80211 generate and initialize MMIE. Signed-off-by: Michael-CY Lee Signed-off-by: Shayne Chen Link: https://patch.msgid.link/20240816094635.2391-11-shayne.chen@mediatek.com Signed-off-by: Felix Fietkau commit 5353679ab4ada1112ff96e81c08650dd01699050 Author: Benjamin Lin Date: Fri Aug 16 17:46:34 2024 +0800 wifi: mt76: connac: add IEEE 802.11 fragmentation support for mt7996 Add fragment index into TXD.DW2 to support IEEE 802.11 fragmentation. Signed-off-by: Benjamin Lin Signed-off-by: Shayne Chen Link: https://patch.msgid.link/20240816094635.2391-10-shayne.chen@mediatek.com Signed-off-by: Felix Fietkau commit ded1a6d9e13a32d4e8bef0c63accf49b9415ff5f Author: Rex Lu Date: Fri Aug 16 17:46:33 2024 +0800 wifi: mt76: mt7996: fix handling mbss enable/disable When mbss was previously enabled, the TLV needs to be included when disabling it again, in order to clear the firmware state. Fixes: a7908d5b61e5 ("wifi: mt76: mt7996: fix non-main BSS no beacon issue for MBSS scenario") Signed-off-by: Rex Lu Signed-off-by: Shayne Chen Link: https://patch.msgid.link/20240816094635.2391-9-shayne.chen@mediatek.com Signed-off-by: Felix Fietkau commit 52fc70a32573707f70d6b1b5c5fe85cc91457393 Merge: 2c4cec1643d1ae 26f74155df44fd Author: David S. Miller Date: Fri Sep 6 09:34:19 2024 +0100 Merge branch 'rx-sw-tstamp-for-all' Gal Pressman says: ==================== RX software timestamp for all - round 2 Round 1 of drivers conversion was merged [1], this is round 2, more drivers to follow. [1] https://lore.kernel.org/netdev/20240901112803.212753-1-gal@nvidia.com/ ==================== Signed-off-by: David S. Miller commit 26f74155df44fdcbc1962a7f404be6a8eec895e0 Author: Gal Pressman Date: Wed Sep 4 10:49:22 2024 +0300 bnx2x: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Signed-off-by: David S. Miller commit 4c6d910e0254206e2438d4481b3ceeda7355cf83 Author: Gal Pressman Date: Wed Sep 4 10:49:21 2024 +0300 cxgb4: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Potnuri Bharat Teja Signed-off-by: David S. Miller commit 12283fad6d2ea43450a28de4394a756a401fa71c Author: Gal Pressman Date: Wed Sep 4 10:49:20 2024 +0300 ixgbe: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Tony Nguyen Signed-off-by: David S. Miller commit 29d2e49a62c14b7b25068acad6f9800c3425e129 Author: Gal Pressman Date: Wed Sep 4 10:49:19 2024 +0300 igc: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Tony Nguyen Signed-off-by: David S. Miller commit 638effa35d684fb89113f7541eb58a98641cff86 Author: Gal Pressman Date: Wed Sep 4 10:49:18 2024 +0300 igb: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Tony Nguyen Signed-off-by: David S. Miller commit 6aebd824f45ab51b22148bf0100682cdcfbf4e87 Author: Gal Pressman Date: Wed Sep 4 10:49:17 2024 +0300 ice: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Tony Nguyen Signed-off-by: David S. Miller commit 5df20ce03ef431ad820023bccb355f6de5f7f75c Author: Gal Pressman Date: Wed Sep 4 10:49:16 2024 +0300 i40e: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Tony Nguyen Signed-off-by: David S. Miller commit f9b74d602ee3a43a2c85a8cd444ae7f939fa338b Author: Gal Pressman Date: Wed Sep 4 10:49:15 2024 +0300 net: netcp: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Signed-off-by: David S. Miller commit c5dbb6aeefbda74d8b523f291a7ac081c4c00aca Author: Gal Pressman Date: Wed Sep 4 10:49:14 2024 +0300 net: ti: icssg-prueth: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Roger Quadros Reviewed-by: MD Danish Anwar Signed-off-by: David S. Miller commit c76e2f40b7d9aa87fddd22cc2452dd4c822dd6fa Author: Gal Pressman Date: Wed Sep 4 10:49:13 2024 +0300 net: ethernet: ti: cpsw_ethtool: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Roger Quadros Signed-off-by: David S. Miller commit f40a3712ef1be1b3114d81114edff961ee2c1860 Author: Gal Pressman Date: Wed Sep 4 10:49:12 2024 +0300 net: ethernet: ti: am65-cpsw-ethtool: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Roger Quadros Signed-off-by: David S. Miller commit 8a26d947176635a7b96505b8f0b15f2596a0cb8f Author: Gal Pressman Date: Wed Sep 4 10:49:11 2024 +0300 mlxsw: spectrum: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Petr Machata Signed-off-by: David S. Miller commit 35461b6d5802a1168613a7cae9eb77d8be0da2f9 Author: Gal Pressman Date: Wed Sep 4 10:49:10 2024 +0300 net: sparx5: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Signed-off-by: David S. Miller commit f592435d132ca47e8f4d1df392c99a90a07efaa6 Author: Gal Pressman Date: Wed Sep 4 10:49:09 2024 +0300 net: lan966x: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Signed-off-by: David S. Miller commit b9c4d16e2a47213a83d25f6ff5e95df324ffef0c Author: Gal Pressman Date: Wed Sep 4 10:49:08 2024 +0300 lan743x: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Raju Lakkaraju Signed-off-by: David S. Miller commit 9f5305ed80108a7849b3b27e1a889a7afff46a51 Author: Thomas Weißschuh Date: Thu Sep 5 17:48:38 2024 +0200 HID: lg: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240905-hid-const-fixup-2-v2-1-70915e0cc1c7@weissschuh.net Signed-off-by: Benjamin Tissoires commit 2c4cec1643d1aee40c9cbf37ae829aa35fa1183b Merge: 76930d3d20d595 23de126f9248a2 Author: David S. Miller Date: Fri Sep 6 08:41:36 2024 +0100 Merge branch 'microchip=ksz8-cleanup' Pieter Van Trappen says: ==================== net: dsa: microchip: rename and clean ksz8 series files The first KSZ8 series implementation was done for a KSZ8795 device but since several other KSZ8 devices have been added. Rename these files to adhere to the ksz8 naming convention as already used in most functions and the existing ksz8.h; add an explanatory note. In addition, clean the files by removing macros that are defined at more than one place and remove confusion by renaming the KSZ8830 string which in fact is not an existing KSZ series switch. Signed-off-by: Pieter Van Trappen --- v4: - correct once more Kconfig list of supported switches v3: https://lore.kernel.org/netdev/20240903072946.344507-1-vtpieter@gmail.com/ - rename all KSZ8830 to KSZ88X3 only (not KSZ8863) - update Kconfig as per Arun's suggestion v2: https://lore.kernel.org/netdev/20240830141250.30425-1-vtpieter@gmail.com/ - more finegrained description in Kconfig and ksz8.c header - add KSZ8830/ksz8830 to KSZ8863/ksz88x3 renaming v1: https://lore.kernel.org/netdev/20240828102801.227588-1-vtpieter@gmail.com/ ==================== Signed-off-by: David S. Miller commit 23de126f9248a2f9218175ea0dd1c1403e334440 Author: Pieter Van Trappen Date: Wed Sep 4 08:27:42 2024 +0200 net: dsa: microchip: replace unclear KSZ8830 strings Replace ksz8830 with ksz88x3 for CHIP_ID definition and other strings. This due to KSZ8830 not being an actual switch but the Chip ID shared among KSZ8863/8873 switches, impossible to differentiate from their Chip ID or Revision ID registers. Now all KSZ*_CHIP_ID macros refer to actual, existing switches which removes confusion. Signed-off-by: Pieter Van Trappen Acked-by: Arun Ramadoss Signed-off-by: David S. Miller commit dcff1c05f28395c8e7cec7e7143e6565f64d8b2a Author: Pieter Van Trappen Date: Wed Sep 4 08:27:41 2024 +0200 net: dsa: microchip: clean up ksz8_reg definition macros Remove macros that are already defined at more appropriate places. Signed-off-by: Pieter Van Trappen Acked-by: Arun Ramadoss Signed-off-by: David S. Miller commit 6e65f5f55b7e9d6a335606bcfb0424844d43a7c5 Author: Pieter Van Trappen Date: Wed Sep 4 08:27:40 2024 +0200 net: dsa: microchip: rename ksz8 series files The first KSZ8 series implementation was done for a KSZ8795 device but since several other KSZ8 devices have been added. Rename these files to adhere to the ksz8 naming convention as already used in most functions and the existing ksz8.h; add an explanatory note. Signed-off-by: Pieter Van Trappen Acked-by: Arun Ramadoss Signed-off-by: David S. Miller commit 8055c0cd6ba520c1673d369b0216ab9da98141ea Author: Jerome Brunet Date: Thu Sep 5 16:13:04 2024 +0200 ASoC: spdif: extend supported rates to 768kHz IEC958-3 defines sampling rate up to 768 kHz. Such rates maybe used with high bandwidth IEC958 links, such as eARC. Signed-off-by: Jerome Brunet Acked-by: Mark Brown Reviewed-by: David Rhodes Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240905-alsa-12-24-128-v1-13-8371948d3921@baylibre.com commit 7bc09f7eb5e1f09b91b8edcf492e50bfda54080e Author: Jerome Brunet Date: Thu Sep 5 16:13:03 2024 +0200 ASoC: cs35l34: drop useless rate contraint The cs35l34 adds a useless rate constraint on startup. It does not set SNDRV_PCM_RATE_KNOT and the rates set are already a subset of the ones provided in the constraint list, so it is a no-op. >From the rest of the code, it is likely HW supports more than the 32, 44.1 and 48kHz listed in CS35L34_RATES but there is no way to know for sure without proper documentation. Keep the driver as it is for now and just drop the useless constraint. Signed-off-by: Jerome Brunet Reviewed-by: David Rhodes Acked-by: Mark Brown Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240905-alsa-12-24-128-v1-12-8371948d3921@baylibre.com commit 9dc03a1250d4d645badc5cdd5a3bc47237ffcab9 Author: Jerome Brunet Date: Thu Sep 5 16:13:02 2024 +0200 ASoC: sunxi: sun4i-codec: drop SNDRV_PCM_RATE_KNOT The custom rate constraint lists was necessary to support 12kHz and 24kHz. These rates are now available through SNDRV_PCM_RATE_12000 and SNDRV_PCM_RATE_24000. Use them and drop the custom rate constraint rule. Signed-off-by: Jerome Brunet Reviewed-by: David Rhodes Acked-by: Mark Brown Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240905-alsa-12-24-128-v1-11-8371948d3921@baylibre.com commit c061d1e4b2af8c8c76754ac9fd2cbde6db472e1d Author: Jerome Brunet Date: Thu Sep 5 16:13:01 2024 +0200 ASoC: qcom: q6asm-dai: drop SNDRV_PCM_RATE_KNOT The custom rate constraint list was necessary to support 12kHz and 24kHz. These rates are now available through SNDRV_PCM_RATE_12000 and SNDRV_PCM_RATE_24000. Use them and drop the custom rate constraint rule. Signed-off-by: Jerome Brunet Reviewed-by: David Rhodes Acked-by: Mark Brown Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240905-alsa-12-24-128-v1-10-8371948d3921@baylibre.com commit 9469cf57cd95a1f0b7ad9afd104ac120cf0aa7af Author: Jerome Brunet Date: Thu Sep 5 16:13:00 2024 +0200 ASoC: Intel: avs: drop SNDRV_PCM_RATE_KNOT The custom rate constraint list was necessary to support 12kHz, 24kHz and 128kHz. These rates are now available through SNDRV_PCM_RATE_12000, SNDRV_PCM_RATE_24000 and SNDRV_PCM_RATE_128000. Use them and drop the custom rate constraint rule. Signed-off-by: Jerome Brunet Reviewed-by: David Rhodes Acked-by: Mark Brown Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240905-alsa-12-24-128-v1-9-8371948d3921@baylibre.com commit eab3464be764e1f42e5dedabef633c6e3615c7e5 Author: Jerome Brunet Date: Thu Sep 5 16:12:59 2024 +0200 ASoC: cs53l30: drop SNDRV_PCM_RATE_KNOT The custom rate constraint list was necessary to support 12kHz and 24kHz. These rates are now available through SNDRV_PCM_RATE_12000 and SNDRV_PCM_RATE_24000. Use them and drop the custom rate constraint rule. Signed-off-by: Jerome Brunet Reviewed-by: David Rhodes Acked-by: Mark Brown Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240905-alsa-12-24-128-v1-8-8371948d3921@baylibre.com commit 79acb4c046ce2ef63b77ea055e1dc559d813aa30 Author: Jerome Brunet Date: Thu Sep 5 16:12:58 2024 +0200 ASoC: cs35l41: drop SNDRV_PCM_RATE_KNOT The custom rate constraint list was necessary to support 12kHz and 24kHz. These rates are now available through SNDRV_PCM_RATE_12000 and SNDRV_PCM_RATE_24000. Use them and drop the custom rate constraint rule. Signed-off-by: Jerome Brunet Reviewed-by: David Rhodes Acked-by: Mark Brown Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240905-alsa-12-24-128-v1-7-8371948d3921@baylibre.com commit 7067e8142c4b37b4b78c6ba8eb23bf9ce4a2c5ec Author: Jerome Brunet Date: Thu Sep 5 16:12:57 2024 +0200 ASoC: cs35l36: drop SNDRV_PCM_RATE_KNOT The custom rate constraint list was necessary to support 12kHz and 24kHz. These rates are now available through SNDRV_PCM_RATE_12000 and SNDRV_PCM_RATE_24000. Use them and drop the custom rate constraint rule. Signed-off-by: Jerome Brunet Reviewed-by: David Rhodes Acked-by: Mark Brown Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240905-alsa-12-24-128-v1-6-8371948d3921@baylibre.com commit 151d82f914e85cc938d76315818d9d250a01ee90 Author: Jerome Brunet Date: Thu Sep 5 16:12:56 2024 +0200 ALSA: hdspm: drop SNDRV_PCM_RATE_KNOT The custom rate constraint list was necessary to support 128kHz. This rate is now available through SNDRV_PCM_RATE_128000. Use it and drop the custom rate constraint rule. Signed-off-by: Jerome Brunet Reviewed-by: David Rhodes Acked-by: Mark Brown Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240905-alsa-12-24-128-v1-5-8371948d3921@baylibre.com commit 3cc1e94dbc1e65b77a22a8e4e5ab79319ab5ed98 Author: Jerome Brunet Date: Thu Sep 5 16:12:55 2024 +0200 ALSA: hdsp: drop SNDRV_PCM_RATE_KNOT The custom rate constraint list was necessary to support 128kHz. This rate is now available through SNDRV_PCM_RATE_128000. Use it and drop the custom rate constraint rule. Signed-off-by: Jerome Brunet Reviewed-by: David Rhodes Acked-by: Mark Brown Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240905-alsa-12-24-128-v1-4-8371948d3921@baylibre.com commit 1f40410623b76141f0d80f8fb946ba3ff6910d4d Author: Jerome Brunet Date: Thu Sep 5 16:12:54 2024 +0200 ALSA: emu10k1: drop SNDRV_PCM_RATE_KNOT The custom rate constraint lists were necessary to support 12kHz and 24kHz. These rates are now available through SNDRV_PCM_RATE_12000 and SNDRV_PCM_RATE_24000. Use them and drop the custom rate constraint rules. Signed-off-by: Jerome Brunet Reviewed-by: David Rhodes Acked-by: Mark Brown Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240905-alsa-12-24-128-v1-3-8371948d3921@baylibre.com commit 91dd20d855d64e5e18a821514189d68058c5bcf1 Author: Jerome Brunet Date: Thu Sep 5 16:12:53 2024 +0200 ALSA: cmipci: drop SNDRV_PCM_RATE_KNOT The custom rate constraint list was necessary to support 128kHz. This rate is now available through SNDRV_PCM_RATE_128000. Use it and drop the custom rate constraint rule. Signed-off-by: Jerome Brunet Reviewed-by: David Rhodes Acked-by: Mark Brown Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240905-alsa-12-24-128-v1-2-8371948d3921@baylibre.com commit 090624b7dc8389a516df3adb447a25dc0723adfe Author: Jerome Brunet Date: Thu Sep 5 16:12:52 2024 +0200 ALSA: pcm: add more sample rate definitions This adds a sample rate definition for 12kHz, 24kHz and 128kHz. Admittedly, just a few drivers are currently using these sample rates but there is enough of a recurrence to justify adding a definition for them and remove some custom rate constraint code while at it. The new definitions are not added to the interval definitions, such as SNDRV_PCM_RATE_8000_44100, because it would silently add new supported rates to drivers that may or may not support them. For sure the drivers have not been tested for these new rates so it is better to leave them out of interval definitions. That being said, the added rates are multiples of well know rates families, it is very likely that a lot of devices out there actually supports them. Signed-off-by: Jerome Brunet Reviewed-by: David Rhodes Acked-by: Mark Brown Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240905-alsa-12-24-128-v1-1-8371948d3921@baylibre.com commit 94ebc3d3235c5c516f67315059ce657e5090e94b Author: Yuesong Li Date: Thu Aug 22 17:09:27 2024 +0800 drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() cocci reported a double assignment problem. Upon reviewing previous commits, it appears this may actually be an incorrect assignment. Fixes: 8b9550344d39 ("drm/ipp: clean up debug messages") Signed-off-by: Yuesong Li Signed-off-by: Inki Dae commit 3fcdd0628a27e186360db238b5a210706a01f7cc Author: Kwanghoon Son Date: Wed Aug 14 12:57:01 2024 +0900 drm/exynos: Remove unnecessary code Function usage exynos_atomic_commit was removed in commit 41cbf0fdaa28 ("drm/exynos: use atomic helper commit"). Remove unnecessary function declare. Signed-off-by: Kwanghoon Son Signed-off-by: Inki Dae commit c50b7416fd4a0f97cffabccde3fb0fe84ced21fb Author: Christophe JAILLET Date: Sun Jul 14 09:37:20 2024 +0200 drm/exynos: Constify struct exynos_drm_ipp_funcs 'struct exynos_drm_ipp_funcs' are not modified in these drivers. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig, as an example: Before: ====== text data bss dec hex filename 20446 1746 16 22208 56c0 drivers/gpu/drm/exynos/exynos_drm_fimc.o After: ===== text data bss dec hex filename 20446 1714 16 22176 56a0 drivers/gpu/drm/exynos/exynos_drm_fimc.o Signed-off-by: Christophe JAILLET Signed-off-by: Inki Dae commit fce4a2a95df29c48338f3dee18c9e9d7c3d07316 Author: Krzysztof Kozlowski Date: Sun Aug 25 11:00:52 2024 +0200 dt-bindings: MAINTAINERS: drop stale exynos file pattern With last TXT binding converted to DT schema, all Samsung Exynos display bindings are in "samsung" directory, already present in maintainers entry. Drop old "exynos" directory to fix get_maintainers.pl self-test warning: ./MAINTAINERS:7539: warning: no file matches F: Documentation/devicetree/bindings/display/exynos/ Fixes: ad6d17e10306 ("dt-bindings: display: samsung,exynos5-dp: convert to DT Schema") Signed-off-by: Krzysztof Kozlowski Signed-off-by: Inki Dae commit 6b5e97c020060c2b8ad286002415106ab7034435 Author: Bartosz Golaszewski Date: Wed Sep 4 16:07:06 2024 +0200 gpio: mpc8xxx: switch to using DEFINE_RUNTIME_DEV_PM_OPS() Use the preferred API for assigning system sleep pm callbacks in drivers. Suggested-by: Andy Shevchenko Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240904140706.70359-1-brgl@bgdev.pl Signed-off-by: Bartosz Golaszewski commit c398cb8eb0a263a1b7a18892d9f244751689675c Author: Herbert Xu Date: Thu Sep 5 10:21:49 2024 +0800 crypto: octeontx* - Select CRYPTO_AUTHENC Select CRYPTO_AUTHENC as the function crypto_authenec_extractkeys may not be available without it. Fixes: 311eea7e37c4 ("crypto: octeontx - Fix authenc setkey") Fixes: 7ccb750dcac8 ("crypto: octeontx2 - Fix authenc setkey") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409042013.gT2ZI4wR-lkp@intel.com/ Signed-off-by: Herbert Xu commit 4eded6d14f5b7bb857b68872970a40cf3105c015 Author: Herbert Xu Date: Tue Sep 3 07:33:40 2024 +0800 crypto: testmgr - Hide ENOENT errors When a crypto algorithm with a higher priority is registered, it kills the spawns of all lower-priority algorithms. Thus it is to be expected for an algorithm to go away at any time, even during a self-test. This is now much more common with asynchronous testing. Remove the printk when an ENOENT is encountered during a self-test. This is not really an error since the algorithm being tested is no longer there (i.e., it didn't fail the test which is what we care about). Signed-off-by: Herbert Xu commit 2e691e1cd24d4f5cee4bc24d5adc6f1307b9f09f Author: Colin Ian King Date: Sun Sep 1 17:07:17 2024 +0100 crypto: qat - Remove trailing space after \n newline There is a extraneous space after a newline in a pr_err message. Remove it. Signed-off-by: Colin Ian King Signed-off-by: Herbert Xu commit a0e435e808d60b163d7bf78ec1002f80a5d127d5 Author: Colin Ian King Date: Sun Sep 1 17:04:30 2024 +0100 crypto: hisilicon/sec - Remove trailing space after \n newline There is a extraneous space after a newline in a dev_err message. Remove it. Signed-off-by: Colin Ian King Signed-off-by: Herbert Xu commit 795f85fca229a88543a0a706039f901106bf11c1 Author: Herbert Xu Date: Sun Sep 1 16:06:56 2024 +0800 crypto: algboss - Pass instance creation error up Pass any errors we get during instance creation up through the larval. Signed-off-by: Herbert Xu commit e7a4142b35ce489fc8908d75596c51549711ade0 Author: Herbert Xu Date: Sun Sep 1 16:05:40 2024 +0800 crypto: api - Fix generic algorithm self-test races On Fri, Aug 30, 2024 at 10:51:54AM -0700, Eric Biggers wrote: > > Given below in defconfig form, use 'make olddefconfig' to apply. The failures > are nondeterministic and sometimes there are different ones, for example: > > [ 0.358017] alg: skcipher: failed to allocate transform for cbc(twofish-generic): -2 > [ 0.358365] alg: self-tests for cbc(twofish) using cbc(twofish-generic) failed (rc=-2) > [ 0.358535] alg: skcipher: failed to allocate transform for cbc(camellia-generic): -2 > [ 0.358918] alg: self-tests for cbc(camellia) using cbc(camellia-generic) failed (rc=-2) > [ 0.371533] alg: skcipher: failed to allocate transform for xts(ecb(aes-generic)): -2 > [ 0.371922] alg: self-tests for xts(aes) using xts(ecb(aes-generic)) failed (rc=-2) > > Modules are not enabled, maybe that matters (I haven't checked yet). Yes I think that was the key. This triggers a massive self-test run which executes in parallel and reveals a few race conditions in the system. I think it boils down to the following scenario: Base algorithm X-generic, X-optimised Template Y Optimised algorithm Y-X-optimised Everything gets registered, and then the self-tests are started. When Y-X-optimised gets tested, it requests the creation of the generic Y(X-generic). Which then itself undergoes testing. The race is that after Y(X-generic) gets registered, but just before it gets tested, X-optimised finally finishes self-testing which then causes all spawns of X-generic to be destroyed. So by the time the self-test for Y(X-generic) comes along, it can no longer find the algorithm. This error then bubbles up all the way up to the self-test of Y-X-optimised which then fails. Note that there is some complexity that I've omitted here because when the generic self-test fails to find Y(X-generic) it actually triggers the construction of it again which then fails for various other reasons (these are not important because the construction should *not* be triggered at this point). So in a way the error is expected, and we should probably remove the pr_err for the case where ENOENT is returned for the algorithm that we're currently testing. The solution is two-fold. First when an algorithm undergoes self-testing it should not trigger its construction. Secondly if an instance larval fails to materialise due to it being destroyed by a more optimised algorithm coming along, it should obviously retry the construction. Remove the check in __crypto_alg_lookup that stops a larval from matching new requests based on differences in the mask. It is better to block new requests even if it is wrong and then simply retry the lookup. If this ends up being the wrong larval it will sort iself out during the retry. Reduce the CRYPTO_ALG_TYPE_MASK bits in type during larval creation as otherwise LSKCIPHER algorithms may not match SKCIPHER larvals. Also block the instance creation during self-testing in the function crypto_larval_lookup by checking for CRYPTO_ALG_TESTED in the mask field. Finally change the return value when crypto_alg_lookup fails in crypto_larval_wait to EAGAIN to redo the lookup. Fixes: 37da5d0ffa7b ("crypto: api - Do not wait for tests during registration") Reported-by: Eric Biggers Signed-off-by: Herbert Xu commit b04f06fc0243600665b3b50253869533b7938468 Author: Weili Qian Date: Sat Aug 31 19:48:31 2024 +0800 crypto: hisilicon/qm - inject error before stopping queue The master ooo cannot be completely closed when the accelerator core reports memory error. Therefore, the driver needs to inject the qm error to close the master ooo. Currently, the qm error is injected after stopping queue, memory may be released immediately after stopping queue, causing the device to access the released memory. Therefore, error is injected to close master ooo before stopping queue to ensure that the device does not access the released memory. Fixes: 6c6dd5802c2d ("crypto: hisilicon/qm - add controller reset interface") Signed-off-by: Weili Qian Signed-off-by: Herbert Xu commit 145013f723947c83b1a5f76a0cf6e7237d59e973 Author: Weili Qian Date: Sat Aug 31 19:48:30 2024 +0800 crypto: hisilicon/hpre - mask cluster timeout error The timeout threshold of the hpre cluster is 16ms. When the CPU and device share virtual address, page fault processing time may exceed the threshold. In the current test, there is a high probability that the cluster times out. However, the cluster is waiting for the completion of memory access, which is not an error, the device does not need to be reset. If an error occurs in the cluster, qm also reports the error. Therefore, the cluster timeout error of hpre can be masked. Fixes: d90fab0deb8e ("crypto: hisilicon/qm - get error type from hardware registers") Signed-off-by: Weili Qian Signed-off-by: Herbert Xu commit 5d2d1ee0874c26b8010ddf7f57e2f246e848af38 Author: Weili Qian Date: Sat Aug 31 19:48:29 2024 +0800 crypto: hisilicon/qm - reset device before enabling it Before the device is enabled again, the device may still store the previously processed data. If an error occurs in the previous task, the device may fail to be enabled again. Therefore, before enabling device, reset the device to restore the initial state. Signed-off-by: Weili Qian Signed-off-by: Herbert Xu commit f5dd7c43022799ac5c4e3a0d445f9c293a198413 Author: Chenghai Huang Date: Sat Aug 31 17:50:09 2024 +0800 crypto: hisilicon/trng - modifying the order of header files Header files is included Order-ref: standard library headers, OS library headers, and project-specific headers. This patch modifies the order of header files according to suggestions. In addition, use %u to print unsigned int variables to prevent overflow. Signed-off-by: Chenghai Huang Signed-off-by: Herbert Xu commit 5fdb4b345cfb4f12ea95f6680779080e4e354100 Author: Chenghai Huang Date: Sat Aug 31 17:50:08 2024 +0800 crypto: hisilicon - add a lock for the qp send operation Apply for a lock before the qp send operation to ensure no resource race in multi-concurrency situations. This modification has almost no impact on performance. Signed-off-by: Chenghai Huang Signed-off-by: Herbert Xu commit f386dc64e1a5d3dcb84579119ec350ab026fea88 Author: Yang Shen Date: Sat Aug 31 17:50:07 2024 +0800 crypto: hisilicon - fix missed error branch If an error occurs in the process after the SGL is mapped successfully, it need to unmap the SGL. Otherwise, memory problems may occur. Signed-off-by: Yang Shen Signed-off-by: Chenghai Huang Signed-off-by: Herbert Xu commit 3401f63e72596dcb7d912a5b67b4291643cc1034 Author: Amit Shah Date: Thu Aug 29 12:20:07 2024 +0200 crypto: ccp - do not request interrupt on cmd completion when irqs disabled While sending a command to the PSP, we always requested an interrupt from the PSP after command completion. This worked for most cases. For the special case of irqs being disabled -- e.g. when running within crashdump or kexec contexts, we should not set the SEV_CMDRESP_IOC flag, so the PSP knows to not attempt interrupt delivery. Fixes: 8ef979584ea8 ("crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump") Based-on-patch-by: Tom Lendacky Signed-off-by: Amit Shah Signed-off-by: Herbert Xu commit c299d7af9dfb9b7abfc23cb87287c4f54ade92ac Author: Eric Biggers Date: Tue Aug 27 11:50:01 2024 -0700 crypto: x86/aesni - update docs for aesni-intel module Update the kconfig help and module description to reflect that VAES instructions are now used in some cases. Also fix XTR => XCTR. Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu commit 78cb66caa6ab5385ac2090f1aae5f3c19e08f522 Author: Guoqing Jiang Date: Mon Aug 26 15:04:15 2024 +0800 hwrng: mtk - Use devm_pm_runtime_enable Replace pm_runtime_enable with the devres-enabled version which can trigger pm_runtime_disable. Otherwise, the below appears during reload driver. mtk_rng 1020f000.rng: Unbalanced pm_runtime_enable! Fixes: 81d2b34508c6 ("hwrng: mtk - add runtime PM support") Cc: Suggested-by: Chen-Yu Tsai Signed-off-by: Guoqing Jiang Signed-off-by: Herbert Xu commit 026f84d3fa62d215b11cbeb5a5d97df941e93b5c Author: Subramanian Ananthanarayanan Date: Fri Sep 6 10:52:27 2024 +0530 PCI: Add ACS quirk for Qualcomm SA8775P The Qualcomm SA8775P root ports don't advertise an ACS capability, but they do provide ACS-like features to disable peer transactions and validate bus numbers in requests. Thus, add an ACS quirk for the SA8775P. Link: https://lore.kernel.org/linux-pci/20240906052228.1829485-1-quic_skananth@quicinc.com Signed-off-by: Subramanian Ananthanarayanan Signed-off-by: Krzysztof Wilczyński commit c500a86693a126c9393e602741e348f80f1b0fc5 Author: Alexandra Diupina Date: Tue Sep 3 14:58:23 2024 +0300 PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() Within kirin_pcie_parse_port(), the pcie->num_slots is compared to pcie->gpio_id_reset size (MAX_PCI_SLOTS) which is correct and would lead to an overflow. Thus, fix condition to pcie->num_slots + 1 >= MAX_PCI_SLOTS and move pcie->num_slots increment below the if-statement to avoid out-of-bounds array access. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: b22dbbb24571 ("PCI: kirin: Support PERST# GPIOs for HiKey970 external PEX 8606 bridge") Link: https://lore.kernel.org/linux-pci/20240903115823.30647-1-adiupina@astralinux.ru Signed-off-by: Alexandra Diupina [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Mauro Carvalho Chehab commit 8745aaab60a63ff57311e9a8dda5dfb0b3a33907 Author: Jinjie Ruan Date: Wed Aug 28 18:42:02 2024 +0800 PCI: altera: Replace TLP_REQ_ID() with macro PCI_DEVID() The TLP_REQ_ID's function is same as current PCI_DEVID() macro, replace it. No functional changes intended. Link: https://lore.kernel.org/linux-pci/20240828104202.3683491-1-ruanjinjie@huawei.com Signed-off-by: Jinjie Ruan Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam commit 88a29f8c5ff97f9e134005d620613f3f9c1aa81a Merge: eb7205b7cbff5f 5474d49b2f79b4 Author: Dave Airlie Date: Fri Sep 6 16:02:05 2024 +1000 Merge tag 'mediatek-drm-next-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/chunkuang.hu/linux into drm-next Mediatek DRM Next for Linux 6.12 1. Support alpha blending 2. Remove cl in struct cmdq_pkt 3. Fixup for ovl adaptor 4. Declare Z Position for all planes 5. Drop unnecessary check for property presence 6. Add dsi per-frame lp code for mt8188 7. Fix missing configuration flags in mtk_crtc_ddp_config() 8. Use spin_lock_irqsave() for CRTC event lock 9. Add power domain binding to the mediatek DPI controller Signed-off-by: Dave Airlie From: Chun-Kuang Hu Link: https://patchwork.freedesktop.org/patch/msgid/20240901131354.2686-1-chunkuang.hu@kernel.org commit 4172a64ef2c4c519a67037fc4edc78277f786fee Author: Dmitry Torokhov Date: Fri Aug 23 22:50:42 2024 -0700 Input: zforce_ts - switch to using asynchronous probing The driver waits for the device to boot, which can be a lengthy process. Switch it to asynchronous probing to allow more devices to be probed simultaneously. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-19-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 6a5180c619ed52f9e05767c78bf7edb04304d9bd Author: Dmitry Torokhov Date: Fri Aug 23 22:50:41 2024 -0700 Input: zforce_ts - remove assert/deassert wrappers The wrappers are extremely simple, used once, and do not bring much value. Remove them. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-18-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 7846bd8b8d3c1f8ee15f47ca9e177bd7a729ce4b Author: Dmitry Torokhov Date: Fri Aug 23 22:50:40 2024 -0700 Input: zforce_ts - do not hardcode interrupt level Stop forcing interrupt to be low level triggered and instead rely on the platform to define proper trigger to allow flexibility in board designs. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-17-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 8f2ef2610f9b7920c5ce847042d5a0193bc42bcb Author: Dmitry Torokhov Date: Fri Aug 23 22:50:39 2024 -0700 Input: zforce_ts - switch to using devm_regulator_get_enable() The driver does not actively manage regulator state past probe() time, so we can use devm_regulator_get_enable() to simplify the code. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-16-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 16ff0224d8a6c7cb52c954c3dad4cb54a7d96720 Author: Dmitry Torokhov Date: Fri Aug 23 22:50:38 2024 -0700 Input: zforce_ts - stop treating VDD regulator as optional This regulator is not optional from the controller point of view, so stop treating it as such. For hard-wired designs that omit the regulator from their device trees regulator subsystem will create a dummy instance. This may introduce unnecessary delay of 100us in case of dummy regulator, but if it is important the driver should be marked as using asynchronous probing to avoid even longer delays waiting for the command completions. Also use usleep_range() instead of udelay() to avoid spinning. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-15-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit b5ed81cc7bccef90e39ee36b0c1f3677686a0fbb Author: Dmitry Torokhov Date: Fri Aug 23 22:50:37 2024 -0700 Input: zforce_ts - make zforce_idtable constant The I2C ID table is not supposed to change; mark it as const. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-14-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 7e168b81e6f84d67c1829d93bf3e6043ba27d074 Author: Dmitry Torokhov Date: Fri Aug 23 22:50:36 2024 -0700 Input: zforce_ts - use dev_err_probe() where appropriate Use dev_err_probe() helper to log deferrals in the devices_deferred debugfs file and avoid extra messages in the logs. Also rename "ret" variables holding error codes only to "error". Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-13-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit c4a8349262aaea42163dbc9171208f712f172d25 Author: Dmitry Torokhov Date: Fri Aug 23 22:50:35 2024 -0700 Input: zforce_ts - do not ignore errors when acquiring regulator We should abort probe on any error besides -ENOENT which signifies that the regulator is not defined in device tree or elsewhere, not only when we see -EPROBE_DEFER. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-12-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 43a48ec581d7e4b6751b236122f7c0a78c99a838 Author: Dmitry Torokhov Date: Fri Aug 23 22:50:34 2024 -0700 Input: zforce_ts - make parsing of contacts less confusing Zforce touch data packet consists of a byte representing number of contacts followed by several chunks with length of 9 bytes representing each contact. Instead of accounting for the leading byte by increasing offset of each field in contacts by one introduce a pointer to contact data and point it appropriately. This avoids awkward constructs like: point.prblty = payload[9 * i + 9]; which makes it seem like there is off-by-one error, in favor of more straightforward: point.prblty = p[8]; Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-11-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 83b6549ee18885c1ac74ae91a7e406e7ed33b5c8 Author: Dmitry Torokhov Date: Fri Aug 23 22:50:33 2024 -0700 Input: zforce_ts - switch to using get_unaligned_le16 Instead of doing conversion from little-endian data to CPU endianness by hand use existing helpers. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-10-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 5c2002677e8f428d63369ea65ee008967147527e Author: Dmitry Torokhov Date: Fri Aug 23 22:50:32 2024 -0700 Input: zforce_ts - use guard notation when acquiring mutexes Guard notation allows for simpler code and ensures that mutexes are automatically released in all code paths. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-9-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 9ba33f6145728c09c8e4578ffa8e94aef47b4e68 Author: Dmitry Torokhov Date: Fri Aug 23 22:50:31 2024 -0700 Input: zforce_ts - ensure that pm_stay_awake() and pm_relax() are balanced There is a small chance that ts->suspending flag may change while the interrupt handler is running. To make sure call to pm_relax() is not skipped on accident use a temporary to hold the original value at the beginning of interrupt. Use READ_ONCE() so that the value is actually fetched at the right time. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-8-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit f388412f707e98735e44341447263ab3e25e7043 Author: Dmitry Torokhov Date: Fri Aug 23 22:50:30 2024 -0700 Input: zforce_ts - remove unneeded locking There is no need to have a lock around calls to i2c_master_send() and i2c_master_recv() as they are not issued concurrently and they are not sharing any buffers. Also there is no need for command_mutex as all commands are issued sequentially. Remove both. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-7-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 624455941015c199ac317c8cf976ac6b02cfdec1 Author: Dmitry Torokhov Date: Fri Aug 23 22:50:29 2024 -0700 Input: zforce_ts - handle errors from input_mt_init_sots() input_mt_init_slots() can potentially return error which needs to be handled. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-6-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit a9d59c206c8c90c916acefbaf3629704bff88266 Author: Dmitry Torokhov Date: Fri Aug 23 22:50:28 2024 -0700 Input: zforce_ts - do not explicitly set EV_SYN, etc bits Input core and various helpers already do that for us, so drop the code setting these bits explicitly. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-5-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit f820b43754cdbd078a0d17122b281f42cbcd2155 Author: Dmitry Torokhov Date: Fri Aug 23 22:50:27 2024 -0700 Input: zforce_ts - remove support for platfrom data There are no in-tree users of platform data and any new ones should either use device tree or static device properties, so let's remove platform data support. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-4-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 5e091a49da06a4a761a0319eb5d37a93f2268dec Author: Dmitry Torokhov Date: Fri Aug 23 22:50:26 2024 -0700 Input: zforce_ts - simplify reporting of slot state input_mt_report_slot_state() returns true if slot is active, so we can combine checks for point.state != STATE_UP. Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-3-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 4a0467ed7387d7ed46f5e46ae6fd44987d1044c0 Author: Sudip Mukherjee Date: Fri Aug 23 22:50:25 2024 -0700 Input: zforce_ts - use devm_add_action_or_reset() If devm_add_action() fails we are explicitly calling the cleanup to free the resources allocated. Lets use the helper devm_add_action_or_reset() and return directly in case of error, as we know that the cleanup function has been already called by the helper if there was any error. Signed-off-by: Sudip Mukherjee Reviewed-by: Heiko Stuebner Tested-by: Andreas Kemnade # Tolino Shine2HD Link: https://lore.kernel.org/r/20240824055047.1706392-2-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 78af00d8937179c051335f0e59db3601edc53ab2 Author: Dmitry Torokhov Date: Sat Aug 24 22:16:21 2024 -0700 Input: tegra-kbc - use guard notation when acquiring mutex and spinlock This makes the code more compact and error handling more robust by ensuring that locks are released in all code paths when control leaves critical section. Acked-by: Thierry Reding Link: https://lore.kernel.org/r/20240825051627.2848495-18-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 22df24590f56e2a8d6d2f428448d9bfd2fcf48ee Author: Dmitry Torokhov Date: Sat Aug 24 22:16:12 2024 -0700 Input: iqs62x-keys - use cleanup facility for fwnodes Use __free(fwnode_handle) cleanup facility to ensure that references to acquired fwnodes are dropped at appropriate times automatically. Reviewed-by: Jeff LaBundy Link: https://lore.kernel.org/r/20240825051627.2848495-9-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 43a365abaf47539f065f6c7890e5433ef10f7381 Author: Dmitry Torokhov Date: Sat Aug 24 22:16:09 2024 -0700 Input: gpio-keys - switch to using cleanup functions Start using __free() and guard() primitives to simplify the code and error handling. This makes the code more compact and error handling more robust by ensuring that locks are released in all code paths when control leaves critical section and all allocated memory is freed. Reviewed-by: Hans de Goede Link: https://lore.kernel.org/r/20240825051627.2848495-6-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 934976f61eceab661cce492831448e01d1b89e4b Author: Dmitry Torokhov Date: Sat Aug 24 22:16:07 2024 -0700 Input: atkbd - use guard notation when acquiring mutex This makes the code more compact and error handling more robust by ensuring that mutexes are released in all code paths when control leaves critical section. Reviewed-by: Hans de Goede Link: https://lore.kernel.org/r/20240825051627.2848495-4-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit d5322d537c2355fb2e7b1b0362a21e9c87c4b585 Author: Dmitry Torokhov Date: Sat Aug 24 22:30:57 2024 -0700 Input: alps - use guard notation when acquiring mutex This makes the code more compact and error handling more robust by ensuring that mutexes are released in all code paths when control leaves critical section. Acked-by: Pali Rohár Link: https://lore.kernel.org/r/ZsrBkWIpyEqzClUG@google.com Signed-off-by: Dmitry Torokhov commit e06edf96dea065dd1d9df695bf8b92784992333e Author: Werner Sembach Date: Thu Sep 5 18:48:51 2024 +0200 Input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk table Some TongFang barebones have touchpad and/or keyboard issues after suspend, fixable with nomux + reset + noloop + nopnp. Luckily, none of them have an external PS/2 port so this can safely be set for all of them. I'm not entirely sure if every device listed really needs all four quirks, but after testing and production use, no negative effects could be observed when setting all four. Signed-off-by: Werner Sembach Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240905164851.771578-1-wse@tuxedocomputers.com Signed-off-by: Dmitry Torokhov commit 8e028d60ee55a61e88c90028d205c4322327fa8f Author: Frank Li Date: Sun Aug 11 17:46:55 2024 -0400 dt-bindings: input: convert rotary-encoder to yaml Convert binding doc rotary-encoder.txt to yaml format. Additional change: - Only keep one example. Fix below warning: arch/arm64/boot/dts/freescale/imx8mn-dimonoff-gateway-evk.dtb: /rotary-encoder: failed to match any schema with compatible: ['rotary-encoder'] Signed-off-by: Frank Li Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240811214656.3773098-1-Frank.Li@nxp.com Signed-off-by: Dmitry Torokhov commit 76930d3d20d595ffffe516df1b3d6a70c4f33bd6 Merge: 502cc061de6692 b0613ba1cd9364 Author: Jakub Kicinski Date: Thu Sep 5 22:02:41 2024 -0700 Merge branch 'add-realtek-automotive-pcie-driver' Justin Lai says: ==================== Add Realtek automotive PCIe driver This series includes adding realtek automotive ethernet driver and adding rtase ethernet driver entry in MAINTAINERS file. This ethernet device driver for the PCIe interface of Realtek Automotive Ethernet Switch,applicable to RTL9054, RTL9068, RTL9072, RTL9075, RTL9068, RTL9071. ==================== Link: https://patch.msgid.link/20240904032114.247117-1-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit b0613ba1cd9364a8ed4689cabd4b53bd0f865ae0 Author: Justin Lai Date: Wed Sep 4 11:21:14 2024 +0800 MAINTAINERS: Add the rtase ethernet driver entry Add myself and Larry Chiu as the maintainer for the rtase ethernet driver. Signed-off-by: Justin Lai Link: https://patch.msgid.link/20240904032114.247117-14-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit ad61903add56561b72b49d717c01563cf1535781 Author: Justin Lai Date: Wed Sep 4 11:21:13 2024 +0800 realtek: Update the Makefile and Kconfig in the realtek folder 1. Add the RTASE entry in the Kconfig. 2. Add the CONFIG_RTASE entry in the Makefile. Signed-off-by: Justin Lai Link: https://patch.msgid.link/20240904032114.247117-13-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit 14cb81d1359e2bf4e0a48ed74f66d12f06a21a8f Author: Justin Lai Date: Wed Sep 4 11:21:12 2024 +0800 rtase: Add a Makefile in the rtase folder Add a Makefile in the rtase folder to build rtase driver. Signed-off-by: Justin Lai Link: https://patch.msgid.link/20240904032114.247117-12-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit dd7f17c40fd1cec1db2b8e693832a5ce852433ba Author: Justin Lai Date: Wed Sep 4 11:21:11 2024 +0800 rtase: Implement ethtool function Implement the ethtool function to support users to obtain network card information, including obtaining various device settings, Report whether physical link is up, Report pause parameters, Set pause parameters, Return extended statistics about the device. Signed-off-by: Justin Lai Link: https://patch.msgid.link/20240904032114.247117-11-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit a25a0b070c5160b44707fa1dfbf32d3d84e4224f Author: Justin Lai Date: Wed Sep 4 11:21:10 2024 +0800 rtase: Implement pci_driver suspend and resume function Implement the pci_driver suspend function to enable the device to sleep, and implement the resume function to enable the device to resume operation. Signed-off-by: Justin Lai Link: https://patch.msgid.link/20240904032114.247117-10-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit 0796004899601249e26c3fa474e7c248e4d2568f Author: Justin Lai Date: Wed Sep 4 11:21:09 2024 +0800 rtase: Implement net_device_ops 1. Implement .ndo_set_rx_mode so that the device can change address list filtering. 2. Implement .ndo_set_mac_address so that mac address can be changed. 3. Implement .ndo_change_mtu so that mtu can be changed. 4. Implement .ndo_tx_timeout to perform related processing when the transmitter does not make any progress. 5. Implement .ndo_get_stats64 to provide statistics that are called when the user wants to get network device usage. 6. Implement .ndo_vlan_rx_add_vid to register VLAN ID when the device supports VLAN filtering. 7. Implement .ndo_vlan_rx_kill_vid to unregister VLAN ID when the device supports VLAN filtering. 8. Implement the .ndo_setup_tc to enable setting any "tc" scheduler, classifier or action on dev. 9. Implement .ndo_fix_features enables adjusting requested feature flags based on device-specific constraints. 10. Implement .ndo_set_features enables updating device configuration to new features. Signed-off-by: Justin Lai Link: https://patch.msgid.link/20240904032114.247117-9-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit cf7226c808452aa5d2597fe23b864d7d2045cd70 Author: Justin Lai Date: Wed Sep 4 11:21:08 2024 +0800 rtase: Implement a function to receive packets Implement rx_handler to read the information of the rx descriptor, thereby checking the packet accordingly and storing the packet in the socket buffer to complete the reception of the packet. Signed-off-by: Justin Lai Link: https://patch.msgid.link/20240904032114.247117-8-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit d6e882b89fdf80be0ab4f914ec10f75215e49495 Author: Justin Lai Date: Wed Sep 4 11:21:07 2024 +0800 rtase: Implement .ndo_start_xmit function Implement .ndo_start_xmit function to fill the information of the packet to be transmitted into the tx descriptor, and then the hardware will transmit the packet using the information in the tx descriptor. In addition, we also implemented the tx_handler function to enable the tx descriptor to be reused. Signed-off-by: Justin Lai Link: https://patch.msgid.link/20240904032114.247117-7-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit 85dd839ad1e52b2d32499b8ee3861fd958bfa96b Author: Justin Lai Date: Wed Sep 4 11:21:06 2024 +0800 rtase: Implement hardware configuration function Implement rtase_hw_config to set default hardware settings, including setting interrupt mitigation, tx/rx DMA burst, interframe gap time, rx packet filter, near fifo threshold and fill descriptor ring and tally counter address, and enable flow control. When filling the rx descriptor ring, the first group of queues needs to be processed separately because the positions of the first group of queues are not regular with other subsequent groups. The other queues are all newly added features, but we want to retain the original design. So they were not put together. Signed-off-by: Justin Lai Link: https://patch.msgid.link/20240904032114.247117-6-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit 2bbba79e348d872510cadb9783a11896634062ec Author: Justin Lai Date: Wed Sep 4 11:21:05 2024 +0800 rtase: Implement the interrupt routine and rtase_poll 1. Implement rtase_interrupt to handle txQ0/rxQ0, txQ4~txQ7 interrupts, and implement rtase_q_interrupt to handle txQ1/rxQ1, txQ2/rxQ2 and txQ3/rxQ3 interrupts. 2. Implement rtase_poll to call ring_handler to process the tx or rx packet of each ring. If the returned value is budget,it means that there is still work of a certain ring that has not yet been completed. Signed-off-by: Justin Lai Link: https://patch.msgid.link/20240904032114.247117-5-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit 5a2a2f15244cd3c0de396ec8bf7121ef6121994b Author: Justin Lai Date: Wed Sep 4 11:21:04 2024 +0800 rtase: Implement the rtase_down function Implement the rtase_down function to disable hardware setting and interrupt and clear descriptor ring. Signed-off-by: Justin Lai Link: https://patch.msgid.link/20240904032114.247117-4-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit ea244d7d8dce074e8a38e658ecd2e96abed288af Author: Justin Lai Date: Wed Sep 4 11:21:03 2024 +0800 rtase: Implement the .ndo_open function Implement the .ndo_open function to set default hardware settings and initialize the descriptor ring and interrupts. Among them, when requesting interrupt, because the first group of interrupts needs to process more events, the overall structure and interrupt handler will be different from other groups of interrupts, so it needs to be handled separately. The first set of interrupt handlers need to handle the interrupt status of RXQ0 and TXQ0, TXQ4~7, while other groups of interrupt handlers will handle the interrupt status of RXQ1&TXQ1 or RXQ2&TXQ2 or RXQ3&TXQ3 according to the interrupt vector. Signed-off-by: Justin Lai Link: https://patch.msgid.link/20240904032114.247117-3-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit a36e9f5cfe9eb3a1dce8769c7058251c42705357 Author: Justin Lai Date: Wed Sep 4 11:21:02 2024 +0800 rtase: Add support for a pci table in this module Add support for a pci table in this module, and implement pci_driver function to initialize this driver, remove this driver, or shutdown this driver. Signed-off-by: Justin Lai Link: https://patch.msgid.link/20240904032114.247117-2-justinlai0215@realtek.com Signed-off-by: Jakub Kicinski commit f057b57270c2a17d3f45c177e9434fa5745caa48 Merge: a790df272a20dc de35996d4b3647 Author: Dmitry Torokhov Date: Thu Sep 5 21:49:07 2024 -0700 Merge branch 'ib/6.11-rc6-matrix-keypad-spitz' into next Bring in changes removing support for platform data from matrix-keypad driver. commit de35996d4b364749194c5b473d1912578880833e Author: Dmitry Torokhov Date: Sun Aug 4 18:47:08 2024 -0700 Input: matrix_keypad - remove support for platform data There are no more users of struct matrix_keypad_platform_data in the kernel, remove support for it from the driver. Acked-by: Arnd Bergmann Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240805014710.1961677-6-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 1b05a701375107b2c2beae9c518b8e1a3819e086 Author: Dmitry Torokhov Date: Sun Aug 4 18:47:07 2024 -0700 ARM: spitz: Use software nodes/properties for the matrix keypad Convert the Spitz to use software nodes and static properties to describe GPIOs and other parameters of its matrix keypad. Acked-by: Arnd Bergmann Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240805014710.1961677-5-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 11d29702ad20d40e5ba7011d72bf7382b07c8435 Author: Dmitry Torokhov Date: Sun Aug 4 18:47:06 2024 -0700 ARM: spitz: Use software nodes/properties for the GPIO-driven buttons Convert the Spitz to use software nodes and static properties to describe GPIOs for the GPIO-driven buttons. Acked-by: Arnd Bergmann Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240805014710.1961677-4-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 584bf366f8fa8b588437d452af0cbb445fbbbe5d Author: Dmitry Torokhov Date: Sun Aug 4 18:47:05 2024 -0700 Input: matrix_keypad - switch to gpiod API and generic device properties gpiod API and generic device properties work with software nodes and static properties, which will allow removing platform data support from the driver, simplifying and streamlining the code. Acked-by: Arnd Bergmann Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240805014710.1961677-3-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 5080f62adb126e28d316298505272efea0aed81a Author: Dmitry Torokhov Date: Sun Aug 4 18:47:04 2024 -0700 Input: matrix_keypad - remove support for clustered interrupt There are no users of this functionality in the mainline kernel (it was only available to boards using platform data and not device tree). Remove it to simplify the code. Acked-by: Arnd Bergmann Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240805014710.1961677-2-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 502cc061de6692a9a8ca9bcf486de78e2664e869 Merge: e10034e38e9da2 d759ee240d3c0c Author: Jakub Kicinski Date: Thu Sep 5 20:27:09 2024 -0700 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Cross-merge networking fixes after downstream PR. Conflicts: drivers/net/phy/phy_device.c 2560db6ede1a ("net: phy: Fix missing of_node_put() for leds") 1dce520abd46 ("net: phy: Use for_each_available_child_of_node_scoped()") https://lore.kernel.org/20240904115823.74333648@canb.auug.org.au Adjacent changes: drivers/net/ethernet/xilinx/xilinx_axienet.h drivers/net/ethernet/xilinx/xilinx_axienet_main.c 858430db28a5 ("net: xilinx: axienet: Fix race in axienet_stop") 76abb5d675c4 ("net: xilinx: axienet: Add statistics support") Signed-off-by: Jakub Kicinski commit e10034e38e9da2a644f2aa73f2f46bb7beb8620b Author: Donald Hunter Date: Wed Sep 4 10:10:24 2024 +0100 netlink: specs: nftables: allow decode of tailscale ruleset Fill another small gap in the nftables spec so that it is possible to dump a tailscale ruleset with: tools/net/ynl/cli.py --spec \ Documentation/netlink/specs/nftables.yaml --dump getrule This adds support for the 'target' expression. Signed-off-by: Donald Hunter Link: https://patch.msgid.link/20240904091024.3138-1-donald.hunter@gmail.com Signed-off-by: Jakub Kicinski commit 08062af0a52107a243f7608fd972edb54ca5b7f8 Author: Joe Damato Date: Wed Sep 4 15:34:30 2024 +0000 net: napi: Prevent overflow of napi_defer_hard_irqs In commit 6f8b12d661d0 ("net: napi: add hard irqs deferral feature") napi_defer_irqs was added to net_device and napi_defer_irqs_count was added to napi_struct, both as type int. This value never goes below zero, so there is not reason for it to be a signed int. Change the type for both from int to u32, and add an overflow check to sysfs to limit the value to S32_MAX. The limit of S32_MAX was chosen because the practical limit before this patch was S32_MAX (anything larger was an overflow) and thus there are no behavioral changes introduced. If the extra bit is needed in the future, the limit can be raised. Before this patch: $ sudo bash -c 'echo 2147483649 > /sys/class/net/eth4/napi_defer_hard_irqs' $ cat /sys/class/net/eth4/napi_defer_hard_irqs -2147483647 After this patch: $ sudo bash -c 'echo 2147483649 > /sys/class/net/eth4/napi_defer_hard_irqs' bash: line 0: echo: write error: Numerical result out of range Similarly, /sys/class/net/XXXXX/tx_queue_len is defined as unsigned: include/linux/netdevice.h: unsigned int tx_queue_len; And has an overflow check: dev_change_tx_queue_len(..., unsigned long new_len): if (new_len != (unsigned int)new_len) return -ERANGE; Suggested-by: Jakub Kicinski Signed-off-by: Joe Damato Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240904153431.307932-1-jdamato@fastly.com Signed-off-by: Jakub Kicinski commit eb7205b7cbff5f9ddafedf82b62590aae0a72dc0 Merge: e066e9aa4d9c86 963ed4efe0c641 Author: Dave Airlie Date: Fri Sep 6 11:24:37 2024 +1000 Merge tag 'drm-intel-next-2024-09-03' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-next - Fix probe on 'nomodeset and deprecate i915.modeset=0 (Jani) - Update new entries in VBT BDB block definitions (Dnyaneshwar) - Fix clang build (Andy Shevchenko) - More clean up on drvdata usage in display code (Jani) - Increase fastwake DP sync pulse count as a quirk (Jouni) Signed-off-by: Dave Airlie From: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/ZtcqaxYKgA5F7BXT@intel.com commit 757eebc10839de8b16a29192382584a5e5a36173 Author: John B. Wyatt IV Date: Wed Sep 4 22:19:11 2024 -0400 MAINTAINERS: Add Maintainers for SWIG Python bindings Adding myself as the primary maintainer and John Kacur as the backup maintainer for the libcpupower SWIG generated Python bindings. Suggested-by: Shuah Khan Signed-off-by: John B. Wyatt IV Signed-off-by: John B. Wyatt IV Signed-off-by: Shuah Khan commit 660475266b744ab02695c6f3cdf28b120b884125 Author: John B. Wyatt IV Date: Wed Sep 4 22:19:10 2024 -0400 pm:cpupower: Include test_raw_pylibcpupower.py This script demonstrates how to make use of, and tests, the bindings. In the future, this script could become part of a larger test suite to test the bindings and libcpupower. Signed-off-by: John B. Wyatt IV Signed-off-by: John B. Wyatt IV Signed-off-by: Shuah Khan commit 338f490e07bc9e83c6fe60125ed9dea3e5d6a45d Author: John B. Wyatt IV Date: Wed Sep 4 22:19:09 2024 -0400 pm:cpupower: Add SWIG bindings files for libcpupower SWIG is a tool packaged in Fedora and other distros that can generate bindings from C and C++ code for several languages including Python, Perl, and Go. These bindings allows users to easily write scripts that use and extend libcpupower's functionality. Currently, only Python is provided in the makefile, but additional languages may be added if there is demand. Added suggestions from Shuah Khan for the README and license discussion. Note that while SWIG itself is GPL v3+ licensed; the resulting output, the bindings code, is permissively licensed + the license of the .o files. Please see https://swig.org/legal.html and [1] for more details. [1] https://lore.kernel.org/linux-pm/Zqv9BOjxLAgyNP5B@hatbackup/ Suggested-by: Shuah Khan Signed-off-by: John B. Wyatt IV Signed-off-by: John B. Wyatt IV Signed-off-by: Shuah Khan commit 4b80294fb53845dc5c98cca0c989da09150f2ca9 Author: John B. Wyatt IV Date: Wed Sep 4 22:19:08 2024 -0400 pm:cpupower: Add missing powercap_set_enabled() stub function There was a symbol listed in the powercap.h file that was not implemented. Implement it with a stub return of 0. Programs like SWIG require that functions that are defined in the headers be implemented. Fixes: c2294c1496b7 ("cpupower: Introduce powercap intel-rapl library and powercap-info command") Suggested-by: Shuah Khan Signed-off-by: John B. Wyatt IV Signed-off-by: John B. Wyatt IV Signed-off-by: Shuah Khan commit 04bb60d0dfd13ac51c0294ea1c3b78a783b7d22d Merge: 2db2b8cb8f96bb 1b3bc648f5067d Author: Alexei Starovoitov Date: Thu Sep 5 17:02:03 2024 -0700 Merge branch 'allow-kfuncs-in-tracepoint-and-perf-event' JP Kobryn says: ==================== allow kfuncs in tracepoint and perf event It is possible to call a cpumask kfunc within a raw tp_btf program but not possible within tracepoint or perf event programs. Currently, the verifier receives -EACCESS from fetch_kfunc_meta() as a result of not finding any kfunc hook associated with these program types. This patch series associates tracepoint and perf event program types with the tracing hook and includes test coverage. Pre-submission CI run: https://github.com/kernel-patches/bpf/pull/7674 v3: - map tracepoint and perf event progs to tracing kfunc hook - expand existing verifier tests for kfuncs - remove explicit registrations from v2 - no longer including kprobes v2: - create new kfunc hooks for tracepoint and perf event - map tracepoint, and perf event prog types to kfunc hooks - register cpumask kfuncs with prog types in focus - expand existing verifier tests for cpumask kfuncs v1: - map tracepoint type progs to tracing kfunc hook - new selftests for calling cpumask kfuncs in tracepoint prog --- ==================== Link: https://lore.kernel.org/r/20240905223812.141857-1-inwardvessel@gmail.com Signed-off-by: Alexei Starovoitov commit 1b3bc648f5067d32959d7389a7c17c8c04e8e689 Author: JP Kobryn Date: Thu Sep 5 15:38:12 2024 -0700 bpf/selftests: coverage for tp and perf event progs using kfuncs This coverage ensures that kfuncs are allowed within tracepoint and perf event programs. Signed-off-by: JP Kobryn Link: https://lore.kernel.org/r/20240905223812.141857-3-inwardvessel@gmail.com Signed-off-by: Alexei Starovoitov commit bc638d8cb5be813d4eeb9f63cce52caaa18f3960 Author: JP Kobryn Date: Thu Sep 5 15:38:11 2024 -0700 bpf: allow kfuncs within tracepoint and perf event programs Associate tracepoint and perf event program types with the kfunc tracing hook. This allows calling kfuncs within these types of programs. Signed-off-by: JP Kobryn Link: https://lore.kernel.org/r/20240905223812.141857-2-inwardvessel@gmail.com Signed-off-by: Alexei Starovoitov commit 2db2b8cb8f96bb1def9904abbc859d95e3fbf99c Author: Andrii Nakryiko Date: Thu Sep 5 14:05:20 2024 -0700 bpf: change int cmd argument in __sys_bpf into typed enum bpf_cmd This improves BTF data recorded about this function and makes debugging/tracing better, because now command can be displayed as symbolic name, instead of obscure number. Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240905210520.2252984-1-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit c8ddc99eeba5f00b65efeae920eec3990bfc34ca Author: Aaron Lu Date: Thu Sep 5 16:08:55 2024 +0800 x86/sgx: Log information when a node lacks an EPC section For optimized performance, firmware typically distributes EPC sections evenly across different NUMA nodes. However, there are scenarios where a node may have both CPUs and memory but no EPC section configured. For example, in an 8-socket system with a Sub-Numa-Cluster=2 setup, there are a total of 16 nodes. Given that the maximum number of supported EPC sections is 8, it is simply not feasible to assign one EPC section to each node. This configuration is not incorrect - SGX will still operate correctly; it is just not optimized from a NUMA standpoint. For this reason, log a message when a node with both CPUs and memory lacks an EPC section. This will provide users with a hint as to why they might be experiencing less-than-ideal performance when running SGX enclaves. Suggested-by: Dave Hansen Signed-off-by: Aaron Lu Signed-off-by: Dave Hansen Reviewed-by: Jarkko Sakkinen Acked-by: Kai Huang Link: https://lore.kernel.org/all/20240905080855.1699814-3-aaron.lu%40intel.com commit 9c936844010466535bd46ea4ce4656ef17653644 Author: Aaron Lu Date: Thu Sep 5 16:08:54 2024 +0800 x86/sgx: Fix deadlock in SGX NUMA node search When the current node doesn't have an EPC section configured by firmware and all other EPC sections are used up, CPU can get stuck inside the while loop that looks for an available EPC page from remote nodes indefinitely, leading to a soft lockup. Note how nid_of_current will never be equal to nid in that while loop because nid_of_current is not set in sgx_numa_mask. Also worth mentioning is that it's perfectly fine for the firmware not to setup an EPC section on a node. While setting up an EPC section on each node can enhance performance, it is not a requirement for functionality. Rework the loop to start and end on *a* node that has SGX memory. This avoids the deadlock looking for the current SGX-lacking node to show up in the loop when it never will. Fixes: 901ddbb9ecf5 ("x86/sgx: Add a basic NUMA allocation scheme to sgx_alloc_epc_page()") Reported-by: "Molina Sabido, Gerardo" Signed-off-by: Aaron Lu Signed-off-by: Dave Hansen Reviewed-by: Kai Huang Reviewed-by: Jarkko Sakkinen Acked-by: Dave Hansen Tested-by: Zhimin Luo Link: https://lore.kernel.org/all/20240905080855.1699814-2-aaron.lu%40intel.com commit 9934a1bd45b2b03f6d1204a6ae2780d3b009799f Author: Bartosz Golaszewski Date: Mon Aug 5 10:57:31 2024 +0200 clk: provide devm_clk_get_optional_enabled_with_rate() There are clock users in the kernel that can't use devm_clk_get_optional_enabled() as they need to set rate after getting the clock and before enabling it. Provide a managed helper that wraps these operations in the correct order. Signed-off-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240805-clk-new-helper-v2-1-e5fdd1e1d729@linaro.org Signed-off-by: Stephen Boyd commit 706ae6446494b4523d33b0d96ea1fd9d50ca9be6 Author: Nikita Shubin Date: Wed Sep 4 14:41:07 2024 +0300 clk: fixed-rate: add devm_clk_hw_register_fixed_rate_parent_data() Add devm_clk_hw_register_fixed_rate_parent_data(), devres-managed helper to register fixed-rate clock with parent_data. Signed-off-by: Nikita Shubin Link: https://lore.kernel.org/r/20240904-devm_clk_hw_register_fixed_rate_parent_data-v1-1-7f14d6b456e5@maquefel.me Signed-off-by: Stephen Boyd commit 93dc3be19450447a3a7090bd1dfb9f3daac3e8d2 Author: Miguel Ojeda Date: Mon Sep 2 18:55:33 2024 +0200 docs: rust: include other expressions in conditional compilation section Expand the conditional compilation section to explain how to support other expressions, such as testing whether `RUSTC_VERSION` is at least a given version, which requires a numerical comparison that Rust's `cfg` predicates do not support (yet?). Reviewed-by: Nicolas Schier Tested-by: Alice Ryhl Acked-by: Masahiro Yamada Link: https://lore.kernel.org/r/20240902165535.1101978-7-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit aeb0e24abbebebff3b5ac65486c933d0ecd5cf81 Author: Miguel Ojeda Date: Mon Sep 2 18:55:31 2024 +0200 kbuild: rust: replace proc macros dependency on `core.o` with the version text With the `RUSTC_VERSION_TEXT` rebuild support in place, now proc macros can depend on that instead of `core.o`. This means that both the `core` and `macros` crates can be built in parallel, and that touching `core.o` does not trigger a rebuild of the proc macros. This could be accomplished using the same approach as for `core` (i.e. depending directly on `include/config/RUSTC_VERSION_TEXT`). However, that is considered an implementation detail [1], and thus it is best to avoid it. Instead, let fixdep find a string that we explicitly write down in the source code for this purpose (like it is done for `include/linux/compiler-version.h`), which we can easily do (unlike for `core`) since this is our own source code. Suggested-by: Masahiro Yamada Link: https://lore.kernel.org/rust-for-linux/CAK7LNAQBG0nDupXSgAAk-6nOqeqGVkr3H1RjYaqRJ1OxmLm6xA@mail.gmail.com/ [1] Reviewed-by: Nicolas Schier Tested-by: Alice Ryhl Acked-by: Masahiro Yamada Link: https://lore.kernel.org/r/20240902165535.1101978-5-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit ac3e972629a69e118e3867531df936a6ce5e5f5a Author: Miguel Ojeda Date: Mon Sep 2 18:55:30 2024 +0200 kbuild: rust: rebuild if the version text changes Now that `RUSTC_VERSION_TEXT` exists, use it to rebuild `core` when the version text changes (which in turn will trigger a rebuild of all the kernel Rust code). This also applies to proc macros (which only work with the `rustc` that compiled them), via the already existing dependency on `core.o`. That is cleaned up in the next commit. However, this does not cover host programs written in Rust, which is the same case in the C side. This is accomplished by referencing directly the generated file, instead of using the `fixdep` header trick, since we cannot change the Rust standard library sources. This is not too much of a burden, since it only needs to be done for `core`. Tested-by: Alice Ryhl Reviewed-by: Nicolas Schier Acked-by: Masahiro Yamada Link: https://lore.kernel.org/r/20240902165535.1101978-4-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit 5134a335cfe6ebdd2420e15b5f6c06915040aa51 Author: Miguel Ojeda Date: Mon Sep 2 18:55:29 2024 +0200 kbuild: rust: re-run Kconfig if the version text changes Re-run Kconfig if we detect the Rust compiler has changed via the version text, like it is done for C. Unlike C, and unlike `RUSTC_VERSION`, the `RUSTC_VERSION_TEXT` is kept under `depends on RUST`, since it should not be needed unless `RUST` is enabled. Reviewed-by: Nicolas Schier Tested-by: Alice Ryhl Acked-by: Masahiro Yamada Link: https://lore.kernel.org/r/20240902165535.1101978-3-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit 6e74c6b5a42e6a7313fcd29e814f211b392a00f5 Author: Miguel Ojeda Date: Mon Sep 2 18:55:28 2024 +0200 kbuild: rust: add `CONFIG_RUSTC_VERSION` Now that we support several Rust versions, introduce `CONFIG_RUSTC_VERSION` so that it can be used in Kconfig to enable and disable configuration options based on the `rustc` version. The approach taken resembles `pahole`'s -- see commit 613fe1692377 ("kbuild: Add CONFIG_PAHOLE_VERSION"), i.e. a simple version parsing without trying to identify several kinds of compilers, since so far there is only one (`rustc`). However, unlike `pahole`'s, we also print a zero if executing failed for any reason, rather than checking if the command is found and executable (which still leaves things like a file that exists and is executable, but e.g. is built for another platform [1]). An equivalent approach to the one here was also submitted for `pahole` [2]. Link: https://lore.kernel.org/rust-for-linux/CANiq72=4vX_tJMJLE6e+bg7ZECHkS-AQpm8GBzuK75G1EB7+Nw@mail.gmail.com/ [1] Link: https://lore.kernel.org/linux-kbuild/20240728125527.690726-1-ojeda@kernel.org/ [2] Reviewed-by: Nicolas Schier Tested-by: Alice Ryhl Acked-by: Masahiro Yamada Link: https://lore.kernel.org/r/20240902165535.1101978-2-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit 49417ad48abb8ddb56168da19ff173d8241bdba5 Author: Dongliang Mu Date: Tue Jun 11 10:04:36 2024 +0800 docs/zh_CN: update the translation of security-bugs Update to commit 5928d411557e ("Documentation: Document the Linux Kernel CVE process") commit 0217f3944aeb ("Documentation: security-bugs.rst: linux-distros relaxed their rules") commit 3c1897ae4b6b ("Documentation: security-bugs.rst: clarify CVE handling") commit 4fee0915e649 ("Documentation: security-bugs.rst: update preferences when dealing with the linux-distros group") commit 44ac5abac86b ("Documentation/security-bugs: move from admin-guide/ to process/") Signed-off-by: Dongliang Mu Reviewed-by: Alex Shi Reviewed-by: Yanteng Si Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240611020514.48770-1-dzm91@hust.edu.cn commit 2259b06938410a47bde8ac43c5c9cde433064ce1 Author: Karol Przybylski Date: Wed Aug 14 17:55:58 2024 +0200 docs: block: Fix grammar and spelling mistakes in bfq-iosched.rst This patch corrects several grammar and spelling errors in the Documentation/block/bfq-iosched.rst file. These changes improve the clarity and readability of the documentation. Signed-off-by: Karol Przybylski Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240814155558.3672833-1-karprzy7@gmail.com commit 4538480b27a94522ff6432b2d728fafc74f61829 Author: Amit Vadhavana Date: Sat Aug 17 12:57:24 2024 +0530 Documentation: Fix spelling mistakes Correct spelling mistakes in the documentation to improve readability. Signed-off-by: Amit Vadhavana Reviewed-by: Bjorn Helgaas Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240817072724.6861-1-av2082000@gmail.com commit 4a93831daadd9652539db7af77434939e6e44c9e Author: Aryabhatta Dey Date: Tue Aug 27 18:48:52 2024 +0530 Documentation/gpu: Fix typo in Documentation/gpu/komeda-kms.rst Change 'indenpendently' to 'independently'. Signed-off-by: Aryabhatta Dey Acked-by: Liviu Dudau Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/l5wzytcamcc43eadaquqbrfqilq6ajfnnseh37c77eceamtw35@hhtdipi4h22c commit 9b8a79f4c1d844d52273a31bc6511fa8ab5e8669 Author: Sebastian Muxel Date: Tue Aug 27 15:32:24 2024 +0200 scripts: sphinx-pre-install: remove unnecessary double check for $cur_version $cur_version is currently being tested twice with the first test resulting in an unhelpful "$sphinx returned an error", not continuing to the more helpful "$sphinx didn't return its version". This patch removes the first test to return the more useful message. Fixes: a8b380c379ef ("scripts: sphinx-pre-install: only ask to activate valid venvs") Signed-off-by: Sebastian Muxel Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240827133224.160776-1-sebastian@muxel.dev commit bc6cb62007fd6e321385d2df6fae3c38b53c0a82 Author: Bibo Mao Date: Wed Aug 28 12:59:50 2024 +0800 Loongarch: KVM: Add KVM hypercalls documentation for LoongArch Add documentation topic for using pv_virt when running as a guest on KVM hypervisor. Signed-off-by: Bibo Mao Signed-off-by: Xianglai Li Co-developed-by: Mingcong Bai Signed-off-by: Mingcong Bai Link: https://lore.kernel.org/all/5c338084b1bcccc1d57dce9ddb1e7081@aosc.io/ Signed-off-by: Dandan Zhang [jc: fixed htmldocs build error] Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/4769C036576F8816+20240828045950.3484113-1-zhangdandan@uniontech.com commit 1ae497c78f01855f3695b58481311ffdd429b028 Author: Shung-Hsi Yu Date: Thu Sep 5 13:52:32 2024 +0800 bpf: use type_may_be_null() helper for nullable-param check Commit 980ca8ceeae6 ("bpf: check bpf_dummy_struct_ops program params for test runs") does bitwise AND between reg_type and PTR_MAYBE_NULL, which is correct, but due to type difference the compiler complains: net/bpf/bpf_dummy_struct_ops.c:118:31: warning: bitwise operation between different enumeration types ('const enum bpf_reg_type' and 'enum bpf_type_flag') [-Wenum-enum-conversion] 118 | if (info && (info->reg_type & PTR_MAYBE_NULL)) | ~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~~ Workaround the warning by moving the type_may_be_null() helper from verifier.c into bpf_verifier.h, and reuse it here to check whether param is nullable. Fixes: 980ca8ceeae6 ("bpf: check bpf_dummy_struct_ops program params for test runs") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202404241956.HEiRYwWq-lkp@intel.com/ Signed-off-by: Shung-Hsi Yu Acked-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240905055233.70203-1-shung-hsi.yu@suse.com Signed-off-by: Alexei Starovoitov commit e04eb52bfaf436e5d04e3a774a60e753a5a2f49e Author: Guilherme G. Piccoli Date: Wed Aug 28 11:48:58 2024 -0300 Documentation: Document the kernel flag bdev_allow_write_mounted Commit ed5cc702d311 ("block: Add config option to not allow writing to mounted devices") added a Kconfig option along with a kernel command-line tuning to control writes to mounted block devices, as a means to deal with fuzzers like Syzkaller, that provokes kernel crashes by directly writing on block devices bypassing the filesystem (so the FS has no awareness and cannot cope with that). The patch just missed adding such kernel command-line option to the kernel documentation, so let's fix that. Cc: Bart Van Assche Cc: Darrick J. Wong Cc: Jens Axboe Reviewed-by: Jan Kara Signed-off-by: Guilherme G. Piccoli Reviewed-by: Darrick J. Wong Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240828145045.309835-1-gpiccoli@igalia.com commit 34ea875cca2c2fa4ec8b70fc2b21ee6c7878740e Author: I Hsin Cheng Date: Thu Aug 29 00:50:36 2024 +0800 docs: scheduler: completion: Update member of struct completion The member "wait" in struct completion isn't of type wait_queue_head_t anymore, as it is now "struct swait_queue_head", fix it to match with the current implementation. Signed-off-by: I Hsin Cheng Reviewed-by: Kuan-Wei Chiu Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240828165036.178011-1-richard120310@gmail.com commit 93292980f390b9245d8e3ce9b0b6c94ee45be217 Author: Akira Yokosawa Date: Thu Sep 5 14:09:41 2024 +0900 docs: kerneldoc-preamble.sty: Suppress extra spaces in CJK literal blocks In zh_CN part of translations.pdf, there are several ASCII-art diagrams whose vertical lines look sometimes jagged. This is due to the interference between default settings of xeCJK and fancyvrb (employed in sphinxVerbatim env), where extra space is inserted between a latin char and a non-latin char when they are next to each other (i.e., no explicit white space). This issue can be suppressed by invoking \CJKsetecglue{} at the beginning of every sphinxVerbatim enviornment. \AtBeginEnvironment, provided by the etoolbox package, is useful in this case. Signed-off-by: Akira Yokosawa Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240905050941.31439-1-akiyks@gmail.com commit e00bf11185033456f3d4345bcd366df1f7cc7255 Author: David Jander Date: Wed Sep 4 16:07:57 2024 +0200 arm64: dts: rockchip: add CAN0 and CAN1 interfaces to mecsbc board This patch adds support for the CAN0 and CAN1 interfaces to the board. Signed-off-by: David Jander Tested-by: Alibek Omarov Reviewed-by: Heiko Stuebner Signed-off-by: Marc Kleine-Budde Link: https://lore.kernel.org/r/20240904-rk3568-canfd-v1-2-73bda5fb4e03@pengutronix.de Signed-off-by: Heiko Stuebner commit 687d6009ae28d51a081c3d6f66c29d195a5cda2f Author: David Jander Date: Wed Sep 4 16:07:56 2024 +0200 arm64: dts: rockchip: add CAN-FD controller nodes to rk3568 Add nodes to the rk3568 devicetree to support the CAN-FD controllers. Signed-off-by: David Jander Tested-by: Alibek Omarov Reviewed-by: Heiko Stuebner Signed-off-by: Marc Kleine-Budde Link: https://lore.kernel.org/r/20240904-rk3568-canfd-v1-1-73bda5fb4e03@pengutronix.de Signed-off-by: Heiko Stuebner commit b9d32677ff1c2fe6c9c97c23341c6d69254d89cd Merge: bd4d67f8ae55d4 95b1c5d17832f6 Author: Alexei Starovoitov Date: Thu Sep 5 13:13:41 2024 -0700 Merge branch 'local-vmtest-enhancement-and-rv64-enabled' Pu Lehui says: ==================== Local vmtest enhancement and RV64 enabled Patch 1-3 fix some problem about bpf selftests. Patch 4 add local rootfs image support for vmtest. Patch 5 enable cross-platform testing for vmtest. Patch 6-10 enable vmtest on RV64. We can now perform cross platform testing for riscv64 bpf using the following command: PLATFORM=riscv64 CROSS_COMPILE=riscv64-linux-gnu- \ tools/testing/selftests/bpf/vmtest.sh \ -l -- \ ./test_progs -d \ \"$(cat tools/testing/selftests/bpf/DENYLIST.riscv64 \ | cut -d'#' -f1 \ | sed -e 's/^[[:space:]]*//' \ -e 's/[[:space:]]*$//' \ | tr -s '\n' ',' \ )\" For better regression, we rely on commit [0]. And since the work of riscv ftrace to remove stop_machine atomic replacement is in progress, we also need to revert commit [1] [2]. The test platform is x86_64 architecture, and the versions of relevant components are as follows: QEMU: 8.2.0 CLANG: 17.0.6 (align to BPF CI) ROOTFS: ubuntu noble (generated by [3]) Link: https://lore.kernel.org/all/20240831071520.1630360-1-pulehui@huaweicloud.com/ [0] Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3308172276db [1] Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7caa9765465f [2] Link: https://github.com/libbpf/ci/blob/main/rootfs/mkrootfs_debian.sh [3] v3: - Use llvm static linking when detecting that feature-llvm is enabled - Add Acked-by by Eduard v2: https://lore.kernel.org/all/20240904141951.1139090-1-pulehui@huaweicloud.com/ - Drop patch about relaxing Zbb insns restrictions. - Add local rootfs image support - Add description about running vmtest on RV64 - Fix some problem about bpf selftests v1: https://lore.kernel.org/all/20240328124916.293173-1-pulehui@huaweicloud.com/ ==================== Acked-by: Daniel Borkmann Tested-by: Daniel Borkmann Link: https://lore.kernel.org/r/20240905081401.1894789-1-pulehui@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 95b1c5d17832f61d0438cd5060a997bafaf75f2c Author: Pu Lehui Date: Thu Sep 5 08:14:01 2024 +0000 selftests/bpf: Add description for running vmtest on RV64 Add description in tools/testing/selftests/bpf/README.rst for running vmtest on RV64. Signed-off-by: Pu Lehui Link: https://lore.kernel.org/r/20240905081401.1894789-11-pulehui@huaweicloud.com Signed-off-by: Alexei Starovoitov commit b2bc9d50549939e3e103f986f3123970a6b81e44 Author: Pu Lehui Date: Thu Sep 5 08:14:00 2024 +0000 selftests/bpf: Add riscv64 configurations to local vmtest Add riscv64 configurations to local vmtest. We can now perform cross platform testing for riscv64 bpf using the following command: PLATFORM=riscv64 CROSS_COMPILE=riscv64-linux-gnu- vmtest.sh \ -l ./libbpf-vmtest-rootfs-2024.08.30-noble-riscv64.tar.zst -- \ ./test_progs -d \ \"$(cat tools/testing/selftests/bpf/DENYLIST.riscv64 \ | cut -d'#' -f1 \ | sed -e 's/^[[:space:]]*//' \ -e 's/[[:space:]]*$//' \ | tr -s '\n' ','\ )\" Tested-by: Eduard Zingerman Signed-off-by: Pu Lehui Link: https://lore.kernel.org/r/20240905081401.1894789-10-pulehui@huaweicloud.com Signed-off-by: Alexei Starovoitov commit c402cb85802fa059f1d42954f25acf14c3bf89e7 Author: Pu Lehui Date: Thu Sep 5 08:13:59 2024 +0000 selftests/bpf: Add DENYLIST.riscv64 This patch adds DENYLIST.riscv64 file for riscv64. It will help BPF CI and local vmtest to mask failing and unsupported test cases. We can use the following command to use deny list in local vmtest as previously mentioned by Manu. PLATFORM=riscv64 CROSS_COMPILE=riscv64-linux-gnu- vmtest.sh \ -l ./libbpf-vmtest-rootfs-2024.08.30-noble-riscv64.tar.zst -- \ ./test_progs -d \ \"$(cat tools/testing/selftests/bpf/DENYLIST.riscv64 \ | cut -d'#' -f1 \ | sed -e 's/^[[:space:]]*//' \ -e 's/[[:space:]]*$//' \ | tr -s '\n' ','\ )\" Tested-by: Eduard Zingerman Signed-off-by: Pu Lehui Link: https://lore.kernel.org/r/20240905081401.1894789-9-pulehui@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 897b3680484b8163c9eb51ed55103504ffd4a7d1 Author: Pu Lehui Date: Thu Sep 5 08:13:58 2024 +0000 selftests/bpf: Add config.riscv64 Add config.riscv64 for both BPF CI and local vmtest. Tested-by: Eduard Zingerman Signed-off-by: Pu Lehui Link: https://lore.kernel.org/r/20240905081401.1894789-8-pulehui@huaweicloud.com Signed-off-by: Alexei Starovoitov commit d95d56519026322b25ffa964bb92182620176972 Author: Pu Lehui Date: Thu Sep 5 08:13:57 2024 +0000 selftests/bpf: Enable cross platform testing for vmtest Add support cross platform testing for vmtest. The variable $ARCH in the current script is platform semantics, not kernel semantics. Rename it to $PLATFORM so that we can easily use $ARCH in cross-compilation. And drop `set -u` unbound variable check as we will use CROSS_COMPILE env variable. For now, Using PLATFORM= and CROSS_COMPILE= options will enable cross platform testing: PLATFORM= CROSS_COMPILE= vmtest.sh -- ./test_progs Tested-by: Eduard Zingerman Signed-off-by: Pu Lehui Link: https://lore.kernel.org/r/20240905081401.1894789-7-pulehui@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 2294073dce32af8535e9d4a32e1efdeea35c1786 Author: Pu Lehui Date: Thu Sep 5 08:13:56 2024 +0000 selftests/bpf: Support local rootfs image for vmtest Support vmtest to use local rootfs image generated by [0] that is consistent with BPF CI. Now we can specify the local rootfs image through the `-l` parameter like as follows: vmtest.sh -l ./libbpf-vmtest-rootfs-2024.08.22-noble-amd64.tar.zst -- ./test_progs Meanwhile, some descriptions have been flushed. Link: https://github.com/libbpf/ci/blob/main/rootfs/mkrootfs_debian.sh [0] Acked-by: Eduard Zingerman Signed-off-by: Pu Lehui Link: https://lore.kernel.org/r/20240905081401.1894789-6-pulehui@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 0c3fc330be6d85febd0f68b66c657c752e9cd63c Author: Pu Lehui Date: Thu Sep 5 08:13:55 2024 +0000 selftests/bpf: Limit URLS parsing logic to actual scope in vmtest The URLS array is only valid in the download_rootfs function and does not need to be parsed globally in advance. At the same time, the logic of loading rootfs is refactored to prepare vmtest for supporting local rootfs. Signed-off-by: Pu Lehui Link: https://lore.kernel.org/r/20240905081401.1894789-5-pulehui@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 67ab80a01886a178c69c91728c49f94ccb71f338 Author: Eduard Zingerman Date: Thu Sep 5 08:13:54 2024 +0000 selftests/bpf: Prefer static linking for LLVM libraries It is not always convenient to have LLVM libraries installed inside CI rootfs images, thus request static libraries from llvm-config. Suggested-by: Andrii Nakryiko Signed-off-by: Eduard Zingerman Acked-by: Daniel Borkmann Tested-by: Daniel Borkmann Link: https://lore.kernel.org/r/20240905081401.1894789-4-pulehui@huaweicloud.com Signed-off-by: Alexei Starovoitov commit a48a43884cdd46dba8cc4a15160c116ffd965800 Author: Pu Lehui Date: Thu Sep 5 08:13:53 2024 +0000 selftests/bpf: Rename fallback in bpf_dctcp to avoid naming conflict Recently, when compiling bpf selftests on RV64, the following compilation failure occurred: progs/bpf_dctcp.c:29:21: error: redefinition of 'fallback' as different kind of symbol 29 | volatile const char fallback[TCP_CA_NAME_MAX]; | ^ /workspace/tools/testing/selftests/bpf/tools/include/vmlinux.h:86812:15: note: previous definition is here 86812 | typedef u32 (*fallback)(u32, const unsigned char *, size_t); The reason is that the `fallback` symbol has been defined in arch/riscv/lib/crc32.c, which will cause symbol conflicts when vmlinux.h is included in bpf_dctcp. Let we rename `fallback` string to `fallback_cc` in bpf_dctcp to fix this compilation failure. Signed-off-by: Pu Lehui Link: https://lore.kernel.org/r/20240905081401.1894789-3-pulehui@huaweicloud.com Signed-off-by: Alexei Starovoitov commit dc3a8804d790cc7dda442e5504a0c67435b356f4 Author: Pu Lehui Date: Thu Sep 5 08:13:52 2024 +0000 selftests/bpf: Adapt OUTPUT appending logic to lower versions of Make The $(let ...) function is only supported by GNU Make version 4.4 [0] and above, otherwise the following exception file or directory will be generated: tools/testing/selftests/bpfFEATURE-DUMP.selftests tools/testing/selftests/bpffeature/ Considering that the GNU Make version of most Linux distributions is lower than 4.4, let us adapt the corresponding logic to it. Link: https://lists.gnu.org/archive/html/info-gnu/2022-10/msg00008.html [0] Acked-by: Eduard Zingerman Signed-off-by: Pu Lehui Link: https://lore.kernel.org/r/20240905081401.1894789-2-pulehui@huaweicloud.com Signed-off-by: Alexei Starovoitov commit bd4d67f8ae55d42273c6cd661b622ed713d20350 Author: Lin Yikai Date: Thu Sep 5 19:03:07 2024 +0800 libbpf: fix some typos in libbpf Hi, fix some spelling errors in libbpf, the details are as follows: -in the code comments: termintaing->terminating architecutre->architecture requring->requiring recored->recoded sanitise->sanities allowd->allowed abover->above see bpf_udst_arg()->see bpf_usdt_arg() Signed-off-by: Lin Yikai Link: https://lore.kernel.org/r/20240905110354.3274546-3-yikai.lin@vivo.com Signed-off-by: Alexei Starovoitov commit a86857d2546c98f6c4e5677af8c6b8a80edd0704 Author: Lin Yikai Date: Thu Sep 5 19:03:06 2024 +0800 bpftool: fix some typos in bpftool Hi, fix some spelling errors in bpftool, the details are as follows: -in file "bpftool-gen.rst" libppf->libbpf -in the code comments: ouptut->output Signed-off-by: Lin Yikai Link: https://lore.kernel.org/r/20240905110354.3274546-2-yikai.lin@vivo.com Signed-off-by: Alexei Starovoitov commit 5db0ba6766f8a6606e655ddad745c87bc01349c7 Author: Lin Yikai Date: Thu Sep 5 19:03:05 2024 +0800 selftests/bpf: fix some typos in selftests Hi, fix some spelling errors in selftest, the details are as follows: -in the codes: test_bpf_sk_stoarge_map_iter_fd(void) ->test_bpf_sk_storage_map_iter_fd(void) load BTF from btf_data.o->load BTF from btf_data.bpf.o -in the code comments: preample->preamble multi-contollers->multi-controllers errono->errno unsighed/unsinged->unsigned egree->egress shoud->should regsiter->register assummed->assumed conditiona->conditional rougly->roughly timetamp->timestamp ingores->ignores null-termainted->null-terminated slepable->sleepable implemenation->implementation veriables->variables timetamps->timestamps substitue a costant->substitute a constant secton->section unreferened->unreferenced verifer->verifier libppf->libbpf ... Signed-off-by: Lin Yikai Link: https://lore.kernel.org/r/20240905110354.3274546-1-yikai.lin@vivo.com Signed-off-by: Alexei Starovoitov commit d224338aa105bf3c4c4aa8b2ccdbd675c71ffbfe Merge: eb5ed2fae19745 431c1646e1f86b Author: Jonathan Corbet Date: Thu Sep 5 14:01:38 2024 -0600 Merge tag 'v6.11-rc6' into docs-mw This is done primarily to get a docs build fix merged via another tree so that "make htmldocs" stops failing. commit 15eb92636c60c5007636dda20eb31b7c8d38a063 Merge: 82d7cf56551af9 89f1a037e97cb2 Author: Arnd Bergmann Date: Thu Sep 5 19:55:18 2024 +0000 Merge tag 'sunxi-dt-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sunxi/linux into soc/dt Allwinner SoC device tree changes for 6.12 ARM64 device tree and binding-only changes - Move PMIC on RG35XX boards from RSB (Allwinner proprietary bus) to I2C - Introduce Anbernic RG35XX-SP board - Enable charger on RG35XX boards - Add thermal trip points for Allwinner A64 GPU * tag 'sunxi-dt-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sunxi/linux: arm64: dts: allwinner: a64: Add GPU thermal trips to the SoC dtsi arm64: dts: allwinner: h700: Add charger for Anbernic RG35XX arm64: dts: allwinner: h700: Add Anbernic RG35XX-SP arm64: dts: allwinner: h616: Change RG35XX Series from r_rsb to r_i2c arm64: dts: allwinner: h616: Add r_i2c pinctrl nodes dt-bindings: arm: sunxi: Add Anbernic RG35XXSP Link: https://lore.kernel.org/r/ZtnZRhTwsBeO7Qtb@wens.tw Signed-off-by: Arnd Bergmann commit fc282a6643eef2136ad4d9797fd06be249cbdb91 Merge: 2d516b8fc0f18c 7ad250e13ff8a2 Author: Arnd Bergmann Date: Thu Sep 5 19:54:11 2024 +0000 Merge tag 'sunxi-drivers-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sunxi/linux into soc/drivers Allwinner SoC driver changes for 6.12 - Simplify sunxi-rsb driver probe function using dev_err_probe() * tag 'sunxi-drivers-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sunxi/linux: bus: sunxi-rsb: Simplify code with dev_err_probe() Link: https://lore.kernel.org/r/ZtnYUswjHdLRYq8Y@wens.tw Signed-off-by: Arnd Bergmann commit 9714452af1e5b8a7567e4ef2d576787b32034d0a Merge: 697ba0b6ec4ae0 2d2b3bc145b9d5 Author: Jens Axboe Date: Thu Sep 5 13:47:06 2024 -0600 Merge tag 'md-6.12-20240905' of https://git.kernel.org/pub/scm/linux/kernel/git/song/md into for-6.12/block Pull MD fix from Song: "This patch, from Mateusz Kusiak, improves the information reported in /proc/mdstat." * tag 'md-6.12-20240905' of https://git.kernel.org/pub/scm/linux/kernel/git/song/md: md: Report failed arrays as broken in mdstat commit 596a7f1084e49cc65072c458c348861e9b9ceab9 Author: Hongbo Li Date: Sat Aug 31 17:46:55 2024 +0800 drm/i915: Remove extra unlikely helper In IS_ERR, the unlikely is used for the input parameter, so these is no need to use it again outside. Signed-off-by: Hongbo Li Link: https://patchwork.freedesktop.org/patch/msgid/20240831094655.4153520-1-lihongbo22@huawei.com Reviewed-by: Rodrigo Vivi Signed-off-by: Rodrigo Vivi commit 552895afadb39f82ac44b62651b3c6261b6f96cc Merge: aa01d13eecc9fd d2520bdb1932fe Author: Andrii Nakryiko Date: Thu Sep 5 12:43:24 2024 -0700 Merge branch 'selftests-bpf-add-uprobe-multi-pid-filter-test' Jiri Olsa says: ==================== selftests/bpf: Add uprobe multi pid filter test hi, sending fix for uprobe multi pid filtering together with tests. The first version included tests for standard uprobes, but as we still do not have fix for that, sending just uprobe multi changes. thanks, jirka v2 changes: - focused on uprobe multi only, removed perf event uprobe specific parts - added fix and test for CLONE_VM process filter --- ==================== Link: https://lore.kernel.org/r/20240905115124.1503998-1-jolsa@kernel.org Signed-off-by: Andrii Nakryiko commit d2520bdb1932fe615d87458ea2df2495bb25c886 Author: Jiri Olsa Date: Thu Sep 5 14:51:24 2024 +0300 selftests/bpf: Add uprobe multi pid filter test for clone-ed processes The idea is to run same test as for test_pid_filter_process, but instead of standard fork-ed process we create the process with clone(CLONE_VM..) to make sure the thread leader process filter works properly in this case. Signed-off-by: Jiri Olsa Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240905115124.1503998-5-jolsa@kernel.org commit 8df43e859454952b0dd18c5821b32e6b2d48fddd Author: Jiri Olsa Date: Thu Sep 5 14:51:23 2024 +0300 selftests/bpf: Add uprobe multi pid filter test for fork-ed processes The idea is to create and monitor 3 uprobes, each trigered in separate process and make sure the bpf program gets executed just for the proper PID specified via pid filter. Signed-off-by: Jiri Olsa Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240905115124.1503998-4-jolsa@kernel.org commit 0b0bb453716f1469105f075044c68ee9670fe4ee Author: Jiri Olsa Date: Thu Sep 5 14:51:22 2024 +0300 selftests/bpf: Add child argument to spawn_child function Adding child argument to spawn_child function to allow to create multiple children in following change. Signed-off-by: Jiri Olsa Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240905115124.1503998-3-jolsa@kernel.org commit 900f362e2062e4a23a53bf89fd3b248cd021f5af Author: Jiri Olsa Date: Thu Sep 5 14:51:21 2024 +0300 bpf: Fix uprobe multi pid filter check Uprobe multi link does its own process (thread leader) filtering before running the bpf program by comparing task's vm pointers. But as Oleg pointed out there can be processes sharing the vm (CLONE_VM), so we can't just compare task->vm pointers, but instead we need to use same_thread_group call. Suggested-by: Oleg Nesterov Signed-off-by: Jiri Olsa Signed-off-by: Andrii Nakryiko Acked-by: Oleg Nesterov Link: https://lore.kernel.org/bpf/20240905115124.1503998-2-jolsa@kernel.org commit a09e3cf770bcffa40f22cc2f0f4d24a84f937f26 Merge: 9395f3d21d4b44 af05917c221e97 Author: Stephen Boyd Date: Thu Sep 5 11:30:59 2024 -0700 Merge branch 'clk-imx-old' into clk-imx * clk-imx: (22 commits) clk: imx: composite-7ulp: Use NULL instead of 0 clk: imx: add missing MODULE_DESCRIPTION() macros clk: imx: clk-imx8mp: Allow media_disp pixel clock reconfigure parent rate clk: imx: fracn-gppll: update rate table clk: imx: imx8qxp: Parent should be initialized earlier than the clock clk: imx: imx8qxp: Register dc0_bypass0_clk before disp clk clk: imx: imx8qxp: Add clock muxes for MIPI and PHY ref clocks clk: imx: imx8qxp: Add LVDS bypass clocks clk: imx: imx8mm: Change the 'nand_usdhc_bus' clock to non-critical one clk: imx: imx8mn: add sai7_ipg_clk clock settings clk: imx: add CLK_SET_RATE_PARENT for lcdif_pixel_src for i.MX7D clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D clk: imx: imx8mp: fix clock tree update of TF-A managed clocks clk: imx: fracn-gppll: fix fractional part of PLL getting lost clk: imx: composite-7ulp: Check the PCC present bit clk: imx: composite-93: keep root clock on when mcore enabled clk: imx: composite-8m: Enable gate clk with mcore_booted clk: imx: imx6ul: fix default parent for enet*_ref_sel clk: imx: clk-audiomix: Correct parent clock for earc_phy and audpll clk: imx: clk-audiomix: Add CLK_SET_RATE_PARENT flags for clocks ... commit 7a199557643e993d4e7357860624b8aa5d8f4340 Author: Alex Deucher Date: Thu Sep 5 14:24:38 2024 -0400 Revert "drm/amdgpu: align pp_power_profile_mode with kernel docs" This reverts commit bbb05f8a9cd87f5046d05a0c596fddfb714ee457. This breaks some manual setting of the profile mode in certain cases. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3600 Signed-off-by: Alex Deucher commit dfc58f467f7163b28d8aaadafd86d93dd08ea01c Author: zhangjiao Date: Thu Aug 29 13:33:09 2024 +0800 tools: iio: rm .*.cmd when make clean rm .*.cmd when make clean Signed-off-by: zhangjiao Link: https://patch.msgid.link/20240829053309.10563-1-zhangjiao2@cmss.chinamobile.com Signed-off-by: Jonathan Cameron commit 09e3bdfe499d5b0ed24c123f7c5a12459db217db Author: Jonathan Cameron Date: Sun Aug 18 19:09:12 2024 +0100 iio: adc: standardize on formatting for id match tables This is a frequent minor comment in reviews, so start cleaning up existing drivers in the hope we get fewer cases of cut and paste. There are not kernel wide rules for these, but for IIO the style that I prefer (and hence most common) is: - Space after { and before } - No comma after terminator { } This may cause merge conflicts but they should be trivial to resolve hence I have not broken this into per driver patches. Link: https://patch.msgid.link/20240818180912.719399-1-jic23@kernel.org Signed-off-by: Jonathan Cameron commit 07b241262dcad07671c444ca955903325de28e9e Author: shuaijie wang Date: Tue Aug 27 08:02:29 2024 +0000 iio: proximity: aw96103: Add support for aw96103/aw96105 proximity sensor AW96103 is a low power consumption capacitive touch and proximity controller. Each channel can be independently config as sensor input, shield output. Channel Information: aw96103: 3-channel aw96105: 5-channel Signed-off-by: shuaijie wang Link: https://patch.msgid.link/20240827080229.1431784-3-wangshuaijie@awinic.com Signed-off-by: Jonathan Cameron commit 9395f3d21d4b4404f4e863c1df0c84d23a4df3c9 Merge: 8400291e289ee6 32c055ef563c3a Author: Stephen Boyd Date: Thu Sep 5 11:18:55 2024 -0700 Merge tag 'clk-imx-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/abelvesa/linux into clk-imx2 Pull i.MX clk driver updates from Abel Vesa: - Use clk_hw pointer instead of fw_name for acm_aud_clk[0-1]_sel clocks on i.MX8Q as parents in ACM provider - Add i.MX95 NETCMIX support to the block control provider - Fix parents for ENETx_REF_SEL clocks on i.MX6UL * tag 'clk-imx-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/abelvesa/linux: clk: imx6ul: fix clock parent for IMX6UL_CLK_ENETx_REF_SEL clk: imx95: enable the clock of NETCMIX block control dt-bindings: clock: add RMII clock selection dt-bindings: clock: add i.MX95 NETCMIX block control clk: imx: imx8: Use clk_hw pointer for self registered clock in clk_parent_data commit 401d078eaf2edd605c9121741e166d9326c63677 Author: Andy Shevchenko Date: Wed Sep 4 22:08:56 2024 +0300 regulator: of: Refactor of_get_*regulator() to decrease indentation Refactor of_get_*regulator() to decrease indentation and increase readability. No functional changes intended. Signed-off-by: Andy Shevchenko Reviewed-by: Chen-Yu Tsai Link: https://patch.msgid.link/20240904190856.1221459-1-andy.shevchenko@gmail.com Signed-off-by: Mark Brown commit 056f2821b631df2b94d3b017fd1e1eef918ed98d Author: Hans Verkuil Date: Wed Oct 6 13:29:30 2021 +0200 media: cec: extron-da-hd-4k-plus: add the Extron DA HD 4K Plus CEC driver Add support for the Extron DA HD 4K Plus series of 4K HDMI Distrubution Amplifiers (aka HDMI Splitters). These devices support CEC and this driver adds support for the CEC protocol for both the input and all outputs (2, 4 or 6 outputs, depending on the model). It also exports the EDID from the outputs and allows reading and setting the EDID of the input. Signed-off-by: Hans Verkuil Signed-off-by: Mauro Carvalho Chehab commit 6bb8ef90c444c2fd97208bfce42137c4add32bbb Author: Hans Verkuil Date: Fri Aug 2 12:19:48 2024 +0200 media: cec: move cec_get/put_device to header Move cec_get/put_device to the media/cec.h header. This allows CEC drivers to use this. Signed-off-by: Hans Verkuil Signed-off-by: Mauro Carvalho Chehab commit c7a29258737076a7caf9ced6a7d710cce890abe5 Author: Hans Verkuil Date: Wed Aug 12 14:20:10 2020 +0200 media: input: serio.h: add SERIO_EXTRON_DA_HD_PLUS Add a new serio ID for the Extron DA HD 4K Plus series of 4K HDMI Distribution Amplifiers. These devices support CEC over the serial port, so a new serio ID is needed to be able to associate the CEC driver. Signed-off-by: Hans Verkuil Acked-by: Dmitry Torokhov Signed-off-by: Mauro Carvalho Chehab commit d2f2ce0069d447ca9de80edc38ca8484d1c8a94d Author: Erling Ljunggren Date: Fri Nov 11 14:29:03 2022 +0100 media: docs: Add V4L2_CAP_EDID Add documentation for the new edid capability. Signed-off-by: Erling Ljunggren Signed-off-by: Hans Verkuil Reviewed-by: Sebastian Fricke Reviewed-by: Ricardo Ribalda Signed-off-by: Mauro Carvalho Chehab commit c9edd2e4fed5f8a6f14808a1fd17b7d56b6c00f3 Author: Erling Ljunggren Date: Wed Sep 28 13:21:47 2022 +0200 media: v4l2-dev: handle V4L2_CAP_EDID When the V4L2_CAP_EDID capability flag is set, ioctls for enum inputs/outputs and get/set edid are automatically set. Signed-off-by: Erling Ljunggren Signed-off-by: Hans Verkuil Reviewed-by: Sebastian Fricke Reviewed-by: Ricardo Ribalda Signed-off-by: Mauro Carvalho Chehab commit 6fe0593bfc3cfab8b4ec7255152a2be40b2e49a3 Author: Erling Ljunggren Date: Wed Sep 28 13:21:43 2022 +0200 media: videodev2.h: add V4L2_CAP_EDID Add capability flag to indicate that the device is an EDID-only device. Signed-off-by: Erling Ljunggren Signed-off-by: Hans Verkuil Reviewed-by: Sebastian Fricke Reviewed-by: Ricardo Ribalda Signed-off-by: Mauro Carvalho Chehab commit eb5ed2fae19745fcb7dd0dcfbfbcd8b2847bc5c1 Author: Mark Brown Date: Thu Sep 5 13:33:33 2024 +0100 docs: submitting-patches: Advertise b4 b4 is now widely used and is quite helpful for a lot of the things that submitting-patches covers, let's advertise it to submitters to try to make their lives easier and reduce the number of procedural issues maintainers see. Reviewed-by: Shuah Khan Signed-off-by: Mark Brown Acked-by: Konstantin Ryabitsev Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240905-documentation-b4-advert-v2-1-24d686ba4117@kernel.org commit 22e2bf1214ff50981c7e056970241a36ab1f3d14 Author: Rob Herring (Arm) Date: Wed Sep 4 15:02:52 2024 -0500 dt-bindings: incomplete-devices: And another batch of compatibles Another batch of compatibles unlikely to ever be documented. It's mostly old PowerMAC and PPC stuff found in DT compatible API calls. Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240904200253.3112699-1-robh@kernel.org Signed-off-by: Rob Herring (Arm) commit 8f6887349b2f829a4121c518aeb064fc922714e4 Author: Jason Gunthorpe Date: Tue Aug 27 13:46:45 2024 -0300 iommufd: Protect against overflow of ALIGN() during iova allocation Userspace can supply an iova and uptr such that the target iova alignment becomes really big and ALIGN() overflows which corrupts the selected area range during allocation. CONFIG_IOMMUFD_TEST can detect this: WARNING: CPU: 1 PID: 5092 at drivers/iommu/iommufd/io_pagetable.c:268 iopt_alloc_area_pages drivers/iommu/iommufd/io_pagetable.c:268 [inline] WARNING: CPU: 1 PID: 5092 at drivers/iommu/iommufd/io_pagetable.c:268 iopt_map_pages+0xf95/0x1050 drivers/iommu/iommufd/io_pagetable.c:352 Modules linked in: CPU: 1 PID: 5092 Comm: syz-executor294 Not tainted 6.10.0-rc5-syzkaller-00294-g3ffea9a7a6f7 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 RIP: 0010:iopt_alloc_area_pages drivers/iommu/iommufd/io_pagetable.c:268 [inline] RIP: 0010:iopt_map_pages+0xf95/0x1050 drivers/iommu/iommufd/io_pagetable.c:352 Code: fc e9 a4 f3 ff ff e8 1a 8b 4c fc 41 be e4 ff ff ff e9 8a f3 ff ff e8 0a 8b 4c fc 90 0f 0b 90 e9 37 f5 ff ff e8 fc 8a 4c fc 90 <0f> 0b 90 e9 68 f3 ff ff 48 c7 c1 ec 82 ad 8f 80 e1 07 80 c1 03 38 RSP: 0018:ffffc90003ebf9e0 EFLAGS: 00010293 RAX: ffffffff85499fa4 RBX: 00000000ffffffef RCX: ffff888079b49e00 RDX: 0000000000000000 RSI: 00000000ffffffef RDI: 0000000000000000 RBP: ffffc90003ebfc50 R08: ffffffff85499b30 R09: ffffffff85499942 R10: 0000000000000002 R11: ffff888079b49e00 R12: ffff8880228e0010 R13: 0000000000000000 R14: 1ffff920007d7f68 R15: ffffc90003ebfd00 FS: 000055557d760380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000005fdeb8 CR3: 000000007404a000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: iommufd_ioas_copy+0x610/0x7b0 drivers/iommu/iommufd/ioas.c:274 iommufd_fops_ioctl+0x4d9/0x5a0 drivers/iommu/iommufd/main.c:421 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Cap the automatic alignment to the huge page size, which is probably a better idea overall. Huge automatic alignments can fragment and chew up the available IOVA space without any reason. Link: https://patch.msgid.link/r/0-v1-8009738b9891+1f7-iommufd_align_overflow_jgg@nvidia.com Cc: stable@vger.kernel.org Fixes: 51fe6141f0f6 ("iommufd: Data structure to provide IOVA to PFN mapping") Reviewed-by: Nicolin Chen Reported-by: syzbot+16073ebbc4c64b819b47@syzkaller.appspotmail.com Closes: https://lore.kernel.org/r/000000000000388410061a74f014@google.com Signed-off-by: Jason Gunthorpe commit c121d5cc3a993cdbfab46a152bdd50227a4d5e8c Author: Hongbo Li Date: Thu Sep 5 17:25:40 2024 +0800 lib/string_choices: Add some comments to make more clear for string choices helpers. Add some comments to explain why we should use string_choices helpers. Signed-off-by: Hongbo Li Acked-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240905092540.2962122-3-lihongbo22@huawei.com Signed-off-by: Kees Cook commit c2708ba91c3c1fba424b77de83b6fc45cbf38c46 Author: Hongbo Li Date: Thu Sep 5 17:25:39 2024 +0800 lib/string_choices: Introduce several opposite string choice helpers Similar to the exists helper: str_enable_disable/ str_enabled_disabled/str_on_off/str_yes_no helpers, we can add the opposite helpers. That's str_disable_enable, str_disabled_enabled, str_off_on and str_no_yes. There are more than 10 cases currently (expect str_disable_enable now has 3 use cases) exist in the code can be replaced with these helper. Signed-off-by: Hongbo Li Acked-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240905092540.2962122-2-lihongbo22@huawei.com Signed-off-by: Kees Cook commit 6ff4cd1160afafc12ad1603e3d2f39256e4b708d Author: Hongbo Li Date: Tue Aug 27 10:45:15 2024 +0800 lib/string_choices: Add str_true_false()/str_false_true() helper Add str_true_false()/str_false_true() helper to return "true" or "false" string literal. Signed-off-by: Hongbo Li Link: https://lore.kernel.org/r/20240827024517.914100-2-lihongbo22@huawei.com Signed-off-by: Kees Cook commit 133f67bea5e03134b4b388a884e59a052809403d Author: Liao Chen Date: Mon Aug 26 12:39:57 2024 +0000 i3c: master: cdns: fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Link: https://lore.kernel.org/r/20240826123957.379212-1-liaochen4@huawei.com Signed-off-by: Alexandre Belloni commit ced86959d28cc26bbfc5f2fd6e37407637c20e11 Author: Shyam Sundar S K Date: Thu Aug 29 14:47:13 2024 +0530 i3c: mipi-i3c-hci: Add a quirk to set Response buffer threshold The current driver sets the response buffer threshold value to 1 (N+1, 2 DWORDS) in the QUEUE THRESHOLD register. However, the AMD I3C controller only generates interrupts when the response buffer threshold value is set to 0 (1 DWORD). Therefore, a quirk is added to set the response buffer threshold value to 0. Reviewed-by: Jarkko Nikula Co-developed-by: Krishnamoorthi M Signed-off-by: Krishnamoorthi M Co-developed-by: Guruvendra Punugupati Signed-off-by: Guruvendra Punugupati Signed-off-by: Shyam Sundar S K Link: https://lore.kernel.org/r/20240829091713.736217-7-Shyam-sundar.S-k@amd.com Signed-off-by: Alexandre Belloni commit 46d4daa517e91a197ad253c1d81de29e8e2980be Author: Shyam Sundar S K Date: Thu Aug 29 14:47:12 2024 +0530 i3c: mipi-i3c-hci: Add a quirk to set timing parameters The AMD HCI controller is currently unstable at 12.5 MHz. To address this, a quirk is added to configure the clock rate to 9 MHz as a workaround, with proportional adjustments to the Open-Drain (OD) and Push-Pull (PP) values. Reviewed-by: Jarkko Nikula Co-developed-by: Guruvendra Punugupati Signed-off-by: Guruvendra Punugupati Signed-off-by: Shyam Sundar S K Link: https://lore.kernel.org/r/20240829091713.736217-6-Shyam-sundar.S-k@amd.com Signed-off-by: Alexandre Belloni commit 216201b3d7df0a9d2c848789b65c7f332f84a3af Author: Shyam Sundar S K Date: Thu Aug 29 14:47:11 2024 +0530 i3c: mipi-i3c-hci: Relocate helper macros to HCI header file The reg_* helper macros are currently limited to core.c. Moving them to hci.h will allow their functionality to be utilized in other files outside of core.c. Reviewed-by: Jarkko Nikula Co-developed-by: Guruvendra Punugupati Signed-off-by: Guruvendra Punugupati Signed-off-by: Shyam Sundar S K Link: https://lore.kernel.org/r/20240829091713.736217-5-Shyam-sundar.S-k@amd.com Signed-off-by: Alexandre Belloni commit 01408932995319eaa3d892c3c5d7739cff5da25b Author: Shyam Sundar S K Date: Thu Aug 29 14:47:10 2024 +0530 i3c: mipi-i3c-hci: Add a quirk to set PIO mode The AMD HCI controller currently only supports PIO mode but exposes DMA rings to the OS, which leads to the controller being configured in DMA mode. To address this, add a quirk to avoid configuring the controller in DMA mode and default to PIO mode. Additionally, introduce a generic quirk infrastructure to the mipi-i3c-hci driver to facilitate seamless future quirk additions. Reviewed-by: Jarkko Nikula Co-developed-by: Krishnamoorthi M Signed-off-by: Krishnamoorthi M Co-developed-by: Guruvendra Punugupati Signed-off-by: Guruvendra Punugupati Signed-off-by: Shyam Sundar S K Link: https://lore.kernel.org/r/20240829091713.736217-4-Shyam-sundar.S-k@amd.com Signed-off-by: Alexandre Belloni commit 039b23609ff243497ea350200635985364da25ee Author: Shyam Sundar S K Date: Thu Aug 29 14:47:09 2024 +0530 i3c: mipi-i3c-hci: Read HC_CONTROL_PIO_MODE only after i3c hci v1.1 The HC_CONTROL_PIO_MODE bit was introduced in the HC_CONTROL register starting from version 1.1. Therefore, checking the HC_CONTROL_PIO_MODE bit on hardware that adheres to older specification revisions (i.e., versions earlier than 1.1) is incorrect. To address this, add an additional check to read the HCI version before attempting to read the HC_CONTROL_PIO_MODE status. Signed-off-by: Shyam Sundar S K Reviewed-by: Jarkko Nikula Link: https://lore.kernel.org/r/20240829091713.736217-3-Shyam-sundar.S-k@amd.com Signed-off-by: Alexandre Belloni commit 8d2e56ef83ce944cc945d39f5ea7c875bba5c2ad Author: Shyam Sundar S K Date: Thu Aug 29 14:47:08 2024 +0530 i3c: mipi-i3c-hci: Add AMDI5017 ACPI ID to the I3C Support List The current driver code lacks the necessary plumbing for ACPI IDs, preventing the mipi-i3c-hci driver from being loaded on x86 platforms that advertise I3C ACPI support. Add the AMDI5017 ACPI ID to the list of supported IDs. Reviewed-by: Andy Shevchenko Signed-off-by: Shyam Sundar S K Reviewed-by: Jarkko Nikula Link: https://lore.kernel.org/r/20240829091713.736217-2-Shyam-sundar.S-k@amd.com Signed-off-by: Alexandre Belloni commit 2d516b8fc0f18ce9c0347a1aea6edb3d8ca1d692 Author: Dan Carpenter Date: Thu Sep 5 16:16:53 2024 +0300 platform: cznic: turris-omnia-mcu: Fix error check in omnia_mcu_register_trng() The gpiod_to_irq() function never returns zero. It returns negative error codes or a positive IRQ number. Update the checking to check for negatives. Fixes: 41bb142a4028 ("platform: cznic: turris-omnia-mcu: Add support for MCU provided TRNG") Signed-off-by: Dan Carpenter Reviewed-by: Marek Behún Signed-off-by: Arnd Bergmann commit 02f454f9aa6255d99611d6a4e37edd08812878df Author: Gustavo A. R. Silva Date: Fri Aug 16 13:12:39 2024 +0300 wifi: ath12k: Avoid -Wflex-array-member-not-at-end warnings -Wflex-array-member-not-at-end was introduced in GCC-14, and we are getting ready to enable it, globally. Move the conflicting declaration to the end of the structure. Notice that `struct ieee80211_chanctx_conf` is a flexible structure --a structure that contains a flexible-array member. Also, remove an unused structure. Fix the following warnings: drivers/net/wireless/ath/ath12k/core.h:290:39: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/ath/ath12k/dp.h:1499:24: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva Signed-off-by: Kalle Valo Link: https://patch.msgid.link/ZrZEuxJihMzAaTVh@cute commit 820aa897837ff6c156f60423f82c0cb1d9b18103 Author: Gustavo A. R. Silva Date: Fri Aug 16 13:12:39 2024 +0300 wifi: ath11k: Avoid -Wflex-array-member-not-at-end warnings -Wflex-array-member-not-at-end was introduced in GCC-14, and we are getting ready to enable it, globally. Move the conflicting declaration to the end of the structure. Notice that `struct ieee80211_chanctx_conf` is a flexible structure --a structure that contains a flexible-array member. Also, remove a couple of unused structures. Fix the following warnings: drivers/net/wireless/ath/ath11k/core.h:409:39: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/ath/ath11k/dp.h:1309:24: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/ath/ath11k/dp.h:1368:24: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva Acked-by: Jeff Johnson Signed-off-by: Kalle Valo Link: https://patch.msgid.link/ZrZB3Rjswe0ZXtug@cute commit 77fcdf51b8ca5e89f1074902b860caa2418d72e6 Author: Tanmay Shah Date: Fri Aug 30 10:37:36 2024 -0700 remoteproc: xlnx: Add sram support AMD-Xilinx zynqmp platform contains on-chip sram memory (OCM). R5 cores can access OCM and access is faster than DDR memory but slower than TCM memories available. Sram region can have optional multiple power-domains. Platform management firmware is responsible to operate these power-domains. Signed-off-by: Tanmay Shah Link: https://lore.kernel.org/r/20240830173735.279432-1-tanmay.shah@amd.com [Fixed dma_addr_t type cast when calling rproc_mem_entry_init()] Signed-off-by: Mathieu Poirier commit 3e6a7e3cda773adacc2fa4b9623d0a8c0f904d50 Author: Nicolin Chen Date: Tue Aug 27 09:59:38 2024 -0700 iommufd: Reorder struct forward declarations Reorder struct forward declarations to alphabetic order to simplify maintenance, as upcoming patches will add more to the list. No functional change intended. Link: https://patch.msgid.link/r/c5dd87100f6f01389b838c63237e28c5dd373358.1724776335.git.nicolinc@nvidia.com Signed-off-by: Nicolin Chen Signed-off-by: Jason Gunthorpe commit a4311c274e08001b129bd5ffd2a41dcbd3e0a855 Author: Michal Wajdeczko Date: Thu Aug 29 20:31:50 2024 +0200 kunit: Fix kernel-doc for EXPORT_SYMBOL_IF_KUNIT While kunit/visibility.h is today not included in any generated kernel documentation, also likely due to the fact that none of the existing comments are correctly recognized as kernel-doc, but once we decide to add this header and fix the tool, there will be: ../include/kunit/visibility.h:61: warning: Function parameter or struct member 'symbol' not described in 'EXPORT_SYMBOL_IF_KUNIT' Signed-off-by: Michal Wajdeczko Reviewed-by: Rae Moar Acked-by: David Gow Signed-off-by: Shuah Khan commit 82d7cf56551af9f87c7a144f8c76b359561d70cf Author: Jacky Huang Date: Mon Aug 19 03:56:47 2024 +0000 arm64: dts: nuvoton: ma35d1: Add uart pinctrl settings Enable all UART nodes presented on som and iot boards, and add pinctrl function settings to these nodes. Signed-off-by: Jacky Huang Link: https://lore.kernel.org/r/20240819035647.306-4-ychuang570808@gmail.com Signed-off-by: Arnd Bergmann commit 0dfa542df942d6f926ef49250f903efa607bb652 Author: Jacky Huang Date: Mon Aug 19 03:56:46 2024 +0000 arm64: dts: nuvoton: ma35d1: Add pinctrl and gpio nodes Added the pinctrl node and its subnodes, the gpioa through gpion nodes, to the MA35D1 device tree. Signed-off-by: Jacky Huang Link: https://lore.kernel.org/r/20240819035647.306-3-ychuang570808@gmail.com Signed-off-by: Arnd Bergmann commit a957af089616aca94a7839a6ff470835de3b5062 Author: Jacky Huang Date: Mon Aug 19 03:56:45 2024 +0000 arm64: dts: nuvoton: Add syscon to the system-management node According to the binding document, add the "syscon" compatible to the system-management node. Signed-off-by: Jacky Huang Link: https://lore.kernel.org/r/20240819035647.306-2-ychuang570808@gmail.com Signed-off-by: Arnd Bergmann commit 61a3fc796c739a3626ba53fe62d60fa47695ef96 Merge: a4d398a573d0f0 e02fcd73779cb7 Author: Russell King (Oracle) Date: Thu Sep 5 16:22:49 2024 +0100 Merge branches 'amba' and 'misc' into for-linus commit f5dd17e30a59791ba3523aeaab04bafe001b7f67 Author: Armin Wolf Date: Sun Sep 1 05:10:55 2024 +0200 platform/x86: wmi: Call both legacy and WMI driver notify handlers Since the legacy WMI notify handlers are now using the WMI event data provided by the WMI driver core, they can coexist with modern WMI driver notify handlers. Remove the precedence of WMI driver notify handlers and call both when receiving an event. Reviewed-by: Hans de Goede Signed-off-by: Armin Wolf Link: https://lore.kernel.org/r/20240901031055.3030-6-W_Armin@gmx.de Signed-off-by: Hans de Goede commit 6ed2d7e8e74de49f11f9517f32acada5369fd30b Author: Armin Wolf Date: Sun Sep 1 05:10:54 2024 +0200 platform/x86: wmi: Merge get_event_data() with wmi_get_notify_data() Since get_event_data() is only called by wmi_get_notify_data(), it makes sense to merge both functions. Reviewed-by: Ilpo Järvinen Reviewed-by: Hans de Goede Signed-off-by: Armin Wolf Link: https://lore.kernel.org/r/20240901031055.3030-5-W_Armin@gmx.de Signed-off-by: Hans de Goede commit 79a56f4c8fa629ac79ada8f4b746195bd91f09c7 Author: Armin Wolf Date: Sun Sep 1 05:10:53 2024 +0200 platform/x86: wmi: Remove wmi_get_event_data() Since the WMI driver core now takes care of retrieving the WMI event data even for legacy WMI notify handlers, this function is no longer used. Remove it to prevent WMI drivers from messing up the ACPI firmware on some machines. Reviewed-by: Ilpo Järvinen Reviewed-by: Hans de Goede Signed-off-by: Armin Wolf Link: https://lore.kernel.org/r/20240901031055.3030-4-W_Armin@gmx.de Signed-off-by: Hans de Goede commit e04e2b760ddbe3d7b283a05898c3a029085cd8cd Author: Armin Wolf Date: Sun Sep 1 05:10:52 2024 +0200 platform/x86: wmi: Pass event data directly to legacy notify handlers The current legacy WMI handlers are susceptible to picking up wrong WMI event data on systems where different WMI devices share some notification IDs. Prevent this by letting the WMI driver core taking care of retrieving the event data. This also simplifies the legacy WMI handlers and their implementation inside the WMI driver core. Reviewed-by: Ilpo Järvinen Reviewed-by: Hans de Goede Signed-off-by: Armin Wolf Link: https://lore.kernel.org/r/20240901031055.3030-3-W_Armin@gmx.de Signed-off-by: Hans de Goede commit 7ad250e13ff8a275ba846fd223288f01f5d3857c Author: Zhang Zekun Date: Thu Sep 5 19:41:34 2024 +0800 bus: sunxi-rsb: Simplify code with dev_err_probe() Use dev_err_probe() directly in the driver probe phase. This can simplify the code a bit. Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240905114134.80310-1-zhangzekun11@huawei.com Signed-off-by: Chen-Yu Tsai commit 4c727150a629a59933cbd12ab4230a30789e4c90 Author: Rob Herring (Arm) Date: Wed Jul 17 08:39:55 2024 -0600 dt: dt-extract-compatibles: Extract compatibles from function parameters Various DT and fwnode functions take a compatible string as a parameter. These are often used in cases which don't have a driver, so they've been missed. The additional checks add about 400 more undocumented compatible strings. Link: https://lore.kernel.org/all/20240903200753.2097911-1-robh@kernel.org/ Acked-by: Saravana Kannan Reviewed-by: Nícolas F. R. A. Prado Signed-off-by: Rob Herring (Arm) commit 1652e95b17d5666375949524c708afef2574a01e Author: Andy Shevchenko Date: Thu Sep 5 17:21:38 2024 +0300 pinctrl: intel: Constify struct intel_pinctrl parameter There are a few functions that do not and should not change the state of the pin control object. Constify the respective parameter. Signed-off-by: Andy Shevchenko Acked-by: Mika Westerberg commit 483e0bd8883a40fd3dd3193997a4014337698d72 Author: Nicolin Chen Date: Wed Sep 4 19:40:43 2024 -0700 iommu/tegra241-cmdqv: Do not allocate vcmdq until dma_set_mask_and_coherent It's observed that, when the first 4GB of system memory was reserved, all VCMDQ allocations failed (even with the smallest qsz in the last attempt): arm-smmu-v3: found companion CMDQV device: NVDA200C:00 arm-smmu-v3: option mask 0x10 arm-smmu-v3: failed to allocate queue (0x8000 bytes) for vcmdq0 acpi NVDA200C:00: tegra241_cmdqv: Falling back to standard SMMU CMDQ arm-smmu-v3: ias 48-bit, oas 48-bit (features 0x001e1fbf) arm-smmu-v3: allocated 524288 entries for cmdq arm-smmu-v3: allocated 524288 entries for evtq arm-smmu-v3: allocated 524288 entries for priq This is because the 4GB reserved memory shifted the entire DMA zone from a lower 32-bit range (on a system without the 4GB carveout) to higher range, while the dev->coherent_dma_mask was set to DMA_BIT_MASK(32) by default. The dma_set_mask_and_coherent() call is done in arm_smmu_device_hw_probe() of the SMMU driver. So any DMA allocation from tegra241_cmdqv_probe() must wait until the coherent_dma_mask is correctly set. Move the vintf/vcmdq structure initialization routine into a different op, "init_structures". Call it at the end of arm_smmu_init_structures(), where standard SMMU queues get allocated. Most of the impl_ops aren't ready until vintf/vcmdq structure are init-ed. So replace the full impl_ops with an init_ops in __tegra241_cmdqv_probe(). And switch to tegra241_cmdqv_impl_ops later in arm_smmu_init_structures(). Note that tegra241_cmdqv_impl_ops does not link to the new init_structures op after this switch, since there is no point in having it once it's done. Fixes: 918eb5c856f6 ("iommu/arm-smmu-v3: Add in-kernel support for NVIDIA Tegra241 (Grace) CMDQV") Reported-by: Matt Ochs Signed-off-by: Nicolin Chen Reviewed-by: Jason Gunthorpe Link: https://lore.kernel.org/r/530993c3aafa1b0fc3d879b8119e13c629d12e2b.1725503154.git.nicolinc@nvidia.com Signed-off-by: Will Deacon commit 2408b81f817ba6c278c5453eb9b43a167f35d471 Author: Nicolin Chen Date: Wed Sep 4 19:40:42 2024 -0700 iommu/tegra241-cmdqv: Drop static at local variable This is likely a typo. Drop it. Fixes: 918eb5c856f6 ("iommu/arm-smmu-v3: Add in-kernel support for NVIDIA Tegra241 (Grace) CMDQV") Signed-off-by: Nicolin Chen Reviewed-by: Jason Gunthorpe Link: https://lore.kernel.org/r/13fd3accb5b7ed6ec11cc6b7435f79f84af9f45f.1725503154.git.nicolinc@nvidia.com Signed-off-by: Will Deacon commit 9228956a620553d7fd17f703a37a26c91e4d92ab Author: Haibo Chen Date: Thu Sep 5 17:43:37 2024 +0800 spi: fspi: add support for imx8ulp The flexspi on imx8ulp only has 16 LUTs, different with others which have up to 32 LUTs. Add a separate compatible string and nxp_fspi_devtype_data to support flexspi on imx8ulp. Fixes: ef89fd56bdfc ("arm64: dts: imx8ulp: add flexspi node") Cc: stable@kernel.org Signed-off-by: Haibo Chen Reviewed-by: Frank Li Link: https://patch.msgid.link/20240905094338.1986871-4-haibo.chen@nxp.com Signed-off-by: Mark Brown commit 190b7e2efb1ed8435fc7431d9c7a2447d05d5066 Author: Haibo Chen Date: Thu Sep 5 17:43:36 2024 +0800 spi: fspi: involve lut_num for struct nxp_fspi_devtype_data The flexspi on different SoCs may have different number of LUTs. So involve lut_num in nxp_fspi_devtype_data to make distinguish. This patch prepare for the adding of imx8ulp. Fixes: ef89fd56bdfc ("arm64: dts: imx8ulp: add flexspi node") Cc: stable@kernel.org Signed-off-by: Haibo Chen Reviewed-by: Frank Li Link: https://patch.msgid.link/20240905094338.1986871-3-haibo.chen@nxp.com Signed-off-by: Mark Brown commit 12736adc43b7cd5cb83f274f8f37b0f89d107c97 Author: Haibo Chen Date: Thu Sep 5 17:43:35 2024 +0800 dt-bindings: spi: nxp-fspi: add imx8ulp support The flexspi on imx8ulp only has 16 number of LUTs, it is different with flexspi on other imx SoC which has 32 number of LUTs. Fixes: ef89fd56bdfc ("arm64: dts: imx8ulp: add flexspi node") Cc: stable@kernel.org Acked-by: Krzysztof Kozlowski Signed-off-by: Haibo Chen Reviewed-by: Frank Li Link: https://patch.msgid.link/20240905094338.1986871-2-haibo.chen@nxp.com Signed-off-by: Mark Brown commit 813751eaec93bfeb6236aaed99607a44c01b3110 Author: Chen Ni Date: Thu Sep 5 10:20:17 2024 +0800 ASoC: Intel: skl_hda_dsp_generic: convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Signed-off-by: Chen Ni Link: https://patch.msgid.link/20240905022017.1642550-1-nichen@iscas.ac.cn Signed-off-by: Mark Brown commit 54694840eff5e95d1b0ec0c916db2d889529c5d7 Author: Chen Ni Date: Thu Sep 5 11:21:48 2024 +0800 ASoC: topology-test: Convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Signed-off-by: Chen Ni Link: https://patch.msgid.link/20240905032148.1929393-1-nichen@iscas.ac.cn Signed-off-by: Mark Brown commit 56d8b784c56588cd40f98e4b1d4f6e29e3cb02b8 Merge: 3a1fb526c2482b a54da9df75cd1b Author: Hans de Goede Date: Thu Sep 5 16:51:58 2024 +0200 Merge tag 'hwmon-for-v6.11-rc7' into review-hans Merge "hwmon fixes for v6.11-rc7" into review-hans to bring in commit a54da9df75cd ("hwmon: (hp-wmi-sensors) Check if WMI event data exists"). This is a dependency for a set of WMI event data refactoring changes. commit a5f285d9cf11b15223ca2f28e4aa9998410cbeab Author: Rob Herring (Arm) Date: Wed Sep 4 14:22:22 2024 -0500 EDAC: Drop obsolete PPC4xx driver Since 47d13a269bbd ("powerpc/40x: Remove 40x platforms.") support for PPC40x platforms has been removed. While the EDAC driver also mentions PPC440 and PPC460 processors, the driver refuses to probe on anything other than PPC405. It's unlikely support will ever be added at this point for these other old platforms, so the driver can be removed. Signed-off-by: Rob Herring (Arm) Signed-off-by: Borislav Petkov (AMD) Acked-by: Michael Ellerman (powerpc) Link: https://lore.kernel.org/r/20240904192224.3060307-2-robh@kernel.org commit cd7bdd9d46a9540f3a20a0e14c99aa37b2d4a1dd Author: Andrii Nakryiko Date: Tue Sep 3 10:46:02 2024 -0700 uprobes: perform lockless SRCU-protected uprobes_tree lookup Another big bottleneck to scalablity is uprobe_treelock that's taken in a very hot path in handle_swbp(). Now that uprobes are SRCU-protected, take advantage of that and make uprobes_tree RB-tree look up lockless. To make RB-tree RCU-protected lockless lookup correct, we need to take into account that such RB-tree lookup can return false negatives if there are parallel RB-tree modifications (rotations) going on. We use seqcount lock to detect whether RB-tree changed, and if we find nothing while RB-tree got modified inbetween, we just retry. If uprobe was found, then it's guaranteed to be a correct lookup. With all the lock-avoiding changes done, we get a pretty decent improvement in performance and scalability of uprobes with number of CPUs, even though we are still nowhere near linear scalability. This is due to SRCU not really scaling very well with number of CPUs on a particular hardware that was used for testing (80-core Intel Xeon Gold 6138 CPU @ 2.00GHz), but also due to the remaning mmap_lock, which is currently taken to resolve interrupt address to inode+offset and then uprobe instance. And, of course, uretprobes still need similar RCU to avoid refcount in the hot path, which will be addressed in the follow up patches. Nevertheless, the improvement is good. We used BPF selftest-based uprobe-nop and uretprobe-nop benchmarks to get the below numbers, varying number of CPUs on which uprobes and uretprobes are triggered. BASELINE ======== uprobe-nop ( 1 cpus): 3.032 ± 0.023M/s ( 3.032M/s/cpu) uprobe-nop ( 2 cpus): 3.452 ± 0.005M/s ( 1.726M/s/cpu) uprobe-nop ( 4 cpus): 3.663 ± 0.005M/s ( 0.916M/s/cpu) uprobe-nop ( 8 cpus): 3.718 ± 0.038M/s ( 0.465M/s/cpu) uprobe-nop (16 cpus): 3.344 ± 0.008M/s ( 0.209M/s/cpu) uprobe-nop (32 cpus): 2.288 ± 0.021M/s ( 0.071M/s/cpu) uprobe-nop (64 cpus): 3.205 ± 0.004M/s ( 0.050M/s/cpu) uretprobe-nop ( 1 cpus): 1.979 ± 0.005M/s ( 1.979M/s/cpu) uretprobe-nop ( 2 cpus): 2.361 ± 0.005M/s ( 1.180M/s/cpu) uretprobe-nop ( 4 cpus): 2.309 ± 0.002M/s ( 0.577M/s/cpu) uretprobe-nop ( 8 cpus): 2.253 ± 0.001M/s ( 0.282M/s/cpu) uretprobe-nop (16 cpus): 2.007 ± 0.000M/s ( 0.125M/s/cpu) uretprobe-nop (32 cpus): 1.624 ± 0.003M/s ( 0.051M/s/cpu) uretprobe-nop (64 cpus): 2.149 ± 0.001M/s ( 0.034M/s/cpu) SRCU CHANGES ============ uprobe-nop ( 1 cpus): 3.276 ± 0.005M/s ( 3.276M/s/cpu) uprobe-nop ( 2 cpus): 4.125 ± 0.002M/s ( 2.063M/s/cpu) uprobe-nop ( 4 cpus): 7.713 ± 0.002M/s ( 1.928M/s/cpu) uprobe-nop ( 8 cpus): 8.097 ± 0.006M/s ( 1.012M/s/cpu) uprobe-nop (16 cpus): 6.501 ± 0.056M/s ( 0.406M/s/cpu) uprobe-nop (32 cpus): 4.398 ± 0.084M/s ( 0.137M/s/cpu) uprobe-nop (64 cpus): 6.452 ± 0.000M/s ( 0.101M/s/cpu) uretprobe-nop ( 1 cpus): 2.055 ± 0.001M/s ( 2.055M/s/cpu) uretprobe-nop ( 2 cpus): 2.677 ± 0.000M/s ( 1.339M/s/cpu) uretprobe-nop ( 4 cpus): 4.561 ± 0.003M/s ( 1.140M/s/cpu) uretprobe-nop ( 8 cpus): 5.291 ± 0.002M/s ( 0.661M/s/cpu) uretprobe-nop (16 cpus): 5.065 ± 0.019M/s ( 0.317M/s/cpu) uretprobe-nop (32 cpus): 3.622 ± 0.003M/s ( 0.113M/s/cpu) uretprobe-nop (64 cpus): 3.723 ± 0.002M/s ( 0.058M/s/cpu) Peak througput increased from 3.7 mln/s (uprobe triggerings) up to about 8 mln/s. For uretprobes it's a bit more modest with bump from 2.4 mln/s to 5mln/s. Suggested-by: "Peter Zijlstra (Intel)" Signed-off-by: Andrii Nakryiko Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Oleg Nesterov Link: https://lore.kernel.org/r/20240903174603.3554182-8-andrii@kernel.org commit 50a38035ed5ccc2ab8a28eaf70c3c7a87e060345 Author: Peter Zijlstra Date: Tue Sep 3 10:46:01 2024 -0700 rbtree: provide rb_find_rcu() / rb_find_add_rcu() Much like latch_tree, add two RCU methods for the regular RB-tree, which can be used in conjunction with a seqcount to provide lockless lookups. Signed-off-by: Peter Zijlstra (Intel) Signed-off-by: "Peter Zijlstra (Intel)" Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Oleg Nesterov Reviewed-by: "Masami Hiramatsu (Google)" Link: https://lore.kernel.org/r/20240903174603.3554182-7-andrii@kernel.org commit 04b01625da130c7521b768996cd5e48052198b97 Author: Peter Zijlstra Date: Tue Sep 3 10:46:00 2024 -0700 perf/uprobe: split uprobe_unregister() With uprobe_unregister() having grown a synchronize_srcu(), it becomes fairly slow to call. Esp. since both users of this API call it in a loop. Peel off the sync_srcu() and do it once, after the loop. We also need to add uprobe_unregister_sync() into uprobe_register()'s error handling path, as we need to be careful about returning to the caller before we have a guarantee that partially attached consumer won't be called anymore. This is an unlikely slow path and this should be totally fine to be slow in the case of a failed attach. Signed-off-by: Peter Zijlstra (Intel) Signed-off-by: "Peter Zijlstra (Intel)" Co-developed-by: Andrii Nakryiko Signed-off-by: Andrii Nakryiko Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Oleg Nesterov Link: https://lore.kernel.org/r/20240903174603.3554182-6-andrii@kernel.org commit cc01bd044e6a521d2cd128f685ee8d23ef0067f2 Author: Andrii Nakryiko Date: Tue Sep 3 10:45:59 2024 -0700 uprobes: travers uprobe's consumer list locklessly under SRCU protection uprobe->register_rwsem is one of a few big bottlenecks to scalability of uprobes, so we need to get rid of it to improve uprobe performance and multi-CPU scalability. First, we turn uprobe's consumer list to a typical doubly-linked list and utilize existing RCU-aware helpers for traversing such lists, as well as adding and removing elements from it. For entry uprobes we already have SRCU protection active since before uprobe lookup. For uretprobe we keep refcount, guaranteeing that uprobe won't go away from under us, but we add SRCU protection around consumer list traversal. Lastly, to keep handler_chain()'s UPROBE_HANDLER_REMOVE handling simple, we remember whether any removal was requested during handler calls, but then we double-check the decision under a proper register_rwsem using consumers' filter callbacks. Handler removal is very rare, so this extra lock won't hurt performance, overall, but we also avoid the need for any extra protection (e.g., seqcount locks). Signed-off-by: Andrii Nakryiko Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Oleg Nesterov Link: https://lore.kernel.org/r/20240903174603.3554182-5-andrii@kernel.org commit 59da880afed211c989ef65da577b24215ce57774 Author: Andrii Nakryiko Date: Tue Sep 3 10:45:58 2024 -0700 uprobes: get rid of enum uprobe_filter_ctx in uprobe filter callbacks It serves no purpose beyond adding unnecessray argument passed to the filter callback. Just get rid of it, no one is actually using it. Signed-off-by: Andrii Nakryiko Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Oleg Nesterov Link: https://lore.kernel.org/r/20240903174603.3554182-4-andrii@kernel.org commit 8617408f7a01e94ce1f73e40a7704530e5dfb25c Author: Andrii Nakryiko Date: Tue Sep 3 10:45:57 2024 -0700 uprobes: protected uprobe lifetime with SRCU To avoid unnecessarily taking a (brief) refcount on uprobe during breakpoint handling in handle_swbp for entry uprobes, make find_uprobe() not take refcount, but protect the lifetime of a uprobe instance with RCU. This improves scalability, as refcount gets quite expensive due to cache line bouncing between multiple CPUs. Specifically, we utilize our own uprobe-specific SRCU instance for this RCU protection. put_uprobe() will delay actual kfree() using call_srcu(). For now, uretprobe and single-stepping handling will still acquire refcount as necessary. We'll address these issues in follow up patches by making them use SRCU with timeout. Signed-off-by: Andrii Nakryiko Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Oleg Nesterov Link: https://lore.kernel.org/r/20240903174603.3554182-3-andrii@kernel.org commit 3f7f1a64da731749f1bbd7424b44c1ec6191f21c Author: Andrii Nakryiko Date: Tue Sep 3 10:45:56 2024 -0700 uprobes: revamp uprobe refcounting and lifetime management Revamp how struct uprobe is refcounted, and thus how its lifetime is managed. Right now, there are a few possible "owners" of uprobe refcount: - uprobes_tree RB tree assumes one refcount when uprobe is registered and added to the lookup tree; - while uprobe is triggered and kernel is handling it in the breakpoint handler code, temporary refcount bump is done to keep uprobe from being freed; - if we have uretprobe requested on a given struct uprobe instance, we take another refcount to keep uprobe alive until user space code returns from the function and triggers return handler. The uprobe_tree's extra refcount of 1 is confusing and problematic. No matter how many actual consumers are attached, they all share the same refcount, and we have an extra logic to drop the "last" (which might not really be last) refcount once uprobe's consumer list becomes empty. This is unconventional and has to be kept in mind as a special case all the time. Further, because of this design we have the situations where find_uprobe() will find uprobe, bump refcount, return it to the caller, but that uprobe will still need uprobe_is_active() check, after which the caller is required to drop refcount and try again. This is just too many details leaking to the higher level logic. This patch changes refcounting scheme in such a way as to not have uprobes_tree keeping extra refcount for struct uprobe. Instead, each uprobe_consumer is assuming its own refcount, which will be dropped when consumer is unregistered. Other than that, all the active users of uprobe (entry and return uprobe handling code) keeps exactly the same refcounting approach. With the above setup, once uprobe's refcount drops to zero, we need to make sure that uprobe's "destructor" removes uprobe from uprobes_tree, of course. This, though, races with uprobe entry handling code in handle_swbp(), which, through find_active_uprobe()->find_uprobe() lookup, can race with uprobe being destroyed after refcount drops to zero (e.g., due to uprobe_consumer unregistering). So we add try_get_uprobe(), which will attempt to bump refcount, unless it already is zero. Caller needs to guarantee that uprobe instance won't be freed in parallel, which is the case while we keep uprobes_treelock (for read or write, doesn't matter). Note also, we now don't leak the race between registration and unregistration, so we remove the retry logic completely. If find_uprobe() returns valid uprobe, it's guaranteed to remain in uprobes_tree with properly incremented refcount. The race is handled inside __insert_uprobe() and put_uprobe() working together: __insert_uprobe() will remove uprobe from RB-tree, if it can't bump refcount and will retry to insert the new uprobe instance. put_uprobe() won't attempt to remove uprobe from RB-tree, if it's already not there. All that is protected by uprobes_treelock, which keeps things simple. Signed-off-by: Andrii Nakryiko Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Oleg Nesterov Link: https://lore.kernel.org/r/20240903174603.3554182-2-andrii@kernel.org commit 5fe6e308abaea082c20fbf2aa5df8e14495622cf Author: Oleg Nesterov Date: Tue Aug 13 17:25:24 2024 +0200 bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() If bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the error_free label and frees the array of bpf_uprobe's without calling bpf_uprobe_unregister(). This leaks bpf_uprobe->uprobe and worse, this frees bpf_uprobe->consumer without removing it from the uprobe->consumers list. Fixes: 89ae89f53d20 ("bpf: Add multi uprobe link") Closes: https://lore.kernel.org/all/000000000000382d39061f59f2dd@google.com/ Reported-by: syzbot+f7a1c2c2711e4a780f19@syzkaller.appspotmail.com Signed-off-by: Oleg Nesterov Signed-off-by: Peter Zijlstra (Intel) Acked-by: Andrii Nakryiko Acked-by: Jiri Olsa Tested-by: syzbot+f7a1c2c2711e4a780f19@syzkaller.appspotmail.com Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240813152524.GA7292@redhat.com commit 62c0b1061593d7012292f781f11145b2d46f43ab Author: Luo Gengkun Date: Sat Aug 31 07:43:15 2024 +0000 perf/core: Fix small negative period being ignored In perf_adjust_period, we will first calculate period, and then use this period to calculate delta. However, when delta is less than 0, there will be a deviation compared to when delta is greater than or equal to 0. For example, when delta is in the range of [-14,-1], the range of delta = delta + 7 is between [-7,6], so the final value of delta/8 is 0. Therefore, the impact of -1 and -2 will be ignored. This is unacceptable when the target period is very short, because we will lose a lot of samples. Here are some tests and analyzes: before: # perf record -e cs -F 1000 ./a.out [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.022 MB perf.data (518 samples) ] # perf script ... a.out 396 257.956048: 23 cs: ffffffff81f4eeec schedul> a.out 396 257.957891: 23 cs: ffffffff81f4eeec schedul> a.out 396 257.959730: 23 cs: ffffffff81f4eeec schedul> a.out 396 257.961545: 23 cs: ffffffff81f4eeec schedul> a.out 396 257.963355: 23 cs: ffffffff81f4eeec schedul> a.out 396 257.965163: 23 cs: ffffffff81f4eeec schedul> a.out 396 257.966973: 23 cs: ffffffff81f4eeec schedul> a.out 396 257.968785: 23 cs: ffffffff81f4eeec schedul> a.out 396 257.970593: 23 cs: ffffffff81f4eeec schedul> ... after: # perf record -e cs -F 1000 ./a.out [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.058 MB perf.data (1466 samples) ] # perf script ... a.out 395 59.338813: 11 cs: ffffffff81f4eeec schedul> a.out 395 59.339707: 12 cs: ffffffff81f4eeec schedul> a.out 395 59.340682: 13 cs: ffffffff81f4eeec schedul> a.out 395 59.341751: 13 cs: ffffffff81f4eeec schedul> a.out 395 59.342799: 12 cs: ffffffff81f4eeec schedul> a.out 395 59.343765: 11 cs: ffffffff81f4eeec schedul> a.out 395 59.344651: 11 cs: ffffffff81f4eeec schedul> a.out 395 59.345539: 12 cs: ffffffff81f4eeec schedul> a.out 395 59.346502: 13 cs: ffffffff81f4eeec schedul> ... test.c int main() { for (int i = 0; i < 20000; i++) usleep(10); return 0; } # time ./a.out real 0m1.583s user 0m0.040s sys 0m0.298s The above results were tested on x86-64 qemu with KVM enabled using test.c as test program. Ideally, we should have around 1500 samples, but the previous algorithm had only about 500, whereas the modified algorithm now has about 1400. Further more, the new version shows 1 sample per 0.001s, while the previous one is 1 sample per 0.002s.This indicates that the new algorithm is more sensitive to small negative values compared to old algorithm. Fixes: bd2b5b12849a ("perf_counter: More aggressive frequency adjustment") Signed-off-by: Luo Gengkun Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Adrian Hunter Reviewed-by: Kan Liang Cc: stable@vger.kernel.org Link: https://lkml.kernel.org/r/20240831074316.2106159-2-luogengkun@huaweicloud.com commit fa42410edbf4af7fa396d4652532f224bec3b08c Author: Riyan Dhiman Date: Tue Sep 3 17:18:51 2024 +0530 staging: vme_user: changed geoid data type from int to u32 Geoid is a module parameter which is set by root user. Its valid values are between 0 and VME_MAX_SLOTS. So, changing data type of geoid from int to u32 since it will always be positive. Signed-off-by: Riyan Dhiman Link: https://lore.kernel.org/r/20240903114849.4953-3-riyandhiman14@gmail.com Signed-off-by: Greg Kroah-Hartman commit 59e574141f79d82149ce3f5a9d5c63cc3205c499 Author: vivek t s Date: Thu Sep 5 15:42:02 2024 +0530 Staging: rtl8723bs: Rename function SelectChannel() Rename function SelectChannel() to r8723bs_select_channel(), to avoid CamelCase and to improve cleanliness of the global namespace. Signed-off-by: vivek t s Link: https://lore.kernel.org/r/ZtmD8i7YZLRIcaI9@victor-IdeaPad-Gaming-3-16IAH7 Signed-off-by: Greg Kroah-Hartman commit d39b510a145a4766906cd49177695913d6e6bfd2 Merge: 03667e3d4fbcaf 5bbfdad8cf8d4b Author: Mark Brown Date: Thu Sep 5 15:44:29 2024 +0100 Add audio support for the MediaTek Genio 350-evk Merge series from amergnat@baylibre.com: This serie aim to add the following audio support for the Genio 350-evk: - Playback - 2ch Headset Jack (Earphone) - 1ch Line-out Jack (Speaker) - 8ch HDMI Tx - Capture - 1ch DMIC (On-board Digital Microphone) - 1ch AMIC (On-board Analogic Microphone) - 1ch Headset Jack (External Analogic Microphone) Of course, HDMI playback need the MT8365 display patches [1] and a DTS change documented in "mediatek,mt8365-mt6357.yaml". commit 5159b05a43e41dcfa577331d0f5df32b75e65128 Author: Roshan Khatri Date: Thu Sep 5 19:30:36 2024 +0545 staging: rtl8723bs: include: Fix spelling mistake in rtw_event.h This patch fixes spelling mistake to increase code readability and searching. Signed-off-by: Roshan Khatri Link: https://lore.kernel.org/r/20240905134536.4364-1-topofeverest8848@gmail.com Signed-off-by: Greg Kroah-Hartman commit 43d9821c60eb9edf9106918b0c3901d0e87d81bf Author: Roshan Khatri Date: Thu Sep 5 17:12:20 2024 +0545 staging: rtl8723bs: include: Fix spelling mistake in rtl8723b_hal.h This patch fixes spelling mistake to increase code readability and searching. Signed-off-by: Roshan Khatri Link: https://lore.kernel.org/r/20240905112720.3141-1-topofeverest8848@gmail.com Signed-off-by: Greg Kroah-Hartman commit 9c0c11bb87b09a8b7cdc21ca1090e7b36abe9d09 Author: Mathias Nyman Date: Thu Sep 5 17:33:00 2024 +0300 xhci: support setting interrupt moderation IMOD for secondary interrupters Allow creators of seconday interrupters to specify the interrupt moderation interval value in nanoseconds when creating the interrupter. If not sure what value to use then use the xhci driver default xhci->imod_interval Suggested-by: Wesley Cheng Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240905143300.1959279-13-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit f81dfa3b57c624c56f2bff171c431bc7f5b558f2 Author: Mathias Nyman Date: Thu Sep 5 17:32:59 2024 +0300 xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them. PCI xHC host should be stopped and xhci driver memory freed before putting host to PCI D3 state during PCI remove callback. Hosts with XHCI_SPURIOUS_WAKEUP quirk did this the wrong way around and set the host to D3 before calling usb_hcd_pci_remove(dev), which will access the host to stop it, and then free xhci. Fixes: f1f6d9a8b540 ("xhci: don't dereference a xhci member after removing xhci") Cc: stable@vger.kernel.org Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240905143300.1959279-12-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit da6a6dcfce61f765d5a77688f4a813deb410762e Author: Niklas Neronin Date: Thu Sep 5 17:32:58 2024 +0300 usb: xhci: adjust empty TD list handling in handle_tx_event() Introduce an initial check for an empty list prior to entering the while loop. Which enables, the implementation of distinct warnings to differentiate between scenarios where the list is initially empty and when it has been emptied during processing skipped isoc TDs. These adjustments not only simplifies the large while loop, but also facilitates future enhancements to the handle_tx_event() function. Signed-off-by: Niklas Neronin Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240905143300.1959279-11-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit dbb2c9229da2393086da235d4ced560dabe463ea Author: Niklas Neronin Date: Thu Sep 5 17:32:57 2024 +0300 usb: xhci: remove 'retval' from xhci_pci_resume() Remove unnecessary local 'retval' argument. Signed-off-by: Niklas Neronin Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240905143300.1959279-10-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 77d871aeddc360ccd0b0d533e2e2e57eda3975f3 Author: Niklas Neronin Date: Thu Sep 5 17:32:56 2024 +0300 usb: xhci: add comments explaining specific interrupt behaviour HCD does not allocate or request interrupt for the xhci driver, but HCD does free and sync xhci interrupts in some cases. Add comment detailing in which cases HCD will free/sync xhci interrupts. Signed-off-by: Niklas Neronin Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240905143300.1959279-9-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 811cd6ed04b9f8658df3590cb51ec39ebf2fa8e7 Author: Niklas Neronin Date: Thu Sep 5 17:32:55 2024 +0300 usb: xhci: make 'sbrn' a local variable Variable 'sbrn' is used to store the Serial Bus Release Number, which is then only used for a debug message. Thus, 'sbrn' can be a local variable and assigned after the primary HCD check. The SBRN debug message is only printed when a primary HCD is setup. Signed-off-by: Niklas Neronin Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240905143300.1959279-8-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit b14485d461a5571be339ba18fa168113ca36257b Author: Niklas Neronin Date: Thu Sep 5 17:32:54 2024 +0300 usb: xhci: remove unused variables from struct 'xhci_hcd' Variables 'max_slots', 'max_ports', 'isoc_threshold' and 'event_ring_max' are never set or used. Thus, remove them. Signed-off-by: Niklas Neronin Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240905143300.1959279-7-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit b0af5ae78581d0d0bc3813b7516ed75bb8626fc9 Author: Niklas Neronin Date: Thu Sep 5 17:32:53 2024 +0300 usb: xhci: remove excessive Bulk short packet debug message Completion codes 'COMP_SUCCESS' and 'COMP_SHORT_PACKET' are the most frequently encountered completion codes. Typically, these codes do not trigger a default debug message but rather a warning that indicates a potential issue. This behavior is consistent across all transfer types with the exception of Bulk transfers. To reduce unnecessary log clutter, remove the Bulk 'COMP_SHORT_PACKET' debug message. Signed-off-by: Niklas Neronin Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240905143300.1959279-6-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit a1de068215198d55795736652862446e41e6e78e Author: Niklas Neronin Date: Thu Sep 5 17:32:52 2024 +0300 usb: xhci: remove excessive isoc frame debug message spam The removed debug messages trigger each time an isoc frame is handled. In case of an error, a dedicated debug message exists. For example, a 60fps USB camera will trigger the debug message every 0.6s. Signed-off-by: Niklas Neronin Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240905143300.1959279-5-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit f5985a814739c3f2b3d53cc4ee1f55928fcbc23a Author: Yue Haibing Date: Thu Sep 5 17:32:51 2024 +0300 xhci: Remove unused function declarations Commit 674f8438c121 ("xhci: split handling halted endpoints into two steps") removed xhci_cleanup_stalled_ring() but left declaration. Commit 25355e046d29 ("xhci: use generic command timer for stop endpoint commands.") left behind xhci_stop_endpoint_command_watchdog(). Signed-off-by: Yue Haibing Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240905143300.1959279-4-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 31128e7492dc365a9ed37577b766e36c1193d369 Author: Mathias Nyman Date: Thu Sep 5 17:32:50 2024 +0300 xhci: dbc: add dbgtty request to end of list once it completes Make sure we move the requests from the read_queue to the end of the read_pool list, avoiding looping and using the same one request all the time. Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240905143300.1959279-3-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 9044ad57b60b0556d42b6f8aa218a68865e810a4 Author: Mathias Nyman Date: Thu Sep 5 17:32:49 2024 +0300 xhci: dbc: Fix STALL transfer event handling Don't flush all pending DbC data requests when an endpoint halts. An endpoint may halt and xHC DbC triggers a STALL error event if there's an issue with a bulk data transfer. The transfer should restart once xHC DbC receives a ClearFeature(ENDPOINT_HALT) request from the host. Once xHC DbC restarts it will start from the TRB pointed to by dequeue field in the endpoint context, which might be the same TRB we got the STALL event for. Turn the TRB to a no-op in this case to make sure xHC DbC doesn't reuse and tries to retransmit this same TRB after we already handled it, and gave its corresponding data request back. Other STALL events might be completely bogus. Lukasz Bartosik discovered that xHC DbC might issue spurious STALL events if hosts sends a ClearFeature(ENDPOINT_HALT) request to non-halted endpoints even without any active bulk transfers. Assume STALL event is spurious if it reports 0 bytes transferred, and the endpoint stopped on the STALLED TRB. Don't give back the data request corresponding to the TRB in this case. The halted status is per endpoint. Track it with a per endpoint flag instead of the driver invented DbC wide DS_STALLED state. DbC remains in DbC-Configured state even if endpoints halt. There is no Stalled state in the DbC Port state Machine (xhci section 7.6.6) Reported-by: Łukasz Bartosik Closes: https://lore.kernel.org/linux-usb/20240725074857.623299-1-ukaszb@chromium.org/ Tested-by: Łukasz Bartosik Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240905143300.1959279-2-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 249d30b515c91841c865042c9d0e733142cca8bb Merge: 6d67480404db36 009ff80bfaec1a Author: Arnd Bergmann Date: Thu Sep 5 14:39:15 2024 +0000 Merge tag 'amlogic-drivers-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/amlogic/linux into soc/drivers Amlogic drivers changes for v6.12: - Support new Amlogic SoCs in meson-gx-ao-secure & meson-gx-socinfo * tag 'amlogic-drivers-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/amlogic/linux: soc: amlogic: meson-gx-socinfo: add new SoCs id dt-bindings: arm: amlogic: meson-gx-ao-secure: support more SoCs Link: https://lore.kernel.org/r/577ad7fe-19b1-468a-b994-573855493fd7@linaro.org Signed-off-by: Arnd Bergmann commit ef1e32cb6314898da9188e2371a398c217db238a Author: Rob Herring Date: Fri Aug 16 10:47:14 2024 -0600 ARM: dts: Fix undocumented LM75 compatible nodes "lm75" without any vendor is undocumented. It works with the Linux kernel since the I2C subsystem will do matches of the compatible string without a vendor prefix to the i2c_device_id and/or driver name. Mostly replace "lm75" with "national,lm75" as that's the original part vendor and the compatible which matches what "lm75" matched with. In a couple of cases the node name or compatible gives a clue to the actual part and vendor and a more specific compatible can be used. In these cases, it does change the variant the kernel picks. "nct75" is an OnSemi part which is compatible with TI TMP75C based on a comparison of the OnSemi NCT75 datasheet and configuration the Linux driver uses. Adding an OnSemi compatible would be an ABI change. "nxp,lm75" is most likely an NXP part. Alexander Stein says the i.MX53 boards are a NXP LM75A as well. NXP makes a LM75A and LM75B. Both are 11-bit resolution and 100ms sample time. The "national,lm75a" is 9-bit, so "national,lm75b" is the closest match for both NXP variants. While we're here, fix the node names to use the generic name "temperature-sensor". Reviewed-by: Krzysztof Kozlowski Reviewed-by: Kevin Hilman # am335x-nano.dts Signed-off-by: Rob Herring (Arm) Reviewed-by: Alexander Stein # imx53-mba53.dts, imx53-tqma53.dtsi Link: https://lore.kernel.org/r/20240816164717.1585629-1-robh@kernel.org Signed-off-by: Arnd Bergmann commit eb1ea1351da0196e355391b4aa7f8a58536f16e6 Author: Hongbo Li Date: Wed Sep 4 09:14:34 2024 +0800 power: supply: ab8500: Constify struct kobj_type This 'struct kobj_type' is not modified. It is only used in kobject_init_and_add() which takes a 'const struct kobj_type *ktype' parameter. Constifying this structure and moving it to a read-only section, and can increase over all security. Signed-off-by: Hongbo Li Link: https://lore.kernel.org/r/20240904011434.2010118-1-lihongbo22@huawei.com Signed-off-by: Sebastian Reichel commit 48f703d6a3d7cf345fe9c6209ea3703fe9024628 Author: Dan Carpenter Date: Thu Sep 5 16:28:59 2024 +0300 power: supply: max1720x: fix a double free on error in probe() In this code, if devm_add_action_or_reset() fails, it will call max1720x_unregister_ancillary() which in turn calls i2c_unregister_device(). Thus the call to i2c_unregister_device() on the following line is not required and is a double unregister. Delete it. Fixes: 47271a935619 ("power: supply: max1720x: add read support for nvmem") Signed-off-by: Dan Carpenter Link: https://lore.kernel.org/r/9c2f76e7-5679-473b-9b9c-e11b492b96ac@stanley.mountain Signed-off-by: Sebastian Reichel commit 73183ad6ea51029d04b098286dcee98d715015f1 Author: Jason Gunthorpe Date: Thu Aug 29 10:19:59 2024 -0300 iommufd: Check the domain owner of the parent before creating a nesting domain This check was missed, before we can pass a struct iommu_domain to a driver callback we need to validate that the domain was created by that driver. Fixes: bd529dbb661d ("iommufd: Add a nested HW pagetable object") Link: https://patch.msgid.link/r/0-v1-c8770519edde+1a-iommufd_nesting_ops_jgg@nvidia.com Reviewed-by: Nicolin Chen Signed-off-by: Jason Gunthorpe commit 828b70ea7fd138699b4c211cf2083af5b99d2042 Merge: 771dfd5a900b38 e202307b75660a Author: Arnd Bergmann Date: Thu Sep 5 14:23:25 2024 +0000 Merge tag 'amlogic-arm64-dt-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/amlogic/linux into soc/dt Amlogic ARM64 DT changes for v6.12: - New Boards: - AW419 (Amlogic C3) - Power Controller node for Amlogic A5 SoC - Always-On Secure node for Amlogig A4/T7/C4 & S4 SoCs - Amlogic A4 & C3 hardware support: - PLL, SPICC, NOND, SDCard, Ethernet, Watchdog - Final fixes for DTBs check: - add clock and clock-names to sound cards - drop saradc gxlx compatible * tag 'amlogic-arm64-dt-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/amlogic/linux: arm64: dts: amlogic: gxlx-s905l-p271: drop saradc gxlx compatible arm64: dts: amlogic: add clock and clock-names to sound cards arm64: dts: amlogic: c3: fix dtbcheck warning arm64: dts: amlogic: add C3 AW419 board arm64: dts: amlogic: add some device nodes for C3 dt-bindings: clock: fix C3 PLL input parameter arm64: dts: amlogic: a4: add ao secure node arm64: dts: amlogic: t7: add ao secure node arm64: dts: amlogic: c3: add ao secure node arm64: dts: amlogic: s4: add ao secure node arm64: dts: amlogic: add watchdog node for A4 SoCs arm64: dts: amlogic: enable some device nodes for S4 arm64: dts: amlogic: a5: add power domain controller node Link: https://lore.kernel.org/r/cc8fb460-5ac0-4b16-8490-8ac9f89f1b7f@linaro.org Signed-off-by: Arnd Bergmann commit 03f8dc1d0a3823229a761f202bc1a6e63d5b4ba0 Author: Thomas Weißschuh Date: Wed Aug 28 09:33:33 2024 +0200 HID: uclogic: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240828-hid-const-fixup-2-v1-14-663b9210eb69@weissschuh.net Signed-off-by: Benjamin Tissoires commit 24b3c515c69bcb87e4af696883eaaecece26ff60 Author: Thomas Weißschuh Date: Wed Aug 28 09:33:31 2024 +0200 HID: waltop: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240828-hid-const-fixup-2-v1-12-663b9210eb69@weissschuh.net Signed-off-by: Benjamin Tissoires commit d4781a27add1a881b92cd71d1ce6190c121d042b Author: Thomas Weißschuh Date: Wed Aug 28 09:33:30 2024 +0200 HID: sony: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240828-hid-const-fixup-2-v1-11-663b9210eb69@weissschuh.net Signed-off-by: Benjamin Tissoires commit 4211f9b112167f107c96e1c18cd0e5da71b0680a Author: Thomas Weißschuh Date: Wed Aug 28 09:33:29 2024 +0200 HID: pxrc: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240828-hid-const-fixup-2-v1-10-663b9210eb69@weissschuh.net Signed-off-by: Benjamin Tissoires commit 88ae9ffc7c85c1b6b845f51e5fd850d092e75cd5 Author: Thomas Weißschuh Date: Wed Aug 28 09:33:28 2024 +0200 HID: steelseries: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240828-hid-const-fixup-2-v1-9-663b9210eb69@weissschuh.net Signed-off-by: Benjamin Tissoires commit 4f3ff3a275f9ab016cde5561bc1b53c581fc8734 Author: Thomas Weißschuh Date: Wed Aug 28 09:33:27 2024 +0200 HID: viewsonic: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240828-hid-const-fixup-2-v1-8-663b9210eb69@weissschuh.net Signed-off-by: Benjamin Tissoires commit 49cf20b878faf1678b25cbc26df6f0e6bff372f6 Author: Thomas Weißschuh Date: Wed Aug 28 09:33:26 2024 +0200 HID: vrc2: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240828-hid-const-fixup-2-v1-7-663b9210eb69@weissschuh.net Signed-off-by: Benjamin Tissoires commit c06df4c57af89f07713adc7088ad875409a91462 Author: Thomas Weißschuh Date: Wed Aug 28 09:33:25 2024 +0200 HID: xiaomi: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240828-hid-const-fixup-2-v1-6-663b9210eb69@weissschuh.net Signed-off-by: Benjamin Tissoires commit d8b21af666013ae275675a101facaf1222719203 Author: Thomas Weißschuh Date: Wed Aug 28 09:33:24 2024 +0200 HID: maltron: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240828-hid-const-fixup-2-v1-5-663b9210eb69@weissschuh.net Signed-off-by: Benjamin Tissoires commit b299944af770e36cf5e04e908ca056b72d6f6b90 Author: Thomas Weißschuh Date: Wed Aug 28 09:33:23 2024 +0200 HID: keytouch: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240828-hid-const-fixup-2-v1-4-663b9210eb69@weissschuh.net Signed-off-by: Benjamin Tissoires commit 3ce7edfa4f096a6e6c802bc3c6b04b1d691a2612 Author: Thomas Weißschuh Date: Wed Aug 28 09:33:22 2024 +0200 HID: holtek-kbd: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240828-hid-const-fixup-2-v1-3-663b9210eb69@weissschuh.net Signed-off-by: Benjamin Tissoires commit 49e00b5ca0bbf26cc0c7ff22415ede58b71937f3 Author: Thomas Weißschuh Date: Wed Aug 28 09:33:21 2024 +0200 HID: dr: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240828-hid-const-fixup-2-v1-2-663b9210eb69@weissschuh.net Signed-off-by: Benjamin Tissoires commit 00f6f65bd1162dee2e30ef11864892afcbbf2352 Author: Thomas Weißschuh Date: Wed Aug 28 09:33:20 2024 +0200 HID: bigbenff: constify fixed up report descriptor Now that the HID core can handle const report descriptors, constify them where possible. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240828-hid-const-fixup-2-v1-1-663b9210eb69@weissschuh.net Signed-off-by: Benjamin Tissoires commit 3ff77190cc892f8e78428bb38042f093b48d3d82 Merge: 072e18d63b9171 84a5ae5b23ba63 Author: Greg Kroah-Hartman Date: Thu Sep 5 16:20:47 2024 +0200 Merge tag 'mhi-for-v6.12' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/mani/mhi into char-misc-next Manivannan writes: MHI Host ======== core ---- - Used const qualifier for 'mhi_bus_type' to place it onto the read-only memory segment. pci_generic ----------- - Fixed the Telit FE990A modem name as it was advertising the wrong product name, thereby confusing the users. - Added Netprisma LCUR57 and FCUN69 modems based on Qcom SDX24 and SDX6X SoCs. - Updated the EDL (Emergency Download) firmware path for the Foxconn modems. The patch that added the modem support mistakenly specified the generic EDL firmware path common for Qcom based modems. But they won't work. - Enabled the EDL trigger for all Foxconn modems to update the modem firmware. * tag 'mhi-for-v6.12' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/mani/mhi: bus: mhi: host: pci_generic: Enable EDL trigger for Foxconn modems bus: mhi: host: pci_generic: Update EDL firmware path for Foxconn modems bus: mhi: host: pci_generic: Add support for Netprisma LCUR57 and FCUN69 bus: mhi: host: make mhi_bus_type const bus: mhi: host: pci_generic: Fix the name for the Telit FE990A commit f166da5c9dcdc1da509bc16b016bf9bc09ad4f41 Merge: 35e834e812f712 3c8966403dae49 Author: Arnd Bergmann Date: Thu Sep 5 14:18:03 2024 +0000 Merge tag 'samsung-soc-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux into soc/arm Samsung mach/soc changes for v6.12 1. Few ARM32 machine code cleanups, 2. Add dedicated maintainer entry for ARM64 Exynos850 DTS and driver code. * tag 'samsung-soc-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux: ARM: s3c: remove unused s3c2410_cpu_suspend() declaration ARM: s3c: remove unused declarations for s3c6400 ARM: s3c: Remove unused s3c_init_uart_irqs() declaration MAINTAINERS: Add entry for Samsung Exynos850 SoC ARM: s3c: Drop explicit initialization of struct i2c_device_id::driver_data to 0 Link: https://lore.kernel.org/r/20240827121638.29707-3-krzysztof.kozlowski@linaro.org Signed-off-by: Arnd Bergmann commit 6d67480404db36a9d8b91cf4e45a7b42a230e1c9 Merge: 3b42530638442f 6614be05358869 Author: Arnd Bergmann Date: Thu Sep 5 14:13:39 2024 +0000 Merge tag 'qcom-drivers-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux into soc/drivers Qualcomm driver updates for v6.12 Support is added for making SCM driver configure the system either for a full or minimal ramdump following a system crash. The ramdump mode is changed from being enable-only to enable/disable as requested. The QSEECOM uefisecapp interface is allow-listed on Surface Laptop 7 and Lenovo Thinkpad T14s, providing EFI variable access. The change to match the SMD RPM driver based on the SMD channel name is reverted, in favor of stepping back to OF-based matching, as a means to get module autoloading to work properly. AOSS, APR, ICE, OCMEM, PBS and SMP2P drivers has error handling cleaned up using scoped resources. Trace events are added to the BWMON and SMP2P drivers, for better insights into their operations. The X1E LLCC configuration data is updated based on recommended values. A number of platforms are added to the in-kernel PD-mapper. SocInfo driver is extended with IDs from SM7325, QCS8275 and QCS8300 families. * tag 'qcom-drivers-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux: (33 commits) firmware: qcom: scm: Allow QSEECOM on Surface Laptop 7 models dt-bindings: soc: qcom: qcom,pmic-glink: Document SM7325 compatible soc: qcom: pd_mapper: Add SM7325 compatible soc: qcom: socinfo: Add Soc IDs for SM7325 family dt-bindings: arm: qcom,ids: Add IDs for SM7325 family soc: qcom: socinfo: add QCS8275/QCS8300 SoC ID dt-bindings: arm: qcom,ids: add SoC ID for QCS8275/QCS8300 soc: qcom: smp2p: use scoped device node handling to simplify error paths soc: qcom: pbs: use scoped device node handling to simplify error paths soc: qcom: ocmem: use scoped device node handling to simplify error paths soc: qcom: ice: use scoped device node handling to simplify error paths soc: qcom: aoss: simplify with scoped for each OF child loop soc: qcom: apr: simplify with scoped for each OF child loop soc: qcom: smd-rpm: add qcom,smd-rpm compatible dt-bindings: soc: qcom: smd-rpm: add generic compatibles Revert "soc: qcom: smd-rpm: Match rpmsg channel instead of compatible" firmware: qcom: scm: Add multiple download mode support firmware: qcom: scm: Refactor code to support multiple dload mode soc: qcom: pd_mapper: Add more older platforms without domains soc: qcom: pd_mapper: Add X1E80100 ... Link: https://lore.kernel.org/r/20240904193042.15118-1-andersson@kernel.org Signed-off-by: Arnd Bergmann commit 3b42530638442f656bbb5e292e8a0432e2a7efa8 Merge: dc2b17fbd599ca 1a92f0387b17c8 Author: Arnd Bergmann Date: Thu Sep 5 14:13:14 2024 +0000 Merge tag 'at91-soc-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/at91/linux into soc/drivers Microchip AT91 SoC updates for v6.12 It contains: - support for the Microchip SAM9X7 SoC: -- power management -- SoC identification -- sysreg documentation updates -- necessary Kconfig updates * tag 'at91-soc-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/at91/linux: ARM: at91: Kconfig: add config flag for SAM9X7 SoC ARM: at91: add support in SoC driver for new sam9x7 ARM: at91: pm: add sam9x7 SoC init config ARM: at91: pm: add support for sam9x7 SoC family dt-bindings: atmel-sysreg: add sam9x7 Link: https://lore.kernel.org/r/20240901133110.2038675-3-claudiu.beznea@tuxon.dev Signed-off-by: Arnd Bergmann commit dc2b17fbd599caa6079d619e1ff2c3d980ff6603 Author: Herve Codina Date: Thu Sep 5 09:22:15 2024 +0200 soc: fsl: qe: ucc: Export ucc_mux_set_grant_tsa_bkpt When TSA is compiled as module the following error is reported: "ucc_mux_set_grant_tsa_bkpt" [drivers/soc/fsl/qe/tsa.ko] undefined! Indeed, the ucc_mux_set_grant_tsa_bkpt symbol is not exported. Simply export ucc_mux_set_grant_tsa_bkpt. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409051409.fszn8rEo-lkp@intel.com/ Signed-off-by: Herve Codina Acked-by: Christophe Leroy Signed-off-by: Arnd Bergmann commit be5ea8f3e37669ab4eec280d55c437c513a7d87c Merge: 742d980809597f 9aee8262445d18 Author: Arnd Bergmann Date: Thu Sep 5 14:11:37 2024 +0000 Merge tag 'omap-for-v6.12/drivers-signed' of https://git.kernel.org/pub/scm/linux/kernel/git/khilman/linux-omap into soc/drivers ARM: OMAP2+: misc driver updates for v6.12 * tag 'omap-for-v6.12/drivers-signed' of https://git.kernel.org/pub/scm/linux/kernel/git/khilman/linux-omap: ARM: OMAP2+: Remove obsoleted declaration for gpmc_onenand_init bus: ti-sysc: Remove excess struct member 'disable_on_idle' description bus: ti-sysc: Use of_property_present() Link: https://lore.kernel.org/r/7hcyljarit.fsf@baylibre.com Signed-off-by: Arnd Bergmann commit 742d980809597f26ed356e751014a1bbbdb32165 Merge: 311ef8837ff2c9 2ea2113b3dacf9 Author: Arnd Bergmann Date: Thu Sep 5 14:11:31 2024 +0000 Merge tag 'imx-drivers-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux into soc/drivers i.MX drivers changes for 6.12: - A couple of imx-weim bus driver changes from Wu Bo to support compile test and use devm_clk_get_enabled() helper to clean up code a bit * tag 'imx-drivers-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux: bus: imx-weim: change to use devm_clk_get_enabled() helper bus: imx-weim: support compile test Link: https://lore.kernel.org/r/20240904143439.211552-1-shawnguo2@yeah.net Signed-off-by: Arnd Bergmann commit 311ef8837ff2c99a1594fa979aa6bc6e0099d98c Merge: 639d5f6dee6eef 487b1b32e317b8 Author: Arnd Bergmann Date: Thu Sep 5 14:11:20 2024 +0000 Merge tag 'reset-for-v6.12' of git://git.pengutronix.de/pza/linux into soc/drivers Reset controller updates for v6.12 Use get_device()/put_device() to keep reset controller devices alive while their reset controls are acquired. Enable support for the Amlogic T7 SoC reset controller. Remove unused EyeQ reset bindings and add a reset controller driver to be instantiated as auxiliary device by the EyeQ clock driver. Fix OF node leaks in the k210 and berlin probe() error paths. Add some simplifications and cleanup in the core, lcp18xx driver, and uniphier bindings. * tag 'reset-for-v6.12' of git://git.pengutronix.de/pza/linux: reset: eyeq: add platform driver Revert "dt-bindings: reset: mobileye,eyeq5-reset: add bindings" reset: reset-meson: Add support for Amlogic T7 SoC reset controller dt-bindings: reset: Add Amlogic T7 reset controller reset: core: add get_device()/put_device on rcdev reset: lpc18xx: simplify with devm_clk_get_enabled() reset: lpc18xx: simplify with dev_err_probe() reset: simplify locking with guard() reset: k210: fix OF node leak in probe() error path reset: berlin: fix OF node leak in probe() error path dt-bindings: reset: socionext,uniphier-glue-reset: add top-level constraints Link: https://lore.kernel.org/r/20240904103921.1479579-1-p.zabel@pengutronix.de Signed-off-by: Arnd Bergmann commit 639d5f6dee6eef470bcef434a5c401571602d9c4 Merge: b1cd063981de57 15a62b81175885 Author: Arnd Bergmann Date: Thu Sep 5 14:11:08 2024 +0000 Merge tag 'integrator-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-integrator into soc/drivers Integrator fixes for the v6.12 kernel cycle, some of_node_put():s were missing in the SoC drivers. * tag 'integrator-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-integrator: bus: integrator-lm: fix OF node leak in probe() ARM: versatile: fix OF node leak in CPUs prepare Link: https://lore.kernel.org/r/CACRpkdahXECZXWA5uv=SZtkzU0E++fQj7QWK8kYuH0-asLUPqg@mail.gmail.com Signed-off-by: Arnd Bergmann commit 84a5ae5b23ba6320bbdfeccfe9a3ad31b2cc41d9 Author: Slark Xiao Date: Thu Jul 25 10:29:41 2024 +0800 bus: mhi: host: pci_generic: Enable EDL trigger for Foxconn modems All Foxconn modems support generic EDL trigger to flash the firmware. Hence, enable the EDL trigger using mhi_pci_dev_info::edl_trigger. Signed-off-by: Slark Xiao Reviewed-by: Manivannan Sadhasivam Link: https://lore.kernel.org/r/20240725022941.65948-2-slark_xiao@163.com [mani: Reworded the subject and description] Signed-off-by: Manivannan Sadhasivam commit a7bc66fe8093b48e86386cf73dd601feaaa7949c Author: Slark Xiao Date: Thu Jul 25 10:29:40 2024 +0800 bus: mhi: host: pci_generic: Update EDL firmware path for Foxconn modems Foxconn uses a unique firmware for their MHI based modems. So the generic firmware from Qcom won't work. Hence, update the EDL firmware path to include the 'foxconn' subdirectory based on the modem SoC so that the Foxconn specific firmware could be used. Respective firmware will be upstreamed to linux-firmware repo. Cc: stable@vger.kernel.org # 6.11 Fixes: bf30a75e6e00 ("bus: mhi: host: Add support for Foxconn SDX72 modems") Signed-off-by: Slark Xiao Reviewed-by: Manivannan Sadhasivam Link: https://lore.kernel.org/r/20240725022941.65948-1-slark_xiao@163.com [mani: Reworded the subject and description] Signed-off-by: Manivannan Sadhasivam commit 6b083650a37318112fb60c65fbb6070584f53d93 Author: Maciej Fijalkowski Date: Wed Sep 4 18:28:08 2024 +0200 xsk: Bump xsk_queue::queue_empty_descs in xp_can_alloc() We have STAT_FILL_EMPTY test case in xskxceiver that tries to process traffic with fill queue being empty which currently fails for zero copy ice driver after it started to use xsk_buff_can_alloc() API. That is because xsk_queue::queue_empty_descs is currently only increased from alloc APIs and right now if driver sees that xsk_buff_pool will be unable to provide the requested count of buffers, it bails out early, skipping calls to xsk_buff_alloc{_batch}(). Mentioned statistic should be handled in xsk_buff_can_alloc() from the very beginning, so let's add this logic now. Do it by open coding xskq_cons_has_entries() and bumping queue_empty_descs in the middle when fill queue currently has no entries. Signed-off-by: Maciej Fijalkowski Signed-off-by: Daniel Borkmann Acked-by: Magnus Karlsson Link: https://lore.kernel.org/bpf/20240904162808.249160-1-maciej.fijalkowski@intel.com commit 22d6adac5b17d817f3ac5da2bd68aa8aa3c9dc17 Merge: d0c4dd9f7ca62b b671105b88c3bb Author: Paolo Abeni Date: Thu Sep 5 15:21:14 2024 +0200 Merge branch 'add-driver-for-motorcomm-yt8821-2-5g-ethernet-phy' Frank Sae says: ==================== Add driver for Motorcomm yt8821 2.5G ethernet phy yt8521 and yt8531s as Gigabit transceiver use bit15:14(bit9 reserved default 0) as phy speed mask, yt8821 as 2.5G transceiver uses bit9 bit15:14 as phy speed mask. Be compatible to yt8821, reform phy speed mask and phy speed macro. Based on update above, add yt8821 2.5G phy driver. ==================== Link: https://patch.msgid.link/20240901083526.163784-1-Frank.Sae@motor-comm.com Signed-off-by: Paolo Abeni commit b671105b88c3bb9acc1fb61a3ee2ca0ece60cb8d Author: Frank Sae Date: Sun Sep 1 01:35:26 2024 -0700 net: phy: Add driver for Motorcomm yt8821 2.5G ethernet phy Add a driver for the motorcomm yt8821 2.5G ethernet phy. Verified the driver on BPI-R3(with MediaTek MT7986(Filogic 830) SoC) development board, which is developed by Guangdong Bipai Technology Co., Ltd.. yt8821 2.5G ethernet phy works in AUTO_BX2500_SGMII or FORCE_BX2500 interface, supports 2.5G/1000M/100M/10M speeds, and wol(magic package). Signed-off-by: Frank Sae Reviewed-by: Sai Krishna Reviewed-by: Andrew Lunn Signed-off-by: Paolo Abeni commit 8d878c87b5c45ae64b0aecd4aac71e210d19173f Author: Frank Sae Date: Sun Sep 1 01:35:25 2024 -0700 net: phy: Optimize phy speed mask to be compatible to yt8821 yt8521 and yt8531s as Gigabit transceiver use bit15:14(bit9 reserved default 0) as phy speed mask, yt8821 as 2.5G transceiver uses bit9 bit15:14 as phy speed mask. Be compatible to yt8821, reform phy speed mask and phy speed macro. Reviewed-by: Andrew Lunn Signed-off-by: Frank Sae Signed-off-by: Paolo Abeni commit 000f6d588a8f3d128f89351058dc04d38e54a327 Author: Thomas Weißschuh Date: Thu Sep 5 09:46:01 2024 +0200 of: address: Report error on resource bounds overflow The members "start" and "end" of struct resource are of type "resource_size_t" which can be 32bit wide. Values read from OF however are always 64bit wide. Avoid silently truncating the value and instead return an error value. This can happen on real systems when the DT was created for a PAE-enabled kernel and a non-PAE kernel is actually running. For example with an arm defconfig and "qemu-system-arm -M virt". Link: https://bugs.launchpad.net/qemu/+bug/1790975 Signed-off-by: Thomas Weißschuh Tested-by: Nam Cao Reviewed-by: Nam Cao Link: https://lore.kernel.org/r/20240905-of-resource-overflow-v1-1-0cd8bb92cc1f@linutronix.de Cc: stable@vger.kernel.org Signed-off-by: Rob Herring (Arm) commit d0c4dd9f7ca62be949343e3f6e59ce18f7873657 Merge: 335cc75ce3d8ba 9d56d4aa1b7b0e Author: Paolo Abeni Date: Thu Sep 5 15:08:58 2024 +0200 Merge tag 'linux-can-next-for-6.12-20240904-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next Marc Kleine-Budde says: ==================== pull-request: can-next 2024-09-04-2 this is a pull request of 18 patches for net-next/master. All 18 patches add support for CAN-FD IP core found on Rockchip RK3568. The first patch is co-developed by Elaine Zhang and me and adds DT bindings documentation. The remaining 17 patches are by me and add the driver in several stages. linux-can-next-for-6.12-20240904-2 * tag 'linux-can-next-for-6.12-20240904-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next: can: rockchip_canfd: add support for CAN_CTRLMODE_BERR_REPORTING can: rockchip_canfd: add support for CAN_CTRLMODE_LOOPBACK can: rockchip_canfd: add hardware timestamping support can: rockchip_canfd: enable full TX-FIFO depth of 2 can: rockchip_canfd: prepare to use full TX-FIFO depth can: rockchip_canfd: add stats support for errata workarounds can: rockchip_canfd: rkcanfd_get_berr_counter_corrected(): work around broken {RX,TX}ERRORCNT register can: rockchip_canfd: implement workaround for erratum 12 can: rockchip_canfd: implement workaround for erratum 6 can: rockchip_canfd: add TX PATH can: rockchip_canfd: rkcanfd_register_done(): add warning for erratum 5 can: rockchip_canfd: rkcanfd_handle_rx_int_one(): implement workaround for erratum 5: check for empty FIFO can: rockchip_canfd: add notes about known issues can: rockchip_canfd: add support for rk3568v3 can: rockchip_canfd: add quirk for broken CAN-FD support can: rockchip_canfd: add quirks for errata workarounds can: rockchip_canfd: add driver for Rockchip CAN-FD controller dt-bindings: can: rockchip_canfd: add rockchip CAN-FD controller ==================== Link: https://patch.msgid.link/20240904130256.1965582-1-mkl@pengutronix.de Signed-off-by: Paolo Abeni commit 992b7066800f3957e40b3a9d5ed4f041b998fec1 Author: Ingo Franzki Date: Wed Sep 4 14:44:16 2024 +0200 s390/sha3: Fix SHA3 selftests failures Since commit "s390/sha3: Support sha3 performance enhancements" the selftests of the sha3_256_s390 and sha3_512_s390 kernel digests sometimes fail with: alg: shash: sha3-256-s390 test failed (wrong result) on test vector 3, cfg="import/export" alg: self-tests for sha3-256 using sha3-256-s390 failed (rc=-22) or with alg: ahash: sha3-256-s390 test failed (wrong result) on test vector 3, cfg="digest misaligned splits crossing pages" alg: self-tests for sha3-256 using sha3-256-s390 failed (rc=-22) The first failure is because the newly introduced context field 'first_message_part' is not copied during export and import operations. Because of that the value of 'first_message_part' is more or less random after an import into a newly allocated context and may or may not fit to the state of the imported SHA3 operation, causing an invalid hash when it does not fit. Save the 'first_message_part' field in the currently unused field 'partial' of struct sha3_state, even though the meaning of 'partial' is not exactly the same as 'first_message_part'. For the caller the returned state blob is opaque and it must only be ensured that the state can be imported later on by the module that exported it. The second failure is when on entry of s390_sha_update() the flag 'first_message_part' is on, and kimd is called in the first 'if (index)' block as well as in the second 'if (len >= bsize)' block. In this case, the 'first_message_part' is turned off after the first kimd, but the function code incorrectly retains the NIP flag. Reset the NIP flag after the first kimd unconditionally besides turning 'first_message_part' off. Reported-by: Marc Hartmayer Fixes: 88c02b3f79a6 ("s390/sha3: Support sha3 performance enhancements") Reviewed-by: Harald Freudenberger Reviewed-by: Holger Dengler Reviewed-by: Joerg Schmidbauer Signed-off-by: Ingo Franzki Signed-off-by: Heiko Carstens commit fd197556eef50d9c1e27cefd5bfa6df1ca0cc854 Author: Harald Freudenberger Date: Mon Sep 2 15:19:44 2024 +0200 s390/pkey: Add AES xts and HMAC clear key token support Add support for deriving protected keys from clear key token for AES xts and HMAC keys via PCKMO instruction. Add support for protected key generation and unwrap of protected key tokens for these key types. Furthermore 4 new sysfs attributes are introduced: - /sys/devices/virtual/misc/pkey/protkey/protkey_aes_xts_128 - /sys/devices/virtual/misc/pkey/protkey/protkey_aes_xts_256 - /sys/devices/virtual/misc/pkey/protkey/protkey_hmac_512 - /sys/devices/virtual/misc/pkey/protkey/protkey_hmac_1024 Signed-off-by: Harald Freudenberger Reviewed-by: Ingo Franzki Signed-off-by: Heiko Carstens commit 8fe32188f931a36ad0d444d653ee05b11bedc849 Author: Harald Freudenberger Date: Mon Sep 2 15:19:43 2024 +0200 s390/cpacf: Add MSA 10 and 11 new PCKMO functions Add the defines for the new PCKMO functions covering MSA 10 (AES XTS "double" keys) and MSA 11 (HMAC keys) support. Signed-off-by: Harald Freudenberger Reviewed-by: Ingo Franzki Signed-off-by: Heiko Carstens commit 131b8db78558120f58c5dc745ea9655f6b854162 Author: Gerald Schaefer Date: Mon Sep 2 14:02:19 2024 +0200 s390/mm: Add cond_resched() to cmm_alloc/free_pages() Adding/removing large amount of pages at once to/from the CMM balloon can result in rcu_sched stalls or workqueue lockups, because of busy looping w/o cond_resched(). Prevent this by adding a cond_resched(). cmm_free_pages() holds a spin_lock while looping, so it cannot be added directly to the existing loop. Instead, introduce a wrapper function that operates on maximum 256 pages at once, and add it there. Signed-off-by: Gerald Schaefer Reviewed-by: Heiko Carstens Signed-off-by: Heiko Carstens commit 0114009953c119021870c42c778b251440a93844 Author: Thomas Richter Date: Fri Aug 23 10:36:50 2024 +0200 s390/pai_ext: Update PAI extension 1 counters Update the internal array of PAI extension 1 NNPA counter string table to support specialized processor instrumentation assist instructions. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Signed-off-by: Heiko Carstens commit 4ae48555d0edcec910f283868cf454720f0f0623 Author: Thomas Richter Date: Fri Aug 23 10:36:49 2024 +0200 s390/pai_crypto: Add support for MSA 10 and 11 pai counters Update the internal array of PAI crypto counter string table with new counters supported with Message Security Assist extension (MSA) 10 and MSA 11. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Acked-by: Finn Callies Tested-by: Finn Callies Signed-off-by: Heiko Carstens commit 7519033f319d4dc8066cb3a37c1276610f4cb0ca Author: Takashi Sakamoto Date: Thu Sep 5 22:10:29 2024 +0900 firewire: core: use WARN_ON_ONCE() to avoid superfluous dumps It is enough to notify programming mistakes to programmers just once. Suggested-by: Takashi Iwai Link: https://lore.kernel.org/r/20240905131029.6433-1-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 92f4368347a2a8a204b0513df32233075cd93b4f Author: Li Zetao Date: Tue Sep 3 22:38:12 2024 +0800 pinctrl: Remove redundant null pointer checks in pinctrl_remove_device_debugfs() Since the debugfs_create_dir() never returns a null pointer, checking the return value for a null pointer is redundant, and using IS_ERR is safe enough. Signed-off-by: Li Zetao Link: https://lore.kernel.org/20240903143812.2005071-1-lizetao1@huawei.com Signed-off-by: Linus Walleij commit dbf0e9d911cebcb0a7ae8f839cf2a316b34b5b8d Merge: ae4e84544fff75 1325820dd08580 Author: Linus Walleij Date: Thu Sep 5 15:08:12 2024 +0200 Merge tag 'renesas-pinctrl-for-v6.12-tag2' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-drivers into devel pinctrl: renesas: Updates for v6.12 (take two) - Miscellaneous fixes and improvements. Signed-off-by: Linus Walleij commit 4e26ddab828f82f5ebf0fe6d92a6983ca13c519a Author: Zhang Zekun Date: Wed Sep 4 17:23:11 2024 +0800 gpio: xilinx: Use helper function devm_clk_get_optional_enabled() devm_clk_get_optional() and clk_prepare_enable() can be replaced by helper function devm_clk_get_optional_enabled(). Let's simplify code with use of devm_clk_get_optional_enabled() and avoid calling clk_disable_unprepare(). Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240904092311.9544-5-zhangzekun11@huawei.com Signed-off-by: Bartosz Golaszewski commit 162b169656039027986f16b82a20745523dbf891 Author: Zhang Zekun Date: Wed Sep 4 17:23:10 2024 +0800 gpio: mb86s7x: Use helper function devm_clk_get_optional_enabled() devm_clk_get_optional() and clk_prepare_enable() can be replaced by helper function devm_clk_get_optional_enabled(). Let's simplify code with use of devm_clk_get_optional_enabled() and avoid calling clk_disable_unprepare(). Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240904092311.9544-4-zhangzekun11@huawei.com Signed-off-by: Bartosz Golaszewski commit 8abc67adc9ac1ba4d322b24e00027b8ccdba25c0 Author: Zhang Zekun Date: Wed Sep 4 17:23:09 2024 +0800 gpio: lpc18xx: Use helper function devm_clk_get_enabled() devm_clk_get() and clk_prepare_enable() can be replaced by helper function devm_clk_get_enabled(). Let's use devm_clk_get_enabled() to simplify code and avoid calling clk_disable_unprepare(). Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240904092311.9544-3-zhangzekun11@huawei.com Signed-off-by: Bartosz Golaszewski commit da426eda1b633b339c425b9501aa41485fd4a3c2 Author: Zhang Zekun Date: Wed Sep 4 17:23:08 2024 +0800 gpio: cadence: Use helper function devm_clk_get_enabled() devm_clk_get() and clk_prepare_enable() can be replaced by helper function devm_clk_get_enabled(). Let's use devm_clk_get_enabled() to simplify code and avoid calling clk_disable_unprepare(). Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240904092311.9544-2-zhangzekun11@huawei.com Signed-off-by: Bartosz Golaszewski commit 05144ab7b7eaf531fc728fcb79dcf36b621ff42d Author: Nícolas F. R. A. Prado Date: Mon Jul 29 16:56:02 2024 -0400 kselftest: dt: Ignore nodes that have ancestors disabled Filter out nodes that have one of its ancestors disabled as they aren't expected to probe. This removes the following false-positive failures on the sc7180-trogdor-lazor-limozeen-nots-r5 platform: /soc@0/geniqup@8c0000/i2c@894000/proximity@28 /soc@0/geniqup@ac0000/spi@a90000/ec@0 /soc@0/remoteproc@62400000/glink-edge/apr /soc@0/remoteproc@62400000/glink-edge/apr/service@3 /soc@0/remoteproc@62400000/glink-edge/apr/service@4 /soc@0/remoteproc@62400000/glink-edge/apr/service@4/clock-controller /soc@0/remoteproc@62400000/glink-edge/apr/service@4/dais /soc@0/remoteproc@62400000/glink-edge/apr/service@7 /soc@0/remoteproc@62400000/glink-edge/apr/service@7/dais /soc@0/remoteproc@62400000/glink-edge/apr/service@8 /soc@0/remoteproc@62400000/glink-edge/apr/service@8/routing /soc@0/remoteproc@62400000/glink-edge/fastrpc /soc@0/remoteproc@62400000/glink-edge/fastrpc/compute-cb@3 /soc@0/remoteproc@62400000/glink-edge/fastrpc/compute-cb@4 /soc@0/remoteproc@62400000/glink-edge/fastrpc/compute-cb@5 /soc@0/spmi@c440000/pmic@0/pon@800/pwrkey Fixes: 14571ab1ad21 ("kselftest: Add new test for detecting unprobed Devicetree devices") Signed-off-by: Nícolas F. R. A. Prado Link: https://lore.kernel.org/r/20240729-dt-kselftest-parent-disabled-v2-1-d7a001c4930d@collabora.com Signed-off-by: Rob Herring (Arm) commit c65d6796677ecaab992113a80bac7fe39dd76c27 Author: Fabio Estevam Date: Wed Sep 4 07:40:27 2024 -0300 dt-bindings: lcdif: Document the dmas/dma-names properties i.MX28 has an RX DMA channel associated with the LCDIF controller. Document the 'dmas' and 'dma-names' properties to fix the following dt-schema warnings: lcdif@80030000: 'dma-names', 'dmas' do not match any of the regexes: 'pinctrl-[0-9]+' Signed-off-by: Fabio Estevam Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240904104027.2065621-1-festevam@gmail.com Signed-off-by: Rob Herring (Arm) commit 0416f00cb0ef1a919a463cbd03ac32470eac24a4 Author: Animesh Agarwal Date: Wed Aug 14 11:42:03 2024 +0530 dt-bindings: watchdog: nxp,lpc1850-wdt: Convert bindings to dtschema Convert the NXP LPC18xx Watchdog Timer bindings to yaml format. Cc: Daniel Baluta Signed-off-by: Animesh Agarwal Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240814061210.56213-1-animeshagarwal28@gmail.com Signed-off-by: Rob Herring (Arm) commit 90e09575d49b64e8cd43e771eb878d88ed548669 Author: Frank Li Date: Wed Aug 14 12:12:48 2024 -0400 dt-bindings: watchdog: convert ziirave-wdt.txt to yaml Convert ziirave-wdt.txt to yaml format. Additional change: - Add i2c node in example. - Add ref to watchdog.yaml Fix below warning: arch/arm64/boot/dts/freescale/imx8mq-zii-ultra-rmb3.dtb: /soc@0/bus@30800000/i2c@30a40000/watchdog@38: failed to match any schema with compatible: ['zii,rave-wdt'] Reviewed-by: Conor Dooley Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20240814161250.4017427-1-Frank.Li@nxp.com Signed-off-by: Rob Herring (Arm) commit d9b5ca66b3e7bef31e603b8e0750222a50c8517a Author: Jens Reidel Date: Thu Jun 6 20:10:26 2024 +0200 dt-bindings: input: qcom,pm8xxx-vib: Document PM6150 compatible The PM6150 vibrator module is compatible with the PMI632 vibrator module, document the PM6150 vibrator compatible as fallback for the PMI632 vibrator. Signed-off-by: Jens Reidel Reviewed-by: Krzysztof Kozlowski Reviewed-by: Bjorn Andersson Link: https://lore.kernel.org/r/20240606181027.98537-2-adrian@travitia.xyz Signed-off-by: Rob Herring (Arm) commit e02147cb703412fa13dd31908c734d7fb2314f55 Author: Xavier Date: Wed Sep 4 15:40:37 2024 +0800 mm/slab: Optimize the code logic in find_mergeable() We can first assess the flags, if it's unmergeable, there's no need to calculate the size and align. Signed-off-by: Xavier Signed-off-by: Vlastimil Babka commit a5a670df1db79f4bb462601aa4cc03caffa761a2 Author: Michael Ellerman Date: Wed Aug 21 18:21:01 2024 +1000 macintosh/via-pmu: register_pmu_pm_ops() can be __init register_pmu_pm_ops() is only called at init time, via device_initcall(), so can be marked __init. The driver can't be built as a module. Reviewed-by: Geert Uytterhoeven Signed-off-by: Michael Ellerman Link: https://msgid.link/20240821082101.877438-1-mpe@ellerman.id.au commit 5b4bc44a4854ccd41eef9aa9f47677f7d136c294 Author: Michael Ellerman Date: Tue Sep 3 21:19:51 2024 +1000 powerpc: Stop using no_llseek Since commit 868941b14441 ("fs: remove no_llseek"), no_llseek() is simply defined to be NULL, and a NULL llseek means seeking is unsupported. So for statically defined file_operations, such as all these, there's no need or benefit to set llseek = no_llseek. Signed-off-by: Michael Ellerman Link: https://msgid.link/20240903111951.141376-1-mpe@ellerman.id.au commit 29dbb984496daa490f3c1181b734b538a6f7b534 Author: Michael Ellerman Date: Fri Aug 23 17:08:30 2024 +1000 powerpc/64s: Remove the "fast endian switch" syscall The non-standard "fast endian switch" syscall was added in 2008[1], but was never widely used. It was disabled by default in 2017[2], and there's no evidence it's ever been used since. Remove it entirely. A normal endian switch syscall was added in 2015[3]. [1]: 745a14cc264b ("[POWERPC] Add fast little-endian switch system call") [2]: 529d235a0e19 ("powerpc: Add a proper syscall for switching endianness") [3]: 727f13616c45 ("powerpc: Disable the fast-endian switch syscall by default") Signed-off-by: Michael Ellerman Link: https://msgid.link/20240823070830.1269033-1-mpe@ellerman.id.au commit 87def77bb5f4b61d47538a34bb2b2cb7db3c037b Author: Michael Ellerman Date: Fri Aug 23 13:29:11 2024 +1000 powerpc/mm/64s: Restrict THP to Radix or HPT w/64K pages Transparent hugepages (THP) are not supported when using the Hash Page Table (HPT) MMU with 4K pages. Currently a HPT-only 4K kernel still allows THP to be enabled, which is misleading. Add restrictions to the PPC_THP symbol so that if the kernel is configured with 4K pages and only the HPT MMU (no Radix), then THP is disabled. Note that it's still possible to build a combined Radix/HPT kernel with 4K pages, which does allow THP to be enabled at build time. As such the HPT code still needs to provide some THP related symbols, to allow the build to succeed, but those code paths are never run. See the stubs in arch/powerpc/include/asm/book3s/64/hash-4k.h. Signed-off-by: Michael Ellerman Link: https://msgid.link/20240823032911.1238471-2-mpe@ellerman.id.au commit f61d413a1c1feaa4cd04fca840564ab90124bec4 Author: Michael Ellerman Date: Fri Aug 23 13:29:10 2024 +1000 powerpc/mm/64s: Move THP reqs into a separate symbol Move the Kconfig symbols related to transparent hugepages (THP) under a separate config symbol, separate from CONFIG_PPC_BOOK3S_64. The new symbol is automatically enabled if CONFIG_PPC_BOOK3S_64 is enabled, so there is no behaviour change, except for the existence of the new PPC_THP symbol. Signed-off-by: Michael Ellerman Link: https://msgid.link/20240823032911.1238471-1-mpe@ellerman.id.au commit 8589cdf0cf0b0a03d2285fc46ada2f28113f8620 Author: Michael Ellerman Date: Wed Aug 21 18:07:45 2024 +1000 powerpc/64s: Make mmu_hash_ops __ro_after_init The mmu_hash_ops are only assigned to during boot, so mark them __ro_after_init to prevent any further modification. Signed-off-by: Michael Ellerman Link: https://msgid.link/20240821080745.872151-1-mpe@ellerman.id.au commit 19f1bc3fb55452739dd3d56cfd06c29ecdbe3e9f Author: Abhishek Dubey Date: Fri Aug 30 07:31:31 2024 -0400 powerpc: Replace kretprobe code with rethook on powerpc This is an adaptation of commit f3a112c0c40d ("x86,rethook,kprobes: Replace kretprobe with rethook on x86") to powerpc. Rethook follows the existing kretprobe implementation, but separates it from kprobes so that it can be used by fprobe (ftrace-based function entry/exit probes). As such, this patch also enables fprobe to work on powerpc. The only other change compared to the existing kretprobe implementation is doing the return address fixup in arch_rethook_fixup_return(). Reference to other archs: commit b57c2f124098 ("riscv: add riscv rethook implementation") commit 7b0a096436c2 ("LoongArch: Replace kretprobe with rethook") Note: ===== In future, rethook will be only for kretprobe, and kretprobe will be replaced by fprobe. https://lore.kernel.org/all/172000134410.63468.13742222887213469474.stgit@devnote2/ We will adapt the above implementation for powerpc once its upstream. Until then, we can have this implementation of rethook to serve current kretprobe usecases. Reviewed-by: Naveen Rao Signed-off-by: Abhishek Dubey Signed-off-by: Michael Ellerman Link: https://msgid.link/20240830113131.7597-1-adubey@linux.ibm.com commit 6f2683274d0d0b51a986f73c2afb9058156f1641 Author: Huang Xiaojia Date: Mon Aug 26 23:09:57 2024 +0800 powerpc: pseries: Constify struct kobj_type 'struct kobj_type' is not modified. It is only used in kobject_init() which takes a 'const struct kobj_type *ktype' parameter. Constifying this structure moves some data to a read-only section, so increase over all security. On a x86_64, compiled with ppc64 defconfig: Before: ====== text data bss dec hex filename 1885 368 16 2269 8dd arch/powerpc/platforms/pseries/vas-sysfs.o After: ====== text data bss dec hex filename 1981 272 16 2269 8dd arch/powerpc/platforms/pseries/vas-sysfs.o Signed-off-by: Huang Xiaojia Signed-off-by: Michael Ellerman Link: https://msgid.link/20240826150957.3500237-3-huangxiaojia2@huawei.com commit 7492ca369e98a45b55592456dc1b24d58b3392f5 Author: Huang Xiaojia Date: Mon Aug 26 23:09:56 2024 +0800 powerpc: powernv: Constify struct kobj_type 'struct kobj_type' is not modified. It is only used in kobject_init() which takes a 'const struct kobj_type *ktype' parameter. Constifying this structure moves some data to a read-only section, so increase over all security. On a x86_64, compiled with ppc64 defconfig: Before: ====== text data bss dec hex filename 3775 256 8 4039 fc7 arch/powerpc/platforms/powernv/opal-dump.o 2679 260 8 2947 b83 arch/powerpc/platforms/powernv/opal-elog.o After: ====== text data bss dec hex filename 3823 208 8 4039 fc7 arch/powerpc/platforms/powernv/opal-dump.o 2727 212 8 2947 b83 arch/powerpc/platforms/powernv/opal-elog.o Signed-off-by: Huang Xiaojia Signed-off-by: Michael Ellerman Link: https://msgid.link/20240826150957.3500237-2-huangxiaojia2@huawei.com commit 7509c23770054fdaffd966926462248d44a323c1 Author: Huang Xiaojia Date: Mon Aug 26 23:09:55 2024 +0800 powerpc: Constify struct kobj_type 'struct kobj_type' is not modified. It is only used in kobject_init_and_add()/kobject_init() which takes a 'const struct kobj_type *ktype' parameter. Constifying this structure moves some data to a read-only section, so increase over all security. On a x86_64, compiled with ppc64 defconfig: Before: ====== text data bss dec hex filename 7145 606 0 7751 1e47 arch/powerpc/kernel/cacheinfo.o 3663 384 16 4063 fdf arch/powerpc/kernel/secvar-sysfs.o After: ====== text data bss dec hex filename 7193 558 0 7751 1e47 arch/powerpc/kernel/cacheinfo.o 3663 384 16 4063 fdf arch/powerpc/kernel/secvar-sysfs.o Signed-off-by: Huang Xiaojia Signed-off-by: Michael Ellerman Link: https://msgid.link/20240826150957.3500237-1-huangxiaojia2@huawei.com commit 771dfd5a900b3875ff314fb77b01b7a0d119a61d Merge: 6e7fd890f1d6ac 488386d7ec680c Author: Arnd Bergmann Date: Thu Sep 5 11:48:16 2024 +0000 Merge tag 'amlogic-arm-dt-for-v6.11' of https://git.kernel.org/pub/scm/linux/kernel/git/amlogic/linux into soc/dt Amlogic ARM DT changes for v6.11: - simple dt bindings check fix for gpio keys node name * tag 'amlogic-arm-dt-for-v6.11' of https://git.kernel.org/pub/scm/linux/kernel/git/amlogic/linux: ARM: dts: amlogic: meson8b-ec100: align GPIO keys node name with bindings Link: https://lore.kernel.org/r/220683c1-e250-4c55-bbe5-c36e89391c32@linaro.org Signed-off-by: Arnd Bergmann commit 6e7fd890f1d6ac83805409e9c346240de2705584 Author: Rob Herring Date: Mon Aug 26 13:38:48 2024 -0500 arm64: dts: toshiba: Fix pl011 and pl022 clocks Arm Primecell blocks have a functional clock and a bus clock. The Toshiba TMPV7708 only defines the bus clock (apb_pclk). Add the "uartclk" and "sspclk" clocks to the PL011 and PL022 nodes, respectively. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240826183848.1290957-2-robh@kernel.org Signed-off-by: Arnd Bergmann commit 03667e3d4fbcaf6228fd642464467366f0b693de Author: Codrin Ciubotariu Date: Thu Sep 5 12:56:33 2024 +0300 ASoC: atmel: mchp-i2s-mcc: Improve maxburst calculation for better performance The period size represents the size of the DMA descriptor. To ensure all DMA descriptors start from a well-aligned address, the period size must be divided by (sample size * maxburst), not just by maxburst. This adjustment allows for computing a higher maxburst value, thereby increasing the performance of the DMA transfer. Previously, snd_pcm_lib_period_bytes() returned 0 because the runtime HW parameters are computed after the hw_params() callbacks are used. To address this, we now use params_*() functions to compute the period size accurately. This change optimizes the DMA transfer performance by ensuring proper alignment and efficient use of maxburst values. [andrei.simion@microchip.com: Reword commit message and commit title. Add macros with values for maximum DMA chunk size allowed. Add DMA_BURST_ALIGNED preprocessor function to check the alignment of the DMA burst] Signed-off-by: Codrin Ciubotariu Signed-off-by: Andrei Simion Link: https://patch.msgid.link/20240905095633.113784-1-andrei.simion@microchip.com Signed-off-by: Mark Brown commit 5bbfdad8cf8d4b2c3189fee8e6300b38f65f8d72 Author: Alexandre Mergnat Date: Thu Sep 5 11:06:59 2024 +0200 ASoC: mediatek: Add MT8365 support - Add specific config to enable: - MT8365 sound support - MT6357 audio codec support - Add the mt8365 directory and all drivers under it. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://patch.msgid.link/20240226-audio-i350-v8-2-e80a57d026ce@baylibre.com Signed-off-by: Mark Brown commit 5e2404493f9f6028bf143972b18c88156c9893e6 Author: Nicolas Belin Date: Thu Sep 5 11:06:58 2024 +0200 ASoC: codecs: add MT6357 support Add the support of MT6357 PMIC audio codec. Signed-off-by: Nicolas Belin Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://patch.msgid.link/20240226-audio-i350-v8-1-e80a57d026ce@baylibre.com Signed-off-by: Mark Brown commit 19156263cb1f24128a9ba6ef7340be5cbacc3d22 Author: Leon Romanovsky Date: Thu Sep 5 10:14:05 2024 +0300 dma-mapping: use IOMMU DMA calls for common alloc/free page calls Common alloca and free pages routines are called when IOMMU DMA is used, and internally it calls to DMA ops structure which is not available for default IOMMU. This patch adds necessary if checks to call IOMMU DMA. It fixes the following crash: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000040 Mem abort info: ESR = 0x0000000096000006 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x06: level 2 translation fault Data abort info: ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 user pgtable: 4k pages, 48-bit VAs, pgdp=00000000d20bb000 [0000000000000040] pgd=08000000d20c1003 , p4d=08000000d20c1003 , pud=08000000d20c2003, pmd=0000000000000000 Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP Modules linked in: ipv6 hci_uart venus_core btqca v4l2_mem2mem btrtl qcom_spmi_adc5 sbs_battery btbcm qcom_vadc_common cros_ec_typec videobuf2_v4l2 leds_cros_ec cros_kbd_led_backlight cros_ec_chardev videodev elan_i2c videobuf2_common qcom_stats mc bluetooth coresight_stm stm_core ecdh_generic ecc pwrseq_core panel_edp icc_bwmon ath10k_snoc ath10k_core ath mac80211 phy_qcom_qmp_combo aux_bridge libarc4 coresight_replicator coresight_etm4x coresight_tmc coresight_funnel cfg80211 rfkill coresight qcom_wdt cbmem ramoops reed_solomon pwm_bl coreboot_table backlight crct10dif_ce CPU: 7 UID: 0 PID: 70 Comm: kworker/u32:4 Not tainted 6.11.0-rc6-next-20240903-00003-gdfc6015d0711 #660 Hardware name: Google Lazor Limozeen without Touchscreen (rev5 - rev8) (DT) Workqueue: events_unbound deferred_probe_work_func hub 2-1:1.0: 4 ports detected pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : dma_common_alloc_pages+0x54/0x1b4 lr : dma_common_alloc_pages+0x4c/0x1b4 sp : ffff8000807d3730 x29: ffff8000807d3730 x28: ffff02a7d312f880 x27: 0000000000000001 x26: 000000000000c000 x25: 0000000000000000 x24: 0000000000000001 x23: ffff02a7d23b6898 x22: 0000000000006cc0 x21: 000000000000c000 x20: ffff02a7858bf410 x19: fffffe0a60006000 x18: 0000000000000001 x17: 00000000000000d5 x16: 1fffe054f0bcc261 x15: 0000000000000001 x14: ffff02a7844dc680 x13: 0000000000100180 x12: dead000000000100 x11: dead000000000122 x10: 00000000001001ff x9 : ffff02a87f7b7b00 x8 : ffff02a87f7b7b00 x7 : ffff405977d6b000 x6 : ffff8000807d3310 x5 : ffff02a87f6b6398 x4 : 0000000000000001 x3 : ffff405977d6b000 x2 : ffff02a7844dc600 x1 : 0000000100000000 x0 : fffffe0a60006000 Call trace: dma_common_alloc_pages+0x54/0x1b4 __dma_alloc_pages+0x68/0x90 dma_alloc_pages+0x10/0x1c snd_dma_noncoherent_alloc+0x28/0x8c __snd_dma_alloc_pages+0x30/0x50 snd_dma_alloc_dir_pages+0x40/0x80 do_alloc_pages+0xb8/0x13c preallocate_pcm_pages+0x6c/0xf8 preallocate_pages+0x160/0x1a4 snd_pcm_set_managed_buffer_all+0x64/0xb0 lpass_platform_pcm_new+0xc0/0xe8 snd_soc_pcm_component_new+0x3c/0xc8 soc_new_pcm+0x4fc/0x668 snd_soc_bind_card+0xabc/0xbac snd_soc_register_card+0xf0/0x108 devm_snd_soc_register_card+0x4c/0xa4 sc7180_snd_platform_probe+0x180/0x224 platform_probe+0x68/0xc0 really_probe+0xbc/0x298 __driver_probe_device+0x78/0x12c driver_probe_device+0x3c/0x15c __device_attach_driver+0xb8/0x134 bus_for_each_drv+0x84/0xe0 __device_attach+0x9c/0x188 device_initial_probe+0x14/0x20 bus_probe_device+0xac/0xb0 deferred_probe_work_func+0x88/0xc0 process_one_work+0x14c/0x28c worker_thread+0x2cc/0x3d4 kthread+0x114/0x118 ret_from_fork+0x10/0x20 Code: f9411c19 940000c9 aa0003f3 b4000460 (f9402326) ---[ end trace 0000000000000000 ]--- Fixes: b5c58b2fdc42 ("dma-mapping: direct calls for dma-iommu") Closes: https://lore.kernel.org/all/10431dfd-ce04-4e0f-973b-c78477303c18@notapiano Reported-by: Nícolas F. R. A. Prado #KernelCI Signed-off-by: Leon Romanovsky Tested-by: Nícolas F. R. A. Prado Signed-off-by: Christoph Hellwig commit 335cc75ce3d8ba27023bc4365b6f2cd25f0e0d25 Author: Chen Ni Date: Wed Sep 4 09:50:03 2024 +0800 ptp: ptp_idt82p33: Convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Signed-off-by: Chen Ni Acked-by: Richard Cochran Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240904015003.1065872-1-nichen@iscas.ac.cn Signed-off-by: Paolo Abeni commit 6482439d3d19ff1f4705a18099d3c697b910d862 Merge: 387ce37ed57c5d 76fb981ad6774b Author: Rafael J. Wysocki Date: Thu Sep 5 13:07:49 2024 +0200 Merge tag 'linux-cpupower-6.12-rc1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/shuah/linux Merge a cpupower utility update for 6.12 from Shuah Khan: "This cpupower update for Linux 6.12-rc1 consists of an enhancement to cpuidle tool to display the residency value of cpuidle states. This addition provides a clearer and more detailed view of idle state information when using cpuidle-info." * tag 'linux-cpupower-6.12-rc1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/shuah/linux: tools/cpupower: display residency value in idle-info commit 222caf5520c6f77c3da7329c50166cbf0d02d3f5 Merge: 287f97a1510b95 c3e093efbc6cac Author: Rafael J. Wysocki Date: Thu Sep 5 13:04:46 2024 +0200 Merge tag 'amd-pstate-v6.12-2024-09-04' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/superm1/linux Merge an amd-pstate driver update for 6.12 from Mario Limonciello: "amd-pstate development for 6.12: * Validate return of any attempt to update EPP limits, which fixes the masking hardware problems." * tag 'amd-pstate-v6.12-2024-09-04' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/superm1/linux: cpufreq/amd-pstate: Catch failures for amd_pstate_epp_update_limit() commit 287f97a1510b951f01124b7c3d783684cee6d11e Merge: b02d2cf5b22087 929ebc93ccaa8d Author: Rafael J. Wysocki Date: Thu Sep 5 13:04:20 2024 +0200 Merge back cpufreq material for 6.12 commit 5dae5d09feebb2e305d825b3a5a4e4dae286ae20 Author: Howard Hsu Date: Fri Aug 16 17:46:32 2024 +0800 wifi: mt76: mt7996: set correct value in beamforming mcu command for mt7992 Configure correct bf number and bitmap in beamforming mcu command for mt7992 chipsets, which only support dual-band. Signed-off-by: Howard Hsu Signed-off-by: Shayne Chen Link: https://patch.msgid.link/20240816094635.2391-8-shayne.chen@mediatek.com Signed-off-by: Felix Fietkau commit 9ca65757f0a5b393a7737d37f377d5daf91716af Author: Howard Hsu Date: Fri Aug 16 17:46:31 2024 +0800 wifi: mt76: mt7996: fix EHT beamforming capability check If a VIF acts as a beamformer, it should check peer's beamformee capability, and vice versa. Fixes: ba01944adee9 ("wifi: mt76: mt7996: add EHT beamforming support") Signed-off-by: Howard Hsu Signed-off-by: Shayne Chen Link: https://patch.msgid.link/20240816094635.2391-7-shayne.chen@mediatek.com Signed-off-by: Felix Fietkau commit 0cca3fe7453189b983eb68baea939192b58af8f0 Author: Howard Hsu Date: Fri Aug 16 17:46:30 2024 +0800 wifi: mt76: mt7996: set correct beamformee SS capability According to IEEE P802.11be/D6.0 Table 9-417n, beamformee SS field stands for the maximum number of spatial streams that the STA can receive in an EHT sounding NDP minus 1, and the minimum value of this field is 3. This value indicates the decoding capability of a beamformee, which is independent of current antenna settings. Correct the value for mt7996 and mt7992 chipsets based on their HW capability. Signed-off-by: Howard Hsu Signed-off-by: Shayne Chen Link: https://patch.msgid.link/20240816094635.2391-6-shayne.chen@mediatek.com Signed-off-by: Felix Fietkau commit e1f4847fdbdf5d44ae60e035c131920e5ab88598 Author: Howard Hsu Date: Fri Aug 16 17:46:29 2024 +0800 wifi: mt76: mt7996: fix HE and EHT beamforming capabilities Fix HE and EHT beamforming capabilities for different bands and interface types. Fixes: 98686cd21624 ("wifi: mt76: mt7996: add driver for MediaTek Wi-Fi 7 (802.11be) devices") Fixes: 348533eb968d ("wifi: mt76: mt7996: add EHT capability init") Signed-off-by: Howard Hsu Signed-off-by: Shayne Chen Link: https://patch.msgid.link/20240816094635.2391-5-shayne.chen@mediatek.com Signed-off-by: Felix Fietkau commit 948f652498686a4ddcd9501d7d6418f0682e7e61 Author: Peter Chiu Date: Fri Aug 16 17:46:28 2024 +0800 wifi: mt76: mt7996: advertize beacon_int_min_gcd Advertize beacon_int_min_gcd as 100 to allow setting different beacon intervals on different interfaces. Signed-off-by: Peter Chiu Signed-off-by: Shayne Chen Link: https://patch.msgid.link/20240816094635.2391-4-shayne.chen@mediatek.com Signed-off-by: Felix Fietkau commit 9265397caacf5c0c2d10c40b2958a474664ebd9e Author: Peter Chiu Date: Fri Aug 16 17:46:27 2024 +0800 wifi: mt76: mt7996: fix wmm set of station interface to 3 According to connac3 HW design, the WMM index of AP and STA interface should be 0 and 3, respectively. Fixes: 98686cd21624 ("wifi: mt76: mt7996: add driver for MediaTek Wi-Fi 7 (802.11be) devices") Signed-off-by: Peter Chiu Signed-off-by: Shayne Chen Link: https://patch.msgid.link/20240816094635.2391-3-shayne.chen@mediatek.com Signed-off-by: Felix Fietkau commit 376200f095d0c3a7096199b336204698d7086279 Author: Peter Chiu Date: Fri Aug 16 17:46:26 2024 +0800 wifi: mt76: mt7996: fix traffic delay when switching back to working channel During scanning, UNI_CHANNEL_RX_PATH tag is necessary for the firmware to properly stop and resume MAC TX queue. Without this tag, HW needs more time to resume traffic when switching back to working channel. Fixes: 98686cd21624 ("wifi: mt76: mt7996: add driver for MediaTek Wi-Fi 7 (802.11be) devices") Signed-off-by: Peter Chiu Signed-off-by: Shayne Chen Link: https://patch.msgid.link/20240816094635.2391-2-shayne.chen@mediatek.com Signed-off-by: Felix Fietkau commit f98c3de92bb05dac4a4969df8a4595ed380b4604 Author: Peter Chiu Date: Fri Aug 16 17:46:25 2024 +0800 wifi: mt76: mt7996: use hweight16 to get correct tx antenna The chainmask is u16 so using hweight8 cannot get correct tx_ant. Without this patch, the tx_ant of band 2 would be -1 and lead to the following issue: BUG: KASAN: stack-out-of-bounds in mt7996_mcu_add_sta+0x12e0/0x16e0 [mt7996e] Fixes: 98686cd21624 ("wifi: mt76: mt7996: add driver for MediaTek Wi-Fi 7 (802.11be) devices") Signed-off-by: Peter Chiu Signed-off-by: Shayne Chen Link: https://patch.msgid.link/20240816094635.2391-1-shayne.chen@mediatek.com Signed-off-by: Felix Fietkau commit 723762a7a7e6fdb3cc6953f127a3fe9c5162beb7 Author: Ming Yen Hsieh Date: Tue Aug 6 09:34:08 2024 +0800 wifi: mt76: mt7921: fix wrong UNII-4 freq range check for the channel usage The check should start from 5845 to 5925, which includes channels 169, 173, and 177. Fixes: 09382d8f8641 ("wifi: mt76: mt7921: update the channel usage when the regd domain changed") Signed-off-by: Ming Yen Hsieh Link: https://patch.msgid.link/20240806013408.17874-1-mingyen.hsieh@mediatek.com Signed-off-by: Felix Fietkau commit 862bf7cbd772c2bad570ef0c5b5556a1330656dd Author: Bjørn Mork Date: Sat Jul 13 15:00:10 2024 +0200 wifi: mt76: mt7915: fix oops on non-dbdc mt7986 mt7915_band_config() sets band_idx = 1 on the main phy for mt7986 with MT7975_ONE_ADIE or MT7976_ONE_ADIE. Commit 0335c034e726 ("wifi: mt76: fix race condition related to checking tx queue fill status") introduced a dereference of the phys array indirectly indexed by band_idx via wcid->phy_idx in mt76_wcid_cleanup(). This caused the following Oops on affected mt7986 devices: Unable to handle kernel read from unreadable memory at virtual address 0000000000000024 Mem abort info: ESR = 0x0000000096000005 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x05: level 1 translation fault Data abort info: ISV = 0, ISS = 0x00000005 CM = 0, WnR = 0 user pgtable: 4k pages, 39-bit VAs, pgdp=0000000042545000 [0000000000000024] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000 Internal error: Oops: 0000000096000005 [#1] SMP Modules linked in: ... mt7915e mt76_connac_lib mt76 mac80211 cfg80211 ... CPU: 2 PID: 1631 Comm: hostapd Not tainted 5.15.150 #0 Hardware name: ZyXEL EX5700 (Telenor) (DT) pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : mt76_wcid_cleanup+0x84/0x22c [mt76] lr : mt76_wcid_cleanup+0x64/0x22c [mt76] sp : ffffffc00a803700 x29: ffffffc00a803700 x28: ffffff80008f7300 x27: ffffff80003f3c00 x26: ffffff80000a7880 x25: ffffffc008c26e00 x24: 0000000000000001 x23: ffffffc000a68114 x22: 0000000000000000 x21: ffffff8004172cc8 x20: ffffffc00a803748 x19: ffffff8004152020 x18: 0000000000000000 x17: 00000000000017c0 x16: ffffffc008ef5000 x15: 0000000000000be0 x14: ffffff8004172e28 x13: ffffff8004172e28 x12: 0000000000000000 x11: 0000000000000000 x10: ffffff8004172e30 x9 : ffffff8004172e28 x8 : 0000000000000000 x7 : ffffff8004156020 x6 : 0000000000000000 x5 : 0000000000000031 x4 : 0000000000000000 x3 : 0000000000000001 x2 : 0000000000000000 x1 : ffffff80008f7300 x0 : 0000000000000024 Call trace: mt76_wcid_cleanup+0x84/0x22c [mt76] __mt76_sta_remove+0x70/0xbc [mt76] mt76_sta_state+0x8c/0x1a4 [mt76] mt7915_eeprom_get_power_delta+0x11e4/0x23a0 [mt7915e] drv_sta_state+0x144/0x274 [mac80211] sta_info_move_state+0x1cc/0x2a4 [mac80211] sta_set_sinfo+0xaf8/0xc24 [mac80211] sta_info_destroy_addr_bss+0x4c/0x6c [mac80211] ieee80211_color_change_finish+0x1c08/0x1e70 [mac80211] cfg80211_check_station_change+0x1360/0x4710 [cfg80211] genl_family_rcv_msg_doit+0xb4/0x110 genl_rcv_msg+0xd0/0x1bc netlink_rcv_skb+0x58/0x120 genl_rcv+0x34/0x50 netlink_unicast+0x1f0/0x2ec netlink_sendmsg+0x198/0x3d0 ____sys_sendmsg+0x1b0/0x210 ___sys_sendmsg+0x80/0xf0 __sys_sendmsg+0x44/0xa0 __arm64_sys_sendmsg+0x20/0x30 invoke_syscall.constprop.0+0x4c/0xe0 do_el0_svc+0x40/0xd0 el0_svc+0x14/0x4c el0t_64_sync_handler+0x100/0x110 el0t_64_sync+0x15c/0x160 Code: d2800002 910092c0 52800023 f9800011 (885f7c01) ---[ end trace 7e42dd9a39ed2281 ]--- Fix by using mt76_dev_phy() which will map band_idx to the correct phy for all hardware combinations. Fixes: 0335c034e726 ("wifi: mt76: fix race condition related to checking tx queue fill status") Link: https://github.com/openwrt/openwrt/issues/14548 Signed-off-by: Bjørn Mork Link: https://patch.msgid.link/20240713130010.516037-1-bjorn@mork.no Signed-off-by: Felix Fietkau commit 50ddaedeae7562b25e8eeca04f581d7c815be1db Author: Hongbo Li Date: Wed Sep 4 09:49:56 2024 +0800 net: dsa: felix: Annotate struct action_gate_entry with __counted_by Add the __counted_by compiler attribute to the flexible array member entries to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240904014956.2035117-1-lihongbo22@huawei.com Signed-off-by: Paolo Abeni commit ed42b2bcd38e95a967287273144a7c7a1dbc97cb Merge: d2095989943b88 68db604e16d56f Author: Paolo Abeni Date: Thu Sep 5 12:51:48 2024 +0200 Merge branch 'bonding-support-new-xfrm-state-offload-functions' Hangbin Liu says: ==================== Bonding: support new xfrm state offload functions Add 2 new xfrm state offload functions xdo_dev_state_advance_esn and xdo_dev_state_update_stats for bonding. The xdo_dev_state_free will be added by Jianbo's patchset [1]. I will add the bonding xfrm policy offload in future. v7: no update, just rebase the code. v6: Use "Return: " based on ./scripts/kernel-doc (Simon Horman) v5: Rebase to latest net-next, update function doc (Jakub Kicinski) v4: Ratelimit pr_warn (Sabrina Dubroca) v3: Re-format bond_ipsec_dev, use slave_warn instead of WARN_ON (Nikolay Aleksandrov) Fix bond_ipsec_dev defination, add *. (Simon Horman, kernel test robot) Fix "real" typo (kernel test robot) v2: Add a function to process the common device checking (Nikolay Aleksandrov) Remove unused variable (Simon Horman) v1: lore.kernel.org/netdev/20240816035518.203704-1-liuhangbin@gmail.com ==================== Link: https://patch.msgid.link/20240904003457.3847086-1-liuhangbin@gmail.com Signed-off-by: Paolo Abeni commit 68db604e16d56f50de48cdd0c47f510394c1fbe9 Author: Hangbin Liu Date: Wed Sep 4 08:34:57 2024 +0800 bonding: support xfrm state update The patch add xfrm statistics update for bonding IPsec offload. Reviewed-by: Nikolay Aleksandrov Acked-by: Jay Vosburgh Signed-off-by: Hangbin Liu Signed-off-by: Paolo Abeni commit 96d30bf9410954526106ea78659ba18ab9ce9ab5 Author: Hangbin Liu Date: Wed Sep 4 08:34:56 2024 +0800 bonding: Add ESN support to IPSec HW offload Currently, users can see that bonding supports IPSec HW offload via ethtool. However, this functionality does not work with NICs like Mellanox cards when ESN (Extended Sequence Numbers) is enabled, as ESN functions are not yet supported. This patch adds ESN support to the bonding IPSec device offload, ensuring proper functionality with NICs that support ESN. Reviewed-by: Nikolay Aleksandrov Acked-by: Jay Vosburgh Signed-off-by: Hangbin Liu Signed-off-by: Paolo Abeni commit 1ddec5d0eec4b79461347cd9eaa880b9e4dd0567 Author: Hangbin Liu Date: Wed Sep 4 08:34:55 2024 +0800 bonding: add common function to check ipsec device This patch adds a common function to check the status of IPSec devices. This function will be useful for future implementations, such as IPSec ESN and state offload callbacks. Suggested-by: Nikolay Aleksandrov Reviewed-by: Nikolay Aleksandrov Acked-by: Jay Vosburgh Signed-off-by: Hangbin Liu Signed-off-by: Paolo Abeni commit ba2b9de0c1ac2abfbe663414a292c5881e64c361 Author: Jani Nikula Date: Mon Sep 2 19:13:17 2024 +0300 drm/tegra: fix potential uninitialized variable use It's likely either output->drm_edid or output->ddc is non-NULL, but avoid the uninitialized variable usage anyway. Reported-by: kernel test robot Closes: https://lore.kernel.org/r/ZtXLyXxew7z6H2bD@stanley.mountain Fixes: 98365ca74cbf ("drm/tegra: convert to struct drm_edid") Cc: Thierry Reding Cc: Daniel Vetter Cc: linux-tegra@vger.kernel.org Acked-by: Thierry Reding Link: https://patchwork.freedesktop.org/patch/msgid/20240902161317.2437148-1-jani.nikula@intel.com Signed-off-by: Jani Nikula (cherry picked from commit 8e514bad271723473d31fcc496f7143ba49c43c5) Signed-off-by: Thomas Zimmermann commit 54fccad63ec88924db828df6fc0648930bccf345 Author: Rafael J. Wysocki Date: Mon Aug 26 18:37:16 2024 +0200 thermal: core: Drop thermal_zone_device_is_enabled() There are only two callers of thermal_zone_device_is_enabled() and one of them call is under the zone lock and the other one uses lockdep_assert_held() on that lock. Thus the lockdep_assert_held() in thermal_zone_device_is_enabled() is redundant and it could be dropped, but then the function would merely become a wrapper around a simple tz->mode check that is more convenient to do directly. Accordingly, drop thermal_zone_device_is_enabled() altogether and update its callers to check tz->mode directly as appropriate. While at it, combine the tz->mode and tz->suspended checks in __thermal_zone_device_update() because they are of a similar category and if any of them evaluates to "true", the outcome is the same. No intentinal functional impact. Signed-off-by: Rafael J. Wysocki Link: https://patch.msgid.link/9353673.CDJkKcVGEf@rjwysocki.net commit 3c3ee53df47605476b9ff86a5abc6057b72be89c Author: Rafael J. Wysocki Date: Mon Aug 26 18:32:36 2024 +0200 thermal: core: Check passive delay in monitor_thermal_zone() The only case in which thermal_zone_device_set_polling() is called with its second argument equal to zero is when passive cooling is under way and passive_delay_jiffies is 0, which only happens when the given thermal zone is not polled at all. If monitor_thermal_zone() is modified to check passive_delay_jiffies directly, the check of the thermal_zone_device_set_polling() second argument against 0 can be dropped and a passive_delay check can be dropped from thermal_zone_device_register_with_trips(), so change the code accordingly. No intentional functional impact. Signed-off-by: Rafael J. Wysocki Link: https://patch.msgid.link/2004353.PYKUYFuaPT@rjwysocki.net commit fcfacd544b74ee76de6fd8642340345669da407b Author: Rafael J. Wysocki Date: Mon Aug 26 18:31:32 2024 +0200 thermal: core: Drop dead code from monitor_thermal_zone() Since monitor_thermal_zone() is only called when the given thermal zone has been enabled, as per the thermal_zone_device_is_enabled() check in __thermal_zone_device_update(), the tz->mode check in it always evaluates to "false" and the thermal_zone_device_set_polling() invocation depending on it is dead code, so drop it. No functional impact. Signed-off-by: Rafael J. Wysocki Link: https://patch.msgid.link/10547425.nUPlyArG6x@rjwysocki.net commit 49029b507e3ad9de35faca497c7bde0e83fcc036 Author: Rafael J. Wysocki Date: Mon Aug 26 18:30:42 2024 +0200 thermal: core: Drop redundant lockdep_assert_held() Along the lines of commit 24aad192c671 ("thermal: core: Drop redundant checks from thermal_bind_cdev_to_trip()") notice that thermal_unbind_cdev_from_trip() is only called by thermal_zone_cdev_unbind() under the thermal zone lock, so it need not use lockdep_assert_held() for that lock. No functional impact. Signed-off-by: Rafael J. Wysocki Link: https://patch.msgid.link/3341369.44csPzL39Z@rjwysocki.net commit 15cb56bd529868d9242b22812fc69bd144bfdc94 Author: Rafael J. Wysocki Date: Mon Aug 26 18:23:49 2024 +0200 thermal: gov_bang_bang: Adjust states of all uninitialized instances If a cooling device is registered after a thermal zone it should be bound to and the trip point it should be bound to has already been crossed by the zone temperature on the way up, the cooling device's state may need to be adjusted, but the Bang-bang governor will not do that because its .manage() callback only looks at thermal instances for trip points whose thresholds are below or at the zone temperature. Address this by updating bang_bang_manage() to look at all of the uninitialized thermal instances and setting their target states in accordance with the position of the zone temperature with respect to the threshold of the given trip point. Fixes: 5f64b4a1ab1b ("thermal: gov_bang_bang: Add .manage() callback") Signed-off-by: Rafael J. Wysocki Reviewed-by: Lukasz Luba Link: https://patch.msgid.link/6103874.lOV4Wx5bFT@rjwysocki.net commit 874b6476fa888e79e41daf7653384c8d70927b90 Author: Rafael J. Wysocki Date: Mon Aug 26 18:21:59 2024 +0200 thermal: sysfs: Add sanity checks for trip temperature and hysteresis Add sanity checks for new trip temperature and hysteresis values to trip_point_temp_store() and trip_point_hyst_store() to prevent trip point threshold from falling below THERMAL_TEMP_INVALID. However, still allow user space to pass THERMAL_TEMP_INVALID as the new trip temperature value to invalidate the trip if necessary. Also allow the hysteresis to be updated when the temperature is invalid to allow user space to avoid having to adjust hysteresis after a valid temperature has been set, but in that case just change the value and do nothing else. Fixes: be0a3600aa1e ("thermal: sysfs: Rework the handling of trip point updates") Cc: 6.8+ # 6.8+ Signed-off-by: Rafael J. Wysocki Reviewed-by: Lukasz Luba Link: https://patch.msgid.link/12528772.O9o76ZdvQC@rjwysocki.net commit 4f6dc10b7e4a2a747df425c01c87298673b9a512 Merge: a77498a43345e9 ba728bda663b0e Author: Arnd Bergmann Date: Thu Sep 5 10:24:54 2024 +0000 Merge tag 'qcom-arm64-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux into soc/dt Qualcomm Arm64 DeviceTree updates for v6.12 This introduces support for the following devices: - Lenovo Thinkpad T14s Gen 6 - Microsoft Surface Laptop 7 laptop - Lenovo A6000 - Lenovo A6010 - Samsung Galaxy J3, - Lenovo Vibe K5 (multiple variants) - LG G4 IPQ5332 global clock controller is marked as an interconnect-provider, and the USB interrupt triggers are corrected. Touchscreen description is added to the Samsung Galaxy Core Prime and Max, and touch keys are added to the Samsung Galaxy Grand Prime and Galaxy Tab A. Camera flash is added to BQ Aquaris M5 and X5. The SD-card slot is described for the QCM6490 IDP. For SA8775P CPU and LLCC bwmon is added, audio, compute and general purpose DSP remoteprocs are added, with FastRPC on audio and compute DSP. CPUidle states, capacity and DPC properties are added. On SC8180X definitions for the multiport USB controller is introduced, and enabled on the Lenovo Flex 5G to bring the camera to life. Power key definitions are added as well. The RGB camera sensor on the Lenovo ThinkPad X13s is described. PCIe pinconf properties are cleaned up on this and the CRD. The four USB Type-A ports found on the SA8295P ADP are enabled. The modem subsystem remoteproc is introduced on the SDX75 and enabled on the IDP device. Camera, display and GPU clock controllers are added for the SM4450 platform. On the F(x)tec Pro1X device, display, GPU, WiFi, RGB LED, SD-card, remoteprocs, USB3 SuperSpeed, touchscreen, IO-expander, hall switch, caps lock LED and camera button are introduced. The camera clock controller is added to SM8150, and the GPU-only "amd,imageon" compatible is dropped from the MTP device. Refgen regulator for the DSI nodes of SM8350 is described, and the display subsystem interconnect paths are corrected. The camera control interface controllers are described on both SM8550 and SM8650. The bluetooth node on on SM8550 QRD, SM8650 QRD and SM8650 HDK are transitioned to the power sequence description. WiFi is added to the SM8550 hardware development kit (HDK). On the X1 Elite platform, one more UART, a DisplayPort PHY, the USB multiport controller, a PCIe controller and PHY are added. Orientation switching is wired up for the USB+DP PHYs. RPMh statistics node is added. For the X1 Elite CRD the LID switch and the SDX65 modems are introduced. * tag 'qcom-arm64-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux: (120 commits) arm64: dts: qcom: x1e80100: Fix PHY for DP2 arm64: dts: qcom: qcm6490-idp: Add SD Card node arm64: dts: qcom: x1e80100: Add orientation-switch to all USB+DP QMP PHYs arm64: dts: qcom: Add X1E78100 ThinkPad T14s Gen 6 dt-bindings: arm: qcom: Add Lenovo ThinkPad T14s Gen 6 Revert "arm64: dts: qcom: msm8939-longcheer-l9100: Add rear flash" arm64: dts: qcom: Add support for X1-based Surface Laptop 7 devices arm64: dts: qcom: x1e80100: Add UART2 arm64: dts: qcom: x1e80100-pmics: Add PMC8380C PWM dt-bindings: arm: qcom: Add Surface Laptop 7 devices arm64: dts: qcom: sm8150-mtp: drop incorrect amd,imageon arm64: qcom: sa8775p: Add ADSP and CDSP0 fastrpc nodes arm64: dts: qcom: x1e80100: Add USB Multiport controller arm64: dts: qcom: sa8775p: fix the fastrpc label arm64: dts: qcom: ipq5332: Add icc provider ability to gcc dt-bindings: interconnect: Add Qualcomm IPQ5332 support arm64: dts: qcom: sm8250: move lpass codec macros to use clks directly arm64: dts: qcom: msm8998: Add disabled support for LPASS iommu for Q6 dt-bindings: clock: gcc-msm8998: Add Q6 and LPASS clocks definitions arm64: dts: qcom: msm8976: Add restart node ... Link: https://lore.kernel.org/r/20240904215752.24465-1-andersson@kernel.org Signed-off-by: Arnd Bergmann commit a77498a43345e9d593edf274216fb71c22fdd5a8 Merge: a0f35e934e0b60 a11a87a9a66e5e Author: Arnd Bergmann Date: Thu Sep 5 10:23:50 2024 +0000 Merge tag 'qcom-arm32-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux into soc/dt Qualcomm Arm32 DeviceTree updates for v6.12 MSM8226 gains CPU frequency scaling support and CPU thermal zones wired up. The Nokia Lumia 630 and 830 gains inertial sensors. Samsung Galaxy S5 gains pstore functionality. A range of fixes for DeviceTree validation issues are added. * tag 'qcom-arm32-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux: ARM: dts: qcom: add generic compat string to RPM glink channels ARM: dts: qcom: msm8226-microsoft-common: Add inertial sensors ARM: dts: qcom: msm8226: Convert APCS usages to mbox interface ARM: dts: qcom: msm8226: Hook up CPU cooling ARM: dts: qcom: msm8226: Add CPU frequency scaling support ARM: dts: qcom: {a,i}pq8064: correct clock-names in sata node ARM: dts: qcom: apq8064: drop reg-names on sata-phy node ARM: dts: qcom: msm8974pro-samsung-klte: Add pstore node ARM: dts: qcom: ipq4019: adhere to pinctrl dtschema ARM: dts: qcom: ipq8064: adhere to pinctrl dtschema ARM: dts: qcom: apq8064: adhere to pinctrl dtschema ARM: dts: qcom: asus,nexus7-flo: remove duplicate pinctrl handle in i2c nodes ARM: dts: qcom: apq8064-pins: correct error in drive-strength property ARM: dts: qcom: pma8084: add pon node Link: https://lore.kernel.org/r/20240904193228.15466-1-andersson@kernel.org Signed-off-by: Arnd Bergmann commit a0f35e934e0b600088926ec26e2be18abca02967 Merge: 76276bfb89f28e 7d6b8316ba139c Author: Arnd Bergmann Date: Thu Sep 5 10:22:45 2024 +0000 Merge tag 'stm32-dt-for-v6.12-1' of https://git.kernel.org/pub/scm/linux/kernel/git/atorgue/stm32 into soc/dt STM32 DT for v6.12, round 1 Highlights: ----------- - MPU: - STM32MP13: - DH DHSBC board: - Fix Ethernet: MDIO lines in sleep, disable PHY clock out. - Add nvmem cells for ETH MAC address (use OTP to get MAC addr) - Add led usage for RTL8211 PHY. - STMP32MP15: - Protonic boards: - Fix QSPI pins configuration for prtt1x boards. - Add new MECI01 and MECT1S boards support: - MECIO1: I/O and motor control used in blood sample anlysis. - MECT1S: 1000 base-T1 switch for internal machine networks of blood sample analysis machines. - DH PDK2 board: - Use SAI to generate bit and frame clock. * tag 'stm32-dt-for-v6.12-1' of https://git.kernel.org/pub/scm/linux/kernel/git/atorgue/stm32: ARM: dts: stm32: Use SAI to generate bit and frame clock on STM32MP15xx DHCOM PDK2 ARM: dts: stm32: Switch bitclock/frame-master to flag on STM32MP15xx DHCOM PDK2 ARM: dts: stm32: Sort properties in audio endpoints on STM32MP15xx DHCOM PDK2 ARM: dts: stm32: Add MECIO1 and MECT1S board variants dt-bindings: arm: stm32: Add compatible strings for Protonic boards ARM: dts: stm32: stm32mp151a-prtt1l: Fix QSPI configuration ARM: dts: stm32: Describe PHY LEDs in DH STM32MP13xx DHCOR DHSBC board DT ARM: dts: stm32: Add missing gpio options for sdmmc2_d47_pins_d ARM: dts: stm32: Add ethernet MAC nvmem cells to DH STM32MP13xx DHCOR DHSBC board ARM: dts: stm32: Disable PHY clock output on DH STM32MP13xx DHCOR DHSBC board ARM: dts: stm32: Keep MDIO bus in AF across suspend DH STM32MP13xx DHCOR DHSBC board Link: https://lore.kernel.org/r/1091e600-f1e7-4d1f-b83d-c67e8073772c@foss.st.com Signed-off-by: Arnd Bergmann commit 76276bfb89f28e2481306fc79fb3669129c43681 Merge: 003729a1e5c4dd 22644cc0443550 Author: Arnd Bergmann Date: Thu Sep 5 10:21:52 2024 +0000 Merge tag 'omap-for-v6.12/dt-signed' of https://git.kernel.org/pub/scm/linux/kernel/git/khilman/linux-omap into soc/dt ARM: dts: ti: mix am335x cleanups for v6.12 * tag 'omap-for-v6.12/dt-signed' of https://git.kernel.org/pub/scm/linux/kernel/git/khilman/linux-omap: ARM: dts: ti: omap: am335x-wega: Fix audio clock provider ARM: dts: ti: omap: am335x-regor: Fix RS485 settings ARM: dts: omap: am335x-bone: convert NVMEM content to layout syntax ARM: dts: am335x-bone-common: Increase MDIO reset deassert time Link: https://lore.kernel.org/r/7hh6avark1.fsf@baylibre.com Signed-off-by: Arnd Bergmann commit 003729a1e5c4ddaebb228a429e8cc5b90ddbab6e Merge: 9c6a3382f5ac44 f68db46a097785 Author: Arnd Bergmann Date: Thu Sep 5 10:18:53 2024 +0000 Merge tag 'imx-dt64-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux into soc/dt i.MX arm64 device tree changes for 6.12: - A series from Alexander Stein that improves imx93-tqma9352 board support by adding PMIC, eMMC regulators, pad configurations, etc. - A series from Benjamin Hahn that enables overlay for no Ethernet device, TPM and PCIe support for imx8mp-phycore board - A few changes from Fabio Estevam that fix dt-schema warnings for i.MX8MM and i.MX93 based boards - A series from Francesco Dolcini to add fxl6408 gpio expander, PMIC thermal zone and USB3803 HUB for colibri-imx8x board - A great number of changes from Frank Li that improve i.MX95 based with many device additions, and fix dt-schema warnings on various i.MX8 and layerscape device trees - A series from João Paulo Gonçalves to add HDMI audio, analog input, VPU, and sound card support for Toradex Verdin and Colibri boards - A series from Markus Niebel to improve imx93-tqma9352 board support - Add support for Kontron i.MX93 OSM-S SoM and BL carrier board - A couple of changes from Peng Fan to describe cache configuration for i.MX93 SoC and add device tree for i.MX93-14x14-EVK board - A series from Shengjiu Wang to improve various audio features for imx93-11x11-evk board - A series from Yashwanth Varakala to better describe regulator usage for imx8mp-phyboard-pollux board - Other random changes on various board device trees * tag 'imx-dt64-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux: (121 commits) arm64: dts: imx: rename gpio hog as -hog arm64: dts: imx8mp-var-som-symphony: Add Variscite Symphony board and VAR-SOM-MX8MP SoM arm64: dts: imx8mm-var-som: drop unused top-level compatible arm64: dts: ls1088ardb: add new RTC PCF2131 support arm64: dts: colibri-imx8x: Cleanup comments arm64: dts: colibri-imx8x: Add 50mhz clock for eth arm64: dts: colibri-imx8x: Add adma_pwm arm64: dts: colibri-imx8x: Add vpu support arm64: dts: colibri-imx8x: Add USB3803 HUB arm64: dts: colibri-imx8x: Add PMIC thermal zone arm64: dts: colibri-imx8x: Add sound card arm64: dts: colibri-imx8x: Add fxl6408 gpio expander arm64: dts: colibri-imx8x: Add analog inputs arm64: dts: colibri-imx8x: Add usb support arm64: dts: imx8qm-mek: add usb 3.0 and related type C nodes arm64: dts: imx8qm-mek: add i2c in mipi[0,1] subsystem arm64: dts: imx8qm-mek: add pwm and i2c in lvds subsystem arm64: dts: imx8qm-mek: add cm4 remote-proc and related memory region arm64: dts: imx8qm: add mipi subsystem arm64: dts: imx8: add basic mipi subsystem ... Link: https://lore.kernel.org/r/20240904143439.211552-5-shawnguo2@yeah.net Signed-off-by: Arnd Bergmann commit 9c6a3382f5ac44992db158315d2b9b8fb032c0fc Merge: 701f86fce5c9e8 c30f4711b8bf93 Author: Arnd Bergmann Date: Thu Sep 5 10:18:04 2024 +0000 Merge tag 'imx-dt-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux into soc/dt i.MX ARM device tree changes for 6.12: - A series from Fabio Estevam to fix dt-schema warnings on i.MX23, i.MX28 and i.MX27 device trees - A bunch of changes from Krzysztof Kozlowski that corrects TQ Systems DTS patterns in MAINTAINERS file and fix various dt-schema warnings - A couple changes from Liu Ying to improve HDMI support on i.MX53 QSB board - A series from Lukasz Majewski to update imx28-lwe device tree, fixing partition definitions, reducing SPI frequency and cleaning up SAIF - A series from Markus Niebel to improve TQ-Systems device trees, adding iio-hwmon device, using better compatible for LM75 temp sensor, moving I2C3 pinmux to a better place * tag 'imx-dt-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux: (27 commits) ARM: dts: imx28-lwe: Remove saif[01] definitions ARM: dts: imx28-lwe: Reduce maximal SPI frequency ARM: dts: imx28-lwe: Fix partitions definitions ARM: dts: imx6qdl: align pin config nodes with bindings ARM: dts: imx6sl: align pin config nodes with bindings ARM: dts: imx6ul: align pin config nodes with bindings ARM: dts: imx6ul-tx6ul: drop empty pinctrl placeholder ARM: dts: imx28-tx28: Fix the fsl,saif-master usage ARM: dts: imx6ull-seeed-npi: fix fsl,pins property in tscgrp pinctrl ARM: dts: imx6ul-geam: fix fsl,pins property in tscgrp pinctrl ARM: dts: imx23/8: Rename apbh and apbx nodes ARM: dts: imx6qdl-mba6b: remove doubled entry for I2C1 pinmux ARM: dts: imx6qdl-mba6: improve compatible for LM75 temp sensor ARM: dts: imx6qdl-tqma6: improve compatible for LM75 temp sensor ARM: dts: imx6qdl-tqma6: move i2c3 pinmux to imx6qdl-tqma6b ARM: dts: imx7d-sdb: align pin config nodes with bindings ARM: dts: imx7: align pin config nodes with bindings ARM: dts: imx7d-zii-rmu2: fix Ethernet PHY pinctrl property MAINTAINERS: correct TQ Systems DTS patterns ARM: dts: imx6: update spdif sound card node properties ... Link: https://lore.kernel.org/r/20240904143439.211552-4-shawnguo2@yeah.net Signed-off-by: Arnd Bergmann commit 701f86fce5c9e8bdd0d69f6e63bb044b1fffdd03 Merge: 8456010c955739 7dfb497191f0d8 Author: Arnd Bergmann Date: Thu Sep 5 10:17:31 2024 +0000 Merge tag 'imx-bindings-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux into soc/dt i.MX dt-bindings changes for 6.12: - New compatibles for boards: Kontron i.MX93 OSM-S, i.MX93 14x14 EVK, Variscite Symphony and VAR-SOM-MX8MP, etc - One spelling correction on TQ-Systems - One renaming of gw7905 to gw75xx * tag 'imx-bindings-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux: dt-bindings: arm: fsl: Add Variscite Symphony board and VAR-SOM-MX8MP SoM dt-bindings: arm: fsl: drop usage of VAR-SOM-MX8MM SoM compatible alone dt-bindings: arm: fsl: rename gw7905 to gw75xx dt-bindings: arm: fsl: Add Kontron i.MX93 OSM-S based boards dt-bindings: arm: fsl: correct spelling of TQ-Systems dt-bindings: arm: fsl: add fsl-ls2081a-rdb board dt-bindings: arm: fsl: add i.MX93 14x14 EVK board Link: https://lore.kernel.org/r/20240904143439.211552-3-shawnguo2@yeah.net Signed-off-by: Arnd Bergmann commit cf6444ba528f043398b112ac36e041a4d8685cb1 Author: Judith Mendez Date: Wed Sep 4 18:25:12 2024 -0500 mmc: sdhci_am654: Add prints to tuning algorithm Add debug prints to tuning algorithm for debugging. Also add error print if we fail tuning. Signed-off-by: Judith Mendez Link: https://lore.kernel.org/r/20240904232512.830778-3-jm@ti.com Signed-off-by: Ulf Hansson commit 901d16e462963cb0d824144be7448505b15ff4d6 Author: Judith Mendez Date: Wed Sep 4 18:25:11 2024 -0500 mmc: sdhci_am654: Add retry tuning Add retry tuning up to 10 times if we fail to find a failing region or no passing itapdly. This is necessary since some eMMC has been observed to never find a failing itapdly on the first couple of tuning iterations, but eventually does. Keep count of current tuning iteration using tuning_loop. It has been observed that the tuning algorithm does not need to loop more than 10 times before finding a failing itapdly. Signed-off-by: Judith Mendez Acked-by: Adrian Hunter Link: https://lore.kernel.org/r/20240904232512.830778-2-jm@ti.com Signed-off-by: Ulf Hansson commit 8456010c9557396361002a9c1882d7e0360e6c5a Merge: 7b6eee4f0e3177 fa1823d4e2ebf0 Author: Arnd Bergmann Date: Thu Sep 5 10:16:23 2024 +0000 Merge tag 'riscv-sophgo-dt-for-6.12' of https://github.com/sophgo/linux into soc/dt RISC-V Devicetrees for v6.12 Sopgho: Added DMA controller for CV18XX. Added I2C, MMC, GPIO and onboard MCU (HWMON) for SG2042. Enable SDHCI0 for HuashanPi (using cv1812h). Some minor changes about dt-bindings for Sipeed LicheeRV Nano board (using SG2002, and SG2002 is the new codename of CV181xC). Signed-off-by: Chen Wang * tag 'riscv-sophgo-dt-for-6.12' of https://github.com/sophgo/linux: dt-bindings: riscv: Add Sipeed LicheeRV Nano board compatibles dt-bindings: interrupt-controller: Add SOPHGO SG2002 plic riscv: dts: sophgo: Add mcu device for Milk-V Pioneer riscv: sophgo: dts: add gpio controllers for SG2042 SoC riscv: sophgo: dts: add mmc controllers for SG2042 SoC riscv: dts: sophgo: Add i2c device support for sg2042 riscv: dts: sophgo: Use common "interrupt-parent" for all peripherals for sg2042 riscv: dts: sophgo: Add sdhci0 configuration for Huashan Pi riscv: dts: sophgo: cv18xx: add DMA controller Link: https://lore.kernel.org/r/MA0P287MB28228F4FC59B057DF57D9A11FE9C2@MA0P287MB2822.INDP287.PROD.OUTLOOK.COM Signed-off-by: Arnd Bergmann commit 7b6eee4f0e3177b2e4031b7b6151bee8526575d9 Merge: 5d9e36498bea0e 5b035d14a508ef Author: Arnd Bergmann Date: Thu Sep 5 10:14:45 2024 +0000 Merge tag 'ti-k3-dt-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/ti/linux into soc/dt TI K3 device tree updates for v6.12 Generic Fixups/Cleanups: - AM62, AM62A, AM64, AM65, AM62P: ESM node cleanups - J784s4, J721s2, J721e, AM65: FSS (Flash subsystem) fixups for ranges - j721e/j7200/j721s2/am68/am69 SK/SoM, IOT2050: Disable of R5F lockstep - j721e/j7200/j721s2/am68/am69 reserve GP timers for firmware usage. - Misc device tree warning fixups: Serdes simple-mfd fixes for am654-serdes-ctrl; rename of gpio-hog nodes; mux-controller node names SoC Specific features and Fixes: New boards: - AM67A/J722s based BeagleBoard.org Foundation's BeagleY-AI AM62: - Thermal throttling enabled AM62A: - Add E5010 JPEG encoder AM62P: - gpio-reserved ranges - SK: drop cts/rts for wakeup_uart0 firmware console pinmux J722s: (AM62P variant) - IPC/Remote proc for C7x and R5F - gpio-reserved ranges - EVM: Add main_uart5 description and CAN support. AM64x: - adc description fixes for dtbs_check warnings - tqma64xxl and phyboard-electra: Add PRUSS ICSSG capability - CPSW Ethernet is now disabled by default at SoC level and enabled explicitly at board level. - USB property to add fall back to j721e AM65x: - IOT2050: Add overlays for M.2, add Eth phy LED description - idk: Fixes for DMA causing dtbs_check warning, Add MCAN J721e: - SK and beagleboneai64: Fixes for inverted C6x carveouts J721s2: - AM68-SK: Fixes for mmc clkb internal mux, ospi partition for uboot.backup alignment fixup. J784s4: - WDT clock ID fix. - EVM: Use 4 lanes for PCIe0. * tag 'ti-k3-dt-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/ti/linux: (57 commits) arm64: dts: ti: k3-j722s-evm: Enable Inter-Processor Communication arm64: dts: ti: k3-j722s-main: Add R5F and C7x remote processor nodes arm64: dts: ti: k3-am68-sk-som: Update Partition info for OSPI Flash arm64: dts: ti: Add k3-am67a-beagley-ai dt-bindings: arm: ti: Add BeagleY-AI arm64: dts: ti: iot2050: Declare Ethernet PHY leds arm64: dts: ti: k3-am65: Add ESM nodes arm64: dts: ti: k3-am64: Add more ESM interrupt sources arm64: dts: ti: k3-am62a: Add ESM nodes arm64: dts: ti: k3-am62: Add comments to ESM nodes arm64: dts: ti: k3-am62p: Fix ESM interrupt sources arm64: dts: ti: k3-am62p: Remove 'reserved' status for ESM arm64: dts: ti: k3-j721s2-evm-gesi-exp-board: Rename gpio-hog node name arm64: dts: ti: k3-am642-evm-nand: Rename pinctrl node and gpio-hog names arm64: dts: ti: k3-am654-idk: Fix dtbs_check warning in ICSSG dmas arm64: dts: ti: k3-j784s4: Include entire FSS region in ranges arm64: dts: ti: k3-j721s2: Include entire FSS region in ranges arm64: dts: ti: k3-j721e: Include entire FSS region in ranges arm64: dts: ti: k3-am65: Include entire FSS region in ranges arm64: dts: ti: k3-am64: add USB fallback compatible to J721E ... Link: https://lore.kernel.org/r/20240903155701.q7soxtplbkfofwxt@entering Signed-off-by: Arnd Bergmann commit 7e856617a1f34fc9714eaf562b78fcffacda4e3e Author: Detlev Casanova Date: Wed Sep 4 16:30:58 2024 -0400 dt-bindings: mmc: Add support for rk3576 eMMC The device is compatible with rk3588, so add an entry for the 2 compatibles together. The rk3576 device has a power-domain that needs to be on for the eMMC to be used. Add it as a requirement. Signed-off-by: Detlev Casanova Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240904203154.253655-2-detlev.casanova@collabora.com Signed-off-by: Ulf Hansson commit 5d9e36498bea0e617c8bde1fca679f3a5e75007e Merge: 06b6879f0a07dd cc41aa93bbafdf Author: Arnd Bergmann Date: Thu Sep 5 10:13:40 2024 +0000 Merge tag 'renesas-dts-for-v6.12-tag2' of https://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-devel into soc/dt Renesas DTS updates for v6.12 (take two) - Add support for Ethernet TSN and PCIe on the R-Car V4H SoC and the White-Hawk (Single) development board, - Add display support for the RZ/G2UL SoC and the RZ/G2UL SMARC EVk board, - Add I2C support for the RZ/G3S SoC and the RZ/G3S SMARC EVK board, - Add support for HDMI audio on the RZ/G2L and RZ/G2LC SMARC EVK boards, - Add initial support for the RZ/V2H(P) (R9A09G057) SoC and the RZ/V2H EVK board, - Miscellaneous fixes and improvements. * tag 'renesas-dts-for-v6.12-tag2' of https://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-devel: (34 commits) arm64: dts: renesas: r8a779h0: Add family fallback for CSISP IP arm64: dts: renesas: r8a779a0: Add family fallback for CSISP IP arm64: dts: renesas: r8a779g0: Add family fallback for CSISP IP arm64: dts: renesas: r8a779h0: Add family fallback for VIN IP arm64: dts: renesas: r8a779a0: Add family fallback for VIN IP arm64: dts: renesas: r8a779g0: Add family fallback for VIN IP arm64: dts: renesas: r9a09g057h44-rzv2h-evk: Enable watchdog arm64: dts: renesas: r9a09g057h44-rzv2h-evk: Enable OSTM, I2C, and SDHI arm64: dts: renesas: r9a09g057: Add WDT0-WDT3 nodes arm64: dts: renesas: r9a09g057: Add SDHI0-SDHI2 nodes arm64: dts: renesas: r9a09g057: Add RIIC0-RIIC8 nodes arm64: dts: renesas: r9a09g057: Add OSTM0-OSTM7 nodes arm64: dts: renesas: Add initial DTS for RZ/V2H EVK board arm64: dts: renesas: Add initial SoC DTSI for RZ/V2H(P) SoC dt-bindings: soc: renesas: Document RZ/V2H EVK board dt-bindings: clock: renesas: Document RZ/V2H(P) SoC CPG arm64: dts: renesas: r9a07g043u11-smarc: Enable DU arm64: dts: renesas: rzg2lc-smarc: Enable HDMI audio arm64: dts: renesas: rzg2l-smarc: Enable HDMI audio arm64: dts: renesas: r9a07g043u: Add DU node ... Link: https://lore.kernel.org/r/cover.1725374275.git.geert+renesas@glider.be Signed-off-by: Arnd Bergmann commit 819e4b3723bf191e0887207f7d456f4b928a87f0 Author: Avri Altman Date: Tue Sep 3 16:38:55 2024 +0300 Documentation: mmc: Add mmc-test doc Add missing documentation for mmc_test. Reviewed-by: Christian Loehle Signed-off-by: Avri Altman Link: https://lore.kernel.org/r/20240903133855.3589845-1-avri.altman@wdc.com Signed-off-by: Ulf Hansson commit e4a82810c685f21eb617e1aab3c0b93e03ca6def Merge: d32d0c26ed67ce 115c14ee54aae1 Author: Arnd Bergmann Date: Thu Sep 5 10:12:55 2024 +0000 Merge tag 'qcom-arm64-defconfig-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux into soc/defconfig Qualcomm Arm64 defconfig updates for v6.12 Enable the Qualcomm refgen regulator driver, being introduced in SM8350 for DSI, as a module. * tag 'qcom-arm64-defconfig-for-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux: arm64: defconfig: build CONFIG_REGULATOR_QCOM_REFGEN as module Link: https://lore.kernel.org/r/20240904194827.16766-1-andersson@kernel.org Signed-off-by: Arnd Bergmann commit d32d0c26ed67cedd4ee58938c233ec30c0c9b6d2 Merge: 714dfb9556b4c0 7f66e527170648 Author: Arnd Bergmann Date: Thu Sep 5 10:12:33 2024 +0000 Merge tag 'imx-defconfig-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux into soc/defconfig i.MX defconfig changes for 6.12: - Enable ADP5585 GPIO and PWM drivers in arm64 defconfig, which are needed by i.MX93 11x11 EVK board. * tag 'imx-defconfig-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux: arm64: defconfig: Enable ADP5585 GPIO and PWM drivers Link: https://lore.kernel.org/r/20240904143439.211552-6-shawnguo2@yeah.net Signed-off-by: Arnd Bergmann commit 714dfb9556b4c0b1f13495c07d0c33fa34d70272 Merge: 78b7ade94fe3e9 e8c643daeaa904 Author: Arnd Bergmann Date: Thu Sep 5 10:12:02 2024 +0000 Merge tag 'ti-k3-config-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/ti/linux into soc/defconfig TI K3 defconfig updates for v6.12 - Enable E5010 JPEG Encoder as kernel module * tag 'ti-k3-config-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/ti/linux: arm64: defconfig: Enable E5010 JPEG Encoder Link: https://lore.kernel.org/r/20240903155647.jy2uparewobeekrd@dreamless Signed-off-by: Arnd Bergmann commit 35e834e812f71299b9899e220e479ca2e734b147 Merge: 350d0f012c9f15 1ec2362084a013 Author: Arnd Bergmann Date: Thu Sep 5 10:06:18 2024 +0000 Merge tag 'imx-soc-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux into soc/arm i.MX SoC changes for 6.12: - One cleanup from Fabio Estevam to remove Ethernet refclock setting from i.MX6SX machine code - One change from Nathan Chancellor that annotates imx7d_enet_init() as __init to clears up a section mismatch seen with the recent LLVM * tag 'imx-soc-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/shawnguo/linux: ARM: imx: Annotate imx7d_enet_init() as __init ARM: mach-imx: imx6sx: Remove Ethernet refclock setting Link: https://lore.kernel.org/r/20240904143439.211552-2-shawnguo2@yeah.net Signed-off-by: Arnd Bergmann commit 350d0f012c9f1505e70eae55bd1a569903297244 Merge: d4c3179671bc5d 973d248c43f237 Author: Arnd Bergmann Date: Thu Sep 5 10:05:44 2024 +0000 Merge tag 'davinci-updates-for-v6.12-rc1' of https://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux into soc/arm Texas Instruments DaVinci updates for v6.12-rc1 - remove unused cpuidle code - remove unused function prototypes and stubs * tag 'davinci-updates-for-v6.12-rc1' of https://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux: ARM: davinci: remove unused cpuidle code ARM: davinci: remove unused davinci_init_ide() declaration ARM: davinci: remove unused davinci_cfg_reg_list() declaration Link: https://lore.kernel.org/r/20240904200530.80386-1-brgl@bgdev.pl Signed-off-by: Arnd Bergmann commit d4c3179671bc5d5e9d50cc766e846fe8b154af28 Merge: 773df3eb14ef39 1934b0c82e980d Author: Arnd Bergmann Date: Thu Sep 5 10:05:20 2024 +0000 Merge tag 'omap-for-v6.12/soc-signed' of https://git.kernel.org/pub/scm/linux/kernel/git/khilman/linux-omap into soc/arm ARM: OMAP1/2: misc SoC updates for v6.12 * tag 'omap-for-v6.12/soc-signed' of https://git.kernel.org/pub/scm/linux/kernel/git/khilman/linux-omap: ARM: OMAP1: Remove unused declarations in arch/arm/mach-omap1/pm.h ARM: omap2: Switch to use kmemdup_array() ARM: omap1: Remove unused struct 'dma_link_info' Link: https://lore.kernel.org/r/7h8qw7arhe.fsf@baylibre.com Signed-off-by: Arnd Bergmann commit 8d72eba1cf8cecd76a2b4c1dd7673c2dc775f514 Author: Dhananjay Ugwekar Date: Tue Jul 30 04:49:18 2024 +0000 perf/x86/rapl: Fix the energy-pkg event for AMD CPUs After commit: 63edbaa48a57 ("x86/cpu/topology: Add support for the AMD 0x80000026 leaf") ... on AMD processors that support extended CPUID leaf 0x80000026, the topology_die_cpumask() and topology_logical_die_id() macros no longer return the package cpumask and package ID, instead they return the CCD (Core Complex Die) mask and ID respectively. This leads to the energy-pkg event scope to be modified to CCD instead of package. So, change the PMU scope for AMD and Hygon back to package. On a 12 CCD 1 Package AMD Zen4 Genoa machine: Before: $ cat /sys/devices/power/cpumask 0,8,16,24,32,40,48,56,64,72,80,88. The expected cpumask here is supposed to be just "0", as it is a package scope event, only one CPU will be collecting the event for all the CPUs in the package. After: $ cat /sys/devices/power/cpumask 0 [ mingo: Cleaned up the changelog ] Signed-off-by: Dhananjay Ugwekar Signed-off-by: Ingo Molnar Reviewed-by: Kan Liang Link: https://lore.kernel.org/r/20240904100934.3260-1-Dhananjay.Ugwekar@amd.com commit 33d8525dc18f743ec698cb91749132a27cd9c8a8 Author: Kienan Stewart Date: Wed Sep 4 10:13:29 2024 -0400 fs/pipe: Correct imprecise wording in comment The comment inaccurately describes what pipefs is - that is, a file system. Signed-off-by: Kienan Stewart Link: https://lore.kernel.org/r/20240904-pipe-correct_imprecise_wording-v1-1-2b07843472c2@efficios.com Signed-off-by: Christian Brauner commit 7063c229a83667fec3938999b39dad0aea12906b Merge: 5c40e050e6ac02 4356d575ef0f39 Author: Christian Brauner Date: Mon Sep 2 16:15:44 2024 +0200 Merge patch series "fhandle: expose u64 mount id to name_to_handle_at(2)" Aleksa Sarai says: Now that we provide a unique 64-bit mount ID interface in statx(2), we can now provide a race-free way for name_to_handle_at(2) to provide a file handle and corresponding mount without needing to worry about racing with /proc/mountinfo parsing or having to open a file just to do statx(2). While this is not necessary if you are using AT_EMPTY_PATH and don't care about an extra statx(2) call, users that pass full paths into name_to_handle_at(2) need to know which mount the file handle comes from (to make sure they don't try to open_by_handle_at a file handle from a different filesystem) and switching to AT_EMPTY_PATH would require allocating a file for every name_to_handle_at(2) call, turning err = name_to_handle_at(-EBADF, "/foo/bar/baz", &handle, &mntid, AT_HANDLE_MNT_ID_UNIQUE); into int fd = openat(-EBADF, "/foo/bar/baz", O_PATH | O_CLOEXEC); err1 = name_to_handle_at(fd, "", &handle, &unused_mntid, AT_EMPTY_PATH); err2 = statx(fd, "", AT_EMPTY_PATH, STATX_MNT_ID_UNIQUE, &statxbuf); mntid = statxbuf.stx_mnt_id; close(fd); Also, this series adds a patch to clarify how AT_* flag allocation should work going forwards. * patches from https://lore.kernel.org/r/20240828-exportfs-u64-mount-id-v3-0-10c2c4c16708@cyphar.com: fhandle: expose u64 mount id to name_to_handle_at(2) uapi: explain how per-syscall AT_* flags should be allocated Link: https://lore.kernel.org/r/20240828-exportfs-u64-mount-id-v3-0-10c2c4c16708@cyphar.com Signed-off-by: Christian Brauner commit 4356d575ef0f39a3e8e0ce0c40d84ce900ac3b61 Author: Aleksa Sarai Date: Wed Aug 28 20:19:43 2024 +1000 fhandle: expose u64 mount id to name_to_handle_at(2) Now that we provide a unique 64-bit mount ID interface in statx(2), we can now provide a race-free way for name_to_handle_at(2) to provide a file handle and corresponding mount without needing to worry about racing with /proc/mountinfo parsing or having to open a file just to do statx(2). While this is not necessary if you are using AT_EMPTY_PATH and don't care about an extra statx(2) call, users that pass full paths into name_to_handle_at(2) need to know which mount the file handle comes from (to make sure they don't try to open_by_handle_at a file handle from a different filesystem) and switching to AT_EMPTY_PATH would require allocating a file for every name_to_handle_at(2) call, turning err = name_to_handle_at(-EBADF, "/foo/bar/baz", &handle, &mntid, AT_HANDLE_MNT_ID_UNIQUE); into int fd = openat(-EBADF, "/foo/bar/baz", O_PATH | O_CLOEXEC); err1 = name_to_handle_at(fd, "", &handle, &unused_mntid, AT_EMPTY_PATH); err2 = statx(fd, "", AT_EMPTY_PATH, STATX_MNT_ID_UNIQUE, &statxbuf); mntid = statxbuf.stx_mnt_id; close(fd); Reviewed-by: Jeff Layton Signed-off-by: Aleksa Sarai Link: https://lore.kernel.org/r/20240828-exportfs-u64-mount-id-v3-2-10c2c4c16708@cyphar.com Reviewed-by: Jan Kara Reviewed-by: Josef Bacik Signed-off-by: Christian Brauner commit b4fef22c2fb97fa204f0c99c7c7f1c6b422ef0aa Author: Aleksa Sarai Date: Wed Aug 28 20:19:42 2024 +1000 uapi: explain how per-syscall AT_* flags should be allocated Unfortunately, the way we have gone about adding new AT_* flags has been a little messy. In the beginning, all of the AT_* flags had generic meanings and so it made sense to share the flag bits indiscriminately. However, we inevitably ran into syscalls that needed their own syscall-specific flags. Due to the lack of a planned out policy, we ended up with the following situations: * Existing syscalls adding new features tended to use new AT_* bits, with some effort taken to try to re-use bits for flags that were so obviously syscall specific that they only make sense for a single syscall (such as the AT_EACCESS/AT_REMOVEDIR/AT_HANDLE_FID triplet). Given the constraints of bitflags, this works well in practice, but ideally (to avoid future confusion) we would plan ahead and define a set of "per-syscall bits" ahead of time so that when allocating new bits we don't end up with a complete mish-mash of which bits are supposed to be per-syscall and which aren't. * New syscalls dealt with this in several ways: - Some syscalls (like renameat2(2), move_mount(2), fsopen(2), and fspick(2)) created their separate own flag spaces that have no overlap with the AT_* flags. Most of these ended up allocating their bits sequentually. In the case of move_mount(2) and fspick(2), several flags have identical meanings to AT_* flags but were allocated in their own flag space. This makes sense for syscalls that will never share AT_* flags, but for some syscalls this leads to duplication with AT_* flags in a way that could cause confusion (if renameat2(2) grew a RENAME_EMPTY_PATH it seems likely that users could mistake it for AT_EMPTY_PATH since it is an *at(2) syscall). - Some syscalls unfortunately ended up both creating their own flag space while also using bits from other flag spaces. The most obvious example is open_tree(2), where the standard usage ends up using flags from *THREE* separate flag spaces: open_tree(AT_FDCWD, "/foo", OPEN_TREE_CLONE|O_CLOEXEC|AT_RECURSIVE); (Note that O_CLOEXEC is also platform-specific, so several future OPEN_TREE_* bits are also made unusable in one fell swoop.) It's not entirely clear to me what the "right" choice is for new syscalls. Just saying that all future VFS syscalls should use AT_* flags doesn't seem practical. openat2(2) has RESOLVE_* flags (many of which don't make much sense to burn generic AT_* flags for) and move_mount(2) has separate AT_*-like flags for both the source and target so separate flags are needed anyway (though it seems possible that renameat2(2) could grow *_EMPTY_PATH flags at some point, and it's a bit of a shame they can't be reused). But at least for syscalls that _do_ choose to use AT_* flags, we should explicitly state the policy that 0x2ff is currently intended for per-syscall flags and that new flags should err on the side of overlapping with existing flag bits (so we can extend the scope of generic flags in the future if necessary). And add AT_* aliases for the RENAME_* flags to further cement that renameat2(2) is an *at(2) flag, just with its own per-syscall flags. Suggested-by: Amir Goldstein Reviewed-by: Jeff Layton Reviewed-by: Josef Bacik Signed-off-by: Aleksa Sarai Link: https://lore.kernel.org/r/20240828-exportfs-u64-mount-id-v3-1-10c2c4c16708@cyphar.com Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 7d6b8316ba139c5a7cbbaa888089d9f4eb527dc9 Author: Marek Vasut Date: Fri Aug 30 23:56:38 2024 +0200 ARM: dts: stm32: Use SAI to generate bit and frame clock on STM32MP15xx DHCOM PDK2 By default the SGTL5000 derives bit and frame clock from MCLK, which does not produce particularly accurate results. The SGTL5000 PLL does improve the accuracy, but also increases power consumption. Using the SoC SAI interface as bit and frame clock source results in the best accuracy without the power consumption increase downside. Switch the bit and frame clock direction from SAI to SGTL5000, reduce mclk-fs to match. Signed-off-by: Marek Vasut Signed-off-by: Alexandre Torgue commit 5afb9b98a748ab9c6d5800aa62d90aaa5a28daa2 Author: Marek Vasut Date: Fri Aug 30 23:56:37 2024 +0200 ARM: dts: stm32: Switch bitclock/frame-master to flag on STM32MP15xx DHCOM PDK2 Switch the bitclock-master and frame-master properties from phandle to flag on STM32MP15xx DHCOM PDK2. There is no real reason to use phandle in this system DT, since the phandle points to the endpoint node which contains the property itself. Simplify the DT. No functional change. Signed-off-by: Marek Vasut Signed-off-by: Alexandre Torgue commit 2ac59e0957f8ab61eed226196f9532cc5e1b8fac Author: Marek Vasut Date: Fri Aug 30 23:56:36 2024 +0200 ARM: dts: stm32: Sort properties in audio endpoints on STM32MP15xx DHCOM PDK2 Sort properties alphabetically in audio endpoints of STM32MP15xx DHCOM PDK2 DT. No functional change. Signed-off-by: Marek Vasut Signed-off-by: Alexandre Torgue commit 8267753c891cfde08d4c6d6fa0ae2771cdb25b7d Author: David Jander Date: Fri Aug 9 11:16:15 2024 +0200 ARM: dts: stm32: Add MECIO1 and MECT1S board variants Introduce device tree support for the MECIO1 and MECT1S board variants. MECIO1 is an I/O and motor control board used in blood sample analysis machines. MECT1S is a 1000Base-T1 switch for internal machine networks of blood sample analysis machines. Signed-off-by: David Jander Signed-off-by: Oleksij Rempel Signed-off-by: Alexandre Torgue commit eb2247f1420a13976ea819ad701d9e7829ba6b78 Author: Oleksij Rempel Date: Fri Aug 9 11:16:14 2024 +0200 dt-bindings: arm: stm32: Add compatible strings for Protonic boards Add compatible strings for Protonic MECIO1r0 and MECT1S boards to the STM32MP151-based boards section and Protonic MECIO1r1 board to the STM32MP153-based boards section. MECIO1 is an I/O and motor control board used in blood sample analysis machines. MECT1S is a 1000Base-T1 switch for internal machine networks of blood sample analysis machines. Signed-off-by: Oleksij Rempel Reviewed-by: Krzysztof Kozlowski Signed-off-by: Alexandre Torgue commit 7de129f5389be1038b7748bf6b326ee37f3df933 Author: Oleksij Rempel Date: Mon Aug 12 12:41:42 2024 +0200 ARM: dts: stm32: stm32mp151a-prtt1l: Fix QSPI configuration Rename 'pins1' to 'pins' in the qspi_bk1_pins_a node to correct the subnode name. The incorrect name caused the configuration to be applied to the wrong subnode, resulting in QSPI not working properly. Some additional changes was made: - To avoid this kind of regression, all references to pin configuration nodes are now referenced directly using the format &{label/subnode}. - /delete-property/ bias-disable; was added everywhere where bias-pull-up is used - redundant properties like driver-push-pull are removed Signed-off-by: Oleksij Rempel Reviewed-by: Ahmad Fatoum Signed-off-by: Alexandre Torgue commit 9d4de04f615b5eac544584039548f292c3e19833 Author: Marek Vasut Date: Fri Jul 5 23:53:50 2024 +0200 ARM: dts: stm32: Describe PHY LEDs in DH STM32MP13xx DHCOR DHSBC board DT The RTL8211 PHY on DH STM32MP13xx DHCOR DHSBC carrier board supports HW LED offload, the LEDs can be configured on link at 10/100/1000 line rate and on RXTX activity. There are two PHYs on this board, each only has two out of three LEDs connected to the PHY LED outputs. Describe this hardware configuration in DT. Signed-off-by: Marek Vasut Signed-off-by: Alexandre Torgue commit 4a12b200a66c0fce782bc8cf46d0f33fc1245f03 Author: Sean Nyekjaer Date: Tue Jul 9 14:16:18 2024 +0200 ARM: dts: stm32: Add missing gpio options for sdmmc2_d47_pins_d This enables DDR50 mode for the eMMC on Octavo OSD32MP1-RED board. Fixes: be78ab4f632c ("ARM: dts: stm32: add initial support for stm32mp157-odyssey board") Signed-off-by: Sean Nyekjaer Reviewed-by: Ahmad Fatoum Signed-off-by: Alexandre Torgue commit 5d1ff2dde48fd983b4f4511e7fe72e2a1045717d Author: Marek Vasut Date: Sat Jun 29 19:10:30 2024 +0200 ARM: dts: stm32: Add ethernet MAC nvmem cells to DH STM32MP13xx DHCOR DHSBC board Describe ethernet MAC address nvmem cells in DH STM32MP13xx DHCOR DHSBC board DT. The MAC address can be fused in BSEC OTP fuses and used to set up MAC address for both ethernet MACs on this board. Signed-off-by: Marek Vasut Signed-off-by: Alexandre Torgue commit 44791c0fe327d3e43447094b0abca3bd768b16e4 Author: Marek Vasut Date: Fri Jul 5 10:01:02 2024 +0200 ARM: dts: stm32: Disable PHY clock output on DH STM32MP13xx DHCOR DHSBC board The RTL8211F PHY clock output is not used on DH STM32MP13xx DHCOR DHSBC board, disable it to improve EMI characteristics. Signed-off-by: Marek Vasut Signed-off-by: Alexandre Torgue commit b230e1b21c6217647d8452eab4c43420ef02b58d Author: Marek Vasut Date: Fri Jul 5 09:59:10 2024 +0200 ARM: dts: stm32: Keep MDIO bus in AF across suspend DH STM32MP13xx DHCOR DHSBC board The RTL8211F PHY gets confused when the MDIO bus lines get switched to ANALOG during suspend/resume cycle. Keep the MDIO and MDC lines in AF during suspend/resume to avoid confusing the PHY. The PHY can be brought out of the confused state by restarting auto-negotiation too, but that seems like an odd workaround and shouldn't be in the PHY driver. Signed-off-by: Marek Vasut Signed-off-by: Alexandre Torgue commit 1dbb6b1495d472806fef1f4c94f5b3e4c89a3c1d Author: David Kaplan Date: Wed Sep 4 10:07:11 2024 -0500 x86/bugs: Fix handling when SRSO mitigation is disabled When the SRSO mitigation is disabled, either via mitigations=off or spec_rstack_overflow=off, the warning about the lack of IBPB-enhancing microcode is printed anyway. This is unnecessary since the user has turned off the mitigation. [ bp: Massage, drop SBPB rationale as it doesn't matter because when mitigations are disabled x86_pred_cmd is not being used anyway. ] Signed-off-by: David Kaplan Signed-off-by: Borislav Petkov (AMD) Acked-by: Josh Poimboeuf Link: https://lore.kernel.org/r/20240904150711.193022-1-david.kaplan@amd.com commit d2095989943b88a4ab98d01d912c6c45925f2dcf Author: Tan En De Date: Sat Aug 31 09:11:14 2024 +0800 net: stmmac: Batch set RX OWN flag and other flags Minimize access to the RX descriptor by collecting all the flags in a local variable and then updating the descriptor at once. Signed-off-by: Tan En De Link: https://patch.msgid.link/20240831011114.2065912-1-ende.tan@starfivetech.com Signed-off-by: Paolo Abeni commit 95c13662b65c562d4902ad9f810378261347a749 Merge: fe826cc2654e85 2ab9d830262c13 Author: Ingo Molnar Date: Thu Sep 5 11:17:43 2024 +0200 Merge branch 'perf/urgent' into perf/core, to pick up fixes This also refreshes the -rc1 based branch to -rc5. Signed-off-by: Ingo Molnar commit d6a800796e9806f62b52f2aa80e52a2553e11e9f Author: Uwe Kleine-König Date: Mon Jul 29 16:34:17 2024 +0200 pwm: Simplify pwm_capture() When pwm_capture() is called, pwm is valid, so the checks for pwm and pwm->chip->ops being NULL can be dropped. Signed-off-by: Uwe Kleine-König Link: https://lore.kernel.org/r/ee7b3322c7b3e28defdfb886a70b8ba40d298416.1722261050.git.u.kleine-koenig@baylibre.com Signed-off-by: Uwe Kleine-König commit 75f0cb339b7814dc759c58a0d42fc5c1b93c7836 Author: Rob Herring (Arm) Date: Wed Jul 31 14:14:03 2024 -0600 pwm: lp3943: Use of_property_count_u32_elems() to get property length Replace of_get_property() with the type specific of_property_count_u32_elems() to get the property length. This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731201407.1838385-8-robh@kernel.org Signed-off-by: Uwe Kleine-König commit f9ecc2febf6fd6ad53208a1c0e1b5066ee65dd8b Author: Uwe Kleine-König Date: Fri Jul 12 19:18:20 2024 +0200 pwm: Don't export pwm_capture() There is only a single caller of this function, and that's in drivers/pwm/core.c itself. So don't export the function. Signed-off-by: Uwe Kleine-König Link: https://lore.kernel.org/r/20240712171821.1470833-2-u.kleine-koenig@baylibre.com Signed-off-by: Uwe Kleine-König commit 1c3e34bf8802b8b17d0c2067c43bb49b7e83885c Author: Uwe Kleine-König Date: Fri Jul 5 23:14:51 2024 +0200 pwm: Make info in traces about affected pwm more useful The hashed pointer isn't useful to identify the pwm device. Instead store and emit chipid and hwpwm. Signed-off-by: Uwe Kleine-König Link: https://lore.kernel.org/r/20240705211452.1157967-2-u.kleine-koenig@baylibre.com Signed-off-by: Uwe Kleine-König commit 9407f23d14edd42d372cefee023302bd95c9bca6 Author: Wolfram Sang Date: Thu Jul 25 21:38:05 2024 +0200 dt-bindings: pwm: renesas,tpu: Add r8a779h0 support Document support for the 16-Bit Timer Pulse Unit (TPU) in the Renesas R-Car V4M (R8A779H0) SoC. Signed-off-by: Wolfram Sang Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/r/20240725193803.14130-6-wsa+renesas@sang-engineering.com Signed-off-by: Uwe Kleine-König commit 24e529c5fbcad9a480607bb05128c61ba908a926 Author: Wolfram Sang Date: Thu Jul 25 21:38:04 2024 +0200 dt-bindings: pwm: renesas,pwm-rcar: Add r8a779h0 support Document support for the PWM timers in the Renesas R-Car V4M (R8A779H0) SoC. Signed-off-by: Wolfram Sang Acked-by: Krzysztof Kozlowski Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/r/20240725193803.14130-5-wsa+renesas@sang-engineering.com Signed-off-by: Uwe Kleine-König commit 22de489d1e9d6c30bf9554a9c58bf1dc8d951f7d Author: David Howells Date: Fri Jul 12 11:54:11 2024 +0100 netfs: Use bh-disabling spinlocks for rreq->lock Use bh-disabling spinlocks when accessing rreq->lock because, in the future, it may be twiddled from softirq context when cleanup is driven from cache backend DIO completion. Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-12-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 24c90a79f6068d309adda05d871855414bb75283 Author: David Howells Date: Tue Jul 9 09:47:17 2024 +0100 netfs: Set the request work function upon allocation Set the work function in the netfs_io_request work_struct when we allocate the request rather than doing this later. This reduces the number of places we need to set it in future code. Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-11-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit c57de2a9259d7dc18a7a425fca91c77502263d8a Author: David Howells Date: Tue Jul 9 09:43:38 2024 +0100 netfs: Remove NETFS_COPY_TO_CACHE Remove NETFS_COPY_TO_CACHE as it isn't used anymore. Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-10-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 51e9a86a4f75c6dc8531407b2ab2ccc4ad137e5a Author: David Howells Date: Tue Jul 9 09:45:46 2024 +0100 netfs: Reserve netfs_sreq_source 0 as unset/unknown Reserve the 0-valued netfs_sreq_source to mean unset or unknown so that it can be seen in the trace as such rather than appearing as download-from-server when it's going to get switched to something else. Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-9-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 52d55922e0f1db1f580c9f91c174d2392bfad481 Author: David Howells Date: Fri Jun 7 09:02:58 2024 +0100 netfs: Move max_len/max_nr_segs from netfs_io_subrequest to netfs_io_stream Move max_len/max_nr_segs from struct netfs_io_subrequest to struct netfs_io_stream as we only issue one subreq at a time and then don't need these values again for that subreq unless and until we have to retry it - in which case we want to renegotiate them. Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-8-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 73425800ac948cb78063b897a0c345d788f3594d Author: David Howells Date: Wed Jun 5 11:26:24 2024 +0100 netfs, cifs: Move CIFS_INO_MODIFIED_ATTR to netfs_inode Move CIFS_INO_MODIFIED_ATTR to netfs_inode as NETFS_ICTX_MODIFIED_ATTR and then make netfs_perform_write() set it. This means that cifs doesn't need to implement the ->post_modify() hook. Signed-off-by: David Howells cc: Jeff Layton cc: Steve French cc: Paulo Alcantara cc: linux-cifs@vger.kernel.org cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-7-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 8f52de0077ba3bf41e5d53d67a185700f41efce7 Author: David Howells Date: Wed Jun 5 11:33:01 2024 +0100 netfs: Reduce number of conditional branches in netfs_perform_write() Reduce the number of conditional branches in netfs_perform_write() by merging in netfs_how_to_modify() and then creating a separate if-statement for each way we might modify a folio. Note that this means replicating the data copy in each path. Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-6-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit ef966d73fb7cab5736407998a4ae42577bb34a3b Author: David Howells Date: Fri May 31 15:48:29 2024 +0100 netfs: Record contention stats for writeback lock Record statistics for contention upon the writeback serialisation lock that prevents racing writeback calls from causing each other to interleave their writebacks. These can be viewed in /proc/fs/netfs/stats on the WbLock line, with skip=N indicating the number of non-SYNC writebacks skipped and wait=N indicating the number of SYNC writebacks that waited. Signed-off-by: David Howells cc: Jeff Layton cc: Steve French cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-5-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 43ebbf939340586c504cea7d4991b0af95724603 Author: David Howells Date: Fri May 31 15:47:20 2024 +0100 netfs: Adjust labels in /proc/fs/netfs/stats Adjust the labels in /proc/fs/netfs/stats that refer to netfs-specific counters. These currently all begin with "Netfs", but change them to begin with more specific labels. Signed-off-by: David Howells cc: Jeff Layton cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-4-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 80887f31672970abae3aaa9cf62ac72a124e7c89 Author: David Howells Date: Tue Jul 23 15:35:29 2024 +0100 cachefiles: Fix non-taking of sb_writers around set/removexattr Unlike other vfs_xxxx() calls, vfs_setxattr() and vfs_removexattr() don't take the sb_writers lock, so the caller should do it for them. Fix cachefiles to do this. Fixes: 9ae326a69004 ("CacheFiles: A cache that backs onto a mounted filesystem") Signed-off-by: David Howells cc: Christian Brauner cc: Gao Xiang cc: netfs@lists.linux.dev cc: linux-erofs@lists.ozlabs.org cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20240814203850.2240469-3-dhowells@redhat.com/ # v2 Signed-off-by: Christian Brauner commit 28a7eeb9eb40fcfeec4f663cabe8d25bb2d9bd6a Author: Thomas Zimmermann Date: Wed Jul 31 15:09:50 2024 +0200 HID: picoLCD: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Signed-off-by: Jiri Kosina commit 23e12b54acf621f4f03381dca91cc5f1334f21fd Author: Daniel Sneddon Date: Thu Aug 29 12:24:37 2024 -0700 x86/bugs: Add missing NO_SSB flag The Moorefield and Lightning Mountain Atom processors are missing the NO_SSB flag in the vulnerabilities whitelist. This will cause unaffected parts to incorrectly be reported as vulnerable. Add the missing flag. These parts are currently out of service and were verified internally with archived documentation that they need the NO_SSB flag. Closes: https://lore.kernel.org/lkml/CAEJ9NQdhh+4GxrtG1DuYgqYhvc0hi-sKZh-2niukJ-MyFLntAA@mail.gmail.com/ Reported-by: Shanavas.K.S Signed-off-by: Daniel Sneddon Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20240829192437.4074196-1-daniel.sneddon@linux.intel.com commit f4d08a8fed0542effc545990b583b5322e5bd003 Author: Chen Ni Date: Thu Sep 5 10:42:45 2024 +0800 gpio: sama5d2-piobu: convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Signed-off-by: Chen Ni Link: https://lore.kernel.org/r/20240905024245.1642989-1-nichen@iscas.ac.cn Signed-off-by: Bartosz Golaszewski commit e202307b75660aad42fafbb0d3df2c9dadf019ec Author: Neil Armstrong Date: Thu Sep 5 09:02:10 2024 +0200 arm64: dts: amlogic: gxlx-s905l-p271: drop saradc gxlx compatible Drop the undocumented amlogic,meson-gxlx-saradc compatible by dropping the compatible override, and fix the following DTBs check: /soc/bus@c1100000/adc@8680: failed to match any schema with compatible: ['amlogic,meson-gxlx-saradc', 'amlogic,meson-saradc'] Fixes: f6386b5afa81 ("arm64: dts: meson: add GXLX/S905L/p271 support") Link: https://lore.kernel.org/r/20240905-topic-amlogic-upstream-gxlx-drop-iio-compat-v2-1-7a690eb95bc2@linaro.org [narmstrong: fix commit message] Signed-off-by: Neil Armstrong commit ed2e4bb17a4884cf29c3347353d8aabb7265b46c Author: Zong-Zhe Yang Date: Mon Sep 2 09:58:03 2024 +0800 wifi: rtw89: avoid reading out of bounds when loading TX power FW elements Because the loop-expression will do one more time before getting false from cond-expression, the original code copied one more entry size beyond valid region. Fix it by moving the entry copy to loop-body. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240902015803.20420-1-pkshih@realtek.com commit c9ac071e30ba4f2e770a0705564790502a7b931f Author: Eric Huang Date: Wed Aug 28 13:52:17 2024 +0800 wifi: rtw89: use frequency domain RSSI To get more accurate RSSI, this commit includes frequency domain RSSI info in RSSI calculation. Add correspond physts parsing and macro to get frequency domain RSSI information for supported IC. Signed-off-by: Eric Huang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240828055217.10263-3-pkshih@realtek.com commit 9ecb64ed07efda833608d1095a5c0ee92179f035 Author: Eric Huang Date: Wed Aug 28 13:52:16 2024 +0800 wifi: rtw89: adjust DIG threshold to reduce false alarm Use RSSI without subtracting offset as packet detection lower bound and set an absolute minimal threshold. It's equivalent to setting a higher noise floor, thereby reducing false alarm and improving interference endurance. Signed-off-by: Eric Huang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240828055217.10263-2-pkshih@realtek.com commit 43b7724487109368363bb5cda034b3f600278d14 Merge: d57f7b45945ac0 97b766f989bcd0 Author: Jakub Kicinski Date: Wed Sep 4 17:20:14 2024 -0700 Merge tag 'wireless-next-2024-09-04' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless-next Kalle Valo says: ==================== pull-request: wireless-next-2024-09-04 here's a pull request to net-next tree, more info below. Please let me know if there are any problems. ==================== Conflicts: drivers/net/wireless/ath/ath12k/hw.c 38055789d151 ("wifi: ath12k: use 128 bytes aligned iova in transmit path for WCN7850") 8be12629b428 ("wifi: ath12k: restore ASPM for supported hardwares only") https://lore.kernel.org/87msldyj97.fsf@kernel.org Link: https://patch.msgid.link/20240904153205.64C11C4CEC2@smtp.kernel.org Signed-off-by: Jakub Kicinski commit d57f7b45945ac0517ff8ea50655f00db6e8d637c Author: Sean Anderson Date: Tue Sep 3 14:49:12 2024 -0400 net: cadence: macb: Enable software IRQ coalescing by default This NIC doesn't have hardware IRQ coalescing. Under high load, interrupts can adversely affect performance. To mitigate this, enable software IRQ coalescing by default. On my system this increases receive throughput with iperf3 from 853 MBit/sec to 934 MBit/s, decreases interrupts from 69489/sec to 2016/sec, and decreases CPU utilization from 27% (4x Cortex-A53) to 14%. Latency is not affected (as far as I can tell). Signed-off-by: Sean Anderson Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240903184912.4151926-1-sean.anderson@linux.dev Signed-off-by: Jakub Kicinski commit aa01d13eecc9fd236f06e3971ef919d3561d2506 Merge: eff5b5fffc1d39 99857422338b67 Author: Andrii Nakryiko Date: Wed Sep 4 17:03:52 2024 -0700 Merge branch 'fix-accessing-first-syscall-argument-on-rv64' Pu Lehui says: ==================== Fix accessing first syscall argument on RV64 On RV64, as Ilya mentioned before [0], the first syscall parameter should be accessed through orig_a0 (see arch/riscv64/include/asm/syscall.h), otherwise it will cause selftests like bpf_syscall_macro, vmlinux, test_lsm, etc. to fail on RV64. Link: https://lore.kernel.org/bpf/20220209021745.2215452-1-iii@linux.ibm.com [0] v3: - Fix test case error. v2: https://lore.kernel.org/all/20240831023646.1558629-1-pulehui@huaweicloud.com/ - Access first syscall argument with CO-RE direct read. (Andrii) v1: https://lore.kernel.org/all/20240829133453.882259-1-pulehui@huaweicloud.com/ ==================== Link: https://lore.kernel.org/r/20240831041934.1629216-1-pulehui@huaweicloud.com Signed-off-by: Andrii Nakryiko commit 99857422338b67f0a2927cbc44fdaa8783717858 Author: Pu Lehui Date: Sat Aug 31 04:19:34 2024 +0000 libbpf: Fix accessing first syscall argument on RV64 On RV64, as Ilya mentioned before [0], the first syscall parameter should be accessed through orig_a0 (see arch/riscv64/include/asm/syscall.h), otherwise it will cause selftests like bpf_syscall_macro, vmlinux, test_lsm, etc. to fail on RV64. Let's fix it by using the struct pt_regs style CO-RE direct access. Signed-off-by: Pu Lehui Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20220209021745.2215452-1-iii@linux.ibm.com [0] Link: https://lore.kernel.org/bpf/20240831041934.1629216-5-pulehui@huaweicloud.com commit 4a4c4c0d0a42079d2fa97a232895c56ac2f3f573 Author: Pu Lehui Date: Sat Aug 31 04:19:33 2024 +0000 selftests/bpf: Enable test_bpf_syscall_macro: Syscall_arg1 on s390 and arm64 Considering that CO-RE direct read access to the first system call argument is already available on s390 and arm64, let's enable test_bpf_syscall_macro:syscall_arg1 on these architectures. Signed-off-by: Pu Lehui Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240831041934.1629216-4-pulehui@huaweicloud.com commit 9ab94078e868a45cbd23828b8377600b83a41fac Author: Pu Lehui Date: Sat Aug 31 04:19:32 2024 +0000 libbpf: Access first syscall argument with CO-RE direct read on arm64 Currently PT_REGS_PARM1 SYSCALL(x) is consistent with PT_REGS_PARM1_CORE SYSCALL(x), which will introduce the overhead of BPF_CORE_READ(), taking into account the read pt_regs comes directly from the context, let's use CO-RE direct read to access the first system call argument. Suggested-by: Andrii Nakryiko Signed-off-by: Pu Lehui Signed-off-by: Andrii Nakryiko Acked-by: Xu Kuohai Link: https://lore.kernel.org/bpf/20240831041934.1629216-3-pulehui@huaweicloud.com commit e4db2a821b6cff4bd59c0efabdbfdd84ac6005c1 Author: Pu Lehui Date: Sat Aug 31 04:19:31 2024 +0000 libbpf: Access first syscall argument with CO-RE direct read on s390 Currently PT_REGS_PARM1 SYSCALL(x) is consistent with PT_REGS_PARM1_CORE SYSCALL(x), which will introduce the overhead of BPF_CORE_READ(), taking into account the read pt_regs comes directly from the context, let's use CO-RE direct read to access the first system call argument. Suggested-by: Andrii Nakryiko Signed-off-by: Pu Lehui Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240831041934.1629216-2-pulehui@huaweicloud.com commit 569bf6d481b0b823c3c9c3b8be77908fd7caf66b Author: Niklas Söderlund Date: Tue Sep 3 19:15:36 2024 +0200 net: phy: Check for read errors in SIOCGMIIREG When reading registers from the PHY using the SIOCGMIIREG IOCTL any errors returned from either mdiobus_read() or mdiobus_c45_read() are ignored, and parts of the returned error is passed as the register value back to user-space. For example, if mdiobus_c45_read() is used with a bus that do not implement the read_c45() callback -EOPNOTSUPP is returned. This is however directly stored in mii_data->val_out and returned as the registers content. As val_out is a u16 the error code is truncated and returned as a plausible register value. Fix this by first checking the return value for errors before returning it as the register content. Before this patch, # phytool read eth0/0:1/0 0xffa1 After this change, $ phytool read eth0/0:1/0 error: phy_read (-95) Signed-off-by: Niklas Söderlund Reviewed-by: Florian Fainelli Reviewed-by: Andrew Lunn Reviewed-by: Yoshihiro Shimoda Tested-by: Yoshihiro Shimoda Reviewed-by: Geert Uytterhoeven Link: https://patch.msgid.link/20240903171536.628930-1-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Jakub Kicinski commit 8ed6e71219a3571a5583db6f839e80eebaa2853d Author: Li Zetao Date: Tue Sep 3 22:33:43 2024 +0800 pds_core: Remove redundant null pointer checks Since the debugfs_create_dir() never returns a null pointer, checking the return value for a null pointer is redundant, and using IS_ERR is safe enough. Signed-off-by: Li Zetao Link: https://patch.msgid.link/20240903143343.2004652-1-lizetao1@huawei.com Signed-off-by: Jakub Kicinski commit 4614ac219e3f441c64d98d684edbdc8945d49dcc Author: Li Zetao Date: Tue Sep 3 22:31:49 2024 +0800 ionic: Remove redundant null pointer checks in ionic_debugfs_add_qcq() Since the debugfs_create_dir() never returns a null pointer, checking the return value for a null pointer is redundant, and using IS_ERR is safe enough. Signed-off-by: Li Zetao Link: https://patch.msgid.link/20240903143149.2004530-1-lizetao1@huawei.com Signed-off-by: Jakub Kicinski commit 2a7e41be085bbe50220b44a5964228625cda1487 Merge: 6ffa72acc9c933 c9a1e2629d1066 Author: Jakub Kicinski Date: Wed Sep 4 16:57:13 2024 -0700 Merge branch 'unmask-upper-dscp-bits-part-3' Ido Schimmel says: ==================== Unmask upper DSCP bits - part 3 tl;dr - This patchset continues to unmask the upper DSCP bits in the IPv4 flow key in preparation for allowing IPv4 FIB rules to match on DSCP. No functional changes are expected. The TOS field in the IPv4 flow key ('flowi4_tos') is used during FIB lookup to match against the TOS selector in FIB rules and routes. It is currently impossible for user space to configure FIB rules that match on the DSCP value as the upper DSCP bits are either masked in the various call sites that initialize the IPv4 flow key or along the path to the FIB core. In preparation for adding a DSCP selector to IPv4 and IPv6 FIB rules, we need to make sure the entire DSCP value is present in the IPv4 flow key. This patchset continues to unmask the upper DSCP bits, but this time in the output route path, specifically in the callers of ip_route_output_ports(). The next patchset (last) will handle the callers of ip_route_output_key(). Split from this patchset to avoid going over the 15 patches limit. No functional changes are expected as commit 1fa3314c14c6 ("ipv4: Centralize TOS matching") moved the masking of the upper DSCP bits to the core where 'flowi4_tos' is matched against the TOS selector. ==================== Link: https://patch.msgid.link/20240903135327.2810535-1-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit c9a1e2629d10669e86b772add4fdea84252442da Author: Ido Schimmel Date: Tue Sep 3 16:53:27 2024 +0300 ipv6: sit: Unmask upper DSCP bits in ipip6_tunnel_bind_dev() Unmask the upper DSCP bits when calling ip_route_output_ports() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Reviewed-by: David Ahern Link: https://patch.msgid.link/20240903135327.2810535-5-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit de1fb3e8b053bf29ab366ae56b43659e87985928 Author: Ido Schimmel Date: Tue Sep 3 16:53:26 2024 +0300 ip6_tunnel: Unmask upper DSCP bits in ip4ip6_err() Unmask the upper DSCP bits when calling ip_route_output_ports() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Reviewed-by: David Ahern Link: https://patch.msgid.link/20240903135327.2810535-4-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 97edbbaad30368c2e0219d21987ceba5a303ba5f Author: Ido Schimmel Date: Tue Sep 3 16:53:25 2024 +0300 ipv4: ipmr: Unmask upper DSCP bits in ipmr_queue_xmit() Unmask the upper DSCP bits when calling ip_route_output_ports() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Reviewed-by: David Ahern Link: https://patch.msgid.link/20240903135327.2810535-3-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 71f1fea4f65deeb0e1a4442fe661cfc5a541a036 Author: Ido Schimmel Date: Tue Sep 3 16:53:24 2024 +0300 ipv4: Unmask upper DSCP bits in __ip_queue_xmit() The function is passed the full DS field in its 'tos' argument by its two callers. It then masks the upper DSCP bits using RT_TOS() when passing it to ip_route_output_ports(). Unmask the upper DSCP bits when passing 'tos' to ip_route_output_ports() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Reviewed-by: David Ahern Link: https://patch.msgid.link/20240903135327.2810535-2-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 6ffa72acc9c933a065782cb49afde1130ca722f7 Author: Chen Ni Date: Wed Sep 4 09:44:41 2024 +0800 selftests: net: convert comma to semicolon Replace comma between expressions with semicolons. Using a ',' in place of a ';' can have unintended side effects. Although that is not the case here, it is seems best to use ';' unless ',' is intended. Found by inspection. No functional change intended. Compile tested only. Signed-off-by: Chen Ni Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240904014441.1065753-1-nichen@iscas.ac.cn Signed-off-by: Jakub Kicinski commit eff5b5fffc1d39fb9e5e66d6aa4ed3fcb109caac Author: Yonghong Song Date: Wed Sep 4 15:12:56 2024 -0700 selftests/bpf: Add a selftest for x86 jit convergence issues The core part of the selftest, i.e., the je <-> jmp cycle, mimics the original sched-ext bpf program. The test will fail without the previous patch. I tried to create some cases for other potential cycles (je <-> je, jmp <-> je and jmp <-> jmp) with similar pattern to the test in this patch, but failed. So this patch only contains one test for je <-> jmp cycle. Signed-off-by: Yonghong Song Link: https://lore.kernel.org/r/20240904221256.37389-1-yonghong.song@linux.dev Signed-off-by: Alexei Starovoitov commit c8831bdbfbab672c006a18006d36932a494b2fd6 Author: Yonghong Song Date: Wed Sep 4 15:12:51 2024 -0700 bpf, x64: Fix a jit convergence issue Daniel Hodges reported a jit error when playing with a sched-ext program. The error message is: unexpected jmp_cond padding: -4 bytes But further investigation shows the error is actual due to failed convergence. The following are some analysis: ... pass4, final_proglen=4391: ... 20e: 48 85 ff test rdi,rdi 211: 74 7d je 0x290 213: 48 8b 77 00 mov rsi,QWORD PTR [rdi+0x0] ... 289: 48 85 ff test rdi,rdi 28c: 74 17 je 0x2a5 28e: e9 7f ff ff ff jmp 0x212 293: bf 03 00 00 00 mov edi,0x3 Note that insn at 0x211 is 2-byte cond jump insn for offset 0x7d (-125) and insn at 0x28e is 5-byte jmp insn with offset -129. pass5, final_proglen=4392: ... 20e: 48 85 ff test rdi,rdi 211: 0f 84 80 00 00 00 je 0x297 217: 48 8b 77 00 mov rsi,QWORD PTR [rdi+0x0] ... 28d: 48 85 ff test rdi,rdi 290: 74 1a je 0x2ac 292: eb 84 jmp 0x218 294: bf 03 00 00 00 mov edi,0x3 Note that insn at 0x211 is 6-byte cond jump insn now since its offset becomes 0x80 based on previous round (0x293 - 0x213 = 0x80). At the same time, insn at 0x292 is a 2-byte insn since its offset is -124. pass6 will repeat the same code as in pass4. pass7 will repeat the same code as in pass5, and so on. This will prevent eventual convergence. Passes 1-14 are with padding = 0. At pass15, padding is 1 and related insn looks like: 211: 0f 84 80 00 00 00 je 0x297 217: 48 8b 77 00 mov rsi,QWORD PTR [rdi+0x0] ... 24d: 48 85 d2 test rdx,rdx The similar code in pass14: 211: 74 7d je 0x290 213: 48 8b 77 00 mov rsi,QWORD PTR [rdi+0x0] ... 249: 48 85 d2 test rdx,rdx 24c: 74 21 je 0x26f 24e: 48 01 f7 add rdi,rsi ... Before generating the following insn, 250: 74 21 je 0x273 "padding = 1" enables some checking to ensure nops is either 0 or 4 where #define INSN_SZ_DIFF (((addrs[i] - addrs[i - 1]) - (prog - temp))) nops = INSN_SZ_DIFF - 2 In this specific case, addrs[i] = 0x24e // from pass14 addrs[i-1] = 0x24d // from pass15 prog - temp = 3 // from 'test rdx,rdx' in pass15 so nops = -4 and this triggers the failure. To fix the issue, we need to break cycles of je <-> jmp. For example, in the above case, we have 211: 74 7d je 0x290 the offset is 0x7d. If 2-byte je insn is generated only if the offset is less than 0x7d (<= 0x7c), the cycle can be break and we can achieve the convergence. I did some study on other cases like je <-> je, jmp <-> je and jmp <-> jmp which may cause cycles. Those cases are not from actual reproducible cases since it is pretty hard to construct a test case for them. the results show that the offset <= 0x7b (0x7b = 123) should be enough to cover all cases. This patch added a new helper to generate 8-bit cond/uncond jmp insns only if the offset range is [-128, 123]. Reported-by: Daniel Hodges Signed-off-by: Yonghong Song Link: https://lore.kernel.org/r/20240904221251.37109-1-yonghong.song@linux.dev Signed-off-by: Alexei Starovoitov commit 1083d733eb2624837753046924a9248555a1bfbf Author: Ido Schimmel Date: Tue Sep 3 16:35:54 2024 +0300 ipv4: Fix user space build failure due to header change RT_TOS() from include/uapi/linux/in_route.h is defined using IPTOS_TOS_MASK from include/uapi/linux/ip.h. This is problematic for files such as include/net/ip_fib.h that want to use RT_TOS() as without including both header files kernel compilation fails: In file included from ./include/net/ip_fib.h:25, from ./include/net/route.h:27, from ./include/net/lwtunnel.h:9, from net/core/dst.c:24: ./include/net/ip_fib.h: In function ‘fib_dscp_masked_match’: ./include/uapi/linux/in_route.h:31:32: error: ‘IPTOS_TOS_MASK’ undeclared (first use in this function) 31 | #define RT_TOS(tos) ((tos)&IPTOS_TOS_MASK) | ^~~~~~~~~~~~~~ ./include/net/ip_fib.h:440:45: note: in expansion of macro ‘RT_TOS’ 440 | return dscp == inet_dsfield_to_dscp(RT_TOS(fl4->flowi4_tos)); Therefore, cited commit changed linux/in_route.h to include linux/ip.h. However, as reported by David, this breaks iproute2 compilation due overlapping definitions between linux/ip.h and /usr/include/netinet/ip.h: In file included from ../include/uapi/linux/in_route.h:5, from iproute.c:19: ../include/uapi/linux/ip.h:25:9: warning: "IPTOS_TOS" redefined 25 | #define IPTOS_TOS(tos) ((tos)&IPTOS_TOS_MASK) | ^~~~~~~~~ In file included from iproute.c:17: /usr/include/netinet/ip.h:222:9: note: this is the location of the previous definition 222 | #define IPTOS_TOS(tos) ((tos) & IPTOS_TOS_MASK) Fix by changing include/net/ip_fib.h to include linux/ip.h. Note that usage of RT_TOS() should not spread further in the kernel due to recent work in this area. Fixes: 1fa3314c14c6 ("ipv4: Centralize TOS matching") Reported-by: David Ahern Closes: https://lore.kernel.org/netdev/2f5146ff-507d-4cab-a195-b28c0c9e654e@kernel.org/ Signed-off-by: Ido Schimmel Reviewed-by: David Ahern Reviewed-by: Guillaume Nault Link: https://patch.msgid.link/20240903133554.2807343-1-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 510c0732fc8cabe7bca8de291c74d3f3cc36df48 Author: James Chapman Date: Tue Sep 3 12:35:47 2024 +0100 l2tp: remove unneeded null check in l2tp_v2_session_get_next Commit aa92c1cec92b ("l2tp: add tunnel/session get_next helpers") uses idr_get_next APIs to iterate over l2tp session IDR lists. Sessions in l2tp_v2_session_idr always have a non-null session->tunnel pointer since l2tp_session_register sets it before inserting the session into the IDR. Therefore the null check on session->tunnel in l2tp_v2_session_get_next is redundant and can be removed. Removing the check avoids a warning from lkp. Reported-by: kernel test robot Closes: https://lore.kernel.org/r/202408111407.HtON8jqa-lkp@intel.com/ CC: Dan Carpenter Signed-off-by: James Chapman Acked-by: Tom Parkin Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240903113547.1261048-1-jchapman@katalix.com Signed-off-by: Jakub Kicinski commit 1705341485ff1eec097dfa26891d03afe5907e16 Author: Shradha Gupta Date: Sun Sep 1 20:45:34 2024 -0700 net: mana: Improve mana_set_channels() in low mem conditions The mana_set_channels() function requires detaching the mana driver and reattaching it with changed channel values. During this operation if the system is low on memory, the reattach might fail, causing the network device being down. To avoid this we pre-allocate buffers at the beginning of set operation, to prevent complete network loss Signed-off-by: Shradha Gupta Reviewed-by: Gerhard Engleder Reviewed-by: Haiyang Zhang Link: https://patch.msgid.link/1725248734-21760-1-git-send-email-shradhagupta@linux.microsoft.com Signed-off-by: Jakub Kicinski commit 4e893545ef8712d25f3176790ebb95beb073637e Author: Mariusz Tkaczyk Date: Wed Sep 4 12:48:47 2024 +0200 PCI/NPEM: Add Native PCIe Enclosure Management support Native PCIe Enclosure Management (NPEM, PCIe r6.1 sec 6.28) allows managing LEDs in storage enclosures. NPEM is indication oriented and it does not give direct access to LEDs. Although each indication *could* represent an individual LED, multiple indications could also be represented as a single, multi-color LED or a single LED blinking in a specific interval. The specification leaves that open. Each enabled indication (capability register bit on) is represented as a ledclass_dev which can be controlled through sysfs. For every ledclass device only 2 brightness states are allowed: LED_ON (1) or LED_OFF (0). This corresponds to the NPEM control register (Indication bit on/off). Ledclass devices appear in sysfs as child devices (subdirectory) of PCI device which has an NPEM Extended Capability and indication is enabled in NPEM capability register. For example, these are LEDs created for pcieport "10000:02:05.0" on my setup: leds/ ├── 10000:02:05.0:enclosure:fail ├── 10000:02:05.0:enclosure:locate ├── 10000:02:05.0:enclosure:ok └── 10000:02:05.0:enclosure:rebuild They can be also found in "/sys/class/leds" directory. The parent PCIe device domain/bus/device/function address is used to guarantee uniqueness across leds subsystem. To enable/disable a "fail" indication, the "brightness" file can be edited: echo 1 > ./leds/10000:02:05.0:enclosure:fail/brightness echo 0 > ./leds/10000:02:05.0:enclosure:fail/brightness PCIe r6.1, sec 7.9.19.2 defines the possible indications. Multiple indications for same parent PCIe device can conflict and hardware may update them when processing new request. To avoid issues, driver refresh all indications by reading back control register. This driver expects to be the exclusive NPEM extended capability manager. It waits up to 1 second after imposing new request, it doesn't verify if controller is busy before write, and it assumes the mutex lock gives protection from concurrent updates. If _DSM LED management is available, we assume the platform may be using NPEM for its own purposes (see PCI Firmware Spec r3.3 sec 4.7), so the driver does not use NPEM. A future patch will add _DSM support; an info message notes whether NPEM or _DSM is being used. NPEM is a PCIe extended capability so it should be registered in pcie_init_capabilities() but it is not possible due to LED dependency. The parent pci_device must be added earlier for led_classdev_register() to be successful. NPEM does not require configuration on kernel side, so it is safe to register LED devices later. Link: https://lore.kernel.org/r/20240904104848.23480-3-mariusz.tkaczyk@linux.intel.com Suggested-by: Lukas Wunner Signed-off-by: Mariusz Tkaczyk Signed-off-by: Bjorn Helgaas Tested-by: Stuart Hayes Reviewed-by: Christoph Hellwig Reviewed-by: Ilpo Järvinen commit 78efa53e715e21a97c722dba20f8437a0860521e Author: Mariusz Tkaczyk Date: Wed Sep 4 12:48:46 2024 +0200 leds: Init leds class earlier NPEM driver will require leds class, there is an init-order conflict. Make sure that LEDs initialization happens first and add comment. Link: https://lore.kernel.org/r/20240904104848.23480-2-mariusz.tkaczyk@linux.intel.com Suggested-by: Dan Williams Signed-off-by: Mariusz Tkaczyk Signed-off-by: Bjorn Helgaas Tested-by: Stuart Hayes Reviewed-by: Christoph Hellwig Reviewed-by: Ilpo Järvinen commit 2d2b3bc145b9d5b5c6f07d22291723ddb024ca76 Author: Mateusz Kusiak Date: Tue Sep 3 16:29:49 2024 +0200 md: Report failed arrays as broken in mdstat Depending on if array has personality, it is either reported as active or inactive. This patch adds third status "broken" for arrays with personality that became inoperative. The reason is end users tend to assume that "active" indicates array is operational. Add "broken" state for inoperative arrays with personality and refactor the code. Signed-off-by: Mateusz Kusiak Link: https://lore.kernel.org/r/20240903142949.53628-1-mateusz.kusiak@intel.com Signed-off-by: Song Liu commit 649e980dadee36f961738d054627225542d547a2 Merge: a4103eacc2ab40 2ad6d23f465a4f Author: Tejun Heo Date: Wed Sep 4 11:41:32 2024 -1000 Merge branch 'bpf/master' into for-6.12 Pull bpf/master to receive baebe9aaba1e ("bpf: allow passing struct bpf_iter_ as kfunc arguments") and related changes in preparation for the DSQ iterator patchset. Signed-off-by: Tejun Heo commit ab309b6e084c70a29f9fa3cee797572bd2340901 Author: Miguel Ojeda Date: Wed Sep 4 16:42:29 2024 +0200 rust: avoid `box_uninit_write` feature Like commit 0903b9e2a46c ("rust: alloc: eschew `Box>::write`"), but for the new `rbtree` and `alloc` code. That is, `feature(new_uninit)` [1] got partially stabilized [2] for Rust 1.82.0 (expected to be released on 2024-10-17), but it did not include `Box>::write`, which got split into `feature(box_uninit_write)` [3]. To avoid relying on a new unstable feature, rewrite the `write` + `assume_init` pair manually. Link: https://github.com/rust-lang/rust/issues/63291 [1] Link: https://github.com/rust-lang/rust/pull/129401 [2] Link: https://github.com/rust-lang/rust/issues/129397 [3] Reviewed-by: Alice Ryhl Reviewed-by: Matt Gilbride Link: https://lore.kernel.org/r/20240904144229.18592-1-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit f0a6ecebd858658df213d114b0530f8f0b96e396 Author: Masami Hiramatsu (Google) Date: Thu Sep 5 00:30:21 2024 +0900 selftests/ftrace: Fix eventfs ownership testcase to find mount point Fix eventfs ownership testcase to find mount point if stat -c "%m" failed. This can happen on the system based on busybox. In this case, this will try to use the current working directory, which should be a tracefs top directory (and eventfs is mounted as a part of tracefs.) If it does not work, the test is skipped as UNRESOLVED because of the environmental problem. Fixes: ee9793be08b1 ("tracing/selftests: Add ownership modification tests for eventfs") Signed-off-by: Masami Hiramatsu (Google) Acked-by: Steven Rostedt (Google) Signed-off-by: Shuah Khan commit 8c7e22fc917a0d76794ebf3fcd81f9d91cee4f5d Author: Waiman Long Date: Sat Aug 31 09:57:03 2024 -0400 cgroup/cpuset: Move cpu.h include to cpuset-internal.h The newly created cpuset-v1.c file uses cpus_read_lock/unlock() functions which are defined in cpu.h but not included in cpuset-internal.h yet leading to compilation error under certain kernel configurations. Fix it by moving the cpu.h include from cpuset.c to cpuset-internal.h. While at it, sort the include files in alphabetic order. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408311612.mQTuO946-lkp@intel.com/ Fixes: 047b83097448 ("cgroup/cpuset: move relax_domain_level to cpuset-v1.c") Signed-off-by: Waiman Long Signed-off-by: Tejun Heo commit d92e9ea2f0f918d7b01cbacb838288bffccc8954 Author: Fabien Parent Date: Wed Sep 4 11:26:55 2024 -0700 arm64: dts: qcom: msm8939: revert use of APCS mbox for RPM Commit 22e4e43484c4 ("arm64: dts: qcom: msm8939: Use mboxes properties for APCS") broke the boot on msm8939 platforms. The issue comes from the SMD driver failing to request the mbox channel because of circular dependencies: 1. rpm -> apcs1_mbox -> rpmcc (RPM_SMD_XO_CLK_SRC) -> rpm. 2. rpm -> apcs1_mbox -> gcc -> rpmcc (RPM_SMD_XO_CLK_SRC) -> rpm 3. rpm -> apcs1_mbox -> apcs2 -> gcc -> rpmcc (RPM_SMD_XO_CLK_SRC) -> rpm To fix this issue let's switch back to using the deprecated qcom,ipc property for the RPM node. Fixes: 22e4e43484c4 ("arm64: dts: qcom: msm8939: Use mboxes properties for APCS") Signed-off-by: Fabien Parent Link: https://lore.kernel.org/r/20240904-msm8939-rpm-apcs-fix-v1-1-b608e7e48fe1@linaro.org Signed-off-by: Bjorn Andersson commit a4103eacc2ab408bb65e9902f0857b219fb489de Author: Tejun Heo Date: Wed Sep 4 10:24:59 2024 -1000 sched_ext: Add a cgroup scheduler which uses flattened hierarchy This patch adds scx_flatcg example scheduler which implements hierarchical weight-based cgroup CPU control by flattening the cgroup hierarchy into a single layer by compounding the active weight share at each level. This flattening of hierarchy can bring a substantial performance gain when the cgroup hierarchy is nested multiple levels. in a simple benchmark using wrk[8] on apache serving a CGI script calculating sha1sum of a small file, it outperforms CFS by ~3% with CPU controller disabled and by ~10% with two apache instances competing with 2:1 weight ratio nested four level deep. However, the gain comes at the cost of not being able to properly handle thundering herd of cgroups. For example, if many cgroups which are nested behind a low priority parent cgroup wake up around the same time, they may be able to consume more CPU cycles than they are entitled to. In many use cases, this isn't a real concern especially given the performance gain. Also, there are ways to mitigate the problem further by e.g. introducing an extra scheduling layer on cgroup delegation boundaries. v5: - Updated to specify SCX_OPS_HAS_CGROUP_WEIGHT instead of SCX_OPS_KNOB_CGROUP_WEIGHT. v4: - Revert reference counted kptr for cgv_node as the change caused easily reproducible stalls. v3: - Updated to reflect the core API changes including ops.init/exit_task() and direct dispatch from ops.select_cpu(). Fixes and improvements including additional statistics. - Use reference counted kptr for cgv_node instead of xchg'ing against stash location. - Dropped '-p' option. v2: - Use SCX_BUG[_ON]() to simplify error handling. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit 8195136669661fdfe54e9a8923c33b31c92fc1da Author: Tejun Heo Date: Wed Sep 4 10:24:59 2024 -1000 sched_ext: Add cgroup support Add sched_ext_ops operations to init/exit cgroups, and track task migrations and config changes. A BPF scheduler may not implement or implement only subset of cgroup features. The implemented features can be indicated using %SCX_OPS_HAS_CGOUP_* flags. If cgroup configuration makes use of features that are not implemented, a warning is triggered. While a BPF scheduler is being enabled and disabled, relevant cgroup operations are locked out using scx_cgroup_rwsem. This avoids situations like task prep taking place while the task is being moved across cgroups, making things easier for BPF schedulers. v7: - cgroup interface file visibility toggling is dropped in favor just warning messages. Dynamically changing interface visiblity caused more confusion than helping. v6: - Updated to reflect the removal of SCX_KF_SLEEPABLE. - Updated to use CONFIG_GROUP_SCHED_WEIGHT and fixes for !CONFIG_FAIR_GROUP_SCHED && CONFIG_EXT_GROUP_SCHED. v5: - Flipped the locking order between scx_cgroup_rwsem and cpus_read_lock() to avoid locking order conflict w/ cpuset. Better documentation around locking. - sched_move_task() takes an early exit if the source and destination are identical. This triggered the warning in scx_cgroup_can_attach() as it left p->scx.cgrp_moving_from uncleared. Updated the cgroup migration path so that ops.cgroup_prep_move() is skipped for identity migrations so that its invocations always match ops.cgroup_move() one-to-one. v4: - Example schedulers moved into their own patches. - Fix build failure when !CONFIG_CGROUP_SCHED, reported by Andrea Righi. v3: - Make scx_example_pair switch all tasks by default. - Convert to BPF inline iterators. - scx_bpf_task_cgroup() is added to determine the current cgroup from CPU controller's POV. This allows BPF schedulers to accurately track CPU cgroup membership. - scx_example_flatcg added. This demonstrates flattened hierarchy implementation of CPU cgroup control and shows significant performance improvement when cgroups which are nested multiple levels are under competition. v2: - Build fixes for different CONFIG combinations. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden Reported-by: kernel test robot Cc: Andrea Righi commit e179e80c5d4fef458c3cbc3ad4ea17c6d42c0446 Author: Tejun Heo Date: Wed Sep 4 10:24:59 2024 -1000 sched: Introduce CONFIG_GROUP_SCHED_WEIGHT sched_ext will soon add cgroup cpu.weigh support. The cgroup interface code is currently gated behind CONFIG_FAIR_GROUP_SCHED. As the fair class and/or SCX may implement the feature, put the interface code behind the new CONFIG_CGROUP_SCHED_WEIGHT which is selected by CONFIG_FAIR_GROUP_SCHED. This allows either sched class to enable the itnerface code without ading more complex CONFIG tests. When !CONFIG_FAIR_GROUP_SCHED, a dummy version of sched_group_set_shares() is added to support later CONFIG_CGROUP_SCHED_WEIGHT && !CONFIG_FAIR_GROUP_SCHED builds. No functional changes. Signed-off-by: Tejun Heo commit 41082c1d1d2bf6c3e989785fd1def0f09cede446 Author: Tejun Heo Date: Wed Sep 4 10:24:59 2024 -1000 sched: Make cpu_shares_read_u64() use tg_weight() Move tg_weight() upward and make cpu_shares_read_u64() use it too. This makes the weight retrieval shared between cgroup v1 and v2 paths and will be used to implement cgroup support for sched_ext. No functional changes. Signed-off-by: Tejun Heo commit 859dc4ec5a4321298d8978cb6eeb3e21a2eebab5 Author: Tejun Heo Date: Wed Sep 4 10:24:59 2024 -1000 sched: Expose css_tg() A new BPF extensible sched_class will use css_tg() in the init and exit paths to visit all task_groups by walking cgroups. v4: __setscheduler_prio() is already exposed. Dropped from this patch. v3: Dropped SCHED_CHANGE_BLOCK() as upstream is adding more generic cleanup mechanism. v2: Expose SCHED_CHANGE_BLOCK() too and update the description. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit a8532fac7b5d27b8d62008a89593dccb6f9786ef Author: Tejun Heo Date: Fri Aug 30 22:02:34 2024 -1000 sched_ext: TASK_DEAD tasks must be switched into SCX on ops_enable During scx_ops_enable(), SCX needs to invoke the sleepable ops.init_task() on every task. To do this, it does get_task_struct() on each iterated task, drop the lock and then call ops.init_task(). However, a TASK_DEAD task may already have lost all its usage count and be waiting for RCU grace period to be freed. If get_task_struct() is called on such task, use-after-free can happen. To avoid such situations, scx_ops_enable() skips initialization of TASK_DEAD tasks, which seems safe as they are never going to be scheduled again. Unfortunately, a racing sched_setscheduler(2) can grab the task before the task is unhashed and then continue to e.g. move the task from RT to SCX after TASK_DEAD is set and ops_enable skipped the task. As the task hasn't gone through scx_ops_init_task(), scx_ops_enable_task() called from switching_to_scx() triggers the following warning: sched_ext: Invalid task state transition 0 -> 3 for stress-ng-race-[2872] WARNING: CPU: 6 PID: 2367 at kernel/sched/ext.c:3327 scx_ops_enable_task+0x18f/0x1f0 ... RIP: 0010:scx_ops_enable_task+0x18f/0x1f0 ... switching_to_scx+0x13/0xa0 __sched_setscheduler+0x84e/0xa50 do_sched_setscheduler+0x104/0x1c0 __x64_sys_sched_setscheduler+0x18/0x30 do_syscall_64+0x7b/0x140 entry_SYSCALL_64_after_hwframe+0x76/0x7e As in the ops_disable path, it just doesn't seem like a good idea to leave any task in an inconsistent state, even when the task is dead. The root cause is ops_enable not being able to tell reliably whether a task is truly dead (no one else is looking at it and it's about to be freed) and was testing TASK_DEAD instead. Fix it by testing the task's usage count directly. - ops_init no longer ignores TASK_DEAD tasks. As now all users iterate all tasks, @include_dead is removed from scx_task_iter_next_locked() along with dead task filtering. - tryget_task_struct() is added. Tasks are skipped iff tryget_task_struct() fails. Signed-off-by: Tejun Heo Cc: David Vernet Cc: Peter Zijlstra commit 61eeb9a90522da89b95a1f02060fd5a2caaae4df Author: Tejun Heo Date: Fri Aug 30 13:44:40 2024 -1000 sched_ext: TASK_DEAD tasks must be switched out of SCX on ops_disable scx_ops_disable_workfn() only switches !TASK_DEAD tasks out of SCX while calling scx_ops_exit_task() on all tasks including dead ones. This can leave a dead task on SCX but with SCX_TASK_NONE state, which is inconsistent. If another task was in the process of changing the TASK_DEAD task's scheduling class and grabs the rq lock after scx_ops_disable_workfn() is done with the task, the task ends up calling scx_ops_disable_task() on the dead task which is in an inconsistent state triggering a warning: WARNING: CPU: 6 PID: 3316 at kernel/sched/ext.c:3411 scx_ops_disable_task+0x12c/0x160 ... RIP: 0010:scx_ops_disable_task+0x12c/0x160 ... Call Trace: check_class_changed+0x2c/0x70 __sched_setscheduler+0x8a0/0xa50 do_sched_setscheduler+0x104/0x1c0 __x64_sys_sched_setscheduler+0x18/0x30 do_syscall_64+0x7b/0x140 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7f140d70ea5b There is no reason to leave dead tasks on SCX when unloading the BPF scheduler. Fix by making scx_ops_disable_workfn() eject all tasks including the dead ones from SCX. Signed-off-by: Tejun Heo commit c3e093efbc6cac7bf9dc531dcb751b86daaa65b0 Author: Mario Limonciello Date: Sun Sep 1 00:00:35 2024 -0500 cpufreq/amd-pstate: Catch failures for amd_pstate_epp_update_limit() amd_pstate_set_epp() calls cppc_set_epp_perf() which can fail for a variety of reasons but this is ignored. Change the return flow to allow failures. Reviewed-by: Perry Yuan Signed-off-by: Mario Limonciello commit 23457b37ec3f9bb373d43cca61db371303726a1e Author: Feng Yang Date: Tue Sep 3 15:25:59 2024 +0800 selftests: bpf: Replace sizeof(arr)/sizeof(arr[0]) with ARRAY_SIZE The ARRAY_SIZE macro is more compact and more formal in linux source. Signed-off-by: Feng Yang Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240903072559.292607-1-yangfeng59949@163.com commit 6fee7a7e9ad8613251d74472fb5bd2c6464f234a Merge: 46f4ea04e053e5 00750788dfc6b5 Author: Alexei Starovoitov Date: Wed Sep 4 12:45:18 2024 -0700 Merge branch 'bpf-follow-up-on-gen_epilogue' Martin KaFai Lau says: ==================== bpf: Follow up on gen_epilogue From: Martin KaFai Lau The set addresses some follow ups on the earlier gen_epilogue patch set. ==================== Acked-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240904180847.56947-1-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov commit 00750788dfc6b5167a294915e2690d8af182c496 Author: Martin KaFai Lau Date: Wed Sep 4 11:08:45 2024 -0700 bpf: Fix indentation issue in epilogue_idx There is a report on new indentation issue in epilogue_idx. This patch fixed it. Fixes: 169c31761c8d ("bpf: Add gen_epilogue to bpf_verifier_ops") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408311622.4GzlzN33-lkp@intel.com/ Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240904180847.56947-3-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov commit 940ce73bdec5a020fec058ba947d2bf627462c53 Author: Martin KaFai Lau Date: Wed Sep 4 11:08:44 2024 -0700 bpf: Remove the insn_buf array stack usage from the inline_bpf_loop() This patch removes the insn_buf array stack usage from the inline_bpf_loop(). Instead, the env->insn_buf is used. The usage in inline_bpf_loop() needs more than 16 insn, so the INSN_BUF_SIZE needs to be increased from 16 to 32. The compiler stack size warning on the verifier is gone after this change. Cc: Eduard Zingerman Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240904180847.56947-2-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov commit 35439fe4e29bca5fe8da8ed3f8524ef98f3e7aae Author: Aditya Gupta Date: Thu Sep 5 00:31:31 2024 +0530 perf check: Fix inconsistencies in feature names Fix two inconsistencies in feature names as discussed in [1]: 1. Rename "dwarf-unwind-support" to "dwarf-unwind" 2. 'get_cpuid' feature and 'HAVE_AUXTRACE_SUPPORT' names don't look related, change the feature name to 'auxtrace' to match the macro name, as 'get_cpuid' string is not used anywhere to check the feature presence [1]: https://lore.kernel.org/linux-perf-users/ZoRw5we4HLSTZND6@x1/ Suggested-by: Arnaldo Carvalho de Melo Signed-off-by: Aditya Gupta Cc: Athira Rajeev Cc: Disha Goel Cc: Ian Rogers Cc: Jiri Olsa Cc: Kajol Jain Cc: Madhavan Srinivasan Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240904190132.415212-7-adityag@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 512fcf7d9d7fb3751b03db45977b7fabaadfaecd Author: Athira Rajeev Date: Thu Sep 5 00:31:30 2024 +0530 perf tests probe_vfs_getname.sh: Update to use 'perf check feature' In probe_vfs_getname.sh, current we use "perf record --dry-run" to check for libtraceevent and skip the test if perf is not build with libtraceevent. Change the check to use "perf check feature" option Signed-off-by: Athira Rajeev Acked-by: Namhyung Kim Cc: Disha Goel Cc: Ian Rogers Cc: Jiri Olsa Cc: Kajol Jain Cc: Madhavan Srinivasan Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240904190132.415212-6-adityag@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 8a028502b4124eb9e37b5216e440ebb9e187b0a1 Author: Aditya Gupta Date: Thu Sep 5 00:31:29 2024 +0530 perf tools test_task_analyzer.sh: Update to use 'perf check feature' Currently we use output of 'perf version --build-options', to check whether perf was built with libtraceevent support. Instead, use 'perf check feature libtraceevent' to check for libtraceevent support. Reviewed-by: Athira Rajeev Signed-off-by: Aditya Gupta Acked-by: Namhyung Kim Cc: Disha Goel Cc: Ian Rogers Cc: Jiri Olsa Cc: Kajol Jain Cc: Madhavan Srinivasan Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240904190132.415212-5-adityag@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 6cdd7750de408b08c9f77ac23723d48598fbeca7 Author: Aditya Gupta Date: Thu Sep 5 00:31:28 2024 +0530 perf version: Update --build-options to use 'supported_features' array Now that the feature list has been duplicated in a global 'supported_features' array, use that array instead of manually checking status of built-in features. This helps in being consistent with commands such as 'perf check feature', so commands can use the same array, and any new feature can be added at one place, in the 'supported_features' array Reviewed-by: Athira Rajeev Signed-off-by: Aditya Gupta Acked-by: Namhyung Kim Cc: Disha Goel Cc: Ian Rogers Cc: Jiri Olsa Cc: Kajol Jain Cc: Madhavan Srinivasan Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240904190132.415212-4-adityag@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit e328ab3de4d8147e2458a524db0f7661e7c28ac7 Merge: 77e6a5e40aa393 815f1fcf240345 Author: Mark Brown Date: Wed Sep 4 20:09:26 2024 +0100 Some clean up with helper fucntion Merge series from Zhang Zekun : There are some helper functions which can be used to simplify the code. So, let's use these functions to make code more simple. commit 2351e8c65404aabc433300b6bf90c7a37e8bbc4d Author: Daniel Jordan Date: Wed Sep 4 13:55:30 2024 -0400 ktest.pl: Avoid false positives with grub2 skip regex Some distros have grub2 config files with the lines if [ x"${feature_menuentry_id}" = xy ]; then menuentry_id_option="--id" else menuentry_id_option="" fi which match the skip regex defined for grub2 in get_grub_index(): $skip = '^\s*menuentry'; These false positives cause the grub number to be higher than it should be, and the wrong kernel can end up booting. Grub documents the menuentry command with whitespace between it and the title, so make the skip regex reflect this. Link: https://lore.kernel.org/20240904175530.84175-1-daniel.m.jordan@oracle.com Signed-off-by: Daniel Jordan Acked-by: John 'Warthog9' Hawley (Tenstorrent) Signed-off-by: Steven Rostedt commit d441734d0cfcebc5780bc1880d871f92debb588a Author: Steven Rostedt Date: Mon Aug 19 17:20:28 2024 -0400 ktest.pl: Always warn on build warnings If a warning happens at build, give a warning at the end: Build time: 1 minute 40 seconds Install time: 17 seconds Reboot time: 25 seconds *** WARNING found in build: 1 *** ******************************************* ******************************************* KTEST RESULT: TEST 1 SUCCESS!!!! ** ******************************************* ******************************************* This way, even if the test isn't made to fail on warnings during the build, a message is still displayed that warnings were found. Link: https://lore.kernel.org/<20240819172028.3a7fae09@gandalf.local.home> Acked-by: John 'Warthog9' Hawley (Tenstorrent) Signed-off-by: Steven Rostedt commit 46f4ea04e053e5dd01459bfbbd8e905a4ccd4190 Author: Rong Tao Date: Sat Aug 31 08:03:38 2024 +0800 samples/bpf: Remove sample tracex2 In commit ba8de796baf4 ("net: introduce sk_skb_reason_drop function") kfree_skb_reason() becomes an inline function and cannot be traced. samples/bpf is abandonware by now, and we should slowly but surely convert whatever makes sense into BPF selftests under tools/testing/selftests/bpf and just get rid of the rest. Link: https://github.com/torvalds/linux/commit/ba8de796baf4bdc03530774fb284fe3c97875566 Signed-off-by: Rong Tao Link: https://lore.kernel.org/r/tencent_30ADAC88CB2915CA57E9512D4460035BA107@qq.com Signed-off-by: Alexei Starovoitov commit 2edb4f0ede44725ad88534e73ba15213cbc7d556 Author: FUKAUMI Naoki Date: Tue Sep 3 16:35:44 2024 +0900 arm64: dts: rockchip: remove duplicate nodes from dts for ROCK 4SE these nodes just define same properties in rk3399-rock-pi-4.dtsi. remove them from rk3399-rock-4se.dts. sha256sum rk3399-rock-4se.dtb generates same hash value before/after this change. Fixes: 86a0e14a82ea ("arm64: dts: rockchip: Add Radxa ROCK 4SE") Signed-off-by: FUKAUMI Naoki Link: https://lore.kernel.org/r/20240903073544.2161-1-naoki@radxa.com Signed-off-by: Heiko Stuebner commit 02baa0a2a677cf543899bc3eb43ed92caf4aba7a Author: Yuan Chen Date: Tue Sep 3 09:28:39 2024 +0800 selftests/bpf: Fix procmap_query()'s params mismatch and compilation warning When the PROCMAP_QUERY is not defined, a compilation error occurs due to the mismatch of the procmap_query()'s params, procmap_query() only be called in the file where the function is defined, modify the params so they can match. We get a warning when build samples/bpf: trace_helpers.c:252:5: warning: no previous prototype for ‘procmap_query’ [-Wmissing-prototypes] 252 | int procmap_query(int fd, const void *addr, __u32 query_flags, size_t *start, size_t *offset, int *flags) | ^~~~~~~~~~~~~ As this function is only used in the file, mark it as 'static'. Fixes: 4e9e07603ecd ("selftests/bpf: make use of PROCMAP_QUERY ioctl if available") Signed-off-by: Yuan Chen Link: https://lore.kernel.org/r/20240903012839.3178-1-chenyuan_fl@163.com Signed-off-by: Alexei Starovoitov commit ddbe9ec55039dd5c3f0299ba88b31764a2869dba Author: Xu Kuohai Date: Tue Sep 3 17:44:07 2024 +0800 bpf, arm64: Jit BPF_CALL to direct call when possible Currently, BPF_CALL is always jited to indirect call. When target is within the range of direct call, BPF_CALL can be jited to direct call. For example, the following BPF_CALL call __htab_map_lookup_elem is always jited to indirect call: mov x10, #0xffffffffffff18f4 movk x10, #0x821, lsl #16 movk x10, #0x8000, lsl #32 blr x10 When the address of target __htab_map_lookup_elem is within the range of direct call, the BPF_CALL can be jited to: bl 0xfffffffffd33bc98 This patch does such jit optimization by emitting arm64 direct calls for BPF_CALL when possible, indirect calls otherwise. Without this patch, the jit works as follows. 1. First pass A. Determine jited position and size for each bpf instruction. B. Computed the jited image size. 2. Allocate jited image with size computed in step 1. 3. Second pass A. Adjust jump offset for jump instructions B. Write the final image. This works because, for a given bpf prog, regardless of where the jited image is allocated, the jited result for each instruction is fixed. The second pass differs from the first only in adjusting the jump offsets, like changing "jmp imm1" to "jmp imm2", while the position and size of the "jmp" instruction remain unchanged. Now considering whether to jit BPF_CALL to arm64 direct or indirect call instruction. The choice depends solely on the jump offset: direct call if the jump offset is within 128MB, indirect call otherwise. For a given BPF_CALL, the target address is known, so the jump offset is decided by the jited address of the BPF_CALL instruction. In other words, for a given bpf prog, the jited result for each BPF_CALL is determined by its jited address. The jited address for a BPF_CALL is the jited image address plus the total jited size of all preceding instructions. For a given bpf prog, there are clearly no BPF_CALL instructions before the first BPF_CALL instruction. Since the jited result for all other instructions other than BPF_CALL are fixed, the total jited size preceding the first BPF_CALL is also fixed. Therefore, once the jited image is allocated, the jited address for the first BPF_CALL is fixed. Now that the jited result for the first BPF_CALL is fixed, the jited results for all instructions preceding the second BPF_CALL are fixed. So the jited address and result for the second BPF_CALL are also fixed. Similarly, we can conclude that the jited addresses and results for all subsequent BPF_CALL instructions are fixed. This means that, for a given bpf prog, once the jited image is allocated, the jited address and result for all instructions, including all BPF_CALL instructions, are fixed. Based on the observation, with this patch, the jit works as follows. 1. First pass Estimate the maximum jited image size. In this pass, all BPF_CALLs are jited to arm64 indirect calls since the jump offsets are unknown because the jited image is not allocated. 2. Allocate jited image with size estimated in step 1. 3. Second pass A. Determine the jited result for each BPF_CALL. B. Determine jited address and size for each bpf instruction. 4. Third pass A. Adjust jump offset for jump instructions. B. Write the final image. Signed-off-by: Xu Kuohai Reviewed-by: Puranjay Mohan Link: https://lore.kernel.org/r/20240903094407.601107-1-xukuohai@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 4e946c447a043c88b5db38501f3af174989dcc94 Author: Chris Morgan Date: Thu Aug 29 15:45:17 2024 -0500 arm64: dts: rockchip: Add GameForce Ace The GameForce Ace is a portable gaming device based on the Rockchip RK3588s SoC. The device contains the following hardware that is tested/working: - 128GB eMMC - SDMMC card slot - Ampak SDIO WiFi 5/BT - NVME 2242 socket - 8 or 12GB of RAM - Goodix based touchscreen - Stereo speakers, internal microphone, and TRRS headphone jack. - Dual GPIO vibrators (implemented as gpio-pwm because they are quite strong) - Multiple face buttons, dual analog joysticks, and dual analog triggers - PWM fan with tach pin. The device also contains the following hardware that is partially or currently not working: - 1920x1080 DSI display - HDMI port - USB-C port with DP alt-mode - TI bq25703 charger controller Signed-off-by: Chris Morgan Link: https://lore.kernel.org/r/20240829204517.398669-4-macroalpha82@gmail.com Signed-off-by: Heiko Stuebner commit 3e5be1d7e7ef3dc5413e774e580f0c2d14aa6755 Author: Chris Morgan Date: Thu Aug 29 15:45:16 2024 -0500 dt-bindings: arm: rockchip: Add GameForce Ace Add devicetree binding for the GameForce Ace. Acked-by: Krzysztof Kozlowski Signed-off-by: Chris Morgan Link: https://lore.kernel.org/r/20240829204517.398669-3-macroalpha82@gmail.com Signed-off-by: Heiko Stuebner commit bd60cae2932cd123d867bf93bdadc4bf545fcdce Author: Alex Zhao Date: Thu Aug 29 15:45:15 2024 -0500 arm64: dts: rockchip: rk3588s fix sdio pins to pull up The sdio requires the cmd and data pins to pull up by soc. Signed-off-by: Alex Zhao [adapted to pinctrl filename change] Signed-off-by: Chris Morgan Link: https://lore.kernel.org/r/20240829204517.398669-2-macroalpha82@gmail.com Signed-off-by: Heiko Stuebner commit 59fc20ba70294d2c5f620ad6206aa661ce7718d6 Author: Konrad Dybcio Date: Sun Sep 1 11:40:07 2024 +0800 irqchip/apple-aic: Only access system registers on SoCs which provide them Starting from the A11 (T8015) SoC, Apple introuced system registers for fast IPI and UNCORE PMC control. These sysregs do not exist on earlier A7-A10 SoCs and trying to access them results in an instant crash. Restrict sysreg access within the AIC driver to configurations where use_fast_ipi is true to allow AIC to function properly on A7-A10 SoCs. Co-developed-by: Nick Chan Signed-off-by: Konrad Dybcio Signed-off-by: Nick Chan Signed-off-by: Thomas Gleixner Reviewed-by: Sven Peter Link: https://lore.kernel.org/all/20240901034143.12731-5-towinchenmi@gmail.com commit a845342e6e5fb4937564f93cc88e00c732286fe3 Author: Nick Chan Date: Sun Sep 1 11:40:06 2024 +0800 irqchip/apple-aic: Add a new "Global fast IPIs only" feature level Starting with the A11 (T8015) SoC, Apple began using arm64 sysregs for fast IPIs. However, on A11, there is no such things as "Local" fast IPIs, as the SYS_IMP_APL_IPI_RR_LOCAL_EL1 register does not seem to exist. Add a new feature level, used by the compatible "apple,t8015-aic", controlled by a static branch key named use_local_fast_ipi. When use_fast_ipi is true and use_local_fast_ipi is false, fast IPIs are used but all IPIs goes through the register SYS_IMP_APL_IPI_RR_GLOBAL_EL1, as "global" IPIs. Signed-off-by: Nick Chan Signed-off-by: Thomas Gleixner Reviewed-by: Sven Peter Link: https://lore.kernel.org/all/20240901034143.12731-4-towinchenmi@gmail.com commit 5527b06c96715518bc58d1ebb29efc3653f66c5e Author: Nick Chan Date: Sun Sep 1 11:40:05 2024 +0800 irqchip/apple-aic: Skip unnecessary enabling of use_fast_ipi use_fast_ipi is true by default and there is no need to "enable" it. Signed-off-by: Nick Chan Signed-off-by: Thomas Gleixner Reviewed-by: Sven Peter Link: https://lore.kernel.org/all/20240901034143.12731-3-towinchenmi@gmail.com commit 9e65863194ad253f1de48bb9000a586e6caa5eed Author: Nick Chan Date: Sun Sep 1 11:40:04 2024 +0800 dt-bindings: apple,aic: Document A7-A11 compatibles Document and describe the compatibles for Apple A7-A11 SoCs. There are three feature levels: - apple,aic: No fast IPI, for A7-A10 - apple,t8015-aic: fast IPI, global only, for A11 - apple,t8103-aic: fast IPI with local and global support, for M1 Each feature level is an extension of the previous, for example, M1 will also work with the A7 feature level. All of A7-M1 gets its own SoC-specific compatible, and the "apple,aic" compatible as a fallback. Signed-off-by: Nick Chan Signed-off-by: Thomas Gleixner Reviewed-by: Sven Peter Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/all/20240901034143.12731-2-towinchenmi@gmail.com commit 13066fc101ca2deec1c9619e2f82ca437f38a6da Author: Jianfeng Liu Date: Sun Sep 1 02:24:24 2024 +0800 arm64: dts: rockchip: Add RGA2 support to rk3588 RK3588 also features a RGA2 block. Add the necessary device tree node. Signed-off-by: Jianfeng Liu Tested-by: Tim Surber Link: https://lore.kernel.org/r/20240831182424.758816-2-liujianfeng1994@gmail.com Signed-off-by: Heiko Stuebner commit 93f5fb809b8336143a6668c38dba1f4c7ffe5cab Author: Diederik de Haas Date: Sat Aug 31 13:29:23 2024 +0200 arm64: dts: rockchip: Add missing tshut props to tsadc on quartz64-b Add the missing TSADC properties `rockchip,hw-tshut-mode` and `rockchip,hw-tshut-polarity` to the Pine64 Quartz64 Model B. This fixes the following warnings: rockchip-thermal fe710000.tsadc: Missing tshut mode property, using default (gpio) rockchip-thermal fe710000.tsadc: Missing tshut-polarity property, using default (low) Signed-off-by: Diederik de Haas Link: https://lore.kernel.org/r/20240831112949.60091-1-didi.debian@cknow.org Signed-off-by: Heiko Stuebner commit 3a1fb526c2482b2f61c9813e9e14fcdab4ffa390 Author: Matthias Fetzer Date: Tue Sep 3 19:27:56 2024 +0200 platform/x86: thinkpad_acpi: Fix uninitialized symbol 's' warning When the TPACPI_FAN_WR_ACPI_FANW branch is taken s stays uninitialized and would be later used in a debug print. Since the registers are always set to the same two static values inside the branch s is initialized to 0. Fixes: 57d0557dfa49 ("platform/x86: thinkpad_acpi: Add Thinkpad Edge E531 fan support") Reported-by: Dan Carpenter Closes: https://lore.kernel.org/platform-driver-x86/f99e558d-c62a-41eb-93b3-cf00c016d907@stanley.mountain/ Signed-off-by: Matthias Fetzer Link: https://lore.kernel.org/r/20240903172756.19235-1-kontakt@matthias-fetzer.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit ce48b8c976ce439c336def6e06bf8224a8ff9125 Author: Jonas Karlman Date: Sun Sep 1 11:20:15 2024 +0000 arm64: dts: rockchip: Add Hardkernel ODROID-M2 The Hardkernel ODROID-M2 is a single-board computer based on Rockchip RK3588S2 SoC. It features e.g. 8/16 GB LPDDR5 RAM, 64 GB eMMC, SD-card, GbE LAN, HDMI 2.0, M.2 NVMe and USB 2.0/3.0/Type-C. Add initial support for eMMC, SD-card, Ethernet, PCIe and USB. Signed-off-by: Jonas Karlman Link: https://lore.kernel.org/r/20240901112020.3224704-3-jonas@kwiboo.se Signed-off-by: Heiko Stuebner commit f1f348158813f64cd772d6ff4a3df0704285c14c Author: Jonas Karlman Date: Sun Sep 1 11:20:14 2024 +0000 dt-bindings: arm: rockchip: Add Hardkernel ODROID-M2 The Hardkernel ODROID-M2 is a single-board computer based on Rockchip RK3588S2 SoC. It features e.g. 8/16 GB LPDDR5 RAM, 64 GB eMMC, SD-card, GbE LAN, HDMI 2.0, M.2 NVMe and USB 2.0/3.0/Type-C. Add devicetree binding documentation for the Hardkernel ODROID-M2 board. Signed-off-by: Jonas Karlman Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240901112020.3224704-2-jonas@kwiboo.se Signed-off-by: Heiko Stuebner commit 01c007567944913c29e6e19af241d0ba4e59ce24 Author: Heiko Stuebner Date: Fri Aug 30 22:38:19 2024 +0200 arm64: dts: rockchip: drop hp-pin-name property from audio card on nanopc-t6 The audio-card contains a hp-pin-name property that is not part of the binding, and its contents also are just a "Headphones" string. So that property also does not fullfill any specific use, therefore just drop it. Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240830203819.1972536-4-heiko@sntech.de commit bb9c2e5492a88e255305d0dfae33e34f0e8bbec6 Author: Andy Shevchenko Date: Mon Sep 2 18:06:25 2024 +0300 platform/x86: x86-android-tablets: Fix spelling in the comments Fix spelling across comments (besides obvious grammar issues): - spell words in full, e.g., 'img' --> 'image' - refer to 'gpio-keys' consistently - refer to acpi_power_off() clearly as to function - make sure that the first line is only for the affected model(s) - miscellaneous improvements Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240902150625.2722187-1-andriy.shevchenko@linux.intel.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit a093cb667c3ff5eadd4b23ddf996d9ccae9b7ac6 Author: Andy Shevchenko Date: Thu Aug 29 19:50:32 2024 +0300 platform/x86: ideapad-laptop: Make the scope_guard() clear of its scope First of all, it's a bit counterintuitive to have something like int err; ... scoped_guard(...) err = foo(...); if (err) return err; Second, with a particular kernel configuration and compiler version in one of such cases the objtool is not happy: ideapad-laptop.o: warning: objtool: .text.fan_mode_show: unexpected end of section I'm not an expert on all this, but the theory is that compiler and linker in this case can't understand that 'result' variable will be always initialized as long as no error has been returned. Assigning 'result' to a dummy value helps with this. Note, that fixing the scoped_guard() scope (as per above) does not make issue gone. That said, assign dummy value and make the scope_guard() clear of its scope. For the sake of consistency do it in the entire file. Fixes: 7cc06e729460 ("platform/x86: ideapad-laptop: add a mutex to synchronize VPC commands") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408290219.BrPO8twi-lkp@intel.com/ Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240829165105.1609180-1-andriy.shevchenko@linux.intel.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 24b6616355f7eb2a839776578b104a0348b4f77f Author: Tero Kristo Date: Wed Aug 28 18:34:55 2024 +0300 platform/x86/intel-uncore-freq: Add efficiency latency control to sysfs interface Add the TPMI efficiency latency control fields to the sysfs interface. The sysfs files are mapped to the TPMI uncore driver via the registered uncore_read and uncore_write driver callbacks. These fields are not populated on older non TPMI hardware. Signed-off-by: Tero Kristo Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20240828153657.1296410-4-tero.kristo@linux.intel.com Signed-off-by: Hans de Goede commit bb516dc79c4a6334d5ef6bdbd0d262cf8be9db8e Author: Tero Kristo Date: Wed Aug 28 18:34:54 2024 +0300 platform/x86/intel-uncore-freq: Add support for efficiency latency control Add efficiency latency control support to the TPMI uncore driver. This defines two new threshold values for controlling uncore frequency, low threshold and high threshold. When CPU utilization is below low threshold, the user configurable floor latency control frequency can be used by the system. When CPU utilization is above high threshold, the uncore frequency is increased in 100MHz steps until power limit is reached. Signed-off-by: Tero Kristo Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20240828153657.1296410-3-tero.kristo@linux.intel.com Signed-off-by: Hans de Goede commit 8022ae2c435f09f029a68235e3bb49e1e0b5b686 Author: Tero Kristo Date: Wed Aug 28 18:34:53 2024 +0300 Documentation: admin-guide: pm: Add efficiency vs. latency tradeoff to uncore documentation Added documentation about the functionality of efficiency vs. latency tradeoff control in intel Xeon processors, and how this is configured via sysfs. Signed-off-by: Tero Kristo Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20240828153657.1296410-2-tero.kristo@linux.intel.com Signed-off-by: Hans de Goede commit d9dca215708d32e7f88ac0591fbb187cbf368adb Author: Gergo Koteles Date: Thu Aug 22 17:38:57 2024 +0200 platform/x86: lenovo-ymc: Ignore the 0x0 state While booting, Lenovo 14ARB7 reports 'lenovo-ymc: Unknown key 0 pressed' warning. This is caused by lenovo_ymc_probe() calling lenovo_ymc_notify() at probe time to get the initial tablet-mode-switch state and the key-code lenovo_ymc_notify() reads from the firmware is not initialized at probe time yet on the Lenovo 14ARB7. The hardware/firmware does an ACPI notify on the WMI device itself when it initializes the tablet-mode-switch state later on. Add 0x0 YMC state to the sparse keymap to silence the warning. Signed-off-by: Gergo Koteles Link: https://lore.kernel.org/r/08ab73bb74c4ad448409f2ce707b1148874a05ce.1724340562.git.soyer@irl.hu [hdegoede@redhat.com: Reword commit message] Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 298c9babadb83844632144369cc6bb2a43221aea Author: Dmitry Torokhov Date: Tue Aug 20 22:25:04 2024 -0700 x86/platform/geode: switch GPIO buttons and LEDs to software properties Convert GPIO-connected buttons and LEDs in Geode boards to software nodes/properties, so that support for platform data can be removed from gpio-keys driver (which will rely purely on generic device properties for configuration). To avoid repeating the same data structures over and over and over factor them out into a new geode-common.c file. Signed-off-by: Dmitry Torokhov Reviewed-by: Hans de Goede Acked-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/ZsV6MNS_tUPPSffJ@google.com Signed-off-by: Hans de Goede commit 815f1fcf2403454904cbbc5cf370df6bc300f392 Author: Zhang Zekun Date: Tue Aug 27 15:06:50 2024 +0800 ASoC: audio-graph-card2: Use helper function of_get_child_count() of_get_child_count() can help to get the num of child directly and we don't need to manually count the child num. No functional change with this conversion. Signed-off-by: Zhang Zekun Reviewed-by: Kuninori Morimoto Link: https://patch.msgid.link/20240827070650.11424-3-zhangzekun11@huawei.com Signed-off-by: Mark Brown commit de849243404e8ce02320a7178d4448e4d0191377 Author: Zhang Zekun Date: Tue Aug 27 15:06:49 2024 +0800 ASoC: audio-graph-card: Use for_each_child_of_node_scoped() to simplify code for_each_child_of_node_scoped() can put the device_node automatically. So, using it to make the code logic more simple and remove the device_node clean up code. Signed-off-by: Zhang Zekun Reviewed-by: Kuninori Morimoto Link: https://patch.msgid.link/20240827070650.11424-2-zhangzekun11@huawei.com Signed-off-by: Mark Brown commit 2e01ac83c1c7166e58043ff2bdb0dc7dbfcfd11a Author: Stephen Rothwell Date: Thu Sep 5 00:54:21 2024 +0900 extcon: lc824206xa: Fix build error of POWER_SUPPLY_PROP_USB_TYPE commit 364ea7ccaef9("power: supply: Change usb_types from an array into a bitmask") changes usb_types from an array into a bitmask. Fix the build error of usb_types variables. Link: https://lore.kernel.org/lkml/20240904164325.48386-1-chanwoo@kernel.org/ Reviewed-by: Hans de Goede Signed-off-by: Stephen Rothwell Signed-off-by: Chanwoo Choi commit d47552124bb0b9527da7a95357ae7d2e6046c4f6 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:49 2024 -0600 PM / devfreq: imx-bus: Use of_property_present() Use of_property_present() to test for property presence rather than of_get_property(). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Link: https://lore.kernel.org/lkml/20240731191312.1710417-11-robh@kernel.org/ Acked-by: Peng Fan Signed-off-by: Rob Herring (Arm) Signed-off-by: Chanwoo Choi commit db4001f9cc32e3ef105a4e4f492d7d813b28292a Author: Tony Luck Date: Tue Sep 3 10:34:43 2024 -0700 x86/cpu/vfm: Delete all the *_FAM6_ CPU #defines All code has been converted to use the vendor/family/model versions. Signed-off-by: Tony Luck Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20240903173443.7962-4-tony.luck@intel.com commit 13ad4848dde0f83a27d433f7e11722924de1d506 Author: Tony Luck Date: Tue Sep 3 10:34:42 2024 -0700 x86/cpu/vfm: Delete X86_MATCH_INTEL_FAM6_MODEL[_STEPPING]() macros These macros have been replaced by X86_MATCH_VFM[_STEPPING]() Signed-off-by: Tony Luck Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20240903173443.7962-3-tony.luck@intel.com commit 171a7d9563a07a5101cc536932bc4db88a53374d Author: Tony Luck Date: Tue Sep 3 10:34:41 2024 -0700 extcon: axp288: Switch to new Intel CPU model defines New CPU #defines encode vendor and family as well as model. Signed-off-by: Tony Luck Signed-off-by: Chanwoo Choi Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20240903173443.7962-2-tony.luck@intel.com commit dce35dd27684640508ff330b8235c4671159743e Author: zhang jiao Date: Wed Sep 4 15:35:50 2024 +0800 spi: spidev_fdx: Fix the wrong format specifier The unsigned int should use "%u" instead of "%d". Signed-off-by: zhang jiao Link: https://patch.msgid.link/20240904073550.103618-1-zhangjiao2@cmss.chinamobile.com Signed-off-by: Mark Brown commit c135cd82f194eed0328e2c1942892990b7fb0dc1 Merge: 79a31ce03f416c 364ea7ccaef917 Author: Chanwoo Choi Date: Thu Sep 5 00:45:23 2024 +0900 Merge tag 'ib-psy-usb-types-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supply into extcon-next Immutable branch for usb_types change for v6.12 Changing usb_types type from array to bitmap in the power_supply_desc struct requires updating power-supply drivers living in different subsystem, so it is handled via an immutable branch. commit 79a31ce03f416cc2b9374b3838c60985bc2cb443 Author: Frank Li Date: Mon Aug 12 16:17:53 2024 -0400 dt-bindings: extcon: convert extcon-usb-gpio.txt to yaml format Convert binding doc extcon-usb-gpio.txt to yaml format to fix below warning: arch/arm64/boot/dts/freescale/imx8mp-msc-sm2s-ep1.dtb: /extcon-usb0: failed to match any schema with compatible: ['linux,extcon-usb-gpio'] Additional change: - rename id-gpio to id-gpios - rename vbus-gpio to vbus-gpios Link: https://lore.kernel.org/lkml/20240812201754.3830198-1-Frank.Li@nxp.com/ Signed-off-by: Frank Li Reviewed-by: Rob Herring (Arm) Signed-off-by: Chanwoo Choi commit 38f6c92ee15ddf16b1661830a637c312d90be6b7 Author: Frank Li Date: Tue Aug 20 10:39:11 2024 -0400 dt-bindings: extcon: ptn5150: add child node port Add child node 'port' to allow connect to usb controller to do role-switch if id pin of ptn5150 have not connected to chip's usb ID function pin. Fix below warning: arch/arm64/boot/dts/freescale/imx8mn-var-som-symphony.dtb: typec@3d: 'port' does not match any of the regexes: 'pinctrl-[0-9]+' from schema $id: http://devicetree.org/schemas/extcon/extcon-ptn5150.yaml Link: https://lore.kernel.org/lkml/20240820143911.444048-1-Frank.Li@nxp.com/ Signed-off-by: Frank Li Reviewed-by: Krzysztof Kozlowski Signed-off-by: Chanwoo Choi commit 9e1897cb9568892128149a73974aca796a04d1b6 Author: Hans de Goede Date: Sun May 12 22:40:19 2024 +0200 extcon: Add LC824206XA microUSB switch driver Add a new driver for the ON Semiconductor LC824206XA microUSB switch and accessory detector chip. ON Semiconductor has an "Advance Information" datasheet available (ENA2222-D.PDF), but no full datasheet. So there is no documentation available for the registers. This driver is based on the register info from the extcon-fsa9285.c driver, from the Lollipop Android sources for the Lenovo Yoga Tablet 2 (Pro) 830 / 1050 / 1380 models. Note despite the name this is actually a driver for the LC824206XA not the FSA9285. This has only been tested on a Lenovo Yoga Tablet 2 Pro 1380 and using the driver on other setups may require additional work. So far this driver is only used on x86/ACPI (non devicetree) devs. Therefor there is no devicetree bindings documentation for this driver's "onnn,enable-miclr-for-dcp" property since this is not used in actual devicetree files and the dt bindings maintainers have requested properties with no actual dt users to _not_ be added to the dt bindings. Link: https://lore.kernel.org/lkml/20240512204019.58121-1-hdegoede@redhat.com/ Signed-off-by: Hans de Goede Signed-off-by: Chanwoo Choi commit 086a3c40ebd02a4ac38121cf909326407b2883bc Author: Dan Carpenter Date: Wed Sep 4 11:02:43 2024 +0300 iommu/tegra241-cmdqv: Fix ioremap() error handling in probe() The ioremap() function doesn't return error pointers, it returns NULL on error so update the error handling. Also just return directly instead of calling iounmap() on the NULL pointer. Calling iounmap(NULL) doesn't cause a problem on ARM but on other architectures it can trigger a warning so it'a bad habbit. Fixes: 918eb5c856f6 ("iommu/arm-smmu-v3: Add in-kernel support for NVIDIA Tegra241 (Grace) CMDQV") Signed-off-by: Dan Carpenter Reviewed-by: Nicolin Chen Link: https://lore.kernel.org/r/5a6c1e9a-0724-41b1-86d4-36335d3768ea@stanley.mountain Signed-off-by: Will Deacon commit eeb8fdfcf0901578c26ecfb11e814f36bc9a92f5 Author: D Scott Phillips Date: Tue Sep 3 09:45:32 2024 -0700 arm64: Expose the end of the linear map in PHYSMEM_END The memory hot-plug and resource management code needs to know the largest address which can fit in the linear map, so set PHYSMEM_END for that purpose. This fixes a crash at boot when amdgpu tries to create DEVICE_PRIVATE_MEMORY and is given a physical address by the resource management code which is outside the range which can have a `struct page` | Unable to handle kernel paging request at virtual address 000001ffa6000034 | user pgtable: 4k pages, 48-bit VAs, pgdp=000008000287c000 | [000001ffa6000034] pgd=0000000000000000, p4d=0000000000000000 | Call trace: | __init_zone_device_page.constprop.0+0x2c/0xa8 | memmap_init_zone_device+0xf0/0x210 | pagemap_range+0x1e0/0x410 | memremap_pages+0x18c/0x2e0 | devm_memremap_pages+0x30/0x90 | kgd2kfd_init_zone_device+0xf0/0x200 [amdgpu] | amdgpu_device_ip_init+0x674/0x888 [amdgpu] | amdgpu_device_init+0x7a4/0xea0 [amdgpu] | amdgpu_driver_load_kms+0x28/0x1c0 [amdgpu] | amdgpu_pci_probe+0x1a0/0x560 [amdgpu] Signed-off-by: D Scott Phillips Link: https://lore.kernel.org/r/20240903164532.3874988-1-scott@os.amperecomputing.com Signed-off-by: Will Deacon commit 629277b7f575792ad24cc5fd8e708aaea2a5584c Author: Anand Moon Date: Fri May 10 15:10:24 2024 +0530 PM / devfreq: exynos: Use Use devm_clk_get_enabled() helpers The devm_clk_get_enabled() helpers: - call devm_clk_get() - call clk_prepare_enable() and register what is needed in order to call clk_disable_unprepare() when needed, as a managed resource. This simplifies the code and avoids the calls to clk_disable_unprepare(). While at it, use dev_err_probe consistently, and use its return value to return the error code. Link: https://lore.kernel.org/lkml/20240510094034.12493-1-linux.amoon@gmail.com/ Signed-off-by: Anand Moon Signed-off-by: Chanwoo Choi commit 53e4e2b51727d325cd13feddd1d8d3d9be3df884 Author: Jeff Johnson Date: Wed Jun 5 11:18:18 2024 -0700 PM/devfreq: governor: add missing MODULE_DESCRIPTION() macros make allmodconfig && make W=1 C=1 reports: WARNING: modpost: missing MODULE_DESCRIPTION() in drivers/devfreq/governor_simpleondemand.o WARNING: modpost: missing MODULE_DESCRIPTION() in drivers/devfreq/governor_performance.o WARNING: modpost: missing MODULE_DESCRIPTION() in drivers/devfreq/governor_powersave.o WARNING: modpost: missing MODULE_DESCRIPTION() in drivers/devfreq/governor_userspace.o Add all missing invocations of the MODULE_DESCRIPTION() macro. Link: https://lore.kernel.org/lkml/20240605-md-drivers-devfreq-v1-1-d01ae91b907e@quicinc.com/ Signed-off-by: Jeff Johnson Signed-off-by: Chanwoo Choi commit 7eced90b202d63cdc1b9b11b1353adb1389830f9 Author: Fares Mehanna Date: Mon Sep 2 16:33:08 2024 +0000 arm64: trans_pgd: mark PTEs entries as valid to avoid dead kexec() The reasons for PTEs in the kernel direct map to be marked invalid are not limited to kfence / debug pagealloc machinery. In particular, memfd_secret() also steals pages with set_direct_map_invalid_noflush(). When building the transitional page tables for kexec from the current kernel's page tables, those pages need to become regular writable pages, otherwise, if the relocation places kexec segments over such pages, a fault will occur during kexec, leading to host going dark during kexec. This patch addresses the kexec issue by marking any PTE as valid if it is not none. While this fixes the kexec crash, it does not address the security concern that if processes owning secret memory are not terminated before kexec, the secret content will be mapped in the new kernel without being scrubbed. Suggested-by: Jan H. Schönherr Signed-off-by: Fares Mehanna Link: https://lore.kernel.org/r/20240902163309.97113-1-faresx@amazon.de Signed-off-by: Will Deacon commit 2b59ffad47db1c46af25ccad157bb3b25147c35c Author: Zhao Mengmeng Date: Wed Sep 4 09:07:58 2024 +0800 jfs: Fix uninit-value access of new_ea in ea_buffer syzbot reports that lzo1x_1_do_compress is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in lzo1x_1_do_compress+0x19f9/0x2510 lib/lzo/lzo1x_compress.c:178 ... Uninit was stored to memory at: ea_put fs/jfs/xattr.c:639 [inline] ... Local variable ea_buf created at: __jfs_setxattr+0x5d/0x1ae0 fs/jfs/xattr.c:662 __jfs_xattr_set+0xe6/0x1f0 fs/jfs/xattr.c:934 ===================================================== The reason is ea_buf->new_ea is not initialized properly. Fix this by using memset to empty its content at the beginning in ea_get(). Reported-by: syzbot+02341e0daa42a15ce130@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=02341e0daa42a15ce130 Signed-off-by: Zhao Mengmeng Signed-off-by: Dave Kleikamp commit 1db9716d44875d31acf29255710e82338560c177 Author: Rong Qianfeng Date: Mon Sep 2 10:39:35 2024 +0800 arm64/mm: Delete __init region from memblock.reserved If CONFIG_ARCH_KEEP_MEMBLOCK is enabled, the memory information in memblock will be retained. We release the __init memory here, and we should also delete the corresponding region in memblock.reserved, which allows debugfs/memblock/reserved to display correct memory information. Signed-off-by: Rong Qianfeng Link: https://lore.kernel.org/r/20240902023940.43227-1-rongqianfeng@vivo.com Signed-off-by: Will Deacon commit b08929e1ec2f69db49e119a0d6af7cf32c813f5e Author: Matthew Gerlach Date: Tue Jul 2 11:26:52 2024 -0500 dt-bindings: PCI: altera: Convert to YAML Convert the devicetree bindings for the Altera Root Port PCIe controller from text to YAML. While at it, update the entries in the interrupt-map field to have the correct number of address cells for the interrupt parent. Link: https://lore.kernel.org/linux-pci/20240702162652.1349121-1-matthew.gerlach@linux.intel.com Signed-off-by: Matthew Gerlach [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Conor Dooley commit 6b612d1bac67b0f483fde7779a45f6310274d4eb Author: Dhruva Gole Date: Mon Sep 2 14:51:35 2024 +0530 cpufreq: ti-cpufreq: Use socinfo to get revision in AM62 family In the AM62x, AM62Ax, and AM62Px devices, we already have the revision info within the k3-socinfo driver. Hence, re-use this information from there instead of re using the offset for 2 drivers trying to get the same information ie. revision. Signed-off-by: Dhruva Gole Signed-off-by: Viresh Kumar commit 87fa4bd351a51ec1eb2d4854f4112c7811fef519 Author: Liu Jing Date: Mon Sep 2 16:28:16 2024 +0800 cpufreq: Fix the cacography in powernv-cpufreq.c The word 'swtich' is wrong, so fix it. Signed-off-by: Liu Jing Signed-off-by: Viresh Kumar commit abc00ffda43bd4ba85896713464c7510c39f8165 Author: Nishanth Menon Date: Wed Aug 28 08:19:15 2024 -0500 cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately Commit b4bc9f9e27ed ("cpufreq: ti-cpufreq: add support for omap34xx and omap36xx") introduced special handling for OMAP3 class devices where syscon node may not be present. However, this also creates a bug where the syscon node is present, however the offset used to read is beyond the syscon defined range. Fix this by providing a quirk option that is populated when such special handling is required. This allows proper failure for all other platforms when the syscon node and efuse offsets are mismatched. Fixes: b4bc9f9e27ed ("cpufreq: ti-cpufreq: add support for omap34xx and omap36xx") Signed-off-by: Nishanth Menon Tested-by: Dhruva Gole Reviewed-by: Kevin Hilman Signed-off-by: Viresh Kumar commit 2b7ec33e534f7a10033a5cf07794acf48b182bbe Author: Huacai Chen Date: Wed Aug 28 14:24:59 2024 +0800 cpufreq: loongson3: Use raw_smp_processor_id() in do_service_request() Use raw_smp_processor_id() instead of plain smp_processor_id() in do_service_request(), otherwise we may get some errors with the driver enabled: BUG: using smp_processor_id() in preemptible [00000000] code: (udev-worker)/208 caller is loongson3_cpufreq_probe+0x5c/0x250 [loongson3_cpufreq] Reported-by: Xi Ruoyao Tested-by: Binbin Zhou Signed-off-by: Huacai Chen Signed-off-by: Viresh Kumar commit 5493f9714e4cdaf0ee7cec15899a231400cb1a9f Author: Anastasia Belova Date: Mon Aug 26 16:38:41 2024 +0300 cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it and return in case of error. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Anastasia Belova Reviewed-by: Perry Yuan Signed-off-by: Viresh Kumar commit b14ceb82c3a1b6f1422af4ea7a2a686dbaf0a094 Author: Danila Tikhonov Date: Thu Aug 8 21:40:17 2024 +0300 cpufreq: Add SM7325 to cpufreq-dt-platdev blocklist The Qualcomm SM7325 platform uses the qcom-cpufreq-hw driver, so add it to the cpufreq-dt-platdev driver's blocklist. Signed-off-by: Danila Tikhonov Reviewed-by: Dmitry Baryshkov Signed-off-by: Viresh Kumar commit 24f9bfb847b7340b91e35742adf0ab87440e7079 Author: Rob Herring (Arm) Date: Fri Aug 9 11:24:38 2024 -0600 cpufreq: Fix warning on unused of_device_id tables for !CONFIG_OF !CONFIG_OF builds cause warnings on unused of_device_id tables. This is due to of_match_node() being a macro rather than static inline function. Add a __maybe_unused annotation to the of_device_id tables. Fixes: c7582ec85342 ("cpufreq: Drop CONFIG_ARM and CONFIG_ARM64 dependency on Arm drivers") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408090714.wcrqU6Pk-lkp@intel.com/ Signed-off-by: Rob Herring (Arm) Signed-off-by: Viresh Kumar commit 49243adc715e6ae34d6cc003827e63bcf5b3a21d Author: Dhananjay Ugwekar Date: Fri Aug 9 06:08:16 2024 +0000 cpufreq/amd-pstate: Add the missing cpufreq_cpu_put() Fix the reference counting of cpufreq_policy object in amd_pstate_update() function by adding the missing cpufreq_cpu_put(). Fixes: e8f555daacd3 ("cpufreq/amd-pstate: fix setting policy current frequency value") Signed-off-by: Dhananjay Ugwekar Reviewed-by: Perry Yuan Signed-off-by: Viresh Kumar commit 81746019b9fbb9fbf7c522dcbeefb572ac0f9458 Author: Rob Herring (Arm) Date: Tue Aug 6 07:58:27 2024 -0600 cpufreq: Drop CONFIG_ARM and CONFIG_ARM64 dependency on Arm drivers The CONFIG_ARM and CONFIG_ARM64 dependency is redundant as all the drivers have necessary sub-arch dependency and don't depend on the architecture support. Signed-off-by: Rob Herring (Arm) Signed-off-by: Viresh Kumar commit 3f66425a4fc8663ad074cf70f432c681953bfcb7 Author: Rob Herring (Arm) Date: Tue Aug 6 07:58:26 2024 -0600 cpufreq: Enable COMPILE_TEST on Arm drivers COMPILE_TEST is useful for build testing without requiring a specific architecture's compiler. Enable it for most of the Arm CPUFreq drivers. As Kconfig.arm is only included on ARM and ARM64, COMPILE_TEST is only enabled for those architectures until that is dropped. Signed-off-by: Rob Herring (Arm) Signed-off-by: Viresh Kumar commit a84372012e9329daba8082efac98f3bc0b443aa2 Author: Dhruva Gole Date: Tue Sep 3 16:00:08 2024 +0530 dt-bindings: opp: operating-points-v2-ti-cpu: Update maintainers Update the maintainers entry since I will be taking over this file from now. Signed-off-by: Dhruva Gole Acked-by: Rob Herring (Arm) Signed-off-by: Viresh Kumar commit 84e927aa679f7c72f4814ec02768bb99e4b7c5ec Author: Rob Herring (Arm) Date: Tue Aug 6 07:58:25 2024 -0600 opp: ti: Drop unnecessary of_match_ptr() of_match_ptr() is not necessary as the driver is always enabled for DT. Signed-off-by: Rob Herring (Arm) Signed-off-by: Viresh Kumar commit 364cfd8a56c0eec874057514b8cee220494746f5 Author: Rayyan Ansari Date: Mon Jul 22 10:18:50 2024 +0100 dt-bindings: PCI: qcom,pcie-sc7280: Update bindings adding eight interrupts Previous commit to this bindings, commit 756485bfbb85 ("dt-bindings: PCI: qcom,pcie-sc7280: Move SC7280 to dedicated schema"), updated the bindings to specify one interrupt only, as the devicetree at that time did not describe the hardware fully. The devicetree for SC7280 now specifies eight interrupts, following the commit b8ba66b40da3 ("arm64: dts: qcom: sc7280: Add additional MSI interrupts"). Thus, update the bindings to reflect this. Link: https://lore.kernel.org/linux-pci/20240722-sc7280-pcie-interrupts-v2-1-a5414d3dbc64@linaro.org Signed-off-by: Rayyan Ansari [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Krzysztof Kozlowski Reviewed-by: Manivannan Sadhasivam commit 0dc2f4963f7ef187b80d832d7d88f735a9dc99cb Author: Robin Murphy Date: Mon Sep 2 18:52:04 2024 +0100 perf/arm-cmn: Support CMN S3 CMN S3 is the latest and greatest evolution for 2024, although most of the new features don't impact the PMU, so from our point of view it ends up looking a lot like CMN-700 r3 still. We have some new device types to ignore, a mildly irritating rearrangement of the register layouts, and a scary new configuration option that makes it potentially unsafe to even walk the full discovery tree, let alone attempt to use the PMU. Acked-by: Mark Rutland Reviewed-by: Ilkka Koskinen Signed-off-by: Robin Murphy Link: https://lore.kernel.org/r/2ec9eec5b6bf215a9886f3b69e3b00e4cd85095c.1725296395.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit a87ef537f961721e7f9786aae46e145723e5a0c2 Author: Robin Murphy Date: Mon Sep 2 18:52:03 2024 +0100 dt-bindings: perf: arm-cmn: Add CMN S3 The CMN S3 PMU is functionally still very similar to CMN-700, however while the register contents are compatible, many of them are moved to different offsets. While this is technically discoverable by a careful driver that understands the part number in the peripheral ID registers (which do at least remain in the same place), a new unique compatible seems warranted to avoid any surprises. CC: devicetree@vger.kernel.org Acked-by: Rob Herring (Arm) Signed-off-by: Robin Murphy Link: https://lore.kernel.org/r/2150e87f33284ba55cf6594def018a02bcf809fe.1725296395.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit 67acca3504eade75e03ea3ae87a329df6b10ae02 Author: Robin Murphy Date: Mon Sep 2 18:52:02 2024 +0100 perf/arm-cmn: Refactor DTC PMU register access Annoyingly, we're soon going to have to cope with PMU registers moving about. This will mostly be straightforward, except for the hard-coding of CMN_PMU_OFFSET for the DTC PMU registers. As a first step, refactor those accessors to allow for encapsulating a variable offset without making a big mess all over. As a bonus, we can repack the arm_cmn_dtc structure to accommodate the new pointer without growing any larger, since irq_friend only encodes a range of +/-3. Acked-by: Mark Rutland Reviewed-by: Ilkka Koskinen Signed-off-by: Robin Murphy Link: https://lore.kernel.org/r/fc677576fae7b5b55780e5b245a4ef6ea1b30daf.1725296395.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit c5b15ddf11a8a82f5e9ccd9b44f7b765c59bffdd Author: Robin Murphy Date: Mon Sep 2 18:52:01 2024 +0100 perf/arm-cmn: Make cycle counts less surprising By default, CMN has automatic clock-gating with the implication that a DTC's cycle counter may not increment while the DTC is sufficiently idle. Given that we may have up to 4 DTCs to choose from when scheduling a cycles event, this may potentially lead to surprising results if trying to measure metrics based on activity in a different DTC domain from where cycles end up being counted. Furthermore, since the details of internal clock gating are not documented, we can't even reason about what "active" cycles for a DTC actually mean relative to the activity of other nodes within the same nominal DTC domain. Make the reasonable assumption that if the user wants to count cycles, they almost certainly want to count all of the cycles, and disable clock gating while a DTC's cycle counter is in use. Signed-off-by: Robin Murphy Link: https://lore.kernel.org/r/c47cfdc09e907b1d7753d142a7e659982cceb246.1725296395.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit ff436cee694ee8bc4173f2d42622ee7c17a085d3 Author: Robin Murphy Date: Mon Sep 2 18:52:00 2024 +0100 perf/arm-cmn: Improve build-time assertion These days we can use static_assert() in the logical place rather than jamming a BUILD_BUG_ON() into the nearest function scope. Signed-off-by: Robin Murphy Link: https://lore.kernel.org/r/224ee8286f299100f1c768edb254edc898539f50.1725296395.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit 359414b33e00bae91e4eabf3e4ef8e76024c7673 Author: Robin Murphy Date: Mon Sep 2 18:51:59 2024 +0100 perf/arm-cmn: Ensure dtm_idx is big enough While CMN_MAX_DIMENSION was bumped to 12 for CMN-650, that only supports up to a 10x10 mesh, so bumping dtm_idx to 256 bits at the time worked out OK in practice. However CMN-700 did finally support up to 144 XPs, and thus needs a worst-case 288 bits of dtm_idx for an aggregated XP event on a maxed-out config. Oops. Fixes: 23760a014417 ("perf/arm-cmn: Add CMN-700 support") Signed-off-by: Robin Murphy Link: https://lore.kernel.org/r/e771b358526a0d7fc06efee2c3a2fdc0c9f51d44.1725296395.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit 88b63a82c84ed9bbcbdefb10cb6f75dd1dd04887 Author: Robin Murphy Date: Mon Sep 2 18:51:58 2024 +0100 perf/arm-cmn: Fix CCLA register offset Apparently pmu_event_sel is offset by 8 for all CCLA nodes, not just the CCLA_RNI combination type. Fixes: 23760a014417 ("perf/arm-cmn: Add CMN-700 support") Acked-by: Mark Rutland Reviewed-by: Ilkka Koskinen Signed-off-by: Robin Murphy Link: https://lore.kernel.org/r/6e7bb06fef6046f83e7647aad0e5be544139763f.1725296395.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit e79634b53e398966c49f803c49701bc74dc3ccf8 Author: Robin Murphy Date: Mon Sep 2 18:51:57 2024 +0100 perf/arm-cmn: Refactor node ID handling. Again. The scope of the "extra device ports" configuration is not made clear by the CMN documentation - so far we've assumed it applies globally, based on the sole example which suggests as much. However it transpires that this is incorrect, and the format does in fact vary based on each individual XP's port configuration. As a consequence, we're currenly liable to decode the port/device indices from a node ID incorrectly, thus program the wrong event source in the DTM leading to bogus event counts, and also show device topology on the wrong ports in debugfs. To put this right, rework node IDs yet again to carry around the additional data necessary to decode them properly per-XP. At this point the notion of fully decomposing an ID becomes more impractical than it's worth, so unabstracting the XY mesh coordinates (where 2/3 users were just debug anyway) ends up leaving things a bit simpler overall. Fixes: 60d1504070c2 ("perf/arm-cmn: Support new IP features") Acked-by: Mark Rutland Signed-off-by: Robin Murphy Link: https://lore.kernel.org/r/5195f990152fc37adba5fbf5929a6b11063d9f09.1725296395.git.robin.murphy@arm.com Signed-off-by: Will Deacon commit 590b09b1d88e18ae57f89930a6f7b89795d2e9f3 Author: Sean Christopherson Date: Thu Aug 29 21:36:00 2024 -0700 KVM: x86: Register "emergency disable" callbacks when virt is enabled Register the "disable virtualization in an emergency" callback just before KVM enables virtualization in hardware, as there is no functional need to keep the callbacks registered while KVM happens to be loaded, but is inactive, i.e. if KVM hasn't enabled virtualization. Note, unregistering the callback every time the last VM is destroyed could have measurable latency due to the synchronize_rcu() needed to ensure all references to the callback are dropped before KVM is unloaded. But the latency should be a small fraction of the total latency of disabling virtualization across all CPUs, and userspace can set enable_virt_at_load to completely eliminate the runtime overhead. Add a pointer in kvm_x86_ops to allow vendor code to provide its callback. There is no reason to force vendor code to do the registration, and either way KVM would need a new kvm_x86_ops hook. Suggested-by: Kai Huang Reviewed-by: Chao Gao Reviewed-by: Kai Huang Acked-by: Kai Huang Tested-by: Farrah Chen Signed-off-by: Sean Christopherson Message-ID: <20240830043600.127750-11-seanjc@google.com> Signed-off-by: Paolo Bonzini commit 6d55a94222dbc64754fc138dbe4578dc5cac1c8b Author: Sean Christopherson Date: Thu Aug 29 21:35:59 2024 -0700 x86/reboot: Unconditionally define cpu_emergency_virt_cb typedef Define cpu_emergency_virt_cb even if the kernel is being built without KVM support so that KVM can reference the typedef in asm/kvm_host.h without needing yet more #ifdefs. No functional change intended. Acked-by: Kai Huang Reviewed-by: Chao Gao Reviewed-by: Kai Huang Tested-by: Farrah Chen Signed-off-by: Sean Christopherson Message-ID: <20240830043600.127750-10-seanjc@google.com> Signed-off-by: Paolo Bonzini commit b67107a251b01161956892352d53fb122346eda1 Author: Sean Christopherson Date: Thu Aug 29 21:35:58 2024 -0700 KVM: Add arch hooks for enabling/disabling virtualization Add arch hooks that are invoked when KVM enables/disable virtualization. x86 will use the hooks to register an "emergency disable" callback, which is essentially an x86-specific shutdown notifier that is used when the kernel is doing an emergency reboot/shutdown/kexec. Add comments for the declarations to help arch code understand exactly when the callbacks are invoked. Alternatively, the APIs themselves could communicate most of the same info, but kvm_arch_pre_enable_virtualization() and kvm_arch_post_disable_virtualization() are a bit cumbersome, and make it a bit less obvious that they are intended to be implemented as a pair. Reviewed-by: Chao Gao Reviewed-by: Kai Huang Acked-by: Kai Huang Tested-by: Farrah Chen Signed-off-by: Sean Christopherson Message-ID: <20240830043600.127750-9-seanjc@google.com> Signed-off-by: Paolo Bonzini commit b4886fab6fb620b96ad7eeefb9801c42dfa91741 Author: Sean Christopherson Date: Thu Aug 29 21:35:57 2024 -0700 KVM: Add a module param to allow enabling virtualization when KVM is loaded Add an on-by-default module param, enable_virt_at_load, to let userspace force virtualization to be enabled in hardware when KVM is initialized, i.e. just before /dev/kvm is exposed to userspace. Enabling virtualization during KVM initialization allows userspace to avoid the additional latency when creating/destroying the first/last VM (or more specifically, on the 0=>1 and 1=>0 edges of creation/destruction). Now that KVM uses the cpuhp framework to do per-CPU enabling, the latency could be non-trivial as the cpuhup bringup/teardown is serialized across CPUs, e.g. the latency could be problematic for use case that need to spin up VMs quickly. Prior to commit 10474ae8945c ("KVM: Activate Virtualization On Demand"), KVM _unconditionally_ enabled virtualization during load, i.e. there's no fundamental reason KVM needs to dynamically toggle virtualization. These days, the only known argument for not enabling virtualization is to allow KVM to be autoloaded without blocking other out-of-tree hypervisors, and such use cases can simply change the module param, e.g. via command line. Note, the aforementioned commit also mentioned that enabling SVM (AMD's virtualization extensions) can result in "using invalid TLB entries". It's not clear whether the changelog was referring to a KVM bug, a CPU bug, or something else entirely. Regardless, leaving virtualization off by default is not a robust "fix", as any protection provided is lost the instant userspace creates the first VM. Reviewed-by: Chao Gao Acked-by: Kai Huang Reviewed-by: Kai Huang Tested-by: Farrah Chen Signed-off-by: Sean Christopherson Message-ID: <20240830043600.127750-8-seanjc@google.com> Signed-off-by: Paolo Bonzini commit 0617a769ce16b836659c8a712f394bfa3543a587 Author: Sean Christopherson Date: Thu Aug 29 21:35:56 2024 -0700 KVM: x86: Rename virtualization {en,dis}abling APIs to match common KVM Rename x86's the per-CPU vendor hooks used to enable virtualization in hardware to align with the recently renamed arch hooks. No functional change intended. Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang Message-ID: <20240830043600.127750-7-seanjc@google.com> Signed-off-by: Paolo Bonzini commit 5381eca101fd80a0f0ad028482181e6180e3561c Author: Sean Christopherson Date: Thu Aug 29 21:35:55 2024 -0700 KVM: MIPS: Rename virtualization {en,dis}abling APIs to match common KVM Rename MIPS's trampoline hooks for virtualization enabling to match the recently renamed arch hooks. No functional change intended. Signed-off-by: Sean Christopherson Message-ID: <20240830043600.127750-6-seanjc@google.com> Signed-off-by: Paolo Bonzini commit 071f24ad28cdcdfa544fdb79b1b1d2b423717a11 Author: Sean Christopherson Date: Thu Aug 29 21:35:54 2024 -0700 KVM: Rename arch hooks related to per-CPU virtualization enabling Rename the per-CPU hooks used to enable virtualization in hardware to align with the KVM-wide helpers in kvm_main.c, and to better capture that the callbacks are invoked on every online CPU. No functional change intended. Suggested-by: Paolo Bonzini Signed-off-by: Sean Christopherson Reviewed-by: Kai Huang Message-ID: <20240830043600.127750-5-seanjc@google.com> Signed-off-by: Paolo Bonzini commit 70c0194337d38dd29533e63e3cb07620f8c5eae1 Author: Sean Christopherson Date: Thu Aug 29 21:35:53 2024 -0700 KVM: Rename symbols related to enabling virtualization hardware Rename the various functions (and a variable) that enable virtualization to prepare for upcoming changes, and to clean up artifacts of KVM's previous behavior, which required manually juggling locks around kvm_usage_count. Drop the "nolock" qualifier from per-CPU functions now that there are no "nolock" implementations of the "all" variants, i.e. now that calling a non-nolock function from a nolock function isn't confusing (unlike this sentence). Drop "all" from the outer helpers as they no longer manually iterate over all CPUs, and because it might not be obvious what "all" refers to. In lieu of the above qualifiers, append "_cpu" to the end of the functions that are per-CPU helpers for the outer APIs. Opportunistically prepend "kvm" to all functions to help make it clear that they are KVM helpers, but mostly because there's no reason not to. Lastly, use "virtualization" instead of "hardware", because while the functions do enable virtualization in hardware, there are a _lot_ of things that KVM enables in hardware. Defer renaming the arch hooks to future patches, purely to reduce the amount of churn in a single commit. Reviewed-by: Chao Gao Reviewed-by: Kai Huang Acked-by: Kai Huang Tested-by: Farrah Chen Signed-off-by: Sean Christopherson Message-ID: <20240830043600.127750-4-seanjc@google.com> Signed-off-by: Paolo Bonzini commit 9a798b1337afe4fdcce53efa77953b068d8614f5 Author: Sean Christopherson Date: Thu Aug 29 21:35:52 2024 -0700 KVM: Register cpuhp and syscore callbacks when enabling hardware Register KVM's cpuhp and syscore callback when enabling virtualization in hardware instead of registering the callbacks during initialization, and let the CPU up/down framework invoke the inner enable/disable functions. Registering the callbacks during initialization makes things more complex than they need to be, as KVM needs to be very careful about handling races between enabling CPUs being onlined/offlined and hardware being enabled/disabled. Intel TDX support will require KVM to enable virtualization during KVM initialization, i.e. will add another wrinkle to things, at which point sorting out the potential races with kvm_usage_count would become even more complex. Note, using the cpuhp framework has a subtle behavioral change: enabling will be done serially across all CPUs, whereas KVM currently sends an IPI to all CPUs in parallel. While serializing virtualization enabling could create undesirable latency, the issue is limited to the 0=>1 transition of VM creation. And even that can be mitigated, e.g. by letting userspace force virtualization to be enabled when KVM is initialized. Cc: Chao Gao Reviewed-by: Kai Huang Acked-by: Kai Huang Tested-by: Farrah Chen Signed-off-by: Sean Christopherson Message-ID: <20240830043600.127750-3-seanjc@google.com> Signed-off-by: Paolo Bonzini commit 44d17459626052a2390457e550a12cb973506b2f Author: Sean Christopherson Date: Thu Aug 29 21:35:51 2024 -0700 KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock Use a dedicated mutex to guard kvm_usage_count to fix a potential deadlock on x86 due to a chain of locks and SRCU synchronizations. Translating the below lockdep splat, CPU1 #6 will wait on CPU0 #1, CPU0 #8 will wait on CPU2 #3, and CPU2 #7 will wait on CPU1 #4 (if there's a writer, due to the fairness of r/w semaphores). CPU0 CPU1 CPU2 1 lock(&kvm->slots_lock); 2 lock(&vcpu->mutex); 3 lock(&kvm->srcu); 4 lock(cpu_hotplug_lock); 5 lock(kvm_lock); 6 lock(&kvm->slots_lock); 7 lock(cpu_hotplug_lock); 8 sync(&kvm->srcu); Note, there are likely more potential deadlocks in KVM x86, e.g. the same pattern of taking cpu_hotplug_lock outside of kvm_lock likely exists with __kvmclock_cpufreq_notifier(): cpuhp_cpufreq_online() | -> cpufreq_online() | -> cpufreq_gov_performance_limits() | -> __cpufreq_driver_target() | -> __target_index() | -> cpufreq_freq_transition_begin() | -> cpufreq_notify_transition() | -> ... __kvmclock_cpufreq_notifier() But, actually triggering such deadlocks is beyond rare due to the combination of dependencies and timings involved. E.g. the cpufreq notifier is only used on older CPUs without a constant TSC, mucking with the NX hugepage mitigation while VMs are running is very uncommon, and doing so while also onlining/offlining a CPU (necessary to generate contention on cpu_hotplug_lock) would be even more unusual. The most robust solution to the general cpu_hotplug_lock issue is likely to switch vm_list to be an RCU-protected list, e.g. so that x86's cpufreq notifier doesn't to take kvm_lock. For now, settle for fixing the most blatant deadlock, as switching to an RCU-protected list is a much more involved change, but add a comment in locking.rst to call out that care needs to be taken when walking holding kvm_lock and walking vm_list. ====================================================== WARNING: possible circular locking dependency detected 6.10.0-smp--c257535a0c9d-pip #330 Tainted: G S O ------------------------------------------------------ tee/35048 is trying to acquire lock: ff6a80eced71e0a8 (&kvm->slots_lock){+.+.}-{3:3}, at: set_nx_huge_pages+0x179/0x1e0 [kvm] but task is already holding lock: ffffffffc07abb08 (kvm_lock){+.+.}-{3:3}, at: set_nx_huge_pages+0x14a/0x1e0 [kvm] which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #3 (kvm_lock){+.+.}-{3:3}: __mutex_lock+0x6a/0xb40 mutex_lock_nested+0x1f/0x30 kvm_dev_ioctl+0x4fb/0xe50 [kvm] __se_sys_ioctl+0x7b/0xd0 __x64_sys_ioctl+0x21/0x30 x64_sys_call+0x15d0/0x2e60 do_syscall_64+0x83/0x160 entry_SYSCALL_64_after_hwframe+0x76/0x7e -> #2 (cpu_hotplug_lock){++++}-{0:0}: cpus_read_lock+0x2e/0xb0 static_key_slow_inc+0x16/0x30 kvm_lapic_set_base+0x6a/0x1c0 [kvm] kvm_set_apic_base+0x8f/0xe0 [kvm] kvm_set_msr_common+0x9ae/0xf80 [kvm] vmx_set_msr+0xa54/0xbe0 [kvm_intel] __kvm_set_msr+0xb6/0x1a0 [kvm] kvm_arch_vcpu_ioctl+0xeca/0x10c0 [kvm] kvm_vcpu_ioctl+0x485/0x5b0 [kvm] __se_sys_ioctl+0x7b/0xd0 __x64_sys_ioctl+0x21/0x30 x64_sys_call+0x15d0/0x2e60 do_syscall_64+0x83/0x160 entry_SYSCALL_64_after_hwframe+0x76/0x7e -> #1 (&kvm->srcu){.+.+}-{0:0}: __synchronize_srcu+0x44/0x1a0 synchronize_srcu_expedited+0x21/0x30 kvm_swap_active_memslots+0x110/0x1c0 [kvm] kvm_set_memslot+0x360/0x620 [kvm] __kvm_set_memory_region+0x27b/0x300 [kvm] kvm_vm_ioctl_set_memory_region+0x43/0x60 [kvm] kvm_vm_ioctl+0x295/0x650 [kvm] __se_sys_ioctl+0x7b/0xd0 __x64_sys_ioctl+0x21/0x30 x64_sys_call+0x15d0/0x2e60 do_syscall_64+0x83/0x160 entry_SYSCALL_64_after_hwframe+0x76/0x7e -> #0 (&kvm->slots_lock){+.+.}-{3:3}: __lock_acquire+0x15ef/0x2e30 lock_acquire+0xe0/0x260 __mutex_lock+0x6a/0xb40 mutex_lock_nested+0x1f/0x30 set_nx_huge_pages+0x179/0x1e0 [kvm] param_attr_store+0x93/0x100 module_attr_store+0x22/0x40 sysfs_kf_write+0x81/0xb0 kernfs_fop_write_iter+0x133/0x1d0 vfs_write+0x28d/0x380 ksys_write+0x70/0xe0 __x64_sys_write+0x1f/0x30 x64_sys_call+0x281b/0x2e60 do_syscall_64+0x83/0x160 entry_SYSCALL_64_after_hwframe+0x76/0x7e Cc: Chao Gao Fixes: 0bf50497f03b ("KVM: Drop kvm_count_lock and instead protect kvm_usage_count with kvm_lock") Cc: stable@vger.kernel.org Reviewed-by: Kai Huang Acked-by: Kai Huang Tested-by: Farrah Chen Signed-off-by: Sean Christopherson Message-ID: <20240830043600.127750-2-seanjc@google.com> Signed-off-by: Paolo Bonzini commit f66b63ef10d65cf8ce57a7341262308443705628 Author: Frank Li Date: Mon Jul 1 18:16:12 2024 -0400 dt-bindings: PCI: layerscape-pci: Change property 'fsl,pcie-scfg' type The fsl,pcie-scfg requires an argument when there are more than one PCIe instances. Thus, change it to the phandle-array type and use items to describe what each field means. This also fixes the following warning: arch/arm64/boot/dts/freescale/fsl-ls1043a-rdb.dtb: pcie@3400000: fsl,pcie-scfg:0: [22, 0] is too long from schema $id: http://devicetree.org/schemas/pci/fsl,layerscape-pcie.yaml# Link: https://lore.kernel.org/linux-pci/20240701221612.2112668-1-Frank.Li@nxp.com Signed-off-by: Frank Li [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Rob Herring commit 16e1503eaf329129170e4e7a078aee17686967a5 Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:25 2024 +0200 fuse: allow idmapped mounts Now we have everything in place and we can allow idmapped mounts by setting the FS_ALLOW_IDMAP flag. Notice that real availability of idmapped mounts will depend on the fuse daemon. Fuse daemon have to set FUSE_ALLOW_IDMAP flag in the FUSE_INIT reply. To discuss: - we enable idmapped mounts support only if "default_permissions" mode is enabled, because otherwise we would need to deal with UID/GID mappings in the userspace side OR provide the userspace with idmapped req->in.h.uid/req->in.h.gid values which is not something that we probably want to. Idmapped mounts philosophy is not about faking caller uid/gid. Some extra links and examples: - libfuse support https://github.com/mihalicyn/libfuse/commits/idmap_support - fuse-overlayfs support: https://github.com/mihalicyn/fuse-overlayfs/commits/idmap_support - cephfs-fuse conversion example https://github.com/mihalicyn/ceph/commits/fuse_idmap - glusterfs conversion example https://github.com/mihalicyn/glusterfs/commits/fuse_idmap Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Signed-off-by: Miklos Szeredi commit 6d14b18596ca69719cfe1af87dbf3c5e763d29b5 Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:24 2024 +0200 fuse: warn if fuse_access is called when idmapped mounts are allowed It is not possible with the current fuse code, but let's protect ourselves from regressions in the future. Signed-off-by: Alexander Mikhalitsyn Signed-off-by: Miklos Szeredi commit 5b8ca5a54cb89ab07b0389f50e038e533cdfdd86 Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:23 2024 +0200 fuse: handle idmappings properly in ->write_iter() This is needed to properly clear suid/sgid. Signed-off-by: Alexander Mikhalitsyn Signed-off-by: Miklos Szeredi commit 4be75ffe721cbf925478ebfbff872b02833899b7 Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:22 2024 +0200 fuse: support idmapped ->rename op RENAME_WHITEOUT is a special case of ->rename and we need to take idmappings into account there. Signed-off-by: Alexander Mikhalitsyn Signed-off-by: Miklos Szeredi commit d395d0a5d2544b639cd7b0055e4de85b0efc2762 Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:21 2024 +0200 fuse: support idmapped ->set_acl It's just a matter of adjusting a permission check condition for S_ISGID flag. All the rest is already handled in the generic VFS code. Notice that this permission check is the analog of what we have in posix_acl_update_mode() generic helper, but fuse doesn't use this helper as on the kernel side we don't care about ensuring that POSIX ACL and CHMOD permissions are in sync as it is a responsibility of a userspace daemon to handle that. For the same reason we don't have a calls to posix_acl_chmod(), while most of other filesystem do. Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Signed-off-by: Miklos Szeredi commit 4d833befa20253049e4f48ece9cb82f12800405d Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:20 2024 +0200 fuse: drop idmap argument from __fuse_get_acl We don't need to have idmap in the __fuse_get_acl as we don't have any use for it. In the current POSIX ACL implementation, idmapped mounts are taken into account on the userspace/kernel border (see vfs_set_acl_idmapped_mnt() and vfs_posix_acl_to_xattr()). Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Signed-off-by: Miklos Szeredi commit 276a02569920f793047479fe7ef5da2c3e285a80 Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:19 2024 +0200 fuse: support idmapped ->setattr op Need to translate uid and gid in case of chown(2). Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Signed-off-by: Miklos Szeredi commit c1d82215d391ded456e7bdd1c0893c9cb6322272 Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:18 2024 +0200 fuse: support idmapped ->permission inode op We only cover the case when "default_permissions" flag is used. A reason for that is that otherwise all the permission checks are done in the userspace and we have to deal with VFS idmapping in the userspace (which is bad), alternatively we have to provide the userspace with idmapped req->in.h.uid/req->in.h.gid which is also not align with VFS idmaps philosophy. Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Signed-off-by: Miklos Szeredi commit 2a8c810d5e492906fe0af94a6e8b2398714e80e0 Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:17 2024 +0200 fuse: support idmapped getattr inode op We have to: - pass an idmapping to the generic_fillattr() to properly handle UIG/GID mapping for the userspace. - pass -/- to fuse_fillattr() (analog of generic_fillattr() in fuse). Difference between these two is that generic_fillattr() takes all the stat() data from the inode directly, while fuse_fillattr() codepath takes a fresh data just from the userspace reply on the FUSE_GETATTR request. In some cases we can just pass &nop_mnt_idmap, because idmapping won't be used in these codepaths. For example, when 3rd argument of fuse_do_getattr() is NULL then idmap argument is not used. Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Signed-off-by: Miklos Szeredi commit 556208e139e19e0b308e104c6b0e42a9e0a54c3a Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:16 2024 +0200 fuse: support idmap for mkdir/mknod/symlink/create/tmpfile We have all the infrastructure in place, we just need to pass an idmapping here. Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Signed-off-by: Miklos Szeredi commit d561254fb7ba451f580becb21ab3472bc0265080 Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:15 2024 +0200 fuse: support idmapped FUSE_EXT_GROUPS We don't need to remap parent_gid, but have to adjust group membership checks and take idmapping into account. Signed-off-by: Alexander Mikhalitsyn Signed-off-by: Miklos Szeredi commit 10dc721836c0c968990a519e147d4cb7decdae5c Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:14 2024 +0200 fuse: add an idmap argument to fuse_simple_request If idmap == NULL *and* filesystem daemon declared idmapped mounts support, then uid/gid values in a fuse header will be -1. No functional changes intended. Signed-off-by: Alexander Mikhalitsyn Signed-off-by: Miklos Szeredi commit aa16880d9f13c6490e80ad614402c8a6fe6f3efa Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:13 2024 +0200 fuse: add basic infrastructure to support idmappings Add some preparational changes in fuse_get_req/fuse_force_creds to handle idmappings. Miklos suggested [1], [2] to change the meaning of in.h.uid/in.h.gid fields when daemon declares support for idmapped mounts. In a new semantic, we fill uid/gid values in fuse header with a id-mapped caller uid/gid (for requests which create new inodes), for all the rest cases we just send -1 to userspace. No functional changes intended. Link: https://lore.kernel.org/all/CAJfpegsVY97_5mHSc06mSw79FehFWtoXT=hhTUK_E-Yhr7OAuQ@mail.gmail.com/ [1] Link: https://lore.kernel.org/all/CAJfpegtHQsEUuFq1k4ZbTD3E1h-GsrN3PWyv7X8cg6sfU_W2Yw@mail.gmail.com/ [2] Signed-off-by: Alexander Mikhalitsyn Signed-off-by: Miklos Szeredi commit 2097154a10c6ee78be8796411e5d0ad81ee06ed6 Author: Alexander Mikhalitsyn Date: Tue Sep 3 17:16:12 2024 +0200 namespace: introduce SB_I_NOIDMAP flag Right now we determine if filesystem support vfs idmappings or not basing on the FS_ALLOW_IDMAP flag presence. This "static" way works perfecly well for local filesystems like ext4, xfs, btrfs, etc. But for network-like filesystems like fuse, cephfs this approach is not ideal, because sometimes proper support of vfs idmaps requires some extensions for the on-wire protocol, which implies that changes have to be made not only in the Linux kernel code but also in the 3rd party components like libfuse, cephfs MDS server and so on. We have seen that issue during our work on cephfs idmapped mounts [1] with Christian, but right now I'm working on the idmapped mounts support for fuse/virtiofs and I think that it is a right time for this extension. [1] 5ccd8530dd7 ("ceph: handle idmapped mounts in create_request_message()") Suggested-by: Christian Brauner Signed-off-by: Alexander Mikhalitsyn Reviewed-by: Christian Brauner Signed-off-by: Miklos Szeredi commit b9fe09a1b293429f456115dae8cf9cecb82b5d13 Author: Frank Li Date: Fri Aug 23 14:58:54 2024 -0400 dt-bindings: PCI: layerscape-pci: Add deprecated property 'num-viewport' Copy the 'num-viewport' property from snps,dw-pcie-common.yaml to fsl,layerscape-pcie.yaml to address the following warning: /arch/arm64/boot/dts/freescale/fsl-ls1012a-frwy.dtb: pcie@3400000: Unevaluated properties are not allowed ('num-viewport' was unexpected) This is necessary due to historical reasons where fsl,layerscape-pcie.yaml does not directly reference snps,dw-pcie-common.yaml. Link: https://lore.kernel.org/linux-pci/20240823185855.776904-1-Frank.Li@nxp.com Signed-off-by: Frank Li [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Acked-by: Rob Herring (Arm) commit 89f1a037e97cb2ec0948eb92bca17e7d8c4fc824 Author: Dragan Simic Date: Tue Aug 20 05:57:47 2024 +0200 arm64: dts: allwinner: a64: Add GPU thermal trips to the SoC dtsi Add thermal trips for the two GPU thermal sensors found in the Allwinner A64. There's only one GPU OPP defined since the commit 1428f0c19f9c ("arm64: dts: allwinner: a64: Run GPU at 432 MHz"), so defining only the critical thermal trips makes sense for the A64's two GPU thermal zones. Having these critical thermal trips defined ensures that no hot spots develop inside the SoC die that exceed the maximum junction temperature. That might have been possible before, although quite unlikely, because the CPU and GPU portions of the SoC are packed closely inside the SoC, so the overheating GPU would inevitably result in the heat soaking into the CPU portion of the SoC, causing the CPU thermal sensor to return high readings and trigger the CPU critical thermal trips. However, it's better not to rely on the heat soak and have the critical GPU thermal trips properly defined instead. Signed-off-by: Dragan Simic Tested-by: Norayr Chilingarian Link: https://lore.kernel.org/r/0a6110a7b27a050bd58ab3663087eecd8e873ac0.1724126053.git.dsimic@manjaro.org Signed-off-by: Chen-Yu Tsai commit 6b5502c1d43d050a652299cd37a06e0b3801e284 Author: Chris Morgan Date: Wed Aug 21 16:54:56 2024 -0500 arm64: dts: allwinner: h700: Add charger for Anbernic RG35XX Add the necessary nodes for the AXP717 to allow for monitoring the USB and battery charger. Signed-off-by: Chris Morgan Link: https://lore.kernel.org/r/20240821215456.962564-16-macroalpha82@gmail.com Signed-off-by: Chen-Yu Tsai commit 1a1bf58897d20fc38b454dfecd2771e142d36966 Author: Frank Li Date: Mon Aug 26 17:38:32 2024 -0400 dt-bindings: PCI: layerscape-pci: Replace fsl,lx2160a-pcie with fsl,lx2160ar2-pcie The fsl,lx2160a-pcie compatible is used for mobivel according to the Documentation/devicetree/bindings/pci/layerscape-pcie-gen4.txt file. Whereas the fsl,layerscape-pcie is used for DesignWare PCIe controller binding. So change it to fsl,lx2160ar2-pcie and allow a fall back to fsl,ls2088a-pcie. While at it, sort compatible string. Fixes: 24cd7ecb3886 ("dt-bindings: PCI: layerscape-pci: Convert to YAML format") Link: https://lore.kernel.org/linux-pci/20240826-2160r2-v1-1-106340d538d6@nxp.com Signed-off-by: Frank Li [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Rob Herring (Arm) commit a5c1bf7e9a4638fbb27461e9801f07204b50dcb6 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:28:43 2024 +0200 dt-bindings: PCI: socionext,uniphier-pcie-ep: Add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clock-names and reset-names. Link: https://lore.kernel.org/linux-pci/20240818172843.121787-3-krzysztof.kozlowski@linaro.org Signed-off-by: Krzysztof Kozlowski Signed-off-by: Krzysztof Wilczyński Reviewed-by: Kunihiko Hayashi Reviewed-by: Rob Herring (Arm) commit c62a0b8fe8bfbaa78efe5de7b30a9d0d225be1ab Author: Krzysztof Kozlowski Date: Sun Aug 18 19:28:42 2024 +0200 dt-bindings: PCI: renesas,pci-rcar-gen2: Add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clocks and clock-names. Link: https://lore.kernel.org/linux-pci/20240818172843.121787-2-krzysztof.kozlowski@linaro.org Signed-off-by: Krzysztof Kozlowski Signed-off-by: Krzysztof Wilczyński Reviewed-by: Rob Herring (Arm) commit ac44be2155cd1e307a3c18af62745e6736817369 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:28:41 2024 +0200 dt-bindings: PCI: hisilicon,kirin-pcie: Add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clock-names and reset-names. Link: https://lore.kernel.org/linux-pci/20240818172843.121787-1-krzysztof.kozlowski@linaro.org Signed-off-by: Krzysztof Kozlowski Signed-off-by: Krzysztof Wilczyński Reviewed-by: Rob Herring (Arm) commit c538d40f365b5b6d7433d371710f58e8b266fb19 Author: Théo Lebrun Date: Wed Jun 19 12:15:15 2024 +0200 PCI: j721e: Add suspend and resume support Add suspend and resume support. Only the Root Complex mode is supported. During the suspend stage PERST# is asserted, then deasserted during the resume stage. Link: https://lore.kernel.org/linux-pci/20240102-j7200-pcie-s2r-v7-7-a2f9156da6c3@bootlin.com Signed-off-by: Théo Lebrun Signed-off-by: Thomas Richard [kwilczynski: commit log, update references to the PCI SIG specification] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Siddharth Vadapalli commit f96b6971373382855bc964f1c067bd6dc41cf0ab Author: Thomas Richard Date: Wed Jun 19 12:15:14 2024 +0200 PCI: j721e: Use T_PERST_CLK_US macro Use the T_PERST_CLK_US macro, and the fsleep() function instead of usleep_range(). Link: https://lore.kernel.org/linux-pci/20240102-j7200-pcie-s2r-v7-6-a2f9156da6c3@bootlin.com Signed-off-by: Thomas Richard Signed-off-by: Krzysztof Wilczyński commit 6aa9c09f1bcd339749b249830c604871740df268 Author: Thomas Richard Date: Wed Jun 19 12:15:13 2024 +0200 PCI: Add T_PERST_CLK_US macro The "Power Sequencing and Reset Signal Timings" table of the PCI Express Card Electromechanical Specification, Revision 5.1, Section 2.9.2, indicates PERST# should be deasserted after minimum of 100us once REFCLK is stable (symbol T_PERST-CLK). Add a macro so that PCIe controller drivers can use it. Link: https://lore.kernel.org/linux-pci/20240102-j7200-pcie-s2r-v7-5-a2f9156da6c3@bootlin.com Signed-off-by: Thomas Richard [kwilczynski: commit log, update sleep interval macros code comments] Signed-off-by: Krzysztof Wilczyński commit 72ffee678f6f7d9ebf5350a6e38f31fd306c9b8a Author: Haoyang Liu Date: Fri Jul 26 01:46:31 2024 +0800 docs: update dev-tools/kcsan.rst url about KTSAN The KTSAN doc has moved to https://github.com/google/kernel-sanitizers/blob/master/KTSAN.md. Update the url in kcsan.rst accordingly. Signed-off-by: Haoyang Liu Reviewed-by: Dongliang Mu Acked-by: Marco Elver Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240725174632.23803-1-tttturtleruss@hust.edu.cn commit e02fcd73779cb7dfd4f31064c6145ca737811f6c Author: Jason Gunthorpe Date: Wed Sep 4 13:40:10 2024 +0100 ARM: 9418/1: dma-mapping: Use iommu_paging_domain_alloc() Since arm_iommu_create_mapping() now accepts the device, let's replace iommu_domain_alloc() with iommu_paging_domain_alloc() to retire the former. Signed-off-by: Lu Baolu Reviewed-by: Jason Gunthorpe Reviewed-by: Vasant Hegde Acked-by: Michael S. Tsirkin Acked-by: Jeff Johnson Signed-off-by: Jason Gunthorpe Signed-off-by: Russell King (Oracle) commit 9e8354b399e99cec3e3546035bee3347a6df2f24 Author: Jason Gunthorpe Date: Wed Sep 4 13:36:02 2024 +0100 ARM: 9417/1: dma-mapping: Pass device to arm_iommu_create_mapping() All users of ARM IOMMU mappings create them for a particular device, so change the interface to accept the device rather than forcing a vague indirection through a bus type. This prepares for making a similar change to iommu_domain_alloc() itself. Signed-off-by: Robin Murphy Signed-off-by: Lu Baolu Reviewed-by: Jason Gunthorpe Reviewed-by: Vasant Hegde Acked-by: Michael S. Tsirkin Acked-by: Jeff Johnson Signed-off-by: Jason Gunthorpe Signed-off-by: Russell King (Oracle) commit 697ba0b6ec4ae04afb67d3911799b5e2043b4455 Author: Alexey Dobriyan Date: Tue Sep 3 22:48:19 2024 +0300 block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blk_ioctl_discard() but for secure erase. Same problem: uint64_t r[2] = {512, 18446744073709551104ULL}; ioctl(fd, BLKSECDISCARD, r); will enter near infinite loop inside blkdev_issue_secure_erase(): a.out: attempt to access beyond end of device loop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048 bio_check_eod: 3286214 callbacks suppressed Signed-off-by: Alexey Dobriyan Link: https://lore.kernel.org/r/9e64057f-650a-46d1-b9f7-34af391536ef@p183 Signed-off-by: Jens Axboe commit a4d398a573d0f0c98c39d4af1866a3edaec4959c Author: Kunwu Chan Date: Mon Sep 2 07:43:23 2024 +0100 ARM: 9416/1: amba: make amba_bustype constant Since commit d492cc2573a0 ("driver core: device.h: make struct bus_type a const *"), the driver core can properly handle constant struct bus_type, move the amba_bustype variable to be a constant structure as well, placing it into read-only memory which can not be modified at runtime. Cc: Greg Kroah-Hartman Suggested-by: Greg Kroah-Hartman Signed-off-by: Kunwu Chan Signed-off-by: Russell King (Oracle) commit e1c88956e200e225f2712de4b5e2be923cf559fc Author: Jim Quinlan Date: Thu Aug 15 18:57:22 2024 -0400 PCI: brcmstb: Don't conflate the reset rescal with PHY ctrl Add a "has_phy" field indicating that the internal PHY has SW control that requires configuration. Some previous chips only required the firing of the "rescal" reset controller. This change requires us to give the 7216 SoC its own cfg_data structure. Link: https://lore.kernel.org/linux-pci/20240815225731.40276-10-james.quinlan@broadcom.com Signed-off-by: Jim Quinlan [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Tested-by: Florian Fainelli Reviewed-by: Florian Fainelli Reviewed-by: Krzysztof Kozlowski Reviewed-by: Manivannan Sadhasivam Reviewed-by: Stanimir Varbanov commit 0d8046037610dcf9e59ece73bf4bbcec1e6a878b Author: Jim Quinlan Date: Thu Aug 15 18:57:21 2024 -0400 PCI: brcmstb: Remove two unused constants from driver Remove two constants in the driver which are no longer used: RGR1_SW_INIT_1_INIT_MASK and RGR1_SW_INIT_1_INIT_SHIFT. Link: https://lore.kernel.org/linux-pci/20240815225731.40276-9-james.quinlan@broadcom.com Signed-off-by: Jim Quinlan Signed-off-by: Krzysztof Wilczyński Tested-by: Florian Fainelli Reviewed-by: Stanimir Varbanov Reviewed-by: Florian Fainelli Reviewed-by: Manivannan Sadhasivam Reviewed-by: Krzysztof Kozlowski commit 30eb2080fe2043c3e61c1ae4bb6917800b10fb08 Author: Jim Quinlan Date: Thu Aug 15 18:57:20 2024 -0400 PCI: brcmstb: PCI: brcmstb: Make HARD_DEBUG, INTR2_CPU_BASE offsets SoC-specific Do preparatory work for the 7712 SoC, which is introduced in a future commit. Our HW design has changed two register offsets for the 7712, where previously it was a common value for all Broadcom SoCs with PCIe cores. Specifically, the two offsets are to the registers HARD_DEBUG and INTR2_CPU_BASE. Link: https://lore.kernel.org/linux-pci/20240815225731.40276-8-james.quinlan@broadcom.com Signed-off-by: Jim Quinlan [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Tested-by: Florian Fainelli Reviewed-by: Florian Fainelli Reviewed-by: Krzysztof Kozlowski Reviewed-by: Manivannan Sadhasivam Reviewed-by: Stanimir Varbanov commit 8201360218c6a42b3f7ff03d8908bd345e3620f4 Author: Jim Quinlan Date: Thu Aug 15 18:57:19 2024 -0400 PCI: brcmstb: Use swinit reset if available The 7712 SoC adds a software init reset device for the PCIe HW. If found in the DT node, use it. Link: https://lore.kernel.org/linux-pci/20240815225731.40276-7-james.quinlan@broadcom.com Signed-off-by: Jim Quinlan Signed-off-by: Krzysztof Wilczyński Reviewed-by: Florian Fainelli Reviewed-by: Manivannan Sadhasivam commit 46cb27f671f2148005ee556b895d6372c6608e27 Author: Jim Quinlan Date: Thu Aug 15 18:57:18 2024 -0400 PCI: brcmstb: Use bridge reset if available The 7712 SoC has a bridge reset which can be described in the device tree. Use it if present. Otherwise, continue to use the legacy method to reset the bridge. Link: https://lore.kernel.org/linux-pci/20240815225731.40276-6-james.quinlan@broadcom.com Signed-off-by: Jim Quinlan [kwilczynski: commit log, refactored function brcm_pcie_bridge_sw_init_set_generic()] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Florian Fainelli Reviewed-by: Manivannan Sadhasivam Reviewed-by: Stanimir Varbanov commit daeed1595b4ddf314bad8ee40b2662e03fd012dc Author: John Ogness Date: Wed Sep 4 14:11:36 2024 +0206 printk: Avoid false positive lockdep report for legacy printing Legacy console printing from printk() caller context may invoke the console driver from atomic context. This leads to a lockdep splat because the console driver will acquire a sleeping lock and the caller may already hold a spinning lock. This is noticed by lockdep on !PREEMPT_RT configurations because it will lead to a problem on PREEMPT_RT. However, on PREEMPT_RT the printing path from atomic context is always avoided and the console driver is always invoked from a dedicated thread. Thus the lockdep splat on !PREEMPT_RT is a false positive. For !PREEMPT_RT override the lock-context before invoking the console driver to avoid the false positive. Do not override the lock-context for PREEMPT_RT in order to allow lockdep to catch any real locking context issues related to the write callback usage. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-18-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 1529bbb6e2619495f146dd519a196b67837fdfa6 Author: John Ogness Date: Wed Sep 4 14:11:35 2024 +0206 printk: nbcon: Assign nice -20 for printing threads It is important that console printing threads are scheduled shortly after a printk call and with generous runtime budgets. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-17-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 5f53ca3ff83b4f2f3ff360bb22bba7a9a3af71a3 Author: John Ogness Date: Wed Sep 4 14:11:34 2024 +0206 printk: Implement legacy printer kthread for PREEMPT_RT The write() callback of legacy consoles usually makes use of spinlocks. This is not permitted with PREEMPT_RT in atomic contexts. For PREEMPT_RT, create a new kthread to handle printing of all the legacy consoles (and nbcon consoles if boot consoles are registered). This allows legacy consoles to work on PREEMPT_RT without requiring modification. (However they will not have the reliability properties guaranteed by nbcon atomic consoles.) Use the existing printk_kthreads_check_locked() to start/stop the legacy kthread as needed. Introduce the macro force_legacy_kthread() to query if the forced threading of legacy consoles is in effect. Although currently only enabled for PREEMPT_RT, this acts as a simple mechanism for the future to allow other preemption models to easily take advantage of the non-interference property provided by the legacy kthread. When force_legacy_kthread() is true, the legacy kthread fulfills the role of the console_flush_type @legacy_offload by waking the legacy kthread instead of printing via the console_lock in the irq_work. If the legacy kthread is not yet available, no legacy printing takes place (unless in panic). If for some reason the legacy kthread fails to create, any legacy consoles are unregistered. With force_legacy_kthread(), the legacy kthread is a critical component for legacy consoles. These changes only affect CONFIG_PREEMPT_RT. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-16-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit def84b4467771d0ea0b55e6a5d0d70eb54bdf46a Author: John Ogness Date: Wed Sep 4 14:11:33 2024 +0206 tty: sysfs: Add nbcon support for 'active' Allow the 'active' attribute to list nbcon consoles. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-15-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit c83a20662dd099dbac9ef6df44134ef446980c56 Author: John Ogness Date: Wed Sep 4 14:11:32 2024 +0206 proc: Add nbcon support for /proc/consoles Update /proc/consoles output to show 'W' if an nbcon console is registered. Since the write_thread() callback is mandatory, it enough just to check if it is an nbcon console. Also update /proc/consoles output to show 'N' if it is an nbcon console. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-14-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit fe6fa88d865e9c1a41b41f92ae0531470c86f0da Author: John Ogness Date: Wed Sep 4 14:11:31 2024 +0206 proc: consoles: Add notation to c_start/c_stop fs/proc/consoles.c:78:13: warning: context imbalance in 'c_start' - wrong count at exit fs/proc/consoles.c:104:13: warning: context imbalance in 'c_stop' - unexpected unlock Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-13-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 5102981d5e2a5a7a12424b5d26c7524ac2899898 Author: John Ogness Date: Wed Sep 4 14:11:30 2024 +0206 printk: nbcon: Show replay message on takeover An emergency or panic context can takeover console ownership while the current owner was printing a printk message. The atomic printer will re-print the message that the previous owner was printing. However, this can look confusing to the user and may even seem as though a message was lost. [3430014.1 [3430014.181123] usb 1-2: Product: USB Audio Add a new field @nbcon_prev_seq to struct console to track the sequence number to print that was assigned to the previous console owner. If this matches the sequence number to print that the current owner is assigned, then a takeover must have occurred. In this case, print an additional message to inform the user that the previous message is being printed again. [3430014.1 ** replaying previous printk message ** [3430014.181123] usb 1-2: Product: USB Audio Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-12-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 75d430372abba5210fbc56a813d2515c001a4f45 Author: John Ogness Date: Wed Sep 4 14:11:29 2024 +0206 printk: Provide helper for message prepending In order to support prepending different texts to printk messages, split out the prepending code into a helper function. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-11-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 13189fa73afae2b961d29132fd36d9cc0be77ecb Author: John Ogness Date: Wed Sep 4 14:11:28 2024 +0206 printk: nbcon: Rely on kthreads for normal operation Once the kthread is running and available (i.e. @printk_kthreads_running is set), the kthread becomes responsible for flushing any pending messages which are added in NBCON_PRIO_NORMAL context. Namely the legacy console_flush_all() and device_release() no longer flush the console. And nbcon_atomic_flush_pending() used by nbcon_cpu_emergency_exit() no longer flushes messages added after the emergency messages. The console context is safe when used by the kthread only when one of the following conditions are true: 1. Other caller acquires the console context with NBCON_PRIO_NORMAL with preemption disabled. It will release the context before rescheduling. 2. Other caller acquires the console context with NBCON_PRIO_NORMAL under the device_lock. 3. The kthread is the only context which acquires the console with NBCON_PRIO_NORMAL. This is satisfied for all atomic printing call sites: nbcon_legacy_emit_next_record() (#1) nbcon_atomic_flush_pending_con() (#1) nbcon_device_release() (#2) It is even double guaranteed when @printk_kthreads_running is set because then _only_ the kthread will print for NBCON_PRIO_NORMAL. (#3) Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-10-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 5c586baa60e46d9fccd04f04e16f8a50b2fbc1af Author: John Ogness Date: Wed Sep 4 14:11:27 2024 +0206 printk: nbcon: Use thread callback if in task context for legacy When printing via console_lock, the write_atomic() callback is used for nbcon consoles. However, if it is known that the current context is a task context, the write_thread() callback can be used instead. Using write_thread() instead of write_atomic() helps to reduce large disabled preemption regions when the device_lock does not disable preemption. This is mainly a preparatory change to allow avoiding write_atomic() completely during normal operation if boot consoles are registered. As a side-effect, it also allows consolidating the printing code for legacy printing and the kthread printer. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-9-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 9b79a3d0d64abae92457cb830baa6c6a717778b0 Author: John Ogness Date: Wed Sep 4 14:11:26 2024 +0206 printk: nbcon: Relocate nbcon_atomic_emit_one() Move nbcon_atomic_emit_one() so that it can be used by nbcon_kthread_func() in a follow-up commit. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-8-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 76f258bf3f2aae570209319944703a92ac64e29e Author: Thomas Gleixner Date: Wed Sep 4 14:11:25 2024 +0206 printk: nbcon: Introduce printer kthreads Provide the main implementation for running a printer kthread per nbcon console that is takeover/handover aware. This includes: - new mandatory write_thread() callback - kthread creation - kthread main printing loop - kthread wakeup mechanism - kthread shutdown kthread creation is a bit tricky because consoles may register before kthreads can be created. In such cases, registration will succeed, even though no kthread exists. Once kthreads can be created, an early_initcall will set @printk_kthreads_ready. If there are no registered boot consoles, the early_initcall creates the kthreads for all registered nbcon consoles. If kthread creation fails, the related console is unregistered. If there are registered boot consoles when @printk_kthreads_ready is set, no kthreads are created until the final boot console unregisters. Once kthread creation finally occurs, @printk_kthreads_running is set so that the system knows kthreads are available for all registered nbcon consoles. If @printk_kthreads_running is already set when the console is registering, the kthread is created during registration. If kthread creation fails, the registration will fail. Until @printk_kthreads_running is set, console printing occurs directly via the console_lock. kthread shutdown on system shutdown/reboot is necessary to ensure the printer kthreads finish their printing so that the system can cleanly transition back to direct printing via the console_lock in order to reliably push out the final shutdown/reboot messages. @printk_kthreads_running is cleared before shutting down the individual kthreads. The kthread uses a new mandatory write_thread() callback that is called with both device_lock() and the console context acquired. The console ownership handling is necessary for synchronization against write_atomic() which is synchronized only via the console context ownership. The device_lock() serializes acquiring the console context with NBCON_PRIO_NORMAL. It is needed in case the device_lock() does not disable preemption. It prevents the following race: CPU0 CPU1 [ task A ] nbcon_context_try_acquire() # success with NORMAL prio # .unsafe == false; // safe for takeover [ schedule: task A -> B ] WARN_ON() nbcon_atomic_flush_pending() nbcon_context_try_acquire() # success with EMERGENCY prio # flushing nbcon_context_release() # HERE: con->nbcon_state is free # to take by anyone !!! nbcon_context_try_acquire() # success with NORMAL prio [ task B ] [ schedule: task B -> A ] nbcon_enter_unsafe() nbcon_context_can_proceed() BUG: nbcon_context_can_proceed() returns "true" because the console is owned by a context on CPU0 with NBCON_PRIO_NORMAL. But it should return "false". The console is owned by a context from task B and we do the check in a context from task A. Note that with these changes, the printer kthreads do not yet take over full responsibility for nbcon printing during normal operation. These changes only focus on the lifecycle of the kthreads. Co-developed-by: John Ogness Signed-off-by: John Ogness Signed-off-by: Thomas Gleixner (Intel) Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-7-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit fb9fabf3d86216961d1103ecbc33e98d5f6c48f5 Author: John Ogness Date: Wed Sep 4 14:11:24 2024 +0206 printk: nbcon: Init @nbcon_seq to highest possible When initializing an nbcon console, have nbcon_alloc() set @nbcon_seq to the highest possible sequence number. For all practical purposes, this will guarantee that the console will have nothing to print until later when @nbcon_seq is set to the proper initial printing value. This will be particularly important once kthread printing is introduced because nbcon_alloc() can create/start the kthread before the desired initial sequence number is known. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-6-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 6cb58cfebb293286f5ce8f6fba3e29122308e9e0 Author: John Ogness Date: Wed Sep 4 14:11:23 2024 +0206 printk: nbcon: Add context to usable() and emit() The nbcon consoles will have two callbacks to be used for different contexts. In order to determine if an nbcon console is usable, console_is_usable() must know if it is a context that will need to use the optional write_atomic() callback. Also, nbcon_emit_next_record() must know which callback it needs to call. Add an extra parameter @use_atomic to console_is_usable() and nbcon_emit_next_record() to specify this. Since so far only the write_atomic() callback exists, @use_atomic is set to true for all call sites. For legacy consoles, @use_atomic is not used. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-5-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 0e53e2d9f72080b7ea1a4003558041fee78cdef9 Author: John Ogness Date: Wed Sep 4 14:11:22 2024 +0206 printk: Flush console on unregister_console() Ensure consoles have flushed pending records before unregistering. The console should print up to at least its related "console disabled" record. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-4-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit e37577ebbf1e875f8cc6159f25a1b559018d087f Author: John Ogness Date: Wed Sep 4 14:11:21 2024 +0206 printk: Fail pr_flush() if before SYSTEM_SCHEDULING A follow-up change adds pr_flush() to console unregistration. However, with boot consoles unregistration can happen very early if there are also regular consoles registering as well. In this case the pr_flush() is not important because all consoles are flushed when checking the initial console sequence number. Allow pr_flush() to fail if @system_state has not yet reached SYSTEM_SCHEDULING. This avoids might_sleep() and msleep() explosions that would otherwise occur: [ 0.436739][ T0] printk: legacy console [ttyS0] enabled [ 0.439820][ T0] printk: legacy bootconsole [earlyser0] disabled [ 0.446822][ T0] BUG: scheduling while atomic: swapper/0/0/0x00000002 [ 0.450491][ T0] 1 lock held by swapper/0/0: [ 0.457897][ T0] #0: ffffffff82ae5f88 (console_mutex){+.+.}-{4:4}, at: console_list_lock+0x20/0x70 [ 0.463141][ T0] Modules linked in: [ 0.465307][ T0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.10.0-rc1+ #372 [ 0.469394][ T0] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014 [ 0.474402][ T0] Call Trace: [ 0.476246][ T0] [ 0.481473][ T0] dump_stack_lvl+0x93/0xb0 [ 0.483949][ T0] dump_stack+0x10/0x20 [ 0.486256][ T0] __schedule_bug+0x68/0x90 [ 0.488753][ T0] __schedule+0xb9b/0xd80 [ 0.491179][ T0] ? lock_release+0xb5/0x270 [ 0.493732][ T0] schedule+0x43/0x170 [ 0.495998][ T0] schedule_timeout+0xc5/0x1e0 [ 0.498634][ T0] ? __pfx_process_timeout+0x10/0x10 [ 0.501522][ T0] ? msleep+0x13/0x50 [ 0.503728][ T0] msleep+0x3c/0x50 [ 0.505847][ T0] __pr_flush.constprop.0.isra.0+0x56/0x500 [ 0.509050][ T0] ? _printk+0x58/0x80 [ 0.511332][ T0] ? lock_is_held_type+0x9c/0x110 [ 0.514106][ T0] unregister_console_locked+0xe1/0x450 [ 0.517144][ T0] register_console+0x509/0x620 [ 0.519827][ T0] ? __pfx_univ8250_console_init+0x10/0x10 [ 0.523042][ T0] univ8250_console_init+0x24/0x40 [ 0.525845][ T0] console_init+0x43/0x210 [ 0.528280][ T0] start_kernel+0x493/0x980 [ 0.530773][ T0] x86_64_start_reservations+0x18/0x30 [ 0.533755][ T0] x86_64_start_kernel+0xae/0xc0 [ 0.536473][ T0] common_startup_64+0x12c/0x138 [ 0.539210][ T0] And then the kernel goes into an infinite loop complaining about: 1. releasing a pinned lock 2. unpinning an unpinned lock 3. bad: scheduling from the idle thread! 4. goto 1 Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-3-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit bd07d864522e7c3e4ee364e91aee8754992f5855 Author: John Ogness Date: Wed Sep 4 14:11:20 2024 +0206 printk: nbcon: Add function for printers to reacquire ownership Since ownership can be lost at any time due to handover or takeover, a printing context _must_ be prepared to back out immediately and carefully. However, there are scenarios where the printing context must reacquire ownership in order to finalize or revert hardware changes. One such example is when interrupts are disabled during printing. No other context will automagically re-enable the interrupts. For this case, the disabling context _must_ reacquire nbcon ownership so that it can re-enable the interrupts. Provide nbcon_reacquire_nobuf() for exactly this purpose. It allows a printing context to reacquire ownership using the same priority as its previous ownership. Note that after a successful reacquire the printing context will have no output buffer because that has been lost. This function cannot be used to resume printing. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240904120536.115780-2-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 9b2b9b66d532197d08efa1eba157fc484c3657bc Author: Ian Rogers Date: Tue Sep 3 21:43:51 2024 -0700 perf jevents: Add cpuid to model lookup command When restricting jevents generated json lookup code with JEVENTS_MODEL a list of models must be provided. Some builds don't know model names but know cpuids. Add a command that can convert a cpuid to a model using mapfile.csv files. This can be used with JEVENTS_MODEL like: $ make JEVENTS_MODEL=`./pmu-events/models.py x86 'GenuineIntel-6-8D-1,AuthenticAMD-26-1' pmu-events/arch/` Committer testing: $ tools/perf/pmu-events/models.py x86 'GenuineIntel-6-8D-1,AuthenticAMD-26-1' tools/perf/pmu-events/arch/ tigerlake,amdzen5 $ perf stat -v sleep 1 |& head -1 Using CPUID GenuineIntel-6-B7-1 $ tools/perf/pmu-events/models.py x86 'GenuineIntel-6-B7-1' tools/perf/pmu-events/arch/ alderlake $ Signed-off-by: Ian Rogers Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240904044351.712080-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 7d8abc5f3b5ce0f53d499279d8defc0f72bf7557 Author: Alexander Stein Date: Wed Jul 17 10:55:16 2024 +0200 thermal/drivers/imx_sc_thermal: Use dev_err_probe This adds the error code to the error message and also stores that message in case of probe deferral. Signed-off-by: Alexander Stein Link: https://lore.kernel.org/r/20240717085517.3333385-1-alexander.stein@ew.tq-group.com Signed-off-by: Daniel Lezcano commit 2be6190cd75cd2029ced5ccef057e15939f48c4a Author: Alvaro Parker Date: Tue Sep 3 13:22:14 2024 -0400 block: fix comment to use set_current_state The explanatory comment used `set_task_state` instead of `set_current_state` which is the function actually used in the code. Signed-off-by: Alvaro Parker Link: https://lore.kernel.org/r/20240903172214.520086-1-alparkerdf@gmail.com Signed-off-by: Jens Axboe commit 5854809b51f4e3868202d9b45e628133d76b48cd Author: Jens Wiklander Date: Mon Sep 2 12:58:03 2024 +0200 rpmb: fix error path in rpmb_dev_register() Until this patch was rpmb_dev_register() always freeing rdev in the error path. However, past device_register() it must not do that since the memory is now managed by the device even if it failed to register properly. So fix this by doing a put_device() before returning the error code. Fixes the smatch warning: drivers/misc/rpmb-core.c:204 rpmb_dev_register() warn: freeing device managed memory (leak): 'rdev' Fixes: 1e9046e3a154 ("rpmb: add Replay Protected Memory Block (RPMB) subsystem") Reported-by: Dan Carpenter Signed-off-by: Jens Wiklander Link: https://lore.kernel.org/r/20240902105803.2885544-1-jens.wiklander@linaro.org Signed-off-by: Ulf Hansson commit 1bda29aef6e19662496244b2b3f7eb2a6edf0cd5 Author: Andy Shevchenko Date: Thu Aug 22 16:05:41 2024 +0300 platform/x86: int3472: Use str_high_low() Use str_high_low() rather than open coding. Reviewed-by: Ilpo Järvinen Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240822130722.1261891-5-andriy.shevchenko@linux.intel.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit d2b27d8eb8795736358706c3c5ab3b572f641d3a Author: Andy Shevchenko Date: Thu Aug 22 16:05:40 2024 +0300 platform/x86: int3472: Use GPIO_LOOKUP() macro Use GPIO_LOOKUP() macro which provides a compound literal and can be used with dynamic data. Reviewed-by: Ilpo Järvinen Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240822130722.1261891-4-andriy.shevchenko@linux.intel.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 98ad0b77323ce8c216e5a505fda6b2ea53299231 Author: Aditya Gupta Date: Wed Sep 4 11:48:31 2024 +0530 perf check: Introduce 'check' subcommand Currently the presence of a feature is checked with a combination of perf version --build-options and greps, such as: perf version --build-options | grep " on .* HAVE_FEATURE" Instead of this, introduce a subcommand "perf check feature", with which scripts can test for presence of a feature, such as: perf check feature HAVE_FEATURE 'perf check feature' command is expected to have exit status of 0 if feature is built-in, and 1 if it's not built-in or if feature is not known. Multiple features can also be passed as a comma-separated list, in which case the exit status will be 1 only if all of the passed features are built-in. For example, with below command, it will have exit status of 0 only if both libtraceevent and bpf are enabled, else 1 in all other cases perf check feature libtraceevent,bpf The arguments are case-insensitive. An array 'supported_features' has also been introduced that can be used by other commands like 'perf version --build-options', so that new features can be added in one place, with the array Committer testing: $ perf check feature libtraceevent,bpf libtraceevent: [ on ] # HAVE_LIBTRACEEVENT bpf: [ on ] # HAVE_LIBBPF_SUPPORT $ perf check feature libtraceevent libtraceevent: [ on ] # HAVE_LIBTRACEEVENT $ perf check feature bpf bpf: [ on ] # HAVE_LIBBPF_SUPPORT $ perf check -q feature bpf && echo "BPF support is present" BPF support is present $ perf check -q feature Bogus && echo "Bogus support is present" $ Reviewed-by: Athira Rajeev Signed-off-by: Aditya Gupta Tested-by: Arnaldo Carvalho de Melo Cc: Athira Rajeev Cc: Disha Goel Cc: Ian Rogers Cc: Jiri Olsa Cc: Kajol Jain Cc: Madhavan Srinivasan Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240904061836.55873-3-adityag@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 1a5efc9e13f357abc396dbf445b25d08914c8060 Author: Aditya Gupta Date: Wed Sep 4 11:48:30 2024 +0530 libsubcmd: Don't free the usage string Currently, commands which depend on 'parse_options_subcommand()' don't show the usage string, and instead show '(null)' $ ./perf sched Usage: (null) -D, --dump-raw-trace dump raw trace in ASCII -f, --force don't complain, do it -i, --input input file name -v, --verbose be more verbose (show symbol address, etc) 'parse_options_subcommand()' is generally expected to initialise the usage string, with information in the passed 'subcommands[]' array This behaviour was changed in: 230a7a71f92212e7 ("libsubcmd: Fix parse-options memory leak") Where the generated usage string is deallocated, and usage[0] string is reassigned as NULL. As discussed in [1], free the allocated usage string in the main function itself, and don't reset usage string to NULL in parse_options_subcommand With this change, the behaviour is restored. $ ./perf sched Usage: perf sched [] {record|latency|map|replay|script|timehist} -D, --dump-raw-trace dump raw trace in ASCII -f, --force don't complain, do it -i, --input input file name -v, --verbose be more verbose (show symbol address, etc) [1]: https://lore.kernel.org/linux-perf-users/htq5vhx6piet4nuq2mmhk7fs2bhfykv52dbppwxmo3s7du2odf@styd27tioc6e/ Fixes: 230a7a71f92212e7 ("libsubcmd: Fix parse-options memory leak") Suggested-by: Namhyung Kim Signed-off-by: Aditya Gupta Acked-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Athira Rajeev Cc: Disha Goel Cc: Ian Rogers Cc: Jiri Olsa Cc: Kajol Jain Cc: Madhavan Srinivasan Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240904061836.55873-2-adityag@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 5c49cc0ed405cadb60d8c4484f95ffdaf7c6ec5c Author: Takashi Sakamoto Date: Wed Sep 4 21:51:54 2024 +0900 ALSA: firewire: use nonatomic PCM operation In the former commits, the callback of isochronous context runs on usual work process. In the case, ALSA PCM device has a flag, nonatomic, to acquire mutex lock instead of spin lock for PCM substream group. This commit uses the flag. It has an advantage in the case that ALSA PCM application uses the large size of intermediate buffer, since it takes too long time even in tasklet softIRQ to process many of isochronous packets, then result in the delay of system event due to disabled IRQ so long. It is avertible to switch to nonatomic operation. Reviewed-by: Takashi Iwai Tested-by: Edmund Raile Link: https://lore.kernel.org/r/20240904125155.461886-6-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit f62ec13e8b696c58f360f457f1541056872aee99 Author: Takashi Sakamoto Date: Wed Sep 4 21:51:53 2024 +0900 firewire: core: non-atomic memory allocation for isochronous event to user client In the former commits, the callback of isochronous context runs on work process, thus no need to use atomic memory allocation. This commit replaces GFP_ATOMIC with GCP_KERNEL in the callback for user client. Tested-by: Edmund Raile Link: https://lore.kernel.org/r/20240904125155.461886-5-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 5390813c34d799bde1ddf7b726f9b8f78bad67f0 Author: Takashi Sakamoto Date: Wed Sep 4 21:51:52 2024 +0900 firewire: ohci: operate IT/IR events in sleepable work process instead of tasklet softIRQ This commit queues work item for IT/IR events at hardIRQ handler to operate the corresponding isochronous context. The work item is queued to any of worker-pools. The callback for either the implementation of unit protocol and user space clients is executed in sleepable work process context. The change could results in any errors of concurrent processing as well as sleep at atomic context. These errors are fixed by the following commits. Tested-by: Edmund Raile Link: https://lore.kernel.org/r/20240904125155.461886-4-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 4f55ad754d6b7b6fa4ebcfd8c50f7e53e661a78e Author: Takashi Sakamoto Date: Wed Sep 4 21:51:51 2024 +0900 firewire: core: add local API to queue work item to workqueue specific to isochronous contexts In the previous commit, the workqueue is added per the instance of fw_card structure for isochronous contexts. The workqueue is designed to be used by the implementation of fw_card_driver structure underlying the fw_card. This commit adds some local APIs to be used by the implementation. Tested-by: Edmund Raile Link: https://lore.kernel.org/r/20240904125155.461886-3-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit c6fb88a5270f4ba24859f5ecb61cfc731ef16300 Author: Takashi Sakamoto Date: Wed Sep 4 21:51:50 2024 +0900 firewire: core: allocate workqueue to handle isochronous contexts in card This commit adds a workqueue dedicated for isochronous context processing. The workqueue is allocated per instance of fw_card structure to satisfy the following characteristics descending from 1394 OHCI specification: In 1394 OHCI specification, memory pages are reserved to each isochronous context dedicated to DMA transmission. It allows to operate these per-context pages concurrently. Software can schedule hardware interrupt for several isochronous context to the same cycle, thus WQ_UNBOUND is specified. Additionally, it is sleepable to operate the content of pages, thus WQ_BH is not used. The isochronous context delivers the packets with time stamp, thus WQ_HIGHPRI is specified for semi real-time data such as IEC 61883-1/6 protocol implemented by ALSA firewire stack. The isochronous context is not used by the implementation of SCSI over IEEE1394 protocol (sbp2), thus WQ_MEM_RECLAIM is not specified. It is useful for users to adjust cpu affinity of the workqueue depending on their work loads, thus WQ_SYS is specified to expose the attributes to user space. Tested-by: Edmund Raile Link: https://lore.kernel.org/r/20240904125155.461886-2-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit fa6cc3f932584a5fb5eedd2261fdf0058e1d8828 Author: Ian Rogers Date: Tue Sep 3 22:06:05 2024 -0700 perf parse-events: Vary default_breakpoint_len on i386 and arm64 On arm64 the breakpoint length should be 4-bytes but 8-bytes is tolerated as perf passes that as sizeof(long). Just pass the correct value. On i386 the sizeof(long) check in the kernel needs to match the kernel's long size. Check using an environment (uname checks) whether 4 or 8 bytes needs to be passed. Cache the value in a static. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Athira Rajeev Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Junhao He Cc: Kan Liang Cc: Mark Rutland Cc: Masami Hiramatsu Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Yang Jihong Link: https://lore.kernel.org/r/20240904050606.752788-6-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 70b27c756f95156f51b1e28ec7d1b16a539d5487 Author: Ian Rogers Date: Tue Sep 3 22:06:04 2024 -0700 perf parse-events: Add default_breakpoint_len helper The default breakpoint length is "sizeof(long)" however this is incorrect on platforms like Aarch64 where sizeof(long) is 8 but the breakpoint length is 4. Add a helper function that can be used to determine the correct breakpoint length, in this change it just returns the existing default sizeof(long) value. Use the helper in the bp_account test so that, when modifying the event from a watchpoint to a breakpoint, the breakpoint length is appropriate for the architecture and not just sizeof(long). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Athira Rajeev Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Junhao He Cc: Kan Liang Cc: Mark Rutland Cc: Masami Hiramatsu Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Yang Jihong Link: https://lore.kernel.org/r/20240904050606.752788-5-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 9d56d4aa1b7b0e05e829d8f3db26a1c33a4fcd44 Merge: 3d4d0fa4fc32f0 e3b5fa0f081b1e Author: Marc Kleine-Budde Date: Wed Sep 4 14:48:17 2024 +0200 Merge patch series "can: rockchip_canfd: add support for CAN-FD IP core found on Rockchip RK3568" Marc Kleine-Budde says: This series adds support for the CAN-FD IP core found on the Rockchip RK3568. The IP core is a bit complicated and has several documented errata. The driver is added in several stages, first the base driver including the RX-path. Then several workarounds for errata and the TX-path, and finally features like hardware time stamping, loop-back mode and bus error reporting. Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-0-8ae22bcb27cc@pengutronix.de [mkl: removed DTS patches] Signed-off-by: Marc Kleine-Budde commit 66cb96af8394e016df90f51c637b78b59e3429d7 Author: Andres Salomon Date: Tue Aug 20 03:33:35 2024 -0400 platform/x86:dell-laptop: remove duplicate code w/ battery function The dell battery patch added dell_send_request_for_tokenid() and dell_set_std_token_value(), which encapsulates a very common pattern when SMBIOS queries are addressed to token->location. This calls them in various places outside of the dell laptop code, allowing us to delete a bunch of code. Also some very minor cleanups: - mark the kbd init functions as __init - don't read buffer.output unless dell_send_request() was successful. - actually return errors from micmute_led_set/mute_led_set instead of always returning 0. Only minor behavior changes; the delayed read of buffer.output and actually returning errors for the brightness_set_blocking hooks. Signed-off-by: Andres Salomon Reviewed-by: Pali Rohár Link: https://lore.kernel.org/r/20240820033335.4f68b162@5400 Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit ab58016c68cc5b8c3622e38b7db64994e4833d9f Author: Andres Salomon Date: Tue Aug 20 03:30:05 2024 -0400 platform/x86:dell-laptop: Add knobs to change battery charge settings The Dell BIOS allows you to set custom charging modes, which is useful in particular for extending battery life. This adds support for tweaking those various settings from Linux via sysfs knobs. One might, for example, have their laptop plugged into power at their desk the vast majority of the time and choose fairly aggressive battery-saving settings (eg, only charging once the battery drops below 50% and only charging up to 80%). When leaving for a trip, it would be more useful to instead switch to a standard charging mode (top off at 100%, charge any time power is available). Rebooting into the BIOS to change the charging mode settings is a hassle. For the Custom charging type mode, we reuse the common charge_control_{start,end}_threshold sysfs power_supply entries. The BIOS also has a bunch of other charging modes (with varying levels of usefulness), so this also adds a 'charge_type' sysfs entry that maps the standard values to Dell-specific ones. This work is based on a patch by Perry Yuan and Limonciello Mario submitted back in 2020. Hans de Goede: s/charge_type/charge_types/ since charge_types_show() used the new charge_types power-supply property output format. Signed-off-by: Andres Salomon Reviewed-by: Pali Rohár Link: https://lore.kernel.org/r/20240820033005.09e03af1@5400 Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit e3b5fa0f081b1eca1e5b6771a524e1c633e9a788 Author: Marc Kleine-Budde Date: Tue Dec 19 12:33:30 2023 +0100 can: rockchip_canfd: add support for CAN_CTRLMODE_BERR_REPORTING Add support for Bus Error Reporting. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-20-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit edf1dd18c8f9c7ef01c6e0e934a9526f9acae873 Author: Marc Kleine-Budde Date: Mon Dec 25 18:51:11 2023 +0100 can: rockchip_canfd: add support for CAN_CTRLMODE_LOOPBACK Add support for loopback mode. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-19-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 4e1a18bab1244204f873103eef1c0c88f794be85 Author: Marc Kleine-Budde Date: Wed Nov 22 17:44:34 2023 +0100 can: rockchip_canfd: add hardware timestamping support Add support for hardware based timestamping. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-18-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit a5605d61c7dd9473498d402a725ca49c915b0ac4 Author: Marc Kleine-Budde Date: Thu Jan 18 08:54:23 2024 +0100 can: rockchip_canfd: enable full TX-FIFO depth of 2 The previous commit prepared the TX path to make use of the full TX-FIFO depth as much as possible. Increase the available TX-FIFO depth to the hardware maximum of 2. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-17-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit ae002cc32ec49d9845cf361a81cd4a7a91a0384e Author: Marc Kleine-Budde Date: Wed Jan 17 18:56:35 2024 +0100 can: rockchip_canfd: prepare to use full TX-FIFO depth So far the TX-FIFO is only used with a depth of 1, although the hardware offers a depth of 2. The workaround for the chips that are affected by erratum 6, i.e. EFF frames may be send as standard frames, is to re-send the EFF frame. This means the driver cannot queue the next frame for sending, as long ad the EFF frame has not been successfully send out. Introduce rkcanfd_get_effective_tx_free() that returns "0" space in the TX-FIFO if an EFF frame is pending and the actual free space in the TX-FIFO otherwise. Then replace rkcanfd_get_tx_free() with rkcanfd_get_effective_tx_free() everywhere. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-16-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 669904d14609352b5c46b898b8560ffe46bcab78 Author: Marc Kleine-Budde Date: Thu Dec 14 14:45:09 2023 +0100 can: rockchip_canfd: add stats support for errata workarounds The driver contains workarounds for some of the rk3568v2 errata. Add ethtool-based statistics ("ethtool -S") to track how often an erratum workaround was needed. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-15-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 7ba7111b5f9e754e21ea508754c43238c5528c3d Author: Marc Kleine-Budde Date: Sun Dec 10 14:43:14 2023 +0100 can: rockchip_canfd: rkcanfd_get_berr_counter_corrected(): work around broken {RX,TX}ERRORCNT register Tests show that sometimes both CAN bus error counters read 0x0, even if the controller is in warning mode (RKCANFD_REG_STATE_ERROR_WARNING_STATE in RKCANFD_REG_STATE set). To work around this issue, if both error counters read from hardware are 0x0, use the structure priv->bec, otherwise save the read value in priv->bec. In rkcanfd_handle_rx_int_one() decrement the priv->bec.rxerr for successfully RX'ed CAN frames. In rkcanfd_handle_tx_done_one() decrement the priv->bec.txerr for successfully TX'ed CAN frames. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-14-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 83f9bd6bf39de5865372d45edbe0cf7b19c285c5 Author: Marc Kleine-Budde Date: Fri Nov 24 08:54:32 2023 +0100 can: rockchip_canfd: implement workaround for erratum 12 The rk3568 CAN-FD errata sheet as of Tue 07 Nov 2023 11:25:31 +08:00 says: | A dominant bit at the third bit of the intermission may cause a | transmission error. | | When sampling the third bit of the intermission as a dominant bit, if | tx_req is configured to transmit extended frames at this time, the | extended frame may be sent to the bus in the format of a standard | frame. The extended frame will be sent as a standard frame and will not | result in error frames Turn on "Interframe Spaceing RX Mode" only during TX to work around erratum 12, according to rock-chip: | Spaceing RX Mode = 1, the third Bit between frames cannot receive | and send, and the fourth Bit begins to receive and send. | | Spaceing RX Mode = 0, allowing the third Bit between frames to | receive and send. Message-ID: Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-13-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 58d3cc65a241953d40490329fb7638a93f95dd78 Author: Marc Kleine-Budde Date: Fri Nov 24 09:27:00 2023 +0100 can: rockchip_canfd: implement workaround for erratum 6 The rk3568 CAN-FD errata sheet as of Tue 07 Nov 2023 11:25:31 +08:00 says: | The CAN controller's transmission of extended frames may | intermittently change into standard frames. | | When using the CAN controller to send extended frames, if the | 'tx_req' is configured as 1 and coincides with the internal | transmission point, the extended frame will be transmitted onto the | bus in the format of a standard frame. To work around Erratum 6, the driver is in self-receiving mode (RXSTX) and all received CAN frames are passed through rkcanfd_rxstx_filter(). Add a check in rkcanfd_rxstx_filter() whether the received frame corresponds to the current outgoing frame, but the extended CAN ID has been mangled to a standard ID. In this case re-send the original CAN frame. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-12-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit b6661d73290c572645ebdf7119974927444f4a7d Author: Marc Kleine-Budde Date: Fri Nov 24 21:37:36 2023 +0100 can: rockchip_canfd: add TX PATH The IP core has a TX event FIFO. In other IP cores, this type of FIFO usually contains the events that a CAN frame has been successfully sent. However, the IP core on the rk3568v2 the FIFO also holds events of unsuccessful transmission attempts. It turned out that the best way to work around this problem is to set the IP core to self-receive mode (RXSTX), filter out the self-received frames and insert them into the complete TX path. Add a pair new functions to check if 2 struct canfd_frame are equal. The 1st checks if the header of the CAN frames are equal, the 2nd checks if the data portion are equal: - rkcanfd_can_frame_header_equal() - rkcanfd_can_frame_data_equal() Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-11-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 25e024c3491cba0e22135720c7adaf52c0f1f019 Author: Marc Kleine-Budde Date: Tue Dec 12 13:57:55 2023 +0100 can: rockchip_canfd: rkcanfd_register_done(): add warning for erratum 5 Tests on the rk3568v2 and rk3568v3 show that a reduced "baudclk" (e.g. 80MHz, compared to the standard 300MHz) significantly increases the possibility of incorrect FIFO counters, i.e. erratum 5. Print an info message if the clock is below the known good value of 300MHz. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-10-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 6571354269f87ddbe0d0b8c890119326145b08d0 Author: Marc Kleine-Budde Date: Thu Jan 4 10:45:38 2024 +0100 can: rockchip_canfd: rkcanfd_handle_rx_int_one(): implement workaround for erratum 5: check for empty FIFO The rk3568 CAN-FD errata sheet as of Tue 07 Nov 2023 11:25:31 +08:00 says: | Erratum 5: Counters related to the TXFIFO and RXFIFO exhibit | abnormal counting behavior. | | Due to a bug in the cross-asynchronous logic of the enable signals | for rx_fifo_cnt and txe_fifo_frame_cnt counters, the counts of these | two counters become inaccurate. This issue has resulted in the | inability to use the TXFIFO and RXFIFO functions. The errata sheet mentioned above states that only the rk3568v2 is affected by this erratum, but tests with the rk3568v2 and rk3568v3 show that the RX_FIFO_CNT is sometimes too high. This leads to CAN frames being read from the FIFO, which is then already empty. Further tests on the rk3568v2 and rk3568v3 show that in this situation (i.e. empty FIFO) all elements of the FIFO header (frameinfo, id, ts) contain the same data. On the rk3568v2 and rk3568v3, this problem only occurs extremely rarely with the standard clock of 300 MHz, but almost immediately at 80 MHz. To workaround this problem, check for empty FIFO with rkcanfd_fifo_header_empty() in rkcanfd_handle_rx_int_one() and exit early. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-9-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit fb999a5f990605fa4876525c9f73fc0a37844a2d Author: Marc Kleine-Budde Date: Sun Jul 28 14:53:27 2024 +0200 can: rockchip_canfd: add notes about known issues Even the rk3568v3 has some known issues. Document them together with a reproducer. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-8-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit c158f22fe5562f416bcec4d6a75ae0f9f6661910 Author: Marc Kleine-Budde Date: Sun May 19 15:25:25 2024 +0200 can: rockchip_canfd: add support for rk3568v3 Add the support for the rk3568v3 SoC, the CAN-FD IP core has 7 documented errata. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-7-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit bbdffb341498431ed5e8d97f1f6af49704eeb3e3 Author: Marc Kleine-Budde Date: Tue Dec 19 12:33:30 2023 +0100 can: rockchip_canfd: add quirk for broken CAN-FD support The errata sheets doesn't say anything about CAN-FD, but tests on the rk3568v2 and rk3568v3 show that receiving certain CAN-FD frames triggers an Error Interrupt. Mark the CAN-FD support as broken. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-6-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit bbc783bb7142dc58e6cef27f0308670a7d0ebcce Author: Marc Kleine-Budde Date: Fri Nov 24 08:54:01 2023 +0100 can: rockchip_canfd: add quirks for errata workarounds Add a basic infrastructure for quirks for the 12 documented errata. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-5-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit ff60bfbaf67f219c634cfe89a52250efe8e600d0 Author: Marc Kleine-Budde Date: Wed Oct 11 16:02:32 2023 +0200 can: rockchip_canfd: add driver for Rockchip CAN-FD controller Add driver for the Rockchip CAN-FD controller. The IP core on the rk3568v2 SoC has 12 documented errata. Corrections for these errata will be added in the upcoming patches. Since several workarounds are required for the TX path, only add the base driver that only implements the RX path. Although the RX path implements CAN-FD support, it's not activated in ctrlmode_supported, as the IP core in the rk3568v2 has problems with receiving or sending certain CAN-FD frames. Tested-by: Alibek Omarov Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-4-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit eea3d532d87ada4d844d4b00c2e17879c5ca0e9c Author: Thomas Weißschuh Date: Tue Sep 3 23:20:46 2024 +0200 ACPI: battery: use driver core managed async probing In commit 0f66af530116 ("ACPI: battery: asynchronous init") the ACPI battery driver switched to a custom async driver probing to avoid delaying the system boot. In the meantime the driver core gained its own async probing logic for "slow devices which probing order is not essential for booting the system". Switch over to the core logic and drop the custom one. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240903-acpi-battery-async-v1-1-e4deb74fcdba@weissschuh.net [ rjw: Changelog edit ] Signed-off-by: Rafael J. Wysocki commit c62362e786f30852a13b005c2c6dafcc1537ba06 Author: Andy Shevchenko Date: Tue Sep 3 20:25:20 2024 +0300 Documentation: PM: Discourage use of deprecated macros The Documentation refers to some deprecated macros. Update those parts accordingly. Signed-off-by: Andy Shevchenko Link: https://patch.msgid.link/20240903172520.3568731-1-andriy.shevchenko@linux.intel.com [ rjw: Changelog edit ] Signed-off-by: Rafael J. Wysocki commit 387ce37ed57c5d92400c5cff9d5c887f95db0236 Author: Amit Vadhavana Date: Sun Aug 25 16:36:20 2024 +0530 pm-graph: Update directory handling and installation process in Makefile - Standardize directory variables to support more flexible installations. - Add copyright and licensing information to the Makefile. - Introduce ".PHONY" declarations to ensure that specific targets are always executed, regardless of the presence of files with matching names. - Add a help target to provide usage instructions. Signed-off-by: Amit Vadhavana Acked-by: Todd Brandt Link: https://patch.msgid.link/Update directory handling and installation process in Makefile [ rjw: Changelog edits ] Signed-off-by: Rafael J. Wysocki commit dd7c445beb7baf0ed071aba94341857b07fde69b Author: Yo-Jung (Leo) Lin <0xff07@gmail.com> Date: Sun Aug 25 17:53:50 2024 +0800 pm-graph: Make git ignore sleepgraph.py artifacts By default, sleepgraph.py creates suspend-{date}-{time} directories to store artifacts, or suspend-{date}-{time}-xN if the --multi option is used. Ignore those directories by adding a .gitignore file. Signed-off-by: Yo-Jung (Leo) Lin <0xff07@gmail.com> Acked-by: Todd Brandt Link: https://patch.msgid.link/20240825095353.7578-1-0xff07@gmail.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit 64706ba771f5e8f05b26a1293beed23e83a81b25 Author: Jim Quinlan Date: Thu Aug 15 18:57:17 2024 -0400 PCI: brcmstb: Use common error handling code in brcm_pcie_probe() Refactor the error handling in the bottom half of the probe function for readability. The invocation of clk_prepare_enable() is moved lower in the function and this simplifies a couple of return paths. The dev_err_probe() is also used when it is apt. Link: https://lore.kernel.org/linux-pci/20240815225731.40276-5-james.quinlan@broadcom.com Signed-off-by: Jim Quinlan [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Florian Fainelli Reviewed-by: Manivannan Sadhasivam commit 56d020296a122f814b65f3fb5b3f90d7c4533042 Author: Jim Quinlan Date: Thu Aug 15 18:57:16 2024 -0400 dt-bindings: PCI: brcm,stb-pcie: Add 7712 SoC description Add description for the 7712 SoC, a Broadcom STB sibling chip of the Raspberry Pi 5. The 7712 uses three reset controllers: rescal, for PHY reset calibration; bridge, for the bridge between the PCIe bus and the memory bus; and swinit, which is a "soft" initialization of the PCIe HW. Link: https://lore.kernel.org/linux-pci/20240815225731.40276-4-james.quinlan@broadcom.com Signed-off-by: Jim Quinlan [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Florian Fainelli Reviewed-by: Krzysztof Kozlowski Reviewed-by: Manivannan Sadhasivam commit c64e40caf9eab6bbd3f37d106472723349853b4f Author: Jim Quinlan Date: Thu Aug 15 18:57:15 2024 -0400 dt-bindings: PCI: brcm,stb-pcie: Use maxItems for reset controllers Provide the maxItem property for the reset controllers and drop their superfluous descriptions. Link: https://lore.kernel.org/linux-pci/20240815225731.40276-3-james.quinlan@broadcom.com Signed-off-by: Jim Quinlan [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Florian Fainelli Reviewed-by: Krzysztof Kozlowski commit 8a4db021b9445dd019f1b4e9466c5812ddf9e63a Author: Jim Quinlan Date: Thu Aug 15 18:57:14 2024 -0400 dt-bindings: PCI: brcm,stb-pcie: Change brcmstb maintainer and cleanup Change maintainer: Nicolas has not been active for a while. It also makes sense for a Broadcom employee to be the maintainer as many of the details are privy to Broadcom. Also, alphabetize the compatible strings. Link: https://lore.kernel.org/linux-pci/20240815225731.40276-2-james.quinlan@broadcom.com Signed-off-by: Jim Quinlan [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Florian Fainelli Reviewed-by: Krzysztof Kozlowski commit b8c3255457147162cd713a319a8e2274335449b9 Author: Chen-Yu Tsai Date: Wed Sep 4 17:00:05 2024 +0800 regulator: Move OF-specific regulator lookup code to of_regulator.c There's still a bit of OF-specific code in the regulator device lookup function. Move those bits of code over to of_regulator.c, and create a new function of_regulator_dev_lookup() to encapsulate the code moved out of regulator_dev_lookup(). Also mark of_find_regulator_by_node() as static, since there are no other users in other compile units. There are no functional changes. A line alignment was also fixed. Signed-off-by: Chen-Yu Tsai Link: https://patch.msgid.link/20240904090016.2841572-4-wenst@chromium.org Signed-off-by: Mark Brown commit 7808012003004b5b31e24795af33480d5eed20f1 Merge: 5c26516f090363 4eb7f20bcf0614 Author: David S. Miller Date: Wed Sep 4 13:13:12 2024 +0100 Merge branch 'fbnic-ethtool' Mohsin Bashir says: ==================== eth: Add basic ethtool support for fbnic This patch series adds basic ethtool support for fbnic. Specifically, the two patches focus on the following two features respectively: 1: Enable 'ethtool -i ' to provide driver, firmware and bus information. 2: Provide mac group stats. Changes since v2: - Fix v1 reference link - Fix nit --- v2: https://lore.kernel.org/netdev/20240827205904.1944066-2-mohsin.bashr@gmail.com v1: https://lore.kernel.org/netdev/20240822184944.3882360-1-mohsin.bashr@gmail.com ==================== Signed-off-by: David S. Miller commit 4eb7f20bcf0614fef744af88a2ba3c1c8bfcf189 Author: Mohsin Bashir Date: Mon Sep 2 10:39:07 2024 -0700 eth: fbnic: Add support to fetch group stats Add support for group stats for mac. The fbnic_set_counter help preserve the default values for counters which are not touched by the driver. The 'reset' flag in 'get_eth_mac_stats' allows to choose between resetting the counter to recent most value or fetching the aggregated values of the counter. The 'fbnic_stat_rd64' read 64b stats counters in an atomic fashion using read-read-read approach. This allows to isolate cases where counter is moving too fast making accuracy of the counter questionable. Command: ethtool -S eth0 --groups eth-mac Example Output: eth-mac-FramesTransmittedOK: 421644 eth-mac-FramesReceivedOK: 3849708 eth-mac-FrameCheckSequenceErrors: 0 eth-mac-AlignmentErrors: 0 eth-mac-OctetsTransmittedOK: 64799060 eth-mac-FramesLostDueToIntMACXmitError: 0 eth-mac-OctetsReceivedOK: 5134513531 eth-mac-FramesLostDueToIntMACRcvError: 0 eth-mac-MulticastFramesXmittedOK: 568 eth-mac-BroadcastFramesXmittedOK: 454 eth-mac-MulticastFramesReceivedOK: 276106 eth-mac-BroadcastFramesReceivedOK: 26119 eth-mac-FrameTooLongErrors: 0 Signed-off-by: Mohsin Bashir Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit bd2557a554a0d61c81ef0c1aee2c16d02e225770 Author: Mohsin Bashir Date: Mon Sep 2 10:39:06 2024 -0700 eth: fbnic: Add ethtool support for fbnic Add ethtool ops support and enable 'get_drvinfo' for fbnic. The driver provides firmware version information while the driver name and bus information is provided by ethtool_get_drvinfo(). Signed-off-by: Mohsin Bashir Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit 5c26516f090363b548c51ce892b8bcc46c7dcdbc Author: Jason Xing Date: Tue Sep 3 00:06:10 2024 +0800 selftests: add selftest for UDP SO_PEEK_OFF support Add the SO_PEEK_OFF selftest for UDP. In this patch, I mainly do three things: 1. rename tcp_so_peek_off.c 2. adjust for UDP protocol 3. add selftests into it Suggested-by: Jon Maloy Reviewed-by: Willem de Bruijn Signed-off-by: Jason Xing Signed-off-by: David S. Miller commit 6a428d63717add52bba4175a7fde54d1f9d166e0 Author: Joey Gouly Date: Thu Aug 22 16:11:12 2024 +0100 kselftest/arm64: Add test case for POR_EL0 signal frame records Ensure that we get signal context for POR_EL0 if and only if POE is present on the system. Copied from the TPIDR2 test. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Cc: Mark Brown Cc: Shuah Khan Reviewed-by: Mark Brown Acked-by: Shuah Khan Link: https://lore.kernel.org/r/20240822151113.1479789-30-joey.gouly@arm.com Signed-off-by: Will Deacon commit d3c6e5b1093ac68ef66e3c78564e8fb958180bac Author: Joey Gouly Date: Thu Aug 22 16:11:11 2024 +0100 kselftest/arm64: parse POE_MAGIC in a signal frame Teach the signal frame parsing about the new POE frame, avoids warning when it is generated. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Cc: Mark Brown Cc: Shuah Khan Reviewed-by: Mark Brown Link: https://lore.kernel.org/r/20240822151113.1479789-29-joey.gouly@arm.com Signed-off-by: Will Deacon commit fabf056278b4ccddea4a944a1635fee44033b71f Author: Joey Gouly Date: Thu Aug 22 16:11:10 2024 +0100 kselftest/arm64: add HWCAP test for FEAT_S1POE Check that when POE is enabled, the POR_EL0 register is accessible. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Cc: Mark Brown Cc: Shuah Khan Reviewed-by: Mark Brown Link: https://lore.kernel.org/r/20240822151113.1479789-28-joey.gouly@arm.com Signed-off-by: Will Deacon commit f5b5ea51f78f2ebd94d5a77702bbe5eee8924b50 Author: Joey Gouly Date: Thu Aug 22 16:11:09 2024 +0100 selftests: mm: make protection_keys test work on arm64 The encoding of the pkey register differs on arm64, than on x86/ppc. On those platforms, a bit in the register is used to disable permissions, for arm64, a bit enabled in the register indicates that the permission is allowed. This drops two asserts of the form: assert(read_pkey_reg() <= orig_pkey_reg); Because on arm64 this doesn't hold, due to the encoding. The pkey must be reset to both access allow and write allow in the signal handler. pkey_access_allow() works currently for PowerPC as the PKEY_DISABLE_ACCESS and PKEY_DISABLE_WRITE have overlapping bits set. Access to the uc_mcontext is abstracted, as arm64 has a different structure. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Cc: Andrew Morton Cc: Shuah Khan Cc: Dave Hansen Cc: Aneesh Kumar K.V Acked-by: Dave Hansen Link: https://lore.kernel.org/r/20240822151113.1479789-27-joey.gouly@arm.com Signed-off-by: Will Deacon commit 41bbcf7b4b046b4e7190c1866625aed0fe6f69f6 Author: Joey Gouly Date: Thu Aug 22 16:11:08 2024 +0100 selftests: mm: move fpregs printing arm64's fpregs are not at a constant offset from sigcontext. Since this is not an important part of the test, don't print the fpregs pointer on arm64. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Cc: Andrew Morton Cc: Shuah Khan Cc: Dave Hansen Cc: Aneesh Kumar K.V Acked-by: Dave Hansen Link: https://lore.kernel.org/r/20240822151113.1479789-26-joey.gouly@arm.com Signed-off-by: Will Deacon commit 6354a0184c542f2b8fade9cb0eb843acd3310191 Author: Joey Gouly Date: Thu Aug 22 16:11:07 2024 +0100 kselftest/arm64: move get_header() Put this function in the header so that it can be used by other tests, without needing to link to testcases.c. This will be used by selftest/mm/protection_keys.c Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Cc: Andrew Morton Cc: Shuah Khan Cc: Dave Hansen Cc: Aneesh Kumar K.V Reviewed-by: Mark Brown Link: https://lore.kernel.org/r/20240822151113.1479789-25-joey.gouly@arm.com Signed-off-by: Will Deacon commit b9b9d72de32bcb63ed4d9761907a3e5f352c6f9a Author: Joey Gouly Date: Thu Aug 22 16:11:06 2024 +0100 arm64: add Permission Overlay Extension Kconfig Now that support for POE and Protection Keys has been implemented, add a config to allow users to actually enable it. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Reviewed-by: Anshuman Khandual Acked-by: Catalin Marinas Link: https://lore.kernel.org/r/20240822151113.1479789-24-joey.gouly@arm.com Signed-off-by: Will Deacon commit 4afd00641b220170143f2f7f4b42b26a0abe49b2 Author: Joey Gouly Date: Thu Aug 22 16:11:05 2024 +0100 arm64: enable PKEY support for CPUs with S1POE Now that PKEYs support has been implemented, enable it for CPUs that support S1POE. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Acked-by: Catalin Marinas Reviewed-by: Anshuman Khandual Link: https://lore.kernel.org/r/20240822151113.1479789-23-joey.gouly@arm.com Signed-off-by: Will Deacon commit d0d6e7e0812b24fc3220745d946ddb06a7a911dd Author: Joey Gouly Date: Thu Aug 22 16:11:04 2024 +0100 arm64: enable POE and PIE to coexist Permission Indirection Extension and Permission Overlay Extension can be enabled independently. When PIE is disabled and POE is enabled, the permissions set by POR_EL0 will be applied on top of the permissions set in the PTE. When both PIE and POE are enabled, the permissions set by POR_EL0 will be applied on top of the permissions set by the PIRE0_EL1 register. However PIRE0_EL1 has encodings that specifically enable and disable the overlay from applying. For example: 0001 Read, Overlay applied. 1000 Read, Overlay not applied. Switch to using the 'Overlay applied' encodings in PIRE0_EL1, so that PIE and POE can coexist. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Reviewed-by: Catalin Marinas Link: https://lore.kernel.org/r/20240822151113.1479789-22-joey.gouly@arm.com Signed-off-by: Will Deacon commit 17519819926211e6b2834e00e4554bec0daf22ac Author: Joey Gouly Date: Thu Aug 22 16:11:03 2024 +0100 arm64/ptrace: add support for FEAT_POE Add a regset for POE containing POR_EL0. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Reviewed-by: Mark Brown Reviewed-by: Catalin Marinas Reviewed-by: Anshuman Khandual Link: https://lore.kernel.org/r/20240822151113.1479789-21-joey.gouly@arm.com Signed-off-by: Will Deacon commit 9160f7e909e179f333c2578d3032978e7a60b270 Author: Joey Gouly Date: Thu Aug 22 16:11:02 2024 +0100 arm64: add POE signal support Add PKEY support to signals, by saving and restoring POR_EL0 from the stackframe. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Reviewed-by: Mark Brown Acked-by: Szabolcs Nagy Reviewed-by: Catalin Marinas Reviewed-by: Anshuman Khandual Link: https://lore.kernel.org/r/20240822151113.1479789-20-joey.gouly@arm.com Signed-off-by: Will Deacon commit 7f955be9f887d3ce77afb61ea74d907f06fe6f1e Author: Joey Gouly Date: Thu Aug 22 16:11:01 2024 +0100 arm64: implement PKEYS support Implement the PKEYS interface, using the Permission Overlay Extension. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Reviewed-by: Catalin Marinas Link: https://lore.kernel.org/r/20240822151113.1479789-19-joey.gouly@arm.com Signed-off-by: Will Deacon commit fc2d9cd33040630f9d6ff819f1f326d51b354429 Author: Joey Gouly Date: Thu Aug 22 16:11:00 2024 +0100 arm64: add pte_access_permitted_no_overlay() We do not want take POE into account when clearing the MTE tags. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Reviewed-by: Catalin Marinas Reviewed-by: Anshuman Khandual Link: https://lore.kernel.org/r/20240822151113.1479789-18-joey.gouly@arm.com Signed-off-by: Will Deacon commit 7f0ab607630790fa09532dca6202683a0dac19b9 Author: Joey Gouly Date: Thu Aug 22 16:10:59 2024 +0100 arm64: handle PKEY/POE faults If a memory fault occurs that is due to an overlay/pkey fault, report that to userspace with a SEGV_PKUERR. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Reviewed-by: Catalin Marinas Link: https://lore.kernel.org/r/20240822151113.1479789-17-joey.gouly@arm.com [will: Add ESR.FSC check to data abort handler] Signed-off-by: Will Deacon commit 6580a36dd75acbf9c9a6f040d07dc8a9da329ac9 Author: Joey Gouly Date: Thu Aug 22 16:10:58 2024 +0100 arm64: mask out POIndex when modifying a PTE When a PTE is modified, the POIndex must be masked off so that it can be modified. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Reviewed-by: Catalin Marinas Reviewed-by: Anshuman Khandual Link: https://lore.kernel.org/r/20240822151113.1479789-16-joey.gouly@arm.com Signed-off-by: Will Deacon commit b3c03fe13766f0455c4c77817a2aa385ed89937d Author: Joey Gouly Date: Thu Aug 22 16:10:57 2024 +0100 arm64: convert protection key into vm_flags and pgprot values Modify arch_calc_vm_prot_bits() and vm_get_page_prot() such that the pkey value is set in the vm_flags and then into the pgprot value. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Link: https://lore.kernel.org/r/20240822151113.1479789-15-joey.gouly@arm.com Signed-off-by: Will Deacon commit b66db4f3ccde2fe960ff2d7bb64fe8933e2db7b3 Author: Joey Gouly Date: Thu Aug 22 16:10:56 2024 +0100 arm64: add POIndex defines The 3-bit POIndex is stored in the PTE at bits 60..62. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Acked-by: Catalin Marinas Link: https://lore.kernel.org/r/20240822151113.1479789-14-joey.gouly@arm.com Signed-off-by: Will Deacon commit facaa1373c9aabf8e34109a9cb205ad0f3a8584e Author: Joey Gouly Date: Thu Aug 22 16:10:55 2024 +0100 arm64: re-order MTE VM_ flags VM_PKEY_BIT[012] will use VM_HIGH_ARCH_[012], move the MTE VM flags to accommodate this. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Acked-by: Catalin Marinas Link: https://lore.kernel.org/r/20240822151113.1479789-13-joey.gouly@arm.com Signed-off-by: Will Deacon commit bf83dae90fbc01d66477a3440eaad07da6657fdc Author: Joey Gouly Date: Thu Aug 22 16:10:54 2024 +0100 arm64: enable the Permission Overlay Extension for EL0 Expose a HWCAP and ID_AA64MMFR3_EL1_S1POE to userspace, so they can be used to check if the CPU supports the feature. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Reviewed-by: Catalin Marinas Reviewed-by: Anshuman Khandual Link: https://lore.kernel.org/r/20240822151113.1479789-12-joey.gouly@arm.com Signed-off-by: Will Deacon commit 9f82f15ddfdd60bb9820f09737333b2345e22ab3 Author: Joey Gouly Date: Thu Aug 22 16:10:46 2024 +0100 mm: use ARCH_PKEY_BITS to define VM_PKEY_BITN Use the new CONFIG_ARCH_PKEY_BITS to simplify setting these bits for different architectures. Signed-off-by: Joey Gouly Cc: Andrew Morton Cc: linux-fsdevel@vger.kernel.org Cc: linux-mm@kvack.org Acked-by: Dave Hansen Reviewed-by: Anshuman Khandual Link: https://lore.kernel.org/r/20240822151113.1479789-4-joey.gouly@arm.com Signed-off-by: Will Deacon commit 5626f8d45e0951f418cfc06ad8be71e3f51e585f Author: Joey Gouly Date: Thu Aug 22 16:10:45 2024 +0100 x86/mm: add ARCH_PKEY_BITS to Kconfig The new config option specifies how many bits are in each PKEY. Signed-off-by: Joey Gouly Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: H. Peter Anvin Cc: x86@kernel.org Acked-by: Dave Hansen Link: https://lore.kernel.org/r/20240822151113.1479789-3-joey.gouly@arm.com Signed-off-by: Will Deacon commit 12930e3a86adbcee6b360d659645bce769d0fea1 Author: Joey Gouly Date: Thu Aug 22 16:10:44 2024 +0100 powerpc/mm: add ARCH_PKEY_BITS to Kconfig The new config option specifies how many bits are in each PKEY. Signed-off-by: Joey Gouly Cc: Michael Ellerman Cc: Nicholas Piggin Cc: Christophe Leroy Cc: Aneesh Kumar K.V Cc: Naveen N. Rao Cc: linuxppc-dev@lists.ozlabs.org Acked-by: Michael Ellerman Link: https://lore.kernel.org/r/20240822151113.1479789-2-joey.gouly@arm.com Signed-off-by: Will Deacon commit 487355f111f98a74d86007c4df0ba9f0f9edc172 Author: Joey Gouly Date: Thu Aug 22 16:11:13 2024 +0100 KVM: selftests: get-reg-list: add Permission Overlay registers Add new system registers: - POR_EL1 - POR_EL0 Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Cc: Marc Zyngier Cc: Oliver Upton Cc: Shuah Khan Reviewed-by: Mark Brown Link: https://lore.kernel.org/r/20240822151113.1479789-31-joey.gouly@arm.com Signed-off-by: Will Deacon commit 70ed7238297fb53111e0647e2ec7990ddcbbbb45 Author: Joey Gouly Date: Thu Aug 22 16:10:53 2024 +0100 KVM: arm64: Sanitise ID_AA64MMFR3_EL1 Add the missing sanitisation of ID_AA64MMFR3_EL1, making sure we solely expose S1POE and TCRX (we currently don't support anything else). [joey: Took Marc's patch for S1PIE, and changed it for S1POE] Signed-off-by: Marc Zyngier Signed-off-by: Joey Gouly Link: https://lore.kernel.org/r/20240822151113.1479789-11-joey.gouly@arm.com Signed-off-by: Will Deacon commit 55f4b215fb60f81e97d716fae42f967e435ce156 Author: Joey Gouly Date: Thu Aug 22 16:10:52 2024 +0100 KVM: arm64: use `at s1e1a` for POE FEAT_ATS1E1A introduces a new instruction: `at s1e1a`. This is an address translation, without permission checks. POE allows read permissions to be removed from S1 by the guest. This means that an `at` instruction could fail, and not get the IPA. Switch to using `at s1e1a` so that KVM can get the IPA regardless of S1 permissions. Signed-off-by: Joey Gouly Cc: Marc Zyngier Cc: Oliver Upton Cc: Catalin Marinas Cc: Will Deacon Reviewed-by: Marc Zyngier Link: https://lore.kernel.org/r/20240822151113.1479789-10-joey.gouly@arm.com Signed-off-by: Will Deacon commit b86c9bea634971565f15dc95c1b8752b14651c25 Author: Joey Gouly Date: Thu Aug 22 16:10:50 2024 +0100 KVM: arm64: Save/restore POE registers Define the new system registers that POE introduces and context switch them. Signed-off-by: Joey Gouly Cc: Marc Zyngier Cc: Oliver Upton Cc: Catalin Marinas Cc: Will Deacon Reviewed-by: Marc Zyngier Link: https://lore.kernel.org/r/20240822151113.1479789-8-joey.gouly@arm.com Signed-off-by: Will Deacon commit 160a8e13de6c36270e8c6537b8a944f4e73d2362 Author: Joey Gouly Date: Thu Aug 22 16:10:49 2024 +0100 arm64: context switch POR_EL0 register POR_EL0 is a register that can be modified by userspace directly, so it must be context switched. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Reviewed-by: Catalin Marinas Link: https://lore.kernel.org/r/20240822151113.1479789-7-joey.gouly@arm.com [will: Dropped unnecessary isb()s] Signed-off-by: Will Deacon commit 3496f69391eee225244f0d3f0404142a80b710f5 Author: Joey Gouly Date: Thu Aug 22 16:10:48 2024 +0100 arm64: cpufeature: add Permission Overlay Extension cpucap This indicates if the system supports POE. This is a CPUCAP_BOOT_CPU_FEATURE as the boot CPU will enable POE if it has it, so secondary CPUs must also have this feature. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Acked-by: Catalin Marinas Reviewed-by: Anshuman Khandual Link: https://lore.kernel.org/r/20240822151113.1479789-6-joey.gouly@arm.com Signed-off-by: Will Deacon commit 878c05e8ef846bd1e402ba662d12e575a073e070 Author: Joey Gouly Date: Thu Aug 22 16:10:47 2024 +0100 arm64: disable trapping of POR_EL0 to EL2 Allow EL0 or EL1 to access POR_EL0 without being trapped to EL2. Signed-off-by: Joey Gouly Cc: Catalin Marinas Cc: Will Deacon Acked-by: Catalin Marinas Reviewed-by: Anshuman Khandual Link: https://lore.kernel.org/r/20240822151113.1479789-5-joey.gouly@arm.com [will: Rename Lset_poe_fgt to Lskip_pie_fgt to ease merge with for-next/misc] Signed-off-by: Will Deacon commit 929ebc93ccaa8d183a2ba9f1cf769d1bfb847cca Author: Rafael J. Wysocki Date: Wed Sep 4 13:44:54 2024 +0200 cpufreq: intel_pstate: Set asymmetric CPU capacity on hybrid systems Make intel_pstate use the HWP_HIGHEST_PERF values from MSR_HWP_CAPABILITIES to set asymmetric CPU capacity information via the previously introduced arch_set_cpu_capacity() on hybrid systems without SMT. Setting asymmetric CPU capacity is generally necessary to allow the scheduler to compute task sizes in a consistent way across all CPUs in a system where they differ by capacity. That, in turn, should help to improve scheduling decisions. It is also necessary for the schedutil cpufreq governor to operate as expected on hybrid systems where tasks migrate between CPUs of different capacities. The underlying observation is that intel_pstate already uses MSR_HWP_CAPABILITIES to get CPU performance information which is exposed by it via sysfs and CPU performance scaling is based on it. Thus using this information for setting asymmetric CPU capacity is consistent with what the driver has been doing already. Moreover, HWP_HIGHEST_PERF reflects the maximum capacity of a given CPU including both the instructions-per-cycle (IPC) factor and the maximum turbo frequency and the units in which that value is expressed are the same for all CPUs in the system, so the maximum capacity ratio between two CPUs can be obtained by computing the ratio of their HWP_HIGHEST_PERF values. Of course, in principle that capacity ratio need not be directly applicable at lower frequencies, so using it for providing the asymmetric CPU capacity information to the scheduler is a rough approximation, but it is as good as it gets. Also, measurements indicate that this approximation is not too bad in practice. If the given system is hybrid and non-SMT, the new code disables ITMT support in the scheduler (because it may get in the way of asymmetric CPU capacity code in the scheduler that automatically gets enabled by setting asymmetric CPU capacity) after initializing all online CPUs and finds the one with the maximum HWP_HIGHEST_PERF value. Next, it computes the capacity number for each (online) CPU by dividing the product of its HWP_HIGHEST_PERF and SCHED_CAPACITY_SCALE by the maximum HWP_HIGHEST_PERF. When a CPU goes offline, its capacity is reset to SCHED_CAPACITY_SCALE and if it is the one with the maximum HWP_HIGHEST_PERF value, the capacity numbers for all of the other online CPUs are recomputed. This also takes care of a cleanup during driver operation mode changes. Analogously, when a new CPU goes online, its capacity number is updated and if its HWP_HIGHEST_PERF value is greater than the current maximum one, the capacity numbers for all of the other online CPUs are recomputed. The case when the driver is notified of a CPU capacity change, either through the HWP interrupt or through an ACPI notification, is handled similarly to the CPU online case above, except that if the target CPU is the current highest-capacity one and its capacity is reduced, the capacity numbers for all of the other online CPUs need to be recomputed either. If the driver's "no_trubo" sysfs attribute is updated, all of the CPU capacity information is computed from scratch to reflect the new turbo status. Signed-off-by: Rafael J. Wysocki Reviewed-by: Ricardo Neri Tested-by: Ricardo Neri # scale invariance Link: https://patch.msgid.link/1979653.PYKUYFuaPT@rjwysocki.net [ rjw: Fixed a typo in the changelog ] [ rjw: Renamed 3 new functions and added a comment ] Signed-off-by: Rafael J. Wysocki commit 3360211b2a955a30458de1f2657f0c9f75ef839c Author: Bagas Sanjaya Date: Tue Sep 3 09:47:53 2024 +0700 Documentation: livepatch: Correct release locks antonym "get" doesn't properly fit as an antonym for "release" in the context of locking. Correct it with "acquire". Signed-off-by: Bagas Sanjaya Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240903024753.104609-1-bagasdotme@gmail.com Signed-off-by: Petr Mladek commit 5a9d10145a54f7a3fb6297c0082bf030e04db3bc Author: Rafael J. Wysocki Date: Wed Aug 28 13:47:25 2024 +0200 x86/sched: Add basic support for CPU capacity scaling In order be able to compute the sizes of tasks consistently across all CPUs in a hybrid system, it is necessary to provide CPU capacity scaling information to the scheduler via arch_scale_cpu_capacity(). Moreover, the value returned by arch_scale_freq_capacity() for the given CPU must correspond to the arch_scale_cpu_capacity() return value for it, or utilization computations will be inaccurate. Add support for it through per-CPU variables holding the capacity and maximum-to-base frequency ratio (times SCHED_CAPACITY_SCALE) that will be returned by arch_scale_cpu_capacity() and used by scale_freq_tick() to compute arch_freq_scale for the current CPU, respectively. In order to avoid adding measurable overhead for non-hybrid x86 systems, which are the vast majority in the field, whether or not the new hybrid CPU capacity scaling will be in effect is controlled by a static key. This static key is set by calling arch_enable_hybrid_capacity_scale() which also allocates memory for the per-CPU data and initializes it. Next, arch_set_cpu_capacity() is used to set the per-CPU variables mentioned above for each CPU and arch_rebuild_sched_domains() needs to be called for the scheduler to realize that capacity-aware scheduling can be used going forward. Signed-off-by: Rafael J. Wysocki Acked-by: Peter Zijlstra (Intel) Reviewed-by: Ricardo Neri Tested-by: Ricardo Neri # scale invariance Link: https://patch.msgid.link/10523497.nUPlyArG6x@rjwysocki.net [ rjw: Added parens to function kerneldoc comments ] Signed-off-by: Rafael J. Wysocki commit 77e6a5e40aa393492cf3f1d2623d7d1dff7f33de Author: Liu Jing Date: Tue Sep 3 17:36:23 2024 +0800 ASoC: mediatek: mt2701-cs42448: Optimize redundant code in mt2701_cs42448_machine_probe Utilize the defined parameter 'dev' to make the code cleaner. Signed-off-by: Liu Jing Reviewed-by: Matthias Brugger Link: https://patch.msgid.link/20240903093623.7120-1-liujing@cmss.chinamobile.com Signed-off-by: Mark Brown commit ff09bc366fc45861b35dfeac97baadee16f65aec Merge: 3d4d0fa4fc32f0 51152312dc99e2 Author: David S. Miller Date: Wed Sep 4 11:53:50 2024 +0100 Merge branch 'sparx5-fdma-part-one' Daniel Machon says: ==================== net: microchip: add FDMA library and use it for Sparx5 This patch series is the first of a 2-part series, that adds a new common FDMA library for Microchip switch chips Sparx5 and lan966x. These chips share the same FDMA engine, and as such will benefit from a common library with a common implementation. This also has the benefit of removing a lot open-coded bookkeeping and duplicate code for the two drivers. Additionally, upstreaming efforts for a third chip, lan969x, will begin in the near future. This chip will use the new library too. In this first series, the FDMA library is introduced and used by the Sparx5 switch driver. ################### # Example of use: # ################### - Initialize the rx and tx fdma structs with values for: number of DCB's, number of DB's, channel ID, DB size (data buffer size), and total size of the requested memory. Also provide two callbacks: nextptr_cb() and dataptr_cb() for getting the nextptr and dataptr. - Allocate memory using fdma_alloc_phys() or fdma_alloc_coherent(). - Initialize the DCB's with fdma_dcb_init(). - Add new DCB's with fdma_dcb_add(). - Free memory with fdma_free_phys() or fdma_free_coherent(). ##################### # Patch breakdown: # ##################### Patch #1: introduces library and selects it for Sparx5. Patch #2: includes the fdma_api.h header and removes old symbols. Patch #3: replaces old rx and tx variables with equivalent ones from the fdma struct. Only the variables that can be changed without breaking traffic is changed in this patch. Patch #4: uses the library for allocation of rx buffers. This requires quite a bit of refactoring in this single patch. Patch #5: uses the library for adding DCB's in the rx path. Patch #6: uses the library for freeing rx buffers. Patch #7: uses the library helpers in the rx path. Patch #8: uses the library for allocation of tx buffers. This requires quite a bit of refactoring in this single patch. Patch #9: uses the library for adding DCB's in the tx path. Patch #10: uses the library helpers in the tx path. Patch #11: ditches the existing linked list for storing buffer addresses, and instead uses offsets into contiguous memory. Patch #12: modifies existing rx and tx functions to be direction independent. ==================== Signed-off-by: David S. Miller commit 51152312dc99e2bb952d5bad7e81aefd3be3b97d Author: Daniel Machon Date: Mon Sep 2 16:54:17 2024 +0200 net: sparx5: ditch sparx5_fdma_rx/tx_reload() functions These direction specific functions can be ditched in favor of a single function: sparx5_fdma_reload(), which retrieves the channel id from the fdma struct instead. Signed-off-by: Daniel Machon Reviewed-by: Steen Hegelund Reviewed-by: Jens Emil Schulz Østergaard Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller commit 55e84c3cfd06ae6806ff43fff6985ddf742a2a2a Author: Daniel Machon Date: Mon Sep 2 16:54:16 2024 +0200 net: sparx5: use contiguous memory for tx buffers Currently, the driver uses a linked list for storing the tx buffer addresses. This requires a good amount of extra bookkeeping code. Ditch the linked list in favor of tx buffers being in the same contiguous memory space as the DCB's and the DB's. The FDMA library has a helper for this - so use that. The tx buffer addresses are now retrieved as an offset into the FDMA memory space. Signed-off-by: Daniel Machon Reviewed-by: Steen Hegelund Reviewed-by: Jens Emil Schulz Østergaard Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller commit bb7a60dab43ba79df2c7795172f2c80894f25c50 Author: Daniel Machon Date: Mon Sep 2 16:54:15 2024 +0200 net: sparx5: use library helper for freeing tx buffers The library has the helper fdma_free_phys() for freeing physical FDMA memory. Use it in the exit path. Signed-off-by: Daniel Machon Reviewed-by: Steen Hegelund Reviewed-by: Jens Emil Schulz Østergaard Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller commit f4aa7e361ae2265ccdf2300f0a2ec531caed3f40 Author: Daniel Machon Date: Mon Sep 2 16:54:14 2024 +0200 net: sparx5: use FDMA library for adding DCB's in the tx path Use the fdma_dcb_add() function to add DCB's in the tx path. This gets rid of the open-coding of nextptr and dataptr handling and leaves it to the library. Also, make sure the fdma indexes are advanced using: fdma_dcb_advance(), so that the correct nextptr and dataptr offsets are retrieved. Signed-off-by: Daniel Machon Reviewed-by: Steen Hegelund Reviewed-by: Jens Emil Schulz Østergaard Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller commit 0a5c440850896a0ae5a2cd637b3e84e442520f1d Author: Daniel Machon Date: Mon Sep 2 16:54:13 2024 +0200 net: sparx5: use the FDMA library for allocation of tx buffers Use the two functions: fdma_alloc_phys() and fdma_dcb_init() for tx buffer allocation and use the new buffers throughout. In order to replace the old buffers with the new ones, we have to do the following refactoring: - use fdma_alloc_phys() and fdma_dcb_init() - replace the variables: tx->dma, tx->first_entry and tx->curr_entry with the equivalents from the FDMA struct. - replace uses of sparx5_db_hw and sparx5_tx_dcb_hw with fdma_db and fdma_dcb. - add sparx5_fdma_tx_dataptr_cb callback for obtaining the dataptr. - Initialize FDMA struct values. Signed-off-by: Daniel Machon Reviewed-by: Steen Hegelund Reviewed-by: Jens Emil Schulz Østergaard Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller commit 4ff58c394715ee0828fb82799d4176bfbe0721c9 Author: Daniel Machon Date: Mon Sep 2 16:54:12 2024 +0200 net: sparx5: use a few FDMA helpers in the rx path The library provides helpers for a number of DCB and DB operations. Use these in the rx path. Signed-off-by: Daniel Machon Reviewed-by: Steen Hegelund Reviewed-by: Jens Emil Schulz Østergaard Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller commit 6647f2fd8df056d2bc7c74e25469388ad375d98d Author: Daniel Machon Date: Mon Sep 2 16:54:11 2024 +0200 net: sparx5: use library helper for freeing rx buffers The library has the helper fdma_free_phys() for freeing physical FDMA memory. Use it in the exit path. Signed-off-by: Daniel Machon Reviewed-by: Steen Hegelund Reviewed-by: Jens Emil Schulz Østergaard Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller commit 17b9521086818b1368a7fb2a9612554d6be8c795 Author: Daniel Machon Date: Mon Sep 2 16:54:10 2024 +0200 net: sparx5: use FDMA library for adding DCB's in the rx path Use the fdma_dcb_add() function to add DCB's in the rx path. This gets rid of the open-coding of nextptr and dataptr handling and leaves it to the library. Signed-off-by: Daniel Machon Reviewed-by: Steen Hegelund Reviewed-by: Jens Emil Schulz Østergaard Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller commit 8fec1cea941d32b44bdaeded8ddb11dddcbf1412 Author: Daniel Machon Date: Mon Sep 2 16:54:09 2024 +0200 net: sparx5: use the FDMA library for allocation of rx buffers Use the two functions: fdma_alloc_phys() and fdma_dcb_init() for rx buffer allocation and use the new buffers throughout. In order to replace the old buffers with the new ones, we have to do the following refactoring: - use fdma_alloc_phys() and fdma_dcb_init() - replace the variables: rx->dma, rx->dcb_entries and rx->last_entry with the equivalents from the FDMA struct. - replace uses of sparx5_db_hw and sparx5_rx_dcb_hw with fdma_db and fdma_dcb. - add sparx5_fdma_rx_dataptr_cb callback for obtaining the dataptr. - Initialize FDMA struct values. Signed-off-by: Daniel Machon Reviewed-by: Steen Hegelund Reviewed-by: Jens Emil Schulz Østergaard Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller commit e8218f7a9f4425894048ad87f0064efd06fe19fc Author: Daniel Machon Date: Mon Sep 2 16:54:08 2024 +0200 net: sparx5: replace a few variables with new equivalent ones Replace the old rx and tx variables: channel_id, FDMA_DCB_MAX, FDMA_RX_DCB_MAX_DBS, FDMA_TX_DCB_MAX_DBS, dcb_index and db_index with the equivalents from the FDMA rx and tx structs. These variables are not entangled in any buffer allocation and can therefore be replaced in advance. Signed-off-by: Daniel Machon Reviewed-by: Steen Hegelund Reviewed-by: Jens Emil Schulz Østergaard Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller commit 947a72f40f69fc0341cccf849e4e8a1e70fd4d3c Author: Daniel Machon Date: Mon Sep 2 16:54:07 2024 +0200 net: sparx5: use FDMA library symbols Include and use the new FDMA header, which now provides the required masks and bit offsets for operating on the DCB's and DB's. Signed-off-by: Daniel Machon Reviewed-by: Steen Hegelund Reviewed-by: Jens Emil Schulz Østergaard Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller commit 30e48a75df9c6ead93866bdf1511ca6ecfe17fbe Author: Daniel Machon Date: Mon Sep 2 16:54:06 2024 +0200 net: microchip: add FDMA library Add new FDMA library for interacting with the FDMA engine on Microchip Sparx5 and lan966x switch chips, in an effort to reduce duplicate code and provide a common set of symbols and functions. Signed-off-by: Daniel Machon Reviewed-by: Steen Hegelund Reviewed-by: Jens Emil Schulz Østergaard Reviewed-by: Horatiu Vultur Signed-off-by: David S. Miller commit bda2f1c2d8c0fe93306043462cd6f679844e2171 Author: Andy Shevchenko Date: Tue Sep 3 18:47:55 2024 +0300 pinctrl: baytrail: Drop duplicate return statement No need to repeat 'return ret;' inside and outside conditional. Just use one outside conditional for both cases. Acked-by: Mika Westerberg Signed-off-by: Andy Shevchenko commit d33d5e683b0d3b4f5fc6a49ce17583f8ca663944 Author: John Ogness Date: Tue Aug 27 16:25:31 2024 +0206 printk: nbcon: Use raw_cpu_ptr() instead of open coding There is no need to open code a non-migration-checking this_cpu_ptr(). That is exactly what raw_cpu_ptr() is. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/87plpum4jw.fsf@jogness.linutronix.de Signed-off-by: Petr Mladek commit 8db70faeab9005cbab36e05ba94383075b5cb5db Author: Thorsten Blum Date: Mon Aug 26 00:11:53 2024 +0200 cpu: Fix W=1 build kernel-doc warning Building the kernel with W=1 generates the following warning: kernel/cpu.c:2693: warning: This comment starts with '/**', but isn't a kernel-doc comment. The function topology_is_core_online() is a simple helper function and doesn't need a kernel-doc comment. Use a normal comment instead. Signed-off-by: Thorsten Blum Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240825221152.71951-2-thorsten.blum@toblux.com commit cf19cc576444b0f912d924c6abc32df8511c6f54 Merge: 7c626ce4bae1ac 69231a6fcb638b Author: Will Deacon Date: Wed Sep 4 11:15:52 2024 +0100 Merge remote-tracking branch 'kvmarm/arm64-shared-6.12' into for-next/poe Pull in the AT instruction conversion patch from the KVM arm64 tree, as this is a shared dependency between the POE series from Joey and the AT emulation series for Nested Virtualisation from Marc. commit eb876ea724835126f215c9a5bcc9e6148e2a6d15 Merge: 2dce993165088d 67784a74e258a4 Author: Thomas Gleixner Date: Wed Sep 4 12:15:38 2024 +0200 Merge branch 'linus' into smp/core Pull in upstream changes so further patches don't conflict. commit 79f8b28e85f83563c86f528b91eff19c0c4d1177 Author: Anna-Maria Behnsen Date: Thu Aug 29 17:43:05 2024 +0200 timers: Annotate possible non critical data race of next_expiry Global timers could be expired remotely when the target CPU is idle. After a remote timer expiry, the remote timer_base->next_expiry value is updated while holding the timer_base->lock. When the formerly idle CPU becomes active at the same time and checks whether timers need to expire, this check is done lockless as it is on the local CPU. This could lead to a data race, which was reported by sysbot: https://lore.kernel.org/r/000000000000916e55061f969e14@google.com When the value is read lockless but changed by the remote CPU, only two non critical scenarios could happen: 1) The already update value is read -> everything is perfect 2) The old value is read -> a superfluous timer soft interrupt is raised The same situation could happen when enqueueing a new first pinned timer by a remote CPU also with non critical scenarios: 1) The already update value is read -> everything is perfect 2) The old value is read -> when the CPU is idle, an IPI is executed nevertheless and when the CPU isn't idle, the updated value will be visible on the next tick and the timer might be late one jiffie. As this is very unlikely to happen, the overhead of doing the check under the lock is a way more effort, than a superfluous timer soft interrupt or a possible 1 jiffie delay of the timer. Document and annotate this non critical behavior in the code by using READ/WRITE_ONCE() pair when accessing timer_base->next_expiry. Reported-by: syzbot+bf285fcc0a048e028118@syzkaller.appspotmail.com Signed-off-by: Anna-Maria Behnsen Signed-off-by: Thomas Gleixner Reviewed-by: Frederic Weisbecker Link: https://lore.kernel.org/all/20240829154305.19259-1-anna-maria@linutronix.de Closes: https://lore.kernel.org/lkml/000000000000916e55061f969e14@google.com commit 85a147a986e4feafb9286fabaf03a302a611cd85 Author: Jinjie Ruan Date: Tue Sep 3 11:53:58 2024 +0800 printk: Use the BITS_PER_LONG macro sizeof(unsigned long) * 8 is the number of bits in an unsigned long variable, replace it with BITS_PER_LONG macro to make it simpler. Signed-off-by: Jinjie Ruan Reviewed-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240903035358.308482-1-ruanjinjie@huawei.com Signed-off-by: Petr Mladek commit b1cd063981de572f010092b7afde5ff4b3d923eb Merge: d205c06a326e43 68123510b7c1c6 Author: Arnd Bergmann Date: Wed Sep 4 09:32:52 2024 +0000 Merge tag 'ti-driver-soc-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/ti/linux into soc/drivers TI SoC driver updates for v6.12 - pm33xx/knav_qmss_queue/pruss: Cleanups around device_node scope based cleanups - knav: Additional fixes around of property - k3-ringacc: Optimizations for data structure * tag 'ti-driver-soc-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/ti/linux: soc: ti: pm33xx: do device_node auto cleanup soc: ti: knav_qmss_queue: do device_node auto cleanup soc: ti: pruss: do device_node auto cleanup soc: ti: pruss: factor out memories setup soc: ti: knav: Use of_property_read_variable_u32_array() soc: ti: knav: Drop unnecessary check for property presence soc: ti: k3-ringacc: Constify struct k3_ring_ops Link: https://lore.kernel.org/r/20240903155632.525twuumykwnfkiz@subtitle Signed-off-by: Arnd Bergmann commit 32c055ef563c3a4a73a477839f591b1b170bde8e Author: Michel Alex Date: Mon Sep 2 09:05:53 2024 +0000 clk: imx6ul: fix clock parent for IMX6UL_CLK_ENETx_REF_SEL Commit 4e197ee880c24ecb63f7fe17449b3653bc64b03c ("clk: imx6ul: add ethernet refclock mux support") sets the internal clock as default ethernet clock. Since IMX6UL_CLK_ENET_REF cannot be parent for IMX6UL_CLK_ENET1_REF_SEL, the call to clk_set_parent() fails. IMX6UL_CLK_ENET1_REF_125M is the correct parent and shall be used instead. Same applies for IMX6UL_CLK_ENET2_REF_SEL, for which IMX6UL_CLK_ENET2_REF_125M is the correct parent. Cc: stable@vger.kernel.org Signed-off-by: Alex Michel Reviewed-by: Oleksij Rempel Link: https://lore.kernel.org/r/AS1P250MB0608F9CE4009DCE65C61EEDEA9922@AS1P250MB0608.EURP250.PROD.OUTLOOK.COM Signed-off-by: Abel Vesa commit 2910a7fa1be090fc7637cef0b2e70bcd15bf5469 Author: Jason Gunthorpe Date: Thu Aug 29 21:06:23 2024 -0300 iommu/amd: Do not set the D bit on AMD v2 table entries The manual says that bit 6 is IGN for all Page-Table Base Address pointers, don't set it. Fixes: aaac38f61487 ("iommu/amd: Initial support for AMD IOMMU v2 page table") Reviewed-by: Vasant Hegde Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/14-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit 7e515866299d1d01db6c2bbbc8045218c099ba1f Author: Jason Gunthorpe Date: Thu Aug 29 21:06:22 2024 -0300 iommu/amd: Correct the reported page sizes from the V1 table The HW only has 52 bits of physical address support, the supported page sizes should not have bits set beyond this. Further the spec says that the 6th level does not support any "default page size for translation entries" meaning leafs in the 6th level are not allowed too. Rework the definition to use GENMASK to build the range of supported pages from the top of physical to 4k. Nothing ever uses such large pages, so this is a cosmetic/documentation improvement only. Reported-by: Joao Martins Reviewed-by: Vasant Hegde Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/13-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit c435209f7203d90676e9eeae6c1b2d375fbf0304 Author: Jason Gunthorpe Date: Thu Aug 29 21:06:21 2024 -0300 iommu/amd: Remove the confusing dummy iommu_flush_ops tlb ops The iommu driver is supposed to provide these ops to its io_pgtable implementation so that it can hook the invalidations and do the right thing. They are called by wrapper functions like io_pgtable_tlb_add_page() etc, which the AMD code never calls. Instead it directly calls the AMD IOMMU invalidation functions by casting to the struct protection_domain. Remove it all. Reviewed-by: Vasant Hegde Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/12-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit a06dcb6b7897152e4dafdc9d4d84e9a35d0ae94a Author: Jason Gunthorpe Date: Thu Aug 29 21:06:20 2024 -0300 iommu/amd: Fix typo of , instead of ; Generates the same code, but is not the expected C style. Fixes: aaac38f61487 ("iommu/amd: Initial support for AMD IOMMU v2 page table") Reviewed-by: Vasant Hegde Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/11-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit 485534bfccb23e1c3e5915aca9acce1ecdc07a3f Author: Jason Gunthorpe Date: Thu Aug 29 21:06:19 2024 -0300 iommu/amd: Remove conditions from domain free paths Don't use tlb as some flag to indicate if protection_domain_alloc() completed. Have protection_domain_alloc() unwind itself in the normal kernel style and require protection_domain_free() only be called on successful results of protection_domain_alloc(). Also, the amd_iommu_domain_free() op is never called by the core code with a NULL argument, so remove all the NULL tests as well. Reviewed-by: Vasant Hegde Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/10-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit 9ac0b3380acdece01fa1b361687e3cd988831c55 Author: Jason Gunthorpe Date: Thu Aug 29 21:06:18 2024 -0300 iommu/amd: Narrow the use of struct protection_domain to invalidation The AMD io_pgtable stuff doesn't implement the tlb ops callbacks, instead it invokes the invalidation ops directly on the struct protection_domain. Narrow the use of struct protection_domain to only those few code paths. Make everything else properly use struct amd_io_pgtable through the call chains, which is the correct modular type for an io-pgtable module. Signed-off-by: Jason Gunthorpe Reviewed-by: Vasant Hegde Link: https://lore.kernel.org/r/9-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit 47f218d108950984b24af81f66356ceda380eb74 Author: Jason Gunthorpe Date: Thu Aug 29 21:06:17 2024 -0300 iommu/amd: Store the nid in io_pgtable_cfg instead of the domain We already have memory in the union here that is being wasted in AMD's case, use it to store the nid. Putting the nid here further isolates the io_pgtable code from the struct protection_domain. Fixup protection_domain_alloc so that the NID from the device is provided, at this point dev is never NULL for AMD so this will now allocate the first table pointer on the correct NUMA node. Signed-off-by: Jason Gunthorpe Reviewed-by: Vasant Hegde Link: https://lore.kernel.org/r/8-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit 977fc27ca7f8a83b67ccd91264ac56b0fb996f51 Author: Jason Gunthorpe Date: Thu Aug 29 21:06:16 2024 -0300 iommu/amd: Remove amd_io_pgtable::pgtbl_cfg This struct is already in iop.cfg, we don't need two. AMD is using this API sort of wrong, the cfg is supposed to be passed in and then the allocation function will allocate ops memory and copy the passed config into the new memory. Keep it kind of wrong and pass in the cfg memory that is already part of the pagetable struct. Reviewed-by: Vasant Hegde Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/7-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit 670b57796c5dc1ca58912132cad914cf4b3c0cdd Author: Jason Gunthorpe Date: Thu Aug 29 21:06:15 2024 -0300 iommu/amd: Rename struct amd_io_pgtable iopt to pgtbl There is struct protection_domain iopt and struct amd_io_pgtable iopt. Next patches are going to want to write domain.iopt.iopt.xx which is quite unnatural to read. Give one of them a different name, amd_io_pgtable has fewer references so call it pgtbl, to match pgtbl_cfg, instead. Suggested-by: Alejandro Jimenez Reviewed-by: Vasant Hegde Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/6-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit 1ed2d21d471caf2e4351c2e8bb14143bc8062092 Author: Jason Gunthorpe Date: Thu Aug 29 21:06:14 2024 -0300 iommu/amd: Remove the amd_iommu_domain_set_pt_root() and related Looks like many refactorings here have left this confused. There is only one storage of the root/mode, it is in the iop struct. increase_address_space() calls amd_iommu_domain_set_pgtable() with values that it already stored in iop a few lines above. amd_iommu_domain_clr_pt_root() is zero'ing memory we are about to free. It used to protect against a double free of root, but that is gone now. Remove amd_iommu_domain_set_pgtable(), amd_iommu_domain_set_pt_root(), amd_iommu_domain_clr_pt_root() as they are all pointless. Reviewed-by: Vasant Hegde Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/5-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit 322d889ae7d39f8538a6deac35869aa3be1855bd Author: Jason Gunthorpe Date: Thu Aug 29 21:06:13 2024 -0300 iommu/amd: Remove amd_iommu_domain_update() from page table freeing It is a serious bug if the domain is still mapped to any DTEs when it is freed as we immediately start freeing page table memory, so any remaining HW touch will UAF. If it is not mapped then dev_list is empty and amd_iommu_domain_update() does nothing. Remove it and add a WARN_ON() to catch this class of bug. Reviewed-by: Vasant Hegde Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/4-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit 7a41dcb52f9de6079621fc31c3b84c7fc290934b Author: Jason Gunthorpe Date: Thu Aug 29 21:06:12 2024 -0300 iommu/amd: Set the pgsize_bitmap correctly When using io_pgtable the correct pgsize_bitmap is stored in the cfg, both v1_alloc_pgtable() and v2_alloc_pgtable() set it correctly. This fixes a bug where the v2 pgtable had the wrong pgsize as protection_domain_init_v2() would set it and then do_iommu_domain_alloc() immediately resets it. Remove the confusing ops.pgsize_bitmap since that is not used if the driver sets domain.pgsize_bitmap. Fixes: 134288158a41 ("iommu/amd: Add domain_alloc_user based domain allocation") Reviewed-by: Vasant Hegde Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/3-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit b0a6c883bcd42eeb0850135e529b34b64d57673c Author: Jason Gunthorpe Date: Thu Aug 29 21:06:11 2024 -0300 iommu/amd: Allocate the page table root using GFP_KERNEL Domain allocation is always done under a sleepable context, the v1 path and other drivers use GFP_KERNEL already. Fix the v2 path to also use GFP_KERNEL. Fixes: 0d571dcbe7c6 ("iommu/amd: Allocate page table using numa locality info") Reviewed-by: Vasant Hegde Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/2-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit 8d00b77a52ef4b2091696ca25753d0ab95e4d839 Author: Jason Gunthorpe Date: Thu Aug 29 21:06:10 2024 -0300 iommu/amd: Move allocation of the top table into v1_alloc_pgtable All the page table memory should be allocated/free within the io_pgtable struct. The v2 path is already doing this, make it consistent. It is hard to see but the free of the root in protection_domain_free() is a NOP on the success path because v1_free_pgtable() does amd_iommu_domain_clr_pt_root(). The root memory is already freed because free_sub_pt() put it on the freelist. The free path in protection_domain_free() is only used during error unwind of protection_domain_alloc(). Reviewed-by: Vasant Hegde Signed-off-by: Jason Gunthorpe Link: https://lore.kernel.org/r/1-v2-831cdc4d00f3+1a315-amd_iopgtbl_jgg@nvidia.com Signed-off-by: Joerg Roedel commit f68db46a0977858f8a52987acc54454afd4c2ed5 Author: Frank Li Date: Mon Sep 2 15:30:12 2024 -0400 arm64: dts: imx: rename gpio hog as -hog Rename admin_led_lower to admin-led-lower-hog. Rename gpio rs485_en as rs485-en-hog. Rename gpio uart4_rs485_en to uart4-rs485-en-hog. Fix below warning: arch/arm64/boot/dts/freescale/fsl-ls1088a-ten64.dtb: gpio@76: 'admin_led_lower' does not match any of the regexes: '^(hog-[0-9]+|.+-hog(-[0-9]+)?)$', 'pinctrl-[0-9]+' arch/arm64/boot/dts/freescale/imx8mm-venice-gw72xx-0x-rs232-rts.dtb: gpio@30230000: 'rs485_en' does not match any of the regexes: '^(hog-[0-9]+|.+-hog(-[0-9]+)?)$', 'pinctrl-[0-9]+' arch/arm64/boot/dts/freescale/imx8mm-phygate-tauri-l-rs232-rs232.dtb: gpio@30220000: 'uart4_rs485_en' does not match any of the regexes: '^(hog-[0-9]+|.+-hog(-[0-9]+)?)$', 'pinctrl-[0-9]+' Reviewed-by: Alexander Stein Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 6c2a1f4f71258d42a8a0e7a304d4e87186d7886c Author: Tarang Raval Date: Mon Sep 2 19:15:07 2024 +0530 arm64: dts: imx8mp-var-som-symphony: Add Variscite Symphony board and VAR-SOM-MX8MP SoM Adds the DTSI file for the Variscite VAR-SOM-MX8MP System on Module which is delivered with the Variscite Symphony Evaluation Kit. Initial support includes: - Serial console - eMMC - SD card Signed-off-by: Tarang Raval Reviewed-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit 1a15e6751e2b4a68f699c8715a9936a2f40f6277 Author: Krzysztof Kozlowski Date: Mon Sep 2 09:52:19 2024 +0200 arm64: dts: imx8mm-var-som: drop unused top-level compatible The Variscite VAR-SOM-MX8MM System-on-Module cannot be used alone without motherboard, so drop the top-level compatible field to avoid any false impression that such usage is possible. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Peng Fan Signed-off-by: Shawn Guo commit 6a312e42c599e65e2a4984e92dc2b0eab89051c9 Author: Joy Zou Date: Mon Sep 2 18:36:26 2024 +0800 arm64: dts: ls1088ardb: add new RTC PCF2131 support Add RTC PCF2131 node for new ls1088ardb board.. Signed-off-by: Joy Zou Reviewed-by: Frank Li Signed-off-by: Shawn Guo commit 0b8b11f00a20a23d48ee61b1fedf36d0a05b76fc Author: João Paulo Gonçalves Date: Sun Sep 1 17:57:21 2024 +0200 arm64: dts: colibri-imx8x: Cleanup comments Remove unnecessary comments. The Colibri-iMX8X doesn't support FlexCAN, and the GPU is already enabled in the SOC dtsi. Signed-off-by: João Paulo Gonçalves Signed-off-by: Francesco Dolcini Signed-off-by: Shawn Guo commit 251268b10122134ab84dbac52e7339bf56436951 Author: Philippe Schenker Date: Sun Sep 1 17:57:20 2024 +0200 arm64: dts: colibri-imx8x: Add 50mhz clock for eth Change enet0_lpcg to get the clock value needed in Colibri-iMX8X for 100mbps ethernet. Signed-off-by: Philippe Schenker Signed-off-by: Francesco Dolcini Signed-off-by: Shawn Guo commit 9d4b4f60b5568c460e42d8457420f887a3be7d18 Author: João Paulo Gonçalves Date: Sun Sep 1 17:57:19 2024 +0200 arm64: dts: colibri-imx8x: Add adma_pwm Add adma_pwm node for Colibri-iMX8X carrier boards. Signed-off-by: João Paulo Gonçalves Signed-off-by: Francesco Dolcini Signed-off-by: Shawn Guo commit 6cfdfed8a65d1bfa253f14129baf669c10cfebbd Author: João Paulo Gonçalves Date: Sun Sep 1 17:57:18 2024 +0200 arm64: dts: colibri-imx8x: Add vpu support Enable VPU on Colibri-iMX8X. Signed-off-by: João Paulo Gonçalves Signed-off-by: Francesco Dolcini Signed-off-by: Shawn Guo commit 8b36674659272d22faa65a5788a6837f0edb2d14 Author: Francesco Dolcini Date: Sun Sep 1 17:57:17 2024 +0200 arm64: dts: colibri-imx8x: Add USB3803 HUB Add USB3803 HUB, this is required for Bluetooth and USB functionalities. Signed-off-by: Francesco Dolcini Signed-off-by: Shawn Guo commit 8b23ba41e6a17553e9cdf5bc64f4cc37a38eccb6 Author: Francesco Dolcini Date: Sun Sep 1 17:57:16 2024 +0200 arm64: dts: colibri-imx8x: Add PMIC thermal zone Add PMIC thermal zones. Signed-off-by: Francesco Dolcini Signed-off-by: Shawn Guo commit ce97bdc344e5e2bd93c904a888009b64be3bf69a Author: João Paulo Gonçalves Date: Sun Sep 1 17:57:15 2024 +0200 arm64: dts: colibri-imx8x: Add sound card Add audio support for Colibri-iMX8X sound card. Signed-off-by: João Paulo Gonçalves Signed-off-by: Francesco Dolcini Signed-off-by: Shawn Guo commit 0f264378357a01696470e3e825fe236e358930e1 Author: Francesco Dolcini Date: Sun Sep 1 17:57:14 2024 +0200 arm64: dts: colibri-imx8x: Add fxl6408 gpio expander Add fxl6408 gpio expander, this is required for Wi-Fi, Bluetooth and USB functionalities. Signed-off-by: Francesco Dolcini Signed-off-by: Shawn Guo commit 7f6b48a66362967575504e66a9e33fc689d3cac8 Author: João Paulo Gonçalves Date: Sun Sep 1 17:57:13 2024 +0200 arm64: dts: colibri-imx8x: Add analog inputs Add adc nodes for analog inputs support for all Colibri-iMX8X carrier boards. Signed-off-by: João Paulo Gonçalves Signed-off-by: Francesco Dolcini Signed-off-by: Shawn Guo commit 53f7fe50706febba5235ae2cd4af8a72711229cb Author: Emanuele Ghidoli Date: Sun Sep 1 17:57:12 2024 +0200 arm64: dts: colibri-imx8x: Add usb support Add USB HOST and OTG support to Colibri-iMX8X carrier boards. Signed-off-by: Emanuele Ghidoli Signed-off-by: Francesco Dolcini Signed-off-by: Shawn Guo commit b237975b2cd58ed5761424f52688ad0336695c08 Author: Frank Li Date: Mon Jul 1 11:03:34 2024 -0400 arm64: dts: imx8qm-mek: add usb 3.0 and related type C nodes Enable usb3.0 and related usb type C nodes. Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 1110cb4fc63758dbe4c1190a4611dd3a4dc16ecf Author: Frank Li Date: Mon Jul 1 11:03:33 2024 -0400 arm64: dts: imx8qm-mek: add i2c in mipi[0,1] subsystem Add i2c node in mipi[0,1] subystem for imx8qm-mek. Reviewed-by: Peng Fan Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit d8b48040cb7c9a02639356f6781c9b8862f23dc4 Author: Frank Li Date: Mon Jul 1 11:03:32 2024 -0400 arm64: dts: imx8qm-mek: add pwm and i2c in lvds subsystem Add pwm[0,1] and i2c[0,1] in lvds subsystem. Reviewed-by: Peng Fan Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 52c9971edd4f019858bc1b89799439c64020bebf Author: Frank Li Date: Mon Jul 1 11:03:31 2024 -0400 arm64: dts: imx8qm-mek: add cm4 remote-proc and related memory region Add two cm4 remote-proc and related memory regions. Reviewed-by: Peng Fan Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit b6b7aaf3814dde4047243bedbc8aa4c7b5d67759 Author: Frank Li Date: Mon Jul 1 11:03:30 2024 -0400 arm64: dts: imx8qm: add mipi subsystem Include common imx8-ss-mipi0.dtsi and imx8-ss-mipi1.dtsi. Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 9b0a5fac0312e8cdd543bbde34e4a738efffa3d7 Author: Frank Li Date: Mon Jul 1 11:03:29 2024 -0400 arm64: dts: imx8: add basic mipi subsystem Add basic mipi subsystem for imx8qm and imx8qxp. Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit cb53240c0458495757f9a96841a854f44618233d Author: Frank Li Date: Mon Jul 1 11:03:28 2024 -0400 arm64: dts: imx8qm: add lvds subsystem Add irqsteer, pwm and i2c in lvds subsystem. Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 0fba24b3b9560e189fce474417ae1d81e3840cbf Author: Frank Li Date: Mon Jul 1 11:03:27 2024 -0400 arm64: dts: imx8: add basic lvds0 and lvds1 subsystem Add basic lvds0 and lvds1 subsystem for imx8qm an imx8qxp. Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 7764fef26ea9ec3491494f9db76f3b5b9c19e025 Author: Wei Fang Date: Thu Aug 29 09:18:49 2024 +0800 arm64: dts: imx95: Add NETCMIX block control support Add NETCMIX block control support. Signed-off-by: Wei Fang Signed-off-by: Shawn Guo commit 124ec4bbafbb0a79e20e51945dd3f3d9bd65a625 Author: Tim Harvey Date: Wed Aug 28 10:36:51 2024 -0700 arm64: dts: freescale: rename gw7905 to gw75xx The GW7905 was renamed to GW7500 before production release. While we typically do not change compatibles, the GW7905 was never released before its product name was changed to a GW7500. The use the the 'xx' wildcard is to denote the fact that this device-tree can support range of board models from GW7500 to GW7599 as has been done historically with the Gateworks baseboards to support various build customizatoins based on the same PCB. Signed-off-by: Tim Harvey Signed-off-by: Shawn Guo commit 47ccd0f2df482fb90ae8d2406e3f935a4e75535a Author: Liu Ying Date: Tue Aug 27 14:47:16 2024 +0800 arm64: dts: imx93-11x11-evk: Add PWM backlight for "LVDS" connector J702 on i.MX93 11x11 EVK base board is a 40-pin connector labelled "LVDS". This connector supports PWM backlight with default 12V power supply and ADP5585 PWM controller. Add support for the backlight. Signed-off-by: Liu Ying Signed-off-by: Shawn Guo commit 945413212894c703fe5ed20edef7e99bfd0cf932 Author: Benjamin Hahn Date: Fri Aug 23 10:01:32 2024 +0200 arm64: dts: imx8mp-phyboard-pollux-rdk: Add support for PCIe Add support for the Mini PCIe slot. Signed-off-by: Benjamin Hahn Reviewed-by: Yannic Moog Signed-off-by: Shawn Guo commit 52e6774ac3f9d13d609fd79fbd7ab75d61cfec7e Author: Liu Ying Date: Fri Aug 23 10:12:57 2024 +0800 arm64: dts: imx8mp-evk: Add native HDMI output J17 on i.MX8mp EVK base board is a HDMI type A connector. It connects with i.MX8mp HDMI PHY. Add support for it. Signed-off-by: Liu Ying Reviewed-by: Fabio Estevam Reviewed-by: Alexander Stein Signed-off-by: Shawn Guo commit 7c52e1695f89f65259cb086d77aea6534fbeba5c Author: Elinor Montmasson Date: Tue Aug 20 13:28:26 2024 +0200 arm64: dts: imx8m: update spdif sound card node properties The merge of imx-spdif driver into fsl-asoc-card brought new DT properties that can be used with the "fsl,imx-audio-spdif" compatible: * The "spdif-controller" property from imx-spdif is named "audio-cpu" in fsl-asoc-card. * fsl-asoc-card uses codecs explicitly declared in DT with "audio-codec". With an S/PDIF, codec drivers spdif_transmitter and spdif_receiver should be used. Driver imx-spdif used instead the dummy codec and a pair of boolean properties, "spdif-in" and "spdif-out". While backward compatibility is kept to support properties "spdif-controller", "spdif-in" and "spdif-out", using new properties has several benefits: * "audio-cpu" and "audio-codec" are more generic names reflecting that the fsl-asoc-card driver supports multiple hardware. They are properties already used by devices using the fsl-asoc-card driver. They are also similar to properties of simple-card: "cpu" and "codec". * "spdif-in" and "spdif-out" imply the use of the dummy codec in the driver. However, there are already two codec drivers for the S/PDIF, spdif_transmitter and spdif_receiver. It is better to declare S/PDIF Tx and Rx devices in a DT, and then reference them with "audio-codec" than using the dummy codec. For those reasons, this commit updates in-tree DTs to use the new properties: * Rename "spdif-controller" property to "audio-cpu". * Declare S/PDIF transmitter and/or receiver devices, and use them with the "audio-codec" property instead of "spdif-out" and/or "spdif-in". These modifications were tested only on an imx8mn-evk board. Note that out-of-tree and old DTs are still supported. Signed-off-by: Elinor Montmasson Signed-off-by: Shawn Guo commit 7b1e0e8568927720bca09673787e67985ef1fc31 Author: Adam Ford Date: Mon Aug 19 18:18:14 2024 -0500 arm64: dts: imx8mp-beacon: Enable DW HDMI Bridge There is a second HDMI connector on the baseboard which is routed to the DW HDMI bridge through the PVI to the LCDIF3 and requires the HDMI PHY to be enabled too. Signed-off-by: Adam Ford Signed-off-by: Shawn Guo commit 96aaa0a893d16026ff77152ec27a3fa8e135b865 Author: Frank Li Date: Mon Aug 19 13:01:21 2024 -0400 arm64: dts: imx8mm-beacon-kit: add DVDD-supply and DOVDD-supply According to binding doc, DVDD-supply and DOVDD-supply is required properties. Add these to fix below warning: arch/arm64/boot/dts/freescale/imx8mm-beacon-kit.dtb: camera@10: 'DVDD-supply' is a required proper Signed-off-by: Frank Li Reviewed-by: Adam Ford Signed-off-by: Shawn Guo commit 6f1d1dc17e46dc6e04f0fd6e1c6c9076d4970947 Author: Frank Li Date: Mon Aug 19 13:01:20 2024 -0400 arm64: dts: s32v234: remove fallback compatible string arm,cortex-a9-gic Remove fallback comaptible string arm,cortex-a9-gic to fix below warning: /home/lizhi/source/linux-upstream-dts/arch/arm64/boot/dts/freescale/s32v234-evb.dtb: interrupt-controller@7d001000: compatible: 'oneOf' conditional failed, one must be fixed: ['arm,cortex-a15-gic', 'arm,cortex-a9-gic'] is too long /home/lizhi/source/linux-upstream-dts/arch/arm64/boot/dts/freescale/s32v234-evb.dtb: interrupt-controller@7d001000: compatible: 'oneOf' conditional failed, one must be fixed: ['arm,cortex-a15-gic', 'arm,cortex-a9-gic'] is too long 'nvidia,tegra210-agic' was expected 'arm,cortex-a15-gic' is not one of ['nvidia,tegra186-agic', 'nvidia,tegra194-agic', 'nvidia,tegra234-agic'] 'arm,gic-400' was expected Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit cb2633ee47d92029de74ab67d2a1fe1368d611a8 Author: Frank Li Date: Mon Aug 19 13:01:19 2024 -0400 arm64: dts: fsl-ls1088a-ten64: change to low case hex value Change to low case for hex value to fix below warning: arch/arm64/boot/dts/freescale/fsl-ls1088a-ten64.dtb: flash@0: partitions: Unevaluated properties are not allowed ('partition@5C0000' was unexpected) Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 5c7a868e297fcd3982162d5e3f9da5202103650b Author: Frank Li Date: Mon Aug 19 13:01:18 2024 -0400 arm64: dts: imx8mp-venice: add vddl and vana for sensor@10 Add vddl and vana for sensor@10 to fix below warning: arch/arm64/boot/dts/freescale/imx8mm-venice-gw72xx-0x-imx219.dtb: sensor@10: 'VANA-supply' is a required property Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit e1a23f2ba98d4d04999da01b667f765b9666b445 Author: Frank Li Date: Mon Aug 19 13:01:17 2024 -0400 arm64: dts: fsl-lx2160a-tqmlx2160a: change "vcc" to "vdd" for hub* According to binging doc usb/ti,usb8041.yaml and in drivers/usb/misc/onboard_usb_dev.h ti_tusb8041_data = { .supply_names = { "vdd" },}; It should vdd-supply instead vcc-supply. Fixes: 04b77e0124ef ("arm64: dts: freescale: add fsl-lx2160a-mblx2160a board") Reviewed-by: Alexander Stein Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit f3ab34595c530815810b743a85502cb52c923335 Author: Frank Li Date: Mon Aug 19 13:01:16 2024 -0400 arm64: dts: imx8mm-venice-gw7902(3): add #address-cells for gsc@20 Add #address-cells and #size-cells for gsc@20 node to fix below warning: arch/arm64/boot/dts/freescale/imx8mm-venice-gw7902.dtb: gsc@20: '#address-cells' is a required property Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit beb9c79ef91d668680b09112769f18270ecf1602 Author: Frank Li Date: Mon Aug 19 13:01:15 2024 -0400 arm64: dts: fsl-ls1028: add missed supply for wm8904 Add A(CP, DB, DC, MIC)VDD-supply for wm8904 to fix below warning: arch/arm64/boot/dts/freescale/fsl-ls1028a-kontron-sl28-var3-ads2.dtb: audio-codec@1a: 'AVDD-supply' is a required property Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 82cf5d1fb908bca8a98300219bfe68aaa1d2a4e2 Author: Frank Li Date: Mon Aug 19 13:01:14 2024 -0400 arm64: dts: layerscape: rename mdio-mux-emi to mdio-mux@ Rename node name mdio-mux-emi@ to mdio-mux@. Fix below warning: arch/arm64/boot/dts/freescale/fsl-ls1046a-qds.dtb: board-control@2,0: 'mdio-mux-emi1@54' does not match any of the regexes: '^mdio-mux@[a-f0-9,]+$', 'pinctrl-[0-9]+' from schema $id: http://devicetree.org/schemas/board/fsl,fpga-qixis.yaml Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 6daeee3e422ac4c978cad7a526b1aa664dab0e4a Author: Frank Li Date: Mon Aug 19 13:01:13 2024 -0400 arm64: dts: fsl-ls1012a-frdm: move clock-sc16is7xx under root node Move fixed clock "clock-sc16is7x" from dspi to root node to fix below warning: arch/arm64/boot/dts/freescale/fsl-ls1012a-frdm.dtb: serial@0: Unevaluated properties are not allowed ('clock-sc16is7xx' was unexpected) Acked-by: Alexander Stein Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit d509a067be0443e06ba78c972c7cbb1fb6a0e3cc Author: Frank Li Date: Mon Aug 19 13:01:11 2024 -0400 arm64: dts: fsl-ls1043a: move "fsl,ls1043a-qdma" ahead "fsl,ls1021a-qdma" Move fsl,ls1043a-qdma ahead fallback string fsl,ls1021a-qdma. Fix warning: dma-controller@8380000: compatible: 'oneOf' conditional failed, one must be fixed: ['fsl,ls1021a-qdma', 'fsl,ls1043a-qdma'] is too long Reviewed-by: Alexander Stein Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 3157f6cd7159384445ba9d6ec49d7a730f5ee4bd Author: Frank Li Date: Mon Aug 19 13:01:10 2024 -0400 arm64: dts: imx8-ss-img: remove undocument slot for jpeg Remove undocument 'slot' property. It is default 0 at driver. We can remove it safely. Fix below warning: arch/arm64/boot/dts/freescale/imx8dx-colibri-iris.dtb: jpegdec@58400000: 'slot' does not match any of the regexes: 'pinctrl-[0-9]+' Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 0b5fdfaa8e458874e89dda082434373e75fecbfd Author: Markus Niebel Date: Mon Aug 19 14:03:28 2024 +0200 arm64: dts: freescale: imx93-tqma9352: set SION for cmd and data pad of USDHC imx93 pad integrate has one issue, refer to ERR052021: ERR052021 uSDHC: Sometimes uSDHC does not work under VDD_SOC low drive mode and nominal mode Description: uSDHC PADs have one integration issue. When CMD/DATA lines direction change from output to input, uSDHC controller begin sampling, the integration issue will make input enable signal from uSDHC propagated to the PAD with a long delay, thus the new input value on the pad comes to uSDHC lately. The uSDHC sampled the old input value and the sampling result is wrong. Workaround: Set uSDHC CMD/DATA PADs iomux register SION bit to 1, then PADs will propagate input to uSDHC with no delay, so correct value is sampled. This issue will wrongly trigger the start bit when sample the USDHC command response, cause the USDHC trigger command CRC/index/endbit error, which will finally impact the tuning pass window, espically will impact the standard tuning logic, and can't find a correct delay cell to get the best timing. This follows changes made for i.MX93 EVK with commit bb89601282fc ("arm64: dts: imx93-11x11-evk: set SION for cmd and data pad of USDHC") Signed-off-by: Markus Niebel Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit 167445e13b58ef265986c0d9577996c74a028e2e Author: Markus Niebel Date: Mon Aug 19 14:03:27 2024 +0200 arm64: dts: freescale: imx93-tqma9352-mba93xxca: add GPIO line names Provide GPIO line names for userspace usage, e.g. libgpiod. Signed-off-by: Markus Niebel Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit 89950bd763094cd640caba6e8efcf044504cb3c9 Author: Alexander Stein Date: Mon Aug 19 14:03:26 2024 +0200 arm64: dts: freescale: imx93-tqma9352-mba93xxca: Add ethernet aliases They are used by systemd to rename network interfaces to predictable interface names, e.g. end0 & end1. Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit 4f823f59a78dae8cd7c9a7be81cb629472f18153 Author: Alexander Stein Date: Mon Aug 19 14:03:25 2024 +0200 arm64: dts: freescale: imx93-tqma9352-mba93xxca: add missing pad configurations - add missing (and currently unused) pad groups - assign muxed GPIO pads for X1 to gpio2 node Signed-off-by: Markus Niebel Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit ed02d0b9d9794e972aedba00a3ded9404fde877a Author: Markus Niebel Date: Mon Aug 19 14:03:24 2024 +0200 arm64: dts: freescale: imx93-tqma9352-mba93xxca: improve pad configuration - disable PU/PD if already done with external resistors - do not configure Schmitt Trigger for outputs - do not configure DSE / FSEL for inputs Pad config changes suggested by hardware team. Signed-off-by: Markus Niebel Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit 7a47f6fa0d4acc12381a2c3009d4d792c1b9589d Author: Markus Niebel Date: Mon Aug 19 14:03:23 2024 +0200 arm64: dts: freescale: imx93-tqma9352-mba93xxca: add RTC / temp sensor IRQ The IRQ lines from devices on SoM are connected to CPU GPIO on this mainboard. Signed-off-by: Markus Niebel Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit a1309c3f6b1f70feac13697e40f972a0e49baecf Author: Markus Niebel Date: Mon Aug 19 14:03:22 2024 +0200 arm64: dts: freescale: imx93-tqma9352-mba93xxla: add GPIO line names Provide GPIO line names for userspace usage, e.g. libgpiod. While at it, correct the line-name property for ENET[1,2]_INT# gpio hog and LCD_BLT_EN. Signed-off-by: Markus Niebel Signed-off-by: Alexander Stein Reviewed-by: Peng Fan Signed-off-by: Shawn Guo commit bd8ef6c439196e94d80616c400e52fec8aab2f33 Author: Alexander Stein Date: Mon Aug 19 14:03:21 2024 +0200 arm64: dts: freescale: imx93-tqma9352-mba93xxla: Add ethernet aliases They are used by systemd to rename network interfaces to predictable interface names, e.g. end0 & end1. Signed-off-by: Alexander Stein Reviewed-by: Peng Fan Signed-off-by: Shawn Guo commit 3dc31c4153f51e54696f6906b776c12e0347aef2 Author: Alexander Stein Date: Mon Aug 19 14:03:20 2024 +0200 arm64: dts: freescale: imx93-tqma9352-mba93xxla: add missing pad configurations - add missing (and currently unused) pad groups - assign muxed GPIO pads for X1 to gpio2 node Signed-off-by: Markus Niebel Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit ce5e59c145f0d8eefe2d7c5d58c5a1f94982d7d4 Author: Markus Niebel Date: Mon Aug 19 14:03:19 2024 +0200 arm64: dts: freescale: imx93-tqma9352-mba93xxla: add irq for temp sensor This adds muxing and configuration of the irq output of the temp sensor on TQMa93xx that is connected to a GPIO line on MBa93xxLA While at it, add comment for RTC_EVENT for pcf85063 since the IRQ line of both devices on SoM are routed to CPU GPIO on MBa93xxLA. Signed-off-by: Markus Niebel Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit 7301ba350c9d719b3eb74b195fcb6457e4ba771f Author: Alexander Stein Date: Mon Aug 19 14:03:18 2024 +0200 arm64: dts: freescale: imx93-tqma9352-mba93xxla: enable LPSPI6 interface LPSPI6 features a NAFE13388 analog frontend. Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit e9237480629f4c265cdb2c2bfa3605731d49c591 Author: Markus Niebel Date: Mon Aug 19 14:03:17 2024 +0200 arm64: dts: freescale: imx93-tqma9352-mba93xxla: improve pad configuration - disable PU/PD if already done with external resistors - do not configure Schmitt Trigger for outputs - do not configure DSE / FSEL for inputs Signed-off-by: Markus Niebel Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit efe6a22132925468be664e4d00c995194a180a65 Author: Alexander Stein Date: Mon Aug 19 14:03:16 2024 +0200 arm64: dts: freescale: imx93-tqma9352: add eMMC regulators With PMIC node in place, add the correct regulators for eMMC. Signed-off-by: Alexander Stein Reviewed-by: Peng Fan Signed-off-by: Shawn Guo commit d2858e6bd36cde114e6da5293d78e7a93f607f7c Author: Alexander Stein Date: Mon Aug 19 14:03:15 2024 +0200 arm64: dts: freescale: imx93-tqma9352: Add PMIC node With driver support in place add the PMIC node and remove the fixed-regulators for rails provided by PMIC. Signed-off-by: Alexander Stein Reviewed-by: Peng Fan Signed-off-by: Shawn Guo commit 4a2fdc1691c5b594d8af3c2e50f46b86754a9c5c Author: Marek Vasut Date: Sun Aug 18 22:29:52 2024 +0200 arm64: dts: imx8mm: Update Data Modul i.MX8M Mini eDM SBC DT to rev.A01 Update the DT to match newest Data Modul i.MX8M Mini eDM SBC rev.A01 board which implements PHY changes. Keep some of the rev.900 PHY node in the DT so that a DTO can be used to support rev.900 boards easily. Signed-off-by: Marek Vasut Signed-off-by: Shawn Guo commit 928325d20d5a683f66178387f26dfcbdb9818b2b Author: Marek Vasut Date: Sun Aug 18 22:27:10 2024 +0200 arm64: dts: imx8mp: Enable HDMI to Data Modul i.MX8M Plus eDM SBC Enable HDMI support on Data Modul i.MX8M Plus eDM SBC. Signed-off-by: Marek Vasut Signed-off-by: Shawn Guo commit 2d39b78e571654a0cd0155cb4f07b6a6b836c794 Author: Paul Elder Date: Wed Aug 14 19:14:51 2024 +0300 arm64: dts: imx8mp: Add DT nodes for the two ISPs The ISP supports both CSI and parallel interfaces, where port 0 corresponds to the former and port 1 corresponds to the latter. Since the i.MX8MP's ISPs are connected by the parallel interface to the CSI receiver, set them both to port 1. Signed-off-by: Paul Elder Signed-off-by: Laurent Pinchart Reviewed-by: Alexander Stein Signed-off-by: Shawn Guo commit d39cff92b956824e8b0b818c68b7373025966b2e Author: Yannic Moog Date: Wed Aug 14 11:26:38 2024 +0200 arm64: dts: imx8mm-phygate-tauri-l: add rtc aux-voltage-chargeable phygate-tauri-l has a chargable capacitor populated, rtc supports charging it. Add property indicating this. Signed-off-by: Yannic Moog Reviewed-by: Teresa Remmet Signed-off-by: Shawn Guo commit b2fa132fd274af7db2ebc26dbddbd583d5a2b074 Author: Yannic Moog Date: Wed Aug 14 11:26:37 2024 +0200 arm64: dts: imx8mm-phyboard-polis: add rtc aux-voltage-chargeable phyboard-polis has a chargable capacitor populated, rtc supports charging it. Add property indicating this. Signed-off-by: Yannic Moog Reviewed-by: Teresa Remmet Signed-off-by: Shawn Guo commit f6c6f596d8a6a27cbec68054f8174a9547bb2c85 Author: Yannic Moog Date: Wed Aug 14 11:26:36 2024 +0200 arm64: dts: imx8mp-phyboard-pollux: add rtc aux-voltage-chargeable phyboard-pollux has a chargable capacitor populated, rtc supports charging it. Add property indicating this. Signed-off-by: Yannic Moog Reviewed-by: Teresa Remmet Signed-off-by: Shawn Guo commit 6338d429cf2d430b65df63f6602268fe7ba55744 Author: Yashwanth Varakala Date: Wed Aug 14 11:26:13 2024 +0200 arm64: dts: imx8mp-phyboard-pollux: Add usb3_phy1 regulator reference Add VCC_5V_SW regulator reference to the usb1 phy node to reflect the schematic. This also silences the fallback dummy regulator warning. Signed-off-by: Yashwanth Varakala Signed-off-by: Teresa Remmet Reviewed-by: Yannic Moog Signed-off-by: Shawn Guo commit c53c06cdfa60c2e3cf68e3acb74438248c9bdca4 Author: Yashwanth Varakala Date: Wed Aug 14 11:26:12 2024 +0200 arm64: dts: imx8mp-phyboard-pollux: Add VCC_5V_SW regulator Add fixed regulator VCC_5V_SW based on the phyBOARD-Pollux schematics to reflect the connectivity on the phyBOARD-Pollux-i.MX8MP. Signed-off-by: Yashwanth Varakala Signed-off-by: Teresa Remmet Reviewed-by: Yannic Moog Signed-off-by: Shawn Guo commit c27b263935de3f5b01335c9b49a61af97023f8cf Author: Yashwanth Varakala Date: Wed Aug 14 11:26:11 2024 +0200 arm64: dts: imx8mp-phyboard-pollux: Assign regulator to EEPROM node Add VCC_3V3_SW regulator reference to the EEPROM node to reflect the schematic. This also silences the fallback dummy regulator warning. Signed-off-by: Yashwanth Varakala Signed-off-by: Teresa Remmet Reviewed-by: Yannic Moog Signed-off-by: Shawn Guo commit 893a86ce49aa9628163b6bfedced070b20c9b275 Author: Teresa Remmet Date: Wed Aug 14 11:26:10 2024 +0200 arm64: dts: imx8mp-phyboard-pollux: Add SD-Card vqmmc supply Add SD-Card property for the bus IO power from the PMIC. Signed-off-by: Teresa Remmet Reviewed-by: Yannic Moog Signed-off-by: Shawn Guo commit 5e302aae4c77aa0a493e387f5ed770ffafdab95a Author: Yashwanth Varakala Date: Wed Aug 14 11:26:09 2024 +0200 arm64: dts: imx8mp-phycore: Assign regulator to EEPROM node Add VDD_IO regulator reference to the EEPROM node to reflect the schematic. This also silences the fallback dummy regulator warning. Signed-off-by: Yashwanth Varakala Signed-off-by: Teresa Remmet Reviewed-by: Yannic Moog Signed-off-by: Shawn Guo commit 54b7ff384dbfe70513c56933b8fc4f7fb858899b Author: Yashwanth Varakala Date: Wed Aug 14 11:26:08 2024 +0200 arm64: dts: imx8mp-phycore: Add VDD_IO regulator Add fixed regulator VDD_IO (3.3v) based on the SoM schematics to reflect the connectivity on the phyCORE-i.MX8MP. Signed-off-by: Yashwanth Varakala Signed-off-by: Teresa Remmet Reviewed-by: Yannic Moog Signed-off-by: Shawn Guo commit 7e4030e32a536c47a42bfd7a42b6cb9483ad762c Author: Laurent Pinchart Date: Wed Aug 14 02:40:10 2024 +0300 arm64: dts: imx8mp: Clarify csis clock frequency The DT nodes for the MIPI CSI-2 receivers (MIPI_CSI) configure the CAM1_PIX and CAM2_PIX clocks to 266 MHz through the assigned-clock-rates property, and report that frequency in the clock-frequency property. The i.MX8MP reference manual and datasheet list 266 MHz as a nominal frequency when using both CSI-2 receivers, so all looks normal. In reality, the clock is actually set to 250 MHz, as the selected parent, IMX8MP_SYS_PLL2_1000M, has a 1/4 output that is selected as the closest frequency to 266 MHz. This doesn't break operation of the device, but is clearly misleading. Clarify the clock configuration by selecting the IMX8MP_SYS_PLL2_250M parent, dropping the redundant assigned-clock-rates, and setting clock-frequency to 250 MHz. This doesn't cause any functional change. Signed-off-by: Laurent Pinchart Reviewed-by: Alexander Stein Tested-by: Alexander Stein Signed-off-by: Shawn Guo commit 2b52fd6035b7e8896bad28ed54d183af38bcf570 Author: Frieder Schrempf Date: Tue Aug 13 10:49:05 2024 +0200 arm64: dts: Add support for Kontron i.MX93 OSM-S SoM and BL carrier board This adds support for the Kontron Electronics OSM-S i.MX93 SoM and the matching baseboard BL i.MX93. The SoM hardware complies to the Open Standard Module (OSM) 1.1 specification, size S (https://sget.org/standards/osm). Signed-off-by: Frieder Schrempf Signed-off-by: Shawn Guo commit 89ffb2c3c2a1d0bff5515fc53f93de86fb6753c0 Author: Vasant Hegde Date: Wed Aug 28 11:10:29 2024 +0000 iommu/amd: Make amd_iommu_dev_update_dte() static As its used inside iommu.c only. Also rename function to dev_update_dte() as its static function. No functional changes intended. Signed-off-by: Vasant Hegde Reviewed-by: Suravee Suthikulpanit Link: https://lore.kernel.org/r/20240828111029.5429-9-vasant.hegde@amd.com Signed-off-by: Joerg Roedel commit a3303762eb80fe03479962470a81b9176fc24f8e Author: Vasant Hegde Date: Wed Aug 28 11:10:28 2024 +0000 iommu/amd: Rework amd_iommu_update_and_flush_device_table() Remove separate function to update and flush the device table as only amd_iommu_update_and_flush_device_table() calls these functions. No functional changes intended. Signed-off-by: Vasant Hegde Reviewed-by: Suravee Suthikulpanit Link: https://lore.kernel.org/r/20240828111029.5429-8-vasant.hegde@amd.com Signed-off-by: Joerg Roedel commit 964877dc26232835d4465d9565399fe8ca4525e8 Author: Vasant Hegde Date: Wed Aug 28 11:10:27 2024 +0000 iommu/amd: Make amd_iommu_domain_flush_complete() static AMD driver uses amd_iommu_domain_flush_complete() function to make sure IOMMU processed invalidation commands before proceeding. Ideally this should be called from functions which updates DTE/invalidates caches. There is no need to call this function explicitly. This patches makes below changes : - Rename amd_iommu_domain_flush_complete() -> domain_flush_complete() and make it as static function. - Rearrage domain_flush_complete() to avoid forward declaration. - Update amd_iommu_update_and_flush_device_table() to call domain_flush_complete(). Signed-off-by: Vasant Hegde Reviewed-by: Suravee Suthikulpanit Link: https://lore.kernel.org/r/20240828111029.5429-7-vasant.hegde@amd.com Signed-off-by: Joerg Roedel commit 845bd6ac43422671778120ec082d7ddcab035a1f Author: Vasant Hegde Date: Wed Aug 28 11:10:26 2024 +0000 iommu/amd: Make amd_iommu_dev_flush_pasid_all() static As its not used outside iommu.c. Also rename it as dev_flush_pasid_all(). No functional change intended. Signed-off-by: Vasant Hegde Reviewed-by: Suravee Suthikulpanit Link: https://lore.kernel.org/r/20240828111029.5429-6-vasant.hegde@amd.com Signed-off-by: Joerg Roedel commit 293aa9ec694e633bff83ab93715a2684e15fe214 Author: Vasant Hegde Date: Wed Aug 28 11:10:25 2024 +0000 iommu/amd: Handle error path in amd_iommu_probe_device() Do not try to set max_pasids in error path as dev_data is not allocated. Fixes: a0c47f233e68 ("iommu/amd: Introduce iommu_dev_data.max_pasids") Signed-off-by: Vasant Hegde Reviewed-by: Suravee Suthikulpanit Link: https://lore.kernel.org/r/20240828111029.5429-5-vasant.hegde@amd.com Signed-off-by: Joerg Roedel commit 95eb6a05124f9a206f009a21c9a0a9f320859b6c Author: Vasant Hegde Date: Wed Aug 28 11:10:24 2024 +0000 iommu/amd: Remove unused DTE_GCR3_INDEX_* macros It was added in commit 52815b75682e ("iommu/amd: Add support for IOMMUv2 domain mode"), but never used it. Hence remove these unused macros. Signed-off-by: Vasant Hegde Reviewed-by: Suravee Suthikulpanit Link: https://lore.kernel.org/r/20240828111029.5429-4-vasant.hegde@amd.com Signed-off-by: Joerg Roedel commit 53f1fb0c46f0e3ebf13b76697b67782f65fc3f69 Author: Vasant Hegde Date: Wed Aug 28 11:10:23 2024 +0000 iommu/amd: Make amd_iommu_is_attach_deferred() static amd_iommu_is_attach_deferred() is a callback function called by iommu_ops. Make it as static. No functional changes intended. Signed-off-by: Vasant Hegde Reviewed-by: Suravee Suthikulpanit Link: https://lore.kernel.org/r/20240828111029.5429-3-vasant.hegde@amd.com Signed-off-by: Joerg Roedel commit fdc39b77db95e36f6b4d3c006a2642b9f47510c5 Author: Vasant Hegde Date: Wed Aug 28 11:10:22 2024 +0000 iommu/amd: Update event log pointer as soon as processing is complete Update event buffer head pointer once driver completes processing. So that IOMMU can write new log without waiting for driver to complete processing all event logs. Signed-off-by: Vasant Hegde Reviewed-by: Suravee Suthikulpanit Link: https://lore.kernel.org/r/20240828111029.5429-2-vasant.hegde@amd.com Signed-off-by: Joerg Roedel commit 773df3eb14ef3983a5a54cecd9b96166826e5fa9 Merge: 47ac09b91befbb 15a62b81175885 Author: Arnd Bergmann Date: Wed Sep 4 09:31:55 2024 +0000 Merge tag 'integrator-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-integrator into soc/arm Integrator fixes for the v6.12 kernel cycle, some of_node_put():s were missing in the SoC drivers. * tag 'integrator-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-integrator: bus: integrator-lm: fix OF node leak in probe() ARM: versatile: fix OF node leak in CPUs prepare Link: https://lore.kernel.org/r/CACRpkdahXECZXWA5uv=SZtkzU0E++fQj7QWK8kYuH0-asLUPqg@mail.gmail.com Signed-off-by: Arnd Bergmann commit 04f4f33c941c221645d2a58b46f4d698b0f5aa39 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:44 2024 -0600 iommu: Use of_property_present() Use of_property_present() to test for property presence rather than of_(find|get)_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Reviewed-by: Robin Murphy Link: https://lore.kernel.org/r/20240731191312.1710417-6-robh@kernel.org Signed-off-by: Joerg Roedel commit d205c06a326e435057c807bf1e962327de53bb52 Author: Christophe Leroy Date: Wed Sep 4 09:51:09 2024 +0200 soc: fsl: cpm1: qmc: Fix dependency on fsl_soc.h QMC driver requires fsl_soc.h to use function get_immrbase(). This header is provided by powerpc architecture and the functions it declares are defined only when FSL_SOC is selected. Today the dependency is the following: depends on CPM1 || QUICC_ENGINE || \ (FSL_SOC && (CPM || QUICC_ENGINE) && COMPILE_TEST) This dependency tentatively ensure that FSL_SOC is there when doing a COMPILE_TEST. CPM1 is only selected by PPC_8xx and cannot be selected manually. CPM1 selects FSL_SOC QUICC_ENGINE on the other hand can be selected by ARM or ARM64 which doesn't select FSL_SOC. QUICC_ENGINE can also be selected with just COMPILE_TEST. It is therefore possible to end up with CPM_QMC selected without FSL_SOC. So fix it by making it depend on FSL_SOC at all time. The rest of the above dependency is the same as the one for CPM_TSA on which CPM_QMC also depends, so it can go away, leaving only a simple dependency on FSL_SOC. Reported-by: Stephen Rothwell Closes: https://lore.kernel.org/lkml/20240904104859.020fe3a9@canb.auug.org.au/ Fixes: 8655b76b7004 ("soc: fsl: cpm1: qmc: Handle QUICC Engine (QE) soft-qmc firmware") Signed-off-by: Christophe Leroy Acked-by: Herve Codina Signed-off-by: Arnd Bergmann commit 8b2f4d01f56c99491f6f107f7a03fedcfb9d2d52 Author: Marc Kleine-Budde Date: Mon Jul 13 15:43:27 2020 +0800 dt-bindings: can: rockchip_canfd: add rockchip CAN-FD controller Add documentation for the rockchip rk3568 CAN-FD controller. Co-developed-by: Elaine Zhang Signed-off-by: Elaine Zhang Tested-by: Alibek Omarov Reviewed-by: Rob Herring (Arm) Reviewed-by: Heiko Stuebner Link: https://patch.msgid.link/20240904-rockchip-canfd-v5-1-8ae22bcb27cc@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 898eb75f443eaf6cb46facf52fc337fbdbdca079 Author: Karthikeyan Krishnasamy Date: Tue Sep 3 16:22:40 2024 +0530 ARM: dts: rockchip: Add pwm node for RV1126 Add previously omitted pwm node and possible pinctrl for Rockchip RV1126 Signed-off-by: Karthikeyan Krishnasamy Link: https://lore.kernel.org/r/20240903105245.715899-4-karthikeyan@linumiz.com Signed-off-by: Heiko Stuebner commit 212cda94739b1644e38ef4f588bb580c12feb9a7 Author: Karthikeyan Krishnasamy Date: Tue Sep 3 16:22:39 2024 +0530 ARM: dts: rockchip: Add i2s0 node for RV1126 Add i2s0 node and possible pinctrl for Rockchip RV1126 Signed-off-by: Karthikeyan Krishnasamy Link: https://lore.kernel.org/r/20240903105245.715899-3-karthikeyan@linumiz.com Signed-off-by: Heiko Stuebner commit 15db79e0bdcb883f0d7a678fe8701a270467a339 Author: Karthikeyan Krishnasamy Date: Tue Sep 3 16:22:38 2024 +0530 ARM: dts: rockchip: Add i2c3 node for RV1126 Add i2c3 node and possible pinctrl for Rockchip RV1126 Signed-off-by: Karthikeyan Krishnasamy Link: https://lore.kernel.org/r/20240903105245.715899-2-karthikeyan@linumiz.com Signed-off-by: Heiko Stuebner commit 9313d139aa25e572d860f6f673b73a20f32d7f93 Author: Andrey Konovalov Date: Wed Sep 4 03:30:51 2024 +0200 usb: gadget: dummy_hcd: execute hrtimer callback in softirq context Commit a7f3813e589f ("usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler") switched dummy_hcd to use hrtimer and made the timer's callback be executed in the hardirq context. With that change, __usb_hcd_giveback_urb now gets executed in the hardirq context, which causes problems for KCOV and KMSAN. One problem is that KCOV now is unable to collect coverage from the USB code that gets executed from the dummy_hcd's timer callback, as KCOV cannot collect coverage in the hardirq context. Another problem is that the dummy_hcd hrtimer might get triggered in the middle of a softirq with KCOV remote coverage collection enabled, and that causes a WARNING in KCOV, as reported by syzbot. (I sent a separate patch to shut down this WARNING, but that doesn't fix the other two issues.) Finally, KMSAN appears to ignore tracking memory copying operations that happen in the hardirq context, which causes false positive kernel-infoleaks, as reported by syzbot. Change the hrtimer in dummy_hcd to execute the callback in the softirq context. Reported-by: syzbot+2388cdaeb6b10f0c13ac@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=2388cdaeb6b10f0c13ac Reported-by: syzbot+17ca2339e34a1d863aad@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=17ca2339e34a1d863aad Reported-by: syzbot+c793a7eca38803212c61@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=c793a7eca38803212c61 Reported-by: syzbot+1e6e0b916b211bee1bd6@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=1e6e0b916b211bee1bd6 Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202406141323.413a90d2-lkp@intel.com Fixes: a7f3813e589f ("usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler") Cc: stable@vger.kernel.org Acked-by: Marcello Sylvester Bauer Signed-off-by: Andrey Konovalov Reported-by: syzbot+edd9fe0d3a65b14588d5@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=edd9fe0d3a65b14588d5 Link: https://lore.kernel.org/r/20240904013051.4409-1-andrey.konovalov@linux.dev Signed-off-by: Greg Kroah-Hartman commit 37cb049ef8b89e97d735f5cf7e34ef3f85ed6d94 Author: Tejun Heo Date: Tue Sep 3 21:54:29 2024 -1000 sched_ext: Remove sched_class->switch_class() With sched_ext converted to use put_prev_task() for class switch detection, there's no user of switch_class() left. Drop it. Signed-off-by: Tejun Heo Cc: Peter Zijlstra commit f422316d7466da7724f0662b7e282afbbca78e95 Author: Tejun Heo Date: Tue Sep 3 21:54:29 2024 -1000 sched_ext: Remove switch_class_scx() Now that put_prev_task_scx() is called with @next on task switches, there's no reason to use sched_class.switch_class(). Rename switch_class_scx() to switch_class() and call it from put_prev_task_scx(). Signed-off-by: Tejun Heo commit 65aaf90569ffa283170243576c3982521d6cb193 Author: Tejun Heo Date: Tue Sep 3 21:54:29 2024 -1000 sched_ext: Relocate functions in kernel/sched/ext.c Relocate functions to ease the removal of switch_class_scx(). No functional changes. Signed-off-by: Tejun Heo commit 753e2836d139b43ab535718c5f17c73c284bb299 Author: Tejun Heo Date: Tue Sep 3 21:54:29 2024 -1000 sched_ext: Unify regular and core-sched pick task paths Because the BPF scheduler's dispatch path is invoked from balance(), sched_ext needs to invoke balance_one() on all sibling rq's before picking the next task for core-sched. Before the recent pick_next_task() updates, sched_ext couldn't share pick task between regular and core-sched paths because pick_next_task() depended on put_prev_task() being called on the current task. Tasks currently running on sibling rq's can't be put when one rq is trying to pick the next task, so pick_task_scx() had to have a separate mechanism to pick between a sibling rq's current task and the first task in its local DSQ. However, with the preceding updates, pick_next_task_scx() no longer depends on the current task being put and can compare the current task and the next in line statelessly, and the pick task logic should be shareable between regular and core-sched paths. Unify regular and core-sched pick task paths: - There's no reason to distinguish local and sibling picks anymore. @local is removed from balance_one(). - pick_next_task_scx() is turned into pick_task_scx() by dropping the put_prev_set_next_task() call. - The old pick_task_scx() is dropped. Signed-off-by: Tejun Heo commit 8b1451f2f723f845c05b8bad3d4c45de284338b5 Author: Tejun Heo Date: Tue Sep 3 21:54:28 2024 -1000 sched_ext: Replace SCX_TASK_BAL_KEEP with SCX_RQ_BAL_KEEP SCX_TASK_BAL_KEEP is used by balance_one() to tell pick_next_task_scx() to keep running the current task. It's not really a task property. Replace it with SCX_RQ_BAL_KEEP which resides in rq->scx.flags and is a better fit for the usage. Also, the existing clearing rule is unnecessarily strict and makes it difficult to use with core-sched. Just clear it on entry to balance_one(). Signed-off-by: Tejun Heo commit 7c65ae81ea86a6ed8086e1a5651acd766187f19b Author: Tejun Heo Date: Tue Sep 3 21:54:28 2024 -1000 sched_ext: Don't call put_prev_task_scx() before picking the next task fd03c5b85855 ("sched: Rework pick_next_task()") changed the definition of pick_next_task() from: pick_next_task() := pick_task() + set_next_task(.first = true) to: pick_next_task(prev) := pick_task() + put_prev_task() + set_next_task(.first = true) making invoking put_prev_task() pick_next_task()'s responsibility. This reordering allows pick_task() to be shared between regular and core-sched paths and put_prev_task() to know the next task. sched_ext depended on put_prev_task_scx() enqueueing the current task before pick_next_task_scx() is called. While pulling sched/core changes, 70cc76aa0d80 ("Merge branch 'tip/sched/core' into for-6.12") added an explicit put_prev_task_scx() call for SCX tasks in pick_next_task_scx() before picking the first task as a workaround. Clean it up and adopt the conventions that other sched classes are following. The operation of keeping running the current task was spread and required the task to be put on the local DSQ before picking: - balance_one() used SCX_TASK_BAL_KEEP to indicate that the task is still runnable, hasn't exhausted its slice, and thus should keep running. - put_prev_task_scx() enqueued the task to local DSQ if SCX_TASK_BAL_KEEP is set. It also called do_enqueue_task() with SCX_ENQ_LAST if it is the only runnable task. do_enqueue_task() in turn decided whether to use the local DSQ depending on SCX_OPS_ENQ_LAST. Consolidate the logic in balance_one() as it always knows whether it is going to keep the current task. balance_one() now considers all conditions where the current task should be kept and uses SCX_TASK_BAL_KEEP to tell pick_next_task_scx() to keep the current task instead of picking one from the local DSQ. Accordingly, SCX_ENQ_LAST handling is removed from put_prev_task_scx() and do_enqueue_task() and pick_next_task_scx() is updated to pick the current task if SCX_TASK_BAL_KEEP is set. The workaround put_prev_task[_scx]() calls are replaced with put_prev_set_next_task(). This causes two behavior changes observable from the BPF scheduler: - When a task keep running, it no longer goes through enqueue/dequeue cycle and thus ops.stopping/running() transitions. The new behavior is better and all the existing schedulers should be able to handle the new behavior. - The BPF scheduler cannot keep executing the current task by enqueueing SCX_ENQ_LAST task to the local DSQ. If SCX_OPS_ENQ_LAST is specified, the BPF scheduler is responsible for resuming execution after each SCX_ENQ_LAST. SCX_OPS_ENQ_LAST is mostly useful for cases where scheduling decisions are not made on the local CPU - e.g. central or userspace-driven schedulin - and the new behavior is more logical and shouldn't pose any problems. SCX_OPS_ENQ_LAST demonstration from scx_qmap is dropped as it doesn't fit that well anymore and the last task handling is moved to the end of qmap_dispatch(). Signed-off-by: Tejun Heo Cc: David Vernet Cc: Andrea Righi Cc: Changwoo Min Cc: Daniel Hodges Cc: Dan Schatzberg commit 1403c8b14765eab805377dd3b75e96ace8747aed Author: Patrisious Haddad Date: Mon Sep 2 13:36:33 2024 +0300 IB/core: Fix ib_cache_setup_one error flow cleanup When ib_cache_update return an error, we exit ib_cache_setup_one instantly with no proper cleanup, even though before this we had already successfully done gid_table_setup_one, that results in the kernel WARN below. Do proper cleanup using gid_table_cleanup_one before returning the err in order to fix the issue. WARNING: CPU: 4 PID: 922 at drivers/infiniband/core/cache.c:806 gid_table_release_one+0x181/0x1a0 Modules linked in: CPU: 4 UID: 0 PID: 922 Comm: c_repro Not tainted 6.11.0-rc1+ #3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014 RIP: 0010:gid_table_release_one+0x181/0x1a0 Code: 44 8b 38 75 0c e8 2f cb 34 ff 4d 8b b5 28 05 00 00 e8 23 cb 34 ff 44 89 f9 89 da 4c 89 f6 48 c7 c7 d0 58 14 83 e8 4f de 21 ff <0f> 0b 4c 8b 75 30 e9 54 ff ff ff 48 8 3 c4 10 5b 5d 41 5c 41 5d 41 RSP: 0018:ffffc90002b835b0 EFLAGS: 00010286 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff811c8527 RDX: 0000000000000000 RSI: ffffffff811c8534 RDI: 0000000000000001 RBP: ffff8881011b3d00 R08: ffff88810b3abe00 R09: 205d303839303631 R10: 666572207972746e R11: 72746e6520444947 R12: 0000000000000001 R13: ffff888106390000 R14: ffff8881011f2110 R15: 0000000000000001 FS: 00007fecc3b70800(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000340 CR3: 000000010435a001 CR4: 00000000003706b0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ? show_regs+0x94/0xa0 ? __warn+0x9e/0x1c0 ? gid_table_release_one+0x181/0x1a0 ? report_bug+0x1f9/0x340 ? gid_table_release_one+0x181/0x1a0 ? handle_bug+0xa2/0x110 ? exc_invalid_op+0x31/0xa0 ? asm_exc_invalid_op+0x16/0x20 ? __warn_printk+0xc7/0x180 ? __warn_printk+0xd4/0x180 ? gid_table_release_one+0x181/0x1a0 ib_device_release+0x71/0xe0 ? __pfx_ib_device_release+0x10/0x10 device_release+0x44/0xd0 kobject_put+0x135/0x3d0 put_device+0x20/0x30 rxe_net_add+0x7d/0xa0 rxe_newlink+0xd7/0x190 nldev_newlink+0x1b0/0x2a0 ? __pfx_nldev_newlink+0x10/0x10 rdma_nl_rcv_msg+0x1ad/0x2e0 rdma_nl_rcv_skb.constprop.0+0x176/0x210 netlink_unicast+0x2de/0x400 netlink_sendmsg+0x306/0x660 __sock_sendmsg+0x110/0x120 ____sys_sendmsg+0x30e/0x390 ___sys_sendmsg+0x9b/0xf0 ? kstrtouint+0x6e/0xa0 ? kstrtouint_from_user+0x7c/0xb0 ? get_pid_task+0xb0/0xd0 ? proc_fail_nth_write+0x5b/0x140 ? __fget_light+0x9a/0x200 ? preempt_count_add+0x47/0xa0 __sys_sendmsg+0x61/0xd0 do_syscall_64+0x50/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e Fixes: 1901b91f9982 ("IB/core: Fix potential NULL pointer dereference in pkey cache") Signed-off-by: Patrisious Haddad Reviewed-by: Maher Sanalla Link: https://patch.msgid.link/79137687d829899b0b1c9835fcb4b258004c439a.1725273354.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit 112e6e83a894260cc7efe79a1fc47d4d51461742 Author: Chris Mi Date: Mon Sep 2 13:35:40 2024 +0300 IB/mlx5: Fix UMR pd cleanup on error flow of driver init The cited commit moves the pd allocation from function mlx5r_umr_resource_cleanup() to a new function mlx5r_umr_cleanup(). So the fix in commit [1] is broken. In error flow, will hit panic [2]. Fix it by checking pd pointer to avoid panic if it is NULL; [1] RDMA/mlx5: Fix UMR cleanup on error flow of driver init [2] [ 347.567063] infiniband mlx5_0: Couldn't register device with driver model [ 347.591382] BUG: kernel NULL pointer dereference, address: 0000000000000020 [ 347.593438] #PF: supervisor read access in kernel mode [ 347.595176] #PF: error_code(0x0000) - not-present page [ 347.596962] PGD 0 P4D 0 [ 347.601361] RIP: 0010:ib_dealloc_pd_user+0x12/0xc0 [ib_core] [ 347.604171] RSP: 0018:ffff888106293b10 EFLAGS: 00010282 [ 347.604834] RAX: 0000000000000000 RBX: 000000000000000e RCX: 0000000000000000 [ 347.605672] RDX: ffff888106293ad0 RSI: 0000000000000000 RDI: 0000000000000000 [ 347.606529] RBP: 0000000000000000 R08: ffff888106293ae0 R09: ffff888106293ae0 [ 347.607379] R10: 0000000000000a06 R11: 0000000000000000 R12: 0000000000000000 [ 347.608224] R13: ffffffffa0704dc0 R14: 0000000000000001 R15: 0000000000000001 [ 347.609067] FS: 00007fdc720cd9c0(0000) GS:ffff88852c880000(0000) knlGS:0000000000000000 [ 347.610094] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 347.610727] CR2: 0000000000000020 CR3: 0000000103012003 CR4: 0000000000370eb0 [ 347.611421] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 347.612113] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 347.612804] Call Trace: [ 347.613130] [ 347.613417] ? __die+0x20/0x60 [ 347.613793] ? page_fault_oops+0x150/0x3e0 [ 347.614243] ? free_msg+0x68/0x80 [mlx5_core] [ 347.614840] ? cmd_exec+0x48f/0x11d0 [mlx5_core] [ 347.615359] ? exc_page_fault+0x74/0x130 [ 347.615808] ? asm_exc_page_fault+0x22/0x30 [ 347.616273] ? ib_dealloc_pd_user+0x12/0xc0 [ib_core] [ 347.616801] mlx5r_umr_cleanup+0x23/0x90 [mlx5_ib] [ 347.617365] mlx5_ib_stage_pre_ib_reg_umr_cleanup+0x36/0x40 [mlx5_ib] [ 347.618025] __mlx5_ib_add+0x96/0xd0 [mlx5_ib] [ 347.618539] mlx5r_probe+0xe9/0x310 [mlx5_ib] [ 347.619032] ? kernfs_add_one+0x107/0x150 [ 347.619478] ? __mlx5_ib_add+0xd0/0xd0 [mlx5_ib] [ 347.619984] auxiliary_bus_probe+0x3e/0x90 [ 347.620448] really_probe+0xc5/0x3a0 [ 347.620857] __driver_probe_device+0x80/0x160 [ 347.621325] driver_probe_device+0x1e/0x90 [ 347.621770] __driver_attach+0xec/0x1c0 [ 347.622213] ? __device_attach_driver+0x100/0x100 [ 347.622724] bus_for_each_dev+0x71/0xc0 [ 347.623151] bus_add_driver+0xed/0x240 [ 347.623570] driver_register+0x58/0x100 [ 347.623998] __auxiliary_driver_register+0x6a/0xc0 [ 347.624499] ? driver_register+0xae/0x100 [ 347.624940] ? 0xffffffffa0893000 [ 347.625329] mlx5_ib_init+0x16a/0x1e0 [mlx5_ib] [ 347.625845] do_one_initcall+0x4a/0x2a0 [ 347.626273] ? gcov_event+0x2e2/0x3a0 [ 347.626706] do_init_module+0x8a/0x260 [ 347.627126] init_module_from_file+0x8b/0xd0 [ 347.627596] __x64_sys_finit_module+0x1ca/0x2f0 [ 347.628089] do_syscall_64+0x4c/0x100 Fixes: 638420115cc4 ("IB/mlx5: Create UMR QP just before first reg_mr occurs") Signed-off-by: Chris Mi Reviewed-by: Jianbo Liu Link: https://patch.msgid.link/778c40c60287992da5d6ec92bb07b67f7bb5e6ef.1725273295.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit 34bb7b813ab398106f700b0a6b218509bb0b904c Author: Thomas Hellström Date: Tue Sep 3 11:42:32 2024 +0200 drm/xe: Use xe_pm_runtime_get in xe_bo_move() if reclaim-safe. xe_bo_move() might be called in the TTM swapout path from validation by another TTM device. If so, we are not likely to have a RPM reference. So iff xe_pm_runtime_get() is safe to call from reclaim, use it instead of xe_pm_runtime_get_noresume(). Strictly this is currently needed only if handle_system_ccs is true, but use xe_pm_runtime_get() if possible anyway to increase test coverage. At the same time warn if handle_system_ccs is true and we can't call xe_pm_runtime_get() from reclaim context. This will likely trip if someone tries to enable SRIOV on LNL, without fixing Xe SRIOV runtime resume / suspend. Cc: Rodrigo Vivi Cc: Matthew Brost Cc: Matthew Auld Signed-off-by: Thomas Hellström Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240903094232.166342-1-thomas.hellstrom@linux.intel.com commit ccaf84694ce7e7438706185c726310be51954fd3 Author: Bartosz Golaszewski Date: Tue Sep 3 17:45:32 2024 +0200 gpio: mpc8xxx: order headers alphabetically Cleanup the includes by putting them in alphabetical order. Reviewed-by: Andy Shevchenko Reviewed-by: Martyn Welch Link: https://lore.kernel.org/r/20240903154533.101258-1-brgl@bgdev.pl Signed-off-by: Bartosz Golaszewski commit d14f6f405fc7b66b0a18967378a4114054b2690c Author: Bartosz Golaszewski Date: Mon Aug 19 17:17:05 2024 +0200 gpio: davinci: use devm_clk_get_enabled() Simplify the code in error paths by using the managed variant of the clock getter that controls the clock state as well. Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240819151705.37258-2-brgl@bgdev.pl Signed-off-by: Bartosz Golaszewski commit d29e741cad3f8f41df1834bf74df79380c1c6c6d Author: Bartosz Golaszewski Date: Mon Aug 19 17:17:04 2024 +0200 gpio: davinci: drop platform data support There are no more any board files that use the platform data for gpio-davinci. We can remove the header defining it and port the code to no longer store any context in pdata. Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240819151705.37258-1-brgl@bgdev.pl Signed-off-by: Bartosz Golaszewski commit 9f0127b9cea593a661004df948dc0b4479081c2e Author: Andy Shevchenko Date: Mon Sep 2 16:30:44 2024 +0300 gpio: stmpe: Sort headers Sort the headers in alphabetic order in order to ease the maintenance for this part. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240902133148.2569486-6-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit e6815a05c0c909c8d6396bf41d0c06bc967f37bc Author: Andy Shevchenko Date: Mon Sep 2 16:30:43 2024 +0300 gpio: stmpe: Make use of device properties Convert the module to be property provider agnostic and allow it to be used on non-OF platforms. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240902133148.2569486-5-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit 56f534dde6ff41eaf71f4e368953cb8da54cecc3 Author: Andy Shevchenko Date: Mon Sep 2 16:30:42 2024 +0300 gpio: stmpe: Utilise temporary variable for struct device We have a temporary variable to keep a pointer to struct device. Utilise it where it makes sense. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240902133148.2569486-4-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit c028e1c5a414f03cd849912073db7c1927ec8d89 Author: Andy Shevchenko Date: Mon Sep 2 16:30:41 2024 +0300 gpio: stmpe: Remove unused 'dev' member of struct stmpe_gpio There is no evidence that the 'dev' member of struct stmpe_gpio is used, drop it. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240902133148.2569486-3-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit a794331325f143bd010a91aa078547fee7fe907e Author: Andy Shevchenko Date: Mon Sep 2 16:30:40 2024 +0300 gpio: stmpe: Fix IRQ related error messages First of all, remove duplicate message that platform_get_irq() does already print. Second, correct the error message when unable to register a handler, which is broken in two ways: 1) the misleading 'get' vs. 'register'; 2) missing '\n' at the end. (Yes, for the curious ones, the dev_*() cases do not require '\n' and issue it automatically, but it's better to have them explicit) Fix all this here. Fixes: 1882e769362b ("gpio: stmpe: Simplify with dev_err_probe()") Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240902133148.2569486-2-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit 6f1833b8208c3b9e59eff10792667b6639365146 Author: Kefeng Wang Date: Tue Aug 27 19:47:28 2024 +0800 mm: memory_hotplug: unify Huge/LRU/non-LRU movable folio isolation Use the isolate_folio_to_list() to unify hugetlb/LRU/non-LRU folio isolation, which cleanup code a bit and save a few calls to compound_head(). [wangkefeng.wang@huawei.com: various fixes] Link: https://lkml.kernel.org/r/20240829150500.2599549-1-wangkefeng.wang@huawei.com Link: https://lkml.kernel.org/r/20240827114728.3212578-6-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Reviewed-by: Miaohe Lin Cc: Dan Carpenter Cc: David Hildenbrand Cc: Jonathan Cameron Cc: Naoya Horiguchi Cc: Oscar Salvador Signed-off-by: Andrew Morton commit f1264e9531b0fbadf88e0b9c8143c546343b481c Author: Kefeng Wang Date: Tue Aug 27 19:47:27 2024 +0800 mm: migrate: add isolate_folio_to_list() Add isolate_folio_to_list() helper to try to isolate HugeTLB, no-LRU movable and LRU folios to a list, which will be reused by do_migrate_range() from memory hotplug soon, also drop the mf_isolate_folio() since we could directly use new helper in the soft_offline_in_use_page(). Link: https://lkml.kernel.org/r/20240827114728.3212578-5-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Acked-by: David Hildenbrand Acked-by: Miaohe Lin Tested-by: Miaohe Lin Cc: Dan Carpenter Cc: Jonathan Cameron Cc: Naoya Horiguchi Cc: Oscar Salvador Signed-off-by: Andrew Morton commit e8a796fa1c16d4792c674dfb0c9dc86f48a00027 Author: Kefeng Wang Date: Tue Aug 27 19:47:26 2024 +0800 mm: memory_hotplug: check hwpoisoned page firstly in do_migrate_range() Commit b15c87263a69 ("hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined") don't handle the hugetlb pages, the endless loop still occur if offline a hwpoison hugetlb page, luckly, after the commit e591ef7d96d6 ("mm, hwpoison,hugetlb,memory_hotplug: hotremove memory section with hwpoisoned hugepage"), the HPageMigratable of hugetlb page will be cleared, and the hwpoison hugetlb page will be skipped in scan_movable_pages(), so the endless loop issue is fixed. However if the HPageMigratable() check passed(without reference and lock), the hugetlb page may be hwpoisoned, it won't cause issue since the hwpoisoned page will be handled correctly in the next movable pages scan loop, and it will be isolated in do_migrate_range() but fails to migrate. In order to avoid the unnecessary isolation and unify all hwpoisoned page handling, let's unconditionally check hwpoison firstly, and if it is a hwpoisoned hugetlb page, try to unmap it as the catch all safety net like normal page does. Link: https://lkml.kernel.org/r/20240827114728.3212578-4-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Acked-by: David Hildenbrand Reviewed-by: Miaohe Lin Cc: Dan Carpenter Cc: Jonathan Cameron Cc: Naoya Horiguchi Cc: Oscar Salvador Signed-off-by: Andrew Morton commit 16038c4fffd802cf5bc7391fedfe8228dd0adf53 Author: Kefeng Wang Date: Tue Aug 27 19:47:25 2024 +0800 mm: memory-failure: add unmap_poisoned_folio() Add unmap_poisoned_folio() helper which will be reused by do_migrate_range() from memory hotplug soon. [akpm@linux-foundation.org: whitespace tweak, per Miaohe Lin] Link: https://lkml.kernel.org/r/1f80c7e3-c30d-1ac1-6a36-d1a5f5907f7c@huawei.com Link: https://lkml.kernel.org/r/20240827114728.3212578-3-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Acked-by: David Hildenbrand Acked-by: Miaohe Lin Cc: Dan Carpenter Cc: Jonathan Cameron Cc: Naoya Horiguchi Cc: Oscar Salvador Signed-off-by: Andrew Morton commit b62b51d2d1593e6590669e781768c3c5a7394eb5 Author: Kefeng Wang Date: Tue Aug 27 19:47:24 2024 +0800 mm: memory_hotplug: remove head variable in do_migrate_range() Patch series "mm: memory_hotplug: improve do_migrate_range()", v3. Unify hwpoisoned page handling and isolation of HugeTLB/LRU/non-LRU movable page, also convert to use folios in do_migrate_range(). This patch (of 5): Directly use a folio for HugeTLB and THP when calculate the next pfn, then remove unused head variable. Link: https://lkml.kernel.org/r/20240827114728.3212578-1-wangkefeng.wang@huawei.com Link: https://lkml.kernel.org/r/20240827114728.3212578-2-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Reviewed-by: Miaohe Lin Acked-by: David Hildenbrand Cc: Dan Carpenter Cc: Jonathan Cameron Cc: Naoya Horiguchi Cc: Oscar Salvador Signed-off-by: Andrew Morton commit f66ac836d4b97df8615b0fd09ce0b470e66d1d59 Author: SeongJae Park Date: Mon Aug 26 20:03:36 2024 -0700 mm/damon/tests: add .kunitconfig file for DAMON kunit tests '--kunitconfig' option of 'kunit.py run' supports '.kunitconfig' file name convention. Add the file for DAMON kunit tests for more convenient kunit run. Link: https://lkml.kernel.org/r/20240827030336.7930-10-sj@kernel.org Signed-off-by: SeongJae Park Cc: Brendan Higgins Cc: David Gow Signed-off-by: Andrew Morton commit 9bfbaa5e44c52422a046ce291469c8ebeb6c475d Author: SeongJae Park Date: Mon Aug 26 20:03:35 2024 -0700 mm/damon: move kunit tests to tests/ subdirectory with _kunit suffix There was a discussion about better places for kunit test code[1] and test file name suffix[2]. Folowwing the conclusion, move kunit tests for DAMON to mm/damon/tests/ subdirectory and rename those. [1] https://lore.kernel.org/CABVgOS=pUdWb6NDHszuwb1HYws4a1-b1UmN=i8U_ED7HbDT0mg@mail.gmail.com [2] https://lore.kernel.org/CABVgOSmKwPq7JEpHfS6sbOwsR0B-DBDk_JP-ZD9s9ZizvpUjbQ@mail.gmail.com Link: https://lkml.kernel.org/r/20240827030336.7930-9-sj@kernel.org Signed-off-by: SeongJae Park Cc: Brendan Higgins Cc: David Gow Signed-off-by: Andrew Morton commit 61879eed1f180ff92c2324b24d06eeddcc9256bd Author: SeongJae Park Date: Mon Aug 26 20:03:34 2024 -0700 mm/damon/dbgfs-test: skip dbgfs_set_init_regions() test if PADDR is not registered The test depends on registration of DAMON_OPS_PADDR. It would be registered only when CONFIG_DAMON_PADDR is set. DAMON core kunit tests do fake ops registration for such case. However, the functions for such fake ops registration is not available to DAMON debugfs interface. Just skip the test in the case. Link: https://lkml.kernel.org/r/20240827030336.7930-8-sj@kernel.org Fixes: 999b9467974f ("mm/damon/dbgfs-test: fix is_target_id() change") Signed-off-by: SeongJae Park Cc: Brendan Higgins Cc: David Gow Signed-off-by: Andrew Morton commit 8e34bac5a268b2fb3a88231a9b94cada8adcc8c0 Author: SeongJae Park Date: Mon Aug 26 20:03:33 2024 -0700 mm/damon/dbgfs-test: skip dbgfs_set_targets() test if PADDR is not registered The test depends on registration of DAMON_OPS_PADDR. It would be registered only when CONFIG_DAMON_PADDR is set. DAMON core kunit tests do fake ops registration for such case. However, the functions for such fake ops registration is not available to DAMON debugfs interface. Just skip the test in the case. Link: https://lkml.kernel.org/r/20240827030336.7930-7-sj@kernel.org Fixes: 999b9467974f ("mm/damon/dbgfs-test: fix is_target_id() change") Signed-off-by: SeongJae Park Cc: Brendan Higgins Cc: David Gow Signed-off-by: Andrew Morton commit e43772dcdf21a8cdf3666ee35b2a7166ad39b255 Author: SeongJae Park Date: Mon Aug 26 20:03:32 2024 -0700 mm/damon/core-test: fix damon_test_ops_registration() for DAMON_VADDR unset case DAMON core kunit test can be executed without CONFIG_DAMON_VADDR. In the case, vaddr DAMON ops is not registered. Meanwhile, ops registration kunit test assumes the vaddr ops is registered. Check and handle the case by registrering fake vaddr ops inside the test code. Link: https://lkml.kernel.org/r/20240827030336.7930-6-sj@kernel.org Fixes: 4f540f5ab4f2 ("mm/damon/core-test: add a kunit test case for ops registration") Signed-off-by: SeongJae Park Cc: Brendan Higgins Cc: David Gow Signed-off-by: Andrew Morton commit 9fcce7e7be38fc1da7673d2d69d72ab5c66d154e Author: SeongJae Park Date: Mon Aug 26 20:03:31 2024 -0700 mm/damon/core-test: test only vaddr case on ops registration test DAMON ops registration kunit test tests both vaddr and paddr use cases in parts of the whole test cases. Basically testing only one ops use case is enough. Do the test with only vaddr use case. Link: https://lkml.kernel.org/r/20240827030336.7930-5-sj@kernel.org Signed-off-by: SeongJae Park Cc: Brendan Higgins Cc: David Gow Signed-off-by: Andrew Morton commit 8c211412c5dffd090eaea5ee033cd729f8e5f873 Author: SeongJae Park Date: Mon Aug 26 20:03:30 2024 -0700 selftests/damon: add execute permissions to test scripts Some test scripts are missing executable permissions. It causes warnings that make the test output unnecessarily verbose. Add executable permissions. Link: https://lkml.kernel.org/r/20240827030336.7930-4-sj@kernel.org Signed-off-by: SeongJae Park Cc: Brendan Higgins Cc: David Gow Signed-off-by: Andrew Morton commit 582c04b07fa91665b4f38682c290fb9f0b085c7e Author: SeongJae Park Date: Mon Aug 26 20:03:29 2024 -0700 selftests/damon: cleanup __pycache__/ with 'make clean' Python-based tests creates __pycache__/ directory. Remove it with 'make clean' by defining it as EXTRA_CLEAN. Link: https://lkml.kernel.org/r/20240827030336.7930-3-sj@kernel.org Fixes: b5906f5f7359 ("selftests/damon: add a test for update_schemes_tried_regions sysfs command") Signed-off-by: SeongJae Park Cc: Brendan Higgins Cc: David Gow Signed-off-by: Andrew Morton commit 9cb75552f421c5e9667bc19fb430063cb023c219 Author: SeongJae Park Date: Mon Aug 26 20:03:28 2024 -0700 selftests/damon: add access_memory_even to .gitignore Patch series "misc fixups for DAMON {self,kunit} tests". This patchset is for minor fixups of DAMON selftests and kunit tests. First three patches make DAMON selftests more cleanly maintained (patches 1 and 2) without unnecessary warnings (patch 3). Following six patches remove unnecessary test case (patch 4), handle configs combinations that can make tests fail (patches 5-7), reorganize the test files following the new guideline (patch 8), and add reference kunitconfig for DAMON kunit tests (patch 9). This patch (of 9): DAMON selftests build access_memory_even, but its not on the .gitignore list. Add it to make 'git status' output cleaner. Link: https://lkml.kernel.org/r/20240827030336.7930-1-sj@kernel.org Link: https://lkml.kernel.org/r/20240827030336.7930-2-sj@kernel.org Fixes: c94df805c774 ("selftests/damon: implement a program for even-numbered memory regions access") Signed-off-by: SeongJae Park Cc: Brendan Higgins Cc: David Gow Signed-off-by: Andrew Morton commit f22cde4371f3c624e947a35b075c06c771442a43 Author: Yujie Liu Date: Tue Aug 27 19:29:58 2024 +0800 sched/numa: Fix the vma scan starving issue Problem statement: Since commit fc137c0ddab2 ("sched/numa: enhance vma scanning logic"), the Numa vma scan overhead has been reduced a lot. Meanwhile, the reducing of the vma scan might create less Numa page fault information. The insufficient information makes it harder for the Numa balancer to make decision. Later, commit b7a5b537c55c08 ("sched/numa: Complete scanning of partial VMAs regardless of PID activity") and commit 84db47ca7146d7 ("sched/numa: Fix mm numa_scan_seq based unconditional scan") are found to bring back part of the performance. Recently when running SPECcpu omnetpp_r on a 320 CPUs/2 Sockets system, a long duration of remote Numa node read was observed by PMU events: A few cores having ~500MB/s remote memory access for ~20 seconds. It causes high core-to-core variance and performance penalty. After the investigation, it is found that many vmas are skipped due to the active PID check. According to the trace events, in most cases, vma_is_accessed() returns false because the history access info stored in pids_active array has been cleared. Proposal: The main idea is to adjust vma_is_accessed() to let it return true easier. Thus compare the diff between mm->numa_scan_seq and vma->numab_state->prev_scan_seq. If the diff has exceeded the threshold, scan the vma. This patch especially helps the cases where there are small number of threads, like the process-based SPECcpu. Without this patch, if the SPECcpu process access the vma at the beginning, then sleeps for a long time, the pid_active array will be cleared. A a result, if this process is woken up again, it never has a chance to set prot_none anymore. Because only the first 2 times of access is granted for vma scan: (current->mm->numa_scan_seq) - vma->numab_state->start_scan_seq) < 2 to be worse, no other threads within the task can help set the prot_none. This causes information lost. Raghavendra helped test current patch and got the positive result on the AMD platform: autonumabench NUMA01 base patched Amean syst-NUMA01 194.05 ( 0.00%) 165.11 * 14.92%* Amean elsp-NUMA01 324.86 ( 0.00%) 315.58 * 2.86%* Duration User 380345.36 368252.04 Duration System 1358.89 1156.23 Duration Elapsed 2277.45 2213.25 autonumabench NUMA02 Amean syst-NUMA02 1.12 ( 0.00%) 1.09 * 2.93%* Amean elsp-NUMA02 3.50 ( 0.00%) 3.56 * -1.84%* Duration User 1513.23 1575.48 Duration System 8.33 8.13 Duration Elapsed 28.59 29.71 kernbench Amean user-256 22935.42 ( 0.00%) 22535.19 * 1.75%* Amean syst-256 7284.16 ( 0.00%) 7608.72 * -4.46%* Amean elsp-256 159.01 ( 0.00%) 158.17 * 0.53%* Duration User 68816.41 67615.74 Duration System 21873.94 22848.08 Duration Elapsed 506.66 504.55 Intel 256 CPUs/2 Sockets: autonuma benchmark also shows improvements: v6.10-rc5 v6.10-rc5 +patch Amean syst-NUMA01 245.85 ( 0.00%) 230.84 * 6.11%* Amean syst-NUMA01_THREADLOCAL 205.27 ( 0.00%) 191.86 * 6.53%* Amean syst-NUMA02 18.57 ( 0.00%) 18.09 * 2.58%* Amean syst-NUMA02_SMT 2.63 ( 0.00%) 2.54 * 3.47%* Amean elsp-NUMA01 517.17 ( 0.00%) 526.34 * -1.77%* Amean elsp-NUMA01_THREADLOCAL 99.92 ( 0.00%) 100.59 * -0.67%* Amean elsp-NUMA02 15.81 ( 0.00%) 15.72 * 0.59%* Amean elsp-NUMA02_SMT 13.23 ( 0.00%) 12.89 * 2.53%* v6.10-rc5 v6.10-rc5 +patch Duration User 1064010.16 1075416.23 Duration System 3307.64 3104.66 Duration Elapsed 4537.54 4604.73 The SPECcpu remote node access issue disappears with the patch applied. Link: https://lkml.kernel.org/r/20240827112958.181388-1-yu.c.chen@intel.com Fixes: fc137c0ddab2 ("sched/numa: enhance vma scanning logic") Signed-off-by: Chen Yu Co-developed-by: Chen Yu Signed-off-by: Yujie Liu Reported-by: Xiaoping Zhou Reviewed-and-tested-by: Raghavendra K T Acked-by: Mel Gorman Cc: "Chen, Tim C" Cc: Ingo Molnar Cc: Juri Lelli Cc: Peter Zijlstra Cc: Raghavendra K T Cc: Vincent Guittot Signed-off-by: Andrew Morton commit 073c78edf5bbd32046a117fc7f71312dc3d2c607 Author: Yanfei Xu Date: Tue Aug 27 19:36:14 2024 +0800 memory tier: fix deadlock warning while onlining pages commit 823430c8e9d9 ("memory tier: consolidate the initialization of memory tiers") introduces a locking change that use guard(mutex) to instead of mutex_lock/unlock() for memory_tier_lock. It unexpectedly expanded the locked region to include the hotplug_memory_notifier(), as a result, it triggers an locking dependency detected of ABBA deadlock. Exclude hotplug_memory_notifier() from the locked region to fixing it. The deadlock scenario is that when a memory online event occurs, the execution of memory notifier will access the read lock of the memory_chain.rwsem, then the reigistration of the memory notifier in memory_tier_init() acquires the write lock of the memory_chain.rwsem while holding memory_tier_lock. Then the memory online event continues to invoke the memory hotplug callback registered by memory_tier_init(). Since this callback tries to acquire the memory_tier_lock, a deadlock occurs. In fact, this deadlock can't happen because memory_tier_init() always executes before memory online events happen due to the subsys_initcall() has an higher priority than module_init(). [ 133.491106] WARNING: possible circular locking dependency detected [ 133.493656] 6.11.0-rc2+ #146 Tainted: G O N [ 133.504290] ------------------------------------------------------ [ 133.515194] (udev-worker)/1133 is trying to acquire lock: [ 133.525715] ffffffff87044e28 (memory_tier_lock){+.+.}-{3:3}, at: memtier_hotplug_callback+0x383/0x4b0 [ 133.536449] [ 133.536449] but task is already holding lock: [ 133.549847] ffffffff875d3310 ((memory_chain).rwsem){++++}-{3:3}, at: blocking_notifier_call_chain+0x60/0xb0 [ 133.556781] [ 133.556781] which lock already depends on the new lock. [ 133.556781] [ 133.569957] [ 133.569957] the existing dependency chain (in reverse order) is: [ 133.577618] [ 133.577618] -> #1 ((memory_chain).rwsem){++++}-{3:3}: [ 133.584997] down_write+0x97/0x210 [ 133.588647] blocking_notifier_chain_register+0x71/0xd0 [ 133.592537] register_memory_notifier+0x26/0x30 [ 133.596314] memory_tier_init+0x187/0x300 [ 133.599864] do_one_initcall+0x117/0x5d0 [ 133.603399] kernel_init_freeable+0xab0/0xeb0 [ 133.606986] kernel_init+0x28/0x2f0 [ 133.610312] ret_from_fork+0x59/0x90 [ 133.613652] ret_from_fork_asm+0x1a/0x30 [ 133.617012] [ 133.617012] -> #0 (memory_tier_lock){+.+.}-{3:3}: [ 133.623390] __lock_acquire+0x2efd/0x5c60 [ 133.626730] lock_acquire+0x1ce/0x580 [ 133.629757] __mutex_lock+0x15c/0x1490 [ 133.632731] mutex_lock_nested+0x1f/0x30 [ 133.635717] memtier_hotplug_callback+0x383/0x4b0 [ 133.638748] notifier_call_chain+0xbf/0x370 [ 133.641647] blocking_notifier_call_chain+0x76/0xb0 [ 133.644636] memory_notify+0x2e/0x40 [ 133.647427] online_pages+0x597/0x720 [ 133.650246] memory_subsys_online+0x4f6/0x7f0 [ 133.653107] device_online+0x141/0x1d0 [ 133.655831] online_memory_block+0x4d/0x60 [ 133.658616] walk_memory_blocks+0xc0/0x120 [ 133.661419] add_memory_resource+0x51d/0x6c0 [ 133.664202] add_memory_driver_managed+0xf5/0x180 [ 133.667060] dev_dax_kmem_probe+0x7f7/0xb40 [kmem] [ 133.669949] dax_bus_probe+0x147/0x230 [ 133.672687] really_probe+0x27f/0xac0 [ 133.675463] __driver_probe_device+0x1f3/0x460 [ 133.678493] driver_probe_device+0x56/0x1b0 [ 133.681366] __driver_attach+0x277/0x570 [ 133.684149] bus_for_each_dev+0x145/0x1e0 [ 133.686937] driver_attach+0x49/0x60 [ 133.689673] bus_add_driver+0x2f3/0x6b0 [ 133.692421] driver_register+0x170/0x4b0 [ 133.695118] __dax_driver_register+0x141/0x1b0 [ 133.697910] dax_kmem_init+0x54/0xff0 [kmem] [ 133.700794] do_one_initcall+0x117/0x5d0 [ 133.703455] do_init_module+0x277/0x750 [ 133.706054] load_module+0x5d1d/0x74f0 [ 133.708602] init_module_from_file+0x12c/0x1a0 [ 133.711234] idempotent_init_module+0x3f1/0x690 [ 133.713937] __x64_sys_finit_module+0x10e/0x1a0 [ 133.716492] x64_sys_call+0x184d/0x20d0 [ 133.719053] do_syscall_64+0x6d/0x140 [ 133.721537] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 133.724239] [ 133.724239] other info that might help us debug this: [ 133.724239] [ 133.730832] Possible unsafe locking scenario: [ 133.730832] [ 133.735298] CPU0 CPU1 [ 133.737759] ---- ---- [ 133.740165] rlock((memory_chain).rwsem); [ 133.742623] lock(memory_tier_lock); [ 133.745357] lock((memory_chain).rwsem); [ 133.748141] lock(memory_tier_lock); [ 133.750489] [ 133.750489] *** DEADLOCK *** [ 133.750489] [ 133.756742] 6 locks held by (udev-worker)/1133: [ 133.759179] #0: ffff888207be6158 (&dev->mutex){....}-{3:3}, at: __driver_attach+0x26c/0x570 [ 133.762299] #1: ffffffff875b5868 (device_hotplug_lock){+.+.}-{3:3}, at: lock_device_hotplug+0x20/0x30 [ 133.765565] #2: ffff88820cf6a108 (&dev->mutex){....}-{3:3}, at: device_online+0x2f/0x1d0 [ 133.768978] #3: ffffffff86d08ff0 (cpu_hotplug_lock){++++}-{0:0}, at: mem_hotplug_begin+0x17/0x30 [ 133.772312] #4: ffffffff8702dfb0 (mem_hotplug_lock){++++}-{0:0}, at: mem_hotplug_begin+0x23/0x30 [ 133.775544] #5: ffffffff875d3310 ((memory_chain).rwsem){++++}-{3:3}, at: blocking_notifier_call_chain+0x60/0xb0 [ 133.779113] [ 133.779113] stack backtrace: [ 133.783728] CPU: 5 UID: 0 PID: 1133 Comm: (udev-worker) Tainted: G O N 6.11.0-rc2+ #146 [ 133.787220] Tainted: [O]=OOT_MODULE, [N]=TEST [ 133.789948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015 [ 133.793291] Call Trace: [ 133.795826] [ 133.798284] dump_stack_lvl+0xea/0x150 [ 133.801025] dump_stack+0x19/0x20 [ 133.803609] print_circular_bug+0x477/0x740 [ 133.806341] check_noncircular+0x2f4/0x3e0 [ 133.809056] ? __pfx_check_noncircular+0x10/0x10 [ 133.811866] ? __pfx_lockdep_lock+0x10/0x10 [ 133.814670] ? __sanitizer_cov_trace_const_cmp8+0x1c/0x30 [ 133.817610] __lock_acquire+0x2efd/0x5c60 [ 133.820339] ? __pfx___lock_acquire+0x10/0x10 [ 133.823128] ? __dax_driver_register+0x141/0x1b0 [ 133.825926] ? do_one_initcall+0x117/0x5d0 [ 133.828648] lock_acquire+0x1ce/0x580 [ 133.831349] ? memtier_hotplug_callback+0x383/0x4b0 [ 133.834293] ? __pfx_lock_acquire+0x10/0x10 [ 133.837134] __mutex_lock+0x15c/0x1490 [ 133.839829] ? memtier_hotplug_callback+0x383/0x4b0 [ 133.842753] ? memtier_hotplug_callback+0x383/0x4b0 [ 133.845602] ? __this_cpu_preempt_check+0x21/0x30 [ 133.848438] ? __pfx___mutex_lock+0x10/0x10 [ 133.851200] ? __pfx_lock_acquire+0x10/0x10 [ 133.853935] ? global_dirty_limits+0xc0/0x160 [ 133.856699] ? __sanitizer_cov_trace_switch+0x58/0xa0 [ 133.859564] mutex_lock_nested+0x1f/0x30 [ 133.862251] ? mutex_lock_nested+0x1f/0x30 [ 133.864964] memtier_hotplug_callback+0x383/0x4b0 [ 133.867752] notifier_call_chain+0xbf/0x370 [ 133.870550] ? writeback_set_ratelimit+0xe8/0x160 [ 133.873372] blocking_notifier_call_chain+0x76/0xb0 [ 133.876311] memory_notify+0x2e/0x40 [ 133.879013] online_pages+0x597/0x720 [ 133.881686] ? irqentry_exit+0x3e/0xa0 [ 133.884397] ? __pfx_online_pages+0x10/0x10 [ 133.887244] ? __sanitizer_cov_trace_const_cmp8+0x1c/0x30 [ 133.890299] ? mhp_init_memmap_on_memory+0x7a/0x1c0 [ 133.893203] memory_subsys_online+0x4f6/0x7f0 [ 133.896099] ? __pfx_memory_subsys_online+0x10/0x10 [ 133.899039] ? xa_load+0x16d/0x2e0 [ 133.901667] ? __pfx_xa_load+0x10/0x10 [ 133.904366] ? __pfx_memory_subsys_online+0x10/0x10 [ 133.907218] device_online+0x141/0x1d0 [ 133.909845] online_memory_block+0x4d/0x60 [ 133.912494] walk_memory_blocks+0xc0/0x120 [ 133.915104] ? __pfx_online_memory_block+0x10/0x10 [ 133.917776] add_memory_resource+0x51d/0x6c0 [ 133.920404] ? __pfx_add_memory_resource+0x10/0x10 [ 133.923104] ? _raw_write_unlock+0x31/0x60 [ 133.925781] ? register_memory_resource+0x119/0x180 [ 133.928450] add_memory_driver_managed+0xf5/0x180 [ 133.931036] dev_dax_kmem_probe+0x7f7/0xb40 [kmem] [ 133.933665] ? __pfx_dev_dax_kmem_probe+0x10/0x10 [kmem] [ 133.936332] ? __pfx___up_read+0x10/0x10 [ 133.938878] dax_bus_probe+0x147/0x230 [ 133.941332] ? __pfx_dax_bus_probe+0x10/0x10 [ 133.943954] really_probe+0x27f/0xac0 [ 133.946387] ? __sanitizer_cov_trace_const_cmp1+0x1e/0x30 [ 133.949106] __driver_probe_device+0x1f3/0x460 [ 133.951704] ? parse_option_str+0x149/0x190 [ 133.954241] driver_probe_device+0x56/0x1b0 [ 133.956749] __driver_attach+0x277/0x570 [ 133.959228] ? __pfx___driver_attach+0x10/0x10 [ 133.961776] bus_for_each_dev+0x145/0x1e0 [ 133.964367] ? __pfx_bus_for_each_dev+0x10/0x10 [ 133.967019] ? __kasan_check_read+0x15/0x20 [ 133.969543] ? _raw_spin_unlock+0x31/0x60 [ 133.972132] driver_attach+0x49/0x60 [ 133.974536] bus_add_driver+0x2f3/0x6b0 [ 133.977044] driver_register+0x170/0x4b0 [ 133.979480] __dax_driver_register+0x141/0x1b0 [ 133.982126] ? __pfx_dax_kmem_init+0x10/0x10 [kmem] [ 133.984724] dax_kmem_init+0x54/0xff0 [kmem] [ 133.987284] ? __pfx_dax_kmem_init+0x10/0x10 [kmem] [ 133.989965] do_one_initcall+0x117/0x5d0 [ 133.992506] ? __pfx_do_one_initcall+0x10/0x10 [ 133.995185] ? __kasan_kmalloc+0x88/0xa0 [ 133.997748] ? kasan_poison+0x3e/0x60 [ 134.000288] ? kasan_unpoison+0x2c/0x60 [ 134.002762] ? kasan_poison+0x3e/0x60 [ 134.005202] ? __asan_register_globals+0x62/0x80 [ 134.007753] ? __pfx_dax_kmem_init+0x10/0x10 [kmem] [ 134.010439] do_init_module+0x277/0x750 [ 134.012953] load_module+0x5d1d/0x74f0 [ 134.015406] ? __pfx_load_module+0x10/0x10 [ 134.017887] ? __pfx_ima_post_read_file+0x10/0x10 [ 134.020470] ? __sanitizer_cov_trace_const_cmp8+0x1c/0x30 [ 134.023127] ? __sanitizer_cov_trace_const_cmp4+0x1a/0x20 [ 134.025767] ? security_kernel_post_read_file+0xa2/0xd0 [ 134.028429] ? __sanitizer_cov_trace_const_cmp4+0x1a/0x20 [ 134.031162] ? kernel_read_file+0x503/0x820 [ 134.033645] ? __pfx_kernel_read_file+0x10/0x10 [ 134.036232] ? __pfx___lock_acquire+0x10/0x10 [ 134.038766] init_module_from_file+0x12c/0x1a0 [ 134.041291] ? init_module_from_file+0x12c/0x1a0 [ 134.043936] ? __pfx_init_module_from_file+0x10/0x10 [ 134.046516] ? __this_cpu_preempt_check+0x21/0x30 [ 134.049091] ? __kasan_check_read+0x15/0x20 [ 134.051551] ? do_raw_spin_unlock+0x60/0x210 [ 134.054077] idempotent_init_module+0x3f1/0x690 [ 134.056643] ? __pfx_idempotent_init_module+0x10/0x10 [ 134.059318] ? __sanitizer_cov_trace_const_cmp4+0x1a/0x20 [ 134.061995] ? __fget_light+0x17d/0x210 [ 134.064428] __x64_sys_finit_module+0x10e/0x1a0 [ 134.066976] x64_sys_call+0x184d/0x20d0 [ 134.069405] do_syscall_64+0x6d/0x140 [ 134.071926] entry_SYSCALL_64_after_hwframe+0x76/0x7e [yanfei.xu@intel.com: add mutex_lock/unlock() pair back] Link: https://lkml.kernel.org/r/20240830102447.1445296-1-yanfei.xu@intel.com Link: https://lkml.kernel.org/r/20240827113614.1343049-1-yanfei.xu@intel.com Fixes: 823430c8e9d9 ("memory tier: consolidate the initialization of memory tiers") Signed-off-by: Yanfei Xu Reviewed-by: "Huang, Ying" Cc: Ho-Ren (Jack) Chuang Cc: Jonathan Cameron Signed-off-by: Andrew Morton commit 7de8728f55ffd6497d4ef590218fad8da7f1af92 Author: Uladzislau Rezki (Sony) Date: Tue Aug 27 21:09:16 2024 +0200 mm: vmalloc: refactor vm_area_alloc_pages() function The aim is to simplify and making the vm_area_alloc_pages() function less confusing as it became more clogged nowadays: - eliminate a "bulk_gfp" variable and do not overwrite a gfp flag for bulk allocator; - drop __GFP_NOFAIL flag for high-order-page requests on upper layer. It becomes less spread between levels when it comes to __GFP_NOFAIL allocations; - add a comment about a fallback path if high-order attempt is unsuccessful because for such cases __GFP_NOFAIL is dropped; - fix a typo in a commit message. Link: https://lkml.kernel.org/r/20240827190916.34242-1-urezki@gmail.com Signed-off-by: Uladzislau Rezki (Sony) Acked-by: Michal Hocko Reviewed-by: Baoquan He Cc: Christoph Hellwig Cc: Oleksiy Avramchenko Signed-off-by: Andrew Morton commit 01c373e9a5ce2273812eaf83036c5357829fb3f7 Author: Lorenzo Stoakes Date: Fri Aug 30 19:10:22 2024 +0100 mm: rework vm_ops->close() handling on VMA merge In commit 714965ca8252 ("mm/mmap: start distinguishing if vma can be removed in mergeability test") we relaxed the VMA merge rules for VMAs possessing a vm_ops->close() hook, permitting this operation in instances where we wouldn't delete the VMA as part of the merge operation. This was later corrected in commit fc0c8f9089c2 ("mm, mmap: fix vma_merge() case 7 with vma_ops->close") to account for a subtle case that the previous commit had not taken into account. In both instances, we first rely on is_mergeable_vma() to determine whether we might be dealing with a VMA that might be removed, taking advantage of the fact that a 'previous' VMA will never be deleted, only VMAs that follow it. The second patch corrects the instance where a merge of the previous VMA into a subsequent one did not correctly check whether the subsequent VMA had a vm_ops->close() handler. Both changes prevent merge cases that are actually permissible (for instance a merge of a VMA into a following VMA with a vm_ops->close(), but with no previous VMA, which would result in the next VMA being extended, not deleted). In addition, both changes fail to consider the case where a VMA that would otherwise be merged with the previous and next VMA might have vm_ops->close(), on the assumption that for this to be the case, all three would have to have the same vma->vm_file to be mergeable and thus the same vm_ops. And in addition both changes operate at 50,000 feet, trying to guess whether a VMA will be deleted. As we have majorly refactored the VMA merge operation and de-duplicated code to the point where we know precisely where deletions will occur, this patch removes the aforementioned checks altogether and instead explicitly checks whether a VMA will be deleted. In cases where a reduced merge is still possible (where we merge both previous and next VMA but the next VMA has a vm_ops->close hook, meaning we could just merge the previous and current VMA), we do so, otherwise the merge is not permitted. We take advantage of our userland testing to assert that this functions correctly - replacing the previous limited vm_ops->close() tests with tests for every single case where we delete a VMA. We also update all testing for both new and modified VMAs to set vma->vm_ops->close() in every single instance where this would not prevent the merge, to assert that we never do so. Link: https://lkml.kernel.org/r/9f96b8cfeef3d14afabddac3d6144afdfbef2e22.1725040657.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Acked-by: Vlastimil Babka Cc: Liam R. Howlett Cc: Mark Brown Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit cc8cb3697a8d8eabe1fb9acb8768b11c1ab607d8 Author: Lorenzo Stoakes Date: Fri Aug 30 19:10:21 2024 +0100 mm: refactor vma_merge() into modify-only vma_merge_existing_range() The existing vma_merge() function is no longer required to handle what were previously referred to as cases 1-3 (i.e. the merging of a new VMA), as this is now handled by vma_merge_new_vma(). Additionally, simplify the convoluted control flow of the original, maintaining identical logic only expressed more clearly and doing away with a complicated set of cases, rather logically examining each possible outcome - merging of both the previous and subsequent VMA, merging of the previous VMA and merging of the subsequent VMA alone. We now utilise the previously implemented commit_merge() function to share logic with vma_expand() de-duplicating code and providing less surface area for bugs and confusion. In order to do so, we adjust this function to accept parameters specific to merging existing ranges. Link: https://lkml.kernel.org/r/2cf6016b7bfcc4965fc3cde10827560c42e4f12c.1725040657.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Cc: Liam R. Howlett Cc: Mark Brown Cc: Vlastimil Babka Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 65e0aa64df916861ad8579e23f885e56e5ec8647 Author: Lorenzo Stoakes Date: Fri Aug 30 19:10:20 2024 +0100 mm: introduce commit_merge(), abstracting final commit of merge Pull the part of vma_expand() which actually commits the merge operation, that is inserts it into the maple tree and sets the VMA's vma->vm_start and vma->vm_end parameters, into its own function. We implement only the parts needed for vma_expand() which now as a result of previous work is also the means by which new VMA ranges are merged. The next commit in the series will implement merging of existing ranges which will extend commit_merge() to accommodate this case and result in all merges using this common code. Link: https://lkml.kernel.org/r/7b985a20dfa549e3c370cd274d732b64c44f6dbd.1725040657.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Cc: Liam R. Howlett Cc: Mark Brown Cc: Vlastimil Babka Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 25d3925fa51ddeec9d5a2c9b89140f5218ec3ef4 Author: Lorenzo Stoakes Date: Fri Aug 30 19:10:19 2024 +0100 mm: make vma_prepare() and friends static and internal to vma.c Now we have abstracted merge behaviour for new VMA ranges, we are able to render vma_prepare(), init_vma_prep(), vma_complete(), can_vma_merge_before() and can_vma_merge_after() static and internal to vma.c. These are internal implementation details of kernel VMA manipulation and merging mechanisms and thus should not be exposed. This also renders the functions userland testable. Link: https://lkml.kernel.org/r/7f7f1c34ce10405a6aab2714c505af3cf41b7851.1725040657.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Cc: Liam R. Howlett Cc: Mark Brown Cc: Vlastimil Babka Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit cacded5e42b9609b07b22d80c10f0076d439f7d1 Author: Lorenzo Stoakes Date: Fri Aug 30 19:10:18 2024 +0100 mm: avoid using vma_merge() for new VMAs Abstract vma_merge_new_vma() to use vma_merge_struct and rename the resultant function vma_merge_new_range() to be clear what the purpose of this function is - a new VMA is desired in the specified range, and we wish to see if it is possible to 'merge' surrounding VMAs into this range rather than having to allocate a new VMA. Note that this function uses vma_extend() exclusively, so adopts its requirement that the iterator point at or before the gap. We add an assert to this effect. This is as opposed to vma_merge_existing_range(), which will be introduced in a subsequent commit, and provide the same functionality for cases in which we are modifying an existing VMA. In mmap_region() and do_brk_flags() we open code scenarios where we prefer to use vma_expand() rather than invoke a full vma_merge() operation. Abstract this logic and eliminate all of the open-coding, and also use the same logic for all cases where we add new VMAs to, rather than ultimately use vma_merge(), rather use vma_expand(). Doing so removes duplication and simplifies VMA merging in all such cases, laying the ground for us to eliminate the merging of new VMAs in vma_merge() altogether. Also add the ability for the vmg to track state, and able to report errors, allowing for us to differentiate a failed merge from an inability to allocate memory in callers. This makes it far easier to understand what is happening in these cases avoiding confusion, bugs and allowing for future optimisation. Also introduce vma_iter_next_rewind() to allow for retrieval of the next, and (optionally) the prev VMA, rewinding to the start of the previous gap. Introduce are_anon_vmas_compatible() to abstract individual VMA anon_vma comparison for the case of merging on both sides where the anon_vma of the VMA being merged maybe compatible with prev and next, but prev and next's anon_vma's may not be compatible with each other. Finally also introduce can_vma_merge_left() / can_vma_merge_right() to check adjacent VMA compatibility and that they are indeed adjacent. Link: https://lkml.kernel.org/r/49d37c0769b6b9dc03b27fe4d059173832556392.1725040657.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Tested-by: Mark Brown Cc: Liam R. Howlett Cc: Vlastimil Babka Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit fc21959f74bc1138b28e90a02ec224ab8626111e Author: Lorenzo Stoakes Date: Fri Aug 30 19:10:17 2024 +0100 mm: abstract vma_expand() to use vma_merge_struct The purpose of the vmg is to thread merge state through functions and avoid egregious parameter lists. We expand this to vma_expand(), which is used for a number of merge cases. Accordingly, adjust its callers, mmap_region() and relocate_vma_down(), to use a vmg. An added purpose of this change is the ability in a future commit to perform all new VMA range merging using vma_expand(). Link: https://lkml.kernel.org/r/4bc8c9dbc9ca52452ef8e587b28fe555854ceb38.1725040657.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Cc: Mark Brown Cc: Vlastimil Babka Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 3e01310d29a700b99067cb0d6ba21284f2389308 Author: Lorenzo Stoakes Date: Fri Aug 30 19:10:16 2024 +0100 mm: remove duplicated open-coded VMA policy check Both can_vma_merge_before() and can_vma_merge_after() are invoked after checking for compatible VMA NUMA policy, we can simply move this to is_mergeable_vma() and abstract this altogether. In mmap_region() we set vmg->policy to NULL, so the policy comparisons checked in can_vma_merge_before() and can_vma_merge_after() are exactly equivalent to !vma_policy(vmg.next) and !vma_policy(vmg.prev). Equally, in do_brk_flags(), vmg->policy is NULL, so the can_vma_merge_after() is checking !vma_policy(vma), as we set vmg.prev to vma. In vma_merge(), we compare prev and next policies with vmg->policy before checking can_vma_merge_after() and can_vma_merge_before() respectively, which this patch causes to be checked in precisely the same way. This therefore maintains precisely the same logic as before, only now abstracted into is_mergeable_vma(). Link: https://lkml.kernel.org/r/0dbff286d9c4988333bc6f4ff3734cb95dd5410a.1725040657.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Acked-by: Vlastimil Babka Reviewed-by: Liam R. Howlett Cc: Mark Brown Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 2f1c6611b0a89afcb8641471af5f223c9caa01e0 Author: Lorenzo Stoakes Date: Fri Aug 30 19:10:15 2024 +0100 mm: introduce vma_merge_struct and abstract vma_merge(),vma_modify() Rather than passing around huge numbers of parameters to numerous helper functions, abstract them into a single struct that we thread through the operation, the vma_merge_struct ('vmg'). Adjust vma_merge() and vma_modify() to accept this parameter, as well as predicate functions can_vma_merge_before(), can_vma_merge_after(), and the vma_modify_...() helper functions. Also introduce VMG_STATE() and VMG_VMA_STATE() helper macros to allow for easy vmg declaration. We additionally remove the requirement that vma_merge() is passed a VMA object representing the candidate new VMA. Previously it used this to obtain the mm_struct, file and anon_vma properties of the proposed range (a rather confusing state of affairs), which are now provided by the vmg directly. We also remove the pgoff calculation previously performed vma_modify(), and instead calculate this in VMG_VMA_STATE() via the vma_pgoff_offset() helper. Link: https://lkml.kernel.org/r/a955aad09d81329f6fbeb636b2dd10cde7b73dab.1725040657.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Cc: Mark Brown Cc: Vlastimil Babka Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 955db39676b6de84283b370d03683171b67dceb3 Author: Lorenzo Stoakes Date: Fri Aug 30 19:10:14 2024 +0100 tools: add VMA merge tests Add a variety of VMA merge unit tests to assert that the behaviour of VMA merge is correct at an abstract level and VMAs are merged or not merged as expected. These are intentionally added _before_ we start refactoring vma_merge() in order that we can continually assert correctness throughout the rest of the series. In order to reduce churn going forward, we backport the vma_merge_struct data type to the test code which we introduce and use in a future commit, and add wrappers around the merge new and existing VMA cases. Link: https://lkml.kernel.org/r/1c7a0b43cfad2c511a6b1b52f3507696478ff51a.1725040657.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Cc: Mark Brown Cc: Vlastimil Babka Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 4e52a60ac5c079000add146ca39b0edcc30f74cd Author: Lorenzo Stoakes Date: Fri Aug 30 19:10:13 2024 +0100 tools: improve vma test Makefile Patch series "mm: remove vma_merge()", v3. The infamous vma_merge() function has been the cause of a great deal of pain, bugs and confusion for a very long time. It is subtle, contains many corner cases, tries to do far too much and is as a result very fragile. The fact that the function requires there to be a numbering system to cover each possible eventuality with references to each in the many branches of its implementation as to which case you are looking at speaks to all this. Some of this complexity is inherent - unfortunately there is no getting away from the need to figure out precisely how to execute the merge, whether we need to remove VMAs, whether it is safe to do so, what constitutes a mergeable VMA and so on. However, a lot of the complexity is not inherent but instead a product of the function's 'organic' development. Liam has gone to great lengths to improve the situation as a part of his maple tree implementation, greatly improving the readability of the code, and Vlastimil and myself have additionally gone to lengths to try to improve things further. However, with the availability of userland VMA testing, it now becomes possible to perform a rather more significant refactoring while maintaining confidence in its correct operation. An attempt was previously made by Vlastimil [0] to eliminate vma_merge(), however it was rather - brutal - and an astute reader might refer to the date of that patch for insight as to its intent. This series instead divides merge operations into two natural kinds - merges which occur when a NEW vma is being added to the address space, and merges which occur when a vma is being MODIFIED. Happily, the vma_expand() function introduced by Liam, which has the capacity for also deleting a subsequent VMA, covers each of the NEW vma cases. By abstracting the actual final commit of changes to a VMA to its own function, commit_merge() and writing a wrapper around vma_expand() for new VMA cases vma_merge_new_range(), we can avoid having to use vma_merge() for these instances altogether. By doing so we are also able to then de-duplicate all existing merge logic in mmap_region() and do_brk_flags() and have everything invoke this new function, so we universally take the same approach to merging new VMAs. Having done so, we can then completely rework vma_merge() into vma_merge_existing_range() and use this for the instances where a merge is proposed for a region of an existing VMA. This eliminates vma_merge() and its numbered cases and instead divides things into logical cases - merge both, merge left, merge right (the latter 2 being either partial or full merges). The code is heavily annotated with ASCII diagrams and greatly simplified in comparison to the existing vma_merge() function. Having made this change, we take the opportunity to address an issue with merging VMAs possessing a vm_ops->close() hook - commit 714965ca8252 ("mm/mmap: start distinguishing if vma can be removed in mergeability test") and commit fc0c8f9089c2 ("mm, mmap: fix vma_merge() case 7 with vma_ops->close") make efforts to relax how we handle these, making assumptions about which VMAs might end up deleted (and thus, if possessing a vm_ops->close() hook, cannot be). This refactor means we do not need to guess, so instead explicitly only disallow merge in instances where a VMA with a vm_ops->close() hook would be deleted (and try a smaller merge in cases where this is possible). In addition to these changes, we introduce a new vma_merge_struct abstraction to allow VMA merge state to be threaded through the operation neatly. There is heavy unit testing provided for all merge functionality, added prior to the refactoring, allowing for before/after testing. The vm_ops->close() change also introduces exhaustive testing to demonstrate that this functions as expected, and in addition to this the reproduction code from commit fc0c8f9089c2 ("mm, mmap: fix vma_merge() case 7 with vma_ops->close") was tested and confirmed passing. [0]:https://lore.kernel.org/linux-mm/20240401192623.18575-2-vbabka@suse.cz/ This patch (of 10): Have vma.o depend on its source dependencies explicitly, as previously these were simply being ignored as existing object files were up to date. This now correctly re-triggers the build if mm/ source is changed as well as local source code. Also set clean as a phony rule. Link: https://lkml.kernel.org/r/cover.1725040657.git.lorenzo.stoakes@oracle.com Link: https://lkml.kernel.org/r/e3ea58f08364ae5432c9a074de0195a7c7e0b04a.1725040657.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Reviewed-by: Liam R. Howlett Cc: Mark Brown Cc: Vlastimil Babka Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 723e1e8b7756a552f4d6ddc8047bffe452187617 Author: Liam R. Howlett Date: Fri Aug 30 00:01:01 2024 -0400 mm/vma.h: optimise vma_munmap_struct The vma_munmap_struct has a hole of 4 bytes and pushes the struct to three cachelines. Relocating the three booleans upwards allows for the struct to only use two cachelines (as reported by pahole on amd64). Before: struct vma_munmap_struct { struct vma_iterator * vmi; /* 0 8 */ struct vm_area_struct * vma; /* 8 8 */ struct vm_area_struct * prev; /* 16 8 */ struct vm_area_struct * next; /* 24 8 */ struct list_head * uf; /* 32 8 */ long unsigned int start; /* 40 8 */ long unsigned int end; /* 48 8 */ long unsigned int unmap_start; /* 56 8 */ /* --- cacheline 1 boundary (64 bytes) --- */ long unsigned int unmap_end; /* 64 8 */ int vma_count; /* 72 4 */ /* XXX 4 bytes hole, try to pack */ long unsigned int nr_pages; /* 80 8 */ long unsigned int locked_vm; /* 88 8 */ long unsigned int nr_accounted; /* 96 8 */ long unsigned int exec_vm; /* 104 8 */ long unsigned int stack_vm; /* 112 8 */ long unsigned int data_vm; /* 120 8 */ /* --- cacheline 2 boundary (128 bytes) --- */ bool unlock; /* 128 1 */ bool clear_ptes; /* 129 1 */ bool closed_vm_ops; /* 130 1 */ /* size: 136, cachelines: 3, members: 19 */ /* sum members: 127, holes: 1, sum holes: 4 */ /* padding: 5 */ /* last cacheline: 8 bytes */ }; After: struct vma_munmap_struct { struct vma_iterator * vmi; /* 0 8 */ struct vm_area_struct * vma; /* 8 8 */ struct vm_area_struct * prev; /* 16 8 */ struct vm_area_struct * next; /* 24 8 */ struct list_head * uf; /* 32 8 */ long unsigned int start; /* 40 8 */ long unsigned int end; /* 48 8 */ long unsigned int unmap_start; /* 56 8 */ /* --- cacheline 1 boundary (64 bytes) --- */ long unsigned int unmap_end; /* 64 8 */ int vma_count; /* 72 4 */ bool unlock; /* 76 1 */ bool clear_ptes; /* 77 1 */ bool closed_vm_ops; /* 78 1 */ /* XXX 1 byte hole, try to pack */ long unsigned int nr_pages; /* 80 8 */ long unsigned int locked_vm; /* 88 8 */ long unsigned int nr_accounted; /* 96 8 */ long unsigned int exec_vm; /* 104 8 */ long unsigned int stack_vm; /* 112 8 */ long unsigned int data_vm; /* 120 8 */ /* size: 128, cachelines: 2, members: 19 */ /* sum members: 127, holes: 1, sum holes: 1 */ }; Link: https://lkml.kernel.org/r/20240830040101.822209-22-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 20831cd6f814eade5e2fffce41352d8e8de1e764 Author: Liam R. Howlett Date: Fri Aug 30 00:01:00 2024 -0400 mm/vma: drop incorrect comment from vms_gather_munmap_vmas() The comment has been outdated since 6b73cff239e52 ("mm: change munmap splitting order and move_vma()"). The move_vma() was altered to fix the fragile state of the accounting since then. Link: https://lkml.kernel.org/r/20240830040101.822209-21-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 224c1c702c08ca4d874690991f02e5b08c816e5b Author: Liam R. Howlett Date: Fri Aug 30 00:00:59 2024 -0400 mm: move may_expand_vm() check in mmap_region() The may_expand_vm() check requires the count of the pages within the munmap range. Since this is needed for accounting and obtained later, the reodering of ma_expand_vm() to later in the call stack, after the vma munmap struct (vms) is initialised and the gather stage is potentially run, will allow for a single loop over the vmas. The gather sage does not commit any work and so everything can be undone in the case of a failure. The MAP_FIXED page count is available after the vms_gather_munmap_vmas() call, so use it instead of looping over the vmas twice. Link: https://lkml.kernel.org/r/20240830040101.822209-20-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 63fc66f5b6b18f39269a66cf34d8cb7a24fbfe88 Author: Liam R. Howlett Date: Fri Aug 30 00:00:58 2024 -0400 ipc/shm, mm: drop do_vma_munmap() The do_vma_munmap() wrapper existed for callers that didn't have a vma iterator and needed to check the vma mseal status prior to calling the underlying munmap(). All callers now use a vma iterator and since the mseal check has been moved to do_vmi_align_munmap() and the vmas are aligned, this function can just be called instead. do_vmi_align_munmap() can no longer be static as ipc/shm is using it and it is exported via the mm.h header. Link: https://lkml.kernel.org/r/20240830040101.822209-19-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 13d77e0133908721f7da093ffd3169a92bae8b11 Author: Liam R. Howlett Date: Fri Aug 30 00:00:57 2024 -0400 mm/mmap: use vms accounted pages in mmap_region() Change from nr_pages variable to vms.nr_accounted for the charged pages calculation. This is necessary for a future patch. This also avoids checking security_vm_enough_memory_mm() if the amount of memory won't change. Link: https://lkml.kernel.org/r/20240830040101.822209-18-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Kees Cook Reviewed-by: Lorenzo Stoakes Reviewed-by: Suren Baghdasaryan Acked-by: Paul Moore [LSM] Cc: Kees Cook Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Sidhartha Kumar Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 5972d97c44dc00fd9436a885182adef00ae8cb22 Author: Liam R. Howlett Date: Fri Aug 30 00:00:56 2024 -0400 mm/mmap: use PHYS_PFN in mmap_region() Instead of shifting the length by PAGE_SIZE, use PHYS_PFN. Also use the existing local variable everywhere instead of some of the time. Link: https://lkml.kernel.org/r/20240830040101.822209-17-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Reviewed-by: Suren Baghdasaryan Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 4f87153e82c4906e917d273ab7accd0d540aab35 Author: Liam R. Howlett Date: Fri Aug 30 00:00:55 2024 -0400 mm: change failure of MAP_FIXED to restoring the gap on failure Prior to call_mmap(), the vmas that will be replaced need to clear the way for what may happen in the call_mmap(). This clean up work includes clearing the ptes and calling the close() vm_ops. Some users do more setup than can be restored by calling the vm_ops open() function. It is safer to store the gap in the vma tree in these cases. That is to say that the failure scenario that existed before the MAP_FIXED gap exposure is restored as it is safer than trying to undo a partial mapping. Since abort_munmap_vmas() is only reattaching vmas with this change, the function is renamed to reattach_vmas(). There is also a secondary failure that may occur if there is not enough memory to store the gap. In this case, the vmas are reattached and resources freed. If the system cannot complete the call_mmap() and fails to allocate with GFP_KERNEL, then the system will print a warning about the failure. [lorenzo.stoakes@oracle.com: fix off-by-one error in vms_abort_munmap_vmas()] Link: https://lkml.kernel.org/r/52ee7eb3-955c-4ade-b5f0-28fed8ba3d0b@lucifer.local Link: https://lkml.kernel.org/r/20240830040101.822209-16-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Signed-off-by: Lorenzo Stoakes Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit f8d112a4e657c65c888e6b8a8435ef61a66e4ab8 Author: Liam R. Howlett Date: Fri Aug 30 00:00:54 2024 -0400 mm/mmap: avoid zeroing vma tree in mmap_region() Instead of zeroing the vma tree and then overwriting the area, let the area be overwritten and then clean up the gathered vmas using vms_complete_munmap_vmas(). To ensure locking is downgraded correctly, the mm is set regardless of MAP_FIXED or not (NULL vma). If a driver is mapping over an existing vma, then clear the ptes before the call_mmap() invocation. This is done using the vms_clean_up_area() helper. If there is a close vm_ops, that must also be called to ensure any cleanup is done before mapping over the area. This also means that calling open has been added to the abort of an unmap operation, for now. Since vm_ops->open() and vm_ops->close() are not always undo each other (state cleanup may exist in ->close() that is lost forever), the code cannot be left in this way, but that change has been isolated to another commit to make this point very obvious for traceability. Temporarily keep track of the number of pages that will be removed and reduce the charged amount. This also drops the validate_mm() call in the vma_expand() function. It is necessary to drop the validate as it would fail since the mm map_count would be incorrect during a vma expansion, prior to the cleanup from vms_complete_munmap_vmas(). Clean up the error handing of the vms_gather_munmap_vmas() by calling the verification within the function. Link: https://lkml.kernel.org/r/20240830040101.822209-15-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 94f59ea591f17d5fb77f68e820b27522596a7e9e Author: Liam R. Howlett Date: Fri Aug 30 00:00:53 2024 -0400 mm: clean up unmap_region() argument list With the only caller to unmap_region() being the error path of mmap_region(), the argument list can be significantly reduced. Link: https://lkml.kernel.org/r/20240830040101.822209-14-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 9c3ebeda8fb5a8e9e82ab9364ec3d4b80cd0ec3d Author: Liam R. Howlett Date: Fri Aug 30 00:00:52 2024 -0400 mm/vma: track start and end for munmap in vma_munmap_struct Set the start and end address for munmap when the prev and next are gathered. This is needed to avoid incorrect addresses being used during the vms_complete_munmap_vmas() function if the prev/next vma are expanded. Add a new helper vms_complete_pte_clear(), which is needed later and will avoid growing the argument list to unmap_region() beyond the 9 it already has. Link: https://lkml.kernel.org/r/20240830040101.822209-13-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit d744f4acb81ae2f2c33bce71da1f65be32ed1d65 Author: Liam R. Howlett Date: Fri Aug 30 00:00:51 2024 -0400 mm/mmap: reposition vma iterator in mmap_region() Instead of moving (or leaving) the vma iterator pointing at the previous vma, leave it pointing at the insert location. Pointing the vma iterator at the insert location allows for a cleaner walk of the vma tree for MAP_FIXED and the no expansion cases. The vma_prev() call in the case of merging the previous vma is equivalent to vma_iter_prev_range(), since the vma iterator will be pointing to the location just before the previous vma. This change needs to export abort_munmap_vmas() from mm/vma. Link: https://lkml.kernel.org/r/20240830040101.822209-12-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 58e60f8284276d46709a5768dfd6d0e57f04cf45 Author: Liam R. Howlett Date: Fri Aug 30 00:00:50 2024 -0400 mm/vma: support vma == NULL in init_vma_munmap() Adding support for a NULL vma means the init_vma_munmap() can be initialized for a less error-prone process when calling vms_complete_munmap_vmas() later on. Link: https://lkml.kernel.org/r/20240830040101.822209-11-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 9014b230d88d7fc505ada416163b151be70b649a Author: Liam R. Howlett Date: Fri Aug 30 00:00:49 2024 -0400 mm/vma: expand mmap_region() munmap call Open code the do_vmi_align_munmap() call so that it can be broken up later in the series. This requires exposing a few more vma operations. Link: https://lkml.kernel.org/r/20240830040101.822209-10-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit c7c0c3c30f4ecb2d5a9869166e52ad23c0b4ec89 Author: Liam R. Howlett Date: Fri Aug 30 00:00:48 2024 -0400 mm/vma: inline munmap operation in mmap_region() mmap_region is already passed sanitized addr and len, so change the call to do_vmi_munmap() to do_vmi_align_munmap() and inline the other checks. The inlining of the function and checks is an intermediate step in the series so future patches are easier to follow. Link: https://lkml.kernel.org/r/20240830040101.822209-9-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 89b2d2a57eb97eec2e782976844995f4dd189998 Author: Liam R. Howlett Date: Fri Aug 30 00:00:47 2024 -0400 mm/vma: extract validate_mm() from vma_complete() vma_complete() will need to be called during an unsafe time to call validate_mm(). Extract the call in all places now so that only one location can be modified in the next change. Link: https://lkml.kernel.org/r/20240830040101.822209-8-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 17f1ae9b40c6b03760ca937c53e7f0d38c2613a2 Author: Liam R. Howlett Date: Fri Aug 30 00:00:46 2024 -0400 mm/vma: change munmap to use vma_munmap_struct() for accounting and surrounding vmas Clean up the code by changing the munmap operation to use a structure for the accounting and munmap variables. Since remove_mt() is only called in one location and the contents will be reduced to almost nothing. The remains of the function can be added to vms_complete_munmap_vmas(). Link: https://lkml.kernel.org/r/20240830040101.822209-7-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Reviewed-by: Suren Baghdasaryan Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit dba14840905f9ecaad0b3a261e4d7a88120c8c7a Author: Liam R. Howlett Date: Fri Aug 30 00:00:45 2024 -0400 mm/vma: introduce vma_munmap_struct for use in munmap operations Use a structure to pass along all the necessary information and counters involved in removing vmas from the mm_struct. Update vmi_ function names to vms_ to indicate the first argument type change. Link: https://lkml.kernel.org/r/20240830040101.822209-6-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Suren Baghdasaryan Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 6898c9039bc8e3027ae0fcd0f05fc2b82ccc8be0 Author: Liam R. Howlett Date: Fri Aug 30 00:00:44 2024 -0400 mm/vma: extract the gathering of vmas from do_vmi_align_munmap() Create vmi_gather_munmap_vmas() to handle the gathering of vmas into a detached maple tree for removal later. Part of the gathering is the splitting of vmas that span the boundary. Link: https://lkml.kernel.org/r/20240830040101.822209-5-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Suren Baghdasaryan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 01cf21e9e119575a5a334ec19c8b2ef0c5d44c3c Author: Liam R. Howlett Date: Fri Aug 30 00:00:43 2024 -0400 mm/vma: introduce vmi_complete_munmap_vmas() Extract all necessary operations that need to be completed after the vma maple tree is updated from a munmap() operation. Extracting this makes the later patch in the series easier to understand. Link: https://lkml.kernel.org/r/20240830040101.822209-4-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Reviewed-by: Suren Baghdasaryan Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 7e7b2370ed0551d2fa8e4bd6e4bbd603fef3cdcd Author: Liam R. Howlett Date: Fri Aug 30 00:00:42 2024 -0400 mm/vma: introduce abort_munmap_vmas() Extract clean up of failed munmap() operations from do_vmi_align_munmap(). This simplifies later patches in the series. It is worth noting that the mas_for_each() loop now has a different upper limit. This should not change the number of vmas visited for reattaching to the main vma tree (mm_mt), as all vmas are reattached in both scenarios. Link: https://lkml.kernel.org/r/20240830040101.822209-3-Liam.Howlett@oracle.com Signed-off-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Reviewed-by: Suren Baghdasaryan Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Paul Moore Cc: Sidhartha Kumar Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit b7012d513f81959596a01083415597edb04cf509 Author: Liam R. Howlett Date: Fri Aug 30 00:00:41 2024 -0400 mm/vma: correctly position vma_iterator in __split_vma() Patch series "Avoid MAP_FIXED gap exposure", v8. It is now possible to walk the vma tree using the rcu read locks and is beneficial to do so to reduce lock contention. Doing so while a MAP_FIXED mapping is executing means that a reader may see a gap in the vma tree that should never logically exist - and does not when using the mmap lock in read mode. The temporal gap exists because mmap_region() calls munmap() prior to installing the new mapping. This patch set stops rcu readers from seeing the temporal gap by splitting up the munmap() function into two parts. The first part prepares the vma tree for modifications by doing the necessary splits and tracks the vmas marked for removal in a side tree. The second part completes the munmapping of the vmas after the vma tree has been overwritten (either by a MAP_FIXED replacement vma or by a NULL in the munmap() case). Please note that rcu walkers will still be able to see a temporary state of split vmas that may be in the process of being removed, but the temporal gap will not be exposed. vma_start_write() are called on both parts of the split vma, so this state is detectable. If existing vmas have a vm_ops->close(), then they will be called prior to mapping the new vmas (and ptes are cleared out). Without calling ->close(), hugetlbfs tests fail (hugemmap06 specifically) due to resources still being marked as 'busy'. Unfortunately, calling the corresponding ->open() may not restore the state of the vmas, so it is safer to keep the existing failure scenario where a gap is inserted and never replaced. The failure scenario is in its own patch (0015) for traceability. This patch (of 21): The vma iterator may be left pointing to the newly created vma. This happens when inserting the new vma at the end of the old vma (!new_below). The incorrect position in the vma iterator is not exposed currently since the vma iterator is repositioned in the munmap path and is not reused in any of the other paths. This has limited impact in the current code, but is required for future changes. Link: https://lkml.kernel.org/r/20240830040101.822209-2-Liam.Howlett@oracle.com Fixes: b2b3b886738f ("mm: don't use __vma_adjust() in __split_vma()") Signed-off-by: Liam R. Howlett Reviewed-by: Suren Baghdasaryan Reviewed-by: Lorenzo Stoakes Cc: Bert Karwatzki Cc: Jeff Xu Cc: Jiri Olsa Cc: Kees Cook Cc: Matthew Wilcox Cc: "Paul E. McKenney" Cc: Sidhartha Kumar Cc: Vlastimil Babka Cc: Lorenzo Stoakes Cc: Mark Brown Cc: Paul Moore Signed-off-by: Andrew Morton commit 5a53623d0fe658b1b8699632ac8ed7dd0d9b2e97 Author: Mike Yuan Date: Fri Aug 23 16:27:11 2024 +0000 Documentation/cgroup-v2: clarify that zswap.writeback is ignored if zswap is disabled As discussed in [1], zswap-related settings natually lose their effect when zswap is disabled, specifically zswap.writeback here. Be explicit about this behavior. [1] https://lore.kernel.org/linux-kernel/CAKEwX=Mhbwhh-=xxCU-RjMXS_n=RpV3Gtznb2m_3JgL+jzz++g@mail.gmail.com/ [akpm@linux-foundation.org: fix/simplify text] Link: https://lkml.kernel.org/r/20240823162506.12117-3-me@yhndnzj.com Signed-off-by: Mike Yuan Cc: Johannes Weiner Cc: Michal Hocko Cc: Michal Koutný Cc: Muchun Song Cc: Nhat Pham Cc: Roman Gushchin Cc: Shakeel Butt Cc: Yosry Ahmed Signed-off-by: Andrew Morton commit fd06ce2ce4c1f93e3d5d7d2640672ccb1a94cce3 Author: Mike Yuan Date: Fri Aug 23 16:27:09 2024 +0000 selftests: test_zswap: add test for hierarchical zswap.writeback Ensure that zswap.writeback check goes up the cgroup tree, i.e. is hierarchical. Create a subcgroup which has zswap.writeback set to 1, and the upper hierarchy's restrictions shall apply. Link: https://lkml.kernel.org/r/20240823162506.12117-2-me@yhndnzj.com Signed-off-by: Mike Yuan Cc: Johannes Weiner Cc: Michal Hocko Cc: Michal Koutný Cc: Muchun Song Cc: Nhat Pham Cc: Roman Gushchin Cc: Shakeel Butt Cc: Yosry Ahmed Signed-off-by: Andrew Morton commit 20a5532ffa53d6ecf41ded920a7b0ff9c65a7dcf Author: Usama Arif Date: Fri Aug 23 20:04:40 2024 +0100 mm: remove code to handle same filled pages With an earlier commit to handle zero-filled pages in swap directly, and with only 1% of the same-filled pages being non-zero, zswap no longer needs to handle same-filled pages and can just work on compressed pages. Link: https://lkml.kernel.org/r/20240823190545.979059-3-usamaarif642@gmail.com Signed-off-by: Usama Arif Reviewed-by: Chengming Zhou Acked-by: Yosry Ahmed Reviewed-by: Nhat Pham Acked-by: Johannes Weiner Cc: Andi Kleen Cc: David Hildenbrand Cc: Hugh Dickins Cc: Johannes Weiner Cc: Matthew Wilcox (Oracle) Cc: Shakeel Butt Signed-off-by: Andrew Morton commit 0ca0c24e3211586d44a31b3c4767fe3f43a008a7 Author: Usama Arif Date: Fri Aug 23 20:04:39 2024 +0100 mm: store zero pages to be swapped out in a bitmap Patch series "mm: store zero pages to be swapped out in a bitmap", v8. As shown in the patch series that introduced the zswap same-filled optimization [1], 10-20% of the pages stored in zswap are same-filled. This is also observed across Meta's server fleet. By using VM counters in swap_writepage (not included in this patchseries) it was found that less than 1% of the same-filled pages to be swapped out are non-zero pages. For conventional swap setup (without zswap), rather than reading/writing these pages to flash resulting in increased I/O and flash wear, a bitmap can be used to mark these pages as zero at write time, and the pages can be filled at read time if the bit corresponding to the page is set. When using zswap with swap, this also means that a zswap_entry does not need to be allocated for zero filled pages resulting in memory savings which would offset the memory used for the bitmap. A similar attempt was made earlier in [2] where zswap would only track zero-filled pages instead of same-filled. This patchseries adds zero-filled pages optimization to swap (hence it can be used even if zswap is disabled) and removes the same-filled code from zswap (as only 1% of the same-filled pages are non-zero), simplifying code. [1] https://lore.kernel.org/all/20171018104832epcms5p1b2232e2236258de3d03d1344dde9fce0@epcms5p1/ [2] https://lore.kernel.org/lkml/20240325235018.2028408-1-yosryahmed@google.com/ This patch (of 2): Approximately 10-20% of pages to be swapped out are zero pages [1]. Rather than reading/writing these pages to flash resulting in increased I/O and flash wear, a bitmap can be used to mark these pages as zero at write time, and the pages can be filled at read time if the bit corresponding to the page is set. With this patch, NVMe writes in Meta server fleet decreased by almost 10% with conventional swap setup (zswap disabled). [1] https://lore.kernel.org/all/20171018104832epcms5p1b2232e2236258de3d03d1344dde9fce0@epcms5p1/ Link: https://lkml.kernel.org/r/20240823190545.979059-1-usamaarif642@gmail.com Link: https://lkml.kernel.org/r/20240823190545.979059-2-usamaarif642@gmail.com Signed-off-by: Usama Arif Reviewed-by: Chengming Zhou Reviewed-by: Yosry Ahmed Reviewed-by: Nhat Pham Acked-by: Johannes Weiner Cc: David Hildenbrand Cc: Hugh Dickins Cc: Matthew Wilcox (Oracle) Cc: Shakeel Butt Cc: Usama Arif Cc: Andi Kleen Signed-off-by: Andrew Morton commit 435b3894e74256cc93772b7e586d848a5c3433ee Author: Zhongkun He Date: Thu Aug 22 17:26:12 2024 +0800 mm:page_alloc: fix the NULL ac->nodemask in __alloc_pages_slowpath() should_reclaim_retry() is not ALLOC_CPUSET aware and that means that it considers reclaimability of NUMA nodes which are outside of the cpuset. If other nodes have a lot of reclaimable memory then should_reclaim_retry would instruct page allocator to retry even though there is no memory reclaimable on the cpuset nodemask. This is not really a huge problem because the number of retries without any reclaim progress is bound but it could be certainly improved. This is a cold path so this shouldn't really have a measurable impact on performance on most workloads. 1.Test step and the machines. ------------ root@vm:/sys/fs/cgroup/test# numactl -H | grep size node 0 size: 9477 MB node 1 size: 10079 MB node 2 size: 10079 MB node 3 size: 10078 MB root@vm:/sys/fs/cgroup/test# cat cpuset.mems 2 root@vm:/sys/fs/cgroup/test# stress --vm 1 --vm-bytes 12g --vm-keep stress: info: [33430] dispatching hogs: 0 cpu, 0 io, 1 vm, 0 hdd stress: FAIL: [33430] (425) <-- worker 33431 got signal 9 stress: WARN: [33430] (427) now reaping child worker processes stress: FAIL: [33430] (461) failed run completed in 2s 2. reclaim_retry_zone info: We can only alloc pages from node=2, but the reclaim_retry_zone is node=0 and return true. root@vm:/sys/kernel/debug/tracing# cat trace stress-33431 [001] ..... 13223.617311: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=1 wmark_check=1 stress-33431 [001] ..... 13223.617682: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=2 wmark_check=1 stress-33431 [001] ..... 13223.618103: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=3 wmark_check=1 stress-33431 [001] ..... 13223.618454: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=4 wmark_check=1 stress-33431 [001] ..... 13223.618770: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=5 wmark_check=1 stress-33431 [001] ..... 13223.619150: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=6 wmark_check=1 stress-33431 [001] ..... 13223.619510: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=7 wmark_check=1 stress-33431 [001] ..... 13223.619850: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=8 wmark_check=1 stress-33431 [001] ..... 13223.620171: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=9 wmark_check=1 stress-33431 [001] ..... 13223.620533: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=10 wmark_check=1 stress-33431 [001] ..... 13223.620894: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=11 wmark_check=1 stress-33431 [001] ..... 13223.621224: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=12 wmark_check=1 stress-33431 [001] ..... 13223.621551: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=13 wmark_check=1 stress-33431 [001] ..... 13223.621847: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=14 wmark_check=1 stress-33431 [001] ..... 13223.622200: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=15 wmark_check=1 stress-33431 [001] ..... 13223.622580: reclaim_retry_zone: node=0 zone=Normal order=0 reclaimable=4260 available=1772019 min_wmark=5962 no_progress_loops=16 wmark_check=1 With this patch, we can check the right node and get less retry in __alloc_pages_slowpath() because there is nothing to do. Link: https://lkml.kernel.org/r/20240822092612.3209286-1-hezhongkun.hzk@bytedance.com Signed-off-by: Zhongkun He Suggested-by: Michal Hocko Acked-by: Michal Hocko Cc: Johannes Weiner Cc: Mel Gorman Cc: Zefan Li Signed-off-by: Andrew Morton commit b843786b0bd01ced7fcdbf3b033d68db2f7c61b2 Author: Johannes Weiner Date: Thu Aug 22 13:24:58 2024 +0200 mm: swapfile: fix SSD detection with swapfile on btrfs We've been noticing a trend of significant lock contention in the swap subsystem as core counts have been increasing in our fleet. It turns out that our swapfiles on btrfs on flash were in fact using the old swap code for rotational storage. This turns out to be a detection issue in the swapon sequence: btrfs sets si->bdev during swap activation, which currently happens *after* swapon's SSD detection and cluster setup. Thus, none of the SSD optimizations and cluster lock splitting are enabled for btrfs swap. Rearrange the swapon sequence so that filesystem activation happens *before* determining swap behavior based on the backing device. Afterwards, the nonrotational drive is detected correctly: - Adding 2097148k swap on /mnt/swapfile. Priority:-3 extents:1 across:2097148k + Adding 2097148k swap on /mnt/swapfile. Priority:-3 extents:1 across:2097148k SS Link: https://lkml.kernel.org/r/20240822112707.351844-1-hannes@cmpxchg.org Signed-off-by: Johannes Weiner Cc: "Huang, Ying" Cc: Hugh Dickins Signed-off-by: Andrew Morton commit 0692fad55d3c1ed3766a1e8627af15b951097894 Author: Yuesong Li Date: Wed Aug 21 14:31:12 2024 +0800 mm:page-writeback: use folio_next_index() helper in writeback_iter() Simplify code pattern of 'folio->index + folio_nr_pages(folio)' by using the existing helper folio_next_index(). Link: https://lkml.kernel.org/r/20240821063112.4053157-1-liyuesong@vivo.com Signed-off-by: Yuesong Li Cc: Matthew Wilcox Signed-off-by: Andrew Morton commit c41a701d18efe6b8aa402efab16edbaba50c9548 Author: David Hildenbrand Date: Wed Aug 21 14:31:15 2024 +0200 selftests/mm: fix charge_reserved_hugetlb.sh test Currently, running the charge_reserved_hugetlb.sh selftest we can sometimes observe something like: $ ./charge_reserved_hugetlb.sh -cgroup-v2 ... write_result is 0 After write: hugetlb_usage=0 reserved_usage=10485760 killing write_to_hugetlbfs Received 2. Deleting the memory Detach failure: Invalid argument umount: /mnt/huge: target is busy. Both cases are issues in the test. While the unmount error seems to be racy, it will make the test fail: $ ./run_vmtests.sh -t hugetlb ... # [FAIL] not ok 10 charge_reserved_hugetlb.sh -cgroup-v2 # exit=32 The issue is that we are not waiting for the write_to_hugetlbfs process to quit. So it might still have a hugetlbfs file open, about which umount is not happy. Fix that by making "killall" wait for the process to quit. The other error ("Detach failure: Invalid argument") does not seem to result in a test error, but is misleading. Turns out write_to_hugetlbfs.c unconditionally tries to cleanup using shmdt(), even when we only mmap()'ed a hugetlb file. Even worse, shmaddr is never even set for the SHM case. Fix that as well. With this change it seems to work as expected. Link: https://lkml.kernel.org/r/20240821123115.2068812-1-david@redhat.com Fixes: 29750f71a9b4 ("hugetlb_cgroup: add hugetlb_cgroup reservation tests") Signed-off-by: David Hildenbrand Reported-by: Mario Casquero Reviewed-by: Mina Almasry Tested-by: Mario Casquero Cc: Shuah Khan Cc: Muchun Song Signed-off-by: Andrew Morton commit 7a87225ae2c6c317c7b80cf599e5cf0eee699196 Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 20:34:43 2024 +0100 x86: remove PG_uncached Convert x86 to use PG_arch_2 instead of PG_uncached and remove PG_uncached. Link: https://lkml.kernel.org/r/20240821193445.2294269-11-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 02e1960aafac33721401dcd92e915325fdb524b2 Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 20:34:42 2024 +0100 mm: rename PG_mappedtodisk to PG_owner_2 This flag has similar constraints to PG_owner_priv_1 -- it is ignored by core code, and is entirely for the use of the code which allocated the folio. Since the pagecache does not use it, individual filesystems can use it. The bufferhead code does use it, so filesystems which use the buffer cache must not use it for another purpose. Link: https://lkml.kernel.org/r/20240821193445.2294269-10-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 6dc151388e44957d471633ce70d72e3d27ae836d Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 20:34:41 2024 +0100 mm: remove page_has_private() This function has no more callers, except folio_has_private(). Combine the two functions. Link: https://lkml.kernel.org/r/20240821193445.2294269-9-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 3026bc1e82b695d69cde21712512922abe74aab9 Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 20:34:40 2024 +0100 mm: remove PageOwnerPriv1 While there are many aliases for this flag, nobody actually uses the *PageOwnerPriv1() nor folio_*_owner_priv_1() accessors. Remove them. Link: https://lkml.kernel.org/r/20240821193445.2294269-8-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 99f86bbda31790f2ca0e365f02650585536929ab Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 20:34:39 2024 +0100 mm: remove PageMlocked This flag is now only used on folios, so we can remove all the page accessors. Link: https://lkml.kernel.org/r/20240821193445.2294269-7-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit cb29e7941d5d57576392a52c08077ef327ec8e17 Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 20:34:38 2024 +0100 mm: remove PageUnevictable There is only one caller of PageUnevictable() left; convert it to call folio_test_unevictable() and remove all the page accessors. Link: https://lkml.kernel.org/r/20240821193445.2294269-6-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 32f51ead3d7771cdec29f75e08d50a76d2c6253d Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 20:34:37 2024 +0100 mm: remove PageSwapCache This flag is now only used on folios, so we can remove all the page accessors and reword the comments that refer to them. Link: https://lkml.kernel.org/r/20240821193445.2294269-5-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 6f394ee9ddb4bd1879e42c9c8648a37f650bea99 Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 20:34:36 2024 +0100 mm: remove PageReadahead This flag is now only used on folios, so we can remove all the page accessors. Link: https://lkml.kernel.org/r/20240821193445.2294269-4-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 0b7582803649e0e58e5f8c9a4ede362777bc7eec Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 20:34:35 2024 +0100 mm: remove PageSwapBacked This flag is now only used on folios, so we can remove all the page accessors. Link: https://lkml.kernel.org/r/20240821193445.2294269-3-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit bf03c806993091d8fb2fc0e98f07a8ef251c78f3 Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 20:34:34 2024 +0100 mm: remove PageActive Patch series "Simplify the page flags a little". In the course of our folio conversions, we have made many page flags only used on folios, so we can now remove the page-based accessors. This should cut down compile time a little, and prevent new users from cropping up. There is more that could be done in this area, but it would produce merge conflicts, so I'll sit on those patches until next merge window. We now have line of sight to removing PG_private_2 and PG_private. This patch (of 10): This flag is now only used on folios, so we can remove all the page accessors. [akpm@linux-foundation.org: fix arch/powerpc/mm/pgtable-frag.c] Link: https://lkml.kernel.org/r/20240821193445.2294269-1-willy@infradead.org Link: https://lkml.kernel.org/r/20240821193445.2294269-2-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 04cb7502a5d70a6ca230e8c24835dc7dccd39fa7 Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 18:39:12 2024 +0100 zsmalloc: use all available 24 bits of page_type Now that we have an extra 8 bits, we don't need to limit ourselves to supporting a 64KiB page size. I'm sure both Hexagon users are grateful, but it does reduce complexity a little. We can also remove reset_first_obj_offset() as calling __ClearPageZsmalloc() will now reset all 32 bits of page_type. Link: https://lkml.kernel.org/r/20240821173914.2270383-5-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Acked-by: David Hildenbrand Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Kent Overstreet Signed-off-by: Andrew Morton commit 4ffca5a96678c9fe1a39ec1e9c8fd326b57ea8a7 Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 18:39:11 2024 +0100 mm: support only one page_type per page By using a few values in the top byte, users of page_type can store up to 24 bits of additional data in page_type. It also reduces the code size as (with replacement of READ_ONCE() with data_race()), the kernel can check just a single byte. eg: ffffffff811e3a79: 8b 47 30 mov 0x30(%rdi),%eax ffffffff811e3a7c: 55 push %rbp ffffffff811e3a7d: 48 89 e5 mov %rsp,%rbp ffffffff811e3a80: 25 00 00 00 82 and $0x82000000,%eax ffffffff811e3a85: 3d 00 00 00 80 cmp $0x80000000,%eax ffffffff811e3a8a: 74 4d je ffffffff811e3ad9 becomes: ffffffff811e3a69: 80 7f 33 f5 cmpb $0xf5,0x33(%rdi) ffffffff811e3a6d: 55 push %rbp ffffffff811e3a6e: 48 89 e5 mov %rsp,%rbp ffffffff811e3a71: 74 4d je ffffffff811e3ac0 replacing three instructions with one. [wangkefeng.wang@huawei.com: fix ubsan warnings] Link: https://lkml.kernel.org/r/2d19c48a-c550-4345-bf36-d05cd303c5de@huawei.com Link: https://lkml.kernel.org/r/20240821173914.2270383-4-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Acked-by: David Hildenbrand Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Kent Overstreet Signed-off-by: Andrew Morton commit e880034cf7182aa35962bd30dfc9fa60476d56a4 Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 18:39:10 2024 +0100 mm: introduce page_mapcount_is_type() Resolve the awkward "and add one to this opaque constant" test into a self-documenting inline function. Link: https://lkml.kernel.org/r/20240821173914.2270383-3-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Acked-by: David Hildenbrand Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Kent Overstreet Signed-off-by: Andrew Morton commit e27ad6560e4b5993315b56d6884ca5a4652468f4 Author: Matthew Wilcox (Oracle) Date: Wed Aug 21 18:39:09 2024 +0100 printf: remove %pGt support Patch series "Increase the number of bits available in page_type". Kent wants more than 16 bits in page_type, so I resurrected this old patch and expanded it a bit. It's a bit more efficient than our current scheme (1 4-byte insn vs 3 insns of 13 bytes total) to test a single page type. This patch (of 4): An upcoming patch will convert page type from being a bitfield to a single byte, so we will not be able to use %pG to print the page type any more. The printing of the symbolic name will be restored in that patch. Link: https://lkml.kernel.org/r/20240821173914.2270383-1-willy@infradead.org Link: https://lkml.kernel.org/r/20240821173914.2270383-2-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Acked-by: David Hildenbrand Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Kent Overstreet Signed-off-by: Andrew Morton commit f28bdd1b17ec187eaa34845814afaaff99832762 Author: Pedro Falcato Date: Sat Aug 17 01:18:34 2024 +0100 selftests/mm: add more mseal traversal tests Add more mseal traversal tests across VMAs, where we could possibly screw up sealing checks. These test more across-vma traversal for mprotect, munmap and madvise. Particularly, we test for the case where a regular VMA is followed by a sealed VMA. [akpm@linux-foundation.org: remove incorrect comment, per review] [akpm@linux-foundation.org: remove the correct comment, per Pedro] [pedro.falcato@gmail.com: fix mseal's length] Link: https://lkml.kernel.org/r/vc4czyuemmu3kylqb4ctaga6y5yvondlyabimx6jvljlw2fkea@djawlllf45xa Link: https://lkml.kernel.org/r/20240817-mseal-depessimize-v3-7-d8d2e037df30@gmail.com Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Jeff Xu Cc: Kees Cook Cc: Linus Torvalds Cc: Michael Ellerman Cc: Shuah Khan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 5b3db2b812a1f86dfab587324d198a5d10c7a5cf Author: Pedro Falcato Date: Sat Aug 17 01:18:33 2024 +0100 mm: remove can_modify_mm() With no more users in the tree, we can finally remove can_modify_mm(). Link: https://lkml.kernel.org/r/20240817-mseal-depessimize-v3-6-d8d2e037df30@gmail.com Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Jeff Xu Cc: Kees Cook Cc: Linus Torvalds Cc: Michael Ellerman Cc: Shuah Khan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 23c57d1fa2b9530e38f7964b4e457fed5a7a0ae8 Author: Pedro Falcato Date: Sat Aug 17 01:18:32 2024 +0100 mseal: replace can_modify_mm_madv with a vma variant Replace can_modify_mm_madv() with a single vma variant, and associated checks in madvise. While we're at it, also invert the order of checks in: if (unlikely(is_ro_anon(vma) && !can_modify_vma(vma)) Checking if we can modify the vma itself (through vm_flags) is certainly cheaper than is_ro_anon() due to arch_vma_access_permitted() looking at e.g pkeys registers (with extra branches) in some architectures. This patch allows for partial madvise success when finding a sealed VMA, which historically has been allowed in Linux. Link: https://lkml.kernel.org/r/20240817-mseal-depessimize-v3-5-d8d2e037df30@gmail.com Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Jeff Xu Cc: Kees Cook Cc: Linus Torvalds Cc: Michael Ellerman Cc: Shuah Khan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 38075679b5f157eeacd46c900e9cfc684bdbc167 Author: Pedro Falcato Date: Sat Aug 17 01:18:31 2024 +0100 mm/mremap: replace can_modify_mm with can_modify_vma Delegate all can_modify checks to the proper places. Unmap checks are done in do_unmap (et al). The source VMA check is done purposefully before unmapping, to keep the original mseal semantics. Link: https://lkml.kernel.org/r/20240817-mseal-depessimize-v3-4-d8d2e037df30@gmail.com Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Jeff Xu Cc: Kees Cook Cc: Linus Torvalds Cc: Michael Ellerman Cc: Shuah Khan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 4a2dd02b09160ee43f96c759fafa7b56dfc33816 Author: Pedro Falcato Date: Sat Aug 17 01:18:30 2024 +0100 mm/mprotect: replace can_modify_mm with can_modify_vma Avoid taking an extra trip down the mmap tree by checking the vmas directly. mprotect (per POSIX) tolerates partial failure. Link: https://lkml.kernel.org/r/20240817-mseal-depessimize-v3-3-d8d2e037df30@gmail.com Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Jeff Xu Cc: Kees Cook Cc: Linus Torvalds Cc: Michael Ellerman Cc: Shuah Khan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit df2a7df9a9aa32c3df227de346693e6e802c8591 Author: Pedro Falcato Date: Sat Aug 17 01:18:29 2024 +0100 mm/munmap: replace can_modify_mm with can_modify_vma We were doing an extra mmap tree traversal just to check if the entire range is modifiable. This can be done when we iterate through the VMAs instead. Link: https://lkml.kernel.org/r/20240817-mseal-depessimize-v3-2-d8d2e037df30@gmail.com Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett LGTM, Reviewed-by: Lorenzo Stoakes Cc: Jeff Xu Cc: Kees Cook Cc: Linus Torvalds Cc: Michael Ellerman Cc: Shuah Khan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 4d1b3416659be70a2251b494e85e25978de06519 Author: Pedro Falcato Date: Sat Aug 17 01:18:28 2024 +0100 mm: move can_modify_vma to mm/vma.h Patch series "mm: Optimize mseal checks", v3. Optimize mseal checks by removing the separate can_modify_mm() step, and just doing checks on the individual vmas, when various operations are themselves iterating through the tree. This provides a nice speedup and restores performance parity with pre-mseal[3]. will-it-scale mmap1_process[1] -t 1 results: commit 3450fe2b574b4345e4296ccae395149e1a357fee: min:277605 max:277605 total:277605 min:281784 max:281784 total:281784 min:277238 max:277238 total:277238 min:281761 max:281761 total:281761 min:274279 max:274279 total:274279 min:254854 max:254854 total:254854 measurement min:269143 max:269143 total:269143 min:270454 max:270454 total:270454 min:243523 max:243523 total:243523 min:251148 max:251148 total:251148 min:209669 max:209669 total:209669 min:190426 max:190426 total:190426 min:231219 max:231219 total:231219 min:275364 max:275364 total:275364 min:266540 max:266540 total:266540 min:242572 max:242572 total:242572 min:284469 max:284469 total:284469 min:278882 max:278882 total:278882 min:283269 max:283269 total:283269 min:281204 max:281204 total:281204 After this patch set: min:280580 max:280580 total:280580 min:290514 max:290514 total:290514 min:291006 max:291006 total:291006 min:290352 max:290352 total:290352 min:294582 max:294582 total:294582 min:293075 max:293075 total:293075 measurement min:295613 max:295613 total:295613 min:294070 max:294070 total:294070 min:293193 max:293193 total:293193 min:291631 max:291631 total:291631 min:295278 max:295278 total:295278 min:293782 max:293782 total:293782 min:290361 max:290361 total:290361 min:294517 max:294517 total:294517 min:293750 max:293750 total:293750 min:293572 max:293572 total:293572 min:295239 max:295239 total:295239 min:292932 max:292932 total:292932 min:293319 max:293319 total:293319 min:294954 max:294954 total:294954 This was a Completely Unscientific test but seems to show there were around 5-10% gains on ops per second. Oliver performed his own tests and showed[3] a similar ~5% gain in them. [1]: mmap1_process does mmap and munmap in a loop. I didn't bother testing multithreading cases. [2]: https://lore.kernel.org/all/20240807124103.85644-1-mpe@ellerman.id.au/ [3]: https://lore.kernel.org/all/ZrMMJfe9aXSWxJz6@xsang-OptiPlex-9020/ Link: https://lore.kernel.org/all/202408041602.caa0372-oliver.sang@intel.com/ This patch (of 7): Move can_modify_vma to vma.h so it can be inlined properly (with the intent to remove can_modify_mm callsites). Link: https://lkml.kernel.org/r/20240817-mseal-depessimize-v3-1-d8d2e037df30@gmail.com Signed-off-by: Pedro Falcato Reviewed-by: Liam R. Howlett Reviewed-by: Lorenzo Stoakes Cc: Jeff Xu Cc: Kees Cook Cc: Linus Torvalds Cc: Michael Ellerman Cc: Pedro Falcato Cc: Shuah Khan Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 0a2d82946be67e02fdf85a4010606bdc0546ba44 Author: Yafang Shao Date: Tue Aug 20 10:26:39 2024 +0800 mm: allow read-ahead with IOCB_NOWAIT set Readahead support for IOCB_NOWAIT was introduced in commit 2e85abf053b9 ("mm: allow read-ahead with IOCB_NOWAIT set"). However, this implementation broke the semantics of IOCB_NOWAIT by potentially causing it to wait on I/O during memory reclamation. This behavior was later modified in commit efa8480a8316 ("fs: RWF_NOWAIT should imply IOCB_NOIO"). To resolve the blocking issue during memory reclamation, we can use memalloc_noio_{save,restore} to ensure non-blocking behavior. This change restores the original functionality, allowing preadv2(IOCB_NOWAIT) to trigger readahead if the file content is not present in the page cache. While this process may trigger direct memory reclamation, the __GFP_NORETRY flag is set in the readahead GFP flags, ensuring it won't block. A use case for this change is when we want to trigger readahead in the preadv2(2) syscall if the file cache is absent, but without waiting for certain filesystem locks, like xfs_ilock. A simple example is as follows: retry: if (preadv2(fd, iovec, cnt, offset, RWF_NOWAIT) < 0) { do_other_work(); goto retry; } Link: https://lore.gnuweeb.org/io-uring/20200624164127.GP21350@casper.infradead.org/ Link: https://lkml.kernel.org/r/20240820022639.89562-1-laoar.shao@gmail.com Signed-off-by: Yafang Shao Cc: Jens Axboe Cc: Matthew Wilcox Cc: Dave Chinner Cc: Jan Kara Cc: Christian Brauner Signed-off-by: Andrew Morton commit cd5f3193b432cd70cc1c19aba790300dd11ae934 Author: Kefeng Wang Date: Tue Aug 20 11:26:30 2024 +0800 mm: remove migration for HugePage in isolate_single_pageblock() The gigantic page size may larger than memory block size, so memory offline always fails in this case after commit b2c9e2fbba32 ("mm: make alloc_contig_range work at pageblock granularity"), offline_pages start_isolate_page_range start_isolate_page_range(isolate_before=true) isolate [isolate_start, isolate_start + pageblock_nr_pages) start_isolate_page_range(isolate_before=false) isolate [isolate_end - pageblock_nr_pages, isolate_end) pageblock __alloc_contig_migrate_range isolate_migratepages_range isolate_migratepages_block isolate_or_dissolve_huge_page if (hstate_is_gigantic(h)) return -ENOMEM; [ 15.815756] memory offlining [mem 0x3c0000000-0x3c7ffffff] failed due to failure to isolate range Gigantic PageHuge is bigger than a pageblock, but since it is freed as order-0 pages, its pageblocks after being freed will get to the right free list. There is no need to have special handling code for them in start_isolate_page_range(). For both alloc_contig_range() and memory offline cases, the migration code after start_isolate_page_range() will be able to migrate gigantic PageHuge when possible. Let's clean up start_isolate_page_range() and fix the aforementioned memory offline failure issue all together. Let's clean up start_isolate_page_range() and fix the aforementioned memory offline failure issue all together. Link: https://lkml.kernel.org/r/20240820032630.1894770-1-wangkefeng.wang@huawei.com Fixes: b2c9e2fbba32 ("mm: make alloc_contig_range work at pageblock granularity") Signed-off-by: Kefeng Wang Acked-by: David Hildenbrand Acked-by: Zi Yan Cc: Matthew Wilcox Cc: Oscar Salvador Signed-off-by: Andrew Morton commit 49029c4db368518edac0409a40df9d852aac92f5 Author: Thorsten Blum Date: Tue Aug 20 06:22:55 2024 +0200 mm: shrinker: use min() to improve shrinker_debugfs_scan_write() Use the min() macro to simplify the shrinker_debugfs_scan_write() function and improve its readability. Link: https://lkml.kernel.org/r/20240820042254.99115-2-thorsten.blum@toblux.com Signed-off-by: Thorsten Blum Reviewed-by: Muchun Song Cc: Dave Chinner Cc: Qi Zheng Cc: Roman Gushchin Signed-off-by: Andrew Morton commit 2e6d88e9d455fae9c4ac95c893362258f9540dfa Author: Baolin Wang Date: Tue Aug 20 17:49:17 2024 +0800 selftests: mm: support shmem mTHP collapse testing Add shmem mTHP collpase testing. Similar to the anonymous page, users can use the '-s' parameter to specify the shmem mTHP size for testing. Link: https://lkml.kernel.org/r/fa44bfa20ca5b9fd6f9163a048f3d3c1e53cd0a8.1724140601.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Cc: Barry Song <21cnbao@gmail.com> Cc: David Hildenbrand Cc: Hugh Dickins Cc: Matthew Wilcox Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit 7de856ffd007f132fd4a0474b289a622a3f88cd7 Author: Baolin Wang Date: Tue Aug 20 17:49:16 2024 +0800 mm: khugepaged: support shmem mTHP collapse Shmem already supports the allocation of mTHP, but khugepaged does not yet support collapsing mTHP folios. Now khugepaged is ready to support mTHP, and this patch enables the collapse of shmem mTHP. Link: https://lkml.kernel.org/r/b9da76aab4276eb6e5d12c479af2b5eea5b4575d.1724140601.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Cc: Barry Song <21cnbao@gmail.com> Cc: David Hildenbrand Cc: Hugh Dickins Cc: Matthew Wilcox Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit dfa98f56d932fca3eaadaed8c17393fdfa00574d Author: Baolin Wang Date: Tue Aug 20 17:49:15 2024 +0800 mm: khugepaged: support shmem mTHP copy Iterate each subpage in the large folio to copy, as preparation for supporting shmem mTHP collapse. Link: https://lkml.kernel.org/r/222d615b7c837eabb47a238126c5fdeff8aa5283.1724140601.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Cc: Barry Song <21cnbao@gmail.com> Cc: David Hildenbrand Cc: Hugh Dickins Cc: Matthew Wilcox Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit d6b8f296e8d74d685627fd746558745c13b8bd32 Author: Baolin Wang Date: Tue Aug 20 17:49:14 2024 +0800 mm: khugepaged: use the number of pages in the folio to check the reference count Use the number of pages in the folio to check the reference count as preparation for supporting shmem mTHP collapse. Link: https://lkml.kernel.org/r/9ea49262308de28957596cc6e8edc2d3a4f54659.1724140601.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Acked-by: David Hildenbrand Cc: Barry Song <21cnbao@gmail.com> Cc: Hugh Dickins Cc: Matthew Wilcox Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit fda6d4de064a9d37414df36d45836898fff5e165 Author: Baolin Wang Date: Tue Aug 20 17:49:13 2024 +0800 mm: khugepaged: expand the is_refcount_suitable() to support file folios Patch series "support shmem mTHP collapse", v2. Shmem already supports mTHP allocation[1], and this patchset adds support for shmem mTHP collapse, as well as adding relevant test cases. This patch (of 5): Expand the is_refcount_suitable() to support reference checks for file folios, as preparation for supporting shmem mTHP collapse. Link: https://lkml.kernel.org/r/cover.1724140601.git.baolin.wang@linux.alibaba.com Link: https://lkml.kernel.org/r/eae4cb3195ebbb654bfb7967cb7261d4e4e7c7fa.1724140601.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Acked-by: David Hildenbrand Cc: Barry Song <21cnbao@gmail.com> Cc: Hugh Dickins Cc: Matthew Wilcox Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit ef5f379de302884b9b7ad9b62587a942a9f0bb55 Author: David Hildenbrand Date: Tue Aug 20 14:22:10 2024 +0200 mm: always inline _compound_head() with CONFIG_HUGETLB_PAGE_OPTIMIZE_VMEMMAP=y We already force-inline page_fixed_fake_head(), page_is_fake_head() and PageTail(), however the compiler might decide that _compound_head() is not worthy to be inlined, because of page_fixed_fake_head(). The result is that, for example, PageAnonExclusive() now might involve a function call when checking PageHuge(), which performs a page_folio()->_compound_head() call. This can lead to a slight regression of the stress-ng.clone benchmark. This is not super-urgent to fix, but always inlining _compound_head() seems like the obvious thing to do for this primitive, similar to the other ones. This change restores the slight regression and a compilation with CONFIG_HUGETLB_PAGE_OPTIMIZE_VMEMMAP=y shows no relevant bloat [2]: add/remove: 15/14 grow/shrink: 79/87 up/down: 12836/-13917 (-1081) ... Total: Before=32786363, After=32785282, chg -0.00% [1] https://lkml.kernel.org/r/817150f2-abf7-430f-9973-540bd6cdd26f@intel.com [2] https://lore.kernel.org/all/116e117c-2821-401d-8e62-b85cdec37f4a@redhat.com/ Link: https://lkml.kernel.org/r/20240820122210.660140-1-david@redhat.com Fixes: c0bff412e67b ("mm: allow anon exclusive check over hugetlb tail pages") Signed-off-by: David Hildenbrand Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202407301049.5051dc19-oliver.sang@intel.com Tested-by: Yin Fengwei Cc: Peter Xu Signed-off-by: Andrew Morton commit 8c8685928910d0aae477dc7683037c3fcb3a904a Author: Uros Bizjak Date: Sun Aug 18 23:01:52 2024 +0200 mm/kmemleak: use IS_ERR_PCPU() for pointer in the percpu address space Use IS_ERR_PCPU() instead of IS_ERR() for pointers in the percpu address space. The patch also fixes following sparse warnings: kmemleak.c:1063:39: warning: cast removes address space '__percpu' of expression kmemleak.c:1138:37: warning: cast removes address space '__percpu' of expression Link: https://lkml.kernel.org/r/20240818210235.33481-2-ubizjak@gmail.com Signed-off-by: Uros Bizjak Acked-by: Catalin Marinas Signed-off-by: Andrew Morton commit a759e37fb46708029c9c3c56c3b62e6f24d85cf5 Author: Uros Bizjak Date: Sun Aug 18 23:01:51 2024 +0200 err.h: add ERR_PTR_PCPU(), PTR_ERR_PCPU() and IS_ERR_PCPU() macros Add ERR_PTR_PCPU(), PTR_ERR_PCPU() and IS_ERR_PCPU() macros that operate on pointers in the percpu address space. These macros remove the need for (__force void *) function argument casts (to avoid sparse -Wcast-from-as warnings). The patch will also avoid future build errors due to pointer address space mismatch with enabled strict percpu address space checks. Link: https://lkml.kernel.org/r/20240818210235.33481-1-ubizjak@gmail.com Signed-off-by: Uros Bizjak Acked-by: Catalin Marinas Signed-off-by: Andrew Morton commit 2f4db2861013fcfb4be11d0dc176271ae566241c Author: Jinjiang Tu Date: Mon Aug 19 21:06:09 2024 +0800 selftests/mm: remove unnecessary ia64 code and comment IA64 has gone with commit cf8e8658100d ("arch: Remove Itanium (IA-64) architecture"), so remove unnecessary ia64 special mm code and comment in selftests too. Link: https://lkml.kernel.org/r/20240819130609.3386195-1-tujinjiang@huawei.com Signed-off-by: Jinjiang Tu Cc: Kefeng Wang Cc: Mike Rapoport Cc: Nanyong Sun Signed-off-by: Andrew Morton commit 489a744e5fb16503b495ad1fa3dd1abf25b224e7 Author: Danilo Krummrich Date: Tue Aug 13 00:34:35 2024 +0200 mm: krealloc: clarify valid usage of __GFP_ZERO Properly document that if __GFP_ZERO logic is requested, callers must ensure that, starting with the initial memory allocation, every subsequent call to this API for the same memory allocation is flagged with __GFP_ZERO. Otherwise, it is possible that __GFP_ZERO is not fully honored by this API. Link: https://lkml.kernel.org/r/20240812223707.32049-2-dakr@kernel.org Signed-off-by: Danilo Krummrich Acked-by: David Rientjes Cc: Christoph Lameter Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Joonsoo Kim Cc: Pekka Enberg Cc: Roman Gushchin Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 1a83a716ec233990e1fd5b6fbb1200ade63bf450 Author: Danilo Krummrich Date: Tue Aug 13 00:34:34 2024 +0200 mm: krealloc: consider spare memory for __GFP_ZERO As long as krealloc() is called with __GFP_ZERO consistently, starting with the initial memory allocation, __GFP_ZERO should be fully honored. However, if for an existing allocation krealloc() is called with a decreased size, it is not ensured that the spare portion the allocation is zeroed. Thus, if krealloc() is subsequently called with a larger size again, __GFP_ZERO can't be fully honored, since we don't know the previous size, but only the bucket size. Example: buf = kzalloc(64, GFP_KERNEL); memset(buf, 0xff, 64); buf = krealloc(buf, 48, GFP_KERNEL | __GFP_ZERO); /* After this call the last 16 bytes are still 0xff. */ buf = krealloc(buf, 64, GFP_KERNEL | __GFP_ZERO); Fix this, by explicitly setting spare memory to zero, when shrinking an allocation with __GFP_ZERO flag set or init_on_alloc enabled. Link: https://lkml.kernel.org/r/20240812223707.32049-1-dakr@kernel.org Signed-off-by: Danilo Krummrich Acked-by: Vlastimil Babka Acked-by: David Rientjes Cc: Christoph Lameter Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Joonsoo Kim Cc: Pekka Enberg Cc: Roman Gushchin Cc: Signed-off-by: Andrew Morton commit d0b003ce97ad6518dea4b0ed70081df95de04179 Author: David Hildenbrand Date: Fri Aug 16 12:32:46 2024 +0200 mm/rmap: use folio->_mapcount for small folios We have some cases left whereby we operate on small folios and still refer to page->_mapcount. Let's just use folio->_mapcount instead, which currently still overlays page->_mapcount, so no change. This change will make it easier to later spot any remaining users of page->_mapcount that target tail pages. Link: https://lkml.kernel.org/r/20240816103246.719209-1-david@redhat.com Signed-off-by: David Hildenbrand Cc: Matthew Wilcox Signed-off-by: Andrew Morton commit cf54f310d0d313bce6505d010a555948b0ae0e2a Author: Yu Zhao Date: Tue Aug 13 21:54:51 2024 -0600 mm/hugetlb: use __GFP_COMP for gigantic folios Use __GFP_COMP for gigantic folios to greatly reduce not only the amount of code but also the allocation and free time. LOC (approximately): +60, -240 Allocate and free 500 1GB hugeTLB memory without HVO by: time echo 500 >/sys/kernel/mm/hugepages/hugepages-1048576kB/nr_hugepages time echo 0 >/sys/kernel/mm/hugepages/hugepages-1048576kB/nr_hugepages Before After Alloc ~13s ~10s Free ~15s <1s The above magnitude generally holds for multiple x86 and arm64 CPU models. Link: https://lkml.kernel.org/r/20240814035451.773331-4-yuzhao@google.com Signed-off-by: Yu Zhao Reported-by: Frank van der Linden Acked-by: Zi Yan Cc: Matthew Wilcox (Oracle) Cc: Muchun Song Signed-off-by: Andrew Morton commit 463586e9ff398f951a9a63d98a3b93f44434d20c Author: Yu Zhao Date: Tue Aug 13 21:54:50 2024 -0600 mm/cma: add cma_{alloc,free}_folio() With alloc_contig_range() and free_contig_range() supporting large folios, CMA can allocate and free large folios too, by cma_alloc_folio() and cma_free_folio(). [yuzhao@google.com: fix WARN in cma_alloc_folio()] Link: https://lkml.kernel.org/r/Zsd0PgAQmbpR8jS6@google.com Link: https://lkml.kernel.org/r/20240814035451.773331-3-yuzhao@google.com Signed-off-by: Yu Zhao Acked-by: Zi Yan Cc: Frank van der Linden Cc: Matthew Wilcox (Oracle) Cc: Muchun Song Signed-off-by: Andrew Morton commit e98337d11bbdfa3e3f0fb99aa93e40f97549e0cd Author: Yu Zhao Date: Tue Aug 13 21:54:49 2024 -0600 mm/contig_alloc: support __GFP_COMP Patch series "mm/hugetlb: alloc/free gigantic folios", v2. Use __GFP_COMP for gigantic folios can greatly reduce not only the amount of code but also the allocation and free time. Approximate LOC to mm/hugetlb.c: +60, -240 Allocate and free 500 1GB hugeTLB memory without HVO by: time echo 500 >/sys/kernel/mm/hugepages/hugepages-1048576kB/nr_hugepages time echo 0 >/sys/kernel/mm/hugepages/hugepages-1048576kB/nr_hugepages Before After Alloc ~13s ~10s Free ~15s <1s The above magnitude generally holds for multiple x86 and arm64 CPU models. Perf profile before: Alloc - 99.99% alloc_pool_huge_folio - __alloc_fresh_hugetlb_folio - 83.23% alloc_contig_pages_noprof - 47.46% alloc_contig_range_noprof - 20.96% isolate_freepages_range 16.10% split_page - 14.10% start_isolate_page_range - 12.02% undo_isolate_page_range Free - update_and_free_pages_bulk - 87.71% free_contig_range - 76.02% free_unref_page - 41.30% free_unref_page_commit - 32.58% free_pcppages_bulk - 24.75% __free_one_page 13.96% _raw_spin_trylock 12.27% __update_and_free_hugetlb_folio Perf profile after: Alloc - 99.99% alloc_pool_huge_folio alloc_gigantic_folio - alloc_contig_pages_noprof - 59.15% alloc_contig_range_noprof - 20.72% start_isolate_page_range 20.64% prep_new_page - 17.13% undo_isolate_page_range Free - update_and_free_pages_bulk - __folio_put - __free_pages_ok 7.46% free_tail_page_prepare - 1.97% free_one_page 1.86% __free_one_page This patch (of 3): Support __GFP_COMP in alloc_contig_range(). When the flag is set, upon success the function returns a large folio prepared by prep_new_page(), rather than a range of order-0 pages prepared by split_free_pages() (which is renamed from split_map_pages()). alloc_contig_range() can be used to allocate folios larger than MAX_PAGE_ORDER, e.g., gigantic hugeTLB folios. So on the free path, free_one_page() needs to handle that by split_large_buddy(). [akpm@linux-foundation.org: fix folio_alloc_gigantic_noprof() WARN expression, per Yu Liao] Link: https://lkml.kernel.org/r/20240814035451.773331-1-yuzhao@google.com Link: https://lkml.kernel.org/r/20240814035451.773331-2-yuzhao@google.com Signed-off-by: Yu Zhao Acked-by: Zi Yan Cc: Matthew Wilcox (Oracle) Cc: Muchun Song Cc: Frank van der Linden Signed-off-by: Andrew Morton commit f77f0c7514789577125c1b2df145703161736359 Author: Kaiyang Zhao Date: Wed Aug 14 17:42:27 2024 +0000 mm,memcg: provide per-cgroup counters for NUMA balancing operations The ability to observe the demotion and promotion decisions made by the kernel on a per-cgroup basis is important for monitoring and tuning containerized workloads on machines equipped with tiered memory. Different containers in the system may experience drastically different memory tiering actions that cannot be distinguished from the global counters alone. For example, a container running a workload that has a much hotter memory accesses will likely see more promotions and fewer demotions, potentially depriving a colocated container of top tier memory to such an extent that its performance degrades unacceptably. For another example, some containers may exhibit longer periods between data reuse, causing much more numa_hint_faults than numa_pages_migrated. In this case, tuning hot_threshold_ms may be appropriate, but the signal can easily be lost if only global counters are available. In the long term, we hope to introduce per-cgroup control of promotion and demotion actions to implement memory placement policies in tiering. This patch set adds seven counters to memory.stat in a cgroup: numa_pages_migrated, numa_pte_updates, numa_hint_faults, pgdemote_kswapd, pgdemote_khugepaged, pgdemote_direct and pgpromote_success. pgdemote_* and pgpromote_success are also available in memory.numa_stat. count_memcg_events_mm() is added to count multiple event occurrences at once, and get_mem_cgroup_from_folio() is added because we need to get a reference to the memcg of a folio before it's migrated to track numa_pages_migrated. The accounting of PGDEMOTE_* is moved to shrink_inactive_list() before being changed to per-cgroup. [kaiyang2@cs.cmu.edu: add documentation of the memcg counters in cgroup-v2.rst] Link: https://lkml.kernel.org/r/20240814235122.252309-1-kaiyang2@cs.cmu.edu Link: https://lkml.kernel.org/r/20240814174227.30639-1-kaiyang2@cs.cmu.edu Signed-off-by: Kaiyang Zhao Cc: David Rientjes Cc: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Cc: Roman Gushchin Cc: Shakeel Butt Cc: Wei Xu Signed-off-by: Andrew Morton commit 78788c3ede90727ffb7b17287468a08b4e78ee3d Author: Andrey Konovalov Date: Wed Aug 14 00:40:27 2024 +0200 kasan: simplify and clarify Makefile When KASAN support was being added to the Linux kernel, GCC did not yet support all of the KASAN-related compiler options. Thus, the KASAN Makefile had to probe the compiler for supported options. Nowadays, the Linux kernel GCC version requirement is 5.1+, and thus we don't need the probing of the -fasan-shadow-offset parameter: it exists in all 5.1+ GCCs. Simplify the KASAN Makefile to drop CFLAGS_KASAN_MINIMAL. Also add a few more comments and unify the indentation. [andreyknvl@gmail.com: comments fixes per Miguel] Link: https://lkml.kernel.org/r/20240814161052.10374-1-andrey.konovalov@linux.dev Link: https://lkml.kernel.org/r/20240813224027.84503-1-andrey.konovalov@linux.dev Signed-off-by: Andrey Konovalov Reviewed-by: Miguel Ojeda Acked-by: Marco Elver Cc: Alexander Potapenko Cc: Andrey Ryabinin Cc: Dmitry Vyukov Cc: Matthew Maurer Signed-off-by: Andrew Morton commit 809bc86517cc408b5b8cb8e08e69096639432bc8 Author: Baolin Wang Date: Mon Aug 12 15:42:10 2024 +0800 mm: shmem: support large folio swap out Shmem will support large folio allocation [1] [2] to get a better performance, however, the memory reclaim still splits the precious large folios when trying to swap out shmem, which may lead to the memory fragmentation issue and can not take advantage of the large folio for shmeme. Moreover, the swap code already supports for swapping out large folio without split, hence this patch set supports the large folio swap out for shmem. Note the i915_gem_shmem driver still need to be split when swapping, thus add a new flag 'split_large_folio' for writeback_control to indicate spliting the large folio. [1] https://lore.kernel.org/all/cover.1717495894.git.baolin.wang@linux.alibaba.com/ [2] https://lore.kernel.org/all/20240515055719.32577-1-da.gomez@samsung.com/ [hughd@google.com: shmem_writepage() split folio at EOF before swapout] Link: https://lkml.kernel.org/r/aef55f8d-6040-692d-65e3-16150cce4440@google.com [baolin.wang@linux.alibaba.com: remove the wbc->split_large_folio per Hugh] Link: https://lkml.kernel.org/r/1236a002daa301b3b9ba73d6c0fab348427cf295.1724833399.git.baolin.wang@linux.alibaba.com Link: https://lkml.kernel.org/r/d80c21abd20e1b0f5ca66b330f074060fb2f082d.1723434324.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Signed-off-by: Hugh Dickins Cc: Barry Song Cc: Chris Li Cc: David Hildenbrand Cc: "Huang, Ying" Cc: Kefeng Wang Cc: Lance Yang Cc: Matthew Wilcox Cc: Pankaj Raghav Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit 12885cbe88ddf6c5fc3306193a6449ac310f2331 Author: Baolin Wang Date: Mon Aug 12 15:42:09 2024 +0800 mm: shmem: split large entry if the swapin folio is not large Now the swap device can only swap-in order 0 folio, even though a large folio is swapped out. This requires us to split the large entry previously saved in the shmem pagecache to support the swap in of small folios. [hughd@google.com: fix warnings from kmalloc_fix_flags()] Link: https://lkml.kernel.org/r/e2a2ba5d-864c-50aa-7579-97cba1c7dd0c@google.com [baolin.wang@linux.alibaba.com: drop the 'new_order' parameter] Link: https://lkml.kernel.org/r/39c71ccf-669b-4d9f-923c-f6b9c4ceb8df@linux.alibaba.com Link: https://lkml.kernel.org/r/4a0f12f27c54a62eb4d9ca1265fed3a62531a63e.1723434324.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Signed-off-by: Hugh Dickins Cc: Barry Song Cc: Chris Li Cc: Daniel Gomez Cc: David Hildenbrand Cc: "Huang, Ying" Cc: Kefeng Wang Cc: Lance Yang Cc: Matthew Wilcox Cc: Pankaj Raghav Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit 872339c31f3b2dd466320a5bed54abeccf0db47b Author: Baolin Wang Date: Mon Aug 12 15:42:08 2024 +0800 mm: shmem: drop folio reference count using 'nr_pages' in shmem_delete_from_page_cache() To support large folio swapin/swapout for shmem in the following patches, drop the folio's reference count by the number of pages contained in the folio when a shmem folio is deleted from shmem pagecache after adding into swap cache. Link: https://lkml.kernel.org/r/b371eadb27f42fc51261c51008fbb9a334985b4c.1723434324.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Cc: Barry Song Cc: Chris Li Cc: Daniel Gomez Cc: David Hildenbrand Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kefeng Wang Cc: Lance Yang Cc: Matthew Wilcox Cc: Pankaj Raghav Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit 736f0e03564729a5ba609c2c4fcb37ff1e92ede4 Author: Baolin Wang Date: Mon Aug 12 15:42:07 2024 +0800 mm: shmem: support large folio allocation for shmem_replace_folio() To support large folio swapin for shmem in the following patches, add large folio allocation for the new replacement folio in shmem_replace_folio(). Moreover large folios occupy N consecutive entries in the swap cache instead of using multi-index entries like the page cache, therefore we should replace each consecutive entries in the swap cache instead of using the shmem_replace_entry(). As well as updating statistics and folio reference count using the number of pages in the folio. [baolin.wang@linux.alibaba.com: fix the gfp flag for large folio allocation] Link: https://lkml.kernel.org/r/5b1e9c5a-7f61-4d97-a8d7-41767ca04c77@linux.alibaba.com [baolin.wang@linux.alibaba.com: fix build without CONFIG_TRANSPARENT_HUGEPAGE] Link: https://lkml.kernel.org/r/8c03467c-63b2-43b4-9851-222d4188725c@linux.alibaba.com Link: https://lkml.kernel.org/r/a41138ecc857ef13e7c5ffa0174321e9e2c9970a.1723434324.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Cc: Barry Song Cc: Chris Li Cc: Daniel Gomez Cc: David Hildenbrand Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kefeng Wang Cc: Lance Yang Cc: Matthew Wilcox Cc: Pankaj Raghav Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit 40ff2d11bd58a3908897ccc689ed5d8ac498f173 Author: Baolin Wang Date: Mon Aug 12 15:42:06 2024 +0800 mm: shmem: use swap_free_nr() to free shmem swap entries As a preparation for supporting shmem large folio swapout, use swap_free_nr() to free some continuous swap entries of the shmem large folio when the large folio was swapped in from the swap cache. In addition, the index should also be round down to the number of pages when adding the swapin folio into the pagecache. Link: https://lkml.kernel.org/r/342207fa679fc88a447dac2e101ad79e6050fe79.1723434324.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Cc: Barry Song Cc: Chris Li Cc: Daniel Gomez Cc: David Hildenbrand Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kefeng Wang Cc: Lance Yang Cc: Matthew Wilcox Cc: Pankaj Raghav Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit fb72415938d109fe8cca339a4f1423f76ba213c5 Author: Baolin Wang Date: Mon Aug 12 15:42:05 2024 +0800 mm: filemap: use xa_get_order() to get the swap entry order In the following patches, shmem will support the swap out of large folios, which means the shmem mappings may contain large order swap entries, so using xa_get_order() to get the folio order of the shmem swap entry to update the '*start' correctly. [hughd@google.com: use xa_get_order() to get the swap entry order] Link: https://lkml.kernel.org/r/c336e6e4-da7f-b714-c0f1-12df715f2611@google.com Link: https://lkml.kernel.org/r/6876d55145c1cc80e79df7884aa3a62e397b101d.1723434324.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Signed-off-by: Hugh Dickins Cc: Barry Song Cc: Chris Li Cc: Daniel Gomez Cc: David Hildenbrand Cc: "Huang, Ying" Cc: Kefeng Wang Cc: Lance Yang Cc: Matthew Wilcox Cc: Pankaj Raghav Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit 6ea0d1ccb110387244e04637f28a1d2eda54e3fb Author: Daniel Gomez Date: Mon Aug 12 15:42:04 2024 +0800 mm: shmem: return number of pages beeing freed in shmem_free_swap Both shmem_free_swap callers expect the number of pages being freed. In the large folios context, this needs to support larger values other than 0 (used as 1 page being freed) and -ENOENT (used as 0 pages being freed). In preparation for large folios adoption, make shmem_free_swap routine return the number of pages being freed. So, returning 0 in this context, means 0 pages being freed. While we are at it, changing to use free_swap_and_cache_nr() to free large order swap entry by Baolin Wang. Link: https://lkml.kernel.org/r/9623e863c83d749d5ab407f6fdf0a8e5a3bdf052.1723434324.git.baolin.wang@linux.alibaba.com Signed-off-by: Daniel Gomez Signed-off-by: Baolin Wang Suggested-by: Matthew Wilcox Cc: Barry Song Cc: Chris Li Cc: David Hildenbrand Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kefeng Wang Cc: Lance Yang Cc: Pankaj Raghav Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit 50f381eccefda0cdaf7aa617587dc04cb6652085 Author: Baolin Wang Date: Mon Aug 12 15:42:03 2024 +0800 mm: shmem: extend shmem_partial_swap_usage() to support large folio swap To support shmem large folio swapout in the following patches, using xa_get_order() to get the order of the swap entry to calculate the swap usage of shmem. Link: https://lkml.kernel.org/r/60b130b9fc3e422bb91293a172c2113c85e9233a.1723434324.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Cc: Barry Song Cc: Chris Li Cc: Daniel Gomez Cc: David Hildenbrand Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kefeng Wang Cc: Lance Yang Cc: Matthew Wilcox Cc: Pankaj Raghav Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit 650180760be6bb448609d4d155eef3b728ace641 Author: Baolin Wang Date: Mon Aug 12 15:42:02 2024 +0800 mm: swap: extend swap_shmem_alloc() to support batch SWAP_MAP_SHMEM flag setting Patch series "support large folio swap-out and swap-in for shmem", v5. Shmem will support large folio allocation [1] [2] to get a better performance, however, the memory reclaim still splits the precious large folios when trying to swap-out shmem, which may lead to the memory fragmentation issue and can not take advantage of the large folio for shmeme. Moreover, the swap code already supports for swapping out large folio without split, and large folio swap-in[3] series is queued into mm-unstable branch. Hence this patch set also supports the large folio swap-out and swap-in for shmem. This patch (of 9): To support shmem large folio swap operations, add a new parameter to swap_shmem_alloc() that allows batch SWAP_MAP_SHMEM flag setting for shmem swap entries. While we are at it, using folio_nr_pages() to get the number of pages of the folio as a preparation. Link: https://lkml.kernel.org/r/cover.1723434324.git.baolin.wang@linux.alibaba.com Link: https://lkml.kernel.org/r/99f64115d04b285e009580eb177352c57119ffd0.1723434324.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Reviewed-by: Barry Song Cc: Chris Li Cc: Daniel Gomez Cc: David Hildenbrand Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kefeng Wang Cc: Lance Yang Cc: Matthew Wilcox Cc: Pankaj Raghav Cc: Ryan Roberts Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit bea67dcc5eea0f6a213897a59b9e644977cd07e6 Author: Barry Song Date: Thu Aug 8 09:58:59 2024 +1200 mm: attempt to batch free swap entries for zap_pte_range() Zhiguo reported that swap release could be a serious bottleneck during process exits[1]. With mTHP, we have the opportunity to batch free swaps. Thanks to the work of Chris and Kairui[2], I was able to achieve this optimization with minimal code changes by building on their efforts. If swap_count is 1, which is likely true as most anon memory are private, we can free all contiguous swap slots all together. Ran the below test program for measuring the bandwidth of munmap using zRAM and 64KiB mTHP: #include #include #include unsigned long long tv_to_ms(struct timeval tv) { return tv.tv_sec * 1000 + tv.tv_usec / 1000; } main() { struct timeval tv_b, tv_e; int i; #define SIZE 1024*1024*1024 void *p = mmap(NULL, SIZE, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); if (!p) { perror("fail to get memory"); exit(-1); } madvise(p, SIZE, MADV_HUGEPAGE); memset(p, 0x11, SIZE); /* write to get mem */ madvise(p, SIZE, MADV_PAGEOUT); gettimeofday(&tv_b, NULL); munmap(p, SIZE); gettimeofday(&tv_e, NULL); printf("munmap in bandwidth: %ld bytes/ms\n", SIZE/(tv_to_ms(tv_e) - tv_to_ms(tv_b))); } The result is as below (munmap bandwidth): mm-unstable mm-unstable-with-patch round1 21053761 63161283 round2 21053761 63161283 round3 21053761 63161283 round4 20648881 67108864 round5 20648881 67108864 munmap bandwidth becomes 3X faster. [1] https://lore.kernel.org/linux-mm/20240731133318.527-1-justinjiang@vivo.com/ [2] https://lore.kernel.org/linux-mm/20240730-swap-allocator-v5-0-cb9c148b9297@kernel.org/ [v-songbaohua@oppo.com: check all swaps belong to same swap_cgroup in swap_pte_batch()] Link: https://lkml.kernel.org/r/20240815215308.55233-1-21cnbao@gmail.com [hughd@google.com: add mem_cgroup_disabled() check] Link: https://lkml.kernel.org/r/33f34a88-0130-5444-9b84-93198eeb50e7@google.com [21cnbao@gmail.com: add missing zswap_invalidate()] Link: https://lkml.kernel.org/r/20240821054921.43468-1-21cnbao@gmail.com Link: https://lkml.kernel.org/r/20240807215859.57491-3-21cnbao@gmail.com Signed-off-by: Barry Song Signed-off-by: Hugh Dickins Acked-by: David Hildenbrand Cc: Kairui Song Cc: Chris Li Cc: "Huang, Ying" Cc: Kalesh Singh Cc: Ryan Roberts Cc: Barry Song Cc: Yosry Ahmed Signed-off-by: Andrew Morton commit b85508d7de901c23a2bd5194d43c57741d2b149f Author: Barry Song Date: Thu Aug 8 09:58:58 2024 +1200 mm: rename instances of swap_info_struct to meaningful 'si' Patch series "mm: batch free swaps for zap_pte_range()", v3. Batch free swap slots for zap_pte_range(), making munmap three times faster when the page table entries are filled with swap entries to be freed. This is likely another advantage of using mTHP. This patch (of 3): "p" means "pointer to something", rename it to a more meaningful identifier - "si". We also have a case with the name "sis", rename it to "si" as well. Link: https://lkml.kernel.org/r/20240807215859.57491-1-21cnbao@gmail.com Link: https://lkml.kernel.org/r/20240807215859.57491-2-21cnbao@gmail.com Signed-off-by: Barry Song Acked-by: David Hildenbrand Cc: Chris Li Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kairui Song Cc: Kalesh Singh Cc: Ryan Roberts Cc: Zhiguo Jiang Signed-off-by: Andrew Morton commit 101d6470805b6b4588d8fbae04f670611a1c63e3 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:41:10 2024 +0300 docs: move numa=fake description to kernel-parameters.txt NUMA emulation can be now enabled on arm64 and riscv in addition to x86. Move description of numa=fake parameters from x86 documentation of admin-guide/kernel-parameters.txt Link: https://lkml.kernel.org/r/20240807064110.1003856-27-rppt@kernel.org Suggested-by: Zi Yan Signed-off-by: Mike Rapoport (Microsoft) Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 1b5695b02444660297cc54cab44f123ff28de2cc Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:41:09 2024 +0300 mm: make range-to-target_node lookup facility a part of numa_memblks The x86 implementation of range-to-target_node lookup (i.e. phys_to_target_node() and memory_add_physaddr_to_nid()) relies on numa_memblks. Since numa_memblks are now part of the generic code, move these functions from x86 to mm/numa_memblks.c and select CONFIG_NUMA_KEEP_MEMINFO when CONFIG_NUMA_MEMBLKS=y for dax and cxl. [rppt@kernel.org: fix build] Link: https://lkml.kernel.org/r/ZtVfSt_zloPdDqVB@kernel.org Link: https://lkml.kernel.org/r/20240807064110.1003856-26-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Reviewed-by: Jonathan Cameron Tested-by: Zi Yan # for x86_64 and arm64 Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Reviewed-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 767507654c22578ea0b51d181211b2e7714ea7cd Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:41:08 2024 +0300 arch_numa: switch over to numa_memblks Until now arch_numa was directly translating firmware NUMA information to memblock. Using numa_memblks as an intermediate step has a few advantages: * alignment with more battle tested x86 implementation * availability of NUMA emulation * maintaining node information for not yet populated memory Adjust a few places in numa_memblks to compile with 32-bit phys_addr_t and replace current functionality related to numa_add_memblk() and __node_distance() in arch_numa with the implementation based on numa_memblks and add functions required by numa_emulation. [rppt@kernel.org: fix section mismatch] Link: https://lkml.kernel.org/r/ZrO6cExVz1He_yPn@kernel.org [rppt@kernel.org: PFN_PHYS() translation is unnecessary here] Link: https://lkml.kernel.org/r/Zs2T5wkSYO9MGcab@kernel.org Link: https://lkml.kernel.org/r/20240807064110.1003856-25-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Tested-by: Zi Yan # for x86_64 and arm64 Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 7e488677a54aecc78deee2f7fc464fd603b7dcfe Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:41:07 2024 +0300 of, numa: return -EINVAL when no numa-node-id is found Currently of_numa_parse_memory_nodes() returns 0 if no "memory" node in device tree contains "numa-node-id" property. This makes of_numa_init() to return "success" despite no NUMA nodes were actually parsed and set up. arch_numa workarounds this by returning an error if numa_nodes_parsed is empty. numa_memblks however would WARN() in such case and since it will be used by arch_numa shortly, such warning is not desirable. Make sure of_numa_init() returns -EINVAL when no NUMA node information was found in the device tree. Link: https://lkml.kernel.org/r/20240807064110.1003856-24-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit f7feea289f9ae3a8fb56e9daa3832949bf742c53 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:41:06 2024 +0300 mm: numa_memblks: use memblock_{start,end}_of_DRAM() when sanitizing meminfo numa_cleanup_meminfo() moves blocks outside system RAM to numa_reserved_meminfo and it uses 0 and PFN_PHYS(max_pfn) to determine the memory boundaries. Replace the memory range boundaries with more portable memblock_start_of_DRAM() and memblock_end_of_DRAM(). Link: https://lkml.kernel.org/r/20240807064110.1003856-23-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Tested-by: Zi Yan # for x86_64 and arm64 Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 317ef4598bdc48c0196adc02ed4edaf82af279f2 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:41:05 2024 +0300 mm: numa_memblks: make several functions and variables static Make functions and variables that are exclusively used by numa_memblks static. Move numa_nodemask_from_meminfo() before its callers to avoid forward declaration. Link: https://lkml.kernel.org/r/20240807064110.1003856-22-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Tested-by: Zi Yan # for x86_64 and arm64 Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 692d73d2f0f75e58828ab05872b3789ae1f486ef Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:41:04 2024 +0300 mm: numa_memblks: introduce numa_memblks_init Move most of x86::numa_init() to numa_memblks so that the latter will be more self-contained. With this numa_memblk data structures should not be exposed to the architecture specific code. Link: https://lkml.kernel.org/r/20240807064110.1003856-21-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Tested-by: Zi Yan # for x86_64 and arm64 Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit b0c4e27c687177aa36048110a12cba94bf291452 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:41:03 2024 +0300 mm: introduce numa_emulation Move numa_emulation code from arch/x86 to mm/numa_emulation.c This code will be later reused by arch_numa. No functional changes. Link: https://lkml.kernel.org/r/20240807064110.1003856-20-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Tested-by: Zi Yan # for x86_64 and arm64 Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: David Hildenbrand Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 75f9d4cc4eb5e15dd5ce843e33de7f6346a0d4fa Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:41:02 2024 +0300 mm: move numa_distance and related code from x86 to numa_memblks Move code dealing with numa_distance array from arch/x86 to mm/numa_memblks.c This code will be later reused by arch_numa. No functional changes. Link: https://lkml.kernel.org/r/20240807064110.1003856-19-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Tested-by: Zi Yan # for x86_64 and arm64 Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 87482708210ff3333adab4dc5f1a491793159d43 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:41:01 2024 +0300 mm: introduce numa_memblks Move code dealing with numa_memblks from arch/x86 to mm/ and add Kconfig options to let x86 select it in its Kconfig. This code will be later reused by arch_numa. No functional changes. Link: https://lkml.kernel.org/r/20240807064110.1003856-18-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Tested-by: Zi Yan # for x86_64 and arm64 Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 7a7152857d962ae742dfe3eccc64d6b706f91c40 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:41:00 2024 +0300 x86/numa: numa_{add,remove}_cpu: make cpu parameter unsigned CPU id cannot be negative. Making it unsigned also aligns with declarations in include/asm-generic/numa.h used by arm64 and riscv and allows sharing numa emulation code with these architectures. Link: https://lkml.kernel.org/r/20240807064110.1003856-17-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Reviewed-by: Jonathan Cameron Tested-by: Zi Yan # for x86_64 and arm64 Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit e52d5873d13aeb54c5baa6e1c388f6cbf69f97f4 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:59 2024 +0300 x86/numa_emu: use a helper function to get MAX_DMA32_PFN This is required to make numa emulation code architecture independent so that it can be moved to generic code in following commits. Link: https://lkml.kernel.org/r/20240807064110.1003856-16-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Reviewed-by: Jonathan Cameron Tested-by: Zi Yan # for x86_64 and arm64 Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 55e74bcca735ab51c3fa3e9571489dc72e993fa4 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:58 2024 +0300 x86/numa_emu: split __apicid_to_node update to a helper function This is required to make numa emulation code architecture independent so that it can be moved to generic code in following commits. Link: https://lkml.kernel.org/r/20240807064110.1003856-15-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Reviewed-by: Jonathan Cameron Tested-by: Zi Yan # for x86_64 and arm64 Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit e3c1299c3282490800b732093768e556fff3a2e2 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:57 2024 +0300 x86/numa_emu: simplify allocation of phys_dist By the time numa_emulation() is called, all physical memory is already mapped in the direct map and there is no need to define limits for memblock allocation. Replace memblock_phys_alloc_range() with memblock_alloc(). Link: https://lkml.kernel.org/r/20240807064110.1003856-14-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Reviewed-by: Jonathan Cameron Tested-by: Zi Yan # for x86_64 and arm64 Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit e4a5e5a5c50a99f9cc489926464fe07175593552 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:56 2024 +0300 x86/numa: move FAKE_NODE_* defines to numa_emu The definitions of FAKE_NODE_MIN_SIZE and FAKE_NODE_MIN_HASH_MASK are only used by numa emulation code, make them local to arch/x86/mm/numa_emulation.c Link: https://lkml.kernel.org/r/20240807064110.1003856-13-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Reviewed-by: Jonathan Cameron Tested-by: Zi Yan # for x86_64 and arm64 Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 77c1d0e7c580c98b256ee81763120e2c228d90cd Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:55 2024 +0300 x86/numa: use get_pfn_range_for_nid to verify that node spans memory Instead of looping over numa_meminfo array to detect node's start and end addresses use get_pfn_range_for_init(). This is shorter and make it easier to lift numa_memblks to generic code. Link: https://lkml.kernel.org/r/20240807064110.1003856-12-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Tested-by: Zi Yan # for x86_64 and arm64 Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 9916c27d1ff0964ba7ada63909e9eec17a318363 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:54 2024 +0300 x86/numa: simplify numa_distance allocation Allocation of numa_distance uses memblock_phys_alloc_range() to limit allocation to be below the last mapped page. But NUMA initializaition runs after the direct map is populated and there is also code in setup_arch() that adjusts memblock limit to reflect how much memory is already mapped in the direct map. Simplify the allocation of numa_distance and use plain memblock_alloc(). Link: https://lkml.kernel.org/r/20240807064110.1003856-11-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Tested-by: Zi Yan # for x86_64 and arm64 Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 3515863d9f29dd476cdad875fbd558fc85b4c511 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:53 2024 +0300 arch, mm: pull out allocation of NODE_DATA to generic code Architectures that support NUMA duplicate the code that allocates NODE_DATA on the node-local memory with slight variations in reporting of the addresses where the memory was allocated. Use x86 version as the basis for the generic alloc_node_data() function and call this function in architecture specific numa initialization. Round up node data size to SMP_CACHE_BYTES rather than to PAGE_SIZE like x86 used to do since the bootmem era when allocation granularity was PAGE_SIZE anyway. Link: https://lkml.kernel.org/r/20240807064110.1003856-10-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Acked-by: David Hildenbrand Reviewed-by: Jonathan Cameron Tested-by: Zi Yan # for x86_64 and arm64 Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit ec164cf1dd3df4ae58931b9b491b06a90d5c22d3 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:52 2024 +0300 mm: drop CONFIG_HAVE_ARCH_NODEDATA_EXTENSION There are no users of HAVE_ARCH_NODEDATA_EXTENSION left, so arch_alloc_nodedata() and arch_refresh_nodedata() are not needed anymore. Replace the call to arch_alloc_nodedata() in free_area_init() with a new helper alloc_offline_node_data(), remove arch_refresh_nodedata() and cleanup include/linux/memory_hotplug.h from the associated ifdefery. Link: https://lkml.kernel.org/r/20240807064110.1003856-9-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Tested-by: Zi Yan # for x86_64 and arm64 Acked-by: Dan Williams Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: David Hildenbrand Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Cameron Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 46bcce503197d1019ee5c49ccde978e31298e35f Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:51 2024 +0300 arch, mm: move definition of node_data to generic code Every architecture that supports NUMA defines node_data in the same way: struct pglist_data *node_data[MAX_NUMNODES]; No reason to keep multiple copies of this definition and its forward declarations, especially when such forward declaration is the only thing in include/asm/mmzone.h for many architectures. Add definition and declaration of node_data to generic code and drop architecture-specific versions. Link: https://lkml.kernel.org/r/20240807064110.1003856-8-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Acked-by: David Hildenbrand Reviewed-by: Jonathan Cameron Acked-by: Davidlohr Bueso Tested-by: Zi Yan # for x86_64 and arm64 Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 3ac9999c5d6f73f17e55ea360934def7f59b2890 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:50 2024 +0300 MIPS: loongson64: drop HAVE_ARCH_NODEDATA_EXTENSION Commit f8f9f21c7848 ("MIPS: Fix build error for loongson64 and sgi-ip27") added HAVE_ARCH_NODEDATA_EXTENSION to loongson64 to silence a compilation error that happened because loongson64 didn't define array of pg_data_t as node_data like most other architectures did. After rename of __node_data to node_data arch_alloc_nodedata() and HAVE_ARCH_NODEDATA_EXTENSION can be dropped from loongson64. Since it was the only user of HAVE_ARCH_NODEDATA_EXTENSION config option also remove this option from arch/mips/Kconfig. Link: https://lkml.kernel.org/r/20240807064110.1003856-7-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit e20bac6544bca0fd33e1e20617a9b82b003a23e1 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:49 2024 +0300 MIPS: loongson64: rename __node_data to node_data Make definition of node_data match other architectures. This will allow pulling declaration of node_data to the generic mm code in the following commit. Link: https://lkml.kernel.org/r/20240807064110.1003856-6-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Reviewed-by: Jiaxun Yang Reviewed-by: David Hildenbrand Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit 6c701269ab7fe72dc8948dc92ba48fcdb93df8c9 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:48 2024 +0300 MIPS: sgi-ip27: drop HAVE_ARCH_NODEDATA_EXTENSION Commit f8f9f21c7848 ("MIPS: Fix build error for loongson64 and sgi-ip27") added HAVE_ARCH_NODEDATA_EXTENSION to sgi-ip27 to silence a compilation error that happened because sgi-ip27 didn't define array of pg_data_t as node_data like most other architectures did. After addition of node_data array that matches other architectures and after ensuring that offline nodes do not appear on node_possible_map, it is safe to drop arch_alloc_nodedata() and HAVE_ARCH_NODEDATA_EXTENSION from sgi-ip27. Link: https://lkml.kernel.org/r/20240807064110.1003856-5-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit 0c4450789cec1ffc8408c1fce9ba123318060b67 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:47 2024 +0300 MIPS: sgi-ip27: ensure node_possible_map only contains valid nodes For SGI IP27 machines node_possible_map is statically set to NODE_MASK_ALL and it is not updated during NUMA initialization. Ensure that it only contains nodes present in the system. Link: https://lkml.kernel.org/r/20240807064110.1003856-4-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit bc5c8ad3cbcb2a3986fd95f59ea0b34dd8e33f06 Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:46 2024 +0300 MIPS: sgi-ip27: make NODE_DATA() the same as on all other architectures sgi-ip27 is the only system that defines NODE_DATA() differently than the rest of NUMA machines. Add node_data array of struct pglist pointers that will point to __node_data[node]->pglist and redefine NODE_DATA() to use node_data array. This will allow pulling declaration of node_data to the generic mm code in the next commit. Link: https://lkml.kernel.org/r/20240807064110.1003856-3-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Reviewed-by: Jonathan Cameron Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Acked-by: David Hildenbrand Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Cc: Zi Yan Signed-off-by: Andrew Morton commit 0e8b67982b48ce77dce2cb19dfb006ecbc8755ea Author: Mike Rapoport (Microsoft) Date: Wed Aug 7 09:40:45 2024 +0300 mm: move kernel/numa.c to mm/ Patch series "mm: introduce numa_memblks", v4. Following the discussion about handling of CXL fixed memory windows on arm64 [1] I decided to bite the bullet and move numa_memblks from x86 to the generic code so they will be available on arm64/riscv and maybe on loongarch sometime later. While it could be possible to use memblock to describe CXL memory windows, it currently lacks notion of unpopulated memory ranges and numa_memblks does implement this. Another reason to make numa_memblks generic is that both arch_numa (arm64 and riscv) and loongarch use trimmed copy of x86 code although there is no fundamental reason why the same code cannot be used on all these platforms. Having numa_memblks in mm/ will make it's interaction with ACPI and FDT more consistent and I believe will reduce maintenance burden. And with generic numa_memblks it is (almost) straightforward to enable NUMA emulation on arm64 and riscv. The first 9 commits in this series are cleanups that are not strictly related to numa_memblks. Commits 10-16 slightly reorder code in x86 to allow extracting numa_memblks and NUMA emulation to the generic code. Commits 17-19 actually move the code from arch/x86/ to mm/ and commits 20-22 does some aftermath cleanups. Commit 23 updates of_numa_init() to return error of no NUMA nodes were found in the device tree. Commit 24 switches arch_numa to numa_memblks. Commit 25 enables usage of phys_to_target_node() and memory_add_physaddr_to_nid() with numa_memblks. Commit 26 moves the description for numa=fake from x86 to admin-guide. [1] https://lore.kernel.org/all/20240529171236.32002-1-Jonathan.Cameron@huawei.com/ This patch (of 26): The stub functions in kernel/numa.c belong to mm/ rather than to kernel/ Link: https://lkml.kernel.org/r/20240807064110.1003856-1-rppt@kernel.org Link: https://lkml.kernel.org/r/20240807064110.1003856-2-rppt@kernel.org Signed-off-by: Mike Rapoport (Microsoft) Acked-by: David Hildenbrand Reviewed-by: Jonathan Cameron Tested-by: Zi Yan # for x86_64 and arm64 Tested-by: Jonathan Cameron [arm64 + CXL via QEMU] Acked-by: Dan Williams Cc: Alexander Gordeev Cc: Andreas Larsson Cc: Arnd Bergmann Cc: Borislav Petkov Cc: Catalin Marinas Cc: Christophe Leroy Cc: Dave Hansen Cc: Davidlohr Bueso Cc: David S. Miller Cc: Greg Kroah-Hartman Cc: Heiko Carstens Cc: Huacai Chen Cc: Ingo Molnar Cc: Jiaxun Yang Cc: John Paul Adrian Glaubitz Cc: Jonathan Corbet Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Rafael J. Wysocki Cc: Rob Herring (Arm) Cc: Samuel Holland Cc: Thomas Bogendoerfer Cc: Thomas Gleixner Cc: Vasily Gorbik Cc: Will Deacon Signed-off-by: Andrew Morton commit 2cacbdfdee65b18f9952620e762eab043d71b564 Author: Kairui Song Date: Tue Jul 30 23:49:21 2024 -0700 mm: swap: add a adaptive full cluster cache reclaim Link all full cluster with one full list, and reclaim from it when the allocation have ran out of all usable clusters. There are many reason a folio can end up being in the swap cache while having no swap count reference. So the best way to search for such slots is still by iterating the swap clusters. With the list as an LRU, iterating from the oldest cluster and keep them rotating is a very doable and clean way to free up potentially not inuse clusters. When any allocation failure, try reclaim and rotate only one cluster. This is adaptive for high order allocations they can tolerate fallback. So this avoids latency, and give the full cluster list an fair chance to get reclaimed. It release the usage stress for the fallback order 0 allocation or following up high order allocation. If the swap device is getting very full, reclaim more aggresively to ensure no OOM will happen. This ensures order 0 heavy workload won't go OOM as order 0 won't fail if any cluster still have any space. [ryncsn@gmail.com: fix discard of full cluster] Link: https://lkml.kernel.org/r/CAMgjq7CWwK75_2Zi5P40K08pk9iqOcuWKL6khu=x4Yg_nXaQag@mail.gmail.com Link: https://lkml.kernel.org/r/20240730-swap-allocator-v5-9-cb9c148b9297@kernel.org Signed-off-by: Kairui Song Reported-by: Barry Song <21cnbao@gmail.com> Cc: Chris Li Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kalesh Singh Cc: Ryan Roberts Cc: David Hildenbrand Cc: Kairui Song Signed-off-by: Andrew Morton commit 661383c6111a38c88df61af6bfbcfacd2ff20a67 Author: Kairui Song Date: Tue Jul 30 23:49:20 2024 -0700 mm: swap: relaim the cached parts that got scanned This commit implements reclaim during scan for cluster allocator. Cluster scanning were unable to reuse SWAP_HAS_CACHE slots, which could result in low allocation success rate or early OOM. So to ensure maximum allocation success rate, integrate reclaiming with scanning. If found a range of suitable swap slots but fragmented due to HAS_CACHE, just try to reclaim the slots. Link: https://lkml.kernel.org/r/20240730-swap-allocator-v5-8-cb9c148b9297@kernel.org Signed-off-by: Kairui Song Reported-by: Barry Song <21cnbao@gmail.com> Cc: Chris Li Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kalesh Singh Cc: Ryan Roberts Signed-off-by: Andrew Morton commit 477cb7ba28892eda112c79d8f75d10edabfc3050 Author: Kairui Song Date: Tue Jul 30 23:49:19 2024 -0700 mm: swap: add a fragment cluster list Now swap cluster allocator arranges the clusters in LRU style, so the "cold" cluster stay at the head of nonfull lists are the ones that were used for allocation long time ago and still partially occupied. So if allocator can't find enough contiguous slots to satisfy an high order allocation, it's unlikely there will be slot being free on them to satisfy the allocation, at least in a short period. As a result, nonfull cluster scanning will waste time repeatly scanning the unusable head of the list. Also, multiple CPUs could content on the same head cluster of nonfull list. Unlike free clusters which are removed from the list when any CPU starts using it, nonfull cluster stays on the head. So introduce a new list frag list, all scanned nonfull clusters will be moved to this list. Both for avoiding repeated scanning and contention. Frag list is still used as fallback for allocations, so if one CPU failed to allocate one order of slots, it can still steal other CPU's clusters. And order 0 will favor the fragmented clusters to better protect nonfull clusters If any slots on a fragment list are being freed, move the fragment list back to nonfull list indicating it worth another scan on the cluster. Compared to scan upon freeing a slot, this keep the scanning lazy and save some CPU if there are still other clusters to use. It may seems unneccessay to keep the fragmented cluster on list at all if they can't be used for specific order allocation. But this will start to make sense once reclaim dring scanning is ready. Link: https://lkml.kernel.org/r/20240730-swap-allocator-v5-7-cb9c148b9297@kernel.org Signed-off-by: Kairui Song Reported-by: Barry Song <21cnbao@gmail.com> Cc: Chris Li Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kalesh Singh Cc: Ryan Roberts Signed-off-by: Andrew Morton commit 862590ac3708e1cbbfb02a8ed78587b86ecba4ba Author: Kairui Song Date: Tue Jul 30 23:49:18 2024 -0700 mm: swap: allow cache reclaim to skip slot cache Currently we free the reclaimed slots through slot cache even if the slot is required to be empty immediately. As a result the reclaim caller will see the slot still occupied even after a successful reclaim, and need to keep reclaiming until slot cache get flushed. This caused ineffective or over reclaim when SWAP is under stress. So introduce a new flag allowing the slot to be emptied bypassing the slot cache. [21cnbao@gmail.com: small folios should have nr_pages == 1 but not nr_page == 0] Link: https://lkml.kernel.org/r/20240805015324.45134-1-21cnbao@gmail.com Link: https://lkml.kernel.org/r/20240730-swap-allocator-v5-6-cb9c148b9297@kernel.org Signed-off-by: Kairui Song Reported-by: Barry Song <21cnbao@gmail.com> Cc: Chris Li Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kalesh Singh Cc: Ryan Roberts Signed-off-by: Andrew Morton commit 650975d2b181e30c9017c42cb3f6535287555b1e Author: Kairui Song Date: Tue Jul 30 23:49:17 2024 -0700 mm: swap: skip slot cache on freeing for mTHP Currently when we are freeing mTHP folios from swap cache, we free then one by one and put each entry into swap slot cache. Slot cache is designed to reduce the overhead by batching the freeing, but mTHP swap entries are already continuous so they can be batch freed without it already, it saves litle overhead, or even increase overhead for larger mTHP. What's more, mTHP entries could stay in swap cache for a while. Contiguous swap entry is an rather rare resource so releasing them directly can help improve mTHP allocation success rate when under pressure. Link: https://lkml.kernel.org/r/20240730-swap-allocator-v5-5-cb9c148b9297@kernel.org Signed-off-by: Kairui Song Reported-by: Barry Song <21cnbao@gmail.com> Acked-by: Barry Song Cc: Chris Li Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kalesh Singh Cc: Ryan Roberts Signed-off-by: Andrew Morton commit 3b2561b5daeb3531c011491e9a6d2b934cc8f49f Author: Kairui Song Date: Tue Jul 30 23:49:16 2024 -0700 mm: swap: clean up initialization helper At this point, alloc_cluster is never called already, and inc_cluster_info_page is called by initialization only, a lot of dead code can be dropped. Link: https://lkml.kernel.org/r/20240730-swap-allocator-v5-4-cb9c148b9297@kernel.org Signed-off-by: Kairui Song Reported-by: Barry Song <21cnbao@gmail.com> Cc: Chris Li Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kalesh Singh Cc: Ryan Roberts Signed-off-by: Andrew Morton commit 5f843a9a3a1e865fbf349419bde39977c2e7d3d1 Author: Chris Li Date: Tue Jul 30 23:49:15 2024 -0700 mm: swap: separate SSD allocation from scan_swap_map_slots() Previously the SSD and HDD share the same swap_map scan loop in scan_swap_map_slots(). This function is complex and hard to flow the execution flow. scan_swap_map_try_ssd_cluster() can already do most of the heavy lifting to locate the candidate swap range in the cluster. However it needs to go back to scan_swap_map_slots() to check conflict and then perform the allocation. When scan_swap_map_try_ssd_cluster() failed, it still depended on the scan_swap_map_slots() to do brute force scanning of the swap_map. When the swapfile is large and almost full, it will take some CPU time to go through the swap_map array. Get rid of the cluster allocation dependency on the swap_map scan loop in scan_swap_map_slots(). Streamline the cluster allocation code path. No more conflict checks. For order 0 swap entry, when run out of free and nonfull list. It will allocate from the higher order nonfull cluster list. Users should see less CPU time spent on searching the free swap slot when swapfile is almost full. [ryncsn@gmail.com: fix array-bounds error with CONFIG_THP_SWAP=n] Link: https://lkml.kernel.org/r/CAMgjq7Bz0DY+rY0XgCoH7-Q=uHLdo3omi8kUr4ePDweNyofsbQ@mail.gmail.com Link: https://lkml.kernel.org/r/20240730-swap-allocator-v5-3-cb9c148b9297@kernel.org Signed-off-by: Chris Li Signed-off-by: Kairui Song Reported-by: Barry Song <21cnbao@gmail.com> Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kalesh Singh Cc: Ryan Roberts Signed-off-by: Andrew Morton commit d07a46a4ac18786e7f4c98fb08525ed80dd1f642 Author: Chris Li Date: Tue Jul 30 23:49:14 2024 -0700 mm: swap: mTHP allocate swap entries from nonfull list Track the nonfull cluster as well as the empty cluster on lists. Each order has one nonfull cluster list. The cluster will remember which order it was used during new cluster allocation. When the cluster has free entry, add to the nonfull[order] list.  When the free cluster list is empty, also allocate from the nonempty list of that order. This improves the mTHP swap allocation success rate. There are limitations if the distribution of numbers of different orders of mTHP changes a lot. e.g. there are a lot of nonfull cluster assign to order A while later time there are a lot of order B allocation while very little allocation in order A. Currently the cluster used by order A will not reused by order B unless the cluster is 100% empty. Link: https://lkml.kernel.org/r/20240730-swap-allocator-v5-2-cb9c148b9297@kernel.org Signed-off-by: Chris Li Reported-by: Barry Song <21cnbao@gmail.com> Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Kairui Song Cc: Kalesh Singh Cc: Ryan Roberts Signed-off-by: Andrew Morton commit 73ed0baae66df50359c876f65f41179d6ebd2716 Author: Chris Li Date: Tue Jul 30 23:49:13 2024 -0700 mm: swap: swap cluster switch to double link list Patch series "mm: swap: mTHP swap allocator base on swap cluster order", v5. This is the short term solutions "swap cluster order" listed in my "Swap Abstraction" discussion slice 8 in the recent LSF/MM conference. When commit 845982eb264bc "mm: swap: allow storage of all mTHP orders" is introduced, it only allocates the mTHP swap entries from the new empty cluster list.  It has a fragmentation issue reported by Barry. https://lore.kernel.org/all/CAGsJ_4zAcJkuW016Cfi6wicRr8N9X+GJJhgMQdSMp+Ah+NSgNQ@mail.gmail.com/ The reason is that all the empty clusters have been exhausted while there are plenty of free swap entries in the cluster that are not 100% free. Remember the swap allocation order in the cluster. Keep track of the per order non full cluster list for later allocation. This series gives the swap SSD allocation a new separate code path from the HDD allocation. The new allocator use cluster list only and do not global scan swap_map[] without lock any more. This streamline the swap allocation for SSD. The code matches the execution flow much better. User impact: For users that allocate and free mix order mTHP swapping, It greatly improves the success rate of the mTHP swap allocation after the initial phase. It also performs faster when the swapfile is close to full, because the allocator can get the non full cluster from a list rather than scanning a lot of swap_map entries.  With Barry's mthp test program V2: Without: $ ./thp_swap_allocator_test -a Iteration 1: swpout inc: 32, swpout fallback inc: 192, Fallback percentage: 85.71% Iteration 2: swpout inc: 0, swpout fallback inc: 231, Fallback percentage: 100.00% Iteration 3: swpout inc: 0, swpout fallback inc: 227, Fallback percentage: 100.00% ... Iteration 98: swpout inc: 0, swpout fallback inc: 224, Fallback percentage: 100.00% Iteration 99: swpout inc: 0, swpout fallback inc: 215, Fallback percentage: 100.00% Iteration 100: swpout inc: 0, swpout fallback inc: 222, Fallback percentage: 100.00% $ ./thp_swap_allocator_test -a -s Iteration 1: swpout inc: 0, swpout fallback inc: 224, Fallback percentage: 100.00% Iteration 2: swpout inc: 0, swpout fallback inc: 218, Fallback percentage: 100.00% Iteration 3: swpout inc: 0, swpout fallback inc: 222, Fallback percentage: 100.00% .. Iteration 98: swpout inc: 0, swpout fallback inc: 228, Fallback percentage: 100.00% Iteration 99: swpout inc: 0, swpout fallback inc: 230, Fallback percentage: 100.00% Iteration 100: swpout inc: 0, swpout fallback inc: 229, Fallback percentage: 100.00% $ ./thp_swap_allocator_test -s Iteration 1: swpout inc: 0, swpout fallback inc: 224, Fallback percentage: 100.00% Iteration 2: swpout inc: 0, swpout fallback inc: 218, Fallback percentage: 100.00% Iteration 3: swpout inc: 0, swpout fallback inc: 222, Fallback percentage: 100.00% .. Iteration 98: swpout inc: 0, swpout fallback inc: 228, Fallback percentage: 100.00% Iteration 99: swpout inc: 0, swpout fallback inc: 230, Fallback percentage: 100.00% Iteration 100: swpout inc: 0, swpout fallback inc: 229, Fallback percentage: 100.00% $ ./thp_swap_allocator_test Iteration 1: swpout inc: 0, swpout fallback inc: 224, Fallback percentage: 100.00% Iteration 2: swpout inc: 0, swpout fallback inc: 218, Fallback percentage: 100.00% Iteration 3: swpout inc: 0, swpout fallback inc: 222, Fallback percentage: 100.00% .. Iteration 98: swpout inc: 0, swpout fallback inc: 228, Fallback percentage: 100.00% Iteration 99: swpout inc: 0, swpout fallback inc: 230, Fallback percentage: 100.00% Iteration 100: swpout inc: 0, swpout fallback inc: 229, Fallback percentage: 100.00% With: # with all 0.00% filter out $ ./thp_swap_allocator_test -a | grep -v "0.00%" $ # all result are 0.00% $ ./thp_swap_allocator_test -a -s | grep -v "0.00%" ./thp_swap_allocator_test -a -s | grep -v "0.00%" Iteration 14: swpout inc: 223, swpout fallback inc: 3, Fallback percentage: 1.33% Iteration 19: swpout inc: 219, swpout fallback inc: 7, Fallback percentage: 3.10% Iteration 28: swpout inc: 225, swpout fallback inc: 1, Fallback percentage: 0.44% Iteration 29: swpout inc: 227, swpout fallback inc: 1, Fallback percentage: 0.44% Iteration 34: swpout inc: 220, swpout fallback inc: 8, Fallback percentage: 3.51% Iteration 35: swpout inc: 222, swpout fallback inc: 11, Fallback percentage: 4.72% Iteration 38: swpout inc: 217, swpout fallback inc: 4, Fallback percentage: 1.81% Iteration 40: swpout inc: 222, swpout fallback inc: 6, Fallback percentage: 2.63% Iteration 42: swpout inc: 221, swpout fallback inc: 2, Fallback percentage: 0.90% Iteration 43: swpout inc: 215, swpout fallback inc: 7, Fallback percentage: 3.15% Iteration 47: swpout inc: 226, swpout fallback inc: 2, Fallback percentage: 0.88% Iteration 49: swpout inc: 217, swpout fallback inc: 1, Fallback percentage: 0.46% Iteration 52: swpout inc: 221, swpout fallback inc: 8, Fallback percentage: 3.49% Iteration 56: swpout inc: 224, swpout fallback inc: 4, Fallback percentage: 1.75% Iteration 58: swpout inc: 214, swpout fallback inc: 5, Fallback percentage: 2.28% Iteration 62: swpout inc: 220, swpout fallback inc: 3, Fallback percentage: 1.35% Iteration 64: swpout inc: 224, swpout fallback inc: 1, Fallback percentage: 0.44% Iteration 67: swpout inc: 221, swpout fallback inc: 1, Fallback percentage: 0.45% Iteration 75: swpout inc: 220, swpout fallback inc: 9, Fallback percentage: 3.93% Iteration 82: swpout inc: 227, swpout fallback inc: 1, Fallback percentage: 0.44% Iteration 86: swpout inc: 211, swpout fallback inc: 12, Fallback percentage: 5.38% Iteration 89: swpout inc: 226, swpout fallback inc: 2, Fallback percentage: 0.88% Iteration 93: swpout inc: 220, swpout fallback inc: 1, Fallback percentage: 0.45% Iteration 94: swpout inc: 224, swpout fallback inc: 1, Fallback percentage: 0.44% Iteration 96: swpout inc: 221, swpout fallback inc: 6, Fallback percentage: 2.64% Iteration 98: swpout inc: 227, swpout fallback inc: 1, Fallback percentage: 0.44% Iteration 99: swpout inc: 227, swpout fallback inc: 3, Fallback percentage: 1.30% $ ./thp_swap_allocator_test ./thp_swap_allocator_test Iteration 1: swpout inc: 233, swpout fallback inc: 0, Fallback percentage: 0.00% Iteration 2: swpout inc: 131, swpout fallback inc: 101, Fallback percentage: 43.53% Iteration 3: swpout inc: 71, swpout fallback inc: 155, Fallback percentage: 68.58% Iteration 4: swpout inc: 55, swpout fallback inc: 168, Fallback percentage: 75.34% Iteration 5: swpout inc: 35, swpout fallback inc: 191, Fallback percentage: 84.51% Iteration 6: swpout inc: 25, swpout fallback inc: 199, Fallback percentage: 88.84% Iteration 7: swpout inc: 23, swpout fallback inc: 205, Fallback percentage: 89.91% Iteration 8: swpout inc: 9, swpout fallback inc: 219, Fallback percentage: 96.05% Iteration 9: swpout inc: 13, swpout fallback inc: 213, Fallback percentage: 94.25% Iteration 10: swpout inc: 12, swpout fallback inc: 216, Fallback percentage: 94.74% Iteration 11: swpout inc: 16, swpout fallback inc: 213, Fallback percentage: 93.01% Iteration 12: swpout inc: 10, swpout fallback inc: 210, Fallback percentage: 95.45% Iteration 13: swpout inc: 16, swpout fallback inc: 212, Fallback percentage: 92.98% Iteration 14: swpout inc: 12, swpout fallback inc: 212, Fallback percentage: 94.64% Iteration 15: swpout inc: 15, swpout fallback inc: 211, Fallback percentage: 93.36% Iteration 16: swpout inc: 15, swpout fallback inc: 200, Fallback percentage: 93.02% Iteration 17: swpout inc: 9, swpout fallback inc: 220, Fallback percentage: 96.07% $ ./thp_swap_allocator_test -s ./thp_swap_allocator_test -s Iteration 1: swpout inc: 233, swpout fallback inc: 0, Fallback percentage: 0.00% Iteration 2: swpout inc: 97, swpout fallback inc: 135, Fallback percentage: 58.19% Iteration 3: swpout inc: 42, swpout fallback inc: 192, Fallback percentage: 82.05% Iteration 4: swpout inc: 19, swpout fallback inc: 214, Fallback percentage: 91.85% Iteration 5: swpout inc: 12, swpout fallback inc: 213, Fallback percentage: 94.67% Iteration 6: swpout inc: 11, swpout fallback inc: 217, Fallback percentage: 95.18% Iteration 7: swpout inc: 9, swpout fallback inc: 214, Fallback percentage: 95.96% Iteration 8: swpout inc: 8, swpout fallback inc: 213, Fallback percentage: 96.38% Iteration 9: swpout inc: 2, swpout fallback inc: 223, Fallback percentage: 99.11% Iteration 10: swpout inc: 2, swpout fallback inc: 228, Fallback percentage: 99.13% Iteration 11: swpout inc: 4, swpout fallback inc: 214, Fallback percentage: 98.17% Iteration 12: swpout inc: 5, swpout fallback inc: 226, Fallback percentage: 97.84% Iteration 13: swpout inc: 3, swpout fallback inc: 212, Fallback percentage: 98.60% Iteration 14: swpout inc: 0, swpout fallback inc: 222, Fallback percentage: 100.00% Iteration 15: swpout inc: 3, swpout fallback inc: 222, Fallback percentage: 98.67% Iteration 16: swpout inc: 4, swpout fallback inc: 223, Fallback percentage: 98.24% ========= Kernel compile under tmpfs with cgroup memory.max = 470M. 12 core 24 hyperthreading, 32 jobs. 10 Run each group SSD swap 10 runs average, 20G swap partition: With: user 2929.064 system 1479.381 : 1376.89 1398.22 1444.64 1477.39 1479.04 1497.27 1504.47 1531.4 1532.92 1551.57 real 1441.324 Without: user 2910.872 system 1482.732 : 1440.01 1451.4 1462.01 1467.47 1467.51 1469.3 1470.19 1496.32 1544.1 1559.01 real 1580.822 Two zram swap: zram0 3.0G zram1 20G. The idea is forcing the zram0 almost full then overflow to zram1: With: user 4320.301 system 4272.403 : 4236.24 4262.81 4264.75 4269.13 4269.44 4273.06 4279.85 4285.98 4289.64 4293.13 real 431.759 Without user 4301.393 system 4387.672 : 4374.47 4378.3 4380.95 4382.84 4383.06 4388.05 4389.76 4397.16 4398.23 4403.9 real 433.979 ------ more test result from Kaiui ---------- Test with build linux kernel using a 4G ZRAM, 1G memory.max limit on top of shmem: System info: 32 Core AMD Zen2, 64G total memory. Test 3 times using only 4K pages: ================================= With: ----- 1838.74user 2411.21system 2:37.86elapsed 2692%CPU (0avgtext+0avgdata 847060maxresident)k 1839.86user 2465.77system 2:39.35elapsed 2701%CPU (0avgtext+0avgdata 847060maxresident)k 1840.26user 2454.68system 2:39.43elapsed 2693%CPU (0avgtext+0avgdata 847060maxresident)k Summary (~4.6% improment of system time): User: 1839.62 System: 2443.89: 2465.77 2454.68 2411.21 Real: 158.88 Without: -------- 1837.99user 2575.95system 2:43.09elapsed 2706%CPU (0avgtext+0avgdata 846520maxresident)k 1838.32user 2555.15system 2:42.52elapsed 2709%CPU (0avgtext+0avgdata 846520maxresident)k 1843.02user 2561.55system 2:43.35elapsed 2702%CPU (0avgtext+0avgdata 846520maxresident)k Summary: User: 1839.78 System: 2564.22: 2575.95 2555.15 2561.55 Real: 162.99 Test 5 times using enabled all mTHP pages: ========================================== With: ----- 1796.44user 2937.33system 2:59.09elapsed 2643%CPU (0avgtext+0avgdata 846936maxresident)k 1802.55user 3002.32system 2:54.68elapsed 2750%CPU (0avgtext+0avgdata 847072maxresident)k 1806.59user 2986.53system 2:55.17elapsed 2736%CPU (0avgtext+0avgdata 847092maxresident)k 1803.27user 2982.40system 2:54.49elapsed 2742%CPU (0avgtext+0avgdata 846796maxresident)k 1807.43user 3036.08system 2:56.06elapsed 2751%CPU (0avgtext+0avgdata 846488maxresident)k Summary (~8.4% improvement of system time): User: 1803.25 System: 2988.93: 2937.33 3002.32 2986.53 2982.40 3036.08 Real: 175.90 mTHP swapout status: /sys/kernel/mm/transparent_hugepage/hugepages-32kB/stats/swpout:347721 /sys/kernel/mm/transparent_hugepage/hugepages-32kB/stats/swpout_fallback:3110 /sys/kernel/mm/transparent_hugepage/hugepages-512kB/stats/swpout:3365 /sys/kernel/mm/transparent_hugepage/hugepages-512kB/stats/swpout_fallback:8269 /sys/kernel/mm/transparent_hugepage/hugepages-2048kB/stats/swpout:24 /sys/kernel/mm/transparent_hugepage/hugepages-2048kB/stats/swpout_fallback:3341 /sys/kernel/mm/transparent_hugepage/hugepages-1024kB/stats/swpout:145 /sys/kernel/mm/transparent_hugepage/hugepages-1024kB/stats/swpout_fallback:5038 /sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/swpout:322737 /sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/swpout_fallback:36808 /sys/kernel/mm/transparent_hugepage/hugepages-16kB/stats/swpout:380455 /sys/kernel/mm/transparent_hugepage/hugepages-16kB/stats/swpout_fallback:1010 /sys/kernel/mm/transparent_hugepage/hugepages-256kB/stats/swpout:24973 /sys/kernel/mm/transparent_hugepage/hugepages-256kB/stats/swpout_fallback:13223 /sys/kernel/mm/transparent_hugepage/hugepages-128kB/stats/swpout:197348 /sys/kernel/mm/transparent_hugepage/hugepages-128kB/stats/swpout_fallback:80541 Without: -------- 1794.41user 3151.29system 3:05.97elapsed 2659%CPU (0avgtext+0avgdata 846704maxresident)k 1810.27user 3304.48system 3:05.38elapsed 2759%CPU (0avgtext+0avgdata 846636maxresident)k 1809.84user 3254.85system 3:03.83elapsed 2755%CPU (0avgtext+0avgdata 846952maxresident)k 1813.54user 3259.56system 3:04.28elapsed 2752%CPU (0avgtext+0avgdata 846848maxresident)k 1829.97user 3338.40system 3:07.32elapsed 2759%CPU (0avgtext+0avgdata 847024maxresident)k Summary: User: 1811.61 System: 3261.72 : 3151.29 3304.48 3254.85 3259.56 3338.40 Real: 185.356 mTHP swapout status: hugepages-32kB/stats/swpout:35630 hugepages-32kB/stats/swpout_fallback:1809908 hugepages-512kB/stats/swpout:523 hugepages-512kB/stats/swpout_fallback:55235 hugepages-2048kB/stats/swpout:53 hugepages-2048kB/stats/swpout_fallback:17264 hugepages-1024kB/stats/swpout:85 hugepages-1024kB/stats/swpout_fallback:24979 hugepages-64kB/stats/swpout:30117 hugepages-64kB/stats/swpout_fallback:1825399 hugepages-16kB/stats/swpout:42775 hugepages-16kB/stats/swpout_fallback:1951123 hugepages-256kB/stats/swpout:2326 hugepages-256kB/stats/swpout_fallback:170165 hugepages-128kB/stats/swpout:17925 hugepages-128kB/stats/swpout_fallback:1309757 This patch (of 9): Previously, the swap cluster used a cluster index as a pointer to construct a custom single link list type "swap_cluster_list". The next cluster pointer is shared with the cluster->count. It prevents puting the non free cluster into a list. Change the cluster to use the standard double link list instead. This allows tracing the nonfull cluster in the follow up patch. That way, it is faster to get to the nonfull cluster of that order. Remove the cluster getter/setter for accessing the cluster struct member. The list operation is protected by the swap_info_struct->lock. Change cluster code to use "struct swap_cluster_info *" to reference the cluster rather than by using index. That is more consistent with the list manipulation. It avoids the repeat adding index to the cluser_info. The code is easier to understand. Remove the cluster next pointer is NULL flag, the double link list can handle the empty list pretty well. The "swap_cluster_info" struct is two pointer bigger, because 512 swap entries share one swap_cluster_info struct, it has very little impact on the average memory usage per swap entry. For 1TB swapfile, the swap cluster data structure increases from 8MB to 24MB. Other than the list conversion, there is no real function change in this patch. Link: https://lkml.kernel.org/r/20240730-swap-allocator-v5-0-cb9c148b9297@kernel.org Link: https://lkml.kernel.org/r/20240730-swap-allocator-v5-1-cb9c148b9297@kernel.org Signed-off-by: Chris Li Reported-by: Barry Song <21cnbao@gmail.com> Reviewed-by: "Huang, Ying" Cc: Hugh Dickins Cc: Kairui Song Cc: Kalesh Singh Cc: Ryan Roberts Signed-off-by: Andrew Morton commit f689a3ab7b8ece9e5787ff058b96b8630e4931ad Author: Chen Yu Date: Sat Aug 31 19:01:19 2024 +0800 dma-direct: optimize page freeing when it is not addressable When the CMA allocation succeeds but isn't addressable, its buffer has already been released and the page is set to NULL. So later when the normal page allocation succeeds but isn't addressable, __free_pages() can be used to free that normal page rather than using dma_free_contiguous that does extra checks that are not needed. Signed-off-by: Chen Yu Signed-off-by: Christoph Hellwig commit de6c85bf918ea52d5c680f0d130b37ee2ff152d6 Author: Christoph Hellwig Date: Wed Aug 28 09:02:47 2024 +0300 dma-mapping: clearly mark DMA ops as an architecture feature DMA ops are a helper for architectures and not for drivers to override the DMA implementation. Unfortunately driver authors keep ignoring this. Make the fact more clear by renaming the symbol to ARCH_HAS_DMA_OPS and having the two drivers overriding their dma_ops depend on that. These drivers should probably be marked broken, but we can give them a bit of a grace period for that. Signed-off-by: Christoph Hellwig Reviewed-by: Thomas Gleixner Acked-by: Sakari Ailus # for IPU6 Acked-by: Robin Murphy commit 92193b3569ade4968011007356c8606def0657a1 Author: Christoph Hellwig Date: Wed Aug 28 09:00:08 2024 +0300 vdpa_sim: don't select DMA_OPS vdpa_sim has been fixed to not override the dma_map_ops in commit 6c3d329e6486 ("vdpa_sim: get rid of DMA ops"), so don't select the symbol and don't depend on HAS_DMA. Signed-off-by: Christoph Hellwig Acked-by: Michael S. Tsirkin commit ff2beee206d23f49d022650122f81285849033e4 Author: Ojaswin Mujoo Date: Fri Aug 30 12:50:58 2024 +0530 ext4: convert EXT4_B2C(sbi->s_stripe) users to EXT4_NUM_B2C Although we have checks to make sure s_stripe is a multiple of cluster size, in case we accidentally end up with a scenario where this is not the case, use EXT4_NUM_B2C() so that we don't end up with unexpected cases where EXT4_B2C(stripe) becomes 0. Also make the is_stripe_aligned check in regular_allocator a bit more robust while we are at it. This should ideally have no functional change unless we have a bug somewhere causing (stripe % cluster_size != 0) Reviewed-by: Kemeng Shi Signed-off-by: Ojaswin Mujoo Reviewed-by: Ritesh Harjani (IBM) Link: https://patch.msgid.link/e0c0a3b58a40935a1361f668851d041575861411.1725002410.git.ojaswin@linux.ibm.com Signed-off-by: Theodore Ts'o commit ee85e0938aa8f9846d21e4d302c3cf6a2a75110d Author: Ojaswin Mujoo Date: Fri Aug 30 12:50:57 2024 +0530 ext4: check stripe size compatibility on remount as well We disable stripe size in __ext4_fill_super if it is not a multiple of the cluster ratio however this check is missed when trying to remount. This can leave us with cases where stripe < cluster_ratio after remount:set making EXT4_B2C(sbi->s_stripe) become 0 that can cause some unforeseen bugs like divide by 0. Fix that by adding the check in remount path as well. Reported-by: syzbot+1ad8bac5af24d01e2cbd@syzkaller.appspotmail.com Tested-by: syzbot+1ad8bac5af24d01e2cbd@syzkaller.appspotmail.com Reviewed-by: Kemeng Shi Reviewed-by: Ritesh Harjani (IBM) Fixes: c3defd99d58c ("ext4: treat stripe in block unit") Signed-off-by: Ojaswin Mujoo Link: https://patch.msgid.link/3a493bb503c3598e25dcfbed2936bb2dff3fece7.1725002410.git.ojaswin@linux.ibm.com Signed-off-by: Theodore Ts'o commit cc749e61c011c255d81b192a822db650c68b313f Author: Artem Sadovnikov Date: Thu Aug 29 15:22:09 2024 +0000 ext4: fix i_data_sem unlock order in ext4_ind_migrate() Fuzzing reports a possible deadlock in jbd2_log_wait_commit. This issue is triggered when an EXT4_IOC_MIGRATE ioctl is set to require synchronous updates because the file descriptor is opened with O_SYNC. This can lead to the jbd2_journal_stop() function calling jbd2_might_wait_for_commit(), potentially causing a deadlock if the EXT4_IOC_MIGRATE call races with a write(2) system call. This problem only arises when CONFIG_PROVE_LOCKING is enabled. In this case, the jbd2_might_wait_for_commit macro locks jbd2_handle in the jbd2_journal_stop function while i_data_sem is locked. This triggers lockdep because the jbd2_journal_start function might also lock the same jbd2_handle simultaneously. Found by Linux Verification Center (linuxtesting.org) with syzkaller. Reviewed-by: Ritesh Harjani (IBM) Co-developed-by: Mikhail Ukhin Signed-off-by: Mikhail Ukhin Signed-off-by: Artem Sadovnikov Rule: add Link: https://lore.kernel.org/stable/20240404095000.5872-1-mish.uxin2012%40yandex.ru Link: https://patch.msgid.link/20240829152210.2754-1-ancowi69@gmail.com Signed-off-by: Theodore Ts'o commit 183aa1d3baea18b199505455a0247b13de826e2f Author: Shida Zhang Date: Fri Aug 30 13:37:39 2024 +0800 ext4: remove the special buffer dirty handling in do_journal_get_write_access This kinda revert the commit 56d35a4cd13e("ext4: Fix dirtying of journalled buffers in data=journal mode") made by Jan 14 years ago, since the do_get_write_access() itself can deal with the extra unexpected buf dirting things in a proper way now. Suggested-by: Jan Kara Signed-off-by: Shida Zhang Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240830053739.3588573-5-zhangshida@kylinos.cn Signed-off-by: Theodore Ts'o commit cb3de5fc876ee9ef2b830c9e6cdafac5c90903ef Author: Shida Zhang Date: Fri Aug 30 13:37:38 2024 +0800 ext4: fix a potential assertion failure due to improperly dirtied buffer On an old kernel version(4.19, ext3, data=journal, pagesize=64k), an assertion failure will occasionally be triggered by the line below: ----------- jbd2_journal_commit_transaction { ... J_ASSERT_BH(bh, !buffer_dirty(bh)); /* * The buffer on BJ_Forget list and not jbddirty means ... } ----------- The same condition may also be applied to the lattest kernel version. When blocksize < pagesize and we truncate a file, there can be buffers in the mapping tail page beyond i_size. These buffers will be filed to transaction's BJ_Forget list by ext4_journalled_invalidatepage() during truncation. When the transaction doing truncate starts committing, we can grow the file again. This calls __block_write_begin() which allocates new blocks under these buffers in the tail page we go through the branch: if (buffer_new(bh)) { clean_bdev_bh_alias(bh); if (folio_test_uptodate(folio)) { clear_buffer_new(bh); set_buffer_uptodate(bh); mark_buffer_dirty(bh); continue; } ... } Hence buffers on BJ_Forget list of the committing transaction get marked dirty and this triggers the jbd2 assertion. Teach ext4_block_write_begin() to properly handle files with data journalling by avoiding dirtying them directly. Instead of folio_zero_new_buffers() we use ext4_journalled_zero_new_buffers() which takes care of handling journalling. We also don't need to mark new uptodate buffers as dirty in ext4_block_write_begin(). That will be either done either by block_commit_write() in case of success or by folio_zero_new_buffers() in case of failure. Reported-by: Baolin Liu Suggested-by: Jan Kara Signed-off-by: Shida Zhang Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240830053739.3588573-4-zhangshida@kylinos.cn Signed-off-by: Theodore Ts'o commit 6b730a405037501a260d6efd24782d2737e65d07 Author: Shida Zhang Date: Fri Aug 30 13:37:37 2024 +0800 ext4: hoist ext4_block_write_begin and replace the __block_write_begin Using __block_write_begin() make it inconvenient to journal the user data dirty process. We can't tell the block layer maintainer, ‘Hey, we want to trace the dirty user data in ext4, can we add some special code for ext4 in __block_write_begin?’:P So use ext4_block_write_begin() instead. The two functions are basically doing the same thing except for the fscrypt related code. Remove the unnecessary #ifdef since fscrypt_inode_uses_fs_layer_crypto() returns false (and it's known at compile time) when !CONFIG_FS_ENCRYPTION. And hoist the ext4_block_write_begin so that it can be used in other files. Suggested-by: Jan Kara Suggested-by: Eric Biggers Signed-off-by: Shida Zhang Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240830053739.3588573-3-zhangshida@kylinos.cn Signed-off-by: Theodore Ts'o commit 3910b513fcdf33030798755c722174ef4a827d2a Author: Shida Zhang Date: Fri Aug 30 13:37:36 2024 +0800 ext4: persist the new uptodate buffers in ext4_journalled_zero_new_buffers For new uptodate buffers we also need to call write_end_fn() to persist the uptodate content, similarly as folio_zero_new_buffers() does it. Suggested-by: Jan Kara Signed-off-by: Shida Zhang Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240830053739.3588573-2-zhangshida@kylinos.cn Signed-off-by: Theodore Ts'o commit 59efe53e380ee305ec11378233adb6aaebe1856c Author: yangerkun Date: Thu Aug 29 19:02:22 2024 +0800 ext4: dax: keep orphan list before truncate overflow allocated blocks Any extending write for ext4 requires the inode to be placed on the orphan list before the actual write. In addition, the inode can be actually removed from the orphan list only after all writes are completed. Otherwise we'd leave allocated blocks beyond i_disksize if we could not copy all the data into allocated block and e2fsck would complain. Currently, direct IO and buffered IO comply with this logic(buffered IO will truncate all overflow allocated blocks that has not been written successfully, and direct IO will truncate all allocated blocks when error occurs). However, dax write break this since dax write will remove the inode from the orphan list by calling ext4_handle_inode_extension unconditionally during extending write. We add a argument to help determine does we do a fully write, and for the case not fully write, we leave the inode on the orphan list, and the latter ext4_inode_extension_cleanup will help us truncate the overflow allocated blocks, and then remove the inode from the orphan list. Signed-off-by: yangerkun Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240829110222.126685-1-yangerkun@huaweicloud.com Signed-off-by: Theodore Ts'o commit a2187431c395cdfbf144e3536f25468c64fc7cfa Author: Gabriel Krisman Bertazi Date: Tue Aug 27 16:16:36 2024 -0400 ext4: fix error message when rejecting the default hash Commit 985b67cd8639 ("ext4: filesystems without casefold feature cannot be mounted with siphash") properly rejects volumes where s_def_hash_version is set to DX_HASH_SIPHASH, but the check and the error message should not look into casefold setup - a filesystem should never have DX_HASH_SIPHASH as the default hash. Fix it and, since we are there, move the check to ext4_hash_info_init. Fixes:985b67cd8639 ("ext4: filesystems without casefold feature cannot be mounted with siphash") Signed-off-by: Gabriel Krisman Bertazi Link: https://patch.msgid.link/87jzg1en6j.fsf_-_@mailhost.krisman.be Signed-off-by: Theodore Ts'o commit 5f48d4d9d8556ffa934537f0c000f9c3e108da66 Author: Baokun Li Date: Thu Aug 22 10:35:45 2024 +0800 ext4: save unnecessary indentation in ext4_ext_create_new_leaf() Save an indentation level in ext4_ext_create_new_leaf() by removing unnecessary 'else'. Besides, the variable 'ee_block' is declared to avoid line breaks. No functional changes. Suggested-by: Jan Kara Signed-off-by: Baokun Li Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240822023545.1994557-26-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 2352e3e461926b59f01c1e39fbb0494891cff997 Author: Baokun Li Date: Thu Aug 22 10:35:44 2024 +0800 ext4: make some fast commit functions reuse extents path The ext4_find_extent() can update the extent path so that it does not have to allocate and free the path repeatedly, thus reducing the consumption of memory allocation and freeing in the following functions: ext4_ext_clear_bb ext4_ext_replay_set_iblocks ext4_fc_replay_add_range ext4_fc_set_bitmaps_and_counters No functional changes. Note that ext4_find_extent() does not support error pointers, so in this case set path to NULL first. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-25-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit a2c613b8c4860d5e70010e7391fff727c5d96bab Author: Baokun Li Date: Thu Aug 22 10:35:43 2024 +0800 ext4: refactor ext4_swap_extents() to reuse extents path The ext4_find_extent() can update the extent path so it doesn't have to allocate and free path repeatedly, thus reducing the consumption of memory allocation and freeing in ext4_swap_extents(). Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-24-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 4191eefef978d734fa8249bede3f9b02a85aa3c0 Author: Baokun Li Date: Thu Aug 22 10:35:42 2024 +0800 ext4: get rid of ppath in convert_initialized_extent() The use of path and ppath is now very confusing, so to make the code more readable, pass path between functions uniformly, and get rid of ppath. To get rid of the ppath in convert_initialized_extent(), the following is done here: * Free the extents path when an error is encountered. No functional changes. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-23-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 2ec2e1043473b3d4a3afbe6ad7c5a5b7a6fdf480 Author: Baokun Li Date: Thu Aug 22 10:35:41 2024 +0800 ext4: get rid of ppath in ext4_ext_handle_unwritten_extents() The use of path and ppath is now very confusing, so to make the code more readable, pass path between functions uniformly, and get rid of ppath. To get rid of the ppath in ext4_ext_handle_unwritten_extents(), the following is done here: * Free the extents path when an error is encountered. * The 'allocated' is changed from passing a value to passing an address. No functional changes. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-22-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 33c14b8bd8a9ef8b3dfde136b0ca779e68c2f576 Author: Baokun Li Date: Thu Aug 22 10:35:40 2024 +0800 ext4: get rid of ppath in ext4_ext_convert_to_initialized() The use of path and ppath is now very confusing, so to make the code more readable, pass path between functions uniformly, and get rid of ppath. To get rid of the ppath in ext4_ext_convert_to_initialized(), the following is done here: * Free the extents path when an error is encountered. * Its caller needs to update ppath if it uses ppath. * The 'allocated' is changed from passing a value to passing an address. No functional changes. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-21-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 8d5ad7b08f9234bc92b9567cfe52e521df5f6626 Author: Baokun Li Date: Thu Aug 22 10:35:39 2024 +0800 ext4: get rid of ppath in ext4_convert_unwritten_extents_endio() The use of path and ppath is now very confusing, so to make the code more readable, pass path between functions uniformly, and get rid of ppath. To get rid of the ppath in ext4_convert_unwritten_extents_endio(), the following is done here: * Free the extents path when an error is encountered. * Its caller needs to update ppath if it uses ppath. No functional changes. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-20-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 225057b1af381567ffa4eb813f4a28a5c38a25cf Author: Baokun Li Date: Thu Aug 22 10:35:38 2024 +0800 ext4: get rid of ppath in ext4_split_convert_extents() The use of path and ppath is now very confusing, so to make the code more readable, pass path between functions uniformly, and get rid of ppath. To get rid of the ppath in ext4_split_convert_extents(), the following is done here: * Its caller needs to update ppath if it uses ppath. No functional changes. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-19-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit f74cde045617cc275c848c9692feac249ff7a3e7 Author: Baokun Li Date: Thu Aug 22 10:35:37 2024 +0800 ext4: get rid of ppath in ext4_split_extent() The use of path and ppath is now very confusing, so to make the code more readable, pass path between functions uniformly, and get rid of ppath. To get rid of the ppath in ext4_split_extent(), the following is done here: * The 'allocated' is changed from passing a value to passing an address. * Its caller needs to update ppath if it uses ppath. No functional changes. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-18-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit f07be1c367369636d7d338d7994473d6eae283c5 Author: Baokun Li Date: Thu Aug 22 10:35:36 2024 +0800 ext4: get rid of ppath in ext4_force_split_extent_at() The use of path and ppath is now very confusing, so to make the code more readable, pass path between functions uniformly, and get rid of ppath. To get rid of the ppath in ext4_force_split_extent_at(), the following is done here: * Free the extents path when an error is encountered. No functional changes. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-17-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 1de82b1b60d4613753254bf3cbf622a4c02c945c Author: Baokun Li Date: Thu Aug 22 10:35:35 2024 +0800 ext4: get rid of ppath in ext4_split_extent_at() The use of path and ppath is now very confusing, so to make the code more readable, pass path between functions uniformly, and get rid of ppath. To get rid of the ppath in ext4_split_extent_at(), the following is done here: * Free the extents path when an error is encountered. * Its caller needs to update ppath if it uses ppath. * Teach ext4_ext_show_leaf() to skip error pointer. No functional changes. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-16-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit f7d1331f16a869c76a5102caebb58e840e1d509c Author: Baokun Li Date: Thu Aug 22 10:35:34 2024 +0800 ext4: get rid of ppath in ext4_ext_insert_extent() The use of path and ppath is now very confusing, so to make the code more readable, pass path between functions uniformly, and get rid of ppath. To get rid of the ppath in ext4_ext_insert_extent(), the following is done here: * Free the extents path when an error is encountered. * Its caller needs to update ppath if it uses ppath. * Free path when npath is used, free npath when it is not used. * The got_allocated_blocks label in ext4_ext_map_blocks() does not update err now, so err is updated to 0 if the err returned by ext4_ext_search_right() is greater than 0 and is about to enter got_allocated_blocks. No functional changes. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-15-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit a000bc8678cc2bb10a5b80b4e991e77c7b4612fd Author: Baokun Li Date: Thu Aug 22 10:35:33 2024 +0800 ext4: get rid of ppath in ext4_ext_create_new_leaf() The use of path and ppath is now very confusing, so to make the code more readable, pass path between functions uniformly, and get rid of ppath. To get rid of the ppath in ext4_ext_create_new_leaf(), the following is done here: * Free the extents path when an error is encountered. * Its caller needs to update ppath if it uses ppath. No functional changes. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-14-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 6b854d552711aa33f59eda334e6d94a00d8825bb Author: Baokun Li Date: Thu Aug 22 10:35:32 2024 +0800 ext4: get rid of ppath in get_ext_path() The use of path and ppath is now very confusing, so to make the code more readable, pass path between functions uniformly, and get rid of ppath. After getting rid of ppath in get_ext_path(), its caller may pass an error pointer to ext4_free_ext_path(), so it needs to teach ext4_free_ext_path() and ext4_ext_drop_refs() to skip the error pointer. No functional changes. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-13-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 0be4c0c2f17bd10ae16c852f02d51a6a7b318aca Author: Baokun Li Date: Thu Aug 22 10:35:31 2024 +0800 ext4: get rid of ppath in ext4_find_extent() The use of path and ppath is now very confusing, so to make the code more readable, pass path between functions uniformly, and get rid of ppath. Getting rid of ppath in ext4_find_extent() requires its caller to update ppath. These ppaths will also be dropped later. No functional changes. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-12-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 369c944ed1d7c3fb7b35f24e4735761153afe7b3 Author: Baokun Li Date: Thu Aug 22 10:35:30 2024 +0800 ext4: propagate errors from ext4_find_extent() in ext4_insert_range() Even though ext4_find_extent() returns an error, ext4_insert_range() still returns 0. This may confuse the user as to why fallocate returns success, but the contents of the file are not as expected. So propagate the error returned by ext4_find_extent() to avoid inconsistencies. Fixes: 331573febb6a ("ext4: Add support FALLOC_FL_INSERT_RANGE for fallocate") Cc: stable@kernel.org Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-11-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 6c2b3246cd0b951338c54b10f8ca13c59a41c86a Author: Baokun Li Date: Thu Aug 22 10:35:29 2024 +0800 ext4: add new ext4_ext_path_brelse() helper Add ext4_ext_path_brelse() helper function to reduce duplicate code and ensure that path->p_bh is set to NULL after it is released. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-10-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit dcaa6c31134c0f515600111c38ed7750003e1b9c Author: Baokun Li Date: Thu Aug 22 10:35:28 2024 +0800 ext4: fix double brelse() the buffer of the extents path In ext4_ext_try_to_merge_up(), set path[1].p_bh to NULL after it has been released, otherwise it may be released twice. An example of what triggers this is as follows: split2 map split1 |--------|-------|--------| ext4_ext_map_blocks ext4_ext_handle_unwritten_extents ext4_split_convert_extents // path->p_depth == 0 ext4_split_extent // 1. do split1 ext4_split_extent_at |ext4_ext_insert_extent | ext4_ext_create_new_leaf | ext4_ext_grow_indepth | le16_add_cpu(&neh->eh_depth, 1) | ext4_find_extent | // return -ENOMEM |// get error and try zeroout |path = ext4_find_extent | path->p_depth = 1 |ext4_ext_try_to_merge | ext4_ext_try_to_merge_up | path->p_depth = 0 | brelse(path[1].p_bh) ---> not set to NULL here |// zeroout success // 2. update path ext4_find_extent // 3. do split2 ext4_split_extent_at ext4_ext_insert_extent ext4_ext_create_new_leaf ext4_ext_grow_indepth le16_add_cpu(&neh->eh_depth, 1) ext4_find_extent path[0].p_bh = NULL; path->p_depth = 1 read_extent_tree_block ---> return err // path[1].p_bh is still the old value ext4_free_ext_path ext4_ext_drop_refs // path->p_depth == 1 brelse(path[1].p_bh) ---> brelse a buffer twice Finally got the following WARRNING when removing the buffer from lru: ============================================ VFS: brelse: Trying to free free buffer WARNING: CPU: 2 PID: 72 at fs/buffer.c:1241 __brelse+0x58/0x90 CPU: 2 PID: 72 Comm: kworker/u19:1 Not tainted 6.9.0-dirty #716 RIP: 0010:__brelse+0x58/0x90 Call Trace: __find_get_block+0x6e7/0x810 bdev_getblk+0x2b/0x480 __ext4_get_inode_loc+0x48a/0x1240 ext4_get_inode_loc+0xb2/0x150 ext4_reserve_inode_write+0xb7/0x230 __ext4_mark_inode_dirty+0x144/0x6a0 ext4_ext_insert_extent+0x9c8/0x3230 ext4_ext_map_blocks+0xf45/0x2dc0 ext4_map_blocks+0x724/0x1700 ext4_do_writepages+0x12d6/0x2a70 [...] ============================================ Fixes: ecb94f5fdf4b ("ext4: collapse a single extent tree block into the inode if possible") Cc: stable@kernel.org Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-9-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 5c0f4cc84d3a601c99bc5e6e6eb1cbda542cce95 Author: Baokun Li Date: Thu Aug 22 10:35:27 2024 +0800 ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free When calling ext4_force_split_extent_at() in ext4_ext_replay_update_ex(), the 'ppath' is updated but it is the 'path' that is freed, thus potentially triggering a double-free in the following process: ext4_ext_replay_update_ex ppath = path ext4_force_split_extent_at(&ppath) ext4_split_extent_at ext4_ext_insert_extent ext4_ext_create_new_leaf ext4_ext_grow_indepth ext4_find_extent if (depth > path[0].p_maxdepth) kfree(path) ---> path First freed *orig_path = path = NULL ---> null ppath kfree(path) ---> path double-free !!! So drop the unnecessary ppath and use path directly to avoid this problem. And use ext4_find_extent() directly to update path, avoiding unnecessary memory allocation and freeing. Also, propagate the error returned by ext4_find_extent() instead of using strange error codes. Fixes: 8016e29f4362 ("ext4: fast commit recovery path") Cc: stable@kernel.org Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-8-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit a164f3a432aae62ca23d03e6d926b122ee5b860d Author: Baokun Li Date: Thu Aug 22 10:35:26 2024 +0800 ext4: aovid use-after-free in ext4_ext_insert_extent() As Ojaswin mentioned in Link, in ext4_ext_insert_extent(), if the path is reallocated in ext4_ext_create_new_leaf(), we'll use the stale path and cause UAF. Below is a sample trace with dummy values: ext4_ext_insert_extent path = *ppath = 2000 ext4_ext_create_new_leaf(ppath) ext4_find_extent(ppath) path = *ppath = 2000 if (depth > path[0].p_maxdepth) kfree(path = 2000); *ppath = path = NULL; path = kcalloc() = 3000 *ppath = 3000; return path; /* here path is still 2000, UAF! */ eh = path[depth].p_hdr ================================================================== BUG: KASAN: slab-use-after-free in ext4_ext_insert_extent+0x26d4/0x3330 Read of size 8 at addr ffff8881027bf7d0 by task kworker/u36:1/179 CPU: 3 UID: 0 PID: 179 Comm: kworker/u6:1 Not tainted 6.11.0-rc2-dirty #866 Call Trace: ext4_ext_insert_extent+0x26d4/0x3330 ext4_ext_map_blocks+0xe22/0x2d40 ext4_map_blocks+0x71e/0x1700 ext4_do_writepages+0x1290/0x2800 [...] Allocated by task 179: ext4_find_extent+0x81c/0x1f70 ext4_ext_map_blocks+0x146/0x2d40 ext4_map_blocks+0x71e/0x1700 ext4_do_writepages+0x1290/0x2800 ext4_writepages+0x26d/0x4e0 do_writepages+0x175/0x700 [...] Freed by task 179: kfree+0xcb/0x240 ext4_find_extent+0x7c0/0x1f70 ext4_ext_insert_extent+0xa26/0x3330 ext4_ext_map_blocks+0xe22/0x2d40 ext4_map_blocks+0x71e/0x1700 ext4_do_writepages+0x1290/0x2800 ext4_writepages+0x26d/0x4e0 do_writepages+0x175/0x700 [...] ================================================================== So use *ppath to update the path to avoid the above problem. Reported-by: Ojaswin Mujoo Closes: https://lore.kernel.org/r/ZqyL6rmtwl6N4MWR@li-bb2b2a4c-3307-11b2-a85c-8fa5c3a69313.ibm.com Fixes: 10809df84a4d ("ext4: teach ext4_ext_find_extent() to realloc path if necessary") Cc: stable@kernel.org Signed-off-by: Baokun Li Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240822023545.1994557-7-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 5b4b2dcace35f618fe361a87bae6f0d13af31bc1 Author: Baokun Li Date: Thu Aug 22 10:35:25 2024 +0800 ext4: update orig_path in ext4_find_extent() In ext4_find_extent(), if the path is not big enough, we free it and set *orig_path to NULL. But after reallocating and successfully initializing the path, we don't update *orig_path, in which case the caller gets a valid path but a NULL ppath, and this may cause a NULL pointer dereference or a path memory leak. For example: ext4_split_extent path = *ppath = 2000 ext4_find_extent if (depth > path[0].p_maxdepth) kfree(path = 2000); *orig_path = path = NULL; path = kcalloc() = 3000 ext4_split_extent_at(*ppath = NULL) path = *ppath; ex = path[depth].p_ext; // NULL pointer dereference! ================================================================== BUG: kernel NULL pointer dereference, address: 0000000000000010 CPU: 6 UID: 0 PID: 576 Comm: fsstress Not tainted 6.11.0-rc2-dirty #847 RIP: 0010:ext4_split_extent_at+0x6d/0x560 Call Trace: ext4_split_extent.isra.0+0xcb/0x1b0 ext4_ext_convert_to_initialized+0x168/0x6c0 ext4_ext_handle_unwritten_extents+0x325/0x4d0 ext4_ext_map_blocks+0x520/0xdb0 ext4_map_blocks+0x2b0/0x690 ext4_iomap_begin+0x20e/0x2c0 [...] ================================================================== Therefore, *orig_path is updated when the extent lookup succeeds, so that the caller can safely use path or *ppath. Fixes: 10809df84a4d ("ext4: teach ext4_ext_find_extent() to realloc path if necessary") Cc: stable@kernel.org Signed-off-by: Baokun Li Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240822023545.1994557-6-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 4e2524ba2ca5f54bdbb9e5153bea00421ef653f5 Author: Baokun Li Date: Thu Aug 22 10:35:24 2024 +0800 ext4: avoid use-after-free in ext4_ext_show_leaf() In ext4_find_extent(), path may be freed by error or be reallocated, so using a previously saved *ppath may have been freed and thus may trigger use-after-free, as follows: ext4_split_extent path = *ppath; ext4_split_extent_at(ppath) path = ext4_find_extent(ppath) ext4_split_extent_at(ppath) // ext4_find_extent fails to free path // but zeroout succeeds ext4_ext_show_leaf(inode, path) eh = path[depth].p_hdr // path use-after-free !!! Similar to ext4_split_extent_at(), we use *ppath directly as an input to ext4_ext_show_leaf(). Fix a spelling error by the way. Same problem in ext4_ext_handle_unwritten_extents(). Since 'path' is only used in ext4_ext_show_leaf(), remove 'path' and use *ppath directly. This issue is triggered only when EXT_DEBUG is defined and therefore does not affect functionality. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-5-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit c26ab35702f8cd0cdc78f96aa5856bfb77be798f Author: Baokun Li Date: Thu Aug 22 10:35:23 2024 +0800 ext4: fix slab-use-after-free in ext4_split_extent_at() We hit the following use-after-free: ================================================================== BUG: KASAN: slab-use-after-free in ext4_split_extent_at+0xba8/0xcc0 Read of size 2 at addr ffff88810548ed08 by task kworker/u20:0/40 CPU: 0 PID: 40 Comm: kworker/u20:0 Not tainted 6.9.0-dirty #724 Call Trace: kasan_report+0x93/0xc0 ext4_split_extent_at+0xba8/0xcc0 ext4_split_extent.isra.0+0x18f/0x500 ext4_split_convert_extents+0x275/0x750 ext4_ext_handle_unwritten_extents+0x73e/0x1580 ext4_ext_map_blocks+0xe20/0x2dc0 ext4_map_blocks+0x724/0x1700 ext4_do_writepages+0x12d6/0x2a70 [...] Allocated by task 40: __kmalloc_noprof+0x1ac/0x480 ext4_find_extent+0xf3b/0x1e70 ext4_ext_map_blocks+0x188/0x2dc0 ext4_map_blocks+0x724/0x1700 ext4_do_writepages+0x12d6/0x2a70 [...] Freed by task 40: kfree+0xf1/0x2b0 ext4_find_extent+0xa71/0x1e70 ext4_ext_insert_extent+0xa22/0x3260 ext4_split_extent_at+0x3ef/0xcc0 ext4_split_extent.isra.0+0x18f/0x500 ext4_split_convert_extents+0x275/0x750 ext4_ext_handle_unwritten_extents+0x73e/0x1580 ext4_ext_map_blocks+0xe20/0x2dc0 ext4_map_blocks+0x724/0x1700 ext4_do_writepages+0x12d6/0x2a70 [...] ================================================================== The flow of issue triggering is as follows: ext4_split_extent_at path = *ppath ext4_ext_insert_extent(ppath) ext4_ext_create_new_leaf(ppath) ext4_find_extent(orig_path) path = *orig_path read_extent_tree_block // return -ENOMEM or -EIO ext4_free_ext_path(path) kfree(path) *orig_path = NULL a. If err is -ENOMEM: ext4_ext_dirty(path + path->p_depth) // path use-after-free !!! b. If err is -EIO and we have EXT_DEBUG defined: ext4_ext_show_leaf(path) eh = path[depth].p_hdr // path also use-after-free !!! So when trying to zeroout or fix the extent length, call ext4_find_extent() to update the path. In addition we use *ppath directly as an ext4_ext_show_leaf() input to avoid possible use-after-free when EXT_DEBUG is defined, and to avoid unnecessary path updates. Fixes: dfe5080939ea ("ext4: drop EXT4_EX_NOFREE_ON_ERR from rest of extents handling code") Cc: stable@kernel.org Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-4-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 3e8a584c82cc999b99ea17c31fc2da101201545f Author: Baokun Li Date: Thu Aug 22 10:35:22 2024 +0800 ext4: prevent partial update of the extents path In ext4_ext_rm_idx() and ext4_ext_correct_indexes(), there is no proper rollback of already executed updates when updating a level of the extents path fails, so we may get an inconsistent extents tree, which may trigger some bad things in errors=continue mode. Hence clear the verified bit of modified extents buffers if the tree fails to be updated in ext4_ext_rm_idx() or ext4_ext_correct_indexes(), which forces the extents buffers to be checked in ext4_valid_extent_entries(), ensuring that the extents tree is consistent. Signed-off-by: zhanchengbin Link: https://lore.kernel.org/r/20230213080514.535568-3-zhanchengbin1@huawei.com/ Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-3-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit edfa71dbe841075109e3e1da7d3925b45328ed25 Author: Baokun Li Date: Thu Aug 22 10:35:21 2024 +0800 ext4: refactor ext4_ext_rm_idx() to index 'path' As suggested by Honza in Link,modify ext4_ext_rm_idx() to leave 'path' alone and just index it like ext4_ext_correct_indexes() does it. This facilitates adding error handling later. No functional changes. Suggested-by: Jan Kara Link: https://lore.kernel.org/all/20230216130305.nrbtd42tppxhbynn@quack3/ Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ojaswin Mujoo Tested-by: Ojaswin Mujoo Link: https://patch.msgid.link/20240822023545.1994557-2-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit c6b72f5d82b1017bad80f9ebf502832fc321d796 Author: Thadeu Lima de Souza Cascardo Date: Wed Aug 21 12:23:24 2024 -0300 ext4: avoid OOB when system.data xattr changes underneath the filesystem When looking up for an entry in an inlined directory, if e_value_offs is changed underneath the filesystem by some change in the block device, it will lead to an out-of-bounds access that KASAN detects as an UAF. EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. loop0: detected capacity change from 2048 to 2047 ================================================================== BUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500 Read of size 1 at addr ffff88803e91130f by task syz-executor269/5103 CPU: 0 UID: 0 PID: 5103 Comm: syz-executor269 Not tainted 6.11.0-rc4-syzkaller #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500 ext4_find_inline_entry+0x4be/0x5e0 fs/ext4/inline.c:1697 __ext4_find_entry+0x2b4/0x1b30 fs/ext4/namei.c:1573 ext4_lookup_entry fs/ext4/namei.c:1727 [inline] ext4_lookup+0x15f/0x750 fs/ext4/namei.c:1795 lookup_one_qstr_excl+0x11f/0x260 fs/namei.c:1633 filename_create+0x297/0x540 fs/namei.c:3980 do_symlinkat+0xf9/0x3a0 fs/namei.c:4587 __do_sys_symlinkat fs/namei.c:4610 [inline] __se_sys_symlinkat fs/namei.c:4607 [inline] __x64_sys_symlinkat+0x95/0xb0 fs/namei.c:4607 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f3e73ced469 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fff4d40c258 EFLAGS: 00000246 ORIG_RAX: 000000000000010a RAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007f3e73ced469 RDX: 0000000020000200 RSI: 00000000ffffff9c RDI: 00000000200001c0 RBP: 0000000000000000 R08: 00007fff4d40c290 R09: 00007fff4d40c290 R10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007fff4d40c27c R13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff4d40c2b0 Calling ext4_xattr_ibody_find right after reading the inode with ext4_get_inode_loc will lead to a check of the validity of the xattrs, avoiding this problem. Reported-by: syzbot+0c2508114d912a54ee79@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=0c2508114d912a54ee79 Fixes: e8e948e7802a ("ext4: let ext4_find_entry handle inline data") Signed-off-by: Thadeu Lima de Souza Cascardo Link: https://patch.msgid.link/20240821152324.3621860-5-cascardo@igalia.com Signed-off-by: Theodore Ts'o commit 51e14e78b5fb3e6f839393cd2d34386ee7b69af3 Author: Thadeu Lima de Souza Cascardo Date: Wed Aug 21 12:23:23 2024 -0300 ext4: explicitly exit when ext4_find_inline_entry returns an error __ext4_find_entry currently ignores the return of ext4_find_inline_entry, except for returning the bh or NULL when has_inline_data is 1. Even though has_inline_data is set to 1 before calling ext4_find_inline_entry and would only be set to 0 when that function returns NULL, check for an encoded error return explicitly in order to exit. That makes the code more readable, not requiring that one assumes the cases when has_inline_data is 1. Signed-off-by: Thadeu Lima de Souza Cascardo Link: https://patch.msgid.link/20240821152324.3621860-4-cascardo@igalia.com Signed-off-by: Theodore Ts'o commit 4d231b91a944f3cab355fce65af5871fb5d7735b Author: Thadeu Lima de Souza Cascardo Date: Wed Aug 21 12:23:22 2024 -0300 ext4: return error on ext4_find_inline_entry In case of errors when reading an inode from disk or traversing inline directory entries, return an error-encoded ERR_PTR instead of returning NULL. ext4_find_inline_entry only caller, __ext4_find_entry already returns such encoded errors. Signed-off-by: Thadeu Lima de Souza Cascardo Link: https://patch.msgid.link/20240821152324.3621860-3-cascardo@igalia.com Signed-off-by: Theodore Ts'o commit cd69f8f9de280e331c9e6ff689ced0a688a9ce8f Author: Thadeu Lima de Souza Cascardo Date: Wed Aug 21 12:23:21 2024 -0300 ext4: ext4_search_dir should return a proper error ext4_search_dir currently returns -1 in case of a failure, while it returns 0 when the name is not found. In such failure cases, it should return an error code instead. This becomes even more important when ext4_find_inline_entry returns an error code as well in the next commit. -EFSCORRUPTED seems appropriate as such error code as these failures would be caused by unexpected record lengths and is in line with other instances of ext4_check_dir_entry failures. In the case of ext4_dx_find_entry, the current use of ERR_BAD_DX_DIR was left as is to reduce the risk of regressions. Signed-off-by: Thadeu Lima de Souza Cascardo Link: https://patch.msgid.link/20240821152324.3621860-2-cascardo@igalia.com Signed-off-by: Theodore Ts'o commit 7d2b48881877ace14ea85a7e3a17ff8f80f3d8e6 Author: Kemeng Shi Date: Tue Aug 20 21:22:34 2024 +0800 ext4: check buffer_verified in advance to avoid unneeded ext4_get_group_info() Check buffer_verified in advance to avoid unneeded ext4_get_group_info(). This could be a simple cleanup as compiler may handle this. Signed-off-by: Kemeng Shi Link: https://patch.msgid.link/20240820132234.2759926-8-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit 7523a7ef099abe7b9a98c4c8f722fe40541c9723 Author: Kemeng Shi Date: Tue Aug 20 21:22:33 2024 +0800 ext4: remove unneeded NULL check of buffer_head in ext4_mark_inode_used() If gdp from ext4_get_group_desc() is not NULL, then returned group_desc_bh won't be NULL either. Remove check of group_desc_bh and only check returned gdp from ext4_get_group_desc() like how other callers do. Signed-off-by: Kemeng Shi Link: https://patch.msgid.link/20240820132234.2759926-7-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit 66eafbde7d74e36cd80e6b6246ea4bd599416e2c Author: Kemeng Shi Date: Tue Aug 20 21:22:32 2024 +0800 ext4: move checksum length calculation of inode bitmap into ext4_inode_bitmap_csum_[verify/set]() functions There are some little improve: 1. remove repeat code to calculate checksum length of inode bitmap 2. remove unnecessary checksum length calculation if checksum is not enabled. 3. use more efficient bit shift operation instead of div opreation. Signed-off-by: Kemeng Shi Link: https://patch.msgid.link/20240820132234.2759926-6-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit f7c69be505a5ec3df13b65cedb245343b2a5f751 Author: Kemeng Shi Date: Tue Aug 20 21:22:31 2024 +0800 ext4: remove dead check in __ext4_new_inode() If we can't grab any inode, the prvious find_inode_bit() will set ino to be >= EXT4_INODES_PER_GROUP(sb). So the check of need to repeat in the same group is not needed. Signed-off-by: Kemeng Shi Link: https://patch.msgid.link/20240820132234.2759926-5-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit bb0a12c3439b10d88412fd3102df5b9a6e3cd6dc Author: Kemeng Shi Date: Tue Aug 20 21:22:30 2024 +0800 ext4: avoid negative min_clusters in find_group_orlov() min_clusters is signed integer and will be converted to unsigned integer when compared with unsigned number stats.free_clusters. If min_clusters is negative, it will be converted to a huge unsigned value in which case all groups may not meet the actual desired free clusters. Set negative min_clusters to 0 to avoid unexpected behavior. Fixes: ac27a0ec112a ("[PATCH] ext4: initial copy of files from ext3") Signed-off-by: Kemeng Shi Link: https://patch.msgid.link/20240820132234.2759926-4-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit 227d31b9214d1b9513383cf6c7180628d4b3b61f Author: Kemeng Shi Date: Tue Aug 20 21:22:29 2024 +0800 ext4: avoid potential buffer_head leak in __ext4_new_inode() If a group is marked EXT4_GROUP_INFO_IBITMAP_CORRUPT after it's inode bitmap buffer_head was successfully verified, then __ext4_new_inode() will get a valid inode_bitmap_bh of a corrupted group from ext4_read_inode_bitmap() in which case inode_bitmap_bh misses a release. Hnadle "IS_ERR(inode_bitmap_bh)" and group corruption separately like how ext4_free_inode() does to avoid buffer_head leak. Fixes: 9008a58e5dce ("ext4: make the bitmap read routines return real error codes") Signed-off-by: Kemeng Shi Link: https://patch.msgid.link/20240820132234.2759926-3-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit 5e5b2a56c57def1b41efd49596621504d7bcc61c Author: Kemeng Shi Date: Tue Aug 20 21:22:28 2024 +0800 ext4: avoid buffer_head leak in ext4_mark_inode_used() Release inode_bitmap_bh from ext4_read_inode_bitmap() in ext4_mark_inode_used() to avoid buffer_head leak. By the way, remove unneeded goto for invalid ino when inode_bitmap_bh is NULL. Fixes: 8016e29f4362 ("ext4: fast commit recovery path") Signed-off-by: Kemeng Shi Link: https://patch.msgid.link/20240820132234.2759926-2-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit b8fc70ab7b5f3afbc4fb0587782633d7fcf1e069 Author: Herbert Xu Date: Wed Sep 4 07:09:51 2024 +0800 Revert "crypto: spacc - Add SPAcc Skcipher support" This reverts the following commits: 87a3fcf5fec5fb59ec8f23d12a56bcf2b2ee6db7 58bf99100a6dfcc53ba4ab547f1394bb6873b2ac 3b1c9df662915a18a86f1a88364ee70875ed3b44 8bc1bfa02e37d63632f0cb65543e3e71acdccafb c32f08d024e275059474b3c11c1fc2bc7f2de990 f036dd566453176d4eafb9701ebd69e7e59d6707 c76c9ec333432088a1c6f52650c149530fc5df5d 5d22d37aa8b93efaad797faf80db40ea59453481 b63483b37e813299445d2719488acab2b3f20544 2d6213bd592b4731b53ece3492f9d1d18e97eb5e fc61c658c94cb7405ca6946d8f2a2b71cef49845 cb67c924b2a7b561bd7f4f2bd66766337c1007b7 06af76b46c78f4729fe2f9712a74502c90d87554 9f1a7ab4d31ef30fbf8adb0985300049469f2270 8ebb14deef0f374f7ca0d34a1ad720ba0a7b79f3 c8981d9230d808e62c65349d0b255c7f4b9087d6 They were submitted with no device tree bindings. Reported-by: Rob Herring Signed-off-by: Herbert Xu commit d19a9e25a722d629041ac8fd320a86c016e349d1 Author: Paul Moore Date: Tue Sep 3 18:53:20 2024 -0400 selinux: fix style problems in security/selinux/include/audit.h Remove the needless indent in the function comment header blocks. Signed-off-by: Paul Moore commit 8426899ff62cd21ebc30da40b53a81de1e3d0857 Merge: 02774b14439dd5 b0cdf9cc089525 Author: Mark Brown Date: Tue Sep 3 23:51:22 2024 +0100 Add device tree for ArmSoM Sige 5 board Merge series from Detlev Casanova : Add the rk3576-armsom-sige5 device tree as well as its rk3576.dtsi base and pinctrl information in rk3576-pinctrl.dtsi. The other commits add DT bindings documentation for the devices that already work with the current corresponding drivers. Note that as is, the rockchip gpio driver needs the gpio nodes to be children of the pinctrl node, even though this is deprecated. When the driver supports it, they can be moved out of the pinctrl node. The power-domain@RK3576_PD_USB is a child of power-domain@RK3576_PD_VOP. That looks strange but it is how the hardware is, and confirmed by Rockchip: The NOC bus of USB passes through the PD of VOP, so it relies on VOP PD. The other bindings have been applied on next. Changes since v3: - Dropped mmc dt-bindings (submitted in [2]) - Dropped syscon dt-bindings (applied in [3]) - Fix gpu interrupt names mapping - (Fix email headers overwriting) Changes since v2: - Fix LEDs in armsom dts - mmc: Move allOf after the required block - Remove saradc dt-binding commit (already applied) - Remove opp-microvolt-L* fields - Reword mali commit message - Use rgmii-id and remove delays on gmac nodes Changes since v1: - Add eMMC support - Add gpu node - Add rtc node - Add spi compatible dt-bindings - Add watchdog support - Dropped timer compatible commit (applied in [0]) - Move ethernet aliases to board dt - Move mmio nodes to soc node - Removed cru grf phandle - Removed gpio aliases - Removed grf compatibles (applied in [1]) - Removed pinctrl php-grf phandle - Removed v2-tuning for sdcard - Renamed clock nodes - Renamed regulators do match regulator-vcc-- - Renamed the rkvdec_sram node to vdec_sram to match prior generations - Reorder fields consistently in nodes - Use correct #power-domain-cells values [0]: https://lore.kernel.org/all/918bb9e4-02d9-4dca-bed2-28bb123bdc10@linaro.org/ [1]: https://lore.kernel.org/all/172441646605.877570.8075942261050000.b4-ty@sntech.de/ [2]: https://lore.kernel.org/all/20240903145615.9302-1-detlev.casanova@collabora.com/ [3]: https://lore.kernel.org/all/172500660860.97285.13837050366813522297.b4-ty@kernel.org/ Detlev. Detlev Casanova (9): dt-bindings: arm: rockchip: Add ArmSoM Sige 5 dt-bindings: arm: rockchip: Add rk3576 compatible string to pmu.yaml dt-bindings: i2c: i2c-rk3x: Add rk3576 compatible dt-bindings: serial: snps-dw-apb-uart: Add Rockchip RK3576 dt-bindings: gpu: Add rockchip,rk3576-mali compatible dt-bindings: watchdog: Add rockchip,rk3576-wdt compatible spi: dt-bindings: Add rockchip,rk3576-spi compatible arm64: dts: rockchip: Add rk3576 SoC base DT arm64: dts: rockchip: Add rk3576-armsom-sige5 board .../devicetree/bindings/arm/rockchip.yaml | 5 + .../devicetree/bindings/arm/rockchip/pmu.yaml | 2 + .../bindings/gpu/arm,mali-bifrost.yaml | 1 + .../devicetree/bindings/i2c/i2c-rk3x.yaml | 1 + .../bindings/serial/snps-dw-apb-uart.yaml | 1 + .../devicetree/bindings/spi/spi-rockchip.yaml | 1 + .../bindings/watchdog/snps,dw-wdt.yaml | 1 + arch/arm64/boot/dts/rockchip/Makefile | 1 + .../boot/dts/rockchip/rk3576-armsom-sige5.dts | 659 ++ .../boot/dts/rockchip/rk3576-pinctrl.dtsi | 5775 +++++++++++++++++ arch/arm64/boot/dts/rockchip/rk3576.dtsi | 1644 +++++ 11 files changed, 8091 insertions(+) create mode 100644 arch/arm64/boot/dts/rockchip/rk3576-armsom-sige5.dts create mode 100644 arch/arm64/boot/dts/rockchip/rk3576-pinctrl.dtsi create mode 100644 arch/arm64/boot/dts/rockchip/rk3576.dtsi -- 2.46.0 commit 1324e5ff2eeb1219d26a1287950e0345f3e7ffb6 Merge: 56f97d4da7f1bc 3f600592fa0ca1 Author: Mark Brown Date: Tue Sep 3 23:51:08 2024 +0100 Add i2s/tdm support for acp7.0 and acp7.1 platforms Merge series from Venkata Prasad Potturu : 1. Refactor acp generic driver to support all platforms. 2. Add i2s/tdm and support for acp7.0 and acp7.1 platforms. commit 56f97d4da7f1bc2b0a647b9162bebe51e0573699 Merge: 9a029545bb3682 92ff90cffbeef9 Author: Mark Brown Date: Tue Sep 3 23:50:56 2024 +0100 Fixes for the audio setup on the rk3588-nanopc-t6 Merge series from Heiko Stuebner : The Nanopc-T6 board does contain some devicetree errors, that came to light with recent changes to the board. commit 9a029545bb36825f65b1ba182739eaf2809db2c7 Merge: 97688a9c5b1fd2 e1991d102bc2ab Author: Mark Brown Date: Tue Sep 3 23:50:44 2024 +0100 Add audio support for the MediaTek Genio 350-evk Merge series from Alexandre Mergnat : This serie aim to add the following audio support for the Genio 350-evk: - Playback - 2ch Headset Jack (Earphone) - 1ch Line-out Jack (Speaker) - 8ch HDMI Tx - Capture - 1ch DMIC (On-board Digital Microphone) - 1ch AMIC (On-board Analogic Microphone) - 1ch Headset Jack (External Analogic Microphone) Of course, HDMI playback need the MT8365 display patches [1] and a DTS change documented in "mediatek,mt8365-mt6357.yaml". Applied patch: - mfd: mt6397-core: register mt6357 sound codec Test passed: - mixer-test log: [3] - pcm-test log: [4] [1]: https://lore.kernel.org/all/20231023-display-support-v1-0-5c860ed5c33b@baylibre.com/ [2]: https://lore.kernel.org/all/20240313110147.1267793-1-angelogioacchino.delregno@collabora.com/ [3]: https://pastebin.com/pc43AVrT [4]: https://pastebin.com/cCtGhDpg [5]: https://gitlab.baylibre.com/baylibre/mediatek/bsp/linux/-/commits/sound/for-next/add-i350-audio-support commit d7b01aef9dbd50f190c2c340deaf324806d09885 Merge: 62607d033bb8dc b2d70222dbf2a2 Author: Tejun Heo Date: Tue Sep 3 09:15:42 2024 -1000 Merge branch 'tip/sched/core' into for-6.12 - Resolve trivial context conflicts from dl_server clearing being moved around. - Add @next to put_prev_task_scx() and @prev to pick_next_task_scx() to match sched/core. - Merge sched_class->switch_class() addition from sched_ext with tip/sched/core changes in __pick_next_task(). - Make pick_next_task_scx() call put_prev_task_scx() to emulate the previous behavior where sched_class->put_prev_task() was called before sched_class->pick_next_task(). While this makes sched_ext build and function, the behavior is not in line with other sched classes. The follow-up patches will address the discrepancies and remove sched_class->switch_class(). Signed-off-by: Tejun Heo commit 3d4d0fa4fc32f03f615bbf0ac384de06ce0005f5 Author: Yue Haibing Date: Mon Sep 2 19:32:38 2024 +0800 be2net: Remove unused declarations Commit 6b7c5b947c67 ("net: Add be2net driver.") declared be_pci_fnum_get() and be_cmd_reset() but never implemented. And commit 9fa465c0ce0d ("be2net: remove code duplication relating to Lancer reset sequence") removed lancer_test_and_set_rdy_state() but leave declaration. Commit 76a9e08e33ce ("be2net: cleanup wake-on-lan code") left behind be_is_wol_supported() declaration. Commit baaa08d148ac ("be2net: do not call be_set/get_fw_log_level() on Skyhawk-R") removed be_get_fw_log_level() but leave declaration. Signed-off-by: Yue Haibing Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240902113238.557515-1-yuehaibing@huawei.com Signed-off-by: Jakub Kicinski commit 6c76474fc1ceac25ee26b563954e48b6bb94fe77 Author: Yue Haibing Date: Mon Sep 2 19:29:04 2024 +0800 qlcnic: Remove unused declarations There is no caller and implementation in tree. Signed-off-by: Yue Haibing Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240902112904.556577-1-yuehaibing@huawei.com Signed-off-by: Jakub Kicinski commit d75ccd4f2ea2aa2679e6c807d76953dcd3f9d56d Author: Li Ming Date: Fri Aug 30 06:13:08 2024 +0000 cxl/pci: Remove duplicate host_bridge->native_aer checking cxl_dport_init_ras_reporting() already checks host_bridge->native_aer before invoking cxl_disable_rch_root_ints(), so cxl_disable_rch_root_ints() does not need to check it again. Signed-off-by: Li Ming Reviewed-by: Jonathan Cameron Link: https://patch.msgid.link/20240830061308.2327065-3-ming4.li@intel.com Signed-off-by: Dave Jiang commit c8706cc15a5814becacff778017bbcc5c031490a Author: Li Ming Date: Fri Aug 30 06:13:07 2024 +0000 cxl/pci: cxl_dport_map_rch_aer() cleanup cxl_dport_map_ras() is used to map CXL RAS capability, the RCH AER capability should not be mapped in the function but should mapped in cxl_dport_init_ras_reporting(). Moving cxl_dport_map_ras() out of cxl_dport_map_ras() and into cxl_dport_init_ras_reporting(). In cxl_dport_init_ras_reporting(), the AER capability position in RCRB will be located but the position is only used in cxl_dport_map_rch_aer(), getting the position in cxl_dport_map_rch_aer() rather than cxl_dport_init_ras_reporting() is more reasonable and makes the code clearer. Besides, some local variables in cxl_dport_map_rch_aer() are unnecessary, remove them to make the function more concise. Signed-off-by: Li Ming Reviewed-by: Jonathan Cameron Link: https://patch.msgid.link/20240830061308.2327065-2-ming4.li@intel.com Signed-off-by: Dave Jiang commit 577a67662ff529f617981fe9692ff277b5756402 Author: Li Ming Date: Fri Aug 30 06:13:06 2024 +0000 cxl/pci: Rename cxl_setup_parent_dport() and cxl_dport_map_regs() The name of cxl_setup_parent_dport() function is not clear, the function is used to initialize AER and RAS capabilities on a dport, therefore, rename the function to cxl_dport_init_ras_reporting(), it is easier for user to understand what the function does. Besides, adjust the order of the function parameters, the subject of cxl_dport_init_ras_reporting() is a cxl dport, so a struct cxl_dport as the first parameter of the function should be better. cxl_dport_map_regs() is used to map CXL RAS capability on a cxl dport, using cxl_dport_map_ras() as the function name. Signed-off-by: Li Ming Reviewed-by: Jonathan Cameron Link: https://patch.msgid.link/20240830061308.2327065-1-ming4.li@intel.com Signed-off-by: Dave Jiang commit 9748229c90dc4974f56874a2a19e040cc86de67e Author: Krzysztof Kozlowski Date: Mon Sep 2 18:36:10 2024 +0200 net: alacritech: Partially revert "net: alacritech: Switch to use dev_err_probe()" This reverts commit bf4d87f884fe8a4b6b61fe4d0e05f293d08df61c because it introduced dev_err_probe() in non-probe path, which is not desired. In general, calling dev_err_probe() after successful probe in case of handling -EPROBE_DEFER error, will set deferred status on the device already probed. This is however not a problem here now, because dev_err_probe() in affected places is used for handling errors from request_firmware(), which does not return -EPROBE_DEFER. Still usage of dev_err_probe() in such case is not correct, because request_firmware() could once return -EPROBE_DEFER. Fixes: bf4d87f884fe ("net: alacritech: Switch to use dev_err_probe()") Signed-off-by: Krzysztof Kozlowski Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240902163610.17028-1-krzysztof.kozlowski@linaro.org Signed-off-by: Jakub Kicinski commit d2088ca85ebc38c3e8783442ba2c0f3e5100ac6d Author: Florian Westphal Date: Mon Sep 2 23:41:06 2024 +0200 netlink: specs: nftables: allow decode of default firewalld ruleset This update allows listing default firewalld ruleset on Fedora 40 via tools/net/ynl/cli.py --spec \ Documentation/netlink/specs/nftables.yaml --dump getrule Default ruleset uses fib, reject and objref expressions which were missing. Other missing expressions can be added later. Improve decoding while at it: - add bitwise, ct and lookup attributes - wire up the quota expression - translate raw verdict codes to a human reable name, e.g. 'code': 4294967293 becomes 'code': 'jump'. v2: forgot fib addrtype in enum list (Donald Hunter) Reviewed-by: Donald Hunter Signed-off-by: Florian Westphal Link: https://patch.msgid.link/20240902214112.2549-1-fw@strlen.de Signed-off-by: Jakub Kicinski commit 1232e93b5144c0f8d18bcefbf0ecddc3fc1fa1c5 Merge: 8ecf2afb30f245 38dc0708bcc8d2 Author: Jakub Kicinski Date: Tue Sep 3 15:25:46 2024 -0700 Merge branch 'mptcp-mib-counters-for-mpj-tx-misc-improvements' Matthieu Baerts says: ==================== mptcp: MIB counters for MPJ TX + misc improvements Recently, a few issues have been discovered around the creation of additional subflows. Without these counters, it was difficult to point out the reason why some subflows were not created as expected. In patch 3, all error paths from __mptcp_subflow_connect() are covered, except the one related to the 'fully established mode', because it can only happen with the userspace PM, which will propagate the error to the userspace in this case (ENOTCONN). These new counters are also verified in the MPTCP Join selftest in patch 6. While at it, a few other patches are improving the MPTCP path-manager code ... - Patch 1: 'flush' related helpers are renamed to avoid confusions - Patch 2: directly pass known ID and flags to create a new subflow, i/o getting them later by iterating over all endpoints again ... and the MPJoin selftests: - Patch 4: reduce the number of positional parameters - Patch 5: only one line for the 'join' checks, instead of 3 - Patch 7: more explicit check names, instead of sometimes too cryptic ones: rtx, ptx, ftx, ctx, fclzrx, sum - Patch 8: specify client/server instead of 'invert' for some checks not suggesting one specific direction - Patch 9: mute errors of mptcp_connect when ran in the background - Patch 10: simplify checksum_tests by using a for-loop - Patch 11: remove 'define' re-definitions ==================== Link: https://patch.msgid.link/20240902-net-next-mptcp-mib-mpjtx-misc-v1-0-d3e0f3773b90@kernel.org Signed-off-by: Jakub Kicinski commit 38dc0708bcc8d2ee9e0559a992fd6e91bf67e271 Author: Matthieu Baerts (NGI0) Date: Mon Sep 2 12:46:02 2024 +0200 selftests: mptcp: pm_nl_ctl: remove re-definition 'MPTCP_PM_NAME' is defined in 'linux/mptcp_pm.h', included in 'linux/mptcp.h', no need to re-define it. 'MPTCP_PM_EVENTS' is not defined in 'linux/mptcp.h', but 'MPTCP_PM_EV_GRP_NAME' is, with the same value. We can then use the latter, and drop the other one. Reviewed-by: Geliang Tang Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240902-net-next-mptcp-mib-mpjtx-misc-v1-11-d3e0f3773b90@kernel.org Signed-off-by: Jakub Kicinski commit 0e2b4584d61abe8dc22db18e83c85429782793ee Author: Geliang Tang Date: Mon Sep 2 12:46:01 2024 +0200 selftests: mptcp: join: simplify checksum_tests The four checksum tests are similar, only one line is different. So a for-loop can be used to simplify these tests. Signed-off-by: Geliang Tang Reviewed-by: Matthieu Baerts (NGI0) Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240902-net-next-mptcp-mib-mpjtx-misc-v1-10-d3e0f3773b90@kernel.org Signed-off-by: Jakub Kicinski commit 08eecd7e7fe79669ccab44dde518b10a2f7e48a7 Author: Matthieu Baerts (NGI0) Date: Mon Sep 2 12:46:00 2024 +0200 selftests: mptcp: join: mute errors when ran in the background The test is supposed to be killed before the end, which will likely cause "Connection reset by peer" errors. It is confusing, especially because in case of real transfer errors, the test will not be marked as failed. But that's OK, there are many other tests checking that. Reviewed-by: Geliang Tang Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240902-net-next-mptcp-mib-mpjtx-misc-v1-9-d3e0f3773b90@kernel.org Signed-off-by: Jakub Kicinski commit 8d328dbcf61b50ca51f8a930561fe6ae2c8bf5e9 Author: Matthieu Baerts (NGI0) Date: Mon Sep 2 12:45:59 2024 +0200 selftests: mptcp: join: specify host being checked Instead of displaying 'invert' when looking at some events like MP_FAIL, MP_FASTCLOSE, MP_RESET, RM_ADDR, which is a bit vague because they are not traditionnaly sent from one side, the host being checked is now printed. For the ADD_ADDR, only display the host when it is the client sending it, which is more unusual. Also before, the 'invert' message was printed after a few checks, but it was not clear which ones exactly. Reviewed-by: Geliang Tang Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240902-net-next-mptcp-mib-mpjtx-misc-v1-8-d3e0f3773b90@kernel.org Signed-off-by: Jakub Kicinski commit 6ed495345be8113899986d21c6cbc7d8f550dedb Author: Matthieu Baerts (NGI0) Date: Mon Sep 2 12:45:58 2024 +0200 selftests: mptcp: join: more explicit check name Before, the check names had to be very short. It is no longer the case now that these checks are printed on a dedicated line. Then, it looks better to have more explicit names. Reviewed-by: Geliang Tang Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240902-net-next-mptcp-mib-mpjtx-misc-v1-7-d3e0f3773b90@kernel.org Signed-off-by: Jakub Kicinski commit 004125c251a6826d080bb28feb48ebc5454ada81 Author: Matthieu Baerts (NGI0) Date: Mon Sep 2 12:45:57 2024 +0200 selftests: mptcp: join: validate MPJ SYN TX MIB counters A few new MPJoinSynTx MIB counters have been added in a previous commit. They are being validated here in mptcp_join.sh selftest, each time the number of received MPJ are checked. Most of the time, the number of sent SYN+MPJ is the same as the received ones. But sometimes, there are more, because there are dropped, or there are errors. While at it, the "no MPC reuse with single endpoint" subtest has been modified to force a bind() error. Reviewed-by: Geliang Tang Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240902-net-next-mptcp-mib-mpjtx-misc-v1-6-d3e0f3773b90@kernel.org Signed-off-by: Jakub Kicinski commit ba8a664004da84e4e04205429043a1bc19e00d23 Author: Matthieu Baerts (NGI0) Date: Mon Sep 2 12:45:56 2024 +0200 selftests: mptcp: join: one line for join check Most tests are checking if the expected number of SYN/SYN+ACK/ACK JOINs have been received, each of them on one line. More Join related tests are going to be checked soon, no need to add 5 new lines per test in case of success, just one is enough. In case of issue, the errors will still be reported like before. Reviewed-by: Geliang Tang Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240902-net-next-mptcp-mib-mpjtx-misc-v1-5-d3e0f3773b90@kernel.org Signed-off-by: Jakub Kicinski commit 1b2965a8cd8d444cbea891e55083b5987d00cc66 Author: Matthieu Baerts (NGI0) Date: Mon Sep 2 12:45:55 2024 +0200 selftests: mptcp: join: reduce join_nr params chk_join_nr() currently takes 9 positional parameters, 6 of them are optional. It makes it hard to read: chk_join_nr 1 1 1 1 0 1 1 0 4 Naming these vars helps to make it easier to read: join_csum_ns1=1 join_csum_ns2=0 \ join_fail_nr=1 join_rst_nr=1 join_infi_nr=0 \ join_corrupted_pkts=4 \ chk_join_nr 1 1 1 It will then be easier to add new optional parameters. Reviewed-by: Geliang Tang Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240902-net-next-mptcp-mib-mpjtx-misc-v1-4-d3e0f3773b90@kernel.org Signed-off-by: Jakub Kicinski commit 1bd1788b6cabfe86fe1ced5a6324831f6a3081a1 Author: Matthieu Baerts (NGI0) Date: Mon Sep 2 12:45:54 2024 +0200 mptcp: MIB counters for sent MP_JOIN Recently, a few issues have been discovered around the creation of additional subflows. Without these counters, it was difficult to point out the reason why some subflows were not created as expected. These counters should have been added earlier, because there is no other simple ways to extract such information from the kernel, and understand why subflows have not been created. While at it, some pr_debug() have been added, just in case the errno needs to be printed. Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/509 Reviewed-by: Geliang Tang Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240902-net-next-mptcp-mib-mpjtx-misc-v1-3-d3e0f3773b90@kernel.org Signed-off-by: Jakub Kicinski commit b83fbca1b4c9c45628aa55d582c14825b0e71c2b Author: Matthieu Baerts (NGI0) Date: Mon Sep 2 12:45:53 2024 +0200 mptcp: pm: reduce entries iterations on connect __mptcp_subflow_connect() is currently called from the path-managers, which have all the required information to create subflows. No need to call the PM again to re-iterate over the list of entries with RCU lock to get more info. Instead, it is possible to pass a mptcp_pm_addr_entry structure, instead of a mptcp_addr_info one. The former contains the ifindex and the flags that are required when creating the new subflow. This is a partial revert of commit ee285257a9c1 ("mptcp: drop flags and ifindex arguments"). While at it, the local ID can also be set if it is known and 0, to avoid having to set it in the 'rebuild_header' hook, which will cause a new iteration of the endpoint entries. Reviewed-by: Mat Martineau Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240902-net-next-mptcp-mib-mpjtx-misc-v1-2-d3e0f3773b90@kernel.org Signed-off-by: Jakub Kicinski commit 7bcf4d8022f93c0af15a11f962fa55892853f2c0 Author: Matthieu Baerts (NGI0) Date: Mon Sep 2 12:45:52 2024 +0200 mptcp: pm: rename helpers linked to 'flush' Rename all the helpers specific to the flushing operations to make it clear that the intention is to flush all created subflows, and remove all announced addresses, not just a specific selection. That way, it is easier to understand why the id_avail_bitmap and local_addr_used are reset at the end. Reviewed-by: Mat Martineau Signed-off-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240902-net-next-mptcp-mib-mpjtx-misc-v1-1-d3e0f3773b90@kernel.org Signed-off-by: Jakub Kicinski commit 8ecf2afb30f2457a9f8ec386ecdad3ef7ccf1f4c Merge: 3bbefbbd9e6c8a 406e862b4583f5 Author: Jakub Kicinski Date: Tue Sep 3 15:18:45 2024 -0700 Merge branch 'rx-software-timestamp-for-all' Gal Pressman says: ==================== RX software timestamp for all All devices support SOF_TIMESTAMPING_RX_SOFTWARE by virtue of net_timestamp_check() being called in the device independent code. Following Willem's suggestion [1], make it so drivers do not have to handle SOF_TIMESTAMPING_RX_SOFTWARE and SOF_TIMESTAMPING_SOFTWARE, nor setting of the PHC index to -1. All drivers will now report RX software timestamp as supported. The series is limited to 15 patches, I will submit other drivers in subsequent submissions. [1] https://lore.kernel.org/netdev/661550e348224_23a2b2294f7@willemb.c.googlers.com.notmuch/ v1: https://lore.kernel.org/20240829144253.122215-1-gal@nvidia.com ==================== Link: https://patch.msgid.link/20240901112803.212753-1-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 406e862b4583f5d2f87f116073f88d20419a6afa Author: Gal Pressman Date: Sun Sep 1 14:28:03 2024 +0300 net: mvpp2: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Marcin Wojtas Link: https://patch.msgid.link/20240901112803.212753-16-gal@nvidia.com Signed-off-by: Jakub Kicinski commit eb87a1daf6fb3b1ba8f19d94e243a638a844a7cc Author: Gal Pressman Date: Sun Sep 1 14:28:02 2024 +0300 octeontx2-pf: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Subbaraya Sundeep Link: https://patch.msgid.link/20240901112803.212753-15-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 673ec22b1de8230014ef02e7f48de6c5fd47b35a Author: Gal Pressman Date: Sun Sep 1 14:28:01 2024 +0300 gianfar: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Link: https://patch.msgid.link/20240901112803.212753-14-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 3dd261ca7f84c65af40f37825bf1cbb0cf3d5583 Author: Gal Pressman Date: Sun Sep 1 14:28:00 2024 +0300 net: enetc: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Wei Fang Link: https://patch.msgid.link/20240901112803.212753-13-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 7d20c38d088e936735d5a5b472a55834456f1928 Author: Gal Pressman Date: Sun Sep 1 14:27:59 2024 +0300 net: fec: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Wei Fang Link: https://patch.msgid.link/20240901112803.212753-12-gal@nvidia.com Signed-off-by: Jakub Kicinski commit c6a15576e60ef3f3bad012c0294beba9892943f2 Author: Gal Pressman Date: Sun Sep 1 14:27:58 2024 +0300 net: hns3: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Jijie Shao Link: https://patch.msgid.link/20240901112803.212753-11-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 0f79953c001947d52e2eca14dd76aaacbbf46241 Author: Gal Pressman Date: Sun Sep 1 14:27:57 2024 +0300 net: ethernet: rtsn: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Niklas Söderlund Link: https://patch.msgid.link/20240901112803.212753-10-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 41ee62317087f249fca0eda56217de69cd399da5 Author: Gal Pressman Date: Sun Sep 1 14:27:56 2024 +0300 net: renesas: rswitch: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Niklas Söderlund Link: https://patch.msgid.link/20240901112803.212753-9-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 277901ee3a2620679e2c8797377d2a72f4358068 Author: Gal Pressman Date: Sun Sep 1 14:27:55 2024 +0300 ravb: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Niklas Söderlund Reviewed-by: Sergey Shtylyov Link: https://patch.msgid.link/20240901112803.212753-8-gal@nvidia.com Signed-off-by: Jakub Kicinski commit e052114e14c2c1cac8068bcfde8d499e3249114b Author: Gal Pressman Date: Sun Sep 1 14:27:54 2024 +0300 ionic: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Shannon Nelson Reviewed-by: Brett Creeley Link: https://patch.msgid.link/20240901112803.212753-7-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 24186dc66b1018a33a12fadbcb40edd517abd5bc Author: Gal Pressman Date: Sun Sep 1 14:27:53 2024 +0300 tsnep: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Gerhard Engleder Link: https://patch.msgid.link/20240901112803.212753-6-gal@nvidia.com Signed-off-by: Jakub Kicinski commit ab6ebf02f222fdaec6091913d8505a1f4ce5b392 Author: Gal Pressman Date: Sun Sep 1 14:27:52 2024 +0300 can: peak_usb: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Marc Kleine-Budde Link: https://patch.msgid.link/20240901112803.212753-5-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 583fee8210cb1b9e96e7c33fd32f90df04402e46 Author: Gal Pressman Date: Sun Sep 1 14:27:51 2024 +0300 can: peak_canfd: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Marc Kleine-Budde Link: https://patch.msgid.link/20240901112803.212753-4-gal@nvidia.com Signed-off-by: Jakub Kicinski commit b5ed017a5658892ce99dc68413b506d175401528 Author: Gal Pressman Date: Sun Sep 1 14:27:50 2024 +0300 can: dev: Remove setting of RX software timestamp The responsibility for reporting of RX software timestamp has moved to the core layer (see __ethtool_get_ts_info()), remove usage from the device drivers. Reviewed-by: Carolina Jubran Reviewed-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Marc Kleine-Budde Link: https://patch.msgid.link/20240901112803.212753-3-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 12d337339d9fd71cf24b337727e51d5b3d52bcef Author: Gal Pressman Date: Sun Sep 1 14:27:49 2024 +0300 ethtool: RX software timestamp for all All devices support SOF_TIMESTAMPING_RX_SOFTWARE by virtue of net_timestamp_check() being called in the device independent code. Move the responsibility of reporting SOF_TIMESTAMPING_RX_SOFTWARE and SOF_TIMESTAMPING_SOFTWARE, and setting PHC index to -1 to the core. Device drivers no longer need to use them. Suggested-by: Willem de Bruijn Link: https://lore.kernel.org/netdev/661550e348224_23a2b2294f7@willemb.c.googlers.com.notmuch/ Co-developed-by: Rahul Rameshbabu Signed-off-by: Rahul Rameshbabu Signed-off-by: Gal Pressman Reviewed-by: Marc Kleine-Budde Reviewed-by: Willem de Bruijn Link: https://patch.msgid.link/20240901112803.212753-2-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 43247abd092e634a4ca5bcd25eeae3b42f703b58 Author: Qiuxu Zhuo Date: Thu Aug 29 20:09:03 2024 +0800 EDAC/sb_edac: Fix the compile warning of large frame size Compiling sb_edac driver with GCC 11.4.0 and the W=1 option reported the following warning: drivers/edac/sb_edac.c: In function ‘sbridge_mce_output_error’: drivers/edac/sb_edac.c:3249:1: warning: the frame size of 1032 bytes is larger than 1024 bytes [-Wframe-larger-than=] As there is no concurrent invocation of sbridge_mce_output_error(), fix this warning by moving the large-size variables 'msg' and 'msg_full' from the stack to the pre-allocated data segment. [Tony: Fix checkpatch warnings for code alignment & use of strcpy()] Reported-by: Zhang Rui Tested-by: Zhang Rui Signed-off-by: Qiuxu Zhuo Signed-off-by: Tony Luck Link: https://lore.kernel.org/all/20240829120903.84152-1-qiuxu.zhuo@intel.com commit a790df272a20dcc88ffebe20eca34c54f528fcaa Author: Dmitry Torokhov Date: Tue Sep 3 13:59:06 2024 -0700 Input: synaptics-rmi4 - fix crash when DPM query is not supported Stop clobbering "item" variable when checking if the device supports querying DPM values because its original value is still needed in case when we need to fall back to the old way of figuring sensor size. Reported-by: Richard Acayan Tested-by: Richard Acayan Fixes: 14d650fcb7fb ("Input: synaptics-rmi4 - add support for querying DPM value (F12)") Link: https://lore.kernel.org/r/ZtdQW7nqAOEJDNBN@radian Signed-off-by: Dmitry Torokhov commit 59420d8ad7809827524824a3891d6a081e735449 Author: Detlev Casanova Date: Tue Sep 3 11:22:32 2024 -0400 dt-bindings: arm: rockchip: Add rk3576 compatible string to pmu.yaml Add the compatible for the pmu mfd on rk3576. Signed-off-by: Detlev Casanova Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240903152308.13565-3-detlev.casanova@collabora.com Signed-off-by: Heiko Stuebner commit 6625767049c2e0960ba9835392a6ef9143170be6 Author: Chris Morgan Date: Wed Aug 21 16:54:55 2024 -0500 power: supply: axp20x_battery: add support for AXP717 Add support for the AXP717 PMIC battery charger. The AXP717 differs greatly from existing AXP battery chargers in that it cannot measure the discharge current. The datasheet does not document the current value's offset or scale, so the POWER_SUPPLY_PROP_CURRENT_NOW is left unscaled. Tested-by: Philippe Simons Signed-off-by: Chris Morgan Link: https://lore.kernel.org/r/20240821215456.962564-15-macroalpha82@gmail.com Signed-off-by: Sebastian Reichel commit 68d3b6aa08708bb3907c2c13eaf4b3ccf4805160 Author: Miguel Ojeda Date: Mon Sep 2 19:32:54 2024 +0200 MAINTAINERS: add Trevor Gross as Rust reviewer Trevor has been involved with the Rust for Linux project for more than a year now. He has been active reviewing Rust code in the mailing list, and he already is a formal reviewer of the Rust PHY library and the two PHY drivers. In addition, he is also part of several upstream Rust teams: compiler-contributors team (contributors to the Rust compiler on a regular basis), libs-contributors (contributors to the Rust standard library on a regular basis), crate-maintainers (maintainers of official Rust crates), the binary size working group and the Rust for Linux ping group. His expertise with the language will be very useful to have around in the future if Rust keeps growing within the kernel, thus add him to the `RUST` entry as a reviewer. Acked-by: Boqun Feng Acked-by: Trevor Gross Link: https://lore.kernel.org/r/20240902173255.1105340-1-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit 75098176d17fab88c06120b453b4b0d1641e2a41 Author: Chris Morgan Date: Wed Aug 21 16:54:54 2024 -0500 power: supply: axp20x_usb_power: Add support for AXP717 Add support for the AXP717 PMIC. The AXP717 PMIC allows for detection of USB type like the AXP813, but has little in common otherwise with the other AXP PMICs. The USB charger is able to provide between 100000uA and 3250000uA of power, and can measure the VBUS input in mV with up to 14 bits of precision. Tested-by: Philippe Simons Signed-off-by: Chris Morgan Acked-by: Jonathan Cameron Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240821215456.962564-14-macroalpha82@gmail.com [fix axp717_usb_power_desc.usb_types] Signed-off-by: Sebastian Reichel commit e44c5691822962dc6f50793029bef5e71f5b0a62 Author: Chris Morgan Date: Wed Aug 21 16:54:51 2024 -0500 dt-bindings: power: supply: axp20x: Add AXP717 compatible Add binding information for AXP717. Acked-by: Krzysztof Kozlowski Signed-off-by: Chris Morgan Acked-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240821215456.962564-11-macroalpha82@gmail.com Signed-off-by: Sebastian Reichel commit 6f9fec70e730232efa3be7293f220cf317789d17 Author: Chris Morgan Date: Wed Aug 21 16:54:50 2024 -0500 dt-bindings: power: supply: axp20x: Add AXP717 compatible Add support for the AXP717. It has BC 1.2 detection like the AXP813 and uses ADC channels like all other AXP devices, but otherwise is very different requiring new registers for most functions. Acked-by: Krzysztof Kozlowski Acked-by: Chen-Yu Tsai Signed-off-by: Chris Morgan Link: https://lore.kernel.org/r/20240821215456.962564-10-macroalpha82@gmail.com Signed-off-by: Sebastian Reichel commit 91c0e9d6a205ab0e318dc0dc6e72cbbdb21f8094 Author: Li Ming Date: Fri Aug 30 01:31:38 2024 +0000 cxl/port: Refactor __devm_cxl_add_port() to drop goto pattern In __devm_cxl_add_port(), there is a 'goto' to call put_device() for the error cases between device_initialize() and device_add() to dereference the 'struct device' of a new cxl_port. The 'goto' pattern in the case can be removed by refactoring. Introducing a new function called cxl_port_add() which is used to add the 'struct device' of a new cxl_port to device hierarchy, moving the functions needing the help of the 'goto' into cxl_port_add(), and using a scoped-based resource management __free() to drop the open coded put_device() and the 'goto' for the error cases. Suggested-by: Dan Williams Signed-off-by: Li Ming Reviewed-by: Ira Weiny Reviewed-by: Jonathan Cameron Link: https://patch.msgid.link/20240830013138.2256244-3-ming4.li@intel.com Signed-off-by: Dave Jiang commit 7f569e917b7866b6760e2cfc3a9549cabc890071 Author: Li Ming Date: Fri Aug 30 01:31:37 2024 +0000 cxl/port: Use scoped_guard()/guard() to drop device_lock() for cxl_port A device_lock() and device_unlock() pair can be replaced by a cleanup helper scoped_guard() or guard(), that can enhance code readability. In CXL subsystem, still use device_lock() and device_unlock() pairs for cxl port resource protection, most of them can be replaced by a scoped_guard() or a guard() simply. Suggested-by: Dan Williams Signed-off-by: Li Ming Reviewed-by: Jonathan Cameron Link: https://patch.msgid.link/20240830013138.2256244-2-ming4.li@intel.com Signed-off-by: Dave Jiang commit dd2617ebd2a69c012001a29274557199409eff39 Author: Li Ming Date: Fri Aug 30 01:31:36 2024 +0000 cxl/port: Use __free() to drop put_device() for cxl_port Using scope-based resource management __free() marco with a new helper called put_cxl_port() to drop open coded the put_device() used to dereference the 'struct device' in cxl_port. Suggested-by: Dan Williams Signed-off-by: Li Ming Reviewed-by: Jonathan Cameron Link: https://patch.msgid.link/20240830013138.2256244-1-ming4.li@intel.com Signed-off-by: Dave Jiang commit e0d967f2d6ede99e8bc8dbfe1a5e622043ccb85f Merge: 57dfd4455bd270 2e1a57d5b0adbb Author: Sebastian Reichel Date: Tue Sep 3 23:46:41 2024 +0200 Merge tag 'tags/ib-mfd-for-iio-power-v6.12' into psy-next Immutable branch between MFD, IIO and power-supply providing the register definitions needed for AXP717 support in the axp20x axp20x_battery and axp20x_usb_power drivers. Signed-off-by: Sebastian Reichel commit fa724cd747cdc347cde0d2ef6ba4ee34344f72cb Author: Hongbo Li Date: Fri Aug 30 16:00:16 2024 +0800 cxl: Remove duplicate included header file core.h The header file core.h is included twice. Remove the last one. The compilation test has passed. Signed-off-by: Hongbo Li Acked-by: Jonathan Cameron Reviewed-by: Jonathan Cameron Reviewed-by: Dave Jiang Link: https://patch.msgid.link/20240830080016.3542184-1-lihongbo22@huawei.com Signed-off-by: Dave Jiang commit 57dfd4455bd270d1efebf950c2f722977b09c57a Author: Colin Ian King Date: Wed Aug 28 10:34:47 2024 +0100 power: supply: axp20x_usb_power: Fix spelling mistake "reqested" -> "requested" There is a spelling mistake in a dev_warn message. Fix it. Signed-off-by: Colin Ian King Acked-by: Chen-Yu Tsai Link: https://lore.kernel.org/r/20240828093447.271503-1-colin.i.king@gmail.com Signed-off-by: Sebastian Reichel commit 1c1d348b08ab7c106dd96bafb120f0888827174b Author: Kunwu Chan Date: Tue Aug 27 17:51:23 2024 +0800 tools/testing/cxl: Use dev_is_platform() Use dev_is_platform() instead of checking bus type directly. Signed-off-by: Kunwu Chan Reviewed-by: Jonathan Cameron Link: https://patch.msgid.link/20240827095123.168696-1-kunwu.chan@linux.dev Signed-off-by: Dave Jiang commit 2ff28e97658af64ae22878ee4dd8c0b583cd431c Merge: 47271a9356192b 364ea7ccaef917 Author: Sebastian Reichel Date: Tue Sep 3 23:33:25 2024 +0200 Merge tag 'ib-psy-usb-types-signed' into psy-next Changing usb_types type from array to bitmap in the power_supply_desc struct requires updating power-supply drivers living in different subsystem, so it is handled via an immutable branch. Signed-off-by: Sebastian Reichel commit 1f9651bfc51326fbed10df820c4e80f885f921d8 Author: Yuesong Li Date: Thu Aug 29 20:52:35 2024 +0800 cxl/port: Convert to use ERR_CAST() Use ERR_CAST() as it is designed for casting an error pointer to another type. This macro utilizes the __force and __must_check modifiers, which instruct the compiler to verify for errors at the locations where it is employed. Signed-off-by: Yuesong Li Reviewed-by: Jonathan Cameron Reviewed-by: Alison Schofield Link: https://patch.msgid.link/20240829125235.3266865-1-liyuesong@vivo.com Signed-off-by: Dave Jiang commit 364ea7ccaef917a3068236a19a4b31a0623b561a Author: Hans de Goede Date: Sat Aug 31 16:20:39 2024 +0200 power: supply: Change usb_types from an array into a bitmask The bit_types array just hold a list of valid enum power_supply_usb_type values which map to 0 - 9. This can easily be represented as a bitmap. This reduces the size of struct power_supply_desc and further reduces the data section size by drivers no longer needing to store the array. This also unifies how usb_types are handled with charge_behaviours, which allows power_supply_show_usb_type() to be removed. Signed-off-by: Hans de Goede Reviewed-by: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240831142039.28830-7-hdegoede@redhat.com Signed-off-by: Sebastian Reichel commit 322900ac7d82be0475466f81946b6484cd1936bd Author: Hans de Goede Date: Sat Aug 31 16:20:38 2024 +0200 power: supply: sysfs: Move power_supply_show_enum_with_available() up Move power_supply_show_enum_with_available() higher up in the power_supply_sysfs.c file. This is a preparation patch to avoid needing a forward declaration when replacing power_supply_show_usb_type() with it later on. This commit only moves the function, there are no changes to it. Signed-off-by: Hans de Goede Link: https://lore.kernel.org/r/20240831142039.28830-6-hdegoede@redhat.com Signed-off-by: Sebastian Reichel commit a6456d43e9abebb5d7866e5edae3024188273306 Author: Hans de Goede Date: Sat Aug 31 16:20:37 2024 +0200 power: supply: sysfs: Add power_supply_show_enum_with_available() helper Turn power_supply_charge_behaviour_show() into a generic function for showing enum values with their available (for writing) values shown and the current value shown surrounded by sqaure-brackets like the show() output for "usb_type" and "charge_behaviour". This is a preparation patch for refactoring the "usb_type" property handling to use a bitmask indicating available usb-types + this new generic function. Signed-off-by: Hans de Goede Link: https://lore.kernel.org/r/20240831142039.28830-5-hdegoede@redhat.com Signed-off-by: Sebastian Reichel commit 03ec41c1670aedfbd126f541c4acbb8e69d4cd0c Author: Hans de Goede Date: Sat Aug 31 16:20:36 2024 +0200 power: supply: rt9467-charger: Remove "usb_type" property write support The "usb_type" property must be read-only for charger power-supply devices, see: Documentation/ABI/testing/sysfs-class-power. But the rt9467 driver allows writing 0/1 to it to disable/enable charging. Other charger drivers use the "status" property for this and the rt9467 code also allows writing 0/1 to its "status" property and this does the exact same thing as writing 0/1 to its "usb_type" property. Drop write support for the "usb_type" property making it readonly to match the ABI documentation. If userspace wants to disable/enable charging it can use the "status" property for this. Signed-off-by: Hans de Goede Link: https://lore.kernel.org/r/20240831142039.28830-4-hdegoede@redhat.com Signed-off-by: Sebastian Reichel commit 83a4c42df75e8f6ff671fa9fbe7d4c79b98626de Author: Hans de Goede Date: Sat Aug 31 16:20:35 2024 +0200 power: supply: ucs1002: Adjust ucs1002_set_usb_type() to accept string values power_supply_sysfs.c accept wrrites of strings to "usb_type" for strings values matching an entry in POWER_SUPPLY_USB_TYPE_TEXT[]. If such a string value is written then the int value passed to ucs1002_set_property() will be an enum power_supply_usb_type value. Before this change ucs1002_set_usb_type() expected the value to be an index into ucs1002_usb_types[]. Adjust ucs1002_set_usb_type() to use the enum value directly so that writing string values works. The list of supported types in ucs1002_usb_types[] is: PD, SDP, DCP, CDP. The [POWER_SUPPLY_USB_TYPE_]SDP, DCP and CDP enum labels have a value of 1, 2 and 3. So userspace selecting SDP, DCP or CDP by writing 1, 2 or 3 will keep working. POWER_SUPPLY_USB_TYPE_PD which is mapped to the ucs1002 dedicated mode however has a value of 6. Before this change writing 0 would select the dedicated mode. To preserve userspace API compatibility also map POWER_SUPPLY_USB_TYPE_UNKNOWN (which is 0) to the dedicated mode. Cc: Enric Balletbo Serra Cc: Andrey Smirnov Signed-off-by: Hans de Goede Link: https://lore.kernel.org/r/20240831142039.28830-3-hdegoede@redhat.com Signed-off-by: Sebastian Reichel commit 0d9af1e1c93b6a89f3fb6dcbafa5bc78892cb94f Author: Hans de Goede Date: Sat Aug 31 16:20:34 2024 +0200 power: supply: "usb_type" property may be written to According to Documentation/ABI/testing/sysfs-class-power the "usb_type" property is Read-Only. For power-supplies which consume USB power such as battery charger chips, this is correct. But the UCS1002 USB Port Power Controller driver which is a driver for a chip which is a power-source for USB-A charging ports "usb_type" is actually writable to configure the type of USB charger emulated by the USB-A port. Adjust the docs and the power_supply_sysfs.c code to adjust for this new writeable use of "usb_type": 1. Update Documentation/ABI/testing/sysfs-class-power to document that "usb_type" may be writable 2. Change the power_supply_attr type in power_supply_sysfs.c from POWER_SUPPLY_ATTR() into POWER_SUPPLY_ENUM_ATTR() so that the various usb_type string values from POWER_SUPPLY_TYPE_TEXT[] such as e.g. "SDP" and "USB_PD" can be written to the "usb_type" attribute instead of only accepting integer values. Cc: Enric Balletbo Serra Cc: Andrey Smirnov Signed-off-by: Hans de Goede Reviewed-by: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240831142039.28830-2-hdegoede@redhat.com Signed-off-by: Sebastian Reichel commit c3d95aa93fd8549588097b0701b3835920fd8533 Author: Bjorn Helgaas Date: Tue Sep 3 15:31:33 2024 -0500 PCI: cadence: Drop excess cdns_pcie_rc.dev kerneldoc description Struct cdns_pcie_rc once had a .dev member, but it was removed by bd22885aa188 ("PCI: cadence: Refactor driver to use as a core library"). Drop the extra kerneldoc for it. Signed-off-by: Bjorn Helgaas commit dd9d80408b7d6041ebaf2346c66d258bf6adceae Author: Bjorn Helgaas Date: Tue Sep 3 15:16:13 2024 -0500 PCI: mediatek: Drop excess mtk_pcie.mem kerneldoc description Struct mtk_pcie.mem was removed by 8a26f861b815 ("PCI: mediatek: Use pci_parse_request_of_pci_ranges()"), but the kerneldoc was left. Remove the extra kerneldoc. Signed-off-by: Bjorn Helgaas commit 02774b14439dd5a8982335e779b62628d85eb76b Author: Fabio Estevam Date: Mon Sep 2 15:46:55 2024 -0300 spi: mxs: Switch to RUNTIME/SYSTEM_SLEEP_PM_OPS() Replace SET_RUNTIME_PM_OPS()/SET SYSTEM_SLEEP_PM_OPS() with their modern RUNTIME_PM_OPS() and SYSTEM_SLEEP_PM_OPS() alternatives. The combined usage of pm_ptr() and RUNTIME_PM_OPS/SYSTEM_SLEEP_PM_OPS() allows the compiler to evaluate if the runtime suspend/resume() functions are used at build time or are simply dead code. This allows removing the __maybe_unused annotations from the suspend/resume() functions. Signed-off-by: Fabio Estevam Link: https://patch.msgid.link/20240902184655.932699-1-festevam@gmail.com Signed-off-by: Mark Brown commit f37213104a370ca60d9c475519b30c848c6d7d6d Merge: b01bf907bd9cdf 3aeccbe08171b7 Author: Stephen Boyd Date: Tue Sep 3 14:00:29 2024 -0700 Merge tag 'renesas-clk-for-v6.12-tag2' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-drivers into clk-renesas Pull more Renesas clk driver updates from Geert Uytterhoeven: - Add USB clocks, resets and power domains on RZ/G3S - Add Generic Timer (GTM), I2C Bus Interface (RIIC), SD/MMC Host Interface (SDHI) and Watchdog Timer (WDT) clocks and resets on RZ/V2H - Miscellaneous fixes and improvements * tag 'renesas-clk-for-v6.12-tag2' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-drivers: clk: renesas: r9a09g057: Add clock and reset entries for GTM/RIIC/SDHI/WDT clk: renesas: rzv2h: Add support for dynamic switching divider clocks clk: renesas: r9a08g045: Add clocks, resets and power domains for USB dt-bindings: clock: renesas,cpg-clocks: Add top-level constraints commit 47271a9356192bf911a9f32de9236425063ed6d7 Author: Dimitri Fedrau Date: Tue Sep 3 08:35:26 2024 +0200 power: supply: max1720x: add read support for nvmem ModelGauge m5 and device configuration values are stored in nonvolatile memory to prevent data loss if the IC loses power. Add read support for the nonvolatile memory on MAX1720X devices. Signed-off-by: Dimitri Fedrau Link: https://lore.kernel.org/r/20240903063526.222890-1-dima.fedrau@gmail.com Signed-off-by: Sebastian Reichel commit 7cb9b5fa218caa899f4288865c4598357bcce4e9 Author: Bjorn Helgaas Date: Tue Sep 3 15:38:25 2024 -0500 PCI: endpoint: Fix enum pci_epc_bar_type kerneldoc e01c9797c0eb ("PCI: endpoint: Clean up hardware description for BARs") added enum pci_epc_bar_type with incomplete kerneldoc. Add the missing piece. Signed-off-by: Bjorn Helgaas commit 8c1867a2f0fd4235b84da6b204519e830b551988 Author: Hongbo Li Date: Sat Aug 31 17:52:51 2024 +0800 audit: Make use of str_enabled_disabled() helper Use str_enabled_disabled() helper instead of open coding the same. Signed-off-by: Hongbo Li Signed-off-by: Paul Moore commit 97688a9c5b1fd2b826c682cdfa36d411a5c99828 Author: tangbin Date: Tue Sep 3 17:06:20 2024 +0800 ASoC: loongson: fix error release In function loongson_card_parse_of(), when get device_node 'codec' failed, the function of_node_put(codec) should not be invoked, thus fix error release. Fixes: d24028606e76 ("ASoC: loongson: Add Loongson ASoC Sound Card Support") Signed-off-by: tangbin Link: https://patch.msgid.link/20240903090620.6276-1-tangbin@cmss.chinamobile.com Signed-off-by: Mark Brown commit 568dc2fae5d3697033f5e28cf4d6225b3db00461 Author: Marek Vasut Date: Sat Aug 31 01:09:43 2024 +0200 ASoC: tlv320aic32x4: Add multi endpoint support Support multiple endpoints on TLV320AIC32x4 codec port when used in of_graph context. This patch allows to share the codec port between two CPU DAIs. Example: Custom STM32MP157C board uses TLV320AIC32x4 audio codec. This codec is connected to two serial audio interfaces, which are configured either as rx or tx. >From AsoC point of view the topolgy is the following: // 2 CPU DAIs (SAI2A/B), 1 Codec (TLV320AIC32x4) Playback: CPU-A-DAI(slave) -> (master)CODEC-DAI/port0 Record: CPU-B-DAI(slave) <- (master)CODEC-DAI/port0 In the DT two endpoints have to be associated to the codec port: tlv320aic32x4_port: port { tlv320aic32x4_tx_endpoint: endpoint@0 { remote-endpoint = <&sai2a_endpoint>; }; tlv320aic32x4_rx_endpoint: endpoint@1 { remote-endpoint = <&sai2b_endpoint>; }; }; However, when the audio graph card parses the codec nodes, it expects to find DAI interface indexes matching the endpoints indexes. The current patch forces the use of DAI id 0 for both endpoints, which allows to share the codec DAI between the two CPU DAIs for playback and capture streams respectively. Signed-off-by: Marek Vasut Link: https://patch.msgid.link/20240830231007.205707-1-marex@denx.de Signed-off-by: Mark Brown commit fcca6d05ef49d5650514ea1dcfd12e4ae3ff2be6 Author: Ma Ke Date: Fri Aug 30 22:31:54 2024 +0800 ASoC: rt5682: Return devm_of_clk_add_hw_provider to transfer the error Return devm_of_clk_add_hw_provider() in order to transfer the error, if it fails due to resource allocation failure or device tree clock provider registration failure. Cc: stable@vger.kernel.org Fixes: ebbfabc16d23 ("ASoC: rt5682: Add CCF usage for providing I2S clks") Signed-off-by: Ma Ke Link: https://patch.msgid.link/20240830143154.3448004-1-make24@iscas.ac.cn Signed-off-by: Mark Brown commit 05a01639b8f5fa42fb28f58cb1142bf11917d3c2 Author: Yoshihiro Shimoda Date: Thu Aug 22 15:44:59 2024 +0900 dt-bindings: PCI: rcar-gen4-pci-ep: Add R-Car V4M compatible Document bindings for R-Car V4M (R8A779H0) PCIe endpoint module. Link: https://lore.kernel.org/linux-pci/20240822064459.1133748-3-yoshihiro.shimoda.uh@renesas.com Signed-off-by: Yoshihiro Shimoda Signed-off-by: Krzysztof Wilczyński Signed-off-by: Bjorn Helgaas Reviewed-by: Geert Uytterhoeven Acked-by: Krzysztof Kozlowski commit 97e629c8bdf78066f480f0c44365c6ecb44b7301 Author: Yoshihiro Shimoda Date: Thu Aug 22 15:44:58 2024 +0900 dt-bindings: PCI: rcar-gen4-pci-host: Add R-Car V4M compatible Document bindings for R-Car V4M (R8A779H0) PCIe host module. Link: https://lore.kernel.org/linux-pci/20240822064459.1133748-2-yoshihiro.shimoda.uh@renesas.com Signed-off-by: Yoshihiro Shimoda Signed-off-by: Krzysztof Wilczyński Signed-off-by: Bjorn Helgaas Reviewed-by: Geert Uytterhoeven Acked-by: Krzysztof Kozlowski commit 1d777b05da6adf970c2cd2e07f5f1953685df110 Merge: 8400291e289ee6 2d6e9ee7cb3e79 Author: Stephen Boyd Date: Tue Sep 3 13:03:10 2024 -0700 Merge tag 'clk-microchip-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/at91/linux into clk-microchip Pull Microchip clk driver updates from Claudiu Beznea: - support for the Microchip SAM9X7 SoC as follows: - updates on the PLL drivers - a new clock driver was added for SAM9X7 - dt-binding documentation updates (for the new clock driver and for the slow clock controller that SAM9X7 is using) - a fix for the Microchip SAMA7G5 clock driver to avoid allocating mode than necessary memory * tag 'clk-microchip-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/at91/linux: clk: at91: sama7g5: Allocate only the needed amount of memory for PLLs clk: at91: sam9x7: add sam9x7 pmc driver dt-bindings: clock: at91: Allow PLLs to be exported and referenced in DT clk: at91: sama7g5: move mux table macros to header file clk: at91: sam9x7: add support for HW PLL freq dividers clk: at91: clk-sam9x60-pll: re-factor to support individual core freq outputs dt-bindings: clocks: atmel,at91rm9200-pmc: add sam9x7 clock controller dt-bindings: clocks: atmel,at91sam9x5-sckc: add sam9x7 commit 3bbefbbd9e6c8ae80528ca14ac1258d657e5017e Merge: 7f85b11203dd1d 0568ee1198f864 Author: Jakub Kicinski Date: Tue Sep 3 12:50:02 2024 -0700 Merge branch '1GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue Tony Nguyen says: ==================== Intel Wired LAN Driver Updates 2024-08-30 (igc, e1000e, i40e) This series contains updates to igc, e1000e, and i40 drivers. Kurt Kanzenbach adds support for MQPRIO offloads and stops unintended, excess interrupts on igc. Sasha adds reporting of EEE (Energy Efficient Ethernet) ability and moves a register define to a better suited file for igc. Vitaly stops reporting errors on shutdown and suspend as they are not fatal for e1000e. Alex adds reporting of EEE to i40e. * '1GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue: i40e: Add Energy Efficient Ethernet ability for X710 Base-T/KR/KX cards e1000e: avoid failing the system during pm_suspend igc: Move the MULTI GBT AN Control Register to _regs file igc: Add Energy Efficient Ethernet ability igc: Get rid of spurious interrupts igc: Add MQPRIO offload support ==================== Link: https://patch.msgid.link/20240830210451.2375215-1-anthony.l.nguyen@intel.com Signed-off-by: Jakub Kicinski commit f76e3525acf395f22712fc9120de555fb4b1a52f Author: Ian Rogers Date: Wed Jul 17 17:30:21 2024 -0700 perf parse-events: Pass cpu_list as a perf_cpu_map in __add_event() Previously the cpu_list is a string and typically no cpu_list is passed to __add_event(). Wanting to make events have their cpus distinct from the PMU means that in more occassions we want to pass a cpu_list. If we're reading this from sysfs it is easier to read a perf_cpu_map than allocate and pass around strings that will later be parsed. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ananth Narayan Cc: Bjorn Helgaas Cc: Dhananjay Ugwekar Cc: Dominique Martinet Cc: Gautham Shenoy Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Jonathan Corbet Cc: K Prateek Nayak Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Ravi Bangoria Cc: Sandipan Das Link: https://lore.kernel.org/r/20240718003025.1486232-3-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit beef8fb2af95ae8aa77f05a2663710d260741ddd Author: Ian Rogers Date: Wed Jul 17 17:30:20 2024 -0700 perf pmu: Merge boolean sysfs event option parsing Merge perf_pmu__parse_per_pkg() and perf_pmu__parse_snapshot() that do the same parsing except for the file suffix used. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ananth Narayan Cc: Bjorn Helgaas Cc: Dhananjay Ugwekar Cc: Dominique Martinet Cc: Gautham Shenoy Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Jonathan Corbet Cc: K Prateek Nayak Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Ravi Bangoria Cc: Sandipan Das Link: https://lore.kernel.org/r/20240718003025.1486232-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 7a33c144c28ebb27c59963007992fed15f3953b3 Author: Qiuxu Zhuo Date: Thu Aug 29 14:13:09 2024 +0800 EDAC/{skx_common,i10nm}: Remove the AMAP register for determing DDR5 The configuration flag 'res_config->support_ddr5 = true' sufficiently indicates DDR5 memory support for Sapphire Rapids and Granite Rapids. Additionally, the i10nm_edac driver doesn't need to use the AMAP register for setting the 'fine_grain_bank' of each DIMM. Therefore, remove the AMAP register for determining DDR5. Signed-off-by: Qiuxu Zhuo Signed-off-by: Tony Luck Link: https://lore.kernel.org/all/20240829061309.57738-1-qiuxu.zhuo@intel.com commit 8b935823530d6fd0bea0e90a747f3ebd8cfefb0d Author: Qiuxu Zhuo Date: Thu Aug 29 13:51:01 2024 +0800 EDAC/{skx_common,skx,i10nm}: Move the common debug code to skx_common Commit afdb82fd763c ("EDAC, i10nm: make skx_common.o a separate module") made skx_common.o a separate module. With skx_common.o now a separate module, move the common debug code setup_{skx,i10nm}_debug() and teardown_{skx,i10nm}_debug() in {skx,i10nm}_base.c to skx_common.c to reduce code duplication. Additionally, prefix these function names with 'skx' to maintain consistency with other names in the file. Signed-off-by: Qiuxu Zhuo Signed-off-by: Tony Luck Link: https://lore.kernel.org/all/20240829055101.56245-1-qiuxu.zhuo@intel.com commit 0ad875f442e95d69a1145a38aabac2fd29984fe3 Author: Qiuxu Zhuo Date: Wed Aug 14 14:10:11 2024 +0800 EDAC/igen6: Fix conversion of system address to physical memory address The conversion of system address to physical memory address (as viewed by the memory controller) by igen6_edac is incorrect when the system address is above the TOM (Total amount Of populated physical Memory) for Elkhart Lake and Ice Lake (Neural Network Processor). Fix this conversion. Fixes: 10590a9d4f23 ("EDAC/igen6: Add EDAC driver for Intel client SoCs using IBECC") Signed-off-by: Qiuxu Zhuo Signed-off-by: Tony Luck Cc: stable@vger.kernel.org Link: https://lore.kernel.org/stable/20240814061011.43545-1-qiuxu.zhuo%40intel.com commit 61075d0cbfbdfd7217266f9919d15e58aa80982a Author: shuaijie wang Date: Tue Aug 27 08:02:28 2024 +0000 dt-bindings: iio: aw96103: Add bindings for aw96103/aw96105 sensor Add device tree bindings for aw96103/aw96105 proximity sensor. Reviewed-by: Krzysztof Kozlowski Signed-off-by: shuaijie wang Link: https://patch.msgid.link/20240827080229.1431784-2-wangshuaijie@awinic.com Signed-off-by: Jonathan Cameron commit d1022ff5f9b93cccfb4a84854828eb1b5d5202ba Author: Thomas Bonnefille Date: Thu Aug 29 14:31:51 2024 +0200 iio: adc: sophgo-saradc: Add driver for Sophgo CV1800B SARADC This adds a driver for the Sophgo CV1800B SARADC. Signed-off-by: Thomas Bonnefille Link: https://patch.msgid.link/20240829-sg2002-adc-v5-2-aacb381e869b@bootlin.com Signed-off-by: Jonathan Cameron commit 7f85b11203dd1dd0d534f2a9568e02e9d45cb400 Merge: 1a5c486300e5ae 3682c302e72d71 Author: Jakub Kicinski Date: Tue Sep 3 11:59:44 2024 -0700 Merge tag 'ieee802154-for-net-2024-09-01' of git://git.kernel.org/pub/scm/linux/kernel/git/wpan/wpan Stefan Schmidt says: ==================== pull-request: ieee802154 for net 2024-09-01 Simon Horman catched two typos in our headers. No functional change. * tag 'ieee802154-for-net-2024-09-01' of git://git.kernel.org/pub/scm/linux/kernel/git/wpan/wpan: ieee802154: Correct spelling in nl802154.h mac802154: Correct spelling in mac802154.h ==================== Link: https://patch.msgid.link/20240901184213.2303047-1-stefan@datenfreihafen.org Signed-off-by: Jakub Kicinski commit 9b3a48bbe20d9692e0d456488cd3a6244cac3e3b Author: Yang Jihong Date: Mon Aug 19 11:30:16 2024 +0800 perf sched timehist: Add --prio option The --prio option is used to only show events for the given task priority(ies). The default is to show events for all priority tasks, which is consistent with the previous behavior. Testcase: # perf sched record nice -n 9 perf bench sched messaging -l 10000 # Running 'sched/messaging' benchmark: # 20 sender and receiver processes per group # 10 groups == 400 processes run Total time: 3.435 [sec] [ perf record: Woken up 270 times to write data ] [ perf record: Captured and wrote 618.688 MB perf.data (5729036 samples) ] # perf sched timehist -h Usage: perf sched timehist [] -C, --cpu list of cpus to profile -D, --dump-raw-trace dump raw trace in ASCII -f, --force don't complain, do it -g, --call-graph Display call chains if present (default on) -I, --idle-hist Show idle events only -i, --input input file name -k, --vmlinux vmlinux pathname -M, --migrations Show migration events -n, --next Show next task -p, --pid analyze events only for given process id(s) -s, --summary Show only syscall summary with statistics -S, --with-summary Show all syscalls and summary with statistics -t, --tid analyze events only for given thread id(s) -V, --cpu-visual Add CPU visual -v, --verbose be more verbose (show symbol address, etc) -w, --wakeups Show wakeup events --kallsyms kallsyms pathname --max-stack Maximum number of functions to display backtrace. --prio analyze events only for given task priority(ies) --show-prio Show task priority --state Show task state when sched-out --symfs Look for files with symbols relative to this directory --time Time span for analysis (start,stop) # perf sched timehist --prio 140 Samples of sched_switch event do not have callchains. Invalid prio string # perf sched timehist --show-prio --prio 129 Samples of sched_switch event do not have callchains. time cpu task name prio wait time sch delay run time [tid/pid] (msec) (msec) (msec) --------------- ------ ------------------------------ -------- --------- --------- --------- 2090450.765421 [0002] sched-messaging[1229618] 129 0.000 0.000 0.029 2090450.765445 [0007] sched-messaging[1229616] 129 0.000 0.062 0.043 2090450.765448 [0014] sched-messaging[1229619] 129 0.000 0.000 0.032 2090450.765478 [0013] sched-messaging[1229617] 129 0.000 0.065 0.048 2090450.765503 [0014] sched-messaging[1229622] 129 0.000 0.000 0.017 2090450.765550 [0002] sched-messaging[1229624] 129 0.000 0.000 0.021 2090450.765562 [0007] sched-messaging[1229621] 129 0.000 0.071 0.028 2090450.765570 [0005] sched-messaging[1229620] 129 0.000 0.064 0.066 2090450.765583 [0001] sched-messaging[1229625] 129 0.000 0.001 0.031 2090450.765595 [0013] sched-messaging[1229623] 129 0.000 0.060 0.028 2090450.765637 [0014] sched-messaging[1229628] 129 0.000 0.000 0.019 2090450.765665 [0007] sched-messaging[1229627] 129 0.000 0.038 0.030 # perf sched timehist --show-prio --prio 0,120-129 Samples of sched_switch event do not have callchains. time cpu task name prio wait time sch delay run time [tid/pid] (msec) (msec) (msec) --------------- ------ ------------------------------ -------- --------- --------- --------- 2090450.763231 [0000] perf[1229608] 120 0.000 0.000 0.000 2090450.763235 [0000] migration/0[15] 0 0.000 0.001 0.003 2090450.763263 [0001] perf[1229608] 120 0.000 0.000 0.000 2090450.763268 [0001] migration/1[21] 0 0.000 0.001 0.004 2090450.763302 [0002] perf[1229608] 120 0.000 0.000 0.000 2090450.763309 [0002] migration/2[27] 0 0.000 0.001 0.007 2090450.763338 [0003] perf[1229608] 120 0.000 0.000 0.000 2090450.763343 [0003] migration/3[33] 0 0.000 0.001 0.004 2090450.763459 [0004] perf[1229608] 120 0.000 0.000 0.000 2090450.763469 [0004] migration/4[39] 0 0.000 0.002 0.010 2090450.763496 [0005] perf[1229608] 120 0.000 0.000 0.000 2090450.763501 [0005] migration/5[45] 0 0.000 0.001 0.004 2090450.763613 [0006] perf[1229608] 120 0.000 0.000 0.000 2090450.763622 [0006] migration/6[51] 0 0.000 0.001 0.008 2090450.763652 [0007] perf[1229608] 120 0.000 0.000 0.000 2090450.763660 [0007] migration/7[57] 0 0.000 0.001 0.008 2090450.765665 [0001] 120 0.031 0.031 0.081 2090450.765665 [0007] sched-messaging[1229627] 129 0.000 0.038 0.030 2090450.765667 [0000] s1-perf[8235/7168] 120 0.008 0.000 0.004 2090450.765684 [0013] 120 0.028 0.028 0.088 2090450.765685 [0001] sched-messaging[1229630] 129 0.000 0.001 0.020 2090450.765688 [0000] 120 0.004 0.004 0.020 2090450.765689 [0002] 120 0.021 0.021 0.138 2090450.765691 [0005] sched-messaging[1229626] 129 0.000 0.085 0.029 Signed-off-by: Yang Jihong Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240819033016.2427235-3-yangjihong@bytedance.com Signed-off-by: Arnaldo Carvalho de Melo commit 3fcd740990dee9404f4f6ebeb7a31f0066849e46 Author: Yang Jihong Date: Mon Aug 19 11:30:15 2024 +0800 perf sched timehist: Add --show-prio option The --show-prio option is used to display the priority of task. It is disabled by default, which is consistent with original behavior. The display format is xxx (priority does not change during task running) or xxx->yyy (priority changes during task running) Testcase: # perf sched record nice -n 9 true [ perf record: Woken up 0 times to write data ] [ perf record: Captured and wrote 0.497 MB perf.data ] # perf sched timehist -h Usage: perf sched timehist [] -C, --cpu list of cpus to profile -D, --dump-raw-trace dump raw trace in ASCII -f, --force don't complain, do it -g, --call-graph Display call chains if present (default on) -I, --idle-hist Show idle events only -i, --input input file name -k, --vmlinux vmlinux pathname -M, --migrations Show migration events -n, --next Show next task -p, --pid analyze events only for given process id(s) -s, --summary Show only syscall summary with statistics -S, --with-summary Show all syscalls and summary with statistics -t, --tid analyze events only for given thread id(s) -V, --cpu-visual Add CPU visual -v, --verbose be more verbose (show symbol address, etc) -w, --wakeups Show wakeup events --kallsyms kallsyms pathname --max-stack Maximum number of functions to display backtrace. --show-prio Show task priority --state Show task state when sched-out --symfs Look for files with symbols relative to this directory --time Time span for analysis (start,stop) # perf sched timehist Samples of sched_switch event do not have callchains. time cpu task name wait time sch delay run time [tid/pid] (msec) (msec) (msec) --------------- ------ ------------------------------ --------- --------- --------- 23952.006537 [0000] perf[534] 0.000 0.000 0.000 23952.006593 [0000] migration/0[19] 0.000 0.014 0.056 23952.006899 [0001] perf[534] 0.000 0.000 0.000 23952.006947 [0001] migration/1[22] 0.000 0.015 0.047 23952.007138 [0002] perf[534] 0.000 0.000 0.000 # perf sched timehist --show-prio Samples of sched_switch event do not have callchains. time cpu task name prio wait time sch delay run time [tid/pid] (msec) (msec) (msec) --------------- ------ ------------------------------ -------- --------- --------- --------- 23952.006537 [0000] perf[534] 120 0.000 0.000 0.000 23952.006593 [0000] migration/0[19] 0 0.000 0.014 0.056 23952.006899 [0001] perf[534] 120 0.000 0.000 0.000 23952.034843 [0003] nice[535] 120->129 0.189 0.024 23.314 23952.053838 [0005] rcu_preempt[16] 120 3.993 0.000 0.023 23952.053990 [0005] 120 0.023 0.023 0.152 23952.054137 [0006] 120 1.427 1.427 17.855 23952.054278 [0007] 120 0.506 0.506 1.650 Signed-off-by: Yang Jihong Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240819033016.2427235-2-yangjihong@bytedance.com Signed-off-by: Arnaldo Carvalho de Melo commit b93fb9cf45a99042f4472678fc67afd1de47c32e Author: Yang Jihong Date: Mon Aug 12 21:26:06 2024 +0800 perf sched timehist: Remove redundant BUG_ON in timehist_sched_change_event() The BUG_ON(thread__tid(thread) != 0) in timehist_sched_change_event() is redundant, remove it. No functional change. Fixes: 07235f84ece6b66f ("perf sched timehist: Add -I/--idle-hist option") Reviewed-by: Madadi Vineeth Reddy Signed-off-by: Yang Jihong Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240812132606.3126490-2-yangjihong@bytedance.com Signed-off-by: Arnaldo Carvalho de Melo commit 575eec218059f90bf07a4e26b531fd6d54fe1769 Author: Yang Jihong Date: Mon Aug 12 21:26:05 2024 +0800 perf sched timehist: Skip print non-idle task samples when only show idle events when only show idle events, runtime stats of non-idle tasks is not updated, and the value is 0, there is no need to print non-idle samples. Before: # perf sched timehist -I Samples of sched_switch event do not have callchains. time cpu task name wait time sch delay run time [tid/pid] (msec) (msec) (msec) --------------- ------ ------------------------------ --------- --------- --------- 2090450.763235 [0000] migration/0[15] 0.000 0.000 0.000 2090450.763268 [0001] migration/1[21] 0.000 0.000 0.000 2090450.763309 [0002] migration/2[27] 0.000 0.000 0.000 2090450.763343 [0003] migration/3[33] 0.000 0.000 0.000 2090450.763469 [0004] migration/4[39] 0.000 0.000 0.000 2090450.763501 [0005] migration/5[45] 0.000 0.000 0.000 2090450.763622 [0006] migration/6[51] 0.000 0.000 0.000 2090450.763660 [0007] migration/7[57] 0.000 0.000 0.000 2090450.763741 [0009] migration/9[69] 0.000 0.000 0.000 2090450.763862 [0010] migration/10[75] 0.000 0.000 0.000 2090450.763894 [0011] migration/11[81] 0.000 0.000 0.000 2090450.764021 [0012] migration/12[87] 0.000 0.000 0.000 2090450.764056 [0013] migration/13[93] 0.000 0.000 0.000 2090450.764135 [0014] migration/14[99] 0.000 0.000 0.000 2090450.764163 [0015] migration/15[105] 0.000 0.000 0.000 2090450.764292 [0016] migration/16[111] 0.000 0.000 0.000 2090450.764371 [0017] migration/17[117] 0.000 0.000 0.000 2090450.764422 [0018] migration/18[123] 0.000 0.000 0.000 2090450.764490 [0000] 0.000 0.000 1.255 2090450.764505 [0000] s1-perf[8235/7168] 0.000 0.000 0.000 2090450.764571 [0016] 0.000 0.000 0.278 2090450.764588 [0010] 0.000 0.000 0.725 2090450.764590 [0016] s1-agent[7179/7162] 0.000 0.000 0.000 2090450.764635 [0000] 0.015 0.015 0.129 2090450.764637 [0017] 0.000 0.000 0.266 2090450.764639 [0000] s1-perf[8235/7168] 0.000 0.000 0.000 2090450.764668 [0017] s1-agent[7180/7162] 0.000 0.000 0.000 2090450.764669 [0000] 0.003 0.003 0.029 2090450.764672 [0000] s1-perf[8235/7168] 0.000 0.000 0.000 2090450.764683 [0000] 0.003 0.003 0.010 After: # perf sched timehist -I Samples of sched_switch event do not have callchains. time cpu task name wait time sch delay run time [tid/pid] (msec) (msec) (msec) --------------- ------ ------------------------------ --------- --------- --------- 2090450.764490 [0000] 0.000 0.000 1.255 2090450.764571 [0016] 0.000 0.000 0.278 2090450.764588 [0010] 0.000 0.000 0.725 2090450.764635 [0000] 0.015 0.015 0.129 2090450.764637 [0017] 0.000 0.000 0.266 2090450.764669 [0000] 0.003 0.003 0.029 2090450.764683 [0000] 0.003 0.003 0.010 2090450.764688 [0016] 0.019 0.019 0.097 2090450.764694 [0000] 0.001 0.001 0.009 2090450.764706 [0000] 0.001 0.001 0.010 2090450.764725 [0002] 0.000 0.000 1.415 2090450.764728 [0000] 0.002 0.002 0.019 2090450.764823 [0000] 0.003 0.003 0.091 2090450.764838 [0019] 0.000 0.000 0.154 2090450.764865 [0002] 0.109 0.109 0.029 2090450.764866 [0000] 0.012 0.012 0.030 2090450.764880 [0002] 0.013 0.013 0.001 2090450.764880 [0000] 0.002 0.002 0.011 2090450.764896 [0000] 0.001 0.001 0.013 2090450.764903 [0019] 0.063 0.063 0.002 2090450.764908 [0019] 0.003 0.003 0.001 Fixes: 07235f84ece6b66f ("perf sched timehist: Add -I/--idle-hist option") Signed-off-by: Yang Jihong Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240812132606.3126490-1-yangjihong@bytedance.com Reviewed-and-tested-by: Madadi Vineeth Reddy Signed-off-by: Arnaldo Carvalho de Melo commit 1a5c486300e5ae9dac9bc294023a4667b75a5418 Author: Justin Iurman Date: Fri Aug 30 21:19:19 2024 +0200 ioam6: improve checks on user data This patch improves two checks on user data. The first one prevents bit 23 from being set, as specified by RFC 9197 (Sec 4.4.1): Bit 23 Reserved; MUST be set to zero upon transmission and be ignored upon receipt. This bit is reserved to allow for future extensions of the IOAM Trace-Type bit field. The second one checks that the tunnel destination address != IPV6_ADDR_ANY, just like we already do for the tunnel source address. Signed-off-by: Justin Iurman Link: https://patch.msgid.link/20240830191919.51439-1-justin.iurman@uliege.be Signed-off-by: Jakub Kicinski commit 97b766f989bcd06e5a7651b1080001d7327012f5 Author: Chen Yufan Date: Fri Aug 23 15:03:19 2024 +0800 wifi: mwifiex: Convert to use jiffies macro Use time_after macro instead of using jiffies directly to handle wraparound. Change the type to to unsigned long to avoid unnecessary casts. Signed-off-by: Chen Yufan Acked-by: Brian Norris Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240823070320.430753-1-chenyufan@vivo.com commit 0c896eceb5f348b5e314f5cd5faad966f09a56ff Author: Marek Vasut Date: Wed Aug 21 20:36:54 2024 +0200 wifi: wilc1000: Re-enable RTC clock on resume The wilc_sdio_suspend() does clk_disable_unprepare() on rtc_clk clock, make sure wilc_sdio_resume() does matching clk_prepare_enable(), else any suspend/resume cycle leads to clock disable/enable imbalance. Fix the imbalance. Signed-off-by: Marek Vasut Reviewed-by: Alexis Lothoré Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240821183717.163235-1-marex@denx.de commit b0dc7018477e8fbb7e40c908c29cf663d06b17a7 Author: Marek Vasut Date: Wed Aug 21 20:36:03 2024 +0200 wifi: wilc1000: Do not operate uninitialized hardware during suspend/resume In case the hardware is not initialized, do not operate it during suspend/resume cycle, the hardware is already off so there is no reason to access it. In fact, wilc_sdio_enable_interrupt() in the resume callback does interfere with the same call when initializing the hardware after resume and makes such initialization after resume fail. Fix this by not operating uninitialized hardware during suspend/resume. Signed-off-by: Marek Vasut Reviewed-by: Alexis Lothoré Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240821183639.163187-1-marex@denx.de commit d38792292be7113e73ba77383ed687ec87e8f7b5 Author: Jinjie Ruan Date: Wed Aug 21 15:02:57 2024 +0800 wifi: brcmsmac: Use kvmemdup to simplify the code Use kvmemdup instead of kvmalloc() + memcpy() to simplify the code. No functional change. Signed-off-by: Jinjie Ruan Acked-by: Arend van Spriel Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240821070257.2298559-1-ruanjinjie@huawei.com commit 25f855413885bbce8a0dd5d7dea670a0da1cdbe5 Author: Frank Li Date: Tue Aug 20 10:21:42 2024 -0400 dt-bindings: net: wireless: convert marvel-8xxx.txt to yaml format Convert binding doc marvel-8xxx.txt to yaml format. Additional change: - Remove marvell,caldata_00_txpwrlimit_2g_cfg_set in example. - Remove mmc related property in example. - Add wakeup-source property. - Remove vmmc-supply and mmc-pwrseq. Fix below warning: arch/arm64/boot/dts/freescale/imx8mp-beacon-kit.dtb: /soc@0/bus@30800000/mmc@30b40000/wifi@1: failed to match any schema with compatible: ['marvell,sd8997'] Acked-by: Brian Norris Reviewed-by: Rob Herring (Arm) Signed-off-by: Frank Li Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240820142143.443151-1-Frank.Li@nxp.com commit b8600b8791cb2b7c8be894846b1ecddba7291680 Author: Théo Lebrun Date: Wed Jun 19 12:15:12 2024 +0200 PCI: j721e: Add reset GPIO to struct j721e_pcie Add reset GPIO to struct j721e_pcie, so it can be used at suspend and resume stages. Link: https://lore.kernel.org/linux-pci/20240102-j7200-pcie-s2r-v7-4-a2f9156da6c3@bootlin.com Signed-off-by: Théo Lebrun Signed-off-by: Thomas Richard Signed-off-by: Krzysztof Wilczyński commit 7d7ce746a9e109ab0aa30ad3c6107e601cf17045 Author: Thomas Richard Date: Wed Jun 19 12:15:11 2024 +0200 PCI: j721e: Use dev_err_probe() in the probe() function Use dev_err_probe() instead of dev_err() in the probe() function to simplify the code and standardize the error output. Link: https://lore.kernel.org/linux-pci/20240102-j7200-pcie-s2r-v7-3-a2f9156da6c3@bootlin.com Signed-off-by: Thomas Richard Signed-off-by: Krzysztof Wilczyński Reviewed-by: Francesco Dolcini commit 063c938928dc80c2bfd66f34df48344db22e009b Author: Thomas Richard Date: Wed Jun 19 12:15:10 2024 +0200 PCI: cadence: Set cdns_pcie_host_init() global During the resume sequence of the host, cdns_pcie_host_init() needs to be called, so set it global. The dev function parameter is removed, as it isn't used. Link: https://lore.kernel.org/linux-pci/20240102-j7200-pcie-s2r-v7-2-a2f9156da6c3@bootlin.com Signed-off-by: Thomas Richard Signed-off-by: Krzysztof Wilczyński Reviewed-by: Siddharth Vadapalli commit d1b6f2e2ce4d8b17d9f3558c98a1517b864bfd03 Author: Thomas Richard Date: Wed Jun 19 12:15:09 2024 +0200 PCI: cadence: Extract link setup sequence from cdns_pcie_host_setup() The function cdns_pcie_host_setup() mixes probe structure and link setup. The link setup must be done during the resume sequence. So extract it from cdns_pcie_host_setup() and create a dedicated function. Link: https://lore.kernel.org/linux-pci/20240102-j7200-pcie-s2r-v7-1-a2f9156da6c3@bootlin.com Signed-off-by: Thomas Richard Signed-off-by: Krzysztof Wilczyński Reviewed-by: Siddharth Vadapalli commit e066e9aa4d9c869c92d1d03647472e4ce96c0919 Author: Simona Vetter Date: Tue Sep 3 15:20:51 2024 +0200 MAINATINERS: update drm maintainer contacts Also fix a few places in gpu docs that are still relevant, and add a bunch of .mailmap entries. Acked-by: Dave Airlie Signed-off-by: Simona Vetter commit cf082dbedaeb291000ffb2f1dac3b854a928dbee Author: Thomas Bonnefille Date: Thu Aug 29 14:31:50 2024 +0200 dt-bindings: iio: adc: sophgo,cv1800b-saradc: Add Sophgo CV1800B SARADC The Sophgo CV1800B SARADC is a Successive Approximation ADC that can be found in the Sophgo CV1800B SoC. Signed-off-by: Thomas Bonnefille Reviewed-by: Conor Dooley Link: https://patch.msgid.link/20240829-sg2002-adc-v5-1-aacb381e869b@bootlin.com Signed-off-by: Jonathan Cameron commit 3c6b818b097dd6932859bcc3d6722a74ec5931c1 Author: Zhu Jun Date: Wed Aug 28 02:31:29 2024 -0700 tools/iio: Add memory allocation failure check for trigger_name Added a check to handle memory allocation failure for `trigger_name` and return `-ENOMEM`. Signed-off-by: Zhu Jun Link: https://patch.msgid.link/20240828093129.3040-1-zhujun2@cmss.chinamobile.com Signed-off-by: Jonathan Cameron commit da83fd152e544c2222b2e098a3ce0f704617eb24 Author: Andy Shevchenko Date: Tue Aug 27 00:22:40 2024 +0300 iio: imu: st_lsm6dsx: Remove useless dev_fwnode() calls The device property APIs designed that way that they will return an error when there is no valid fwnode provided. Moreover, the check for NULL of dev_fwnode() is not fully correct as in some (currently rare) cases it may contain an error pointer. This is not a problem anyway (see keyword 'valid' above) that's why the code works properly even without this change. Signed-off-by: Andy Shevchenko Link: https://patch.msgid.link/20240826212344.866928-3-andy.shevchenko@gmail.com Signed-off-by: Jonathan Cameron commit 17601ab9d75918b11515b7f23730f99059cf038e Author: Andy Shevchenko Date: Tue Aug 27 00:22:39 2024 +0300 iio: imu: st_lsm6dsx: Use iio_read_acpi_mount_matrix() helper Replace the duplicate ACPI "ROTM" data parsing code with the new shared iio_read_acpi_mount_matrix() helper. Signed-off-by: Andy Shevchenko Link: https://patch.msgid.link/20240826212344.866928-2-andy.shevchenko@gmail.com Signed-off-by: Jonathan Cameron commit 2f1dddc922a4d77162f839ee8faa50209bbe5168 Author: Rob Herring (Arm) Date: Mon Aug 26 14:17:28 2024 -0500 iio: adc: mcp320x: Drop vendorless compatible strings The vendorless compatible strings are deprecated and weren't retained when the binding was converted to schema. As a result, they are listed as undocumented when running "make dt_compatible_check". Rather than add them back to the schema, let's just drop them as they are unnecessary. Furthermore, they are unnecessary as the SPI matching will strip the vendor prefix on compatible string and match that against the spi_device_id table. Signed-off-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240826191728.1415189-1-robh@kernel.org Signed-off-by: Jonathan Cameron commit 631598c419985327110135efb696d9f9fe67bffd Author: Bartosz Golaszewski Date: Wed Aug 14 11:26:29 2024 +0200 iio: dac: ad5449: drop support for platform data There are no longer any users of the platform data struct. Remove support for it from the driver. Signed-off-by: Bartosz Golaszewski Link: https://patch.msgid.link/20240814092629.9862-1-brgl@bgdev.pl Signed-off-by: Jonathan Cameron commit 31c022a4f4bbdf9787bbb9549e37597344ee46b5 Author: Javier Carrasco Date: Tue Aug 20 21:02:26 2024 +0200 iio: adc: xilinx-ams: use device_* to iterate over device child nodes Use `device_for_each_child_node_scoped()` in `ams_parse_firmware()` to explicitly state device child node access, and simplify the child node handling as it is not required outside the loop. Signed-off-by: Javier Carrasco Reviewed-by: Mike Leach Link: https://patch.msgid.link/20240820-device_child_node_access-v3-1-1ee09bdedb9e@gmail.com Signed-off-by: Jonathan Cameron commit 192be245741a1f3c05221b49282f3f4795aebb2c Author: David Lechner Date: Tue Aug 20 10:58:38 2024 -0500 iio: ABI: document ad4695 new attributes The ad4695 driver now supports calibration using the in_voltageY_calib{scale,bias}[_available] attributes. Only one of these was documented before. This adds rest. Signed-off-by: David Lechner Link: https://patch.msgid.link/20240820-ad4695-gain-offset-v1-4-c8f6e3b47551@baylibre.com Signed-off-by: Jonathan Cameron commit b5fe2f7bac9cec5f39cbfd55bc70d974a315c8b2 Author: David Lechner Date: Tue Aug 20 10:58:37 2024 -0500 doc: iio: ad4695: update for calibration support Calibration support has been added to the ad4695 driver, so update the documentation to reflect this. Signed-off-by: David Lechner Link: https://patch.msgid.link/20240820-ad4695-gain-offset-v1-3-c8f6e3b47551@baylibre.com Signed-off-by: Jonathan Cameron commit 7763e40f35af295e051a0065c14fec528e3c99e6 Author: David Lechner Date: Tue Aug 20 10:58:36 2024 -0500 iio: adc: ad4695: implement calibration support The AD4695 has a calibration feature that allows the user to compensate for variations in the analog front end. This implements this feature in the driver using the standard `calibgain` and `calibbias` attributes. Signed-off-by: David Lechner Link: https://patch.msgid.link/20240820-ad4695-gain-offset-v1-2-c8f6e3b47551@baylibre.com Signed-off-by: Jonathan Cameron commit 2ba49fc41b1c399a98468b0e144cfb6f3ad37b64 Author: David Lechner Date: Tue Aug 20 10:58:35 2024 -0500 iio: adc: ad4695: add 2nd regmap for 16-bit registers The AD4695 and similar chips have some multibyte registers that have to be read/written in a single operation. So we need to add a 2nd regmap for these registers. These registers are removed from the 8-bit regmap allowable ranges and AD4695_MAX_REG is dropped since it would be ambiguous now. debugfs register access is also updated to automatically use the correct regmap depending on the register address. Signed-off-by: David Lechner Link: https://patch.msgid.link/20240820-ad4695-gain-offset-v1-1-c8f6e3b47551@baylibre.com Signed-off-by: Jonathan Cameron commit 16531118ba63dd9bcd65203d04a9c9d6f6800547 Author: Denis Benato Date: Sat Aug 24 16:11:22 2024 +0200 iio: bmi323: peripheral in lowest power state on suspend The bmi323 is mounted on some devices that are powered by an internal battery: help in reducing system overall power drain while the system is in s2idle or the imu driver is not loaded by resetting it in its lowest power draining state. Signed-off-by: Denis Benato Link: https://patch.msgid.link/20240824141122.334620-2-benato.denis96@gmail.com Signed-off-by: Jonathan Cameron commit 525e9cd5ac056e827b7a31bf48b8980d5f2e726b Author: Andy Shevchenko Date: Sat Aug 24 02:01:07 2024 +0300 iio: accel: bmc150: Improve bmc150_apply_bosc0200_acpi_orientation() By using ACPI_HANDLE() the handler argument can be retrieved directly. Replace ACPI_COMPANION() + dereference with ACPI_HANDLE(). Signed-off-by: Andy Shevchenko Link: https://patch.msgid.link/20240823230107.745900-1-andy.shevchenko@gmail.com Signed-off-by: Jonathan Cameron commit 3f131813d70191f187f804c176a03d4f9e80ba73 Author: Andy Shevchenko Date: Sat Aug 24 02:00:56 2024 +0300 iio: accel: bmc150: use fwnode_irq_get_byname() Use the generic fwnode_irq_get_byname() in place of of_irq_get_byname() to get the IRQ number from the interrupt pin. Signed-off-by: Andy Shevchenko Link: https://patch.msgid.link/20240823230056.745872-1-andy.shevchenko@gmail.com Signed-off-by: Jonathan Cameron commit dae65fc2bc76851520bd4ae748fe09656cc65057 Author: Andy Shevchenko Date: Sat Aug 24 01:07:18 2024 +0300 iio: proximity: cros_ec_mkbp_proximity: Switch to including mod_devicetable.h for struct of_device_id definition of.h was only included for this definition, so include the correct header instead. Signed-off-by: Andy Shevchenko Link: https://patch.msgid.link/20240823220718.743596-1-andy.shevchenko@gmail.com Signed-off-by: Jonathan Cameron commit 89cf93bfb3bedbaa1b7678c66cabd7ba0df6f05c Author: Danila Tikhonov Date: Mon Aug 19 00:29:42 2024 +0200 iio: magnetometer: ak8975: Add AK09118 support Add additional AK09118 to the magnetometer driver which has the same register mapping and scaling as the AK09112 device. Signed-off-by: Danila Tikhonov Acked-by: Krzysztof Kozlowski Signed-off-by: Barnabás Czémán Link: https://patch.msgid.link/20240819-ak09918-v4-4-f0734d14cfb9@mainlining.org Signed-off-by: Jonathan Cameron commit c19bf7faea5b3e85c8a6da12155b3968c6105ba3 Author: Danila Tikhonov Date: Mon Aug 19 00:29:41 2024 +0200 dt-bindings: iio: magnetometer: Add ak09118 Document asahi-kasei,ak09918 compatible as a fallback compatible, ak09918 is register compatible with ak09912. Signed-off-by: Danila Tikhonov Signed-off-by: Barnabás Czémán Acked-by: Conor Dooley Link: https://patch.msgid.link/20240819-ak09918-v4-3-f0734d14cfb9@mainlining.org Signed-off-by: Jonathan Cameron commit 129464e86c7445a858b790ac2d28d35f58256bbe Author: Barnabás Czémán Date: Mon Aug 19 00:29:40 2024 +0200 iio: magnetometer: ak8975: Fix reading for ak099xx sensors Move ST2 reading with overflow handling after measurement data reading. ST2 register read have to be read after read measurment data, because it means end of the reading and realease the lock on the data. Remove ST2 read skip on interrupt based waiting because ST2 required to be read out at and of the axis read. Fixes: 57e73a423b1e ("iio: ak8975: add ak09911 and ak09912 support") Signed-off-by: Barnabás Czémán Link: https://patch.msgid.link/20240819-ak09918-v4-2-f0734d14cfb9@mainlining.org Cc: Signed-off-by: Jonathan Cameron commit 3b92fc43bfd961fe83c82efd6bc8a852a29ea4de Author: Barnabás Czémán Date: Mon Aug 19 00:29:39 2024 +0200 iio: magnetometer: ak8975: Relax failure on unknown id Relax failure when driver gets an unknown device id for allow probe for register compatible devices. Signed-off-by: Barnabás Czémán Link: https://patch.msgid.link/20240819-ak09918-v4-1-f0734d14cfb9@mainlining.org Signed-off-by: Jonathan Cameron commit b4bcdff7e839237d89a2aa15b6042b96b0240ac4 Author: Abhinav Jain Date: Sat Aug 10 19:23:33 2024 +0530 selftests: filesystems: fix warn_unused_result build warnings Add return value checks for read & write calls in test_listmount_ns function. This patch resolves below compilation warnings: ``` statmount_test_ns.c: In function ‘test_listmount_ns’: statmount_test_ns.c:322:17: warning: ignoring return value of ‘write’ declared with attribute ‘warn_unused_result’ [-Wunused-result] statmount_test_ns.c:323:17: warning: ignoring return value of ‘read’ declared with attribute ‘warn_unused_result’ [-Wunused-result] ``` Signed-off-by: Abhinav Jain Signed-off-by: Shuah Khan commit 761e5afb6ddbfd4c0523ec294b7d24f3652912c7 Author: Jens Axboe Date: Tue Sep 3 09:52:43 2024 -0600 MAINTAINERS: move the BFQ io scheduler to orphan state Nobody is maintaining this code, and it just falls under the umbrella of block layer code. But at least mark it as such, in case anyone wants to care more deeply about it and assume the responsibility of doing so. Reviewed-by: Bart Van Assche Signed-off-by: Jens Axboe commit e1991d102bc2abb32331c462f8f3e77059c69578 Author: Alexandre Mergnat Date: Mon Jul 22 08:53:40 2024 +0200 ASoC: mediatek: mt8365: Add the AFE driver support Add a driver for the Audio Front End (AFE) PCM to provide Audio Uplink (UL) and Downlink (DL) paths. Use the ALSA SoC Dynamic Audio Power Management to add widget and kcontrol supports. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://patch.msgid.link/20240226-audio-i350-v7-11-6518d953a141@baylibre.com Signed-off-by: Mark Brown commit 1bf6dbd75f7603dd026660bebf324f812200dc1b Author: Nicolas Belin Date: Mon Jul 22 08:53:39 2024 +0200 ASoc: mediatek: mt8365: Add a specific soundcard for EVK Add a specific soundcard for mt8365-evk. It supports audio jack in/out, dmics, the amic and lineout. Signed-off-by: Nicolas Belin Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://patch.msgid.link/20240226-audio-i350-v7-10-6518d953a141@baylibre.com Signed-off-by: Mark Brown commit 5097c0c8634d703e3c59cfb89831b7db9dc46339 Author: Alexandre Mergnat Date: Mon Jul 22 08:53:38 2024 +0200 ASoC: mediatek: mt8365: Add PCM DAI support Add Pulse Code Modulation Device Audio Interface support for MT8365 SoC. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://patch.msgid.link/20240226-audio-i350-v7-9-6518d953a141@baylibre.com Signed-off-by: Mark Brown commit 1c50ec75ce6c0c6b5736499393e522f73e19d0cf Author: Alexandre Mergnat Date: Mon Jul 22 08:53:37 2024 +0200 ASoC: mediatek: mt8365: Add DMIC DAI support Add Digital Micro Device Audio Interface support for MT8365 SoC. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://patch.msgid.link/20240226-audio-i350-v7-8-6518d953a141@baylibre.com Signed-off-by: Mark Brown commit 7c58c88e524180e8439acdfc44872325e7f6d33d Author: Alexandre Mergnat Date: Mon Jul 22 08:53:36 2024 +0200 ASoC: mediatek: mt8365: Add ADDA DAI support Add ADDA Device Audio Interface support for MT8365 SoC. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://patch.msgid.link/20240226-audio-i350-v7-7-6518d953a141@baylibre.com Signed-off-by: Mark Brown commit 402bbb13a195caa83b3279ebecdabfb11ddee084 Author: Alexandre Mergnat Date: Mon Jul 22 08:53:35 2024 +0200 ASoC: mediatek: mt8365: Add I2S DAI support Add I2S Device Audio Interface support for MT8365 SoC. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://patch.msgid.link/20240226-audio-i350-v7-6-6518d953a141@baylibre.com Signed-off-by: Mark Brown commit ef307b40b7f0042d54f020bccb3e728ced292282 Author: Alexandre Mergnat Date: Mon Jul 22 08:53:34 2024 +0200 ASoC: mediatek: mt8365: Add audio clock control support Add audio clock wrapper and audio tuner control. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://patch.msgid.link/20240226-audio-i350-v7-5-6518d953a141@baylibre.com Signed-off-by: Mark Brown commit 38c7c9ddc74033406461d64e541bbc8268e77f73 Author: Alexandre Mergnat Date: Mon Jul 22 08:53:33 2024 +0200 ASoC: mediatek: mt8365: Add common header Add header files for register definition and structure. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://patch.msgid.link/20240226-audio-i350-v7-4-6518d953a141@baylibre.com Signed-off-by: Mark Brown commit 761cab667898d86c04867948f1b7aec1090be796 Author: Alexandre Mergnat Date: Mon Jul 22 08:53:32 2024 +0200 dt-bindings: mfd: mediatek: Add codec property for MT6357 PMIC Add the audio codec sub-device. This sub-device is used to set the optional voltage values according to the hardware. The properties are: - Setup of microphone bias voltage. - Setup of the speaker pin pull-down. Also, add the audio power supply property which is dedicated for the audio codec sub-device. Signed-off-by: Alexandre Mergnat Link: https://patch.msgid.link/20240226-audio-i350-v7-3-6518d953a141@baylibre.com Reviewed-by: Krzysztof Kozlowski Signed-off-by: Mark Brown commit 76d80dcdd55f70b28930edb97b96ee375e1cce5a Author: Alexandre Mergnat Date: Mon Jul 22 08:53:31 2024 +0200 ASoC: dt-bindings: mediatek,mt8365-mt6357: Add audio sound card document Add soundcard bindings for the MT8365 SoC with the MT6357 audio codec. Reviewed-by: AngeloGioacchino Del Regno Reviewed-by: Krzysztof Kozlowski Signed-off-by: Alexandre Mergnat Link: https://patch.msgid.link/20240226-audio-i350-v7-2-6518d953a141@baylibre.com Signed-off-by: Mark Brown commit ceb3ca2876243e3ea02f78b3d488b1f2d734de49 Author: Alexandre Mergnat Date: Mon Jul 22 08:53:30 2024 +0200 ASoC: dt-bindings: mediatek,mt8365-afe: Add audio afe document Add MT8365 audio front-end bindings Reviewed-by: Krzysztof Kozlowski Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Alexandre Mergnat Link: https://patch.msgid.link/20240226-audio-i350-v7-1-6518d953a141@baylibre.com Signed-off-by: Mark Brown commit 8da19441d0a02b53e362df81843bb20db3a8006a Author: Rodrigo Vivi Date: Fri Aug 30 14:35:07 2024 -0400 drm/xe/display: Avoid encoder_suspend at runtime suspend Fix circular locking dependency on runtime suspend. <4> [74.952215] ====================================================== <4> [74.952217] WARNING: possible circular locking dependency detected <4> [74.952219] 6.10.0-rc7-xe #1 Not tainted <4> [74.952221] ------------------------------------------------------ <4> [74.952223] kworker/7:1/82 is trying to acquire lock: <4> [74.952226] ffff888120548488 (&dev->mode_config.mutex){+.+.}-{3:3}, at: drm_modeset_lock_all+0x40/0x1e0 [drm] <4> [74.952260] but task is already holding lock: <4> [74.952262] ffffffffa0ae59c0 (xe_pm_runtime_lockdep_map){+.+.}-{0:0}, at: xe_pm_runtime_suspend+0x2f/0x340 [xe] <4> [74.952322] which lock already depends on the new lock. The commit 'b1d90a86 ("drm/xe: Use the encoder suspend helper also used by the i915 driver")' didn't do anything wrong. It actually fixed a critical bug, because the encoder_suspend was never getting actually called because it was returning if (has_display(xe)) instead of if (!has_display(xe)). However, this ended up introducing the encoder suspend calls in the runtime routines as well, causing the circular locking dependency. Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2304 Fixes: b1d90a862c89 ("drm/xe: Use the encoder suspend helper also used by the i915 driver") Cc: Imre Deak Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240830183507.298351-2-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit bc947d9a8c3ebd207e52c0e35cfc88f3e1abe54f Author: Rodrigo Vivi Date: Fri Aug 30 14:35:06 2024 -0400 drm/xe: Add missing runtime reference to wedged upon gt_reset Fixes this missed case: xe 0000:00:02.0: [drm] Missing outer runtime PM protection WARNING: CPU: 99 PID: 1455 at drivers/gpu/drm/xe/xe_pm.c:564 xe_pm_runtime_get_noresume+0x48/0x60 [xe] Call Trace: ? show_regs+0x67/0x70 ? __warn+0x94/0x1b0 ? xe_pm_runtime_get_noresume+0x48/0x60 [xe] ? report_bug+0x1b7/0x1d0 ? handle_bug+0x46/0x80 ? exc_invalid_op+0x19/0x70 ? asm_exc_invalid_op+0x1b/0x20 ? xe_pm_runtime_get_noresume+0x48/0x60 [xe] xe_device_declare_wedged+0x91/0x280 [xe] gt_reset_worker+0xa2/0x250 [xe] v2: Also move get and get the right Fixes tag (Himal, Brost) Fixes: fb74b205cdd2 ("drm/xe: Introduce a simple wedged state") Cc: Himal Prasad Ghimiray Cc: Matthew Brost Reviewed-by: Jonathan Cavitt Reviewed-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240830183507.298351-1-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit b0cdf9cc089525da330919d1bcd3b92655aaa621 Author: Detlev Casanova Date: Tue Sep 3 11:22:37 2024 -0400 spi: dt-bindings: Add rockchip,rk3576-spi compatible It is compatible with the rockchip,rk3066-spi SPI core. Signed-off-by: Detlev Casanova Acked-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240903152308.13565-8-detlev.casanova@collabora.com Signed-off-by: Mark Brown commit 4201f3938914d8df3c761754b9726770c4225d66 Author: Pablo Neira Ayuso Date: Tue Sep 3 01:09:58 2024 +0200 netfilter: nf_tables: set element timeout update support Store new timeout and expiration in transaction object, use them to update elements from .commit path. Otherwise, discard update if .abort path is exercised. Use update_flags in the transaction to note whether the timeout, expiration, or both need to be updated. Annotate access to timeout extension now that it can be updated while lockless read access is possible. Reject timeout updates on elements with no timeout extension. Element transaction remains in the 96 bytes kmalloc slab on x86_64 after this update. This patch requires ("netfilter: nf_tables: use timestamp to check for set element timeout") to make sure an element does not expire while transaction is ongoing. Signed-off-by: Pablo Neira Ayuso commit 8bfb74ae12fa4cd3c9b49bb5913610b5709bffd7 Author: Pablo Neira Ayuso Date: Tue Sep 3 01:09:27 2024 +0200 netfilter: nf_tables: zero timeout means element never times out This patch uses zero as timeout marker for those elements that never expire when the element is created. If userspace provides no timeout for an element, then the default set timeout applies. However, if no default set timeout is specified and timeout flag is set on, then timeout extension is allocated and timeout is set to zero to allow for future updates. Use of zero a never timeout marker has been suggested by Phil Sutter. Note that, in older kernels, it is already possible to define elements that never expire by declaring a set with the set timeout flag set on and no global set timeout, in this case, new element with no explicit timeout never expire do not allocate the timeout extension, hence, they never expire. This approach makes it complicated to accomodate element timeout update, because element extensions do not support reallocations. Therefore, allocate the timeout extension and use the new marker for this case, but do not expose it to userspace to retain backward compatibility in the set listing. Signed-off-by: Pablo Neira Ayuso commit 4c5daea9af4fce6628b8ca9e6a332529bbf26809 Author: Pablo Neira Ayuso Date: Tue Sep 3 01:09:17 2024 +0200 netfilter: nf_tables: consolidate timeout extension for elements Expiration and timeout are stored in separated set element extensions, but they are tightly coupled. Consolidate them in a single extension to simplify and prepare for set element updates. Signed-off-by: Pablo Neira Ayuso commit 73d3c04b710f0c144ce873dfe4f173a55c749539 Author: Pablo Neira Ayuso Date: Tue Sep 3 01:08:58 2024 +0200 netfilter: nf_tables: annotate data-races around element expiration element expiration can be read-write locklessly, it can be written by dynset and read from netlink dump, add annotation. Signed-off-by: Pablo Neira Ayuso commit c5ad8ed61fa8410b272c077ec167c593602b4542 Author: Pablo Neira Ayuso Date: Tue Sep 3 01:08:49 2024 +0200 netfilter: nft_dynset: annotate data-races around set timeout set timeout can be read locklessly while being updated from control plane, add annotation. Fixes: 123b99619cca ("netfilter: nf_tables: honor set timeout and garbage collection updates") Signed-off-by: Pablo Neira Ayuso commit 15d8605c0cf4fc9cf4386cae658c68a0fd4bdb92 Author: Pablo Neira Ayuso Date: Tue Sep 3 01:07:06 2024 +0200 netfilter: nf_tables: remove annotation to access set timeout while holding lock Mutex is held when adding an element, no need for READ_ONCE, remove it. Fixes: 123b99619cca ("netfilter: nf_tables: honor set timeout and garbage collection updates") Signed-off-by: Pablo Neira Ayuso commit c0f38a8c60174368aed1d0f9965d733195f15033 Author: Pablo Neira Ayuso Date: Tue Sep 3 01:06:58 2024 +0200 netfilter: nf_tables: reject expiration higher than timeout Report ERANGE to userspace if user specifies an expiration larger than the timeout. Fixes: 8e1102d5a159 ("netfilter: nf_tables: support timeouts larger than 23 days") Signed-off-by: Pablo Neira Ayuso commit d2dc429ecb4e79ad164028d965c00f689e6f6d06 Author: Pablo Neira Ayuso Date: Tue Sep 3 01:06:49 2024 +0200 netfilter: nf_tables: reject element expiration with no timeout If element timeout is unset and set provides no default timeout, the element expiration is silently ignored, reject this instead to let user know this is unsupported. Also prepare for supporting timeout that never expire, where zero timeout and expiration must be also rejected. Fixes: 8e1102d5a159 ("netfilter: nf_tables: support timeouts larger than 23 days") Signed-off-by: Pablo Neira Ayuso commit e0c47281723f301894c14e6f5cd5884fdfb813f9 Author: Pablo Neira Ayuso Date: Tue Sep 3 01:06:41 2024 +0200 netfilter: nf_tables: elements with timeout below CONFIG_HZ never expire Element timeout that is below CONFIG_HZ never expires because the timeout extension is not allocated given that nf_msecs_to_jiffies64() returns 0. Set timeout to the minimum value to honor timeout. Fixes: 8e1102d5a159 ("netfilter: nf_tables: support timeouts larger than 23 days") Signed-off-by: Pablo Neira Ayuso commit 2994586e2c484c5a3e799ba8e3f218894b8b0bb7 Merge: 611a96f6acf2e7 562755501d44cf Author: Takashi Iwai Date: Tue Sep 3 18:07:46 2024 +0200 Merge branch 'for-linus' into for-next Pull 6.11 devel branch. The conflicts in HD-audio Realtek codec driver got resolved. Signed-off-by: Takashi Iwai commit 611a96f6acf2e74fe28cb90908a9c183862348ce Author: Asahi Lina Date: Tue Sep 3 19:52:30 2024 +0900 ALSA: usb-audio: Add mixer quirk for RME Digiface USB Implement sync, output format, and input status mixer controls, to allow the interface to be used as a straight ADAT/SPDIF (+ Headphones) I/O interface. This does not implement the matrix mixer, output gain controls, or input level meter feedback. The full mixer interface is only really usable using a dedicated userspace control app (there are too many mixer nodes for alsamixer to be usable), so for now we leave it up to userspace to directly control these features using raw USB control messages. This is similar to how it's done with some FireWire interfaces (ffado-mixer). Signed-off-by: Asahi Lina Link: https://patch.msgid.link/20240903-rme-digiface-v2-2-71b06c912e97@asahilina.net Signed-off-by: Takashi Iwai commit c032044e9672408c534d64a6df2b1ba14449e948 Author: Cyan Nyan Date: Tue Sep 3 19:52:29 2024 +0900 ALSA: usb-audio: Add quirk for RME Digiface USB Add trivial support for audio streaming on the RME Digiface USB. Binds only to the first interface to allow userspace to directly drive the complex I/O and matrix mixer controls. Signed-off-by: Cyan Nyan [Lina: Added 2x/4x sample rate support & boot/format quirks] Co-developed-by: Asahi Lina Signed-off-by: Asahi Lina Link: https://patch.msgid.link/20240903-rme-digiface-v2-1-71b06c912e97@asahilina.net Signed-off-by: Takashi Iwai commit f45916ae60eb60e7c9c3ac60cf07e66fe1a7faad Author: Yu Kuai Date: Mon Sep 2 21:03:29 2024 +0800 block, bfq: use bfq_reassign_last_bfqq() in bfq_bfqq_move() Instead of open coding it, there are no functional changes. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240902130329.3787024-5-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit 42c306ed723321af4003b2a41bb73728cab54f85 Author: Yu Kuai Date: Mon Sep 2 21:03:28 2024 +0800 block, bfq: don't break merge chain in bfq_split_bfqq() Consider the following scenario: Process 1 Process 2 Process 3 Process 4 (BIC1) (BIC2) (BIC3) (BIC4) Λ | | | \-------------\ \-------------\ \--------------\| V V V bfqq1--------->bfqq2---------->bfqq3----------->bfqq4 ref 0 1 2 4 If Process 1 issue a new IO and bfqq2 is found, and then bfq_init_rq() decide to spilt bfqq2 by bfq_split_bfqq(). Howerver, procress reference of bfqq2 is 1 and bfq_split_bfqq() just clear the coop flag, which will break the merge chain. Expected result: caller will allocate a new bfqq for BIC1 Process 1 Process 2 Process 3 Process 4 (BIC1) (BIC2) (BIC3) (BIC4) | | | \-------------\ \--------------\| V V bfqq1--------->bfqq2---------->bfqq3----------->bfqq4 ref 0 0 1 3 Since the condition is only used for the last bfqq4 when the previous bfqq2 and bfqq3 are already splited. Fix the problem by checking if bfqq is the last one in the merge chain as well. Fixes: 36eca8948323 ("block, bfq: add Early Queue Merge (EQM)") Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240902130329.3787024-4-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit 0e456dba86c7f9a19792204a044835f1ca2c8dbb Author: Yu Kuai Date: Mon Sep 2 21:03:27 2024 +0800 block, bfq: choose the last bfqq from merge chain in bfq_setup_cooperator() Consider the following merge chain: Process 1 Process 2 Process 3 Process 4 (BIC1) (BIC2) (BIC3) (BIC4) Λ | | | \--------------\ \-------------\ \-------------\| V V V bfqq1--------->bfqq2---------->bfqq3----------->bfqq4 IO from Process 1 will get bfqf2 from BIC1 first, then bfq_setup_cooperator() will found bfqq2 already merged to bfqq3 and then handle this IO from bfqq3. However, the merge chain can be much deeper and bfqq3 can be merged to other bfqq as well. Fix this problem by iterating to the last bfqq in bfq_setup_cooperator(). Fixes: 36eca8948323 ("block, bfq: add Early Queue Merge (EQM)") Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240902130329.3787024-3-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit 18ad4df091dd5d067d2faa8fce1180b79f7041a7 Author: Yu Kuai Date: Mon Sep 2 21:03:26 2024 +0800 block, bfq: fix possible UAF for bfqq->bic with merge chain 1) initial state, three tasks: Process 1 Process 2 Process 3 (BIC1) (BIC2) (BIC3) | Λ | Λ | Λ | | | | | | V | V | V | bfqq1 bfqq2 bfqq3 process ref: 1 1 1 2) bfqq1 merged to bfqq2: Process 1 Process 2 Process 3 (BIC1) (BIC2) (BIC3) | | | Λ \--------------\| | | V V | bfqq1--------->bfqq2 bfqq3 process ref: 0 2 1 3) bfqq2 merged to bfqq3: Process 1 Process 2 Process 3 (BIC1) (BIC2) (BIC3) here -> Λ | | \--------------\ \-------------\| V V bfqq1--------->bfqq2---------->bfqq3 process ref: 0 1 3 In this case, IO from Process 1 will get bfqq2 from BIC1 first, and then get bfqq3 through merge chain, and finially handle IO by bfqq3. Howerver, current code will think bfqq2 is owned by BIC1, like initial state, and set bfqq2->bic to BIC1. bfq_insert_request -> by Process 1 bfqq = bfq_init_rq(rq) bfqq = bfq_get_bfqq_handle_split bfqq = bic_to_bfqq -> get bfqq2 from BIC1 bfqq->ref++ rq->elv.priv[0] = bic rq->elv.priv[1] = bfqq if (bfqq_process_refs(bfqq) == 1) bfqq->bic = bic -> record BIC1 to bfqq2 __bfq_insert_request new_bfqq = bfq_setup_cooperator -> get bfqq3 from bfqq2->new_bfqq bfqq_request_freed(bfqq) new_bfqq->ref++ rq->elv.priv[1] = new_bfqq -> handle IO by bfqq3 Fix the problem by checking bfqq is from merge chain fist. And this might fix a following problem reported by our syzkaller(unreproducible): ================================================================== BUG: KASAN: slab-use-after-free in bfq_do_early_stable_merge block/bfq-iosched.c:5692 [inline] BUG: KASAN: slab-use-after-free in bfq_do_or_sched_stable_merge block/bfq-iosched.c:5805 [inline] BUG: KASAN: slab-use-after-free in bfq_get_queue+0x25b0/0x2610 block/bfq-iosched.c:5889 Write of size 1 at addr ffff888123839eb8 by task kworker/0:1H/18595 CPU: 0 PID: 18595 Comm: kworker/0:1H Tainted: G L 6.6.0-07439-gba2303cacfda #6 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Workqueue: kblockd blk_mq_requeue_work Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:364 [inline] print_report+0x10d/0x610 mm/kasan/report.c:475 kasan_report+0x8e/0xc0 mm/kasan/report.c:588 bfq_do_early_stable_merge block/bfq-iosched.c:5692 [inline] bfq_do_or_sched_stable_merge block/bfq-iosched.c:5805 [inline] bfq_get_queue+0x25b0/0x2610 block/bfq-iosched.c:5889 bfq_get_bfqq_handle_split+0x169/0x5d0 block/bfq-iosched.c:6757 bfq_init_rq block/bfq-iosched.c:6876 [inline] bfq_insert_request block/bfq-iosched.c:6254 [inline] bfq_insert_requests+0x1112/0x5cf0 block/bfq-iosched.c:6304 blk_mq_insert_request+0x290/0x8d0 block/blk-mq.c:2593 blk_mq_requeue_work+0x6bc/0xa70 block/blk-mq.c:1502 process_one_work kernel/workqueue.c:2627 [inline] process_scheduled_works+0x432/0x13f0 kernel/workqueue.c:2700 worker_thread+0x6f2/0x1160 kernel/workqueue.c:2781 kthread+0x33c/0x440 kernel/kthread.c:388 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:305 Allocated by task 20776: kasan_save_stack+0x20/0x40 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328 kasan_slab_alloc include/linux/kasan.h:188 [inline] slab_post_alloc_hook mm/slab.h:763 [inline] slab_alloc_node mm/slub.c:3458 [inline] kmem_cache_alloc_node+0x1a4/0x6f0 mm/slub.c:3503 ioc_create_icq block/blk-ioc.c:370 [inline] ioc_find_get_icq+0x180/0xaa0 block/blk-ioc.c:436 bfq_prepare_request+0x39/0xf0 block/bfq-iosched.c:6812 blk_mq_rq_ctx_init.isra.7+0x6ac/0xa00 block/blk-mq.c:403 __blk_mq_alloc_requests+0xcc0/0x1070 block/blk-mq.c:517 blk_mq_get_new_requests block/blk-mq.c:2940 [inline] blk_mq_submit_bio+0x624/0x27c0 block/blk-mq.c:3042 __submit_bio+0x331/0x6f0 block/blk-core.c:624 __submit_bio_noacct_mq block/blk-core.c:703 [inline] submit_bio_noacct_nocheck+0x816/0xb40 block/blk-core.c:732 submit_bio_noacct+0x7a6/0x1b50 block/blk-core.c:826 xlog_write_iclog+0x7d5/0xa00 fs/xfs/xfs_log.c:1958 xlog_state_release_iclog+0x3b8/0x720 fs/xfs/xfs_log.c:619 xlog_cil_push_work+0x19c5/0x2270 fs/xfs/xfs_log_cil.c:1330 process_one_work kernel/workqueue.c:2627 [inline] process_scheduled_works+0x432/0x13f0 kernel/workqueue.c:2700 worker_thread+0x6f2/0x1160 kernel/workqueue.c:2781 kthread+0x33c/0x440 kernel/kthread.c:388 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:305 Freed by task 946: kasan_save_stack+0x20/0x40 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 kasan_save_free_info+0x2b/0x50 mm/kasan/generic.c:522 ____kasan_slab_free mm/kasan/common.c:236 [inline] __kasan_slab_free+0x12c/0x1c0 mm/kasan/common.c:244 kasan_slab_free include/linux/kasan.h:164 [inline] slab_free_hook mm/slub.c:1815 [inline] slab_free_freelist_hook mm/slub.c:1841 [inline] slab_free mm/slub.c:3786 [inline] kmem_cache_free+0x118/0x6f0 mm/slub.c:3808 rcu_do_batch+0x35c/0xe30 kernel/rcu/tree.c:2189 rcu_core+0x819/0xd90 kernel/rcu/tree.c:2462 __do_softirq+0x1b0/0x7a2 kernel/softirq.c:553 Last potentially related work creation: kasan_save_stack+0x20/0x40 mm/kasan/common.c:45 __kasan_record_aux_stack+0xaf/0xc0 mm/kasan/generic.c:492 __call_rcu_common kernel/rcu/tree.c:2712 [inline] call_rcu+0xce/0x1020 kernel/rcu/tree.c:2826 ioc_destroy_icq+0x54c/0x830 block/blk-ioc.c:105 ioc_release_fn+0xf0/0x360 block/blk-ioc.c:124 process_one_work kernel/workqueue.c:2627 [inline] process_scheduled_works+0x432/0x13f0 kernel/workqueue.c:2700 worker_thread+0x6f2/0x1160 kernel/workqueue.c:2781 kthread+0x33c/0x440 kernel/kthread.c:388 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:305 Second to last potentially related work creation: kasan_save_stack+0x20/0x40 mm/kasan/common.c:45 __kasan_record_aux_stack+0xaf/0xc0 mm/kasan/generic.c:492 __call_rcu_common kernel/rcu/tree.c:2712 [inline] call_rcu+0xce/0x1020 kernel/rcu/tree.c:2826 ioc_destroy_icq+0x54c/0x830 block/blk-ioc.c:105 ioc_release_fn+0xf0/0x360 block/blk-ioc.c:124 process_one_work kernel/workqueue.c:2627 [inline] process_scheduled_works+0x432/0x13f0 kernel/workqueue.c:2700 worker_thread+0x6f2/0x1160 kernel/workqueue.c:2781 kthread+0x33c/0x440 kernel/kthread.c:388 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:305 The buggy address belongs to the object at ffff888123839d68 which belongs to the cache bfq_io_cq of size 1360 The buggy address is located 336 bytes inside of freed 1360-byte region [ffff888123839d68, ffff88812383a2b8) The buggy address belongs to the physical page: page:ffffea00048e0e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88812383f588 pfn:0x123838 head:ffffea00048e0e00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 flags: 0x17ffffc0000a40(workingset|slab|head|node=0|zone=2|lastcpupid=0x1fffff) page_type: 0xffffffff() raw: 0017ffffc0000a40 ffff88810588c200 ffffea00048ffa10 ffff888105889488 raw: ffff88812383f588 0000000000150006 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff888123839d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff888123839e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb >ffff888123839e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff888123839f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff888123839f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ================================================================== Fixes: 36eca8948323 ("block, bfq: add Early Queue Merge (EQM)") Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240902130329.3787024-2-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit 8f5ea12942ad60a0798fcb68995df8a23b8567b7 Author: Lukas Bulwahn Date: Tue Sep 3 11:39:48 2024 +0200 MAINTAINERS: remove unneeded file entry in INPUT section Commit b9401c658d2c ("MAINTAINERS: add gameport.h, serio.h and uinput.h to INPUT section") adds further header files in ./include/linux/ and ./include/uapi/linux to the INPUT section, but the file ./include/linux/uinput.h does not exist since commit a11bc476b987 ("Input: uinput - fold header into the driver proper") removed this header file in 2017. Fortunately, ./scripts/get_maintainer.pl --self-test=patterns complains about a broken reference. Remove the file entry referring to the non-existing header file in the INPUT section. Signed-off-by: Lukas Bulwahn Link: https://lore.kernel.org/r/20240903093948.122957-1-lukas.bulwahn@redhat.com Signed-off-by: Dmitry Torokhov commit 2749749afa071f8a0e405605de9da615e771a7ce Author: Jiawei Ye Date: Mon Sep 2 08:47:26 2024 +0000 smackfs: Use rcu_assign_pointer() to ensure safe assignment in smk_set_cipso In the `smk_set_cipso` function, the `skp->smk_netlabel.attr.mls.cat` field is directly assigned to a new value without using the appropriate RCU pointer assignment functions. According to RCU usage rules, this is illegal and can lead to unpredictable behavior, including data inconsistencies and impossible-to-diagnose memory corruption issues. This possible bug was identified using a static analysis tool developed by myself, specifically designed to detect RCU-related issues. To address this, the assignment is now done using rcu_assign_pointer(), which ensures that the pointer assignment is done safely, with the necessary memory barriers and synchronization. This change prevents potential RCU dereference issues by ensuring that the `cat` field is safely updated while still adhering to RCU's requirements. Fixes: 0817534ff9ea ("smackfs: Fix use-after-free in netlbl_catmap_walk()") Signed-off-by: Jiawei Ye Signed-off-by: Casey Schaufler commit bf0db8c759ba137cebfeda9eecc1f728cb14dab7 Author: Andi Kleen Date: Thu Feb 29 08:18:28 2024 -0800 perf script: Minimize "not reaching sample" for '-F +brstackinsn' In some situations 'perf script -F +brstackinsn' sees a lot of "not reaching sample" messages. This happens when the last LBR block before the sample contains a branch that is not in the LBR, and the instruction dumping stops. $ perf record -b emacs -Q --batch '()' [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.396 MB perf.data (443 samples) ] $ perf script -F +brstackinsn ... 00007f0ab2d171a4 insn: 41 0f 94 c0 00007f0ab2d171a8 insn: 83 fa 01 00007f0ab2d171ab insn: 74 d3 # PRED 6 cycles [313] 1.00 IPC 00007f0ab2d17180 insn: 45 84 c0 00007f0ab2d17183 insn: 74 28 ... not reaching sample ... $ perf script -F +brstackinsn | grep -c reach 136 $ This is a problem for further analysis that wants to see the full code upto the sample. There are two common cases where the message is bogus: - The LBR only logs taken branches, but the branch might be a conditional branch that is not taken (that is the most common case actually) - The LBR sampling uses a filter ignoring some branches, but the perf script check checks for all branches. This patch fixes these two conditions, by only checking for conditional branches, as well as checking the perf_event_attr's branch filter attributes. For the test case above it fixes all the messages: $ ./perf script -F +brstackinsn | grep -c reach 0 Note that there are still conditions when the message is hit -- sometimes there can be a unconditional branch that misses the LBR update before the sample -- but they are much more rare now. Signed-off-by: Andi Kleen Reviewed-by: Adrian Hunter Link: https://lore.kernel.org/r/20240229161828.386397-1-ak@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 8b3b1bb3ea1f930d44d79dfb0b8cb7d62db08ed6 Author: Namhyung Kim Date: Mon Sep 2 13:05:15 2024 -0700 perf record offcpu: Constify control data for BPF The control knobs set before loading BPF programs should be declared as 'const volatile' so that it can be optimized by the BPF core. Committer testing: root@x1:~# perf record --off-cpu ^C[ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 1.807 MB perf.data (5645 samples) ] root@x1:~# perf evlist cpu_atom/cycles/P cpu_core/cycles/P offcpu-time dummy:u root@x1:~# perf evlist -v cpu_atom/cycles/P: type: 0 (PERF_TYPE_HARDWARE), size: 136, config: 0xa00000000, { sample_period, sample_freq }: 4000, sample_type: IP|TID|TIME|CPU|PERIOD|IDENTIFIER, read_format: ID|LOST, disabled: 1, inherit: 1, freq: 1, precise_ip: 3, sample_id_all: 1 cpu_core/cycles/P: type: 0 (PERF_TYPE_HARDWARE), size: 136, config: 0x400000000, { sample_period, sample_freq }: 4000, sample_type: IP|TID|TIME|CPU|PERIOD|IDENTIFIER, read_format: ID|LOST, disabled: 1, inherit: 1, freq: 1, precise_ip: 3, sample_id_all: 1 offcpu-time: type: 1 (software), size: 136, config: 0xa (PERF_COUNT_SW_BPF_OUTPUT), { sample_period, sample_freq }: 1, sample_type: IP|TID|TIME|CALLCHAIN|CPU|PERIOD|IDENTIFIER, read_format: ID|LOST, disabled: 1, inherit: 1, freq: 1, sample_id_all: 1 dummy:u: type: 1 (software), size: 136, config: 0x9 (PERF_COUNT_SW_DUMMY), { sample_period, sample_freq }: 1, sample_type: IP|TID|TIME|CPU|IDENTIFIER, read_format: ID|LOST, inherit: 1, exclude_kernel: 1, exclude_hv: 1, mmap: 1, comm: 1, task: 1, sample_id_all: 1, exclude_guest: 1, mmap2: 1, comm_exec: 1, ksymbol: 1, bpf_event: 1 root@x1:~# perf trace -e bpf --max-events 5 perf record --off-cpu 0.000 ( 0.015 ms): :2949124/2949124 bpf(cmd: 36, uattr: 0x7ffefc6dbe30, size: 8) = -1 EOPNOTSUPP (Operation not supported) 0.031 ( 0.115 ms): :2949124/2949124 bpf(cmd: PROG_LOAD, uattr: 0x7ffefc6dbb60, size: 148) = 14 0.159 ( 0.037 ms): :2949124/2949124 bpf(cmd: PROG_LOAD, uattr: 0x7ffefc6dbc20, size: 148) = 14 23.868 ( 0.144 ms): perf/2949124 bpf(cmd: PROG_LOAD, uattr: 0x7ffefc6dbad0, size: 148) = 14 24.027 ( 0.014 ms): perf/2949124 bpf(uattr: 0x7ffefc6dbc80, size: 80) = 14 root@x1:~# Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Link: https://lore.kernel.org/r/20240902200515.2103769-6-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 4afdc00c378f34943fb3a3cc08db4babdacb5c5b Author: Namhyung Kim Date: Mon Sep 2 13:05:14 2024 -0700 perf lock contention: Constify control data for BPF The control knobs set before loading BPF programs should be declared as 'const volatile' so that it can be optimized by the BPF core. Committer testing: root@x1:~# perf lock contention --use-bpf contended total wait max wait avg wait type caller 5 31.57 us 14.93 us 6.31 us mutex btrfs_delayed_update_inode+0x43 1 16.91 us 16.91 us 16.91 us rwsem:R btrfs_tree_read_lock_nested+0x1b 1 15.13 us 15.13 us 15.13 us spinlock btrfs_getattr+0xd1 1 6.65 us 6.65 us 6.65 us rwsem:R btrfs_tree_read_lock_nested+0x1b 1 4.34 us 4.34 us 4.34 us spinlock process_one_work+0x1a9 root@x1:~# root@x1:~# perf trace -e bpf --max-events 10 perf lock contention --use-bpf 0.000 ( 0.013 ms): :2948281/2948281 bpf(cmd: 36, uattr: 0x7ffd5f12d730, size: 8) = -1 EOPNOTSUPP (Operation not supported) 0.024 ( 0.120 ms): :2948281/2948281 bpf(cmd: PROG_LOAD, uattr: 0x7ffd5f12d460, size: 148) = 16 0.158 ( 0.034 ms): :2948281/2948281 bpf(cmd: PROG_LOAD, uattr: 0x7ffd5f12d520, size: 148) = 16 26.653 ( 0.154 ms): perf/2948281 bpf(cmd: PROG_LOAD, uattr: 0x7ffd5f12d3d0, size: 148) = 16 26.825 ( 0.014 ms): perf/2948281 bpf(uattr: 0x7ffd5f12d580, size: 80) = 16 87.924 ( 0.038 ms): perf/2948281 bpf(cmd: BTF_LOAD, uattr: 0x7ffd5f12d400, size: 40) = 16 87.988 ( 0.006 ms): perf/2948281 bpf(cmd: BTF_LOAD, uattr: 0x7ffd5f12d470, size: 40) = 16 88.019 ( 0.006 ms): perf/2948281 bpf(cmd: BTF_LOAD, uattr: 0x7ffd5f12d250, size: 40) = 16 88.029 ( 0.172 ms): perf/2948281 bpf(cmd: PROG_LOAD, uattr: 0x7ffd5f12d320, size: 148) = 17 88.217 ( 0.005 ms): perf/2948281 bpf(cmd: BTF_LOAD, uattr: 0x7ffd5f12d4d0, size: 40) = 16 root@x1:~# Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Link: https://lore.kernel.org/r/20240902200515.2103769-5-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 066fd840873f2187deb4a646c5f531a8dba2fd36 Author: Namhyung Kim Date: Mon Sep 2 13:05:13 2024 -0700 perf kwork: Constify control data for BPF The control knobs set before loading BPF programs should be declared as 'const volatile' so that it can be optimized by the BPF core. Committer testing: root@x1:~# perf kwork report --use-bpf Starting trace, Hit to stop and report ^C Kwork Name | Cpu | Total Runtime | Count | Max runtime | Max runtime start | Max runtime end | -------------------------------------------------------------------------------------------------------------------------------- (w)intel_atomic_commit_work [ | 0009 | 18.680 ms | 2 | 18.553 ms | 362410.681580 s | 362410.700133 s | (w)pm_runtime_work | 0007 | 13.300 ms | 1 | 13.300 ms | 362410.254996 s | 362410.268295 s | (w)intel_atomic_commit_work [ | 0009 | 9.846 ms | 2 | 9.717 ms | 362410.172352 s | 362410.182069 s | (w)acpi_ec_event_processor | 0002 | 8.106 ms | 1 | 8.106 ms | 362410.463187 s | 362410.471293 s | (s)SCHED:7 | 0000 | 1.351 ms | 106 | 0.063 ms | 362410.658017 s | 362410.658080 s | i915:157 | 0008 | 0.994 ms | 13 | 0.361 ms | 362411.222125 s | 362411.222486 s | (s)SCHED:7 | 0001 | 0.703 ms | 98 | 0.047 ms | 362410.245004 s | 362410.245051 s | (s)SCHED:7 | 0005 | 0.674 ms | 42 | 0.074 ms | 362411.483039 s | 362411.483113 s | (s)NET_RX:3 | 0001 | 0.556 ms | 10 | 0.079 ms | 362411.066388 s | 362411.066467 s | root@x1:~# perf trace -e bpf --max-events 5 perf kwork report --use-bpf 0.000 ( 0.016 ms): perf/2948007 bpf(cmd: 36, uattr: 0x7ffededa6660, size: 8) = -1 EOPNOTSUPP (Operation not supported) 0.026 ( 0.106 ms): perf/2948007 bpf(cmd: PROG_LOAD, uattr: 0x7ffededa6390, size: 148) = 12 0.152 ( 0.032 ms): perf/2948007 bpf(cmd: PROG_LOAD, uattr: 0x7ffededa6450, size: 148) = 12 26.247 ( 0.138 ms): perf/2948007 bpf(cmd: PROG_LOAD, uattr: 0x7ffededa6300, size: 148) = 12 26.396 ( 0.012 ms): perf/2948007 bpf(uattr: 0x7ffededa64b0, size: 80) = 12 Starting trace, Hit to stop and report root@x1:~# Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Cc: Yang Jihong Link: https://lore.kernel.org/r/20240902200515.2103769-4-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit ac5a23b2f2868c54fdd2fc84c1990ebeb1e06188 Author: Namhyung Kim Date: Mon Sep 2 13:05:12 2024 -0700 perf ftrace latency: Constify control data for BPF The control knobs set before loading BPF programs should be declared as 'const volatile' so that it can be optimized by the BPF core. Committer testing: root@x1:~# perf ftrace latency --use-bpf -T schedule ^C# DURATION | COUNT | GRAPH | 0 - 1 us | 0 | | 1 - 2 us | 0 | | 2 - 4 us | 0 | | 4 - 8 us | 0 | | 8 - 16 us | 1 | | 16 - 32 us | 5 | | 32 - 64 us | 2 | | 64 - 128 us | 6 | | 128 - 256 us | 7 | | 256 - 512 us | 5 | | 512 - 1024 us | 22 | # | 1 - 2 ms | 36 | ## | 2 - 4 ms | 68 | ##### | 4 - 8 ms | 22 | # | 8 - 16 ms | 91 | ####### | 16 - 32 ms | 11 | | 32 - 64 ms | 26 | ## | 64 - 128 ms | 213 | ################# | 128 - 256 ms | 19 | # | 256 - 512 ms | 14 | # | 512 - 1024 ms | 5 | | 1 - ... s | 8 | | root@x1:~# root@x1:~# perf trace -e bpf perf ftrace latency --use-bpf -T schedule 0.000 ( 0.015 ms): perf/2944525 bpf(cmd: 36, uattr: 0x7ffe80de7b40, size: 8) = -1 EOPNOTSUPP (Operation not supported) 0.025 ( 0.102 ms): perf/2944525 bpf(cmd: PROG_LOAD, uattr: 0x7ffe80de7870, size: 148) = 8 0.136 ( 0.026 ms): perf/2944525 bpf(cmd: PROG_LOAD, uattr: 0x7ffe80de7930, size: 148) = 8 0.174 ( 0.026 ms): perf/2944525 bpf(cmd: PROG_LOAD, uattr: 0x7ffe80de77e0, size: 148) = 8 0.205 ( 0.010 ms): perf/2944525 bpf(uattr: 0x7ffe80de7990, size: 80) = 8 0.227 ( 0.011 ms): perf/2944525 bpf(cmd: BTF_LOAD, uattr: 0x7ffe80de7810, size: 40) = 8 0.244 ( 0.004 ms): perf/2944525 bpf(cmd: BTF_LOAD, uattr: 0x7ffe80de7880, size: 40) = 8 0.257 ( 0.006 ms): perf/2944525 bpf(cmd: BTF_LOAD, uattr: 0x7ffe80de7660, size: 40) = 8 0.265 ( 0.058 ms): perf/2944525 bpf(cmd: PROG_LOAD, uattr: 0x7ffe80de7730, size: 148) = 9 0.330 ( 0.004 ms): perf/2944525 bpf(cmd: BTF_LOAD, uattr: 0x7ffe80de78e0, size: 40) = 8 0.337 ( 0.003 ms): perf/2944525 bpf(cmd: BTF_LOAD, uattr: 0x7ffe80de7890, size: 40) = 8 0.343 ( 0.004 ms): perf/2944525 bpf(cmd: BTF_LOAD, uattr: 0x7ffe80de7880, size: 40) = 8 0.349 ( 0.003 ms): perf/2944525 bpf(cmd: BTF_LOAD, uattr: 0x7ffe80de78b0, size: 40) = 8 0.355 ( 0.004 ms): perf/2944525 bpf(cmd: BTF_LOAD, uattr: 0x7ffe80de7890, size: 40) = 8 0.361 ( 0.003 ms): perf/2944525 bpf(cmd: BTF_LOAD, uattr: 0x7ffe80de78b0, size: 40) = 8 0.367 ( 0.003 ms): perf/2944525 bpf(cmd: BTF_LOAD, uattr: 0x7ffe80de7880, size: 40) = 8 0.373 ( 0.014 ms): perf/2944525 bpf(cmd: BTF_LOAD, uattr: 0x7ffe80de7a00, size: 40) = 8 0.390 ( 0.358 ms): perf/2944525 bpf(uattr: 0x7ffe80de7950, size: 80) = 9 0.763 ( 0.014 ms): perf/2944525 bpf(uattr: 0x7ffe80de7950, size: 80) = 9 0.783 ( 0.011 ms): perf/2944525 bpf(uattr: 0x7ffe80de7950, size: 80) = 9 0.798 ( 0.017 ms): perf/2944525 bpf(uattr: 0x7ffe80de7950, size: 80) = 9 0.819 ( 0.003 ms): perf/2944525 bpf(uattr: 0x7ffe80de7700, size: 80) = 9 0.824 ( 0.047 ms): perf/2944525 bpf(cmd: PROG_LOAD, uattr: 0x7ffe80de76c0, size: 148) = 10 0.878 ( 0.008 ms): perf/2944525 bpf(uattr: 0x7ffe80de7950, size: 80) = 9 0.891 ( 0.014 ms): perf/2944525 bpf(cmd: MAP_UPDATE_ELEM, uattr: 0x7ffe80de79e0, size: 32) = 0 0.910 ( 0.103 ms): perf/2944525 bpf(cmd: PROG_LOAD, uattr: 0x7ffe80de7880, size: 148) = 9 1.016 ( 0.143 ms): perf/2944525 bpf(cmd: PROG_LOAD, uattr: 0x7ffe80de7880, size: 148) = 10 3.777 ( 0.068 ms): perf/2944525 bpf(cmd: PROG_LOAD, uattr: 0x7ffe80de7570, size: 148) = 12 3.848 ( 0.003 ms): perf/2944525 bpf(cmd: LINK_CREATE, uattr: 0x7ffe80de7550, size: 64) = -1 EBADF (Bad file descriptor) 3.859 ( 0.006 ms): perf/2944525 bpf(cmd: LINK_CREATE, uattr: 0x7ffe80de77c0, size: 64) = 12 6.504 ( 0.010 ms): perf/2944525 bpf(cmd: LINK_CREATE, uattr: 0x7ffe80de77c0, size: 64) = 14 ^C# DURATION | COUNT | GRAPH | 0 - 1 us | 0 | | 1 - 2 us | 0 | | 2 - 4 us | 1 | | 4 - 8 us | 3 | | 8 - 16 us | 3 | | 16 - 32 us | 11 | | 32 - 64 us | 9 | | 64 - 128 us | 17 | | 128 - 256 us | 30 | # | 256 - 512 us | 20 | | 512 - 1024 us | 42 | # | 1 - 2 ms | 151 | ###### | 2 - 4 ms | 106 | #### | 4 - 8 ms | 18 | | 8 - 16 ms | 149 | ###### | 16 - 32 ms | 30 | # | 32 - 64 ms | 17 | | 64 - 128 ms | 360 | ############### | 128 - 256 ms | 52 | ## | 256 - 512 ms | 18 | | 512 - 1024 ms | 28 | # | 1 - ... s | 5 | | root@x1:~# Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Link: https://lore.kernel.org/r/20240902200515.2103769-3-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 76d3685400944e63c2c6e791a72d5329c2843770 Author: Namhyung Kim Date: Mon Sep 2 13:05:11 2024 -0700 perf stat: Constify control data for BPF The control knobs set before loading BPF programs should be declared as 'const volatile' so that it can be optimized by the BPF core. Committer testing: root@x1:~# perf stat --bpf-counters -e cpu_core/cycles/,cpu_core/instructions/ sleep 1 Performance counter stats for 'sleep 1': 2,442,583 cpu_core/cycles/ 2,494,425 cpu_core/instructions/ 1.002687372 seconds time elapsed 0.001126000 seconds user 0.001166000 seconds sys root@x1:~# perf trace -e bpf --max-events 10 perf stat --bpf-counters -e cpu_core/cycles/,cpu_core/instructions/ sleep 1 0.000 ( 0.019 ms): perf/2944119 bpf(cmd: OBJ_GET, uattr: 0x7fffdf5cdd40, size: 20) = 5 0.021 ( 0.002 ms): perf/2944119 bpf(cmd: OBJ_GET_INFO_BY_FD, uattr: 0x7fffdf5cdcd0, size: 16) = 0 0.030 ( 0.005 ms): perf/2944119 bpf(cmd: MAP_LOOKUP_ELEM, uattr: 0x7fffdf5ceda0, size: 32) = 0 0.037 ( 0.004 ms): perf/2944119 bpf(cmd: LINK_GET_FD_BY_ID, uattr: 0x7fffdf5ced80, size: 12) = -1 ENOENT (No such file or directory) 0.189 ( 0.004 ms): perf/2944119 bpf(cmd: 36, uattr: 0x7fffdf5cec10, size: 8) = -1 EOPNOTSUPP (Operation not supported) 0.201 ( 0.095 ms): perf/2944119 bpf(cmd: PROG_LOAD, uattr: 0x7fffdf5ce940, size: 148) = 10 0.305 ( 0.026 ms): perf/2944119 bpf(cmd: PROG_LOAD, uattr: 0x7fffdf5cea00, size: 148) = 10 0.347 ( 0.012 ms): perf/2944119 bpf(cmd: BTF_LOAD, uattr: 0x7fffdf5ce8e0, size: 40) = 10 0.364 ( 0.004 ms): perf/2944119 bpf(cmd: BTF_LOAD, uattr: 0x7fffdf5ce950, size: 40) = 10 0.376 ( 0.006 ms): perf/2944119 bpf(cmd: BTF_LOAD, uattr: 0x7fffdf5ce730, size: 40) = 10 root@x1:~# Performance counter stats for 'sleep 1': 271,221 cpu_core/cycles/ 139,150 cpu_core/instructions/ 1.002881677 seconds time elapsed 0.001318000 seconds user 0.001314000 seconds sys root@x1:~# Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Link: https://lore.kernel.org/r/20240902200515.2103769-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 7555c7d2cfc471144bc356e4a7c4a1d8733567a7 Author: Zhang Zekun Date: Mon Aug 12 20:08:23 2024 +0800 vfio: mdev: Remove unused function declarations The definition of mdev_bus_register() and mdev_bus_unregister() have been removed since commit 6c7f98b334a3 ("vfio/mdev: Remove vfio_mdev.c"). So, let's remove the unused declarations. Signed-off-by: Zhang Zekun Reviewed-by: Jason Gunthorpe Reviewed-by: Kevin Tian Link: https://lore.kernel.org/r/20240812120823.10968-1-zhangzekun11@huawei.com Signed-off-by: Alex Williamson commit a7aaa65f9c46b82051af490c93bc6398f11b94ce Author: Yue Haibing Date: Tue Jul 30 22:11:33 2024 +0800 vfio/fsl-mc: Remove unused variable 'hwirq' Commit 7447d911af69 ("vfio/fsl-mc: Block calling interrupt handler without trigger") left this variable unused, so remove it. Signed-off-by: Yue Haibing Link: https://lore.kernel.org/r/20240730141133.525771-1-yuehaibing@huawei.com Signed-off-by: Alex Williamson commit e1bf0f2ac949559a0b0720eaee252ae451e61acd Author: Dr. David Alan Gilbert Date: Sat Jul 27 17:03:06 2024 +0100 vfio/pci: Remove unused struct 'vfio_pci_mmap_vma' 'vfio_pci_mmap_vma' has been unused since commit aac6db75a9fc ("vfio/pci: Use unmap_mapping_range()") Remove it. Signed-off-by: Dr. David Alan Gilbert Reviewed-by: Jason Gunthorpe Reviewed-by: Kevin Tian Link: https://lore.kernel.org/r/20240727160307.1000476-1-linux@treblig.org Signed-off-by: Alex Williamson commit 7fcf82e7348766840e5e259488662751c6db22a7 Author: Muhammad Qasim Abdul Majeed Date: Mon Sep 2 00:18:26 2024 +0500 ACPI: button: Use strscpy() instead of strcpy() Replace strcpy() with strscpy() in the ACPI button driver. strcpy() has been deprecated because it is generally unsafe, so help to eliminate it from the kernel source. Link: https://github.com/KSPP/linux/issues/88 Signed-off-by: Muhammad Qasim Abdul Majeed Link: https://patch.msgid.link/20240901191826.421488-1-qasim.majeed20@gmail.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit 18f41f1ba5404cb4ca17590ba28258f8358f8695 Author: Ian Rogers Date: Sat Aug 31 00:04:15 2024 -0700 perf test: Make watchpoint data 32-bits on i386 i386 only supports watchpoints up to size 4, 8 bytes causes extra counts and test failures. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Athira Rajeev Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: David Ahern Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Junhao He Cc: Kan Liang Cc: Mark Rutland Cc: Masami Hiramatsu Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Yang Jihong Link: https://lore.kernel.org/r/20240831070415.506194-7-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 91235380e5c78dc02f18d6afa97dff82ab3a6887 Author: Ian Rogers Date: Sat Aug 31 00:04:12 2024 -0700 perf test: Skip uprobe test if probe command isn't present The probe command is dependent on libelf. Skip the test if the required probe command isn't present. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Athira Rajeev Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: David Ahern Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Junhao He Cc: Kan Liang Cc: Mark Rutland Cc: Masami Hiramatsu Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Yang Jihong Link: https://lore.kernel.org/r/20240831070415.506194-4-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 49e9cc315604972cc14868cb67831e3e8c3f1470 Author: Tamim Khan Date: Mon Sep 2 21:43:05 2024 -0400 ACPI: resource: Skip IRQ override on Asus Vivobook Go E1404GAB Like other Asus Vivobooks, the Asus Vivobook Go E1404GAB has a DSDT that describes IRQ 1 as ActiveLow, while the kernel overrides to Edge_High. This override prevents the internal keyboard from working. Fix the problem by adding this laptop to the table that prevents the kernel from overriding the IRQ. Link: https://bugzilla.kernel.org/show_bug.cgi?id=219212 Signed-off-by: Tamim Khan Link: https://patch.msgid.link/20240903014317.38858-1-tamim@fusetak.com [ rjw: Changelog edits ] Signed-off-by: Rafael J. Wysocki commit 38e2648a81204c9fc5b4c87a8ffce93a6ed91b65 Author: Ian Rogers Date: Sat Aug 31 00:04:11 2024 -0700 perf time-utils: Fix 32-bit nsec parsing The "time utils" test fails in 32-bit builds: ... parse_nsec_time("18446744073.709551615") Failed. ptime 4294967295709551615 expected 18446744073709551615 ... Switch strtoul to strtoull as an unsigned long in 32-bit build isn't 64-bits. Fixes: c284d669a20d408b ("perf tools: Move parse_nsec_time to time-utils.c") Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Athira Rajeev Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: David Ahern Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Junhao He Cc: Kan Liang Cc: Mark Rutland Cc: Masami Hiramatsu Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Yang Jihong Link: https://lore.kernel.org/r/20240831070415.506194-3-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 6c99903e084c68887f7bc52a6819117f26820667 Author: Ian Rogers Date: Sat Aug 31 00:04:10 2024 -0700 perf pmus: Fix name comparisons on 32-bit systems The hex PMU suffix maybe 64-bit but the comparisons were "unsigned long" or 32-bit on 32-bit systems. This was causing the "PMU name comparison" test to fail in a 32-bit build. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Athira Rajeev Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: David Ahern Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Junhao He Cc: Kan Liang Cc: Mark Rutland Cc: Masami Hiramatsu Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Yang Jihong Link: https://lore.kernel.org/r/20240831070415.506194-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 4ffc8a3422986470972b4487f02e381692269098 Author: Charlie Jenkins Date: Mon Jul 29 14:00:03 2024 -0700 riscv: Add license to vmalloc.h Add a missing license to vmalloc.h. Signed-off-by: Charlie Jenkins Link: https://lore.kernel.org/r/20240729-riscv_fence_license-v1-2-7d5648069640@rivosinc.com Signed-off-by: Palmer Dabbelt commit 097c72e1f2b57d8b4d0b18c5a768a2028d666475 Author: Charlie Jenkins Date: Mon Jul 29 14:00:02 2024 -0700 riscv: Add license to fence.h Add a missing license to fence.h. Signed-off-by: Charlie Jenkins Link: https://lore.kernel.org/r/20240729-riscv_fence_license-v1-1-7d5648069640@rivosinc.com Signed-off-by: Palmer Dabbelt commit 963ed4efe0c6416f5a2f61e107ee3a27f0bb757d Author: Jani Nikula Date: Fri Aug 30 13:15:48 2024 +0300 drm/i915/dp: hide dp_to_i915() inside intel_dp.c Now that only intel_dp.c uses dp_to_i915(), hide it there. This removes a header dependency on to_i915(). Reviewed-by: Ville Syrjälä Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/e214aa6991aea4fc878b36dcd3eaece9f1fba592.1725012870.git.jani.nikula@intel.com commit 7134cc23fe73f4ddeeaaab9284399cebfd826c51 Author: Jani Nikula Date: Fri Aug 30 13:15:47 2024 +0300 drm/i915/ddi: stop using dp_to_i915() Switch to struct intel_display and to_intel_display() instead of using dp_to_i915(). Reviewed-by: Ville Syrjälä Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/6557281bc3f8df88931c045deb08cf76b727cda2.1725012870.git.jani.nikula@intel.com commit 41a46296214fa07cf5140c9ac9254e095bdcb960 Author: Jani Nikula Date: Fri Aug 30 13:15:46 2024 +0300 drm/i915/psr: convert intel_psr.[ch] to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_psr.[ch] to struct intel_display. Some stragglers are left behind where needed. Reviewed-by: Ville Syrjälä Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/4399b98b07019a8063adbec1043ff7eabb7c1080.1725012870.git.jani.nikula@intel.com commit 8a37cd4dc50e8f29168dd5bc766ba40a1968724a Author: Jani Nikula Date: Fri Aug 30 13:15:45 2024 +0300 drm/i915/pps: convert intel_pps.[ch] to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_pps.[ch] to struct intel_display. Some stragglers are left behind where needed. Reviewed-by: Ville Syrjälä Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/bea51b0d9e4546ba21d0d4eb01ca1097fda095ab.1725012870.git.jani.nikula@intel.com commit 631ef2e6adb0aec8d639dbea17c5ed08c8364df7 Author: Jani Nikula Date: Fri Aug 30 13:15:44 2024 +0300 drm/i915/pps: pass intel_dp to pps_name() Currently all of intel_pps.c passes struct intel_dp around. Do the same with pps_name() instead of passing both struct drm_i915_private and struct intel_pps. Reviewed-by: Ville Syrjälä Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/f2a7fec4a2ff1f09cb73e6734604fae99ab6b11a.1725012870.git.jani.nikula@intel.com commit 402bd11a5394636b2bc9712a58b97bc3cbca69df Author: Jani Nikula Date: Fri Aug 30 13:15:43 2024 +0300 drm/i915/dp: convert intel_dp_link_training.[ch] to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_dp_link_training.[ch] to struct intel_display. Reviewed-by: Ville Syrjälä Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/72b202e75f5a7ecc84a906f1c49d21dbe24fb7c2.1725012870.git.jani.nikula@intel.com commit f70e43763e6a550f5b50ba4f6a0d6aef5121ecba Author: Jani Nikula Date: Fri Aug 30 13:15:42 2024 +0300 drm/i915/dp: convert intel_dp_aux.[ch] to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_dp_aux.[ch] to struct intel_display. Reviewed-by: Ville Syrjälä Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/f295369d573d217323a624fd4b8dc477a6cf183b.1725012870.git.jani.nikula@intel.com commit a954e0a26146c465934f4944d49cc03324747917 Author: Jani Nikula Date: Fri Aug 30 13:15:41 2024 +0300 drm/i915/dp: convert intel_dp_tunnel.[ch] to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_dp_tunnel.[ch] to struct intel_display. Reviewed-by: Ville Syrjälä Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/2c83fe739ab8de05361d6eaae0249e58878a3c06.1725012870.git.jani.nikula@intel.com commit b34b43f9cb45ac15b0e48b5570af9e074959dc68 Author: Jani Nikula Date: Fri Aug 30 13:15:40 2024 +0300 drm/i915/dp: convert g4x_dp.[ch] to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert g4x_dp.[ch] to struct intel_display. Some stragglers are left behind where needed. Reviewed-by: Ville Syrjälä Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/b80ffb6373e9e3daaba0762ff7aebe168511b3a7.1725012870.git.jani.nikula@intel.com commit 1138137c2c48f036b87e80cf3905c1acbff6b0de Author: Jani Nikula Date: Fri Aug 30 13:15:39 2024 +0300 drm/i915/hdmi: convert to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_hdmi.[ch] to struct intel_display. Remove intel_hdmi_to_i915(). Some stragglers are left behind where needed. Reviewed-by: Ville Syrjälä Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/fa74b67935eb7e8084f57688a9683a36cb1d1a4c.1725012870.git.jani.nikula@intel.com commit 059f6fc89968f4f4527f1b706de8017d368ad9dd Author: Jani Nikula Date: Fri Aug 30 13:15:38 2024 +0300 drm/xe/display: use xe && 0 to avoid warnings about unused variables Avoid warnings about unused variables when the IS_LP(), IS_GEN9_LP(), and IS_GEN9_BC() macros are the only users of a variable. This is not currently the case, but prepare for future changes. Reviewed-by: Ville Syrjälä Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/2a9960df4d9f6423a2cc6a29a7a7b0c1420690c7.1725012870.git.jani.nikula@intel.com commit 52c62a3da80bcd17f535db00f5ea84ab16669438 Author: Andy Shevchenko Date: Mon Sep 2 17:14:41 2024 +0300 pinctrl: intel: Inline intel_gpio_community_irq_handler() Since we have for_each_intel_pad_group() helper, there is no advantage of having intel_gpio_community_irq_handler(). Inline it into intel_gpio_irq(). Acked-by: Mika Westerberg Signed-off-by: Andy Shevchenko commit 689ecd06ef8dcd894a41c9787cf9da940bb6f24e Author: Konstantin Komarov Date: Thu Jul 18 17:41:08 2024 +0300 fs/ntfs3: Rename ntfs3_setattr into ntfs_setattr Aligning names to a single naming convention. Signed-off-by: Konstantin Komarov commit 568f1140b9ca92def4ac581846c244294112bd42 Author: Konstantin Komarov Date: Mon Jul 1 14:28:01 2024 +0300 fs/ntfs3: Replace fsparam_flag_no -> fsparam_flag Based on the experience with an error related to incorrect parsing of the 'nocase' option, I decided to simplify the list and type of parameters. Signed-off-by: Konstantin Komarov commit 6b39bfaeec440443037c38701204b92b106c953c Author: Konstantin Komarov Date: Thu Aug 22 15:09:02 2024 +0300 fs/ntfs3: Add support for the compression attribute Support added for empty files and directories only. Signed-off-by: Konstantin Komarov commit 9a2d6a40b8a1a6fa62eaf47ceee10a5eef62284c Author: Konstantin Komarov Date: Thu Jul 18 17:45:12 2024 +0300 fs/ntfs3: Implement fallocate for compressed files Signed-off-by: Konstantin Komarov commit 70dd48ca3af3acb8548b876a84ac31460364cb03 Author: Konstantin Komarov Date: Mon Aug 19 16:21:31 2024 +0300 fs/ntfs3: Make checks in run_unpack more clear Signed-off-by: Konstantin Komarov commit c4a8ba334262e9a5c158d618a4820e1b9c12495c Author: Konstantin Komarov Date: Mon Aug 19 16:26:59 2024 +0300 fs/ntfs3: Add rough attr alloc_size check Reported-by: syzbot+c6d94bedd910a8216d25@syzkaller.appspotmail.com Signed-off-by: Konstantin Komarov commit 1fd21919de6de245b63066b8ee3cfba92e36f0e9 Author: Konstantin Komarov Date: Thu Aug 22 14:43:32 2024 +0300 fs/ntfs3: Stale inode instead of bad Fixed the logic of processing inode with wrong sequence number. Signed-off-by: Konstantin Komarov commit 56c16d5459d5c050a97a138a00a82b105a8e0a66 Author: Konstantin Komarov Date: Tue Jul 23 16:51:18 2024 +0300 fs/ntfs3: Refactor enum_rstbl to suppress static checker Comments and brief description of function enum_rstbl added. Fixes: b46acd6a6a62 ("fs/ntfs3: Add NTFS journal") Reported-by: Dan Carpenter Signed-off-by: Konstantin Komarov commit 62fea783f96ce825f0ac9e40ce9530ddc1ea2a29 Author: Konstantin Komarov Date: Mon Aug 19 16:23:02 2024 +0300 fs/ntfs3: Fix sparse warning in ni_fiemap The interface of fiemap_fill_next_extent_k() was modified to eliminate the sparse warning. Fixes: d57431c6f511 ("fs/ntfs3: Do copy_to_user out of run_lock") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202406271920.hndE8N6D-lkp@intel.com/ Signed-off-by: Konstantin Komarov commit 5b2db723455a89dc96743d34d8bdaa23a402db2f Author: Konstantin Komarov Date: Mon Aug 19 16:26:22 2024 +0300 fs/ntfs3: Fix warning possible deadlock in ntfs_set_state Use non-zero subkey to skip analyzer warnings. Signed-off-by: Konstantin Komarov Reported-by: syzbot+c2ada45c23d98d646118@syzkaller.appspotmail.com commit ffe718c9924eb7e4ce062dd383cf5fea7f02f180 Author: Konstantin Komarov Date: Mon Aug 19 16:24:59 2024 +0300 fs/ntfs3: Fix sparse warning for bigendian Fixes: 220cf0498bbf ("fs/ntfs3: Simplify initialization of $AttrDef and $UpCase") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202404181111.Wz8a1qX6-lkp@intel.com/ Signed-off-by: Konstantin Komarov commit e4a7d60a891b8493a1284053acdc496febe81e7c Author: Konstantin Komarov Date: Mon Jul 15 09:31:10 2024 +0300 fs/ntfs3: Separete common code for file_read/write iter/splice The common code for handling encrypted, dedup, and compressed files has been moved to check_read_restriction() and check_write_restriction(). Signed-off-by: Konstantin Komarov commit acdbd67bf939577d6f9e3cf796a005c31cec52d8 Author: Konstantin Komarov Date: Fri Jun 28 18:27:46 2024 +0300 fs/ntfs3: Optimize large writes into sparse file Optimized cluster allocation by allocating a large chunk in advance before writing, instead of allocating during the writing process by clusters. Essentially replicates the logic of fallocate. Fixes: 4342306f0f0d ("fs/ntfs3: Add file operations and implementation") Signed-off-by: Konstantin Komarov commit 2db86f7995fe6b62a4d6fee9f3cdeba3c6d27606 Author: Konstantin Komarov Date: Fri Jun 28 18:29:46 2024 +0300 fs/ntfs3: Do not call file_modified if collapse range failed Fixes: 4342306f0f0d ("fs/ntfs3: Add file operations and implementation") Signed-off-by: Konstantin Komarov commit 9931122d04c6d431b2c11b5bb7b10f28584067f0 Author: Andrew Ballance Date: Wed May 15 07:38:33 2024 -0500 fs/ntfs3: Check if more than chunk-size bytes are written A incorrectly formatted chunk may decompress into more than LZNT_CHUNK_SIZE bytes and a index out of bounds will occur in s_max_off. Signed-off-by: Andrew Ballance Signed-off-by: Konstantin Komarov commit 556bdf27c2dd5c74a9caacbe524b943a6cd42d99 Author: lei lu Date: Fri Aug 23 21:39:44 2024 +0800 ntfs3: Add bounds checking to mi_enum_attr() Added bounds checking to make sure that every attr don't stray beyond valid memory region. Signed-off-by: lei lu Signed-off-by: Konstantin Komarov commit a4f2b9a787679697e6792676298cac5c6b9b0ccb Author: Thorsten Blum Date: Wed Jul 31 15:54:04 2024 +0200 fs/ntfs3: Use swap() to improve code Use the swap() macro to simplify the code and improve its readability. Fixes the following Coccinelle/coccicheck warning reported by swap.cocci: WARNING opportunity for swap() Compile-tested only. Signed-off-by: Thorsten Blum Signed-off-by: Konstantin Komarov commit 04885681788855bb266fd131f06c04952a717659 Author: Steinar H. Gunderson Date: Sat Aug 3 17:20:08 2024 +0200 perf annotate: LLVM-based disassembler Support using LLVM as a disassembler method, allowing helperless annotation in non-distro builds. (It is also much faster than using libbfd or bfd objdump on binaries with a lot of debug information.) This is nearly identical to the output of llvm-objdump; there are some very rare whitespace differences, some minor changes to demangling (since we use perf's regular demangling and not LLVM's own) and the occasional case where llvm-objdump makes a different choice when multiple symbols share the same address. It should work across all of LLVM's supported architectures, although I've only tested 64-bit x86, and finding the right triple from perf's idea of machine architecture can sometimes be a bit tricky. Ideally, we should have some way of finding the triplet just from the file itself. Committer notes: Address this on 32-bit systems by using PRIu64 from inttypes.h 3 17.58 almalinux:9-i386 : FAIL gcc version 11.4.1 20231218 (Red Hat 11.4.1-3) (GCC) util/llvm-c-helpers.cpp: In function ‘char* make_symbol_relative_string(dso*, const char*, u64, u64)’: util/llvm-c-helpers.cpp:150:52: error: format ‘%lx’ expects argument of type ‘long unsigned int’, but argument 5 has type ‘u64’ {aka +‘long long unsigned int’} [-Werror=format=] 150 | snprintf(buf, sizeof(buf), "%s+0x%lx", | ~~^ | | | long unsigned int | %llx 151 | demangled ? demangled : sym_name, addr - base_addr); | ~~~~~~~~~~~~~~~~ | | | u64 {aka long long unsigned int} cc1plus: all warnings being treated as errors Signed-off-by: Steinar H. Gunderson Cc: Ian Rogers Link: https://lore.kernel.org/r/20240803152008.2818485-3-sesse@google.com Signed-off-by: Arnaldo Carvalho de Melo commit f6ab898356dd70f267c49045a79d28ea5cf5e43e Author: Lorenzo Bianconi Date: Wed Jul 3 18:12:44 2024 +0200 PCI: mediatek-gen3: Add Airoha EN7581 support Introduce support for Airoha EN7581 PCIe controller to mediatek-gen3 PCIe controller driver. Link: https://lore.kernel.org/linux-pci/aca00bd672ee576ad96d279414fc0835ff31f637.1720022580.git.lorenzo@kernel.org Signed-off-by: Lorenzo Bianconi Signed-off-by: Krzysztof Wilczyński Tested-by: Zhengping Zhang Reviewed-by: AngeloGioacchino Del Regno Acked-by: Jianjun Wang commit ee9eabbe3f0f0c7458d89840add97e54d4e0bccf Author: Lorenzo Bianconi Date: Wed Jul 3 18:12:43 2024 +0200 PCI: mediatek-gen3: Rely on reset_bulk APIs for PHY reset lines Use reset_bulk APIs to manage PHY reset lines. This is a preliminary patch in order to add Airoha EN7581 PCIe support. Link: https://lore.kernel.org/linux-pci/3ceb83bc0defbcf868521f8df4b9100e55ec2614.1720022580.git.lorenzo@kernel.org Signed-off-by: Lorenzo Bianconi Signed-off-by: Krzysztof Wilczyński Tested-by: Zhengping Zhang Reviewed-by: AngeloGioacchino Del Regno Acked-by: Jianjun Wang commit dc869a40d73ee6e9f47d683690ae507e30e56044 Author: Lorenzo Bianconi Date: Wed Jul 3 18:12:42 2024 +0200 PCI: mediatek-gen3: Add mtk_gen3_pcie_pdata data structure Introduce mtk_gen3_pcie_pdata data structure in order to define multiple callbacks for each supported SoC. This is a preliminary patch to introduce EN7581 PCIe support. Link: https://lore.kernel.org/linux-pci/c193d1a87505d045e2e0ef33317bce17012ee095.1720022580.git.lorenzo@kernel.org Signed-off-by: Lorenzo Bianconi Signed-off-by: Krzysztof Wilczyński Tested-by: Zhengping Zhang Reviewed-by: AngeloGioacchino Del Regno Acked-by: Jianjun Wang commit c6abd0eadec65a929bd69718daae887197f85dd3 Author: Lorenzo Bianconi Date: Wed Jul 3 18:12:41 2024 +0200 dt-bindings: PCI: mediatek-gen3: Add support for Airoha EN7581 Introduce Airoha EN7581 entry in mediatek-gen3 PCIe controller binding. Link: https://lore.kernel.org/linux-pci/138d65a140c3dcf2a6aefecc33ba6ba3ca300a23.1720022580.git.lorenzo@kernel.org Signed-off-by: Lorenzo Bianconi Signed-off-by: Krzysztof Wilczyński Reviewed-by: AngeloGioacchino Del Regno Reviewed-by: Conor Dooley Acked-by: Jianjun Wang commit b2d70222dbf2a2ff7a972a685d249a5d75afa87f Author: Peter Zijlstra Date: Wed Aug 14 00:25:56 2024 +0200 sched: Add put_prev_task(.next) In order to tell the previous sched_class what the next task is, add put_prev_task(.next). Notable SCX will use this to: 1) determine the next task will leave the SCX sched class and push the current task to another CPU if possible. 2) statistics on how often and which other classes preempt it Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240813224016.367421076@infradead.org commit bd9bbc96e8356886971317f57994247ca491dbf1 Author: Peter Zijlstra Date: Wed Aug 14 00:25:55 2024 +0200 sched: Rework dl_server When a task is selected through a dl_server, it will have p->dl_server set, such that it can account runtime to the dl_server, see update_curr_task(). Currently p->dl_server is set in pick*task() whenever it goes through the dl_server, clearing it is a bit of a mess though. The trivial solution is clearing it on the final put (now that we have this location). However, this gives a problem when: p = pick_task(rq); if (p) put_prev_set_next_task(rq, prev, next); picks the same task but through a different path, notably when it goes from picking through the dl_server to a direct pick or vice-versa. In that case we cannot readily determine wether we should clear or preserve p->dl_server. An additional complication is pick_*task() setting p->dl_server for a remote pick, it might still need to update runtime before it schedules the core_pick. Close all these holes and remove all the random clearing of p->dl_server by: - having pick_*task() manage rq->dl_server - having the final put_prev_task() clear p->dl_server - having the first set_next_task() set p->dl_server = rq->dl_server - complicate the core_sched code to save/restore rq->dl_server where appropriate. Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240813224016.259853414@infradead.org commit 436f3eed5c69c1048a5754df6e3dbb291e5cccbd Author: Peter Zijlstra Date: Wed Aug 14 00:25:54 2024 +0200 sched: Combine the last put_prev_task() and the first set_next_task() Ensure the last put_prev_task() and the first set_next_task() always go together. Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240813224016.158454756@infradead.org commit fd03c5b8585562d60f8b597b4332d28f48abfe7d Author: Peter Zijlstra Date: Wed Aug 14 00:25:53 2024 +0200 sched: Rework pick_next_task() The current rule is that: pick_next_task() := pick_task() + set_next_task(.first = true) And many classes implement it directly as such. Change things around to make pick_next_task() optional while also changing the definition to: pick_next_task(prev) := pick_task() + put_prev_task() + set_next_task(.first = true) The reason is that sched_ext would like to have a 'final' call that knows the next task. By placing put_prev_task() right next to set_next_task() (as it already is for sched_core) this becomes trivial. As a bonus, this is a nice cleanup on its own. Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240813224016.051225657@infradead.org commit 260598f142c34811d226fdde5ab0346b48181439 Author: Peter Zijlstra Date: Wed Aug 14 00:25:52 2024 +0200 sched: Split up put_prev_task_balance() With the goal of pushing put_prev_task() after pick_task() / into pick_next_task(). Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240813224015.943143811@infradead.org commit 4686cc598f669dea1b50dde1568e6c65c355bc67 Author: Peter Zijlstra Date: Wed Aug 14 00:25:51 2024 +0200 sched: Clean up DL server vs core sched Abide by the simple rule: pick_next_task() := pick_task() + set_next_task(.first = true) This allows us to trivially get rid of server_pick_next() and things collapse nicely. Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240813224015.837303391@infradead.org commit dae4320b29f0bbdae93f7c1f6f80b19f109ca0bc Author: Peter Zijlstra Date: Wed Aug 14 00:25:50 2024 +0200 sched: Fixup set_next_task() implementations The rule is that: pick_next_task() := pick_task() + set_next_task(.first = true) Turns out, there's still a few things in pick_next_task() that are missing from that combination. Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240813224015.724111109@infradead.org commit 7d2180d9d943d31491d77e336557f33670cfe7fd Author: Peter Zijlstra Date: Wed Aug 14 00:25:49 2024 +0200 sched: Use set_next_task(.first) where required Turns out the core_sched bits forgot to use the set_next_task(.first=true) variant. Notably: pick_next_task() := pick_task() + set_next_task(.first = true) Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240813224015.614146342@infradead.org commit 75b6499024a6c1a4ef0288f280534a5c54269076 Author: Valentin Schneider Date: Thu Aug 29 15:53:53 2024 +0200 sched/fair: Properly deactivate sched_delayed task upon class change __sched_setscheduler() goes through an enqueue/dequeue cycle like so: flags := DEQUEUE_SAVE | DEQUEUE_MOVE | DEQUEUE_NOCLOCK; prev_class->dequeue_task(rq, p, flags); new_class->enqueue_task(rq, p, flags); when prev_class := fair_sched_class, this is followed by: dequeue_task(rq, p, DEQUEUE_NOCLOCK | DEQUEUE_SLEEP); the idea being that since the task has switched classes, we need to drop the sched_delayed logic and have that task be deactivated per its previous dequeue_task(..., DEQUEUE_SLEEP). Unfortunately, this leaves the task on_rq. This is missing the tail end of dequeue_entities() that issues __block_task(), which __sched_setscheduler() won't have done due to not using DEQUEUE_DELAYED - not that it should, as it is pretty much a fair_sched_class specific thing. Make switched_from_fair() properly deactivate sched_delayed tasks upon class changes via __block_task(), as if a dequeue_task(..., DEQUEUE_DELAYED) had been issued. Fixes: 2e0199df252a ("sched/fair: Prepare exit/cleanup paths for delayed_dequeue") Reported-by: "Paul E. McKenney" Reported-by: Chen Yu Signed-off-by: Valentin Schneider Signed-off-by: Peter Zijlstra (Intel) Link: https://lkml.kernel.org/r/20240829135353.1524260-1-vschneid@redhat.com commit 9c602adb799e72ee537c0c7ca7e828c3fe2acad6 Author: Huang Shijie Date: Thu Aug 29 11:11:11 2024 +0800 sched/deadline: Fix schedstats vs deadline servers In dl_server_start(), when schedstats is enabled, the following happens: dl_server_start() dl_se->dl_server = 1; enqueue_dl_entity() update_stats_enqueue_dl() __schedstats_from_dl_se() dl_task_of() BUG_ON(dl_server(dl_se)); Since only tasks have schedstats and internal entries do not, avoid trying to update stats in this case. Fixes: 63ba8422f876 ("sched/deadline: Introduce deadline servers") Signed-off-by: Huang Shijie Signed-off-by: Peter Zijlstra (Intel) Acked-by: Juri Lelli Link: https://lkml.kernel.org/r/20240829031111.12142-1-shijie@os.amperecomputing.com commit 6eca7c5ac23effd552d6f03acc5ce0efc1ed1c1e Author: Steinar H. Gunderson Date: Sat Aug 3 17:20:07 2024 +0200 perf annotate: Split out read_symbol() The Capstone disassembler code has a useful code snippet to read the bytes for a given code symbol into memory. Split it out into its own function, so that the LLVM disassembler can use it in the next patch. Signed-off-by: Steinar H. Gunderson Cc: Ian Rogers Link: https://lore.kernel.org/r/20240803152008.2818485-2-sesse@google.com Signed-off-by: Arnaldo Carvalho de Melo commit c3f8644c21df9b7db97eb70e08e2826368aaafa0 Author: Steinar H. Gunderson Date: Sat Aug 3 17:20:06 2024 +0200 perf report: Support LLVM for addr2line() In addition to the existing support for libbfd and calling out to an external addr2line command, add support for using libllvm directly. This is both faster than libbfd, and can be enabled in distro builds (the LLVM license has an explicit provision for GPLv2 compatibility). Thus, it is set as the primary choice if available. As an example, running 'perf report' on a medium-size profile with DWARF-based backtraces took 58 seconds with LLVM, 78 seconds with libbfd, 153 seconds with external llvm-addr2line, and I got tired and aborted the test after waiting for 55 minutes with external bfd addr2line (which is the default for perf as compiled by distributions today). Evidently, for this case, the bfd addr2line process needs 18 seconds (on a 5.2 GHz Zen 3) to load the .debug ELF in question, hits the 1-second timeout and gets killed during initialization, getting restarted anew every time. Having an in-process addr2line makes this much more robust. As future extensions, libllvm can be used in many other places where we currently use libbfd or other libraries: - Symbol enumeration (in particular, for PE binaries). - Demangling (including non-Itanium demangling, e.g. Microsoft or Rust). - Disassembling (perf annotate). However, these are much less pressing; most people don't profile PE binaries, and perf has non-bfd paths for ELF. The same with demangling; the default _cxa_demangle path works fine for most users, and while bfd objdump can be slow on large binaries, it is possible to use --objdump=llvm-objdump to get the speed benefits. (It appears LLVM-based demangling is very simple, should we want that.) Tested with LLVM 14, 15, 16, 18 and 19. For some reason, LLVM 12 was not correctly detected using feature_check, and thus was not tested. Committer notes: Added the name and a __maybe_unused to address: 1 13.50 almalinux:8 : FAIL gcc version 8.5.0 20210514 (Red Hat 8.5.0-22) (GCC) util/srcline.c: In function 'dso__free_a2l': util/srcline.c:184:20: error: parameter name omitted void dso__free_a2l(struct dso *) ^~~~~~~~~~~~ make[3]: *** [/git/perf-6.11.0-rc3/tools/build/Makefile.build:158: util] Error 2 Signed-off-by: Steinar H. Gunderson Tested-by: Arnaldo Carvalho de Melo Cc: Ian Rogers Link: https://lore.kernel.org/r/20240803152008.2818485-1-sesse@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 3d693c1811e3b57438dc6a4e26a420da6def09b4 Merge: 6f634eb080161b 7d9b474ee4cc37 Author: Christian Brauner Date: Tue Sep 3 09:59:23 2024 +0200 Merge patch series "iomap: flush dirty cache over unwritten mappings on zero range" Brian Foster says: Two fixes for iomap zero range flushes. * patches from https://lore.kernel.org/r/20240830145634.138439-1-bfoster@redhat.com: iomap: make zero range flush conditional on unwritten mappings iomap: fix handling of dirty folios over unwritten extents Link: https://lore.kernel.org/r/20240830145634.138439-1-bfoster@redhat.com Signed-off-by: Christian Brauner commit 6f634eb080161baa4811a39f5ec07923ede092bc Author: Pankaj Raghav Date: Tue Aug 27 10:42:07 2024 +0200 filemap: fix htmldoc warning for mapping_align_index() Stephen reported that there is a kernel build warning due to a missing description of a parameter in mapping_align_index(). Add the missing index parameter in the comment description. Signed-off-by: Pankaj Raghav Link: https://lore.kernel.org/r/20240827084206.106347-2-kernel@pankajraghav.com Fixes: ab95d23bab22 ("filemap: allocate mapping_min_order folios in the page cache") Reported-by: Stephen Rothwell Signed-off-by: Christian Brauner commit 7d9b474ee4cc375393d13e69d60a30f9b7b46a3a Author: Brian Foster Date: Fri Aug 30 10:56:34 2024 -0400 iomap: make zero range flush conditional on unwritten mappings iomap_zero_range() flushes pagecache to mitigate consistency problems with dirty pagecache and unwritten mappings. The flush is unconditional over the entire range because checking pagecache state after mapping lookup is racy with writeback and reclaim. There are ways around this using iomap's mapping revalidation mechanism, but this is not supported by all iomap based filesystems and so is not a generic solution. There is another way around this limitation that is good enough to filter the flush for most cases in practice. If we check for dirty pagecache over the target range (instead of unconditionally flush), we can keep track of whether the range was dirty before lookup and defer the flush until/unless we see a combination of dirty cache backed by an unwritten mapping. We don't necessarily know whether the dirty cache was backed by the unwritten maping or some other (written) part of the range, but the impliciation of a false positive here is a spurious flush and thus relatively harmless. Note that we also flush for hole mappings because iomap_zero_range() is used for partial folio zeroing in some cases. For example, if a folio straddles EOF on a sub-page FSB size fs, the post-eof portion is hole-backed and dirtied/written via mapped write, and then i_size increases before writeback can occur (which otherwise zeroes the post-eof portion of the EOF folio), then the folio becomes inconsistent with disk until reclaimed. A flush in this case executes partial zeroing from writeback, and iomap knows that there is otherwise no I/O to submit for hole backed mappings. Signed-off-by: Brian Foster Link: https://lore.kernel.org/r/20240830145634.138439-3-bfoster@redhat.com Reviewed-by: Darrick J. Wong Reviewed-by: Josef Bacik Signed-off-by: Christian Brauner commit c5c810b94cfd818fc2f58c96feee58a9e5ead96d Author: Brian Foster Date: Fri Aug 30 10:56:33 2024 -0400 iomap: fix handling of dirty folios over unwritten extents The iomap zero range implementation doesn't properly handle dirty pagecache over unwritten mappings. It skips such mappings as if they were pre-zeroed. If some part of an unwritten mapping is dirty in pagecache from a previous write, the data in cache should be zeroed as well. Instead, the data is left in cache and creates a stale data exposure problem if writeback occurs sometime after the zero range. Most callers are unaffected by this because the higher level filesystem contexts that call zero range typically perform a filemap flush of the target range for other reasons. A couple contexts that don't otherwise need to flush are write file size extension and truncate in XFS. The former path is currently susceptible to the stale data exposure problem and the latter performs a flush specifically to work around it. This is clearly inconsistent and incomplete. As a first step toward correcting behavior, lift the XFS workaround to iomap_zero_range() and unconditionally flush the range before the zero range operation proceeds. While this appears to be a bit of a big hammer, most all users already do this from calling context save for the couple of exceptions noted above. Future patches will optimize or elide this flush while maintaining functional correctness. Fixes: ae259a9c8593 ("fs: introduce iomap infrastructure") Signed-off-by: Brian Foster Link: https://lore.kernel.org/r/20240830145634.138439-2-bfoster@redhat.com Reviewed-by: Darrick J. Wong Reviewed-by: Josef Bacik Signed-off-by: Christian Brauner commit 31754ea6cbbc08d5bbe1fa290320c3048d8d98a3 Author: Josef Bacik Date: Tue Aug 27 06:51:36 2024 -0400 iomap: add a private argument for iomap_file_buffered_write In order to switch fuse over to using iomap for buffered writes we need to be able to have the struct file for the original write, in case we have to read in the page to make it uptodate. Handle this by using the existing private field in the iomap_iter, and add the argument to iomap_file_buffered_write. This will allow us to pass the file in through the iomap buffered write path, and is flexible for any other file systems needs. Signed-off-by: Josef Bacik Link: https://lore.kernel.org/r/7f55c7c32275004ba00cddf862d970e6e633f750.1724755651.git.josef@toxicpanda.com Reviewed-by: Christoph Hellwig Signed-off-by: Christian Brauner commit d1dd75dcda646bed5b2add8790ae69c202f9f0b1 Author: Luis Chamberlain Date: Mon Aug 26 14:26:32 2024 -0700 iomap: remove set_memor_ro() on zero page Stephen reported a boot failure on ppc power8 system where set_memor_ro() on the new zero page failed [0]. Christophe Leroy further clarifies we can't use this on on linear memory on ppc, and so instead of special casing this just for PowerPC [2] remove the call as suggested by Darrick. [0] https://lore.kernel.org/all/20240826175931.1989f99e@canb.auug.org.au/T/#u [1] https://lore.kernel.org/all/b0fe75b4-c1bb-47f7-a7c3-2534b31c1780@csgroup.eu/ [2] https://lore.kernel.org/all/ZszrJkFOpiy5rCma@bombadil.infradead.org/ Reported-by: Stephen Rothwell Suggested-by: Darrick J. Wong Signed-off-by: Luis Chamberlain Link: https://lore.kernel.org/r/20240826212632.2098685-1-mcgrof@kernel.org Tested-by: Stephen Rothwell Reviewed-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Christian Brauner commit 7ccd606be7f7f475854c51ae8b6263f43e1e6ad1 Merge: 8400291e289ee6 7df7c204c678e2 Author: Christian Brauner Date: Fri Aug 23 13:32:36 2024 +0200 Merge patch series "enable bs > ps in XFS" Pankaj Raghav (Samsung) says: This is the 13th version of the series that enables block size > page size (Large Block Size) experimental support in XFS. Please consider this for the inclusion in 6.12. The context and motivation can be seen in cover letter of the RFC v1 [0]. We also recorded a talk about this effort at LPC [1], if someone would like more context on this effort. Thanks to David Howells, the page cache changes have also been tested on top of AFS[2] with mapping_min_order set. A lot of emphasis has been put on testing using kdevops, starting with an XFS baseline [3]. The testing has been split into regression and progression. Regression testing: In regression testing, we ran the whole test suite to check for regressions on existing profiles due to the page cache changes. I also ran split_huge_page_test selftest on XFS filesystem to check for huge page splits in min order chunks is done correctly. No regressions were found with these patches added on top. Progression testing: For progression testing, we tested for 8k, 16k, 32k and 64k block sizes. To compare it with existing support, an ARM VM with 64k base page system (without our patches) was used as a reference to check for actual failures due to LBS support in a 4k base page size system. No new failures were found with the LBS support. We've done some preliminary performance tests with fio on XFS on 4k block size against pmem and NVMe with buffered IO and Direct IO on vanilla Vs + these patches applied, and detected no regressions. We ran sysbench on postgres and mysql for several hours on LBS XFS without any issues. We also wrote an eBPF tool called blkalgn [5] to see if IO sent to the device is aligned and at least filesystem block size in length. For those who want this in a git tree we have this up on a kdevops large-block-minorder-for-next-v13 tag [6]. [0] https://lore.kernel.org/lkml/20230915183848.1018717-1-kernel@pankajraghav.com/ [1] https://www.youtube.com/watch?v=ar72r5Xf7x4 [2] https://lore.kernel.org/linux-mm/3792765.1724196264@warthog.procyon.org.uk/ [3] https://github.com/linux-kdevops/kdevops/blob/master/docs/xfs-bugs.md 489 non-critical issues and 55 critical issues. We've determined and reported that the 55 critical issues have all fall into 5 common XFS asserts or hung tasks and 2 memory management asserts. [4] https://github.com/linux-kdevops/fstests/tree/lbs-fixes [5] https://github.com/iovisor/bcc/pull/4813 [6] https://github.com/linux-kdevops/linux/ [7] https://lore.kernel.org/linux-kernel/Zl20pc-YlIWCSy6Z@casper.infradead.org/#t * patches from https://lore.kernel.org/r/20240822135018.1931258-1-kernel@pankajraghav.com: (5979 commits) xfs: enable block size larger than page size support xfs: make the calculation generic in xfs_sb_validate_fsb_count() xfs: expose block size in stat xfs: use kvmalloc for xattr buffers iomap: fix iomap_dio_zero() for fs bs > system page size filemap: cap PTE range to be created to allowed zero fill in folio_map_range() mm: split a folio in minimum folio order chunks readahead: allocate folios with mapping_min_order in readahead filemap: allocate mapping_min_order folios in the page cache fs: Allow fine-grained control of folio sizes Add linux-next specific files for 20240821 l2tp: use skb_queue_purge in l2tp_ip_destroy_sock af_unix: Don't call skb_get() for OOB skb. dt-bindings: net: socionext,uniphier-ave4: add top-level constraints dt-bindings: net: renesas,etheravb: add top-level constraints dt-bindings: net: mediatek,net: add top-level constraints dt-bindings: net: mediatek,net: narrow interrupts per variants net: Silence false field-spanning write warning in metadata_dst memcpy net: hns3: Use ARRAY_SIZE() to improve readability selftests: net/forwarding: spawn sh inside vrf to speed up ping loop ... Link: https://lore.kernel.org/r/20240822135018.1931258-1-kernel@pankajraghav.com Signed-off-by: Christian Brauner commit 7df7c204c678e24cd32d33360538670b7b90e330 Author: Pankaj Raghav Date: Thu Aug 22 15:50:18 2024 +0200 xfs: enable block size larger than page size support Page cache now has the ability to have a minimum order when allocating a folio which is a prerequisite to add support for block size > page size. Signed-off-by: Pankaj Raghav Signed-off-by: Luis Chamberlain Link: https://lore.kernel.org/r/20240827-xfs-fix-wformat-bs-gt-ps-v1-1-aec6717609e0@kernel.org # fix folded Link: https://lore.kernel.org/r/20240822135018.1931258-11-kernel@pankajraghav.com Reviewed-by: Darrick J. Wong Reviewed-by: Dave Chinner Signed-off-by: Christian Brauner commit edd3183c5c5f9fe7aede49a41678556bc8bf618f Author: Jens Wiklander Date: Mon Sep 2 17:12:31 2024 +0200 optee: add RPMB dependency Prevent build error when CONFIG_RPMB=m and CONFIG_OPTEE=y by adding a dependency to CONFIG_RPMB for CONFIG_OPTEE so the RPMB subsystem always is reachable if configured. This means that CONFIG_OPTEE automatically becomes compiled as a module if CONFIG_RPMB is compiled as a module. If CONFIG_RPMB isn't configured or is configured as built-in, CONFIG_OPTEE will remain unchanged. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409021448.RSvcBPzt-lkp@intel.com/ Fixes: f0c8431568ee ("optee: probe RPMB device using RPMB subsystem") Signed-off-by: Jens Wiklander Link: https://lore.kernel.org/r/20240902151231.3705204-2-jens.wiklander@linaro.org Signed-off-by: Ulf Hansson commit b6c41df38c24f42482b5c5cd05220b8eb32ff6ff Author: Jens Wiklander Date: Mon Sep 2 17:12:30 2024 +0200 mmc: block: add RPMB dependency Prevent build error when CONFIG_RPMB=m and CONFIG_MMC_BLOCK=y by adding a dependency to CONFIG_RPMB for CONFIG_MMC_BLOCK block so the RPMB subsystem always is reachable if configured. This means that CONFIG_MMC_BLOCK automatically becomes compiled as a module if CONFIG_RPMB is compiled as a module. If CONFIG_RPMB isn't configured or is configured as built-in, CONFIG_MMC_BLOCK will remain unchanged. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409021448.RSvcBPzt-lkp@intel.com/ Fixes: 7852028a35f0 ("mmc: block: register RPMB partition with the RPMB subsystem") Signed-off-by: Jens Wiklander Acked-by: Arnd Bergmann Link: https://lore.kernel.org/r/20240902151231.3705204-1-jens.wiklander@linaro.org Signed-off-by: Ulf Hansson commit 38fb699795f0f24f1dcbe175537ec9c2ba500fa4 Author: Avri Altman Date: Mon Sep 2 15:33:31 2024 +0300 mmc: core Convert UNSTUFF_BITS macro to inline function The UNSTUFF_BITS macro, which is defined in both drivers/mmc/core/mmc.c and drivers/mmc/core/sd.c, has been converted to an inline function to improve readability, maintainability, and type safety. Signed-off-by: Avri Altman Link: https://lore.kernel.org/r/20240902123331.3566447-1-avri.altman@wdc.com Signed-off-by: Ulf Hansson commit 1c97ea115f89d096ec403f0827cc01671e3daba3 Author: Dharma Balasubiramani Date: Mon Sep 2 16:27:09 2024 +0530 dt-bindings: mmc: sdhci-atmel: Convert to json schema Convert sdhci-atmel documentation to yaml format. The new file will inherit from sdhci-common.yaml. Note: Add microchip,sama7g5-sdhci to compatible list as we already use it in the DT. Signed-off-by: Dharma Balasubiramani Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240902-atmel-sdhci-v4-1-96912fab6b2d@microchip.com Signed-off-by: Ulf Hansson commit 6f25e5deca7739a27462ef26fb5c07cfb926c4e4 Author: Riyan Dhiman Date: Sun Sep 1 23:52:44 2024 +0530 mmc: core: Convert simple_stroul to kstroul simple_strtoul() is obsolete and lacks proper error handling, making it unsafe for converting strings to unsigned long values. Replace it with kstrtoul(), which provides robust error checking and better safety. This change improves the reliability of the string-to-integer conversion and aligns with current kernel coding standards. Error handling is added to catch conversion failures, returning -EINVAL when input is invalid. Issue reported by checkpatch: - WARNING: simple_strtoul is obsolete, use kstrtoul instead Signed-off-by: Riyan Dhiman Link: https://lore.kernel.org/r/20240901182244.45543-1-riyandhiman14@gmail.com Signed-off-by: Ulf Hansson commit d2253bfa830e907eddad13d9de99d7b6df8585a1 Author: Riyan Dhiman Date: Sun Sep 1 23:03:09 2024 +0530 mmc: core: Calculate size from pointer Calculate the size from pointer instead of struct to adhere to linux kernel coding style. Issue reported by checkpatch. This commit has no functional changes. Signed-off-by: Riyan Dhiman Link: https://lore.kernel.org/r/20240901173309.7124-1-riyandhiman14@gmail.com Signed-off-by: Ulf Hansson commit 03117a4934d6ea3cc9c84baf80c05322485a2b5a Author: Seunghwan Baek Date: Thu Aug 29 15:18:23 2024 +0900 mmc: cqhci: Make use of cqhci_halted() routine Make use of cqhci_halted() in couple places to avoid open-coding. Signed-off-by: Seunghwan Baek Reviewed-by: Ritesh Harjani Acked-by: Adrian Hunter Link: https://lore.kernel.org/r/20240829061823.3718-3-sh8267.baek@samsung.com Signed-off-by: Ulf Hansson commit 64515b8e3e2270d48d8b56adf3b455b7efe76297 Merge: 4c0a6a0ac902db aea62c744a9ae2 Author: Ulf Hansson Date: Tue Sep 3 14:21:10 2024 +0200 mmc: Merge branch fixes into next Merge the mmc fixes for v6.11-rc[n] into the next branch, to allow them to get tested together with the new mmc changes that are targeted for v6.12. Signed-off-by: Ulf Hansson commit 4c0a6a0ac902dbf184ae7be1f1fce225cc0b7380 Author: Chanwoo Lee Date: Thu Aug 29 11:47:09 2024 +0900 mmc: core: Replace the argument of mmc_sd_switch() with defines Replace with already defined values for readability. While at it, let's also change the mode-parameter from an int to bool, as the only used values are 0 or 1. Signed-off-by: Chanwoo Lee Link: https://lore.kernel.org/r/20240829024709.402285-1-cw9316.lee@samsung.com Signed-off-by: Ulf Hansson commit 73abb1f16e28d5a41d0abea779a3f0b75cf8823e Author: Detlev Casanova Date: Wed Aug 28 15:24:56 2024 +0000 mmc: dw_mmc-rockchip: Add support for rk3576 SoCs On rk3576 the tunable clocks are inside the controller itself, removing the need for the "ciu-drive" and "ciu-sample" clocks. That makes it a new type of controller that has its own dt_parse function. Signed-off-by: Detlev Casanova Reviewed-by: Heiko Stuebner Link: https://lore.kernel.org/r/010201919997044d-c3a008d1-afbc-462f-a928-fc1ece785bdb-000000@eu-west-1.amazonses.com Signed-off-by: Ulf Hansson commit 59903441f5e49d46478fefcccec41e2ba896b740 Author: Shawn Lin Date: Wed Aug 28 15:24:55 2024 +0000 mmc: dw_mmc-rockchip: Add internal phase support Some Rockchip devices put the phase settings into the dw_mmc controller. When the feature is present, the ciu-drive and ciu-sample clocks are not used and the phase configuration is done directly through the mmc controller. Signed-off-by: Shawn Lin Signed-off-by: Detlev Casanova Acked-by: Shawn Lin Reviewed-by: Heiko Stuebner Link: https://lore.kernel.org/r/010201919996fdae-8a9f843e-00a8-4131-98bf-a9da4ed04bfd-000000@eu-west-1.amazonses.com Signed-off-by: Ulf Hansson commit ee601384079cf683b4750a2ea9edbe653e444ad8 Author: Detlev Casanova Date: Wed Aug 28 15:24:53 2024 +0000 dt-bindings: mmc: Add support for rk3576 dw-mshc Add the compatible string for rockchip,rk3576-dw-mshc in its own new block, for devices that have internal phase settings instead of external clocks. Signed-off-by: Detlev Casanova Acked-by: Krzysztof Kozlowski Reviewed-by: Heiko Stuebner Link: https://lore.kernel.org/r/010201919996f687-08c1988a-f588-46fa-ad82-023068c316ba-000000@eu-west-1.amazonses.com Signed-off-by: Ulf Hansson commit d11cfda966c18d8bf4f0e3f6d82a09c0771c955a Author: Chen Ni Date: Tue Sep 3 10:50:10 2024 +0800 HID: hid-sensor-custom: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Signed-off-by: Jiri Kosina commit de07af0ab02edcd4665deafc7373c5b13fb82db1 Author: tammy tseng Date: Tue Aug 6 16:25:32 2024 +0800 HID: add patch for sis multitouch format The patch is to add proper quirks for sis multitouch format Signed-off-by: tammy tseng Signed-off-by: Jiri Kosina commit 3f600592fa0ca1599326e20aa22e845de5fc8ac5 Author: Venkata Prasad Potturu Date: Tue Sep 3 17:04:27 2024 +0530 ASoC: amd: acp: Add I2S TDM support for acp7.1 platform Add acp71 revision id to support i2s/tdm mode. Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20240903113427.182997-13-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit 1150c18ba35376518b6ed9af3e96c671336fa5c7 Author: Venkata Prasad Potturu Date: Tue Sep 3 17:04:26 2024 +0530 ASoC: amd: acp: Add i2s master clock generation support for acp7.1 platform Add i2s master generation support for acp7.1 platform based on pci device id. Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20240903113427.182997-12-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit f6f7d25b11033bdbf25d800572c003fced21a035 Author: Venkata Prasad Potturu Date: Tue Sep 3 17:04:25 2024 +0530 ASoC: amd: acp: Add pte configuration for ACP7.0 platform Add page table entry configurations to support higher sample rate streams with multiple channels for ACP7.0 platforms. Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20240903113427.182997-11-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit b80d5a0c875fa0a708be24260d8f160d31273b1b Author: Venkata Prasad Potturu Date: Tue Sep 3 17:04:24 2024 +0530 ASoC: amd: acp: Add I2S TDM support for acp7.0 platform Add acp70 revision id to support I2S TDM. Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20240903113427.182997-10-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit b24df4fa40cc236ccea3de74d9cdb25c2906013b Author: Venkata Prasad Potturu Date: Tue Sep 3 17:04:23 2024 +0530 ASoC: amd: acp: Modify max channels and sample rate support for acp70 dai driver Modify max channels and max sample rate support in the dai driver for acp7.0 platform. Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20240903113427.182997-9-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit 13073ed06a9f0234033d31e0ccba1e3167d500a3 Author: Venkata Prasad Potturu Date: Tue Sep 3 17:04:22 2024 +0530 ASoC: amd: acp: Set i2s clock for acp7.0 platform Set i2s bclk and lrclk for acp7.0 platform. Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20240903113427.182997-8-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit fb2eaec6a38d853437c4a83b0c7168ef77536094 Author: Venkata Prasad Potturu Date: Tue Sep 3 17:04:21 2024 +0530 ASoC: amd: acp: Add I2S master clock generation support for acp7.0 platform Add I2S master clock generation support for acp7.0 platforms. Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20240903113427.182997-7-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit 7a040cc5579708a327b2d82caa26ab9a02623343 Author: Venkata Prasad Potturu Date: Tue Sep 3 17:04:20 2024 +0530 ASoC: amd: acp: Update pcm hardware capabilities for acp7.0 platform Update pcm hardware capabilities for acp7.0 platform. Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20240903113427.182997-6-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit 13aeb56e6dacaa392cde42df86096dfdbeef5ac4 Author: Venkata Prasad Potturu Date: Tue Sep 3 17:04:19 2024 +0530 ASoC: amd: acp: Add I2S TDM support for acp6.3 platform Add slots selection and 32-channels TDM support for acp6.3 platform. Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20240903113427.182997-5-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit 973e9edea93943924638040f9c6eb849163bd421 Author: Venkata Prasad Potturu Date: Tue Sep 3 17:04:18 2024 +0530 ASoC: amd: acp: Update pcm hardware capabilities for acp6.3 platform Update pcm hardware capabilities based on acp revision id. Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20240903113427.182997-4-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit 093184a3fe443f31a13ffa5d8d6d29ae68a4335d Author: Venkata Prasad Potturu Date: Tue Sep 3 17:04:17 2024 +0530 ASoC: amd: acp: Refactor I2S dai driver All I2S instances are connected to different powertile form acp6.0 onwards, refactor dai driver to support all I2S instances for all acp platforms. Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20240903113427.182997-3-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit cd60dec8994cf0626faf80a67be9350ae335f7e9 Author: Venkata Prasad Potturu Date: Tue Sep 3 17:04:16 2024 +0530 ASoC: amd: acp: Refactor TDM slots selction based on acp revision id Refactor TDM slots selection based on acp revision id. Signed-off-by: Venkata Prasad Potturu Link: https://patch.msgid.link/20240903113427.182997-2-venkataprasad.potturu@amd.com Signed-off-by: Mark Brown commit 251efae73bd46b097deec4f9986d926813aed744 Author: He Lugang Date: Tue Aug 27 10:56:05 2024 +0800 HID: multitouch: Add support for lenovo Y9000P Touchpad The 2024 Lenovo Y9000P which use GT7868Q chip also needs a fixup. The information of the chip is as follows: I2C HID v1.00 Mouse [GXTP5100:00 27C6:01E0] Signed-off-by: He Lugang Signed-off-by: Jiri Kosina commit 92ff90cffbeef9b1a4983017555a194f8bc83f77 Author: Heiko Stuebner Date: Fri Aug 30 22:38:18 2024 +0200 ASoC: dt-bindings: realtek,rt5616: Document audio graph port The codec can be used in conjunction with an audio-graph-card to provide an endpoint for binding with the other side of the audio link. Document the 'port' property that is used for this to prevent dtbscheck errors like: rockchip/rk3588-nanopc-t6-lts.dtb: codec@1b: Unevaluated properties are not allowed ('port' was unexpected) from schema $id: http://devicetree.org/schemas/sound/realtek,rt5616.yaml# Signed-off-by: Heiko Stuebner Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240830203819.1972536-3-heiko@sntech.de Signed-off-by: Mark Brown commit ea8f615b399988abd801fa52a5eb631d826d0ba4 Author: Heiko Stuebner Date: Fri Aug 30 22:38:17 2024 +0200 ASoC: dt-bindings: realtek,rt5616: document mclk clock Both devicetrees and driver implementation already use the specified mclk in the field, so at least document the clock too, similarly to other Realtek codec. This has the nice additional effect of getting rid of dtbscheck warning. Signed-off-by: Heiko Stuebner Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240830203819.1972536-2-heiko@sntech.de Signed-off-by: Mark Brown commit 8417b265e1e6cf5101edc3a1a0fb219db20f554e Author: Chen Ni Date: Tue Sep 3 10:44:02 2024 +0800 HID: amd_sfh: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Acked-by: Basavaraj Natikar Signed-off-by: Jiri Kosina commit bf62a8c7908ee8e0ef61d27d9ff65bf12f41fb0a Author: Nathan Chancellor Date: Mon Sep 2 17:43:06 2024 -0700 spi: Revert "spi: Insert the missing pci_dev_put()before return" Commit 8a0ec8c2d736 ("spi: Insert the missing pci_dev_put()before return") added two uses of pci_dev_put() with an uninitialized dma_dev, resulting in the following compiler warnings (or errors with CONFIG_WERROR) when building with clang: drivers/spi/spi-pxa2xx-pci.c:150:15: error: variable 'dma_dev' is uninitialized when used here [-Werror,-Wuninitialized] 150 | pci_dev_put(dma_dev); | ^~~~~~~ drivers/spi/spi-pxa2xx-pci.c:228:15: error: variable 'dma_dev' is uninitialized when used here [-Werror,-Wuninitialized] 228 | pci_dev_put(dma_dev); | ^~~~~~~ Commit 609d7ffdc421 ("spi: pxa2xx-pci: Balance reference count for PCI DMA device") added a call to pci_dev_put() via devm_add_action_or_reset() in case of failures, so the recent change was incorrect for multiple reasons. Revert it altogether. Fixes: 8a0ec8c2d736 ("spi: Insert the missing pci_dev_put()before return") Reported-by: Geert Uytterhoeven Closes: https://lore.kernel.org/CAMuHMdWNjo69_W6f+R9QJJOf8uF0htg2XazeS-yjugJv3UM+kg@mail.gmail.com/ Signed-off-by: Nathan Chancellor Link: https://patch.msgid.link/20240902-spi-revert-8a0ec8c2d736-v1-1-928b829fed2b@kernel.org Signed-off-by: Mark Brown commit a14e9323267d8f20bdb5a1cebc4abc5abd80cfb2 Author: tangbin Date: Tue Sep 3 17:03:01 2024 +0800 ASoC: loongson: remove unnecessary assignment in i2s_resume() In this function, the assignment ret is unnecessary, thus remove it. Signed-off-by: tangbin Link: https://patch.msgid.link/20240903090301.6192-1-tangbin@cmss.chinamobile.com Signed-off-by: Mark Brown commit d06651bebf99e51259ecfe9e63c42179abc1288c Author: Zhaoxiong Lv Date: Mon Jul 22 15:31:36 2024 +0800 HID: i2c-hid: elan: Add elan-ekth6a12nay timing Elan-ekth6a12nay requires reset to pull down time greater than 10ms, so the configuration post_power_delay_ms is 10, and the chipset initial time is required to be greater than 300ms, so the post_gpio_reset_on_delay_ms is set to 300. Reviewed-by: Douglas Anderson Signed-off-by: Zhaoxiong Lv Signed-off-by: Jiri Kosina commit e0808d7a63b8c03ea4f55b31b5cef4221eae9f34 Author: Zhaoxiong Lv Date: Mon Jul 22 15:31:35 2024 +0800 dt-bindings: HID: i2c-hid: elan: Introduce Elan ekth6a12nay The Elan ekth6a12nay touch screen chip same as Elan eKTH6915 controller has a reset gpio. The difference is that they have different post_power_delay_ms. Acked-by: Rob Herring (Arm) Signed-off-by: Zhaoxiong Lv Signed-off-by: Jiri Kosina commit fea64fa04c31426eae512751e0c5342345c5741c Author: Uros Bizjak Date: Fri Aug 30 10:33:52 2024 +0200 devres: Correclty strip percpu address space of devm_free_percpu() argument devm_free_percpu() calls devres_release() with a pointer in percpu address space. devres_release() expects pointers in the generic address space, so address space needs to be stripped from the argument. When strict percpu address space checks are enabled, then the current direct cast from the percpu address space to the generic address space fails the compilation on x86_64 with: devres.c:1234:32: error: cast to generic address space pointer from disjoint ‘__seg_gs’ address space pointer Add intermediate casts to unsigned long to remove address space of the pointer before casting it to the generic AS, as advised in [1] and [2]. Side note: sparse still requires __force, although the documentation [2] allows casts to unsigned long without __force attribute. Found by GCC's named address space checks. There were no changes in the resulting object file. [1] https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html#x86-Named-Address-Spaces [2] https://sparse.docs.kernel.org/en/latest/annotations.html#address-space-name Signed-off-by: Uros Bizjak Cc: Greg Kroah-Hartman Cc: Rafael J. Wysocki Link: https://lore.kernel.org/r/20240830083406.9695-1-ubizjak@gmail.com Signed-off-by: Greg Kroah-Hartman commit 903c44939abc02e2f3d6f2ad65fa090f7e5df5b6 Author: Zijun Hu Date: Sat Aug 24 17:07:43 2024 +0800 driver core: Make parameter check consistent for API cluster device_(for_each|find)_child() The following API cluster takes the same type parameter list, but do not have consistent parameter check as shown below. device_for_each_child(struct device *parent, ...) // check (!parent->p) device_for_each_child_reverse(struct device *parent, ...) // same as above device_find_child(struct device *parent, ...) // check (!parent) Fixed by using consistent check (!parent || !parent->p) which covers both existing checks for the cluster. Signed-off-by: Zijun Hu Link: https://lore.kernel.org/r/20240824-const_dfc_prepare-v3-1-32127ea32bba@quicinc.com Signed-off-by: Greg Kroah-Hartman commit 8ab0f4605d5ce3c0d386b3828b07719f1e8e0505 Author: Kunwu Chan Date: Fri Aug 23 14:24:40 2024 +0800 bus: fsl-mc: make fsl_mc_bus_type const Since commit d492cc2573a0 ("driver core: device.h: make struct bus_type a const *"), the driver core can properly handle constant struct bus_type, move the fsl_mc_bus_type variable to be a constant structure as well, placing it into read-only memory which can not be modified at runtime. Cc: Greg Kroah-Hartman Suggested-by: Greg Kroah-Hartman Signed-off-by: Kunwu Chan Acked-by: Christophe Leroy # for Link: https://lore.kernel.org/r/20240823062440.113628-1-kunwu.chan@linux.dev Signed-off-by: Greg Kroah-Hartman commit 54f1a107bd034e8d9052f5642280876090ebe31c Merge: 5ceb87dc76ab26 f5f840de659b39 Author: Paolo Abeni Date: Tue Sep 3 13:07:29 2024 +0200 Merge branch 'cleanup-chelsio-driver-declarations' Yue Haibing says: ==================== cleanup chelsio driver declarations v2: correct patch 3 commit citation ==================== Link: https://patch.msgid.link/20240830093338.3742315-1-yuehaibing@huawei.com Signed-off-by: Paolo Abeni commit f5f840de659b39e7b3f285a2bb5117dd27bf0912 Author: Yue Haibing Date: Fri Aug 30 17:33:38 2024 +0800 cxgb: Remove unused declarations These functions were never implenmented since introduction in commit 8199d3a79c22 ("[PATCH] A new 10GB Ethernet Driver by Chelsio Communications") Signed-off-by: Yue Haibing Reviewed-by: Simon Horman Signed-off-by: Paolo Abeni commit 17d8aa831aa0d7335e86d544441bfdf65bb3497f Author: Yue Haibing Date: Fri Aug 30 17:33:37 2024 +0800 cxgb4: Remove unused declarations Commit e2d14b42c25c ("cxgb4: Remove WOL get/set ethtool support") removed t4_wol_magic_enable() and t4_wol_pat_enable() but leave declarations. Commit 02d805dc5fe3 ("cxgb4: use new fw interface to get the VIN and smt index") leave behind cxgb4_tp_smt_idx(). cxgb4_dcb_set_caps() is never implemented and used since introduction in commit 76bcb31efc06 ("cxgb4 : Add DCBx support codebase and dcbnl_ops"). Reviewed-by: Simon Horman Signed-off-by: Yue Haibing Signed-off-by: Paolo Abeni commit bd11198da8ac239c0e831ac476490fd38db9cc37 Author: Yue Haibing Date: Fri Aug 30 17:33:36 2024 +0800 cxgb3: Remove unused declarations Commit 4d22de3e6cc4 ("Add support for the latest 1G/10G Chelsio adapter, T3.") declared but never implemented these. Reviewed-by: Simon Horman Signed-off-by: Yue Haibing Signed-off-by: Paolo Abeni commit ba82e10c3c6b5b5d2c8279a8bd0dae5c2abaacfc Author: Stuart Hayes Date: Thu Aug 22 15:28:05 2024 -0500 nvme-pci: Make driver prefer asynchronous shutdown Set the driver default to enable asynchronous shutdown. Signed-off-by: Stuart Hayes Signed-off-by: David Jeffery Reviewed-by: Sagi Grimberg Reviewed-by: Christoph Hellwig Reviewed-by: Keith Busch Tested-by: Keith Busch Link: https://lore.kernel.org/r/20240822202805.6379-5-stuart.w.hayes@gmail.com Signed-off-by: Greg Kroah-Hartman commit 8064952c65045f05ee2671fe437770e50c151776 Author: Stuart Hayes Date: Thu Aug 22 15:28:04 2024 -0500 driver core: shut down devices asynchronously Add code to allow asynchronous shutdown of devices, ensuring that each device is shut down before its parents & suppliers. Only devices with drivers that have async_shutdown_enable enabled will be shut down asynchronously. This can dramatically reduce system shutdown/reboot time on systems that have multiple devices that take many seconds to shut down (like certain NVMe drives). On one system tested, the shutdown time went from 11 minutes without this patch to 55 seconds with the patch. Signed-off-by: Stuart Hayes Signed-off-by: David Jeffery Reviewed-by: Christoph Hellwig Reviewed-by: Sagi Grimberg Reviewed-by: Keith Busch Tested-by: Keith Busch Link: https://lore.kernel.org/r/20240822202805.6379-4-stuart.w.hayes@gmail.com Signed-off-by: Greg Kroah-Hartman commit 95dc7565253a8564911190ebd1e4ffceb4de208a Author: Stuart Hayes Date: Thu Aug 22 15:28:03 2024 -0500 driver core: separate function to shutdown one device Make a separate function for the part of device_shutdown() that does the shutown for a single device. This is in preparation for making device shutdown asynchronous. Signed-off-by: Stuart Hayes Signed-off-by: David Jeffery Reviewed-by: Christoph Hellwig Reviewed-by: Sagi Grimberg Reviewed-by: Keith Busch Tested-by: Keith Busch Link: https://lore.kernel.org/r/20240822202805.6379-3-stuart.w.hayes@gmail.com Signed-off-by: Greg Kroah-Hartman commit ba6353748e71bd1d7e422fec2b5c2e2dfc2e3bd9 Author: Stuart Hayes Date: Thu Aug 22 15:28:02 2024 -0500 driver core: don't always lock parent in shutdown Don't lock a parent device unless it is needed in device_shutdown. This is in preparation for making device shutdown asynchronous, when it will be needed to allow children of a common parent to shut down simultaneously. Signed-off-by: Stuart Hayes Signed-off-by: David Jeffery Reviewed-by: Sagi Grimberg Reviewed-by: Christoph Hellwig Reviewed-by: Keith Busch Tested-by: Keith Busch Link: https://lore.kernel.org/r/20240822202805.6379-2-stuart.w.hayes@gmail.com Signed-off-by: Greg Kroah-Hartman commit 5ceb87dc76ab269c940541ad9487cf0f3c0c793d Author: Florian Westphal Date: Fri Aug 30 11:22:39 2024 +0200 selftests: netfilter: nft_queue.sh: fix spurious timeout on debug kernel The sctp selftest is very slow on debug kernels. Its possible that the nf_queue listener program exits due to timeout before first sctp packet is processed. In this case socat hangs until script times out. Fix this by removing the -t option where possible and kill the test program once the file transfer/socat has exited. -t sets SO_RCVTIMEO, its inteded for the 'ping' part of the selftest where we want to make sure that packets get reinjected properly without skipping a second queue request. While at it, add a helper to compare the (binary) files instead of diff. The 'diff' part was copied from a another sub-test that compares text. Let helper dump file sizes on error so we can see the progress made. Tested on an old 2010-ish box with a debug kernel and 100 iterations. This is a followup to the earlier filesize reduction change. Reported-by: Jakub Kicinski Closes: https://lore.kernel.org/netdev/20240829080109.GB30766@breakpoint.cc/ Fixes: 0a8b08c554da ("selftests: netfilter: nft_queue.sh: reduce test file size for debug build") Signed-off-by: Florian Westphal Link: https://patch.msgid.link/20240830092254.8029-1-fw@strlen.de Signed-off-by: Paolo Abeni commit 24e041e1e48d06f25a12caaf73728a4ec2e511fe Author: Kunwu Chan Date: Fri Aug 23 15:55:44 2024 +0800 platform: Make platform_bus_type constant Since commit d492cc2573a0 ("driver core: device.h: make struct bus_type a const *"), the driver core can properly handle constant struct bus_type, move the platform_bus_type variable to be a constant structure as well, placing it into read-only memory which can not be modified at runtime. Cc: Greg Kroah-Hartman Suggested-by: Greg Kroah-Hartman Signed-off-by: Kunwu Chan Link: https://lore.kernel.org/r/20240823075544.144426-1-kunwu.chan@linux.dev Signed-off-by: Greg Kroah-Hartman commit a169a663bfa8198f33a5c1002634cc89e5128025 Author: Zijun Hu Date: Thu Aug 22 20:38:35 2024 +0800 driver core: class: Check namespace relevant parameters in class_register() Device class has two namespace relevant fields which are usually associated by the following usage: struct class { ... const struct kobj_ns_type_operations *ns_type; const void *(*namespace)(const struct device *dev); ... } if (dev->class && dev->class->ns_type) dev->class->namespace(dev); (1) The usage looks weird since it checks @ns_type but calls namespace() (2) The usage implies both fields have dependency but their dependency is not currently enforced yet. It is found for all existing class definitions that the other filed is also assigned once one is assigned in current kernel tree. Fixed by enforcing above existing dependency that both fields are required for a device class to support namespace via parameter checks. Signed-off-by: Zijun Hu Link: https://lore.kernel.org/r/20240822-class_fix-v1-1-2a6d38ba913a@quicinc.com Signed-off-by: Greg Kroah-Hartman commit 4a74f22386ccb1ddd06eb242bdd02548a7199bda Author: Yuesong Li Date: Wed Aug 21 12:04:32 2024 +0800 driver:base:core: Adding a "Return:" line in comment for device_link_add() The original document doesn't explain the return value directly which leads to confusing in error checking. You can find the reason here: Link: https://lore.kernel.org/all/1d4c39e109bcf288d5900670e024a315.sboyd@kernel.org/ Signed-off-by: Yuesong Li Link: https://lore.kernel.org/r/20240821040432.4049183-1-liyuesong@vivo.com Signed-off-by: Greg Kroah-Hartman commit 4c93b0bc8645a74fb54f89d80faad55ac2b61f6f Merge: c55f34a7a1c347 e8ac8974451e67 Author: Paolo Abeni Date: Tue Sep 3 12:54:46 2024 +0200 Merge branch 'net-simplified-with-scoped-function' Jinjie Ruan says: ==================== net: Simplified with scoped function Simplify with scoped for each OF child loop, as well as dev_err_probe(). Changes in v4: - Drop the fix patch and __free() patch. - Rebased on the fix patch has been stripped out. - Remove the extra parentheses. - Ensure Signed-off-by: should always be last. - Add Reviewed-by. - Update the cover letter commit message. Changes in v3: - Sort the variables, longest first, shortest last. - Add Reviewed-by. Changes in v2: - Subject prefix: next -> net-next. - Split __free() from scoped for each OF child loop clean. - Fix use of_node_put() instead of __free() for the 5th patch. ==================== Link: https://patch.msgid.link/20240830031325.2406672-1-ruanjinjie@huawei.com Signed-off-by: Paolo Abeni commit e8ac8974451e6731cd3f4db6a664cc59d73c0d7b Author: Jinjie Ruan Date: Fri Aug 30 11:13:25 2024 +0800 net: bcmasp: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Reviewed-by: Florian Fainelli Reviewed-by: Justin Chen Reviewed-by: Andrew Lunn Reviewed-by: Jonathan Cameron Signed-off-by: Jinjie Ruan Signed-off-by: Paolo Abeni commit f834d572b7e995fa443f802da0f19d9c1285f41b Author: Jinjie Ruan Date: Fri Aug 30 11:13:24 2024 +0800 net: dsa: microchip: Use scoped function to simplfy code Avoids the need for manual cleanup of_node_put() in early exits from the loop by using for_each_available_child_of_node_scoped(). Reviewed-by: Andrew Lunn Reviewed-by: Jonathan Cameron Signed-off-by: Jinjie Ruan Reviewed-by: Florian Fainelli Signed-off-by: Paolo Abeni commit 3a3eea209e6d3c1ad3b8b3155a4350caf1d7fa16 Author: Jinjie Ruan Date: Fri Aug 30 11:13:23 2024 +0800 net: mv643xx_eth: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Reviewed-by: Andrew Lunn Reviewed-by: Jonathan Cameron Signed-off-by: Jinjie Ruan Reviewed-by: Florian Fainelli Signed-off-by: Paolo Abeni commit 4078513fc86c354e768954e8ebb67bc2bbddf69d Author: Jinjie Ruan Date: Fri Aug 30 11:13:22 2024 +0800 net: mdio: mux-mmioreg: Simplified with dev_err_probe() Use the dev_err_probe() helper to simplify code. Reviewed-by: Jonathan Cameron Signed-off-by: Jinjie Ruan Reviewed-by: Florian Fainelli Signed-off-by: Paolo Abeni commit b00f7f4f8e936da55f2e6c7fd96391ef54c145fc Author: Jinjie Ruan Date: Fri Aug 30 11:13:21 2024 +0800 net: mdio: mux-mmioreg: Simplified with scoped function Avoids the need for manual cleanup of_node_put() in early exits from the loop by using for_each_available_child_of_node_scoped(). Reviewed-by: Andrew Lunn Reviewed-by: Jonathan Cameron Signed-off-by: Jinjie Ruan Reviewed-by: Florian Fainelli Signed-off-by: Paolo Abeni commit 1dce520abd461efcaf4a5a942d8eb833eef52d0b Author: Jinjie Ruan Date: Fri Aug 30 11:13:20 2024 +0800 net: phy: Use for_each_available_child_of_node_scoped() Avoid need to manually handle of_node_put() by using for_each_available_child_of_node_scoped(), which can simplfy code. Reviewed-by: Andrew Lunn Reviewed-by: Jonathan Cameron Signed-off-by: Jinjie Ruan Reviewed-by: Florian Fainelli Signed-off-by: Paolo Abeni commit 51c884291a94fd6598427d7d6c211f1f20780d57 Author: Jinjie Ruan Date: Fri Aug 30 11:13:19 2024 +0800 net: dsa: realtek: Use for_each_child_of_node_scoped() Avoid need to manually handle of_node_put() by using for_each_child_of_node_scoped(), which can simplfy code. Reviewed-by: Andrew Lunn Reviewed-by: Jonathan Cameron Signed-off-by: Jinjie Ruan Reviewed-by: Linus Walleij Reviewed-by: Florian Fainelli Signed-off-by: Paolo Abeni commit 81b4eb62878a6b6722f28e64e6c7d62bba07292b Author: Jinjie Ruan Date: Fri Aug 30 11:13:18 2024 +0800 net: stmmac: dwmac-sun8i: Use for_each_child_of_node_scoped() Avoid need to manually handle of_node_put() by using for_each_child_of_node_scoped(), which can simplfy code. Reviewed-by: Andrew Lunn Reviewed-by: Jonathan Cameron Signed-off-by: Jinjie Ruan Reviewed-by: Florian Fainelli Signed-off-by: Paolo Abeni commit b45ed06f46737f8c2ee65698f4305409f2386674 Author: Zijun Hu Date: Tue Aug 13 22:19:32 2024 +0800 drivers/base: Introduce device_match_t for device finding APIs There are several drivers/base APIs for finding a specific device, and they currently use the following good type for the @match parameter: int (*match)(struct device *dev, const void *data) Since these operations do not modify the caller-provided @*data, this type is worthy of a dedicated typedef: typedef int (*device_match_t)(struct device *dev, const void *data) Advantages of using device_match_t: - Shorter API declarations and definitions - Prevent further APIs from using a bad type for @match So introduce device_match_t and apply it to the existing (bus|class|driver|auxiliary)_find_device() APIs. Signed-off-by: Zijun Hu Link: https://lore.kernel.org/r/20240813-dev_match_api-v3-1-6c6878a99b9f@quicinc.com Signed-off-by: Greg Kroah-Hartman commit f0e5311aa8022107d63c54e2f03684ec097d1394 Author: Jann Horn Date: Wed Aug 28 01:45:48 2024 +0200 firmware_loader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hex numbers or such. However, there are a couple codepaths in the kernel where firmware file names contain string components that are passed through from a device or semi-privileged userspace; the ones I could find (not counting interfaces that require root privileges) are: - lpfc_sli4_request_firmware_update() seems to construct the firmware filename from "ModelName", a string that was previously parsed out of some descriptor ("Vital Product Data") in lpfc_fill_vpd() - nfp_net_fw_find() seems to construct a firmware filename from a model name coming from nfp_hwinfo_lookup(pf->hwinfo, "nffw.partno"), which I think parses some descriptor that was read from the device. (But this case likely isn't exploitable because the format string looks like "netronome/nic_%s", and there shouldn't be any *folders* starting with "netronome/nic_". The previous case was different because there, the "%s" is *at the start* of the format string.) - module_flash_fw_schedule() is reachable from the ETHTOOL_MSG_MODULE_FW_FLASH_ACT netlink command, which is marked as GENL_UNS_ADMIN_PERM (meaning CAP_NET_ADMIN inside a user namespace is enough to pass the privilege check), and takes a userspace-provided firmware name. (But I think to reach this case, you need to have CAP_NET_ADMIN over a network namespace that a special kind of ethernet device is mapped into, so I think this is not a viable attack path in practice.) Fix it by rejecting any firmware names containing ".." path components. For what it's worth, I went looking and haven't found any USB device drivers that use the firmware loader dangerously. Cc: stable@vger.kernel.org Reviewed-by: Danilo Krummrich Fixes: abb139e75c2c ("firmware: teach the kernel to load firmware files directly from the filesystem") Signed-off-by: Jann Horn Acked-by: Luis Chamberlain Link: https://lore.kernel.org/r/20240828-firmware-traversal-v3-1-c76529c63b5f@google.com Signed-off-by: Greg Kroah-Hartman commit 06b6879f0a07dd5c7a57b1ddaedbb0e4571d904b Merge: 57e8098a9a312d 0296f20c72d23f Author: Arnd Bergmann Date: Tue Sep 3 10:40:27 2024 +0000 Merge tag 'v6.12-rockchip-dts32-1' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip into soc/dt spidev on the elgin-r1 got a real compatible, the rk3128 could enable its VPU for video decoding and the rk3128 sfc node can use the clock constant now after the merge-window. * tag 'v6.12-rockchip-dts32-1' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip: ARM: dts: rockchip: Do not describe unexisting DAC device on rv1108-elgin-r1 ARM: dts: rockchip: Add vpu nodes for RK3128 ARM: dts: rockchip: use constant for HCLK_SFC on rk3128 Link: https://lore.kernel.org/r/3405397.RL5eaSpR8r@diego Signed-off-by: Arnd Bergmann commit 57e8098a9a312d2a8db185ea6aa956da388cf4d9 Merge: a86f3dc85fd5ba 78d500329b6521 Author: Arnd Bergmann Date: Tue Sep 3 10:38:36 2024 +0000 Merge tag 'v6.12-rockchip-dts64-1' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip into soc/dt New boards: Firefly PX30 Core SoM with JD4 baseboard, NanoPi 2S Plus, Taishan Pi RK3566, ODROID-M1S,NanoPC-T6 LTS, Cool Pi CM5 GenBook Big number of improvements for NanoPC-T6,QNAP-TS433 and FastRhino R66S With recent dtc changes making it into linux-next the Wolfvision Visualizer overlay finally compiles without warnings. And smaller number of improvements on a number of Radxa boards. Interesting new additions on a soc-level are the hardware RNG on rk3568, an additional sdmmc-controller (not supported before) on rk3328 and v4l video codecs for the rk3588 (decoding of h.264 amongst others). * tag 'v6.12-rockchip-dts64-1' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip: (62 commits) arm64: dts: rockchip: drop unsupported regulator-property from NanoPC-T6 arm64: dts: rockchip: drop unsupported regulator property from NanoPC-T6 arm64: dts: rockchip: use correct fcs,suspend-voltage-selector on NanoPC-T6 arm64: dts: rockchip: add Mask Rom key on NanoPC-T6 arm64: dts: rockchip: enable USB-C on NanoPC-T6 arm64: dts: rockchip: enable GPU on NanoPC-T6 arm64: dts: rockchip: add IR-receiver to NanoPC-T6 arm64: dts: rockchip: add SPI flash on NanoPC-T6 arm64: dts: rockchip: add NanoPC-T6 LTS arm64: dts: rockchip: move NanoPC-T6 parts to DTS arm64: dts: rockchip: prepare NanoPC-T6 for LTS board dt-bindings: arm: rockchip: Add NanoPC-T6 LTS arm64: dts: rockchip: disable display subsystem only for Radxa E25 arm64: dts: rockchip: enable PCIe on M.2 E key for Radxa ROCK 5A arm64: dts: rockchip: remove unnecessary properties for Radxa ROCK 5A arm64: dts: rockchip: add dts for LCKFB Taishan Pi RK3566 dt-bindings: arm: rockchip: Add LCKFB Taishan Pi RK3566 dt-bindings: vendor-prefixes: Add Shenzhen JLC Technology Group LCKFB arm64: dts: rockchip: Add Hardkernel ODROID-M1S dt-bindings: arm: rockchip: Add Hardkernel ODROID-M1S ... Link: https://lore.kernel.org/r/6322098.17fYzF0512@diego Signed-off-by: Arnd Bergmann commit a86f3dc85fd5bab69f50f1dd50208e4ea23c16d6 Merge: d3f92f5d8e0193 867bf1923200e6 Author: Arnd Bergmann Date: Tue Sep 3 10:36:57 2024 +0000 Merge tag 'at91-dt-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/at91/linux into soc/dt Microchip AT91 device tree updates for v6.12 It contains: - SAMA7G5-EK DTS was updated with EEPROM nodes containing Ethernet addresses (needed, at least, when U-Boot is removed from the booting chain) - 5V supplies were added to to MCP16502 PMIC nodes for better hardware description - cleanups around pinctrl nodes which removed many dtbs_check warnings; along with it the pinctrl documentation was converted to json schema - fixes for the RTC and RTT supply clocks on SAMA7G5 and SAM9X60 - other cleanups to fix dtbs_check warnings * tag 'at91-dt-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/at91/linux: ARM: dts: microchip: sama7g5: Fix RTT clock ARM: dts: microchip: sam9x60: Fix rtc/rtt clocks dt-bindings: pinctrl: Convert Atmel PIO3 pinctrl to json-schema ARM: dts: microchip: sam9x60: Remove additional compatible string from GPIO node ARM: dts: microchip: Remove additional compatible string from PIO3 pinctrl nodes ARM: dts: microchip: change to simple-mfd from simple-bus for PIO3 pinumux controller ARM: dts: microchip: sama5d29_curiosity: Add reg_5v to supply PMIC nodes ARM: dts: microchip: at91-sama5d27_wlsom1: Add reg_5v to supply PMIC nodes ARM: dts: microchip: at91-sama5d2_icp: Add reg_5v to supply PMIC nodes ARM: dts: microchip: at91-sama7g54_curiosity: Add reg_5v to supply PMIC nodes ARM: dts: microchip: at91-sama7g5ek: Add reg_5v to supply PMIC nodes ARM: dts: microchip: at91: align LED node name with bindings ARM: dts: microchip: sam9x60: Move i2c address/size to dtsi ARM: dts: microchip: at91-sama7g5ek: add EEPROMs Link: https://lore.kernel.org/r/20240901133110.2038675-2-claudiu.beznea@tuxon.dev Signed-off-by: Arnd Bergmann commit d3f92f5d8e0193407c6807ce3a3d16203c9ea533 Merge: ee11148c098fa6 93ff9686228aa7 Author: Arnd Bergmann Date: Tue Sep 3 10:34:39 2024 +0000 Merge tag 'tegra-for-6.12-arm64-dt' of https://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux into soc/dt arm64: tegra: Device tree changes for v6.12-rc1 This contains a slew of cleanups and consolidation changes for several Orin boards and also fix some minor issues and enable more features on the Jetson TX1. * tag 'tegra-for-6.12-arm64-dt' of https://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux: arm64: tegra: Add thermal nodes to AGX Orin SKU8 arm64: tegra: Move BPMP nodes to AGX Orin module arm64: tegra: Move padctl supply nodes to AGX Orin module arm64: tegra: Move AGX Orin nodes to correct location arm64: tegra: Combine IGX Orin board files arm64: tegra: Combine AGX Orin board files arm64: tegra: Add common nodes to AGX Orin module arm64: tegra: Wire up WiFi on Jetson TX1 module arm64: tegra: Wire up Bluetooth on Jetson TX1 module arm64: tegra: Wire up power sensors on Jetson TX1 DevKit arm64: tegra: Add p3767 PCIe C4 EP details arm64: tegra: Add Tegra234 PCIe C4 EP definition arm64: tegra: Add wp-gpio for P2597's external card slot arm64: tegra: Fix gpio for P2597 vmmc regulator arm64: tegra: Correct location of power-sensors for IGX Orin arm64: tegra: enable same UARTs for Orin NX/Nano arm64: tegra: Add DMA properties for Tegra234 UARTA Link: https://lore.kernel.org/r/20240830141004.3195210-5-thierry.reding@gmail.com Signed-off-by: Arnd Bergmann commit 072e18d63b91710b6469411030fcd6e7bc036bbc Author: Hongbo Li Date: Fri Aug 30 16:03:11 2024 +0800 misc: tsl2550: replace simple_strtoul to kstrtoul The function simple_strtoul performs no error checking in scenarios where the input value overflows the intended output variable. We can replace the use of the simple_strtoul with the safer alternatives kstrtoul. Signed-off-by: Hongbo Li Link: https://lore.kernel.org/r/20240830080311.3545307-1-lihongbo22@huawei.com Signed-off-by: Greg Kroah-Hartman commit e807c406a6b405518f420426665e2455f83ad8fc Author: Rob Herring (Arm) Date: Wed Aug 28 08:18:51 2024 -0500 misc: lis3lv02d: Fix incorrect of_get_property() usage The usage of of_get_property() is wrong. What's returned in "val" is the property's length, not the value. Fix this by using the preferred typed of_property_read_u32() function instead. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240828131851.3631855-1-robh@kernel.org Signed-off-by: Greg Kroah-Hartman commit 62c5a01a5711c8e4be8ae7b6f0db663094615d48 Author: Ma Ke Date: Wed Aug 28 21:18:14 2024 +0800 pps: add an error check in parport_attach In parport_attach, the return value of ida_alloc is unchecked, witch leads to the use of an invalid index value. To address this issue, index should be checked. When the index value is abnormal, the device should be freed. Found by code review, compile tested only. Cc: stable@vger.kernel.org Fixes: fb56d97df70e ("pps: client: use new parport device model") Signed-off-by: Ma Ke Acked-by: Rodolfo Giometti Link: https://lore.kernel.org/r/20240828131814.3034338-1-make24@iscas.ac.cn Signed-off-by: Greg Kroah-Hartman commit ee11148c098fa67c8a2ac1819024d97f0c2dd060 Merge: e2886f23d319c5 8f4c834d89150e Author: Arnd Bergmann Date: Tue Sep 3 10:32:43 2024 +0000 Merge tag 'tegra-for-6.12-arm-dt' of https://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux into soc/dt ARM: tegra: Device tree changes for v6.12-rc1 These patches add a bunch more features for the TF701T board and wire up the front panel LEDs on TrimSlice. * tag 'tegra-for-6.12-arm-dt' of https://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux: ARM: tegra: Wire up two front panel LEDs on TrimSlice ARM: tegra: tf701t: Configure USB ARM: tegra: tf701t: Use dedicated backlight regulator ARM: tegra: tf701t: Re-group GPIO keys ARM: tegra: tf701t: Bind WIFI SDIO and EMMC ARM: tegra: tf701t: Complete sound bindings ARM: tegra: tf701t: Adjust sensors nodes ARM: tegra: tf701t: Add Bluetooth node ARM: tegra: tf701t: Add HDMI bindings ARM: tegra: tf701t: Correct and complete PMIC and PMC bindings ARM: tegra: tf701t: Bind VDE device ARM: tegra: tf701t: Use unimomentary pinmux setup Link: https://lore.kernel.org/r/20240830141004.3195210-4-thierry.reding@gmail.com Signed-off-by: Arnd Bergmann commit e2886f23d319c5544a5e6f3d7e41d8975f4c3bdc Merge: 76ae26c4b9dda6 c20ebc7fbd2ac3 Author: Arnd Bergmann Date: Tue Sep 3 10:32:07 2024 +0000 Merge tag 'tegra-for-6.12-dt-bindings' of https://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux into soc/dt dt-bindings: Changes for v6.12-rc1 This adds compatible strings for all revisions of the Nyan board. * tag 'tegra-for-6.12-dt-bindings' of https://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux: dt-bindings: arm: tegra: Document Nyan, all revisions in kernel tree Link: https://lore.kernel.org/r/20240830141004.3195210-3-thierry.reding@gmail.com Signed-off-by: Arnd Bergmann commit 76ae26c4b9dda65ae1d3431b4852825e917078d9 Merge: 3b8b1ff762e9ca 9d4a984a53be22 Author: Arnd Bergmann Date: Tue Sep 3 10:31:31 2024 +0000 Merge tag 'juno-update-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux into soc/dt Armv8 Juno/FVP update for v6.12 Just a single update adding stdout-path to the fast models(FVP and Foundation) which eliminates the need to specify any platform-specific kernel command line parameters to get working earlycon or console. * tag 'juno-update-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux: arm64: dts: fvp: Set stdout-path to serial0 in the chosen node Link: https://lore.kernel.org/r/20240830135837.2383557-1-sudeep.holla@arm.com Signed-off-by: Arnd Bergmann commit 3b8b1ff762e9cafafae70b0f656b344cf6cc0c6a Merge: 01dc1baee8f977 4d06000979cda2 Author: Arnd Bergmann Date: Tue Sep 3 10:30:09 2024 +0000 Merge tag 'samsung-dt64-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux into soc/dt Samsung DTS ARM64 changes for v6.12 1. Exynos7885: Correct amount of RAM on Samsung Galaxy A8. 2. ExynosAutov9: Add new DPUM clock controller and DPUM IOMMU (SysMMU). 3. ExynosAutov920: Add initial (incomplete) clock controllers: TOP and PERIC0 controllers. 4. Google GS101: Add reboot and poweroff support. 5. Add binding headers with clock IDs for several devices, used by the DTS. * tag 'samsung-dt64-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux: arm64: dts: exynosautov920: add initial CMU clock nodes in ExynosAuto v920 dt-bindings: clock: add ExynosAuto v920 SoC CMU bindings arm64: dts: exynosautov9: Add dpum SysMMU arm64: dts: exynosautov9: add dpum clock DT nodes dt-bindings: clock: exynosautov9: add dpum clock dt-bindings: clock: exynos7885: Add indices for USB clocks dt-bindings: clock: exynos7885: Add CMU_TOP PLL MUX indices dt-bindings: clock: exynos7885: Fix duplicated binding dt-bindings: clock: exynos850: Add TMU clock arm64: dts: exynos: gs101: add syscon-poweroff and syscon-reboot nodes arm64: dts: exynos: exynos7885-jackpotlte: Correct RAM amount to 4GB Link: https://lore.kernel.org/r/20240827121638.29707-2-krzysztof.kozlowski@linaro.org Signed-off-by: Arnd Bergmann commit 01dc1baee8f977c1e898fa544ab0b26ccfc79980 Merge: ca947a4b03d7df ab7d885a33a7ef Author: Arnd Bergmann Date: Tue Sep 3 10:28:40 2024 +0000 Merge tag 'renesas-dts-for-v6.12-tag1' of https://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-devel into soc/dt Renesas DTS updates for v6.12 - Add support for sound, push switches, and GP LEDs on the Gray Hawk Single development board, - Add missing iommus properties on R-Car Gen3/Gen4 and RZ/G2 SoCs, - Add PWM support for the R-Car V4M SoC, - Improve Ethernet descriptions on the RZ/G2L, RZ/G2LC, and RZ/G2UL SMARC SoMs, - Add DMAC support for the RZ/G3S SoC, - Add CAN-FD support for the R-Car V4M SoC and the Gray Hawk Single development board. * tag 'renesas-dts-for-v6.12-tag1' of https://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-devel: (25 commits) arm64: dts: renesas: gray-hawk-single: Add CAN-FD support arm64: dts: renesas: r8a779h0: Add CAN-FD node arm64: dts: renesas: r9a08g045: Add DMAC node arm64: dts: renesas: rzg2ul: Set Ethernet PVDD to 1.8V arm64: dts: renesas: rzg2lc: Set Ethernet PVDD to 1.8V arm64: dts: renesas: rzg2l: Set Ethernet PVDD to 1.8V arm64: dts: renesas: rzg2ul: Enable Ethernet TXC output arm64: dts: renesas: rzg2lc: Enable Ethernet TXC output arm64: dts: renesas: rzg2l: Enable Ethernet TXC output arm64: dts: renesas: r8a779h0: Add PWM device nodes arm64: dts: renesas: gray-hawk-single: Add GP LEDs arm64: dts: renesas: gray-hawk-single: Add push switches arm64: dts: renesas: r8a779h0: Add missing iommus properties arm64: dts: renesas: r8a779g0: Add missing iommus properties arm64: dts: renesas: r8a779a0: Add missing iommus properties arm64: dts: renesas: r8a77980: Add missing iommus properties arm64: dts: renesas: r8a77970: Add missing iommus property arm64: dts: renesas: r8a77965: Add missing iommus properties arm64: dts: renesas: r8a77961: Add missing iommus properties arm64: dts: renesas: r8a77960: Add missing iommus properties ... Link: https://lore.kernel.org/r/cover.1724316485.git.geert+renesas@glider.be Signed-off-by: Arnd Bergmann commit ca947a4b03d7df64c362d98def7bbedb22662bb4 Merge: d846d5f1ba5cc4 9f766e8f5c2366 Author: Arnd Bergmann Date: Tue Sep 3 10:27:58 2024 +0000 Merge tag 'renesas-dt-bindings-for-v6.12-tag1' of https://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-devel into soc/dt Renesas DT binding updates for v6.12 - Document support for the Renesas RZ/G2M v3.0 (r8a774a3) SoC. * tag 'renesas-dt-bindings-for-v6.12-tag1' of https://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-devel: dt-bindings: reset: renesas: Document RZ/G2M v3.0 (r8a774a3) reset module dt-bindings: power: renesas: Document RZ/G2M v3.0 (r8a774a3) SYSC binding dt-bindings: soc: renesas: Document RZ/G2M v3.0 (r8a774a3) SoC Link: https://lore.kernel.org/r/cover.1724316483.git.geert+renesas@glider.be Signed-off-by: Arnd Bergmann commit d846d5f1ba5cc4c80adfd1450e6752d140148c85 Merge: 47ac09b91befbb 2d98fea7491a00 Author: Arnd Bergmann Date: Tue Sep 3 10:24:31 2024 +0000 Merge tag 'thead-dt-for-v6.12' of https://github.com/pdp7/linux into soc/dt T-HEAD Devicetrees for v6.12 Add SPI controller node to th1520.dtsi and enable spi0 on the BeagleV Ahead and LicheePi 4A. The TH1520 AP_SYS clock driver landed in v6.11 so convert multiple peripherals like mmc and uart from fixed clocks to the clock controller. All of these patches have been successfully tested in the latest linux-next releases. Signed-off-by: Drew Fustini * tag 'thead-dt-for-v6.12' of https://github.com/pdp7/linux: riscv: dts: thead: change TH1520 SPI node to use clock controller riscv: dts: thead: add clock to TH1520 gpio nodes riscv: dts: thead: update TH1520 dma and timer nodes to use clock controller riscv: dts: thead: change TH1520 mmc nodes to use clock controller riscv: dts: thead: change TH1520 uart nodes to use clock controller riscv: dts: thead: Add TH1520 AP_SUBSYS clock controller riscv: dts: thead: add basic spi node Link: https://lore.kernel.org/r/ZsWs8QiVruMXjzPc@x1 Signed-off-by: Arnd Bergmann commit 78b7ade94fe3e9508ce45ed7139efde41dd94697 Merge: a9e8c7dbb9b91c 12803ded10b88b Author: Arnd Bergmann Date: Tue Sep 3 10:22:32 2024 +0000 Merge tag 'tegra-for-6.12-arm64-defconfig' of https://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux into soc/defconfig arm64: Default configuration changes for v6.12-rc1 This contains a single change to enable the Tegra194 PCIe endpoint driver by default. * tag 'tegra-for-6.12-arm64-defconfig' of https://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux: arm64: defconfig: Enable Tegra194 PCIe Endpoint Link: https://lore.kernel.org/r/20240830141004.3195210-6-thierry.reding@gmail.com Signed-off-by: Arnd Bergmann commit a9e8c7dbb9b91cd5492bc464ae717c045ab1ae82 Merge: 636348dd90e438 84542dfad12252 Author: Arnd Bergmann Date: Tue Sep 3 10:20:40 2024 +0000 Merge tag 'renesas-arm-defconfig-for-v6.12-tag1' of https://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-devel into soc/defconfig Renesas ARM defconfig updates for v6.12 - Enable support for AK4619 codecs and Renesas R-Car Ethernet-TSN controllers in the ARM64 defconfig, - Enable slab hardening and kmalloc buckets in the Renesas ARM defconfig. * tag 'renesas-arm-defconfig-for-v6.12-tag1' of https://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-devel: arm64: defconfig: Enable R-Car Ethernet-TSN support ARM: shmobile: defconfig: Enable slab hardening and kmalloc buckets arm64: defconfig: Enable AK4619 codec support Link: https://lore.kernel.org/r/cover.1724316480.git.geert+renesas@glider.be Signed-off-by: Arnd Bergmann commit 636348dd90e438a88582fa6fa8c0b9224ee19a89 Merge: 47ac09b91befbb cffa8c8026e17e Author: Arnd Bergmann Date: Tue Sep 3 10:19:35 2024 +0000 Merge tag 'at91-defconfig-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/at91/linux into soc/defconfig Microchip AT91 defconfig updates for v6.12 It contains: - SAM9X7 SoC defconfig flag enablement * tag 'at91-defconfig-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/at91/linux: ARM: configs: at91: enable config flags for sam9x7 SoC family Link: https://lore.kernel.org/r/20240901133110.2038675-1-claudiu.beznea@tuxon.dev Signed-off-by: Arnd Bergmann commit 7d35a0060392af796cc4e08780d7b71d1fc71e5e Author: Takashi Sakamoto Date: Tue Sep 3 19:15:23 2024 +0900 firewire: ohci: obsolete direct usage of printk_ratelimit() A commit 77006a0a8282 ("ratelimit: add comment warning people off printk_ratelimit()") has already deprecated printk_ratelimit(). This commit uses alternative functions to obsolete its usage. Link: https://lore.kernel.org/r/20240903101523.317110-1-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit cd7023729877e41f958178e9aa9cc86e71246e34 Author: Takashi Sakamoto Date: Tue Sep 3 19:14:55 2024 +0900 firewire: ohci: deprecate debug parameter Many tracepoints events have been added to 6.10 and 6.11 kernels. They are available as an alternative of debug parameter in firewire-ohci module. The logging messages enabled by the parameter require some cumbersomes in a point of maintenance; e.g. the code to decode transaction frame. This commit adds deprecation text to conduct users to them.. Link: https://lore.kernel.org/r/20240903101455.317067-1-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 43027957e87fe18afd9ab872915bf4012d53929d Author: Frank Li Date: Mon Sep 2 15:29:52 2024 +0100 dt-bindings: nvmem: sfp: add ref to nvmem-deprecated-cells.yaml Add ref nvmem-deprecated-cells.yaml to support old style binding. Fix below CHECK_DTBS warning. efuse@1e80000: Unevaluated properties are not allowed ('unique-id@1c' was unexpected) Signed-off-by: Frank Li Reviewed-by: Krzysztof Kozlowski Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240902142952.71639-10-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit 3a2de36d20b8be36389dc44a57a966030047ded1 Author: Matthew Wilcox Date: Mon Sep 2 15:29:51 2024 +0100 nvmem: Fix misspelling There is no function called kstrbool(). Signed-off-by: Matthew Wilcox (Oracle) Reviewed-by: Marek Vasut Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240902142952.71639-9-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit 98ee46391baf35987227236d0c3bb30ab6e758c8 Author: Zhang Zekun Date: Mon Sep 2 15:29:50 2024 +0100 nvmem: sunplus-ocotp: Use devm_platform_ioremap_resource_byname() helper function platform_get_resource_byname() and devm_ioremap_resource() can be replaced by devm_platform_ioremap_resource_byname(), which can simplify the code logic a bit, No functional change here. Signed-off-by: Zhang Zekun Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240902142952.71639-8-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit cdb63c73fa513df9a2d7253e4f9cdcd18b5ceb56 Author: Krzysztof Kozlowski Date: Mon Sep 2 15:29:49 2024 +0100 dt-bindings: nvmem: st,stm32-romem: add missing "unevaluatedProperties" on child nodes All nodes need an explicit additionalProperties or unevaluatedProperties unless a $ref has one that's false. Fixing this for STM32 Factory-programmed data binding needs referencing fixed layout schema for children. Add reference to the NVMEM deprecated cells for the schema to be complete. This fixes dt_binding_check warning: st,stm32-romem.yaml: ^.*@[0-9a-f]+$: Missing additionalProperties/unevaluatedProperties constraint Signed-off-by: Krzysztof Kozlowski Acked-by: Conor Dooley Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240902142952.71639-7-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit 2fcea44e1ba16c55f4602948d2d43f3a365d6070 Author: Rafał Miłecki Date: Mon Sep 2 15:29:46 2024 +0100 dt-bindings: nvmem: convert U-Boot env to a layout U-Boot environment variables can be stored in various data sources. MTD is just one of available options. Refactor DT binding into a layout so it can be used with UBI volumes and other NVMEM devices. Link: https://lore.kernel.org/all/20231221173421.13737-1-zajec5@gmail.com/ Signed-off-by: Rafał Miłecki Reviewed-by: Rob Herring (Arm) Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240902142952.71639-4-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit c3f9b7b4e5f9de319d00784577cda42036ff243a Author: Peng Fan Date: Mon Sep 2 15:29:45 2024 +0100 nvmem: imx-ocotp-ele: support i.MX95 i.MX95 OCOTP has same accessing method, so add an entry for i.MX95, but some fuse has ECC feature, so only read out the lower 16bits for ECC fuses. Signed-off-by: Peng Fan Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240902142952.71639-3-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit 8ca1cfd6864011ebffcb329240aa471adca506be Author: Peng Fan Date: Mon Sep 2 15:29:44 2024 +0100 dt-bindings: nvmem: imx-ocotp: support i.MX95 Add i.MX95 ocotp compatible string Signed-off-by: Peng Fan Acked-by: Krzysztof Kozlowski Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240902142952.71639-2-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit 24d85d971b3ced4d5bde7ecd302e46c7c013462d Author: Bartosz Golaszewski Date: Mon Sep 2 15:18:21 2024 +0100 dt-bindings: misc: qcom,fastrpc: document new domain ID Add "cdsp1" as the new supported label for the CDSP1 fastrpc domain. Signed-off-by: Bartosz Golaszewski Reviewed-by: Krzysztof Kozlowski Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240902141821.70656-4-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit dd747494ae6affac59b83abc993091541477b639 Author: Ling Xu Date: Mon Sep 2 15:18:20 2024 +0100 misc: fastrpc: Add support for cdsp1 remoteproc The fastrpc supports 4 remoteproc. There are some products which support cdsp1 remoteproc. Add changes to support cdsp1 remoteproc. Signed-off-by: Ling Xu [Bartosz: ported to mainline] Signed-off-by: Bartosz Golaszewski Signed-off-by: Srinivas Kandagatla Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240902141821.70656-3-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit 9eb2c5faaafce10a9143c397ff63218f1c2115e5 Author: Bartosz Golaszewski Date: Mon Sep 2 15:18:19 2024 +0100 dt-bindings: misc: qcom,fastrpc: increase the max number of iommus The fastrpc components on the SA8775P SoC can require up to 10 IOMMU entries. Bump the maxItems. Signed-off-by: Bartosz Golaszewski Acked-by: Krzysztof Kozlowski Signed-off-by: Srinivas Kandagatla Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240902141821.70656-2-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit b4b8183055789b0d981e83217ce401db8037d033 Author: Masahiro Yamada Date: Mon Sep 2 15:10:04 2024 +0100 slimbus: generate MODULE_ALIAS() from MODULE_DEVICE_TABLE() Commit 9e663f4811c6 ("slimbus: core: add support to uevent") added the MODALIAS=slim:* uevent variable, but modpost does not generate the corresponding MODULE_ALIAS(). To support automatic module loading, slimbus drivers still need to manually add MODULE_ALIAS("slim:::*"), as seen in sound/soc/codecs/wcd9335.c. To automate this, make modpost generate the proper MODULE_ALIAS() from MODULE_DEVICE_TABLE(slim, ). Signed-off-by: Masahiro Yamada Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240902141004.70048-5-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit 088c588fffbf952bb7210c58a00e6dd3089cf88e Author: Wolfram Sang Date: Mon Sep 2 15:10:03 2024 +0100 slimbus: qcom-ngd-ctrl: use 'time_left' variable with wait_for_completion_timeout() There is a confusing pattern in the kernel to use a variable named 'timeout' to store the result of wait_for_completion_timeout() causing patterns like: timeout = wait_for_completion_timeout(...) if (!timeout) return -ETIMEDOUT; with all kinds of permutations. Use 'time_left' as a variable to make the code self explaining. Fix to the proper variable type 'unsigned long' while here. Signed-off-by: Wolfram Sang Signed-off-by: Srinivas Kandagatla Reviewed-by: Bjorn Andersson Link: https://lore.kernel.org/r/20240902141004.70048-4-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit 9c6fd5fc98d21cdd2027f702463946b327ff22ee Author: Wolfram Sang Date: Mon Sep 2 15:10:02 2024 +0100 slimbus: qcom-ctrl: use 'time_left' variable with wait_for_completion_timeout() There is a confusing pattern in the kernel to use a variable named 'timeout' to store the result of wait_for_completion_timeout() causing patterns like: timeout = wait_for_completion_timeout(...) if (!timeout) return -ETIMEDOUT; with all kinds of permutations. Use 'time_left' as a variable to make the code self explaining. Fix to the proper variable type 'unsigned long' while here. Signed-off-by: Wolfram Sang Signed-off-by: Srinivas Kandagatla Reviewed-by: Bjorn Andersson Link: https://lore.kernel.org/r/20240902141004.70048-3-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit eee75a3a3ba35fdc7723465d49314976b020a509 Author: Wolfram Sang Date: Mon Sep 2 15:10:01 2024 +0100 slimbus: messaging: use 'time_left' variable with wait_for_completion_timeout() There is a confusing pattern in the kernel to use a variable named 'timeout' to store the result of wait_for_completion_timeout() causing patterns like: timeout = wait_for_completion_timeout(...) if (!timeout) return -ETIMEDOUT; with all kinds of permutations. Use 'time_left' as a variable to make the code self explaining. Fix to the proper variable type 'unsigned long' while here. Signed-off-by: Wolfram Sang Signed-off-by: Srinivas Kandagatla Reviewed-by: Bjorn Andersson Link: https://lore.kernel.org/r/20240902141004.70048-2-srinivas.kandagatla@linaro.org Signed-off-by: Greg Kroah-Hartman commit 59d617dc727e06f97481331722b589715b3b4a87 Author: Ruffalo Lavoisier Date: Mon Sep 2 22:07:32 2024 +0900 binder: fix typo in comment Correct spelling on 'currently' in comment Signed-off-by: Ruffalo Lavoisier Acked-by: Carlos Llamas Link: https://lore.kernel.org/r/20240902130732.46698-1-RuffaloLavoisier@gmail.com Signed-off-by: Greg Kroah-Hartman commit a8fa6483b40943a6c8feea803a2dc8e9982cc766 Author: Mikulas Patocka Date: Tue Sep 3 11:50:11 2024 +0200 dm integrity: fix gcc 5 warning This commit fixes gcc 5 warning "logical not is only applied to the left hand side of comparison" Reported-by: Geert Uytterhoeven Fixes: fb0987682c62 ("dm-integrity: introduce the Inline mode") Signed-off-by: Mikulas Patocka commit aead27d77f3e703f6056e12fb19f48a426df2fd7 Merge: 88850f7ccaaca0 8de36789bd038a Author: Greg Kroah-Hartman Date: Tue Sep 3 12:08:18 2024 +0200 Merge tag 'fpga-for-6.12-rc1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/fpga/linux-fpga into char-misc-next Xu writes: FPGA Manager changes for 6.12-rc1 FPGA unit test: - Macro's change improves fpga tests using deferred actions FPGA vendor drivers: - Wolfram's change renames confusing variables for Altera & Xilinx drivers. All patches have been reviewed on the mailing list, and have been in the last linux-next releases (as part of our for-next branch). Signed-off-by: Xu Yilun * tag 'fpga-for-6.12-rc1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/fpga/linux-fpga: fpga: zynq-fpga: Rename 'timeout' variable as 'time_left' fpga: socfpga: Rename 'timeout' variable as 'time_left' fpga: Simplify and improve fpga region test using deferred actions fpga: Simplify and improve fpga bridge test using deferred actions fpga: Simplify and improve fpga mgr test using deferred actions commit 88850f7ccaaca0dc3f8f70ff90d79a6215f7e7b3 Merge: f53835f110f199 988d40a4d4e7d6 Author: Greg Kroah-Hartman Date: Tue Sep 3 12:07:03 2024 +0200 Merge tag 'coresight-next-v6.12' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/coresight/linux into char-misc-next Suzuki writes: coresight: updates for Linux v6.12 CoreSight/hwtracing subsystem updates targeting Linux v6.12: - Miscellaneous fixes and cleanups - TraceID allocation per sink, allowing system with > 110 cores for perf tracing. Signed-off-by: Suzuki K Poulose * tag 'coresight-next-v6.12' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/coresight/linux: coresight: Make trace ID map spinlock local to the map coresight: Emit sink ID in the HW_ID packets coresight: Remove pending trace ID release mechanism coresight: Use per-sink trace ID maps for Perf sessions coresight: Make CPU id map a property of a trace ID map coresight: Expose map arguments in trace ID API coresight: Move struct coresight_trace_id_map to common header coresight: Clarify comments around the PID of the sink owner coresight: Remove unused ETM Perf stubs coresight: tmc: sg: Do not leak sg_table Coresight: Set correct cs_mode for dummy source to fix disable issue Coresight: Set correct cs_mode for TPDM to fix disable issue coresight: cti: use device_* to iterate over device child nodes commit 84294c81a53030ba4bfb5f219eec4272ceaac114 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:13:40 2024 +0200 i2c: simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Signed-off-by: Wolfram Sang commit 6c909b6e237c3bcb0bba028819e8fc496e716d67 Merge: 8d3cefaf659265 36e071d2a1522e Author: Wolfram Sang Date: Tue Sep 3 11:56:07 2024 +0200 Merge tag 'at24-updates-for-v6.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux into i2c/for-mergewindow at24 updates for v6.12-rc1 - document a new model from giantec in DT bindings commit a032b5fc24fc1ddff0dce662b2e2d367cc73f040 Author: Miri Korenblit Date: Sun Sep 1 07:17:57 2024 +0300 wifi: iwlwifi: mvm: properly set the rates in link cmd When a channel ctx is assigned to a link, we set the LINK_CONTEXT_MODIFY_RATES_INFO to indicate that the rate fields are now valid. But then we always take the rates of 2.4 GHz regardless of actual used band. This is because we are getting the band from bss_conf->chanctx_conf, but this is assigned only after drv_assign_vif_chanctx returns, so we take the bands of 2.4 GHz. Fix it by taking the band from the iwl_mvm_link_info::phy_ctxt instead, as this has already assigned in this point. Signed-off-by: Miri Korenblit Reviewed-by: Emmanuel Grumbach Link: https://patch.msgid.link/20240901071542.11c2d3609609.I8fa59e29b6bb38e5d06f3536d54dfb2c5d5bab11@changeid Signed-off-by: Johannes Berg commit 36dc21bce962a56f748eb3711f5f4e2c70544d06 Author: Daniel Gabay Date: Sun Sep 1 07:17:56 2024 +0300 wifi: iwlwifi: mvm: Remove unused last_sub_index from reorder buffer The last_sub_index field is not used and appears to be a leftover from a previous implementation, remove it. Signed-off-by: Daniel Gabay Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240901071542.da75cfef9144.I6e1fb635b2893618e6bd28501fb858042d8aa44e@changeid Signed-off-by: Johannes Berg commit 5b0c478378e5c82c4c372cf194a2438f8743abcf Author: Miri Korenblit Date: Sun Sep 1 07:17:55 2024 +0300 wifi: iwlwifi: mvm: remove mvm prefix from iwl_mvm_tx_resp* These are not mvm specific Signed-off-by: Miri Korenblit Reviewed-by: Emmanuel Grumbach Link: https://patch.msgid.link/20240901071542.22e28b56da2c.Ib859a05ed133fa5a1426c5feffa8999a18bba6f2@changeid Signed-off-by: Johannes Berg commit 530addf2d21fe11bffd1c441b541ab7047bbfd3a Author: Miri Korenblit Date: Sun Sep 1 07:17:54 2024 +0300 wifi: iwlwifi: s/iwl_mvm_remove_sta_cmd/iwl_remove_sta_cmd This is not mvm specific. Signed-off-by: Miri Korenblit Reviewed-by: Emmanuel Grumbach Link: https://patch.msgid.link/20240901071542.57efe93c2702.I4619885f691cc295cc440a62f23405392da338f4@changeid Signed-off-by: Johannes Berg commit 07aeccf161358b893e34376594a4cbcf95de3c06 Author: Miri Korenblit Date: Sun Sep 1 07:17:53 2024 +0300 wifi: iwlwifi: STA command structure shouldn't be mvm specific This strcuture is not specific to mvm, so rename it. Signed-off-by: Miri Korenblit Reviewed-by: Emmanuel Grumbach Link: https://patch.msgid.link/20240901071542.39c9ceea41d3.I2a06bfca589c467fa84ad82ff86e73ec82e72a5e@changeid Signed-off-by: Johannes Berg commit b61ed2b80911f981fa500252012330c54b9af5a0 Author: Miri Korenblit Date: Sun Sep 1 07:17:52 2024 +0300 wifi: iwlwifi: s/IWL_MVM_STATION_COUNT_MAX/IWL_STATION_COUNT_MAX This isn't mvm specific. Signed-off-by: Miri Korenblit Reviewed-by: Emmanuel Grumbach Link: https://patch.msgid.link/20240901071542.5d71a0a2b56c.I7e0fe636d914852963e7a2f5e6037d0c3e367145@changeid Signed-off-by: Johannes Berg commit 07fb53783be80ca14f08b07d83ed88727db48aac Author: Emmanuel Grumbach Date: Sun Sep 1 07:17:51 2024 +0300 wifi: iwlwifi: mvm: tell the firmware about CSA with mode=1 When we de-activate a link because it started a CSA with mode=1, we want to tell the firmware it can no longer transmit any frame for that link. The firmware will do that on its own if the CSA indication (beacon / action frame) was received on that same link, but with MLO, things got more complex and the firmware can't track cross link CSA. Tell the firmware if we de-activate a link because of CSA with mode=1 to prevent it from transmitting, even if it is only an NDP PM=1 frame that is part of the de-activation flow. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240901071542.4bef89d438d4.If7147a7a84054e67c05414c753d73f4e2e0e6e37@changeid Signed-off-by: Johannes Berg commit 1a7d2870f472db94d2dada643651f1e604c67bcf Author: Johannes Berg Date: Sun Sep 1 07:17:50 2024 +0300 wifi: iwlwifi: mvm: refactor scan channel description a bit The channel number is at the same position across all versions of the channel description struct, so move it out of the union that versions it. Also add __packed annotations to all of the sub-structs and the union so it's packed correctly, and fully document the structure. Signed-off-by: Johannes Berg Reviewed-by: Ilan Peer Reviewed-by: Daniel Gabay Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240901071542.e31623ae4201.I1ea69a8ec3d39492f39d84e31fb105b159359c28@changeid Signed-off-by: Johannes Berg commit 2c9ffe872e64f5aec12f2ff6cec1b7542569a88f Author: Simon Horman Date: Tue Sep 3 09:21:44 2024 +0100 wifi: cfg80211: wext: Update spelling and grammar Correct spelling in iw_handler.h. As reported by codespell. Also, while the "few shortcomings" line is being updated, correct its grammar. Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240903-wifi-spell-v2-1-bfcf7062face@kernel.org Signed-off-by: Johannes Berg commit 9f6b47907e2d01bfa90c3003e42b6dfeefd8d03a Author: Michal Wajdeczko Date: Mon Sep 2 21:07:26 2024 +0200 drm/xe: Remove redundant [drm] tag from xe_assert() message Since commit 178c0a33c421 ("drm/print: Add generic drm dev printk function") the output from drm_WARN() includes previously missing the [drm] tag, so now xe_assert() is printing it twice: [ ] xe 0000:00:02.0: [drm] [drm] Assertion `false` failed! Signed-off-by: Michal Wajdeczko Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240902190726.1748-1-michal.wajdeczko@intel.com commit c55f34a7a1c347afc4c7adc5639c9f7b3749a922 Merge: 075e3d30e4a3da a61fec1c87be68 Author: Paolo Abeni Date: Tue Sep 3 11:38:00 2024 +0200 Merge branch 'netdev_features-start-cleaning-netdev_features_t-up' Alexander Lobakin says: ==================== netdev_features: start cleaning netdev_features_t up NETDEV_FEATURE_COUNT is currently 64, which means we can't add any new features as netdev_features_t is u64. As per several discussions, instead of converting netdev_features_t to a bitmap, which would mean A LOT of changes, we can try cleaning up netdev feature bits. There's a bunch of bits which don't really mean features, rather device attributes/properties that can't be changed via Ethtool in any of the drivers. Such attributes can be moved to netdev private flags without losing any functionality. Start converting some read-only netdev features to private flags from the ones that are most obvious, like lockless Tx, inability to change network namespace etc. I was able to reduce NETDEV_FEATURE_COUNT from 64 to 60, which mean 4 free slots for new features. There are obviously more read-only features to convert, such as highDMA, "challenged VLAN", HSR (4 bits) - this will be done in subsequent series. Please note that currently netdev features are not uAPI/ABI by any means. Ethtool passes their names and bits to the userspace separately and there are no hardcoded names/bits in the userspace, so that new Ethtool could work on older kernels and vice versa. This, however, isn't true for Ethtools < 3.4. I haven't changed the bit positions of the already existing features and instead replaced the freed bits with stubs. But it's anyway theoretically possible that Ethtools older than 2011 will break. I hope no currently supported distros supply such an ancient version. Shell scripts also most likely won't break since the removed bits were always read-only, meaning nobody would try touching them from a script. ==================== Link: https://patch.msgid.link/20240829123340.789395-1-aleksander.lobakin@intel.com Signed-off-by: Paolo Abeni commit a61fec1c87be682b5c0fdba6074649c469c675a3 Author: Alexander Lobakin Date: Thu Aug 29 14:33:40 2024 +0200 netdev_features: remove NETIF_F_ALL_FCOE NETIF_F_ALL_FCOE is used only in vlan_dev.c, 2 times. Now that it's only 2 bits, open-code it and remove the definition from netdev_features.h. Suggested-by: Jakub Kicinski Signed-off-by: Alexander Lobakin Signed-off-by: Paolo Abeni commit 782dbbf589cd9082effaec522e3f1b4ce1594803 Author: Alexander Lobakin Date: Thu Aug 29 14:33:39 2024 +0200 netdev_features: convert NETIF_F_FCOE_MTU to dev->fcoe_mtu Ability to handle maximum FCoE frames of 2158 bytes can never be changed and thus more of an attribute, not a toggleable feature. Move it from netdev_features_t to "cold" priv flags (bitfield bool) and free yet another feature bit. Signed-off-by: Alexander Lobakin Signed-off-by: Paolo Abeni commit 05c1280a2bcfca187fe7fa90bb240602cf54af0a Author: Alexander Lobakin Date: Thu Aug 29 14:33:38 2024 +0200 netdev_features: convert NETIF_F_NETNS_LOCAL to dev->netns_local "Interface can't change network namespaces" is rather an attribute, not a feature, and it can't be changed via Ethtool. Make it a "cold" private flag instead of a netdev_feature and free one more bit. Signed-off-by: Alexander Lobakin Signed-off-by: Paolo Abeni commit 00d066a4d4edbe559ba6c35153da71d4b2b8a383 Author: Alexander Lobakin Date: Thu Aug 29 14:33:37 2024 +0200 netdev_features: convert NETIF_F_LLTX to dev->lltx NETIF_F_LLTX can't be changed via Ethtool and is not a feature, rather an attribute, very similar to IFF_NO_QUEUE (and hot). Free one netdev_features_t bit and make it a "hot" private flag. Signed-off-by: Alexander Lobakin Signed-off-by: Paolo Abeni commit beb5a9bea8239cdf4adf6b62672e30db3e9fa5ce Author: Alexander Lobakin Date: Thu Aug 29 14:33:36 2024 +0200 netdevice: convert private flags > BIT(31) to bitfields Make dev->priv_flags `u32` back and define bits higher than 31 as bitfield booleans as per Jakub's suggestion. This simplifies code which accesses these bits with no optimization loss (testb both before/after), allows to not extend &netdev_priv_flags each time, but also scales better as bits > 63 in the future would only add a new u64 to the structure with no complications, comparing to that extending ::priv_flags would require converting it to a bitmap. Note that I picked `unsigned long :1` to not lose any potential optimizations comparing to `bool :1` etc. Suggested-by: Jakub Kicinski Signed-off-by: Alexander Lobakin Signed-off-by: Paolo Abeni commit f53835f110f19934271c48f01e463c0aa302827d Merge: 10c8d1bd786508 c4b43d8336e52d Author: Greg Kroah-Hartman Date: Tue Sep 3 11:32:16 2024 +0200 Merge tag 'iio-for-6.12a' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/jic23/iio into char-misc-testing Jonathan writes: IIO: 1st set of new device support, features and cleanup for 6.12 Includes a merge of spi-mos-config branch from spi.git that brings support needed for the AD4000 driver. Lots of new device support this time including 9 new drivers and substantial changes to add new support to several more. New device support ------------------ Given we have a lot of new support, I've subcategorized them: Substantial changes, or new driver ********************************** adi,ad4000 - New driver for this high speed ADC. adi,ad4695 - New driver supporting AD4690, AD4696, AD4697 and AD4698 ADCs. - Follow up series added triggered buffer support. adi,ad7380 - Add support for single ended parts, AD7386, ADC7387, AD7388 and -4 variants. (driver previously only support differential parts). These variants have an additional front end MUX so only half the channels can be sampled efficiently. adi,ad9467 - Refactor and extend driver to support ad9643, ad9449 and ad9652 high speed ADCs. adi,adxl380 - New driver for this low power accelerometer. adi,ltc2664 - New driver supporting LTC2664 and LTC2672 DACs. microchip,pac1921 - New driver for this power/current monitor chip. rohm,bh1745 - New driver for this RGBC colour sensor. rohm,bu27034anuc - The original bu27034 was canceled before mass production, so the driver is modified to support the BU27034ANUC which had some significant differences. DT compatible changed to avoid chance of old driver ever binding to real hardware. sciosense,ens210 - New driver for ens210, ens210a, ens211, ens212, ens213a, and ens215 temperature and humidity sensors (all register compatible up to some conversion time differences) sensiron,sdp500 - New driver for this differential pressure sensor. tyhx,hx9023s - New driver to support this capacitive proximity sensor. Minor changes to support new devices ************************************ adi,adf4377 - Add support for the single output adf4378. kionix,kxcjk-1013 - Add support for KX022-1020 accelerometer (binding and ID table only) liteon,ltrf216a - Add support for ltr-308. A few minor differences in features set rockchip,saradc - Add ID for rk3576-saradc sensortek,stk3310 - Add ID for stk3013 proximity sensor which (despite documentation) has an ambient light sensor and is compatible with existing parts. Documentation updates --------------------- Generalize ABI docs for shunt resistor attribute Improve calibscale and calibbias related documentation. A couple of follow up patches to resolve duplicate documentation that resulted. New core features ----------------- backend - Add option for debugfs - useful for test pattern control - Use this for both adi-axi-adc and adi-axi-dac trigger suspend - Add functions to allow triggers to be suspended. This avoids problems when a device enters suspend to idle with a sysfs trigger. Use it for now in the bmi323 only. New driver features ------------------- adi,ad7192 - Add option to be a clock provider (+ additional clock config options) adi,ad7380 - Add documentation for this fairly new driver. adi,ad9461 - Provide control of test modes and backend validation blocks used to identify problems (via debugfs) adi,ad9739 - Add backend debugfs and docs for what is provided via adi-axi-dac avago,apds9960 - Add proximity and gesture calibration offset control bosch,bmp280 - Triggered buffer support including adding raw+scale output for sysfs. liteon,ltr390 - Add configuration of integration time and scale. stm,dfsdm - Convert this SD modulator driver to backend framework and add support for channel scaling + modern channel bindings. Treewide cleanup ---------------- iio_dev->masklength: Making it private. - Provide access function to read the core compute channel mask length and a macro to iterate over elements in the active_scan_mask. - Enables marking masklength __private preventing drivers from writing it without triggering a build warning whilst minimizing overhead in what are typically hot paths. - Convert all drivers and finally mark it private. Merge conflicts resolved in drivers applied after this point. Constify regmap_bus - These are never modified, so mark them const. Core cleanup ------------ backend - A few late breaking bits of feedback (unused variable, error messages) dma-buffer - Namespace exports. core - Drop unused assignment. Driver cleanup -------------- adi,ad4695 - Fixing binding to reflect that common-mode-channel is a scalar. adi,ad7280a - Use __free(kfree) to simplify freeing of receive buffer. adi,ad7606 - Various dt-binding cleanup and improvements. - Fix oversampling related gpio handling. - Make polarity of standby gpio match documentation. - use guard() to simplify lock handling. adi,ad7768 - Use device_for_each_child_node_scoped() instead of fwnode equivalent. adi,ad7124 - Reduce SPI transfers by avoiding separate writes to different fields in the same register. - Start the ADC in idle mode. adi,adis - Drop ifdefs in favor of IS_ENABLED. adi,admv8818 - Fix wrong ABI docs. asahi-kasei,ak8975 - Drop a prefix free compatible accidentally added recently. aspeed,adc - Use of_property_present() instead of of_find_property() to see if the property is there or not. atmel,at91, - Use __free(kfree) to simplify freeing of channel related array. bosch,bma400 - Use __free(kfree) to simplify freeing a locally allocated string. bosch,bmc150 - Add missing mount-matrix binding docs. bosch,bme680 - Fix read/write to ensure multiple necessary sequential reads without device configuration change. - Drop unnecessary type casts and use more appropriate data types. - Drop some left over ACPI code as ACPI support was removed due to invalid IDs (and no known users). - Sort headers consistently. - Avoid unnecessary duplicate read and redundant read of gas config. - Use bulk reads to get calibration data. - Reorder allocation of IIO device to be prior to device init. - Add remaining read/write buffers to the union used already for all others. - Tidy up error checks for consistency of style, including dev_err_probe() - Bring the device startup procedure inline with the vendor code. - Reorder code so mode forcing is more obvious occurring where needed. - Tidy up data locality in reading functions so no magic data is stored in state structures just to get it across function calls. - Make a local lookup table static to avoid placing it on the stack. bosch,bmp280 - Fix BME280 regmap to not include registers it doesn't have. - Wait a little longer after config to allow for maximum possible necessary wait. - Reorganize headers. - Make conversion_time_max array static to avoid placing it on the stack. maxim,max1363 - Use __free(kfree) to simplify freeing transmission buffer. microchip,mcp3964 - Use devm_regulator_get_enable_read_voltage() microchip,mcp3911 - Use devm_regulator_get_enable_read_voltage() microchip,mcp4728 - Use devm_regulator_get_enable_read_voltage() microchip,mcp4922 - Use devm_regulator_get_enable_read_voltage() and devm_* to allow dropping of explicit remove() callback. onnn,noa1305 - Various tidy up. - Provide available scale values. - Make integration time configurable. - Fix up integration time look up (/2 error) ti,dac7311 - Check if spi_setup() succeeded. ti,tsc2046 - Use __free(kfree) to simplify freeing rx and tx buffers. - Use devm_regulator_get_enable_read_voltage() Various minor fixes not called out explicitly. * tag 'iio-for-6.12a' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/jic23/iio: (250 commits) drivers:iio:Fix the NULL vs IS_ERR() bug for debugfs_create_dir() iio: sgp40: retain documentation in driver iio: ABI: remove duplicate in_resistance_calibbias dt-bindings: iio: st,stm32-adc: add top-level constraints iio: ABI: add missing calibbias attributes iio: ABI: add missing calibscale attributes iio: ABI: sort calibscale attributes iio: ABI: document calibscale_available attributes iio: light: ltr390: Calculate 'counts_per_uvi' dynamically iio: light: ltr390: Add ALS channel and support for gain and resolution doc: iio: ad4695: document buffered read iio: adc: ad4695: implement triggered buffer iio: proximity: hx9023s: Fix error code in hx9023s_property_get() iio: light: noa1305: Fix up integration time look up iio: humidity: Add support for ENS210 dt-bindings: iio: humidity: add ENS210 sensor family iio: imu: adis16460: drop ifdef around CONFIG_DEBUG_FS iio: imu: adis16400: drop ifdef around CONFIG_DEBUG_FS iio: imu: adis16480: drop ifdef around CONFIG_DEBUG_FS iio: imu: adis16475: drop ifdef around CONFIG_DEBUG_FS ... commit fd82221a59fa5ce9dc7523e11c5e995104a28cb0 Author: Dave Hansen Date: Thu Aug 29 15:00:42 2024 -0700 x86/cpu/intel: Replace PAT erratum model/family magic numbers with symbolic IFM references There's an erratum that prevents the PAT from working correctly: https://www.intel.com/content/dam/www/public/us/en/documents/specification-updates/pentium-dual-core-specification-update.pdf # Document 316515 Version 010 The kernel currently disables PAT support on those CPUs, but it does it with some magic numbers. Replace the magic numbers with the new "IFM" macros. Make the check refer to the last affected CPU (INTEL_CORE_YONAH) rather than the first fixed one. This makes it easier to find the documentation of the erratum since Intel documents where it is broken and not where it is fixed. I don't think the Pentium Pro (or Pentium II) is actually affected. But the old check included them, so it can't hurt to keep doing the same. I'm also not completely sure about the "Pentium M" CPUs (models 0x9 and 0xd). But, again, they were included in in the old checks and were close Pentium III derivatives, so are likely affected. While we're at it, revise the comment referring to the erratum name and making sure it is a quote of the language from the actual errata doc. That should make it easier to find in the future when the URL inevitably changes. Why bother with this in the first place? It actually gets rid of one of the very few remaining direct references to c->x86{,_model}. No change in functionality intended. Signed-off-by: Dave Hansen Signed-off-by: Ingo Molnar Cc: Len Brown Link: https://lore.kernel.org/r/20240829220042.1007820-1-dave.hansen@linux.intel.com commit ae4e84544fff7574e5bf065a1d0a0e592323818f Author: Krzysztof Kozlowski Date: Wed Aug 28 11:35:58 2024 +0200 dt-bindings: pinctrl: qcom: add missing type to GPIO hogs GPIO hog nodes should define type, otherwise "dummy-hog" boolean properties would be allowed. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Linus Walleij Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/20240828-dt-bindings-gpio-hog-v1-2-63b83e47d804@linaro.org Signed-off-by: Linus Walleij commit f1ec92a066b2608e7c971dfce28ebe2d2cdb056e Author: Chen Ni Date: Tue Sep 3 10:30:01 2024 +0800 tty: hvc: convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Acked-by: Michael Ellerman Link: https://lore.kernel.org/r/20240903023001.491055-1-nichen@iscas.ac.cn Signed-off-by: Greg Kroah-Hartman commit 1c70238a2c0282a9bf07a87876fc447f19000a1d Author: Chen Ni Date: Tue Sep 3 10:37:54 2024 +0800 mxser: convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Link: https://lore.kernel.org/r/20240903023754.493568-1-nichen@iscas.ac.cn Signed-off-by: Greg Kroah-Hartman commit 2f102a5efe84808768a57ac2a5f1884bd56d62d8 Author: Stefan Wahren Date: Sun Aug 18 19:49:36 2024 +0200 serial: 8250_bcm2835aux: Fix clock imbalance in PM resume During review Ulf Hansson discovered a clock imbalance in the recently introduced PM resume code. The driver should enable the clock only in case it has been disabled in suspend before. In order to make the conditions easier to read, refactor this into a separate function. Reported-by: Ulf Hansson Closes: https://lore.kernel.org/linux-arm-kernel/CAPDyKFoJh3j8xSeXZ9o031YZLTCDYVA+dgvURuwozjDpU_aauA@mail.gmail.com/ Fixes: 0e1d8780526f ("serial: 8250_bcm2835aux: add PM suspend/resume support") Signed-off-by: Stefan Wahren Link: https://lore.kernel.org/r/20240818174936.88372-1-wahrenst@gmx.net Signed-off-by: Greg Kroah-Hartman commit c362646b6fc15009219020c443f5256190be6436 Author: Simon Horman Date: Fri Aug 30 18:23:00 2024 +0100 netfilter: nf_tables: Add missing Kernel doc - Add missing documentation of struct field and enum items. - Add missing documentation of function parameter. Flagged by ./scripts/kernel-doc -none. No functional change intended. Compile tested only. Signed-off-by: Simon Horman Reviewed-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit 85dfb34bb7d24c4585fa6a8186c3bf207470ecd7 Author: Simon Horman Date: Wed Aug 28 21:30:16 2024 +0100 netfilter: nf_tables: Correct spelling in nf_tables.h Correct spelling in nf_tables.h. As reported by codespell. Signed-off-by: Simon Horman Signed-off-by: Pablo Neira Ayuso commit eaf9b2c875ece22768b78aa38da8b232e5de021b Author: Florian Westphal Date: Wed Aug 28 11:34:02 2024 +0200 netfilter: nf_tables: drop unused 3rd argument from validate callback ops Since commit a654de8fdc18 ("netfilter: nf_tables: fix chain dependency validation") the validate() callback no longer needs the return pointer argument. Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit 09c0d0aef56b3b026b55be092fd9e81f3ae0c8a9 Author: Shen Lichuan Date: Wed Aug 28 19:06:51 2024 +0800 netfilter: conntrack: Convert to use ERR_CAST() Use the ERR_CAST macro to clearly indicate that this is a pointer to an error value and that a type conversion was performed. Signed-off-by: Shen Lichuan Signed-off-by: Pablo Neira Ayuso commit 20eb5e7cb78c331107fbdf2f77a30fbea9338638 Author: Yan Zhen Date: Mon Aug 26 11:41:36 2024 +0800 netfilter: Use kmemdup_array instead of kmemdup for multiple allocation When we are allocating an array, using kmemdup_array() to take care about multiplication and possible overflows. Also it makes auditing the code easier. Signed-off-by: Yan Zhen Reviewed-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit 4a1d3acd6ea86075e77fcc1188c3fc372833ba73 Author: Sebastian Andrzej Siewior Date: Tue Aug 20 09:54:32 2024 +0200 netfilter: nft_counter: Use u64_stats_t for statistic. The nft_counter uses two s64 counters for statistics. Those two are protected by a seqcount to ensure that the 64bit variable is always properly seen during updates even on 32bit architectures where the store is performed by two writes. A side effect is that the two counter (bytes and packet) are written and read together in the same window. This can be replaced with u64_stats_t. write_seqcount_begin()/ end() is replaced with u64_stats_update_begin()/ end() and behaves the same way as with seqcount_t on 32bit architectures. Additionally there is a preempt_disable on PREEMPT_RT to ensure that a reader does not preempt a writer. On 64bit architectures the macros are removed and the reads happen without any retries. This also means that the reader can observe one counter (bytes) from before the update and the other counter (packets) but that is okay since there is no requirement to have both counter from the same update window. Convert the statistic to u64_stats_t. There is one optimisation: nft_counter_do_init() and nft_counter_clone() allocate a new per-CPU counter and assign a value to it. During this assignment preemption is disabled which is not needed because the counter is not yet exposed to the system so there can not be another writer or reader. Therefore disabling preemption is omitted and raw_cpu_ptr() is used to obtain a pointer to a counter for the assignment. Cc: Eric Dumazet Signed-off-by: Sebastian Andrzej Siewior Signed-off-by: Pablo Neira Ayuso commit 1ef7f50ccc6e8e2b5de96ad1e304684a277a3055 Author: Changliang Wu Date: Thu Jun 20 19:35:27 2024 +0800 netfilter: ctnetlink: support CTA_FILTER for flush From cb8aa9a, we can use kernel side filtering for dump, but this capability is not available for flush. This Patch allows advanced filter with CTA_FILTER for flush Performace 1048576 ct flows in total, delete 50,000 flows by origin src ip 3.06s -> dump all, compare and delete 584ms -> directly flush with filter Signed-off-by: Changliang Wu Signed-off-by: Pablo Neira Ayuso commit d2e8590fd1048c5c0dba160edc6a48ee8305a1f0 Author: Lech Perczak Date: Mon Aug 26 17:42:45 2024 +0200 serial: sc16is7xx: convert bitmask definitions to use BIT() macro Now that bit definition comments were cleaned up, convert bitmask definitions to use BIT() macro for clarity. Convert SC16IS7XX_IIR_ID_MASK to use GENMASK() macro - - while at that, realign comments. Compose SC16IS7XX_LSR_BRK_ERROR_MASK using aforementioned constants, instead of open-coding it, and remove now unneeded comments. Signed-off-by: Lech Perczak Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/8b45a01e-7cc5-4d53-b467-c6680bc51ef4@camlingroup.com Signed-off-by: Greg Kroah-Hartman commit eccdb0fd1c340155666533f5c60c5229d370baab Author: Lech Perczak Date: Mon Aug 26 17:42:01 2024 +0200 serial: sc16is7xx: fix copy-paste errors in EFR_SWFLOWx_BIT constants Comments attached to bits 0 and 1 incorrectly referenced bits 2 and 3, which don't match the datasheet - fix them. At the same time remove comments for individual constants, as they add nothing to the definitions themselves. Signed-off-by: Lech Perczak Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/2986a485-935d-4ab2-9a16-4a85288aa15a@camlingroup.com Signed-off-by: Greg Kroah-Hartman commit 0f5e3898dc770de12f153ac6d4db30c57cb40f95 Author: Lech Perczak Date: Mon Aug 26 17:41:23 2024 +0200 serial: sc16is7xx: remove SC16IS7XX_MSR_DELTA_MASK This definition isn't used anywhere anymore, let's delete it. Reviewed-by: Andy Shevchenko Signed-off-by: Lech Perczak Link: https://lore.kernel.org/r/91a9aa22-47b7-449a-a7ad-877ce1b6402e@camlingroup.com Signed-off-by: Greg Kroah-Hartman commit 68c5efd9dca4b0e97791d638004c803b8a3bb3d4 Author: Jinjie Ruan Date: Mon Aug 19 20:01:07 2024 +0800 serial: xilinx_uartps: Make cdns_rs485_supported static The sparse tool complains as follows: drivers/tty/serial/xilinx_uartps.c:222:21: warning: symbol 'cdns_rs485_supported' was not declared. Should it be static? This symbol is not used outside xilinx_uartps.c, so marks it static. Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/r/20240819120107.3884973-1-ruanjinjie@huawei.com Signed-off-by: Greg Kroah-Hartman commit 7dfb497191f0d87c3b3ccfd3039df4c03d6769f6 Author: Tarang Raval Date: Mon Sep 2 19:15:08 2024 +0530 dt-bindings: arm: fsl: Add Variscite Symphony board and VAR-SOM-MX8MP SoM Adds support for the Variscite VAR-SOM-MX8MP System on Module and the Variscite Symphony Evaluation Kit. Signed-off-by: Tarang Raval Reviewed-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit cd0920ebab6bce93ac5054d621c0633f6a4d640b Author: Qianqiang Liu Date: Tue Sep 3 09:44:02 2024 +0800 staging: rtl8723bs: Remove an unused struct in rtw_cmd.h struct getcountjudge_rsp is not used, just remove it. Signed-off-by: Qianqiang Liu Link: https://lore.kernel.org/r/20240903014402.170750-1-qianqiang.liu@163.com Signed-off-by: Greg Kroah-Hartman commit 30db8460f984a7f5299b6e07ea8a57cd09fc9557 Author: Steven Davis Date: Sun Sep 1 17:18:59 2024 -0400 staging: greybus: Fix capitalization and punctuation inconsistencies There were a lot of inconsistencies in outputs and comments, some were properly formatted and capitalized, and some weren't. This patch resolves this by properly formatting the inconsistent comments and outputs. Signed-off-by: Steven Davis Link: https://lore.kernel.org/r/SJ2P223MB102660087EA9382BE5287FDBF7912@SJ2P223MB1026.NAMP223.PROD.OUTLOOK.COM Signed-off-by: Greg Kroah-Hartman commit fde40290ed831af46e652ea76f3e594cfe6af19c Author: Colin Ian King Date: Sun Sep 1 17:15:34 2024 +0100 staging: rtl8723bs: Remove trailing space after \n newline There is a extraneous space after a newline in a netdev_dbg message. Remove it. Signed-off-by: Colin Ian King Link: https://lore.kernel.org/r/20240901161534.143887-1-colin.i.king@gmail.com Signed-off-by: Greg Kroah-Hartman commit ae26a4cc10e8a736c995eba3997a9f4edcd2d76e Author: Riyan Dhiman Date: Sat Aug 31 21:38:31 2024 +0530 staging: rtl8192e: Constify struct pci_device_id static variable struct pci_device_id rtl8192_pci_id_tbl is not modified in file rtl_core.c. Constifying this structure moves some data to a read-only section, so increase overall security. Before ====== text data bss dec hex filename 17838 893 1 18732 492c drivers/staging/rtl8192e/rtl8192e/rtl_core.o After ===== text data bss dec hex filename 18006 725 1 18732 492c drivers/staging/rtl8192e/rtl8192e/rtl_core.o Signed-off-by: Riyan Dhiman Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240831160831.121720-1-riyandhiman14@gmail.com Signed-off-by: Greg Kroah-Hartman commit f48404522f03a9bc3365225f81ca079a35cf50b9 Author: Tree Davies Date: Thu Aug 29 19:05:08 2024 -0700 Staging: rtl8192e: Add spaces around operators. Add spaces around arithmetic and bitwise operators to improve readability of the code. Signed-off-by: Tree Davies Link: https://lore.kernel.org/r/20240830020508.532945-4-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 6c14d5ddc63ca0be4f5d4c7b9233ffc4caa2031f Author: Tree Davies Date: Thu Aug 29 19:05:07 2024 -0700 Staging: rtl8192e: Rename variable bHwError Rename variable bHwError to hw_error to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240830020508.532945-3-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 9d21254c94588084b767d3775d54718b900115e2 Author: Tree Davies Date: Thu Aug 29 19:05:06 2024 -0700 Staging: rtl8192e: Rename variable pNetwork Rename variable pNetwork to network to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240830020508.532945-2-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 37d1e01a6117ed88ce0c62c07717a18f5c98eb8c Author: Gabriel Tassinari Date: Thu Aug 29 18:40:31 2024 -0300 staging: rtl8192e: Fix parenthesis alignment in rtl_core.c fix parenthesis alignment in _rtl92e_qos_handle_probe_response to silence checkpatch warning: CHECK: Alignment should match open parenthesis Signed-off-by: Gabriel Tassinari Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240829214031.4893-1-gabrieldtassinari@gmail.com Signed-off-by: Greg Kroah-Hartman commit eea0007f6af778620aff51223f0de064e0df00d2 Author: Alien Wesley Date: Thu Aug 29 09:32:51 2024 -0300 staging: rtl8192e: Fix Assignment operator '=' in rtl_wx.c Separated assignments for pairwise_key_type and group_key_type in order to silence the following checkpatch warning. CHECK: Assignment operator '=' should be on the previous line. Signed-off-by: Alien Wesley Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240829123251.83574-1-alienwesley51@gmail.com Signed-off-by: Greg Kroah-Hartman commit 35c75ce7a79d050497e087f8fb350922333c2aeb Author: Alien Wesley Date: Thu Aug 29 08:36:06 2024 -0300 staging: rtl8192e: Fix multiple assignments in rtl_wx.c Separated assignments for pairwise_key_type and group_key_type in order to silence the following checkpatch warning. CHECK: multiple assignments should be avoided. Signed-off-by: Alien Wesley Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240829113606.76645-1-alienwesley51@gmail.com Signed-off-by: Greg Kroah-Hartman commit 0348e117d9599b49940b968583d6e076a8004bc7 Author: Yang Yingliang Date: Mon Sep 2 20:59:46 2024 +0800 staging: greybus: spi: switch to use spi_alloc_host() Switch to use modern name function spi_alloc_host(). No functional changed. Signed-off-by: Yang Yingliang Link: https://lore.kernel.org/r/20240902125947.1368-7-yangyingliang@huaweicloud.com Signed-off-by: Greg Kroah-Hartman commit 357c468552f0bbe68e9c9678a82dde6db14e5591 Author: Michael Straube Date: Sat Aug 31 12:08:09 2024 +0200 staging: rtl8192e: adjust size of RxMIMOSignalStrength The array RxMIMOSignalStrength in struct rtllib_rx_stats is always accessed with indices in the range i = 0; i < 2. We can reduce the size from 4 to 2. Signed-off-by: Michael Straube Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240831100809.29173-6-straube.linux@gmail.com Signed-off-by: Greg Kroah-Hartman commit ad796f708dc3801300e189acd3a393d7cb075811 Author: Michael Straube Date: Sat Aug 31 12:08:08 2024 +0200 staging: rtl8192e: adjust size of brfpath_rxenable for new RF90_PATH_MAX The array brfpath_rxenable in struct r8192_priv is always accessed by indices in the range i = 0; i < RF90_PATH_MAX. A previous patch changed the value of RF90_PATH_MAX from 4 to 2, so we can reduce the size of brfpath_rxenable to 2. Use RF90_PATH_MAX instead of a hard-coded size. Signed-off-by: Michael Straube Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240831100809.29173-5-straube.linux@gmail.com Signed-off-by: Greg Kroah-Hartman commit 12ce200da92a8122132f3b5dee506575b9d5fbba Author: Michael Straube Date: Sat Aug 31 12:08:07 2024 +0200 staging: rtl8192e: adjust size of trsw_gain_X for new RF90_PATH_MAX The array trsw_gain_X in struct phy_sts_ofdm_819xpci is always accessed by indices in the range i = 0; i < RF90_PATH_MAX. A previous patch changed the value of RF90_PATH_MAX from 4 to 2, so we can reduce the size of trsw_gain_X to 2. Use RF90_PATH_MAX instead of a hard-coded size. Signed-off-by: Michael Straube Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240831100809.29173-4-straube.linux@gmail.com Signed-off-by: Greg Kroah-Hartman commit 24f7977e83cda19cd34fe69a12ceb881dc632d47 Author: Michael Straube Date: Sat Aug 31 12:08:06 2024 +0200 staging: rtl8192e: adjust size of rx_pwr for new RF90_PATH_MAX The local array rx_pwr in the function _rtl92e_query_rxphystatus() is always accessed by indices in the range i = 0; i < RF90_PATH_MAX. A previous patch changed the value of RF90_PATH_MAX from 4 to 2, so we can reduce the size of rx_pwr to 2. Use RF90_PATH_MAX instead of a hard-coded size. Signed-off-by: Michael Straube Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240831100809.29173-3-straube.linux@gmail.com Signed-off-by: Greg Kroah-Hartman commit a5d1b523ad47ab2b7e7547c555f92f3230f046c5 Author: Michael Straube Date: Sat Aug 31 12:08:05 2024 +0200 staging: rtl8192e: remove RF90_PATH_{C,D} from enum rf90_radio_path RF90_PATH_C and RF90_PATH_D are unused in this driver. Remove them from enum rf90_radio_path. Signed-off-by: Michael Straube Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240831100809.29173-2-straube.linux@gmail.com Signed-off-by: Greg Kroah-Hartman commit c30f4711b8bf938c447750f31eb6ad00a67782b1 Author: Lukasz Majewski Date: Mon Sep 2 13:46:52 2024 +0200 ARM: dts: imx28-lwe: Remove saif[01] definitions The saif[01] nodes are specific to other group of the imx287 based devices, so need to be moved to different devices description file. Leaving them here causes issues with next revision of XEA device. Signed-off-by: Lukasz Majewski Signed-off-by: Shawn Guo commit f526d20a33d3f3d3b3a507b675c1f0ec1a8b6856 Author: Lukasz Majewski Date: Mon Sep 2 13:46:51 2024 +0200 ARM: dts: imx28-lwe: Reduce maximal SPI frequency Due to some operational problems (HW) the maximal speed of the SPI frequency for flash memory has been reduced by half. Signed-off-by: Lukasz Majewski Signed-off-by: Shawn Guo commit a51f97aef65365436e206a6d6d2906e685b14123 Author: Lukasz Majewski Date: Mon Sep 2 13:46:50 2024 +0200 ARM: dts: imx28-lwe: Fix partitions definitions The SPI-NOR memory layout has evolved during time lifetime of the device - for example special partitions to keep track of booted devices for A/B booting scheme were added. Signed-off-by: Lukasz Majewski Signed-off-by: Shawn Guo commit 79691288f75dc2124153a5130d9fcda413f57c6a Author: Krzysztof Kozlowski Date: Mon Sep 2 13:40:40 2024 +0200 ARM: dts: imx6qdl: align pin config nodes with bindings Bindings for other NXP pin controllers expect pin configuration nodes in pinctrl to match certain naming, so adjust these as well, even though their bindings are not yet in dtschema format. Signed-off-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit d1b4420366908b0a10e90c0f091a7cf671fba23b Author: Krzysztof Kozlowski Date: Mon Sep 2 13:40:39 2024 +0200 ARM: dts: imx6sl: align pin config nodes with bindings Bindings for other NXP pin controllers expect pin configuration nodes in pinctrl to match certain naming, so adjust these as well, even though their bindings are not yet in dtschema format. Signed-off-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit a9c741d8e97c174b6ddd535d0c429333d477082e Author: Krzysztof Kozlowski Date: Mon Sep 2 13:40:38 2024 +0200 ARM: dts: imx6ul: align pin config nodes with bindings Bindings expect pin configuration nodes in pinctrl to match certain naming: imx6ul-kontron-bl.dtb: pinctrl@20e0000: 'usbotg1' does not match any of the regexes: 'grp$', 'pinctrl-[0-9]+' Signed-off-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit e515be1280c393a39caa6eaa7aac0623232f2ff5 Author: Krzysztof Kozlowski Date: Mon Sep 2 13:40:37 2024 +0200 ARM: dts: imx6ul-tx6ul: drop empty pinctrl placeholder Drop an empty pin configuration node placeholder, because bindings require 'fsl,pins' property: imx6ul-tx6ul-0010.dtb: pinctrl@20e0000: hoggrp: 'fsl,pins' is a required property Signed-off-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit c4f3e42454b6506fbb3aa7d0df7f5f9192d90dc4 Author: Fabio Estevam Date: Mon Sep 2 15:10:36 2024 -0300 ARM: dts: imx28-tx28: Fix the fsl,saif-master usage According to fsl,saif.yaml, fsl,saif-master is a phandle to the master SAIF. Change it accordingly, to fix the following dt-schema warnings: saif@80042000: fsl,saif-master: True is not of type 'array' saif@80042000: Unevaluated properties are not allowed ('fsl,saif-master' was unexpected) Signed-off-by: Fabio Estevam Acked-By: Lothar Waßmann Signed-off-by: Shawn Guo commit 3dedd4889cfc2851444a1f7626b293c0bfd1e42c Author: Krzysztof Kozlowski Date: Sat Aug 31 12:11:29 2024 +0200 ARM: dts: imx6ull-seeed-npi: fix fsl,pins property in tscgrp pinctrl The property is "fsl,pins", not "fsl,pin". Wrong property means the pin configuration was not applied. Fixes dtbs_check warnings: imx6ull-seeed-npi-dev-board-emmc.dtb: pinctrl@20e0000: uart1grp: 'fsl,pins' is a required property imx6ull-seeed-npi-dev-board-emmc.dtb: pinctrl@20e0000: uart1grp: 'fsl,pin' does not match any of the regexes: 'pinctrl-[0-9]+' Cc: stable@vger.kernel.org Fixes: e3b5697195c8 ("ARM: dts: imx6ull: add seeed studio NPi dev board") Signed-off-by: Krzysztof Kozlowski Reviewed-by: Parthiban Nallathambi Signed-off-by: Shawn Guo commit 1b0e32753d8550908dff8982410357b5114be78c Author: Krzysztof Kozlowski Date: Sat Aug 31 12:11:28 2024 +0200 ARM: dts: imx6ul-geam: fix fsl,pins property in tscgrp pinctrl The property is "fsl,pins", not "fsl,pin". Wrong property means the pin configuration was not applied. Fixes dtbs_check warnings: imx6ul-geam.dtb: pinctrl@20e0000: tscgrp: 'fsl,pins' is a required property imx6ul-geam.dtb: pinctrl@20e0000: tscgrp: 'fsl,pin' does not match any of the regexes: 'pinctrl-[0-9]+' Cc: stable@vger.kernel.org Fixes: a58e4e608bc8 ("ARM: dts: imx6ul-geam: Add Engicam IMX6UL GEA M6UL initial support") Signed-off-by: Krzysztof Kozlowski Reviewed-by: Michael Trimarchi Signed-off-by: Shawn Guo commit 6e55258118bd789fe7f80ef2d5792baa65a3c132 Author: Fabio Estevam Date: Wed Aug 28 16:49:19 2024 -0300 ARM: dts: imx23/8: Rename apbh and apbx nodes According to simple-bus.yaml, apbh and apbx are not valid bus names. Rename them to apbh-bus and apbx-bus to fix the following dt-schema warnings: 'apbh@80000000' does not match '^([a-z][a-z0-9\\-]+-bus|bus|localbus|soc|axi|ahb|apb)(@.+)?$' 'apbx@80040000' does not match '^([a-z][a-z0-9\\-]+-bus|bus|localbus|soc|axi|ahb|apb)(@.+)?$' Signed-off-by: Fabio Estevam Reviewed-by: Lukasz Majewski Signed-off-by: Shawn Guo commit cc41aa93bbafdfe4c4c9026d307adbb89c1d80fa Author: Niklas Söderlund Date: Mon Aug 26 16:43:52 2024 +0200 arm64: dts: renesas: r8a779h0: Add family fallback for CSISP IP The usage of the R-Car V4M CSISP bindings where merged before the bindings where approved. At that time the family fallback compatible where not part of the bindings, add them. Fixes: 2bb78d9fb7c9 ("arm64: dts: renesas: r8a779h0: Add video capture nodes") Signed-off-by: Niklas Söderlund Reviewed-by: Geert Uytterhoeven Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/20240826144352.3026980-7-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Geert Uytterhoeven commit af9e91cb97923b79dc4be6f9eb8359c6bb98be52 Author: Niklas Söderlund Date: Mon Aug 26 16:43:49 2024 +0200 arm64: dts: renesas: r8a779a0: Add family fallback for CSISP IP To make it easier to support new R-Car Gen4 SoCs add a family fallback compatible similar to what was done for VIN on R-Car Gen4. There is no functional change, but the addition of the family fallback in the bindings produces warnings for R-Car V3U for DTS checks if they are not added. Signed-off-by: Niklas Söderlund Reviewed-by: Laurent Pinchart Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240826144352.3026980-4-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Geert Uytterhoeven commit 2c5c9e37c10e5c84035d7b202050c0879f135ef9 Author: Niklas Söderlund Date: Mon Aug 26 16:43:48 2024 +0200 arm64: dts: renesas: r8a779g0: Add family fallback for CSISP IP To make it easier to support new R-Car Gen4 SoCs add a family fallback compatible similar to what was done for VIN on R-Car Gen4. There is no functional change, but the addition of the family fallback in the bindings produces warnings for R-Car V4H for DTS checks if they are not added. Signed-off-by: Niklas Söderlund Reviewed-by: Laurent Pinchart Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240826144352.3026980-3-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Geert Uytterhoeven commit c92be7b6b3559d58b6631c15c6d3889d8eb486a5 Author: Niklas Söderlund Date: Thu Jul 4 18:16:20 2024 +0200 arm64: dts: renesas: r8a779h0: Add family fallback for VIN IP The usage of the R-Car V4M VIN bindings where merged before the bindings where approved. At that time the family fallback compatible was not part of the bindings, add it. Fixes: 2bb78d9fb7c9 ("arm64: dts: renesas: r8a779h0: Add video capture nodes") Signed-off-by: Niklas Söderlund Reviewed-by: Geert Uytterhoeven Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/20240704161620.1425409-7-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Geert Uytterhoeven commit 075e3d30e4a3da8eadd12f2f063dc8e2ea9e1f08 Author: Pawel Dembicki Date: Tue Aug 27 14:39:38 2024 +0200 net: dsa: vsc73xx: implement FDB operations This commit introduces implementations of three functions: .port_fdb_dump .port_fdb_add .port_fdb_del The FDB database organization is the same as in other old Vitesse chips: It has 2048 rows and 4 columns (buckets). The row index is calculated by the hash function 'vsc73xx_calc_hash' and the FDB entry must be placed exactly into row[hash]. The chip selects the bucket number by itself. Signed-off-by: Pawel Dembicki Link: https://patch.msgid.link/20240827123938.582789-1-paweldembicki@gmail.com Signed-off-by: Paolo Abeni commit e9f351d67d59cc4d7797c802afb92a7a2071abde Author: Niklas Söderlund Date: Thu Jul 4 18:16:17 2024 +0200 arm64: dts: renesas: r8a779a0: Add family fallback for VIN IP To make it easier to support new R-Car Gen4 SoCs a family fallback compatible similar to what is used for R-Car Gen2 has been added to the VIN bindings. Add this fallback to the R-Car V3U DTSI. There is no functional change, but the addition of the family fallback in the bindings produces warnings for R-Car V3U for DTS checks if they are not added. Signed-off-by: Niklas Söderlund Reviewed-by: Geert Uytterhoeven Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/20240704161620.1425409-4-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Geert Uytterhoeven commit 8c07e11916ffcfa29c300cf45ebd868ee15f18fc Author: Niklas Söderlund Date: Thu Jul 4 18:16:16 2024 +0200 arm64: dts: renesas: r8a779g0: Add family fallback for VIN IP To make it easier to support new R-Car Gen4 SoCs a family fallback compatible similar to what is used for R-Car Gen2 has been added to the VIN bindings. Add this fallback to the R-Car V4H DTSI. There is no functional change, but the addition of the family fallback in the bindings produces warnings for R-Car V4H for DTS checks if they are not added. Signed-off-by: Niklas Söderlund Reviewed-by: Geert Uytterhoeven Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/20240704161620.1425409-3-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Geert Uytterhoeven commit d40ae4cdd9a400dea9dff3408b8c8983c45e943f Author: Xu Yang Date: Tue Sep 3 15:58:09 2024 +0800 dt-bindings: phy: mxs-usb-phy: add nxp,sim property i.MX7ULP need properly set System Integration Module(SIM) module to make usb wakeup work well. This will add a "nxp,sim" property. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Xu Yang Link: https://lore.kernel.org/r/20240903075810.1196928-1-xu.yang_2@nxp.com Signed-off-by: Greg Kroah-Hartman commit b022041ea9ef7a54becbc1c06717000bfcd8266d Author: Chen Ni Date: Tue Sep 3 15:35:38 2024 +0800 usb: cdns2: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Link: https://lore.kernel.org/r/20240903073538.780996-1-nichen@iscas.ac.cn Signed-off-by: Greg Kroah-Hartman commit 673f0c3ffc75166317ca5edb66ff35eaa6a12149 Author: Michael Grzeschik Date: Sun Sep 1 21:11:18 2024 +0200 tools: usb: p9_fwd: add usb gadget packet forwarder script This patch is adding an small python tool to forward 9pfs requests from the USB gadget to an existing 9pfs TCP server. Since currently all 9pfs servers lack support for the usb transport this tool is an useful helper to get started. Refer the Documentation section "USBG Example" in Documentation/filesystems/9p.rst on how to use it. Signed-off-by: Jan Luebbe Signed-off-by: Michael Grzeschik Tested-by: Andrzej Pietrasiewicz Link: https://lore.kernel.org/r/20240116-ml-topic-u9p-v12-3-9a27de5160e0@pengutronix.de Signed-off-by: Greg Kroah-Hartman commit a3be076dc174d9022a71a12554feb4c97b5c4d5c Author: Michael Grzeschik Date: Sun Sep 1 21:11:17 2024 +0200 net/9p/usbg: Add new usb gadget function transport Add the new gadget function for 9pfs transport. This function is defining an simple 9pfs transport interface that consists of one in and one out endpoint. The endpoints transmit and receive the 9pfs protocol payload when mounting a 9p filesystem over usb. Tested-by: Andrzej Pietrasiewicz Signed-off-by: Michael Grzeschik Link: https://lore.kernel.org/r/20240116-ml-topic-u9p-v12-2-9a27de5160e0@pengutronix.de Signed-off-by: Greg Kroah-Hartman commit d9c61bb33fbbcbc2d5f69efa10db116dab4b56cc Author: Michael Grzeschik Date: Sun Sep 1 21:11:16 2024 +0200 usb: gadget: function: move u_f.h to include/linux/usb/func_utils.h We move the func_utils.h header to include/linux/usb to be able to compile function drivers outside of the drivers/usb/gadget/function directory. Signed-off-by: Michael Grzeschik Link: https://lore.kernel.org/r/20240116-ml-topic-u9p-v12-1-9a27de5160e0@pengutronix.de Signed-off-by: Greg Kroah-Hartman commit f20998f23a8ce3ba56a06d9423ee57e92bae298c Author: Mathias Nyman Date: Fri Aug 30 18:26:30 2024 +0300 thunderbolt: Don't create device link from USB4 Host Interface to USB3 xHC host USB core will create device links between tunneled USB3 devices and USB4 Host Interface during USB device creation. Those device links are removed with the tunneled USB3 devices, allowing USB4 Host Interface to runtime suspend if USB3 tunnels are not used. So remove device link creation between USB4 Host Interface and USB3 xHC during NHI probe Reported-by: Rajaram Regupathy Reported-by: Saranya Gopal Tested-by: Saranya Gopal Acked-by: Mika Westerberg Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240830152630.3943215-5-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit f1bfb4a6fed64de1771b43a76631942279851744 Author: Mathias Nyman Date: Fri Aug 30 18:26:29 2024 +0300 usb: acpi: add device link between tunneled USB3 device and USB4 Host Interface Describe the power management relationship between a tunneled USB3 device and the tunnel providing USB4 host with a device link as the relationship between them is not evident from normal device hierarchy. Tunneling capable ports have an ACPI _DSD object pointing to the USB4 Host Interface that is used to establish USB3 3.x tunnels Set the link directly between tunneled USB3 devices and USB4 Host Interface to ensure that the USB4 host can runtime suspend if no tunneled USB 3.x devices exist. Current Thunderbolt code sets a link between USB4 Host Interface and USB3 xHCI host which prevents USB4 Host Interface from runtime suspending even if the USB3 host is only serving native USB devices. See commit b2be2b05cf3b ("thunderbolt: Create device links from ACPI description") for details. As the device link is only set for USB3 devices that are already tunneled we know that USB4 Host Interface exists and is bound to its driver. Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240830152630.3943215-4-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit f46a6e16519712651e2304da03ec144cc0bb084c Author: Mathias Nyman Date: Fri Aug 30 18:26:28 2024 +0300 usb: Add tunnel_mode parameter to usb device structure Add 'tunnel_mode' enum to usb device structure to describe if a USB3 link is tunneled over USB4, or connected directly using native USB2/USB3 protocols. Tunneled devices depend on USB4 NHI host to maintain the tunnel. Knowledge about tunneled devices is important to ensure correct suspend and resume order between USB4 hosts and tunneled devices. i.e. make sure tunnel is up before the USB device using it resumes. USB hosts such as xHCI may have vendor specific ways to detect tunneled connections. This 'tunnel_mode' parameter can be set by USB3 host driver during hcd->driver->update_device(hcd, udev) callback. tunnel_mode can be set to: USB_LINK_UNKNOWN = 0 USB_LINK_NATIVE USB_LINK_TUNNELED USB_LINK_UNKNOWN is used in case host is not capable of detecting tunneled links. Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240830152630.3943215-3-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 948ce83fbb7df85bc930a5c0d6b133481be05c0b Author: Mathias Nyman Date: Fri Aug 30 18:26:27 2024 +0300 xhci: Add USB4 tunnel detection for USB3 devices on Intel hosts Knowledge about tunneled devices is useful in order to correctly describe the relationship between tunneled USB3 device and USB4 Host Interface, ensuring proper suspend and resume order, and to be able to power down Thunderbolt if there is no need for tunneling. Intel hosts share if a USB3 connection is native or tunneled via vendor specific "SPR eSS PORT" registers. These vendor registers are available if host supports a vendor specific SPR shadow extended capability with ID 206. Registers are per USB3 port and 0x20 apart. Knowing the tunneling status of the device connected to roothub is enough as all its children will have the same status. Signed-off-by: Mathias Nyman Link: https://lore.kernel.org/r/20240830152630.3943215-2-mathias.nyman@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 9299f12c20d4dc51d3b548392e1725da37cada48 Author: Hongbo Li Date: Tue Sep 3 09:42:49 2024 +0800 usb: f_mass_storage: Make use of the helper macro kthread_run() Replace kthread_create/wake_up_process() with kthread_run() to simplify the code. Acked-by: Alan Stern Signed-off-by: Hongbo Li Link: https://lore.kernel.org/r/20240903014249.3098082-1-lihongbo22@huawei.com Signed-off-by: Greg Kroah-Hartman commit a17f04d4f26db70a42e52ebf0f04d84da79ebf1e Author: Michael Walle Date: Sun Aug 25 20:04:46 2024 +0200 usb: gadget: f_acm: make bInterfaceProtocol configurable The bInterfaceProtocol is hardcoded to USB_CDC_ACM_PROTO_AT_V25TER. This will lead to problems with ModemManger which will gladly try to probe that port as a modem if the gadget also has a network function. ModemManager will try to send AT commands to the ACM port. Make the bInterfaceProtocol configurable. For this, track the number of instances and only allow write to the property if there are no intances (yet). This will also set bFunctionProtocol to the same value, see commit 5c8db070b448 ("USB: Change acm_iad_descriptor bFunctionProtocol to USB_CDC_ACM_PROTO_AT_V25TER") for more details. Signed-off-by: Michael Walle Link: https://lore.kernel.org/r/20240825180446.3757073-1-mwalle@kernel.org Signed-off-by: Greg Kroah-Hartman commit c146ede472717f352b7283a525bd9a1a2b15e2cf Author: Zhang Zekun Date: Mon Sep 2 20:30:20 2024 +0800 usb: ohci-nxp: Use helper function devm_clk_get_enabled() devm_clk_get() and clk_prepare_enable() can be replaced by helper function devm_clk_get_enabled(). Let's use devm_clk_get_enabled() to simplify code and avoid calling clk_disable_unprepare(). Signed-off-by: Zhang Zekun Acked-by: Alan Stern Link: https://lore.kernel.org/r/20240902123020.29267-3-zhangzekun11@huawei.com Signed-off-by: Greg Kroah-Hartman commit b24301364a9471fbca86d41fa0982ae4e038140d Author: Colin Ian King Date: Sun Sep 1 17:23:57 2024 +0100 usb: gadget: udc-xilinx: Remove trailing space after \n newline There is a extraneous space after a newline in a dev_dbg message. Remove it. Signed-off-by: Colin Ian King Link: https://lore.kernel.org/r/20240901162357.144222-1-colin.i.king@gmail.com Signed-off-by: Greg Kroah-Hartman commit 27e12d5aa4f9b0cc7b15050bc560c75aaaa8695b Author: Andreas Kühn Date: Sat Aug 31 21:34:06 2024 +0200 usb: chipidea: npcm: Fix coding style with missing space Fixed coding style issue: added missing space. Signed-off-by: Andreas Kühn Link: https://lore.kernel.org/r/20240831193407.11302-1-andreas.kuehn@diekuehnen.com Signed-off-by: Greg Kroah-Hartman commit 4058c39bd176daf11a826802d940d86292a6b02b Author: Shawn Shao Date: Fri Aug 30 11:17:09 2024 +0800 usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario The issue is that before entering the crash kernel, the DWC USB controller did not perform operations such as resetting the interrupt mask bits. After entering the crash kernel,before the USB interrupt handler registration was completed while loading the DWC USB driver,an GINTSTS_SOF interrupt was received.This triggered the misroute_irq process within the GIC handling framework,ultimately leading to the misrouting of the interrupt,causing it to be handled by the wrong interrupt handler and resulting in the issue. Summary:In a scenario where the kernel triggers a panic and enters the crash kernel,it is necessary to ensure that the interrupt mask bit is not enabled before the interrupt registration is complete. If an interrupt reaches the CPU at this moment,it will certainly not be handled correctly,especially in cases where this interrupt is reported frequently. Please refer to the Crashkernel dmesg information as follows (the message on line 3 was added before devm_request_irq is called by the dwc2_driver_probe function): [ 5.866837][ T1] dwc2 JMIC0010:01: supply vusb_d not found, using dummy regulator [ 5.874588][ T1] dwc2 JMIC0010:01: supply vusb_a not found, using dummy regulator [ 5.882335][ T1] dwc2 JMIC0010:01: before devm_request_irq irq: [71], gintmsk[0xf300080e], gintsts[0x04200009] [ 5.892686][ C0] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.10.0-jmnd1.2_RC #18 [ 5.900327][ C0] Hardware name: CMSS HyperCard4-25G/HyperCard4-25G, BIOS 1.6.4 Jul 8 2024 [ 5.908836][ C0] Call trace: [ 5.911965][ C0] dump_backtrace+0x0/0x1f0 [ 5.916308][ C0] show_stack+0x20/0x30 [ 5.920304][ C0] dump_stack+0xd8/0x140 [ 5.924387][ C0] pcie_xxx_handler+0x3c/0x1d8 [ 5.930121][ C0] __handle_irq_event_percpu+0x64/0x1e0 [ 5.935506][ C0] handle_irq_event+0x80/0x1d0 [ 5.940109][ C0] try_one_irq+0x138/0x174 [ 5.944365][ C0] misrouted_irq+0x134/0x140 [ 5.948795][ C0] note_interrupt+0x1d0/0x30c [ 5.953311][ C0] handle_irq_event+0x13c/0x1d0 [ 5.958001][ C0] handle_fasteoi_irq+0xd4/0x260 [ 5.962779][ C0] __handle_domain_irq+0x88/0xf0 [ 5.967555][ C0] gic_handle_irq+0x9c/0x2f0 [ 5.971985][ C0] el1_irq+0xb8/0x140 [ 5.975807][ C0] __setup_irq+0x3dc/0x7cc [ 5.980064][ C0] request_threaded_irq+0xf4/0x1b4 [ 5.985015][ C0] devm_request_threaded_irq+0x80/0x100 [ 5.990400][ C0] dwc2_driver_probe+0x1b8/0x6b0 [ 5.995178][ C0] platform_drv_probe+0x5c/0xb0 [ 5.999868][ C0] really_probe+0xf8/0x51c [ 6.004125][ C0] driver_probe_device+0xfc/0x170 [ 6.008989][ C0] device_driver_attach+0xc8/0xd0 [ 6.013853][ C0] __driver_attach+0xe8/0x1b0 [ 6.018369][ C0] bus_for_each_dev+0x7c/0xdc [ 6.022886][ C0] driver_attach+0x2c/0x3c [ 6.027143][ C0] bus_add_driver+0xdc/0x240 [ 6.031573][ C0] driver_register+0x80/0x13c [ 6.036090][ C0] __platform_driver_register+0x50/0x5c [ 6.041476][ C0] dwc2_platform_driver_init+0x24/0x30 [ 6.046774][ C0] do_one_initcall+0x50/0x25c [ 6.051291][ C0] do_initcall_level+0xe4/0xfc [ 6.055894][ C0] do_initcalls+0x80/0xa4 [ 6.060064][ C0] kernel_init_freeable+0x198/0x240 [ 6.065102][ C0] kernel_init+0x1c/0x12c Signed-off-by: Shawn Shao Link: https://lore.kernel.org/r/20240830031709.134-1-shawn.shao@jaguarmicro.com Signed-off-by: Greg Kroah-Hartman commit e23593ee41fa4d2f76588dfe609b416c1d9710b8 Author: Krzysztof Kozlowski Date: Wed Aug 14 12:35:47 2024 +0200 usb: dwc3: xilinx: simplify with dev_err_probe Use dev_err_probe() to make the error paths a bit simpler. Signed-off-by: Krzysztof Kozlowski Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240814-b4-cleanup-h-of-node-put-usb-v1-11-95481b9682bc@linaro.org Signed-off-by: Greg Kroah-Hartman commit 819c0c31a78e389812ab183eceabec58d1d23319 Author: Krzysztof Kozlowski Date: Wed Aug 14 12:35:46 2024 +0200 usb: dwc3: rtk: return directly and simplify with devm_platform_ioremap_resource Use devm_platform_ioremap_resource() wrapper instead of two calls, which together with returning directly instead of useless goto, allows to nicely simplify the probe() function. Signed-off-by: Krzysztof Kozlowski Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240814-b4-cleanup-h-of-node-put-usb-v1-10-95481b9682bc@linaro.org Signed-off-by: Greg Kroah-Hartman commit f93e96c544ca723be5c4ff553630ad6a72d3c677 Author: Krzysztof Kozlowski Date: Wed Aug 14 12:35:45 2024 +0200 usb: dwc3: rtk: use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240814-b4-cleanup-h-of-node-put-usb-v1-9-95481b9682bc@linaro.org Signed-off-by: Greg Kroah-Hartman commit 17d206a3687ec662b0eb7c1f083fb8abd29842be Author: Krzysztof Kozlowski Date: Wed Aug 14 12:35:44 2024 +0200 usb: dwc3: qcom: simplify with devm_platform_ioremap_resource Use devm_platform_ioremap_resource() wrapper instead of two calls. This allows also dropping local 'res' variable. Signed-off-by: Krzysztof Kozlowski Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240814-b4-cleanup-h-of-node-put-usb-v1-8-95481b9682bc@linaro.org Signed-off-by: Greg Kroah-Hartman commit a85f13d509254acd508856be57099a818552cfc9 Author: Krzysztof Kozlowski Date: Wed Aug 14 12:35:43 2024 +0200 usb: dwc3: qcom: use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240814-b4-cleanup-h-of-node-put-usb-v1-7-95481b9682bc@linaro.org Signed-off-by: Greg Kroah-Hartman commit 34e8df2fb2de4e56fdd91a03ffe466f3c88a67df Author: Krzysztof Kozlowski Date: Wed Aug 14 12:35:42 2024 +0200 usb: dwc3: imx8mp: use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Scoped/cleanup.h coding style expects variable declaration with initialization, so the of_get_compatible_child() call has to be moved earlier, before any goto jumps happen. Signed-off-by: Krzysztof Kozlowski Acked-by: Thinh Nguyen Reviewed-by: Frank Li Link: https://lore.kernel.org/r/20240814-b4-cleanup-h-of-node-put-usb-v1-6-95481b9682bc@linaro.org Signed-off-by: Greg Kroah-Hartman commit 81d905b1022033a5885e2d2c169606eabf669084 Author: Krzysztof Kozlowski Date: Wed Aug 14 12:35:41 2024 +0200 usb: dwc3: imx8mp: simplify with dev_err_probe Use dev_err_probe() to make the error paths a bit simpler. Signed-off-by: Krzysztof Kozlowski Acked-by: Thinh Nguyen Reviewed-by: Frank Li Link: https://lore.kernel.org/r/20240814-b4-cleanup-h-of-node-put-usb-v1-5-95481b9682bc@linaro.org Signed-off-by: Greg Kroah-Hartman commit 3fdfebc58e0ddd86f5c0da85ef5eab94bf3d674a Author: Krzysztof Kozlowski Date: Wed Aug 14 12:35:40 2024 +0200 usb: dwc3: imx8mp: simplify with devm_clk_get_enabled Use devm_clk_get_enabled() to drop clock preparing and handling from error and remove paths. This makes the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Frank Li Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240814-b4-cleanup-h-of-node-put-usb-v1-4-95481b9682bc@linaro.org Signed-off-by: Greg Kroah-Hartman commit fcc78cce2f9653af6d46460274d352e8b26ac5ea Author: Krzysztof Kozlowski Date: Wed Aug 14 12:35:39 2024 +0200 usb: dwc3: st: simplify pdev->dev usage The probe() function already stores '&pdev->dev' in local 'dev' variable. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Patrice Chotard Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240814-b4-cleanup-h-of-node-put-usb-v1-3-95481b9682bc@linaro.org Signed-off-by: Greg Kroah-Hartman commit a93c3ad6a9b2f9b8add42cc07e8857bab0eb1616 Author: Krzysztof Kozlowski Date: Wed Aug 14 12:35:38 2024 +0200 usb: dwc3: st: simplify with dev_err_probe Use dev_err_probe() to make the error paths a bit simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Patrice Chotard Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240814-b4-cleanup-h-of-node-put-usb-v1-2-95481b9682bc@linaro.org Signed-off-by: Greg Kroah-Hartman commit bde053252c02186836ea0d1bee492d2e95c3f983 Author: Krzysztof Kozlowski Date: Wed Aug 14 12:35:37 2024 +0200 usb: dwc3: st: use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Scoped/cleanup.h coding style expects variable declaration with initialization, so the of_get_compatible_child() call has to be moved earlier, before any goto jumps happen. Signed-off-by: Krzysztof Kozlowski Acked-by: Thinh Nguyen Reviewed-by: Patrice Chotard Link: https://lore.kernel.org/r/20240814-b4-cleanup-h-of-node-put-usb-v1-1-95481b9682bc@linaro.org Signed-off-by: Greg Kroah-Hartman commit dbf0fa1c8d47914c3b4919f01b131e0523f6d804 Author: Christophe JAILLET Date: Sat Aug 24 15:47:07 2024 +0200 usb-storage: Constify struct usb_device_id and us_unusual_dev 'struct usb_device_id' and 'struct us_unusual_dev' are not modified in these drivers. Constifying these structures moves some data to a read-only section, so increase overall security, especially when the structure holds some function pointers (which is the case for struct us_unusual_dev). On a x86_64, with allmodconfig, as an example: Before: ====== text data bss dec hex filename 25249 4261 896 30406 76c6 drivers/usb/storage/alauda.o 3969 672 360 5001 1389 drivers/usb/storage/cypress_atacb.o After: ===== text data bss dec hex filename 25461 4041 896 30398 76be drivers/usb/storage/alauda.o 4225 400 360 4985 1379 drivers/usb/storage/cypress_atacb.o Signed-off-by: Christophe JAILLET Acked-by: Alan Stern Link: https://lore.kernel.org/r/b1b75a2a64b1f6cfad2a611f71393f281178fd3f.1724507157.git.christophe.jaillet@wanadoo.fr Signed-off-by: Greg Kroah-Hartman commit e4fdcc10092fb244218013bfe8ff01c55d54e8e4 Author: Xu Yang Date: Fri Aug 23 15:38:32 2024 +0800 usb: chipidea: udc: enable suspend interrupt after usb reset Currently, suspend interrupt is enabled before pullup enable operation. This will cause a suspend interrupt assert right after pullup DP. This suspend interrupt is meaningless, so this will ignore such interrupt by enable it after usb reset completed. Signed-off-by: Xu Yang Acked-by: Peter Chen Link: https://lore.kernel.org/r/20240823073832.1702135-1-xu.yang_2@nxp.com Signed-off-by: Greg Kroah-Hartman commit 122c234ef4e182440f8a60490e9344bfc4e2b5e9 Author: Baruch Siach Date: Sun Sep 1 09:12:34 2024 +0300 arm64: mm: keep low RAM dma zone Commit ba0fb44aed47 ("dma-mapping: replace zone_dma_bits by zone_dma_limit") optimistically assumed that device-tree dma-ranges property describes the system DMA limits. That assumption ignores DMA limits of individual devices that are not encoded in device tree. Commit 833bd284a45 ("arm64: mm: fix DMA zone when dma-ranges is missing") fixed part of the problem for platforms that do not provide dma-ranges at all. However platforms like SM8550-HDK provide DMA bus limit, but have devices with stronger DMA limits. of_dma_get_max_cpu_address() does not take device limitations into account. These platforms implicitly rely on DMA zone in low 32-bit RAM area. Until we find a better way to figure out the optimal DMA zone range, restore the low RAM DMA zone we had before commit ba0fb44aed47. Fixes: ba0fb44aed47 ("dma-mapping: replace zone_dma_bits by zone_dma_limit") Closes: https://lore.kernel.org/r/1a0c7282-63e0-4add-8e38-3abe3e0a8e2f@linaro.org Reported-by: Neil Armstrong Reviewed-by: Catalin Marinas Suggested-by: Robin Murphy Signed-off-by: Baruch Siach Tested-by: Neil Armstrong # on SM8550-HDK Tested-by: Marek Szyprowski Signed-off-by: Christoph Hellwig commit a0e199ecf93575cc9314a7b7a555594ee346f786 Merge: ec62e2e8258123 7a99b1c0bce5cf Author: Arnd Bergmann Date: Tue Sep 3 07:01:30 2024 +0000 Merge tag 'soc_fsl-6.12-2' of https://github.com/chleroy/linux into soc/drivers - A series from Hervé Codina that bring support for the newer version of QMC (QUICC Multi-channel Controller) and TSA (Time Slots Assigner) found on MPC 83xx micro-controllers. - Misc changes for qbman freescale drivers for removing a redundant warning and using iommu_paging_domain_alloc() * tag 'soc_fsl-6.12-2' of https://github.com/chleroy/linux: (38 commits) soc: fsl: qbman: Remove redundant warnings soc: fsl: qbman: Use iommu_paging_domain_alloc() MAINTAINERS: Add QE files related to the Freescale QMC controller soc: fsl: cpm1: qmc: Handle QUICC Engine (QE) soft-qmc firmware soc: fsl: cpm1: qmc: Add support for QUICC Engine (QE) implementation soc: fsl: qe: Add missing PUSHSCHED command soc: fsl: qe: Add resource-managed muram allocators soc: fsl: cpm1: qmc: Introduce qmc_version soc: fsl: cpm1: qmc: Rename SCC_GSMRL_MODE_QMC soc: fsl: cpm1: qmc: Handle RPACK initialization soc: fsl: cpm1: qmc: Rename qmc_chan_command() soc: fsl: cpm1: qmc: Introduce qmc_{init,exit}_xcc() and their CPM1 version soc: fsl: cpm1: qmc: Introduce qmc_init_resource() and its CPM1 version soc: fsl: cpm1: qmc: Re-order probe() operations soc: fsl: cpm1: qmc: Introduce qmc_data structure dt-bindings: soc: fsl: cpm_qe: Add QUICC Engine (QE) QMC controller soc: fsl: cpm1: qmc: Add missing spinlock comment soc: fsl: cpm1: qmc: Fix 'transmiter' typo soc: fsl: cpm1: qmc: Remove unneeded parenthesis soc: fsl: cpm1: qmc: Fix blank line and spaces ... Link: https://lore.kernel.org/r/326d9a7d-7674-4c28-aa40-dd2c190244dd@csgroup.eu Signed-off-by: Arnd Bergmann commit 8a8f1e4e46a864a93412b6962b4ac848469a2325 Author: Krzysztof Kozlowski Date: Mon Sep 2 09:52:20 2024 +0200 dt-bindings: arm: fsl: drop usage of VAR-SOM-MX8MM SoM compatible alone The Variscite VAR-SOM-MX8MM System-on-Module cannot be used alone without motherboard, so drop the usage of its compatible alone. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Peng Fan Signed-off-by: Shawn Guo commit 7a99b1c0bce5cf8c554ceecd29ad1e8085557fd3 Merge: e266aa8b3598c8 3969d8d958021c Author: Christophe Leroy Date: Fri Aug 23 18:35:09 2024 +0200 Merge branch 'support-for-quicc-engine-tsa-and-qmc' Herve Codina says: ================ This series add support for the QUICC Engine (QE) version of TSA and QMC components. CPM1 version is already supported and, as the QE version of those component are pretty similar to the CPM1 version, the series extend the already existing drivers to support for the QE version. The TSA and QMC components are tightly coupled and so the series provides modifications on both components. Of course, this series can be split if it is needed. Let me know. The series is composed of: - Patches 1 and 2: Fixes related to TRNSYNC in the QMC driver - Patches 3..6: Fixes of checkpatch detected issues in the TSA driver - Patch 7: The QE TSA device-tree binding - Patches 8..13: TSA driver preparations for adding support for QE - Patches 14 and 15: The support for QE in TSA + MAINTAINERS update - Patch 16: A TSA API improvement needed for the QE QMC driver - Patch 17: A clarification in the QE QMC driver - Patches 18..22: Fixes of checkpatch detected issues in the QMC driver - Patch 23: The QE QMC device-tree binding - Patches 24..31: QMC driver preparations for adding support for QE - Patches 32 and 33: Missing features additions in QE code - Patches 34..36: The QMC support for QE in QMC + MAINTAINERS update Compared to the previous iteration, this v2 series updates device-tree bindings and fixes issues detected by kernel test robots. Related to the QE QMC device-tree binding, I kept the unit address in decimal and the 3 compatible strings. ================ Link: https://lore.kernel.org/r/20240808071132.149251-1-herve.codina@bootlin.com Signed-off-by: Christophe Leroy Tested-by: Christophe Leroy commit e266aa8b3598c81ea30898a8da20a41f76faa09a Author: Xiaolei Wang Date: Fri Aug 2 10:16:51 2024 +0800 soc: fsl: qbman: Remove redundant warnings This warning was added by commit 07f86917a450 ("soc/fsl/qbman: Use shared-dma-pool for QMan private memory allocations") but RESERVEDMEM_OF_DECLARE usage was removed by commit 3e62273ac63a ("soc: fsl: qbman: Remove RESERVEDMEM_OF_DECLARE usage") . For non-popwerpc platforms, such as ls1043, this warning is redundant. ls1043 itself uses shared-dma-mem. Fixes: 3e62273ac63a ("soc: fsl: qbman: Remove RESERVEDMEM_OF_DECLARE usage") Signed-off-by: Xiaolei Wang Link: https://lore.kernel.org/r/20240802021651.3854295-1-xiaolei.wang@windriver.com [chleroy: Added more details in commit message] Signed-off-by: Christophe Leroy commit 77a1a513083188f12361c45f08bdcfa508749b76 Author: Lu Baolu Date: Mon Aug 12 15:25:27 2024 +0800 soc: fsl: qbman: Use iommu_paging_domain_alloc() An iommu domain is allocated in portal_set_cpu() and is attached to pcfg->dev in the same function. Use iommu_paging_domain_alloc() to make it explicit. Signed-off-by: Lu Baolu Reviewed-by: Jason Gunthorpe Link: https://lore.kernel.org/r/20240610085555.88197-14-baolu.lu@linux.intel.com Signed-off-by: Christophe Leroy commit 3969d8d958021cf3b9dac5787c7daec72036cc1f Author: Herve Codina Date: Thu Aug 8 09:11:29 2024 +0200 MAINTAINERS: Add QE files related to the Freescale QMC controller The Freescale QMC controller driver supports both QE and CPM1. Add the newly introduced QE files to the existing entry. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-37-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 8655b76b7004d53bfa3c921ad9c4bf03dc952dc7 Author: Herve Codina Date: Thu Aug 8 09:11:28 2024 +0200 soc: fsl: cpm1: qmc: Handle QUICC Engine (QE) soft-qmc firmware The QUICC Engine (QE) QMC can use a firmware to have the QMC working in 'soft-qmc' mode. Handle this optional 'soft-qmc' firmware. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-36-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit eb680d563089e55b20cb7730ed881638fe4425b7 Author: Herve Codina Date: Thu Aug 8 09:11:27 2024 +0200 soc: fsl: cpm1: qmc: Add support for QUICC Engine (QE) implementation Add support for the QMC (QUICC Multichannel Controller) available in some PowerQUICC SoC that uses a QUICC Engine (QE) block such as MPC8321. This QE QMC is similar to the CPM QMC except that it uses UCCs (Unified Communication Controllers) instead of SCCs (Serial Communication Controllers). Also, compared against the CPM QMC, this QE QMC does not use a fixed area for the UCC/SCC parameters area but it uses a dynamic area allocated and provided to the hardware at runtime. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-35-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit f68cd02d51a65594341168f03f7962e9d9540726 Author: Herve Codina Date: Thu Aug 8 09:11:26 2024 +0200 soc: fsl: qe: Add missing PUSHSCHED command The PUSHSCHED command is missing in the QE header file. This command is supported on MPC8321 and is used to modify the start address for the task running on a given peripheral. It is needed for the QMC in order to perform the re-initialization procedure and so, ensure the correct UCC setup in that case. Simply add the missing command in the commands list available in the QE header file. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-34-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit c6f39c7c165fce8fe1a41327da02dcca0a3cac25 Author: Herve Codina Date: Thu Aug 8 09:11:25 2024 +0200 soc: fsl: qe: Add resource-managed muram allocators Introduce devm_cpm_muram_alloc() and devm_cpm_muram_alloc_fixed(), the resource-managed version of cpm_muram_alloc and cpm_muram_alloc_fixed(). These resource-managed versions simplify the user avoiding the need to call cpm_muram_free(). Indeed, the allocated area returned by these functions will be automatically freed on driver detach. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-33-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit b741b66f1cc83105fdea9ac5503c5ac106a37494 Author: Herve Codina Date: Thu Aug 8 09:11:24 2024 +0200 soc: fsl: cpm1: qmc: Introduce qmc_version Current code handles the CPM1 version of QMC. In order to prepare the support for the QUICC Engine (QE) version of QMC, introduce qmc_version to identify versions. This will enable the code to make the distinction between several QMC implementations. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-32-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 8f55d06b4c49a8bf1a911bce89b6ee9460b8b052 Author: Herve Codina Date: Thu Aug 8 09:11:23 2024 +0200 soc: fsl: cpm1: qmc: Rename SCC_GSMRL_MODE_QMC Current code handles CPM1 version of QMC. Even if GSMRL is specific to the CPM1 version, the exact same purpose and format register (GUMRL) is present in the QUICC Engine (QE) version of QMC. Compared to the QE version, the values defined for the mode bitfield are different and the 0x0A value defined for the QMC mode is CPM1 specific. In order to prepare the support for the QE version, rename this bitfield value to clearly identify it as CPM1 specific. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-31-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 278d799caa2e89fcb0a1b729954345eb3576b6ec Author: Herve Codina Date: Thu Aug 8 09:11:22 2024 +0200 soc: fsl: cpm1: qmc: Handle RPACK initialization Current code handles the CPM1 version of QMC, RPACK does not need to be initialized. This is not the case in the QUICC Engine (QE) version. In preparation of the support for QE, initialize the RPACK register when the receiver is initialized and each time it is restarted. This additional RPACK initialization has no impact in the CPM1 version of QMC. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-30-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit ef0878a5ba1cc4f5b4716991a02c6f44db48e2ca Author: Herve Codina Date: Thu Aug 8 09:11:21 2024 +0200 soc: fsl: cpm1: qmc: Rename qmc_chan_command() Current code handles CPM1 version of QMC and qmc_chan_command() is clearly CPM1 specific. In order to prepare the support for the QUICC Engine (QE) version, rename qmc_chan_command() to reflect that point. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-29-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit de5fdb7d14b34f7fea930f2d72cf0241ec679e72 Author: Herve Codina Date: Thu Aug 8 09:11:20 2024 +0200 soc: fsl: cpm1: qmc: Introduce qmc_{init,exit}_xcc() and their CPM1 version Current code handles the CPM1 version of QMC and initialize the QMC used SCC. The QUICC Engine (QE) version uses an UCC (Unified Communication Controllers) instead of the SCC (Serial Communication Controllers) used in the CPM1 version. These controllers serve the same purpose and are used in the same way but their inializations are slightly different. In order to prepare the support for QE version of QMC, introduce qmc_init_xcc() to initialize theses controllers (UCC in QE and SCC in CPM1) and isolate the CPM1 specific SCC initialization in a specific function. Also introduce qmc_exit_xcc() for consistency to revert operations done in qmc_init_xcc(). Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-28-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 727b3ab490a5f5e74fb3f246c9fdfb339d309950 Author: Herve Codina Date: Thu Aug 8 09:11:19 2024 +0200 soc: fsl: cpm1: qmc: Introduce qmc_init_resource() and its CPM1 version Current code handles the CPM1 version of QMC. Resources initialisations (i.e. retrieving base addresses and offsets of different parts) will be slightly different in the QUICC Engine (QE) version. Indeed, in QE version, some resources need to be allocated and are no more "staticaly" defined. In order to prepare the support for QE version, introduce qmc_init_resource() to initialize those resources and isolate the CPM1 specific operations in a specific function. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-27-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit a13bf605342ea9df492b8159cadaa41862b53e15 Author: Herve Codina Date: Thu Aug 8 09:11:18 2024 +0200 soc: fsl: cpm1: qmc: Re-order probe() operations Current code handles CPM1 version of QMC. In the QUICC Engine (QE) version, some operations done at probe() need to be done in a different order. In order to prepare the support for the QE version, changed the sequence of operation done at probe(): - Retrieve the tsa_serial earlier, before initializing resources. - Group SCC initialisation and do this initialization when it is really needed in the probe() sequence. Having the QE compatible sequence in the CPM1 version does not lead to any issue and works correctly without any regressions. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-26-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit d23ae9f1815e89a0397cea85182ca0305be0056a Author: Herve Codina Date: Thu Aug 8 09:11:17 2024 +0200 soc: fsl: cpm1: qmc: Introduce qmc_data structure Current code handles CPM1 version of QMC. Some hardcoded values are used several times to initialize the QMC state machine. In the QUICC Engine (QE) version of QMC, these values are different. In order to prepare the support for the QE version of QMC and avoid the copy of the hardcoded values, introduce the qmc_data structure to define these version specific values. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-25-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 41725760d2cef69360d354ba6136d666cb87bda3 Author: Herve Codina Date: Thu Aug 8 09:11:16 2024 +0200 dt-bindings: soc: fsl: cpm_qe: Add QUICC Engine (QE) QMC controller Add support for the QMC (QUICC Multichannel Controller) available in some PowerQUICC SoC that uses a QUICC Engine (QE) block such as MPC8321. This QE QMC is similar to the CPM QMC except that it uses UCCs (Unified Communication Controllers) instead of SCCs (Serial Communication Controllers). Also, compared against the CPM QMC, this QE QMC does not use a fixed area for the UCC/SCC parameters area but it uses a dynamic area allocated and provided to the hardware at runtime. Last point, the QE QMC can use a firmware to have the QMC working in 'soft-qmc' mode. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-24-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 211ddf7cc331191eb86e66050584bbe851bf6479 Author: Herve Codina Date: Thu Aug 8 09:11:15 2024 +0200 soc: fsl: cpm1: qmc: Add missing spinlock comment checkpatch.pl raises the following issue CHECK: spinlock_t definition without comment Add the missing comments. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-23-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit e49dd637e02589bd9bf096c250963fb2da9cc9d6 Author: Herve Codina Date: Thu Aug 8 09:11:14 2024 +0200 soc: fsl: cpm1: qmc: Fix 'transmiter' typo checkpatch.pl raises the following issue CHECK: 'transmiter' may be misspelled - perhaps 'transmitter'? Indeed, fix it. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-22-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 1934f6aa5e30de0ff8fee64aec947c2578792acd Author: Herve Codina Date: Thu Aug 8 09:11:13 2024 +0200 soc: fsl: cpm1: qmc: Remove unneeded parenthesis checkpatch.pl raises the following issue in several places CHECK: Unnecessary parenthesis around ... Remove them. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-21-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit f06ab938bcddcb3c3a0b458b03a827c701919c9e Author: Herve Codina Date: Thu Aug 8 09:11:12 2024 +0200 soc: fsl: cpm1: qmc: Fix blank line and spaces checkpatch.pl raises the following issues CHECK: Please don't use multiple blank lines CHECK: Alignment should match open parenthesis Fix them. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-20-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 44beb343d8932588eebc4e8813adb5074f383b11 Author: Herve Codina Date: Thu Aug 8 09:11:11 2024 +0200 soc: fsl: cpm1: qmc: Use BIT(), GENMASK() and FIELD_PREP() macros checkpatch.pl signals the following improvement for qmc.c CHECK: Prefer using the BIT macro Follow its suggestion and convert the code to BIT() and related macros. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-19-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit e8344905b3415207617ac44f11adfb909cf9adb3 Author: Herve Codina Date: Thu Aug 8 09:11:10 2024 +0200 soc: fsl: cpm1: qmc: Rename QMC_TSA_MASK QMC_TSA_MASK is a bitfield. The value defined is a specific value of this bitfield and correspond to the use of 8bit resolution for the routing entry. Be accurate and rename the defined constant to reflect this point. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-18-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 3825890981e615bf6a69310390490c099443c324 Author: Herve Codina Date: Thu Aug 8 09:11:09 2024 +0200 soc: fsl: cpm1: tsa: Introduce tsa_serial_get_num() TSA consumers in CPM1 implementation don't need to know about the serial device number used by the TSA component. In QUICC Engine implementation, this information is needed. Improve the TSA API with tsa_serial_get_num() in order to provide this information. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-17-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 2a2b83aca0839a904699fdcb3557037681239708 Author: Herve Codina Date: Thu Aug 8 09:11:08 2024 +0200 MAINTAINERS: Add QE files related to the Freescale TSA controller The Freescale TSA controller driver supports both QE and CPM1. Add the newly introduced QE files to the existing entry. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-16-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 7ac947021d9d002d207ba9c376b4fe498926ea8d Author: Herve Codina Date: Thu Aug 8 09:11:07 2024 +0200 soc: fsl: cpm1: tsa: Add support for QUICC Engine (QE) implementation Add support for the time slot assigner (TSA) available in some PowerQUICC SoC that uses a QUICC Engine (QE) block such as MPC8321. The QE TSA is similar to the CPM1 TSA except that it uses UCCs (Unified Communication Controllers) instead of SCCs (Serial Communication Controllers). Also, compared against the CPM1 TSA, this QE TSA can handle up to 4 TDMs instead of 2 and allows to configure the logic level of sync signals. At a lower level, compared against CPM TSA implementation, some registers are slightly different even if same features are present. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-15-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 572312a5bb49885a6bda4652810bab0319ba89c3 Author: Herve Codina Date: Thu Aug 8 09:11:06 2024 +0200 soc: fsl: cpm1: tsa: Introduce tsa_version Current code handles CPM1 version of TSA. In order to prepare the support for the QUICC Engine (QE) version of TSA, introduce tsa_version to identify versions. This will enable the code to make the distinction between several TSA implementations. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-14-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 9c6c022d1c3ce6e343722b0b7569a00f5b75f0bc Author: Herve Codina Date: Thu Aug 8 09:11:05 2024 +0200 soc: fsl: cpm1: tsa: Isolate specific CPM1 part from tsa_serial_{dis}connect() Current code handles the CPM1 version of TSA. Connecting and disconnecting the SCC to/from the TSA consists in handling SICR register which is CPM1 specific. The connection and disconnection operation in the QUICC Engine (QE) version are slightly different. In order to prepare the support for the QE version, clearly identify SICR register as specific to CPM1 and isolate its handling done in connect and disconnect functions. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-13-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 8d600cc337adb0573f2e6622568104ef8e1d1034 Author: Herve Codina Date: Thu Aug 8 09:11:04 2024 +0200 soc: fsl: cpm1: tsa: Introduce tsa_setup() and its CPM1 compatible version Current code handles the CPM1 version of TSA. Setting up TSA consists in handling SIMODE and SIGMR registers. These registers are CPM1 specific. Setting up the QUICC Engine (QE) version of TSA is slightly different. In order to prepare the support for QE version, clearly identify these registers as CPM1 compatible and isolate their handling in a CPM1 specific function. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-12-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 8c8e1ba3e98c29e3bee1c7c0f19ff1ecd89f197f Author: Herve Codina Date: Thu Aug 8 09:11:03 2024 +0200 soc: fsl: cpm1: tsa: Make SIRAM entries specific to CPM1 Current code handles the CPM1 version of TSA. Compared against QUICC Engine (QE) version of TSA, CPM1 SIRAM entries are slightly different. In order to prepare the support for the QE version, clearly identify these entries and functions handling them as CPM1 compatible. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-11-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 58edcace87b0f5d210b171803988ff7602b2410b Author: Herve Codina Date: Thu Aug 8 09:11:02 2024 +0200 soc: fsl: cpm1: tsa: Use ARRAY_SIZE() instead of hardcoded integer values Loops handling the tdm array use hardcoded size and the initialization part uses hardcoded indexes to initialize the array. Use ARRAY_SIZE() to avoid the hardcoded size and initialize the array using a loop. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-10-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 442f3799fa387ab4c0c9b2d20490d582b96532d1 Author: Herve Codina Date: Thu Aug 8 09:11:01 2024 +0200 soc: fsl: cpm1: tsa: Remove unused registers offset definition SISTR, SICMR and SIRP registers offset definitions are not used. In order to avoid unneeded code, remove them. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-9-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit a0bbe77fafbc7e5eb41fbf3dc5cdb3608d8778a3 Author: Herve Codina Date: Thu Aug 8 09:11:00 2024 +0200 dt-bindings: soc: fsl: cpm_qe: Add QUICC Engine (QE) TSA controller Add support for the time slot assigner (TSA) available in some PowerQUICC SoC that uses a QUICC Engine (QE) block such as MPC8321. This QE TSA is similar to the CPM TSA except that it uses UCCs (Unified Communication Controllers) instead of SCCs (Serial Communication Controllers). Also, compared against the CPM TSA, this QE TSA can handle up to 4 TDMs instead of 2 and allows to configure the logic level of sync signals. Signed-off-by: Herve Codina Reviewed-by: Rob Herring (Arm) Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-8-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit a68757abc0d5df7142720d030276f9693e4958af Author: Herve Codina Date: Thu Aug 8 09:10:59 2024 +0200 soc: fsl: cpm1: tsa: Add missing spinlock comment checkpatch.pl raises the following issue CHECK: spinlock_t definition without comment Add the missing comment. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-7-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit bfd4f092c49fe20a802f703e79df4926b70f3564 Author: Herve Codina Date: Thu Aug 8 09:10:58 2024 +0200 soc: fsl: cpm1: tsa: Fix blank line and spaces checkpatch.pl raises the following issues CHECK: Please don't use multiple blank lines CHECK: spaces preferred around that '/' (ctx:VxV) CHECK: spaces preferred around that '+' (ctx:VxV) CHECK: spaces preferred around that '-' (ctx:VxV) Fix them. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-6-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 37dbcd596f9056c5bc6f196873599dca01bc3774 Author: Herve Codina Date: Thu Aug 8 09:10:57 2024 +0200 soc: fsl: cpm1: tsa: Use BIT(), GENMASK() and FIELD_PREP() macros checkpatch.pl signals the following improvement for tsa.c CHECK: Prefer using the BIT macro Follow its suggestion and convert the code to BIT() and related macros. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-5-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 47a347bae9a491b467ab3543e4725a3e4fbe30f5 Author: Herve Codina Date: Thu Aug 8 09:10:56 2024 +0200 soc: fsl: cpm1: tsa: Fix tsa_write8() The tsa_write8() parameter is an u32 value. This is not consistent with the function itself. Indeed, tsa_write8() writes an 8bits value. Be consistent and use an u8 parameter value. Fixes: 1d4ba0b81c1c ("soc: fsl: cpm1: Add support for TSA") Cc: stable@vger.kernel.org Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-4-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit d285cf22f8c0347fc3df80e84f31e9179de4e6c6 Author: Herve Codina Date: Thu Aug 8 09:10:55 2024 +0200 soc: fsl: cpm1: qmc: Enable TRNSYNC only when needed The TRNSYNC feature is enabled whatever the number of time-slots used. The feature is needed only when more than one time-slot is used. Improve the driver enabling TRNSYNC only when it is needed. Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-3-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit c3cc3e69b33fee3d276895e0e2d1a8fb37ea5d0e Author: Herve Codina Date: Thu Aug 8 09:10:54 2024 +0200 soc: fsl: cpm1: qmc: Update TRNSYNC only in transparent mode The TRNSYNC feature is available (and enabled) only in transparent mode. Since commit 7cc9bda9c163 ("soc: fsl: cpm1: qmc: Handle timeslot entries at channel start() and stop()") TRNSYNC register is updated in transparent and hdlc mode. In hdlc mode, the address of the TRNSYNC register is used by the QMC for other internal purpose. Even if no weird results were observed in hdlc mode, touching this register in this mode is wrong. Update TRNSYNC only in transparent mode. Fixes: 7cc9bda9c163 ("soc: fsl: cpm1: qmc: Handle timeslot entries at channel start() and stop()") Cc: stable@vger.kernel.org Signed-off-by: Herve Codina Reviewed-by: Christophe Leroy Link: https://lore.kernel.org/r/20240808071132.149251-2-herve.codina@bootlin.com Signed-off-by: Christophe Leroy commit 35f4a629641b812e04fadef087da5d6af59e32d7 Merge: fc88bb11617978 431c1646e1f86b Author: Greg Kroah-Hartman Date: Tue Sep 3 07:42:58 2024 +0200 Merge 6.11-rc6 into usb-next We need the USB fixes in here as well. Signed-off-by: Greg Kroah-Hartman commit 59090e479ac78ae18facd4c58eb332562a23020e Author: Peng Fan Date: Thu Aug 29 11:29:11 2024 +0800 mm, slub: avoid zeroing kmalloc redzone Since commit 946fa0dbf2d8 ("mm/slub: extend redzone check to extra allocated kmalloc space than requested"), setting orig_size treats the wasted space (object_size - orig_size) as a redzone. However with init_on_free=1 we clear the full object->size, including the redzone. Additionally we clear the object metadata, including the stored orig_size, making it zero, which makes check_object() treat the whole object as a redzone. These issues lead to the following BUG report with "slub_debug=FUZ init_on_free=1": [ 0.000000] ============================================================================= [ 0.000000] BUG kmalloc-8 (Not tainted): kmalloc Redzone overwritten [ 0.000000] ----------------------------------------------------------------------------- [ 0.000000] [ 0.000000] 0xffff000010032858-0xffff00001003285f @offset=2136. First byte 0x0 instead of 0xcc [ 0.000000] FIX kmalloc-8: Restoring kmalloc Redzone 0xffff000010032858-0xffff00001003285f=0xcc [ 0.000000] Slab 0xfffffdffc0400c80 objects=36 used=23 fp=0xffff000010032a18 flags=0x3fffe0000000200(workingset|node=0|zone=0|lastcpupid=0x1ffff) [ 0.000000] Object 0xffff000010032858 @offset=2136 fp=0xffff0000100328c8 [ 0.000000] [ 0.000000] Redzone ffff000010032850: cc cc cc cc cc cc cc cc ........ [ 0.000000] Object ffff000010032858: cc cc cc cc cc cc cc cc ........ [ 0.000000] Redzone ffff000010032860: cc cc cc cc cc cc cc cc ........ [ 0.000000] Padding ffff0000100328b4: 00 00 00 00 00 00 00 00 00 00 00 00 ............ [ 0.000000] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.11.0-rc3-next-20240814-00004-g61844c55c3f4 #144 [ 0.000000] Hardware name: NXP i.MX95 19X19 board (DT) [ 0.000000] Call trace: [ 0.000000] dump_backtrace+0x90/0xe8 [ 0.000000] show_stack+0x18/0x24 [ 0.000000] dump_stack_lvl+0x74/0x8c [ 0.000000] dump_stack+0x18/0x24 [ 0.000000] print_trailer+0x150/0x218 [ 0.000000] check_object+0xe4/0x454 [ 0.000000] free_to_partial_list+0x2f8/0x5ec To address the issue, use orig_size to clear the used area. And restore the value of orig_size after clear the remaining area. When CONFIG_SLUB_DEBUG not defined, (get_orig_size()' directly returns s->object_size. So when using memset to init the area, the size can simply be orig_size, as orig_size returns object_size when CONFIG_SLUB_DEBUG not enabled. And orig_size can never be bigger than object_size. Fixes: 946fa0dbf2d8 ("mm/slub: extend redzone check to extra allocated kmalloc space than requested") Cc: Reviewed-by: Feng Tang Acked-by: David Rientjes Signed-off-by: Peng Fan Signed-off-by: Vlastimil Babka commit fcba2ed66b39252210f4e739722ebcc5398c2197 Author: Jouni Högander Date: Mon Sep 2 09:42:41 2024 +0300 drm/i915/display: Increase Fast Wake Sync length as a quirk In commit "drm/i915/display: Increase number of fast wake precharge pulses" we were increasing Fast Wake sync pulse length to fix problems observed on Dell Precision 5490 laptop with AUO panel. Later we have observed this is causing problems on other panels. Fix these problems by increasing Fast Wake sync pulse length as a quirk applied for Dell Precision 5490 with problematic panel. Fixes: f77772866385 ("drm/i915/display: Increase number of fast wake precharge pulses") Cc: Ville Syrjälä Closes: http://gitlab.freedesktop.org/drm/i915/kernel/-/issues/9739 Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2246 Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/11762 Signed-off-by: Jouni Högander Reviewed-by: Jani Nikula Cc: # v6.10+ Link: https://patchwork.freedesktop.org/patch/msgid/20240902064241.1020965-3-jouni.hogander@intel.com commit b3b91369908ac63be6f64905448b8ba5cd151875 Author: Jouni Högander Date: Mon Sep 2 09:42:40 2024 +0300 drm/i915/display: Add mechanism to use sink model when applying quirk Currently there is no way to apply quirk on device only if certain panel model is installed. This patch implements such mechanism by adding new quirk type intel_dpcd_quirk which contains also sink_oui and sink_device_id fields and using also them to figure out if applying quirk is needed. New intel_init_dpcd_quirks is added and called after drm_dp_read_desc with proper sink device identity read from dpcdc. v3: - !mem_is_zero fixed to mem_is_zero v2: - instead of using struct intel_quirk add new struct intel_dpcd_quirk Signed-off-by: Jouni Högander Reviewed-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240902064241.1020965-2-jouni.hogander@intel.com commit 90fa22da6d6b41dc17435aff7b800f9ca3c00401 Author: Christoph Hellwig Date: Tue Aug 27 07:03:21 2024 +0200 xfs: ensure st_blocks never goes to zero during COW writes COW writes remove the amount overwritten either directly for delalloc reservations, or in earlier deferred transactions than adding the new amount back in the bmap map transaction. This means st_blocks on an inode where all data is overwritten using the COW path can temporarily show a 0 st_blocks. This can easily be reproduced with the pending zoned device support where all writes use this path and trips the check in generic/615, but could also happen on a reflink file without that. Fix this by temporarily add the pending blocks to be mapped to i_delayed_blks while the item is queued. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Reviewed-by: Dave Chinner Signed-off-by: Chandan Babu R commit 866cf1dd3d5cc03e6544a9582ef9c79ecdfc92c0 Author: Christoph Hellwig Date: Thu Aug 29 07:08:41 2024 +0300 xfs: use xas_for_each_marked in xfs_reclaim_inodes_count xfs_reclaim_inodes_count iterates over all AGs to sum up the reclaimable inodes counts. There is no point in grabbing a reference to the them or unlock the RCU critical section for each iteration, so switch to the more efficient xas_for_each_marked iterator. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit 32fa4059fe6776d7db1e9058f360e06b36c9f2ce Author: Christoph Hellwig Date: Thu Aug 29 07:08:40 2024 +0300 xfs: convert perag lookup to xarray Convert the perag lookup from the legacy radix tree to the xarray, which allows for much nicer iteration and bulk lookup semantics. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit f9ffd095c89a07a8877ca0669ac164f8a6994afc Author: Christoph Hellwig Date: Thu Aug 29 07:08:39 2024 +0300 xfs: simplify tagged perag iteration Pass the old perag structure to the tagged loop helpers so that they can grab the old agno before releasing the reference. This removes the need to separately track the agno and the iterator macro, and thus also obsoletes the for_each_perag_tag syntactic sugar. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit f48f0a8e00b67028d4492e7656b346fa0d806570 Author: Christoph Hellwig Date: Thu Aug 29 07:08:38 2024 +0300 xfs: move the tagged perag lookup helpers to xfs_icache.c The tagged perag helpers are only used in xfs_icache.c in the kernel code and not at all in xfsprogs. Move them to xfs_icache.c in preparation for switching to an xarray, for which I have no plan to implement the tagged lookup functions for userspace. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit 4ef7c6d39dc72dae983b836c8b2b5de7128c0da3 Author: Christoph Hellwig Date: Thu Aug 29 07:08:37 2024 +0300 xfs: use kfree_rcu_mightsleep to free the perag structures Using the kfree_rcu_mightsleep is simpler and removes the need for a rcu_head in the perag structure. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit 70045dafdf8d2f4645b68c0922728d719c2f5a9a Author: Hongbo Li Date: Wed Aug 21 14:43:55 2024 +0800 xfs: use LIST_HEAD() to simplify code list_head can be initialized automatically with LIST_HEAD() instead of calling INIT_LIST_HEAD(). Signed-off-by: Hongbo Li Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit 9db384feea8579f2e57fd49e955fb6dc79504906 Author: Jiapeng Chong Date: Wed Jul 10 10:45:14 2024 +0800 xfs: Remove duplicate xfs_trans_priv.h header ./fs/xfs/libxfs/xfs_defer.c: xfs_trans_priv.h is included more than once. Reported-by: Abaci Robot Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=9491 Signed-off-by: Jiapeng Chong Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit fb8b941c75bd70ddfb0a8a3bb9bb770ed1d648f8 Author: Dan Carpenter Date: Fri Jul 12 09:07:36 2024 -0500 xfs: remove unnecessary check We checked that "pip" is non-NULL at the start of the if else statement so there is no need to check again here. Delete the check. Signed-off-by: Dan Carpenter Reviewed-by: Darrick J. Wong Reviewed-by: Chaitanya Kulkarni Signed-off-by: Chandan Babu R commit ca57120dfe2790a90fbafa3f7ced9c39d94d4698 Author: John Garry Date: Wed Jul 10 10:31:19 2024 +0000 xfs: Use xfs set and clear mp state helpers Use the set and clear mp state helpers instead of open-coding. It is noted that in some instances calls to atomic operation set_bit() and clear_bit() are being replaced with test_and_set_bit() and test_and_clear_bit(), respectively, as there is no specific helpers for set_bit() and clear_bit() only. However should be ok, as we are just ignoring the returned value from those "test" variants. Signed-off-by: John Garry Reviewed-by: Darrick J. Wong Reviewed-by: Dave Chinner Reviewed-by: Chaitanya Kulkarni Signed-off-by: Chandan Babu R commit 9372dce08b346796b00239422fbb153e79bccead Author: Christoph Hellwig Date: Tue Aug 13 09:39:42 2024 +0200 xfs: reclaim speculative preallocations for append only files The XFS XFS_DIFLAG_APPEND maps to the VFS S_APPEND flag, which forbids writes that don't append at the current EOF. But the commit originally adding XFS_DIFLAG_APPEND support (commit a23321e766d in xfs xfs-import repository) also checked it to skip releasing speculative preallocations, which doesn't make any sense. Another commit (dd9f438e3290 in the xfs-import repository) later extended that flag to also report these speculation preallocations which should not exist in getbmap. Remove these checks as nothing XFS_DIFLAG_APPEND implies that preallocations beyond EOF should exist, but explicitly check for XFS_DIFLAG_APPEND in xfs_file_release to bypass the algorithm that discard preallocations on the first close as append only files aren't expected to be written to only once. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit 11f4c3a53adde1a57097b1ebaf36c64d9c0231bd Author: Christoph Hellwig Date: Tue Aug 13 09:39:41 2024 +0200 xfs: simplify extent lookup in xfs_can_free_eofblocks xfs_can_free_eofblocks just cares if there is an extent beyond EOF. Replace the call to xfs_bmapi_read with a xfs_iext_lookup_extent as we've already checked that extents are read in earlier. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit b717089efe47bb0894d3deb016fecfc09ae586c6 Author: Christoph Hellwig Date: Tue Aug 13 09:39:40 2024 +0200 xfs: check XFS_EOFBLOCKS_RELEASED earlier in xfs_release_eofblocks If the XFS_EOFBLOCKS_RELEASED flag is set, we are not going to free the eofblocks, so don't bother locking the inode or performing the checks in xfs_can_free_eofblocks. Also switch to a test_and_set operation once the iolock has been acquire so that only the caller that sets it actually frees the post-EOF blocks. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit f1204d96450fa7650dc27b8839df159a01998737 Author: Darrick J. Wong Date: Tue Aug 13 09:39:39 2024 +0200 xfs: only free posteof blocks on first close Certain workloads fragment files on XFS very badly, such as a software package that creates a number of threads, each of which repeatedly run the sequence: open a file, perform a synchronous write, and close the file, which defeats the speculative preallocation mechanism. We work around this problem by only deleting posteof blocks the /first/ time a file is closed to preserve the behavior that unpacking a tarball lays out files one after the other with no gaps. Signed-off-by: Darrick J. Wong [hch: rebased, updated comment, renamed the flag] Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit 816e3599ca9b9bbfdc456433cc707e75f2c31104 Author: Dave Chinner Date: Tue Aug 13 09:39:38 2024 +0200 xfs: don't free post-EOF blocks on read close When we have a workload that does open/read/close in parallel with other allocation, the file becomes rapidly fragmented. This is due to close() calling xfs_file_release() and removing the speculative preallocation beyond EOF. Add a check for a writable context to xfs_file_release to skip the post-EOF block freeing (an the similarly pointless flushing on truncate down). Before: Test 1: sync write fragmentation counts /mnt/scratch/file.0: 919 /mnt/scratch/file.1: 916 /mnt/scratch/file.2: 919 /mnt/scratch/file.3: 920 /mnt/scratch/file.4: 920 /mnt/scratch/file.5: 921 /mnt/scratch/file.6: 916 /mnt/scratch/file.7: 918 After: Test 1: sync write fragmentation counts /mnt/scratch/file.0: 24 /mnt/scratch/file.1: 24 /mnt/scratch/file.2: 11 /mnt/scratch/file.3: 24 /mnt/scratch/file.4: 3 /mnt/scratch/file.5: 24 /mnt/scratch/file.6: 24 /mnt/scratch/file.7: 23 Signed-off-by: Dave Chinner [darrick: wordsmithing, fix commit message] Signed-off-by: Darrick J. Wong [hch: ported to the new ->release code structure] Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit c741d79c1a975cc3904ed8a491d6338ac852d43d Author: Christoph Hellwig Date: Tue Aug 13 09:39:37 2024 +0200 xfs: skip all of xfs_file_release when shut down There is no point in trying to free post-EOF blocks when the file system is shutdown, as it will just error out ASAP. Instead return instantly when xfs_file_release is called on a shut down file system. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit 98e44e2bc0fb15230b10f375db55e4b0bbc295aa Author: Christoph Hellwig Date: Tue Aug 13 09:39:36 2024 +0200 xfs: don't bother returning errors from xfs_file_release While ->release returns int, the only caller ignores the return value. As we're only doing cleanup work there isn't much of a point in return a value to start with, so just document the situation instead. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit 5d3ca6261121486d4665816622ec1974bf4cb8b2 Author: Christoph Hellwig Date: Tue Aug 13 09:39:35 2024 +0200 xfs: refactor f_op->release handling Currently f_op->release is split in not very obvious ways. Fix that by folding xfs_release into xfs_file_release. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit 6e13dbebd5189cd8f70af9fb01b5146be7d7c7db Author: Christoph Hellwig Date: Tue Aug 13 09:39:34 2024 +0200 xfs: remove the i_mode check in xfs_release xfs_release is only called from xfs_file_release, which is wired up as the f_op->release handler for regular files only. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Chandan Babu R commit 169d89f33bb52efc9234715d09d83a2848d0b5b2 Merge: 5384639bf7b82d 411a71256de6f5 Author: Chandan Babu R Date: Tue Sep 3 10:03:07 2024 +0530 Merge tag 'btree-cleanups-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux into xfs-6.12-mergeA xfs: cleanups for inode rooted btree code [v4.2 8/8] This series prepares the btree code to support realtime reverse mapping btrees by refactoring xfs_ifork_realloc to be fed a per-btree ops structure so that it can handle multiple types of inode-rooted btrees. It moves on to refactoring the btree code to use the new realloc routines. With a bit of luck, this should all go splendidly. Signed-off-by: Darrick J. Wong Signed-off-by: Chandan Babu R * tag 'btree-cleanups-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux: xfs: standardize the btree maxrecs function parameters xfs: replace shouty XFS_BM{BT,DR} macros commit 5384639bf7b82d825b7a65586f382b7b16eef34f Merge: 8f78a440444f6a de55149b6639e9 Author: Chandan Babu R Date: Tue Sep 3 09:15:32 2024 +0530 Merge tag 'xfs-fixes-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux into xfs-6.12-mergeA xfs: various bug fixes for 6.12 [7/8] Various bug fixes for 6.12. With a bit of luck, this should all go splendidly. Signed-off-by: Darrick J. Wong Signed-off-by: Chandan Babu R * tag 'xfs-fixes-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux: xfs: fix a sloppy memory handling bug in xfs_iroot_realloc xfs: fix FITRIM reporting again xfs: fix C++ compilation errors in xfs_fs.h commit 8f78a440444f6a03f4113420175d894c1cd30fb4 Merge: 07b2bbcf77b21d 2c4162be6c10d3 Author: Chandan Babu R Date: Tue Sep 3 09:14:59 2024 +0530 Merge tag 'quota-cleanups-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux into xfs-6.12-mergeA xfs: cleanups for quota mount [v4.2 6/8] Refactor the quota file loading code in preparation for adding metadata directory trees. Did you know that quotarm works even when quota isn't active? With a bit of luck, this should all go splendidly. Signed-off-by: Darrick J. Wong Signed-off-by: Chandan Babu R * tag 'quota-cleanups-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux: xfs: refactor loading quota inodes in the regular case commit 07b2bbcf77b21d40c2c5c65c182c96d5e524f803 Merge: b2138a591c1440 2ca7b9d7b80810 Author: Chandan Babu R Date: Tue Sep 3 09:14:28 2024 +0530 Merge tag 'rtalloc-cleanups-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux into xfs-6.12-mergeA xfs: cleanups for the realtime allocator [v4.2 5/8] This third series cleans up the realtime allocator code so that it'll be somewhat less difficult to figure out what on earth it's doing. We also rearrange the fsmap code a bit. With a bit of luck, this should all go splendidly. Signed-off-by: Darrick J. Wong Signed-off-by: Chandan Babu R * tag 'rtalloc-cleanups-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux: xfs: move xfs_ioc_getfsmap out of xfs_ioctl.c xfs: rearrange xfs_fsmap.c a little bit xfs: replace m_rsumsize with m_rsumblocks xfs: remove xfs_{rtbitmap,rtsummary}_wordcount xfs: add xchk_setup_nothing and xchk_nothing helpers xfs: make the rtalloc start hint a xfs_rtblock_t xfs: factor out a xfs_rtallocate_align helper xfs: rework the rtalloc fallback handling xfs: factor out a xfs_rtallocate helper xfs: clean up the ISVALID macro in xfs_bmap_adjacent commit b2138a591c144091bdd221af351090eb2a74e34c Merge: 0879dee5cefb38 df8b181f155158 Author: Chandan Babu R Date: Tue Sep 3 09:13:51 2024 +0530 Merge tag 'rtalloc-fixes-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux into xfs-6.12-mergeA xfs: fixes for the realtime allocator [v4.2 4/8] While I was reviewing how to integrate realtime allocation groups with the rt allocator, I noticed several bugs in the existing allocation code with regards to calculating the maximum range of rtx to scan for free space. This series fixes those range bugs and cleans up a few things too. I also added a few cleanups from Christoph. With a bit of luck, this should all go splendidly. Signed-off-by: Darrick J. Wong Signed-off-by: Chandan Babu R * tag 'rtalloc-fixes-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux: xfs: simplify xfs_rtalloc_query_range xfs: remove xfs_rtb_to_rtxrem xfs: fix broken variable-sized allocation detection in xfs_rtallocate_extent_block xfs: reduce excessive clamping of maxlen in xfs_rtallocate_extent_near xfs: clean up xfs_rtallocate_extent_exact a bit xfs: refactor aligning bestlen to prod xfs: don't scan off the end of the rt volume in xfs_rtallocate_extent_block xfs: don't return too-short extents from xfs_rtallocate_extent_block xfs: ensure rtx mask/shift are correct after growfs xfs: use the recalculated transaction reservation in xfs_growfs_rt_bmblock commit 0879dee5cefb385806e5b2e4408a4098cf995901 Merge: 37126ddd48aebe 0a59e4f3e1670b Author: Chandan Babu R Date: Tue Sep 3 09:13:18 2024 +0530 Merge tag 'rtbitmap-cleanups-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux into xfs-6.12-mergeA xfs: clean up the rtbitmap code [v4.2 3/8] Here are some cleanups and reorganization of the realtime bitmap code to share more of that code between userspace and the kernel. With a bit of luck, this should all go splendidly. Signed-off-by: Darrick J. Wong Signed-off-by: Chandan Babu R * tag 'rtbitmap-cleanups-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux: xfs: push transaction join out of xfs_rtbitmap_lock and xfs_rtgroup_lock xfs: factor out rtbitmap/summary initialization helpers xfs: factor out a xfs_last_rt_bmblock helper xfs: factor out a xfs_growfs_rt_bmblock helper xfs: push the calls to xfs_rtallocate_range out to xfs_bmap_rtalloc xfs: cleanup the calling convention for xfs_rtpick_extent xfs: add bounds checking to xfs_rt{bitmap,summary}_read_buf xfs: assert a valid limit in xfs_rtfind_forw xfs: remove the limit argument to xfs_rtfind_back xfs: make the RT rsum_cache mandatory xfs: factor out a xfs_validate_rt_geometry helper xfs: remove xfs_validate_rtextents commit 37126ddd48aebe7c88ce7683a3fa29eb48fc735d Merge: 41c38bf024ab15 390b4775d67877 Author: Chandan Babu R Date: Tue Sep 3 09:12:47 2024 +0530 Merge tag 'metadir-cleanups-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux into xfs-6.12-mergeA xfs: cleanups before adding metadata directories [v4.2 2/8] Before we start adding code for metadata directory trees, let's clean up some warts in the realtime bitmap code and the inode allocator code. With a bit of luck, this should all go splendidly. Signed-off-by: Darrick J. Wong Signed-off-by: Chandan Babu R * tag 'metadir-cleanups-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux: xfs: pass the icreate args object to xfs_dialloc xfs: match on the global RT inode numbers in xfs_is_metadata_inode xfs: validate inumber in xfs_iget commit 41c38bf024ab153b7e1a233ec92da96f6df8e401 Merge: 431c1646e1f86b 398597c3ef7fb1 Author: Chandan Babu R Date: Tue Sep 3 09:11:43 2024 +0530 Merge tag 'atomic-file-commits-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux into xfs-6.12-mergeA xfs: atomic file content commits [v31.1 1/8] This series creates XFS_IOC_START_COMMIT and XFS_IOC_COMMIT_RANGE ioctls to perform the exchange only if the target file has not been changed since a given sampling point. This new functionality uses the mechanism underlying EXCHANGE_RANGE to stage and commit file updates such that reader programs will see either the old contents or the new contents in their entirety, with no chance of torn writes. A successful call completion guarantees that the new contents will be seen even if the system fails. The pair of ioctls allows userspace to perform what amounts to a compare and exchange operation on entire file contents. Note that there are ongoing arguments in the community about how best to implement some sort of file data write counter that nfsd could also use to signal invalidations to clients. Until such a thing is implemented, this patch will rely on ctime/mtime updates. Here are the proposed manual pages: IOCTL-XFS-COMMIT-RANGE(2) System Calls ManualIOCTL-XFS-COMMIT-RANGE(2) NAME ioctl_xfs_start_commit - prepare to exchange the contents of two files ioctl_xfs_commit_range - conditionally exchange the contents of parts of two files SYNOPSIS #include #include int ioctl(int file2_fd, XFS_IOC_START_COMMIT, struct xfs_com‐ mit_range *arg); int ioctl(int file2_fd, XFS_IOC_COMMIT_RANGE, struct xfs_com‐ mit_range *arg); DESCRIPTION Given a range of bytes in a first file file1_fd and a second range of bytes in a second file file2_fd, this ioctl(2) ex‐ changes the contents of the two ranges if file2_fd passes cer‐ tain freshness criteria. Before exchanging the contents, the program must call the XFS_IOC_START_COMMIT ioctl to sample freshness data for file2_fd. If the sampled metadata does not match the file metadata at commit time, XFS_IOC_COMMIT_RANGE will return EBUSY. Exchanges are atomic with regards to concurrent file opera‐ tions. Implementations must guarantee that readers see either the old contents or the new contents in their entirety, even if the system fails. The system call parameters are conveyed in structures of the following form: struct xfs_commit_range { __s32 file1_fd; __u32 pad; __u64 file1_offset; __u64 file2_offset; __u64 length; __u64 flags; __u64 file2_freshness[5]; }; The field pad must be zero. The fields file1_fd, file1_offset, and length define the first range of bytes to be exchanged. The fields file2_fd, file2_offset, and length define the second range of bytes to be exchanged. The field file2_freshness is an opaque field whose contents are determined by the kernel. These file attributes are used to confirm that file2_fd has not changed by another thread since the current thread began staging its own update. Both files must be from the same filesystem mount. If the two file descriptors represent the same file, the byte ranges must not overlap. Most disk-based filesystems require that the starts of both ranges must be aligned to the file block size. If this is the case, the ends of the ranges must also be so aligned unless the XFS_EXCHANGE_RANGE_TO_EOF flag is set. The field flags control the behavior of the exchange operation. XFS_EXCHANGE_RANGE_TO_EOF Ignore the length parameter. All bytes in file1_fd from file1_offset to EOF are moved to file2_fd, and file2's size is set to (file2_offset+(file1_length- file1_offset)). Meanwhile, all bytes in file2 from file2_offset to EOF are moved to file1 and file1's size is set to (file1_offset+(file2_length- file2_offset)). XFS_EXCHANGE_RANGE_DSYNC Ensure that all modified in-core data in both file ranges and all metadata updates pertaining to the exchange operation are flushed to persistent storage before the call returns. Opening either file de‐ scriptor with O_SYNC or O_DSYNC will have the same effect. XFS_EXCHANGE_RANGE_FILE1_WRITTEN Only exchange sub-ranges of file1_fd that are known to contain data written by application software. Each sub-range may be expanded (both upwards and downwards) to align with the file allocation unit. For files on the data device, this is one filesystem block. For files on the realtime device, this is the realtime extent size. This facility can be used to implement fast atomic scatter-gather writes of any complexity for software-defined storage targets if all writes are aligned to the file allocation unit. XFS_EXCHANGE_RANGE_DRY_RUN Check the parameters and the feasibility of the op‐ eration, but do not change anything. RETURN VALUE On error, -1 is returned, and errno is set to indicate the er‐ ror. ERRORS Error codes can be one of, but are not limited to, the follow‐ ing: EBADF file1_fd is not open for reading and writing or is open for append-only writes; or file2_fd is not open for reading and writing or is open for append-only writes. EBUSY The file2 inode number and timestamps supplied do not match file2_fd. EINVAL The parameters are not correct for these files. This error can also appear if either file descriptor repre‐ sents a device, FIFO, or socket. Disk filesystems gen‐ erally require the offset and length arguments to be aligned to the fundamental block sizes of both files. EIO An I/O error occurred. EISDIR One of the files is a directory. ENOMEM The kernel was unable to allocate sufficient memory to perform the operation. ENOSPC There is not enough free space in the filesystem ex‐ change the contents safely. EOPNOTSUPP The filesystem does not support exchanging bytes between the two files. EPERM file1_fd or file2_fd are immutable. ETXTBSY One of the files is a swap file. EUCLEAN The filesystem is corrupt. EXDEV file1_fd and file2_fd are not on the same mounted filesystem. CONFORMING TO This API is XFS-specific. USE CASES Several use cases are imagined for this system call. Coordina‐ tion between multiple threads is performed by the kernel. The first is a filesystem defragmenter, which copies the con‐ tents of a file into another file and wishes to exchange the space mappings of the two files, provided that the original file has not changed. An example program might look like this: int fd = open("/some/file", O_RDWR); int temp_fd = open("/some", O_TMPFILE | O_RDWR); struct stat sb; struct xfs_commit_range args = { .flags = XFS_EXCHANGE_RANGE_TO_EOF, }; /* gather file2's freshness information */ ioctl(fd, XFS_IOC_START_COMMIT, &args); fstat(fd, &sb); /* make a fresh copy of the file with terrible alignment to avoid reflink */ clone_file_range(fd, NULL, temp_fd, NULL, 1, 0); clone_file_range(fd, NULL, temp_fd, NULL, sb.st_size - 1, 0); /* commit the entire update */ args.file1_fd = temp_fd; ret = ioctl(fd, XFS_IOC_COMMIT_RANGE, &args); if (ret && errno == EBUSY) printf("file changed while defrag was underway "); The second is a data storage program that wants to commit non- contiguous updates to a file atomically. This program cannot coordinate updates to the file and therefore relies on the ker‐ nel to reject the COMMIT_RANGE command if the file has been up‐ dated by someone else. This can be done by creating a tempo‐ rary file, calling FICLONE(2) to share the contents, and stag‐ ing the updates into the temporary file. The FULL_FILES flag is recommended for this purpose. The temporary file can be deleted or punched out afterwards. An example program might look like this: int fd = open("/some/file", O_RDWR); int temp_fd = open("/some", O_TMPFILE | O_RDWR); struct xfs_commit_range args = { .flags = XFS_EXCHANGE_RANGE_TO_EOF, }; /* gather file2's freshness information */ ioctl(fd, XFS_IOC_START_COMMIT, &args); ioctl(temp_fd, FICLONE, fd); /* append 1MB of records */ lseek(temp_fd, 0, SEEK_END); write(temp_fd, data1, 1000000); /* update record index */ pwrite(temp_fd, data1, 600, 98765); pwrite(temp_fd, data2, 320, 54321); pwrite(temp_fd, data2, 15, 0); /* commit the entire update */ args.file1_fd = temp_fd; ret = ioctl(fd, XFS_IOC_COMMIT_RANGE, &args); if (ret && errno == EBUSY) printf("file changed before commit; will roll back "); NOTES Some filesystems may limit the amount of data or the number of extents that can be exchanged in a single call. SEE ALSO ioctl(2) XFS 2024-02-18 IOCTL-XFS-COMMIT-RANGE(2) With a bit of luck, this should all go splendidly. Signed-off-by: Darrick J. Wong Signed-off-by: Chandan Babu R * tag 'atomic-file-commits-6.12_2024-09-02' of https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux: xfs: introduce new file range commit ioctls commit da4f3b72c8831975a06eca7e1c27392726f54d20 Merge: 69cb89981c7a18 0315c0b5ed2538 Author: Jakub Kicinski Date: Mon Sep 2 19:10:44 2024 -0700 Merge tag 'linux-can-next-for-6.12-20240830' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next Marc Kleine-Budde says: ==================== pull-request: can-next 2024-08-30 The first patch is by Duy Nguyen and document the R-Car V4M support in the rcar-canfd DT bindings. Frank Li's patch converts the microchip,mcp251x.txt DT bindings documentation to yaml. A patch by Zhang Changzhong update a comment in the j1939 CAN networking stack. Stefan Mätje's patch updates the CAN configuration netlink code, so that the bit timing calculation doesn't work on stale can_priv::ctrlmode data. Martin Jocic contributes a patch for the kvaser_pciefd driver to convert some ifdefs into if (IS_ENABLED()). The last patch is by Yan Zhen and simplifies the probe() function of the kvaser USB driver by using dev_err_probe(). * tag 'linux-can-next-for-6.12-20240830' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next: can: kvaser_usb: Simplify with dev_err_probe() can: kvaser_pciefd: Use IS_ENABLED() instead of #ifdef can: netlink: avoid call to do_set_data_bittiming callback with stale can_priv::ctrlmode can: j1939: use correct function name in comment dt-bindings: can: convert microchip,mcp251x.txt to yaml dt-bindings: can: renesas,rcar-canfd: Document R-Car V4M support ==================== Link: https://patch.msgid.link/20240830214406.1605786-1-mkl@pengutronix.de Signed-off-by: Jakub Kicinski commit 69cb89981c7a181d857b634c0740e914d5df79ea Author: ChunHao Lin Date: Fri Aug 30 10:18:10 2024 +0800 r8169: add support for RTL8126A rev.b Add support for RTL8126A rev.b. Its XID is 0x64a. It is basically based on the one with XID 0x649, but with different firmware file. Signed-off-by: ChunHao Lin Reviewed-by: Heiner Kallweit Link: https://patch.msgid.link/20240830021810.11993-1-hau@realtek.com Signed-off-by: Jakub Kicinski commit 4e3a024b437ec0aee82550cc66a0f4e1a7a88a67 Author: Joe Damato Date: Sat Aug 31 12:17:04 2024 +0000 netdev-genl: Set extack and fix error on napi-get In commit 27f91aaf49b3 ("netdev-genl: Add netlink framework functions for napi"), when an invalid NAPI ID is specified the return value -EINVAL is used and no extack is set. Change the return value to -ENOENT and set the extack. Before this commit: $ ./tools/net/ynl/cli.py --spec Documentation/netlink/specs/netdev.yaml \ --do napi-get --json='{"id": 451}' Netlink error: Invalid argument nl_len = 36 (20) nl_flags = 0x100 nl_type = 2 error: -22 After this commit: $ ./tools/net/ynl/cli.py --spec Documentation/netlink/specs/netdev.yaml \ --do napi-get --json='{"id": 451}' Netlink error: No such file or directory nl_len = 44 (28) nl_flags = 0x300 nl_type = 2 error: -2 extack: {'bad-attr': '.id'} Suggested-by: Jakub Kicinski Signed-off-by: Joe Damato Link: https://patch.msgid.link/20240831121707.17562-1-jdamato@fastly.com Signed-off-by: Jakub Kicinski commit b0222d1d9e6f8551a056b89b0bff38f515f3c9b5 Author: Mykyta Yatsenko Date: Mon Sep 2 18:17:21 2024 +0100 bpftool: Fix handling enum64 in btf dump sorting Wrong function is used to access the first enum64 element. Substituting btf_enum(t) with btf_enum64(t) for BTF_KIND_ENUM64. Fixes: 94133cf24bb3 ("bpftool: Introduce btf c dump sorting") Signed-off-by: Mykyta Yatsenko Signed-off-by: Daniel Borkmann Acked-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20240902171721.105253-1-mykyta.yatsenko5@gmail.com commit 20cee68f5b44fdc2942d20f3172a262ec247b117 Author: yangerkun Date: Sat Aug 17 16:55:10 2024 +0800 ext4: clear EXT4_GROUP_INFO_WAS_TRIMMED_BIT even mount with discard Commit 3d56b8d2c74c ("ext4: Speed up FITRIM by recording flags in ext4_group_info") speed up fstrim by skipping trim trimmed group. We also has the chance to clear trimmed once there exists some block free for this group(mount without discard), and the next trim for this group will work well too. For mount with discard, we will issue dicard when we free blocks, so leave trimmed flag keep alive to skip useless trim trigger from userspace seems reasonable. But for some case like ext4 build on dm-thinpool(ext4 blocksize 4K, pool blocksize 128K), discard from ext4 maybe unaligned for dm thinpool, and thinpool will just finish this discard(see process_discard_bio when begein equals to end) without actually process discard. For this case, trim from userspace can really help us to free some thinpool block. So convert to clear trimmed flag for all case no matter mounted with discard or not. Fixes: 3d56b8d2c74c ("ext4: Speed up FITRIM by recording flags in ext4_group_info") Signed-off-by: yangerkun Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240817085510.2084444-1-yangerkun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 2046657e64a11b61d5ed07e0d60befd86303125e Author: Zhang Yi Date: Tue Aug 13 20:34:52 2024 +0800 ext4: drop all delonly descriptions When counting reserved clusters, delayed type is always equal to delonly type now, hence drop all delonly descriptions in parameters and comments. Signed-off-by: Zhang Yi Link: https://patch.msgid.link/20240813123452.2824659-13-yi.zhang@huaweicloud.com Signed-off-by: Theodore Ts'o commit b224b18497484eef9d2dbb3c803888a3f3a3475e Author: Zhang Yi Date: Tue Aug 13 20:34:51 2024 +0800 ext4: drop ext4_es_is_delonly() Since we don't add delayed flag in unwritten extents, so there is no difference between ext4_es_is_delayed() and ext4_es_is_delonly(), just drop ext4_es_is_delonly(). Signed-off-by: Zhang Yi Link: https://patch.msgid.link/20240813123452.2824659-12-yi.zhang@huaweicloud.com Signed-off-by: Theodore Ts'o commit ce09036ea4f0a54e9dcd7ba644bb1db7cf2d95d4 Author: Zhang Yi Date: Tue Aug 13 20:34:50 2024 +0800 ext4: make extent status types exclusive Since we don't add delayed flag in unwritten extents, all of the four extent status types EXTENT_STATUS_WRITTEN, EXTENT_STATUS_UNWRITTEN, EXTENT_STATUS_DELAYED and EXTENT_STATUS_HOLE are exclusive now, add assertion when storing pblock before inserting extent into status tree and add comment to the status definition. Suggested-by: Jan Kara Signed-off-by: Zhang Yi Link: https://patch.msgid.link/20240813123452.2824659-11-yi.zhang@huaweicloud.com Signed-off-by: Theodore Ts'o commit 3b4ba269ab6673d664d2522a0e76797a3550983f Author: Zhang Yi Date: Tue Aug 13 20:34:49 2024 +0800 ext4: drop unused ext4_es_store_status() The helper ext4_es_store_status() is unused now, just drop it. Signed-off-by: Zhang Yi Link: https://patch.msgid.link/20240813123452.2824659-10-yi.zhang@huaweicloud.com Signed-off-by: Theodore Ts'o commit 15996a848564e40a3d030ec7e4603dddb9f425b6 Author: Zhang Yi Date: Tue Aug 13 20:34:48 2024 +0800 ext4: use ext4_map_query_blocks() in ext4_map_blocks() The blocks map querying logic in ext4_map_blocks() are the same as ext4_map_query_blocks(), so switch to directly use it. Signed-off-by: Zhang Yi Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240813123452.2824659-9-yi.zhang@huaweicloud.com Signed-off-by: Theodore Ts'o commit 6e124d5b4b02229f8aaa206b1952db31d1687523 Author: Zhang Yi Date: Tue Aug 13 20:34:47 2024 +0800 ext4: drop ext4_es_delayed_clu() Since we move ext4_da_update_reserve_space() to ext4_es_insert_extent(), no one uses ext4_es_delayed_clu() and __es_delayed_clu(), just drop them. Signed-off-by: Zhang Yi Link: https://patch.msgid.link/20240813123452.2824659-8-yi.zhang@huaweicloud.com Signed-off-by: Theodore Ts'o commit c543e2429640293d9eda8c7841d4b5d5e8682826 Author: Zhang Yi Date: Tue Aug 13 20:34:46 2024 +0800 ext4: update delalloc data reserve spcae in ext4_es_insert_extent() Now that we update data reserved space for delalloc after allocating new blocks in ext4_{ind|ext}_map_blocks(), and if bigalloc feature is enabled, we also need to query the extents_status tree to calculate the exact reserved clusters. This is complicated now and it appears that it's better to do this job in ext4_es_insert_extent(), because __es_remove_extent() have already count delalloc blocks when removing delalloc extents and __revise_pending() return new adding pending count, we could update the reserved blocks easily in ext4_es_insert_extent(). We direct reduce the reserved cluster count when replacing a delalloc extent. However, thers are two special cases need to concern about the quota claiming when doing direct block allocation (e.g. from fallocate). A), fallocate a range that covers a delalloc extent but start with non-delayed allocated blocks, e.g. a hole. hhhhhhh+ddddddd+ddddddd ^^^^^^^^^^^^^^^^^^^^^^^ fallocate this range Current ext4_map_blocks() can't always trim the extent since it may release i_data_sem before calling ext4_map_create_blocks() and raced by another delayed allocation. Hence the EXT4_GET_BLOCKS_DELALLOC_RESERVE may not set even when we are replacing a delalloc extent, without this flag set, the quota has already been claimed by ext4_mb_new_blocks(), so we should release the quota reservations instead of claim them again. B), bigalloc feature is enabled, fallocate a range that contains non-delayed allocated blocks. |< one cluster >| hhhhhhh+hhhhhhh+hhhhhhh+ddddddd ^^^^^^^ fallocate this range This case is similar to above case, the EXT4_GET_BLOCKS_DELALLOC_RESERVE flag is also not set. Hence we should release the quota reservations if we replace a delalloc extent but without EXT4_GET_BLOCKS_DELALLOC_RESERVE set. Signed-off-by: Zhang Yi Link: https://patch.msgid.link/20240813123452.2824659-7-yi.zhang@huaweicloud.com Signed-off-by: Theodore Ts'o commit f3baf33b9cae0e00fe1870abca952d5dfea53dc6 Author: Zhang Yi Date: Tue Aug 13 20:34:45 2024 +0800 ext4: passing block allocation information to ext4_es_insert_extent() Just pass the block allocation flag to ext4_es_insert_extent() when we replacing a current extent after an actually block allocation or extent status conversion, this flag will be used by later changes. Suggested-by: Jan Kara Signed-off-by: Zhang Yi Link: https://patch.msgid.link/20240813123452.2824659-6-yi.zhang@huaweicloud.com Signed-off-by: Theodore Ts'o commit fccd632670408ab3066712aa90cc972b18d1b617 Author: Zhang Yi Date: Tue Aug 13 20:34:44 2024 +0800 ext4: let __revise_pending() return newly inserted pendings Let __insert_pending() return 1 after successfully inserting a new pending cluster, and also let __revise_pending() to return the number of of newly inserted pendings. Signed-off-by: Zhang Yi Link: https://patch.msgid.link/20240813123452.2824659-5-yi.zhang@huaweicloud.com Signed-off-by: Theodore Ts'o commit eba8c368c8cb9ea05c08caf3dd1a0d0b87d614dc Author: Zhang Yi Date: Tue Aug 13 20:34:43 2024 +0800 ext4: don't set EXTENT_STATUS_DELAYED on allocated blocks Currently, we release delayed allocation reservation when removing delayed extent from extent status tree (which also happens when overwriting one extent with another one). When we allocated unwritten extent under some delayed allocated extent, we don't need the reservation anymore and hence we don't need to preserve the EXT4_MAP_DELAYED status bit. Allocating the new extent blocks will properly release the reservation. Signed-off-by: Zhang Yi Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240813123452.2824659-4-yi.zhang@huaweicloud.com Signed-off-by: Theodore Ts'o commit 8b8252884f2ff4d28e3ce1a825057b3ad2900c35 Author: Zhang Yi Date: Tue Aug 13 20:34:42 2024 +0800 ext4: optimize the EXT4_GET_BLOCKS_DELALLOC_RESERVE flag set When doing block allocation, magic EXT4_GET_BLOCKS_DELALLOC_RESERVE means the allocating range covers a range of delayed allocated clusters, the blocks and quotas have already been reserved in ext4_da_map_blocks(), we should update the reserved space and don't need to claim them again. At the moment, we only set this magic in mpage_map_one_extent() when allocating a range of delayed allocated clusters in the write back path, it makes things complicated since we have to notice and deal with the case of allocating non-delayed allocated clusters separately in ext4_ext_map_blocks(). For example, it we fallocate some blocks that have been delayed allocated, free space would be claimed again in ext4_mb_new_blocks() (this is wrong exactily), and we can't claim quota space again, we have to release the quota reservations made for that previously delayed allocated clusters. Move the position thats set the EXT4_GET_BLOCKS_DELALLOC_RESERVE to where we actually do block allocation, it could simplify above handling a lot, it means that we always set this magic once the allocation range covers delalloc blocks, no need to take care of the allocation path. Signed-off-by: Zhang Yi Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240813123452.2824659-3-yi.zhang@huaweicloud.com Signed-off-by: Theodore Ts'o commit 130078d020e0214809f2e13cf4fb80c646020e94 Author: Zhang Yi Date: Tue Aug 13 20:34:41 2024 +0800 ext4: factor out ext4_map_create_blocks() to allocate new blocks Factor out a common helper ext4_map_create_blocks() from ext4_map_blocks() to do a real blocks allocation, no logic changes. [ Note: this first patch of a ten patch series named "v3: simplify the counting and management of delalloc reserved blocks". The link to the v1 and v2 patch series are below. -- TYT ] Signed-off-by: Zhang Yi Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240802115120.362902-1-yi.zhang@huaweicloud.com # v2 of patch series Link: https://patch.msgid.link/20240601034149.2169771-1-yi.zhang@huaweicloud.com # v1 of the patch series Link: https://patch.msgid.link/20240813123452.2824659-2-yi.zhang@huaweicloud.com Signed-off-by: Theodore Ts'o commit da6ec743397702e0b551bcacfeaa48829d303a29 Author: Michal Wajdeczko Date: Fri Aug 30 15:21:00 2024 +0200 drm/xe/pf: Reset thresholds when releasing a VF config As part of the VF config release, we should reset all parameters, including thresholds, to always start with the clean VF config. Signed-off-by: Michal Wajdeczko Reviewed-by: Piotr Piórkowski Link: https://patchwork.freedesktop.org/patch/msgid/20240830132100.1704-3-michal.wajdeczko@intel.com commit a1498ab229ca16dfc35331dfb309f8e28b84bb5d Author: Michal Wajdeczko Date: Fri Aug 30 15:20:59 2024 +0200 drm/xe/pf: Add thresholds to the VF KLV config We are pushing threshold KLV to the GuC immediately during the threshold provisioning, but those configs will be lost during a GT reset. Include threshold KLVs while encoding full VF config buffer to make sure the GuC receives all of the config KLVs. Signed-off-by: Michal Wajdeczko Reviewed-by: Piotr Piórkowski Link: https://patchwork.freedesktop.org/patch/msgid/20240830132100.1704-2-michal.wajdeczko@intel.com commit f626a0cd07ddb13f146e52adb4b534da40bb1ff7 Author: Kuan-Wei Chiu Date: Thu Aug 15 03:28:39 2024 +0800 spi: zynq-qspi: Replace kzalloc with kmalloc for buffer allocation In zynq_qspi_exec_mem_op(), the temporary buffer is allocated with kzalloc and then immediately initialized using memset to 0xff. To optimize this, replace kzalloc with kmalloc, as the zeroing operation is redundant and unnecessary. Signed-off-by: Kuan-Wei Chiu Reviewed-by: Michal Simek Link: https://patch.msgid.link/20240814192839.345523-1-visitorckw@gmail.com Signed-off-by: Mark Brown commit 5d1622831064abf2633a1bc9a6446e83a669f58d Author: Yaxin Chen Date: Fri Aug 23 15:48:43 2024 -0700 tcp_bpf: Remove an unused parameter for bpf_tcp_ingress() Parameter flags is not used in bpf_tcp_ingress(). Signed-off-by: Yaxin Chen Signed-off-by: Daniel Borkmann Reviewed-by: Cong Wang Acked-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/20240823224843.1985277-1-yaxin.chen1@bytedance.com commit 731733c6234855b26d468aa2f89a3051c170e63a Author: Simon Horman Date: Thu Aug 29 16:45:51 2024 +0100 bpf, sockmap: Correct spelling skmsg.c Correct spelling in skmsg.c. As reported by codespell. Signed-off-by: Simon Horman Signed-off-by: Daniel Borkmann Acked-by: Stanislav Fomichev Link: https://lore.kernel.org/bpf/20240829-sockmap-spell-v1-1-a614d76564cc@kernel.org commit 5d2784e25d7a6c216c9a4cbed2026febfb0c094c Author: Quentin Monnet Date: Sun Sep 1 22:07:42 2024 +0100 bpftool: Add missing blank lines in bpftool-net doc example In bpftool-net documentation, two blank lines are missing in a recently added example, causing docutils to complain: $ cd tools/bpf/bpftool $ make doc DESCEND Documentation GEN bpftool-btf.8 GEN bpftool-cgroup.8 GEN bpftool-feature.8 GEN bpftool-gen.8 GEN bpftool-iter.8 GEN bpftool-link.8 GEN bpftool-map.8 GEN bpftool-net.8 :189: (INFO/1) Possible incomplete section title. Treating the overline as ordinary text because it's so short. :192: (INFO/1) Blank line missing before literal block (after the "::")? Interpreted as a definition list item. :199: (INFO/1) Possible incomplete section title. Treating the overline as ordinary text because it's so short. :201: (INFO/1) Blank line missing before literal block (after the "::")? Interpreted as a definition list item. GEN bpftool-perf.8 GEN bpftool-prog.8 GEN bpftool.8 GEN bpftool-struct_ops.8 Add the missing blank lines. Fixes: 0d7c06125cea ("bpftool: Add document for net attach/detach on tcx subcommand") Signed-off-by: Quentin Monnet Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20240901210742.25758-1-qmo@kernel.org commit 705c1cdf1e73c4c727bbfc8775434e6dd36e8baf Author: Tina Zhang Date: Mon Sep 2 10:27:24 2024 +0800 iommu/vt-d: Introduce batched cache invalidation Converts IOTLB and Dev-IOTLB invalidation to a batched model. Cache tag invalidation requests for a domain are now accumulated in a qi_batch structure before being flushed in bulk. It replaces the previous per- request qi_flush approach with a more efficient batching mechanism. Co-developed-by: Lu Baolu Signed-off-by: Lu Baolu Signed-off-by: Tina Zhang Link: https://lore.kernel.org/r/20240815065221.50328-5-tina.zhang@intel.com Signed-off-by: Joerg Roedel commit 777cdd853434849cc98ef94787538b1eb9f492d9 Author: Lu Baolu Date: Mon Sep 2 10:27:23 2024 +0800 iommu/vt-d: Add qi_batch for dmar_domain Introduces a qi_batch structure to hold batched cache invalidation descriptors on a per-dmar_domain basis. A fixed-size descriptor array is used for simplicity. The qi_batch is allocated when the first cache tag is added to the domain and freed during iommu_free_domain(). Signed-off-by: Lu Baolu Signed-off-by: Tina Zhang Link: https://lore.kernel.org/r/20240815065221.50328-4-tina.zhang@intel.com Signed-off-by: Joerg Roedel commit 3297d047cd7f502ea7bd949fe070bf01c02aec3e Author: Tina Zhang Date: Mon Sep 2 10:27:22 2024 +0800 iommu/vt-d: Refactor IOTLB and Dev-IOTLB flush for batching Extracts IOTLB and Dev-IOTLB invalidation logic from cache tag flush interfaces into dedicated helper functions. It prepares the codebase for upcoming changes to support batched cache invalidations. To enable direct use of qi_flush helpers in the new functions, iommu->flush.flush_iotlb and quirk_extra_dev_tlb_flush() are opened up. No functional changes are intended. Co-developed-by: Lu Baolu Signed-off-by: Lu Baolu Signed-off-by: Tina Zhang Link: https://lore.kernel.org/r/20240815065221.50328-3-tina.zhang@intel.com Signed-off-by: Joerg Roedel commit f701c9f36bcb7940f9c53413b508de8c9cb0321c Author: Tina Zhang Date: Mon Sep 2 10:27:21 2024 +0800 iommu/vt-d: Factor out invalidation descriptor composition Separate the logic for constructing IOTLB and device TLB invalidation descriptors from the qi_flush interfaces. New helpers, qi_desc(), are introduced to encapsulate this common functionality. Moving descriptor composition code to new helpers enables its reuse in the upcoming qi_batch interfaces. No functional changes are intended. Signed-off-by: Tina Zhang Link: https://lore.kernel.org/r/20240815065221.50328-2-tina.zhang@intel.com Signed-off-by: Lu Baolu Signed-off-by: Joerg Roedel commit 1f5e307ca16c0c19186cbd56ac460a687e6daba0 Author: Lu Baolu Date: Mon Sep 2 10:27:20 2024 +0800 iommu/vt-d: Unconditionally flush device TLB for pasid table updates The caching mode of an IOMMU is irrelevant to the behavior of the device TLB. Previously, commit <304b3bde24b5> ("iommu/vt-d: Remove caching mode check before device TLB flush") removed this redundant check in the domain unmap path. Checking the caching mode before flushing the device TLB after a pasid table entry is updated is unnecessary and can lead to inconsistent behavior. Extends this consistency by removing the caching mode check in the pasid table update path. Suggested-by: Yi Liu Signed-off-by: Lu Baolu Link: https://lore.kernel.org/r/20240820030208.20020-1-baolu.lu@linux.intel.com Signed-off-by: Joerg Roedel commit ccb02b27bb50c0f5a8f6fd745aecf4ac4beda73f Author: Lu Baolu Date: Mon Sep 2 10:27:19 2024 +0800 iommu/vt-d: Move PCI PASID enablement to probe path Currently, PCI PASID is enabled alongside PCI ATS when an iommu domain is attached to the device and disabled when the device transitions to block translation mode. This approach is inappropriate as PCI PASID is a device feature independent of the type of the attached domain. Enable PCI PASID during the IOMMU device probe and disables it during the release path. Suggested-by: Yi Liu Signed-off-by: Lu Baolu Reviewed-by: Yi Liu Tested-by: Yi Liu Reviewed-by: Jason Gunthorpe Link: https://lore.kernel.org/r/20240819051805.116936-1-baolu.lu@linux.intel.com Signed-off-by: Joerg Roedel commit 3cf74230c139f208b7fb313ae0054386eee31a81 Author: Sanjay K Kumar Date: Mon Sep 2 10:27:18 2024 +0800 iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count If qi_submit_sync() is invoked with 0 invalidation descriptors (for instance, for DMA draining purposes), we can run into a bug where a submitting thread fails to detect the completion of invalidation_wait. Subsequently, this led to a soft lockup. Currently, there is no impact by this bug on the existing users because no callers are submitting invalidations with 0 descriptors. This fix will enable future users (such as DMA drain) calling qi_submit_sync() with 0 count. Suppose thread T1 invokes qi_submit_sync() with non-zero descriptors, while concurrently, thread T2 calls qi_submit_sync() with zero descriptors. Both threads then enter a while loop, waiting for their respective descriptors to complete. T1 detects its completion (i.e., T1's invalidation_wait status changes to QI_DONE by HW) and proceeds to call reclaim_free_desc() to reclaim all descriptors, potentially including adjacent ones of other threads that are also marked as QI_DONE. During this time, while T2 is waiting to acquire the qi->q_lock, the IOMMU hardware may complete the invalidation for T2, setting its status to QI_DONE. However, if T1's execution of reclaim_free_desc() frees T2's invalidation_wait descriptor and changes its status to QI_FREE, T2 will not observe the QI_DONE status for its invalidation_wait and will indefinitely remain stuck. This soft lockup does not occur when only non-zero descriptors are submitted.In such cases, invalidation descriptors are interspersed among wait descriptors with the status QI_IN_USE, acting as barriers. These barriers prevent the reclaim code from mistakenly freeing descriptors belonging to other submitters. Considered the following example timeline: T1 T2 ======================================== ID1 WD1 while(WD1!=QI_DONE) unlock lock WD1=QI_DONE* WD2 while(WD2!=QI_DONE) unlock lock WD1==QI_DONE? ID1=QI_DONE WD2=DONE* reclaim() ID1=FREE WD1=FREE WD2=FREE unlock soft lockup! T2 never sees QI_DONE in WD2 Where: ID = invalidation descriptor WD = wait descriptor * Written by hardware The root of the problem is that the descriptor status QI_DONE flag is used for two conflicting purposes: 1. signal a descriptor is ready for reclaim (to be freed) 2. signal by the hardware that a wait descriptor is complete The solution (in this patch) is state separation by using QI_FREE flag for #1. Once a thread's invalidation descriptors are complete, their status would be set to QI_FREE. The reclaim_free_desc() function would then only free descriptors marked as QI_FREE instead of those marked as QI_DONE. This change ensures that T2 (from the previous example) will correctly observe the completion of its invalidation_wait (marked as QI_DONE). Signed-off-by: Sanjay K Kumar Signed-off-by: Jacob Pan Reviewed-by: Kevin Tian Link: https://lore.kernel.org/r/20240728210059.1964602-1-jacob.jun.pan@linux.intel.com Signed-off-by: Lu Baolu Signed-off-by: Joerg Roedel commit 50a7e2c6c3b6ea2439aa2e2e392c0ca2ef567fcf Author: Lu Baolu Date: Mon Sep 2 10:27:17 2024 +0800 iommu/vt-d: Cleanup si_domain The static identity domain has been introduced, rendering the si_domain obsolete. Remove si_domain and cleanup the code accordingly. Signed-off-by: Lu Baolu Reviewed-by: Jason Gunthorpe Reviewed-by: Kevin Tian Link: https://lore.kernel.org/r/20240809055431.36513-8-baolu.lu@linux.intel.com Signed-off-by: Joerg Roedel commit 2031c469f8161abe74189cb74f50da224f340b71 Author: Lu Baolu Date: Mon Sep 2 10:27:16 2024 +0800 iommu/vt-d: Add support for static identity domain Software determines VT-d hardware support for passthrough translation by inspecting the capability register. If passthrough translation is not supported, the device is instructed to use DMA domain for its default domain. Add a global static identity domain with guaranteed attach semantics for IOMMUs that support passthrough translation mode. The global static identity domain is a dummy domain without corresponding dmar_domain structure. Consequently, the device's info->domain will be NULL with the identity domain is attached. Refactor the code accordingly. Signed-off-by: Lu Baolu Reviewed-by: Jason Gunthorpe Reviewed-by: Kevin Tian Link: https://lore.kernel.org/r/20240809055431.36513-7-baolu.lu@linux.intel.com Signed-off-by: Joerg Roedel commit c7191984e5aade540f1a3845a116537c89572655 Author: Lu Baolu Date: Mon Sep 2 10:27:15 2024 +0800 iommu/vt-d: Factor out helpers from domain_context_mapping_one() Extract common code from domain_context_mapping_one() into new helpers, making it reusable by other functions such as the upcoming identity domain implementation. No intentional functional changes. Signed-off-by: Lu Baolu Reviewed-by: Jason Gunthorpe Reviewed-by: Kevin Tian Reviewed-by: Jerry Snitselaar Link: https://lore.kernel.org/r/20240809055431.36513-6-baolu.lu@linux.intel.com Signed-off-by: Joerg Roedel commit 487df6836606dc67cd8e2c26616f581c8800a17a Author: Lu Baolu Date: Mon Sep 2 10:27:14 2024 +0800 iommu/vt-d: Remove has_iotlb_device flag The has_iotlb_device flag was used to indicate if a domain had attached devices with ATS enabled. Domains without this flag didn't require device TLB invalidation during unmap operations, optimizing performance by avoiding unnecessary device iteration. With the introduction of cache tags, this flag is no longer needed. The code to iterate over attached devices was removed by commit 06792d067989 ("iommu/vt-d: Cleanup use of iommu_flush_iotlb_psi()"). Remove has_iotlb_device to avoid unnecessary code. Suggested-by: Jason Gunthorpe Signed-off-by: Lu Baolu Reviewed-by: Kevin Tian Link: https://lore.kernel.org/r/20240809055431.36513-5-baolu.lu@linux.intel.com Signed-off-by: Joerg Roedel commit 2c13012e09190174614fd6901857a1b8c199e17d Author: Lu Baolu Date: Mon Sep 2 10:27:13 2024 +0800 iommu/vt-d: Always reserve a domain ID for identity setup We will use a global static identity domain. Reserve a static domain ID for it. Signed-off-by: Lu Baolu Reviewed-by: Jason Gunthorpe Reviewed-by: Kevin Tian Reviewed-by: Jerry Snitselaar Link: https://lore.kernel.org/r/20240809055431.36513-4-baolu.lu@linux.intel.com Signed-off-by: Joerg Roedel commit 9e74e1b8198fd07fcbb4266771ca0f5195c71d9c Author: Lu Baolu Date: Mon Sep 2 10:27:12 2024 +0800 iommu/vt-d: Remove identity mappings from si_domain As the driver has enforced DMA domains for devices managed by an IOMMU hardware that doesn't support passthrough translation mode, there is no need for static identity mappings in the si_domain. Remove the identity mapping code to avoid dead code. Signed-off-by: Lu Baolu Reviewed-by: Jason Gunthorpe Reviewed-by: Kevin Tian Link: https://lore.kernel.org/r/20240809055431.36513-3-baolu.lu@linux.intel.com Signed-off-by: Joerg Roedel commit 184bee388d4661c3fea633f135a5c45ff03c7ec6 Author: Lu Baolu Date: Mon Sep 2 10:27:11 2024 +0800 iommu/vt-d: Require DMA domain if hardware not support passthrough The iommu core defines the def_domain_type callback to query the iommu driver about hardware capability and quirks. The iommu driver should declare IOMMU_DOMAIN_DMA requirement for hardware lacking pass-through capability. Earlier VT-d hardware implementations did not support pass-through translation mode. The iommu driver relied on a paging domain with all physical system memory addresses identically mapped to the same IOVA to simulate pass-through translation before the def_domain_type was introduced and it has been kept until now. It's time to adjust it now to make the Intel iommu driver follow the def_domain_type semantics. Signed-off-by: Lu Baolu Reviewed-by: Jason Gunthorpe Reviewed-by: Kevin Tian Reviewed-by: Jerry Snitselaar Link: https://lore.kernel.org/r/20240809055431.36513-2-baolu.lu@linux.intel.com Signed-off-by: Joerg Roedel commit ead60e9c4e29c8574cae1be4fe3af1d9a978fb0f Author: Alex Deucher Date: Wed Jul 24 18:20:34 2024 -0400 drm/amdgpu/gfx10: use rlc safe mode for soft recovery Protect the MMIO access with safe mode. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 3f2d35c325534c1b7ac5072173f0dc7ca969dec2 Author: Alex Deucher Date: Wed Jul 24 18:20:23 2024 -0400 drm/amdgpu/gfx11: use rlc safe mode for soft recovery Protect the MMIO access with safe mode. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 21818f39beda2e843199e5d8d9e3f9e43c8080a3 Author: Alex Deucher Date: Wed Jul 24 18:20:13 2024 -0400 drm/amdgpu/gfx12: use rlc safe mode for soft recovery Protect the MMIO access with safe mode. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit f8eee864ba5cbe1447a68949883f69228e53b138 Author: Alex Deucher Date: Wed Jul 24 18:11:52 2024 -0400 drm/amdgpu/gfx12: use proper rlc safe mode helpers Rather than open coding it for the queue reset. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 01d05521f7e2523045d3ff7b857dd68db276d31d Author: Alex Deucher Date: Wed Jul 24 18:10:04 2024 -0400 drm/amdgpu/gfx11: use proper rlc safe mode helpers Rather than open coding it for the queue reset. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit bcee4c3f89879e15ef57f3217ded97f00b1334d3 Author: Alex Deucher Date: Wed Jul 24 18:07:28 2024 -0400 drm/amdgpu/gfx10: use proper rlc safe mode helpers Rather than open coding it for the queue reset. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 1a1995b1dc948d471854360ec0fd3306f54dfbae Author: Alex Deucher Date: Thu Jul 18 10:22:00 2024 -0400 drm/amdgpu/gfx12: per queue reset only on bare metal It's not supported under SR-IOV at the moment. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 01163079e136e6d6ce4474b964b8a7ec954cac81 Author: Alex Deucher Date: Thu Jul 18 10:21:45 2024 -0400 drm/amdgpu/gfx11: per queue reset only on bare metal It's not supported under SR-IOV at the moment. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 4d5ddfa4b1b2bf1e936b8d38735910480f9545ed Author: Alex Deucher Date: Thu Jul 18 10:21:21 2024 -0400 drm/amdgpu/gfx10: per queue reset only on bare metal It's not supported under SR-IOV at the moment. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 178ad0e280c088f5abfa61793cb992fa120d1830 Author: Jiadong Zhu Date: Thu Jul 4 12:32:01 2024 +0800 drm/amdgpu/mes11: implement mmio queue reset for gfx11 Implement queue reset for graphic and compute queue. v2: use amdgpu_gfx_rlc funcs to enter/exit safe mode. v3: use gfx_v11_0_request_gfx_index_mutex() v4: fix mutex handling Acked-by: Vitaly Prosyak Signed-off-by: Jiadong Zhu Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 01b4ae38e5dc6798c6cd477be9c363c5ae45fa7f Author: Jiadong Zhu Date: Thu Jul 4 12:26:16 2024 +0800 drm/amdgpu/mes: implement amdgpu_mes_reset_hw_queue_mmio The reset_queue api could be used from kfd or kgd. v2: add use_mmio parameter for mes_reset_legacy_queue. Acked-by: Vitaly Prosyak Signed-off-by: Jiadong Zhu Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 8b2429a13feaee01d62bc248417343586f6fa489 Author: Jiadong Zhu Date: Thu Jul 4 12:10:59 2024 +0800 drm/amdgpu/mes: modify mes api for mmio queue reset Add me/pipe/queue parameters for queue reset input. v2: fix build (Alex) Acked-by: Vitaly Prosyak Signed-off-by: Jiadong Zhu Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 8fe4fde381a103114903f823c6d18457b4b891e4 Author: Alex Deucher Date: Mon Jul 1 18:22:24 2024 -0400 drm/amdgpu/gfx12: fallback to driver reset compute queue directly Since the MES FW resets kernel compute queue always failed, this may caused by the KIQ failed to process unmap KCQ. So, before MES FW work properly that will fallback to driver executes dequeue and resets SPI directly. Besides, rework the ring reset function and make the busy ring type reset in each function respectively. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 2480599890296b386839bc53367c10f19d97716d Author: Alex Deucher Date: Mon Jun 3 17:07:56 2024 -0400 drm/amdgpu/gfx12: add ring reset callbacks Add ring reset callbacks for gfx and compute. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit d1f214432110748603dd310fbe6099df875e6f04 Author: Alex Deucher Date: Mon Jul 1 18:14:14 2024 -0400 drm/amdgpu/gfx10: rework reset sequence To match other GFX IPs. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 097af47d3cfb99ee02afbdd7e0d9596eb012c65a Author: Jiadong Zhu Date: Tue Jul 2 09:17:14 2024 +0800 drm/amdgpu/gfx10: wait for reset done before remap There is a racing condition that cp firmware modifies MQD in reset sequence after driver updates it for remapping. We have to wait till CP_HQD_ACTIVE becoming false then remap the queue. v2: fix KIQ locking (Alex) v3: fix KIQ locking harder (Jessie) Acked-by: Vitaly Prosyak Signed-off-by: Jiadong Zhu Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 2f3806f781421ce6dfa60471eb2116627c0eb893 Author: Jiadong Zhu Date: Fri Jun 14 13:46:36 2024 +0800 drm/amdgpu/gfx10: remap queue after reset successfully Kiq command unmap_queues only does the dequeueing action. We have to map the queue back with clean mqd. v2: fix up error handling (Alex) Acked-by: Vitaly Prosyak Signed-off-by: Jiadong Zhu Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 1741281a157fcfacf46dbb6ce39c13bf2699d371 Author: Alex Deucher Date: Fri May 24 12:37:50 2024 -0400 drm/amdgpu/gfx10: add ring reset callbacks Add ring reset callbacks for gfx and compute. v2: fix gfx handling v3: wait for KIQ to complete Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit a10c93931b61b22ff6601f74192151d548b0b14b Author: Jiadong Zhu Date: Tue Jul 2 10:01:21 2024 +0800 drm/amdgpu/gfx11: wait for reset done before remap There is a racing condition that cp firmware modifies MQD in reset sequence after driver updates it for remapping. We have to wait till CP_HQD_ACTIVE becoming false then remap the queue. Acked-by: Vitaly Prosyak Signed-off-by: Jiadong Zhu Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 7d8e9e65f23040b2f9e9670bc971d3ec8fa69d47 Author: Alex Deucher Date: Mon Jul 1 18:04:40 2024 -0400 drm/amdgpu/gfx11: rename gfx_v11_0_gfx_init_queue() Rename to gfx_v11_0_kgq_init_queue() to better align with the other naming in the file. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 072b4414784524b6debda1b3b2ffbf10d66095e9 Author: Prike Liang Date: Fri Jun 14 21:25:44 2024 +0800 drm/amdgpu/gfx11: fallback to driver reset compute queue directly (v2) Since the MES FW resets kernel compute queue always failed, this may caused by the KIQ failed to process unmap KCQ. So, before MES FW work properly that will fallback to driver executes dequeue and resets SPI directly. Besides, rework the ring reset function and make the busy ring type reset in each function respectively. Acked-by: Vitaly Prosyak Signed-off-by: Prike Liang Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit f2ea269bd2a55c4a28a9b825424b059a20259793 Author: Aric Cyr Date: Sun Aug 25 19:40:51 2024 -0400 drm/amd/display: 3.2.299 This version brings along the following: - DCN35 fixes - DML2 fixes - IPS fixes - ODM fixes - Miscellaneous cleanups - MST fixes - SPL fixes Acked-by: Aurabindo Pillai Signed-off-by: Aric Cyr Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit c9f9ce65c2436879779d39c6e65b95c74a206e49 Author: Anuj Gupta Date: Mon Sep 2 11:51:34 2024 +0530 io_uring: remove unused rsrc_put_fn rsrc_put_fn is declared but never used, remove it. Signed-off-by: Anuj Gupta Link: https://lore.kernel.org/r/20240902062134.136387-3-anuj20.g@samsung.com Signed-off-by: Jens Axboe commit 6cf52b42c4efa4d064d19064fd2313ca4aaf9569 Author: Anuj Gupta Date: Mon Sep 2 11:51:33 2024 +0530 io_uring: add new line after variable declaration Fixes checkpatch warning Signed-off-by: Anuj Gupta Link: https://lore.kernel.org/r/20240902062134.136387-2-anuj20.g@samsung.com Signed-off-by: Jens Axboe commit 9888773753333ee7bed1697abd6fd9c84239cc4a Author: Hansen Dsouza Date: Wed Aug 14 11:20:08 2024 -0400 drm/amd/display: Fix flickering caused by dccg Always allow un-gating. Follow legacy workaround for repeated dppclk dto updates Reviewed-by: Muhammad Ahmed Signed-off-by: Hansen Dsouza Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit 29d3d6af43135de7bec677f334292ca8dab53d67 Author: Dillon Varone Date: Thu Aug 22 17:52:57 2024 -0400 drm/amd/display: Block timing sync for different signals in PMO PMO assumes that like timings can be synchronized, but DC only allows this if the signal types match. Reviewed-by: Austin Zheng Signed-off-by: Dillon Varone Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit fc5da5c00c0a4880220f6f539293e49c766fb93d Author: Gabe Teeger Date: Fri Aug 23 09:50:22 2024 -0400 drm/amd/display: fix graphics hang in multi-display mst case [what] Graphics hang observed with 3 displays connected to DP2.0 mst dock. [why] There's a mismatch in dml and dc between the assignments of hpo link encoders. [how] Add a new array in dml that tracks the current mapping of HPO stream encoders to HPO link encoders in dc. Reviewed-by: Sung joon Kim Reviewed-by: Nicholas Kazlauskas Signed-off-by: Gabe Teeger Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit efaf15752d113e81a5e9f25f57dc203f7c3007ab Author: Relja Vojvodic Date: Wed Aug 21 09:34:21 2024 -0400 drm/amd/display: Add sharpness control interface - Add interface for controlling shapness level input into DCN. - Update SPL to support custom sharpness values. - Add support for different sharpness values depending on YUV/RGB content. Reviewed-by: Samson Tam Signed-off-by: Relja Vojvodic Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit 6e8410944767381524544390ce030c86f07399da Author: Dillon Varone Date: Tue Aug 20 15:13:14 2024 -0400 Revert "drm/amd/display: Wait for all pending cleared before full update" This reverts commit f0b7dcf25834afd17df316367dfe5d4c890c713c. It is causing graphics hangs. Reviewed-by: Martin Leung Signed-off-by: Dillon Varone Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit 8a060e9c17d0fd7a182e335a52dcb5fe327e3d86 Author: Samson Tam Date: Wed Aug 21 20:17:23 2024 -0400 drm/amd/display: disable sharpness if HDR Multiplier is too large [Why] Certain profiles have higher HDR multiplier than SDR boost max which is not currently supported [How] Disable sharpness for these profiles Fixes: 1b0ce903fe74 ("drm/amd/display: add improvements for text display and HDR DWM and MPO") Reviewed-by: Martin Leung Signed-off-by: Samson Tam Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit c24538c4aa352b68bd5c429b7fd3ccf4d4407143 Author: Meenakshikumar Somasundaram Date: Tue Aug 20 13:15:38 2024 -0400 drm/amd/display: Add dpia debug option to control power management [Why] To provide option to dpia control power management [How] By adding disable_usb4_pm_support bit field in dpia_debug option to control dpia power management Reviewed-by: Jun Lei Signed-off-by: Meenakshikumar Somasundaram Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit b3e9bfd86658b562a33b1ee8563d59a593327aaf Author: Alex Deucher Date: Fri May 24 12:20:10 2024 -0400 drm/amdgpu/gfx11: add ring reset callbacks Add ring reset callbacks for gfx and compute. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 0ba3cb8e7cf08223a9246ded3c1bee25a74d1f7f Author: Samson Tam Date: Wed Aug 21 11:03:11 2024 -0400 drm/amd/display: re-enable Dynamic ODM policy [Why] Previous disable ODM policy due to underflow issue with sharpener. Issue is resolved after updating sharpening policy to apply to both windowed and fullscreen video [How] Remove sharpness check disabling Dynamic ODM policy Reviewed-by: Martin Leung Signed-off-by: Samson Tam Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit 988fe2862635c1b1b40e41c85c24db44ab337c13 Author: Leo Li Date: Tue Aug 20 14:34:15 2024 -0400 drm/amd/display: Lock DC and exit IPS when changing backlight Backlight updates require aux and/or register access. Therefore, driver needs to disallow IPS beforehand. So, acquire the dc lock before calling into dc to update backlight - we should be doing this regardless of IPS. Then, while the lock is held, disallow IPS before calling into dc, then allow IPS afterwards (if it was previously allowed). Reviewed-by: Aurabindo Pillai Reviewed-by: Roman Li Signed-off-by: Leo Li Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit c66db9e9a025006d729c87143c3f43b5873b4a1f Author: Daniel Sa Date: Tue Aug 20 14:19:26 2024 -0400 drm/amd/display: only trigger BIOS related assert for older ASICs [Why] Some asserts are always hit on startup/Pnp when they should only be used to indicate when something has gone wrong. [How] Ignore result of getting function from bios cmd table for newer asics. Reviewed-by: Jun Lei Signed-off-by: Daniel Sa Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit 6f4835f9df2df7eee0af74c850d0a06166c199eb Author: Nicholas Susanto Date: Tue Aug 20 11:05:54 2024 -0400 drm/amd/display: Fix DCN35 set min dispclk logic [Why] Setting min dispclk to 50Mhz outside clock lowering function causes unnecessary calls to SMU to lower dispclk and causes dentist hangs when there is no stream on the pipes. [How] Move the set minimum dispclk logic inside the lowering dispclk if statement. Fixes: 234441320552 ("DCN35 set min dispclk to 50Mhz") Reviewed-by: Nicholas Kazlauskas Signed-off-by: Nicholas Susanto Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit ad17b124c3a08241da36eb94a6f076446432743b Author: Prike Liang Date: Thu Aug 29 11:47:12 2024 +0800 drm/amdgpu/gfx9.4.3: Implement compute pipe reset Implement the compute pipe reset, and the driver will fallback to pipe reset when queue reset fails. The pipe reset only deactivates the queue which is scheduled in the pipe, and meanwhile the MEC pipe will be reset to the firmware _start pointer. So, it seems pipe reset will cost more cycles than the queue reset; therefore, the driver tries to recover by doing queue reset first. Reviewed-by: Lijo Lazar Signed-off-by: Prike Liang Signed-off-by: Alex Deucher commit 26207c6332e83583a74228da9e5278d4fe5d26cf Author: Hongbo Li Date: Mon Sep 2 21:11:23 2024 +0800 dm: Make use of __assign_bit() API We have for some time the __assign_bit() API to replace open coded if (foo) __set_bit(n, bar); else __clear_bit(n, bar); Use this API to simplify the code. No functional change intended. Signed-off-by: Hongbo Li Signed-off-by: Mikulas Patocka commit 3cd1ef26b01ea66f1f1c1f088fb41cf1476cb017 Author: Patrick Rudolph Date: Mon Sep 2 09:53:16 2024 +0200 hwmon: pmbus: pli12096bc: Add write delay Tests on PLI12096bc showed that sometimes a small delay is necessary after a write operation before a new operation can be processed. If not respected the device will probably NACK the data phase of the SMBus transaction. Tests showed that the probability to observe transaction errors can be raised by either reading sensor data or toggling the regulator enable. Further tests showed that 250 microseconds, as used previously for the CLEAR_FAULTS workaround, is sufficient. Signed-off-by: Patrick Rudolph Message-ID: <20240902075319.585656-5-patrick.rudolph@9elements.com> Signed-off-by: Guenter Roeck commit 9c4e67320f39c793e4abccef6bd5d66d31e4ec0c Author: Patrick Rudolph Date: Mon Sep 2 09:53:15 2024 +0200 hwmon: pmbus: zl6100: Use generic code Use generic pmbus bus access delay. Signed-off-by: Patrick Rudolph Message-ID: <20240902075319.585656-4-patrick.rudolph@9elements.com> Signed-off-by: Guenter Roeck commit 106cfea5fa78eea671a6a7900da83238c4c124a5 Author: Patrick Rudolph Date: Mon Sep 2 09:53:14 2024 +0200 hwmon: pmbus: ucd9000: Use generic code Use generic pmbus bus write access delay. Signed-off-by: Patrick Rudolph Message-ID: <20240902075319.585656-3-patrick.rudolph@9elements.com> Signed-off-by: Guenter Roeck commit d83219e9fcbd2361ac15fe331480b2f74410cbef Author: Patrick Rudolph Date: Mon Sep 2 09:53:13 2024 +0200 hwmon: pmbus: max15301: Use generic code Use the generic pmbus bus access delay. Signed-off-by: Patrick Rudolph Message-ID: <20240902075319.585656-2-patrick.rudolph@9elements.com> Signed-off-by: Guenter Roeck commit 21d9e6013134998334e162af905322d7da1e5314 Author: Patrick Rudolph Date: Mon Sep 2 09:53:12 2024 +0200 hwmon: pmbus: Implement generic bus access delay Some drivers, like the max15301 or zl6100, are intentionally delaying SMBus communications, to prevent transmission errors. As this is necessary on additional PMBus compatible devices, implement a generic delay mechanism in the pmbus core. Introduces two delay settings in the pmbus_driver_info struct, one applies to every SMBus transaction and the other is for write transaction only. Once set by the driver the SMBus traffic, using the generic pmbus access helpers, is automatically delayed when necessary. The two settings are: access_delay: - Unit in microseconds - Stores the accessed timestamp after every SMBus access - Delays when necessary before the next SMBus access write_delay: - Unit in microseconds - Stores the written timestamp after a write SMBus access - Delays when necessary before the next SMBus access This allows to drop the custom delay code from the drivers and easily introduce this feature in additional pmbus drivers. Signed-off-by: Patrick Rudolph Message-ID: <20240902075319.585656-1-patrick.rudolph@9elements.com> Signed-off-by: Guenter Roeck commit dc70fd02404398388f3471a57b9f4e26c0eeba5e Author: Hongbo Li Date: Sat Aug 31 17:51:49 2024 +0800 ASoC: adi: Use str_enabled_disabled() helper Use str_enabled_disabled() helper instead of open coding the same. Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240831095149.4161729-1-lihongbo22@huawei.com Signed-off-by: Mark Brown commit cebf9dacd5c3cec2813215a081509647f777ecc3 Author: Pankaj Raghav Date: Thu Aug 22 15:50:17 2024 +0200 xfs: make the calculation generic in xfs_sb_validate_fsb_count() Instead of assuming that PAGE_SHIFT is always higher than the blocklog, make the calculation generic so that page cache count can be calculated correctly for LBS. Signed-off-by: Pankaj Raghav Link: https://lore.kernel.org/r/20240822135018.1931258-10-kernel@pankajraghav.com Acked-by: Darrick J. Wong Reviewed-by: Darrick J. Wong Reviewed-by: Dave Chinner Reviewed-by: Daniel Gomez Reviewed-by: Hannes Reinecke Reviewed-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 79012cfa00b50ca80fb9f399f3c54b2185d728be Author: Pankaj Raghav Date: Thu Aug 22 15:50:16 2024 +0200 xfs: expose block size in stat For block size larger than page size, the unit of efficient IO is the block size, not the page size. Leaving stat() to report PAGE_SIZE as the block size causes test programs like fsx to issue illegal ranges for operations that require block size alignment (e.g. fallocate() insert range). Hence update the preferred IO size to reflect the block size in this case. This change is based on a patch originally from Dave Chinner.[1] [1] https://lwn.net/ml/linux-fsdevel/20181107063127.3902-16-david@fromorbit.com/ Signed-off-by: Pankaj Raghav Signed-off-by: Luis Chamberlain Link: https://lore.kernel.org/r/20240822135018.1931258-9-kernel@pankajraghav.com Acked-by: Darrick J. Wong Reviewed-by: Darrick J. Wong Reviewed-by: Dave Chinner Reviewed-by: Hannes Reinecke Reviewed-by: Daniel Gomez Reviewed-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit de631e1a8b71017b8a12b57d07db82e4052555af Author: Dave Chinner Date: Thu Aug 22 15:50:15 2024 +0200 xfs: use kvmalloc for xattr buffers Pankaj Raghav reported that when filesystem block size is larger than page size, the xattr code can use kmalloc() for high order allocations. This triggers a useless warning in the allocator as it is a __GFP_NOFAIL allocation here: static inline struct page *rmqueue(struct zone *preferred_zone, struct zone *zone, unsigned int order, gfp_t gfp_flags, unsigned int alloc_flags, int migratetype) { struct page *page; /* * We most definitely don't want callers attempting to * allocate greater than order-1 page units with __GFP_NOFAIL. */ >>>> WARN_ON_ONCE((gfp_flags & __GFP_NOFAIL) && (order > 1)); ... Fix this by changing all these call sites to use kvmalloc(), which will strip the NOFAIL from the kmalloc attempt and if that fails will do a __GFP_NOFAIL vmalloc(). This is not an issue that productions systems will see as filesystems with block size > page size cannot be mounted by the kernel; Pankaj is developing this functionality right now. Reported-by: Pankaj Raghav Fixes: f078d4ea8276 ("xfs: convert kmem_alloc() to kmalloc()") Signed-off-by: Dave Chinner Link: https://lore.kernel.org/r/20240822135018.1931258-8-kernel@pankajraghav.com Reviewed-by: Darrick J. Wong Reviewed-by: Pankaj Raghav Reviewed-by: Hannes Reinecke Signed-off-by: Christoph Hellwig Acked-by: Darrick J. Wong Reviewed-by: Daniel Gomez Reviewed-by: Dave Chinner Reviewed-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 10553a91652d995274da63fc317470f703765081 Author: Pankaj Raghav Date: Thu Aug 22 15:50:14 2024 +0200 iomap: fix iomap_dio_zero() for fs bs > system page size iomap_dio_zero() will pad a fs block with zeroes if the direct IO size < fs block size. iomap_dio_zero() has an implicit assumption that fs block size < page_size. This is true for most filesystems at the moment. If the block size > page size, this will send the contents of the page next to zero page(as len > PAGE_SIZE) to the underlying block device, causing FS corruption. iomap is a generic infrastructure and it should not make any assumptions about the fs block size and the page size of the system. Signed-off-by: Pankaj Raghav Link: https://lore.kernel.org/r/20240822135018.1931258-7-kernel@pankajraghav.com Reviewed-by: Hannes Reinecke Reviewed-by: Darrick J. Wong Reviewed-by: Dave Chinner Reviewed-by: Daniel Gomez Signed-off-by: Christian Brauner commit 743a2753a02e805347969f6f89f38b736850d808 Author: Pankaj Raghav Date: Thu Aug 22 15:50:13 2024 +0200 filemap: cap PTE range to be created to allowed zero fill in folio_map_range() Usually the page cache does not extend beyond the size of the inode, therefore, no PTEs are created for folios that extend beyond the size. But with LBS support, we might extend page cache beyond the size of the inode as we need to guarantee folios of minimum order. While doing a read, do_fault_around() can create PTEs for pages that lie beyond the EOF leading to incorrect error return when accessing a page beyond the mapped file. Cap the PTE range to be created for the page cache up to the end of file(EOF) in filemap_map_pages() so that return error codes are consistent with POSIX[1] for LBS configurations. generic/749 has been created to trigger this edge case. This also fixes generic/749 for tmpfs with huge=always on systems with 4k base page size. [1](from mmap(2)) SIGBUS Attempted access to a page of the buffer that lies beyond the end of the mapped file. For an explanation of the treatment of the bytes in the page that corresponds to the end of a mapped file that is not a multiple of the page size, see NOTES. Signed-off-by: Luis Chamberlain Signed-off-by: Pankaj Raghav Link: https://lore.kernel.org/r/20240822135018.1931258-6-kernel@pankajraghav.com Tested-by: David Howells Acked-by: Darrick J. Wong Reviewed-by: Hannes Reinecke Reviewed-by: Matthew Wilcox (Oracle) Reviewed-by: Darrick J. Wong Reviewed-by: Daniel Gomez Reviewed-by: Dave Chinner Signed-off-by: Christian Brauner commit e220917fa50774fedb27c075df2261fd664e8ca3 Author: Luis Chamberlain Date: Thu Aug 22 15:50:12 2024 +0200 mm: split a folio in minimum folio order chunks split_folio() and split_folio_to_list() assume order 0, to support minorder for non-anonymous folios, we must expand these to check the folio mapping order and use that. Set new_order to be at least minimum folio order if it is set in split_huge_page_to_list() so that we can maintain minimum folio order requirement in the page cache. Update the debugfs write files used for testing to ensure the order is respected as well. We simply enforce the min order when a file mapping is used. Signed-off-by: Luis Chamberlain Signed-off-by: Pankaj Raghav Link: https://lore.kernel.org/r/20240902124931.506061-2-kernel@pankajraghav.com # folded fix Link: https://lore.kernel.org/r/20240822135018.1931258-5-kernel@pankajraghav.com Tested-by: David Howells Reviewed-by: Hannes Reinecke Reviewed-by: Zi Yan Signed-off-by: Christian Brauner commit 0e7eb23668948585f3f0ea8c6249338f33fde872 Author: Arnaldo Carvalho de Melo Date: Fri Aug 30 19:53:47 2024 -0300 perf tools: Build x86 32-bit syscall table from arch/x86/entry/syscalls/syscall_32.tbl To remove one more use of the audit libs and address a problem reported with a recent change where a function isn't available when using the audit libs method, that should really go away, this being one step in that direction. The script used to generate the 64-bit syscall table was already parametrized to generate for both 64-bit and 32-bit, so just use it and wire the generated table to the syscalltbl.c routines. Reported-by: Jiri Slaby Suggested-by: Ian Rogers Reviewed-by: Ian Rogers Tested-by: Jiri Slaby Cc: Adrian Hunter Cc: Howard Chu Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/6fe63fa3-6c63-4b75-ac09-884d26f6fb95@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit dea56c781ed3d1621b7a8fb7707037f644847c42 Author: Uwe Kleine-König Date: Mon Jul 8 11:23:49 2024 +0200 ARM: dove: Drop a write-only variable This fixes a W=1 build error: arch/arm/mach-dove/common.c: In function ‘dove_clk_init’: arch/arm/mach-dove/common.c:85:40: error: variable ‘gephy’ set but not used [-Werror=unused-but-set-variable] 85 | struct clk *xor0, *xor1, *ge, *gephy; | ^~~~~ Fixes: 521674718af0 ("ARM: dove: add clock gating control") Signed-off-by: Uwe Kleine-König Reviewed-by: Andrew Lunn Signed-off-by: Gregory CLEMENT commit 116249b12939a8ec13eb50f36b6fffd1c719a9ed Author: Thorsten Blum Date: Fri Aug 30 18:49:03 2024 +0200 isofs: Annotate struct SL_component with __counted_by() Add the __counted_by compiler attribute to the flexible array member text to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Signed-off-by: Thorsten Blum Signed-off-by: Jan Kara Link: https://patch.msgid.link/20240830164902.112682-2-thorsten.blum@toblux.com commit 6888c1e85f5db129e6ddcff879bb127bbfdb5c64 Author: Matthew Wilcox (Oracle) Date: Fri Jul 19 18:51:04 2024 +0100 gfs2: Remove gfs2_aspace_writepage() There are no remaining callers of gfs2_aspace_writepage() other than vmscan, which is known to do more harm than good. Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andreas Gruenbacher commit e5ac17199275faffc5399ff7c8a0bea1db553f26 Author: Matthew Wilcox (Oracle) Date: Fri Jul 19 18:51:03 2024 +0100 gfs2: Remove gfs2_jdata_writepage() There are no remaining callers of gfs2_jdata_writepage() other than vmscan, which is known to do more harm than good. Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andreas Gruenbacher commit 8d391972ae2d4fcee9c928581dfb6cb4ce6a3938 Author: Matthew Wilcox (Oracle) Date: Fri Jul 19 18:51:02 2024 +0100 gfs2: Remove __gfs2_writepage() Call aops->writepages() instead of using write_cache_pages() to call aops->writepage. Change the handling of -ENODATA to not set the persistent error on the block device. Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andreas Gruenbacher commit 901849e7070b2b74ba1adaaf025a09a1f381fefe Author: Matthew Wilcox (Oracle) Date: Fri Jul 19 18:51:01 2024 +0100 gfs2: Add gfs2_aspace_writepages() This saves one indirect function call per folio and gets us closer to removing aops->writepage. Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andreas Gruenbacher commit 55ddb6c5a3aef8d8658fe31b1ddda007693ae797 Author: Andrew Halaney Date: Thu Aug 29 15:48:44 2024 -0500 net: stmmac: drop the ethtool begin() callback This callback doesn't seem to serve much purpose, and prevents things like: - systemd.link files from disabling autonegotiation - carrier detection in NetworkManager - any ethtool setting prior to userspace bringing the link up. The only fear I can think of is accessing unclocked resources due to pm_runtime, but ethtool ioctls handle that as of commit f32a21376573 ("ethtool: runtime-resume netdev parent before ethtool ioctl ops") Reviewed-by: Dmitry Dolenko Tested-by: Dmitry Dolenko Signed-off-by: Andrew Halaney Reviewed-by: Alexander Lobakin Signed-off-by: David S. Miller commit 4bf23b964ba0022f9cfd6be12fbe2f8a6b4e6ce6 Author: Andrew Davis Date: Mon Jul 29 07:35:34 2024 -0500 ARM: orion5x: Switch to new sys-off handler API Kernel now supports chained power-off handlers. Use register_platform_power_off() that registers a platform level power-off handler. Legacy pm_power_off() will be removed once all drivers and archs are converted to the new sys-off API. Signed-off-by: Andrew Davis Reviewed-by: Andrew Lunn Signed-off-by: Gregory CLEMENT commit e1df5d0229c37265e4a84a32e71690c5089d2f5b Author: Krzysztof Kozlowski Date: Mon Sep 2 14:12:58 2024 +0200 gpio: pch: kerneldoc fixes for excess members Drop kerneldoc description of 'lock' to fix W=1 warning: drivers/gpio/gpio-pch.c:101: warning: Excess struct member 'lock' description in 'pch_gpio' Reviewed-by: Andy Shevchenko Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240902121258.64094-1-krzysztof.kozlowski@linaro.org Signed-off-by: Bartosz Golaszewski commit 499243b4058073e60cff0d66a023a16ac6bd9d3f Author: Uwe Kleine-König Date: Fri Jul 12 10:13:01 2024 +0200 ARM: mvebu: Warn about memory chunks too small for DDR training For each memory region the first 10K are reserved for DDR training. Emit a warning if the area happens to be smaller than these 10K. This should not happen, but if it does this message simplifies diagnosing the problem. This fixes a W=1 compiler error: arch/arm/mach-mvebu/board-v7.c: In function ‘mvebu_scan_mem’: arch/arm/mach-mvebu/board-v7.c:84:27: error: variable ‘size’ set but not used [-Werror=unused-but-set-variable] 84 | u64 base, size; | ^~~~ Signed-off-by: Uwe Kleine-König Reviewed-by: Andrew Lunn Signed-off-by: Gregory CLEMENT commit c4a6c82c9e834e40cba258e1f5e46cebb5cd1c24 Merge: 15d75184a86fdd 3ca2a3d1e72715 Author: Rafael J. Wysocki Date: Mon Sep 2 14:27:53 2024 +0200 Merge back cpufreq material for 6.12 commit 60949b7b805424f21326b450ca4f1806c06d982e Author: Clément Léger Date: Mon Aug 26 12:16:44 2024 +0200 ACPI: CPPC: Fix MASK_VAL() usage MASK_VAL() was added as a way to handle bit_offset and bit_width for registers located in system memory address space. However, while suited for reading, it does not work for writing and result in corrupted registers when writing values with bit_offset > 0. Moreover, when a register is collocated with another one at the same address but with a different mask, the current code results in the other registers being overwritten with 0s. The write procedure for SYSTEM_MEMORY registers should actually read the value, mask it, update it and write it with the updated value. Moreover, since registers can be located in the same word, we must take care of locking the access before doing it. We should potentially use a global lock since we don't know in if register addresses aren't shared with another _CPC package but better not encourage vendors to do so. Assume that registers can use the same word inside a _CPC package and thus, use a per _CPC package lock. Fixes: 2f4a4d63a193 ("ACPI: CPPC: Use access_width over bit_width for system memory accesses") Signed-off-by: Clément Léger Link: https://patch.msgid.link/20240826101648.95654-1-cleger@rivosinc.com [ rjw: Dropped redundant semicolon ] Signed-off-by: Rafael J. Wysocki commit 206dd13a10119671d7f4bb3a6c90d566dda14a4f Author: Sunil V L Date: Tue Aug 27 19:51:35 2024 +0200 irqchip/sifive-plic: Add ACPI support Add ACPI support in PLIC driver. Use the mapping created early during boot to get details about the PLIC. Signed-off-by: Sunil V L Co-developed-by: Haibo Xu Signed-off-by: Haibo Xu Reviewed-by: Anup Patel Tested-by: Björn Töpel Acked-by: Thomas Gleixner Link: https://patch.msgid.link/20240812005929.113499-18-sunilvl@ventanamicro.com [ rjw: Rebase on top of recent irqchip changes ] Signed-off-by: Rafael J. Wysocki commit 390fa93e6efef330baa2785edc2a484f7ce0b292 Author: Jani Nikula Date: Thu Aug 29 17:47:48 2024 +0300 drm/xe/display: remove unused compat kdev_to_i915() and pdev_to_i915() The display code no longer uses kdev_to_i915() or pdev_to_i915() helpers. Remove them. Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/05b948f9012fc7c0b97d567c70b0bac8791d554a.1724942754.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 8906064715c16571e691f67c2746ed1bf1bda6b9 Author: Jani Nikula Date: Thu Aug 29 17:47:47 2024 +0300 drm/i915/hdcp: migrate away from kdev_to_i915() in GSC messaging Use to_intel_display() instead of kdev_to_i915() in the HDCP component API hooks. Avoid further drive-by changes at this point, and just convert the display pointer to i915, and leave the struct intel_display conversion for later. The NULL error checking in the hooks make this a bit cumbersome. I'm not actually sure they're really required, but don't go down that rabbit hole just now. Cc: Gustavo Sousa Reviewed-by: Ankit Nautiyal Reviewed-by: Suraj Kandpal Reviewed-by: Arun R Murthy Link: https://patchwork.freedesktop.org/patch/msgid/efd5c4c164c01b7ee50ad43f202b074b373fb810.1724942754.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit b1aa0491fad27f030c94ed42c873c3f46f5e7364 Author: Maarten Lankhorst Date: Mon Sep 2 13:20:02 2024 +0200 drm/xe: Fix merge fails related to display runtime PM The most recent merge commits introduced some fails to drm/drm-next, I've noticed these when looking at the xe patches. Solve it! Fixes: 8bdb468dd7a5 ("Merge tag 'drm-xe-next-2024-08-28' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-next") Signed-off-by: Maarten Lankhorst [sima: add fixes line, and drop 3rd hunk because that's just a bugfix, not mismerge, which should go in seperately with proper fixes line and review/testing.] Signed-off-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240902112002.489225-1-maarten.lankhorst@linux.intel.com commit 3eac4684ecb5ea696bd283bd7f35e4829973f4f8 Author: Jani Nikula Date: Thu Aug 29 17:47:46 2024 +0300 drm/i915/hdcp: migrate away from kdev_to_i915() in bind/unbind Use to_intel_display() instead of kdev_to_i915() in the HDCP component API hooks. Avoid further drive-by changes at this point, and just convert the display pointer to i915, and leave the struct intel_display conversion for later. Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/0beedaa438e912828b48d9980f017807e079d7ab.1724942754.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 14ee9fa87d8c96b23d77397b684fb431c5bc2677 Author: Jani Nikula Date: Thu Aug 29 17:47:45 2024 +0300 drm/i915/audio: migrate away from kdev_to_i915() Use to_intel_display() instead of kdev_to_i915() in the audio component API hooks. Avoid further drive-by changes at this point, and just convert the display pointer to i915, and leave the struct intel_display conversion for later. Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/35ef00470db0088eb82b0406e4f7730154f54baf.1724942754.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 6a2161a155f92985b21e38a9e8b9217f620d606f Author: Jani Nikula Date: Thu Aug 29 17:47:44 2024 +0300 drm/i915: support struct device and pci_dev in to_intel_display() Now that both xe and i915 store struct drm_device in drvdata, we can trivially support struct device and struct pci_dev in to_intel_display(). We do need to check for NULL drvdata before converting it into struct intel_device pointer, though. Do it in __drm_device_to_intel_display(). v2: Add NULL check in __drm_device_to_intel_display() (Gustavo) Reviewed-by: Gustavo Sousa # v1 Link: https://patchwork.freedesktop.org/patch/msgid/f025a3fa4422725c78baac4501ad3ecc9e5b40d5.1724942754.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 83e5af5997554115e198c2e9e97564702eac04a6 Author: Jani Nikula Date: Thu Aug 29 17:47:43 2024 +0300 drm/i915 & drm/xe: save struct drm_device to drvdata In the future, the display code shall not have any idea about struct xe_device or struct drm_i915_private, but will need to get at the struct drm_device via drvdata. Store the struct drm_device pointer to drvdata instead of the driver specific pointer. Avoid passing NULL to container_of() via to_i915()/to_xe_device(). (It does return NULL for NULL pointers when the offset happens to be 0, but otherwise returns garbage pointers for NULL.) Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/946805b32e38d4785880cc7857e01e6a309126a9.1724942754.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 8d2aaf4382b7c2ae4eae17c3eb71474eddbb5c4b Author: Rong Qianfeng Date: Tue Aug 20 20:16:51 2024 +0800 gpio: zynq: Simplify using devm_clk_get_enabled() Use devm_clk_get_enabled() simplify zynq_gpio_probe() and zynq_gpio_remove(). Acked-by: Michal Simek Signed-off-by: Rong Qianfeng Link: https://lore.kernel.org/r/20240820121651.29706-3-rongqianfeng@vivo.com Signed-off-by: Bartosz Golaszewski commit f465d10cd73188611ba952fd4df2e2c879998334 Author: Shuming Fan Date: Mon Sep 2 17:08:45 2024 +0800 ASoC: rt1320: Add support for version C This patch added the support for version C. Signed-off-by: Shuming Fan Link: https://patch.msgid.link/20240902090845.1862354-1-shumingf@realtek.com Signed-off-by: Mark Brown commit e86836883a8a624680f247c7ac200538c6a5ebaa Author: Andy Shevchenko Date: Mon Sep 2 13:30:41 2024 +0300 spi: ppc4xx: Sort headers Sort the headers in alphabetic order in order to ease the maintenance for this part. Signed-off-by: Andy Shevchenko Link: https://patch.msgid.link/20240902103203.2476576-1-andriy.shevchenko@linux.intel.com Signed-off-by: Mark Brown commit 7f9f8c5939b1d729470a15480a4ffb0512d39d3a Author: Andy Shevchenko Date: Mon Sep 2 13:28:26 2024 +0300 spi: ppc4xx: Revert "handle irq_of_parse_and_map() errors" The commit had been applied twice as 0f245463b01e ("spi: ppc4xx: handle irq_of_parse_and_map() errors") and f1011ba20b83 ("spi: ppc4xx: handle irq_of_parse_and_map() errors") This reverts commit f1011ba20b83da3ee70dcb4a6d9d282a718916fa. Fixes: f1011ba20b83 ("spi: ppc4xx: handle irq_of_parse_and_map() errors") Signed-off-by: Andy Shevchenko Link: https://patch.msgid.link/20240902102853.2476165-1-andriy.shevchenko@linux.intel.com Signed-off-by: Mark Brown commit c7edb7ac8472a57e0c56a3a95796db3af98b2383 Author: Mark Brown Date: Sun Sep 1 12:06:14 2024 +0100 regmap: kunit: Add coverage of spinlocked regmaps By default regmap uses a mutex to protect the regmap but we also support other kinds of locking, including spinlocks, which can have an impact especially around allocations. Ensure that we are covering the spinlock case by running tests configured using fast I/O, this causes the core to use a spinlock instead of a mutex. Running every single test would be redundant but cover most of them. Signed-off-by: Mark Brown Link: https://patch.msgid.link/20240901-regmap-test-fast-io-v1-1-aad83a871bcc@kernel.org Signed-off-by: Mark Brown commit 27f22f897095b09df32bf689b63624d23b0c8ebc Author: Chen Ni Date: Mon Sep 2 15:44:02 2024 +0800 fbdev: hyperv_fb: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Fixes: d786e00d19f9 ("drivers: hv, hyperv_fb: Untangle and refactor Hyper-V panic notifiers") Signed-off-by: Chen Ni Signed-off-by: Helge Deller commit 18b0327310efa286e1bf8fca3845cf2d121d36f1 Author: Chen Ni Date: Mon Sep 2 16:47:30 2024 +0800 fbdev: imsttfb: convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Signed-off-by: Helge Deller commit 2ff86df2b6a3b535b9cd4f3a9a37f5e181d3a898 Author: Chen Ni Date: Mon Sep 2 15:57:24 2024 +0800 fbdev: pxa3xx-gcu: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Signed-off-by: Helge Deller commit 14ed0ef0a27a0646ecd7dc6f61cde3f6ba2b303b Author: Zhang Zekun Date: Mon Aug 12 20:52:10 2024 +0800 thermal/drivers/ti-soc-thermal: Remove unused declarations The functions definition of ti_bandgap_read_thot(), ti_bandgap_write_thot(), ti_bandgap_read_tcold() and ti_bandgap_write_tcold() has been removed since commit 9bebf3485c6a ("thermal: ti-soc-thermal: remove dead code"), remain the declarations untouched in the header files. So, clean up this unused declarations. Signed-off-by: Zhang Zekun Reviewed-by: Dhruva Gole Link: https://lore.kernel.org/r/20240812125210.94280-1-zhangzekun11@huawei.com Signed-off-by: Daniel Lezcano commit 41df03900dc586d556b99d4905bed2c1a2e83abf Author: Fabio Estevam Date: Mon Aug 19 22:26:16 2024 -0300 thermal/drivers/imx: Remove __maybe_unused notations Replace SET_RUNTIME_PM_OPS()/SET SYSTEM_SLEEP_PM_OPS() with their modern RUNTIME_PM_OPS() and SYSTEM_SLEEP_PM_OPS() alternatives. The combined usage of pm_ptr() and RUNTIME_PM_OPS/SYSTEM_SLEEP_PM_OPS() allows the compiler to evaluate if the runtime suspend/resume() functions are used at build time or are simply dead code. This allows removing __maybe_unused notations from the suspend/resume() functions. Signed-off-by: Fabio Estevam Link: https://lore.kernel.org/r/20240820012616.1449210-2-festevam@gmail.com Signed-off-by: Daniel Lezcano commit bf2876f6bae3f9ece8d781627623630963b19333 Author: Fabio Estevam Date: Mon Aug 19 22:26:15 2024 -0300 thermal/drivers/qoriq: Remove __maybe_unused notations The combined usage of pm_sleep_ptr() and DEFINE_SIMPLE_DEV_PM_OPS() allows the compiler to evaluate if the suspend/resume() functions are used at build time or are simply dead code. This allows removing __maybe_unused notations from the suspend/resume() functions. Signed-off-by: Fabio Estevam Link: https://lore.kernel.org/r/20240820012616.1449210-1-festevam@gmail.com Signed-off-by: Daniel Lezcano commit d5714524fc2ce2a89fbe7abb06eccbb94920ec72 Author: Huan Yang Date: Tue Aug 20 17:44:49 2024 +0800 thermal/drivers/sprd: Use devm_clk_get_enabled() helpers The devm_clk_get_enabled() helpers: - call devm_clk_get() - call clk_prepare_enable() and register what is needed in order to call clk_disable_unprepare() when needed, as a managed resource. This simplifies the code and avoids the calls to clk_disable_unprepare(). Signed-off-by: Huan Yang Reviewed-by: Baolin Wang Link: https://lore.kernel.org/r/20240820094450.101976-1-link@vivo.com Signed-off-by: Daniel Lezcano commit f41e6475ff100f71f8b90ccf5182e70dd2f9c11f Author: Nikunj Kela Date: Wed Aug 28 13:37:12 2024 -0700 dt-bindings: thermal: tsens: document support on SA8255p Add compatible for sensors representing support on SA8255p. Signed-off-by: Nikunj Kela Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240828203721.2751904-14-quic_nkela@quicinc.com Signed-off-by: Daniel Lezcano commit b615615e4989be13052898111412766d80c2d65b Author: Colin Ian King Date: Sun Sep 1 17:27:19 2024 +0100 thermal/drivers/renesas: Remove trailing space after \n newline There is a extraneous space after a newline in a dev_err message. Remove it. Signed-off-by: Colin Ian King Reviewed-by: Niklas Söderlund Link: https://lore.kernel.org/r/20240901162719.144406-1-colin.i.king@gmail.com Signed-off-by: Daniel Lezcano commit b779bbb9df180e2ab5c89c666e01fe03eef7dc49 Author: Yan Zhen Date: Fri Aug 30 18:39:18 2024 +0800 thermal/drivers/brcmstb_thermal: Simplify with dev_err_probe() dev_err_probe() is used to log an error message during the probe process of a device. It can simplify the error path and unify a message template. Using this helper is totally fine even if err is known to never be -EPROBE_DEFER. The benefit compared to a normal dev_err() is the standardized format of the error code, it being emitted symbolically and the fact that the error code is returned which allows more compact error paths. Signed-off-by: Yan Zhen Link: https://lore.kernel.org/r/20240830103918.501234-1-yanzhen@vivo.com Signed-off-by: Daniel Lezcano commit 8e12f1f88196b67975e664a35e230b3b2292d10b Author: Raphael Gallais-Pou Date: Tue Jul 16 19:34:52 2024 +0200 thermal/drivers/sti: Depend on THERMAL_OF subsystem Switch to thermal_of_zone to handle thermal-zones. Replace thermal_zone_device_register() by devm_thermal_of_zone_register() and remove ops st_thermal_get_trip_type, st_thermal_get_trip_temp. Signed-off-by: Raphael Gallais-Pou Link: https://lore.kernel.org/r/20240716-thermal-v4-2-947b327e165c@gmail.com Signed-off-by: Daniel Lezcano commit 27fec3cc9ee42fcf21f4527d60dbc1f824e592b1 Author: Raphael Gallais-Pou Date: Tue Jul 16 19:34:51 2024 +0200 thermal/drivers/st: Switch from CONFIG_PM_SLEEP guards to pm_sleep_ptr() Letting the compiler remove these functions when the kernel is built without CONFIG_PM_SLEEP support is simpler and less error prone than the use of #ifdef based kernel configuration guards. Remove those guards on every ST thermal related drivers. Reviewed-by: Patrice Chotard Signed-off-by: Raphael Gallais-Pou Link: https://lore.kernel.org/r/20240716-thermal-v4-1-947b327e165c@gmail.com Signed-off-by: Daniel Lezcano commit 77545bdfe4bf11685fa0d75b3639fd443c481988 Author: George Stark Date: Thu Jul 11 01:32:13 2024 +0300 dt-bindings: thermal: amlogic,thermal: add optional power-domains On newer SoCs, the thermal hardware can require a power domain to operate so add corresponding optional property. Signed-off-by: George Stark Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240710223214.2348418-3-gnstark@salutedevices.com Signed-off-by: Daniel Lezcano commit db184a1ced56dde6bbf8cc4d9b936c9f6a510e28 Author: Nicolin Chen Date: Sun Sep 1 22:57:45 2024 -0700 iommu/tegra241-cmdqv: Fix -Wformat-truncation warnings in lvcmdq_error_header Kernel test robot reported a few trucation warnings at the snprintf: drivers/iommu/arm/arm-smmu-v3/tegra241-cmdqv.c: In function ‘tegra241_vintf_free_lvcmdq’: drivers/iommu/arm/arm-smmu-v3/tegra241-cmdqv.c:239:56: warning: ‘%u’ directive output may be truncated writing between 1 and 5 bytes into a region of size between 3 and 11 [-Wformat-truncation=] 239 | snprintf(header, hlen, "VINTF%u: VCMDQ%u/LVCMDQ%u: ", | ^~ drivers/iommu/arm/arm-smmu-v3/tegra241-cmdqv.c:239:32: note: directive argument in the range [0, 65535] 239 | snprintf(header, hlen, "VINTF%u: VCMDQ%u/LVCMDQ%u: ", | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/iommu/arm/arm-smmu-v3/tegra241-cmdqv.c:239:9: note: ‘snprintf’ output between 25 and 37 bytes into a destination of size 32 239 | snprintf(header, hlen, "VINTF%u: VCMDQ%u/LVCMDQ%u: ", | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 240 | vcmdq->vintf->idx, vcmdq->idx, vcmdq->lidx); Fix by bumping up the size of the header to hold more characters. Fixes: 918eb5c856f6 ("iommu/arm-smmu-v3: Add in-kernel support for NVIDIA Tegra241 (Grace) CMDQV") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409020406.7ed5uojF-lkp@intel.com/ Signed-off-by: Nicolin Chen Link: https://lore.kernel.org/r/20240902055745.629456-1-nicolinc@nvidia.com Signed-off-by: Will Deacon commit e9482dc50ab2cb81b7735180345c48ada87205a5 Author: Martyn Welch Date: Tue Aug 20 15:33:27 2024 +0100 gpio: mpc8xxx: Add wake on GPIO support The mpc8xxx GPIO can generate an interrupt on state change. This interrupt can be used to wake up the device from its sleep state if enabled to do so. Add required support to the driver so that the GPIO can be used in this way. In order for the GPIO to actually function in this way, it is necessary to also set the GPIO bit in the RCPM. This can be done via the device tree fsl,rcpm-wakeup property. Signed-off-by: Martyn Welch Link: https://lore.kernel.org/r/20240820143328.1987442-1-martyn.welch@collabora.com Signed-off-by: Bartosz Golaszewski commit c10c762f76b8cbce165bef9dfd33e6a0d9e52ba7 Author: Dhruva Gole Date: Mon Sep 2 16:00:02 2024 +0530 gpio: syscon: fix excess struct member build warning Fix the build warning with W=1 flag, "Excess struct member 'compatible' description in 'syscon_gpio_data' " by removing the documentation for the non existent member. Signed-off-by: Dhruva Gole Link: https://lore.kernel.org/r/20240902-b4-gpio-fix-v1-1-49a997994fa5@ti.com Signed-off-by: Bartosz Golaszewski commit ece70e79868c75d946819db4fba095c8c96ddb32 Author: Rong Qianfeng Date: Tue Aug 20 20:16:50 2024 +0800 gpio: stp-xway: Simplify using devm_clk_get_enabled() Use devm_clk_get_enabled() simplify xway_stp_probe(). Signed-off-by: Rong Qianfeng Link: https://lore.kernel.org/r/20240820121651.29706-2-rongqianfeng@vivo.com Signed-off-by: Bartosz Golaszewski commit d25f9ab17de95f483b6be3911577150ae324f2dd Author: Andy Shevchenko Date: Wed Aug 28 18:12:43 2024 +0300 gpiolib: legacy: Consolidate devm_gpio_*() with other legacy APIs There is no reason to keep deprecated legacy API implementations in the gpiolib-devres.c. Consolidate devm_gpio_*() with other legacy APIs. While at it, clean up header inclusion block in gpiolib-devres.c. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240828151357.2677340-1-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit 94bd9ce16063a264c85f3b5907fefd8ec979d214 Author: Andy Shevchenko Date: Wed Aug 28 19:41:35 2024 +0300 gpiolib: Update the kernel documentation - add Return sections $ scripts/kernel-doc -v -none -Wall drivers/gpio/gpiolib* 2>&1 | grep -w warning | wc -l 67 Fix these by adding Return sections. While at it, make sure all of Return sections use the same style. Signed-off-by: Andy Shevchenko Reviewed-by: Randy Dunlap Tested-by: Randy Dunlap Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240828164449.2777666-1-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit 1e3d42f508ee03ce5c515fc72ef9dcb65212d221 Author: Andy Shevchenko Date: Fri Aug 23 01:33:32 2024 +0300 gpio: ixp4xx: Replace of_node_to_fwnode() with more suitable API of_node_to_fwnode() is a IRQ domain specific implementation of of_fwnode_handle(). Replace the former with more suitable API. Signed-off-by: Andy Shevchenko Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240822223332.705560-1-andy.shevchenko@gmail.com Signed-off-by: Bartosz Golaszewski commit 35ea26245ec24f89491fec945a15c0b2ae60bab9 Author: Andy Shevchenko Date: Fri Aug 23 01:58:18 2024 +0300 gpio: visconti: Replace of_node_to_fwnode() with more suitable API of_node_to_fwnode() is a IRQ domain specific implementation of of_fwnode_handle(). Replace the former with more suitable API. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240822225818.707550-1-andy.shevchenko@gmail.com Signed-off-by: Bartosz Golaszewski commit 6d6395cd500fccd407edf7480ea7d53ea4cf8345 Author: Andy Shevchenko Date: Fri Aug 23 01:53:00 2024 +0300 gpio: thunderx: Replace of_node_to_fwnode() with more suitable API of_node_to_fwnode() is a IRQ domain specific implementation of of_fwnode_handle(). Replace the former with more suitable API. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240822225300.707178-1-andy.shevchenko@gmail.com Signed-off-by: Bartosz Golaszewski commit 5482f1a5c2003829be84cf4fa9d23b7ec65acf8c Author: Andy Shevchenko Date: Fri Aug 23 01:47:37 2024 +0300 gpio: tegra186: Replace of_node_to_fwnode() with more suitable API of_node_to_fwnode() is a IRQ domain specific implementation of of_fwnode_handle(). Replace the former with more suitable API. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240822224737.706870-1-andy.shevchenko@gmail.com Signed-off-by: Bartosz Golaszewski commit 9f12737342291ea5b657a79c35d24b33983668be Author: Andy Shevchenko Date: Fri Aug 23 01:56:29 2024 +0300 gpio: uniphier: Replace of_node_to_fwnode() with more suitable API of_node_to_fwnode() is a IRQ domain specific implementation of of_fwnode_handle(). Replace the former with more suitable API. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240822225629.707365-1-andy.shevchenko@gmail.com Signed-off-by: Bartosz Golaszewski commit f5c4a495b189a4438a06fa0781f11dabdf5b28e0 Author: Andy Shevchenko Date: Fri Aug 23 01:41:30 2024 +0300 gpio: msc313: Replace of_node_to_fwnode() with more suitable API of_node_to_fwnode() is a IRQ domain specific implementation of of_fwnode_handle(). Replace the former with more suitable API. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240822224130.706564-1-andy.shevchenko@gmail.com Signed-off-by: Bartosz Golaszewski commit c1e4e5dc9bbf995e81884b2988502fded54542e4 Author: Andy Shevchenko Date: Fri Aug 23 01:38:45 2024 +0300 gpio: tegra: Replace of_node_to_fwnode() with more suitable API of_node_to_fwnode() is a IRQ domain specific implementation of of_fwnode_handle(). Replace the former with more suitable API. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240822223845.706346-1-andy.shevchenko@gmail.com Signed-off-by: Bartosz Golaszewski commit 30a32e93117abf8b467897f4814e9b1261b3b803 Author: Hongbo Li Date: Wed Aug 28 20:20:39 2024 +0800 gpio: Use IS_ERR_OR_NULL() helper function Use the IS_ERR_OR_NULL() helper instead of open-coding a NULL and an error pointer checks to simplify the code and improve readability. No functional changes are intended. Signed-off-by: Hongbo Li Link: https://lore.kernel.org/r/20240828122039.3697037-1-lihongbo22@huawei.com Signed-off-by: Bartosz Golaszewski commit 931a36c4138ac418d487bd4db0d03780b46a77ba Author: zhangjiao Date: Thu Aug 29 14:29:42 2024 +0800 tools: gpio: rm .*.cmd on make clean rm .*.cmd when calling make clean Signed-off-by: zhangjiao Link: https://lore.kernel.org/r/20240829062942.11487-1-zhangjiao2@cmss.chinamobile.com Signed-off-by: Bartosz Golaszewski commit a0c479bfff034c183bfe9f47a313b8aebc7f96f8 Author: Krzysztof Kozlowski Date: Wed Aug 28 11:35:59 2024 +0200 dt-bindings: gpio: simplify GPIO hog nodes schema The core schema in dtschema already strictly defines contents of nodes with "gpio-hog" property (with additionalProperties: false), thus the only thing device schema should do is: define "type: object" and required "gpio-hog". Make the code a bit simpler by removing redundant parts. Reviewed-by: Rob Herring (Arm) Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240828-dt-bindings-gpio-hog-v1-3-63b83e47d804@linaro.org Signed-off-by: Bartosz Golaszewski commit 0cbda0499a2797278aa067e98c5221948494356d Author: Krzysztof Kozlowski Date: Wed Aug 28 11:35:57 2024 +0200 dt-bindings: gpio: fcs,fxl6408: add missing type to GPIO hogs GPIO hog nodes should define type, otherwise "dummy-hog" boolean properties would be allowed. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Linus Walleij Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240828-dt-bindings-gpio-hog-v1-1-63b83e47d804@linaro.org Signed-off-by: Bartosz Golaszewski commit ec62e2e82581237417cd3f4a2f1ece6483d36c85 Merge: e99769bf7adfdb 8812b8689ee652 Author: Arnd Bergmann Date: Mon Sep 2 10:23:22 2024 +0000 Merge tag 'tegra-for-6.12-firmware' of https://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux into soc/drivers firmware: tegra: Changes for v6.12-rc1 The changes in this set remove some unused code and simplify error paths using scoped helpers. * tag 'tegra-for-6.12-firmware' of https://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux: firmware: tegra: bpmp: Use scoped device node handling to simplify error paths firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() Link: https://lore.kernel.org/r/20240830141004.3195210-2-thierry.reding@gmail.com Signed-off-by: Arnd Bergmann commit e99769bf7adfdbaab98b5f79f2ae7cedbca2103b Merge: cdcf6263145bb9 4d57a840560c3f Author: Arnd Bergmann Date: Mon Sep 2 10:22:20 2024 +0000 Merge tag 'tegra-for-6.12-soc' of https://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux into soc/drivers soc/tegra: Changes for v6.12-rc1 This is a single patch that simplifies code a little by employing the new scoped OF helpers. * tag 'tegra-for-6.12-soc' of https://git.kernel.org/pub/scm/linux/kernel/git/tegra/linux: soc/tegra: pmc: Simplify with scoped for each OF child loop Link: https://lore.kernel.org/r/20240830141004.3195210-1-thierry.reding@gmail.com Signed-off-by: Arnd Bergmann commit cdcf6263145bb93c6d42fcec9669f7dc3fe4a82c Merge: 74f19eb2ff302f 3008598ef3b009 Author: Arnd Bergmann Date: Mon Sep 2 10:20:13 2024 +0000 Merge tag 'scmi-updates-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux into soc/drivers Arm SCMI updates for v6.12 Few main features include: 1. SCMI transport as stand-alone drivers Currently the SCMI transport layer is being built embedded into in the core SCMI stack. Some of these transports, despite being currently part of the main SCMI module, are indeed also registered with different subsystems like optee or virtio, and actively probed also by those. This leads to a few awkward and convoluted tricks to properly handle such interactions at boot time in the SCMI stack. This change adds the new logic to the core SCMI stack so that each existing transport is transitioned to be a standi-alone driver. With that all the probe deferral and awkward retries between the SCMI core stack and the transports has been removed, since no more needed. 2. Support for obtaining transport descriptors from the devicetree SCMI platform firmwares might have different designs depending on the platform. Some of the transport descriptors rely on such design. E.g. the maximum receive channel timeout value might vary depending on the specific underlying hardware and firmware design choices. This change adds support for max-rx-timeout-ms property to describe the transport needs of a specific platform design. It will be extended in the future to obtain other such hardware/firmware dependent transport related descriptors. 3. NXP i.MX95 specific SCMI vendor protocol extensions SCMI specification allows vendor or platform-specific extensions to the interface. NXP i.MX95 System Manager(SM) that implements SCMI extends the interface to implement couple of vendor/platform specific protocol, namely: a. Battery Backed Module(BBM) Protocol This protocol is intended provide access to the battery-backed module. This contains persistent storage (GPR), an RTC, and the ON/OFF button. The protocol can also provide access to similar functions implemented via external board components. b. MISC Protocol for misc settings This includes controls that are misc settings/actions that must be exposed from the SM to agents. They are device specific and are usually define to access bit fields in various mix block control modules, IOMUX_GPR, and other GPR/CSR owned by the SM. 4. SCMI debug/tracking metrics Since SCMI involves interaction with the entity(software, firmware and/or hardware) providing services or features, it is quite useful to track certain metrics(for pure debugging purposes) like how many messages were sent or received, were there any failures, what kind of failures, ..etc. This feature adds support for the same via debugfs. Apart from these main features, there are some miscellaneous updates, fixes and cleanups. * tag 'scmi-updates-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux: (31 commits) rtc: support i.MX95 BBM RTC input: keyboard: support i.MX95 BBM module firmware: imx: Add i.MX95 MISC driver firmware: arm_scmi: Add initial support for i.MX MISC protocol firmware: arm_scmi: Add initial support for i.MX BBM protocol firmware: arm_scmi: Add NXP i.MX95 SCMI documentation dt-bindings: firmware: Add i.MX95 SCMI Extension protocol firmware: arm_scmi: Replace comma with the semicolon firmware: arm_scmi: Replace the use of of_node_put() to __free(device_node) firmware: arm_scmi: Fix trivial whitespace/coding style issues firmware: arm_scmi: Use max-rx-timeout-ms from devicetree dt-bindings: firmware: arm,scmi: Introduce property max-rx-timeout-ms firmware: arm_scmi: Remove const from transport descriptors firmware: arm_scmi: Simplify with scoped for each OF child loop firmware: arm_scmi: Update various protocols versions firmware: arm_scmi: Remove legacy transport-layer code firmware: arm_scmi: Make VirtIO transport a standalone driver firmware: arm_scmi: Make OPTEE transport a standalone driver firmware: arm_scmi: Make SMC transport a standalone driver firmware: arm_scmi: Make MBOX transport a standalone driver ... Link: https://lore.kernel.org/r/20240830135918.2383664-1-sudeep.holla@arm.com Signed-off-by: Arnd Bergmann commit 74f19eb2ff302f9dcf8c353b0a5fdbd702dfc956 Merge: ef5651a4a0bf3c 61824feae5c079 Author: Arnd Bergmann Date: Mon Sep 2 10:18:44 2024 +0000 Merge tag 'ffa-updates-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux into soc/drivers Arm FF-A updates for v6.12 The main addition this time is the basic support for FF-A v1.2 specification which includes support for newly added: 1. FFA_MSG_SEND_DIRECT_{REQ,RESP}2 2. FFA_PARTITION_INFO_GET_REGS 3. FFA_YIELD support in direct messaging Apart from these, the changes include support to fetch the Rx/Tx buffer size using FFA_FEATURES, addition of the FF-A FIDs for v1.2 and some coding style cleanups. * tag 'ffa-updates-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux: firmware: arm_ffa: Fetch the Rx/Tx buffer size using ffa_features() firmware: arm_ffa: Add support for FFA_YIELD in direct messaging firmware: arm_ffa: Add support for FFA_MSG_SEND_DIRECT_{REQ,RESP}2 firmware: arm_ffa: Add support for FFA_PARTITION_INFO_GET_REGS firmware: arm_ffa: Move the function ffa_features() earlier firmware: arm_ffa: Update the FF-A command list with v1.2 additions firmware: arm_ffa: Some coding style fixes Link: https://lore.kernel.org/r/20240830135759.2383431-1-sudeep.holla@arm.com Signed-off-by: Arnd Bergmann commit ef5651a4a0bf3cb335f7cb2bcb623e571b52228a Merge: 9a2f5cbf8f832f 2f05726171f8d0 Author: Arnd Bergmann Date: Mon Sep 2 10:17:33 2024 +0000 Merge tag 'versatile-soc-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-integrator into soc/drivers Some long due cleanups and modernizations of the Versatile SoC drivers from Krzysztof: - Put OF handle - Use devres to avoid memory leaks - Enable compile testing * tag 'versatile-soc-for-v6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-integrator: soc: versatile: enable compile testing soc: versatile: realview: fix soc_dev leak during device remove soc: versatile: realview: fix memory leak during device remove soc: versatile: integrator: fix OF node leak in probe() error path Link: https://lore.kernel.org/r/CACRpkda244rFHnnXPDPOhmKiJsRP08tNCcfFzpH5zR2cx1DFpw@mail.gmail.com Signed-off-by: Arnd Bergmann commit 487b1b32e317b85c2948eb4013f3e089a0433d49 Author: Théo Lebrun Date: Tue Jul 30 18:06:23 2024 +0200 reset: eyeq: add platform driver Add Mobileye EyeQ reset controller driver, for EyeQ5, EyeQ6L and EyeQ6H SoCs. Instances belong to a shared register region called OLB and gets spawned as auxiliary device to the platform driver for clock. There is one OLB instance for EyeQ5 and EyeQ6L. There are seven OLB instances on EyeQ6H; three have a reset controller embedded: - West and east get handled by the same compatible. - Acc (accelerator) is another one. Each instance vary in the number and types of reset domains. Instances with single domain expect a single cell, others two. Signed-off-by: Théo Lebrun Link: https://lore.kernel.org/r/20240730-mbly-reset-v2-2-00b870a6a2ff@bootlin.com Signed-off-by: Philipp Zabel commit ce50a775bd2ef31846df201804d920bbfc99c93f Author: Théo Lebrun Date: Tue Jul 30 18:06:22 2024 +0200 Revert "dt-bindings: reset: mobileye,eyeq5-reset: add bindings" Switch from one sub-node per functionality in the system-controller to a single node representing the entire OLB instance. This is the recommended approach for controllers handling many different functionalities; it is a single controller and should be represented by a single devicetree node. The reset bindings is removed and all properties will be described by: soc/mobileye/mobileye,eyeq5-olb.yaml Reviewed-by: Rob Herring (Arm) Signed-off-by: Théo Lebrun Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240730-mbly-reset-v2-1-00b870a6a2ff@bootlin.com Signed-off-by: Philipp Zabel commit b062ef2907a2f2054d7b3f84712e12ace42ee3f1 Author: Zelong Dong Date: Mon Apr 22 19:11:44 2024 +0800 reset: reset-meson: Add support for Amlogic T7 SoC reset controller There are 7 sets of Reset Source in Amlogic T7 SoC reset controller, and the offset between base and level registers is 0x40. Add a new compatible string and struct meson_reset_param to support the reset controller on T7 SoC. Signed-off-by: Zelong Dong Signed-off-by: Kelvin Zhang Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240422-t7-reset-v2-2-cb82271d3296@amlogic.com Signed-off-by: Philipp Zabel commit 47c270a9bf2188c3797e9791e2d59c411f7c9549 Author: Zelong Dong Date: Mon Apr 22 19:11:43 2024 +0800 dt-bindings: reset: Add Amlogic T7 reset controller Add a new compatible for Amlogic T7 reset controller. Signed-off-by: Zelong Dong Signed-off-by: Kelvin Zhang Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240422-t7-reset-v2-1-cb82271d3296@amlogic.com Signed-off-by: Philipp Zabel commit a05f87270e9013bf8ce37efe70c8cc3e243931cb Author: Clément Léger Date: Thu Aug 8 17:46:56 2024 +0200 reset: core: add get_device()/put_device on rcdev Since the rcdev structure is allocated by the reset controller drivers themselves, they need to exists as long as there is a consumer. A call to module_get() is already existing but that does not work when using device-tree overlays. In order to guarantee that the underlying reset controller device does not vanish while using it, add a get_device() call when retrieving a reset control from a reset controller device and a put_device() when releasing that control. Signed-off-by: Clément Léger Signed-off-by: Herve Codina Reviewed-by: Philipp Zabel Reviewed-by: Rob Herring (Arm) Reviewed-by: Andrew Lunn Reviewed-by: Steen Hegelund Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240808154658.247873-8-herve.codina@bootlin.com Signed-off-by: Philipp Zabel commit 0fa8ce76b713a31f6aef2f88d08eee74d7d3d8a7 Author: Krzysztof Kozlowski Date: Sun Aug 25 16:14:28 2024 +0200 reset: lpc18xx: simplify with devm_clk_get_enabled() Use devm_clk_get_enabled() to drop clock prepare/unprepare parts and make the code simpler. Change to dev_err_probe() in handling reset_controller_register() error to make it even simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Damien Le Moal Acked-by: Vladimir Zapolskiy Reviewed-by: Vladimir Zapolskiy Link: https://lore.kernel.org/r/20240825-reset-cleanup-scoped-v1-5-03f6d834f8c0@linaro.org Signed-off-by: Philipp Zabel commit ece222e91f2fb818fd01ff2754cf3b1d6f2bf411 Author: Krzysztof Kozlowski Date: Sun Aug 25 16:14:27 2024 +0200 reset: lpc18xx: simplify with dev_err_probe() Use dev_err_probe() to avoid dmesg flood on actual defer. This makes the code also simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Damien Le Moal Acked-by: Vladimir Zapolskiy Reviewed-by: Vladimir Zapolskiy Link: https://lore.kernel.org/r/20240825-reset-cleanup-scoped-v1-4-03f6d834f8c0@linaro.org Signed-off-by: Philipp Zabel commit 3ec21e7fa854b0b9dfefacd185c486e580479bb9 Author: Krzysztof Kozlowski Date: Sun Aug 25 16:14:26 2024 +0200 reset: simplify locking with guard() Simplify error handling (less gotos) over locks with guard(). Signed-off-by: Krzysztof Kozlowski Reviewed-by: Philipp Zabel Link: https://lore.kernel.org/r/20240825-reset-cleanup-scoped-v1-3-03f6d834f8c0@linaro.org Signed-off-by: Philipp Zabel commit b14e40f5dc7cd0dd7e958010e6ca9ad32ff2ddad Author: Krzysztof Kozlowski Date: Sun Aug 25 16:14:25 2024 +0200 reset: k210: fix OF node leak in probe() error path Driver is leaking OF node reference on memory allocation failure. Acquire the OF node reference after memory allocation to fix this and keep it simple. Fixes: 5a2308da9f60 ("riscv: Add Canaan Kendryte K210 reset controller") Signed-off-by: Krzysztof Kozlowski Reviewed-by: Damien Le Moal Link: https://lore.kernel.org/r/20240825-reset-cleanup-scoped-v1-2-03f6d834f8c0@linaro.org Signed-off-by: Philipp Zabel commit 5f58a88cc91075be38cec69b7cb70aaa4ba69e8b Author: Krzysztof Kozlowski Date: Sun Aug 25 16:14:24 2024 +0200 reset: berlin: fix OF node leak in probe() error path Driver is leaking OF node reference on memory allocation failure. Acquire the OF node reference after memory allocation to fix this and keep it simple. Fixes: aed6f3cadc86 ("reset: berlin: convert to a platform driver") Signed-off-by: Krzysztof Kozlowski Reviewed-by: Damien Le Moal Link: https://lore.kernel.org/r/20240825-reset-cleanup-scoped-v1-1-03f6d834f8c0@linaro.org Signed-off-by: Philipp Zabel commit 9a2f5cbf8f832f1b60c4d4a88f06632d962402cd Merge: 3a059ee6553bac e1aaecacfa135c Author: Arnd Bergmann Date: Mon Sep 2 09:47:47 2024 +0000 Merge tag 'v6.12-rockchip-drivers-1' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip into soc/drivers rk3308 io-domains, and some default settings for bits in the general register files for rk3128 and the new rk3576 soc. * tag 'v6.12-rockchip-drivers-1' of https://git.kernel.org/pub/scm/linux/kernel/git/mmind/linux-rockchip: soc: rockchip: grf: Add rk3576 default GRF values dt-bindings: soc: rockchip: Add rk3576 syscon compatibles soc: rockchip: grf: Set RK3128's vpu main clock soc: rockchip: io-domain: Add RK3308 IO voltage domains dt-bindings: power: rockchip: Document RK3308 IO voltage domains Link: https://lore.kernel.org/r/23316481.ssLaC8jLEa@diego Signed-off-by: Arnd Bergmann commit 8c045ca534d03bab1ce4b4de49d29a36276a1e35 Author: Andy Shevchenko Date: Wed Aug 28 17:23:58 2024 +0300 gpiolib: legacy: Kill GPIOF_DIR_* definitions Besides the fact that (old) drivers use wrong definitions, e.g., GPIOF_DIR_IN instead of GPIOF_IN, shrink the legacy definitions by killing those GPIOF_DIR_* completely. Signed-off-by: Andy Shevchenko Reviewed-by: Linus Walleij Acked-by: Alexander Sverdlin Reviewed-by: Alexander Sverdlin Link: https://lore.kernel.org/r/20240828142554.2424189-3-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit 4b2b0a2ce8153d65d0829e45e73bf6acdc291344 Author: Andy Shevchenko Date: Wed Aug 28 17:23:57 2024 +0300 gpiolib: legacy: Kill GPIOF_INIT_* definitions Besides the fact that (old) drivers use wrong definitions, e.g., GPIOF_INIT_HIGH instead of GPIOF_OUT_INIT_HIGH, shrink the legacy definitions by killing those GPIOF_INIT_* completely. Signed-off-by: Andy Shevchenko Reviewed-by: Linus Walleij Acked-by: Alexander Sverdlin Reviewed-by: Alexander Sverdlin Link: https://lore.kernel.org/r/20240828142554.2424189-2-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit 3a059ee6553bacd7b541f15b164fd456d51234a0 Merge: 8f99d776b94081 ff390189b7f2cf Author: Arnd Bergmann Date: Mon Sep 2 09:45:17 2024 +0000 Merge tag 'memory-controller-drv-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux-mem-ctrl into soc/drivers Memory controller drivers for v6.12 1. Tegra210 EMC: Driver refactoring and rework. 2. Tegra186 EMC: Drop unused function. 3. FSL WEIM: Correct fsl,weim-cs-timing property to properly validate it as an array. 4. TI AEMIF: Drop platform data support. 5. TI EMIF: Switch to of_property_read_bool(). 6. Several cleanups in multiple drivers: TI AEMIF and EMIF, Tegra EMC/MC, Atmel EBI, Samsung Exynos5422 DMC, STM32 FMC2 EBI, OMAP GPMC, PL172 and PL1353 SMC. These are mostly code simplifying around probe() like using - devm_clk_get_enabled(), - dev_err_probe(), - scoped device node handling (cleanup.h), - scoped for each OF child loops, - scoped/guard locks. * tag 'memory-controller-drv-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux-mem-ctrl: (35 commits) memory: mtk-smi: Use devm_clk_get_enabled() memory: pl353-smc: simplify with devm_clk_get_enabled() memory: pl353-smc: simplify with dev_err_probe() memory: pl172: simplify with devm_clk_get_enabled() memory: pl172: simplify with dev_err_probe() memory: omap-gpmc: simplify locking with guard() memory: emif: simplify locking with guard() memory: emif: drop unused 'irq_state' member memory: ti-aemif: Revert "memory: ti-aemif: don't needlessly iterate over child nodes" memory: ti-aemif: simplify with scoped for each OF child loop memory: ti-aemif: simplify with dev_err_probe() memory: tegra30-emc: simplify with scoped for each OF child loop memory: tegra20-emc: simplify with scoped for each OF child loop memory: tegra124-emc: simplify with scoped for each OF child loop memory: tegra-mc: simplify with scoped for each OF child loop memory: stm32-fmc2-ebi: simplify with dev_err_probe() memory: stm32-fmc2-ebi: simplify with scoped for each OF child loop memory: samsung: exynos5422-dmc: use scoped device node handling to simplify error paths memory: samsung: exynos5422-dmc: simplify dmc->dev usage memory: atmel-ebi: simplify with scoped for each OF child loop ... Link: https://lore.kernel.org/r/20240827122926.30794-1-krzysztof.kozlowski@linaro.org Signed-off-by: Arnd Bergmann commit 1882e769362b8e4ef68fd30a05295f5eedf5c54a Author: Shen Lichuan Date: Thu Aug 29 21:10:51 2024 +0800 gpio: stmpe: Simplify with dev_err_probe() Use dev_err_probe() to simplify the error path and unify a message template. Using this helper is totally fine even if err is known to never be -EPROBE_DEFER. The benefit compared to a normal dev_err() is the standardized format of the error code, it being emitted symbolically and the fact that the error code is returned which allows more compact error paths. Signed-off-by: Shen Lichuan Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240829131051.43200-1-shenlichuan@vivo.com Signed-off-by: Bartosz Golaszewski commit 8f99d776b940817357c63f6fd155576e8665f258 Merge: a79f256fc99d6d 259f5082721f1d Author: Arnd Bergmann Date: Mon Sep 2 09:44:21 2024 +0000 Merge tag 'samsung-drivers-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux into soc/drivers Samsung SoC drivers for v6.12 1. Improve Samsung USI (Universal Serial Interface) DT binding, 2. Cleanup old Samsung MFC TXT binding. * tag 'samsung-drivers-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/krzk/linux: dt-bindings: media: s5p-mfc: Remove s5p-mfc.txt binding dt-bindings: samsung: exynos-usi: add missing constraints Link: https://lore.kernel.org/r/20240827121638.29707-1-krzysztof.kozlowski@linaro.org Signed-off-by: Arnd Bergmann commit a79f256fc99d6d7aa4a8c738c28cc876e5ef1435 Author: Marek Behún Date: Sat Aug 31 11:20:50 2024 +0200 firmware: turris-mox-rwtm: Deduplicate command execution code Deduplicate rWTM command execution calls mbox_send_message() wait_for_completion() mox_get_status() to one function mox_rwtm_exec() Signed-off-by: Marek Behún Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-17-kabel@kernel.org Signed-off-by: Arnd Bergmann commit 82944f65a0a59a44c397e3e22d592afdfb9b3074 Author: Marek Behún Date: Sat Aug 31 11:20:49 2024 +0200 firmware: turris-mox-rwtm: Use ALIGN() instead of hardcoding Use ALIGN(max, 4) instead of hardcoding ((max + 3) & ~3). Signed-off-by: Marek Behún Link: https://lore.kernel.org/r/20240831092050.23093-16-kabel@kernel.org Signed-off-by: Arnd Bergmann commit 8a4853a65b88240dc778b5d4360a2921ec6b22c8 Author: Marek Behún Date: Sat Aug 31 11:20:48 2024 +0200 firmware: turris-mox-rwtm: Use EOPNOTSUPP instead of ENOSYS Checkpatch warns agains -ENOSYS: WARNING: ENOSYS means 'invalid syscall nr' and nothing else Use EOPNOTSUPP instead. Signed-off-by: Marek Behún Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-15-kabel@kernel.org Signed-off-by: Arnd Bergmann commit 21733f5902bee79357dad9994865df5229b538a3 Author: Marek Behún Date: Sat Aug 31 11:20:47 2024 +0200 firmware: turris-mox-rwtm: Use container_of() instead of hwrng .priv member Use container_of() to get driver private structure from hwnrg structure, instead of the hwrng's .priv member, as suggested by Herbert for another driver. Link: https://lore.kernel.org/soc/ZmLhQBdmg613KdET@gondor.apana.org.au/ Signed-off-by: Marek Behún Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-14-kabel@kernel.org Signed-off-by: Arnd Bergmann commit db955e0847484c64c6e749659527b5f45b2b5749 Author: Marek Behún Date: Sat Aug 31 11:20:46 2024 +0200 firmware: turris-mox-rwtm: Use devm_mutex_init() instead of mutex_init() Use devm_mutex_init() instead of mutex_init(), to properly call mutex_destroy() on probe failure / driver unbind. Signed-off-by: Marek Behún Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-13-kabel@kernel.org Signed-off-by: Arnd Bergmann commit ed09d6d4f5938626823af3d2a04ff3a395bd348a Author: Marek Behún Date: Sat Aug 31 11:20:45 2024 +0200 firmware: turris-mox-rwtm: Drop redundant device pointer Drop redundant device pointer from driver's private structure. Signed-off-by: Marek Behún Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-12-kabel@kernel.org Signed-off-by: Arnd Bergmann commit 869b1fc0435699aec568101c1b4279d5bc03bf3c Author: Marek Behún Date: Sat Aug 31 11:20:44 2024 +0200 firmware: turris-mox-rwtm: Use dev_err_probe() where possible Use dev_err_probe() where possible in the driver's .probe() method. Signed-off-by: Marek Behún Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-11-kabel@kernel.org Signed-off-by: Arnd Bergmann commit fbd48bd8cf0c4063465e2713bfaedfa71709a116 Author: Marek Behún Date: Sat Aug 31 11:20:43 2024 +0200 firmware: turris-mox-rwtm: Convert rest to devm_* and get rid of driver .remove() Use devm resource management for driver's mailbox. This allows us to get rid of the driver's .remove() method and the gotos in .probe(). Signed-off-by: Marek Behún Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-10-kabel@kernel.org Signed-off-by: Arnd Bergmann commit 1b649ec180d41dbcdcd6d38a49cbab885661514b Author: Marek Behún Date: Sat Aug 31 11:20:42 2024 +0200 firmware: turris-mox-rwtm: Simplify debugfs code Simplify debugfs code: do not check for errors, as debugfs errors should be ignored, and use devm action for dropping the debugfs directory. Signed-off-by: Marek Behún Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-9-kabel@kernel.org Signed-off-by: Arnd Bergmann commit 579e05ee1bfbc76bd270074916882471e88c7af3 Author: Marek Behún Date: Sat Aug 31 11:20:41 2024 +0200 firmware: turris-mox-rwtm: Don't create own kobject type In order to create attribute files in /sys/firmware/turris-mox-rwtm, this driver creates it's own kobject type. Simplify this by dropping this own kobject creation, and instead creating standard device attribute files. For backwards compatibility with sysfs ABI, create a symlink /sys/firmware/turris-mox-rwtm, pointing to this device's sysfs directory. Signed-off-by: Marek Behún Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-8-kabel@kernel.org Signed-off-by: Arnd Bergmann commit 97a9c5b3e0a4791cd4aa9d9ebbbfb2c0e83e2ff0 Author: Marek Behún Date: Sat Aug 31 11:20:40 2024 +0200 firmware: turris-mox-rwtm: Use sysfs_emit() instead of sprintf() Use sysfs_emit() instead of sprintf() in sysfs attribute .show() method. Signed-off-by: Marek Behún Link: https://lore.kernel.org/r/20240831092050.23093-7-kabel@kernel.org Signed-off-by: Arnd Bergmann commit 671d5f68698b5e516c23048e5bfd4bcd9d90cc78 Author: Marek Behún Date: Sat Aug 31 11:20:39 2024 +0200 firmware: turris-mox-rwtm: Fix driver includes Drop including of.h, include several other headers that are used but not included directly. Signed-off-by: Marek Behún Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-6-kabel@kernel.org Signed-off-by: Arnd Bergmann commit 99ed7980b5b03ad70d8965f300e1b9b8a21e0295 Author: Marek Behún Date: Sat Aug 31 11:20:38 2024 +0200 firmware: turris-mox-rwtm: Hide signature related constants behind macros Hide signature generation related constants behind macros instead of hardcoding the values. Use SHA512_DIGEST_SIZE from crypto/sha2.h instead of hardcoded 64 as the message size. Signed-off-by: Marek Behún Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-5-kabel@kernel.org Signed-off-by: Arnd Bergmann commit b787a6b89284949f3204fdc737b7e867f067720b Author: Marek Behún Date: Sat Aug 31 11:20:37 2024 +0200 firmware: turris-mox-rwtm: Use the boolean type where appropriate Use the boolean type for has_board_info, has_pubkey and last_sig_done members of the driver's private structure. Signed-off-by: Marek Behún Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-4-kabel@kernel.org Signed-off-by: Arnd Bergmann commit c3358e1017411fae7d379fbb88f8265b11e9597d Author: Marek Behún Date: Sat Aug 31 11:20:36 2024 +0200 firmware: turris-mox-rwtm: Use ETH_ALEN instead of hardcoded 6 Use the ETH_ALEN macro instead of hardcoded 6 for MAC address length. Signed-off-by: Marek Behún Reviewed-by: Ilpo Järvinen Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-3-kabel@kernel.org Signed-off-by: Arnd Bergmann commit 29d258542f900a55791ec2ca8b15e4f9da083a14 Author: Marek Behún Date: Sat Aug 31 11:20:35 2024 +0200 firmware: turris-mox-rwtm: Use macro constant instead of hardcoded 4096 The 4096 bytes limit in mox_hwrng_read() is due to the DMA buffer being allocated to one PAGE_SIZE bytes. Use new local macro constant RWTM_DMA_BUFFER_SIZE at allocation time and when used in mox_hwrng_read(). Use SZ_4K instead of PAGE_SIZE. Although PAGE_SIZE is never set to a larger value on Armada 3720, it theoretically could, and this would be a waste of space. Signed-off-by: Marek Behún Reviewed-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240831092050.23093-2-kabel@kernel.org Signed-off-by: Arnd Bergmann commit 35c9f09b5691d6dff1f3e62fe1825fa10b644b45 Author: Hongbo Li Date: Sat Aug 31 17:48:01 2024 +0800 dm integrity: Remove extra unlikely helper In IS_ERR, the unlikely is used for the input parameter, so these is no need to use it again outside. Signed-off-by: Hongbo Li Signed-off-by: Kunwu Chan Signed-off-by: Mikulas Patocka commit 00565cff01262c888512bffe9d41e4831a6f2cc7 Author: Yuesong Li Date: Fri Aug 30 11:16:42 2024 +0800 dm: Convert to use ERR_CAST() Use ERR_CAST() as it is designed for casting an error pointer to another type. This macro utilizes the __force and __must_check modifiers, which instruct the compiler to verify for errors at the locations where it is employed. Signed-off-by: Yuesong Li Signed-off-by: Mikulas Patocka commit dc116b7fddbdad000b6f2a8ca41d1fe5371b403c Author: Kalesh AP Date: Sun Sep 1 22:52:31 2024 -0700 RDMA/bnxt_re: Add support for MR Relaxed Ordering Some of the adapters support Relaxed Ordering for the MRs. Driver queries support for Memory region relax ordering support from firmware and set relax ordering bit in REGISTER_MR request, if the users request for the support. Also, this is supported only if the PCIe device has enabled relaxed ordering attribute. Reviewed-by: Chandramohan Akula Reviewed-by: Selvin Xavier Reviewed-by: Vijay Kumar Mandadapu Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Link: https://patch.msgid.link/1725256351-12751-5-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Leon Romanovsky commit f786eebbbefa0c080d45533c5e0f66d500268961 Author: Kalesh AP Date: Sun Sep 1 22:52:30 2024 -0700 RDMA/bnxt_re: Avoid an extra hwrm per MR creation Firmware now have a new mr registration command where both MR allocation and registration can be done in a single hwrm command. Driver has to issue this new hwrm command whenever the support flag is set. This reduces the number of hwrm issued per MR creation and speed up the MR creation. Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Link: https://patch.msgid.link/1725256351-12751-4-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Leon Romanovsky commit b98d96971908b71be394c43d87d037b5fb4e6d8a Author: Kalesh AP Date: Sun Sep 1 22:52:29 2024 -0700 RDMA/bnxt_re: Rename a variable Renaming flags to access_flags for clarity. Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Link: https://patch.msgid.link/1725256351-12751-3-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Leon Romanovsky commit 543b455c6e9cf08b9a96a06a4680a1ffcb299701 Author: Kalesh AP Date: Sun Sep 1 22:52:28 2024 -0700 RDMA/bnxt_re: Update HW interface headers Updating the HW structures for the pcie relax ordering support. Newly added interface structures will be used in the followup patch. Signed-off-by: Kalesh AP Signed-off-by: Selvin Xavier Link: https://patch.msgid.link/1725256351-12751-2-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Leon Romanovsky commit 6bbc0fa234a2ec144a469bd35d8f68e21e69af5a Author: Krzysztof Kozlowski Date: Sun Aug 18 19:28:19 2024 +0200 dt-bindings: reset: socionext,uniphier-glue-reset: add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clock-names and reset-names. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Kunihiko Hayashi Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240818172819.121697-1-krzysztof.kozlowski@linaro.org Signed-off-by: Philipp Zabel commit 686bba2a17f43ddc68596a88850e6407c4829d67 Author: Lad Prabhakar Date: Wed Aug 28 13:41:34 2024 +0100 arm64: dts: renesas: r9a09g057h44-rzv2h-evk: Enable watchdog Enable WDT1 watchdog on RZ/V2H EVK platform. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240828124134.188864-10-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 5f0dad980205e497434671a24255a29609646b85 Author: Lad Prabhakar Date: Wed Aug 28 13:41:33 2024 +0100 arm64: dts: renesas: r9a09g057h44-rzv2h-evk: Enable OSTM, I2C, and SDHI Enable OSTM0-OSTM7, RIIC{0,1,2,3,6,7,8}, and SDHI1 (available on the SD2 connector) on the RZ/V2H EVK platform. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240828124134.188864-9-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 095105496e7dde554aa3dc01189779759d976c2d Author: Lad Prabhakar Date: Wed Aug 28 13:41:32 2024 +0100 arm64: dts: renesas: r9a09g057: Add WDT0-WDT3 nodes Add WDT0-WDT3 nodes to RZ/V2H(P) ("R9A09G057") SoC DTSI. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240828124134.188864-8-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 2cc5322acdb4b170cfc8ba8775198e1b8915dc82 Author: Lad Prabhakar Date: Wed Aug 28 13:41:31 2024 +0100 arm64: dts: renesas: r9a09g057: Add SDHI0-SDHI2 nodes Add SDHI0-SDHI2 nodes to RZ/V2H(P) ("R9A09G057") SoC DTSI. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240828124134.188864-7-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 04c80e7bed79024b7753dd071ecf90147e9dd10d Author: Lad Prabhakar Date: Wed Aug 28 13:41:30 2024 +0100 arm64: dts: renesas: r9a09g057: Add RIIC0-RIIC8 nodes Add RIIC0-RIIC8 nodes to RZ/V2H(P) ("R9A09G057") SoC DTSI. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240828124134.188864-6-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit e3dc593ef3a854c8a0817b456269a806a9688277 Author: Lad Prabhakar Date: Wed Aug 28 13:41:29 2024 +0100 arm64: dts: renesas: r9a09g057: Add OSTM0-OSTM7 nodes Add OSTM0-OSTM7 nodes to RZ/V2H(P) ("R9A09G057") SoC DTSI. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240828124134.188864-5-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 2fddca72dc9591ea037fe86ad90a30708f4cb496 Author: Lad Prabhakar Date: Wed Aug 28 13:41:28 2024 +0100 arm64: dts: renesas: Add initial DTS for RZ/V2H EVK board Add initial DTS for RZ/V2H EVK board (based on R9A09G057H44), adding the below support: - Memory - Clock inputs - PINCTRL - SCIF Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240828124134.188864-4-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 740cf2a2d6868a63a12e89c8dd92333b39fd1c7d Author: Lad Prabhakar Date: Wed Aug 28 13:41:27 2024 +0100 arm64: dts: renesas: Add initial SoC DTSI for RZ/V2H(P) SoC Add initial SoC DTSI for Renesas RZ/V2H(P) ("R9A09G057") SoC, below are the list of blocks added: - EXT CLKs - 4X CA55 - SCIF - PFC - CPG - SYS - GIC - ARMv8 Timer Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240828124134.188864-3-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit bbdee962b2c11d233c3d190935b134dac2ae8f41 Merge: cc49fcd0bc2db2 15bba65c1927ec Author: Geert Uytterhoeven Date: Mon Sep 2 11:23:32 2024 +0200 Merge tag 'renesas-r9a09g057-dt-binding-defs-tag' into renesas-dts-for-v6.12 Renesas RZ/V2H DT Binding Definitions DT bindings and binding definitions for the Renesas RZ/V2H (R9A09G057) SoC, shared by driver and DT source files. commit 15bba65c1927ec8fde95611f316146d0743f16d5 Author: Lad Prabhakar Date: Wed Aug 28 13:41:26 2024 +0100 dt-bindings: soc: renesas: Document RZ/V2H EVK board Add "renesas,rzv2h-evk" which targets the Renesas RZ/V2H ("R9A09G057") EVK board. Signed-off-by: Lad Prabhakar Acked-by: Rob Herring (Arm) Acked-by: Krzysztof Kozlowski Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240828124134.188864-2-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit afec1aba08607b18cfd00fdcd6525aeca0e187bf Author: Lad Prabhakar Date: Mon Jul 29 21:26:43 2024 +0100 dt-bindings: clock: renesas: Document RZ/V2H(P) SoC CPG Document the device tree bindings for the Renesas RZ/V2H(P) SoC Clock Pulse Generator (CPG). CPG block handles the below operations: - Generation and control of clock signals for the IP modules - Generation and control of resets - Control over booting - Low power consumption and power supply domains Also define constants for the core clocks of the RZ/V2H(P) SoC. Note the core clocks are a subset of the ones which are listed as part of section 4.4.2 of HW manual Rev.1.01 which cannot be controlled by CLKON register. Signed-off-by: Lad Prabhakar Reviewed-by: Krzysztof Kozlowski Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240729202645.263525-2-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 0f389adb4b80eef29920db2e2c99392aa5d06811 Author: R Sundar Date: Mon Sep 2 07:35:55 2024 +0530 mm: Removed @freeptr_offset to prevent doc warning Removed @freeptr_offset to fix below doc warning. ./mm/slab_common.c:385: warning: Excess function parameter 'freeptr_offset' description in 'kmem_cache_create_usercopy' Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408292249.5oUpnCbS-lkp@intel.com/ Signed-off-by: R Sundar Link: https://lore.kernel.org/r/20240902020555.11506-1-prosunofficial@gmail.com Signed-off-by: Christian Brauner commit 559d4c6a9d3b60f239493239070eb304edaea594 Author: Thomas Weißschuh Date: Mon Aug 5 11:39:35 2024 +0200 sysctl: avoid spurious permanent empty tables The test if a table is a permanently empty one, inspects the address of the registered ctl_table argument. However as sysctl_mount_point is an empty array and does not occupy and space it can end up sharing an address with another object in memory. If that other object itself is a "struct ctl_table" then registering that table will fail as it's incorrectly recognized as permanently empty. Avoid this issue by adding a dummy element to the array so that is not empty anymore. Explicitly register the table with zero elements as otherwise the dummy element would be recognized as a sentinel element which would lead to a runtime warning from the sysctl core. While the issue seems not being encountered at this time, this seems mostly to be due to luck. Also a future change, constifying sysctl_mount_point and root_table, can reliably trigger this issue on clang 18. Given that empty arrays are non-standard in the first place it seems prudent to avoid them if possible. Fixes: 4a7b29f65094 ("sysctl: move sysctl type to ctl_table_header") Fixes: a35dd3a786f5 ("sysctl: drop now unnecessary out-of-bounds check") Cc: stable@vger.kernel.org Signed-off-by: Thomas Weißschuh Closes: https://lore.kernel.org/oe-lkp/202408051453.f638857e-lkp@intel.com Signed-off-by: Joel Granados commit 9b5d25117985e51faf61a808c4b3e15432d55f85 Author: Neil Armstrong Date: Wed Aug 28 15:53:56 2024 +0200 arm64: dts: amlogic: add clock and clock-names to sound cards Add the missing clocks in the sound card nodes according to the AXG and GX sound card bindings changes. It solves the following errors: sound: Unevaluated properties are not allowed ('assigned-clock-parents', 'assigned-clock-rates', 'assigned-clocks' were unexpected) from schema $id: http://devicetree.org/schemas/sound/amlogic,axg-sound-card.yaml# sound: Unevaluated properties are not allowed ('assigned-clock-parents', 'assigned-clock-rates', 'assigned-clocks' were unexpected) from schema $id: http://devicetree.org/schemas/sound/amlogic,gx-sound-card.yaml# sound: 'anyOf' conditional failed, one must be fixed: 'clocks' is a required property '#clock-cells' is a required property from schema $id: http://devicetree.org/schemas/clock/clock.yaml# Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240828-topic-amlogic-upstream-bindings-fixes-audio-snd-card-v2-3-58159abf0779@linaro.org Signed-off-by: Neil Armstrong commit ca55a30d27cb37c07f58e5c3448f4d19edb1829c Author: Xianwei Zhao Date: Mon Sep 2 13:29:39 2024 +0800 arm64: dts: amlogic: c3: fix dtbcheck warning Fix warning when use W=1 to build dtb, as following error: arch/arm64/boot/dts/amlogic/amlogic-c3.dtsi:65.7-76.4: Warning (unit_address_vs_reg): /sram: node has a reg or ranges property, but no unit name arch/arm64/boot/dts/amlogic/amlogic-c3.dtsi:168.34-413.6: Warning (unit_address_vs_reg): /soc/bus@fe000000/pinctrl@4000: node has a unit name, but no reg or ranges property arch/arm64/boot/dts/amlogic/amlogic-c3.dtsi:168.34-413.6: Warning (simple_bus_reg): /soc/bus@fe000000/pinctrl@4000: missing or empty reg/ranges property arch/arm64/boot/dts/amlogic/amlogic-c3-c302x-aw409.dts:205.9-245.4: Warning (avoid_unnecessary_addr_size): /soc/bus@fe000000/spi@56000 /nand@0: unnecessary #address-cells/#size-cells without "ranges", "dma-ranges" or child "reg" property Fixes: d4bd8f3023b6 ("arm64: dts: amlogic: add C3 AW419 board") Fixes: 520b792e8317 ("arm64: dts: amlogic: add some device nodes for C3") Reported-by: kernel test robot Closes: https://lore.kernel.org/r/202409010005.A7tSzgEn-lkp@intel.com/ Signed-off-by: Xianwei Zhao Link: https://lore.kernel.org/r/20240902-fix_warning-v1-1-037029c584fc@amlogic.com Signed-off-by: Neil Armstrong commit b042baa52b74181ad12a655f2ab1331ce7a1ebf7 Author: Yan Zhen Date: Thu Aug 29 12:48:35 2024 +0800 pinctrl: madera: Simplify with dev_err_probe() Switch to use dev_err_probe() to simplify the error path and unify a message template. Using this helper is totally fine even if err is known to never be -EPROBE_DEFER. The benefit compared to a normal dev_err() is the standardized format of the error code, it being emitted symbolically and the fact that the error code is returned which allows more compact error paths. Signed-off-by: Yan Zhen Reviewed-by: Charles Keepax Link: https://lore.kernel.org/20240829044835.2047794-1-yanzhen@vivo.com Signed-off-by: Linus Walleij commit e0bee4bcdc3238ebcae6e5960544b9e3d0a62abf Author: Keguang Zhang Date: Sat Aug 31 17:41:09 2024 +0800 dmaengine: loongson1-apb-dma: Fix the build warning caused by the size of pdev_irqname drivers/dma/loongson1-apb-dma.c: In function 'ls1x_dma_probe': drivers/dma/loongson1-apb-dma.c:531:42: warning: '%d' directive writing between 1 and 8 bytes into a region of size 2 [-Wformat-overflow=] 531 | sprintf(pdev_irqname, "ch%d", id); | ^~ In function 'ls1x_dma_chan_probe', inlined from 'ls1x_dma_probe' at drivers/dma/loongson1-apb-dma.c:605:8: drivers/dma/loongson1-apb-dma.c:531:39: note: directive argument in the range [0, 19522579] 531 | sprintf(pdev_irqname, "ch%d", id); | ^~~~~~ drivers/dma/loongson1-apb-dma.c:531:17: note: 'sprintf' output between 4 and 11 bytes into a destination of size 4 531 | sprintf(pdev_irqname, "ch%d", id); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Fix the array size and use snprintf() instead of sprintf(). Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408302108.xIR18jmD-lkp@intel.com/ Signed-off-by: Keguang Zhang Link: https://lore.kernel.org/r/20240831-fix-loongson1-dma-v1-1-91376d87695c@gmail.com Signed-off-by: Vinod Koul commit 91bb8d0bf2fe69d0116d8f31c5c36b57ef3d8e20 Author: Wang Jianzheng Date: Thu Aug 29 14:49:38 2024 +0800 pinctrl: k210: Use devm_clk_get_enabled() helpers The devm_clk_get_enabled() helpers: - call devm_clk_get() - call clk_prepare_enable() and register what is needed in order to call clk_disable_unprepare() when needed, as a managed resource. This simplifies the code and avoids the calls to clk_disable_unprepare(). Signed-off-by: Wang Jianzheng Reviewed-by: Damien Le Moal Link: https://lore.kernel.org/20240829064938.20114-1-wangjianzheng@vivo.com Signed-off-by: Linus Walleij commit a688efea0f2a084aee372e5b7b12d4d2d172f99a Author: Amit Vadhavana Date: Sat Aug 31 22:59:49 2024 +0530 dmaengine: Fix spelling mistakes Correct spelling mistakes in the DMA engine to improve readability and clarity without altering functionality. Signed-off-by: Amit Vadhavana Reviewed-by: Kees Cook Reviewed-by: Dave Jiang Reviewed-by: Fenghua Yu Link: https://lore.kernel.org/r/20240831172949.13189-1-av2082000@gmail.com Signed-off-by: Vinod Koul commit 40a024b81d1cbad6bc8cd960481f025b43712b01 Author: Takashi Iwai Date: Mon Sep 2 09:52:27 2024 +0200 ALSA: core: Drop superfluous no_free_ptr() for memdup_user() errors We used to wrap with no_free_ptr() for the return value from memdup_user() with errors where the auto cleanup is applied. This was a workaround because the initial implementation of kfree auto-cleanup checked only NULL pointers. Since recently, though, the kfree auto-cleanup checks with IS_ERR_OR_NULL() (by the commit cd7eb8f83fcf ("mm/slab: make __free(kfree) accept error pointers")), hence those workarounds became superfluous. Let's drop them now. Link: https://patch.msgid.link/20240902075246.3743-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 15a62b81175885b5adfcaf49870466e3603f06c7 Author: Krzysztof Kozlowski Date: Mon Aug 26 07:49:34 2024 +0200 bus: integrator-lm: fix OF node leak in probe() Driver code is leaking OF node reference from of_find_matching_node() in probe(). Fixes: ccea5e8a5918 ("bus: Add driver for Integrator/AP logic modules") Cc: stable@vger.kernel.org Signed-off-by: Krzysztof Kozlowski Acked-by: Liviu Dudau Link: https://lore.kernel.org/20240826054934.10724-2-krzysztof.kozlowski@linaro.org Signed-off-by: Linus Walleij commit f2642d97f2105ed17b2ece0c597450f2ff95d704 Author: Krzysztof Kozlowski Date: Mon Aug 26 07:49:33 2024 +0200 ARM: versatile: fix OF node leak in CPUs prepare Machine code is leaking OF node reference from of_find_matching_node() in realview_smp_prepare_cpus(). Fixes: 5420b4b15617 ("ARM: realview: add an DT SMP boot method") Signed-off-by: Krzysztof Kozlowski Acked-by: Liviu Dudau Link: https://lore.kernel.org/20240826054934.10724-1-krzysztof.kozlowski@linaro.org Signed-off-by: Linus Walleij commit f48bd50a1c8d7d733b83a8fbabb3041e0d505fc7 Author: Jinjie Ruan Date: Mon Sep 2 15:16:22 2024 +0800 ALSA: core: timer: Use NSEC_PER_SEC macro 1000000000L is number of ns per second, use NSEC_PER_SEC macro to replace it to make it more readable Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240902071622.3519787-1-ruanjinjie@huawei.com Signed-off-by: Takashi Iwai commit 3606f92de365c0189c13e25a94654257751732ef Author: Takashi Iwai Date: Mon Sep 2 08:22:16 2024 +0200 ALSA: pcm: Fix yet more compile warning at replacement with kstrtoul() The previous fix brought yet another compile warning at pr_debug() call with the changed size. Reported-by: Stephen Rothwell Closes: https://lore.kernel.org/20240902132904.5ee173f3@canb.auug.org.au Fixes: 43b42ed438bf ("ALSA: pcm: Fix the previous conversion to kstrtoul()") Tested-by: Stephen Rothwell Link: https://patch.msgid.link/20240902062217.9777-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 3aeccbe08171b79f82fb802393a6324c7b732669 Author: Lad Prabhakar Date: Wed Aug 28 10:38:22 2024 +0100 clk: renesas: r9a09g057: Add clock and reset entries for GTM/RIIC/SDHI/WDT Add clock and reset entries for Generic Timer (GTM), I2C Bus Interface (RIIC), SD/MMC Host Interface (SDHI) and Watchdog Timer (WDT) IP blocks. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240828093822.162855-3-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit bc4d25fdfadfa80dc3ba690792b5220d50ea7b52 Author: Lad Prabhakar Date: Wed Aug 28 10:38:21 2024 +0100 clk: renesas: rzv2h: Add support for dynamic switching divider clocks Add support for dynamic switching divider clocks. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240828093822.162855-2-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit f0fe60cae63573c801246204414e70035770bdc6 Author: Claudiu Beznea Date: Thu Aug 22 18:27:46 2024 +0300 clk: renesas: r9a08g045: Add clocks, resets and power domains for USB Add clocks, resets and power domains for USB modules available on the Renesas RZ/G3S SoC. Signed-off-by: Claudiu Beznea Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240822152801.602318-2-claudiu.beznea.uj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 090e6fea5f5ed26643559c5f871bd1f6e748e4d0 Author: Geert Uytterhoeven Date: Thu Aug 29 15:30:07 2024 +0200 pinctrl: Join split messages and remove double whitespace Splitting error messages across multiple lines makes it harder to find them in the kernel sources. Fix this by joining the messages. Remove double whitespace (end of first line + begin of second line). Fixes: 1c8e794432c2ee75 ("pinctrl: improve warning messages") Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/c8e3feeedbf42a130936a5afaea0f129bcda51f6.1724938156.git.geert+renesas@glider.be Signed-off-by: Linus Walleij commit 1325820dd085809645bdd89a2fd408a05b4a5492 Author: Lad Prabhakar Date: Thu Aug 29 20:48:40 2024 +0100 pinctrl: renesas: rzg2l: Move pinconf_to_config_argument() call outside of switch cases Refactor the `rzg2l_pinctrl_pinconf_set()` function by moving the call to `arg = pinconf_to_config_argument(_configs[i])` to the beginning of the loop. Previously, this call was redundantly made in most cases within the switch statement. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240829194841.84398-3-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit befcded23454825ca2cc4c24626b68c75fcb1528 Author: Lad Prabhakar Date: Thu Aug 29 20:48:39 2024 +0100 pinctrl: renesas: rzg2l: Introduce single macro for digital noise filter configuration Support for enabling the digital noise filter, and support for configuring the noise filter stages (via the FILNUM register) and the sampling interval (via the FILCLKSEL register) are related: a pin supports either all or none of them. Hence simplify declaring digital noise filter support for a pin by using a single feature flag instead of three separate flags. This patch removes the PIN_CFG_FILNUM and PIN_CFG_FILCLKSEL configuration macros and renames PIN_CFG_FILONOFF to PIN_CFG_NF. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240829194841.84398-2-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit dad83b9527030e29cc3148f7274910cf40fe7f1a Author: Andy Shevchenko Date: Fri Aug 23 02:01:04 2024 +0300 pinctrl: renesas: rzg2l: Replace of_node_to_fwnode() with more suitable API of_node_to_fwnode() is a IRQ domain specific implementation of of_fwnode_handle(). Replace the former with more suitable API. Signed-off-by: Andy Shevchenko Tested-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240822230104.707812-1-andy.shevchenko@gmail.com Signed-off-by: Geert Uytterhoeven commit c25478419f6fd3f74c324a21ec007cf14f2688d7 Author: Wang Jianzheng Date: Thu Aug 29 14:48:23 2024 +0800 pinctrl: mvebu: Fix devinit_dove_pinctrl_probe function When an error occurs during the execution of the function __devinit_dove_pinctrl_probe, the clk is not properly disabled. Fix this by calling clk_disable_unprepare before return. Fixes: ba607b6238a1 ("pinctrl: mvebu: make pdma clock on dove mandatory") Signed-off-by: Wang Jianzheng Link: https://lore.kernel.org/20240829064823.19808-1-wangjianzheng@vivo.com Signed-off-by: Linus Walleij commit 7dc92ece32ed87a352e285e3d9f0d392b61443e2 Author: Wang Jianzheng Date: Thu Aug 29 14:47:37 2024 +0800 pinctrl: sunxi: Use devm_clk_get_enabled() helpers sunxi sunxi_pinctrl_init_with_variant get, enable clk and deinit_device disable and unprepare it. This simplifes the code and avoids the calls to clk_disable_unprepare(). Signed-off-by: Wang Jianzheng Link: https://lore.kernel.org/20240829064737.16169-1-wangjianzheng@vivo.com Signed-off-by: Linus Walleij commit 8be4dce5ea6f2368cc25edc71989c4690fa66964 Author: Andy Shevchenko Date: Thu Aug 29 18:58:38 2024 +0300 drm/i915/fence: Mark debug_fence_free() with __maybe_unused When debug_fence_free() is unused (CONFIG_DRM_I915_SW_FENCE_DEBUG_OBJECTS=n), it prevents kernel builds with clang, `make W=1` and CONFIG_WERROR=y: .../i915_sw_fence.c:118:20: error: unused function 'debug_fence_free' [-Werror,-Wunused-function] 118 | static inline void debug_fence_free(struct i915_sw_fence *fence) | ^~~~~~~~~~~~~~~~ Fix this by marking debug_fence_free() with __maybe_unused. See also commit 6863f5643dd7 ("kbuild: allow Clang to find unused static inline functions for W=1 build"). Fixes: fc1584059d6c ("drm/i915: Integrate i915_sw_fence with debugobjects") Signed-off-by: Andy Shevchenko Reviewed-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240829155950.1141978-3-andriy.shevchenko@linux.intel.com Signed-off-by: Jani Nikula commit 5bf472058ffb43baf6a4cdfe1d7f58c4c194c688 Author: Andy Shevchenko Date: Thu Aug 29 18:58:37 2024 +0300 drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused When debug_fence_init_onstack() is unused (CONFIG_DRM_I915_SELFTEST=n), it prevents kernel builds with clang, `make W=1` and CONFIG_WERROR=y: .../i915_sw_fence.c:97:20: error: unused function 'debug_fence_init_onstack' [-Werror,-Wunused-function] 97 | static inline void debug_fence_init_onstack(struct i915_sw_fence *fence) | ^~~~~~~~~~~~~~~~~~~~~~~~ Fix this by marking debug_fence_init_onstack() with __maybe_unused. See also commit 6863f5643dd7 ("kbuild: allow Clang to find unused static inline functions for W=1 build"). Fixes: 214707fc2ce0 ("drm/i915/selftests: Wrap a timer into a i915_sw_fence") Signed-off-by: Andy Shevchenko Reviewed-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240829155950.1141978-2-andriy.shevchenko@linux.intel.com Signed-off-by: Jani Nikula commit c4a315eaf8eff0d3234600e13db7e7c71c0b3405 Author: Bartosz Golaszewski Date: Wed Aug 21 14:14:56 2024 +0200 gpio: ath79: remove support for platform data There are no more board files defining platform data for this driver so remove the header and support from the driver. Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240821121456.19553-4-brgl@bgdev.pl Signed-off-by: Bartosz Golaszewski commit 10a968b21b89c647faa26b1f06ea82aa2eef1f9a Author: Bartosz Golaszewski Date: Wed Aug 21 14:14:55 2024 +0200 gpio: ath79: use generic device property getters Don't use specialized OF accessors if we can avoid it: switch to using the generic device property helpers. Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240821121456.19553-3-brgl@bgdev.pl Signed-off-by: Bartosz Golaszewski commit 4acde50b4d15373b55ff23424526378efa681dc6 Author: Bartosz Golaszewski Date: Wed Aug 21 14:14:54 2024 +0200 gpio: ath79: add missing header Include mod_devicetable.h for struct of_device_id and its helpers. Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240821121456.19553-2-brgl@bgdev.pl Signed-off-by: Bartosz Golaszewski commit 7b4b93e260c684d346998a3dddc5335957b8be78 Author: Bartosz Golaszewski Date: Wed Aug 21 14:14:53 2024 +0200 gpio: ath79: order headers alphabetically Put all headers in alphabetical order. Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240821121456.19553-1-brgl@bgdev.pl Signed-off-by: Bartosz Golaszewski commit 4a3b99bc04e501b816db78f70064e26a01257910 Author: Long Li Date: Fri Aug 30 08:16:33 2024 -0700 RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page When mapping doorbell page from user-mode, the driver should use the system page size as this memory is allocated via mmap() from user-mode. Cc: stable@vger.kernel.org Fixes: 0266a177631d ("RDMA/mana_ib: Add a driver for Microsoft Azure Network Adapter") Signed-off-by: Long Li Link: https://patch.msgid.link/1725030993-16213-2-git-send-email-longli@linuxonhyperv.com Signed-off-by: Leon Romanovsky commit 9e517a8e9d9a303bf9bde35e5c5374795544c152 Author: Long Li Date: Fri Aug 30 08:16:32 2024 -0700 RDMA/mana_ib: use the correct page table index based on hardware page size MANA hardware uses 4k page size. When calculating the page table index, it should use the hardware page size, not the system page size. Cc: stable@vger.kernel.org Fixes: 0266a177631d ("RDMA/mana_ib: Add a driver for Microsoft Azure Network Adapter") Signed-off-by: Long Li Link: https://patch.msgid.link/1725030993-16213-1-git-send-email-longli@linuxonhyperv.com Signed-off-by: Leon Romanovsky commit 181028a0d84cdcc7ac86d05cc49eaa416ce85c8b Author: Chandramohan Akula Date: Thu Aug 29 08:34:05 2024 -0700 RDMA/bnxt_re: Share a page to expose per SRQ info with userspace Gen P7 adapters needs to share a toggle bits information received in kernel driver with the user space. User space needs this info to arm the SRQ. User space application can get this page using the UAPI routines. Library will mmap this page and get the toggle bits to be used in the next ARM Doorbell. Uses a hash list to map the SRQ structure from the SRQ ID. SRQ structure is retrieved from the hash list while the library calls the UAPI routine to get the toggle page mapping. Currently the full page is mapped per SRQ. This can be optimized to enable multiple SRQs from the same application share the same page and different offsets in the page Signed-off-by: Chandramohan Akula Signed-off-by: Selvin Xavier Link: https://patch.msgid.link/1724945645-14989-4-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Leon Romanovsky commit b4207630e0040b2f8d59ee28bb645771db31d37f Author: Chandramohan Akula Date: Thu Aug 29 08:34:04 2024 -0700 RDMA/bnxt_re: Refactor the BNXT_RE_METHOD_GET_TOGGLE_MEM method Refactor the code in this function to have common code. This is used in subsequent patches. Signed-off-by: Chandramohan Akula Signed-off-by: Selvin Xavier Link: https://patch.msgid.link/1724945645-14989-3-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Leon Romanovsky commit 640c2cf84e1de62e6bb0738dc2128d5506e7e5bc Author: Hongguang Gao Date: Thu Aug 29 08:34:03 2024 -0700 RDMA/bnxt_re: Get the toggle bits from SRQ events SRQ arming requires the toggle bits received from hardware. Get the toggle bits from SRQ notification for the gen p7 adapters. This value will be zero for the older adapters. Signed-off-by: Hongguang Gao Signed-off-by: Chandramohan Akula Signed-off-by: Selvin Xavier Link: https://patch.msgid.link/1724945645-14989-2-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Leon Romanovsky commit e012316d83bdf52061317cc361ca07c9580883d9 Author: Shen Lichuan Date: Wed Aug 28 16:27:20 2024 +0800 RDMA/rdmavt: Convert to use ERR_CAST() As opposed to open-code, using the ERR_CAST macro clearly indicates that this is a pointer to an error value and a type conversion was performed. Signed-off-by: Shen Lichuan Link: https://patch.msgid.link/20240828082720.33231-1-shenlichuan@vivo.com Signed-off-by: Leon Romanovsky commit 2657539a27149b22aec6766831fc69ad36548cb1 Author: Colin Ian King Date: Sun Sep 1 17:21:25 2024 +0100 ALSA: ali5451: Remove trailing space after \n newline There is a extraneous space after a newline in a dev_dbg message. Remove it. Signed-off-by: Colin Ian King Link: https://patch.msgid.link/20240901162125.144069-1-colin.i.king@gmail.com Signed-off-by: Takashi Iwai commit 74b0099340e0be96b37f5f8b0b5d02b48bb25a2b Author: Ryusuke Konishi Date: Tue Aug 27 02:41:16 2024 +0900 nilfs2: refactor nilfs_segctor_thread() Simplify nilfs_segctor_thread(), the main loop function of the log writer thread, to make the basic structure easier to understand. In particular, the acquisition and release of the sc_state_lock spinlock was scattered throughout the function, so extract the determination of whether log writing is required into a helper function and make the spinlock lock sections clearer. Link: https://lkml.kernel.org/r/20240826174116.5008-9-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Cc: Huang Xiaojia Signed-off-by: Andrew Morton commit 3f66cc261ccb54a8e4d8d5aa51c389c19453b00c Author: Ryusuke Konishi Date: Tue Aug 27 02:41:15 2024 +0900 nilfs2: use kthread_create and kthread_stop for the log writer thread By using kthread_create() and kthread_stop() to start and stop the log writer thread, eliminate custom thread start and stop helpers, as well as the wait queue "sc_wait_task" on the "nilfs_sc_info" struct and NILFS_SEGCTOR_QUIT flag that exist only to implement them. Also, update the kernel doc comments of the changed functions as appropriate. Link: https://lkml.kernel.org/r/20240826174116.5008-8-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Cc: Huang Xiaojia Signed-off-by: Andrew Morton commit cfdfe9e17c4142cb556f34f25f93f4f85ca494f0 Author: Ryusuke Konishi Date: Tue Aug 27 02:41:14 2024 +0900 nilfs2: remove sc_timer_task After commit f5d4e04634c9 ("nilfs2: fix use-after-free of timer for log writer thread") is applied, nilfs_construct_timeout(), which is called by a timer and wakes up the log writer thread, is never called after the log writer thread has terminated. As a result, the member variable "sc_timer_task" of the "nilfs_sc_info" structure, which was added when timer_setup() was adopted to retain a reference to the log writer thread's task even after it had terminated, is no longer needed, as it should be; we can simply use "sc_task" instead, which holds a reference to the log writer thread's task for its lifetime. So, eliminate "sc_timer_task" by this means. Link: https://lkml.kernel.org/r/20240826174116.5008-7-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Cc: Huang Xiaojia Signed-off-by: Andrew Morton commit 33d23d849610df330ffb02420df705730a79f8e8 Author: Ryusuke Konishi Date: Tue Aug 27 02:41:13 2024 +0900 nilfs2: do not repair reserved inode bitmap in nilfs_new_inode() After commit 93aef9eda1ce ("nilfs2: fix incorrect inode allocation from reserved inodes") is applied, the inode number returned by nilfs_ifile_create_inode() is guaranteed to always be greater than or equal to NILFS_USER_INO, so if the inode number is a reserved inode number (less than NILFS_USER_INO), the code to repair the bitmap immediately following it is no longer executed. So, delete it. Link: https://lkml.kernel.org/r/20240826174116.5008-6-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Cc: Huang Xiaojia Signed-off-by: Andrew Morton commit 9860f434056e6358ac63e7068254aeaf339cf71e Author: Ryusuke Konishi Date: Tue Aug 27 02:41:12 2024 +0900 nilfs2: eliminate the shared counter and spinlock for i_generation Use get_random_u32() as the source for inode->i_generation for new inodes, and eliminate the original source, the shared counter ns_next_generation along with its exclusive access spinlock ns_next_gen_lock. Link: https://lkml.kernel.org/r/20240826174116.5008-5-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Cc: Huang Xiaojia Signed-off-by: Andrew Morton commit d7cee0b342cd90abe5d09976a69d1a22ad0c3441 Author: Ryusuke Konishi Date: Tue Aug 27 02:41:11 2024 +0900 nilfs2: separate inode type information from i_state field In nilfs_iget_locked() and nilfs_ilookup(), which are used to find or obtain nilfs2 inodes, the nilfs_iget_args structure used to identify inodes has type information divided into multiple booleans, making type determination complicated. Simplify inode type determination by consolidating inode type information into an unsigned integer represented by a comibination of flags and by separating the type identification information for on-memory inodes from the i_state member in the nilfs_inode_info structure. Link: https://lkml.kernel.org/r/20240826174116.5008-4-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Cc: Huang Xiaojia Signed-off-by: Andrew Morton commit 21176c0ae4ac9ab5ca7e1b7e6c234dee2a0022f0 Author: Ryusuke Konishi Date: Tue Aug 27 02:41:10 2024 +0900 nilfs2: use the BITS_PER_LONG macro The macros NILFS_BMAP_KEY_BIT and NILFS_BMAP_NEW_PTR_INIT calculate, within their definitions, the number of bits in an unsigned long variable. Use the BITS_PER_LONG macro to make them simpler. Link: https://lkml.kernel.org/r/20240826174116.5008-3-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Cc: Huang Xiaojia Signed-off-by: Andrew Morton commit 9abca1a71c0e5f78e7ce91af8ad03e8d9893dc54 Author: Huang Xiaojia Date: Tue Aug 27 02:41:09 2024 +0900 nilfs2: use common implementation of file type Patch series "nilfs2: assorted cleanups". This is a collection of cleanup patches, with only the last three focused on the log writer thread, the rest are miscellaneous. Patches 1/8, 4/8, and 7/8 adopt common implementations, 2/8 uses a generic macro, 5/8 removes dead code, 6/8 removes an unnecessary reference, and 3/8 and 8/8 each simplify a paticular messy implementation. This patch (of 8): Deduplicate the nilfs2 file type conversion implementation. Link: https://lkml.kernel.org/r/20240826174116.5008-1-konishi.ryusuke@gmail.com Link: https://lkml.kernel.org/r/20240815013442.1220909-1-huangxiaojia2@huawei.com Link: https://lkml.kernel.org/r/20240826174116.5008-2-konishi.ryusuke@gmail.com Signed-off-by: Huang Xiaojia Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 093ebfbbf3ba2002f7242b5c17a1845917f09cb5 Author: Hongbo Li Date: Tue Aug 27 10:45:17 2024 +0800 nfs make use of str_false_true helper The helper str_false_true() was introduced to return "false/true" string literal. We can simplify this format by str_false_true. Link: https://lkml.kernel.org/r/20240827024517.914100-4-lihongbo22@huawei.com Signed-off-by: Hongbo Li Cc: Andy Shevchenko Cc: Anna Schumaker Cc: Greg Kroah-Hartman Cc: Kees Cook Cc: Trond Myklebust Cc: Matthew Wilcox Signed-off-by: Andrew Morton commit 01b58b1763b36d5597c9fbd6951d7e0386eebfb0 Author: Hongbo Li Date: Tue Aug 27 10:45:16 2024 +0800 mm: make use of str_true_false helper The helper str_true_false() was introduced to return "true/false" string literal. We can simplify this format by str_true_false. Link: https://lkml.kernel.org/r/20240827024517.914100-3-lihongbo22@huawei.com Signed-off-by: Hongbo Li Cc: Andy Shevchenko Cc: Anna Schumaker Cc: Greg Kroah-Hartman Cc: Kees Cook Cc: Matthew Wilcox Cc: Trond Myklebust Signed-off-by: Andrew Morton commit 32cebfe1cc21a84e4a907575bb9fd1c3f6b091fd Author: Hongbo Li Date: Tue Aug 27 10:45:15 2024 +0800 lib/string_choices: add str_true_false()/str_false_true() helper Add str_true_false()/str_false_true() helper to retur a "true" or "false" string literal. We found more than 10 cases currently exist in the tree. So these helpers can be used for these cases. This patch (of 3): Add str_true_false()/str_false_true() helper to return "true" or "false" string literal. Link: https://lkml.kernel.org/r/20240827024517.914100-1-lihongbo22@huawei.com Link: https://lkml.kernel.org/r/20240827024517.914100-2-lihongbo22@huawei.com Signed-off-by: Hongbo Li Cc: Andy Shevchenko Cc: Anna Schumaker Cc: Greg Kroah-Hartman Cc: Kees Cook Cc: Matthew Wilcox Cc: Trond Myklebust Signed-off-by: Andrew Morton commit e16c7b07784f3fb03025939c4590b9a7c64970a7 Author: Chen Yu Date: Tue Aug 27 19:23:08 2024 +0800 kthread: fix task state in kthread worker if being frozen When analyzing a kernel waring message, Peter pointed out that there is a race condition when the kworker is being frozen and falls into try_to_freeze() with TASK_INTERRUPTIBLE, which could trigger a might_sleep() warning in try_to_freeze(). Although the root cause is not related to freeze()[1], it is still worthy to fix this issue ahead. One possible race scenario: CPU 0 CPU 1 ----- ----- // kthread_worker_fn set_current_state(TASK_INTERRUPTIBLE); suspend_freeze_processes() freeze_processes static_branch_inc(&freezer_active); freeze_kernel_threads pm_nosig_freezing = true; if (work) { //false __set_current_state(TASK_RUNNING); } else if (!freezing(current)) //false, been frozen freezing(): if (static_branch_unlikely(&freezer_active)) if (pm_nosig_freezing) return true; schedule() } // state is still TASK_INTERRUPTIBLE try_to_freeze() might_sleep() <--- warning Fix this by explicitly set the TASK_RUNNING before entering try_to_freeze(). Link: https://lore.kernel.org/lkml/Zs2ZoAcUsZMX2B%2FI@chenyu5-mobl2/ [1] Link: https://lkml.kernel.org/r/20240827112308.181081-1-yu.c.chen@intel.com Fixes: b56c0d8937e6 ("kthread: implement kthread_worker") Signed-off-by: Chen Yu Suggested-by: Peter Zijlstra Suggested-by: Andrew Morton Cc: Andreas Gruenbacher Cc: David Gow Cc: Mateusz Guzik Cc: Mickaël Salaün Cc: Tejun Heo Signed-off-by: Andrew Morton commit 7e1083598909f0fda82a0bf8cf788524ce4fccff Author: Luca Ceresoli Date: Fri Aug 23 10:27:44 2024 +0200 scripts/decode_stacktrace.sh: add '-h' flag When no parameters are passed, the usage instructions are presented only when debuginfod-find is not found. This makes sense because with debuginfod none of the positional parameters are needed. However it means that users having debuginfod-find installed will have no chance of reading the usage text without opening the file. Many programs have a '-h' flag to get the usage, so add such a flag. Invoking 'scripts/decode_stacktrace.sh -h' will now show the usage text and exit. Link: https://lkml.kernel.org/r/20240823-decode_stacktrace-find_module-improvements-v2-3-d7a57d35558b@bootlin.com Signed-off-by: Luca Ceresoli Reviewed-by: Stephen Boyd Cc: Alexis Lothoré (eBPF Foundation) Cc: Konstantin Khlebnikov Cc: Sasha Levin Cc: Thomas Petazzoni Signed-off-by: Andrew Morton commit a6d05e826d48cdffe11d9b73cf386840c19129d4 Author: Luca Ceresoli Date: Fri Aug 23 10:27:43 2024 +0200 scripts/decode_stacktrace.sh: clarify command line The syntax as expressed by usage() is not entirely correct: "" cannot be passed without "|auto". Additionally human reading of this syntax can be subject to misunderstanding due the mixture of '|' and '[]'. Improve readability in various ways: * rewrite using two lines for the two allowed usages * add square brackets around "" as it is optional when using debuginfod-find * move "" to inside the square brackets of the 2nd positional parameter * use underscores instead of spaces in <...> strings Link: https://lkml.kernel.org/r/20240823-decode_stacktrace-find_module-improvements-v2-2-d7a57d35558b@bootlin.com Signed-off-by: Luca Ceresoli Reviewed-by: Stephen Boyd Cc: Alexis Lothoré (eBPF Foundation) Cc: Konstantin Khlebnikov Cc: Sasha Levin Cc: Thomas Petazzoni Signed-off-by: Andrew Morton commit 0f69dc295b681753ac3455705357e600bc9c7745 Author: Luca Ceresoli Date: Fri Aug 23 10:27:42 2024 +0200 scripts/decode_stacktrace.sh: remove find_module recursion and improve error reporting Patch series "scripts/decode_stacktrace.sh: improve error reporting and usability", v2. This small series improves usability of scripts/decode_stacktrace.sh by improving the usage text and correctly reporting when modules are built without debugging symbols. This patch (of 3): The find_module() function can fail for two reasons: * the module was not found * the module was found but without debugging info In both cases the user is reported the same error: WARNING! Modules path isn't set, but is needed to parse this symbol This is misleading in case the modules path is set correctly. find_module() is currently implemented as a recursive function based on global variables in order to check up to 4 different paths. This is not straightforward to read and even less to modify. Besides, the debuginfo code at the beginning of find_module() is executed identically every time the function is entered, i.e. up to 4 times per each module search due to recursion. To be able to improve error reporting, first rewrite the find_module() function to remove recursion. The new version of the function iterates over all the same (up to 4) paths as before and for each of them does the same checks as before. At the end of the iteration it is now able to print an appropriate error message, so that has been moved from the caller into find_module(). Finally, when the module is found but without debugging info, mention the two Kconfig variables one needs to set in order to have the needed debugging symbols. Link: https://lkml.kernel.org/r/20240823-decode_stacktrace-find_module-improvements-v2-0-d7a57d35558b@bootlin.com Link: https://lkml.kernel.org/r/20240823-decode_stacktrace-find_module-improvements-v2-1-d7a57d35558b@bootlin.com Signed-off-by: Luca Ceresoli Reviewed-by: Stephen Boyd Cc: Alexis Lothoré (eBPF Foundation) Cc: Konstantin Khlebnikov Cc: Luca Ceresoli Cc: Sasha Levin Cc: Thomas Petazzoni Signed-off-by: Andrew Morton commit 38676d9e33133c0c39951b812b19cc5b9ff1978a Author: Yang Ruibin <11162571@vivo.com> Date: Wed Aug 21 03:34:40 2024 -0400 lib: fix the NULL vs IS_ERR() bug for debugfs_create_dir() debugfs_create_dir() returns error pointers. It never returns NULL. So use IS_ERR() to check it. Link: https://lkml.kernel.org/r/20240821073441.9701-1-11162571@vivo.com Signed-off-by: Yang Ruibin <11162571@vivo.com> Signed-off-by: Andrew Morton commit fb54ea1ee84534cab6a15515c73a0811bdcbc973 Author: Andy Shevchenko Date: Wed Aug 21 18:51:04 2024 +0300 dimlib: use *-y instead of *-objs in Makefile *-objs suffix is reserved rather for (user-space) host programs while usually *-y suffix is used for kernel drivers (although *-objs works for that purpose for now). Let's correct the old usages of *-objs in Makefiles. Link: https://lkml.kernel.org/r/20240821155140.611514-1-andriy.shevchenko@linux.intel.com Signed-off-by: Andy Shevchenko Acked-by: Florian Fainelli Reviewed-by: Alexander Lobakin Cc: Rasmus Villemoes Cc: Tal Gilboa Signed-off-by: Andrew Morton commit d18e4233d88b1ed95016a465ad5751629f9d70b9 Author: Ryusuke Konishi Date: Thu Aug 22 00:46:27 2024 +0900 nilfs2: do not propagate ENOENT error from nilfs_sufile_mark_dirty() nilfs_sufile_mark_dirty(), which marks a block in the sufile metadata file as dirty in preparation for log writing, returns -ENOENT to the caller if the block containing the segment usage of the specified segment is missing. This internal code can propagate through the log writer to system calls such as fsync. To prevent this, treat this case as a filesystem error and return -EIO instead. Link: https://lkml.kernel.org/r/20240821154627.11848-6-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 0b9aad46c1634527c6a9f951f72c31be67f9b25c Author: Ryusuke Konishi Date: Thu Aug 22 00:46:26 2024 +0900 nilfs2: do not propagate ENOENT error from sufile during GC nilfs_sufile_freev(), which is used to free segments in GC, aborts with -ENOENT if the target segment usage is on a hole block. This error only occurs if one of the segment numbers to be freed passed by the GC ioctl is invalid, so return -EINVAL instead. To avoid impairing readability, introduce a wrapper function that encapsulates error handling including the error code conversion (and error message output). Link: https://lkml.kernel.org/r/20240821154627.11848-5-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 5b527d38644686dc11e29468463aa7affa282e31 Author: Ryusuke Konishi Date: Thu Aug 22 00:46:25 2024 +0900 nilfs2: do not propagate ENOENT error from sufile during recovery nilfs_sufile_free() returns the error code -ENOENT when the block where the segment usage should be placed does not exist (hole block case), but this error should not be propagated upwards to the mount system call. In nilfs_prepare_segment_for_recovery(), one of the recovery steps during mount, nilfs_sufile_free() is used and may return -ENOENT as is, so in that case return -EINVAL instead. Link: https://lkml.kernel.org/r/20240821154627.11848-4-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit d07d8ba4cee7b56aa8ff499776ce76323562660e Author: Ryusuke Konishi Date: Thu Aug 22 00:46:24 2024 +0900 nilfs2: treat missing cpfile header block as metadata corruption The cpfile, a metadata file that holds metadata for checkpoint management, also has statistical information in its first block, and if reading this block fails, it receives the internal code -ENOENT and returns that code to the callers. As with sufile, to prevent this -ENOENT from being propagated to system calls, return -EIO instead when reading the header block fails. Link: https://lkml.kernel.org/r/20240821154627.11848-3-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 62e6e7841701619c2390e4e6cc4089f38c2a6798 Author: Ryusuke Konishi Date: Thu Aug 22 00:46:23 2024 +0900 nilfs2: treat missing sufile header block as metadata corruption Patch series "nilfs2: prevent unexpected ENOENT propagation". This series fixes potential issues where the result code -ENOENT, which is returned internally when a metadata file operation encouters a hole block, is exposed to user space without being properly handled. Several issues with the same cause leading to hangs or WARN_ON check failures have been reported by syzbot and fixed each time in the past. This collectively fixes the missing -ENOENT conversions that do not cause stability issues and are not covered by syzbot. This patch (of 5): The sufile, a metadata file that holds metadata for segment management, has statistical information in its first block, but if reading this block fails, it receives the internal code -ENOENT and returns it unchanged to the callers. To prevent this -ENOENT from being propagated to system calls, if reading the header block fails, return -EIO (or -EINVAL depending on the context) instead. Link: https://lkml.kernel.org/r/20240821154627.11848-1-konishi.ryusuke@gmail.com Link: https://lkml.kernel.org/r/20240821154627.11848-2-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 105ae044d6f3d7f8136d1ddac4c708595f643562 Author: Thorsten Blum Date: Tue Aug 20 04:16:07 2024 +0200 ocfs2: use max() to improve ocfs2_dlm_seq_show() Use the max() macro to simplify the ocfs2_dlm_seq_show() function and improve its readability. Link: https://lkml.kernel.org/r/20240820021605.97887-3-thorsten.blum@toblux.com Signed-off-by: Thorsten Blum Reviewed-by: Joseph Qi Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Cc: Changwei Ge Cc: Gang He Cc: Jun Piao Signed-off-by: Andrew Morton commit 7f86b2942791012ac7b4c481d1f84a58fd2fbcfc Author: qasdev Date: Tue Aug 20 02:22:09 2024 +0100 ocfs2: fix shift-out-of-bounds UBSAN bug in ocfs2_verify_volume() This patch addresses a shift-out-of-bounds error in the ocfs2_verify_volume() function, identified by UBSAN. The bug was triggered by an invalid s_clustersize_bits value (e.g., 1548), which caused the expression "1 << le32_to_cpu(di->id2.i_super.s_clustersize_bits)" to exceed the limits of a 32-bit integer, leading to an out-of-bounds shift. Link: https://lkml.kernel.org/r/ZsPvwQAXd5R/jNY+@hostname Signed-off-by: Qasim Ijaz Reported-by: syzbot Closes: https://syzkaller.appspot.com/bug?extid=f3fff775402751ebb471 Tested-by: syzbot Reviewed-by: Joseph Qi Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Cc: Changwei Ge Cc: Gang He Cc: Jun Piao Signed-off-by: Andrew Morton commit d994c238347d7ba4de15da00985e1bea75e91dc7 Author: Mateusz Guzik Date: Sat Aug 17 14:37:54 2024 +0200 ratelimit: convert flags to int to save 8 bytes in size Only bit 1 is used, making an unsigned long a total overkill. This brings it from 40 to 32 bytes, which in turn shrinks user_struct from 136 to 128 bytes. Since the latter is allocated with hwalign, this means the total usage goes down from 192 to 128 bytes per object. No functional changes. Link: https://lkml.kernel.org/r/20240817123754.240924-1-mjguzik@gmail.com Signed-off-by: Mateusz Guzik Signed-off-by: Andrew Morton commit 076979ee62f23c0eff035e0528b4cfadbe743255 Author: Kent Overstreet Date: Sat Aug 17 17:50:25 2024 -0400 scripts/decode_stacktrace.sh: nix-ify nix only puts /usr/bin/env at the standard location (as required by posix), so shebangs have to be tweaked. Link: https://lkml.kernel.org/r/20240817215025.161628-1-kent.overstreet@linux.dev Signed-off-by: Kent Overstreet Cc: Bjorn Andersson Cc: Elliot Berman Cc: Xiong Nandi Signed-off-by: Andrew Morton commit 03222db82a3a0db43cbad00886c800819fdc59f3 Author: Chi Zhiling Date: Thu Aug 15 17:21:41 2024 +0800 ocfs2: fix unexpected zeroing of virtual disk In a guest virtual machine, we found that there is unexpected data zeroing problem detected occassionly: XFS (vdb): Mounting V5 Filesystem XFS (vdb): Ending clean mount XFS (vdb): Metadata CRC error detected at xfs_refcountbt_read_verify+0x2c/0xf0, xfs_refcountbt block 0x200028 XFS (vdb): Unmount and run xfs_repair XFS (vdb): First 128 bytes of corrupted metadata buffer: 00000000e0cd2f5e: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000000cafd57f5: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000000d0298d7d: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000000f0698484: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000000adb789a7: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 000000005292b878: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000000885b4700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000000fd4b4df7: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ XFS (vdb): metadata I/O error in "xfs_trans_read_buf_map" at daddr 0x200028 len 8 error 74 XFS (vdb): Error -117 recovering leftover CoW allocations. XFS (vdb): xfs_do_force_shutdown(0x8) called from line 994 of file fs/xfs/xfs_mount.c. Return address = 000000003a53523a XFS (vdb): Corruption of in-memory data detected. Shutting down filesystem XFS (vdb): Please umount the filesystem and rectify the problem(s) It turns out that the root cause is from the physical host machine. More specifically, it is caused by the ocfs2. when the page_size is 64k, the block should advance by 16 each time instead of 1. This will lead to a wrong mapping from the page to the disk, which will zero some adjacent part of the disk. Link: https://lkml.kernel.org/r/20240815092141.1223238-1-chizhiling@163.com Signed-off-by: Chi Zhiling Suggested-by: Shida Zhang Reviewed-by: Joseph Qi Reviewed-by: Heming Zhao Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Cc: Changwei Ge Cc: Gang He Cc: Jun Piao Signed-off-by: Andrew Morton commit e60255f07c6a1f5bbbd490a2db23fe9eee8c6fd4 Author: Kuan-Wei Chiu Date: Sun Aug 11 03:53:16 2024 +0800 ocfs2: remove custom swap functions in favor of built-in sort swap The custom swap functions used in ocfs2 do not perform any special operations and can be replaced with the built-in swap function of sort. This change not only reduces code size but also improves efficiency, especially in scenarios where CONFIG_RETPOLINE is enabled, as it makes indirect function calls more expensive. By using the built-in swap, we avoid these costly indirect function calls, leading to better performance. Link: https://lkml.kernel.org/r/20240810195316.186504-1-visitorckw@gmail.com Signed-off-by: Kuan-Wei Chiu Reviewed-by: Joseph Qi Reviewed-by: Heming Zhao Cc: Ching-Chun (Jim) Huang Cc: Joel Becker Cc: Mark Fasheh Cc: Changwei Ge Cc: Gang He Cc: Jun Piao Cc: Junxiao Bi Signed-off-by: Andrew Morton commit c91c6062d6cd1bc366efb04973ee449c30398a49 Author: Sourabh Jain Date: Mon Aug 12 09:46:51 2024 +0530 Document/kexec: generalize crash hotplug description Commit 79365026f869 ("crash: add a new kexec flag for hotplug support") generalizes the crash hotplug support to allow architectures to update multiple kexec segments on CPU/Memory hotplug and not just elfcorehdr. Therefore, update the relevant kernel documentation to reflect the same. No functional change. Link: https://lkml.kernel.org/r/20240812041651.703156-1-sourabhjain@linux.ibm.com Signed-off-by: Sourabh Jain Reviewed-by: Petr Tesarik Acked-by: Baoquan He Cc: Hari Bathini Cc: Petr Tesarik Cc: Sourabh Jain Cc: Jonathan Corbet Signed-off-by: Andrew Morton commit caaab56609ce48076af7361163b6a8f7f14d53b3 Author: Ryusuke Konishi Date: Fri Aug 16 16:43:19 2024 +0900 nilfs2: fix missing initial short descriptions of kernel-doc comments Update some kernel-doc comments that are missing the initial short description and fix the following warnings output by the kernel-doc script: fs/nilfs2/bmap.c:353: warning: missing initial short description on line: * nilfs_bmap_lookup_dirty_buffers - fs/nilfs2/cpfile.c:708: warning: missing initial short description on line: * nilfs_cpfile_delete_checkpoint - fs/nilfs2/cpfile.c:972: warning: missing initial short description on line: * nilfs_cpfile_is_snapshot - fs/nilfs2/dat.c:275: warning: missing initial short description on line: * nilfs_dat_mark_dirty - fs/nilfs2/sufile.c:844: warning: missing initial short description on line: * nilfs_sufile_get_suinfo - Link: https://lkml.kernel.org/r/20240816074319.3253-9-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 7876bc1bd6e89723edd1cb68f7d7bd83568ce82b Author: Ryusuke Konishi Date: Fri Aug 16 16:43:18 2024 +0900 nilfs2: fix inconsistencies in kernel-doc comments in segment.h Fix incorrect or missing variable names in the member variable descriptions in the nilfs_recovery_info and nilfs_sc_info structures, thereby eliminating the following warnings output by the kernel-doc script: fs/nilfs2/segment.h:49: warning: Function parameter or struct member 'ri_cno' not described in 'nilfs_recovery_info' fs/nilfs2/segment.h:49: warning: Function parameter or struct member 'ri_lsegs_start_seq' not described in 'nilfs_recovery_info' fs/nilfs2/segment.h:49: warning: Excess struct member 'ri_ri_cno' description in 'nilfs_recovery_info' fs/nilfs2/segment.h:49: warning: Excess struct member 'ri_lseg_start_seq' description in 'nilfs_recovery_info' fs/nilfs2/segment.h:177: warning: Function parameter or struct member 'sc_seq_accepted' not described in 'nilfs_sc_info' fs/nilfs2/segment.h:177: warning: Function parameter or struct member 'sc_timer_task' not described in 'nilfs_sc_info' fs/nilfs2/segment.h:177: warning: Excess struct member 'sc_seq_accept' description in 'nilfs_sc_info' Link: https://lkml.kernel.org/r/20240816074319.3253-8-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit d9e5551ea101203151077c42af0bebeb6825f636 Author: Ryusuke Konishi Date: Fri Aug 16 16:43:17 2024 +0900 nilfs2: describe the members of nilfs_bmap_operations structure Add missing member variable descriptions in the kernel-doc comments for the nilfs_bmap_operations structure, hiding the internal operations with the "private:" tag. This eliminates the following warnings output by the kernel-doc script: fs/nilfs2/bmap.h:74: warning: Function parameter or struct member 'bop_lookup' not described in 'nilfs_bmap_operations' fs/nilfs2/bmap.h:74: warning: Function parameter or struct member 'bop_lookup_contig' not described in 'nilfs_bmap_operations' ... fs/nilfs2/bmap.h:74: warning: Function parameter or struct member 'bop_gather_data' not described in 'nilfs_bmap_operations' Link: https://lkml.kernel.org/r/20240816074319.3253-7-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 0e13ddee285ffa0815fa66e1eac4bf0fafd06ce4 Author: Ryusuke Konishi Date: Fri Aug 16 16:43:16 2024 +0900 nilfs2: add missing description of nilfs_btree_path structure Add missing kernel-doc comment for the 'bp_ctxt' member variable of the nilfs_btree_path structure, and eliminate the following warning output by the kenrel-doc script: fs/nilfs2/btree.h:39: warning: Function parameter or struct member 'bp_ctxt' not described in 'nilfs_btree_path' Link: https://lkml.kernel.org/r/20240816074319.3253-6-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 89a6c1775089eae99940d4a86f2ba34cbe848726 Author: Ryusuke Konishi Date: Fri Aug 16 16:43:15 2024 +0900 nilfs2: fix incorrect kernel-doc declaration of nilfs_palloc_req structure The "struct" keyword is missing from the kernel-doc comment of the nilfs_palloc_req structure, so add it to eliminate the following warning output by the kernel-doc script: fs/nilfs2/alloc.h:46: warning: cannot understand function prototype: 'struct nilfs_palloc_req ' Link: https://lkml.kernel.org/r/20240816074319.3253-5-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 60d8b01e55b2c45e73d442b379844d6efd9d16a7 Author: Ryusuke Konishi Date: Fri Aug 16 16:43:14 2024 +0900 nilfs2: improve kernel-doc comments for b-tree node helpers Revise kernel-doc comments for helper functions related to changing the search key for b-tree node blocks, and eliminate the following warnings output by the kernel-doc script: fs/nilfs2/btnode.c:175: warning: Function parameter or struct member 'btnc' not described in 'nilfs_btnode_prepare_change_key' fs/nilfs2/btnode.c:175: warning: Function parameter or struct member 'ctxt' not described in 'nilfs_btnode_prepare_change_key' fs/nilfs2/btnode.c:238: warning: Function parameter or struct member 'btnc' not described in 'nilfs_btnode_commit_change_key' fs/nilfs2/btnode.c:238: warning: Function parameter or struct member 'ctxt' not described in 'nilfs_btnode_commit_change_key' fs/nilfs2/btnode.c:278: warning: Function parameter or struct member 'btnc' not described in 'nilfs_btnode_abort_change_key' fs/nilfs2/btnode.c:278: warning: Function parameter or struct member 'ctxt' not described in 'nilfs_btnode_abort_change_key' Link: https://lkml.kernel.org/r/20240816074319.3253-4-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 3e62c5d7d0a4e8fa826d6e2f8e19c805045edb82 Author: Ryusuke Konishi Date: Fri Aug 16 16:43:13 2024 +0900 nilfs2: add missing argument descriptions for ioctl-related helpers Add missing argument descriptions and return value information to the kernel-doc comments for ioctl helper functions, and eliminate the following warnings output by the kernel-doc script: fs/nilfs2/ioctl.c:120: warning: Function parameter or struct member 'dentry' not described in 'nilfs_fileattr_get' fs/nilfs2/ioctl.c:120: warning: Function parameter or struct member 'fa' not described in 'nilfs_fileattr_get' fs/nilfs2/ioctl.c:133: warning: Function parameter or struct member 'idmap' not described in 'nilfs_fileattr_set' fs/nilfs2/ioctl.c:133: warning: Function parameter or struct member 'dentry' not described in 'nilfs_fileattr_set' fs/nilfs2/ioctl.c:133: warning: Function parameter or struct member 'fa' not described in 'nilfs_fileattr_set' fs/nilfs2/ioctl.c:164: warning: Function parameter or struct member 'inode' not described in 'nilfs_ioctl_getversion' fs/nilfs2/ioctl.c:164: warning: Function parameter or struct member 'argp' not described in 'nilfs_ioctl_getversion' Link: https://lkml.kernel.org/r/20240816074319.3253-3-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit b79bdfdd31a4ffe441ad347f4d869fde997bb69c Author: Ryusuke Konishi Date: Fri Aug 16 16:43:12 2024 +0900 nilfs2: add missing argument description for __nilfs_error() Patch series "This series fixes a number of formatting issues in kernel doc comments" This series fixes a number of formatting issues in kernel doc comments that were detected as warnings by the kernel-doc script, making violations more noticeable when adding or modifying kernel doc. There are still warnings output by "kernel-doc -Wall", but they are widespread, so I plan to fix them at another time while considering priorities. This patch (of 8): Add missing argument description to __nilfs_error function and remove the following warnings from kernel-doc script output: fs/nilfs2/super.c:121: warning: Function parameter or struct member 'sb' not described in '__nilfs_error' fs/nilfs2/super.c:121: warning: Function parameter or struct member 'function' not described in '__nilfs_error' fs/nilfs2/super.c:121: warning: Function parameter or struct member 'fmt' not described in '__nilfs_error' Link: https://lkml.kernel.org/r/20240816074319.3253-1-konishi.ryusuke@gmail.com Link: https://lkml.kernel.org/r/20240816074319.3253-2-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 299910dcb4525ac0274f3efa9527876315ba4f67 Author: Ryusuke Konishi Date: Fri Aug 16 18:01:28 2024 +0900 nilfs2: do not output warnings when clearing dirty buffers After detecting file system corruption and degrading to a read-only mount, dirty folios and buffers in the page cache are cleared, and a large number of warnings are output at that time, often filling up the kernel log. In this case, since the degrading to a read-only mount is output to the kernel log, these warnings are not very meaningful, and are rather a nuisance in system management and debugging. The related nilfs2-specific page/folio routines have a silent argument that suppresses the warning output, but since it is not currently used meaningfully, remove both the silent argument and the warning output. Link: https://lkml.kernel.org/r/20240816090128.4561-1-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 79785f7801275bc070035e3982f8ff4b336a1ceb Author: Ryusuke Konishi Date: Thu Aug 15 16:44:08 2024 +0900 nilfs2: add support for FS_IOC_SETFSLABEL Implement support for FS_IOC_SETFSLABEL ioctl to write filesystem label. Link: https://lkml.kernel.org/r/20240815074408.5550-5-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 4b901256a7bf6db3ca84ee2b2e87a1af4d40b8a3 Author: Ryusuke Konishi Date: Thu Aug 15 16:44:07 2024 +0900 nilfs2: add support for FS_IOC_GETFSLABEL Implement support for FS_IOC_GETFSLABEL ioctl to read filesystem label. Link: https://lkml.kernel.org/r/20240815074408.5550-4-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 8d1dba2e7cc74381087ae8ef03673abee758fcd0 Author: Ryusuke Konishi Date: Thu Aug 15 16:44:06 2024 +0900 nilfs2: add support for FS_IOC_GETFSSYSFSPATH Use the standard helper super_set_sysfs_name_bdev() to give the sysfs subpath of the filesystem for the FS_IOC_GETFSSYSFSPATH ioctl. For nilfs2, it will output "nilfs2/". Link: https://lkml.kernel.org/r/20240815074408.5550-3-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit ef851d44a83ed625ec22eae6bd36a1348c8af571 Author: Ryusuke Konishi Date: Thu Aug 15 16:44:05 2024 +0900 nilfs2: add support for FS_IOC_GETUUID Patch series "nilfs2: add support for some common ioctls". This series adds support for common ioctls to nilfs2 for getting the volume UUID and the relative path of an FS instance within the sysfs namespace, and also implements ioctls for nilfs2 to get and set the volume label. This patch (of 2): Expose the UUID of a file system instance using the super_set_uuid helper and support the FS_IOC_GETUUID ioctl. Link: https://lkml.kernel.org/r/20240815074408.5550-1-konishi.ryusuke@gmail.com Link: https://lkml.kernel.org/r/20240815074408.5550-2-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi Signed-off-by: Andrew Morton commit 16d9691ad4b562ea19271f0788738f649c02cf3c Author: Uros Bizjak Date: Wed Aug 14 08:44:13 2024 +0200 lib/percpu_counter: add missing __percpu qualifier to a cast Add missing __percpu qualifier to a (void *) cast to fix percpu_counter.c:212:36: warning: cast removes address space '__percpu' of expression percpu_counter.c:212:33: warning: incorrect type in assignment (different address spaces) percpu_counter.c:212:33: expected signed int [noderef] [usertype] __percpu *counters percpu_counter.c:212:33: got void * sparse warnings. Found by GCC's named address space checks. There were no changes in the resulting object file. Link: https://lkml.kernel.org/r/20240814064437.940162-1-ubizjak@gmail.com Signed-off-by: Uros Bizjak Cc: Dennis Zhou Cc: Tejun Heo Cc: Christoph Lameter Signed-off-by: Andrew Morton commit cbf164cd44e06c78938b4a4a4479d3541779c319 Author: Kuan-Wei Chiu Date: Tue Aug 13 01:02:29 2024 +0800 lib/bcd: optimize _bin2bcd() for improved performance The original _bin2bcd() function used / 10 and % 10 operations for conversion. Although GCC optimizes these operations and does not generate division or modulus instructions, the new implementation reduces the number of mov instructions in the generated code for both x86-64 and ARM architectures. This optimization calculates the tens digit using (val * 103) >> 10, which is accurate for values of 'val' in the range [0, 178]. Given that the valid input range is [0, 99], this method ensures correctness while simplifying the generated code. Link: https://lkml.kernel.org/r/20240812170229.229380-1-visitorckw@gmail.com Signed-off-by: Kuan-Wei Chiu Cc: Ching-Chun (Jim) Huang Signed-off-by: Andrew Morton commit ccbfd2df3018e2694f750abe5e93b647a4eef5b1 Author: Jani Nikula Date: Tue Aug 13 15:12:37 2024 +0300 drm/xe: clean up fault injection usage With the proper stubs in place in linux/fault-inject.h, we can remove a bunch of conditional compilation for CONFIG_FAULT_INJECTION=n. Link: https://lkml.kernel.org/r/20240813121237.2382534-3-jani.nikula@intel.com Signed-off-by: Jani Nikula Reviewed-by: Thomas Hellström Reviewed-by: Himal Prasad Ghimiray Cc: Akinobu Mita Cc: Lucas De Marchi Cc: Rodrigo Vivi Cc: Abhinav Kumar Cc: Dmitry Baryshkov Cc: Rob Clark Signed-off-by: Andrew Morton commit f161cdd91b2a68ed846ecaac43b2f01af0ea61c8 Author: Jani Nikula Date: Tue Aug 13 15:12:36 2024 +0300 drm/msm: clean up fault injection usage With the proper stubs in place in linux/fault-inject.h, we can remove a bunch of conditional compilation for CONFIG_FAULT_INJECTION=n. Link: https://lkml.kernel.org/r/20240813121237.2382534-2-jani.nikula@intel.com Signed-off-by: Jani Nikula Reviewed-by: Thomas Hellström Reviewed-by: Himal Prasad Ghimiray Reviewed-by: Abhinav Kumar Cc: Akinobu Mita Cc: Rob Clark Cc: Dmitry Baryshkov Cc: Lucas De Marchi Cc: Rodrigo Vivi Signed-off-by: Andrew Morton commit 6ce2082fd3a25d5a8c756120959237cace0379f1 Author: Jani Nikula Date: Tue Aug 13 15:12:35 2024 +0300 fault-inject: improve build for CONFIG_FAULT_INJECTION=n The fault-inject.h users across the kernel need to add a lot of #ifdef CONFIG_FAULT_INJECTION to cater for shortcomings in the header. Make fault-inject.h self-contained for CONFIG_FAULT_INJECTION=n, and add stubs for DECLARE_FAULT_ATTR(), setup_fault_attr(), should_fail_ex(), and should_fail() to allow removal of conditional compilation. [akpm@linux-foundation.org: repair fallout from no longer including debugfs.h into fault-inject.h] [akpm@linux-foundation.org: fix drivers/misc/xilinx_tmr_inject.c] [akpm@linux-foundation.org: Add debugfs.h inclusion to more files, per Stephen] Link: https://lkml.kernel.org/r/20240813121237.2382534-1-jani.nikula@intel.com Fixes: 6ff1cb355e62 ("[PATCH] fault-injection capabilities infrastructure") Signed-off-by: Jani Nikula Cc: Akinobu Mita Cc: Abhinav Kumar Cc: Dmitry Baryshkov Cc: Himal Prasad Ghimiray Cc: Lucas De Marchi Cc: Rob Clark Cc: Rodrigo Vivi Cc: Thomas Hellström Cc: Stephen Rothwell Signed-off-by: Andrew Morton commit a15bec6a8f2f177e6c1388f23d02436e27994299 Author: Davidlohr Bueso Date: Tue Aug 6 08:39:27 2024 -0700 lib/rhashtable: cleanup fallback check in bucket_table_alloc() Upon allocation failure, the current check with the nofail bits is unnecessary, and further stands in the way of discouraging direct use of __GFP_NOFAIL. Remove this and replace with the proper way of determining if doing a non-blocking allocation for the nested table case. Link: https://lkml.kernel.org/r/20240806153927.184515-1-dave@stgolabs.net Signed-off-by: Davidlohr Bueso Suggested-by: Michal Hocko Cc: Davidlohr Bueso Cc: Herbert Xu Signed-off-by: Andrew Morton commit 97cf8f5f93f8419d5e7902b89194530466e73bcd Author: Waiman Long Date: Fri Aug 2 11:16:21 2024 -0400 watchdog: handle the ENODEV failure case of lockup_detector_delay_init() separately When watchdog_hardlockup_probe() is being called by lockup_detector_delay_init(), an error return of -ENODEV will happen for the arm64 arch when arch_perf_nmi_is_available() returns false. This means that NMI is not usable by the hard lockup detector and so has to be disabled. This can be considered a deficiency in that particular arm64 chip, but there is nothing we can do about it. That also means the following error will always be reported when the kernel boot up. watchdog: Delayed init of the lockup detector failed: -19 The word "failed" itself has a connotation that there is something wrong with the kernel which is not really the case here. Handle this special ENODEV case separately and explain the reason behind disabling hard lockup detector without causing anxiety for those users who read the above message and wonder about it. Link: https://lkml.kernel.org/r/20240802151621.617244-1-longman@redhat.com Signed-off-by: Waiman Long Cc: Douglas Anderson Cc: Joel Granados Cc: Li Zhe Cc: Petr Mladek Cc: Thomas Weißschuh Signed-off-by: Andrew Morton commit e0ba72e3a4422c4255fa80191a637d7c65ef4c59 Author: J. R. Okajima Date: Tue Jul 23 16:40:17 2024 +0000 lockdep: upper limit LOCKDEP_CHAINS_BITS CONFIG_LOCKDEP_CHAINS_BITS value decides the size of chain_hlocks[] in kernel/locking/lockdep.c, and it is checked by add_chain_cache() with BUILD_BUG_ON((1UL << 24) <= ARRAY_SIZE(chain_hlocks)); This patch is just to silence BUILD_BUG_ON(). See also https://lore.kernel.org/all/30795.1620913191@jrobl/ [cmllamas@google.com: fix minor checkpatch issues in commit log] Link: https://lkml.kernel.org/r/20240723164018.2489615-1-cmllamas@google.com Signed-off-by: J. R. Okajima Signed-off-by: Carlos Llamas Acked-by: Tetsuo Handa Cc: Peter Zijlstra Cc: Boqun Feng Cc: Ingo Molnar Cc: Waiman Long Cc: Will Deacon Signed-off-by: Andrew Morton commit 8af2caf7307d8002d88c377c58eba8cae75a2109 Author: Breno Leitao Date: Mon Jul 29 01:52:11 2024 -0700 failcmd: make failcmd.sh executable Change the file permissions of tools/testing/fault-injection/failcmd.sh to allow execution. This ensures the script can be run directly without explicitly invoking a shell. Link: https://lkml.kernel.org/r/20240729085215.3403417-1-leitao@debian.org Signed-off-by: Breno Leitao Reviewed-by: Akinobu Mita Signed-off-by: Andrew Morton commit 11ee88a0f98770719f29b7d1efb2a2ca6a83af3c Author: Breno Leitao Date: Mon Jul 29 01:45:08 2024 -0700 fault-injection: enhance failcmd to exit on non-hex address input The failcmd.sh script in the fault-injection toolkit does not currently validate whether the provided address is in hexadecimal format. This can lead to silent failures if the address is sourced from places like `/proc/kallsyms`, which omits the '0x' prefix, potentially causing users to operate under incorrect assumptions. Introduce a new function, `exit_if_not_hex`, which checks the format of the provided address and exits with an error message if the address is not a valid hexadecimal number. This enhancement prevents users from running the command with improperly formatted addresses, thus improving the robustness and usability of the failcmd tool. Link: https://lkml.kernel.org/r/20240729084512.3349928-1-leitao@debian.org Signed-off-by: Breno Leitao Reviewed-by: Akinobu Mita Signed-off-by: Andrew Morton commit 588661fd87a79c89b506abdba186cb58c07a5dfc Author: Jeff Johnson Date: Tue Jul 30 07:43:22 2024 -0700 locking/ww_mutex/test: add MODULE_DESCRIPTION() Fix the 'make W=1' warning: WARNING: modpost: missing MODULE_DESCRIPTION() in kernel/locking/test-ww_mutex.o Link: https://lkml.kernel.org/r/20240730-module_description_orphans-v1-5-7094088076c8@quicinc.com Signed-off-by: Jeff Johnson Acked-by: Waiman Long Cc: Alexandre Torgue Cc: Alistar Popple Cc: Andrew Jeffery Cc: Andy Lutomirski Cc: Arnd Bergmann Cc: Boqun Feng Cc: Borislav Petkov Cc: Christophe Leroy Cc: Dave Hansen Cc: Eddie James Cc: Greg Kroah-Hartman Cc: "H. Peter Anvin" Cc: Ingo Molnar Cc: Jeremy Kerr Cc: Joel Stanley Cc: Karol Herbst Cc: Masami Hiramatsu Cc: Maxime Coquelin Cc: Michael Ellerman Cc: Naveen N Rao Cc: Nicholas Piggin Cc: Nouveau Cc: Pekka Paalanen Cc: Peter Zijlstra Cc: Rafael J. Wysocki Cc: Russell King Cc: Steven Rostedt (Google) Cc: Thomas Gleixner Cc: Viresh Kumar Cc: Will Deacon Signed-off-by: Andrew Morton commit fc5def2c2ad049588c875d86c7408537300ee43e Author: Jeff Johnson Date: Tue Jul 30 07:43:19 2024 -0700 x86/mm: add testmmiotrace MODULE_DESCRIPTION() Fix the following 'make W=1' warning: WARNING: modpost: missing MODULE_DESCRIPTION() in arch/x86/mm/testmmiotrace.o Link: https://lkml.kernel.org/r/20240730-module_description_orphans-v1-2-7094088076c8@quicinc.com Signed-off-by: Jeff Johnson Cc: Alexandre Torgue Cc: Alistar Popple Cc: Andrew Jeffery Cc: Andy Lutomirski Cc: Arnd Bergmann Cc: Boqun Feng Cc: Borislav Petkov Cc: Christophe Leroy Cc: Dave Hansen Cc: Eddie James Cc: Greg Kroah-Hartman Cc: "H. Peter Anvin" Cc: Ingo Molnar Cc: Jeremy Kerr Cc: Joel Stanley Cc: Karol Herbst Cc: Masami Hiramatsu Cc: Maxime Coquelin Cc: Michael Ellerman Cc: Naveen N Rao Cc: Nicholas Piggin Cc: Nouveau Cc: Pekka Paalanen Cc: Peter Zijlstra Cc: Rafael J. Wysocki Cc: Russell King Cc: Steven Rostedt (Google) Cc: Thomas Gleixner Cc: Viresh Kumar Cc: Waiman Long Cc: Will Deacon Signed-off-by: Andrew Morton commit f6fc302db018f09bb294e918eb0724d6948fa5ba Author: Jeff Johnson Date: Tue Jul 30 07:43:18 2024 -0700 crypto: arm/xor - add missing MODULE_DESCRIPTION() macro Patch series "treewide: add missing MODULE_DESCRIPTION() macros". Since commit 1fffe7a34c89 ("script: modpost: emit a warning when the description is missing"), a module without a MODULE_DESCRIPTION() will result in a warning when built with make W=1. Recently, multiple developers have been eradicating these warnings treewide, and I personally submitted almost 300 patches over the past few months. Almost all of my patches landed by 6.11-rc1, either by being merged in a 6.10-rc or by being merged in the 6.11 merge window. However, a few of my patches did not land. This patch (of 5): With ARCH=arm and CONFIG_KERNEL_MODE_NEON=y, make W=1 C=1 reports: WARNING: modpost: missing MODULE_DESCRIPTION() in arch/arm/lib/xor-neon.o Add the missing invocation of the MODULE_DESCRIPTION() macro. Link: https://lkml.kernel.org/r/20240730-module_description_orphans-v1-0-7094088076c8@quicinc.com Link: https://lkml.kernel.org/r/20240730-module_description_orphans-v1-1-7094088076c8@quicinc.com Signed-off-by: Jeff Johnson Cc: Alexandre Torgue Cc: Alistar Popple Cc: Andrew Jeffery Cc: Andy Lutomirski Cc: Arnd Bergmann Cc: Boqun Feng Cc: Borislav Petkov Cc: Christophe Leroy Cc: Dave Hansen Cc: Eddie James Cc: Greg Kroah-Hartman Cc: "H. Peter Anvin" Cc: Ingo Molnar Cc: Jeremy Kerr Cc: Joel Stanley Cc: Karol Herbst Cc: Masami Hiramatsu Cc: Maxime Coquelin Cc: Michael Ellerman (powerpc) Cc: Naveen N Rao Cc: Nicholas Piggin Cc: Nouveau Cc: Pekka Paalanen Cc: Peter Zijlstra Cc: Rafael J. Wysocki Cc: Russell King Cc: Steven Rostedt (Google) Cc: Thomas Gleixner Cc: Viresh Kumar Cc: Waiman Long Cc: Will Deacon Signed-off-by: Andrew Morton commit 5b9da39dc58abcbdceaf9c2d283d0f64ece5bbdf Author: Breno Leitao Date: Tue Jul 30 09:08:13 2024 -0700 failcmd: add script file in MAINTAINERS failcmd is one of the main interfaces to fault injection framework, but, it is not listed under FAULT INJECTION SUPPORT entry in MAINTAINERS. This is unfortunate, since git-send-email doesn't find emails to send the patches to, forcing the user to try to guess who maintains it. Akinobu Mita seems to be actively maintaining it, so, let's add the file under FAULT INJECTION SUPPORT section. Link: https://lkml.kernel.org/r/20240730160814.1979876-1-leitao@debian.org Signed-off-by: Breno Leitao Reviewed-by: Akinobu Mita Signed-off-by: Andrew Morton commit 59d58189f3d96eeb31b0b4a8a8aab2cd6a6afb82 Author: Jinjie Ruan Date: Mon Jul 29 19:52:52 2024 +0800 crash: fix crash memory reserve exceed system memory bug On x86_32 Qemu machine with 1GB memory, the cmdline "crashkernel=4G" is ok as below: crashkernel reserved: 0x0000000020000000 - 0x0000000120000000 (4096 MB) It's similar on other architectures, such as ARM32 and RISCV32. The cause is that the crash_size is parsed and printed with "unsigned long long" data type which is 8 bytes but allocated used with "phys_addr_t" which is 4 bytes in memblock_phys_alloc_range(). Fix it by checking if crash_size is greater than system RAM size and return error if so. After this patch, there is no above confusing reserve success info. Link: https://lkml.kernel.org/r/20240729115252.1659112-1-ruanjinjie@huawei.com Signed-off-by: Jinjie Ruan Suggested-by: Mike Rapoport Acked-by: Baoquan He Cc: Albert Ou Cc: Dave Young Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Vivek Goyal Signed-off-by: Andrew Morton commit 00bd8ec2f7cb40e438f5c9eb9ea2110d1ce5e165 Author: Andrii Nakryiko Date: Mon Jul 29 10:40:44 2024 -0700 fs/procfs: remove build ID-related code duplication in PROCMAP_QUERY A piece of build ID handling code in PROCMAP_QUERY ioctl() was accidentally duplicated. It wasn't meant to be part of ed5d583a88a9 ("fs/procfs: implement efficient VMA querying API for /proc//maps") commit, which is what introduced duplication. It has no correctness implications, but we unnecessarily perform the same work twice, if build ID parsing is requested. Drop the duplication. Link: https://lkml.kernel.org/r/20240729174044.4008399-1-andrii@kernel.org Fixes: ed5d583a88a9 ("fs/procfs: implement efficient VMA querying API for /proc//maps") Signed-off-by: Andrii Nakryiko Reported-by: Jann Horn Cc: Alexey Dobriyan Signed-off-by: Andrew Morton commit b6e21b71208f289a796d786bd695ec25eae4ed9a Author: Thorsten Blum Date: Fri Jul 26 17:49:46 2024 +0200 lib: checksum: use ARRAY_SIZE() to improve assert_setup_correct() Use ARRAY_SIZE() to simplify the assert_setup_correct() function and improve its readability. Link: https://lkml.kernel.org/r/20240726154946.230928-1-thorsten.blum@toblux.com Signed-off-by: Thorsten Blum Signed-off-by: Andrew Morton commit 9a42bfd255b288dad2d1a9df0a1fe58394d5da12 Author: Deshan Zhang Date: Thu Jul 25 17:30:45 2024 +0800 lib/lru_cache: fix spelling mistake "colision"->"collision" There is a spelling mistake in a literal string and in cariable names. Fix these. Link: https://lkml.kernel.org/r/20240725093044.1742842-1-deshan@nfschina.com Signed-off-by: Deshan Zhang Cc: Christoph Böhmwalder Cc: Lars Ellenberg Cc: Philipp Reisner Signed-off-by: Andrew Morton commit fbe617af697c336db7630762158127eaa5a1d223 Author: Markus Elfring Date: Sun Jul 14 19:15:09 2024 +0200 closures: use seq_putc() in debug_show() A single line break should be put into a sequence. Thus use the corresponding function "seq_putc". This issue was transformed by using the Coccinelle software. Link: https://lkml.kernel.org/r/e7faa2c4-9590-44b4-8669-69ef810277b1@web.de Signed-off-by: Markus Elfring Cc: Kent Overstreet Signed-off-by: Andrew Morton commit 7b76689a021d19a016310bd5da35450641b67966 Author: Markus Elfring Date: Sun Jul 14 19:33:07 2024 +0200 dyndbg: use seq_putc() in ddebug_proc_show() Single characters should be put into a sequence. Thus use the corresponding function "seq_putc". This issue was transformed by using the Coccinelle software. Link: https://lkml.kernel.org/r/375b5b4b-6295-419e-bae9-da724a7a682d@web.de Signed-off-by: Markus Elfring Cc: Jason Baron Cc: Jim Cromie Signed-off-by: Andrew Morton commit 0833952c0768daea7d9b6dc59a35bef309234b88 Author: Kuan-Ying Lee Date: Tue Jul 23 14:49:01 2024 +0800 scripts/gdb: add 'lx-kasan_mem_to_shadow' command This command allows users to quickly translate memory address to the kasan shadow memory address. Example output: (gdb) lx-kasan_mem_to_shadow 0xffff000019acc008 shadow addr: 0xffff600003359801 Link: https://lkml.kernel.org/r/20240723064902.124154-6-kuan-ying.lee@canonical.com Signed-off-by: Kuan-Ying Lee Cc: Jan Kiszka Cc: Kieran Bingham Signed-off-by: Andrew Morton commit 35249f68b5d38bff1c616cc9761ecc3d820163b1 Author: Kuan-Ying Lee Date: Tue Jul 23 14:49:00 2024 +0800 scripts/gdb: add 'lx-stack_depot_lookup' command. This command allows users to quickly retrieve a stacktrace using a handle obtained from a memory coredump. Example output: (gdb) lx-stack_depot_lookup 0x00c80300 0xffff8000807965b4 : mov x20, x0 0xffff800081a077d8 : mov x1, x0 0xffff800081a079a0 : cbnz w0, 0xffff800081a07968 0xffff800082f4a3fc : ldr x19, [sp, #16] 0xffff800080a0fb34 : ldp x3, x4, [sp, #96] 0xffff800080a0a550 : ldp x19, x20, [sp, #16] 0xffff8000808e7b40 : mov w5, w0 0xffff800080a0b8ac : mov x23, x0 0xffff800080914a48 : mov x6, x0 0xffff8000809151c4 : ldr x21, [sp, #32] Link: https://lkml.kernel.org/r/20240723064902.124154-5-kuan-ying.lee@canonical.com Signed-off-by: Kuan-Ying Lee Cc: Jan Kiszka Cc: Kieran Bingham Signed-off-by: Andrew Morton commit 4b183f613924ad536be2f8bd12b307e9c5a96bf6 Author: Kuan-Ying Lee Date: Tue Jul 23 14:48:59 2024 +0800 scripts/gdb: fix lx-mounts command error (gdb) lx-mounts mount super_block devname pathname fstype options Python Exception : There is no member named list. Error occurred in Python: There is no member named list. We encounter the above issue after commit 2eea9ce4310d ("mounts: keep list of mounts in an rbtree"). The commit move a mount from list into rbtree. So we can instead use rbtree to iterate all mounts information. Link: https://lkml.kernel.org/r/20240723064902.124154-4-kuan-ying.lee@canonical.com Fixes: 2eea9ce4310d ("mounts: keep list of mounts in an rbtree") Signed-off-by: Kuan-Ying Lee Cc: Jan Kiszka Cc: Kieran Bingham Cc: Signed-off-by: Andrew Morton commit 0c77e103c45fa1b119f5d3bb4625eee081c1a6cf Author: Kuan-Ying Lee Date: Tue Jul 23 14:48:58 2024 +0800 scripts/gdb: add iteration function for rbtree Add inorder iteration function for rbtree usage. This is a preparation patch for the next patch to fix the gdb mounts issue. Link: https://lkml.kernel.org/r/20240723064902.124154-3-kuan-ying.lee@canonical.com Fixes: 2eea9ce4310d ("mounts: keep list of mounts in an rbtree") Signed-off-by: Kuan-Ying Lee Cc: Jan Kiszka Cc: Kieran Bingham Cc: Signed-off-by: Andrew Morton commit a633a4b8001a7f2a12584f267a3280990d9ababa Author: Kuan-Ying Lee Date: Tue Jul 23 14:48:57 2024 +0800 scripts/gdb: fix timerlist parsing issue Patch series "Fix some GDB command error and add some GDB commands", v3. Fix some GDB command errors and add some useful GDB commands. This patch (of 5): Commit 7988e5ae2be7 ("tick: Split nohz and highres features from nohz_mode") and commit 7988e5ae2be7 ("tick: Split nohz and highres features from nohz_mode") move 'tick_stopped' and 'nohz_mode' to flags field which will break the gdb lx-mounts command: (gdb) lx-timerlist Python Exception : There is no member named nohz_mode. Error occurred in Python: There is no member named nohz_mode. (gdb) lx-timerlist Python Exception : There is no member named tick_stopped. Error occurred in Python: There is no member named tick_stopped. We move 'tick_stopped' and 'nohz_mode' to flags field instead. Link: https://lkml.kernel.org/r/20240723064902.124154-1-kuan-ying.lee@canonical.com Link: https://lkml.kernel.org/r/20240723064902.124154-2-kuan-ying.lee@canonical.com Fixes: a478ffb2ae23 ("tick: Move individual bit features to debuggable mask accesses") Fixes: 7988e5ae2be7 ("tick: Split nohz and highres features from nohz_mode") Signed-off-by: Kuan-Ying Lee Cc: Jan Kiszka Cc: Kieran Bingham Cc: Signed-off-by: Andrew Morton commit d1c7848b58c610bc83f4b05ff0b8244b59f56175 Author: Julian Sun Date: Tue Jul 23 05:11:54 2024 -0400 scripts: add macro_checker script to check unused parameters in macros Recently, I saw a patch[1] on the ext4 mailing list regarding the correction of a macro definition error. Jan mentioned that "The bug in the macro is a really nasty trap...". Because existing compilers are unable to detect unused parameters in macro definitions. This inspired me to write a script to check for unused parameters in macro definitions and to run it. Surprisingly, the script uncovered numerous issues across various subsystems, including filesystems, drivers, and sound etc. Some of these issues involved parameters that were accepted but never used, for example: #define XFS_DAENTER_DBS(mp,w) \ (XFS_DA_NODE_MAXDEPTH + (((w) == XFS_DATA_FORK) ? 2 : 0)) where mp was unused. While others are actual bugs. For example: #define HAL_SEQ_WCSS_UMAC_CE0_SRC_REG(x) \ (ab->hw_params.regs->hal_seq_wcss_umac_ce0_src_reg) #define HAL_SEQ_WCSS_UMAC_CE0_DST_REG(x) \ (ab->hw_params.regs->hal_seq_wcss_umac_ce0_dst_reg) #define HAL_SEQ_WCSS_UMAC_CE1_SRC_REG(x) \ (ab->hw_params.regs->hal_seq_wcss_umac_ce1_src_reg) #define HAL_SEQ_WCSS_UMAC_CE1_DST_REG(x) \ (ab->hw_params.regs->hal_seq_wcss_umac_ce1_dst_reg) where x was entirely unused, and instead, a local variable ab was used. I have submitted patches[2-5] to fix some of these issues, but due to the large number, many still remain unaddressed. I believe that the kernel and matainers would benefit from this script to check for unused parameters in macro definitions. It should be noted that it may cause some false positives in conditional compilation scenarios, such as #ifdef DEBUG static int debug(arg) {}; #else #define debug(arg) #endif So the caller needs to manually verify whether it is a true issue. But this should be fine, because Maintainers should only need to review their own subsystems, which typically results in only a few reports. [1]: https://patchwork.ozlabs.org/project/linux-ext4/patch/1717652596-58760-1-git-send-email-carrionbent@linux.alibaba.com/ [2]: https://lore.kernel.org/linux-xfs/20240721112701.212342-1-sunjunchao2870@gmail.com/ [3]: https://lore.kernel.org/linux-bcachefs/20240721123943.246705-1-sunjunchao2870@gmail.com/ [4]: https://sourceforge.net/p/linux-f2fs/mailman/message/58797811/ [5]: https://sourceforge.net/p/linux-f2fs/mailman/message/58797812/ [sunjunchao2870@gmail.com: reduce false positives] Link: https://lkml.kernel.org/r/20240726031310.254742-1-sunjunchao2870@gmail.com Link: https://lkml.kernel.org/r/20240723091154.52458-1-sunjunchao2870@gmail.com Signed-off-by: Julian Sun Cc: Al Viro Cc: Christian Brauner Cc: Darrick J. Wong Cc: Jan Kara Cc: Junchao Sun Cc: Kalle Valo Cc: Masahiro Yamada Cc: Miguel Ojeda Cc: Nicolas Schier Signed-off-by: Andrew Morton commit c6f371bab25edccd39caa5dd452b50d9dfdf4ff0 Author: Lasse Collin Date: Wed Jul 24 14:05:41 2024 +0300 xz: remove XZ_EXTERN and extern from functions XZ_EXTERN was used to make internal functions static in the preboot code. However, in other decompressors this hasn't been done. On x86-64, this makes no difference to the kernel image size. Omit XZ_EXTERN and let some of the internal functions be extern in the preboot code. Omitting XZ_EXTERN from include/linux/xz.h fixes warnings in "make htmldocs" and makes the intradocument links to xz_dec functions work in Documentation/staging/xz.rst. The alternative would have been to add "XZ_EXTERN" to c_id_attributes in Documentation/conf.py but omitting XZ_EXTERN seemed cleaner. Link: https://lore.kernel.org/lkml/20240723205437.3c0664b0@kaneli/ Link: https://lkml.kernel.org/r/20240724110544.16430-1-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Tested-by: Michael Ellerman (powerpc) Cc: Jonathan Corbet Cc: Sam James Cc: Albert Ou Cc: Catalin Marinas Cc: Emil Renner Berthing Cc: Greg Kroah-Hartman Cc: Herbert Xu Cc: Joel Stanley Cc: Jubin Zhong Cc: Jules Maselbas Cc: Krzysztof Kozlowski Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Randy Dunlap Cc: Rui Li Cc: Simon Glass Cc: Thomas Gleixner Cc: Will Deacon Signed-off-by: Andrew Morton commit ab4ce9831a8e3158ec70b3c8608b94101600d551 Author: Lasse Collin Date: Sun Jul 21 16:36:31 2024 +0300 riscv: boot: add Image.xz support The Image.* targets existed for other compressors already. Bootloader support is needed for decompression. This is for CONFIG_EFI_ZBOOT=n. With CONFIG_EFI_ZBOOT=y, XZ was already available. Comparision with Linux 6.10 RV64GC tinyconfig (in KiB): 1027 Image 594 Image.gz 541 Image.zst 510 Image.lzma 474 Image.xz Link: https://lkml.kernel.org/r/20240721133633.47721-17-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Reviewed-by: Emil Renner Berthing Cc: Paul Walmsley Cc: Palmer Dabbelt Cc: Albert Ou Cc: Jules Maselbas Cc: Catalin Marinas Cc: Greg Kroah-Hartman Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Randy Dunlap Cc: Rui Li Cc: Sam James Cc: Simon Glass Cc: Thomas Gleixner Cc: Will Deacon Signed-off-by: Andrew Morton commit 181e71f6626ce04122ed04fa5f4de6726c1ac848 Author: Lasse Collin Date: Sun Jul 21 16:36:30 2024 +0300 arm64: boot: add Image.xz support The Image.* targets existed for other compressors already. Bootloader support is needed for decompression. This is for CONFIG_EFI_ZBOOT=n. With CONFIG_EFI_ZBOOT=y, XZ was already available. Link: https://lkml.kernel.org/r/20240721133633.47721-16-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Cc: Simon Glass Cc: Catalin Marinas Cc: Will Deacon Cc: Jules Maselbas Cc: Albert Ou Cc: Emil Renner Berthing Cc: Greg Kroah-Hartman Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Randy Dunlap Cc: Rui Li Cc: Sam James Cc: Thomas Gleixner Signed-off-by: Andrew Morton commit 7472ff8adad8655f38b060a602f66e59c93c4793 Author: Lasse Collin Date: Sun Jul 21 16:36:29 2024 +0300 xz: adjust arch-specific options for better kernel compression Use LZMA2 options that match the arch-specific alignment of instructions. This change reduces compressed kernel size 0-2 % depending on the arch. On 1-byte-aligned x86 it makes no difference and on 4-byte-aligned archs it helps the most. Use the ARM-Thumb filter for ARM-Thumb2 kernels. This reduces compressed kernel size about 5 %.[1] Previously such kernels were compressed using the ARM filter which didn't do anything useful with ARM-Thumb2 code. Add BCJ filter support for ARM64 and RISC-V. Compared to unfiltered XZ or plain LZMA, the compressed kernel size is reduced about 5 % on ARM64 and 7 % on RISC-V. A new enough version of the xz tool is required: 5.4.0 for ARM64 and 5.6.0 for RISC-V. With an old xz version, a message is printed to standard error and the kernel is compressed without the filter. Update lib/decompress_unxz.c to match the changes to xz_wrap.sh. Update the CONFIG_KERNEL_XZ help text in init/Kconfig: - Add the RISC-V and ARM64 filters. - Clarify that the PowerPC filter is for big endian only. - Omit IA-64. Link: https://lore.kernel.org/lkml/1637379771-39449-1-git-send-email-zhongjubin@huawei.com/ [1] Link: https://lkml.kernel.org/r/20240721133633.47721-15-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Reviewed-by: Sam James Cc: Simon Glass Cc: Catalin Marinas Cc: Will Deacon Cc: Paul Walmsley Cc: Palmer Dabbelt Cc: Albert Ou Cc: Jubin Zhong Cc: Jules Maselbas Cc: Emil Renner Berthing Cc: Greg Kroah-Hartman Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Randy Dunlap Cc: Rui Li Cc: Thomas Gleixner Signed-off-by: Andrew Morton commit 8653c909922743bceb4800e5cc26087208c9e0e6 Author: Lasse Collin Date: Sun Jul 21 16:36:28 2024 +0300 xz: use 128 MiB dictionary and force single-threaded mode This only affects kernel image compression, not any other xz usage. Desktop kernels on x86-64 are already around 60 MiB. Using a dictionary larger than 32 MiB should have no downsides nowadays as anyone building the kernel should have plenty of RAM. 128 MiB dictionary needs 1346 MiB of RAM with xz versions 5.0.x - 5.6.x in single-threaded mode. On archs that use xz_wrap.sh, kernel decompression is done in single-call mode so a larger dictionary doesn't affect boot-time memory requirements. xz >= 5.6.0 uses multithreaded mode by default which compresses slightly worse than single-threaded mode. Kernel compression rarely used more than one thread anyway because with 32 MiB dictionary size the default block size was 96 MiB in multithreaded mode. So only a single thread was used anyway unless the kernel was over 96 MiB. Comparison to CONFIG_KERNEL_LZMA: It uses "lzma -9" which mapped to 32 MiB dictionary in LZMA Utils 4.32.7 (the final release in 2008). Nowadays the lzma tool on most systems is from XZ Utils where -9 maps to 64 MiB dictionary. So using a 32 MiB dictionary with CONFIG_KERNEL_XZ may have compressed big kernels slightly worse than the old LZMA option. Comparison to CONFIG_KERNEL_ZSTD: zstd uses 128 MiB dictionary. Link: https://lkml.kernel.org/r/20240721133633.47721-14-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Reviewed-by: Sam James Cc: Albert Ou Cc: Catalin Marinas Cc: Emil Renner Berthing Cc: Greg Kroah-Hartman Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Jules Maselbas Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Randy Dunlap Cc: Rui Li Cc: Simon Glass Cc: Thomas Gleixner Cc: Will Deacon Signed-off-by: Andrew Morton commit 93d09773d1a5339160e23906c68c42644e13e3d8 Author: Lasse Collin Date: Sun Jul 21 16:36:27 2024 +0300 xz: add RISC-V BCJ filter A later commit updates lib/decompress_unxz.c to enable this filter for kernel decompression. lib/decompress_unxz.c is already used if CONFIG_EFI_ZBOOT=y && CONFIG_KERNEL_XZ=y. This filter can be used by Squashfs without modifications to the Squashfs kernel code (only needs support in userspace Squashfs-tools). Link: https://lkml.kernel.org/r/20240721133633.47721-13-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Reviewed-by: Sam James Cc: Albert Ou Cc: Catalin Marinas Cc: Emil Renner Berthing Cc: Greg Kroah-Hartman Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Jules Maselbas Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Randy Dunlap Cc: Rui Li Cc: Simon Glass Cc: Thomas Gleixner Cc: Will Deacon Signed-off-by: Andrew Morton commit 4b62813f5e7d44a33ebd74f03da041712c702bf0 Author: Lasse Collin Date: Sun Jul 21 16:36:26 2024 +0300 xz: Add ARM64 BCJ filter Also omit a duplicated check for XZ_DEC_ARM in xz_private.h. A later commit updates lib/decompress_unxz.c to enable this filter for kernel decompression. lib/decompress_unxz.c is already used if CONFIG_EFI_ZBOOT=y && CONFIG_KERNEL_XZ=y. This filter can be used by Squashfs without modifications to the Squashfs kernel code (only needs support in userspace Squashfs-tools). Link: https://lkml.kernel.org/r/20240721133633.47721-12-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Reviewed-by: Sam James Cc: Albert Ou Cc: Catalin Marinas Cc: Emil Renner Berthing Cc: Greg Kroah-Hartman Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Jules Maselbas Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Randy Dunlap Cc: Rui Li Cc: Simon Glass Cc: Thomas Gleixner Cc: Will Deacon Signed-off-by: Andrew Morton commit bdfc0411717d52b9d2f00e48c452a61389814693 Author: Lasse Collin Date: Sun Jul 21 16:36:25 2024 +0300 xz: optimize for-loop conditions in the BCJ decoders Compilers cannot optimize the addition "i + 4" away since theoretically it could overflow. Link: https://lkml.kernel.org/r/20240721133633.47721-11-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Reviewed-by: Sam James Cc: Albert Ou Cc: Catalin Marinas Cc: Emil Renner Berthing Cc: Greg Kroah-Hartman Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Jules Maselbas Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Randy Dunlap Cc: Rui Li Cc: Simon Glass Cc: Thomas Gleixner Cc: Will Deacon Signed-off-by: Andrew Morton commit 2ee96abef214550d9e92f5143ee3ac1fd1323e67 Author: Lasse Collin Date: Sun Jul 21 16:36:24 2024 +0300 xz: cleanup CRC32 edits from 2018 In 2018, a dependency on was added to avoid duplicating the same constant in multiple files. Two months later it was found to be a bad idea and the definition of CRC32_POLY_LE macro was moved into xz_private.h to avoid including . xz_private.h is a wrong place for it too. Revert back to the upstream version which has the poly in xz_crc32_init() in xz_crc32.c. Link: https://lkml.kernel.org/r/20240721133633.47721-10-lasse.collin@tukaani.org Fixes: faa16bc404d7 ("lib: Use existing define with polynomial") Fixes: 242cdad873a7 ("lib/xz: Put CRC32_POLY_LE in xz_private.h") Signed-off-by: Lasse Collin Reviewed-by: Sam James Tested-by: Michael Ellerman (powerpc) Cc: Krzysztof Kozlowski Cc: Herbert Xu Cc: Joel Stanley Cc: Albert Ou Cc: Catalin Marinas Cc: Emil Renner Berthing Cc: Greg Kroah-Hartman Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Jules Maselbas Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Randy Dunlap Cc: Rui Li Cc: Simon Glass Cc: Thomas Gleixner Cc: Will Deacon Signed-off-by: Andrew Morton commit 64167246791eb38af4cbe8bc93fc2701c71fd17e Author: Lasse Collin Date: Sun Jul 21 16:36:22 2024 +0300 xz: Documentation/staging/xz.rst: Revise thoroughly Add SPDX license identifier. Omit xz_dec_test info. That isn't relevant to developers of non-XZ code. Revise the docs about xzkern and add xzkern_with_size. The latter was added to scripts/Makefile.lib in the commit 7ce7e984ab2b ("kbuild: rename cmd_{bzip2,lzma,lzo,lz4,xzkern,zstd22}"). Omit contact info as MAINTAINERS has it. Omit other info that is outdated or not relevant in the kernel context. Include the xz_dec kernel-doc from include/linux/xz.h. Link: https://lkml.kernel.org/r/20240721133633.47721-8-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Reviewed-by: Sam James Reviewed-by: Randy Dunlap Tested-by: Randy Dunlap Cc: Rui Li Cc: Albert Ou Cc: Catalin Marinas Cc: Emil Renner Berthing Cc: Greg Kroah-Hartman Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Jules Maselbas Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Simon Glass Cc: Thomas Gleixner Cc: Will Deacon Signed-off-by: Andrew Morton commit 0f2c5996340b69d167d3f6ca38d3012204787ac1 Author: Lasse Collin Date: Sun Jul 21 16:36:21 2024 +0300 xz: improve the MicroLZMA kernel-doc in xz.h Move the description of the format into a "DOC:" comment. Emphasize that MicroLZMA functions aren't usually needed. Link: https://lkml.kernel.org/r/20240721133633.47721-7-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Reviewed-by: Sam James Cc: Albert Ou Cc: Catalin Marinas Cc: Emil Renner Berthing Cc: Greg Kroah-Hartman Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Jules Maselbas Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Randy Dunlap Cc: Rui Li Cc: Simon Glass Cc: Thomas Gleixner Cc: Will Deacon Signed-off-by: Andrew Morton commit ad8c67b870d108aa1286f4fc76d0c29a736fd75e Author: Lasse Collin Date: Sun Jul 21 16:36:20 2024 +0300 xz: fix kernel-doc formatting errors in xz.h The opaque structs xz_dec and xz_dec_microlzma are declared in xz.h but their definitions are in xz_dec_lzma2.c without kernel-doc comments. Use regular comments for these structs in xz.h to avoid errors when building the docs. Add a few missing colons. Link: https://lkml.kernel.org/r/20240721133633.47721-6-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Reviewed-by: Sam James Cc: Albert Ou Cc: Catalin Marinas Cc: Emil Renner Berthing Cc: Greg Kroah-Hartman Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Jules Maselbas Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Randy Dunlap Cc: Rui Li Cc: Simon Glass Cc: Thomas Gleixner Cc: Will Deacon Signed-off-by: Andrew Morton commit ff221153aafa08159f3dcc187c6f3a7a837e1c3d Author: Lasse Collin Date: Sun Jul 21 16:36:19 2024 +0300 xz: fix comments and coding style - Fix comments that were no longer in sync with the code below them. - Fix language errors. - Fix coding style. Link: https://lkml.kernel.org/r/20240721133633.47721-5-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Reviewed-by: Sam James Cc: Albert Ou Cc: Catalin Marinas Cc: Emil Renner Berthing Cc: Greg Kroah-Hartman Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Jules Maselbas Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Randy Dunlap Cc: Rui Li Cc: Simon Glass Cc: Thomas Gleixner Cc: Will Deacon Signed-off-by: Andrew Morton commit 836d13a6ef8a2eb0eab2bd2de06f2deabc62b060 Author: Lasse Collin Date: Sun Jul 21 16:36:18 2024 +0300 xz: switch from public domain to BSD Zero Clause License (0BSD) Remove the public domain notices and add SPDX license identifiers. Change MODULE_LICENSE from "GPL" to "Dual BSD/GPL" because 0BSD should count as a BSD license variant here. The switch to 0BSD was done in the upstream XZ Embedded project because public domain has (real or perceived) legal issues in some jurisdictions. Link: https://lkml.kernel.org/r/20240721133633.47721-4-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Reviewed-by: Sam James Cc: Thomas Gleixner Cc: Greg Kroah-Hartman Cc: Albert Ou Cc: Catalin Marinas Cc: Emil Renner Berthing Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Jules Maselbas Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Randy Dunlap Cc: Rui Li Cc: Simon Glass Cc: Will Deacon Signed-off-by: Andrew Morton commit c1ccbbaa76c989aeaecaefee1a3d890cc674b005 Author: Lasse Collin Date: Sun Jul 21 16:36:17 2024 +0300 LICENSES: add 0BSD license text The license text was copied from: https://spdx.org/licenses/0BSD.html Link: https://lkml.kernel.org/r/20240721133633.47721-3-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Reviewed-by: Sam James Cc: Thomas Gleixner Cc: Greg Kroah-Hartman Cc: Albert Ou Cc: Catalin Marinas Cc: Emil Renner Berthing Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Jules Maselbas Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Randy Dunlap Cc: Rui Li Cc: Simon Glass Cc: Will Deacon Signed-off-by: Andrew Morton commit 22be8e6b1385d52e68b38599eadfa5d87966ab23 Author: Lasse Collin Date: Sun Jul 21 16:36:16 2024 +0300 MAINTAINERS: add XZ Embedded maintainer Patch series "xz: Updates to license, filters, and compression options", v2. XZ Embedded, the upstream project, switched from public domain to the BSD Zero Clause License (0BSD). Now matching SPDX license identifiers can be added. Documentation was revised. Fix syntax errors in kernel-doc comments in . The xz_dec API docs from are now included in Documentation/staging/xz.rst. The new ARM64 and RISC-V filters can be used for kernel decompression if CONFIG_EFI_ZBOOT=y. The filters can be used by Squashfs too. (Userspace Squashfs-tools already had the ARM64 filter support committed but it was reverted due to backdoor fears. I try to get ARM64 and RISC-V filter support added to Squashfs-tools somewhat soon.) Account for the default threading change made in the xz command line tool version 5.6.0. Tweak kernel compression options for archs that support XZ compressed kernel. This patch (of 16): I have been the maintainer of the upstream project since I submitted the code to Linux in 2010 but I forgot to add myself to MAINTAINERS. Link: https://lkml.kernel.org/r/20240721133633.47721-1-lasse.collin@tukaani.org Link: https://lkml.kernel.org/r/20240721133633.47721-2-lasse.collin@tukaani.org Signed-off-by: Lasse Collin Reviewed-by: Sam James Cc: Albert Ou Cc: Catalin Marinas Cc: Emil Renner Berthing Cc: Greg Kroah-Hartman Cc: Herbert Xu Cc: Joel Stanley Cc: Jonathan Corbet Cc: Jubin Zhong Cc: Jules Maselbas Cc: Krzysztof Kozlowski Cc: Michael Ellerman Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Randy Dunlap Cc: Rui Li Cc: Simon Glass Cc: Thomas Gleixner Cc: Will Deacon Signed-off-by: Andrew Morton commit dfe6c5692fb525e5e90cefe306ee0dffae13d35f Author: Heming Zhao Date: Fri Jul 19 19:43:10 2024 +0800 ocfs2: fix the la space leak when unmounting an ocfs2 volume This bug has existed since the initial OCFS2 code. The code logic in ocfs2_sync_local_to_main() is wrong, as it ignores the last contiguous free bits, which causes an OCFS2 volume to lose the last free clusters of LA window on each umount command. Link: https://lkml.kernel.org/r/20240719114310.14245-1-heming.zhao@suse.com Signed-off-by: Heming Zhao Reviewed-by: Su Yue Reviewed-by: Joseph Qi Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Cc: Changwei Ge Cc: Gang He Cc: Jun Piao Cc: Heming Zhao Cc: Signed-off-by: Andrew Morton commit acf02be3c72f12c31f916d3465c4c716b4729538 Author: Uros Bizjak Date: Fri Jul 19 12:38:52 2024 +0200 kexec: use atomic_try_cmpxchg_acquire() in kexec_trylock() Use atomic_try_cmpxchg_acquire(*ptr, &old, new) instead of atomic_cmpxchg_acquire(*ptr, old, new) == old in kexec_trylock(). x86 CMPXCHG instruction returns success in ZF flag, so this change saves a compare after cmpxchg. Link: https://lkml.kernel.org/r/20240719103937.53742-1-ubizjak@gmail.com Signed-off-by: Uros Bizjak Acked-by: Baoquan He Cc: Eric Biederman Signed-off-by: Andrew Morton commit e24f4de8a72b50b67ea116b38152bb98360f81b3 Author: Andrey Konovalov Date: Tue Jul 23 00:37:26 2024 +0200 kcov: don't instrument lib/find_bit.c This file produces large amounts of flaky coverage not useful for the KCOV's intended use case (guiding the fuzzing process). Link: https://lkml.kernel.org/r/20240722223726.194658-1-andrey.konovalov@linux.dev Signed-off-by: Andrey Konovalov Reviewed-by: Dmitry Vyukov Cc: Aleksandr Nogikh Cc: Alexander Potapenko Cc: Marco Elver Cc: Rasmus Villemoes Cc: Yury Norov Signed-off-by: Andrew Morton commit 053a5e4cbba88625ac6b53dea6371006237c34ba Author: Jeff Johnson Date: Mon Jul 15 07:18:56 2024 -0700 lib: test_objpool: add missing MODULE_DESCRIPTION() macro make allmodconfig && make W=1 C=1 reports: WARNING: modpost: missing MODULE_DESCRIPTION() in lib/test_objpool.o Add the missing invocation of the MODULE_DESCRIPTION() macro. Link: https://lkml.kernel.org/r/20240715-md-lib-test_objpool-v2-1-5a2b9369c37e@quicinc.com Signed-off-by: Jeff Johnson Reviewed-by: Matt Wu Cc: Masami Hiramatsu Signed-off-by: Andrew Morton commit 1635e62e75a7bbb1c6274f6b43911cedfe0da60a Author: Nicolas Pitre Date: Sun Jul 7 15:05:20 2024 -0400 mul_u64_u64_div_u64: basic sanity test Verify that edge cases produce proper results, and some more. [npitre@baylibre.com: avoid undefined shift value] Link: https://lkml.kernel.org/r/7rrs9pn1-n266-3013-9q6n-1osp8r8s0rrn@syhkavp.arg Link: https://lkml.kernel.org/r/20240707190648.1982714-3-nico@fluxnic.net Signed-off-by: Nicolas Pitre Reviewed-by: Uwe Kleine-König Cc: Biju Das Signed-off-by: Andrew Morton commit b29a62d87cc0af3e9d134e9e0863b2cb053070b8 Author: Nicolas Pitre Date: Sun Jul 7 15:05:19 2024 -0400 mul_u64_u64_div_u64: make it precise always Patch series "mul_u64_u64_div_u64: new implementation", v3. This provides an implementation for mul_u64_u64_div_u64() that always produces exact results. This patch (of 2): Library facilities must always return exact results. If the caller may be contented with approximations then it should do the approximation on its own. In this particular case the comment in the code says "the algorithm ... below might lose some precision". Well, if you try it with e.g.: a = 18446462598732840960 b = 18446462598732840960 c = 18446462598732840961 then the produced answer is 0 whereas the exact answer should be 18446462598732840959. This is _some_ precision lost indeed! Let's reimplement this function so it always produces the exact result regardless of its inputs while preserving existing fast paths when possible. Uwe said: : My personal interest is to get the calculations in pwm drivers right. : This function is used in several drivers below drivers/pwm/ . With the : errors in mul_u64_u64_div_u64(), pwm consumers might not get the : settings they request. Although I have to admit that I'm not aware it : breaks real use cases (because typically the periods used are too short : to make the involved multiplications overflow), but I pretty sure am : not aware of all usages and it breaks testing. : : Another justification is commits like : https://git.kernel.org/tip/77baa5bafcbe1b2a15ef9c37232c21279c95481c, : where people start to work around the precision shortcomings of : mul_u64_u64_div_u64(). Link: https://lkml.kernel.org/r/20240707190648.1982714-1-nico@fluxnic.net Link: https://lkml.kernel.org/r/20240707190648.1982714-2-nico@fluxnic.net Signed-off-by: Nicolas Pitre Tested-by: Uwe Kleine-König Reviewed-by: Uwe Kleine-König Tested-by: Biju Das Signed-off-by: Andrew Morton commit 340afb8027fab59e88a9993d9418a1ef81d3dc08 Author: Shakeel Butt Date: Wed Aug 14 15:00:21 2024 -0700 memcg: initiate deprecation of pressure_level The pressure_level in memcg v1 provides memory pressure notifications to the user space. At the moment it provides notifications for three levels of memory pressure i.e. low, medium and critical, which are defined based on internal memory reclaim implementation details. More specifically the ratio of scanned and reclaimed pages during a memory reclaim. However this is not robust as there are workloads with mostly unreclaimable user memory or kernel memory. For v2, the users can use PSI for memory pressure status of the system or the cgroup. Let's start the deprecation process for pressure_level and add warnings to gather the info on how the current users are using this interface and how they can be used to PSI. Link: https://lkml.kernel.org/r/20240814220021.3208384-5-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Reviewed-by: T.J. Mercier Acked-by: Michal Hocko Acked-by: Roman Gushchin Cc: Johannes Weiner Cc: Muchun Song Signed-off-by: Andrew Morton commit 6df4ad704707801f9e451f2adbac6bcc060ff728 Author: Shakeel Butt Date: Wed Aug 14 15:00:20 2024 -0700 memcg: initiate deprecation of oom_control The oom_control provides functionality to disable memcg oom-killer, notifications on oom-kill and reading the stats regarding oom-kills. This interface was mainly introduced to provide functionality for userspace oom-killers. However it is not robust enough and only supports OOM handling in the page fault path. For v2, the users can use the combination of memory.events notifications, memory.high and PSI to provide userspace OOM-killing functionality. Actually LMKD in Android and OOMd in systemd and Meta infrastructure already use PSI in combination with other stats to implement userspace OOM-killing. Let's start the deprecation process for v1 and gather the info on how the current users are using this interface and work on providing a more robust functionality in v2. Link: https://lkml.kernel.org/r/20240814220021.3208384-4-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Reviewed-by: T.J. Mercier Acked-by: Michal Hocko Acked-by: Roman Gushchin Cc: Johannes Weiner Cc: Muchun Song Signed-off-by: Andrew Morton commit 569c4f62d84af874deaa2a31ad200f695d6d67dd Author: Shakeel Butt Date: Wed Aug 14 15:00:19 2024 -0700 memcg: initiate deprecation of v1 soft limit Memcg v1 provides soft limit functionality for the best effort memory sharing between multiple workloads on a system. It is usually triggered through kswapd and at the moment does not reclaim kernel memory. Memcg v2 provides more straightforward best effort (memory.low) and hard protection (memory.min) functionalities. Let's initiate the deprecation of soft limit from v1 and gather if v2 needs something more to move the existing v1 users to v2 regarding soft limit. Link: https://lkml.kernel.org/r/20240814220021.3208384-3-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Reviewed-by: T.J. Mercier Acked-by: Michal Hocko Acked-by: Roman Gushchin Cc: Johannes Weiner Cc: Muchun Song Signed-off-by: Andrew Morton commit d046ff46ee3b920ac617564226d2a0494d9af772 Author: Shakeel Butt Date: Wed Aug 14 15:00:18 2024 -0700 memcg: initiate deprecation of v1 tcp accounting Patch series "memcg: initiate deprecation of v1 features", v2. Start the deprecation process of the memcg v1 features which we discussed during LSFMMBPF 2024 [1]. For now add the warnings to collect the information on how the current users are using these features. Next we will work on providing better alternatives in v2 (if needed) and fully deprecate these features. Link: https://lwn.net/Articles/974575 [1] This patch (of 4): Memcg v1 provides opt-in TCP memory accounting feature. However it is mostly unused due to its performance impact on the network traffic. In v2, the TCP memory is accounted in the regular memory usage and is transparent to the users but they can observe the TCP memory usage through memcg stats. Let's initiate the deprecation process of memcg v1's tcp accounting functionality and add warnings to gather if there are any users and if there are, collect how they are using it and plan to provide them better alternative in v2. Link: https://lkml.kernel.org/r/20240814220021.3208384-1-shakeel.butt@linux.dev Link: https://lkml.kernel.org/r/20240814220021.3208384-2-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Reviewed-by: T.J. Mercier Acked-by: Michal Hocko Acked-by: Roman Gushchin Cc: Johannes Weiner Cc: Muchun Song Signed-off-by: Andrew Morton commit 98455eef806448b2144fd47655e09abc9f6530c8 Author: Shakeel Butt Date: Wed Aug 14 22:04:53 2024 -0700 memcg: make PGPGIN and PGPGOUT v1 only Currently PGPGIN and PGPGOUT are used and exposed in the memcg v1 only code. So, let's put them under CONFIG_MEMCG_V1. Link: https://lkml.kernel.org/r/20240815050453.1298138-8-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Cc: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Cc: Roman Gushchin Cc: T.J. Mercier Signed-off-by: Andrew Morton commit 0ccaf421d6592bb99bb9b424e4ccca3c6367d799 Author: Shakeel Butt Date: Wed Aug 14 22:04:52 2024 -0700 memcg: allocate v1 event percpu only on v1 deployment Currently memcg->events_percpu gets allocated on v2 deployments. Let's move the allocation to v1 only codebase. This is not needed in v2. Link: https://lkml.kernel.org/r/20240815050453.1298138-7-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Cc: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Cc: Roman Gushchin Cc: T.J. Mercier Signed-off-by: Andrew Morton commit a5ebe6bbe52de8d96e628c5696bb9e6dff136ca0 Author: Shakeel Butt Date: Wed Aug 14 22:04:51 2024 -0700 memcg: make v1 only functions static The functions memcg1_charge_statistics() and memcg1_check_events() are never used outside of v1 source file. So, make them static. Link: https://lkml.kernel.org/r/20240815050453.1298138-6-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Cc: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Cc: Roman Gushchin Cc: T.J. Mercier Signed-off-by: Andrew Morton commit f7d49ba03ae7555e6337b9d39eb080b4a064eab8 Author: Shakeel Butt Date: Wed Aug 14 22:04:50 2024 -0700 memcg: move v1 events and statistics code to v1 file Currently the common code path for charge commit, swapout and batched uncharge are executing v1 only code which is completely useless for the v2 deployments where CONFIG_MEMCG_V1 is disabled. In addition, it is mucking with IRQs which might be slow on some architectures. Let's move all of this code to v1 only code and remove them from v2 only deployments. Link: https://lkml.kernel.org/r/20240815050453.1298138-5-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Cc: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Cc: Roman Gushchin Cc: T.J. Mercier Signed-off-by: Andrew Morton commit 7d7602b4bed9b4e70c3c0650791b6b4531733a42 Author: Shakeel Butt Date: Wed Aug 14 22:04:49 2024 -0700 memcg: move mem_cgroup_charge_statistics to v1 code There are no callers of mem_cgroup_charge_statistics() in the v2 code base, so move it to the v1 only code and rename it to memcg1_charge_statistics(). Link: https://lkml.kernel.org/r/20240815050453.1298138-4-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Cc: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Cc: Roman Gushchin Cc: T.J. Mercier Signed-off-by: Andrew Morton commit 41213dd0f81654f0a7863bb5b07a2ebaaf732ebe Author: Shakeel Butt Date: Wed Aug 14 22:04:48 2024 -0700 memcg: move mem_cgroup_event_ratelimit to v1 code There are no callers of mem_cgroup_event_ratelimit() in the v2 code. Move it to v1 only code and rename it to memcg1_event_ratelimit(). Link: https://lkml.kernel.org/r/20240815050453.1298138-3-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Cc: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Cc: Roman Gushchin Cc: T.J. Mercier Signed-off-by: Andrew Morton commit 5d383b69a04e2eb2e0ae06e91821fd82cb9acf73 Author: Shakeel Butt Date: Wed Aug 14 22:04:47 2024 -0700 memcg: move v1 only percpu stats in separate struct Patch series "memcg: further decouple v1 code from v2". Some of the v1 code is still in v2 code base due to v1 fields in the struct memcg_vmstats_percpu. This field decouples those fileds from v2 struct and move all the related code into v1 only code base. This patch (of 7): At the moment struct memcg_vmstats_percpu contains two v1 only fields which consumes memory even when CONFIG_MEMCG_V1 is not enabled. In addition there are v1 only functions accessing them and are in the main memcontrol source file and can not be moved to v1 only source file due to these fields. Let's move these fields into their own struct. Later patches will move the functions accessing them to v1 source file and only allocate these fields when CONFIG_MEMCG_V1 is enabled. Link: https://lkml.kernel.org/r/20240815050453.1298138-1-shakeel.butt@linux.dev Link: https://lkml.kernel.org/r/20240815050453.1298138-2-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Acked-by: Roman Gushchin Cc: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Cc: T.J. Mercier Signed-off-by: Andrew Morton commit dd4d30d1cdbe826e6569b44453c2d9bb9424d234 Author: Ryan Roberts Date: Wed Aug 14 14:02:47 2024 +1200 mm: override mTHP "enabled" defaults at kernel cmdline Add thp_anon= cmdline parameter to allow specifying the default enablement of each supported anon THP size. The parameter accepts the following format and can be provided multiple times to configure each size: thp_anon=,[KMG]:;-[KMG]: An example: thp_anon=16K-64K:always;128K,512K:inherit;256K:madvise;1M-2M:never See Documentation/admin-guide/mm/transhuge.rst for more details. Configuring the defaults at boot time is useful to allow early user space to take advantage of mTHP before its been configured through sysfs. [v-songbaohua@oppo.com: use get_oder() and check size is is_power_of_2] Link: https://lkml.kernel.org/r/20240814224635.43272-1-21cnbao@gmail.com [ryan.roberts@arm.com: some minor cleanup according to David's comments] Link: https://lkml.kernel.org/r/20240820105244.62703-1-21cnbao@gmail.com Link: https://lkml.kernel.org/r/20240814020247.67297-1-21cnbao@gmail.com Signed-off-by: Ryan Roberts Co-developed-by: Barry Song Signed-off-by: Barry Song Reviewed-by: Baolin Wang Tested-by: Baolin Wang Acked-by: David Hildenbrand Cc: Jonathan Corbet Cc: Lance Yang Signed-off-by: Andrew Morton commit ed4dfd9aa1b1eb18f5bd3a07e7002da41ce20817 Author: Sidhartha Kumar Date: Wed Aug 14 12:19:44 2024 -0400 maple_tree: make write helper functions void The return value of various write helper functions are not checked. We can safely change the return type of these functions to be void. Link: https://lkml.kernel.org/r/20240814161944.55347-18-sidhartha.kumar@oracle.com Signed-off-by: Sidhartha Kumar Cc: Liam R. Howlett Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit c27e6183c654c729bfb7248a9fa938ce74def4be Author: Sidhartha Kumar Date: Wed Aug 14 12:19:43 2024 -0400 maple_tree: remove unneeded mas_wr_walk() in mas_store_prealloc() Users of mas_store_prealloc() enter this function with nodes already preallocated. This means the store type must be already set. We can then remove the call to mas_wr_store_type() and initialize the write state to continue the partial walk that was done when determining the store type. Link: https://lkml.kernel.org/r/20240814161944.55347-17-sidhartha.kumar@oracle.com Reviewed-by: Liam R. Howlett Signed-off-by: Sidhartha Kumar Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit add60ea5f6d84aa73171d4a52b02f565b0b80a90 Author: Sidhartha Kumar Date: Wed Aug 14 12:19:42 2024 -0400 maple_tree: remove repeated sanity checks from write helper functions These sanity checks are now redundant as they are already checked in mas_wr_store_type(). We can remove them from mas_wr_append() and mas_wr_node_store(). Link: https://lkml.kernel.org/r/20240814161944.55347-16-sidhartha.kumar@oracle.com Signed-off-by: Sidhartha Kumar Cc: Liam R. Howlett Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 9155e8433498cc8be2fdfaf81a31393d3e40781c Author: Sidhartha Kumar Date: Wed Aug 14 12:19:41 2024 -0400 maple_tree: remove node allocations from various write helper functions These write helper functions are all called from store paths which preallocate enough nodes that will be needed for the write. There is no more need to allocate within the functions themselves. Link: https://lkml.kernel.org/r/20240814161944.55347-15-sidhartha.kumar@oracle.com Reviewed-by: Liam R. Howlett Signed-off-by: Sidhartha Kumar Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 4037d44f548fe1f9ca4ad002c39a0eb84d79de60 Author: Sidhartha Kumar Date: Wed Aug 14 12:19:40 2024 -0400 maple_tree: have mas_store() allocate nodes if needed Not all users of mas_store() enter with nodes already preallocated. Check for the MA_STATE_PREALLOC flag to decide whether to preallocate nodes within mas_store() rather than relying on future write helper functions to perform the allocations. This allows the write helper functions to be simplified as they do not have to do checks to make sure there are enough allocated nodes to perform the write. Link: https://lkml.kernel.org/r/20240814161944.55347-14-sidhartha.kumar@oracle.com Reviewed-by: Liam R. Howlett Signed-off-by: Sidhartha Kumar Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 7987d027799cf3a300ace1a22c5e61da878b759a Author: Sidhartha Kumar Date: Wed Aug 14 12:19:39 2024 -0400 maple_tree: remove mas_wr_modify() There are no more users of the function, safely remove it. Link: https://lkml.kernel.org/r/20240814161944.55347-13-sidhartha.kumar@oracle.com Reviewed-by: Liam R. Howlett Signed-off-by: Sidhartha Kumar Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 62c7b2b9842c541a09e1cf824ed738ee30069e6f Author: Sidhartha Kumar Date: Wed Aug 14 12:19:38 2024 -0400 maple_tree: simplify mas_commit_b_node() The only callers of mas_commit_b_node() are those with store type of wr_rebalance and wr_split_store. Use mas->store_type to dispatch to the correct helper function. This allows the removal of mas_reuse_node() as it is no longer used. Link: https://lkml.kernel.org/r/20240814161944.55347-12-sidhartha.kumar@oracle.com Signed-off-by: Sidhartha Kumar Cc: Liam R. Howlett Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 1fd7c4f3228e9775c97b25a6e5e2420df8cf0e76 Author: Sidhartha Kumar Date: Wed Aug 14 12:19:37 2024 -0400 maple_tree: convert mas_insert() to preallocate nodes By setting the store type in mas_insert(), we no longer need to use mas_wr_modify() to determine the correct store function to use. Instead, set the store type and call mas_wr_store_entry(). Also, pass in the requested gfp flags to mas_insert() so they can be passed to the call to mas_wr_preallocate(). Link: https://lkml.kernel.org/r/20240814161944.55347-11-sidhartha.kumar@oracle.com Reviewed-by: Liam R. Howlett Signed-off-by: Sidhartha Kumar Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 580fcbd67ce2cdf9d70c7a8eda0789b9eba1c3af Author: Sidhartha Kumar Date: Wed Aug 14 12:19:36 2024 -0400 maple_tree: use store type in mas_wr_store_entry() When storing an entry, we can read the store type that was set from a previous partial walk of the tree. Now that the type of store is known, select the correct write helper function to use to complete the store. Also noinline mas_wr_spanning_store() to limit stack frame usage in mas_wr_store_entry() as it allocates a maple_big_node on the stack. Link: https://lkml.kernel.org/r/20240814161944.55347-10-sidhartha.kumar@oracle.com Reviewed-by: Liam R. Howlett Signed-off-by: Sidhartha Kumar Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 23e217a848b3b9e1b0cb8c41d731d7968bcc77a5 Author: Sidhartha Kumar Date: Wed Aug 14 12:19:35 2024 -0400 maple_tree: print store type in mas_dump() Knowing the store type of the maple state could be helpful for debugging. Have mas_dump() print mas->store_type. Link: https://lkml.kernel.org/r/20240814161944.55347-9-sidhartha.kumar@oracle.com Signed-off-by: Sidhartha Kumar Reviewed-by: Liam R. Howlett Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 85db8f241707778b9755618f350915616d1d861c Author: Sidhartha Kumar Date: Wed Aug 14 12:19:34 2024 -0400 maple_tree: use mas_store_gfp() in mtree_store_range() Refactor mtree_store_range() to use mas_store_gfp() which will abstract the store, memory allocation, and error handling. Link: https://lkml.kernel.org/r/20240814161944.55347-8-sidhartha.kumar@oracle.com Signed-off-by: Sidhartha Kumar Reviewed-by: Liam R. Howlett Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 7e093834ed8c71361bae556f2c1efc2bf2e33971 Author: Sidhartha Kumar Date: Wed Aug 14 12:19:33 2024 -0400 maple_tree: preallocate nodes in mas_erase() Use mas_wr_preallocate() in mas_erase() to preallocate enough nodes to complete the erase. Add error handling by skipping the store if the preallocation lead to some error besides no memory. Link: https://lkml.kernel.org/r/20240814161944.55347-7-sidhartha.kumar@oracle.com Signed-off-by: Sidhartha Kumar Cc: Liam R. Howlett Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 3cd9e92e009de9a036cbf9ec27bad33367fca6f3 Author: Sidhartha Kumar Date: Wed Aug 14 12:19:32 2024 -0400 maple_tree: remove mas_destroy() from mas_nomem() Separate call to mas_destroy() from mas_nomem() so we can check for no memory errors without destroying the current maple state in mas_store_gfp(). We then add calls to mas_destroy() to callers of mas_nomem(). Link: https://lkml.kernel.org/r/20240814161944.55347-6-sidhartha.kumar@oracle.com Signed-off-by: Sidhartha Kumar Reviewed-by: Liam R. Howlett Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 5d659bbb52a24f91cc6c0cf546ffcc0faa7e8f1a Author: Sidhartha Kumar Date: Wed Aug 14 12:19:31 2024 -0400 maple_tree: introduce mas_wr_store_type() Introduce mas_wr_store_type() which will set the correct store type based on a walk of the tree. In mas_wr_node_store() the <= min_slots condition is changed to < as if new_end is = to mt_min_slots then there is not enough room. mas_prealloc_calc() is also introduced to abstract the calculation used to determine the number of nodes needed for a store operation. In this change a call to mas_reset() is removed in the error case of mas_prealloc(). This is only needed in the MA_STATE_REBALANCE case of mas_destroy(). We can move the call to mas_reset() directly to mas_destroy(). Also, add a test case to validate the order that we check the store type in is correct. This test models a vma expanding and then shrinking which is part of the boot process. Link: https://lkml.kernel.org/r/20240814161944.55347-5-sidhartha.kumar@oracle.com Signed-off-by: Sidhartha Kumar Cc: Liam R. Howlett Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 3cc6f42a53f79f8da52b252859145b6bf8dfe12e Author: Sidhartha Kumar Date: Wed Aug 14 12:19:30 2024 -0400 maple_tree: move up mas_wr_store_setup() and mas_wr_prealloc_setup() Subsequent patches require these definitions to be higher, no functional changes intended. Link: https://lkml.kernel.org/r/20240814161944.55347-4-sidhartha.kumar@oracle.com Signed-off-by: Sidhartha Kumar Reviewed-by: Liam R. Howlett Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 19138a2cc1ad82b74fb720411a2054db0522be2d Author: Sidhartha Kumar Date: Wed Aug 14 12:19:29 2024 -0400 maple_tree: introduce mas_wr_prealloc_setup() Introduce a helper function, mas_wr_prealoc_setup(), that will set up a maple write state in order to start a walk of a maple tree. Link: https://lkml.kernel.org/r/20240814161944.55347-3-sidhartha.kumar@oracle.com Signed-off-by: Sidhartha Kumar Cc: Liam R. Howlett Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit bd164d81a767f33c30d5c5b50b775631699ee976 Author: Sidhartha Kumar Date: Wed Aug 14 12:19:28 2024 -0400 maple_tree: introduce store_type enum Patch series "Introduce a store type enum for the Maple tree", v4. ================================ OVERVIEW ================================ This series implements two work items[3]: "aligning mas_store_gfp() with mas_preallocate()" and "enum for store type". mas_store_gfp() is modified to preallocate nodes. This simplies many of the write helper functions by allowing them to use mas_store_gfp() rather than open coding node allocation and error handling. The enum defines the following store types: enum store_type { wr_invalid, wr_new_root, wr_store_root, wr_exact_fit, wr_spanning_store, wr_split_store, wr_rebalance, wr_append, wr_node_store, wr_slot_store, }; In the current maple tree code, a walk down the tree is done in mas_preallocate() to determine the number of nodes needed for this write. After node allocation, mas_wr_store_entry() will perform another walk to determine which write helper function to use to complete the write. Rather than performing the second walk, we can store the type of write in the maple write state during node allocation and read this field to complete the write. Patches 1-16 implement this store type feature. Patch 17 is a cleanup patch to change functions that have unused return types to be void. ================================ RESULTS ================================= Phoronix t-test-1 (Seconds < Lower Is Better) v6.10-rc6 Threads: 1 33.15 Threads: 2 10.81 v6.10-rc6 + this series Threads: 1 32.69 Threads: 2 10.45 Stress-ng mmap 6.10_base store_type_v4 Duration User 2744.65 2769.40 Duration System 10862.69 10817.59 Duration Elapsed 1477.58 1478.35 ================================ TESTING ================================= Testing was done with the maple tree test suite. A new test case is also added to validate the order in which we test for and assign the store type. [1]: https://lore.kernel.org/linux-mm/80926b22-a8d2-9992-eb5e-27e2c99cf460@google.com/T/#m81044feb66765265f8ca7f21e4b4b3725b18780a [2]: https://lore.kernel.org/linux-mm/80926b22-a8d2-9992-eb5e-27e2c99cf460@google.com/T/#mb36c6526486638e82518c0f37a428fb279c84d8a [3]: https://lists.infradead.org/pipermail/maple-tree/2023-December/003098.html This patch (of 17): Add a store_type enum that is stored in ma_state. This will be used to keep track of partial walks of the tree so that subsequent walks can pick up where a previous walk left off. Link: https://lkml.kernel.org/r/20240814161944.55347-1-sidhartha.kumar@oracle.com Link: https://lkml.kernel.org/r/20240814161944.55347-2-sidhartha.kumar@oracle.com Signed-off-by: Sidhartha Kumar Cc: Liam R. Howlett Cc: Matthew Wilcox (Oracle) Cc: Suren Baghdasaryan Signed-off-by: Andrew Morton commit 02f4bbefcada38cab86b365e5c795e0f858356bc Author: Muchun Song Date: Wed Aug 14 17:34:15 2024 +0800 mm: kmem: add lockdep assertion to obj_cgroup_memcg obj_cgroup_memcg() is supposed to safe to prevent the returned memory cgroup from being freed only when the caller is holding the rcu read lock or objcg_lock or cgroup_mutex. It is very easy to ignore thoes conditions when users call some upper APIs which call obj_cgroup_memcg() internally like mem_cgroup_from_slab_obj() (See the link below). So it is better to add lockdep assertion to obj_cgroup_memcg() to find those issues ASAP. Because there is no user of obj_cgroup_memcg() holding objcg_lock to make the returned memory cgroup safe, do not add objcg_lock assertion (We should export objcg_lock if we really want to do). Additionally, this is some internal implementation detail of memcg and should not be accessible outside memcg code. Some users like __mem_cgroup_uncharge() do not care the lifetime of the returned memory cgroup, which just want to know if the folio is charged to a memory cgroup, therefore, they do not need to hold the needed locks. In which case, introduce a new helper folio_memcg_charged() to do this. Compare it to folio_memcg(), it could eliminate a memory access of objcg->memcg for kmem, actually, a really small gain. [songmuchun@bytedance.com: fix split_page_memcg()] Link: https://lkml.kernel.org/r/20240819080415.44964-1-songmuchun@bytedance.com Link: https://lore.kernel.org/all/20240718083607.42068-1-songmuchun@bytedance.com/ Link: https://lkml.kernel.org/r/20240814093415.17634-1-songmuchun@bytedance.com Signed-off-by: Muchun Song Acked-by: Shakeel Butt Acked-by: Roman Gushchin Acked-by: Vlastimil Babka Cc: Johannes Weiner Cc: Michal Hocko Signed-off-by: Andrew Morton commit 90a6f2a8f4423ff4ae17396c7933983926d9e655 Author: Shakeel Butt Date: Tue Aug 13 14:53:58 2024 -0700 memcg: use ratelimited stats flush in the reclaim The Meta prod is seeing large amount of stalls in memcg stats flush from the memcg reclaim code path. At the moment, this specific callsite is doing a synchronous memcg stats flush. The rstat flush is an expensive and time consuming operation, so concurrent relaimers will busywait on the lock potentially for a long time. Actually this issue is not unique to Meta and has been observed by Cloudflare [1] as well. For the Cloudflare case, the stalls were due to contention between kswapd threads running on their 8 numa node machines which does not make sense as rstat flush is global and flush from one kswapd thread should be sufficient for all. Simply replace the synchronous flush with the ratelimited one. One may raise a concern on potentially using 2 sec stale (at worst) stats for heuristics like desirable inactive:active ratio and preferring inactive file pages over anon pages but these specific heuristics do not require very precise stats and also are ignored under severe memory pressure. More specifically for this code path, the stats are needed for two specific heuristics: 1. Deactivate LRUs 2. Cache trim mode The deactivate LRUs heuristic is to maintain a desirable inactive:active ratio of the LRUs. The specific stats needed are WORKINGSET_ACTIVATE* and the hierarchical LRU size. The WORKINGSET_ACTIVATE* is needed to check if there is a refault since last snapshot and the LRU size are needed for the desirable ratio between inactive and active LRUs. See the table below on how the desirable ratio is calculated. /* total target max * memory ratio inactive * ------------------------------------- * 10MB 1 5MB * 100MB 1 50MB * 1GB 3 250MB * 10GB 10 0.9GB * 100GB 31 3GB * 1TB 101 10GB * 10TB 320 32GB */ The desirable ratio only changes at the boundary of 1 GiB, 10 GiB, 100 GiB, 1 TiB and 10 TiB. There is no need for the precise and accurate LRU size information to calculate this ratio. In addition, if deactivation is skipped for some LRU, the kernel will force deactive on the severe memory pressure situation. For the cache trim mode, inactive file LRU size is read and the kernel scales it down based on the reclaim iteration (file >> sc->priority) and only checks if it is zero or not. Again precise information is not needed. This patch has been running on Meta fleet for several months and we have not observed any issues. Please note that MGLRU is not impacted by this issue at all as it avoids rstat flushing completely. Link: https://lore.kernel.org/all/6ee2518b-81dd-4082-bdf5-322883895ffc@kernel.org [1] Link: https://lkml.kernel.org/r/20240813215358.2259750-1-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Cc: Jesper Dangaard Brouer Cc: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Cc: Roman Gushchin Cc: Yosry Ahmed Cc: Yu Zhao Cc: Nhat Pham Signed-off-by: Andrew Morton commit 497258dfafcc6b88e7c4c46a38a479721d44cf41 Author: Linus Torvalds Date: Tue Aug 20 15:14:47 2024 -0700 mm: remove legacy install_special_mapping() code All relevant architectures had already been converted to the new interface (which just has an underscore in front of the name - not very imaginative naming), this just force-converts the stragglers. The modern interface is almost identical to the old one, except instead of the page pointer it takes a "struct vm_special_mapping" that describes the mapping (and contains the page pointer as one member), and it returns the resulting 'vma' instead of just the error code. Getting rid of the old interface also gets rid of some special casing, which had caused problems with the mremap extensions to "struct vm_special_mapping". [akpm@linux-foundation.org: coding-style cleanups] Link: https://lkml.kernel.org/r/CAHk-=whvR+z=0=0gzgdfUiK70JTa-=+9vxD-4T=3BagXR6dciA@mail.gmail.comTested-by: Rob Landley # arch/sh/ Link: https://lore.kernel.org/all/20240819195120.GA1113263@thelio-3990X/ Signed-off-by: Linus Torvalds Cc: Nathan Chancellor Cc: Michael Ellerman Cc: Anton Ivanov Cc: Brian Cain Cc: Christophe Leroy Cc: Dinh Nguyen Cc: Guo Ren Cc: Jeff Xu Cc: Johannes Berg Cc: John Paul Adrian Glaubitz Cc: Liam R. Howlett Cc: Nicholas Piggin Cc: Pedro Falcato Cc: Richard Weinberger Cc: Rich Felker Cc: Rob Landley Cc: Yoshinori Sato Signed-off-by: Andrew Morton commit edb4a8bffde725db0c9db2b4a508e01f150dba40 Author: Michael Ellerman Date: Mon Aug 12 18:26:05 2024 +1000 powerpc/vdso: refactor error handling Linus noticed that the error handling in __arch_setup_additional_pages() fails to clear the mm VDSO pointer if _install_special_mapping() fails. In practice there should be no actual bug, because if there's an error the VDSO pointer is cleared later in arch_setup_additional_pages(). However it's no longer necessary to set the pointer before installing the mapping. Commit c1bab64360e6 ("powerpc/vdso: Move to _install_special_mapping() and remove arch_vma_name()") reworked the code so that the VMA name comes from the vm_special_mapping.name, rather than relying on arch_vma_name(). So rework the code to only set the VDSO pointer once the mappings have been installed correctly, and remove the stale comment. Link: https://lkml.kernel.org/r/20240812082605.743814-4-mpe@ellerman.id.au Signed-off-by: Michael Ellerman Reviewed-by: Liam R. Howlett Cc: Christophe Leroy Cc: Jeff Xu Cc: Linus Torvalds Cc: Nicholas Piggin Cc: Pedro Falcato Cc: David Hildenbrand Cc: Thomas Gleixner Signed-off-by: Andrew Morton commit 40b88644dd92d99e572063893c2a247598c238d6 Author: Michael Ellerman Date: Mon Aug 12 18:26:04 2024 +1000 mm: remove arch_unmap() Now that powerpc no longer uses arch_unmap() to handle VDSO unmapping, there are no meaningful implementions left. Drop support for it entirely, and update comments which refer to it. Link: https://lkml.kernel.org/r/20240812082605.743814-3-mpe@ellerman.id.au Signed-off-by: Michael Ellerman Suggested-by: Linus Torvalds Acked-by: David Hildenbrand Reviewed-by: Thomas Gleixner Reviewed-by: Liam R. Howlett Cc: Christophe Leroy Cc: Jeff Xu Cc: Nicholas Piggin Cc: Pedro Falcato Signed-off-by: Andrew Morton commit 5463bafab476e430a385c6be58249a49b7549629 Author: Michael Ellerman Date: Mon Aug 12 18:26:03 2024 +1000 powerpc/mm: handle VDSO unmapping via close() rather than arch_unmap() Add a close() callback to the VDSO special mapping to handle unmapping of the VDSO. That will make it possible to remove the arch_unmap() hook entirely in a subsequent patch. Link: https://lkml.kernel.org/r/20240812082605.743814-2-mpe@ellerman.id.au Signed-off-by: Michael Ellerman Suggested-by: Linus Torvalds Reviewed-by: David Hildenbrand Reviewed-by: Liam R. Howlett Cc: Christophe Leroy Cc: Jeff Xu Cc: Nicholas Piggin Cc: Pedro Falcato Cc: Thomas Gleixner Signed-off-by: Andrew Morton commit 223febc6e5573cda5e94e6b38fcdaded068db777 Author: Michael Ellerman Date: Mon Aug 12 18:26:02 2024 +1000 mm: add optional close() to struct vm_special_mapping Add an optional close() callback to struct vm_special_mapping. It will be used, by powerpc at least, to handle unmapping of the VDSO. Although support for unmapping the VDSO was initially added for CRIU[1], it is not desirable to guard that support behind CONFIG_CHECKPOINT_RESTORE. There are other known users of unmapping the VDSO which are not related to CRIU, eg. Valgrind [2] and void-ship [3]. The powerpc arch_unmap() hook has been in place for ~9 years, with no ifdef, so there may be other unknown users that have come to rely on unmapping the VDSO. Even if the code was behind an ifdef, major distros enable CHECKPOINT_RESTORE so users may not realise unmapping the VDSO depends on that configuration option. It's also undesirable to have such core mm behaviour behind a relatively obscure CONFIG option. Longer term the unmap behaviour should be standardised across architectures, however that is complicated by the fact the VDSO pointer is stored differently across architectures. There was a previous attempt to unify that handling [4], which could be revived. See [5] for further discussion. [1]: commit 83d3f0e90c6c ("powerpc/mm: tracking vDSO remap") [2]: https://sourceware.org/git/?p=valgrind.git;a=commit;h=3a004915a2cbdcdebafc1612427576bf3321eef5 [3]: https://github.com/insanitybit/void-ship [4]: https://lore.kernel.org/lkml/20210611180242.711399-17-dima@arista.com/ [5]: https://lore.kernel.org/linuxppc-dev/shiq5v3jrmyi6ncwke7wgl76ojysgbhrchsk32q4lbx2hadqqc@kzyy2igem256 Link: https://lkml.kernel.org/r/20240812082605.743814-1-mpe@ellerman.id.au Signed-off-by: Michael Ellerman Suggested-by: Linus Torvalds Reviewed-by: David Hildenbrand Reviewed-by: Liam R. Howlett Cc: Christophe Leroy Cc: Jeff Xu Cc: Nicholas Piggin Cc: Pedro Falcato Cc: Thomas Gleixner Signed-off-by: Andrew Morton commit c36be0cdf63d64dfd65bcf27b8ed400696b1c27a Author: Tianchen Ding Date: Mon Aug 12 17:55:17 2024 +0800 kfence: save freeing stack trace at calling time instead of freeing time For kmem_cache with SLAB_TYPESAFE_BY_RCU, the freeing trace stack at calling kmem_cache_free() is more useful. While the following stack is meaningless and provides no help: freed by task 46 on cpu 0 at 656.840729s: rcu_do_batch+0x1ab/0x540 nocb_cb_wait+0x8f/0x260 rcu_nocb_cb_kthread+0x25/0x80 kthread+0xd2/0x100 ret_from_fork+0x34/0x50 ret_from_fork_asm+0x1a/0x30 Link: https://lkml.kernel.org/r/20240812095517.2357-1-dtcccc@linux.alibaba.com Signed-off-by: Tianchen Ding Reviewed-by: Marco Elver Cc: Alexander Potapenko Cc: Dmitry Vyukov Signed-off-by: Andrew Morton commit c64d66153b3413095c57805e66b8b6e2ff8633c0 Author: Wei Yang Date: Mon Aug 12 15:09:25 2024 +0000 maple_tree: fix comment typo with corresponding maple_status In comment of function mas_start(), we list the return value of different cases. According to the comment context, tell the maple_status here is more consistent with others. Let's correct it with ma_active in the case it's a tree. Link: https://lkml.kernel.org/r/20240812150925.31551-2-richard.weiyang@gmail.com Signed-off-by: Wei Yang Reviewed-by: Liam R. Howlett Signed-off-by: Andrew Morton commit 7a0529d0c2aa552498cc9b5c116f6e2ab8c2ac43 Author: Wei Yang Date: Mon Aug 12 15:09:24 2024 +0000 maple_tree: fix comment typo of ma_root In comment of mas_start(), we lists the return value for different cases. In case of a single entry, we set mas->status to ma_root, while the comment uses mas_root, which is not a maple_status. Fix the typo according to the code. Link: https://lkml.kernel.org/r/20240812150925.31551-1-richard.weiyang@gmail.com Signed-off-by: Wei Yang Reviewed-by: Liam R. Howlett Signed-off-by: Andrew Morton commit 617f8e4d76b81361884db852005f519012ddd244 Author: Sidhartha Kumar Date: Mon Aug 12 15:05:43 2024 -0400 maple_tree: add test to replicate low memory race conditions Add new callback fields to the userspace implementation of struct kmem_cache. This allows for executing callback functions in order to further test low memory scenarios where node allocation is retried. This callback can help test race conditions by calling a function when a low memory event is tested. Link: https://lkml.kernel.org/r/20240812190543.71967-2-sidhartha.kumar@oracle.com Signed-off-by: Sidhartha Kumar Reviewed-by: Liam R. Howlett Cc: Matthew Wilcox Signed-off-by: Andrew Morton commit e1b8b883bb838339eec728de5d02e2f252a7d3d9 Author: Sidhartha Kumar Date: Mon Aug 12 15:05:42 2024 -0400 maple_tree: reset mas->index and mas->last on write retries The following scenario can result in a race condition: Consider a node with the following indices and values a<------->b<----------->c<--------->d 0xA NULL 0xB CPU 1 CPU 2 --------- --------- mas_set_range(a,b) mas_erase() -> range is expanded (a,c) because of null expansion mas_nomem() mas_unlock() mas_store_range(b,c,0xC) The node now looks like: a<------->b<----------->c<--------->d 0xA 0xC 0xB mas_lock() mas_erase() <------ range of erase is still (a,c) The node is now NULL from (a,c) but the write from CPU 2 should have been retained and range (b,c) should still have 0xC as its value. We can fix this by re-intializing to the original index and last. This does not need a cc: Stable as there are no users of the maple tree which use internal locking and this condition is only possible with internal locking. Link: https://lkml.kernel.org/r/20240812190543.71967-1-sidhartha.kumar@oracle.com Signed-off-by: Sidhartha Kumar Reviewed-by: Liam R. Howlett Cc: Matthew Wilcox Signed-off-by: Andrew Morton commit c0f398c3b2cf67976bca216f80668b9c93368385 Author: Yu Zhao Date: Mon Aug 12 16:48:23 2024 -0600 mm/hugetlb_vmemmap: batch HVO work when demoting Batch the HVO work, including de-HVO of the source and HVO of the destination hugeTLB folios, to speed up demotion. After commit bd225530a4c7 ("mm/hugetlb_vmemmap: fix race with speculative PFN walkers"), each request of HVO or de-HVO, batched or not, invokes synchronize_rcu() once. For example, when not batched, demoting one 1GB hugeTLB folio to 512 2MB hugeTLB folios invokes synchronize_rcu() 513 times (1 de-HVO plus 512 HVO requests), whereas when batched, only twice (1 de-HVO plus 1 HVO request). And the performance difference between the two cases is significant, e.g., echo 2048kB >/sys/kernel/mm/hugepages/hugepages-1048576kB/demote_size time echo 100 >/sys/kernel/mm/hugepages/hugepages-1048576kB/demote Before this patch: real 8m58.158s user 0m0.009s sys 0m5.900s After this patch: real 0m0.900s user 0m0.000s sys 0m0.851s Note that this patch changes the behavior of the `demote` interface when de-HVO fails. Before, the interface aborts immediately upon failure; now, it tries to finish an entire batch, meaning it can make extra progress if the rest of the batch contains folios that do not need to de-HVO. Link: https://lkml.kernel.org/r/20240812224823.3914837-1-yuzhao@google.com Fixes: bd225530a4c7 ("mm/hugetlb_vmemmap: fix race with speculative PFN walkers") Signed-off-by: Yu Zhao Reviewed-by: Muchun Song Cc: Signed-off-by: Andrew Morton commit 67b9a353e171c3969223e53308feb15b722bb64a Author: yangge Date: Tue Aug 13 17:52:23 2024 +0800 mm/swap: take folio refcount after testing the LRU flag Whoever passes a folio to __folio_batch_add_and_move() must hold a reference, otherwise something else would already be messed up. If the folio is referenced, it will not be freed elsewhere, so we can safely clear the folio's lru flag. As discussed with David in [1], we should take the reference after testing the LRU flag, not before. Link: https://lore.kernel.org/lkml/d41865b4-d6fa-49ba-890a-921eefad27dd@redhat.com/ [1] Link: https://lkml.kernel.org/r/1723542743-32179-1-git-send-email-yangge1116@126.com Signed-off-by: yangge Acked-by: David Hildenbrand Cc: Baolin Wang Cc: Yu Zhao Signed-off-by: Andrew Morton commit b6273b55d88539c6a7127a697c61d3f89c5831fe Author: Takaya Saeki Date: Tue Aug 13 10:03:12 2024 +0000 filemap: add trace events for get_pages, map_pages, and fault To allow precise tracking of page caches accessed, add new tracepoints that trigger when a process actually accesses them. The ureadahead program used by ChromeOS traces the disk access of programs as they start up at boot up. It uses mincore(2) or the 'mm_filemap_add_to_page_cache' trace event to accomplish this. It stores this information in a "pack" file and on subsequent boots, it will read the pack file and call readahead(2) on the information so that disk storage can be loaded into RAM before the applications actually need it. A problem we see is that due to the kernel's readahead algorithm that can aggressively pull in more data than needed (to try and accomplish the same goal) and this data is also recorded. The end result is that the pack file contains a lot of pages on disk that are never actually used. Calling readahead(2) on these unused pages can slow down the system boot up times. To solve this, add 3 new trace events, get_pages, map_pages, and fault. These will be used to trace the pages are not only pulled in from disk, but are actually used by the application. Only those pages will be stored in the pack file, and this helps out the performance of boot up. With the combination of these 3 new trace events and mm_filemap_add_to_page_cache, we observed a reduction in the pack file by 7.3% - 20% on ChromeOS varying by device. Link: https://lkml.kernel.org/r/20240813100312.3930505-1-takayas@chromium.org Signed-off-by: Takaya Saeki Reviewed-by: Masami Hiramatsu (Google) Reviewed-by: Steven Rostedt (Google) Cc: Junichi Uekawa Cc: Mathieu Desnoyers Cc: Matthew Wilcox Signed-off-by: Andrew Morton commit cb0f01beb16669e91510fcdb2cea213931aee017 Author: Peter Xu Date: Mon Aug 12 14:12:25 2024 -0400 mm/mprotect: fix dax pud handlings This is only relevant to the two archs that support PUD dax, aka, x86_64 and ppc64. PUD THPs do not yet exist elsewhere, and hugetlb PUDs do not count in this case. DAX have had PUD mappings for years, but change protection path never worked. When the path is triggered in any form (a simple test program would be: call mprotect() on a 1G dev_dax mapping), the kernel will report "bad pud". This patch should fix that. The new change_huge_pud() tries to keep everything simple. For example, it doesn't optimize write bit as that will need even more PUD helpers. It's not too bad anyway to have one more write fault in the worst case once for 1G range; may be a bigger thing for each PAGE_SIZE, though. Neither does it support userfault-wp bits, as there isn't such PUD mappings that is supported; file mappings always need a split there. The same to TLB shootdown: the pmd path (which was for x86 only) has the trick of using _ad() version of pmdp_invalidate*() which can avoid one redundant TLB, but let's also leave that for later. Again, the larger the mapping, the smaller of such effect. There's some difference on handling "retry" for change_huge_pud() (where it can return 0): it isn't like change_huge_pmd(), as the pmd version is safe with all conditions handled in change_pte_range() later, thanks to Hugh's new pte_offset_map_lock(). In short, change_pte_range() is simply smarter. For that, change_pud_range() will need proper retry if it races with something else when a huge PUD changed from under us. The last thing to mention is currently the PUD path ignores the huge pte numa counter (NUMA_HUGE_PTE_UPDATES), not only because DAX is not applicable to NUMA, but also that it's ambiguous on its own to decide how to account pud in this case. In one earlier version of this patchset I proposed to remove the counter as it doesn't even look right to do the accounting as of now [1], but then a further discussion suggests we can leave that for later, as that doesn't block this series if we choose to ignore that counter. That's what this patch does, by ignoring it. When at it, touch up the comment in pgtable_split_needed() to make it generic to either pmd or pud file THPs. [1] https://lore.kernel.org/all/20240715192142.3241557-3-peterx@redhat.com/ [2] https://lore.kernel.org/r/added2d0-b8be-4108-82ca-1367a388d0b1@redhat.com Link: https://lkml.kernel.org/r/20240812181225.1360970-8-peterx@redhat.com Fixes: a00cc7d9dd93 ("mm, x86: add support for PUD-sized transparent hugepages") Fixes: 27af67f35631 ("powerpc/book3s64/mm: enable transparent pud hugepage") Signed-off-by: Peter Xu Cc: Dan Williams Cc: Matthew Wilcox Cc: Dave Jiang Cc: Hugh Dickins Cc: Kirill A. Shutemov Cc: Vlastimil Babka Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: Michael Ellerman Cc: Aneesh Kumar K.V Cc: Oscar Salvador Cc: Christophe Leroy Cc: David Hildenbrand Cc: David Rientjes Cc: "Edgecombe, Rick P" Cc: Nicholas Piggin Cc: Paolo Bonzini Cc: Rik van Riel Cc: Sean Christopherson Signed-off-by: Andrew Morton commit 473f24902e6a55de952e87b28450b7445a928da4 Author: Peter Xu Date: Mon Aug 12 14:12:24 2024 -0400 mm/x86: add missing pud helpers Some new helpers will be needed for pud entry updates soon. Introduce these helpers by referencing the pmd ones. Namely: - pudp_invalidate(): this helper invalidates a huge pud before a split happens, so that the invalidated pud entry will make sure no race will happen (either with software, like a concurrent zap, or hardware, like a/d bit lost). - pud_modify(): this helper applies a new pgprot to an existing huge pud mapping. For more information on why we need these two helpers, please refer to the corresponding pmd helpers in the mprotect() code path. When at it, simplify the pud_modify()/pmd_modify() comments on shadow stack pgtable entries to reference pte_modify() to avoid duplicating the whole paragraph three times. Link: https://lkml.kernel.org/r/20240812181225.1360970-7-peterx@redhat.com Signed-off-by: Peter Xu Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: Aneesh Kumar K.V Cc: Christophe Leroy Cc: Dan Williams Cc: Dave Jiang Cc: David Hildenbrand Cc: David Rientjes Cc: "Edgecombe, Rick P" Cc: Hugh Dickins Cc: Kirill A. Shutemov Cc: Matthew Wilcox Cc: Michael Ellerman Cc: Nicholas Piggin Cc: Oscar Salvador Cc: Paolo Bonzini Cc: Rik van Riel Cc: Sean Christopherson Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 1c399e74a97ca733d0780cc51819aa81fb292c22 Author: Peter Xu Date: Mon Aug 12 14:12:23 2024 -0400 mm/x86: implement arch_check_zapped_pud() Introduce arch_check_zapped_pud() to sanity check shadow stack on PUD zaps. It has the same logic as the PMD helper. One thing to mention is, it might be a good idea to use page_table_check in the future for trapping wrong setups of shadow stack pgtable entries [1]. That is left for the future as a separate effort. [1] https://lore.kernel.org/all/59d518698f664e07c036a5098833d7b56b953305.camel@intel.com Link: https://lkml.kernel.org/r/20240812181225.1360970-6-peterx@redhat.com Signed-off-by: Peter Xu Acked-by: David Hildenbrand Cc: "Edgecombe, Rick P" Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: Aneesh Kumar K.V Cc: Christophe Leroy Cc: Dan Williams Cc: Dave Jiang Cc: David Rientjes Cc: Hugh Dickins Cc: Kirill A. Shutemov Cc: Matthew Wilcox Cc: Michael Ellerman Cc: Nicholas Piggin Cc: Oscar Salvador Cc: Paolo Bonzini Cc: Rik van Riel Cc: Sean Christopherson Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 144bb0aee33aa4185be7004affad23072ba82abd Author: Peter Xu Date: Mon Aug 12 14:12:22 2024 -0400 mm/x86: make pud_leaf() only care about PSE bit When working on mprotect() on 1G dax entries, I hit an zap bad pud error when zapping a huge pud that is with PROT_NONE permission. Here the problem is x86's pud_leaf() requires both PRESENT and PSE bits set to report a pud entry as a leaf, but that doesn't look right, as it's not following the pXd_leaf() definition that we stick with so far, where PROT_NONE entries should be reported as leaves. To fix it, change x86's pud_leaf() implementation to only check against PSE bit to report a leaf, irrelevant of whether PRESENT bit is set. Link: https://lkml.kernel.org/r/20240812181225.1360970-5-peterx@redhat.com Signed-off-by: Peter Xu Acked-by: Dave Hansen Reviewed-by: David Hildenbrand Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: Aneesh Kumar K.V Cc: Christophe Leroy Cc: Dan Williams Cc: Dave Jiang Cc: David Rientjes Cc: "Edgecombe, Rick P" Cc: Hugh Dickins Cc: Kirill A. Shutemov Cc: Matthew Wilcox Cc: Michael Ellerman Cc: Nicholas Piggin Cc: Oscar Salvador Cc: Paolo Bonzini Cc: Rik van Riel Cc: Sean Christopherson Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 4dd7724f02abe48ff3bbbe873568754e011cfe4c Author: Peter Xu Date: Mon Aug 12 14:12:21 2024 -0400 mm/powerpc: add missing pud helpers Some new helpers will be needed for pud entry updates soon. Introduce these helpers by referencing the pmd ones. Namely: - pudp_invalidate(): this helper invalidates a huge pud before a split happens, so that the invalidated pud entry will make sure no race will happen (either with software, like a concurrent zap, or hardware, like a/d bit lost). - pud_modify(): this helper applies a new pgprot to an existing huge pud mapping. For more information on why we need these two helpers, please refer to the corresponding pmd helpers in the mprotect() code path. Link: https://lkml.kernel.org/r/20240812181225.1360970-4-peterx@redhat.com Signed-off-by: Peter Xu Cc: Michael Ellerman Cc: Nicholas Piggin Cc: Christophe Leroy Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Dan Williams Cc: Dave Hansen Cc: Dave Jiang Cc: David Hildenbrand Cc: David Rientjes Cc: "Edgecombe, Rick P" Cc: Hugh Dickins Cc: Ingo Molnar Cc: Kirill A. Shutemov Cc: Matthew Wilcox Cc: Oscar Salvador Cc: Paolo Bonzini Cc: Rik van Riel Cc: Sean Christopherson Cc: Thomas Gleixner Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 7f06e3aa2e836c11a70d161ae19dc4414eecd80d Author: Peter Xu Date: Mon Aug 12 14:12:20 2024 -0400 mm/mprotect: push mmu notifier to PUDs mprotect() does mmu notifiers in PMD levels. It's there since 2014 of commit a5338093bfb4 ("mm: move mmu notifier call from change_protection to change_pmd_range"). At that time, the issue was that NUMA balancing can be applied on a huge range of VM memory, even if nothing was populated. The notification can be avoided in this case if no valid pmd detected, which includes either THP or a PTE pgtable page. Now to pave way for PUD handling, this isn't enough. We need to generate mmu notifications even on PUD entries properly. mprotect() is currently broken on PUD (e.g., one can easily trigger kernel error with dax 1G mappings already), this is the start to fix it. To fix that, this patch proposes to push such notifications to the PUD layers. There is risk on regressing the problem Rik wanted to resolve before, but I think it shouldn't really happen, and I still chose this solution because of a few reasons: 1) Consider a large VM that should definitely contain more than GBs of memory, it's highly likely that PUDs are also none. In this case there will have no regression. 2) KVM has evolved a lot over the years to get rid of rmap walks, which might be the major cause of the previous soft-lockup. At least TDP MMU already got rid of rmap as long as not nested (which should be the major use case, IIUC), then the TDP MMU pgtable walker will simply see empty VM pgtable (e.g. EPT on x86), the invalidation of a full empty region in most cases could be pretty fast now, comparing to 2014. 3) KVM has explicit code paths now to even give way for mmu notifiers just like this one, e.g. in commit d02c357e5bfa ("KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing"). It'll also avoid contentions that may also contribute to a soft-lockup. 4) Stick with PMD layer simply don't work when PUD is there... We need one way or another to fix PUD mappings on mprotect(). Pushing it to PUD should be the safest approach as of now, e.g. there's yet no sign of huge P4D coming on any known archs. Link: https://lkml.kernel.org/r/20240812181225.1360970-3-peterx@redhat.com Signed-off-by: Peter Xu Cc: Sean Christopherson Cc: Paolo Bonzini Cc: David Rientjes Cc: Rik van Riel Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Christophe Leroy Cc: Dan Williams Cc: Dave Hansen Cc: Dave Jiang Cc: David Hildenbrand Cc: "Edgecombe, Rick P" Cc: Hugh Dickins Cc: Ingo Molnar Cc: Kirill A. Shutemov Cc: Matthew Wilcox Cc: Michael Ellerman Cc: Nicholas Piggin Cc: Oscar Salvador Cc: Thomas Gleixner Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 5b198b4759ef7e618817d390601740b30ff56041 Author: Peter Xu Date: Mon Aug 12 14:12:19 2024 -0400 mm/dax: dump start address in fault handler Patch series "mm/mprotect: Fix dax puds", v5. Dax supports pud pages for a while, but mprotect on puds was missing since the start. This series tries to fix that by providing pud handling in mprotect(). The goal is to add more types of pud mappings like hugetlb or pfnmaps. This series paves way for it by fixing known pud entries. Considering nobody reported this until when I looked at those other types of pud mappings, I am thinking maybe it doesn't need to be a fix for stable and this may not need to be backported. I would guess whoever cares about mprotect() won't care 1G dax puds yet, vice versa. I hope fixing that in new kernels would be fine, but I'm open to suggestions. There're a few small things changed to teach mprotect work on PUDs. E.g. it will need to start with dropping NUMA_HUGE_PTE_UPDATES which may stop making sense when there can be more than one type of huge pte. OTOH, we'll also need to push the mmu notifiers from pmd to pud layers, which might need some attention but so far I think it's safe. For such details, please refer to each patch's commit message. The mprotect() pud process should be straightforward, as I kept it as simple as possible. There's no NUMA handled as dax simply doesn't support that. There's also no userfault involvements as file memory (even if work with userfault-wp async mode) will need to split a pud, so pud entry doesn't need to yet know userfault's existance (but hugetlb entries will; that's also for later). This patch (of 7): Currently the dax fault handler dumps the vma range when dynamic debugging enabled. That's mostly not useful. Dump the (aligned) address instead with the order info. Link: https://lkml.kernel.org/r/20240812181225.1360970-1-peterx@redhat.com Link: https://lkml.kernel.org/r/20240812181225.1360970-2-peterx@redhat.com Signed-off-by: Peter Xu Acked-by: David Hildenbrand Cc: Aneesh Kumar K.V Cc: Borislav Petkov Cc: Christophe Leroy Cc: Dan Williams Cc: Dave Hansen Cc: Dave Jiang Cc: David Rientjes Cc: "Edgecombe, Rick P" Cc: Hugh Dickins Cc: Ingo Molnar Cc: Kirill A. Shutemov Cc: Matthew Wilcox Cc: Michael Ellerman Cc: Nicholas Piggin Cc: Oscar Salvador Cc: Paolo Bonzini Cc: Rik van Riel Cc: Sean Christopherson Cc: Thomas Gleixner Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit bceeeaed4817ba7ad9013b4116c97220a60fcf7c Author: Yuanchu Xie Date: Tue Aug 13 09:37:59 2024 -0700 mm: multi-gen LRU: ignore non-leaf pmd_young for force_scan=true When non-leaf pmd accessed bits are available, MGLRU page table walks can clear the non-leaf pmd accessed bit and ignore the accessed bit on the pte if it's on a different node, skipping a generation update as well. If another scan occurs on the same node as said skipped pte. The non-leaf pmd accessed bit might remain cleared and the pte accessed bits won't be checked. While this is sufficient for reclaim-driven aging, where the goal is to select a reasonably cold page, the access can be missed when aging proactively for workingset estimation of a node/memcg. In more detail, get_pfn_folio returns NULL if the folio's nid != node under scanning, so the page table walk skips processing of said pte. Now the pmd_young flag on this pmd is cleared, and if none of the pte's are accessed before another scan occurs on the folio's node, the pmd_young check fails and the pte accessed bit is skipped. Since force_scan disables various other optimizations, we check force_scan to ignore the non-leaf pmd accessed bit. Link: https://lkml.kernel.org/r/20240813163759.742675-1-yuanchu@google.com Signed-off-by: Yuanchu Xie Acked-by: Yu Zhao Cc: "Huang, Ying" Cc: Lance Yang Signed-off-by: Andrew Morton commit 6963f00813f49375360544fe923e62f2070601af Author: Miao Wang Date: Wed Aug 14 01:12:13 2024 +0800 mm: vmalloc: add optimization hint on page existence check In commit 21e516b913c1 ("mm: vmalloc: dump page owner info if page is already mapped"), a BUG_ON macro was changed into an if statement, where the compiler optimization hint introduced in the BUG_ON macro was removed along with this change. This patch adds back the hint. Link: https://lkml.kernel.org/r/20240814-fix_vmap_unlikely-v1-1-cd7954775f12@gmail.com Fixes: 21e516b913c1 ("mm: vmalloc: dump page owner info if page is already mapped") Signed-off-by: Miao Wang Cc: Christoph Hellwig Cc: Hariom Panthi Cc: "Uladzislau Rezki (Sony)" Signed-off-by: Andrew Morton commit 59149bf8cea9e3b0e6368f68ae31bf91cdec1eb4 Author: Kirill A. Shutemov Date: Fri Aug 9 14:48:54 2024 +0300 mm: accept to promo watermark Commit c574bbe91703 ("NUMA balancing: optimize page placement for memory tiering system") introduced a new watermark above "high" -- "promo". Accept memory memory to the highest watermark which is WMARK_PROMO now. Link: https://lkml.kernel.org/r/20240809114854.3745464-9-kirill.shutemov@linux.intel.com Signed-off-by: Kirill A. Shutemov Cc: Borislav Petkov Cc: David Hildenbrand Cc: Johannes Weiner Cc: Matthew Wilcox Cc: Mel Gorman Cc: Mike Rapoport (Microsoft) Cc: Tom Lendacky Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit e44dd9b13392b4c8fe3bcdeb13c46759259fcabc Author: Kirill A. Shutemov Date: Fri Aug 9 14:48:53 2024 +0300 mm: page_isolation: handle unaccepted memory isolation Page isolation machinery doesn't know anything about unaccepted memory and considers it non-free. It leads to alloc_contig_pages() failure. Treat unaccepted memory as free and accept memory on pageblock isolation. Once memory is accepted it becomes PageBuddy() and page isolation knows how to deal with them. Link: https://lkml.kernel.org/r/20240809114854.3745464-8-kirill.shutemov@linux.intel.com Signed-off-by: Kirill A. Shutemov Cc: Borislav Petkov Cc: David Hildenbrand Cc: Johannes Weiner Cc: Matthew Wilcox Cc: Mel Gorman Cc: Mike Rapoport (Microsoft) Cc: Tom Lendacky Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 55ad43e8ba0f5ccc9792846479839c4affb04660 Author: Kirill A. Shutemov Date: Fri Aug 9 14:48:52 2024 +0300 mm: add a helper to accept page Accept a given struct page and add it free list. The help is useful for physical memory scanners that want to use free unaccepted memory. Link: https://lkml.kernel.org/r/20240809114854.3745464-7-kirill.shutemov@linux.intel.com Signed-off-by: Kirill A. Shutemov Acked-by: David Hildenbrand Cc: Borislav Petkov Cc: Johannes Weiner Cc: Matthew Wilcox Cc: Mel Gorman Cc: Mike Rapoport (Microsoft) Cc: Tom Lendacky Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 5adfeaecc487e7023f1c7bbdc081707d7a93110f Author: Kirill A. Shutemov Date: Fri Aug 9 14:48:51 2024 +0300 mm: rework accept memory helpers Make accept_memory() and range_contains_unaccepted_memory() take 'start' and 'size' arguments instead of 'start' and 'end'. Remove accept_page(), replacing it with direct calls to accept_memory(). The accept_page() name is going to be used for a different function. Link: https://lkml.kernel.org/r/20240809114854.3745464-6-kirill.shutemov@linux.intel.com Signed-off-by: Kirill A. Shutemov Suggested-by: David Hildenbrand Cc: Borislav Petkov Cc: Johannes Weiner Cc: Matthew Wilcox Cc: Mel Gorman Cc: Mike Rapoport (Microsoft) Cc: Tom Lendacky Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 310183de7bb2ed114a80d057690ddb23d0cfe814 Author: Kirill A. Shutemov Date: Fri Aug 9 14:48:50 2024 +0300 mm: introduce PageUnaccepted() page type The new page type allows physical memory scanners to detect unaccepted memory and handle it accordingly. The page type is serialized with zone lock. Link: https://lkml.kernel.org/r/20240809114854.3745464-5-kirill.shutemov@linux.intel.com Signed-off-by: Kirill A. Shutemov Acked-by: David Hildenbrand Cc: Borislav Petkov Cc: Johannes Weiner Cc: Matthew Wilcox Cc: Mel Gorman Cc: Mike Rapoport (Microsoft) Cc: Tom Lendacky Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 4be9064baac0cdda43997e10cf9f706614057446 Author: Kirill A. Shutemov Date: Fri Aug 9 14:48:49 2024 +0300 mm: accept memory in __alloc_pages_bulk() Currently, the kernel only accepts memory in get_page_from_freelist(), but there is another path that directly takes pages from free lists - __alloc_page_bulk(). This function can consume all accepted memory and will resort to __alloc_pages_noprof() if necessary. Conditionally accepted in __alloc_pages_bulk(). The same issue may arise due to deferred page initialization. Kick the deferred initialization machinery before abandoning the zone, as the kernel does in get_page_from_freelist(). Link: https://lkml.kernel.org/r/20240809114854.3745464-4-kirill.shutemov@linux.intel.com Signed-off-by: Kirill A. Shutemov Acked-by: David Hildenbrand Cc: Borislav Petkov Cc: Johannes Weiner Cc: Matthew Wilcox Cc: Mel Gorman Cc: Mike Rapoport (Microsoft) Cc: Tom Lendacky Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 3a80b8228f6ff0b3e56205231bef8ca69cb739d8 Author: Kirill A. Shutemov Date: Fri Aug 9 14:48:48 2024 +0300 mm: reduce deferred struct page init ifdeffery Patch series "mm: Fix several issues with unaccepted memory", v2. The patchset addresses several issues related to unaccepted memory. Pacth 1/7 preparatory cleanup. Patch 2/7 ensures that __alloc_pages_bulk() will not exhaust all accepted memory without accepting more. Patches 3/7-5/7 are preparations for patch 6/7, which fixes alloc_config_page() on machines with unaccepted memory. This allows, for example, the allocation of gigantic pages at runtime. Patch 7/7 enables the kernel to accept memory up to the promo watermark. This patch (of 7): Add dummy _deferred_grow_zone() for !DEFERRED_STRUCT_PAGE_INIT and remove #ifdefs in two places. No functional changes. Link: https://lkml.kernel.org/r/20240809114854.3745464-1-kirill.shutemov@linux.intel.com Link: https://lkml.kernel.org/r/20240809114854.3745464-3-kirill.shutemov@linux.intel.com Signed-off-by: Kirill A. Shutemov Suggested-by: David Hildenbrand Cc: Borislav Petkov Cc: Johannes Weiner Cc: Matthew Wilcox Cc: Mel Gorman Cc: Mike Rapoport (Microsoft) Cc: Tom Lendacky Cc: Vlastimil Babka Signed-off-by: Andrew Morton commit 727d50a7e07259291981b5d84607dc9966def4b1 Author: Zi Yan Date: Fri Aug 9 10:59:06 2024 -0400 mm/migrate: move common code to numa_migrate_check (was numa_migrate_prep) do_numa_page() and do_huge_pmd_numa_page() share a lot of common code. To reduce redundancy, move common code to numa_migrate_prep() and rename the function to numa_migrate_check() to reflect its functionality. Now do_huge_pmd_numa_page() also checks shared folios to set TNF_SHARED flag. Link: https://lkml.kernel.org/r/20240809145906.1513458-4-ziy@nvidia.com Signed-off-by: Zi Yan Suggested-by: David Hildenbrand Reviewed-by: "Huang, Ying" Reviewed-by: Baolin Wang Acked-by: David Hildenbrand Cc: Baolin Wang Cc: Kefeng Wang Cc: Mel Gorman Cc: Yang Shi Cc: Zi Yan Signed-off-by: Andrew Morton commit 07222371912c835d12b3541791d0516f50c7b45b Author: Shakeel Butt Date: Fri Aug 9 10:26:18 2024 -0700 memcg: replace memcg ID idr with xarray At the moment memcg IDs are managed through IDR which requires external synchronization mechanisms and makes the allocation code a bit awkward. Let's switch to xarray and make the code simpler. [shakeel.butt@linux.dev: fix error path in mem_cgroup_alloc(), per Dan] Link: https://lkml.kernel.org/r/20240815155402.3630804-1-shakeel.butt@linux.dev Link: https://lkml.kernel.org/r/20240809172618.2946790-1-shakeel.butt@linux.dev Signed-off-by: Shakeel Butt Suggested-by: Matthew Wilcox Reviewed-by: Roman Gushchin Reviewed-by: Matthew Wilcox (Oracle) Acked-by: Johannes Weiner Reviewed-by: Muchun Song Acked-by: Michal Hocko Cc: Dan Carpenter Signed-off-by: Andrew Morton commit 072cd213b75eb01fcf40eff898f8d5c008ce1457 Author: Jeff Xu Date: Wed Aug 7 21:23:20 2024 +0000 selftest mm/mseal: fix test_seal_mremap_move_dontunmap_anyaddr the syscall remap accepts following: mremap(src, size, size, MREMAP_MAYMOVE | MREMAP_DONTUNMAP, dst) when the src is sealed, the call will fail with error code: EPERM Previously, the test uses hard-coded 0xdeaddead as dst, and it will fail on the system with newer glibc installed. This patch removes test's dependency on glibc for mremap(), also fix the test and remove the hardcoded address. Link: https://lkml.kernel.org/r/20240807212320.2831848-1-jeffxu@chromium.org Fixes: 4926c7a52de7 ("selftest mm/mseal memory sealing") Signed-off-by: Jeff Xu Reported-by: Pedro Falcato Cc: Dave Hansen Cc: Liam R. Howlett Cc: Lorenzo Stoakes Cc: Matthew Wilcox (Oracle) Cc: Michael Ellerman Cc: Vlastimil Babka Cc: Signed-off-by: Andrew Morton commit 94dc8bffd8b7fe83ba8382a3410a2f218dc20cb0 Author: Matthew Wilcox (Oracle) Date: Wed Aug 7 20:37:32 2024 +0100 mm: return the folio from swapin_readahead The unuse_pte_range() caller only wants the folio while do_swap_page() wants both the page and the folio. Since do_swap_page() already has logic for handling both the folio and the page, move the folio-to-page logic there. This also lets us allocate larger folios in the SWP_SYNCHRONOUS_IO path in future. Link: https://lkml.kernel.org/r/20240807193734.1865400-1-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 09022bc196d23484a7a5d48cf373f8583e3fcf23 Author: Matthew Wilcox (Oracle) Date: Wed Aug 7 20:35:26 2024 +0100 mm: remove PG_error The PG_error bit is now unused; delete it and free up a bit in page->flags. Link: https://lkml.kernel.org/r/20240807193528.1865100-2-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 420e05d0de18df907ba1c5c077af69e6ae469c9a Author: Matthew Wilcox (Oracle) Date: Wed Aug 7 20:35:25 2024 +0100 fs: remove calls to set and clear the folio error flag Nobody checks the folio error flag any more, so we can stop setting and clearing it. Also remove the documentation suggesting to not bother setting the error bit. Link: https://lkml.kernel.org/r/20240807193528.1865100-1-willy@infradead.org Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton commit 62e73fd85d7bf63f1dde2bbcc464fe67970f326f Author: qiwu.chen Date: Wed Aug 7 10:56:27 2024 +0800 mm: kfence: print the elapsed time for allocated/freed track Print the elapsed time for the allocated or freed track, which can be useful in some debugging scenarios. Link: https://lkml.kernel.org/r/20240807025627.37419-1-qiwu.chen@transsion.com Signed-off-by: qiwu.chen Reviewed-by: Marco Elver Cc: chenqiwu Cc: Dmitry Vyukov Signed-off-by: Andrew Morton commit 47baed6a132f611228113851a70c73f6e6478d87 Author: Jianhui Zhou <912460177@qq.com> Date: Wed Aug 7 15:44:48 2024 +0800 percpu: remove pcpu_alloc_size() pcpu_alloc_size() was added in 7ac5c53e0073 "mm/percpu.c: introduce pcpu_alloc_size()", which is used to get the allocated memory size in bpf. However, pcpu_alloc_size() is no longer used in "bpf: Use c->unit_size to select target cache during free" because its actuall allocated memory size may change at runtime due to its slab merging mechanism. Therefore, pcpu_alloc_size() can be removed. Link: https://lkml.kernel.org/r/tencent_AD5C50E8D78C07A3CE539BD5F6BF39706507@qq.com Signed-off-by: Jianhui Zhou <912460177@qq.com> Cc: Christoph Lameter Cc: Dennis Zhou Cc: JonasZhou Cc: Tejun Heo Signed-off-by: Andrew Morton commit 43c9074e6f093d304d55c43638732c402be75e2b Author: David Hildenbrand Date: Wed Aug 7 13:55:15 2024 +0200 mm/rmap: minimize folio->_nr_pages_mapped updates when batching PTE (un)mapping It is not immediately obvious, but we can move the folio->_nr_pages_mapped update out of the loop and reduce the number of atomic ops without affecting the stats. The important point to realize is that only removing the last PMD mapping will result in _nr_pages_mapped going below ENTIRELY_MAPPED, not the individual atomic_inc_return_relaxed() calls. Concurrent races with removal of PMD mappings should be handled as expected, just like when we would have such races right now on a single mapcount update. In a simple munmap() microbenchmark [1] on 1 GiB of memory backed by the same PTE-mapped folio size (only mapped by a single process such that they will get completely unmapped), this change results in a speedup (positive is good) per folio size on a x86-64 Intel machine of roughly (a bit of noise expected): * 16 KiB: +10% * 32 KiB: +15% * 64 KiB: +17% * 128 KiB: +21% * 256 KiB: +22% * 512 KiB: +22% * 1024 KiB: +23% * 2048 KiB: +27% [1] https://gitlab.com/davidhildenbrand/scratchspace/-/blob/main/pte-mapped-folio-benchmarks.c Link: https://lkml.kernel.org/r/20240807115515.1640951-1-david@redhat.com Signed-off-by: David Hildenbrand Signed-off-by: Andrew Morton commit 67203f3f2a63d429272f0c80451e5fcc469fdb46 Author: Pedro Falcato Date: Wed Aug 7 18:33:36 2024 +0100 selftests/mm: add mseal test for no-discard madvise Add an mseal test for madvise() operations that aren't considered "discard" (e.g purely advisory ops such as MADV_RANDOM). [pedro.falcato@gmail.com: adjust the mseal test's plan] Link: https://lkml.kernel.org/r/20240807203724.2686144-1-pedro.falcato@gmail.com Link: https://lkml.kernel.org/r/20240807173336.2523757-3-pedro.falcato@gmail.com Signed-off-by: Pedro Falcato Tested-by: Jeff Xu Reviewed-by: Jeff Xu Cc: Kees Cook Cc: Liam R. Howlett Cc: Shuah Khan Signed-off-by: Andrew Morton commit cc0a0f98553528791ae33ba5ee8c118b52ae2028 Author: Marco Elver Date: Mon Aug 5 14:39:39 2024 +0200 kfence: introduce burst mode Introduce burst mode, which can be configured with kfence.burst=$count, where the burst count denotes the additional successive slab allocations to be allocated through KFENCE for each sample interval. The idea is that this can give developers an additional knob to make KFENCE more aggressive when debugging specific issues of systems where either rebooting or recompiling the kernel with KASAN is not possible. Experiment: To assess the effectiveness of the new option, we randomly picked a recent out-of-bounds [1] and use-after-free bug [2], each with a reproducer provided by syzbot, that initially detected these bugs with KASAN. We then tried to reproduce the bugs with KFENCE below. [1] Fixed by: 7c55b78818cf ("jfs: xattr: fix buffer overflow for invalid xattr") https://syzkaller.appspot.com/bug?id=9d1b59d4718239da6f6069d3891863c25f9f24a2 [2] Fixed by: f8ad00f3fb2a ("l2tp: fix possible UAF when cleaning up tunnels") https://syzkaller.appspot.com/bug?id=4f34adc84f4a3b080187c390eeef60611fd450e1 The following KFENCE configs were compared. A pool size of 1023 objects was used for all configurations. Baseline kfence.sample_interval=100 kfence.skip_covered_thresh=75 kfence.burst=0 Aggressive kfence.sample_interval=1 kfence.skip_covered_thresh=10 kfence.burst=0 AggressiveBurst kfence.sample_interval=1 kfence.skip_covered_thresh=10 kfence.burst=1000 Each reproducer was run 10 times (after a fresh reboot), with the following detection counts for each KFENCE config: | Detection Count out of 10 | | OOB [1] | UAF [2] | ------------------+-------------+-------------+ Default | 0/10 | 0/10 | Aggressive | 0/10 | 0/10 | AggressiveBurst | 8/10 | 8/10 | With the Default and even the Aggressive configs the results are unsurprising, given KFENCE has not been designed for deterministic bug detection of small test cases. However, when enabling burst mode with relatively large burst count, KFENCE can start to detect heap memory-safety bugs even in simpler test cases with high probability (in the above cases with ~80% probability). Link: https://lkml.kernel.org/r/20240805124203.2692278-1-elver@google.com Signed-off-by: Marco Elver Reviewed-by: Alexander Potapenko Cc: Andrey Konovalov Cc: Dmitry Vyukov Cc: Jann Horn Signed-off-by: Andrew Morton commit 17fe833b0de08a78bfb51388e0615969d73ea8ad Author: Jann Horn Date: Mon Aug 5 14:52:03 2024 +0200 mm: fix (harmless) type confusion in lock_vma_under_rcu() There is a (harmless) type confusion in lock_vma_under_rcu(): After vma_start_read(), we have taken the VMA lock but don't know yet whether the VMA has already been detached and scheduled for RCU freeing. At this point, ->vm_start and ->vm_end are accessed. vm_area_struct contains a union such that ->vm_rcu uses the same memory as ->vm_start and ->vm_end; so accessing ->vm_start and ->vm_end of a detached VMA is illegal and leads to type confusion between union members. Fix it by reordering the vma->detached check above the address checks, and document the rules for RCU readers accessing VMAs. This will probably change the number of observed VMA_LOCK_MISS events (since previously, trying to access a detached VMA whose ->vm_rcu has been scheduled would bail out when checking the fault address against the rcu_head members reinterpreted as VMA bounds). Link: https://lkml.kernel.org/r/20240805-fix-vma-lock-type-confusion-v1-1-9f25443a9a71@google.com Fixes: 50ee32537206 ("mm: introduce lock_vma_under_rcu to be used from arch-specific code") Signed-off-by: Jann Horn Acked-by: Suren Baghdasaryan Cc: Matthew Wilcox Signed-off-by: Andrew Morton commit 0e400844724222a67b962b0f12c7964b5e9a236c Author: Nhat Pham Date: Mon Aug 5 16:22:43 2024 -0700 zswap: track swapins from disk more accurately Currently, there are a couple of issues with our disk swapin tracking for dynamic zswap shrinker heuristics: 1. We only increment the swapin counter on pivot pages. This means we are not taking into account pages that also need to be swapped in, but are already taken care of as part of the readahead window. 2. We are also incrementing when the pages are read from the zswap pool, which is inaccurate. This patch rectifies these issues by incrementing the counter whenever we need to perform a non-zswap read. Note that we are slightly overcounting, as a page might be read into memory by the readahead algorithm even though it will not be neeeded by users - however, this is an acceptable inaccuracy, as the readahead logic itself will adapt to these kind of scenarios. To test this change, I built the kernel under a cgroup with its memory.max set to 2 GB: real: 236.66s user: 4286.06s sys: 652.86s swapins: 81552 For comparison, with just the new second chance algorithm, the build time is as follows: real: 244.85s user: 4327.22s sys: 664.39s swapins: 94663 Without neither: real: 263.89s user: 4318.11s sys: 673.29s swapins: 227300.5 (average over 5 runs) With this change, the kernel CPU time reduces by a further 1.7%, and the real time is reduced by another 3.3%, compared to just the second chance algorithm by itself. The swapins count also reduces by another 13.85%. Combinng the two changes, we reduce the real time by 10.32%, kernel CPU time by 3%, and number of swapins by 64.12%. To gauge the new scheme's ability to offload cold data, I ran another benchmark, in which the kernel was built under a cgroup with memory.max set to 3 GB, but with 0.5 GB worth of cold data allocated before each build (in a shmem file). Under the old scheme: real: 197.18s user: 4365.08s sys: 289.02s zswpwb: 72115.2 Under the new scheme: real: 195.8s user: 4362.25s sys: 290.14s zswpwb: 87277.8 (average over 5 runs) Notice that we actually observe a 21% increase in the number of written back pages - so the new scheme is just as good, if not better at offloading pages from the zswap pool when they are cold. Build time reduces by around 0.7% as a result. [nphamcs@gmail.com: squeeze a comment into a single line] Link: https://lkml.kernel.org/r/20240806004518.3183562-1-nphamcs@gmail.com Link: https://lkml.kernel.org/r/20240805232243.2896283-3-nphamcs@gmail.com Fixes: b5ba474f3f51 ("zswap: shrink zswap pool based on memory pressure") Signed-off-by: Nhat Pham Suggested-by: Johannes Weiner Acked-by: Yosry Ahmed Acked-by: Johannes Weiner Cc: Chengming Zhou Cc: Shakeel Butt Cc: Takero Funaki Signed-off-by: Andrew Morton commit e31c38e037621c445bb4393fd77e0a76e6e0899a Author: Nhat Pham Date: Mon Aug 5 16:22:42 2024 -0700 zswap: implement a second chance algorithm for dynamic zswap shrinker Patch series "improving dynamic zswap shrinker protection scheme", v3. When experimenting with the memory-pressure based (i.e "dynamic") zswap shrinker in production, we observed a sharp increase in the number of swapins, which led to performance regression. We were able to trace this regression to the following problems with the shrinker's warm pages protection scheme: 1. The protection decays way too rapidly, and the decaying is coupled with zswap stores, leading to anomalous patterns, in which a small batch of zswap stores effectively erase all the protection in place for the warmer pages in the zswap LRU. This observation has also been corroborated upstream by Takero Funaki (in [1]). 2. We inaccurately track the number of swapped in pages, missing the non-pivot pages that are part of the readahead window, while counting the pages that are found in the zswap pool. To alleviate these two issues, this patch series improve the dynamic zswap shrinker in the following manner: 1. Replace the protection size tracking scheme with a second chance algorithm. This new scheme removes the need for haphazard stats decaying, and automatically adjusts the pace of pages aging with memory pressure, and writeback rate with pool activities: slowing down when the pool is dominated with zswpouts, and speeding up when the pool is dominated with stale entries. 2. Fix the tracking of the number of swapins to take into account non-pivot pages in the readahead window. With these two changes in place, in a kernel-building benchmark without any cold data added, the number of swapins is reduced by 64.12%. This translate to a 10.32% reduction in build time. We also observe a 3% reduction in kernel CPU time. In another benchmark, with cold data added (to gauge the new algorithm's ability to offload cold data), the new second chance scheme outperforms the old protection scheme by around 0.7%, and actually written back around 21% more pages to backing swap device. So the new scheme is just as good, if not even better than the old scheme on this front as well. [1]: https://lore.kernel.org/linux-mm/CAPpodddcGsK=0Xczfuk8usgZ47xeyf4ZjiofdT+ujiyz6V2pFQ@mail.gmail.com/ This patch (of 2): Current zswap shrinker's heuristics to prevent overshrinking is brittle and inaccurate, specifically in the way we decay the protection size (i.e making pages in the zswap LRU eligible for reclaim). We currently decay protection aggressively in zswap_lru_add() calls. This leads to the following unfortunate effect: when a new batch of pages enter zswap, the protection size rapidly decays to below 25% of the zswap LRU size, which is way too low. We have observed this effect in production, when experimenting with the zswap shrinker: the rate of shrinking shoots up massively right after a new batch of zswap stores. This is somewhat the opposite of what we want originally - when new pages enter zswap, we want to protect both these new pages AND the pages that are already protected in the zswap LRU. Replace existing heuristics with a second chance algorithm 1. When a new zswap entry is stored in the zswap pool, its referenced bit is set. 2. When the zswap shrinker encounters a zswap entry with the referenced bit set, give it a second chance - only flips the referenced bit and rotate it in the LRU. 3. If the shrinker encounters the entry again, this time with its referenced bit unset, then it can reclaim the entry. In this manner, the aging of the pages in the zswap LRUs are decoupled from zswap stores, and picks up the pace with increasing memory pressure (which is what we want). The second chance scheme allows us to modulate the writeback rate based on recent pool activities. Entries that recently entered the pool will be protected, so if the pool is dominated by such entries the writeback rate will reduce proportionally, protecting the workload's workingset.On the other hand, stale entries will be written back quickly, which increases the effective writeback rate. The referenced bit is added at the hole after the `length` field of struct zswap_entry, so there is no extra space overhead for this algorithm. We will still maintain the count of swapins, which is consumed and subtracted from the lru size in zswap_shrinker_count(), to further penalize past overshrinking that led to disk swapins. The idea is that had we considered this many more pages in the LRU active/protected, they would not have been written back and we would not have had to swapped them in. To test this new heuristics, I built the kernel under a cgroup with memory.max set to 2G, on a host with 36 cores: With the old shrinker: real: 263.89s user: 4318.11s sys: 673.29s swapins: 227300.5 With the second chance algorithm: real: 244.85s user: 4327.22s sys: 664.39s swapins: 94663 (average over 5 runs) We observe an 1.3% reduction in kernel CPU usage, and around 7.2% reduction in real time. Note that the number of swapped in pages dropped by 58%. [nphamcs@gmail.com: fix a small mistake in the referenced bit documentation] Link: https://lkml.kernel.org/r/20240806003403.3142387-1-nphamcs@gmail.com Link: https://lkml.kernel.org/r/20240805232243.2896283-1-nphamcs@gmail.com Link: https://lkml.kernel.org/r/20240805232243.2896283-2-nphamcs@gmail.com Signed-off-by: Nhat Pham Suggested-by: Johannes Weiner Acked-by: Yosry Ahmed Cc: Chengming Zhou Cc: Shakeel Butt Cc: Takero Funaki Signed-off-by: Andrew Morton commit 69b50d4351ed924f29e3d46b159e28f70dfc707f Author: David Gow Date: Sat Aug 3 15:46:41 2024 +0800 mm: only enforce minimum stack gap size if it's sensible The generic mmap_base code tries to leave a gap between the top of the stack and the mmap base address, but enforces a minimum gap size (MIN_GAP) of 128MB, which is too large on some setups. In particular, on arm tasks without ADDR_LIMIT_32BIT, the STACK_TOP value is less than 128MB, so it's impossible to fit such a gap in. Only enforce this minimum if MIN_GAP < MAX_GAP, as we'd prefer to honour MAX_GAP, which is defined proportionally, so scales better and always leaves us with both _some_ stack space and some room for mmap. This fixes the usercopy KUnit test suite on 32-bit arm, as it doesn't set any personality flags so gets the default (in this case 26-bit) task size. This test can be run with: ./tools/testing/kunit/kunit.py run --arch arm usercopy --make_options LLVM=1 Link: https://lkml.kernel.org/r/20240803074642.1849623-2-davidgow@google.com Fixes: dba79c3df4a2 ("arm: use generic mmap top-down layout and brk randomization") Signed-off-by: David Gow Reviewed-by: Kees Cook Cc: Alexandre Ghiti Cc: Linus Walleij Cc: Luis Chamberlain Cc: Mark Rutland Cc: Russell King Cc: Signed-off-by: Andrew Morton commit a06e79d383cf0ab694d3d012261b9df36e6dfc3e Author: Yang Li Date: Fri Aug 2 14:02:16 2024 +0800 mm: remove duplicated include in vma_internal.h The header files linux/bug.h is included twice in vma_internal.h, so one inclusion of each can be removed. Link: https://lkml.kernel.org/r/20240802060216.24591-1-yang.lee@linux.alibaba.com Signed-off-by: Yang Li Reported-by: Abaci Robot Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=9636 Reviewed-by: Lorenzo Stoakes Signed-off-by: Andrew Morton commit e317a8d8b4f600fc7ec9725e26417030ee594f52 Author: David Hildenbrand Date: Fri Aug 2 17:55:24 2024 +0200 mm/ksm: convert break_ksm() from walk_page_range_vma() to folio_walk Let's simplify by reusing folio_walk. Keep the existing behavior by handling migration entries and zeropages. Link: https://lkml.kernel.org/r/20240802155524.517137-12-david@redhat.com Signed-off-by: David Hildenbrand Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Claudio Imbrenda Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Janosch Frank Cc: Jonathan Corbet Cc: Matthew Wilcox Cc: Sven Schnelle Cc: Vasily Gorbik Cc: Ryan Roberts Cc: Zi Yan Signed-off-by: Andrew Morton commit 7290840de65e04c1fc59dab692468fc9600c6038 Author: David Hildenbrand Date: Fri Aug 2 17:55:23 2024 +0200 mm: remove follow_page() All users are gone, let's remove it and any leftovers in comments. We'll leave any FOLL/follow_page_() naming cleanups as future work. Link: https://lkml.kernel.org/r/20240802155524.517137-11-david@redhat.com Signed-off-by: David Hildenbrand Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Claudio Imbrenda Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Janosch Frank Cc: Jonathan Corbet Cc: Matthew Wilcox Cc: Sven Schnelle Cc: Vasily Gorbik Cc: Ryan Roberts Cc: Zi Yan Signed-off-by: Andrew Morton commit 0b31a3cef4462ef99ef4667291091ecbcfcc8749 Author: David Hildenbrand Date: Fri Aug 2 17:55:22 2024 +0200 s390/mm/fault: convert do_secure_storage_access() from follow_page() to folio_walk Let's get rid of another follow_page() user and perform the conversion under PTL: Note that this is also what follow_page_pte() ends up doing. Unfortunately we cannot currently optimize out the additional reference, because arch_make_folio_accessible() must be called with a raised refcount to protect against concurrent conversion to secure. We can just move the arch_make_folio_accessible() under the PTL, like follow_page_pte() would. We'll effectively drop the "writable" check implied by FOLL_WRITE: follow_page_pte() would also not check that when calling arch_make_folio_accessible(), so there is no good reason for doing that here. We'll lose the secretmem check from follow_page() as well, about which we shouldn't really care. Link: https://lkml.kernel.org/r/20240802155524.517137-10-david@redhat.com Signed-off-by: David Hildenbrand Reviewed-by: Claudio Imbrenda Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Janosch Frank Cc: Jonathan Corbet Cc: Matthew Wilcox Cc: Sven Schnelle Cc: Vasily Gorbik Cc: Ryan Roberts Cc: Zi Yan Signed-off-by: Andrew Morton commit 85a7e5432dba4c750129797feb399a7bff8b241f Author: David Hildenbrand Date: Fri Aug 2 17:55:21 2024 +0200 s390/uv: convert gmap_destroy_page() from follow_page() to folio_walk Let's get rid of another follow_page() user and perform the UV calls under PTL -- which likely should be fine. No need for an additional reference while holding the PTL: uv_destroy_folio() and uv_convert_from_secure_folio() raise the refcount, so any concurrent make_folio_secure() would see an unexpted reference and cannot set PG_arch_1 concurrently. Do we really need a writable PTE? Likely yes, because the "destroy" part is, in comparison to the export, a destructive operation. So we'll keep the writability check for now. We'll lose the secretmem check from follow_page(). Likely we don't care about that here. Link: https://lkml.kernel.org/r/20240802155524.517137-9-david@redhat.com Signed-off-by: David Hildenbrand Reviewed-by: Claudio Imbrenda Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Janosch Frank Cc: Jonathan Corbet Cc: Matthew Wilcox Cc: Sven Schnelle Cc: Vasily Gorbik Cc: Ryan Roberts Cc: Zi Yan Signed-off-by: Andrew Morton commit 8710f6ed34e7bcf98971d65acfb5eaed5fc469b0 Author: David Hildenbrand Date: Fri Aug 2 17:55:20 2024 +0200 mm/huge_memory: convert split_huge_pages_pid() from follow_page() to folio_walk Let's remove yet another follow_page() user. Note that we have to do the split without holding the PTL, after folio_walk_end(). We don't care about losing the secretmem check in follow_page(). [david@redhat.com: teach can_split_folio() that we are not holding an additional reference] Link: https://lkml.kernel.org/r/c75d1c6c-8ea6-424f-853c-1ccda6c77ba2@redhat.com Link: https://lkml.kernel.org/r/20240802155524.517137-8-david@redhat.com Signed-off-by: David Hildenbrand Reviewed-by: Zi Yan Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Claudio Imbrenda Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Janosch Frank Cc: Jonathan Corbet Cc: Matthew Wilcox Cc: Sven Schnelle Cc: Vasily Gorbik Cc: Ryan Roberts Signed-off-by: Andrew Morton commit b1d3e9bbccb4d295fbbce38b38478ba117e875ae Author: David Hildenbrand Date: Fri Aug 2 17:55:19 2024 +0200 mm/ksm: convert scan_get_next_rmap_item() from follow_page() to folio_walk Let's use folio_walk instead, for example avoiding taking temporary folio references if the folio does obviously not even apply and getting rid of one more follow_page() user. We cannot move all handling under the PTL, so leave the rmap handling (which implies an allocation) out. Note that zeropages obviously don't apply: old code could just have specified FOLL_DUMP. Further, we don't care about losing the secretmem check in follow_page(): these are never anon pages and vma_ksm_compatible() would never consider secretmem vmas (VM_SHARED | VM_MAYSHARE must be set for secretmem, see secretmem_mmap()). Link: https://lkml.kernel.org/r/20240802155524.517137-7-david@redhat.com Signed-off-by: David Hildenbrand Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Claudio Imbrenda Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Janosch Frank Cc: Jonathan Corbet Cc: Matthew Wilcox Cc: Sven Schnelle Cc: Vasily Gorbik Cc: Ryan Roberts Cc: Zi Yan Signed-off-by: Andrew Morton commit 184e916c628bbf51f85389e67b89ac95bde64188 Author: David Hildenbrand Date: Fri Aug 2 17:55:18 2024 +0200 mm/ksm: convert get_mergeable_page() from follow_page() to folio_walk Let's use folio_walk instead, for example avoiding taking temporary folio references if the folio does not even apply and getting rid of one more follow_page() user. Note that zeropages obviously don't apply: old code could just have specified FOLL_DUMP. Anon folios are never secretmem, so we don't care about losing the check in follow_page(). Link: https://lkml.kernel.org/r/20240802155524.517137-6-david@redhat.com Signed-off-by: David Hildenbrand Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Claudio Imbrenda Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Janosch Frank Cc: Jonathan Corbet Cc: Matthew Wilcox Cc: Sven Schnelle Cc: Vasily Gorbik Cc: Ryan Roberts Cc: Zi Yan Signed-off-by: Andrew Morton commit 7dff875c9436a9df2f93cf59a32630761565af99 Author: David Hildenbrand Date: Fri Aug 2 17:55:17 2024 +0200 mm/migrate: convert add_page_for_migration() from follow_page() to folio_walk Let's use folio_walk instead, so we can avoid taking a folio reference when we won't even be trying to migrate the folio and to get rid of another follow_page()/FOLL_DUMP user. Use FW_ZEROPAGE so we can return "-EFAULT" for it as documented. We now perform the folio_likely_mapped_shared() check under PTL, which is what we want: relying on the mapcount and friends after dropping the PTL does not make too much sense, as the page can get unmapped concurrently from this process. Further, we perform the folio isolation under PTL, similar to how we handle it for MADV_PAGEOUT. The possible return values for follow_page() were confusing, especially with FOLL_DUMP set. We'll handle it like documented in the man page: * -EFAULT: This is a zero page or the memory area is not mapped by the process. * -ENOENT: The page is not present. We'll keep setting -ENOENT for ZONE_DEVICE. Maybe not the right thing to do, but it likely doesn't really matter (just like for weird devmap, whereby we fake "not present"). The other errros are left as is, and match the documentation in the man page. While at it, rename add_page_for_migration() to add_folio_for_migration(). We'll lose the "secretmem" check, but that shouldn't really matter because these folios cannot ever be migrated. Should vma_migratable() refuse these VMAs? Maybe. Link: https://lkml.kernel.org/r/20240802155524.517137-5-david@redhat.com Signed-off-by: David Hildenbrand Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Claudio Imbrenda Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Janosch Frank Cc: Jonathan Corbet Cc: Matthew Wilcox Cc: Sven Schnelle Cc: Vasily Gorbik Cc: Ryan Roberts Cc: Zi Yan Signed-off-by: Andrew Morton commit 46d6a9b4450b4f5ebf6e62d03f45800b70221c4f Author: David Hildenbrand Date: Fri Aug 2 17:55:16 2024 +0200 mm/migrate: convert do_pages_stat_array() from follow_page() to folio_walk Let's use folio_walk instead, so we can avoid taking a folio reference just to read the nid and get rid of another follow_page()/FOLL_DUMP user. Use FW_ZEROPAGE so we can return "-EFAULT" for it as documented. The possible return values for follow_page() were confusing, especially with FOLL_DUMP set. We'll handle it like documented in the man page: * -EFAULT: This is a zero page or the memory area is not mapped by the process. * -ENOENT: The page is not present. We'll keep setting -ENOENT for ZONE_DEVICE. Maybe not the right thing to do, but it likely doesn't really matter (just like for weird devmap, whereby we fake "not present"). Note that the other errors (-EACCESS, -EBUSY, -EIO, -EINVAL, -ENOMEM) so far only applied when actually moving pages, not when only querying stats. We'll effectively drop the "secretmem" check we had in follow_page(), but that shouldn't really matter here, we're not accessing folio/page content after all. Link: https://lkml.kernel.org/r/20240802155524.517137-4-david@redhat.com Signed-off-by: David Hildenbrand Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Claudio Imbrenda Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Janosch Frank Cc: Jonathan Corbet Cc: Matthew Wilcox Cc: Sven Schnelle Cc: Vasily Gorbik Cc: Ryan Roberts Cc: Zi Yan Signed-off-by: Andrew Morton commit aa39ca6940f1a0540f2984051b3089972f42959b Author: David Hildenbrand Date: Fri Aug 2 17:55:15 2024 +0200 mm/pagewalk: introduce folio_walk_start() + folio_walk_end() We want to get rid of follow_page(), and have a more reasonable way to just lookup a folio mapped at a certain address, perform some checks while still under PTL, and then only conditionally grab a folio reference if really required. Further, we might want to get rid of some walk_page_range*() users that really only want to temporarily lookup a single folio at a single address. So let's add a new page table walker that does exactly that, similarly to GUP also being able to walk hugetlb VMAs. Add folio_walk_end() as a macro for now: the compiler is not easy to please with the pte_unmap()->kunmap_local(). Note that one difference between follow_page() and get_user_pages(1) is that follow_page() will not trigger faults to get something mapped. So folio_walk is at least currently not a replacement for get_user_pages(1), but could likely be extended/reused to achieve something similar in the future. Link: https://lkml.kernel.org/r/20240802155524.517137-3-david@redhat.com Signed-off-by: David Hildenbrand Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Claudio Imbrenda Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Janosch Frank Cc: Jonathan Corbet Cc: Matthew Wilcox Cc: Sven Schnelle Cc: Vasily Gorbik Cc: Ryan Roberts Cc: Zi Yan Signed-off-by: Andrew Morton commit 3523a37e657c7cc97723a54e9dfacca6c003e4c1 Author: David Hildenbrand Date: Fri Aug 2 17:55:14 2024 +0200 mm: provide vm_normal_(page|folio)_pmd() with CONFIG_PGTABLE_HAS_HUGE_LEAVES Patch series "mm: replace follow_page() by folio_walk". Looking into a way of moving the last folio_likely_mapped_shared() call in add_folio_for_migration() under the PTL, I found myself removing follow_page(). This paves the way for cleaning up all the FOLL_, follow_* terminology to just be called "GUP" nowadays. The new page table walker will lookup a mapped folio and return to the caller with the PTL held, such that the folio cannot get unmapped concurrently. Callers can then conditionally decide whether they really want to take a short-term folio reference or whether the can simply unlock the PTL and be done with it. folio_walk is similar to page_vma_mapped_walk(), except that we don't know the folio we want to walk to and that we are only walking to exactly one PTE/PMD/PUD. folio_walk provides access to the pte/pmd/pud (and the referenced folio page because things like KSM need that), however, as part of this series no page table modifications are performed by users. We might be able to convert some other walk_page_range() users that really only walk to one address, such as DAMON with damon_mkold_ops/damon_young_ops. It might make sense to extend folio_walk in the future to optionally fault in a folio (if applicable), such that we can replace some get_user_pages() users that really only want to lookup a single page/folio under PTL without unconditionally grabbing a folio reference. I have plans to extend the approach to a range walker that will try batching various page table entries (not just folio pages) to be a better replace for walk_page_range() -- and users will be able to opt in which type of page table entries they want to process -- but that will require more work and more thoughts. KSM seems to work just fine (ksm_functional_tests selftests) and move_pages seems to work (migration selftest). I tested the leaf implementation excessively using various hugetlb sizes (64K, 2M, 32M, 1G) on arm64 using move_pages and did some more testing on x86-64. Cross compiled on a bunch of architectures. This patch (of 11): We want to make use of vm_normal_page_pmd() in generic page table walking code where we might walk hugetlb folios that are mapped by PMDs even without CONFIG_TRANSPARENT_HUGEPAGE. So let's expose vm_normal_page_pmd() + vm_normal_folio_pmd() with CONFIG_PGTABLE_HAS_HUGE_LEAVES. Link: https://lkml.kernel.org/r/20240802155524.517137-1-david@redhat.com Link: https://lkml.kernel.org/r/20240802155524.517137-2-david@redhat.com Signed-off-by: David Hildenbrand Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Claudio Imbrenda Cc: Gerald Schaefer Cc: Heiko Carstens Cc: Janosch Frank Cc: Jonathan Corbet Cc: Matthew Wilcox Cc: Sven Schnelle Cc: Vasily Gorbik Cc: Ryan Roberts Cc: Zi Yan Signed-off-by: Andrew Morton commit 620943d7ee69070df8844235d58843af48ac70e2 Author: Andrew Morton Date: Thu Aug 1 16:50:05 2024 -0700 include/linux/mmzone.h: clean up watermark accessors - we have a helper wmark_pages(). Teach min_wmark_pages(), low_wmark_pages(), high_wmark_pages() and promo_wmark_pages() to use it instead of open-coding its implementation. - there's no reason to implement all these things as macros. Redo them in C. Acked-by: Johannes Weiner Cc: Kaiyang Zhao Signed-off-by: Andrew Morton commit 528afe6b9605dee42798c78deadba62e02e89d0f Author: Kaiyang Zhao Date: Thu Aug 1 23:25:48 2024 +0000 mm: print the promo watermark in zoneinfo Print the promo watermark in zoneinfo just like other watermarks. This helps users check and verify all the watermarks are appropriate. Link: https://lkml.kernel.org/r/20240801232548.36604-3-kaiyang2@cs.cmu.edu Signed-off-by: Kaiyang Zhao Cc: Johannes Weiner Signed-off-by: Andrew Morton commit 03790c51a475c46647079e67e2460a149938bfd6 Author: Kaiyang Zhao Date: Thu Aug 1 23:25:47 2024 +0000 mm: create promo_wmark_pages and clean up open-coded sites Patch series "mm: print the promo watermark in zoneinfo", v2. This patch (of 2): Define promo_wmark_pages and convert current call sites of wmark_pages with fixed WMARK_PROMO to using it instead. Link: https://lkml.kernel.org/r/20240801232548.36604-1-kaiyang2@cs.cmu.edu Link: https://lkml.kernel.org/r/20240801232548.36604-2-kaiyang2@cs.cmu.edu Signed-off-by: Kaiyang Zhao Cc: Johannes Weiner Signed-off-by: Andrew Morton commit 6d192303e82c7f7119020418a4c3029bebf9a0e6 Author: Kaiyang Zhao Date: Thu Aug 1 18:04:56 2024 +0000 mm: consider CMA pages in watermark check for NUMA balancing target node Currently in migrate_balanced_pgdat(), ALLOC_CMA flag is not passed when checking watermark on the migration target node. This does not match the gfp in alloc_misplaced_dst_folio() which allows allocation from CMA. This causes promotion failures when there are a lot of available CMA memory in the system. Therefore, we change the alloc_flags passed to zone_watermark_ok() in migrate_balanced_pgdat(). Link: https://lkml.kernel.org/r/20240801180456.25927-1-kaiyang2@cs.cmu.edu Signed-off-by: Kaiyang Zhao Acked-by: Johannes Weiner Reviewed-by: Baolin Wang Signed-off-by: Andrew Morton commit 81920438a6dce78e6eac17ee34f29bf6c32074b1 Author: Takero Funaki Date: Wed Jul 31 00:49:10 2024 +0000 mm: zswap: fix global shrinker error handling logic This patch fixes the zswap global shrinker, which did not shrink the zpool as expected. The issue addressed is that shrink_worker() did not distinguish between unexpected errors and expected errors, such as failed writeback from an empty memcg. The shrinker would stop shrinking after iterating through the memcg tree 16 times, even if there was only one empty memcg. With this patch, the shrinker no longer considers encountering an empty memcg, encountering a memcg with writeback disabled, or reaching the end of a memcg tree walk as a failure, as long as there are memcgs that are candidates for writeback. Systems with one or more empty memcgs will now observe significantly higher zswap writeback activity after the zswap pool limit is hit. To avoid an infinite loop when there are no writeback candidates, this patch tracks writeback attempts during memcg tree walks and limits reties if no writeback candidates are found. To handle the empty memcg case, the helper function shrink_memcg() is modified to check if the memcg is empty and then return -ENOENT. Link: https://lkml.kernel.org/r/20240731004918.33182-3-flintglass@gmail.com Fixes: a65b0e7607cc ("zswap: make shrinking memcg-aware") Signed-off-by: Takero Funaki Reviewed-by: Chengming Zhou Reviewed-by: Nhat Pham Cc: Johannes Weiner Cc: Yosry Ahmed Signed-off-by: Andrew Morton commit c5519e0a9bfb6365445de0521a6fe7000b375ecf Author: Takero Funaki Date: Wed Jul 31 00:49:09 2024 +0000 mm: zswap: fix global shrinker memcg iteration Patch series "mm: zswap: fixes for global shrinker", v5. This series addresses issues in the zswap global shrinker that could not shrink stored pages. With this series, the shrinker continues to shrink pages until it reaches the accept threshold more reliably, gives much higher writeback when the zswap pool limit is hit. This patch (of 2): This patch fixes an issue where the zswap global shrinker stopped iterating through the memcg tree. The problem was that shrink_worker() would restart iterating memcg tree from the tree root, considering an offline memcg as a failure, and abort shrinking after encountering the same offline memcg 16 times even if there is only one offline memcg. After this change, an offline memcg in the tree is no longer considered a failure. This allows the shrinker to continue shrinking the other online memcgs regardless of whether an offline memcg exists, gives higher zswap writeback activity. To avoid holding refcount of offline memcg encountered during the memcg tree walking, shrink_worker() must continue iterating to release the offline memcg to ensure the next memcg stored in the cursor is online. The offline memcg cleaner has also been changed to avoid the same issue. When the next memcg of the offlined memcg is also offline, the refcount stored in the iteration cursor was held until the next shrink_worker() run. The cleaner must release the offline memcg recursively. [yosryahmed@google.com: make critical section more obvious, unify comments] Link: https://lkml.kernel.org/r/CAJD7tkaScz+SbB90Q1d5mMD70UfM2a-J2zhXDT9sePR7Qap45Q@mail.gmail.com Link: https://lkml.kernel.org/r/20240731004918.33182-1-flintglass@gmail.com Link: https://lkml.kernel.org/r/20240731004918.33182-2-flintglass@gmail.com Fixes: a65b0e7607cc ("zswap: make shrinking memcg-aware") Signed-off-by: Takero Funaki Signed-off-by: Yosry Ahmed Acked-by: Yosry Ahmed Reviewed-by: Chengming Zhou Reviewed-by: Nhat Pham Cc: Chengming Zhou Cc: Johannes Weiner Signed-off-by: Andrew Morton commit 1d3440305e07c166c3752edb5e212bf324cf3252 Author: Zhaoyu Liu Date: Wed Jul 31 21:31:01 2024 +0800 mm: swap: allocate folio only first time in __read_swap_cache_async() It should be checked by filemap_get_folio() if SWAP_HAS_CACHE was marked while reading a share swap page. It would re-allocate a folio if the swap cache was not ready now. We save the new folio to avoid page allocating again. Link: https://lkml.kernel.org/r/20240731133101.GA2096752@bytedance Signed-off-by: Zhaoyu Liu Cc: Domenico Cerasuolo Cc: Kairui Song Cc: Matthew Wilcox Signed-off-by: Andrew Morton commit 17d5f38b33b66210c5a46af639c47fddfe1c5b4d Author: David Hildenbrand Date: Wed Jul 31 18:07:58 2024 +0200 mm: clarify folio_likely_mapped_shared() documentation for KSM folios For KSM folios, the function actually does what it is supposed to do: even having multiple mappings inside the same MM is considered "sharing", as there is no real relationship between these KSM page mappings -- in contrast to mapping the same file range twice and having the same pagecache page mapped twice. Link: https://lkml.kernel.org/r/20240731160758.808925-1-david@redhat.com Signed-off-by: David Hildenbrand Signed-off-by: Andrew Morton commit 6654d28995d2d1d3e65c653f471a635cd21c99ea Author: David Hildenbrand Date: Wed Jul 10 23:43:50 2024 +0200 mm/rmap: cleanup partially-mapped handling in __folio_remove_rmap() Let's simplify and reduce code indentation. In the RMAP_LEVEL_PTE case, we already check for nr when computing partially_mapped. For RMAP_LEVEL_PMD, it's a bit more confusing. Likely, we don't need the "nr" check, but we could have "nr < nr_pmdmapped" also if we stumbled into the "/* Raced ahead of another remove and an add? */" case. So let's simply move the nr check in there. Note that partially_mapped is always false for small folios. No functional change intended. Link: https://lkml.kernel.org/r/20240710214350.147864-1-david@redhat.com Signed-off-by: David Hildenbrand Reviewed-by: Zi Yan Reviewed-by: Yosry Ahmed Signed-off-by: Andrew Morton commit 94ccd21e9a5f41585bd16cc84dab2afa6cc21149 Author: David Hildenbrand Date: Wed Jul 31 16:20:00 2024 +0200 mm/hugetlb: remove hugetlb_follow_page_mask() leftover We removed hugetlb_follow_page_mask() in commit 9cb28da54643 ("mm/gup: handle hugetlb in the generic follow_page_mask code") but forgot to cleanup some leftovers. While at it, simplify the hugetlb comment, it's overly detailed and rather confusing. Stating that we may end up in there during coredumping is sufficient to explain the PF_DUMPCORE usage. Link: https://lkml.kernel.org/r/20240731142000.625044-1-david@redhat.com Signed-off-by: David Hildenbrand Reviewed-by: Peter Xu Cc: Muchun Song Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Signed-off-by: Andrew Morton commit f732e242841a9775b71744fa6b9bf6f25215b11f Author: Wei Yang Date: Fri Jul 26 01:01:57 2024 +0000 mm/memory_hotplug: get rid of __ref After commit 73db3abdca58 ("init/modpost: conditionally check section mismatch to __meminit*"), we can get rid of __ref annotations. Link: https://lkml.kernel.org/r/20240726010157.6177-1-richard.weiyang@gmail.com Signed-off-by: Wei Yang Acked-by: David Hildenbrand Cc: Masahiro Yamada Cc: Oscar Salvador Signed-off-by: Andrew Morton commit 9f101bef408a3f70c44b6e4de44d3d4e2655ed10 Author: Barry Song Date: Tue Jul 30 19:13:39 2024 +1200 mm: swap: add nr argument in swapcache_prepare and swapcache_clear to support large folios Right now, swapcache_prepare() and swapcache_clear() supports one entry only, to support large folios, we need to handle multiple swap entries. To optimize stack usage, we iterate twice in __swap_duplicate(): the first time to verify that all entries are valid, and the second time to apply the modifications to the entries. Currently, we're using nr=1 for the existing users. [v-songbaohua@oppo.com: clarify swap_count_continued and improve readability for __swap_duplicate] Link: https://lkml.kernel.org/r/20240802071817.47081-1-21cnbao@gmail.com Link: https://lkml.kernel.org/r/20240730071339.107447-2-21cnbao@gmail.com Signed-off-by: Barry Song Reviewed-by: Baolin Wang Acked-by: David Hildenbrand Tested-by: Baolin Wang Cc: Chris Li Cc: Gao Xiang Cc: "Huang, Ying" Cc: Hugh Dickins Cc: Johannes Weiner Cc: Kairui Song Cc: Kalesh Singh Cc: Matthew Wilcox (Oracle) Cc: Michal Hocko Cc: Minchan Kim Cc: Nhat Pham Cc: Ryan Roberts Cc: Sergey Senozhatsky Cc: Shakeel Butt Cc: Suren Baghdasaryan Cc: Yang Shi Cc: Yosry Ahmed Signed-off-by: Andrew Morton commit 7e60dcb22252d4415b66f7fb33e6d713e19036e0 Author: Uros Bizjak Date: Tue Jul 30 14:34:17 2024 +0200 mm/z3fold: add __percpu annotation to *unbuddied pointer in struct z3fold_pool Compiling z3fold.c results in several sparse warnings: z3fold.c:797:21: warning: incorrect type in initializer (different address spaces) z3fold.c:797:21: expected void const [noderef] __percpu *__vpp_verify z3fold.c:797:21: got struct list_head * z3fold.c:852:37: warning: incorrect type in initializer (different address spaces) z3fold.c:852:37: expected void const [noderef] __percpu *__vpp_verify z3fold.c:852:37: got struct list_head * z3fold.c:924:25: warning: incorrect type in assignment (different address spaces) z3fold.c:924:25: expected struct list_head *unbuddied z3fold.c:924:25: got void [noderef] __percpu *_res z3fold.c:930:33: warning: incorrect type in initializer (different address spaces) z3fold.c:930:33: expected void const [noderef] __percpu *__vpp_verify z3fold.c:930:33: got struct list_head * z3fold.c:949:25: warning: incorrect type in argument 1 (different address spaces) z3fold.c:949:25: expected void [noderef] __percpu *__pdata z3fold.c:949:25: got struct list_head *unbuddied z3fold.c:979:25: warning: incorrect type in argument 1 (different address spaces) z3fold.c:979:25: expected void [noderef] __percpu *__pdata z3fold.c:979:25: got struct list_head *unbuddied Add __percpu annotation to *unbuddied pointer to fix these warnings. Link: https://lkml.kernel.org/r/20240730123445.5875-1-ubizjak@gmail.com Signed-off-by: Uros Bizjak Reviewed-by: Miaohe Lin Cc: Vitaly Wool Signed-off-by: Andrew Morton commit 5c0532500f102ae8f80be122223eb692ca1d6721 Author: Hao Ge Date: Mon Jul 29 16:04:31 2024 +0800 mm/cma: change the addition of totalcma_pages in the cma_init_reserved_mem Replace the unnecessary division calculation with cma->count when update the value of totalcma_pages. Link: https://lkml.kernel.org/r/20240729080431.70916-1-hao.ge@linux.dev Signed-off-by: Hao Ge Reviewed-by: David Hildenbrand Signed-off-by: Andrew Morton commit 29943248af0a8ac3edb808564baa417b40e35521 Author: Wei Yang Date: Mon Jul 29 14:47:17 2024 +0530 mm: improve code consistency with zonelist_* helper functions Replace direct access to zoneref->zone, zoneref->zone_idx, or zone_to_nid(zoneref->zone) with the corresponding zonelist_* helper functions for consistency. No functional change. Link: https://lkml.kernel.org/r/20240729091717.464-1-shivankg@amd.com Co-developed-by: Shivank Garg Signed-off-by: Shivank Garg Signed-off-by: Wei Yang Acked-by: David Hildenbrand Cc: Mike Rapoport (IBM) Signed-off-by: Andrew Morton commit 9325b8b5a1cba1fbabe6e8217e248c5f90fd0e13 Author: Lorenzo Stoakes Date: Mon Jul 29 12:50:41 2024 +0100 tools: add skeleton code for userland testing of VMA logic Establish a new userland VMA unit testing implementation under tools/testing which utilises existing logic providing maple tree support in userland utilising the now-shared code previously exclusive to radix tree testing. This provides fundamental VMA operations whose API is defined in mm/vma.h, while stubbing out superfluous functionality. This exists as a proof-of-concept, with the test implementation functional and sufficient to allow userland compilation of vma.c, but containing only cursory tests to demonstrate basic functionality. Link: https://lkml.kernel.org/r/533ffa2eec771cbe6b387dd049a7f128a53eb616.1722251717.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Tested-by: SeongJae Park Acked-by: Vlastimil Babka Reviewed-by: Liam R. Howlett Cc: Alexander Viro Cc: Brendan Higgins Cc: Christian Brauner Cc: David Gow Cc: Eric W. Biederman Cc: Jan Kara Cc: Kees Cook Cc: Matthew Wilcox (Oracle) Cc: Rae Moar Cc: Shuah Khan Cc: Suren Baghdasaryan Cc: Pengfei Xu Signed-off-by: Andrew Morton commit 74579d8dab476b66cd28715e73832ab777f20984 Author: Lorenzo Stoakes Date: Mon Jul 29 12:50:40 2024 +0100 tools: separate out shared radix-tree components The core components contained within the radix-tree tests which provide shims for kernel headers and access to the maple tree are useful for testing other things, so separate them out and make the radix tree tests dependent on the shared components. This lays the groundwork for us to add VMA tests of the newly introduced vma.c file. Link: https://lkml.kernel.org/r/1ee720c265808168e0d75608e687607d77c36719.1722251717.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Acked-by: Vlastimil Babka Reviewed-by: Liam R. Howlett Cc: Alexander Viro Cc: Brendan Higgins Cc: Christian Brauner Cc: David Gow Cc: Eric W. Biederman Cc: Jan Kara Cc: Kees Cook Cc: Matthew Wilcox (Oracle) Cc: Rae Moar Cc: SeongJae Park Cc: Shuah Khan Cc: Suren Baghdasaryan Cc: Pengfei Xu Signed-off-by: Andrew Morton commit 802443a44dfff8536f05da2ddd44a293367d2d99 Author: Lorenzo Stoakes Date: Mon Jul 29 12:50:39 2024 +0100 MAINTAINERS: add entry for new VMA files The vma files contain logic split from mmap.c for the most part and are all relevant to VMA logic, so maintain the same reviewers for both. Link: https://lkml.kernel.org/r/bf2581cce2b4d210deabb5376c6aa0ad6facf1ff.1722251717.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Acked-by: Vlastimil Babka Acked-by: Liam R. Howlett Cc: Alexander Viro Cc: Brendan Higgins Cc: Christian Brauner Cc: David Gow Cc: Eric W. Biederman Cc: Jan Kara Cc: Kees Cook Cc: Matthew Wilcox (Oracle) Cc: Rae Moar Cc: SeongJae Park Cc: Shuah Khan Cc: Suren Baghdasaryan Cc: Pengfei Xu Signed-off-by: Andrew Morton commit 49b1b8d6f6831026cb105b0eafa18f13db612d86 Author: Lorenzo Stoakes Date: Mon Jul 29 12:50:38 2024 +0100 mm: move internal core VMA manipulation functions to own file This patch introduces vma.c and moves internal core VMA manipulation functions to this file from mmap.c. This allows us to isolate VMA functionality in a single place such that we can create userspace testing code that invokes this functionality in an environment where we can implement simple unit tests of core functionality. This patch ensures that core VMA functionality is explicitly marked as such by its presence in mm/vma.h. It also places the header includes required by vma.c in vma_internal.h, which is simply imported by vma.c. This makes the VMA functionality testable, as userland testing code can simply stub out functionality as required. Link: https://lkml.kernel.org/r/c77a6aafb4c42aaadb8e7271a853658cbdca2e22.1722251717.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Reviewed-by: Vlastimil Babka Reviewed-by: Liam R. Howlett Cc: Alexander Viro Cc: Brendan Higgins Cc: Christian Brauner Cc: David Gow Cc: Eric W. Biederman Cc: Jan Kara Cc: Kees Cook Cc: Matthew Wilcox (Oracle) Cc: Rae Moar Cc: SeongJae Park Cc: Shuah Khan Cc: Suren Baghdasaryan Cc: Pengfei Xu Signed-off-by: Andrew Morton commit d61f0d59683d9c899211c300254d4140c482a6c0 Author: Lorenzo Stoakes Date: Mon Jul 29 12:50:37 2024 +0100 mm: move vma_shrink(), vma_expand() to internal header The vma_shrink() and vma_expand() functions are internal VMA manipulation functions which we ought to abstract for use outside of memory management code. To achieve this, we replace shift_arg_pages() in fs/exec.c with an invocation of a new relocate_vma_down() function implemented in mm/mmap.c, which enables us to also move move_page_tables() and vma_iter_prev_range() to internal.h. The purpose of doing this is to isolate key VMA manipulation functions in order that we can both abstract them and later render them easily testable. Link: https://lkml.kernel.org/r/3cfcd9ec433e032a85f636fdc0d7d98fafbd19c5.1722251717.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Reviewed-by: Vlastimil Babka Reviewed-by: Liam R. Howlett Cc: Alexander Viro Cc: Brendan Higgins Cc: Christian Brauner Cc: David Gow Cc: Eric W. Biederman Cc: Jan Kara Cc: Kees Cook Cc: Matthew Wilcox (Oracle) Cc: Rae Moar Cc: SeongJae Park Cc: Shuah Khan Cc: Suren Baghdasaryan Cc: Pengfei Xu Signed-off-by: Andrew Morton commit fa04c08f3ce649b47781c7663e92398197f5b551 Author: Lorenzo Stoakes Date: Mon Jul 29 12:50:36 2024 +0100 mm: move vma_modify() and helpers to internal header These are core VMA manipulation functions which invoke VMA splitting and merging and should not be directly accessed from outside of mm/. Link: https://lkml.kernel.org/r/5efde0c6342a8860d5ffc90b415f3989fd8ed0b2.1722251717.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Reviewed-by: Vlastimil Babka Reviewed-by: Liam R. Howlett Cc: Alexander Viro Cc: Brendan Higgins Cc: Christian Brauner Cc: David Gow Cc: Eric W. Biederman Cc: Jan Kara Cc: Kees Cook Cc: Matthew Wilcox (Oracle) Cc: Rae Moar Cc: SeongJae Park Cc: Shuah Khan Cc: Suren Baghdasaryan Cc: Pengfei Xu Signed-off-by: Andrew Morton commit a17c7d8fd2b097a422fc892b660e879e19c20214 Author: Lorenzo Stoakes Date: Mon Jul 29 12:50:35 2024 +0100 userfaultfd: move core VMA manipulation logic to mm/userfaultfd.c Patch series "Make core VMA operations internal and testable", v4. There are a number of "core" VMA manipulation functions implemented in mm/mmap.c, notably those concerning VMA merging, splitting, modifying, expanding and shrinking, which logically don't belong there. More importantly this functionality represents an internal implementation detail of memory management and should not be exposed outside of mm/ itself. This patch series isolates core VMA manipulation functionality into its own file, mm/vma.c, and provides an API to the rest of the mm code in mm/vma.h. Importantly, it also carefully implements mm/vma_internal.h, which specifies which headers need to be imported by vma.c, leading to the very useful property that vma.c depends only on mm/vma.h and mm/vma_internal.h. This means we can then re-implement vma_internal.h in userland, adding shims for kernel mechanisms as required, allowing us to unit test internal VMA functionality. This testing is useful as opposed to an e.g. kunit implementation as this way we can avoid all external kernel side-effects while testing, run tests VERY quickly, and iterate on and debug problems quickly. Excitingly this opens the door to, in the future, recreating precise problems observed in production in userland and very quickly debugging problems that might otherwise be very difficult to reproduce. This patch series takes advantage of existing shim logic and full userland maple tree support contained in tools/testing/radix-tree/ and tools/include/linux/, separating out shared components of the radix tree implementation to provide this testing. Kernel functionality is stubbed and shimmed as needed in tools/testing/vma/ which contains a fully functional userland vma_internal.h file and which imports mm/vma.c and mm/vma.h to be directly tested from userland. A simple, skeleton testing implementation is provided in tools/testing/vma/vma.c as a proof-of-concept, asserting that simple VMA merge, modify (testing split), expand and shrink functionality work correctly. This patch (of 4): This patch forms part of a patch series intending to separate out VMA logic and render it testable from userspace, which requires that core manipulation functions be exposed in an mm/-internal header file. In order to do this, we must abstract APIs we wish to test, in this instance functions which ultimately invoke vma_modify(). This patch therefore moves all logic which ultimately invokes vma_modify() to mm/userfaultfd.c, trying to transfer code at a functional granularity where possible. [lorenzo.stoakes@oracle.com: fix user-after-free in userfaultfd_clear_vma()] Link: https://lkml.kernel.org/r/3c947ddc-b804-49b7-8fe9-3ea3ca13def5@lucifer.local Link: https://lkml.kernel.org/r/cover.1722251717.git.lorenzo.stoakes@oracle.com Link: https://lkml.kernel.org/r/50c3ed995fd81c45876c86304c8a00bf3e396cfd.1722251717.git.lorenzo.stoakes@oracle.com Signed-off-by: Lorenzo Stoakes Reviewed-by: Vlastimil Babka Reviewed-by: Liam R. Howlett Cc: Alexander Viro Cc: Brendan Higgins Cc: Christian Brauner Cc: David Gow Cc: Eric W. Biederman Cc: Jan Kara Cc: Kees Cook Cc: Matthew Wilcox (Oracle) Cc: Rae Moar Cc: SeongJae Park Cc: Shuah Khan Cc: Suren Baghdasaryan Cc: Pengfei Xu Signed-off-by: Andrew Morton commit d075bccec082be326e08d8b4f7cd491029438f0b Author: David Finkel Date: Mon Jul 29 10:37:43 2024 -0400 mm, memcg: cg2 memory{.swap,}.peak write tests Extend two existing tests to cover extracting memory usage through the newly mutable memory.peak and memory.swap.peak handlers. In particular, make sure to exercise adding and removing watchers with overlapping lifetimes so the less-trivial logic gets tested. The new/updated tests attempt to detect a lack of the write handler by fstat'ing the memory.peak and memory.swap.peak files and skip the tests if that's the case. Additionally, skip if the file doesn't exist at all. [davidf@vimeo.com: update tests] Link: https://lkml.kernel.org/r/20240730231304.761942-3-davidf@vimeo.com Link: https://lkml.kernel.org/r/20240729143743.34236-3-davidf@vimeo.com Signed-off-by: David Finkel Acked-by: Tejun Heo Reviewed-by: Roman Gushchin Cc: Johannes Weiner Cc: Jonathan Corbet Cc: Michal Hocko Cc: Michal Koutný Cc: Muchun Song Cc: Shakeel Butt Cc: Shuah Khan Cc: Waiman Long Cc: Zefan Li Signed-off-by: Andrew Morton commit c6f53ed8f213a66ae8bc40aa9112c32412c35a21 Author: David Finkel Date: Mon Jul 29 10:37:42 2024 -0400 mm, memcg: cg2 memory{.swap,}.peak write handlers Patch series "mm, memcg: cg2 memory{.swap,}.peak write handlers", v7. This patch (of 2): Other mechanisms for querying the peak memory usage of either a process or v1 memory cgroup allow for resetting the high watermark. Restore parity with those mechanisms, but with a less racy API. For example: - Any write to memory.max_usage_in_bytes in a cgroup v1 mount resets the high watermark. - writing "5" to the clear_refs pseudo-file in a processes's proc directory resets the peak RSS. This change is an evolution of a previous patch, which mostly copied the cgroup v1 behavior, however, there were concerns about races/ownership issues with a global reset, so instead this change makes the reset filedescriptor-local. Writing any non-empty string to the memory.peak and memory.swap.peak pseudo-files reset the high watermark to the current usage for subsequent reads through that same FD. Notably, following Johannes's suggestion, this implementation moves the O(FDs that have written) behavior onto the FD write(2) path. Instead, on the page-allocation path, we simply add one additional watermark to conditionally bump per-hierarchy level in the page-counter. Additionally, this takes Longman's suggestion of nesting the page-charging-path checks for the two watermarks to reduce the number of common-case comparisons. This behavior is particularly useful for work scheduling systems that need to track memory usage of worker processes/cgroups per-work-item. Since memory can't be squeezed like CPU can (the OOM-killer has opinions), these systems need to track the peak memory usage to compute system/container fullness when binpacking workitems. Most notably, Vimeo's use-case involves a system that's doing global binpacking across many Kubernetes pods/containers, and while we can use PSI for some local decisions about overload, we strive to avoid packing workloads too tightly in the first place. To facilitate this, we track the peak memory usage. However, since we run with long-lived workers (to amortize startup costs) we need a way to track the high watermark while a work-item is executing. Polling runs the risk of missing short spikes that last for timescales below the polling interval, and peak memory tracking at the cgroup level is otherwise perfect for this use-case. As this data is used to ensure that binpacked work ends up with sufficient headroom, this use-case mostly avoids the inaccuracies surrounding reclaimable memory. Link: https://lkml.kernel.org/r/20240730231304.761942-1-davidf@vimeo.com Link: https://lkml.kernel.org/r/20240729143743.34236-1-davidf@vimeo.com Link: https://lkml.kernel.org/r/20240729143743.34236-2-davidf@vimeo.com Signed-off-by: David Finkel Suggested-by: Johannes Weiner Suggested-by: Waiman Long Acked-by: Johannes Weiner Reviewed-by: Michal Koutný Acked-by: Tejun Heo Reviewed-by: Roman Gushchin Cc: Jonathan Corbet Cc: Michal Hocko Cc: Muchun Song Cc: Shakeel Butt Cc: Shuah Khan Cc: Zefan Li Signed-off-by: Andrew Morton commit 3290ef3c7f2a8171fc534e02fb95a512eeae689a Author: David Hildenbrand Date: Mon Jul 29 20:38:44 2024 +0200 s390/uv: drop arch_make_page_accessible() All code was converted to using arch_make_folio_accessible(), let's drop arch_make_page_accessible(). Link: https://lkml.kernel.org/r/20240729183844.388481-4-david@redhat.com Signed-off-by: David Hildenbrand Reviewed-by: Matthew Wilcox (Oracle) Reviewed-by: Vishal Moola (Oracle) Reviewed-by: Claudio Imbrenda Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Heiko Carstens Cc: Janosch Frank Cc: Sven Schnelle Cc: Vasily Gorbik Signed-off-by: Andrew Morton commit b967c64890d2938f16606d82ac6afcf25ed0129a Author: David Hildenbrand Date: Mon Jul 29 20:38:43 2024 +0200 mm/gup: convert to arch_make_folio_accessible() Let's use arch_make_folio_accessible() instead so we can get rid of arch_make_page_accessible(). Link: https://lkml.kernel.org/r/20240729183844.388481-3-david@redhat.com Signed-off-by: David Hildenbrand Reviewed-by: Matthew Wilcox (Oracle) Reviewed-by: Vishal Moola (Oracle) Reviewed-by: Claudio Imbrenda Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: Heiko Carstens Cc: Janosch Frank Cc: Sven Schnelle Cc: Vasily Gorbik Signed-off-by: Andrew Morton commit e5a41fc77771c7c7f6b9bef85a02b38b802b7371 Author: David Hildenbrand Date: Mon Jul 29 20:38:42 2024 +0200 mm: simplify arch_make_folio_accessible() Patch series "mm: remove arch_make_page_accessible()". Now that s390x implements arch_make_folio_accessible(), let's convert remaining users to use arch_make_folio_accessible() instead so we can remove arch_make_page_accessible(). This patch (of 3): Now that s390x implements HAVE_ARCH_MAKE_FOLIO_ACCESSIBLE, let's turn generic arch_make_folio_accessible() into a NOP: there are no other targets that implement HAVE_ARCH_MAKE_PAGE_ACCESSIBLE but not HAVE_ARCH_MAKE_FOLIO_ACCESSIBLE. Link: https://lkml.kernel.org/r/20240729183844.388481-1-david@redhat.com Link: https://lkml.kernel.org/r/20240729183844.388481-2-david@redhat.com Signed-off-by: David Hildenbrand Reviewed-by: Matthew Wilcox (Oracle) Reviewed-by: Vishal Moola (Oracle) Reviewed-by: Claudio Imbrenda Cc: Alexander Gordeev Cc: Christian Borntraeger Cc: David Hildenbrand Cc: Heiko Carstens Cc: Janosch Frank Cc: Sven Schnelle Cc: Vasily Gorbik Signed-off-by: Andrew Morton commit 592c9330e3692c9636adddfe17004870ae8dc434 Author: Thorsten Blum Date: Fri Jul 26 15:12:46 2024 +0200 lib: test_hmm: use min() to improve dmirror_exclusive() Use min() to simplify the dmirror_exclusive() function and improve its readability. Link: https://lkml.kernel.org/r/20240726131245.161695-1-thorsten.blum@toblux.com Signed-off-by: Thorsten Blum Reviewed-by: David Hildenbrand Cc: Jérôme Glisse Signed-off-by: Andrew Morton commit 073ebebd186250038a04be9693240f90f398c4b1 Author: David Hildenbrand Date: Fri Jul 26 17:07:28 2024 +0200 powerpc/8xx: document and enforce that split PT locks are not used Right now, we cannot have split PT locks because 8xx does not support SMP. But for the sake of documentation *why* 8xx is fine regarding what we documented in huge_pte_lockptr(), let's just add code to enforce it at the same time as documenting it. This should also make everybody who wants to copy from the 8xx approach of supporting such unusual ways of mapping hugetlb folios aware that it gets tricky once multiple page tables are involved. Link: https://lkml.kernel.org/r/20240726150728.3159964-4-david@redhat.com Signed-off-by: David Hildenbrand Cc: Alexander Viro Cc: Borislav Petkov Cc: Boris Ostrovsky Cc: Christian Brauner Cc: Christophe Leroy Cc: Dave Hansen Cc: "H. Peter Anvin" Cc: Ingo Molnar Cc: Juergen Gross Cc: Michael Ellerman Cc: Mike Rapoport (Microsoft) Cc: Muchun Song Cc: "Naveen N. Rao" Cc: Nicholas Piggin Cc: Oscar Salvador Cc: Peter Xu Cc: Russell King Cc: Thomas Gleixner Signed-off-by: Andrew Morton commit 188cac58a8bcdf82c7f63275b68f7a46871e45d6 Author: David Hildenbrand Date: Fri Jul 26 17:07:27 2024 +0200 mm/hugetlb: enforce that PMD PT sharing has split PMD PT locks Sharing page tables between processes but falling back to per-MM page table locks cannot possibly work. So, let's make sure that we do have split PMD locks by adding a new Kconfig option and letting that depend on CONFIG_SPLIT_PMD_PTLOCKS. Link: https://lkml.kernel.org/r/20240726150728.3159964-3-david@redhat.com Signed-off-by: David Hildenbrand Acked-by: Mike Rapoport (Microsoft) Cc: Alexander Viro Cc: Borislav Petkov Cc: Boris Ostrovsky Cc: Christian Brauner Cc: Christophe Leroy Cc: Dave Hansen Cc: "H. Peter Anvin" Cc: Ingo Molnar Cc: Juergen Gross Cc: Michael Ellerman Cc: Muchun Song Cc: "Naveen N. Rao" Cc: Nicholas Piggin Cc: Oscar Salvador Cc: Peter Xu Cc: Russell King Cc: Thomas Gleixner Signed-off-by: Andrew Morton commit 394290cba9664ed3ab80d0e247402102a9b7287a Author: David Hildenbrand Date: Fri Jul 26 17:07:26 2024 +0200 mm: turn USE_SPLIT_PTE_PTLOCKS / USE_SPLIT_PTE_PTLOCKS into Kconfig options Patch series "mm: split PTE/PMD PT table Kconfig cleanups+clarifications". This series is a follow up to the fixes: "[PATCH v1 0/2] mm/hugetlb: fix hugetlb vs. core-mm PT locking" When working on the fixes, I wondered why 8xx is fine (-> never uses split PT locks) and how PT locking even works properly with PMD page table sharing (-> always requires split PMD PT locks). Let's improve the split PT lock detection, make hugetlb properly depend on it and make 8xx bail out if it would ever get enabled by accident. As an alternative to patch #3 we could extend the Kconfig SPLIT_PTE_PTLOCKS option from patch #2 -- but enforcing it closer to the code that actually implements it feels a bit nicer for documentation purposes, and there is no need to actually disable it because it should always be disabled (!SMP). Did a bunch of cross-compilations to make sure that split PTE/PMD PT locks are still getting used where we would expect them. [1] https://lkml.kernel.org/r/20240725183955.2268884-1-david@redhat.com This patch (of 3): Let's clean that up a bit and prepare for depending on CONFIG_SPLIT_PMD_PTLOCKS in other Kconfig options. More cleanups would be reasonable (like the arch-specific "depends on" for CONFIG_SPLIT_PTE_PTLOCKS), but we'll leave that for another day. Link: https://lkml.kernel.org/r/20240726150728.3159964-1-david@redhat.com Link: https://lkml.kernel.org/r/20240726150728.3159964-2-david@redhat.com Signed-off-by: David Hildenbrand Acked-by: Mike Rapoport (Microsoft) Reviewed-by: Russell King (Oracle) Reviewed-by: Qi Zheng Cc: Alexander Viro Cc: Borislav Petkov Cc: Boris Ostrovsky Cc: Christian Brauner Cc: Christophe Leroy Cc: Dave Hansen Cc: "H. Peter Anvin" Cc: Ingo Molnar Cc: Juergen Gross Cc: Michael Ellerman Cc: Muchun Song Cc: "Naveen N. Rao" Cc: Nicholas Piggin Cc: Oscar Salvador Cc: Peter Xu Cc: Thomas Gleixner Signed-off-by: Andrew Morton commit 57979fabff554bf4d1edeeee69251b22ca9bf55e Author: Roman Gushchin Date: Fri Jul 26 20:31:10 2024 +0000 mm: page_counters: initialize usage using ATOMIC_LONG_INIT() macro When a page_counter structure is initialized, there is no need to use an atomic set operation to initialize the usage counter because at this point the structure is not visible to anybody else. ATOMIC_LONG_INIT() is what should be used in such cases. Link: https://lkml.kernel.org/r/20240726203110.1577216-4-roman.gushchin@linux.dev Signed-off-by: Roman Gushchin Acked-by: Shakeel Butt Acked-by: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Signed-off-by: Andrew Morton commit 941ce635234162c420c9185816c59f7d5dd1ad07 Author: Roman Gushchin Date: Fri Jul 26 20:31:09 2024 +0000 mm: page_counters: put page_counter_calculate_protection() under CONFIG_MEMCG Put page_counter_calculate_protection() under CONFIG_MEMCG. The protection functionality (min/low limits) is not supported by any other cgroup subsystem, so page_counter_calculate_protection() and related static effective_protection() can be compiled out if CONFIG_MEMCG is not enabled. Link: https://lkml.kernel.org/r/20240726203110.1577216-3-roman.gushchin@linux.dev Signed-off-by: Roman Gushchin Acked-by: Shakeel Butt Acked-by: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Signed-off-by: Andrew Morton commit f77bd4b14ccfd38dfcfe67eecad517b8ec1b7f37 Author: Roman Gushchin Date: Fri Jul 26 20:31:08 2024 +0000 mm: memcg: don't call propagate_protected_usage() needlessly Patch series "mm: memcg: page counters optimizations", v3. This patchset contains 3 independent small optimizations of page counters. This patch (of 3): Memory protection (min/low) requires a constant tracking of protected memory usage. propagate_protected_usage() is called on each page counters update and does a number of operations even in cases when the actual memory protection functionality is not supported (e.g. hugetlb cgroups or memcg swap counters). It's obviously inefficient and leads to a waste of CPU cycles. It can be addressed by calling propagate_protected_usage() only for the counters which do support memory guarantees. As of now it's only memcg->memory - the unified memory memcg counter. Link: https://lkml.kernel.org/r/20240726203110.1577216-2-roman.gushchin@linux.dev Signed-off-by: Roman Gushchin Acked-by: Shakeel Butt Acked-by: Johannes Weiner Cc: Michal Hocko Cc: Muchun Song Signed-off-by: Andrew Morton commit 6c469957cd172c1bcea8c5b77bc711a245b0934f Author: Kefeng Wang Date: Thu Jul 25 10:16:43 2024 +0800 mm: hugetlb: remove left over comment about follow_huge_foo() The comment is useless after commit 57a196a58421 ("hugetlb: simplify hugetlb handling in follow_page_mask") since all follow_huge_foo() are killed. Link: https://lkml.kernel.org/r/20240725021643.1358536-1-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang Reviewed-by: David Hildenbrand Reviewed-by: Vishal Moola (Oracle) Cc: Muchun Song Signed-off-by: Andrew Morton commit e0b2fdb352b7991664b23ae5e15b537cd79a7820 Author: Pavel Tikhomirov Date: Thu Jul 25 12:12:16 2024 +0800 kmemleak-test: add percpu leak Add a per-CPU memory leak, which will be reported like: unreferenced object 0x3efa840195f8 (size 64): comm "modprobe", pid 4667, jiffies 4294688677 hex dump (first 32 bytes on cpu 0): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 0): [] pcpu_alloc+0x3df/0x840 [] kmemleak_test_init+0x2c9/0x2f0 [kmemleak_test] [] do_one_initcall+0x44/0x300 [] do_init_module+0x60/0x240 [] init_module_from_file+0x86/0xc0 [] idempotent_init_module+0x109/0x2a0 [] __x64_sys_finit_module+0x5a/0xb0 [] do_syscall_64+0x7a/0x160 [] entry_SYSCALL_64_after_hwframe+0x76/0x7e Link: https://lkml.kernel.org/r/20240725041223.872472-3-ptikhomirov@virtuozzo.com Signed-off-by: Pavel Tikhomirov Acked-by: Catalin Marinas Cc: Alexander Mikhalitsyn Cc: Chen Jun Cc: Wei Yongjun Signed-off-by: Andrew Morton commit 6c99d4eb7c5e0999349cdb9d824ea0ac450d0c8f Author: Pavel Tikhomirov Date: Thu Jul 25 12:12:15 2024 +0800 kmemleak: enable tracking for percpu pointers Patch series "kmemleak: support for percpu memory leak detect'. This is a rework of this series: https://lore.kernel.org/lkml/20200921020007.35803-1-chenjun102@huawei.com/ Originally I was investigating a percpu leak on our customer nodes and having this functionality was a huge help, which lead to this fix [1]. So probably it's a good idea to have it in mainstream too, especially as after [2] it became much easier to implement (we already have a separate tree for percpu pointers). [1] commit 0af8c09c89681 ("netfilter: x_tables: fix percpu counter block leak on error path when creating new netns") [2] commit 39042079a0c24 ("kmemleak: avoid RCU stalls when freeing metadata for per-CPU pointers") This patch (of 2): This basically does: - Add min_percpu_addr and max_percpu_addr to filter out unrelated data similar to min_addr and max_addr; - Set min_count for percpu pointers to 1 to start tracking them; - Calculate checksum of percpu area as xor of crc32 for each cpu; - Split pointer lookup and update refs code into separate helper and use it twice: once as if the pointer is a virtual pointer and once as if it's percpu. [ptikhomirov@virtuozzo.com: v2] Link: https://lkml.kernel.org/r/20240731025526.157529-2-ptikhomirov@virtuozzo.com Link: https://lkml.kernel.org/r/20240725041223.872472-1-ptikhomirov@virtuozzo.com Link: https://lkml.kernel.org/r/20240725041223.872472-2-ptikhomirov@virtuozzo.com Signed-off-by: Pavel Tikhomirov Reviewed-by: Catalin Marinas Cc: Wei Yongjun Cc: Chen Jun Cc: Alexander Mikhalitsyn Signed-off-by: Andrew Morton commit fbe76a6557a83af5ef3819fd7b7ffd0a5d3b4e51 Author: Pasha Tatashin Date: Wed Jul 24 20:33:22 2024 +0000 task_stack: uninline stack_not_used Given that stack_not_used() is not performance critical function uninline it. Link: https://lkml.kernel.org/r/20240730150158.832783-4-pasha.tatashin@soleen.com Link: https://lkml.kernel.org/r/20240724203322.2765486-4-pasha.tatashin@soleen.com Signed-off-by: Pasha Tatashin Acked-by: Shakeel Butt Cc: Domenico Cerasuolo Cc: Kent Overstreet Cc: Li Zhijian Cc: Matthew Wilcox Cc: Nhat Pham Cc: Peter Zijlstra Cc: Suren Baghdasaryan Cc: Vlastimil Babka Cc: Zi Yan Signed-off-by: Andrew Morton commit c4a6fce85640beb4f79e8217272d1ef79839cc17 Author: Pasha Tatashin Date: Wed Jul 24 20:33:21 2024 +0000 vmstat: kernel stack usage histogram As part of the dynamic kernel stack project, we need to know the amount of data that can be saved by reducing the default kernel stack size [1]. Provide a kernel stack usage histogram to aid in optimizing kernel stack sizes and minimizing memory waste in large-scale environments. The histogram divides stack usage into power-of-two buckets and reports the results in /proc/vmstat. This information is especially valuable in environments with millions of machines, where even small optimizations can have a significant impact. The histogram data is presented in /proc/vmstat with entries like "kstack_1k", "kstack_2k", and so on, indicating the number of threads that exited with stack usage falling within each respective bucket. Example outputs: Intel: $ grep kstack /proc/vmstat kstack_1k 3 kstack_2k 188 kstack_4k 11391 kstack_8k 243 kstack_16k 0 ARM with 64K page_size: $ grep kstack /proc/vmstat kstack_1k 1 kstack_2k 340 kstack_4k 25212 kstack_8k 1659 kstack_16k 0 kstack_32k 0 kstack_64k 0 Note: once the dynamic kernel stack is implemented it will depend on the implementation the usability of this feature: On hardware that supports faults on kernel stacks, we will have other metrics that show the total number of pages allocated for stacks. On hardware where faults are not supported, we will most likely have some optimization where only some threads are extended, and for those, these metrics will still be very useful. [1] https://lwn.net/Articles/974367 Link: https://lkml.kernel.org/r/20240730150158.832783-3-pasha.tatashin@soleen.com Link: https://lkml.kernel.org/r/20240724203322.2765486-3-pasha.tatashin@soleen.com Signed-off-by: Pasha Tatashin Reviewed-by: Kent Overstreet Acked-by: Shakeel Butt Cc: Domenico Cerasuolo Cc: Li Zhijian Cc: Matthew Wilcox Cc: Nhat Pham Cc: Peter Zijlstra Cc: Suren Baghdasaryan Cc: Vlastimil Babka Cc: Zi Yan Signed-off-by: Andrew Morton commit 9db298a439f2be7b32d48c83c3349df62256ef3a Author: Shakeel Butt Date: Wed Jul 24 20:33:20 2024 +0000 memcg: increase the valid index range for memcg stats Patch series "Kernel stack usage histogram", v6. Provide histogram of stack sizes for the exited threads: Example outputs: Intel: $ grep kstack /proc/vmstat kstack_1k 3 kstack_2k 188 kstack_4k 11391 kstack_8k 243 kstack_16k 0 ARM with 64K page_size: $ grep kstack /proc/vmstat kstack_1k 1 kstack_2k 340 kstack_4k 25212 kstack_8k 1659 kstack_16k 0 kstack_32k 0 kstack_64k 0 This patch (of 3): At the moment the valid index for the indirection tables for memcg stats and events is < S8_MAX. These indirection tables are used in performance critical codepaths. With the latest addition to the vm_events, the NR_VM_EVENT_ITEMS has gone over S8_MAX. One way to resolve is to increase the entry size of the indirection table from int8_t to int16_t but this will increase the potential number of cachelines needed to access the indirection table. This patch took a different approach and make the valid index < U8_MAX. In this way the size of the indirection tables will remain same and we only need to invalid index check from less than 0 to equal to U8_MAX. In this approach we have also removed a subtraction from the performance critical codepaths. [pasha.tatashin@soleen.com: v6] Link: https://lkml.kernel.org/r/20240730150158.832783-1-pasha.tatashin@soleen.com Link: https://lkml.kernel.org/r/20240724203322.2765486-1-pasha.tatashin@soleen.com Link: https://lkml.kernel.org/r/20240724203322.2765486-2-pasha.tatashin@soleen.com Signed-off-by: Shakeel Butt Co-developed-by: Pasha Tatashin Signed-off-by: Pasha Tatashin Cc: Domenico Cerasuolo Cc: Kent Overstreet Cc: Li Zhijian Cc: Matthew Wilcox Cc: Nhat Pham Cc: Peter Zijlstra Cc: Suren Baghdasaryan Cc: Vlastimil Babka Cc: Zi Yan Signed-off-by: Andrew Morton commit c495b97624d0c059b0403e26dadb166d69918409 Author: Zhiguo Jiang Date: Wed Jul 10 16:36:41 2024 +0800 mm: shrink skip folio mapped by an exiting process The releasing process of the non-shared anonymous folio mapped solely by an exiting process may go through two flows: 1) the anonymous folio is firstly is swaped-out into swapspace and transformed into a swp_entry in shrink_folio_list; 2) then the swp_entry is released in the process exiting flow. This will result in the high cpu load of releasing a non-shared anonymous folio mapped solely by an exiting process. When the low system memory and the exiting process exist at the same time, it will be likely to happen, because the non-shared anonymous folio mapped solely by an exiting process may be reclaimed by shrink_folio_list. This patch is that shrink skips the non-shared anonymous folio solely mapped by an exting process and this folio is only released directly in the process exiting flow, which will save swap-out time and alleviate the load of the process exiting. Barry provided some effectiveness testing in [1]. "I observed that this patch effectively skipped 6114 folios (either 4KB or 64KB mTHP), potentially reducing the swap-out by up to 92MB (97,300,480 bytes) during the process exit. The working set size is 256MB." Link: https://lkml.kernel.org/r/20240710083641.546-1-justinjiang@vivo.com Link: https://lore.kernel.org/linux-mm/20240710033212.36497-1-21cnbao@gmail.com/ [1] Signed-off-by: Zhiguo Jiang Acked-by: Barry Song Cc: David Hildenbrand Cc: Matthew Wilcox Signed-off-by: Andrew Morton commit afb6d780b9b17914ba720088dac2bfa2505f36c8 Author: Yu Zhao Date: Wed Jul 10 20:13:17 2024 -0600 mm/swap: remove boilerplate Remove boilerplate by using a macro to choose the corresponding lock and handler for each folio_batch in cpu_fbatches. [yuzhao@google.com: handle zero-length local_lock_t] Link: https://lkml.kernel.org/r/Zq_0X04WsqgUnz30@google.com [yuzhao@google.com: fix "BUG: using smp_processor_id() in preemptible"] Link: https://lkml.kernel.org/r/ZqNHHMiHn-9vy_II@google.com Link: https://lkml.kernel.org/r/20240711021317.596178-6-yuzhao@google.com Signed-off-by: Yu Zhao Tested-by: Hugh Dickins Cc: Barry Song <21cnbao@gmail.com> Signed-off-by: Andrew Morton commit bed71b50b0c2dc38c5e94c84dd660add2d1609e0 Author: Yu Zhao Date: Wed Jul 10 20:13:16 2024 -0600 mm/swap: remove remaining _fn suffix Remove remaining _fn suffix from cpu_fbatches handlers, which are already self-explanatory. Link: https://lkml.kernel.org/r/20240711021317.596178-5-yuzhao@google.com Signed-off-by: Yu Zhao Signed-off-by: Andrew Morton commit 2f52c77128b1f96b23c987a25dfc2f459634cc07 Author: Yu Zhao Date: Wed Jul 10 20:13:15 2024 -0600 mm/swap: fold lru_rotate into cpu_fbatches Fold lru_rotate into cpu_fbatches, and rename the folio_batch and the lock protecting it to lru_move_tail and lock_irq respectively so that all the boilerplate can be removed at the end of this series. Also remove data_race() around folio_batch_count(), which is out of place: all folio_batch_count() calls on remote cpu_fbatches are subject to data_race(), and therefore data_race() should be inside folio_batch_count(). Link: https://lkml.kernel.org/r/20240711021317.596178-4-yuzhao@google.com Signed-off-by: Yu Zhao Signed-off-by: Andrew Morton commit 380d70549301a3ae6cf5f4ac90d62f648f516ff7 Author: Yu Zhao Date: Wed Jul 10 20:13:14 2024 -0600 mm/swap: rename cpu_fbatches->activate Rename cpu_fbatches->activate to cpu_fbatches->lru_activate, and its handler folio_activate_fn() to lru_activate() so that all the boilerplate can be removed at the end of this series. Link: https://lkml.kernel.org/r/20240711021317.596178-3-yuzhao@google.com Signed-off-by: Yu Zhao Signed-off-by: Andrew Morton commit b03484c2a7a260cafe1bb1cb65cbcf66f2c4b0eb Author: Yu Zhao Date: Wed Jul 10 20:13:13 2024 -0600 mm/swap: reduce indentation level Patch series "mm/swap: remove boilerplate". This patch (of 5): Use folio_activate() as an example: Before this series ------------------ if (!folio_test_active(folio) && !folio_test_unevictable(folio)) { struct folio_batch *fbatch; folio_get(folio); if (!folio_test_clear_lru(folio)) { folio_put(folio); return; } local_lock(&cpu_fbatches.lock); fbatch = this_cpu_ptr(&cpu_fbatches.activate); folio_batch_add_and_move(fbatch, folio, folio_activate_fn); local_unlock(&cpu_fbatches.lock); } } After this series ----------------- void folio_activate(struct folio *folio) { if (folio_test_active(folio) || folio_test_unevictable(folio)) return; folio_batch_add_and_move(folio, lru_activate, true); } And this is applied to all 6 folio_batch handlers in mm/swap.c. bloat-o-meter ------------- add/remove: 12/13 grow/shrink: 3/2 up/down: 4653/-4721 (-68) ... Total: Before=28083019, After=28082951, chg -0.00% This patch (of 5): Reduce indentation level by returning directly when there is no cleanup needed, i.e., if (condition) { | if (condition) { do_this(); | do_this(); return; | return; } else { | } do_that(); | } | do_that(); and if (condition) { | if (!condition) do_this(); | return; do_that(); | } | do_this(); return; | do_that(); Presumably the old style became repetitive as the result of copy and paste. Link: https://lkml.kernel.org/r/20240711021317.596178-1-yuzhao@google.com Link: https://lkml.kernel.org/r/20240711021317.596178-2-yuzhao@google.com Signed-off-by: Yu Zhao Signed-off-by: Andrew Morton commit ac59a1f0146f46bad7d5f8d1b20756ece43122ec Author: Zi Yan Date: Wed Jul 24 09:01:15 2024 -0400 memory tiering: count PGPROMOTE_SUCCESS when mem tiering is enabled. memory tiering can be enabled/disabled at runtime and sysctl_numa_balancing_mode & NUMA_BALANCING_MEMORY_TIERING is used to check it. In migrate_misplaced_folio(), the check is missing when PGPROMOTE_SUCCESS is incremented. Add the missing check. Link: https://lkml.kernel.org/r/20240724130115.793641-4-ziy@nvidia.com Fixes: 33024536bafd ("memory tiering: hot page selection with hint page fault latency") Reported-by: Kefeng Wang Closes: https://lore.kernel.org/linux-mm/f4ae2c9c-fe40-4807-bdb2-64cf2d716c1a@huawei.com/ Signed-off-by: Zi Yan Acked-by: David Hildenbrand Reviewed-by: Kefeng Wang Cc: Baolin Wang Cc: "Huang, Ying" Cc: Lorenzo Stoakes Signed-off-by: Andrew Morton commit 2a28713a67fd28eedc13b32300df6b9c5a2381f5 Author: Zi Yan Date: Wed Jul 24 09:01:14 2024 -0400 memory tiering: introduce folio_use_access_time() check If memory tiering mode is on and a folio is not in the top tier memory, folio's cpupid field is repurposed to store page access time. Instead of an open coded check, use a function to encapsulate the check. Link: https://lkml.kernel.org/r/20240724130115.793641-3-ziy@nvidia.com Signed-off-by: Zi Yan Reviewed-by: "Huang, Ying" Acked-by: David Hildenbrand Reviewed-by: Kefeng Wang Cc: Baolin Wang Cc: Lorenzo Stoakes Signed-off-by: Andrew Morton commit 3eb2091c653480e02e9c2a114c4725ec654bca63 Author: Zi Yan Date: Wed Jul 24 09:01:13 2024 -0400 memory tiering: read last_cpupid correctly in do_huge_pmd_numa_page() Patch series "Various memory tiering fixes", v3. This patch (of 3): last_cpupid is only available when memory tiering is off or the folio is in toptier node. Complete the check to read last_cpupid when it is available. Before the fix, the default last_cpupid will be used even if memory tiering mode is turned off at runtime instead of the actual value. This can prevent task_numa_fault() from getting right numa fault stats, but should not cause any crash. User might see performance changes after the fix. Link: https://lkml.kernel.org/r/20240724130115.793641-1-ziy@nvidia.com Link: https://lkml.kernel.org/r/20240724130115.793641-2-ziy@nvidia.com Fixes: 33024536bafd ("memory tiering: hot page selection with hint page fault latency") Signed-off-by: Zi Yan Reported-by: David Hildenbrand Closes: https://lore.kernel.org/linux-mm/9af34a6b-ca56-4a64-8aa6-ade65f109288@redhat.com/ Reviewed-by: "Huang, Ying" Reviewed-by: Baolin Wang Acked-by: David Hildenbrand Reviewed-by: Kefeng Wang Cc: Lorenzo Stoakes Signed-off-by: Andrew Morton commit d2539ed7ee3b042e4503c304603d0eaa50c9c476 Author: Barry Song Date: Wed Jul 24 14:00:56 2024 +1200 mm: extend 'usage' parameter so that cluster_swap_free_nr() can be reused Extend a usage parameter so that cluster_swap_free_nr() can be reused by both swapcache_clear() and swap_free(). __swap_entry_free() is quite similar but more tricky as it requires the return value of __swap_entry_free_locked() which cluster_swap_free_nr() doesn't support. Link: https://lkml.kernel.org/r/20240724020056.65838-1-21cnbao@gmail.com Signed-off-by: Barry Song Reviewed-by: Ryan Roberts Acked-by: Chris Li Cc: "Huang, Ying" Cc: Kairui Song Cc: David Hildenbrand Cc: Chuanhua Han Signed-off-by: Andrew Morton commit 4fd568faf6e7e21f206cd66dd4fca9a72e7d922c Author: Muchun Song Date: Thu Jul 18 17:18:21 2024 +0800 mm: kmem: remove mem_cgroup_from_obj() There is no user of mem_cgroup_from_obj(), remove it. Link: https://lkml.kernel.org/r/20240718091821.44740-1-songmuchun@bytedance.com Signed-off-by: Muchun Song Acked-by: Shakeel Butt Acked-by: Roman Gushchin Cc: Johannes Weiner Cc: Michal Hocko Signed-off-by: Andrew Morton commit dc21e70079ffcc4b8f14603cdd120713f0400dd3 Author: Josef Bacik Date: Thu Jul 18 17:26:07 2024 -0400 mm: remove foll_flags in __get_user_pages Now that we're not passing around a pointer to the flags, there's no reason to have an extra variable for the gup_flags, simply pass the gup_flags directly everywhere. Link: https://lkml.kernel.org/r/1e79b84bd30287cc9847f2aeb002374e6e60a10f.1721337845.git.josef@toxicpanda.com Signed-off-by: Josef Bacik Acked-by: David Hildenbrand Signed-off-by: Andrew Morton commit 478729533edaa6700ba681b7a71e43715ffe6ccb Author: Josef Bacik Date: Thu Jul 18 17:26:06 2024 -0400 mm: cleanup flags usage in faultin_page Patch series "mm: some small page fault cleanups". I was recently wreaking havoc in the page fault code and I noticed some things that could be cleaned up. We no longer modify the gup flags in faultin_page, so we can clean up how we pass the flags in and remove the extra variable in __get_user_pages. This patch (of 2): We're passing a pointer to the foll_flags for faultin_page, however we never modify the flags in this call. Change this to just take the flags value instead. Link: https://lkml.kernel.org/r/2df51a54c06bdf93e1cb09a19a9ef1df6557b59e.1721337845.git.josef@toxicpanda.com Signed-off-by: Josef Bacik Acked-by: David Hildenbrand Signed-off-by: Andrew Morton commit c39542732a3d84e851a0ab8ff3106ed3138174a0 Author: Peng Hao Date: Tue Jul 23 11:55:13 2024 +0800 mm/damon/lru_sort: adjust local variable to dynamic allocation When KASAN is enabled and built with clang: mm/damon/lru_sort.c:199:12: error: stack frame size (2328) exceeds limit (2048) in 'damon_lru_sort_apply_parameters' [-Werror,-Wframe-larger-than] static int damon_lru_sort_apply_parameters(void) ^ 1 error generated. This is because damon_lru_sort_quota contains a large array, and assigning this variable to a local variable causes a large amount of stack space to be occupied. So adjust local variable to dynamic allocation. Link: https://lkml.kernel.org/r/20240723035513.20153-1-flyingpeng@tencent.com Signed-off-by: Peng Hao Reviewed-by: SeongJae Park Signed-off-by: Andrew Morton commit c2a967f6ab0ec896648c0497d3dc15d8f136b148 Author: Yu Zhao Date: Thu Jul 18 22:25:03 2024 -0600 mm/hugetlb_vmemmap: don't synchronize_rcu() without HVO hugetlb_vmemmap_optimize_folio() and hugetlb_vmemmap_restore_folio() are wrappers meant to be called regardless of whether HVO is enabled. Therefore, they should not call synchronize_rcu(). Otherwise, it regresses use cases not enabling HVO. So move synchronize_rcu() to __hugetlb_vmemmap_optimize_folio() and __hugetlb_vmemmap_restore_folio(), and call it once for each batch of folios when HVO is enabled. Link: https://lkml.kernel.org/r/20240719042503.2752316-1-yuzhao@google.com Fixes: bd225530a4c7 ("mm/hugetlb_vmemmap: fix race with speculative PFN walkers") Signed-off-by: Yu Zhao Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202407091001.1250ad4a-oliver.sang@intel.com Reported-by: Janosch Frank Tested-by: Marc Hartmayer Acked-by: Muchun Song Signed-off-by: Andrew Morton commit 9eace7e8e60c3ac821c417bd3f3aa5949e58a57a Author: Carlos Maiolino Date: Wed Jul 17 08:37:27 2024 +0200 shmem_quota: build the object file conditionally to the config option Initially I added shmem-quota to obj-y, move it to the correct place and remove the unneeded full file #ifdef Link: https://lkml.kernel.org/r/20240717063737.910840-1-cem@kernel.org Signed-off-by: Carlos Maiolino Suggested-by: Aristeu Rozanski Reviewed-by: Jan Kara Cc: Christian Brauner Cc: Hugh Dickins Signed-off-by: Andrew Morton commit fcb4824b264058f9ee1ac2aa6b7155468978fde6 Author: Valdis Kletnieks Date: Sat Jul 13 02:59:50 2024 -0400 mm: fix typo in Kconfig Fix typo in Kconfig help Link: https://lkml.kernel.org/r/78656.1720853990@turing-police Fixes: e93d4166b40a ("mm: memcg: put cgroup v1-specific code under a config option") Signed-off-by: Valdis Kletnieks Acked-by: Roman Gushchin Cc: Johannes Weiner Cc: Matthew Wilcox (Oracle) Cc: Muchun Song Signed-off-by: Andrew Morton commit 6beeab870e70b2d4f49baf6c6be9da1b61c169f8 Author: Baolin Wang Date: Mon Jul 22 13:43:19 2024 +0800 mm: shmem: move shmem_huge_global_enabled() into shmem_allowable_huge_orders() Move shmem_huge_global_enabled() into shmem_allowable_huge_orders(), so that shmem_allowable_huge_orders() can also help to find the allowable huge orders for tmpfs. Moreover the shmem_huge_global_enabled() can become static. While we are at it, passing the vma instead of mm for shmem_huge_global_enabled() makes code cleaner. No functional changes. Link: https://lkml.kernel.org/r/8e825146bb29ee1a1c7bd64d2968ff3e19be7815.1721626645.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Reviewed-by: Ryan Roberts Acked-by: David Hildenbrand Cc: Barry Song <21cnbao@gmail.com> Cc: Hugh Dickins Cc: Lance Yang Cc: Matthew Wilcox (Oracle) Cc: Zi Yan Signed-off-by: Andrew Morton commit d58a2a581f132529eefac5377676011562b631b8 Author: Baolin Wang Date: Mon Jul 22 13:43:18 2024 +0800 mm: shmem: rename shmem_is_huge() to shmem_huge_global_enabled() shmem_is_huge() is now used to check if the top-level huge page is enabled, thus rename it to reflect its usage. Link: https://lkml.kernel.org/r/da53296e0ab6359aa083561d9dc01e4223d60fbe.1721626645.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Reviewed-by: Ryan Roberts Acked-by: David Hildenbrand Cc: Barry Song <21cnbao@gmail.com> Cc: Hugh Dickins Cc: Lance Yang Cc: Matthew Wilcox (Oracle) Cc: Zi Yan Signed-off-by: Andrew Morton commit 0bedf001e359368badbdefe722162ed4dd33e296 Author: Baolin Wang Date: Mon Jul 22 13:43:17 2024 +0800 mm: shmem: simplify the suitable huge orders validation for tmpfs Patch series "Some cleanups for shmem", v3. This series does some cleanups to reuse code, rename functions and simplify logic to make code more clear. No functional changes are expected. This patch (of 3): Move the suitable huge orders validation into shmem_suitable_orders() for tmpfs, which can reuse some code to simplify the logic. In addition, we don't have special handling for the error code -E2BIG when checking for conflicts with PMD sized THP in the pagecache for tmpfs, instead, it will just fallback to order-0 allocations like this patch does, so this simplification will not add functional changes. Link: https://lkml.kernel.org/r/cover.1721626645.git.baolin.wang@linux.alibaba.com Link: https://lkml.kernel.org/r/965985dd6d322929d78a0beee0dafa1c2a1b81e2.1721626645.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang Reviewed-by: Ryan Roberts Acked-by: David Hildenbrand Cc: Barry Song <21cnbao@gmail.com> Cc: Hugh Dickins Cc: Lance Yang Cc: Matthew Wilcox (Oracle) Cc: Zi Yan Signed-off-by: Andrew Morton commit 590b9d576caec6b4c46bba49ed36223a399c3fc5 Author: Danilo Krummrich Date: Mon Jul 22 18:29:24 2024 +0200 mm: kvmalloc: align kvrealloc() with krealloc() Besides the obvious (and desired) difference between krealloc() and kvrealloc(), there is some inconsistency in their function signatures and behavior: - krealloc() frees the memory when the requested size is zero, whereas kvrealloc() simply returns a pointer to the existing allocation. - krealloc() behaves like kmalloc() if a NULL pointer is passed, whereas kvrealloc() does not accept a NULL pointer at all and, if passed, would fault instead. - krealloc() is self-contained, whereas kvrealloc() relies on the caller to provide the size of the previous allocation. Inconsistent behavior throughout allocation APIs is error prone, hence make kvrealloc() behave like krealloc(), which seems superior in all mentioned aspects. Besides that, implementing kvrealloc() by making use of krealloc() and vrealloc() provides oppertunities to grow (and shrink) allocations more efficiently. For instance, vrealloc() can be optimized to allocate and map additional pages to grow the allocation or unmap and free unused pages to shrink the allocation. [dakr@kernel.org: document concurrency restrictions] Link: https://lkml.kernel.org/r/20240725125442.4957-1-dakr@kernel.org [dakr@kernel.org: disable KASAN when switching to vmalloc] Link: https://lkml.kernel.org/r/20240730185049.6244-2-dakr@kernel.org [dakr@kernel.org: properly document __GFP_ZERO behavior] Link: https://lkml.kernel.org/r/20240730185049.6244-5-dakr@kernel.org Link: https://lkml.kernel.org/r/20240722163111.4766-3-dakr@kernel.org Signed-off-by: Danilo Krummrich Acked-by: Michal Hocko Acked-by: Vlastimil Babka Cc: Chandan Babu R Cc: Christian König Cc: Christoph Hellwig Cc: Christoph Lameter Cc: David Rientjes Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Joonsoo Kim Cc: Kees Cook Cc: Marc Zyngier Cc: Michael Ellerman Cc: Miguel Ojeda Cc: Oliver Upton Cc: Pekka Enberg Cc: Roman Gushchin Cc: Uladzislau Rezki Cc: Wedson Almeida Filho Signed-off-by: Andrew Morton commit 3ddc2fefe6f34ec870fcb22f4cd656e53db079f2 Author: Danilo Krummrich Date: Mon Jul 22 18:29:23 2024 +0200 mm: vmalloc: implement vrealloc() Patch series "Align kvrealloc() with krealloc()", v2. Besides the obvious (and desired) difference between krealloc() and kvrealloc(), there is some inconsistency in their function signatures and behavior: - krealloc() frees the memory when the requested size is zero, whereas kvrealloc() simply returns a pointer to the existing allocation. - krealloc() behaves like kmalloc() if a NULL pointer is passed, whereas kvrealloc() does not accept a NULL pointer at all and, if passed, would fault instead. - krealloc() is self-contained, whereas kvrealloc() relies on the caller to provide the size of the previous allocation. Inconsistent behavior throughout allocation APIs is error prone, hence make kvrealloc() behave like krealloc(), which seems superior in all mentioned aspects. In order to be able to get rid of kvrealloc()'s oldsize parameter, introduce vrealloc() and make use of it in kvrealloc(). Making use of vrealloc() in kvrealloc() also provides oppertunities to grow (and shrink) allocations more efficiently. For instance, vrealloc() can be optimized to allocate and map additional pages to grow the allocation or unmap and free unused pages to shrink the allocation. Besides the above, those functions are required by Rust's allocator abstractons [1] (rework based on this series in [2]). With `Vec` or `KVec` respectively, potentially growing (and shrinking) data structures are rather common. [1] https://lore.kernel.org/lkml/20240704170738.3621-1-dakr@redhat.com/ [2] https://git.kernel.org/pub/scm/linux/kernel/git/dakr/linux.git/log/?h=rust/mm This patch (of 2): Implement vrealloc() analogous to krealloc(). Currently, krealloc() requires the caller to pass the size of the previous memory allocation, which, instead, should be self-contained. We attempt to fix this in a subsequent patch which, in order to do so, requires vrealloc(). Besides that, we need realloc() functions for kernel allocators in Rust too. With `Vec` or `KVec` respectively, potentially growing (and shrinking) data structures are rather common. [dakr@kernel.org: fix missing nommu implementation] Link: https://lkml.kernel.org/r/20240725141227.13954-1-dakr@kernel.org [dakr@kernel.org: document concurrency restrictions] Link: https://lkml.kernel.org/r/20240725125442.4957-1-dakr@kernel.org [dakr@kernel.org: consider spare memory for __GFP_ZERO] Link: https://lkml.kernel.org/r/20240730185049.6244-3-dakr@kernel.org [dakr@kernel.org: properly document __GFP_ZERO behavior] Link: https://lkml.kernel.org/r/20240730185049.6244-4-dakr@kernel.org Link: https://lkml.kernel.org/r/20240722163111.4766-1-dakr@kernel.org Link: https://lkml.kernel.org/r/20240722163111.4766-2-dakr@kernel.org Signed-off-by: Danilo Krummrich Acked-by: Michal Hocko Acked-by: Vlastimil Babka Cc: Chandan Babu R Cc: Christian König Cc: Christoph Hellwig Cc: Christoph Lameter Cc: David Rientjes Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Joonsoo Kim Cc: Kees Cook Cc: Marc Zyngier Cc: Michael Ellerman Cc: Miguel Ojeda Cc: Oliver Upton Cc: Pekka Enberg Cc: Roman Gushchin Cc: Uladzislau Rezki Cc: Wedson Almeida Filho Signed-off-by: Andrew Morton commit 5fe690a5946442f7f2d08448341dd621367f80bc Author: Matthew Cassell Date: Mon Jul 22 17:13:16 2024 +0000 mm: add node_reclaim successes to VM event counters /proc/vmstat currently shows the number of node_reclaim() failures when vm.zone_reclaim_mode is set appropriately. It would be convenient to have the number of successes right next to zone_reclaim_failed (similar to compaction and migration). While just a trivially addition to the vmstat file. It was helpful during benchmarking to not have to probe node_reclaim() to observe the success/failure ratio. Link: https://lkml.kernel.org/r/20240722171316.7517-1-mcassell411@gmail.com Signed-off-by: Matthew Cassell Cc: Domenico Cerasuolo Cc: "Huang, Ying" Cc: Li Zhijian Cc: Yosry Ahmed Signed-off-by: Andrew Morton commit 30ce797d4654015c179a8909ef6945f0c0d64e7e Author: Chin-Yen Lee Date: Mon Aug 26 17:04:39 2024 +0800 wifi: rtw89: wow: add scan interval option for net-detect The scan interval option is the period in unit of second for WoWLAN firmware to do each scan. We get the option from cfg80211 and practice it. If the interval is too short for firmware to finish one scan, the firmware will start next scan immediately after finishing one and the WiFi chip could never enter idle mode to reduce power consumption. Signed-off-by: Chin-Yen Lee Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240826090439.17242-5-pkshih@realtek.com commit 1de40069417e0f2b9779eb4781fb4852f3d87680 Author: Chin-Yen Lee Date: Mon Aug 26 17:04:38 2024 +0800 wifi: rtw89: wow: add net-detect support for 8922ae Enable net-detect in WoWLAN stub of 8922a, and declare net-detect support up to 8 SSIDs. Signed-off-by: Chin-Yen Lee Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240826090439.17242-4-pkshih@realtek.com commit f6409a8a0aab2ffc5df5ecbd0e73c9be1f84af4e Author: Chin-Yen Lee Date: Mon Aug 26 17:04:37 2024 +0800 wifi: rtw89: wow: add wait for H2C of FW-IPS mode The C2H packet of FW-IPS mode is not handled by driver in the suspend flow, and lead to WoWLAN firmware fail to enter PS mode and even some SER happen. So add wait function for H2C of FW-IPS mode to check driver handle the C2H packet before disabling interrupt and make the net-detect function work fine. Signed-off-by: Chin-Yen Lee Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240826090439.17242-3-pkshih@realtek.com commit d9dd3ac77cf7cabd35732893f3aefba1daa1c2e1 Author: Zong-Zhe Yang Date: Mon Aug 26 17:04:36 2024 +0800 wifi: rtw89: wow: fix wait condition for AOAC report request Each condition binding to the same wait should be unique. AOAC code misused the wait of FW offload series and broke the above rule. It added another macro to generate wait condition of WoWLAN/AOAC, but the results conflict to the ones of FW offload series. It means that we might be completed wrongly in logic. We don't want things work/read like this and should have avoided this. Fix this by adding another wait which aims for WoWLAN functions. Fixes: ff53fce5c78b ("wifi: rtw89: wow: update latest PTK GTK info to mac80211 after resume") Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240826090439.17242-2-pkshih@realtek.com commit fa1823d4e2ebf05ffe000887c57c40d6f089ee25 Author: Thomas Bonnefille Date: Thu Jul 11 12:01:29 2024 +0200 dt-bindings: riscv: Add Sipeed LicheeRV Nano board compatibles Document the compatible strings for the Sipeed LicheeRV Nano B board which uses the SOPHGO SG2002 SoC. Signed-off-by: Thomas Bonnefille Acked-by: Conor Dooley Reviewed-by: Inochi Amaoto Link: https://lore.kernel.org/r/20240711-sg2002-v4-2-d97ec2367095@bootlin.com Signed-off-by: Inochi Amaoto Signed-off-by: Chen Wang commit 747d99c586fd35ce1a1a63a0fe7a78edd9a45370 Author: Thomas Bonnefille Date: Thu Jul 11 12:01:28 2024 +0200 dt-bindings: interrupt-controller: Add SOPHGO SG2002 plic Add compatible string for SOPHGO SG2002 Platform-Level Interruter Controller. Signed-off-by: Thomas Bonnefille Acked-by: Conor Dooley Link: https://wiki.sipeed.com/hardware/en/lichee/RV_Nano/1_intro.html [1] Reviewed-by: Inochi Amaoto Link: https://lore.kernel.org/r/20240711-sg2002-v4-1-d97ec2367095@bootlin.com Signed-off-by: Inochi Amaoto Signed-off-by: Chen Wang commit 902cb7b11f9a7ff07233cc4c626b54c3e4703149 Author: Ping-Ke Shih Date: Mon Aug 19 10:52:48 2024 +0800 wifi: rtw88: assign mac_id for vif/sta and update to TX desc A mac_id as an instance in firmware has to be assigned for each station including AP and connected stations. Firmware will use the mac_id to control TX rate and do statistics. Assignment rule is to assign mac_id to each vif when adding vif. For station mode, sta->mac_id will reuse vif->mac_id. For AP mode, dynamically allocate an sta->mac_id to a station, and vif->mac_id is used to send broadcast/multicast packets which are not belong to a station. For example, vif->mac_id sta->mac_id vif0 (STA mode) 0 0 vif1 (AP mode) 1 2... By the way, remove unused RTW_BC_MC_MACID, which was planed to send broadcast/multicast packets on fixed mac_id. Tested-on RTL8822CE with STA + AP SCC mode. Link: https://lore.kernel.org/linux-wireless/e4be0a75-43b2-4ae5-9aab-5c4a88e78097@gmail.com/ Cc: Bitterblue Smith Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240819025248.17939-1-pkshih@realtek.com commit faa2e484b393c56bc1243dca6676a70bc485f775 Author: Bitterblue Smith Date: Wed Aug 21 16:11:03 2024 +0300 wifi: rtw88: Fix USB/SDIO devices not transmitting beacons All USB devices supported by rtw88 have the same problem: they don't transmit beacons in AP mode. (Some?) SDIO devices are also affected. The cause appears to be clearing BIT_EN_BCNQ_DL of REG_FWHW_TXQ_CTRL before uploading the beacon reserved page, so don't clear the bit for USB and SDIO devices. Tested with RTL8811CU and RTL8723DU. Cc: # 6.6.x Signed-off-by: Bitterblue Smith Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/49de73b5-698f-4865-ab63-100e28dfc4a1@gmail.com commit 585dcb21ccba946237ec33f3d1733cf2ce2a0ffd Author: Inochi Amaoto Date: Sat Aug 17 10:22:58 2024 +0800 riscv: dts: sophgo: Add mcu device for Milk-V Pioneer Add mcu device and thermal zones node for Milk-V Pioneer. Tested-by: Chen Wang Reviewed-by: Chen Wang Link: https://lore.kernel.org/r/IA1PR20MB4953C675C28B35723E87A36BBB822@IA1PR20MB4953.namprd20.prod.outlook.com Signed-off-by: Inochi Amaoto Signed-off-by: Chen Wang commit a508d794f86ea67d371f89cc20800c656e490aac Author: Chen Wang Date: Mon Aug 19 16:08:51 2024 +0800 riscv: sophgo: dts: add gpio controllers for SG2042 SoC Add support for the GPIO controller of Sophgo SG2042. SG2042 uses IP from Synopsys DesignWare APB GPIO and has three GPIO controllers. Signed-off-by: Chen Wang Link: https://lore.kernel.org/r/20240819080851.1954691-1-unicornxw@gmail.com Signed-off-by: Inochi Amaoto commit 014b839f79dc9d7a2ff94679703597f4777654f1 Author: Chen Wang Date: Mon Aug 5 17:19:43 2024 +0800 riscv: sophgo: dts: add mmc controllers for SG2042 SoC SG2042 has two MMC controller, one for emmc, another for sd-card. Signed-off-by: Chen Wang Link: https://lore.kernel.org/r/03ac9ec9c23bbe4c3b30271e76537bdbe5638665.1722847198.git.unicorn_wang@outlook.com Signed-off-by: Inochi Amaoto commit c8eb04aecdd4df246fcdb655ed3d82697ab51d78 Author: Inochi Amaoto Date: Mon Jul 29 10:13:34 2024 +0800 riscv: dts: sophgo: Add i2c device support for sg2042 The i2c ip of sg2042 is a standard Synopsys i2c ip, which is already supported by the mainline kernel. Add i2c device node for sg2042. Reviewed-by: Chen Wang Tested-by: Chen Wang Link: https://lore.kernel.org/r/IA1PR20MB49530E59974AF0FCA4FAB6DBBBB72@IA1PR20MB4953.namprd20.prod.outlook.com Signed-off-by: Inochi Amaoto Signed-off-by: Chen Wang commit 5d9e6bc82bd0705991fdcaea70cc3118efd0f2f2 Author: Inochi Amaoto Date: Mon Jul 29 10:13:33 2024 +0800 riscv: dts: sophgo: Use common "interrupt-parent" for all peripherals for sg2042 As all peripherals of sg2042 share the same "interrupt-parent", there is no need to use peripherals specific "interrupt-parent". Define "interrupt-parent" in the SoC level. Reviewed-by: Chen Wang Tested-by: Chen Wang Link: https://lore.kernel.org/r/IA1PR20MB49531F6DFD2F116207C1397DBBB72@IA1PR20MB4953.namprd20.prod.outlook.com Signed-off-by: Inochi Amaoto Signed-off-by: Chen Wang commit 63c33528b70dcd9394393cb21723da0daced77bc Author: Inochi Amaoto Date: Tue Jul 23 10:18:49 2024 +0800 riscv: dts: sophgo: Add sdhci0 configuration for Huashan Pi Add configuration for sdhci0 for Huashan Pi to support sd card. Reviewed-by: Chen Wang Link: https://lore.kernel.org/r/IA1PR20MB49538AC83C5DB314D10F7186BBA92@IA1PR20MB4953.namprd20.prod.outlook.com Signed-off-by: Inochi Amaoto Signed-off-by: Chen Wang commit 514951a81a5e0b8d1deec5e896daf5b30f477b38 Author: Inochi Amaoto Date: Fri Apr 12 16:33:32 2024 +0800 riscv: dts: sophgo: cv18xx: add DMA controller Add DMA controller dt node for CV18XX/SG200x. Link: https://lore.kernel.org/r/IA1PR20MB4953BD73E12B8A1CDBD9E1A3BB042@IA1PR20MB4953.namprd20.prod.outlook.com Signed-off-by: Inochi Amaoto Signed-off-by: Chen Wang commit e09e0a7ae3c698aac0d92bce1b87363e5aa60958 Author: Tim Harvey Date: Wed Aug 28 10:36:50 2024 -0700 dt-bindings: arm: fsl: rename gw7905 to gw75xx The GW7905 was renamed to GW7500 before production release. While we typically do not change compatibles, the GW7905 was never released before its product name was changed to a GW7500. The use the the 'xx' wildcard is to denote the fact that this device-tree can support range of board models from GW7500 to GW7599 as has been done historically with the Gateworks baseboards to support various build customizatoins based on the same PCB. Signed-off-by: Tim Harvey Reviewed-by: Rob Herring Signed-off-by: Shawn Guo commit 968a549ccadb855cad447257ccb6961135242e02 Author: Markus Niebel Date: Wed Aug 28 14:19:59 2024 +0200 ARM: dts: imx6qdl-mba6b: remove doubled entry for I2C1 pinmux Since the muxing is described already in imx6qdl-tqma6 can be reused by this variant. No functional change. Signed-off-by: Markus Niebel Signed-off-by: Shawn Guo commit 0bfef93bd6ac982e96cf429afe0473926ec85dad Author: Markus Niebel Date: Wed Aug 28 14:19:58 2024 +0200 ARM: dts: imx6qdl-mba6: improve compatible for LM75 temp sensor Use national,lm75a to specify exact variant used. This should cause no functional changes. Signed-off-by: Markus Niebel Signed-off-by: Shawn Guo commit 5d0813c2f73d133dc8b3f651a089f449158f8f83 Author: Markus Niebel Date: Wed Aug 28 14:19:57 2024 +0200 ARM: dts: imx6qdl-tqma6: improve compatible for LM75 temp sensor Use national,lm75a to specify exact variant used. This should cause no functional changes. While at it change node name to 'temperature-sensor@48' to describe the function of the IC. Signed-off-by: Markus Niebel Signed-off-by: Shawn Guo commit 135be5386de7beb602f2288703f3fc21685e2d2b Author: Markus Niebel Date: Wed Aug 28 14:19:56 2024 +0200 ARM: dts: imx6qdl-tqma6: move i2c3 pinmux to imx6qdl-tqma6b Move the pinmux entries to the variant where they are actual used. No functional changes. Signed-off-by: Markus Niebel Signed-off-by: Shawn Guo commit 15302579373ed2c8ada629e9e7bcf9569393a48d Author: Dmitry Baryshkov Date: Sun Dec 3 03:32:03 2023 +0300 drm/msm/dpu: enable writeback on SM6350 Enable WB2 hardware block, enabling writeback support on this platform. Signed-off-by: Dmitry Baryshkov Tested-by: Luca Weiss Patchwork: https://patchwork.freedesktop.org/patch/570194/ Link: https://lore.kernel.org/r/20231203003203.1293087-5-dmitry.baryshkov@linaro.org commit ab2b03d73a664554485932a9b349157e0b6e2279 Author: Dmitry Baryshkov Date: Sun Dec 3 03:32:02 2023 +0300 drm/msm/dpu: enable writeback on SM6125 Enable WB2 hardware block, enabling writeback support on this platform. Signed-off-by: Dmitry Baryshkov Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/570193/ Link: https://lore.kernel.org/r/20231203003203.1293087-4-dmitry.baryshkov@linaro.org commit 1f5bcc4316b3b2f87a366402f49116942ee2094c Author: Dmitry Baryshkov Date: Sun Dec 3 03:32:01 2023 +0300 drm/msm/dpu: enable writeback on SC8108X Enable WB2 hardware block, enabling writeback support on this platform. Signed-off-by: Dmitry Baryshkov Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/570196/ Link: https://lore.kernel.org/r/20231203003203.1293087-3-dmitry.baryshkov@linaro.org commit 47cebb740a83682224654a6583a20efd9f3cfeae Author: Dmitry Baryshkov Date: Sun Dec 3 03:32:00 2023 +0300 drm/msm/dpu: enable writeback on SM8150 Enable WB2 hardware block, enabling writeback support on this platform. Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/570192/ Link: https://lore.kernel.org/r/20231203003203.1293087-2-dmitry.baryshkov@linaro.org [DB: picked up WB_SDM845_MASK from sdm845 patch] Signed-off-by: Dmitry Baryshkov commit 25b85075150fe8adddb096db8a4b950353045ee1 Author: Sherry Yang Date: Tue Aug 27 09:53:37 2024 -0700 drm/msm: fix %s null argument error The following build error was triggered because of NULL string argument: BUILDSTDERR: drivers/gpu/drm/msm/disp/mdp5/mdp5_smp.c: In function 'mdp5_smp_dump': BUILDSTDERR: drivers/gpu/drm/msm/disp/mdp5/mdp5_smp.c:352:51: error: '%s' directive argument is null [-Werror=format-overflow=] BUILDSTDERR: 352 | drm_printf(p, "%s:%d\t%d\t%s\n", BUILDSTDERR: | ^~ BUILDSTDERR: drivers/gpu/drm/msm/disp/mdp5/mdp5_smp.c:352:51: error: '%s' directive argument is null [-Werror=format-overflow=] This happens from the commit a61ddb4393ad ("drm: enable (most) W=1 warnings by default across the subsystem"). Using "(null)" instead to fix it. Fixes: bc5289eed481 ("drm/msm/mdp5: add debugfs to show smp block status") Signed-off-by: Sherry Yang Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/611071/ Link: https://lore.kernel.org/r/20240827165337.1075904-1-sherry.yang@oracle.com Signed-off-by: Dmitry Baryshkov commit 1328cb7c34bf6d056df9ff694ee5194537548258 Author: Dmitry Baryshkov Date: Sun Aug 4 08:40:07 2024 +0300 drm/msm/dsi: correct programming sequence for SM8350 / SM8450 According to the display-drivers, 5nm DSI PLL (v4.2, v4.3) have different boundaries for pll_clock_inverters programming. Follow the vendor code and use correct values. Fixes: 2f9ae4e395ed ("drm/msm/dsi: add support for DSI-PHY on SM8350 and SM8450") Signed-off-by: Dmitry Baryshkov Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/606947/ Link: https://lore.kernel.org/r/20240804-sm8350-fixes-v1-3-1149dd8399fe@linaro.org commit c7c412202623951dcfc22316f5255fd84fd56186 Author: Abhinav Kumar Date: Tue Jul 30 12:50:11 2024 -0700 drm/msm/dp: enable widebus on all relevant chipsets Hardware document indicates that widebus is recommended on DP on all MDSS chipsets starting version 5.x.x and above. Follow the guideline and mark widebus support on all relevant chipsets for DP. Fixes: 766f705204a0 ("drm/msm/dp: Remove now unused connector_type from desc") Fixes: 1b2d98bdd7b7 ("drm/msm/dp: Add DisplayPort controller for SM8650") Signed-off-by: Abhinav Kumar Reviewed-by: Dmitry Baryshkov Fixes: 757a2f36ab09 ("drm/msm/dp: enable widebus feature for display port") Fixes: 1b2d98bdd7b7 ("drm/msm/dp: Add DisplayPort controller for SM8650") Patchwork: https://patchwork.freedesktop.org/patch/606556/ Link: https://lore.kernel.org/r/20240730195012.2595980-1-quic_abhinavk@quicinc.com Signed-off-by: Dmitry Baryshkov commit caedbf17c48dcd9f076aa7157c1bb8ab8082c418 Author: Arnaud Vrac Date: Wed Jul 24 17:01:37 2024 +0200 drm/msm: add msm8998 hdmi phy/pll support Add support for the HDMI PHY as present on the Qualcomm MSM8998 SoC. This code is mostly copy & paste of the vendor code from msm-4.4 kernel.lnx.4.4.r38-rel. Signed-off-by: Arnaud Vrac Reviewed-by: Dmitry Baryshkov Signed-off-by: Marc Gonzalez Patchwork: https://patchwork.freedesktop.org/patch/605631/ Link: https://lore.kernel.org/r/20240724-hdmi-tx-v7-4-e44a20553464@freebox.fr [DB: replaced division with do_div64 to fix build issues on ARM32] Signed-off-by: Dmitry Baryshkov commit a61eb17f40e8bdba99aaffae2c50b75b395a3c44 Author: Marc Gonzalez Date: Wed Jul 24 17:01:36 2024 +0200 drm/msm/hdmi: add "qcom,hdmi-tx-8998" compatible Current driver already supports the msm8998 HDMI TX. We just need to add the compatible string. Reviewed-by: Dmitry Baryshkov Signed-off-by: Marc Gonzalez Patchwork: https://patchwork.freedesktop.org/patch/605632/ Link: https://lore.kernel.org/r/20240724-hdmi-tx-v7-3-e44a20553464@freebox.fr Signed-off-by: Dmitry Baryshkov commit 656810411b1d7e47457312722b28f598f100e62e Author: Marc Gonzalez Date: Wed Jul 24 17:01:35 2024 +0200 dt-bindings: display/msm: hdmi: add qcom,hdmi-tx-8998 HDMI TX block embedded in the APQ8098. Reviewed-by: Rob Herring (Arm) Reviewed-by: Conor Dooley Signed-off-by: Marc Gonzalez Patchwork: https://patchwork.freedesktop.org/patch/605638/ Link: https://lore.kernel.org/r/20240724-hdmi-tx-v7-2-e44a20553464@freebox.fr Signed-off-by: Dmitry Baryshkov commit 8886def25eef705b6bc5f65d4982218691feca1c Author: Marc Gonzalez Date: Wed Jul 24 17:01:34 2024 +0200 dt-bindings: phy: add qcom,hdmi-phy-8998 HDMI PHY block embedded in the APQ8098. Acked-by: Rob Herring (Arm) Acked-by: Vinod Koul Signed-off-by: Marc Gonzalez Patchwork: https://patchwork.freedesktop.org/patch/605634/ Link: https://lore.kernel.org/r/20240724-hdmi-tx-v7-1-e44a20553464@freebox.fr Signed-off-by: Dmitry Baryshkov commit be3415c620d1ed4776068bc17dbda876fbda6953 Author: Dmitry Baryshkov Date: Sat Aug 31 13:10:44 2024 +0300 drm/msm/dpu: Configure DP INTF/PHY selector Some platforms provides a mechanism for configuring the mapping between (one or two) DisplayPort intfs and their PHYs. In particular SC8180X requires this to be configured, since on this platform there are fewer controllers than PHYs. The change implements the logic for optionally configuring which PHY each of the DP INTFs should be connected to and marks the SC8180X DPU to program 2 entries. For now the request is simply to program the mapping 1:1, any support for alternative mappings is left until the use case arrise. Note that e.g. msm-4.14 unconditionally maps INTF 0 to PHY 0 on all platforms, so perhaps this is needed in order to get DisplayPort working on some other platforms as well. Co-developed-by: Bjorn Andersson Signed-off-by: Bjorn Andersson Signed-off-by: Dmitry Baryshkov Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/600895/ Link: https://lore.kernel.org/r/20240625-dp-phy-sel-v3-1-c77c7066c454@linaro.org commit 0f3e1eaaf7f97839ac65f525efec392161d73219 Author: Liao Chen Date: Sat Aug 31 07:21:58 2024 +0000 ata: sata_gemini: Enable module autoloading Add MODULE_DEVICE_TABLE(), so modules can be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Reviewed-by: Linus Walleij Signed-off-by: Damien Le Moal commit 619c98622b74f97e78ec71cc99ee0d365bcc690f Author: Liao Chen Date: Sat Aug 31 07:21:57 2024 +0000 ata: pata_ixp4xx: Enable module autoloading Add MODULE_DEVICE_TABLE(), so modules can be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Reviewed-by: Sergey Shtylyov Reviewed-by: Linus Walleij Signed-off-by: Damien Le Moal commit 4b4e1a961f6e72c6889f37694cafbd30ea10ec36 Author: Liao Chen Date: Sat Aug 31 07:21:56 2024 +0000 ata: pata_ftide010: Enable module autoloading Add MODULE_DEVICE_TABLE(), so modules can be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Reviewed-by: Sergey Shtylyov Reviewed-by: Linus Walleij Signed-off-by: Damien Le Moal commit 5b035d14a508efd065895607ae7a6f913b26fef8 Author: Apurva Nandan Date: Fri Aug 30 21:47:42 2024 +0530 arm64: dts: ti: k3-j722s-evm: Enable Inter-Processor Communication The K3 J722S-EVM platform is based on the J722S SoC which has one single-core Arm Cortex-R5F processor in each of the WAKEUP, MCU and MAIN voltage domain, and two C71x DSP subsystems in MAIN voltage domain. The Inter-Processor communication between the A53 cores and these R5F and DSP remote cores is achieved through shared memory and Mailboxes. Thus, add the memory carveouts and enable the mailbox clusters required for communication. Also, The remoteproc firmware like of R5F and DSPs in the MAIN voltage domain use timers. Therefore, change the status of the timer nodes to "reserved" to avoid any clash during booting of remotecores. Usage is described as below: +===================+=============+ | Remoteproc Node | Timer Node | +===================+=============+ | main_r5fss0_core0 | main_timer0 | +-------------------+-------------+ | c7x_0 | main_timer1 | +-------------------+-------------+ | c7x_1 | main_timer2 | +-------------------+-------------+ Signed-off-by: Apurva Nandan Signed-off-by: Beleswar Padhi Reviewed-by: Udit Kumar Link: https://lore.kernel.org/r/20240830161742.925145-3-b-padhi@ti.com Signed-off-by: Nishanth Menon commit 05b1653c4fc148189743e4b3cbef798e49db61f0 Author: Apurva Nandan Date: Fri Aug 30 21:47:41 2024 +0530 arm64: dts: ti: k3-j722s-main: Add R5F and C7x remote processor nodes The K3 J722S SoCs have one single-core Arm Cortex-R5F processor in each of the WAKEUP, MCU and MAIN voltage domain, and two C71x DSP subsystems in MAIN voltage domain. Add the DT nodes to support Inter-Processor Communication. Signed-off-by: Apurva Nandan [ refactoring changes to k3-j722s-main.dtsi ] Signed-off-by: Beleswar Padhi Reviewed-by: Udit Kumar Reviewed-by: Andrew Davis Link: https://lore.kernel.org/r/20240830161742.925145-2-b-padhi@ti.com Signed-off-by: Nishanth Menon commit ce9d793b2bbbfdd6d0ce30f94bd014ab5fb87230 Author: Prasanth Babu Mantena Date: Wed Aug 28 11:38:30 2024 +0530 arm64: dts: ti: k3-am68-sk-som: Update Partition info for OSPI Flash Commit 73f1f26e2e4c ("arm64: dts: ti: k3-am68-sk-som: Add support for OSPI flash") introduced the flash node with discontinuous partitions. Updating the partition offset to be continuous from the previous partition to maintain linearity. Signed-off-by: Prasanth Babu Mantena Link: https://lore.kernel.org/r/20240828060830.555733-1-p-mantena@ti.com Signed-off-by: Nishanth Menon commit 64dce81f8c373c681e62d5ffe0397c45a35d48a2 Author: Wolfram Sang Date: Sun Sep 1 11:02:11 2024 +0200 ipmi: docs: don't advertise deprecated sysfs entries "i2c-adapter" class entries are deprecated since 2009. Switch to the proper location. Reported-by: Heiner Kallweit Closes: https://lore.kernel.org/r/80c4a898-5867-4162-ac85-bdf7c7c68746@gmail.com Fixes: 259307074bfc ("ipmi: Add SMBus interface driver (SSIF)") Signed-off-by: Wolfram Sang Message-Id: <20240901090211.3797-2-wsa+renesas@sang-engineering.com> Signed-off-by: Corey Minyard commit c5e615963bbeda0bdb0a97a33bcba46d6eea8a96 Author: Robert Nelson Date: Thu Aug 29 16:39:29 2024 -0500 arm64: dts: ti: Add k3-am67a-beagley-ai BeagleBoard.org BeagleY-AI is an easy to use, affordable open source hardware single board computer based on the Texas Instruments AM67A, which features a quad-core 64-bit Arm CPU subsystem, 2 general-purpose digital-signal-processors (DSP) and matrix-multiply-accelerators (MMA), GPU, vision and deep learning accelerators, and multiple Arm Cortex-R5 cores for low-power, low-latency GPIO control. https://beagley-ai.org/ https://openbeagle.org/beagley-ai/beagley-ai Signed-off-by: Robert Nelson Reviewed-by: Roger Quadros Reviewed-by: Jared McArthur Link: https://lore.kernel.org/r/20240829213929.48540-2-robertcnelson@gmail.com Signed-off-by: Nishanth Menon commit b8c773f556936577f8fd7be29c5e579422436784 Author: Robert Nelson Date: Thu Aug 29 16:39:28 2024 -0500 dt-bindings: arm: ti: Add BeagleY-AI This board is based on ti,j722s family using the am67a variation. https://beagley-ai.org/ https://openbeagle.org/beagley-ai/beagley-ai Signed-off-by: Robert Nelson Reviewed-by: Jared McArthur Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240829213929.48540-1-robertcnelson@gmail.com Signed-off-by: Nishanth Menon commit f3be0032e116eda48e9a6e73002fc2c107658918 Author: Diogo Ivo Date: Thu Aug 29 14:28:29 2024 +0100 arm64: dts: ti: iot2050: Declare Ethernet PHY leds Each Ethernet PHY on IOT2050 platforms drives 3 LEDs whose triggers can be configured to signal link properties such as connection status or speed. Declare the LEDs, exposing their trigger controls to userspace. Signed-off-by: Diogo Ivo Link: https://lore.kernel.org/r/20240829-ivo-iot2050_leds-v1-1-792a512b2178@siemens.com Signed-off-by: Nishanth Menon commit 50f368a0c166ebac9301b834aed729b2bb901e6a Author: Judith Mendez Date: Thu Aug 15 15:48:33 2024 -0500 arm64: dts: ti: k3-am65: Add ESM nodes Add Error Signaling Module (ESM) instances in MCU and MAIN domains, set ESM interrupt sources for rti as per TRM [0] 9.4 Interrupt Sources. There are no ESM0_ESM_INT* events routed to MCU ESM, so it is not possible to reset the CPU using watchdog and ESM0 configuration. However add ESM instances for device completion. Add comments to describe what interrupt sources are routed to ESM modules. [0] http://www.ti.com/lit/pdf/spruid7 Signed-off-by: Judith Mendez Reviewed-by: Bryan Brattlof Link: https://lore.kernel.org/r/20240815204833.452132-7-jm@ti.com Signed-off-by: Nishanth Menon commit 633bcfa502591103b5d5c4429d90bf10ac9bfd52 Author: Judith Mendez Date: Thu Aug 15 15:48:32 2024 -0500 arm64: dts: ti: k3-am64: Add more ESM interrupt sources Add ESM interrupt sources for rti as per TRM [0] in 9.4 Interrupt Sources. [0] https://www.ti.com/lit/pdf/spruim2 Signed-off-by: Judith Mendez Reviewed-by: Bryan Brattlof Link: https://lore.kernel.org/r/20240815204833.452132-6-jm@ti.com Signed-off-by: Nishanth Menon commit 54ed32742a2b722a9eeeca601b5d9b715423381b Author: Judith Mendez Date: Thu Aug 15 15:48:28 2024 -0500 arm64: dts: ti: k3-am62a: Add ESM nodes Add Error Signaling Module (ESM) instances in MCU and MAIN domains, set ESM interrupt sources for rti as per TRM [0] 10.4 Interrupt Sources. Add comments to describe what interrupt sources are routed to ESM modules. [0] https://www.ti.com/lit/pdf/spruj16 Signed-off-by: Judith Mendez Reviewed-by: Bryan Brattlof Link: https://lore.kernel.org/r/20240815204833.452132-2-jm@ti.com Signed-off-by: Nishanth Menon commit cc3a295ebb659a56534a2baea9040dc0dec1980d Author: Judith Mendez Date: Thu Aug 15 15:48:31 2024 -0500 arm64: dts: ti: k3-am62: Add comments to ESM nodes Add comments to describe what interrupt sources are routed to ESM modules. There is no functional change. Signed-off-by: Judith Mendez Reviewed-by: Bryan Brattlof Link: https://lore.kernel.org/r/20240815204833.452132-5-jm@ti.com Signed-off-by: Nishanth Menon commit c94da2159dfdcc44b78a8b1f3ebe4909d4efc9ec Author: Judith Mendez Date: Thu Aug 15 15:48:29 2024 -0500 arm64: dts: ti: k3-am62p: Fix ESM interrupt sources Fix interrupt sources for rti routed to the ESM0 as per [0], in 10.4 Interrupt Sources Add comments to describe what interrupt sources are routed to ESM modules. [0] https://www.ti.com/lit/pdf/spruj83 Fixes: b5080c7c1f7e ("arm64: dts: ti: k3-am62p: Add nodes for more IPs") Signed-off-by: Judith Mendez Reviewed-by: Bryan Brattlof Link: https://lore.kernel.org/r/20240815204833.452132-3-jm@ti.com Signed-off-by: Nishanth Menon commit d4847546b6209876bbbbc00f5b8583387e80b731 Author: Santhosh Kumar K Date: Thu Aug 15 15:48:30 2024 -0500 arm64: dts: ti: k3-am62p: Remove 'reserved' status for ESM Remove 'reserved' status for MCU ESM node. Watchdog reset is propagated through ESM0 to MCU ESM to reset the CPU, so enable MCU ESM to reset the CPU with watchdog timeout. Signed-off-by: Santhosh Kumar K Signed-off-by: Judith Mendez Reviewed-by: Bryan Brattlof Link: https://lore.kernel.org/r/20240815204833.452132-4-jm@ti.com Signed-off-by: Nishanth Menon commit 5c19aeb8ae4fc539a73d7ff8b25decd745950c39 Author: Nishanth Menon Date: Fri Aug 30 05:28:22 2024 -0500 arm64: dts: ti: k3-j721s2-evm-gesi-exp-board: Rename gpio-hog node name Fix the gpio hog node name to p15-hog to match up with gpio-hog convention. This fixes dtbs_check warning: p15: $nodename:0: 'p15' does not match '^(hog-[0-9]+|.+-hog(-[0-9]+)?)$' Acked-by: Siddharth Vadapalli Link: https://lore.kernel.org/r/20240830102822.3970269-1-nm@ti.com Signed-off-by: Nishanth Menon commit 47ca0776e3637e8cfbf84483a0b0c22fbdf3a9f7 Author: Nishanth Menon Date: Fri Aug 30 06:31:37 2024 -0500 arm64: dts: ti: k3-am642-evm-nand: Rename pinctrl node and gpio-hog names Rename the pin mux and gpio-hog node names to match up with binding rules. This fixes dtbs_check warnings: 'gpmc0-pins-default' does not match any of the regexes: '-pins(-[0-9]+)?$|-pin$', 'pinctrl-[0-9]+' 'gpio0-36' does not match '^(hog-[0-9]+|.+-hog(-[0-9]+)?)$' While at it, change the phandle name to be consistent with the pinctrl naming. Reviewed-by: Dhruva Gole Link: https://lore.kernel.org/r/20240830113137.3986091-1-nm@ti.com Signed-off-by: Nishanth Menon commit 2bea7920da8001172f54359395700616269ccb70 Author: MD Danish Anwar Date: Fri Aug 30 16:40:00 2024 +0530 arm64: dts: ti: k3-am654-idk: Fix dtbs_check warning in ICSSG dmas ICSSG doesn't use mgmnt rsp dmas. But these are added in the dmas for icssg1-eth and icssg0-eth node. These mgmnt rsp dmas result in below dtbs_check warnings. /workdir/arch/arm64/boot/dts/ti/k3-am654-idk.dtb: icssg1-eth: dmas: [[39, 49664], [39, 49665], [39, 49666], [39, 49667], [39, 49668], [39, 49669], [39, 49670], [39, 49671], [39, 16896], [39, 16897], [39, 16898], [39, 16899]] is too long from schema $id: http://devicetree.org/schemas/net/ti,icssg-prueth.yaml# /workdir/arch/arm64/boot/dts/ti/k3-am654-idk.dtb: icssg0-eth: dmas: [[39, 49408], [39, 49409], [39, 49410], [39, 49411], [39, 49412], [39, 49413], [39, 49414], [39, 49415], [39, 16640], [39, 16641], [39, 16642], [39, 16643]] is too long from schema $id: http://devicetree.org/schemas/net/ti,icssg-prueth.yaml# Fix these warnings by removing mgmnt rsp dmas from icssg1-eth and icssg0-eth nodes. Fixes: a4d5bc3214eb ("arm64: dts: ti: k3-am654-idk: Add ICSSG Ethernet ports") Signed-off-by: MD Danish Anwar Reviewed-by: Roger Quadros Link: https://lore.kernel.org/r/20240830111000.232028-1-danishanwar@ti.com Signed-off-by: Nishanth Menon commit 6c67a0f1647d486674a064d4abcadfb083a6f6da Author: Andrew Davis Date: Wed Aug 28 12:29:56 2024 -0500 arm64: dts: ti: k3-j784s4: Include entire FSS region in ranges Add FSS regions at 0x50000000, 0x400000000, and 0x600000000. Although not used currently by the Linux FSS driver, these regions belong to the FSS and should be included in the ranges mapping. While here, a couple of these numbers had missing zeros which was hidden by odd alignments, fix both these issues. Signed-off-by: Andrew Davis Reviewed-by: Santhosh Kumar K Link: https://lore.kernel.org/r/20240828172956.26630-5-afd@ti.com Signed-off-by: Nishanth Menon commit a919e59c0c1563437ab1892ff39df441da7521a4 Author: Andrew Davis Date: Wed Aug 28 12:29:55 2024 -0500 arm64: dts: ti: k3-j721s2: Include entire FSS region in ranges Add FSS regions at 0x50000000, 0x400000000, and 0x600000000. Although not used currently by the Linux FSS driver, these regions belong to the FSS and should be included in the ranges mapping. While here, a couple of these numbers had missing zeros which was hidden by odd alignments, fix both these issues. Signed-off-by: Andrew Davis Reviewed-by: Santhosh Kumar K Link: https://lore.kernel.org/r/20240828172956.26630-4-afd@ti.com Signed-off-by: Nishanth Menon commit 16dee71beec8957ab89ee15e6f17fcb33503a9d2 Author: Andrew Davis Date: Wed Aug 28 12:29:54 2024 -0500 arm64: dts: ti: k3-j721e: Include entire FSS region in ranges Add FSS regions at 0x50000000, 0x400000000, and 0x600000000. Although not used currently by the Linux FSS driver, these regions belong to the FSS and should be included in the ranges mapping. While here, a couple of these numbers had missing zeros which was hidden by odd alignments, fix both these issues. Signed-off-by: Andrew Davis Reviewed-by: Santhosh Kumar K Link: https://lore.kernel.org/r/20240828172956.26630-3-afd@ti.com Signed-off-by: Nishanth Menon commit 55799866382524cc5dae5bf90d2fa469dc7889a8 Author: Andrew Davis Date: Wed Aug 28 12:29:53 2024 -0500 arm64: dts: ti: k3-am65: Include entire FSS region in ranges Add FSS regions at 0x50000000, 0x400000000, and 0x600000000. Although not used currently by the Linux FSS driver, these regions belong to the FSS and should be included in the ranges mapping. While here, a couple of these numbers had missing zeros which was hidden by odd alignments, fix both these issues. Signed-off-by: Andrew Davis Reviewed-by: Santhosh Kumar K Link: https://lore.kernel.org/r/20240828172956.26630-2-afd@ti.com Signed-off-by: Nishanth Menon commit 99ced42d6f3ebcae52c2c6d1207d3f96d7cf88ac Author: Théo Lebrun Date: Fri Jul 26 20:18:00 2024 +0200 arm64: dts: ti: k3-am64: add USB fallback compatible to J721E USB on AM64 is the same peripheral as on J721E. It has a specific compatible for potential integration details. Express this relationship, matching what the dt-bindings indicate. Signed-off-by: Théo Lebrun Reviewed-by: Roger Quadros Link: https://lore.kernel.org/r/20240726-s2r-cdns-v5-12-8664bfb032ac@bootlin.com Signed-off-by: Nishanth Menon commit 5603a3491b368faf180472f4bdc6480c13c7385e Author: Colin Ian King Date: Thu Aug 22 21:59:41 2024 +0100 PCI: rcar-gen4: Make read-only const array check_addr static Don't populate the const read-only array check_addr on the stack at run time, instead make it static. Link: https://lore.kernel.org/linux-pci/20240822205941.643187-1-colin.i.king@gmail.com Signed-off-by: Colin Ian King [kwilczynski: refactor array definition] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Geert Uytterhoeven commit 221f9cce949ac8042f65b71ed1fde13b99073256 Merge: 43d0035b2c6a0e 5da8de8cb3e3b0 Author: David S. Miller Date: Sun Sep 1 18:17:34 2024 +0100 Merge branch 'octeontx2-af-cpt-update' Srujana Challa says: ==================== octeontx2-af: update CPT block for CN10KB and CN10KA B0 This commit addresses two key updates for the CN10KB and CN10KA B0: 1. The number of FLT interrupt vectors has been reduced to 2 on CN10KB. The code is updated to reflect this change across the CN10K series. 2. The maximum CPT credits that RX can use are now configurable through a hardware CSR on CN10KA B0. This patch sets the default value to optimize peak performance, aligning it with other chip versions. v2: - Addressed the review comments. ==================== Signed-off-by: David S. Miller commit 5da8de8cb3e3b01fd838536c75a36b667eca128b Author: Srujana Challa Date: Thu Aug 29 13:39:35 2024 +0530 octeontx2-af: configure default CPT credits for CN10KA B0 The maximum CPT credits that RXC can use are now configurable on CN10KA B0 through a hardware CSR. This patch sets the default value to optimize peak performance, aligning it with other chip versions. Signed-off-by: Srujana Challa Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit 1652623291c50a9ec4db3c416b7d01701b4012ff Author: Srujana Challa Date: Thu Aug 29 13:39:34 2024 +0530 octeontx2-af: avoid RXC register access for CN10KB This patch modifies the driver to prevent access to RXC hardware registers on the CN10KB, as RXC is not available on this chip. Signed-off-by: Srujana Challa Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit 4ebe78e15b95e8baaf7c3686694b59319b215f38 Author: Srujana Challa Date: Thu Aug 29 13:39:33 2024 +0530 octeontx2-af: use dynamic interrupt vectors for CN10K This patch updates the driver to use a dynamic number of vectors instead of a hard-coded value. This change accommodates the CN10KB, which has 2 vectors, unlike the previously supported chips that have 3 vectors. Signed-off-by: Srujana Challa Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit 3ee1a6b5d78f07bc026f71ea0664d8df2a7d1280 Author: Jinjie Ruan Date: Thu Aug 29 10:24:35 2024 +0800 PCI/AER: Use PCI_DEVID() macro in aer_inject() The PCI_DEVID() macro can be used instead of open-coding it. No functional changes intended. Link: https://lore.kernel.org/linux-pci/20240829022435.4145181-1-ruanjinjie@huawei.com Signed-off-by: Jinjie Ruan [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński commit 4654cf52cbd07cb2d6ab6f55bcc5eb2dae8b736a Author: Riyan Dhiman Date: Sun Sep 1 14:56:02 2024 +0530 PCI: vmd: Fix indentation issue in vmd_shutdown() The code in vmd_shutdown() had an indentation issue where spaces were used instead of tabs. This commit corrects the indentation to use tabs, adhering to the Linux kernel coding style guidelines. Issue reported by the checkpatch.pl script: ERROR: code indent should use tabs where possible #1056: FILE: drivers/pci/controller/vmd.c:1056: + struct vmd_dev *vmd = pci_get_drvdata(dev);$ WARNING: please, no spaces at the start of a line #1056: FILE: drivers/pci/controller/vmd.c:1056: + struct vmd_dev *vmd = pci_get_drvdata(dev);$ ERROR: code indent should use tabs where possible #1058: FILE: drivers/pci/controller/vmd.c:1058: + vmd_remove_irq_domain(vmd);$ WARNING: please, no spaces at the start of a line #1058: FILE: drivers/pci/controller/vmd.c:1058: + vmd_remove_irq_domain(vmd);$ No functional changes are intended. Link: https://lore.kernel.org/linux-pci/20240901092602.17414-1-riyandhiman14@gmail.com Signed-off-by: Riyan Dhiman [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński commit 411a71256de6f5a0015a28929cfbe6bc36c503dc Author: Darrick J. Wong Date: Fri Aug 30 15:37:21 2024 -0700 xfs: standardize the btree maxrecs function parameters Standardize the parameters in xfs_{alloc,bm,ino,rmap,refcount}bt_maxrecs so that we have consistent calling conventions. This doesn't affect the kernel that much, but enables us to clean up userspace a bit. Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit de55149b6639e903c4d06eb0474ab2c05060e61d Author: Darrick J. Wong Date: Fri Aug 30 15:37:20 2024 -0700 xfs: fix a sloppy memory handling bug in xfs_iroot_realloc While refactoring code, I noticed that when xfs_iroot_realloc tries to shrink a bmbt root block, it allocates a smaller new block and then copies "records" and pointers to the new block. However, bmbt root blocks cannot ever be leaves, which means that it's not technically correct to copy records. We /should/ be copying keys. Note that this has never resulted in actual memory corruption because sizeof(bmbt_rec) == (sizeof(bmbt_key) + sizeof(bmbt_ptr)). However, this will no longer be true when we start adding realtime rmap stuff, so fix this now. Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit 2c4162be6c10d3bc4884c211ae4787fc84c4fe3c Author: Darrick J. Wong Date: Fri Aug 30 15:37:17 2024 -0700 xfs: refactor loading quota inodes in the regular case Create a helper function to load quota inodes in the case where the dqtype and the sb quota inode fields correspond. This is true for nearly all the iget callsites in the quota code, except for when we're switching the group and project quota inodes. We'll need this in subsequent patches to make the metadir handling less convoluted. Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit 79124b3740063573312de4b225407ebdae219275 Author: Darrick J. Wong Date: Fri Aug 30 15:37:20 2024 -0700 xfs: replace shouty XFS_BM{BT,DR} macros Replace all the shouty bmap btree and bmap disk root macros with actual functions. sed \ -e 's/XFS_BMBT_BLOCK_LEN/xfs_bmbt_block_len/g' \ -e 's/XFS_BMBT_REC_ADDR/xfs_bmbt_rec_addr/g' \ -e 's/XFS_BMBT_KEY_ADDR/xfs_bmbt_key_addr/g' \ -e 's/XFS_BMBT_PTR_ADDR/xfs_bmbt_ptr_addr/g' \ -e 's/XFS_BMDR_REC_ADDR/xfs_bmdr_rec_addr/g' \ -e 's/XFS_BMDR_KEY_ADDR/xfs_bmdr_key_addr/g' \ -e 's/XFS_BMDR_PTR_ADDR/xfs_bmdr_ptr_addr/g' \ -e 's/XFS_BMAP_BROOT_PTR_ADDR/xfs_bmap_broot_ptr_addr/g' \ -e 's/XFS_BMAP_BROOT_SPACE_CALC/xfs_bmap_broot_space_calc/g' \ -e 's/XFS_BMAP_BROOT_SPACE/xfs_bmap_broot_space/g' \ -e 's/XFS_BMDR_SPACE_CALC/xfs_bmdr_space_calc/g' \ -e 's/XFS_BMAP_BMDR_SPACE/xfs_bmap_bmdr_space/g' \ -i $(git ls-files fs/xfs/*.[ch] fs/xfs/libxfs/*.[ch] fs/xfs/scrub/*.[ch]) Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit c460f0f1a2bc219495e19e43daac6f8c902d81d8 Author: Darrick J. Wong Date: Fri Aug 30 15:37:19 2024 -0700 xfs: fix FITRIM reporting again Don't report FITRIMming more bytes than possibly exist in the filesystem. Fixes: 410e8a18f8e93 ("xfs: don't bother reporting blocks trimmed via FITRIM") Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit 64dfa18d6e322034c8a30b080f4c380a0b20bb7f Author: Darrick J. Wong Date: Fri Aug 30 15:37:18 2024 -0700 xfs: fix C++ compilation errors in xfs_fs.h Several people reported C++ compilation errors due to things that C compilers allow but C++ compilers do not. Fix both of these problems, and hope there aren't more of these brown paper bags in 2 months when we finally get these fixes through the process into a released xfsprogs. NOTE: I am submitting this bugfix over the objections of a former maintainer, who insists that we should remove this function from the published userspace ABI instead of fixing the C++ compilation errors. No deprecation period, no discussion, just a hard drop of an already provided and correct C function, which would be in contravention of Linus' rules. IOWs, removing ABI that have already shipped in a released kernel requires a careful deprecation period, so I will let that maintainer run that process. Reported-by: kernel@mattwhitlock.name Reported-by: sam@gentoo.org Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219203 Fixes: 233f4e12bbb2c ("xfs: add parent pointer ioctls") Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit 2ca7b9d7b80810b2b45b78b8a4b4fa78a1ddc2dd Author: Darrick J. Wong Date: Fri Aug 30 15:37:16 2024 -0700 xfs: move xfs_ioc_getfsmap out of xfs_ioctl.c Move this function out of xfs_ioctl.c to reduce the clutter in there, and make the entire getfsmap implementation self-contained in a single file. Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit df8b181f1551581e96076a653cdca43468093c0f Author: Christoph Hellwig Date: Fri Aug 30 15:37:08 2024 -0700 xfs: simplify xfs_rtalloc_query_range There isn't much of a good reason to pass the xfs_rtalloc_rec structures that describe extents to xfs_rtalloc_query_range as we really just want a lower and upper bound xfs_rtxnum_t. Pass the rtxnum directly and simply the interface. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit 0a59e4f3e1670bc49d60e1bd1a9b19ca156ae9cb Author: Christoph Hellwig Date: Fri Aug 30 15:36:59 2024 -0700 xfs: push transaction join out of xfs_rtbitmap_lock and xfs_rtgroup_lock To prepare for being able to join an already locked rtbitmap inode to a transaction split out separate helpers for joining the transaction from the locking helpers. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit 390b4775d6787706b1846f15623a68e576ec900c Author: Darrick J. Wong Date: Fri Aug 30 15:36:49 2024 -0700 xfs: pass the icreate args object to xfs_dialloc Pass the xfs_icreate_args object to xfs_dialloc since we can extract the relevant mode (really just the file type) and parent inumber from there. This simplifies the calling convention in preparation for the next patch. Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit 398597c3ef7fb1d8fa31491c8f4f3996cff45701 Author: Darrick J. Wong Date: Fri Aug 30 15:36:47 2024 -0700 xfs: introduce new file range commit ioctls This patch introduces two more new ioctls to manage atomic updates to file contents -- XFS_IOC_START_COMMIT and XFS_IOC_COMMIT_RANGE. The commit mechanism here is exactly the same as what XFS_IOC_EXCHANGE_RANGE does, but with the additional requirement that file2 cannot have changed since some sampling point. The start-commit ioctl performs the sampling of file attributes. Note: This patch currently samples i_ctime during START_COMMIT and checks that it hasn't changed during COMMIT_RANGE. This isn't entirely safe in kernels prior to 6.12 because ctime only had coarse grained granularity and very fast updates could collide with a COMMIT_RANGE. With the multi-granularity ctime introduced by Jeff Layton, it's now possible to update ctime such that this does not happen. It is critical, then, that this patch must not be backported to any kernel that does not support fine-grained file change timestamps. Signed-off-by: Darrick J. Wong Acked-by: Jeff Layton Reviewed-by: Christoph Hellwig commit 516f91035c272c40a409ded7aa063e08b14dd0a6 Author: Darrick J. Wong Date: Fri Aug 30 15:37:15 2024 -0700 xfs: rearrange xfs_fsmap.c a little bit The order of the functions in this file has gotten a little confusing over the years. Specifically, the two data device implementations (bnobt and rmapbt) could be adjacent in the source code instead of split in two by the logdev and rtdev fsmap implementations. We're about to add more functionality to this file, so rearrange things now. Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit fa0fc38b255cc88aef31ff13b5593e27622204e1 Author: Christoph Hellwig Date: Fri Aug 30 15:37:07 2024 -0700 xfs: remove xfs_rtb_to_rtxrem Simplify the number of block number conversion helpers by removing xfs_rtb_to_rtxrem. Any recent compiler is smart enough to eliminate the double divisions if using separate xfs_rtb_to_rtx and xfs_rtb_to_rtxoff calls. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit 2a95ffc44b610643c9d5d2665600d3fbefa5ec4f Author: Christoph Hellwig Date: Fri Aug 30 15:36:59 2024 -0700 xfs: factor out rtbitmap/summary initialization helpers Add helpers to libxfs that can be shared by growfs and mkfs for initializing the rtbitmap and summary, and by passing the optional data pointer also by repair for rebuilding them. This will become even more useful when the rtgroups feature adds a metadata header to each block, which means even more shared code. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong [djwong: minor documentation and data advance tweaks] Signed-off-by: Darrick J. Wong commit feb09b727b03421179282299362620ea0d07a066 Author: Christoph Hellwig Date: Fri Aug 30 15:36:49 2024 -0700 xfs: match on the global RT inode numbers in xfs_is_metadata_inode Match the inode number instead of the inode pointers, as the inode pointers in the superblock will go away soon. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong [djwong: port to my tree, make the parameter a const pointer] Signed-off-by: Darrick J. Wong commit 33912286cb1956920712aba8cb6f38e434824357 Author: Christoph Hellwig Date: Fri Aug 30 15:37:15 2024 -0700 xfs: replace m_rsumsize with m_rsumblocks Track the RT summary file size in blocks, just like the RT bitmap file. While we have users of both units, blocks are used slightly more often and this matches the bitmap file for consistency. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit 9e9be9840fad01dec3ee958fc401c4863c360202 Author: Darrick J. Wong Date: Fri Aug 30 15:37:06 2024 -0700 xfs: fix broken variable-sized allocation detection in xfs_rtallocate_extent_block This function tries to find a suitable free space extent starting from a particular rtbitmap block. Some time ago, I added a clamping function to prevent the free space scans from running off the end of the bitmap, but I didn't quite get the logic right. Let's say there's an allocation request with a minlen of 5 and a maxlen of 32 and we're scanning the last rtbitmap block. If we come within 4 rtx of the end of the rt volume, maxlen will get clamped to 4. If the next 3 rtx are free, we could have satisfied the allocation, but the code setting partial besti/bestlen for "minlen < maxlen" will think that we're doing a non-variable allocation and ignore it. The root of this problem is overwriting maxlen; I should have stuffed the results in a different variable, which would not have introduced this bug. Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit 266e78aec4b9bac0400b09603a2bd24bea7268df Author: Christoph Hellwig Date: Fri Aug 30 15:36:58 2024 -0700 xfs: factor out a xfs_last_rt_bmblock helper Add helper to calculate the last currently used rt bitmap block to better structure the growfs code and prepare for future changes to it. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit 05aba1953f4a6e2b48e13c610e8a4545ba4ef509 Author: Darrick J. Wong Date: Fri Aug 30 15:36:48 2024 -0700 xfs: validate inumber in xfs_iget Actually use the inumber validator to check the argument passed in here. Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig Reviewed-by: Dave Chinner commit 1fc51cf11dd8b26856ae1c4111e402caec73019c Author: Christoph Hellwig Date: Fri Aug 30 15:37:14 2024 -0700 xfs: remove xfs_{rtbitmap,rtsummary}_wordcount xfs_rtbitmap_wordcount and xfs_rtsummary_wordcount are currently unused, so remove them to simplify refactoring other rtbitmap helpers. They can be added back or simply open coded when actually needed. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit 74c234bbe51a1b142400ab018b605e2f16274e10 Author: Darrick J. Wong Date: Fri Aug 30 15:37:05 2024 -0700 xfs: reduce excessive clamping of maxlen in xfs_rtallocate_extent_near The near rt allocator employs two allocation strategies -- first it tries to allocate at exactly @start. If that fails, it will pivot back and forth around that starting point looking for an appropriately sized free space. However, I clamped maxlen ages ago to prevent the exact allocation scan from running off the end of the rt volume. This, I realize, was excessive. If the allocation request is (say) for 32 rtx but the start position is 5 rtx from the end of the volume, we clamp maxlen to 5. If the exact allocation fails, we then pivot back and forth looking for 5 rtx, even though the original intent was to try to get 32 rtx. If we then find 5 rtx when we could have gotten 32 rtx, we've not done as well as we could have. This may be moot if the caller immediately comes back for more space, but it might not be. Either way, we can do better here. Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit 7996f10ce6cc6a9f4c49368209ab74631c765bbf Author: Christoph Hellwig Date: Fri Aug 30 15:36:57 2024 -0700 xfs: factor out a xfs_growfs_rt_bmblock helper Add a helper to contain the per-rtbitmap block logic in xfs_growfs_rt. Note that this helper now allocates a new fake mount structure for each rtbitmap block iteration instead of reusing the memory for an entire growfs call. Compared to all the other work done when freeing the blocks the overhead for this is in the noise and it keeps the code nicely modular. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit 0902819fe649343deeacd5b15a85cc9b0c7e3dd5 Author: Darrick J. Wong Date: Fri Aug 30 15:37:13 2024 -0700 xfs: add xchk_setup_nothing and xchk_nothing helpers Add common helpers for no-op scrubbing methods. Signed-off-by: Darrick J. Wong [hch: split from a larger patch] Signed-off-by: Christoph Hellwig Reviewed-by: Christoph Hellwig commit 62c3d2496808ab47714906e24eed67cfdf5735c7 Author: Darrick J. Wong Date: Fri Aug 30 15:37:05 2024 -0700 xfs: clean up xfs_rtallocate_extent_exact a bit Before we start doing more surgery on the rt allocator, let's clean up the exact allocator so that it doesn't change its arguments and uses the helper introduced in the previous patch. Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit c8e5a0bfe0086d4b99f95d98a946ebc9a56ecf20 Author: Christoph Hellwig Date: Fri Aug 30 15:36:56 2024 -0700 xfs: push the calls to xfs_rtallocate_range out to xfs_bmap_rtalloc Currently the various low-level RT allocator functions call into xfs_rtallocate_range directly, which ties them into the locking protocol for the RT bitmap. As these helpers already return the allocated range, lift the call to xfs_rtallocate_range into xfs_bmap_rtalloc so that it happens as high as possible in the stack, which will simplify future changes to the locking protocol. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit ec12f97f1b8a8fb6e922e10840e670734af58940 Author: Christoph Hellwig Date: Fri Aug 30 15:37:12 2024 -0700 xfs: make the rtalloc start hint a xfs_rtblock_t 0 is a valid start RT extent, and with pending changes it will become both more common and non-unique. Switch to pass a xfs_rtblock_t instead so that we can use NULLRTBLOCK to determine if a hint was set or not. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit e6a74dcf9bc3f14e4ad4c9c97a47e591a3f3b49f Author: Darrick J. Wong Date: Fri Aug 30 15:37:04 2024 -0700 xfs: refactor aligning bestlen to prod There are two places in xfs_rtalloc.c where we want to make sure that a count of rt extents is aligned with a particular prod(uct) factor. In one spot, we actually use rounddown(), albeit unnecessarily if prod < 2. In the other case, we open-code this rounding inefficiently by promoting the 32-bit length value to a 64-bit value and then performing a 64-bit division to figure out the subtraction. Refactor this into a single helper that uses the correct types and division method for the type, and skips the division entirely unless prod is large enough to make a difference. Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit 237130564ef3745ab4a8b5ba09da929befc761d9 Author: Christoph Hellwig Date: Fri Aug 30 15:36:55 2024 -0700 xfs: cleanup the calling convention for xfs_rtpick_extent xfs_rtpick_extent never returns an error. Do away with the error return and directly return the picked extent instead of doing that through a call by reference argument. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit b2dd85f4147604cd25e024f410c5d47620f9bec6 Author: Christoph Hellwig Date: Fri Aug 30 15:37:11 2024 -0700 xfs: factor out a xfs_rtallocate_align helper Split the code to calculate the aligned allocation request from xfs_bmap_rtalloc into a separate self-contained helper. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit e99aa0401eb4d3b0ce67cc8a9b98595958b0d038 Author: Darrick J. Wong Date: Fri Aug 30 15:37:03 2024 -0700 xfs: don't scan off the end of the rt volume in xfs_rtallocate_extent_block The loop conditional here is not quite correct because an rtbitmap block can represent rtextents beyond the end of the rt volume. There's no way that it makes sense to scan for free space beyond EOFS, so don't do it. This overrun has been present since v2.6.0. Also fix the type of bestlen, which was incorrectly converted. Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit b4781eea6872431840e53ffebb95a5614e6944b4 Author: Christoph Hellwig Date: Fri Aug 30 15:36:54 2024 -0700 xfs: add bounds checking to xfs_rt{bitmap,summary}_read_buf Add a corruption check for passing an invalid block number, which is a lot easier to understand than the xfs_bmapi_read failure later on. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit fd048a1bb391d0ad50144160c3a490b6b34e0755 Author: Christoph Hellwig Date: Fri Aug 30 15:37:10 2024 -0700 xfs: rework the rtalloc fallback handling xfs_rtallocate currently has two fallbacks, when an allocation fails: 1) drop the requested extent size alignment, if any, and retry 2) ignore the locality hint Oddly enough it does those in order, as trying a different location is more in line with what the user asked for, and does it in a very unstructured way. Lift the fallback to try to allocate without the locality hint into xfs_rtallocate to both perform them in a more sensible order and to clean up the code. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit cb59233e823727ed257a9b400037082718107c06 Author: Darrick J. Wong Date: Fri Aug 30 15:37:02 2024 -0700 xfs: don't return too-short extents from xfs_rtallocate_extent_block If xfs_rtallocate_extent_block is asked for a variable-sized allocation, it will try to return the best-sized free extent, which is apparently the largest one that it finds starting in this rtbitmap block. It will then trim the size of the extent as needed to align it with prod. However, it misses one thing -- rounding down the best-fit candidate to the required alignment could make the extent shorter than minlen. In the case where minlen > 1, we'd rather the caller relaxed its alignment requirements and tried again, as the allocator already supports that. Returning a too-short extent that causes xfs_bmapi_write to return ENOSR if there aren't enough nmaps to handle multiple new allocations, which can then cause filesystem shutdowns. I haven't seen this happen on any production systems, but then I don't think it's very common to set a per-file extent size hint on realtime files. I tripped it while working on the rtgroups feature and pounding on the realtime allocator enthusiastically. Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig commit 6d2db12d56a389b3e8efa236976f8dc3a8ae00f0 Author: Christoph Hellwig Date: Fri Aug 30 15:36:54 2024 -0700 xfs: assert a valid limit in xfs_rtfind_forw Protect against developers passing stupid limits when refactoring the RT code once again. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit a9f646af4307aca3e9006668264761949d5eb35c Author: Christoph Hellwig Date: Fri Aug 30 15:37:10 2024 -0700 xfs: factor out a xfs_rtallocate helper Split out a helper from xfs_rtallocate that performs the actual allocation. This keeps the scope of the xfs_rtalloc_args structure contained, and prepares for rtgroups support. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit 86a0264ef26e90214a5bd74c72fb6e3455403bcf Author: Christoph Hellwig Date: Fri Aug 30 15:37:01 2024 -0700 xfs: ensure rtx mask/shift are correct after growfs When growfs sets an extent size, it doesn't updated the m_rtxblklog and m_rtxblkmask values, which could lead to incorrect usage of them if they were set before and can't be used for the new extent size. Add a xfs_mount_sb_set_rextsize helper that updates the two fields, and also use it when calculating the new RT geometry instead of disabling the optimization there. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit 119c65e56bc131b466a7cd958a4089e286ce3c4b Author: Christoph Hellwig Date: Fri Aug 30 15:36:53 2024 -0700 xfs: remove the limit argument to xfs_rtfind_back All callers pass a 0 limit to xfs_rtfind_back, so remove the argument and hard code it. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit 1e21d1897f935815618d419c94e88452070ec8e5 Author: Christoph Hellwig Date: Fri Aug 30 15:37:09 2024 -0700 xfs: clean up the ISVALID macro in xfs_bmap_adjacent Turn the ISVALID macro defined and used inside in xfs_bmap_adjacent that relies on implict context into a proper inline function. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit a18a69bbec083093c3bfebaec13ce0b4c6b2af7e Author: Christoph Hellwig Date: Fri Aug 30 15:37:00 2024 -0700 xfs: use the recalculated transaction reservation in xfs_growfs_rt_bmblock After going great length to calculate the transaction reservation for the new geometry, we should also use it to allocate the transaction it was calculated for. Fixes: 578bd4ce7100 ("xfs: recompute growfsrtfree transaction reservation while growing rt volume") Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit 3cb30d5162292a30d34f7e4fa74c13388c4d74ad Author: Christoph Hellwig Date: Fri Aug 30 15:36:52 2024 -0700 xfs: make the RT rsum_cache mandatory Currently the RT mount code simply ignores an allocation failure for the rsum_cache. The code mostly works fine with it, but not having it leads to nasty corner cases in the growfs code that we don't really handle well. Switch to failing the mount if we can't allocate the memory, the file system would not exactly be useful in such a constrained environment to start with. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit 6529eef810e2ded0e540162273ee31a41314ec4e Author: Christoph Hellwig Date: Fri Aug 30 15:36:51 2024 -0700 xfs: factor out a xfs_validate_rt_geometry helper Split the RT geometry validation in the early mount code into a helper than can be reused by repair (from which this code was apparently originally stolen anyway). Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong [djwong: u64 return value for calc_rbmblocks] Signed-off-by: Darrick J. Wong commit 021d9c107e29a598e51fb66a54b22e5416125408 Author: Christoph Hellwig Date: Fri Aug 30 15:36:50 2024 -0700 xfs: remove xfs_validate_rtextents Replace xfs_validate_rtextents with an open coded check for 0 rtextents. The name for the function implies it does a lot more than a zero check, which is more obvious when open coded. Signed-off-by: Christoph Hellwig Reviewed-by: Darrick J. Wong Signed-off-by: Darrick J. Wong commit a14b929ba9b2ee57b57c1ebeaaeef2472ef152c4 Author: Otto Pflüger Date: Mon Jul 22 16:58:19 2024 +0200 drm/msm/adreno: Add A306A support Add support for Adreno 306A GPU what is found in MSM8917 SoC. This GPU marketing name is Adreno 308. Signed-off-by: Otto Pflüger [use internal name of the GPU, reword the commit message] Reviewed-by: Konrad Dybcio Signed-off-by: Barnabás Czémán Patchwork: https://patchwork.freedesktop.org/patch/605403/ Signed-off-by: Rob Clark commit dbfbb376b50c770f91263d8310e81573f9ad41db Author: Konrad Dybcio Date: Wed Aug 28 17:06:59 2024 +0200 drm/msm/a6xx: Add A621 support A621 is a clear A662 derivative (same lineage as A650), no explosions or sick features, other than a NoC bug which can stall the GPU.. Add support for it. Signed-off-by: Konrad Dybcio Patchwork: https://patchwork.freedesktop.org/patch/611100/ Signed-off-by: Rob Clark commit 40c297eb245b1c9179d0efe6cd777d1b1608e390 Author: Konrad Dybcio Date: Wed Aug 28 17:06:58 2024 +0200 drm/msm/a6xx: Set GMU CGC properties on a6xx too This was apparently never done before.. Program the expected values. This also gets rid of sneakily setting that register through the HWCG reg list on A690. Signed-off-by: Konrad Dybcio Patchwork: https://patchwork.freedesktop.org/patch/611098/ Signed-off-by: Rob Clark commit 51682bc4abf4b552a97a907a285c7dc55750421a Author: Konrad Dybcio Date: Wed Aug 28 17:06:57 2024 +0200 drm/msm/a6xx: Use the per-GPU value for gmu_cgc_mode This register's magic value differs wildly between different GPUs, use the hardcoded data instead of trying to make some logic out of it. Signed-off-by: Konrad Dybcio Patchwork: https://patchwork.freedesktop.org/patch/611096/ Signed-off-by: Rob Clark commit d50a8363c2f595bbd2411b8b5a5325f3fefe9871 Author: Konrad Dybcio Date: Wed Aug 28 17:06:56 2024 +0200 drm/msm/a6xx: Store correct gmu_cgc_mode in struct a6xx_info Store the correct values that we happen to have for some A7xx SKUs in the GPU info struct and fill out the missing information for A6xx GPUs based on downstream kernel information. Signed-off-by: Konrad Dybcio Patchwork: https://patchwork.freedesktop.org/patch/611094/ [add missing entry to a615 catalog to resolve conflict] Signed-off-by: Rob Clark commit 2bbb5fe3905500a895d7a593c1191be2fa1288d7 Author: Konrad Dybcio Date: Wed Aug 28 17:06:55 2024 +0200 drm/msm/a6xx: Store primFifoThreshold in struct a6xx_info The if-else monster is so unmaintainable that one case is repeated twice. Get rid of it. Signed-off-by: Konrad Dybcio Patchwork: https://patchwork.freedesktop.org/patch/611092/ [add missing entry to a615 catalog to resolve conflict] Signed-off-by: Rob Clark commit 1b3975efc1a923327577dbf77476688674fcffb7 Author: Konrad Dybcio Date: Fri Jul 19 12:03:26 2024 +0200 drm/msm/a6xx: Evaluate adreno_is_a650_family in pdc_in_aop check A650 family includes A660 family (they've got a big family), A650 itself, and some more A6XX_GEN3 SKUs, all of which should fall into the same branch of the if-condition. Simplify that. Signed-off-by: Konrad Dybcio Patchwork: https://patchwork.freedesktop.org/patch/605206/ Signed-off-by: Rob Clark commit a30f9f65b5ac82d4390548c32ed9c7f05de7ddf5 Author: Vladimir Lypak Date: Sun Sep 1 13:54:03 2024 +0000 drm/msm/a5xx: workaround early ring-buffer emptiness check There is another cause for soft lock-up of GPU in empty ring-buffer: race between GPU executing last commands and CPU checking ring for emptiness. On GPU side IRQ for retire is triggered by CACHE_FLUSH_TS event and RPTR shadow (which is used to check ring emptiness) is updated a bit later from CP_CONTEXT_SWITCH_YIELD. Thus if GPU is executing its last commands slow enough or we check that ring too fast we will miss a chance to trigger switch to lower priority ring because current ring isn't empty just yet. This can escalate to lock-up situation described in previous patch. To work-around this issue we keep track of last submit sequence number for each ring and compare it with one written to memptrs from GPU during execution of CACHE_FLUSH_TS event. Fixes: b1fc2839d2f9 ("drm/msm: Implement preemption for A5XX targets") Signed-off-by: Vladimir Lypak Patchwork: https://patchwork.freedesktop.org/patch/612047/ Signed-off-by: Rob Clark commit ce050f307ad93bcc5958d0dd35fc276fd394d274 Author: Vladimir Lypak Date: Sun Sep 1 13:54:02 2024 +0000 drm/msm/a5xx: fix races in preemption evaluation stage On A5XX GPUs when preemption is used it's invietable to enter a soft lock-up state in which GPU is stuck at empty ring-buffer doing nothing. This appears as full UI lockup and not detected as GPU hang (because it's not). This happens due to not triggering preemption when it was needed. Sometimes this state can be recovered by some new submit but generally it won't happen because applications are waiting for old submits to retire. One of the reasons why this happens is a race between a5xx_submit and a5xx_preempt_trigger called from IRQ during submit retire. Former thread updates ring->cur of previously empty and not current ring right after latter checks it for emptiness. Then both threads can just exit because for first one preempt_state wasn't NONE yet and for second one all rings appeared to be empty. To prevent such situations from happening we need to establish guarantee for preempt_trigger to make decision after each submit or retire. To implement this we serialize preemption initiation using spinlock. If switch is already in progress we need to re-trigger preemption when it finishes. Fixes: b1fc2839d2f9 ("drm/msm: Implement preemption for A5XX targets") Signed-off-by: Vladimir Lypak Patchwork: https://patchwork.freedesktop.org/patch/612045/ Signed-off-by: Rob Clark commit 64fd6d01a52904bdbda0ce810a45a428c995a4ca Author: Vladimir Lypak Date: Sun Sep 1 13:54:01 2024 +0000 drm/msm/a5xx: properly clear preemption records on resume Two fields of preempt_record which are used by CP aren't reset on resume: "data" and "info". This is the reason behind faults which happen when we try to switch to the ring that was active last before suspend. In addition those faults can't be recovered from because we use suspend and resume to do so (keeping values of those fields again). Fixes: b1fc2839d2f9 ("drm/msm: Implement preemption for A5XX targets") Signed-off-by: Vladimir Lypak Reviewed-by: Konrad Dybcio Patchwork: https://patchwork.freedesktop.org/patch/612043/ Signed-off-by: Rob Clark commit db9dec2db76146d65e1cfbb6afb2e2bd5dab67f8 Author: Vladimir Lypak Date: Sun Sep 1 13:54:00 2024 +0000 drm/msm/a5xx: disable preemption in submits by default Fine grain preemption (switching from/to points within submits) requires extra handling in command stream of those submits, especially when rendering with tiling (using GMEM). However this handling is missing at this point in mesa (and always was). For this reason we get random GPU faults and hangs if more than one priority level is used because local preemption is enabled prior to executing command stream from submit. With that said it was ahead of time to enable local preemption by default considering the fact that even on downstream kernel it is only enabled if requested via UAPI. Fixes: a7a4c19c36de ("drm/msm/a5xx: fix setting of the CP_PREEMPT_ENABLE_LOCAL register") Signed-off-by: Vladimir Lypak Patchwork: https://patchwork.freedesktop.org/patch/612041/ Signed-off-by: Rob Clark commit 16007768551d5bfe53426645401435ca8d2ef54f Author: Konrad Dybcio Date: Tue Jul 9 13:15:40 2024 +0200 drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs There are some cases, such as the one uncovered by Commit 46d4efcccc68 ("drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails") where msm_gpu_cleanup() : platform_set_drvdata(gpu->pdev, NULL); is called on gpu->pdev == NULL, as the GPU device has not been fully initialized yet. Turns out that there's more than just the aforementioned path that causes this to happen (e.g. the case when there's speedbin data in the catalog, but opp-supported-hw is missing in DT). Assigning msm_gpu->pdev earlier seems like the least painful solution to this, therefore do so. Signed-off-by: Konrad Dybcio Patchwork: https://patchwork.freedesktop.org/patch/602742/ Signed-off-by: Rob Clark commit c9f10f811cf707e7d7a33e9f7ff678aab9f85551 Author: NeilBrown Date: Mon Jul 15 17:14:16 2024 +1000 nfsd: move nfsd_pool_stats_open into nfsctl.c nfsd_pool_stats_open() is used in nfsctl.c, so move it there. Signed-off-by: NeilBrown Signed-off-by: Chuck Lever commit f2b27e1d72527f94f030b6356b3187576e60885b Author: NeilBrown Date: Mon Jul 15 17:14:15 2024 +1000 SUNRPC: make various functions static, or not exported. Various functions are only used within the sunrpc module, and several are only use in the one file. So clean up: These are marked static, and any EXPORT is removed. svc_rcpb_setup() svc_rqst_alloc() svc_rqst_free() - also moved before first use svc_rpcbind_set_version() svc_drop() - also moved to svc.c These are now not EXPORTed, but are not static. svc_authenticate() svc_sock_update_bufs() Signed-off-by: NeilBrown Signed-off-by: Chuck Lever commit 4ed9ef32606386efc562bada891d7baa16fc46b4 Author: NeilBrown Date: Mon Jul 15 17:14:14 2024 +1000 lockd: discard nlmsvc_timeout nlmsvc_timeout always has the same value as (nlm_timeout * HZ), so use that in the one place that nlmsvc_timeout is used. In truth it *might* not always be the same as nlmsvc_timeout is only set when lockd is started while nlm_timeout can be set at anytime via sysctl. I think this difference it not helpful so removing it is good. Also remove the test for nlm_timout being 0. This is not possible - unless a module parameter is used to set the minimum timeout to 0, and if that happens then it probably should be honoured. Signed-off-by: NeilBrown Signed-off-by: Chuck Lever commit 8203ab8a9dbe7b2a060fa6bdbfe2f28cb2f73172 Author: NeilBrown Date: Wed Jul 24 12:55:49 2024 +1000 nfsd: don't EXPORT_SYMBOL nfsd4_ssc_init_umount_work() nfsd4_ssc_init_umount_work() is only used in the nfsd module, so there is no need to EXPORT it. Signed-off-by: NeilBrown Signed-off-by: Chuck Lever commit cef48236dfe55fa266d505e8a497963a7bc5ef2a Author: Chen Hanxiao Date: Thu Jul 18 15:06:16 2024 +0800 NFS: trace: show TIMEDOUT instead of 0x6e __nfs_revalidate_inode may return ETIMEDOUT. print symbol of ETIMEDOUT in nfs trace: before: cat-5191 [005] 119.331127: nfs_revalidate_inode_exit: error=-110 (0x6e) after: cat-1738 [004] 44.365509: nfs_revalidate_inode_exit: error=-110 (TIMEDOUT) Signed-off-by: Chen Hanxiao Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit 4b84551a35e36bbed48850dc870191a13f0841fd Author: Youzhong Yang Date: Thu Jul 11 11:51:33 2024 -0400 nfsd: use system_unbound_wq for nfsd_file_gc_worker() After many rounds of changes in filecache.c, the fix by commit ce7df055(NFSD: Make the file_delayed_close workqueue UNBOUND) is gone, now we are getting syslog messages like these: [ 1618.186688] workqueue: nfsd_file_gc_worker [nfsd] hogged CPU for >13333us 4 times, consider switching to WQ_UNBOUND [ 1638.661616] workqueue: nfsd_file_gc_worker [nfsd] hogged CPU for >13333us 8 times, consider switching to WQ_UNBOUND [ 1665.284542] workqueue: nfsd_file_gc_worker [nfsd] hogged CPU for >13333us 16 times, consider switching to WQ_UNBOUND [ 1759.491342] workqueue: nfsd_file_gc_worker [nfsd] hogged CPU for >13333us 32 times, consider switching to WQ_UNBOUND [ 3013.012308] workqueue: nfsd_file_gc_worker [nfsd] hogged CPU for >13333us 64 times, consider switching to WQ_UNBOUND [ 3154.172827] workqueue: nfsd_file_gc_worker [nfsd] hogged CPU for >13333us 128 times, consider switching to WQ_UNBOUND [ 3422.461924] workqueue: nfsd_file_gc_worker [nfsd] hogged CPU for >13333us 256 times, consider switching to WQ_UNBOUND [ 3963.152054] workqueue: nfsd_file_gc_worker [nfsd] hogged CPU for >13333us 512 times, consider switching to WQ_UNBOUND Consider use system_unbound_wq instead of system_wq for nfsd_file_gc_worker(). Signed-off-by: Youzhong Yang Signed-off-by: Chuck Lever commit 700bb4ff912f954345286e065ff145753a1d5bbe Author: Jeff Layton Date: Wed Jul 10 09:05:33 2024 -0400 nfsd: count nfsd_file allocations We already count the frees (via nfsd_file_releases). Count the allocations as well. Also switch the direct call to nfsd_file_slab_free in nfsd_file_do_acquire to nfsd_file_free, so that the allocs and releases match up. Signed-off-by: Jeff Layton Signed-off-by: Chuck Lever commit 8a7926176378460e0d91e02b03f0ff20a8709a60 Author: Jeff Layton Date: Wed Jul 10 09:05:32 2024 -0400 nfsd: fix refcount leak when file is unhashed after being found If we wait_for_construction and find that the file is no longer hashed, and we're going to retry the open, the old nfsd_file reference is currently leaked. Put the reference before retrying. Fixes: c6593366c0bf ("nfsd: don't kill nfsd_files because of lease break error") Signed-off-by: Jeff Layton Tested-by: Youzhong Yang Signed-off-by: Chuck Lever commit 81a95c2b1d605743220f28db04b8da13a65c4059 Author: Jeff Layton Date: Thu Jul 11 15:11:13 2024 -0400 nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire Given that we do the search and insertion while holding the i_lock, I don't think it's possible for us to get EEXIST here. Remove this case. Fixes: c6593366c0bf ("nfsd: don't kill nfsd_files because of lease break error") Signed-off-by: Jeff Layton Tested-by: Youzhong Yang Signed-off-by: Chuck Lever commit 8e6e2ffa6569a205f1805cbaeca143b556581da6 Author: Youzhong Yang Date: Wed Jul 10 10:40:35 2024 -0400 nfsd: add list_head nf_gc to struct nfsd_file nfsd_file_put() in one thread can race with another thread doing garbage collection (running nfsd_file_gc() -> list_lru_walk() -> nfsd_file_lru_cb()): * In nfsd_file_put(), nf->nf_ref is 1, so it tries to do nfsd_file_lru_add(). * nfsd_file_lru_add() returns true (with NFSD_FILE_REFERENCED bit set) * garbage collector kicks in, nfsd_file_lru_cb() clears REFERENCED bit and returns LRU_ROTATE. * garbage collector kicks in again, nfsd_file_lru_cb() now decrements nf->nf_ref to 0, runs nfsd_file_unhash(), removes it from the LRU and adds to the dispose list [list_lru_isolate_move(lru, &nf->nf_lru, head)] * nfsd_file_put() detects NFSD_FILE_HASHED bit is cleared, so it tries to remove the 'nf' from the LRU [if (!nfsd_file_lru_remove(nf))]. The 'nf' has been added to the 'dispose' list by nfsd_file_lru_cb(), so nfsd_file_lru_remove(nf) simply treats it as part of the LRU and removes it, which leads to its removal from the 'dispose' list. * At this moment, 'nf' is unhashed with its nf_ref being 0, and not on the LRU. nfsd_file_put() continues its execution [if (refcount_dec_and_test(&nf->nf_ref))], as nf->nf_ref is already 0, nf->nf_ref is set to REFCOUNT_SATURATED, and the 'nf' gets no chance of being freed. nfsd_file_put() can also race with nfsd_file_cond_queue(): * In nfsd_file_put(), nf->nf_ref is 1, so it tries to do nfsd_file_lru_add(). * nfsd_file_lru_add() sets REFERENCED bit and returns true. * Some userland application runs 'exportfs -f' or something like that, which triggers __nfsd_file_cache_purge() -> nfsd_file_cond_queue(). * In nfsd_file_cond_queue(), it runs [if (!nfsd_file_unhash(nf))], unhash is done successfully. * nfsd_file_cond_queue() runs [if (!nfsd_file_get(nf))], now nf->nf_ref goes to 2. * nfsd_file_cond_queue() runs [if (nfsd_file_lru_remove(nf))], it succeeds. * nfsd_file_cond_queue() runs [if (refcount_sub_and_test(decrement, &nf->nf_ref))] (with "decrement" being 2), so the nf->nf_ref goes to 0, the 'nf' is added to the dispose list [list_add(&nf->nf_lru, dispose)] * nfsd_file_put() detects NFSD_FILE_HASHED bit is cleared, so it tries to remove the 'nf' from the LRU [if (!nfsd_file_lru_remove(nf))], although the 'nf' is not in the LRU, but it is linked in the 'dispose' list, nfsd_file_lru_remove() simply treats it as part of the LRU and removes it. This leads to its removal from the 'dispose' list! * Now nf->ref is 0, unhashed. nfsd_file_put() continues its execution and set nf->nf_ref to REFCOUNT_SATURATED. As shown in the above analysis, using nf_lru for both the LRU list and dispose list can cause the leaks. This patch adds a new list_head nf_gc in struct nfsd_file, and uses it for the dispose list. This does not fix the nfsd_file leaking issue completely. Signed-off-by: Youzhong Yang Reviewed-by: Jeff Layton Signed-off-by: Chuck Lever commit 43b42ed438bfff6bb5a51cc27a1658c03cd223fd Author: Takashi Iwai Date: Sun Sep 1 15:45:12 2024 +0200 ALSA: pcm: Fix the previous conversion to kstrtoul() The previous replacement from simple_strtoul() to kstrtoul() forgot that the passed pointer must be an unsigned long int pointer, while the value used there is a sized_t pointer. Fix it. Fixes: 61bc4deff033 ("ALSA: pcm: replace simple_strtoul to kstrtoul") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202409010425.YPS7cWeJ-lkp@intel.com/ Link: https://patch.msgid.link/20240901134524.27107-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 87af9388b4e0c2ce94275ab4bef7227550b30df3 Author: Masahiro Yamada Date: Sun Aug 18 17:37:29 2024 +0900 kbuild: remove *.symversions left-over Commit 5ce2176b81f7 ("genksyms: adjust the output format to modpost") stopped generating *.symversions files. Remove the left-over from the .gitignore file and the 'clean' rule. Signed-off-by: Masahiro Yamada Reviewed-by: Nathan Chancellor commit 4079fe8e7b2b42b278e77dae7cb9d95e62c415a2 Author: Masahiro Yamada Date: Fri Aug 16 22:44:29 2024 +0900 modpost: simplify modpost_log() With commit cda5f94e88b4 ("modpost: avoid using the alias attribute"), only two log levels remain: LOG_WARN and LOG_ERROR. Simplify this by making it a boolean variable. Signed-off-by: Masahiro Yamada Reviewed-by: Nathan Chancellor commit 5b000f3cbb38c23992ee95fcd3e983ca66164eff Author: Masahiro Yamada Date: Fri Aug 16 23:18:15 2024 +0900 kbuild: pacman-pkg: do not override objtree objtree is defined and exported by the top-level Makefile. I prefer not to override it. There is no need to pass the absolute path of objtree. PKGBUILD can detect it by itself. Signed-off-by: Masahiro Yamada Acked-by:  Thomas Weißschuh Reviewed-by: Nathan Chancellor Reviewed-by: Christian Heusel commit b6223c2de6b0cade1e1d37490b304cb5df8d45d9 Author: Masahiro Yamada Date: Fri Aug 16 23:18:14 2024 +0900 kbuild: pacman-pkg: move common commands to a separate function All build and package functions share the following commands: export MAKEFLAGS="${KBUILD_MAKEFLAGS}" cd "${objtree}" Factor out the common code. Signed-off-by: Masahiro Yamada Acked-by:  Thomas Weißschuh Reviewed-by: Nathan Chancellor Reviewed-by: Christian Heusel commit e6b65ee10588a552d04d488ebeac24bba20747a8 Author: Jose Fernandez Date: Mon Aug 12 19:16:19 2024 -0600 kbuild: control extra pacman packages with PACMAN_EXTRAPACKAGES Introduce the PACMAN_EXTRAPACKAGES variable in PKGBUILD to allow users to specify which additional packages are built by the pacman-pkg target. Previously, the api-headers package was always included, and the headers package was included only if CONFIG_MODULES=y. With this change, both headers and api-headers packages are included by default. Users can now control this behavior by setting PACMAN_EXTRAPACKAGES to a space-separated list of desired extra packages or leaving it empty to exclude all. For example, to build only the base package without extras: make pacman-pkg PACMAN_EXTRAPACKAGES="" Signed-off-by: Jose Fernandez Reviewed-by: Peter Jung Reviewed-by: Nathan Chancellor Tested-by: Nathan Chancellor Reviewed-by: Christian Heusel Tested-by: Christian Heusel Acked-by: Thomas Weißschuh Signed-off-by: Masahiro Yamada commit 7a7f974594cd5d6723242cb8c018b59db16fe27b Author: Masahiro Yamada Date: Tue Aug 13 01:54:51 2024 +0900 modpost: improve the section mismatch warning format This commit improves the section mismatch warning format when there is no suitable symbol name to print. The section mismatch warning prints the reference source in the form of + and the reference destination in the form of . However, there are some corner cases where becomes "(unknown)", as reported in commit 23dfd914d2bf ("modpost: fix null pointer dereference"). In such cases, it is better to print the symbol address. Signed-off-by: Masahiro Yamada commit a46078d651819c988d36379e8df68cb866eae747 Author: Masahiro Yamada Date: Mon Aug 12 21:48:53 2024 +0900 fixdep: use xmalloc() When malloc() fails, there is not much userspace programs can do. xmalloc() is useful to bail out on a memory allocation failure. Signed-off-by: Masahiro Yamada commit aeaa4283a309520c22a783071f554645943955d8 Author: Masahiro Yamada Date: Mon Aug 12 21:48:52 2024 +0900 kallsyms: use xmalloc() and xrealloc() When malloc() or realloc() fails, there is not much userspace programs can do. xmalloc() and xrealloc() are useful to bail out on a memory allocation failure. Signed-off-by: Masahiro Yamada commit 4c2598e3b62102d5ea7f618e13d996b069cde27d Author: Masahiro Yamada Date: Mon Aug 12 21:48:51 2024 +0900 modpost: replace the use of NOFAIL() with xmalloc() etc. I think x*alloc() functions are cleaner. Signed-off-by: Masahiro Yamada commit a9d83d74783b00f9189c14180f77bbed133b092c Author: Masahiro Yamada Date: Mon Aug 12 21:48:50 2024 +0900 kbuild: split x*alloc() functions in kconfig to scripts/include/xalloc.h These functions will be useful for other host programs. Signed-off-by: Masahiro Yamada commit 96490176f1e11947be2bdd2700075275e2c27310 Author: Masahiro Yamada Date: Mon Aug 12 20:49:47 2024 +0900 kconfig: remove P_SYMBOL property P_SYMBOL is a pseudo property that was previously used for data linking purposes. It is no longer used except for debug prints. Remove it. Signed-off-by: Masahiro Yamada commit 5e6cc7e3f2965fc3df901416336f6bf985a363da Author: Masahiro Yamada Date: Mon Aug 12 20:49:46 2024 +0900 kconfig: stop adding P_SYMBOL property to symbols I believe its last usage was in the following code: if (prop == NULL) prop = stack->sym->prop; This code was previously used to print the file name and line number of associated symbols in sym_check_print_recursive(), which was removed by commit 9d0d26604657 ("kconfig: recursive checks drop file/lineno"). Signed-off-by: Masahiro Yamada commit dc73a57aeaaabe148c69c16b388771f891a996a2 Author: Masahiro Yamada Date: Mon Aug 12 20:49:45 2024 +0900 kconfig: remove dummy assignments to cur_{filename,lineno} Since commit ca4c74ba306e ("kconfig: remove P_CHOICE property"), menu_finalize() no longer calls menu_add_symbol(). No function references cur_filename or cur_lineno after yyparse(). Signed-off-by: Masahiro Yamada commit 2893f00322922b2adce07fd6d0db37d6b8e30977 Author: Masahiro Yamada Date: Mon Aug 12 19:01:47 2024 +0900 tinyconfig: remove unnecessary 'is not set' for choice blocks This reverts the following commits: - 236dec051078 ("kconfig: tinyconfig: provide whole choice blocks to avoid warnings") - b0f269728ccd ("x86/config: Fix warning for 'make ARCH=x86_64 tinyconfig'") Since commit f79dc03fe68c ("kconfig: refactor choice value calculation"), it is no longer necessary to disable the remaining options in choice blocks. Signed-off-by: Masahiro Yamada Acked-by: Thomas Gleixner commit 0c4beffbfe3fcd711b5d9268e7c7d63d4c1cc964 Author: Masahiro Yamada Date: Sun Aug 4 12:33:07 2024 +0900 kbuild: modinst: remove the multithread option from zstd compression Parallel execution is supported by GNU Make: $ make -j modules_install It is questionable to enable multithreading within each zstd process by default. If you still want to do it, you can use the environment variable: $ ZSTD_NBTHREADS= make modules_install Signed-off-by: Masahiro Yamada Reviewed-by: Nicolas Schier Tested-by: Sedat Dilek commit 76be4f5a784533c71afbbb1b8f2963ef9e2ee258 Author: Laurent Pinchart Date: Mon Jul 29 18:57:38 2024 +0300 Remove *.orig pattern from .gitignore Commit 3f1b0e1f2875 (".gitignore update") added *.orig and *.rej patterns to .gitignore in v2.6.23. The commit message didn't give a rationale. Later on, commit 1f5d3a6b6532 ("Remove *.rej pattern from .gitignore") removed the *.rej pattern in v2.6.26, on the rationale that *.rej files indicated something went really wrong and should not be ignored. The *.rej files are now shown by `git status`, which helps located conflicts when applying patches and lowers the probability that they will go unnoticed. It is however still easy to overlook the *.orig files which slowly polute the source tree. That's not as big of a deal as not noticing a conflict, but it's still not nice. Drop the *.orig pattern from .gitignore to avoid this and help keep the source tree clean. Signed-off-by: Laurent Pinchart [masahiroy@kernel.org: I do not have a strong opinion about this. Perhaps some people may have a different opinion. If you are someone who wants to ignore *.orig, it is likely you would want to do so across all projects. Then, $XDG_CONFIG_HOME/git/ignore would be more suitable for your needs. gitignore(5) suggests, "Patterns which a user wants Git to ignore in all situations generally go into a file specified by core.excludesFile in the user's ~/.gitconfig". Please note that you cannot do the opposite; if *.orig is ignored by the project's .gitignore, you cannot override the decision because $XDG_CONFIG_HOME/git/ignore has a lower priority. If *.orig is sitting on the fence, I'd leave it to the users. ] Signed-off-by: Masahiro Yamada commit f1d87664b82aeeaa1be9ee22dc85a59fd5a60d63 Author: Masahiro Yamada Date: Sat Jul 27 16:42:04 2024 +0900 kbuild: cross-compile linux-headers package when possible A long standing issue in the upstream kernel packaging is that the linux-headers package is not cross-compiled. For example, you can cross-build Debian packages for arm64 by running the following command: $ make ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- bindeb-pkg However, the generated linux-headers-*_arm64.deb is useless because the host programs in it were built for your build machine architecture (likely x86), not arm64. The Debian kernel maintains its own Makefiles to cross-compile host tools without relying on Kbuild. [1] Instead of adding such full custom Makefiles, this commit adds a small piece of code to cross-compile host programs located under the scripts/ directory. A straightforward solution is to pass HOSTCC=${CROSS_COMPILE}gcc, but it would also cross-compile scripts/basic/fixdep, which needs to be native to process the if_changed_dep macro. (This approach may work under some circumstances; you can execute foreign architecture programs with the help of binfmt_misc because Debian systems enable CONFIG_BINFMT_MISC, but it would require installing QEMU and libc for that architecture.) A trick is to use the external module build (KBUILD_EXTMOD=), which does not rebuild scripts/basic/fixdep. ${CC} needs to be able to link userspace programs (CONFIG_CC_CAN_LINK=y). There are known limitations: - GCC plugins It would possible to rebuild GCC plugins for the target architecture by passing HOSTCXX=${CROSS_COMPILE}g++ with necessary packages installed, but gcc on the installed system emits "cc1: error: incompatible gcc/plugin versions". - objtool and resolve_btfids These are built by the tools build system. They are not covered by the current solution. The resulting linux-headers package is broken if CONFIG_OBJTOOL or CONFIG_DEBUG_INFO_BTF is enabled. I only tested this with Debian, but it should work for other package systems as well. [1]: https://salsa.debian.org/kernel-team/linux/-/blob/debian/6.9.9-1/debian/rules.real#L586 Signed-off-by: Masahiro Yamada Reviewed-by: Nicolas Schier commit aaed5c7739be81ebdd6008aedc8befd98c88e67a Author: Masahiro Yamada Date: Sat Jul 27 16:42:03 2024 +0900 kbuild: slim down package for building external modules Exclude directories and files unnecessary for building external modules: - include/config/ (except include/config/{auto.conf,kernel.release}) - scripts/atomic/ - scripts/dtc/ - scripts/kconfig/ - scripts/mod/mk_elfconfig - scripts/package/ - scripts/unifdef - .config - *.o - .*.cmd Avoid copying files twice for the following directories: - include/generated/ - arch/*/include/generated/ Signed-off-by: Masahiro Yamada Reviewed-by: Nicolas Schier commit a660deb0f1f62214439640292cd7726f6ed8023d Author: Masahiro Yamada Date: Sat Jul 27 16:42:02 2024 +0900 modpost: detect endianness on run-time Endianness is currently detected on compile-time, but we can defer this until run-time. This change avoids re-executing scripts/mod/mk_elfconfig even if modpost in the linux-headers package needs to be rebuilt for a foreign architecture. Signed-off-by: Masahiro Yamada Reviewed-by: Nicolas Schier commit 4f32f799a950c7fffa17971177be42c79d74b69f Author: Masahiro Yamada Date: Sat Jul 27 16:42:01 2024 +0900 modpost: remove unused HOST_ELFCLASS HOST_ELFCLASS is output to elfconfig.h, but it is not used in modpost. Signed-off-by: Masahiro Yamada Reviewed-by: Nicolas Schier commit b0d9c74d8865361eb214d066e8620e13ace14ba1 Author: Krzysztof Kozlowski Date: Wed Aug 28 11:56:38 2024 +0200 ARM: dts: imx7d-sdb: align pin config nodes with bindings Bindings expect pin configuration nodes in pinctrl to match certain naming and not be part of another fake node: imx7d-sdb-sht11.dtb: pinctrl@30330000: 'imx7d-sdb' does not match any of the regexes: 'grp$', 'pinctrl-[0-9]+' Drop the "imx7d-sdb" wrapping node and adjust the names to have "grp" prefix. Diff looks big but this should have no functional impact. Signed-off-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit d6d6642bfc8861fb56c04e8915a83d0648259ada Author: Krzysztof Kozlowski Date: Wed Aug 28 11:56:37 2024 +0200 ARM: dts: imx7: align pin config nodes with bindings Bindings expect pin configuration nodes in pinctrl to match certain naming: imx7s-colibri-eval-v3.dtb: pinctrl@30330000: 'lvdstx' does not match any of the regexes: 'grp$', 'pinctrl-[0-9]+' imx7s-warp.dtb: pinctrl@30330000: 'usdhc3grp_100mhz', 'usdhc3grp_200mhz' do not match any of the regexes: 'grp$', 'pinctrl-[0-9]+' Signed-off-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit 0e49cfe364dea4345551516eb2fe53135a10432b Author: Krzysztof Kozlowski Date: Wed Aug 28 11:56:36 2024 +0200 ARM: dts: imx7d-zii-rmu2: fix Ethernet PHY pinctrl property There is no "fsl,phy" property in pin controller pincfg nodes: imx7d-zii-rmu2.dtb: pinctrl@302c0000: enet1phyinterruptgrp: 'fsl,pins' is a required property imx7d-zii-rmu2.dtb: pinctrl@302c0000: enet1phyinterruptgrp: 'fsl,phy' does not match any of the regexes: 'pinctrl-[0-9]+' Fixes: f496e6750083 ("ARM: dts: Add ZII support for ZII i.MX7 RMU2 board") Signed-off-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit 7f66e5271706484b0ef127f070af737b0ce67585 Author: Liu Ying Date: Tue Aug 27 14:47:17 2024 +0800 arm64: defconfig: Enable ADP5585 GPIO and PWM drivers ADP5585 is found on i.MX93 11x11 EVK base board as a GPIO expander and a PWM controller. Build ADP5585 GPIO and PWM drivers as modules. While at it, build ADP5585 MFD driver as a module because the GPIO and PWM drivers depend on it. Signed-off-by: Liu Ying Reviewed-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit 2ea2113b3dacf9cf616488f875f32584dad53ff8 Author: Wu Bo Date: Mon Aug 26 21:23:48 2024 -0600 bus: imx-weim: change to use devm_clk_get_enabled() helper Make the code cleaner and avoid call clk_disable_unprepare() Signed-off-by: Wu Bo Signed-off-by: Shawn Guo commit ce6697a613c523b4e2e1d4228c0a81facc080076 Author: Wu Bo Date: Mon Aug 26 21:23:47 2024 -0600 bus: imx-weim: support compile test Add COMPILE_TEST to support code compile test Signed-off-by: Wu Bo Signed-off-by: Shawn Guo commit 10ba0854c5e6165b58e17bda5fb671e729fecf9e Author: Prudhvi Yarlagadda Date: Wed Aug 14 15:03:38 2024 -0700 PCI: qcom: Disable mirroring of DBI and iATU register space in BAR region PARF hardware block which is a wrapper on top of DWC PCIe controller mirrors the DBI and ATU register space. It uses PARF_SLV_ADDR_SPACE_SIZE register to get the size of the memory block to be mirrored and uses PARF_DBI_BASE_ADDR, PARF_ATU_BASE_ADDR registers to determine the base address of DBI and ATU space inside the memory block that is being mirrored. When a memory region which is located above the SLV_ADDR_SPACE_SIZE boundary is used for BAR region then there could be an overlap of DBI and ATU address space that is getting mirrored and the BAR region. This results in DBI and ATU address space contents getting updated when a PCIe function driver tries updating the BAR/MMIO memory region. Reference memory map of the PCIe memory region with DBI and ATU address space overlapping BAR region is as below. |---------------| | | | | ------- --------|---------------| | | |---------------| | | | DBI | | | |---------------|---->DBI_BASE_ADDR | | | | | | | | | PCIe | |---->2*SLV_ADDR_SPACE_SIZE | BAR/MMIO|---------------| | Region | ATU | | | |---------------|---->ATU_BASE_ADDR | | | | PCIe | |---------------| Memory | | DBI | Region | |---------------|---->DBI_BASE_ADDR | | | | | --------| | | | |---->SLV_ADDR_SPACE_SIZE | |---------------| | | ATU | | |---------------|---->ATU_BASE_ADDR | | | | |---------------| | | DBI | | |---------------|---->DBI_BASE_ADDR | | | | | | ----------------|---------------| | | | | | | |---------------| Currently memory region beyond the SLV_ADDR_SPACE_SIZE boundary is not used for BAR region which is why the above mentioned issue is not encountered. This issue is discovered as part of internal testing when we tried moving the BAR region beyond the SLV_ADDR_SPACE_SIZE boundary. Hence we are trying to fix this. As PARF hardware block mirrors DBI and ATU register space after every PARF_SLV_ADDR_SPACE_SIZE (default 0x1000000) boundary multiple, program maximum possible size to this register by writing 0x80000000 to it(it considers only powers of 2 as values) to avoid mirroring DBI and ATU to BAR/MMIO region. Write the physical base address of DBI and ATU register blocks to PARF_DBI_BASE_ADDR (default 0x0) and PARF_ATU_BASE_ADDR (default 0x1000) respectively to make sure DBI and ATU blocks are at expected memory locations. The register offsets PARF_DBI_BASE_ADDR_V2, PARF_SLV_ADDR_SPACE_SIZE_V2 and PARF_ATU_BASE_ADDR are applicable for platforms that use Qcom IP rev 1.9.0, 2.7.0 and 2.9.0. PARF_DBI_BASE_ADDR_V2 and PARF_SLV_ADDR_SPACE_SIZE_V2 are applicable for Qcom IP rev 2.3.3. PARF_DBI_BASE_ADDR and PARF_SLV_ADDR_SPACE_SIZE are applicable for Qcom IP rev 1.0.0, 2.3.2 and 2.4.0. Update init()/post_init() functions of the respective Qcom IP versions to program applicable PARF_DBI_BASE_ADDR, PARF_SLV_ADDR_SPACE_SIZE and PARF_ATU_BASE_ADDR register offsets. Update the SLV_ADDR_SPACE_SZ macro to 0x80000000 to set highest bit in PARF_SLV_ADDR_SPACE_SIZE register. Cache DBI and iATU physical addresses in 'struct dw_pcie' so that pcie_qcom.c driver can program these addresses in the PARF_DBI_BASE_ADDR and PARF_ATU_BASE_ADDR registers. Suggested-by: Manivannan Sadhasivam Link: https://lore.kernel.org/linux-pci/20240814220338.1969668-1-quic_pyarlaga@quicinc.com Signed-off-by: Prudhvi Yarlagadda Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam Reviewed-by: Mayank Rana commit 4581403f67929d02c197cb187c4e1e811c9e762a Author: Manivannan Sadhasivam Date: Wed Aug 28 21:16:21 2024 +0530 PCI: qcom: Enumerate endpoints based on Link up event in 'global_irq' interrupt Historically, Qcom PCIe RC controllers lacked standard hotplug support. So when an endpoint is attached to the SoC, users have to rescan the bus manually to enumerate the device. But this can be avoided by using the Link up event exposed by the Qcom specific 'global_irq' interrupt. Qcom PCIe RC controllers are capable of generating the 'global' SPI interrupt to the host CPUs. The device driver can use this interrupt to identify events such as PCIe link specific events, safety events etc... One such event is the PCIe Link up event generated when an endpoint is detected on the bus and the Link is 'up'. This event can be used to enumerate the PCIe endpoint devices without user intervention. So add support for capturing the PCIe Link up event using the 'global' interrupt in the driver. Once the Link up event is received, the bus underneath the host bridge is scanned to enumerate PCIe endpoint devices. All of the Qcom SoCs have only one Root Port per controller instance. So only a single 'Link up' event is generated for the PCIe controller. Link: https://lore.kernel.org/linux-pci/20240828-pci-qcom-hotplug-v4-11-263a385fbbcb@linaro.org Signed-off-by: Manivannan Sadhasivam Signed-off-by: Krzysztof Wilczyński Reviewed-by: Konrad Dybcio commit 6efd853303a5eea90a21a1ec496005317b6cc2e3 Author: Manivannan Sadhasivam Date: Wed Aug 28 21:16:20 2024 +0530 dt-bindings: PCI: qcom,pcie-sm8450: Add 'global' interrupt Qcom PCIe RC controllers are capable of generating 'global' SPI interrupt to the host CPU. This interrupt can be used by the device driver to identify events such as PCIe link specific events, safety events, etc... Hence, document it in the binding along with the existing MSI interrupts. Though adding a new interrupt will break the ABI, it is required to accurately describe the hardware. Link: https://lore.kernel.org/linux-pci/20240828-pci-qcom-hotplug-v4-10-263a385fbbcb@linaro.org Signed-off-by: Manivannan Sadhasivam Signed-off-by: Krzysztof Wilczyński Reviewed-by: Rob Herring (Arm) commit bba1251edf8501f85304b7d65ae2aac309f2d0a1 Author: Manivannan Sadhasivam Date: Wed Aug 28 21:16:16 2024 +0530 PCI: qcom-ep: Modify 'global_irq' and 'perst_irq' IRQ device names Currently, the IRQ device name for both of these IRQs doesn't have Qcom specific prefix and PCIe domain number. This causes 2 issues: 1. Pollutes the global IRQ namespace since 'global' is a common name. 2. When more than one EP controller instance is present in the SoC, naming conflict will occur. Hence, add 'qcom_pcie_ep_' prefix and PCIe domain number suffix to the IRQ names to uniquely identify the IRQs and also to fix the above mentioned issues. Link: https://lore.kernel.org/linux-pci/20240828-pci-qcom-hotplug-v4-6-263a385fbbcb@linaro.org Signed-off-by: Manivannan Sadhasivam Signed-off-by: Krzysztof Wilczyński Reviewed-by: Konrad Dybcio commit 0328947c50324cf4b2d8b181bf948edb8101f59f Author: Manivannan Sadhasivam Date: Wed Aug 28 21:16:15 2024 +0530 PCI: endpoint: Assign PCI domain number for endpoint controllers Right now, PCI endpoint subsystem doesn't assign PCI domain number for the PCI endpoint controllers. But this domain number could be useful to the EPC drivers to uniquely identify each controller based on the hardware instance when there are multiple ones present in an SoC (even multiple RC/EP). So let's make use of the existing pci_bus_find_domain_nr() API to allocate domain numbers based on either devicetree (linux,pci-domain) property or dynamic domain number allocation scheme. It should be noted that the domain number allocated by this API will be based on both RC and EP controllers in a SoC. If the 'linux,pci-domain' DT property is present, then the domain number represents the actual hardware instance of the PCI endpoint controller. If not, then the domain number will be allocated based on the PCI EP/RC controller probe order. If the architecture doesn't support CONFIG_PCI_DOMAINS_GENERIC (rare), then currently a warning is thrown to indicate that the architecture specific implementation is needed. Link: https://lore.kernel.org/linux-pci/20240828-pci-qcom-hotplug-v4-5-263a385fbbcb@linaro.org Signed-off-by: Manivannan Sadhasivam Signed-off-by: Krzysztof Wilczyński Reviewed-by: Frank Li commit ada94d00620a1a5b52ddf41bbbe3b767a10bc2ea Author: Manivannan Sadhasivam Date: Wed Aug 28 21:16:14 2024 +0530 dt-bindings: PCI: pci-ep: Document 'linux,pci-domain' property 'linux,pci-domain' property provides the PCI domain number for the PCI endpoint controllers in a SoC. If this property is not present, then an unstable (across boots) unique number will be assigned. Devicetrees can specify the domain number based on the actual hardware instance of the PCI endpoint controllers in the SoC. Link: https://lore.kernel.org/linux-pci/20240828-pci-qcom-hotplug-v4-4-263a385fbbcb@linaro.org Signed-off-by: Manivannan Sadhasivam Signed-off-by: Krzysztof Wilczyński Reviewed-by: Rob Herring (Arm) commit 99244b999deca227a4c035f93a06d94fe7921a80 Author: Manivannan Sadhasivam Date: Wed Aug 28 21:16:13 2024 +0530 dt-bindings: PCI: pci-ep: Update Maintainers Kishon's TI email ID is not active anymore, so use his kernel.org ID. Also, since I've been maintaining the PCI endpoint framework, I'm willing to maintain the DT binding as well. So add myself as the co-maintainer. Link: https://lore.kernel.org/linux-pci/20240828-pci-qcom-hotplug-v4-3-263a385fbbcb@linaro.org Signed-off-by: Manivannan Sadhasivam [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Frank Li Acked-by: Rob Herring (Arm) commit 95bebcbd657cf8eb86025a2b20961e43d2e433f5 Author: Manivannan Sadhasivam Date: Wed Aug 28 21:16:12 2024 +0530 PCI: qcom-ep: Reword the error message for receiving unknown global IRQ event Current error message just prints the contents of PARF_INT_ALL_STATUS register as if like the IRQ event number. It could mislead the users. Reword it to make it clear that the error message is actually showing the interrupt status register to help debug spurious IRQ events. While at it, let's also switch over to dev_WARN_ONCE() so that any IRQ storm won't flood the kernel log buffer. Link: https://lore.kernel.org/linux-pci/20240828-pci-qcom-hotplug-v4-2-263a385fbbcb@linaro.org Signed-off-by: Manivannan Sadhasivam Signed-off-by: Krzysztof Wilczyński Reviewed-by: Konrad Dybcio commit 3858e8a5ea719411d6682e2218c41eff27092463 Author: Manivannan Sadhasivam Date: Wed Aug 28 21:16:11 2024 +0530 PCI: qcom-ep: Drop the redundant masking of global IRQ events Once the events are disabled in PARF_INT_ALL_MASK register, only the enabled events will generate global IRQ. So there is no need to do the masking again in the IRQ handler, drop it. If there are any spurious IRQs getting generated, they will be reported using the existing dev_err() in the handler. Link: https://lore.kernel.org/linux-pci/20240828-pci-qcom-hotplug-v4-1-263a385fbbcb@linaro.org Signed-off-by: Manivannan Sadhasivam Signed-off-by: Krzysztof Wilczyński Reviewed-by: Konrad Dybcio commit 6c8c4d077f156cf64b16acd2a084a1a78f0a0dd4 Author: Krzysztof Kozlowski Date: Sun Aug 25 10:49:46 2024 +0200 MAINTAINERS: correct TQ Systems DTS patterns Fix file patterns for TQ systems DTS after re-organizing the ARM DTS structure to fix get_maintainers.pl self-tests like: ./MAINTAINERS:23329: warning: no file matches F: arch/arm/boot/dts/imx*mba*.dts* Fixes: 724ba6751532 ("ARM: dts: Move .dts files to vendor sub-directories") Signed-off-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit 1ec2362084a013df4d78cbfd3228e8c254a67cac Author: Nathan Chancellor Date: Thu Aug 22 17:05:17 2024 -0700 ARM: imx: Annotate imx7d_enet_init() as __init After a recent LLVM change [1] that deduces __cold on functions that only call cold code (such as __init functions), there is a section mismatch warning from imx7d_enet_init(), which got moved to .text.unlikely. as a result of that optimization: WARNING: modpost: vmlinux: section mismatch in reference: imx7d_enet_init+0x20 (section: .text.unlikely.) -> imx7d_enet_clk_sel (section: .init.text) Drop the inline keyword (which does not guarantee inlining) and replace it with __init, as imx7d_enet_init() is only called from __init code, which clears up the warning. Link: https://github.com/llvm/llvm-project/commit/6b11573b8c5e3d36beee099dbe7347c2a007bf53 [1] Signed-off-by: Nathan Chancellor Reviewed-by: Peng Fan Signed-off-by: Shawn Guo commit dac973838b0a37d32141c50cf3882b5ff0e42543 Author: Linus Walleij Date: Fri Aug 30 15:52:29 2024 -0700 Input: zinitix - varying icon status registers The different revisions of the Zinitix BTXXX touchscreens place the icon status register (to read out touchkey status) in different places. Use the chip revision bits to discern between the different versions at runtime. This makes touchkeys work on the BT404 on the Samsung Codina GT-I8160 mobile phone. Signed-off-by: Linus Walleij Link: https://lore.kernel.org/r/20240830-zinitix-tk-versions-v2-2-90eae6817eda@linaro.org Signed-off-by: Dmitry Torokhov commit 5278bb4cd6e96504ad4700bc1e445fbe7d6711e3 Author: Linus Walleij Date: Fri Aug 30 15:51:45 2024 -0700 Input: zinitix - read and cache device version numbers The chip hardware revision, firmware version and regdata revision is needed to discern because for example touchkeys are handled by different registers on different versions of the chip. Example output from BT404: Zinitix-TS 3-0020: chip revision 4040 firmware version 0088 regdata version 0004 Signed-off-by: Linus Walleij Link: https://lore.kernel.org/r/20240830-zinitix-tk-versions-v2-1-90eae6817eda@linaro.org Signed-off-by: Dmitry Torokhov commit d469b771afe1c02643b24824946a53c493ef1731 Author: Elinor Montmasson Date: Tue Aug 20 13:28:27 2024 +0200 ARM: dts: imx6: update spdif sound card node properties The merge of imx-spdif driver into fsl-asoc-card brought new DT properties that can be used with the "fsl,imx-audio-spdif" compatible: * The "spdif-controller" property from imx-spdif is named "audio-cpu" in fsl-asoc-card. * fsl-asoc-card uses codecs explicitly declared in DT with "audio-codec". With an S/PDIF, codec drivers spdif_transmitter and spdif_receiver should be used. Driver imx-spdif used instead the dummy codec and a pair of boolean properties, "spdif-in" and "spdif-out". While backward compatibility is kept to support properties "spdif-controller", "spdif-in" and "spdif-out", using new properties has several benefits: * "audio-cpu" and "audio-codec" are more generic names reflecting that the fsl-asoc-card driver supports multiple hardware. They are properties already used by devices using the fsl-asoc-card driver. They are also similar to properties of simple-card: "cpu" and "codec". * "spdif-in" and "spdif-out" imply the use of the dummy codec in the driver. However, there are already two codec drivers for the S/PDIF, spdif_transmitter and spdif_receiver. It is better to declare S/PDIF Tx and Rx devices in a DT, and then reference them with "audio-codec" than using the dummy codec. For those reasons, this commit updates in-tree DTs to use the new properties: * Rename "spdif-controller" property to "audio-cpu". * Declare S/PDIF transmitter and/or receiver devices, and use them with the "audio-codec" property instead of "spdif-out" and/or "spdif-in". These modifications were tested only on an imx8mn-evk board. Note that out-of-tree and old DTs are still supported. Signed-off-by: Elinor Montmasson Signed-off-by: Shawn Guo commit 5213518d5ab7d5191490b93a306bbc6f2356d3c1 Author: Inochi Amaoto Date: Fri Aug 30 16:55:33 2024 +0800 pinctrl: sophgo: cv18xx: fix missed __iomem type identifier As the variable reg in "cv1800_pctrl_dbg_show" misses a "__iomem" type identifier, a warning will be issued by the compiler. Add this identifier to avoid this warning. Fixes: a29d8e93e710 ("pinctrl: sophgo: add support for CV1800B SoC") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408271555.kpOmi9I8-lkp@intel.com/ Signed-off-by: Inochi Amaoto Link: https://lore.kernel.org/IA1PR20MB495329EBE498DFFDAA1EC457BB972@IA1PR20MB4953.namprd20.prod.outlook.com Signed-off-by: Linus Walleij commit 092b7d431f5eb1443cbf0e797858861e2ede1e28 Author: Dmitry Torokhov Date: Thu Aug 29 11:51:04 2024 -0700 Input: snvs_pwrkey - use devm_clk_get_optional_enabled() Switch to using devm_clk_get_optional_enabled() helper instead of acquiring the clock with devm_clk_get_optional(), enabling it, and defining and installing a custom devm action to call clk_disable(). Reviewed-by: Frank Li Link: https://lore.kernel.org/r/ZtDDGMaOFlMYjOrt@google.com Signed-off-by: Dmitry Torokhov commit 43d0035b2c6a0e309f6023aaf569c9ec0e4b55e3 Merge: cff69f72d33318 50033400fc3a47 Author: David S. Miller Date: Sat Aug 31 17:44:52 2024 +0100 Merge branch 'unmask-dscp-bits' Ido Schimmel says: ==================== Unmask upper DSCP bits - part 2 tl;dr - This patchset continues to unmask the upper DSCP bits in the IPv4 flow key in preparation for allowing IPv4 FIB rules to match on DSCP. No functional changes are expected. Part 1 was merged in commit ("Merge branch 'unmask-upper-dscp-bits-part-1'"). The TOS field in the IPv4 flow key ('flowi4_tos') is used during FIB lookup to match against the TOS selector in FIB rules and routes. It is currently impossible for user space to configure FIB rules that match on the DSCP value as the upper DSCP bits are either masked in the various call sites that initialize the IPv4 flow key or along the path to the FIB core. In preparation for adding a DSCP selector to IPv4 and IPv6 FIB rules, we need to make sure the entire DSCP value is present in the IPv4 flow key. This patchset continues to unmask the upper DSCP bits, but this time in the output route path. Patches #1-#3 unmask the upper DSCP bits in the various places that invoke the core output route lookup functions directly. Patches #4-#6 do the same in three helpers that are widely used in the output path to initialize the TOS field in the IPv4 flow key. The rest of the patches continue to unmask these bits in call sites that invoke the following wrappers around the core lookup functions: Patch #7 - __ip_route_output_key() Patches #8-#12 - ip_route_output_flow() The next patchset will handle the callers of ip_route_output_ports() and ip_route_output_key(). No functional changes are expected as commit 1fa3314c14c6 ("ipv4: Centralize TOS matching") moved the masking of the upper DSCP bits to the core where 'flowi4_tos' is matched against the TOS selector. Changes since v1 [1]: * Remove IPTOS_RT_MASK in patch #7 instead of in patch #6 [1] https://lore.kernel.org/netdev/20240827111813.2115285-1-idosch@nvidia.com/ ==================== Signed-off-by: David S. Miller commit 50033400fc3a4744ea3ef6b7ec6443c5ec15a797 Author: Ido Schimmel Date: Thu Aug 29 09:54:59 2024 +0300 bpf: Unmask upper DSCP bits in __bpf_redirect_neigh_v4() Unmask the upper DSCP bits when calling ip_route_output_flow() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit c5d8ffe29cf2873b62e4bc008ca48d045b6cde88 Author: Ido Schimmel Date: Thu Aug 29 09:54:58 2024 +0300 vrf: Unmask upper DSCP bits in vrf_process_v4_outbound() Unmask the upper DSCP bits when calling ip_route_output_flow() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit 939cd1abf080c629552a9c5e6db4c0509d13e4c7 Author: Ido Schimmel Date: Thu Aug 29 09:54:57 2024 +0300 ipvlan: Unmask upper DSCP bits in ipvlan_process_v4_outbound() Unmask the upper DSCP bits when calling ip_route_output_flow() so that in the future it could perform the FIB lookup according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit 6a59526628ad6dadf389f45ddb3f75db44930897 Author: Ido Schimmel Date: Thu Aug 29 09:54:56 2024 +0300 ipv6: sit: Unmask upper DSCP bits in ipip6_tunnel_xmit() The function calls flowi4_init_output() to initialize an IPv4 flow key with which it then performs a FIB lookup using ip_route_output_flow(). The 'tos' variable with which the TOS value in the IPv4 flow key (flowi4_tos) is initialized contains the full DS field. Unmask the upper DSCP bits so that in the future the FIB lookup could be performed according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit 13f6538de2b845650e68996621489de547b0337e Author: Ido Schimmel Date: Thu Aug 29 09:54:55 2024 +0300 ipv4: Unmask upper DSCP bits in ip_send_unicast_reply() The function calls flowi4_init_output() to initialize an IPv4 flow key with which it then performs a FIB lookup using ip_route_output_flow(). 'arg->tos' with which the TOS value in the IPv4 flow key (flowi4_tos) is initialized contains the full DS field. Unmask the upper DSCP bits so that in the future the FIB lookup could be performed according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit b261b2c6c18bcb81d69de011fd991bdfb97259f7 Author: Ido Schimmel Date: Thu Aug 29 09:54:54 2024 +0300 xfrm: Unmask upper DSCP bits in xfrm_get_tos() The function returns a value that is used to initialize 'flowi4_tos' before being passed to the FIB lookup API in the following call chain: xfrm_bundle_create() tos = xfrm_get_tos(fl, family) xfrm_dst_lookup(..., tos, ...) __xfrm_dst_lookup(..., tos, ...) xfrm4_dst_lookup(..., tos, ...) __xfrm4_dst_lookup(..., tos, ...) fl4->flowi4_tos = tos __ip_route_output_key(net, fl4) Unmask the upper DSCP bits so that in the future the output route lookup could be performed according to the full DSCP value. Remove IPTOS_RT_MASK since it is no longer used. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit f6c89e95555ace0cb10d01b07756bfa5db5ee7fa Author: Ido Schimmel Date: Thu Aug 29 09:54:53 2024 +0300 ipv4: Unmask upper DSCP bits when building flow key build_sk_flow_key() and __build_flow_key() are used to build an IPv4 flow key before calling one of the FIB lookup APIs. Unmask the upper DSCP bits so that in the future the lookup could be performed according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit 356d054a4967e6190ee558b8e839fad3e9db35ec Author: Ido Schimmel Date: Thu Aug 29 09:54:52 2024 +0300 ipv4: Unmask upper DSCP bits in get_rttos() The function is used by a few socket types to retrieve the TOS value with which to perform the FIB lookup for packets sent through the socket (flowi4_tos). If a DS field was passed using the IP_TOS control message, then it is used. Otherwise the one specified via the IP_TOS socket option. Unmask the upper DSCP bits so that in the future the lookup could be performed according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit ff95cb5e521b60d046e6571ada697a0977b189c3 Author: Ido Schimmel Date: Thu Aug 29 09:54:51 2024 +0300 ipv4: Unmask upper DSCP bits in ip_sock_rt_tos() The function is used to read the DS field that was stored in IPv4 sockets via the IP_TOS socket option so that it could be used to initialize the flowi4_tos field before resolving an output route. Unmask the upper DSCP bits so that in the future the output route lookup could be performed according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit 4805646c42e51d2fbf142864d281473ad453ad5d Author: Ido Schimmel Date: Thu Aug 29 09:54:50 2024 +0300 ipv4: icmp: Unmask upper DSCP bits in icmp_route_lookup() The function is called to resolve a route for an ICMP message that is sent in response to a situation. Based on the type of the generated ICMP message, the function is either passed the DS field of the packet that generated the ICMP message or a DS field that is derived from it. Unmask the upper DSCP bits before resolving and output route via ip_route_output_key_hash() so that in the future the lookup could be performed according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit a63cef46adcbedd4f4ea7401773a310edca53131 Author: Ido Schimmel Date: Thu Aug 29 09:54:49 2024 +0300 ipv4: Unmask upper DSCP bits in ip_route_output_key_hash() Unmask the upper DSCP bits so that in the future output routes could be looked up according to the full DSCP value. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit 47afa284b96c62bda127604e6091fd5c9fd7e42c Author: Ido Schimmel Date: Thu Aug 29 09:54:48 2024 +0300 ipv4: Unmask upper DSCP bits in RTM_GETROUTE output route lookup Unmask the upper DSCP bits when looking up an output route via the RTM_GETROUTE netlink message so that in the future the lookup could be performed according to the full DSCP value. No functional changes intended since the upper DSCP bits are masked when comparing against the TOS selectors in FIB rules and routes. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: David S. Miller commit a335e95914046c6bed45c0d17cabcd483682cf5e Author: Alice Ryhl Date: Thu Aug 22 16:37:57 2024 +0000 rust: rbtree: add `RBTree::entry` This mirrors the entry API [1] from the Rust standard library on `RBTree`. This API can be used to access the entry at a specific key and make modifications depending on whether the key is vacant or occupied. This API is useful because it can often be used to avoid traversing the tree multiple times. This is used by binder to look up and conditionally access or insert a value, depending on whether it is there or not [2]. Link: https://doc.rust-lang.org/stable/std/collections/btree_map/enum.Entry.html [1] Link: https://android-review.googlesource.com/c/kernel/common/+/2849906 [2] Signed-off-by: Alice Ryhl Tested-by: Alice Ryhl Reviewed-by: Boqun Feng Reviewed-by: Benno Lossin Signed-off-by: Matt Gilbride Link: https://lore.kernel.org/r/20240822-b4-rbtree-v12-5-014561758a57@google.com Signed-off-by: Miguel Ojeda commit 98c14e40e07a077827f6842e8f31d191cb82576c Author: Matt Gilbride Date: Thu Aug 22 16:37:56 2024 +0000 rust: rbtree: add cursor Add a cursor interface to `RBTree`, supporting the following use cases: - Inspect the current node pointed to by the cursor, inspect/move to it's neighbors in sort order (bidirectionally). - Mutate the tree itself by removing the current node pointed to by the cursor, or one of its neighbors. Add functions to obtain a cursor to the tree by key: - The node with the smallest key - The node with the largest key - The node matching the given key, or the one with the next larger key The cursor abstraction is needed by the binder driver to efficiently search for nodes and (conditionally) modify them, as well as their neighbors [1]. Link: https://lore.kernel.org/rust-for-linux/20231101-rust-binder-v1-6-08ba9197f637@google.com/ [1] Co-developed-by: Alice Ryhl Signed-off-by: Alice Ryhl Tested-by: Alice Ryhl Reviewed-by: Boqun Feng Reviewed-by: Benno Lossin Signed-off-by: Matt Gilbride Link: https://lore.kernel.org/r/20240822-b4-rbtree-v12-4-014561758a57@google.com Signed-off-by: Miguel Ojeda commit cf5397d1776489e1c66b7db01f6a58c431ab08f1 Author: Wedson Almeida Filho Date: Thu Aug 22 16:37:55 2024 +0000 rust: rbtree: add mutable iterator Add mutable Iterator implementation for `RBTree`, allowing iteration over (key, value) pairs in key order. Only values are mutable, as mutating keys implies modifying a node's position in the tree. Mutable iteration is used by the binder driver during shutdown to clean up the tree maintained by the "range allocator" [1]. Link: https://lore.kernel.org/rust-for-linux/20231101-rust-binder-v1-6-08ba9197f637@google.com/ [1] Signed-off-by: Wedson Almeida Filho Reviewed-by: Alice Ryhl Tested-by: Alice Ryhl Reviewed-by: Boqun Feng Reviewed-by: Benno Lossin Signed-off-by: Matt Gilbride Link: https://lore.kernel.org/r/20240822-b4-rbtree-v12-3-014561758a57@google.com Signed-off-by: Miguel Ojeda commit e601f1bb8e859758289b1c52503bc626168fba59 Author: Wedson Almeida Filho Date: Thu Aug 22 16:37:54 2024 +0000 rust: rbtree: add iterator - Add Iterator implementation for `RBTree`, allowing iteration over (key, value) pairs in key order. - Add individual `keys()` and `values()` functions to iterate over keys or values alone. - Update doctests to use iteration instead of explicitly getting items. Iteration is needed by the binder driver to enumerate all values in a tree for oneway spam detection [1]. Link: https://lore.kernel.org/rust-for-linux/20231101-rust-binder-v1-17-08ba9197f637@google.com/ [1] Signed-off-by: Wedson Almeida Filho Reviewed-by: Alice Ryhl Tested-by: Alice Ryhl Reviewed-by: Benno Lossin Reviewed-by: Boqun Feng Signed-off-by: Matt Gilbride Link: https://lore.kernel.org/r/20240822-b4-rbtree-v12-2-014561758a57@google.com Signed-off-by: Miguel Ojeda commit a0d13aac7022f95ec161c18d18e3d81172666ed8 Author: Wedson Almeida Filho Date: Thu Aug 22 16:37:53 2024 +0000 rust: rbtree: add red-black tree implementation backed by the C version The rust rbtree exposes a map-like interface over keys and values, backed by the kernel red-black tree implementation. Values can be inserted, deleted, and retrieved from a `RBTree` by key. This base abstraction is used by binder to store key/value pairs and perform lookups, for example the patch "[PATCH RFC 03/20] rust_binder: add threading support" in the binder RFC [1]. Link: https://lore.kernel.org/rust-for-linux/20231101-rust-binder-v1-3-08ba9197f637@google.com/ [1] Signed-off-by: Wedson Almeida Filho Reviewed-by: Alice Ryhl Tested-by: Alice Ryhl Reviewed-by: Boqun Feng Reviewed-by: Benno Lossin Signed-off-by: Matt Gilbride Link: https://lore.kernel.org/r/20240822-b4-rbtree-v12-1-014561758a57@google.com [ Updated link to docs.kernel.org. - Miguel ] Signed-off-by: Miguel Ojeda commit 82c4be4168e26a5593aaa1002b5678128a638824 Author: Siddharth Vadapalli Date: Thu Aug 29 16:23:16 2024 +0530 PCI: j721e: Enable ACSPCIE Refclk if "ti,syscon-acspcie-proxy-ctrl" exists The ACSPCIE module is capable of driving the reference clock required by the PCIe Endpoint device. It is an alternative to on-board and external reference clock generators. Enabling the output from the ACSPCIE module's PAD IO Buffers requires clearing the "PAD IO disable" bits of the ACSPCIE_PROXY_CTRL register in the CTRL_MMR register space. Add support to enable the ACSPCIE reference clock output using the optional device-tree property "ti,syscon-acspcie-proxy-ctrl". Link: https://lore.kernel.org/linux-pci/20240829105316.1483684-3-s-vadapalli@ti.com Signed-off-by: Siddharth Vadapalli Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam commit cb08c3a32be4283d650d9f312f8314dbf7cf87ed Author: Siddharth Vadapalli Date: Thu Aug 29 16:23:15 2024 +0530 dt-bindings: PCI: ti,j721e-pci-host: Add ACSPCIE proxy control property Add the "ti,syscon-acspcie-proxy-ctrl" device-tree property which is used to obtain a reference to the ACSPCIE Proxy Control register along with the details of the PAD IO Buffer output enable bits. The ACSPCIE Proxy Control register is used to drive the reference clock for the PCIe Endpoint device via the PAD IO Buffers of the ACSPCIE module. The ACSPCIE module can be used as an alternative to either an on-board clock generator or an external clock generator for providing the reference clock to the PCIe Endpoint device. Link: https://lore.kernel.org/linux-pci/20240829105316.1483684-2-s-vadapalli@ti.com Signed-off-by: Siddharth Vadapalli Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam Acked-by: Krzysztof Kozlowski commit 6ac721795d7375e48bede6bb4965c0e46133c704 Author: Thippeswamy Havalige Date: Sun Aug 11 07:53:45 2024 +0530 PCI: xilinx-xdma: Add Xilinx QDMA Root Port driver Add support for Xilinx QDMA Soft IP core as Root Port. The Versal Prime devices support QDMA soft IP module in programmable logic. The integrated QDMA Soft IP block has integrated bridge function that can act as PCIe Root Port. Link: https://lore.kernel.org/linux-pci/20240811022345.1178203-3-thippesw@amd.com Signed-off-by: Thippeswamy Havalige [kwilczynski: removed unused header] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam commit 899d54826110af3a896a614c9d065ba6acf1e8b3 Author: Thippeswamy Havalige Date: Sun Aug 11 07:53:44 2024 +0530 dt-bindings: PCI: xilinx-xdma: Add schemas for Xilinx QDMA PCIe Root Port Bridge Add YAML devicetree schemas for Xilinx QDMA Soft IP PCIe Root Port Bridge version 3.0. Link: https://lore.kernel.org/linux-pci/20240811022345.1178203-2-thippesw@amd.com Signed-off-by: Thippeswamy Havalige Signed-off-by: Krzysztof Wilczyński Acked-by: Conor Dooley commit 0353e9809eb65cdf227821e6e65a6f0676271242 Author: Fabio Estevam Date: Mon Aug 19 21:24:35 2024 -0300 ARM: dts: imx28-apx4devkit: Fix the regulator description The regulator should not be placed under simple-bus. Remove it from simple-bus to fix the following dt-schema warnings: 'regulators' does not match '^([a-z][a-z0-9\\-]+-bus|bus|localbus|soc|axi|ahb|apb)(@.+)?$' regulators: #size-cells:0:0: 0 is not one of [1, 2] regulators: regulator@0:reg:0: [0] is too short regulators: 'ranges' is a required property Signed-off-by: Fabio Estevam Signed-off-by: Shawn Guo commit b575d3bd08d2c46b2e9aa9668a8ac8a10af6e54c Author: Frieder Schrempf Date: Tue Aug 13 10:49:04 2024 +0200 dt-bindings: arm: fsl: Add Kontron i.MX93 OSM-S based boards Add the bindings for the Kontron i.MX93 OSM-S SoM and BL carrier board. Signed-off-by: Frieder Schrempf Acked-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit 5d7b3dfb30e0ea91198292ae54415e390387dc76 Author: Max Merchel Date: Tue Aug 13 09:12:42 2024 +0200 dt-bindings: arm: fsl: correct spelling of TQ-Systems TQ-Systems is written with a hyphen. The incorrect spelling with spaces is therefore corrected. While at it, comments are added to TQMa6ULLx. Signed-off-by: Max Merchel Acked-by: Rob Herring (Arm) Signed-off-by: Shawn Guo commit 32e1089ed23569685521021925bd839946d76ccd Author: Frank Li Date: Mon Aug 12 16:08:15 2024 -0400 dt-bindings: arm: fsl: add fsl-ls2081a-rdb board Add compatible string fsl-ls2081a-rdb for ls2081a rdb boards to fix below warning: arch/arm64/boot/dts/freescale/fsl-ls2081a-rdb.dtb: /: failed to match any schema with compatible: ['fsl,ls2081a-rdb', 'fsl,ls2081a'] Signed-off-by: Frank Li Acked-by: Rob Herring (Arm) Signed-off-by: Shawn Guo commit 867bf1923200e6ad82bad0289f43bf20b4ac7ff9 Author: Claudiu Beznea Date: Mon Aug 26 19:53:20 2024 +0300 ARM: dts: microchip: sama7g5: Fix RTT clock According to datasheet, Chapter 34. Clock Generator, section 34.2, Embedded characteristics, source clock for RTT is the TD_SLCK, registered with ID 1 by the slow clock controller driver. Fix RTT clock. Fixes: 7540629e2fc7 ("ARM: dts: at91: add sama7g5 SoC DT and sama7g5-ek") Link: https://lore.kernel.org/r/20240826165320.3068359-1-claudiu.beznea@tuxon.dev Signed-off-by: Claudiu Beznea commit 61bc4deff033181992408f973b48fca08757d3ff Author: Hongbo Li Date: Sat Aug 31 16:06:39 2024 +0800 ALSA: pcm: replace simple_strtoul to kstrtoul As mentioned in [1], "...simple_strtol(), simple_strtoll(), simple_strtoul(), and simple_strtoull() functions explicitly ignore overflows, which may lead to unexpected results in callers." Hence, the use of those functions is discouraged. This patch replace the use of the simple_strtoul with the safer alternatives kstrtoul. [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#simple-strtol-simple-strtoll-simple-strtoul-simple-strtoull Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240831080639.3985143-1-lihongbo22@huawei.com Signed-off-by: Takashi Iwai commit 3f52e32445a1f63b788bc8969b7dc2386a80a24d Author: Changhuang Liang Date: Tue Aug 20 04:20:53 2024 -0700 media: MAINTAINERS: Add "qcom," substring for Qualcomm Camera Subsystem Commit f5502cd25ac0 ("media: dt-bindings: Add JH7110 Camera Subsystem") adds the StarFive Camera Subsystem parts, also complies with Qualcomm's rules. Add "qcom," substring restrcting this condition. Signed-off-by: Changhuang Liang Reviewed-by: Krzysztof Kozlowski [Sakari Ailus: Add media: prefix to the subject.] Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit b16042064919e81d84d5566fdf82f660f9616e7a Author: Liao Chen Date: Thu Aug 29 12:52:03 2024 +0000 media: i2c: mt9v111: Drop redundant comma Drop the redundant comma from mt9v111_of_match array to make the code clean. Signed-off-by: Liao Chen Reviewed-by: Biju Das Reviewed-by: Laurent Pinchart Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 2c2d24dc5943da93561663d245d96cf6f8fe2691 Author: Liao Chen Date: Thu Aug 29 12:52:02 2024 +0000 media: i2c: mt9v111: Enable module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Reviewed-by: Laurent Pinchart Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 99d30e2fdea4086be4e66e2deb10de854b547ab8 Author: Umang Jain Date: Fri Aug 30 11:41:52 2024 +0530 media: imx335: Fix reset-gpio handling Rectify the logical value of reset-gpio so that it is set to 0 (disabled) during power-on and to 1 (enabled) during power-off. Set the reset-gpio to GPIO_OUT_HIGH at initialization time to make sure it starts off in reset. Also drop the "Set XCLR" comment which is not-so-informative. The existing usage of imx335 had reset-gpios polarity inverted (GPIO_ACTIVE_HIGH) in their device-tree sources. With this patch included, those DTS will not be able to stream imx335 anymore. The reset-gpio polarity will need to be rectified in the device-tree sources as shown in [1] example, in order to get imx335 functional again (as it remains in reset prior to this fix). Cc: stable@vger.kernel.org Fixes: 45d19b5fb9ae ("media: i2c: Add imx335 camera sensor driver") Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/linux-media/20240729110437.199428-1-umang.jain@ideasonboard.com/ Signed-off-by: Umang Jain Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 84ea28860974beef80886ac939f106ee4d674405 Author: Umang Jain Date: Fri Aug 30 11:41:51 2024 +0530 dt-bindings: media: imx335: Add reset-gpios to the DT example It's easy to get the polarity of GPIOs in the device tree wrong, as shown by a recently fixed bug in the imx335 driver. To lower the chance of future mistakes, especially in new bindings that would take the imx335 binding as a starting point, add the reset-gpios property to the DT example. This showcases the correct polarity of the XCLR signal for Sony sensors in the most common case of the signal not being inverted on the board. Acked-by: Krzysztof Kozlowski Signed-off-by: Umang Jain Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 4a1b669ffe789ee2c08198ce6e042a089b7bea3a Author: Vladimir Zapolskiy Date: Fri Aug 30 09:34:59 2024 +0300 media: i2c: og01a1b: Add management of optional sensor supply lines Omnivision OG01A1B camera sensor is supplied by three power rails, if supplies are present as device properties, include them into sensor power up sequence. Signed-off-by: Vladimir Zapolskiy Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 1cb7b39901c2fb634994526d0ce541ee9274053f Author: Vladimir Zapolskiy Date: Fri Aug 30 09:34:58 2024 +0300 media: i2c: og01a1b: Add management of optional reset GPIO Omnivision OG01A1B camera sensor may have a connected active low GPIO to XSHUTDOWN pad, and if so, include it into sensor power up sequence. Signed-off-by: Vladimir Zapolskiy Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit a95ffde287835cc60df7dba2c15cfc07c6776e95 Author: Vladimir Zapolskiy Date: Fri Aug 30 09:34:57 2024 +0300 media: i2c: og01a1b: Add support of xvclk supply clock in power management The OmniVision OG01A1B camera sensor has an xvclk supply clock, which could be described and then explicitly controlled on OF platforms. Signed-off-by: Vladimir Zapolskiy [Sakari Ailus: Use UL specifier for power-up delay cycle value.] Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 1c004ef7ffc37e81a1c1fac7fffb4f37b4b2a30e Author: Vladimir Zapolskiy Date: Fri Aug 30 09:34:56 2024 +0300 media: i2c: og01a1b: Add stubs of runtime power management functions Rearrange initializations and checks in probe before population of the power management functions. Signed-off-by: Vladimir Zapolskiy Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 4f6bec9dba371d3d3fa6e17dd7a29534ff12fdc6 Author: Vladimir Zapolskiy Date: Fri Aug 30 09:34:55 2024 +0300 media: i2c: og01a1b: Add OF support to the image sensor driver The OmniVision OG01A1B image sensor driver currently supports probing only on ACPI platforms, the changes adds support of OF platforms to the driver. Signed-off-by: Vladimir Zapolskiy Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit a85c73cd6709f8f513b09221f4e505a2a6f21961 Author: Vladimir Zapolskiy Date: Fri Aug 30 09:34:54 2024 +0300 media: dt-bindings: Add OmniVision OG01A1B image sensor Add device tree bindings documentation for OmniVision OG01A1B image sensor. Signed-off-by: Vladimir Zapolskiy Reviewed-by: Conor Dooley Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit e7a9c987381a991f7ac54372ea45cfd4b160edcb Author: Yue Haibing Date: Fri Aug 23 17:48:39 2024 +0800 media: siano: Remove unused declarations There is no caller and implementation in tree, so can remove them. Signed-off-by: Yue Haibing Reviewed-by: Ricardo Ribalda Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit d7754949dbf90b46e4a1f502f0973f7dcd50c352 Author: Yue Haibing Date: Fri Aug 23 17:49:35 2024 +0800 media: ccs: Remove unused declarations Commit 2989a457171d ("media: ccs: Refactor register reading a little") removed ccs_read_addr_no_quirk() but left declaration. Commit 529322112a3b ("media: ccs: Use V4L2 CCI for accessing sensor registers") removed ccs_write_addr_no_quirk() and ccs_reg_width() but leave their declarations. Signed-off-by: Yue Haibing Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit bee1aed819a8cda47927436685d216906ed17f62 Author: Alexander Shiyan Date: Thu Aug 29 08:48:49 2024 +0300 media: i2c: ar0521: Use cansleep version of gpiod_set_value() If we use GPIO reset from I2C port expander, we must use *_cansleep() variant of GPIO functions. This was not done in ar0521_power_on()/ar0521_power_off() functions. Let's fix that. ------------[ cut here ]------------ WARNING: CPU: 0 PID: 11 at drivers/gpio/gpiolib.c:3496 gpiod_set_value+0x74/0x7c Modules linked in: CPU: 0 PID: 11 Comm: kworker/u16:0 Not tainted 6.10.0 #53 Hardware name: Diasom DS-RK3568-SOM-EVB (DT) Workqueue: events_unbound deferred_probe_work_func pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : gpiod_set_value+0x74/0x7c lr : ar0521_power_on+0xcc/0x290 sp : ffffff8001d7ab70 x29: ffffff8001d7ab70 x28: ffffff80027dcc90 x27: ffffff8003c82000 x26: ffffff8003ca9250 x25: ffffffc080a39c60 x24: ffffff8003ca9088 x23: ffffff8002402720 x22: ffffff8003ca9080 x21: ffffff8003ca9088 x20: 0000000000000000 x19: ffffff8001eb2a00 x18: ffffff80efeeac80 x17: 756d2d6332692f30 x16: 0000000000000000 x15: 0000000000000000 x14: ffffff8001d91d40 x13: 0000000000000016 x12: ffffffc080e98930 x11: ffffff8001eb2880 x10: 0000000000000890 x9 : ffffff8001d7a9f0 x8 : ffffff8001d92570 x7 : ffffff80efeeac80 x6 : 000000003fc6e780 x5 : ffffff8001d91c80 x4 : 0000000000000002 x3 : 0000000000000000 x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000001 Call trace: gpiod_set_value+0x74/0x7c ar0521_power_on+0xcc/0x290 ... Signed-off-by: Alexander Shiyan Fixes: 852b50aeed15 ("media: On Semi AR0521 sensor driver") Cc: stable@vger.kernel.org Acked-by: Krzysztof Hałasa Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit d920b37a274f42353530127e0612ce4d6f74ec48 Author: Hongbo Li Date: Wed Aug 28 20:09:48 2024 +0800 media: intel/ipu6: make use of dev_err_cast_probe() Using dev_err_cast_probe() to simplify the code. No functional change. Signed-off-by: Hongbo Li Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 719ec29fceda2f19c833d2784b1574638320400f Author: Bryan O'Donoghue Date: Sat Jul 13 23:33:29 2024 +0100 media: ov5675: Fix power on/off delay timings The ov5675 specification says that the gap between XSHUTDN deassert and the first I2C transaction should be a minimum of 8192 XVCLK cycles. Right now we use a usleep_rage() that gives a sleep time of between about 430 and 860 microseconds. On the Lenovo X13s we have observed that in about 1/20 cases the current timing is too tight and we start transacting before the ov5675's reset cycle completes, leading to I2C bus transaction failures. The reset racing is sometimes triggered at initial chip probe but, more usually on a subsequent power-off/power-on cycle e.g. [ 71.451662] ov5675 24-0010: failed to write reg 0x0103. error = -5 [ 71.451686] ov5675 24-0010: failed to set plls The current quiescence period we have is too tight. Instead of expressing the post reset delay in terms of the current XVCLK this patch converts the power-on and power-off delays to the maximum theoretical delay @ 6 MHz with an additional buffer. 1.365 milliseconds on the power-on path is 1.5 milliseconds with grace. 85.3 microseconds on the power-off path is 90 microseconds with grace. Fixes: 49d9ad719e89 ("media: ov5675: add device-tree support and support runtime PM") Cc: stable@vger.kernel.org Signed-off-by: Bryan O'Donoghue Tested-by: Johan Hovold Reviewed-by: Quentin Schulz Tested-by: Quentin Schulz # RK3399 Puma with Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit a1be997964db5c98cb6fd90900adab59533c03e8 Author: Robert Mader Date: Sun Aug 11 13:17:04 2024 +0200 media: i2c: imx355: Parse and register properties Analogous to e.g. the imx219 driver. This enables propagating the V4L2_CID_CAMERA_SENSOR_ROTATION and V4L2_CID_CAMERA_ORIENTATION values so that userspace - e.g. libcamera - can detect the correct rotation and orientation from the device tree. Signed-off-by: Robert Mader Reviewed-by: Jacopo Mondi Reviewed-by: Kieran Bingham Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 4596c55e9a096b8a96d6e4dff6a8cdf440adbcef Author: Julien Massot Date: Mon Jul 1 11:31:43 2024 +0200 media: i2c: max96714: coding style fixes Coding style fixes suggested by Sakari during the driver review. Reviewed-by: Tommaso Merciai Tested-by: Tommaso Merciai Signed-off-by: Julien Massot Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 24fe3eb1a582ade9e2dc1d13969242bb0a817f59 Author: Julien Massot Date: Mon Jul 1 11:31:42 2024 +0200 media: i2c: max96717: coding style fixes Coding style fixes suggested by Sakari during the driver review. Signed-off-by: Julien Massot Reviewed-by: Tommaso Merciai Tested-by: Tommaso Merciai Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 19b5e5511ca4f8e933aa15e6f62dfefb6ab7808c Author: Tommaso Merciai Date: Thu Jun 27 17:18:06 2024 +0200 media: i2c: max96717: add test pattern ctrl Add v4l2 test pattern control. Signed-off-by: Tommaso Merciai Reviewed-by: Julien Massot Tested-by: Julien Massot Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 57343cbb09a3ae489c584b2d6039804c2d4d298d Author: Ricardo Ribalda Date: Fri Aug 16 12:32:04 2024 +0000 media: meson: vdec: hevc: Refactor vdec_hevc_start and vdec_hevc_stop Make a new function __vdec_hevc_start(), that does all the initialization, except the clock initialization for G12A and SM1. Factor out all the stop logic, except the clk_disable_unprepare(), to a new function __vdec_hevc_stop. This allows vdec_hevc_start() to explicitly celan-out the clock during the error-path. The following smatch warnings are fixed: drivers/staging/media/meson/vdec/vdec_hevc.c:227 vdec_hevc_start() warn: 'core->vdec_hevc_clk' from clk_prepare_enable() not released on lines: 227. drivers/staging/media/meson/vdec/vdec_hevc.c:227 vdec_hevc_start() warn: 'core->vdec_hevcf_clk' from clk_prepare_enable() not released on lines: 227. Signed-off-by: Ricardo Ribalda Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit bc24a85d41272c6fac77c07da46882df7cd81799 Author: Ricardo Ribalda Date: Fri Aug 16 12:32:03 2024 +0000 media: meson: vdec_1: Refactor vdec_1_stop() Factor out all the power off logic, except the clk_disable_unprepare(), to a new function __vdec_1_stop(). This allows vdec_1_start() to explicitly clean-out the clock during the error-path. The following smatch warning is fixed: drivers/staging/media/meson/vdec/vdec_1.c:239 vdec_1_start() warn: 'core->vdec_1_clk' from clk_prepare_enable() not released on lines: 239. Signed-off-by: Ricardo Ribalda Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 157c73682dc0d0913b2f4543d5589151587a81d7 Author: Ricardo Ribalda Date: Fri Aug 16 12:32:02 2024 +0000 media: tc358746: Move clk_prepare to its own function Smatch is very confused by a clk_prepare_enable() being called in an error-path. Fix this warning by moving the clk_prepare_enable() to its own function. drivers/media/i2c/tc358746.c:1631 tc358746_suspend() warn: 'tc358746->refclk' from clk_prepare_enable() not released on lines: 1631. Signed-off-by: Ricardo Ribalda Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 334af4c52eb2eba004d1419bf93d638fcf19abb8 Author: Ricardo Ribalda Date: Fri Aug 16 12:32:01 2024 +0000 media: i2c: s5c73m3: Move clk_prepare to its own function Smatch is very confused by a clk_prepare_enable() being called in an error-path. Fix this warning by moving the clk_prepare_enable() to its own function. drivers/media/i2c/s5c73m3/s5c73m3-core.c:1425 __s5c73m3_power_off() warn: 'state->clock' from clk_prepare_enable() not released on lines: 1425. Signed-off-by: Ricardo Ribalda Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 820d81a167d422027ca4af7f0511e101f21aa214 Author: Ricardo Ribalda Date: Fri Aug 16 12:32:00 2024 +0000 media: i2c: ov5645: Refactor ov5645_set_power_off() Factor out all the power off logic, except clk_disable_unprepare(), to a new function __ov5645_set_power_off(). This allows ov5645_set_power_on() to excplicitly clean-out the clock during the error-path. The following smatch warning is fixed: drivers/media/i2c/ov5645.c:690 ov5645_set_power_on() warn: 'ov5645->xclk' from clk_prepare_enable() not released on lines: 690. Signed-off-by: Ricardo Ribalda Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 2933d7e12ed792e12ab690efd15f6e7ce81ba739 Author: Ricardo Ribalda Date: Fri Aug 16 12:31:59 2024 +0000 media: ar0521: Refactor ar0521_power_off() Factor out all the power off logic, except the clk_disable_unprepare(), to a new function __ar0521_power_off(). This allows ar0521_power_on() to explicitly clean-out the clock during the error-path. The following smatch warning is fixed: drivers/media/i2c/ar0521.c:912 ar0521_power_on() warn: 'sensor->extclk' from clk_prepare_enable() not released on lines: 912. Signed-off-by: Ricardo Ribalda Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 5256cfec79d8c9a6a6075b317c5a46ef9ff0038f Author: Max Staudt Date: Thu Jun 20 23:45:43 2024 +0900 staging: media: ipu3: Stop streaming in inverse order of starting imgu_vb2_stop_streaming() did not order shutdown items in the inverse order and count of what imgu_vb2_start_streaming() does. Consequently, v6.7's new WARN_ON in call_s_stream() started screaming because it was called multiple times on the entire pipe, yet it should only be called when the pipe is interrupted by any first node being taken offline. This reorders streamoff to be the inverse of streamon, and uses analogous conditions to decide when and how often to call additional teardown functions. v4l2_subdev_call(s_stream, 0) remains outside the streaming_lock, analogously to imgu_vb2_start_streaming(). Signed-off-by: Max Staudt Reviewed-by: Bingbu Cao Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit cf27c5a1bd7cc0b8df26044b08be3488dec129f8 Author: Max Staudt Date: Thu Jun 20 23:45:42 2024 +0900 staging: media: ipu3: Return buffers outside of needless locking In imgu_vb2_start_streaming()'s error path, imgu_return_all_buffers() is outside the streaming_lock and after the call to video_device_pipeline_stop(). Let's apply the same order in imgu_vb2_stop_streaming() as well. Signed-off-by: Max Staudt Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 1395ff433cde9074f11ea24f092368570b5a544e Author: Max Staudt Date: Thu Jun 20 23:45:41 2024 +0900 staging: media: ipu3: Drop superfluous check in imgu_vb2_stop_streaming() The check for imgu_all_nodes_streaming() seems superfluous, since imgu->streaming can only become true once imgu_all_nodes_streaming() has been true. Hence, checking for imgu->streaming == true should imply imgu_all_nodes_streaming(), and therefore suffice. Signed-off-by: Max Staudt Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit f2b0effa9d079ab1a842c0c67c0ed01146305c6a Author: Umang Jain Date: Tue Aug 13 11:22:00 2024 +0530 media: imx283: Add 3/3 binning mode IMX283 supports 12-bit 3/3 binning mode with 1824x1216 resolution. Introduce the mode config for the same. Signed-off-by: Umang Jain Reviewed-by: Kieran Bingham Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 32960b4f25c248f13758b8bbe6cc4260828442a1 Author: Krzysztof Kozlowski Date: Sun Aug 25 15:50:01 2024 +0200 memory: pl353-smc: simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Suggested-by: Jonathan Cameron Reviewed-by: Miquel Raynal Link: https://lore.kernel.org/r/20240825135001.48963-2-krzysztof.kozlowski@linaro.org Signed-off-by: Krzysztof Kozlowski commit 331b8a963137d182248599d500edd9b4a3783db5 Author: Krzysztof Kozlowski Date: Sun Aug 25 15:50:00 2024 +0200 memory: pl172: simplify releasing AMBA regions with devm Use devm_add_action_or_reset() and dev_err_probe() to make the probe() error handling simpler around amba_release_regions() cleanup. This allows to drop the remove() callback entirely. Suggested-by: Jonathan Cameron Acked-by: Vladimir Zapolskiy Reviewed-by: Vladimir Zapolskiy Link: https://lore.kernel.org/r/20240825135001.48963-1-krzysztof.kozlowski@linaro.org Signed-off-by: Krzysztof Kozlowski commit 62607d033bb8dc417c2fd06f37f433d468023e66 Author: Tejun Heo Date: Fri Aug 30 07:54:41 2024 -1000 sched_ext: Use sched_clock_cpu() instead of rq_clock_task() in touch_core_sched() Since 3cf78c5d01d6 ("sched_ext: Unpin and repin rq lock from balance_scx()"), sched_ext's balance path terminates rq_pin in the outermost function. This is simpler and in line with what other balance functions are doing but it loses control over rq->clock_update_flags which makes assert_clock_udpated() trigger if other CPUs pins the rq lock. The only place this matters is touch_core_sched() which uses the timestamp to order tasks from sibling rq's. Switch to sched_clock_cpu(). Later, it may be better to use per-core dispatch sequence number. v2: Use sched_clock_cpu() instead of ktime_get_ns() per David. Signed-off-by: Tejun Heo Fixes: 3cf78c5d01d6 ("sched_ext: Unpin and repin rq lock from balance_scx()") Acked-by: David Vernet Cc: Peter Zijlstra commit 0366017e0973a52245787e972c8ac68a88692bba Author: Tejun Heo Date: Fri Aug 30 00:51:40 2024 -1000 sched_ext: Use task_can_run_on_remote_rq() test in dispatch_to_local_dsq() When deciding whether a task can be migrated to a CPU, dispatch_to_local_dsq() was open-coding p->cpus_allowed and scx_rq_online() tests instead of using task_can_run_on_remote_rq(). This had two problems. - It was missing is_migration_disabled() check and thus could try to migrate a task which shouldn't leading to assertion and scheduling failures. - It was testing p->cpus_ptr directly instead of using task_allowed_on_cpu() and thus failed to consider ISA compatibility. Update dispatch_to_local_dsq() to use task_can_run_on_remote_rq(): - Move scx_ops_error() triggering into task_can_run_on_remote_rq(). - When migration isn't allowed, fall back to the global DSQ instead of the source DSQ by returning DTL_INVALID. This is both simpler and an overall better behavior. Signed-off-by: Tejun Heo Cc: Peter Zijlstra Acked-by: David Vernet commit 84d1078af52f6a099267fccfb1dda602ac8b66d0 Author: Biju Das Date: Fri Aug 30 21:30:03 2024 +0100 memory: renesas-rpc-if: Use Hi-Z state as the default setting for IOVF pins The RZ/{G2L,G2LC,V2L} SMARC EVK uses Micron MT25QU412A flash and RZ/G2UL SMARC EVK uses Renesas AT25QL128A flash. With current pin setting for IOVF pin, 4-bit flash write fails for AT25QL128A flash. Use Hi-Z state as the default for IOVF pin, so that spi controller driver in linux will be independent of flash type. To support this, during board production, the bit 4 of the NV config register must be cleared by the bootloader for Micron flash. Output from u-boot after clearing bit4 of NVCR register. => renesas_micron_flash_nvcr SF: Detected mt25qu512a with page size 256 Bytes, erase size 64 KiB, total 64 MiB NVCR=0xef Signed-off-by: Biju Das Link: https://lore.kernel.org/r/20240830203014.199326-2-biju.das.jz@bp.renesas.com Signed-off-by: Krzysztof Kozlowski commit ba728bda663b0e812cb20450d18af5d0edd803a2 Author: Abel Vesa Date: Thu Aug 29 15:03:28 2024 +0300 arm64: dts: qcom: x1e80100: Fix PHY for DP2 The actual PHY used by MDSS DP2 is the USB SS2 QMP one. So switch to it instead. This is needed to get external DP support on boards like CRD where the 3rd Type-C USB port (right-hand side) is connected to DP2. Fixes: 1940c25eaa63 ("arm64: dts: qcom: x1e80100: Add display nodes") Signed-off-by: Abel Vesa Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240829-x1e80100-dts-dp2-use-qmpphy-ss2-v1-1-9ba3dca61ccc@linaro.org Signed-off-by: Bjorn Andersson commit fec09568a355ec70cbad254168da4391e0241238 Author: Sachin Gupta Date: Thu Aug 29 17:17:48 2024 +0530 arm64: dts: qcom: qcm6490-idp: Add SD Card node Add SD Card node for Qualcomm qcm6490-idp Board. Signed-off-by: Sachin Gupta Reviewed-by: Dmitry Baryshkov Reviewed-by: Caleb Connolly Link: https://lore.kernel.org/r/20240829114748.9661-1-quic_sachgupt@quicinc.com Signed-off-by: Bjorn Andersson commit 17c5909f53e01c151c91f66949a9c4f191756bae Author: Abel Vesa Date: Thu Aug 29 14:44:47 2024 +0300 arm64: dts: qcom: x1e80100: Add orientation-switch to all USB+DP QMP PHYs All three USB SS combo QMP PHYs need to power off, deinit, then init and power on again on every plug in event. This is done by forwarding the orientation from the retimer/mux to the PHY. All is needed is the orientation-switch property in each such PHY devicetree node. So add them. Fixes: 4af46b7bd66f ("arm64: dts: qcom: x1e80100: Add USB nodes") Signed-off-by: Abel Vesa Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240829-x1e80100-combo-qmpphys-add-orientation-switch-v1-1-5c61ea1794da@linaro.org Signed-off-by: Bjorn Andersson commit 7d1cbe2f49854a9a5f723e3932da7da1b7e3c7b8 Author: Konrad Dybcio Date: Wed Aug 28 23:32:01 2024 +0200 arm64: dts: qcom: Add X1E78100 ThinkPad T14s Gen 6 Add support for the aforementioned laptop. That includes: - input methods, incl. lid switch (keyboard needs the pdc wakeup-parent removal hack..) - NVMe, WiFi - USB-C ports - GPU, display - DSPs Notably, the USB-A ports on the side are depenedent on the USB multiport controller making it upstream. At least one of the eDP panels used (non-touchscreen) identifies as BOE 0x0b66. See below for the hardware description from the OEM. Link: https://www.lenovo.com/us/en/p/laptops/thinkpad/thinkpadt/lenovo-thinkpad-t14s-gen-6-(14-inch-snapdragon)/len101t0099 Signed-off-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240828-topic-t14s_upstream-v2-2-49faea18de84@quicinc.com Signed-off-by: Bjorn Andersson commit 7ad660f9991d3f9029b55c112e728ef43170d402 Author: Konrad Dybcio Date: Wed Aug 28 23:32:00 2024 +0200 dt-bindings: arm: qcom: Add Lenovo ThinkPad T14s Gen 6 Document the X1E78100-based ThinkPad. X1E78100 is a binned version of X1E80100, hence use the latter's compatible string as fallback. Signed-off-by: Konrad Dybcio Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240828-topic-t14s_upstream-v2-1-49faea18de84@quicinc.com Signed-off-by: Bjorn Andersson commit 4b520e4983c37b2e33ea0dd5171cb8a79fd7e022 Author: André Apitzsch Date: Fri Aug 30 22:49:50 2024 +0200 Revert "arm64: dts: qcom: msm8939-longcheer-l9100: Add rear flash" Patch "arm64: dts: qcom: msm8939-longcheer-l9100: Add rear flash" has been applied twice. This reverts the older version of the patch. Revert the commit f98bdb21cfc9 ("arm64: dts: qcom: msm8939-longcheer-l9100: Add rear flash") Fixes: f98bdb21cfc9 ("arm64: dts: qcom: msm8939-longcheer-l9100: Add rear flash") Signed-off-by: André Apitzsch Link: https://lore.kernel.org/r/20240830-revert_flash-v1-1-ad7057ea7e6e@apitzsch.eu Signed-off-by: Bjorn Andersson commit 81bdc7eab99404ad657a8bc3ee02b95fbfbb7154 Author: Fabio Estevam Date: Fri Aug 30 16:43:31 2024 -0300 dt-bindings: input: touchscreen: Use generic node name Node names should be generic. Improve the binding example by using 'touchscreen' as the node name. Signed-off-by: Fabio Estevam Acked-by: Rob Herring (Arm) Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240830194331.3774408-1-festevam@gmail.com Signed-off-by: Dmitry Torokhov commit f33254db6c9dc255801b19d6d0272166779c4377 Author: Andy Shevchenko Date: Mon Aug 26 12:53:06 2024 +0300 pinctrl: stmfx: Use string_choices API instead of ternary operator Use modern string_choices API instead of manually determining the output using ternary operator. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/20240826095306.1420628-1-andriy.shevchenko@linux.intel.com Signed-off-by: Linus Walleij commit a9c470d22d2a7165958058148fe35c896f8c4324 Author: Yu Jiaoliang Date: Mon Aug 26 15:40:37 2024 +0800 pinctrl: nomadik: Use kmemdup_array instead of kmemdup for multiple allocation Let the kememdup_array() take care about multiplication and possible overflows. Signed-off-by: Yu Jiaoliang Link: https://lore.kernel.org/20240826074037.2313468-1-yujiaoliang@vivo.com Signed-off-by: Linus Walleij commit c561f3b110ebd49f4fd5c1632a22caa443a5f2a9 Author: Dmitry Torokhov Date: Fri Aug 30 14:09:20 2024 -0700 MAINTAINERS: add i8042.h and libps2.h to INPUT section Add i8042.h and libps2.h to "INPUT (KEYBOARD, MOUSE, JOYSTICK, TOUCHSCREEN) DRIVERS" section so that get_maintainers.pl script will pick them up and patches affecting them will be sent to the right place. Signed-off-by: Dmitry Torokhov commit c9ea57c91f03bcad415e1a20113bdb2077bcf990 Author: Ming Lei Date: Fri Aug 30 11:41:45 2024 +0800 nbd: fix race between timeout and normal completion If request timetout is handled by nbd_requeue_cmd(), normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free can be triggered. Fix the race by clearing NBD_CMD_INFLIGHT in nbd_requeue_cmd(), meantime make sure that cmd->lock is grabbed for clearing the flag and the requeue. Cc: Josef Bacik Cc: Yu Kuai Fixes: 2895f1831e91 ("nbd: don't clear 'NBD_CMD_INFLIGHT' flag if request is not completed") Signed-off-by: Ming Lei Reviewed-by: Yu Kuai Link: https://lore.kernel.org/r/20240830034145.1827742-1-ming.lei@redhat.com Signed-off-by: Jens Axboe commit 0315c0b5ed253853a7b07dc97487522345110548 Author: Yan Zhen Date: Fri Aug 30 19:06:51 2024 +0800 can: kvaser_usb: Simplify with dev_err_probe() dev_err_probe() is used to log an error message during the probe process of a device. It can simplify the error path and unify a message template. Using this helper is totally fine even if err is known to never be -EPROBE_DEFER. The benefit compared to a normal dev_err() is the standardized format of the error code, it being emitted symbolically and the fact that the error code is returned which allows more compact error paths. Signed-off-by: Yan Zhen Link: https://patch.msgid.link/20240830110651.519119-1-yanzhen@vivo.com mkl: fix indention Signed-off-by: Marc Kleine-Budde commit a9c0fb33fd454fda5283281e47d556c81ee9fa47 Author: Martin Jocic Date: Thu Aug 22 18:38:59 2024 +0200 can: kvaser_pciefd: Use IS_ENABLED() instead of #ifdef Use the IS_ENABLED() macro to check kernel config defines instead of ifdef. Use upper_32_bits() to avoid warnings about "right shift count >= width of type" on systems with CONFIG_ARCH_DMA_ADDR_T_64BIT not set. In kvaser_pciefd_write_dma_map_altera() use lower_32_bits() for symmetry. Signed-off-by: Martin Jocic Link: https://patch.msgid.link/20240830141038.1402217-1-mkl@pengutronix.de Signed-off-by: Marc Kleine-Budde commit 2423cc20087ae9a7b7af575aa62304ef67cad7b6 Author: Stefan Mätje Date: Thu Aug 8 18:42:24 2024 +0200 can: netlink: avoid call to do_set_data_bittiming callback with stale can_priv::ctrlmode This patch moves the evaluation of data[IFLA_CAN_CTRLMODE] in function can_changelink in front of the evaluation of data[IFLA_CAN_BITTIMING]. This avoids a call to do_set_data_bittiming providing a stale can_priv::ctrlmode with a CAN_CTRLMODE_FD flag not matching the requested state when switching between a CAN Classic and CAN-FD bitrate. In the same manner the evaluation of data[IFLA_CAN_CTRLMODE] in function can_validate is also moved in front of the evaluation of data[IFLA_CAN_BITTIMING]. This is a preparation for patches where the nominal and data bittiming may have interdependencies on the driver side depending on the CAN_CTRLMODE_FD flag state. Signed-off-by: Stefan Mätje Link: https://patch.msgid.link/20240808164224.213522-1-stefan.maetje@esd.eu Signed-off-by: Marc Kleine-Budde commit dc2ddcd136fe9b6196a7dd01f75f824beb02d43f Author: Zhang Changzhong Date: Thu Aug 29 20:48:23 2024 +0800 can: j1939: use correct function name in comment The function j1939_cancel_all_active_sessions() was renamed to j1939_cancel_active_session() but name in comment wasn't updated. Signed-off-by: Zhang Changzhong Acked-by: Oleksij Rempel Fixes: 9d71dd0c7009 ("can: add support of SAE J1939 protocol") Link: https://patch.msgid.link/1724935703-44621-1-git-send-email-zhangchangzhong@huawei.com Signed-off-by: Marc Kleine-Budde commit 09328600c2f930e8814cb9deff630a56788cc8e4 Author: Frank Li Date: Wed Aug 14 12:44:06 2024 -0400 dt-bindings: can: convert microchip,mcp251x.txt to yaml Convert binding doc microchip,mcp251x.txt to yaml. Additional change: - add ref to spi-peripheral-props.yaml Fix below warning: arch/arm64/boot/dts/freescale/imx8dx-colibri-eval-v3.dtb: /bus@5a000000/spi@5a020000/can@0: failed to match any schema with compatible: ['microchip,mcp2515'] Signed-off-by: Frank Li Reviewed-by: Conor Dooley Link: https://patch.msgid.link/20240814164407.4022211-1-Frank.Li@nxp.com Signed-off-by: Marc Kleine-Budde commit ced52c6ed257315c922dc870aafbc64dc8bd746d Author: Duy Nguyen Date: Thu Aug 1 16:03:17 2024 +0200 dt-bindings: can: renesas,rcar-canfd: Document R-Car V4M support Document support for the CAN-FD Interface on the Renesas R-Car V4M (R8A779H0) SoC, which supports up to four channels. The CAN-FD module on R-Car V4M is very similar to the one on R-Car V4H, but differs in some hardware parameters, as reflected by the Parameter Status Information part of the Global IP Version Register. However, none of this parameterization should have any impact on the driver, as the driver does not access any register that is impacted by the parameterization (except for the number of channels). Signed-off-by: Duy Nguyen [geert: Clarify R-Car V4M differences] Signed-off-by: Geert Uytterhoeven Reviewed-by: Simon Horman Acked-by: Rob Herring (Arm) Link: https://patch.msgid.link/68b5f910bef89508e3455c768844ebe859d6ff1d.1722520779.git.geert+renesas@glider.be Signed-off-by: Marc Kleine-Budde commit 3682c302e72d71abeb17a81a6d29f281b22928e2 Author: Simon Horman Date: Thu Aug 29 17:10:50 2024 +0100 ieee802154: Correct spelling in nl802154.h Correct spelling in nl802154.h. As reported by codespell. Signed-off-by: Simon Horman Message-ID: <20240829-wpan-spell-v1-2-799d840e02c4@kernel.org> Signed-off-by: Stefan Schmidt commit 7eba264a3c102b6c006aa429f7eb25d2b8533da7 Author: Simon Horman Date: Thu Aug 29 17:10:49 2024 +0100 mac802154: Correct spelling in mac802154.h Correct spelling in mac802154.h. As reported by codespell. Signed-off-by: Simon Horman Message-ID: <20240829-wpan-spell-v1-1-799d840e02c4@kernel.org> Signed-off-by: Stefan Schmidt commit 0568ee1198f8645864f55671b82e5175b08d8c83 Author: Aleksandr Loktionov Date: Mon Aug 19 11:27:56 2024 +0200 i40e: Add Energy Efficient Ethernet ability for X710 Base-T/KR/KX cards Add "EEE: Enabled/Disabled" to dmesg for supported X710 Base-T/KR/KX cards. According to the IEEE standard report the EEE ability and the EEE Link Partner ability. Use the kernel's 'ethtool_keee' structure and report EEE link modes. Example: dmesg | grep 'NIC Link is' ethtool --show-eee Before: NIC Link is Up, 10 Gbps Full Duplex, Flow Control: None Supported EEE link modes: Not reported Advertised EEE link modes: Not reported Link partner advertised EEE link modes: Not reported After: NIC Link is Up, 10 Gbps Full Duplex, Flow Control: None, EEE: Enabled Supported EEE link modes: 100baseT/Full 1000baseT/Full 10000baseT/Full Advertised EEE link modes: 100baseT/Full 1000baseT/Full 10000baseT/Full Link partner advertised EEE link modes: 100baseT/Full 1000baseT/Full 10000baseT/Full Reviewed-by: Arkadiusz Kubalewski Signed-off-by: Aleksandr Loktionov Reviewed-by: Jacob Keller Reviewed-by: Simon Horman Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit 0a6ad4d9e1690c7faa3a53f762c877e477093657 Author: Vitaly Lifshits Date: Tue Aug 6 16:23:48 2024 +0300 e1000e: avoid failing the system during pm_suspend Occasionally when the system goes into pm_suspend, the suspend might fail due to a PHY access error on the network adapter. Previously, this would have caused the whole system to fail to go to a low power state. An example of this was reported in the following Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=205015 [ 1663.694828] e1000e 0000:00:19.0 eth0: Failed to disable ULP [ 1664.731040] asix 2-3:1.0 eth1: link up, 100Mbps, full-duplex, lpa 0xC1E1 [ 1665.093513] e1000e 0000:00:19.0 eth0: Hardware Error [ 1665.596760] e1000e 0000:00:19.0: pci_pm_resume+0x0/0x80 returned 0 after 2975399 usecs and then the system never recovers from it, and all the following suspend failed due to this [22909.393854] PM: pci_pm_suspend(): e1000e_pm_suspend+0x0/0x760 [e1000e] returns -2 [22909.393858] PM: dpm_run_callback(): pci_pm_suspend+0x0/0x160 returns -2 [22909.393861] PM: Device 0000:00:1f.6 failed to suspend async: error -2 This can be avoided by changing the return values of __e1000_shutdown and e1000e_pm_suspend functions so that they always return 0 (success). This is consistent with what other drivers do. If the e1000e driver encounters a hardware error during suspend, potential side effects include slightly higher power draw or non-working wake on LAN. This is preferred to a system-level suspend failure, and a warning message is written to the system log, so that the user can be aware that the LAN controller experienced a problem during suspend. Link: https://bugzilla.kernel.org/show_bug.cgi?id=205015 Suggested-by: Dima Ruinskiy Signed-off-by: Vitaly Lifshits Tested-by: Mor Bar-Gabay Signed-off-by: Tony Nguyen commit 3f9319c6914c45a2d406faf3aa8cd0dee8bc4c2f Author: Chen Ridong Date: Fri Aug 30 10:02:29 2024 +0000 cgroup/cpuset: add sefltest for cpuset v1 There is only hotplug test for cpuset v1, just add base read/write test for cpuset v1. Signed-off-by: Chen Ridong Acked-by: Waiman Long Signed-off-by: Tejun Heo commit 1abab1ba0775036bb67c6c57945c637be644c04f Author: Chen Ridong Date: Fri Aug 30 10:02:28 2024 +0000 cgroup/cpuset: guard cpuset-v1 code under CONFIG_CPUSETS_V1 This patch introduces CONFIG_CPUSETS_V1 and guard cpuset-v1 code under CONFIG_CPUSETS_V1. The default value of CONFIG_CPUSETS_V1 is N, so that user who adopted v2 don't have 'pay' for cpuset v1. Signed-off-by: Chen Ridong Acked-by: Waiman Long Signed-off-by: Tejun Heo commit 381b53c3b5494026199a11a2744074086e352b2b Author: Chen Ridong Date: Fri Aug 30 10:02:27 2024 +0000 cgroup/cpuset: rename functions shared between v1 and v2 Some functions name declared in cpuset-internel.h are generic. To avoid confilicting with other variables for the same name, rename these functions with cpuset_/cpuset1_ prefix to make them unique to cpuset. Signed-off-by: Chen Ridong Acked-by: Waiman Long Signed-off-by: Tejun Heo commit b0ced9d378d4995f0b84463fa11ce13908dd5f21 Author: Chen Ridong Date: Fri Aug 30 10:02:26 2024 +0000 cgroup/cpuset: move v1 interfaces to cpuset-v1.c Move legacy cpuset controller interfaces files and corresponding code into cpuset-v1.c. 'update_flag', 'cpuset_write_resmask' and 'cpuset_common_seq_show' are also used for v1, so declare them in cpuset-internal.h. 'cpuset_write_s64', 'cpuset_read_s64' and 'fmeter_getrate' are only used cpuset-v1.c now, make it static. Signed-off-by: Chen Ridong Acked-by: Waiman Long Signed-off-by: Tejun Heo commit be126b5b1bd893e514920bbe7a2e00ffabcc9ce0 Author: Chen Ridong Date: Fri Aug 30 10:02:25 2024 +0000 cgroup/cpuset: move validate_change_legacy to cpuset-v1.c The validate_change_legacy functions is used for v1, move it to cpuset-v1.c. And two micro 'cpuset_for_each_child' and 'cpuset_for_each_descendant_pre' are common for v1 and v2, move them to cpuset-internal.h. Signed-off-by: Chen Ridong Acked-by: Waiman Long Signed-off-by: Tejun Heo commit 23ca5237e3d10c899de7a8311d13e38ed7d2f2d5 Author: Chen Ridong Date: Fri Aug 30 10:02:24 2024 +0000 cgroup/cpuset: move legacy hotplug update to cpuset-v1.c There are some differents about hotplug update between cpuset v1 and cpuset v2. Move the legacy code to cpuset-v1.c. 'update_tasks_cpumask' and 'update_tasks_nodemask' are both used in cpuset v1 and cpuset v2, declare them in cpuset-internal.h. The change from original code is that use callback_lock helpers to get callback_lock lock/unlock. Signed-off-by: Chen Ridong Acked-by: Waiman Long Signed-off-by: Tejun Heo commit 530020f28f55238cfcc9d9af4e90bc06327f6542 Author: Chen Ridong Date: Fri Aug 30 10:02:23 2024 +0000 cgroup/cpuset: add callback_lock helper To modify cpuset, both cpuset_mutex and callback_lock are needed. Add helpers for cpuset-v1 to get callback_lock. Signed-off-by: Chen Ridong Acked-by: Waiman Long Signed-off-by: Tejun Heo commit 90eec9548da6e8aa2eb9f13396a0b617856a38e6 Author: Chen Ridong Date: Fri Aug 30 10:02:22 2024 +0000 cgroup/cpuset: move memory_spread to cpuset-v1.c 'memory_spread' is only set in cpuset v1. move corresponding code into cpuset-v1.c. Currently, 'cpuset_update_task_spread_flags' and 'update_tasks_flags' are exposed to cpuset.c. Signed-off-by: Chen Ridong Acked-by: Waiman Long Signed-off-by: Tejun Heo commit 047b830974488f39e320a3f7403890762e527d27 Author: Chen Ridong Date: Fri Aug 30 10:02:21 2024 +0000 cgroup/cpuset: move relax_domain_level to cpuset-v1.c Setting domain level is not supported at cpuset v2, so move corresponding code into cpuset-v1.c. The 'cpuset_write_s64' and 'cpuset_read_s64' are only used for setting domain level, move them to cpuset-v1.c. Currently, expose to cpuset.c. After cpuset legacy interface files are move to cpuset-v1.c, they can be static. The 'rebuild_sched_domains_locked' is exposed to cpuset-v1.c. The change from original code is that using 'cpuset_lock' and 'cpuset_unlock' functions to lock or unlock cpuset_mutex. Signed-off-by: Chen Ridong Acked-by: Waiman Long Signed-off-by: Tejun Heo commit 49434094efbbe360dd7fcf934fef239a01a95bb7 Author: Chen Ridong Date: Fri Aug 30 10:02:20 2024 +0000 cgroup/cpuset: move memory_pressure to cpuset-v1.c Collection of memory_pressure can be enabled by writing 1 to the cpuset file 'memory_pressure_enabled', which is only for cpuset-v1. Therefore, move the corresponding code to cpuset-v1.c. Currently, the 'fmeter_init' and 'fmeter_getrate' functions are called at cpuset.c, so expose them to cpuset.c. Signed-off-by: Chen Ridong Acked-by: Waiman Long Signed-off-by: Tejun Heo commit 619a33efa0b0cd566f928d60d128033673e478cf Author: Chen Ridong Date: Fri Aug 30 10:02:19 2024 +0000 cgroup/cpuset: move common code to cpuset-internal.h Move some declarations that will be used for cpuset v1 and v2, including 'cpuset struct', 'cpuset_flagbits_t', cpuset_filetype_t,etc. No logical change. Signed-off-by: Chen Ridong Acked-by: Waiman Long Signed-off-by: Tejun Heo commit 71e934a80863c2a9f4d27ee3360dc17e0a609aa6 Author: Chen Ridong Date: Fri Aug 30 10:02:18 2024 +0000 cgroup/cpuset: introduce cpuset-v1.c This patch introduces the cgroup/cpuset-v1.c source file which will be used for all legacy (cgroup v1) cpuset cgroup code. It also introduces cgroup/cpuset-internal.h to keep declarations shared between cgroup/cpuset.c and cpuset/cpuset-v1.c. As of now, let's compile it if CONFIG_CPUSET is set. Later on it can be switched to use a separate config option, so that the legacy code won't be compiled if not required. Signed-off-by: Chen Ridong Acked-by: Waiman Long Signed-off-by: Tejun Heo commit 554bc24708dc01e0f540d5d9608102ec24642ebc Merge: 8400291e289ee6 adac147c6a32e2 Author: Stephen Boyd Date: Fri Aug 30 12:51:45 2024 -0700 Merge tag 'clk-meson-v6.12-1' of https://github.com/BayLibre/clk-meson into clk-amlogic Pull Amlogic clk driver changes from Jerome Brunet: - Constify some Amlogic structs clean-up - Add SM1 eARC clocks for Amlogic - Introduce a symbol namespace for Amlogic clock specific symbols * tag 'clk-meson-v6.12-1' of https://github.com/BayLibre/clk-meson: clk: meson: introduce symbol namespace for amlogic clocks clk: meson: axg-audio: add sm1 earcrx clocks clk: meson: axg-audio: setup regmap max_register based on the SoC dt-bindings: clock: axg-audio: add earcrx clock ids clk: meson: s4: pll: Constify struct regmap_config clk: meson: s4: peripherals: Constify struct regmap_config clk: meson: c3: pll: Constify struct regmap_config clk: meson: c3: peripherals: Constify struct regmap_config clk: meson: a1: pll: Constify struct regmap_config clk: meson: a1: peripherals: Constify struct regmap_config commit 43a17fcfcc4294f53ece15425ba362f5e28664c2 Author: Waiman Long Date: Tue Aug 20 15:55:36 2024 -0400 selftest/cgroup: Make test_cpuset_prs.sh deal with pre-isolated CPUs Since isolated CPUs can be reserved at boot time via the "isolcpus" boot command line option, these pre-isolated CPUs may interfere with testing done by test_cpuset_prs.sh. With the previous commit that incorporates those boot time isolated CPUs into "cpuset.cpus.isolated", we can check for those before testing is started to make sure that there will be no interference. Otherwise, this test will be skipped if incorrect test failure can happen. As "cpuset.cpus.isolated" is now available in a non cgroup_debug kernel, we don't need to check for its existence anymore. Signed-off-by: Waiman Long Signed-off-by: Tejun Heo commit c188f33c864e3dba49a1ad0dc9fddf2f49ac42ae Author: Waiman Long Date: Tue Aug 20 15:55:35 2024 -0400 cgroup/cpuset: Account for boot time isolated CPUs With the "isolcpus" boot command line parameter, we are able to create isolated CPUs at boot time. These isolated CPUs aren't fully accounted for in the cpuset code. For instance, the root cgroup's "cpuset.cpus.isolated" control file does not include the boot time isolated CPUs. Fix that by looking for pre-isolated CPUs at init time. The prstate_housekeeping_conflict() function does check the HK_TYPE_DOMAIN housekeeping cpumask to make sure that CPUs outside of it can only be used in isolated partition. Given the fact that we are going to make housekeeping cpumasks dynamic, the current check may not be right anymore. Save the boot time HK_TYPE_DOMAIN cpumask and check against it instead of the upcoming dynamic HK_TYPE_DOMAIN housekeeping cpumask. Signed-off-by: Waiman Long Signed-off-by: Tejun Heo commit cff69f72d33318f4ccfe7d5ff6c5616d00dd45a7 Author: Diogo Jahchan Koike Date: Thu Aug 29 15:48:27 2024 -0300 ethtool: pse-pd: move pse validation into set Move validation into set, removing .set_validate operation as its current implementation holds the rtnl lock for acquiring the PHY device, defeating the intended purpose of checking before grabbing the lock. Reported-by: syzbot+ec369e6d58e210135f71@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=ec369e6d58e210135f71 Fixes: 31748765bed3 ("net: ethtool: pse-pd: Target the command to the requested PHY") Signed-off-by: Diogo Jahchan Koike Reviewed-by: Maxime Chevallier Link: https://patch.msgid.link/20240829184830.5861-1-djahchankoike@gmail.com Signed-off-by: Jakub Kicinski commit 2ad6d23f465a4f851e3bcf6d74c315ce7b2c205b Author: Ihor Solodrai Date: Wed Aug 28 17:46:23 2024 +0000 selftests/bpf: Do not update vmlinux.h unnecessarily %.bpf.o objects depend on vmlinux.h, which makes them transitively dependent on unnecessary libbpf headers. However vmlinux.h doesn't actually change as often. When generating vmlinux.h, compare it to a previous version and update it only if there are changes. Example of build time improvement (after first clean build): $ touch ../../../lib/bpf/bpf.h $ time make -j8 Before: real 1m37.592s After: real 0m27.310s Notice that %.bpf.o gen step is skipped if vmlinux.h hasn't changed. Signed-off-by: Ihor Solodrai Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/CAEf4BzY1z5cC7BKye8=A8aTVxpsCzD=p1jdTfKC7i0XVuYoHUQ@mail.gmail.com Link: https://lore.kernel.org/bpf/20240828174608.377204-2-ihor.solodrai@pm.me commit 38960ac8f916d1e60d4ceb4735a93740c4308d9c Author: Ihor Solodrai Date: Wed Aug 28 17:46:14 2024 +0000 selftests/bpf: Specify libbpf headers required for %.bpf.o progs Test %.bpf.o objects actually depend only on some libbpf headers. Define a list of required headers and use it as TRUNNER_BPF_OBJS dependency. bpf_*.h list was determined by: $ grep -rh 'include Signed-off-by: Andrii Nakryiko Link: Link: https://lore.kernel.org/bpf/20240828174608.377204-1-ihor.solodrai@pm.me https://lore.kernel.org/bpf/CAEf4BzYQ-j2i_xjs94Nn=8+FVfkWt51mLZyiYKiz9oA4Z=pCeA@mail.gmail.com/ commit 74367ad80cca02adc975aaef42a2d9d5e685feaa Author: Andy Shevchenko Date: Thu Aug 29 16:59:20 2024 +0300 pinctrl: intel: Introduce for_each_intel_gpio_group() helper et al. Introduce a helper macro for_each_intel_gpio_group() et al. With those in place, update the users. It reduces the C code base as well as shrinks the binary: add/remove: 0/0 grow/shrink: 4/21 up/down: 39/-621 (-582) Total: Before=15942, After=15360, chg -3.65% Acked-by: Mika Westerberg Signed-off-by: Andy Shevchenko commit e075cbfeb41ef1ce8b1bae7838ac985297ab367e Author: Andy Shevchenko Date: Thu Aug 29 16:59:19 2024 +0300 pinctrl: intel: Constify intel_get_community() returned object There is nothing prevents us from constifying intel_get_community() returned object. Do it to make code more robust. Acked-by: Mika Westerberg Signed-off-by: Andy Shevchenko commit 13791bb6bf4318fbd8b901a4506fa9bb0d2083df Author: Andy Shevchenko Date: Thu Aug 29 16:59:18 2024 +0300 pinctrl: intel: Implement high impedance support Implement high impedance support for Intel pin control hardware. It allows to set high impedance and check it. Acked-by: Mika Westerberg Signed-off-by: Andy Shevchenko commit 91946ccbe74e8364cb172a1d2c23f06b06723b51 Author: Andy Shevchenko Date: Thu Aug 29 16:59:17 2024 +0300 pinctrl: intel: Add __intel_gpio_get_direction() helper Add __intel_gpio_get_direction() helper which provides all possible physical states of the pad. With that done, update current users and make the respective checks consistent. While at it, make the style of anonymous enum kernel documentation consistent. Acked-by: Mika Westerberg Signed-off-by: Andy Shevchenko commit 8c4a51f8d3aaf2cb56f7a2921a7c849422aecdf4 Author: Andy Shevchenko Date: Thu Aug 29 16:59:16 2024 +0300 pinctrl: intel: Refactor __intel_gpio_set_direction() to be more useful Refactor __intel_gpio_set_direction() to be more useful, i.e. 1) use one parameter per each direction to support all combinatios; 2) move IO to the only user that needs it. With that done, update current users and deduplicate existing code. Acked-by: Mika Westerberg Signed-off-by: Andy Shevchenko commit e5544d99d05e8df3e27c719d32ef53d0b6662bb0 Author: Andy Shevchenko Date: Thu Aug 29 16:59:15 2024 +0300 pinctrl: intel: Move debounce validation out of the lock There is no need to validate debounce value under the lock. Move it outside. It also results in a smaller binary: add/remove: 0/0 grow/shrink: 0/1 up/down: 0/-11 (-11) Total: Before=15374, After=15363, chg -0.07% Acked-by: Mika Westerberg Signed-off-by: Andy Shevchenko commit bf758226c7e6927f1c2c34fd6eb2cb580b77f543 Author: Matthew Brost Date: Mon Aug 26 10:01:44 2024 -0700 drm/xe: Invalidate media_gt TLBs in PT code Testing on LNL has shown media GT's TLBs need to be invalidated via the GuC, update PT code appropriately. v2: - Do dma_fence_get before first call of invalidation_fence_init (Himal) - No need to check for valid chain fence (Himal) v3: - Use dma-fence-array Fixes: 3330361543fc ("drm/xe/lnl: Add LNL platform definition") Signed-off-by: Matthew Brost Acked-by: Christian König Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240826170144.2492062-3-matthew.brost@intel.com commit ddc94d0b17e8ea8179ecbbefacac3fba0fb77265 Author: Matthew Brost Date: Mon Aug 26 10:01:43 2024 -0700 dma-buf: Split out dma fence array create into alloc and arm functions Useful to preallocate dma fence array and then arm in path of reclaim or a dma fence. v2: - s/arm/init (Christian) - Drop !array warn (Christian) v3: - Fix kernel doc typos (dim) Cc: Sumit Semwal Cc: Christian König Signed-off-by: Matthew Brost Reviewed-by: Christian König Link: https://patchwork.freedesktop.org/patch/msgid/20240826170144.2492062-2-matthew.brost@intel.com commit 6af91e3d2cfc8bb579b1aa2d22cd91f8c34acdf6 Author: Joe Damato Date: Thu Aug 29 15:57:42 2024 +0000 Documentation: Add missing fields to net_cachelines Two fields, page_pools and *irq_moder, were added to struct net_device in commit 083772c9f972 ("net: page_pool: record pools per netdev") and commit f750dfe825b9 ("ethtool: provide customized dim profile management"), respectively. Add both to the net_cachelines documentation, as well. Signed-off-by: Joe Damato Link: https://patch.msgid.link/20240829155742.366584-1-jdamato@fastly.com Signed-off-by: Jakub Kicinski commit 789ed80afa8c031bb125341a194e37aea71f1d46 Merge: b26b6449334365 f17bf505ff8959 Author: Jakub Kicinski Date: Fri Aug 30 11:14:08 2024 -0700 Merge branch 'icmp-avoid-possible-side-channels-attacks' Eric Dumazet says: ==================== icmp: avoid possible side-channels attacks Keyu Man reminded us that linux ICMP rate limiting was still allowing side-channels attacks. Quoting the fine document [1]: 4.4 Private Source Port Scan Method ... We can then use the same global ICMP rate limit as a side channel to infer if such an ICMP message has been triggered. At first glance, this method can work but at a low speed of one port per second, due to the per-IP rate limit on ICMP messages. Surprisingly, after we analyze the source code of the ICMP rate limit implementation, we find that the global rate limit is checked prior to the per-IP rate limit. This means that even if the per-IP rate limit may eventually determine that no ICMP reply should be sent, a packet is still subjected to the global rate limit check and one token is deducted. Ironically, such a decision is consciously made by Linux developers to avoid invoking the expensive check of the per-IP rate limit [ 22], involving a search process to locate the per-IP data structure. This effectively means that the per-IP rate limit can be disre- garded for the purpose of our side channel based scan, as it only determines if the final ICMP reply is generated but has nothing to do with the global rate limit counter decrement. As a result, we can continue to use roughly the same scan method as efficient as before, achieving 1,000 ports per second ... This series : 1) Changes the order of the two rate limiters to fix the issue. 2-3) Make the 'host-wide' rate limiter a per-netns one. [1] Link: https://dl.acm.org/doi/pdf/10.1145/3372297.3417280 ==================== Link: https://patch.msgid.link/20240829144641.3880376-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit f17bf505ff89595df5147755e51441632a5dc563 Author: Eric Dumazet Date: Thu Aug 29 14:46:41 2024 +0000 icmp: icmp_msgs_per_sec and icmp_msgs_burst sysctls become per netns Previous patch made ICMP rate limits per netns, it makes sense to allow each netns to change the associated sysctl. Signed-off-by: Eric Dumazet Reviewed-by: David Ahern Link: https://patch.msgid.link/20240829144641.3880376-4-edumazet@google.com Signed-off-by: Jakub Kicinski commit b056b4cd9178f7a1d5d57f7b48b073c29729ddaa Author: Eric Dumazet Date: Thu Aug 29 14:46:40 2024 +0000 icmp: move icmp_global.credit and icmp_global.stamp to per netns storage Host wide ICMP ratelimiter should be per netns, to provide better isolation. Following patch in this series makes the sysctl per netns. Signed-off-by: Eric Dumazet Reviewed-by: David Ahern Link: https://patch.msgid.link/20240829144641.3880376-3-edumazet@google.com Signed-off-by: Jakub Kicinski commit 8c2bd38b95f75f3d2a08c93e35303e26d480d24e Author: Eric Dumazet Date: Thu Aug 29 14:46:39 2024 +0000 icmp: change the order of rate limits ICMP messages are ratelimited : After the blamed commits, the two rate limiters are applied in this order: 1) host wide ratelimit (icmp_global_allow()) 2) Per destination ratelimit (inetpeer based) In order to avoid side-channels attacks, we need to apply the per destination check first. This patch makes the following change : 1) icmp_global_allow() checks if the host wide limit is reached. But credits are not yet consumed. This is deferred to 3) 2) The per destination limit is checked/updated. This might add a new node in inetpeer tree. 3) icmp_global_consume() consumes tokens if prior operations succeeded. This means that host wide ratelimit is still effective in keeping inetpeer tree small even under DDOS. As a bonus, I removed icmp_global.lock as the fast path can use a lock-free operation. Fixes: c0303efeab73 ("net: reduce cycles spend on ICMP replies that gets rate limited") Fixes: 4cdf507d5452 ("icmp: add a global rate limitation") Reported-by: Keyu Man Signed-off-by: Eric Dumazet Reviewed-by: David Ahern Cc: Jesper Dangaard Brouer Cc: stable@vger.kernel.org Link: https://patch.msgid.link/20240829144641.3880376-2-edumazet@google.com Signed-off-by: Jakub Kicinski commit b26b64493343659cce8bbffa358bf39e4f68bdec Author: Yan Zhen Date: Thu Aug 29 17:55:09 2024 +0800 net: openvswitch: Use ERR_CAST() to return Using ERR_CAST() is more reasonable and safer, When it is necessary to convert the type of an error pointer and return it. Signed-off-by: Yan Zhen Acked-by: Eelco Chaudron Reviewed-by: Aaron Conole Link: https://patch.msgid.link/20240829095509.3151987-1-yanzhen@vivo.com Signed-off-by: Jakub Kicinski commit f24f966feb62164f4a68d1b84e866504904ac4ac Author: Shen Lichuan Date: Thu Aug 29 15:25:38 2024 +0800 nfp: Convert to use ERR_CAST() Use ERR_CAST() as it is designed for casting an error pointer to another type. Signed-off-by: Shen Lichuan Link: https://patch.msgid.link/20240829072538.33195-1-shenlichuan@vivo.com Signed-off-by: Jakub Kicinski commit 74ce94ac38a6eac2ffc235739294f24964fd0a86 Author: Shen Lichuan Date: Thu Aug 29 10:12:53 2024 +0800 sfc: Convert to use ERR_CAST() As opposed to open-code, using the ERR_CAST macro clearly indicates that this is a pointer to an error value and a type conversion was performed. Signed-off-by: Shen Lichuan Reviewed-by: Jacob Keller Reviewed-by: Martin Habets Reviewed-by: Edward Cree Link: https://patch.msgid.link/20240829021253.3066-1-shenlichuan@vivo.com Signed-off-by: Jakub Kicinski commit 181b0d1af5d5b2ba8996fa715382cbfbfef46b6e Author: Eduard Zingerman Date: Fri Aug 30 10:34:06 2024 -0700 selftests/bpf: Check if distilled base inherits source endianness Create a BTF with endianness different from host, make a distilled base/split BTF pair from it, dump as raw bytes, import again and verify that endianness is preserved. Reviewed-by: Alan Maguire Tested-by: Alan Maguire Signed-off-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240830173406.1581007-1-eddyz87@gmail.com commit 9aee8262445d185960431e972e2d997e6aba3de0 Author: Gaosheng Cui Date: Mon Aug 26 11:58:23 2024 +0800 ARM: OMAP2+: Remove obsoleted declaration for gpmc_onenand_init The gpmc_onenand_init() have been removed since commit 2514830b8b8c ("ARM: OMAP2+: Remove gpmc-onenand"), and now it is useless, so remove it. Signed-off-by: Gaosheng Cui Link: https://lore.kernel.org/r/20240826035823.4043171-1-cuigaosheng1@huawei.com Signed-off-by: Kevin Hilman commit 2bb3fc536d692d43cd55396ecff73c7691eeae85 Merge: 70c33a2710cd08 6d0ebb3904853d Author: Rodrigo Vivi Date: Fri Aug 30 13:44:08 2024 -0400 Merge drm/drm-next into drm-intel-next Sync with drm-xe-next so we can continue with display clean-up. Signed-off-by: Rodrigo Vivi commit e19366911340c2313a1abbb09c54eaf9bdea4f58 Author: Aleksandr Mishin Date: Fri Jul 5 12:13:12 2024 +0300 drm/msm: Fix incorrect file name output in adreno_request_fw() In adreno_request_fw() when debugging information is printed to the log after firmware load, an incorrect filename is printed. 'newname' is used instead of 'fwname', so prefix "qcom/" is being added to filename. Looks like "copy-paste" mistake. Fix this mistake by replacing 'newname' with 'fwname'. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 2c41ef1b6f7d ("drm/msm/adreno: deal with linux-firmware fw paths") Signed-off-by: Aleksandr Mishin Reviewed-by: Dmitry Baryshkov Patchwork: https://patchwork.freedesktop.org/patch/602382/ Signed-off-by: Rob Clark commit 6f6829420dd66d2c35f4366a036eeaeb4602b003 Author: Connor Abbott Date: Wed Aug 7 14:04:59 2024 +0100 drm/msm: Fix UBWC macrotile_mode for a680 Make it match the MDSS settings for sc8180x and downstream. Note that without the previous commit that exposes the value of macrotile_mode to mesa, this will break mesa which expects the legacy default value of 0. Therefore we do *not* want to backport it. Signed-off-by: Connor Abbott Patchwork: https://patchwork.freedesktop.org/patch/607398/ Signed-off-by: Rob Clark commit d7eafed3223af19add14b67a390ec2b983d890e0 Author: Connor Abbott Date: Wed Aug 7 14:04:58 2024 +0100 drm/msm: Expose expanded UBWC config uapi This adds extra parameters that affect UBWC tiling that will be used by the Mesa implementation of VK_EXT_host_image_copy. Signed-off-by: Connor Abbott Patchwork: https://patchwork.freedesktop.org/patch/607401/ Signed-off-by: Rob Clark commit b874638be1d251fa2d543f0350acb36a65d9c7b0 Author: Connor Abbott Date: Wed Aug 7 14:04:57 2024 +0100 drm/msm: Expand UBWC config setting According to downstream we should be setting RBBM_NC_MODE_CNTL to a non-default value on a663 and a680, we don't support a663 and on a680 we're leaving it at the wrong (suboptimal) value. Just set it on all GPUs. Similarly, plumb through level2_swizzling_dis which will be necessary on a663. ubwc_mode is expanded and renamed to ubwc_swizzle to match the name on the display side. Similarly macrotile_mode should match the display side. Signed-off-by: Connor Abbott Patchwork: https://patchwork.freedesktop.org/patch/607397/ Signed-off-by: Rob Clark commit d53b8e36925256097a08d7cb749198d85cbf9b2b Author: Connor Abbott Date: Wed Aug 7 14:04:56 2024 +0100 drm/msm: Update a6xx register XML Update to Mesa commit 36a13d2b3b0 ("freedreno: fix a7xx perfcntr countables"). Signed-off-by: Connor Abbott Patchwork: https://patchwork.freedesktop.org/patch/607395/ Signed-off-by: Rob Clark commit a47cfb688d78217983c4a0051449aa88e2ff5ebb Author: Connor Abbott Date: Wed Aug 7 13:34:29 2024 +0100 drm/msm: Fix CP_BV_DRAW_STATE_ADDR name This was missed because we weren't using the a750-specific indexed regs. Fixes: f3f8207d8aed ("drm/msm: Add devcoredump support for a750") Signed-off-by: Connor Abbott Reviewed-by: Akhil P Oommen Patchwork: https://patchwork.freedesktop.org/patch/607394/ Signed-off-by: Rob Clark commit d8c17d7aadc2463a395f9340f44c7c34399f1d48 Author: Connor Abbott Date: Wed Aug 7 13:34:28 2024 +0100 drm/msm: Dump correct dbgahb clusters on a750 This was missed thanks to the family mixup fixed in the previous commit. Fixes: f3f8207d8aed ("drm/msm: Add devcoredump support for a750") Signed-off-by: Connor Abbott Patchwork: https://patchwork.freedesktop.org/patch/607393/ Signed-off-by: Rob Clark commit db75ef03d72ea75515f5282fe8a4925ae8373fe1 Author: Connor Abbott Date: Wed Aug 7 13:34:27 2024 +0100 drm/msm: Use a7xx family directly in gpu_state With a7xx, we need to import a new header for each new generation and switch to a different list of registers, instead of making backwards-compatible changes. Using the helpers inadvertently made a750 use the a740 list of registers, instead use the family directly to fix this. Fixes: f3f8207d8aed ("drm/msm: Add devcoredump support for a750") Signed-off-by: Connor Abbott Patchwork: https://patchwork.freedesktop.org/patch/607392/ Signed-off-by: Rob Clark commit c80bbd7fcdb2aa2e4099ecf43e0908f169d03183 Author: Richard Acayan Date: Tue Aug 6 17:44:56 2024 -0400 drm/msm/adreno: add a615 support The Adreno A615 is used in SDM670. Add an entry to support it. Signed-off-by: Richard Acayan Patchwork: https://patchwork.freedesktop.org/patch/607238/ Signed-off-by: Rob Clark commit f7f14b108880ed736c6d77b7f077980523a8ae66 Author: Eugene Lepshy Date: Wed Jul 31 21:45:49 2024 +0300 drm/msm/a6xx: Add A642L speedbin (0x81) According to downstream, A642L's speedbin is 129 and uses 4 as index Signed-off-by: Eugene Lepshy Signed-off-by: Danila Tikhonov Reviewed-by: Konrad Dybcio Patchwork: https://patchwork.freedesktop.org/patch/606722/ Signed-off-by: Rob Clark commit ce9db67747180c76ac9bbabe165e48f4af31eade Author: Rob Clark Date: Fri Aug 9 11:37:52 2024 -0700 drm/msm: Remove unused pm_state This was added in commit ec446d09366c ("drm/msm: call drm_atomic_helper_suspend() and drm_atomic_helper_resume()"), but unused since commit ca8199f13498 ("drm/msm/dpu: ensure device suspend happens during PM sleep") which switched to drm_mode_config_helper_suspend()/ drm_mode_config_helper_resume().. Signed-off-by: Rob Clark Reviewed-by: Abhinav Kumar Patchwork: https://patchwork.freedesktop.org/patch/607746/ commit 030638a73ec4f29491b0febffa1aae314ef7c6ee Author: Laurent Pinchart Date: Fri Aug 23 01:20:46 2024 +0300 drm/msm: Remove prototypes for non-existing functions The msm_atomic_state_clear() and msm_atomic_state_free() functions are declared but never defined. Remove their prototypes. Signed-off-by: Laurent Pinchart Reviewed-by: Kieran Bingham Patchwork: https://patchwork.freedesktop.org/patch/610618/ Signed-off-by: Rob Clark commit 9e68cc7de893d965d4d21cb7cee1796f4c49516e Author: Li Zetao Date: Wed Aug 21 09:21:34 2024 +0800 drm/msm/adreno: Use kvmemdup to simplify the code Use kvmemdup instead of kvmalloc() + memcpy() to simplify the code. No functional change intended. Signed-off-by: Li Zetao Reviewed-by: Akhil P Oommen Patchwork: https://patchwork.freedesktop.org/patch/609596/ Signed-off-by: Rob Clark commit da18bfa59d403040d8bcba1284285916fe9e4425 Author: Tony Ambardar Date: Fri Aug 30 02:51:50 2024 -0700 libbpf: Ensure new BTF objects inherit input endianness New split BTF needs to preserve base's endianness. Similarly, when creating a distilled BTF, we need to preserve original endianness. Fix by updating libbpf's btf__distill_base() and btf_new_empty() to retain the byte order of any source BTF objects when creating new ones. Fixes: ba451366bf44 ("libbpf: Implement basic split BTF support") Fixes: 58e185a0dc35 ("libbpf: Add btf__distill_base() creating split BTF with distilled base BTF") Reported-by: Song Liu Reported-by: Eduard Zingerman Suggested-by: Eduard Zingerman Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Tested-by: Alan Maguire Acked-by: Eduard Zingerman Link: https://lore.kernel.org/bpf/6358db36c5f68b07873a0a5be2d062b1af5ea5f8.camel@gmail.com/ Link: https://lore.kernel.org/bpf/20240830095150.278881-1-tony.ambardar@gmail.com commit 1802656ef8906cc949f58b64cb6d8d400326e163 Author: Jens Axboe Date: Fri Aug 30 10:52:02 2024 -0600 io_uring: add GCOV_PROFILE_URING Kconfig option If GCOV is enabled and this option is set, it enables code coverage profiling of the io_uring subsystem. Only use this for test purposes, as it will impact the runtime performance. Signed-off-by: Jens Axboe commit bd97615a331684590f6fe65420e9a959a57c975b Author: Thomas Weißschuh Date: Tue Aug 27 17:25:16 2024 +0200 fbdev: efifb: Use driver-private screen_info for sysfs Since commit b9cfd1d271ab ("fbdev/efifb: Use screen_info pointer from device") efifb uses a local copy of screen_info and applies its modifications there. Adapt the sysfs attributes to also work with the custom copy instead of the unmodified platform data. Signed-off-by: Thomas Weißschuh Signed-off-by: Helge Deller commit 077091721af00d2a9212218c2d61acbac5f47630 Author: Thomas Weißschuh Date: Tue Aug 27 17:25:15 2024 +0200 fbdev: efifb: Use devm_register_framebuffer() This simplifies the error handling. Also the drvdata slot is now unused and can be used for other usecases. Signed-off-by: Thomas Weißschuh Signed-off-by: Helge Deller commit 95cdd538e0e5677efbdf8aade04ec098ab98f457 Author: Thomas Weißschuh Date: Tue Aug 27 17:25:13 2024 +0200 fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup sysfs groups already. Make use of that functionality to simplify the error handling and cleanup. Also avoid a UAF race during unregistering where the sysctl attributes were usable after the info struct was freed. Signed-off-by: Thomas Weißschuh Signed-off-by: Helge Deller commit 929c81ade6355b87097a2a4886c10750e68626cf Author: Thomas Weißschuh Date: Fri Aug 30 11:45:57 2024 +0200 fbdev: Introduce devm_register_framebuffer() Introduce a device-managed variant of register_framebuffer() which automatically unregisters the framebuffer on device destruction. This can simplify the error handling and resource management in drivers. Signed-off-by: Thomas Weißschuh Signed-off-by: Helge Deller commit 2451a285ee5e8c83bedcee7f4962c828b890becf Author: Christophe JAILLET Date: Thu Aug 8 14:14:22 2024 +0200 fbdev: omapfb: Use sysfs_emit_at() to simplify code This file already uses sysfs_emit(). So be consistent and also use sysfs_emit_at(). Moreover, size is always < PAGE_SIZE because scnprintf() (and now sysfs_emit_at()) returns the number of characters written not including the trailing '\0'. So some tests can be removed. This slightly simplifies the code and makes it more readable. Signed-off-by: Christophe JAILLET Reviewed-by: Andi Shyti Signed-off-by: Helge Deller commit 33ae421ad2b546e472e36d73cf13f2b3b386f713 Author: Christophe JAILLET Date: Thu Aug 8 11:46:11 2024 +0200 fbdev: omapfb: panel-sony-acx565akm: Simplify show_cabc_available_modes() Use sysfs_emit_at() instead of snprintf() + custom logic. Using sysfs_emit_at() is much more simple. Also, sysfs_emit() is already used in this function, so using sysfs_emit_at() is more consistent. Also simplify the logic: - always add a space after an entry - change the last space into a '\n' Finally it is easy to see that, given the size of cabc_modes, PAGE_SIZE can not be reached. So better keep everything simple (and correct). Signed-off-by: Christophe JAILLET Reviewed-by: Andi Shyti Signed-off-by: Helge Deller commit 5ee70bec7945827c4661b9d44b094aac352dbaa8 Author: ying zuxin Date: Fri Aug 23 20:29:57 2024 +0800 fbdev: mmp: Use devm_clk_get_enabled() helpers The devm_clk_get_enabled() helpers: - call devm_clk_get() - call clk_prepare_enable() and register what is needed in order to call clk_disable_unprepare() when needed, as a managed resource. This simplifies the code and avoids the calls to clk_disable_unprepare(). Signed-off-by: ying zuxin Signed-off-by: Helge Deller commit aa578e897520f32ae12bec487f2474357d01ca9c Author: Christophe JAILLET Date: Thu Aug 1 22:34:39 2024 +0200 fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() If an error occurs after request_mem_region(), a corresponding release_mem_region() should be called, as already done in the remove function. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Christophe JAILLET Signed-off-by: Helge Deller commit 65ef66d918039c9e012437f2ec57f2bef76faf15 Author: Jinjie Ruan Date: Fri Aug 30 10:07:56 2024 +0800 bpf: Use sockfd_put() helper Replace fput() with sockfd_put() in bpf_fd_reuseport_array_update_elem(). Signed-off-by: Jinjie Ruan Acked-by: Stanislav Fomichev Link: https://lore.kernel.org/r/20240830020756.607877-1-ruanjinjie@huawei.com Signed-off-by: Alexei Starovoitov commit 20f61c1ead989e5d16f35bd0a546c6233b703b69 Author: Matt Roper Date: Thu Aug 29 15:06:22 2024 -0700 drm/xe/hwmon: Treat hwmon as a per-device concept There's only one instance of hwmon per device, and MMIO access to it is always done through the root tile. The code has been passing around a pointer to the root tile's primary GT, which is confusing since this isn't really a GT-level concept. Replace that pointer with an xe_device pointer and use xe_root_mmio_gt(xe) to get a pointer when we need to do register MMIO. This makes things easier to follow, and also cleans up the code in preparation for a much larger MMIO register access overhaul that's coming soon. Signed-off-by: Matt Roper Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240829220619.789159-6-matthew.d.roper@intel.com commit 3034cc8107b8d0c7d1b56584394e215dab57f8a3 Author: Matt Roper Date: Thu Aug 29 15:06:21 2024 -0700 drm/xe/pcode: Treat pcode as per-tile rather than per-GT There's only one instance of the pcode per tile, and for GT-related accesses both the primary and media GT share the same register interface. Since Xe was using per-GT locking, the pcode mutex wasn't actually protecting everything that it should since concurrent accesses related to a tile's primary GT and media GT were possible. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Matt Roper Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240829220619.789159-5-matthew.d.roper@intel.com commit cad08fa7760ace5e01b24c6f9e1f918fe72324bf Author: Matt Roper Date: Thu Aug 29 16:03:08 2024 -0700 drm/xe/display: Drop unnecessary xe_gt.h includes None of the Xe display files work directly with the GT or need anything from xe_gt.h. Drop the unnecessary include. Signed-off-by: Matt Roper Reviewed-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240829230307.886233-2-matthew.d.roper@intel.com commit 33ffa2dd0de28ded1fa856b3fb9cbf2b873d7dd0 Author: Jason A. Donenfeld Date: Fri Aug 30 17:21:36 2024 +0200 selftests: vDSO: quash clang omitted parameter warning in getrandom test When building with clang, there's this warning: vdso_test_getrandom.c:145:40: warning: omitting the parameter name in a function definition is a C23 extension [-Wc23-extensions] 145 | static void *test_vdso_getrandom(void *) | ^ vdso_test_getrandom.c:155:40: warning: omitting the parameter name in a function definition is a C23 extension [-Wc23-extensions] 155 | static void *test_libc_getrandom(void *) | ^ vdso_test_getrandom.c:165:43: warning: omitting the parameter name in a function definition is a C23 extension [-Wc23-extensions] 165 | static void *test_syscall_getrandom(void *) Add the named ctx parameter to quash it. Reported-by: Mark Brown Reviewed-by: Mark Brown Signed-off-by: Jason A. Donenfeld commit 1dd7622ef5085e0fd332d1293530b350499c374d Author: Alexey Gladkov Date: Fri Aug 30 09:43:50 2024 +0200 bpf: Remove custom build rule According to the documentation, when building a kernel with the C=2 parameter, all source files should be checked. But this does not happen for the kernel/bpf/ directory. $ touch kernel/bpf/core.o $ make C=2 CHECK=true kernel/bpf/core.o Outputs: CHECK scripts/mod/empty.c CALL scripts/checksyscalls.sh DESCEND objtool INSTALL libsubcmd_headers CC kernel/bpf/core.o As can be seen the compilation is done, but CHECK is not executed. This happens because kernel/bpf/Makefile has defined its own rule for compilation and forgotten the macro that does the check. There is no need to duplicate the build code, and this rule can be removed to use generic rules. Acked-by: Masahiro Yamada Tested-by: Oleg Nesterov Tested-by: Alan Maguire Signed-off-by: Alexey Gladkov Link: https://lore.kernel.org/r/20240830074350.211308-1-legion@kernel.org Signed-off-by: Alexei Starovoitov commit 0b93267adb34f39ca5b1574cf3766ee5fe3d44b6 Author: Sean Anderson Date: Fri May 31 12:13:37 2024 -0400 arm64: zynqmp: Add PCIe phys property for ZCU102 Add PCIe phy bindings for the ZCU102. Link: https://lore.kernel.org/r/20240531161337.864994-8-sean.anderson@linux.dev Tested-by: Thippeswamy Havalige Signed-off-by: Sean Anderson Signed-off-by: Bjorn Helgaas Acked-by: Michal Simek commit 63fb21afc1f5b2af746f332710491c61e2ad6d74 Author: Guenter Roeck Date: Wed Aug 28 17:21:41 2024 -0700 hwmon: (ina2xx) Use shunt voltage to calculate current Since the shunt voltage and the current register report the same values when the chip is calibrated, we can calculate the current directly from the shunt voltage without relying on chip calibration. With this change, the current register is no longer accessed. Its register address is only used to indicate if reading or writing current or shunt voltage is desired when accessing registers. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 4d5c2d986757e4d6f56761af8ab689218a2bc432 Author: Guenter Roeck Date: Wed Aug 28 15:23:53 2024 -0700 hwmon: (ina2xx) Add support for current limits While the chips supported by this driver do not directly support current limits, they do support setting shunt voltage limits. The shunt voltage divided by the shunt resistor value is the current. On top of that, calibration values are set such that in the shunt voltage register and the current register report the same values. That means we can report and configure current limits based on shunt voltage limits, and we can do so with much better accuracy than by setting shunt voltage limits. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 9965ebd1836fb75c7a80f20ca65469f5df0d6063 Author: Guenter Roeck Date: Wed Aug 28 15:18:51 2024 -0700 hwmon: (ina2xx) Pass register to alert limit write functions Pass the to-be-limited register to alert functions and use it to determine conversion from limit to register value. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 814db9f1b8ec1cad9fa707c52c695550cbb66b80 Author: Guenter Roeck Date: Wed Jul 24 22:41:16 2024 -0700 hwmon: (ina2xx) Convert to use with_info hwmon API Convert driver to use the with_info hardware monitoring API to reduce its dependency on sysfs attribute functions. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit c263d9166765567433f759b6435a3255cfdd4620 Author: Guenter Roeck Date: Thu Aug 1 15:34:48 2024 -0700 hwmon: (ina2xx) Move ina2xx_get_value() ina2xx_get_value() will be needed earlier in the next patch, so move it. No functional change. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit aa7d17636640233062075c22afbb3e25fc5e5a91 Author: Guenter Roeck Date: Tue Jul 23 16:17:02 2024 -0700 hwmon: (ina2xx) Set alert latch Alerts should only be cleared after reported, not immediately after the alert condition has been cleared. Set the latch enable bit to keep alerts latched until the alert register has been read from the chip. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 51c6fa3246cd6f12e3194795b0a934c1aa8f9d4f Author: Guenter Roeck Date: Wed Jul 24 09:31:08 2024 -0700 hwmon: (ina2xx) Consolidate chip initialization code Move all chip initialization code into a single function. No functional change. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit ab7fbee452beca56b7c570d49190e679863362d5 Author: Guenter Roeck Date: Wed Jul 24 09:42:16 2024 -0700 hwmon: (ina2xx) Fix various overflow issues Module tests show various overflow problems when writing limits and other attributes. in0_crit: Suspected overflow: [max=82, read 0, written 2147483648] in0_lcrit: Suspected overflow: [max=82, read 0, written 2147483648] in1_crit: Suspected overflow: [max=40959, read 0, written 2147483647] in1_lcrit: Suspected overflow: [max=40959, read 0, written 2147483647] power1_crit: Suspected overflow: [max=134218750, read 0, written 2147483648] update_interval: Suspected overflow: [max=2253, read 2, written 2147483647] Implement missing clamping on attribute write operations to avoid those problems. While at it, check in the probe function if the shunt resistor value passed from devicetree is valid, and bail out if it isn't. Also limit mutex use to the code calling ina2xx_set_shunt() since it isn't needed when called from the probe function. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit bb25cdc2bff408ee3be1f20bd2cee4ea8b79c2d6 Author: Guenter Roeck Date: Tue Jul 23 16:04:29 2024 -0700 hwmon: (ina2xx) Re-initialize chip using regmap functions If it is necessary to re-initialize the chip, for example because it has been power cycled, use regmap functions to update register contents. This ensures that all registers, including the configuration register and alert registers, are updated to previously configured values without having to locally cache everything. For this to work, volatile registers have to be marked as volatile. Also, the cache needs to be bypassed when reading the calibration and mask_enable registers. While the calibration register is not volatile, it will be reset to 0 if the chip has been power cycled. Most of the bits in the mask_enable register are configuration bits, except for bit 4 which reports if an alert has been observed. Both registers need to be marked as non-volatile to be updated after a power cycle, but it is necessary to bypass the cache when reading them to detect if the chip has been power cycled and to read the alert status. The chip does not support register auto-increments. It is therefore necessary to configure regmap to use single register read/write operations. Otherwise regmap tries to write all registers in a single operation when synchronizing register contents with the hardware, and the synchronization fails. Another necessary change is to declare ina226_alert_to_reg() as u16. So far it returned an s16 which is sign extended to a large negative value which is then sent to regmap as unsigned int, causing an -EINVAL error return. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit d491e781b0600487be9f85977deb5f833d15db56 Author: Guenter Roeck Date: Thu Aug 1 14:57:39 2024 -0700 hwmon: (ina2xx) Use local regmap pointer if used more than once If regmap is accessed more than once in a function, declare and used local regmap variable. While at it, drop low value debug messages. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 2bb476524c61f43e6e89aeacaee6599ce5dd3505 Author: Guenter Roeck Date: Thu Aug 1 16:43:03 2024 -0700 hwmon: (ina2xx) Mark regmap_config as const Recent versions of checkpatch complain that struct regmap_config should be declared as const. WARNING: struct regmap_config should normally be const Doing so reveals a potential problem in the driver: If both supported chips are present in a single system, the maximum number of registers may race when devices are instantiated since max_registers is updated in the probe function. Solve the problem by setting .max_registers to the maximum register address of all supported chips. This does not make a practical difference while fixing the potential race condition and reducing code complexity. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 232177a37b90d76d3616f28fb47636d81c02fe8b Author: Guenter Roeck Date: Tue Jul 23 13:25:31 2024 -0700 hwmon: (ina2xx) Use bit operations Use bit operations where possible to make the code more generic and to align it with other drivers. Also use compile time conversion from bit to mask to reduce runtime overhead. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 61a4a8414e1c6331a5a2fcfd235e6252c985f9d7 Author: Guenter Roeck Date: Tue Jul 23 13:23:30 2024 -0700 hwmon: (ina2xx) Replace platform data with device properties There are no in-tree users of ina2xx platform data. Drop it and support device properties instead as alternative if it should ever be needed. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 9e60bb811f582a13a1f8346675f270db7e48404c Author: Guenter Roeck Date: Tue Jul 23 13:21:12 2024 -0700 hwmon: (ina2xx) Reorder include files to alphabetic order Simplify driver maintenance by reordering include files to alphabetic order. Whule at it, drop unnecessary / unused jiffies.h. No functional change. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 21be9f7110d4c044c2b49bafbd7246335f236221 Author: Will Deacon Date: Fri Aug 30 14:01:50 2024 +0100 arm64: smccc: Reserve block of KVM "vendor" services for pKVM hypercalls pKVM relies on hypercalls to expose services such as memory sharing to protected guests. Tentatively allocate a block of 58 hypercalls (i.e. fill the remaining space in the first 64 function IDs) for pKVM usage, as future extensions such as pvIOMMU support, range-based memory sharing and validation of assigned devices will require additional services. Suggested-by: Marc Zyngier Link: https://lore.kernel.org/r/86a5h5yg5y.wl-maz@kernel.org Acked-by: Marc Zyngier Link: https://lore.kernel.org/r/20240830130150.8568-8-will@kernel.org Signed-off-by: Will Deacon commit 0f12694958001c96bda811473fdb23f333c6d3ca Author: Will Deacon Date: Fri Aug 30 14:01:49 2024 +0100 drivers/virt: pkvm: Intercept ioremap using pKVM MMIO_GUARD hypercall Hook up pKVM's MMIO_GUARD hypercall so that ioremap() and friends will register the target physical address as MMIO with the hypervisor, allowing guest exits to that page to be emulated by the host with full syndrome information. Acked-by: Marc Zyngier Link: https://lore.kernel.org/r/20240830130150.8568-7-will@kernel.org Signed-off-by: Will Deacon commit c86fa3470c1026e9f63a93e8885ea51ef99fae35 Author: Will Deacon Date: Fri Aug 30 14:01:48 2024 +0100 arm64: mm: Add confidential computing hook to ioremap_prot() Confidential Computing environments such as pKVM and Arm's CCA distinguish between shared (i.e. emulated) and private (i.e. assigned) MMIO regions. Introduce a hook into our implementation of ioremap_prot() so that MMIO regions can be shared if necessary. Reviewed-by: Catalin Marinas Reviewed-by: Steven Price Acked-by: Marc Zyngier Link: https://lore.kernel.org/r/20240830130150.8568-6-will@kernel.org Signed-off-by: Will Deacon commit ebc59b120c588156feb7ce194a9636584ced18ba Author: Will Deacon Date: Fri Aug 30 14:01:47 2024 +0100 drivers/virt: pkvm: Hook up mem_encrypt API using pKVM hypercalls If we detect the presence of pKVM's SHARE and UNSHARE hypercalls, then register a backend implementation of the mem_encrypt API so that things like DMA buffers can be shared appropriately with the host. Acked-by: Marc Zyngier Link: https://lore.kernel.org/r/20240830130150.8568-5-will@kernel.org Signed-off-by: Will Deacon commit e7bafbf7177750e6643941473b343ed72fc5a100 Author: Will Deacon Date: Fri Aug 30 14:01:46 2024 +0100 arm64: mm: Add top-level dispatcher for internal mem_encrypt API Implementing the internal mem_encrypt API for arm64 depends entirely on the Confidential Computing environment in which the kernel is running. Introduce a simple dispatcher so that backend hooks can be registered depending upon the environment in which the kernel finds itself. Reviewed-by: Catalin Marinas Reviewed-by: Steven Price Acked-by: Marc Zyngier Link: https://lore.kernel.org/r/20240830130150.8568-4-will@kernel.org Signed-off-by: Will Deacon commit a06c3fad49a50d5d5eb078f93e70f4d3eca5d5a5 Author: Will Deacon Date: Fri Aug 30 14:01:45 2024 +0100 drivers/virt: pkvm: Add initial support for running as a protected guest Implement a pKVM protected guest driver to probe the presence of pKVM and determine the memory protection granule using the HYP_MEMINFO hypercall. Acked-by: Marc Zyngier Link: https://lore.kernel.org/r/20240830130150.8568-3-will@kernel.org Signed-off-by: Will Deacon commit 0ba5b4ba61781f1eca843d9e5d499da329a8a275 Author: Marc Zyngier Date: Fri Aug 30 14:01:44 2024 +0100 firmware/smccc: Call arch-specific hook on discovering KVM services arm64 will soon require its own callback to initialise services that are only available on this architecture. Introduce a hook that can be overloaded by the architecture. Signed-off-by: Marc Zyngier Link: https://lore.kernel.org/r/20240830130150.8568-2-will@kernel.org Signed-off-by: Will Deacon commit d736d4fc763090f9a02dc5556174de9768093f43 Author: Dev Jain Date: Fri Aug 30 10:59:11 2024 +0530 kselftest/arm64: Fix build warnings for ptrace A "%s" is missing in ksft_exit_fail_msg(); instead, use the newly introduced ksft_exit_fail_perror(). Signed-off-by: Dev Jain Reviewed-by: Shuah Khan Reviewed-by: Mark Brown Link: https://lore.kernel.org/r/20240830052911.4040970-1-dev.jain@arm.com Signed-off-by: Will Deacon commit 070e326f327a8d32669b5bf9b50a12c2cd8277ff Author: Mostafa Saleh Date: Fri Aug 30 11:03:48 2024 +0000 iommu/arm-smmu-v3-test: Test masters with stall enabled At the moment, the SMMUv3 unit tests assume ATS is always enabled, although this is sufficient to test hitless/non-hitless transitions, but exercising other features is useful to check ste/cd population logic (for example the .get_used logic). Add an enum where bits define features per-master, at the moment there is only ATS and STALLs which are mutually exclusive, but this would make it easier to extend with other features in the future. Also, Add 2 more tests for s1 <-> s2 transitions with stalls enabled. Signed-off-by: Mostafa Saleh Link: https://lore.kernel.org/r/20240830110349.797399-3-smostafa@google.com Signed-off-by: Will Deacon commit ce7cb08e22e09f43649b025c849a3ae3b80833c4 Author: Mostafa Saleh Date: Fri Aug 30 11:03:47 2024 +0000 iommu/arm-smmu-v3: Match Stall behaviour for S2 According to the spec (ARM IHI 0070 F.b), in "5.5 Fault configuration (A, R, S bits)": A STE with stage 2 translation enabled and STE.S2S == 0 is considered ILLEGAL if SMMU_IDR0.STALL_MODEL == 0b10. Also described in the pseudocode “SteIllegal()” if STE.Config == '11x' then [..] if eff_idr0_stall_model == '10' && STE.S2S == '0' then // stall_model forcing stall, but S2S == 0 return TRUE; Which means, S2S must be set when stall model is "ARM_SMMU_FEAT_STALL_FORCE", but currently the driver ignores that. Although, the driver can do the minimum and only set S2S for “ARM_SMMU_FEAT_STALL_FORCE”, it is more consistent to match S1 behaviour, which also sets it for “ARM_SMMU_FEAT_STALL” if the master has requested stalls. Also, since S2 stalls are enabled now, report them to the IOMMU layer and for VFIO devices it will fail anyway as VFIO doesn’t register an iopf handler. Signed-off-by: Mostafa Saleh Link: https://lore.kernel.org/r/20240830110349.797399-2-smostafa@google.com Signed-off-by: Will Deacon commit 99c9767c0444098a806529204c7a2556f89d0c04 Author: Richard Fitzgerald Date: Fri Aug 30 15:48:19 2024 +0100 ASoC: cs-amp-lib: Add KUnit test case for empty calibration entries Add a test case for commit bb4485562f59 ("ASoC: cs-amp-lib: Ignore empty UEFI calibration entries"). Any entries in the calibration blob that have calTime==0 are empty entries. So they must not be returned by a lookup. Signed-off-by: Richard Fitzgerald Link: https://patch.msgid.link/20240830144819.118362-1-rf@opensource.cirrus.com Signed-off-by: Mark Brown commit 12fd64babaca4dc09d072f63eda76ba44119816a Author: Sebastian Reichel Date: Mon Mar 25 20:33:36 2024 +0100 clk: rockchip: fix error for unknown clocks There is a clk == NULL check after the switch to check for unsupported clk types. Since clk is re-assigned in a loop, this check is useless right now for anything but the first round. Let's fix this up by assigning clk = NULL in the loop before the switch statement. Fixes: a245fecbb806 ("clk: rockchip: add basic infrastructure for clock branches") Cc: stable@vger.kernel.org Signed-off-by: Sebastian Reichel [added fixes + stable-cc] Link: https://lore.kernel.org/r/20240325193609.237182-6-sebastian.reichel@collabora.com Signed-off-by: Heiko Stuebner commit 2e7b3daa8cb1ebd17e6a7f417ef5e6553203035c Author: Sebastian Reichel Date: Mon Mar 25 20:33:32 2024 +0100 clk: rockchip: rk3588: drop unused code All clocks are registered early using CLK_OF_DECLARE(), which marks the DT node as processed. For the processed DT node the probe routine is never called. Thus this whole code is never executed. This could be "fixed" by using CLK_OF_DECLARE_DRIVER, which avoids marking the DT node as processed. But then the probe routine would re-register all the clocks by calling rk3588_clk_init() again. Signed-off-by: Sebastian Reichel Link: https://lore.kernel.org/r/20240325193609.237182-2-sebastian.reichel@collabora.com Signed-off-by: Heiko Stuebner commit 7c2fd76048e95dd267055b5f5e0a48e6e7c81fd9 Author: Puranjay Mohan Date: Thu Aug 29 13:32:17 2024 +0000 nvme: fix metadata handling in nvme-passthrough On an NVMe namespace that does not support metadata, it is possible to send an IO command with metadata through io-passthru. This allows issues like [1] to trigger in the completion code path. nvme_map_user_request() doesn't check if the namespace supports metadata before sending it forward. It also allows admin commands with metadata to be processed as it ignores metadata when bdev == NULL and may report success. Reject an IO command with metadata when the NVMe namespace doesn't support it and reject an admin command if it has metadata. [1] https://lore.kernel.org/all/mb61pcylvnym8.fsf@amazon.com/ Suggested-by: Christoph Hellwig Signed-off-by: Puranjay Mohan Reviewed-by: Christoph Hellwig Reviewed-by: Sagi Grimberg Reviewed-by: Anuj Gupta Signed-off-by: Keith Busch commit f9cb5e01cc4e57d86e906330828139efc06de602 Author: Sasha Neftin Date: Sun Aug 18 11:32:50 2024 +0300 igc: Move the MULTI GBT AN Control Register to _regs file MULTI GBT AN Control Register is IEEE Standard Register 7.32 (not a mask). The right place should be in igc_reg.h file. In accordance with the registers naming convention added IGC_' prefix. Signed-off-by: Sasha Neftin Reviewed-by: Paul Menzel Tested-by: Avigail Dahan Signed-off-by: Tony Nguyen commit ad7dffae4e40b5ed3b145b08625a4b1a9725211f Author: Sasha Neftin Date: Sat Jul 13 22:02:09 2024 +0300 igc: Add Energy Efficient Ethernet ability According to the IEEE standard report the EEE ability (registers 7.60 and 7.62) and the EEE Link Partner ability (registers 7.61 and 7.63). Use the kernel's 'ethtool_keee' structure and report EEE link modes. Example: ethtool --show-eee Before: Advertised EEE link modes: Not reported Link partner advertised EEE link modes: Not reported After: Advertised EEE link modes: 100baseT/Full 1000baseT/Full 2500baseT/Full Link partner advertised EEE link modes: 100baseT/Full 1000baseT/Full 2500baseT/Full Signed-off-by: Sasha Neftin Tested-by: Avigail Dahan Signed-off-by: Tony Nguyen commit 8dcf2c212078d8ac0714ae872a5496a36eda21e6 Author: Kurt Kanzenbach Date: Fri Jun 21 08:56:30 2024 +0200 igc: Get rid of spurious interrupts When running the igc with XDP/ZC in busy polling mode with deferral of hard interrupts, interrupts still happen from time to time. That is caused by the igc task watchdog which triggers Rx interrupts periodically. That mechanism has been introduced to overcome skb/memory allocation failures [1]. So the Rx clean functions stop processing the Rx ring in case of such failure. The task watchdog triggers Rx interrupts periodically in the hope that memory became available in the mean time. The current behavior is undesirable for real time applications, because the driver induced Rx interrupts trigger also the softirq processing. However, all real time packets should be processed by the application which uses the busy polling method. Therefore, only trigger the Rx interrupts in case of real allocation failures. Introduce a new flag for signaling that condition. [1] - https://git.kernel.org/pub/scm/linux/kernel/git/tglx/history.git/commit/?id=3be507547e6177e5c808544bd6a2efa2c7f1d436 Reviewed-by: Sebastian Andrzej Siewior Acked-by: Vinicius Costa Gomes Acked-by: Maciej Fijalkowski Signed-off-by: Kurt Kanzenbach Reviewed-by: Simon Horman Tested-by: Mor Bar-Gabay Signed-off-by: Tony Nguyen commit 9f3297511dae19b28b333134cbf7e8746722d6a5 Author: Kurt Kanzenbach Date: Fri Jun 21 09:25:55 2024 +0200 igc: Add MQPRIO offload support Add support for offloading MQPRIO. The hardware has four priorities as well as four queues. Each queue must be a assigned with a unique priority. However, the priorities are only considered in TSN Tx mode. There are two TSN Tx modes. In case of MQPRIO the Qbv capability is not required. Therefore, use the legacy TSN Tx mode, which performs strict priority arbitration. Example for mqprio with hardware offload: |tc qdisc replace dev ${INTERFACE} handle 100 parent root mqprio num_tc 4 \ | map 0 0 0 0 0 1 2 3 0 0 0 0 0 0 0 0 \ | queues 1@0 1@1 1@2 1@3 \ | hw 1 The mqprio Qdisc also allows to configure the `preemptible_tcs'. However, frame preemption is not supported yet. Tested on Intel i225 and implemented by following data sheet section 7.5.2, Transmit Scheduling. Signed-off-by: Kurt Kanzenbach Reviewed-by: Wojciech Drewek Acked-by: Vinicius Costa Gomes Reviewed-by: Simon Horman Tested-by: Mor Bar-Gabay Signed-off-by: Tony Nguyen commit a9d40285bdefef700ebc7551ef79d2f3e4559e73 Author: Nicolin Chen Date: Thu Aug 29 15:34:39 2024 -0700 iommu/tegra241-cmdqv: Limit CMDs for VCMDQs of a guest owned VINTF When VCMDQs are assigned to a VINTF owned by a guest (HYP_OWN bit unset), only TLB and ATC invalidation commands are supported by the VCMDQ HW. So, implement the new cmdq->supports_cmd op to scan the input cmd in order to make sure that it is supported by the selected queue. Note that the guest VM shouldn't have HYP_OWN bit being set regardless of guest kernel driver writing it or not, i.e. the hypervisor running in the host OS should wire this bit to zero when trapping a write access to this VINTF_CONFIG register from a guest kernel. Reviewed-by: Jason Gunthorpe Signed-off-by: Nicolin Chen Link: https://lore.kernel.org/r/8160292337059b91271045800e5c62f7295e2c24.1724970714.git.nicolinc@nvidia.com Signed-off-by: Will Deacon commit f59e854907128ec3d4a82b7fc4efe9be8da2e78e Author: Nicolin Chen Date: Thu Aug 29 15:34:38 2024 -0700 iommu/arm-smmu-v3: Start a new batch if new command is not supported The VCMDQ in the tegra241-cmdqv driver has a guest mode that supports only a few invalidation commands. A batch is initialized with a cmdq, so it has to confirm whether a new command is supported or not. Add a supports_cmd function pointer to the cmdq structure, where the vcmdq driver should hook a command scan function. Add an inline helper too so it can be used by both sides. If a new command is not supported, simply issue the existing batch and re- init it as a new batch. Signed-off-by: Nicolin Chen Link: https://lore.kernel.org/r/aafb24b881504f18c5d0c7c15f2134e40ad2c486.1724970714.git.nicolinc@nvidia.com Signed-off-by: Will Deacon commit 918eb5c856f6ce4cf93b4b38e4b5e156905c5943 Author: Nate Watterson Date: Thu Aug 29 15:34:37 2024 -0700 iommu/arm-smmu-v3: Add in-kernel support for NVIDIA Tegra241 (Grace) CMDQV NVIDIA's Tegra241 Soc has a CMDQ-Virtualization (CMDQV) hardware, extending the standard ARM SMMU v3 IP to support multiple VCMDQs with virtualization capabilities. In terms of command queue, they are very like a standard SMMU CMDQ (or ECMDQs), but only support CS_NONE in the CS field of CMD_SYNC. Add a new tegra241-cmdqv driver, and insert its structure pointer into the existing arm_smmu_device, and then add related function calls in the SMMUv3 driver to interact with the CMDQV driver. In the CMDQV driver, add a minimal part for the in-kernel support: reserve VINTF0 for in-kernel use, and assign some of the VCMDQs to the VINTF0, and select one VCMDQ based on the current CPU ID to execute supported commands. This multi-queue design for in-kernel use gives some limited improvements: up to 20% reduction of invalidation time was measured by a multi-threaded DMA unmap benchmark, compared to a single queue. The other part of the CMDQV driver will be user-space support that gives a hypervisor running on the host OS to talk to the driver for virtualization use cases, allowing VMs to use VCMDQs without trappings, i.e. no VM Exits. This is designed based on IOMMUFD, and its RFC series is also under review. It will provide a guest OS a bigger improvement: 70% to 90% reductions of TLB invalidation time were measured by DMA unmap tests running in a guest, compared to nested SMMU CMDQ (with trappings). As the initial version, the CMDQV driver only supports ACPI configurations. Signed-off-by: Nate Watterson Reviewed-by: Jason Gunthorpe Co-developed-by: Nicolin Chen Signed-off-by: Nicolin Chen Link: https://lore.kernel.org/r/dce50490b2c10b7254fb36aa73ed7ffd812b283a.1724970714.git.nicolinc@nvidia.com Signed-off-by: Will Deacon commit 6de80d619203c672e5c011e8715bd965d27b69cf Author: Jason Gunthorpe Date: Thu Aug 29 15:34:36 2024 -0700 iommu/arm-smmu-v3: Add struct arm_smmu_impl_ops Mimicing the arm-smmu (v2) driver, introduce a struct arm_smmu_impl_ops to accommodate impl routines. Suggested-by: Will Deacon Signed-off-by: Jason Gunthorpe Signed-off-by: Nicolin Chen Link: https://lore.kernel.org/r/8fe9f3805568aabf771fc6706c116459016bf62d.1724970714.git.nicolinc@nvidia.com Signed-off-by: Will Deacon commit 6f3f9ff43d005571a8d70d4a562ed7c4150e324c Author: Nicolin Chen Date: Thu Aug 29 15:34:35 2024 -0700 iommu/arm-smmu-v3: Add acpi_smmu_iort_probe_model for impl For model-specific implementation, repurpose the acpi_smmu_get_options() to a wider acpi_smmu_acpi_probe_model(). A new model can add to the list in this new function. Suggested-by: Will Deacon Signed-off-by: Nicolin Chen Link: https://lore.kernel.org/r/79716299829aeab2e55b8c7932f2634b209bb4d5.1724970714.git.nicolinc@nvidia.com Signed-off-by: Will Deacon commit b935a5b1c670c0a167f1263df5647b1b5b06e806 Author: Nicolin Chen Date: Thu Aug 29 15:34:34 2024 -0700 iommu/arm-smmu-v3: Add ARM_SMMU_OPT_TEGRA241_CMDQV The CMDQV extension in NVIDIA Tegra241 SoC only supports CS_NONE in the CS field of CMD_SYNC. Add a new SMMU option to accommodate that. Suggested-by: Will Deacon Reviewed-by: Jason Gunthorpe Signed-off-by: Nicolin Chen Link: https://lore.kernel.org/r/a3cb9bb2429fbae4a59f7ef517614d226763d717.1724970714.git.nicolinc@nvidia.com Signed-off-by: Will Deacon commit a7a08b857a32d2f17fb9aba42e2c30d816ce5f1c Author: Nicolin Chen Date: Thu Aug 29 15:34:33 2024 -0700 iommu/arm-smmu-v3: Make symbols public for CONFIG_TEGRA241_CMDQV The symbols __arm_smmu_cmdq_skip_err(), arm_smmu_init_one_queue(), and arm_smmu_cmdq_init() need to be used by the tegra241-cmdqv compilation unit in a following patch. Remove the static and put prototypes in the header. Reviewed-by: Jason Gunthorpe Signed-off-by: Nicolin Chen Link: https://lore.kernel.org/r/c4f2aa5f5f40a2e7c68b132c6d3171d6403de57a.1724970714.git.nicolinc@nvidia.com Signed-off-by: Will Deacon commit e736c895c45bfcf9a9c675022e51fcabbb33e748 Author: Nicolin Chen Date: Thu Aug 29 15:34:32 2024 -0700 iommu/arm-smmu-v3: Pass in cmdq pointer to arm_smmu_cmdq_init So that this function can be used by other cmdqs than &smmu->cmdq only. Reviewed-by: Jason Gunthorpe Signed-off-by: Nicolin Chen Link: https://lore.kernel.org/r/e11a3c0bde172c9652c2946f12bc2ceed4c3a355.1724970714.git.nicolinc@nvidia.com Signed-off-by: Will Deacon commit 2ea1f0120f900b2643afc71cc6bf5bab52df27d8 Author: Nicolin Chen Date: Thu Aug 29 15:34:31 2024 -0700 iommu/arm-smmu-v3: Pass in cmdq pointer to arm_smmu_cmdq_build_sync_cmd The CMDQV extension on NVIDIA Tegra241 SoC only supports CS_NONE in the CS field of CMD_SYNC, v.s. standard SMMU CMDQ. Pass in the cmdq pointer directly, so the function can identify a different cmdq implementation. Reviewed-by: Jason Gunthorpe Signed-off-by: Nicolin Chen Link: https://lore.kernel.org/r/723288287997b6dfbcd2a904d2c11e9b23f82250.1724970714.git.nicolinc@nvidia.com Signed-off-by: Will Deacon commit 56ae8866f3b408836c5f6cafbe6102f6e97911ba Author: Nicolin Chen Date: Thu Aug 29 15:34:30 2024 -0700 iommu/arm-smmu-v3: Issue a batch of commands to the same cmdq The driver calls in different places the arm_smmu_get_cmdq() helper, and it's fine to do so since the helper always returns the single SMMU CMDQ. However, with NVIDIA CMDQV extension or SMMU ECMDQ, there can be multiple cmdqs in the system to select one from. And either case requires a batch of commands to be issued to the same cmdq. Thus, a cmdq has to be decided in the higher-level callers. Add a cmdq pointer in arm_smmu_cmdq_batch structure, and decide the cmdq when initializing the batch. Pass its pointer down to the bottom function. Update __arm_smmu_cmdq_issue_cmd() accordingly for single command issuers. Suggested-by: Jason Gunthorpe Reviewed-by: Jason Gunthorpe Signed-off-by: Nicolin Chen Link: https://lore.kernel.org/r/2cbf5ddefb6ea611e48d67c642271bd24421eb21.1724970714.git.nicolinc@nvidia.com Signed-off-by: Will Deacon commit d814fd0f046c2a6b1a919e1a529550bdfe9f9f9b Author: Jinjie Ruan Date: Mon Aug 26 20:14:21 2024 +0800 spi: zynqmp-gqspi: Simplify with dev_err_probe() Use the dev_err_probe() helper to simplify error handling during probe. This also handle scenario, when EDEFER is returned and useless error is printed. Signed-off-by: Jinjie Ruan Acked-by: Michal Simek Link: https://patch.msgid.link/20240826121421.3384792-3-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 64640f6c972e80f52196416a8d4dc3c0ffcbc82d Author: Jinjie Ruan Date: Mon Aug 26 20:14:20 2024 +0800 spi: zynqmp-gqspi: Use devm_spi_alloc_host() Use devm_spi_alloc_host() so that there's no need to call spi_controller_put() in the error path. Signed-off-by: Jinjie Ruan Acked-by: Michal Simek Link: https://patch.msgid.link/20240826121421.3384792-2-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit f0d0dbbc101a5ed2cd844eae0c2cc0546327ef89 Author: Christophe Leroy Date: Fri Aug 30 14:28:39 2024 +0200 selftests: vDSO: use parse_vdso.h in vdso_test_abi Don't duplicate parse_vdso function prototypes, include the header instead. Fixes: 693f5ca08ca0 ("kselftest: Extend vDSO selftest") Signed-off-by: Christophe Leroy Acked-by: Shuah Khan Signed-off-by: Jason A. Donenfeld commit 6eda706a535c3d0119eaefaad5fc119609639ed2 Author: Christophe Leroy Date: Fri Aug 30 14:28:38 2024 +0200 selftests: vDSO: fix the way vDSO functions are called for powerpc vdso_test_correctness test fails on powerpc: ~ # ./vdso_test_correctness ... [RUN] Testing clock_gettime for clock CLOCK_REALTIME_ALARM (8)... [FAIL] No such clock, but __vdso_clock_gettime returned 22 [RUN] Testing clock_gettime for clock CLOCK_BOOTTIME_ALARM (9)... [FAIL] No such clock, but __vdso_clock_gettime returned 22 [RUN] Testing clock_gettime for clock CLOCK_SGI_CYCLE (10)... [FAIL] No such clock, but __vdso_clock_gettime returned 22 ... [RUN] Testing clock_gettime for clock invalid (-1)... [FAIL] No such clock, but __vdso_clock_gettime returned 22 [RUN] Testing clock_gettime for clock invalid (-2147483648)... [FAIL] No such clock, but __vdso_clock_gettime returned 22 [RUN] Testing clock_gettime for clock invalid (2147483647)... [FAIL] No such clock, but __vdso_clock_gettime returned 22 On powerpc, a call to a VDSO function is not an ordinary C function call. Unlike several architectures which returns a negative error code in case of an error, powerpc sets CR[SO] and returns the error code as a positive value. Define and use a macro called VDSO_CALL() which takes a pointer to the function to call, the number of arguments and the arguments. Also update ABI vdso documentation to reflect this subtlety. Provide a specific version of VDSO_CALL() for powerpc that negates the error code on return when CR[SO] is set. Fixes: c7e5789b24d3 ("kselftest: Move test_vdso to the vDSO test suite") Fixes: 2e9a97256616 ("selftests: vdso: Add a selftest for vDSO getcpu()") Fixes: 693f5ca08ca0 ("kselftest: Extend vDSO selftest") Fixes: b2f1c3db2887 ("kselftest: Extend vdso correctness test to clock_gettime64") Fixes: 4920a2590e91 ("selftests/vDSO: add tests for vgetrandom") Signed-off-by: Christophe Leroy Acked-by: Shuah Khan Signed-off-by: Jason A. Donenfeld commit ba83b3239e657469709d15dcea5f9b65bf9dbf34 Author: Christophe Leroy Date: Fri Aug 30 14:28:37 2024 +0200 selftests: vDSO: fix vDSO symbols lookup for powerpc64 On powerpc64, following tests fail locating vDSO functions: ~ # ./vdso_test_abi TAP version 13 1..16 # [vDSO kselftest] VDSO_VERSION: LINUX_2.6.15 # Couldn't find __kernel_gettimeofday ok 1 # SKIP __kernel_gettimeofday # clock_id: CLOCK_REALTIME # Couldn't find __kernel_clock_gettime ok 2 # SKIP __kernel_clock_gettime CLOCK_REALTIME # Couldn't find __kernel_clock_getres ok 3 # SKIP __kernel_clock_getres CLOCK_REALTIME ... # Couldn't find __kernel_time ok 16 # SKIP __kernel_time # Totals: pass:0 fail:0 xfail:0 xpass:0 skip:16 error:0 ~ # ./vdso_test_getrandom __kernel_getrandom is missing! ~ # ./vdso_test_gettimeofday Could not find __kernel_gettimeofday ~ # ./vdso_test_getcpu Could not find __kernel_getcpu On powerpc64, as shown below by readelf, vDSO functions symbols have type NOTYPE, so also accept that type when looking for symbols. $ powerpc64-linux-gnu-readelf -a arch/powerpc/kernel/vdso/vdso64.so.dbg ELF Header: Magic: 7f 45 4c 46 02 02 01 00 00 00 00 00 00 00 00 00 Class: ELF64 Data: 2's complement, big endian Version: 1 (current) OS/ABI: UNIX - System V ABI Version: 0 Type: DYN (Shared object file) Machine: PowerPC64 Version: 0x1 ... Symbol table '.dynsym' contains 12 entries: Num: Value Size Type Bind Vis Ndx Name 0: 0000000000000000 0 NOTYPE LOCAL DEFAULT UND 1: 0000000000000524 84 NOTYPE GLOBAL DEFAULT 8 __[...]@@LINUX_2.6.15 2: 00000000000005f0 36 NOTYPE GLOBAL DEFAULT 8 __[...]@@LINUX_2.6.15 3: 0000000000000578 68 NOTYPE GLOBAL DEFAULT 8 __[...]@@LINUX_2.6.15 4: 0000000000000000 0 OBJECT GLOBAL DEFAULT ABS LINUX_2.6.15 5: 00000000000006c0 48 NOTYPE GLOBAL DEFAULT 8 __[...]@@LINUX_2.6.15 6: 0000000000000614 172 NOTYPE GLOBAL DEFAULT 8 __[...]@@LINUX_2.6.15 7: 00000000000006f0 84 NOTYPE GLOBAL DEFAULT 8 __[...]@@LINUX_2.6.15 8: 000000000000047c 84 NOTYPE GLOBAL DEFAULT 8 __[...]@@LINUX_2.6.15 9: 0000000000000454 12 NOTYPE GLOBAL DEFAULT 8 __[...]@@LINUX_2.6.15 10: 00000000000004d0 84 NOTYPE GLOBAL DEFAULT 8 __[...]@@LINUX_2.6.15 11: 00000000000005bc 52 NOTYPE GLOBAL DEFAULT 8 __[...]@@LINUX_2.6.15 Symbol table '.symtab' contains 56 entries: Num: Value Size Type Bind Vis Ndx Name ... 45: 0000000000000000 0 OBJECT GLOBAL DEFAULT ABS LINUX_2.6.15 46: 00000000000006c0 48 NOTYPE GLOBAL DEFAULT 8 __kernel_getcpu 47: 0000000000000524 84 NOTYPE GLOBAL DEFAULT 8 __kernel_clock_getres 48: 00000000000005f0 36 NOTYPE GLOBAL DEFAULT 8 __kernel_get_tbfreq 49: 000000000000047c 84 NOTYPE GLOBAL DEFAULT 8 __kernel_gettimeofday 50: 0000000000000614 172 NOTYPE GLOBAL DEFAULT 8 __kernel_sync_dicache 51: 00000000000006f0 84 NOTYPE GLOBAL DEFAULT 8 __kernel_getrandom 52: 0000000000000454 12 NOTYPE GLOBAL DEFAULT 8 __kernel_sigtram[...] 53: 0000000000000578 68 NOTYPE GLOBAL DEFAULT 8 __kernel_time 54: 00000000000004d0 84 NOTYPE GLOBAL DEFAULT 8 __kernel_clock_g[...] 55: 00000000000005bc 52 NOTYPE GLOBAL DEFAULT 8 __kernel_get_sys[...] Fixes: 98eedc3a9dbf ("Document the vDSO and add a reference parser") Signed-off-by: Christophe Leroy Acked-by: Shuah Khan Signed-off-by: Jason A. Donenfeld commit 7d297c419b08eafa69ce27243ee9bbecab4fcaa4 Author: Christophe Leroy Date: Fri Aug 30 14:28:36 2024 +0200 selftests: vDSO: fix vdso_config for powerpc Running vdso_test_correctness on powerpc64 gives the following warning: ~ # ./vdso_test_correctness Warning: failed to find clock_gettime64 in vDSO This is because vdso_test_correctness was built with VDSO_32BIT defined. __powerpc__ macro is defined on both powerpc32 and powerpc64 so __powerpc64__ needs to be checked first in vdso_config.h Fixes: 693f5ca08ca0 ("kselftest: Extend vDSO selftest") Signed-off-by: Christophe Leroy Acked-by: Shuah Khan Signed-off-by: Jason A. Donenfeld commit 59eb856c3ed9b3552befd240c0c339f22eed3fa1 Author: Christophe Leroy Date: Fri Aug 30 14:28:35 2024 +0200 selftests: vDSO: fix vDSO name for powerpc Following error occurs when running vdso_test_correctness on powerpc: ~ # ./vdso_test_correctness [WARN] failed to find vDSO [SKIP] No vDSO, so skipping clock_gettime() tests [SKIP] No vDSO, so skipping clock_gettime64() tests [RUN] Testing getcpu... [OK] CPU 0: syscall: cpu 0, node 0 On powerpc, vDSO is neither called linux-vdso.so.1 nor linux-gate.so.1 but linux-vdso32.so.1 or linux-vdso64.so.1. Also search those two names before giving up. Fixes: c7e5789b24d3 ("kselftest: Move test_vdso to the vDSO test suite") Signed-off-by: Christophe Leroy Acked-by: Shuah Khan Signed-off-by: Jason A. Donenfeld commit f78280b1a3cedd9f68d5f596179675514a15bd1d Author: Jason A. Donenfeld Date: Thu Aug 29 20:23:23 2024 +0200 selftests: vDSO: skip getrandom test if architecture is unsupported If the getrandom test compiles for an arch, don't exit fatally if the actual cpu it's running on is unsupported. Suggested-by: Adhemerval Zanella Netto Signed-off-by: Jason A. Donenfeld commit b90eeff1badd9c3d12123e2721ae08dfb689cda7 Author: Xi Ruoyao Date: Wed Aug 28 13:29:57 2024 +0200 selftests: vDSO: use KHDR_INCLUDES for UAPI headers for getrandom test Building test_vdso_getrandom currently leads to following issue: In file included from /home/xry111/git-repos/linux/tools/include/linux/compiler_types.h:36, from /home/xry111/git-repos/linux/include/uapi/linux/stddef.h:5, from /home/xry111/git-repos/linux/include/uapi/linux/posix_types.h:5, from /usr/include/asm/sigcontext.h:12, from /usr/include/bits/sigcontext.h:30, from /usr/include/signal.h:301, from vdso_test_getrandom.c:14: /home/xry111/git-repos/linux/tools/include/linux/compiler-gcc.h:3:2: error: #error "Please don't include directly, include instead." 3 | #error "Please don't include directly, include instead." | ^~~~~ It's because the compiler_types.h inclusion in include/uapi/linux/stddef.h is expected to be removed by the header_install.sh script, as compiler_types.h shouldn't be used from user space. Add KHDR_INCLUDES before the existing include/uapi inclusion so that usr/include takes precedence if it's populated. Signed-off-by: Xi Ruoyao Signed-off-by: Jason A. Donenfeld commit be9155154bc39e910ba8e56f32be299cf83e21d0 Author: Jason A. Donenfeld Date: Tue Aug 27 16:52:36 2024 +0200 selftests: vDSO: remove unnecessary command line defs from chacha test CONFIG_FUNCTION_ALIGNMENT=0 is no longer necessary and BULID_VDSO wasn't spelled right while BUILD_VDSO isn't necessary, so just remove these. Reported-by: Adhemerval Zanella Netto Signed-off-by: Jason A. Donenfeld commit a5330eb3bcd87f3ce7738a2e898671a0ff561e85 Author: Jason A. Donenfeld Date: Tue Aug 27 16:27:13 2024 +0200 selftests: vDSO: separate LDLIBS from CFLAGS for libsodium On systems that set -Wl,--as-needed, putting the -lsodium in the wrong place on the command line means we get a linker error: CC vdso_test_chacha /usr/bin/ld: /tmp/ccKpjnSM.o: in function `main': vdso_test_chacha.c:(.text+0x276): undefined reference to `crypto_stream_chacha20' collect2: error: ld returned 1 exit status Fix this by passing pkg-config's --libs output to the LDFLAGS field instead of the CFLAGS field, as is customary. Reported-by: Adhemerval Zanella Netto Signed-off-by: Jason A. Donenfeld commit 1e661b349041c3d5026d9e95930b1d396c0c6e6d Author: Xi Ruoyao Date: Tue Aug 27 21:20:15 2024 +0800 selftests: vDSO: add --cflags for pkg-config command querying libsodium When libsodium is installed into its own prefix, the --cflags output is needed for the compiler to find libsodium headers. Signed-off-by: Xi Ruoyao Signed-off-by: Jason A. Donenfeld commit e1bbcab496f745d963e43a6e0f669359e82c4934 Author: Christophe Leroy Date: Thu Aug 22 09:13:22 2024 +0200 selftests: vDSO: look for arch-specific function name in getrandom test Don't hard-code x86 specific names. Rather, use vdso_config definitions to find the correct function matching the architecture. Add random VDSO function names in names[][]. Remove the #ifdef CONFIG_VDSO32, as having the name there all the time is harmless and guaranties a steady index for following strings. Signed-off-by: Christophe Leroy [Jason: add [6] to variable declaration rather than each usage site.] Signed-off-by: Jason A. Donenfeld commit f8d92fc527ff0388b2e94c101afb0e5c7496199f Author: Christophe Leroy Date: Thu Aug 22 09:13:23 2024 +0200 selftests: vDSO: fix include order in build of test_vdso_chacha Building test_vdso_chacha currently leads to following issue: In file included from /home/chleroy/linux-powerpc/include/linux/limits.h:7, from /opt/powerpc64-e5500--glibc--stable-2024.02-1/powerpc64-buildroot-linux-gnu/sysroot/usr/include/bits/local_lim.h:38, from /opt/powerpc64-e5500--glibc--stable-2024.02-1/powerpc64-buildroot-linux-gnu/sysroot/usr/include/bits/posix1_lim.h:161, from /opt/powerpc64-e5500--glibc--stable-2024.02-1/powerpc64-buildroot-linux-gnu/sysroot/usr/include/limits.h:195, from /opt/powerpc64-e5500--glibc--stable-2024.02-1/lib/gcc/powerpc64-buildroot-linux-gnu/12.3.0/include-fixed/limits.h:203, from /opt/powerpc64-e5500--glibc--stable-2024.02-1/lib/gcc/powerpc64-buildroot-linux-gnu/12.3.0/include-fixed/syslimits.h:7, from /opt/powerpc64-e5500--glibc--stable-2024.02-1/lib/gcc/powerpc64-buildroot-linux-gnu/12.3.0/include-fixed/limits.h:34, from /tmp/sodium/usr/local/include/sodium/export.h:7, from /tmp/sodium/usr/local/include/sodium/crypto_stream_chacha20.h:14, from vdso_test_chacha.c:6: /opt/powerpc64-e5500--glibc--stable-2024.02-1/powerpc64-buildroot-linux-gnu/sysroot/usr/include/bits/xopen_lim.h:99:6: error: missing binary operator before token "(" 99 | # if INT_MAX == 32767 | ^~~~~~~ /opt/powerpc64-e5500--glibc--stable-2024.02-1/powerpc64-buildroot-linux-gnu/sysroot/usr/include/bits/xopen_lim.h:102:7: error: missing binary operator before token "(" 102 | # if INT_MAX == 2147483647 | ^~~~~~~ /opt/powerpc64-e5500--glibc--stable-2024.02-1/powerpc64-buildroot-linux-gnu/sysroot/usr/include/bits/xopen_lim.h:126:6: error: missing binary operator before token "(" 126 | # if LONG_MAX == 2147483647 | ^~~~~~~~ This is due to kernel include/linux/limits.h being included instead of libc's limits.h. This is because directory include/ is added through option -isystem so it goes prior to glibc's include directory. Replace -isystem by -idirafter. But this implies that now tools/include/linux/linkage.h is included instead of include/linux/linkage.h, so define a stub for SYM_FUNC_START() and SYM_FUNC_END(). Signed-off-by: Christophe Leroy Signed-off-by: Jason A. Donenfeld commit 20a9af057cd7c4057c72c803dcf83c97eb5deb95 Author: Christophe Leroy Date: Thu Aug 22 09:13:21 2024 +0200 selftests: vDSO: don't hard-code location of vDSO sources Architectures use different location for vDSO sources: arch/mips/vdso arch/sparc/vdso arch/arm64/kernel/vdso arch/riscv/kernel/vdso arch/csky/kernel/vdso arch/x86/um/vdso arch/x86/entry/vdso arch/powerpc/kernel/vdso arch/arm/vdso arch/loongarch/vdso Don't hard-code vdso sources location in selftest Makefile. Instead create a vdso/ symbolic link in tools/arch/$arch/ and update Makefile accordingly. Signed-off-by: Christophe Leroy Signed-off-by: Jason A. Donenfeld commit 01b52f01c5a6bdc3b3e4229dccc84ed667e6867b Author: Jason A. Donenfeld Date: Mon Jul 29 18:02:11 2024 +0200 selftests: vDSO: simplify getrandom thread local storage and structs Rather than using pthread_get/set_specific, just use gcc's __thread annotation, which is noticeably faster and makes the code more obvious. Also, just have one simplified struct called vgrnd, instead of trying to split things up semantically. Those divisions were useful when this code was split across several commit *messages*, but doesn't make as much sense within a single file. This should make the code more clear and provide a better example for implementers. Signed-off-by: Jason A. Donenfeld commit 2f05726171f8d03eef58bc26b49e4994a66c0c5f Author: Krzysztof Kozlowski Date: Sun Aug 25 20:05:25 2024 +0200 soc: versatile: enable compile testing Enable compile testing for broader build coverage. None of the drivers use anything from "asm", so code should build everywhere. CONFIG_PLAT_VERSATILE is being selected by driver dependencies (CONFIG_ARCH_INTEGRATOR and CONFIG_ARCH_REALVIEW), so directory can be always added to Makefile targets without impacting other configurations. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/20240825-soc-dev-fixes-v1-4-ff4b35abed83@linaro.org Signed-off-by: Linus Walleij commit c774f2564c0086c23f5269fd4691f233756bf075 Author: Krzysztof Kozlowski Date: Sun Aug 25 20:05:24 2024 +0200 soc: versatile: realview: fix soc_dev leak during device remove If device is unbound, the soc_dev should be unregistered to prevent memory leak. Fixes: a2974c9c1f83 ("soc: add driver for the ARM RealView") Cc: stable@vger.kernel.org Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/20240825-soc-dev-fixes-v1-3-ff4b35abed83@linaro.org Signed-off-by: Linus Walleij commit 1c4f26a41f9d052f334f6ae629e01f598ed93508 Author: Krzysztof Kozlowski Date: Sun Aug 25 20:05:23 2024 +0200 soc: versatile: realview: fix memory leak during device remove If device is unbound, the memory allocated for soc_dev_attr should be freed to prevent leaks. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/20240825-soc-dev-fixes-v1-2-ff4b35abed83@linaro.org Signed-off-by: Linus Walleij commit 874c5b601856adbfda10846b9770a6c66c41e229 Author: Krzysztof Kozlowski Date: Sun Aug 25 20:05:22 2024 +0200 soc: versatile: integrator: fix OF node leak in probe() error path Driver is leaking OF node reference obtained from of_find_matching_node(). Fixes: f956a785a282 ("soc: move SoC driver for the ARM Integrator") Cc: stable@vger.kernel.org Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/20240825-soc-dev-fixes-v1-1-ff4b35abed83@linaro.org Signed-off-by: Linus Walleij commit 39c243411bdb8fb35777adf49ee32549633c4e12 Author: Yang Jihong Date: Mon Aug 19 10:47:20 2024 +0800 perf sched timehist: Fixed timestamp error when unable to confirm event sched_in time If sched_in event for current task is not recorded, sched_in timestamp will be set to end_time of time window interest, causing an error in timestamp show. In this case, we choose to ignore this event. Test scenario: perf[1229608] does not record the first sched_in event, run time and sch delay are both 0 # perf sched timehist Samples of sched_switch event do not have callchains. time cpu task name wait time sch delay run time [tid/pid] (msec) (msec) (msec) --------------- ------ ------------------------------ --------- --------- --------- 2090450.763231 [0000] perf[1229608] 0.000 0.000 0.000 2090450.763235 [0000] migration/0[15] 0.000 0.001 0.003 2090450.763263 [0001] perf[1229608] 0.000 0.000 0.000 2090450.763268 [0001] migration/1[21] 0.000 0.001 0.004 2090450.763302 [0002] perf[1229608] 0.000 0.000 0.000 2090450.763309 [0002] migration/2[27] 0.000 0.001 0.007 2090450.763338 [0003] perf[1229608] 0.000 0.000 0.000 2090450.763343 [0003] migration/3[33] 0.000 0.001 0.004 Before: arbitrarily specify a time window of interest, timestamp will be set to an incorrect value # perf sched timehist --time 100,200 Samples of sched_switch event do not have callchains. time cpu task name wait time sch delay run time [tid/pid] (msec) (msec) (msec) --------------- ------ ------------------------------ --------- --------- --------- 200.000000 [0000] perf[1229608] 0.000 0.000 0.000 200.000000 [0001] perf[1229608] 0.000 0.000 0.000 200.000000 [0002] perf[1229608] 0.000 0.000 0.000 200.000000 [0003] perf[1229608] 0.000 0.000 0.000 200.000000 [0004] perf[1229608] 0.000 0.000 0.000 200.000000 [0005] perf[1229608] 0.000 0.000 0.000 200.000000 [0006] perf[1229608] 0.000 0.000 0.000 200.000000 [0007] perf[1229608] 0.000 0.000 0.000 After: # perf sched timehist --time 100,200 Samples of sched_switch event do not have callchains. time cpu task name wait time sch delay run time [tid/pid] (msec) (msec) (msec) --------------- ------ ------------------------------ --------- --------- --------- Fixes: 853b74071110bed3 ("perf sched timehist: Add option to specify time window of interest") Signed-off-by: Yang Jihong Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: David Ahern Cc: Ian Rogers Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240819024720.2405244-1-yangjihong@bytedance.com Signed-off-by: Arnaldo Carvalho de Melo commit 74fd69a35cae1d53d9c95b700aae312d77b0d1cb Author: Namhyung Kim Date: Tue Aug 27 22:29:53 2024 -0700 perf lock contention: Fix spinlock and rwlock accounting The spinlock and rwlock use a single-element per-cpu array to track current locks due to performance reason. But this means the key is always available and it cannot simply account lock stats in the array because some of them are invalid. In fact, the contention_end() program in the BPF invalidates the entry by setting the 'lock' value to 0 instead of deleting the entry for the hashmap. So it should skip entries with the lock value of 0 in the account_end_timestamp(). Otherwise, it'd have spurious high contention on an idle machine: $ sudo perf lock con -ab -Y spinlock sleep 3 contended total wait max wait avg wait type caller 8 4.72 s 1.84 s 590.46 ms spinlock rcu_core+0xc7 8 1.87 s 1.87 s 233.48 ms spinlock process_one_work+0x1b5 2 1.87 s 1.87 s 933.92 ms spinlock worker_thread+0x1a2 3 1.81 s 1.81 s 603.93 ms spinlock tmigr_update_events+0x13c 2 1.72 s 1.72 s 861.98 ms spinlock tick_do_update_jiffies64+0x25 6 42.48 us 13.02 us 7.08 us spinlock futex_q_lock+0x2a 1 13.03 us 13.03 us 13.03 us spinlock futex_wake+0xce 1 11.61 us 11.61 us 11.61 us spinlock rcu_core+0xc7 I don't believe it has contention on a spinlock longer than 1 second. After this change, it only reports some small contentions. $ sudo perf lock con -ab -Y spinlock sleep 3 contended total wait max wait avg wait type caller 4 133.51 us 43.29 us 33.38 us spinlock tick_do_update_jiffies64+0x25 4 69.06 us 31.82 us 17.27 us spinlock process_one_work+0x1b5 2 50.66 us 25.77 us 25.33 us spinlock rcu_core+0xc7 1 28.45 us 28.45 us 28.45 us spinlock rcu_core+0xc7 1 24.77 us 24.77 us 24.77 us spinlock tmigr_update_events+0x13c 1 23.34 us 23.34 us 23.34 us spinlock raw_spin_rq_lock_nested+0x15 Fixes: b5711042a1c8cc88 ("perf lock contention: Use per-cpu array map for spinlocks") Reported-by: Xi Wang Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: bpf@vger.kernel.org Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Song Liu Link: https://lore.kernel.org/r/20240828052953.1445862-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit db0d8a84348b876df7c4276f0cbce5df3b769f5f Author: D Scott Phillips Date: Tue Aug 27 14:17:01 2024 -0700 arm64: errata: Enable the AC03_CPU_38 workaround for ampere1a The ampere1a cpu is affected by erratum AC04_CPU_10 which is the same bug as AC03_CPU_38. Add ampere1a to the AC03_CPU_38 workaround midr list. Cc: Signed-off-by: D Scott Phillips Acked-by: Oliver Upton Link: https://lore.kernel.org/r/20240827211701.2216719-1-scott@os.amperecomputing.com Signed-off-by: Will Deacon commit 36cddd105666d45a2cfb70a04c27b0c53bb383cd Author: Namhyung Kim Date: Thu Aug 29 23:51:50 2024 -0700 perf lock contention: Do not fail EEXIST for update When it updates the lock stat for the first time, it needs to create an element in the BPF hash map. But if there's a concurrent thread waiting for the same lock (like for rwsem or rwlock), it might race with the thread and possibly fail to update with -EEXIST. In that case, it can lookup the map again and put the data there instead of failing. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Cc: bpf@vger.kernel.org Link: https://lore.kernel.org/r/20240830065150.1758962-3-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 05a5dd1dfd8fdeee6498875c2d78d4385d627bd6 Author: Namhyung Kim Date: Thu Aug 29 23:51:49 2024 -0700 perf lock contention: Simplify spinlock check The LCB_F_SPIN bit is used for spinlock, rwlock and optimistic spinning in mutex. In get_tstamp_elem() it needs to check spinlock and rwlock only. As mutex sets the LCB_F_MUTEX, it can check those two bits and reduce the number of operations. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Cc: bpf@vger.kernel.org Link: https://lore.kernel.org/r/20240830065150.1758962-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 10d6c57c824e21b4cf8eda9491caea06edac9fd7 Author: Namhyung Kim Date: Thu Aug 29 23:51:48 2024 -0700 perf lock contention: Handle error in a single place It has some duplicate codes to do the same job. Let's add a label and goto there to handle errors in a single place. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Cc: bpf@vger.kernel.org Link: https://lore.kernel.org/r/20240830065150.1758962-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 5c40e050e6ac0218af7c520095729d440cc87e6b Author: Michal Hocko Date: Thu Aug 29 15:06:40 2024 +0200 fs: drop GFP_NOFAIL mode from alloc_page_buffers There is only one called of alloc_page_buffers and it doesn't require __GFP_NOFAIL so drop this allocation mode. Signed-off-by: Michal Hocko Link: https://lore.kernel.org/r/20240829130640.1397970-1-mhocko@kernel.org Acked-by: Song Liu Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 84b2baf427968c1b2e3ae3b7afcb0118cdee0915 Author: Ashish Mhetre Date: Tue Aug 6 10:51:35 2024 +0000 iommu/io-pgtable-arm: Optimise non-coherent unmap The current __arm_lpae_unmap() function calls dma_sync() on individual PTEs after clearing them. Overall unmap performance can be improved by around 25% for large buffer sizes by combining the syncs for adjacent leaf entries. Optimize the unmap time by clearing all the leaf entries and issuing a single dma_sync() for them. Below is detailed analysis of average unmap latency(in us) with and without this optimization obtained by running dma_map_benchmark for different buffer sizes. UnMap Latency(us) Size Without With % gain with optimiztion optimization optimization 4KB 3 3 0 8KB 4 3.8 5 16KB 6.1 5.4 11.48 32KB 10.2 8.5 16.67 64KB 18.5 14.9 19.46 128KB 35 27.5 21.43 256KB 67.5 52.2 22.67 512KB 127.9 97.2 24.00 1MB 248.6 187.4 24.62 2MB 65.5 65.5 0 4MB 119.2 119 0.17 Reviewed-by: Robin Murphy Signed-off-by: Ashish Mhetre Acked-by: Will Deacon Link: https://lore.kernel.org/r/20240806105135.218089-1-amhetre@nvidia.com Signed-off-by: Joerg Roedel commit 6c17c7d5936e6af6a5bda9f9de98a5e2ee6e8a6f Author: Jason Gunthorpe Date: Wed Aug 7 15:19:20 2024 -0300 iommu: Allow ATS to work on VFs when the PF uses IDENTITY PCI ATS has a global Smallest Translation Unit field that is located in the PF but shared by all of the VFs. The expectation is that the STU will be set to the root port's global STU capability which is driven by the IO page table configuration of the iommu HW. Today it becomes set when the iommu driver first enables ATS. Thus, to enable ATS on the VF, the PF must have already had the correct STU programmed, even if ATS is off on the PF. Unfortunately the PF only programs the STU when the PF enables ATS. The iommu drivers tend to leave ATS disabled when IDENTITY translation is being used. Thus we can get into a state where the PF is setup to use IDENTITY with the DMA API while the VF would like to use VFIO with a PAGING domain and have ATS turned on. This fails because the PF never loaded a PAGING domain and so it never setup the STU, and the VF can't do it. The simplest solution is to have the iommu driver set the ATS STU when it probes the device. This way the ATS STU is loaded immediately at boot time to all PFs and there is no issue when a VF comes to use it. Add a new call pci_prepare_ats() which should be called by iommu drivers in their probe_device() op for every PCI device if the iommu driver supports ATS. This will setup the STU based on whatever page size capability the iommu HW has. Signed-off-by: Jason Gunthorpe Acked-by: Bjorn Helgaas Reviewed-by: Kevin Tian Reviewed-by: Lu Baolu Link: https://lore.kernel.org/r/0-v1-0fb4d2ab6770+7e706-ats_vf_jgg@nvidia.com Signed-off-by: Joerg Roedel commit ccb9004656e55ea13e11e93862aa32aa575bf802 Author: Ian Rogers Date: Thu Aug 29 08:01:54 2024 -0700 perf test: Additional pipe tests with pipe output written to a file Additional pipe tests where piped files are written to disk. This means that spotting a file name of "-" isn't a sufficient "is pipe?" test. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Nick Terrell Cc: Peter Zijlstra Cc: Yanteng Si Cc: Yicong Yang Link: https://lore.kernel.org/r/20240829150154.37929-9-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 2d57c32b32fb84c6f6b2342bca85c9ba2b2d759b Author: Ian Rogers Date: Thu Aug 29 08:01:53 2024 -0700 perf header: Remove repipe option No longer used by `perf inject` the repipe_fd is always -1 and repipe is always false. Remove the options and associated code knowing the constant values of the removed variables. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Nick Terrell Cc: Peter Zijlstra Cc: Yanteng Si Cc: Yicong Yang Link: https://lore.kernel.org/r/20240829150154.37929-8-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 89d64e72732f3f970a048a46a7b60164b34dfc43 Author: Ian Rogers Date: Thu Aug 29 08:01:52 2024 -0700 perf inject: Overhaul handling of pipe files Previously inject->is_pipe was set if the input or output were a pipe. Determining the input was a pipe had to be done prior to starting the session and opening the file. This was done by comparing the input file name with '-' but it fails if the pipe file is written to disk. Opening a pipe file from disk will correctly set perf_data.is_pipe, but this is too late for 'perf inject' and results in a broken file. A workaround is 'cat pipe_perf|perf inject -i - ...'. This change removes inject->is_pipe and changes the dependent conditions to use the is_pipe flag on the input (inject->session->data) and output files (inject->output). This ensures the is_pipe condition reflects things like the header being read. The change removes the use of perf file header repiping, that is writing the file header out while reading it in. The case of input pipe and output file cannot repipe as the attributes for the file are unknown. To resolve this, write the file header when writing to disk and as the attributes may be unknown, write them after the data. Update sessions repipe variable to be trace_event_repipe as those are the only events now impacted by it. Update __perf_session__new as the repipe_fd no longer needs passing. Fully removing repipe from session header reading will be done in a later change. Committer testing: root@number:~# perf record -e syscalls:sys_enter_*sleep/max-stack=4/ -o - sleep 0.01 | perf report -i - # To display the perf.data header info, please use --header/--header-only options. # [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.050 MB - ] # # Total Lost Samples: 0 # # Samples: 1 of event 'syscalls:sys_enter_clock_nanosleep' # Event count (approx.): 1 # # Overhead Command Shared Object Symbol # ........ ....... ............. ............................... # 100.00% sleep libc.so.6 [.] clock_nanosleep@GLIBC_2.2.5 | ---__libc_start_main@@GLIBC_2.34 __libc_start_call_main 0x562fc2560a9f clock_nanosleep@GLIBC_2.2.5 # # (Tip: Create an archive with symtabs to analyse on other machine: perf archive) # root@number:~# perf record -e syscalls:sys_enter_*sleep/max-stack=4/ -o - sleep 0.01 > pipe.data [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.050 MB - ] root@number:~# perf report --stdio -i pipe.data # To display the perf.data header info, please use --header/--header-only options. # # # Total Lost Samples: 0 # # Samples: 1 of event 'syscalls:sys_enter_clock_nanosleep' # Event count (approx.): 1 # # Overhead Command Shared Object Symbol # ........ ....... ............. ............................... # 100.00% sleep libc.so.6 [.] clock_nanosleep@GLIBC_2.2.5 | ---__libc_start_main@@GLIBC_2.34 __libc_start_call_main 0x55f775975a9f clock_nanosleep@GLIBC_2.2.5 # # (Tip: To set sampling period of individual events use perf record -e cpu/cpu-cycles,period=100001/,cpu/branches,period=10001/ ...) # root@number:~# Signed-off-by: Ian Rogers Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Nick Terrell Cc: Peter Zijlstra Cc: Yanteng Si Cc: Yicong Yang Link: https://lore.kernel.org/r/20240829150154.37929-7-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 7d6899fb69d25e1bc6f4700b7c1d92e6b608593d Author: Amir Goldstein Date: Thu Aug 29 17:51:08 2024 +0200 ovl: fsync after metadata copy-up For upper filesystems which do not use strict ordering of persisting metadata changes (e.g. ubifs), when overlayfs file is modified for the first time, copy up will create a copy of the lower file and its parent directories in the upper layer. Permission lost of the new upper parent directory was observed during power-cut stress test. Fix by moving the fsync call to after metadata copy to make sure that the metadata copied up directory and files persists to disk before renaming from tmp to final destination. With metacopy enabled, this change will hurt performance of workloads such as chown -R, so we keep the legacy behavior of fsync only on copyup of data. Link: https://lore.kernel.org/linux-unionfs/CAOQ4uxj-pOvmw1-uXR3qVdqtLjSkwcR9nVKcNU_vC10Zyf2miQ@mail.gmail.com/ Reported-and-tested-by: Fei Lv Signed-off-by: Amir Goldstein commit 5474d49b2f79b41f2ab09b0deb9d97d47b18d094 Author: Rohit Agarwal Date: Fri Aug 30 08:45:42 2024 +0000 dt-bindings: display: mediatek: dpi: Add power domains Add power domain binding to the mediatek DPI controller for MT8186. Also, add power domain binding for other SoCs like MT6795 and MT8173 that already had power domain property. Signed-off-by: Rohit Agarwal Reviewed-by: Krzysztof Kozlowski Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20240830084544.2898512-2-rohiagar@chromium.org/ Signed-off-by: Chun-Kuang Hu commit 6f0315330af7a57c1c00587fdfb69c7778bf1c50 Author: Mark Brown Date: Thu Aug 29 18:20:09 2024 +0100 kselftest/arm64: Actually test SME vector length changes via sigreturn The test case for SME vector length changes via sigreturn use a bit too much cut'n'paste and only actually changed the SVE vector length in the test itself. Andre's recent factoring out of the initialisation code caused this to be exposed and the test to start failing. Fix the test to actually cover the thing it's supposed to test. Fixes: 4963aeb35a9e ("kselftest/arm64: signal: Add SME signal handling tests") Signed-off-by: Mark Brown Reviewed-by: Andre Przywara Tested-by: Andre Przywara Link: https://lore.kernel.org/r/20240829-arm64-sme-signal-vl-change-test-v1-1-42d7534cb818@kernel.org Signed-off-by: Will Deacon commit 02b98ff44a57c1376c5a92a8518fda5c82bb5a91 Author: Haren Myneni Date: Wed Aug 21 19:50:28 2024 -0700 powerpc/pseries/dlpar: Add device tree nodes for DLPAR IO add In the powerpc-pseries specific implementation, the IO hotplug event is handled in the user space (drmgr tool). For the DLPAR IO ADD, the corresponding device tree nodes and properties will be added to the device tree after the device enable. The user space (drmgr tool) uses configure_connector RTAS call with the DRC index to retrieve the device nodes and updates the device tree by writing to /proc/ppc64/ofdt. Under system lockdown, /dev/mem access to allocate buffers for configure_connector RTAS call is restricted which means the user space can not issue this RTAS call and also can not access to /proc/ppc64/ofdt. The pseries implementation need user interaction to power-on and add device to the slot during the ADD event handling. So adds complexity if the complete hotplug ADD event handling moved to the kernel. To overcome /dev/mem access restriction, this patch extends the /sys/kernel/dlpar interface and provides ‘dt add index ’ to the user space. The drmgr tool uses this interface to update the device tree whenever the device is added. This interface retrieves device tree nodes for the corresponding DRC index using the configure_connector RTAS call and adds new device nodes / properties to the device tree. Signed-off-by: Scott Cheloha Signed-off-by: Haren Myneni Signed-off-by: Michael Ellerman Link: https://msgid.link/20240822025028.938332-3-haren@linux.ibm.com commit 17a51171c20d590d3d3c632bcdd946f5fc3c0061 Author: Haren Myneni Date: Wed Aug 21 19:50:27 2024 -0700 powerpc/pseries/dlpar: Remove device tree node for DLPAR IO remove In the powerpc-pseries specific implementation, the IO hotplug event is handled in the user space (drmgr tool). But update the device tree and /dev/mem access to allocate buffers for some RTAS calls are restricted when the kernel lockdown feature is enabled. For the DLPAR IO REMOVE, the corresponding device tree nodes and properties have to be removed from the device tree after the device disable. The user space removes the device tree nodes by updating /proc/ppc64/ofdt which is not allowed under system lockdown is enabled. This restriction can be resolved by moving the complete IO hotplug handling in the kernel. But the pseries implementation need user interaction to power off and to remove device from the slot during hotplug event handling. To overcome the /proc/ppc64/ofdt restriction, this patch extends the /sys/kernel/dlpar interface and provides ‘dt remove index ’ to the user space so that drmgr tool can remove the corresponding device tree nodes based on DRC index from the device tree. Signed-off-by: Scott Cheloha Signed-off-by: Haren Myneni Signed-off-by: Michael Ellerman Link: https://msgid.link/20240822025028.938332-2-haren@linux.ibm.com commit b76e0d4215b6b622127ebcceaa7f603313ceaec4 Author: Haren Myneni Date: Wed Aug 21 19:50:26 2024 -0700 powerpc/pseries: Use correct data types from pseries_hp_errorlog struct _be32 type is defined for some elements in pseries_hp_errorlog struct but also used them u32 after be32_to_cpu() conversion. Example: In handle_dlpar_errorlog() hp_elog->_drc_u.drc_index = be32_to_cpu(hp_elog->_drc_u.drc_index); And later assigned to u32 type dlpar_cpu() - u32 drc_index = hp_elog->_drc_u.drc_index; This incorrect usage is giving the following warnings and the patch resolve these warnings with the correct assignment. arch/powerpc/platforms/pseries/dlpar.c:398:53: sparse: sparse: incorrect type in argument 1 (different base types) @@ expected unsigned int [usertype] drc_index @@ got restricted __be32 [usertype] drc_index @@ ... arch/powerpc/platforms/pseries/dlpar.c:418:43: sparse: sparse: incorrect type in assignment (different base types) @@ expected restricted __be32 [usertype] drc_count @@ got unsigned int [usertype] @@ Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408182142.wuIKqYae-lkp@intel.com/ Closes: https://lore.kernel.org/oe-kbuild-all/202408182302.o7QRO45S-lkp@intel.com/ Signed-off-by: Haren Myneni v3: - Fix warnings from using incorrect data types in pseries_hp_errorlog struct v2: - Remove pr_info() and TODO comments - Update more information in the commit logs Signed-off-by: Michael Ellerman Link: https://msgid.link/20240822025028.938332-1-haren@linux.ibm.com commit 65948b0e716a47382731889ee6bbb18642b8b003 Author: Christophe Leroy Date: Thu Aug 22 10:00:29 2024 +0200 powerpc/vdso: Inconditionally use CFUNC macro During merge of commit 4e991e3c16a3 ("powerpc: add CFUNC assembly label annotation") a fallback version of CFUNC macro was added at the last minute, so it can be used inconditionally. Fixes: 4e991e3c16a3 ("powerpc: add CFUNC assembly label annotation") Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/0fa863f2f69b2ca4094ae066fcf1430fb31110c9.1724313540.git.christophe.leroy@csgroup.eu commit dca5b1d69aea36ab559d9ca13729370007c60df1 Author: Christophe Leroy Date: Tue Aug 20 14:26:54 2024 +0200 powerpc/32: Implement validation of emergency stack VMAP stack added an emergency stack on powerpc/32 for when there is a stack overflow, but failed to add stack validation for that emergency stack. That validation is required for show stack. Implement it. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/2439d50b019f758db4a6d7b238b06441ab109799.1724156805.git.christophe.leroy@csgroup.eu commit 062e825a336017c0334c7497690826c95aa1a84f Author: Christophe Leroy Date: Tue Aug 20 19:23:58 2024 +0200 powerpc/603: Inconditionally use task PGDIR in DTLB misses At the time being, DATA TLB miss handlers use task PGDIR for user addresses and swapper_pg_dir for kernel addresses. Now that kernel part of swapper_pg_dir is copied into task PGDIR at PGD allocation, it is possible to avoid the above logic and always use task PGDIR. But new kernel PGD entries can still be created after init, in which case those PGD entries may miss in task PGDIR. This can be handled in DATA TLB error handler. However, it needs to be done in real mode because the missing entry might be related to the stack. So implement copy of missing PGD entry in DATA TLB miss handler just after detection of invalid PGD entry. Also replace comparison by same calculation as in previous patch to know if an address belongs to a kernel or user segment. Note that as mentioned in platforms/Kconfig.cputype, SMP is not supported on 603 processors so there is no risk of the PGD entry be populated during the fault. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/a2ba8eeb1c845eeb9e46b6fe3a5e9f841df9a033.1724173828.git.christophe.leroy@csgroup.eu commit 3f57d90c231d3329aaed7079dd05b5a2f7692a58 Author: Christophe Leroy Date: Tue Aug 20 19:23:57 2024 +0200 powerpc/603: Inconditionally use task PGDIR in ITLB misses Now that modules exec page tables are preallocated, the instruction TLBmiss handler can use task PGDIR inconditionally. Also revise the identification of user vs kernel user space by doing a calculation instead of a comparison: Get the segment number and subtract the number of the first kernel segment. The result is positive for kernel addresses and negative for user addresses, which means that upper 2 bits are 0 for kernel and 3 for user. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/9a3242162ad2faab8019c698e501b326a126ee9e.1724173828.git.christophe.leroy@csgroup.eu commit 31c0e137ec609f36877ea39cd343ef2476d080aa Author: Christophe Leroy Date: Tue Aug 20 19:23:56 2024 +0200 powerpc/603: Switch r0 and r3 in TLB miss handlers In preparation of next patch that will perform some additional calculations to replace comparison, switch the use of r0 and r3 as r0 has some limitations in some instructions like 'addi/subi'. Also remove outdated comments about the meaning of each register. The registers are used for many things and it would be difficult to accurately describe all things done with a given register. The function is now small enough to get a global view without much description. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/566af5e87685b1a85d3182549c0d520ce2d8877a.1724173828.git.christophe.leroy@csgroup.eu commit 82ef440f9a38a1fd7f4854397633a35af33840a5 Author: Christophe Leroy Date: Tue Aug 20 19:23:55 2024 +0200 powerpc/603: Copy kernel PGD entries into all PGDIRs and preallocate execmem page tables For the same reason as 8xx, copy kernel PGD entries into all PGDIRs in pgd_alloc() and preallocate execmem page tables before creating new PGDs so that all PGD entries related to execmem are copied by pgd_alloc(). This will help reduce the fast-path in TLBmiss handlers. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/1a0d1feee07c4cf955f6a43a704c203e5c90fa53.1724173828.git.christophe.leroy@csgroup.eu commit 2f2b9a3adc66e978a1248ffb38df8477e8e97c57 Author: Christophe Leroy Date: Tue Aug 20 19:23:54 2024 +0200 powerpc/32s: Reduce default size of module/execmem area book3s/32 platforms have usually more memory than 8xx, but it is still not worth reserving a full segment (256 Mbytes) for module text. 64Mbytes should be far enough. Also fix TASK_SIZE when EXECMEM is not selected, and add a build verification for overlap of module execmem space with user segments. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/c1f6a4e47f177d919561c6e97d31af5564923cf6.1724173828.git.christophe.leroy@csgroup.eu commit ac9f97ff8b324905d457f2694490c63b9deccbc6 Author: Christophe Leroy Date: Tue Aug 20 19:23:53 2024 +0200 powerpc/8xx: Inconditionally use task PGDIR in DTLB misses At the time being, DATA TLB miss handlers use task PGDIR for user addresses and swapper_pg_dir for kernel addresses. Now that kernel part of swapper_pg_dir is copied into task PGDIR at PGD allocation, it is possible to avoid the above logic and always use task PGDIR. But new kernel PGD entries can still be created after init, in which case those PGD entries may miss in task PGDIR. This can be handled in DATA TLB error handler. However, it needs to be done in real mode because the missing entry might be related to the stack. So implement copy of missing PGD entry in the prolog of DATA TLB ERROR handler just after the fixup of DAR. Note that this is feasible because 8xx doesn't implement vmap or ioremap with 8Mbytes pages but only 512kbytes pages which are at PTE level. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/7a76a923d2a111f1d843d8b20b4df0c65d2f4a7b.1724173828.git.christophe.leroy@csgroup.eu commit 33c527522f394f63cc589a6f7af990b2232444c8 Author: Christophe Leroy Date: Tue Aug 20 19:23:52 2024 +0200 powerpc/8xx: Inconditionally use task PGDIR in ITLB misses Now that modules exec page tables are preallocated, the instruction TLBmiss handler can use task PGDIR inconditionally. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/774fd766a8b9bcb9173b5e677d5dad0df2d3970f.1724173828.git.christophe.leroy@csgroup.eu commit 16a71c045186a11c1c743934e330de78162b86dd Author: Christophe Leroy Date: Tue Aug 20 19:23:51 2024 +0200 powerpc/8xx: Preallocate execmem page tables Preallocate execmem page tables before creating new PGDs so that all PGD entries related to execmem can be copied in pgd_alloc(). On 8xx there are 32 Mbytes for execmem by default so this will use 32 kbytes. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/a7180cc1ba59dec4502af39b4e9f3ff91c57280d.1724173828.git.christophe.leroy@csgroup.eu commit c5eec4df25c34f4bee8c757ed157f5d96eaba554 Author: Christophe Leroy Date: Tue Aug 20 19:23:50 2024 +0200 powerpc/8xx: Reduce default size of module/execmem area 8xx boards don't have much memory, the two I know have respectively 32Mbytes and 128Mbytes, so there is no point in having 256 Mbytes of memory for module text. Reduce it to 32Mbytes for 8xx, that's more than enough. Nevertheless, make it a configurable value so that it can be customised if needed. Also add a build verification for overlap of module execmem space with user PMD. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/8db23b61e33a0d1913d814f94bfe71ba7ac78b0f.1724173828.git.christophe.leroy@csgroup.eu commit bcf77a70c4ffc9b01044229de87f5b6f9c1f7913 Author: Christophe Leroy Date: Tue Aug 20 19:23:49 2024 +0200 powerpc/8xx: Allow setting DATA alignment even with STRICT_KERNEL_RWX It is now possible to not pin kernel text with a 8Mbytes TLB, so the alignment for STRICT_KERNEL_RWX can be relaxed. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/d0d8b05012b392dd166cfd911f14ba2741ce7e1e.1724173828.git.christophe.leroy@csgroup.eu commit 1a736d98c84acd38e40fff69528ce7aaa55dd22d Author: Christophe Leroy Date: Tue Aug 20 19:23:48 2024 +0200 Revert "powerpc/8xx: Always pin kernel text TLB" This reverts commit bccc58986a2f98e3af349c85c5f49aac7fb19ef2. When STRICT_KERNEL_RWX is selected, EXEC memory must stop where RW memory start. When pinning iTLBs it means an 8M alignment for RW data start. That may be acceptable on boards with a lot of memory but one of my supported boards only has 32 Mbytes and this forced alignment leads to a waste of almost 4 Mbytes with is more than 10% of the total memory. So revert commit bccc58986a2f ("powerpc/8xx: Always pin kernel text TLB") but don't restore previous behaviour in ITLB miss handler as now kernel PGD entries are copied into each process PGDIR. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/01b6780b860c8043b51a1ba9d83acfc6f2dde910.1724173828.git.christophe.leroy@csgroup.eu commit 985db026c34dfc45213649023d5505822a5dcd78 Author: Christophe Leroy Date: Tue Aug 20 19:23:47 2024 +0200 powerpc/8xx: Copy kernel PGD entries into all PGDIRs In order to avoid having to select PGDIR at each TLB miss based on fault address, copy kernel PGD entries into all PGDIRs in pgd_alloc(). At first it will be used for ITLB misses for kernel TEXT, then for execmem then for kernel DATA. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/c6d2bf5af2ea909071a85bdca8b1f5dc2df134a8.1724173828.git.christophe.leroy@csgroup.eu commit 65a82e117ffeeab0baf6f871a1cab11a28ace183 Author: Christophe Leroy Date: Tue Aug 20 19:23:46 2024 +0200 powerpc/8xx: Fix kernel vs user address comparison Since commit 9132a2e82adc ("powerpc/8xx: Define a MODULE area below kernel text"), module exec space is below PAGE_OFFSET so not only space above PAGE_OFFSET, but space above TASK_SIZE need to be seen as kernel space. Until now the problem went undetected because by default TASK_SIZE is 0x8000000 which means address space is determined by just checking upper address bit. But when TASK_SIZE is over 0x80000000, PAGE_OFFSET is used for comparison, leading to thinking module addresses are part of user space. Fix it by using TASK_SIZE instead of PAGE_OFFSET for address comparison. Fixes: 9132a2e82adc ("powerpc/8xx: Define a MODULE area below kernel text") Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/3f574c9845ff0a023b46cb4f38d2c45aecd769bd.1724173828.git.christophe.leroy@csgroup.eu commit f9f2bff64c2f0dbee57be3d8c2741357ad3d05e6 Author: Christophe Leroy Date: Tue Aug 20 19:23:45 2024 +0200 powerpc/8xx: Fix initial memory mapping Commit cf209951fa7f ("powerpc/8xx: Map linear memory with huge pages") introduced an initial mapping of kernel TEXT using PAGE_KERNEL_TEXT, but the pages that contain kernel TEXT may also contain kernel RODATA, and depending on selected debug options PAGE_KERNEL_TEXT may be either RWX or ROX. RODATA must be writable during init because it also contains ro_after_init data. So use PAGE_KERNEL_X instead to be sure it is RWX. Fixes: cf209951fa7f ("powerpc/8xx: Map linear memory with huge pages") Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/dac7a828d8497c4548c91840575a706657baa4f1.1724173828.git.christophe.leroy@csgroup.eu commit e3de1d8deb9f6429356eb81118aa1601c8a5a1b6 Author: Hongbo Li Date: Fri Aug 30 15:58:00 2024 +0800 spi: spi-ppc4xx: Remove duplicate included header file linux/platform_device.h The header file linux/platform_device.h is included twice. Remove the last one. Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240830075800.3541646-1-lihongbo22@huawei.com Signed-off-by: Mark Brown commit 10c8ac13395a087c90ba6acd11f793588ba5609e Author: Gaosheng Cui Date: Thu Aug 22 21:00:43 2024 +0800 powerpc/powernv/pci: Remove obsoleted declaration for pnv_pci_init_ioda_hub The pnv_pci_init_ioda_hub() have been removed since commit 5ac129cdb50b ("powerpc/powernv/pci: Remove ioda1 support"), and now it is useless, so remove it. Signed-off-by: Gaosheng Cui Signed-off-by: Michael Ellerman Link: https://msgid.link/20240822130043.783756-1-cuigaosheng1@huawei.com commit 600d6a7e630e970624911624eb15986245b18668 Author: Gaosheng Cui Date: Thu Aug 22 21:06:09 2024 +0800 powerpc: Remove obsoleted declarations for use_cop and drop_cop The use_cop() and drop_cop() have been removed since commit 6ff4d3e96652 ("powerpc: Remove old unused icswx based coprocessor support"), now they are useless, so remove them. Signed-off-by: Gaosheng Cui Signed-off-by: Michael Ellerman Link: https://msgid.link/20240822130609.786431-5-cuigaosheng1@huawei.com commit fe16a749731e86d580acf8d43b0298dfe6d1503d Author: Gaosheng Cui Date: Thu Aug 22 21:06:08 2024 +0800 powerpc/pasemi: Remove obsoleted declaration for pas_pci_irq_fixup() The pas_pci_irq_fixup() have been removed since commit 771f7404a9de ("pasemi_mac: Move the IRQ mapping from the PCI layer to the driver"), and now it is useless, so remove it. Signed-off-by: Gaosheng Cui Signed-off-by: Michael Ellerman Link: https://msgid.link/20240822130609.786431-4-cuigaosheng1@huawei.com commit 6745c5bb2e0fe513918ce2136108a2efb92bdea1 Author: Gaosheng Cui Date: Thu Aug 22 21:06:07 2024 +0800 powerpc/maple: Remove obsoleted declaration for maple_calibrate_decr() The maple_calibrate_decr() have been removed since commit 10f7e7c15e6c ("[PATCH] ppc64: consolidate calibrate_decr implementations"), and now it is useless, so remove it. Signed-off-by: Gaosheng Cui Signed-off-by: Michael Ellerman Link: https://msgid.link/20240822130609.786431-3-cuigaosheng1@huawei.com commit ff987ffc0c18c98f05ddc7696d56bb493b994450 Author: Marc Zyngier Date: Sun Jun 23 10:46:45 2024 +0100 KVM: arm64: nv: Add support for FEAT_ATS1A Handling FEAT_ATS1A (which provides the AT S1E{1,2}A instructions) is pretty easy, as it is just the usual AT without the permission check. This basically amounts to plumbing the instructions in the various dispatch tables, and handling FEAT_ATS1A being disabled in the ID registers. Signed-off-by: Marc Zyngier commit 8df747f4f3a5c680e3c0e68af3487b97343ca80a Author: Marc Zyngier Date: Wed Jun 19 08:14:45 2024 +0100 KVM: arm64: nv: Plumb handling of AT S1* traps from EL2 Hooray, we're done. Plug the AT traps into the system instruction table, and let it rip. Signed-off-by: Marc Zyngier commit d95bb9ef164edb33565cb73e3f0b0a581b3e4fbb Author: Marc Zyngier Date: Sat Jul 20 22:06:00 2024 +0100 KVM: arm64: nv: Make AT+PAN instructions aware of FEAT_PAN3 FEAT_PAN3 added a check for executable permissions to FEAT_PAN2. Add the required SCTLR_ELx.EPAN and descriptor checks to handle this correctly. Reviewed-by: Alexandru Elisei Signed-off-by: Marc Zyngier commit 2441418f3aadb3f9232431aeb10d89e48a934d94 Author: Marc Zyngier Date: Mon Jul 15 17:22:19 2024 +0100 KVM: arm64: nv: Sanitise SCTLR_EL1.EPAN according to VM configuration Ensure that SCTLR_EL1.EPAN is RES0 when FEAT_PAN3 isn't supported. Signed-off-by: Marc Zyngier commit d6a01a2dc760c8350fa182a6afd69fabab131f73 Author: Marc Zyngier Date: Tue Jun 18 10:40:02 2024 +0100 KVM: arm64: nv: Add SW walker for AT S1 emulation In order to plug the brokenness of our current AT implementation, we need a SW walker that is going to... err.. walk the S1 tables and tell us what it finds. Of course, it builds on top of our S2 walker, and share similar concepts. The beauty of it is that since it uses kvm_read_guest(), it is able to bring back pages that have been otherwise evicted. This is then plugged in the two AT S1 emulation functions as a "slow path" fallback. I'm not sure it is that slow, but hey. Reviewed-by: Alexandru Elisei Signed-off-by: Marc Zyngier commit 97634dac1974d28e5ffc067d257f0b0f79b5ed2e Author: Marc Zyngier Date: Tue Jun 18 10:12:15 2024 +0100 KVM: arm64: nv: Make ps_to_output_size() generally available Make this helper visible to at.c, we are going to need it. Signed-off-by: Marc Zyngier commit be04cebf3e78874627dc1042991d5d504464a5cc Author: Marc Zyngier Date: Wed Jun 19 08:44:52 2024 +0100 KVM: arm64: nv: Add emulation of AT S12E{0,1}{R,W} On the face of it, AT S12E{0,1}{R,W} is pretty simple. It is the combination of AT S1E{0,1}{R,W}, followed by an extra S2 walk. However, there is a great deal of complexity coming from combining the S1 and S2 attributes to report something consistent in PAR_EL1. This is an absolute mine field, and I have a splitting headache. Signed-off-by: Marc Zyngier commit e794049b9acbd6500b77b9ce92a95101091b52d3 Author: Marc Zyngier Date: Wed Jun 19 08:43:35 2024 +0100 KVM: arm64: nv: Add basic emulation of AT S1E2{R,W} Similar to our AT S1E{0,1} emulation, we implement the AT S1E2 handling. This emulation of course suffers from the same problems, but is somehow simpler due to the lack of PAN2 and the fact that we are guaranteed to execute it from the correct context. Co-developed-by: Jintack Lim Signed-off-by: Jintack Lim Signed-off-by: Marc Zyngier commit be0135bde1df5e80cffacd2ed6f952e6d38d6f71 Author: Marc Zyngier Date: Sun Jul 14 10:40:43 2024 +0100 KVM: arm64: nv: Add basic emulation of AT S1E1{R,W}P Building on top of our primitive AT S1E{0,1}{R,W} emulation, add minimal support for the FEAT_PAN2 instructions, momentary context-switching PSTATE.PAN so that it takes effect in the context of the guest. Signed-off-by: Marc Zyngier commit 477e89cabb1428d5989430d57828347f5de2be9c Author: Marc Zyngier Date: Wed Jun 19 08:29:20 2024 +0100 KVM: arm64: nv: Add basic emulation of AT S1E{0,1}{R,W} Emulating AT instructions is one the tasks devolved to the host hypervisor when NV is on. Here, we take the basic approach of emulating AT S1E{0,1}{R,W} using the AT instructions themselves. While this mostly work, it doesn't *always* work: - S1 page tables can be swapped out - shadow S2 can be incomplete and not contain mappings for the S1 page tables We are not trying to handle these case here, and defer it to a later patch. Suitable comments indicate where we are in dire need of better handling. Co-developed-by: Jintack Lim Signed-off-by: Jintack Lim Signed-off-by: Marc Zyngier commit 90659853febcf63ceb71529b247d518df3c2a76c Author: Marc Zyngier Date: Wed Jun 19 08:16:44 2024 +0100 KVM: arm64: nv: Honor absence of FEAT_PAN2 If our guest has been configured without PAN2, make sure that AT S1E1{R,W}P will generate an UNDEF. Reviewed-by: Anshuman Khandual Signed-off-by: Marc Zyngier commit 0a0f25b71ca544388717f8bf4a54ba324e234e7a Author: Marc Zyngier Date: Fri Jun 21 14:59:36 2024 +0100 KVM: arm64: nv: Turn upper_attr for S2 walk into the full descriptor The upper_attr attribute has been badly named, as it most of the time carries the full "last walked descriptor". Rename it to "desc" and make ti contain the full 64bit descriptor. This will be used by the S1 PTW. Signed-off-by: Marc Zyngier commit 4155539bc5baab514ac71285a1a13fcf148f9cf1 Author: Marc Zyngier Date: Sat Aug 10 18:42:41 2024 +0100 KVM: arm64: nv: Enforce S2 alignment when contiguous bit is set Despite KVM not using the contiguous bit for anything related to TLBs, the spec does require that the alignment defined by the contiguous bit for the page size and the level is enforced. Add the required checks to offset the point where PA and VA merge. Fixes: 61e30b9eef7f ("KVM: arm64: nv: Implement nested Stage-2 page table walk logic") Reported-by: Alexandru Elisei Signed-off-by: Marc Zyngier commit 5fddf9abc31a57e2cc35287998994cf4a684fada Author: Marc Zyngier Date: Wed Jul 31 10:54:04 2024 +0100 arm64: Add ESR_ELx_FSC_ADDRSZ_L() helper Although we have helpers that encode the level of a given fault type, the Address Size fault type is missing it. While we're at it, fix the bracketting for ESR_ELx_FSC_ACCESS_L() and ESR_ELx_FSC_PERM_L(). Signed-off-by: Marc Zyngier commit b229b46b0bf7828bef5f88c91708776869b751ac Author: Marc Zyngier Date: Mon Jul 15 13:09:29 2024 +0100 arm64: Add system register encoding for PSTATE.PAN Although we already have the primitives to set PSTATE.PAN with an immediate, we don't have a way to read the current state nor set it ot an arbitrary value (i.e. we can generally save/restore it). Thankfully, all that is missing for this is the definition for the PAN pseudo system register, here named SYS_PSTATE_PAN. Signed-off-by: Marc Zyngier commit 6dcd2ac7ea7c5b20b416ee09d8d5d2ec89866ef8 Author: Marc Zyngier Date: Tue Jun 18 10:10:19 2024 +0100 arm64: Add PAR_EL1 field description As KVM is about to grow a full emulation for the AT instructions, add the layout of the PAR_EL1 register in its non-D128 configuration. Note that the constants are a bit ugly, as the register has two layouts, based on the state of the F bit. Signed-off-by: Marc Zyngier commit 4abc783e4741cd33216e7796e9b2f4973b4bca61 Author: Marc Zyngier Date: Tue Jun 18 10:09:18 2024 +0100 arm64: Add missing APTable and TCR_ELx.HPD masks Although Linux doesn't make use of hierarchical permissions (TFFT!), KVM needs to know where the various bits related to this feature live in the TCR_ELx registers as well as in the page tables. Add the missing bits. Signed-off-by: Marc Zyngier commit 69231a6fcb638b7929e9fc88c4fa73a04e6d4e0c Author: Joey Gouly Date: Fri May 3 14:01:26 2024 +0100 KVM: arm64: Make kvm_at() take an OP_AT_* To allow using newer instructions that current assemblers don't know about, replace the `at` instruction with the underlying SYS instruction. Signed-off-by: Joey Gouly Cc: Oliver Upton Cc: Catalin Marinas Cc: Will Deacon Reviewed-by: Marc Zyngier Reviewed-by: Anshuman Khandual Acked-by: Will Deacon Signed-off-by: Marc Zyngier commit dace02a9ee1921adee05bf1807a78f92ee2dea2b Author: Gaosheng Cui Date: Thu Aug 22 21:06:06 2024 +0800 powerpc: Remove obsoleted declaration for _get_SP The implementation of _get_SP() was removed in commit f4db196717c6 ("[POWERPC] Remove _get_SP"), remove the now obsolete declaration. Signed-off-by: Gaosheng Cui Reviewed-by: Christophe Leroy [mpe: Update change log to refer to correct commit per Christophe] Signed-off-by: Michael Ellerman Link: https://msgid.link/20240822130609.786431-2-cuigaosheng1@huawei.com commit d1c93d5c67ebc7cf5b70ecff7172a0c399975d55 Author: Yicong Yang Date: Thu Aug 29 17:03:32 2024 +0800 drivers/perf: hisi_pcie: Export supported Root Ports [bdf_min, bdf_max] Currently users can get the Root Ports supported by the PCIe PMU by "bus" sysfs attributes which indicates the PCIe bus number where Root Ports are located. This maybe insufficient since Root Ports supported by different PCIe PMUs may be located on the same PCIe bus. So export the BDF range the Root Ports additionally. Signed-off-by: Yicong Yang Acked-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240829090332.28756-4-yangyicong@huawei.com Signed-off-by: Will Deacon commit 17bf68aeb3642221e3e770399b5a52f370747ac1 Author: Yicong Yang Date: Thu Aug 29 17:03:31 2024 +0800 drivers/perf: hisi_pcie: Fix TLP headers bandwidth counting We make the initial value of event ctrl register as HISI_PCIE_INIT_SET and modify according to the user options. This will make TLP headers bandwidth only counting never take effect since HISI_PCIE_INIT_SET configures to count the TLP payloads bandwidth. Fix this by making the initial value of event ctrl register as 0. Fixes: 17d573984d4d ("drivers/perf: hisi: Add TLP filter support") Signed-off-by: Yicong Yang Acked-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240829090332.28756-3-yangyicong@huawei.com Signed-off-by: Will Deacon commit daecd3373a16a039ad241086e30a1ec46fc9d61f Author: Yicong Yang Date: Thu Aug 29 17:03:30 2024 +0800 drivers/perf: hisi_pcie: Record hardware counts correctly Currently we set the period and record it as the initial value of the counter without checking it's set to the hardware successfully or not. However the counter maybe unwritable if the target event is unsupported by the device. In such case we will pass user a wrong count: [start counts when setting the period] hwc->prev_count = 0x8000000000000000 device.counter_value = 0 // the counter is not set as the period [when user reads the counter] event->count = device.counter_value - hwc->prev_count = 0x8000000000000000 // wrong. should be 0. Fix this by record the hardware counter counts correctly when setting the period. Fixes: 8404b0fbc7fb ("drivers/perf: hisi: Add driver for HiSilicon PCIe PMU") Signed-off-by: Yicong Yang Acked-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240829090332.28756-2-yangyicong@huawei.com Signed-off-by: Will Deacon commit 5e9629d0ae977d6f6916d7e519724804e95f0b07 Author: James Clark Date: Tue Aug 27 15:51:12 2024 +0100 drivers/perf: arm_spe: Use perf_allow_kernel() for permissions Use perf_allow_kernel() for 'pa_enable' (physical addresses), 'pct_enable' (physical timestamps) and context IDs. This means that perf_event_paranoid is now taken into account and LSM hooks can be used, which is more consistent with other perf_event_open calls. For example PERF_SAMPLE_PHYS_ADDR uses perf_allow_kernel() rather than just perfmon_capable(). This also indirectly fixes the following error message which is misleading because perf_event_paranoid is not taken into account by perfmon_capable(): $ perf record -e arm_spe/pa_enable/ Error: Access to performance monitoring and observability operations is limited. Consider adjusting /proc/sys/kernel/perf_event_paranoid setting ... Suggested-by: Al Grant Signed-off-by: James Clark Link: https://lore.kernel.org/r/20240827145113.1224604-1-james.clark@linaro.org Link: https://lore.kernel.org/all/20240807120039.GD37996@noisy.programming.kicks-ass.net/ Signed-off-by: Will Deacon commit be9c336852056e2c34369de79fd938dc21a2d5cf Author: Kuan-Wei Chiu Date: Sat Aug 24 02:38:56 2024 +0800 crypto: hisilicon/zip - Optimize performance by replacing rw_lock with spinlock The req_lock is currently implemented as a rw_lock, but there are no instances where read_lock() is called. This means that the lock is effectively only used by writers, making it functionally equivalent to a simple spinlock. As stated in Documentation/locking/spinlocks.rst: "Reader-writer locks require more atomic memory operations than simple spinlocks. Unless the reader critical section is long, you are better off just using spinlocks." Since the rw_lock in this case incurs additional atomic memory operations without any benefit from reader-writer locking, it is more efficient to replace it with a spinlock. This patch implements that replacement to optimize the driver's performance. Signed-off-by: Kuan-Wei Chiu Signed-off-by: Herbert Xu commit 407f8cf8e6875fc8fb3c0cda193f310340122060 Author: Chunhai Guo Date: Fri Aug 23 03:52:12 2024 -0600 crypto: img-hash - use devm_clk_get_enabled() helpers Simplify the code by replacing devm_clk_get() and clk_prepare_enable() with devm_clk_get_enabled(), which also avoids the call to clk_disable_unprepare(). Signed-off-by: Chunhai Guo Signed-off-by: Herbert Xu commit eb7bb0b56b41e9dd73d340159b8a0ce743352014 Author: Chunhai Guo Date: Fri Aug 23 03:42:49 2024 -0600 crypto: atmel - use devm_clk_get_prepared() helpers Simplify the code by replacing devm_clk_get() and clk_prepare() with devm_clk_get_prepared(), which also avoids the call to clk_unprepare(). Signed-off-by: Chunhai Guo Signed-off-by: Herbert Xu commit 24cc57d8faaa4060fd58adf810b858fcfb71a02f Author: Kamlesh Gurudasani Date: Thu Aug 22 02:32:52 2024 +0530 padata: Honor the caller's alignment in case of chunk_size 0 In the case where we are forcing the ps.chunk_size to be at least 1, we are ignoring the caller's alignment. Move the forcing of ps.chunk_size to be at least 1 before rounding it up to caller's alignment, so that caller's alignment is honored. While at it, use max() to force the ps.chunk_size to be at least 1 to improve readability. Fixes: 6d45e1c948a8 ("padata: Fix possible divide-by-0 panic in padata_mt_helper()") Signed-off-by: Kamlesh Gurudasani Acked-by:  Waiman Long Acked-by: Daniel Jordan Signed-off-by: Herbert Xu commit c7de6ee3d312ae88f6f9a04afa211b52da613852 Author: Frank Li Date: Wed Aug 21 15:20:48 2024 -0400 dt-bindings: crypto: fsl,sec-v4.0: add second register space for rtic Add two description for register space of rtic. There are two register space, one is for control and status, the other optional space is recoverable error indication register space. Fix below CHECK_DTBS error: arch/arm64/boot/dts/freescale/fsl-ls1012a-frdm.dtb: crypto@1700000: rtic@60000:reg: [[393216, 256], [396800, 24]] is too long from schema $id: http://devicetree.org/schemas/crypto/fsl,sec-v4.0.yaml# Signed-off-by: Frank Li Acked-by: Conor Dooley Signed-off-by: Herbert Xu commit 866ff78da10178cf98600f59ea353fb1b2b7976e Author: Martin Kaiser Date: Wed Aug 21 20:12:35 2024 +0200 hwrng: rockchip - handle devm_pm_runtime_enable errors It's unlikely that devm_pm_runtime_enable ever fails. Still, it makes sense to read the return value and handle errors. Signed-off-by: Martin Kaiser Signed-off-by: Herbert Xu commit 9c2797093a4095a1d686b6c51fbd321a627855ee Author: Martin Kaiser Date: Wed Aug 21 20:12:34 2024 +0200 hwrng: rockchip - rst is used only during probe The driver uses the rst variable only for an initial reset when the chip is probed. There's no need to store rst in the driver's private data, we can make it a local variable in the probe function. Signed-off-by: Martin Kaiser Signed-off-by: Herbert Xu commit 065c547d951893201de1368863280bc943a35413 Author: Huan Yang Date: Tue Aug 20 17:47:11 2024 +0800 hwrng: mxc-rnga - Use devm_clk_get_enabled() helpers The devm_clk_get_enabled() helpers: - call devm_clk_get() - call clk_prepare_enable() and register what is needed in order to call clk_disable_unprepare() when needed, as a managed resource. This simplifies the code and avoids the calls to clk_disable_unprepare(). Signed-off-by: Huan Yang Reviewed-by: Martin Kaiser Signed-off-by: Herbert Xu commit f716045f24c2569448e1491857f638b8ffb6cafb Author: Yue Haibing Date: Tue Aug 20 16:25:25 2024 +0800 crypto: crypto4xx - Remove unused declaration crypto4xx_free_ctx() This function is never implemented and used since introduction in commit 049359d65527 ("crypto: amcc - Add crypt4xx driver"). Signed-off-by: Yue Haibing Signed-off-by: Herbert Xu commit 652e01be364b5bf2e7d4097831d1510c7301bdc2 Author: Yue Haibing Date: Tue Aug 20 16:25:24 2024 +0800 crypto: amlogic - Remove unused declaration meson_enqueue() This function is never implemented and used since introduction in commit 48fe583fe541 ("crypto: amlogic - Add crypto accelerator for amlogic GXL"). Signed-off-by: Yue Haibing Signed-off-by: Herbert Xu commit 60f911c4ebaf31bdc8de3603541b7b8e2bcdefc7 Author: Yue Haibing Date: Tue Aug 20 16:25:23 2024 +0800 crypto: ccp - Remove unused declaration sp_get_master() This function is never implemented and used since introduction in commit 720419f01832 ("crypto: ccp - Introduce the AMD Secure Processor device"). Signed-off-by: Yue Haibing Acked-by: Tom Lendacky Signed-off-by: Herbert Xu commit 5b6f4cd6fd56e81a37eddf02ef02ec98a4b90632 Author: Yue Haibing Date: Tue Aug 20 16:25:22 2024 +0800 crypto: octeontx - Remove unused declaration otx_cpt_callback() This function is never implemented and used since introduction in commit 10b4f09491bf ("crypto: marvell - add the Virtual Function driver for CPT") Signed-off-by: Yue Haibing Signed-off-by: Herbert Xu commit 106990f3b605c2fabe1ede86371ca7cc9b98ead9 Author: Yue Haibing Date: Tue Aug 20 16:25:21 2024 +0800 crypto: sl3516 - Remove unused declaration sl3516_ce_enqueue() This function is never implemented and used since introduction in commit 46c5338db7bd ("crypto: sl3516 - Add sl3516 crypto engine") Signed-off-by: Yue Haibing Signed-off-by: Herbert Xu commit f132386dc5e1c2dc5eeaf8742afb663a9666b6f4 Author: Yue Haibing Date: Tue Aug 20 16:25:20 2024 +0800 crypto: safexcel - Remove unused declaration safexcel_ring_first_rptr() Commit 9744fec95f06 ("crypto: inside-secure - remove request list to improve performance") declar this but never implemented. Signed-off-by: Yue Haibing Signed-off-by: Herbert Xu commit 9a7db819a184c21f605a4364131762d5db0c7010 Author: Zhu Jun Date: Tue Aug 20 00:42:42 2024 -0700 crypto: tools/ccp - Remove unused variable the variable is never referenced in the code, just remove them. Signed-off-by: Zhu Jun Reviewed-by: Mario Limonciello Signed-off-by: Herbert Xu commit 7f60adffe531c06bacab79dbf687f0ea85fb99e8 Author: Thorsten Blum Date: Mon Aug 19 16:18:44 2024 +0200 crypto: jitter - Use min() to simplify jent_read_entropy() Use the min() macro to simplify the jent_read_entropy() function and improve its readability. Signed-off-by: Thorsten Blum Signed-off-by: Herbert Xu commit ce3d2d6b150ba8528f3218ebf0cee2c2c572662d Author: Pavan Kumar Paluri Date: Thu Aug 15 07:25:00 2024 -0500 crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure In case of sev PLATFORM_STATUS failure, sev_get_api_version() fails resulting in sev_data field of psp_master nulled out. This later becomes a problem when unloading the ccp module because the device has not been unregistered (via misc_deregister()) before clearing the sev_data field of psp_master. As a result, on reloading the ccp module, a duplicate device issue is encountered as can be seen from the dmesg log below. on reloading ccp module via modprobe ccp Call Trace: dump_stack_lvl+0xd7/0xf0 dump_stack+0x10/0x20 sysfs_warn_dup+0x5c/0x70 sysfs_create_dir_ns+0xbc/0xd kobject_add_internal+0xb1/0x2f0 kobject_add+0x7a/0xe0 ? srso_alias_return_thunk+0x5/0xfbef5 ? get_device_parent+0xd4/0x1e0 ? __pfx_klist_children_get+0x10/0x10 device_add+0x121/0x870 ? srso_alias_return_thunk+0x5/0xfbef5 device_create_groups_vargs+0xdc/0x100 device_create_with_groups+0x3f/0x60 misc_register+0x13b/0x1c0 sev_dev_init+0x1d4/0x290 [ccp] psp_dev_init+0x136/0x300 [ccp] sp_init+0x6f/0x80 [ccp] sp_pci_probe+0x2a6/0x310 [ccp] ? srso_alias_return_thunk+0x5/0xfbef5 local_pci_probe+0x4b/0xb0 work_for_cpu_fn+0x1a/0x30 process_one_work+0x203/0x600 worker_thread+0x19e/0x350 ? __pfx_worker_thread+0x10/0x10 kthread+0xeb/0x120 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x3c/0x60 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 kobject: kobject_add_internal failed for sev with -EEXIST, don't try to register things with the same name in the same directory. ccp 0000:22:00.1: sev initialization failed ccp 0000:22:00.1: psp initialization failed ccp 0000:a2:00.1: no command queues available ccp 0000:a2:00.1: psp enabled Address this issue by unregistering the /dev/sev before clearing out sev_data in case of PLATFORM_STATUS failure. Fixes: 200664d5237f ("crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support") Cc: stable@vger.kernel.org Signed-off-by: Pavan Kumar Paluri Acked-by: Tom Lendacky Signed-off-by: Herbert Xu commit c5f728de696caa35481fd84202dfbc9fecc18e0b Author: Nirmoy Das Date: Mon Aug 26 18:20:35 2024 +0200 drm/xe: Fix memory leak on xe_alloc_pf_queue failure Simplify memory unwinding on error also fixing current memory leak that can happen on error. v2: use devm_kcalloc(Matt A) Fixes: 3338e4f90c14 ("drm/xe: Use topology to determine page fault queue size") Cc: Matthew Auld Cc: Matthew Brost Cc: Rodrigo Vivi Cc: Stuart Summers Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240826162035.20462-1-nirmoy.das@intel.com Signed-off-by: Nirmoy Das commit fbdaffe41adca26cb9566e92060b97cd6dd87b60 Merge: 670726a8262e69 fd3eaad826daf4 Author: David S. Miller Date: Fri Aug 30 10:27:36 2024 +0100 Merge branch 'am-qt2025-phy-rust' FUJITA Tomonori says: ==================== net: phy: add Applied Micro QT2025 PHY driver This patchset adds a PHY driver for Applied Micro Circuits Corporation QT2025. The first patch adds Rust equivalent to include/linux/sizes.h, makes code more readable. The 2-5th patches update the PHYLIB Rust bindings. The 4th and 5th patches have been reviewed previously in a different thread [1]. QT2025 PHY support was implemented as a part of an Ethernet driver for Tehuti Networks TN40xx chips. Multiple vendors (DLink, Asus, Edimax, QNAP, etc) developed adapters based on TN40xx chips. Tehuti Networks went out of business and the driver wasn't merged into mainline. But it's still distributed with some of the hardware (and also available on some vendor sites). The original driver handles multiple PHY hardware (AMCC QT2025, TI TLK10232, Aqrate AQR105, and Marvell MV88X3120, MV88X3310, and MV88E2010). I divided the original driver into MAC and PHY drivers and implemented a QT2025 PHY driver in Rust. The MAC driver for Tehuti Networks TN40xx chips was already merged in 6.11-rc1. The MAC and this PHY drivers have been tested with Edimax EN-9320SFP+ 10G network adapter. [1] https://lore.kernel.org/rust-for-linux/20240607052113.69026-1-fujita.tomonori@gmail.com/ v7: - add Trevor as Reviewer to MAINTAINERS file entry - add Trevor Reviewed-by - add/fix comments - replace uppercase hex with lowercase - remove unnecessary code - update the commit message (1st patch) v6: https://lore.kernel.org/netdev/20240820225719.91410-1-fujita.tomonori@gmail.com/ - improve comments - make the logic to load firmware more readable - add Copy trait to reg::{C22 and C45} - add Trevor Reviewed-by v5: https://lore.kernel.org/netdev/20240819005345.84255-1-fujita.tomonori@gmail.com/ - fix the comments (3th patch) - add RUST_FW_LOADER_ABSTRACTIONS dependency - add Andrew and Benno Reviewed-by v4: https://lore.kernel.org/netdev/20240817051939.77735-1-fujita.tomonori@gmail.com/ - fix the comments - add Andrew's Reviewed-by - fix the order of tags - remove wrong endianness conversion v3: https://lore.kernel.org/netdev/20240804233835.223460-1-fujita.tomonori@gmail.com/ - use addr_of_mut!` to avoid intermediate mutable reference - update probe callback's Safety comment - add MODULE_FIRMWARE equivalent - add Alice's Reviewed-by v2: https://lore.kernel.org/netdev/20240731042136.201327-1-fujita.tomonori@gmail.com/ - add comments in accordance with the hw datasheet - unify C22 and C45 APIs - load firmware in probe callback instead of config_init - use firmware API - handle firmware endian - check firmware size - use SZ_*K constants - avoid confusing phy_id variable v1: https://lore.kernel.org/netdev/20240415104701.4772-1-fujita.tomonori@gmail.com/ ==================== rom: FUJITA Tomonori To: netdev@vger.kernel.org Cc: rust-for-linux@vger.kernel.org, andrew@lunn.ch, tmgross@umich.edu, miguel.ojeda.sandonis@gmail.com, benno.lossin@proton.me, aliceryhl@google.com Subject: [PATCH net-next v7 0/6] net: phy: add Applied Micro QT2025 PHY driver Date: Sat, 24 Aug 2024 02:06:10 +0000 [thread overview] Message-ID: <20240824020617.113828-1-fujita.tomonori@gmail.com> (raw) This patchset adds a PHY driver for Applied Micro Circuits Corporation QT2025. The first patch adds Rust equivalent to include/linux/sizes.h, makes code more readable. The 2-5th patches update the PHYLIB Rust bindings. The 4th and 5th patches have been reviewed previously in a different thread [1]. QT2025 PHY support was implemented as a part of an Ethernet driver for Tehuti Networks TN40xx chips. Multiple vendors (DLink, Asus, Edimax, QNAP, etc) developed adapters based on TN40xx chips. Tehuti Networks went out of business and the driver wasn't merged into mainline. But it's still distributed with some of the hardware (and also available on some vendor sites). The original driver handles multiple PHY hardware (AMCC QT2025, TI TLK10232, Aqrate AQR105, and Marvell MV88X3120, MV88X3310, and MV88E2010). I divided the original driver into MAC and PHY drivers and implemented a QT2025 PHY driver in Rust. The MAC driver for Tehuti Networks TN40xx chips was already merged in 6.11-rc1. The MAC and this PHY drivers have been tested with Edimax EN-9320SFP+ 10G network adapter. [1] https://lore.kernel.org/rust-for-linux/20240607052113.69026-1-fujita.tomonori@gmail.com/ v7: - add Trevor as Reviewer to MAINTAINERS file entry - add Trevor Reviewed-by - add/fix comments - replace uppercase hex with lowercase - remove unnecessary code - update the commit message (1st patch) v6: https://lore.kernel.org/netdev/20240820225719.91410-1-fujita.tomonori@gmail.com/ - improve comments - make the logic to load firmware more readable - add Copy trait to reg::{C22 and C45} - add Trevor Reviewed-by v5: https://lore.kernel.org/netdev/20240819005345.84255-1-fujita.tomonori@gmail.com/ - fix the comments (3th patch) - add RUST_FW_LOADER_ABSTRACTIONS dependency - add Andrew and Benno Reviewed-by v4: https://lore.kernel.org/netdev/20240817051939.77735-1-fujita.tomonori@gmail.com/ - fix the comments - add Andrew's Reviewed-by - fix the order of tags - remove wrong endianness conversion v3: https://lore.kernel.org/netdev/20240804233835.223460-1-fujita.tomonori@gmail.com/ - use addr_of_mut!` to avoid intermediate mutable reference - update probe callback's Safety comment - add MODULE_FIRMWARE equivalent - add Alice's Reviewed-by v2: https://lore.kernel.org/netdev/20240731042136.201327-1-fujita.tomonori@gmail.com/ - add comments in accordance with the hw datasheet - unify C22 and C45 APIs - load firmware in probe callback instead of config_init - use firmware API - handle firmware endian - check firmware size - use SZ_*K constants - avoid confusing phy_id variable v1: https://lore.kernel.org/netdev/20240415104701.4772-1-fujita.tomonori@gmail.com/ Signed-off-by: David S. Miller rom: FUJITA Tomonori To: netdev@vger.kernel.org Cc: rust-for-linux@vger.kernel.org, andrew@lunn.ch, tmgross@umich.edu, miguel.ojeda.sandonis@gmail.com, benno.lossin@proton.me, aliceryhl@google.com Subject: [PATCH net-next v7 0/6] net: phy: add Applied Micro QT2025 PHY driver Date: Sat, 24 Aug 2024 02:06:10 +0000 [thread overview] Message-ID: <20240824020617.113828-1-fujita.tomonori@gmail.com> (raw) This patchset adds a PHY driver for Applied Micro Circuits Corporation QT2025. The first patch adds Rust equivalent to include/linux/sizes.h, makes code more readable. The 2-5th patches update the PHYLIB Rust bindings. The 4th and 5th patches have been reviewed previously in a different thread [1]. QT2025 PHY support was implemented as a part of an Ethernet driver for Tehuti Networks TN40xx chips. Multiple vendors (DLink, Asus, Edimax, QNAP, etc) developed adapters based on TN40xx chips. Tehuti Networks went out of business and the driver wasn't merged into mainline. But it's still distributed with some of the hardware (and also available on some vendor sites). The original driver handles multiple PHY hardware (AMCC QT2025, TI TLK10232, Aqrate AQR105, and Marvell MV88X3120, MV88X3310, and MV88E2010). I divided the original driver into MAC and PHY drivers and implemented a QT2025 PHY driver in Rust. The MAC driver for Tehuti Networks TN40xx chips was already merged in 6.11-rc1. The MAC and this PHY drivers have been tested with Edimax EN-9320SFP+ 10G network adapter. [1] https://lore.kernel.org/rust-for-linux/20240607052113.69026-1-fujita.tomonori@gmail.com/ v7: - add Trevor as Reviewer to MAINTAINERS file entry - add Trevor Reviewed-by - add/fix comments - replace uppercase hex with lowercase - remove unnecessary code - update the commit message (1st patch) v6: https://lore.kernel.org/netdev/20240820225719.91410-1-fujita.tomonori@gmail.com/ - improve comments - make the logic to load firmware more readable - add Copy trait to reg::{C22 and C45} - add Trevor Reviewed-by v5: https://lore.kernel.org/netdev/20240819005345.84255-1-fujita.tomonori@gmail.com/ - fix the comments (3th patch) - add RUST_FW_LOADER_ABSTRACTIONS dependency - add Andrew and Benno Reviewed-by v4: https://lore.kernel.org/netdev/20240817051939.77735-1-fujita.tomonori@gmail.com/ - fix the comments - add Andrew's Reviewed-by - fix the order of tags - remove wrong endianness conversion v3: https://lore.kernel.org/netdev/20240804233835.223460-1-fujita.tomonori@gmail.com/ - use addr_of_mut!` to avoid intermediate mutable reference - update probe callback's Safety comment - add MODULE_FIRMWARE equivalent - add Alice's Reviewed-by v2: https://lore.kernel.org/netdev/20240731042136.201327-1-fujita.tomonori@gmail.com/ - add comments in accordance with the hw datasheet - unify C22 and C45 APIs - load firmware in probe callback instead of config_init - use firmware API - handle firmware endian - check firmware size - use SZ_*K constants - avoid confusing phy_id variable v1: https://lore.kernel.org/netdev/20240415104701.4772-1-fujita.tomonori@gmail.com/ Signed-off-by: David S. Miller Reviewed-by: Andrew Lunn commit fd3eaad826daf4774835599e264b216a30129c32 Author: FUJITA Tomonori Date: Wed Aug 28 07:35:16 2024 +0000 net: phy: add Applied Micro QT2025 PHY driver This driver supports Applied Micro Circuits Corporation QT2025 PHY, based on a driver for Tehuti Networks TN40xx chips. The original driver for TN40xx chips supports multiple PHY hardware (AMCC QT2025, TI TLK10232, Aqrate AQR105, and Marvell 88X3120, 88X3310, and MV88E2010). This driver is extracted from the original driver and modified to a PHY driver in Rust. This has been tested with Edimax EN-9320SFP+ 10G network adapter. Reviewed-by: Trevor Gross Reviewed-by: Andrew Lunn Signed-off-by: FUJITA Tomonori Signed-off-by: David S. Miller commit 5114e05a3cfa61c2ea20fa2e223a8e519aa163e4 Author: FUJITA Tomonori Date: Wed Aug 28 07:35:15 2024 +0000 rust: net::phy unified genphy_read_status function for C22 and C45 registers Add unified genphy_read_status function for C22 and C45 registers. Instead of having genphy_c22 and genphy_c45 methods, this unifies genphy_read_status functions for C22 and C45. Reviewed-by: Trevor Gross Reviewed-by: Benno Lossin Reviewed-by: Andrew Lunn Signed-off-by: FUJITA Tomonori Signed-off-by: David S. Miller commit b2e47002b2350f57bfa8fe1c231e9fbb6baef78b Author: FUJITA Tomonori Date: Wed Aug 28 07:35:14 2024 +0000 rust: net::phy unified read/write API for C22 and C45 registers Add the unified read/write API for C22 and C45 registers. The abstractions support access to only C22 registers now. Instead of adding read/write_c45 methods specifically for C45, a new reg module supports the unified API to access C22 and C45 registers with trait, by calling an appropriate phylib functions. Reviewed-by: Trevor Gross Reviewed-by: Benno Lossin Reviewed-by: Andrew Lunn Signed-off-by: FUJITA Tomonori Signed-off-by: David S. Miller commit 7909892a9fbb3e60623e60c3c3e95e10fc56f687 Author: FUJITA Tomonori Date: Wed Aug 28 07:35:13 2024 +0000 rust: net::phy implement AsRef trait Implement AsRef trait for Device. A PHY driver needs a reference to device::Device to call the firmware API. Reviewed-by: Alice Ryhl Reviewed-by: Andrew Lunn Reviewed-by: Benno Lossin Reviewed-by: Trevor Gross Signed-off-by: FUJITA Tomonori Signed-off-by: David S. Miller commit ffd2747de6ab1545883bffe23f24e60625c1f455 Author: FUJITA Tomonori Date: Wed Aug 28 07:35:12 2024 +0000 rust: net::phy support probe callback Support phy_driver probe callback, used to set up device-specific structures. Reviewed-by: Alice Ryhl Reviewed-by: Andrew Lunn Reviewed-by: Benno Lossin Reviewed-by: Trevor Gross Signed-off-by: FUJITA Tomonori Signed-off-by: David S. Miller commit 4d080a029db1b2ff7e173d86886b3429596f3c63 Author: FUJITA Tomonori Date: Wed Aug 28 07:35:11 2024 +0000 rust: sizes: add commonly used constants Add rust equivalent to include/linux/sizes.h, makes code more readable. Only SZ_*K that QT2025 PHY driver uses are added. Make generated constants accessible with a proper type. Reviewed-by: Alice Ryhl Reviewed-by: Andrew Lunn Reviewed-by: Benno Lossin Reviewed-by: Trevor Gross Signed-off-by: FUJITA Tomonori Signed-off-by: David S. Miller commit 2bd87f0fc24ae29ead9808d341497f465b339c0a Author: Michal Wajdeczko Date: Wed Aug 28 23:08:09 2024 +0200 drm/xe/pf: Improve VF control Our initial VF control implementation was focused on providing a very minimal support for the VF_STATE_NOTIFY events just to meet GuC requirements, without tracking a VF state or doing any expected actions (like cleanup in case of the FLR notification). Try to improve this by defining set of VF state machines, each responsible for processing one activity (PAUSE, RESUME, STOP or FLR). All required steps defined by the VF state machine are then executed by the PF worker from the dedicated workqueue. Any external requests or notifications simply try to transition between the states to trigger a work and then wait for that work to finish. Some predefined default timeouts are used to avoid changing existing API calls, but it should be easy to extend the control API to also accept specific timeout values. Signed-off-by: Michal Wajdeczko Cc: Piotr Piórkowski Reviewed-by: Piotr Piórkowski Link: https://patchwork.freedesktop.org/patch/msgid/20240828210809.1528-5-michal.wajdeczko@intel.com commit d69300abc2dec930fd280a013984150ae7c6a386 Author: Michal Wajdeczko Date: Wed Aug 28 23:08:08 2024 +0200 drm/xe/pf: Drop GuC notifications for non-existing VF It is unlikely that GuC will ever send a G2H notification with an invalid VFID and it is currently harmless if that actually happen. But in upcoming patches we will start using that VFID as an index and we must be sure it is a valid to avoid a crash due to a buggy firmware or a currupted G2H message. Signed-off-by: Michal Wajdeczko Reviewed-by: Piotr Piórkowski Link: https://patchwork.freedesktop.org/patch/msgid/20240828210809.1528-4-michal.wajdeczko@intel.com commit 65fe9617a1256f0a36696d48f7c63a8d3ec290bc Author: Michal Wajdeczko Date: Wed Aug 28 23:08:07 2024 +0200 drm/xe/pf: Fix documentation formatting Current formatting of "The VF FLR Flow with GuC" only looks fine, but it will not render properly when included in htmldocs due to: WARNING: Block quote ends without a blank line; unexpected unindent. CRITICAL: Missing matching underline for section title overline. Fix that by adding proper indent and using list markup. Signed-off-by: Michal Wajdeczko Reviewed-by: Piotr Piórkowski Link: https://patchwork.freedesktop.org/patch/msgid/20240828210809.1528-3-michal.wajdeczko@intel.com commit 16ba2b28df3a83443fc6b4e5491189d2e5caca64 Author: Michal Wajdeczko Date: Wed Aug 28 23:08:06 2024 +0200 drm/xe/pf: Add function to sanitize VF resources On current platforms it is a PF driver responsibility to clear some of the VF's resources during a VF FLR. Add simple function that will clear configured VF resources (GGTT, LMEM). We will start using this function soon. Signed-off-by: Michal Wajdeczko Reviewed-by: Piotr Piórkowski Link: https://patchwork.freedesktop.org/patch/msgid/20240828210809.1528-2-michal.wajdeczko@intel.com commit 0d078d47cd3e93a88af40a8d1b05d38ee1a3aaeb Author: Siddharth Vadapalli Date: Mon Jul 15 17:39:34 2024 +0530 dt-bindings: mfd: syscon: Add ti,j784s4-acspcie-proxy-ctrl compatible The ACSPCIE_PROXY_CTRL registers within the CTRL_MMR space of TI's J784S4 SoC are used to drive the reference clock to the PCIe Endpoint device via the PAD IO Buffers. Add the compatible for allowing the PCIe driver to obtain the regmap for the ACSPCIE_CTRL register within the System Controller device-tree node in order to enable the PAD IO Buffers. The Technical Reference Manual for J784S4 SoC with details of the ASCPCIE_CTRL registers is available at: https://www.ti.com/lit/zip/spruj52 Signed-off-by: Siddharth Vadapalli Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240715120936.1150314-2-s-vadapalli@ti.com Signed-off-by: Lee Jones commit 87b9c9ea01f4fd9193f30cc19bd03b05541ff4cb Author: Wilken Gottwalt Date: Mon Jul 15 08:17:28 2024 +0000 mfd: ds1wm: Remove remaining header file The driver was removed after kernel 6.2 rendering the header file unused. Signed-off-by: Wilken Gottwalt Link: https://lore.kernel.org/r/ZpTbGHb6EX2Oe7ok@monster.localdomain Signed-off-by: Lee Jones commit 25aca9353e183da6d8296154effa02db6a6e213b Author: Lukas Bulwahn Date: Thu Jul 11 08:51:40 2024 +0200 MAINTAINERS: Repair file entry in MARVELL 88PM886 PMIC DRIVER Commit f53d3efa366b ("MAINTAINERS: Add myself for Marvell 88PM886 PMIC") adds a file entry referring to drivers/regulators/88pm886-regulator.c, but the directory is actually called drivers/regulator. Note that there is no 's' at the end. Hence, ./scripts/get_maintainer.pl --self-test=patterns complains about a broken reference. Repair the file entry in the MARVELL 88PM886 PMIC DRIVER section. Fixes: f53d3efa366b ("MAINTAINERS: Add myself for Marvell 88PM886 PMIC") Signed-off-by: Lukas Bulwahn Reviewed-by: Karel Balej Link: https://lore.kernel.org/r/20240711065140.140703-1-lukas.bulwahn@redhat.com Signed-off-by: Lee Jones commit 62432c2b2eb647c0d3869a6c19e5d9c3d0ac3ce0 Author: Chen Ni Date: Tue Jul 9 11:18:24 2024 +0800 mfd: 88pm860x-core: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Link: https://lore.kernel.org/r/20240709031824.585922-1-nichen@iscas.ac.cn Signed-off-by: Lee Jones commit 82f898f47112bc7b787cb9ce8803c4e2f9f60c89 Author: Krzysztof Kozlowski Date: Sun Jul 7 13:48:23 2024 +0200 mfd: syscon: Use scoped variables with memory allocators to simplify error paths Allocate the memory with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240707114823.9175-2-krzysztof.kozlowski@linaro.org Signed-off-by: Lee Jones commit 4194783812687c5ee51e8f06ec7eb008afdc6764 Author: Krzysztof Kozlowski Date: Sun Jul 7 13:48:22 2024 +0200 mfd: mt6360: Use scoped variables with memory allocators to simplify error paths Allocate the memory with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240707114823.9175-1-krzysztof.kozlowski@linaro.org Signed-off-by: Lee Jones commit 691277c90ceb79ef01b8da07150c814fead0a3d7 Author: Javier Carrasco Date: Thu Jul 4 19:23:34 2024 +0200 mfd: sprd-sc27xx-spi: Constify struct regmap_bus `sprd_pmic_regmap` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Reviewed-by: Baolin Wang Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-24-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit ef29932370d54516f98f88196fc3f5c7e12ed50a Author: Javier Carrasco Date: Thu Jul 4 19:23:33 2024 +0200 mfd: mc13xxx-spi: Constify struct regmap_bus `regmap_mc13xxx_bus` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-23-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 9bc6a6bb9f55c445c760874fee1297d29799c964 Author: Javier Carrasco Date: Thu Jul 4 19:23:32 2024 +0200 mfd: gateworks-gsc: Constify struct regmap_bus `gsc_regmap_bus` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-22-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 3062ba3a4e6a89b4622599ac640d14f374c12cfa Author: Javier Carrasco Date: Thu Jul 4 19:23:31 2024 +0200 mfd: twl6040: Constify struct regmap_irq_chip `twl6040_irq_chip` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-21-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 339a3bade9ccb83fc95490f8ac4c39df16c06383 Author: Javier Carrasco Date: Thu Jul 4 19:23:30 2024 +0200 mfd: tps65912: Constify struct regmap_irq_chip `tps65912_irq_chip` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-20-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 9544cc6552da3840146104b2363d64c40b3d09d9 Author: Javier Carrasco Date: Thu Jul 4 19:23:29 2024 +0200 mfd: tps65910: Constify struct regmap_irq_chip `tps65910_irq_chip` and `tps65911_irq_chip` are not modified and can be declared as const to move their data to a read-only section. The pointer used to reference those structs has also been converted to const. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-19-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 36b6675f784e58f8aa0d274822f1b9d01add9c94 Author: Javier Carrasco Date: Thu Jul 4 19:23:28 2024 +0200 mfd: tps65219: Constify read-only regmap structs `tps65219_irqs` and `tps65219_irq_chip` are not modified and can be declared as const to move their data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-18-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 687d1a4c0d2bc4d0f347696bb28a1d8d5bb73ae0 Author: Javier Carrasco Date: Thu Jul 4 19:23:27 2024 +0200 mfd: tps65218: Constify struct regmap_irq_chip `tps65218_irq_chip` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-17-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit ee9675074939405587edf88c056e8d53bcbf421a Author: Javier Carrasco Date: Thu Jul 4 19:23:26 2024 +0200 mfd: tps65090: Constify struct regmap_irq_chip `tps65090_irq_chip` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-16-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit d6357e2d1df42296c829a9d3e6118ef6f2006b3d Author: Javier Carrasco Date: Thu Jul 4 19:23:25 2024 +0200 mfd: tps65086: Constify struct regmap_irq_chip `tps65086_irq_chip` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-15-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 7206d721099e0776af38f703b657590f6a3bb3ad Author: Javier Carrasco Date: Thu Jul 4 19:23:24 2024 +0200 mfd: rohm-bd718x7: Constify struct regmap_irq_chip `bd718xx_irq_chip` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Reviewed-by: Matti Vaittinen Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-14-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit a8c4b0c469957955629c0c68be557cb64800dff1 Author: Javier Carrasco Date: Thu Jul 4 19:23:23 2024 +0200 mfd: rohm-bd71828: Constify read-only regmap structs The regmap_irq and regmap_irq_chip structs are not modified and can be declared as const to move their data to a read-only section. Signed-off-by: Javier Carrasco Reviewed-by: Matti Vaittinen Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-13-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 6e2a75bdf8664d6e77c4c4e77812a645064f73d2 Author: Javier Carrasco Date: Thu Jul 4 19:23:22 2024 +0200 mfd: rk8xx-core: Constify struct regmap_irq_chip The regmap_irq_chip structs are not modified and can be declared as const to move their data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-12-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 5af1a4caa710362856034152de44d505f0cdd173 Author: Javier Carrasco Date: Thu Jul 4 19:23:21 2024 +0200 mfd: retu: Constify read-only regmap structs The regmap_bus, regmap_irq and regmap_irq_chip structs are not modified and can be declared as const to move their data to a read-only section. The pointer to reference the regmap_irq_chip structs has been converted to const. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-11-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit a3cf8baf2464ecbd036e7f7773d6ab2e4d9aa532 Author: Javier Carrasco Date: Thu Jul 4 19:23:20 2024 +0200 mfd: intel_soc_pmic_bxtwc: Constify struct regmap_irq_chip The regmap_irq_chip structs are not modified and can be declared as const to move their data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-10-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 657eb79a1cdbbce190185ca61b11131ed4963d59 Author: Javier Carrasco Date: Thu Jul 4 19:23:19 2024 +0200 mfd: bd9571mwv: Constify struct regmap_irq_chip `bd9571mwv_irq_chip` and `bd9574mwf_irq_chip` are not modified and can be declared as const to move their data to a read-only section. Signed-off-by: Javier Carrasco Reviewed-by: Matti Vaittinen Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-9-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 2a9f8995f7139a759fe8cb31d9e8a433757228ec Author: Javier Carrasco Date: Thu Jul 4 19:23:18 2024 +0200 mfd: 88pm80x: Constify read-only regmap structs `pm800_irq`, `pm805_irq` and `pm805_irq_chip` are not modified and can be declared as const to move their data to a read-only section. In order to keep the const modifier for the regmap_irq_chip structures, the pointer used to reference them must be converted to const as well. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-8-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 9842c62162858c7b0625dd3e00085b68167257d3 Author: Javier Carrasco Date: Thu Jul 4 19:23:17 2024 +0200 mfd: intel-m10-bmc: Constify struct regmap_config `m10bmc_pmci_regmap_config` and `intel_m10bmc_regmap_config` are not modified and can be declared as const to move their data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-7-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit c3bd9a0fb68539917b9000efcb549da28ae78a63 Author: Javier Carrasco Date: Thu Jul 4 19:23:16 2024 +0200 mfd: rohm-bd9576: Constify read-only regmap structs `bd957x_regmap`, `bd9576_irqs` and `bd9576_irq_chip` are not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Reviewed-by: Matti Vaittinen Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-6-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 9a17090de5690566af603d18894b3347c9259efb Author: Javier Carrasco Date: Thu Jul 4 19:23:15 2024 +0200 mfd: tps6105x: Constify struct regmap_config `tps6105x_regmap_config` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-5-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit e8b4dd69cf0565a32d020d1eed0188e3f7bd26e4 Author: Javier Carrasco Date: Thu Jul 4 19:23:14 2024 +0200 mfd: wcd934x: Constify struct regmap_config `wcd934x_regmap_config` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-4-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 2f6a45c6ab58fceac2526bf80f29becfb2bb58f7 Author: Javier Carrasco Date: Thu Jul 4 19:23:13 2024 +0200 mfd: hi655x-pmic: Constify struct regmap_config `hi655x_regmap_config` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-3-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 6a68c7d0a6e684cc7bb1974d19f823e8bac1d212 Author: Javier Carrasco Date: Thu Jul 4 19:23:12 2024 +0200 mfd: fsl-imx25-tsadc: Constify struct regmap_config `mx25_tsadc_regmap_config` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-2-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit c5416d4b6a864947e7ecfd668f3b4e39cccb0fa3 Author: Javier Carrasco Date: Thu Jul 4 19:23:11 2024 +0200 mfd: da9062-core: Constify read-only regmap structs `da9061_regmap_{config,irq,irq_chip}` and `da9062_{config,irq,irq_chip}` are not modified and can be declared as const to move their data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240704-mfd-const-regmap_config-v2-1-0c8785b1331d@gmail.com Signed-off-by: Lee Jones commit 03bd36838e18a5b36444f273bfd3546789ac86c8 Merge: 2e1a57d5b0adbb e9b503879fd2b6 Author: Lee Jones Date: Fri Aug 30 09:35:11 2024 +0100 Merge branches 'ib-mfd-for-iio-power-6.12' and 'ib-mfd-gpio-pwm-6.12' into ibs-for-mfd-merged commit d4bd8f3023b68f72431e05ec6cbc793519b449cf Author: Xianwei Zhao Date: Fri Aug 30 13:26:10 2024 +0800 arm64: dts: amlogic: add C3 AW419 board Add Amlogic C3 C308L AW419 board. The corresponding binding has been applied, therefore, this series does not need to add a binding corresponding to the AW419 board. Reviewed-by: Neil Armstrong Signed-off-by: Xianwei Zhao Link: https://lore.kernel.org/r/20240830-c3_add_node-v4-3-b56c0511e9dc@amlogic.com Signed-off-by: Neil Armstrong commit 520b792e83171efc8ec0b004412b44dabc044de0 Author: Xianwei Zhao Date: Fri Aug 30 13:26:09 2024 +0800 arm64: dts: amlogic: add some device nodes for C3 Add some device nodes for SoC C3, including periphs clock controller node, PLL clock controller node, SPICC node, regulator node, NAND controller node, sdcard node, Ethernet MAC and PHY node. The sdacrd depends on regulator and pinctrl(select), so some property fields are placed at the board level. The nand chip is placed on the board, So some property fields about SPIFC and NAND controller node are placed at the board level. THe Ethernet MAC support outchip PHY, so place this property field(select PHY) at the board level. Signed-off-by: Xianwei Zhao Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240830-c3_add_node-v4-2-b56c0511e9dc@amlogic.com Signed-off-by: Neil Armstrong commit 4ccba8cb2c5ca573d9bbf366e7d9d5e9761518c0 Author: Xianwei Zhao Date: Fri Aug 30 13:26:08 2024 +0800 dt-bindings: clock: fix C3 PLL input parameter Add C3 PLL controller input clock parameters "fix". The clock named "fix" was initially implemented in PLL clock controller driver. However, some registers required secure zone access, so we moved it to the secure zone (BL31) and accessed it through SCMI. Since the PLL clock driver needs to use this clock, the "fix" clock is used as an input source. We updated the driver but forgot to modify the binding accordingly, so we are adding it here. It is an ABI break but on a new and immature platform. Noboby could really use that platform at this stage, so nothing is going to break on anyone really. Fixes: 0e6be855a96d ("dt-bindings: clock: add Amlogic C3 PLL clock controller") Reviewed-by: Krzysztof Kozlowski Signed-off-by: Xianwei Zhao Link: https://lore.kernel.org/r/20240830-c3_add_node-v4-1-b56c0511e9dc@amlogic.com Signed-off-by: Neil Armstrong commit 64c38866500b0bda4363fb994d545557dffb017c Author: Liao Chen Date: Tue Aug 27 12:24:31 2024 +0000 leds: turris-omnia: Fix module autoloading with MODULE_DEVICE_TABLE() Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Link: https://lore.kernel.org/r/20240827122431.430818-1-liaochen4@huawei.com Signed-off-by: Lee Jones commit 54306f564441f6bc99514af45552236f28b1768d Author: Colton Lewis Date: Fri Aug 23 17:58:36 2024 +0000 KVM: arm64: selftests: Add arch_timer_edge_cases selftest Add a new arch_timer_edge_cases selftests that validates: * timers above the max TVAL value * timers in the past * moving counters ahead and behind pending timers * reprograming timers * timers fired multiple times * masking/unmasking using the timer control mask These are intentionally unusual scenarios to stress compliance with the arm architecture. Co-developed-by: Ricardo Koller Signed-off-by: Ricardo Koller Signed-off-by: Colton Lewis Link: https://lore.kernel.org/r/20240823175836.2798235-3-coltonlewis@google.com Signed-off-by: Marc Zyngier commit ca1a18368d764f9b29ab0c79b3ddd712f5511855 Author: Colton Lewis Date: Fri Aug 23 17:58:35 2024 +0000 KVM: arm64: selftests: Ensure pending interrupts are handled in arch_timer test Break up the asm instructions poking daifclr and daifset to handle interrupts. R_RBZYL specifies pending interrupts will be handle after context synchronization events such as an ISB. Introduce a function wrapper for the WFI instruction. Signed-off-by: Colton Lewis Link: https://lore.kernel.org/r/20240823175836.2798235-2-coltonlewis@google.com Signed-off-by: Marc Zyngier commit 3c2ea12a625dbf5a864f4920235fa1c739d06e7d Author: Claudiu Beznea Date: Thu Aug 22 18:27:57 2024 +0300 phy: renesas: rcar-gen3-usb2: Add support for the RZ/G3S SoC Add support for the Renesas RZ/G3S SoC. The support is similar with the rest of RZ/G2 devices with the except that the RZ/G3S needs bus initialization due to hardware limitation. Signed-off-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240822152801.602318-13-claudiu.beznea.uj@bp.renesas.com Signed-off-by: Vinod Koul commit f3c8498551146dfb014be0d85d3a7df98be16aa2 Author: Claudiu Beznea Date: Thu Aug 22 18:27:56 2024 +0300 dt-bindings: phy: renesas,usb2-phy: Document RZ/G3S phy bindings Document the RZ/G3S PHY bindings. The RZ/G3S USB PHY is almost identical with the RZ/G2L USB PHY. The difference is that there is a hardware limitation on the max burst size used when the BUS master interface issues a transfer request for RZ/G3S that is configured though PHY registers. Signed-off-by: Claudiu Beznea Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240822152801.602318-12-claudiu.beznea.uj@bp.renesas.com Signed-off-by: Vinod Koul commit 4eae16375357a2a7e8501be5469532f7636064b3 Author: Claudiu Beznea Date: Thu Aug 22 18:27:55 2024 +0300 phy: renesas: rcar-gen3-usb2: Add support to initialize the bus The Renesas RZ/G3S need to initialize the USB BUS before transferring data due to hardware limitation. As the register that need to be touched for this is in the address space of the USB PHY, and the UBS PHY need to be initialized before any other USB drivers handling data transfer, add support to initialize the USB BUS. As the USB PHY is probed before any other USB drivers that enables clocks and de-assert the reset signals and the BUS initialization is done in the probe phase, we need to add code to de-assert reset signal and runtime resume the device (which enables its clocks) before accessing the registers. As the reset signals are not required by the USB PHY driver for the other USB PHY hardware variants, the reset signals and runtime PM was handled only in the function that initialize the USB BUS. The PHY initialization was done right after runtime PM enable to have all in place when the PHYs are registered. Signed-off-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240822152801.602318-11-claudiu.beznea.uj@bp.renesas.com Signed-off-by: Vinod Koul commit 2aad93b6de0d874038d3d7958be05011284cd6b9 Author: Bastien Curutchet Date: Mon Aug 26 15:32:37 2024 +0200 leds: pca9532: Remove irrelevant blink configuration error message The update_hw_blink() function prints an error message when hardware is not able to handle a blink configuration on its own. IMHO, this isn't a 'real' error since the software fallback is used afterwards. Remove the error messages to avoid flooding the logs with unnecessary messages. Cc: stable@vger.kernel.org Fixes: 48ca7f302cfc ("leds: pca9532: Use PWM1 for hardware blinking") Signed-off-by: Bastien Curutchet Link: https://lore.kernel.org/r/20240826133237.134604-1-bastien.curutchet@bootlin.com Signed-off-by: Lee Jones commit 0d5a213c2eae880e0f7f8bc252314bae194d68d8 Author: Krzysztof Kozlowski Date: Mon Aug 26 12:07:27 2024 +0200 phy: ti: j721e-wiz: Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240826-phy-of-node-scope-v1-11-5b4d82582644@linaro.org Signed-off-by: Vinod Koul commit afd7aaf3ecaf1b247db1294ef0687fb3cb530213 Author: Krzysztof Kozlowski Date: Mon Aug 26 12:07:26 2024 +0200 phy: ti: j721e-wiz: Drop OF node reference earlier for simpler code Drop OF node reference immediately after using it in syscon_node_to_regmap(), which is both simpler and typical/expected code pattern. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240826-phy-of-node-scope-v1-10-5b4d82582644@linaro.org Signed-off-by: Vinod Koul commit 27a4046255377eb0faab5c41fd271b1acab1ac41 Author: Krzysztof Kozlowski Date: Mon Aug 26 12:07:25 2024 +0200 phy: ti: gmii-sel: Simplify with dev_err_probe() Use dev_err_probe() to avoid dmesg flood on actual defer. This makes the code also simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240826-phy-of-node-scope-v1-9-5b4d82582644@linaro.org Signed-off-by: Vinod Koul commit 29b44a38503856952862c710d47d933c0173fd04 Author: Krzysztof Kozlowski Date: Mon Aug 26 12:07:24 2024 +0200 phy: ti: am654-serdes: Use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Unlike in other typical of_node_get+syscon_node_to_regmap cases, the reference cannot be dropped immediately after syscon_node_to_regmap(), because further part of probe() uses it. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240826-phy-of-node-scope-v1-8-5b4d82582644@linaro.org Signed-off-by: Vinod Koul commit 608863e1e600a4d91b00dddd6ff11eda1cbebaa5 Author: Krzysztof Kozlowski Date: Mon Aug 26 12:07:23 2024 +0200 phy: qcom: qmp-pcie-msm8996: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240826-phy-of-node-scope-v1-7-5b4d82582644@linaro.org Signed-off-by: Vinod Koul commit 77df35acd182a23c117a937ffd6b0830a5428649 Author: Krzysztof Kozlowski Date: Mon Aug 26 12:07:22 2024 +0200 phy: mediatek: xsphy: Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240826-phy-of-node-scope-v1-6-5b4d82582644@linaro.org Signed-off-by: Vinod Koul commit d2714416770ed0cecaf69eaff34d20817f2c3bea Author: Krzysztof Kozlowski Date: Mon Aug 26 12:07:21 2024 +0200 phy: mediatek: tphy: Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240826-phy-of-node-scope-v1-5-5b4d82582644@linaro.org Signed-off-by: Vinod Koul commit 93cab07a02f08e4a2837dd22280b741ba0a7a541 Author: Krzysztof Kozlowski Date: Mon Aug 26 12:07:20 2024 +0200 phy: hisilicon: usb2: Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240826-phy-of-node-scope-v1-4-5b4d82582644@linaro.org Signed-off-by: Vinod Koul commit 612f9fcb435fdc9abd46b6339c9000cef6d323a2 Author: Krzysztof Kozlowski Date: Mon Aug 26 12:07:19 2024 +0200 phy: cadence: sierra: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240826-phy-of-node-scope-v1-3-5b4d82582644@linaro.org Signed-off-by: Vinod Koul commit a7f1dbf479d2a3cbf2a25bd186bbe15efd17d849 Author: Krzysztof Kozlowski Date: Mon Aug 26 12:07:18 2024 +0200 phy: broadcom: brcm-sata: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Florian Fainelli Link: https://lore.kernel.org/r/20240826-phy-of-node-scope-v1-2-5b4d82582644@linaro.org Signed-off-by: Vinod Koul commit e33525de6c3c7780564e0859ea6daef27309995b Author: Krzysztof Kozlowski Date: Mon Aug 26 12:07:17 2024 +0200 phy: broadcom: bcm-cygnus-pcie: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Florian Fainelli Link: https://lore.kernel.org/r/20240826-phy-of-node-scope-v1-1-5b4d82582644@linaro.org Signed-off-by: Vinod Koul commit cd77b0dd6fe1397523d548a03c7d1e1d704cb93c Merge: 9b82ec85ebb326 39dbbd4e6778ac Author: Linus Walleij Date: Fri Aug 30 09:30:25 2024 +0200 Merge tag 'samsung-pinctrl-6.12' of https://git.kernel.org/pub/scm/linux/kernel/git/pinctrl/samsung into devel Samsung pinctrl drivers changes for v6.12 1. Few cleanups: use more appropriate of_property_present(), use scoped OF nodes handling and switch to kmemdup_array(). 2. Implement configuring pull-up and pull-down via GPIOLIB. Signed-off-by: Linus Walleij commit 459ca85ae1feff78d1518344df88bb79a092780c Author: Julian Sun Date: Wed Aug 28 16:13:59 2024 +0800 writeback: Refine the show_inode_state() macro definition Currently, the show_inode_state() macro only prints part of the state of inode->i_state. Let’s improve it to display more of its state. Signed-off-by: Julian Sun Link: https://lore.kernel.org/r/20240828081359.62429-1-sunjunchao2870@gmail.com Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 7f7b850689ac06a62befe26e1fd1806799e7f152 Author: Li Zhijian Date: Mon Aug 26 13:55:03 2024 +0800 fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name It's observed that a crash occurs during hot-remove a memory device, in which user is accessing the hugetlb. See calltrace as following: ------------[ cut here ]------------ WARNING: CPU: 1 PID: 14045 at arch/x86/mm/fault.c:1278 do_user_addr_fault+0x2a0/0x790 Modules linked in: kmem device_dax cxl_mem cxl_pmem cxl_port cxl_pci dax_hmem dax_pmem nd_pmem cxl_acpi nd_btt cxl_core crc32c_intel nvme virtiofs fuse nvme_core nfit libnvdimm dm_multipath scsi_dh_rdac scsi_dh_emc s mirror dm_region_hash dm_log dm_mod CPU: 1 PID: 14045 Comm: daxctl Not tainted 6.10.0-rc2-lizhijian+ #492 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 RIP: 0010:do_user_addr_fault+0x2a0/0x790 Code: 48 8b 00 a8 04 0f 84 b5 fe ff ff e9 1c ff ff ff 4c 89 e9 4c 89 e2 be 01 00 00 00 bf 02 00 00 00 e8 b5 ef 24 00 e9 42 fe ff ff <0f> 0b 48 83 c4 08 4c 89 ea 48 89 ee 4c 89 e7 5b 5d 41 5c 41 5d 41 RSP: 0000:ffffc90000a575f0 EFLAGS: 00010046 RAX: ffff88800c303600 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000001000 RSI: ffffffff82504162 RDI: ffffffff824b2c36 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffffc90000a57658 R13: 0000000000001000 R14: ffff88800bc2e040 R15: 0000000000000000 FS: 00007f51cb57d880(0000) GS:ffff88807fd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000001000 CR3: 00000000072e2004 CR4: 00000000001706f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ? __warn+0x8d/0x190 ? do_user_addr_fault+0x2a0/0x790 ? report_bug+0x1c3/0x1d0 ? handle_bug+0x3c/0x70 ? exc_invalid_op+0x14/0x70 ? asm_exc_invalid_op+0x16/0x20 ? do_user_addr_fault+0x2a0/0x790 ? exc_page_fault+0x31/0x200 exc_page_fault+0x68/0x200 <...snip...> BUG: unable to handle page fault for address: 0000000000001000 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 800000000ad92067 P4D 800000000ad92067 PUD 7677067 PMD 0 Oops: Oops: 0000 [#1] PREEMPT SMP PTI ---[ end trace 0000000000000000 ]--- BUG: unable to handle page fault for address: 0000000000001000 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 800000000ad92067 P4D 800000000ad92067 PUD 7677067 PMD 0 Oops: Oops: 0000 [#1] PREEMPT SMP PTI CPU: 1 PID: 14045 Comm: daxctl Kdump: loaded Tainted: G W 6.10.0-rc2-lizhijian+ #492 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 RIP: 0010:dentry_name+0x1f4/0x440 <...snip...> ? dentry_name+0x2fa/0x440 vsnprintf+0x1f3/0x4f0 vprintk_store+0x23a/0x540 vprintk_emit+0x6d/0x330 _printk+0x58/0x80 dump_mapping+0x10b/0x1a0 ? __pfx_free_object_rcu+0x10/0x10 __dump_page+0x26b/0x3e0 ? vprintk_emit+0xe0/0x330 ? _printk+0x58/0x80 ? dump_page+0x17/0x50 dump_page+0x17/0x50 do_migrate_range+0x2f7/0x7f0 ? do_migrate_range+0x42/0x7f0 ? offline_pages+0x2f4/0x8c0 offline_pages+0x60a/0x8c0 memory_subsys_offline+0x9f/0x1c0 ? lockdep_hardirqs_on+0x77/0x100 ? _raw_spin_unlock_irqrestore+0x38/0x60 device_offline+0xe3/0x110 state_store+0x6e/0xc0 kernfs_fop_write_iter+0x143/0x200 vfs_write+0x39f/0x560 ksys_write+0x65/0xf0 do_syscall_64+0x62/0x130 Previously, some sanity check have been done in dump_mapping() before the print facility parsing '%pd' though, it's still possible to run into an invalid dentry.d_name.name. Since dump_mapping() only needs to dump the filename only, retrieve it by itself in a safer way to prevent an unnecessary crash. Note that either retrieving the filename with '%pd' or strncpy_from_kernel_nofault(), the filename could be unreliable. Signed-off-by: Li Zhijian Link: https://lore.kernel.org/r/20240826055503.1522320-1-lizhijian@fujitsu.com Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 75e4c6bcb88a60402c71ae87328813babb0e679a Author: Yu Jiaoliang Date: Fri Aug 23 09:55:41 2024 +0800 mnt_idmapping: Use kmemdup_array instead of kmemdup for multiple allocation Let the kememdup_array() take care about multiplication and possible overflows. v2:Add a new modification for reverse array. Signed-off-by: Yu Jiaoliang Link: https://lore.kernel.org/r/20240823015542.3006262-1-yujiaoliang@vivo.com Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 3c58a9575e02c2b90a3180007d57105ceaa7c246 Author: Baokun Li Date: Mon Aug 26 19:34:04 2024 +0800 netfs: Delete subtree of 'fs/netfs' when netfs module exits In netfs_init() or fscache_proc_init(), we create dentry under 'fs/netfs', but in netfs_exit(), we only delete the proc entry of 'fs/netfs' without deleting its subtree. This triggers the following WARNING: ================================================================== remove_proc_entry: removing non-empty directory 'fs/netfs', leaking at least 'requests' WARNING: CPU: 4 PID: 566 at fs/proc/generic.c:717 remove_proc_entry+0x160/0x1c0 Modules linked in: netfs(-) CPU: 4 UID: 0 PID: 566 Comm: rmmod Not tainted 6.11.0-rc3 #860 RIP: 0010:remove_proc_entry+0x160/0x1c0 Call Trace: netfs_exit+0x12/0x620 [netfs] __do_sys_delete_module.isra.0+0x14c/0x2e0 do_syscall_64+0x4b/0x110 entry_SYSCALL_64_after_hwframe+0x76/0x7e ================================================================== Therefore use remove_proc_subtree() instead of remove_proc_entry() to fix the above problem. Fixes: 7eb5b3e3a0a5 ("netfs, fscache: Move /proc/fs/fscache to /proc/fs/netfs and put in a symlink") Cc: stable@kernel.org Signed-off-by: Baokun Li Link: https://lore.kernel.org/r/20240826113404.3214786-1-libaokun@huaweicloud.com Acked-by: David Howells Signed-off-by: Christian Brauner commit 73ce1c9fce70ec6f1fcfaf3da51d0b58368b44f3 Author: Hongbo Li Date: Wed Aug 21 14:54:56 2024 +0800 fs: use LIST_HEAD() to simplify code list_head can be initialized automatically with LIST_HEAD() instead of calling INIT_LIST_HEAD(). Signed-off-by: Hongbo Li Link: https://lore.kernel.org/r/20240821065456.2294216-1-lihongbo22@huawei.com Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 41b734352c1314807e2eea610023a9d9a340070f Merge: 88b1afbf0f6b22 2b111edbe0a9c4 Author: Christian Brauner Date: Mon Aug 26 14:19:53 2024 +0200 Merge patch series "fs: add i_state helpers" Christian Brauner says: I've recently looked for some free space in struct inode again because of some exec kerfuffle we had and while my idea didn't turn into anything I noticed that we often waste bytes when using wait bit operations. So I set out to switch that to another mechanism that would allow us to free up bytes. So this is an attempt to turn i_state from an unsigned long into an u32 using the individual bytes of i_state as addresses for the wait var event mechanism (Thanks to Linus for that idea.). This survives LTP, xfstests on various filesystems, and will-it-scale. * patches from https://lore.kernel.org/r/20240823-work-i_state-v3-1-5cd5fd207a57@kernel.org: inode: make i_state a u32 inode: port __I_LRU_ISOLATING to var event inode: port __I_NEW to var event inode: port __I_SYNC to var event fs: reorder i_state bits fs: add i_state helpers Link: https://lore.kernel.org/r/20240823-work-i_state-v3-1-5cd5fd207a57@kernel.org Signed-off-by: Christian Brauner commit 2b111edbe0a9c441605be5cfb73001dc98ec686f Author: Christian Brauner Date: Fri Aug 23 14:47:40 2024 +0200 inode: make i_state a u32 Now that we use the wait var event mechanism make i_state a u32 and free up 4 bytes. This means we currently have two 4 byte holes in struct inode which we can pack. Link: https://lore.kernel.org/r/20240823-work-i_state-v3-6-5cd5fd207a57@kernel.org Reviewed-by: Josef Bacik Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit f469e6e6f51ba6d973d30bea1d66e17da73fc1bb Author: Christian Brauner Date: Fri Aug 23 14:47:39 2024 +0200 inode: port __I_LRU_ISOLATING to var event Port the __I_LRU_ISOLATING mechanism to use the new var event mechanism. Link: https://lore.kernel.org/r/20240823-work-i_state-v3-5-5cd5fd207a57@kernel.org Reviewed-by: Josef Bacik Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 88b1afbf0f6b221f6c5bb66cc80cd3b38d696687 Author: Julian Sun Date: Fri Aug 23 21:07:30 2024 +0800 vfs: fix race between evice_inodes() and find_inode()&iput() Hi, all Recently I noticed a bug[1] in btrfs, after digged it into and I believe it'a race in vfs. Let's assume there's a inode (ie ino 261) with i_count 1 is called by iput(), and there's a concurrent thread calling generic_shutdown_super(). cpu0: cpu1: iput() // i_count is 1 ->spin_lock(inode) ->dec i_count to 0 ->iput_final() generic_shutdown_super() ->__inode_add_lru() ->evict_inodes() // cause some reason[2] ->if (atomic_read(inode->i_count)) continue; // return before // inode 261 passed the above check // list_lru_add_obj() // and then schedule out ->spin_unlock() // note here: the inode 261 // was still at sb list and hash list, // and I_FREEING|I_WILL_FREE was not been set btrfs_iget() // after some function calls ->find_inode() // found the above inode 261 ->spin_lock(inode) // check I_FREEING|I_WILL_FREE // and passed ->__iget() ->spin_unlock(inode) // schedule back ->spin_lock(inode) // check (I_NEW|I_FREEING|I_WILL_FREE) flags, // passed and set I_FREEING iput() ->spin_unlock(inode) ->spin_lock(inode) ->evict() // dec i_count to 0 ->iput_final() ->spin_unlock() ->evict() Now, we have two threads simultaneously evicting the same inode, which may trigger the BUG(inode->i_state & I_CLEAR) statement both within clear_inode() and iput(). To fix the bug, recheck the inode->i_count after holding i_lock. Because in the most scenarios, the first check is valid, and the overhead of spin_lock() can be reduced. If there is any misunderstanding, please let me know, thanks. [1]: https://lore.kernel.org/linux-btrfs/000000000000eabe1d0619c48986@google.com/ [2]: The reason might be 1. SB_ACTIVE was removed or 2. mapping_shrinkable() return false when I reproduced the bug. Reported-by: syzbot+67ba3c42bcbb4665d3ad@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=67ba3c42bcbb4665d3ad CC: stable@vger.kernel.org Fixes: 63997e98a3be ("split invalidate_inodes()") Signed-off-by: Julian Sun Link: https://lore.kernel.org/r/20240823130730.658881-1-sunjunchao2870@gmail.com Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 0fe340a98b584a31b07c664dc5ff0c923730581e Author: Christian Brauner Date: Fri Aug 23 14:47:38 2024 +0200 inode: port __I_NEW to var event Port the __I_NEW mechanism to use the new var event mechanism. Link: https://lore.kernel.org/r/20240823-work-i_state-v3-4-5cd5fd207a57@kernel.org Reviewed-by: Josef Bacik Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 532980cb1bff9b942c23fe94324dee560f5f57a5 Author: Christian Brauner Date: Fri Aug 23 14:47:37 2024 +0200 inode: port __I_SYNC to var event Port the __I_SYNC mechanism to use the new var event mechanism. Link: https://lore.kernel.org/r/20240823-work-i_state-v3-3-5cd5fd207a57@kernel.org Reviewed-by: Josef Bacik Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 2ed634c96ed1d6e4ee0497be176f9980866e81cb Author: Christian Brauner Date: Fri Aug 23 14:47:36 2024 +0200 fs: reorder i_state bits so that we can use the first bits to derive unique addresses from i_state. Link: https://lore.kernel.org/r/20240823-work-i_state-v3-2-5cd5fd207a57@kernel.org Reviewed-by: Josef Bacik Reviewed-by: Jeff Layton Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit da18ecbf0fb6fb73e6f9273e7aa15610f148ce17 Author: Christian Brauner Date: Fri Aug 23 14:47:35 2024 +0200 fs: add i_state helpers The i_state member is an unsigned long so that it can be used with the wait bit infrastructure which expects unsigned long. This wastes 4 bytes which we're unlikely to ever use. Switch to using the var event wait mechanism using the address of the bit. Thanks to Linus for the address idea. Link: https://lore.kernel.org/r/20240823-work-i_state-v3-1-5cd5fd207a57@kernel.org Reviewed-by: Josef Bacik Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 0ac3396ea4a2ab1c80ea560b4dd22f2a3c13a7e9 Author: Eric Biggers Date: Tue Aug 20 12:51:09 2024 -0700 MAINTAINERS: add the VFS git tree The VFS git tree is missing from MAINTAINERS. Add it. Signed-off-by: Eric Biggers Link: https://lore.kernel.org/r/20240820195109.38906-1-ebiggers@kernel.org Signed-off-by: Christian Brauner commit 71ff58ce3428b2471efae5b00594e892b285c97c Author: Christian Brauner Date: Thu Aug 22 11:30:58 2024 +0200 fs: s/__u32/u32/ for s_fsnotify_mask The underscore variants are for uapi whereas the non-underscore variants are for in-kernel consumers. Link: https://lore.kernel.org/r/20240822-anwerben-nutzung-1cd6c82a565f@brauner Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 029c3f27fe84c5fd29d49a99cc5176433bf12209 Author: Christian Brauner Date: Thu Aug 22 11:28:38 2024 +0200 fs: remove unused path_put_init() This helper has been unused for a while now. Link: https://lore.kernel.org/r/20240822-bewuchs-werktag-46672b3c0606@brauner Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 57510c58b5832c8cb36516cdba48543133f3ab85 Author: Mateusz Guzik Date: Tue Aug 13 16:36:26 2024 +0200 vfs: drop one lock trip in evict() Most commonly neither I_LRU_ISOLATING nor I_SYNC are set, but the stock kernel takes a back-to-back relock trip to check for them. It probably can be avoided altogether, but for now massage things back to just one lock acquire. Signed-off-by: Mateusz Guzik Link: https://lore.kernel.org/r/20240813143626.1573445-1-mjguzik@gmail.com Reviewed-by: Zhihao Cheng Reviewed-by: Jeff Layton Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 3a987b88a42593875f6345188ca33731c7df728c Author: Marc Aurèle La France Date: Sat Aug 10 13:25:27 2024 -0600 debugfs show actual source in /proc/mounts After its conversion to the new mount API, debugfs displays "none" in /proc/mounts instead of the actual source. Fix this by recognising its "source" mount option. Signed-off-by: Marc Aurèle La France Link: https://lore.kernel.org/r/e439fae2-01da-234b-75b9-2a7951671e27@tuyoix.net Fixes: a20971c18752 ("vfs: Convert debugfs to use the new mount API") Cc: stable@vger.kernel.org # 6.10.x: 49abee5991e1: debugfs: Convert to new uid/gid option parsing helpers Signed-off-by: Christian Brauner commit 1c48d441468c425e878d81c5c3e7ff8a9a594cc0 Author: Christian Brauner Date: Fri Aug 16 16:35:52 2024 +0200 inode: remove __I_DIO_WAKEUP Afaict, we can just rely on inode->i_dio_count for waiting instead of this awkward indirection through __I_DIO_WAKEUP. This survives LTP dio and xfstests dio tests. Link: https://lore.kernel.org/r/20240816-vfs-misc-dio-v1-1-80fe21a2c710@kernel.org Reviewed-by: Josef Bacik Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 3717bbcb5905e55153667d6a277b2c3545e83b38 Author: Hongbo Li Date: Fri Aug 16 14:36:11 2024 +0800 doc: correcting the idmapping mount example In step 2, we obtain the kernel id `k1000`. So in next step (step 3), we should translate the `k1000` not `k21000`. Signed-off-by: Hongbo Li Link: https://lore.kernel.org/r/20240816063611.1961910-1-lihongbo22@huawei.com Signed-off-by: Christian Brauner commit 1aeb6defd11f28cf5d474f0a00875323c0d143b3 Author: Hongbo Li Date: Fri Aug 16 14:38:49 2024 +0800 fs: Use in_group_or_capable() helper to simplify the code Since in_group_or_capable has been exported, we can use it to simplify the code when check group and capable. Signed-off-by: Hongbo Li Link: https://lore.kernel.org/r/20240816063849.1989856-1-lihongbo22@huawei.com Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit b381fbbccb4cb60aefa1ab7f8e3766ddb4a461db Author: Mateusz Guzik Date: Thu Aug 15 10:33:10 2024 +0200 vfs: elide smp_mb in iversion handling in the common case According to bpftrace on these routines most calls result in cmpxchg, which already provides the same guarantee. In inode_maybe_inc_iversion elision is possible because even if the wrong value was read due to now missing smp_mb fence, the issue is going to correct itself after cmpxchg. If it appears cmpxchg wont be issued, the fence + reload are there bringing back previous behavior. Signed-off-by: Mateusz Guzik Link: https://lore.kernel.org/r/20240815083310.3865-1-mjguzik@gmail.com Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 433f9d76a01056dfeaefc15167b11e514e56f956 Author: Ian Kent Date: Wed Aug 14 17:02:31 2024 +0800 autofs: add per dentry expire timeout Add ability to set per-dentry mount expire timeout to autofs. There are two fairly well known automounter map formats, the autofs format and the amd format (more or less System V and Berkley). Some time ago Linux autofs added an amd map format parser that implemented a fair amount of the amd functionality. This was done within the autofs infrastructure and some functionality wasn't implemented because it either didn't make sense or required extra kernel changes. The idea was to restrict changes to be within the existing autofs functionality as much as possible and leave changes with a wider scope to be considered later. One of these changes is implementing the amd options: 1) "unmount", expire this mount according to a timeout (same as the current autofs default). 2) "nounmount", don't expire this mount (same as setting the autofs timeout to 0 except only for this specific mount) . 3) "utimeout=", expire this mount using the specified timeout (again same as setting the autofs timeout but only for this mount). To implement these options per-dentry expire timeouts need to be implemented for autofs indirect mounts. This is because all map keys (mounts) for autofs indirect mounts use an expire timeout stored in the autofs mount super block info. structure and all indirect mounts use the same expire timeout. Now I have a request to add the "nounmount" option so I need to add the per-dentry expire handling to the kernel implementation to do this. The implementation uses the trailing path component to identify the mount (and is also used as the autofs map key) which is passed in the autofs_dev_ioctl structure path field. The expire timeout is passed in autofs_dev_ioctl timeout field (well, of the timeout union). If the passed in timeout is equal to -1 the per-dentry timeout and flag are cleared providing for the "unmount" option. If the timeout is greater than or equal to 0 the timeout is set to the value and the flag is also set. If the dentry timeout is 0 the dentry will not expire by timeout which enables the implementation of the "nounmount" option for the specific mount. When the dentry timeout is greater than zero it allows for the implementation of the "utimeout=" option. Signed-off-by: Ian Kent Link: https://lore.kernel.org/r/20240814090231.963520-1-raven@themaw.net Signed-off-by: Christian Brauner commit 122381a46954ad592ee93d7da2bef5074b396247 Author: Mateusz Guzik Date: Mon Jul 15 09:13:24 2024 +0200 vfs: use RCU in ilookup A soft lockup in ilookup was reported when stress-testing a 512-way system [1] (see [2] for full context) and it was verified that not taking the lock shifts issues back to mm. [1] https://lore.kernel.org/linux-mm/56865e57-c250-44da-9713-cf1404595bcc@amd.com/ [2] https://lore.kernel.org/linux-mm/d2841226-e27b-4d3d-a578-63587a3aa4f3@amd.com/ Signed-off-by: Mateusz Guzik Link: https://lore.kernel.org/r/20240715071324.265879-1-mjguzik@gmail.com Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 641bb4394f405cba498b100b44541ffc0aed5be1 Author: Christian Brauner Date: Fri Aug 9 12:38:56 2024 +0200 fs: move FMODE_UNSIGNED_OFFSET to fop_flags This is another flag that is statically set and doesn't need to use up an FMODE_* bit. Move it to ->fop_flags and free up another FMODE_* bit. (1) mem_open() used from proc_mem_operations (2) adi_open() used from adi_fops (3) drm_open_helper(): (3.1) accel_open() used from DRM_ACCEL_FOPS (3.2) drm_open() used from (3.2.1) amdgpu_driver_kms_fops (3.2.2) psb_gem_fops (3.2.3) i915_driver_fops (3.2.4) nouveau_driver_fops (3.2.5) panthor_drm_driver_fops (3.2.6) radeon_driver_kms_fops (3.2.7) tegra_drm_fops (3.2.8) vmwgfx_driver_fops (3.2.9) xe_driver_fops (3.2.10) DRM_GEM_FOPS (3.2.11) DEFINE_DRM_GEM_DMA_FOPS (4) struct memdev sets fmode flags based on type of device opened. For devices using struct mem_fops unsigned offset is used. Mark all these file operations as FOP_UNSIGNED_OFFSET and add asserts into the open helper to ensure that the flag is always set. Link: https://lore.kernel.org/r/20240809-work-fop_unsigned-v1-1-658e054d893e@kernel.org Reviewed-by: Jeff Layton Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 8447d848e1dc6d42d1dcd00f133d7715fc732c47 Author: Mateusz Guzik Date: Sat Aug 10 08:47:53 2024 +0200 vfs: only read fops once in fops_get/put In do_dentry_open() the usage is: f->f_op = fops_get(inode->i_fop); In generated asm the compiler emits 2 reads from inode->i_fop instead of just one. This popped up due to false-sharing where loads from that offset end up bouncing a cacheline during parallel open. While this is going to be fixed, the spurious load does not need to be there. This makes do_dentry_open() go down from 1177 to 1154 bytes. fops_put() is patched to maintain some consistency. No functional changes. Reviewed-by: Josef Bacik Signed-off-by: Mateusz Guzik Link: https://lore.kernel.org/r/20240810064753.1211441-1-mjguzik@gmail.com Signed-off-by: Christian Brauner commit 193b72792fdba54aa2af6c3ad72ce16c3f06b4f7 Author: Thorsten Blum Date: Thu Aug 8 17:00:24 2024 +0200 fs/select: Annotate struct poll_list with __counted_by() Add the __counted_by compiler attribute to the flexible array member entries to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Signed-off-by: Thorsten Blum Link: https://lore.kernel.org/r/20240808150023.72578-2-thorsten.blum@toblux.com Reviewed-by: Gustavo A. R. Silva Signed-off-by: Christian Brauner commit 0f93bb54a3a502077bca4d7beb1fe2a90d3b59db Author: Christian Brauner Date: Thu Aug 8 11:16:42 2024 +0200 fs: rearrange general fastpath check now that O_CREAT uses it If we find a positive dentry we can now simply try and open it. All prelimiary checks are already done with or without O_CREAT. Signed-off-by: Christian Brauner commit d459c52ab378cdcd53c57ddcbfd5af648b20a150 Author: Christian Brauner Date: Thu Aug 8 11:15:41 2024 +0200 fs: remove audit dummy context check Now that we audit later during lookup_open() we can remove the audit dummy context check. This simplifies things a lot. Signed-off-by: Christian Brauner commit 4770d96a6d89c7dd5675056629c0008f7f8106bf Author: Christian Brauner Date: Thu Aug 8 11:12:50 2024 +0200 fs: pull up trailing slashes check for O_CREAT Perform the check for trailing slashes right in the fastpath check and don't bother with any additional work. Signed-off-by: Christian Brauner commit c65d41c5a5279738fc07f99c0e912b28a691c46f Author: Christian Brauner Date: Thu Aug 8 10:16:42 2024 +0200 fs: move audit parent inode During O_CREAT we unconditionally audit the parent inode. This makes it difficult to support a fastpath for O_CREAT when the file already exists because we have to drop out of RCU lookup needlessly. We worked around this by checking whether audit was actually active but that's also suboptimal. Instead, move the audit of the parent inode down into lookup_open() at a point where it's mostly certain that the file needs to be created. This also reduced the inconsistency that currently exists: while audit on the parent is done independent of whether or no the file already existed an audit on the file is only performed if it has been created. By moving the audit down a bit we emit the audit a little later but it will allow us to simplify the fastpath for O_CREAT significantly. Signed-off-by: Christian Brauner commit e747e15156b79efeea0ad056df8de14b93d318c2 Author: Jeff Layton Date: Wed Aug 7 08:10:27 2024 -0400 fs: try an opportunistic lookup for O_CREAT opens too Today, when opening a file we'll typically do a fast lookup, but if O_CREAT is set, the kernel always takes the exclusive inode lock. I assume this was done with the expectation that O_CREAT means that we always expect to do the create, but that's often not the case. Many programs set O_CREAT even in scenarios where the file already exists. This patch rearranges the pathwalk-for-open code to also attempt a fast_lookup in certain O_CREAT cases. If a positive dentry is found, the inode_lock can be avoided altogether, and if auditing isn't enabled, it can stay in rcuwalk mode for the last step_into. One notable exception that is hopefully temporary: if we're doing an rcuwalk and auditing is enabled, skip the lookup_fast. Legitimizing the dentry in that case is more expensive than taking the i_rwsem for now. Signed-off-by: Jeff Layton Link: https://lore.kernel.org/r/20240807-openfast-v3-1-040d132d2559@kernel.org Reviewed-by: Jan Kara Reviewed-by: Josef Bacik Signed-off-by: Christian Brauner commit b9ca079dd6b09e08863aa998edf5c47597806c05 Author: Martin Karsten Date: Tue Aug 6 12:33:01 2024 +0000 eventpoll: Annotate data-race of busy_poll_usecs A struct eventpoll's busy_poll_usecs field can be modified via a user ioctl at any time. All reads of this field should be annotated with READ_ONCE. Fixes: 85455c795c07 ("eventpoll: support busy poll per epoll instance") Cc: stable@vger.kernel.org Signed-off-by: Martin Karsten Link: https://lore.kernel.org/r/20240806123301.167557-1-jdamato@fastly.com Reviewed-by: Joe Damato Signed-off-by: Christian Brauner commit 4f98f380f4662829e394c840062ea677956b57ec Author: Joe Damato Date: Wed Aug 7 10:52:31 2024 +0000 eventpoll: Don't re-zero eventpoll fields Remove redundant and unnecessary code. ep_alloc uses kzalloc to create struct eventpoll, so there is no need to set fields to defaults of 0. This was accidentally introduced in commit 85455c795c07 ("eventpoll: support busy poll per epoll instance") and expanded on in follow-up commits. Signed-off-by: Joe Damato Link: https://lore.kernel.org/r/20240807105231.179158-1-jdamato@fastly.com Reviewed-by: Martin Karsten Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 28c7658b2c4a21223c194084a59d712765e8112d Author: Xiaxi Shen Date: Wed Aug 7 00:05:36 2024 -0700 Fix spelling and gramatical errors Fixed 3 typos in design.rst Signed-off-by: Xiaxi Shen Link: https://lore.kernel.org/r/20240807070536.14536-1-shenxiaxi26@gmail.com Reviewed-by: Carlos Maiolino Reviewed-by: Darrick J. Wong Signed-off-by: Christian Brauner commit 087adb4f0f91ee330446a70af899e6a996e5cc13 Author: Mateusz Guzik Date: Tue Aug 6 19:28:46 2024 +0200 vfs: dodge smp_mb in break_lease and break_deleg in the common case These inlines show up in the fast path (e.g., in do_dentry_open()) and induce said full barrier regarding i_flctx access when in most cases the pointer is NULL. The pointer can be safely checked before issuing the barrier, dodging it in most cases as a result. It is plausible the consume fence would be sufficient, but I don't want to go audit all callers regarding what they before calling here. Signed-off-by: Mateusz Guzik Link: https://lore.kernel.org/r/20240806172846.886570-1-mjguzik@gmail.com Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 215ab0d8af59cfc394fa83a702f0af21a5e126c7 Author: Joel Savitz Date: Fri Aug 2 22:54:55 2024 -0400 file: remove outdated comment after close_fd() Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: linux-fsdevel@vger.kernel.org The comment on EXPORT_SYMBOL(close_fd) was added in commit 2ca2a09d6215 ("fs: add ksys_close() wrapper; remove in-kernel calls to sys_close()"), before commit 8760c909f54a ("file: Rename __close_fd to close_fd and remove the files parameter") gave the function its current name, however commit 1572bfdf21d4 ("file: Replace ksys_close with close_fd") removes the referenced caller entirely, obsoleting this comment. Signed-off-by: Joel Savitz Link: https://lore.kernel.org/r/20240803025455.239276-1-jsavitz@redhat.com Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit c5ae8e5e5a34963513bf973e77dd15da7333054e Author: Yuesong Li Date: Tue Aug 6 11:47:10 2024 +0800 fs/namespace.c: Fix typo in comment replace 'permanetly' with 'permanently' in the comment & replace 'propogated' with 'propagated' in the comment Signed-off-by: Yuesong Li Link: https://lore.kernel.org/r/20240806034710.2807788-1-liyuesong@vivo.com Signed-off-by: Christian Brauner commit 0d196e7589cefe207d5d41f37a0a28a1fdeeb7c6 Author: Mateusz Guzik Date: Mon Aug 5 15:17:21 2024 +0200 exec: don't WARN for racy path_noexec check Both i_mode and noexec checks wrapped in WARN_ON stem from an artifact of the previous implementation. They used to legitimately check for the condition, but that got moved up in two commits: 633fb6ac3980 ("exec: move S_ISREG() check earlier") 0fd338b2d2cd ("exec: move path_noexec() check earlier") Instead of being removed said checks are WARN_ON'ed instead, which has some debug value. However, the spurious path_noexec check is racy, resulting in unwarranted warnings should someone race with setting the noexec flag. One can note there is more to perm-checking whether execve is allowed and none of the conditions are guaranteed to still hold after they were tested for. Additionally this does not validate whether the code path did any perm checking to begin with -- it will pass if the inode happens to be regular. Keep the redundant path_noexec() check even though it's mindless nonsense checking for guarantee that isn't given so drop the WARN. Reword the commentary and do small tidy ups while here. Signed-off-by: Mateusz Guzik Link: https://lore.kernel.org/r/20240805131721.765484-1-mjguzik@gmail.com [brauner: keep redundant path_noexec() check] Signed-off-by: Christian Brauner commit 46460c1d42e823842db8b529156069187d566c83 Author: Jeff Layton Date: Fri Aug 2 17:45:03 2024 -0400 fs: add a kerneldoc header over lookup_fast The lookup_fast helper in fs/namei.c has some subtlety in how dentries are returned. Document them. Signed-off-by: Jeff Layton Link: https://lore.kernel.org/r/20240802-openfast-v1-2-a1cff2a33063@kernel.org Signed-off-by: Christian Brauner commit 45fab40d34650fad9ddbaeaed1a89997d7736ea0 Author: Jeff Layton Date: Fri Aug 2 17:45:02 2024 -0400 fs: remove comment about d_rcu_to_refcount This function no longer exists. Signed-off-by: Jeff Layton Link: https://lore.kernel.org/r/20240802-openfast-v1-1-a1cff2a33063@kernel.org Signed-off-by: Christian Brauner commit 2e91f69afa7eb4e0bbff2254bb4cc8f97b76c009 Author: Yue Haibing Date: Sat Aug 3 19:50:00 2024 +0800 fs: mounts: Remove unused declaration mnt_cursor_del() Commit 2eea9ce4310d ("mounts: keep list of mounts in an rbtree") removed the implementation but leave declaration. Signed-off-by: Yue Haibing Link: https://lore.kernel.org/r/20240803115000.589872-1-yuehaibing@huawei.com Signed-off-by: Christian Brauner commit d80b065bb1721f88be705ca1dfc69ec1c685925e Merge: 41e8149c8892ed cf71eaa1ad18d6 Author: Christian Brauner Date: Fri Aug 30 08:20:33 2024 +0200 Merge patch series "proc: restrict overmounting of ephemeral entities" Christian Brauner says: It is currently possible to mount on top of various ephemeral entities in procfs. This specifically includes magic links. To recap, magic links are links of the form /proc//fd/. They serve as references to a target file and during path lookup they cause a jump to the target path. Such magic links disappear if the corresponding file descriptor is closed. Currently it is possible to overmount such magic links: int fd = open("/mnt/foo", O_RDONLY); sprintf(path, "/proc/%d/fd/%d", getpid(), fd); int fd2 = openat(AT_FDCWD, path, O_PATH | O_NOFOLLOW); mount("/mnt/bar", path, "", MS_BIND, 0); Arguably, this is nonsensical and is mostly interesting for an attacker that wants to somehow trick a process into e.g., reopening something that they didn't intend to reopen or to hide a malicious file descriptor. But also it risks leaking mounts for long-running processes. When overmounting a magic link like above, the mount will not be detached when the file descriptor is closed. Only the target mountpoint will disappear. Which has the consequence of making it impossible to unmount that mount afterwards. So the mount will stick around until the process exits and the /proc// directory is cleaned up during proc_flush_pid() when the dentries are pruned and invalidated. That in turn means it's possible for a program to accidentally leak mounts and it's also possible to make a task leak mounts without it's knowledge if the attacker just keeps overmounting things under /proc//fd/. I think it's wrong to try and fix this by us starting to play games with close() or somewhere else to undo these mounts when the file descriptor is closed. The fact that we allow overmounting of such magic links is simply a bug and one that we need to fix. Similar things can be said about entries under fdinfo/ and map_files/ so those are restricted as well. I have a further more aggressive patch that gets out the big hammer and makes everything under /proc//*, as well as immediate symlinks such as /proc/self, /proc/thread-self, /proc/mounts, /proc/net that point into /proc// not overmountable. Imho, all of this should be blocked if we can get away with it. It's only useful to hide exploits such as in [1]. And again, overmounting of any global procfs files remains unaffected and is an existing and supported use-case. Link: https://righteousit.com/2024/07/24/hiding-linux-processes-with-bind-mounts [1] // Note that repro uses the traditional way of just mounting over // /proc//fd/. This could also all be achieved just based on // file descriptors using move_mount(). So /proc//fd/ isn't the // only entry vector here. It's also possible to e.g., mount directly // onto /proc//map_files/* without going over /proc//fd/. int main(int argc, char *argv[]) { char path[PATH_MAX]; creat("/mnt/foo", 0777); creat("/mnt/bar", 0777); /* * For illustration use a bunch of file descriptors in the upper * range that are unused. */ for (int i = 10000; i >= 256; i--) { printf("I'm: /proc/%d/\n", getpid()); int fd2 = open("/mnt/foo", O_RDONLY); if (fd2 < 0) { printf("%m - Failed to open\n"); _exit(1); } int newfd = dup2(fd2, i); if (newfd < 0) { printf("%m - Failed to dup\n"); _exit(1); } close(fd2); sprintf(path, "/proc/%d/fd/%d", getpid(), newfd); int fd = openat(AT_FDCWD, path, O_PATH | O_NOFOLLOW); if (fd < 0) { printf("%m - Failed to open\n"); _exit(3); } sprintf(path, "/proc/%d/fd/%d", getpid(), fd); printf("Mounting on top of %s\n", path); if (mount("/mnt/bar", path, "", MS_BIND, 0)) { printf("%m - Failed to mount\n"); _exit(4); } close(newfd); close(fd2); } /* * Give some time to look at things. The mounts now linger until * the process exits. */ sleep(10000); _exit(0); } * patches from https://lore.kernel.org/r/20240806-work-procfs-v1-0-fb04e1d09f0c@kernel.org: proc: block mounting on top of /proc//fdinfo/* proc: block mounting on top of /proc//fd/* proc: block mounting on top of /proc//map_files/* proc: add proc_splice_unmountable() proc: proc_readfdinfo() -> proc_fdinfo_iterate() proc: proc_readfd() -> proc_fd_iterate() Link: https://lore.kernel.org/r/20240806-work-procfs-v1-0-fb04e1d09f0c@kernel.org Signed-off-by: Christian Brauner commit cf71eaa1ad18d6f6e130cda708300b587176f16f Author: Christian Brauner Date: Tue Aug 6 18:02:32 2024 +0200 proc: block mounting on top of /proc//fdinfo/* Entries under /proc//fdinfo/* are ephemeral and may go away before the process dies. As such allowing them to be used as mount points creates the ability to leak mounts that linger until the process dies with no ability to unmount them until then. Don't allow using them as mountpoints. Link: https://lore.kernel.org/r/20240806-work-procfs-v1-6-fb04e1d09f0c@kernel.org Reviewed-by: Josef Bacik Signed-off-by: Christian Brauner commit 74ce208089f468db26eddcc5ea58e50f5bbbc291 Author: Christian Brauner Date: Tue Aug 6 18:02:31 2024 +0200 proc: block mounting on top of /proc//fd/* Entries under /proc//fd/* are ephemeral and may go away before the process dies. As such allowing them to be used as mount points creates the ability to leak mounts that linger until the process dies with no ability to unmount them until then. Don't allow using them as mountpoints. Link: https://lore.kernel.org/r/20240806-work-procfs-v1-5-fb04e1d09f0c@kernel.org Reviewed-by: Josef Bacik Signed-off-by: Christian Brauner commit 3836b31c3e717fcaa2b63c69e4bcf8ff7b82e6e4 Author: Christian Brauner Date: Tue Aug 6 18:02:30 2024 +0200 proc: block mounting on top of /proc//map_files/* Entries under /proc//map_files/* are ephemeral and may go away before the process dies. As such allowing them to be used as mount points creates the ability to leak mounts that linger until the process dies with no ability to unmount them until then. Don't allow using them as mountpoints. Link: https://lore.kernel.org/r/20240806-work-procfs-v1-4-fb04e1d09f0c@kernel.org Reviewed-by: Josef Bacik Signed-off-by: Christian Brauner commit 32a0a965b8a5b7b505babae2ee10c513ede376d8 Author: Christian Brauner Date: Tue Aug 6 18:02:29 2024 +0200 proc: add proc_splice_unmountable() Add a tiny procfs helper to splice a dentry that cannot be mounted upon. Link: https://lore.kernel.org/r/20240806-work-procfs-v1-3-fb04e1d09f0c@kernel.org Reviewed-by: Josef Bacik Signed-off-by: Christian Brauner commit 55d4860db2a0ae54367401aa09b8fad38f237bfa Author: Christian Brauner Date: Tue Aug 6 18:02:28 2024 +0200 proc: proc_readfdinfo() -> proc_fdinfo_iterate() Give the method to iterate through the fdinfo directory a better name. Link: https://lore.kernel.org/r/20240806-work-procfs-v1-2-fb04e1d09f0c@kernel.org Reviewed-by: Josef Bacik Signed-off-by: Christian Brauner commit b69181b871d9fbf8816f03090ef7076cfe1af2c7 Author: Christian Brauner Date: Tue Aug 6 18:02:27 2024 +0200 proc: proc_readfd() -> proc_fd_iterate() Give the method to iterate through the fd directory a better name. Link: https://lore.kernel.org/r/20240806-work-procfs-v1-1-fb04e1d09f0c@kernel.org Reviewed-by: Josef Bacik Signed-off-by: Christian Brauner commit 41e8149c8892ed1962bd15350b3c3e6e90cba7f4 Author: Adrian Ratiu Date: Fri Aug 2 11:02:25 2024 +0300 proc: add config & param to block forcing mem writes This adds a Kconfig option and boot param to allow removing the FOLL_FORCE flag from /proc/pid/mem write calls because it can be abused. The traditional forcing behavior is kept as default because it can break GDB and some other use cases. Previously we tried a more sophisticated approach allowing distributions to fine-tune /proc/pid/mem behavior, however that got NAK-ed by Linus [1], who prefers this simpler approach with semantics also easier to understand for users. Link: https://lore.kernel.org/lkml/CAHk-=wiGWLChxYmUA5HrT5aopZrB7_2VTa0NLZcxORgkUe5tEQ@mail.gmail.com/ [1] Cc: Doug Anderson Cc: Jeff Xu Cc: Jann Horn Cc: Kees Cook Cc: Ard Biesheuvel Cc: Christian Brauner Suggested-by: Linus Torvalds Signed-off-by: Linus Torvalds Signed-off-by: Adrian Ratiu Link: https://lore.kernel.org/r/20240802080225.89408-1-adrian.ratiu@collabora.com Signed-off-by: Christian Brauner commit 6d0ebb3904853d18eeec7af5e8b4ca351b6f9025 Merge: 8bdb468dd7a5d1 b5d4657e192ba7 Author: Dave Airlie Date: Fri Aug 30 13:41:26 2024 +1000 Merge tag 'drm-intel-next-2024-08-29' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-next Cross-driver (xe-core) Changes: - Require BMG scanout buffers to be 64k physically aligned (Maarten) Core (drm) Changes: - Introducing Xe2 ccs modifiers for integrated and discrete graphics (Juha-Pekka) Driver Changes: - General cleanup and more work moving towards intel_display isolation (Jani) - New display workaround (Suraj) - Use correct cp_irq_count on HDCP (Suraj) - eDP PSR fix when CRC is enabled (Jouni) - Fix DP MST state after a sink reset (Imre) - Fix Arrow Lake GSC firmware version (John) - Use chained DSBs for LUT programming (Ville) Signed-off-by: Dave Airlie From: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/ZtCC0lJ0Zf3MoSdW@intel.com commit 8bdb468dd7a5d17f8556afdd4c8d046939ff965f Merge: 4f7d8da5e349c1 3adcf970dc7ec0 Author: Dave Airlie Date: Fri Aug 30 13:41:05 2024 +1000 Merge tag 'drm-xe-next-2024-08-28' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-next UAPI Changes: - Fix OA format masks which were breaking build with gcc-5 Cross-subsystem Changes: Driver Changes: - Use dma_fence_chain_free in chain fence unused as a sync (Matthew Brost) - Refactor hw engine lookup and mmio access to be used in more places (Dominik, Matt Auld, Mika Kuoppala) - Enable priority mem read for Xe2 and later (Pallavi Mishra) - Fix PL1 disable flow in xe_hwmon_power_max_write (Karthik) - Fix refcount and speedup devcoredump (Matthew Brost) - Add performance tuning changes to Xe2 (Akshata, Shekhar) - Fix OA sysfs entry (Ashutosh) - Add first GuC firmware support for BMG (Julia) - Bump minimum GuC firmware for platforms under force_probe to match LNL and BMG (Julia) - Fix access check on user fence creation (Nirmoy) - Add/document workarounds for Xe2 (Julia, Daniele, John, Tejas) - Document workaround and use proper WA infra (Matt Roper) - Fix VF configuration on media GT (Michal Wajdeczko) - Fix VM dma-resv lock (Matthew Brost) - Allow suspend/resume exec queue backend op to be called multiple times (Matthew Brost) - Add GT stats to debugfs (Nirmoy) - Add hwconfig to debugfs (Matt Roper) - Compile out all debugfs code with ONFIG_DEUBG_FS=n (Lucas) - Remove dead kunit code (Jani Nikula) - Refactor drvdata storing to help display (Jani Nikula) - Cleanup unsused xe parameter in pte handling (Himal) - Rename s/enable_display/probe_display/ for clarity (Lucas) - Fix missing MCR annotation in couple of registers (Tejas) - Fix DGFX display suspend/resume (Maarten) - Prepare exec_queue_kill for PXP handling (Daniele) - Fix devm/drmm issues (Daniele, Matthew Brost) - Fix tile and ggtt fini sequences (Matthew Brost) - Fix crashes when probing without firmware in place (Daniele, Matthew Brost) - Use xe_managed for kernel BOs (Daniele, Matthew Brost) - Future-proof dss_per_group calculation by using hwconfig (Matt Roper) - Use reserved copy engine for user binds on faulting devices (Matthew Brost) - Allow mixing dma-fence jobs and long-running faulting jobs (Francois) - Cleanup redundant arg when creating use BO (Nirmoy) - Prevent UAF around preempt fence (Auld) - Fix display suspend/resume (Maarten) - Use vma_pages() helper (Thorsten) - Calculate pagefault queue size (Stuart, Matthew Auld) - Fix missing pagefault wq destroy (Stuart) - Fix lifetime handling of HW fence ctx (Matthew Brost) - Fix order destroy order for jobs (Matthew Brost) - Fix TLB invalidation for media GT (Matthew Brost) - Document GGTT (Rodrigo Vivi) - Refactor GGTT layering and fix runtime outer protection (Rodrigo Vivi) - Handle HPD polling on display pm runtime suspend/resume (Imre, Vinod) - Drop unrequired NULL checks (Apoorva, Himal) - Use separate rpm lockdep map for non-d3cold-capable devices (Thomas Hellström) - Support "nomodeset" kernel command-line option (Thomas Zimmermann) - Drop force_probe requirement for LNL and BMG (Lucas, Balasubramani) Signed-off-by: Dave Airlie From: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/wd42jsh4i3q5zlrmi2cljejohdsrqc6hvtxf76lbxsp3ibrgmz@y54fa7wwxgsd commit 4f7d8da5e349c1126cdfcdd2ceede00382ad2ceb Merge: e55ef65510a401 84addde447fd9d Author: Dave Airlie Date: Fri Aug 30 11:53:54 2024 +1000 Merge tag 'drm-misc-next-2024-08-29' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-next drm-misc-next for v6.12: UAPI Changes: devfs: - support device numbers up to MINORBITS limit Core Changes: ci: - increase job timeout devfs: - use XArray for minor ids displayport: - mst: GUID improvements docs: - add fixes and cleanups panic: - optionally display QR code Driver Changes: amdgpu: - faster vblank disabling - GUID improvements gm12u320 - convert to struct drm_edid host1x: - fix syncpoint IRQ during resume - use iommu_paging_domain_alloc() imx: - ipuv3: convert to struct drm_edid omapdrm: - improve error handling panel: - add support for BOE TV101WUM-LL2 plus DT bindings - novatek-nt35950: improve error handling - nv3051d: improve error handling - panel-edp: add support for BOE NE140WUM-N6G; revert support for SDC ATNA45AF01 - visionox-vtdr6130: improve error handling; use devm_regulator_bulk_get_const() renesas: - rz-du: add support for RZ/G2UL plus DT bindings sti: - convert to struct drm_edid tegra: - gr3d: improve PM domain handling - convert to struct drm_edid Signed-off-by: Dave Airlie From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240829144654.GA145538@linux.fritz.box commit 1876dd69dfe8c29e249070b0e4dc941fc15ac1e4 Author: Sean Christopherson Date: Fri Aug 2 12:51:20 2024 -0700 KVM: x86: Add fastpath handling of HLT VM-Exits Add a fastpath for HLT VM-Exits by immediately re-entering the guest if it has a pending wake event. When virtual interrupt delivery is enabled, i.e. when KVM doesn't need to manually inject interrupts, this allows KVM to stay in the fastpath run loop when a vIRQ arrives between the guest doing CLI and STI;HLT. Without AMD's Idle HLT-intercept support, the CPU generates a HLT VM-Exit even though KVM will immediately resume the guest. Note, on bare metal, it's relatively uncommon for a modern guest kernel to actually trigger this scenario, as the window between the guest checking for a wake event and committing to HLT is quite small. But in a nested environment, the timings change significantly, e.g. rudimentary testing showed that ~50% of HLT exits where HLT-polling was successful would be serviced by this fastpath, i.e. ~50% of the time that a nested vCPU gets a wake event before KVM schedules out the vCPU, the wake event was pending even before the VM-Exit. Link: https://lore.kernel.org/all/20240528041926.3989-3-manali.shukla@amd.com Link: https://lore.kernel.org/r/20240802195120.325560-6-seanjc@google.com Signed-off-by: Sean Christopherson commit 70cdd2385106a91675ee0ba58facde0254597416 Author: Sean Christopherson Date: Fri Aug 2 12:51:19 2024 -0700 KVM: x86: Reorganize code in x86.c to co-locate vCPU blocking/running helpers Shuffle code around in x86.c so that the various helpers related to vCPU blocking/running logic are (a) located near each other and (b) ordered so that HLT emulation can use kvm_vcpu_has_events() in a future path. No functional change intended. Link: https://lore.kernel.org/r/20240802195120.325560-5-seanjc@google.com Signed-off-by: Sean Christopherson commit f7f39c50edb9d336274371953275e0d3503b9b75 Author: Sean Christopherson Date: Fri Aug 2 12:51:18 2024 -0700 KVM: x86: Exit to userspace if fastpath triggers one on instruction skip Exit to userspace if a fastpath handler triggers such an exit, which can happen when skipping the instruction, e.g. due to userspace single-stepping the guest via KVM_GUESTDBG_SINGLESTEP or because of an emulation failure. Fixes: 404d5d7bff0d ("KVM: X86: Introduce more exit_fastpath_completion enum values") Link: https://lore.kernel.org/r/20240802195120.325560-4-seanjc@google.com Signed-off-by: Sean Christopherson commit ea60229af7fbdcdd06d798f8340a7a9b40770c53 Author: Sean Christopherson Date: Fri Aug 2 12:51:17 2024 -0700 KVM: x86: Dedup fastpath MSR post-handling logic Now that the WRMSR fastpath for x2APIC_ICR and TSC_DEADLINE are identical, ignoring the backend MSR handling, consolidate the common bits of skipping the instruction and setting the return value. No functional change intended. Link: https://lore.kernel.org/r/20240802195120.325560-3-seanjc@google.com Signed-off-by: Sean Christopherson commit 0dd45f2cd8ccf150c6fe7a528e9a5282026ed30c Author: Sean Christopherson Date: Fri Aug 2 12:51:16 2024 -0700 KVM: x86: Re-enter guest if WRMSR(X2APIC_ICR) fastpath is successful Re-enter the guest in the fastpath if WRMSR emulation for x2APIC's ICR is successful, as no additional work is needed, i.e. there is no code unique for WRMSR exits between the fastpath and the "!= EXIT_FASTPATH_NONE" check in __vmx_handle_exit(). Link: https://lore.kernel.org/r/20240802195120.325560-2-seanjc@google.com Signed-off-by: Sean Christopherson commit 9d15171f39f0996fcfaec1788d3522eb581af347 Author: Sean Christopherson Date: Wed Aug 28 14:58:00 2024 -0700 KVM: selftests: Explicitly include committed one-off assets in .gitignore Add KVM selftests' one-off assets, e.g. the Makefile, to the .gitignore so that they are explicitly included. The justification for omitting the one-offs was that including them wouldn't help prevent mistakes: Deliberately do not include the one-off assets, e.g. config, settings, .gitignore itself, etc as Git doesn't ignore files that are already in the repository. Adding the one-off assets won't prevent mistakes where developers forget to --force add files that don't match the "allowed". Turns out that's not the case, as W=1 will generate warnings, and the amazing-as-always kernel test bot reports new warnings: tools/testing/selftests/kvm/.gitignore: warning: ignored by one of the .gitignore files tools/testing/selftests/kvm/Makefile: warning: ignored by one of the .gitignore files >> tools/testing/selftests/kvm/Makefile.kvm: warning: ignored by one of the .gitignore files tools/testing/selftests/kvm/config: warning: ignored by one of the .gitignore files tools/testing/selftests/kvm/settings: warning: ignored by one of the .gitignore files Fixes: 43e96957e8b8 ("KVM: selftests: Use pattern matching in .gitignore") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408211818.85zIkDEK-lkp@intel.com Link: https://lore.kernel.org/r/20240828215800.737042-1-seanjc@google.com Signed-off-by: Sean Christopherson commit e027ba1b83ad017a56c108eea2f42eb9f8ae5204 Author: Sean Christopherson Date: Wed Aug 28 11:14:46 2024 -0700 KVM: Clean up coalesced MMIO ring full check Fold coalesced_mmio_has_room() into its sole caller, coalesced_mmio_write(), as it's really just a single line of code, has a goofy return value, and is unnecessarily brittle. E.g. if coalesced_mmio_has_room() were to check ring->last directly, or the caller failed to use READ_ONCE(), KVM would be susceptible to TOCTOU attacks from userspace. Opportunistically add a comment explaining why on earth KVM leaves one entry free, which may not be obvious to readers that aren't familiar with ring buffers. No functional change intended. Reviewed-by: Ilias Stamatis Cc: Paul Durrant Link: https://lore.kernel.org/r/20240828181446.652474-3-seanjc@google.com Signed-off-by: Sean Christopherson commit 215b3cb7a84f8d97b81fe8536cec05a11496da51 Author: Sean Christopherson Date: Wed Aug 28 11:14:45 2024 -0700 KVM: selftests: Add a test for coalesced MMIO (and PIO on x86) Add a test to verify that KVM correctly exits (or not) when a vCPU's coalesced I/O ring is full (or isn't). Iterate over all legal starting points in the ring (with an empty ring), and verify that KVM doesn't exit until the ring is full. Opportunistically verify that KVM exits immediately on non-coalesced I/O, either because the MMIO/PIO region was never registered, or because a previous region was unregistered. This is a regression test for a KVM bug where KVM would prematurely exit due to bad math resulting in a false positive if the first entry in the ring was before the halfway mark. See commit 92f6d4130497 ("KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit"). Enable the test for x86, arm64, and risc-v, i.e. all architectures except s390, which doesn't have MMIO. On x86, which has both MMIO and PIO, interleave MMIO and PIO into the same ring, as KVM shouldn't exit until a non-coalesced I/O is encountered, regardless of whether the ring is filled with MMIO, PIO, or both. Lastly, wrap the coalesced I/O ring in a structure to prepare for a potential future where KVM supports multiple ring buffers beyond KVM's "default" built-in buffer. Link: https://lore.kernel.org/all/20240820133333.1724191-1-ilstam@amazon.com Cc: Ilias Stamatis Cc: Marc Zyngier Cc: Oliver Upton Cc: Anup Patel Link: https://lore.kernel.org/r/20240828181446.652474-2-seanjc@google.com Signed-off-by: Sean Christopherson commit 2f6fcfa1f4264c1f035ddd092ebd046499f7cbea Author: Peter Gonda Date: Tue Jul 9 11:29:36 2024 -0700 KVM: selftests: Add SEV-ES shutdown test Regression test for ae20eef5 ("KVM: SVM: Update SEV-ES shutdown intercepts with more metadata"). Test confirms userspace is correctly indicated of a guest shutdown not previous behavior of an EINVAL from KVM_RUN. Cc: Paolo Bonzini Cc: Sean Christopherson Cc: Alper Gun Cc: Tom Lendacky Cc: Michael Roth Cc: kvm@vger.kernel.org Cc: linux-kselftest@vger.kernel.org Signed-off-by: Peter Gonda Tested-by: Pratik R. Sampat Link: https://lore.kernel.org/r/20240709182936.146487-1-pgonda@google.com [sean: clobber IDT to ensure #UD leads to SHUTDOWN] Signed-off-by: Sean Christopherson commit 32071fa355e73495e509a28511a81b4baab51ff6 Author: Sean Christopherson Date: Fri Aug 2 13:45:11 2024 -0700 KVM: SVM: Track the per-CPU host save area as a VMCB pointer The host save area is a VMCB, track it as such to help readers follow along, but mostly to cleanup/simplify the retrieval of the SEV-ES host save area. Note, the compile-time assertion that offsetof(struct vmcb, save) == EXPECTED_VMCB_CONTROL_AREA_SIZE ensures that the SEV-ES save area is indeed at offset 0x400 (whoever added the expected/architectural VMCB offsets apparently likes decimal). No functional change intended. Link: https://lore.kernel.org/r/20240802204511.352017-4-seanjc@google.com Signed-off-by: Sean Christopherson commit 1b5ef14dc656a25280d56795b73cf90dad64ad44 Author: Sean Christopherson Date: Fri Aug 2 13:45:10 2024 -0700 KVM: SVM: Add host SEV-ES save area structure into VMCB via a union Incorporate the _host_ SEV-ES save area into the VMCB as a union with the legacy save area. The SEV-ES variant used to save/load host state is larger than the legacy save area, but resides at the same offset. Prefix the field with "host" to make it as obvious as possible that the SEV-ES variant in the VMCB is only ever used for host state. Guest state for SEV-ES VMs is stored in a completely separate page (VMSA), albeit with the same layout as the host state. Add a compile-time assert to ensure the VMCB layout is correct, i.e. that KVM's layout matches the architectural definitions. No functional change intended. Link: https://lore.kernel.org/r/20240802204511.352017-3-seanjc@google.com Signed-off-by: Sean Christopherson commit 48547fe75ea7d5bf1ff9425a0a5d4d32b3a77777 Author: Sean Christopherson Date: Fri Aug 2 13:45:09 2024 -0700 KVM: SVM: Add a helper to convert a SME-aware PA back to a struct page Add __sme_pa_to_page() to pair with __sme_page_pa() and use it to replace open coded equivalents, including for "iopm_base", which previously avoided having to do __sme_clr() by storing the raw PA in the global variable. Opportunistically convert __sme_page_pa() to a helper to provide type safety. No functional change intended. Link: https://lore.kernel.org/r/20240802204511.352017-2-seanjc@google.com Signed-off-by: Sean Christopherson commit 1dc9cc1c4c230fbc6bf6322f150d4b81f712cfb9 Author: Sean Christopherson Date: Fri Aug 2 13:39:00 2024 -0700 KVM: x86/mmu: Reword a misleading comment about checking gpte_changed() Rewrite the comment in FNAME(fetch) to explain why KVM needs to check that the gPTE is still fresh before continuing the shadow page walk, even if KVM already has a linked shadow page for the gPTE in question. No functional change intended. Link: https://lore.kernel.org/r/20240802203900.348808-4-seanjc@google.com Signed-off-by: Sean Christopherson commit 7d67b03e6fff3934913a38674f269f55964bdd65 Author: Sean Christopherson Date: Fri Aug 2 13:38:59 2024 -0700 KVM: x86/mmu: Drop pointless "return" wrapper label in FNAME(fetch) Drop the pointless and poorly named "out_gpte_changed" label, in FNAME(fetch), and instead return RET_PF_RETRY directly. No functional change intended. Link: https://lore.kernel.org/r/20240802203900.348808-3-seanjc@google.com Signed-off-by: Sean Christopherson commit 174b6e4a25ea80c2432cedd8e2760e152a6d7f82 Author: Sean Christopherson Date: Fri Aug 2 13:38:58 2024 -0700 KVM: x86/mmu: Decrease indentation in logic to sync new indirect shadow page Combine the back-to-back if-statements for synchronizing children when linking a new indirect shadow page in order to decrease the indentation, and to make it easier to "see" the logic in its entirety. No functional change intended. Link: https://lore.kernel.org/r/20240802203900.348808-2-seanjc@google.com Signed-off-by: Sean Christopherson commit c0d1a39d1d20e5e770bad72bbe1e9d4fa1367e28 Author: Sean Christopherson Date: Fri Aug 2 13:14:29 2024 -0700 KVM: selftests: Always unlink memory regions when deleting (VM free) Unlink memory regions when freeing a VM, even though it's not strictly necessary since all tracking structures are freed soon after. The time spent deleting entries is negligible, and not unlinking entries is confusing, e.g. it's easy to overlook that the tree structures are freed by the caller. Link: https://lore.kernel.org/r/20240802201429.338412-1-seanjc@google.com Signed-off-by: Sean Christopherson commit ce3b90bd0a165c0473e462b9182e30e0659f99cf Author: Sean Christopherson Date: Fri Aug 2 13:08:53 2024 -0700 KVM: selftests: Remove unused kvm_memcmp_hva_gva() Remove sefltests' kvm_memcmp_hva_gva(), which has literally never had a single user since it was introduced by commit 783e9e51266eb ("kvm: selftests: add API testing infrastructure"). Link: https://lore.kernel.org/r/20240802200853.336512-1-seanjc@google.com Signed-off-by: Sean Christopherson commit 7c5f7b16fe1b9d1eb0cbb46d20f57db4a912b6e0 Author: Juntong Deng Date: Thu Aug 29 21:13:15 2024 +0100 selftests/bpf: Add tests for iter next method returning valid pointer This patch adds test cases for iter next method returning valid pointer, which can also used as usage examples. Currently iter next method should return valid pointer. iter_next_trusted is the correct usage and test if iter next method return valid pointer. bpf_iter_task_vma_next has KF_RET_NULL flag, so the returned pointer may be NULL. We need to check if the pointer is NULL before using it. iter_next_trusted_or_null is the incorrect usage. There is no checking before using the pointer, so it will be rejected by the verifier. iter_next_rcu and iter_next_rcu_or_null are similar test cases for KF_RCU_PROTECTED iterators. iter_next_rcu_not_trusted is used to test that the pointer returned by iter next method of KF_RCU_PROTECTED iterator cannot be passed in KF_TRUSTED_ARGS kfuncs. iter_next_ptr_mem_not_trusted is used to test that base type PTR_TO_MEM should not be combined with type flag PTR_TRUSTED. Signed-off-by: Juntong Deng Link: https://lore.kernel.org/r/AM6PR03MB5848709758F6922F02AF9F1F99962@AM6PR03MB5848.eurprd03.prod.outlook.com Signed-off-by: Alexei Starovoitov commit 4cc8c50c9abcb2646a7a4fcef3cea5dcb30c06cf Author: Juntong Deng Date: Thu Aug 29 21:11:17 2024 +0100 bpf: Make the pointer returned by iter next method valid Currently we cannot pass the pointer returned by iter next method as argument to KF_TRUSTED_ARGS or KF_RCU kfuncs, because the pointer returned by iter next method is not "valid". This patch sets the pointer returned by iter next method to be valid. This is based on the fact that if the iterator is implemented correctly, then the pointer returned from the iter next method should be valid. This does not make NULL pointer valid. If the iter next method has KF_RET_NULL flag, then the verifier will ask the ebpf program to check NULL pointer. KF_RCU_PROTECTED iterator is a special case, the pointer returned by iter next method should only be valid within RCU critical section, so it should be with MEM_RCU, not PTR_TRUSTED. Another special case is bpf_iter_num_next, which returns a pointer with base type PTR_TO_MEM. PTR_TO_MEM should not be combined with type flag PTR_TRUSTED (PTR_TO_MEM already means the pointer is valid). The pointer returned by iter next method of other types of iterators is with PTR_TRUSTED. In addition, this patch adds get_iter_from_state to help us get the current iterator from the current state. Signed-off-by: Juntong Deng Link: https://lore.kernel.org/r/AM6PR03MB584869F8B448EA1C87B7CDA399962@AM6PR03MB5848.eurprd03.prod.outlook.com Signed-off-by: Alexei Starovoitov commit f6284563acc9be8f1d389431f265061fa9791b0c Merge: c6d9dafb595564 cada0bdcc47144 Author: Alexei Starovoitov Date: Thu Aug 29 18:15:46 2024 -0700 Merge branch 'bpf-add-gen_epilogue-to-bpf_verifier_ops' Martin KaFai Lau says: ==================== bpf: Add gen_epilogue to bpf_verifier_ops From: Martin KaFai Lau This set allows the subsystem to patch codes before BPF_EXIT. The verifier ops, .gen_epilogue, is added for this purpose. One of the use case will be in the bpf qdisc, the bpf qdisc subsystem can ensure the skb->dev is in the correct value. The bpf qdisc subsystem can either inline fixing it in the epilogue or call another kernel function to handle it (e.g. drop) in the epilogue. Another use case could be in bpf_tcp_ca.c to enforce snd_cwnd has valid value (e.g. positive value). v5: * Removed the skip_cnt argument from adjust_jmp_off() in patch 2. Instead, reuse the delta argument and skip the [tgt_idx, tgt_idx + delta) instructions. * Added a BPF_JMP32_A macro in patch 3. * Removed pro_epilogue_subprog.c in patch 6. The pro_epilogue_kfunc.c has covered the subprog case. Renamed the file pro_epilogue_kfunc.c to pro_epilogue.c. Some of the SEC names and function names are changed accordingly (mainly shorten them by removing the _kfunc suffix). * Added comments to explain the tail_call result in patch 7. * Fixed the following bpf CI breakages. I ran it in CI manually to confirm: https://github.com/kernel-patches/bpf/actions/runs/10590714532 * s390 zext added "w3 = w3". Adjusted the test to use all ALU64 and BPF_DW to avoid zext. Also changed the "int a" in the "struct st_ops_args" to "u64 a". * llvm17 does not take: *(u64 *)(r1 +0) = 0; so it is changed to: r3 = 0; *(u64 *)(r1 +0) = r3; v4: * Fixed a bug in the memcpy in patch 3 The size in the memcpy should be epilogue_cnt * sizeof(*epilogue_buf) v3: * Moved epilogue_buf[16] to env. Patch 1 is added to move the existing insn_buf[16] to env. * Fixed a case that the bpf prog has a BPF_JMP that goes back to the first instruction of the main prog. The jump back to 1st insn case also applies to the prologue. Patch 2 is added to handle it. * If the bpf main prog has multiple BPF_EXIT, use a BPF_JA to goto the earlier patched epilogue. Note that there are (BPF_JMP32 | BPF_JA) vs (BPF_JMP | BPF_JA) details in the patch 3 commit message. * There are subtle changes in patch 3, so I reset the Reviewed-by. * Added patch 8 and patch 9 to cover the changes in patch 2 and patch 3. * Dropped the kfunc call from pro/epilogue and its selftests. v2: * Remove the RFC tag. Keep the ordering at where .gen_epilogue is called in the verifier relative to the check_max_stack_depth(). This will be consistent with the other extra stack_depth usage like optimize_bpf_loop(). * Use __xlated check provided by the test_loader to check the patched instructions after gen_pro/epilogue (Eduard). * Added Patch 3 by Eduard (Thanks!). ==================== Link: https://lore.kernel.org/r/20240829210833.388152-1-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov commit cada0bdcc471443dbd41bd63286f48be3dae0d89 Author: Martin KaFai Lau Date: Thu Aug 29 14:08:31 2024 -0700 selftests/bpf: Test epilogue patching when the main prog has multiple BPF_EXIT This patch tests the epilogue patching when the main prog has multiple BPF_EXIT. The verifier should have patched the 2nd (and later) BPF_EXIT with a BPF_JA that goes back to the earlier patched epilogue instructions. Acked-by: Eduard Zingerman Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240829210833.388152-10-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov commit 42fdbbde6cf4159f77de13a40f8c0be6ef48bcc1 Author: Martin KaFai Lau Date: Thu Aug 29 14:08:30 2024 -0700 selftests/bpf: A pro/epilogue test when the main prog jumps back to the 1st insn This patch adds a pro/epilogue test when the main prog has a goto insn that goes back to the very first instruction of the prog. It is to test the correctness of the adjust_jmp_off(prog, 0, delta) after the verifier has applied the prologue and/or epilogue patch. Acked-by: Eduard Zingerman Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240829210833.388152-9-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov commit b191b0fd740062ede672693671c6e6e942fb02f4 Author: Martin KaFai Lau Date: Thu Aug 29 14:08:29 2024 -0700 selftests/bpf: Add tailcall epilogue test This patch adds a gen_epilogue test to test a main prog using a bpf_tail_call. A non test_loader test is used. The tailcall target program, "test_epilogue_subprog", needs to be used in a struct_ops map before it can be loaded. Another struct_ops map is also needed to host the actual "test_epilogue_tailcall" struct_ops program that does the bpf_tail_call. The earlier test_loader patch will attach all struct_ops maps but the bpf_testmod.c does not support >1 attached struct_ops. The earlier patch used the test_loader which has already covered checking for the patched pro/epilogue instructions. This is done by the __xlated tag. This patch goes for the regular skel load and syscall test to do the tailcall test that can also allow to directly pass the the "struct st_ops_args *args" as ctx_in to the SEC("syscall") program. Acked-by: Eduard Zingerman Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240829210833.388152-8-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov commit 47e69431b57aee6c3c134014e7fca490ca8ca9d1 Author: Martin KaFai Lau Date: Thu Aug 29 14:08:28 2024 -0700 selftests/bpf: Test gen_prologue and gen_epilogue This test adds a new struct_ops "bpf_testmod_st_ops" in bpf_testmod. The ops of the bpf_testmod_st_ops is triggered by new kfunc calls "bpf_kfunc_st_ops_test_*logue". These new kfunc calls are primarily used by the SEC("syscall") program. The test triggering sequence is like: SEC("syscall") syscall_prologue(struct st_ops_args *args) bpf_kfunc_st_op_test_prologue(args) st_ops->test_prologue(args) .gen_prologue adds 1000 to args->a .gen_epilogue adds 10000 to args->a .gen_epilogue will also set the r0 to 2 * args->a. The .gen_prologue and .gen_epilogue of the bpf_testmod_st_ops will test the prog->aux->attach_func_name to decide if it needs to generate codes. The main programs of the pro_epilogue.c will call a new kfunc bpf_kfunc_st_ops_inc10 which does "args->a += 10". It will also call a subprog() which does "args->a += 1". This patch uses the test_loader infra to check the __xlated instructions patched after gen_prologue and/or gen_epilogue. The __xlated check is based on Eduard's example (Thanks!) in v1. args->a is returned by the struct_ops prog (either the main prog or the epilogue). Thus, the __retval of the SEC("syscall") prog is checked. For example, when triggering the ops in the 'SEC("struct_ops/test_epilogue") int test_epilogue' The expected args->a is +1 (subprog call) + 10 (kfunc call) + 10000 (.gen_epilogue) = 10011. The expected return value is 2 * 10011 (.gen_epilogue). Suggested-by: Eduard Zingerman Acked-by: Eduard Zingerman Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240829210833.388152-7-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov commit a0dbf6d0b21e197bf919591081ff2eb7a34ef982 Author: Eduard Zingerman Date: Thu Aug 29 14:08:27 2024 -0700 selftests/bpf: attach struct_ops maps before test prog runs In test_loader based tests to bpf_map__attach_struct_ops() before call to bpf_prog_test_run_opts() in order to trigger bpf_struct_ops->reg() callbacks on kernel side. This allows to use __retval macro for struct_ops tests. Signed-off-by: Eduard Zingerman Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240829210833.388152-6-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov commit 866d571e6201cb8ccb18cb8407ab3ad3adb474b8 Author: Martin KaFai Lau Date: Thu Aug 29 14:08:26 2024 -0700 bpf: Export bpf_base_func_proto The bpf_testmod needs to use the bpf_tail_call helper in a later selftest patch. This patch is to EXPORT_GPL_SYMBOL the bpf_base_func_proto. Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240829210833.388152-5-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov commit 169c31761c8d7f606f3ee628829c27998626c4f0 Author: Martin KaFai Lau Date: Thu Aug 29 14:08:25 2024 -0700 bpf: Add gen_epilogue to bpf_verifier_ops This patch adds a .gen_epilogue to the bpf_verifier_ops. It is similar to the existing .gen_prologue. Instead of allowing a subsystem to run code at the beginning of a bpf prog, it allows the subsystem to run code just before the bpf prog exit. One of the use case is to allow the upcoming bpf qdisc to ensure that the skb->dev is the same as the qdisc->dev_queue->dev. The bpf qdisc struct_ops implementation could either fix it up or drop the skb. Another use case could be in bpf_tcp_ca.c to enforce snd_cwnd has sane value (e.g. non zero). The epilogue can do the useful thing (like checking skb->dev) if it can access the bpf prog's ctx. Unlike prologue, r1 may not hold the ctx pointer. This patch saves the r1 in the stack if the .gen_epilogue has returned some instructions in the "epilogue_buf". The existing .gen_prologue is done in convert_ctx_accesses(). The new .gen_epilogue is done in the convert_ctx_accesses() also. When it sees the (BPF_JMP | BPF_EXIT) instruction, it will be patched with the earlier generated "epilogue_buf". The epilogue patching is only done for the main prog. Only one epilogue will be patched to the main program. When the bpf prog has multiple BPF_EXIT instructions, a BPF_JA is used to goto the earlier patched epilogue. Majority of the archs support (BPF_JMP32 | BPF_JA): x86, arm, s390, risv64, loongarch, powerpc and arc. This patch keeps it simple and always use (BPF_JMP32 | BPF_JA). A new macro BPF_JMP32_A is added to generate the (BPF_JMP32 | BPF_JA) insn. Acked-by: Eduard Zingerman Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240829210833.388152-4-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov commit d5c47719f24438838e60bcbf97008179d6f737a8 Author: Martin KaFai Lau Date: Thu Aug 29 14:08:24 2024 -0700 bpf: Adjust BPF_JMP that jumps to the 1st insn of the prologue The next patch will add a ctx ptr saving instruction "(r1 = *(u64 *)(r10 -8)" at the beginning for the main prog when there is an epilogue patch (by the .gen_epilogue() verifier ops added in the next patch). There is one corner case if the bpf prog has a BPF_JMP that jumps to the 1st instruction. It needs an adjustment such that those BPF_JMP instructions won't jump to the newly added ctx saving instruction. The commit 5337ac4c9b80 ("bpf: Fix the corner case with may_goto and jump to the 1st insn.") has the details on this case. Note that the jump back to 1st instruction is not limited to the ctx ptr saving instruction. The same also applies to the prologue. A later test, pro_epilogue_goto_start.c, has a test for the prologue only case. Thus, this patch does one adjustment after gen_prologue and the future ctx ptr saving. It is done by adjust_jmp_off(env->prog, 0, delta) where delta has the total number of instructions in the prologue and the future ctx ptr saving instruction. The adjust_jmp_off(env->prog, 0, delta) assumes that the prologue does not have a goto 1st instruction itself. To accommodate the prologue might have a goto 1st insn itself, this patch changes the adjust_jmp_off() to skip considering the instructions between [tgt_idx, tgt_idx + delta). Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240829210833.388152-3-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov commit 6f606ffd6dd7583d8194ee3d858ba4da2eff26a3 Author: Martin KaFai Lau Date: Thu Aug 29 14:08:23 2024 -0700 bpf: Move insn_buf[16] to bpf_verifier_env This patch moves the 'struct bpf_insn insn_buf[16]' stack usage to the bpf_verifier_env. A '#define INSN_BUF_SIZE 16' is also added to replace the ARRAY_SIZE(insn_buf) usages. Both convert_ctx_accesses() and do_misc_fixup() are changed to use the env->insn_buf. It is a refactoring work for adding the epilogue_buf[16] in a later patch. With this patch, the stack size usage decreased. Before: ./kernel/bpf/verifier.c:22133:5: warning: stack frame size (2584) After: ./kernel/bpf/verifier.c:22184:5: warning: stack frame size (2264) Reviewed-by: Eduard Zingerman Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240829210833.388152-2-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov commit 5a7c7d148e488f43cf9c8e64fa5e1bd715ae0485 Author: Sean Christopherson Date: Fri Jul 19 16:51:07 2024 -0700 KVM: selftests: Play nice with AMD's AVIC errata When AVIC, and thus IPI virtualization on AMD, is enabled, the CPU will virtualize ICR writes. Unfortunately, the CPU doesn't do a very good job, as it fails to clear the BUSY bit and also allows writing ICR2[23:0], despite them being "RESERVED MBZ". Account for the quirky behavior in the xapic_state test to avoid failures in a configuration that likely has no hope of ever being enabled in production. Link: https://lore.kernel.org/r/20240719235107.3023592-11-seanjc@google.com Signed-off-by: Sean Christopherson commit 0cb26ec320851f685280ff061f84855d0e97bf86 Author: Sean Christopherson Date: Fri Jul 19 16:51:06 2024 -0700 KVM: selftests: Verify the guest can read back the x2APIC ICR it wrote Now that the BUSY bit mess is gone (for x2APIC), verify that the *guest* can read back the ICR value that it wrote. Due to the divergent behavior between AMD and Intel with respect to the backing storage of the ICR in the vAPIC page, emulating a seemingly simple MSR write is quite complex. Link: https://lore.kernel.org/r/20240719235107.3023592-10-seanjc@google.com Signed-off-by: Sean Christopherson commit 3426cb48adb4dc00b75e89c95d257d699f4d75ce Author: Sean Christopherson Date: Fri Jul 19 16:51:05 2024 -0700 KVM: selftests: Test x2APIC ICR reserved bits Actually test x2APIC ICR reserved bits instead of deliberately skipping them. The behavior that is observed when IPI virtualization is enabled is the architecturally correct behavior, KVM is the one who was wrong, i.e. KVM was missing reserved bit checks. Fixes: 4b88b1a518b3 ("KVM: selftests: Enhance handling WRMSR ICR register in x2APIC mode") Link: https://lore.kernel.org/r/20240719235107.3023592-9-seanjc@google.com Signed-off-by: Sean Christopherson commit faf06a238254cec0c8c9bc0876caede63fcfeb24 Author: Sean Christopherson Date: Fri Jul 19 16:51:04 2024 -0700 KVM: selftests: Skip ICR.BUSY test in xapic_state_test if x2APIC is enabled Don't test the ICR BUSY bit when x2APIC is enabled as AMD and Intel have different behavior (AMD #GPs, Intel ignores), and the fact that the CPU performs the reserved bit checks when IPI virtualization is enabled makes it impossible for KVM to precisely emulate one or the other. Link: https://lore.kernel.org/r/20240719235107.3023592-8-seanjc@google.com Signed-off-by: Sean Christopherson commit f2e91e874179a27d4c29b3f31706b37e1e6bcf54 Author: Sean Christopherson Date: Fri Jul 19 16:51:03 2024 -0700 KVM: selftests: Add x86 helpers to play nice with x2APIC MSR #GPs Add helpers to allow and expect #GP on x2APIC MSRs, and opportunistically have the existing helper spit out a more useful error message if an unexpected exception occurs. Link: https://lore.kernel.org/r/20240719235107.3023592-7-seanjc@google.com Signed-off-by: Sean Christopherson commit ed24ba6c2c3450c96dcd804f81893d11e52463cc Author: Sean Christopherson Date: Fri Jul 19 16:51:02 2024 -0700 KVM: selftests: Report unhandled exceptions on x86 as regular guest asserts Now that selftests support printf() in the guest, report unexpected exceptions via the regular assertion framework. Exceptions were special cased purely to provide a better error message. Convert only x86 for now, as it's low-hanging fruit (already formats the assertion in the guest), and converting x86 will allow adding asserts in x86 library code without needing to update multiple tests. Once all other architectures are converted, this will allow moving the reporting to common code, which will in turn allow adding asserts in common library code, and will also allow removing UCALL_UNHANDLED. Link: https://lore.kernel.org/r/20240719235107.3023592-6-seanjc@google.com Signed-off-by: Sean Christopherson commit d1c2cdca5a08f422b791670c11f9d4e3ed0a5518 Author: Sean Christopherson Date: Fri Jul 19 16:51:01 2024 -0700 KVM: selftests: Open code vcpu_run() equivalent in guest_printf test Open code a version of vcpu_run() in the guest_printf test in anticipation of adding UCALL_ABORT handling to _vcpu_run(). The guest_printf test intentionally generates asserts to verify the output, and thus needs to bypass common assert handling. Open code a helper in the guest_printf test, as it's not expected that any other test would want to skip _only_ the UCALL_ABORT handling. Link: https://lore.kernel.org/r/20240719235107.3023592-5-seanjc@google.com Signed-off-by: Sean Christopherson commit 73b42dc69be8564d4951a14d00f827929fe5ef79 Author: Sean Christopherson Date: Fri Jul 19 16:51:00 2024 -0700 KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) Re-introduce the "split" x2APIC ICR storage that KVM used prior to Intel's IPI virtualization support, but only for AMD. While not stated anywhere in the APM, despite stating the ICR is a single 64-bit register, AMD CPUs store the 64-bit ICR as two separate 32-bit values in ICR and ICR2. When IPI virtualization (IPIv on Intel, all AVIC flavors on AMD) is enabled, KVM needs to match CPU behavior as some ICR ICR writes will be handled by the CPU, not by KVM. Add a kvm_x86_ops knob to control the underlying format used by the CPU to store the x2APIC ICR, and tune it to AMD vs. Intel regardless of whether or not x2AVIC is enabled. If KVM is handling all ICR writes, the storage format for x2APIC mode doesn't matter, and having the behavior follow AMD versus Intel will provide better test coverage and ease debugging. Fixes: 4d1d7942e36a ("KVM: SVM: Introduce logic to (de)activate x2AVIC mode") Cc: stable@vger.kernel.org Cc: Maxim Levitsky Cc: Suravee Suthikulpanit Link: https://lore.kernel.org/r/20240719235107.3023592-4-seanjc@google.com Signed-off-by: Sean Christopherson commit d33234342f8b468e719e05649fd26549fb37ef8a Author: Sean Christopherson Date: Fri Jul 19 16:50:59 2024 -0700 KVM: x86: Move x2APIC ICR helper above kvm_apic_write_nodecode() Hoist kvm_x2apic_icr_write() above kvm_apic_write_nodecode() so that a local helper to _read_ the x2APIC ICR can be added and used in the nodecode path without needing a forward declaration. No functional change intended. Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240719235107.3023592-3-seanjc@google.com Signed-off-by: Sean Christopherson commit 71bf395a276f0578d19e0ae137a7d1d816d08e0e Author: Sean Christopherson Date: Fri Jul 19 16:50:58 2024 -0700 KVM: x86: Enforce x2APIC's must-be-zero reserved ICR bits Inject a #GP on a WRMSR(ICR) that attempts to set any reserved bits that are must-be-zero on both Intel and AMD, i.e. any reserved bits other than the BUSY bit, which Intel ignores and basically says is undefined. KVM's xapic_state_test selftest has been fudging the bug since commit 4b88b1a518b3 ("KVM: selftests: Enhance handling WRMSR ICR register in x2APIC mode"), which essentially removed the testcase instead of fixing the bug. WARN if the nodecode path triggers a #GP, as the CPU is supposed to check reserved bits for ICR when it's partially virtualized. Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240719235107.3023592-2-seanjc@google.com Signed-off-by: Sean Christopherson commit 670726a8262e69b3625723b0e168aa20eb7a5f42 Merge: 791f9b68b50710 e68256c8a73caf Author: Jakub Kicinski Date: Thu Aug 29 15:33:27 2024 -0700 Merge branch 'bnxt_en-update-for-net-next' Michael Chan says: ==================== bnxt_en: Update for net-next This series starts with 2 patches to support firmware crash dump. The driver allocates the required DMA memory ahead of time for firmware to store the crash dump if and when it crashes. Patch 3 adds priority and TPID for the .ndo_set_vf_vlan() callback. Note that this was rejected and reverted last year and it is being re-submitted after recent changes in the guidelines. The remaining patches are MSIX related. Legacy interrupt is no longer supported by firmware so we remove the support in the driver. We then convert to use the newer kernel APIs to allocate and enable MSIX vectors. The last patch adds support for dynamic MSIX. v3: https://lore.kernel.org/20240823195657.31588-1-michael.chan@broadcom.com v2: https://lore.kernel.org/20240816212832.185379-1-michael.chan@broadcom.com v1: https://lore.kernel.org/20240713234339.70293-1-michael.chan@broadcom.com ==================== Link: https://patch.msgid.link/20240828183235.128948-1-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit e68256c8a73cafacc7976bb80359511ee0d0ab91 Author: Michael Chan Date: Wed Aug 28 11:32:35 2024 -0700 bnxt_en: Support dynamic MSIX A range of MSIX vectors are allocated at initialization for the number needed for RocE and L2. During run-time, if the user increases or decreases the number of L2 rings, all the MSIX vectors have to be freed and a new range has to be allocated. This is not optimal and causes disruptions to RoCE traffic every time there is a change in L2 MSIX. If the system supports dynamic MSIX allocations, use dynamic allocation to add new L2 MSIX vectors or free unneeded L2 MSIX vectors. RoCE traffic is not affected using this scheme. Reviewed-by: Hongguang Gao Reviewed-by: Somnath Kotur Reviewed-by: Simon Horman Reviewed-by: Przemek Kitszel Signed-off-by: Michael Chan Reviewed-by: Michal Swiatkowski Link: https://patch.msgid.link/20240828183235.128948-10-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit f049d699aeee219ca33d08b48b7e14d7d86aebd5 Author: Michael Chan Date: Wed Aug 28 11:32:34 2024 -0700 bnxt_en: Allocate the max bp->irq_tbl size for dynamic msix allocation If dynamic MSIX allocation is supported, additional MSIX can be allocated at run-time without reinitializing the existing MSIX entries. The first step to support this dynamic scheme is to allocate a large enough bp->irq_tbl if dynamic allocation is supported. Reviewed-by: Hongguang Gao Reviewed-by: Somnath Kotur Reviewed-by: Simon Horman Reviewed-by: Przemek Kitszel Signed-off-by: Michael Chan Link: https://patch.msgid.link/20240828183235.128948-9-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit 4343838ca5ebf9fb52fb9be2459092272a7f70b7 Author: Michael Chan Date: Wed Aug 28 11:32:33 2024 -0700 bnxt_en: Replace deprecated PCI MSIX APIs Use the new pci_alloc_irq_vectors() and pci_free_irq_vectors() to replace the deprecated pci_enable_msix_range() and pci_disable_msix(). Reviewed-by: Somnath Kotur Reviewed-by: Pavan Chebbi Reviewed-by: Simon Horman Reviewed-by: Przemek Kitszel Signed-off-by: Michael Chan Link: https://patch.msgid.link/20240828183235.128948-8-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit af756aad3d5700c22079e37dc3bbf448559fce8e Author: Michael Chan Date: Wed Aug 28 11:32:32 2024 -0700 bnxt_en: Remove register mapping to support INTX In legacy INTX mode, a register is mapped so that the INTX handler can read it to determine if the NIC is the source of the interrupt. This and all the related macros are no longer needed now that INTX is no longer supported. Reviewed-by: Somnath Kotur Reviewed-by: Hongguang Gao Reviewed-by: Simon Horman Signed-off-by: Michael Chan Link: https://patch.msgid.link/20240828183235.128948-7-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit e94d8d97c798900a1c944e479a22a144654fa15f Author: Michael Chan Date: Wed Aug 28 11:32:31 2024 -0700 bnxt_en: Remove BNXT_FLAG_USING_MSIX flag Now that we only support MSIX, the BNXT_FLAG_USING_MSIX is always true. Remove it and any if conditions checking for it. Remove the INTX handler and associated logic. Reviewed-by: Kalesh AP Reviewed-by: Somnath Kotur Reviewed-by: Hongguang Gao Reviewed-by: Simon Horman Signed-off-by: Michael Chan Link: https://patch.msgid.link/20240828183235.128948-6-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit 2a659a46034f3024b6044dbb054c1cef31bcfdfd Author: Michael Chan Date: Wed Aug 28 11:32:30 2024 -0700 bnxt_en: Deprecate support for legacy INTX mode Firmware has deprecated support for legacy INTX in 2022 (since v2.27) and INTX hasn't been tested for many years before that. INTX was only used as a fallback mechansim in case MSIX wasn't available. MSIX is always supported by all firmware. If MSIX capability in PCI config space is not found during probe, abort. Reviewed-by: Hongguang Gao Reviewed-by: Kalesh AP Reviewed-by: Somnath Kotur Reviewed-by: Simon Horman Signed-off-by: Michael Chan Link: https://patch.msgid.link/20240828183235.128948-5-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit 26e3846e23b49ec15a534e95bdc65e090eaaa42e Author: Sreekanth Reddy Date: Wed Aug 28 11:32:29 2024 -0700 bnxt_en: Support QOS and TPID settings for the SRIOV VLAN With recent changes in the .ndo_set_vf_*() guidelines, resubmitting this patch that was reverted eariler in 2023: c27153682eac ("Revert "bnxt_en: Support QOS and TPID settings for the SRIOV VLAN") Add these missing settings in the .ndo_set_vf_vlan() method. Older firmware does not support the TPID setting so check for proper support. Remove the unused BNXT_VF_QOS flag. Reviewed-by: Simon Horman Signed-off-by: Sreekanth Reddy Signed-off-by: Michael Chan Link: https://patch.msgid.link/20240828183235.128948-4-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit 9e7b880b92a7b37c5d72bcd7883da537eba049d6 Author: Vikas Gupta Date: Wed Aug 28 11:32:28 2024 -0700 bnxt_en: add support for retrieving crash dump using ethtool Add support for retrieving crash dump using ethtool -w on the supported interface. Reviewed-by: Somnath Kotur Reviewed-by: Pavan Chebbi Reviewed-by: Andy Gospodarek Reviewed-by: Simon Horman Signed-off-by: Vikas Gupta Signed-off-by: Michael Chan Link: https://patch.msgid.link/20240828183235.128948-3-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit c33626d83e937428cc7ffe1e41382ca454ec148a Author: Vikas Gupta Date: Wed Aug 28 11:32:27 2024 -0700 bnxt_en: add support for storing crash dump into host memory Newer firmware supports automatic DMA of crash dump to host memory when it crashes. If the feature is supported, allocate the required memory using the existing context memory infrastructure. Communicate the page table containing the DMA addresses to the firmware. Reviewed-by: Somnath Kotur Reviewed-by: Pavan Chebbi Reviewed-by: Andy Gospodarek Reviewed-by: Simon Horman Signed-off-by: Vikas Gupta Signed-off-by: Michael Chan Link: https://patch.msgid.link/20240828183235.128948-2-michael.chan@broadcom.com Signed-off-by: Jakub Kicinski commit 70c33a2710cd08a4be974a1c7f9cdb5601a8806f Author: Dnyaneshwar Bhadane Date: Wed Aug 21 17:47:40 2024 +0530 drm/i915/bios: Update new entries in VBT BDB block definitions New entries updated in BDB definition from VBT v257 to v260. Extend fields in backlight power controller VBT block 43 for VBT v257. Add t6 delay support fields in edp panel power block 27 for VBT v260. Update supported VBT version range for obsolete fields. v2: - Update the commit message with description(Jani) - Rename variable names align to spec names(Jani) v3: Rename variables align to specs name (Suraj) Signed-off-by: Dnyaneshwar Bhadane Reviewed-by: Suraj Kandpal Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240821121740.1596048-1-dnyaneshwar.bhadane@intel.com commit 78d500329b65217c45422ac0adf5c030783d3e58 Author: Heiko Stuebner Date: Thu Aug 29 15:21:00 2024 +0200 arm64: dts: rockchip: drop unsupported regulator-property from NanoPC-T6 vcc3v3-sd-s0-regulator used enable-active-low. According the binding of the fixed regulator, that is the assumed mode of operation if enable-active-high is not specified. So this is property is not part of the binding, therefore remove it. Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240829132100.1723127-4-heiko@sntech.de Signed-off-by: Heiko Stuebner commit 9c50ba541a52eca091f74f0c3af558824cd11314 Author: Heiko Stuebner Date: Thu Aug 29 15:20:59 2024 +0200 arm64: dts: rockchip: drop unsupported regulator property from NanoPC-T6 regulator-init-microvolt is used in the vendor-kernel, but not part of the specification. Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240829132100.1723127-3-heiko@sntech.de Signed-off-by: Heiko Stuebner commit 170c77276d470a63d22a2634a38846dd88538637 Author: Heiko Stuebner Date: Thu Aug 29 15:20:58 2024 +0200 arm64: dts: rockchip: use correct fcs,suspend-voltage-selector on NanoPC-T6 A remant from moving from the vendor kernel, the regulator is using a fairchild fcs prefix instead of rockchip,* in the mainline kernel according to its binding. Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240829132100.1723127-2-heiko@sntech.de Signed-off-by: Heiko Stuebner commit 2f0d9872beca2def687de76a7c052db36d6ba78d Author: Frank Li Date: Thu Aug 29 11:06:41 2024 -0400 dt-bindings: hwmon: Convert ltc2978.txt to yaml Convert binding doc ltc2978.txt to yaml format. Additional change: - add i2c node. Fix below warning: arch/arm64/boot/dts/freescale/fsl-lx2160a-clearfog-cx.dtb: /soc/i2c@2000000/i2c-mux@77/i2c@2/regulator@5c: failed to match any schema with compatible: ['lltc,ltc3882'] Signed-off-by: Frank Li Reviewed-by: Rob Herring (Arm) Message-ID: <20240829150641.1307906-1-Frank.Li@nxp.com> Signed-off-by: Guenter Roeck commit 02a416afbe127b1c9ce85ffa340c0a32dbc53184 Author: Daniele Ceraolo Spurio Date: Wed Aug 28 15:14:57 2024 -0700 drm/xe/gsc: Wedge the device if the GSCCS reset fails Due to the special handling of the GSCCS in HW, we can't escalate to GT reset when we receive the reset failure interrupt; the specs indicate that we should trigger an FLR instead, but we do not have support for that at the moment, so the HW will stay permanently in a broken state. We should therefore mark the device as wedged, the same as if the GT reset had failed. Signed-off-by: Daniele Ceraolo Spurio Reviewed-by: Julia Filipchuk Link: https://patchwork.freedesktop.org/patch/msgid/20240828221457.2752868-1-daniele.ceraolospurio@intel.com commit ea31f1c6b470bba02df0b600ed3cf447d4851f0d Author: Mete Durlu Date: Mon Aug 12 13:39:39 2024 +0200 s390/hiperdispatch: Add hiperdispatch debug counters Add three counters to follow and understand hiperdispatch behavior; * adjustment_count (amount of capacity adjustments triggered) * greedy_time_ms (time spent while all cpus are on high capacity) * conservative_time_ms (time spent while only entitled cpus are on high capacity) These counters can be found under /sys/kernel/debug/s390/hiperdispatch/ Time counters are in format and only cover the time spent when hiperdispatch is active. Acked-by: Vasily Gorbik Signed-off-by: Mete Durlu Signed-off-by: Vasily Gorbik commit 441cc6f5b66e814405766ddec4af5071d22e98da Author: Mete Durlu Date: Mon Aug 12 13:39:38 2024 +0200 s390/hiperdispatch: Add hiperdispatch debug attributes Add two attributes for debug purposes. They can be found under; /sys/devices/system/cpu/hiperdispatch/ * hd_stime_threshold : allows user to adjust steal time threshold * hd_delay_factor : allows user to adjust delay factor of hiperdispatch work (after topology updates, delayed work is always delayed extra by this factor) hd_stime_threshold can have values between 0-100 as it represents a percentage value. hd_delay_factor can have values greater than 1. It is multiplied with the default delay to achieve a longer interval, pushing back the next hiperdispatch adjustment after a topology update. Ex: if delay interval is 250ms and the delay factor is 4; delayed interval is now 1000ms(1sec). After each capacity adjustment or topology change, work has a delayed interval of 1 sec for one interval. Acked-by: Vasily Gorbik Signed-off-by: Mete Durlu Signed-off-by: Vasily Gorbik commit b9271a533433dd4049723d4668418709e1927e12 Author: Mete Durlu Date: Mon Aug 12 13:39:37 2024 +0200 s390/hiperdispatch: Add hiperdispatch sysctl interface Expose hiperdispatch controls via sysctl. The user can now toggle hiperdispatch via assigning 0 or 1 to s390.hiperdispatch attribute. When hiperdipatch is toggled on, it tries to adjust CPU capacities, while system is in vertical polarization to gain performance benefits from different CPU polarizations. Disabling hiperdispatch reverts the CPU capacities to their default (HIGH_CAPACITY) and stops the dynamic adjustments. Introduce a kconfig option HIPERDISPATCH_ON which allows users to use hiperdispatch by default on vertical polarization. Using the sysctl attribute s390.hiperdispatch would overwrite this behavior. Acked-by: Vasily Gorbik Signed-off-by: Mete Durlu Signed-off-by: Vasily Gorbik commit 1e5aa12d470b1af613fca89a3069529fa9c92cfb Author: Mete Durlu Date: Mon Aug 12 13:39:36 2024 +0200 s390/hiperdispatch: Add trace events Add trace events to debug hiperdispatch behavior and track domain rebuilding. Two events provide information about the decision making of hiperdispatch and the adjustments made. Acked-by: Vasily Gorbik Co-developed-by: Tobias Huschle Signed-off-by: Tobias Huschle Signed-off-by: Mete Durlu Signed-off-by: Vasily Gorbik commit c0d4ba054f6a32c5d0a6740d90c97f91faf73fd7 Author: Mete Durlu Date: Mon Aug 12 13:39:35 2024 +0200 s390/hiperdispatch: Add steal time averaging The measurements done by hiperdispatch can have sudden spikes and dips during run time. To prevent these outliers effecting the decision making process and causing adjustment overhead, use weighted average of the steal time. Acked-by: Vasily Gorbik Co-developed-by: Tobias Huschle Signed-off-by: Tobias Huschle Signed-off-by: Mete Durlu Signed-off-by: Vasily Gorbik commit 6843d6d97c03b8fa506d188a483bc494a6ac4c89 Author: Mete Durlu Date: Mon Aug 12 13:39:34 2024 +0200 s390/hiperdispatch: Introduce hiperdispatch When LPAR is in vertical polarization, CPUs get different polarization values, namely vertical high, vertical medium and vertical low. These values represent the likelyhood of the CPU getting physical runtime. Vertical high CPUs will always get runtime and others get varying runtime depending on the load the CEC is under. Vertical high and vertical medium CPUs are considered the CPUs which the current LPAR has the entitlement to run on. The vertical lows are on the other hand are borrowed CPUs which would only be given to the LPAR by hipervisor when the other LPARs are not utilizing them. Using the CPU capacities, hint linux scheduler when it should prioritise vertical high and vertical medium CPUs over vertical low CPUs. By tracking various system statistics hiperdispatch determines when to adjust cpu capacities. After each adjustment, rebuilding of scheduler domains is necessary to notify the scheduler about capacity changes but since this operation is costly it should be done as sparsely as possible. Acked-by: Vasily Gorbik Co-developed-by: Tobias Huschle Signed-off-by: Tobias Huschle Signed-off-by: Mete Durlu Signed-off-by: Vasily Gorbik commit 26ceef523d5442a8bc88e334c3e84cdbd9e3fb92 Author: Mete Durlu Date: Mon Aug 12 13:39:33 2024 +0200 s390/smp: Add cpu capacities Linux scheduler allows architectures to assign capacity values to individual CPUs. This hints scheduler the performance difference between CPUs and allows more efficient task distribution them. Implement helper methods to set and get CPU capacities for s390. This is particularly helpful in vertical polarization configurations of LPARs. On vertical polarization an LPARs CPUs can get different polarization values depending on the CEC configuration. CPUs with different polarization values can perform different from each other, using CPU capacities this can be reflected to linux scheduler. Acked-by: Vasily Gorbik Signed-off-by: Mete Durlu Signed-off-by: Vasily Gorbik commit 7e627f819302b8c22098b0575c35a3349c4e306f Author: Tobias Huschle Date: Mon Aug 12 13:39:32 2024 +0200 s390/topology: Add config option to switch to vertical during boot By default, all systems on s390 start in horizontal cpu polarization. Selecting the new config option SCHED_TOPOLOGY_VERTICAL allows to build a kernel that switches to vertical polarization during boot. Acked-by: Heiko Carstens Tested-by: Mete Durlu Signed-off-by: Tobias Huschle Signed-off-by: Vasily Gorbik commit 9dd333e7afc4a4855f821a7be83733b8ef48d5ba Author: Tobias Huschle Date: Mon Aug 12 13:39:31 2024 +0200 s390/topology: Add sysctl handler for polarization Provide an additional path to set the polarization of the system, such that a user no longer relies on the sysfs interface only and is able configure the polarization for every reboot via sysctl control files. The new sysctl can be set as follows: - s390.polarization=0 for horizontal polarization - s390.polarization=1 for vertical polarization Acked-by: Heiko Carstens Tested-by: Mete Durlu Signed-off-by: Tobias Huschle Signed-off-by: Vasily Gorbik commit 307b675cf0193f37fbc50ff9de5322dc1361aa6b Author: Tobias Huschle Date: Mon Aug 12 13:39:30 2024 +0200 s390/wti: Add debugfs file to display missed grace periods per cpu Introduce a new debug file which allows to determine how many warning track grace periods were missed on each CPU. The new file can be found as /sys/kernel/debug/s390/wti It is formatted as: CPU0 CPU1 [...] CPUx xyz xyz [...] xyz Acked-by: Heiko Carstens Reviewed-by: Mete Durlu Signed-off-by: Tobias Huschle Signed-off-by: Vasily Gorbik commit 42419bcdfdcb287918e53500a04aeb532b41ed1f Author: Tobias Huschle Date: Mon Aug 12 13:39:29 2024 +0200 s390/wti: Add wti accounting for missed grace periods A virtual CPU that has received a warning-track interrupt may fail to acknowledge the interrupt within the warning-track grace period. While this is usually not a problem, it will become necessary to investigate if there is a large number of such missed warning-track interrupts. Therefore, it is necessary to track these events. The information is tracked through the s390 debug facility and can be found under /sys/kernel/debug/s390dbf/wti/. The hex_ascii output is formatted as: The values pid and current psw are collected when a warning track interrupt is received. Symbol is either the kernel symbol matching the collected psw or redacted to when running in user space. Each line represents the currently executing process when a warning track interrupt was received which was then not acknowledged within its grace period. Acked-by: Heiko Carstens Reviewed-by: Mete Durlu Signed-off-by: Tobias Huschle Signed-off-by: Vasily Gorbik commit cafeff5a030983bbf37b11ab766b68d7da3b8aab Author: Tobias Huschle Date: Mon Aug 12 13:39:28 2024 +0200 s390/wti: Prepare graceful CPU pre-emption on wti reception When a warning track interrupt is received, the kernel has only a very limited amount of time to make sure, that the CPU can be yielded as gracefully as possible before being pre-empted by the hypervisor. The interrupt handler for the wti therefore unparks a kernel thread which has being created on boot re-using the CPU hotplug kernel thread infrastructure. These threads exist per CPU and are assigned the highest possible real-time priority. This makes sure, that said threads will execute as soon as possible as the scheduler should pre-empt any other running user tasks to run the real-time thread. Furthermore, the interrupt handler disables all I/O interrupts to prevent additional interrupt processing on the soon-preempted CPU. Interrupt handlers are likely to take kernel locks, which in the worst case, will be kept while the interrupt handler is pre-empted from itself underlying physical CPU. In that case, all tasks or interrupt handlers on other CPUs would have to wait for the pre-empted CPU being dispatched again. By preventing further interrupt processing, this risk is minimized. Once the CPU gets dispatched again, the real-time kernel thread regains control, reenables interrupts and parks itself again. Acked-by: Heiko Carstens Reviewed-by: Mete Durlu Signed-off-by: Tobias Huschle Signed-off-by: Vasily Gorbik commit 2c6c9ccc76434d5609300aa578a4737e1686b320 Author: Tobias Huschle Date: Mon Aug 12 13:39:27 2024 +0200 s390/wti: Introduce infrastructure for warning track interrupt The warning-track interrupt (wti) provides a notification that the receiving CPU will be pre-empted from its physical CPU within a short time frame. This time frame is called grace period and depends on the machine type. Giving up the CPU on time may prevent a task to get stuck while holding a resource. Reviewed-by: Heiko Carstens Reviewed-by: Mete Durlu Signed-off-by: Tobias Huschle Signed-off-by: Vasily Gorbik commit 324db0faf8e1cbfde7a033e77f674f2bb819b54e Author: Gaosheng Cui Date: Sat Aug 24 20:07:49 2024 +0800 s390/hypfs: Remove obsoleted declaration for hypfs_dbfs_exit The hypfs_dbfs_exit() have been removed since commit 3325b4d85799 ("s390/hypfs: factor out filesystem code"), and now it is useless, so remove it. Signed-off-by: Gaosheng Cui Acked-by: Vasily Gorbik Signed-off-by: Vasily Gorbik commit 36dff49b9634f6054efbfda83682b2081a64b35a Author: Vasily Gorbik Date: Wed Aug 28 19:07:00 2024 +0200 s390/ftrace: Avoid extra serialization for graph caller patching The only context where ftrace_enable_ftrace_graph_caller() or ftrace_disable_ftrace_graph_caller() is called also calls ftrace_arch_code_modify_post_process(), which already performs text_poke_sync_lock(). ftrace_run_update_code() arch_ftrace_update_code() ftrace_modify_all_code() ftrace_enable_ftrace_graph_caller()/ftrace_disable_ftrace_graph_caller() ftrace_arch_code_modify_post_process() text_poke_sync_lock() Remove the redundant serialization. Reviewed-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit 5200614080cd7a0fca7424b711cab503dfe6bdca Author: Vasily Gorbik Date: Wed Aug 28 19:06:58 2024 +0200 s390/ftrace: Use get/copy_from_kernel_nofault consistently Use get/copy_from_kernel_nofault to access the kernel text consistently. Replace memcmp() in ftrace_init_nop() to ensure that in case of inconsistencies in the 'mcount' table, the kernel reports a failure instead of potentially crashing. Reviewed-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit efd9cd019e95d399e27be8dfbfc1df91517c0813 Author: Vasily Gorbik Date: Wed Aug 28 19:06:55 2024 +0200 s390/ftrace: Avoid trampolines if possible When a sequential instruction fetching facility is present, it is safe to patch ftrace NOPs in function prologues. All of them are 8-byte aligned. Reviewed-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit 30799152c375c4e1f40c7f2b98d766748d3b3333 Author: Vasily Gorbik Date: Wed Aug 28 19:06:52 2024 +0200 s390/kprobes: Avoid stop machine if possible Avoid stop machine on kprobes arm/disarm when sequential instruction fetching is present. Reviewed-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit bb91ed0ee3a76406846b99d6aca8121100a14ff5 Author: Vasily Gorbik Date: Wed Aug 28 19:06:49 2024 +0200 s390/setup: Recognize sequential instruction fetching facility When sequential instruction fetching facility is present, certain guarantees are provided for code patching. In particular, atomic overwrites within 8 aligned bytes is safe from an instruction-fetching point of view. Reviewed-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit ee3daf7c05e70a0b88723ceb18587aed75716729 Author: Sven Schnelle Date: Wed Aug 28 13:50:04 2024 +0200 s390/entry: Unify save_area_sync and save_area_async In the past two save areas existed because interrupt handlers and system call / program check handlers where entered with interrupts enabled. To prevent a handler from overwriting the save areas from the previous handler, interrupts used the async save area, while system call and program check handler used the sync save area. Since the removal of critical section cleanup from entry.S, handlers are entered with interrupts disabled. When the interrupts are re-enabled, the save area is no longer need. Therefore merge both save areas into one. Reviewed-by: Heiko Carstens Reviewed-by: Alexander Gordeev Signed-off-by: Sven Schnelle Signed-off-by: Vasily Gorbik commit 56199bb956c3ea82e39c72d2972ebf8c18c6a8c0 Author: Harald Freudenberger Date: Wed Aug 28 14:25:08 2024 +0200 s390/ap: Fix deadlock caused by recursive lock of the AP bus scan mutex There is a possibility to deadlock with an recursive lock of the AP bus scan mutex ap_scan_bus_mutex: ... kernel: ============================================ ... kernel: WARNING: possible recursive locking detected ... kernel: 5.14.0-496.el9.s390x #3 Not tainted ... kernel: -------------------------------------------- ... kernel: kworker/12:1/130 is trying to acquire lock: ... kernel: 0000000358bc1510 (ap_scan_bus_mutex){+.+.}-{3:3}, at: ap_bus_force_rescan+0x92/0x108 ... kernel: but task is already holding lock: ... kernel: 0000000358bc1510 (ap_scan_bus_mutex){+.+.}-{3:3}, at: ap_scan_bus_wq_callback+0x28/0x60 ... kernel: other info that might help us debug this: ... kernel: Possible unsafe locking scenario: ... kernel: CPU0 ... kernel: ---- ... kernel: lock(ap_scan_bus_mutex); ... kernel: lock(ap_scan_bus_mutex); ... kernel: *** DEADLOCK *** Here is how the callstack looks like: ... [<00000003576fe9ce>] process_one_work+0x2a6/0x748 ... [<0000000358150c00>] ap_scan_bus_wq_callback+0x40/0x60 <- mutex locked ... [<00000003581506e2>] ap_scan_bus+0x5a/0x3b0 ... [<000000035815037c>] ap_scan_adapter+0x5b4/0x8c0 ... [<000000035814fa34>] ap_scan_domains+0x2d4/0x668 ... [<0000000357d989b4>] device_add+0x4a4/0x6b8 ... [<0000000357d9bb54>] bus_probe_device+0xb4/0xc8 ... [<0000000357d9daa8>] __device_attach+0x120/0x1b0 ... [<0000000357d9a632>] bus_for_each_drv+0x8a/0xd0 ... [<0000000357d9d548>] __device_attach_driver+0xc0/0x140 ... [<0000000357d9d3d8>] driver_probe_device+0x40/0xf0 ... [<0000000357d9cec2>] really_probe+0xd2/0x460 ... [<000000035814d7b0>] ap_device_probe+0x150/0x208 ... [<000003ff802a5c46>] zcrypt_cex4_queue_probe+0xb6/0x1c0 [zcrypt_cex4] ... [<000003ff7fb2d36e>] zcrypt_queue_register+0xe6/0x1b0 [zcrypt] ... [<000003ff7fb2c8ac>] zcrypt_rng_device_add+0x94/0xd8 [zcrypt] ... [<0000000357d7bc52>] hwrng_register+0x212/0x228 ... [<0000000357d7b8c2>] add_early_randomness+0x102/0x110 ... [<000003ff7fb29c94>] zcrypt_rng_data_read+0x94/0xb8 [zcrypt] ... [<0000000358150aca>] ap_bus_force_rescan+0x92/0x108 ... [<0000000358177572>] mutex_lock_interruptible_nested+0x32/0x40 <- lock again Note this only happens when the very first random data providing crypto card appears via hot plug in the system AND is in disabled state ("deconfig"). Then the initial pull of random data fails and a re-scan of the AP bus is triggered while already in the middle of an AP bus scan caused by the appearing new hardware. The fix is relatively simple once the scenario us understood: The AP bus force rescan function will immediately return if there is currently an AP bus scan running with the very same thread id. Fixes: eacf5b3651c5 ("s390/ap: introduce mutex to lock the AP bus scan") Signed-off-by: Harald Freudenberger Signed-off-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit 88c02b3f79a61e659749773865998e0c33247e86 Author: Joerg Schmidbauer Date: Wed Aug 28 13:52:30 2024 +0200 s390/sha3: Support sha3 performance enhancements On newer machines the SHA3 performance of CPACF instructions KIMD and KLMD can be enhanced by using additional modifier bits. This allows the application to omit initializing the ICV, but also affects the internal processing of the instructions. Performance is mostly gained when processing short messages. The new CPACF feature is backwards compatible with older machines, i.e. the new modifier bits are ignored on older machines. However, to save the ICV initialization, the application must detect the MSA level and omit the ICV initialization only if this feature is supported. Reviewed-by: Holger Dengler Signed-off-by: Joerg Schmidbauer Signed-off-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit 177b621bf0685e8733fa6a7c796865f4200a6e2f Author: Harald Freudenberger Date: Thu Aug 22 11:32:21 2024 +0200 s390/pkey: Add function to enforce pkey handler modules load There is a use case during early boot with an secure key encrypted root file system where the paes cipher may try to derive a protected key from secure key while the AP bus is still in the process of scanning the bus and building up the zcrypt device drivers. As the detection of CEX cards also triggers the modprobe of the pkey handler modules, these modules may come into existence too late. Yet another use case happening during early boot is for use of an protected key encrypted swap file(system). There is an ephemeral protected key read via sysfs to set up the swap file. But this only works when the pkey_pckmo module is already in - which may happen at a later time as the load is triggered via CPU feature. This patch introduces a new function pkey_handler_request_modules() and invokes it which unconditional tries to load in the pkey handler modules. This function is called for the in-kernel API to derive a protected key from whatever and in the sysfs API when the first attempt to simple invoke the handler function failed. Signed-off-by: Harald Freudenberger Reviewed-by: Holger Dengler Signed-off-by: Vasily Gorbik commit 2fc401b94434ae97d1c9c1283fcf816c1ad9457c Author: Harald Freudenberger Date: Thu Aug 22 11:32:20 2024 +0200 s390/pkey: Add slowpath function to CCA and EP11 handler For some keys there exists an alternative but usually slower path to convert the key material into a protected key. This patch introduces a new handler function slowpath_key_to_protkey() which provides this alternate path for the CCA and EP11 handler code. With that even the knowledge about how and when this can be used within the pkey API code can be removed. So now the pkey API just tries the primary way and if that fails simple tries the alternative way. Signed-off-by: Harald Freudenberger Reviewed-by: Holger Dengler Signed-off-by: Vasily Gorbik commit 8fcc231ce3bea12b78bb94b280cdc03cff342435 Author: Harald Freudenberger Date: Thu Aug 22 11:32:19 2024 +0200 s390/pkey: Introduce pkey base with handler registry and handler modules Introduce pkey base kernel code with a simple pkey handler registry. Regroup the pkey code into these kernel modules: - pkey is the pkey api supporting the ioctls, sysfs and in-kernel api. Also the pkey base code which offers the handler registry and handler wrapping invocation functions is integrated there. This module is automatically loaded in via CPU feature if the MSA feature is available. - pkey-cca is the CCA related handler code kernel module a offering CCA specific implementation for pkey. This module is loaded in via MODULE_DEVICE_TABLE when a CEX[4-8] card becomes available. - pkey-ep11 is the EP11 related handler code kernel module offering an EP11 specific implementation for pkey. This module is loaded in via MODULE_DEVICE_TABLE when a CEX[4-8] card becomes available. - pkey-pckmo is the PCKMO related handler code kernel module. This module is loaded in via CPU feature if the MSA feature is available, but on init a check for availability of the pckmo instruction is performed. The handler modules register via a pkey_handler struct at the pkey base code and the pkey customer (that is currently the pkey api code fetches a handler via pkey handler registry functions and calls the unified handler functions via the pkey base handler functions. As a result the pkey-cca, pkey-ep11 and pkey-pckmo modules get independent from each other and it becomes possible to write new handlers which offer another kind of implementation without implicit dependencies to other handler implementations and/or kernel device drivers. For each of these 4 kernel modules there is an individual Kconfig entry: CONFIG_PKEY for the base and api, CONFIG_PKEY_CCA for the PKEY CCA support handler, CONFIG_PKEY_EP11 for the EP11 support handler and CONFIG_PKEY_PCKMO for the pckmo support. The both CEX related handler modules (PKEY CCA and PKEY EP11) have a dependency to the zcrypt api of the zcrypt device driver. Signed-off-by: Harald Freudenberger Reviewed-by: Holger Dengler Signed-off-by: Vasily Gorbik commit ea88e1710a9f19345c94c195f9cd7365e50343b0 Author: Harald Freudenberger Date: Thu Aug 22 11:32:18 2024 +0200 s390/pkey: Unify pkey cca, ep11 and pckmo functions signatures As a preparation step for introducing a common function API between the pkey API module and the handlers (that is the cca, ep11 and pckmo code) this patch unifies the functions signatures exposed by the handlers and reworks all the invocation code of these functions. Signed-off-by: Harald Freudenberger Reviewed-by: Holger Dengler Signed-off-by: Vasily Gorbik commit 86fbf5e2a0ca58f10261a264ee25bf2a936ee5d2 Author: Harald Freudenberger Date: Thu Aug 22 11:32:17 2024 +0200 s390/pkey: Rework and split PKEY kernel module code This is a huge rework of all the pkey kernel module code. The goal is to split the code into individual parts with a dedicated calling interface: - move all the sysfs related code into pkey_sysfs.c - all the CCA related code goes to pkey_cca.c - the EP11 stuff has been moved to pkey_ep11.c - the PCKMO related code is now in pkey_pckmo.c The CCA, EP11 and PCKMO code may be seen as "handlers" with a similar calling interface. The new header file pkey_base.h declares this calling interface. The remaining code in pkey_api.c handles the ioctl, the pkey module things and the "handler" independent code on top of the calling interface invoking the handlers. This regrouping of the code will be the base for a real pkey kernel module split into a pkey base module which acts as a dispatcher and handler modules providing their service. Signed-off-by: Harald Freudenberger Reviewed-by: Holger Dengler Signed-off-by: Vasily Gorbik commit 7344eea1b30253d4fade26b255b578ec8eaf0853 Author: Harald Freudenberger Date: Thu Aug 22 11:32:16 2024 +0200 s390/pkey: Split pkey_unlocked_ioctl function Split the very huge ioctl handling function pkey_unlocked_ioctl() into individual functions per each IOCTL command. There is no change in functional code coming with this patch. The work is a simple copy-and-paste with the goal to have the functionality absolutely untouched. Signed-off-by: Harald Freudenberger Reviewed-by: Holger Dengler Signed-off-by: Vasily Gorbik commit c3dcb058b110d07e56cc8129273e1342905b611c Author: Holger Dengler Date: Wed Aug 7 18:06:29 2024 +0200 s390/crypto: Add hardware acceleration for HMAC modes Add new shash exploiting the HMAC hardware accelerations for SHA224, SHA256, SHA384 and SHA512 introduced with message-security assist extension 11. Reviewed-by: Harald Freudenberger Signed-off-by: Holger Dengler Signed-off-by: Vasily Gorbik commit 80625b670312e74512d65b19e9470184386ab265 Author: Holger Dengler Date: Wed Aug 7 18:06:28 2024 +0200 s390/crypto: Add hardware acceleration for full AES-XTS mode Add new cipher exploiting the full AES-XTS hardware acceleration introduced with message-security assist extension 10. The full AES-XTS cipher is registered as preferred cipher in addition to the discrete AES-XTS variant. Reviewed-by: Harald Freudenberger Signed-off-by: Holger Dengler Signed-off-by: Vasily Gorbik commit 4f7a31a7ef19e59cc89d1013cfd909e05d89b6ff Author: Mete Durlu Date: Mon Aug 26 14:22:48 2024 +0200 s390/hypfs_diag: Remove unused dentry variable Remove leftover dentry variable after hypfs refactoring. Before 2fcb3686e160, hypfs_diag.c and other hypfs files were using debugfs_create_file() explicitly for creating debugfs files and were storing the returned pointer. After the refactor, common debugfs file operations and also the related dentry pointers have been moved into hypfs_dbfs.c and redefined as new common mechanisms. Therefore the dentry variable and the debugfs_remove() function calls in hypfs_diag.c are now redundant. Current code is not effected since the dentry pointer in hypfs_diag is implicitly assigned to NULL and debugfs_remove() returns without an error if the passed pointer is NULL. Acked-by: Alexander Gordeev Signed-off-by: Mete Durlu Signed-off-by: Vasily Gorbik commit acb684d3b049e37b987b1be56265319842b9273a Author: Vasily Gorbik Date: Mon Aug 26 22:13:41 2024 +0200 s390/disassembler: Add instructions Add more instructions to the kernel disassembler. Reviewed-by: Jens Remus Reviewed-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit 4eac37ffaf007fba766e61a5d7e384fcdc033cd6 Author: Vasily Gorbik Date: Mon Aug 26 23:16:06 2024 +0200 s390: Always enable EXPOLINE_EXTERN if supported Since commit ba05b39d54ee ("s390/expoline: Make modules use kernel expolines"), there is no longer any reason not to use CONFIG_EXPOLINE_EXTERN when supported by the compiler. On the positive side: - there is only a single set of expolines generated and used by both the kernel code and modules, - it eliminates expolines "comdat" sections, which can confuse tools like kpatch. Always enable EXPOLINE_EXTERN if supported by the compiler. Suggested-by: Heiko Carstens Reviewed-by: Sumanth Korikkar Reviewed-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit 7f4f1f47a3f69e2ca8315ed7202bb1a4c4a444b9 Author: Jens Remus Date: Fri Aug 23 12:05:15 2024 +0200 s390/disassembler: Update instruction mnemonics to latest spec Over the course of CPU generations a few instructions got extended, changing their base mnemonic, while keeping the former as an extended mnemonic. Update the instruction mnemonics in the disassembler to their latest base mnemonic as documented in the latest IBM z/Architecture Principles of Operation specification [1]. With the IBM z14 the base mnemonics of the following vector instructions have been changed: - Vector FP Load Lengthened (VFLL) - Vector FP Load Rounded (VFLR) With Message-Security-Assist Extension 5 Perform Pseudorandom Number Operation (PPNO) has been renamed to Perform Random Number Operation (PRNO). With Vector Enhancements Facility 2 the base mnemonics of the following vector instructions have been changed: - Vector FP Convert from Fixed (VCFPS) - Vector FP Convert from Logical (VCFPL) - Vector FP Convert to Fixed (VCSFP) - Vector FP Convert to Logical (VCLFP) [1] IBM z/Architecture Principles of Operation, SA22-7832-13, IBM z16, https://publibfp.dhe.ibm.com/epubs/pdf/a227832d.pdf Acked-by: Vasily Gorbik Signed-off-by: Jens Remus Signed-off-by: Vasily Gorbik commit 73c81973b44b10c460268567fac4eead17284867 Author: Jens Remus Date: Fri Aug 23 12:05:14 2024 +0200 s390/disassembler: Use proper format specifiers for operand values Treat register numbers as unsigned. Treat signed operand values as signed. This resolves multiple instances of the Cppcheck warning: warning: %i in format string (no. 1) requires 'int' but the argument type is 'unsigned int'. [invalidPrintfArgType_sint] Acked-by: Vasily Gorbik Signed-off-by: Jens Remus Signed-off-by: Vasily Gorbik commit 791f9b68b507108fb4d35f75c8289e6f95260446 Merge: 3d8806f37d318b b24d22ac74bfdd Author: Jakub Kicinski Date: Thu Aug 29 13:00:38 2024 -0700 Merge branch 'adding-so_peek_off-for-tcpv6' Jon Maloy says: ==================== Adding SO_PEEK_OFF for TCPv6 Adding SO_PEEK_OFF for TCPv6 and selftest for both TCPv4 and TCPv6 ==================== Link: https://patch.msgid.link/20240828183752.660267-1-jmaloy@redhat.com Signed-off-by: Jakub Kicinski commit b24d22ac74bfdde2e1146e1838abdc99131b1d19 Author: Jon Maloy Date: Wed Aug 28 14:37:52 2024 -0400 selftests: add selftest for tcp SO_PEEK_OFF support We add a selftest to check that the new feature added in commit 05ea491641d3 ("tcp: add support for SO_PEEK_OFF socket option") works correctly. Reviewed-by: Jason Xing Reviewed-by: Stefano Brivio Tested-by: Stefano Brivio Signed-off-by: Jon Maloy Link: https://patch.msgid.link/20240828183752.660267-3-jmaloy@redhat.com Signed-off-by: Jakub Kicinski commit be9a4fb831b8b6dc5724dd3e61973ea91b413ec1 Author: Jon Maloy Date: Wed Aug 28 14:37:51 2024 -0400 tcp: add SO_PEEK_OFF socket option tor TCPv6 When doing further testing of the recently added SO_PEEK_OFF feature for TCP I realized I had omitted to add it for TCP/IPv6. I do that here. Fixes: 05ea491641d3 ("tcp: add support for SO_PEEK_OFF socket option") Reviewed-by: Eric Dumazet Reviewed-by: David Gibson Reviewed-by: Stefano Brivio Tested-by: Stefano Brivio Signed-off-by: Jon Maloy Reviewed-by: Jason Xing Link: https://patch.msgid.link/20240828183752.660267-2-jmaloy@redhat.com Signed-off-by: Jakub Kicinski commit 252ed1f7f7c657812ee864a9dad0a935f7bed08b Author: Dan Carpenter Date: Thu Aug 29 22:30:39 2024 +0300 HID: hid-goodix: Fix type promotion bug in goodix_hid_get_raw_report() The issue is GOODIX_HID_PKG_LEN_SIZE is defined as sizeof(u16) which is type size_t. However, goodix_hid_check_ack_status() returns negative error codes or potentially a positive but invalid length which is too small. So when we compare "if ((response_data_len <= GOODIX_HID_PKG_LEN_SIZE)" then negative error codes are type promoted to size_t and counted as a positive large value and treated as valid. It would have been easy enough to add some casting to avoid the type promotion, however this patch takes a more thourough approach and moves the length check into goodix_hid_check_ack_status(). Now the function only return negative error codes or zero on success and the length pointer is never set to an invalid length. Fixes: 75e16c8ce283 ("HID: hid-goodix: Add Goodix HID-over-SPI driver") Signed-off-by: Dan Carpenter Reviewed-by: Dmitry Torokhov Signed-off-by: Jiri Kosina commit 3d8806f37d318b10ddf9fa686821f58bc6301c7b Author: Jakub Kicinski Date: Wed Aug 28 10:36:09 2024 -0700 tools: ynl: error check scanf() in a sample Someone reported on GitHub that the YNL NIPA test is failing when run locally. The test builds the tools, and it hits: netdev.c:82:9: warning: ignoring return value of ‘scanf’ declared with attribute ‘warn_unused_result’ [-Wunused-result] 82 | scanf("%d", &ifindex); I can't repro this on my setups but error seems clear enough. Link: https://github.com/linux-netdev/nipa/discussions/37 Reviewed-by: Simon Horman Reviewed-by: Nicolas Dichtel Link: https://patch.msgid.link/20240828173609.2951335-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit 12c612e115f3f021e72025447233ca89c94fb751 Merge: 1251580983f267 fb16787b396c46 Author: Jens Axboe Date: Thu Aug 29 13:37:43 2024 -0600 Merge tag 'md-6.12-20240829' of https://git.kernel.org/pub/scm/linux/kernel/git/song/md into for-6.12/block Pull MD updates from Song: "Major changes in this set are: 1. md-bitmap refactoring, by Yu Kuai; 2. raid5 performance optimization, by Artur Paszkiewicz; 3. Other small fixes, by Yu Kuai and Chen Ni." * tag 'md-6.12-20240829' of https://git.kernel.org/pub/scm/linux/kernel/git/song/md: (49 commits) md/raid5: rename wait_for_overlap to wait_for_reshape md/raid5: only add to wq if reshape is in progress md/raid5: use wait_on_bit() for R5_Overlap md: Remove flush handling md/md-bitmap: make in memory structure internal md/md-bitmap: merge md_bitmap_enabled() into bitmap_operations md/md-bitmap: merge md_bitmap_wait_behind_writes() into bitmap_operations md/md-bitmap: merge md_bitmap_free() into bitmap_operations md/md-bitmap: merge md_bitmap_set_pages() into struct bitmap_operations md/md-bitmap: merge md_bitmap_copy_from_slot() into struct bitmap_operation. md/md-bitmap: merge get_bitmap_from_slot() into bitmap_operations md/md-bitmap: merge md_bitmap_resize() into bitmap_operations md/md-bitmap: pass in mddev directly for md_bitmap_resize() md/md-bitmap: merge md_bitmap_daemon_work() into bitmap_operations md/md-bitmap: merge bitmap_unplug() into bitmap_operations md/md-bitmap: merge md_bitmap_unplug_async() into md_bitmap_unplug() md/md-bitmap: merge md_bitmap_sync_with_cluster() into bitmap_operations md/md-bitmap: merge md_bitmap_cond_end_sync() into bitmap_operations md/md-bitmap: merge md_bitmap_close_sync() into bitmap_operations md/md-bitmap: merge md_bitmap_end_sync() into bitmap_operations ... commit d64d11b733dd435c9fce6397bcc0d235c68d1b39 Merge: 3cbd2090d334eb 82183b03de5f80 Author: Jakub Kicinski Date: Thu Aug 29 12:33:14 2024 -0700 Merge branch 'replace-deprecated-strcpy-with-strscpy' Hongbo Li says: ==================== replace deprecated strcpy with strscpy The deprecated helper strcpy() performs no bounds checking on the destination buffer. This could result in linear overflows beyond the end of the buffer, leading to all kinds of misbehaviors. The safe replacement is strscpy() [1]. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1] ==================== Link: https://patch.msgid.link/20240828123224.3697672-1-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit 82183b03de5f80f5d9c45cbb7129cd03f592f474 Author: Hongbo Li Date: Wed Aug 28 20:32:24 2024 +0800 net/ipv4: net: prefer strscpy over strcpy The deprecated helper strcpy() performs no bounds checking on the destination buffer. This could result in linear overflows beyond the end of the buffer, leading to all kinds of misbehaviors. The safe replacement is strscpy() [1]. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1] Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240828123224.3697672-7-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit af1052fd49cc7c78e577bb1d6241171a8ce05bab Author: Hongbo Li Date: Wed Aug 28 20:32:23 2024 +0800 net/tipc: replace deprecated strcpy with strscpy The deprecated helper strcpy() performs no bounds checking on the destination buffer. This could result in linear overflows beyond the end of the buffer, leading to all kinds of misbehaviors. The safe replacement is strscpy() [1]. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1] Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240828123224.3697672-6-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit 597be7bd17c36c8fa7e075f0da4decc7ca3b9d1d Author: Hongbo Li Date: Wed Aug 28 20:32:21 2024 +0800 net/netrom: prefer strscpy over strcpy The deprecated helper strcpy() performs no bounds checking on the destination buffer. This could result in linear overflows beyond the end of the buffer, leading to all kinds of misbehaviors. The safe replacement is strscpy() [1]. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1] Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240828123224.3697672-4-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit b19f69a958300dcc93e453d7ed3fa354fc0f590c Author: Hongbo Li Date: Wed Aug 28 20:32:20 2024 +0800 net/ipv6: replace deprecated strcpy with strscpy The deprecated helper strcpy() performs no bounds checking on the destination buffer. This could result in linear overflows beyond the end of the buffer, leading to all kinds of misbehaviors. The safe replacement is strscpy() [1]. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1] Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240828123224.3697672-3-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit 68016b997222c9f866912f6911815105ed2ce473 Author: Hongbo Li Date: Wed Aug 28 20:32:19 2024 +0800 net: prefer strscpy over strcpy The deprecated helper strcpy() performs no bounds checking on the destination buffer. This could result in linear overflows beyond the end of the buffer, leading to all kinds of misbehaviors. The safe replacement is strscpy() [1]. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1] Signed-off-by: Hongbo Li Signed-off-by: Jakub Kicinski commit c6d9dafb595564ae44ef2e25e3ace2973aa867f3 Author: Hongbo Li Date: Wed Aug 28 14:21:28 2024 +0800 bpf: Use kvmemdup to simplify the code Use kvmemdup instead of kvmalloc() + memcpy() to simplify the code. No functional change intended. Acked-by: Yonghong Song Signed-off-by: Hongbo Li Link: https://lore.kernel.org/r/20240828062128.1223417-1-lihongbo22@huawei.com Signed-off-by: Alexei Starovoitov commit 89dd9bb25597621ca0500aa598140ff0858091e2 Author: Yiming Xiang Date: Wed Aug 28 23:17:12 2024 -0400 docs/bpf: Fix a typo in verifier.rst In verifier.rst, there is a typo in section 'Register parentage chains'. Caller saved registers are r0-r5, callee saved registers are r6-r9. Here by context it means callee saved registers rather than caller saved registers. This may confuse users. Signed-off-by: Yiming Xiang Link: https://lore.kernel.org/r/20240829031712.198489-1-kxiang@umich.edu Signed-off-by: Alexei Starovoitov commit bd0b4836a2333d5c725397d458c8edfa66f1d9bb Author: Amery Hung Date: Tue Aug 27 01:13:01 2024 +0000 selftests/bpf: Make sure stashed kptr in local kptr is freed recursively When dropping a local kptr, any kptr stashed into it is supposed to be freed through bpf_obj_free_fields->__bpf_obj_drop_impl recursively. Add a test to make sure it happens. The test first stashes a referenced kptr to "struct task" into a local kptr and gets the reference count of the task. Then, it drops the local kptr and reads the reference count of the task again. Since bpf_obj_free_fields and __bpf_obj_drop_impl will go through the local kptr recursively during bpf_obj_drop, the dtor of the stashed task kptr should eventually be called. The second reference count should be one less than the first one. Signed-off-by: Amery Hung Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240827011301.608620-1-amery.hung@bytedance.com Signed-off-by: Alexei Starovoitov commit e9a7053da377e19ebc6f1afe55c7f75219aaef79 Author: Ian Rogers Date: Thu Aug 29 08:01:51 2024 -0700 perf header: Allow attributes to be written after data With a file, to write data an offset needs to be known. Typically data follows the event attributes in a file. However, if processing a pipe the number of event attributes may not be known. It is convenient in that case to write the attributes after the data. Expand perf_session__do_write_header() to allow this when the data offset and size are known. This approach may be useful for more than just taking a pipe file to write into a data file, `perf inject --itrace` will reserve and additional 8kb for attributes, which would be unnecessary if the attributes were written after the data. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Nick Terrell Cc: Peter Zijlstra Cc: Yanteng Si Cc: Yicong Yang Link: https://lore.kernel.org/r/20240829150154.37929-6-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 10df481fda13d29c2d9893b7460b8a7095d0ccf5 Author: Ian Rogers Date: Thu Aug 29 08:01:50 2024 -0700 perf header: Fail read if header sections overlap Buggy perf.data files can have the attributes and data overlapping. For example, when processing pipe data the attributes aren't known and so file offset header calculations can consider them not present. Later this can cause the attributes to overwrite the data. This can be seen in: $ perf record -o - true > a.data [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.059 MB - ] $ perf inject -i a.data -o b.data $ perf report --stats -i b.data 0x68 [0]: failed to process type: 510379 [Invalid argument] Error: failed to process sample $ This change makes reading the corrupt file fail: $ perf report --stats -i b.data Perf file header corrupt: Attributes and data overlap incompatible file format (rerun with -v to learn more) $ Which is more informative. Signed-off-by: Ian Rogers Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Nick Terrell Cc: Peter Zijlstra Cc: Yanteng Si Cc: Yicong Yang Link: https://lore.kernel.org/r/20240829150154.37929-5-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit d71bbe799c0cda4a0581f98ea3e4d646a18e799d Author: Ian Rogers Date: Thu Aug 29 08:01:49 2024 -0700 perf header: Add kerneldoc to 'struct perf_file_header' Some of the values are a little strange so add documentation to resolve ambiguity. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Nick Terrell Cc: Peter Zijlstra Cc: Yanteng Si Cc: Yicong Yang Link: https://lore.kernel.org/r/20240829150154.37929-4-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit d9c993100ef1906bd1f25bab789390828ef10a41 Author: Ian Rogers Date: Thu Aug 29 08:01:48 2024 -0700 perf session: Document 'struct perf_session' and constify its 'auxtrace' member perf_session is a central data structure to the tool so let's comment it. The auxtrace callbacks are never modified in session so constify. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Nick Terrell Cc: Peter Zijlstra Cc: Yanteng Si Cc: Yicong Yang Link: https://lore.kernel.org/r/20240829150154.37929-3-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 6c0a7c3c693ac84f8b50269a9088af8f37446863 Author: Alex Deucher Date: Tue Mar 26 11:28:29 2024 -0400 drm/amdgpu: always allocate cleared VRAM for GEM allocations This adds allocation latency, but aligns better with user expectations. The latency should improve with the drm buddy clearing patches that Arun has been working on. In addition this fixes the high CPU spikes seen when doing wipe on release. v2: always set AMDGPU_GEM_CREATE_VRAM_CLEARED (Christian) Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3528 Fixes: a68c7eaa7a8f ("drm/amdgpu: Enable clear page functionality") Acked-by: Arunpravin Paneer Selvam Reviewed-by: Michel Dänzer (v1) Signed-off-by: Alex Deucher Cc: Arunpravin Paneer Selvam Cc: Christian König commit 022aa67b5ab9077d8f5bf02df5a7f0f2d4dfb909 Author: James Clark Date: Mon Jul 22 11:11:49 2024 +0100 perf: cs-etm: Print queue number in raw trace dump Now that we have overlapping trace IDs it's also useful to know what the queue number is to be able to distinguish the source of the trace so print it inline. Hide it behind the -v option because it might not be obvious to users what the queue number is. Reviewed-by: Mike Leach Signed-off-by: James Clark Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexandre Torgue Cc: Anshuman Khandual Cc: Ganapatrao Kulkarni Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Maxime Coquelin Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Suzuki Poulouse Cc: Will Deacon Link: https://lore.kernel.org/r/20240722101202.26915-8-james.clark@linaro.org Signed-off-by: James Clark Signed-off-by: Arnaldo Carvalho de Melo commit 1506af6db8c4abbe3d5dd573ec72b90f81abfcf7 Author: James Clark Date: Mon Jul 22 11:11:48 2024 +0100 perf: cs-etm: Support version 0.1 of HW_ID packets v0.1 HW_ID packets have a new field that describes which sink each CPU writes to. Use the sink ID to link trace ID maps to each other so that mappings are shared wherever the sink is shared. Also update the error message to show that overlapping IDs aren't an error in per-thread mode, just not supported. In the future we can use the CPU ID from the AUX records, or watch for changing sink IDs on HW_ID packets to use the correct decoders. Reviewed-by: Mike Leach Signed-off-by: James Clark Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexandre Torgue Cc: Anshuman Khandual Cc: Ganapatrao Kulkarni Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Maxime Coquelin Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Suzuki Poulouse Cc: Will Deacon Link: https://lore.kernel.org/r/20240722101202.26915-7-james.clark@linaro.org Signed-off-by: James Clark Signed-off-by: Arnaldo Carvalho de Melo commit 940007cee539fd07c7c274030f7f7252f8c5a5d7 Author: James Clark Date: Mon Jul 22 11:11:47 2024 +0100 perf: cs-etm: Only save valid trace IDs into files This isn't a bug because Perf always masks with CORESIGHT_TRACE_ID_VAL_MASK before using these values, but to avoid it looking like it could be, make an effort to not save bad values. Reviewed-by: Mike Leach Signed-off-by: James Clark Signed-off-by: James Clark Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexandre Torgue Cc: Anshuman Khandual Cc: Ganapatrao Kulkarni Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Maxime Coquelin Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Suzuki Poulouse Cc: Will Deacon Link: https://lore.kernel.org/r/20240722101202.26915-6-james.clark@linaro.org Signed-off-by: Arnaldo Carvalho de Melo commit 19c3e4db38c5bf30c7e7b53dad5a464d7031dec4 Author: James Clark Date: Mon Jul 22 11:11:46 2024 +0100 perf: cs-etm: Create decoders based on the trace ID mappings Now that each queue has a unique set of trace ID mappings, use this list to create the decoders. In unformatted mode just add a single mapping so only one decoder is made. Previously each queue would have a decoder created for each traced CPU on the system but this won't work anymore because CPUs can have overlapping trace IDs. This also means that the CORESIGHT_TRACE_ID_UNUSED_FLAG isn't needed any more. If mappings aren't added then decoders aren't created, rather than needing a flag to suppress creation. Reviewed-by: Mike Leach Signed-off-by: James Clark Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexandre Torgue Cc: Anshuman Khandual Cc: Ganapatrao Kulkarni Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Maxime Coquelin Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Suzuki Poulouse Cc: Will Deacon Link: https://lore.kernel.org/r/20240722101202.26915-5-james.clark@linaro.org Signed-off-by: James Clark Signed-off-by: Arnaldo Carvalho de Melo commit 77c123f53e97ad4bde0271eb671b71774a99ebf6 Author: James Clark Date: Mon Jul 22 11:11:45 2024 +0100 perf: cs-etm: Move traceid_list to each queue The global list won't work for per-sink trace ID allocations, so put a list in each queue where the IDs will be unique to that queue. To keep the same behavior as before, for version 0 of the HW_ID packets, copy all the HW_ID mappings into all queues. This change doesn't effect the decoders, only trace ID lookups on the Perf side. The decoders are still created with global mappings which will be fixed in a later commit. Reviewed-by: Mike Leach Signed-off-by: James Clark Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexandre Torgue Cc: Anshuman Khandual Cc: Ganapatrao Kulkarni Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Maxime Coquelin Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Suzuki Poulouse Cc: Will Deacon Link: https://lore.kernel.org/r/20240722101202.26915-4-james.clark@linaro.org Signed-off-by: James Clark Signed-off-by: Arnaldo Carvalho de Melo commit 3cbd2090d334eb4456db0005f7b76adb3b6fd8db Merge: bf4d87f884fe8a 0dd5dd63ba91d7 Author: Jakub Kicinski Date: Thu Aug 8 14:03:51 2024 -0700 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Cross-merge networking fixes after downstream PR. Conflicts: drivers/net/ethernet/faraday/ftgmac100.c 4186c8d9e6af ("net: ftgmac100: Ensure tx descriptor updates are visible") e24a6c874601 ("net: ftgmac100: Get link speed and duplex for NC-SI") https://lore.kernel.org/0b851ec5-f91d-4dd3-99da-e81b98c9ed28@kernel.org net/ipv4/tcp.c bac76cf89816 ("tcp: fix forever orphan socket caused by tcp_abort") edefba66d929 ("tcp: rstreason: introduce SK_RST_REASON_TCP_STATE for active reset") https://lore.kernel.org/20240828112207.5c199d41@canb.auug.org.au No adjacent changes. Link: https://patch.msgid.link/20240829130829.39148-1-pabeni@redhat.com Signed-off-by: Jakub Kicinski commit bf4d87f884fe8a4b6b61fe4d0e05f293d08df61c Author: Yang Ruibin <11162571@vivo.com> Date: Wed Aug 28 20:26:49 2024 +0800 net: alacritech: Switch to use dev_err_probe() use dev_err_probe() instead of dev_err() to simplify the error path and standardize the format of the error code. Signed-off-by: Yang Ruibin <11162571@vivo.com> Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240828122650.1324246-1-11162571@vivo.com Signed-off-by: Jakub Kicinski commit 4266563afbb1eb1735aa7063fe8ff6377991ae42 Author: Hongbo Li Date: Wed Aug 28 20:23:36 2024 +0800 net: hns: Use IS_ERR_OR_NULL() helper function Use the IS_ERR_OR_NULL() helper instead of open-coding a NULL and an error pointer checks to simplify the code and improve readability. Signed-off-by: Hongbo Li Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240828122336.3697176-1-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit 9023fda2f186168e45bb8e7397ad15ff17fd7bf8 Author: Hongbo Li Date: Wed Aug 28 20:18:05 2024 +0800 net: dsa: realtek: make use of dev_err_cast_probe() Using dev_err_cast_probe() to simplify the code. Signed-off-by: Hongbo Li Reviewed-by: Andrew Lunn Reviewed-by: Alvin Šipraga Link: https://patch.msgid.link/20240828121805.3696631-1-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit a41de3b12ec17dbaba443d7aa7cb481dc21aea28 Author: Hongbo Li Date: Wed Aug 28 20:15:51 2024 +0800 net: ipa: make use of dev_err_cast_probe() Using dev_err_cast_probe() to simplify the code. Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240828121551.3696520-1-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit daca6afc19960b25cf776fad82c57baa7f216d2a Merge: 0a8b08c554dabe bc682b8064be82 Author: Jakub Kicinski Date: Thu Aug 29 11:39:39 2024 -0700 Merge branch 'net-vertexcom-mse102x-minor-clean-ups' Stefan Wahren says: ==================== net: vertexcom: mse102x: Minor clean-ups This series provides some minor clean-ups for the Vertexcom MSE102x driver. ==================== Link: https://patch.msgid.link/20240827191000.3244-1-wahrenst@gmx.net Signed-off-by: Jakub Kicinski commit bc682b8064be82f5f9d2fda79f5b8a14e3ecc4df Author: Stefan Wahren Date: Tue Aug 27 21:10:00 2024 +0200 net: vertexcom: mse102x: Use ETH_ZLEN There is already a define for minimum Ethernet frame length without FCS. So used this instead of the magic number. Signed-off-by: Stefan Wahren Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240827191000.3244-6-wahrenst@gmx.net Signed-off-by: Jakub Kicinski commit 7f37d20929c05bf7817b59615b79a0167f3690a3 Author: Stefan Wahren Date: Tue Aug 27 21:09:59 2024 +0200 net: vertexcom: mse102x: Drop log message on remove This message is a leftover from initial development. It's unnecessary now and can be dropped. Signed-off-by: Stefan Wahren Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240827191000.3244-5-wahrenst@gmx.net Signed-off-by: Jakub Kicinski commit d3a41dc7e9b04aca289e4bad0b96f1ac9b135f0c Author: Stefan Wahren Date: Tue Aug 27 21:09:58 2024 +0200 net: vertexcom: mse102x: Fix random MAC address log At the time of MAC address assignment the netdev is not registered yet, so netdev log functions won't work as expected. While we are at this downgrade the log level to a warning, because a random MAC address is not a real error. Signed-off-by: Stefan Wahren Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240827191000.3244-4-wahrenst@gmx.net Signed-off-by: Jakub Kicinski commit 0069716da006146809c9b5714bec79285453fbee Author: Stefan Wahren Date: Tue Aug 27 21:09:57 2024 +0200 net: vertexcom: mse102x: Silence TX timeout As long as the MSE102x is not operational, every packet transmission will run into a TX timeout and flood the kernel log. So log only the first TX timeout and a user is at least informed about this issue. The amount of timeouts are still available via netstat. Signed-off-by: Stefan Wahren Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240827191000.3244-3-wahrenst@gmx.net Signed-off-by: Jakub Kicinski commit c88908baec1a5f594bc70f28808a8e676311a69f Author: Stefan Wahren Date: Tue Aug 27 21:09:56 2024 +0200 net: vertexcom: mse102x: Use DEFINE_SIMPLE_DEV_PM_OPS This macro has the advantage over SET_SYSTEM_SLEEP_PM_OPS that we don't have to care about when the functions are actually used. Also make use of pm_sleep_ptr() to discard all PM_SLEEP related stuff if CONFIG_PM_SLEEP isn't enabled. Signed-off-by: Stefan Wahren Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240827191000.3244-2-wahrenst@gmx.net Signed-off-by: Jakub Kicinski commit b9401c658d2c7c0d5a7f33399389eaa18e1d1cea Author: Dmitry Torokhov Date: Thu Aug 29 11:20:26 2024 -0700 MAINTAINERS: add gameport.h, serio.h and uinput.h to INPUT section Add gameport.h, serio.h and uinput.h and complementing them headers from include/uapi/ to "INPUT (KEYBOARD, MOUSE, JOYSTICK, TOUCHSCREEN) DRIVERS" section so that get_maintainers.pl script will pick them up and patches affecting them will be sent to the right place. Signed-off-by: Dmitry Torokhov commit b48baf69db9725aa5ddde52d98cd7b5517ddd9eb Author: Hui-Ping Chen Date: Mon Aug 5 03:03:56 2024 +0000 phy: nuvoton: add new driver for the Nuvoton MA35 SoC USB 2.0 PHY Nuvoton MA35 SoCs support DWC2 USB controller. Add the driver to drive the USB 2.0 PHY transceivers. Signed-off-by: Hui-Ping Chen Link: https://lore.kernel.org/r/20240805030356.14565-3-hpchen0nvt@gmail.com Signed-off-by: Vinod Koul commit fb16787b396c46158e46b588d357dea4e090020b Merge: 7f67fdae3372c3 6f039cc42f2198 Author: Song Liu Date: Thu Aug 29 11:22:13 2024 -0700 Merge branch 'md-6.12-raid5-opt' into md-6.12 From Artur: The wait_for_overlap wait queue is currently used in two cases, which are not really related: - waiting for actual overlapping bios, which uses R5_Overlap bit, - waiting for events related to reshape. Handling every write request in raid5_make_request() involves adding to and removing from this wait queue, which uses a spinlock. With fast storage and multiple submitting threads the contention on this lock is noticeable. This patch series aims to resolve this by separating the two cases mentioned above and using this wait queue only when reshape is in progress. The results when testing 4k random writes on raid5 with null_blk (8 jobs, qd=64, group_thread_cnt=8): before: 463k IOPS after: 523k IOPS The improvement is not huge with this series alone but it is just one of the bottlenecks. When applied onto some other changes I'm working on, it allowed to go from 845k IOPS to 975k IOPS on the same test. * md-6.12-raid5-opt: md/raid5: rename wait_for_overlap to wait_for_reshape md/raid5: only add to wq if reshape is in progress md/raid5: use wait_on_bit() for R5_Overlap Signed-off-by: Song Liu commit c174f1c6c100b18c4a908b117265d7cd99fff6c7 Author: Hui-Ping Chen Date: Mon Aug 5 03:03:55 2024 +0000 dt-bindings: phy: nuvoton,ma35-usb2-phy: add new bindings Add dt-bindings for USB2 PHY found on the Nuvoton MA35 SoC. Signed-off-by: Hui-Ping Chen Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240805030356.14565-2-hpchen0nvt@gmail.com Signed-off-by: Vinod Koul commit 00c5f32283f377ec60870bccbd518d9feb7fbc52 Author: Qiang Yu Date: Mon Aug 5 19:45:18 2024 +0300 phy: qcom: qmp-pcie: Configure all tables on port B PHY Currently, only the RX and TX tables are written to the second PHY (port B) when the 4-lanes mode is configured, but according to Qualcomm internal documentation, the pcs, pcs_misc, serdes and ln_shrd tables need to be written as well. Signed-off-by: Qiang Yu Reviewed-by: Dmitry Baryshkov Signed-off-by: Abel Vesa Link: https://lore.kernel.org/r/20240805-phy-qcom-qmp-pcie-write-all-tbls-second-port-v3-1-6967c6bf61d1@linaro.org Signed-off-by: Vinod Koul commit 7f7315db3d262298ab33d198d3f0b09cabfa7b6b Author: Lorenzo Bianconi Date: Tue Aug 6 17:55:48 2024 +0200 phy: airoha: adjust initialization delay in airoha_pcie_phy_init() Align phy-pcie initialization delay to the vendor sdk in airoha_pcie_phy_init routine and allow the hw to complete required configuration before proceeding Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Lorenzo Bianconi Link: https://lore.kernel.org/r/8af6f27857619f1e0dd227f08b8584ae8fb22fb2.1722959625.git.lorenzo@kernel.org Signed-off-by: Vinod Koul commit 45a4237b9be24d6c93db9da2b2180810c5bb2929 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:28:35 2024 +0200 dt-bindings: phy: socionext,uniphier: add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clock-names and reset-names. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Rob Herring (Arm) Reviewed-by: Kunihiko Hayashi Link: https://lore.kernel.org/r/20240818172835.121757-1-krzysztof.kozlowski@linaro.org Signed-off-by: Vinod Koul commit 9dab00ee95447b286ebb0ada3a5edc00beab3750 Author: Abel Vesa Date: Fri Aug 23 10:04:16 2024 +0300 phy: qcom: qmp-pcie: Add Gen4 4-lanes mode for X1E80100 The sixth PCIe controller on X1E80100 can be used in either 4-lanes mode or 2-lanes mode. Add the configuration and compatible for the 4-lane mode. Reviewed-by: Johan Hovold Signed-off-by: Abel Vesa Tested-by: Johan Hovold Link: https://lore.kernel.org/r/20240823-x1e80100-phy-add-gen4x4-v3-2-b7765631ca01@linaro.org Signed-off-by: Vinod Koul commit 0c5f4d23f77631f657b60ef660676303f7620688 Author: Abel Vesa Date: Fri Aug 23 10:04:15 2024 +0300 dt-bindings: phy: qcom,sc8280xp-qmp-pcie-phy: Document the X1E80100 QMP PCIe PHY Gen4 x4 The sixth PCIe instance on X1E80100 can be used in either 4-lane mode or 2-lane mode. Document the 4-lane mode as a separate compatible. Reviewed-by: Krzysztof Kozlowski Reviewed-by: Johan Hovold Signed-off-by: Abel Vesa Link: https://lore.kernel.org/r/20240823-x1e80100-phy-add-gen4x4-v3-1-b7765631ca01@linaro.org Signed-off-by: Vinod Koul commit 30f85882393193d344b815f02ecb5c8d7db4923d Author: Dmitry Torokhov Date: Sat Aug 24 22:29:56 2024 -0700 Input: bcm5974 - use guard notation when acquiring mutex This makes the code more compact and error handling more robust by ensuring that mutexes are released in all code paths when control leaves critical section. Acked-by: Henrik Rydberg Link: https://lore.kernel.org/r/ZsrBVO2w9WwX73iU@google.com Signed-off-by: Dmitry Torokhov commit 40a6bb10d3d124c9adfd9f5e0bb8e020e0ccb712 Author: Dmitry Torokhov Date: Sat Aug 24 16:09:04 2024 -0700 Input: matrix-keymap - switch to using __free() cleanup facility Use __free(kfree) cleanup facility in matrix_keypad_parse_keymap() to automatically free temporarily allocated memory. Reviewed-by: Hans de Goede Link: https://lore.kernel.org/r/ZspoEPdTcH-hpciy@google.com Signed-off-by: Dmitry Torokhov commit 03515f9f3f210eb034372d7a8155cdc73670f163 Merge: 6b99dc62d94075 f189c972f86b00 Author: Mark Brown Date: Thu Aug 29 18:53:02 2024 +0100 ASoC: dt-bindings: amlogic-sound-cards: document Merge series from Neil Armstrong : Following an off-list discution with Jerome about fixing the following DTBs check errors: sound: Unevaluated properties are not allowed ('assigned-clock-parents', 'assigned-clock-rates', 'assigned-clocks' were unexpected) from schema $id: http://devicetree.org/schemas/sound/amlogic,axg-sound-card.yaml# sound: Unevaluated properties are not allowed ('assigned-clock-parents', 'assigned-clock-rates', 'assigned-clocks' were unexpected) from schema $id: http://devicetree.org/schemas/sound/amlogic,gx-sound-card.yaml# sound: 'anyOf' conditional failed, one must be fixed: 'clocks' is a required property '#clock-cells' is a required property from schema $id: http://devicetree.org/schemas/clock/clock.yaml# It has been agreed documenting the clock in the sound card is a better solution than moving them to a random clock controller or consumer node which is not related to the actual meaning of those root frequencies. The patchset adds the clocks proprty to the bindings and finally adds the properties to the DT files. commit 52491d97aadcde543986d596ed55f70bf2142851 Author: Jack Xiao Date: Thu Aug 22 18:18:51 2024 +0800 drm/amdgpu/mes: add mes mapping legacy queue switch For mes11 old firmware has issue to map legacy queue, add a flag to switch mes to map legacy queue. Fixes: f9d8c5c7855d ("drm/amdgpu/gfx: enable mes to map legacy queue support") Reported-by: Andrew Worsley Link: https://lists.freedesktop.org/archives/amd-gfx/2024-August/112773.html Signed-off-by: Jack Xiao Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 96316211eb5c4b58f34099e9e6f71fdfad7af01a Author: Yifan Zhang Date: Tue Aug 27 15:14:31 2024 +0800 drm/amdkfd: Don't drain ih1 for APU ih1 is not initialized for APUs. Don't drain it or NULL pointer error will be triggered. Fixes: 6ef29715ac06 ("drm/amdkfd: Change kfd/svm page fault drain handling") Signed-off-by: Yifan Zhang Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 1125f95cd2455b51ad1c16d7f96ae39117083d20 Author: Alex Deucher Date: Thu Aug 15 12:58:14 2024 -0400 drm/amdgpu/gfx12: return early in preempt_ib() When MES is enabled KIQ is not available. Return an error when someone uses the debugfs preempt test interface in that case. Acked-by: Srinivasan Shanmugam Signed-off-by: Alex Deucher commit 1e487c9173ca12ae372f71a5f5c0eb57ce0ab108 Author: Alex Deucher Date: Wed Aug 14 09:15:24 2024 -0400 drm/amdgpu/gfx11: return early in preempt_ib() When MES is enabled KIQ is not available. Return an error when someone uses the debugfs preempt test interface in that case. Acked-by: Srinivasan Shanmugam Signed-off-by: Alex Deucher commit 28d43d0895896f84c038d906d244e0a95eb243ec Author: Leo Li Date: Tue Aug 27 11:29:53 2024 -0400 drm/amd/display: Determine IPS mode by ASIC and PMFW versions [Why] DCN IPS interoperates with other system idle power features, such as Zstates. On DCN35, there is a known issue where system Z8 + DCN IPS2 causes a hard hang. We observe this on systems where the SBIOS allows Z8. Though there is a SBIOS fix, there's no guarantee that users will get it any time soon, or even install it. A workaround is needed to prevent this from rearing its head in the wild. [How] For DCN35, check the pmfw version to determine whether the SBIOS has the fix. If not, set IPS1+RCG as the deepest possible state in all cases except for s0ix and display off (DPMS). Otherwise, enable all IPS Signed-off-by: Leo Li Reviewed-by: Harry Wentland Signed-off-by: Alex Deucher commit 99311b8a9ea2b83413cbb80e17c4648a518e7486 Merge: 11543f534adf74 2d3e6351a25de0 Author: Mark Brown Date: Thu Aug 29 18:39:19 2024 +0100 spi: atmel-quadspi: Fix uninitialized res Merge series from Jinjie Ruan : Fix uninitialized res in probe function. commit 30e8f4c2bd532c44af0e0fad9c04e7d2970b91a6 Author: Sunil Khatri Date: Wed Aug 28 13:36:23 2024 +0530 drm/amdgpu: Move the dumping log out of for loop log message "Dumping IP State Completed" needs to be logged only once when state dumping is complete. Hence moving it out of the for loop. Signed-off-by: Sunil Khatri Acked-by: Trigger Huang Signed-off-by: Alex Deucher commit af76ca8e180f38a7d874c18cf810707762766627 Author: Victor Zhao Date: Mon Aug 26 00:14:26 2024 +0800 drm/amd/amdgpu: move drain_workqueue before shutdown is set [background] when unloading amdgpu driver right after running a workload, drain_workqueue is causing "Fence fallback timer expired on ring sdma0.0". Under sriov, this issue will cause sriov full access timeout and a reset happening. move drain_workqueue before shutdown is set to allow ih process and before enter full access under sriov to avoid full access time cost. Signed-off-by: Victor Zhao Reviewed-by: Feifei Xu Signed-off-by: Alex Deucher commit 11543f534adf7436239da26e5efa495adb47615d Merge: 1db86650b978bf deb269e0394f2c Author: Mark Brown Date: Thu Aug 29 18:39:05 2024 +0100 spi: bcmbca-hsspi: Fix missing pm_runtime_disable() Merge series from Jinjie Ruan : Fix missing pm_runtime_disable(). commit c67db6a6a6be4bb1db1b0fd5b24040d68e461cb1 Author: Trigger Huang Date: Mon Aug 19 16:04:52 2024 +0800 drm/amdgpu: Do core dump immediately when job tmo Do the coredump immediately after a job timeout to get a closer representation of GPU's error status. V2: This will skip printing vram_lost as the GPU reset is not happened yet (Alex) V3: Unconditionally call the core dump as we care about all the reset functions(soft-recovery and queue reset and full adapter reset, Alex) V4: Do the dump after adev->job_hang = true (Sunil) Signed-off-by: Trigger Huang Acked-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 1db86650b978bf4bf70267556f6bf7bc8b2253da Merge: 3959d1f0f8d668 196d34e2c8cfec Author: Mark Brown Date: Thu Aug 29 18:38:53 2024 +0100 spi: wpcm-fiu: Fix uninitialized res Merge series from Jinjie Ruan : Fix uninitialized res in probe function. commit 6122f5c72e38a88eda13c7168e2ebbd3bd80b681 Author: Trigger Huang Date: Mon Aug 19 15:53:22 2024 +0800 drm/amdgpu: skip printing vram_lost if needed The vm lost status can only be obtained after a GPU reset occurs, but sometimes a dev core dump can be happened before GPU reset. So a new argument is added to tell the dev core dump implementation whether to skip printing the vram_lost status in the dump. And this patch is also trying to decouple the core dump function from the GPU reset function, by replacing the argument amdgpu_reset_context with amdgpu_job to specify the context for core dump. V2: Inform user if VRAM lost check is skipped so users don't assume VRAM wasn't lost (Alex) Signed-off-by: Trigger Huang Suggested-by: Alex Deucher Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 7c1a2d8aba6cadde0cc542b2d805edc0be667e79 Author: Alex Deucher Date: Tue Aug 20 16:21:15 2024 -0400 drm/amdgpu/gfx9: put queue resets behind a debug option Pending extended validation. Reviewed-and-tested-by: Jiadong Zhu Acked-by: Felix Kuehling Signed-off-by: Alex Deucher commit a9b67c036c7f5d187fb88eb74fe04dff1098700f Author: Alex Deucher Date: Tue Aug 20 15:19:04 2024 -0400 drm/amdgpu: add experimental resets debug flag Add this flag to enable experimental resets for testing before they are fully validated. Reviewed-and-tested-by: Jiadong Zhu Signed-off-by: Alex Deucher commit 0296f20c72d23f41ca0ccd64eb849e9ef1aa8977 Author: Fabio Estevam Date: Thu Aug 29 08:31:58 2024 -0300 ARM: dts: rockchip: Do not describe unexisting DAC device on rv1108-elgin-r1 There is no DAC connected to the SPI bus of the Elgin RV1108 R1 board. There is a JG10309-01 LCD controlled via SPI though. Properly describe it by adding the "elgin,jg10309-01" compatible string. Reported-by: Conor Dooley Closes: https://lore.kernel.org/linux-arm-kernel/20240717-parrot-malt-83cc04bf6b36@spud/ Signed-off-by: Fabio Estevam Acked-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240829113158.3324928-3-festevam@gmail.com Signed-off-by: Heiko Stuebner commit 7745a1dee0a687044888179e6e7fcd6d704992a9 Author: Fangzhi Zuo Date: Tue Aug 27 16:08:13 2024 -0400 drm/amdgpu/display: Fix a mistake in revert commit [why] It is to fix in try_disable_dsc() due to misrevert of commit 338567d17627 ("drm/amd/display: Fix MST BW calculation Regression") [How] Fix restoring minimum compression bw by 'max_kbps', instead of native bw 'stream_kbps' Signed-off-by: Fangzhi Zuo Reviewed-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit 5ee2d63ca1201ed23c6595cb2fc927222215bce3 Author: Daniele Ceraolo Spurio Date: Wed Aug 28 14:51:57 2024 -0700 drm/xe/gsc: Add debugfs to print GSC info This is useful for debug, in case something goes wrong with the GSC. The info includes the version information and the current value of the HECI1 status registers. Signed-off-by: Daniele Ceraolo Spurio Cc: John Harrison Cc: Alan Previn Reviewed-by: Julia Filipchuk Link: https://patchwork.freedesktop.org/patch/msgid/20240828215158.2743994-5-daniele.ceraolospurio@intel.com commit f7c2ea682d8ba17bfd37abd1e734348e0cf46c99 Author: Daniele Ceraolo Spurio Date: Wed Aug 28 14:51:56 2024 -0700 drm/xe/gsc: Track the platform in the compatibility version The GSC compatibility version number is reset for each new platform. To indicate this, the version includes a number that identifies the platform (102 = MTL, 104 = LNL); this matches what happens for the release version, where the major number also identifies a platform. To make it clearer in our logs that the compatibility version is specific to the platform, it is useful to include this platform number. However, given that our binary names already include the platform, it is not necessary to add this extra number there. Signed-off-by: Daniele Ceraolo Spurio Cc: John Harrison Cc: Alan Previn Reviewed-by: Julia Filipchuk Link: https://patchwork.freedesktop.org/patch/msgid/20240828215158.2743994-4-daniele.ceraolospurio@intel.com commit 7293859c51e1d7f923073aa46e2072333b3e143d Author: Daniele Ceraolo Spurio Date: Wed Aug 28 14:51:55 2024 -0700 drm/xe/gsc: Fix FW status if the firmware is already loaded We set the FW status to "TRANSFERRED" after the load completes and to "RUNNING"once we're done with proxy init, so do the same if we're trying to re-load the FW and it is already loaded. Note that there is no difference in driver behavior between the 2 states, but it's useful to be accurate when we dump the status for debug. Signed-off-by: Daniele Ceraolo Spurio Cc: John Harrison Cc: Alan Previn Reviewed-by: Julia Filipchuk Link: https://patchwork.freedesktop.org/patch/msgid/20240828215158.2743994-3-daniele.ceraolospurio@intel.com commit 2160f6f6e3cf6893a83357c3b82ff8589bdc0f08 Author: Daniele Ceraolo Spurio Date: Wed Aug 28 14:51:54 2024 -0700 drm/xe/gsc: Do not attempt to load the GSC multiple times The GSC HW is only reset by driver FLR or D3cold entry. We don't support the former at runtime, while the latter is only supported on DGFX, for which we don't support GSC. Therefore, if GSC failed to load previously there is no need to try again because the HW is stuck in the error state. An assert has been added so that if we ever add DGFX support we'll know we need to handle the D3 case. v2: use "< 0" instead of "!= 0" in the FW state error check (Julia). Fixes: dd0e89e5edc2 ("drm/xe/gsc: GSC FW load") Signed-off-by: Daniele Ceraolo Spurio Cc: John Harrison Cc: Alan Previn Cc: # v6.8+ Reviewed-by: Julia Filipchuk Link: https://patchwork.freedesktop.org/patch/msgid/20240828215158.2743994-2-daniele.ceraolospurio@intel.com commit 5d318b5959824e15d32f19b2224c69da89e98178 Author: Piotr Wojtaszczyk Date: Fri Jun 28 17:20:19 2024 +0200 dmaengine: Add dma router for pl08x in LPC32XX SoC LPC32XX connects few of its peripherals to pl08x DMA thru a multiplexer, this driver allows to route a signal request line thru the multiplexer for given peripheral. Signed-off-by: Piotr Wojtaszczyk Link: https://lore.kernel.org/r/20240628152022.274405-1-piotr.wojtaszczyk@timesys.com Signed-off-by: Vinod Koul commit 9542961494bf747a73413f925f8ea9ac410a4aec Author: Joy Zou Date: Mon Jul 1 15:02:32 2024 +0800 dmaengine: fsl-edma: add edma src ID check at request channel Check src ID to detect misuse of same src ID for multiple DMA channels. Signed-off-by: Joy Zou Reviewed-by: Frank Li Link: https://lore.kernel.org/r/20240701070232.2519179-3-joy.zou@nxp.com Signed-off-by: Vinod Koul commit 90d21f6e57a898ef02810404dd3866acaf707ebf Author: Joy Zou Date: Mon Jul 1 15:02:31 2024 +0800 dmaengine: fsl-edma: change to guard(mutex) within fsl_edma3_xlate() Introduce a scope guard to automatically unlock the mutex within fsl_edma3_xlate() to simplify the code. Prepare to add source ID checks in the future. Signed-off-by: Joy Zou Reviewed-by: Frank Li Link: https://lore.kernel.org/r/20240701070232.2519179-2-joy.zou@nxp.com Signed-off-by: Vinod Koul commit ae04342b5264fcf90a288a984a69ffb9e93904a7 Author: Arnd Bergmann Date: Fri Jul 19 12:23:12 2024 +0200 dmaengine: avoid non-constant format string Using an arbitrary string as a printf-style format can be a security problem if that string contains % characters, as the optionalal -Wformat-security flag points out: drivers/dma/dmaengine.c: In function '__dma_async_device_channel_register': drivers/dma/dmaengine.c:1073:17: error: format not a string literal and no format arguments [-Werror=format-security] 1073 | dev_set_name(&chan->dev->device, name); | ^~~~~~~~~~~~ Change this newly added instance to use "%s" as the format instead to pass the actual name. Fixes: 10b8e0fd3f72 ("dmaengine: add channel device name to channel registration") Signed-off-by: Arnd Bergmann Reviewed-by: Dave Jiang Link: https://lore.kernel.org/r/20240719102319.546622-1-arnd@kernel.org Signed-off-by: Vinod Koul commit 39dc2a4929f7be748b37a5070f41afe7bcb60706 Author: Fabio Estevam Date: Mon Aug 5 23:17:44 2024 -0300 dmaengine: imx-dma: Remove i.MX21 support i.MX21 support has been removed since commit 4b563a066611 ("ARM: imx: Remove imx21 support"). Remove the i.MX21 support inside the imx-dma driver. Signed-off-by: Fabio Estevam Reviewed-by: Peng Fan Link: https://lore.kernel.org/r/20240806021744.2524233-1-festevam@gmail.com Signed-off-by: Vinod Koul commit 2ccf4822683336f027a5c9f12cb2468e329125d9 Author: Fabio Estevam Date: Wed Aug 7 14:05:17 2024 -0300 dt-bindings: dma: fsl,imx-dma: Document the DMA clocks Document the IPG and AHB clocks that are needed by the DMA hardware as required properties. It is not possible to have DMA functional without the DMA clocks being turned on. Signed-off-by: Fabio Estevam Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240807170517.64290-1-festevam@gmail.com Signed-off-by: Vinod Koul commit e06c432312148ddb550ec55b004e32671657ea23 Author: Keguang Zhang Date: Fri Aug 9 18:30:59 2024 +0800 dmaengine: Loongson1: Add Loongson-1 APB DMA driver Add APB DMA driver for Loongson-1 SoCs. Reviewed-by: Jiaxun Yang Signed-off-by: Keguang Zhang Link: https://lore.kernel.org/r/20240809-loongson1-dma-v12-2-d9469a4a6b85@gmail.com Signed-off-by: Vinod Koul commit 7ea270bb93e4ce165bb4f834c29c05e9815b6ca8 Author: Keguang Zhang Date: Fri Aug 9 18:30:58 2024 +0800 dt-bindings: dma: Add Loongson-1 APB DMA Add devicetree binding document for Loongson-1 APB DMA. Reviewed-by: Conor Dooley Reviewed-by: Jiaxun Yang Signed-off-by: Keguang Zhang Link: https://lore.kernel.org/r/20240809-loongson1-dma-v12-1-d9469a4a6b85@gmail.com Signed-off-by: Vinod Koul commit 13113f750a4ae0b1770fa25dc94852977ebfb942 Author: Abin Joseph Date: Thu Aug 8 15:30:24 2024 +0530 dmaengine: zynqmp_dma: Add support for AMD Versal Gen 2 DMA IP ZynqMP DMA IP and AMD Versal Gen 2 DMA IP are similar but have different interrupt register offset. Create a dedicated compatible string to support Versal Gen 2 DMA IP with Irq register offset for interrupt Enable/Disable/Status/Mask functionality. Signed-off-by: Abin Joseph Reviewed-by: Radhey Shyam Pandey Link: https://lore.kernel.org/r/20240808100024.317497-3-abin.joseph@amd.com Signed-off-by: Vinod Koul commit 36545c6a68b858671cfeb71df682e8cc58b082da Author: Abin Joseph Date: Thu Aug 8 15:30:23 2024 +0530 dt-bindings: dmaengine: zynqmp_dma: Add a new compatible string Add compatible string "amd,versal2-dma-1.0" to support AMD Versal Gen 2 platform. AMD Versal Gen 2 has 8 LPD DMA IPs in PS that can be used as general purpose DMAs which is designed to support memory to memory and memory to IO buffer transfer. Versal Gen 2 DMA IP has different interrupt register offset. Signed-off-by: Abin Joseph Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240808100024.317497-2-abin.joseph@amd.com Signed-off-by: Vinod Koul commit 9af32b4a25f59e3a2423a5f87e738a29487242ce Author: Saket Dumbre Date: Tue Aug 27 11:24:10 2024 -0700 ACPICA: Setup for ACPICA release 20240827 ACPICA commit 86c762afe5bf915e8101a0455513368e2a60dd80 Link: https://github.com/acpica/acpica/commit/86c762af Signed-off-by: Saket Dumbre Signed-off-by: Rafael J. Wysocki commit dbd0ec3cf452c719b1a1fb558124752c540c5009 Author: Saket Dumbre Date: Mon Aug 26 12:05:08 2024 -0700 ACPICA: Allow for more flexibility in _DSM args ACPICA commit fbb651249ced5e19cc9c4452fec1408f595aa702 To eliminate annoying driver-side warnings. ASWG ECR to follow soon. Link: https://github.com/acpica/acpica/commit/fbb65124 Signed-off-by: Saket Dumbre Signed-off-by: Rafael J. Wysocki commit a0a2459b79414584af6c46dd8c6f866d8f1aa421 Author: Aleksandrs Vinarskis Date: Sun Aug 11 23:33:44 2024 +0200 ACPICA: iasl: handle empty connection_node ACPICA commit 6c551e2c9487067d4b085333e7fe97e965a11625 Link: https://github.com/acpica/acpica/commit/6c551e2c Signed-off-by: Aleksandrs Vinarskis Signed-off-by: Rafael J. Wysocki commit 6143f9616627ddbfdf827795745fa4d9db166bc2 Author: Dave Jiang Date: Thu Aug 8 16:18:01 2024 -0700 ACPICA: HMAT: Add extended linear address mode to MSCIS ACPICA commit aaa08569b81aa4d9ff59f91f00e589e98d499e6c Redefine the 2 reserved bytes at offset 28 of Memory Side Cache Information Structure as "Address Mode" and add defines of the new value. * 0 - Reserved (Unkown Address Mode) * 1 - Extended-linear (N direct-map aliases linearly mapped) * 2..65535 - Reserved (Unknown Address Mode) Link: https://github.com/acpica/acpica/commit/aaa08569 Signed-off-by: Dave Jiang Signed-off-by: Rafael J. Wysocki commit 5506544dc2e48199f0e917d0a0847562f7a5d78d Author: Adam Lackorzynski Date: Tue May 7 21:28:26 2024 +0200 ACPICA: Avoid warning for Dump Functions ACPICA commit 6031b34b5dbabfaaebe80e57e8e415790b51d285 Only include the functions acpi_rs_dump_resource_list and acpi_rs_dump_irq_list() if ACPI_DEBUGGER is defined, as specified in the header. This avoids the compiler warning by adding the ifdef for ACPI_DEBUGGER. Link: https://github.com/acpica/acpica/commit/6031b34b Signed-off-by: Rafael J. Wysocki commit dd067afe3f8cbe548fb8ac76eaf6e9adfea013b2 Author: Armin Wolf Date: Wed Apr 24 10:02:31 2024 +0200 ACPICA: Add support for Windows 11 22H2 _OSI string ACPICA commit f56218c4e4dc1d1f699662d0726ad9e7a0d58548 See: https://github.com/microsoft_docs/windows-driver-docs/commit/be9d1c211adf8fabe5a43de71c034b1b6d7372de Link: https://github.com/acpica/acpica/commit/f56218c4 Signed-off-by: Armin Wolf Signed-off-by: Rafael J. Wysocki commit db0a507cb24dc8aef0baa453739e0ceae056812c Author: Armin Wolf Date: Sat Oct 28 00:22:14 2023 +0200 ACPICA: Update integer-to-hex-string conversions ACPICA commit f2cb44f6deb6325a6b348b225fc82f565a870899 Add "0x" prefix for explicitly converted integers and suppress leading zeros in such a case. Provides compatibility with other ACPI implementations. Link: https://github.com/acpica/acpica/commit/f2cb44f6 Signed-off-by: Armin Wolf Signed-off-by: Rafael J. Wysocki commit 0e89a0fc55f025ab0f89a75dd3e5cdaf869d5ce9 Author: Armin Wolf Date: Sat Oct 28 00:04:16 2023 +0200 ACPICA: Add support for supressing leading zeros in hex strings ACPICA commit 86289439d9f8b9eda28c249da66ae230d6439491 Currently the leading_zeros argument has no effect when converting hex integers. Fix that. Link: https://github.com/acpica/acpica/commit/86289439 Signed-off-by: Armin Wolf Signed-off-by: Rafael J. Wysocki commit 76a09d941c5ce2b95c911edcc2ae1353ec9a4c83 Author: Armin Wolf Date: Fri Oct 27 23:54:21 2023 +0200 ACPICA: Allow for supressing leading zeros when using acpi_ex_convert_to_ascii() ACPICA commit 792a337104ce2c1729d33d76241b42b3214aa60f Allow to specifiy wether leading zeros should be supressed ot not when using acpi_ex_convert_to_ascii(). Link: https://github.com/acpica/acpica/commit/792a3371 Signed-off-by: Armin Wolf Signed-off-by: Rafael J. Wysocki commit 4fecf944c051ea852e98c062636bf5b4c7f5f8a7 Author: Fenghua Yu Date: Wed Aug 28 16:34:01 2024 -0700 dmaengine: idxd: Add new DSA and IAA device IDs for Diamond Rapids platform A new DSA device ID, 0x1212, and a new IAA device ID, 0x1216, are introduced for Diamond Rapids platform. Add the device IDs to the IDXD driver. The name "IAA" is used in new code instead of the old name "IAX". However, the "IAX" naming (e.g., IDXD_TYPE_IAX) is retained for legacy code compatibility. Signed-off-by: Fenghua Yu Reviewed-by: Dave Jiang Link: https://lore.kernel.org/r/20240828233401.186007-3-fenghua.yu@intel.com Signed-off-by: Vinod Koul commit f91f2a9879cc77db1f45f690f38f42698580416e Author: Fenghua Yu Date: Wed Aug 28 16:34:00 2024 -0700 dmaengine: idxd: Add a new DSA device ID for Granite Rapids-D platform A new DSA device ID, 0x11fb, is introduced for the Granite Rapids-D platform. Add the device ID to the IDXD driver. Since a potential security issue has been fixed on the new device, it's secure to assign the device to virtual machines, and therefore, the new device ID will not be added to the VFIO denylist. Additionally, the new device ID may be useful in identifying and addressing any other potential issues with this specific device in the future. The same is also applied to any other new DSA/IAA devices with new device IDs. Signed-off-by: Fenghua Yu Reviewed-by: Dave Jiang Link: https://lore.kernel.org/r/20240828233401.186007-2-fenghua.yu@intel.com Signed-off-by: Vinod Koul commit e6169a8ffee8a012badd8c703716e761ce851b15 Author: Armin Wolf Date: Sun Apr 14 21:50:33 2024 +0200 ACPICA: Fix memory leak if acpi_ps_get_next_field() fails ACPICA commit 1280045754264841b119a5ede96cd005bc09b5a7 If acpi_ps_get_next_field() fails, the previously created field list needs to be properly disposed before returning the status code. Link: https://github.com/acpica/acpica/commit/12800457 Signed-off-by: Armin Wolf [ rjw: Rename local variable to avoid compiler confusion ] Signed-off-by: Rafael J. Wysocki commit 6f039cc42f21985ef0c31eb315a84f2364bcb396 Author: Artur Paszkiewicz Date: Tue Aug 27 17:35:36 2024 +0200 md/raid5: rename wait_for_overlap to wait_for_reshape The only remaining uses of wait_for_overlap are related to reshape so rename it accordingly. Signed-off-by: Artur Paszkiewicz Link: https://lore.kernel.org/r/20240827153536.6743-4-artur.paszkiewicz@intel.com Signed-off-by: Song Liu commit 0e4aac7366666e1377ce7669b7f63b94c1d616e6 Author: Artur Paszkiewicz Date: Tue Aug 27 17:35:35 2024 +0200 md/raid5: only add to wq if reshape is in progress Now that actual overlaps are not handled on the wait_for_overlap wq anymore, the remaining cases when we wait on this wq are limited to reshape. If reshape is not in progress, don't add to the wq in raid5_make_request() because add_wait_queue() / remove_wait_queue() operations take a spinlock and cause noticeable contention when multiple threads are submitting requests to the mddev. Signed-off-by: Artur Paszkiewicz Link: https://lore.kernel.org/r/20240827153536.6743-3-artur.paszkiewicz@intel.com Signed-off-by: Song Liu commit e6a03207b925aebe10d6aacd8e040ccdaa731bff Author: Artur Paszkiewicz Date: Tue Aug 27 17:35:34 2024 +0200 md/raid5: use wait_on_bit() for R5_Overlap Convert uses of wait_for_overlap wait queue with R5_Overlap bit to wait_on_bit() / wake_up_bit(). Signed-off-by: Artur Paszkiewicz Link: https://lore.kernel.org/r/20240827153536.6743-2-artur.paszkiewicz@intel.com Signed-off-by: Song Liu commit 2186fe21e57aada45f365a79cdb6d21140a539e2 Author: Simon Trimmer Date: Thu Aug 29 16:11:14 2024 +0000 ALSA: hda/realtek: Autodetect Cirrus Logic companion amplifier bindings We do not need model specific HDA quirks to construct the component binding details of Cirrus Logic companion amplifiers as this information is already present in the ACPI. Quirks are then only required for special workarounds not described in the ACPI such as internal configuration of the Realtek codecs. The codec pointer is now initialized in hda_component_manager_init() so that we can detect when companion amplifiers are found in the ACPI but the SSID invokes a quirk that also attempts to create the component binding. Signed-off-by: Simon Trimmer Link: https://patch.msgid.link/20240829161114.140938-1-simont@opensource.cirrus.com Signed-off-by: Takashi Iwai commit dfe5b1fe04ba78be8ae78def741d3108cd7d4f8d Merge: 5e1c5c5a687bb3 4178d78cd7a865 Author: Takashi Iwai Date: Thu Aug 29 18:16:24 2024 +0200 Merge branch 'for-linus' into for-next Pull 6.11 devel branch for applying further updates for Cirrus codecs Signed-off-by: Takashi Iwai commit 6b99dc62d940758455b0c7e7ffbf3a63fecc87cb Author: Krzysztof Kozlowski Date: Fri Aug 9 13:01:22 2024 +0200 ASoC: codecs: wsa884x: Implement temperature reading and hwmon Read temperature of the speaker and expose it via hwmon interface, which will be later used during calibration of speaker protection algorithms. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240809110122.137761-1-krzysztof.kozlowski@linaro.org Signed-off-by: Mark Brown commit 5accb265f7a1b23e52b0ec42313d1e12895552f4 Author: Armin Wolf Date: Wed Apr 3 20:50:11 2024 +0200 ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails ACPICA commit 2802af722bbde7bf1a7ac68df68e179e2555d361 If acpi_ps_get_next_namepath() fails, the previously allocated union acpi_parse_object needs to be freed before returning the status code. The issue was first being reported on the Linux ACPI mailing list: Link: https://lore.kernel.org/linux-acpi/56f94776-484f-48c0-8855-dba8e6a7793b@yandex.ru/T/ Link: https://github.com/acpica/acpica/commit/2802af72 Signed-off-by: Armin Wolf Signed-off-by: Rafael J. Wysocki commit cff8a9f66a932011f32b102b17a40635bf3a83d8 Author: Adam Young Date: Fri Mar 22 12:01:51 2024 -0400 ACPICA: Allow PCC Data Type in MCTP resource. ACPICA commit f0776a465cc2c20393bec534c16bdee4a78f7bb7 explicitly allow QWord address space description type to be 0xA to indicate it refers to a Platform Communication channel IAW ACPI_ECR_PCC_DESCRIPTORS_CF_V2 https://bugzilla.tianocore.org/show_bug.cgi?id=4594 An entity in a DSDT or in SSDTs that requires a platform communication channel table (PCCT) entry to communicate with a remote service will have a single value that is the index of the entry in the PCCT. This data type with have a resource_type value of 0xA. This value indicates that the type shares the same footprint as a Dword_space section. Link: https://github.com/acpica/acpica/commit/f0776a46 Signed-off-by: Adam Young Signed-off-by: Rafael J. Wysocki commit c82c507126c9c9db350be28f14c83fad1c7969ae Author: Vasily Khoruzhick Date: Tue Apr 2 21:12:40 2024 -0700 ACPICA: executer/exsystem: Don't nag user about every Stall() violating the spec ACPICA commit 129b75516fc49fe1fd6b8c5798f86c13854630b3 Stop nagging user about every Stall() that violates the spec On my Dell XPS 15 7590 I get hundreds of these warnings after few hours of uptime: $ dmesg | grep "fix the firmware" | wc -l 261 I cannot fix the firmware and I doubt that Dell cares about 4 year old laptop either Fixes: ace8f1c54a02 ("ACPICA: executer/exsystem: Inform users about ACPI spec violation") Link: https://github.com/acpica/acpica/commit/129b7551 Signed-off-by: Vasily Khoruzhick Signed-off-by: Rafael J. Wysocki commit 632b746b108e3c62e0795072d00ed597371c738a Author: Vasily Khoruzhick Date: Tue Apr 2 21:09:45 2024 -0700 ACPICA: Implement ACPI_WARNING_ONCE and ACPI_ERROR_ONCE ACPICA commit 2ad4e6e7c4118f4cdfcad321c930b836cec77406 In some cases it is not practical nor useful to nag user about some firmware errors that they cannot fix. Add a macro that will print a warning or error only once to be used in these cases. Link: https://github.com/acpica/acpica/commit/2ad4e6e7 Signed-off-by: Vasily Khoruzhick Signed-off-by: Rafael J. Wysocki commit cf94e10a037c337559bf6c5486cc1abdf4900a08 Author: Punit Agrawal Date: Wed Feb 7 19:54:20 2024 +0000 ACPICA: MPAM: Correct the typo in struct acpi_mpam_msc_node member ACPICA commit 3da3f7d776d17e9bfbb15de88317de8d7397ce38 A member of the struct acpi_mpam_msc_node that represents a Memory System Controller node structure - num_resource_nodes has a typo. Fix the typo No functional change. Link: https://github.com/acpica/acpica/commit/3da3f7d7 Signed-off-by: Punit Agrawal Signed-off-by: Rafael J. Wysocki commit c634d6f4e12d00c954410ba11db45799a8c77b5b Author: Andrii Nakryiko Date: Tue Aug 27 13:37:21 2024 -0700 libbpf: Fix bpf_object__open_skeleton()'s mishandling of options We do an ugly copying of options in bpf_object__open_skeleton() just to be able to set object name from skeleton's recorded name (while still allowing user to override it through opts->object_name). This is not just ugly, but it also is broken due to memcpy() that doesn't take into account potential skel_opts' and user-provided opts' sizes differences due to backward and forward compatibility. This leads to copying over extra bytes and then failing to validate options properly. It could, technically, lead also to SIGSEGV, if we are unlucky. So just get rid of that memory copy completely and instead pass default object name into bpf_object_open() directly, simplifying all this significantly. The rule now is that obj_name should be non-NULL for bpf_object_open() when called with in-memory buffer, so validate that explicitly as well. We adopt bpf_object__open_mem() to this as well and generate default name (based on buffer memory address and size) outside of bpf_object_open(). Fixes: d66562fba1ce ("libbpf: Add BPF object skeleton support") Reported-by: Daniel Müller Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Reviewed-by: Daniel Müller Acked-by: Eduard Zingerman Link: https://lore.kernel.org/bpf/20240827203721.1145494-1-andrii@kernel.org commit 4d57a840560c3ff04fed07a06b3aec7cbac4bff0 Author: Jinjie Ruan Date: Tue Aug 27 19:46:04 2024 +0800 soc/tegra: pmc: Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Signed-off-by: Thierry Reding commit 12803ded10b88b376026c544f1ebce62c44d64e0 Author: Jon Hunter Date: Thu Aug 29 14:42:52 2024 +0100 arm64: defconfig: Enable Tegra194 PCIe Endpoint Build the Tegra194 PCIe Endpoint driver as a module by default for ARM64. Signed-off-by: Jon Hunter Signed-off-by: Thierry Reding commit 703c730794cade5298a4c1c068b9c92f19a05a23 Author: Jose Marinho Date: Wed Mar 20 19:31:47 2024 +0000 ACPICA: Implement the Dword_PCC Resource Descriptor Macro ACPICA commit 1209ecf682e03d9ef0c22f4986a2e53b03bd2985 The Dword_pcc (alongside word_pcc and Qword_pcc) were accepted to ACPI inclusion via a code-first process. This patch implements support in iASL for Dword_pcc. Link: https://bugzilla.tianocore.org/show_bug.cgi?id=4594 Link: https://github.com/acpica/acpica/commit/1209ecf6 Signed-off-by: Jose Marinho Signed-off-by: Rafael J. Wysocki commit 93ff9686228aa705714c3fe0706ed9ce9410037a Author: Dara Stotland Date: Mon Aug 26 16:47:25 2024 +0000 arm64: tegra: Add thermal nodes to AGX Orin SKU8 One of the key differences between p3701-0000 and p3701-0008 is the temperature range. Add this info for p3701-0008. Signed-off-by: Dara Stotland Reviewed-by: Brad Griffis Signed-off-by: Thierry Reding commit 1f190117a1ed789caee0eaf83591d2390a453874 Author: Dara Stotland Date: Mon Aug 26 16:47:24 2024 +0000 arm64: tegra: Move BPMP nodes to AGX Orin module All SKUs of the p3701 module contain a temp sensor connected to the BPMP I2C. Move the associated nodes from tegra234-p3701-0008.dtsi to tegra234-p3701.dtsi. Add missing compatible. Signed-off-by: Dara Stotland Reviewed-by: Brad Griffis Signed-off-by: Thierry Reding commit 7662fe9639d8d0022630e2b3a1a8b231cf10ec07 Author: Dara Stotland Date: Mon Aug 26 16:47:23 2024 +0000 arm64: tegra: Move padctl supply nodes to AGX Orin module Some padctl supply nodes currently reside in board file, when they should reside on module level. The nodes are part of module, not board. Move these nodes to the correct AGX Orin module file. Signed-off-by: Dara Stotland Reviewed-by: Brad Griffis Signed-off-by: Thierry Reding commit d075995c114bd1a966020c3f056c7190e1a58528 Author: Dara Stotland Date: Mon Aug 26 16:47:22 2024 +0000 arm64: tegra: Move AGX Orin nodes to correct location Some of the nodes inside the AGX Orin module file are in the wrong location. In particular, the SD card interface and two of the PCIe regulators in the module file should instead reside in the board file. These components are not part of the module. They are part of the carrier board. Move these nodes to the correct location. Fixes: cd42b26a527f ("arm64: tegra: Add regulators required for PCIe") Fixes: d71b893a119d ("arm64: tegra: Add Tegra234 SDMMC1 device tree node") Signed-off-by: Dara Stotland Reviewed-by: Brad Griffis Signed-off-by: Thierry Reding commit a034db9e4dc82c07025f90778f960b0c806689b7 Author: Dara Stotland Date: Mon Aug 26 16:47:21 2024 +0000 arm64: tegra: Combine IGX Orin board files Current IGX Orin structure has both a top-level module+board file as well as a board file. Most of the data in the board-file is closely related to the module itself. The benefit of this extra file is outweighed by the additional complexity. Merge the board file into the module+board file for simplicity. Signed-off-by: Dara Stotland Reviewed-by: Brad Griffis Signed-off-by: Thierry Reding commit 7a3f6cb1deb84650b1aa7c7e9bf0501810410e26 Author: Dara Stotland Date: Mon Aug 26 16:47:20 2024 +0000 arm64: tegra: Combine AGX Orin board files The current AGX Orin structure has both a top-level module+board file as well as a board file. Most of the data in the board-file is closely related to the module itself. The benefit of this extra file is outweighed by the additional complexity. Merge the board file into the module+board file for simplicity. Signed-off-by: Dara Stotland Reviewed-by: Brad Griffis Signed-off-by: Thierry Reding commit ab9cd79d418fa27123aa11bc1487feb4e1b4da91 Author: Dara Stotland Date: Mon Aug 26 16:47:19 2024 +0000 arm64: tegra: Add common nodes to AGX Orin module The AGX Orin module boards contain common nodes that can be moved to the included module dtsi. This eliminates redundancy within the files and reduces lines of code. Data from tegra234-p3701-0000 and tegra234-p3701-0008 that is common is now in tegra234-p3701.dtsi. Signed-off-by: Dara Stotland Reviewed-by: Brad Griffis Signed-off-by: Thierry Reding commit 8f4c834d89150e9b1c6c3e006668ed6fd9ee2b15 Author: Tomasz Maciej Nowak Date: Thu Aug 22 20:41:02 2024 +0200 ARM: tegra: Wire up two front panel LEDs on TrimSlice Pins responsible for controlling these LEDs need to have tristate control removed if we want them as GPIOs. This change aligns with pinmux configuration of "dte" pin group in downstream kernel[1]. These LEDs had no function assigned on vendor kernel and there is no label on the case, the only markings are on PCB which are part of node names (ds1 marking is on power LED controlled by PMIC), so generic term is assigned as the function. 1. https://github.com/compulab/trimslice-android-kernel/blob/upstream/arch/arm/mach-tegra/board-trimslice-pinmux.c#L45 Signed-off-by: Tomasz Maciej Nowak Signed-off-by: Thierry Reding commit 4aca2bef90bd12969037468f71568fbef994a254 Author: Sia Jee Heng Date: Wed Feb 28 22:41:55 2024 -0800 ACPICA: Headers: Add RISC-V SBI Subtype to DBG2 ACPICA commit 6f4c900bcf9ca065129353f17a83773aa58095aa Include the RISC-V SBI debugging subtype as documented in DBG2 dated April 10, 2023 [1]. Link: https://learn.microsoft.com/en-us/windows-hardware/drivers/bringup/acpi-debug-port-table # [1] Link: https://github.com/acpica/acpica/commit/6f4c900b Signed-off-by: Sia Jee Heng Signed-off-by: Rafael J. Wysocki commit a50d5dcd28154c1a38aa1d72b1678715aecf5464 Author: Tomasz Maciej Nowak Date: Wed Aug 21 20:58:05 2024 +0200 arm64: tegra: Wire up WiFi on Jetson TX1 module P2180 modules have WiFi in form of BCM4354 chip, and kernel driver supports this one, so enable it for all users. The necessary calibration file can be obtained from Jetson Linux Archive. nvram.txt file is located in "Driver Package (BSP)" in nv_tegra/l4t_deb_packages/nvidia-l4t-firmware__arm64.deb archive. The rest of necessary blobs can be obtained from official Linux Firmware repository or (newer ones) from Infineon ifx-linux-firmware repository (look in older releases). Signed-off-by: Tomasz Maciej Nowak Signed-off-by: Thierry Reding commit 6eba6471bbb7e3bf27e2b540fb7282848a58cd17 Author: Tomasz Maciej Nowak Date: Wed Aug 21 20:58:04 2024 +0200 arm64: tegra: Wire up Bluetooth on Jetson TX1 module P2180 modules have Bluetooth in form of BCM4354 chip, and kernel driver supports this one, so enable it for all users. The necessary firmware can be obtained from Jetson Linux Archive. bcm4354.hcd file is located in "Driver Package (BSP)" in nv_tegra/l4t_deb_packages/nvidia-l4t-firmware__arm64.deb archive. Signed-off-by: Tomasz Maciej Nowak Signed-off-by: Thierry Reding commit 57880a7966be510cdaa08ab76b9d63e3df786bf0 Author: James Clark Date: Mon Jul 22 11:11:44 2024 +0100 perf: cs-etm: Allocate queues for all CPUs Make cs_etm__setup_queue() setup a queue even if it's empty, and pre-allocate queues based on the max CPU that was recorded. In per-CPU mode aux queues are indexed based on CPU ID even if all CPUs aren't recorded, sparse queue arrays aren't used. This will allow HW_IDs to be saved even if no aux data was received in that queue without having to call cs_etm__setup_queue() from two different places. Reviewed-by: Mike Leach Signed-off-by: James Clark Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexandre Torgue Cc: Anshuman Khandual Cc: Ganapatrao Kulkarni Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Maxime Coquelin Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Suzuki Poulouse Cc: Will Deacon Link: https://lore.kernel.org/r/20240722101202.26915-3-james.clark@linaro.org Signed-off-by: James Clark Signed-off-by: Arnaldo Carvalho de Melo commit 3ed4e0986028867d1a2fe68da933dd935b12af9e Author: Tomasz Maciej Nowak Date: Wed Aug 21 20:58:03 2024 +0200 arm64: tegra: Wire up power sensors on Jetson TX1 DevKit One INA3221 sensor is located on P2180 module and the other two are on P2597 base board. Signed-off-by: Tomasz Maciej Nowak Signed-off-by: Thierry Reding commit 7741e3c5f848e867c58c6e612c63a27c1681a493 Author: Sia Jee Heng Date: Wed Feb 28 22:39:50 2024 -0800 ACPICA: SPCR: Update the SPCR table to version 4 ACPICA commit 1eeff52124a45d5cd887ba5687bbad0116e4d211 The Microsoft Serial Port Console Redirection (SPCR) specification revision 1.09 comprises additional fields [1]. The newly added fields are: - RISC-V SBI - Precise Baud Rate - namespace_string_length - namespace_string_offset - namespace_string Additionaly, this code will support up to SPCR revision 1.10, as it includes only minor wording changes. Link: https://learn.microsoft.com/en-us/windows-hardware/drivers/serports/serial-port-console-redirection-table # [1] Link: https://github.com/acpica/acpica/commit/1eeff521 Signed-off-by: Sia Jee Heng Signed-off-by: Rafael J. Wysocki commit b6aa0de9a53a231eb068ce1e62b5e7ec9e30e627 Author: James Clark Date: Mon Jul 22 11:11:43 2024 +0100 perf cs-etm: Create decoders after both AUX and HW_ID search passes Both of these passes gather information about how to create the decoders. AUX records determine formatted/unformatted, and the HW_IDs determine the traceID/metadata mappings. Therefore it makes sense to cache the information and wait until both passes are over until creating the decoders, rather than creating them at the first HW_ID found. This will allow a simplification of the creation process where cs_etm_queue->traceid_list will exclusively used to create the decoders, rather than the current two methods depending on whether the trace is formatted or not. Previously the sample CPU from the AUX record was used to initialize the decoder CPU, but actually sample CPU == AUX queue index in per-CPU mode, so saving the sample CPU isn't required. Similarly formatted/unformatted was used upfront to create the decoders, but now it's cached until later. Reviewed-by: Anshuman Khandual Reviewed-by: Mike Leach Signed-off-by: James Clark Signed-off-by: James Clark Tested-by: Ganapatrao Kulkarni Tested-by: Leo Yan Acked-by: Suzuki Poulouse Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexandre Torgue Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Maxime Coquelin Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Will Deacon Link: https://lore.kernel.org/r/20240722101202.26915-2-james.clark@linaro.org Signed-off-by: Arnaldo Carvalho de Melo commit 6e1a196425fcd50d7d29fe7eb36f2fe2da8e0018 Author: Vedant Deshpande Date: Fri Aug 16 18:43:48 2024 +0000 arm64: tegra: Add p3767 PCIe C4 EP details Add implementation details for Orin NX/Nano PCIe EP on C4. Signed-off-by: Vedant Deshpande Signed-off-by: Thierry Reding commit 0580286d0d22e6508701dff1397bb7e66386c359 Author: Vedant Deshpande Date: Fri Aug 16 18:43:47 2024 +0000 arm64: tegra: Add Tegra234 PCIe C4 EP definition Add PCIe C4 EP controller definition in device tree for Tegra234 devices. Signed-off-by: Vedant Deshpande Signed-off-by: Thierry Reding commit ff418f34ba44d8ff6cea953dd79546f3e4c6c807 Author: Zhang Rui Date: Wed Mar 20 13:15:08 2024 +0800 ACPICA: Complete CXL 3.0 CXIMS structures ACPICA commit eb2a2ff303416fb3f6c425d519dbcd6988dbd91f Commit 2d8dc0383d3c9 ("Add CXL 3.0 structures (CXIMS & RDPAS) to the CEDT table") introduces basic support for CXL XOR Interleave Math Structure (CXIMS). Complete the CXIMS structures. No functional change. Link: https://github.com/acpica/acpica/commit/eb2a2ff3 Signed-off-by: Zhang Rui Signed-off-by: Rafael J. Wysocki commit ebe899563a83c9bb578248eb4a4d56414275d9fa Author: Diogo Ivo Date: Thu Aug 15 16:50:40 2024 +0100 arm64: tegra: Add wp-gpio for P2597's external card slot Add the definition for the wp-gpio of the P2597's external card slot, enabling this functionality. Tested on a P2597 board. Signed-off-by: Diogo Ivo Tested-by: Tomasz Maciej Nowak Signed-off-by: Thierry Reding commit 46a26db82748a9434fae662738ff80e350b179ee Author: Diogo Ivo Date: Thu Aug 15 16:50:39 2024 +0100 arm64: tegra: Fix gpio for P2597 vmmc regulator The current declaration is off-by-one and actually corresponds to the wp-gpio of the external slot. Tested on a P2597 board. Signed-off-by: Diogo Ivo Tested-by: Tomasz Maciej Nowak Signed-off-by: Thierry Reding commit 7afea7bc49c5482ac11fc4488230827edc51e28a Author: Adrien Destugues Date: Tue Dec 12 12:28:17 2023 +0100 ACPICA: haiku: Fix invalid value used for semaphores ACPICA commit 49fe4f25483feec2f685b204ef19e28d92979e95 In Haiku, semaphores are represented by integers, not pointers. So, we can't use NULL as the invalid/destroyed value, the correct value is -1. Introduce a platform overridable define to allow this. Fixes #162 (which was closed after coming to the conclusion that this should be done, but the change was never done). Link: https://github.com/acpica/acpica/commit/49fe4f25 Signed-off-by: Rafael J. Wysocki commit c20ebc7fbd2ac3af28e8c712cdaf5b20b524bfba Author: David Heidelberg Date: Fri Jul 5 16:52:43 2024 -0700 dt-bindings: arm: tegra: Document Nyan, all revisions in kernel tree Avoid firing useless warnings when running make dtbs_check Signed-off-by: David Heidelberg Acked-by: Rob Herring (Arm) Signed-off-by: Thierry Reding commit c6d17e1a427057ce1b414d068bc5451c1588e16a Author: Svyatoslav Ryhel Date: Tue Aug 6 15:39:06 2024 +0300 ARM: tegra: tf701t: Configure USB Fixes issue when resuming after suspend made USB in peripheral mode inaccessible. Signed-off-by: Svyatoslav Ryhel Signed-off-by: Thierry Reding commit 8c80f44126da11ddcd478e1983426223a327e486 Author: Svyatoslav Ryhel Date: Tue Aug 6 15:39:05 2024 +0300 ARM: tegra: tf701t: Use dedicated backlight regulator Downstream kernel states that backlight has no actual enable GPIO and uses fixed regulator. Signed-off-by: Svyatoslav Ryhel Signed-off-by: Thierry Reding commit 003b99aa3044818a62464185551285bbfb2acad1 Author: Svyatoslav Ryhel Date: Tue Aug 6 15:39:04 2024 +0300 ARM: tegra: tf701t: Re-group GPIO keys Group GPIO keys into keys and switches. Signed-off-by: Svyatoslav Ryhel Signed-off-by: Thierry Reding commit 1731cbba9f14ffdf8243ec75fedeff92c664b3bc Author: Svyatoslav Ryhel Date: Tue Aug 6 15:39:03 2024 +0300 ARM: tegra: tf701t: Bind WIFI SDIO and EMMC Add MMC nodes configuration along with WIFI binding to ASUS TF701T device-tree. Signed-off-by: Svyatoslav Ryhel Signed-off-by: Thierry Reding commit e4cee35431c83c0a9e642822e70b7b8d2a0a73d3 Author: Svyatoslav Ryhel Date: Tue Aug 6 15:39:02 2024 +0300 ARM: tegra: tf701t: Complete sound bindings With these changes sound works, only UCM configs are needed for complete support. Signed-off-by: Svyatoslav Ryhel Signed-off-by: Thierry Reding commit c79e35e6067fae709ba8c986d222704cd03fef68 Author: Svyatoslav Ryhel Date: Tue Aug 6 15:39:01 2024 +0300 ARM: tegra: tf701t: Adjust sensors nodes Complete and adjust magnetometer, thermal sensor, motion tracker, power and light sensors according to available sources. Signed-off-by: Svyatoslav Ryhel Signed-off-by: Thierry Reding commit 6ca426a0950496193a25df9754d78ab4bfd5e8b7 Author: Svyatoslav Ryhel Date: Tue Aug 6 15:39:00 2024 +0300 ARM: tegra: tf701t: Add Bluetooth node Add serial node along with bluetooth node to ASUS TF701T device-tree. Signed-off-by: Svyatoslav Ryhel Signed-off-by: Thierry Reding commit fceb6acd5d655b5087dda5291e1641db5c2b960a Author: Svyatoslav Ryhel Date: Tue Aug 6 15:38:59 2024 +0300 ARM: tegra: tf701t: Add HDMI bindings Add HDMI nodes to ASUS TF701T device-tree. Signed-off-by: Svyatoslav Ryhel Signed-off-by: Thierry Reding commit 1f02c9fb3aab5989070edaee97e875828efe2aa1 Author: Svyatoslav Ryhel Date: Tue Aug 6 15:38:58 2024 +0300 ARM: tegra: tf701t: Correct and complete PMIC and PMC bindings Add missing parts of PMIC complex, extend PMC binding and add missing fixed regulators. Additionally, refresh naming to better reflect regulator purpose. Signed-off-by: Svyatoslav Ryhel Signed-off-by: Thierry Reding commit 984d444a1026c3357a7e0a227616efab82de9331 Author: Svyatoslav Ryhel Date: Tue Aug 6 15:38:57 2024 +0300 ARM: tegra: tf701t: Bind VDE device Add Video Decoder Engine node to ASUS TF701T device-tree. Signed-off-by: Svyatoslav Ryhel Signed-off-by: Thierry Reding commit b457e191a740ece881fa26a370f606bd833d8e28 Author: Svyatoslav Ryhel Date: Tue Aug 6 15:38:56 2024 +0300 ARM: tegra: tf701t: Use unimomentary pinmux setup Mimic original downstream board behavior to set up all pinmux at once. Per-device pinmux is good but we have no complete board schematics to allow such luxury. Signed-off-by: Svyatoslav Ryhel Signed-off-by: Thierry Reding commit ce4a60592ee03e8f6900bf9bf2a6108cd1a9903c Author: Hongbo Li Date: Wed Aug 28 20:24:50 2024 +0800 lsm: Use IS_ERR_OR_NULL() helper function Use the IS_ERR_OR_NULL() helper instead of open-coding a NULL and an error pointer checks to simplify the code and improve readability. Signed-off-by: Hongbo Li Signed-off-by: Paul Moore commit a74549dd55d21612171334fb70e45241d0ce0487 Author: Jani Nikula Date: Wed Aug 28 14:19:09 2024 +0300 drm/i915: deprecate the i915.modeset module parameter The i915.modeset parameter doesn't really provide any useful benefit over the nomodeset kernel parameter. Anything that i915.modeset does can be achieved via nomodeset or not probing i915 at all. Unfortunately, the i915.modeset parameter is widely referenced on various forums, and removing it is not that simple. Start off by deprecating it in the module parameter documentation, and logging a warning message on non-default values. Cc: Daniel Veter Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/2c63e2048eed64f728478fbcfc84f51c7f3212e6.1724843853.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit b2fcb48214980adf6687dda84fa33f01e9a47e28 Author: Jani Nikula Date: Wed Aug 28 14:19:08 2024 +0300 drm/i915: fail module probe on nomodeset and i915.modeset=0 Since commit b30324adaf8d ("drm/i915: Deprecated UMS support") we've silently failed the probe, without propagating errors, on nomodeset and i915.modeset=0. This has been to not upset userspace. See the above commit for details. Since then, we've removed both the UMS and KMS kconfig options in commit 03dae59c72ff ("drm/i915: Ditch UMS config option") and commit fd930478fb79 ("drm/i915: Remove KMS Kconfig option") respectively. Another ten years or so have passed. Continue with the deprecation by actually failing the probe with nomodeset and i915.modeset=0. Cc: Daniel Veter Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/1f34651ae8ae96dd5ecd9969b5bc43d23feda08c.1724843853.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 0fd77ae4a3c94eca3f07e01083680ad0056df628 Author: Arnaldo Carvalho de Melo Date: Thu Aug 29 11:46:40 2024 -0300 Revert "tools build: Remove leftover libcap tests that prevents fast path feature detection from working" Ian pointed out that the libcap feature test is also used by bpftool, so we can't remove it just because perf stopped using it, revert the removal of the feature test. Since both perf and libcap uses the fast path feature detection (tools/build/feature/test-all.c), probably the best thing is to keep libcap-devel when building perf even it not being used there. This reverts commit 47b3b6435e4bfb61ae8ffc63a11bd3c310f69acf. Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Signed-off-by: Arnaldo Carvalho de Melo commit be03b30b7aa99aca876fbc7c1c1b73b2d0339321 Author: Fei Shao Date: Wed Aug 28 18:14:47 2024 +0800 drm/mediatek: Use spin_lock_irqsave() for CRTC event lock Use the state-aware spin_lock_irqsave() and spin_unlock_irqrestore() to avoid unconditionally re-enabling the local interrupts. Fixes: 411f5c1eacfe ("drm/mediatek: handle events when enabling/disabling crtc") Signed-off-by: Fei Shao Link: https://patchwork.kernel.org/project/dri-devel/patch/20240828101511.3269822-1-fshao@chromium.org/ Signed-off-by: Chun-Kuang Hu commit ae98dbf43d755b4e111fcd086e53939bef3e9a1a Author: Jens Axboe Date: Fri Aug 9 11:20:45 2024 -0600 io_uring/kbuf: add support for incremental buffer consumption By default, any recv/read operation that uses provided buffers will consume at least 1 buffer fully (and maybe more, in case of bundles). This adds support for incremental consumption, meaning that an application may add large buffers, and each read/recv will just consume the part of the buffer that it needs. For example, let's say an application registers 1MB buffers in a provided buffer ring, for streaming receives. If it gets a short recv, then the full 1MB buffer will be consumed and passed back to the application. With incremental consumption, only the part that was actually used is consumed, and the buffer remains the current one. This means that both the application and the kernel needs to keep track of what the current receive point is. Each recv will still pass back a buffer ID and the size consumed, the only difference is that before the next receive would always be the next buffer in the ring. Now the same buffer ID may return multiple receives, each at an offset into that buffer from where the previous receive left off. Example: Application registers a provided buffer ring, and adds two 32K buffers to the ring. Buffer1 address: 0x1000000 (buffer ID 0) Buffer2 address: 0x2000000 (buffer ID 1) A recv completion is received with the following values: cqe->res 0x1000 (4k bytes received) cqe->flags 0x11 (CQE_F_BUFFER|CQE_F_BUF_MORE set, buffer ID 0) and the application now knows that 4096b of data is available at 0x1000000, the start of that buffer, and that more data from this buffer will be coming. Now the next receive comes in: cqe->res 0x2010 (8k bytes received) cqe->flags 0x11 (CQE_F_BUFFER|CQE_F_BUF_MORE set, buffer ID 0) which tells the application that 8k is available where the last completion left off, at 0x1001000. Next completion is: cqe->res 0x5000 (20k bytes received) cqe->flags 0x1 (CQE_F_BUFFER set, buffer ID 0) and the application now knows that 20k of data is available at 0x1003000, which is where the previous receive ended. CQE_F_BUF_MORE isn't set, as no more data is available in this buffer ID. The next completion is then: cqe->res 0x1000 (4k bytes received) cqe->flags 0x10001 (CQE_F_BUFFER|CQE_F_BUF_MORE set, buffer ID 1) which tells the application that buffer ID 1 is now the current one, hence there's 4k of valid data at 0x2000000. 0x2001000 will be the next receive point for this buffer ID. When a buffer will be reused by future CQE completions, IORING_CQE_BUF_MORE will be set in cqe->flags. This tells the application that the kernel isn't done with the buffer yet, and that it should expect more completions for this buffer ID. Will only be set by provided buffer rings setup with IOU_PBUF_RING INC, as that's the only type of buffer that will see multiple consecutive completions for the same buffer ID. For any other provided buffer type, any completion that passes back a buffer to the application is final. Once a buffer has been fully consumed, the buffer ring head is incremented and the next receive will indicate the next buffer ID in the CQE cflags. On the send side, the application can manage how much data is sent from an existing buffer by setting sqe->len to the desired send length. An application can request incremental consumption by setting IOU_PBUF_RING_INC in the provided buffer ring registration. Outside of that, any provided buffer ring setup and buffer additions is done like before, no changes there. The only change is in how an application may see multiple completions for the same buffer ID, hence needing to know where the next receive will happen. Note that like existing provided buffer rings, this should not be used with IOSQE_ASYNC, as both really require the ring to remain locked over the duration of the buffer selection and the operation completion. It will consume a buffer otherwise regardless of the size of the IO done. Signed-off-by: Jens Axboe commit 6733e678ba1226ad0df94f0bb095df121c54d701 Author: Jens Axboe Date: Tue Aug 27 08:26:07 2024 -0600 io_uring/kbuf: pass in 'len' argument for buffer commit In preparation for needing the consumed length, pass in the length being completed. Unused right now, but will be used when it is possible to partially consume a buffer. Signed-off-by: Jens Axboe commit 641a6816795b208aa7ccac751acaae580897db10 Author: Jens Axboe Date: Tue Aug 20 07:22:53 2024 -0600 Revert "io_uring: Require zeroed sqe->len on provided-buffers send" This reverts commit 79996b45f7b28c0e3e08a95bab80119e95317e28. Revert the change that restricts a send provided buffer to be zero, so it will always consume the whole buffer. This is strictly needed for partial consumption, as the send may very well be a subset of the current buffer. In fact, that's the intended use case. For non-incremental provided buffer rings, an application should set sqe->len carefully to avoid the potential issue described in the reverted commit. It is recommended that '0' still be set for len for that case, if the application is set on maintaining more than 1 send inflight for the same socket. This is somewhat of a nonsensical thing to do. Signed-off-by: Jens Axboe commit 2c8fa70bf3e981193ecda0eedf2100f933ef7085 Author: Jens Axboe Date: Mon Aug 12 09:25:36 2024 -0600 io_uring/kbuf: move io_ring_head_to_buf() to kbuf.h In preparation for using this helper in kbuf.h as well, move it there and turn it into a macro. Signed-off-by: Jens Axboe commit ecd5c9b29643f383d39320e30d21b8615bd893da Author: Jens Axboe Date: Mon Aug 12 09:18:35 2024 -0600 io_uring/kbuf: add io_kbuf_commit() helper Committing the selected ring buffer is currently done in three different spots, combine it into a helper and just call that. Signed-off-by: Jens Axboe commit 4609c6eab67bb1785a5337ddafb5c74c796bcd35 Author: Hongbo Li Date: Wed Aug 28 20:27:24 2024 +0800 irqdomain: Use IS_ERR_OR_NULL() in irq_domain_trim_hierarchy() Use IS_ERR_OR_NULL() instead of open-coding a NULL and a error pointer check. Signed-off-by: Hongbo Li Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240828122724.3697447-1-lihongbo22@huawei.com commit bf1e0fb69a15fac4d6ee71d0e1c715147add986a Author: Jinjie Ruan Date: Wed Aug 28 15:22:19 2024 +0800 genirq/msi: Use kmemdup_array() instead of kmemdup() Let kmemdup_array() take care about sizing instead of doing it open coded. Signed-off-by: Jinjie Ruan Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240828072219.1249250-1-ruanjinjie@huawei.com commit eb29369fa543e7d5557c19ebecf072244bb14815 Author: Jeff Xie Date: Mon Aug 26 22:58:05 2024 +0800 genirq/proc: Change the return value for set affinity permission error Currently, when the affinity of an irq cannot be set due to lack of permission, the write_irq_affinity() returns the error code -EIO. Change the return value to -EPERM as that reflects the cause of error correctly. Signed-off-by: Jeff Xie Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240826145805.5938-1-jeff.xie@linux.dev commit 9012f84e1c5b653c282b7a6cca81454ecf7c5a0a Author: Jinjie Ruan Date: Thu Aug 29 19:15:22 2024 +0800 genirq/proc: Use irq_move_pending() in show_irq_affinity() irq_move_pending() encapsulates irqd_is_setaffinity_pending() depending on CONFIG_GENERIC_PENDING_IRQ. Replace the open coded #ifdeffery with it. Signed-off-by: Jinjie Ruan Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240829111522.230595-1-ruanjinjie@huawei.com commit c7718e5c76d49b5bb394265383ae51f766d5dd3a Author: Jeff Xie Date: Sun Aug 25 21:19:11 2024 +0800 genirq/proc: Correctly set file permissions for affinity control files The kernel already knows at the time of interrupt allocation whether affinity of an interrupt can be controlled by userspace or not. It still creates all related procfs control files with read/write permissions. That's inconsistent and non-intuitive for system administrators and tools. Therefore set the file permissions to read-only for such interrupts. [ tglx: Massage change log, fixed UP build ] Signed-off-by: Jeff Xie Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240825131911.107119-1-jeff.xie@linux.dev commit fe30bae552ce27b9fefe0b12db1544e73d07325f Author: Jason-JH.Lin Date: Tue Aug 27 22:55:19 2024 +0800 drm/mediatek: Fix missing configuration flags in mtk_crtc_ddp_config() In mtk_crtc_ddp_config(), mtk_crtc will use some configuration flags to generate instructions to cmdq_handle, such as: state->pending_config mtk_crtc->pending_planes plane_state->pending.config mtk_crtc->pending_async_planes plane_state->pending.async_config These configuration flags may be set to false when a GCE IRQ comes calling ddp_cmdq_cb(). This may result in missing prepare instructions, especially if mtk_crtc_update_config() with the flase need_vblank (no need to wait for vblank) cases. Therefore, the mtk_crtc->config_updating flag is set at the beginning of mtk_crtc_update_config() to ensure that these configuration flags won't be changed when the mtk_crtc_ddp_config() is preparing instructions. But somehow the ddp_cmdq_cb() didn't use the mtk_crtc->config_updating flag to prevent those pending config flags from being cleared. To avoid missing the configuration when generating the config instruction, the config_updating flag should be added into ddp_cmdq_cb() and be protected with spin_lock. Fixes: 7f82d9c43879 ("drm/mediatek: Clear pending flag when cmdq packet is done") Signed-off-by: Jason-JH.Lin Reviewed-by: CK Hu Reviewed-by: Fei Shao Link: https://patchwork.kernel.org/project/dri-devel/patch/20240827-drm-fixup-0819-v3-1-4761005211ec@mediatek.com/ Link: https://patchwork.kernel.org/project/dri-devel/patch/20240827-drm-fixup-0819-v3-2-4761005211ec@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit d79ae4766ca65f718f171ed40dc57476a481624f Author: Shuijing Li Date: Mon Aug 26 14:06:20 2024 +0800 drm/mediatek: dsi: Add dsi per-frame lp code for mt8188 Adding the per-frame lp function of mt8188, which can keep HFP in HS and reduce the time required for each line to enter and exit low power. Per Frame LP: |<----------One Active Frame-------->| --______________________________________----___________________ ^HSA+HBP^^RGB^^HFP^^HSA+HBP^^RGB^^HFP^ ^HSA+HBP^^RGB^^HFP^ Per Line LP: |<---------------One Active Frame----------->| --______________--______________--______________----______________ ^HSA+HBP^^RGB^ ^HSA+HBP^^RGB^ ^HSA+HBP^^RGB^ ^HSA+HBP^^RGB^ Signed-off-by: Shuijing Li Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20240826060654.24038-1-shuijing.li@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit 00335fc7cc7a8a39bff2fddd48be854b98c693ab Author: Rob Herring (Arm) Date: Wed Jul 31 14:13:56 2024 -0600 drm/mediatek: Drop unnecessary check for property presence of_property_read_u32() returns -EINVAL if a property is not present, so the preceding check for presence with of_find_property() can be dropped. Really, what the errno is shouldn't matter. Either the property can be read and used or it can't and is ignored. This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Reviewed-by: AngeloGioacchino Del Regno Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20240731201407.1838385-1-robh@kernel.org/ Signed-off-by: Chun-Kuang Hu commit 103b90752f3dda74abc56993390fa303147e7fbc Author: AngeloGioacchino Del Regno Date: Thu Jul 18 10:25:07 2024 +0200 drm/mediatek: Declare Z Position for all planes MediaTek SoCs support multiple planes, one of which is the primary and all the others are overlays (and CURSOR is the last overlay). In all currently supported SoCs, the Z order of the overlays can't be changed with any fast muxing action, and can only be changed by swapping the contents of the entire register set of one overlay with the other to internally reorder the layer properties, which is indeed feasible, but probably more expensive than desired. Declare the Z position for all planes with an immutable property at least for now, so that the userspace can take its decisions accordingly. Signed-off-by: AngeloGioacchino Del Regno Reviewed-by: Fei Shao Acked-by: Daniel Stone Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20240718082507.216764-1-angelogioacchino.delregno@collabora.com/ Signed-off-by: Chun-Kuang Hu commit 4381b895f544bb84b8cfb34ada64df67c9b2a4f0 Author: Anna-Maria Behnsen Date: Thu Aug 29 09:41:33 2024 +0200 timers: Remove historical extra jiffie for timeout in msleep() msleep() and msleep_interruptible() add a jiffie to the requested timeout. This extra jiffie was introduced to ensure that the timeout will not happen earlier than specified. Since the rework of the timer wheel, the enqueue path already takes care of this. So the extra jiffie added by msleep*() is pointless now. Remove this extra jiffie in msleep() and msleep_interruptible(). Signed-off-by: Anna-Maria Behnsen Signed-off-by: Thomas Gleixner Acked-by: Rafael J. Wysocki Link: https://lore.kernel.org/all/20240829074133.4547-1-anna-maria@linutronix.de commit a678164aadbf68d80f7ab79b8bd5cfe3711e42fa Author: Maciej W. Rozycki Date: Mon Aug 26 10:21:47 2024 +0100 x86/EISA: Dereference memory directly instead of using readl() Sparse expect an __iomem pointer, but after converting the EISA probe to memremap() the pointer is a regular memory pointer. Access it directly instead. [ tglx: Converted it to fix the already applied version ] Fixes: 80a4da05642c ("x86/EISA: Use memremap() to probe for the EISA BIOS signature") Signed-off-by: Maciej W. Rozycki Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/alpine.DEB.2.21.2408261015270.30766@angie.orcam.me.uk commit dfdc8d2565e82d726ce7d99c424c213ed17320f5 Merge: c0390d541128e8 ea566e18b4deea Author: Christian Brauner Date: Wed Aug 28 13:08:18 2024 +0200 Merge patch series "fs,mm: add kmem_cache_create_rcu()" Christian Brauner says: When a kmem cache is created with SLAB_TYPESAFE_BY_RCU the free pointer must be located outside of the object because we don't know what part of the memory can safely be overwritten as it may be needed to prevent object recycling. That has the consequence that SLAB_TYPESAFE_BY_RCU may end up adding a new cacheline. This is the case for e.g., struct file. After having it shrunk down by 40 bytes and having it fit in three cachelines we still have SLAB_TYPESAFE_BY_RCU adding a fourth cacheline because it needs to accommodate the free pointer. Add a new kmem_cache_create_rcu() function that allows the caller to specify an offset where the free pointer is supposed to be placed. Before this series cat /proc/slabinfo: filp 1198 1248 256 32 2 : tunables 0 0 0 : slabdata 39 39 0 ^^^ After this series cat /proc/slabinfo: filp 1323 1323 192 21 1 : tunables 0 0 0 : slabdata 63 63 0 ^^^ * patches from https://lore.kernel.org/r/20240828-work-kmem_cache-rcu-v3-0-5460bc1f09f6@kernel.org: fs: use kmem_cache_create_rcu() mm: add kmem_cache_create_rcu() mm: remove unused root_cache argument Link: https://lore.kernel.org/r/20240828-work-kmem_cache-rcu-v3-0-5460bc1f09f6@kernel.org Signed-off-by: Christian Brauner commit ea566e18b4deea6e998088de4f1a76d1f39c8d3f Author: Christian Brauner Date: Wed Aug 28 12:56:25 2024 +0200 fs: use kmem_cache_create_rcu() Switch to the new kmem_cache_create_rcu() helper which allows us to use a custom free pointer offset avoiding the need to have an external free pointer which would grow struct file behind our backs. Link: https://lore.kernel.org/r/20240828-work-kmem_cache-rcu-v3-3-5460bc1f09f6@kernel.org Acked-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner commit d345bd2e9834e2da505977e154a1c179c793b7b2 Author: Christian Brauner Date: Wed Aug 28 12:56:24 2024 +0200 mm: add kmem_cache_create_rcu() When a kmem cache is created with SLAB_TYPESAFE_BY_RCU the free pointer must be located outside of the object because we don't know what part of the memory can safely be overwritten as it may be needed to prevent object recycling. That has the consequence that SLAB_TYPESAFE_BY_RCU may end up adding a new cacheline. This is the case for e.g., struct file. After having it shrunk down by 40 bytes and having it fit in three cachelines we still have SLAB_TYPESAFE_BY_RCU adding a fourth cacheline because it needs to accommodate the free pointer. Add a new kmem_cache_create_rcu() function that allows the caller to specify an offset where the free pointer is supposed to be placed. Link: https://lore.kernel.org/r/20240828-work-kmem_cache-rcu-v3-2-5460bc1f09f6@kernel.org Acked-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner commit e446f18e98e89fb7de2b320620ce983929bb2486 Author: Christian Brauner Date: Wed Aug 28 12:56:23 2024 +0200 mm: remove unused argument from create_cache() That root_cache argument is unused so remove it. Link: https://lore.kernel.org/r/20240828-work-kmem_cache-rcu-v3-1-5460bc1f09f6@kernel.org Acked-by: Mike Rapoport (Microsoft) Reviewed-by: Vlastimil Babka Signed-off-by: Christian Brauner commit 98ce82a52886edd5197e903cb2b56f21bf3b0781 Author: Chen-Yu Tsai Date: Thu Aug 29 16:51:30 2024 +0800 regulator: Unify "negative error number" terminology in comments Previous commits cleaning up kerneldoc used the term "negative error number" to refer to error condition return values. Update remaining instances of other terminology such as "error code" or "errno" as well so the whole regulator subsystem is unified. Signed-off-by: Chen-Yu Tsai Reported-by: Andy Shevchenko Reviewed-by: Andy Shevchenko Link: https://patch.msgid.link/20240829085131.1361701-11-wenst@chromium.org Signed-off-by: Mark Brown commit 6eace77a6048c9b0b50950e88ef987d4519a53c1 Author: Chen-Yu Tsai Date: Thu Aug 29 16:51:29 2024 +0800 regulator: of: Fix kerneldoc format for of_regulator_bulk_get_all() of_regulator_bulk_get_all() has a comment section that pretty much resembles a kerneldoc block, except that the block begins with "/*" instead of "/**". Fix that and also rework the "Return" section and the error code terminology so that it is the same as the other kerneldoc blocks in the same file. Fixes: 27b9ecc7a9ba ("regulator: Add of_regulator_bulk_get_all") Signed-off-by: Chen-Yu Tsai Reported-by: Andy Shevchenko Reviewed-by: Andy Shevchenko Link: https://patch.msgid.link/20240829085131.1361701-10-wenst@chromium.org Signed-off-by: Mark Brown commit 77904c81703b7a4a929abafb837d06b49de087e6 Author: Chen-Yu Tsai Date: Thu Aug 29 16:51:28 2024 +0800 regulator: irq_helpers: Fix regulator_irq_map_event_simple() kerneldoc kernel-doc complains about missing "Return" section for the function regulator_irq_map_event_simple(). Add a "Return" section for it based on its behavior. The function actually always returns 0, but fills in fields in its @rid parameter as needed. Expand the description of the parameter to cover this. While at it fix a typo found in the description of the same function. Reported-by: Matti Vaittinen Closes: https://lore.kernel.org/all/e341240e-1c1f-49a2-91cd-440888fdbda0@gmail.com/ Signed-off-by: Chen-Yu Tsai Reported-by: Andy Shevchenko Reviewed-by: Andy Shevchenko Link: https://patch.msgid.link/20240829085131.1361701-9-wenst@chromium.org Signed-off-by: Mark Brown commit 4ddb16cf5390fc8546409aab3c69ffe6651b3c6b Author: Chen-Yu Tsai Date: Thu Aug 29 16:51:27 2024 +0800 regulator: fixed-helper: Add missing "Return" kerneldoc section kernel-doc complains about missing "Return" section for the function regulator_register_always_on(). Add a "Return" section for it based on its behavior. Signed-off-by: Chen-Yu Tsai Reported-by: Andy Shevchenko Reviewed-by: Andy Shevchenko Link: https://patch.msgid.link/20240829085131.1361701-8-wenst@chromium.org Signed-off-by: Mark Brown commit 5f93c59e607e6f28eef2ed7ddd5a2f89abc943a5 Author: Chen-Yu Tsai Date: Thu Aug 29 16:51:26 2024 +0800 regulator: fixed: Fix incorrectly formatted kerneldoc "Return" section kernel-doc complains about missing "Return" section for kerneldoc of of_get_fixed_voltage_config(). The kerneldoc has a description about the return values, just not in the format kernel-doc wants. Convert it to use the proper "Return:" section header. The existing description have been reworded and moved around to fit the grammar and formatting. Signed-off-by: Chen-Yu Tsai Reported-by: Andy Shevchenko Reviewed-by: Andy Shevchenko Link: https://patch.msgid.link/20240829085131.1361701-7-wenst@chromium.org Signed-off-by: Mark Brown commit dac41d59f2de25b8d3f5350c8cbfe39187d214da Author: Chen-Yu Tsai Date: Thu Aug 29 16:51:25 2024 +0800 regulator: of: Fix incorrectly formatted kerneldoc "Return" sections kernel-doc complains about missing "Return" section for many documented functions in the regulator OF-specific code. These all have descriptions about the return values, just not in the format kernel-doc wants. Convert these to use the proper "Return:" section header. The existing descriptions have been reworded and moved around to fit the grammar and formatting. Signed-off-by: Chen-Yu Tsai Reported-by: Andy Shevchenko Reviewed-by: Andy Shevchenko Link: https://patch.msgid.link/20240829085131.1361701-6-wenst@chromium.org Signed-off-by: Mark Brown commit c0390d541128e8820af8177a572d9d87ff68a3bb Author: Christian Brauner Date: Fri Aug 23 21:06:58 2024 +0200 fs: pack struct file Now that we shrunk struct file to 192 bytes aka 3 cachelines reorder struct file to not leave any holes or have members cross cachelines. Add a short comment to each of the fields and mark the cachelines. It's possible that we may have to tweak this based on profiling in the future. So far I had Jens test this comparing io_uring with non-fixed and fixed files and it improved performance. The layout is a combination of Jens' and my changes. Link: https: //lore.kernel.org/r/20240824-peinigen-hocken-7384b977c643@brauner Signed-off-by: Christian Brauner commit 4ac204ff2d4ec360d9d2e39840ad286ddb78439f Author: Chen-Yu Tsai Date: Thu Aug 29 16:51:24 2024 +0800 regulator: core: Add missing kerneldoc "Return" sections kernel-doc complains about missing "Return" section for many documented functions in the regulator core. Some with free-form return value descriptions have been fixed in the previous patch. The remaining are completely missing any mention of return values. Add "Return" sections to these kerneldoc blocks with basic descriptions. In a few cases where the functions don't call even more functions and the error numbers are known, those are documented in detail. Signed-off-by: Chen-Yu Tsai Reported-by: Andy Shevchenko Reviewed-by: Andy Shevchenko Link: https://patch.msgid.link/20240829085131.1361701-5-wenst@chromium.org Signed-off-by: Mark Brown commit f746af13dd115ae3e0ec9d762baa170184401d41 Author: Chen-Yu Tsai Date: Thu Aug 29 16:51:23 2024 +0800 regulator: core: Fix incorrectly formatted kerneldoc "Return" sections kernel-doc complains about missing "Return" section for many documented functions in the regulator core. Many of them actually have descriptions about the return values, just not in the format kernel-doc wants. Convert these to use the proper "Return:" section header. The existing descriptions have been reworded and moved around to fit the grammar and formatting. In a few cases where the functions don't call even more functions and the error numbers are known, those are documented in detail. Signed-off-by: Chen-Yu Tsai Reported-by: Andy Shevchenko Reviewed-by: Andy Shevchenko Link: https://patch.msgid.link/20240829085131.1361701-4-wenst@chromium.org Signed-off-by: Mark Brown commit 753b9d86adb9d2c5882ac8ee0c3816aa48697eaa Author: Chen-Yu Tsai Date: Thu Aug 29 16:51:22 2024 +0800 regulator: core: Fix regulator_is_supported_voltage() kerneldoc return value The kerneldoc for regulator_is_supported_voltage() states that the return value is a boolean. That is not correct, as it could return an error number if the check failed. Fix the description by expanding it to cover the valid return values and error conditions. The description is also converted to a proper "Return" section. Fixes: c5f3939b8fe0 ("regulator: core: Support fixed voltages in regulator_is_supported_voltage()") Signed-off-by: Chen-Yu Tsai Reported-by: Andy Shevchenko Reviewed-by: Andy Shevchenko Link: https://patch.msgid.link/20240829085131.1361701-3-wenst@chromium.org Signed-off-by: Mark Brown commit caa08dd8cdb8e58bf810e986cd6f9081ad056018 Author: Chen-Yu Tsai Date: Thu Aug 29 16:51:21 2024 +0800 regulator: core: Fix short description for _regulator_check_status_enabled() kernel-doc complains that _regulator_check_status_enabled() is missing a short description. Since the current description is already quite short, just trim it a bit more and use it as the short description. Fixes: f7d7ad42a9dc ("regulator: Allow regulators to verify enabled during enable()") Signed-off-by: Chen-Yu Tsai Reported-by: Andy Shevchenko Reviewed-by: Andy Shevchenko Link: https://patch.msgid.link/20240829085131.1361701-2-wenst@chromium.org Signed-off-by: Mark Brown commit da439eed06ff6806f22341ab0468226afc555305 Author: Marcin Juszkiewicz Date: Thu Aug 29 14:27:00 2024 +0200 arm64: dts: rockchip: add Mask Rom key on NanoPC-T6 Mask Rom key is connected to SARADC and can be read from OS. Signed-off-by: Marcin Juszkiewicz Link: https://lore.kernel.org/r/20240829-friendlyelec-nanopc-t6-lts-v6-9-edff247e8c02@linaro.org Signed-off-by: Heiko Stuebner commit c9ba75320e5a12dc9d574603acf29b38a920b40c Author: Marcin Juszkiewicz Date: Thu Aug 29 14:26:59 2024 +0200 arm64: dts: rockchip: enable USB-C on NanoPC-T6 Enable the USB-C port on FriendlyELEC NanoPC-T6. Works one way so far but still better than before. Signed-off-by: Marcin Juszkiewicz Link: https://lore.kernel.org/r/20240829-friendlyelec-nanopc-t6-lts-v6-8-edff247e8c02@linaro.org Signed-off-by: Heiko Stuebner commit e86cbf999cda2d44f32ec622537024e3b923080d Author: Marcin Juszkiewicz Date: Thu Aug 29 14:26:58 2024 +0200 arm64: dts: rockchip: enable GPU on NanoPC-T6 Enable the Mali GPU on FriendlyELEC NanoPC-T6 Signed-off-by: Marcin Juszkiewicz Link: https://lore.kernel.org/r/20240829-friendlyelec-nanopc-t6-lts-v6-7-edff247e8c02@linaro.org Signed-off-by: Heiko Stuebner commit b70caff0f9592719b6c977e291c33192e959c9d4 Author: Marcin Juszkiewicz Date: Thu Aug 29 14:26:57 2024 +0200 arm64: dts: rockchip: add IR-receiver to NanoPC-T6 FriendlyELEC NanoPC-T6 has IR receiver connected to PWM3_IR_M0 line which ends as GPIO0_D4. Signed-off-by: Marcin Juszkiewicz Link: https://lore.kernel.org/r/20240829-friendlyelec-nanopc-t6-lts-v6-6-edff247e8c02@linaro.org Signed-off-by: Heiko Stuebner commit a22a629c63b1addcf2d81eaf30383c1deca5b7a9 Author: Marcin Juszkiewicz Date: Thu Aug 29 14:26:56 2024 +0200 arm64: dts: rockchip: add SPI flash on NanoPC-T6 FriendlyELEC NanoPC-T6 has optional SPI flash chip on-board. It is populated with 32MB one on LTS version. Signed-off-by: Marcin Juszkiewicz Reviewed-by: Jonas Karlman Link: https://lore.kernel.org/r/20240829-friendlyelec-nanopc-t6-lts-v6-5-edff247e8c02@linaro.org Signed-off-by: Heiko Stuebner commit db1dcbe5f752d423421f77d54d246398b196f670 Author: Marcin Juszkiewicz Date: Thu Aug 29 14:26:55 2024 +0200 arm64: dts: rockchip: add NanoPC-T6 LTS In the LTS (2310) version the miniPCIe slot got removed and USB 2.0 setup has changed. There are two external accessible ports and two ports on the internal header. There is an on-board USB hub which provides: - one external connector (bottom one) - two internal ports on pin header - one port for m.2 E connector The top USB 2.0 connector comes directly from the SoC. Signed-off-by: Marcin Juszkiewicz Link: https://lore.kernel.org/r/20240829-friendlyelec-nanopc-t6-lts-v6-4-edff247e8c02@linaro.org Signed-off-by: Heiko Stuebner commit aea8d84070fe0846961deb23228d9dd3f8caefb3 Author: Marcin Juszkiewicz Date: Thu Aug 29 14:26:54 2024 +0200 arm64: dts: rockchip: move NanoPC-T6 parts to DTS MiniPCIe slot is present only in first version of NanoPC-T6 (2301). Signed-off-by: Marcin Juszkiewicz Link: https://lore.kernel.org/r/20240829-friendlyelec-nanopc-t6-lts-v6-3-edff247e8c02@linaro.org Signed-off-by: Heiko Stuebner commit 36b5c1dc4b22913f9813a94350e24f6744db38a8 Author: Jiaqing Zhao Date: Tue Aug 27 02:58:21 2024 +0000 ACPICA: Allow setting waking vector on reduced hardware platforms Allow setting waking vector in FACS table on reduced hardware platforms to support S3 wakeup. Link: https://github.com/acpica/acpica/commit/ee53ed6b5452612bb44af542b68d605f8b2b1104 Signed-off-by: Jiaqing Zhao Link: https://patch.msgid.link/20240827025821.2099068-3-jiaqing.zhao@linux.intel.com Signed-off-by: Rafael J. Wysocki commit 36b531aace379f45e4ca763f7efb8d0295216e83 Author: Jiaqing Zhao Date: Tue Aug 27 02:58:20 2024 +0000 ACPICA: Detect FACS in reduced hardware build According to Section 5.2.10 of ACPI Specification, FACS is optional in reduced hardware model. Enable the detection for "Hardware-reduced ACPI support only" build (CONFIG_ACPI_REDUCED_HARDWARE_ONLY=y) also. Link: https://github.com/acpica/acpica/commit/ee53ed6b5452612bb44af542b68d605f8b2b1104 Signed-off-by: Jiaqing Zhao Link: https://patch.msgid.link/20240827025821.2099068-2-jiaqing.zhao@linux.intel.com Signed-off-by: Rafael J. Wysocki commit d14f3a4f1feabb6bb5935bf3b275a1e6bf2208eb Author: Marcin Juszkiewicz Date: Thu Aug 29 14:26:53 2024 +0200 arm64: dts: rockchip: prepare NanoPC-T6 for LTS board FriendlyELEC introduced a second version of NanoPC-T6 SBC. Create common include file and make NanoPC-T6 use it. Following patches will add LTS version. Signed-off-by: Marcin Juszkiewicz Link: https://lore.kernel.org/r/20240829-friendlyelec-nanopc-t6-lts-v6-2-edff247e8c02@linaro.org Signed-off-by: Heiko Stuebner commit 809b3cb3285da6f98b0a516bf070a1d7bf4f7b2d Author: Marcin Juszkiewicz Date: Thu Aug 29 14:26:52 2024 +0200 dt-bindings: arm: rockchip: Add NanoPC-T6 LTS Add devicetree binding for the NanoPC-T6 LTS board. Signed-off-by: Marcin Juszkiewicz Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240829-friendlyelec-nanopc-t6-lts-v6-1-edff247e8c02@linaro.org Signed-off-by: Heiko Stuebner commit 46f4bbb8aac2b876355cdefdacd1971b65f8b631 Author: Zhang Zekun Date: Thu Aug 22 16:54:30 2024 +0800 powerpc/pseries/dlpar: Use helper function for_each_child_of_node() for_each_child_of_node can help to iterate through the device_node, and we don't need to use while loop. No functional change with this conversion. Signed-off-by: Zhang Zekun Signed-off-by: Michael Ellerman Link: https://msgid.link/20240822085430.25753-3-zhangzekun11@huawei.com commit 197116e2dec8d23888ce76044fe673480afceff0 Author: Zhang Zekun Date: Thu Aug 22 16:54:29 2024 +0800 powerpc/powermac/pfunc_base: Use helper function for_each_child_of_node() for_each_child_of_node() can help to iterate through the device_node, and we don't need to do it manually. No functional change with this conversion. Signed-off-by: Zhang Zekun Signed-off-by: Michael Ellerman Link: https://msgid.link/20240822085430.25753-2-zhangzekun11@huawei.com commit 8ae4f16f7d7b59cca55aeca6db7c9636ffe7fbaa Author: Michael Ellerman Date: Wed Aug 21 18:07:29 2024 +1000 powerpc/64s/mm: Move __real_pte stubs into hash-4k.h The stub versions of __real_pte() etc are only used with HPT & 4K pages, so move them into the hash-4k.h header. Signed-off-by: Michael Ellerman Link: https://msgid.link/20240821080729.872034-1-mpe@ellerman.id.au commit 7817eb1ad353d732bac546b39316f2422c76fff4 Author: Nikita Shubin Date: Thu Aug 29 10:52:57 2024 +0300 ASoC: dt-bindings: cirrus,cs4271: Convert to dtschema Convert the Cirrus Logic CS4271 audio CODEC bindings to DT schema. Add missing spi-cpha, spi-cpol, '#sound-dai-cells' and port, as they are already being used in the DTS and the driver for this device. Switch to 'reset-gpios' and drop legacy 'reset-gpio' used in original bindings. Based on Animesh Agarwal cs42xx8 conversion patch. Cc: Alexander Sverdlin Link: https://lore.kernel.org/all/20240715-ep93xx-v11-0-4e924efda795@maquefel.me Signed-off-by: Nikita Shubin Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240829-cs4271-yaml-v3-1-f1624cc838f6@maquefel.me Signed-off-by: Mark Brown commit d6b34416b08895a7457c53630595ce84e4aa904c Author: Michael Ellerman Date: Tue Aug 20 16:57:05 2024 +1000 powerpc/configs/64s: Enable DEFERRED_STRUCT_PAGE_INIT It can speed up initialisation of page structs at boot on large machines. Signed-off-by: Michael Ellerman Link: https://msgid.link/20240820065705.660812-1-mpe@ellerman.id.au commit 2e1a57d5b0adbb5bd1d85245ec29b6d3cc7edc69 Author: Chris Morgan Date: Wed Aug 21 16:54:52 2024 -0500 mfd: axp20x: Add ADC, BAT, and USB cells for AXP717 Add support for the AXP717 PMIC to utilize the ADC (for reading voltage, current, and temperature information from the PMIC) as well as the USB charger and battery. Signed-off-by: Chris Morgan Link: https://lore.kernel.org/r/20240821215456.962564-12-macroalpha82@gmail.com Signed-off-by: Lee Jones commit 3959d1f0f8d6682aa896a8f78a9f5ebfd2b6f6c8 Author: Yan Zhen Date: Tue Aug 27 21:12:03 2024 +0800 spi: nxp-fspi: Use max macro When the original file is guaranteed to contain the minmax.h header file and compile correctly, using the real macro is usually more intuitive and readable. Signed-off-by: Yan Zhen Link: https://patch.msgid.link/20240827131203.3918516-1-yanzhen@vivo.com Signed-off-by: Mark Brown commit ab3f6e159204864f2bc208599d4652d10a4824ac Author: Fabio Estevam Date: Thu Aug 29 08:31:57 2024 -0300 spi: spidev: Add an entry for elgin,jg10309-01 The rv1108-elgin-r1 board has an LCD controlled via SPI in userspace. The marking on the LCD is JG10309-01. Add the "elgin,jg10309-01" compatible string. Signed-off-by: Fabio Estevam Reviewed-by: Heiko Stuebner Link: https://patch.msgid.link/20240829113158.3324928-2-festevam@gmail.com Signed-off-by: Mark Brown commit ac7ee784fd00e90542411f113650222c82f86bfd Author: Fabio Estevam Date: Thu Aug 29 08:31:56 2024 -0300 dt-bindings: trivial-devices: Document elgin,jg10309-01 The rv1108-elgin-r1 board has an LCD controlled via SPI in userspace. The marking on the LCD is JG10309-01. Add an entry for the "elgin,jg10309-01" compatible string. Signed-off-by: Fabio Estevam Acked-by: Conor Dooley Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240829113158.3324928-1-festevam@gmail.com Signed-off-by: Mark Brown commit 8a0ec8c2d736961ff556e9d331decda9048fe0f1 Author: Yang Ruibin <11162571@vivo.com> Date: Thu Aug 29 11:35:11 2024 +0800 spi: Insert the missing pci_dev_put()before return Increase the reference count by calling pci_get_slot(), and remember to decrement the reference count by calling pci_dev_put(). Signed-off-by: Yang Ruibin <11162571@vivo.com> Link: https://patch.msgid.link/20240829033511.1917015-1-11162571@vivo.com Signed-off-by: Mark Brown commit b5d4657e192ba7a3f21fc397cf5d169982b4ec0c Author: Ville Syrjälä Date: Mon Jun 24 22:10:32 2024 +0300 drm/i915/dsb: Use chained DSBs for LUT programming In order to better handle the necessary DSB DEwake tricks let's switch over to using a chained DSB for the actual LUT programming. The CPU will start 'dsb_color_commit', which in turn will start the chained 'dsb_color_vblank'. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240624191032.27333-15-ville.syrjala@linux.intel.com Reviewed-by: Animesh Manna commit 07226d09a200b92797afabd3a5131a0b504344c1 Author: Ville Syrjälä Date: Mon Jun 24 22:10:31 2024 +0300 drm/i915/dsb: s/dsb/dsb_color_vblank/ We'll soon utilize several DSBs during the commit. To that end rename the current crtc_state->dsb to crtc_state->dsb_color_vblank to better reflect its role (color managemnent stuff programmed during vblank). Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240624191032.27333-14-ville.syrjala@linux.intel.com Reviewed-by: Animesh Manna commit 44378f6ef2efee3ccfa87de5860662f2356bdde8 Author: Ville Syrjälä Date: Mon Jun 24 22:10:30 2024 +0300 drm/i915/dsb: Clear DSB_ENABLE_DEWAKE once the DSB is done In order to avoid the DSB keeping the DEwake permanently asserted we must clear DSB_PMCTRL_2.DSB_FORCE_DEWAKE once we are done. For good measure do the same for DSB_PMCTRL.DSB_ENABLE_DEWAKE. Experimentally this doens't seem to be actually necessary (unlike with DSB_FORCE_DEWAKE). That is, the DSB_ENABLE_DEWAKE doesn't seem to do anything whenever the DSB is not active. But I'd hate to waste a ton of power in case there I'm wrong and there is some way DEwake could remaing asserted. One extra register write is a small price to pay for some peace of mind. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240624191032.27333-13-ville.syrjala@linux.intel.com Reviewed-by: Animesh Manna commit 51e039542b87cb649d50ea3b5cf90847be32a30b Author: Ville Syrjälä Date: Mon Jun 24 22:10:29 2024 +0300 drm/i915/dsb: Allow intel_dsb_chain() to use DSB_WAIT_FOR_VBLANK Allow intel_dsb_chain() to start the chained DSB at start of the undelaye vblank. This is slightly more involved than simply setting the bit as we must use the DEwake mechanism to eliminate pkgC latency. And DSB_ENABLE_DEWAKE itself is problematic in that it allows us to configure just a single scanline, and if the current scanline is already past that DSB_ENABLE_DEWAKE won't do anything, rendering the whole thing moot. The current workaround involves checking the pipe's current scanline with the CPU, and if it looks like we're about to miss the configured DEwake scanline we set DSB_FORCE_DEWAKE to immediately assert DEwake. This is somewhat racy since the hardware is making progress all the while we're checking it on the CPU. We can make things less racy by chaining two DSBs and handling the DSB_FORCE_DEWAKE stuff entirely without CPU involvement: 1. CPU starts the first DSB immediately 2. First DSB configures the second DSB, including its dewake_scanline 3. First DSB starts the second w/ DSB_WAIT_FOR_VBLANK 4. First DSB asserts DSB_FORCE_DEWAKE 5. First DSB waits until we're outside the dewake_scanline-vblank_start window 6. First DSB deasserts DSB_FORCE_DEWAKE That will guarantee that the we are fully awake when the second DSB starts to actually execute. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240624191032.27333-12-ville.syrjala@linux.intel.com Reviewed-by: Animesh Manna commit 06358ccecd75bfcd988f347f79592e23159aaaa2 Author: Ville Syrjälä Date: Mon Jun 24 22:10:28 2024 +0300 drm/i915/dsb: Introduce intel_dsb_chain() In order to handle the DEwake tricks without involving the CPU we need a mechanism by which one DSB can start another one. Add a basic function to do so. We'll extend it later with additional code to actually deal with DEwake. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240624191032.27333-11-ville.syrjala@linux.intel.com Reviewed-by: Animesh Manna commit 2039809783d630c1022bb3debe648abced7861c4 Author: Ville Syrjälä Date: Mon Jun 24 22:10:27 2024 +0300 drm/i915/dsb: Introduce intel_dsb_wait_scanline_{in,out}() Add functions to emit a DSB scanline window wait instructions. We can either wait for the scanline to be IN the window or OUT of the window. The hardware doesn't handle wraparound so we must manually deal with it by swapping the IN range to the inverse OUT range, or vice versa. Also add a bit of paranoia to catch the edge case of waiting for the entire frame. That doesn't make sense since an IN wait would be a nop, and an OUT wait would imply waiting forever. Most of the time this also results in both scanline ranges (original and inverted) to have lower=upper+1 which is nonsense from the hw POV. For now we are only handling the case where the scanline wait happens prior to latching the double buffered registers during the commit (which might change the timings due to LRR/VRR/etc.) Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240624191032.27333-10-ville.syrjala@linux.intel.com Reviewed-by: Animesh Manna commit 8d5ac8efb6d94efda53f604fd9c072b4754a3d85 Author: Ville Syrjälä Date: Mon Jun 24 22:10:26 2024 +0300 drm/i915/dsb: Precompute DSB_CHICKEN Adjust the code that determines the correct DSB_CHICKEN value to be usable for use within DSB commands themselves. Ie. precompute it based on our knowledge of what the hardware state (VRR vs. not mainly) will be at the time of the commit. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240624191032.27333-9-ville.syrjala@linux.intel.com Reviewed-by: Animesh Manna commit a69dcaf9310ab09ed97711e0fee08e59218ed8a6 Author: Ville Syrjälä Date: Mon Jun 24 22:10:25 2024 +0300 drm/i915/dsb: Account for VRR properly in DSB scanline stuff When determining various scanlines for DSB use we should take into account whether VRR is active at the time when the DSB uses said scanline information. For now all DSB scanline usage occurs prior to the actual commit, so we only need to care about the state of VRR at that time. I've decided to move intel_crtc_scanline_to_hw() in its entirety to the DSB code as it will also need to know the actual state of VRR in order to do its job 100% correctly. TODO: figure out how much of this could be moved to some more generic place and perhaps be shared with the CPU vblank evasion code/etc... Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240624191032.27333-8-ville.syrjala@linux.intel.com Reviewed-by: Animesh Manna commit eb4556f25fb4cb3a005a93dcc6dcc4b0c024f5f7 Author: Ville Syrjälä Date: Mon Jun 24 22:10:24 2024 +0300 drm/i915/dsb: Fix dewake scanline Currently we calculate the DEwake scanline based on the delayed vblank start, while in reality it should be computed based on the undelayed vblank start (as that is where the DSB actually starts). Currently it doesn't really matter as we don't have any vblank delay configured, but that may change in the future so let's be accurate in what we do. We can also remove the max() as intel_crtc_scanline_to_hw() can deal with negative numbers, which there really shouldn't be anyway. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240624191032.27333-7-ville.syrjala@linux.intel.com Reviewed-by: Animesh Manna commit 70a65a5de23337c0c0251c482520224ac80bdeb5 Author: Ville Syrjälä Date: Mon Jun 24 22:10:23 2024 +0300 drm/i915/dsb: Shuffle code around Relocate intel_dsb_dewake_scanline() and dsb_chicken() upwards in the file. I need to reuse these while emitting DSB commands, and I'd like to keep the DSB command emission stuff more or less grouped together in the file. Also drop the intel_ prefix from intel_dsb_dewake_scanline() since it's all internal stuff and thus doesn't need so much namespacing. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240624191032.27333-6-ville.syrjala@linux.intel.com Reviewed-by: Animesh manna commit 21bb04152a18ac2314ef4186b6dcd46f1b847354 Author: Ville Syrjälä Date: Mon Jun 24 22:10:22 2024 +0300 drm/i915/dsb: Convert dewake_scanline to a hw scanline number earlier Currently we switch from out software idea of a scanline to the hw's idea of a scanline during the commit phase in _intel_dsb_commit(). While that is slightly easier due to fastsets fiddling with the timings, we'll also need to generate proper hw scanline numbers already when emitting DSB scanline wait instructions. So this approach won't do in the future. Switch to hw scanline numbers earlier. Also intel_dsb_dewake_scanline() itself already makes some assumptions about VRR that don't take into account VRR toggling during fastsets, so technically delaying the sw->hw conversion doesn't even help us. The other reason for delaying the conversion was that we are using intel_get_crtc_scanline() during intel_dsb_commit() which gives us the current sw scanline. But this is pretty low level stuff anyway so just using raw PIPEDSL reads seems fine here, and that of course gives us the hw scanline directly, reducing the need to do so many conversions. v2: Return the non-hw scanline from intel_dsb_dewake_scanline() Reviewed-by: Jani Nikula Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240624191032.27333-5-ville.syrjala@linux.intel.com commit 81a1c37c8b52eff636e77a794d0f0620c3a40af0 Author: Ville Syrjälä Date: Tue Jun 25 16:58:52 2024 +0300 drm/i915/dsb: Hook up DSB error interrupts Enable all DSB error/fault interrupts so that we can see if anything goes terribly wrong. v2: Pass intel_display to DISPLAY_VER() (Jani) Drop extra '/' from drm_err() for consistency v3: Reorder the irq handler a bit Cc: Jani Nikula Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240625135852.13431-1-ville.syrjala@linux.intel.com Reviewed-by: Animesh Manna commit eeef9150a174a030894fa159f675ba804ad90c06 Author: David Wang <00107082@163.com> Date: Tue Aug 27 07:34:37 2024 +0800 ACPI: utils: Add rev/func to message when acpi_evaluate_dsm() fails When acpi_evaluate_dsm() fails, the warning message lacks the rev and func information which is available and helpful. For example, iwlwifi would make _DSM queries for lari config, and when it fails, all warning messages are all the same: ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade (0x1001) With this change, the warnings would be more informative: ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade rev:0 func:1 (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade rev:0 func:6 (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade rev:0 func:7 (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade rev:0 func:8 (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade rev:0 func:3 (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade rev:0 func:9 (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade rev:0 func:10 (0x1001) ACPI: \: failed to evaluate _DSM bf0212f2-788f-c64d-a5b3-1f738e285ade rev:0 func:12 (0x1001) Signed-off-by: David Wang <00107082@163.com> Link: https://patch.msgid.link/20240826233437.19632-1-00107082@163.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit 84addde447fd9d713e101437db0d4924855eff4f Author: Jani Nikula Date: Thu Aug 22 20:42:52 2024 +0300 drm/tiny/gm12u320: convert to struct drm_edid Prefer the struct drm_edid based functions for allocating the EDID and updating the connector. Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/c31c3afa883a3321345608c480c26161b638a83e.1724348429.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 42e08287a3185409a7a1923374a557e04fc36e48 Author: Jani Nikula Date: Thu Aug 22 20:42:51 2024 +0300 drm/ipuv3/parallel: convert to struct drm_edid Prefer the struct drm_edid based functions for storing the EDID and updating the connector. Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/a1698044d556072e79041d69b8702099fd17bd90.1724348429.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 98365ca74cbfae16b793b62a7ecabb5be8d77785 Author: Jani Nikula Date: Thu Aug 22 20:42:50 2024 +0300 drm/tegra: convert to struct drm_edid Prefer the struct drm_edid based functions for reading the EDID and updating the connector. Acked-by: Thierry Reding Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/e764b50f4ad2de95e449ccb37f49c3f37b3333fc.1724348429.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit f7945d9fa8b72dd6e0b1e4bfa68f6fe54fd521fe Author: Jani Nikula Date: Thu Aug 22 20:42:47 2024 +0300 drm/sti/sti_hdmi: convert to struct drm_edid Prefer the struct drm_edid based functions for reading the EDID and updating the connector. The functional change is that the CEC physical address gets invalidated when the EDID could not be read. v2: Use drm_edid_read() instead of drm_edid_read_ddc() (Sima) Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/25879a0183e30792bf0d63bdf56a03f11018e4a3.1724348429.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 33eca84db6e31091cef63584158ab64704f78462 Author: Ville Syrjälä Date: Wed Jul 10 15:41:37 2024 +0300 drm/i915: Fix readout degamma_lut mismatch on ilk/snb On ilk/snb the pipe may be configured to place the LUT before or after the CSC depending on various factors, but as there is only one LUT (no split mode like on IVB+) we only advertise a gamma_lut and no degamma_lut in the uapi to avoid confusing userspace. This can cause a problem during readout if the VBIOS/GOP enabled the LUT in the pre CSC configuration. The current code blindly assigns the results of the readout to the degamma_lut, which will cause a failure during the next atomic_check() as we aren't expecting anything to be in degamma_lut since it's not visible to userspace. Fix the problem by assigning whatever LUT we read out from the hardware into gamma_lut. Cc: stable@vger.kernel.org Fixes: d2559299d339 ("drm/i915: Make ilk_read_luts() capable of degamma readout") Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/11608 Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240710124137.16773-1-ville.syrjala@linux.intel.com Reviewed-by: Uma Shankar commit bfbdf72d6c145e008805f0745ff79f9b8e301e0e Author: Abhishek Tamboli Date: Tue Aug 27 20:55:04 2024 +0530 drm/panel: nv3051d: Transition to mipi_dsi_dcs_write_seq_multi Replace deprecated 'mipi_dsi_dcs_write_seq()' macro to 'mipi_dsi_dcs_write_seq_multi' macro in panel_nv3051d_init_sequence function. Signed-off-by: Abhishek Tamboli Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240827152504.30586-1-abhishektamboli9@gmail.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240827152504.30586-1-abhishektamboli9@gmail.com commit 076403a69837c1f8454ceced3ed6f0465835f4d1 Author: Tejas Vipin Date: Wed Aug 28 23:52:10 2024 +0530 drm/panel: novatek-nt35950: transition to mipi_dsi wrapped functions Changes the novatek-nt35950 panel to use multi style functions for improved error handling. Reviewed-by: Neil Armstrong Signed-off-by: Tejas Vipin Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20240828182210.565861-1-tejasvipin76@gmail.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240828182210.565861-1-tejasvipin76@gmail.com commit e0cb0c785250d0565c19ba17fc95bd7ab97670ba Author: Neil Armstrong Date: Wed Aug 28 18:03:40 2024 +0200 drm/panel: visionox-vtdr6130: switch to devm_regulator_bulk_get_const Switch to devm_regulator_bulk_get_const() to stop setting the supplies list in probe(), and move the regulator_bulk_data struct in static const. Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20240828-topic-sm8x50-upstream-vtdr6130-multi-v1-2-0cae20d4c55d@linaro.org Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240828-topic-sm8x50-upstream-vtdr6130-multi-v1-2-0cae20d4c55d@linaro.org commit 175d648be98bae22eb22444377dd9a0c497c9d46 Author: Neil Armstrong Date: Wed Aug 28 18:03:39 2024 +0200 drm/panel: visionox-vtdr6130: switch to mipi_dsi wrapped functions Make usage of the new _multi() mipi_dsi functions instead of the deprecated macros, improving error handling and printing. bloat-o-meter gives a 12% gain on arm64: Function old new delta visionox_vtdr6130_unprepare 208 204 -4 visionox_vtdr6130_prepare 1192 896 -296 Total: Before=2348, After=2048, chg -12.78% Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20240828-topic-sm8x50-upstream-vtdr6130-multi-v1-1-0cae20d4c55d@linaro.org Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240828-topic-sm8x50-upstream-vtdr6130-multi-v1-1-0cae20d4c55d@linaro.org commit 0a2ed70a549e61c5181bad5db418d223b68ae932 Author: Seiji Nishikawa Date: Sun Aug 25 23:13:52 2024 +0900 ACPI: PAD: fix crash in exit_round_robin() The kernel occasionally crashes in cpumask_clear_cpu(), which is called within exit_round_robin(), because when executing clear_bit(nr, addr) with nr set to 0xffffffff, the address calculation may cause misalignment within the memory, leading to access to an invalid memory address. ---------- BUG: unable to handle kernel paging request at ffffffffe0740618 ... CPU: 3 PID: 2919323 Comm: acpi_pad/14 Kdump: loaded Tainted: G OE X --------- - - 4.18.0-425.19.2.el8_7.x86_64 #1 ... RIP: 0010:power_saving_thread+0x313/0x411 [acpi_pad] Code: 89 cd 48 89 d3 eb d1 48 c7 c7 55 70 72 c0 e8 64 86 b0 e4 c6 05 0d a1 02 00 01 e9 bc fd ff ff 45 89 e4 42 8b 04 a5 20 82 72 c0 48 0f b3 05 f4 9c 01 00 42 c7 04 a5 20 82 72 c0 ff ff ff ff 31 RSP: 0018:ff72a5d51fa77ec8 EFLAGS: 00010202 RAX: 00000000ffffffff RBX: ff462981e5d8cb80 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000246 RDI: 0000000000000246 RBP: ff46297556959d80 R08: 0000000000000382 R09: ff46297c8d0f38d8 R10: 0000000000000000 R11: 0000000000000001 R12: 000000000000000e R13: 0000000000000000 R14: ffffffffffffffff R15: 000000000000000e FS: 0000000000000000(0000) GS:ff46297a800c0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffe0740618 CR3: 0000007e20410004 CR4: 0000000000771ee0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: ? acpi_pad_add+0x120/0x120 [acpi_pad] kthread+0x10b/0x130 ? set_kthread_struct+0x50/0x50 ret_from_fork+0x1f/0x40 ... CR2: ffffffffe0740618 crash> dis -lr ffffffffc0726923 ... /usr/src/debug/kernel-4.18.0-425.19.2.el8_7/linux-4.18.0-425.19.2.el8_7.x86_64/./include/linux/cpumask.h: 114 0xffffffffc0726918 : mov %r12d,%r12d /usr/src/debug/kernel-4.18.0-425.19.2.el8_7/linux-4.18.0-425.19.2.el8_7.x86_64/./include/linux/cpumask.h: 325 0xffffffffc072691b : mov -0x3f8d7de0(,%r12,4),%eax /usr/src/debug/kernel-4.18.0-425.19.2.el8_7/linux-4.18.0-425.19.2.el8_7.x86_64/./arch/x86/include/asm/bitops.h: 80 0xffffffffc0726923 : lock btr %rax,0x19cf4(%rip) # 0xffffffffc0740620 crash> px tsk_in_cpu[14] $66 = 0xffffffff crash> px 0xffffffffc072692c+0x19cf4 $99 = 0xffffffffc0740620 crash> sym 0xffffffffc0740620 ffffffffc0740620 (b) pad_busy_cpus_bits [acpi_pad] crash> px pad_busy_cpus_bits[0] $42 = 0xfffc0 ---------- To fix this, ensure that tsk_in_cpu[tsk_index] != -1 before calling cpumask_clear_cpu() in exit_round_robin(), just as it is done in round_robin_cpu(). Signed-off-by: Seiji Nishikawa Link: https://patch.msgid.link/20240825141352.25280-1-snishika@redhat.com [ rjw: Subject edit, avoid updates to the same value ] Signed-off-by: Rafael J. Wysocki commit 1728e57a9d26170ca13dd6b04474e2350be3c1a2 Author: Hans de Goede Date: Sun Aug 25 15:23:22 2024 +0200 ACPI: x86: Make Lenovo Yoga Tab 3 X90F DMI match less strict There are 2G and 4G RAM versions of the Lenovo Yoga Tab 3 X90F and it turns out that the 2G version has a DMI product name of "CHERRYVIEW D1 PLATFORM" where as the 4G version has "CHERRYVIEW C0 PLATFORM". The sys-vendor + product-version check are unique enough that the product-name check is not necessary. Drop the product-name check so that the existing DMI match for the 4G RAM version also matches the 2G RAM version. Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20240825132322.6776-2-hdegoede@redhat.com Signed-off-by: Rafael J. Wysocki commit 4be50f9918507bb3392726777f483c59e41a1e28 Author: Hans de Goede Date: Sun Aug 25 15:23:21 2024 +0200 ACPI: video: Make Lenovo Yoga Tab 3 X90F DMI match less strict There are 2G and 4G RAM versions of the Lenovo Yoga Tab 3 X90F and it turns out that the 2G version has a DMI product name of "CHERRYVIEW D1 PLATFORM" where as the 4G version has "CHERRYVIEW C0 PLATFORM". The sys-vendor + product-version check are unique enough that the product-name check is not necessary. Drop the product-name check so that the existing DMI match for the 4G RAM version also matches the 2G RAM version. Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20240825132322.6776-1-hdegoede@redhat.com Signed-off-by: Rafael J. Wysocki commit 1251580983f267e2e6b6505609a835119b68c513 Author: Christoph Hellwig Date: Mon Aug 26 19:37:57 2024 +0200 block: don't use bio_split_rw on misc operations bio_split_rw is designed to split read and write bios with a payload. Currently it is called by __bio_split_to_limits for all operations not explicitly list, which works because bio_may_need_split explicitly checks for bi_vcnt == 1 and thus skips the bypass if there is no payload and bio_for_each_bvec loop will never execute it's body if bi_size is 0. But all this is hard to understand, fragile and wasted pointless cycles. Switch __bio_split_to_limits to only call bio_split_rw for READ and WRITE command and don't attempt any kind split for operation that do not require splitting. Signed-off-by: Christoph Hellwig Reviewed-by: Damien Le Moal Tested-by: Hans Holmberg Reviewed-by: Hans Holmberg Link: https://lore.kernel.org/r/20240826173820.1690925-5-hch@lst.de Signed-off-by: Jens Axboe commit 1e8a7f6af926e266cc1d7ac49b56bd064057d625 Author: Christoph Hellwig Date: Mon Aug 26 19:37:56 2024 +0200 block: properly handle REQ_OP_ZONE_APPEND in __bio_split_to_limits Currently REQ_OP_ZONE_APPEND is handled by the bio_split_rw case in __bio_split_to_limits. This is harmful because REQ_OP_ZONE_APPEND bios do not adhere to the soft max_limits value but instead use their own capped version of max_hw_sectors, leading to incorrect splits that later blow up in bio_split. We still need the bio_split_rw logic to count nr_segs for blk-mq code, so add a new wrapper that passes in the right limit, and turns any bio that would need a split into an error as an additional debugging aid. Signed-off-by: Christoph Hellwig Reviewed-by: Damien Le Moal Tested-by: Hans Holmberg Reviewed-by: Hans Holmberg Link: https://lore.kernel.org/r/20240826173820.1690925-4-hch@lst.de Signed-off-by: Jens Axboe commit 379b122a3ec8033aa43cb70e8ecb6fb7f98aa68f Author: Christoph Hellwig Date: Mon Aug 26 19:37:55 2024 +0200 block: constify the lim argument to queue_limits_max_zone_append_sectors queue_limits_max_zone_append_sectors doesn't change the lim argument, so mark it as const. Signed-off-by: Christoph Hellwig Reviewed-by: Damien Le Moal Tested-by: Hans Holmberg Reviewed-by: Hans Holmberg Link: https://lore.kernel.org/r/20240826173820.1690925-3-hch@lst.de Signed-off-by: Jens Axboe commit b35243a447b9fe6457fa8e1352152b818436ba5a Author: Christoph Hellwig Date: Mon Aug 26 19:37:54 2024 +0200 block: rework bio splitting The current setup with bio_may_exceed_limit and __bio_split_to_limits is a bit of a mess. Change it so that __bio_split_to_limits does all the work and is just a variant of bio_split_to_limits that returns nr_segs. This is done by inlining it and instead have the various bio_split_* helpers directly submit the potentially split bios. To support btrfs, the rw version has a lower level helper split out that just returns the offset to split. This turns out to nicely clean up the btrfs flow as well. Signed-off-by: Christoph Hellwig Acked-by: David Sterba Reviewed-by: Damien Le Moal Tested-by: Hans Holmberg Reviewed-by: Hans Holmberg Link: https://lore.kernel.org/r/20240826173820.1690925-2-hch@lst.de Signed-off-by: Jens Axboe commit b7059df44f12a481ed257b242607c0ff64b36a95 Author: Manisha Singh Date: Thu Aug 29 03:51:55 2024 +0530 staging: rtl8712: Calculate size from pointer Calculate the size from the pointer instead of struct to adhere to kernel coding style. Signed-off-by: Manisha Singh Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240828222153.68062-4-masingh.linux@gmail.com Signed-off-by: Greg Kroah-Hartman commit 399763befd12a0b1e396ca7c6949bfc2f79583ae Author: Manisha Singh Date: Thu Aug 29 03:51:53 2024 +0530 staging: rtl8712: Fix style issues in rtl871x_io.c Refactor the _init_intf_hdl() function to avoid multiple assignments in a single statement. This change improves code readability and adheres to kernel coding style guidelines. Signed-off-by: Manisha Singh Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240828222153.68062-2-masingh.linux@gmail.com Signed-off-by: Greg Kroah-Hartman commit 218683bcfb108b56cec19079c8136d2a68e39859 Author: Dorine Tipo Date: Wed Aug 28 08:29:35 2024 +0000 staging: rtl8712: Align parenthesis in usb_ops_linux.c Fix the parenthesis alignment in r8712_read_port() function to match the opening parenthesis. This improves code readability and adheres to the kernel coding style. Signed-off-by: Dorine Tipo Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240828082935.GA3815@ubuntu-focal Signed-off-by: Greg Kroah-Hartman commit 7b6ff621e8bd18773728791f727246dc9b2e6fb5 Author: Dominik Karol Piątkowski Date: Wed Aug 28 15:00:09 2024 +0000 staging: vt6655: Fix block comment alignment This patch fixes the "Block comments should align the * on each line" warning detected by checkpatch.pl. Signed-off-by: Dominik Karol Piątkowski Link: https://lore.kernel.org/r/20240828145923.78004-1-dominik.karol.piatkowski@protonmail.com Signed-off-by: Greg Kroah-Hartman commit 091dbb7e5db10ba10ffa0f92f6381882567cc274 Author: Dominik Karol Piątkowski Date: Wed Aug 28 14:46:56 2024 +0000 staging: vt6655: Update maintainer in TODO Commit ed394dbf5371b03a5335a7ba1973ba124c0ced3d replaced Forest Bond with Philipp Hortmann as vt665X maintainer in MAINTAINERS, but drivers/staging/vt6655/TODO was not changed, rendering it stale. This patch fixes it. Signed-off-by: Dominik Karol Piątkowski Link: https://lore.kernel.org/r/20240828144545.76022-1-dominik.karol.piatkowski@protonmail.com Signed-off-by: Greg Kroah-Hartman commit a8a8b54350229f59c8ba6496fb5689a1632a59be Author: Riyan Dhiman Date: Tue Aug 27 18:26:05 2024 +0530 staging: vme_user: added bound check to geoid The geoid is a module parameter that allows users to hardcode the slot number. A bound check for geoid was added in the probe function because only values between 0 and less than VME_MAX_SLOT are valid. Signed-off-by: Riyan Dhiman Reviewed-by: Dan Carpenter Link: https://lore.kernel.org/r/20240827125604.42771-2-riyandhiman14@gmail.com Signed-off-by: Greg Kroah-Hartman commit c692c1b77b5da74bf94954cc65a05a348e5a5eae Author: Tree Davies Date: Sun Aug 25 17:17:24 2024 -0700 Staging: rtl8192e: Rename variable bCmdOrInit Rename variable bCmdOrInit to cmd_or_init to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240826001724.274811-7-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 56c3350b01fc5467f960c11d0e3290152dc208a5 Author: Tree Davies Date: Sun Aug 25 17:17:23 2024 -0700 Staging: rtl8192e: Rename variable msDelay Rename variable msDelay to ms_delay to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240826001724.274811-6-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 966ae15a9b944de369c10f041b586172c5b0662a Author: Tree Davies Date: Sun Aug 25 17:17:22 2024 -0700 Staging: rtl8192e: Rename variable CmdID Rename variable CmdID to cmd_id to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240826001724.274811-5-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 0b5b0dd07899c2a5318f6bf53e330875949ac392 Author: Tree Davies Date: Sun Aug 25 17:17:21 2024 -0700 Staging: rtl8192e: Rename variable CmdID_RF_WriteReg Rename variable CmdID_RF_WriteReg to cmd_id_rf_write_reg to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240826001724.274811-4-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit b3a13ff88549c1d35d20cc9f636a3afebc709500 Author: Tree Davies Date: Sun Aug 25 17:17:20 2024 -0700 Staging: rtl8192e: Rename variable bLastIniPkt Rename variable bLastIniPkt to last_ini_pkt to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240826001724.274811-3-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit fc16bd7950a1de34428659ed1a775c8c62ce1981 Author: Tree Davies Date: Sun Aug 25 17:17:19 2024 -0700 Staging: rtl8192e: Rename variable CurPsLevel Rename variable CurPsLevel to cur_ps_level to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240826001724.274811-2-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit f5c05974349c8e3d80e125b71bd80695807d8528 Merge: c0a1ef9c5be72f e9654659fe3c53 Author: Rafael J. Wysocki Date: Thu Aug 29 11:45:08 2024 +0200 Merge branch 'thermal-core' Merge thermal core updates for 6.12 which, among other things, rework the thermal driver interface for binding cooling devices to thermal zones and add a thermal core testing module: - Update some thermal drivers to eliminate thermal_zone_get_trip() calls from them and get rid of that function (Rafael Wysocki). - Update the thermal sysfs code to store trip point attributes in trip descriptors and get to trip points via attribute pointers (Rafael Wysocki). - Move the computation of the low and high boundaries for thermal_zone_set_trips() to __thermal_zone_device_update() (Daniel Lezcano). - Introduce a debugfs-based facility for thermal core testing (Rafael Wysocki). - Replace the thermal zone .bind() and .unbind() callbacks for binding cooling devices to thermal zones with one .should_bind() callback used for deciding whether or not a given cooling devices should be bound to a given trip point in a given thermal zone (Rafael Wysocki). - Eliminate code that has no more users after the other changes, drop some redundant checks from the thermal core and clean it up (Rafael Wysocki). - Fix rounding of delay jiffies in the thermal core (Rafael Wysocki). * thermal-core: (31 commits) thermal: core: Drop tz field from struct thermal_instance thermal: core: Drop redundant checks from thermal_bind_cdev_to_trip() thermal: core: Rename cdev-to-thermal-zone bind/unbind functions thermal: core: Fix rounding of delay jiffies thermal: core: Clean up trip bind/unbind functions thermal: core: Drop unused bind/unbind functions and callbacks thermal/of: Use the .should_bind() thermal zone callback thermal: imx: Use the .should_bind() thermal zone callback mlxsw: core_thermal: Use the .should_bind() thermal zone callback platform/x86: acerhdf: Use the .should_bind() thermal zone callback thermal: core: Unexport thermal_bind_cdev_to_trip() and thermal_unbind_cdev_from_trip() thermal: ACPI: Use the .should_bind() thermal zone callback thermal: core: Introduce .should_bind() thermal zone callback thermal: core: Move thermal zone locking out of bind/unbind functions thermal: sysfs: Use the dev argument in instance-related show/store thermal: core: Drop redundant thermal instance checks thermal: core: Rearrange checks in thermal_bind_cdev_to_trip() thermal: core: Fold two functions into their respective callers thermal: Introduce a debugfs-based testing facility thermal/core: Compute low and high boundaries in thermal_zone_device_update() ... commit 506b21c945b9716a1e092189c260d9400c52fa14 Author: Aurelien Aptel Date: Fri May 17 16:10:28 2024 +0000 fuse: use correct name fuse_conn_list in docstring fuse_mount_list doesn't exist, use fuse_conn_list. Signed-off-by: Aurelien Aptel Reviewed-by: Bernd Schubert Signed-off-by: Miklos Szeredi commit 396b209e405a571ce8e06d3760ffc3e389a944f1 Author: Josef Bacik Date: Wed Jul 3 10:38:42 2024 -0400 fuse: add simple request tracepoints I've been timing various fuse operations and it's quite annoying to do with kprobes. Add two tracepoints for sending and ending fuse requests to make it easier to debug and time various operations. Signed-off-by: Josef Bacik Reviewed-by: Bernd Schubert Signed-off-by: Miklos Szeredi commit 0acad9289be33d324537d6c51988be0541b1139d Author: Joanne Koong Date: Mon Aug 26 14:19:08 2024 -0700 fuse: refactor out shared logic in fuse_writepages_fill() and fuse_writepage_locked() This change refactors the shared logic in fuse_writepages_fill() and fuse_writepages_locked() into two separate helper functions, fuse_writepage_args_page_fill() and fuse_writepage_args_setup(). No functional changes added. Signed-off-by: Joanne Koong Reviewed-by: Josef Bacik Signed-off-by: Miklos Szeredi commit 4046d3adcca42b7678f11c71e46bd32bafb4dad1 Author: Joanne Koong Date: Mon Aug 26 14:19:07 2024 -0700 fuse: move fuse file initialization to wpa allocation time Before this change, wpa->ia.ff is initialized with an acquired reference on the fuse file right before it submits the writeback request. If there are auxiliary writebacks, then the initialization and reference acquisition needs to also be set before we submit the auxiliary writeback request. To make the logic simpler and to pave the way for a subsequent refactoring of fuse_writepages_fill() and fuse_writepage_locked(), this change initializes and acquires wpa->ia.ff when the wpa is allocated. No functional changes added. Signed-off-by: Joanne Koong Reviewed-by: Josef Bacik Signed-off-by: Miklos Szeredi commit 9a8ebcf5e04e6cc9472bfcdd90b2aeef35a2f8f6 Author: Joanne Koong Date: Mon Aug 26 14:19:06 2024 -0700 fuse: convert fuse_writepages_fill() to use a folio for its tmp page To pave the way for refactoring out the shared logic in fuse_writepages_fill() and fuse_writepage_locked(), this change converts the temporary page in fuse_writepages_fill() to use the folio API. This is similar to the change in commit e0887e095a80 ("fuse: Convert fuse_writepage_locked to take a folio"), which converted the tmp page in fuse_writepage_locked() to use the folio API. inc_node_page_state() is intentionally preserved here instead of converting to node_stat_add_folio() since it is updating the stat of the underlying page and to better maintain API symmetry with dec_node_page_stat() in fuse_writepage_finish_stat(). No functional changes added. Signed-off-by: Joanne Koong Reviewed-by: Josef Bacik Signed-off-by: Miklos Szeredi commit 672c3b7457fcee9656c36a29a4b21ec4a652433e Author: Joanne Koong Date: Mon Aug 26 14:19:05 2024 -0700 fuse: move initialization of fuse_file to fuse_writepages() instead of in callback Prior to this change, data->ff is checked and if not initialized then initialized in the fuse_writepages_fill() callback, which gets called for every dirty page in the address space mapping. This logic is better placed in the main fuse_writepages() caller where data.ff is initialized before walking the dirty pages. No functional changes added. Signed-off-by: Joanne Koong Reviewed-by: Josef Bacik Signed-off-by: Miklos Szeredi commit c04e3b2118192384153b4eac595768e2ffb7ac4a Author: Joanne Koong Date: Mon Aug 26 14:19:03 2024 -0700 fuse: refactor finished writeback stats updates into helper function Move the logic for updating the bdi and page stats for a finished writeback into a separate helper function, where it can be called from both fuse_writepage_finish() and fuse_writepage_add() (in the case where there is already an auxiliary write request for the page). No functional changes added. Suggested by: Jingbo Xu Signed-off-by: Joanne Koong Reviewed-by: Josef Bacik Signed-off-by: Miklos Szeredi commit 509a6458b44f72bb6854854c89cf76e56f11c9f1 Author: Joanne Koong Date: Mon Aug 26 14:19:02 2024 -0700 fuse: drop unused fuse_mount arg in fuse_writepage_finish() Drop the unused "struct fuse_mount *fm" arg in fuse_writepage_finish(). No functional changes added. Signed-off-by: Joanne Koong Reviewed-by: Jingbo Xu Reviewed-by: Josef Bacik Signed-off-by: Miklos Szeredi commit ac5cffec53be0b0231b89470a357bd3a5814f599 Author: yangyun Date: Wed Aug 14 17:36:00 2024 +0800 fuse: add fast path for fuse_range_is_writeback In some cases, the fi->writepages may be empty. And there is no need to check fi->writepages with spin_lock, which may have an impact on performance due to lock contention. For example, in scenarios where multiple readers read the same file without any writers, or where the page cache is not enabled. Also remove the outdated comment since commit 6b2fb79963fb ("fuse: optimize writepages search") has optimize the situation by replacing list with rb-tree. Signed-off-by: yangyun Signed-off-by: Miklos Szeredi commit 5de8acb41c86f1d335d165e0a350441ea3a1f480 Author: Miklos Szeredi Date: Wed May 29 17:09:07 2024 +0200 fuse: cleanup request queuing towards virtiofs Virtiofs has its own queuing mechanism, but still requests are first queued on fiq->pending to be immediately dequeued and queued onto the virtio queue. The queuing on fiq->pending is unnecessary and might even have some performance impact due to being a contention point. Forget requests are handled similarly. Move the queuing of requests and forgets into the fiq->ops->*. fuse_iqueue_ops are renamed to reflect the new semantics. Reviewed-by: Stefan Hajnoczi Fixed-by: Jingbo Xu Reviewed-by: Jingbo Xu Tested-by: Peter-Jan Gootzen Reviewed-by: Peter-Jan Gootzen Signed-off-by: Miklos Szeredi commit 34b4540e6646577d02afacfcbc08e563b7d69a9f Author: Haifeng Xu Date: Tue Jul 30 12:20:08 2024 +0800 ovl: don't set the superblock's errseq_t manually Since commit 5679897eb104 ("vfs: make sync_filesystem return errors from ->sync_fs"), the return value from sync_fs callback can be seen in sync_filesystem(). Thus the errseq_set opreation can be removed here. Depends-on: commit 5679897eb104 ("vfs: make sync_filesystem return errors from ->sync_fs") Signed-off-by: Haifeng Xu Reviewed-by: Amir Goldstein Signed-off-by: Amir Goldstein commit cc40f5baa91bb7b031f5622e11a4e443cb771527 Author: Elaine Zhang Date: Wed Aug 28 15:42:55 2024 +0000 clk: rockchip: Add clock controller for the RK3576 Add the clock and reset tree definitions for the new RK3576 SoC. As opposed to the other rockchip CRU drivers, the GRF node is looked up via compatible instead of a phandle, which simplifies the device tree bindings. Signed-off-by: Elaine Zhang Signed-off-by: Finley Xiao Signed-off-by: YouMin Chen Signed-off-by: Liang Chen Signed-off-by: Sugar Zhang Signed-off-by: Detlev Casanova Reviewed-by: Elaine Zhang Tested-by: Shawn Lin Acked-by: Dragan Simic Link: https://lore.kernel.org/r/0102019199a7781a-888440f0-a3f7-4a7d-a831-491260cbdfe7-000000@eu-west-1.amazonses.com [dropped additional blank line at EOF in rst-rk3576.c dropped the whole (non-)working as module part] Signed-off-by: Heiko Stuebner commit e781bffc296766b55dbd048890d558655031e8d1 Author: Elaine Zhang Date: Wed Aug 28 15:42:52 2024 +0000 clk: rockchip: Add new pll type pll_rk3588_ddr That PLL type is similar to the other rk3588 pll types but the actual rate is twice the configured rate. Therefore, the returned calculated rate must be multiplied by two. Signed-off-by: Elaine Zhang Signed-off-by: Detlev Casanova Acked-by: Dragan Simic Link: https://lore.kernel.org/r/0102019199a76ec4-9d5846d4-d76a-4e69-a241-c88c2983d607-000000@eu-west-1.amazonses.com Signed-off-by: Heiko Stuebner commit 439667fb943cfea46d7bde5c7b29c89efec3cbc7 Author: Xi Ruoyao Date: Wed Aug 28 11:04:14 2024 +0800 mips: Remove posix_types.h include from sigcontext.h Nothing in sigcontext.h seems to require anything from linux/posix_types.h. It seems only a relict: in a Linux 2.6.11-rc2 patch [1] the linux/types.h include was unexplainedly changed to a linux/posix_types.h include. I can only assume it was just an error. Finally headers_check complained "found __[us]{8,16,32,64} type without #include " and commit ae612fb05b0f ("headers_check fix: mips, sigcontext.h") added back the linux/types.h include, but it didn't remove the posix_types.h include. Remove it now. [1]:https://kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.11-rc2/2.6.11-rc2-mm2/broken-out/mips-generic-mips-updates.patch Signed-off-by: Xi Ruoyao Signed-off-by: Thomas Bogendoerfer commit 6c4cdf4e126675d8ce0ead810c30831ee1c0997f Author: Wu Bo Date: Mon Aug 26 20:53:58 2024 -0600 bus: bt1-apb: change to use devm_clk_get_enabled() helper Use devm_clk_get_enabled() instead of devm_clk_get() to make the code cleaner and avoid calling clk_disable_unprepare() Signed-off-by: Wu Bo Acked-by: Serge Semin Signed-off-by: Thomas Bogendoerfer commit 854527e0fb9142fa6aea2ca24741ca25c23a0bec Author: Wu Bo Date: Mon Aug 26 20:49:44 2024 -0600 bus: bt1-axi: change to use devm_clk_get_enabled() helper Use devm_clk_get_enabled() instead of devm_clk_get() to make the code cleaner and avoid calling clk_disable_unprepare() Signed-off-by: Wu Bo Acked-by: Serge Semin Signed-off-by: Thomas Bogendoerfer commit 58f28a2e0bbec52ee7b02e5d818bbe6adceecab3 Author: Gaosheng Cui Date: Wed Aug 14 18:43:12 2024 +0800 MIPS: dec: prom: Remove unused unregister_prom_console() declaration The unregister_prom_console() has been removed since commit 36a885306fdf ("[MIPS] Fix and cleanup the mess that a dozen prom_printf variants are."), so remove it. Signed-off-by: Gaosheng Cui Acked-by: Maciej W. Rozycki Signed-off-by: Thomas Bogendoerfer commit 9d14962e90ee94573a603ae407706011f551aa8c Author: Gaosheng Cui Date: Wed Aug 14 18:41:56 2024 +0800 MIPS: Remove unused mips_display/_scroll_message() declarations The mips_display/_scroll_message() have been removed since commit 0b0037490f37 ("MIPS: malta: Use img-ascii-lcd driver for LCD display"), so remove them. Signed-off-by: Gaosheng Cui Signed-off-by: Thomas Bogendoerfer commit fdb31c54e896d9df8c96c2683af64aae92e9946e Author: Gaosheng Cui Date: Wed Aug 14 18:40:52 2024 +0800 MIPS: Remove unused declarations in asm/cmp.h These functions have been removed since commit 7fb6f7b0af67 ("MIPS: Remove deprecated CONFIG_MIPS_CMP"), so remove them. Signed-off-by: Gaosheng Cui Signed-off-by: Thomas Bogendoerfer commit 3fd19664c3bd50dc479ff444e43787439074458a Author: Gaosheng Cui Date: Wed Aug 14 18:39:33 2024 +0800 MIPS: MT: Remove unused function mips_mt_regdump() The mips_mt_regdump() has not been used since commit b633648c5ad3 ("MIPS: MT: Remove SMTC support"), so remove it. Signed-off-by: Gaosheng Cui Reviewed-by: Ricardo B. Marliere Signed-off-by: Thomas Bogendoerfer commit cc49fcd0bc2db23489a87f6fa17119a76b70ec6b Author: Biju Das Date: Mon Aug 26 11:16:46 2024 +0100 arm64: dts: renesas: r9a07g043u11-smarc: Enable DU Enable the Display Unit and link with the HDMI add-on board connected to the parallel connector on the RZ/G2UL SMARC EVK by using a Device Tree overlay. Signed-off-by: Biju Das Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240826101648.176647-1-biju.das.jz@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 321f7798cfb8d834ae0ed0d467c8bf46804243f9 Author: Benjamin Tissoires Date: Tue Aug 27 17:19:32 2024 +0900 selftests/hid: Add HIDIOCREVOKE tests Add 4 tests for the new revoke ioctl, for read/write/ioctl and poll. Reviewed-by: Peter Hutterer Link: https://patch.msgid.link/20240827-hidraw-revoke-v5-4-d004a7451aea@kernel.org Signed-off-by: Benjamin Tissoires commit 8163892a629ca544af575ce54955bf275a3250cd Author: Benjamin Tissoires Date: Tue Aug 27 17:19:31 2024 +0900 selftests/hid: Add initial hidraw tests skeleton Largely inspired from hid_bpf.c for the fixture setup. Create a couple of tests for hidraw: - create a uhid device and check if the fixture is working properly - inject one uhid event and read it through hidraw These tests are not that useful for now, but will be once we start adding the ioctl and BPFs to revoke the hidraw node. Reviewed-by: Peter Hutterer Link: https://patch.msgid.link/20240827-hidraw-revoke-v5-3-d004a7451aea@kernel.org Signed-off-by: Benjamin Tissoires commit 375e9bde9fc0fdb9e8d2339b06be5c2c2a5cb701 Author: Benjamin Tissoires Date: Tue Aug 27 17:19:30 2024 +0900 selftests/hid: extract the utility part of hid_bpf.c into its own header When adding new tests programs, we need the same mechanics to create new virtual devices, and read from their matching hidraw node. Extract the common part into its own header so we can easily add new tests C-files. Link: https://patch.msgid.link/20240827-hidraw-revoke-v5-2-d004a7451aea@kernel.org Signed-off-by: Benjamin Tissoires commit b31c9d9dc343146b9f4ce67b4eee748c49296e99 Author: Peter Hutterer Date: Tue Aug 27 17:19:29 2024 +0900 HID: hidraw: add HIDIOCREVOKE ioctl There is a need for userspace applications to open HID devices directly. Use-cases include configuration of gaming mice or direct access to joystick devices. The latter is currently handled by the uaccess tag in systemd, other devices include more custom/local configurations or just sudo. A better approach is what we already have for evdev devices: give the application a file descriptor and revoke it when it may no longer access that device. This patch is the hidraw equivalent to the EVIOCREVOKE ioctl, see commit c7dc65737c9a ("Input: evdev - add EVIOCREVOKE ioctl") for full details. An MR for systemd-logind has been filed here: https://github.com/systemd/systemd/pull/33970 Signed-off-by: Peter Hutterer Link: https://patch.msgid.link/20240827-hidraw-revoke-v5-1-d004a7451aea@kernel.org Signed-off-by: Benjamin Tissoires commit 7569c9fb2afd326258108e81d462b1a43c6b7ee0 Author: Gaosheng Cui Date: Wed Aug 14 18:37:39 2024 +0800 mips/jazz: remove unused jazz_handle_int() declaration The jazz_handle_int() has been removed since commit e4ac58afdfac ("[MIPS] Rewrite all the assembler interrupt handlers to C."), so remove it. Signed-off-by: Gaosheng Cui Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Thomas Bogendoerfer commit 7fe722ee4c5a2f6d718db18e5f654dd28394f097 Author: Biju Das Date: Mon Aug 26 10:08:00 2024 +0100 arm64: dts: renesas: rzg2lc-smarc: Enable HDMI audio Enable HDMI audio on the RZ/G2LC SMARC EVK. Set SW 1.5 on the SoM module to the OFF position to turn on HDMI audio. Signed-off-by: Biju Das Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240826090803.56176-3-biju.das.jz@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 73573fde91ebbf536ad1368150a1ef875ca0786f Author: Biju Das Date: Mon Aug 26 10:07:59 2024 +0100 arm64: dts: renesas: rzg2l-smarc: Enable HDMI audio Enable HDMI audio on the RZ/{G2L,V2L} SMARC EVK. Signed-off-by: Biju Das Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240826090803.56176-2-biju.das.jz@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit c0bb40a2a401fed232d1e58e6a46d69a835fcf0a Author: Gaosheng Cui Date: Wed Aug 14 18:35:53 2024 +0800 MIPS: Remove unused function dump_au1000_dma_channel() in dma.c The dump_au1000_dma_channel() has not been used since commit d56b9b9c464a ("[PATCH] The scheduled removal of some OSS drivers"), so remove it. Signed-off-by: Gaosheng Cui Signed-off-by: Thomas Bogendoerfer commit 0a8b08c554dabea952a75363c89050b1fbcbfffb Author: Florian Westphal Date: Tue Aug 27 11:00:12 2024 +0200 selftests: netfilter: nft_queue.sh: reduce test file size for debug build The sctp selftest is very slow on debug kernels. Reported-by: Jakub Kicinski Closes: https://lore.kernel.org/netdev/20240826192500.32efa22c@kernel.org/ Fixes: 4e97d521c2be ("selftests: netfilter: nft_queue.sh: sctp coverage") Signed-off-by: Florian Westphal Acked-by: Pablo Neira Ayuso Link: https://patch.msgid.link/20240827090023.8917-1-fw@strlen.de Signed-off-by: Paolo Abeni commit 9fd2ba4bf139bfe7781a24649d57133bd8af3624 Author: Vincent Legoll Date: Mon Aug 12 15:17:43 2024 +0200 MIPS: ralink: Fix missing `get_c0_perfcount_int` prototype Fix the following warning: CC arch/mips/ralink/irq-gic.o arch/mips/ralink/irq-gic.c:15:5: warning: no previous prototype for 'get_c0_perfcount_int' [-Wmissing-prototypes] 15 | int get_c0_perfcount_int(void) | ^~~~~~~~~~~~~~~~~~~~ Signed-off-by: Vincent Legoll Signed-off-by: Thomas Bogendoerfer commit 4f3089ad555601b494c91aa9dfbf9c3060cc3e73 Author: Vincent Legoll Date: Mon Aug 12 15:17:42 2024 +0200 MIPS: ralink: Fix missing `plat_time_init` prototype Fix the following warning: CC arch/mips/ralink/timer-gic.o arch/mips/ralink/timer-gic.c:18:13: warning: no previous prototype for 'plat_time_init' [-Wmissing-prototypes] 18 | void __init plat_time_init(void) | ^~~~~~~~~~~~~~ Signed-off-by: Vincent Legoll Signed-off-by: Thomas Bogendoerfer commit 49c04453db81fc806906e26ef9fc53bdb635ff39 Author: Detlev Casanova Date: Wed Aug 28 15:42:50 2024 +0000 dt-bindings: clock, reset: Add support for rk3576 Add clock and reset ID defines for rk3576. Compared to the downstream bindings written by Elaine, this uses continous gapless IDs starting at 0. Thus all numbers are different between downstream and upstream, but names are kept exactly the same. Also add documentation for the rk3576 CRU core. Signed-off-by: Elaine Zhang Signed-off-by: Sugar Zhang Signed-off-by: Detlev Casanova Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/0102019199a76766-f3a2b53f-d063-458b-b0d1-dfbc2ea1893c-000000@eu-west-1.amazonses.com Signed-off-by: Heiko Stuebner commit b71ccff68ef1a5bd1c02d0fca01ddb3d9088329a Author: Jani Nikula Date: Mon Aug 12 15:23:12 2024 +0300 drm/amd/display: switch to guid_gen() to generate valid GUIDs Instead of just smashing jiffies into a GUID, use guid_gen() to generate RFC 4122 compliant GUIDs. Reviewed-by: Daniel Vetter Acked-by: Harry Wentland Acked-by: Alex Deucher Acked-by: Hamza Mahfooz Link: https://patchwork.freedesktop.org/patch/msgid/20240812122312.1567046-3-jani.nikula@intel.com Signed-off-by: Jani Nikula commit 4548f10bf4c67b569b7c9fbc6746340a558faab9 Author: Jani Nikula Date: Mon Aug 12 15:23:11 2024 +0300 drm/mst: switch to guid_gen() to generate valid GUIDs Instead of just smashing jiffies into a GUID, use guid_gen() to generate RFC 4122 compliant GUIDs. Reviewed-by: Daniel Vetter Acked-by: Harry Wentland Acked-by: Alex Deucher Acked-by: Hamza Mahfooz Link: https://patchwork.freedesktop.org/patch/msgid/20240812122312.1567046-2-jani.nikula@intel.com Signed-off-by: Jani Nikula commit 33929707b808ba7839c40c15d3e68cbc51070b31 Author: Jani Nikula Date: Mon Aug 12 15:23:10 2024 +0300 drm/mst: switch to guid_t type for GUID The kernel has a guid_t type for GUIDs. Switch to using it, but avoid any functional changes here. Reviewed-by: Daniel Vetter Acked-by: Harry Wentland Acked-by: Alex Deucher Acked-by: Hamza Mahfooz Link: https://patchwork.freedesktop.org/patch/msgid/20240812122312.1567046-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit 3529dc29fe65672ad9aeab9499fee901d0010901 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:30:13 2024 +0200 dt-bindings: clock: rockchip,rk3588-cru: drop unneeded assigned-clocks assigned-clocks property is redundant, because core dtschema allows them if clocks are provided. Signed-off-by: Krzysztof Kozlowski Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240818173014.122073-4-krzysztof.kozlowski@linaro.org Signed-off-by: Heiko Stuebner commit 0d02e8d284a45bfa8997ebe8764437b8eb6b108b Author: Alexander Shiyan Date: Thu Aug 29 08:28:20 2024 +0300 clk: rockchip: rk3588: Fix 32k clock name for pmu_24m_32k_100m_src_p The 32kHz input clock is named "xin32k" in the driver, so the name "32k" appears to be a typo in this case. Lets fix this. Signed-off-by: Alexander Shiyan Reviewed-by: Dragan Simic Fixes: f1c506d152ff ("clk: rockchip: add clock controller for the RK3588") Link: https://lore.kernel.org/r/20240829052820.3604-1-eagle.alexander923@gmail.com Signed-off-by: Heiko Stuebner commit 4641c7ea88d1029500ff64c4d0a1df0584b1bfcc Author: Oliver Upton Date: Thu Aug 29 00:46:22 2024 +0000 KVM: arm64: selftests: Cope with lack of GICv3 in set_id_regs Broonie reports that the set_id_regs test is failing as of commit 5cb57a1aff75 ("KVM: arm64: Zero ID_AA64PFR0_EL1.GIC when no GICv3 is presented to the guest"). The test does not anticipate the 'late' ID register fixup where KVM clobbers the GIC field in absence of GICv3. While the field technically has FTR_LOWER_SAFE behavior, fix the issue by setting it to an exact value of 0, matching the effect of the 'late' fixup. Reported-by: Mark Brown Signed-off-by: Oliver Upton Link: https://lore.kernel.org/r/20240829004622.3058639-1-oliver.upton@linux.dev Signed-off-by: Marc Zyngier commit 42dc425fa8b5be982bcc2025d5bf30be8b26da86 Author: Wei Fang Date: Thu Aug 29 09:18:48 2024 +0800 clk: imx95: enable the clock of NETCMIX block control The NETCMIX block control consists of registers for configuration of peripherals in the NETC domain, so enable the clock of NETCMIX to support the configuration. Signed-off-by: Wei Fang Reviewed-by: Peng Fan Link: https://lore.kernel.org/r/20240829011849.364987-4-wei.fang@nxp.com Signed-off-by: Abel Vesa commit b4f62001ccd3fa953769ccbd313c9a7a4f5f8f3d Author: Wei Fang Date: Thu Aug 29 09:18:47 2024 +0800 dt-bindings: clock: add RMII clock selection Add RMII clock selection for ENETC0 and ENETC1. Signed-off-by: Wei Fang Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240829011849.364987-3-wei.fang@nxp.com Signed-off-by: Abel Vesa commit 4b78b54762dbfc2f22f28655fa3cf6f5d50de197 Author: Wei Fang Date: Thu Aug 29 09:18:46 2024 +0800 dt-bindings: clock: add i.MX95 NETCMIX block control Add 'nxp,imx95-netcmix-blk-ctrl' compatible string for i.MX95 platform. Signed-off-by: Wei Fang Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240829011849.364987-2-wei.fang@nxp.com Signed-off-by: Abel Vesa commit 35121e9def072aaa2361572829e4f71f80dd6e8d Author: Shengjiu Wang Date: Wed Jul 10 16:41:00 2024 +0800 clk: imx: imx8: Use clk_hw pointer for self registered clock in clk_parent_data "acm_aud_clk0_sel" and "acm_aud_clk1_sel" are registered by this ACM driver, but they are the parent clocks for other clocks, in order to use assigned-clock-parents in device tree, the ".fw_name" can't be used, need to assign the clk_hw pointer for the imx8qm_mclk_sels[], imx8qxp_mclk_sels[], imx8dxl_mclk_sels[]. Signed-off-by: Shengjiu Wang Reviewed-by: Peng Fan Link: https://lore.kernel.org/r/1720600860-18866-1-git-send-email-shengjiu.wang@nxp.com Signed-off-by: Abel Vesa commit 334304ac2baca7f3e821c47cf5129d90e7a6b1e6 Author: Christoph Hellwig Date: Fri Jul 19 06:07:38 2024 +0200 dma-mapping: don't return errors from dma_set_max_seg_size A NULL dev->dma_parms indicates either a bus that is not DMA capable or grave bug in the implementation of the bus code. There isn't much the driver can do in terms of error handling for either case, so just warn and continue as DMA operations will fail anyway. Signed-off-by: Christoph Hellwig Reviewed-by: Robin Murphy Reviewed-by: Martin K. Petersen Acked-by: Ulf Hansson # For MMC commit 560a861ab4174b42240157ab5cebe36b8c7bc418 Author: Christoph Hellwig Date: Fri Jul 19 06:06:28 2024 +0200 dma-mapping: don't return errors from dma_set_seg_boundary A NULL dev->dma_parms indicates either a bus that is not DMA capable or grave bug in the implementation of the bus code. There isn't much the driver can do in terms of error handling for either case, so just warn and continue as DMA operations will fail anyway. Signed-off-by: Christoph Hellwig Reviewed-by: Robin Murphy Reviewed-by: Martin K. Petersen commit c42a01264ba1497eb3193c08ff3c2656d98250a6 Author: Christoph Hellwig Date: Fri Jul 19 06:10:24 2024 +0200 dma-mapping: don't return errors from dma_set_min_align_mask A NULL dev->dma_parms indicates either a bus that is not DMA capable or grave bug in the implementation of the bus code. There isn't much the driver can do in terms of error handling for either case, so just warn and continue as DMA operations will fail anyway. Signed-off-by: Christoph Hellwig Reviewed-by: Robin Murphy Reviewed-by: Martin K. Petersen commit b5a73bf4d1de95e620bf5f592557b81f71c76f0e Author: Christoph Hellwig Date: Thu Aug 22 06:56:31 2024 +0200 scsi: check that busses support the DMA API before setting dma parameters We'll start throwing warnings soon when dma_set_seg_boundary and dma_set_max_seg_size are called on devices for buses that don't fully support the DMA API. Prepare for that by making the calls in the SCSI midlayer conditional. Signed-off-by: Christoph Hellwig Reviewed-by: Robin Murphy Reviewed-by: Martin K. Petersen commit 833bd284a45448f04ab9fcd4fdf7ef594d458eed Author: Baruch Siach Date: Wed Aug 28 12:51:24 2024 +0300 arm64: mm: fix DMA zone when dma-ranges is missing Some platforms, like Rockchip RK3568 based Odroid M1, do not provide DMA limits information in device-tree dma-ranges property. Still some device drivers set DMA limit that relies on DMA zone at low 4GB memory area. Until commit ba0fb44aed47 ("dma-mapping: replace zone_dma_bits by zone_dma_limit"), zone_sizes_init() restricted DMA zone to low 32-bit. Restore DMA zone 32-bit limit when the platform provides no DMA bus limit information. Fixes: ba0fb44aed47 ("dma-mapping: replace zone_dma_bits by zone_dma_limit") Reported-by: Marek Szyprowski Link: https://lore.kernel.org/r/53d988b1-bdce-422a-ae4e-158f305ad703@samsung.com Suggested-by: Robin Murphy Signed-off-by: Baruch Siach Reviewed-by: Catalin Marinas Tested-by: Marek Szyprowski Signed-off-by: Christoph Hellwig commit cff06a799dbe81f3a697ae7c805eaf88d30c2308 Merge: d5a4b0d6424257 bda1c931e2993c Author: Martin K. Petersen Date: Wed Aug 28 22:16:33 2024 -0400 Merge patch series "smartpqi updates" Don Brace says: These patches are based on Martin Petersen's 6.12/scsi-queue tree https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git 6.12/scsi-queue There are two functional changes: smartpqi-add-fw-log-to-kdump smartpqi-add-counter-for-parity-write-stream-requests There are three minor bug fixes: smartpqi-fix-stream-detection smartpqi-fix-rare-system-hang-during-LUN-reset smartpqi-fix-volume-size-updates The other two patches add PCI-IDs for new controllers and change the driver version. This set of changes consists of: * smartpqi-add-fw-log-to-kdump During a kdump, the driver tells the controller to copy its logging information to some pre-allocated buffers that can be analyzed later. This is a "feature" driven capability and is backward compatible with existing controller FW. This patch renames some prefixes for OFA (Online-Firmware Activation ofa_*) buffers to host_memory_*. So, not a lot of actual functional changes to smartpqi_init.c, mainly determining the memory size allocation. We added a function to notify the controller to copy debug data into host memory before continuing kdump. Most of the functional changes are in smartpqi_sis.c where the actual handshaking is done. * smartpqi-fix-stream-detection Correct some false write-stream detections. The data structure used to check for write-streams was not initialized to all 0's causing some false write stream detections. The driver sends down streamed requests to the raid engine instead of using AIO bypass for some extra performance. (Potential full-stripe write verses Read Modify Write). False detections have not caused any data corruption. Found by internal testing. No known externally reported bugs. * smartpqi-add-counter-for-parity-write-stream-requests Adding some counters for raid_bypass and write streams. These two counters are related because write stream detection is only checked if an I/O request is eligible for bypass (AIO). The bypass counter (raid_bypass_cnt) was moved into a common structure (pqi_raid_io_stats) and changed to type __percpu. The write stream counter is (write_stream_cnt) has been added to this same structure. These counters are __percpu counters for performance. We added a sysfs entry to show the write stream count. The raid bypass counter sysfs entry already exists. Useful for checking streaming writes. The change in the sysfs entry write_stream_cnt can be checked during AIO eligible write operations. * smartpqi-add-new-controller-PCI-IDs Adding support for new controller HW. No functional changes. * smartpqi-fix-rare-system-hang-during-LUN-reset We found a rare race condition that can occur during a LUN reset. We were not emptying our internal queue completely. There have been some rare conditions where our internal request queue has requests for multiple LUNs and a reset comes in for one of the LUNs. The driver waits for this internal queue to empty. We were only clearing out the requests for the LUN being reset so the request queue was never empty causing a hang. The Fix: For all requests in our internal request queue: Complete requests with DID_RESET for queued requests for the device undergoing a reset. Complete requests with DID_REQUEUE for all other queued requests. Found by internal testing. No known externally reported bugs. * smartpqi-fix-volume-size-updates The current code only checks for a size change if there is also a queue depth change. We are separating the check for queue depth and the size changes. Found by internal testing. No known bugs were filed. * smartpqi-update-version-to-2.1.30-031 No functional changes. Link: https://lore.kernel.org/r/20240827185501.692804-1-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit bda1c931e2993cbd43515dccec8bdd200a39cbf0 Author: Don Brace Date: Tue Aug 27 13:55:01 2024 -0500 scsi: smartpqi: update driver version to 2.1.30-031 Update driver version to 2.1.30-031. Reviewed-by: David Strahan Reviewed-by: Scott Benesh Reviewed-by: Scott Teel Reviewed-by: Mike McGowen Reviewed-by: Gerry Morong Signed-off-by: Don Brace Link: https://lore.kernel.org/r/20240827185501.692804-8-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit 07dde72ff173742137546cb4e5e9264c8e1ba2ba Author: Don Brace Date: Tue Aug 27 13:55:00 2024 -0500 scsi: smartpqi: fix volume size updates Correct logical volume size changes by moving the check for a volume rescan outside of the check for a queue depth change. Signed-off-by: Don Brace Link: https://lore.kernel.org/r/20240827185501.692804-7-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit 4e0a51716dae782822b5df6c3b29cc0915a9f802 Author: Murthy Bhat Date: Tue Aug 27 13:54:59 2024 -0500 scsi: smartpqi: fix rare system hang during LUN reset Correct a rare case where in a LUN reset occurs on a device and I/O requests for other devices persist in the driver's internal request queue. Part of a LUN reset involves waiting for our internal request queue to empty before proceeding. The internal request queue contains requests not yet sent down to the controller. We were clearing the requests queued for the LUN undergoing a reset, but not all of the queued requests. Causing a hang. For all requests in our internal request queue: Complete requests with DID_RESET for queued requests for the device undergoing a reset. Complete requests with DID_REQUEUE for all other queued requests. Reviewed-by: Scott Benesh Reviewed-by: Scott Teel Reviewed-by: Mike McGowen Signed-off-by: Murthy Bhat Signed-off-by: Don Brace Link: https://lore.kernel.org/r/20240827185501.692804-6-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit dbc39b84540f746cc814e69b21e53e6d3e12329a Author: David Strahan Date: Tue Aug 27 13:54:58 2024 -0500 scsi: smartpqi: add new controller PCI IDs All PCI ID entries in Hex. Add new cisco pci ids: VID / DID / SVID / SDID ---- ---- ---- ---- 9005 028f 1137 02fe 9005 028f 1137 02ff 9005 028f 1137 0300 Add new h3c pci ids: VID / DID / SVID / SDID ---- ---- ---- ---- 9005 028f 193d 0462 9005 028f 193d 8462 Add new ieit pci ids: VID / DID / SVID / SDID ---- ---- ---- ---- 9005 028f 1ff9 00a3 Reviewed-by: Scott Benesh Reviewed-by: Mike McGowen Signed-off-by: David Strahan Signed-off-by: Don Brace Link: https://lore.kernel.org/r/20240827185501.692804-5-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit 283dcc1b142ebd60786f8f5e3fbbd53a51035739 Author: Mahesh Rajashekhara Date: Tue Aug 27 13:54:57 2024 -0500 scsi: smartpqi: add counter for parity write stream requests Add sysfs entry to check for write stream requests. Move existing raid_bypass_cnt into a structure named pqi_raid_io_stats and add member write_stream_cnt. These two counters are related because write stream detection is only checked if an I/O request is eligible for bypass (AIO). Example usage: lsscsi [15:1:0:0] disk Adaptec LOGICAL VOLUME 0129 /dev/sdae cat /sys/block/sdae/device/ssd_smart_path_enabled 1 ^ | +---- NOTE: here bypass has been enabled on device sdae To read the counter for parity write stream requests: cat /sys/block/sdae/device/write_stream_cnt 0x60cd507 Reviewed-by: Scott Benesh Reviewed-by: Mike McGowen Signed-off-by: Mahesh Rajashekhara Co-developed-by: Kevin Barnett Signed-off-by: Kevin Barnett Signed-off-by: Don Brace Link: https://lore.kernel.org/r/20240827185501.692804-4-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit 4c76114932d1d6fad2e72823e7898a3c960cf2a7 Author: Mahesh Rajashekhara Date: Tue Aug 27 13:54:56 2024 -0500 scsi: smartpqi: correct stream detection Correct stream detection by initializing the structure pqi_scsi_dev_raid_map_data to 0s. When the OS issues SCSI READ commands, the driver erroneously considers them as SCSI WRITES. If they are identified as sequential IOs, the driver then submits those requests via the RAID path instead of the AIO path. The 'is_write' flag might be set for SCSI READ commands also. The driver may interpret SCSI READ commands as SCSI WRITE commands, resulting in IOs being submitted through the RAID path. Note: This does not cause data corruption. Reviewed-by: Scott Benesh Reviewed-by: Scott Teel Reviewed-by: Mike McGowen Signed-off-by: Mahesh Rajashekhara Signed-off-by: Don Brace Link: https://lore.kernel.org/r/20240827185501.692804-3-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit 058311b72f54890de824b063feb603942269b732 Author: Murthy Bhat Date: Tue Aug 27 13:54:55 2024 -0500 scsi: smartpqi: Add fw log to kdump Add controller logs to kdump. Driver allocates DMA memory and communicates this address to FW. In the event of system crash, host driver notifies the firmware about the crash and firmware posts all the necessary logs in the pre-allocated host buffer for firmware debugging. Once firmware notifies the completion of the log uploading to the host memory and host continues with the OS crash dump saving. This is a "feature" driven capability and is backward compatible with existing controller FW. Rename some prefixes for OFA (Online-Firmware Activation ofa_*) buffers to host_memory_*. So, not a lot of actual functional changes to smartpqi_init.c, mainly determining the memory size allocation. Added a function to notify the controller to copy debug data into host memory before continuing kdump. Most of the functional changes are in smartpqi_sis.c where the actual handshaking is done. Reviewed-by: Scott Benesh Reviewed-by: Mike McGowen Signed-off-by: Murthy Bhat Signed-off-by: Don Brace Link: https://lore.kernel.org/r/20240827185501.692804-2-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit 739b847dbe58e18ba0286a05b67d3ffc6a4c097e Author: Utsav Agarwal Date: Mon Aug 26 18:22:03 2024 +0100 dt-bindings: input: pure gpio support for adp5588 Adding software support for enabling the pure gpio capability of the device - which allows all I/O to be used as GPIO. Previously, I/O configuration was limited by software to partial GPIO support only. When working in a pure gpio mode, the device does not require the certain properties and hence, the following are now made optional: - interrupts - keypad,num-rows - keypad,num-columns - linux,keymap However, note that the above are required to be specified when configuring the device as a keypad, for which dependencies have been added such that specifying either one requires the remaining as well. Also, note that interrupts are made optional, but required when the device has either been configured in keypad mode or as an interrupt controller. This has been done since they may not necessarily be used when leveraging the device purely for GPIO. Acked-by: Conor Dooley Signed-off-by: Utsav Agarwal Link: https://lore.kernel.org/r/20240826-adp5588_gpio_support-v11-3-3e5ac2bd31b7@analog.com Signed-off-by: Dmitry Torokhov commit dc748812fca013c00d9b657e0cc1416fd71a1b06 Author: Utsav Agarwal Date: Mon Aug 26 18:22:02 2024 +0100 Input: adp5588-keys - add support for pure gpio Keypad specific setup is relaxed if no keypad rows/columns are specified, enabling a purely gpio operation. Reviewed-by: Nuno Sa Signed-off-by: Utsav Agarwal Link: https://lore.kernel.org/r/20240826-adp5588_gpio_support-v11-2-3e5ac2bd31b7@analog.com Signed-off-by: Dmitry Torokhov commit f0da267996ce1ec981a99cb5820c36a3a8d90c04 Author: Dmitry Torokhov Date: Mon Aug 26 18:22:01 2024 +0100 Input: adp5588-keys - use guard notation when acquiring mutexes This makes the code more compact and error handling more robust. Acked-by: Michael Hennerich Link: https://lore.kernel.org/r/20240826-adp5588_gpio_support-v11-1-3e5ac2bd31b7@analog.com Signed-off-by: Dmitry Torokhov commit d5a4b0d64242574bc12f7864809e03aa2863b83b Author: Christophe JAILLET Date: Fri Aug 23 09:59:05 2024 +0200 scsi: bnx2fc: Remove some unused fields in struct bnx2fc_rport Some fields are unused in struct bnx2fc_rport. Remove them in order to save 96 bytes on a x86_64. Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/42e20b159f3bbb12da7796463a521ca051bd5274.1724399924.git.christophe.jaillet@wanadoo.fr Signed-off-by: Martin K. Petersen commit e59f43fb647733cd58191e6cfec4122f9bdd0aab Author: Christophe JAILLET Date: Mon Aug 19 21:11:43 2024 +0200 scsi: qla2xxx: Remove the unused 'del_list_entry' field in struct fc_port The 'del_list_entry' field in "struct fc_port" is unused. The field was introduced in commit 2d70c103fd2a ("[SCSI] qla2xxx: Add LLD target-mode infrastructure for >= 24xx series") in 2012-05 and the last user was removed in commit 726b85487067 ("qla2xxx: Add framework for async fabric discovery") in 2017-02. Remove this unused field. Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/69155321ab26c1f4d473d5bb6cd44b59b9b6a020.1724094686.git.christophe.jaillet@wanadoo.fr Signed-off-by: Martin K. Petersen commit 15229ce324181733a75cd80e75b6a3e0fc64fe5b Merge: 387c415200c3c1 e62beddc45f487 Author: Jakub Kicinski Date: Wed Aug 28 18:22:02 2024 -0700 Merge branch 'net-hisilicon-minor-fixes' Krzysztof Kozlowski says: ==================== net: hisilicon: minor fixes Minor fixes for hisilicon ethernet driver which look too trivial to be considered for current RC. ==================== Link: https://patch.msgid.link/20240827144421.52852-1-krzysztof.kozlowski@linaro.org Signed-off-by: Jakub Kicinski commit 0a5167e21126c4b1d35aaab64ad04ea056ec8aab Author: Bao D. Nguyen Date: Tue Aug 27 16:14:13 2024 -0700 scsi: ufs: core: Remove ufshcd_urgent_bkops() ufshcd_urgent_bkops() is a wrapper function. It only calls ufshcd_bkops_ctrl(). Remove it to simplify the ufs core driver. Replace any references to ufshcd_urgent_bkops() with ufshcd_bkops_ctrl(). In addition, remove the second parameter in the ufshcd_bkops_ctrl() because the information can be retrieved from the first parameter. Signed-off-by: Bao D. Nguyen Link: https://lore.kernel.org/r/0c7f2c8d68408e39c28e3e81addce09cc0ee3969.1724800328.git.quic_nguyenb@quicinc.com Acked-by: Avri Altman Reviewed-by: Manivannan Sadhasivam Signed-off-by: Martin K. Petersen commit 9526dec226f0779d72f798e7a18375bf8d414775 Author: Niklas Cassel Date: Wed Aug 28 09:27:04 2024 +0200 ata: libata: Add helper ata_eh_decide_disposition() Every time I see libata code calling scsi_check_sense(), I get confused why the code path that is working fine for SCSI code, is not sufficient for libata code. The reason is that SCSI usually gets the sense data as part of the completion, and will thus automatically call scsi_check_sense(), which will set the SCSI ML byte (if any). However, for libata queued commands, we always need to fetch the sense data via SCSI EH, and thus do not get the luxury of having scsi_check_sense() called automatically. Add a new helper, ata_eh_decide_disposition(), that has a ata_eh_ prefix to more clearly highlight that this is only needed for code called by EH, while also having a similar name to scsi_decide_disposition(), such that it is easier to compare the libata code with the equivalent SCSI code. Also add a big kdoc comment explaining why this helper is called/needed in the first place. Signed-off-by: Niklas Cassel Signed-off-by: Damien Le Moal commit 3e3ac9c39e1b575e970ecab90504b6cb090f6b05 Author: Gaosheng Cui Date: Mon Aug 26 11:20:05 2024 +0800 scsi: core: Remove obsoleted declaration for scsi_driverbyte_string() scsi_driverbyte_string() has been unused since commit 54c29086195f ("scsi: core: Drop the now obsolete driver_byte definitions"). Remove it. Signed-off-by: Gaosheng Cui Link: https://lore.kernel.org/r/20240826032005.4007834-1-cuigaosheng1@huawei.com Reviewed-by: Bart Van Assche Signed-off-by: Martin K. Petersen commit adedd0f46c923f8d63aeb42d504c82431febed31 Author: Yue Haibing Date: Sat Aug 24 16:47:24 2024 +0800 scsi: bnx2i: Remove unused declarations Commit cf4e6363859d ("[SCSI] bnx2i: Add bnx2i iSCSI driver.") declared but never implemented these. Signed-off-by: Yue Haibing Link: https://lore.kernel.org/r/20240824084724.3647307-1-yuehaibing@huawei.com Signed-off-by: Martin K. Petersen commit e62beddc45f487b9969821fad3a0913d9bc18a2f Author: Krzysztof Kozlowski Date: Tue Aug 27 16:44:21 2024 +0200 net: hisilicon: hns_mdio: fix OF node leak in probe() Driver is leaking OF node reference from of_parse_phandle_with_fixed_args() in probe(). Signed-off-by: Krzysztof Kozlowski Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240827144421.52852-4-krzysztof.kozlowski@linaro.org Signed-off-by: Jakub Kicinski commit 5680cf8d34e1552df987e2f4bb1bff0b2a8c8b11 Author: Krzysztof Kozlowski Date: Tue Aug 27 16:44:20 2024 +0200 net: hisilicon: hns_dsaf_mac: fix OF node leak in hns_mac_get_info() Driver is leaking OF node reference from of_parse_phandle_with_fixed_args() in hns_mac_get_info(). Signed-off-by: Krzysztof Kozlowski Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240827144421.52852-3-krzysztof.kozlowski@linaro.org Signed-off-by: Jakub Kicinski commit 17555297dbd5bccc93a01516117547e26a61caf1 Author: Krzysztof Kozlowski Date: Tue Aug 27 16:44:19 2024 +0200 net: hisilicon: hip04: fix OF node leak in probe() Driver is leaking OF node reference from of_parse_phandle_with_fixed_args() in probe(). Signed-off-by: Krzysztof Kozlowski Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240827144421.52852-2-krzysztof.kozlowski@linaro.org Signed-off-by: Jakub Kicinski commit 387c415200c3c1099b29446b6e567810bc2dfffc Author: Andy Shevchenko Date: Tue Aug 27 20:10:05 2024 +0300 net: dsa: mv88e6xxx: Remove stale comment GPIOF_DIR_* definitions are legacy and subject to remove. Taking this into account, remove stale comment. Signed-off-by: Andy Shevchenko Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240827171005.2301845-1-andriy.shevchenko@linux.intel.com Signed-off-by: Jakub Kicinski commit ad78337cb20c1a52781a7b329b1a747d91be3491 Author: Maxime Chevallier Date: Tue Aug 27 11:23:13 2024 +0200 net: ethtool: cable-test: Release RTNL when the PHY isn't found Use the correct logic to check for the presence of a PHY device, and jump to a label that correctly releases RTNL in case of an error, as we are holding RTNL at that point. Fixes: 3688ff3077d3 ("net: ethtool: cable-test: Target the command to the requested PHY") Closes: https://lore.kernel.org/netdev/20240827104825.5cbe0602@fedora-3.home/T/#m6bc49cdcc5cfab0d162516b92916b944a01c833f Signed-off-by: Maxime Chevallier Reported-by: Dan Carpenter Reviewed-by: Larysa Zaremba Reviewed-by: Florian Fainelli Link: https://patch.msgid.link/20240827092314.2500284-1-maxime.chevallier@bootlin.com Signed-off-by: Jakub Kicinski commit 646f071d315b75e87583de290d333478d42ccde1 Author: Erni Sri Satya Vennela Date: Mon Aug 26 22:16:31 2024 -0700 net: netvsc: Update default VMBus channels Change VMBus channels macro (VRSS_CHANNEL_DEFAULT) in Linux netvsc from 8 to 16 to align with Azure Windows VM and improve networking throughput. For VMs having less than 16 vCPUS, the channels depend on number of vCPUs. For greater than 16 vCPUs, set the channels to maximum of VRSS_CHANNEL_DEFAULT and number of physical cores / 2 which is returned by netif_get_num_default_rss_queues() as a way to optimize CPU resource utilization and scale for high-end processors with many cores. Maximum number of channels are by default set to 64. Based on this change the channel creation would change as follows: ----------------------------------------------------------------- | No. of vCPU | dev_info->num_chn | channels created | ----------------------------------------------------------------- | 1-16 | 16 | vCPU | | >16 | max(16,#cores/2) | min(64 , max(16,#cores/2)) | ----------------------------------------------------------------- Performance tests showed significant improvement in throughput: - 0.54% for 16 vCPUs - 0.83% for 32 vCPUs - 0.86% for 48 vCPUs - 9.72% for 64 vCPUs - 13.57% for 96 vCPUs Signed-off-by: Erni Sri Satya Vennela Reviewed-by: Haiyang Zhang Reviewed-by: Shradha Gupta Reviewed-by: Michael Kelley Link: https://patch.msgid.link/1724735791-22815-1-git-send-email-ernis@linux.microsoft.com Signed-off-by: Jakub Kicinski commit e24a6c874601efb3de6e535895dd8e4f56fa98f1 Author: Jacky Chou Date: Tue Aug 27 11:05:13 2024 +0800 net: ftgmac100: Get link speed and duplex for NC-SI The ethtool of this driver uses the phy API of ethtool to get the link information from PHY driver. Because the NC-SI is forced on 100Mbps and full duplex, the driver connect a fixed-link phy driver for NC-SI. The ethtool will get the link information from the fixed-link phy driver. Signed-off-by: Jacky Chou Reviewed-by: Jacob Keller Link: https://patch.msgid.link/20240827030513.481469-1-jacky_chou@aspeedtech.com Signed-off-by: Jakub Kicinski commit 6db59c4935c9354f4c33fc63287d110317ca4d70 Author: Juntong Deng Date: Wed Aug 28 20:51:32 2024 +0100 selftests/bpf: Add test for zero offset or non-zero offset pointers as KF_ACQUIRE kfuncs argument This patch adds test cases for zero offset (implicit cast) or non-zero offset pointer as KF_ACQUIRE kfuncs argument. Currently KF_ACQUIRE kfuncs should support passing in pointers like &sk->sk_write_queue (non-zero offset) or &sk->__sk_common (zero offset) and not be rejected by the verifier. Signed-off-by: Juntong Deng Link: https://lore.kernel.org/r/AM6PR03MB5848CB6F0D4D9068669A905B99952@AM6PR03MB5848.eurprd03.prod.outlook.com Signed-off-by: Alexei Starovoitov commit f633919d132cf1755d62278c989124c0ce23950f Author: Juntong Deng Date: Wed Aug 28 20:48:11 2024 +0100 bpf: Relax KF_ACQUIRE kfuncs strict type matching constraint Currently we cannot pass zero offset (implicit cast) or non-zero offset pointers to KF_ACQUIRE kfuncs. This is because KF_ACQUIRE kfuncs requires strict type matching, but zero offset or non-zero offset does not change the type of pointer, which causes the ebpf program to be rejected by the verifier. This can cause some problems, one example is that bpf_skb_peek_tail kfunc [0] cannot be implemented by just passing in non-zero offset pointers. We cannot pass pointers like &sk->sk_write_queue (non-zero offset) or &sk->__sk_common (zero offset) to KF_ACQUIRE kfuncs. This patch makes KF_ACQUIRE kfuncs not require strict type matching. [0]: https://lore.kernel.org/bpf/AM6PR03MB5848CA39CB4B7A4397D380B099B12@AM6PR03MB5848.eurprd03.prod.outlook.com/ Signed-off-by: Juntong Deng Link: https://lore.kernel.org/r/AM6PR03MB5848FD2BD89BF0B6B5AA3B4C99952@AM6PR03MB5848.eurprd03.prod.outlook.com Signed-off-by: Alexei Starovoitov commit 59a0ad4f03888c22c64e7bfe7e7b2efd4c317303 Merge: 0fa5e94a1811d6 c0a11493ee6141 Author: Jakub Kicinski Date: Wed Aug 28 17:08:20 2024 -0700 Merge branch 'tcp-take-better-care-of-tw_substate-and-tw_rcv_nxt' Eric Dumazet says: ==================== tcp: take better care of tw_substate and tw_rcv_nxt While reviewing Jason Xing recent commit (0d9e5df4a257 "tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process") I saw we could remove the volatile qualifier for tw_substate field, and I also added missing data-race annotations around tcptw->tw_rcv_nxt. ==================== Link: https://patch.msgid.link/20240827015250.3509197-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit c0a11493ee6141d475fc96cf3ba24441299c9f16 Author: Eric Dumazet Date: Tue Aug 27 01:52:50 2024 +0000 tcp: annotate data-races around tcptw->tw_rcv_nxt No lock protects tcp tw fields. tcptw->tw_rcv_nxt can be changed from twsk_rcv_nxt_update() while other threads might read this field. Add READ_ONCE()/WRITE_ONCE() annotations, and make sure tcp_timewait_state_process() reads tcptw->tw_rcv_nxt only once. Signed-off-by: Eric Dumazet Reviewed-by: Jason Xing Link: https://patch.msgid.link/20240827015250.3509197-3-edumazet@google.com Signed-off-by: Jakub Kicinski commit 3e5cbbb1fb9a64588a2c6ddc5e432a303d36a488 Author: Eric Dumazet Date: Tue Aug 27 01:52:49 2024 +0000 tcp: remove volatile qualifier on tw_substate Using a volatile qualifier for a specific struct field is unusual. Use instead READ_ONCE()/WRITE_ONCE() where necessary. tcp_timewait_state_process() can change tw_substate while other threads are reading this field. Signed-off-by: Eric Dumazet Reviewed-by: Jason Xing Link: https://patch.msgid.link/20240827015250.3509197-2-edumazet@google.com Signed-off-by: Jakub Kicinski commit 0fa5e94a1811d68fbffa0725efe6d4ca62c03d12 Author: Jeongjun Park Date: Fri Aug 23 03:11:09 2024 +0900 net/xen-netback: prevent UAF in xenvif_flush_hash() During the list_for_each_entry_rcu iteration call of xenvif_flush_hash, kfree_rcu does not exist inside the rcu read critical section, so if kfree_rcu is called when the rcu grace period ends during the iteration, UAF occurs when accessing head->next after the entry becomes free. Therefore, to solve this, you need to change it to list_for_each_entry_safe. Signed-off-by: Jeongjun Park Link: https://patch.msgid.link/20240822181109.2577354-1-aha310510@gmail.com Signed-off-by: Jakub Kicinski commit 47b3b6435e4bfb61ae8ffc63a11bd3c310f69acf Author: Arnaldo Carvalho de Melo Date: Wed Aug 28 19:06:47 2024 -0300 tools build: Remove leftover libcap tests that prevents fast path feature detection from working I noticed that the fast path feature detection was failing: $ cat /tmp/build/perf-tools-next/feature/test-all.make.output /usr/bin/ld: cannot find -lcap: No such file or directory collect2: error: ld returned 1 exit status $ The patch removing the dependency (Fixes tag below) didn't remove the detection of libcap, and as the fast path feature detection (test-all.c) had -lcap in its Makefile link list of libraries to link, it was failing when libcap-devel is not available, fix it by removing those leftover files. Fixes: e25ebda78e230283 ("perf cap: Tidy up and improve capability testing") Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/Zs-gjOGFWtAvIZit@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 9dad0127ad732f756d056ea152e0b084f321c765 Author: Thomas Weißschuh Date: Wed Aug 28 20:04:29 2024 +0200 power: supply: core: constify psy_tzd_ops This struct is never modified, so mark it const. Signed-off-by: Thomas Weißschuh Link: https://lore.kernel.org/r/20240828-power-supply-const-psy_tzd_ops-v1-1-dc27176fda5b@weissschuh.net Signed-off-by: Sebastian Reichel commit 7f67fdae3372c323ad02601ab65502c9e488a521 Merge: b75197e86e6d3d 59fdd43304f4cb Author: Song Liu Date: Wed Aug 28 14:55:57 2024 -0700 Merge branch 'md-6.12-bitmap' into md-6.12 From Yu Kuai (with minor changes by Song Liu): The background is that currently bitmap is using a global spin_lock, causing lock contention and huge IO performance degradation for all raid levels. However, it's impossible to implement a new lock free bitmap with current situation that md-bitmap exposes the internal implementation with lots of exported apis. Hence bitmap_operations is invented, to describe bitmap core implementation, and a new bitmap can be introduced with a new bitmap_operations, we only need to switch to the new one during initialization. And with this we can build bitmap as kernel module, but that's not our concern for now. This version was tested with mdadm tests and lvm2 tests. This set does not introduce new errors in these tests. * md-6.12-bitmap: (42 commits) md/md-bitmap: make in memory structure internal md/md-bitmap: merge md_bitmap_enabled() into bitmap_operations md/md-bitmap: merge md_bitmap_wait_behind_writes() into bitmap_operations md/md-bitmap: merge md_bitmap_free() into bitmap_operations md/md-bitmap: merge md_bitmap_set_pages() into struct bitmap_operations md/md-bitmap: merge md_bitmap_copy_from_slot() into struct bitmap_operation. md/md-bitmap: merge get_bitmap_from_slot() into bitmap_operations md/md-bitmap: merge md_bitmap_resize() into bitmap_operations md/md-bitmap: pass in mddev directly for md_bitmap_resize() md/md-bitmap: merge md_bitmap_daemon_work() into bitmap_operations md/md-bitmap: merge bitmap_unplug() into bitmap_operations md/md-bitmap: merge md_bitmap_unplug_async() into md_bitmap_unplug() md/md-bitmap: merge md_bitmap_sync_with_cluster() into bitmap_operations md/md-bitmap: merge md_bitmap_cond_end_sync() into bitmap_operations md/md-bitmap: merge md_bitmap_close_sync() into bitmap_operations md/md-bitmap: merge md_bitmap_end_sync() into bitmap_operations md/md-bitmap: remove the parameter 'aborted' for md_bitmap_end_sync() md/md-bitmap: merge md_bitmap_start_sync() into bitmap_operations md/md-bitmap: merge md_bitmap_endwrite() into bitmap_operations md/md-bitmap: merge md_bitmap_startwrite() into bitmap_operations ... Signed-off-by: Song Liu commit 907fa79d787f6f762c0afb67b8b02be8ed1f7bd2 Author: Luis Chamberlain Date: Wed Aug 21 10:40:21 2024 -0700 MAINTAINERS: scale modules with more reviewers We're looking to add Rust module support, and I don't speak Rust yet. The compromise was reached that in order to scale we'd get volunteers committed from the Rust community willing to review both Rust and C code for modules so we can ensure we get proper reviews for both parts of the code and so that we can scale. Add those who have stepped up to help. Acked-by: Sami Tolvanen Acked-by: Petr Pavlu Acked-by: Daniel Gomez Signed-off-by: Luis Chamberlain commit 2ac11a2fdcc3aa210d76b65c61c6758f44ac6c54 Author: Yue Haibing Date: Sat Aug 24 18:03:31 2024 +0800 PCI/VPD: Remove pci_vpd_release() unused declarations Commit fd00faa375fb ("PCI/VPD: Embed struct pci_vpd in struct pci_dev") removed pci_vpd_release() but left the declaration. Remove the unused declaration. Link: https://lore.kernel.org/r/20240824100331.586036-1-yuehaibing@huawei.com Signed-off-by: Yue Haibing [bhelgaas: split per feature] Signed-off-by: Bjorn Helgaas commit 47ecb443a91ad3d82a79807bec7d258cad8eb86a Author: Yue Haibing Date: Wed Aug 28 16:21:41 2024 -0500 PCI/PM: Remove __pci_pme_wakeup() unused declarations Commit b67ea76172d4 ("PCI / ACPI / PM: Platform support for PCI PME wake-up") declared but never implemented __pci_pme_wakeup(). Remove the unused declaration. Link: https://lore.kernel.org/r/20240824100331.586036-1-yuehaibing@huawei.com Signed-off-by: Yue Haibing [bhelgaas: split per feature] Signed-off-by: Bjorn Helgaas commit d56a4d56a25c6aa76d816f1ee1888d38cf654004 Author: Namhyung Kim Date: Mon Aug 26 15:10:45 2024 -0700 perf test: Add 'perf record cgroup' filtering test $ sudo ./perf test filtering -vv 96: perf record sample filtering (by BPF) tests: --- start --- test child forked, pid 2966908 Checking BPF-filter privilege Basic bpf-filter test Basic bpf-filter test [Success] Failing bpf-filter test Failing bpf-filter test [Success] Group bpf-filter test Group bpf-filter test [Success] Multiple bpf-filter test Multiple bpf-filter test [Success] Cgroup bpf-filter test Cgroup bpf-filter test [Success] ---- end(0) ---- 96: perf record sample filtering (by BPF) tests : Ok Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240826221045.1202305-5-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 196d34e2c8cfec7b94e44e75d0b1bc9176acf6f8 Author: Jinjie Ruan Date: Mon Aug 26 21:25:44 2024 +0800 spi: wpcm-fiu: Simplify with dev_err_probe() Use the dev_err_probe() helper to simplify error handling during probe. This also handle scenario, when EDEFER is returned and useless error is printed. Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240826132544.3463616-3-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 0f2cf3bc4727fd07e3a1c8acb9f83e462b455986 Author: Jinjie Ruan Date: Mon Aug 26 21:25:43 2024 +0800 spi: wpcm-fiu: Fix uninitialized res The second platform_get_resource_byname() can not be replaced with devm_platform_ioremap_resource_byname(), because the intermediate "res" is used by resource_size() later. Fixes: 3bf2a5359b0b ("spi: wpcm-fiu: Use devm_platform_ioremap_resource_byname()") Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240826132544.3463616-2-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 91e88437d5156b209b1d69b69b560f0a02b80712 Author: Namhyung Kim Date: Mon Aug 26 15:10:44 2024 -0700 perf bpf-filter: Support filtering on cgroups The new cgroup filter can take either of '==' or '!=' operator and a pathname for the target cgroup. $ perf record -a --all-cgroups -e cycles --filter 'cgroup == /abc/def' -- sleep 1 Users should have --all-cgroups option in the command line to enable cgroup filtering. Technically it doesn't need to have the option as it can get the current task's cgroup info directly from BPF. But I want to follow the convention for the other sample info. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240826221045.1202305-4-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 591156f25f6bc71b143d4a7c7cbe7cdb68dda94e Author: Namhyung Kim Date: Mon Aug 26 15:10:43 2024 -0700 perf bpf-filter: Add build dependency to header files The flex and bison files need to be recompiled when one of these header filters are changed. * util/bpf-filter.h * util/bpf_skel/sample-filter.h Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240826221045.1202305-3-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 9af2efee41b27a0f386fb5aa95d8d0b4b5d9fede Author: Namhyung Kim Date: Mon Aug 26 15:10:42 2024 -0700 perf report: Fix segfault when 'sym' sort key is not used The fields in the hist_entry are filled on-demand which means they only have meaningful values when relevant sort keys are used. So if neither of 'dso' nor 'sym' sort keys are used, the map/symbols in the hist entry can be garbage. So it shouldn't access it unconditionally. I got a segfault, when I wanted to see cgroup profiles. $ sudo perf record -a --all-cgroups --synth=cgroup true $ sudo perf report -s cgroup Program received signal SIGSEGV, Segmentation fault. 0x00005555557a8d90 in map__dso (map=0x0) at util/map.h:48 48 return RC_CHK_ACCESS(map)->dso; (gdb) bt #0 0x00005555557a8d90 in map__dso (map=0x0) at util/map.h:48 #1 0x00005555557aa39b in map__load (map=0x0) at util/map.c:344 #2 0x00005555557aa592 in map__find_symbol (map=0x0, addr=140736115941088) at util/map.c:385 #3 0x00005555557ef000 in hists__findnew_entry (hists=0x555556039d60, entry=0x7fffffffa4c0, al=0x7fffffffa8c0, sample_self=true) at util/hist.c:644 #4 0x00005555557ef61c in __hists__add_entry (hists=0x555556039d60, al=0x7fffffffa8c0, sym_parent=0x0, bi=0x0, mi=0x0, ki=0x0, block_info=0x0, sample=0x7fffffffaa90, sample_self=true, ops=0x0) at util/hist.c:761 #5 0x00005555557ef71f in hists__add_entry (hists=0x555556039d60, al=0x7fffffffa8c0, sym_parent=0x0, bi=0x0, mi=0x0, ki=0x0, sample=0x7fffffffaa90, sample_self=true) at util/hist.c:779 #6 0x00005555557f00fb in iter_add_single_normal_entry (iter=0x7fffffffa900, al=0x7fffffffa8c0) at util/hist.c:1015 #7 0x00005555557f09a7 in hist_entry_iter__add (iter=0x7fffffffa900, al=0x7fffffffa8c0, max_stack_depth=127, arg=0x7fffffffbce0) at util/hist.c:1260 #8 0x00005555555ba7ce in process_sample_event (tool=0x7fffffffbce0, event=0x7ffff7c14128, sample=0x7fffffffaa90, evsel=0x555556039ad0, machine=0x5555560388e8) at builtin-report.c:334 #9 0x00005555557b30c8 in evlist__deliver_sample (evlist=0x555556039010, tool=0x7fffffffbce0, event=0x7ffff7c14128, sample=0x7fffffffaa90, evsel=0x555556039ad0, machine=0x5555560388e8) at util/session.c:1232 #10 0x00005555557b32bc in machines__deliver_event (machines=0x5555560388e8, evlist=0x555556039010, event=0x7ffff7c14128, sample=0x7fffffffaa90, tool=0x7fffffffbce0, file_offset=110888, file_path=0x555556038ff0 "perf.data") at util/session.c:1271 #11 0x00005555557b3848 in perf_session__deliver_event (session=0x5555560386d0, event=0x7ffff7c14128, tool=0x7fffffffbce0, file_offset=110888, file_path=0x555556038ff0 "perf.data") at util/session.c:1354 #12 0x00005555557affaf in ordered_events__deliver_event (oe=0x555556038e60, event=0x555556135aa0) at util/session.c:132 #13 0x00005555557bb605 in do_flush (oe=0x555556038e60, show_progress=false) at util/ordered-events.c:245 #14 0x00005555557bb95c in __ordered_events__flush (oe=0x555556038e60, how=OE_FLUSH__ROUND, timestamp=0) at util/ordered-events.c:324 #15 0x00005555557bba46 in ordered_events__flush (oe=0x555556038e60, how=OE_FLUSH__ROUND) at util/ordered-events.c:342 #16 0x00005555557b1b3b in perf_event__process_finished_round (tool=0x7fffffffbce0, event=0x7ffff7c15bb8, oe=0x555556038e60) at util/session.c:780 #17 0x00005555557b3b27 in perf_session__process_user_event (session=0x5555560386d0, event=0x7ffff7c15bb8, file_offset=117688, file_path=0x555556038ff0 "perf.data") at util/session.c:1406 As you can see the entry->ms.map was NULL even if he->ms.map has a value. This is because 'sym' sort key is not given, so it cannot assume whether he->ms.sym and entry->ms.sym is the same. I only checked the 'sym' sort key here as it implies 'dso' behavior (so maps are the same). Fixes: ac01c8c4246546fd ("perf hist: Update hist symbol when updating maps") Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Matt Fleming Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240826221045.1202305-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 6f87543c74ddc9649cfd9a6e6908821cdb4d397a Author: James Clark Date: Fri Aug 9 10:54:22 2024 +0100 perf test trace_btf_enum: Fix shellcheck warning Shellcheck versions < v0.7.2 can't follow this path so add the helper to fix the following warning: In tests/shell/trace_btf_enum.sh line 13: . "$(dirname $0)"/lib/probe.sh ^--------------------------^ SC1090: Can't follow non-constant source. Use a directive to specify location. Fixes: d66763fed30f0bd8 ("perf test trace_btf_enum: Add regression test for the BTF augmentation of enums in 'perf trace'") Signed-off-by: James Clark Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Howard Chu Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240809095426.3065163-1-james.clark@linaro.org Signed-off-by: Arnaldo Carvalho de Melo commit d5726f1c8d421f000a9265601c28279e82d43db0 Author: Leo Yan Date: Tue Aug 6 21:41:23 2024 +0100 perf auxtrace: Remove unused 'pmu' pointer from struct auxtrace_record The 'pmu' pointer in the auxtrace_record structure is not used after support multiple AUX events, remove it. Reviewed-by: Adrian Hunter Signed-off-by: Leo Yan Cc: Ian Rogers Cc: James Clark Cc: Kan Liang Cc: Mike Leach Cc: Namhyung Kim Cc: Suzuki Poulouse Cc: coresight@lists.linaro.org Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240806204130.720977-3-leo.yan@arm.com Signed-off-by: Arnaldo Carvalho de Melo commit c87826ddcefaf0b1245d1d8c61040679ea0bd387 Author: Leo Yan Date: Tue Aug 6 21:41:22 2024 +0100 perf auxtrace: Use evsel__is_aux_event() for checking AUX event Use evsel__is_aux_event() to decide if an event is a AUX event, this is a refactoring to replace comparing the PMU type. Reviewed-by: Adrian Hunter Signed-off-by: Leo Yan Cc: Ian Rogers Cc: James Clark Cc: Kan Liang Cc: Mike Leach Cc: Namhyung Kim Cc: Suzuki Poulouse Cc: coresight@lists.linaro.org Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240806204130.720977-2-leo.yan@arm.com Signed-off-by: Arnaldo Carvalho de Melo commit aea4d463459c95a1b19627d1aa9c21b691da843a Author: Lucas Stach Date: Mon Jul 1 19:57:35 2024 +0200 perf vendor events arm64: Move Yitian 710 DDR PMU into T-Head directory The Yitian 710 is not a Freescale/NXP design and thus should be located in a separate T-Head vendor directory. Reviewed-by: Jing Zhang Signed-off-by: Lucas Stach Cc: Ingo Molnar Cc: James Clark Cc: John Garry Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Shuai Xue Cc: Will Deacon Cc: kernel@pengutronix.de Cc: linux-arm-kernel@lists.infradead.org Cc: patchwork-lst@pengutronix.de Link: https://lore.kernel.org/r/20240701175735.485655-1-l.stach@pengutronix.de Signed-off-by: Arnaldo Carvalho de Melo commit 2d3e6351a25de0ceef69aae415cb1e082f0382c7 Author: Jinjie Ruan Date: Mon Aug 26 20:59:13 2024 +0800 spi: atmel-quadspi: Simplify with dev_err_probe() Use the dev_err_probe() helper to simplify error handling during probe. This also handle scenario, when EDEFER is returned and useless error is printed. Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240826125913.3434305-3-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit c2ea9b8a536bd18b7632d4d998c20e1af9319c32 Author: Jinjie Ruan Date: Mon Aug 26 20:59:12 2024 +0800 spi: atmel-quadspi: Fix uninitialized res The second platform_get_resource_byname() can not be replaced with devm_platform_ioremap_resource_byname(), because the intermediate "res" is used to assign for "aq->mmap_size". Fixes: 3ccea1dedef3 ("spi: atmel-quadspi: Simpify resource lookup") Signed-off-by: Jinjie Ruan Acked-by: Hari Prasath Gujulan Elango Link: https://patch.msgid.link/20240826125913.3434305-2-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit adf50a6e66ae7527f9db4f5c9c11e6cc2a870d4f Author: Kajol Jain Date: Tue Aug 27 11:02:06 2024 +0530 perf vendor events: Move PM_BR_MPRED_CMPL event for power10 platform Move PM_BR_MPRED_CMPL event from cache.json to frontend.json file for power10 platform Reviewed-by: Ian Rogers Signed-off-by: Kajol Jain Cc: Athira Rajeev Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Madhavan Srinivasan Cc: Namhyung Kim Cc: linuxppc-dev@lists.ozlabs.org Link: https://lore.kernel.org/r/20240827053206.538814-3-kjain@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 0edee819712ed00ce199f94108a8d588970eea80 Author: Kajol Jain Date: Tue Aug 27 11:02:05 2024 +0530 perf vendor events power10: Move the JSON/events Move some of the JSON/events from others.json to more appropriate JSON files for power10 platform. Reviewed-by: Ian Rogers Signed-off-by: Kajol Jain Cc: Athira Rajeev Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Madhavan Srinivasan Cc: Namhyung Kim Cc: linuxppc-dev@lists.ozlabs.org Link: https://lore.kernel.org/r/20240827053206.538814-2-kjain@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit c5d50457a8fc2695ca5a921f3a4a402343cf5313 Author: Kajol Jain Date: Tue Aug 27 11:02:04 2024 +0530 perf vendor events power10: Update JSON/events Update JSON/events for power10 platform with additional events. Reviewed-by: Ian Rogers Signed-off-by: Kajol Jain Cc: Athira Rajeev Cc: Disha Goel Cc: Hari Bathini Cc: Madhavan Srinivasan Cc: Namhyung Kim Cc: linuxppc-dev@lists.ozlabs.org Link: https://lore.kernel.org/r/20240827053206.538814-1-kjain@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 7bedcbaefdf5d4f71302cb5428eb72ada4f380e9 Author: Arnaldo Carvalho de Melo Date: Thu Aug 22 15:10:27 2024 -0300 perf trace: Pass the richer 'struct syscall_arg' pointer to trace__btf_scnprintf() Since we'll need it later in the current patch series and we can get the syscall_arg_fmt from syscall_arg->fmt. Based-on-a-patch-by: Howard Chu Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/Zsd8vqCrTh5h69rp@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 8df1d8c6cbd6825b3784068e7c2b37fa8a8a43f0 Author: Howard Chu Date: Thu Aug 15 09:36:17 2024 +0800 perf trace: Fix perf trace -p 'perf trace -p ' work on a syscall that is unaugmented, but doesn't work on a syscall that's augmented (when it calls perf_event_output() in BPF). Let's take open() as an example. open() is augmented in perf trace. Before: $ perf trace -e open -p 3792392 ? ( ): ... [continued]: open()) = -1 ENOENT (No such file or directory) ? ( ): ... [continued]: open()) = -1 ENOENT (No such file or directory) We can see there's no output. After: $ perf trace -e open -p 3792392 0.000 ( 0.123 ms): a.out/3792392 open(filename: "DINGZHEN", flags: WRONLY) = -1 ENOENT (No such file or directory) 1000.398 ( 0.116 ms): a.out/3792392 open(filename: "DINGZHEN", flags: WRONLY) = -1 ENOENT (No such file or directory) Reason: bpf_perf_event_output() will fail when you specify a pid in 'perf trace' (EOPNOTSUPP). When using 'perf trace -p 114', before perf_event_open(), we'll have PID = 114, and CPU = -1. This is bad for bpf-output event, because the ring buffer won't accept output from BPF's perf_event_output(), making it fail. I'm still trying to find out why. If we open bpf-output for every cpu, instead of setting it to -1, like this: PID = , CPU = 0 PID = , CPU = 1 PID = , CPU = 2 PID = , CPU = 3 Everything works. You can test it with this script (open.c): #include #include int main() { int i1 = 1, i2 = 2, i3 = 3, i4 = 4; char s1[] = "DINGZHEN", s2[] = "XUEBAO"; while (1) { syscall(SYS_open, s1, i1, i2); sleep(1); } return 0; } save, compile: make open perf trace: perf trace -e open Signed-off-by: Howard Chu Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240815013626.935097-2-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit 4451dae46992131ef5c42147444c183c364b1149 Author: Howard Chu Date: Thu Aug 15 09:36:17 2024 +0800 perf evlist: Introduce method to find if there is a bpf-output event We'll use it in the next patch, to deciding how to set up the ring buffer. Signed-off-by: Howard Chu Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240815013626.935097-2-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit 8b48f8ba16b06024920c8ff349fed769118777cc Author: Ian Rogers Date: Tue Aug 27 14:27:57 2024 -0700 perf report: Name events in stats for pipe mode In stats mode PERF_RECORD_EVENT_UPDATE isn't being handled meaning the evsels aren't named when handling pipe mode output. Before: $ perf record -e inst_retired.any -a -o - sleep 0.1|perf report --stats -i - ... Aggregated stats: TOTAL events: 23358 COMM events: 2608 (11.2%) EXIT events: 1 ( 0.0%) FORK events: 2607 (11.2%) SAMPLE events: 174 ( 0.7%) MMAP2 events: 17936 (76.8%) ATTR events: 2 ( 0.0%) FINISHED_ROUND events: 2 ( 0.0%) ID_INDEX events: 1 ( 0.0%) THREAD_MAP events: 1 ( 0.0%) CPU_MAP events: 1 ( 0.0%) EVENT_UPDATE events: 3 ( 0.0%) TIME_CONV events: 1 ( 0.0%) FEATURE events: 20 ( 0.1%) FINISHED_INIT events: 1 ( 0.0%) raw 0xc0 stats: SAMPLE events: 174 After: $ perf record -e inst_retired.any -a -o - sleep 0.1|perf report --stats -i - ... Aggregated stats: TOTAL events: 23742 COMM events: 2620 (11.0%) EXIT events: 2 ( 0.0%) FORK events: 2619 (11.0%) SAMPLE events: 165 ( 0.7%) MMAP2 events: 18304 (77.1%) ATTR events: 2 ( 0.0%) FINISHED_ROUND events: 2 ( 0.0%) ID_INDEX events: 1 ( 0.0%) THREAD_MAP events: 1 ( 0.0%) CPU_MAP events: 1 ( 0.0%) EVENT_UPDATE events: 3 ( 0.0%) TIME_CONV events: 1 ( 0.0%) FEATURE events: 20 ( 0.1%) FINISHED_INIT events: 1 ( 0.0%) inst_retired.any stats: SAMPLE events: 165 This makes the pipe output match the regular output. Signed-off-by: Ian Rogers Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240827212757.1469340-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 097fe67df1aa9cc79092b15c68c9135569a679d6 Author: Michael Petlan Date: Tue Jul 2 13:08:50 2024 +0200 perf testsuite: Install perf-report tests in the 'make install-tests -C tools/perf' target Signed-off-by: Michael Petlan Cc: Athira Rajeev Cc: Ian Rogers Cc: Masami Hiramatsu Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240702110849.31904-13-vmolnaro@redhat.com Signed-off-by: Veronika Molnarova Signed-off-by: Arnaldo Carvalho de Melo commit e37cb2a6beed817df510832931bfdaa6bb8a0447 Author: Veronika Molnarova Date: Tue Jul 2 13:08:49 2024 +0200 perf testsuite report: Add test case for perf report Add a new 'perf report' test case that acts as an entry element in 'perf test list'. Runs multiple subtests from directory "base_report", which can be expanded without further editing. Signed-off-by: Veronika Molnarova Cc: Athira Rajeev Cc: Ian Rogers Cc: Masami Hiramatsu Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240702110849.31904-12-vmolnaro@redhat.com Signed-off-by: Michael Petlan Signed-off-by: Arnaldo Carvalho de Melo commit 61f87151839b9767a06be93b99f1fc324147a0d3 Author: Veronika Molnarova Date: Tue Jul 2 13:08:48 2024 +0200 perf testsuite report: Add test for perf-report basic functionality Test basic execution and some options of perf-report subcommand, like show-nr-samples, header, showcpuutilization, pid and symbol filtering. Signed-off-by: Veronika Molnarova Cc: Athira Rajeev Cc: Ian Rogers Cc: Masami Hiramatsu Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240702110849.31904-11-vmolnaro@redhat.com Signed-off-by: Michael Petlan Signed-off-by: Arnaldo Carvalho de Melo commit 13d58a6672d11200bd3c35604caa9e166468d61b Author: Veronika Molnarova Date: Tue Jul 2 13:08:47 2024 +0200 perf testsuite: Add common output checking helper As a form of validation, it is a common practice to check the outputs of commands whether they contain expected patterns or match a certain regular expression. This output checking helper is designed to allow checking stderr output of perf commands for unexpected messages, while ignoring messages that are known to be harmless, e.g.: "Lowering default frequency rate to \d+\." "\d+ out of order events recorded." etc. Signed-off-by: Veronika Molnarova Cc: Athira Rajeev Cc: Ian Rogers Cc: Masami Hiramatsu Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240702110849.31904-10-vmolnaro@redhat.com Signed-off-by: Michael Petlan Signed-off-by: Arnaldo Carvalho de Melo commit c0964af8162e7ce9a7b8bb896ece92534d5e7e64 Author: Veronika Molnarova Date: Tue Jul 2 13:08:46 2024 +0200 perf testsuite probe: Add test for line semantics The perf-probe command uses a specific semantics to describe probes. Test some patterns that are known to be both valid and invalid if they are handled appropriately. This test is run as a part of perftool-testsuite_probe test case. Signed-off-by: Veronika Molnarova Cc: Athira Rajeev Cc: Ian Rogers Cc: Masami Hiramatsu Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240702110849.31904-9-vmolnaro@redhat.com Signed-off-by: Michael Petlan Signed-off-by: Arnaldo Carvalho de Melo commit 83b6815dbb57aca3cd9b20bdcae769d2a7c38d5f Author: Veronika Molnarova Date: Tue Jul 2 13:08:45 2024 +0200 perf testsuite probe: Add test for invalid options Test if various incompatible options are correctly handled-rejected. It is run as a part of perftool-testsuite_probe test case. Signed-off-by: Veronika Molnarova Cc: Athira Rajeev Cc: Ian Rogers Cc: Masami Hiramatsu Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240702110849.31904-8-vmolnaro@redhat.com Signed-off-by: Michael Petlan Signed-off-by: Arnaldo Carvalho de Melo commit adc1dd00dbc192a8811fab482d0e26b2914ba3e3 Author: Veronika Molnarova Date: Tue Jul 2 13:08:44 2024 +0200 perf testsuite probe: Add test for basic perf-probe options Test basic behavior of perf-probe subcommand. It is run as a part of perftool-testsuite_probe test case. Signed-off-by: Veronika Molnarova Cc: Athira Rajeev Cc: Ian Rogers Cc: Masami Hiramatsu Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240702110849.31904-7-vmolnaro@redhat.com Signed-off-by: Michael Petlan Signed-off-by: Arnaldo Carvalho de Melo commit def5480d63c1e84779d36bc2fe78382e3c5e1b12 Author: Veronika Molnarova Date: Tue Jul 2 13:08:43 2024 +0200 perf testsuite probe: Add test for blacklisted kprobes handling Test perf probe interface. Blacklisted functions should be rejected when there is an attempt to set a kprobe to them. Signed-off-by: Veronika Molnarova Cc: Athira Rajeev Cc: Ian Rogers Cc: Masami Hiramatsu Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240702110849.31904-6-vmolnaro@redhat.com Signed-off-by: Michael Petlan Signed-off-by: Arnaldo Carvalho de Melo commit 32ddd082dcac111908c5f11e0617cd0f8ec10350 Author: Veronika Molnarova Date: Tue Jul 2 13:08:42 2024 +0200 perf testsuite: Fix shellcheck warnings Shellcheck is becoming a standard when building perf to prevent any unnecessary mistakes. Fix shellcheck warnings in perf testsuite. Signed-off-by: Veronika Molnarova Cc: Athira Rajeev Cc: Ian Rogers Cc: Masami Hiramatsu Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240702110849.31904-5-vmolnaro@redhat.com Signed-off-by: Michael Petlan Signed-off-by: Arnaldo Carvalho de Melo commit a3a02a52bcfcbcc4a637d4b68bf1bc391c9fad02 Author: Veronika Molnarova Date: Tue Jul 2 13:08:41 2024 +0200 perf testsuite: Merge settings files for shell tests Merge perf testsuite setting files into common settings to reduce duplicates and prevent errors. Signed-off-by: Michael Petlan Signed-off-by: Veronika Molnarova Cc: Athira Rajeev Cc: Ian Rogers Cc: Masami Hiramatsu Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240702110849.31904-4-vmolnaro@redhat.com Signed-off-by: Arnaldo Carvalho de Melo commit 5a02447c8145b87373ada2040bbab5bc2a8f87be Author: Michael Petlan Date: Tue Jul 2 13:08:40 2024 +0200 perf tests shell: Skip base_* dirs in test script search The test scripts in base_* directories currently have their own drivers that run them. Before this patch, the shell test-suite generator causes them to run twice. Fix that by skipping them in the generator. A cleaner solution (for future) will be to use the directory structure idea (introduced by Carsten Haitzler in 7391db645938 ("perf test: Refactor shell tests allowing subdirs")) to generate test entries with subtests, like: $ perf test list [...] 97: perf probe shell tests 97:1: perf probe basic functionality 97:2: perf probe tests with arguments 97:3: perf probe invalid options handling [...] There is already a lot of shell test scripts and many are about to come, so there is a need for some hierarchy. Signed-off-by: Michael Petlan Cc: Athira Rajeev Cc: Ian Rogers Cc: Masami Hiramatsu Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240702110849.31904-3-vmolnaro@redhat.com Signed-off-by: Veronika Molnarova Signed-off-by: Arnaldo Carvalho de Melo commit a68080e1a21b3183ee804ae05726f6103e322348 Author: Arnaldo Carvalho de Melo Date: Tue Aug 27 15:57:33 2024 -0300 perf test vfs_getname: Look for alternative line where to collect the pathname The getname_flags() routine changed recently and thus the place where we were getting the pathname is not probeable anymore, albeit still present, so use the next line for that, before: root@number:/home/acme/git/perf-tools-next# perf test vfs_getname 91: Add vfs_getname probe to get syscall args filenames : FAILED! 93: Use vfs_getname probe to get syscall args filenames : FAILED! 126: Check open filename arg using perf trace + vfs_getname : FAILED! root@number:/home/acme/git/perf-tools-next# Now tests 91 and 126 are passing, some more investigation is needed for test 93, that continues to fail. Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Signed-off-by: Arnaldo Carvalho de Melo commit 150ca9ccc4e94eaa07b9d3e07f45fec842b68a78 Author: Namhyung Kim Date: Tue Aug 20 08:45:04 2024 -0700 perf test: Update sample filtering tests with multiple events Add Multiple bpf-filter test for two or more events with filters. It uses task-clock and page-faults events with different filter expressions and check the perf script output $ sudo ./perf test filtering -vv 96: perf record sample filtering (by BPF) tests: --- start --- test child forked, pid 2804025 Checking BPF-filter privilege Basic bpf-filter test Basic bpf-filter test [Success] Failing bpf-filter test Error: task-clock event does not have PERF_SAMPLE_CPU Failing bpf-filter test [Success] Group bpf-filter test Error: task-clock event does not have PERF_SAMPLE_CPU Error: task-clock event does not have PERF_SAMPLE_CODE_PAGE_SIZE Group bpf-filter test [Success] Multiple bpf-filter test Multiple bpf-filter test [Success] ---- end(0) ---- 96: perf record sample filtering (by BPF) tests : Ok Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: KP Singh Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Link: https://lore.kernel.org/r/20240820154504.128923-3-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 1a5474a779798f6ba9d798469326ebfa6b4a8fae Author: Namhyung Kim Date: Tue Aug 20 08:45:03 2024 -0700 perf tools: Print lost samples due to BPF filter Print the actual dropped sample count in the event stat. $ sudo perf record -o- -e cycles --filter 'period < 10000' \ -e instructions --filter 'ip > 0x8000000000000000' perf test -w noploop | \ perf report --stat -i- [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.058 MB - ] Aggregated stats: TOTAL events: 469 MMAP events: 268 (57.1%) COMM events: 2 ( 0.4%) EXIT events: 1 ( 0.2%) SAMPLE events: 16 ( 3.4%) MMAP2 events: 22 ( 4.7%) LOST_SAMPLES events: 2 ( 0.4%) KSYMBOL events: 89 (19.0%) BPF_EVENT events: 39 ( 8.3%) ATTR events: 2 ( 0.4%) FINISHED_ROUND events: 1 ( 0.2%) ID_INDEX events: 1 ( 0.2%) THREAD_MAP events: 1 ( 0.2%) CPU_MAP events: 1 ( 0.2%) EVENT_UPDATE events: 2 ( 0.4%) TIME_CONV events: 1 ( 0.2%) FEATURE events: 20 ( 4.3%) FINISHED_INIT events: 1 ( 0.2%) cycles stats: SAMPLE events: 2 LOST_SAMPLES (BPF) events: 4010 instructions stats: SAMPLE events: 14 LOST_SAMPLES (BPF) events: 3990 Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: KP Singh Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Link: https://lore.kernel.org/r/20240820154504.128923-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 0fe2b18ddc40bf8fbcd96dab651822dbadc1cd85 Author: Namhyung Kim Date: Tue Aug 20 08:45:02 2024 -0700 perf bpf-filter: Support multiple events properly So far it used tgid as a key to get the filter expressions in the pinned filters map for regular users but it won't work well if the has more than one filters at the same time. Let's add the event id to the key of the filter hash map so that it can identify the right filter expression in the BPF program. As the event can be inherited to child tasks, it should use the primary id which belongs to the parent (original) event. Since evsel opens the event for multiple CPUs and tasks, it needs to maintain a separate hash map for the event id. In the user space, it keeps a list for the multiple evsel and release the entries in the both hash map when it closes the event. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: KP Singh Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Link: https://lore.kernel.org/r/20240820154504.128923-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 4f3affe0abf5d5910dc469a1f63257629605d3c3 Author: Kan Liang Date: Tue Aug 20 11:32:02 2024 -0700 perf hist: Don't set hpp_fmt_value for members in --no-group Perf crashes as below when applying --no-group # perf record -e "{cache-misses,branches"} -b sleep 1 # perf report --stdio --no-group free(): invalid next size (fast) Aborted (core dumped) # In the __hpp__fmt(), only 1 hpp_fmt_value is allocated for the current event when --no-group is applied. However, the current implementation tries to assign the hists from all members to the hpp_fmt_value, which exceeds the allocated memory. Fixes: 8f6071a3dce40e69 ("perf hist: Simplify __hpp_fmt() using hpp_fmt_data") Signed-off-by: Kan Liang Acked-by: Namhyung Kim Cc: Ian Rogers Cc: Ingo Molnar Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240820183202.3174323-1-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 3008598ef3b009252aaf2f5967df0b11d14258a6 Author: Peng Fan Date: Fri Aug 23 17:05:22 2024 +0800 rtc: support i.MX95 BBM RTC The BBM module provides RTC feature. To i.MX95, this module is managed by System Manager and exported System Control Management Interface(SCMI). Linux could use i.MX SCMI BBM Extension protocol to use RTC feature. This driver is to use SCMI interface to get/set RTC. Reviewed-by: Cristian Marussi Signed-off-by: Peng Fan Message-Id: <20240823-imx95-bbm-misc-v2-v8-6-e600ed9e9271@nxp.com> Acked-by: Alexandre Belloni Signed-off-by: Sudeep Holla commit d17baf052cbbd793784bc0f4fc613459afa4b883 Author: Peng Fan Date: Fri Aug 23 17:05:23 2024 +0800 input: keyboard: support i.MX95 BBM module The BBM module provides BUTTON feature. To i.MX95, this module is managed by System Manager and exported using System Management Control Interface(SCMI). Linux could use i.MX SCMI BBM Extension protocol to use BUTTON feature. This driver is to use SCMI interface to enable pwrkey. Acked-by: Dmitry Torokhov Signed-off-by: Peng Fan Message-Id: <20240823-imx95-bbm-misc-v2-v8-7-e600ed9e9271@nxp.com> Signed-off-by: Sudeep Holla commit 0b4f8a68b292e7ee82107b1ce15c3aad31c864b1 Author: Peng Fan Date: Fri Aug 23 17:05:21 2024 +0800 firmware: imx: Add i.MX95 MISC driver The i.MX95 System manager exports SCMI MISC protocol for linux to do various settings, such as set board gpio expander as wakeup source. The driver is to add the support. Reviewed-by: Cristian Marussi Signed-off-by: Peng Fan Message-Id: <20240823-imx95-bbm-misc-v2-v8-5-e600ed9e9271@nxp.com> Signed-off-by: Sudeep Holla commit 61c9f03e22fc57fe61726c513b1f92c0ed1ef00f Author: Peng Fan Date: Fri Aug 23 17:05:19 2024 +0800 firmware: arm_scmi: Add initial support for i.MX MISC protocol i.MX95 System Manager(SM) firmware includes a SCMI vendor protocol, SCMI MISC protocol which includes controls that are misc settings/actions that must be exposed from the SM to agents. They are device specific and are usually define to access bit fields in various mix block control modules, IOMUX_GPR, and other General Purpose registers, Control Status Registers owned by the SM. Reviewed-by: Cristian Marussi Signed-off-by: Peng Fan Message-Id: <20240823-imx95-bbm-misc-v2-v8-3-e600ed9e9271@nxp.com> Signed-off-by: Sudeep Holla commit 41845541adebc503b8574943c92670016d5e566b Author: Peng Fan Date: Fri Aug 23 17:05:18 2024 +0800 firmware: arm_scmi: Add initial support for i.MX BBM protocol i.MX95 has a battery-backed module(BBM), which has persistent storage (GPR), an RTC, and the ON/OFF button. The System Manager(SM) firmware use SCMI vendor protocol(SCMI BBM) to let agent be able to use GPR, RTC and ON/OFF button. Reviewed-by: Cristian Marussi Signed-off-by: Peng Fan Message-Id: <20240823-imx95-bbm-misc-v2-v8-2-e600ed9e9271@nxp.com> Signed-off-by: Sudeep Holla commit c66beeab7436de419b6f3281479d702c1b0eb915 Author: Peng Fan Date: Fri Aug 23 17:05:20 2024 +0800 firmware: arm_scmi: Add NXP i.MX95 SCMI documentation Add NXP i.MX95 System Control Management Interface(SCMI) vendor extensions protocol documentation. Reviewed-by: Cristian Marussi Signed-off-by: Peng Fan Message-Id: <20240823-imx95-bbm-misc-v2-v8-4-e600ed9e9271@nxp.com> Signed-off-by: Sudeep Holla commit 7d2b23fda9961e7bfdd063a1708445b101a831c5 Author: Peng Fan Date: Fri Aug 23 17:05:17 2024 +0800 dt-bindings: firmware: Add i.MX95 SCMI Extension protocol Add i.MX SCMI Extension protocols bindings for: - Battery Backed Module(BBM) Protocol This contains persistent storage (GPR), an RTC, and the ON/OFF button. The protocol can also provide access to similar functions implemented via external board components. - MISC Protocol. This includes controls that are misc settings/actions that must be exposed from the SM to agents. They are device specific and are usually define to access bit fields in various mix block control modules, IOMUX_GPR, and other GPR/CSR owned by the SM. Reviewed-by: Rob Herring (Arm) Reviewed-by: Cristian Marussi Signed-off-by: Peng Fan Message-Id: <20240823-imx95-bbm-misc-v2-v8-1-e600ed9e9271@nxp.com> Signed-off-by: Sudeep Holla commit dd72a3b8a6007b44ed3b85e1d606afc434879e70 Author: Rob Herring (Arm) Date: Wed Aug 28 08:00:55 2024 -0500 regulator: qcom_spmi: Use of_property_read_bool() Use of_property_read_bool() to read boolean properties rather than of_find_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT property pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240828130056.3481050-2-robh@kernel.org Signed-off-by: Mark Brown commit 7540bd3398675e54cbd7324c47be8cd3c7a6d9c5 Author: Rob Herring (Arm) Date: Wed Aug 28 08:00:54 2024 -0500 regulator: qcom_spmi: Drop unnecessary of_find_property() call There's no need to check for presence of "qcom,saw-reg" before parsing it. If the property doesn't exist, parsing it will return NULL. Signed-off-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240828130056.3481050-1-robh@kernel.org Signed-off-by: Mark Brown commit 61c60977926e15716f469577797cd86d0369cbaa Author: Ricardo Robaina Date: Wed Aug 28 08:25:06 2024 -0300 audit: use task_tgid_nr() instead of task_pid_nr() In a few audit records, PIDs were being recorded with task_pid_nr() instead of task_tgid_nr(). $ grep "task_pid_nr" kernel/audit*.c audit.c: task_pid_nr(current), auditfilter.c: pid = task_pid_nr(current); auditsc.c: audit_log_format(ab, " pid=%u", task_pid_nr(current)); For single-thread applications, the process id (pid) and the thread group id (tgid) are the same. However, on multi-thread applications, task_pid_nr() returns the current thread id (user-space's TID), while task_tgid_nr() returns the main thread id (user-space's PID). Since the users are more interested in the process id (pid), rather than the thread id (tid), this patch converts these callers to the correct method. Link: https://github.com/linux-audit/audit-kernel/issues/126 Reviewed-by: Richard Guy Briggs Signed-off-by: Ricardo Robaina Signed-off-by: Paul Moore commit 98845e7753902937da24b9053537b7936c916abd Author: Nathan Chancellor Date: Wed Aug 28 11:05:35 2024 -0700 hwmon: (oxp-sensors) Add missing breaks to fix -Wimplicit-fallthrough with clang clang warns (or errors due to CONFIG_WERROR): drivers/hwmon/oxp-sensors.c:481:3: error: unannotated fall-through between switch labels [-Werror,-Wimplicit-fallthrough] drivers/hwmon/oxp-sensors.c:553:3: error: unannotated fall-through between switch labels [-Werror,-Wimplicit-fallthrough] drivers/hwmon/oxp-sensors.c:556:2: error: unannotated fall-through between switch labels [-Werror,-Wimplicit-fallthrough] drivers/hwmon/oxp-sensors.c:607:3: error: unannotated fall-through between switch labels [-Werror,-Wimplicit-fallthrough] Clang is a little more pedantic than GCC, which does not warn when falling through to a case that is just break or return. Clang's version is more in line with the kernel's own stance in deprecated.rst, which states that all switch/case blocks must end in either break, fallthrough, continue, goto, or return. Add the missing breaks to silence the warnings. Fixes: b82b38a49926 ("hwmon: (oxp-sensors) Add support for multiple new devices.") Signed-off-by: Nathan Chancellor Message-ID: <20240828-hwmon-oxp-sensors-fix-clang-implicit-fallthrough-v1-1-dc48496ac67a@kernel.org> Signed-off-by: Guenter Roeck commit 55c312c1b2be6d43e39c280ad6ab4b711e545b89 Author: Yuntao Liu Date: Thu Aug 15 09:38:53 2024 +0000 clk: starfive: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage We need to call pm_runtime_put_noidle() when pm_runtime_get_sync() fails, so use pm_runtime_resume_and_get() instead. this function will handle this. Fixes: dae5448a327ed ("clk: starfive: Add StarFive JH7110 Video-Output clock driver") Signed-off-by: Yuntao Liu Link: https://lore.kernel.org/r/20240815093853.757487-1-liuyuntao12@huawei.com Reviewed-by: Xingyu Wu Signed-off-by: Stephen Boyd commit 9d6e9f10e2e031fb7bfb3030a7d1afc561a28fea Author: David Lechner Date: Mon Aug 26 10:35:29 2024 -0500 clk: ti: dra7-atl: Fix leak of of_nodes This fix leaking the of_node references in of_dra7_atl_clk_probe(). The docs for of_parse_phandle_with_args() say that the caller must call of_node_put() on the returned node. This adds the missing of_node_put() to fix the leak. Fixes: 9ac33b0ce81f ("CLK: TI: Driver for DRA7 ATL (Audio Tracking Logic)") Signed-off-by: David Lechner Link: https://lore.kernel.org/r/20240826-clk-fix-leak-v1-1-f55418a13aa6@baylibre.com Signed-off-by: Stephen Boyd commit df7e70e38c6329016d17299431e7020c985660d3 Author: Yuesong Li Date: Wed Aug 28 15:35:15 2024 +0800 clk:davinci: make use of dev_err_cast_probe() Using dev_err_cast_probe() to simplify the code. Signed-off-by: Yuesong Li Link: https://lore.kernel.org/r/20240828073515.950677-1-liyuesong@vivo.com Reviewed-by: David Lechner Signed-off-by: Stephen Boyd commit deb269e0394f2c75e1735132e29fa2f5181e107a Author: Jinjie Ruan Date: Mon Aug 26 20:49:03 2024 +0800 spi: bcmbca-hsspi: Use devm_spi_alloc_host() Use devm_spi_alloc_host() so that there's no need to call spi_controller_put() in the error path. Signed-off-by: Jinjie Ruan Reviewed-by: William Zhang Link: https://patch.msgid.link/20240826124903.3429235-3-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 4439a2e92cb89028b22c5d7ba1b99e75d7d889f6 Author: Jinjie Ruan Date: Mon Aug 26 20:49:02 2024 +0800 spi: bcmbca-hsspi: Fix missing pm_runtime_disable() The pm_runtime_disable() is missing in remove function, use devm_pm_runtime_enable() to fix it. So the pm_runtime_disable() in the probe error path can also be removed. Fixes: a38a2233f23b ("spi: bcmbca-hsspi: Add driver for newer HSSPI controller") Signed-off-by: Jinjie Ruan Reviewed-by: William Zhang Link: https://patch.msgid.link/20240826124903.3429235-2-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit fb234516c5a0728d7dbd718667c33c1523b55fe8 Author: Johan Jonker Date: Mon Aug 26 18:39:46 2024 +0200 dt-bindings: clock: rockchip: remove CLK_NR_CLKS and CLKPMU_NR_CLKS CLK_NR_CLKS and CLKPMU_NR_CLKS should not be part of the binding. Remove since the kernel code no longer uses it. Signed-off-by: Johan Jonker Acked-by: Conor Dooley Link: https://lore.kernel.org/r/a3292ed0-3489-4887-8567-40ea4983c592@gmail.com Signed-off-by: Heiko Stuebner commit 1a229868852ffe1d59f6bdad1e473d9d5f9e14bb Author: Johan Jonker Date: Mon Aug 26 18:39:36 2024 +0200 clk: rockchip: rk3399: Drop CLK_NR_CLKS CLKPMU_NR_CLKS usage In order to get rid of CLK_NR_CLKS and CLKPMU_NR_CLKS and be able to drop it from the bindings, use rockchip_clk_find_max_clk_id helper to find the highest clock id. Signed-off-by: Johan Jonker Link: https://lore.kernel.org/r/45f83b1f-64f8-4ea5-bc93-ebf7507a9709@gmail.com Signed-off-by: Heiko Stuebner commit 41563197e7f2a0b449476bbbe931cb2806e84966 Author: Johan Jonker Date: Mon Aug 26 18:39:25 2024 +0200 clk: rockchip: rk3368: Drop CLK_NR_CLKS usage In order to get rid of CLK_NR_CLKS and be able to drop it from the bindings, use rockchip_clk_find_max_clk_id helper to find the highest clock id. Signed-off-by: Johan Jonker Link: https://lore.kernel.org/r/2a19c3cc-5f4d-4d03-90b2-e0bb13b0502f@gmail.com Signed-off-by: Heiko Stuebner commit 0758fe99bc969294c2391de145b67c1223c7b104 Author: Johan Jonker Date: Mon Aug 26 18:39:13 2024 +0200 clk: rockchip: rk3328: Drop CLK_NR_CLKS usage In order to get rid of CLK_NR_CLKS and be able to drop it from the bindings, use rockchip_clk_find_max_clk_id helper to find the highest clock id. Signed-off-by: Johan Jonker Link: https://lore.kernel.org/r/38ea6be0-3596-49ec-8de9-aef9c7f2bbb6@gmail.com Signed-off-by: Heiko Stuebner commit 31fe14956883bc09846ce239993e215330218a6f Author: Johan Jonker Date: Mon Aug 26 18:39:02 2024 +0200 clk: rockchip: rk3308: Drop CLK_NR_CLKS usage In order to get rid of CLK_NR_CLKS and be able to drop it from the bindings, use rockchip_clk_find_max_clk_id helper to find the highest clock id. Signed-off-by: Johan Jonker Link: https://lore.kernel.org/r/9fbca2d8-f904-4913-ba05-8715e748a454@gmail.com Signed-off-by: Heiko Stuebner commit 545b1313c5a24eed0e4d34554c715b46686251ff Author: Johan Jonker Date: Mon Aug 26 18:38:51 2024 +0200 clk: rockchip: rk3288: Drop CLK_NR_CLKS usage In order to get rid of CLK_NR_CLKS and be able to drop it from the bindings, use rockchip_clk_find_max_clk_id helper to find the highest clock id. Signed-off-by: Johan Jonker Link: https://lore.kernel.org/r/af141286-7994-4e3f-93e2-6ee4e718ef8a@gmail.com Signed-off-by: Heiko Stuebner commit 819b2e19a9f7dc9e84a00e2f6da2b2f15a01cee6 Author: Johan Jonker Date: Mon Aug 26 18:38:39 2024 +0200 clk: rockchip: rk3228: Drop CLK_NR_CLKS usage In order to get rid of CLK_NR_CLKS and be able to drop it from the bindings, use rockchip_clk_find_max_clk_id helper to find the highest clock id. Signed-off-by: Johan Jonker Link: https://lore.kernel.org/r/2ee6f0a5-a1bb-4b62-ae6b-8f3828f8eccc@gmail.com Signed-off-by: Heiko Stuebner commit ec4f4261c315d9bc30bb1bb8c3bb17cbaebe7741 Author: Johan Jonker Date: Mon Aug 26 18:38:25 2024 +0200 clk: rockchip: rk3036: Drop CLK_NR_CLKS usage In order to get rid of CLK_NR_CLKS and be able to drop it from the bindings, use rockchip_clk_find_max_clk_id helper to find the highest clock id. Signed-off-by: Johan Jonker Link: https://lore.kernel.org/r/c8e73847-f472-4473-ac55-068cb28b98f6@gmail.com Signed-off-by: Heiko Stuebner commit 2496910c84a4bd1aa2c10fe57cf4ae1cbcab17f4 Author: Johan Jonker Date: Mon Aug 26 18:38:12 2024 +0200 clk: rockchip: px30: Drop CLK_NR_CLKS CLKPMU_NR_CLKS usage In order to get rid of CLK_NR_CLKS and CLKPMU_NR_CLKS and be able to drop it from the bindings, use rockchip_clk_find_max_clk_id helper to find the highest clock id. Signed-off-by: Johan Jonker Link: https://lore.kernel.org/r/5ad12808-61f5-4e3b-801e-85231375b6a6@gmail.com Signed-off-by: Heiko Stuebner commit 87d8ecf015444c51ea9d9154f633f98b7748a724 Author: Jani Nikula Date: Tue Aug 27 12:15:39 2024 +0300 drm/xe: replace #include with include/drm/xe_drm.h does not exist. Prefer the explicit uapi include. Signed-off-by: Jani Nikula Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240827091539.4136838-1-jani.nikula@intel.com Signed-off-by: Rodrigo Vivi commit a7f657097e96d8fa745c74bb1a239ebd5a8c971c Author: Karthik Poosa Date: Tue Aug 27 21:23:01 2024 +0530 drm/xe/hwmon: Fix WRITE_I1 param from u32 to u16 WRITE_I1 sub-command of the POWER_SETUP pcode command accepts a u16 parameter instead of u32. This change prevents potential illegal sub-command errors. v2: Mask uval instead of changing the prototype. (Badal) v3: Rephrase commit message. (Badal) Signed-off-by: Karthik Poosa Fixes: 92d44a422d0d ("drm/xe/hwmon: Expose card reactive critical power") Reviewed-by: Badal Nilawar Link: https://patchwork.freedesktop.org/patch/msgid/20240827155301.183383-1-karthik.poosa@intel.com Signed-off-by: Rodrigo Vivi commit f92d67e23b8caa81f6322a2bad1d633b00ca000e Author: Krzysztof Kozlowski Date: Mon Aug 26 08:58:01 2024 +0200 clk: bcm: bcm53573: fix OF node leak in init Driver code is leaking OF node reference from of_get_parent() in bcm53573_ilp_init(). Usage of of_get_parent() is not needed in the first place, because the parent node will not be freed while we are processing given node (triggered by CLK_OF_DECLARE()). Thus fix the leak by accessing parent directly, instead of of_get_parent(). Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240826065801.17081-1-krzysztof.kozlowski@linaro.org Signed-off-by: Stephen Boyd commit aeb4ae66cb50faddf60be9297d0d5d392aacdd3e Author: Ilia Levi Date: Mon Aug 26 13:06:55 2024 +0300 drm/xe: move the kernel lrc from hwe to execlist port The kernel lrc is used solely by the execlist infra. Move it to the execlist port struct and initialize it only when execlists are used. v2: Rebase, improve error handling readability (Jonathan) Signed-off-by: Ilia Levi Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240826100655.1719060-1-ilia.levi@intel.com Signed-off-by: Rodrigo Vivi commit e2e75e4202d70086c1061b692da0c979d89f7f9c Author: Dmitry Torokhov Date: Tue Aug 27 11:00:56 2024 -0700 Input: mt6779-keypad - use devm_clk_get_enabled() Switch to using devm_clk_get_enable() helper instead of acquiring the clock with devm_clk_get(), enabling it, and defining and installing a custom devm action to call clk_disable(). Reviewed-by: Mattijs Korpershoek Link: https://lore.kernel.org/r/Zs4UWGKt3hLjNmoP@google.com Signed-off-by: Dmitry Torokhov commit 4bb59323450db610b06c549fa4d5936e94fb9a36 Author: Yue Haibing Date: Sat Aug 10 17:45:40 2024 +0800 dmaengine: ti: k3-udma: Remove unused declarations Commit d70241913413 ("dmaengine: ti: k3-udma: Add glue layer for non DMAengine users") declared but never implemented these. Signed-off-by: Yue Haibing Acked-by: Peter Ujfalusi Link: https://lore.kernel.org/r/20240810094540.2589310-1-yuehaibing@huawei.com Signed-off-by: Vinod Koul commit 73d5fc92a11cacb73a1aac0b5793c47e48c5b537 Author: Nishad Saraf Date: Mon Aug 19 14:19:48 2024 -0700 dmaengine: amd: qdma: Add AMD QDMA driver Adds driver to enable PCIe board which uses AMD QDMA (the Queue-based Direct Memory Access) subsystem. For example, Xilinx Alveo V70 AI Accelerator devices. https://www.xilinx.com/applications/data-center/v70.html The QDMA subsystem is used in conjunction with the PCI Express IP block to provide high performance data transfer between host memory and the card's DMA subsystem. +-------+ +-------+ +-----------+ PCIe | | | | | | Tx/Rx | | | | AXI | | <=======> | PCIE | <===> | QDMA | <====>| User Logic| | | | | | | +-------+ +-------+ +-----------+ The primary mechanism to transfer data using the QDMA is for the QDMA engine to operate on instructions (descriptors) provided by the host operating system. Using the descriptors, the QDMA can move data in both the Host to Card (H2C) direction, or the Card to Host (C2H) direction. The QDMA provides a per-queue basis option whether DMA traffic goes to an AXI4 memory map (MM) interface or to an AXI4-Stream interface. The hardware detail is provided by https://docs.xilinx.com/r/en-US/pg302-qdma Implements dmaengine APIs to support MM DMA transfers. - probe the available DMA channels - use dma_slave_map for channel lookup - use virtual channel to manage dmaengine tx descriptors - implement device_prep_slave_sg callback to handle host scatter gather list Signed-off-by: Nishad Saraf Signed-off-by: Lizhi Hou Link: https://lore.kernel.org/r/20240819211948.688786-2-lizhi.hou@amd.com Signed-off-by: Vinod Koul commit 51c42ae3d76a16167abbde7dc19b7220c5786d35 Author: Rohit Visavalia Date: Wed Aug 21 06:40:43 2024 -0700 dmaengine: xilinx: dpdma: Add support for cyclic dma mode This patch adds support for DPDMA cyclic dma mode, DMA cyclic transfers are required by audio streaming. Signed-off-by: Rohit Visavalia Signed-off-by: Radhey Shyam Pandey Signed-off-by: Vishal Sagar Reviewed-by: Tomi Valkeinen Link: https://lore.kernel.org/r/20240821134043.2885506-1-vishal.sagar@amd.com Signed-off-by: Vinod Koul commit 654beb75ca95240c00c78be0bbc2ea66a125a997 Author: Christophe JAILLET Date: Wed Aug 21 18:46:33 2024 +0200 dma: ipu: Remove include/linux/dma/ipu-dma.h When this file was renamed in commit b8a6d9980f75 ("dma: ipu: rename mach/ipu.h to include/linux/dma/ipu-dma.h"), 4 .c files have been modified accordingly: drivers/dma/ipu/ipu_idmac.c drivers/dma/ipu/ipu_irq.c --> removed in commit f1de55ff7c70 ("dmaengine: ipu: Remove the driver") in 2023-08 drivers/media/platform/soc_camera/mx3_camera.c --> removed in commit c93cc61475eb ("[media] staging/media: remove deprecated mx3 driver") in 2016-06 drivers/video/mx3fb.c --> removed in commit bfac19e239a7 ("fbdev: mx3fb: Remove the driver") in 2023-08 Now include/linux/dma/ipu-dma.h is unused and can be removed as-well. Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/532e7e2816ccf226f3ab1fa76ec7873bc09299d0.1724258714.git.christophe.jaillet@wanadoo.fr Signed-off-by: Vinod Koul commit 3adcf970dc7ec0469ec3116a5a8be9161d17a335 Author: Balasubramani Vivekanandan Date: Wed Aug 28 13:51:52 2024 +0530 drm/xe/bmg: Drop force_probe requirement Battlemage platform is sufficiently tested and found stable. CI is also pretty stable. Remove the force_probe requirement to enable the platform support by default. Cc: Thomas Hellström Cc: Rodrigo Vivi Cc: Jani Nikula Signed-off-by: Balasubramani Vivekanandan Reviewed-by: Rodrigo Vivi Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240828082152.3194814-1-balasubramani.vivekanandan@intel.com Signed-off-by: Lucas De Marchi commit 68cfb28332420e0515cb6ffdb46921d59ba9739f Author: Zhen Lei Date: Thu Aug 22 22:08:58 2024 +0800 selinux: simplify avc_xperms_audit_required() By associative and commutative laws, the result of the two 'audited' is zero. Take the second 'audited' as an example: 1) audited = requested & avd->auditallow; 2) audited &= ~requested; ==> audited = ~requested & (requested & avd->auditallow); ==> audited = (~requested & requested) & avd->auditallow; ==> audited = 0 & avd->auditallow; ==> audited = 0; In fact, it is more readable to directly write zero. The value of the first 'audited' is 0 because AUDIT is not allowed. The second 'audited' is zero because there is no AUDITALLOW permission. Signed-off-by: Zhen Lei Signed-off-by: Paul Moore commit 125b749221aa54db069a7805f08d99b55c74c88c Author: Lukasz Majewski Date: Wed Aug 28 11:27:09 2024 +0200 ASoC: dt-bindings: Convert mxs-saif.txt to fsl,saif.yaml (imx28 saif) The 'fsl,imx28-saif' compatible has already the mxs-saif.txt description. This patch converts (and removes it) this file to fsl,saif.yaml (to follow current fsl convention). Changes for the mxs-saif.txt: - Adds 'clocks', '#clock-cells' and '#sound-dai-cells' properties - Provide device description Signed-off-by: Lukasz Majewski Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240828092709.2626359-1-lukma@denx.de Signed-off-by: Mark Brown commit f189c972f86b00318cf2547b62e461cb98374e34 Author: Neil Armstrong Date: Wed Aug 28 15:53:55 2024 +0200 ASoC: dt-bindings: amlogic,gx-sound-card: document clocks property The sound card design is based on reference PLL frequencies that are the root of all clock rates calculations. Today, those frequencies are currently specified in DT via assigned-clocks, because they correspond to the basic audio use-case. It makes no sense to setup clock rates for a sound card without referencing the clocks for the sound card, mainly because at some point more complex audio use cases will be supported and those root rates would need to change. To solve this situation, let's legitimize the presence of assigned-clocks in the sound card by documenting those clocks, as it describes a true dependency of the sound card and paths the way of more complex audio uses-cases involving those root frequencies. Signed-off-by: Neil Armstrong Acked-by: Conor Dooley Link: https://patch.msgid.link/20240828-topic-amlogic-upstream-bindings-fixes-audio-snd-card-v2-2-58159abf0779@linaro.org Signed-off-by: Mark Brown commit 4b1d9019b26fd654ebc2d0d2e100ed56ef1821f0 Author: Neil Armstrong Date: Wed Aug 28 15:53:54 2024 +0200 ASoC: dt-bindings: amlogic,axg-sound-card: document clocks property The sound card design is based on reference PLL frequencies that are the root of all clock rates calculations. Today, those frequencies are currently specified in DT via assigned-clocks, because they correspond to the basic audio use-case. It makes no sense to setup clock rates for a sound card without referencing the clocks for the sound card, mainly because at some point more complex audio use cases will be supported and those root rates would need to change. To solve this situation, let's legitimize the presence of assigned-clocks in the sound card by documenting those clocks, as it describes a true dependency of the sound card and paths the way of more complex audio uses-cases involving those root frequencies. Signed-off-by: Neil Armstrong Acked-by: Conor Dooley Link: https://patch.msgid.link/20240828-topic-amlogic-upstream-bindings-fixes-audio-snd-card-v2-1-58159abf0779@linaro.org Signed-off-by: Mark Brown commit 4460e8538ef17c86eae46ccbe096eee8c740a7d0 Author: Muhammad Usama Anjum Date: Mon Jun 10 10:28:10 2024 +0500 MAINTAINERS: Add selftests/x86 entry There are no maintainers specified for tools/testing/selftests/x86. Shuah has mentioned [1] that the patches should go through x86 tree or in special cases directly to Shuah's tree after getting ack-ed from x86 maintainers. Different people have been confused when sending patches as correct maintainers aren't found by get_maintainer.pl script. Fix this by adding entry to MAINTAINERS file. [1] https://lore.kernel.org/all/90dc0dfc-4c67-4ea1-b705-0585d6e2ec47@linuxfoundation.org Signed-off-by: Muhammad Usama Anjum Signed-off-by: Borislav Petkov (AMD) Acked-by: Dave Hansen Link: https://lore.kernel.org/r/20240610052810.1488793-1-usama.anjum@collabora.com commit 540fcd5fbdb5f3bbd6f6a88d85b9993a9318d474 Author: Devarsh Thakkar Date: Mon Aug 26 21:52:49 2024 +0530 arm64: dts: ti: k3-am62a: Add E5010 JPEG Encoder This adds node for E5010 JPEG Encoder which is a stateful JPEG Encoder present in AM62A SoC [1], supporting baseline encoding of semiplanar based YUV420 and YUV422 raw video formats to JPEG encoding, with resolutions supported from 64x64 to 8kx8k. E5010 JPEG Encoder IP is present in main domain, so this also adds address range for core and mmu regions of E5010 IP in cbass_main node. Link: https://www.ti.com/lit/pdf/spruj16 [1] Signed-off-by: Devarsh Thakkar Link: https://lore.kernel.org/r/20240826162250.380005-2-devarsht@ti.com Signed-off-by: Nishanth Menon commit 46ca5c7207703b36025228a6b7a29198a1539d10 Author: Bhavya Kapoor Date: Tue Aug 27 16:26:43 2024 +0530 arm64: dts: ti: k3-j722s-evm: Add support for multiple CAN instances CAN instances 0 and 1 in the mcu domain and 0 in the main domain are brought on the evm through headers J5, J8 and J10 respectively. Thus, add their respective transceiver's 0, 1 and 2 dt nodes as well as add the required pinmux to add support for these CAN instances. Signed-off-by: Bhavya Kapoor Reviewed-by: Judith Mendez Link: https://lore.kernel.org/r/20240827105644.575862-2-b-kapoor@ti.com Signed-off-by: Nishanth Menon commit 010b035ab4d7a1c4fd13936f42eef857ddbeede7 Author: Bhavya Kapoor Date: Tue Aug 27 16:26:44 2024 +0530 arm64: dts: ti: k3-j722s-evm: Describe main_uart5 System firmware uses main_uart5 in J722S EVM for trace data. Thus, describe it in device tree for completeness, adding the pinmux and mark it as reserved. Signed-off-by: Bhavya Kapoor Link: https://lore.kernel.org/r/20240827105644.575862-3-b-kapoor@ti.com Signed-off-by: Nishanth Menon commit 0c95ffb74eec3c3d0a5e712984f0c095e58a1021 Author: Vibhore Vardhan Date: Mon Aug 26 13:07:48 2024 -0500 arm64: dts: ti: k3-am62p5-sk: Remove CTS/RTS from wkup_uart0 pinctrl wkup_uart0 is a reserved node that is used by Device Manager firmware. Only TX and RX pins are required for the firmware and enabling pinctrl for CTS and RTS breaks the wakeup functionality of wkup_uart0. Drop the conflicting muxes. Signed-off-by: Vibhore Vardhan Signed-off-by: Bryan Brattlof Link: https://lore.kernel.org/r/20240826-am62p-v1-1-b713b48628d1@ti.com Signed-off-by: Nishanth Menon commit bdebd509e43e508386488ba7a35cf714dffa0088 Author: Beleswar Padhi Date: Mon Aug 26 16:18:20 2024 +0530 arm64: dts: ti: k3-am69-sk: Change timer nodes status to reserved The remoteproc firmware like of R5F and DSPs in the MAIN voltage domain use timers. Therefore, change the status of the timer nodes to "reserved" to avoid any clash. Usage is described as below: +===================+=============+ | Remoteproc node | Timer Node | +===================+=============+ | main_r5fss0_core0 | main_timer4 | +-------------------+-------------+ | main_r5fss0_core1 | main_timer5 | +-------------------+-------------+ | main_r5fss1_core0 | main_timer6 | +-------------------+-------------+ | main_r5fss1_core1 | main_timer7 | +-------------------+-------------+ | main_r5fss2_core0 | main_timer8 | +-------------------+-------------+ | main_r5fss2_core1 | main_timer9 | +-------------------+-------------+ | c71_0 | main_timer0 | +-------------------+-------------+ | c71_1 | main_timer1 | +-------------------+-------------+ | c71_2 | main_timer2 | +-------------------+-------------+ | c71_3 | main_timer3 | +-------------------+-------------+ Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826104821.1516344-8-b-padhi@ti.com Signed-off-by: Nishanth Menon commit d8087ca36a29fa81cc80dd0a9b347b2877cc9b3d Author: Beleswar Padhi Date: Mon Aug 26 16:18:19 2024 +0530 arm64: dts: ti: k3-j784s4-evm: Change timer nodes status to reserved The remoteproc firmware like of R5F and DSPs in the MAIN voltage domain use timers. Therefore, change the status of the timer nodes to "reserved" to avoid any clash. Usage is described as below: +===================+=============+ | Remoteproc node | Timer Node | +===================+=============+ | main_r5fss0_core0 | main_timer4 | +-------------------+-------------+ | main_r5fss0_core1 | main_timer5 | +-------------------+-------------+ | main_r5fss1_core0 | main_timer6 | +-------------------+-------------+ | main_r5fss1_core1 | main_timer7 | +-------------------+-------------+ | main_r5fss2_core0 | main_timer8 | +-------------------+-------------+ | main_r5fss2_core1 | main_timer9 | +-------------------+-------------+ | c71_0 | main_timer0 | +-------------------+-------------+ | c71_1 | main_timer1 | +-------------------+-------------+ | c71_2 | main_timer2 | +-------------------+-------------+ | c71_3 | main_timer3 | +-------------------+-------------+ Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826104821.1516344-7-b-padhi@ti.com Signed-off-by: Nishanth Menon commit ce25e4c7dff5c9a392ad5a5c38c4fc7031305cd2 Author: Beleswar Padhi Date: Mon Aug 26 16:18:18 2024 +0530 arm64: dts: ti: k3-am68-sk-som: Change timer nodes status to reserved The remoteproc firmware like of R5F and DSPs in the MAIN voltage domain use timers. Therefore, change the status of the timer nodes to "reserved" to avoid any clash. Usage is described as below: +===================+=============+ | Remoteproc node | Timer Node | +===================+=============+ | main_r5fss0_core0 | main_timer2 | +-------------------+-------------+ | main_r5fss0_core1 | main_timer3 | +-------------------+-------------+ | main_r5fss1_core0 | main_timer4 | +-------------------+-------------+ | main_r5fss1_core1 | main_timer5 | +-------------------+-------------+ | c71_0 | main_timer0 | +-------------------+-------------+ | c71_1 | main_timer1 | +-------------------+-------------+ Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826104821.1516344-6-b-padhi@ti.com Signed-off-by: Nishanth Menon commit 1cf3a036f91a2e5a6187f7cea8f9bfab1d9b504f Author: Beleswar Padhi Date: Mon Aug 26 16:18:17 2024 +0530 arm64: dts: ti: k3-j721s2-som-p0: Change timer nodes status to reserved The remoteproc firmware like of R5F and DSPs in the MAIN voltage domain use timers. Therefore, change the status of the timer nodes to "reserved" to avoid any clash. Usage is described as below: +===================+=============+ | Remoteproc node | Timer Node | +===================+=============+ | main_r5fss0_core0 | main_timer2 | +-------------------+-------------+ | main_r5fss0_core1 | main_timer3 | +-------------------+-------------+ | main_r5fss1_core0 | main_timer4 | +-------------------+-------------+ | main_r5fss1_core1 | main_timer5 | +-------------------+-------------+ | c71_0 | main_timer0 | +-------------------+-------------+ | c71_1 | main_timer1 | +-------------------+-------------+ Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826104821.1516344-5-b-padhi@ti.com Signed-off-by: Nishanth Menon commit a8d1241bd6e57add2807c3127f987f8929bb45a1 Author: Beleswar Padhi Date: Mon Aug 26 16:18:16 2024 +0530 arm64: dts: ti: k3-j721e-sk: Change timer nodes status to reserved The remoteproc firmware like of R5F and DSPs in the MAIN voltage domain use timers. Therefore, change the status of the timer nodes to "reserved" to avoid any clash. Usage is described as below: +===================+==============+ | Remoteproc node | Timer Node | +===================+==============+ | main_r5fss0_core0 | main_timer12 | +-------------------+--------------+ | main_r5fss0_core1 | main_timer13 | +-------------------+--------------+ | main_r5fss1_core0 | main_timer14 | +-------------------+--------------+ | main_r5fss1_core1 | main_timer15 | +-------------------+--------------+ | c66_0 | main_timer0 | +-------------------+--------------+ | c66_1 | main_timer1 | +-------------------+--------------+ | c71_0 | main_timer2 | +-------------------+--------------+ Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826104821.1516344-4-b-padhi@ti.com Signed-off-by: Nishanth Menon commit 96b2d17bfe407faae341053e1f376c7429c03c22 Author: Beleswar Padhi Date: Mon Aug 26 16:18:15 2024 +0530 arm64: dts: ti: k3-j721e-som-p0: Change timer nodes status to reserved The remoteproc firmware like of R5F and DSPs in the MAIN voltage domain use timers. Therefore, change the status of the timer nodes to "reserved" to avoid any clash. Usage is described as below: +===================+==============+ | Remoteproc node | Timer Node | +===================+==============+ | main_r5fss0_core0 | main_timer12 | +-------------------+--------------+ | main_r5fss0_core1 | main_timer13 | +-------------------+--------------+ | main_r5fss1_core0 | main_timer14 | +-------------------+--------------+ | main_r5fss1_core1 | main_timer15 | +-------------------+--------------+ | c66_0 | main_timer0 | +-------------------+--------------+ | c66_1 | main_timer1 | +-------------------+--------------+ | c71_0 | main_timer2 | +-------------------+--------------+ Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826104821.1516344-3-b-padhi@ti.com Signed-off-by: Nishanth Menon commit f7d6dacb233e1fe7e99e766abddd2a0247957d80 Author: Beleswar Padhi Date: Mon Aug 26 16:18:14 2024 +0530 arm64: dts: ti: k3-j7200-som-p0: Change timer nodes status to reserved The remoteproc firmware of R5F in the MAIN voltage domain use timers. Therefore, change the status of the timer nodes to "reserved" to avoid any clash. Usage is described as below: +===================+==========================+ | Remoteproc node | Timer Node | +===================+==========================+ | main_r5fss0_core0 | main_timer0, main_timer2 | +-------------------+--------------------------+ | main_r5fss0_core1 | main_timer1 | +-------------------+--------------------------+ Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826104821.1516344-2-b-padhi@ti.com Signed-off-by: Nishanth Menon commit dba27d026fc841d28a0ed373f617cc84ec0e4504 Author: Jan Kiszka Date: Wed Aug 28 09:39:01 2024 +0200 arm64: dts: ti: iot2050: Add overlays for M.2 used by firmware To allow firmware to pick up all DTs from here, move the overlays that are normally applied during DT fixup to the kernel source as well. Hook then into the build nevertheless to ensure that regular checks are performed. Signed-off-by: Jan Kiszka Link: https://lore.kernel.org/r/91f8b825467651ebd51a4051f153ab136eeb1849.1724830741.git.jan.kiszka@siemens.com Signed-off-by: Nishanth Menon commit e0133f883cf115d9e97e704169a9fb6003caefb2 Author: Li Hua Qian Date: Wed Aug 28 09:39:00 2024 +0200 arm64: dts: ti: iot2050: Disable lock-step for all iot2050 boards The PG1 A variant of the iot2050 series has been identified which partially lacks support for lock-step mode. This implies that all iot2050 boards can't support this mode. As a result, lock-step mode has been disabled across all iot2050 boards for consistency and to avoid potential issues. Signed-off-by: Li Hua Qian Signed-off-by: Jan Kiszka Link: https://lore.kernel.org/r/d1f5f84db7a1597cd29628a0b503e578367b7b40.1724830741.git.jan.kiszka@siemens.com Signed-off-by: Nishanth Menon commit 34d0e51ad34b0b1f8d6020020bf7e4e8e4f5cbe1 Author: Beleswar Padhi Date: Mon Aug 26 15:00:24 2024 +0530 arm64: dts: ti: k3-am69-sk: Switch MAIN R5F clusters to Split-mode The TI AM69 SK board has three R5F clusters in the MAIN domain, and all of these are configured for LockStep mode at the moment. Switch all of these R5F clusters to Split mode by default to maximize the number of R5F cores. Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826093024.1183540-8-b-padhi@ti.com Signed-off-by: Nishanth Menon commit 10ef034f94ef7916c89f40e3b3844bcd066a7a58 Author: Beleswar Padhi Date: Mon Aug 26 15:00:23 2024 +0530 arm64: dts: ti: k3-j784s4-evm: Switch MAIN R5F clusters to Split-mode The TI J784S4 EVM board has three R5F clusters in the MAIN domain, and all of these are configured for LockStep mode at the moment. Switch all of these R5F clusters to Split mode by default to maximize the number of R5F cores. Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826093024.1183540-7-b-padhi@ti.com Signed-off-by: Nishanth Menon commit e1f2bf759c533fb86380ded089a16fba24222832 Author: Beleswar Padhi Date: Mon Aug 26 15:00:22 2024 +0530 arm64: dts: ti: k3-am68-sk-som: Switch MAIN R5F clusters to Split-mode The TI AM68 SK board has two R5F clusters in the MAIN domain, and both of these are configured for LockStep mode at the moment. Switch both of these R5F clusters to Split mode by default to maximize the number of R5F cores. Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826093024.1183540-6-b-padhi@ti.com Signed-off-by: Nishanth Menon commit ab630a7f429195a02185faec448603d2ae4b12d5 Author: Beleswar Padhi Date: Mon Aug 26 15:00:21 2024 +0530 arm64: dts: ti: k3-j721s2-som-p0: Switch MAIN R5F clusters to Split-mode The TI J721S2 EVM board has two R5F clusters in the MAIN domain, and both of these are configured for LockStep mode at the moment. Switch both of these R5F clusters to Split mode by default to maximize the number of R5F cores. Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826093024.1183540-5-b-padhi@ti.com Signed-off-by: Nishanth Menon commit 17613194f8f765c5559c2a1aab56b76ffbc4a2ee Author: Beleswar Padhi Date: Mon Aug 26 15:00:20 2024 +0530 arm64: dts: ti: k3-j721e-sk: Switch MAIN R5F clusters to Split-mode The TI J721E SK board has two R5F clusters in the MAIN domain, and both of these are configured for LockStep mode at the moment. Switch both of these R5F clusters to Split mode by default to maximize the number of R5F cores. Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826093024.1183540-4-b-padhi@ti.com Signed-off-by: Nishanth Menon commit 956d1f88a7df31cd7264b07d9ff7fe886aa96ae5 Author: Beleswar Padhi Date: Mon Aug 26 15:00:19 2024 +0530 arm64: dts: ti: k3-j721e-som-p0: Switch MAIN R5F clusters to Split-mode The TI J721E EVM board has two R5F clusters in the MAIN domain, and both of these are configured for LockStep mode at the moment. Switch both of these R5F clusters to Split mode by default to maximize the number of R5F cores. Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826093024.1183540-3-b-padhi@ti.com Signed-off-by: Nishanth Menon commit 936fa8b91abac356b8c8afd70959dba8420ddc18 Author: Beleswar Padhi Date: Mon Aug 26 15:00:18 2024 +0530 arm64: dts: ti: k3-j7200-som-p0: Switch MAIN R5F cluster to Split-mode The TI J7200 EVM board has one R5F cluster in the MAIN domain, and it is configured for LockStep mode at the moment. Switch the MAIN R5F cluster to Split mode by default to maximize the number of R5F cores. Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240826093024.1183540-2-b-padhi@ti.com Signed-off-by: Nishanth Menon commit e8c643daeaa9040e18f8349993b9bc504e9d2117 Author: Devarsh Thakkar Date: Mon Aug 26 21:52:50 2024 +0530 arm64: defconfig: Enable E5010 JPEG Encoder This enables E5010 JPEG Encoder which is a stateful JPEG Encoder present in TI's AM62A SoC [1] and supporting baseline encoding of semiplanar based YUV420 and YUV422 raw video formats to JPEG encoding, with resolutions supported from 64x64 to 8kx8k resolution. Link: https://www.ti.com/lit/pdf/spruj16 [1] Signed-off-by: Devarsh Thakkar Link: https://lore.kernel.org/r/20240826162250.380005-3-devarsht@ti.com Signed-off-by: Nishanth Menon commit 68123510b7c1c610387dd306f92ff539c3c546b5 Author: Kousik Sanagavarapu Date: Sun Aug 25 14:18:45 2024 +0530 soc: ti: pm33xx: do device_node auto cleanup Use scope based cleanup instead of manual of_node_put() calls, hence simplifying the handling of error paths. Suggested-by: Julia Lawall Signed-off-by: Kousik Sanagavarapu Link: https://lore.kernel.org/r/20240825085714.10736-5-five231003@gmail.com Signed-off-by: Nishanth Menon commit b0289dbf1c952c04ba48b05cc6345381999ef055 Author: Kousik Sanagavarapu Date: Sun Aug 25 14:18:44 2024 +0530 soc: ti: knav_qmss_queue: do device_node auto cleanup Use scope based cleanup, instead of manual of_node_put() calls, which automatically free()s "struct device_node". While at it, refactor the code from knav_queue_probe() into the separate functions to make auto cleanup look more neat. Doing the cleanup this way has the advantage of reducing the chance of memory leaks in case we need to read from new OF nodes in the future when we probe. Suggested-by: Julia Lawall Reviewed-by: Jonathan Cameron Signed-off-by: Kousik Sanagavarapu Link: https://lore.kernel.org/r/20240825085714.10736-4-five231003@gmail.com Signed-off-by: Nishanth Menon commit df70c0b4828bb85f1370453288a0a63d7618decf Author: Kousik Sanagavarapu Date: Sun Aug 25 14:18:43 2024 +0530 soc: ti: pruss: do device_node auto cleanup Use scope based cleanup instead of manual of_node_put() calls, hence simplifying the handling of error paths at various places. While at it, use dev_err_probe() instead of dev_err() in all the code paths touched. Suggested-by: Julia Lawall Signed-off-by: Kousik Sanagavarapu Link: https://lore.kernel.org/r/20240825085714.10736-3-five231003@gmail.com Signed-off-by: Nishanth Menon commit 952ceb03787dde88fc713c7453824e25bf12cb3a Author: Kousik Sanagavarapu Date: Sun Aug 25 14:18:42 2024 +0530 soc: ti: pruss: factor out memories setup Factor out memories setup code from probe() into a new function pruss_of_setup_memories(). This sets the stage for introducing auto cleanup of the device node (done in the subsequent patch), since the clean up depends on the scope of the pointer and factoring out code into a separate function obviously limits the scope of the various variables used in that function. Apart from the above, this change also has the advantage of making the code look more neat. While at it, use dev_err_probe() instead of plain dev_err() as this new function is called by the probe(). Signed-off-by: Kousik Sanagavarapu Link: https://lore.kernel.org/r/20240825085714.10736-2-five231003@gmail.com Signed-off-by: Nishanth Menon commit fdf47b3a379b180403bd29b59e4159deff748e0b Author: Logan Bristol Date: Fri Aug 9 08:57:53 2024 -0500 arm64: dts: ti: k3-am64*: Disable ethernet by default at SoC level External interfaces should be disabled at the SoC DTSI level, since the node is incomplete. Disable Ethernet switch and ports in SoC DTSI and enable them in the board DTS. If the board DTS includes a SoM DTSI that completes the node description, enable the Ethernet switch and ports in SoM DTSI. Reflect this change in SoM DTSIs by removing ethernet port disable. Signed-off-by: Logan Bristol Acked-by: Matthias Schiffer Acked-by: Josua Mayer Link: https://lore.kernel.org/r/20240809135753.1186-1-logan.bristol@utexas.edu Signed-off-by: Nishanth Menon commit 549833b697534a6f61840941b7c847669cfd77fa Author: Eric Chanudet Date: Mon Aug 5 13:42:51 2024 -0400 arm64: dts: ti: k3-j784s4-main: Align watchdog clocks assigned-clock sets DEV_RTIx_RTI_CLK(id:0) whereas clocks sets DEV_RTIx_RTI_CLK_PARENT_GLUELOGIC_HFOSC0_CLKOUT(id:1)[1]. This does not look right, the timers in the driver assume a max frequency of 32kHz for the heartbeat (HFOSC0 is 19.2MHz on j784s4-evm). With this change, WDIOC_GETTIMELEFT return coherent time left (DEFAULT_HEARTBEAT=60, reports 60s upon opening the cdev). [1] https://software-dl.ti.com/tisci/esd/latest/5_soc_doc/j784s4/clocks.html#clocks-for-rti0-device Fixes: caae599de8c6 ("arm64: dts: ti: k3-j784s4-main: Add the main domain watchdog instances") Suggested-by: Andrew Halaney Signed-off-by: Eric Chanudet Tested-by: Andrew Halaney Tested-by: Udit Kumar Link: https://lore.kernel.org/r/20240805174330.2132717-2-echanude@redhat.com Signed-off-by: Nishanth Menon commit c72084163cd22ebf59d936669ec25b1fc2b7494c Author: Himal Prasad Ghimiray Date: Wed Aug 28 14:52:29 2024 +0530 drm/xe: Fix NPD in ggtt_node_remove() Make sure that ggtt_node_remove() is invoked only if both node and ggtt are not null. Move the null checks to the caller function xe_ggtt_node_remove(). v2: Move null check below declarations (Tejas) Fixes: 919bb54e989c ("drm/xe: Fix missing runtime outer protection for ggtt_remove_node") Cc: Rodrigo Vivi Cc: Lucas De Marchi Cc: Tejas Upadhyay Reviewed-by: Tejas Upadhyay Signed-off-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240828092229.3606503-1-himal.prasad.ghimiray@intel.com Signed-off-by: Rodrigo Vivi commit 1a314099b7559690fe23cdf3300dfff6e830ecb1 Author: Andrew Davis Date: Thu Aug 1 13:12:32 2024 -0500 arm64: dts: ti: k3-j721e-beagleboneai64: Fix reversed C6x carveout locations The DMA carveout for the C6x core 0 is at 0xa6000000 and core 1 is at 0xa7000000. These are reversed in DT. While both C6x can access either region, so this is not normally a problem, but if we start restricting the memory each core can access (such as with firewalls) the cores accessing the regions for the wrong core will not work. Fix this here. Fixes: fae14a1cb8dd ("arm64: dts: ti: Add k3-j721e-beagleboneai64") Signed-off-by: Andrew Davis Link: https://lore.kernel.org/r/20240801181232.55027-2-afd@ti.com Signed-off-by: Nishanth Menon commit 9f3814a7c06b7c7296cf8c1622078ad71820454b Author: Andrew Davis Date: Thu Aug 1 13:12:31 2024 -0500 arm64: dts: ti: k3-j721e-sk: Fix reversed C6x carveout locations The DMA carveout for the C6x core 0 is at 0xa6000000 and core 1 is at 0xa7000000. These are reversed in DT. While both C6x can access either region, so this is not normally a problem, but if we start restricting the memory each core can access (such as with firewalls) the cores accessing the regions for the wrong core will not work. Fix this here. Fixes: f46d16cf5b43 ("arm64: dts: ti: k3-j721e-sk: Add DDR carveout memory nodes") Signed-off-by: Andrew Davis Link: https://lore.kernel.org/r/20240801181232.55027-1-afd@ti.com Signed-off-by: Nishanth Menon commit 4844ab3fe7cc6bb13fa02c5df42c39dc4cff3cec Author: Krzysztof Kozlowski Date: Sun Aug 18 19:30:14 2024 +0200 dt-bindings: clock: st,stm32mp1-rcc: add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clocks and clock-names. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240818173014.122073-5-krzysztof.kozlowski@linaro.org Acked-by: Conor Dooley Signed-off-by: Stephen Boyd commit 354831f3a8af101080d8fbffcef0eb0075a5dade Author: Krzysztof Kozlowski Date: Sun Aug 18 19:30:11 2024 +0200 dt-bindings: clock: cirrus,lochnagar: add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clocks. Drop also redundant assigned-clocks properties, because core dtschema allows them if clocks are provided. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240818173014.122073-2-krzysztof.kozlowski@linaro.org Acked-by: Conor Dooley Signed-off-by: Stephen Boyd commit d6871d25b4e3e09a38f43c245bfa17b78dc4b312 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:30:10 2024 +0200 dt-bindings: clock: baikal,bt1-ccu-div: add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clocks and clock-names. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240818173014.122073-1-krzysztof.kozlowski@linaro.org Reviewed-by: Serge Semin Acked-by: Conor Dooley Signed-off-by: Stephen Boyd commit 4f451bc91e7a0d198d0ded5e96cdd69c3e5e9e67 Merge: a1a94016db4be2 9307694f340e51 Author: Mark Brown Date: Wed Aug 28 17:33:56 2024 +0100 ASoC: Intel: boards: updates for 6.12 Merge series from Bard Liao : Some simplifications from Brent Lu for Chromebooks, a new SoundWire codec support from Bard Liao, new cs42l43 match entries support from Charles Keepax, Add quirks from some new Dell laptops from Maciej Strozek, some ACPI match entries from Balamurugan C, and few bug fixes from Pierre-Louis Bossart. v2: - Add "ASoC: SOF: Intel: hda: support BT link mask in mach_params" commit to fix the build issue in v1. Balamurugan C (2): ASoC: Intel: soc-acpi: Add entry for sof_es8336 in ARL match table. ASoC: Intel: soc-acpi: Add entry for HDMI_In capture support in ARL match table Bard Liao (4): ASoC: Intel: sof_sdw: add rt1320 amp support ASoC: SOF: Intel: hda: refactoring topology name fixup for HDA mach ASoC: Intel: sof_sdw: move ignore_internal_dmic check earlier ASoC: Intel: sof_sdw: overwrite mach_params->dmic_num Brent Lu (5): ASoC: SOF: Intel: hda: refactoring topology name fixup for SDW mach ASoC: SOF: Intel: hda: support BT link mask in mach_params ASoC: Intel: skl_hda_dsp_generic: support BT audio offload ASoC: Intel: skl_hda_dsp_generic: remove hdac-hdmi support ASoC: Intel: skl_hda_dsp_generic: use sof_hdmi_private to init HDMI Charles Keepax (3): ASoC: Intel: soc-acpi: arl: Add match entries for new cs42l43 laptops ASoC: Intel: soc-acpi: adl: Add match entries for new cs42l43 laptops ASoC: Intel: soc-acpi: lnl: Add match entries for new cs42l43 laptops Maciej Strozek (1): ASoC: Intel: sof_sdw: Add quirks from some new Dell laptops Pierre-Louis Bossart (2): ASoC: Intel: sof_sdw: make sof_sdw_quirk static ASoC: Intel: boards: always check the result of acpi_dev_get_first_match_dev() include/sound/soc-acpi.h | 2 + sound/soc/intel/boards/Kconfig | 2 +- sound/soc/intel/boards/bytcht_cx2072x.c | 4 + sound/soc/intel/boards/bytcht_da7213.c | 4 + sound/soc/intel/boards/bytcht_es8316.c | 2 +- sound/soc/intel/boards/bytcr_rt5640.c | 2 +- sound/soc/intel/boards/bytcr_rt5651.c | 2 +- sound/soc/intel/boards/cht_bsw_rt5645.c | 4 + sound/soc/intel/boards/cht_bsw_rt5672.c | 4 + sound/soc/intel/boards/skl_hda_dsp_common.c | 56 ++-- sound/soc/intel/boards/skl_hda_dsp_common.h | 39 +-- sound/soc/intel/boards/skl_hda_dsp_generic.c | 58 ++-- sound/soc/intel/boards/sof_es8336.c | 12 +- sound/soc/intel/boards/sof_sdw.c | 85 +++++- sound/soc/intel/boards/sof_sdw_common.h | 2 - sound/soc/intel/boards/sof_wm8804.c | 4 + .../intel/common/soc-acpi-intel-adl-match.c | 105 +++++++ .../intel/common/soc-acpi-intel-arl-match.c | 244 +++++++++++++++ .../intel/common/soc-acpi-intel-hda-match.c | 12 +- .../intel/common/soc-acpi-intel-lnl-match.c | 104 +++++++ sound/soc/sdw_utils/soc_sdw_rt_amp.c | 11 +- sound/soc/sdw_utils/soc_sdw_utils.c | 19 ++ sound/soc/sof/intel/hda.c | 281 ++++++++---------- 23 files changed, 780 insertions(+), 278 deletions(-) -- 2.43.0 commit a1a94016db4be2957ae35835a25e3cb4c605db7e Merge: 75560718e83bed 290f31e943a29c Author: Mark Brown Date: Wed Aug 28 17:33:49 2024 +0100 ASoC: soc-pcm: makes snd_soc_dpcm_can_be_xxx() local Merge series from Kuninori Morimoto : No driver is calling snd_soc_dpcm_can_be_xxx() functions. We don't need to have EXPORT_SYMBOL_GPL() for them. This patch-set makes it static function. commit c4b908a23fab2653cb844b77cbe576358c021053 Author: Sudeep Holla Date: Tue Aug 27 15:38:38 2024 +0100 firmware: arm_scmi: Replace comma with the semicolon Replace the typo comma with the semicolon. No functional change. Message-Id: <20240827143838.1465913-4-sudeep.holla@arm.com> Signed-off-by: Sudeep Holla commit ccf502193126e168cfca08ec3d8a2460057a0da5 Author: Sudeep Holla Date: Tue Aug 27 15:38:37 2024 +0100 firmware: arm_scmi: Replace the use of of_node_put() to __free(device_node) Use __free for device_node values, and thus drop calls to of_node_put. The goal is simplify of_node reference cleanup by using this scope-based of_node_put() cleanup to simplify function exit handling. When using __free a resource is allocated within a block, it is automatically freed at the end of the block. This cleanup aligns well with the recent change in shmem.c to use __free instead of explicit of_node_put() calls. Message-Id: <20240827143838.1465913-3-sudeep.holla@arm.com> Signed-off-by: Sudeep Holla commit 50db2ef5c719c90ef30cbc05dd80ac91688fd966 Author: Sudeep Holla Date: Tue Aug 27 15:38:36 2024 +0100 firmware: arm_scmi: Fix trivial whitespace/coding style issues Fix couple of unnecessary multiple blank lines and spaces instead of tabs. No functional change. Message-Id: <20240827143838.1465913-2-sudeep.holla@arm.com> Signed-off-by: Sudeep Holla commit 9ab27eb5866ccbf57715cfdba4b03d57776092fb Author: Jan Kiszka Date: Mon Aug 19 17:24:51 2024 +0200 remoteproc: k3-r5: Fix error handling when power-up failed By simply bailing out, the driver was violating its rule and internal assumptions that either both or no rproc should be initialized. E.g., this could cause the first core to be available but not the second one, leading to crashes on its shutdown later on while trying to dereference that second instance. Fixes: 61f6f68447ab ("remoteproc: k3-r5: Wait for core0 power-up before powering up core1") Signed-off-by: Jan Kiszka Acked-by: Beleswar Padhi Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/9f481156-f220-4adf-b3d9-670871351e26@siemens.com Signed-off-by: Mathieu Poirier commit a3422eb4facdebb685b9b4688feb60430450e3c9 Author: Guido Trentalancia Date: Wed Aug 28 11:35:19 2024 +0200 selinux: mark both IPv4 and IPv6 accepted connection sockets as labeled The current partial labeling was introduced in 389fb800ac8b ("netlabel: Label incoming TCP connections correctly in SELinux") due to the fact that IPv6 labeling was not supported yet at the time. Signed-off-by: Guido Trentalancia [PM: properly format the referenced commit ID, adjust subject] Signed-off-by: Paul Moore commit c264487e5410e5a72db8a414566ab7d144223e6c Author: Hao Ge Date: Tue Aug 20 10:36:22 2024 +0800 selftests/bpf: Fix incorrect parameters in NULL pointer checking Smatch reported the following warning: ./tools/testing/selftests/bpf/testing_helpers.c:455 get_xlated_program() warn: variable dereferenced before check 'buf' (see line 454) It seems correct,so let's modify it based on it's suggestion. Actually,commit b23ed4d74c4d ("selftests/bpf: Fix invalid pointer check in get_xlated_program()") fixed an issue in the test_verifier.c once,but it was reverted this time. Let's solve this issue with the minimal changes possible. Reported-by: Dan Carpenter Closes: https://lore.kernel.org/all/1eb3732f-605a-479d-ba64-cd14250cbf91@stanley.mountain/ Fixes: b4b7a4099b8c ("selftests/bpf: Factor out get_xlated_program() helper") Signed-off-by: Hao Ge Link: https://lore.kernel.org/r/20240820023622.29190-1-hao.ge@linux.dev Signed-off-by: Alexei Starovoitov commit 4961d8f47b140a9b48c63de091f99dbf7b32a23b Merge: d205d4af3a5ee8 5d4fa9ec5643a5 Author: Alexei Starovoitov Date: Wed Aug 28 08:41:34 2024 -0700 Merge branch 'bpf-arm64-simplify-jited-prologue-epilogue' Xu Kuohai says: ==================== bpf, arm64: Simplify jited prologue/epilogue From: Xu Kuohai The arm64 jit blindly saves/restores all callee-saved registers, making the jited result looks a bit too compliated. For example, for an empty prog, the jited result is: 0: bti jc 4: mov x9, lr 8: nop c: paciasp 10: stp fp, lr, [sp, #-16]! 14: mov fp, sp 18: stp x19, x20, [sp, #-16]! 1c: stp x21, x22, [sp, #-16]! 20: stp x26, x25, [sp, #-16]! 24: mov x26, #0 28: stp x26, x25, [sp, #-16]! 2c: mov x26, sp 30: stp x27, x28, [sp, #-16]! 34: mov x25, sp 38: bti j // tailcall target 3c: sub sp, sp, #0 40: mov x7, #0 44: add sp, sp, #0 48: ldp x27, x28, [sp], #16 4c: ldp x26, x25, [sp], #16 50: ldp x26, x25, [sp], #16 54: ldp x21, x22, [sp], #16 58: ldp x19, x20, [sp], #16 5c: ldp fp, lr, [sp], #16 60: mov x0, x7 64: autiasp 68: ret Clearly, there is no need to save/restore unused callee-saved registers. This patch does this change, making the jited image to only save/restore the callee-saved registers it uses. Now the jited result of empty prog is: 0: bti jc 4: mov x9, lr 8: nop c: paciasp 10: stp fp, lr, [sp, #-16]! 14: mov fp, sp 18: stp xzr, x26, [sp, #-16]! 1c: mov x26, sp 20: bti j // tailcall target 24: mov x7, #0 28: ldp xzr, x26, [sp], #16 2c: ldp fp, lr, [sp], #16 30: mov x0, x7 34: autiasp 38: ret ==================== Acked-by: Puranjay Mohan Link: https://lore.kernel.org/r/20240826071624.350108-1-xukuohai@huaweicloud.com Signed-off-by: Alexei Starovoitov commit 5d4fa9ec5643a5c75d3c1e6abf50fb9284caf1ff Author: Xu Kuohai Date: Mon Aug 26 15:16:24 2024 +0800 bpf, arm64: Avoid blindly saving/restoring all callee-saved registers The arm64 jit blindly saves/restores all callee-saved registers, making the jited result looks a bit too compliated. For example, for an empty prog, the jited result is: 0: bti jc 4: mov x9, lr 8: nop c: paciasp 10: stp fp, lr, [sp, #-16]! 14: mov fp, sp 18: stp x19, x20, [sp, #-16]! 1c: stp x21, x22, [sp, #-16]! 20: stp x26, x25, [sp, #-16]! 24: mov x26, #0 28: stp x26, x25, [sp, #-16]! 2c: mov x26, sp 30: stp x27, x28, [sp, #-16]! 34: mov x25, sp 38: bti j // tailcall target 3c: sub sp, sp, #0 40: mov x7, #0 44: add sp, sp, #0 48: ldp x27, x28, [sp], #16 4c: ldp x26, x25, [sp], #16 50: ldp x26, x25, [sp], #16 54: ldp x21, x22, [sp], #16 58: ldp x19, x20, [sp], #16 5c: ldp fp, lr, [sp], #16 60: mov x0, x7 64: autiasp 68: ret Clearly, there is no need to save/restore unused callee-saved registers. This patch does this change, making the jited image to only save/restore the callee-saved registers it uses. Now the jited result of empty prog is: 0: bti jc 4: mov x9, lr 8: nop c: paciasp 10: stp fp, lr, [sp, #-16]! 14: mov fp, sp 18: stp xzr, x26, [sp, #-16]! 1c: mov x26, sp 20: bti j // tailcall target 24: mov x7, #0 28: ldp xzr, x26, [sp], #16 2c: ldp fp, lr, [sp], #16 30: mov x0, x7 34: autiasp 38: ret Since bpf prog saves/restores its own callee-saved registers as needed, to make tailcall work correctly, the caller needs to restore its saved registers before tailcall, and the callee needs to save its callee-saved registers after tailcall. This extra restoring/saving instructions increases preformance overhead. [1] provides 2 benchmarks for tailcall scenarios. Below is the perf number measured in an arm64 KVM guest. The result indicates that the performance difference before and after the patch in typical tailcall scenarios is negligible. - Before: Performance counter stats for './test_progs -t tailcalls' (5 runs): 4313.43 msec task-clock # 0.874 CPUs utilized ( +- 0.16% ) 574 context-switches # 133.073 /sec ( +- 1.14% ) 0 cpu-migrations # 0.000 /sec 538 page-faults # 124.727 /sec ( +- 0.57% ) 10697772784 cycles # 2.480 GHz ( +- 0.22% ) (61.19%) 25511241955 instructions # 2.38 insn per cycle ( +- 0.08% ) (66.70%) 5108910557 branches # 1.184 G/sec ( +- 0.08% ) (72.38%) 2800459 branch-misses # 0.05% of all branches ( +- 0.51% ) (72.36%) TopDownL1 # 0.60 retiring ( +- 0.09% ) (66.84%) # 0.21 frontend_bound ( +- 0.15% ) (61.31%) # 0.12 bad_speculation ( +- 0.08% ) (50.11%) # 0.07 backend_bound ( +- 0.16% ) (33.30%) 8274201819 L1-dcache-loads # 1.918 G/sec ( +- 0.18% ) (33.15%) 468268 L1-dcache-load-misses # 0.01% of all L1-dcache accesses ( +- 4.69% ) (33.16%) 385383 LLC-loads # 89.345 K/sec ( +- 5.22% ) (33.16%) 38296 LLC-load-misses # 9.94% of all LL-cache accesses ( +- 42.52% ) (38.69%) 6886576501 L1-icache-loads # 1.597 G/sec ( +- 0.35% ) (38.69%) 1848585 L1-icache-load-misses # 0.03% of all L1-icache accesses ( +- 4.52% ) (44.23%) 9043645883 dTLB-loads # 2.097 G/sec ( +- 0.10% ) (44.33%) 416672 dTLB-load-misses # 0.00% of all dTLB cache accesses ( +- 5.15% ) (49.89%) 6925626111 iTLB-loads # 1.606 G/sec ( +- 0.35% ) (55.46%) 66220 iTLB-load-misses # 0.00% of all iTLB cache accesses ( +- 1.88% ) (55.50%) L1-dcache-prefetches L1-dcache-prefetch-misses 4.9372 +- 0.0526 seconds time elapsed ( +- 1.07% ) Performance counter stats for './test_progs -t flow_dissector' (5 runs): 10924.50 msec task-clock # 0.945 CPUs utilized ( +- 0.08% ) 603 context-switches # 55.197 /sec ( +- 1.13% ) 0 cpu-migrations # 0.000 /sec 566 page-faults # 51.810 /sec ( +- 0.42% ) 27381270695 cycles # 2.506 GHz ( +- 0.18% ) (60.46%) 56996583922 instructions # 2.08 insn per cycle ( +- 0.21% ) (66.11%) 10321647567 branches # 944.816 M/sec ( +- 0.17% ) (71.79%) 3347735 branch-misses # 0.03% of all branches ( +- 3.72% ) (72.15%) TopDownL1 # 0.52 retiring ( +- 0.13% ) (66.74%) # 0.27 frontend_bound ( +- 0.14% ) (61.27%) # 0.14 bad_speculation ( +- 0.19% ) (50.36%) # 0.07 backend_bound ( +- 0.42% ) (33.89%) 18740797617 L1-dcache-loads # 1.715 G/sec ( +- 0.43% ) (33.71%) 13715669 L1-dcache-load-misses # 0.07% of all L1-dcache accesses ( +- 32.85% ) (33.34%) 4087551 LLC-loads # 374.164 K/sec ( +- 29.53% ) (33.26%) 267906 LLC-load-misses # 6.55% of all LL-cache accesses ( +- 23.90% ) (38.76%) 15811864229 L1-icache-loads # 1.447 G/sec ( +- 0.12% ) (38.73%) 2976833 L1-icache-load-misses # 0.02% of all L1-icache accesses ( +- 9.73% ) (44.22%) 20138907471 dTLB-loads # 1.843 G/sec ( +- 0.18% ) (44.15%) 732850 dTLB-load-misses # 0.00% of all dTLB cache accesses ( +- 11.18% ) (49.64%) 15895726702 iTLB-loads # 1.455 G/sec ( +- 0.15% ) (55.13%) 152075 iTLB-load-misses # 0.00% of all iTLB cache accesses ( +- 4.71% ) (54.98%) L1-dcache-prefetches L1-dcache-prefetch-misses 11.5613 +- 0.0317 seconds time elapsed ( +- 0.27% ) - After: Performance counter stats for './test_progs -t tailcalls' (5 runs): 4278.78 msec task-clock # 0.871 CPUs utilized ( +- 0.15% ) 569 context-switches # 132.982 /sec ( +- 0.58% ) 0 cpu-migrations # 0.000 /sec 539 page-faults # 125.970 /sec ( +- 0.43% ) 10588986432 cycles # 2.475 GHz ( +- 0.20% ) (60.91%) 25303825043 instructions # 2.39 insn per cycle ( +- 0.08% ) (66.48%) 5110756256 branches # 1.194 G/sec ( +- 0.07% ) (72.03%) 2719569 branch-misses # 0.05% of all branches ( +- 2.42% ) (72.03%) TopDownL1 # 0.60 retiring ( +- 0.22% ) (66.31%) # 0.22 frontend_bound ( +- 0.21% ) (60.83%) # 0.12 bad_speculation ( +- 0.26% ) (50.25%) # 0.06 backend_bound ( +- 0.17% ) (33.52%) 8163648527 L1-dcache-loads # 1.908 G/sec ( +- 0.33% ) (33.52%) 694979 L1-dcache-load-misses # 0.01% of all L1-dcache accesses ( +- 30.53% ) (33.52%) 1902347 LLC-loads # 444.600 K/sec ( +- 48.84% ) (33.69%) 96677 LLC-load-misses # 5.08% of all LL-cache accesses ( +- 43.48% ) (39.30%) 6863517589 L1-icache-loads # 1.604 G/sec ( +- 0.37% ) (39.17%) 1871519 L1-icache-load-misses # 0.03% of all L1-icache accesses ( +- 6.78% ) (44.56%) 8927782813 dTLB-loads # 2.087 G/sec ( +- 0.14% ) (44.37%) 438237 dTLB-load-misses # 0.00% of all dTLB cache accesses ( +- 6.00% ) (49.75%) 6886906831 iTLB-loads # 1.610 G/sec ( +- 0.36% ) (55.08%) 67568 iTLB-load-misses # 0.00% of all iTLB cache accesses ( +- 3.27% ) (54.86%) L1-dcache-prefetches L1-dcache-prefetch-misses 4.9114 +- 0.0309 seconds time elapsed ( +- 0.63% ) Performance counter stats for './test_progs -t flow_dissector' (5 runs): 10948.40 msec task-clock # 0.942 CPUs utilized ( +- 0.05% ) 615 context-switches # 56.173 /sec ( +- 1.65% ) 1 cpu-migrations # 0.091 /sec ( +- 31.62% ) 567 page-faults # 51.788 /sec ( +- 0.44% ) 27334194328 cycles # 2.497 GHz ( +- 0.08% ) (61.05%) 56656528828 instructions # 2.07 insn per cycle ( +- 0.08% ) (66.67%) 10270389422 branches # 938.072 M/sec ( +- 0.10% ) (72.21%) 3453837 branch-misses # 0.03% of all branches ( +- 3.75% ) (72.27%) TopDownL1 # 0.52 retiring ( +- 0.16% ) (66.55%) # 0.27 frontend_bound ( +- 0.09% ) (60.91%) # 0.14 bad_speculation ( +- 0.08% ) (49.85%) # 0.07 backend_bound ( +- 0.16% ) (33.33%) 18982866028 L1-dcache-loads # 1.734 G/sec ( +- 0.24% ) (33.34%) 8802454 L1-dcache-load-misses # 0.05% of all L1-dcache accesses ( +- 52.30% ) (33.31%) 2612962 LLC-loads # 238.661 K/sec ( +- 29.78% ) (33.45%) 264107 LLC-load-misses # 10.11% of all LL-cache accesses ( +- 18.34% ) (39.07%) 15793205997 L1-icache-loads # 1.443 G/sec ( +- 0.15% ) (39.09%) 3930802 L1-icache-load-misses # 0.02% of all L1-icache accesses ( +- 3.72% ) (44.66%) 20097828496 dTLB-loads # 1.836 G/sec ( +- 0.09% ) (44.68%) 961757 dTLB-load-misses # 0.00% of all dTLB cache accesses ( +- 3.32% ) (50.15%) 15838728506 iTLB-loads # 1.447 G/sec ( +- 0.09% ) (55.62%) 167652 iTLB-load-misses # 0.00% of all iTLB cache accesses ( +- 1.28% ) (55.52%) L1-dcache-prefetches L1-dcache-prefetch-misses 11.6173 +- 0.0268 seconds time elapsed ( +- 0.23% ) [1] https://lore.kernel.org/bpf/20200724123644.5096-1-maciej.fijalkowski@intel.com/ Signed-off-by: Xu Kuohai Link: https://lore.kernel.org/r/20240826071624.350108-3-xukuohai@huaweicloud.com Signed-off-by: Alexei Starovoitov commit bd737fcb64856d582335a7245be60fbb591c0bfd Author: Xu Kuohai Date: Mon Aug 26 15:16:23 2024 +0800 bpf, arm64: Get rid of fpb bpf prog accesses stack using BPF_FP as the base address and a negative immediate number as offset. But arm64 ldr/str instructions only support non-negative immediate number as offset. To simplify the jited result, commit 5b3d19b9bd40 ("bpf, arm64: Adjust the offset of str/ldr(immediate) to positive number") introduced FPB to represent the lowest stack address that the bpf prog being jited may access, and with this address as the baseline, it converts BPF_FP plus negative immediate offset number to FPB plus non-negative immediate offset. Considering that for a given bpf prog, the jited stack space is fixed with A64_SP as the lowest address and BPF_FP as the highest address. Thus we can get rid of FPB and converts BPF_FP plus negative immediate offset to A64_SP plus non-negative immediate offset. Signed-off-by: Xu Kuohai Link: https://lore.kernel.org/r/20240826071624.350108-2-xukuohai@huaweicloud.com Signed-off-by: Alexei Starovoitov commit b290af0500f09577ad40b9f716d551fd65ceff25 Author: Thorsten Blum Date: Wed Jul 10 23:00:35 2024 +0200 drm/tegra: hub: Use fn parameter directly to fix Coccinelle warning The function parameter out can be used directly instead of assigning it to a temporary u64 variable first. Remove the local variable tmp2 and use the parameter out directly as the divisor in do_div() to remove the following Coccinelle/coccicheck warning reported by do_div.cocci: WARNING: do_div() does a 64-by-32 division, please consider using div64_u64 instead Signed-off-by: Thorsten Blum Signed-off-by: Thierry Reding Link: https://patchwork.freedesktop.org/patch/msgid/20240710210034.796032-2-thorsten.blum@toblux.com commit f790b5c09665cab0d51dfcc84832d79d2b1e6c0e Author: Ulf Hansson Date: Tue Jul 23 16:46:07 2024 +0200 drm/tegra: gr3d: Convert into dev_pm_domain_attach|detach_list() Rather than hooking up the PM domains through devm_pm_opp_attach_genpd() and manage the device-link, let's avoid the boilerplate-code by converting into dev_pm_domain_attach|detach_list. Signed-off-by: Ulf Hansson Signed-off-by: Thierry Reding Link: https://patchwork.freedesktop.org/patch/msgid/20240723144610.564273-2-ulf.hansson@linaro.org commit 9719c7b8f33bc0268cf76656cfb6244f37586066 Author: Lu Baolu Date: Mon Aug 12 15:16:05 2024 +0800 gpu: host1x: Use iommu_paging_domain_alloc() An iommu domain is allocated in host1x_iommu_attach() and is attached to host->dev. Use iommu_paging_domain_alloc() to make it explicit. Signed-off-by: Lu Baolu Reviewed-by: Jason Gunthorpe Link: https://lore.kernel.org/r/20240610085555.88197-8-baolu.lu@linux.intel.com Signed-off-by: Thierry Reding Link: https://patchwork.freedesktop.org/patch/msgid/20240812071605.9513-1-baolu.lu@linux.intel.com commit 4c27ac45e6224ea0ca2d2e5dce64e3df122d27c7 Author: Mikko Perttunen Date: Fri May 31 10:07:18 2024 +0300 gpu: host1x: Request syncpoint IRQs only during probe Syncpoint IRQs are currently requested in a code path that runs during resume. Due to this, we get multiple overlapping registered interrupt handlers as host1x is suspended and resumed. Rearrange interrupt code to only request IRQs during initialization. Signed-off-by: Mikko Perttunen Signed-off-by: Thierry Reding Link: https://patchwork.freedesktop.org/patch/msgid/20240531070719.2138-1-cyndis@kapsi.fi commit bad928d2cae5d4d5ec1474ae7428a797fb34c111 Author: Vignesh Raman Date: Tue Aug 20 12:38:16 2024 +0530 drm/ci: increase timeout for all jobs Set the timeout of all drm-ci jobs to 1h30m since some jobs takes more than 1 hour to complete. Signed-off-by: Vignesh Raman Acked-by: Helen Koike Acked-by: Rob Clark Signed-off-by: Helen Koike Link: https://patchwork.freedesktop.org/patch/msgid/20240820070818.1124403-1-vignesh.raman@collabora.com commit eea2b5d9bc41478796b3e8dd3c9a16b49671d36c Merge: 7eb42da6ab4a96 8396c793ffdf28 Author: Ulf Hansson Date: Wed Aug 28 17:21:31 2024 +0200 mmc: Merge branch fixes into next Merge the mmc fixes for v6.11-rc[n] into the next branch, to allow them to get tested together with the new mmc changes that are targeted for v6.12. Signed-off-by: Ulf Hansson commit 7eb42da6ab4a963677e3f692c4debdcc781cf4c9 Author: Liming Sun Date: Tue Aug 27 12:40:16 2024 -0400 mmc: sdhci-of-dwcmshc: Add hw_reset() support for BlueField-3 SoC The eMMC RST_N register is implemented as secure register on the BlueField-3 SoC and controlled by TF-A. This commit adds the hw_reset() support which sends an SMC call to TF-A for the eMMC HW reset. Reviewed-by: David Thompson Signed-off-by: Liming Sun Link: https://lore.kernel.org/r/20240827164016.237617-1-limings@nvidia.com Signed-off-by: Ulf Hansson commit aec8485f226c36eb4eea1d489772cd6f2c40144d Author: Neil Armstrong Date: Wed Aug 28 17:04:20 2024 +0200 drm/panel: add BOE tv101wum-ll2 panel driver Add support for the 1200x1920 BOE TV101WUM-LL2 DSI Display Panel found in the Lenovo Smart Tab M10 tablet. The controller is unknown. Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20240828-topic-sdm450-upstream-tbx605f-panel-v3-2-b792f93e1d6b@linaro.org Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240828-topic-sdm450-upstream-tbx605f-panel-v3-2-b792f93e1d6b@linaro.org commit 1da04eac69197032813940426b73fff6f0a84c64 Author: Neil Armstrong Date: Wed Aug 28 17:04:19 2024 +0200 dt-bindings: display: panel: document BOE TV101WUM-LL2 DSI Display Panel Document the 1200x1920 BOE TV101WUM-LL2 DSI Display Panel found in the Lenovo Smart Tab M10 tablet. The controller is unknown. Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240828-topic-sdm450-upstream-tbx605f-panel-v3-1-b792f93e1d6b@linaro.org Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240828-topic-sdm450-upstream-tbx605f-panel-v3-1-b792f93e1d6b@linaro.org commit 7fbabbb4ae2a7203861e4db363e3c861a4df260e Merge: 47ac09b91befbb 4acaddf5d1e788 Author: Christian Brauner Date: Wed Aug 28 16:54:05 2024 +0200 Merge patch series "Subject: sort out the fallocate mode mess" Christoph Hellwig says: I've recently been looking at the XFS fallocate implementation and got upset about the messing parsing of the mode argument, which mixes modes and an optional flag in a really confusing way. This series tries to clean this up by better defining what is the operation mode and what is an optional flag, so that both the core code and file systems can use switch statements to switch on the mode. * patches from https://lore.kernel.org/r/20240827065123.1762168-1-hch@lst.de: xfs: refactor xfs_file_fallocate xfs: move the xfs_is_always_cow_inode check into xfs_alloc_file_space xfs: call xfs_flush_unmap_range from xfs_free_file_space fs: sort out the fallocate mode vs flag mess ext4: remove tracing for FALLOC_FL_NO_HIDE_STALE block: remove checks for FALLOC_FL_NO_HIDE_STALE Link: https://lore.kernel.org/r/20240827065123.1762168-1-hch@lst.de Signed-off-by: Christian Brauner commit 4acaddf5d1e78814d26df3ff02d5e410d951ff32 Author: Christoph Hellwig Date: Tue Aug 27 08:50:50 2024 +0200 xfs: refactor xfs_file_fallocate Refactor xfs_file_fallocate into separate helpers for each mode, two factors for i_size handling and a single switch statement over the supported modes. Signed-off-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240827065123.1762168-7-hch@lst.de Reviewed-by: Darrick J. Wong Signed-off-by: Christian Brauner commit 72f4d525709b6450d181fcfcc296d879f3d0b249 Author: Christoph Hellwig Date: Tue Aug 27 08:50:49 2024 +0200 xfs: move the xfs_is_always_cow_inode check into xfs_alloc_file_space Move the xfs_is_always_cow_inode check from the caller into xfs_alloc_file_space to prepare for refactoring of xfs_file_fallocate. Signed-off-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240827065123.1762168-6-hch@lst.de Reviewed-by: Darrick J. Wong Signed-off-by: Christian Brauner commit 1df1d3b2dcaa8a4ff736bf6351ca1a15d924a40f Author: Christoph Hellwig Date: Tue Aug 27 08:50:48 2024 +0200 xfs: call xfs_flush_unmap_range from xfs_free_file_space Call xfs_flush_unmap_range from xfs_free_file_space so that xfs_file_fallocate doesn't have to predict which mode will call it. Signed-off-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240827065123.1762168-5-hch@lst.de Reviewed-by: Darrick J. Wong Signed-off-by: Christian Brauner commit 57413d8e172c10c90fbd91f98d0f7d8eb27e824c Author: Christoph Hellwig Date: Tue Aug 27 08:50:47 2024 +0200 fs: sort out the fallocate mode vs flag mess The fallocate system call takes a mode argument, but that argument contains a wild mix of exclusive modes and an optional flags. Replace FALLOC_FL_SUPPORTED_MASK with FALLOC_FL_MODE_MASK, which excludes the optional flag bit, so that we can use switch statement on the value to easily enumerate the cases while getting the check for duplicate modes for free. To make this (and in the future the file system implementations) more readable also add a symbolic name for the 0 mode used to allocate blocks. Signed-off-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240827065123.1762168-4-hch@lst.de Reviewed-by: Darrick J. Wong Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit f951171044762a0d179caf9f1addcdbc7cb533bf Author: Christoph Hellwig Date: Tue Aug 27 08:50:46 2024 +0200 ext4: remove tracing for FALLOC_FL_NO_HIDE_STALE FALLOC_FL_NO_HIDE_STALE can't make it past vfs_fallocate (and if the flag does what the name implies that's a good thing as it would be highly dangerous). Remove the dead tracing code for it. Signed-off-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240827065123.1762168-3-hch@lst.de Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit ad01dadaa9dc1e8aed1aa372d2a030407835137f Author: Christoph Hellwig Date: Tue Aug 27 08:50:45 2024 +0200 block: remove checks for FALLOC_FL_NO_HIDE_STALE While the FALLOC_FL_NO_HIDE_STALE value has been registered, it has always been rejected by vfs_fallocate before making it into blkdev_fallocate because it isn't in the supported mask. Signed-off-by: Christoph Hellwig Link: https://lore.kernel.org/r/20240827065123.1762168-2-hch@lst.de Reviewed-by: Darrick J. Wong Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit f6f84be089c9d6f5e3e1228c389e51c7ae7bad1a Author: Md Haris Iqbal Date: Fri Aug 9 15:53:46 2024 +0200 block/rnbd-srv: Add sanity check and remove redundant assignment The bio->bi_iter.bi_size is updated when bio_add_page() is called. So we do not need to assign msg->bi_size again to it, since its redudant and can also be harmful. Instead we can use it to add a sanity check, which checks the locally calculated bi_size, with the one sent in msg. Signed-off-by: Md Haris Iqbal Signed-off-by: Jack Wang Signed-off-by: Grzegorz Prajsner Link: https://lore.kernel.org/r/20240809135346.978320-1-haris.iqbal@ionos.com Signed-off-by: Jens Axboe commit 97843315a2e1010d4659eee57e0e38f414ff3269 Author: Melissa Wen Date: Sat May 25 16:26:28 2024 +0200 MAINTAINERS: remove myself as a VKMS maintainer I haven't been able to follow or review the work on the driver for some time now and I don't see the situation improving anytime soon. I'd like to continue being listed as a reviewer. Signed-off-by: Melissa Wen Acked-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240525142637.82586-1-melissa.srw@gmail.com commit 379cad69bdfe522e840ed5f5c01ac8769006d53e Author: Thomas Hellström Date: Mon Aug 26 16:34:50 2024 +0200 drm/xe: Use separate rpm lockdep map for non-d3cold-capable devices For non-d3cold-capable devices we'd like to be able to wake up the device from reclaim. In particular, for Lunar Lake we'd like to be able to blit CCS metadata to system at shrink time; at least from kswapd where it's reasonable OK to wait for rpm resume and a preceding rpm suspend. Therefore use a separate lockdep map for such devices and prime it reclaim-tainted. v2: - Rename lockmap acquire- and release functions. (Rodrigo Vivi). - Reinstate the old xe_pm_runtime_lockdep_prime() function and rename it to xe_rpm_might_enter_cb(). (Matthew Auld). - Introduce a separate xe_pm_runtime_lockdep_prime function called from module init for known required locking orders. v3: - Actually hook up the prime function at module init. v4: - Rebase. v5: - Don't use reclaim-safe RPM with sriov. Cc: "Vivi, Rodrigo" Cc: "Auld, Matthew" Signed-off-by: Thomas Hellström Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240826143450.92511-1-thomas.hellstrom@linux.intel.com commit 5d4b29c2bf1b2b08522c48f211311404b8075bd1 Author: Chukun Pan Date: Tue Aug 20 20:00:20 2024 +0800 arm64: dts: rockchip: disable display subsystem only for Radxa E25 The SoM board has reserved HDMI output, while the Radxa E25 is not connected. So disable the display subsystem only for Radxa E25. Signed-off-by: Chukun Pan Reviewed-by: Dragan Simic Link: https://lore.kernel.org/r/20240820120020.469375-1-amadeus@jmu.edu.cn Signed-off-by: Heiko Stuebner commit b728d4c51f0ce9207daf502f3a85073785c46319 Author: FUKAUMI Naoki Date: Mon Aug 26 17:04:56 2024 +0900 arm64: dts: rockchip: enable PCIe on M.2 E key for Radxa ROCK 5A Enable pcie2x1l2 and related combphy/regulator routed to M.2 E key connector on Radxa ROCK 5A. Tested with Radxa Wireless Module A8: $ lspci 0004:40:00.0 PCI bridge: Rockchip Electronics Co., Ltd RK3588 (rev 01) 0004:41:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8852BE PCIe 802.11ax Wireless Network Controller $ ip l 1: lo: mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: end0: mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether c2:58:fc:70:55:86 brd ff:ff:ff:ff:ff:ff 3: wlP4p65s0: mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/ether 2c:05:47:65:5b:ed brd ff:ff:ff:ff:ff:ff $ lsusb Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 001 Device 002: ID 1a40:0101 Terminus Technology Inc. Hub Bus 001 Device 003: ID 0bda:b85b Realtek Semiconductor Corp. Bluetooth Radio Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 004 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 005 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 006 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 006 Device 002: ID 0789:0336 Logitec Corp. LMD USB Device Bus 007 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 008 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub $ hciconfig hci0: Type: Primary Bus: USB BD Address: 2C:05:47:65:5B:EE ACL MTU: 1021:6 SCO MTU: 255:12 UP RUNNING RX bytes:2698 acl:0 sco:0 events:329 errors:0 TX bytes:69393 acl:0 sco:0 commands:329 errors:0 Signed-off-by: FUKAUMI Naoki Link: https://lore.kernel.org/r/20240826080456.525-1-naoki@radxa.com Signed-off-by: Heiko Stuebner commit b8ac0cf405c2092decc5cc102ed3a2d5d3200ab4 Author: FUKAUMI Naoki Date: Mon Aug 26 16:51:29 2024 +0900 arm64: dts: rockchip: remove unnecessary properties for Radxa ROCK 5A There is no "on-board WLAN/BT chip" on Radxa ROCK 5A. remove related properties. Fixes: 1642bf66e270 ("arm64: dts: rockchip: add USB2 to rk3588s-rock5a") Signed-off-by: FUKAUMI Naoki Link: https://lore.kernel.org/r/20240826075130.546-1-naoki@radxa.com Signed-off-by: Heiko Stuebner commit 251e5ade9ba43f44f60713310f89e0f4495a2088 Author: Junhao Xie Date: Mon Aug 26 19:02:26 2024 +0800 arm64: dts: rockchip: add dts for LCKFB Taishan Pi RK3566 Add dts for LCKFB Taishan Pi. Working IO: * UART * RGB LED * AP6212 WiFi * AP6212 Bluetooth * SD Card * eMMC * HDMI * USB Type-C * USB Type-A Signed-off-by: Junhao Xie Link: https://lore.kernel.org/r/20240826110300.735350-1-bigfoot@classfun.cn Signed-off-by: Heiko Stuebner commit d7bcc37436c7d373a715d48a7cd74cd3b1724a68 Author: Anshuman Khandual Date: Thu Aug 22 10:18:53 2024 +0530 lib/test_bits.c: Add tests for GENMASK_U128() This adds GENMASK_U128() tests although currently only 64 bit wide masks are being tested. Cc: Andrew Morton Cc: linux-kernel@vger.kernel.org Reviewed-by: Arnd Bergmann Signed-off-by: Anshuman Khandual Signed-off-by: Yury Norov commit 947697c6f0f75f9866f2f891a102dece7a09a064 Author: Anshuman Khandual Date: Thu Aug 22 10:18:52 2024 +0530 uapi: Define GENMASK_U128 This adds GENMASK_U128() and __GENMASK_U128() macros using __BITS_PER_U128 and __int128 data types. These macros will be used in providing support for generating 128 bit masks. The macros wouldn't work in all assembler flavors for reasons described in the comments on top of declarations. Enforce it for more by adding !__ASSEMBLY__ guard. Cc: Yury Norov Cc: Rasmus Villemoes Cc: Arnd Bergmann > Cc: linux-kernel@vger.kernel.org Cc: linux-arch@vger.kernel.org Reviewed-by: Arnd Bergmann Signed-off-by: Anshuman Khandual Signed-off-by: Yury Norov commit 4d4b28ba3a0f84f641febc9de4252ba0bad2238d Author: Junhao Xie Date: Mon Aug 26 12:44:12 2024 +0800 dt-bindings: arm: rockchip: Add LCKFB Taishan Pi RK3566 This documents LCKFB Taishan Pi which is a SBC based on the RK3566 SoC. Signed-off-by: Junhao Xie Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240826044530.726458-3-bigfoot@classfun.cn Signed-off-by: Heiko Stuebner commit d6ec4fefbe9eac0363e9d05c05010686d6790428 Author: Junhao Xie Date: Mon Aug 26 12:44:11 2024 +0800 dt-bindings: vendor-prefixes: Add Shenzhen JLC Technology Group LCKFB Add an entry for Shenzhen JLC Technology LCKFB (https://lckfb.com/) Signed-off-by: Junhao Xie Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240826044530.726458-2-bigfoot@classfun.cn Signed-off-by: Heiko Stuebner commit 789e51597d33ec0053b029127d797d86c0d857eb Author: Nirmoy Das Date: Wed Aug 28 10:36:35 2024 +0200 Revert "drm/ttm: Add a flag to allow drivers to skip clear-on-free" Remove TTM_TT_FLAG_CLEARED_ON_FREE now that XE stopped using this flag. This reverts commit decbfaf06db05fa1f9b33149ebb3c145b44e878f. Cc: Christian König Cc: Himal Prasad Ghimiray Cc: Lucas De Marchi Cc: Matthew Auld Cc: Matthew Brost Cc: Thomas Hellström Signed-off-by: Nirmoy Das Reviewed-by: Thomas Hellström Link: https://patchwork.freedesktop.org/patch/msgid/20240828083635.23601-2-nirmoy.das@intel.com Signed-off-by: Lucas De Marchi commit 7546a8201ba288530ed1bbf2a8bdcce5e034a234 Author: Nirmoy Das Date: Wed Aug 28 10:36:34 2024 +0200 Revert "drm/xe/lnl: Offload system clear page activity to GPU" This optimization relied on having to clear CCS on allocations. If there is no need to clear CCS on allocations then this would mostly help in reducing CPU utilization. Revert this patch at this moment because of: 1 Currently Xe can't do clear on free and using a invalid ttm flag, TTM_TT_FLAG_CLEARED_ON_FREE which could poison global ttm pool on multi-device setup. 2 Also for LNL CPU:WB doesn't require clearing CCS as such BO will not be allowed to bind with compression PTE. Subsequent patch will disable clearing CCS for CPU:WB BOs for LNL. This reverts commit 23683061805be368c8d1c7e7ff52abc470cac275. Cc: Christian König Cc: Himal Prasad Ghimiray Cc: Lucas De Marchi Cc: Matthew Auld Cc: Matthew Brost Cc: Thomas Hellström Reviewed-by: Thomas Hellström Signed-off-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240828083635.23601-1-nirmoy.das@intel.com Signed-off-by: Lucas De Marchi commit 10dc64fe0f980c47c7e747885ddf7a8c12780337 Author: Jonas Karlman Date: Tue Aug 27 21:18:18 2024 +0000 arm64: dts: rockchip: Add Hardkernel ODROID-M1S The Hardkernel ODROID-M1S is a single-board computer based on Rockchip RK3566 SoC. It features e.g. 4/8 GB LPDDR4 RAM, 64 GB eMMC, SD-card, GbE LAN, HDMI 2.0, M.2 NVMe and USB 2.0/3.0. Add initial support for eMMC, SD-card, Ethernet, HDMI, PCIe and USB. Signed-off-by: Jonas Karlman Link: https://lore.kernel.org/r/20240827211825.1419820-5-jonas@kwiboo.se Signed-off-by: Heiko Stuebner commit 611a434a7d3387fc0eee50cfcc318cc237c1d489 Author: Jonas Karlman Date: Tue Aug 27 21:18:17 2024 +0000 dt-bindings: arm: rockchip: Add Hardkernel ODROID-M1S The Hardkernel ODROID-M1S is a single-board computer based on Rockchip RK3566 SoC. It features e.g. 4/8 GB LPDDR4 RAM, 64 GB eMMC, SD-card, GbE LAN, HDMI 2.0, M.2 NVMe and USB 2.0/3.0. Add devicetree binding documentation for the Hardkernel ODROID-M1S board. Signed-off-by: Jonas Karlman Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240827211825.1419820-4-jonas@kwiboo.se Signed-off-by: Heiko Stuebner commit 735065e774dcfc62e38df01a535862138b6c92ed Author: Jonas Karlman Date: Tue Aug 27 21:18:16 2024 +0000 arm64: dts: rockchip: Correct vendor prefix for Hardkernel ODROID-M1 The vendor prefix for Hardkernel ODROID-M1 is incorrectly listed as rockchip. Use the proper hardkernel vendor prefix for this board, while at it also drop the redundant soc prefix. Fixes: fd3583267703 ("arm64: dts: rockchip: Add Hardkernel ODROID-M1 board") Reviewed-by: Aurelien Jarno Signed-off-by: Jonas Karlman Link: https://lore.kernel.org/r/20240827211825.1419820-3-jonas@kwiboo.se Signed-off-by: Heiko Stuebner commit fa63d087bbf67ca907a8ee6ab54f9932cd02f919 Author: Jonas Karlman Date: Tue Aug 27 21:18:15 2024 +0000 dt-bindings: arm: rockchip: Correct vendor for Hardkernel ODROID-M1 The vendor prefix for Hardkernel ODROID-M1 is incorrectly listed as rockchip. Use the proper hardkernel vendor prefix for this board, while at it also drop the redundant soc prefix. Fixes: 19cc53eb2ce6 ("dt-bindings: rockchip: Add Hardkernel ODROID-M1 board") Reviewed-by: Aurelien Jarno Signed-off-by: Jonas Karlman Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240827211825.1419820-2-jonas@kwiboo.se Signed-off-by: Heiko Stuebner commit 63556df6acdd737b75d9a7a8b906cd1c1bc8e2aa Author: Frank Li Date: Thu Aug 1 17:46:01 2024 -0400 dt-bindings: dma: fsl-mxs-dma: Add compatible string "fsl,imx8qxp-dma-apbh" Add compatible string "fsl,imx8qxp-dma-apbh". It requires power-domains compared with "fsl,imx28-dma-apbh". Allow 'power-domains' property because i.MX8DXL i.MX8QM and i.MX8QXP need it. Keep the same restriction about 'power-domains' for other compatible strings. Reviewed-by: Rob Herring (Arm) Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20240801214601.2620843-1-Frank.Li@nxp.com Signed-off-by: Vinod Koul commit ae0acef3822ed8908e83cd24f337891e6be64eba Author: Marek Szyprowski Date: Wed Aug 28 14:28:34 2024 +0200 regcache: use map->alloc_flags also for allocating cache Commit fd4ebc07b4df ("regmap: Hold the regmap lock when allocating and freeing the cache") introduced a locking around the allocating and freeing a regmap cache, so adjust the memory allocation flags to the ones given in the regmap configuration instead of the hardcoded GFP_KERNEL. This fixes the "BUG: sleeping function called from invalid context" introduced by the mentioned commit. Fixes: fd4ebc07b4df ("regmap: Hold the regmap lock when allocating and freeing the cache") Signed-off-by: Marek Szyprowski Link: https://patch.msgid.link/20240828122834.3778031-1-m.szyprowski@samsung.com Signed-off-by: Mark Brown commit 75560718e83bede12d70b2a6b6940089477f58e4 Author: Hongbo Li Date: Wed Aug 28 20:28:29 2024 +0800 ASoC: dapm: Use IS_ERR_OR_NULL() helper function Use the IS_ERR_OR_NULL() helper instead of open-coding a NULL and an error pointer checks to simplify the code and improve readability. Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240828122829.3697502-1-lihongbo22@huawei.com Signed-off-by: Mark Brown commit 174c306321355d8a189b8f01fcc3f897ba13f227 Author: Jonathan Liu Date: Wed Aug 28 17:47:53 2024 +1000 arm64: dts: rockchip: Enable RK809 audio codec for Radxa ROCK 4C+ This adds the necessary device tree changes to enable analog audio output for the 3.5 mm TRS headphone jack on the Radxa ROCK 4C+ with its RK809 audio codec. Signed-off-by: Jonathan Liu Link: https://lore.kernel.org/r/20240828074755.1320692-1-net147@gmail.com Signed-off-by: Heiko Stuebner commit 2fe6102bf01a5f4f48f211c2e5c8a274342fccb1 Author: Bastien Curutchet Date: Wed Aug 28 08:31:31 2024 +0200 spi: davinci: Adapt transfer's timeout to transfer's length The timeout used when waiting for transfer's completion is always set to HZ. This isn't enough if a transfer is too large or if the bus speed is too low. Use the bus speed and the transfer length to calculate an appropriate timeout Signed-off-by: Bastien Curutchet Link: https://patch.msgid.link/20240828063131.10507-1-bastien.curutchet@bootlin.com Signed-off-by: Mark Brown commit 6166b1c0084e059af539c93a9d48afe44220dbef Author: Jianfeng Liu Date: Tue Aug 27 20:10:21 2024 +0200 arm64: dts: rockchip: Add VPU121 support for RK3588 Enable Hantro G1 video decoder in RK3588's devicetree. Tested with FFmpeg v4l2_request code taken from [1] with MPEG2, H.264 and VP8 samples. [1] https://github.com/LibreELEC/LibreELEC.tv/blob/master/packages/multimedia/ffmpeg/patches/v4l2-request/ffmpeg-001-v4l2-request.patch Signed-off-by: Jianfeng Liu Tested-by: Hugh Cole-Baker Signed-off-by: Sebastian Reichel Link: https://lore.kernel.org/r/20240827181206.147617-3-sebastian.reichel@collabora.com Signed-off-by: Heiko Stuebner commit cc0a05865cd5ff2a12479ab85093ed203af10520 Author: Emmanuel Gil Peyrot Date: Tue Aug 27 20:10:20 2024 +0200 arm64: dts: rockchip: Add VEPU121 to RK3588 RK3588 has 4 Hantro G1 encoder-only cores. They are all independent IP, but can be used as a cluster (i.e. sharing work between the cores). These cores are called VEPU121 in the TRM. The TRM describes one more VEPU121, but that is combined with a Hantro H1. That one will be handled using the VPU binding instead. Signed-off-by: Emmanuel Gil Peyrot Signed-off-by: Sebastian Reichel Link: https://lore.kernel.org/r/20240827181206.147617-2-sebastian.reichel@collabora.com Signed-off-by: Heiko Stuebner commit 2d10b05bcef685572ce8962ecb0936952915d954 Author: Yue Haibing Date: Sat Aug 24 17:16:29 2024 +0800 RDMA/cxgb4: Remove unused declarations Since commit be4c9bad9d0e ("MAINTAINERS: Add cxgb4 and iw_cxgb4 entries") c4iw_post_terminate() declaration is not used anymore. And other declarations were never implemented since introduction in commit cfdda9d76436 ("RDMA/cxgb4: Add driver for Chelsio T4 RNIC"). Signed-off-by: Yue Haibing Link: https://patch.msgid.link/20240824091629.3659565-1-yuehaibing@huawei.com Signed-off-by: Leon Romanovsky commit e5bba9e0276441d53e976a932e728e8ced019a8d Author: Jack Wang Date: Wed Aug 21 13:22:17 2024 +0200 RDMA/rtrs-clt: Remove an extra space No functional changes. Signed-off-by: Jack Wang Signed-off-by: Alexei Pastuchov Signed-off-by: Grzegorz Prajsner Signed-off-by: Md Haris Iqbal Link: https://patch.msgid.link/20240821112217.41827-12-haris.iqbal@ionos.com Signed-off-by: Leon Romanovsky commit bab9f8db4295c09df6fea5d197798186d01b8226 Author: Jack Wang Date: Wed Aug 21 13:22:16 2024 +0200 RDMA/rtrs-clt: Do local invalidate after write io completion Switch local invalidate after write io completion avoid the chain usage of WR, this fixed the local protection error on LOCAL INVALIDATE WR. Signed-off-by: Jack Wang Signed-off-by: Md Haris Iqbal Signed-off-by: Grzegorz Prajsner Link: https://patch.msgid.link/20240821112217.41827-11-haris.iqbal@ionos.com Signed-off-by: Leon Romanovsky commit 667db86bcbe82e789d82c2e8c8c40756ec2e1999 Author: Grzegorz Prajsner Date: Wed Aug 21 13:22:15 2024 +0200 RDMA/rtrs: Register ib event handler Use ib_register_event_handler() to register event handlers for both client and server side. For now, all those handlers do, is to print type of incoming event. Signed-off-by: Grzegorz Prajsner Signed-off-by: Jack Wang Signed-off-by: Md Haris Iqbal Link: https://patch.msgid.link/20240821112217.41827-10-haris.iqbal@ionos.com Signed-off-by: Leon Romanovsky commit d0e62bf7b575fbfe591f6f570e7595dd60a2f5eb Author: Md Haris Iqbal Date: Wed Aug 21 13:22:14 2024 +0200 RDMA/rtrs-srv: Avoid null pointer deref during path establishment For RTRS path establishment, RTRS client initiates and completes con_num of connections. After establishing all its connections, the information is exchanged between the client and server through the info_req message. During this exchange, it is essential that all connections have been established, and the state of the RTRS srv path is CONNECTED. So add these sanity checks, to make sure we detect and abort process in error scenarios to avoid null pointer deref. Signed-off-by: Md Haris Iqbal Signed-off-by: Jack Wang Signed-off-by: Grzegorz Prajsner Link: https://patch.msgid.link/20240821112217.41827-9-haris.iqbal@ionos.com Signed-off-by: Leon Romanovsky commit ff7395890580447507b27851c06e396f75913443 Author: Jack Wang Date: Wed Aug 21 13:22:13 2024 +0200 RDMA/rtrs-clt: Print request type for errors Extend the output to print also the request type. Signed-off-by: Jack Wang Signed-off-by: Grzegorz Prajsner Signed-off-by: Md Haris Iqbal Link: https://patch.msgid.link/20240821112217.41827-8-haris.iqbal@ionos.com Signed-off-by: Leon Romanovsky commit 3e4289b29e216a55d08a89e126bc0b37cbad9f38 Author: Md Haris Iqbal Date: Wed Aug 21 13:22:12 2024 +0200 RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds In the function init_conns(), after the create_con() and create_cm() for loop if something fails. In the cleanup for loop after the destroy tag, we access out of bound memory because cid is set to clt_path->s.con_num. This commits resets the cid to clt_path->s.con_num - 1, to stay in bounds in the cleanup loop later. Fixes: 6a98d71daea1 ("RDMA/rtrs: client: main functionality") Signed-off-by: Md Haris Iqbal Signed-off-by: Jack Wang Signed-off-by: Grzegorz Prajsner Link: https://patch.msgid.link/20240821112217.41827-7-haris.iqbal@ionos.com Signed-off-by: Leon Romanovsky commit 6793f9581f75d98c5ba0753e863a5442a9dff07c Author: Jack Wang Date: Wed Aug 21 13:22:11 2024 +0200 RDMA/rtrs-clt: Reuse need_inval from mr mr has a member need_inval, which can be used to indicate if local invalidate is needed, switch to it and remove need_inv from rtrs_clt_io_req. Signed-off-by: Jack Wang Signed-off-by: Md Haris Iqbal Signed-off-by: Grzegorz Prajsner Link: https://patch.msgid.link/20240821112217.41827-6-haris.iqbal@ionos.com Signed-off-by: Leon Romanovsky commit 3258cbbd86deaa2675e1799bc3d18bd1ef472641 Author: Jack Wang Date: Wed Aug 21 13:22:10 2024 +0200 RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer Reset hb_missed_cnt after receiving traffic from other peer, so hb is more robust again high load on host or network. Fixes: 6a98d71daea1 ("RDMA/rtrs: client: main functionality") Signed-off-by: Jack Wang Signed-off-by: Md Haris Iqbal Signed-off-by: Grzegorz Prajsner Link: https://patch.msgid.link/20240821112217.41827-5-haris.iqbal@ionos.com Signed-off-by: Leon Romanovsky commit 53c26f3ecd59e8024692cea339c35f9aceb0f178 Author: Jack Wang Date: Wed Aug 21 13:22:09 2024 +0200 RDMA/rtrs-clt: Rate limit errors in IO path On network errors, a large number of these logs are printed due to all the inflight IOs, rate limit them so they do not clutter kernel log. Signed-off-by: Jack Wang Signed-off-by: Md Haris Iqbal Signed-off-by: Grzegorz Prajsner Link: https://patch.msgid.link/20240821112217.41827-4-haris.iqbal@ionos.com Signed-off-by: Leon Romanovsky commit 8c8dd4e13bd5a716a0a2fa58e7e2f08b4af073f7 Author: Jack Wang Date: Wed Aug 21 13:22:08 2024 +0200 RDMA/rtrs-clt: Fix need_inv setting in error case In some cases need_inv can be missed for write requests, additionally driver has to handle missing invalidates for write requests. While at it, remove the else case from write invalidate path as it is possible to reach there. Signed-off-by: Jack Wang Signed-off-by: Md Haris Iqbal Signed-off-by: Grzegorz Prajsner Link: https://patch.msgid.link/20240821112217.41827-3-haris.iqbal@ionos.com Signed-off-by: Leon Romanovsky commit 4842cfb07a4faa4b9768e496925e48b50875ee13 Author: Md Haris Iqbal Date: Wed Aug 21 13:22:07 2024 +0200 RDMA/rtrs: For HB error add additional clt/srv specific logging In case of HB error, we need to know the specific path on which it happened, for better debugging. Since the clt/srv path structures are not available in rtrs.c, it needs to be done in the individual HB error handler. This commit add those loging. A sample kernel log output after this commit: rtrs_core L357: : HB missed max reached. rtrs_server L717: : HB err handler for path=ip:x.x.x.x@ip:x.x.x.x . . rtrs_core L357: : HB missed max reached. rtrs_client L1519: : HB err handler for path=ip:x.x.x.x@ip:x.x.x.x Signed-off-by: Md Haris Iqbal Reviewed-by: Jack Wang Signed-off-by: Grzegorz Prajsner Link: https://patch.msgid.link/20240821112217.41827-2-haris.iqbal@ionos.com Signed-off-by: Leon Romanovsky commit 34cd19288161313b6ba24004206ab6a64fdef7c5 Merge: 04e36fd27a2aeb 10a104c0debbb1 Author: Jason Gunthorpe Date: Tue Aug 27 10:32:25 2024 -0300 Merge branch 'bnxt_re_variable_wqes' into rdma.git for-next Selvin Xavier says: ============= Enable the Variable size Work Queue entry support for Gen P7 adapters. This would help in the better utilization of the queue memory and pci bandwidth due to the smaller send queue Work entries. ============= Based on v6.11-rc5 for dependencies. * bnxt_re_variable_wqes: (829 commits) RDMA/bnxt_re: Enable variable size WQEs for user space applications RDMA/bnxt_re: Handle variable WQE support for user applications RDMA/bnxt_re: Fix the table size for PSN/MSN entries RDMA/bnxt_re: Get the WQE index from slot index while completing the WQEs RDMA/bnxt_re: Add support for Variable WQE in Genp7 adapters Linux 6.11-rc5 ... Signed-off-by: Jason Gunthorpe commit 290f31e943a29c93532b1684652b04fd60d0f696 Author: Kuninori Morimoto Date: Mon Aug 26 23:41:57 2024 +0000 ASoC: soc-pcm: makes snd_soc_dpcm_can_be_xxx() local function No driver is calling snd_soc_dpcm_can_be_xxx() functions. We don't need to have EXPORT_SYMBOL_GPL() for them. Let's makes it static function. One note is that snd_soc_dpcm_fe_can_update() is not used in upstream. Use #if-endif and keep it for future support. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87h6b6df7e.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit 4dd4baa4408a15d50233e85bae611d576ef77b92 Author: Kuninori Morimoto Date: Mon Aug 26 23:41:52 2024 +0000 ASoC: soc-pcm: move snd_soc_dpcm_can_be_xxx() to top This patch moves snd_soc_dpcm_can_be_xxx() functions to top of soc-pcm.c This is prepare for cleanup. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87ikvmdf7j.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit 9307694f340e518cac0e007f39dd9ff0736e6144 Author: Maciej Strozek Date: Tue Aug 27 20:32:15 2024 +0800 ASoC: Intel: sof_sdw: Add quirks from some new Dell laptops Add quirks for some new Dell laptops using cs42l43's speaker outputs. Signed-off-by: Maciej Strozek Reviewed-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-18-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 1be6b1c689575e80a92d4f3bb85e22b805355059 Author: Charles Keepax Date: Tue Aug 27 20:32:14 2024 +0800 ASoC: Intel: soc-acpi: lnl: Add match entries for new cs42l43 laptops Add some new match table entries on Lunarlake for some coming cs42l43 laptops. Signed-off-by: Charles Keepax Reviewed-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-17-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 9ed85cb8c3af96028b2ba6209e9a8d2707e54f5d Author: Charles Keepax Date: Tue Aug 27 20:32:13 2024 +0800 ASoC: Intel: soc-acpi: adl: Add match entries for new cs42l43 laptops Add some new match table entries on Alderlake for some coming cs42l43 laptops. Signed-off-by: Charles Keepax Reviewed-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-16-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit c0524067653d07e78bc215220bc111b6e5e4a94d Author: Charles Keepax Date: Tue Aug 27 20:32:12 2024 +0800 ASoC: Intel: soc-acpi: arl: Add match entries for new cs42l43 laptops Add some new match table entries on Arrowlake for some coming cs42l43 laptops. Signed-off-by: Charles Keepax Reviewed-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-15-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 690640ef35a42ed96c89ab71788efef4c47766bf Author: Brent Lu Date: Tue Aug 27 20:32:11 2024 +0800 ASoC: Intel: skl_hda_dsp_generic: use sof_hdmi_private to init HDMI Use sof_hdmi_private structure instead of a link list of skl_hda_hdmi_pcm structure for HDMI dai link initialization since hdac-hdmi support is removed. Signed-off-by: Brent Lu Reviewed-by: Pierre-Louis Bossart Reviewed-by: Kai Vehmanen Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-14-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit a2a0312ac9ee3eb477a02f2706673cab6d375b07 Author: Brent Lu Date: Tue Aug 27 20:32:10 2024 +0800 ASoC: Intel: skl_hda_dsp_generic: remove hdac-hdmi support Since this machine driver has no longer been enumerated by SKL platform driver, we could remove hdac-hdmi support code just like what we did to other SOF machine drivers. Signed-off-by: Brent Lu Reviewed-by: Pierre-Louis Bossart Reviewed-by: Kai Vehmanen Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-13-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit e1580f48d4a5b739cfbfbce5de637bc34000dcad Author: Balamurugan C Date: Tue Aug 27 20:32:09 2024 +0800 ASoC: Intel: soc-acpi: Add entry for HDMI_In capture support in ARL match table Adding HDMI-In capture via I2S feature support in ARL platform. Signed-off-by: Balamurugan C Reviewed-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-12-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 26254073e74e9ea507fbd1f628adf428e545be6b Author: Balamurugan C Date: Tue Aug 27 20:32:08 2024 +0800 ASoC: Intel: soc-acpi: Add entry for sof_es8336 in ARL match table. Adding ES83x6 codec support for ARL platforms and entry in match table. Signed-off-by: Balamurugan C Reviewed-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-11-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 0752ba426a8182acbd083ca53fef32ddbf50e6d2 Author: Brent Lu Date: Tue Aug 27 20:32:07 2024 +0800 ASoC: Intel: skl_hda_dsp_generic: support BT audio offload Add BT offload BE link to dai link array if the BT offload link mask is valid (only one bit set). Signed-off-by: Brent Lu Reviewed-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-10-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 65dc80a78c5f42f5648396b218f50374cf1c2770 Author: Brent Lu Date: Tue Aug 27 20:32:06 2024 +0800 ASoC: SOF: Intel: hda: support BT link mask in mach_params Add an new variable bt_link_mask to snd_soc_acpi_mach_params structure. SSP port mask of BT offload found in NHLT table will be sent to machine driver to setup BE dai link with correct SSP port number. This patch only detects and enables the BT dailink. The functionality will only be unlocked with a topology file that makes a reference to that BT dailink. For backwards-compatibility reasons, this topology will not be used by default. Chromebooks and Linux users willing to experiment shall use the tplg_name kernel parameter to force the use of an enhanced topology. Signed-off-by: Brent Lu Reviewed-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-9-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 7db9f6361170a8caa32cc31d894fac1ba8dfc4f3 Author: Bard Liao Date: Tue Aug 27 20:32:05 2024 +0800 ASoC: Intel: sof_sdw: overwrite mach_params->dmic_num mach_params->dmic_num will be used to set the cfg-mics value of card->components string. Overwrite it to the actual number of PCH DMICs used in the device. Signed-off-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240827123215.258859-8-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 775c1a4aa640c701eb67d3954a375000d2be3af5 Author: Bard Liao Date: Tue Aug 27 20:32:04 2024 +0800 ASoC: Intel: sof_sdw: move ignore_internal_dmic check earlier dmic links will not be created if ctx->ignore_internal_dmic is set, and dmic_num should be 0 in this case. Move ignore_internal_dmic check earlier where dmic_num is set to get an accurate dmic_num. Signed-off-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240827123215.258859-7-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 85b66359c5a76ce613bd75460e4646e8a27b1e2f Author: Brent Lu Date: Tue Aug 27 20:32:03 2024 +0800 ASoC: SOF: Intel: hda: refactoring topology name fixup for SDW mach Remove SDW mach's topology name fixup code and use the code in hda_machine_select() to fixup its topology file name. No functional change in this commit. Compared with I2S/HDA mach, SDW mach always fixup topology file name with dmic num without using DMIC quirk flag and pass topology name with file extension to SOF driver. Therefore, we add extra code to remove file extension if it exists. Signed-off-by: Brent Lu Reviewed-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-6-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 5458411d75947a4212e50a401ec0a98d4c6c931b Author: Bard Liao Date: Tue Aug 27 20:32:02 2024 +0800 ASoC: SOF: Intel: hda: refactoring topology name fixup for HDA mach Move I2S mach's topology name fixup code to the end of machine driver enumeration flow so HDA mach could also use same code to fixup its topology file name as well. No functional change in this commit. Signed-off-by: Brent Lu Reviewed-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-5-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 14e91ddd5c02d8c3e5a682ebfa0546352b459911 Author: Pierre-Louis Bossart Date: Tue Aug 27 20:32:01 2024 +0800 ASoC: Intel: boards: always check the result of acpi_dev_get_first_match_dev() The code seems mostly copy-pasted, with some machine drivers forgetting to test if the 'adev' result is NULL. Add this check when missing, and use -ENOENT consistently as an error code. Reported-by: Dan Carpenter Closes: https://lore.kernel.org/alsa-devel/918944d2-3d00-465e-a9d1-5d57fc966113@stanley.mountain/T/#u Signed-off-by: Pierre-Louis Bossart Reviewed-by: Péter Ujfalusi Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-4-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 1ab959bea29c265d7d219346a72ed15b2490d956 Author: Bard Liao Date: Tue Aug 27 20:32:00 2024 +0800 ASoC: Intel: sof_sdw: add rt1320 amp support Add Realtek rt1320 amp support. Signed-off-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240827123215.258859-3-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 6785244f3dfd40fb0671c330de4e953cbc2e2846 Author: Pierre-Louis Bossart Date: Tue Aug 27 20:31:59 2024 +0800 ASoC: Intel: sof_sdw: make sof_sdw_quirk static There's no need to make this variable visible at a higher level. Signed-off-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://patch.msgid.link/20240827123215.258859-2-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 393556c9f56ced8d9776c32ce99f34913cfd904e Merge: 07f518c0a7023d e5700c9037727d Author: Hans Verkuil Date: Wed Aug 28 13:11:49 2024 +0200 Merge tag 'tags/next-media-videobuf-20240827' of git://git.kernel.org/pub/scm/linux/kernel/git/pinchartl/linux.git - videobuf2 regression fix Signed-off-by: Hans Verkuil From: Laurent Pinchart Link: https://patchwork.linuxtv.org/project/linux-media/patch/20240827122125.GA17846@pendragon.ideasonboard.com/ commit 07f518c0a7023ddf88b19e6d52117d7548044dfc Merge: c4d06789912338 a3d44f011c6b7a Author: Hans Verkuil Date: Wed Aug 28 13:10:55 2024 +0200 Merge tag 'next-media-20240826' of git://git.kernel.org/pub/scm/linux/kernel/git/pinchartl/linux.git Improvements to link validation in media graph. Signed-off-by: Hans Verkuil From: Laurent Pinchart Link: https://patchwork.linuxtv.org/project/linux-media/patch/20240826141040.GC11033@pendragon.ideasonboard.com/ commit c4d06789912338c40865d2e2cb92beaf0c4f0106 Merge: 75c357a8790203 89dd679303f4b4 Author: Hans Verkuil Date: Wed Aug 28 13:10:10 2024 +0200 Merge tag 'tags/next-media-renesas-20240825' of git://git.kernel.org/pub/scm/linux/kernel/git/pinchartl/linux.git Improvements to Renesas media drivers: - R-Car V4M support for VIN - Fix rzg2l-csi2 module auto-loading Signed-off-by: Hans Verkuil From: Laurent Pinchart Link: https://patchwork.linuxtv.org/project/linux-media/patch/20240824234307.GC9543@pendragon.ideasonboard.com/ commit 75c357a8790203c0a610e16ac4853bb60d800662 Merge: 6b7b4d9a33cb44 4fb5babe965768 Author: Hans Verkuil Date: Wed Aug 28 13:09:24 2024 +0200 Merge tag 'tags/next-media-imx-20240825' of git://git.kernel.org/pub/scm/linux/kernel/git/pinchartl/linux.git Improvements to i.MX media drivers: - Switch to RUNTIME/SYSTEM_SLEEP_PM_OPS() for better compile testing of the imx-mipi-csis and imx8mq-mipi-csi2 drivers - Improve real time behaviour of imx-mipi-csis by avoiding logging while holding a spin lock Signed-off-by: Hans Verkuil From: Laurent Pinchart Link: https://patchwork.linuxtv.org/project/linux-media/patch/20240824233233.GB9543@pendragon.ideasonboard.com/ commit 6b7b4d9a33cb4441a4f75fe0fa942b7d6efeb969 Merge: afe6ec667e8846 8c8389bba49d8c Author: Hans Verkuil Date: Wed Aug 28 13:08:12 2024 +0200 Merge tag 'tags/next-media-misc-20240825' of git://git.kernel.org/pub/scm/linux/kernel/git/pinchartl/linux.git Miscellaneous changes: mt9p031, starfive and v4l2-mc. Signed-off-by: Hans Verkuil From: Laurent Pinchart Link: https://patchwork.linuxtv.org/project/linux-media/patch/20240824233140.GA9543@pendragon.ideasonboard.com/ commit a55d1cbd1720679cfe9837bce250e397ec513989 Author: Christian Brauner Date: Thu Aug 22 16:14:46 2024 +0200 fs: switch f_iocb_flags and f_ra Now that we shrank struct file by 24 bytes we still have a 4 byte hole. If we move struct file_ra_state into the union and f_iocb_flags out of the union we close that whole and bring down struct file to 192 bytes. Which means struct file is 3 cachelines and we managed to shrink it by 40 bytes this cycle. I've tried to audit all codepaths that use f_ra and none of them seem to rely on it in file->f_op->release() and never have since commit 1da177e4c3f4 ("Linux-2.6.12-rc2"). Link: https://lore.kernel.org/r/20240823-luftdicht-berappen-d69a2166a0db@brauner Reviewed-by: Jeff Layton Reviewed-by: Jens Axboe Signed-off-by: Christian Brauner commit 1934b212615dc617ac84fc306333ab2b9fc3b04f Author: Christian Brauner Date: Fri Aug 9 18:00:01 2024 +0200 file: reclaim 24 bytes from f_owner We do embedd struct fown_struct into struct file letting it take up 32 bytes in total. We could tweak struct fown_struct to be more compact but really it shouldn't even be embedded in struct file in the first place. Instead, actual users of struct fown_struct should allocate the struct on demand. This frees up 24 bytes in struct file. That will have some potentially user-visible changes for the ownership fcntl()s. Some of them can now fail due to allocation failures. Practically, that probably will almost never happen as the allocations are small and they only happen once per file. The fown_struct is used during kill_fasync() which is used by e.g., pipes to generate a SIGIO signal. Sending of such signals is conditional on userspace having set an owner for the file using one of the F_OWNER fcntl()s. Such users will be unaffected if struct fown_struct is allocated during the fcntl() call. There are a few subsystems that call __f_setown() expecting file->f_owner to be allocated: (1) tun devices file->f_op->fasync::tun_chr_fasync() -> __f_setown() There are no callers of tun_chr_fasync(). (2) tty devices file->f_op->fasync::tty_fasync() -> __tty_fasync() -> __f_setown() tty_fasync() has no additional callers but __tty_fasync() has. Note that __tty_fasync() only calls __f_setown() if the @on argument is true. It's called from: file->f_op->release::tty_release() -> tty_release() -> __tty_fasync() -> __f_setown() tty_release() calls __tty_fasync() with @on false => __f_setown() is never called from tty_release(). => All callers of tty_release() are safe as well. file->f_op->release::tty_open() -> tty_release() -> __tty_fasync() -> __f_setown() __tty_hangup() calls __tty_fasync() with @on false => __f_setown() is never called from tty_release(). => All callers of __tty_hangup() are safe as well. From the callchains it's obvious that (1) and (2) end up getting called via file->f_op->fasync(). That can happen either through the F_SETFL fcntl() with the FASYNC flag raised or via the FIOASYNC ioctl(). If FASYNC is requested and the file isn't already FASYNC then file->f_op->fasync() is called with @on true which ends up causing both (1) and (2) to call __f_setown(). (1) and (2) are the only subsystems that call __f_setown() from the file->f_op->fasync() handler. So both (1) and (2) have been updated to allocate a struct fown_struct prior to calling fasync_helper() to register with the fasync infrastructure. That's safe as they both call fasync_helper() which also does allocations if @on is true. The other interesting case are file leases: (3) file leases lease_manager_ops->lm_setup::lease_setup() -> __f_setown() Which in turn is called from: generic_add_lease() -> lease_manager_ops->lm_setup::lease_setup() -> __f_setown() So here again we can simply make generic_add_lease() allocate struct fown_struct prior to the lease_manager_ops->lm_setup::lease_setup() which happens under a spinlock. With that the two remaining subsystems that call __f_setown() are: (4) dnotify (5) sockets Both have their own custom ioctls to set struct fown_struct and both have been converted to allocate a struct fown_struct on demand from their respective ioctls. Interactions with O_PATH are fine as well e.g., when opening a /dev/tty as O_PATH then no file->f_op->open() happens thus no file->f_owner is allocated. That's fine as no file operation will be set for those and the device has never been opened. fcntl()s called on such things will just allocate a ->f_owner on demand. Although I have zero idea why'd you care about f_owner on an O_PATH fd. Link: https://lore.kernel.org/r/20240813-work-f_owner-v2-1-4e9343a79f9f@kernel.org Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 20361712880396e44ce80aaeec2d93d182035651 Author: Issam Hamdi Date: Fri Aug 16 16:24:18 2024 +0200 wifi: cfg80211: Set correct chandef when starting CAC When starting CAC in a mode other than AP mode, it return a "WARNING: CPU: 0 PID: 63 at cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211]" caused by the chandef.chan being null at the end of CAC. Solution: Ensure the channel definition is set for the different modes when starting CAC to avoid getting a NULL 'chan' at the end of CAC. Call Trace: ? show_regs.part.0+0x14/0x16 ? __warn+0x67/0xc0 ? cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211] ? report_bug+0xa7/0x130 ? exc_overflow+0x30/0x30 ? handle_bug+0x27/0x50 ? exc_invalid_op+0x18/0x60 ? handle_exception+0xf6/0xf6 ? exc_overflow+0x30/0x30 ? cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211] ? exc_overflow+0x30/0x30 ? cfg80211_chandef_dfs_usable+0x20/0xaf [cfg80211] ? regulatory_propagate_dfs_state.cold+0x1b/0x4c [cfg80211] ? cfg80211_propagate_cac_done_wk+0x1a/0x30 [cfg80211] ? process_one_work+0x165/0x280 ? worker_thread+0x120/0x3f0 ? kthread+0xc2/0xf0 ? process_one_work+0x280/0x280 ? kthread_complete_and_exit+0x20/0x20 ? ret_from_fork+0x19/0x24 Reported-by: Kretschmer Mathias Signed-off-by: Issam Hamdi Link: https://patch.msgid.link/20240816142418.3381951-1-ih@simonwunderlich.de [shorten subject, remove OCB, reorder cases to match previous list] Signed-off-by: Johannes Berg commit 8109b226f23af2b9f4a866196349992e5cdfc5d8 Author: Yan Zhen Date: Tue Aug 27 18:30:12 2024 +0800 wifi: mac80211: scan: Use max macro When the original file is guaranteed to contain the minmax.h header file and compile correctly, using the real macro is usually more intuitive and readable. Signed-off-by: Yan Zhen Link: https://patch.msgid.link/20240827103012.3853588-1-yanzhen@vivo.com Signed-off-by: Johannes Berg commit 67bb124cd9ae38870667e4f9c876ef8e0f82ec44 Author: Ilan Peer Date: Tue Aug 27 10:39:20 2024 +0200 wifi: mac80211: Check for missing VHT elements only for 5 GHz Check for missing VHT Capabilities and VHT Operation elements in association response frame only for 5 GHz links. Fixes: 310c8387c638 ("wifi: mac80211: clean up connection process") Signed-off-by: Ilan Peer Reviewed-by: Miriam Rachel Korenblit Link: https://patch.msgid.link/20240827103920.dd711282d543.Iaba245cebc52209b0499d5bab7d8a8ef1df9dd65@changeid Signed-off-by: Johannes Berg commit ac35180032fbc5d80b29af00ba4881815ceefcb6 Author: Johannes Berg Date: Tue Aug 27 09:49:40 2024 +0200 wifi: mac80211: fix RCU list iterations There are a number of places where RCU list iteration is used, but that aren't (always) called with RCU held. Use just list_for_each_entry() in most, and annotate iface iteration with the required locks. Reviewed-by: Miriam Rachel Korenblit Link: https://patch.msgid.link/20240827094939.ed8ac0b2f897.I8443c9c3c0f8051841353491dae758021b53115e@changeid Signed-off-by: Johannes Berg commit fc5aa1ba77c78c17d2c1ddb94e7aca3f4f32efcf Author: Alex Bee Date: Thu May 23 20:56:33 2024 +0200 ARM: dts: rockchip: Add vpu nodes for RK3128 Add nodes for the vpu and it's attached iommu which are both part of the RK3128_PD_VIDEO powerdomain. Signed-off-by: Alex Bee Link: https://lore.kernel.org/r/20240523185633.71355-4-knaerzche@gmail.com Signed-off-by: Heiko Stuebner commit afe6ec667e8846c8470d32789cebbc435588972d Author: Geert Uytterhoeven Date: Mon Jul 22 17:25:53 2024 +0200 media: imagination: VIDEO_E5010_JPEG_ENC should depend on ARCH_K3 Currently, the Imagination E5010 JPEG Encoder is only present on Texas Instruments K3 SoCs. Hence add a dependency on ARCH_K3, to prevent asking the user about this driver when configuring a kernel without TI K3 SoC support. The dependency can be relaxed if/when the encoder appears on other SoC families. Fixes: a1e294045885 ("media: imagination: Add E5010 JPEG Encoder driver") Signed-off-by: Geert Uytterhoeven Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 90effee40b7b612e570f83416b6b6ff6f474fb9e Author: Sebastian Reichel Date: Tue Jun 18 20:18:35 2024 +0200 media: hantro: Add RK3588 VEPU121 RK3588 handling is exactly the same as RK3568. This is not handled using fallback compatibles to avoid exposing multiple video devices on kernels not having the multicore disable patch. Signed-off-by: Sebastian Reichel Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit ccdeb8d57f7fb3e5c05d72cb7dfb9bc78f09f542 Author: Sebastian Reichel Date: Tue Jun 18 20:18:34 2024 +0200 media: hantro: Disable multicore support Avoid exposing equal Hantro video codecs to userspace. Equal video codecs allow scheduling work between the cores. For that kernel support is required, which does not yet exist. Until that is implemented avoid exposing each core separately to userspace so that multicore can be added in the future without breaking userspace ABI. This was written with Rockchip RK3588 in mind (which has 4 Hantro H1 cores), but applies to all SoCs. Signed-off-by: Sebastian Reichel Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 1e490a1ea64396b98db8c233360093e264b0c10b Author: Jianfeng Liu Date: Tue Jun 18 20:18:33 2024 +0200 media: dt-bindings: rockchip-vpu: Add RK3588 VPU121 RK3588 has four Hantro H1 VEPUs (encoder-only) modules and one combined Hantro H1/G1 VPU (decoder and encoder). These are not described as separate IP, since they are sharing an internal cache. This adds the RK3588 specific compatible string for the combined VPU, which seems to be identical to the version found in the RK3568. Signed-off-by: Jianfeng Liu Acked-by: Conor Dooley Signed-off-by: Sebastian Reichel Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit b92346d2dba0048bfce7114225250bef73f83ad2 Author: Emmanuel Gil Peyrot Date: Tue Jun 18 20:18:32 2024 +0200 media: dt-bindings: rk3568-vepu: Add RK3588 VEPU121 This encoder-only device is present four times on this SoC, and should support everything the rk3568 vepu supports (so JPEG, H.264 and VP8 encoding). No fallback compatible has been added, since the operating systems might already support RK3568 VEPU and want to avoid registering four of them separately considering they can be used as a cluster. Signed-off-by: Emmanuel Gil Peyrot Acked-by: Conor Dooley Signed-off-by: Sebastian Reichel Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 1575740813de649199e68fc29bbb9707acebd34e Author: Alex Bee Date: Thu May 23 20:56:31 2024 +0200 dt-bindings: media: rockchip,vpu: Document RK3128 compatible The integration for this SoC is similar to RK3066/RK3188. Document it's compatible. Signed-off-by: Alex Bee Acked-by: Krzysztof Kozlowski Reviewed-by: Heiko Stuebner Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 142887ebef61ccb94d07a033f3264cfda699af16 Author: Fritz Koenig Date: Fri May 31 10:10:06 2024 -0700 Documentation: media: Fix AV1 struct documentation - v4l2_av1_segmentation table formatting - incorrect member name uv_sec_strength - incorrect struct name v4l2_av1_global_motion - incorrect link label for v4l2_av1_loop_filter - add max_frame_height_minus_1 - struct ordering Signed-off-by: Fritz Koenig Reviewed-by: Daniel Almeida Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 5423e2d220bebb4304f7ff739d02180f676eefd0 Author: Benjamin Gaignard Date: Thu May 16 10:41:07 2024 +0200 media: verisilicon: Add reference buffer compression feature Reference frame compression is a feature added in the G2 decoder to compress frame buffers so that the bandwidth of storing/loading reference frames can be reduced, especially with high resolution decoded streams. The impact of compressed frames is confirmed when using perf to monitor the number of memory accesses with or without the compression feature. The following command: perf stat -a -e \ imx8_ddr0/cycles/,imx8_ddr0/read-cycles/,imx8_ddr0/write-cycles/ \ gst-launch-1.0 filesrc \ location=Jockey_3840x2160_120fps_420_8bit_HEVC_RAW.hevc ! queue ! \ h265parse ! v4l2slh265dec ! video/x-raw,format=NV12 ! fakesink Gives us these results without the compression feature: Performance counter stats for 'system wide': 1711300345 imx8_ddr0/cycles/ 892207924 imx8_ddr0/read-cycles/ 1291785864 imx8_ddr0/write-cycles/ 13.760048353 seconds time elapsed With the compression feature: Performance counter stats for 'system wide': 274526799 imx8_ddr0/cycles/ 453120194 imx8_ddr0/read-cycles/ 833391434 imx8_ddr0/write-cycles/ 18.257831534 seconds time elapsed As expected the number of read/write cycles are really lower when compression is used. Since storing the compression data requires more memory a module parameter named 'hevc_use_compression' is used to enable/disable this feature and, by default, compression isn't used. Enabling the compression feature means that the output-frames of the decoder are stored with a specific compression pixel-format. Since this pixel format is unknown, this patch restrains the compression feature usage to the cases where post-processor pixel-formats (NV12 or NV15) are selected by the applications. The Fluster compliance HEVC test suite score is still 141/147 with this patch. Signed-off-by: Benjamin Gaignard Tested-by: Nicolas Dufresne Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 41eb4fb5d936bfa711020af30fa444776c1a6884 Author: Christophe JAILLET Date: Sun Jun 16 08:29:53 2024 +0200 media: mediatek: vcodec: Constify struct vb2_ops "struct vb2_ops" are not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 18059 3096 16 21171 52b3 drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_stateful.o After: ===== text data bss dec hex filename 18171 2968 16 21155 52a3 drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_stateful.o Signed-off-by: Christophe JAILLET Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 7878d3a385efab560dce793b595447867fb163f2 Author: Yunfei Dong Date: Thu Jun 13 17:33:57 2024 +0800 media: mediatek: vcodec: Fix H264 stateless decoder smatch warning Fix a smatch static checker warning on vdec_h264_req_if.c. Which leads to a kernel crash when fb is NULL. Fixes: 06fa5f757dc5 ("media: mtk-vcodec: vdec: support stateless H.264 decoding") Signed-off-by: Yunfei Dong Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit b113bc7c0e83b32f4dd2d291a2b6c4803e0a2c44 Author: Yunfei Dong Date: Thu Jun 13 17:33:56 2024 +0800 media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning Fix a smatch static checker warning on vdec_vp8_req_if.c. Which leads to a kernel crash when fb is NULL. Fixes: 7a7ae26fd458 ("media: mediatek: vcodec: support stateless VP8 decoding") Signed-off-by: Yunfei Dong Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 9be85491619f1953b8a29590ca630be571941ffa Author: Yunfei Dong Date: Thu Jun 13 17:33:55 2024 +0800 media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning Fix a smatch static checker warning on vdec_h264_req_multi_if.c. Which leads to a kernel crash when fb is NULL. Fixes: 397edc703a10 ("media: mediatek: vcodec: add h264 decoder driver for mt8186") Signed-off-by: Yunfei Dong Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 727eb1e3f014e66dcdec53afc6f5bfe0d8c0871d Author: Raag Jadav Date: Fri Aug 23 09:15:48 2024 +0530 drm/i915/hwmon: expose fan speed Add hwmon support for fan1_input attribute, which will expose fan speed in RPM. With this in place we can monitor fan speed using lm-sensors tool. $ sensors i915-pci-0300 Adapter: PCI adapter in0: 653.00 mV fan1: 3833 RPM power1: N/A (max = 43.00 W) energy1: 32.02 kJ v2: Handle overflow, add mutex protection and ABI documentation Aesthetic adjustments (Riana) v3: Change rotations data type, ABI date and version v4: Fix wakeref leak Drop switch case and simplify hwm_fan_xx() (Andi) v5: Rework time calculation, aesthetic adjustments (Andy) v6: Drop redundant overflow logic (Andy) Split fan_input_read() into dedicated helper (Badal) v7: Fix undefined reference to __udivdi3 for i386 (Andy) Signed-off-by: Raag Jadav Reviewed-by: Riana Tauro Reviewed-by: Andi Shyti Reviewed-by: Badal Nilawar Signed-off-by: Anshuman Gupta Link: https://patchwork.freedesktop.org/patch/msgid/20240823034548.2670032-1-raag.jadav@intel.com commit 17163f23678c7599e40758d7b96f68e3f3f2ea15 Author: Florian Westphal Date: Tue Aug 27 15:38:23 2024 +0200 xfrm: minor update to sdb and xfrm_policy comments The spd is no longer maintained as a linear list. We also haven't been caching bundles in the xfrm_policy struct since 2010. While at it, add kdoc style comments for the xfrm_policy structure and extend the description of the current rbtree based search to mention why it needs to search the candidate set. Signed-off-by: Florian Westphal Signed-off-by: Steffen Klassert commit 08c2182cf0b47646af7f3daa292980f95f5e1ea6 Author: Florian Westphal Date: Tue Aug 27 15:37:32 2024 +0200 xfrm: policy: use recently added helper in more places No logical change intended. Signed-off-by: Florian Westphal Signed-off-by: Steffen Klassert commit 3e74825cd9ffca4bf4d082c150b861e541c52ff1 Author: Markus Niebel Date: Mon Aug 12 16:14:14 2024 +0200 ARM: dts: imx7-mba7: improve compatible for LM75 temp sensor Use national,lm75a to specify exact variant used. This should cause no functional changes. Signed-off-by: Markus Niebel Signed-off-by: Shawn Guo commit d8ae1cdea3e735ebd2c12f88a81b2f03d2206a46 Author: Markus Niebel Date: Mon Aug 12 16:14:13 2024 +0200 ARM: dts: imx7-mba7: add iio-hwmon support Enable IIO hwmon support for ADC1 and ADC2. All channels are available on X23 (ADC2) and X24 (ADC1) of MBa7x. Signed-off-by: Markus Niebel Signed-off-by: Shawn Guo commit 70cf622bb16e810a36db755a136e419fb3b3853f Author: Alexander Stein Date: Mon Aug 12 15:06:36 2024 +0200 arm64: dts: mba8mx: Add Ethernet PHY IRQ support The interrupt pin of the PHY is connected to the GPIO expander, configure it accordingly. Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit 6f5a740c5f47cea9d1db0f9f0b8a9007a2df60bf Author: Animesh Agarwal Date: Sat Aug 10 11:48:06 2024 +0530 arm64: dts: layerscape: remove unused num-viewport Remove unused property num-viewport to fix dtbs warnings. arch/arm64/boot/dts/freescale/fsl-ls1012a-frwy.dtb: pcie@3400000: Unevaluated properties are not allowed ('num-viewport' was unexpected) from schema $id: http://devicetree.org/schemas/pci/fsl,layerscape-pcie.yaml# arch/arm64/boot/dts/freescale/fsl-ls1012a-oxalis.dtb: pcie@3400000: Unevaluated properties are not allowed ('num-viewport' was unexpected) from schema $id: http://devicetree.org/schemas/pci/fsl,layerscape-pcie.yaml# Cc: Daniel Baluta Signed-off-by: Animesh Agarwal Signed-off-by: Shawn Guo commit 43d37fffda9b7ad10ae90122ea532a829bdd2f92 Author: Zhang Zekun Date: Tue Aug 27 18:58:23 2024 +0800 ata: ahci_brcm: Use devm_platform_ioremap_resource_byname() helper function platform_get_resource_byname() and devm_ioremap_resource() can be replaced by devm_platform_ioremap_resource_byname(), which can simplify the code logic a bit, No functional change here. Signed-off-by: Zhang Zekun Signed-off-by: Damien Le Moal commit f7e41b65bdc570335dec68d5f65f6317c3eaeeac Author: Huan Yang Date: Tue Aug 20 18:21:19 2024 +0800 clk: lmk04832: Use devm_clk_get_enabled() helpers The devm_clk_get_enabled() helpers: - call devm_clk_get() - call clk_prepare_enable() and register what is needed in order to call clk_disable_unprepare() when needed, as a managed resource. This simplifies the code and avoids the calls to clk_disable_unprepare(). Signed-off-by: Huan Yang Link: https://lore.kernel.org/r/20240820102119.130298-1-link@vivo.com Signed-off-by: Stephen Boyd commit b75197e86e6d3de4e611869ef30a27cf414a5f77 Author: Yu Kuai Date: Tue Aug 27 19:06:16 2024 +0800 md: Remove flush handling For flush request, md has a special flush handling to merge concurrent flush request into single one, however, the whole mechanism is based on a disk level spin_lock 'mddev->lock'. And fsync can be called quite often in some user cases, for consequence, spin lock from IO fast path can cause performance degradation. Fortunately, the block layer already has flush handling to merge concurrent flush request, and it only acquires hctx level spin lock. (see details in blk-flush.c) This patch removes the flush handling in md, and converts to use general block layer flush handling in underlying disks. Flush test for 4 nvme raid10: start 128 threads to do fsync 100000 times, on arm64, see how long it takes. Test script: void* thread_func(void* arg) { int fd = *(int*)arg; for (int i = 0; i < FSYNC_COUNT; i++) { fsync(fd); } return NULL; } int main() { int fd = open("/dev/md0", O_RDWR); if (fd < 0) { perror("open"); exit(1); } pthread_t threads[THREADS]; struct timeval start, end; gettimeofday(&start, NULL); for (int i = 0; i < THREADS; i++) { pthread_create(&threads[i], NULL, thread_func, &fd); } for (int i = 0; i < THREADS; i++) { pthread_join(threads[i], NULL); } gettimeofday(&end, NULL); close(fd); long long elapsed = (end.tv_sec - start.tv_sec) * 1000000LL + (end.tv_usec - start.tv_usec); printf("Elapsed time: %lld microseconds\n", elapsed); return 0; } Test result: about 10 times faster: Before this patch: 50943374 microseconds After this patch: 5096347 microseconds Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240827110616.3860190-1-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit bf934bed5e2fd81f767d75c05fb95f0333a1b183 Author: Tejun Heo Date: Tue Aug 27 14:17:20 2024 -1000 sched_ext: Add missing cfi stub for ops.tick The cfi stub for ops.tick was missing which will fail scheduler loading after pending BPF changes. Add it. Signed-off-by: Tejun Heo commit e5899b60f52a7591cfc2a2dec3e83710975117d7 Merge: b3bc5341b04763 62fdaf9e8056e9 Author: Jakub Kicinski Date: Tue Aug 27 16:35:31 2024 -0700 Merge branch '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue Tony Nguyen says: ==================== Intel Wired LAN Driver Updates 2024-08-26 (ice) This series contains updates to ice driver only. Jake implements and uses rd32_poll_timeout to replace a jiffies loop for calling ice_sq_done. The rd32_poll_timeout() function is designed to allow simplifying other places in the driver where we need to read a register until it matches a known value. Jake, Bruce, and Przemek update ice_debug_cq() to be more robust, and more useful for tracing control queue messages sent and received by the device driver. Jake rewords several commands in the ice_control.c file which previously referred to the "Admin queue" when they were actually generic functions usable on any control queue. Jake removes the unused and unnecessary cmd_buf array allocation for send queues. This logic originally was going to be useful if we ever implemented asynchronous completion of transmit messages. This support is unlikely to materialize, so the overhead of allocating a command buffer is unnecessary. Sergey improves the log messages when the ice driver reports that the NVM version on the device is not supported by the driver. Now, these messages include both the discovered NVM version and the requested/expected NVM version. Aleksandr Mishin corrects overallocation of memory related to adding scheduler nodes. * '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue: ice: Adjust over allocation of memory in ice_sched_add_root_node() and ice_sched_add_node() ice: Report NVM version numbers on mismatch during load ice: remove unnecessary control queue cmd_buf arrays ice: reword comments referring to control queues ice: stop intermixing AQ commands/responses debug dumps ice: do not clutter debug logs with unused data ice: improve debug print for control queue messages ice: implement and use rd32_poll_timeout for ice_sq_done timeout ==================== Link: https://patch.msgid.link/20240826224655.133847-1-anthony.l.nguyen@intel.com Signed-off-by: Jakub Kicinski commit d205d4af3a5ee840edecfa5f6b389d7d03b0786d Author: Rong Tao Date: Tue Aug 27 12:30:30 2024 +0800 samples/bpf: tracex4: Fix failed to create kretprobe 'kmem_cache_alloc_node+0x0' commit 7bd230a26648 ("mm/slab: enable slab allocation tagging for kmalloc and friends") [1] swap kmem_cache_alloc_node() to kmem_cache_alloc_node_noprof(). linux/samples/bpf$ sudo ./tracex4 libbpf: prog 'bpf_prog2': failed to create kretprobe 'kmem_cache_alloc_node+0x0' perf event: No such file or directory ERROR: bpf_program__attach failed Signed-off-by: Rong Tao Signed-off-by: Andrii Nakryiko Link: https://github.com/torvalds/linux/commit/7bd230a26648ac68ab3731ebbc449090f0ac6a37 Link: https://lore.kernel.org/bpf/tencent_34E5BCCAC5ABF3E81222AD81B1D05F16DE06@qq.com commit b3bc5341b04763c78e256503fc4a31019bb03f20 Merge: 85d4cf56e95ae0 a96c5515d0d15d Author: Jakub Kicinski Date: Tue Aug 27 16:14:20 2024 -0700 Merge branch 'net-dsa-microchip-add-ksz8895-ksz8864-switch-support' Tristram Ha says: ==================== net: dsa: microchip: Add KSZ8895/KSZ8864 switch support This series of patches is to add KSZ8895/KSZ8864 switch support to the KSZ DSA driver. ==================== Link: https://patch.msgid.link/BYAPR11MB3558B8A089C88DFFFC09B067EC8B2@BYAPR11MB3558.namprd11.prod.outlook.com Signed-off-by: Jakub Kicinski commit a96c5515d0d15df103598b2bc57245d66143b5dd Author: Tristram Ha Date: Mon Aug 26 21:43:08 2024 +0000 net: dsa: microchip: Add KSZ8895/KSZ8864 switch support KSZ8895/KSZ8864 is a switch family between KSZ8863/73 and KSZ8795, so it shares some registers and functions in those switches already implemented in the KSZ DSA driver. Signed-off-by: Tristram Ha Tested-by: Pieter Van Trappen Reviewed-by: Oleksij Rempel Signed-off-by: Jakub Kicinski commit e3717f2ad1a2620730a7086e032ffa7242f8aa23 Author: Tristram Ha Date: Mon Aug 26 21:43:05 2024 +0000 dt-bindings: net: dsa: microchip: Add KSZ8895/KSZ8864 switch support KSZ8895/KSZ8864 is a switch family developed before KSZ8795 and after KSZ8863, so it shares some registers and functions in those switches. KSZ8895 has 5 ports and so is more similar to KSZ8795. KSZ8864 is a 4-port version of KSZ8895. The first port is removed while port 5 remains as a host port. Signed-off-by: Tristram Ha Acked-by: Krzysztof Kozlowski Link: https://patch.msgid.link/BYAPR11MB3558FD0717772263FAD86846EC8B2@BYAPR11MB3558.namprd11.prod.outlook.com Signed-off-by: Jakub Kicinski commit 85d4cf56e95ae0bb381587f229420a0eb6ab1d0a Author: A K M Fazla Mehrab Date: Mon Aug 26 18:26:52 2024 +0000 net/handshake: use sockfd_put() helper Replace fput() with sockfd_put() in handshake_nl_done_doit(). Signed-off-by: A K M Fazla Mehrab Reviewed-by: Chuck Lever Link: https://patch.msgid.link/20240826182652.2449359-1-a.mehrab@bytedance.com Signed-off-by: Jakub Kicinski commit 3410d0e14f9a6856386c6a8eb2310cbc58191777 Author: Shradha Gupta Date: Mon Aug 26 09:07:41 2024 -0700 net: mana: Implement get_ringparam/set_ringparam for mana Currently the values of WQs for RX and TX queues for MANA devices are hardcoded to default sizes. Allow configuring these values for MANA devices as ringparam configuration(get/set) through ethtool_ops. Pre-allocate buffers at the beginning of this operation, to prevent complete network loss in low-memory conditions. Signed-off-by: Shradha Gupta Reviewed-by: Haiyang Zhang Reviewed-by: Saurabh Sengar Link: https://patch.msgid.link/1724688461-12203-1-git-send-email-shradhagupta@linux.microsoft.com Signed-off-by: Jakub Kicinski commit 4ad858bd6fbe21c563f177d499da5f99b4b2480e Author: Eric Suen Date: Tue Aug 27 10:40:03 2024 -0700 selinux: replace kmem_cache_create() with KMEM_CACHE() Based on guidance in include/linux/slab.h, replace kmem_cache_create() with KMEM_CACHE() for sources under security/selinux to simplify creation of SLAB caches. Signed-off-by: Eric Suen [PM: minor grammar nits in the description] Signed-off-by: Paul Moore commit c66f4711f79c937832b6c0e0b1805061667d99ea Author: Maarten Lankhorst Date: Mon Aug 26 19:01:16 2024 +0200 drm/xe: Align all VRAM scanout buffers to 64k physical pages when needed. For CCS formats on affected platforms, CCS can be used freely, but display engine requires a multiple of 64k physical pages. No other changes are needed. At the BO creation time we don't know if the BO will be used for CCS or not. If the scanout flag is set, and the BO is a multiple of 64k, we take the safe route and force the physical alignment of 64k pages. If the BO is not a multiple of 64k, or the scanout flag was not set at BO creation, we reject it for usage as CCS in display. The physical pages are likely not aligned correctly, and this will cause corruption when used as FB. The scanout flag and size being a multiple of 64k are used together to enforce 64k physical placement. VM_BIND is completely unaffected, mappings to a VM can still be aligned to 4k, just like for normal buffers. Signed-off-by: Zbigniew Kempczyński Signed-off-by: Maarten Lankhorst Cc: Matthew Auld Cc: Rodrigo Vivi Cc: Thomas Hellström Cc: Maarten Lankhorst Cc: Juha-Pekka Heikkilä Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240826170117.327709-3-maarten.lankhorst@linux.intel.com Signed-off-by: Rodrigo Vivi commit 97c6efb3649724e6163774f0e7405c5ca8b1097a Author: Maarten Lankhorst Date: Mon Aug 26 19:01:15 2024 +0200 drm/i915/display: Plane capability for 64k phys alignment Some plane formats have been designed to require 64k physical alignment. By returning whether this is the case for certain formats, we do not need to hardcode this check inside Xe. Signed-off-by: Maarten Lankhorst Reviewed-by: Zbigniew Kempczyński Acked-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240826170117.327709-2-maarten.lankhorst@linux.intel.com Signed-off-by: Rodrigo Vivi commit c50fe289ed7207f71df3b5f1720512a9620e84fb Author: Alex Deucher Date: Thu Aug 22 21:54:24 2024 -0400 drm/amdgpu/swsmu: always force a state reprogram on init Always reprogram the hardware state on init. This ensures the PMFW state is explicitly programmed and we are not relying on the default PMFW state. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3131 Reviewed-by: Kenneth Feng Signed-off-by: Alex Deucher commit e45a3933bb3ebd9a2ac95b6b60da029ee3a9f4e7 Author: Zaeem Mohamed Date: Fri Aug 23 00:30:15 2024 -0400 drm/amdgpu/display: remove unnecessary TODO spl_os_types.h Remove unnecessary TODO from spl_os_types.h Reviewed-by: Hamza Mahfooz Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit ff95eabe57368d641589441e8f638b4d59f79a82 Author: Zaeem Mohamed Date: Thu Aug 22 17:36:10 2024 -0400 drm/amdgpu/display: SPDX copyright for spl_os_types.h Use appropriate SPDX copyright for spl_os_types.h Reviewed-by: Hamza Mahfooz Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 3715112c1b35036039e8c4f75868a0b56a71a51d Author: Fangzhi Zuo Date: Fri Aug 2 15:03:39 2024 -0400 drm/amd/display: Add DSC Debug Log Add DSC log in each critical routines to facilitate debugging. Reviewed-by: Rodrigo Siqueira Signed-off-by: Fangzhi Zuo Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 38d6f7e27d318cf41c2376980a105d02ac6e8b16 Author: Aric Cyr Date: Sun Aug 18 21:39:06 2024 -0400 drm/amd/display: 3.2.298 This version brings along the following fixes: - Fix MS/MP mismatches in dml21 for dcn401 - Resolved Coverity issues - Add back quality EASF and ISHARP and dc dependency changes - Add sharpness support for windowed YUV420 video - Add improvements for text display and HDR DWM and MPO - Fix Synaptics Cascaded Panamera DSC Determination - Allocate DCN35 clock table transfer buffers in GART - Add Replay Low Refresh Rate parameters in dc type Acked-by: Leo Li Signed-off-by: Aric Cyr Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 469a486541b6eb0d695a5558e68851fef35c16f7 Author: Samson Tam Date: Sat Aug 17 19:24:27 2024 -0400 drm/amd/display: add sharpness support for windowed YUV420 video [Why] Previous only applied sharpness for fullscreen YUV420 video. [How] Remove fullscrene restriction and apply sharpness for windowed YUV420 video as well. Reviewed-by: Jun Lei Signed-off-by: Samson Tam Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 1b0ce903fe747d72e9eab86a06c79fb2c7ba2bab Author: Samson Tam Date: Sat Aug 17 19:16:53 2024 -0400 drm/amd/display: add improvements for text display and HDR DWM and MPO [Why] Tune settings for improved text display. Handle differences between DWM and MPO in HDR path. [How] Update sharpener LBA table. Use HDR multiplier to calculate scalar matrix coefficients for HDR RGB MPO path. Update unit tests. Reviewed-by: Jun Lei Signed-off-by: Samson Tam Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit b4148dc2fa062cdb94b5165d39827bcb1a3daa28 Author: Dennis Chan Date: Fri Jul 19 15:08:35 2024 +0800 drm/amd/display: Add Replay Low Refresh Rate parameters in dc type. Why: To supported Low Refresh Rate panel for Replay Feature, Adding some parameters to record Low Refresh Rate information. Reviewed-by: Robin Chen Signed-off-by: Dennis Chan Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 6efc0ab3b05de0d7bab8ec0597214e4788251071 Author: Samson Tam Date: Fri Aug 16 11:42:35 2024 -0400 drm/amd/display: add back quality EASF and ISHARP and dc dependency changes [Why] Addressed previous issues with quality changes and new issues due to rolling back quality changes. [How] This reverts commit f9e6759888866748f31b6b6c2142a481d587f51f, fixes merge conflicts, and fixed some formatting errors. Store current sharpness level for each pregen table to minimize calculating sharpness table every time. Disable dynamic ODM when sharpness is enabled. Reviewed-by: Jun Lei Signed-off-by: Samson Tam Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 9793a4a6e5eb8764c7410c361984ed01722bab9f Author: Nicholas Kazlauskas Date: Fri Jun 21 16:11:28 2024 -0400 drm/amd/display: Notify DMCUB of D0/D3 state [Why] We want to avoid arming the HPD timer in firmware when preparing for S0i3 entry when DC is considered in D3. [How] Notify DMCUB of the power state transitions so it can decide to arm the HPD timer for idle in DCN35 only in D0. Reviewed-by: Nicholas Kazlauskas Signed-off-by: Nicholas Kazlauskas Signed-off-by: Ovidiu Bunea Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 4437936c6b696b98f3fe1d8679a2788c41b4df77 Author: Fangzhi Zuo Date: Mon Aug 12 12:13:44 2024 -0400 drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination Synaptics Cascaded Panamera topology needs to unconditionally acquire root aux for dsc decoding. Reviewed-by: Roman Li Signed-off-by: Fangzhi Zuo Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit e565b6b0b5eee112db803bd955fb0387ce952d54 Author: ChunTao Tso Date: Thu Aug 8 17:25:55 2024 +0800 drm/amd/display: Retry Replay residency [Why] Because sometime DMUB GPINT will time out, it will cause we return 0 as residency number. [How] Retry to avoid this happened. Reviewed-by: Robin Chen Signed-off-by: ChunTao Tso Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 6692982582a54e7ecc80d7b0dae5db6cd47e2567 Author: Nicholas Kazlauskas Date: Thu Aug 15 16:31:44 2024 -0400 drm/amd/display: Allocate DCN35 clock table transfer buffers in GART [Why] Request from PMFW to use GART for clock table transfer tables as framebuffer is being deprecated on APU. [How] Switch over to GART via the allocation flag. Reviewed-by: Sung joon Kim Signed-off-by: Nicholas Kazlauskas Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 87d23164d89c3898a0acb4ec0b431e787c27a91e Author: Aurabindo Pillai Date: Wed Aug 14 17:56:17 2024 -0400 drm/amd/display: do not set traslate_by_source for DCN401 cursor translate_by_source need not be set for DCN401 onwards since cursor cursor composition comes after scaler in the hardware pipeline. Hence offset calculation has been reworked, and this setting is not necessary to be enabled anymore. Reviewed-by: Rodrigo Siqueira Signed-off-by: Aurabindo Pillai Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 6dcc304f85898b099b35c63748c5e11ba56d0c8a Author: Daniel Sa Date: Mon Aug 12 15:24:27 2024 -0400 drm/amd/display: Resolve Coverity Issues [WHY] Remove coverity issues that were originally ignored. [HOW] Ran coverity locally on driver, used output report to find existing coverity issues, resolved them Reviewed-by: Nicholas Choi Signed-off-by: Daniel Sa Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 949237a34dba3f0218857f5afa0dde2076dd8c82 Author: Dillon Varone Date: Wed Aug 14 17:32:16 2024 -0400 drm/amd/display: Fix MS/MP mismatches in dml21 for dcn401 [WHY] Prefetch calculations did not guarantee that bandwidth required in mode support was less than mode programming which can cause failures. [HOW] Fix bandwidth calculations to assume fixed times for OTO schedule, and choose which schedule to use based on time to fetch pixel data. Reviewed-by: Jun Lei Signed-off-by: Dillon Varone Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit f0b7dcf25834afd17df316367dfe5d4c890c713c Author: Alvin Lee Date: Thu Aug 8 10:19:54 2024 -0400 drm/amd/display: Wait for all pending cleared before full update [Description] Before every full update we must wait for all pending updates to be cleared - this is particularly important for minimal transitions because if we don't wait for pending cleared, it will be as if there was no minimal transition at all. In OTG we must read 3 different status registers for pending cleared, one specifically for OTG updates, one specifically for OPTC updates, and the last for surface related updates Reviewed-by: Dillon Varone Signed-off-by: Alvin Lee Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 5d666496c24129edeb2bcb500498b87cc64e7f07 Author: Ahmed, Muhammad Date: Tue Aug 13 17:11:55 2024 -0400 drm/amd/display: guard write a 0 post_divider value to HW [why] post_divider_value should not be 0. Reviewed-by: Charlene Liu Signed-off-by: Ahmed, Muhammad Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 3d054c40766024d9d8fb051d017ceacf2b795f1c Author: Alvin Lee Date: Thu Jun 20 14:32:21 2024 -0400 drm/amd/display: Don't skip clock updates in overclocking [Description] Skipping clock updates is not a hard requirement for overclocking and only an optimization. Remove the skip as this can cause issues for FAMS transitions during the overclock sequence. If FAMS is enabled we must disable UCLK switch on any full update (which requires update clocks to be called). Reviewed-by: Dillon Varone Signed-off-by: Alvin Lee Signed-off-by: Zaeem Mohamed Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit a08d75927f99e57c793f3a5d11260c22893fc0e9 Author: Leo Li Date: Tue Aug 6 13:29:13 2024 -0400 drm/amd: Introduce additional IPS debug flags [Why] Idle power states (IPS) describe levels of power-gating within DCN. DM and DC is responsible for ensuring that we are out of IPS before any DCN programming happens. Any DCN programming while we're in IPS leads to undefined behavior (mostly hangs). Because IPS intersects with all display features, the ability to disable IPS by default while ironing out the known issues is desired. However, disabing it completely will cause important features such as s0ix entry to fail. Therefore, more granular IPS debug flags are desired. [How] Extend the dc debug mask bits to include the available list of IPS debug flags. All the flags should work as documented, with the exception of IPS_DISABLE_DYNAMIC. It requires dm changes which will be done in later changes. v2: enable docs and fix docstring format Signed-off-by: Leo Li Reviewed-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit b86a6a57b8ad1699ba8b1c270a79678383baf632 Author: Alex Deucher Date: Thu Aug 22 16:20:10 2024 -0400 drm/amdgpu/smu13.0.7: print index for profiles Print the index for the profiles. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3543 Reviewed-by: Kenneth Feng Signed-off-by: Alex Deucher commit b932d5ad9257f262a0bfd1bd7146120b0adc11a7 Author: Alex Deucher Date: Thu Aug 22 15:16:11 2024 -0400 drm/amdgpu/swsmu: fix ordering for setting workload_mask No change in functionality for the current code, but we need to set the index properly before changing it if we ever use a non-0 index. Reviewed-by: Kenneth Feng Signed-off-by: Alex Deucher commit bbb05f8a9cd87f5046d05a0c596fddfb714ee457 Author: Alex Deucher Date: Wed Aug 21 14:32:02 2024 -0400 drm/amdgpu: align pp_power_profile_mode with kernel docs The kernel doc says you need to select manual mode to adjust this, but the code only allows you to adjust it when manual mode is not selected. Remove the manual mode check. Reviewed-by: Kenneth Feng Signed-off-by: Alex Deucher commit cf740e3cc761560beefae4d772fd350e46f600fc Author: Pawel Dembicki Date: Mon Aug 26 11:37:10 2024 +0200 net: phy: vitesse: implement MDI-X configuration in vsc73xx This commit introduces MDI-X configuration support in vsc73xx phys. Vsc73xx supports only auto mode or forced MDI. Vsc73xx have auto MDI-X disabled by default in forced speed mode. This commit enables it. Signed-off-by: Pawel Dembicki Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240826093710.511837-1-paweldembicki@gmail.com Signed-off-by: Jakub Kicinski commit ec4d817c608bcac5504e08eae72e3090a75111aa Merge: d76867efebcb20 7d2bd8ac9d2494 Author: Jakub Kicinski Date: Tue Aug 27 14:26:08 2024 -0700 Merge branch 'net-fix-module-autoloading' Liao Chen says: ==================== net: fix module autoloading This patchset aims to enable autoloading of some net modules. By registering MDT, the kernel is allowed to automatically bind modules to devices that match the specified compatible strings. ==================== Link: https://patch.msgid.link/20240826091858.369910-1-liaochen4@huawei.com Signed-off-by: Jakub Kicinski commit 7d2bd8ac9d2494cf9b16c4b00df9424ad24ed18c Author: Liao Chen Date: Mon Aug 26 09:18:58 2024 +0000 net: airoha: fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Acked-by: Lorenzo Bianconi Link: https://patch.msgid.link/20240826091858.369910-4-liaochen4@huawei.com Signed-off-by: Jakub Kicinski commit c76afed1bace01f5634ca18b3a5c85650ea653ad Author: Liao Chen Date: Mon Aug 26 09:18:57 2024 +0000 net: ag71xx: fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Link: https://patch.msgid.link/20240826091858.369910-3-liaochen4@huawei.com Signed-off-by: Jakub Kicinski commit 2e25147a6560b684917d7f7142422c9901badfdd Author: Liao Chen Date: Mon Aug 26 09:18:56 2024 +0000 net: dm9051: fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Link: https://patch.msgid.link/20240826091858.369910-2-liaochen4@huawei.com Signed-off-by: Jakub Kicinski commit d76867efebcb20752345e5a41d38bd456427b325 Author: Yu Liao Date: Mon Aug 26 09:21:00 2024 +0800 net: txgbe: use pci_dev_id() helper PCI core API pci_dev_id() can be used to get the BDF number for a PCI device. We don't need to compose it manually. Use pci_dev_id() to simplify the code a little bit. Signed-off-by: Yu Liao Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240826012100.3975175-1-liaoyu15@huawei.com Signed-off-by: Jakub Kicinski commit be04024a24a93f761a7b2c5f2de46db0f3acdc74 Author: Rosen Penev Date: Sat Aug 24 13:02:37 2024 -0700 net: ag71xx: support probe defferal for getting MAC address Currently, of_get_ethdev_address() return is checked for any return error code which means that trying to get the MAC from NVMEM cells that is backed by MTD will fail if it was not probed before ag71xx. So, lets check the return error code for EPROBE_DEFER and defer the ag71xx probe in that case until the underlying NVMEM device is live. Signed-off-by: Robert Marko Signed-off-by: Rosen Penev Reviewed-by: Oleksij Rempel Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240824200249.137209-1-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 0eaebf738e6ec45d1f8a268155b13afcf17e2c97 Author: Yue Haibing Date: Sat Aug 24 16:31:07 2024 +0800 net: liquidio: Remove unused declarations Commit da15c78b5664 ("liquidio CN23XX: VF register access") declared cn23xx_dump_vf_initialized_regs() but never implemented it. octeon_dump_soft_command() is never implemented and used since introduction in commit 35878618c92d ("liquidio: Added delayed work for periodically updating the link statistics."). And finally, a few other declarations were never implenmented since introduction in commit f21fb3ed364b ("Add support of Cavium Liquidio ethernet adapters"). Signed-off-by: Yue Haibing Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240824083107.3639602-1-yuehaibing@huawei.com Signed-off-by: Jakub Kicinski commit 9a4556862d1f0f4d3a77c5252a616e006a4c3432 Author: Yue Haibing Date: Sat Aug 24 16:27:54 2024 +0800 net: thunderx: Remove unused declarations Commit 4863dea3fab0 ("net: Adding support for Cavium ThunderX network controller") declared nicvf_qset_reg_{write,read}() but never implemented. Commit 4863dea3fab0 ("net: Adding support for Cavium ThunderX network controller") declared bgx_add_dmac_addr() but no implementation. After commit 5fc7cf179449 ("net: thunderx: Cleanup PHY probing code.") octeon_mdiobus_force_mod_depencency() is not used any more. Signed-off-by: Yue Haibing Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240824082754.3637963-1-yuehaibing@huawei.com Signed-off-by: Jakub Kicinski commit 7c89562f95f0a3bc922c91a6bb84df22a3efca65 Merge: 73d33bd063c4cf 586d87021f224b Author: Jakub Kicinski Date: Tue Aug 27 14:11:29 2024 -0700 Merge branch 'net-selftests-tcp-ao-selftests-updates' Dmitry Safonov via says: ==================== net/selftests: TCP-AO selftests updates First 3 patches are more-or-less cleanups/preparations. Patches 4/5 are fixes for netns file descriptors leaks/open. Patch 6 was sent to me/contributed off-list by Mohammad, who wants 32-bit kernels to run TCP-AO. Patch 7 is a workaround/fix for slow VMs. Albeit, I can't reproduce the issue, but I hope it will fix netdev flakes for connect-deny-* tests. And the biggest change is adding TCP-AO tracepoints to selftests. I think it's a good addition by the following reasons: - The related tracepoints are now tested; - It allows tcp-ao selftests to raise expectations on the kernel behavior - up from the syscalls exit statuses + net counters. - Provides tracepoints usage samples. As tracepoints are not a stable ABI, any kernel changes done to them will be reflected to the selftests, which also will allow users to see how to change their code. It's quite better than parsing dmesg (what BGP was doing pre-tracepoints, ugh). Somewhat arguably, the code parses trace_pipe, rather than uses libtraceevent (which any sane user should do). The reason behind that is the same as for rt-netlink macros instead of libmnl: I'm trying to minimize the library dependencies of the selftests. And the performance of formatting text in kernel and parsing it again in a test is not critical. Current output sample: > ok 73 Trace events matched expectations: 13 tcp_hash_md5_required[2] tcp_hash_md5_unexpected[4] tcp_hash_ao_required[3] tcp_ao_key_not_found[4] Previously, tracepoints selftests were part of kernel tcp tracepoints submission [1], but since then the code was quite changed: - Now generic tracing setup is in lib/ftrace.c, separate from lib/ftrace-tcp.c which utilizes TCP trace points. This separation allows future selftests to trace non-TCP events, i.e. to find out an skb's drop reason, which was useful in the creation of TCP-CLOSE stress-test (not in this patch set, but used in attempt to reproduce the issue from [2]). - Another change is that in the previous submission the trace events where used only to detect unexpected TCP-AO/TCP-MD5 events. In this version the selftests will fail if an expected trace event didn't appear. Let's see how reliable this is on the netdev bot - it obviously passes on my testing, but potentially may require a temporary XFAIL patch if it misbehaves on a slow VM. [1] https://lore.kernel.org/lkml/20240224-tcp-ao-tracepoints-v1-0-15f31b7f30a7@arista.com/ [2] https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=33700a0c9b56 v3: https://lore.kernel.org/20240815-tcp-ao-selftests-upd-6-12-v3-0-7bd2e22bb81c@gmail.com v2: https://lore.kernel.org/20240802-tcp-ao-selftests-upd-6-12-v2-0-370c99358161@gmail.com v1: https://lore.kernel.org/20240730-tcp-ao-selftests-upd-6-12-v1-0-ffd4bf15d638@gmail.com ==================== Link: https://patch.msgid.link/20240823-tcp-ao-selftests-upd-6-12-v4-0-05623636fe8c@gmail.com Signed-off-by: Jakub Kicinski commit 586d87021f224b0434372f5b4418216e29b0a544 Author: Dmitry Safonov <0x7f454c46@gmail.com> Date: Fri Aug 23 23:04:58 2024 +0100 selftests/net: Add trace events matching to tcp_ao Setup trace points, add a new ftrace instance in order to not interfere with the rest of the system, filtering by net namespace cookies. Raise a new background thread that parses trace_pipe, matches them with the list of expected events. Wiring up trace events to selftests provides another insight if there is anything unexpected happining in the tcp-ao code (i.e. key rotation when it's not expected). Note: in real programs libtraceevent should be used instead of this manual labor of setting ftrace up and parsing. I'm not using it here as I don't want to have an .so library dependency that one would have to bring into VM or DUT (Device Under Test). Please, don't copy it over into any real world programs, that aren't tests. Signed-off-by: Dmitry Safonov <0x7f454c46@gmail.com> Link: https://patch.msgid.link/20240823-tcp-ao-selftests-upd-6-12-v4-8-05623636fe8c@gmail.com Signed-off-by: Jakub Kicinski commit 044e037051252ca8df07e1355bf4d7964645a6e8 Author: Dmitry Safonov <0x7f454c46@gmail.com> Date: Fri Aug 23 23:04:57 2024 +0100 selftests/net: Synchronize client/server before counters checks On tests that are expecting failure the timeout value is TEST_RETRANSMIT_SEC == 1 second. Which is big enough for most of devices under tests. But on a particularly slow machine/VM, 1 second might be not enough for another thread to be scheduled and attempt to connect(). It is not a problem for tests that expect connect() to succeed as the timeout value for them (TEST_TIMEOUT_SEC) is intentionally bigger. One obvious way to solve this would be to increase TEST_RETRANSMIT_SEC. But as all tests would increase the timeouts, that's going to sum up. But here is less obvious way that keeps timeouts for expected connect() failures low: just synchronize the two threads, which will assure that before counter checks the other thread got a chance to run and timeout on connect(). The expected increase of the related counter for listen() socket will yet test the expected failure. Never happens on my machine, but I suppose the majority of netdev's connect-deny-* flakes [1] are caused by this. Prevents the following testing issue: > # selftests: net/tcp_ao: connect-deny_ipv6 > # 1..21 > # # 462[lib/setup.c:243] rand seed 1720905426 > # TAP version 13 > # ok 1 Non-AO server + AO client > # not ok 2 Non-AO server + AO client: TCPAOKeyNotFound counter did not increase: 0 <= 0 > # ok 3 AO server + Non-AO client > # ok 4 AO server + Non-AO client: counter TCPAORequired increased 0 => 1 ... [1]: https://netdev-3.bots.linux.dev/vmksft-tcp-ao/results/681741/6-connect-deny-ipv6/stdout Signed-off-by: Dmitry Safonov <0x7f454c46@gmail.com> Link: https://patch.msgid.link/20240823-tcp-ao-selftests-upd-6-12-v4-7-05623636fe8c@gmail.com Signed-off-by: Jakub Kicinski commit 1c69e1f433990a81b5a5d415d8892ebcaacb985b Author: Mohammad Nassiri Date: Fri Aug 23 23:04:56 2024 +0100 selftests/tcp_ao: Fix printing format for uint64_t It's not safe to use '%zu' specifier for printing uint64_t on 32-bit systems. For uint64_t, we should use the 'PRIu64' macro from the inttypes.h library. This ensures that the uint64_t is printed correctly from the selftests regardless of the system architecture. Signed-off-by: Mohammad Nassiri [Added missing spaces in fail/ok messages and uint64_t cast in setsockopt-closed, as otherwise it was giving warnings on 64bit. And carried it to netdev ml] Signed-off-by: Dmitry Safonov <0x7f454c46@gmail.com> Link: https://patch.msgid.link/20240823-tcp-ao-selftests-upd-6-12-v4-6-05623636fe8c@gmail.com Signed-off-by: Jakub Kicinski commit a9e1693406f96f3739611dd08518c9eda3acecfd Author: Dmitry Safonov <0x7f454c46@gmail.com> Date: Fri Aug 23 23:04:55 2024 +0100 selftests/net: Don't forget to close nsfd after switch_save_ns() The switch_save_ns() helper suppose to help switching to another namespace for some action and to return back to original namespace. The fd should be closed. Signed-off-by: Dmitry Safonov <0x7f454c46@gmail.com> Link: https://patch.msgid.link/20240823-tcp-ao-selftests-upd-6-12-v4-5-05623636fe8c@gmail.com Signed-off-by: Jakub Kicinski commit 8acb1806e8c2846ae619f500a3229a325c3304f5 Author: Dmitry Safonov <0x7f454c46@gmail.com> Date: Fri Aug 23 23:04:54 2024 +0100 selftests/net: Open /proc/thread-self in open_netns() It turns to be that open_netns() is called rarely from the child-thread and more often from parent-thread. Yet, on initialization of kconfig checks, either of threads may reach kconfig_lock mutex first. VRF-related checks do create a temporary ksft-check VRF in an unshare()'d namespace and than setns() back to the original. As original was opened from "/proc/self/ns/net", it's valid for thread-leader (parent), but it's invalid for the child, resulting in the following failure on tests that check has_vrfs() support: > # ok 54 TCP-AO required on socket + TCP-MD5 key: prefailed as expected: Key was rejected by service > # not ok 55 # error 381[unsigned-md5.c:24] Failed to add a VRF: -17 > # not ok 56 # error 383[unsigned-md5.c:33] Failed to add a route to VRF: -22: Key was rejected by service > not ok 1 selftests: net/tcp_ao: unsigned-md5_ipv6 # exit=1 Use "/proc/thread-self/ns/net" which is valid for any thread. Signed-off-by: Dmitry Safonov <0x7f454c46@gmail.com> Link: https://patch.msgid.link/20240823-tcp-ao-selftests-upd-6-12-v4-4-05623636fe8c@gmail.com Signed-off-by: Jakub Kicinski commit bc2468f98221a194769cac80051da6b86cc39c2f Author: Dmitry Safonov <0x7f454c46@gmail.com> Date: Fri Aug 23 23:04:53 2024 +0100 selftests/net: Be consistent in kconfig checks Most of the functions in tcp-ao lib/ return negative errno or -1 in case of a failure. That creates inconsistencies in lib/kconfig, which saves what was the error code. As well as the uninitialized kconfig value is -1, which also may be the result of a check. Define KCONFIG_UNKNOWN and save negative return code, rather than libc-style errno. Signed-off-by: Dmitry Safonov <0x7f454c46@gmail.com> Link: https://patch.msgid.link/20240823-tcp-ao-selftests-upd-6-12-v4-3-05623636fe8c@gmail.com Signed-off-by: Jakub Kicinski commit 7053e788ded5f8ec589e4507d764d6a894780d6c Author: Dmitry Safonov <0x7f454c46@gmail.com> Date: Fri Aug 23 23:04:52 2024 +0100 selftests/net: Provide test_snprintf() helper Instead of pre-allocating a fixed-sized buffer of TEST_MSG_BUFFER_SIZE and printing into it, call vsnprintf() with str = NULL, which will return the needed size of the buffer. This hack is documented in man 3 vsnprintf. Essentially, in C++ terms, it re-invents std::stringstream, which is going to be used to print different tracing paths and formatted strings. Use it straight away in __test_print() - which is thread-safe version of printing in selftests. Signed-off-by: Dmitry Safonov <0x7f454c46@gmail.com> Link: https://patch.msgid.link/20240823-tcp-ao-selftests-upd-6-12-v4-2-05623636fe8c@gmail.com Signed-off-by: Jakub Kicinski commit 79504a47339cd9a1574d974869aecaba838e1213 Author: Dmitry Safonov <0x7f454c46@gmail.com> Date: Fri Aug 23 23:04:51 2024 +0100 selftests/net: Clean-up double assignment Correct copy'n'paste typo: the previous line already initialises get_all to 1. Reported-by: Nassiri, Mohammad Closes: https://lore.kernel.org/all/DM6PR04MB4202BC58A9FD5BDD24A16E8EC56F2@DM6PR04MB4202.namprd04.prod.outlook.com/ Signed-off-by: Dmitry Safonov <0x7f454c46@gmail.com> Link: https://patch.msgid.link/20240823-tcp-ao-selftests-upd-6-12-v4-1-05623636fe8c@gmail.com Signed-off-by: Jakub Kicinski commit 04cf420bbc32a599aa2481725f708435ea19bf3d Merge: 67733d7a71503f e55ef65510a401 Author: Rodrigo Vivi Date: Tue Aug 27 17:06:28 2024 -0400 Merge drm/drm-next into drm-intel-next Need to take some Xe bo definition in here before we can add the BMG display 64k aligned size restrictions. Signed-off-by: Rodrigo Vivi commit 73d33bd063c4cfef3db17f9bec3d202928ed8631 Author: James Chapman Date: Fri Aug 23 15:22:57 2024 +0100 l2tp: avoid using drain_workqueue in l2tp_pre_exit_net Recent commit fc7ec7f554d7 ("l2tp: delete sessions using work queue") incorrectly uses drain_workqueue. The use of drain_workqueue in l2tp_pre_exit_net is flawed because the workqueue is shared by all nets and it is therefore possible for new work items to be queued for other nets while drain_workqueue runs. Instead of using drain_workqueue, use __flush_workqueue twice. The first one will run all tunnel delete work items and any work already queued. When tunnel delete work items are run, they may queue new session delete work items, which the second __flush_workqueue will run. In l2tp_exit_net, warn if any of the net's idr lists are not empty. Fixes: fc7ec7f554d7 ("l2tp: delete sessions using work queue") Signed-off-by: James Chapman Link: https://patch.msgid.link/20240823142257.692667-1-jchapman@katalix.com Signed-off-by: Jakub Kicinski commit aed7136a37148465dcc899b806584fe70fd4ae72 Merge: 3333df3b4bc890 f9cc9997cba9de Author: Jakub Kicinski Date: Tue Aug 27 13:29:20 2024 -0700 Merge branch 'add-gmac-support-for-rk3576' Detlev Casanova says: ==================== Add GMAC support for rk3576 Add the necessary constants and functions to support the GMAC devices on the rk3576. ==================== Link: https://patch.msgid.link/20240823141318.51201-1-detlev.casanova@collabora.com Signed-off-by: Jakub Kicinski commit f9cc9997cba9defaf00c8e70d25f88271cbd6d4d Author: David Wu Date: Fri Aug 23 10:11:15 2024 -0400 ethernet: stmmac: dwmac-rk: Add GMAC support for RK3576 Add constants and callback functions for the dwmac on RK3576 soc. Signed-off-by: David Wu [rebase, extracted bindings] Signed-off-by: Detlev Casanova Reviewed-by: Heiko Stuebner Link: https://patch.msgid.link/20240823141318.51201-4-detlev.casanova@collabora.com Signed-off-by: Jakub Kicinski commit 299e2aefb159e83f920de79a85100aa4cefec740 Author: Detlev Casanova Date: Fri Aug 23 10:11:14 2024 -0400 dt-bindings: net: Add support for rk3576 dwmac Add a rockchip,rk3576-gmac compatible for supporting the 2 gmac devices on the rk3576. Signed-off-by: Detlev Casanova Acked-by: Rob Herring (Arm) Reviewed-by: Heiko Stuebner Link: https://patch.msgid.link/20240823141318.51201-3-detlev.casanova@collabora.com Signed-off-by: Jakub Kicinski commit 78a60497a020ff526ae067125eef0dee10df5771 Author: Detlev Casanova Date: Fri Aug 23 10:11:13 2024 -0400 ethernet: stmmac: dwmac-rk: Fix typo for RK3588 code Fix SELET -> SELECT in RK3588_GMAC_CLK_SELET_CRU and RK3588_GMAC_CLK_SELET_IO Signed-off-by: Detlev Casanova Reviewed-by: Heiko Stuebner Link: https://patch.msgid.link/20240823141318.51201-2-detlev.casanova@collabora.com Signed-off-by: Jakub Kicinski commit 59cfdf3f3349019fbfc986a285afcc3873d155f4 Author: Tejun Heo Date: Tue Aug 27 10:05:58 2024 -1000 scx_central: Fix smatch checker warning ARRAY_ELEM_PTR() is an access macro used to help the BPF verifier not confused by offseted memory acceeses by yiedling a valid pointer or NULL in a way that's clear to the verifier. As such, the canonical usage involves checking NULL return from the macro. Note that in many cases, the NULL condition can never happen - they're there just to hint the verifier. In a bpf_loop in scx_central.bpf.c::central_dispatch(), the NULL check was incorrect in that there was another dereference of the pointer in addition to the NULL checked access. This worked as the pointer can never be NULL and the verifier could tell it would never be NULL in this case. However, this still looks wrong and trips smatch: ./tools/sched_ext/scx_central.bpf.c:205 ____central_dispatch() error: we previously assumed 'gimme' could be null (see line 201) ./tools/sched_ext/scx_central.bpf.c 195 196 if (!scx_bpf_dispatch_nr_slots()) 197 break; 198 199 /* central's gimme is never set */ 200 gimme = ARRAY_ELEM_PTR(cpu_gimme_task, cpu, nr_cpu_ids); 201 if (gimme && !*gimme) ^^^^^ If gimme is NULL 202 continue; 203 204 if (dispatch_to_cpu(cpu)) --> 205 *gimme = false; Fix the NULL check so that there are no derefs if NULL. This doesn't change actual behavior. Signed-off-by: Tejun Heo Reported-by: Dan Carpenter Link: http://lkml.kernel.org/r/<955e1c3c-ace2-4a1d-b246-15b8196038a3@stanley.mountain> commit 3333df3b4bc8904768c0fd3d8a93564163c7962d Author: Andy Shevchenko Date: Fri Aug 23 02:05:50 2024 +0300 net: ethernet: ti: am65-cpsw-nuss: Replace of_node_to_fwnode() with more suitable API of_node_to_fwnode() is a IRQ domain specific implementation of of_fwnode_handle(). Replace the former with more suitable API. Signed-off-by: Andy Shevchenko Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240822230550.708112-1-andy.shevchenko@gmail.com Signed-off-by: Jakub Kicinski commit 3d6a0c4f4552c8b08ba63b9da97c8255db4c6a56 Author: Diogo Jahchan Koike Date: Mon Aug 26 10:45:46 2024 -0300 net: fix unreleased lock in cable test fix an unreleased lock in out_dev_put path by removing the (now) unnecessary path. Reported-by: syzbot+c641161e97237326ea74@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=c641161e97237326ea74 Fixes: 3688ff3077d3 ("net: ethtool: cable-test: Target the command to the requested PHY") Signed-off-by: Diogo Jahchan Koike Reviewed-by: Maxime Chevallier Link: https://patch.msgid.link/20240826134656.94892-1-djahchankoike@gmail.com Signed-off-by: Jakub Kicinski commit 59fdd43304f4cbb7ee8e281ca337afd803c309f6 Author: Yu Kuai Date: Mon Aug 26 15:44:52 2024 +0800 md/md-bitmap: make in memory structure internal Now that struct bitmap_page and bitmap is not used externally anymore, move them from md-bitmap.h to md-bitmap.c (expect that dm-raid is still using define marco 'COUNTER_MAX'). Also fix some checkpatch warnings. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-43-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit dab2ce5534ef7a7b8db70d1abd4225ee8a7798c7 Author: Yu Kuai Date: Mon Aug 26 15:44:51 2024 +0800 md/md-bitmap: merge md_bitmap_enabled() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-42-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 49f5f5e309e6127957babed7834f5a0e1022f936 Author: Yu Kuai Date: Mon Aug 26 15:44:50 2024 +0800 md/md-bitmap: merge md_bitmap_wait_behind_writes() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-41-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit c65c20dc504b08204d6c3effffa9409a526822aa Author: Yu Kuai Date: Mon Aug 26 15:44:49 2024 +0800 md/md-bitmap: merge md_bitmap_free() into bitmap_operations So that the implementation won't be exposed, and it'll be possible o invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-40-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit ef1c400fafe27f06ba1e8050fc2f35662fe8e106 Author: Yu Kuai Date: Mon Aug 26 15:44:48 2024 +0800 md/md-bitmap: merge md_bitmap_set_pages() into struct bitmap_operations o that the implementation won't be exposed, and it'll be possible o invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-39-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 3dd9141a154785f10770fb3e8349f6b133b08b8a Author: Yu Kuai Date: Mon Aug 26 15:44:47 2024 +0800 md/md-bitmap: merge md_bitmap_copy_from_slot() into struct bitmap_operation. So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-38-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 57d602414d2e327160f2e03c39eff3f2f895839c Author: Yu Kuai Date: Mon Aug 26 15:44:46 2024 +0800 md/md-bitmap: merge get_bitmap_from_slot() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-37-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 77c09640eea56dbfed069ac67b1cd79397d41be8 Author: Yu Kuai Date: Mon Aug 26 15:44:45 2024 +0800 md/md-bitmap: merge md_bitmap_resize() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-36-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit e1791dae6cbd65e5102dca40b8adadef1d89c1b9 Author: Yu Kuai Date: Mon Aug 26 15:44:44 2024 +0800 md/md-bitmap: pass in mddev directly for md_bitmap_resize() And move the condition "if (mddev->bitmap)" into md_bitmap_resize() as well, on the one hand make code cleaner, on the other hand try not to access bitmap directly. Since we are here, also change the parameter 'init' from int to bool. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-35-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 18db2a9c60aefc61e796f6a384a952999d3b8885 Author: Yu Kuai Date: Mon Aug 26 15:44:43 2024 +0800 md/md-bitmap: merge md_bitmap_daemon_work() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-34-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 3c9883e77a36ca76b8d92afa99599263ca587ae7 Author: Yu Kuai Date: Mon Aug 26 15:44:42 2024 +0800 md/md-bitmap: merge bitmap_unplug() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-33-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 48eb95810a9241afd871de917d70712e2ddfda31 Author: Yu Kuai Date: Mon Aug 26 15:44:41 2024 +0800 md/md-bitmap: merge md_bitmap_unplug_async() into md_bitmap_unplug() Add a parameter 'bool sync' to distinguish them, and md_bitmap_unplug_async() won't be exported anymore, hence bitmap_operations only need one op to cover them. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-32-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 4338b94271dd8cee8ce3b662b12528cd009325a3 Author: Yu Kuai Date: Mon Aug 26 15:44:40 2024 +0800 md/md-bitmap: merge md_bitmap_sync_with_cluster() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-31-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 15db1eca63bd954997058edc1563223d7b525003 Author: Yu Kuai Date: Mon Aug 26 15:44:39 2024 +0800 md/md-bitmap: merge md_bitmap_cond_end_sync() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Also change the parameter from bitmap to mddev, to avoid access bitmap outside md-bitmap.c as much as possible. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-30-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 014125c64d09e58e90dde49fbb57d802a13e2559 Author: Thomas Zimmermann Date: Tue Aug 27 14:09:05 2024 +0200 drm/xe: Support 'nomodeset' kernel command-line option Setting 'nomodeset' on the kernel command line disables all graphics drivers with modesetting capabilities, leaving only firmware drivers, such as simpledrm or efifb. Most DRM drivers automatically support 'nomodeset' via DRM's module helper macros. In xe, which uses regular module_init(), manually call drm_firmware_drivers_only() to test for 'nomodeset'. Do not register the driver if set. v2: - use xe's init table (Lucas) - do NULL test for init/exit functions Signed-off-by: Thomas Zimmermann Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240827121003.97429-1-tzimmermann@suse.de Signed-off-by: Lucas De Marchi commit 01cc7b2e8a59fcae0c4493720561e5b33a195fe7 Author: Stephan Gerhold Date: Mon Jul 15 14:15:38 2024 +0200 Revert "drm/panel-edp: Add SDC ATNA45AF01" This reverts commit 8ebb1fc2e69ab8b89a425e402c7bd85e053b7b01. The panel should be handled through the samsung-atna33xc20 driver for correct power up timings. Otherwise the backlight does not work correctly. We have existing users of this panel through the generic "edp-panel" compatible (e.g. the Qualcomm X1E80100 CRD), but the screen works only partially in that configuration: It works after boot but once the screen gets disabled it does not turn on again until after reboot. It behaves the same way with the default "conservative" timings, so we might as well drop the configuration from the panel-edp driver. That way, users with old DTBs will get a warning and can move to the new driver. Reviewed-by: Douglas Anderson Signed-off-by: Stephan Gerhold Reviewed-by: Johan Hovold Tested-by: Johan Hovold Signed-off-by: Douglas Anderson Link: https://patchwork.freedesktop.org/patch/msgid/20240715-x1e80100-crd-backlight-v2-2-31b7f2f658a3@linaro.org commit fc953d40bd4318b45adc63db42c3cd5d2c5b0661 Author: Peng Fan Date: Tue Aug 6 22:56:01 2024 +0800 clk: scmi: add is_prepared hook Some clocks maybe default enabled by hardware. For clocks that don't have users, that will be left in hardware default state, because prepare count and enable count is zero,if there is no is_prepared hook to get the hardware state. So add is_prepared hook to detect the hardware state. Then when disabling the unused clocks, they can be simply turned OFF to save power during kernel boot. Reviewed-by: Dhruva Gole Signed-off-by: Peng Fan Link: https://lore.kernel.org/r/20240806145601.1184337-1-peng.fan@oss.nxp.com Reviewed-by: Sudeep Holla Signed-off-by: Stephen Boyd commit d96608794889d5a2419fb4077fa5d5bbffea07bc Author: Daniel Borkmann Date: Fri Aug 23 14:00:53 2024 +0200 netkit: Disable netpoll support Follow-up to 45160cebd6ac ("net: veth: Disable netpoll support") to also disable netpoll for netkit interfaces. Same conditions apply here as well. Signed-off-by: Daniel Borkmann Cc: Breno Leitao Cc: Nikolay Aleksandrov Acked-by: Nikolay Aleksandrov Reviewed-by: Breno Leitao Link: https://lore.kernel.org/r/eab2d69ba2f4c260aef62e4ff0d803e9f60c2c5d.1724414250.git.daniel@iogearbox.net Signed-off-by: Martin KaFai Lau commit a84dd0d8ae24bdc6da341187fc4c1a0adfce2ccc Author: Vasily Gorbik Date: Sat Aug 24 02:14:04 2024 +0200 s390/ftrace: Avoid calling unwinder in ftrace_return_address() ftrace_return_address() is called extremely often from performance-critical code paths when debugging features like CONFIG_TRACE_IRQFLAGS are enabled. For example, with debug_defconfig, ftrace selftests on my LPAR currently execute ftrace_return_address() as follows: ftrace_return_address(0) - 0 times (common code uses __builtin_return_address(0) instead) ftrace_return_address(1) - 2,986,805,401 times (with this patch applied) ftrace_return_address(2) - 140 times ftrace_return_address(>2) - 0 times The use of __builtin_return_address(n) was replaced by return_address() with an unwinder call by commit cae74ba8c295 ("s390/ftrace: Use unwinder instead of __builtin_return_address()") because __builtin_return_address(n) simply walks the stack backchain and doesn't check for reaching the stack top. For shallow stacks with fewer than "n" frames, this results in reads at low addresses and random memory accesses. While calling the fully functional unwinder "works", it is very slow for this purpose. Moreover, potentially following stack switches and walking past IRQ context is simply wrong thing to do for ftrace_return_address(). Reimplement return_address() to essentially be __builtin_return_address(n) with checks for reaching the stack top. Since the ftrace_return_address(n) argument is always a constant, keep the implementation in the header, allowing both GCC and Clang to unroll the loop and optimize it to the bare minimum. Fixes: cae74ba8c295 ("s390/ftrace: Use unwinder instead of __builtin_return_address()") Cc: stable@vger.kernel.org Reported-by: Sumanth Korikkar Reviewed-by: Heiko Carstens Acked-by: Sumanth Korikkar Signed-off-by: Vasily Gorbik commit 57216cc985b34c4cd6107a15fb04ca881465176d Author: Jens Remus Date: Thu Aug 22 17:30:21 2024 +0200 s390/build: Avoid relocation information in final vmlinux Since commit 778666df60f0 ("s390: compile relocatable kernel without -fPIE") the kernel vmlinux ELF file is linked with --emit-relocs to preserve all relocations, so that all absolute relocations can be extracted using the 'relocs' tool to adjust them during boot. Port and adapt Petr Pavlu's x86 commit 9d9173e9ceb6 ("x86/build: Avoid relocation information in final vmlinux") to s390 to strip all relocations from the final vmlinux ELF file to optimize its size. Following is his original commit message with minor adaptions for s390: The Linux build process on s390 roughly consists of compiling all input files, statically linking them into a vmlinux ELF file, and then taking and turning this file into an actual bzImage bootable file. vmlinux has in this process two main purposes: 1) It is an intermediate build target on the way to produce the final bootable image. 2) It is a file that is expected to be used by debuggers and standard ELF tooling to work with the built kernel. For the second purpose, a vmlinux file is typically collected by various package build recipes, such as distribution spec files, including the kernel's own tar-pkg target. When building the kernel vmlinux contains also relocation information produced by using the --emit-relocs linker option. This is utilized by subsequent build steps to create relocs.S and produce a relocatable image. However, the information is not needed by debuggers and other standard ELF tooling. The issue is then that the collected vmlinux file and hence distribution packages end up unnecessarily large because of this extra data. The following is a size comparison of vmlinux v6.10 with and without the relocation information: | Configuration | With relocs | Stripped relocs | | defconfig | 696 MB | 320 MB | | -CONFIG_DEBUG_INFO | 48 MB | 32 MB | Optimize a resulting vmlinux by adding a postlink step that splits the relocation information into relocs.S and then strips it from the vmlinux binary. Reviewed-by: Vasily Gorbik Signed-off-by: Jens Remus Signed-off-by: Vasily Gorbik commit d759be28232f8a4ebdfc1a2c20989e54a6965dbf Author: Vasily Gorbik Date: Wed Aug 21 20:06:16 2024 +0200 s390/ftrace: Use kernel ftrace trampoline for modules Now that both the kernel modules area and the kernel image itself are located within 4 GB, there is no longer a need to maintain a separate ftrace_plt trampoline. Use the existing trampoline in the kernel. Reviewed-by: Ilya Leoshkevich Reviewed-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit 017f1f0d397604f289d9075d8481e42a9b85194a Author: Vasily Gorbik Date: Wed Aug 21 20:06:13 2024 +0200 s390/ftrace: Remove unused ftrace_plt_template* Unused since commit b860b9346e2d ("s390/ftrace: remove dead code"). Reviewed-by: Ilya Leoshkevich Signed-off-by: Vasily Gorbik commit cf8c39b00e982fa506b16f9d76657838c09150cb Author: Andrew Davis Date: Mon Jun 10 09:28:36 2024 -0500 power: reset: brcmstb: Do not go into infinite loop if reset fails There may be other backup reset methods available, do not halt here so that other reset methods can be tried. Signed-off-by: Andrew Davis Reviewed-by: Dhruva Gole Acked-by: Florian Fainelli Link: https://lore.kernel.org/r/20240610142836.168603-5-afd@ti.com Signed-off-by: Sebastian Reichel commit ad87aee5cba821066be99c76efd818368ff5bb4a Author: Andrew Davis Date: Mon Jun 10 09:28:35 2024 -0500 power: reset: brcmstb: Use devm_register_sys_off_handler() Function register_restart_handler() is deprecated. Using this new API removes our need to keep and manage a struct notifier_block. Signed-off-by: Andrew Davis Reviewed-by: Dhruva Gole Acked-by: Florian Fainelli Link: https://lore.kernel.org/r/20240610142836.168603-4-afd@ti.com Signed-off-by: Sebastian Reichel commit a4ceaab660cabdc9ac2d2514a809174443209b3b Author: Andrew Davis Date: Mon Jun 10 09:28:34 2024 -0500 power: reset: brcmstb: Use syscon_regmap_lookup_by_phandle_args() helper Simplify probe by fetching the regmap and its arguments in one call. Signed-off-by: Andrew Davis Reviewed-by: Dhruva Gole Acked-by: Florian Fainelli Link: https://lore.kernel.org/r/20240610142836.168603-3-afd@ti.com Signed-off-by: Sebastian Reichel commit cf37f16a60f332fad21fe0a45893ac4c6a825d9d Author: Andrew Davis Date: Mon Jun 10 09:28:33 2024 -0500 power: reset: brcmstb: Use device_get_match_data() for matching Use device_get_match_data() for finding the matching node and fetching the match data all in one. Signed-off-by: Andrew Davis Acked-by: Florian Fainelli Link: https://lore.kernel.org/r/20240610142836.168603-2-afd@ti.com Signed-off-by: Sebastian Reichel commit 0174d12f9b7ebc83f1f2b6c25f05304104de5a91 Author: Andrew Davis Date: Mon Jun 10 09:28:32 2024 -0500 power: reset: brcmstb: Use normal driver register function The platform_driver_probe() helper is useful when the probe function is in the _init section, that is not the case here. Use the normal platform_driver_register() function. Signed-off-by: Andrew Davis Reviewed-by: Dhruva Gole Acked-by: Florian Fainelli Link: https://lore.kernel.org/r/20240610142836.168603-1-afd@ti.com Signed-off-by: Sebastian Reichel commit de2e75209303b98d3169a249a1bc847be9657d9b Author: Marc Zyngier Date: Tue Aug 27 16:25:17 2024 +0100 KVM: arm64: Add selftest checking how the absence of GICv3 is handled Given how tortuous and fragile the whole lack-of-GICv3 story is, add a selftest checking that we don't regress it. Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240827152517.3909653-12-maz@kernel.org Signed-off-by: Marc Zyngier commit cd08d3216fc4e684f05fe4cf696a275a975f6499 Author: Marc Zyngier Date: Tue Aug 27 16:25:16 2024 +0100 KVM: arm64: Unify UNDEF injection helpers We currently have two helpers (undef_access() and trap_undef()) that do exactly the same thing: inject an UNDEF and return 'false' (as an indication that PC should not be incremented). We definitely could do with one less. Given that undef_access() is used 80ish times, while trap_undef() is only used 30 times, the latter loses the battle and is immediately sacrificed. We also have a large number of instances where undef_access() is open-coded. Let's also convert those. Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240827152517.3909653-11-maz@kernel.org Signed-off-by: Marc Zyngier commit 4a999a1d7ae52592723a9a219aaa7a3406d66dd6 Author: Marc Zyngier Date: Tue Aug 27 16:25:15 2024 +0100 KVM: arm64: Make most GICv3 accesses UNDEF if they trap We don't expect to trap any GICv3 register for host handling, apart from ICC_SRE_EL1 and the SGI registers. If they trap, that's because the guest is playing with us despite being told it doesn't have a GICv3. If it does, UNDEF is what it will get. Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240827152517.3909653-10-maz@kernel.org Signed-off-by: Marc Zyngier commit 59af011d001b836aa52a3dbb5c54daf6fffb511e Author: Marc Zyngier Date: Tue Aug 27 16:25:14 2024 +0100 KVM: arm64: Honor guest requested traps in GICv3 emulation On platforms that require emulation of the CPU interface, we still need to honor the traps requested by the guest (ICH_HCR_EL2 as well as the FGTs for ICC_IGRPEN{0,1}_EL1. Check for these bits early and lail out if any trap applies. Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240827152517.3909653-9-maz@kernel.org Signed-off-by: Marc Zyngier commit 15a1ba8d049855c5ae454c84e6dd2d7657bacbe8 Author: Marc Zyngier Date: Tue Aug 27 16:25:13 2024 +0100 KVM: arm64: Add trap routing information for ICH_HCR_EL2 The usual song and dance. Anything that is a trap, any register it traps. Note that we don't handle the registers added by FEAT_NMI for now. Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240827152517.3909653-8-maz@kernel.org Signed-off-by: Marc Zyngier commit 9f5deace58da737d67ec9c2d23534a475be68481 Author: Marc Zyngier Date: Tue Aug 27 16:25:12 2024 +0100 KVM: arm64: Add ICH_HCR_EL2 to the vcpu state As we are about to describe the trap routing for ICH_HCR_EL2, add the register to the vcpu state in its VNCR form, as well as reset Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240827152517.3909653-7-maz@kernel.org Signed-off-by: Marc Zyngier commit 5cb57a1aff7551bcb3b800d33141b06ef0ac178b Author: Marc Zyngier Date: Tue Aug 27 16:25:11 2024 +0100 KVM: arm64: Zero ID_AA64PFR0_EL1.GIC when no GICv3 is presented to the guest In order to be consistent, we shouldn't advertise a GICv3 when none is actually usable by the guest. Wipe the feature when these conditions apply, and allow the field to be written from userspace. This now allows us to rewrite the kvm_has_gicv3 helper() in terms of kvm_has_feat(), given that it is always evaluated at runtime. Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240827152517.3909653-6-maz@kernel.org Signed-off-by: Marc Zyngier commit 795a0bbaeee2aa993338166bc063fe3c89373d2a Author: Marc Zyngier Date: Tue Aug 27 16:25:10 2024 +0100 KVM: arm64: Add helper for last ditch idreg adjustments We already have to perform a set of last-chance adjustments for NV purposes. We will soon have to do the same for the GIC, so introduce a helper for that exact purpose. Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240827152517.3909653-5-maz@kernel.org Signed-off-by: Marc Zyngier commit 8d917e0a8651377321c06513f42e2ab9a86161f4 Author: Marc Zyngier Date: Tue Aug 27 16:25:09 2024 +0100 KVM: arm64: Force GICv3 trap activation when no irqchip is configured on VHE On a VHE system, no GICv3 traps get configured when no irqchip is present. This is not quite matching the "no GICv3" semantics that we want to present. Force such traps to be configured in this case. Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240827152517.3909653-4-maz@kernel.org Signed-off-by: Marc Zyngier commit 5739a961b542530626cb3afb721efa688b290cce Author: Marc Zyngier Date: Tue Aug 27 16:25:08 2024 +0100 KVM: arm64: Force SRE traps when SRE access is not enabled We so far only write the ICH_HCR_EL2 config in two situations: - when we need to emulate the GICv3 CPU interface due to HW bugs - when we do direct injection, as the virtual CPU interface needs to be enabled This is all good. But it also means that we don't do anything special when we emulate a GICv2, or that there is no GIC at all. What happens in this case when the guest uses the GICv3 system registers? The *guest* gets a trap for a sysreg access (EC=0x18) while we'd really like it to get an UNDEF. Fixing this is a bit involved: - we need to set all the required trap bits (TC, TALL0, TALL1, TDIR) - for these traps to take effect, we need to (counter-intuitively) set ICC_SRE_EL1.SRE to 1 so that the above traps take priority. Note that doesn't fully work when GICv2 emulation is enabled, as we cannot set ICC_SRE_EL1.SRE to 1 (it breaks Group0 delivery as IRQ). Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240827152517.3909653-3-maz@kernel.org Signed-off-by: Marc Zyngier commit d2137ba8d8fe56cd2470c82b98e494cbcababd76 Author: Marc Zyngier Date: Tue Aug 27 16:25:07 2024 +0100 KVM: arm64: Move GICv3 trap configuration to kvm_calculate_traps() Follow the pattern introduced with vcpu_set_hcr(), and introduce vcpu_set_ich_hcr(), which configures the GICv3 traps at the same point. This will allow future changes to introduce trap configuration on a per-VM basis. Reviewed-by: Oliver Upton Link: https://lore.kernel.org/r/20240827152517.3909653-2-maz@kernel.org Signed-off-by: Marc Zyngier commit 292fe42c34a9e9eea07f58a691813e077e9ca86f Author: Asmaa Mnebhi Date: Tue Jun 11 09:43:27 2024 -0400 power: reset: pwr-mlxbf: support graceful shutdown The OCP board used a BlueField's GPIO pin for entering low power mode. That board was not commercialized and has been dropped from production so all its code is unused. The new hardware requirement is to trigger a graceful shutdown when that GPIO pin is toggled. So replace the unused low power mode with a graceful shutdown. Signed-off-by: Asmaa Mnebhi Reviewed-by: David Thompson Link: https://lore.kernel.org/r/20240611134327.30975-1-asmaa@nvidia.com Signed-off-by: Sebastian Reichel commit 50f74b785059453b4f10fe53241c2f612ebf9028 Author: Chen Ni Date: Wed Jul 10 11:20:23 2024 +0800 power: supply: cpcap-charger: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Link: https://lore.kernel.org/r/20240710032023.2003742-1-nichen@iscas.ac.cn Signed-off-by: Sebastian Reichel commit 0d56099ed557ce7f76c0ede97272fe58dbf0b7f2 Merge: 5be63fc19fcaa4 ed49fe5a6fb9c1 Author: Marc Zyngier Date: Tue Aug 27 18:26:47 2024 +0100 Merge branch kvm-arm64/tlbi-fixes-6.12 into kvmarm-master/next * kvm-arm64/tlbi-fixes-6.12: : . : A couple of TLB invalidation fixes, only affecting pKVM : out of tree, courtesy of Will Deacon. : . KVM: arm64: Ensure TLBI uses correct VMID after changing context KVM: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe hyp init Signed-off-by: Marc Zyngier commit b01bf907bd9cdf5810397e9f831c3ecebc4a4ce8 Merge: 8400291e289ee6 120c2833b72f4b Author: Stephen Boyd Date: Tue Aug 27 10:20:46 2024 -0700 Merge tag 'renesas-clk-for-v6.12-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-drivers into clk-renesas Pull Renesas clk driver updates from Geert Uytterhoeven - Add PCIe, PWM, and CAN-FD clocks on R-Car V4M - Add LCD controller clocks and resets on RZ/G2UL - Add DMA clocks and resets on RZ/G3S - Add fractional multiplication PLL support on R-Car Gen4 - Document support for the Renesas RZ/G2M v3.0 (r8a774a3) SoC - Add support for the RZ/V2H(P) (R9A09G057) SoC - Miscellaneous fixes and improvements * tag 'renesas-clk-for-v6.12-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-drivers: (30 commits) clk: renesas: r8a779h0: Add CANFD clock clk: renesas: Add RZ/V2H(P) CPG driver clk: renesas: Add family-specific clock driver for RZ/V2H(P) dt-bindings: clock: renesas: Document RZ/V2H(P) SoC CPG clk: renesas: r8a779h0: Add PWM clock dt-bindings: clock: renesas,cpg-mssr: Document RZ/G2M v3.0 (r8a774a3) clock clk: renesas: rcar-gen4: Remove unused default PLL2/3/4/6 configs clk: renesas: rcar-gen4: Remove unused fixed PLL clock types clk: renesas: rcar-gen4: Remove unused variable PLL2 clock type clk: renesas: r8a779h0: Model PLL1/2/3/4/6 as fractional PLLs clk: renesas: r8a779g0: Model PLL1/3/4/6 as fractional PLLs clk: renesas: r8a779f0: Model PLL1/2/3/6 as fractional PLLs clk: renesas: r8a779a0: Use defines for PLL control registers clk: renesas: rcar-gen4: Add support for fractional 9.24 PLLs clk: renesas: rcar-gen4: Add support for fixed variable PLLs clk: renesas: rcar-gen4: Add support for variable fractional PLLs clk: renesas: rcar-gen4: Add support for fractional multiplication clk: renesas: rcar-gen4: Use defines for common CPG registers clk: renesas: rcar-gen4: Use FIELD_GET() clk: renesas: rcar-gen4: Clarify custom PLL clock support ... commit 077b18abde12f27da9776563413bbad4918ecb52 Author: Yu Kuai Date: Mon Aug 26 15:44:38 2024 +0800 md/md-bitmap: merge md_bitmap_close_sync() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Also change the parameter from bitmap to mddev, to avoid access bitmap outside md-bitmap.c as much as possible. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-29-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 1415f402e1a1e6054377ed15f249589204cfb8b7 Author: Yu Kuai Date: Mon Aug 26 15:44:37 2024 +0800 md/md-bitmap: merge md_bitmap_end_sync() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Also change the parameter from bitmap to mddev, to avoid access bitmap outside md-bitmap.c as much as possible. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-28-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 9be669bd1b031f40b35034223517cf886e7a7fcc Author: Yu Kuai Date: Mon Aug 26 15:44:36 2024 +0800 md/md-bitmap: remove the parameter 'aborted' for md_bitmap_end_sync() For internal callers, aborted are always set to false, while for external callers, aborted are always set to true. Hence there is no need to always pass in true for exported api. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-27-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit fe6a19d40ceb44281905485f56dda715e3214e0e Author: Yu Kuai Date: Mon Aug 26 15:44:35 2024 +0800 md/md-bitmap: merge md_bitmap_start_sync() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Also change the parameter from bitmap to mddev, to avoid access bitmap outside md-bitmap.c as much as possible. Also fix lots of code style. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-26-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 3486015facc030f30d694b92dc18e58073c6c9e0 Author: Yu Kuai Date: Mon Aug 26 15:44:34 2024 +0800 md/md-bitmap: merge md_bitmap_endwrite() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Also change the parameter from bitmap to mddev, to avoid access bitmap outside md-bitmap.c as much as possible. And change the type of 'success' and 'behind' from int to bool. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-25-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit c2257df4108ed872f46c96d6ea6092f17a747632 Author: Yu Kuai Date: Mon Aug 26 15:44:33 2024 +0800 md/md-bitmap: merge md_bitmap_startwrite() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Also change the parameter from bitmap to mddev, to avoid access bitmap outside md-bitmap.c as much as possible. And change the type of 'behind' from int to bool. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-24-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 2d3b130e177f14b461c47880b6e0b338fd6872f5 Author: Yu Kuai Date: Mon Aug 26 15:44:32 2024 +0800 md/md-bitmap: merge md_bitmap_dirty_bits() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Also change the parameter from bitmap to mddev, to avoid access bitmap outside md-bitmap.c as much as possible. And while we're here, also fix coding style for bitmap_store(). Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-23-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit b26313cb96f1b3fd6f07d3243f6cd426c5cbaf39 Author: Yu Kuai Date: Mon Aug 26 15:44:31 2024 +0800 md/md-bitmap: merge bitmap_write_all() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Also change the parameter from bitmap to mddev, to avoid access bitmap outside md-bitmap.c as much as possible. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-22-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit ea076ceb35d66d29fc0a50c15a4b0248c5122d2c Author: Yu Kuai Date: Mon Aug 26 15:44:30 2024 +0800 md/md-bitmap: remove md_bitmap_setallbits() md_bitmap_setallbits() is not used, hence can be removed. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-21-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 696936838bc18a761ed778910975d51cf2c35e3a Author: Yu Kuai Date: Mon Aug 26 15:44:29 2024 +0800 md/md-bitmap: merge md_bitmap_status() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-20-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit fe59b34676b4ec6b48a7b436d3422fc9317e047a Author: Yu Kuai Date: Mon Aug 26 15:44:28 2024 +0800 md/md-bitmap: merge md_bitmap_update_sb() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-19-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit a0240e3ec753d3caf29edbaf6cf5685c7b447a2a Author: Yu Kuai Date: Mon Aug 26 15:44:27 2024 +0800 md/md-bitmap: make md_bitmap_print_sb() internal md_bitmap_print_sb() is only used inside md-bitmap.c, hence make it static, also rename it to bitmap_print_sb. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-18-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit ca925302e841ff0a0598b283f87c472d92b389f3 Author: Yu Kuai Date: Mon Aug 26 15:44:26 2024 +0800 md/md-bitmap: merge md_bitmap_flush() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-17-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit a2bd70319290d80127dc4257b8c17df3f027c15d Author: Yu Kuai Date: Mon Aug 26 15:44:25 2024 +0800 md/md-bitmap: merge md_bitmap_destroy() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-16-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit e1e490805958617327be14eaf0ed31d71adc2c54 Author: Yu Kuai Date: Mon Aug 26 15:44:24 2024 +0800 md/md-bitmap: merge md_bitmap_load() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-15-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 04c80e649512f2c24f99052440cc808163eff40c Author: Yu Kuai Date: Mon Aug 26 15:44:23 2024 +0800 md/md-bitmap: merge md_bitmap_create() into bitmap_operations So that the implementation won't be exposed, and it'll be possible to invent a new bitmap by replacing bitmap_operations. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-14-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 7545d385ec7e4c0d5e86e7cde4fe3fb8f4555fb9 Author: Yu Kuai Date: Mon Aug 26 15:44:22 2024 +0800 md/md-bitmap: simplify md_bitmap_create() + md_bitmap_load() Other than internal api get_bitmap_from_slot(), all other places will set returned bitmap to mddev->bitmap. So move the setting of mddev->bitmap into md_bitmap_create() to simplify code. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-13-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 7add9db6ba3e9bd12d2be97abbc13f3881a515db Author: Yu Kuai Date: Mon Aug 26 15:44:21 2024 +0800 md/md-bitmap: introduce struct bitmap_operations The structure is empty for now, and will be used in later patches to merge in bitmap operations, so that bitmap implementation won't be exposed. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-12-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 27832ad3f7f0f5080d472fa8621ff92166ca9fac Author: Yu Kuai Date: Mon Aug 26 15:44:20 2024 +0800 md/md-bitmap: add a new helper md_bitmap_set_pages() Currently md-cluster will set bitmap->counts.pages directly, add a helper to do this to avoid dereferencing bitmap directly. Noted that after this patch bitmap is not dereferenced directly anymore and following patches will move the structure inside md-bitmap.c. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-11-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 9e4481ce0e55b4ef9795845d8b6770e3f6f4b24d Author: Yu Kuai Date: Mon Aug 26 15:44:19 2024 +0800 md/md-cluster: use helper md_bitmap_get_stats() to get pages in resize_bitmaps() Use the existed helper instead of open coding it, avoid dereferencing bitmap directly to prepare inventing a new bitmap. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-10-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit a0e7744a460ba5ca91f8d6fc4a696ee345b5baa9 Author: Yu Kuai Date: Mon Aug 26 15:44:18 2024 +0800 md/md-bitmap: add 'behind_writes' and 'behind_wait' into struct md_bitmap_stats There are no functional changes, avoid dereferencing bitmap directly to prepare inventing a new bitmap. Also fix following checkpatch warning by using wq_has_sleeper(). WARNING: waitqueue_active without comment Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-9-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 10bc2ac10597ebc0b25afbc72fa4284565548e36 Author: Yu Kuai Date: Mon Aug 26 15:44:17 2024 +0800 md/md-bitmap: add 'file_pages' into struct md_bitmap_stats There are no functional changes, avoid dereferencing bitmap directly to prepare inventing a new bitmap. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-8-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit ec6bb299c7c3dd4ca1724d13d5f5fae3ee54fc65 Author: Yu Kuai Date: Mon Aug 26 15:44:16 2024 +0800 md/md-bitmap: add 'sync_size' into struct md_bitmap_stats To avoid dereferencing bitmap directly in md-cluster to prepare inventing a new bitmap. BTW, also fix following checkpatch warnings: WARNING: Deprecated use of 'kmap_atomic', prefer 'kmap_local_page' instead WARNING: Deprecated use of 'kunmap_atomic', prefer 'kunmap_local' instead Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-7-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 82697ccf7e495c1ba81e315c2886d6220ff84c2c Author: Yu Kuai Date: Mon Aug 26 15:44:15 2024 +0800 md/md-cluster: fix spares warnings for __le64 drivers/md/md-cluster.c:1220:22: warning: incorrect type in assignment (different base types) drivers/md/md-cluster.c:1220:22: expected unsigned long my_sync_size drivers/md/md-cluster.c:1220:22: got restricted __le64 [usertype] sync_size drivers/md/md-cluster.c:1252:35: warning: incorrect type in assignment (different base types) drivers/md/md-cluster.c:1252:35: expected unsigned long sync_size drivers/md/md-cluster.c:1252:35: got restricted __le64 [usertype] sync_size drivers/md/md-cluster.c:1253:41: warning: restricted __le64 degrades to integer Fix the warnings by using le64_to_cpu() to convet __le64 to integer. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-6-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit d004442f46ccae9ea90fdda7a2b0516f1d42b88e Author: Yu Kuai Date: Mon Aug 26 15:44:14 2024 +0800 md/md-bitmap: add 'events_cleared' into struct md_bitmap_stats Also add a new helper to get events_cleared to avoid dereferencing bitmap directly to prepare inventing a new bitmap. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-5-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 968153812215d68c27c0c9d90da6ec2f6d17a606 Author: Yu Kuai Date: Mon Aug 26 15:44:13 2024 +0800 md: use new helper md_bitmap_get_stats() in update_array_info() There are no functional changes, avoid dereferencing bitmap directly to prepare inventing a new bitmap. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-4-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 38f287d7e495ae00d4481702f44ff7ca79f5c9bc Author: Yu Kuai Date: Mon Aug 26 15:44:12 2024 +0800 md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() There are no functional changes, and the new helper will be used in multiple places in following patches to avoid dereferencing bitmap directly. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-3-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 2db4fa1b7e1897908d5cd11b1e22233ff0c6ba49 Author: Yu Kuai Date: Mon Aug 26 15:44:11 2024 +0800 md/raid1: use md_bitmap_wait_behind_writes() in raid1_read_request() Use the existed helper instead of open coding it to make the code cleaner. There are no functional changes, and also avoid dereferencing bitmap directly to prepare inventing a new bitmap. Noted that this patch also export md_bitmap_wait_behind_writes(), which is necessary for now, and the exported api will be removed in following patches to convert bitmap apis into ops. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240826074452.1490072-2-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 2d389a759d02fa30bd686c797ad620b1da9d1320 Author: Yu Kuai Date: Thu Aug 1 21:30:08 2024 +0800 md/raid1: Clean up local variable 'b' from raid1_read_request() The local variable will only be used onced, in the error path that read_balance() failed to find a valid rdev to read. Since now the rdev is ensured can't be removed from conf while IO is still pending, remove the local variable and dereference rdev directly. Since we're here, also remove an extra empty line, and unnecessary type conversion from sector_t(u64) to unsigned long long. Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240801133008.459998-1-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit 86ad4cda79e0dade87d4bb0d32e1fe541d4a63e8 Author: Yu Kuai Date: Thu Aug 1 20:47:46 2024 +0800 md: Don't flush sync_work in md_write_start() Because flush sync_work may trigger mddev_suspend() if there are spares, and this should never be done in IO path because mddev_suspend() is used to wait for IO. This problem is found by code review. Fixes: bc08041b32ab ("md: suspend array in md_start_sync() if array need reconfiguration") Cc: stable@vger.kernel.org Signed-off-by: Yu Kuai Link: https://lore.kernel.org/r/20240801124746.242558-1-yukuai1@huaweicloud.com Signed-off-by: Song Liu commit ba7e053ec89f61be9d27bfb244de52849b5138aa Author: Artur Weber Date: Fri Aug 16 10:19:09 2024 +0200 power: supply: max77693: Expose input current limit and CC current properties There are two charger current limit registers: - Fast charge current limit (which controls current going from the charger to the battery); - CHGIN input current limit (which controls current going into the charger through the cable). Add the necessary functions to retrieve the CHGIN input limit (from CHARGER regulator) and maximum fast charge current values, and expose them as power supply properties. Tested-by: Henrik Grimler Signed-off-by: Artur Weber Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-max77693-charger-extcon-v4-3-050a0a9bfea0@gmail.com Signed-off-by: Sebastian Reichel commit 3a3acf839b2cedf092bdd1ff65b0e9895df1656b Author: Artur Weber Date: Sat Aug 17 12:51:14 2024 +0200 power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense Commit 223a3b82834f ("power: supply: max17042_battery: use VFSOC for capacity when no rsns") made it so that capacity on systems without current sensing would be read from VFSOC instead of RepSOC. However, the SOC threshold calculation still read RepSOC to get the SOC regardless of the current sensing option state. Fix this by applying the same conditional to determine which register should be read. This also seems to be the intended behavior as per the datasheet - SOC alert config value in MiscCFG on setups without current sensing is set to a value of 0b11, indicating SOC alerts being generated based on VFSOC, instead of 0b00 which indicates SOC alerts being generated based on RepSOC. This fixes an issue on the Galaxy S3/Midas boards, where the alert interrupt would be constantly retriggered, causing high CPU usage on idle (around ~12%-15%). Fixes: e5f3872d2044 ("max17042: Add support for signalling change in SOC") Signed-off-by: Artur Weber Reviewed-by: Henrik Grimler Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240817-max17042-soc-threshold-fix-v1-1-72b45899c3cc@gmail.com Signed-off-by: Sebastian Reichel commit d64ff0d2306713ff084d4b09f84ed1a8c75ecc32 Author: Edward Adam Davis Date: Sat Aug 24 09:25:23 2024 +0800 jfs: check if leafidx greater than num leaves per dmap tree syzbot report a out of bounds in dbSplit, it because dmt_leafidx greater than num leaves per dmap tree, add a checking for dmt_leafidx in dbFindLeaf. Shaggy: Modified sanity check to apply to control pages as well as leaf pages. Reported-and-tested-by: syzbot+dca05492eff41f604890@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=dca05492eff41f604890 Signed-off-by: Edward Adam Davis Signed-off-by: Dave Kleikamp commit d6c1b3599b2feb5c7291f5ac3a36e5fa7cedb234 Author: Edward Adam Davis Date: Sat Aug 24 10:50:48 2024 +0800 jfs: Fix uaf in dbFreeBits [syzbot reported] ================================================================== BUG: KASAN: slab-use-after-free in __mutex_lock_common kernel/locking/mutex.c:587 [inline] BUG: KASAN: slab-use-after-free in __mutex_lock+0xfe/0xd70 kernel/locking/mutex.c:752 Read of size 8 at addr ffff8880229254b0 by task syz-executor357/5216 CPU: 0 UID: 0 PID: 5216 Comm: syz-executor357 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 Call Trace: __dump_stack lib/dump_stack.c:93 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119 print_address_description mm/kasan/report.c:377 [inline] print_report+0x169/0x550 mm/kasan/report.c:488 kasan_report+0x143/0x180 mm/kasan/report.c:601 __mutex_lock_common kernel/locking/mutex.c:587 [inline] __mutex_lock+0xfe/0xd70 kernel/locking/mutex.c:752 dbFreeBits+0x7ea/0xd90 fs/jfs/jfs_dmap.c:2390 dbFreeDmap fs/jfs/jfs_dmap.c:2089 [inline] dbFree+0x35b/0x680 fs/jfs/jfs_dmap.c:409 dbDiscardAG+0x8a9/0xa20 fs/jfs/jfs_dmap.c:1650 jfs_ioc_trim+0x433/0x670 fs/jfs/jfs_discard.c:100 jfs_ioctl+0x2d0/0x3e0 fs/jfs/ioctl.c:131 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 Freed by task 5218: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3f/0x80 mm/kasan/common.c:68 kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579 poison_slab_object+0xe0/0x150 mm/kasan/common.c:240 __kasan_slab_free+0x37/0x60 mm/kasan/common.c:256 kasan_slab_free include/linux/kasan.h:184 [inline] slab_free_hook mm/slub.c:2252 [inline] slab_free mm/slub.c:4473 [inline] kfree+0x149/0x360 mm/slub.c:4594 dbUnmount+0x11d/0x190 fs/jfs/jfs_dmap.c:278 jfs_mount_rw+0x4ac/0x6a0 fs/jfs/jfs_mount.c:247 jfs_remount+0x3d1/0x6b0 fs/jfs/super.c:454 reconfigure_super+0x445/0x880 fs/super.c:1083 vfs_cmd_reconfigure fs/fsopen.c:263 [inline] vfs_fsconfig_locked fs/fsopen.c:292 [inline] __do_sys_fsconfig fs/fsopen.c:473 [inline] __se_sys_fsconfig+0xb6e/0xf80 fs/fsopen.c:345 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f [Analysis] There are two paths (dbUnmount and jfs_ioc_trim) that generate race condition when accessing bmap, which leads to the occurrence of uaf. Use the lock s_umount to synchronize them, in order to avoid uaf caused by race condition. Reported-and-tested-by: syzbot+3c010e21296f33a5dc16@syzkaller.appspotmail.com Signed-off-by: Edward Adam Davis Signed-off-by: Dave Kleikamp commit c1f9eff7b270861005c7ec8146b6ad398c40940b Author: Thomas Weißschuh Date: Sun Aug 4 18:29:37 2024 +0200 HID: winwing: constify read-only structs These structs are never modified, so mark them as const. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240804-hid-const-winwing-v1-1-5a6c714753b1@weissschuh.net Signed-off-by: Benjamin Tissoires commit dc123a1a80933b7fba1cf53cec77c2425268ff85 Author: Chris Morgan Date: Wed Aug 21 16:54:48 2024 -0500 dt-bindings: power: supply: axp20x-battery: Add monitored-battery Document the monitored-battery property, which the existing driver can use to set certain properties. Acked-by: Krzysztof Kozlowski Signed-off-by: Chris Morgan Link: https://lore.kernel.org/r/20240821215456.962564-8-macroalpha82@gmail.com Signed-off-by: Sebastian Reichel commit 6934da720aac7b0feb99d08ff27fd245a962d8d2 Author: Chris Morgan Date: Wed Aug 21 16:54:47 2024 -0500 power: supply: axp20x_usb_power: add input-current-limit-microamp Allow users to specify a maximum input current for the device. Some devices allow up to 3.25A of input current (such as the AXP717), which may be too much for some implementations. Signed-off-by: Chris Morgan Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240821215456.962564-7-macroalpha82@gmail.com Signed-off-by: Sebastian Reichel commit 6f5cdb7ec8836bb5e5ab221c2f49e2b170d5a978 Author: Chris Morgan Date: Wed Aug 21 16:54:46 2024 -0500 dt-bindings: power: supply: axp20x: Add input-current-limit-microamp Allow specifying a hard limit of the maximum input current. Some PMICs such as the AXP717 can pull up to 3.25A, so allow a value to be specified that clamps this in the event the hardware is not designed for it. Signed-off-by: Chris Morgan Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240821215456.962564-6-macroalpha82@gmail.com Signed-off-by: Sebastian Reichel commit ae640fc690353f6181740b50a0d6761bc67ebaa9 Author: Chris Morgan Date: Wed Aug 21 16:54:45 2024 -0500 power: supply: axp20x_usb_power: Make VBUS and IIO config per device Make reading of the vbus value and configuring of the iio channels device specific, to allow additional devices (such as the AXP717) to be supported by this driver. Signed-off-by: Chris Morgan Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240821215456.962564-5-macroalpha82@gmail.com Signed-off-by: Sebastian Reichel commit db97fecb55cee4eed2f8dcdc17c4831719cbfe4d Author: Chris Morgan Date: Wed Aug 21 16:54:44 2024 -0500 power: supply: axp20x_battery: Make iio and battery config per device Move the configuration of battery specific information and available iio channels from the probe function to a device specific routine, allowing us to use this driver for devices with slightly different configurations (such as the AXP717). Signed-off-by: Chris Morgan Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240821215456.962564-4-macroalpha82@gmail.com Signed-off-by: Sebastian Reichel commit 61978807b00f8a1817b0e5580981af1cd2f428a5 Author: Chris Morgan Date: Wed Aug 21 16:54:43 2024 -0500 power: supply: axp20x_battery: Remove design from min and max voltage The POWER_SUPPLY_PROP_VOLTAGE_MIN_DESIGN and POWER_SUPPLY_PROP_VOLTAGE_MAX_DESIGN values should be immutable properties of the battery, but for this driver they are writable values and used as the minimum and maximum values for charging. Remove the DESIGN designation from these values. Fixes: 46c202b5f25f ("power: supply: add battery driver for AXP20X and AXP22X PMICs") Suggested-by: Chen-Yu Tsai Signed-off-by: Chris Morgan Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240821215456.962564-3-macroalpha82@gmail.com Signed-off-by: Sebastian Reichel commit 387e4975ecd3107fdf8819f6089fdee83bb7102a Author: Liao Chen Date: Tue Aug 27 12:34:11 2024 +0000 Input: mt6779-keypad - fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Link: https://lore.kernel.org/r/20240827123411.431388-1-liaochen4@huawei.com Signed-off-by: Dmitry Torokhov commit 752a59298ea9c695ec966fc5ba7173897a1ef361 Author: Yang Ruibin <11162571@vivo.com> Date: Tue Aug 27 10:27:40 2024 +0800 pktcdvd: remove unnecessary debugfs_create_dir() error check Remove the debugfs_create_dir() error check. It's safe to pass in error pointers to the debugfs API, hence the user isn't supposed to include error checking of the return values. Signed-off-by: Yang Ruibin <11162571@vivo.com> Link: https://lore.kernel.org/r/20240827022741.3410294-1-11162571@vivo.com Signed-off-by: Jens Axboe commit ebb75a3c5265ceeebd2b0708d013735e5eafbb69 Author: Johannes Kirchmair Date: Tue Aug 27 07:44:54 2024 +0200 hwmon: (pwmfan) Do not force disable pwm controller The pwm1_enable attribute of the pwmfan driver influences the mode of operation, especially in case of a requested pwm1 duty cycle of zero. Especially setting pwm1_enable to two, should keep the pwm controller enabled even if the duty cycle is set to zero [1]. This is not the case at the moment, as the pwm controller is disabled always if pwm1 is set to zero. This commit tries to fix this behavior. [1] https://docs.kernel.org/hwmon/pwm-fan.html Signed-off-by: Johannes Kirchmair Message-ID: <20240827054454.521494-1-mailinglist1@johanneskirchmair.de> Signed-off-by: Guenter Roeck commit ac9cca7a6a17c6d8bd849be669005fac0420d4b5 Author: Shen Lichuan Date: Tue Aug 27 15:04:42 2024 +0800 hwmon: (pc87360) Use min() macro Use the min() macro to simplify the pc87360_init_device() function and improve its readability. Signed-off-by: Shen Lichuan Message-ID: <20240827070442.40667-1-shenlichuan@vivo.com> Signed-off-by: Guenter Roeck commit 758b62e562f2fdffd26a84dbeafbe6888a7e130c Author: Inochi Amaoto Date: Sat Aug 17 10:22:57 2024 +0800 hwmon: Add sophgo SG2042 external hardware monitor support SG2042 use an external MCU to provide basic hardware information and thermal sensors. Add driver support for the onboard MCU of SG2042. Signed-off-by: Inochi Amaoto Message-ID: Signed-off-by: Guenter Roeck commit 87798d9f700b9a9b4afd4193b4874b7d9c36ee1f Author: Inochi Amaoto Date: Sat Aug 17 10:22:56 2024 +0800 dt-bindings: hwmon: Add Sophgo SG2042 external hardware monitor support Due to the design, Sophgo SG2042 use an external MCU to provide hardware information, thermal information and reset control. Add bindings for this monitor device. Signed-off-by: Inochi Amaoto Reviewed-by: Conor Dooley Tested-by: Chen Wang Reviewed-by: Chen Wang Message-ID: Signed-off-by: Guenter Roeck commit d5b07232868b69414d1e540e7b96a60fbcab3409 Author: Jinjie Ruan Date: Thu Aug 22 14:29:56 2024 +0800 hwmon: (tmp464): Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Message-ID: <20240822062956.3490387-9-ruanjinjie@huawei.com> Signed-off-by: Guenter Roeck commit a6e0a54aa7ad58c6b6ff0d4194b985e15fe1c1b2 Author: Jinjie Ruan Date: Thu Aug 22 14:29:55 2024 +0800 hwmon: (tmp421): Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Message-ID: <20240822062956.3490387-8-ruanjinjie@huawei.com> Signed-off-by: Guenter Roeck commit 1b79bcace44b1f4aea798db589cb6052e902dc66 Author: Jinjie Ruan Date: Thu Aug 22 14:29:54 2024 +0800 hwmon: (npcm750-pwm-fan): Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Message-ID: <20240822062956.3490387-7-ruanjinjie@huawei.com> Signed-off-by: Guenter Roeck commit 1d20db6b544a54ff5c8e8ff3237905cb47dc38c6 Author: Jinjie Ruan Date: Thu Aug 22 14:29:53 2024 +0800 hwmon: (nct7802): Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Message-ID: <20240822062956.3490387-6-ruanjinjie@huawei.com> Signed-off-by: Guenter Roeck commit bf0b61f0aa99933f29b0424854f18de9435ed5a0 Author: Jinjie Ruan Date: Thu Aug 22 14:29:52 2024 +0800 hwmon: (lm90): Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Message-ID: <20240822062956.3490387-5-ruanjinjie@huawei.com> Signed-off-by: Guenter Roeck commit 3fd38c6434ce54e09d8c3fbd2daf67b9672a65d6 Author: Jinjie Ruan Date: Thu Aug 22 14:29:51 2024 +0800 hwmon: (ina3221): Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Message-ID: <20240822062956.3490387-4-ruanjinjie@huawei.com> Signed-off-by: Guenter Roeck commit d5733a9387c894a277e0d3d4111e968b917a7375 Author: Jinjie Ruan Date: Thu Aug 22 14:29:50 2024 +0800 hwmon: (aspeed-pwm-tacho): Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Reviewed-by: Andrew Jeffery Message-ID: <20240822062956.3490387-3-ruanjinjie@huawei.com> Signed-off-by: Guenter Roeck commit 24b070d7d8d84f6af7de6057fdf0d80079c7e929 Author: Jinjie Ruan Date: Thu Aug 22 14:29:49 2024 +0800 hwmon: (aspeed-g6-pwm-tacho): Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Reviewed-by: Andrew Jeffery Message-ID: <20240822062956.3490387-2-ruanjinjie@huawei.com> Signed-off-by: Guenter Roeck commit 4599510091a1d6d4759f1302dff32b24481eec15 Author: Mario Limonciello Date: Tue Aug 20 00:35:57 2024 -0500 hwmon: (k10temp): Use cpu_feature_enabled() for detecting zen This removes some boilerplate from the code and will allow adding future CPUs by just device IDs. Signed-off-by: Mario Limonciello Message-ID: <20240820053558.1052853-1-superm1@kernel.org> Signed-off-by: Guenter Roeck commit 0050c167016b599c9a3fe79a8f021898a6211d83 Author: Chanh Nguyen Date: Thu Aug 22 08:48:08 2024 +0000 dt-bindings: hwmon: Add maxim max31790 Add device tree bindings and an example for max31790 device. Signed-off-by: Chanh Nguyen Reviewed-by: Krzysztof Kozlowski Message-ID: <20240822084808.299884-1-chanh@os.amperecomputing.com> Signed-off-by: Guenter Roeck commit b82b38a49926b7d8e17d79db7959586313a99582 Author: Derek J. Clark Date: Thu Aug 22 11:35:25 2024 -0700 hwmon: (oxp-sensors) Add support for multiple new devices. Add support for the OrangePi NEO-01. It uses different registers for PWM manual mode, set PWM, and read fan speed than previous devices. Valid PWM input and duty cycle is 1-244, we scale this from 1-255 to maintain compatibility with the existing interface. Add OneXPlayer 2 series, OneXFly, and X1 series models. The 2/X1 series use new registers for turbo button takeover and read fan speed. X1 has an Intel variant so change the CPU detection at init to only check for the affected devices. While at it, adjust formatting of some constants and reorder all cases alphabetically for consistency. Rename OXP_OLD constants to OXP_MINI for disambiguation. Update code comments for clarity. Add support for AYANEO models 2S, AIR 1S, Flip series, GEEK 1S, and KUN. Signed-off-by: Derek J. Clark Tested-by: Kevin Greenberg Tested-by: Joshua Tam Tested-by: Parth Menon Tested-by: Philip Müller Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408160329.TLNbIwRC-lkp@intel.com/ Message-ID: <20240822183525.27289-2-derekjohn.clark@gmail.com> Signed-off-by: Guenter Roeck commit 0830d3bbdabc4fb6ee0318142c2e81398e4815d9 Author: Rob Herring (Arm) Date: Mon Aug 26 14:18:11 2024 -0500 hwmon: (stts751) Add "st" vendor prefix to "stts751" compatible string The documented compatible string is "st,stts751", not "stts751". Even if "stts751" was in use, there's no need to list "stts751" in the DT match table. The I2C core will strip any vendor prefix and match against the i2c_device_id table which has an "stts751" entry. Signed-off-by: Rob Herring (Arm) Message-ID: <20240826191811.1416011-1-robh@kernel.org> Signed-off-by: Guenter Roeck commit b6964d66a07a9003868e428a956949e17ab44d7e Author: Yuntao Liu Date: Thu Aug 15 08:30:21 2024 +0000 hwmon: (ntc_thermistor) fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Fixes: 9e8269de100d ("hwmon: (ntc_thermistor) Add DT with IIO support to NTC thermistor driver") Signed-off-by: Yuntao Liu Message-ID: <20240815083021.756134-1-liuyuntao12@huawei.com> Signed-off-by: Guenter Roeck commit 720c741c22d18b03eb017683f001a645a23a2e65 Author: Yue Haibing Date: Fri Aug 16 17:57:40 2024 +0800 hwmon: (sch5627) Remove unused declaration sch56xx_watchdog_unregister() Commit 2be5f0d75325 ("hwmon: (sch56xx) Use devres functions for watchdog") removed the implementation but leave declaration. Signed-off-by: Yue Haibing Message-ID: <20240816095740.877729-1-yuehaibing@huawei.com> Signed-off-by: Guenter Roeck commit fa8df3cbd3c0a1b62b4127d779fbf51eb17e22f1 Author: Liao Chen Date: Wed Aug 14 02:45:55 2024 +0000 hwmon: (gsc-hwmon) fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Message-ID: <20240814024555.3875387-1-liaochen4@huawei.com> Signed-off-by: Guenter Roeck commit 63be321e5a096746b396fc43c7d25135a61617c9 Author: Maximilian Luz Date: Sun Aug 11 02:14:41 2024 +0200 hwmon: Add thermal sensor driver for Surface Aggregator Module Some of the newer Microsoft Surface devices (such as the Surface Book 3 and Pro 9) have thermal sensors connected via the Surface Aggregator Module (the embedded controller on those devices). Add a basic driver to read out the temperature values of those sensors. The EC can have up to 16 thermal sensors connected via a single sub-device, each providing temperature readings and a label string. Link: https://github.com/linux-surface/surface-aggregator-module/issues/59 Reviewed-by: Hans de Goede Co-developed-by: Ivor Wanders Signed-off-by: Ivor Wanders Signed-off-by: Maximilian Luz Message-ID: <20240811001503.753728-1-luzmaximilian@gmail.com> Signed-off-by: Guenter Roeck commit 1f432e4cf1dd3ecfec5ed80051b4611632a0fd51 Author: Denis Pauk Date: Mon Aug 12 18:26:38 2024 +0300 hwmon: (nct6775) add G15CF to ASUS WMI monitoring list Boards G15CF has got a nct6775 chip, but by default there's no use of it because of resource conflict with WMI method. Add the board to the WMI monitoring list. Link: https://bugzilla.kernel.org/show_bug.cgi?id=204807 Signed-off-by: Denis Pauk Tested-by: Attila Message-ID: <20240812152652.1303-1-pauk.denis@gmail.com> Signed-off-by: Guenter Roeck commit f775f6d17035408be4a4b30c55d812fb7e6aab57 Author: Javier Carrasco Date: Tue Aug 13 00:59:53 2024 +0200 hwmon: (chipcap2) Drop cc2_disable() in the probe and return dev_err_probe() There is no need to actively disable a regulator that has not been enabled by the driver, which makes the call to cc2_disable() in the probe function meaningless, because the probe function never enables the device's dedicated regulator. Once the call to cc2_disable() is dropped, the error paths can directly return dev_err_probe() in all cases. Signed-off-by: Javier Carrasco Message-ID: <20240813-chipcap2-probe-improvements-v2-1-e9a2932a8a00@gmail.com> Signed-off-by: Guenter Roeck commit 05aa8cbeabc07b07ff7f035e9b848aa008b831ee Author: Guenter Roeck Date: Sun Jul 28 15:52:25 2024 -0700 hwmon: (lm92) Update documentation Update datasheet references. Replace misleading 'force parameter needed' with 'must be instantiated explicitly'. Explain the reason for the missing auto-detection. Mention all supported chips in Kconfig. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit c21eced1157d8b78745332b2585e47eb459d6a40 Author: Guenter Roeck Date: Tue Jul 16 21:46:43 2024 -0700 hwmon: (lm92) Convert to with_info hwmon API Convert driver to with_info hwmon API to simplify the code and to reduce its size. No functional change. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 1359590a5c48d1d28cd11808178931f146a539e2 Author: Guenter Roeck Date: Tue Jul 16 17:54:25 2024 -0700 hwmon: (lm92) Convert to use regmap Use regmap for local caching and for multi-byte operations to be able to use regmap API functions and to reduce the need for locking in the driver. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit fcb49571b4d7a993190d4dc40331ac5c7350d2dd Author: Guenter Roeck Date: Tue Jul 16 21:48:07 2024 -0700 hwmon: (lm92) Replace chip IDs with limit register resolution The chip IDs are not used by the driver. Drop them. Use driver data to store the limit register resolution instead, and use this information when writing temperature limits to improve chip specific rounding and to avoid writing into unused register bits. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 82efdeff3ce722c74af7e95b7c8c060e272c4dd0 Author: Guenter Roeck Date: Tue Jul 16 20:57:19 2024 -0700 hwmon: (lm92) Reorder include files to alphabetic order Simplify driver maintenance by reordering files to alphabetic order. No functional change. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 3a3dbff8a71ae7c8c6fbf900864ab79fd001bd29 Author: Guenter Roeck Date: Wed Jul 17 12:13:12 2024 -0700 hwmon: (lm92) Improve auto-detection accuracy Checking three configuration register bits and the manufacturer ID register to auto-detect LM92 is a bit vague. Repeat twice on replicated register addresses to improve detection accuracy. Check the manufacturer ID first and bail out immediately without reading the other register if there is a mismatch to reduce the number of i2c transfers needed in that case. Also explicitly test for an error from reading the configuration register to avoid potential situations where the returned error masked against 0xe0 is 0. While at it, drop "lm92: Found National Semiconductor LM92 chip" detection noise. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 85f72ffe0f302c0837dc9dad5ba75dfcd5b35acd Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:51 2024 -0600 hwmon: (vexpress) Use of_property_present() Use of_property_present() to test for property presence rather than of_get_property(). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Reviewed-by: Sudeep Holla Link: https://lore.kernel.org/r/20240731191312.1710417-13-robh@kernel.org Signed-off-by: Guenter Roeck commit 03ded4d432a1fb7bb6c44c5856d14115f6f6c3b9 Author: Daniele Ceraolo Spurio Date: Tue Aug 20 14:59:52 2024 -0700 drm/i915: Do not attempt to load the GSC multiple times If the GSC FW fails to load the GSC HW hangs permanently; the only ways to recover it are FLR or D3cold entry, with the former only being supported on driver unload and the latter only on DGFX, for which we don't need to load the GSC. Therefore, if GSC fails to load there is no need to try again because the HW is stuck in the error state and the submission to load the FW would just hang the GSCCS. Note that, due to wa_14015076503, on MTL the GuC escalates all GSCCS hangs to full GT resets, which would trigger a new attempt to load the GSC FW in the post-reset HW re-init; this issue is also fixed by not attempting to load the GSC FW after an error. Fixes: 15bd4a67e914 ("drm/i915/gsc: GSC firmware loading") Signed-off-by: Daniele Ceraolo Spurio Cc: Daniele Ceraolo Spurio Cc: Alan Previn Cc: John Harrison Cc: Rodrigo Vivi Cc: # v6.3+ Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240820215952.2290807-1-daniele.ceraolospurio@intel.com commit 3beb2fb68184fda063cdd3cdd3bbe52c5cae56bb Author: Yan Zhen Date: Thu Aug 22 10:27:04 2024 +0800 mm, slab: use kmem_cache_free() to free from kmem_buckets_cache In kmem_buckets_create(), the kmem_buckets object is allocated by kmem_cache_alloc() from kmem_buckets_cache, but in the failure case, it's freed by kfree(). This is not wrong, but using kmem_cache_free() is the more common pattern, so use it. Signed-off-by: Yan Zhen Reviewed-by: Christoph Lameter Signed-off-by: Vlastimil Babka commit e6de161b5ab4315405f4001736c25a070def61c7 Author: Thomas Weißschuh Date: Sat Aug 3 14:34:23 2024 +0200 HID: cmedia: constify fixed up report descriptor The HID core now allows static report descriptors to be read-only, make use of it. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240803-hid-const-fixup-v2-7-f53d7a7b29d8@weissschuh.net Signed-off-by: Benjamin Tissoires commit fe73965d078670406acee0218f118c0870d6a58b Author: Thomas Weißschuh Date: Sat Aug 3 14:34:22 2024 +0200 HID: change return type of report_fixup() to const By allowing the drivers to return a "const *" they can constify their static report arrays. This makes it clear to driver authors that the HID core will not modify those reports and they can be reused for multiple devices. Furthermore security is slightly improved as those reports are protected against accidental or malicious modifications. [bentiss: fixup hid-cougar.c and hid-multitouch.c for latest version of the master branch] Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240803-hid-const-fixup-v2-6-f53d7a7b29d8@weissschuh.net Signed-off-by: Benjamin Tissoires commit b93679b8f165467e1584f9b23055db83f45c32ce Author: Jon Hunter Date: Fri Jul 12 14:20:20 2024 +0100 arm64: tegra: Correct location of power-sensors for IGX Orin The power-sensors are located on the carrier board and not the module board and so update the IGX Orin device-tree files to fix this. Fixes: 9152ed09309d ("arm64: tegra: Add power-sensors for Tegra234 boards") Signed-off-by: Jon Hunter Signed-off-by: Thierry Reding commit 92331cc63ce378546368c8a58c4d8cbb044d1f70 Author: Vedant Deshpande Date: Thu Jul 11 17:11:01 2024 +0000 arm64: tegra: enable same UARTs for Orin NX/Nano This patch ensures that Orin NX and Orin Nano enable an identical set of serial ports. UARTA/UARTE will be enabled by adding respective nodes to the board dtsi file. Signed-off-by: Vedant Deshpande Reviewed-by: Jon Hunter Signed-off-by: Thierry Reding commit 7ac0be7a4cd708dd5139e68597c816fa4ce22a88 Author: Vedant Deshpande Date: Thu Jul 11 17:11:00 2024 +0000 arm64: tegra: Add DMA properties for Tegra234 UARTA Adding the missing dmas and dma-names properties which are required for UARTA when using with the Tegra HSUART driver. Signed-off-by: Vedant Deshpande Reviewed-by: Jon Hunter Signed-off-by: Thierry Reding commit 3593630c89d7d3963c42262694f8aa8b4727a0ad Author: Thomas Weißschuh Date: Sat Aug 3 14:34:21 2024 +0200 HID: constify hid_device::dev_rdesc Once a report descriptor has been created by the HID core it is not supposed to be modified anymore. Enforce this invariant through the type system. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240803-hid-const-fixup-v2-5-f53d7a7b29d8@weissschuh.net Signed-off-by: Benjamin Tissoires commit 80cfb508f3fe4c7c6a567fc4aa863c9a38709cd5 Author: Thomas Weißschuh Date: Sat Aug 3 14:34:20 2024 +0200 HID: constify params and return value of fetch_item() fetch_item() does not modify the descriptor it operates on. As a prerequisite for the constification of hid_driver::dev_rdesc, mark the parameters and return value of fetch_item() as const. Also adapt the variable types in the callers to match this constification. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240803-hid-const-fixup-v2-4-f53d7a7b29d8@weissschuh.net Signed-off-by: Benjamin Tissoires commit 24ddd0d7de7aaf50f537fd727f31616cb5a65a9e Author: Thomas Weißschuh Date: Sat Aug 3 14:34:19 2024 +0200 HID: constify hid_device::rdesc Once a report descriptor has been created by the HID core it is not supposed to be modified anymore. Enforce this invariant through the type system. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240803-hid-const-fixup-v2-3-f53d7a7b29d8@weissschuh.net Signed-off-by: Benjamin Tissoires commit 6737769ca0b6bfc82df53db5fd69068902d608db Author: Thomas Weißschuh Date: Sat Aug 3 14:34:18 2024 +0200 HID: constify parameter rdesc of hid_parse_report() The parameter is never modified, so mark it as const. This is a prerequisite for constification changes in the HID core. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240803-hid-const-fixup-v2-2-f53d7a7b29d8@weissschuh.net Signed-off-by: Benjamin Tissoires commit a707f85d47cad3978bef8fe90c7a79e3998e9d36 Author: Thomas Weißschuh Date: Sat Aug 3 14:34:17 2024 +0200 HID: bpf: constify parameter rdesc of call_hid_bpf_rdesc_fixup() The parameter is never modified, so mark it as const. Also inline the return statement to avoid a type mismatch error. This is a prerequisite for constification changes in the HID core. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240803-hid-const-fixup-v2-1-f53d7a7b29d8@weissschuh.net Signed-off-by: Benjamin Tissoires commit 76889bbaabf5cab981a74ed69cb3816921edc5d4 Merge: 79ea4a496ab5c9 b2f44814680b56 Author: Jason Gunthorpe Date: Tue Aug 27 11:13:56 2024 -0300 Merge branch 'nesting_reserved_regions' into iommufd.git for-next Nicolin Chen says: ========= IOMMU_RESV_SW_MSI is a unique region defined by an IOMMU driver. Though it is eventually used by a device for address translation to an MSI location (including nested cases), practically it is a universal region across all domains allocated for the IOMMU that defines it. Currently IOMMUFD core fetches and reserves the region during an attach to an hwpt_paging. It works with a hwpt_paging-only case, but might not work with a nested case where a device could directly attach to a hwpt_nested, bypassing the hwpt_paging attachment. Move the enforcement forward, to the hwpt_paging allocation function. Then clean up all the SW_MSI related things in the attach/replace routine. ========= Based on v6.11-rc5 for dependencies. * nesting_reserved_regions: (562 commits) iommufd/device: Enforce reserved IOVA also when attached to hwpt_nested Linux 6.11-rc5 ... commit b2f44814680b569be98e58111bd582fd3a689d4d Author: Nicolin Chen Date: Tue Aug 6 17:34:46 2024 -0700 iommufd/device: Enforce reserved IOVA also when attached to hwpt_nested Currently, device reserved regions are only enforced when the device is attached to an hwpt_paging. In other words, if the device gets attached to an hwpt_nested directly, the parent hwpt_paging of the hwpt_nested's would not enforce those reserved IOVAs. This works for most of reserved region types, but not for IOMMU_RESV_SW_MSI, which is a unique software defined window, required by a nesting case too to setup an MSI doorbell on the parent stage-2 hwpt/domain. Kevin pointed out in 1 that: 1) there is no usage using up closely the entire IOVA space yet, 2) guest may change the viommu mode to switch between nested and paging then VMM has to take all devices' reserved regions into consideration anyway, when composing the GPA space. So it would be actually convenient for us to also enforce reserved IOVA onto the parent hwpt_paging, when attaching a device to an hwpt_nested. Repurpose the existing attach/replace_paging helpers to attach device's reserved IOVAs exclusively. Add a new find_hwpt_paging helper, which is only used by these reserved IOVA functions, to allow an IOMMUFD_OBJ_HWPT_NESTED hwpt to redirect to its parent hwpt_paging. Return a NULL in these two helpers for any new HWPT type in the future. Link: https://patch.msgid.link/r/20240807003446.3740368-1-nicolinc@nvidia.com Link: https://lore.kernel.org/all/BN9PR11MB5276497781C96415272E6FED8CB12@BN9PR11MB5276.namprd11.prod.outlook.com/ #1 Suggested-by: Kevin Tian Signed-off-by: Nicolin Chen Reviewed-by: Kevin Tian Signed-off-by: Jason Gunthorpe commit 8812b8689ee652ee7f7e958473a9de56d7c184b6 Author: Krzysztof Kozlowski Date: Fri Aug 16 15:57:22 2024 +0200 firmware: tegra: bpmp: Use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Signed-off-by: Thierry Reding commit 9c3a62c20f7fb00294a4237e287254456ba8a48b Author: Krzysztof Kozlowski Date: Fri Aug 16 15:57:21 2024 +0200 firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() mbox_client_to_bpmp() is not used, W=1 builds: drivers/firmware/tegra/bpmp.c:28:1: error: unused function 'mbox_client_to_bpmp' [-Werror,-Wunused-function] Fixes: cdfa358b248e ("firmware: tegra: Refactor BPMP driver") Cc: stable@vger.kernel.org Signed-off-by: Krzysztof Kozlowski Signed-off-by: Thierry Reding commit 5122e380c23b3e08d79293569f6c067118f1fc1a Author: Sunil V L Date: Mon Aug 12 06:29:28 2024 +0530 irqchip/riscv-aplic: Add ACPI support Add ACPI support in APLIC drivers. Use the mapping created early during boot to get the details about the APLIC. Signed-off-by: Sunil V L Reviewed-by: Anup Patel Tested-by: Björn Töpel Acked-by: Thomas Gleixner Link: https://patch.msgid.link/20240812005929.113499-17-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit fbe826b1c10699a70b81a441fe47b817d1019f37 Author: Sunil V L Date: Mon Aug 12 06:29:27 2024 +0530 irqchip/riscv-imsic: Add ACPI support RISC-V IMSIC interrupt controller provides IPI and MSI support. Currently, DT based drivers setup the IPI feature early during boot but defer setting up the MSI functionality. However, in ACPI systems, PCI subsystem is probed early and assume MSI controller is already setup. Hence, both IPI and MSI features need to be initialized early itself. Signed-off-by: Sunil V L Reviewed-by: Anup Patel Tested-by: Björn Töpel Acked-by: Thomas Gleixner Link: https://patch.msgid.link/20240812005929.113499-16-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit aa143df8fd754e80aa801f7805b50bd496ddb2aa Author: Sunil V L Date: Mon Aug 12 06:29:26 2024 +0530 irqchip/riscv-imsic-state: Create separate function for DT While populating IMSIC global structure, many fields are initialized using DT properties. Make the code which uses DT properties as separate function so that it is easier to add ACPI support later. No functionality added/changed. Suggested-by: Thomas Gleixner Signed-off-by: Sunil V L Reviewed-by: Anup Patel Tested-by: Björn Töpel Acked-by: Thomas Gleixner Link: https://patch.msgid.link/20240812005929.113499-15-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit f8619b66bdb19e6de82b68bb34bcd3a14bf50fa4 Author: Sunil V L Date: Mon Aug 12 06:29:25 2024 +0530 irqchip/riscv-intc: Add ACPI support for AIA The RINTC subtype structure in MADT also has information about other interrupt controllers. Save this information and provide interfaces to retrieve them when required by corresponding drivers. Signed-off-by: Sunil V L Reviewed-by: Anup Patel Tested-by: Björn Töpel Acked-by: Thomas Gleixner Link: https://patch.msgid.link/20240812005929.113499-14-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit 1b173cc4bfcdcf4a49927952ba3a445c5b293723 Author: Sunil V L Date: Mon Aug 12 06:29:24 2024 +0530 ACPI: RISC-V: Implement function to add implicit dependencies RISC-V interrupt controllers for wired interrupts are platform devices and hence their driver will be probed late. Also, APLIC which is one such interrupt controller can not be probed early since it needs MSI services. This needs a probing order between the interrupt controller driver and the device drivers. _DEP is typically used to indicate such dependencies. However, the dependency may be already available like GSI mapping. Hence, instead of an explicit _DEP, architecture can find the implicit dependencies and add to the dependency list. For RISC-V, add the dependencies for below use cases. 1) For devices which has IRQ resource, find out the interrupt controller using GSI number map and add the dependency. 2) For PCI host bridges: a) If _PRT indicate PCI link devices, add dependency on the link device. b) If _PRT indicates GSI, find out the interrupt controller using GSI number map and add the dependency. Signed-off-by: Sunil V L Tested-by: Björn Töpel Link: https://patch.msgid.link/20240812005929.113499-13-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit e77b8dc02a1ca227e84c61e6af085d350e3b3611 Author: Sunil V L Date: Mon Aug 12 06:29:23 2024 +0530 ACPI: RISC-V: Initialize GSI mapping structures RISC-V has PLIC and APLIC in MADT as well as namespace devices. Initialize the list of those structures using MADT and namespace devices to create mapping between the ACPI handle and the GSI ranges. This will be used later to add dependencies. Signed-off-by: Sunil V L Tested-by: Björn Töpel Link: https://patch.msgid.link/20240812005929.113499-12-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit f8bba143dae10f824e2b4522f31d6e78781b8667 Author: Sunil V L Date: Mon Aug 12 06:29:22 2024 +0530 ACPI: RISC-V: Implement function to reorder irqchip probe entries On RISC-V platforms, the RINTC structures should be probed before any other interrupt controller structures and IMSIC before APLIC. This order is established by using MADT sub table types which are ordered in the incremental order from the RINTC. So, add the architecture function for RISC-V to reorder the interrupt controller probing as per the hierarchy like below. ACPI_MADT_TYPE_RINTC = 24, ACPI_MADT_TYPE_IMSIC = 25, ACPI_MADT_TYPE_APLIC = 26, ACPI_MADT_TYPE_PLIC = 27 This means processing all RINTC structures (in the order of appearance in MADT), followed by IMSIC strucutre and then all APLIC/PLIC structures. Signed-off-by: Sunil V L Tested-by: Björn Töpel Link: https://patch.msgid.link/20240812005929.113499-11-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit 01415e78cf724c3080846471f4b2accfe79ace81 Author: Sunil V L Date: Mon Aug 12 06:29:21 2024 +0530 ACPI: RISC-V: Implement PCI related functionality Replace the dummy implementation for PCI related functions with actual implementation. This needs ECAM and MCFG CONFIG options to be enabled for RISC-V. Signed-off-by: Sunil V L Tested-by: Björn Töpel Link: https://patch.msgid.link/20240812005929.113499-10-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit 2cb9155d116c4d9dd7610139a876d123b75924ef Author: Sunil V L Date: Mon Aug 12 06:29:20 2024 +0530 ACPI: pci_link: Clear the dependencies after probe RISC-V platforms need to use dependencies between PCI host bridge, Link devices and the interrupt controllers to ensure probe order. The dependency is like below. Interrupt controller <-- Link Device <-- PCI Host bridge. If there is no dependency between Link device and PCI Host Bridge, then PCI devices may be probed prior to Link devices. If a PCI device is probed before its Link device, we won't be able to find its INTx mapping. So, add the link device's HID to dependency honor list and clear the dependency after probe is done so that the dependent devices are unblocked to probe. Signed-off-by: Sunil V L Tested-by: Björn Töpel Link: https://patch.msgid.link/20240812005929.113499-9-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit 21734d29f84ad610dbafdca5f4c1bf7ecceeb2fb Author: Sunil V L Date: Mon Aug 12 06:29:19 2024 +0530 ACPI: bus: Add RINTC IRQ model for RISC-V Add the IRQ model for RISC-V INTC so that acpi_set_irq_model can use this for RISC-V. Signed-off-by: Sunil V L Tested-by: Björn Töpel Link: https://patch.msgid.link/20240812005929.113499-8-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit 8cf252737b418c311d1016b0a7956407a235bb8d Author: Sunil V L Date: Mon Aug 12 06:29:18 2024 +0530 ACPI: scan: Define weak function to populate dependencies Some architectures like RISC-V need to add dependencies without explicit _DEP. Define a weak function which can be implemented by the architecture. Signed-off-by: Sunil V L Tested-by: Björn Töpel Link: https://patch.msgid.link/20240812005929.113499-7-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit 15f210f43e95ffaf87858c6d75339afeebbf8f5c Author: Sunil V L Date: Mon Aug 12 06:29:17 2024 +0530 ACPI: scan: Add RISC-V interrupt controllers to honor list RISC-V PLIC and APLIC will have dependency from devices using GSI. So, add these devices to the honor list. Signed-off-by: Sunil V L Tested-by: Björn Töpel Link: https://patch.msgid.link/20240812005929.113499-6-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit 76d749c58f4c6dd333cb8ea515373f7c8df96e78 Author: Sunil V L Date: Mon Aug 12 06:29:16 2024 +0530 ACPI: scan: Refactor dependency creation Some architectures like RISC-V will use implicit dependencies like GSI map to create dependencies between interrupt controller and devices. To support doing that, the function which creates the dependency, is refactored bit and made public so that dependency can be added from outside of scan.c as well. Signed-off-by: Sunil V L Tested-by: Björn Töpel Link: https://patch.msgid.link/20240812005929.113499-5-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit f7d7ccf92f2b9398781f791b4af1a74a9f65b5c3 Author: Sunil V L Date: Mon Aug 12 06:29:15 2024 +0530 ACPI: bus: Add acpi_riscv_init() function Add a new function for RISC-V to do architecture specific initialization similar to acpi_arm_init(). Some of the ACPI tables are architecture specific and there is no reason trying to find them on other architectures. So, add acpi_riscv_init() similar to acpi_arm_init(). Signed-off-by: Sunil V L Tested-by: Björn Töpel Link: https://patch.msgid.link/20240812005929.113499-4-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit a9b8f337ea4eb66e4980f90bb73e8786e56cacfd Author: Sunil V L Date: Mon Aug 12 06:29:14 2024 +0530 ACPI: scan: Add a weak arch_sort_irqchip_probe() to order the IRQCHIP probe Unlike OF framework, the irqchip probe using IRQCHIP_ACPI_DECLARE has no order defined. Depending on the Makefile is not a good idea. So, usually it is worked around by mandating only root interrupt controller probed using IRQCHIP_ACPI_DECLARE and other interrupt controllers are probed via cascade mechanism. However, this is also not a clean solution because if there are multiple root controllers (ex: RINTC in RISC-V which is per CPU) which need to be probed first, then the cascade will happen for every root controller. So, introduce an architecture specific weak function arch_sort_irqchip_probe() to order the probing of the interrupt controllers which can be implemented by different architectures as per their interrupt controller hierarchy. Signed-off-by: Sunil V L Tested-by: Björn Töpel Link: https://patch.msgid.link/20240812005929.113499-3-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit 789befdfa3892957d36d20e6e90be05486e316c5 Author: Sunil V L Date: Mon Aug 12 06:29:13 2024 +0530 arm64: PCI: Migrate ACPI related functions to pci-acpi.c The functions defined in arm64 for ACPI support are required for RISC-V also. To avoid duplication, move these functions to common location. Signed-off-by: Sunil V L Acked-by: Bjorn Helgaas Acked-by: Will Deacon Tested-by: Björn Töpel Link: https://patch.msgid.link/20240812005929.113499-2-sunilvl@ventanamicro.com Signed-off-by: Rafael J. Wysocki commit c3eddf5e8c30adb6f43fc0b149e88b9feb76f381 Author: Yang Ruibin <11162571@vivo.com> Date: Tue Aug 27 20:08:16 2024 +0800 HSI: omap-ssi: Remove unnecessary debugfs_create_dir() error check Remove the debugfs_create_dir() error check. It's safe to pass in error pointers to the debugfs API, hence the user isn't supposed to include error checking of the return values. Signed-off-by: Yang Ruibin <11162571@vivo.com> Link: https://lore.kernel.org/r/20240827120816.3910198-1-11162571@vivo.com Signed-off-by: Sebastian Reichel commit 10a104c0debbb19a1e45193d5670510216e339ff Author: Selvin Xavier Date: Sun Aug 18 21:47:27 2024 -0700 RDMA/bnxt_re: Enable variable size WQEs for user space applications Add backward compatibility code to enable variable size WQEs only if the user lib supports it. Link: https://patch.msgid.link/r/1724042847-1481-6-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Hongguang Gao Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit d8ea645d6984c84a87032063a0941f15a323831f Author: Selvin Xavier Date: Sun Aug 18 21:47:26 2024 -0700 RDMA/bnxt_re: Handle variable WQE support for user applications User library calculates the number of slots required for user applications and it can pass that information to the driver. Driver can use this value and update the HW directly. This mechanism is currently used only for the newly introduced variable size WQEs. Extend the bnxt_re_qp_req structure to pass the Send Queue slot count. Reorganize the code to get the sq_slots before initializing the Send Queue attributes. Link: https://patch.msgid.link/r/1724042847-1481-5-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Hongguang Gao Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit b930d0bac9c671c053dd66229010ca9298e84aab Author: Selvin Xavier Date: Sun Aug 18 21:47:25 2024 -0700 RDMA/bnxt_re: Fix the table size for PSN/MSN entries HW MSN table size is always a power of 2. So the pages should be mapped accordingly. Use the power of two calculation while get the number of PSN/MSN entries. Fixes: 6f6bfbc595fb ("RDMA/bnxt_re: Expose the MSN table capability for user library") Link: https://patch.msgid.link/r/1724042847-1481-4-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit 51edebb73497f5dc1da357947d6ac985f0158a1b Author: Selvin Xavier Date: Sun Aug 18 21:47:24 2024 -0700 RDMA/bnxt_re: Get the WQE index from slot index while completing the WQEs While reporting the completions, SQ Work Queue index is required to identify the WQE that generated the completions. In variable WQE mode, FW returns the slot index for Error completions. Driver need to walk through the shadow queue between the consumer index and producer index and matches the slot index returned by FW. If a match is found, the next index of the shadow queue is the WQE index to be considered for remaining poll_cq loop. Link: https://patch.msgid.link/r/1724042847-1481-3-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Hongguang Gao Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit de1d364c3815f9360a0945097ca2731950e914fa Author: Selvin Xavier Date: Sun Aug 18 21:47:23 2024 -0700 RDMA/bnxt_re: Add support for Variable WQE in Genp7 adapters Variable size WQE means that each send Work Queue Entry to HW can use different WQE sizes as opposed to the static WQE size on the current devices. Set variable WQE mode for Gen P7 devices. Depth of the Queue will be a multiple of slot which is 16 bytes. The number of slots should be a multiple of 256 as per the HW requirement. Initialize the Software shadow queue to hold requests equal to the number of slots. Also, do not expose the variable size WQE capability until the last patch in the series. Link: https://patch.msgid.link/r/1724042847-1481-2-git-send-email-selvin.xavier@broadcom.com Signed-off-by: Hongguang Gao Signed-off-by: Selvin Xavier Signed-off-by: Jason Gunthorpe commit 684fbd42d323c9c4a69a905451ea270678e36d1e Author: Huang Xiaojia Date: Mon Aug 26 23:12:50 2024 +0800 arm64: Constify struct kobj_type 'struct kobj_type' is not modified. It is only used in kobject_init() which takes a 'const struct kobj_type *ktype' parameter. Constifying this structure moves some data to a read-only section, so increase over all security. On a x86_64, compiled with arm defconfig: Before: ====== text data bss dec hex filename 5602 548 352 6502 1966 arch/arm64/kernel/cpuinfo.o After: ====== text data bss dec hex filename 5650 500 352 6502 1966 arch/arm64/kernel/cpuinfo.o Signed-off-by: Huang Xiaojia Link: https://lore.kernel.org/r/20240826151250.3500302-1-huangxiaojia2@huawei.com Signed-off-by: Will Deacon commit e9252c37684c16e0bbee0e459b300b22b62818a5 Merge: 5be63fc19fcaa4 880799fc7a3a12 Author: Rafael J. Wysocki Date: Tue Aug 27 14:47:07 2024 +0200 Merge tag 'irq-urgent-2024-08-25' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/tip/tip Merge fixes for interrupt chip drivers from tip to avoid a merge conflict going forward: "A set of fixes for interrupt chip drivers: - Unbreak the PLIC driver for Allwinner D1 systems The recent conversion of the PLIC driver to a platform driver broke Allwinnder D1 systems due to the deferred probing of platform drivers. Due to that the only timer available on D1 systems cannot get an interrupt, which causes the system to hang at boot. Other RISCV platforms are not affected because they provide the architected SBI timer which uses the built in core interrupt controller. Cure this by probing PLIC early on D1 systems - Cure a regression in ARM/GIC-V3 on 32-bit ARM systems caused by the recent addition of a initialization function, which accesses system registers before they are enabled. On 64-bit ARM they are enabled prior to that by sheer luck. Ensure they are enabled. - Cure a use before check problem in the MSI library. The existing NULL pointer check is too late. - Cure a lock order inversion in the ARM/GIC-V4 driver - Fix a IS_ERR() vs. NULL pointer check issue in the RISCV APLIC driver - Plug a reference count leak in the ARM/GIC-V2 driver" * tag 'irq-urgent-2024-08-25' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/tip/tip: irqchip/irq-msi-lib: Check for NULL ops in msi_lib_irq_domain_select() irqchip/gic-v3: Init SRE before poking sysregs irqchip/gic-v2m: Fix refcount leak in gicv2m_of_init() irqchip/riscv-aplic: Fix an IS_ERR() vs NULL bug in probe() irqchip/gic-v4: Fix ordering between vmapp and vpe locks irqchip/sifive-plic: Probe plic driver early for Allwinner D1 platform commit 79ea4a496ab5c970a3a793d863ed8893b1af107c Author: Jason Gunthorpe Date: Thu Aug 22 11:47:09 2024 -0300 iommufd/selftest: Fix buffer read overrrun in the dirty test test_bit() is used to read the memory storing the bitmap, however test_bit() always uses a unsigned long 8 byte access. If the bitmap is not an aligned size of 64 bits this will now trigger a KASAN warning reading past the end of the buffer. Properly round the buffer allocation to an unsigned long size. Continue to copy_from_user() using a byte granularity. Fixes: 9560393b830b ("iommufd/selftest: Fix iommufd_test_dirty() to handle Reviewed-by: Kevin Tian Signed-off-by: Jason Gunthorpe commit 248f6b935bbd8f7bc211cce2b6fd76be4c449848 Merge: 8400291e289ee6 25fb329a23c78d Author: Shuah Khan Date: Tue Aug 27 06:43:34 2024 -0600 Merge tag 'nolibc-20240824-for-6.12-1' of https://git.kernel.org/pub/scm/linux/kernel/git/nolibc/linux-nolibc into nolibc nolibc changes for 6.12 Highlights ---------- * Clang support (including LTO) Other Changes ------------- * stdbool.h support * argc/argv/envp arguments for constructors * Small #include ordering fix commit 3e9e67e129434fdeae905a5b60648d10126c4a8d Author: Peter Collingbourne Date: Fri Aug 23 18:54:13 2024 -0700 arm64: Implement prctl(PR_{G,S}ET_TSC) On arm64, this prctl controls access to CNTVCT_EL0, CNTVCTSS_EL0 and CNTFRQ_EL0 via CNTKCTL_EL1.EL0VCTEN. Since this bit is also used to implement various erratum workarounds, check whether the CPU needs a workaround whenever we potentially need to change it. This is needed for a correct implementation of non-instrumenting record-replay debugging on arm64 (i.e. rr; https://rr-project.org/). rr must trap and record any sources of non-determinism from the userspace program's perspective so it can be replayed later. This includes the results of syscalls as well as the results of access to architected timers exposed directly to the program. This prctl was originally added for x86 by commit 8fb402bccf20 ("generic, x86: add prctl commands PR_GET_TSC and PR_SET_TSC"), and rr uses it to trap RDTSC on x86 for the same reason. We also considered exposing this as a PTRACE_EVENT. However, prctl seems like a better choice for these reasons: 1) In general an in-process control seems more useful than an out-of-process control, since anything that you would be able to do with ptrace could also be done with prctl (tracer can inject a call to the prctl and handle signal-delivery-stops), and it avoids needing an additional process (which will complicate debugging of the ptraced process since it cannot have more than one tracer, and will be incompatible with ptrace_scope=3) in cases where that is not otherwise necessary. 2) Consistency with x86_64. Note that on x86_64, RDTSC has been there since the start, so it's the same situation as on arm64. Signed-off-by: Peter Collingbourne Link: https://linux-review.googlesource.com/id/I233a1867d1ccebe2933a347552e7eae862344421 Link: https://lore.kernel.org/r/20240824015415.488474-1-pcc@google.com Signed-off-by: Will Deacon commit 2d42d3ba443706c9164fa0bef4e5fd1c36bc1bd9 Author: Konrad Dybcio Date: Sat Aug 24 01:12:01 2024 +0200 iommu/arm-smmu-qcom: Work around SDM845 Adreno SMMU w/ 16K pages SDM845's Adreno SMMU is unique in that it actually advertizes support for 16K (and 32M) pages, which doesn't hold for newer SoCs. This however, seems either broken in the hardware implementation, the hypervisor middleware that abstracts the SMMU, or there's a bug in the Linux kernel somewhere down the line that nobody managed to track down. Booting SDM845 with 16K page sizes and drm/msm results in: *** gpu fault: ttbr0=0000000000000000 iova=000100000000c000 dir=READ type=TRANSLATION source=CP (0,0,0,0) right after loading the firmware. The GPU then starts spitting out illegal intstruction errors, as it's quite obvious that it got a bogus pointer. Moreover, it seems like this issue also concerns other implementations of SMMUv2 on Qualcomm SoCs, such as the one on SC7180. Hide 16K support on such instances to work around this. Reported-by: Sumit Semwal Signed-off-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240824-topic-845_gpu_smmu-v2-1-a302b8acc052@quicinc.com Signed-off-by: Will Deacon commit e55ef65510a401862b902dc979441ea10ae25c61 Merge: 4461e9e5c374f8 3376f922bfe070 Author: Simona Vetter Date: Tue Aug 27 14:33:12 2024 +0200 Merge tag 'amd-drm-next-6.12-2024-08-26' of https://gitlab.freedesktop.org/agd5f/linux into drm-next amd-drm-next-6.12-2024-08-26: amdgpu: - SDMA devcoredump support - DCN 4.0.1 updates - DC SUBVP fixes - Refactor OPP in DC - Refactor MMHUBBUB in DC - DC DML 2.1 updates - DC FAMS2 updates - RAS updates - GFX12 updates - VCN 4.0.3 updates - JPEG 4.0.3 updates - Enable wave kill (soft recovery) for compute queues - Clean up CP error interrupt handling - Enable CP bad opcode interrupts - VCN 4.x fixes - VCN 5.x fixes - GPU reset fixes - Fix vbios embedded EDID size handling - SMU 14.x updates - Misc code cleanups and spelling fixes - VCN devcoredump support - ISP MFD i2c support - DC vblank fixes - GFX 12 fixes - PSR fixes - Convert vbios embedded EDID to drm_edid - DCN 3.5 updates - DMCUB updates - Cursor fixes - Overdrive support for SMU 14.x - GFX CP padding optimizations - DCC fixes - DSC fixes - Preliminary per queue reset infrastructure - Initial per queue reset support for GFX 9 - Initial per queue reset support for GFX 7, 8 - DCN 3.2 fixes - DP MST fixes - SR-IOV fixes - GFX 9.4.3/4 devcoredump support - Add process isolation framework - Enable process isolation support for GFX 9.4.3/4 - Take IOMMU remapping into account for P2P DMA checks amdkfd: - CRIU fixes - Improved input validation for user queues - HMM fix - Enable process isolation support for GFX 9.4.3/4 - Initial per queue reset support for GFX 9 - Allow users to target recommended SDMA engines radeon: - remove .load and drm_dev_alloc - Fix vbios embedded EDID size handling - Convert vbios embedded EDID to drm_edid - Use GEM references instead of TTM - r100 cp init cleanup - Fix potential overflows in evergreen CS offset tracking UAPI: - KFD support for targetting queues on recommended SDMA engines Proposed userspace: https://github.com/ROCm/ROCR-Runtime/commit/2f588a24065f41c208c3701945e20be746d8faf7 https://github.com/ROCm/ROCR-Runtime/commit/eb30a5bbc7719c6ffcf2d2dd2878bc53a47b3f30 drm/buddy: - Add start address support for trim function From: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20240826201528.55307-1-alexander.deucher@amd.com commit b8c8ba73c68bb3c3e9dad22f488b86c540c839f9 Author: Jann Horn Date: Fri Aug 9 17:36:56 2024 +0200 slub: Introduce CONFIG_SLUB_RCU_DEBUG Currently, KASAN is unable to catch use-after-free in SLAB_TYPESAFE_BY_RCU slabs because use-after-free is allowed within the RCU grace period by design. Add a SLUB debugging feature which RCU-delays every individual kmem_cache_free() before either actually freeing the object or handing it off to KASAN, and change KASAN to poison freed objects as normal when this option is enabled. For now I've configured Kconfig.debug to default-enable this feature in the KASAN GENERIC and SW_TAGS modes; I'm not enabling it by default in HW_TAGS mode because I'm not sure if it might have unwanted performance degradation effects there. Note that this is mostly useful with KASAN in the quarantine-based GENERIC mode; SLAB_TYPESAFE_BY_RCU slabs are basically always also slabs with a ->ctor, and KASAN's assign_tag() currently has to assign fixed tags for those, reducing the effectiveness of SW_TAGS/HW_TAGS mode. (A possible future extension of this work would be to also let SLUB call the ->ctor() on every allocation instead of only when the slab page is allocated; then tag-based modes would be able to assign new tags on every reallocation.) Tested-by: syzbot+263726e59eab6b442723@syzkaller.appspotmail.com Reviewed-by: Andrey Konovalov Acked-by: Marco Elver Acked-by: Vlastimil Babka #slab Signed-off-by: Jann Horn Signed-off-by: Vlastimil Babka commit b3c34245756adada8a50bdaedbb3965b071c7b0a Author: Jann Horn Date: Fri Aug 9 17:36:55 2024 +0200 kasan: catch invalid free before SLUB reinitializes the object Currently, when KASAN is combined with init-on-free behavior, the initialization happens before KASAN's "invalid free" checks. More importantly, a subsequent commit will want to RCU-delay the actual SLUB freeing of an object, and we'd like KASAN to still validate synchronously that freeing the object is permitted. (Otherwise this change will make the existing testcase kmem_cache_invalid_free fail.) So add a new KASAN hook that allows KASAN to pre-validate a kmem_cache_free() operation before SLUB actually starts modifying the object or its metadata. Inside KASAN, this: - moves checks from poison_slab_object() into check_slab_allocation() - moves kasan_arch_is_ready() up into callers of poison_slab_object() - removes "ip" argument of poison_slab_object() and __kasan_slab_free() (since those functions no longer do any reporting) Acked-by: Vlastimil Babka #slub Reviewed-by: Andrey Konovalov Signed-off-by: Jann Horn Signed-off-by: Vlastimil Babka commit 4e1c44b3db79ba910adec32e2e1b920a0e34890a Author: Vlastimil Babka Date: Wed Aug 7 12:31:20 2024 +0200 kunit, slub: add test_kfree_rcu() and test_leak_destroy() Add a test that will create cache, allocate one object, kfree_rcu() it and attempt to destroy it. As long as the usage of kvfree_rcu_barrier() in kmem_cache_destroy() works correctly, there should be no warnings in dmesg and the test should pass. Additionally add a test_leak_destroy() test that leaks an object on purpose and verifies that kmem_cache_destroy() catches it. Signed-off-by: Vlastimil Babka commit 6c6c47b063b593785202be158e61fe5c827d6677 Author: Vlastimil Babka Date: Wed Aug 7 12:31:19 2024 +0200 mm, slab: call kvfree_rcu_barrier() from kmem_cache_destroy() We would like to replace call_rcu() users with kfree_rcu() where the existing callback is just a kmem_cache_free(). However this causes issues when the cache can be destroyed (such as due to module unload). Currently such modules should be issuing rcu_barrier() before kmem_cache_destroy() to have their call_rcu() callbacks processed first. This barrier is however not sufficient for kfree_rcu() in flight due to the batching introduced by a35d16905efc ("rcu: Add basic support for kfree_rcu() batching"). This is not a problem for kmalloc caches which are never destroyed, but since removing SLOB, kfree_rcu() is allowed also for any other cache, that might be destroyed. In order not to complicate the API, put the responsibility for handling outstanding kfree_rcu() in kmem_cache_destroy() itself. Use the newly introduced kvfree_rcu_barrier() to wait before destroying the cache. This is similar to how we issue rcu_barrier() for SLAB_TYPESAFE_BY_RCU caches, but has to be done earlier, as the latter only needs to wait for the empty slab pages to finish freeing, and not objects from the slab. Users of call_rcu() with arbitrary callbacks should still issue rcu_barrier() before destroying the cache and unloading the module, as kvfree_rcu_barrier() is not a superset of rcu_barrier() and the callbacks may be invoking module code or performing other actions that are necessary for a successful unload. Signed-off-by: Vlastimil Babka commit 2b55d6a42d14c8675e38d6d9adca3014fdf01951 Author: Uladzislau Rezki (Sony) Date: Tue Aug 20 17:59:35 2024 +0200 rcu/kvfree: Add kvfree_rcu_barrier() API Add a kvfree_rcu_barrier() function. It waits until all in-flight pointers are freed over RCU machinery. It does not wait any GP completion and it is within its right to return immediately if there are no outstanding pointers. This function is useful when there is a need to guarantee that a memory is fully freed before destroying memory caches. For example, during unloading a kernel module. Signed-off-by: Uladzislau Rezki (Sony) Signed-off-by: Vlastimil Babka commit 2eb14c1c2717396f2fb1e4a4c5a1ec87cdd174f6 Author: Vlastimil Babka Date: Wed Aug 7 12:31:17 2024 +0200 mm, slab: reintroduce rcu_barrier() into kmem_cache_destroy() There used to be a rcu_barrier() for SLAB_TYPESAFE_BY_RCU caches in kmem_cache_destroy() until commit 657dc2f97220 ("slab: remove synchronous rcu_barrier() call in memcg cache release path") moved it to an asynchronous work that finishes the destroying of such caches. The motivation for that commit was the MEMCG_KMEM integration that at the time created and removed clones of the global slab caches together with their cgroups, and blocking cgroups removal was unwelcome. The implementation later changed to per-object memcg tracking using a single cache, so there should be no more need for a fast non-blocking kmem_cache_destroy(), which is typically only done when a module is unloaded etc. Going back to synchronous barrier has the following advantages: - simpler implementation - it's easier to test the result of kmem_cache_destroy() in a kunit test Thus effectively revert commit 657dc2f97220. It is not a 1:1 revert as the code has changed since. The main part is that kmem_cache_release(s) is always called from kmem_cache_destroy(), but for SLAB_TYPESAFE_BY_RCU caches there's a rcu_barrier() first. Suggested-by: Mateusz Guzik Reviewed-by: Jann Horn Signed-off-by: Vlastimil Babka commit f77d0cda4a8ebd070bfa1ef9a153c470ea3601ce Author: Vlastimil Babka Date: Wed Aug 7 12:31:16 2024 +0200 mm, slab: move kfence_shutdown_cache() outside slab_mutex kfence_shutdown_cache() is called under slab_mutex when the cache is destroyed synchronously, and outside slab_mutex during the delayed destruction of SLAB_TYPESAFE_BY_RCU caches. It seems it should always be safe to call it outside of slab_mutex so we can just move the call to kmem_cache_release(), which is called outside. Reviewed-by: Jann Horn Signed-off-by: Vlastimil Babka commit 4ec10268ed98a3d568a39861e7b7d0a0fa7cbe60 Author: Vlastimil Babka Date: Wed Aug 7 12:31:15 2024 +0200 mm, slab: unlink slabinfo, sysfs and debugfs immediately kmem_cache_destroy() includes removing the associated sysfs and debugfs directories, and the cache from the list of caches that appears in /proc/slabinfo. Currently this might not happen immediately when: - the cache is SLAB_TYPESAFE_BY_RCU and the cleanup is delayed, including the directores removal - __kmem_cache_shutdown() fails due to outstanding objects - the directories remain indefinitely When a cache is recreated with the same name, such as due to module unload followed by a load, the directories will fail to be recreated for the new instance of the cache due to the old directories being present. The cache will also appear twice in /proc/slabinfo. While we want to convert the SLAB_TYPESAFE_BY_RCU cleanup to be synchronous again, the second point remains. So let's fix this first and have the directories and slabinfo removed immediately in kmem_cache_destroy() and regardless of __kmem_cache_shutdown() success. This should not make debugging harder if __kmem_cache_shutdown() fails, because a detailed report of outstanding objects is printed into dmesg already due to the failure. Also simplify kmem_cache_release() sysfs handling by using __is_defined(SLAB_SUPPORTS_SYSFS). Note the resulting code in kmem_cache_destroy() is a bit ugly but will be further simplified - this is in order to make small bisectable steps. Reviewed-by: Jann Horn Signed-off-by: Vlastimil Babka commit b5959789e96e01b4b27a6d0354b475398d67aa6f Author: Vlastimil Babka Date: Wed Aug 7 12:31:14 2024 +0200 mm, slab: dissolve shutdown_cache() into its caller There's only one caller of shutdown_cache() so move the code into it. Preparatory patch for further changes, no functional change. Reviewed-by: Jann Horn Signed-off-by: Vlastimil Babka commit 4461e9e5c374f8c11fee8e4a0e3290b072cfd538 Merge: 3f53d7e442197b 5be63fc19fcaa4 Author: Simona Vetter Date: Tue Aug 27 14:09:45 2024 +0200 Merge v6.11-rc5 into drm-next amdgpu pr conconflicts due to patches cherry-picked to -fixes, I might as well catch up with a backmerge and handle them all. Plus both misc and intel maintainers asked for a backmerge anyway. Signed-off-by: Daniel Vetter commit e5700c9037727d5a69a677d6dba25010b485d65b Author: Laurent Pinchart Date: Mon Aug 26 02:24:49 2024 +0300 media: videobuf2: Drop minimum allocation requirement of 2 buffers When introducing the ability for drivers to indicate the minimum number of buffers they require an application to allocate, commit 6662edcd32cc ("media: videobuf2: Add min_reqbufs_allocation field to vb2_queue structure") also introduced a global minimum of 2 buffers. It turns out this breaks the Renesas R-Car VSP test suite, where a test that allocates a single buffer fails when two buffers are used. One may consider debatable whether test suite failures without failures in production use cases should be considered as a regression, but operation with a single buffer is a valid use case. While full frame rate can't be maintained, memory-to-memory devices can still be used with a decent efficiency, and requiring applications to allocate multiple buffers for single-shot use cases with capture devices would just waste memory. For those reasons, fix the regression by dropping the global minimum of buffers. Individual drivers can still set their own minimum. Fixes: 6662edcd32cc ("media: videobuf2: Add min_reqbufs_allocation field to vb2_queue structure") Cc: stable@vger.kernel.org Signed-off-by: Laurent Pinchart Reviewed-by: Hans Verkuil Acked-by: Tomasz Figa Link: https://lore.kernel.org/r/20240825232449.25905-1-laurent.pinchart+renesas@ideasonboard.com Signed-off-by: Laurent Pinchart commit 64b6d1d7a84538de34c22a6fc92a7dcc2b196b64 Author: Marc Zyngier Date: Mon Aug 26 09:06:18 2024 +0100 genirq: Get rid of global lock in irq_do_set_affinity() Kunkun Jiang reports that for a workload involving the simultaneous startup of a large number of VMs (for a total of about 200 vcpus), a lot of CPU time gets spent on spinning on the tmp_mask_lock that exists as a static raw spinlock in irq_do_set_affinity(). This lock protects a global cpumask (tmp_mask) that is used as a temporary variable to compute the resulting affinity. While this is triggered by KVM issuing a irq_set_affinity() call each time a vcpu is about to execute, it is obvious that having a single global resource is not very scalable. Since a cpumask can be a fairly large structure on systems with a high core count, a stack allocation is not really appropriate. Instead, turn the global cpumask into a per-CPU variable, removing the need for locking altogether as the code is executed with preemption and interrupts disabled. [ tglx: Moved the per CPU variable declaration outside of the function ] Reported-by: Kunkun Jiang Suggested-by: Thomas Gleixner Signed-off-by: Marc Zyngier Signed-off-by: Thomas Gleixner Tested-by: Kunkun Jiang Link: https://lore.kernel.org/all/20240826080618.3886694-1-maz@kernel.org Link: https://lore.kernel.org/all/a7fc58e4-64c2-77fc-c1dc-f5eb78dbbb01@huawei.com commit 3f53d7e442197b7e7d56b470b02dfd37a8bc5c46 Merge: f9ae00b1cfb37c 255fc1703e4232 Author: Simona Vetter Date: Tue Aug 27 12:55:16 2024 +0200 Merge tag 'drm-intel-gt-next-2024-08-23' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-next UAPI Changes: - Limit the number of relocations to INT_MAX (Tvrtko) Only impact should be synthetic tests. Driver Changes: - Fix for #11396: GPU Hang and rcs0 reset on Cherrytrail platform - Fix Virtual Memory mapping boundaries calculation (Andi) - Fix for #11255: Long hangs in buddy allocator with DG2/A380 without Resizable BAR since 6.9 (David) - Mark the GT as dead when mmio is unreliable (Chris, Andi) - Workaround additions / fixes for MTL, ARL and DG2 (John H, Nitin) - Enable partial memory mapping of GPU virtual memory (Andi, Chris) - Prevent NULL deref on intel_memory_regions_hw_probe (Jonathan, Dan) - Avoid UAF on intel_engines_release (Krzysztof) - Don't update PWR_CLK_STATE starting Gen12 (Umesh) - Code and dmesg cleanups (Andi, Jesus, Luca) Signed-off-by: Daniel Vetter From: Joonas Lahtinen Link: https://patchwork.freedesktop.org/patch/msgid/ZshcfSqgfnl8Mh4P@jlahtine-mobl.ger.corp.intel.com commit f9ae00b1cfb37ccf57017bf9cd82712ee0a5316b Merge: 11df68c265460d f60ef67ff21ede Author: Simona Vetter Date: Tue Aug 27 12:25:26 2024 +0200 Merge tag 'drm-misc-next-2024-08-22' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-next drm-misc-next for v6.12: Cross-subsystem Changes: string: - add mem_is_zero() Core Changes: edid: - use mem_is_zero() Driver Changes: ast: - reorganize output code by type (VGA, DP, etc) - convert to struct drm_edid - fix BMC handling for all outputs bridge: - anx7625: simplify OF array handling - dw-hdmi: simplify clock handling - lontium-lt8912b: fix mode validation - nwl-dsi: fix mode vsync/hsync polarity panel: - ili9341: fix comments - jd9365da: fix "exit sleep" commands - jdi-fhd-r63452: simplify error handling with DSI multi-style helpers - mantix-mlaf057we51: simplify error handling with DSI multi-style helpers - simple: support Innolux G070ACE-LH3 plus DT bindings; support On Tat Industrial Company KD50G21-40NT-A1 plus DT bindings - st7701: decouple DSI and DRM code; add SPI support; support Anbernic RG28XX plus DT bindings vc4: - fix PM during detect - replace DRM_ERROR() with drm_error() - v3d: simplify clock retrieval Signed-off-by: Daniel Vetter From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240822150710.GA243952@localhost.localdomain commit d7171eb494353e03f3cde1a6f665e19c243c98e8 Author: Yazen Ghannam Date: Thu Aug 22 19:24:22 2024 -0500 efi/cper: Print correctable AER information Currently, cper_print_pcie() only logs Uncorrectable Error Status, Mask and Severity registers along with the TLP header. If a correctable error is received immediately preceding or following an Uncorrectable Fatal Error, its information is lost since Correctable Error Status and Mask registers are not logged. As such, to avoid skipping any possible error information, Correctable Error Status and Mask registers should also be logged. Additionally, ensure that AER information is also available through cper_print_pcie() for Correctable and Uncorrectable Non-Fatal Errors. Signed-off-by: Yazen Ghannam Tested-by: Avadhut Naik Signed-off-by: Avadhut Naik Signed-off-by: Ard Biesheuvel commit 21b91d40575fb64f3f280f6c3af586e32a704a92 Author: Yue Haibing Date: Thu Aug 8 22:05:54 2024 +0800 efi: Remove unused declaration efi_initialize_iomem_resources() Since commit cf8e8658100d ("arch: Remove Itanium (IA-64) architecture"), this is not used anymore. Signed-off-by: Yue Haibing Signed-off-by: Ard Biesheuvel commit e764374f4b57a0e0c0221bc0188034ae9996808e Author: Krzysztof Kozlowski Date: Fri Jul 5 13:31:13 2024 +0200 power: supply: twl4030_charger: correct comparision with old current Driver reads existing current value from two 8-bit registers, but then compares only one of them with the new 16-bit value. clang W=1 is also not happy: twl4030_charger.c:243:16: error: variable 'cur_reg' set but not used [-Werror,-Wunused-but-set-variable] Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240705113113.42851-2-krzysztof.kozlowski@linaro.org Signed-off-by: Sebastian Reichel commit a9125e868f7ad80d527cf5c69e20fa0ada96bff9 Author: Krzysztof Kozlowski Date: Fri Jul 5 13:31:12 2024 +0200 power: supply: core: simplify with cleanup.h Allocate the memory with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240705113113.42851-1-krzysztof.kozlowski@linaro.org Signed-off-by: Sebastian Reichel commit 17656d2215c3978bbe2811a5e249cd07fe3de77f Author: Stanislav Jakubek Date: Thu Aug 15 12:01:36 2024 +0200 dt-bindings: power: supply: sc27xx-fg: add low voltage alarm IRQ The SC27XX fuel gauge supports a low voltage alarm IRQ, which is used for more accurate battery capacity measurements with lower voltages. This was unfortunately never documented in bindings, do so now. The only in-tree user (sc2731.dtsi) has had interrupts specified since its initial fuel-gauge submission and the current kernel driver returns an error when no interrupt is specified, so also add it to the required list. Signed-off-by: Stanislav Jakubek Acked-by: Conor Dooley Link: https://lore.kernel.org/r/Zr3SAHlq5A78QvrW@standask-GA-A55M-S2HP Signed-off-by: Sebastian Reichel commit 7b2e5b9f1d5ea84802ae5ff531ae1739acd97c54 Author: Jinjie Ruan Date: Mon Aug 19 12:08:31 2024 +0800 power: supply: max8998_charger: Fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from platform_device_id table. Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/r/20240819040831.2801543-1-ruanjinjie@huawei.com Signed-off-by: Sebastian Reichel commit f8fdda9e4f988c210b1e4519a28ddbf7d29b0038 Merge: d0cb324c478044 2da44703a54403 Author: Paolo Abeni Date: Tue Aug 27 11:37:45 2024 +0200 Merge branch 'tc-adjust-network-header-after-2nd-vlan-push' Boris Sukholitko says: ==================== tc: adjust network header after 2nd vlan push skb network header of the single-tagged vlan packet continues to point the vlan payload (e.g. IP) after second vlan tag is pushed by tc act_vlan. This causes problem at the dissector which expects double-tagged packet network header to point to the inner vlan. The fix is to adjust network header in tcf_act_vlan.c but requires refactoring of skb_vlan_push function. Consider the following shell script snippet configuring TC rules on the veth interface: ip link add veth0 type veth peer veth1 ip link set veth0 up ip link set veth1 up tc qdisc add dev veth0 clsact tc filter add dev veth0 ingress pref 10 chain 0 flower \ num_of_vlans 2 cvlan_ethtype 0x800 action goto chain 5 tc filter add dev veth0 ingress pref 20 chain 0 flower \ num_of_vlans 1 action vlan push id 100 \ protocol 0x8100 action goto chain 5 tc filter add dev veth0 ingress pref 30 chain 5 flower \ num_of_vlans 2 cvlan_ethtype 0x800 action simple sdata "success" Sending double-tagged vlan packet with the IP payload inside: cat <protocol; } else { vlan = __skb_header_pointer(skb, nhoff, sizeof(_vlan), data, hlen, &_vlan); if (!vlan) { fdret = FLOW_DISSECT_RET_OUT_BAD; break; } proto = vlan->h_vlan_encapsulated_proto; nhoff += sizeof(*vlan); } The "else" clause above gets the protocol of the encapsulated packet from the skb data at the network header location. printk debugging has showed that in the good double-tagged packet case proto is htons(0x800 == ETH_P_IP) as expected. However in the single-tagged packet case proto is garbage leading to the failure to match tc filter 30. proto is being set from the skb header pointed by nhoff parameter which is defined at the beginning of __skb_flow_dissect (net/core/flow_dissector.c:1055 in the current version): nhoff = skb_network_offset(skb); Therefore the culprit seems to be that the skb network offset is different between double-tagged packet received from the interface and single-tagged packet having its vlan tag pushed by TC. Lets look at the interesting points of the lifetime of the single/double tagged packets as they traverse our packet flow. Both of them will start at __netif_receive_skb_core where the first vlan tag will be stripped: if (eth_type_vlan(skb->protocol)) { skb = skb_vlan_untag(skb); if (unlikely(!skb)) goto out; } At this stage in double-tagged case skb->data points to the second vlan tag while in single-tagged case skb->data points to the network (eg. IP) header. Looking at TC vlan push action (net/sched/act_vlan.c) we have the following code at tcf_vlan_act (interesting points are in square brackets): if (skb_at_tc_ingress(skb)) [1] skb_push_rcsum(skb, skb->mac_len); .... case TCA_VLAN_ACT_PUSH: err = skb_vlan_push(skb, p->tcfv_push_proto, p->tcfv_push_vid | (p->tcfv_push_prio << VLAN_PRIO_SHIFT), 0); if (err) goto drop; break; .... out: if (skb_at_tc_ingress(skb)) [3] skb_pull_rcsum(skb, skb->mac_len); And skb_vlan_push (net/core/skbuff.c:6204) function does: err = __vlan_insert_tag(skb, skb->vlan_proto, skb_vlan_tag_get(skb)); if (err) return err; skb->protocol = skb->vlan_proto; [2] skb->mac_len += VLAN_HLEN; in the case of pushing the second tag. Lets look at what happens with skb->data of the single-tagged packet at each of the above points: 1. As a result of the skb_push_rcsum, skb->data is moved back to the start of the packet. 2. First VLAN tag is moved from the skb into packet buffer, skb->mac_len is incremented, skb->data still points to the start of the packet. 3. As a result of the skb_pull_rcsum, skb->data is moved forward by the modified skb->mac_len, thus pointing to the network header again. Then __skb_flow_dissect will get confused by having double-tagged vlan packet with the skb->data at the network header. The solution for the bug is to preserve "skb->data at second vlan header" semantics in the skb_vlan_push function. We do this by manipulating skb->network_header rather than skb->mac_len. skb_vlan_push callers are updated to do skb_reset_mac_len. More about the patch series: * patch 1 fixes skb_vlan_push and the callers * patch 2 adds ingress tc_actions test * patch 3 adds egress tc_actions test ==================== Link: https://patch.msgid.link/20240822103510.468293-1-boris.sukholitko@broadcom.com Signed-off-by: Paolo Abeni commit 2da44703a54403b9048ba268b2896dc0537a154f Author: Boris Sukholitko Date: Thu Aug 22 13:35:10 2024 +0300 selftests: tc_actions: test egress 2nd vlan push Add new test checking the correctness of inner vlan flushing to the skb data when outer vlan tag is added through act_vlan on egress. Signed-off-by: Boris Sukholitko Signed-off-by: Paolo Abeni commit 59c330eccee82f9e53421dd8a83b1bc236f4557a Author: Boris Sukholitko Date: Thu Aug 22 13:35:09 2024 +0300 selftests: tc_actions: test ingress 2nd vlan push Add new test checking the correctness of inner vlan flushing to the skb data when outer vlan tag is added through act_vlan on ingress. Signed-off-by: Boris Sukholitko Signed-off-by: Paolo Abeni commit 938863727076f684abb39d1d0f9dce1924e9028e Author: Boris Sukholitko Date: Thu Aug 22 13:35:08 2024 +0300 tc: adjust network header after 2nd vlan push skb network header of the single-tagged vlan packet continues to point the vlan payload (e.g. IP) after second vlan tag is pushed by tc act_vlan. This causes problem at the dissector which expects double-tagged packet network header to point to the inner vlan. The fix is to adjust network header in tcf_act_vlan.c but requires refactoring of skb_vlan_push function. Consider the following shell script snippet configuring TC rules on the veth interface: ip link add veth0 type veth peer veth1 ip link set veth0 up ip link set veth1 up tc qdisc add dev veth0 clsact tc filter add dev veth0 ingress pref 10 chain 0 flower \ num_of_vlans 2 cvlan_ethtype 0x800 action goto chain 5 tc filter add dev veth0 ingress pref 20 chain 0 flower \ num_of_vlans 1 action vlan push id 100 \ protocol 0x8100 action goto chain 5 tc filter add dev veth0 ingress pref 30 chain 5 flower \ num_of_vlans 2 cvlan_ethtype 0x800 action simple sdata "success" Sending double-tagged vlan packet with the IP payload inside: cat <protocol; } else { vlan = __skb_header_pointer(skb, nhoff, sizeof(_vlan), data, hlen, &_vlan); if (!vlan) { fdret = FLOW_DISSECT_RET_OUT_BAD; break; } proto = vlan->h_vlan_encapsulated_proto; nhoff += sizeof(*vlan); } The "else" clause above gets the protocol of the encapsulated packet from the skb data at the network header location. printk debugging has showed that in the good double-tagged packet case proto is htons(0x800 == ETH_P_IP) as expected. However in the single-tagged packet case proto is garbage leading to the failure to match tc filter 30. proto is being set from the skb header pointed by nhoff parameter which is defined at the beginning of __skb_flow_dissect (net/core/flow_dissector.c:1055 in the current version): nhoff = skb_network_offset(skb); Therefore the culprit seems to be that the skb network offset is different between double-tagged packet received from the interface and single-tagged packet having its vlan tag pushed by TC. Lets look at the interesting points of the lifetime of the single/double tagged packets as they traverse our packet flow. Both of them will start at __netif_receive_skb_core where the first vlan tag will be stripped: if (eth_type_vlan(skb->protocol)) { skb = skb_vlan_untag(skb); if (unlikely(!skb)) goto out; } At this stage in double-tagged case skb->data points to the second vlan tag while in single-tagged case skb->data points to the network (eg. IP) header. Looking at TC vlan push action (net/sched/act_vlan.c) we have the following code at tcf_vlan_act (interesting points are in square brackets): if (skb_at_tc_ingress(skb)) [1] skb_push_rcsum(skb, skb->mac_len); .... case TCA_VLAN_ACT_PUSH: err = skb_vlan_push(skb, p->tcfv_push_proto, p->tcfv_push_vid | (p->tcfv_push_prio << VLAN_PRIO_SHIFT), 0); if (err) goto drop; break; .... out: if (skb_at_tc_ingress(skb)) [3] skb_pull_rcsum(skb, skb->mac_len); And skb_vlan_push (net/core/skbuff.c:6204) function does: err = __vlan_insert_tag(skb, skb->vlan_proto, skb_vlan_tag_get(skb)); if (err) return err; skb->protocol = skb->vlan_proto; [2] skb->mac_len += VLAN_HLEN; in the case of pushing the second tag. Lets look at what happens with skb->data of the single-tagged packet at each of the above points: 1. As a result of the skb_push_rcsum, skb->data is moved back to the start of the packet. 2. First VLAN tag is moved from the skb into packet buffer, skb->mac_len is incremented, skb->data still points to the start of the packet. 3. As a result of the skb_pull_rcsum, skb->data is moved forward by the modified skb->mac_len, thus pointing to the network header again. Then __skb_flow_dissect will get confused by having double-tagged vlan packet with the skb->data at the network header. The solution for the bug is to preserve "skb->data at second vlan header" semantics in the skb_vlan_push function. We do this by manipulating skb->network_header rather than skb->mac_len. skb_vlan_push callers are updated to do skb_reset_mac_len. Signed-off-by: Boris Sukholitko Signed-off-by: Paolo Abeni commit 919a4719026f68a9d6b5b87db2e935564cdf42a5 Author: Andres Salomon Date: Tue Aug 20 04:19:42 2024 -0400 ABI: testing: sysfs-class-power: clarify charge_type documentation The existing docs here are a bit vague. This reformats and rewords it, and is based upon the wording originally used by the dell-laptop driver battery documentation and also sysfs-class-power-wilco. The wording for "Long Life" and "Bypass" remain the same, because I'm unfamiliar with hardware that use them. Signed-off-by: Andres Salomon Reviewed-by: Hans de Goede Link: https://lore.kernel.org/r/20240820041942.30ed42f3@5400 Signed-off-by: Sebastian Reichel commit e7cd191f83fd899c233dfbe7dc6d96ef703dcbbd Author: wangfe Date: Thu Aug 22 13:02:52 2024 -0700 xfrm: add SA information to the offloaded packet In packet offload mode, append Security Association (SA) information to each packet, replicating the crypto offload implementation. The XFRM_XMIT flag is set to enable packet to be returned immediately from the validate_xmit_xfrm function, thus aligning with the existing code path for packet offload mode. This SA info helps HW offload match packets to their correct security policies. The XFRM interface ID is included, which is crucial in setups with multiple XFRM interfaces where source/destination addresses alone can't pinpoint the right policy. Signed-off-by: wangfe Signed-off-by: Steffen Klassert commit 2b9ac0b84c2cae91bbaceab62df4de6d503421ec Author: Nikunj A Dadhania Date: Wed Jul 31 20:37:55 2024 +0530 virt: sev-guest: Ensure the SNP guest messages do not exceed a page Currently, struct snp_guest_msg includes a message header (96 bytes) and a payload (4000 bytes). There is an implicit assumption here that the SNP message header will always be 96 bytes, and with that assumption the payload array size has been set to 4000 bytes - a magic number. If any new member is added to the SNP message header, the SNP guest message will span more than a page. Instead of using a magic number for the payload, declare struct snp_guest_msg in a way that payload plus the message header do not exceed a page. [ bp: Massage. ] Suggested-by: Tom Lendacky Signed-off-by: Nikunj A Dadhania Signed-off-by: Borislav Petkov (AMD) Acked-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20240731150811.156771-5-nikunj@amd.com commit 5f7c38f81df206b370d97a827251bd4bc50ff46b Author: Nikunj A Dadhania Date: Wed Jul 31 20:37:54 2024 +0530 virt: sev-guest: Fix user-visible strings User-visible abbreviations should be in capitals, ensure messages are readable and clear. No functional change. Signed-off-by: Nikunj A Dadhania Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20240731150811.156771-4-nikunj@amd.com commit a1bbb2236bb97c0afee4cdf8fd732ff5f9cd60ac Author: Nikunj A Dadhania Date: Wed Jul 31 20:37:53 2024 +0530 virt: sev-guest: Rename local guest message variables Rename local guest message variables for more clarity. No functional change. Signed-off-by: Nikunj A Dadhania Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20240731150811.156771-3-nikunj@amd.com commit 8a04e342684a75ad1455fc3f23fab8e67c1aa9fc Author: Himal Prasad Ghimiray Date: Tue Aug 20 14:32:30 2024 +0530 drm/xe: Remove unrequired NULL check in xe_sched_job_free_fences dma_fence_chain_free() can handle NULL input, there is no need for NULL check by caller. Signed-off-by: Himal Prasad Ghimiray Reviewed-by: Matthew Brost Reviewed-by: Jagmeet Randhawa Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240820090230.3258128-3-himal.prasad.ghimiray@intel.com Signed-off-by: Nirmoy Das commit 19f01d4bbe9daf71901b200ab5c52591946b022a Author: Himal Prasad Ghimiray Date: Tue Aug 20 14:32:29 2024 +0530 drm/xe: Remove unrequired NULL checks in xe_sync_entry_cleanup dma_fence_put() and dma_fence_chain_free() can handle NULL input, there is no need for NULL check by caller. Signed-off-by: Himal Prasad Ghimiray Reviewed-by: Matthew Brost Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240820090230.3258128-2-himal.prasad.ghimiray@intel.com Signed-off-by: Nirmoy Das commit 11b7309dbe9fa98d9b8d18cd51db4f385c37ae30 Author: Himal Prasad Ghimiray Date: Tue Aug 20 14:32:28 2024 +0530 drm/xe: Remove extra dma_fence_put on xe_sync_entry_add_deps failure drm_sched_job_add_dependency() drops references even in case of error, no need for caller to call dma_fence_put. Signed-off-by: Himal Prasad Ghimiray Reviewed-by: Matthew Brost Reviewed-by: Ashutosh Dixit Acked-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240820090230.3258128-1-himal.prasad.ghimiray@intel.com Signed-off-by: Nirmoy Das commit 969db85b4f63fcc9a0ae42e808bf68aaafdb7283 Author: Mank Wang Date: Tue Aug 27 01:58:33 2024 +0000 bus: mhi: host: pci_generic: Add support for Netprisma LCUR57 and FCUN69 Add Netprisma LCUR57 and FCUN69 hardware revision: LCUR57: 02:00.0 Unassigned class [ff00]: Device 203e:1000 Subsystem: Device 203e:1000 FCUN69: 02:00.0 Unassigned class [ff00]: Device 203e:1001 Subsystem: Device 203e:1001 Both of these modules create IP interfaces through MBIM. And these modules can be checked for successful recognition through the following command: $ mmcli -L /org/freedesktop/ModemManager1/Modem/0 [NetPrisma] LCUR57-WWD $ mmcli -L /org/freedesktop/ModemManager1/Modem/0 [NetPrisma] FCUN69-WWD Signed-off-by: Mank Wang Reviewed-by: Manivannan Sadhasivam Link: https://lore.kernel.org/r/PH7PR22MB30386647BE2D813B502226CF81942@PH7PR22MB3038.namprd22.prod.outlook.com Signed-off-by: Manivannan Sadhasivam commit d07e1f5c745058d1805e7d8042b9a326b120cb6e Author: Shen Lichuan Date: Tue Aug 27 15:21:15 2024 +0800 wifi: mac80211: use kmemdup_array instead of kmemdup for multiple allocation Let the kmemdup_array() take care about multiplication and possible overflows. Using kmemdup_array() is more appropriate and makes the code easier to audit. Signed-off-by: Shen Lichuan Reviewed-by: Michal Swiatkowski Link: https://patch.msgid.link/20240827072115.42680-1-shenlichuan@vivo.com Signed-off-by: Johannes Berg commit 32bf7729d2e67aed4a6c537bf21d2023e3f39c45 Author: Yu Jiaoliang Date: Thu Aug 22 15:47:43 2024 +0800 wifi: cfg80211: Use kmemdup_array instead of kmemdup for multiple allocation Let the kememdup_array() take care about multiplication and possible overflows. Signed-off-by: Yu Jiaoliang Reviewed-by: Christophe JAILLET Link: https://patch.msgid.link/20240822074743.1366561-1-yujiaoliang@vivo.com Signed-off-by: Johannes Berg commit 76364f3edfde60aa2fa20b578ba9b96797d7bff5 Author: Emmanuel Grumbach Date: Sun Aug 25 19:17:11 2024 +0300 wifi: iwlwifi: mvm: allow ESR when we the ROC expires We forgot to release the ROC reason for ESR prevention when the remain on channel expires. Add this. Fixes: a1efeb823084 ("wifi: iwlwifi: mvm: Block EMLSR when a p2p/softAP vif is active") Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240825191257.8f8765f359cc.I16fcd6198072d422ff36dce68070aafaf011f4c1@changeid Signed-off-by: Johannes Berg commit 557a6cd847645e667f3b362560bd7e7c09aac284 Author: Miri Korenblit Date: Sun Aug 25 19:17:09 2024 +0300 wifi: iwlwifi: mvm: avoid NULL pointer dereference iwl_mvm_tx_skb_sta() and iwl_mvm_tx_mpdu() verify that the mvmvsta pointer is not NULL. It retrieves this pointer using iwl_mvm_sta_from_mac80211, which is dereferencing the ieee80211_sta pointer. If sta is NULL, iwl_mvm_sta_from_mac80211 will dereference a NULL pointer. Fix this by checking the sta pointer before retrieving the mvmsta from it. If sta is not NULL, then mvmsta isn't either. Signed-off-by: Miri Korenblit Reviewed-by: Johannes Berg Link: https://patch.msgid.link/20240825191257.880921ce23b7.I340052d70ab6d3410724ce955eb00da10e08188f@changeid Signed-off-by: Johannes Berg commit 53bc1b73b67836ac9867f93dee7a443986b4a94f Author: Ping-Ke Shih Date: Thu Aug 22 09:42:54 2024 +0800 wifi: mac80211: export ieee80211_purge_tx_queue() for drivers Drivers need to purge TX SKB when stopping. Using skb_queue_purge() can't report TX status to mac80211, causing ieee80211_free_ack_frame() warns "Have pending ack frames!". Export ieee80211_purge_tx_queue() for drivers to not have to reimplement it. Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240822014255.10211-1-pkshih@realtek.com Signed-off-by: Johannes Berg commit 373d3f8dcbb1c0d764123653ca4574be636b8d86 Author: Zijun Hu Date: Sun Aug 11 12:47:26 2024 +0800 wifi: rfkill: Correct parameter type for rfkill_set_hw_state_reason() Change type of parameter @reason to enum rfkill_hard_block_reasons for API rfkill_set_hw_state_reason() according to its comments, and all kernel callers have invoked the API with enum type actually. Signed-off-by: Zijun Hu Link: https://patch.msgid.link/20240811-rfkill_fix-v2-1-9050760336f4@quicinc.com Signed-off-by: Johannes Berg commit a0ee9dcce60027258a53ee85b9153ab268dcb55a Author: Zhang Changzhong Date: Sat Aug 24 16:26:43 2024 +0800 wifi: mac80211: remove redundant unlikely() around IS_ERR() IS_ERR() already calls unlikely(), so unlikely() is redundant here. Signed-off-by: Zhang Changzhong Link: https://patch.msgid.link/1724488003-45388-1-git-send-email-zhangchangzhong@huawei.com Signed-off-by: Johannes Berg commit 0f31a7effa5b7bd9cd9698ac43c443b7075f497c Author: Hans de Goede Date: Sun Aug 25 15:19:16 2024 +0200 net: rfkill: gpio: Do not load on Lenovo Yoga Tab 3 Pro YT3-X90 The Lenovo Yoga Tab 3 Pro YT3-X90 has a non functional "BCM4752" ACPI device, which uses GPIO resources which are actually necessary / used for the sound (codec, speaker amplifier) on the Lenovo Yoga Tab 3 Pro. If the rfkill-gpio driver loads before the sound drivers do the sound drivers fail to load because the GPIOs are already claimed. Add a DMI based deny list with the Lenovo Yoga Tab 3 Pro on there and make rfkill_gpio_probe() exit with -ENODEV for devices on the DMI based deny list. Signed-off-by: Hans de Goede Link: https://patch.msgid.link/20240825131916.6388-1-hdegoede@redhat.com Signed-off-by: Johannes Berg commit ff5aabe7c2a4a4b089a9ced0cb3d0e284963a7dd Author: Anjaneyulu Date: Thu Aug 8 23:22:49 2024 +0300 wifi: iwlwifi: allow only CN mcc from WRDD Block other mcc expect CN from WRDD ACPI. Signed-off-by: Anjaneyulu Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240808232017.fe6ea7aa4b39.I86004687a2963fe26f990770aca103e2f5cb1628@changeid Signed-off-by: Johannes Berg commit 1c7e1068a7c9c39ed27636db93e71911e0045419 Author: Johannes Berg Date: Thu Aug 8 23:22:48 2024 +0300 wifi: iwlwifi: mvm: drop wrong STA selection in TX This shouldn't happen at all, since in station mode all MMPDUs go through the TXQ for the STA, and not this function. There may or may not be a race in mac80211 through which this might happen for some frames while a station is being added, but in that case we can also just drop the frame and pretend the STA didn't exist yet. Also, the code is simply wrong since it uses deflink, and it's not easy to fix it since the mvmvif->ap_sta pointer cannot be used without the mutex, and perhaps the right link might not even be known. Just drop the frame at that point instead of trying to fix it up. Signed-off-by: Johannes Berg Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240808232017.45ad105dc7fe.I6d45c82e5758395d9afb8854057ded03c7dc81d7@changeid Signed-off-by: Johannes Berg commit fa21770fe4f36d3a42297e74c9e02e019b436b07 Author: Miri Korenblit Date: Thu Aug 8 23:22:47 2024 +0300 wifi: iwlwifi: bump FW API to 93 for BZ/SC devices Start supporting API version 93 for new devices. Signed-off-by: Miri Korenblit Signed-off-by: Johannes Berg Link: https://patch.msgid.link/20240808232017.5c9846f4c2c3.I6c825bc93aa23db302f24db5617f9b9b06042ec8@changeid Signed-off-by: Johannes Berg commit 7dd22dad8dc335dd7650d03ba1c08cae5afdefcc Author: Miri Korenblit Date: Thu Aug 8 23:22:46 2024 +0300 wifi: iwlwifi: mvm: cleanup iwl_mvm_get_wd_timeout This used to extract the timeout from the debug TLV (FW_DBG_TRIGGER_TXQ_TIMERS), which is not in use. Cleanup iwl_mvm_get_wd_timeout to not consider the debug TLV. Signed-off-by: Miri Korenblit Reviewed-by: Johannes Berg Reviewed-by: Emmanuel Grumbach Link: https://patch.msgid.link/20240808232017.7a6944bc2e38.I532b4b5487c6be9203ff4db9742d7cc5b148d502@changeid Signed-off-by: Johannes Berg commit 7921c411490ca8b091068a41de873d79d065aab1 Author: Miri Korenblit Date: Thu Aug 8 23:22:45 2024 +0300 wifi: iwlwifi: use default command queue watchdog timeout We used to have the opmode configuring it to the trans according to the debug tlv value (FW_DBG_TRIGGER_TXQ_TIMERS). But this debug is not used, so trans can just have the default value hardcoded. Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240808232017.87af3f063025.I2222981ead13f6a917f2d4b116c5b94200dc9e51@changeid Signed-off-by: Johannes Berg commit a08cf01905dfd7884d41db782667420500bdd90e Author: Emmanuel Grumbach Date: Sun Aug 25 09:00:54 2024 +0300 wifi: iwlwifi: mvm: handle the new EML OMN failure notification Take the proper action upon EML OMN frame failure. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240825090005.01ff45fa69db.I9f2d3ea851050f6031ac07bbe69eb38000fd5683@changeid Signed-off-by: Johannes Berg commit 1987bf29f891d30c7d85d7da179a67628c3fe8e6 Author: Ilan Peer Date: Thu Aug 8 23:22:44 2024 +0300 wifi: iwlwifi: mvm: Stop processing MCC update if there was no change When processing a MCC update notification from the firmware, if the firmware indicates that the regulatory configuration didn't change, abort the flow and do not notify higher layers. Signed-off-by: Ilan Peer Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240808232017.60dd273d00e0.I985b3bc61ca4a6cac7c1d1365b5c0afba04f3031@changeid Signed-off-by: Johannes Berg commit 4d8ff1f7df43ee8560818b0b6cdec6e9ce703748 Author: Emmanuel Grumbach Date: Thu Aug 8 23:22:42 2024 +0300 wifi: iwlwifi: mvm: add API for EML OMN frame failure When the firmware fails to send EML OMN frames, it notifies the host and the host need to take proper action. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240808232017.0c6bc216ef8c.Ida85d2062734a569e1af35f47d14cc5bb4bf893e@changeid Signed-off-by: Johannes Berg commit cdade208214af34b18635747cb18d3693593c0c2 Author: Emmanuel Grumbach Date: Thu Aug 8 23:22:41 2024 +0300 wifi: iwlwifi: mvm: exit EMLSR if both links are missing beacons If both links are missing 5 beacons, we need to exit EMLSR, if only one link misses beacons, we need to wait until 11 beacons are missed. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240808232017.b7785943a4fe.I70a459c5e7db85f398d5795ba83bb15f65d6bf9d@changeid Signed-off-by: Johannes Berg commit 313e32f60d5439a19b0684d3be1fe50c77ef382d Author: Emmanuel Grumbach Date: Thu Aug 8 23:22:40 2024 +0300 wifi: iwlwifi: mvm: handle the new missed beacons notification Use the same handler for both types and just convert the old version to the new. Drop the unused fields from the old one and fake the new fields. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240808232017.a64ffc998569.I7d181052b1a69c331d07263f20c1e00cbc0bc891@changeid Signed-off-by: Johannes Berg commit ec6ba5367eaab4d81b14f19380b14852a49dd80a Author: Emmanuel Grumbach Date: Thu Aug 8 23:22:39 2024 +0300 wifi: iwlwifi: mvm: add the new API for the missed beacons notification Note that the new API does not have the same notification ID as the previous notification: the new notification belongs to the group 0x3. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240808232017.4ea52360b32e.Ibc25dcabd8aeadda906549482a6c77bc42fb55bb@changeid Signed-off-by: Johannes Berg commit 658b8b56c1296322a9a064c8e8cb73ea8a44f635 Author: Emmanuel Grumbach Date: Thu Aug 8 23:22:38 2024 +0300 wifi: iwlwifi: mvm: rename iwl_missed_beacons_notif A new version is coming up. Rename the current struct to include the current version. s/iwl_missed_beacons_notif/iwl_missed_beacons_notif_v4 Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240808232017.b5c3a83a05ef.I698611582b5ca8395f42a535c51f7230307e2c6f@changeid Signed-off-by: Johannes Berg commit b2a7c91bf93865a34e04707ef600c1c363d79125 Author: Daniel Gabay Date: Thu Aug 8 23:22:37 2024 +0300 wifi: iwlwifi: mvm: Offload RLC/SMPS functionality to firmware Currently, the driver handles SMPS decisions by tracking AP capabilities, BT coexistence changes, sending necessary SMPS frames to the AP, and updating firmware with RX chain info using the RLC_CONFIG_CMD. Starting with version 3 of the RLC_CONFIG_CMD, the firmware takes over this responsibility. It now tracks SMPS, sends frames, and configures the RLC. In this patch: 1. Stop sending RLC_CONFIG_CMD when firmware supports RLC offload (version 3), as rlc.rx_chain_info is not needed by firmware, and no other field in the cmd is used. 2. Prevent the driver from forwarding any SMPS requests to mac80211, i.e., the driver should not transmit SMPS frames to the AP as firmware handles that. 3. Set NL80211_FEATURE_DYNAMIC_SMPS and NL80211_FEATURE_STATIC_SMPS conditionally based on RLC version. Signed-off-by: Daniel Gabay Reviewed-by: Johannes Berg Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240808232017.45da23be1f65.I0d46db82dd990a82e8a66876fe2f5310bc9513be@changeid Signed-off-by: Johannes Berg commit 1524173a3745899612c71d9e83ff8fe29dbb2cfb Author: Emmanuel Grumbach Date: Thu Aug 8 11:59:16 2024 +0300 wifi: mac80211: fix the comeback long retry times When we had a comeback, we will never use the default timeout values again because comeback is never cleared. Clear comeback if we send another association request which will allow to start a default timer after Tx status. The problem was seen with iwlwifi where the tx_status on the association request is handled before the association response frame (which is the usual case). 1) Tx assoc request 1/3 2) Rx assoc response (comeback, timeout = 1 second) 3) wait 1 second 4) Tx assoc request 2/3 5) Set timer to IEEE80211_ASSOC_TIMEOUT_LONG = 500ms (1 second after round_up) 6) tx_status on frame sent in 4) is ignored because comeback is still true 7) AP does not reply with assoc response 8) wait 1s <= This is where the bug is felt 9) Tx assoc request 3/3 With this fix, in step 6 we will reset the timer to IEEE80211_ASSOC_TIMEOUT_SHORT = 100ms and we will wait only 100ms in step 8. Fixes: b133fdf07db8 ("wifi: mac80211: Skip association timeout update after comeback rejection") Signed-off-by: Emmanuel Grumbach Link: https://patch.msgid.link/20240808085916.23519-1-emmanuel.grumbach@intel.com Signed-off-by: Johannes Berg commit a68b22e2905b04f376e2fa116be5e48b948f81c8 Author: hhorace Date: Wed Aug 7 16:22:05 2024 +0800 wifi: cfg80211: fix bug of mapping AF3x to incorrect User Priority According to RFC8325 4.3, Multimedia Streaming: AF31(011010, 26), AF32(011100, 28), AF33(011110, 30) maps to User Priority = 4 and AC_VI (Video). However, the original code remain the default three Most Significant Bits (MSBs) of the DSCP, which makes AF3x map to User Priority = 3 and AC_BE (Best Effort). Fixes: 6fdb8b8781d5 ("wifi: cfg80211: Update the default DSCP-to-UP mapping") Signed-off-by: hhorace Reviewed-by: Guillaume Nault Reviewed-by: Ido Schimmel Link: https://patch.msgid.link/20240807082205.1369-1-hhoracehsu@gmail.com Signed-off-by: Johannes Berg commit 7c3b69eadea9e57c28bf914b0fd70f268f3682e1 Author: Rory Little Date: Mon Aug 5 17:40:23 2024 -0700 wifi: mac80211: Add non-atomic station iterator Drivers may at times want to iterate their stations with a function which requires some non-atomic operations. ieee80211_iterate_stations_mtx() introduces an API to iterate stations while holding that wiphy's mutex. This allows the iterating function to do non-atomic operations safely. Signed-off-by: Rory Little Link: https://patch.msgid.link/20240806004024.2014080-2-rory@candelatech.com [unify internal list iteration functions] Signed-off-by: Johannes Berg commit 6a1a6f2dba35cfb5f81100c375a0c87eda90f2c7 Author: Christophe JAILLET Date: Mon Aug 5 08:40:39 2024 +0200 staging: rtl8192e: Constify struct lib80211_crypto_ops Now that functions in lib80211 handle "const struct lib80211_crypto_ops", some structure can be constified as well. Constifying these structures moves some data to a read-only section, so increase overall security. Signed-off-by: Christophe JAILLET Reviewed-by: Simon Horman Tested-by: Philipp Hortmann Acked-by: Greg Kroah-Hartman Link: https://patch.msgid.link/dfda6343781ae3d50cd2ec7bbdcf76a489b6922a.1722839425.git.christophe.jaillet@wanadoo.fr Signed-off-by: Johannes Berg commit 1842442007cded42decd8c27ce84cfc570b8f5f4 Author: Christophe JAILLET Date: Mon Aug 5 08:40:38 2024 +0200 wifi: lib80211: Constify struct lib80211_crypto_ops Now that functions in lib80211 handle "const struct lib80211_crypto_ops", some structure can be constified as well. Constifying these structures moves some data to a read-only section, so increase overall security. Before: text data bss dec hex filename 7273 604 16 7893 1ed5 net/wireless/lib80211.o After: text data bss dec hex filename 7429 444 16 7889 1ed1 net/wireless/lib80211.o Signed-off-by: Christophe JAILLET Reviewed-by: Simon Horman Link: https://patch.msgid.link/0cc3741c15f2c502cc85bddda9d6582b5977c8f9.1722839425.git.christophe.jaillet@wanadoo.fr Signed-off-by: Johannes Berg commit 3a3d1afd25ea2e142c78b67fb769df5be7d308c3 Author: Christophe JAILLET Date: Mon Aug 5 08:40:37 2024 +0200 wifi: lib80211: Handle const struct lib80211_crypto_ops in lib80211 lib80211_register_crypto_ops() and lib80211_unregister_crypto_ops() don't modify their "struct lib80211_crypto_ops *ops" argument. So, it can be declared as const. Doing so, some adjustments are needed to also constify some date in "struct lib80211_crypt_data", "struct lib80211_crypto_alg" and the return value of lib80211_get_crypto_ops(). Signed-off-by: Christophe JAILLET Reviewed-by: Simon Horman Link: https://patch.msgid.link/c74085e02f33a11327582b19c9f51c3236e85ae2.1722839425.git.christophe.jaillet@wanadoo.fr Signed-off-by: Johannes Berg commit dc6d20b900b72bea89ebd8154ba9bde1029f330b Author: Nikunj A Dadhania Date: Wed Jul 31 20:37:52 2024 +0530 virt: sev-guest: Replace dev_dbg() with pr_debug() In preparation for moving code to arch/x86/coco/sev/core.c, replace dev_dbg with pr_debug. No functional change. Signed-off-by: Nikunj A Dadhania Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Tom Lendacky Reviewed-by: Borislav Petkov (AMD) Tested-by: Peter Gonda Link: https://lore.kernel.org/r/20240731150811.156771-2-nikunj@amd.com commit 36a95e9c51684bbc0983219cc1d86a8428e4d65f Author: Miri Korenblit Date: Mon Jul 29 20:20:18 2024 +0300 wifi: iwlwifi: mvm: add and improve EMLSR debug info Add prints of the per-link MPDU counters, and change the other MPDU counters related prints to use DL_INFO, which is already used for all EMLSR tests anyway, instead of DL_STATS which pollutes the logs with all the RX signal info. Signed-off-by: Miri Korenblit Reviewed-by: Daniel Gabay Link: https://patch.msgid.link/20240729201718.02bd85837c87.I85480c9c4fab0f7a574dd69cbeafd82674146921@changeid Signed-off-by: Johannes Berg commit b312e357207c53270bd9b99e0bfd5dd9bf183078 Author: Somashekhar(Som) Date: Mon Jul 29 20:20:17 2024 +0300 wifi: iwlwifi: Enable channel puncturing for US/CAN from bios Add support for enabling channel puncturing for US/CAN based on BIOS configuration through UEFI Signed-off-by: Somashekhar(Som) Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.828f3ecf5118.I5561ab8c7cd48ad4e5d6daf21b037bf88c619a4a@changeid Signed-off-by: Johannes Berg commit db9979d5aae8496233a8551320a69a2f9b1b0ac3 Author: Emmanuel Grumbach Date: Mon Jul 29 20:20:16 2024 +0300 wifi: iwlwifi: mvm: add firmware debug points for EMLSR entry / exit This will help to dump the firmware logs at the right spot if needed. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.3a91e89e32f8.Ieb28d7756c47dee52c912a71abe82fa0b08b19da@changeid Signed-off-by: Johannes Berg commit 2b7ee1a10a72ef8f3df621133ac04e80e8214037 Author: Emmanuel Grumbach Date: Mon Jul 29 20:20:15 2024 +0300 wifi: iwlwiif: mvm: handle the new BT notif Iterate all the links and check if any action must be taken. The new notification impacts only the esr decision. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.00cfc07879c6.I8491483fda3b5888ea6ffa10fbd17807e443f943@changeid Signed-off-by: Johannes Berg commit b85b397a9ece4cdde2e18424b822702220094c83 Author: Emmanuel Grumbach Date: Mon Jul 29 20:20:14 2024 +0300 wifi: iwlwifi: mvm: start to support the new BT profile notification We have a new notification the BT profile. It contains almost nothing, only the wifi loss information. Copy this into mvm. We still need to iterate over the vifs / links to use this data. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.637499f3a85a.I8bf654cf5d8aa038100273876c936845ecc338f7@changeid Signed-off-by: Johannes Berg commit 1c9c5aebb5db162515ebb719e0f6cf1292e9c40e Author: Emmanuel Grumbach Date: Mon Jul 29 20:20:13 2024 +0300 wifi: iwlwifi: mvm: s/iwl_bt_coex_profile_notif/iwl_bt_coex_prof_old_notif The iwl_bt_coex_profile_notif is now being obsoleted. It'll be replaced by a new notification coming with a non-legacy group. Rename it to avoid confusion. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.dc29fd0d7817.I5881fce86ec8b76ae98d2948265434b8e7d860c1@changeid Signed-off-by: Johannes Berg commit 3a7ee94559dfd640604d0265739e86dec73b64e8 Author: Avraham Stern Date: Mon Jul 29 20:20:12 2024 +0300 wifi: iwlwifi: mvm: increase the time between ranging measurements The algo running in fw may take a little longer than 5 milliseconds, (e.g. measurement on 80MHz while associated). Increase the minimum time between measurements to 7 milliseconds. Fixes: 830aa3e7d1ca ("iwlwifi: mvm: add support for range request command version 13") Signed-off-by: Avraham Stern Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.d3f3c26e00d9.I09e951290e8a3d73f147b88166fd9a678d1d69ed@changeid Signed-off-by: Johannes Berg commit a949075d4bbf1ca83ccdeaa6ef4ac2ce7526c5f4 Author: Avraham Stern Date: Mon Jul 29 20:20:11 2024 +0300 wifi: iwlwifi: mvm: set the cipher for secured NDP ranging The cipher pointer is not set, but is derefereced trying to set its content, which leads to a NULL pointer dereference. Fix it by pointing to the cipher parameter before dereferencing. Fixes: 626be4bf99f6 ("wifi: iwlwifi: mvm: modify iwl_mvm_ftm_set_secured_ranging() parameters") Signed-off-by: Avraham Stern Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.24e83369f136.I80501ddcb82920561f450d00020d860e7a3f90c6@changeid Signed-off-by: Johannes Berg commit 87c1c28a9aa149489e1667f5754fc24f4973d2d0 Author: Ilan Peer Date: Sun Aug 25 08:56:37 2024 +0300 wifi: iwlwifi: mvm: Fix a race in scan abort flow When the upper layer requests to cancel an ongoing scan, a race is possible in which by the time the driver starts to handle the upper layers scan cancel flow, the FW already completed handling the scan request and the driver received the scan complete notification but still did not handle the notification. In such a case the FW will simply ignore the scan abort request coming from the driver, no notification would arrive from the FW and the entire abort flow would be considered a failure. To better handle this, check the status code returned by the FW for the scan abort command. In case the status indicates that no scan was aborted, complete the scan abort flow with success, i.e., the scan was aborted, as the flow is expected to consume the scan complete notification. Signed-off-by: Ilan Peer Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240825085558.483989d3baef.I3340556a222388504c6330b333360bf77d10f9e2@changeid Signed-off-by: Johannes Berg commit 6d1b52cc9af56b773238516030b82310cb1f1ba2 Author: Emmanuel Grumbach Date: Mon Jul 29 20:20:09 2024 +0300 wifi: iwlwifi: mvm: set ul_mu_data_disable when needed The firmware needs to know what we had in the HE CAP, propagate that setting to the firmware through the LINK command. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.fef270d2995b.I328237837df30e1cb98764987eaaf8e8993e058c@changeid Signed-off-by: Johannes Berg commit 27c8f12e972d3647e9d759d7cafd4c34fa513432 Author: Avraham Stern Date: Mon Jul 29 20:20:08 2024 +0300 wifi: iwlwifi: mei: add support for SAP version 4 SAP version 4 uses larger Host to MEI notification queue. Since it is unknown which SAP version is used by the CSME firmware when the driver loads, try version 4 first. In case the CSME firmware uses version 3, the memory allocation will fail. In this case the driver will try again to allocate the memory for version 3. Signed-off-by: Avraham Stern Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.8372e040282f.Ia0085784e08a35159c9293f986c3d2774038f4c4@changeid Signed-off-by: Johannes Berg commit 8131dd52810dfcdb49fcdc78f5e18e1538b6c441 Author: Johannes Berg Date: Mon Jul 29 20:20:07 2024 +0300 wifi: iwlwifi: config: label 'gl' devices as discrete The 'gl' devices are in the bz family, but they're not, integrated, so should have their own trans config struct. Fix that, also necessitating the removal of LTR config, and while at it remove 0x2727 and 0x272D IDs that were only used for test chips. Fixes: c30a2a64788b ("wifi: iwlwifi: add a new PCI device ID for BZ device")ticket=none Signed-off-by: Johannes Berg Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.95aed0620080.Ib9129512c95aa57acc9876bdff8b99dd41e1562c@changeid Signed-off-by: Johannes Berg commit 70d400ba7fa71d19481faf81db9483432ed1e084 Author: Johannes Berg Date: Mon Jul 29 20:20:06 2024 +0300 wifi: iwlwifi: pcie: print function scratch before writing We may want to know the value of this register for certain debug scenarios before we overwrite it, it indicates which parts of the chip have recently been reset. Signed-off-by: Johannes Berg Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.737e5f8bb8df.Ia3f3637ac4a0fb4b35ffd652f92eb75de652ee12@changeid Signed-off-by: Johannes Berg commit 4f1591d292277eec51d027405a92f0d4ef5e299e Author: Johannes Berg Date: Mon Jul 29 20:20:05 2024 +0300 wifi: iwlwifi: mvm: use correct key iteration In the cases changed here, key iteration isn't done from an RCU critical section, but rather using the wiphy lock as protection. Therefore, just use ieee80211_iter_keys(). The link switch case can therefore also use sync commands. Signed-off-by: Johannes Berg Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.69a2d18580c1.I2148e04d4b467d0b100beac8f7e449bfaaf775a5@changeid Signed-off-by: Johannes Berg commit cb2b6ce8b2e9289b95d6b997eecdf3083107acad Author: Miri Korenblit Date: Mon Jul 29 20:20:04 2024 +0300 wifi: iwlwifi: remove MVM prefix from FW macros These are not mvm specific. Signed-off-by: Miri Korenblit Reviewed-by: Emmanuel Grumbach Link: https://patch.msgid.link/20240729201718.939b32f84f46.I293957bf172680871eba24448d9d1870e49100b6@changeid Signed-off-by: Johannes Berg commit 535f01905afac5a5ad420bb94970d410f5e6fec6 Author: Emmanuel Grumbach Date: Mon Jul 29 20:20:03 2024 +0300 wifi: iwlwifi: mvm: add support for new REDUCE_TXPOWER_CMD versions New API versions are coming up for this command. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.7ec1527be98c.I52dede6532bc61041c441caee5273734f14a1d78@changeid Signed-off-by: Johannes Berg commit cfc13542aa693f248b5b67828a9231c849554dc3 Author: Emmanuel Grumbach Date: Mon Jul 29 20:20:02 2024 +0300 wifi: iwlwifi: mvm: prepare the introduction of V9 of REDUCED_TX_POWER * Rename iwl_dev_tx_power_cmd to iwl_dev_tx_power_cmd_v3_v8 * struct iwl_dev_tx_power_common needs to be packed. It was always the case, but now that its size is not a multiple of 4, it becomes meaningful. * Move per_band data out of the common structure since it won't be present in the new versions of the command. Signed-off-by: Emmanuel Grumbach Signed-off-by: Miri Korenblit Link: https://patch.msgid.link/20240729201718.8da29a66984f.I922bdef4740d990f98cb452e858c4157bbc491c5@changeid Signed-off-by: Johannes Berg commit e7a7ef9a0742dbd0818d5b15fba2c5313ace765b Author: Ping-Ke Shih Date: Mon Jul 29 15:48:16 2024 +0800 wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask for scanning"), ignore incorrect settings to avoid no supported rate warning reported by syzbot. The syzbot did bisect and found cause is commit 9df66d5b9f45 ("cfg80211: fix default HE tx bitrate mask in 2G band"), which however corrects bitmask of HE MCS and recognizes correctly settings of empty legacy rate plus HE MCS rate instead of returning -EINVAL. As suggestions [1], follow the change of SCAN TX to consider this case of offchannel TX as well. [1] https://lore.kernel.org/linux-wireless/6ab2dc9c3afe753ca6fdcdd1421e7a1f47e87b84.camel@sipsolutions.net/T/#m2ac2a6d2be06a37c9c47a3d8a44b4f647ed4f024 Reported-by: syzbot+8dd98a9e98ee28dc484a@syzkaller.appspotmail.com Closes: https://lore.kernel.org/linux-wireless/000000000000fdef8706191a3f7b@google.com/ Fixes: 9df66d5b9f45 ("cfg80211: fix default HE tx bitrate mask in 2G band") Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240729074816.20323-1-pkshih@realtek.com Signed-off-by: Johannes Berg commit ea63fb71993c56628f323b8268d36f4bbd836a7f Author: Dmitry Antipov Date: Thu Jul 25 12:09:25 2024 +0300 wifi: mac80211: refactor block ack management code Introduce 'ieee80211_mgmt_ba()' to avoid code duplication between 'ieee80211_send_addba_resp()', 'ieee80211_send_addba_request()', and 'ieee80211_send_delba()', ensure that all related addresses are '__aligned(2)', and prefer convenient 'ether_addr_copy()' over generic 'memcpy()'. No functional changes expected. Signed-off-by: Dmitry Antipov Link: https://patch.msgid.link/20240725090925.6022-1-dmantipov@yandex.ru Signed-off-by: Johannes Berg commit 7c24c5bdf489c8f3a9c701a950126da871ebdaca Author: Zong-Zhe Yang Date: Fri Jul 12 15:49:38 2024 +0800 wifi: mac80211_hwsim: correct MODULE_PARM_DESC of multi_radio Correct the name field in multi_radio's MODULE_PARM_DESC. Fixes: d2601e34a102 ("wifi: mac80211_hwsim: add support for multi-radio wiphy") Signed-off-by: Zong-Zhe Yang Acked-by: Felix Fietkau Link: https://patch.msgid.link/20240712074938.26437-1-kevin_yang@realtek.com Signed-off-by: Johannes Berg commit ede0b1d30b82829d6bc7924be18c7ae09cb1eb33 Author: Li Zetao Date: Thu Aug 22 21:39:04 2024 +0800 libceph: use min() to simplify code in ceph_dns_resolve_name() When resolving name in ceph_dns_resolve_name(), the end address of name is determined by the minimum value of delim_p and colon_p. So using min() here is more in line with the context. Signed-off-by: Li Zetao Reviewed-by: Simon Horman Signed-off-by: Ilya Dryomov commit 2015716adbd9cac8505ed461f5f330e832be0c84 Author: Chen Yufan Date: Thu Aug 22 17:55:41 2024 +0800 ceph: Convert to use jiffies macro Use time_after_eq macro instead of using jiffies directly to handle wraparound. [ xiubli: adjust the header files order ] Signed-off-by: Chen Yufan Reviewed-by: Xiubo Li Signed-off-by: Ilya Dryomov commit 9a948c0c8e741776ee6d938b49d34d22034fbb7d Author: Yue Haibing Date: Wed Aug 14 11:34:15 2024 +0800 ceph: Remove unused declarations These functions is never implemented and used. Signed-off-by: Yue Haibing Reviewed-by: Jeff Layton Signed-off-by: Ilya Dryomov commit 40153505259d8dc0e4ea6889fca5e567c42b76a9 Author: Borislav Petkov (AMD) Date: Wed Jul 31 18:05:31 2024 +0200 Documentation/srso: Document a method for checking safe RET operates properly Add a method to quickly verify whether safe RET operates properly on a given system using perf tool. Also, add a selftest which does the same thing. Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20240731160531.28640-1-bp@kernel.org commit 0405e128110d47a40443936e68dc32d7bc4ccc0b Author: Madhavan Srinivasan Date: Mon Aug 26 12:12:17 2024 +0530 powerpc/xmon: Fix tmpstr length check in scanhex If a function name is greater than 63 characters long, xmon command may not find them. For example, here is a test that executed an illegal instruction in a kernel function and one of call stack function has a name greater than 63 characters long: cpu 0x0: Vector: 700 (Program Check) at [c00000000a6577e0] pc: c0000000001aacb8: check__allowed__function__name__for__symbol__r4+0x8/0x10 lr: c00000000019c1e0: check__allowed__function__name__for__symbol__r1+0x20/0x40 sp: c00000000a657a80 msr: 800000000288b033 current = 0xc00000000a439900 paca = 0xc000000003e90000 irqmask: 0x03 irq_happened: 0x01 ..... [link register ] c00000000019c1e0 check__allowed__function__name__for__symbol__r1+0x20/0x40 [c00000000a657a80] c00000000a439900 (unreliable) [c00000000a657aa0] c0000000001021d8 check__allowed__function__name__for__symbol__r2_resolution_symbol+0x38/0x4c [c00000000a657ac0] c00000000019b424 power_pmu_event_init+0xa4/0xa50 and when executing a dump instruction (di) command for long function name, xmon fails to find the function symbol: 0:mon> di $check__allowed__function__name__for__symbol__r2_resolution_symbol unknown symbol 'check__allowed__function__name__for__symbol__r2_resolution_symb' 0000000000000000 ******** This is because in scanhex(), tmpstr loop index is checked only for a upper bound of 63. Fix it by replacing the upper bound value with (KSYM_NAME_LEN-1). With fix: 0:mon> di $check__allowed__function__name__for__symbol__r2_resolution_symbol c0000000001021a0 3c4c0249 addis r2,r12,585 c0000000001021a4 3842ae60 addi r2,r2,-20896 c0000000001021a8 7c0802a6 mflr r0 c0000000001021ac 60000000 nop ..... Reported-by: Miguel Ojeda Closes: https://lore.kernel.org/linuxppc-dev/CANiq72=QeTgtZL4k9=4CJP6C_Hv=rh3fsn3B9S3KFoPXkyWk3w@mail.gmail.com/ Signed-off-by: Madhavan Srinivasan Signed-off-by: Michael Ellerman Link: https://msgid.link/20240826064217.46658-1-maddy@linux.ibm.com commit 13c7a51eeb747ec315485ac7b13d4ea03707f53e Author: Marc Zyngier Date: Tue Aug 20 14:18:02 2024 +0100 KVM: arm64: Expose ID_AA64PFR2_EL1 to userspace and guests Everything is now in place for a guest to "enjoy" FP8 support. Expose ID_AA64PFR2_EL1 to both userspace and guests, with the explicit restriction of only being able to clear FPMR. All other features (MTE* at the time of writing) are hidden and not writable. Reviewed-by: Mark Brown Tested-by: Mark Brown Link: https://lore.kernel.org/r/20240820131802.3547589-9-maz@kernel.org Signed-off-by: Marc Zyngier commit c9150a8ad9cdb69584d4ec5af61481df41498eb8 Author: Marc Zyngier Date: Tue Aug 20 14:18:01 2024 +0100 KVM: arm64: Enable FP8 support when available and configured If userspace has enabled FP8 support (by setting ID_AA64PFR2_EL1.FPMR to 1), let's enable the feature by setting HCRX_EL2.EnFPM for the vcpu. Reviewed-by: Mark Brown Tested-by: Mark Brown Link: https://lore.kernel.org/r/20240820131802.3547589-8-maz@kernel.org Signed-off-by: Marc Zyngier commit 6d7307651a8a021e7286e90264676b893cb6032d Author: Marc Zyngier Date: Tue Aug 20 14:18:00 2024 +0100 KVM: arm64: Expose ID_AA64FPFR0_EL1 as a writable ID reg ID_AA64FPFR0_EL1 contains all sort of bits that contain a description of which FP8 subfeatures are implemented. We don't really care about them, so let's just expose that register and allow userspace to disable subfeatures at will. Reviewed-by: Mark Brown Tested-by: Mark Brown Link: https://lore.kernel.org/r/20240820131802.3547589-7-maz@kernel.org Signed-off-by: Marc Zyngier commit b8f669b491ec4693d07126b20db0fbe747556d11 Author: Marc Zyngier Date: Tue Aug 20 14:17:59 2024 +0100 KVM: arm64: Honor trap routing for FPMR HCRX_EL2.EnFPM controls the trapping of FPMR (as well as the validity of any FP8 instruction, but we don't really care about this last part). Describe the trap bit so that the exception can be reinjected in a NV guest. Reviewed-by: Mark Brown Tested-by: Mark Brown Link: https://lore.kernel.org/r/20240820131802.3547589-6-maz@kernel.org Signed-off-by: Marc Zyngier commit ef3be86021c3bdf384c36d9d4aa1ee9fe65b95af Author: Marc Zyngier Date: Tue Aug 20 14:17:58 2024 +0100 KVM: arm64: Add save/restore support for FPMR Just like the rest of the FP/SIMD state, FPMR needs to be context switched. The only interesting thing here is that we need to treat the pKVM part a bit differently, as the host FP state is never written back to the vcpu thread, but instead stored locally and eagerly restored. Reviewed-by: Mark Brown Tested-by: Mark Brown Link: https://lore.kernel.org/r/20240820131802.3547589-5-maz@kernel.org Signed-off-by: Marc Zyngier commit 7d9c1ed6f4bfa8d5fcafad847ac64e2839a04301 Author: Marc Zyngier Date: Tue Aug 20 14:17:57 2024 +0100 KVM: arm64: Move FPMR into the sysreg array Just like SVCR, FPMR is currently stored at the wrong location. Let's move it where it belongs. Reviewed-by: Mark Brown Tested-by: Mark Brown Link: https://lore.kernel.org/r/20240820131802.3547589-4-maz@kernel.org Signed-off-by: Marc Zyngier commit d4db98791aa5316677a1da9bfa0788068c9863dc Author: Marc Zyngier Date: Tue Aug 20 14:17:56 2024 +0100 KVM: arm64: Add predicate for FPMR support in a VM As we are about to check for the advertisement of FPMR support to a guest in a number of places, add a predicate that will gate most of the support code for FPMR. Reviewed-by: Mark Brown Tested-by: Mark Brown Link: https://lore.kernel.org/r/20240820131802.3547589-3-maz@kernel.org Signed-off-by: Marc Zyngier commit b55688943597df06f202c67341da5b9b0ec54e93 Author: Marc Zyngier Date: Tue Aug 20 14:17:55 2024 +0100 KVM: arm64: Move SVCR into the sysreg array SVCR is just a system register, and has no purpose being outside of the sysreg array. If anything, it only makes it more difficult to eventually support SME one day. If ever. Move it into the array with its little friends, and associate it with a visibility predicate. Although this is dead code, it at least paves the way for the next set of FP-related extensions. Reviewed-by: Mark Brown Tested-by: Mark Brown Link: https://lore.kernel.org/r/20240820131802.3547589-2-maz@kernel.org Signed-off-by: Marc Zyngier commit 5e1c5c5a687bb3351d9b4a3b0ad457f8497b2a0d Author: Takashi Iwai Date: Wed Aug 7 17:27:23 2024 +0200 ALSA: pcm: Drop PCM vmalloc buffer helpers As the last-standing user of PCM vmalloc buffer helper API took its own buffer management, we can finally drop those API functions, which were leftover after reorganization of ALSA memalloc code. Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807152725.18948-3-tiwai@suse.de commit 002353a537a29b9be5bde3c1d9964628f0d20d45 Author: Takashi Iwai Date: Wed Aug 7 17:27:22 2024 +0200 drm/bridge: dw-hdmi: Move vmalloc PCM buffer management into the driver The dw-hdmi drm bridge driver is the only one who still uses the ALSA vmalloc helper API functions. A previous attempt to change the way of buffer management wasn't taken for this legacy stuff, as we had little chance for test and some risk of major breaking. Instead, this patch moves the vmalloc buffer stuff into the dw-hdmi driver code itself, so that we can drop them from ALSA core code afterwards. There should be no functional changes. Link: https://lore.kernel.org/20191210154536.29819-1-tiwai@suse.de Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807152725.18948-2-tiwai@suse.de commit 5ce90c842ef57bceb515503347306174e231575f Merge: 54f2f78d6b9f1f a54ad727f74559 Author: Steffen Klassert Date: Tue Aug 27 07:01:20 2024 +0200 Merge branch 'xfrm: speed up policy insertions' Florian Westphal says: ==================== Policy insertions do not scale well, due to both a lienar list walk to find the insertion spot and another list walk to set the 'pos' value (a tie-breaker to detect which policy is older when there is ambiguity as to which one should be matched). First patch gets rid of the second list walk on insert. Rest of the patches get rid of the insertion walk. This list walk was only needed because when I moved the policy db implementation to rbtree I retained the old insertion method for the sake of XFRM_MIGRATE. Switching that to tree-based lookup avoids the need for the full list search. After this, insertion of a policy is largely independent of the number of pre-existing policies as long as they do not share the same source/ destination networks. Note that this is compile tested only as I did not find any tests for XFRM_MIGRATE. ==================== Signed-off-by: Steffen Klassert commit 9c57bc08652a7c8e0e355c52c023fddc090fe9bb Author: Lucas De Marchi Date: Thu Aug 22 15:46:15 2024 -0700 drm/xe/lnl: Drop force_probe requirement Lunar Lake has been usable for a while in a desktop setup. Bugs are sporadically showing up in CI, but being promptly fixed. Nothing very concerning. All the uapi changes related to fundamental platform usage have been finalized. Remove the force_probe requirement and enable the platform by default. Cc: Thomas Hellström Cc: Rodrigo Vivi Cc: Jani Nikula Reviewed-by: Thomas Hellström Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240822224615.793540-1-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit dda898d7ffe85931f9cca6d702a51f33717c501e Author: Zhihao Cheng Date: Fri Aug 9 20:15:32 2024 +0800 ext4: dax: fix overflowing extents beyond inode size when partially writing The dax_iomap_rw() does two things in each iteration: map written blocks and copy user data to blocks. If the process is killed by user(See signal handling in dax_iomap_iter()), the copied data will be returned and added on inode size, which means that the length of written extents may exceed the inode size, then fsck will fail. An example is given as: dd if=/dev/urandom of=file bs=4M count=1 dax_iomap_rw iomap_iter // round 1 ext4_iomap_begin ext4_iomap_alloc // allocate 0~2M extents(written flag) dax_iomap_iter // copy 2M data iomap_iter // round 2 iomap_iter_advance iter->pos += iter->processed // iter->pos = 2M ext4_iomap_begin ext4_iomap_alloc // allocate 2~4M extents(written flag) dax_iomap_iter fatal_signal_pending done = iter->pos - iocb->ki_pos // done = 2M ext4_handle_inode_extension ext4_update_inode_size // inode size = 2M fsck reports: Inode 13, i_size is 2097152, should be 4194304. Fix? Fix the problem by truncating extents if the written length is smaller than expected. Fixes: 776722e85d3b ("ext4: DAX iomap write support") CC: stable@vger.kernel.org Link: https://bugzilla.kernel.org/show_bug.cgi?id=219136 Signed-off-by: Zhihao Cheng Reviewed-by: Jan Kara Reviewed-by: Zhihao Cheng Link: https://patch.msgid.link/20240809121532.2105494-1-chengzhihao@huaweicloud.com Signed-off-by: Theodore Ts'o commit d3476f3dad4ad68ae5f6b008ea6591d1520da5d8 Author: Jan Kara Date: Mon Aug 5 22:12:41 2024 +0200 ext4: don't set SB_RDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SB_RDONLY flag to stop all filesystem modifications. We knew this misses proper locking (sb->s_umount) and does not go through proper filesystem remount procedure but it has been the way this worked since early ext2 days and it was good enough for catastrophic situation damage mitigation. Recently, syzbot has found a way (see link) to trigger warnings in filesystem freezing because the code got confused by SB_RDONLY changing under its hands. Since these days we set EXT4_FLAGS_SHUTDOWN on the superblock which is enough to stop all filesystem modifications, modifying SB_RDONLY shouldn't be needed. So stop doing that. Link: https://lore.kernel.org/all/000000000000b90a8e061e21d12f@google.com Reported-by: Christian Brauner Signed-off-by: Jan Kara Reviewed-by: Christian Brauner Link: https://patch.msgid.link/20240805201241.27286-1-jack@suse.cz Signed-off-by: Theodore Ts'o commit d1bc560e9a9c78d0b2314692847fc8661e0aeb99 Author: Wojciech Gładysz Date: Thu Aug 1 16:38:27 2024 +0200 ext4: nested locking for xattr inode Add nested locking with I_MUTEX_XATTR subclass to avoid lockdep warning while handling xattr inode on file open syscall at ext4_xattr_inode_iget. Backtrace EXT4-fs (loop0): Ignoring removed oldalloc option ====================================================== WARNING: possible circular locking dependency detected 5.10.0-syzkaller #0 Not tainted ------------------------------------------------------ syz-executor543/2794 is trying to acquire lock: ffff8880215e1a48 (&ea_inode->i_rwsem#7/1){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:782 [inline] ffff8880215e1a48 (&ea_inode->i_rwsem#7/1){+.+.}-{3:3}, at: ext4_xattr_inode_iget+0x42a/0x5c0 fs/ext4/xattr.c:425 but task is already holding lock: ffff8880215e3278 (&ei->i_data_sem/3){++++}-{3:3}, at: ext4_setattr+0x136d/0x19c0 fs/ext4/inode.c:5559 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&ei->i_data_sem/3){++++}-{3:3}: lock_acquire+0x197/0x480 kernel/locking/lockdep.c:5566 down_write+0x93/0x180 kernel/locking/rwsem.c:1564 ext4_update_i_disksize fs/ext4/ext4.h:3267 [inline] ext4_xattr_inode_write fs/ext4/xattr.c:1390 [inline] ext4_xattr_inode_lookup_create fs/ext4/xattr.c:1538 [inline] ext4_xattr_set_entry+0x331a/0x3d80 fs/ext4/xattr.c:1662 ext4_xattr_ibody_set+0x124/0x390 fs/ext4/xattr.c:2228 ext4_xattr_set_handle+0xc27/0x14e0 fs/ext4/xattr.c:2385 ext4_xattr_set+0x219/0x390 fs/ext4/xattr.c:2498 ext4_xattr_user_set+0xc9/0xf0 fs/ext4/xattr_user.c:40 __vfs_setxattr+0x404/0x450 fs/xattr.c:177 __vfs_setxattr_noperm+0x11d/0x4f0 fs/xattr.c:208 __vfs_setxattr_locked+0x1f9/0x210 fs/xattr.c:266 vfs_setxattr+0x112/0x2c0 fs/xattr.c:283 setxattr+0x1db/0x3e0 fs/xattr.c:548 path_setxattr+0x15a/0x240 fs/xattr.c:567 __do_sys_setxattr fs/xattr.c:582 [inline] __se_sys_setxattr fs/xattr.c:578 [inline] __x64_sys_setxattr+0xc5/0xe0 fs/xattr.c:578 do_syscall_64+0x6d/0xa0 arch/x86/entry/common.c:62 entry_SYSCALL_64_after_hwframe+0x61/0xcb -> #0 (&ea_inode->i_rwsem#7/1){+.+.}-{3:3}: check_prev_add kernel/locking/lockdep.c:2988 [inline] check_prevs_add kernel/locking/lockdep.c:3113 [inline] validate_chain+0x1695/0x58f0 kernel/locking/lockdep.c:3729 __lock_acquire+0x12fd/0x20d0 kernel/locking/lockdep.c:4955 lock_acquire+0x197/0x480 kernel/locking/lockdep.c:5566 down_write+0x93/0x180 kernel/locking/rwsem.c:1564 inode_lock include/linux/fs.h:782 [inline] ext4_xattr_inode_iget+0x42a/0x5c0 fs/ext4/xattr.c:425 ext4_xattr_inode_get+0x138/0x410 fs/ext4/xattr.c:485 ext4_xattr_move_to_block fs/ext4/xattr.c:2580 [inline] ext4_xattr_make_inode_space fs/ext4/xattr.c:2682 [inline] ext4_expand_extra_isize_ea+0xe70/0x1bb0 fs/ext4/xattr.c:2774 __ext4_expand_extra_isize+0x304/0x3f0 fs/ext4/inode.c:5898 ext4_try_to_expand_extra_isize fs/ext4/inode.c:5941 [inline] __ext4_mark_inode_dirty+0x591/0x810 fs/ext4/inode.c:6018 ext4_setattr+0x1400/0x19c0 fs/ext4/inode.c:5562 notify_change+0xbb6/0xe60 fs/attr.c:435 do_truncate+0x1de/0x2c0 fs/open.c:64 handle_truncate fs/namei.c:2970 [inline] do_open fs/namei.c:3311 [inline] path_openat+0x29f3/0x3290 fs/namei.c:3425 do_filp_open+0x20b/0x450 fs/namei.c:3452 do_sys_openat2+0x124/0x460 fs/open.c:1207 do_sys_open fs/open.c:1223 [inline] __do_sys_open fs/open.c:1231 [inline] __se_sys_open fs/open.c:1227 [inline] __x64_sys_open+0x221/0x270 fs/open.c:1227 do_syscall_64+0x6d/0xa0 arch/x86/entry/common.c:62 entry_SYSCALL_64_after_hwframe+0x61/0xcb other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&ei->i_data_sem/3); lock(&ea_inode->i_rwsem#7/1); lock(&ei->i_data_sem/3); lock(&ea_inode->i_rwsem#7/1); *** DEADLOCK *** 5 locks held by syz-executor543/2794: #0: ffff888026fbc448 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x4a/0x2a0 fs/namespace.c:365 #1: ffff8880215e3488 (&sb->s_type->i_mutex_key#7){++++}-{3:3}, at: inode_lock include/linux/fs.h:782 [inline] #1: ffff8880215e3488 (&sb->s_type->i_mutex_key#7){++++}-{3:3}, at: do_truncate+0x1cf/0x2c0 fs/open.c:62 #2: ffff8880215e3310 (&ei->i_mmap_sem){++++}-{3:3}, at: ext4_setattr+0xec4/0x19c0 fs/ext4/inode.c:5519 #3: ffff8880215e3278 (&ei->i_data_sem/3){++++}-{3:3}, at: ext4_setattr+0x136d/0x19c0 fs/ext4/inode.c:5559 #4: ffff8880215e30c8 (&ei->xattr_sem){++++}-{3:3}, at: ext4_write_trylock_xattr fs/ext4/xattr.h:162 [inline] #4: ffff8880215e30c8 (&ei->xattr_sem){++++}-{3:3}, at: ext4_try_to_expand_extra_isize fs/ext4/inode.c:5938 [inline] #4: ffff8880215e30c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x4fb/0x810 fs/ext4/inode.c:6018 stack backtrace: CPU: 1 PID: 2794 Comm: syz-executor543 Not tainted 5.10.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x177/0x211 lib/dump_stack.c:118 print_circular_bug+0x146/0x1b0 kernel/locking/lockdep.c:2002 check_noncircular+0x2cc/0x390 kernel/locking/lockdep.c:2123 check_prev_add kernel/locking/lockdep.c:2988 [inline] check_prevs_add kernel/locking/lockdep.c:3113 [inline] validate_chain+0x1695/0x58f0 kernel/locking/lockdep.c:3729 __lock_acquire+0x12fd/0x20d0 kernel/locking/lockdep.c:4955 lock_acquire+0x197/0x480 kernel/locking/lockdep.c:5566 down_write+0x93/0x180 kernel/locking/rwsem.c:1564 inode_lock include/linux/fs.h:782 [inline] ext4_xattr_inode_iget+0x42a/0x5c0 fs/ext4/xattr.c:425 ext4_xattr_inode_get+0x138/0x410 fs/ext4/xattr.c:485 ext4_xattr_move_to_block fs/ext4/xattr.c:2580 [inline] ext4_xattr_make_inode_space fs/ext4/xattr.c:2682 [inline] ext4_expand_extra_isize_ea+0xe70/0x1bb0 fs/ext4/xattr.c:2774 __ext4_expand_extra_isize+0x304/0x3f0 fs/ext4/inode.c:5898 ext4_try_to_expand_extra_isize fs/ext4/inode.c:5941 [inline] __ext4_mark_inode_dirty+0x591/0x810 fs/ext4/inode.c:6018 ext4_setattr+0x1400/0x19c0 fs/ext4/inode.c:5562 notify_change+0xbb6/0xe60 fs/attr.c:435 do_truncate+0x1de/0x2c0 fs/open.c:64 handle_truncate fs/namei.c:2970 [inline] do_open fs/namei.c:3311 [inline] path_openat+0x29f3/0x3290 fs/namei.c:3425 do_filp_open+0x20b/0x450 fs/namei.c:3452 do_sys_openat2+0x124/0x460 fs/open.c:1207 do_sys_open fs/open.c:1223 [inline] __do_sys_open fs/open.c:1231 [inline] __se_sys_open fs/open.c:1227 [inline] __x64_sys_open+0x221/0x270 fs/open.c:1227 do_syscall_64+0x6d/0xa0 arch/x86/entry/common.c:62 entry_SYSCALL_64_after_hwframe+0x61/0xcb RIP: 0033:0x7f0cde4ea229 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffd81d1c978 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 0030656c69662f30 RCX: 00007f0cde4ea229 RDX: 0000000000000089 RSI: 00000000000a0a00 RDI: 00000000200001c0 RBP: 2f30656c69662f2e R08: 0000000000208000 R09: 0000000000208000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd81d1c9c0 R13: 00007ffd81d1ca00 R14: 0000000000080000 R15: 0000000000000003 EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2730: inode #13: comm syz-executor543: corrupted in-inode xattr Signed-off-by: Wojciech Gładysz Link: https://patch.msgid.link/20240801143827.19135-1-wojciech.gladysz@infogain.com Signed-off-by: Theodore Ts'o commit 6140ceb9b224fd178f405a7805d3fd82d2d02c39 Author: Kemeng Shi Date: Thu Aug 1 09:38:15 2024 +0800 jbd2: remove unneeded check of ret in jbd2_fc_get_buf Simply return -EINVAL if j_fc_off is invalid to avoid repeated check of ret. Signed-off-by: Kemeng Shi Reviewed-by: Jan Kara Reviewed-by: Zhang Yi Link: https://patch.msgid.link/20240801013815.2393869-9-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit 1862304b062acb15e05b4e51270dc92de4b7635b Author: Kemeng Shi Date: Thu Aug 1 09:38:14 2024 +0800 jbd2: correct comment jbd2_mark_journal_empty After jbd2_mark_journal_empty, journal log is supposed to be empty. Signed-off-by: Kemeng Shi Reviewed-by: Jan Kara Reviewed-by: Zhang Yi Link: https://patch.msgid.link/20240801013815.2393869-8-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit f47aa3ebe3f4ff5ca4b9abfdbb71d7b775bb0c44 Author: Kemeng Shi Date: Thu Aug 1 09:38:13 2024 +0800 jbd2: move escape handle to futher improve jbd2_journal_write_metadata_buffer Move escape handle to futher improve code readability and remove some repeat check. Signed-off-by: Kemeng Shi Reviewed-by: Jan Kara Reviewed-by: Zhang Yi Link: https://patch.msgid.link/20240801013815.2393869-7-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit 7c48e7d5a195fc918f9ab281390a5ba4b3e18022 Author: Kemeng Shi Date: Thu Aug 1 09:38:12 2024 +0800 jbd2: remove unneeded done_copy_out variable in jbd2_journal_write_metadata_buffer It's more intuitive to use jh_in->b_frozen_data directly instead of done_copy_out variable. Simply remove unneeded done_copy_out variable and use b_frozen_data instead. Signed-off-by: Kemeng Shi Reviewed-by: Zhang Yi Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240801013815.2393869-6-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit debbfd991f0116a8e88b77f08d231c57a1207dec Author: Kemeng Shi Date: Thu Aug 1 09:38:11 2024 +0800 jbd2: remove unneeded kmap for jh_in->b_frozen_data in jbd2_journal_write_metadata_buffer Remove kmap for page of b_frozen_data from jbd2_alloc() which always provides an address from the direct kernel mapping. Signed-off-by: Kemeng Shi Reviewed-by: Jan Kara Reviewed-by: Zhang Yi Link: https://patch.msgid.link/20240801013815.2393869-5-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit fa10db138d205362026daecc8ea65d4e339ade00 Author: Kemeng Shi Date: Thu Aug 1 09:38:10 2024 +0800 jbd2: remove unused return value of jbd2_fc_release_bufs Remove unused return value of jbd2_fc_release_bufs. Signed-off-by: Kemeng Shi Reviewed-by: Jan Kara Reviewed-by: Zhang Yi Link: https://patch.msgid.link/20240801013815.2393869-4-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit f2917bda8a5c97be41c34e7761863a724097cf91 Author: Kemeng Shi Date: Thu Aug 1 09:38:09 2024 +0800 jbd2: remove dead check in journal_alloc_journal_head We will alloc journal_head with __GFP_NOFAIL anyway, test for failure is pointless. Signed-off-by: Kemeng Shi Reviewed-by: Jan Kara Reviewed-by: Zhang Yi Link: https://patch.msgid.link/20240801013815.2393869-3-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit f0e3c14802515f60a47e6ef347ea59c2733402aa Author: Kemeng Shi Date: Thu Aug 1 09:38:08 2024 +0800 jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit Use tid_geq to compare tids to work over sequence number wraps. Signed-off-by: Kemeng Shi Reviewed-by: Jan Kara Reviewed-by: Zhang Yi Cc: stable@kernel.org Link: https://patch.msgid.link/20240801013815.2393869-2-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit 01cdf03b1378f2d860d4eb5951895a92002226a3 Author: Thorsten Blum Date: Wed Jul 31 00:02:02 2024 +0200 ext4: annotate struct ext4_xattr_inode_array with __counted_by() Add the __counted_by compiler attribute to the flexible array member inodes to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Remove the now obsolete comment on the count field. In ext4_expand_inode_array(), use struct_size() instead of offsetof() and remove the local variable count. Increment the count field before adding a new inode to the inodes array. Compile-tested only. Signed-off-by: Thorsten Blum Link: https://patch.msgid.link/20240730220200.410939-3-thorsten.blum@toblux.com Signed-off-by: Theodore Ts'o commit 736c24e62e7e1f5d00fb5b750bb7c13c56410d07 Author: Stefan Tauner Date: Sun Jul 28 02:34:33 2024 +0200 Documentation: ext4.rst: remove obsolete descriptions of noacl/nouser_xattr options These have been deprecated for a decade[1] and removed two years ago[2]. 1: f70486055ee351158bd6999f3965ad378b52c694 2: 2d544ec923dbe5fbed64a7f43dccf527218380bc Signed-off-by: Stefan Tauner Link: https://patch.msgid.link/20240728003433.2566649-1-stefan.tauner@gmx.at Signed-off-by: Theodore Ts'o commit ebc4b2c1ac92fc0f8bf3f5a9c285a871d5084a6b Author: Luis Henriques (SUSE) Date: Wed Jul 24 17:11:18 2024 +0100 ext4: fix incorrect tid assumption in ext4_fc_mark_ineligible() Function jbd2_journal_shrink_checkpoint_list() assumes that '0' is not a valid value for transaction IDs, which is incorrect. Furthermore, the sbi->s_fc_ineligible_tid handling also makes the same assumption by being initialised to '0'. Fortunately, the sb flag EXT4_MF_FC_INELIGIBLE can be used to check whether sbi->s_fc_ineligible_tid has been previously set instead of comparing it with '0'. Signed-off-by: Luis Henriques (SUSE) Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240724161119.13448-5-luis.henriques@linux.dev Signed-off-by: Theodore Ts'o Cc: stable@kernel.org commit 7a6443e1dad70281f99f0bd394d7fd342481a632 Author: Luis Henriques (SUSE) Date: Wed Jul 24 17:11:17 2024 +0100 ext4: fix incorrect tid assumption in jbd2_journal_shrink_checkpoint_list() Function jbd2_journal_shrink_checkpoint_list() assumes that '0' is not a valid value for transaction IDs, which is incorrect. Don't assume that and use two extra boolean variables to control the loop iterations and keep track of the first and last tid. Signed-off-by: Luis Henriques (SUSE) Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240724161119.13448-4-luis.henriques@linux.dev Signed-off-by: Theodore Ts'o Cc: stable@kernel.org commit 972090651ee15e51abfb2160e986fa050cfc7a40 Author: Luis Henriques (SUSE) Date: Wed Jul 24 17:11:16 2024 +0100 ext4: fix incorrect tid assumption in __jbd2_log_wait_for_space() Function __jbd2_log_wait_for_space() assumes that '0' is not a valid value for transaction IDs, which is incorrect. Don't assume that and invoke jbd2_log_wait_commit() if the journal had a committing transaction instead. Signed-off-by: Luis Henriques (SUSE) Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240724161119.13448-3-luis.henriques@linux.dev Signed-off-by: Theodore Ts'o Cc: stable@kernel.org commit dd589b0f1445e1ea1085b98edca6e4d5dedb98d0 Author: Luis Henriques (SUSE) Date: Wed Jul 24 17:11:15 2024 +0100 ext4: fix incorrect tid assumption in ext4_wait_for_tail_page_commit() Function ext4_wait_for_tail_page_commit() assumes that '0' is not a valid value for transaction IDs, which is incorrect. Don't assume that and invoke jbd2_log_wait_commit() if the journal had a committing transaction instead. Signed-off-by: Luis Henriques (SUSE) Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240724161119.13448-2-luis.henriques@linux.dev Signed-off-by: Theodore Ts'o Cc: stable@kernel.org commit b4c322c2783aedd652183bcec6d545ad45eba6d9 Author: Potin Lai Date: Fri Aug 23 14:41:11 2024 +0800 ARM: dts: aspeed: catalina: Update io expander line names io_expander7 - P1-5: MCU_GPIO - P1-6: MCU_RST_N - P1-7: MCU_RECOVERY_N io_expander8 - P1-5: SEC_MCU_GPIO - P1-6: SEC_MCU_RST_N - P1-7: SEC_MCU_RECOVERY_N Signed-off-by: Potin Lai Link: https://lore.kernel.org/r/20240823-catalina-ioexp-update-v1-2-4bfd8dad819c@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 0bba315e04d24b4a2abc4b678e4e1de5b286a062 Author: Potin Lai Date: Fri Aug 23 14:41:10 2024 +0800 ARM: dts: aspeed: catalina: Add pdb cpld io expander Add more IO expanders which are emulated by the PDB CPLD. Signed-off-by: Potin Lai Link: https://lore.kernel.org/r/20240823-catalina-ioexp-update-v1-1-4bfd8dad819c@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit fef63150940c2aaa50721dde33d48f00ab510591 Author: Zong-Zhe Yang Date: Mon Aug 19 17:17:24 2024 +0800 wifi: rtw89: introduce chip support link number and driver MLO capability Configure supported link number by chip. And, introduce driver capability flag for MLO. Driver should depend on runtime FW features and chip info to determine whether to set the MLO capability flag or not. Once the MLO flag is set, driver will consider/register/initialize things for MLO usages. However, we just add the driver MLO capability flag ahead and don't really set it. Then, we can start to tweak driver architecture for MLO. Some code should depend on this flag. And after tweaking driver architecture is done, we will set it based on runtime conditions as mentioned above. Besides, MLD number supported by HW should be chip supported mac_id number / chip supported link number Without driver MLO capability flag, we allocate stations based on supported mac_id number. With driver MLO capability flag, we allocate stations based on supported MLD number. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240819091724.33730-9-pkshih@realtek.com commit d03b3d7493f5a3908c86bac443631e144e4ffb7d Author: Zong-Zhe Yang Date: Mon Aug 19 17:17:23 2024 +0800 wifi: rtw89: rename roc_entity_idx to roc_chanctx_idx The target enum has been renamed to rtw89_"chanctx"_idx. So for readability, rename roc_entity_idx to roc_"chanctx"_idx to align. No logic is changed. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240819091724.33730-8-pkshih@realtek.com commit abc1296768977f2478a1a686e8b20c2a97c58065 Author: Zong-Zhe Yang Date: Mon Aug 19 17:17:22 2024 +0800 wifi: rtw89: 8922a: use right chanctx whenever possible in RFK flow No longer access chan with hard-code RTW89_CHANCTX_X whenever possible. Instead, obtain the right chanctx from somewhere and use it in RTL8922A RFK (RF calibration) related code. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240819091724.33730-7-pkshih@realtek.com commit 395bd59c95fdcc6a3305d5ac3132f029ad61ca98 Author: Zong-Zhe Yang Date: Mon Aug 19 17:17:21 2024 +0800 wifi: rtw89: 8852c: use right chanctx whenever possible in RFK flow No longer access chan with hard-code RTW89_CHANCTX_X whenever possible. Instead, obtain the right chanctx from somewhere and use it in RTL8852C RFK (RF calibration) related code. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240819091724.33730-6-pkshih@realtek.com commit 50b3da25abc6a40c8766125c47d00990765b6555 Author: Zong-Zhe Yang Date: Mon Aug 19 17:17:20 2024 +0800 wifi: rtw89: 8852bx: use right chanctx whenever possible in RFK flow No longer access chan with hard-code RTW89_CHANCTX_X whenever possible. Instead, obtain the right chanctx from somewhere and use it in RTL8852BX RFK (RF calibration) related code. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240819091724.33730-5-pkshih@realtek.com commit fcad7da7d3fc3dd3559c2db46c0fa6ad35097032 Author: Zong-Zhe Yang Date: Mon Aug 19 17:17:19 2024 +0800 wifi: rtw89: 8852a: use right chanctx whenever possible in RFK flow No longer access chan with hard-code RTW89_CHANCTX_X whenever possible. Instead, obtain the right chanctx from somewhere and use it in RTL8852A RFK (RF calibration) related code. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240819091724.33730-4-pkshih@realtek.com commit e3a2f20991feecd8ccfefcfcdb62339e6c6bb903 Author: Zong-Zhe Yang Date: Mon Aug 19 17:17:18 2024 +0800 wifi: rtw89: 8851b: use right chanctx whenever possible in RFK flow No longer access chan with hard-code RTW89_CHANCTX_X whenever possible. Instead, obtain the right chanctx from somewhere and use it in RTL8851B RFK (RF calibration) related code. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240819091724.33730-3-pkshih@realtek.com commit 7c31f102030f938a24ec7ebd321fcf5953718935 Author: Zong-Zhe Yang Date: Mon Aug 19 17:17:17 2024 +0800 wifi: rtw89: pass chan to rfk_band_changed() Originally, all chips have implemented rfk_band_changed() and access chan with hard-code RTW89_CHANCTX_0 in it. But, it's problematic when the chip supports multiple channels. So, change the prototype of rfk_band_changed() and pass chan ahead. And, we will refine the implementation of each chip in the following. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240819091724.33730-2-pkshih@realtek.com commit 7e8fb2eda9885ea2d13179a4c0bbf810f900ef25 Author: Randy Dunlap Date: Mon Jul 22 22:16:47 2024 -0700 jbd2: fix kernel-doc for j_transaction_overhead_buffers Use the correct struct member name in the kernel-doc notation to prevent a kernel-doc build warning. include/linux/jbd2.h:1303: warning: Function parameter or struct member 'j_transaction_overhead_buffers' not described in 'journal_s' include/linux/jbd2.h:1303: warning: Excess struct member 'j_transaction_overhead' description in 'journal_s' Fixes: e3a00a23781c ("jbd2: precompute number of transaction descriptor blocks") Reported-by: Stephen Rothwell Closes: https://lore.kernel.org/linux-next/20240710182252.4c281445@canb.auug.org.au/ Signed-off-by: Randy Dunlap Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240723051647.3053491-1-rdunlap@infradead.org Signed-off-by: Theodore Ts'o commit d0cb324c478044760d0da34586a45fcbc1476485 Merge: 2c163922de6998 87abc5666ab753 Author: Jakub Kicinski Date: Mon Aug 26 19:21:15 2024 -0700 Merge branch 'add-embedded-sync-feature-for-a-dpll-s-pin' Arkadiusz Kubalewski says: ==================== Add Embedded SYNC feature for a dpll's pin Introduce and allow DPLL subsystem users to get/set capabilities of Embedded SYNC on a dpll's pin. Signed-off-by: Arkadiusz Kubalewski ==================== Link: https://patch.msgid.link/20240822222513.255179-1-arkadiusz.kubalewski@intel.com Signed-off-by: Jakub Kicinski commit 87abc5666ab753e8c31a2d39df3b5233f4e47b43 Author: Arkadiusz Kubalewski Date: Fri Aug 23 00:25:13 2024 +0200 ice: add callbacks for Embedded SYNC enablement on dpll pins Allow the user to get and set configuration of Embedded SYNC feature on the ice driver dpll pins. Reviewed-by: Aleksandr Loktionov Signed-off-by: Arkadiusz Kubalewski Reviewed-by: Jiri Pirko Link: https://patch.msgid.link/20240822222513.255179-3-arkadiusz.kubalewski@intel.com Signed-off-by: Jakub Kicinski commit cda1fba15cb2282b3c364805c9767698f11c3b0e Author: Arkadiusz Kubalewski Date: Fri Aug 23 00:25:12 2024 +0200 dpll: add Embedded SYNC feature for a pin Implement and document new pin attributes for providing Embedded SYNC capabilities to the DPLL subsystem users through a netlink pin-get do/dump messages. Allow the user to set Embedded SYNC frequency with pin-set do netlink message. Reviewed-by: Aleksandr Loktionov Signed-off-by: Arkadiusz Kubalewski Reviewed-by: Jiri Pirko Link: https://patch.msgid.link/20240822222513.255179-2-arkadiusz.kubalewski@intel.com Signed-off-by: Jakub Kicinski commit 3e3a693551c3e9b45575e94ca2d1d670a47b3fcc Author: Matthew Wilcox (Oracle) Date: Thu Jul 18 23:30:02 2024 +0100 ext4: tidy the BH loop in mext_page_mkuptodate() This for loop is somewhat hard to read; turn it into a normal BH do-while loop. Signed-off-by: Matthew Wilcox (Oracle) Link: https://patch.msgid.link/20240718223005.568869-4-willy@infradead.org Signed-off-by: Theodore Ts'o commit a40759fb16ae839f8c769174fde017564ea564ff Author: Matthew Wilcox (Oracle) Date: Thu Jul 18 23:30:01 2024 +0100 ext4: remove array of buffer_heads from mext_page_mkuptodate() Iterate the folio's list of buffer_heads twice instead of keeping an array of pointers. This solves a too-large-array-for-stack problem on architectures with a ridiculoously large PAGE_SIZE and prepares ext4 to support larger folios. Signed-off-by: Matthew Wilcox (Oracle) Link: https://patch.msgid.link/20240718223005.568869-3-willy@infradead.org Signed-off-by: Theodore Ts'o commit 368a83cebbb949adbcc20877c35367178497d9cc Author: Matthew Wilcox (Oracle) Date: Thu Jul 18 23:30:00 2024 +0100 ext4: pipeline buffer reads in mext_page_mkuptodate() Instead of synchronously reading one buffer at a time, submit reads as we walk the buffers in the first loop, then wait for them in the second loop. This should be significantly more efficient, particularly on HDDs, but I have not measured. Signed-off-by: Matthew Wilcox (Oracle) Link: https://patch.msgid.link/20240718223005.568869-2-willy@infradead.org Signed-off-by: Theodore Ts'o commit e37c9e173bff50a2d57dfecdd694457c00ce5a8c Author: Matthew Wilcox (Oracle) Date: Thu Jul 18 23:29:59 2024 +0100 ext4: reduce stack usage in ext4_mpage_readpages() This function is very similar to do_mpage_readpage() and a similar approach to that taken in commit 12ac5a65cb56 will work. As in do_mpage_readpage(), we only use this array for checking block contiguity and we can do that more efficiently with a little arithmetic. Signed-off-by: Matthew Wilcox (Oracle) Link: https://patch.msgid.link/20240718223005.568869-1-willy@infradead.org Signed-off-by: Theodore Ts'o commit f5cacdc6f2bb2a9bf214469dd7112b43dd2dd68a Author: Baokun Li Date: Thu Jul 18 19:53:36 2024 +0800 jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error In __jbd2_log_wait_for_space(), we might call jbd2_cleanup_journal_tail() to recover some journal space. But if an error occurs while executing jbd2_cleanup_journal_tail() (e.g., an EIO), we don't stop waiting for free space right away, we try other branches, and if j_committing_transaction is NULL (i.e., the tid is 0), we will get the following complain: ============================================ JBD2: I/O error when updating journal superblock for sdd-8. __jbd2_log_wait_for_space: needed 256 blocks and only had 217 space available __jbd2_log_wait_for_space: no way to get more journal space in sdd-8 ------------[ cut here ]------------ WARNING: CPU: 2 PID: 139804 at fs/jbd2/checkpoint.c:109 __jbd2_log_wait_for_space+0x251/0x2e0 Modules linked in: CPU: 2 PID: 139804 Comm: kworker/u8:3 Not tainted 6.6.0+ #1 RIP: 0010:__jbd2_log_wait_for_space+0x251/0x2e0 Call Trace: add_transaction_credits+0x5d1/0x5e0 start_this_handle+0x1ef/0x6a0 jbd2__journal_start+0x18b/0x340 ext4_dirty_inode+0x5d/0xb0 __mark_inode_dirty+0xe4/0x5d0 generic_update_time+0x60/0x70 [...] ============================================ So only if jbd2_cleanup_journal_tail() returns 1, i.e., there is nothing to clean up at the moment, continue to try to reclaim free space in other ways. Note that this fix relies on commit 6f6a6fda2945 ("jbd2: fix ocfs2 corrupt when updating journal superblock fails") to make jbd2_cleanup_journal_tail return the correct error code. Fixes: 8c3f25d8950c ("jbd2: don't give up looking for space so easily in __jbd2_log_wait_for_space") Cc: stable@kernel.org Signed-off-by: Baokun Li Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240718115336.2554501-1-libaokun@huaweicloud.com Signed-off-by: Theodore Ts'o commit 23dfdb56581ad92a9967bcd720c8c23356af74c1 Author: Luis Henriques (SUSE) Date: Thu Jul 18 10:43:56 2024 +0100 ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with fast-commit feature enabled: INFO: trying to register non-static key. The code is fine but needs lockdep annotation, or maybe you didn't initialize this object before use? turning off the locking correctness validator. CPU: 0 PID: 866 Comm: mount Not tainted 6.10.0+ #11 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x66/0x90 register_lock_class+0x759/0x7d0 __lock_acquire+0x85/0x2630 ? __find_get_block+0xb4/0x380 lock_acquire+0xd1/0x2d0 ? __ext4_journal_get_write_access+0xd5/0x160 _raw_spin_lock+0x33/0x40 ? __ext4_journal_get_write_access+0xd5/0x160 __ext4_journal_get_write_access+0xd5/0x160 ext4_reserve_inode_write+0x61/0xb0 __ext4_mark_inode_dirty+0x79/0x270 ? ext4_ext_replay_set_iblocks+0x2f8/0x450 ext4_ext_replay_set_iblocks+0x330/0x450 ext4_fc_replay+0x14c8/0x1540 ? jread+0x88/0x2e0 ? rcu_is_watching+0x11/0x40 do_one_pass+0x447/0xd00 jbd2_journal_recover+0x139/0x1b0 jbd2_journal_load+0x96/0x390 ext4_load_and_init_journal+0x253/0xd40 ext4_fill_super+0x2cc6/0x3180 ... In the replay path there's an attempt to lock sbi->s_bdev_wb_lock in function ext4_check_bdev_write_error(). Unfortunately, at this point this spinlock has not been initialized yet. Moving it's initialization to an earlier point in __ext4_fill_super() fixes this splat. Signed-off-by: Luis Henriques (SUSE) Link: https://patch.msgid.link/20240718094356.7863-1-luis.henriques@linux.dev Signed-off-by: Theodore Ts'o Cc: stable@kernel.org commit 6db3c1575a750fd417a70e0178bdf6efa0dd5037 Author: Luis Henriques (SUSE) Date: Wed Jul 17 18:22:20 2024 +0100 ext4: fix fast commit inode enqueueing during a full journal commit When a full journal commit is on-going, any fast commit has to be enqueued into a different queue: FC_Q_STAGING instead of FC_Q_MAIN. This enqueueing is done only once, i.e. if an inode is already queued in a previous fast commit entry it won't be enqueued again. However, if a full commit starts _after_ the inode is enqueued into FC_Q_MAIN, the next fast commit needs to be done into FC_Q_STAGING. And this is not being done in function ext4_fc_track_template(). This patch fixes the issue by re-enqueuing an inode into the STAGING queue during the fast commit clean-up callback when doing a full commit. However, to prevent a race with a fast-commit, the clean-up callback has to be called with the journal locked. This bug was found using fstest generic/047. This test creates several 32k bytes files, sync'ing each of them after it's creation, and then shutting down the filesystem. Some data may be loss in this operation; for example a file may have it's size truncated to zero. Suggested-by: Jan Kara Signed-off-by: Luis Henriques (SUSE) Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240717172220.14201-1-luis.henriques@linux.dev Signed-off-by: Theodore Ts'o Cc: stable@kernel.org commit 0ce160c5bdb67081a62293028dc85758a8efb22a Author: Xiaxi Shen Date: Sun Jul 14 21:33:36 2024 -0700 ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4_fill_super The del_timer_sync function cancels the s_err_report timer, which reminds about filesystem errors daily. We should guarantee the timer is no longer active before kfree(sbi). When filesystem mounting fails, the flow goes to failed_mount3, where an error occurs when ext4_stop_mmpd is called, causing a read I/O failure. This triggers the ext4_handle_error function that ultimately re-arms the timer, leaving the s_err_report timer active before kfree(sbi) is called. Fix the issue by canceling the s_err_report timer after calling ext4_stop_mmpd. Signed-off-by: Xiaxi Shen Reported-and-tested-by: syzbot+59e0101c430934bc9a36@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=59e0101c430934bc9a36 Link: https://patch.msgid.link/20240715043336.98097-1-shenxiaxi26@gmail.com Signed-off-by: Theodore Ts'o Cc: stable@kernel.org commit bd8daa7717d94752ecd4a60b67a928d7159c2825 Author: Markus Elfring Date: Sat Jul 13 17:10:24 2024 +0200 ext4: use seq_putc() in two functions Single characters (line breaks) should be put into a sequence. Thus use the corresponding function “seq_putc”. This issue was transformed by using the Coccinelle software. Signed-off-by: Markus Elfring Link: https://patch.msgid.link/076974ab-4da3-4176-89dc-0514e020c276@web.de Signed-off-by: Theodore Ts'o commit 1a00a393d6a7fb1e745a41edd09019bd6a0ad64c Author: Edward Adam Davis Date: Mon Jul 1 22:25:03 2024 +0800 ext4: no need to continue when the number of entries is 1 Fixes: ac27a0ec112a ("[PATCH] ext4: initial copy of files from ext3") Reported-by: syzbot+ae688d469e36fb5138d0@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=ae688d469e36fb5138d0 Signed-off-by: Edward Adam Davis Reported-and-tested-by: syzbot+ae688d469e36fb5138d0@syzkaller.appspotmail.com Link: https://patch.msgid.link/tencent_BE7AEE6C7C2D216CB8949CE8E6EE7ECC2C0A@qq.com Signed-off-by: Theodore Ts'o Cc: stable@kernel.org commit 70dd7b573afeba9b8f8a33f2ae1e4a9a2ec8c1ec Author: yao.ly Date: Mon Jul 1 14:43:39 2024 +0800 ext4: correct encrypted dentry name hash when not casefolded EXT4_DIRENT_HASH and EXT4_DIRENT_MINOR_HASH will access struct ext4_dir_entry_hash followed ext4_dir_entry. But there is no ext4_dir_entry_hash followed when inode is encrypted and not casefolded Signed-off-by: yao.ly Link: https://patch.msgid.link/1719816219-128287-1-git-send-email-yao.ly@linux.alibaba.com Signed-off-by: Theodore Ts'o Cc: stable@kernel.org commit d6bd12e80bf94b055def6ff708e76f836b4b17ad Author: Tetsuo Handa Date: Sun Aug 25 23:05:04 2024 +0900 lsm: remove LSM_COUNT and LSM_CONFIG_COUNT Because these are equals to MAX_LSM_COUNT. Also, we can avoid dynamic memory allocation for ordered_lsms because MAX_LSM_COUNT is a constant. Signed-off-by: Tetsuo Handa Signed-off-by: Paul Moore commit 13acf2b74803a9a9ab3475c306d5814cf3cefbd8 Author: Gaosheng Cui Date: Mon Aug 26 14:32:42 2024 +0800 ata: libata: Remove obsolete function declarations The function ata_schedule_scsi_eh() was removed with commit f8bbfc247efb ("[PATCH] SCSI: make scsi_implement_eh() generic API for SCSI transports"), and the function ata_sff_irq_clear() was removed with commit 37f65b8bc262("libata-sff: ata_sff_irq_clear() is BMDMA specific"). Remove the now useless declarations of these functions in drivers/ata/libata.h and include/linux/libata.h. Signed-off-by: Gaosheng Cui Signed-off-by: Damien Le Moal commit f92a24ae7c953263600fc7ea3f0594676ea82138 Author: Dr. David Alan Gilbert Date: Thu Jul 25 19:00:41 2024 +0100 Documentation/fs/9p: Expand goo.gl link The goo.gl URL shortener is deprecated and is due to stop expanding existing links in 2025. The old goo.gl link in the 9p docs doesn't work anyway, replace it by a kernel.org link suggested by Randy instead. Signed-off-by: Dr. David Alan Gilbert Acked-by: Randy Dunlap Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240725180041.80862-1-linux@treblig.org commit 2571bb9d553ba2b8db1971bd3c903bff07d0bb11 Author: Stephen Smalley Date: Mon Aug 26 08:47:09 2024 -0400 selinux: annotate false positive data race to avoid KCSAN warnings KCSAN flags the check of isec->initialized by __inode_security_revalidate() as a data race. This is indeed a racy check, but inode_doinit_with_dentry() will recheck with isec->lock held. Annotate the check with the data_race() macro to silence the KCSAN false positive. Reported-by: syzbot+319ed1769c0078257262@syzkaller.appspotmail.com Signed-off-by: Stephen Smalley Signed-off-by: Paul Moore commit 227f6cf96948efe965c2f2c9d940eb6a226cd39c Author: SeongJae Park Date: Sun Aug 25 18:09:48 2024 -0700 Docs/translations/ko_KR: link memory-barriers wrapper with other language versions The menu for documents of other available languages is created for documents in same file hierarchy under the translations/ directory. Because memory-barriers.txt of Korean translation is at the root index of translations/ directory while that for English is on core-api/wrappers/memory-barriers.rst, the Korean translation is not linked with other available language versions via the menu. Move the document under the same directory hierarchy to make it linked with other language versions. Signed-off-by: SeongJae Park Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240826010949.78305-2-sj@kernel.org commit ee27a49c0fe97b5e696b004b36e1ed756d3f8dc5 Author: SeongJae Park Date: Sun Aug 25 18:09:47 2024 -0700 Docs/translations/ko_KR: link howto.rst with other language versions The menu for documents of other available languages is created for documents in same file hierarchy under the translations/ directory. Because howto.rst of Korean translation is at the root of translations/ directory while that for English is under howto/ directory, the Korean translation is not linked with other available language versions via the menu. Move the document under the same hierarchy to make it be linked with other langauge versions. Signed-off-by: SeongJae Park Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240826010949.78305-1-sj@kernel.org commit 54f90b03335916e21c417a31d0926841f7d97c56 Author: John Harrison Date: Thu Aug 8 17:06:46 2024 -0700 drm/i915/guc: Fix missing enable of Wa_14019159160 on ARL The previous update to enable the workaround on ARL only changed two out of three places where the w/a needs to be enabled. That meant the GuC side was operational but not the KMD side. And as the KMD side is the trigger, it meant the w/a was not actually active. So fix that. Fixes: 104bcfae57d8 ("drm/i915/arl: Enable Wa_14019159160 for ARL") Cc: John Harrison Cc: Vinay Belgaumkar Cc: Daniele Ceraolo Spurio Cc: Andi Shyti Cc: Lucas De Marchi Cc: Rodrigo Vivi Cc: Matt Roper Cc: Jonathan Cavitt Cc: Nirmoy Das Cc: Shuicheng Lin Signed-off-by: John Harrison Reviewed-by: Nirmoy Das Reviewed-by: Andi Shyti Link: https://patchwork.freedesktop.org/patch/msgid/20240809000646.1747507-1-John.C.Harrison@Intel.com commit 2c163922de69983e6ccedeb5c00dec85b6a17283 Author: Xi Huang Date: Thu Aug 22 15:20:42 2024 +0800 net: dpaa: reduce number of synchronize_net() calls In the function dpaa_napi_del(), we execute the netif_napi_del() for each cpu, which is actually a high overhead operation because each call to netif_napi_del() contains a synchronize_net(), i.e. an RCU operation. In fact, it is only necessary to call __netif_napi_del and use synchronize_net() once outside of the loop. This change is similar to commit 2543a6000e593a ("gro_cells: reduce number of synchronize_net() calls") and commit 5198d545dba8ad (" net: remove napi_hash_del() from driver-facing API") 5198d545db. Signed-off-by: Xi Huang Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240822072042.42750-1-xuiagnh@gmail.com Signed-off-by: Jakub Kicinski commit 3232216228411d2a594d297b4fdaa67f254a0be2 Author: Thorsten Scherer Date: Mon Aug 5 14:03:47 2024 +0200 doc: iio: Fix sysfs paths Add missing 'devices' folder in the /sys/bus/iio path. Signed-off-by: Thorsten Scherer Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240805120357.21135-1-t.scherer@eckelmann.de commit cd0403adeaf78b4506403cf75317cc4d97ba8b5e Author: Jani Nikula Date: Thu Aug 15 14:34:50 2024 +0300 Documentation: admin-guide: direct people to bug trackers, if specified Update bug reporting info in bug-hunting.rst to direct people to driver/subsystem bug trackers, if explicitly specified with the MAINTAINERS "B:" entry. Use the new get_maintainer.pl --bug option to print the info. Cc: Joe Perches Cc: Jonathan Corbet Signed-off-by: Jani Nikula Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240815113450.3397499-2-jani.nikula@intel.com commit 033964f13ef2aec1c0ae090755935055c11aaef7 Author: Jani Nikula Date: Thu Aug 15 14:34:49 2024 +0300 get_maintainer: add --bug option to print bug reporting info For example Documentation/adming-guide/bug-hunting.rst suggest using get_maintainer.pl to get a list of maintainers and mailing lists to report bugs to, while a number of subsystems and drivers explicitly use the "B:" MAINTAINERS entry to direct bug reports at issue trackers instead of mailing lists and people. Add the --bug option to get_maintainer.pl to print the bug reporting URIs, if any. Cc: Joe Perches Cc: Jonathan Corbet Signed-off-by: Jani Nikula Acked-by: Joe Perches Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240815113450.3397499-1-jani.nikula@intel.com commit 89683b45f15ca5e0064d6dc1c1bfaa8aacc208f5 Author: Eric Dumazet Date: Fri Aug 23 14:00:19 2024 +0000 ipv6: avoid indirect calls for SOL_IP socket options ipv6_setsockopt() can directly call ip_setsockopt() instead of going through udp_prot.setsockopt() ipv6_getsockopt() can directly call ip_getsockopt() instead of going through udp_prot.getsockopt() These indirections predate git history, not sure why they were there. Signed-off-by: Eric Dumazet Link: https://patch.msgid.link/20240823140019.3727643-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit 748c3404c8cd3e019df4d1cce9582176c541fb3a Author: Haoyang Liu Date: Sun Aug 18 01:51:51 2024 +0800 docs/zh_CN: Add dev-tools/kcsan Chinese translation Translate dev-tools/kcsan commit 31f605a308e6 ("kcsan, compiler_types: Introduce __data_racy type qualifier") into Chinese and add it in dev-tools/zh_CN/index.rst Signed-off-by: Haoyang Liu Reviewed-by: Yanteng Si Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240817175151.164923-1-tttturtleruss@hust.edu.cn commit 0a6339ff3906881a0bb13c9c96bc3785cc89af56 Author: Gianfranco Trad Date: Mon Aug 19 13:06:41 2024 +0200 Fix typo "allocateed" to allocated Fix minor typo in the fault-injection documentation, where the word allocated was misspelled as "allocateed". Signed-off-by: Gianfranco Trad Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240819110641.1931-1-gianf.trad@gmail.com commit cbbdb6c625f6415c30f5dbc9305f1d2d5b79b02f Author: Thorsten Leemhuis Date: Thu Aug 22 09:35:33 2024 +0200 docs: bug-bisect: rewrite to better match the other bisecting text Rewrite the short document on bisecting kernel bugs. The new text improves .config handling, brings a mention of 'git bisect skip', and explains what to do after the bisection finished -- including trying a revert to verify the result. The rewrite at the same time removes the unrelated and outdated section on 'Devices not appearing' and replaces some sentences about bug reporting with a pointer to the document covering that topic in detail. This overall brings the approach close to the one in the recently added text Documentation/admin-guide/verify-bugs-and-bisect-regressions.rst. As those two texts serve a similar purpose for different audiences, mention that document in the head of this one and outline when the other might be the better one to follow. Signed-off-by: Thorsten Leemhuis Reviewed-by: Petr Tesarik Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/74dc0137dcc3e2c05648e885a7bc31ffd39a0890.1724312119.git.linux@leemhuis.info commit a4931bb8b066f66786182e6d8fd5fc27f4120f71 Author: Ming Lei Date: Fri Aug 23 21:43:39 2024 +0800 Documentation: add ublk driver ioctl numbers ublk driver takes the following ioctl numbers: 'u' 00-2F linux/ublk_cmd.h So document it in ioctl-number.rst Signed-off-by: Ming Lei Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240823134339.1496916-1-ming.lei@redhat.com commit 6ffc34cefc43f2018971b1905f23314ec0b73220 Author: Sergio González Collado Date: Sat Aug 24 11:54:02 2024 +0200 docs/sp_Sp: Add translation to spanish of the documentation related to EEVDF Translate Documentation/scheduler/sched-eevdf.rst to Spanish. Signed-off-by: Sergio González Collado Reviewed-by: Carlos Bilbao [jc: fixed build warning] Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240824095402.7706-1-sergio.collado@gmail.com commit 14ac4cac4ddb7e0097d5fa190371480fcb2efa5b Author: Aryabhatta Dey Date: Sun Aug 25 09:20:39 2024 +0530 docs: leds: fix typo in Documentation/leds/leds-mlxcpld.rst Change 'cylce' to 'cycle'. Signed-off-by: Aryabhatta Dey Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/5nib2kj6uh7lkafrmmwcjpeyvs7megdfmseftkjws2wcuztoyc@yhidnl4ilbok commit 6e56774c17d88524fabfa8a3aef1881abb57d874 Author: Aryabhatta Dey Date: Sun Aug 25 17:03:40 2024 +0530 docs: process: fix typos in Documentation/process/backporting.rst Change 'submiting' to 'submitting', 'famliar' to 'familiar' and 'appared' to 'appeared'. Signed-off-by: Aryabhatta Dey Reviewed-by: Vegard Nossum Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/rd2vu7z2t23ppafto4zxc6jge5mj7w7xnpmwywaa2e3eiojgf2@poicxprsdoks commit 9ceebd7a264798a792a3cf515f4c331704d4c5fb Author: Hongbo Li Date: Fri Aug 23 15:04:53 2024 +0800 net/ipv4: fix macro definition sk_for_each_bound_bhash The macro sk_for_each_bound_bhash accepts a parameter __sk, but it was not used, rather the sk2 is directly used, so we replace the sk2 with __sk in macro. Signed-off-by: Hongbo Li Link: https://patch.msgid.link/20240823070453.3327832-1-lihongbo22@huawei.com Signed-off-by: Jakub Kicinski commit 1bf8012fc6997f2117f6919369cde16659db60e0 Author: Wen Yang Date: Mon Aug 19 22:59:45 2024 +0800 pstore: replace spinlock_t by raw_spinlock_t pstore_dump() is called when both preemption and local IRQ are disabled, and a spinlock is obtained, which is problematic for the RT kernel because in this configuration, spinlocks are sleep locks. Replace the spinlock_t with raw_spinlock_t to avoid sleeping in atomic context. Signed-off-by: Wen Yang Cc: Kees Cook Cc: Tony Luck Cc: Guilherme G. Piccoli Cc: linux-hardening@vger.kernel.org Cc: linux-kernel@vger.kernel.org Link: https://lore.kernel.org/r/20240819145945.61274-1-wen.yang@linux.dev Signed-off-by: Kees Cook commit 0d9e5df4a257afc3a471a82961ace9a22b88295a Author: Jason Xing Date: Fri Aug 23 08:11:52 2024 +0800 tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process We found that one close-wait socket was reset by the other side due to a new connection reusing the same port which is beyond our expectation, so we have to investigate the underlying reason. The following experiment is conducted in the test environment. We limit the port range from 40000 to 40010 and delay the time to close() after receiving a fin from the active close side, which can help us easily reproduce like what happened in production. Here are three connections captured by tcpdump: 127.0.0.1.40002 > 127.0.0.1.9999: Flags [S], seq 2965525191 127.0.0.1.9999 > 127.0.0.1.40002: Flags [S.], seq 2769915070 127.0.0.1.40002 > 127.0.0.1.9999: Flags [.], ack 1 127.0.0.1.40002 > 127.0.0.1.9999: Flags [F.], seq 1, ack 1 // a few seconds later, within 60 seconds 127.0.0.1.40002 > 127.0.0.1.9999: Flags [S], seq 2965590730 127.0.0.1.9999 > 127.0.0.1.40002: Flags [.], ack 2 127.0.0.1.40002 > 127.0.0.1.9999: Flags [R], seq 2965525193 // later, very quickly 127.0.0.1.40002 > 127.0.0.1.9999: Flags [S], seq 2965590730 127.0.0.1.9999 > 127.0.0.1.40002: Flags [S.], seq 3120990805 127.0.0.1.40002 > 127.0.0.1.9999: Flags [.], ack 1 As we can see, the first flow is reset because: 1) client starts a new connection, I mean, the second one 2) client tries to find a suitable port which is a timewait socket (its state is timewait, substate is fin_wait2) 3) client occupies that timewait port to send a SYN 4) server finds a corresponding close-wait socket in ehash table, then replies with a challenge ack 5) client sends an RST to terminate this old close-wait socket. I don't think the port selection algo can choose a FIN_WAIT2 socket when we turn on tcp_tw_reuse because on the server side there remain unread data. In some cases, if one side haven't call close() yet, we should not consider it as expendable and treat it at will. Even though, sometimes, the server isn't able to call close() as soon as possible like what we expect, it can not be terminated easily, especially due to a second unrelated connection happening. After this patch, we can see the expected failure if we start a connection when all the ports are occupied in fin_wait2 state: "Ncat: Cannot assign requested address." Reported-by: Jade Dong Signed-off-by: Jason Xing Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240823001152.31004-1-kerneljasonxing@gmail.com Signed-off-by: Jakub Kicinski commit 73b22ba0ae9b148efb493c5dbf0d3c72058188c0 Merge: d2ab3bb890f6a8 69f47cad3a05f6 Author: Jakub Kicinski Date: Mon Aug 26 13:24:12 2024 -0700 Merge branch 'net-pse-pd-tps23881-reset-gpio-support' Kyle Swenson says: ==================== net: pse-pd: tps23881: Reset GPIO support On some boards, the TPS2388x's reset line (active low) is pulled low to keep the chip in reset until the SoC pulls the device out of reset. This series updates the device-tree binding for the tps23881 and then adds support for the reset gpio handling in the tps23881 driver. v1: https://lore.kernel.org/20240819190151.93253-1-kyle.swenson@est.tech ==================== Link: https://patch.msgid.link/20240822220100.3030184-1-kyle.swenson@est.tech Signed-off-by: Jakub Kicinski commit 69f47cad3a05f6cd345afca84f1e66740ff48a2d Author: Kyle Swenson Date: Thu Aug 22 22:01:22 2024 +0000 net: pse-pd: tps23881: Support reset-gpios The TPS23880/1 has an active-low reset pin that some boards connect to the SoC to control when the TPS23880 is pulled out of reset. Add support for this via a reset-gpios property in the DTS. Signed-off-by: Kyle Swenson Acked-by: Oleksij Rempel Reviewed-by: Kory Maincent Link: https://patch.msgid.link/20240822220100.3030184-3-kyle.swenson@est.tech Signed-off-by: Jakub Kicinski commit ec82fa2c874f2efa55511684494949393d2789aa Author: Kyle Swenson Date: Thu Aug 22 22:01:21 2024 +0000 dt-bindings: pse: tps23881: add reset-gpios The TPS23881 has an active-low reset pin that can be connected to an SoC. Document this with the device-tree binding. Signed-off-by: Kyle Swenson Reviewed-by: Krzysztof Kozlowski Reviewed-by: Oleksij Rempel Reviewed-by: Kory Maincent Link: https://patch.msgid.link/20240822220100.3030184-2-kyle.swenson@est.tech Signed-off-by: Jakub Kicinski commit 9bce8005ec0dcb23a58300e8522fe4a31da606fa Author: Konstantin Ovsepian Date: Thu Aug 22 08:41:36 2024 -0700 blk_iocost: fix more out of bound shifts Recently running UBSAN caught few out of bound shifts in the ioc_forgive_debts() function: UBSAN: shift-out-of-bounds in block/blk-iocost.c:2142:38 shift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long long') ... UBSAN: shift-out-of-bounds in block/blk-iocost.c:2144:30 shift exponent 80 is too large for 64-bit type 'u64' (aka 'unsigned long long') ... Call Trace: dump_stack_lvl+0xca/0x130 __ubsan_handle_shift_out_of_bounds+0x22c/0x280 ? __lock_acquire+0x6441/0x7c10 ioc_timer_fn+0x6cec/0x7750 ? blk_iocost_init+0x720/0x720 ? call_timer_fn+0x5d/0x470 call_timer_fn+0xfa/0x470 ? blk_iocost_init+0x720/0x720 __run_timer_base+0x519/0x700 ... Actual impact of this issue was not identified but I propose to fix the undefined behaviour. The proposed fix to prevent those out of bound shifts consist of precalculating exponent before using it the shift operations by taking min value from the actual exponent and maximum possible number of bits. Reported-by: Breno Leitao Signed-off-by: Konstantin Ovsepian Acked-by: Tejun Heo Link: https://lore.kernel.org/r/20240822154137.2627818-1-ovs@ovs.to Signed-off-by: Jens Axboe commit 1941b31482a61a7bd75300d1905938e7e48c3d25 Author: Christoph Lameter Date: Mon Aug 19 11:54:05 2024 -0700 Reenable NUMA policy support in the slab allocator Revert commit 8014c46ad991 ("slub: use alloc_pages_node() in alloc_slab_page()"). The patch disabled the numa policy support in the slab allocator. It did not consider that alloc_pages() uses memory policies but alloc_pages_node() does not. As a result of this patch slab memory allocations are no longer spread via interleave policy across all available NUMA nodes on bootup. Instead all slab memory is allocated close to the boot processor. This leads to an imbalance of memory accesses on NUMA systems. Also applications using MPOL_INTERLEAVE as a memory policy will no longer spread slab allocations over all nodes in the interleave set but allocate memory locally. This may also result in unbalanced allocations on a single numa node. SLUB does not apply memory policies to individual object allocations. However, it relies on the page allocators support of memory policies through alloc_pages() to do the NUMA memory allocations on a per folio or page level. SLUB also applies memory policies when retrieving partial allocated slab pages from the partial list. Fixes: 8014c46ad991 ("slub: use alloc_pages_node() in alloc_slab_page()") Signed-off-by: Christoph Lameter Reviewed-by: Yang Shi Signed-off-by: Vlastimil Babka commit bf6b9e9ba0861c92b08c77edbd5d602063443c5f Author: Axel Rasmussen Date: Wed Aug 14 14:50:37 2024 -0700 mm, slub: print CPU id (and its node) on slab OOM Depending on how remote_node_defrag_ratio is configured, allocations can end up in this path as a result of the local node being OOM, despite the allocation overall being unconstrained (node == -1). When we print a warning, printing the current CPU makes that situation more clear (i.e., you can immediately see which node's OOM status matters for the allocation at hand). Acked-by: David Rientjes Signed-off-by: Axel Rasmussen Signed-off-by: Vlastimil Babka commit 4c39529663b93165953ecf9b1a9ea817358dcd06 Author: Pedro Falcato Date: Wed Aug 7 10:07:46 2024 +0100 slab: Warn on duplicate cache names when DEBUG_VM=y Duplicate slab cache names can create havoc for userspace tooling that expects slab cache names to be unique [1]. This is a reasonable expectation. Sadly, too many duplicate name problems are out there in the wild, so simply warn instead of pr_err() + failing the sanity check. [ vbabka@suse.cz: change to WARN_ON(), see the discussion at [2] ] Link: https://lore.kernel.org/linux-fsdevel/2d1d053da1cafb3e7940c4f25952da4f0af34e38.1722293276.git.osandov@fb.com/ [1] Link: https://lore.kernel.org/all/20240807090746.2146479-1-pedro.falcato@gmail.com/ [2] Signed-off-by: Pedro Falcato Acked-by: Christoph Lameter Signed-off-by: Vlastimil Babka commit 45d6486d2a5ad4310c1379071fc39d02d6784cbe Author: Frank Li Date: Mon Aug 26 12:22:56 2024 -0400 dt-bindings: input: touchscreen: convert ads7846.txt to yaml Convert binding doc ads7846.txt to yaml format. Additional change: - add ref to touchscreen.yaml and spi-peripheral-props.yaml. - use common node name touchscreen. - sort ti properties alphabetically. - sort common properties alphabetically. - sort compatible string alphabetically. - remove vcc-supply from required list. - deprecated ti,x-min, ti,y-min Fix below warning: arch/arm64/boot/dts/freescale/imx8mm-var-som-symphony.dtb: touchscreen@0: ti,x-min: b'\x00}' is not of type 'object', 'array', 'boolean', 'null' Reviewed-by: Rob Herring (Arm) Reviewed-by: Marek Vasut Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20240826162302.960732-1-Frank.Li@nxp.com Signed-off-by: Dmitry Torokhov commit 2fcd5aff92aab479a9a89cfce2dbc9c6a9455b4f Author: Steven Rostedt Date: Thu Aug 22 21:39:07 2024 -0400 tracing/Documentation: Start a document on how to debug with tracing Add a new document Documentation/trace/debugging.rst that will hold various ways to debug tracing. This initial version mentions trace_printk and how to create persistent buffers that can last across bootups. Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Cc: Alexander Aring Cc: "Luis Claudio R. Goncalves" Cc: Tomas Glozar Cc: John Kacur Cc: Clark Williams Cc: Linus Torvalds Cc: "Jonathan Corbet" Link: https://lore.kernel.org/20240823014019.702433486@goodmis.org Signed-off-by: Steven Rostedt (Google) commit ef2bd81d0c95616fab718738be48d7cc9b23e33d Author: Steven Rostedt Date: Thu Aug 22 21:39:06 2024 -0400 tracing: Add option to set an instance to be the trace_printk destination Add a option "trace_printk_dest" that will make the tracing instance the location that trace_printk() will go to. This is useful if the trace_printk or one of the top level tracers is too noisy and there's a need to separate the two. Then an instance can be created, the trace_printk can be set to go there instead, where it will not be lost in the noise of the top level tracer. Note, only one instance can be the destination of trace_printk at a time. If an instance sets this flag, the instance that had it set will have it cleared. There is always one instance that has this set. By default, that is the top instance. This flag cannot be cleared from the top instance. Doing so will result in an -EINVAL. The only way this flag can be cleared from the top instance is by another instance setting it. Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Cc: Alexander Aring Cc: "Luis Claudio R. Goncalves" Cc: Tomas Glozar Cc: John Kacur Cc: Clark Williams Cc: Linus Torvalds Cc: "Jonathan Corbet" Link: https://lore.kernel.org/20240823014019.545459018@goodmis.org Signed-off-by: Steven Rostedt (Google) commit 9b7bdf6f6ece6ea888cc7d2f02c00b403b66a119 Author: Steven Rostedt Date: Thu Aug 22 21:39:05 2024 -0400 tracing: Have trace_printk not use binary prints if boot buffer If the persistent boot mapped ring buffer is used for trace_printk(), force it to not use the binary versions. trace_printk() by default uses bin_printf() that only saves the pointer to the format and not the format itself inside the ring buffer. But for a persistent buffer that is read after reboot, the pointers to the format strings may not be the same, or worse, not even exist! Instead, just force the more robust, but slower, version that does the formatting before saving into the ring buffer. The boot mapped buffer can now be used for trace_printk and friends! Using the trace_printk() and the persistent buffer was used to debug the issue with the osnoise tracer: Link: https://lore.kernel.org/all/20240822103443.6a6ae051@gandalf.local.home/ Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Cc: Alexander Aring Cc: "Luis Claudio R. Goncalves" Cc: Tomas Glozar Cc: John Kacur Cc: Clark Williams Cc: Linus Torvalds Cc: "Jonathan Corbet" Link: https://lore.kernel.org/20240823014019.386925800@goodmis.org Signed-off-by: Steven Rostedt (Google) commit ddb8ea9e5ae482c469bcfd61cc83399bef67beb8 Author: Steven Rostedt Date: Thu Aug 22 21:39:04 2024 -0400 tracing: Allow trace_printk() to go to other instance buffers Currently, trace_printk() just goes to the top level ring buffer. But there may be times that it should go to one of the instances created by the kernel command line. Add a new trace_instance flag: traceprintk (also can use "printk" or "trace_printk" as people tend to forget the actual flag name). trace_instance=foo^traceprintk Will assign the trace_printk to this buffer at boot up. Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Cc: Alexander Aring Cc: "Luis Claudio R. Goncalves" Cc: Tomas Glozar Cc: John Kacur Cc: Clark Williams Cc: Linus Torvalds Cc: "Jonathan Corbet" Link: https://lore.kernel.org/20240823014019.226694946@goodmis.org Signed-off-by: Steven Rostedt (Google) commit b6fc31b68731af71e408b4762ac0fbce4e40223e Author: Steven Rostedt Date: Thu Aug 22 21:39:03 2024 -0400 tracing: Add "traceoff" flag to boot time tracing instances Add a "flags" delimiter (^) to the "trace_instance" kernel command line parameter, and add the "traceoff" flag. The format is: trace_instance=[^[^]][@][,] The code allows for more than one flag to be added, but currently only "traceoff" is done so. The motivation for this change came from debugging with the persistent ring buffer and having trace_printk() writing to it. The trace_printk calls are always enabled, and the boot after the crash was having the unwanted trace_printks from the current boot inject into the ring buffer with the trace_printks of the crash kernel, making the output very confusing. Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Cc: Alexander Aring Cc: "Luis Claudio R. Goncalves" Cc: Tomas Glozar Cc: John Kacur Cc: Clark Williams Cc: Linus Torvalds Cc: "Jonathan Corbet" Link: https://lore.kernel.org/20240823014019.053229958@goodmis.org Signed-off-by: Steven Rostedt (Google) commit eb2dcde9f970ed8d3669444d47c8524b4bdf7d32 Author: Vincent Donnefort Date: Fri Jun 28 11:46:11 2024 +0100 ring-buffer: Align meta-page to sub-buffers for improved TLB usage Previously, the mapped ring-buffer layout caused misalignment between the meta-page and sub-buffers when the sub-buffer size was not a multiple of PAGE_SIZE. This prevented hardware with larger TLB entries from utilizing them effectively. Add a padding with the zero-page between the meta-page and sub-buffers. Also update the ring-buffer map_test to verify that padding. Link: https://lore.kernel.org/20240628104611.1443542-1-vdonnefort@google.com Signed-off-by: Vincent Donnefort Signed-off-by: Steven Rostedt (Google) commit d0f2d6e9512ecf4306c4432761f04bd35cf9e3a6 Author: Steven Rostedt Date: Thu Aug 15 11:50:32 2024 -0400 ring-buffer: Add magic and struct size to boot up meta data Add a magic number as well as save the struct size of the ring_buffer_meta structure in the meta data to also use as validation. Updating the magic number could be used to force a invalidation between kernel versions, and saving the structure size is also a good method to make sure the content is what is expected. Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Cc: Vincent Donnefort Link: https://lore.kernel.org/20240815115032.0c197b32@rorschach.local.home Signed-off-by: Steven Rostedt (Google) commit bca704f62db2e2bb644fa845e98b08cf1e22f814 Author: Steven Rostedt Date: Thu Aug 15 11:36:29 2024 -0400 ring-buffer: Don't reset persistent ring-buffer meta saved addresses The text and data address is saved in the meta data so that it can be used to know the delta of the text and data addresses of the last boot compared to the text and data addresses of the current boot. The delta is used to convert function pointer entries in the ring buffer to something that can be used by kallsyms (note this only works for built-in functions). But the saved addresses get reset on boot up. If the buffer is not used and there's another reboot, then the saved text and data addresses will be of the last boot and not that of the boot that created the content in the ring buffer. To get an idea of the issue: # trace-cmd start -B boot_mapped -p function # reboot # trace-cmd show -B boot_mapped | tail <...>-1 [000] d..1. 461.983243: native_apic_msr_write <-native_kick_ap <...>-1 [000] d..1. 461.983244: __pfx_native_apic_msr_eoi <-native_kick_ap <...>-1 [000] d..1. 461.983244: reserve_irq_vector_locked <-native_kick_ap <...>-1 [000] d..1. 461.983262: branch_emulate_op <-native_kick_ap <...>-1 [000] d..1. 461.983262: __ia32_sys_ia32_pread64 <-native_kick_ap <...>-1 [000] d..1. 461.983263: native_kick_ap <-__smpboot_create_thread <...>-1 [000] d..1. 461.983263: store_cache_disable <-native_kick_ap <...>-1 [000] d..1. 461.983279: acpi_power_off_prepare <-native_kick_ap <...>-1 [000] d..1. 461.983280: __pfx_acpi_ns_delete_node <-acpi_suspend_enter <...>-1 [000] d..1. 461.983280: __pfx_acpi_os_release_lock <-acpi_suspend_enter # reboot # trace-cmd show -B boot_mapped |tail <...>-1 [000] d..1. 461.983243: 0xffffffffa9669220 <-0xffffffffa965f3db <...>-1 [000] d..1. 461.983244: 0xffffffffa96690f0 <-0xffffffffa965f3db <...>-1 [000] d..1. 461.983244: 0xffffffffa9663fa0 <-0xffffffffa965f3db <...>-1 [000] d..1. 461.983262: 0xffffffffa9672e80 <-0xffffffffa965f3e0 <...>-1 [000] d..1. 461.983262: 0xffffffffa962b940 <-0xffffffffa965f3ec <...>-1 [000] d..1. 461.983263: 0xffffffffa965f540 <-0xffffffffa96e1362 <...>-1 [000] d..1. 461.983263: 0xffffffffa963c940 <-0xffffffffa965f55b <...>-1 [000] d..1. 461.983279: 0xffffffffa9ee30c0 <-0xffffffffa965f59b <...>-1 [000] d..1. 461.983280: 0xffffffffa9f16c10 <-0xffffffffa9ee3157 <...>-1 [000] d..1. 461.983280: 0xffffffffa9ee02e0 <-0xffffffffa9ee3157 By not updating the saved text and data addresses in the meta data at every boot up and only updating them when the buffer is reset, it allows multiple boots to see the same data. Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Cc: Vincent Donnefort Link: https://lore.kernel.org/20240815113629.0dc90af8@rorschach.local.home Signed-off-by: Steven Rostedt (Google) commit 7dc918daaf2994963690171584ba423f28724df5 Author: Esther Shimanovich Date: Tue Aug 6 20:08:47 2024 +0000 ACPI: video: force native for Apple MacbookPro9,2 It used to be that the MacbookPro9,2 used its native intel backlight device until the following commit was introduced: commit b1d36e73cc1c ("drm/i915: Don't register backlight when another backlight should be used (v2)") This commit forced this model to use its firmware acpi_video backlight device instead. That worked fine until an additional commit was added: commit 92714006eb4d ("drm/i915/backlight: Do not bump min brightness to max on enable") That commit uncovered a bug in the MacbookPro 9,2's acpi_video backlight firmware; the backlight does not come back up after resume. Add DMI quirk to select the working native intel interface instead so that the backlight successfully comes back up after resume. Fixes: 92714006eb4d ("drm/i915/backlight: Do not bump min brightness to max on enable") Signed-off-by: Esther Shimanovich Reviewed-by: Hans de Goede Link: https://patch.msgid.link/20240806-acpi-video-quirk-v1-1-369d8f7abc59@chromium.org [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit b7ffc98a6a55bf93021a5dcb88a7682ae6cb0177 Author: Shen Lichuan Date: Mon Aug 26 12:52:53 2024 +0800 Input: wistron_btns - use kmemdup_array instead of kmemdup for multiple allocation Let the kmemdup_array() take care about multiplication and possible overflows. Using kmemdup_array() is more appropriate and makes the code easier to audit. Signed-off-by: Shen Lichuan Link: https://lore.kernel.org/r/20240826045253.3503-1-shenlichuan@vivo.com Signed-off-by: Dmitry Torokhov commit 50c6dbdfd16e312382842198a7919341ad480e05 Author: Max Ramanouski Date: Sun Aug 25 01:01:11 2024 +0300 x86/ioremap: Improve iounmap() address range checks Allowing iounmap() on memory that was not ioremap()'d in the first place is obviously a bad idea. There is currently a feeble attempt to avoid errant iounmap()s by checking to see if the address is below "high_memory". But that's imprecise at best because there are plenty of high addresses that are also invalid to call iounmap() on. Thankfully, there is a more precise helper: is_ioremap_addr(). x86 just does not use it in iounmap(). Restrict iounmap() to addresses in the ioremap region, by using is_ioremap_addr(). This aligns x86 closer to the generic iounmap() implementation. Additionally, add a warning in case there is an attempt to iounmap() invalid memory. This replaces an existing silent return and will help alert folks to any incorrect usage of iounmap(). Due to VMALLOC_START on i386 not being present in asm/pgtable.h, include for asm/vmalloc.h had to be added to include/linux/ioremap.h. [ dhansen: tweak subject and changelog ] Signed-off-by: Max Ramanouski Signed-off-by: Dave Hansen Reviewed-by: Christoph Hellwig Reviewed-by: Alistair Popple Link: https://lore.kernel.org/all/20240824220111.84441-1-max8rr8%40gmail.com commit 1b9c2e94df1408e567f23641f6052af9a75614d1 Author: Muhammad Qasim Abdul Majeed Date: Sun Aug 4 17:33:13 2024 +0500 ACPI: bus: Define and use symbols for device and class name lengths It is better to define symbols for the maximum ACPI device name length and the maximum ACPI class name length instead of using raw numbers in typedef statements. Signed-off-by: Muhammad Qasim Abdul Majeed Link: https://patch.msgid.link/20240804123313.16211-6-qasim.majeed20@gmail.com [ rjw: Subject edits, added a changelog, dropped unrelated change ] Signed-off-by: Rafael J. Wysocki commit f70ae2df130d8f8c70aea618b1b1b901163b9676 Author: Muhammad Qasim Abdul Majeed Date: Sun Aug 4 17:33:11 2024 +0500 ACPI: battery : Use strscpy() instead of strcpy() Replace strcpy() with strscpy() in the ACPI battery driver. strcpy() has been deprecated because it is generally unsafe, so help to eliminate it from the kernel source. Link: https://github.com/KSPP/linux/issues/88 Signed-off-by: Muhammad Qasim Abdul Majeed Link: https://patch.msgid.link/20240804123313.16211-4-qasim.majeed20@gmail.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit 6c7bfb7df0e6ae16593faab9edb12ec81e356942 Author: Muhammad Qasim Abdul Majeed Date: Sun Aug 4 17:33:10 2024 +0500 ACPI: acpi_processor: Use strscpy instead() of strcpy() Replace strcpy() with strscpy() in the ACPI processor driver. strcpy() has been deprecated because it is generally unsafe, so help to eliminate it from the kernel source. Link: https://github.com/KSPP/linux/issues/88 Signed-off-by: Muhammad Qasim Abdul Majeed Link: https://patch.msgid.link/20240804123313.16211-3-qasim.majeed20@gmail.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit 4fe1135c22a6333085f0426f512f59a3e85c200e Author: Muhammad Qasim Abdul Majeed Date: Sun Aug 4 17:33:09 2024 +0500 ACPI: PAD: Use strscpy() instead of strcpy() Replace strcpy() with strscpy() in the ACPI processor aggregator (PAD) driver. strcpy() has been deprecated because it is generally unsafe, so help to eliminate it from the kernel source. Link: https://github.com/KSPP/linux/issues/88 Signed-off-by: Muhammad Qasim Abdul Majeed Link: https://patch.msgid.link/20240804123313.16211-2-qasim.majeed20@gmail.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit b32c9df02e9e66c575cea20180d734cbbe8ae7b7 Author: Muhammad Qasim Abdul Majeed Date: Sun Aug 4 17:33:08 2024 +0500 ACPI: AC: Use strscpy() instead of strcpy() Replace strcpy() with strscpy() in the ACPI AC driver. strcpy() has been deprecated because it is generally unsafe, so help to eliminate it from the kernel source. Link: https://github.com/KSPP/linux/issues/88 Signed-off-by: Muhammad Qasim Abdul Majeed Link: https://patch.msgid.link/20240804123313.16211-1-qasim.majeed20@gmail.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit d2ab3bb890f6a88facf89494ce50b27ff8236d24 Author: Rosen Penev Date: Thu Aug 22 12:27:52 2024 -0700 net: ag71xx: move clk_eth out of struct It's only used in one place. It doesn't need to be in the struct. Signed-off-by: Rosen Penev Link: https://patch.msgid.link/20240822192758.141201-1-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 037f93434ce9aea3dc19ba2d97e888a12e538f7b Author: Dnyaneshwar Bhadane Date: Sun Aug 25 17:41:56 2024 +0530 drm/i915/gt: Whitelist COMMON_SLICE_CHICKEN1 for UMD access. As part of the recommended tuning setting, whitelist COMMON_SLICE_CHICKEN1 for MTL/ARL and DG2. The UMD will selectively enable or disable specific bits of the register based on the type of workload and its requirements. v2: Remove the KMD par of enabling specific bits(Matt R) Bspec: 68331 Signed-off-by: Dnyaneshwar Bhadane Reviewed-by: Matt Roper Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240825121156.2498810-1-dnyaneshwar.bhadane@intel.com commit 1461f5a3d810869e182f1d11caaac7dee0458ff7 Author: Cong Wang Date: Thu Aug 22 11:25:44 2024 -0700 l2tp: avoid overriding sk->sk_user_data Although commit 4a4cd70369f1 ("l2tp: don't set sk_user_data in tunnel socket") removed sk->sk_user_data usage, setup_udp_tunnel_sock() still touches sk->sk_user_data, this conflicts with sockmap which also leverages sk->sk_user_data to save psock. Restore this sk->sk_user_data check to avoid such conflicts. Fixes: 4a4cd70369f1 ("l2tp: don't set sk_user_data in tunnel socket") Reported-by: syzbot+8dbe3133b840c470da0e@syzkaller.appspotmail.com Cc: Tom Parkin Signed-off-by: Cong Wang Tested-by: James Chapman Reviewed-by: James Chapman Link: https://patch.msgid.link/20240822182544.378169-1-xiyou.wangcong@gmail.com Signed-off-by: Jakub Kicinski commit b53f09ecd602d7b8b7da83b0890cbac500b6a9b9 Author: Li Chen Date: Sat Aug 3 16:13:18 2024 +0800 ACPI: resource: Do IRQ override on MECHREV GM7XG0M Listed device need the override for the keyboard to work. Fixes: 9946e39fe8d0 ("ACPI: resource: skip IRQ override on AMD Zen platforms") Cc: All applicable Signed-off-by: Li Chen Link: https://patch.msgid.link/87y15e6n35.wl-me@linux.beauty Signed-off-by: Rafael J. Wysocki commit 7888173eb18063c15e10d099310a58ab8c3a4b44 Merge: 5efc9623cfaef2 749e67d5b297c0 Author: Jakub Kicinski Date: Mon Aug 26 09:52:06 2024 -0700 Merge branch 'net-xilinx-axienet-multicast-fixes-and-improvements' Sean Anderson says: ==================== net: xilinx: axienet: Multicast fixes and improvements This series has a few small patches improving the handling of multicast addresses. In particular, it makes the driver a whole lot less spammy, and adjusts things so we aren't in promiscuous mode when we have more than four multicast addresses (a common occurance on modern systems). As the hardware has a 4-entry CAM, the ideal method would be to "pack" multiple addresses into one CAM entry. Something like: entry.address = address[0] | address[1]; entry.mask = ~(address[0] ^ address[1]); Which would make the entry match both addresses (along with some others that would need to be filtered in software). Mapping addresses to entries in an efficient way is a bit tricky. If anyone knows of an in-tree example of something like this, I'd be glad to hear about it. ==================== Link: https://patch.msgid.link/20240822154059.1066595-1-sean.anderson@linux.dev Signed-off-by: Jakub Kicinski commit 749e67d5b297c01b4825315808c9f1c9e7c91d01 Author: Sean Anderson Date: Thu Aug 22 11:40:59 2024 -0400 net: xilinx: axienet: Support IFF_ALLMULTI Add support for IFF_ALLMULTI by configuring a single filter to match the multicast address bit. This allows us to keep promiscuous mode disabled, even when we have more than four multicast addresses. An even better solution would be to "pack" addresses into the available CAM registers, but that can wait for a future series. Signed-off-by: Sean Anderson Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240822154059.1066595-6-sean.anderson@linux.dev Signed-off-by: Jakub Kicinski commit 7a826fb3e4c68f42ffdec8361e1fb49cdfbbc991 Author: Sean Anderson Date: Thu Aug 22 11:40:58 2024 -0400 net: xilinx: axienet: Don't set IFF_PROMISC in ndev->flags Contrary to the comment, we don't have to inform the net subsystem. Signed-off-by: Sean Anderson Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240822154059.1066595-5-sean.anderson@linux.dev Signed-off-by: Jakub Kicinski commit cd039e6787ff6c496239c0c2f6d740e7c216d763 Author: Sean Anderson Date: Thu Aug 22 11:40:57 2024 -0400 net: xilinx: axienet: Don't print if we go into promiscuous mode A message about being in promiscuous mode is printed every time each additional multicast address beyond four is added. Suppress this message like is done in other drivers. Signed-off-by: Sean Anderson Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240822154059.1066595-4-sean.anderson@linux.dev Signed-off-by: Jakub Kicinski commit cead0b8991713bdeb5b947758dd62287fcf8da40 Author: Anuj Gupta Date: Mon Aug 26 16:09:43 2024 +0530 nvme: rename apptag and appmask to lbat and lbatm Rename apptag and appmask to lbat and lbatm so that it matches the field names used in NVMe spec. Signed-off-by: Anuj Gupta Signed-off-by: Kanchan Joshi Suggested-by: Christoph Hellwig Reviewed-by: Sagi Grimberg Signed-off-by: Keith Busch commit 62fdaf9e8056e9a9e6fe63aa9c816ec2122d60c6 Author: Aleksandr Mishin Date: Wed Jul 10 15:39:49 2024 +0300 ice: Adjust over allocation of memory in ice_sched_add_root_node() and ice_sched_add_node() In ice_sched_add_root_node() and ice_sched_add_node() there are calls to devm_kcalloc() in order to allocate memory for array of pointers to 'ice_sched_node' structure. But incorrect types are used as sizeof() arguments in these calls (structures instead of pointers) which leads to over allocation of memory. Adjust over allocation of memory by correcting types in devm_kcalloc() sizeof() arguments. Found by Linux Verification Center (linuxtesting.org) with SVACE. Reviewed-by: Przemek Kitszel Signed-off-by: Aleksandr Mishin Reviewed-by: Simon Horman Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit 5efc9623cfaef22b3492147bf76c2d4d8586c77f Merge: 77f0caecf4e63f a18308623ce303 Author: Jakub Kicinski Date: Mon Aug 26 09:48:53 2024 -0700 Merge branch 'some-modifications-to-optimize-code-readability' Li Zetao says: ==================== Some modifications to optimize code readability This patchset is mainly optimized for readability in contexts where size needs to be determined. By using min() or max(), or even directly removing redundant judgments (such as the 5th patch), the code is more consistent with the context. ==================== Link: https://patch.msgid.link/20240822133908.1042240-1-lizetao1@huawei.com Signed-off-by: Jakub Kicinski commit a18308623ce303a0f8954294f3877b3ece8c5e7b Author: Li Zetao Date: Thu Aug 22 21:39:07 2024 +0800 tipc: use min() to simplify the code When calculating size of own domain based on number of peers, the result should be less than MAX_MON_DOMAIN, so using min() here is very semantic. Signed-off-by: Li Zetao Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240822133908.1042240-8-lizetao1@huawei.com Signed-off-by: Jakub Kicinski commit 26549dab8a4676ce549cb20bf384daf458a9ea24 Author: Li Zetao Date: Thu Aug 22 21:39:06 2024 +0800 ipv6: mcast: use min() to simplify the code When coping sockaddr in ip6_mc_msfget(), the time of copies depends on the minimum value between sl_count and gf_numsrc. Using min() here is very semantic. Signed-off-by: Li Zetao Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240822133908.1042240-7-lizetao1@huawei.com Signed-off-by: Jakub Kicinski commit b4985aa8e312fd40fbbce0fe44ce677368fdee43 Author: Li Zetao Date: Thu Aug 22 21:39:03 2024 +0800 net: caif: use max() to simplify the code When processing the tail append of sk buffer, the final length needs to be determined based on expectlen and addlen. Using max() here can increase the readability of the code. Signed-off-by: Li Zetao Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240822133908.1042240-4-lizetao1@huawei.com Signed-off-by: Jakub Kicinski commit b1703d5f794d755e0d4ce1f22eee1215acb8ce02 Author: Sergey Temerkhanov Date: Tue Aug 6 13:46:27 2024 -0700 ice: Report NVM version numbers on mismatch during load Report NVM version numbers (both detected and expected) when a mismatch b/w driver and firmware is detected. This provides more useful information about which NVM version the driver expects, rather than requiring manual code inspection. Signed-off-by: Sergey Temerkhanov Signed-off-by: Jacob Keller Reviewed-by: Przemek Kitszel Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit 448711c1dad080c0fc5e87d0464366f21085e98e Author: Jacob Keller Date: Tue Aug 6 13:46:26 2024 -0700 ice: remove unnecessary control queue cmd_buf arrays The driver allocates a cmd_buf array in addition to the desc_buf array. This array stores an ice_sq_cd command details structure for each entry in the control queue ring. The contents of the structure are copied from the value passed in via ice_sq_send_cmd, and include only a pointer to storage for the write back descriptor contents. Originally this array was intended to support asynchronous completion including features such as a callback function. This support was never implemented. All that exists today is needless copying and resetting of a cmd_buf array that is otherwise functionally unused. Since we do not plan to implement asynchronous completions, drop this unnecessary memory and logic. This saves memory for each control queue, and avoids the pointless copying and memset. Signed-off-by: Jacob Keller Reviewed-by: Przemek Kitszel Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit 1d95d9256cfaa3e5a1a4b3cedbd3c043df229b5a Author: Jacob Keller Date: Tue Aug 6 13:46:25 2024 -0700 ice: reword comments referring to control queues Many comments in ice_controlq.c use the term "Admin queue" despite the code being intended for arbitrary control queues, not just the Admin queue. Reword the comments to make it clear that this code is the generic control queue logic that is shared by all of the control queues, and is not specific to the Admin queue. Signed-off-by: Jacob Keller Reviewed-by: Przemek Kitszel Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit 74ce564a30efbab1eccc2182f21414eae1dd085c Author: Przemek Kitszel Date: Tue Aug 6 13:46:24 2024 -0700 ice: stop intermixing AQ commands/responses debug dumps The ice_debug_cq() function is called to generate a debug log of control queue messages both sent and received. It currently does this over a potential total of 6 different printk invocations. The main logic prints over 4 calls to ice_debug(): 1. The metadata including opcode, flags, datalength and return value. 2. The cookie in the descriptor. 3. The parameter values. 4. The address for the databuffer. In addition, if the descriptor has a data buffer, it can be logged with two additional prints: 5. A message indicating the start of the data buffer. 6. The actual data buffer, printed using print_hex_dump_debug. This can lead to trouble in the event that two different PFs are logging messages. The messages become intermixed and it may not be possible to determine which part of the output belongs to which control queue message. To fix this, it needs to be possible to unambiguously determine which messages belong together. This is trivial for the messages that comprise the main printing. Combine them together into a single invocation of ice_debug(). The message containing a hex-dump of the data buffer is a bit more complicated. This is printed separately as part of print_hex_dump_debug. This function takes a prefix, which is currently always set to KBUILD_MODNAME. Extend this prefix to include the buffer address for the databuffer, which is printed as part of the main print, and which is guaranteed to be unique for each buffer. Refactor the ice_debug_array(), introducing an ice_debug_array_w_prefix(). Build the prefix by combining KBUILD_MODNAME with the databuffer address using snprintf(). These changes make it possible to unambiguously determine what data belongs to what control queue message. Reported-by: Jacek Wierzbicki Signed-off-by: Przemek Kitszel Signed-off-by: Jacob Keller Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit 6bd7cb522b1c06f826b74a40c5a0f23b1e4d00ae Author: Bruce Allan Date: Tue Aug 6 13:46:23 2024 -0700 ice: do not clutter debug logs with unused data Currently, debug logs are unnecessarily cluttered with the contents of command data buffers even if the receiver of that command (i.e. FW or MBX) are not told to read the buffer. Change to only log command data buffers when the RD flag (indicates receiver needs to read the buffer) is set. Continue to log response data buffer when the returned datalen is non-zero. Also, rename a local variable to reflect what is in the hardware specification and how it is used elsewhere in the code, use local variables instead of duplicating endian conversions unnecessarily and remove an unnecessary assignment. Signed-off-by: Bruce Allan Signed-off-by: Jacob Keller Reviewed-by: Przemek Kitszel Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit caf4daae871c20a3da1a822d8713c858c8a85d5c Author: Jacob Keller Date: Tue Aug 6 13:46:22 2024 -0700 ice: improve debug print for control queue messages The ice_debug_cq function is called to print debug data for a control queue descriptor in multiple places. This includes both before we send a message on a transmit queue, after the writeback completion of a message on the transmit queue, and when we receive a message on a receive queue. This function does not include data about *which* control queue the message is on, nor whether it was what we sent to the queue or what we received from the queue. Modify ice_debug_cq to take two extra parameters, a pointer to the control queue and a boolean indicating if this was a response or a command. Improve the debug messages by replacing "CQ CMD" with a string indicating which specific control queue (based on cq->qtype) and whether this was a command sent by the PF or a response from the queue. This helps make the log output easier to understand and consume when debugging. Signed-off-by: Jacob Keller Reviewed-by: Przemek Kitszel Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit 77f0caecf4e63fd7fb0533ea85d7e792f95c2251 Merge: 0de45db8f4318f a8c924e98738f7 Author: Jakub Kicinski Date: Mon Aug 26 09:37:25 2024 -0700 Merge branch 'net-header-and-core-spelling-corrections' Simon Horman says: ==================== net: header and core spelling corrections This patchset addresses a number of spelling errors in comments in Networking files under include/, and files in net/core/. Spelling problems are as flagged by codespell. It aims to provide patches that can be accepted directly into net-next. And splits patches up based on maintainer boundaries: many things feed directly into net-next. This is a complex process and I apologise for any errors. I also plan to address, via separate patches, spelling errors in other files in the same directories, for files whose changes typically go through trees other than net-next (which feed into net-next). ==================== Link: https://patch.msgid.link/20240822-net-spell-v1-0-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit a8c924e98738f77668b022ec34107ca8b6093392 Author: Simon Horman Date: Thu Aug 22 13:57:34 2024 +0100 net: Correct spelling in net/core Correct spelling in net/core. As reported by codespell. Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240822-net-spell-v1-13-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit 70d0bb45fae87a3b08970a318e15f317446a1956 Author: Simon Horman Date: Thu Aug 22 13:57:33 2024 +0100 net: Correct spelling in headers Correct spelling in Networking headers. As reported by codespell. Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240822-net-spell-v1-12-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit 01d86846a5a5f34662679dd229a0167fc9d92382 Author: Simon Horman Date: Thu Aug 22 13:57:32 2024 +0100 x25: Correct spelling in x25.h Correct spelling in x25.h As reported by codespell. Signed-off-by: Simon Horman Reviewed-by: Martin Schiller Link: https://patch.msgid.link/20240822-net-spell-v1-11-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit 7f47fcea8c6b4af25e72e0ebb8d492a181b7ce03 Author: Simon Horman Date: Thu Aug 22 13:57:31 2024 +0100 sctp: Correct spelling in headers Correct spelling in sctp.h and structs.h. As reported by codespell. Cc: Marcelo Ricardo Leitner Signed-off-by: Simon Horman Acked-by: Xin Long Link: https://patch.msgid.link/20240822-net-spell-v1-10-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit a7a45f02a093d3b3f80a77db334703b5f53ebd44 Author: Simon Horman Date: Thu Aug 22 13:57:30 2024 +0100 net: sched: Correct spelling in headers Correct spelling in pkt_cls.h and red.h. As reported by codespell. Cc: Krzysztof Kozlowski Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240822-net-spell-v1-9-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit 10d0749a38c3a02f308fe8c4f4ed29bd6412e5fb Author: Simon Horman Date: Thu Aug 22 13:57:29 2024 +0100 NFC: Correct spelling in headers Correct spelling in NFC headers. As reported by codespell. Signed-off-by: Simon Horman Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240822-net-spell-v1-8-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit 6899c2549cf7ca554ee2dd8574f0b70945f3ed1b Author: Simon Horman Date: Thu Aug 22 13:57:28 2024 +0100 netlabel: Correct spelling in netlabel.h Correct spelling in netlabel.h. As reported by codespell. Cc: Paul Moore Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240822-net-spell-v1-7-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit 19f1f11c9a8e92a2211a3854bd2cfbd4bb6303f1 Author: Simon Horman Date: Thu Aug 22 13:57:27 2024 +0100 net: qualcomm: rmnet: Correct spelling in if_rmnet.h Correct spelling in if_rmnet.h As reported by codespell. Cc: Sean Tranchetti Signed-off-by: Simon Horman Reviewed-by: Subash Abhinov Kasiviswanathan Link: https://patch.msgid.link/20240822-net-spell-v1-6-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit e8ac2dba93eafb928fd9e127cdade3b2216a642c Author: Simon Horman Date: Thu Aug 22 13:57:26 2024 +0100 bonding: Correct spelling in headers Correct spelling in bond_3ad.h and bond_alb.h. As reported by codespell. Cc: Jay Vosburgh Cc: Andy Gospodarek Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240822-net-spell-v1-5-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit 507285b7f9b2bc90f093fa335d43f2a21a2dbef9 Author: Simon Horman Date: Thu Aug 22 13:57:25 2024 +0100 ipv6: Correct spelling in ipv6.h Correct spelling in ip_tunnels.h As reported by codespell. Cc: David Ahern Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240822-net-spell-v1-4-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit d0193b167f2756de2f8be4d44186294bfacaaafc Author: Simon Horman Date: Thu Aug 22 13:57:24 2024 +0100 ip_tunnel: Correct spelling in ip_tunnels.h Correct spelling in ip_tunnels.h As reported by codespell. Cc: David Ahern Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240822-net-spell-v1-3-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit c3494460324832ba03ab8f640a0a5e52283b1b15 Author: Simon Horman Date: Thu Aug 22 13:57:23 2024 +0100 s390/iucv: Correct spelling in iucv.h Correct spelling in iucv.h As reported by codespell. Cc: Alexandra Winter Cc: Thorsten Winkler Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240822-net-spell-v1-2-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit d24dac8eb8111c401b0de40a17760a0a254bcffc Author: Simon Horman Date: Thu Aug 22 13:57:22 2024 +0100 packet: Correct spelling in if_packet.h Correct spelling in if_packet.h As reported by codespell. Signed-off-by: Simon Horman Acked-by: Willem de Bruijn Link: https://patch.msgid.link/20240822-net-spell-v1-1-3a98971ce2d2@kernel.org Signed-off-by: Jakub Kicinski commit 0de45db8f4318f03e55214e3af3c5a7a2dc01120 Merge: f85cd6aec1f1df 550ee90ac61c1f Author: Jakub Kicinski Date: Mon Aug 26 09:35:50 2024 -0700 Merge branch 'add-support-for-icssg-pa_stats' MD Danish Anwar says: ==================== Add support for ICSSG PA_STATS This series adds support for PA_STATS. Previously this series was a standalone patch adding documentation for PA_STATS in dt-bindings file ti,pruss.yaml. v1 https://lore.kernel.org/all/20240430121915.1561359-1-danishanwar@ti.com/ v2 https://lore.kernel.org/all/20240529115149.630273-1-danishanwar@ti.com/ v3 https://lore.kernel.org/all/20240625153319.795665-1-danishanwar@ti.com/ v4 https://lore.kernel.org/all/20240729113226.2905928-1-danishanwar@ti.com/ v5 https://lore.kernel.org/all/20240814092033.2984734-1-danishanwar@ti.com/ v6 https://lore.kernel.org/all/20240820091657.4068304-1-danishanwar@ti.com/ ==================== Link: https://patch.msgid.link/20240822122652.1071801-1-danishanwar@ti.com Signed-off-by: Jakub Kicinski commit 550ee90ac61c1f0cd987c68a9ac6c4c9833925d7 Author: MD Danish Anwar Date: Thu Aug 22 17:56:52 2024 +0530 net: ti: icssg-prueth: Add support for PA Stats Add support for dumping PA stats registers via ethtool. Firmware maintained stats are stored at PA Stats registers. Also modify emac_get_strings() API to use ethtool_puts(). This commit also maintains consistency between miig_stats and pa_stats by - renaming the array icssg_all_stats to icssg_all_miig_stats - renaming the structure icssg_stats to icssg_miig_stats - renaming ICSSG_STATS() to ICSSG_MIIG_STATS() - changing order of stats related data structures and arrays so that data structures of a certain stats type is clubbed together. Signed-off-by: MD Danish Anwar Link: https://patch.msgid.link/20240822122652.1071801-3-danishanwar@ti.com Signed-off-by: Jakub Kicinski commit be91edc81b09ca062e39db894561d25447235c68 Author: MD Danish Anwar Date: Thu Aug 22 17:56:51 2024 +0530 dt-bindings: soc: ti: pruss: Add documentation for PA_STATS support Add documentation for pa-stats node which is syscon regmap for PA_STATS registers. This will be used to dump statistics maintained by ICSSG firmware. Reviewed-by: Krzysztof Kozlowski Reviewed-by: Roger Quadros Acked-by: Nishanth Menon Signed-off-by: MD Danish Anwar Link: https://patch.msgid.link/20240822122652.1071801-2-danishanwar@ti.com Signed-off-by: Jakub Kicinski commit 5f6df173f92eff2d6fa09d74e47e204b0072f82e Author: Jacob Keller Date: Tue Aug 6 13:46:21 2024 -0700 ice: implement and use rd32_poll_timeout for ice_sq_done timeout The ice_sq_done function is used to check the control queue head register and determine whether or not the control queue processing is done. This function is called in a loop checking against jiffies for a specified timeout. The pattern of reading a register in a loop until a condition is true or a timeout is reached is a relatively common pattern. In fact, the kernel provides a read_poll_timeout function implementing this behavior in Use of read_poll_timeout is preferred over directly coding these loops. However, using it in the ice driver is a bit more difficult because of the rd32 wrapper. Implement a rd32_poll_timeout wrapper based on read_poll_timeout. Refactor ice_sq_done to use rd32_poll_timeout, replacing the loop calling ice_sq_done in ice_sq_send_cmd. This simplifies the logic down to a single ice_sq_done() call. The implementation of rd32_poll_timeout uses microseconds for its timeout value, so update the CQ timeout macros used to be specified in microseconds units as well instead of using HZ for jiffies. Signed-off-by: Jacob Keller Reviewed-by: Przemek Kitszel Tested-by: Pucha Himasekhar Reddy (A Contingent worker at Intel) Signed-off-by: Tony Nguyen commit f85cd6aec1f1dfc29fd4a8440cdf0693c2411a3f Merge: b494b1673889c9 986a7fa4b454c9 Author: Jakub Kicinski Date: Mon Aug 26 09:34:03 2024 -0700 Merge branch 'add-alcd-support-to-cable-testing-interface' Oleksij Rempel says: ==================== Add ALCD Support to Cable Testing Interface This patch series introduces support for Active Link Cable Diagnostics (ALCD) in the ethtool cable testing interface and the DP83TD510 PHY driver. Why ALCD? On a 10BaseT1L interface, TDR (Time Domain Reflectometry) is not possible if the link partner is active - TDR will fail in these cases because it requires interrupting the link. Since the link is active, we already know the cable is functioning, so instead of using TDR, we can use ALCD. ALCD lets us measure cable length without disrupting the active link, which is crucial in environments where network uptime is important. It provides a way to gather diagnostic data without the need for downtime. What's in this series: - Extended the ethtool cable testing interface to specify the source of diagnostic results (TDR or ALCD). - Updated the DP83TD510 PHY driver to use ALCD when the link is active, ensuring we can still get cable length info without dropping the connection. ==================== Link: https://patch.msgid.link/20240822120703.1393130-1-o.rempel@pengutronix.de Signed-off-by: Jakub Kicinski commit 986a7fa4b454c9ee338a133868b8ed740cd45edd Author: Oleksij Rempel Date: Thu Aug 22 14:07:03 2024 +0200 phy: dp83td510: Utilize ALCD for cable length measurement when link is active In industrial environments where 10BaseT1L PHYs are replacing existing field bus systems like CAN, it's often essential to retain the existing cable infrastructure. After installation, collecting metrics such as cable length is crucial for assessing the quality of the infrastructure. Traditionally, TDR (Time Domain Reflectometry) is used for this purpose. However, TDR requires interrupting the link, and if the link partner remains active, the TDR measurement will fail. Unlike multi-pair systems, where TDR can be attempted during the MDI-X switching window, 10BaseT1L systems face greater challenges. The TDR sequence on 10BaseT1L is longer and coincides with uninterrupted autonegotiation pulses, making TDR impossible when the link partner is active. The DP83TD510 PHY provides an alternative through ALCD (Active Link Cable Diagnostics), which allows for cable length measurement without disrupting an active link. Since a live link indicates no short or open cable states, ALCD can be used effectively to gather cable length information. Enhance the dp83td510 driver by: - Leveraging ALCD to measure cable length when the link is active. - Bypassing TDR when a link is detected, as ALCD provides the required information without disruption. Signed-off-by: Oleksij Rempel Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240822120703.1393130-4-o.rempel@pengutronix.de Signed-off-by: Jakub Kicinski commit 4715d87e11ac805ab95a75adfbf93d67dfbdbe81 Author: Oleksij Rempel Date: Thu Aug 22 14:07:02 2024 +0200 ethtool: Add support for specifying information source in cable test results Enhance the ethtool cable test interface by introducing the ability to specify the source of the diagnostic information for cable test results. This is particularly useful for PHYs that offer multiple diagnostic methods, such as Time Domain Reflectometry (TDR) and Active Link Cable Diagnostic (ALCD). Key changes: - Added `ethnl_cable_test_result_with_src` and `ethnl_cable_test_fault_length_with_src` functions to allow specifying the information source when reporting cable test results. - Updated existing `ethnl_cable_test_result` and `ethnl_cable_test_fault_length` functions to use TDR as the default source, ensuring backward compatibility. - Modified the UAPI to support these new attributes, enabling drivers to provide more detailed diagnostic information. Signed-off-by: Oleksij Rempel Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240822120703.1393130-3-o.rempel@pengutronix.de Signed-off-by: Jakub Kicinski commit abcd3026dd63417692a5e80aff70e7cd9b5c14ea Author: Oleksij Rempel Date: Thu Aug 22 14:07:01 2024 +0200 ethtool: Extend cable testing interface with result source information Extend the ethtool netlink cable testing interface by adding support for specifying the source of cable testing results. This allows users to differentiate between results obtained through different diagnostic methods. For example, some TI 10BaseT1L PHYs provide two variants of cable diagnostics: Time Domain Reflectometry (TDR) and Active Link Cable Diagnostic (ALCD). By introducing `ETHTOOL_A_CABLE_RESULT_SRC` and `ETHTOOL_A_CABLE_FAULT_LENGTH_SRC` attributes, this update enables drivers to indicate whether the result was derived from TDR or ALCD, improving the clarity and utility of diagnostic information. Signed-off-by: Oleksij Rempel Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240822120703.1393130-2-o.rempel@pengutronix.de Signed-off-by: Jakub Kicinski commit 09d77be56093b9fc7daa14c9c745e77ae3a56492 Author: Konrad Dybcio Date: Mon Aug 26 16:37:54 2024 +0200 arm64: dts: qcom: Add support for X1-based Surface Laptop 7 devices Add support for Surface Laptop 7 machines, based on X1E80100. The feature status is mostly on par with other X Elite machines, notably lacking: - USB-A and probably USB-over-Surface-connector (pending NXP retimer support) - SD card reader (Realtek RTS5261 connected over PCIe) - Touchscreen and touchpad support (hid-over-SPI [1]) - Audio (a quick look suggests the setup is very close to the one in X1E CRD) The two Surface Laptop 7 SKUs (13.8" and 15") only have very minor differences, amounting close to none on the software side. Even the MBN firmware files and ACPI tables are shared between the two machines. With that in mind, support is added for both, although only the larger one was physically tested. Display differences will be taken care of through fused-in EDID and other matters should be solved within the EC and boot firmware. [1] https://www.microsoft.com/en-us/download/details.aspx?id=103325 Signed-off-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240826-topic-sl7-v2-5-c32ebae78789@quicinc.com Signed-off-by: Bjorn Andersson commit ecbdce2041ee09cb3a046fd2b7d000fa5e333773 Author: Konrad Dybcio Date: Mon Aug 26 16:37:53 2024 +0200 arm64: dts: qcom: x1e80100: Add UART2 GENI SE2 within QUP0 is used as UART on some devices, describe it. While at it, rewrite the adjacent UART21 pins node to make it more easily modifiable. Signed-off-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240826-topic-sl7-v2-4-c32ebae78789@quicinc.com Signed-off-by: Bjorn Andersson commit 02a1bfb34ca8607fc0ed5b5155fd81b7574e931e Author: Konrad Dybcio Date: Mon Aug 26 16:37:52 2024 +0200 arm64: dts: qcom: x1e80100-pmics: Add PMC8380C PWM The PMC8380C (PM8550) has a PWM block, describe it. Signed-off-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240826-topic-sl7-v2-3-c32ebae78789@quicinc.com Signed-off-by: Bjorn Andersson commit 2538d0689cfe0a3c45c1fbed54d14cd56df8781c Author: Konrad Dybcio Date: Mon Aug 26 16:37:50 2024 +0200 dt-bindings: arm: qcom: Add Surface Laptop 7 devices Document the X1E80100-based Microsoft laptops. Signed-off-by: Konrad Dybcio Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240826-topic-sl7-v2-1-c32ebae78789@quicinc.com Signed-off-by: Bjorn Andersson commit 6614be05358869f1642964b650977018ac528a14 Author: Konrad Dybcio Date: Mon Aug 26 16:37:51 2024 +0200 firmware: qcom: scm: Allow QSEECOM on Surface Laptop 7 models Add the aforementioned machines to the list to get e.g. efivars up. Signed-off-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240826-topic-sl7-v2-2-c32ebae78789@quicinc.com Signed-off-by: Bjorn Andersson commit b494b1673889c95ead43fb6978687fb61bb042d5 Author: Breno Leitao Date: Thu Aug 22 02:56:39 2024 -0700 net: netconsole: selftests: Create a new netconsole selftest Adds a selftest that creates two virtual interfaces, assigns one to a new namespace, and assigns IP addresses to both. It listens on the destination interface using socat and configures a dynamic target on netconsole, pointing to the destination IP address. The test then checks if the message was received properly on the destination interface. Signed-off-by: Breno Leitao Acked-by: Matthieu Baerts (NGI0) Link: https://patch.msgid.link/20240822095652.3806208-1-leitao@debian.org Signed-off-by: Jakub Kicinski commit 9f08ae4ffa39824b2e950fb57b7d8ccf07788e4f Merge: f086d18db11724 908ee298c8fb3f Author: Jakub Kicinski Date: Mon Aug 26 09:25:46 2024 -0700 Merge branch 'netconsole-populate-dynamic-entry-even-if-netpoll-fails' Breno Leitao says: ==================== netconsole: Populate dynamic entry even if netpoll fails The current implementation of netconsole removes the entry and fails entirely if netpoll fails to initialize. This approach is suboptimal, as it prevents reconfiguration or re-enabling of the target through configfs. While this issue might seem minor if it were rare, it actually occurs frequently when the network module is configured as a loadable module. In such cases, the network is unavailable when netconsole initializes, causing netpoll to fail. This failure forces users to reconfigure the target from scratch, discarding any settings provided via the command line. The proposed change would keep the target available in configfs, albeit in a disabled state. This modification allows users to adjust settings or simply re-enable the target once the network module has loaded, providing a more flexible and user-friendly solution. v2: https://lore.kernel.org/20240819103616.2260006-1-leitao@debian.org v1: https://lore.kernel.org/20240809161935.3129104-1-leitao@debian.org ==================== Link: https://patch.msgid.link/20240822111051.179850-1-leitao@debian.org Signed-off-by: Jakub Kicinski commit 908ee298c8fb3f9129a470735e8bb8037a95221e Author: Breno Leitao Date: Thu Aug 22 04:10:48 2024 -0700 net: netconsole: Populate dynamic entry even if netpoll fails Currently, netconsole discards targets that fail during initialization, causing two issues: 1) Inconsistency between target list and configfs entries * user pass cmdline0, cmdline1. If cmdline0 fails, then cmdline1 becomes cmdline0 in configfs. 2) Inability to manage failed targets from userspace * If user pass a target that fails with netpoll (interface not loaded at netcons initialization time, such as interface is a module), then the target will not exist in the configfs, so, user cannot re-enable or modify it from userspace. Failed targets are now added to the target list and configfs, but remain disabled until manually enabled or reconfigured. This change does not change the behaviour if CONFIG_NETCONSOLE_DYNAMIC is not set. CC: Aijay Adams Signed-off-by: Breno Leitao Link: https://patch.msgid.link/20240822111051.179850-3-leitao@debian.org Signed-off-by: Jakub Kicinski commit ae5a0456e0b4cfd7e61619e55251ffdf1bc7adfb Author: Breno Leitao Date: Thu Aug 22 04:10:47 2024 -0700 netpoll: Ensure clean state on setup failures Modify netpoll_setup() and __netpoll_setup() to ensure that the netpoll structure (np) is left in a clean state if setup fails for any reason. This prevents carrying over misconfigured fields in case of partial setup success. Key changes: - np->dev is now set only after successful setup, ensuring it's always NULL if netpoll is not configured or if netpoll_setup() fails. - np->local_ip is zeroed if netpoll setup doesn't complete successfully. - Added DEBUG_NET_WARN_ON_ONCE() checks to catch unexpected states. - Reordered some operations in __netpoll_setup() for better logical flow. These changes improve the reliability of netpoll configuration, since it assures that the structure is fully initialized or totally unset. Suggested-by: Paolo Abeni Signed-off-by: Breno Leitao Link: https://patch.msgid.link/20240822111051.179850-2-leitao@debian.org Signed-off-by: Jakub Kicinski commit ff555fc5537db70fa75d0ca557d3a41e4c08b55c Author: Peng Fan Date: Thu Aug 22 21:48:50 2024 +0800 remoteproc: imx_rproc: Add support for poweroff and reboot On some NXP platforms (e.g i.MX7ULP) the poweroff and reboot operations are done via a separate remote core. Typically Linux needs to send a message to the remote core and requests for poweroff or reboot. By default the communication between Linux core and the remote core is is done via a blocking mailbox mechanism but Linux doesn't allow blocking operations in the system off (reboot, power off) handlers. So, we need to make sure the mailbox message send operations do not block for this specific operations. Fortunately, Linux allows us to register handlers that are called in preparation of the system off operations. Thus, before carrying the power off or reboot preparations, just destroy the existing mailboxes and create them as non-blocking. Note that power off and restart are totally different operations and are not complementary. We introduce a new flag in the imx remoteproc per device data which tells us when a device needs this special setup. For now, only imx7ulp needs it. Signed-off-by: Peng Fan Reviewed-by: Daniel Baluta Link: https://lore.kernel.org/r/20240822-imx_rproc-v3-2-6d943723945d@nxp.com Signed-off-by: Mathieu Poirier commit d9dbd7149c852d51b94d5fda89d79a6c3e1fff97 Author: Peng Fan Date: Thu Aug 22 21:48:49 2024 +0800 remoteproc: imx_rproc: Allow setting of the mailbox transmit mode Current mailbox is blocking by default, but there are cases where we don't need to wait for a response. Linux just needs to send data to the remote processor, so let's allow tx_block mode to be set (true/false) depending on usecase. No functional changes. Signed-off-by: Peng Fan Reviewed-by: Daniel Baluta Link: https://lore.kernel.org/r/20240822-imx_rproc-v3-1-6d943723945d@nxp.com Signed-off-by: Mathieu Poirier commit f086d18db11724f55e70e001ce5cc29fdf47bb55 Merge: e540e3bcf2a26e 0941c832823498 Author: Jakub Kicinski Date: Mon Aug 26 09:21:19 2024 -0700 Merge branch 'adds-support-for-lan887x-phy' Divya Koppera says: ==================== Adds support for lan887x phy Adds support for lan887x phy and accept autoneg configuration in phy driver only when feature is enabled in supported list. v2: https://lore.kernel.org/20240813181515.863208-1-divya.koppera@microchip.com v1: https://lore.kernel.org/20240808145916.26006-1-Divya.Koppera@microchip.com ==================== Link: https://patch.msgid.link/20240821055906.27717-1-Divya.Koppera@microchip.com Signed-off-by: Jakub Kicinski commit 0941c83282349859e736b279908fd958f23e281a Author: Divya Koppera Date: Wed Aug 21 11:29:06 2024 +0530 net: phy: microchip_t1: Adds support for lan887x phy The LAN887x is a Single-Port Ethernet Physical Layer Transceiver compliant with the IEEE 802.3bw (100BASE-T1) and IEEE 802.3bp (1000BASE-T1) specifications. The device provides 100/1000 Mbit/s transmit and receive capability over a single Unshielded Twisted Pair (UTP) cable. It supports communication with an Ethernet MAC via standard RGMII/SGMII interfaces. LAN887x supports following features, - Events/Interrupts - LED/GPIO Operation - IEEE 1588 (PTP) - SQI - Sleep and Wakeup (TC10) - Cable Diagnostics First patch only supports 100Mbps and 1000Mbps force-mode. Reviewed-by: Andrew Lunn Signed-off-by: Divya Koppera Link: https://patch.msgid.link/20240821055906.27717-3-Divya.Koppera@microchip.com Signed-off-by: Jakub Kicinski commit d4c897675a5a9f41a3f2c964d84e93bca5367f7a Author: Divya Koppera Date: Wed Aug 21 11:29:05 2024 +0530 net: phy: Add phy library support to check supported list when autoneg is enabled Adds support in phy library to accept autoneg configuration only when feature is enabled in supported list. Signed-off-by: Divya Koppera Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240821055906.27717-2-Divya.Koppera@microchip.com Signed-off-by: Jakub Kicinski commit 97c5aac4f2f012c3b216129be3e33850fe931ec1 Author: Jinjie Ruan Date: Mon Aug 26 14:24:08 2024 +0800 of: resolver: Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/r/20240826062408.2406734-4-ruanjinjie@huawei.com Signed-off-by: Rob Herring (Arm) commit bd7b58681a0789dba2d712d40805ad5f19150c6c Author: Jinjie Ruan Date: Mon Aug 26 14:24:07 2024 +0800 of/platform: Simplify with scoped for each OF child Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/r/20240826062408.2406734-3-ruanjinjie@huawei.com Signed-off-by: Rob Herring (Arm) commit af7460d5e1868ca73e51339d218a88a22ccd2b62 Author: Jinjie Ruan Date: Mon Aug 26 14:24:06 2024 +0800 of: overlay: Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/r/20240826062408.2406734-2-ruanjinjie@huawei.com Signed-off-by: Rob Herring (Arm) commit e540e3bcf2a26e02cf2d6295a38773c1e415e375 Merge: b2ede25b7e7972 af8a066f1c4732 Author: Jakub Kicinski Date: Mon Aug 26 08:50:28 2024 -0700 Merge tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Daniel Borkmann says: ==================== pull-request: bpf-next 2024-08-23 We've added 10 non-merge commits during the last 15 day(s) which contain a total of 10 files changed, 222 insertions(+), 190 deletions(-). The main changes are: 1) Add TCP_BPF_SOCK_OPS_CB_FLAGS to bpf_*sockopt() to address the case when long-lived sockets miss a chance to set additional callbacks if a sockops program was not attached early in their lifetime, from Alan Maguire. 2) Add a batch of BPF selftest improvements which fix a few bugs and add missing features to improve the test coverage of sockmap/sockhash, from Michal Luczaj. 3) Fix a false-positive Smatch-reported off-by-one in tcp_validate_cookie() which is part of the test_tcp_custom_syncookie BPF selftest, from Kuniyuki Iwashima. 4) Fix the flow_dissector BPF selftest which had a bug in IP header's tot_len calculation doing subtraction after htons() instead of inside htons(), from Asbjørn Sloth Tønnesen. * tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next: selftest: bpf: Remove mssind boundary check in test_tcp_custom_syncookie.c. selftests/bpf: Introduce __attribute__((cleanup)) in create_pair() selftests/bpf: Exercise SOCK_STREAM unix_inet_redir_to_connected() selftests/bpf: Honour the sotype of af_unix redir tests selftests/bpf: Simplify inet_socketpair() and vsock_socketpair_connectible() selftests/bpf: Socket pair creation, cleanups selftests/bpf: Support more socket types in create_pair() selftests/bpf: Avoid subtraction after htons() in ipip tests selftests/bpf: add sockopt tests for TCP_BPF_SOCK_OPS_CB_FLAGS bpf/bpf_get,set_sockopt: add option to set TCP-BPF sock ops flags ==================== Link: https://patch.msgid.link/20240823134959.1091-1-daniel@iogearbox.net Signed-off-by: Jakub Kicinski commit b2ede25b7e79720c29c172f90d8ec34a2f3e6ff8 Merge: 18aaa82bd36ae3 c88baabf16d1ef Author: Jakub Kicinski Date: Mon Aug 26 08:42:54 2024 -0700 Merge tag 'nf-next-24-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next Pablo Neira Ayuso says: ==================== Netfilter updates for net-next The following batch contains Netfilter updates for net-next: Patch #1 fix checksum calculation in nfnetlink_queue with SCTP, segment GSO packet since skb_zerocopy() does not support GSO_BY_FRAGS, from Antonio Ojea. Patch #2 extend nfnetlink_queue coverage to handle SCTP packets, from Antonio Ojea. Patch #3 uses consume_skb() instead of kfree_skb() in nfnetlink, from Donald Hunter. Patch #4 adds a dedicate commit list for sets to speed up intra-transaction lookups, from Florian Westphal. Patch #5 skips removal of element from abort path for the pipapo backend, ditching the shadow copy of this datastructure is sufficient. Patch #6 moves nf_ct_netns_get() out of nf_conncount_init() to let users of conncoiunt decide when to enable conntrack, this is needed by openvswitch, from Xin Long. Patch #7 pass context to all nft_parse_register_load() in preparation for the next patch. Patches #8 and #9 reject loads from uninitialized registers from control plane to remove register initialization from datapath. From Florian Westphal. * tag 'nf-next-24-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next: netfilter: nf_tables: don't initialize registers in nft_do_chain() netfilter: nf_tables: allow loads only when register is initialized netfilter: nf_tables: pass context structure to nft_parse_register_load netfilter: move nf_ct_netns_get out of nf_conncount_init netfilter: nf_tables: do not remove elements if set backend implements .abort netfilter: nf_tables: store new sets in dedicated list netfilter: nfnetlink: convert kfree_skb to consume_skb selftests: netfilter: nft_queue.sh: sctp coverage netfilter: nfnetlink_queue: unbreak SCTP traffic ==================== Link: https://patch.msgid.link/20240822221939.157858-1-pablo@netfilter.org Signed-off-by: Jakub Kicinski commit 03c3d7c74371a46d967fbf41628874ec04ddda96 Author: Niklas Cassel Date: Thu Aug 15 22:11:31 2024 +0200 nvme-rdma: send cntlid in the RDMA_CM_REQUEST Private Data When sending a RDMA_CM_REQUEST, the NVMe RDMA Transport Specification allows you to populate the cntlid field in the RDMA_CM_REQUEST Private Data. The cntlid is returned by the target on completion of the first RDMA_CM_REQUEST command (which creates the admin queue). The cntlid field can then be populated by the host when the I/O queues are created (using additional RDMA_CM_REQUEST commands), such that the target can perform extra validation for additional RDMA_CM_REQUEST commands. This additional error code and error message is also added, such that nvme_rdma_cm_msg() will display the proper error message if the target fails the RDMA_CM_REQUEST command because of this extra validation. Signed-off-by: Niklas Cassel Reviewed-by: Sagi Grimberg Reviewed-by: Christoph Hellwig Signed-off-by: Keith Busch commit 071d583e01c88272f6ff216d4f867f8f35e94d7d Author: Michał Winiarski Date: Fri Aug 23 18:30:48 2024 +0200 drm: Expand max DRM device number to full MINORBITS Having a limit of 64 DRM devices is not good enough for modern world where we have multi-GPU servers, SR-IOV virtual functions and virtual devices used for testing. Let's utilize full minor range for DRM devices. To avoid regressing the existing userspace, we're still maintaining the numbering scheme where 0-63 is used for primary, 64-127 is reserved (formerly for control) and 128-191 is used for render. For minors >= 192, we're allocating minors dynamically on a first-come, first-served basis. Signed-off-by: Michał Winiarski Link: https://patchwork.freedesktop.org/patch/msgid/20240823163048.2676257-4-michal.winiarski@intel.com Acked-by: James Zhu Acked-by: Christian König Signed-off-by: Christian König commit 45c4d994b82b08f0ce5eb50f8da29379c92a391e Author: Michał Winiarski Date: Fri Aug 23 18:30:47 2024 +0200 accel: Use XArray instead of IDR for minors Accel minor management is based on DRM (and is also using struct drm_minor internally), since DRM is using XArray for minors, it makes sense to also convert accel. As the two implementations are identical (only difference being the underlying xarray), move the accel_minor_* functionality to DRM. Signed-off-by: Michał Winiarski Acked-by: James Zhu Acked-by: Christian König Link: https://patchwork.freedesktop.org/patch/msgid/20240823163048.2676257-3-michal.winiarski@intel.com Signed-off-by: Christian König commit 5fbca8b48b3050ae7fb611a8b09af60012ed6de1 Author: Michał Winiarski Date: Fri Aug 23 18:30:46 2024 +0200 drm: Use XArray instead of IDR for minors IDR is deprecated, and since XArray manages its own state with internal locking, it simplifies the locking on DRM side. Additionally, don't use the IRQ-safe variant, since operating on drm minor is not done in IRQ context. Suggested-by: Matthew Wilcox Signed-off-by: Michał Winiarski Acked-by: James Zhu Acked-by: Christian König Link: https://patchwork.freedesktop.org/patch/msgid/20240823163048.2676257-2-michal.winiarski@intel.com Signed-off-by: Christian König commit 1d4684fbe88dc28e2bf79f5e94a432f0469d2dac Author: Nicolin Chen Date: Fri Aug 2 17:32:02 2024 -0700 iommufd: Reorder include files Reorder include files to alphabetic order to simplify maintenance, and separate local headers and global headers with a blank line. No functional change intended. Link: https://patch.msgid.link/r/7524b037cc05afe19db3c18f863253e1d1554fa2.1722644866.git.nicolinc@nvidia.com Signed-off-by: Nicolin Chen Signed-off-by: Jason Gunthorpe commit 69a8d0edb9d78bb5515133b7c08f399d6eaff37a Author: Shen Lichuan Date: Mon Aug 26 13:44:02 2024 +0800 ASoC: SOF: topology: Use kmemdup_array instead of kmemdup for multiple allocation Let the kmemdup_array() take care about multiplication and possible overflows. Using kmemdup_array() is more appropriate and makes the code easier to audit. Signed-off-by: Shen Lichuan Link: https://patch.msgid.link/20240826054402.58396-1-shenlichuan@vivo.com Signed-off-by: Mark Brown commit 0225d3b9efe3daca332befaa0c4ce2f119297d5a Author: Krzysztof Kozlowski Date: Sun Aug 25 10:57:45 2024 +0200 ASoC: MAINTAINERS: Drop incorrect tlv320aic31xx.txt path tlv320aic31xx.txt was converted to DT schema (YAML) and new file is already matched by wildcard. This fixes get_maintainers.pl self-test warning: ./MAINTAINERS:22739: warning: no file matches F: Documentation/devicetree/bindings/sound/tlv320aic31xx.txt Fixes: e486feb7b8ec ("ASoC: dt-bindings: convert tlv320aic31xx.txt to yaml") Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240825085745.21668-1-krzysztof.kozlowski@linaro.org Signed-off-by: Mark Brown commit c8dc1016ba0e249e45863c1da3b951efe7c4214a Author: Shenghao Ding Date: Sat Aug 24 14:05:00 2024 +0800 ASoC: tas2781: replace devm_kzalloc and scnprintf with devm_kstrdup Replace devm_kzalloc and scnprintf with devm_kstrdup. Signed-off-by: Shenghao Ding Link: https://patch.msgid.link/20240824060503.1259-1-shenghao-ding@ti.com Signed-off-by: Mark Brown commit c34068c8edad268bbd83feb39ef1b8b47b571dd6 Author: Andy Shevchenko Date: Wed Aug 21 15:04:57 2024 +0300 platform/x86: intel-hid: Use string_choices API instead of ternary operator Use modern string_choices API instead of manually determining the output using ternary operator. Signed-off-by: Andy Shevchenko Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20240821120458.3702655-1-andriy.shevchenko@linux.intel.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit bb9a9bf2787fbe1a4e003daabc8f7a31c17740d6 Author: Srinivas Pandruvada Date: Tue Aug 20 13:45:58 2024 -0700 platform/x86/intel-uncore-freq: Do not present separate package-die domain The scope of uncore control is per power domain with TPMI. There are two types of processor topologies can be presented by CPUID extended topology leaf irrespective of the hardware architecture: 1. A die is not enumerated in CPUID. In this case there is only one die in a package is visible. In this case there can be multiple power domains in a single die. 2. A power domain in a package is enumerated as a die in CPUID. So there is one power domain per die. To allow die level controls, the current implementation creates a root domain and aggregates all information from power domains in it. This is well suited for configuration 1 above. But for configuration 2 above, the root domain will present the same information as present by power domain. So, no use of aggregating. To check the configuration, call topology_max_dies_per_package(). If it is more than one, avoid creating root domain. Signed-off-by: Srinivas Pandruvada Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20240820204558.1296319-1-srinivas.pandruvada@linux.intel.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 22bc22ccf95bfa6eb6288ba4bc33d7fc0078381e Author: renjun wang Date: Sat Aug 24 16:36:34 2024 +0800 drm: Fix kerneldoc for "Returns" section The blank line between title "Returns:" and detail description is not allowed, otherwise the title will goes under the description block in generated .html file after running `make htmldocs`. There are a few examples for current kerneldoc at [1][2][3]. v2: - use Link tag with stable URLs Signed-off-by: renjun wang Link: https://www.kernel.org/doc/html/v6.10/gpu/drm-kms.html#c.drm_crtc_commit_wait # 1 Link: https://www.kernel.org/doc/html/v6.10/gpu/drm-kms.html#c.drm_atomic_get_crtc_state # 2 Link: https://www.kernel.org/doc/html/v6.10/gpu/i915.html#c.i915_vma_pin_fence # 3 Reviewed-by: Thomas Zimmermann Signed-off-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/tencent_37A873672B5CD20DECAF99DEDAC5E45C3106@qq.com commit f133c76409c81653cb580903da49aecefca67013 Author: Andi Kleen Date: Tue Aug 13 14:36:49 2024 -0700 perf test: Support external tests for separate objdir Extend the searching for the test files so that it works when running perf from a separate objdir, and also when the perf executable is symlinked. Signed-off-by: Andi Kleen Acked-by: Namhyung Kim Cc: Andi Kleen Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240813213651.1057362-2-ak@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit cf4d37b8157ca085c17fdc1faad737465ff311b9 Author: renjun wang Date: Sat Aug 24 16:20:14 2024 +0800 drm/atomic: fix kerneldoc for fake_commit field According to the context, the function description for fake_commit should be "prevent the atomic states from being freed too early" Signed-off-by: renjun wang Reviewed-by: Thomas Zimmermann Signed-off-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/tencent_6EF2603DCCFAD6A8265F8AAD9D6D5BCB9309@qq.com commit 67733d7a71503fd3e32eeada371f8aa2516c5c95 Author: John Harrison Date: Thu Aug 1 20:10:51 2024 -0700 drm/i915: ARL requires a newer GSC firmware ARL and MTL share a single GSC firmware blob. However, ARL requires a newer version of it. So add differentiate of the PCI ids for ARL from MTL and create ARL as a sub-platform of MTL. That way, all the existing workarounds and such still treat ARL as MTL exactly as before. However, now the GSC code can check for ARL and do an extra version check on the firmware before committing to it. Also, the version extraction code has various ways of failing but the return code was being ignore and so the firmware load would attempt to continue anyway. Fix that by propagating the return code to the next level out. Signed-off-by: John Harrison Fixes: 213c43676beb ("drm/i915/mtl: Remove the 'force_probe' requirement for Meteor Lake") Reviewed-by: Daniele Ceraolo Spurio Acked-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240802031051.3816392-1-John.C.Harrison@Intel.com Signed-off-by: Rodrigo Vivi commit 51394119f640423858a2f04076d6f1c3e83fa715 Author: Abel Vesa Date: Mon Aug 26 15:38:46 2024 +0300 drm/panel-edp: add BOE NE140WUM-N6G panel entry Add an eDP panel entry for BOE NE140WUM-N6G. Due to lack of documentation, use the delay_200_500_e80 timings like some other BOE entries for now. The raw edid of the panel is: 00 ff ff ff ff ff ff 00 09 e5 66 0b 00 00 00 00 1a 20 01 04 a5 1e 13 78 07 01 5f a7 54 4c 9b 24 11 51 56 00 00 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 9c 3e 80 c8 70 b0 3c 40 30 20 36 00 2e bc 10 00 00 1a 16 32 80 c8 70 b0 3c 40 30 20 36 00 2e bc 10 00 00 1a 00 00 00 fd 00 1e 3c 4c 4c 10 01 0a 20 20 20 20 20 20 00 00 00 fe 00 4e 45 31 34 30 57 55 4d 2d 4e 36 47 0a 00 dc Reviewed-by: Douglas Anderson Signed-off-by: Abel Vesa Signed-off-by: Douglas Anderson Link: https://patchwork.freedesktop.org/patch/msgid/20240826-drm-panel-edp-add-boe-ne140wum-n6g-v2-1-2758e8574842@linaro.org commit 39ab331ab5d377a18fbf5a0e0b228205edfcc7f4 Author: Geert Uytterhoeven Date: Tue Aug 20 14:16:53 2024 +0200 of/irq: Refer to actual buffer size in of_irq_parse_one() Replace two open-coded calculations of the buffer size by invocations of sizeof() on the buffer itself, to make sure the code will always use the actual buffer size. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/r/817c0b9626fd30790fc488c472a3398324cfcc0c.1724156125.git.geert+renesas@glider.be Signed-off-by: Rob Herring (Arm) commit d6ae27bb86fcc89b13448bb76e3d13b64837904f Merge: ee74817b0d6674 b739dffa5d570b Author: Rob Herring (Arm) Date: Mon Aug 26 08:44:21 2024 -0500 Merge branch 'dt/linus' into dt/next Pull in fixes to apply further refactoring. commit a3d44f011c6b7a87c9ad0d5be2f5fa092fa419bf Author: Laurent Pinchart Date: Tue Jun 18 21:46:44 2024 +0300 media: renesas: vsp1: Implement .link_validate() for video devices The v4l2_subdev_link_validate() helper prints a warning if the .link_validate() operation is not implemented for video devices connected to the subdevs. Implement the operation to silence the warning. Ideally validation of the link between the video device and the subdev should be implemented in that operation. That would however break userspace that does not configure formats on all video devices before starting streaming. While this mode of operation may not be considered valid by the V4L2 API specification (interpretation differ), it is nonetheless supported by the vsp1 driver at the moment and used by at least the vsp1 unit test suite, and possibly other userspace applications. Removing it would be a regression. Signed-off-by: Laurent Pinchart Reviewed-by: Tomi Valkeinen Acked-by: Sakari Ailus commit 5fd3e2412ade67ea20d855f0aea821c650d27559 Author: Laurent Pinchart Date: Wed Jun 19 03:02:42 2024 +0300 media: v4l2-subdev: Support hybrid links in v4l2_subdev_link_validate() The v4l2_subdev_link_validate() helper function is meant to be used as a drop-in implementation of a V4L2 subdev entity .link_validate() handler. It supports subdev-to-subdev links only, and complains if one end of the link is not a subdev. This forces drivers that have video output devices connected to subdevs to implement a custom .link_validate() handler, calling v4l2_subdev_link_validate() for the subdev-to-subdev links, and performing manual link validation for the video-to-subdev links. Video devices embed a media entity, and therefore also have a .link_validate() operation. For video capture devices, the operation should be manually implemented by drivers for validate the subdev-to-video links. For video output devices, on the other hand, that operation is never called, as link validation is performed in the context of the sink entity. As a result, we end up forcing drivers to implement a custom .link_validate() handler for subdevs connected to video output devices, when the video devices provide an operation that could be used for that purpose. To improve that situation, make v4l2_subdev_link_validate() delegate link validation to the source's .link_validate() operation when the link source is a video device and the link sink is a subdev. This allows broader usage of v4l2_subdev_link_validate(), and simplifies drivers by making video device link validation easy to implement in the video device .link_validate(), regardless of whether the video device is an output device or a capture device. Signed-off-by: Laurent Pinchart Reviewed-by: Tomi Valkeinen Acked-by: Sakari Ailus commit d1307671e5221967809c4b626affbad29e371006 Author: Laurent Pinchart Date: Wed Jun 19 02:56:01 2024 +0300 media: v4l2-subdev: Refactor warnings in v4l2_subdev_link_validate() The v4l2_subdev_link_validate() function prints a one-time warning if it gets called on a link whose source or sink is not a subdev. As links get validated in the context of their sink, a call to the helper when the link's sink is not a subdev indicates that the driver has set its .link_validate() handler to v4l2_subdev_link_validate() on a non-subdev entity, which is a clear driver bug. On the other hand, the link's source not being a subdev indicates that the helper is used for a subdev connected to a video output device, which is a lesser issue, if only because this is currently common practice. There are no drivers left in the kernel that use v4l2_subdev_link_validate() in a context where it may get called on a non-subdev sink. Replace the pr_warn_once() with a WARN_ON_ONCE() in this case to make sure that new offenders won't be introduced. A subsequent change will improve the v4l2_subdev_link_validate() helper to properly support validating video device to subdev links. Signed-off-by: Laurent Pinchart Reviewed-by: Tomi Valkeinen Acked-by: Sakari Ailus commit 9bde4f7caf38df94257d2483e89f371b1a530e9a Author: Laurent Pinchart Date: Wed Jun 19 02:46:16 2024 +0300 media: sun4i_csi: Don't use v4l2_subdev_link_validate() for video device The v4l2_subdev_link_validate() function is a helper designed to validate links whose sink is a subdev. When called on a link whose sink is a video device, it only prints a warning and returns. Its usage in the sun4i_csi driver is wrong, leaving the link from the sub4i_csi subdev to the capture video device unvalidated. Planned improvements to the v4l2_subdev_link_validate() function will turn the warning into an error, breaking the sun4i_csi driver. As an interim measure, move the warning to the sun4i_csi driver in a custom validation handler, and drop the call to the helper. Signed-off-by: Laurent Pinchart Acked-by: Chen-Yu Tsai Reviewed-by: Tomi Valkeinen Acked-by: Sakari Ailus commit 2dc5d5d401f5c6cecd97800ffef82e8d17d228f0 Author: Laurent Pinchart Date: Wed Jun 19 02:46:16 2024 +0300 media: sun4i_csi: Implement link validate for sun4i_csi subdev The sun4i_csi driver doesn't implement link validation for the subdev it registers, leaving the link between the subdev and its source unvalidated. Fix it, using the v4l2_subdev_link_validate() helper. Fixes: 577bbf23b758 ("media: sunxi: Add A10 CSI driver") Cc: stable@vger.kernel.org Signed-off-by: Laurent Pinchart Acked-by: Chen-Yu Tsai Reviewed-by: Tomi Valkeinen Acked-by: Sakari Ailus commit 06564411dcd10277eb5e192106603114cac3fd3f Author: Laurent Pinchart Date: Wed Jun 19 02:42:34 2024 +0300 media: microchip-isc: Drop v4l2_subdev_link_validate() for video devices The v4l2_subdev_link_validate() function is a helper designed to validate links whose sink is a subdev. When called on a link whose sink is a video device, it only prints a warning and returns. As the microchip-isc driver implements manual validate of the subdev to video device link, we can just drop the v4l2_subdev_link_validate() to avoid the warning. Signed-off-by: Laurent Pinchart Reviewed-by: Tomi Valkeinen Acked-by: Sakari Ailus commit 4c0d9477ba69a417c698aec1d3012e188cf97add Author: Johan Hovold Date: Wed Jul 31 15:28:48 2024 +0200 USB: serial: kobil_sct: restore initial terminal settings Commit 6a6c8b362be3 ("usb, kobil: Sort out some bogus tty handling") intended to fix and clean up the device-specific initial terminal settings but instead confused the termios input and local control flags and re-enabled ICRNL and IXON. Drop the bogus masking of l-flags from the default i-flags (which has no effect) and restore the original device-specific i-flags. Fixes: 6a6c8b362be3 ("usb, kobil: Sort out some bogus tty handling") Signed-off-by: Johan Hovold commit 6d243588e95ec221e533cc749106aaefaea27486 Author: Krzysztof Kozlowski Date: Fri May 3 12:10:53 2024 +0200 USB: serial: drop driver owner initialization Core in usb_serial_register_drivers() already sets the .owner, so driver does not need to. Signed-off-by: Krzysztof Kozlowski Signed-off-by: Johan Hovold commit af8a6e65f42c6c89414017cc4d78403e83056172 Author: Krzysztof Kozlowski Date: Fri May 3 12:10:52 2024 +0200 USB: serial: set driver owner when registering drivers Modules registering drivers with usb_serial_register_drivers() might forget to set .owner field. The field is used by some of other kernel parts for reference counting (try_module_get()), so it is expected that drivers will set it. Solve the problem by moving this task away from the drivers to the core USB serial code, just like we did for platform_driver in commit 9447057eaff8 ("platform_device: use a macro instead of platform_driver_register"). Signed-off-by: Krzysztof Kozlowski [ johan: amend commit summary ] Signed-off-by: Johan Hovold commit 594cf78dc36f31c0c7e0de4567e644f406d46bae Author: Imre Deak Date: Fri Aug 23 19:29:18 2024 +0300 drm/i915/dp_mst: Fix MST state after a sink reset In some cases the sink can reset itself after it was configured into MST mode, without the driver noticing the disconnected state. For instance the reset may happen in the middle of a modeset, or the (long) HPD pulse generated may be not long enough for the encoder detect handler to observe the HPD's deasserted state. In this case the sink's DPCD register programmed to enable MST will be reset, while the driver still assumes MST is still enabled. Detect this condition, which will tear down and recreate/re-enable the MST topology. v2: - Add a code comment about adjusting the expected DP_MSTM_CTRL register value for SST + SideBand. (Suraj, Jani) - Print a debug message about detecting the link reset. (Jani) - Verify the DPCD MST state only if it wasn't already determined that the sink is disconnected. Cc: stable@vger.kernel.org Cc: Jani Nikula Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/11195 Reviewed-by: Suraj Kandpal (v1) Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240823162918.1211875-1-imre.deak@intel.com commit 8d3cefaf659265aa82b0373a563fdb9d16a2b947 Author: Heiner Kallweit Date: Thu Aug 15 21:44:50 2024 +0200 i2c: core: Lock address during client device instantiation Krzysztof reported an issue [0] which is caused by parallel attempts to instantiate the same I2C client device. This can happen if driver supports auto-detection, but certain devices are also instantiated explicitly. The original change isn't actually wrong, it just revealed that I2C core isn't prepared yet to handle this scenario. Calls to i2c_new_client_device() can be nested, therefore we can't use a simple mutex here. Parallel instantiation of devices at different addresses is ok, so we just have to prevent parallel instantiation at the same address. We can use a bitmap with one bit per 7-bit I2C client address, and atomic bit operations to set/check/clear bits. Now a parallel attempt to instantiate a device at the same address will result in -EBUSY being returned, avoiding the "sysfs: cannot create duplicate filename" splash. Note: This patch version includes small cosmetic changes to the Tested-by version, only functional change is that address locking is supported for slave addresses too. [0] https://lore.kernel.org/linux-i2c/9479fe4e-eb0c-407e-84c0-bd60c15baf74@ans.pl/T/#m12706546e8e2414d8f1a0dc61c53393f731685cc Fixes: caba40ec3531 ("eeprom: at24: Probe for DDR3 thermal sensor in the SPD case") Cc: stable@vger.kernel.org Tested-by: Krzysztof Piotr Oledzki Signed-off-by: Heiner Kallweit Signed-off-by: Wolfram Sang commit 87599eddc25ac03647ab76221523c6485e7594b1 Author: Christophe JAILLET Date: Sun Aug 25 18:22:23 2024 +0200 drbd: Remove an unused field in struct drbd_device 'next_barrier_nr' is not used in this driver. Remove it. It was already part of the original commit b411b3637fa7 ("The DRBD driver") Apparently, it has never been used. Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/d5322ef88d1d6f544963ee277cb0b427da8dceef.1724602922.git.christophe.jaillet@wanadoo.fr Signed-off-by: Jens Axboe commit 3d16973f771a957d0afd58551b43b861eacc3127 Author: Wolfram Sang Date: Wed Aug 14 20:22:09 2024 +0200 i2c: testunit: add SMBusAlert trigger To test SMBusAlert handlers, let the testunit be able to trigger SMBusAlert interrupts. This new command needs a GPIO connected to the SMBAlert# line. Signed-off-by: Wolfram Sang commit 06e12ae5f036daeafd175fe4afebc173203f2f19 Author: Wolfram Sang Date: Wed Aug 14 20:22:08 2024 +0200 i2c: testunit: move code to avoid a forward declaration To avoid forward declarations in upcoming code, move the workqueue handler as-is downwards. This will ease review of the new features. Signed-off-by: Wolfram Sang commit bbec612963fde8f6e5f0ce98aad63169d8c64553 Author: Wolfram Sang Date: Wed Aug 14 20:22:07 2024 +0200 i2c: testunit: describe fwnode based instantiation The testunit can also be instantiated via firmware nodes. Give a devicetree node as an example. Signed-off-by: Wolfram Sang commit 1757cc292ad438b501fbbe37ad733a72671cc1f3 Author: Kees Cook Date: Wed Jul 24 13:13:57 2024 -0700 Documentation: KUnit: Update filename best practices Based on feedback from Linus[1] and follow-up discussions, change the suggested file naming for KUnit tests. Link: https://lore.kernel.org/lkml/CAHk-=wgim6pNiGTBMhP8Kd3tsB7_JTAuvNJ=XYd3wPvvk=OHog@mail.gmail.com/ [1] Reviewed-by: John Hubbard Signed-off-by: Kees Cook Reviewed-by: David Gow Signed-off-by: Shuah Khan commit 259f5082721f1d17b4e5b9dc2bb430821afd95aa Author: Aakarsh Jain Date: Thu Aug 8 19:14:32 2024 +0530 dt-bindings: media: s5p-mfc: Remove s5p-mfc.txt binding s5p-mfc bindings to json-schema is already merged with this commit 538af6e5856b ("dt-bindings: media: s5p-mfc: convert bindings to json-schema"). Remove s5p-mfc.txt file. Fixes: 538af6e5856b ("dt-bindings: media: s5p-mfc: convert bindings to json-schema") Signed-off-by: Aakarsh Jain Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240808134432.50073-1-aakarsh.jain@samsung.com Signed-off-by: Krzysztof Kozlowski commit f5e1638bf3c785600e2ab53e5532007af5296581 Author: Vladimir Zapolskiy Date: Sat Aug 24 01:59:17 2024 +0300 mmc: core: remove left-over data structure declarations The last users of 'enum mmc_blk_status' and 'struct mmc_async_req' were removed by commit 126b62700386 ("mmc: core: Remove code no longer needed after the switch to blk-mq") in 2017, remove these two left-over data structures. Signed-off-by: Vladimir Zapolskiy Link: https://lore.kernel.org/r/20240823225917.2826156-1-vladimir.zapolskiy@linaro.org Signed-off-by: Ulf Hansson commit d3596c73011d1b0e9b43ae12f1e0f491d6bb96eb Author: Christophe JAILLET Date: Wed Aug 21 15:24:06 2024 +0200 mmc: core: Remove struct mmc_context_info The 'mmc_context_info' structure is unused. It has been introduced in: - commit 2220eedfd7ae ("mmc: fix async request mechanism for sequential read scenarios") in 2013-02 and its usages have been removed in: - commit 126b62700386 ("mmc: core: Remove code no longer needed after the switch to blk-mq") - commit 0fbfd1251830 ("mmc: block: Remove code no longer needed after the switch to blk-mq") in 2017-12. Now remove this unused structure. Signed-off-by: Christophe JAILLET Reviewed-by: Vladimir Zapolskiy Link: https://lore.kernel.org/r/232106a8a6a374dee25feea9b94498361568c10b.1724246389.git.christophe.jaillet@wanadoo.fr Signed-off-by: Ulf Hansson commit f0c8431568eedee7705c92f5c341bdc4567e3ad5 Author: Jens Wiklander Date: Wed Aug 14 17:35:58 2024 +0200 optee: probe RPMB device using RPMB subsystem Adds support in the OP-TEE drivers (both SMC and FF-A ABIs) to probe and use an RPMB device via the RPMB subsystem instead of passing the RPMB frames via tee-supplicant in user space. A fallback mechanism is kept to route RPMB frames via tee-supplicant if the RPMB subsystem isn't available. The OP-TEE RPC ABI is extended to support iterating over all RPMB devices until one is found with the expected RPMB key already programmed. Signed-off-by: Jens Wiklander Tested-by: Manuel Traut Reviewed-by: Sumit Garg Link: https://lore.kernel.org/r/20240814153558.708365-5-jens.wiklander@linaro.org Signed-off-by: Ulf Hansson commit c30b855e814d9094e369a19fbd86c9bb5badc154 Author: Jens Wiklander Date: Wed Aug 14 17:35:57 2024 +0200 tee: add tee_device_set_dev_groups() Add tee_device_set_dev_groups() to TEE drivers to supply driver specific attribute groups. The class specific attributes are from now on added via the tee_class, which currently only consist of implementation_id. Signed-off-by: Jens Wiklander Reviewed-by: Sumit Garg Link: https://lore.kernel.org/r/20240814153558.708365-4-jens.wiklander@linaro.org Signed-off-by: Ulf Hansson commit 7852028a35f03e04c9cdc92fd26894cca4a8a4de Author: Jens Wiklander Date: Wed Aug 14 17:35:56 2024 +0200 mmc: block: register RPMB partition with the RPMB subsystem Register eMMC RPMB partition with the RPMB subsystem and provide an implementation for the RPMB access operations abstracting the actual multi step process. Add a callback to extract the needed device information at registration to avoid accessing the struct mmc_card at a later stage as we're not holding a reference counter for this struct. Taking the needed reference to md->disk in mmc_blk_alloc_rpmb_part() instead of in mmc_rpmb_chrdev_open(). This is needed by the route_frames() function pointer in struct rpmb_ops. Signed-off-by: Tomas Winkler Signed-off-by: Alexander Usyskin Signed-off-by: Jens Wiklander Tested-by: Manuel Traut Reviewed-by: Linus Walleij Reviewed-by: Ulf Hansson Link: https://lore.kernel.org/r/20240814153558.708365-3-jens.wiklander@linaro.org Signed-off-by: Ulf Hansson commit 1e9046e3a154608f63ce79edcb01e6afd6b10c7c Author: Jens Wiklander Date: Wed Aug 14 17:35:55 2024 +0200 rpmb: add Replay Protected Memory Block (RPMB) subsystem A number of storage technologies support a specialised hardware partition designed to be resistant to replay attacks. The underlying HW protocols differ but the operations are common. The RPMB partition cannot be accessed via standard block layer, but by a set of specific RPMB commands. Such a partition provides authenticated and replay protected access, hence suitable as a secure storage. The initial aim of this patch is to provide a simple RPMB driver interface which can be accessed by the optee driver to facilitate early RPMB access to OP-TEE OS (secure OS) during the boot time. A TEE device driver can claim the RPMB interface, for example, via rpmb_interface_register() or rpmb_dev_find_device(). The RPMB driver provides a callback to route RPMB frames to the RPMB device accessible via rpmb_route_frames(). The detailed operation of implementing the access is left to the TEE device driver itself. Signed-off-by: Tomas Winkler Signed-off-by: Alex Bennée Signed-off-by: Shyam Saini Signed-off-by: Jens Wiklander Reviewed-by: Linus Walleij Tested-by: Manuel Traut Reviewed-by: Ulf Hansson Reviewed-by: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240814153558.708365-2-jens.wiklander@linaro.org Signed-off-by: Ulf Hansson commit 0579ac48d30f8bea0c83e92fd508efc879bbe96e Merge: 1645e815cb5c10 469e5e4713989f Author: Ulf Hansson Date: Mon Aug 26 13:13:26 2024 +0200 mmc: Merge branch fixes into next Merge the mmc fixes for v6.11-rc[n] into the next branch, to allow them to get tested together with the new mmc changes that are targeted for v6.12. Signed-off-by: Ulf Hansson commit 1645e815cb5c10ee7df736408d2afc9b7bcfd606 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:29:23 2024 +0200 dt-bindings: mmc: renesas,sdhi: add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clocks. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240818172923.121867-1-krzysztof.kozlowski@linaro.org Signed-off-by: Ulf Hansson commit e634d9873bb13f6a91262099f545af8faf456fd0 Author: Thorsten Blum Date: Sun Aug 18 16:23:01 2024 +0200 mmc: mtk-sd: Improve data type in msdc_timeout_cal() The local variable clk_ns uses at most 32 bits and can be a u32. Replace the 64-by-32 do_div() division with a standard divison. Since do_div() casts the divisor to u32 anyway, changing the data type of clk_ns to u32 also removes the following Coccinelle/coccicheck warning reported by do_div.cocci: WARNING: do_div() does a 64-by-32 division, please consider using div64_u64 instead Use min_t(u32,,) to simplify the code and improve its readability. Signed-off-by: Thorsten Blum Link: https://lore.kernel.org/r/20240818142300.64156-2-thorsten.blum@toblux.com Signed-off-by: Ulf Hansson commit fcd56ecaadc88b26fefebf3fb6a1787ac1d059e2 Author: Lad Prabhakar Date: Mon Aug 5 22:12:57 2024 +0100 dt-bindings: mmc: renesas,sdhi: Remove duplicate compatible and add clock checks Remove the duplicate compatible entry `renesas,sdhi-r9a09g057` and add a restriction for clocks and clock-names for the RZ/V2H(P) SoC, which has four clocks similar to the RZ/G2L SoC. Reported-by: Geert Uytterhoeven Fixes: 32842af74abc ("dt-bindings: mmc: renesas,sdhi: Document RZ/V2H(P) support") Signed-off-by: Lad Prabhakar Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240805211257.61099-1-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Ulf Hansson commit 7af1a8f0965158b608baf11c53882f10a57376fd Author: Chen Wang Date: Mon Aug 5 17:19:24 2024 +0800 mmc: sdhci-of-dwcmshc: Add support for Sophgo SG2042 Add support for the mmc controller of Sophgo SG2042. SG2042 uses Synopsys PHY the same as TH1520 so we reuse the tuning logic from TH1520. Besides this, this patch implement some SG2042 specific work, such as clocks and reset ops. Signed-off-by: Chen Wang Acked-by: Adrian Hunter Link: https://lore.kernel.org/r/eb21847528a6487af54bb80f1ce94adff289cdb0.1722847198.git.unicorn_wang@outlook.com Signed-off-by: Ulf Hansson commit fc7b91683edbba4eab6c454f89e41aa56ea614e2 Author: Chen Wang Date: Mon Aug 5 17:19:04 2024 +0800 dt-bindings: mmc: sdhci-of-dwcmhsc: Add Sophgo SG2042 support SG2042 use Synopsys dwcnshc IP for SD/eMMC controllers. SG2042 defines 3 clocks for SD/eMMC controllers. - EMMC_100M/SD_100M for cclk(Card clocks in DWC_mshc), so reuse existing "core". - AXI_EMMC/AXI_SD for aclk/hclk(Bus interface clocks in DWC_mshc) and blck(Core Base Clock in DWC_mshc), these 3 clocks share one source, so reuse existing "bus". - 100K_EMMC/100K_SD for cqetmclk(Timer clocks in DWC_mshc), so reuse existing "timer" which was added for rockchip specified. Signed-off-by: Chen Wang Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/9ca450097e5389a38bcd7d8ddf863766df4cea10.1722847198.git.unicorn_wang@outlook.com Signed-off-by: Ulf Hansson commit a2e34ac156a0ff7bc0b22ea21a92b411636b7b50 Author: Chen Wang Date: Mon Aug 5 17:18:43 2024 +0800 mmc: sdhci-of-dwcmshc: add dwcmshc_pltfm_data Abstract dwcmshc_pltfm_data to hold the sdhci_pltfm_data plus some comoon operations of soc such as init/postinit. Signed-off-by: Chen Wang Tested-by: Drew Fustini # TH1520 Tested-by: Inochi Amaoto # Duo and Huashan Pi Acked-by: Adrian Hunter Link: https://lore.kernel.org/r/cb2c68c594286e9588c53acb76163e60c140c02b.1722847198.git.unicorn_wang@outlook.com Signed-off-by: Ulf Hansson commit 9676a7ef2cf5feb757fb08a712d0f06dcb824d24 Author: Chen Wang Date: Mon Aug 5 17:18:19 2024 +0800 mmc: sdhci-of-dwcmshc: factor out code into dwcmshc_rk35xx_init Continue factor out code fron probe into dwcmshc_rk35xx_init. Signed-off-by: Chen Wang Tested-by: Drew Fustini # TH1520 Tested-by: Inochi Amaoto # Duo and Huashan Pi Acked-by: Adrian Hunter Link: https://lore.kernel.org/r/4f1f2fa403ce7f0b4d79afb7d7e8a1690cde5d6c.1722847198.git.unicorn_wang@outlook.com Signed-off-by: Ulf Hansson commit 76610189b281cad900dafb9320161168e5761c14 Author: Chen Wang Date: Mon Aug 5 17:17:59 2024 +0800 mmc: sdhci-of-dwcmshc: factor out code for th1520_init() Different socs have initialization operations in the probe process, which are summarized as functions. This patch first factor out init function for th1520. Signed-off-by: Chen Wang Reviewed-by: Drew Fustini Tested-by: Drew Fustini # TH1520 Tested-by: Inochi Amaoto # Duo and Huashan Pi Acked-by: Adrian Hunter Link: https://lore.kernel.org/r/23c6a81052a6dd3660d60348731229d60a209b32.1722847198.git.unicorn_wang@outlook.com Signed-off-by: Ulf Hansson commit 2b857745498fdb341b684aa399b05dfffec35501 Author: Chen Wang Date: Mon Aug 5 17:17:40 2024 +0800 mmc: sdhci-of-dwcmshc: move two rk35xx functions This patch just move dwcmshc_rk35xx_init() and dwcmshc_rk35xx_postinit() to put the functions of rk35xx together as much as possible. This change is an intermediate process before further modification. Signed-off-by: Chen Wang Tested-by: Drew Fustini # TH1520 Tested-by: Inochi Amaoto # Duo and Huashan Pi Acked-by: Adrian Hunter Link: https://lore.kernel.org/r/54204702d5febd3e867eb3544c36919fe4140a88.1722847198.git.unicorn_wang@outlook.com Signed-off-by: Ulf Hansson commit 977849b2d46da3ac3e57e46791f2be3eb48df0b6 Author: Chen Wang Date: Mon Aug 5 17:17:21 2024 +0800 mmc: sdhci-of-dwcmshc: add common bulk optional clocks support In addition to the required core clock and optional bus clock, the soc will expand its own clocks, so the bulk clock mechanism is abstracted. Note, I call the bulk clocks as "other clocks" due to the bus clock has been called as "optional". Signed-off-by: Chen Wang Tested-by: Drew Fustini # TH1520 Tested-by: Inochi Amaoto # Duo and Huashan Pi Acked-by: Adrian Hunter Link: https://lore.kernel.org/r/e57e8c51da81f176b49608269a884f840903e78e.1722847198.git.unicorn_wang@outlook.com Signed-off-by: Ulf Hansson commit b6db8f1fb415afd4f7773668c8576ad591ed32eb Author: Lad Prabhakar Date: Wed Jul 24 19:21:19 2024 +0100 mmc: renesas_sdhi: Add RZ/V2H(P) compatible string The SD/MMC block on the RZ/V2H(P) ("R9A09G057") SoC is similar to that of the R-Car Gen3, but it has some differences: - HS400 is not supported. - It has additional SD_STATUS register to control voltage, power enable and reset. - It supports fixed address mode. To accommodate these differences, a SoC-specific 'renesas,sdhi-r9a09g057' compatible string is added. Note for RZ/V2H(P), we are using the `of_rzg2l_compatible` OF data as it already handles no HS400 and fixed address mode support. Since the SDxIOVS and SDxPWEN pins can always be used as GPIO pins on the RZ/V2H(P) SoC, no driver changes are done to control the SD_STATUS register. Signed-off-by: Lad Prabhakar Link: https://lore.kernel.org/r/20240724182119.652080-4-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Ulf Hansson commit a091f510af0b55617b6abf1989837fb8fe86257a Author: Lad Prabhakar Date: Wed Jul 24 19:21:18 2024 +0100 mmc: tmio: Use MMC core APIs to control the vqmmc regulator Use the mmc_regulator_enable_vqmmc() and mmc_regulator_disable_vqmmc() APIs to enable/disable the vqmmc regulator. Signed-off-by: Lad Prabhakar Reviewed-by: Wolfram Sang Reviewed-by: Geert Uytterhoeven Tested-by: Claudiu Beznea # on RZ/G3S Link: https://lore.kernel.org/r/20240724182119.652080-3-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Ulf Hansson commit 24a9ea1c0fdc2cab2dda08e3370880b7d9a3359e Author: Lad Prabhakar Date: Wed Jul 24 19:21:17 2024 +0100 dt-bindings: mmc: renesas,sdhi: Document RZ/V2H(P) support The SD/MMC block on the RZ/V2H(P) ("R9A09G057") SoC is similar to that of the R-Car Gen3, but it has some differences: - HS400 is not supported. - It has additional SD_STATUS register to control voltage, power enable and reset. - It supports fixed address mode. To accommodate these differences, a SoC-specific 'renesas,sdhi-r9a09g057' compatible string is added. Signed-off-by: Lad Prabhakar Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240724182119.652080-2-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Ulf Hansson commit 3af5a1e7be84e0a5d6635dbedb13bd1ce4161414 Author: Doug Brown Date: Sun Jul 14 08:55:11 2024 -0700 mmc: sdhci-pxav2: Remove unnecessary null pointer check There is no need to check for a null mrq->cmd in pxav1_request_done. mmc_request_done already assumes it's not null, and it's always called in this path by every SDHCI driver. This was caught by Smatch. Reported-by: Dan Carpenter Closes: https://lore.kernel.org/all/9ddaef2a-05bb-4fe7-98c5-da40a0813027@stanley.mountain/ Signed-off-by: Doug Brown Acked-by: Adrian Hunter Link: https://lore.kernel.org/r/20240714155510.48880-1-doug@schmorgal.com Signed-off-by: Ulf Hansson commit addc9ecb9ddb3fe77be3979cce021ad07442c1fc Author: Shan-Chun Hung Date: Tue Jul 16 08:45:27 2024 +0800 mmc: sdhci-of-ma35d1: Add Nuvoton MA35D1 SDHCI driver Add the SDHCI driver for the MA35D1 platform. It is based upon the SDHCI interface, but requires some extra initialization. Signed-off-by: Shan-Chun Hung Acked-by: Adrian Hunter Link: https://lore.kernel.org/r/20240716004527.20378-3-shanchun1218@gmail.com Signed-off-by: Ulf Hansson commit db93caa6a4cf467c90ec11c438f776fc37050c00 Author: Shan-Chun Hung Date: Tue Jul 16 08:45:26 2024 +0800 dt-bindings: mmc: nuvoton,ma35d1-sdhci: Document MA35D1 SDHCI controller Add binding for Nuvoton MA35D1 SDHCI controller. Signed-off-by: Shan-Chun Hung Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240716004527.20378-2-shanchun1218@gmail.com Signed-off-by: Ulf Hansson commit b330f148017251810fc1f0c297f51b3039b796e0 Author: Biju Das Date: Thu Aug 22 17:23:15 2024 +0100 drm: renesas: rz-du: Add RZ/G2UL DU Support The LCD controller is composed of Frame Compression Processor (FCPVD), Video Signal Processor (VSPD), and Display Unit (DU). It has DPI interface and supports a maximum resolution of WXGA along with 2 RPFs to support the blending of two picture layers and raster operations (ROPs). The DU module is connected to VSPD. Add RZ/G2UL DU support. Signed-off-by: Biju Das Reviewed-by: Laurent Pinchart Signed-off-by: Tomi Valkeinen Link: https://patchwork.freedesktop.org/patch/msgid/20240822162320.5084-3-biju.das.jz@bp.renesas.com commit 2ef7cb1cea7d56348c8f3d43bf1b891ddd468bb2 Author: Biju Das Date: Thu Aug 22 17:23:14 2024 +0100 dt-bindings: display: renesas,rzg2l-du: Document RZ/G2UL DU bindings Document DU found in RZ/G2UL SoC. The DU block is identical to RZ/G2L SoC, but has only DPI interface. While at it, add missing required property port@1 for RZ/G2L and RZ/V2L SoCs. Currently there is no user for the DPI interface and hence there won't be any ABI breakage for adding port@1 as required property for RZ/G2L and RZ/V2L SoCs. Acked-by: Conor Dooley Reviewed-by: Geert Uytterhoeven Signed-off-by: Biju Das Reviewed-by: Laurent Pinchart Signed-off-by: Tomi Valkeinen Link: https://patchwork.freedesktop.org/patch/msgid/20240822162320.5084-2-biju.das.jz@bp.renesas.com commit 1b5dfd1881dbe303536d4167500b94549ff2f6a7 Author: Lad Prabhakar Date: Tue Jun 25 13:32:44 2024 +0100 drm: renesas: Move RZ/G2L MIPI DSI driver to rz-du All the RZ/G2L DU specific components are located under the rz-du folder, so it makes sense to move the RZ/G2L MIPI DSI driver there instead of keeping it in the rcar-du folder. This change improves the organization and modularity of the driver configuration by grouping related settings together. Signed-off-by: Lad Prabhakar Acked-by: Biju Das Reviewed-by: Laurent Pinchart Signed-off-by: Tomi Valkeinen Link: https://patchwork.freedesktop.org/patch/msgid/20240625123244.200533-1-prabhakar.mahadev-lad.rj@bp.renesas.com commit e794b7b9b92977365c693760a259f8eef940c536 Author: Ma Ke Date: Thu Aug 8 14:13:36 2024 +0800 drm: omapdrm: Add missing check for alloc_ordered_workqueue As it may return NULL pointer and cause NULL pointer dereference. Add check for the return value of alloc_ordered_workqueue. Cc: stable@vger.kernel.org Fixes: 2f95bc6d324a ("drm: omapdrm: Perform initialization/cleanup at probe/remove time") Signed-off-by: Ma Ke Signed-off-by: Tomi Valkeinen Link: https://patchwork.freedesktop.org/patch/msgid/20240808061336.2796729-1-make24@iscas.ac.cn commit 18aaa82bd36ae3d4eaa3f1d1d8cf643e39f151cd Author: Christophe JAILLET Date: Thu Aug 22 09:03:20 2024 +0200 net: netlink: Remove the dump_cb_mutex field from struct netlink_sock Commit 5fbf57a937f4 ("net: netlink: remove the cb_mutex "injection" from netlink core") has removed the usage of the 'dump_cb_mutex' field from the struct netlink_sock. Remove the field itself now. It saves a few bytes in the structure. Signed-off-by: Christophe JAILLET Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit 9b82ec85ebb326d20553220945bad1cc203b8805 Merge: e880754467ddd8 e7a4141f442087 Author: Linus Walleij Date: Mon Aug 26 11:10:45 2024 +0200 Merge branch 'ib-sophgo-pintrl' into devel Immutable branch for the SoC tree, merge to pinctrl devel proper. Signed-off-by: Linus Walleij commit e7a4141f4420879720f9d2c99974e269044c7597 Author: Inochi Amaoto Date: Fri Aug 2 08:35:20 2024 +0800 pinctrl: sophgo: add support for SG2002 SoC Add pin definition driver of SG2002. Signed-off-by: Inochi Amaoto Link: https://lore.kernel.org/IA1PR20MB4953110EF4EAFA65EA2272E3BBB32@IA1PR20MB4953.namprd20.prod.outlook.com Signed-off-by: Linus Walleij commit 5e91a198bccea40a8824be9c8bfd320ac57447e8 Author: Inochi Amaoto Date: Fri Aug 2 08:35:19 2024 +0800 pinctrl: sophgo: add support for SG2000 SoC Add pin definition driver of SG2000. Signed-off-by: Inochi Amaoto Link: https://lore.kernel.org/IA1PR20MB495339CB8E9CB4FCAAE4886BBBB32@IA1PR20MB4953.namprd20.prod.outlook.com Signed-off-by: Linus Walleij commit d359de4c45e4986c95aad7b8b19836cb88372577 Author: Inochi Amaoto Date: Fri Aug 2 08:35:18 2024 +0800 pinctrl: sophgo: add support for CV1812H SoC Add pin definition driver of CV1812H. Signed-off-by: Inochi Amaoto Link: https://lore.kernel.org/IA1PR20MB495355EDA2E04FA3E2794978BBB32@IA1PR20MB4953.namprd20.prod.outlook.com Signed-off-by: Linus Walleij commit a29d8e93e710e97863d5bb4e4b6079d6c7daab81 Author: Inochi Amaoto Date: Fri Aug 2 08:35:17 2024 +0800 pinctrl: sophgo: add support for CV1800B SoC Sophgo CV1800 series SoCs share common control logic but have different register mapping. For maintenance, split the driver and pin definition of the SoC. Add base driver for CV1800 series SoC and pin definition of CV1800B. Signed-off-by: Inochi Amaoto Link: https://lore.kernel.org/IA1PR20MB4953B260E04EC53F6A01EB30BBB32@IA1PR20MB4953.namprd20.prod.outlook.com Signed-off-by: Linus Walleij commit 64aa494de6fa7289ba9d1de4ba331a1aa8ae094f Author: Inochi Amaoto Date: Fri Aug 2 08:35:16 2024 +0800 dt-bindings: pinctrl: Add pinctrl for Sophgo CV1800 series SoC. Add pinctrl support for Sophgo CV1800 series SoC. Signed-off-by: Inochi Amaoto Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/IA1PR20MB4953680DE7977CAD906DBDB4BBB32@IA1PR20MB4953.namprd20.prod.outlook.com Signed-off-by: Linus Walleij commit 6729c73103bd7a0e60b0c980b51b5434010b4502 Author: Jani Nikula Date: Fri Aug 23 17:11:09 2024 +0300 drm/ttm: fix kernel-doc typo for @trylock_only s/tryock_only/trylock_only/ Fixes: da966b82bf3d ("drm/ttm: Provide a generic LRU walker helper") Cc: Thomas Hellström Cc: Christian König Reviewed-by: Christian König Link: https://patchwork.freedesktop.org/patch/msgid/20240823141110.3431423-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit e880754467ddd859e71fac64fc748e1bf4913232 Author: Shen Lichuan Date: Fri Aug 23 18:54:21 2024 +0800 pinctrl: freescale: imx-scmi: Use kmemdup_array instead of kmemdup for multiple allocation Let the kmemdup_array() take care about multiplication and possible overflows. Signed-off-by: Shen Lichuan Reviewed-by: Peng Fan Link: https://lore.kernel.org/20240823105421.50017-1-shenlichuan@vivo.com Signed-off-by: Linus Walleij commit 4836c6cc01a16f1ac2b436550299474ad7183c46 Author: Jani Nikula Date: Thu Aug 22 17:39:46 2024 +0300 drm/i915: remove unused leftover basedie step code The basedie step initialization as well as its last users were removed in commit 326e30e4624c ("drm/i915: Drop dead code for pvc"). Follow through with removing the unused macros and struct member and debug logging. Suggested-by: Matt Roper Reviewed-by: Matt Roper Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240822143946.2526425-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit f7b1633d6467a08ff78744cb519a92fb24ad9a0c Author: Shen Lichuan Date: Mon Aug 26 12:34:54 2024 +0800 ALSA: usb-audio: Use kmemdup_array instead of kmemdup for multiple allocation Let the kmemdup_array() take care about multiplication and possible overflows. Using kmemdup_array() is more appropriate and makes the code easier to audit. Signed-off-by: Shen Lichuan Link: https://patch.msgid.link/20240826043454.3198-1-shenlichuan@vivo.com Signed-off-by: Takashi Iwai commit d0627b201ae4980d8c1c9319b79ca016c5ef154e Merge: ca428f12c8eded f73f63b24491fa Author: Linus Walleij Date: Mon Aug 26 10:31:29 2024 +0200 Merge tag 'renesas-pinctrl-for-v6.12-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-drivers into devel pinctrl: renesas: Updates for v6.12 - Document support for the Renesas RZ/G2M v3.0 (r8a774a3) SoC, - Miscellaneous fixes and improvements. Signed-off-by: Linus Walleij commit 8e54acedff45f40f5e11bf2d9ef7f48dd33b4ef9 Author: Kunwu Chan Date: Fri Aug 23 11:11:28 2024 +0800 bus: mhi: host: make mhi_bus_type const Now that the driver core can properly handle constant struct bus_type, move the mhi_bus_type variable to be a constant structure as well, placing it into read-only memory which can not be modified at runtime. Suggested-by: Greg Kroah-Hartman Signed-off-by: Kunwu Chan Reviewed-by: Manivannan Sadhasivam Link: https://lore.kernel.org/r/20240823031129.49010-1-kunwu.chan@linux.dev Signed-off-by: Manivannan Sadhasivam commit ca428f12c8eded243daeb10e6ff4be6bf4274617 Author: Shen Lichuan Date: Thu Aug 22 12:41:56 2024 +0800 drivers/pinctrl: Switch to use kmemdup_array() Let the kememdup_array() take care about multiplication and possible overflows. Signed-off-by: Shen Lichuan Link: https://lore.kernel.org/20240822044156.2301-1-shenlichuan@vivo.com Signed-off-by: Linus Walleij commit 65112db0c21022cb1caed5a03c6392eaaf984c14 Author: Apoorva Singh Date: Fri Aug 16 13:33:55 2024 +0530 drm/xe: Remove NULL check of lrc->bo in xe_lrc_snapshot_capture() - lrc->bo NULL check is not needed in xe_lrc_snapshot_capture() as its already been taken care of in xe_lrc_init(). Signed-off-by: Apoorva Singh Acked-by: Rodrigo Vivi Reviewed-by: Matthew Brost Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240816080355.897256-1-apoorva.singh@intel.com Signed-off-by: Nirmoy Das commit bfc5ca0fd1ea7aceae0b682fa4bd8079c52f96c8 Author: Fabio Porcedda Date: Tue Aug 20 10:04:39 2024 +0200 bus: mhi: host: pci_generic: Fix the name for the Telit FE990A Add a mhi_pci_dev_info struct specific for the Telit FE990A modem in order to use the correct product name. Cc: stable@vger.kernel.org # 6.1+ Fixes: 0724869ede9c ("bus: mhi: host: pci_generic: add support for Telit FE990 modem") Signed-off-by: Fabio Porcedda Reviewed-by: Manivannan Sadhasivam Link: https://lore.kernel.org/r/20240820080439.837666-1-fabio.porcedda@gmail.com Signed-off-by: Manivannan Sadhasivam commit b90fae5df91744e45e683c17bb1a38e466770df3 Author: Geert Uytterhoeven Date: Mon Jul 29 12:26:33 2024 +0200 m68k: defconfig: Update defconfigs for v6.11-rc1 - Drop CONFIG_CRYPTO_SM2=m (removed in commit 46b3ff73afc815f1 ("crypto: sm2 - Remove sm2 algorithm")), - Drop CONFIG_TEST_USER_COPY=m (replaced by auto-modular CONFIG_USERCOPY_KUNIT_TEST in commit cf6219ee889fb304 ("usercopy: Convert test_user_copy to KUnit test")). Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/bfe0530e290cee9d350f89c4d41436f3de7cb2a5.1722248695.git.geert@linux-m68k.org commit 09b3d870faa7bc3e96c0978ab3cf4e96e4b15571 Author: Finn Thain Date: Sun Aug 11 10:12:29 2024 +1000 m68k: Fix kernel_clone_args.flags in m68k_clone() Stan Johnson recently reported a failure from the 'dump' command: DUMP: Date of this level 0 dump: Fri Aug 9 23:37:15 2024 DUMP: Dumping /dev/sda (an unlisted file system) to /dev/null DUMP: Label: none DUMP: Writing 10 Kilobyte records DUMP: mapping (Pass I) [regular files] DUMP: mapping (Pass II) [directories] DUMP: estimated 3595695 blocks. DUMP: Context save fork fails in parent 671 The dump program uses the clone syscall with the CLONE_IO flag, that is, flags == 0x80000000. When that value is promoted from long int to u64 by m68k_clone(), it undergoes sign-extension. The new value includes CLONE_INTO_CGROUP so the validation in cgroup_css_set_fork() fails and the syscall returns -EBADF. Avoid sign-extension by casting to u32. Reported-by: Stan Johnson Closes: https://lists.debian.org/debian-68k/2024/08/msg00000.html Fixes: 6aabc1facdb2 ("m68k: Implement copy_thread_tls()") Signed-off-by: Finn Thain Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/3463f1e5d4e95468dc9f3368f2b78ffa7b72199b.1723335149.git.fthain@linux-m68k.org Signed-off-by: Geert Uytterhoeven commit 61eb040228ba9a0657937a1e48d6696f66364a55 Author: Thorsten Blum Date: Wed Jul 31 01:45:07 2024 +0200 m68k: cmpxchg: Use swap() to improve code Remove the local variable tmp and use the swap() macro instead. Signed-off-by: Thorsten Blum Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240730234506.492743-2-thorsten.blum@toblux.com Signed-off-by: Geert Uytterhoeven commit e24b0ef20a20cd26a770c66bf87d911838ea00d4 Author: Jani Nikula Date: Fri Aug 23 15:33:18 2024 +0300 drm/i915: remove unnecessary display includes There are a number of leftover #include "display/..." directives that are completely unnecessary. Remove them to make it easier to spot the relevant ones. In one case, switch to a more specific include. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240823123318.3189503-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit a5733950fe35d56a935257995d8093a3b4867f61 Merge: f7d27c1cc83be7 d3681b30214eb5 Author: Georgi Djakov Date: Mon Aug 26 01:36:44 2024 +0300 Merge branch 'icc-sm8350' into icc-next A set of fixes that target stability of the SM8350 platform. * icc-sm8350 interconnect: qcom: sm8350: drop DISP nodes dt-bindings: interconnect: qcom,sm8350: drop DISP nodes interconnect: qcom: sm8250: Enable sync_state Link: https://lore.kernel.org/r/20240804-sm8350-fixes-v1-0-1149dd8399fe@linaro.org/ Signed-off-by: Georgi Djakov commit f7d27c1cc83be7df49ba3a0e117bdedef92b4dec Merge: 0af96a3e954db2 69704bbbc06ed5 Author: Georgi Djakov Date: Mon Aug 26 01:36:14 2024 +0300 Merge branch 'icc-misc' into icc-next This series introduce new ICC drivers for some legacy socs while at it also updates a bit of qcs404 driver which seems to not receive much attention lately. * icc-misc dt-bindings: interconnect: qcom: Add Qualcomm MSM8976 NoC interconnect: qcom: Add MSM8976 interconnect provider driver dt-bindings: interconnect: qcom: Add Qualcomm MSM8937 NoC interconnect: qcom: Add MSM8937 interconnect provider driver interconnect: qcom: qcs404: Mark AP-owned nodes as such interconnect: qcom: qcs404: Add regmaps and more bus descriptions dt-bindings: interconnect: qcom: msm8939: Fix example interconnect: qcom: msm8953: Add ab_coeff dt-bindings: interconnect: qcom: msm8953: Fix 'See also' in description Link: https://lore.kernel.org/all/20240709102728.15349-1-a39.skl@gmail.com/ Signed-off-by: Georgi Djakov commit 0af96a3e954db28421f72747cb14078845c5b816 Author: Georgi Djakov Date: Tue Jul 30 17:10:16 2024 +0300 dt-bindings: interconnect: qcom: Do not require reg for sc8180x virt NoCs The virtual interconnect providers do not have their own IO address space, but this is not documented in the DT schema and the following warnings are reported by dtbs_check: sc8180x-lenovo-flex-5g.dtb: interconnect-camnoc-virt: 'reg' is a required property sc8180x-lenovo-flex-5g.dtb: interconnect-mc-virt: 'reg' is a required property sc8180x-lenovo-flex-5g.dtb: interconnect-qup-virt: 'reg' is a required property sc8180x-primus.dtb: interconnect-camnoc-virt: 'reg' is a required property sc8180x-primus.dtb: interconnect-mc-virt: 'reg' is a required property sc8180x-primus.dtb: interconnect-qup-virt: 'reg' is a required property Fix this by adding them to the list of compatibles that do not require the reg property. Link: https://lore.kernel.org/r/20240730141016.1142608-1-djakov@kernel.org Signed-off-by: Georgi Djakov commit 647eaa8f54ab4b3927880a1187b2b6de05edb05f Author: Tengfei Fan Date: Tue Jul 30 15:16:10 2024 +0800 dt-bindings: interconnect: qcom-bwmon: Document SA8775p bwmon compatibles Document the compatibles used to describe the bwmons present on the SA8775p platform. Signed-off-by: Tengfei Fan Link: https://lore.kernel.org/r/20240730-add_sa8775p_bwmon-v1-1-f4f878da29ae@quicinc.com Signed-off-by: Georgi Djakov commit fe85ee391966c4cf3bfe1c405314e894c951f521 Author: Xin Li (Intel) Date: Thu Aug 22 00:39:06 2024 -0700 x86/entry: Set FRED RSP0 on return to userspace instead of context switch The FRED RSP0 MSR points to the top of the kernel stack for user level event delivery. As this is the task stack it needs to be updated when a task is scheduled in. The update is done at context switch. That means it's also done when switching to kernel threads, which is pointless as those never go out to user space. For KVM threads this means there are two writes to FRED_RSP0 as KVM has to switch to the guest value before VMENTER. Defer the update to the exit to user space path and cache the per CPU FRED_RSP0 value, so redundant writes can be avoided. Provide fred_sync_rsp0() for KVM to keep the cache in sync with the actual MSR value after returning from guest to host mode. [ tglx: Massage change log ] Suggested-by: Sean Christopherson Suggested-by: Thomas Gleixner Signed-off-by: Xin Li (Intel) Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240822073906.2176342-4-xin@zytor.com commit efe508816d2caf83536ff2f308e09043380fb2b7 Author: Andrew Cooper Date: Thu Aug 22 00:39:05 2024 -0700 x86/msr: Switch between WRMSRNS and WRMSR with the alternatives mechanism Per the discussion about FRED MSR writes with WRMSRNS instruction [1], use the alternatives mechanism to choose WRMSRNS when it's available, otherwise fallback to WRMSR. Remove the dependency on X86_FEATURE_WRMSRNS as WRMSRNS is no longer dependent on FRED. [1] https://lore.kernel.org/lkml/15f56e6a-6edd-43d0-8e83-bb6430096514@citrix.com/ Use DS prefix to pad WRMSR instead of a NOP. The prefix is ignored. At least that's the current information from the hardware folks. Signed-off-by: Andrew Cooper Signed-off-by: Xin Li (Intel) Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240822073906.2176342-3-xin@zytor.com commit 0dfac6f267fa091aa348c6a6742b463c9e7c98e3 Author: Xin Li (Intel) Date: Thu Aug 22 00:39:04 2024 -0700 x86/entry: Test ti_work for zero before processing individual bits In most cases, ti_work values passed to arch_exit_to_user_mode_prepare() are zeros, e.g., 99% in kernel build tests. So an obvious optimization is to test ti_work for zero before processing individual bits in it. Omit the optimization when FPU debugging is enabled, otherwise the FPU consistency check is never executed. Intel 0day tests did not find a perfermance regression with this change. Suggested-by: H. Peter Anvin (Intel) Signed-off-by: Xin Li (Intel) Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240822073906.2176342-2-xin@zytor.com commit dc9b5d7e0bd40e68a94013766b27be3dda10c006 Author: Shaoqin Huang Date: Tue Jul 23 03:20:03 2024 -0400 KVM: selftests: aarch64: Add writable test for ID_AA64PFR1_EL1 Add writable test for the ID_AA64PFR1_EL1 register. Signed-off-by: Shaoqin Huang Link: https://lore.kernel.org/r/20240723072004.1470688-5-shahuang@redhat.com Signed-off-by: Marc Zyngier commit 78c4446b5f957fb14737582e503b1b25f66edc45 Author: Shaoqin Huang Date: Tue Jul 23 03:20:02 2024 -0400 KVM: arm64: Allow userspace to change ID_AA64PFR1_EL1 Allow userspace to change the guest-visible value of the register with different way of handling: - Since the RAS and MPAM is not writable in the ID_AA64PFR0_EL1 register, RAS_frac and MPAM_frac are also not writable in the ID_AA64PFR1_EL1 register. - The MTE is controlled by a separate UAPI (KVM_CAP_ARM_MTE) with an internal flag (KVM_ARCH_FLAG_MTE_ENABLED). So it's not writable. - For those fields which KVM doesn't know how to handle, they are not exposed to the guest (being disabled in the register read accessor), those fields value will always be 0. Those fields don't have a known behavior now, so don't advertise them to the userspace. Thus still not writable. Those fields include SME, RNDR_trap, NMI, GCS, THE, DF2, PFAR, MTE_frac, MTEX. - The BT, SSBS, CSV2_frac don't introduce any new registers which KVM doesn't know how to handle, they can be written without ill effect. So let them writable. Besides, we don't do the crosscheck in KVM about the CSV2_frac even if it depends on the value of CSV2, it should be made sure by the VMM instead of KVM. Signed-off-by: Shaoqin Huang Link: https://lore.kernel.org/r/20240723072004.1470688-4-shahuang@redhat.com Signed-off-by: Marc Zyngier commit e8d164974cfa46fe5ec87869c8a7113641f322d5 Author: Shaoqin Huang Date: Tue Jul 23 03:20:01 2024 -0400 KVM: arm64: Use kvm_has_feat() to check if FEAT_SSBS is advertised to the guest Currently KVM use cpus_have_final_cap() to check if FEAT_SSBS is advertised to the guest. But if FEAT_SSBS is writable and isn't advertised to the guest, this is wrong. Update it to use kvm_has_feat() to check if FEAT_SSBS is advertised to the guest, thus the KVM can do the right thing if FEAT_SSBS isn't advertised to the guest. Signed-off-by: Shaoqin Huang Link: https://lore.kernel.org/r/20240723072004.1470688-3-shahuang@redhat.com Signed-off-by: Marc Zyngier commit ffe68b2d19a5a84440fea99a732cfc3b157559eb Author: Shaoqin Huang Date: Tue Jul 23 03:20:00 2024 -0400 KVM: arm64: Disable fields that KVM doesn't know how to handle in ID_AA64PFR1_EL1 For some of the fields in the ID_AA64PFR1_EL1 register, KVM doesn't know how to handle them right now. So explicitly disable them in the register accessor, then those fields value will be masked to 0 even if on the hardware the field value is 1. This is safe because from a UAPI point of view that read_sanitised_ftr_reg() doesn't yet return a nonzero value for any of those fields. This will benifit the migration if the host and VM have different values when restoring a VM. Those fields include RNDR_trap, NMI, MTE_frac, GCS, THE, MTEX, DF2, PFAR. Signed-off-by: Shaoqin Huang Link: https://lore.kernel.org/r/20240723072004.1470688-2-shahuang@redhat.com Signed-off-by: Marc Zyngier commit 6e6efc5fef4a1cdcccca3cffd5b73fd25d093352 Author: Miguel Ojeda Date: Sun Aug 18 16:12:49 2024 +0200 rust: enable rustdoc's `--generate-link-to-definition` In Rust 1.56.0 [1], rustdoc introduced the "jump to definition" feature [2], i.e. the unstable flag `--generate-link-to-definition`. It adds links to the source view of the documentation. For instance, in the source view of `rust/kernel/sync.rs`, for this code: impl Default for LockClassKey { fn default() -> Self { Self::new() } } It will add three hyperlinks: - `Default` points to the rendered "Trait `core::default::Default`" page (not the source view, since it goes to another crate, though this may change). - `LockClassKey` points to the `pub struct LockClassKey(...);` line in the same page, highlighting the line number. - `Self::new()` points to the `pub const fn new() -> Self { ... }` associated function, highlighting its line numbers (i.e. for the full function). This makes the source view more useful and a bit closer to the experience in e.g. the Elixir Cross Referencer [3]. I have provisionally enabled it for rust.docs.kernel.org [4] -- one can take a look at the source view there for an example of how it looks like. Thus enable it. Cc: Guillaume Gomez Link: https://github.com/rust-lang/rust/pull/84176 [1] Link: https://github.com/rust-lang/rust/issues/89095 [2] Link: https://elixir.bootlin.com [3] Link: https://rust.docs.kernel.org [4] Reviewed-by: Gary Guo Link: https://lore.kernel.org/r/20240818141249.387166-1-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit b2bf463ed9a8131ad4e91a11af8c9a4ec84b876a Author: Miguel Ojeda Date: Sun Aug 18 16:12:00 2024 +0200 docs: rust: improve main page introducing a "Code documentation" section Clean the "Rust" main page by introducing a 'Code documentation" section to separate it from the rest of the text above. In addition, introduce the "Rust code documentation" term, which may be clearer than referring to a potentially unknown tool. Furthermore, for the HTML case, homogenize both `rustdoc` and non-`rustdoc` cases and use the term introduced above instead. Then, always generate the pregenerated version part, since now there is a section that is always generated and thus makes sense to do so. Finally, finish the new section with a link to more details about the Rust code documentation. The intention is that: - The non-HTML case mentions the code documentation too, making it more prominent for readers of non-HTML docs. - Both HTML cases read more naturally. - The pregenerated version is always mentioned, since it is likely useful for readers of non-HTML docs. Link: https://lore.kernel.org/r/20240818141200.386899-2-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit 0eef6ec5a8e5bc2d633d6716f2640de8d6b45da7 Author: Miguel Ojeda Date: Sun Aug 18 16:11:59 2024 +0200 docs: rust: link to https://rust.docs.kernel.org The Rust code documentation (i.e. `rustdoc`-generated docs) is now available at: https://rust.docs.kernel.org Thus document it and remove the `TODO` line. The generation uses a particular kernel configuration, based on x86_64, which may get tweaked over time. Older tags, and how they are generated, may also change in the future. We may consider freezing them at some point, but for the moment, the content should not be considered immutable. Thanks Konstantin for the support setting it up! Cc: Konstantin Ryabitsev Acked-by: Konstantin Ryabitsev Link: https://lore.kernel.org/r/20240818141200.386899-1-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit 120443321dfaaab8eb9290af617abcc37734c1e2 Author: Jens Axboe Date: Thu Aug 8 12:54:55 2024 -0600 io_uring/kbuf: shrink nr_iovs/mode in struct buf_sel_arg nr_iovs is capped at 1024, and mode only has a few low values. We can safely make them u16, in preparation for adding a few more members. Signed-off-by: Jens Axboe commit 7ed9e09e2d13d5d43385153bba4734cb0eafd7fd Author: Jens Axboe Date: Thu Jan 4 10:46:30 2024 -0700 io_uring: wire up min batch wake timeout Expose min_wait_usec in io_uring_getevents_arg, replacing the pad member that is currently in there. The value is in usecs, which is explained in the name as well. Note that if min_wait_usec and a normal timeout is used in conjunction, the normal timeout is still relative to the base time. For example, if min_wait_usec is set to 100 and the normal timeout is 1000, the max total time waited is still 1000. This also means that if the normal timeout is shorter than min_wait_usec, then only the min_wait_usec will take effect. See previous commit for an explanation of how this works. IORING_FEAT_MIN_TIMEOUT is added as a feature flag for this, as applications doing submit_and_wait_timeout() style operations will generally not see the -EINVAL from the wait side as they return the number of IOs submitted. Only if no IOs are submitted will the -EINVAL bubble back up to the application. Signed-off-by: Jens Axboe commit 1100c4a2656d444785024cd9b585298729eff136 Author: Jens Axboe Date: Thu Jan 4 10:17:54 2024 -0700 io_uring: add support for batch wait timeout Waiting for events with io_uring has two knobs that can be set: 1) The number of events to wake for 2) The timeout associated with the event Waiting will abort when either of those conditions are met, as expected. This adds support for a third event, which is associated with the number of events to wait for. Applications generally like to handle batches of completions, and right now they'd set a number of events to wait for and the timeout for that. If no events have been received but the timeout triggers, control is returned to the application and it can wait again. However, if the application doesn't have anything to do until events are reaped, then it's possible to make this waiting more efficient. For example, the application may have a latency time of 50 usecs and wanting to handle a batch of 8 requests at the time. If it uses 50 usecs as the timeout, then it'll be doing 20K context switches per second even if nothing is happening. This introduces the notion of min batch wait time. If the min batch wait time expires, then we'll return to userspace if we have any events at all. If none are available, the general wait time is applied. Any request arriving after the min batch wait time will cause waiting to stop and return control to the application. Signed-off-by: Jens Axboe commit cebf123c634ab78d39af94caf0fc9cd2c60d82c3 Author: Jens Axboe Date: Thu Jan 4 08:46:23 2024 -0700 io_uring: implement our own schedule timeout handling In preparation for having two distinct timeouts and avoid waking the task if we don't need to. Signed-off-by: Jens Axboe commit 45a41e74b8f472254c64b42713bad0686350b0c6 Author: Jens Axboe Date: Thu Jan 4 08:02:59 2024 -0700 io_uring: move schedule wait logic into helper In preparation for expanding how we handle waits, move the actual schedule and schedule_timeout() handling into a helper. Signed-off-by: Jens Axboe commit f42b58e44802b0280a452a33fbeb37fee5b6318f Author: Jens Axboe Date: Thu Aug 15 16:13:32 2024 -0600 io_uring: encapsulate extraneous wait flags into a separate struct Rather than need to pass in 2 or 3 separate arguments, add a struct to encapsulate the timeout and sigset_t parts of waiting. In preparation for adding another argument for waiting. Signed-off-by: Jens Axboe commit 2b8e976b984278edbeab3251d370e76d237699f9 Author: Pavel Begunkov Date: Wed Aug 7 15:18:14 2024 +0100 io_uring: user registered clockid for wait timeouts Add a new registration opcode IORING_REGISTER_CLOCK, which allows the user to select which clock id it wants to use with CQ waiting timeouts. It only allows a subset of all posix clocks and currently supports CLOCK_MONOTONIC and CLOCK_BOOTTIME. Suggested-by: Lewis Baker Signed-off-by: Pavel Begunkov Link: https://lore.kernel.org/r/98f2bc8a3c36cdf8f0e6a275245e81e903459703.1723039801.git.asml.silence@gmail.com Signed-off-by: Jens Axboe commit d29cb3726f03cdac7889f0109a7cb84f79e168a8 Author: Pavel Begunkov Date: Wed Aug 7 15:18:13 2024 +0100 io_uring: add absolute mode wait timeouts In addition to current relative timeouts for the waiting loop, where the timespec argument specifies the maximum time it can wait for, add support for the absolute mode, with the value carrying a CLOCK_MONOTONIC absolute time until which we should return control back to the user. Suggested-by: Lewis Baker Signed-off-by: Pavel Begunkov Link: https://lore.kernel.org/r/4d5b74d67ada882590b2e42aa3aa7117bbf6b55f.1723039801.git.asml.silence@gmail.com Signed-off-by: Jens Axboe commit d5cce407e4f59b2e08d03e29d2b3c55deacc1d48 Author: Pavel Begunkov Date: Wed Aug 7 15:18:12 2024 +0100 io_uring/napi: postpone napi timeout adjustment Remove io_napi_adjust_timeout() and move the adjustments out of the common path into __io_napi_busy_loop(). Now the limit it's calculated based on struct io_wait_queue::timeout, for which we query current time another time. The overhead shouldn't be a problem, it's a polling path, however that can be optimised later by additionally saving the delta time value in io_cqring_wait(). Signed-off-by: Pavel Begunkov Link: https://lore.kernel.org/r/88e14686e245b3b42ff90a3c4d70895d48676206.1723039801.git.asml.silence@gmail.com Signed-off-by: Jens Axboe commit 489b80060cf645e958c4755c4b5032f234409f85 Author: Pavel Begunkov Date: Wed Aug 7 15:18:11 2024 +0100 io_uring/napi: refactor __io_napi_busy_loop() we don't need to set ->napi_prefer_busy_poll if we're not going to poll, do the checks first and all polling preparation after. Signed-off-by: Pavel Begunkov Link: https://lore.kernel.org/r/2ad7ede8cc7905328fc62e8c3805fdb11635ae0b.1723039801.git.asml.silence@gmail.com Signed-off-by: Jens Axboe commit a69307a55454060b5795e68d249157f2961049c2 Author: Jens Axboe Date: Fri Aug 9 10:39:38 2024 -0600 io_uring/kbuf: turn io_buffer_list booleans into flags We could just move these two and save some space, but in preparation for adding another flag, turn them into flags first. This saves 8 bytes in struct io_buffer_list, making it exactly half a cacheline on 64-bit archs now rather than 40 bytes. Signed-off-by: Jens Axboe commit 566a424212d79b90e3a8fe6b5c7bd8f69174105c Author: Jens Axboe Date: Thu Aug 8 10:42:18 2024 -0600 io_uring/net: use ITER_UBUF for single segment send maps Just like what is being done on the recv side, if we only map a single segment, then use ITER_UBUF for mapping it. That's more efficient than using an ITER_IOVEC. Signed-off-by: Jens Axboe commit 03e02e8f95fee0f45124976993ed2121e2369a12 Author: Jens Axboe Date: Thu Aug 8 10:33:16 2024 -0600 io_uring/kbuf: use 'bl' directly rather than req->buf_list req->buf_list is assigned higher up and is safe to use as we remain within a locked region, as is the 'bl' variable itself from which it was assigned. To improve readability, use 'bl' directly rather than get it from the io_kiocb, if we need to increment the head directly in the buffer selection path. This makes it readily apparent that it's the same io_buffer_list being used. Signed-off-by: Jens Axboe commit 7255cd894539a96fefab9180185d268647c7341b Author: Olivier Langlois Date: Tue Jul 30 16:56:06 2024 -0400 io_uring: micro optimization of __io_sq_thread() condition reverse the order of the element evaluation in an if statement. for many users that are not using iopoll, the iopoll_list will always evaluate to false after having made a memory access whereas to_submit is very likely already loaded in a register. Signed-off-by: Olivier Langlois Reviewed-by: Pavel Begunkov Link: https://lore.kernel.org/r/052ca60b5c49e7439e4b8bd33bfab4a09d36d3d6.1722374371.git.olivier@trillion01.com Signed-off-by: Jens Axboe commit a8edbb424b1391b077407c75d8f5d2ede77aa70d Author: Chenliang Li Date: Wed Jul 31 17:01:33 2024 +0800 io_uring/rsrc: enable multi-hugepage buffer coalescing Add support for checking and coalescing multi-hugepage-backed fixed buffers. The coalescing optimizes both time and space consumption caused by mapping and storing multi-hugepage fixed buffers. A coalescable multi-hugepage buffer should fully cover its folios (except potentially the first and last one), and these folios should have the same size. These requirements are for easier processing later, also we need same size'd chunks in io_import_fixed for fast iov_iter adjust. Signed-off-by: Chenliang Li Reviewed-by: Pavel Begunkov Link: https://lore.kernel.org/r/20240731090133.4106-3-cliang01.li@samsung.com Signed-off-by: Jens Axboe commit 3d6106aee4732a01a275c59ec94d05302d931c4b Author: Chenliang Li Date: Wed Jul 31 17:01:32 2024 +0800 io_uring/rsrc: store folio shift and mask into imu Store the folio shift and folio mask into imu struct and use it in iov_iter adjust, as we will have non PAGE_SIZE'd chunks if a multi-hugepage buffer get coalesced. Signed-off-by: Chenliang Li Reviewed-by: Anuj Gupta Reviewed-by: Pavel Begunkov Link: https://lore.kernel.org/r/20240731090133.4106-2-cliang01.li@samsung.com Signed-off-by: Jens Axboe commit d843634a95a66237f88fa6affa9203c9ee503244 Author: Olivier Langlois Date: Mon Jul 29 18:38:33 2024 -0400 io_uring: add napi busy settings to the fdinfo output This info may be useful when attempting to debug a problem involving a ring using the NAPI feature. Here is an example of the output: ip-172-31-39-89 /proc/772/fdinfo # cat 14 pos: 0 flags: 02000002 mnt_id: 16 ino: 10243 SqMask: 0xff SqHead: 633 SqTail: 633 CachedSqHead: 633 CqMask: 0x3fff CqHead: 430250 CqTail: 430250 CachedCqTail: 430250 SQEs: 0 CQEs: 0 SqThread: 885 SqThreadCpu: 0 SqTotalTime: 52793826 SqWorkTime: 3590465 UserFiles: 0 UserBufs: 0 PollList: op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=6, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=6, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 op=10, task_works=0 CqOverflowList: NAPI: enabled napi_busy_poll_to: 1 napi_prefer_busy_poll: true Signed-off-by: Olivier Langlois Reviewed-by: Pavel Begunkov Link: https://lore.kernel.org/r/bb184f8b62703ddd3e6e19eae7ab6c67b97e1e10.1722293317.git.olivier@trillion01.com Signed-off-by: Jens Axboe commit 723edbd2ca5fb4c78ac4a5644511c63895fd1c57 Author: Xin Li (Intel) Date: Fri Aug 16 03:43:16 2024 -0700 x86/fred: Set SS to __KERNEL_DS when enabling FRED SS is initialized to NULL during boot time and not explicitly set to __KERNEL_DS. With FRED enabled, if a kernel event is delivered before a CPU goes to user level for the first time, its SS is NULL thus NULL is pushed into the SS field of the FRED stack frame. But before ERETS is executed, the CPU may context switch to another task and go to user level. Then when the CPU comes back to kernel mode, SS is changed to __KERNEL_DS. Later when ERETS is executed to return from the kernel event handler, a #GP fault is generated because SS doesn't match the SS saved in the FRED stack frame. Initialize SS to __KERNEL_DS when enabling FRED to prevent that. Note, IRET doesn't check if SS matches the SS saved in its stack frame, thus IDT doesn't have this problem. For IDT it doesn't matter whether SS is set to __KERNEL_DS or not, because it's set to NULL upon interrupt or exception delivery and __KERNEL_DS upon SYSCALL. Thus it's pointless to initialize SS for IDT. Signed-off-by: Xin Li (Intel) Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240816104316.2276968-1-xin@zytor.com commit 0f70fdd42559b4eed8f74bf7389656a8ae3eb5c3 Author: Richard Gong Date: Mon Aug 19 07:30:41 2024 -0500 x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h-70h Add new PCI IDs for Device 18h and Function 4 to enable the amd_atl driver on those systems. Signed-off-by: Richard Gong Signed-off-by: Thomas Gleixner Reviewed-by: Yazen Ghannam Link: https://lore.kernel.org/all/20240819123041.915734-1-richard.gong@amd.com commit cc5e03f3be3154f860c9d08b2ac8c139863e1515 Author: Yue Haibing Date: Fri Aug 16 18:22:19 2024 +0800 x86/extable: Remove unused declaration fixup_bug() Commit 15a416e8aaa7 ("x86/entry: Treat BUG/WARN as NMI-like entries") removed the implementation but left the declaration. Signed-off-by: Yue Haibing Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240816102219.883297-1-yuehaibing@huawei.com commit b51207dc02ec3aeaa849e419f79055d7334845b6 Author: Uros Bizjak Date: Mon Aug 19 10:33:13 2024 +0200 x86/boot/64: Strip percpu address space when setting up GDT descriptors init_per_cpu_var() returns a pointer in the percpu address space while rip_rel_ptr() expects a pointer in the generic address space. When strict address space checks are enabled, GCC's named address space checks fail: asm.h:124:63: error: passing argument 1 of 'rip_rel_ptr' from pointer to non-enclosed address space Add a explicit cast to remove address space of the returned pointer. Fixes: 11e36b0f7c21 ("x86/boot/64: Load the final kernel GDT during early boot directly, remove startup_gdt[]") Signed-off-by: Uros Bizjak Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240819083334.148536-1-ubizjak@gmail.com commit 96fff2dc2954dcaf7affe7da212aba3f5107d06d Author: Kartik Prajapati Date: Wed Aug 21 19:58:58 2024 +0000 rust: types: add `ARef::into_raw` Add a method for `ARef` that is analogous to `Arc::into_raw`. It is the inverse operation of `ARef::from_raw`, and allows you to convert the `ARef` back into a raw pointer while retaining ownership of the refcount. This new function will be used by [1] for converting the type in an `ARef` using `ARef::from_raw(ARef::into_raw(me).cast())`. Alice has also needed the same function for other use-cases in the past, but [1] is the first to go upstream. This was implemented independently by Kartik and Alice. The two versions were merged by Alice, so all mistakes are Alice's. Link: https://lore.kernel.org/r/20240801-vma-v3-1-db6c1c0afda9@google.com [1] Link: https://github.com/Rust-for-Linux/linux/issues/1044 Signed-off-by: Kartik Prajapati Co-developed-by: Alice Ryhl Signed-off-by: Alice Ryhl Reviewed-by: Benno Lossin [ Reworded to correct the author reference and changed tag to Link since it is not a bug. - Miguel ] Signed-off-by: Miguel Ojeda commit c73051168e7fc0c78e58791097cbc3a3ec95839e Author: Michael Vetter Date: Tue Aug 20 09:26:43 2024 +0200 rust: kernel: use docs.kernel.org links in code documentation Use links to docs.kernel.org instead of www.kernel.org/doc/html/latest in the code documentation. The links are shorter and cleaner. Link: https://github.com/Rust-for-Linux/linux/issues/1101 Signed-off-by: Michael Vetter [ Reworded slightly. - Miguel ] Signed-off-by: Miguel Ojeda commit 7678a53a1688e3d03337ca884b284c6e7b060ec5 Author: WangYuli Date: Sun Aug 25 18:46:53 2024 +0800 x86/cpu: Clarify the error message when BIOS does not support SGX When SGX is not supported by the BIOS, the kernel log contains the error 'SGX disabled by BIOS', which can be confusing since there might not be an SGX-related option in the BIOS settings. For the kernel it's difficult to distinguish between the BIOS not supporting SGX and the BIOS supporting SGX but having it disabled. Therefore, update the error message to 'SGX disabled or unsupported by BIOS' to make it easier for those reading kernel logs to understand what's happening. Reported-by: Bo Wu Co-developed-by: Zelong Xiang Signed-off-by: Zelong Xiang Signed-off-by: WangYuli Signed-off-by: Thomas Gleixner Acked-by: Kai Huang Link: https://lore.kernel.org/all/F8D977CB368423F3+20240825104653.1294624-1-wangyuli@uniontech.com Closes: https://github.com/linuxdeepin/developer-center/issues/10032 commit ea49cdb26e7cffc261ceb1db26707e6d337fa104 Author: Kai Huang Date: Sun Aug 25 20:18:06 2024 +1200 x86/kexec: Add comments around swap_pages() assembly to improve readability The current assembly around swap_pages() in the relocate_kernel() takes some time to follow because the use of registers can be easily lost when the line of assembly goes long. Add a couple of comments to clarify the code around swap_pages() to improve readability. Signed-off-by: Kai Huang Signed-off-by: Thomas Gleixner Acked-by: Kirill A. Shutemov Link: https://lore.kernel.org/all/8b52b0b8513a34b2a02fb4abb05c6700c2821475.1724573384.git.kai.huang@intel.com commit 3c41ad39f179c0e41f585975eb6834cd14f286ec Author: Kai Huang Date: Sun Aug 25 20:18:05 2024 +1200 x86/kexec: Fix a comment of swap_pages() assembly When relocate_kernel() gets called, %rdi holds 'indirection_page' and %rsi holds 'page_list'. And %rdi always holds 'indirection_page' when swap_pages() is called. Therefore the comment of the first line code of swap_pages() movq %rdi, %rcx /* Put the page_list in %rcx */ .. isn't correct because it actually moves the 'indirection_page' to the %rcx. Fix it. Signed-off-by: Kai Huang Signed-off-by: Thomas Gleixner Acked-by: Kirill A. Shutemov Link: https://lore.kernel.org/all/adafdfb1421c88efce04420fc9a996c0e2ca1b34.1724573384.git.kai.huang@intel.com commit c6e6a3c1698a86bacf7eac256b0f1215a3616dc7 Author: Kai Huang Date: Sun Aug 25 20:06:49 2024 +1200 x86/sgx: Fix a W=1 build warning in function comment Building the SGX code with W=1 generates below warning: arch/x86/kernel/cpu/sgx/main.c:741: warning: Function parameter or struct member 'low' not described in 'sgx_calc_section_metric' arch/x86/kernel/cpu/sgx/main.c:741: warning: Function parameter or struct member 'high' not described in 'sgx_calc_section_metric' ... The function sgx_calc_section_metric() is a simple helper which is only used in sgx/main.c. There's no need to use kernel-doc style comment for it. Downgrade to a normal comment. Signed-off-by: Kai Huang Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240825080649.145250-1-kai.huang@intel.com commit 80a4da05642c384bc6f5b602b865ebd7e3963902 Author: Maciej W. Rozycki Date: Sat Aug 24 23:17:10 2024 +0100 x86/EISA: Use memremap() to probe for the EISA BIOS signature The area at the 0x0FFFD9 physical location in the PC memory space is regular memory, traditionally ROM BIOS and more recently a copy of BIOS code and data in RAM, write-protected. Therefore use memremap() to get access to it rather than ioremap(), avoiding issues in virtualization scenarios and complementing changes such as commit f7750a795687 ("x86, mpparse, x86/acpi, x86/PCI, x86/dmi, SFI: Use memremap() for RAM mappings") or commit 5997efb96756 ("x86/boot: Use memremap() to map the MPF and MPC data"). Reported-by: Kirill A. Shutemov Signed-off-by: Maciej W. Rozycki Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/alpine.DEB.2.21.2408242025210.30766@angie.orcam.me.uk Closes: https://lore.kernel.org/r/20240822095122.736522-1-kirill.shutemov@linux.intel.com commit 741fc1d788c0aff3022249e561fd489c7adaded3 Author: Gaosheng Cui Date: Sat Aug 24 20:02:34 2024 +0800 x86/mtrr: Remove obsolete declaration for mtrr_bp_restore() mtrr_bp_restore() has been removed in commit 0b9a6a8bedbf ("x86/mtrr: Add a stop_machine() handler calling only cache_cpu_init()"), but the declaration was left behind. Remove it. Signed-off-by: Gaosheng Cui Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240824120234.2516830-1-cuigaosheng1@huawei.com commit decb9ac4a9739c16e228f7b2918bfdca34cc89a9 Author: Nathan Chancellor Date: Thu Aug 22 17:18:08 2024 -0700 x86/cpu_entry_area: Annotate percpu_setup_exception_stacks() as __init After a recent LLVM change that deduces __cold on functions that only call cold code (such as __init functions), there is a section mismatch warning from percpu_setup_exception_stacks(), which got moved to .text.unlikely. as a result of that optimization: WARNING: modpost: vmlinux: section mismatch in reference: percpu_setup_exception_stacks+0x3a (section: .text.unlikely.) -> cea_map_percpu_pages (section: .init.text) Drop the inline keyword, which does not guarantee inlining, and replace it with __init, as percpu_setup_exception_stacks() is only called from __init code, which clears up the warning. Signed-off-by: Nathan Chancellor Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240822-x86-percpu_setup_exception_stacks-init-v1-1-57c5921b8209@kernel.org commit fc88bb11617978fb3fcfcc697fd5c9d2dae9c4a3 Author: Amit Sunil Dhamne Date: Thu Aug 22 15:37:15 2024 -0700 usb: roles: add lockdep class key to struct usb_role_switch There can be multiple role switch devices running on a platform. Given that lockdep is not capable of differentiating between locks of different instances, false positive warnings for circular locking are reported. To prevent this, register unique lockdep key for each of the individual instances. Signed-off-by: Amit Sunil Dhamne Reviewed-by: Badhri Jagan Sridharan Link: https://lore.kernel.org/r/20240822223717.253433-1-amitsd@google.com Signed-off-by: Greg Kroah-Hartman commit 4333dbd9798d470d0c81608bb44bb7c8fd7f7948 Author: Liao Chen Date: Thu Aug 22 13:01:13 2024 +0000 usb: ehci-brcm: fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Acked-by: Florian Fainelli Link: https://lore.kernel.org/r/20240822130113.164644-5-liaochen4@huawei.com Signed-off-by: Greg Kroah-Hartman commit 15a34e5d4b23ce500d8de8ac8e084c417a500255 Author: Liao Chen Date: Thu Aug 22 13:01:12 2024 +0000 usb: typec: fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Link: https://lore.kernel.org/r/20240822130113.164644-4-liaochen4@huawei.com Signed-off-by: Greg Kroah-Hartman commit 62cadfb51852bf691e9cfa0bf0a8426c3b922e18 Author: Liao Chen Date: Thu Aug 22 13:01:11 2024 +0000 usb: misc: brcmstb-usb-pinmap: fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Acked-by: Florian Fainelli Link: https://lore.kernel.org/r/20240822130113.164644-3-liaochen4@huawei.com Signed-off-by: Greg Kroah-Hartman commit 3df1b090a437596bb5ca90f5e6ed8648d485af29 Author: Liao Chen Date: Thu Aug 22 13:01:10 2024 +0000 usb: phy: phy-gpio-vbus-usb: fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Link: https://lore.kernel.org/r/20240822130113.164644-2-liaochen4@huawei.com Signed-off-by: Greg Kroah-Hartman commit ff390189b7f2cfa20c644bc58b4462b5e2621838 Author: Rong Qianfeng Date: Wed Aug 21 11:25:57 2024 +0800 memory: mtk-smi: Use devm_clk_get_enabled() Replace devm_clk_get() and clk_prepare_enable() with devm_clk_get_enabled() in .probe(). Fix the bug of missing clk_disable_unprepare() in .remove() by using devm_clk_get_enabled() that can disables and unprepares it automatically on driver detach. Fixes: 3c8f4ad85c4b ("memory/mediatek: add support for mt2701") Cc: honghui.zhang@mediatek.com Signed-off-by: Rong Qianfeng Reviewed-by: Yong Wu Link: https://lore.kernel.org/r/20240821032558.43052-1-rongqianfeng@vivo.com Signed-off-by: Krzysztof Kozlowski commit ce536578e5652ec4da10ec69436d2ae2548bd619 Author: Krzysztof Kozlowski Date: Fri Aug 23 12:16:02 2024 +0200 memory: pl353-smc: simplify with devm_clk_get_enabled() Use devm_clk_get_enabled() to drop clock prepare/unprepare parts and make code simpler. Reviewed-by: Miquel Raynal Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240823-b4-cleanup-h-guard-v1-7-01668915bd55@linaro.org Signed-off-by: Krzysztof Kozlowski commit 49ee2e842a40dec16ed4933bf2cd993c709f12a3 Author: Krzysztof Kozlowski Date: Fri Aug 23 12:16:01 2024 +0200 memory: pl353-smc: simplify with dev_err_probe() Use dev_err_probe() to avoid dmesg flood on actual defer. This makes the code also simpler. Reviewed-by: Miquel Raynal Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240823-b4-cleanup-h-guard-v1-6-01668915bd55@linaro.org Signed-off-by: Krzysztof Kozlowski commit 610395de8496c34919f827dd194bf41af20c2bca Author: Krzysztof Kozlowski Date: Fri Aug 23 12:16:00 2024 +0200 memory: pl172: simplify with devm_clk_get_enabled() Use devm_clk_get_enabled() to drop clock prepare/unprepare parts and make code simpler. Change to dev_err_probe() in handling clk_get_rate() error to make it even simpler. Reviewed-by: Jonathan Cameron Reviewed-by: Vladimir Zapolskiy Link: https://lore.kernel.org/r/20240823-b4-cleanup-h-guard-v1-5-01668915bd55@linaro.org Signed-off-by: Krzysztof Kozlowski commit 8f3cb397cbc1e3b18081738af87171f960bd112e Author: Krzysztof Kozlowski Date: Fri Aug 23 12:15:59 2024 +0200 memory: pl172: simplify with dev_err_probe() Use dev_err_probe() to avoid dmesg flood on actual defer. This makes the code also simpler. Reviewed-by: Jonathan Cameron Reviewed-by: Vladimir Zapolskiy Link: https://lore.kernel.org/r/20240823-b4-cleanup-h-guard-v1-4-01668915bd55@linaro.org Signed-off-by: Krzysztof Kozlowski commit c93ad423edd8a42a6666241595043f9193469f9e Author: Krzysztof Kozlowski Date: Fri Aug 23 12:15:58 2024 +0200 memory: omap-gpmc: simplify locking with guard() Simplify error handling (less gotos) over locks with guard(). Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240823-b4-cleanup-h-guard-v1-3-01668915bd55@linaro.org Signed-off-by: Krzysztof Kozlowski commit f1619986d7e996eb6e53c7fe8ab32e66b17e1cf1 Author: Krzysztof Kozlowski Date: Fri Aug 23 12:15:57 2024 +0200 memory: emif: simplify locking with guard() Simplify error handling (less gotos) over locks with guard(). The driver used file-scope variable 'irq_state' for storing IRQ state with spin_lock_irqsave, so move it into respective local scopes. This should be equivalent, but more readable (less global variables). Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240823-b4-cleanup-h-guard-v1-2-01668915bd55@linaro.org Signed-off-by: Krzysztof Kozlowski commit 99602b4d30359f971247f8438afac57cbd1832f0 Author: Krzysztof Kozlowski Date: Fri Aug 23 12:15:56 2024 +0200 memory: emif: drop unused 'irq_state' member Driver does not use 'emif_data.irq_state'. Link: https://lore.kernel.org/r/20240823-b4-cleanup-h-guard-v1-1-01668915bd55@linaro.org Signed-off-by: Krzysztof Kozlowski commit c7d2f3fbdf59b206414ddc306b0fb74cd174c0ed Author: Bartosz Golaszewski Date: Sat Aug 24 10:02:35 2024 +0200 memory: ti-aemif: Revert "memory: ti-aemif: don't needlessly iterate over child nodes" This reverts commit 23a641d5c2bce4c723fff9118a5d865ee6b9d05a. The first-level children of the aemif node are not the device nodes (ones containing the 'compatible' property) but the chip-select nodes which instead have their own children. of_platform_populate() will skip such nodes so we must indeed iterate over the direct children of the aemif node. The problem here is that we never call of_platform_depopulate() as it takes the root device as argument. We only have an unpopulated chip-select nodes so we will leak these devices if any of the calls to of_platform_populate() fails. I don't have a batter idea right now but my patch was not correct so we need to revert it. While at it: at least use the scoped variant of the OF node iterator. Down the line, we should find a better solution to fix this potential resource leak in error path. Signed-off-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240824080235.56472-1-brgl@bgdev.pl Fixes: 23a641d5c2bc ("memory: ti-aemif: don't needlessly iterate over child nodes") Signed-off-by: Krzysztof Kozlowski commit ea2e2ea551abf0ce8350f82e8cd431b7f8a1e5e9 Author: Luca Weiss Date: Fri Apr 12 16:19:50 2024 +0200 media: dt-bindings: qcom,sc7280-venus: Allow one IOMMU entry Some SC7280-based boards crash when providing the "secure_non_pixel" context bank, so allow only one iommu in the bindings also. Acked-by: Krzysztof Kozlowski Signed-off-by: Luca Weiss Signed-off-by: Stanimir Varbanov Signed-off-by: Hans Verkuil commit 7ce555252c711f7520be42abba5c7401b3b68456 Author: Lu Baolu Date: Mon Aug 12 15:21:05 2024 +0800 media: venus: firmware: Use iommu_paging_domain_alloc() An iommu domain is allocated in venus_firmware_init() and is attached to core->fw.dev in the same function. Use iommu_paging_domain_alloc() to make it explicit. Signed-off-by: Lu Baolu Reviewed-by: Jason Gunthorpe Link: https://lore.kernel.org/r/20240610085555.88197-10-baolu.lu@linux.intel.com Signed-off-by: Stanimir Varbanov Signed-off-by: Hans Verkuil commit 909dc5ac4fd7689346efe9789f1b0dbef6b58678 Author: Ricardo Ribalda Date: Wed Aug 14 11:39:30 2024 +0000 media: venus: Convert one-element-arrays to flex-arrays This structures are not used, and have a single element array at the end of them. This fix the following cocci warnings: drivers/media/platform/qcom/venus/hfi_helper.h:764:5-15: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) drivers/media/platform/qcom/venus/hfi_helper.h:1041:5-15: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) drivers/media/platform/qcom/venus/hfi_helper.h:1088:39-51: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) drivers/media/platform/qcom/venus/hfi_helper.h:1093:5-22: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) drivers/media/platform/qcom/venus/hfi_helper.h:1144:4-8: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) drivers/media/platform/qcom/venus/hfi_helper.h:1239:4-8: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) drivers/media/platform/qcom/venus/hfi_helper.h:1272:4-13: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) drivers/media/platform/qcom/venus/hfi_cmds.h:85:5-16: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) drivers/media/platform/qcom/venus/hfi_cmds.h:180:5-9: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) drivers/media/platform/qcom/venus/hfi_cmds.h:189:5-9: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) Signed-off-by: Ricardo Ribalda Signed-off-by: Stanimir Varbanov Signed-off-by: Hans Verkuil commit a539fb1a894ea35ec8372cb0d8fe052d9a3bdfaa Author: Ricardo Ribalda Date: Wed Aug 14 11:39:29 2024 +0000 media: venus: Refactor hfi_buffer_alloc_mode_supported Replace the old style single element array at the end of the struct with a flex array. The code does not allocate this structure, so the size change should not be a problem. This fixes the following cocci warning: drivers/media/platform/qcom/venus/hfi_helper.h:1233:5-9: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) Signed-off-by: Ricardo Ribalda Acked-by: Vikash Garodia Signed-off-by: Stanimir Varbanov Signed-off-by: Hans Verkuil commit 87210c8052aec86955d613df9af8198b9c7c2cef Author: Ricardo Ribalda Date: Wed Aug 14 11:39:28 2024 +0000 media: venus: Refactor hfi_session_fill_buffer_pkt The single data array data[1] is only used to save the extradata_size. Replace it with a single element field. This fixes the following cocci warning: drivers/media/platform/qcom/venus/hfi_cmds.h:175:5-9: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) Signed-off-by: Ricardo Ribalda Reviewed-by: Bryan O'Donoghue Acked-by: Vikash Garodia Signed-off-by: Stanimir Varbanov Signed-off-by: Hans Verkuil commit d604a7bfd0f866cea85d295060c5dd853c421939 Author: Ricardo Ribalda Date: Wed Aug 14 11:39:27 2024 +0000 media: venus: Refactor hfi_sys_get_property_pkt Replace a single length element array with an element. This fixes the following cocci warning: drivers/media/platform/qcom/venus/hfi_cmds.h:77:5-9: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) Signed-off-by: Ricardo Ribalda Acked-by: Vikash Garodia Signed-off-by: Stanimir Varbanov Signed-off-by: Hans Verkuil commit fd694882754148274942b45a8113f461816730fb Author: Ricardo Ribalda Date: Wed Aug 14 11:39:26 2024 +0000 media: venus: Refactor hfi_session_empty_buffer_compressed_pkt The single element array data[1] is never used. Replace it with a padding field of the same size. This fixes the following cocci warning: drivers/media/platform/qcom/venus/hfi_cmds.h:146:5-9: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) Signed-off-by: Ricardo Ribalda Reviewed-by: Bryan O'Donoghue Acked-by: Vikash Garodia Signed-off-by: Stanimir Varbanov Signed-off-by: Hans Verkuil commit 3a5fde16fc2f06109eba04fcc6f3f1b25cd7fee5 Author: Ricardo Ribalda Date: Wed Aug 14 11:39:25 2024 +0000 media: venus: Refactor hfi_session_empty_buffer_uncompressed_plane0_pkt The single element array data[1] is never used. Replace it with a padding field of the same size. This fixes the following cocci error: drivers/media/platform/qcom/venus/hfi_cmds.h:163:5-9: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) Signed-off-by: Ricardo Ribalda Acked-by: Vikash Garodia Signed-off-by: Stanimir Varbanov Signed-off-by: Hans Verkuil commit 4aed1c43954d81dcfefca41a3b13a3ef4aa2cdb9 Author: Ricardo Ribalda Date: Wed Aug 14 11:39:24 2024 +0000 media: venus: Refactor struct hfi_uncompressed_format_supported plane_info is not a typical array, the data is not contiguous: pinfo = (void *)pinfo + sizeof(*constr) * num_planes + 2 * sizeof(u32); Replace the single element array with a single element field. This fixes the following cocci warning: drivers/media/platform/qcom/venus/hfi_helper.h:1009:36-46: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) Signed-off-by: Ricardo Ribalda Reviewed-by: Bryan O'Donoghue Acked-by: Vikash Garodia Signed-off-by: Stanimir Varbanov Signed-off-by: Hans Verkuil commit 886115c43e7d17fbc704b1cccf9315b9ae844e39 Author: Ricardo Ribalda Date: Wed Aug 14 11:39:23 2024 +0000 media: venus: Refactor struct hfi_session_get_property_pkt The struct hfi_session_get_property_pkt is always used to fetch a single property. Make that explicit in the code and avoid a single element array at the end of the struct. This change fixes the following cocci warning: drivers/media/platform/qcom/venus/hfi_cmds.h:194:5-9: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) Signed-off-by: Ricardo Ribalda Reviewed-by: Bryan O'Donoghue Acked-by: Vikash Garodia Signed-off-by: Stanimir Varbanov Signed-off-by: Hans Verkuil commit 46b63be830cae306e019447eeb0425cc627e6b88 Author: Ricardo Ribalda Date: Wed Aug 14 11:39:22 2024 +0000 media: venus: Refactor struct hfi_uncompressed_plane_info This field is never used, but if we remove it we would change the size of the struct and can lead to behavior change. Stay on the safe side by replacing the single element array with a single element field. This fixes the following cocci warning: drivers/media/platform/qcom/venus/hfi_helper.h:1003:43-60: WARNING use flexible-array member instead (https://www.kernel.org/doc/html/latest/process/deprecated.html#zero-length-and-one-element-arrays) Signed-off-by: Ricardo Ribalda Reviewed-by: Bryan O'Donoghue Acked-by: Vikash Garodia Signed-off-by: Stanimir Varbanov Signed-off-by: Hans Verkuil commit cd7a060df5b7b03966af0f3474571bf85fadafaf Author: Christophe JAILLET Date: Sun Jun 2 16:27:34 2024 +0200 media: venus: Constify struct dec_bufsize_ops and enc_bufsize_ops "struct dec_bufsize_ops and "struct enc_bufsize_ops" are not modified in this driver. Constifying these structures moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: text data bss dec hex filename 12494 822 0 13316 3404 drivers/media/platform/qcom/venus/hfi_plat_bufs_v6.o After: text data bss dec hex filename 12766 566 0 13332 3414 drivers/media/platform/qcom/venus/hfi_plat_bufs_v6.o Signed-off-by: Christophe JAILLET Reviewed-by: Bryan O'Donoghue Signed-off-by: Stanimir Varbanov Signed-off-by: Hans Verkuil commit c5a85ed88e043474161bbfe54002c89c1cb50ee2 Author: Zheng Wang Date: Tue Jun 18 14:55:59 2024 +0530 media: venus: fix use after free bug in venus_remove due to race condition in venus_probe, core->work is bound with venus_sys_error_handler, which is used to handle error. The code use core->sys_err_done to make sync work. The core->work is started in venus_event_notify. If we call venus_remove, there might be an unfished work. The possible sequence is as follows: CPU0 CPU1 |venus_sys_error_handler venus_remove | hfi_destroy | venus_hfi_destroy | kfree(hdev); | |hfi_reinit |venus_hfi_queues_reinit |//use hdev Fix it by canceling the work in venus_remove. Cc: stable@vger.kernel.org Fixes: af2c3834c8ca ("[media] media: venus: adding core part and helper functions") Signed-off-by: Zheng Wang Signed-off-by: Dikshita Agarwal Signed-off-by: Stanimir Varbanov Signed-off-by: Hans Verkuil commit f579c748ffe02a9a335ed3a254e2b44b54f0cf7c Author: Alexander Stein Date: Fri Jun 21 12:50:23 2024 +0200 media: verisilicon: Move Rockchip AV1 hardware drivers to the corresponding option There is no need to compile the Rockchip specific AV1 drivers if CONFIG_VIDEO_HANTRO_ROCKCHIP is not set. All the driver functions are only referenced by rockchip_vpu_hw.c which is already under this option. Fixes: 727a400686a2 ("media: verisilicon: Add Rockchip AV1 decoder") Fixes: d8ebe59e7b36 ("media: verisilicon: Add film grain feature to AV1 driver") Fixes: c0d0e579db4e ("media: verisilicon: Add AV1 entropy helpers") Signed-off-by: Alexander Stein Reviewed-by: Nicolas Dufresne Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 3e5111c51b8ae0022dc73821914bf198538e439f Author: Alexander Stein Date: Fri Jun 21 12:50:22 2024 +0200 media: verisilicon: Move Rockchip hardware drivers to the corresponding option There is no need to compile the Rockchip specific drivers if CONFIG_VIDEO_HANTRO_ROCKCHIP is not set. All the driver functions are only referenced by rockchip_vpu_hw.c which is already under this option. Fixes: c9caebd57b3a ("media: hantro: merge Rockchip platform drivers") Fixes: c07665f99386 ("media: hantro: Add H.264 support for Rockchip VDPU2") Signed-off-by: Alexander Stein Reviewed-by: Nicolas Dufresne Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 2038c32162dc5929edf5b4ca56549eeb34ca4c13 Author: Benjamin Gaignard Date: Tue May 21 17:26:03 2024 +0200 media: verisilicon: AV1: Correct some sizes/positions on register fields Some fields aren't well positioned or with an incorrect size inside the hardware registers. Fix them. This doesn't impact the Fluster score. Fixes: 727a400686a2 ("media: verisilicon: Add Rockchip AV1 decoder") Signed-off-by: Benjamin Gaignard Reviewed-by: Nicolas Dufresne Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 65e9f52ffdc8af9c8f68f720554c944b429f7e06 Author: Benjamin Gaignard Date: Thu Mar 28 10:34:39 2024 +0100 media: verisilicon: Fix auxiliary buffer allocation size Use v4l2_av1_tile_info->tile_cols to get the number of columns in the frame and make auxiliary buffer memory size computation more accurate. Fixes: 727a400686a2 ("media: verisilicon: Add Rockchip AV1 decoder") Signed-off-by: Benjamin Gaignard Reviewed-by: Nicolas Dufresne Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 3be11cda62e668c34c388e8d84c06c457abde9f2 Author: Benjamin Gaignard Date: Thu Mar 28 10:34:38 2024 +0100 media: verisilicon: AV1: Be more flexible with postproc capabilities The RK3588 post-processor block is able to convert 10-bit pixel-formats into 8-bit pixel-formats. Fixes: 003afda97c65 ("media: verisilicon: Enable AV1 decoder on rk3588") Signed-off-by: Benjamin Gaignard Reviewed-by: Nicolas Dufresne Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit c2c982def1a3a1963ebddd41cc70ee026cb8b765 Author: Anastasia Belova Date: Mon Feb 5 18:23:50 2024 +0300 media: coda: cast an operand of multiplication to a larger type If the width and height are 0xffff (or close), the result of a multiplication will overflow. Cast to a larger type to avoid undefined behavior. Such values are possible in CODA7, but unlikely. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 918c66fd4126 ("[media] coda: add CODA7541 decoding support") Signed-off-by: Anastasia Belova Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit a9fef294e8b1e53a7ea733576dd4788c84ec8a21 Author: Deborah Brouwer Date: Thu Nov 9 10:48:38 2023 -0800 media: vicodec: allow en/decoder cmd w/o CAPTURE Vicodec will ignore en/decoder commands if the CAPTURE queue is not streaming. But this prevents CMD_STOP from being used during a dynamic resolution change to mark the last source buffer. Since CMD_STOP is ignored, but doesn’t fail, there is no warning that the command needs to be resent, and CAPTURE will continue to attempt to dequeue buffers waiting, futilely, for one with V4L2_BUF_FLAG_LAST. Fix this problem by carrying out en/decoder commands even if CAPTURE is not streaming. Fixes: d17589afa9706 vicodec: improve handling of ENC_CMD_STOP/START Reported by: Nicolas Dufresne Signed-off-by: Deborah Brouwer Signed-off-by: Sebastian Fricke Signed-off-by: Hans Verkuil commit 8c8389bba49d8cd0ffc5bf2b27cb3233268a45d5 Author: Biju Das Date: Sun Sep 10 17:01:26 2023 +0100 media: mt9p031: Drop CONFIG_OF ifdeffery Drop of_match_ptr() from mt9p031_i2c_driver and get rid of ugly CONFIG_OF if check. This slightly increases the size of mt9p031_i2c_driver on non-OF system and shouldn't be an issue. Add mod_devicetable.h include. It also allows, in case if needed, to enumerate this device via ACPI with PRP0001 magic. Signed-off-by: Biju Das Reviewed-by: Jacopo Mondi Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/r/20230910160126.70122-3-biju.das.jz@bp.renesas.com Signed-off-by: Laurent Pinchart commit c551551b677f213ef12d7ba213483f17304790a6 Author: Biju Das Date: Sun Sep 10 17:01:25 2023 +0100 media: mt9p031: Extend match support for OF tables The driver has an OF match table, still, it uses an ID lookup table for retrieving match data. Currently, the driver is working on the assumption that an I2C device registered via OF will always match a legacy I2C device ID. The correct approach is to have an OF device ID table using i2c_get_match_data() if the devices are registered via OF/ID. Unify the OF/ID table by using MEDIA_BUS_FMT as match data for both these tables and replace the ID lookup table for the match data by i2c_get_match_data() and simplifly probe() and mt9p031_init_state(). While at it, remove the trailing comma in the terminator entry for the OF table making code robust against (theoretical) misrebases or other similar things where the new entry goes _after_ the termination without the compiler noticing. Signed-off-by: Biju Das Reviewed-by: Jacopo Mondi Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/r/20230910160126.70122-2-biju.das.jz@bp.renesas.com Signed-off-by: Laurent Pinchart commit b5dec48c2b85e6150b50fa22b181e6396c769c76 Author: Changhuang Liang Date: Tue Aug 20 04:20:02 2024 -0700 staging: media: starfive: Add the dynamic resolution support Add the dynamic resolution support for video "capture_raw" device. Otherwise it will capture the wrong image data if the width is not 1920. Fixes: e080f339c80a ("media: staging: media: starfive: camss: Add capture driver") Signed-off-by: Changhuang Liang Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/r/20240820112002.560432-1-changhuang.liang@starfivetech.com Signed-off-by: Laurent Pinchart commit 6c573f259ab35ccd078467b125287d2d72068f0b Author: Laurent Pinchart Date: Fri Aug 23 00:24:43 2024 +0300 media: Documentation: mc: Replace deprecated graph walk API The graph walk API has been deprecated in commit eac564de0915 ("media: mc: entity: Add entity iterator for media_pipeline") in favour of pipelien iterators, but the MC documentation hasn't been updated accordingly. It still documents the deprecated API as the only option. Fix it by dropping the deprecated function, and documenting the new API. Signed-off-by: Laurent Pinchart Acked-by: Sakari Ailus Link: https://lore.kernel.org/r/20240822212445.2037-5-laurent.pinchart+renesas@ideasonboard.com Signed-off-by: Laurent Pinchart commit 182a862560097dec7adf774af58076984cd6c1ed Author: Jan Kiszka Date: Wed Aug 14 18:37:17 2024 +0200 arm64: dts: ti: k3-am642-evm: Silence schema warning The resolves k3-am642-evm.dtb: adc: 'ti,adc-channels' is a required property from schema $id: http://devicetree.org/schemas/iio/adc/ti,am3359-adc.yaml# As the adc is reserved, thus not used by Linux, this has no practical impact. Signed-off-by: Jan Kiszka Link: https://lore.kernel.org/r/c16521bd55ebed8d1625f11c2ed6fd2c45e8baa5.1723653439.git.jan.kiszka@siemens.com Signed-off-by: Nishanth Menon commit f0f961ab9c9652c2f07bd7120a5b2b462ad6fd92 Author: Faiz Abbas Date: Wed Aug 21 15:54:14 2024 -0500 arm64: dts: ti: k3-am654-idk: Add Support for MCAN There are two MCAN instances present on the am65x SoC [0]. Since there are two CAN transceivers on the IDK application board for AM654 EVM [1], enable m_can0 and m_can1, add the two corresponding CAN transceiver nodes, and set a maximum data rate of 5 Mbps. [0] https://www.ti.com/lit/ds/symlink/am6548.pdf [1] https://www.ti.com/lit/zip/sprr382 Signed-off-by: Faiz Abbas Signed-off-by: Judith Mendez Link: https://lore.kernel.org/r/20240821205414.1706661-1-jm@ti.com Signed-off-by: Nishanth Menon commit 73f7ec38556e51f32627fd18c28e56aac4da2646 Author: Andrew Davis Date: Wed Aug 21 11:23:37 2024 -0500 arm64: dts: ti: k3-am65: Add simple-mfd compatible to SerDes control nodes The SerDes control nodes contain both a clock and clock mux, this is a simple MFD. Add this to the compatible string list. Reported-by: Jan Kiszka Closes: https://lore.kernel.org/linux-arm-kernel/cover.1723653439.git.jan.kiszka@siemens.com/ Fixes: da795dc4f2a0 ("arm64: dts: ti: k3-am65: Move SerDes mux nodes under the control node") Signed-off-by: Andrew Davis Tested-by: Jan Kiszka Link: https://lore.kernel.org/r/20240821162337.33774-2-afd@ti.com Signed-off-by: Nishanth Menon commit f92ed4e4c8454144158bda90614109373e210676 Author: Andrew Davis Date: Wed Aug 21 11:23:36 2024 -0500 dt-bindings: soc: ti: am654-serdes-ctrl: Add simple-mfd to compatible items This node contains a child which is only probed if simple-mfd is in the compatible list. Add this here. Signed-off-by: Andrew Davis Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240821162337.33774-1-afd@ti.com Signed-off-by: Nishanth Menon commit 87adfd1ab03aec17600de2d881ee4ca6914a8674 Author: Wadim Egorov Date: Thu Aug 15 13:32:11 2024 +0200 arm64: dts: ti: am642-phyboard-electra: Add PRU-ICSSG nodes The phyBOARD-Electra implements two Ethernet ports utilizing PRUs. Add configuration for both mac ports & PHYs. Signed-off-by: Wadim Egorov Link: https://lore.kernel.org/r/20240815113212.3720403-1-w.egorov@phytec.de Signed-off-by: Nishanth Menon commit 10e7bfd8114c207acd3858086f07061e447dd04f Author: Alessandro Zini Date: Wed Aug 14 23:43:28 2024 +0200 arm64: dts: ti: k3-am62: Enable CPU freq throttling on thermal alert Enable throttling down the CPU frequency when an alert temperature threshold (lower than the critical threshold) is reached. Signed-off-by: Alessandro Zini Link: https://lore.kernel.org/r/20240814214328.14155-1-alessandro.zini@siemens.com Signed-off-by: Nishanth Menon commit 67d820656fd87581e9ea8b27e42fbcdd0202b3b5 Author: Jared McArthur Date: Fri Aug 9 11:28:28 2024 -0500 arm64: dts: ti: k3-j722s: Add gpio-reserved-ranges for main_gpio1 Commit ed07d82f9e3e8 ("arm64: dts: ti: k3-am62p-j722s: Move SoC-specific node properties") introduced the main_gpio1 node and included the ti,ngpio property, but did not include the gpio-reserved-ranges property. As a result, the user could try to access gpios that do not exist. Fix this by introducing the gpio-reserved-ranges property. The non-existent gpios are found in the am67x datasheet [1] in Table 5-27. Depends on patch: dt-bindings: gpio: gpio-davinci: Add the gpio-reserved-ranges property [2] [1] https://www.ti.com/lit/ds/symlink/am67.pdf [2] https://lore.kernel.org/all/20240809154638.394091-2-j-mcarthur@ti.com/ Signed-off-by: Jared McArthur Link: https://lore.kernel.org/r/20240809162828.1945821-3-j-mcarthur@ti.com Signed-off-by: Nishanth Menon commit 235b5b08ea3cb2743309d7d27b85d34387ee4b54 Author: Jared McArthur Date: Fri Aug 9 11:28:27 2024 -0500 arm64: dts: ti: k3-am62p: Add gpio-reserved-ranges for main_gpio1 Commit 29075cc09f43 ("arm64: dts: ti: Introduce AM62P5 family of SoCs") introduced the main_gpio1 node and included the ti,ngpio property, but did not include the gpio-reserved-ranges property. As a result, the user could try to access gpios that do not exist. Fix this by introducing the gpio-reserved-ranges property. The non-existent gpios are found in the am62p datasheet [1] in Table 5-24. Depends on patch: dt-bindings: gpio: gpio-davinci: Add the gpio-reserved-ranges property [2] [1] https://www.ti.com/lit/ds/symlink/am62p.pdf [2] https://lore.kernel.org/all/20240809154638.394091-2-j-mcarthur@ti.com/ Signed-off-by: Jared McArthur Link: https://lore.kernel.org/r/20240809162828.1945821-2-j-mcarthur@ti.com Signed-off-by: Nishanth Menon commit f2a5177bb83dce16f13c9f5f8f828714e4788a8d Author: Bhavya Kapoor Date: Fri Aug 9 12:52:31 2024 +0530 arm64: dts: ti: k3-am68-sk-base-board: Add clklb pin mux for mmc1 mmc1 is not functional and needs clock loopback so that it can create sampling clock from this for high speed SDIO operations. Thus, add clklb pin mux to get mmc1 working. Fixes: a266c180b398 ("arm64: dts: ti: k3-am68-sk: Add support for AM68 SK base board") Signed-off-by: Bhavya Kapoor Reviewed-by: Neha Malcom Francis Reviewed-by: Manorit Chawdhry Link: https://lore.kernel.org/r/20240809072231.2931206-1-b-kapoor@ti.com Signed-off-by: Nishanth Menon commit 7439fec041c22262ee18b3cccef42c69e0a05362 Author: Matthias Schiffer Date: Wed Aug 7 14:19:21 2024 +0200 arm64: dts: ti: k3-am642-tqma64xxl-mbax4xxl: add PRU Ethernet support Add PRU Ethernet controller and PHY nodes, as it was previously done for the AM64x EVM Device Trees. Signed-off-by: Matthias Schiffer Link: https://lore.kernel.org/r/20240807121922.3180213-1-matthias.schiffer@ew.tq-group.com Signed-off-by: Nishanth Menon commit ba7b9e8408ab866aa0b3c88e406b8934782402d7 Author: Siddharth Vadapalli Date: Sat Jul 20 16:34:55 2024 +0530 arm64: dts: ti: k3-j784s4-evm: Use 4 lanes for PCIe0 on EVM The PCIe0 instance of the PCIe controller on J784S4 SoC supports up to 4 lanes. Additionally, all 4 lanes of PCIe0 can be utilized on J784S4-EVM via SERDES1. Since SERDES1 is not being used by any peripheral apart from PCIe0, use all 4 lanes of SERDES1 for PCIe0. Fixes: 27ce26fe52d4 ("arm64: dts: ti: k3-j784s4-evm: Enable PCIe0 and PCIe1 in RC Mode") Signed-off-by: Siddharth Vadapalli Link: https://lore.kernel.org/r/20240720110455.3043327-1-s-vadapalli@ti.com Signed-off-by: Nishanth Menon commit f363930484d733e784fce12355d32d04e5baa313 Author: Miguel Ojeda Date: Fri Aug 16 20:15:14 2024 +0200 docs: rust: quick-start: add Debian Testing Debian Testing is now also providing recent Rust releases (outside of the freeze period), like Debian Unstable (Sid). Thus add it to the list. Cc: Fabian Grünbichler Signed-off-by: Miguel Ojeda commit d355c895fa4ddd8bec15569eee540baeed7df8c5 Author: Alexander Dahl Date: Wed Aug 21 07:51:36 2024 +0200 ARM: dts: microchip: sam9x60: Fix rtc/rtt clocks The RTC and RTT peripherals use the timing domain slow clock (TD_SLCK), sourced from the 32.768 kHz crystal oscillator or slow rc oscillator. The previously used Monitoring domain slow clock (MD_SLCK) is sourced from an internal RC oscillator which is most probably not precise enough for real time clock purposes. Fixes: 1e5f532c2737 ("ARM: dts: at91: sam9x60: add device tree for soc and board") Fixes: 5f6b33f46346 ("ARM: dts: sam9x60: add rtt") Signed-off-by: Alexander Dahl Link: https://lore.kernel.org/r/20240821055136.6858-1-ada@thorsis.com [claudiu.beznea: removed () around the last commit description paragraph, removed " in front of "timing domain slow clock", described that TD_SLCK can also be sourced from slow rc oscillator] Signed-off-by: Claudiu Beznea commit 0f978da67aaeb86c1a3804ce533939b3f90530eb Author: Liao Chen Date: Tue Aug 20 12:26:04 2024 +0000 pinctrl: bcm2835: fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Acked-by: Florian Fainelli Link: https://lore.kernel.org/20240820122604.42736-1-liaochen4@huawei.com Signed-off-by: Linus Walleij commit 2d6e9ee7cb3e79b1713783c633b13af9aeffc90c Author: Claudiu Beznea Date: Sun Jul 14 17:13:15 2024 +0300 clk: at91: sama7g5: Allocate only the needed amount of memory for PLLs The maximum number of PLL components on SAMA7G5 is 3 (one fractional part and 2 dividers). Allocate the needed amount of memory for sama7g5_plls 2d array. Previous code used to allocate 7 array entries for each PLL. While at it, replace 3 with PLL_COMPID_MAX in the loop which parses the sama7g5_plls 2d array. Fixes: cb783bbbcf54 ("clk: at91: sama7g5: add clock support for sama7g5") Acked-by: Stephen Boyd Link: https://lore.kernel.org/r/20240714141315.19480-1-claudiu.beznea@tuxon.dev Signed-off-by: Claudiu Beznea commit f7b286ab3d46bac0ffb6df4d0cbadd92bf244c6b Author: Liao Chen Date: Wed Aug 14 03:01:55 2024 +0000 pinctrl: pinctrl-zynq: fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Link: https://lore.kernel.org/20240814030155.3876069-1-liaochen4@huawei.com Signed-off-by: Linus Walleij commit cacd8cf79d7823b07619865e994a7916fcc8ae91 Author: Yang Yingliang Date: Mon Aug 19 10:46:25 2024 +0800 pinctrl: single: fix missing error code in pcs_probe() If pinctrl_enable() fails in pcs_probe(), it should return the error code. Fixes: 8f773bfbdd42 ("pinctrl: single: fix possible memory leak when pinctrl_enable() fails") Signed-off-by: Yang Yingliang Link: https://lore.kernel.org/20240819024625.154441-1-yangyingliang@huaweicloud.com Signed-off-by: Linus Walleij commit 7d3aed652d090508990d245f9d80dcc481910d02 Author: Mina Almasry Date: Thu Aug 22 05:51:54 2024 +0000 net: refactor ->ndo_bpf calls into dev_xdp_propagate When net devices propagate xdp configurations to slave devices, we will need to perform a memory provider check to ensure we're not binding xdp to a device using unreadable netmem. Currently the ->ndo_bpf calls in a few places. Adding checks to all these places would not be ideal. Refactor all the ->ndo_bpf calls into one place where we can add this check in the future. Suggested-by: Jakub Kicinski Signed-off-by: Mina Almasry Signed-off-by: David S. Miller commit bef17a417cc9788f2ea5df5c92fb16f198775d06 Author: Manikandan Muralidharan Date: Wed Aug 14 11:43:15 2024 +0530 dt-bindings: pinctrl: Convert Atmel PIO3 pinctrl to json-schema Convert Atmel PIO3 pinctrl binding document to DT schema format json-schema. Signed-off-by: Manikandan Muralidharan Acked-by: Linus Walleij Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240814061315.112564-5-manikandan.m@microchip.com Signed-off-by: Claudiu Beznea commit 57ab1757f68d605597bd1bccdd15b06e5cc2edf2 Author: Manikandan Muralidharan Date: Wed Aug 14 11:43:14 2024 +0530 ARM: dts: microchip: sam9x60: Remove additional compatible string from GPIO node The driver data specific to each pinctrl GPIO bank compatible nodes are not the same and declaring additional compatible string as fallback has no specific purpose, hence, removing the "atmel,at91sam9x5-gpio" compatible from sam9x60 SoC DT. Note: The at91 pinctrl driver uses "atmel,at91rm9200-gpio" compatible string to find the number of active GPIO banks and identify the pinmux nodes.It should used as a constant across all DT for GPIO node banks that uses PIO3 based pinctrl driver Signed-off-by: Manikandan Muralidharan Acked-by: Linus Walleij Link: https://lore.kernel.org/r/20240814061315.112564-4-manikandan.m@microchip.com Signed-off-by: Claudiu Beznea commit f9abec74133a60177acc1d4057f968e5f9759c3b Author: Manikandan Muralidharan Date: Wed Aug 14 11:43:13 2024 +0530 ARM: dts: microchip: Remove additional compatible string from PIO3 pinctrl nodes The driver data specific to each pinctrl GPIO bank compatible nodes are not the same and declaring additional compatible string as fallback has no specific purpose, hence, removing the additional compatible string from the pinctrl nodes in DT to comply with atmel,at91-pinctrl.txt documentation. Signed-off-by: Manikandan Muralidharan Acked-by: Linus Walleij Link: https://lore.kernel.org/r/20240814061315.112564-3-manikandan.m@microchip.com Signed-off-by: Claudiu Beznea commit 58c63181554b0dad90553bd1c777a93a631441f4 Author: Manikandan Muralidharan Date: Wed Aug 14 11:43:12 2024 +0530 ARM: dts: microchip: change to simple-mfd from simple-bus for PIO3 pinumux controller The pinctrl subnodes that define the pin configuration of other devices under PIO3 pinmux controller are not simple memory mapped nodes.Ergo, change simple-bus to simple-mfd. Signed-off-by: Manikandan Muralidharan Acked-by: Linus Walleij Link: https://lore.kernel.org/r/20240814061315.112564-2-manikandan.m@microchip.com Signed-off-by: Claudiu Beznea commit 3c44d31cb34ce4eb8311a2e73634d57702948230 Author: Herbert Xu Date: Sat Aug 17 14:58:35 2024 +0800 crypto: simd - Do not call crypto_alloc_tfm during registration Algorithm registration is usually carried out during module init, where as little work as possible should be carried out. The SIMD code violated this rule by allocating a tfm, this then triggers a full test of the algorithm which may dead-lock in certain cases. SIMD is only allocating the tfm to get at the alg object, which is in fact already available as it is what we are registering. Use that directly and remove the crypto_alloc_tfm call. Also remove some obsolete and unused SIMD API. Signed-off-by: Herbert Xu commit 37da5d0ffa7b61f79156fbbd3369f17b9a1638bd Author: Herbert Xu Date: Sat Aug 17 14:57:40 2024 +0800 crypto: api - Do not wait for tests during registration As registration is usually carried out during module init, this is a context where as little work as possible should be carried out. Testing may trigger module loads of underlying components, which could even lead back to the module that is registering at the moment. This may lead to dead-locks outside of the Crypto API. Avoid this by not waiting for the tests to complete. They will be scheduled but completion will be asynchronous. Any users will still wait for completion. Reported-by: Russell King Signed-off-by: Herbert Xu commit 96ad595520591f8bd9c5fbe901b56561fa9c8a9e Author: Herbert Xu Date: Sat Aug 17 14:56:51 2024 +0800 crypto: api - Remove instance larval fulfilment In order to allow testing to complete asynchronously after the registration process, instance larvals need to complete prior to having a test result. Support this by redoing the lookup for instance larvals after completion. This should locate the pending test larval and then repeat the wait on that (if it is still pending). As the lookup is now repeated there is no longer any need to compute the fulfilment status and all that code can be removed. Signed-off-by: Herbert Xu commit 7ccb750dcac8abbfc7743aab0db6a72c1c3703c7 Author: Herbert Xu Date: Sat Aug 17 12:36:19 2024 +0800 crypto: octeontx2 - Fix authenc setkey Use the generic crypto_authenc_extractkeys helper instead of custom parsing code that is slightly broken. Also fix a number of memory leaks by moving memory allocation from setkey to init_tfm (setkey can be called multiple times over the life of a tfm). Finally accept all hash key lengths by running the digest over extra-long keys. Signed-off-by: Herbert Xu commit 311eea7e37c4c0b44b557d0c100860a03b4eab65 Author: Herbert Xu Date: Sat Aug 17 12:13:23 2024 +0800 crypto: octeontx - Fix authenc setkey Use the generic crypto_authenc_extractkeys helper instead of custom parsing code that is slightly broken. Also fix a number of memory leaks by moving memory allocation from setkey to init_tfm (setkey can be called multiple times over the life of a tfm). Finally accept all hash key lengths by running the digest over extra-long keys. Signed-off-by: Herbert Xu commit 87a3fcf5fec5fb59ec8f23d12a56bcf2b2ee6db7 Author: Pavitrakumar M Date: Fri Aug 16 17:33:33 2024 +0530 crypto: spacc - Fixed return to CRYPTO_OK Removed CRYPTO_USED_JB and returning CRYPTO_OK instead. Signed-off-by: Bhoomika K Signed-off-by: Pavitrakumar M Acked-by: Ruud Derwig Signed-off-by: Herbert Xu commit 58bf99100a6dfcc53ba4ab547f1394bb6873b2ac Author: Pavitrakumar M Date: Fri Aug 16 17:33:32 2024 +0530 crypto: spacc - Fix counter width checks This patch fixes counter width checks according to the version extension3 register. The counter widths can be 8, 16, 32 and 64 bits as per the extension3 register. Signed-off-by: Bhoomika K Signed-off-by: Pavitrakumar M Acked-by: Ruud Derwig Signed-off-by: Herbert Xu commit 694a6f594817462942acbb1a35b1f7d61e2d49e7 Author: Svyatoslav Pankratov Date: Thu Aug 15 16:47:23 2024 +0100 crypto: qat - fix "Full Going True" macro definition The macro `ADF_RP_INT_SRC_SEL_F_RISE_MASK` is currently set to the value `0100b` which means "Empty Going False". This might cause an incorrect restore of the bank state during live migration. Fix the definition of the macro to properly represent the "Full Going True" state which is encoded as `0011b`. Fixes: bbfdde7d195f ("crypto: qat - add bank save and restore flows") Signed-off-by: Svyatoslav Pankratov Reviewed-by: Xin Zeng Signed-off-by: Giovanni Cabiddu Signed-off-by: Herbert Xu commit 3b1c9df662915a18a86f1a88364ee70875ed3b44 Author: Dan Carpenter Date: Thu Aug 15 14:20:20 2024 +0300 crypto: spacc - Check for allocation failure in spacc_skcipher_fallback() Check for crypto_alloc_skcipher() failure. Fixes: c8981d9230d8 ("crypto: spacc - Add SPAcc Skcipher support") Signed-off-by: Dan Carpenter Signed-off-by: Herbert Xu commit 8bc1bfa02e37d63632f0cb65543e3e71acdccafb Author: Dan Carpenter Date: Thu Aug 15 14:20:12 2024 +0300 crypto: spacc - Fix NULL vs IS_ERR() check in spacc_aead_fallback() The crypto_alloc_aead() function doesn't return NULL pointers, it returns error pointers. Fix the error checking. Fixes: 06af76b46c78 ("crypto: spacc - Add SPAcc aead support") Signed-off-by: Dan Carpenter Signed-off-by: Herbert Xu commit c32f08d024e275059474b3c11c1fc2bc7f2de990 Author: Dan Carpenter Date: Thu Aug 15 14:20:04 2024 +0300 crypto: spacc - Fix uninitialized variable in spacc_aead_process() Smatch complains that: drivers/crypto/dwc-spacc/spacc_aead.c:1031 spacc_aead_process() error: uninitialized symbol 'ptaadsize'. This could happen if, for example, tctx->mode was CRYPTO_MODE_NULL and req->cryptlen was less than icvremove. Fixes: 06af76b46c78 ("crypto: spacc - Add SPAcc aead support") Signed-off-by: Dan Carpenter Signed-off-by: Herbert Xu commit f036dd566453176d4eafb9701ebd69e7e59d6707 Author: Herbert Xu Date: Thu Aug 15 16:51:38 2024 +0800 crypto: spacc - Use crypto_authenc_extractkeys Use the crypto_authenc_extractkeys helper rather than ad-hoc parsing. Signed-off-by: Herbert Xu commit c76c9ec333432088a1c6f52650c149530fc5df5d Author: Dan Carpenter Date: Thu Aug 15 00:12:03 2024 +0300 crypto: spacc - Add a new line in spacc_open() Put the break statement should be on its own line. Signed-off-by: Dan Carpenter Signed-off-by: Herbert Xu commit 5d22d37aa8b93efaad797faf80db40ea59453481 Author: Dan Carpenter Date: Thu Aug 15 00:11:58 2024 +0300 crypto: spacc - Fix off by one in spacc_isenabled() The spacc->config.modes[] array has CRYPTO_MODE_LAST number of elements so this > comparison should be >= to prevent an out of bounds access. Fixes: c8981d9230d8 ("crypto: spacc - Add SPAcc Skcipher support") Signed-off-by: Dan Carpenter Signed-off-by: Herbert Xu commit b63483b37e813299445d2719488acab2b3f20544 Author: Dan Carpenter Date: Thu Aug 15 00:11:51 2024 +0300 crypto: spacc - Fix bounds checking on spacc->job[] This bounds checking is off by one. The > should be >=. The spacc->job[] array is allocated in spacc_init() and it has SPACC_MAX_JOBS elements. Fixes: 8ebb14deef0f ("crypto: spacc - Enable SPAcc AUTODETECT") Fixes: c8981d9230d8 ("crypto: spacc - Add SPAcc Skcipher support") Signed-off-by: Dan Carpenter Signed-off-by: Herbert Xu commit 142a794bcf007a22a5b14700e26d740b28d90754 Author: Tom Lendacky Date: Wed Aug 14 15:42:40 2024 -0500 crypto: ccp - Add additional information about an SEV firmware upgrade Print additional information, in the form of the old and new versions of the SEV firmware, so that it can be seen what the base firmware was before the upgrade. Signed-off-by: Tom Lendacky Reviewed-by: Ashish Kalra Signed-off-by: Herbert Xu commit 3363c460ef726ba693704dbcd73b7e7214ccc788 Author: Fangrui Song Date: Tue Aug 13 21:48:02 2024 -0700 crypto: x86/sha256 - Add parentheses around macros' single arguments The macros FOUR_ROUNDS_AND_SCHED and DO_4ROUNDS rely on an unexpected/undocumented behavior of the GNU assembler, which might change in the future (https://sourceware.org/bugzilla/show_bug.cgi?id=32073). M (1) (2) // 1 arg !? Future: 2 args M 1 + 2 // 1 arg !? Future: 3 args M 1 2 // 2 args Add parentheses around the single arguments to support future GNU assembler and LLVM integrated assembler (when the IsOperator hack from the following link is dropped). Link: https://github.com/llvm/llvm-project/commit/055006475e22014b28a070db1bff41ca15f322f0 Signed-off-by: Fangrui Song Reviewed-by: Jan Beulich Signed-off-by: Herbert Xu commit 86c85d6657e478c516c825d3d4a2a61aef627934 Author: Liao Chen Date: Wed Aug 14 02:44:06 2024 +0000 crypto: keembay - fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Acked-by: Daniele Alessandrelli Signed-off-by: Herbert Xu commit 95a798d20060d2b648dd604321e347c85edfd783 Author: Stephan Mueller Date: Mon Aug 12 08:25:42 2024 +0200 crypto: jitter - set default OSR to 3 The user space Jitter RNG library uses the oversampling rate of 3 which implies that each time stamp is credited with 1/3 bit of entropy. To obtain 256 bits of entropy, 768 time stamps need to be sampled. The increase in OSR is applied based on a report where the Jitter RNG is used on a system exhibiting a challenging environment to collect entropy. This OSR default value is now applied to the Linux kernel version of the Jitter RNG as well. The increase in the OSR from 1 to 3 also implies that the Jitter RNG is now slower by default. Reported-by: Jeff Barnes Signed-off-by: Stephan Mueller Signed-off-by: Herbert Xu commit ff9c674d1127e768050fe418470e74586985c87b Author: Nathan Chancellor Date: Fri Aug 23 20:47:13 2024 -0700 drm/xe: Fix total initialization in xe_ggtt_print_holes() Clang warns (or errors with CONFIG_DRM_WERROR or CONFIG_WERROR): drivers/gpu/drm/xe/xe_ggtt.c:810:3: error: variable 'total' is uninitialized when used here [-Werror,-Wuninitialized] 810 | total += hole_size; | ^~~~~ drivers/gpu/drm/xe/xe_ggtt.c:798:11: note: initialize the variable 'total' to silence this warning 798 | u64 total; | ^ | = 0 1 error generated. Move the zero initialization of total from xe_gt_sriov_pf_config_print_available_ggtt() to xe_ggtt_print_holes() to resolve the warning. Fixes: 136367290ea5 ("drm/xe: Introduce xe_ggtt_print_holes") Signed-off-by: Nathan Chancellor Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240823-drm-xe-fix-total-in-xe_ggtt_print_holes-v1-1-12b02d079327@kernel.org Signed-off-by: Lucas De Marchi commit 1e701372d7ac1939d5f8a1dc8172de00192394a8 Author: Kuppuswamy Sathyanarayanan Date: Fri Aug 23 18:43:37 2024 +0000 platform/x86/intel/ifs: Fix SBAF title underline length In commit # 0a3e4e94d137 ("platform/x86/intel/ifs: Add SBAF test image loading support"), the documentation for "Structural Based Functional Test at Field (SBAF)" had an incomplete underline. This resulted in the following build warning: Documentation/arch/x86/ifs:2: drivers/platform/x86/intel/ifs/ifs.h:131: WARNING: Title underline too short. Fix it by extending the dotted lines to match the length of the title. Fixes: 0a3e4e94d137 ("platform/x86/intel/ifs: Add SBAF test image loading support") Reported-by: Stephen Rothwell Closes: https://lore.kernel.org/lkml/20240820134354.2aec355d@canb.auug.org.au/T/#u Signed-off-by: Kuppuswamy Sathyanarayanan Reviewed-by: Jithu Joseph Link: https://lore.kernel.org/r/20240823184337.2923179-1-sathyanarayanan.kuppuswamy@linux.intel.com Signed-off-by: Hans de Goede commit a4dbe45c4c14edc316ae94b9af86a28f8c5d8123 Author: Hans de Goede Date: Fri Aug 23 09:50:55 2024 +0200 drm/i915/dsi: Make Lenovo Yoga Tab 3 X90F DMI match less strict There are 2G and 4G RAM versions of the Lenovo Yoga Tab 3 X90F and it turns out that the 2G version has a DMI product name of "CHERRYVIEW D1 PLATFORM" where as the 4G version has "CHERRYVIEW C0 PLATFORM". The sys-vendor + product-version check are unique enough that the product-name check is not necessary. Drop the product-name check so that the existing DMI match for the 4G RAM version also matches the 2G RAM version. Fixes: f6f4a0862bde ("drm/i915/vlv_dsi: Add DMI quirk for backlight control issues on Lenovo Yoga Tab 3 (v2)") Cc: stable@vger.kernel.org Acked-by: Jani Nikula Signed-off-by: Hans de Goede Link: https://patchwork.freedesktop.org/patch/msgid/20240823075055.17198-1-hdegoede@redhat.com commit a54ad727f74559f7c3dfcfd2a63d0ce7683a82e8 Author: Florian Westphal Date: Thu Aug 22 15:04:32 2024 +0200 xfrm: policy: remove remaining use of inexact list No consumers anymore, remove it. After this, insertion of policies no longer require list walk of all inexact policies but only those that are reachable via the candidate sets. This gives almost linear insertion speeds provided the inserted policies are for non-overlapping networks. Before: Inserted 1000 policies in 70 ms Inserted 10000 policies in 1155 ms Inserted 100000 policies in 216848 ms After: Inserted 1000 policies in 56 ms Inserted 10000 policies in 478 ms Inserted 100000 policies in 4580 ms Insertion of 1m entries takes about ~40s after this change on my test vm. Cc: Noel Kuntze Cc: Tobias Brunner Signed-off-by: Florian Westphal Signed-off-by: Steffen Klassert commit 563d5ca93e883b9dcb4b7dc8967ac569fd91820d Author: Florian Westphal Date: Thu Aug 22 15:04:31 2024 +0200 xfrm: switch migrate to xfrm_policy_lookup_bytype XFRM_MIGRATE still uses the old lookup method: first check the bydst hash table, then search the list of all the other policies. Switch MIGRATE to use the same lookup function as the packetpath. This is done to remove the last remaining users of the pernet xfrm.policy_inexact lists with the intent of removing this list. After this patch, policies are still added to the list on insertion and they are rehashed as-needed but no single API makes use of these anymore. This change is compile tested only. Cc: Tobias Brunner Signed-off-by: Florian Westphal Signed-off-by: Steffen Klassert commit 33f611cf7d52ffdaebdcd6e42672ca1d06e22974 Author: Florian Westphal Date: Thu Aug 22 15:04:30 2024 +0200 xfrm: policy: don't iterate inexact policies twice at insert time Since commit 6be3b0db6db8 ("xfrm: policy: add inexact policy search tree infrastructure") policy lookup no longer walks a list but has a set of candidate lists. This set has to be searched for the best match. In case there are several matches, the priority wins. If the priority is also the same, then the historic behaviour with a single list was to return the first match (first-in-list). With introduction of serval lists, this doesn't work and a new 'pos' member was added that reflects the xfrm_policy structs position in the list. This value is not exported to userspace and it does not need to be the 'position in the list', it just needs to make sure that a->pos < b->pos means that a was added to the lists more recently than b. This re-walk is expensive when many inexact policies are in use. Speed this up: when appending the policy to the end of the walker list, then just take the ->pos value of the last entry made and add 1. Add a slowpath version to prevent overflow, if we'd assign UINT_MAX then iterate the entire list and fix the ordering. While this speeds up insertion considerably finding the insertion spot in the inexact list still requires a partial list walk. This is addressed in followup patches. Before: ./xfrm_policy_add_speed.sh Inserted 1000 policies in 72 ms Inserted 10000 policies in 1540 ms Inserted 100000 policies in 334780 ms After: Inserted 1000 policies in 68 ms Inserted 10000 policies in 1137 ms Inserted 100000 policies in 157307 ms Reported-by: Noel Kuntze Cc: Tobias Brunner Signed-off-by: Florian Westphal Signed-off-by: Steffen Klassert commit 9c5b6d4e33dd78a0511ec34756d783b7e36028c2 Author: Florian Westphal Date: Thu Aug 22 15:04:29 2024 +0200 selftests: add xfrm policy insertion speed test script Nothing special, just test how long insertion of x policies takes. This should ideally show linear insertion speeds. Do not run this by default, it has little value, but it can be useful to check for insertion speed chahnges when altering the xfrm policy db implementation. Signed-off-by: Florian Westphal Signed-off-by: Steffen Klassert commit 6994d8b84bfd71431bfccb5baf84a827086d48a5 Author: Dmitry Torokhov Date: Thu Aug 15 11:41:53 2024 -0700 Input: evdev - limit amount of data for writes Limit amount of data that can be written into an evdev instance at a given time to 4096 bytes (170 input events) to avoid holding evdev->mutex for too long and starving other users. Reviewed-by: Jeff LaBundy Reviewed-by: Peter Hutterer Link: https://lore.kernel.org/r/Zr5L8TUzkJcB9HcF@google.com Signed-off-by: Dmitry Torokhov commit b0b79119cea2dd0d4bbfafc7c0f41d42edb41466 Author: Simon Horman Date: Fri Aug 23 18:26:27 2024 +0100 staging: rtl8192e: remove set but otherwise unused local variable iv16 Since the commit 5f1a6826ea49 ("staging: rtl8192e: remove set but otherwise unused local variable iv32"), the local variable iv16 is set but otherwise unused. So remove it. Compile tested only. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408232049.UJef268y-lkp@intel.com/ Signed-off-by: Simon Horman Link: https://lore.kernel.org/r/20240823-rtl8192e-iv16-v1-1-000702673065@kernel.org Signed-off-by: Greg Kroah-Hartman commit 7db44914889f7e1149c1d038f5bcf57c6c90e0d3 Merge: 6756d308bce155 490be7ba2a0180 Author: Mark Brown Date: Sat Aug 24 01:51:40 2024 +0100 Add SOF support for ACP7.0 based platform Merge series from Vijendar Mukunda : This patch series adds SOF support for ACP7.0 based platform. Link: https://github.com/thesofproject/linux/pull/5139 commit 6756d308bce1553f22e390d0e8140e535caea5f4 Merge: b42c0ec286c5bd a14b278a47dd4b Author: Mark Brown Date: Sat Aug 24 01:51:26 2024 +0100 ASoC: dapm-graph: add component on/off and route names Merge series from Luca Ceresoli : This small series adds some improvements to dapm-graph in order to produce a more correct and informative graph. commit 69704bbbc06ed51e02fff909b417b40adf790a9a Author: Adam Skladowski Date: Tue Jul 9 12:22:54 2024 +0200 dt-bindings: interconnect: qcom: msm8953: Fix 'See also' in description "See also" in description seems to be wrongly defined, make it inline with other yamls. Fixes: 791ed23f735b ("dt-bindings: interconnect: qcom: Add Qualcomm MSM8953 NoC") Signed-off-by: Adam Skladowski Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240709102728.15349-10-a39.skl@gmail.com Signed-off-by: Georgi Djakov commit 1d4f55b5c53a28a6e226332d2d8043456c918153 Author: Adam Skladowski Date: Tue Jul 9 12:22:53 2024 +0200 interconnect: qcom: msm8953: Add ab_coeff BIMC and SNOC-MM on downstream feature qcom,util-fact which translates to ab_coeff, add it. Signed-off-by: Adam Skladowski Link: https://lore.kernel.org/r/20240709102728.15349-9-a39.skl@gmail.com Signed-off-by: Georgi Djakov commit 123d2b96c17301f0f9011fbd4226fccc5f3e87c5 Author: Adam Skladowski Date: Tue Jul 9 12:22:52 2024 +0200 dt-bindings: interconnect: qcom: msm8939: Fix example For now example list snoc_mm as children of bimc which is obviously not valid, drop bimc and move snoc_mm into snoc. Signed-off-by: Adam Skladowski Reviewed-by: Rob Herring (Arm) Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240709102728.15349-8-a39.skl@gmail.com Signed-off-by: Georgi Djakov commit 7f3ea8a922da61fd77a2ffe7e37e99ba0fc63bb1 Author: Adam Skladowski Date: Tue Jul 9 12:22:51 2024 +0200 interconnect: qcom: qcs404: Add regmaps and more bus descriptions Currently we are lacking descriptions of regmaps, bus clocks and types of busses, provide them. Signed-off-by: Adam Skladowski Link: https://lore.kernel.org/r/20240709102728.15349-7-a39.skl@gmail.com Signed-off-by: Georgi Djakov commit 16e5d505e4333b0dded2674fcfb6a28876fdfd5b Author: Adam Skladowski Date: Tue Jul 9 12:22:50 2024 +0200 interconnect: qcom: qcs404: Mark AP-owned nodes as such When driver was upstreamed it seems ap_owned nodes were not available, bring them now. Signed-off-by: Adam Skladowski Link: https://lore.kernel.org/r/20240709102728.15349-6-a39.skl@gmail.com Signed-off-by: Georgi Djakov commit 755acd36fe99edf890e4545350a32a0b29228f44 Author: Adam Skladowski Date: Tue Jul 9 12:22:49 2024 +0200 interconnect: qcom: Add MSM8937 interconnect provider driver Add driver for interconnect busses found in MSM8937 based platforms. The topology consists of four NoCs that are partially controlled by a RPM processor. Signed-off-by: Adam Skladowski Link: https://lore.kernel.org/r/20240709102728.15349-5-a39.skl@gmail.com Signed-off-by: Georgi Djakov commit 3126d5fff54368288e7fe1c0fd4ecb36b868e5aa Author: Yu Jiaoliang Date: Wed Aug 21 16:40:36 2024 +0200 drm/i915/gt: Use kmemdup_array instead of kmemdup for multiple allocation Let the kememdup_array() take care about multiplication and possible overflows. v2: - Change subject - Leave one blank line between the commit log and the tag section - Fix code alignment issue v3: - Fix code alignment - Apply the patch on a clean drm-tip Signed-off-by: Yu Jiaoliang Reviewed-by: Jani Nikula Reviewed-by: Andi Shyti Signed-off-by: Andi Shyti Link: https://patchwork.freedesktop.org/patch/msgid/20240821144036.343556-1-andi.shyti@linux.intel.com commit ddc3d98807dca05ad10f4c76d13019c428302719 Author: Jordan Rome Date: Fri Aug 23 12:51:01 2024 -0700 selftests/bpf: Add tests for bpf_copy_from_user_str kfunc. This adds tests for both the happy path and the error path. Signed-off-by: Jordan Rome Link: https://lore.kernel.org/r/20240823195101.3621028-2-linux@jordanrome.com Signed-off-by: Alexei Starovoitov commit 65ab5ac4df012388481d0414fcac1d5ac1721fb3 Author: Jordan Rome Date: Fri Aug 23 12:51:00 2024 -0700 bpf: Add bpf_copy_from_user_str kfunc This adds a kfunc wrapper around strncpy_from_user, which can be called from sleepable BPF programs. This matches the non-sleepable 'bpf_probe_read_user_str' helper except it includes an additional 'flags' param, which allows consumers to clear the entire destination buffer on success or failure. Signed-off-by: Jordan Rome Link: https://lore.kernel.org/r/20240823195101.3621028-1-linux@jordanrome.com Signed-off-by: Alexei Starovoitov commit 6628851159c77cf5666160e0272d46acc0772a6c Author: Andi Shyti Date: Mon Aug 19 13:31:40 2024 +0200 drm/i915/gt: Continue creating engine sysfs files even after a failure The i915 driver generates sysfs entries for each engine of the GPU in /sys/class/drm/cardX/engines/. The process is straightforward: we loop over the UABI engines and for each one, we: - Create the object. - Create basic files. - If the engine supports timeslicing, create timeslice duration files. - If the engine supports preemption, create preemption-related files. - Create default value files. Currently, if any of these steps fail, the process stops, and no further sysfs files are created. However, it's not necessary to stop the process on failure. Instead, we can continue creating the remaining sysfs files for the other engines. Even if some files fail to be created, the list of engines can still be retrieved by querying i915. Signed-off-by: Andi Shyti Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240819113140.325235-1-andi.shyti@linux.intel.com commit 0b5530861eec1cf3f240a6a4a0ceed58f67fbcc5 Author: Yosry Ahmed Date: Mon Aug 5 20:12:47 2024 +0000 x86/hyperv: use helpers to read control registers in hv_snp_boot_ap() Use native_read_cr*() helpers to read control registers into vmsa->cr* instead of open-coded assembly. No functional change intended, unless there was a purpose to specifying rax. Signed-off-by: Yosry Ahmed Link: https://lore.kernel.org/r/20240805201247.427982-1-yosryahmed@google.com Signed-off-by: Wei Liu Message-ID: <20240805201247.427982-1-yosryahmed@google.com> commit 87c9741a38c4fa63ff3525c3191fb8a4a69b4ff6 Author: Saurabh Sengar Date: Wed Jul 31 21:55:36 2024 -0700 Drivers: hv: vmbus: Optimize boot time by concurrent execution of hv_synic_init() Currently on a very large system with 1780 CPUs, hv_acpi_init() takes around 3 seconds to complete. This is because of sequential synic initialization for each CPU performed by hv_synic_init(). Schedule these tasks parallelly so that each CPU executes hv_synic_init() in parallel to take full advantage of multiple CPUs. This solution saves around 2 seconds of boot time on a 1780 CPU system, which is around 66% improvement in the existing logic. Signed-off-by: Saurabh Sengar Reviewed-by: Nuno Das Neves Reviewed-by: Srivatsa S. Bhat (Microsoft) Reviewed-by: Dexuan Cui Link: https://lore.kernel.org/r/1722488136-6223-1-git-send-email-ssengar@linux.microsoft.com Signed-off-by: Wei Liu Message-ID: <1722488136-6223-1-git-send-email-ssengar@linux.microsoft.com> commit b42c0ec286c5bd7ec14110a11e27d2f99a154cd3 Merge: ca39fab8b7bc6c 839a4ec06f75ce Author: Mark Brown Date: Fri Aug 23 22:45:53 2024 +0100 ASoC: Merge up fixes Some of the fixes for the Intel bards overlap with development work that removed old boards. commit 5772c3458bb8d17d763e0f411e1bae1bf4eda88d Author: Eduard Zingerman Date: Fri Aug 23 12:44:09 2024 -0700 selftests/bpf: use simply-expanded variables for libpcap flags Save pkg-config output for libpcap as simply-expanded variables. For an obscure reason 'shell' call in LDLIBS/CFLAGS recursively expanded variables makes *.test.o files compilation non-parallel when make is executed with -j option. While at it, reuse 'pkg-config --cflags' call to define -DTRAFFIC_MONITOR=1 option, it's exit status is the same as for 'pkg-config --exists'. Fixes: f52403b6bfea ("selftests/bpf: Add traffic monitor functions.") Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240823194409.774815-1-eddyz87@gmail.com Signed-off-by: Martin KaFai Lau commit d3681b30214eb5885092ce4586f07237dc3c522f Author: Dmitry Baryshkov Date: Sun Aug 4 08:40:12 2024 +0300 interconnect: qcom: sm8250: Enable sync_state Enable the generic icc sync_state callback to ensure interconnect votes are actually taken into account, instead of being forced to the maximum value. Fixes: b95b668eaaa2 ("interconnect: qcom: icc-rpmh: Add BCMs to commit list in pre_aggregate") Signed-off-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240804-sm8350-fixes-v1-8-1149dd8399fe@linaro.org Signed-off-by: Georgi Djakov commit b8ca67b1143e4d1e2adc20790c2c46e1498f54be Author: Dmitry Baryshkov Date: Sun Aug 4 08:40:10 2024 +0300 dt-bindings: interconnect: qcom,sm8350: drop DISP nodes Vendor msm-5.x kernels declared duplicate indices for some of display nodes to be used by separate display RSC and BCM voters. As it is not clear how this separate BCM should be modelled upstream and the device trees do not use these indices, drop them for now. Signed-off-by: Dmitry Baryshkov Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240804-sm8350-fixes-v1-6-1149dd8399fe@linaro.org Signed-off-by: Georgi Djakov commit c1bf21373ff06fb85abd920e1f13ac9c6d82174e Author: Dmitry Baryshkov Date: Sun Aug 4 08:40:08 2024 +0300 interconnect: qcom: sm8350: drop DISP nodes The msm-5.x kernels have additional display RSC and separate display BCM voter. Since upstream kernel doesn't yet provide display RSC, we end up duplicating several nodes, which can result in incorrect votes being cast. Drop *_DISP nodes. Fixes: d26a56674497 ("interconnect: qcom: Add SM8350 interconnect provider driver") Signed-off-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240804-sm8350-fixes-v1-4-1149dd8399fe@linaro.org Signed-off-by: Georgi Djakov commit e63866a475562810500ea7f784099bfe341e761a Author: Jeongjun Park Date: Mon Aug 19 13:05:46 2024 +0900 jfs: fix out-of-bounds in dbNextAG() and diAlloc() In dbNextAG() , there is no check for the case where bmp->db_numag is greater or same than MAXAG due to a polluted image, which causes an out-of-bounds. Therefore, a bounds check should be added in dbMount(). And in dbNextAG(), a check for the case where agpref is greater than bmp->db_numag should be added, so an out-of-bounds exception should be prevented. Additionally, a check for the case where agno is greater or same than MAXAG should be added in diAlloc() to prevent out-of-bounds. Reported-by: Jeongjun Park Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Jeongjun Park Signed-off-by: Dave Kleikamp commit 66a0f6b9f5fc205272035b6ffa4830be51e3f787 Author: Vinod Govindapillai Date: Fri Aug 23 14:21:48 2024 +0300 drm/xe/display: handle HPD polling in display runtime suspend/resume In XE, display runtime suspend / resume routines are called only if d3cold is allowed. This makes the driver unable to detect any HPDs once the device goes into runtime suspend state in platforms like LNL. Update the display runtime suspend / resume routines to include HPD polling regardless of d3cold status. While xe_display_pm_suspend/resume() performs steps during runtime suspend/resume that shouldn't happen, like suspending MST and they are missing other steps like enabling DC9, this patchset is meant to keep the current behavior wrt. these, leaving the corresponding updates for a follow-up v2: have a separate function for display runtime s/r (Rodrigo) v3: better streamlining of system s/r and runtime s/r calls (Imre) v4: rebased Reviewed-by: Arun R Murthy Signed-off-by: Vinod Govindapillai Link: https://patchwork.freedesktop.org/patch/msgid/20240823112148.327015-4-vinod.govindapillai@intel.com commit 122824165471ea492d8b07d15384345940aababb Author: Imre Deak Date: Fri Aug 23 14:21:47 2024 +0300 drm/xe: Handle polling only for system s/r in xe_display_pm_suspend/resume() This is a preparation for the follow-up patch where polling will be handled properly for all cases during runtime suspend/resume. v2: rebased Reviewed-by: Arun R Murthy Signed-off-by: Imre Deak Signed-off-by: Vinod Govindapillai Link: https://patchwork.freedesktop.org/patch/msgid/20240823112148.327015-3-vinod.govindapillai@intel.com commit a64e7e5b05e014dad9ae5858c9644d61400ec6ef Author: Imre Deak Date: Fri Aug 23 14:21:46 2024 +0300 drm/xe: Suspend/resume user access only during system s/r Enable/Disable user access only during system suspend/resume. This should not happen during runtime s/r v2: rebased Reviewed-by: Arun R Murthy Signed-off-by: Imre Deak Signed-off-by: Vinod Govindapillai Link: https://patchwork.freedesktop.org/patch/msgid/20240823112148.327015-2-vinod.govindapillai@intel.com commit 17e28a9aeae40d2de3c1ea3b94819ed94bfd6392 Author: Costa Shulyupin Date: Thu Aug 22 15:31:58 2024 +0300 genirq: Fix typo in struct comment Remove redundant "e" in "assign(e)ments". Signed-off-by: Costa Shulyupin Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240822123205.2186221-1-costa.shul@redhat.com commit d19d638b1e6cf746263ef60b7d0dee0204d8216a Author: Kees Cook Date: Mon Jul 8 13:22:06 2024 -0700 x86/syscall: Avoid memcpy() for ia32 syscall_get_arguments() Modern (fortified) memcpy() prefers to avoid writing (or reading) beyond the end of the addressed destination (or source) struct member: In function ‘fortify_memcpy_chk’, inlined from ‘syscall_get_arguments’ at ./arch/x86/include/asm/syscall.h:85:2, inlined from ‘populate_seccomp_data’ at kernel/seccomp.c:258:2, inlined from ‘__seccomp_filter’ at kernel/seccomp.c:1231:3: ./include/linux/fortify-string.h:580:25: error: call to ‘__read_overflow2_field’ declared with attribute warning: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Werror=attribute-warning] 580 | __read_overflow2_field(q_size_field, size); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ As already done for x86_64 and compat mode, do not use memcpy() to extract syscall arguments from struct pt_regs but rather just perform direct assignments. Binary output differences are negligible, and actually ends up using less stack space: - sub $0x84,%esp + sub $0x6c,%esp and less text size: text data bss dec hex filename 10794 252 0 11046 2b26 gcc-32b/kernel/seccomp.o.stock 10714 252 0 10966 2ad6 gcc-32b/kernel/seccomp.o.after Closes: https://lore.kernel.org/lkml/9b69fb14-df89-4677-9c82-056ea9e706f5@gmail.com/ Reported-by: Mirsad Todorovac Signed-off-by: Kees Cook Signed-off-by: Dave Hansen Reviewed-by: Gustavo A. R. Silva Acked-by: Dave Hansen Tested-by: Mirsad Todorovac Link: https://lore.kernel.org/all/20240708202202.work.477-kees%40kernel.org commit ae16f05c928a1336d5d9d19fd805d7bf29c3f0c8 Author: Tianyang Zhang Date: Fri Aug 23 18:43:37 2024 +0800 irqchip/loongarch-avec: Add AVEC irqchip support Introduce the advanced extended interrupt controllers (AVECINTC). This feature will allow each core to have 256 independent interrupt vectors and MSI interrupts can be independently routed to any vector on any CPU. The whole topology of irqchips in LoongArch machines looks like this if AVECINTC is supported: +-----+ +-----------------------+ +-------+ | IPI | --> | CPUINTC | <-- | Timer | +-----+ +-----------------------+ +-------+ ^ ^ ^ | | | +---------+ +----------+ +---------+ +-------+ | EIOINTC | | AVECINTC | | LIOINTC | <-- | UARTs | +---------+ +----------+ +---------+ +-------+ ^ ^ | | +---------+ +---------+ | PCH-PIC | | PCH-MSI | +---------+ +---------+ ^ ^ ^ | | | +---------+ +---------+ +---------+ | Devices | | PCH-LPC | | Devices | +---------+ +---------+ +---------+ ^ | +---------+ | Devices | +---------+ Co-developed-by: Jianmin Lv Signed-off-by: Jianmin Lv Co-developed-by: Liupu Wang Signed-off-by: Liupu Wang Co-developed-by: Huacai Chen Signed-off-by: Huacai Chen Signed-off-by: Tianyang Zhang Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240823104337.25577-2-zhangtianyang@loongson.cn commit a1d4646d34c6642194a421ca9afbd060b0f9aa00 Author: Tianyang Zhang Date: Fri Aug 23 18:43:36 2024 +0800 irqchip/loongson-pch-msi: Prepare get_pch_msi_handle() for AVECINTC On Loongson-3C6000 and higher systems with AVECINTC irqchip, there may be multiple PCI segments, but only one PCH-MSI irq domain. In this case, let get_pch_msi_handle() return the first domain handle. Co-developed-by: Jianmin Lv Signed-off-by: Jianmin Lv Co-developed-by: Liupu Wang Signed-off-by: Liupu Wang Co-developed-by: Huacai Chen Signed-off-by: Huacai Chen Signed-off-by: Tianyang Zhang Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240823104337.25577-1-zhangtianyang@loongson.cn commit 9e83dd3ebb14fadccb936308b7b101c75da76324 Author: Huacai Chen Date: Fri Aug 23 18:39:34 2024 +0800 irqchip/loongson-eiointc: Rename CPUHP_AP_IRQ_LOONGARCH_STARTING Rename CPUHP_AP_IRQ_LOONGARCH_STARTING to CPUHP_AP_IRQ_EIOINTC_STARTING because the upcoming AVECINTC irqchip driver will introduce a new state and so both are clearly identifiable. Signed-off-by: Huacai Chen Signed-off-by: Tianyang Zhang Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240823103936.25092-3-zhangtianyang@loongson.cn commit 843ed9317be1d0c3f4245418644fc7e55f465419 Author: Huacai Chen Date: Fri Aug 23 18:39:33 2024 +0800 LoongArch: Architectural preparation for AVEC irqchip Add architectural preparation for AVEC irqchip, including: 1. CPUCFG feature bits definition for AVEC; 2. Detection of AVEC irqchip in cpu_probe(); 3. New IPI type definition (IPI_CLEAR_VECTOR) for AVEC; 4. Provide arch_probe_nr_irqs() for large NR_IRQS; 5. Other related changes about the number of interrupts. Signed-off-by: Huacai Chen Signed-off-by: Tianyang Zhang Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240823103936.25092-2-zhangtianyang@loongson.cn commit 06fac729a6d54e2c6650b38734f84383aafb3acc Author: Huacai Chen Date: Fri Aug 23 18:39:32 2024 +0800 LoongArch: Move irqchip function prototypes to irq-loongson.h Some irqchip functions are only for internal use by irqchip drivers, so move their prototypes from asm/irq.h to drivers/irqchip/irq-loongson.h. All related driver files include the new irq-loongson.h. Signed-off-by: Huacai Chen Signed-off-by: Tianyang Zhang Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240823103936.25092-1-zhangtianyang@loongson.cn commit 5cd0aea0b16a74769533ca605bc43634a4485dd9 Merge: f727b13dbea16c 91c96842ab1e91 Author: Alexei Starovoitov Date: Fri Aug 23 11:39:33 2024 -0700 Merge branch 'support-bpf_kptr_xchg-into-local-kptr' Amery Hung says: ==================== Support bpf_kptr_xchg into local kptr This revision adds substaintial changes to patch 2 to support structures with kptr as the only special btf type. The test is split into local_kptr_stash and task_kfunc_success to remove dependencies on bpf_testmod that would break veristat results. This series allows stashing kptr into local kptr. Currently, kptrs are only allowed to be stashed into map value with bpf_kptr_xchg(). A motivating use case of this series is to enable adding referenced kptr to bpf_rbtree or bpf_list by using allocated object as graph node and the storage of referenced kptr. For example, a bpf qdisc [0] enqueuing a referenced kptr to a struct sk_buff* to a bpf_list serving as a fifo: struct skb_node { struct sk_buff __kptr *skb; struct bpf_list_node node; }; private(A) struct bpf_spin_lock fifo_lock; private(A) struct bpf_list_head fifo __contains(skb_node, node); /* In Qdisc_ops.enqueue */ struct skb_node *skbn; skbn = bpf_obj_new(typeof(*skbn)); if (!skbn) goto drop; /* skb is a referenced kptr to struct sk_buff acquired earilier * but not shown in this code snippet. */ skb = bpf_kptr_xchg(&skbn->skb, skb); if (skb) /* should not happen; do something below releasing skb to * satisfy the verifier */ ... bpf_spin_lock(&fifo_lock); bpf_list_push_back(&fifo, &skbn->node); bpf_spin_unlock(&fifo_lock); The implementation first searches for BPF_KPTR when generating program BTF. Then, we teach the verifier that the detination argument of bpf_kptr_xchg() can be local kptr, and use the btf_record in program BTF to check against the source argument. This series is mostly developed by Dave, who kindly helped and sent me the patchset. The selftests in bpf qdisc (WIP) relies on this series to work. [0] https://lore.kernel.org/netdev/20240714175130.4051012-10-amery.hung@bytedance.com/ --- v3 -> v4 - Allow struct in prog btf w/ kptr as the only special field type - Split tests of stashing referenced kptr and local kptr - v3: https://lore.kernel.org/bpf/20240809005131.3916464-1-amery.hung@bytedance.com/ v2 -> v3 - Fix prog btf memory leak - Test stashing kptr in prog btf - Test unstashing kptrs after stashing into local kptrs - v2: https://lore.kernel.org/bpf/20240803001145.635887-1-amery.hung@bytedance.com/ v1 -> v2 - Fix the document for bpf_kptr_xchg() - Add a comment explaining changes in the verifier - v1: https://lore.kernel.org/bpf/20240728030115.3970543-1-amery.hung@bytedance.com/ ==================== Link: https://lore.kernel.org/r/20240813212424.2871455-1-amery.hung@bytedance.com Signed-off-by: Alexei Starovoitov commit 91c96842ab1e9159c8129ab5ddfeb7dd97bf840e Author: Dave Marchevsky Date: Tue Aug 13 21:24:24 2024 +0000 selftests/bpf: Test bpf_kptr_xchg stashing into local kptr Test stashing both referenced kptr and local kptr into local kptrs. Then, test unstashing them. Acked-by: Martin KaFai Lau Acked-by: Hou Tao Signed-off-by: Dave Marchevsky Signed-off-by: Amery Hung Link: https://lore.kernel.org/r/20240813212424.2871455-6-amery.hung@bytedance.com Signed-off-by: Alexei Starovoitov commit b0966c724584a5a9fd7fb529de19807c31f27a45 Author: Dave Marchevsky Date: Tue Aug 13 21:24:23 2024 +0000 bpf: Support bpf_kptr_xchg into local kptr Currently, users can only stash kptr into map values with bpf_kptr_xchg(). This patch further supports stashing kptr into local kptr by adding local kptr as a valid destination type. When stashing into local kptr, btf_record in program BTF is used instead of btf_record in map to search for the btf_field of the local kptr. The local kptr specific checks in check_reg_type() only apply when the source argument of bpf_kptr_xchg() is local kptr. Therefore, we make the scope of the check explicit as the destination now can also be local kptr. Acked-by: Martin KaFai Lau Signed-off-by: Dave Marchevsky Signed-off-by: Amery Hung Link: https://lore.kernel.org/r/20240813212424.2871455-5-amery.hung@bytedance.com Signed-off-by: Alexei Starovoitov commit d59232afb0344e33e9399f308d9b4a03876e7676 Author: Dave Marchevsky Date: Tue Aug 13 21:24:22 2024 +0000 bpf: Rename ARG_PTR_TO_KPTR -> ARG_KPTR_XCHG_DEST ARG_PTR_TO_KPTR is currently only used by the bpf_kptr_xchg helper. Although it limits reg types for that helper's first arg to PTR_TO_MAP_VALUE, any arbitrary mapval won't do: further custom verification logic ensures that the mapval reg being xchgd-into is pointing to a kptr field. If this is not the case, it's not safe to xchg into that reg's pointee. Let's rename the bpf_arg_type to more accurately describe the fairly specific expectations that this arg type encodes. This is a nonfunctional change. Acked-by: Martin KaFai Lau Signed-off-by: Dave Marchevsky Signed-off-by: Amery Hung Link: https://lore.kernel.org/r/20240813212424.2871455-4-amery.hung@bytedance.com Signed-off-by: Alexei Starovoitov commit 7a851ecb180686f9e50110247b0fcd537e772e63 Author: Dave Marchevsky Date: Tue Aug 13 21:24:21 2024 +0000 bpf: Search for kptrs in prog BTF structs Currently btf_parse_fields is used in two places to create struct btf_record's for structs: when looking at mapval type, and when looking at any struct in program BTF. The former looks for kptr fields while the latter does not. This patch modifies the btf_parse_fields call made when looking at prog BTF struct types to search for kptrs as well. Before this series there was no reason to search for kptrs in non-mapval types: a referenced kptr needs some owner to guarantee resource cleanup, and map values were the only owner that supported this. If a struct with a kptr field were to have some non-kptr-aware owner, the kptr field might not be properly cleaned up and result in resources leaking. Only searching for kptr fields in mapval was a simple way to avoid this problem. In practice, though, searching for BPF_KPTR when populating struct_meta_tab does not expose us to this risk, as struct_meta_tab is only accessed through btf_find_struct_meta helper, and that helper is only called in contexts where recognizing the kptr field is safe: * PTR_TO_BTF_ID reg w/ MEM_ALLOC flag * Such a reg is a local kptr and must be free'd via bpf_obj_drop, which will correctly handle kptr field * When handling specific kfuncs which either expect MEM_ALLOC input or return MEM_ALLOC output (obj_{new,drop}, percpu_obj_{new,drop}, list+rbtree funcs, refcount_acquire) * Will correctly handle kptr field for same reasons as above * When looking at kptr pointee type * Called by functions which implement "correct kptr resource handling" * In btf_check_and_fixup_fields * Helper that ensures no ownership loops for lists and rbtrees, doesn't care about kptr field existence So we should be able to find BPF_KPTR fields in all prog BTF structs without leaking resources. Further patches in the series will build on this change to support kptr_xchg into non-mapval local kptr. Without this change there would be no kptr field found in such a type. Acked-by: Martin KaFai Lau Acked-by: Hou Tao Signed-off-by: Dave Marchevsky Signed-off-by: Amery Hung Link: https://lore.kernel.org/r/20240813212424.2871455-3-amery.hung@bytedance.com Signed-off-by: Alexei Starovoitov commit c5ef53420f46c9ca6badca4f4cabacd76de8091e Author: Amery Hung Date: Tue Aug 13 21:24:20 2024 +0000 bpf: Let callers of btf_parse_kptr() track life cycle of prog btf btf_parse_kptr() and btf_record_free() do btf_get() and btf_put() respectively when working on btf_record in program and map if there are kptr fields. If the kptr is from program BTF, since both callers has already tracked the life cycle of program BTF, it is safe to remove the btf_get() and btf_put(). This change prevents memory leak of program BTF later when we start searching for kptr fields when building btf_record for program. It can happen when the btf fd is closed. The btf_put() corresponding to the btf_get() in btf_parse_kptr() was supposed to be called by btf_record_free() in btf_free_struct_meta_tab() in btf_free(). However, it will never happen since the invocation of btf_free() depends on the refcount of the btf to become 0 in the first place. Acked-by: Martin KaFai Lau Acked-by: Hou Tao Signed-off-by: Amery Hung Link: https://lore.kernel.org/r/20240813212424.2871455-2-amery.hung@bytedance.com Signed-off-by: Alexei Starovoitov commit 4937dc0ffc8edc774b21882d557c032f3693f40d Author: Adam Skladowski Date: Tue Jul 9 12:22:48 2024 +0200 dt-bindings: interconnect: qcom: Add Qualcomm MSM8937 NoC Add bindings for Qualcomm MSM8937 Network-On-Chip interconnect devices. Signed-off-by: Adam Skladowski Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240709102728.15349-4-a39.skl@gmail.com Signed-off-by: Georgi Djakov commit 6e3ea1f36b10338e3901f337105b0870fe158b32 Author: Adam Skladowski Date: Tue Jul 9 12:22:47 2024 +0200 interconnect: qcom: Add MSM8976 interconnect provider driver Add driver for interconnect busses found in MSM8976 based platforms. The topology consists of four NoCs that are partially controlled by a RPM processor. Signed-off-by: Adam Skladowski Link: https://lore.kernel.org/r/20240709102728.15349-3-a39.skl@gmail.com Signed-off-by: Georgi Djakov commit e5b9032b1b8e0ecc5b71451703f04b4e13ea42f8 Author: Adam Skladowski Date: Tue Jul 9 12:22:46 2024 +0200 dt-bindings: interconnect: qcom: Add Qualcomm MSM8976 NoC Add bindings for Qualcomm MSM8976 Network-On-Chip interconnect devices. Signed-off-by: Adam Skladowski Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240709102728.15349-2-a39.skl@gmail.com Signed-off-by: Georgi Djakov commit b0b2fc815e514221f01384f39fbfbff65d897e1c Author: Remington Brasga Date: Wed Jul 10 00:12:44 2024 +0000 jfs: UBSAN: shift-out-of-bounds in dbFindBits Fix issue with UBSAN throwing shift-out-of-bounds warning. Reported-by: syzbot+e38d703eeb410b17b473@syzkaller.appspotmail.com Signed-off-by: Remington Brasga Signed-off-by: Dave Kleikamp commit ed4fb6d7ef68111bb539283561953e5c6e9a6e38 Author: Felix Moessbauer Date: Wed Aug 14 14:10:32 2024 +0200 hrtimer: Use and report correct timerslack values for realtime tasks The timerslack_ns setting is used to specify how much the hardware timers should be delayed, to potentially dispatch multiple timers in a single interrupt. This is a performance optimization. Timers of realtime tasks (having a realtime scheduling policy) should not be delayed. This logic was inconsitently applied to the hrtimers, leading to delays of realtime tasks which used timed waits for events (e.g. condition variables). Due to the downstream override of the slack for rt tasks, the procfs reported incorrect (non-zero) timerslack_ns values. This is changed by setting the timer_slack_ns task attribute to 0 for all tasks with a rt policy. By that, downstream users do not need to specially handle rt tasks (w.r.t. the slack), and the procfs entry shows the correct value of "0". Setting non-zero slack values (either via procfs or PR_SET_TIMERSLACK) on tasks with a rt policy is ignored, as stated in "man 2 PR_SET_TIMERSLACK": Timer slack is not applied to threads that are scheduled under a real-time scheduling policy (see sched_setscheduler(2)). The special handling of timerslack on rt tasks in downstream users is removed as well. Signed-off-by: Felix Moessbauer Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240814121032.368444-2-felix.moessbauer@siemens.com commit 9246b487ab3c3b5993aae7552b7a4c541cc14a49 Author: WangYuli Date: Fri Aug 23 17:57:08 2024 +0800 PCI: Add function 0 DMA alias quirk for Glenfly Arise chip Add DMA support for audio function of Glenfly Arise chip, which uses Requester ID of function 0. Link: https://lore.kernel.org/r/CA2BBD087345B6D1+20240823095708.3237375-1-wangyuli@uniontech.com Signed-off-by: SiyuLi Signed-off-by: WangYuli [bhelgaas: lower-case hex to match local code, drop unused Device IDs] Signed-off-by: Bjorn Helgaas Reviewed-by: Takashi Iwai commit 8a48281cfa7f380707d42b649acda3ea36348697 Author: Kunwu Chan Date: Fri Aug 23 15:42:01 2024 +0800 PCI: Make pci_bus_type constant Since commit d492cc2573a0 ("driver core: device.h: make struct bus_type a const *"), the driver core can properly handle constant struct bus_type, move the pci_bus_type variable to be a constant structure as well, placing it into read-only memory which can not be modified at runtime. Link: https://lore.kernel.org/r/20240823074202.139265-1-kunwu.chan@linux.dev Suggested-by: Greg Kroah-Hartman Signed-off-by: Kunwu Chan Signed-off-by: Bjorn Helgaas Cc: Greg Kroah-Hartman commit ccce71013406a0a3c81850dab940f07b112349d3 Author: Bartosz Golaszewski Date: Wed Aug 14 14:21:18 2024 +0200 mtd: rawnand: davinci: make platform_data private There are no longer any users of the platform data for davinci rawnand in board files. We can remove the public pdata headers and move the structures that are still used into the driver compilation unit while removing the rest. Signed-off-by: Bartosz Golaszewski Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240814122120.13975-1-brgl@bgdev.pl commit 1824520e7477bedf76bd08c32261c755e6405cd9 Author: Daniel Golle Date: Mon Aug 12 02:56:41 2024 +0100 mtd: spinand: set bitflip_threshold to 75% of ECC strength Reporting an unclean read from SPI-NAND only when the maximum number of correctable bitflip errors has been hit seems a bit late. UBI LEB scrubbing, which depends on the lower MTD device reporting correctable bitflips, then only kicks in when it's almost too late. Set bitflip_threshold to 75% of the ECC strength, which is also the default for raw NAND. Signed-off-by: Daniel Golle Reviewed-by: Frieder Schrempf Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/2117e387260b0a96f95b8e1652ff79e0e2d71d53.1723427450.git.daniel@makrotopia.org commit e2a9fcb36e851adb5b25c4acea53a290fd48a636 Author: Robert Marko Date: Mon Aug 5 19:51:02 2024 +0200 mtd: spinand: winbond: add support for W25N01KV Add support for Winbond W25N01KV 1Gbit SPI-NAND. It has 4-bit on-die ECC. Signed-off-by: Robert Marko Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240805175125.6658-1-robimarko@gmail.com commit 175086cf4acdf4ccd3d7a6bb5c5231ececd6656b Author: Yan Zhen Date: Fri Aug 23 19:08:24 2024 +0800 mtd: concat: Use kmemdup_array instead of kmemdup for multiple allocation When we are allocating an array, using kmemdup_array() to take care about multiplication and possible overflows. Also it makes auditing the code easier. Signed-off-by: Yan Zhen Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240823110824.3895787-1-yanzhen@vivo.com commit e334c01df28225139cc831e4871c590a7851b4fc Author: Colin Ian King Date: Thu Aug 22 17:46:32 2024 +0100 mtd: parsers: bcm47xxpart: make read-only array possible_nvram_sizes static const Don't populate the read-only array possible_nvram_sizes on the stack at run time, instead make it static const. Signed-off-by: Colin Ian King Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240822164632.638171-1-colin.i.king@gmail.com commit ea265e483eb3d9750c7cfc642dedd5be31dc22c2 Author: Rob Herring (Arm) Date: Wed Jul 31 13:13:00 2024 -0600 mtd: Use of_property_read_bool() Use of_property_read_bool() to read boolean properties rather than of_get_property(). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240731191312.1710417-22-robh@kernel.org commit 336c218dd7f0588ed8a7345f367975a00a4f003f Author: Mirsad Todorovac Date: Fri Jul 12 01:43:20 2024 +0200 mtd: slram: insert break after errors in parsing the map GCC 12.3.0 compiler on linux-next next-20240709 tree found the execution path in which, due to lazy evaluation, devlength isn't initialised with the parsed string: 289 while (map) { 290 devname = devstart = devlength = NULL; 291 292 if (!(devname = strsep(&map, ","))) { 293 E("slram: No devicename specified.\n"); 294 break; 295 } 296 T("slram: devname = %s\n", devname); 297 if ((!map) || (!(devstart = strsep(&map, ",")))) { 298 E("slram: No devicestart specified.\n"); 299 } 300 T("slram: devstart = %s\n", devstart); → 301 if ((!map) || (!(devlength = strsep(&map, ",")))) { 302 E("slram: No devicelength / -end specified.\n"); 303 } → 304 T("slram: devlength = %s\n", devlength); 305 if (parse_cmdline(devname, devstart, devlength) != 0) { 306 return(-EINVAL); 307 } Parsing should be finished after map == NULL, so a break is best inserted after each E("slram: ... \n") error message. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: Miquel Raynal Cc: Richard Weinberger Cc: Vignesh Raghavendra Cc: linux-mtd@lists.infradead.org Signed-off-by: Mirsad Todorovac Signed-off-by: Miquel Raynal Link: https://lore.kernel.org/linux-mtd/20240711234319.637824-1-mtodorovac69@gmail.com commit f727b13dbea16c5e117e263aa8aea59d632d5660 Author: Andrii Nakryiko Date: Mon Aug 5 21:29:35 2024 -0700 selftests/bpf: add multi-uprobe benchmarks Add multi-uprobe and multi-uretprobe benchmarks to bench tool. Multi- and classic uprobes/uretprobes have different low-level triggering code paths, so it's sometimes important to be able to benchmark both flavors of uprobes/uretprobes. Sample examples from my dev machine below. Single-threaded peformance almost doesn't differ, but with more parallel CPUs triggering the same uprobe/uretprobe the difference grows. This might be due to [0], but given the code is slightly different, there could be other sources of slowdown. Note, all these numbers will change due to ongoing work to improve uprobe/uretprobe scalability (e.g., [1]), but having benchmark like this is useful for measurements and debugging nevertheless. \#!/bin/bash set -eufo pipefail for p in 1 8 16 32; do for i in uprobe-nop uretprobe-nop uprobe-multi-nop uretprobe-multi-nop; do summary=$(sudo ./bench -w1 -d3 -p$p -a trig-$i | tail -n1) total=$(echo "$summary" | cut -d'(' -f1 | cut -d' ' -f3-) percpu=$(echo "$summary" | cut -d'(' -f2 | cut -d')' -f1 | cut -d'/' -f1) printf "%-21s (%2d cpus): %s (%s/s/cpu)\n" $i $p "$total" "$percpu" done echo done uprobe-nop ( 1 cpus): 1.020 ± 0.005M/s ( 1.020M/s/cpu) uretprobe-nop ( 1 cpus): 0.515 ± 0.009M/s ( 0.515M/s/cpu) uprobe-multi-nop ( 1 cpus): 1.036 ± 0.004M/s ( 1.036M/s/cpu) uretprobe-multi-nop ( 1 cpus): 0.512 ± 0.005M/s ( 0.512M/s/cpu) uprobe-nop ( 8 cpus): 3.481 ± 0.030M/s ( 0.435M/s/cpu) uretprobe-nop ( 8 cpus): 2.222 ± 0.008M/s ( 0.278M/s/cpu) uprobe-multi-nop ( 8 cpus): 3.769 ± 0.094M/s ( 0.471M/s/cpu) uretprobe-multi-nop ( 8 cpus): 2.482 ± 0.007M/s ( 0.310M/s/cpu) uprobe-nop (16 cpus): 2.968 ± 0.011M/s ( 0.185M/s/cpu) uretprobe-nop (16 cpus): 1.870 ± 0.002M/s ( 0.117M/s/cpu) uprobe-multi-nop (16 cpus): 3.541 ± 0.037M/s ( 0.221M/s/cpu) uretprobe-multi-nop (16 cpus): 2.123 ± 0.026M/s ( 0.133M/s/cpu) uprobe-nop (32 cpus): 2.524 ± 0.026M/s ( 0.079M/s/cpu) uretprobe-nop (32 cpus): 1.572 ± 0.003M/s ( 0.049M/s/cpu) uprobe-multi-nop (32 cpus): 2.717 ± 0.003M/s ( 0.085M/s/cpu) uretprobe-multi-nop (32 cpus): 1.687 ± 0.007M/s ( 0.053M/s/cpu) [0] https://lore.kernel.org/linux-trace-kernel/20240805202803.1813090-1-andrii@kernel.org/ [1] https://lore.kernel.org/linux-trace-kernel/20240731214256.3588718-1-andrii@kernel.org/ Signed-off-by: Andrii Nakryiko Acked-by: Jiri Olsa Link: https://lore.kernel.org/r/20240806042935.3867862-1-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit 501d94389310bb282915e730386d1150b13ae321 Author: Matthew Brost Date: Tue Aug 20 10:29:58 2024 -0700 drm/xe: Update xe_sa to use xe_managed_bo_create_pin_map Preferred way to create kernel BOs is xe_managed_bo_create_pin_map, use it. Signed-off-by: Matthew Brost Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240820172958.1095143-7-matthew.brost@intel.com commit 6eb2aad402cc94ab4dd3780d8fd94c5c9bb7ed4a Author: Matthew Brost Date: Tue Aug 20 10:29:56 2024 -0700 drm/xe: Move hw_engine_fini to devm managed Kernel BOs are destroyed with GGTT mappings, this is hardware interaction so use devm. Signed-off-by: Matthew Brost Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240820172958.1095143-5-matthew.brost@intel.com commit a323782567812ee925e9b7926445532c7afe331b Author: Matthew Brost Date: Tue Aug 20 10:29:55 2024 -0700 drm/xe: Drop warn on xe_guc_pc_gucrc_disable in guc pc fini Not a big deal if CT is down as driver is unloading, no need to warn. Signed-off-by: Matthew Brost Reviewed-by: Jagmeet Randhawa Link: https://patchwork.freedesktop.org/patch/msgid/20240820172958.1095143-4-matthew.brost@intel.com commit b5de6a5ced074910b8fe57d3b0ab7f8843f85a3a Author: Matthew Brost Date: Tue Aug 20 10:29:54 2024 -0700 drm/xe: Set firmware state to loadable before registering guc_fini_hw The guc_fini_hw registered calls __xe_uc_fw_status which is only expected to be called after initializing fw state. Move this before registering guc_fini_hw. Signed-off-by: Matthew Brost Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240820172958.1095143-3-matthew.brost@intel.com commit 5b993d00d7f0c970a5e5d34c1031069fb13b6986 Author: Matthew Brost Date: Tue Aug 20 10:29:53 2024 -0700 drm/xe: Move ggtt_fini to devm managed ggtt->scratch is destroyed via devm, ggtt_fini sets ggtt->scratch to NULL, ggtt->scratch in GGTT clears, so ensure ggtt->scratch is set NULL before the BO is destroyed. Signed-off-by: Matthew Brost Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240820172958.1095143-2-matthew.brost@intel.com commit 25ebe10e3f4c897a2d348a9d4b674ee9ea28225c Author: Matthew Brost Date: Fri Aug 23 09:22:07 2024 -0700 Revert "drm/xe: Invalidate media_gt TLBs in PT code" This reverts commit 40520283e0fd11237ed9dfc0991503b3403d5fa4. We can't install dma-fence-chain in timeline sync objs. Signed-off-by: Matthew Brost Acked-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240823162207.2168887-1-matthew.brost@intel.com commit 92f6d4130497f2bedfaf86a4e46e890cf8983307 Author: Ilias Stamatis Date: Thu Jul 18 20:35:38 2024 +0100 KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit The following calculation used in coalesced_mmio_has_room() to check whether the ring buffer is full is wrong and results in premature exits if the start of the valid entries is in the first half of the ring buffer. avail = (ring->first - last - 1) % KVM_COALESCED_MMIO_MAX; if (avail == 0) /* full */ Because negative values are handled using two's complement, and KVM computes the result as an unsigned value, the above will get a false positive if "first < last" and the ring is half-full. The above might have worked as expected in python for example: >>> (-86) % 170 84 However it doesn't work the same way in C. printf("avail: %d\n", (-86) % 170); printf("avail: %u\n", (-86) % 170); printf("avail: %u\n", (-86u) % 170u); Using gcc-11 these print: avail: -86 avail: 4294967210 avail: 0 For illustration purposes, given a 4-bit integer and a ring size of 0xA (unsigned), 0xA == 0x1010 == -6, and thus (-6u % 0xA) == 0. Fix the calculation and allow all but one entries in the buffer to be used as originally intended. Note, KVM's behavior is self-healing to some extent, as KVM will allow the entire buffer to be used if ring->first is beyond the halfway point. In other words, in the unlikely scenario that a use case benefits from being able to coalesce more than 86 entries at once, KVM will still provide such behavior, sometimes. Note #2, the % operator in C is not the modulo operator but the remainder operator. Modulo and remainder operators differ with respect to negative values. But, the relevant values in KVM are all unsigned, so it's a moot point in this case anyway. Note #3, this is almost a pure revert of the buggy commit, plus a READ_ONCE() to provide additional safety. Thue buggy commit justified the change with "it paves the way for making this function lockless", but it's not at all clear what was intended, nor is there any evidence that the buggy code was somehow safer. (a) the fields in question were already accessed locklessly, from the perspective that they could be modified by userspace at any time, and (b) the lock guarding the ring itself was changed, but never dropped, i.e. whatever lockless scheme (SRCU?) was planned never landed. Fixes: 105f8d40a737 ("KVM: Calculate available entries in coalesced mmio ring") Signed-off-by: Ilias Stamatis Reviewed-by: Paul Durrant Link: https://lore.kernel.org/r/20240718193543.624039-2-ilstam@amazon.com [sean: rework changelog to clarify behavior, call out weirdness of buggy commit] Signed-off-by: Sean Christopherson commit 811e62c80a879d717f7bd4a293eb2c66ed4560ba Author: Fabio Estevam Date: Thu Aug 8 13:27:50 2024 -0300 pinctrl: imx: Switch to LATE_SYSTEM_SLEEP_PM_OPS() Replace SET_LATE_SYSTEM_SLEEP_PM_OPS() with its modern LATE_SYSTEM_SLEEP_PM_OPS() alternative. The combined usage of pm_sleep_ptr() and LATE_SYSTEM_SLEEP_PM_OPS() allows the compiler to evaluate if the runtime suspend/resume() functions are used at build time or are simply dead code. This allows removing the __maybe_unused notation from the runtime suspend/resume() functions. Signed-off-by: Fabio Estevam Reviewed-by: Peng Fan Link: https://lore.kernel.org/20240808162750.244092-1-festevam@gmail.com Signed-off-by: Linus Walleij commit 8a74a53ebbe3e81f58cfc6080bf23f1d01e215f4 Author: Christophe JAILLET Date: Wed Aug 7 20:05:36 2024 +0200 pinctrl: meson: Constify some structures The following structures are not modified in these drivers. - struct meson_bank - struct meson_pmx_bank - struct meson_pmx_func - struct meson_pmx_group - struct meson_pinctrl_data - struct meson_axg_pmx_data Constifying these structures moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 10818 11696 0 22514 57f2 drivers/pinctrl/meson/pinctrl-amlogic-c3.o 17198 17680 0 34878 883e drivers/pinctrl/meson/pinctrl-amlogic-t7.o 14161 11200 0 25361 6311 drivers/pinctrl/meson/pinctrl-meson8b.o 17348 12512 0 29860 74a4 drivers/pinctrl/meson/pinctrl-meson8.o 3070 324 0 3394 d42 drivers/pinctrl/meson/pinctrl-meson8-pmx.o 9317 9648 0 18965 4a15 drivers/pinctrl/meson/pinctrl-meson-a1.o 12115 11664 0 23779 5ce3 drivers/pinctrl/meson/pinctrl-meson-axg.o 2470 120 0 2590 a1e drivers/pinctrl/meson/pinctrl-meson-axg-pmx.o 15125 15224 0 30349 768d drivers/pinctrl/meson/pinctrl-meson-g12a.o 13800 10160 0 23960 5d98 drivers/pinctrl/meson/pinctrl-meson-gxbb.o 13040 9648 0 22688 58a0 drivers/pinctrl/meson/pinctrl-meson-gxl.o 20507 1132 48 21687 54b7 drivers/pinctrl/meson/pinctrl-meson.o 12212 12880 0 25092 6204 drivers/pinctrl/meson/pinctrl-meson-s4.o After: ===== text data bss dec hex filename 22242 248 0 22490 57da drivers/pinctrl/meson/pinctrl-amlogic-c3.o 34638 248 0 34886 8846 drivers/pinctrl/meson/pinctrl-amlogic-t7.o 25137 232 0 25369 6319 drivers/pinctrl/meson/pinctrl-meson8b.o 29604 232 0 29836 748c drivers/pinctrl/meson/pinctrl-meson8.o 3070 324 0 3394 d42 drivers/pinctrl/meson/pinctrl-meson8-pmx.o 18725 248 0 18973 4a1d drivers/pinctrl/meson/pinctrl-meson-a1.o 23539 248 0 23787 5ceb drivers/pinctrl/meson/pinctrl-meson-axg.o 2470 120 0 2590 a1e drivers/pinctrl/meson/pinctrl-meson-axg-pmx.o 30101 256 0 30357 7695 drivers/pinctrl/meson/pinctrl-meson-g12a.o 23688 248 0 23936 5d80 drivers/pinctrl/meson/pinctrl-meson-gxbb.o 22416 248 0 22664 5888 drivers/pinctrl/meson/pinctrl-meson-gxl.o 20507 1132 48 21687 54b7 drivers/pinctrl/meson/pinctrl-meson.o 24820 248 0 25068 61ec drivers/pinctrl/meson/pinctrl-meson-s4.o Signed-off-by: Christophe JAILLET Reviewed-by: Jerome Brunet Tested-by: Jerome Brunet Link: https://lore.kernel.org/f74e326bd7d48003c06219545bad7c2ef1a84bf8.1723053850.git.christophe.jaillet@wanadoo.fr Signed-off-by: Linus Walleij commit 3a8990b8a778219327c5f8ecf10b5d81377b925a Author: Marc Gonzalez Date: Tue Aug 20 15:27:19 2024 +0200 iommu/arm-smmu-qcom: hide last LPASS SMMU context bank from linux On qcom msm8998, writing to the last context bank of lpass_q6_smmu (base address 0x05100000) produces a system freeze & reboot. The hardware/hypervisor reports 13 context banks for the LPASS SMMU on msm8998, but only the first 12 are accessible... Override the number of context banks [ 2.546101] arm-smmu 5100000.iommu: probing hardware configuration... [ 2.552439] arm-smmu 5100000.iommu: SMMUv2 with: [ 2.558945] arm-smmu 5100000.iommu: stage 1 translation [ 2.563627] arm-smmu 5100000.iommu: address translation ops [ 2.568923] arm-smmu 5100000.iommu: non-coherent table walk [ 2.574566] arm-smmu 5100000.iommu: (IDR0.CTTW overridden by FW configuration) [ 2.580220] arm-smmu 5100000.iommu: stream matching with 12 register groups [ 2.587263] arm-smmu 5100000.iommu: 13 context banks (0 stage-2 only) [ 2.614447] arm-smmu 5100000.iommu: Supported page sizes: 0x63315000 [ 2.621358] arm-smmu 5100000.iommu: Stage-1: 36-bit VA -> 36-bit IPA [ 2.627772] arm-smmu 5100000.iommu: preserved 0 boot mappings Specifically, the crashes occur here: qsmmu->bypass_cbndx = smmu->num_context_banks - 1; arm_smmu_cb_write(smmu, qsmmu->bypass_cbndx, ARM_SMMU_CB_SCTLR, 0); and here: arm_smmu_write_context_bank(smmu, i); arm_smmu_cb_write(smmu, i, ARM_SMMU_CB_FSR, ARM_SMMU_CB_FSR_FAULT); It is likely that FW reserves the last context bank for its own use, thus a simple work-around is: DON'T USE IT in Linux. If we decrease the number of context banks, last one will be "hidden". Signed-off-by: Marc Gonzalez Reviewed-by: Caleb Connolly Reviewed-by: Bjorn Andersson Link: https://lore.kernel.org/r/20240820-smmu-v3-1-2f71483b00ec@freebox.fr Signed-off-by: Will Deacon commit 58a261bfc96763a851cb48b203ed57da37e157b8 Author: Hamza Mahfooz Date: Thu Aug 22 11:58:22 2024 -0400 drm/amd/display: use a more lax vblank enable policy for older ASICs Ideally, we want to drop the legacy vblank enable for older ASICs. This should be possible now, since we can now specify how many frames we need to wait before disabling vblanking instead of being forced to either choose between no delay (which can still be buggy) and drm_vblank_offdelay (which is much longer by default than is required on AMD hardware). Suggested-by: Leo Li Reviewed-by: Harry Wentland Signed-off-by: Hamza Mahfooz Link: https://patchwork.freedesktop.org/patch/msgid/20240822161856.174600-4-hamza.mahfooz@amd.com commit e45b6716de4bf06b628a9f3559f7fc8dd5e94d58 Author: Hamza Mahfooz Date: Tue Aug 20 13:53:23 2024 -0400 drm/amd/display: use a more lax vblank enable policy for DCN35+ Ideally, we want to enable immediate vblank disable, when possible and we should be able to do so on DCN35+, if PSR isn't supported by a given CRTC. Suggested-by: Leo Li Reviewed-by: Harry Wentland Signed-off-by: Hamza Mahfooz Link: https://patchwork.freedesktop.org/patch/msgid/20240822161856.174600-3-hamza.mahfooz@amd.com commit 537ef0f8889761ffe3a6cb4a7bda4de47fe2d69b Author: Hamza Mahfooz Date: Thu Aug 15 14:37:27 2024 -0400 drm/amd/display: use new vblank enable policy for DCN35+ Hook up drm_crtc_vblank_on_config() in amdgpu_dm. So, that we can enable PSR and other static screen optimizations more quickly, while avoiding stuttering issues that are accompanied by the following dmesg error: [drm:dc_dmub_srv_wait_idle [amdgpu]] *ERROR* Error waiting for DMUB idle: status=3 This also allows us to mimic how vblanking is handled by the Windows amdgpu driver. Specifically, we wait two idle frames before disabling the vblank timer there. Reviewed-by: Harry Wentland Signed-off-by: Hamza Mahfooz Link: https://patchwork.freedesktop.org/patch/msgid/20240822161856.174600-2-hamza.mahfooz@amd.com commit 69c6343ed03486c86271c7a4fdd5a2af4637c38b Author: Steven Liu Date: Thu Aug 22 15:53:39 2024 -0400 pinctrl: rockchip: Add rk3576 pinctrl support Add support for the 5 rk3576 GPIO banks. Signed-off-by: Steven Liu Signed-off-by: Detlev Casanova Acked-by: Dragan Simic Reviewed-by: Heiko Stuebner Link: https://lore.kernel.org/20240822195706.920567-5-detlev.casanova@collabora.com Signed-off-by: Linus Walleij commit 123305909e64ac84cf5ff8fdb1ccfbe7527ed35b Author: Detlev Casanova Date: Thu Aug 22 15:53:38 2024 -0400 dt-bindings: pinctrl: Add rk3576 pinctrl support Add the compatible string for the rk3576 SoC. Signed-off-by: Detlev Casanova Acked-by: Krzysztof Kozlowski Reviewed-by: Heiko Stuebner Link: https://lore.kernel.org/20240822195706.920567-4-detlev.casanova@collabora.com Signed-off-by: Linus Walleij commit c801ed86840ec38b2a9bcafeee3d7c9e14c743f3 Author: Kees Cook Date: Tue Jul 16 14:48:23 2024 -0700 interconnect: icc-clk: Add missed num_nodes initialization With the new __counted_by annotation, the "num_nodes" struct member must be set before accessing the "nodes" array. This initialization was done in other places where a new struct icc_onecell_data is allocated, but this case in icc_clk_register() was missed. Set "num_nodes" after allocation. Fixes: dd4904f3b924 ("interconnect: qcom: Annotate struct icc_onecell_data with __counted_by") Signed-off-by: Kees Cook Reviewed-by: Gustavo A. R. Silva Link: https://lore.kernel.org/r/20240716214819.work.328-kees@kernel.org Signed-off-by: Georgi Djakov commit 7d59b1ff7113459ae1bb722d80ae0a809ce22b00 Author: Rayyan Ansari Date: Tue Jul 16 15:47:38 2024 +0100 dt-bindings: interconnect: qcom,rpmh: correct sm8150 camnoc The sm8150 camnoc interconnect was mistakenly documented as "qcom,sm8150-camnoc-noc", for which there is no reference to in drivers or device tree. Correct this to "qcom,sm8150-camnoc-virt". Signed-off-by: Rayyan Ansari Acked-by: Dmitry Baryshkov Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240716144738.109823-1-rayyan.ansari@linaro.org Signed-off-by: Georgi Djakov commit b106492686efcff523425eaf956cb4cb31555a61 Author: Rob Herring (Arm) Date: Wed Jul 31 13:13:01 2024 -0600 pinctrl: mediatek: Use of_property_read_bool() Use of_property_read_bool() to read boolean properties rather than of_find_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Reviewed-by: AngeloGioacchino Del Regno Link: https://lore.kernel.org/20240731191312.1710417-23-robh@kernel.org Signed-off-by: Linus Walleij commit db9e7a83d30821ba50a84e9726099946900abde8 Author: Krishna chaitanya chundru Date: Fri Aug 16 20:47:23 2024 +0530 perf/dwc_pcie: Add support for QCOM vendor devices Update the vendor table with QCOM PCIe vendorid. Signed-off-by: Krishna chaitanya chundru Reviewed-by: Yicong Yang Link: https://lore.kernel.org/r/20240816-dwc_pmu_fix-v2-4-198b8ab1077c@quicinc.com Signed-off-by: Will Deacon commit b94b05478fb6a09033bf70c6edd03f8930a0fe24 Author: Krishna chaitanya chundru Date: Fri Aug 16 20:47:22 2024 +0530 perf/dwc_pcie: Always register for PCIe bus notifier When the PCIe devices are discovered late, the driver can't find the PCIe devices and returns in the init without registering with the bus notifier. Due to that the devices which are discovered late the driver can't register for this. Register for bus notifier & driver even if the device is not found as part of init. Fixes: af9597adc2f1 ("drivers/perf: add DesignWare PCIe PMU driver") Signed-off-by: Krishna chaitanya chundru Reviewed-by: Yicong Yang Link: https://lore.kernel.org/r/20240816-dwc_pmu_fix-v2-3-198b8ab1077c@quicinc.com Signed-off-by: Will Deacon commit 96a37ec98664303e581a24934df4350e3a5c7070 Author: Krishna chaitanya chundru Date: Fri Aug 16 20:47:21 2024 +0530 Documentation: dwc_pcie_pmu: Update bdf to sbdf Update document to reflect the driver change to use sbdf instead of bdf alone. Signed-off-by: Krishna chaitanya chundru Reviewed-by: Yicong Yang Link: https://lore.kernel.org/r/20240816-dwc_pmu_fix-v2-2-198b8ab1077c@quicinc.com Signed-off-by: Will Deacon commit e669388537c472142804eb5a0449cc23d5409694 Author: Krishna chaitanya chundru Date: Fri Aug 16 20:47:20 2024 +0530 perf/dwc_pcie: Fix registration issue in multi PCIe controller instances When there are multiple of instances of PCIe controllers, registration to perf driver fails with this error. sysfs: cannot create duplicate filename '/devices/platform/dwc_pcie_pmu.0' CPU: 0 PID: 166 Comm: modprobe Not tainted 6.10.0-rc2-next-20240607-dirty Hardware name: Qualcomm SA8775P Ride (DT) Call trace: dump_backtrace.part.8+0x98/0xf0 show_stack+0x14/0x1c dump_stack_lvl+0x74/0x88 dump_stack+0x14/0x1c sysfs_warn_dup+0x60/0x78 sysfs_create_dir_ns+0xe8/0x100 kobject_add_internal+0x94/0x224 kobject_add+0xa8/0x118 device_add+0x298/0x7b4 platform_device_add+0x1a0/0x228 platform_device_register_full+0x11c/0x148 dwc_pcie_register_dev+0x74/0xf0 [dwc_pcie_pmu] dwc_pcie_pmu_init+0x7c/0x1000 [dwc_pcie_pmu] do_one_initcall+0x58/0x1c0 do_init_module+0x58/0x208 load_module+0x1804/0x188c __do_sys_init_module+0x18c/0x1f0 __arm64_sys_init_module+0x14/0x1c invoke_syscall+0x40/0xf8 el0_svc_common.constprop.1+0x70/0xf4 do_el0_svc+0x18/0x20 el0_svc+0x28/0xb0 el0t_64_sync_handler+0x9c/0xc0 el0t_64_sync+0x160/0x164 kobject: kobject_add_internal failed for dwc_pcie_pmu.0 with -EEXIST, don't try to register things with the same name in the same directory. This is because of having same bdf value for devices under two different controllers. Update the logic to use sbdf which is a unique number in case of multi instance also. Fixes: af9597adc2f1 ("drivers/perf: add DesignWare PCIe PMU driver") Signed-off-by: Krishna chaitanya chundru Reviewed-by: Yicong Yang Link: https://lore.kernel.org/r/20240816-dwc_pmu_fix-v2-1-198b8ab1077c@quicinc.com Signed-off-by: Will Deacon commit a3dd920977dccc453c550260c4b7605b280b79c3 Author: Jing Zhang Date: Thu Aug 22 11:33:31 2024 +0800 drivers/perf: Fix ali_drw_pmu driver interrupt status clearing The alibaba_uncore_pmu driver forgot to clear all interrupt status in the interrupt processing function. After the PMU counter overflow interrupt occurred, an interrupt storm occurred, causing the system to hang. Therefore, clear the correct interrupt status in the interrupt handling function to fix it. Fixes: cf7b61073e45 ("drivers/perf: add DDR Sub-System Driveway PMU driver for Yitian 710 SoC") Signed-off-by: Jing Zhang Reviewed-by: Shuai Xue Acked-by: Mark Rutland Link: https://lore.kernel.org/r/1724297611-20686-1-git-send-email-renyu.zj@linux.alibaba.com Signed-off-by: Will Deacon commit cb5164ac43d0fc37ac6b45cabbc4d244068289ef Author: Jocelyn Falempe Date: Thu Aug 22 09:33:57 2024 +0200 drm/panic: Add a QR code panic screen This patch adds a new panic screen, with a QR code and the kmsg data embedded. If DRM_PANIC_SCREEN_QR_CODE_URL is set, then the kmsg data will be compressed with zlib and encoded as a numerical segment, and appended to the URL as a URL parameter. This allows to save space, and put about ~7500 bytes of kmsg data, in a V40 QR code. Linux distributions can customize the URL, and put a web frontend to directly open a bug report with the kmsg data. Otherwise the kmsg data will be encoded as a binary segment (ie raw ascii) and only a maximum of 2953 bytes of kmsg data will be available in the QR code. You can also limit the QR code size with DRM_PANIC_SCREEN_QR_VERSION. Signed-off-by: Jocelyn Falempe Reviewed-by: Alice Ryhl Link: https://patchwork.freedesktop.org/patch/msgid/20240822073852.562286-5-jfalempe@redhat.com commit 3376f922bfe070eff762164b3fc66981e3079417 Author: Candice Li Date: Wed Aug 21 13:10:58 2024 +0800 drm/amd/pm: Drop unsupported features on smu v14_0_2 Drop unsupported features on smu v14_0_2. Signed-off-by: Candice Li Reviewed-by: Yang Wang Acked-by: Alex Deucher Signed-off-by: Alex Deucher commit 6ef29715ac06fad7b3e43086cb4df97952c3a4de Author: Xiaogang Chen Date: Fri Aug 23 02:04:09 2024 -0500 drm/amdkfd: Change kfd/svm page fault drain handling When app unmap vm ranges(munmap) kfd/svm starts drain pending page fault and not handle any incoming pages fault of this process until a deferred work item got executed by default system wq. The time period of "not handle page fault" can be long and is unpredicable. That is advese to kfd performance on page faults recovery. This patch uses time stamp of incoming page fault to decide to drop or recover page fault. When app unmap vm ranges kfd records each gpu device's ih ring current time stamp. These time stamps are used at kfd page fault recovery routine. Any page fault happened on unmapped ranges after unmap events is application bug that accesses vm range after unmap. It is not driver work to cover that. By using time stamp of page fault do not need drain page faults at deferred work. So, the time period that kfd does not handle page faults is reduced and can be controlled. Signed-off-by: Xiaogang.Chen Reviewed-by: Philip Yang Signed-off-by: Alex Deucher commit 010cc730ace807c6d267481b5fb6ff99acc35c46 Author: Lijo Lazar Date: Fri Aug 16 14:34:17 2024 +0530 drm/amd/pm: Add support for new P2S table revision Add p2s table support for a new revision of SMUv13.0.6. Signed-off-by: Lijo Lazar Reviewed-by: Hawking Zhang Reviewed-by: Asad Kamal Acked-by: Alex Deucher Signed-off-by: Alex Deucher commit 875ff9a7ee8824200885384effa7743892a34ed6 Author: Likun Gao Date: Thu Aug 22 11:44:12 2024 +0800 drm/amdgpu: support for gc_info table v1.3 Add gc_info table v1.3 for IP discovery. Signed-off-by: Likun Gao Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 73dd0ad9e5dad53766ea3e631303430116f834b3 Author: Ma Ke Date: Wed Aug 21 12:27:24 2024 +0800 drm/amd/display: avoid using null object of framebuffer Instead of using state->fb->obj[0] directly, get object from framebuffer by calling drm_gem_fb_get_obj() and return error code when object is null to avoid using null object of framebuffer. Fixes: 5d945cbcd4b1 ("drm/amd/display: Create a file dedicated to planes") Signed-off-by: Ma Ke Signed-off-by: Alex Deucher commit 4416377ae1fdc41a90b665943152ccd7ff61d3c5 Author: Yang Wang Date: Wed Aug 21 14:42:41 2024 +0800 drm/amdgpu: add list empty check to avoid null pointer issue Add list empty check to avoid null pointer issues in some corner cases. - list_for_each_entry_safe() Signed-off-by: Yang Wang Reviewed-by: Tao Zhou Signed-off-by: Alex Deucher commit 2845f512232de9e436b9e3b5529e906e62414013 Author: Jinjie Ruan Date: Wed Aug 21 14:40:39 2024 +0800 drm/amd/display: Make dcn401_dsc_funcs static The sparse tool complains as follows: drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dcn401/dcn401_dsc.c:30:24: warning: symbol 'dcn401_dsc_funcs' was not declared. Should it be static? This symbol is not used outside of dcn401_dsc.c, so marks it static. Signed-off-by: Jinjie Ruan Signed-off-by: Alex Deucher commit 570867ef90550b01f0ca0f919dba308c3f2fb605 Author: Jinjie Ruan Date: Wed Aug 21 14:40:38 2024 +0800 drm/amd/display: Make dcn35_hubp_funcs static The sparse tool complains as follows: drivers/gpu/drm/amd/amdgpu/../display/dc/hubp/dcn35/dcn35_hubp.c:191:19: warning: symbol 'dcn35_hubp_funcs' was not declared. Should it be static? This symbol is not used outside of dcn35_hubp.c, so marks it static. Signed-off-by: Jinjie Ruan Signed-off-by: Alex Deucher commit 0e405395e0b162075001b9c027443dd10b723a03 Author: Jinjie Ruan Date: Wed Aug 21 14:40:37 2024 +0800 drm/amd/display: Make core_dcn4_ip_caps_base static The sparse tool complains as follows: drivers/gpu/drm/amd/amdgpu/../display/dc/dml2/dml21/src/dml2_core/dml2_core_dcn4.c:12:28: warning: symbol 'core_dcn4_ip_caps_base' was not declared. Should it be static? This symbol is not used outside of dcn35_hubp.c, so marks it static. And do not want to change it, so mark it const. Signed-off-by: Jinjie Ruan Signed-off-by: Alex Deucher commit 988bfa0bc67d7220ff8d9e2ba3a425727aa98af3 Author: Jinjie Ruan Date: Wed Aug 21 14:40:36 2024 +0800 drm/amd/display: Make core_dcn4_g6_temp_read_blackout_table static The sparse tool complains as follows: drivers/gpu/drm/amd/amdgpu/../display/dc/dml2/dml21/src/dml2_core/dml2_core_dcn4_calcs.c:6853:56: warning: symbol 'core_dcn4_g6_temp_read_blackout_table' was not declared. Should it be static? This symbol is not used outside of dml2_core_dcn4_calcs.c, so marks it static. And not want to change it, so mark it const. Signed-off-by: Jinjie Ruan Signed-off-by: Alex Deucher commit 40318a2406bd426c6f4591269669c04e8eda571d Author: Alex Deucher Date: Tue Aug 20 13:11:22 2024 -0400 drm/amdgpu/gfx12: set UNORD_DISPATCH in compute MQDs This needs to be set to 1 to avoid a potential deadlock in the GC 10.x and newer. On GC 9.x and older, this needs to be set to 0. This can lead to hangs in some mixed graphics and compute workloads. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3575 Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit b05d6476ae2dde8eb447f907ab689083499edeaa Author: Hawking Zhang Date: Mon Aug 19 22:59:19 2024 +0800 drm/amdgpu: Retire query_utcl2_poison_status callback Driver switches to interrupt source id to identify utcl2 poison event. polling interface is not needed. Signed-off-by: Hawking Zhang Reviewed-by: Tao Zhou Signed-off-by: Alex Deucher commit 8f4eca6ac52a72181b4f054d4ef6289a5d8cfa5d Author: Jocelyn Falempe Date: Thu Aug 22 09:33:56 2024 +0200 drm/panic: Simplify logo handling Move logo rectangle initialisation, and logo drawing in separate functions, so they can be re-used by different panic screens. It prepares the introduction of the QR code panic screen. Signed-off-by: Jocelyn Falempe Reviewed-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240822073852.562286-4-jfalempe@redhat.com commit 75f0efbc4b3b088cca20864d055b3854a51b5af0 Author: Rahul Jain Date: Tue Aug 13 13:41:11 2024 +0530 drm/amdgpu: Take IOMMU remapping into account for p2p checks when trying to enable p2p the amdgpu_device_is_peer_accessible() checks the condition where address_mask overlaps the aper_base and hence returns 0, due to which the p2p disables for this platform IOMMU should remap the BAR addresses so the device can access them. Hence check if peer_adev is remapping DMA v5: (Felix, Alex) - fixing comment as per Alex feedback - refactor code as per Felix v4: (Alex) - fix the comment and description v3: - remove iommu_remap variable v2: (Alex) - Fix as per review comments - add new function amdgpu_device_check_iommu_remap to check if iommu remap Signed-off-by: Rahul Jain Reviewed-by: Felix Kuehling Signed-off-by: Alex Deucher commit 01bfabc2d1d8aaffe5268f8df0843a6d916dcbaa Author: Kenneth Feng Date: Tue Aug 20 08:57:15 2024 +0800 drm/amd/pm: update message interface for smu v14.0.2/3 update message interface for smu v14.0.2/3 Signed-off-by: Kenneth Feng Reviewed-by: Yang Wang Signed-off-by: Alex Deucher commit e28604d8337eac97fa956d6682b6312741ce85a1 Author: Hawking Zhang Date: Mon Aug 19 22:23:11 2024 +0800 drm/amdkfd: Drop poison hanlding from gfx v10 Not supported. Signed-off-by: Hawking Zhang Reviewed-by: Tao Zhou Signed-off-by: Alex Deucher commit 3cce331ee2a4cc99328757a9bd297ad9a39609e8 Author: Yangyu Chen Date: Wed Aug 7 11:35:18 2024 +0900 drivers/perf: apple_m1: add known PMU events This patch adds known PMU events that can be found on /usr/share/kpep in macOS. The m1_pmu_events and m1_pmu_event_affinity are generated from the script [1], which consumes the plist file from Apple. And then added these events to m1_pmu_perf_map and m1_pmu_event_attrs with Apple's documentation [2]. Link: https://github.com/cyyself/m1-pmu-gen [1] Link: https://developer.apple.com/download/apple-silicon-cpu-optimization-guide/ [2] Signed-off-by: Yangyu Chen Acked-by: Hector Martin Link: https://lore.kernel.org/r/tencent_C5DA658E64B8D13125210C8D707CD8823F08@qq.com Signed-off-by: Will Deacon commit 04e36fd27a2aebb03ef019debc4df247f2a427c6 Author: Yehuda Yitschak Date: Thu Aug 22 17:11:43 2024 +0000 RDMA/efa: Add support for node guid Propagate the unique, per device, ID in the device attributes to the standard node_guid value in IB device. Link: https://patch.msgid.link/r/20240822171143.2800-1-mrgolin@amazon.com Reviewed-by: Yonatan Nachum Signed-off-by: Yehuda Yitschak Signed-off-by: Michael Margolin Signed-off-by: Jason Gunthorpe commit db6341a9168d2a24ded526277eeab29724d76e9d Author: Hawking Zhang Date: Tue Aug 20 13:56:32 2024 +0800 drm/amdkfd: Check int source id for utcl2 poison event Traditional utcl2 fault_status polling does not work in SRIOV environment. The polling of fault status register from guest side will be dropped by hardware. Driver should switch to check utcl2 interrupt source id to identify utcl2 poison event. It is set to 1 when poisoned data interrupts are signaled. v2: drop the unused local variable (Tao) Signed-off-by: Hawking Zhang Reviewed-by: Tao Zhou Signed-off-by: Alex Deucher commit 4ec2caab775606c4bf9d0f026f8942a0b33e2255 Author: Laurent Pinchart Date: Fri Aug 23 00:41:25 2024 +0300 media: v4l2-mc: Mark v4l2_pipeline_link_notify() as deprecated Commit b97213a41140 ("media: v4l2-mc: Make v4l2_pipeline_pm_{get,put} deprecated") marked the v4l2_pipeline_pm_get() and v4l2_pipeline_pm_put() functions as deprecated, but forgot to address the related v4l2_pipeline_link_notify() function similarly. Fix it. Signed-off-by: Laurent Pinchart Acked-by: Sakari Ailus Link: https://lore.kernel.org/r/20240822214125.3161-1-laurent.pinchart+renesas@ideasonboard.com Signed-off-by: Laurent Pinchart commit 4b570ac2eb54f66ff64f2864be6303b8d67cc7f9 Author: Jocelyn Falempe Date: Thu Aug 22 09:33:55 2024 +0200 drm/rect: Add drm_rect_overlap() Check if two rectangles overlap. It's a bit similar to drm_rect_intersect() but this won't modify the rectangle. Simplifies a bit drm_panic. Signed-off-by: Jocelyn Falempe Reviewed-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240822073852.562286-3-jfalempe@redhat.com commit 6133cf70725049344a679f85df27d146a2d995ea Author: Jocelyn Falempe Date: Thu Aug 22 09:33:54 2024 +0200 drm/panic: Add integer scaling to blit() Add a parameter to the blit function, to upscale the image. This is necessary to draw a QR code, otherwise, the pixels are usually too small to be readable by most QR code reader. It can also be used later for drawing fonts on high DPI display. Signed-off-by: Jocelyn Falempe Reviewed-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240822073852.562286-2-jfalempe@redhat.com commit 4e9e07603ecdfd0816838132f354239771c51edd Author: Andrii Nakryiko Date: Tue Aug 6 16:03:19 2024 -0700 selftests/bpf: make use of PROCMAP_QUERY ioctl if available Instead of parsing text-based /proc//maps file, try to use PROCMAP_QUERY ioctl() to simplify and speed up data fetching. This logic is used to do uprobe file offset calculation, so any bugs in this logic would manifest as failing uprobe BPF selftests. This also serves as a simple demonstration of one of the intended uses. Signed-off-by: Andrii Nakryiko Acked-by: Jiri Olsa Link: https://lore.kernel.org/r/20240806230319.869734-1-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit 86dfdd8288907f03c18b7fb462e0e232c4f98d89 Author: Zhu Yanjun Date: Tue Aug 20 13:33:36 2024 +0200 RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency In the commit aee2424246f9 ("RDMA/iwcm: Fix a use-after-free related to destroying CM IDs"), the function flush_workqueue is invoked to flush the work queue iwcm_wq. But at that time, the work queue iwcm_wq was created via the function alloc_ordered_workqueue without the flag WQ_MEM_RECLAIM. Because the current process is trying to flush the whole iwcm_wq, if iwcm_wq doesn't have the flag WQ_MEM_RECLAIM, verify that the current process is not reclaiming memory or running on a workqueue which doesn't have the flag WQ_MEM_RECLAIM as that can break forward-progress guarantee leading to a deadlock. The call trace is as below: [ 125.350876][ T1430] Call Trace: [ 125.356281][ T1430] [ 125.361285][ T1430] ? __warn (kernel/panic.c:693) [ 125.367640][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9)) [ 125.375689][ T1430] ? report_bug (lib/bug.c:180 lib/bug.c:219) [ 125.382505][ T1430] ? handle_bug (arch/x86/kernel/traps.c:239) [ 125.388987][ T1430] ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1)) [ 125.395831][ T1430] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621) [ 125.403125][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9)) [ 125.410984][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9)) [ 125.418764][ T1430] __flush_workqueue (kernel/workqueue.c:3970) [ 125.426021][ T1430] ? __pfx___might_resched (kernel/sched/core.c:10151) [ 125.433431][ T1430] ? destroy_cm_id (drivers/infiniband/core/iwcm.c:375) iw_cm [ 125.441209][ T1430] ? __pfx___flush_workqueue (kernel/workqueue.c:3910) [ 125.473900][ T1430] ? _raw_spin_lock_irqsave (arch/x86/include/asm/atomic.h:107 include/linux/atomic/atomic-arch-fallback.h:2170 include/linux/atomic/atomic-instrumented.h:1302 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:111 kernel/locking/spinlock.c:162) [ 125.473909][ T1430] ? __pfx__raw_spin_lock_irqsave (kernel/locking/spinlock.c:161) [ 125.482537][ T1430] _destroy_id (drivers/infiniband/core/cma.c:2044) rdma_cm [ 125.495072][ T1430] nvme_rdma_free_queue (drivers/nvme/host/rdma.c:656 drivers/nvme/host/rdma.c:650) nvme_rdma [ 125.505827][ T1430] nvme_rdma_reset_ctrl_work (drivers/nvme/host/rdma.c:2180) nvme_rdma [ 125.505831][ T1430] process_one_work (kernel/workqueue.c:3231) [ 125.515122][ T1430] worker_thread (kernel/workqueue.c:3306 kernel/workqueue.c:3393) [ 125.515127][ T1430] ? __pfx_worker_thread (kernel/workqueue.c:3339) [ 125.531837][ T1430] kthread (kernel/kthread.c:389) [ 125.539864][ T1430] ? __pfx_kthread (kernel/kthread.c:342) [ 125.550628][ T1430] ret_from_fork (arch/x86/kernel/process.c:147) [ 125.558840][ T1430] ? __pfx_kthread (kernel/kthread.c:342) [ 125.558844][ T1430] ret_from_fork_asm (arch/x86/entry/entry_64.S:257) [ 125.566487][ T1430] [ 125.566488][ T1430] ---[ end trace 0000000000000000 ]--- Fixes: aee2424246f9 ("RDMA/iwcm: Fix a use-after-free related to destroying CM IDs") Link: https://patch.msgid.link/r/20240820113336.19860-1-yanjun.zhu@linux.dev Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202408151633.fc01893c-oliver.sang@intel.com Tested-by: kernel test robot Signed-off-by: Zhu Yanjun Reviewed-by: Bart Van Assche Signed-off-by: Jason Gunthorpe commit 444948ee12c298b716635e8c4cd66fa5cd541592 Author: zhenwei pi Date: Thu Aug 22 14:52:23 2024 +0800 RDMA/rxe: Fix __bth_set_resv6a __bth_set_resv6a is used to clear BIT [24, 29] of rxe_bth::qpn, the wrong expression leads other BITs into 1. Link: https://patch.msgid.link/r/20240822065223.1117056-4-pizhenwei@bytedance.com Signed-off-by: zhenwei pi Reviewed-by: Zhu Yanjun Signed-off-by: Jason Gunthorpe commit 938aa9a3334881cd817fdb096426d291a73c4d3d Author: zhenwei pi Date: Thu Aug 22 14:52:22 2024 +0800 RDMA/rxe: Fix misspelling of 'rmda' Fix 'rmda' into 'RDMA'. Link: https://patch.msgid.link/r/20240822065223.1117056-3-pizhenwei@bytedance.com Signed-off-by: zhenwei pi Reviewed-by: Zhu Yanjun Signed-off-by: Jason Gunthorpe commit c87c5f47ff72a14001c982d3bc58d7b98ca746c3 Author: zhenwei pi Date: Thu Aug 22 14:52:21 2024 +0800 RDMA/rxe: Use sizeof instead of hard code number Use 'sizeof(union rdma_network_hdr)' instead of hard code GRH length for GSI and UD. Link: https://patch.msgid.link/r/20240822065223.1117056-2-pizhenwei@bytedance.com Signed-off-by: zhenwei pi Reviewed-by: Zhu Yanjun Signed-off-by: Jason Gunthorpe commit ae46d3fc17f960dc2d1399acdc488e27638a71a7 Author: Jinjie Ruan Date: Fri Aug 23 18:18:40 2024 +0800 RDMA/mlx4: Simplify an alloc_ordered_workqueue() invocation Let alloc_ordered_workqueue() format the workqueue name instead of calling snprintf() explicitly. Link: https://patch.msgid.link/r/20240823101840.515398-5-ruanjinjie@huawei.com Signed-off-by: Jinjie Ruan Signed-off-by: Jason Gunthorpe commit 87a55daa67795c5c01fa2c31bba6e784cf0c121b Author: Jinjie Ruan Date: Fri Aug 23 18:18:39 2024 +0800 RDMA/mlx4: Simplify an alloc_ordered_workqueue() invocation Let alloc_ordered_workqueue() format the workqueue name instead of calling snprintf() explicitly. Link: https://patch.msgid.link/r/20240823101840.515398-4-ruanjinjie@huawei.com Signed-off-by: Jinjie Ruan Signed-off-by: Jason Gunthorpe commit 7229d7b64e2e99fc2c7e9bdc8d5c687fad2e9bbb Author: Jinjie Ruan Date: Fri Aug 23 18:18:38 2024 +0800 RDMA/mad: Simplify an alloc_ordered_workqueue() invocation Let alloc_ordered_workqueue() format the workqueue name instead of calling snprintf() explicitly. Link: https://patch.msgid.link/r/20240823101840.515398-3-ruanjinjie@huawei.com Signed-off-by: Jinjie Ruan Signed-off-by: Jason Gunthorpe commit 92c7ad8364b2cad7e3c4842f3a77dda3b6e1fb88 Author: Jinjie Ruan Date: Fri Aug 23 18:18:37 2024 +0800 RDMA/qib: Simplify an alloc_ordered_workqueue() invocation Let alloc_ordered_workqueue() format the workqueue name instead of calling snprintf() explicitly. Link: https://patch.msgid.link/r/20240823101840.515398-2-ruanjinjie@huawei.com Signed-off-by: Jinjie Ruan Signed-off-by: Jason Gunthorpe commit b4406e100347884fb4acaa744bbc01949e74c9f3 Merge: 7559a7a84ef83a 21a56fc503faae Author: Alexei Starovoitov Date: Fri Aug 23 07:29:03 2024 -0700 Merge branch 'follow-up-for-__jited-test-tag' Eduard Zingerman says: ==================== follow up for __jited test tag This patch-set is a collection of follow-ups for "__jited test tag to check disassembly after jit" series (see [1]). First patch is most important: as it turns out, I broke all test_loader based tests for s390 CI. E.g. see log [2] for s390 execution of test_progs, note all 'verivier_*' tests being skipped. This happens because of incorrect handling of corner case when get_current_arch() does not know which architecture to return. Second patch makes matching of function return sequence in verifier_tailcall_jit more flexible: -__jited(" retq") +__jited(" {{(retq|jmp 0x)}}") The difference could be seen with and w/o mitigations=off boot parameter for test VM (CI runs with mitigations=off, hence it generates retq). Third patch addresses Alexei's request to add #define and a comment in jit_disasm_helpers.c. [1] https://lore.kernel.org/bpf/20240820102357.3372779-1-eddyz87@gmail.com/ [2] https://github.com/kernel-patches/bpf/actions/runs/10518445973/job/29144511595 ==================== Link: https://lore.kernel.org/r/20240823080644.263943-1-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit 21a56fc503faae7589167fcd2771ab6dce36ab39 Author: Eduard Zingerman Date: Fri Aug 23 01:06:44 2024 -0700 selftests/bpf: #define LOCAL_LABEL_LEN for jit_disasm_helpers.c Extract local label length as a #define directive and elaborate why 'i % MAX_LOCAL_LABELS' expression is needed for local labels array initialization. Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240823080644.263943-4-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit c52a1e6eb74ffe4f217e9b53ed75440a45b08c4c Author: Eduard Zingerman Date: Fri Aug 23 01:06:43 2024 -0700 selftests/bpf: match both retq/rethunk in verifier_tailcall_jit Depending on kernel parameters, x86 jit generates either retq or jump to rethunk for 'exit' instruction. The difference could be seen when kernel is booted with and without mitigations=off parameter. Relax the verifier_tailcall_jit test case to match both variants. Fixes: e5bdd6a8be78 ("selftests/bpf: validate jit behaviour for tail calls") Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240823080644.263943-3-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit ec1f77f6557b46639fa47c6980ef9d38995c1e05 Author: Eduard Zingerman Date: Fri Aug 23 01:06:42 2024 -0700 selftests/bpf: test_loader.c:get_current_arch() should not return 0 At the moment, when test_loader.c:get_current_arch() can't determine the arch, it returns 0. The arch check in run_subtest() looks as follows: if ((get_current_arch() & spec->arch_mask) == 0) { test__skip(); return; } Which means that all test_loader based tests would be skipped if arch could not be determined. get_current_arch() recognizes x86_64, arm64 and riscv64. Which means that CI skips test_loader tests for s390. Fix this by making sure that get_current_arch() always returns non-zero value. In combination with default spec->arch_mask == -1 this should cover all possibilities. Fixes: f406026fefa7 ("selftests/bpf: by default use arch mask allowing all archs") Fixes: 7d743e4c759c ("selftests/bpf: __jited test tag to check disassembly after jit") Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240823080644.263943-2-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit e9654659fe3c5387f9eafa861d6cc2ad19dd3c5c Author: Rafael J. Wysocki Date: Thu Aug 22 21:27:06 2024 +0200 thermal: core: Drop tz field from struct thermal_instance After recent changes, it is only used for printing a debug message in __thermal_cdev_update() which arguably is not worth preserving. Drop it along with the dev_dbg() statement using it. Link: https://lore.kernel.org/linux-pm/4a8d8f5a-122d-4c26-b8d6-76a65e42216b@linaro.org Signed-off-by: Rafael J. Wysocki Acked-by: Daniel Lezcano Link: https://patch.msgid.link/4934182.GXAFRqVoOG@rjwysocki.net commit 24aad192c671720744a558d38c4033b4b36ba5f1 Author: Rafael J. Wysocki Date: Thu Aug 22 21:26:09 2024 +0200 thermal: core: Drop redundant checks from thermal_bind_cdev_to_trip() Since thermal_bind_cdev_to_trip() is only called by thermal_zone_cdev_binding() under the thermal zone lock and the latter is only called by thermal_zone_device_register_with_trips() and __thermal_cooling_device_register(), under thermal_list_lock in both cases, both lockdep_assert_held() assertions can be dropped from it. Moreover, in both cases thermal_zone_cdev_binding() is called after both tz and cdev have been added to the global lists of thermal zones and cooling device, respectively, so the check against their list nodes in thermal_bind_cdev_to_trip() is redundant and can be dropped either. Link: https://lore.kernel.org/linux-pm/CAJZ5v0jwkc2PB+osSkkYF9vJ1Vpp3MFE=cGQmQ2Xzjb3yjVfJg@mail.gmail.com/ Signed-off-by: Rafael J. Wysocki Acked-by: Daniel Lezcano Link: https://patch.msgid.link/4607540.LvFx2qVVIh@rjwysocki.net commit 91d7ed957eb2e0a13e7d44195b529f49701c5745 Author: Rafael J. Wysocki Date: Thu Aug 22 21:24:35 2024 +0200 thermal: core: Rename cdev-to-thermal-zone bind/unbind functions Rename thermal_zone_cdev_binding() and thermal_zone_cdev_unbinding() to thermal_zone_cdev_bind() and thermal_zone_cdev_unbind(), respectively, to make the naming more consistent with the rest of the code. No functional impact. Link: https://lore.kernel.org/linux-pm/19beefd9-d3f9-4d43-a45d-d241996de2d0@linaro.org/ Signed-off-by: Rafael J. Wysocki Acked-by: Daniel Lezcano Link: https://patch.msgid.link/6093162.lOV4Wx5bFT@rjwysocki.net commit 89dd679303f4b4a76204c2269a7724b545cd84df Author: Niklas Söderlund Date: Thu Jul 4 18:16:19 2024 +0200 dt-bindings: media: renesas,vin: Add binding for V4M Document support for the VIN module in the Renesas V4M (r8a779h0) SoC. This device is compatible with the VIN module on the other Gen4 SoCs. Signed-off-by: Niklas Söderlund Acked-by: Conor Dooley Reviewed-by: Geert Uytterhoeven Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/r/20240704161620.1425409-6-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Laurent Pinchart commit 9a73e931308f89bfecf18787af29a21a92470fa8 Author: Niklas Söderlund Date: Thu Jul 4 18:16:18 2024 +0200 media: rcar-vin: Add family compatible for R-Car Gen4 family Add the Gen4 family compatible. This will be used instead of a SoC specific compatible for the new Gen4 SoC V4M. Two Gen4 boards (V3U and V4H) have already been added prior and their bindings need to be kept for backward compatibility. Signed-off-by: Niklas Söderlund Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/r/20240704161620.1425409-5-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Laurent Pinchart commit 9fba8eb8d55ddd8bb779fee3e36b7d8a6a2924b0 Author: Niklas Söderlund Date: Thu Jul 4 18:16:15 2024 +0200 dt-bindings: media: renesas,vin: Add Gen4 family fallback The Gen4 SoCs V3U, V4H and V4M have a similar video capture pipelines. The datasheets for the SoCs have small nuances around the Pre-Clip registers ELPrC and EPPrC in three use-cases, interlaced images, embedded data and RAW8 input. On V4H the values written to the registers are based on odd numbers while on V4M they are even numbers, values are based on the input image size. No board that uses these SoCs which also have the external peripherals to test these nuances exists. Most likely this is an issue in the datasheet. Before adding bindings for V4M add a family compatible fallback for Gen4. That way the driver only needs to be updated once for Gen4, and we still have the option to fix any problems in the driver if any testable differences between the SoCs are found. There are already DTS files using the V3U and V4H compatibles which need to be updated to not produce a warning for DTS checks. The driver also needs to keep the compatible values to be backward compatible , but for new Gen4 SoCs such as V4M we can avoid this. Signed-off-by: Niklas Söderlund Acked-by: Conor Dooley Reviewed-by: Geert Uytterhoeven Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/r/20240704161620.1425409-2-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Laurent Pinchart commit 4fb5babe965768daf497503f4082e74abd1c0fed Author: Fabio Estevam Date: Wed Aug 7 15:26:10 2024 -0300 media: imx8mq-mipi-csi2: Switch to RUNTIME/SYSTEM_SLEEP_PM_OPS() Replace SET_RUNTIME_PM_OPS()/SET SYSTEM_SLEEP_PM_OPS() with their modern RUNTIME_PM_OPS() and SYSTEM_SLEEP_PM_OPS() alternatives. The combined usage of pm_ptr() and RUNTIME_PM_OPS/SYSTEM_SLEEP_PM_OPS() allows the compiler to evaluate if the runtime suspend/resume() functions are used at build time or are simply dead code. This allows removing the __maybe_unused notation from the runtime suspend/resume() functions.. Signed-off-by: Fabio Estevam Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/r/20240807182610.81244-2-festevam@gmail.com Signed-off-by: Laurent Pinchart commit 4e3972533f8133cdc2ce5da9c46af8fbe14a573f Author: Fabio Estevam Date: Wed Aug 7 15:26:09 2024 -0300 media: imx-mipi-csis: Switch to RUNTIME_PM_OPS() Replace SET_RUNTIME_PM_OPS() with its modern RUNTIME_PM_OPS() alternative. The combined usage of pm_ptr() and RUNTIME_PM_OPS() allows the compiler to evaluate if the runtime suspend/resume() functions are used at build time or are simply dead code. This allows removing the __maybe_unused notation from the runtime suspend/resume() functions. Signed-off-by: Fabio Estevam Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/r/20240807182610.81244-1-festevam@gmail.com Signed-off-by: Laurent Pinchart commit 3f6a2f8768e91cdb69947cb589d0b3a09114be83 Author: Matthias Fend Date: Tue Jul 23 08:09:08 2024 +0200 media: imx-mipi-csis: avoid logging while holding spinlock Refactor mipi_csis_log_counters() to prevent calling dev_info() while IRQs are disabled. This reduces crucial IRQs off time to a bare minimum. Signed-off-by: Matthias Fend Reviewed-by: Rui Miguel Silva Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/r/20240723060909.534584-1-matthias.fend@emfend.at Signed-off-by: Laurent Pinchart commit 8144dbe68c493baa412d78f41a57e90a6461f6c3 Author: Rafael J. Wysocki Date: Thu Aug 22 21:47:36 2024 +0200 thermal: core: Fix rounding of delay jiffies Using round_jiffies() in thermal_set_delay_jiffies() is invalid because its argument should be time in the future in absolute jiffies and it computes the result with respect to the current jiffies value at the invocation time. Fortunately, in the majority of cases it does not make any difference due to the time_is_after_jiffies() check in round_jiffies_common(). While using round_jiffies_relative() instead of round_jiffies() might reflect the intent a bit better, it still would not be defensible because that function should be called when the timer is about to be set and it is not suitable for pre-computation of delay values. Accordingly, drop thermal_set_delay_jiffies() altogether, simply convert polling_delay and passive_delay to jiffies during thermal zone initialization and make thermal_zone_device_set_polling() call round_jiffies_relative() on the delay if it is greather than 1 second. Fixes: 17d399cd9c89 ("thermal/core: Precompute the delays from msecs to jiffies") Fixes: e5f2cda61d06 ("thermal/core: Move thermal_set_delay_jiffies to static") Signed-off-by: Rafael J. Wysocki Reviewed-by: Daniel Lezcano Link: https://patch.msgid.link/1994438.PYKUYFuaPT@rjwysocki.net commit e895a806608a1f95067d27ae3870c9b4c5a236ee Author: Biju Das Date: Thu Aug 22 17:23:16 2024 +0100 arm64: dts: renesas: r9a07g043u: Add DU node Add DU node to RZ/G2UL SoC DTSI. Signed-off-by: Biju Das Reviewed-by: Laurent Pinchart Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240822162320.5084-4-biju.das.jz@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 6ca537aa160ffd2f41cca4af72aeed18c9d41b82 Author: Yoshihiro Shimoda Date: Thu Aug 22 09:44:54 2024 +0900 arm64: dts: renesas: white-hawk-cpu-common: Enable PCIe Host ch0 Enable PCIe Host controller channel 0 on R-Car V4H White Hawk boards. Signed-off-by: Yoshihiro Shimoda Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240822004454.1087582-3-yoshihiro.shimoda.uh@renesas.com Signed-off-by: Geert Uytterhoeven commit 9b3e59b707f25bb959c83313d4ec53c16cf64e54 Author: Yoshihiro Shimoda Date: Thu Aug 22 09:44:53 2024 +0900 arm64: dts: renesas: r8a779g0: Add PCIe Host and Endpoint nodes Add PCIe Host and Endpoint nodes for R-Car V4H (R8A779G0). Signed-off-by: Yoshihiro Shimoda Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240822004454.1087582-2-yoshihiro.shimoda.uh@renesas.com Signed-off-by: Geert Uytterhoeven commit 1670b7cc71dafd8736f47925a93dbae71093059b Author: Claudiu Beznea Date: Tue Aug 20 13:19:18 2024 +0300 arm64: dts: renesas: rzg3s-smarc-som: Enable I2C1 node Enable I2C1 node. Signed-off-by: Claudiu Beznea Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240820101918.2384635-12-claudiu.beznea.uj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 268a99583372a0a2ae93d0969db0bf3f95d74049 Author: Claudiu Beznea Date: Tue Aug 20 13:19:17 2024 +0300 arm64: dts: renesas: rzg3s-smarc: Enable I2C0 node Enable I2C0 node. Signed-off-by: Claudiu Beznea Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240820101918.2384635-11-claudiu.beznea.uj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit a502d6e7840367929e9a4cecc83448f0b52d3276 Author: Claudiu Beznea Date: Tue Aug 20 13:19:16 2024 +0300 arm64: dts: renesas: r9a08g045: Add I2C nodes The Renesas RZ/G3S SoC has 4 I2C channels. Add DT nodes for them. Signed-off-by: Claudiu Beznea Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240820101918.2384635-10-claudiu.beznea.uj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 6bfd974d03a433e7fa9d5444f89851e4e4eb9779 Author: Biju Das Date: Mon Aug 5 14:17:06 2024 +0100 arm64: dts: renesas: r9a07g043u: Add VSPD node Add VSPD node to RZ/G2UL SoC DTSI. Signed-off-by: Biju Das Reviewed-by: Laurent Pinchart Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240805131709.101679-3-biju.das.jz@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit a94a244a5b1a2040611aaaa17fd23dd908bc01ac Author: Biju Das Date: Mon Aug 5 14:17:05 2024 +0100 arm64: dts: renesas: r9a07g043u: Add FCPVD node Add FCPVD node to RZ/G2UL SoC DTSI. Signed-off-by: Biju Das Reviewed-by: Laurent Pinchart Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240805131709.101679-2-biju.das.jz@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit d1b35e6d34e9b46fbf98444dd7aa114c032e9ac0 Author: Yu Jiaoliang Date: Fri Aug 23 10:40:56 2024 +0800 platform/chrome: chromeos_laptop: Use kmemdup_array Let the kememdup_array() take care about multiplication and possible overflows. Signed-off-by: Yu Jiaoliang Link: https://lore.kernel.org/r/20240823024056.3031644-1-yujiaoliang@vivo.com Signed-off-by: Tzung-Bi Shih commit 5e633f572bbae9397ee50347bbe0529894de4137 Author: Shen Lichuan Date: Thu Aug 22 14:14:38 2024 +0800 pinctrl: renesas: Switch to use kmemdup_array() Let kmemdup_array() take care of multiplication and possible overflow. Signed-off-by: Shen Lichuan Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240822061438.14617-1-shenlichuan@vivo.com Signed-off-by: Geert Uytterhoeven commit 0dec2d0c8a7ecf6dec52b8686f722a74f47e01b2 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:30:12 2024 +0200 dt-bindings: clock: renesas,cpg-clocks: Add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clocks and clock-output-names. Signed-off-by: Krzysztof Kozlowski Acked-by: Conor Dooley Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240818173014.122073-3-krzysztof.kozlowski@linaro.org Signed-off-by: Geert Uytterhoeven commit 6b08b4ee5e60d8789aeb87250f718ef14bebb90e Author: Dan Carpenter Date: Fri Aug 23 15:51:36 2024 +0300 powercap: intel_rapl: Change an error pointer to NULL The rapl_find_package_domain_cpuslocked() function is supposed to return NULL on error. This new error patch returns ERR_PTR(-EINVAL) but none of the callers check for that so it would lead to an Oops. Fixes: 26096aed255f ("powercap/intel_rapl: Fix the energy-pkg event for AMD CPUs") Signed-off-by: Dan Carpenter Link: https://patch.msgid.link/fa719c6a-8d3b-4cca-9b43-bcd477ff6655@stanley.mountain Signed-off-by: Rafael J. Wysocki commit 833948fb2b63155847ab691a54800f801555429b Author: Lad Prabhakar Date: Tue Jul 30 13:24:36 2024 +0100 arm64: dts: renesas: r9a07g044: Correct GICD and GICR sizes The RZ/G2L(C) SoC is equipped with the GIC-600. The GICD is 64KiB + 64KiB for the MBI alias (in total 128KiB), and the GICR is 128KiB per CPU. Fixes: 68a45525297b2 ("arm64: dts: renesas: Add initial DTSI for RZ/G2{L,LC} SoC's") Signed-off-by: Lad Prabhakar Link: https://lore.kernel.org/20240730122436.350013-5-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 45afa9eacb59b258d2e53c7f63430ea1e8344803 Author: Lad Prabhakar Date: Tue Jul 30 13:24:35 2024 +0100 arm64: dts: renesas: r9a07g054: Correct GICD and GICR sizes The RZ/V2L SoC is equipped with the GIC-600. The GICD is 64KiB + 64KiB for the MBI alias (in total 128KiB), and the GICR is 128KiB per CPU. Fixes: 7c2b8198f4f32 ("arm64: dts: renesas: Add initial DTSI for RZ/V2L SoC") Signed-off-by: Lad Prabhakar Link: https://lore.kernel.org/20240730122436.350013-4-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit ab39547f739236e7f16b8b0a51fdca95cc9cadd3 Author: Lad Prabhakar Date: Tue Jul 30 13:24:34 2024 +0100 arm64: dts: renesas: r9a07g043u: Correct GICD and GICR sizes The RZ/G2UL SoC is equipped with the GIC-600. The GICD is 64KiB + 64KiB for the MBI alias (in total 128KiB), and the GICR is 128KiB per CPU. Despite the RZ/G2UL SoC being single-core, it has two instances of GICR. Fixes: cf40c9689e510 ("arm64: dts: renesas: Add initial DTSI for RZ/G2UL SoC") Signed-off-by: Lad Prabhakar Link: https://lore.kernel.org/20240730122436.350013-3-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit ec9532628eb9d82282b8e52fd9c4a3800d87feec Author: Lad Prabhakar Date: Tue Jul 30 13:24:33 2024 +0100 arm64: dts: renesas: r9a08g045: Correct GICD and GICR sizes The RZ/G3S SoC is equipped with the GIC-600. The GICD is 64KiB + 64KiB for the MBI alias (in total 128KiB), and the GICR is 128KiB per CPU. Despite the RZ/G3S SoC being single-core, it has two instances of GICR. Fixes: e20396d65b959 ("arm64: dts: renesas: Add initial DTSI for RZ/G3S SoC") Signed-off-by: Lad Prabhakar Link: https://lore.kernel.org/20240730122436.350013-2-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit bdfa062d14b22e36207c219206b2bf770d5363b3 Author: Biju Das Date: Mon Jul 15 15:07:03 2024 +0100 arm64: dts: renesas: r9a07g0{43,44,54}: Move regulator-vbus device node Move regulator-vbus device node from common to the usbphy-ctrl device node of the individual SoC dtsi's as it embeds the vbus regulator. Signed-off-by: Biju Das Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240715140705.334183-1-biju.das.jz@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 18749317d12e12095c5b4cb1634c93a14585bfba Author: Rafael J. Wysocki Date: Wed Aug 21 17:26:28 2024 +0200 thermal: core: Clean up trip bind/unbind functions Make thermal_bind_cdev_to_trip() take a struct cooling_spec pointer to reduce the number of its arguments, change the return type of thermal_unbind_cdev_from_trip() to void and rearrange the code in thermal_zone_cdev_binding() to reduce the indentation level. No intentional functional impact. Signed-off-by: Rafael J. Wysocki Reviewed-by: Zhang Rui Acked-by: Huisong Li Reviewed-by: Daniel Lezcano Link: https://patch.msgid.link/1831773.TLkxdtWsSY@rjwysocki.net [ rjw: Changed the name of a new function argument ] Signed-off-by: Rafael J. Wysocki commit c579286a514d88a3f0d3bdabfd4d88737b33cb17 Author: Rafael J. Wysocki Date: Mon Aug 19 18:31:33 2024 +0200 thermal: core: Drop unused bind/unbind functions and callbacks There are no more callers of thermal_zone_bind_cooling_device() and thermal_zone_unbind_cooling_device(), so drop them along with all of the corresponding headers, code and documentation. Moreover, because the .bind() and .unbind() thermal zone callbacks would only be used when the above functions, respectively, were called, drop them as well along with all of the code related to them. Signed-off-by: Rafael J. Wysocki Reviewed-by: Zhang Rui Acked-by: Huisong Li Reviewed-by: Daniel Lezcano Link: https://patch.msgid.link/4251116.1IzOArtZ34@rjwysocki.net commit 94c6110b0b13c641614689cd2ea502bf16f4d4b1 Author: Rafael J. Wysocki Date: Fri Aug 23 15:35:01 2024 +0200 thermal/of: Use the .should_bind() thermal zone callback Make the thermal_of driver use the .should_bind() thermal zone callback to provide the thermal core with the information on whether or not to bind the given cooling device to the given trip point in the given thermal zone. If it returns 'true', the thermal core will bind the cooling device to the trip and the corresponding unbinding will be taken care of automatically by the core on the removal of the involved thermal zone or cooling device. This replaces the .bind() and .unbind() thermal zone callbacks which assumed the same trip points ordering in the driver and in the thermal core (that may not be true any more in the future). The .bind() callback would walk the given thermal zone's cooling maps to find all of the valid trip point combinations with the given cooling device and it would call thermal_zone_bind_cooling_device() for all of them using trip point indices reflecting the ordering of the trips in the DT. The .should_bind() callback still walks the thermal zone's cooling maps, but it can use the trip object passed to it by the thermal core to find the trip in question in the first place and then it uses the corresponding 'cooling-device' entries to look up the given cooling device. To be able to match the trip object provided by the thermal core to a specific device node, the driver sets the 'priv' field of each trip to the corresponding device node pointer during initialization. Signed-off-by: Rafael J. Wysocki Reviewed-by: Daniel Lezcano Tested-by: Daniel Lezcano # rk3399-rock960 Link: https://patch.msgid.link/2236794.NgBsaNRSFp@rjwysocki.net [ rjw: Removed excessive of_node_put() ] Signed-off-by: Rafael J. Wysocki commit 3d8e475bd7a724a97cffebcaae7230abae2ca170 Author: Niklas Söderlund Date: Mon Jul 1 16:50:12 2024 +0200 arm64: dts: renesas: white-hawk-single: Wire-up Ethernet TSN On the V4H White Hawk Single board as opposed to the Quad board the Ethernet TSN is wired up to a PHY (Marvel 88Q2110/QFN40). Wire up the connection and enable the TSN0. Signed-off-by: Niklas Söderlund Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240701145012.2342868-3-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Geert Uytterhoeven commit c7b4d6e7fa837e70f463c6e83a0d0e5e201f85db Author: Niklas Söderlund Date: Mon Jul 1 16:50:11 2024 +0200 arm64: dts: renesas: r8a779g0: R-Car Ethernet TSN support Add Ethernet TSN support for R-Car V4H. Signed-off-by: Niklas Söderlund Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240701145012.2342868-2-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Geert Uytterhoeven commit 39dbbd4e6778ac5580313ba34409855250633c61 Author: Shen Lichuan Date: Fri Aug 23 19:44:41 2024 +0800 pinctrl: samsung: Use kmemdup_array instead of kmemdup for multiple allocation Let the kmemdup_array() take care about multiplication and possible overflows. Using kmemdup_array() is more appropriate and makes the code easier to audit. Signed-off-by: Shen Lichuan Link: https://lore.kernel.org/r/20240823114441.50648-1-shenlichuan@vivo.com Signed-off-by: Krzysztof Kozlowski commit f9db28bb09f46087580f2a8da54bb0aab59a8024 Merge: b34a6e73faf68e fb8e83cf443a98 Author: David S. Miller Date: Fri Aug 23 14:27:46 2024 +0100 Merge branch 'net-redundant-judgments' Li Zetao says: ==================== net: Delete some redundant judgments This patchset aims to remove some unnecessary judgments and make the code more concise. In some network modules, rtnl_set_sk_err is used to record error information, but the err is repeatedly judged to be less than 0 on the error path. Deleted these redundant judgments. No functional change intended. ==================== Signed-off-by: David S. Miller commit fb8e83cf443a98297cd15b58b5529f8d259b22f5 Author: Li Zetao Date: Thu Aug 22 12:32:52 2024 +0800 net: mpls: delete redundant judgment statements The initial value of err is -ENOBUFS, and err is guaranteed to be less than 0 before all goto errout. Therefore, on the error path of errout, there is no need to repeatedly judge that err is less than 0, and delete redundant judgments to make the code more concise. Signed-off-by: Li Zetao Reviewed-by: Petr Machata Signed-off-by: David S. Miller commit cd9ebde125bf77e22ba0c47e3ac657b993089a55 Author: Li Zetao Date: Thu Aug 22 12:32:51 2024 +0800 net/ipv6: delete redundant judgment statements The initial value of err is -ENOBUFS, and err is guaranteed to be less than 0 before all goto errout. Therefore, on the error path of errout, there is no need to repeatedly judge that err is less than 0, and delete redundant judgments to make the code more concise. Signed-off-by: Li Zetao Reviewed-by: Petr Machata Signed-off-by: David S. Miller commit aa32799c017b881a79cb1b9263419626fc9a5f66 Author: Li Zetao Date: Thu Aug 22 12:32:50 2024 +0800 ip6mr: delete redundant judgment statements The initial value of err is -ENOBUFS, and err is guaranteed to be less than 0 before all goto errout. Therefore, on the error path of errout, there is no need to repeatedly judge that err is less than 0, and delete redundant judgments to make the code more concise. Signed-off-by: Li Zetao Reviewed-by: Petr Machata Signed-off-by: David S. Miller commit 649c3c9b8e448f41f6249abcfe9a670a80fac7f7 Author: Li Zetao Date: Thu Aug 22 12:32:49 2024 +0800 net: nexthop: delete redundant judgment statements The initial value of err is -ENOBUFS, and err is guaranteed to be less than 0 before all goto errout. Therefore, on the error path of errout, there is no need to repeatedly judge that err is less than 0, and delete redundant judgments to make the code more concise. Signed-off-by: Li Zetao Reviewed-by: Petr Machata Signed-off-by: David S. Miller commit ebe39f95bc8138eedaba9adaa5a4d7bfe98a9806 Author: Li Zetao Date: Thu Aug 22 12:32:48 2024 +0800 ipmr: delete redundant judgment statements The initial value of err is -ENOBUFS, and err is guaranteed to be less than 0 before all goto errout. Therefore, on the error path of errout, there is no need to repeatedly judge that err is less than 0, and delete redundant judgments to make the code more concise. Signed-off-by: Li Zetao Reviewed-by: Petr Machata Signed-off-by: David S. Miller commit 4c180887775f3e3fb46b9e447cf3ea539286919d Author: Li Zetao Date: Thu Aug 22 12:32:47 2024 +0800 ipv4: delete redundant judgment statements The initial value of err is -ENOBUFS, and err is guaranteed to be less than 0 before all goto errout. Therefore, on the error path of errout, there is no need to repeatedly judge that err is less than 0, and delete redundant judgments to make the code more concise. Signed-off-by: Li Zetao Reviewed-by: Petr Machata Signed-off-by: David S. Miller commit 2d522384fb5b8187cb7f8fe7d05c119ac38fd8f3 Author: Li Zetao Date: Thu Aug 22 12:32:46 2024 +0800 rtnetlink: delete redundant judgment statements The initial value of err is -ENOBUFS, and err is guaranteed to be less than 0 before all goto errout. Therefore, on the error path of errout, there is no need to repeatedly judge that err is less than 0, and delete redundant judgments to make the code more concise. Signed-off-by: Li Zetao Reviewed-by: Petr Machata Signed-off-by: David S. Miller commit c25bdd2ac8cf7da70a226f1a66cdce7af15ff86f Author: Li Zetao Date: Thu Aug 22 12:32:45 2024 +0800 neighbour: delete redundant judgment statements The initial value of err is -ENOBUFS, and err is guaranteed to be less than 0 before all goto errout. Therefore, on the error path of errout, there is no need to repeatedly judge that err is less than 0, and delete redundant judgments to make the code more concise. Signed-off-by: Li Zetao Reviewed-by: Petr Machata Signed-off-by: David S. Miller commit 41aa426392be26865a8a774df3e5ec4c56a98b26 Author: Li Zetao Date: Thu Aug 22 12:32:44 2024 +0800 fib: rules: delete redundant judgment statements The initial value of err is -ENOMEM, and err is guaranteed to be less than 0 before all goto errout. Therefore, on the error path of errout, there is no need to repeatedly judge that err is less than 0, and delete redundant judgments to make the code more concise. Signed-off-by: Li Zetao Reviewed-by: Petr Machata Signed-off-by: David S. Miller commit 6ef1ca2d14f2a78a83dfd40e34f53e8d5c1c0b4b Author: Li Zetao Date: Thu Aug 22 12:32:43 2024 +0800 net: vxlan: delete redundant judgment statements The initial value of err is -ENOBUFS, and err is guaranteed to be less than 0 before all goto errout. Therefore, on the error path of errout, there is no need to repeatedly judge that err is less than 0, and delete redundant judgments to make the code more concise. Signed-off-by: Li Zetao Reviewed-by: Petr Machata Signed-off-by: David S. Miller commit 07668fb0f867388bfdac0b60dbf51a4ad789f8e7 Author: Biju Das Date: Wed Jul 31 17:49:32 2024 +0100 media: platform: rzg2l-cru: rzg2l-csi2: Add missing MODULE_DEVICE_TABLE The rzg2l-csi2 driver can be compiled as a module, but lacks MODULE_DEVICE_TABLE() and will therefore not be loaded automatically. Fix this. Fixes: 51e8415e39a9 ("media: platform: Add Renesas RZ/G2L MIPI CSI-2 receiver driver") Signed-off-by: Biju Das Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/r/20240731164935.308994-1-biju.das.jz@bp.renesas.com Signed-off-by: Laurent Pinchart commit b34a6e73faf68e4987f7a2037af4be1e89b91b17 Merge: 761d527d5d0036 db31e09d517bac Author: David S. Miller Date: Fri Aug 23 13:04:35 2024 +0100 Merge branch 'phy-listing-and-topology-tracking' Maxime Chevallier says: ==================== Introduce PHY listing and link_topology tracking This is V18 of the phy_link_topology series, aiming at improving support for multiple PHYs being attached to the same MAC. V18 is a simple rebase of the V17 on top of net-next, gathering the tested-by and reviewed-by tags from Christophe (thanks !). This iteration is also one patch shorter than V17 (patch 12/14 in V17 is gone), as one of the patches used to fix an issue that has now been resolved by Simon Horman in 743ff02152bc ethtool: Don't check for NULL info in prepare_data callbacks As a remainder, here's what the PHY listings would look like : - eth0 has a 88x3310 acting as media converter, and an SFP module with an embedded 88e1111 PHY - eth2 has a 88e1510 PHY PHY for eth0: PHY index: 1 Driver name: mv88x3310 PHY device name: f212a600.mdio-mii:00 Downstream SFP bus name: sfp-eth0 Upstream type: MAC PHY for eth0: PHY index: 2 Driver name: Marvell 88E1111 PHY device name: i2c:sfp-eth0:16 Upstream type: PHY Upstream PHY index: 1 Upstream SFP name: sfp-eth0 PHY for eth2: PHY index: 1 Driver name: Marvell 88E1510 PHY device name: f212a200.mdio-mii:00 Upstream type: MAC Ethtool patches : https://github.com/minimaxwell/ethtool/tree/mc/topo-v16 (this branch is compatible with this V18 series) Link to V17: https://lore.kernel.org/netdev/20240709063039.2909536-1-maxime.chevallier@bootlin.com/ Link to V16: https://lore.kernel.org/netdev/20240705132706.13588-1-maxime.chevallier@bootlin.com/ Link to V15: https://lore.kernel.org/netdev/20240703140806.271938-1-maxime.chevallier@bootlin.com/ Link to V14: https://lore.kernel.org/netdev/20240701131801.1227740-1-maxime.chevallier@bootlin.com/ Link to V13: https://lore.kernel.org/netdev/20240607071836.911403-1-maxime.chevallier@bootlin.com/ Link to v12: https://lore.kernel.org/netdev/20240605124920.720690-1-maxime.chevallier@bootlin.com/ Link to v11: https://lore.kernel.org/netdev/20240404093004.2552221-1-maxime.chevallier@bootlin.com/ Link to V10: https://lore.kernel.org/netdev/20240304151011.1610175-1-maxime.chevallier@bootlin.com/ Link to V9: https://lore.kernel.org/netdev/20240228114728.51861-1-maxime.chevallier@bootlin.com/ Link to V8: https://lore.kernel.org/netdev/20240220184217.3689988-1-maxime.chevallier@bootlin.com/ Link to V7: https://lore.kernel.org/netdev/20240213150431.1796171-1-maxime.chevallier@bootlin.com/ Link to V6: https://lore.kernel.org/netdev/20240126183851.2081418-1-maxime.chevallier@bootlin.com/ Link to V5: https://lore.kernel.org/netdev/20231221180047.1924733-1-maxime.chevallier@bootlin.com/ Link to V4: https://lore.kernel.org/netdev/20231215171237.1152563-1-maxime.chevallier@bootlin.com/ Link to V3: https://lore.kernel.org/netdev/20231201163704.1306431-1-maxime.chevallier@bootlin.com/ Link to V2: https://lore.kernel.org/netdev/20231117162323.626979-1-maxime.chevallier@bootlin.com/ Link to V1: https://lore.kernel.org/netdev/20230907092407.647139-1-maxime.chevallier@bootlin.com/ More discussions on specific issues that happened in 6.9-rc: https://lore.kernel.org/netdev/20240412104615.3779632-1-maxime.chevallier@bootlin.com/ https://lore.kernel.org/netdev/20240429131008.439231-1-maxime.chevallier@bootlin.com/ https://lore.kernel.org/netdev/20240507102822.2023826-1-maxime.chevallier@bootlin.com/ ==================== Signed-off-by: David S. Miller commit db31e09d517bac2ac7314d8c5749ee2cb2b50ef2 Author: Maxime Chevallier Date: Wed Aug 21 17:10:07 2024 +0200 Documentation: networking: document phy_link_topology The newly introduced phy_link_topology tracks all ethernet PHYs that are attached to a netdevice. Document the base principle, internal and external APIs. As the phy_link_topology is expected to be extended, this documentation will hold any further improvements and additions made relative to topology handling. Signed-off-by: Maxime Chevallier Reviewed-by: Andrew Lunn Reviewed-by: Christophe Leroy Tested-by: Christophe Leroy Signed-off-by: David S. Miller commit e96c93aa4be971276f9340fa74e84ae62701f2f0 Author: Maxime Chevallier Date: Wed Aug 21 17:10:06 2024 +0200 net: ethtool: strset: Allow querying phy stats by index The ETH_SS_PHY_STATS command gets PHY statistics. Use the phydev pointer from the ethnl request to allow query phy stats from each PHY on the link. Signed-off-by: Maxime Chevallier Reviewed-by: Christophe Leroy Tested-by: Christophe Leroy Signed-off-by: David S. Miller commit 3688ff3077d3f334cee1d4b61d8bfb6a9508c2d2 Author: Maxime Chevallier Date: Wed Aug 21 17:10:05 2024 +0200 net: ethtool: cable-test: Target the command to the requested PHY Cable testing is a PHY-specific command. Instead of targeting the command towards dev->phydev, use the request to pick the targeted PHY. Signed-off-by: Maxime Chevallier Reviewed-by: Christophe Leroy Tested-by: Christophe Leroy Signed-off-by: David S. Miller commit 31748765bed3fb7cebf4a32b43a6fdf91b9c23de Author: Maxime Chevallier Date: Wed Aug 21 17:10:04 2024 +0200 net: ethtool: pse-pd: Target the command to the requested PHY PSE and PD configuration is a PHY-specific command. Instead of targeting the command towards dev->phydev, use the request to pick the targeted PHY device. As we don't get the PHY directly from the netdev's attached phydev, also adjust the error messages. Signed-off-by: Maxime Chevallier Reviewed-by: Christophe Leroy Tested-by: Christophe Leroy Signed-off-by: David S. Miller commit 02180fb525bac8c259c3b7271ddfa498d47c5dcc Author: Maxime Chevallier Date: Wed Aug 21 17:10:03 2024 +0200 net: ethtool: plca: Target the command to the requested PHY PLCA is a PHY-specific command. Instead of targeting the command towards dev->phydev, use the request to pick the targeted PHY. Signed-off-by: Maxime Chevallier Reviewed-by: Christophe Leroy Tested-by: Christophe Leroy Signed-off-by: David S. Miller commit d3d9a3e48a63eec82082a7ef76f5d5b6d339933f Author: Maxime Chevallier Date: Wed Aug 21 17:10:02 2024 +0200 netlink: specs: add ethnl PHY_GET command set The PHY_GET command, supporting both DUMP and GET operations, is used to retrieve the list of PHYs connected to a netdevice, and get topology information to know where exactly it sits on the physical link. Add the netlink specs corresponding to that command. Signed-off-by: Maxime Chevallier Reviewed-by: Christophe Leroy Tested-by: Christophe Leroy Signed-off-by: David S. Miller commit 17194be4c8e1e82d8b484e58cdcb495c0714d1fd Author: Maxime Chevallier Date: Wed Aug 21 17:10:01 2024 +0200 net: ethtool: Introduce a command to list PHYs on an interface As we have the ability to track the PHYs connected to a net_device through the link_topology, we can expose this list to userspace. This allows userspace to use these identifiers for phy-specific commands and take the decision of which PHY to target by knowing the link topology. Add PHY_GET and PHY_DUMP, which can be a filtered DUMP operation to list devices on only one interface. Signed-off-by: Maxime Chevallier Reviewed-by: Christophe Leroy Tested-by: Christophe Leroy Signed-off-by: David S. Miller commit 9af0e89d6c2433afd3e5e7cc52c7592ef23526c0 Author: Maxime Chevallier Date: Wed Aug 21 17:10:00 2024 +0200 netlink: specs: add phy-index as a header parameter Update the spec to take the newly introduced phy-index as a generic request parameter. Signed-off-by: Maxime Chevallier Reviewed-by: Andrew Lunn Reviewed-by: Christophe Leroy Tested-by: Christophe Leroy Signed-off-by: David S. Miller commit c15e065b46dc4e19837275b826c1960d55564abd Author: Maxime Chevallier Date: Wed Aug 21 17:09:59 2024 +0200 net: ethtool: Allow passing a phy index for some commands Some netlink commands are target towards ethernet PHYs, to control some of their features. As there's several such commands, add the ability to pass a PHY index in the ethnl request, which will populate the generic ethnl_req_info with the passed phy_index. Add a helper that netlink command handlers need to use to grab the targeted PHY from the req_info. This helper needs to hold rtnl_lock() while interacting with the PHY, as it may be removed at any point. Signed-off-by: Maxime Chevallier Reviewed-by: Christophe Leroy Tested-by: Christophe Leroy Signed-off-by: David S. Miller commit 0a2f7de0f3b96c4a30e56d2c79f8d812f89599a1 Author: Maxime Chevallier Date: Wed Aug 21 17:09:58 2024 +0200 net: sfp: Add helper to return the SFP bus name Knowing the bus name is helpful when we want to expose the link topology to userspace, add a helper to return the SFP bus name. This call will always be made while holding the RTNL which ensures that the SFP driver won't unbind from the device. The returned pointer to the bus name will only be used while RTNL is held. Signed-off-by: Maxime Chevallier Suggested-by: "Russell King (Oracle)" Reviewed-by: Christophe Leroy Tested-by: Christophe Leroy Signed-off-by: David S. Miller commit b2db6f4ace72e71fa09b8d1354f8ac9854140d74 Author: Maxime Chevallier Date: Wed Aug 21 17:09:57 2024 +0200 net: phy: add helpers to handle sfp phy connect/disconnect There are a few PHY drivers that can handle SFP modules through their sfp_upstream_ops. Introduce Phylib helpers to keep track of connected SFP PHYs in a netdevice's namespace, by adding the SFP PHY to the upstream PHY's netdev's namespace. By doing so, these SFP PHYs can be enumerated and exposed to users, which will be able to use their capabilities. Signed-off-by: Maxime Chevallier Reviewed-by: Andrew Lunn Reviewed-by: Christophe Leroy Tested-by: Christophe Leroy Signed-off-by: David S. Miller commit 4d76f115ab9121f4458330da962ae9ef5430e60b Author: Maxime Chevallier Date: Wed Aug 21 17:09:56 2024 +0200 net: sfp: pass the phy_device when disconnecting an sfp module's PHY Pass the phy_device as a parameter to the sfp upstream .disconnect_phy operation. This is preparatory work to help track phy devices across a net_device's link. Signed-off-by: Maxime Chevallier Reviewed-by: Andrew Lunn Reviewed-by: Christophe Leroy Tested-by: Christophe Leroy Signed-off-by: David S. Miller commit 3849687869092094003ba009dc00e2e0237a3b8a Author: Maxime Chevallier Date: Wed Aug 21 17:09:55 2024 +0200 net: phy: Introduce ethernet link topology representation Link topologies containing multiple network PHYs attached to the same net_device can be found when using a PHY as a media converter for use with an SFP connector, on which an SFP transceiver containing a PHY can be used. With the current model, the transceiver's PHY can't be used for operations such as cable testing, timestamping, macsec offload, etc. The reason being that most of the logic for these configuration, coming from either ethtool netlink or ioctls tend to use netdev->phydev, which in multi-phy systems will reference the PHY closest to the MAC. Introduce a numbering scheme allowing to enumerate PHY devices that belong to any netdev, which can in turn allow userspace to take more precise decisions with regard to each PHY's configuration. The numbering is maintained per-netdev, in a phy_device_list. The numbering works similarly to a netdevice's ifindex, with identifiers that are only recycled once INT_MAX has been reached. This prevents races that could occur between PHY listing and SFP transceiver removal/insertion. The identifiers are assigned at phy_attach time, as the numbering depends on the netdevice the phy is attached to. The PHY index can be re-used for PHYs that are persistent. Signed-off-by: Maxime Chevallier Reviewed-by: Christophe Leroy Tested-by: Christophe Leroy Signed-off-by: David S. Miller commit 26cfdb395eefdb2d34e51184d8466ee04a1618d5 Author: Pankaj Raghav Date: Thu Aug 22 15:50:11 2024 +0200 readahead: allocate folios with mapping_min_order in readahead page_cache_ra_unbounded() was allocating single pages (0 order folios) if there was no folio found in an index. Allocate mapping_min_order folios as we need to guarantee the minimum order if it is set. page_cache_ra_order() tries to allocate folio to the page cache with a higher order if the index aligns with that order. Modify it so that the order does not go below the mapping_min_order requirement of the page cache. This function will do the right thing even if the new_order passed is less than the mapping_min_order. When adding new folios to the page cache we must also ensure the index used is aligned to the mapping_min_order as the page cache requires the index to be aligned to the order of the folio. readahead_expand() is called from readahead aops to extend the range of the readahead so this function can assume ractl->_index to be aligned with min_order. Signed-off-by: Pankaj Raghav Co-developed-by: Hannes Reinecke Signed-off-by: Hannes Reinecke Link: https://lore.kernel.org/r/20240822135018.1931258-4-kernel@pankajraghav.com Tested-by: David Howells Acked-by: Darrick J. Wong Reviewed-by: Darrick J. Wong Reviewed-by: Daniel Gomez Reviewed-by: Dave Chinner Reviewed-by: Hannes Reinecke Signed-off-by: Christian Brauner commit ab95d23bab220ef845c0d422f49452a475330eaf Author: Pankaj Raghav Date: Thu Aug 22 15:50:10 2024 +0200 filemap: allocate mapping_min_order folios in the page cache filemap_create_folio() and do_read_cache_folio() were always allocating folio of order 0. __filemap_get_folio was trying to allocate higher order folios when fgp_flags had higher order hint set but it will default to order 0 folio if higher order memory allocation fails. Supporting mapping_min_order implies that we guarantee each folio in the page cache has at least an order of mapping_min_order. When adding new folios to the page cache we must also ensure the index used is aligned to the mapping_min_order as the page cache requires the index to be aligned to the order of the folio. Co-developed-by: Luis Chamberlain Signed-off-by: Luis Chamberlain Signed-off-by: Pankaj Raghav Link: https://lore.kernel.org/r/20240822135018.1931258-3-kernel@pankajraghav.com Tested-by: David Howells Reviewed-by: Hannes Reinecke Reviewed-by: Darrick J. Wong Reviewed-by: Matthew Wilcox (Oracle) Reviewed-by: Daniel Gomez Reviewed-by: Dave Chinner Signed-off-by: Christian Brauner commit 84429b675bcfd2a518ae167ee4661cdf7539aa7d Author: Matthew Wilcox (Oracle) Date: Thu Aug 22 15:50:09 2024 +0200 fs: Allow fine-grained control of folio sizes We need filesystems to be able to communicate acceptable folio sizes to the pagecache for a variety of uses (e.g. large block sizes). Support a range of folio sizes between order-0 and order-31. Signed-off-by: Matthew Wilcox (Oracle) Co-developed-by: Pankaj Raghav Signed-off-by: Pankaj Raghav Link: https://lore.kernel.org/r/20240822135018.1931258-2-kernel@pankajraghav.com Tested-by: David Howells Reviewed-by: Hannes Reinecke Reviewed-by: Darrick J. Wong Reviewed-by: Daniel Gomez Signed-off-by: Christian Brauner commit 84e0e03b308816a48c67f6da2168fcea6d49eda8 Author: Phillip Lougher Date: Fri Aug 23 00:31:06 2024 +0100 Squashfs: Ensure all readahead pages have been used In the recent work to remove page->index, a sanity check that ensured all the readhead pages were covered by the Squashfs data block was removed [1]. To avoid any regression, this commit adds the sanity check back in an equivalent way. Namely the page actor will now return error if any pages are unused after completion. [1] https://lore.kernel.org/all/20240818235847.170468-3-phillip@squashfs.org.uk/ -- Signed-off-by: Phillip Lougher Link: https://lore.kernel.org/r/20240822233106.121522-1-phillip@squashfs.org.uk V3: last_page should be actor->last_page Signed-off-by: Christian Brauner commit fdfa588124b6356cd08e5d3f0c3643c4ec3d6887 Author: Douglas Anderson Date: Wed Aug 21 14:53:57 2024 -0700 arm64: smp: smp_send_stop() and crash_smp_send_stop() should try non-NMI first When testing hard lockup handling on my sc7180-trogdor-lazor device with pseudo-NMI enabled, with serial console enabled and with kgdb disabled, I found that the stack crawls printed to the serial console ended up as a jumbled mess. After rebooting, the pstore-based console looked fine though. Also, enabling kgdb to trap the panic made the console look fine and avoided the mess. After a bit of tracking down, I came to the conclusion that this was what was happening: 1. The panic path was stopping all other CPUs with panic_other_cpus_shutdown(). 2. At least one of those other CPUs was in the middle of printing to the serial console and holding the console port's lock, which is grabbed with "irqsave". ...but since we were stopping with an NMI we didn't care about the "irqsave" and interrupted anyway. 3. Since we stopped the CPU while it was holding the lock it would never release it. 4. All future calls to output to the console would end up failing to get the lock in qcom_geni_serial_console_write(). This isn't _totally_ unexpected at panic time but it's a code path that's not well tested, hard to get right, and apparently doesn't work terribly well on the Qualcomm geni serial driver. The Qualcomm geni serial driver was fixed to be a bit better in commit 9e957a155005 ("serial: qcom-geni: Don't cancel/abort if we can't get the port lock") but it's nice not to get into this situation in the first place. Taking a page from what x86 appears to do in native_stop_other_cpus(), do this: 1. First, try to stop other CPUs with a normal IPI and wait a second. This gives them a chance to leave critical sections. 2. If CPUs fail to stop then retry with an NMI, but give a much lower timeout since there's no good reason for a CPU not to react quickly to a NMI. This works well and avoids the corrupted console and (presumably) could help avoid other similar issues. In order to do this, we need to do a little re-organization of our IPIs since we don't have any more free IDs. Do what was suggested in previous conversations and combine "stop" and "crash stop". That frees up an IPI so now we can have a "stop" and "stop NMI". In order to do this we also need a slight change in the way we keep track of which CPUs still need to be stopped. We need to know specifically which CPUs haven't stopped yet when we fall back to NMI but in the "crash stop" case the "cpu_online_mask" isn't updated as CPUs go down. This is why that code path had an atomic of the number of CPUs left. Solve this by also updating the "cpu_online_mask" for crash stops. All of the above lets us combine the logic for "stop" and "crash stop" code, which appeared to have a bunch of arbitrary implementation differences. Aside from the above change where we try a normal IPI and then an NMI, the combined function has a few subtle differences: * In the normal smp_send_stop(), if we fail to stop one or more CPUs then we won't include the current CPU (the one running smp_send_stop()) in the error message. * In crash_smp_send_stop(), if we fail to stop some CPUs we'll print the CPUs that we failed to stop instead of printing all _but_ the current running CPU. * In crash_smp_send_stop(), we will now only print "SMP: stopping secondary CPUs" if (system_state <= SYSTEM_RUNNING). Fixes: d7402513c935 ("arm64: smp: IPI_CPU_STOP and IPI_CPU_CRASH_STOP should try for NMI") Signed-off-by: Douglas Anderson Link: https://lore.kernel.org/r/20240821145353.v3.1.Id4817adef610302554b8aa42b090d57270dc119c@changeid Signed-off-by: Will Deacon commit fb9804096bb3508e33ade5a72f2332080cf1324b Author: Heikki Krogerus Date: Fri Aug 16 16:58:59 2024 +0300 usb: typec: ucsi: Remove useless error check from ucsi_read_error() If the GET_ERROR_STATUS command fails, ucsi_read_error() can not reach the condition where the CCI error bit is checked, because ucsi_run_command() has already checked that bit and returned an error. Signed-off-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240816135859.3499351-7-heikki.krogerus@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 4f322657ade1b784bb2b1ba8761469ae87520681 Author: Heikki Krogerus Date: Fri Aug 16 16:58:58 2024 +0300 usb: typec: ucsi: Call CANCEL from single location The command cancellation can be done right after detecting that the PPM is busy. There is no need to do it separately in ucsi_read_error() and ucsi_send_command_common(). Signed-off-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240816135859.3499351-6-heikki.krogerus@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 9289e6f5ee679629e2ece4b87dc14ee6e1e1dfc3 Author: Heikki Krogerus Date: Fri Aug 16 16:58:57 2024 +0300 usb: typec: ucsi: Common function for the GET_PD_MESSAGE command So far that command was only used to read the response to the Discover Identity Request, but it is handled with two separate functions, which is not really necessary. Squashing the command execution into a single function. That function can now also be used to read other messages on top of the Request Identity response. Signed-off-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240816135859.3499351-5-heikki.krogerus@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 73910c511b1a665a993d66dceb0ffafbacd2ece6 Author: Heikki Krogerus Date: Fri Aug 16 16:58:56 2024 +0300 usb: typec: ucsi: Only assign the identity structure if the PPM supports it This will make sure that the identity sysfs attribute files are kept hidden if the UCSI interface doesn't support reading the USB Power Delivery messages. Signed-off-by: Heikki Krogerus Reviewed-by: Abhishek Pandit-Subedi Link: https://lore.kernel.org/r/20240816135859.3499351-4-heikki.krogerus@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 1d05c382ddb4e43ce251a50f308df5e42a2f6088 Author: Heikki Krogerus Date: Fri Aug 16 16:58:55 2024 +0300 usb: typec: ucsi: Don't truncate the reads That may silently corrupt the data. Instead, failing attempts to read more than the interface can handle. Signed-off-by: Heikki Krogerus Reviewed-by: Abhishek Pandit-Subedi Link: https://lore.kernel.org/r/20240816135859.3499351-3-heikki.krogerus@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 9ecf52153b6f6681853b60c9912231e03857dff4 Author: Heikki Krogerus Date: Fri Aug 16 16:58:54 2024 +0300 usb: typec: ucsi: Remove unused fields from struct ucsi_connector_status The new fields are valid only with the new UCSI versions. They are at offsets that go beyond the MAX_DATA_LENGTH (16 bytes) with the older UCSI versions. That has not caused any problems before because nothing uses those new fields yet. Because they are not used yet, dropping them for now. Signed-off-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240816135859.3499351-2-heikki.krogerus@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 5225b6562b9a7dc808d5a1e465aaf5e2ebb220cd Author: Andre Przywara Date: Wed Aug 21 17:44:01 2024 +0100 kselftest/arm64: signal: fix/refactor SVE vector length enumeration Currently a number of SVE/SME related tests have almost identical functions to enumerate all supported vector lengths. However over time the copy&pasted code has diverged, allowing some bugs to creep in: - fake_sigreturn_sme_change_vl reports a failure, not a SKIP if only one vector length is supported (but the SVE version is fine) - fake_sigreturn_sme_change_vl tries to set the SVE vector length, not the SME one (but the other SME tests are fine) - za_no_regs keeps iterating forever if only one vector length is supported (but za_regs is correct) Since those bugs seem to be mostly copy&paste ones, let's consolidate the enumeration loop into one shared function, and just call that from each test. That should fix the above bugs, and prevent similar issues from happening again. Fixes: 4963aeb35a9e ("kselftest/arm64: signal: Add SME signal handling tests") Signed-off-by: Andre Przywara Reviewed-by: Mark Brown Link: https://lore.kernel.org/r/20240821164401.3598545-1-andre.przywara@arm.com Signed-off-by: Will Deacon commit e1aaecacfa135cd264a0db331d3ab8b2a04a54a3 Author: Detlev Casanova Date: Thu Aug 22 15:53:37 2024 -0400 soc: rockchip: grf: Add rk3576 default GRF values Set SW controlled i3c weak pull up and disable JTAG function on SDMMC IO. The i3c weak pull up is activated to let all gpio banks be controlled by the pinctrl driver. Disabling the JTAG function lets the SDMMC core use its full IO width. Signed-off-by: Detlev Casanova Acked-by: Dragan Simic Link: https://lore.kernel.org/r/20240822195706.920567-3-detlev.casanova@collabora.com Signed-off-by: Heiko Stuebner commit 4261b5804661f75408a8e2b63038308d2aae1f31 Author: Detlev Casanova Date: Thu Aug 22 15:53:36 2024 -0400 dt-bindings: soc: rockchip: Add rk3576 syscon compatibles Add all syscon compatibles for RK3576. Signed-off-by: Detlev Casanova Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240822195706.920567-2-detlev.casanova@collabora.com Signed-off-by: Heiko Stuebner commit 91232b00b1a5d2486770c72c51a752a77c7601b2 Author: Jinjie Ruan Date: Tue Aug 20 20:40:11 2024 +0800 spi: bcmbca-hsspi: Simpify resource lookup Instead of calling platform_get_resource_byname() and devm_ioremap_resource(), simplify the code by simply calling devm_platform_ioremap_resource_byname(). Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240820124011.1788479-1-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 3ccea1dedef39b8fc1adb13dd38c6e0b69e728af Author: Jinjie Ruan Date: Tue Aug 20 20:38:18 2024 +0800 spi: atmel-quadspi: Simpify resource lookup Use the devm_platform_ioremap_resource_byname() helper instead of calling platform_get_resource_byname() and devm_ioremap_resource() separately. Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240820123818.1788432-1-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 3bf2a5359b0bde22418705ec862ac5077312e4c2 Author: Jinjie Ruan Date: Tue Aug 20 20:35:18 2024 +0800 spi: wpcm-fiu: Use devm_platform_ioremap_resource_byname() Use the devm_platform_ioremap_resource_byname() helper instead of calling platform_get_resource_byname() and devm_ioremap_resource() separately. Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240820123518.1788294-1-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 290d6e5d6498703accffc66849b7fb2d4d7503ff Author: Mark Brown Date: Thu Aug 22 20:13:37 2024 +0100 regmap: Use locking during kunit tests There is no reason to bypass the locking when running the kunit tests, leave it enabled as standard. Signed-off-by: Mark Brown Link: https://patch.msgid.link/20240822-b4-regmap-maple-nolock-v1-3-d5e6dbae3396@kernel.org Signed-off-by: Mark Brown commit fd4ebc07b4dff7e1abedf1b7fd477bc04b69ae55 Author: Mark Brown Date: Thu Aug 22 20:13:36 2024 +0100 regmap: Hold the regmap lock when allocating and freeing the cache For the benefit of the maple tree's lockdep checking hold the lock while creating and exiting the cache. Signed-off-by: Mark Brown Link: https://patch.msgid.link/20240822-b4-regmap-maple-nolock-v1-2-d5e6dbae3396@kernel.org Signed-off-by: Mark Brown commit 490be7ba2a018093fbfa6c2dd80d7d0c190c4c98 Author: Vijendar Mukunda Date: Fri Aug 23 11:07:39 2024 +0530 ASoC: SOF: amd: add support for acp7.0 based platform Add SOF support for ACP7.0 version based platform. Signed-off-by: Vijendar Mukunda Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240823053739.465187-3-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit e17de785850e3112b2ea6ba786016a61f195bb23 Author: Vijendar Mukunda Date: Fri Aug 23 11:07:38 2024 +0530 ASoC: amd: Add acpi machine id for acp7.0 version based platform Add acpi machine id for ACP7.0 version based platform and configure driver data to enable SOF sound card support on newer boards. Signed-off-by: Vijendar Mukunda Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240823053739.465187-2-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit a14b278a47dd4b263799214c5ae0da6506ed7692 Author: Luca Ceresoli Date: Fri Aug 23 09:46:01 2024 +0200 ASoC: dapm-graph: show path name for non-static routes Many routes are just static, not modifiable at runtime. Show the route name for all the other routes as an edge label in the generated graph. Signed-off-by: Luca Ceresoli Link: https://patch.msgid.link/20240823-dapm-graph-v1-3-989a47308c4c@bootlin.com Signed-off-by: Mark Brown commit 64a1e3ddab1ebaa590101b0d7d7fa5d3144da1e8 Author: Luca Ceresoli Date: Fri Aug 23 09:46:00 2024 +0200 ASoC: dapm-graph: visualize component On/Off bias level Read the bias_level debugfs files (ignored so far) and visualize the On/Off state of each component using different graphic attributes in the generated graph. Signed-off-by: Luca Ceresoli Link: https://patch.msgid.link/20240823-dapm-graph-v1-2-989a47308c4c@bootlin.com Signed-off-by: Mark Brown commit 5a98c2e5399b125231ebb4594fee5fddfb7db9fd Author: Luca Ceresoli Date: Fri Aug 23 09:45:59 2024 +0200 ASoC: dapm-graph: remove the "ROOT" cluster Widgets not belonging to any component are currently represented inside a cluster labeled "ROOT". This is not a correct representation of the actual structure, as these widgets are not necessarily related to each other as the ones inside actual components are. Improve the graphical representation by not adding a cluster around these widgets. Now a dot cluster represents a card component faithfully. This will be particularly important with the upcoming improvements which will visualize the component bias_level. Signed-off-by: Luca Ceresoli Link: https://patch.msgid.link/20240823-dapm-graph-v1-1-989a47308c4c@bootlin.com Signed-off-by: Mark Brown commit 9e5eb7403cb6023642e48fc293f519ce5e8e8d8d Merge: 157519c026ec07 9ec87c5957ea9b Author: Ulf Hansson Date: Fri Aug 23 11:58:28 2024 +0200 pmdomain: Merge branch fixes into next Merge the pmdomain fixes for v6.11-rc[n] into the next branch, to allow them to get tested together with the new changes that are targeted for v6.12. Signed-off-by: Ulf Hansson commit 7bd76f405d329c2c361703cc45317a4a55d8a68e Author: Alex Bee Date: Thu May 23 20:56:32 2024 +0200 soc: rockchip: grf: Set RK3128's vpu main clock RK3128 has a setting in GRF which selects whether the vpu attached iommu uses the AXI clock of the decoder (vdpu) or the encoder (vepu). The default is vepu but some part of the vendor firmware sets it to vdpu. In order to be independent on whether any of those vendor firmware blobs is used to boot the SoC reset "vpu main clock" setting to it's default value. Signed-off-by: Alex Bee Link: https://lore.kernel.org/r/20240523185633.71355-3-knaerzche@gmail.com Signed-off-by: Heiko Stuebner commit f0d7047889589a4affe7a04d38a408ef45ec58e6 Author: David Wu Date: Tue May 21 21:10:13 2024 +0000 soc: rockchip: io-domain: Add RK3308 IO voltage domains Add IO voltage domains support for the RK3308 SoC. Signed-off-by: David Wu Signed-off-by: Jianqun Xu Signed-off-by: Jonas Karlman Link: https://lore.kernel.org/r/20240521211029.1236094-11-jonas@kwiboo.se Signed-off-by: Heiko Stuebner commit ff2bed591a820d98288c49aca692eab2f39acaf8 Author: Jonas Karlman Date: Tue May 21 21:10:12 2024 +0000 dt-bindings: power: rockchip: Document RK3308 IO voltage domains Document dt-bindings for RK3308 IO voltage domains. Signed-off-by: Jonas Karlman Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240521211029.1236094-10-jonas@kwiboo.se Signed-off-by: Heiko Stuebner commit 014e756247e847cde8a06fc27ee3a72a5140b972 Author: Suravee Suthikulpanit Date: Fri Aug 16 22:16:50 2024 +0000 iommu/amd: Update PASID, GATS, GLX, SNPAVICSUP feature related macros Clean up and reorder them according to the bit index. There is no functional change. Suggested-by: Jason Gunthorpe Signed-off-by: Suravee Suthikulpanit Reviewed-by: Vasant Hegde Reviewed-by: Jason Gunthorpe Link: https://lore.kernel.org/r/20240816221650.62295-1-suravee.suthikulpanit@amd.com Signed-off-by: Joerg Roedel commit 1c8f80c2aadf76daff01ab133fb11136e7248746 Author: Jani Nikula Date: Thu Aug 22 19:04:55 2024 +0300 drm/i915/display: convert params to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_display_params.[ch] and intel_display_debugfs_params.[ch] to struct intel_display. Some stragglers are left behind where needed. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/3e5cc1744eaf4708b08303e3e7e194035d7941cc.1724342644.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 065ca63e161a1ed7e619ef7dea0c7c6435ee2f8d Author: Jani Nikula Date: Thu Aug 22 19:04:54 2024 +0300 drm/i915/sprite: convert to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_sprite.[ch] to struct intel_display. Some stragglers are left behind where needed. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/094db6a9f40404fcc14843d32b45465d31730d96.1724342644.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit ab0b0eb5c85c5961913bdb9b8011cc8f5c14978a Author: Jani Nikula Date: Thu Aug 22 19:04:53 2024 +0300 drm/i915/tv: convert to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_tv.[ch] to struct intel_display. Some stragglers are left behind where needed. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/04b1c8d095a52fb817876acdab4e9139d909f306.1724342644.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 852791985af63bcfd66d7f6ec160cc5f9fcb020a Author: Jani Nikula Date: Thu Aug 22 19:04:52 2024 +0300 drm/i915/vrr: convert to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_vrr.[ch] to struct intel_display. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/1d25a08c62a320133fbb0a89dac3dd1081139487.1724342644.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit aa451ae76fda24f919174a17df31c290f91a953c Author: Jani Nikula Date: Thu Aug 22 19:04:51 2024 +0300 drm/i915/vblank: convert to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_vblank.[ch] to struct intel_display. Some stragglers are left behind where needed. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/40430651a45ddd9e350a1fd7938fe4054492f6ea.1724342644.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 58cfea648ff3b3bd283c03f094f24d379fe6fa82 Author: Jani Nikula Date: Thu Aug 22 19:04:50 2024 +0300 drm/i915/vblank: fix context imbalance warnings When building for xe, we get the context imbalance warning as the actual locking/unlocking is not compiled: ../drivers/gpu/drm/i915/display/intel_vblank.c:306:13: warning: context imbalance in 'intel_vblank_section_enter' - wrong count at exit ../drivers/gpu/drm/i915/display/intel_vblank.c:314:13: warning: context imbalance in 'intel_vblank_section_exit' - wrong count at exit Fix by adding separata stubs for xe without __acquires/__releases annotation. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/111de5bee15f408de65b19ece4b68a7ac66b30cf.1724342644.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit dd6ded6e87a97a32e06c10b7f6639eebb779257d Author: Jani Nikula Date: Thu Aug 22 19:04:49 2024 +0300 drm/i915/vblank: use drm_crtc_vblank_crtc() instead of open-coding There's a helper for drm->vblank[drm_crtc_index(crtc)], use it. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/78198ade92da1d978f2032c50b3b50e3f8f01701.1724342644.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 045391a02bd971d431c83ad03f7cc51b6e2fe331 Author: Kees Cook Date: Tue Jul 16 14:24:59 2024 -0700 leds: gpio: Set num_leds after allocation With the new __counted_by annotation, the "num_leds" variable needs to valid for accesses to the "leds" array. This requirement is not met in gpio_leds_create(), since "num_leds" starts at "0", so "leds" index "0" will not be considered valid (num_leds would need to be "1" to access index "0"). Fix this by setting the allocation size after allocation, and then update the final count based on how many were actually added to the array. Fixes: 52cd75108a42 ("leds: gpio: Annotate struct gpio_leds_priv with __counted_by") Signed-off-by: Kees Cook Reviewed-by: Gustavo A. R. Silva Link: https://lore.kernel.org/r/20240716212455.work.809-kees@kernel.org Signed-off-by: Lee Jones commit 485e13fe2fb649e60eb49d8bec4404da215c1f5b Author: Sunyeal Hong Date: Thu Aug 22 08:26:52 2024 +0900 clk: samsung: add top clock support for ExynosAuto v920 SoC This adds support for CMU_TOP which generates clocks for all the function blocks such as CORE, HSI0/1/2, PERIC0/1 and so on. For CMU_TOP, PLL_SHARED0,1,2,3,4 and 5 will be the sources of this block and they will generate bus clocks. Signed-off-by: Sunyeal Hong Link: https://lore.kernel.org/r/20240821232652.1077701-5-sunyeal.hong@samsung.com Signed-off-by: Krzysztof Kozlowski commit 9224e288f2e1f9161cf0c54122ac9168b6b68877 Author: Sunyeal Hong Date: Thu Aug 22 08:26:51 2024 +0900 clk: samsung: clk-pll: Add support for pll_531x pll531x PLL is used in Exynos Auto v920 SoC for shared pll. pll531x: Integer/fractional PLL with mid frequency FVCO (800 to 3120 MHz) PLL531x FOUT = (MDIV x FIN)/(PDIV x 2^SDIV) for integer PLL FOUT = (MDIV + F/2^32-F[31]) x FIN/(PDIV x 2^SDIV) for fractional PLL Signed-off-by: Sunyeal Hong Reviewed-by: Alim Akhtar Link: https://lore.kernel.org/r/20240821232652.1077701-4-sunyeal.hong@samsung.com Signed-off-by: Krzysztof Kozlowski commit c0979bc8845068b542ef65086f3173494e6a6faf Merge: 011a9de99793c3 997daa8de64ccb Author: Krzysztof Kozlowski Date: Fri Aug 23 09:21:10 2024 +0200 Merge branch 'for-v6.12/clk-dt-bindings' into next/clk commit 4d06000979cda26e914552d486e5364248025fcd Author: Sunyeal Hong Date: Thu Aug 22 08:26:50 2024 +0900 arm64: dts: exynosautov920: add initial CMU clock nodes in ExynosAuto v920 Add cmu_top, cmu_peric0 clock nodes and switch USI clocks instead of dummy fixed-rate-clock. Signed-off-by: Sunyeal Hong Link: https://lore.kernel.org/r/20240821232652.1077701-3-sunyeal.hong@samsung.com Signed-off-by: Krzysztof Kozlowski commit 93b41cdc21f3c33607c62b80adbe39c747e7022f Merge: 71e0b08ed2a98e 997daa8de64ccb Author: Krzysztof Kozlowski Date: Fri Aug 23 09:19:24 2024 +0200 Merge branch 'for-v6.12/clk-dt-bindings' into next/dt64 commit 997daa8de64ccbb4dc68d250510893597d485de4 Author: Sunyeal Hong Date: Thu Aug 22 08:26:49 2024 +0900 dt-bindings: clock: add ExynosAuto v920 SoC CMU bindings Add dt-schema for ExynosAuto v920 SoC clock controller. Add device tree clock binding definitions for below CMU blocks. - CMU_TOP - CMU_PERIC0/1 - CMU_MISC - CMU_HSI0/1 Signed-off-by: Sunyeal Hong Link: https://lore.kernel.org/r/20240821232652.1077701-2-sunyeal.hong@samsung.com Signed-off-by: Krzysztof Kozlowski commit 54f2f78d6b9f1f90e91aaf5dbb34a6198f65fdfd Author: Simon Horman Date: Wed Aug 21 16:30:13 2024 +0100 xfrm: Correct spelling in xfrm.h Correct spelling in xfrm.h. As reported by codespell. Signed-off-by: Simon Horman Signed-off-by: Steffen Klassert commit b204bbc53f958fc3119d63bf2cda5a526e7267a4 Author: Alice Ryhl Date: Wed Aug 14 08:05:29 2024 +0000 rust: list: add ListArcField One way to explain what `ListArc` does is that it controls exclusive access to the prev/next pointer field in a refcounted object. The feature of having a special reference to a refcounted object with exclusive access to specific fields is useful for other things, so provide a general utility for that. This is used by Rust Binder to keep track of which processes have a reference to a given node. This involves an object for each process/node pair, that is referenced by both the process and the node. For some fields in this object, only the process's reference needs to access them (and it needs mutable access), so Binder uses a ListArc to give the process's reference exclusive access. Reviewed-by: Benno Lossin Signed-off-by: Alice Ryhl Link: https://lore.kernel.org/r/20240814-linked-list-v5-10-f5f5e8075da0@google.com Signed-off-by: Miguel Ojeda commit 2003c04b059759b0ec3bff108f24ded9de86a726 Author: Alice Ryhl Date: Wed Aug 14 08:05:28 2024 +0000 rust: list: support heterogeneous lists Support linked lists that can hold many different structs at once. This is generally done using trait objects. The main challenge is figuring what the struct is given only a pointer to the ListLinks. We do this by storing a pointer to the struct next to the ListLinks field. The container_of operation will then just read that pointer. When the type is a trait object, that pointer will be a fat pointer whose metadata is a vtable that tells you what kind of struct it is. Heterogeneous lists are heavily used by Rust Binder. There are a lot of so-called todo lists containing various events that need to be delivered to userspace next time userspace calls into the driver. And there are quite a few different todo item types: incoming transaction, changes to refcounts, death notifications, and more. Reviewed-by: Benno Lossin Signed-off-by: Alice Ryhl Link: https://lore.kernel.org/r/20240814-linked-list-v5-9-f5f5e8075da0@google.com Signed-off-by: Miguel Ojeda commit 9078a4f956dbef9366e1657915c883b380e6db39 Author: Alice Ryhl Date: Wed Aug 14 08:05:27 2024 +0000 rust: list: add cursor The cursor is very similar to the list iterator, but it has one important feature that the iterator doesn't: it can be used to remove items from the linked list. This feature cannot be added to the iterator because the references you get from the iterator are considered borrows of the original list, rather than borrows of the iterator. This means that there's no way to prevent code like this: let item = iter.next(); iter.remove(); use(item); If `iter` was a cursor instead of an iterator, then `item` will be considered a borrow of `iter`. Since `remove` destroys `iter`, this means that the borrow-checker will prevent uses of `item` after the call to `remove`. So there is a trade-off between supporting use in traditional for loops, and supporting removal of elements as you iterate. Iterators and cursors represents two different choices on that spectrum. Rust Binder needs cursors for the list of death notifications that a process is currently handling. When userspace tells Binder that it has finished processing the death notification, Binder will iterate the list to search for the relevant item and remove it. Reviewed-by: Benno Lossin Signed-off-by: Alice Ryhl Link: https://lore.kernel.org/r/20240814-linked-list-v5-8-f5f5e8075da0@google.com Signed-off-by: Miguel Ojeda commit deeecc9c1b979f45ca7b97255763505e5430cce5 Author: Alice Ryhl Date: Wed Aug 14 08:05:26 2024 +0000 rust: list: add iterators Rust Binder has lists containing stuff such as all contexts or all processes, and sometimes needs to iterate over them. This patch enables Rust Binder to do that using a normal for loop. The iterator returns the ArcBorrow type, so it is possible to grab a refcount to values while iterating. Reviewed-by: Benno Lossin Signed-off-by: Alice Ryhl Link: https://lore.kernel.org/r/20240814-linked-list-v5-7-f5f5e8075da0@google.com Signed-off-by: Miguel Ojeda commit db841866ecc01ca01ab93282d7809b87568a18ff Author: Alice Ryhl Date: Wed Aug 14 08:05:25 2024 +0000 rust: list: add List Add the actual linked list itself. The linked list uses the following design: The List type itself just has a single pointer to the first element of the list. And the actual list items then form a cycle. So the last item is `first->prev`. This is slightly different from the usual kernel linked list. Matching that exactly would amount to giving List two pointers, and having it be part of the cycle of items. This alternate design has the advantage that the cycle is never completely empty, which can reduce the number of branches in some cases. However, it also has the disadvantage that List must be pinned, which this design is trying to avoid. Having the list items form a cycle rather than having null pointers at the beginning/end is convenient for several reasons. For one, it lets us store only one pointer in List, and it simplifies the implementation of several functions. Unfortunately, the `remove` function that removes an arbitrary element from the list has to be unsafe. This is needed because there is no way to handle the case where you pass an element from the wrong list. For example, if it is the first element of some other list, then that other list's `first` pointer would not be updated. Similarly, it could be a data race if you try to remove it from two different lists in parallel. (There's no problem with passing `remove` an item that's not in any list. Additionally, other removal methods such as `pop_front` need not be unsafe, as they can't be used to remove items from another list.) A future patch in this series will introduce support for cursors that can be used to remove arbitrary items without unsafe code. Reviewed-by: Benno Lossin Signed-off-by: Alice Ryhl Link: https://lore.kernel.org/r/20240814-linked-list-v5-6-f5f5e8075da0@google.com [ Fixed a few typos. - Miguel ] Signed-off-by: Miguel Ojeda commit 40c53294596b4a7fe2ae126d7aab986752496c31 Author: Alice Ryhl Date: Wed Aug 14 08:05:24 2024 +0000 rust: list: add macro for implementing ListItem Adds a macro for safely implementing the ListItem trait. As part of the implementation of the macro, we also provide a HasListLinks trait similar to the workqueue's HasWorkItem trait. The HasListLinks trait is only necessary if you are implementing ListItem using the impl_list_item macro. Reviewed-by: Benno Lossin Signed-off-by: Alice Ryhl Link: https://lore.kernel.org/r/20240814-linked-list-v5-5-f5f5e8075da0@google.com Signed-off-by: Miguel Ojeda commit 14176295fe56ce9506e650dce436d2bdadec93b5 Author: Alice Ryhl Date: Wed Aug 14 08:05:23 2024 +0000 rust: list: add struct with prev/next pointers Define the ListLinks struct, which wraps the prev/next pointers that will be used to insert values into a List in a future patch. Also define the ListItem trait, which is implemented by structs that have a ListLinks field. The ListItem trait provides four different methods that are all essentially container_of or the reverse of container_of. Two of them are used before inserting/after removing an item from the list, and the two others are used when looking at a value without changing whether it is in a list. This distinction is introduced because it is needed for the patch that adds support for heterogeneous lists, which are implemented by adding a third pointer field with a fat pointer to the full struct. When inserting into the heterogeneous list, the pointer-to-self is updated to have the right vtable, and the container_of operation is implemented by just returning that pointer instead of using the real container_of operation. Reviewed-by: Benno Lossin Signed-off-by: Alice Ryhl Link: https://lore.kernel.org/r/20240814-linked-list-v5-4-f5f5e8075da0@google.com Signed-off-by: Miguel Ojeda commit a48026315cd7b6018bd74831a6dc0586adbba1b9 Author: Alice Ryhl Date: Wed Aug 14 08:05:22 2024 +0000 rust: list: add tracking for ListArc Add the ability to track whether a ListArc exists for a given value, allowing for the creation of ListArcs without going through UniqueArc. The `impl_list_arc_safe!` macro is extended with a `tracked_by` strategy that defers the tracking of ListArcs to a field of the struct. Additionally, the AtomicListArcTracker type is introduced, which can track whether a ListArc exists using an atomic. By deferring the tracking to a field of type AtomicListArcTracker, structs gain the ability to create ListArcs without going through a UniqueArc. Rust Binder uses this for some objects where we want to be able to insert them into a linked list at any time. Using the AtomicListArcTracker, we are able to check whether an item is already in the list, and if not, we can create a `ListArc` and push it. The macro has the ability to defer the tracking of ListArcs to a field, using whatever strategy that field has. Since we don't add any strategies other than AtomicListArcTracker, another similar option would be to hard-code that the field should be an AtomicListArcTracker. However, Rust Binder has a case where the AtomicListArcTracker is not stored directly in the struct, but in a sub-struct. Furthermore, the outer struct is generic: struct Wrapper { links: ListLinks, inner: T, } Here, the Wrapper struct implements ListArcSafe with `tracked_by inner`, and then the various types used with `inner` also uses the macro to implement ListArcSafe. Some of them use the untracked strategy, and some of them use tracked_by with an AtomicListArcTracker. This way, Wrapper just inherits whichever choice `inner` has made. Reviewed-by: Benno Lossin Signed-off-by: Alice Ryhl Link: https://lore.kernel.org/r/20240814-linked-list-v5-3-f5f5e8075da0@google.com Signed-off-by: Miguel Ojeda commit 6cd341715558b8422f33509d9b99a1a0a5b4b29c Author: Alice Ryhl Date: Wed Aug 14 08:05:21 2024 +0000 rust: list: add ListArc The `ListArc` type can be thought of as a special reference to a refcounted object that owns the permission to manipulate the `next`/`prev` pointers stored in the refcounted object. By ensuring that each object has only one `ListArc` reference, the owner of that reference is assured exclusive access to the `next`/`prev` pointers. When a `ListArc` is inserted into a `List`, the `List` takes ownership of the `ListArc` reference. There are various strategies for ensuring that a value has only one `ListArc` reference. The simplest is to convert a `UniqueArc` into a `ListArc`. However, the refcounted object could also keep track of whether a `ListArc` exists using a boolean, which could allow for the creation of new `ListArc` references from an `Arc` reference. Whatever strategy is used, the relevant tracking is referred to as "the tracking inside `T`", and the `ListArcSafe` trait (and its subtraits) are used to update the tracking when a `ListArc` is created or destroyed. Note that we allow the case where the tracking inside `T` thinks that a `ListArc` exists, but actually, there isn't a `ListArc`. However, we do not allow the opposite situation where a `ListArc` exists, but the tracking thinks it doesn't. This is because the former can at most result in us failing to create a `ListArc` when the operation could succeed, whereas the latter can result in the creation of two `ListArc` references. Only the latter situation can lead to memory safety issues. This patch introduces the `impl_list_arc_safe!` macro that allows you to implement `ListArcSafe` for types using the strategy where a `ListArc` can only be created from a `UniqueArc`. Other strategies are introduced in later patches. This is part of the linked list that Rust Binder will use for many different things. The strategy where a `ListArc` can only be created from a `UniqueArc` is actually sufficient for most of the objects that Rust Binder needs to insert into linked lists. Usually, these are todo items that are created and then immediately inserted into a queue. The const generic ID allows objects to have several prev/next pointer pairs so that the same object can be inserted into several different lists. You are able to have several `ListArc` references as long as they correspond to different pointer pairs. The ID itself is purely a compile-time concept and will not be present in the final binary. Both the `List` and the `ListArc` will need to agree on the ID for them to work together. Rust Binder uses this in a few places (e.g. death recipients) where the same object can be inserted into both generic todo lists and some other lists for tracking the status of the object. The ID is a const generic rather than a type parameter because the `pair_from_unique` method needs to be able to assert that the two ids are different. There's no easy way to assert that when using types instead of integers. Reviewed-by: Benno Lossin Signed-off-by: Alice Ryhl Link: https://lore.kernel.org/r/20240814-linked-list-v5-2-f5f5e8075da0@google.com Signed-off-by: Miguel Ojeda commit 0528ca0a4f858da3369d405af8c76b8248dfeb7b Author: Benno Lossin Date: Wed Aug 14 08:05:20 2024 +0000 rust: init: add `assert_pinned` macro Add a macro to statically check if a field of a struct is marked with `#[pin]` ie that it is structurally pinned. This can be used when `unsafe` code needs to rely on fields being structurally pinned. The macro has a special "inline" mode for the case where the type depends on generic parameters from the surrounding scope. Signed-off-by: Benno Lossin Co-developed-by: Alice Ryhl Signed-off-by: Alice Ryhl Link: https://lore.kernel.org/r/20240814-linked-list-v5-1-f5f5e8075da0@google.com [ Replaced `compile_fail` with `ignore` and a TODO note. Removed `pub` from example to clean `unreachable_pub` lint. - Miguel ] Signed-off-by: Miguel Ojeda commit c6945acad7a14b6afb390a4afc1d354ef5413ea6 Author: Matthew Maurer Date: Tue Jul 30 09:26:24 2024 +0000 rust: support arrays in target JSON Some configuration options such as the supported sanitizer list are arrays. To support using Rust with sanitizers on x86, we must update the target.json generator to support this case. The Push trait is removed in favor of the From trait because the Push trait doesn't work well in the nested case where you are not really pushing values to a TargetSpec. Signed-off-by: Matthew Maurer Signed-off-by: Alice Ryhl Reviewed-by: Gary Guo Tested-by: Gatlin Newhouse Link: https://lore.kernel.org/r/20240730-target-json-arrays-v1-1-2b376fd0ecf4@google.com Signed-off-by: Miguel Ojeda commit 70302fc7adcd29c4c744489cd89e2d3ed08ecd8d Merge: 3c9265ed191d34 ba52850cb6b4db Author: Martin K. Petersen Date: Thu Aug 22 21:30:06 2024 -0400 Merge patch series "Simplify multiple create*_workqueue() invocations" Bart Van Assche says: Hi Martin, Multiple SCSI drivers use snprintf() to format a workqueue name before invoking one of the create*_workqueue() macros. This patch series simplifies such code by passing the format string and arguments to alloc_workqueue(). Additionally, the structure members that are only used as a temporary buffer for formatting workqueue names are removed. Please consider this patch series for the next merge window. Thanks, Bart. Link: https://lore.kernel.org/r/20240822195944.654691-1-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit ba52850cb6b4db5f4ec4636c73d2ad85d0e9adba Author: Bart Van Assche Date: Thu Aug 22 12:59:22 2024 -0700 scsi: core: Simplify an alloc_workqueue() invocation Let alloc_workqueue() format the workqueue name. Remove the work_q_name[] member from struct Scsi_Host because it is no longer used by any SCSI driver nor by the SCSI core. Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-19-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit 1aa992cbc272beceba40ae39b33b2848c228c0c9 Author: Bart Van Assche Date: Thu Aug 22 12:59:21 2024 -0700 scsi: ufs: Simplify alloc*_workqueue() invocation Let alloc*_workqueue() format the workqueue name instead of calling snprintf() explicitly. Reviewed-by: Manivannan Sadhasivam Reviewed-by: Peter Wang Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-18-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit 0ef9b0186dae7039e95e9367ed1d9402a763511b Author: Bart Van Assche Date: Thu Aug 22 12:59:20 2024 -0700 scsi: stex: Simplify an alloc_ordered_workqueue() invocation Let alloc_ordered_workqueue() format the workqueue name instead of calling snprintf() explicitly. Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-17-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit 06d53789761cad6bbbc3c00e8c96a631a41f4bf3 Author: Bart Van Assche Date: Thu Aug 22 12:59:19 2024 -0700 scsi: scsi_transport_fc: Simplify alloc_workqueue() invocations Let alloc_workqueue() format the workqueue name instead of calling snprintf() explicitly. Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-16-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit 6411307b63286eff7c5c72a8ad64796ae8549101 Author: Bart Van Assche Date: Thu Aug 22 12:59:18 2024 -0700 scsi: snic: Simplify alloc_workqueue() invocations Let alloc_workqueue() format the workqueue name instead of calling snprintf() explicitly. Not setting shost->work_q_name is safe because there is no code that reads the value set by the removed code. Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-15-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit 19d7cda1c6304e032c1f7cd0ff3e6b5dc29f76dd Author: Bart Van Assche Date: Thu Aug 22 12:59:17 2024 -0700 scsi: qedi: Simplify an alloc_workqueue() invocation Let alloc_workqueue() format the workqueue name instead of calling snprintf() explicitly. Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-14-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit 8bbe60bbd43daa215106d263538e0822c4bba172 Author: Bart Van Assche Date: Thu Aug 22 12:59:16 2024 -0700 scsi: qedf: Simplify alloc_workqueue() invocations Let alloc_workqueue() format the workqueue name instead of calling snprintf() explicitly. Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-13-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit f30679166255148f7781b0726d8e1b5e22dd5b48 Author: Bart Van Assche Date: Thu Aug 22 12:59:15 2024 -0700 scsi: myrs: Simplify an alloc_ordered_workqueue() invocation Let alloc_ordered_workqueue() format the workqueue name instead of calling snprintf() explicitly. Reviewed-by: Hannes Reinecke Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-12-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit c57a617fd53fae6fcfa7d1737adfee209b8051ca Author: Bart Van Assche Date: Thu Aug 22 12:59:14 2024 -0700 scsi: myrb: Simplify an alloc_ordered_workqueue() invocation Let alloc_ordered_workqueue() format the workqueue name instead of calling snprintf() explicitly. Reviewed-by: Hannes Reinecke Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-11-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit b3b359ac726763ead9cee1c3674f5c50d26651c4 Author: Bart Van Assche Date: Thu Aug 22 12:59:13 2024 -0700 scsi: mpt3sas: Simplify an alloc_ordered_workqueue() invocation Let alloc_ordered_workqueue() format the workqueue name instead of calling snprintf() explicitly. Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-10-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit 1bd289620e4240ebf882e5e213ea0af200501be9 Author: Bart Van Assche Date: Thu Aug 22 12:59:12 2024 -0700 scsi: mpi3mr: Simplify an alloc_ordered_workqueue() invocation Let alloc_ordered_workqueue() format the workqueue name instead of calling snprintf() explicitly. Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-9-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit 5615cfb3cbadf7c7159c5de18e6f02ca9c6630fc Author: Bart Van Assche Date: Thu Aug 22 12:59:11 2024 -0700 scsi: ibmvscsi_tgt: Simplify an alloc_workqueue() invocation Let alloc_workqueue() format the workqueue name instead of calling snprintf() explicitly. Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-8-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit d77381c2f62a557f630a64280ff09675128be363 Author: Bart Van Assche Date: Thu Aug 22 12:59:10 2024 -0700 scsi: fcoe: Simplify alloc_ordered_workqueue() invocations Let alloc_ordered_workqueue() format the workqueue name instead of calling snprintf() explicitly. Reviewed-by: Hannes Reinecke Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-7-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit 4cb1b41a5ee4c513897441bda42d56673b0c6edb Author: Bart Van Assche Date: Thu Aug 22 12:59:09 2024 -0700 scsi: esas2r: Simplify an alloc_ordered_workqueue() invocation Let alloc_ordered_workqueue() format the workqueue name instead of calling snprintf() explicitly. Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-6-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit 70fbb7c11507576011511dbf4d00940ebb3a09fb Author: Bart Van Assche Date: Thu Aug 22 12:59:08 2024 -0700 scsi: bfa: Simplify an alloc_ordered_workqueue() invocation Let alloc_ordered_workqueue() format the workqueue name instead of calling snprintf() explicitly. Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-5-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit 66088e7b918275a4520f5d7939e7cf9d495e3b83 Author: Bart Van Assche Date: Thu Aug 22 12:59:07 2024 -0700 scsi: be2iscsi: Simplify an alloc_workqueue() invocation Let alloc_workqueue() format the workqueue name instead of calling snprintf() explicitly. Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-4-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit dec523975b85e725e2bf786a0b7dcee76b77a64e Author: Bart Van Assche Date: Thu Aug 22 12:59:06 2024 -0700 scsi: mptfusion: Simplify the alloc*_workqueue() invocations Let alloc*_workqueue() format the workqueue names instead of calling snprintf() explicitly. Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-3-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit b97c0741c7dccedec60524b596c4fa9d6a136523 Author: Bart Van Assche Date: Thu Aug 22 12:59:05 2024 -0700 scsi: Expand all create*_workqueue() invocations The workqueue maintainer wants to remove the create*_workqueue() macros because these macros always set the WQ_MEM_RECLAIM flag and because these only support literal workqueue names. Hence this patch that replaces the create*_workqueue() invocations with the definition of this macro. The WQ_MEM_RECLAIM flag has been retained because I think that flag is necessary for workqueues created by storage drivers. This patch has been generated by running spatch and git clang-format. spatch has been invoked as follows: spatch --in-place --sp-file expand-create-workqueue.spatch $(git grep -lEw 'create_(freezable_|singlethread_|)workqueue' */scsi */ufs) The contents of the expand-create-workqueue.spatch file is as follows: @@ expression name; @@ -create_workqueue(name) +alloc_workqueue("%s", WQ_MEM_RECLAIM, 1, name) @@ expression name; @@ -create_freezable_workqueue(name) +alloc_workqueue("%s", WQ_FREEZABLE | WQ_UNBOUND | WQ_MEM_RECLAIM, 1, name) @@ expression name; @@ -create_singlethread_workqueue(name) +alloc_ordered_workqueue("%s", WQ_MEM_RECLAIM, name) Reviewed-by: Peter Wang Signed-off-by: Bart Van Assche Link: https://lore.kernel.org/r/20240822195944.654691-2-bvanassche@acm.org Signed-off-by: Martin K. Petersen commit 5315266844ea3b0b8b6be9842d5901e439fa838a Author: Gabriel Maciel Raad Date: Thu Aug 22 21:08:38 2024 -0300 Staging: rtl8192e: Remove unnecessary blank line Remove unneeded blank line in rtl92e_leisure_ps_enter to silence the folowing checkpatch.pl warning: CHECK: Blank lines aren't necessary after an open brace '{' Signed-off-by: Gabriel Maciel Raad Link: https://lore.kernel.org/r/20240823000838.8207-3-ffunctor@gmail.com Signed-off-by: Greg Kroah-Hartman commit 4626eb9ad822cd688717fbd797ad23d1730d170f Author: Gabriel Maciel Raad Date: Thu Aug 22 21:08:37 2024 -0300 Staging: rtl8192e: Fix parenthesis alignment Fix parenthesis alingment in rtl92e_leisure_ps_enter to silence the following checkpatch.pl warning: CHECK: Alignment should match open parenthesis Signed-off-by: Gabriel Maciel Raad Link: https://lore.kernel.org/r/20240823000838.8207-2-ffunctor@gmail.com Signed-off-by: Greg Kroah-Hartman commit 2b05e9c6beccc606f28068430031839bd75edf27 Author: Ana Carolina Hernandes Date: Thu Aug 22 17:27:27 2024 -0300 Staging: rtl8192e: Fix arguments alignment Fix the alignment of arguments in function _rtl92e_query_rxphystatus in order to silence the following checkpatch warning: CHECK: Lines should not end with a '(' Signed-off-by: Ana Carolina Hernandes Link: https://lore.kernel.org/r/20240822202727.18882-1-anachan.01h@gmail.com Signed-off-by: Greg Kroah-Hartman commit 0c0b453c6e7b33225468f6b01a691c448e7656aa Author: Alien Wesley Date: Thu Aug 22 13:30:57 2024 -0300 staging: rtl8192e: Fix Assignment operator '=' in rtl_dm.c:1488 Removed enter before operator '=' in rtl_dm.c:1488 in order to silence the following checkpatch warning. CHECK: Assignment operator '=' should be on the previous line Signed-off-by: Alien Wesley Link: https://lore.kernel.org/r/20240822163057.14114-1-alienwesley51@gmail.com Signed-off-by: Greg Kroah-Hartman commit 1eff40c209b1acc7d6bf58176d1e710f65b6a38d Author: Colin Ian King Date: Thu Aug 22 17:30:52 2024 +0100 staging: rtl8723bs: make read-only array dot11_rate_table static const Don't populate the read-only array dot11_rate_table on the stack at run time, instead make it static const. Signed-off-by: Colin Ian King Link: https://lore.kernel.org/r/20240822163052.636570-1-colin.i.king@gmail.com Signed-off-by: Greg Kroah-Hartman commit 5e24979acfbd8017a72b5e4e792fa4c6e0b83b05 Author: Hans Buss Date: Thu Aug 22 11:36:55 2024 -0300 staging: rtl8192e: Insert spaces around '|' Insert spaces around '|' to adhre to Linux kernel coding style. CHECK: spaces preferred around that '|' (ctx:VxV) Signed-off-by: Hans Buss Reviewed-by: Dan Carpenter Link: https://lore.kernel.org/r/20240822143837.37768-1-hansbh123@gmail.com Signed-off-by: Greg Kroah-Hartman commit 3c9265ed191d34349889ee426ed4a2394ba4a77b Author: Yue Haibing Date: Sat Aug 10 17:34:37 2024 +0800 scsi: target: Remove unused declarations Commit 13247018d68f ("scsi: target: iscsi: Fix hang in the iSCSI login code") removed iscsi_handle_login_thread_timeout() but left declaration. Commit 3e1c81a95f0d ("iscsi-target: Refactor RX PDU logic + export request PDU handling") left iscsi_target_get_initial_payload() declaration. Commit d703ce2f7f4d ("iscsi/iser-target: Convert to command priv_size usage") remove iscsit_alloc_cmd() but left declaration. And finally, a few other declarations were never implenmented since introduction in commit e48354ce078c ("iscsi-target: Add iSCSI fabric support for target v4.1"). Signed-off-by: Yue Haibing Link: https://lore.kernel.org/r/20240810093437.2586476-1-yuehaibing@huawei.com Signed-off-by: Martin K. Petersen commit 2e4b02fad094976763af08fec2c620f4f8edd9ae Author: Dan Carpenter Date: Thu Aug 15 14:29:05 2024 +0300 scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() The kref_put() function will call nport->release if the refcount drops to zero. The nport->release release function is _efc_nport_free() which frees "nport". But then we dereference "nport" on the next line which is a use after free. Re-order these lines to avoid the use after free. Fixes: fcd427303eb9 ("scsi: elx: libefc: SLI and FC PORT state machine interfaces") Signed-off-by: Dan Carpenter Link: https://lore.kernel.org/r/b666ab26-6581-4213-9a3d-32a9147f0399@stanley.mountain Reviewed-by: Daniel Wagner Signed-off-by: Martin K. Petersen commit 89835a58f5f54d52537709f2513fb91024e2d069 Author: Avri Altman Date: Wed Aug 21 08:54:11 2024 +0300 scsi: ufs: Move UFS trace events to private header UFS trace events are called exclusively from the UFS core drivers. Make those events private to the core driver. The MAINTAINERS file does not need updating as the maintainership remains the same and the relevant directory is already covered. Reviewed-by: Bart Van Assche Signed-off-by: Avri Altman Link: https://lore.kernel.org/r/20240821055411.3128159-1-avri.altman@wdc.com Acked-by: Bean Huo Signed-off-by: Martin K. Petersen commit 761d527d5d0036b98a2cecf4de1293d84d452aa1 Merge: bfc52deef5ed58 aa0743a229366e Author: Jakub Kicinski Date: Thu Aug 22 17:05:09 2024 -0700 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Cross-merge networking fixes after downstream PR. No conflicts. Adjacent changes: drivers/net/ethernet/broadcom/bnxt/bnxt.h c948c0973df5 ("bnxt_en: Don't clear ntuple filters and rss contexts during ethtool ops") f2878cdeb754 ("bnxt_en: Add support to call FW to update a VNIC") Link: https://patch.msgid.link/20240822210125.1542769-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit 559048d156ff3391c4b793779a824c9193e20442 Author: Kees Cook Date: Mon Aug 5 14:43:44 2024 -0700 string: Check for "nonstring" attribute on strscpy() arguments GCC already checks for arguments that are marked with the "nonstring"[1] attribute when used on standard C String API functions (e.g. strcpy). Gain this compile-time checking also for the kernel's primary string copying function, strscpy(). Note that Clang has neither "nonstring" nor __builtin_has_attribute(). Link: https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html#index-nonstring-variable-attribute [1] Reviewed-by: Miguel Ojeda Tested-by: Miguel Ojeda Link: https://lore.kernel.org/r/20240805214340.work.339-kees@kernel.org Signed-off-by: Kees Cook commit bfc52deef5ed58d92cfbe68dbceee3102617a8df Merge: 1cf60c6121587d be8b8ded77996c Author: Jakub Kicinski Date: Thu Aug 22 17:00:30 2024 -0700 Merge branch 'unmask-upper-dscp-bits-part-1' Ido Schimmel says: ==================== Unmask upper DSCP bits - part 1 tl;dr - This patchset starts to unmask the upper DSCP bits in the IPv4 flow key in preparation for allowing IPv4 FIB rules to match on DSCP. No functional changes are expected. The TOS field in the IPv4 flow key ('flowi4_tos') is used during FIB lookup to match against the TOS selector in FIB rules and routes. It is currently impossible for user space to configure FIB rules that match on the DSCP value as the upper DSCP bits are either masked in the various call sites that initialize the IPv4 flow key or along the path to the FIB core. In preparation for adding a DSCP selector to IPv4 and IPv6 FIB rules, we need to make sure the entire DSCP value is present in the IPv4 flow key. This patchset starts to unmask the upper DSCP bits in the various places that invoke the core FIB lookup functions directly (patches #1-#7) and in the input route path (patches #8-#12). Future patchsets will do the same in the output route path. No functional changes are expected as commit 1fa3314c14c6 ("ipv4: Centralize TOS matching") moved the masking of the upper DSCP bits to the core where 'flowi4_tos' is matched against the TOS selector. ==================== Link: https://patch.msgid.link/20240821125251.1571445-1-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit be8b8ded77996cfcd1bb2f1d97b91106d5882877 Author: Ido Schimmel Date: Wed Aug 21 15:52:51 2024 +0300 ipv4: Unmask upper DSCP bits when using hints Unmask the upper DSCP bits when performing source validation and routing a packet using the same route from a previously processed packet (hint). In the future, this will allow us to perform the FIB lookup that is performed as part of source validation according to the full DSCP value. No functional changes intended since the upper DSCP bits are masked when comparing against the TOS selectors in FIB rules and routes. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Acked-by: Florian Westphal Reviewed-by: David Ahern Link: https://patch.msgid.link/20240821125251.1571445-13-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit b6791ac5ea49aec7f9ef123ebc728fa6a5f9090a Author: Ido Schimmel Date: Wed Aug 21 15:52:50 2024 +0300 ipv4: udp: Unmask upper DSCP bits during early demux Unmask the upper DSCP bits when performing source validation for multicast packets during early demux. In the future, this will allow us to perform the FIB lookup which is performed as part of source validation according to the full DSCP value. No functional changes intended since the upper DSCP bits are masked when comparing against the TOS selectors in FIB rules and routes. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Acked-by: Florian Westphal Reviewed-by: David Ahern Link: https://patch.msgid.link/20240821125251.1571445-12-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 1c6f50b37f711b831d78973dad0df1da99ad0014 Author: Ido Schimmel Date: Wed Aug 21 15:52:49 2024 +0300 ipv4: icmp: Pass full DS field to ip_route_input() Align the ICMP code to other callers of ip_route_input() and pass the full DS field. In the future this will allow us to perform a route lookup according to the full DSCP value. No functional changes intended since the upper DSCP bits are masked when comparing against the TOS selectors in FIB rules and routes. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Acked-by: Florian Westphal Reviewed-by: David Ahern Link: https://patch.msgid.link/20240821125251.1571445-11-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit b1251a6f1a9b475725a097e75196ee105076cbd1 Author: Ido Schimmel Date: Wed Aug 21 15:52:48 2024 +0300 ipv4: Unmask upper DSCP bits in RTM_GETROUTE input route lookup Unmask the upper DSCP bits when looking up an input route via the RTM_GETROUTE netlink message so that in the future the lookup could be performed according to the full DSCP value. No functional changes intended since the upper DSCP bits are masked when comparing against the TOS selectors in FIB rules and routes. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Acked-by: Florian Westphal Reviewed-by: David Ahern Link: https://patch.msgid.link/20240821125251.1571445-10-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit df9131c7fafdc0d4c85686f5c7711a4dd4f3ae60 Author: Ido Schimmel Date: Wed Aug 21 15:52:47 2024 +0300 ipv4: Unmask upper DSCP bits in input route lookup Unmask the upper DSCP bits in input route lookup so that in the future the lookup could be performed according to the full DSCP value. No functional changes intended since the upper DSCP bits are masked when comparing against the TOS selectors in FIB rules and routes. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Acked-by: Florian Westphal Reviewed-by: David Ahern Link: https://patch.msgid.link/20240821125251.1571445-9-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 39d3628f7ceabd22385dcd6811ed4c353f7c859b Author: Ido Schimmel Date: Wed Aug 21 15:52:46 2024 +0300 ipv4: Unmask upper DSCP bits in fib_compute_spec_dst() As explained in commit 35ebf65e851c ("ipv4: Create and use fib_compute_spec_dst() helper."), the function is used - for example - to determine the source address for an ICMP reply. If we are responding to a multicast or broadcast packet, the source address is set to the source address that we would use if we were to send a packet to the unicast source of the original packet. This address is determined by performing a FIB lookup and using the preferred source address of the resulting route. Unmask the upper DSCP bits of the DS field of the packet that triggered the reply so that in the future the FIB lookup could be performed according to the full DSCP value. No functional changes intended since the upper DSCP bits are masked when comparing against the TOS selectors in FIB rules and routes. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Acked-by: Florian Westphal Reviewed-by: David Ahern Link: https://patch.msgid.link/20240821125251.1571445-8-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 2bc9778b6696337f1e0b38f07522319296b39d83 Author: Ido Schimmel Date: Wed Aug 21 15:52:45 2024 +0300 ipv4: ipmr: Unmask upper DSCP bits in ipmr_rt_fib_lookup() Unmask the upper DSCP bits when calling ipmr_fib_lookup() so that in the future it could perform the FIB lookup according to the full DSCP value. Note that ipmr_fib_lookup() performs a FIB rule lookup (returning the relevant routing table) and that IPv4 multicast FIB rules do not support matching on TOS / DSCP. However, it is still worth unmasking the upper DSCP bits in case support for DSCP matching is ever added. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Acked-by: Florian Westphal Reviewed-by: David Ahern Link: https://patch.msgid.link/20240821125251.1571445-7-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 338385e059c5d299556fa341d10601ae72c6e932 Author: Ido Schimmel Date: Wed Aug 21 15:52:44 2024 +0300 netfilter: nft_fib: Unmask upper DSCP bits In a similar fashion to the iptables rpfilter match, unmask the upper DSCP bits of the DS field of the currently tested packet so that in the future the FIB lookup could be performed according to the full DSCP value. No functional changes intended since the upper DSCP bits are masked when comparing against the TOS selectors in FIB rules and routes. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Acked-by: Florian Westphal Reviewed-by: David Ahern Link: https://patch.msgid.link/20240821125251.1571445-6-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit c1ae5ca69b691a7403e85047382fc4fd6a69ee9f Author: Ido Schimmel Date: Wed Aug 21 15:52:43 2024 +0300 netfilter: rpfilter: Unmask upper DSCP bits The rpfilter match performs a reverse path filter test on a packet by performing a FIB lookup with the source and destination addresses swapped. Unmask the upper DSCP bits of the DS field of the tested packet so that in the future the FIB lookup could be performed according to the full DSCP value. No functional changes intended since the upper DSCP bits are masked when comparing against the TOS selectors in FIB rules and routes. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Acked-by: Florian Westphal Reviewed-by: David Ahern Link: https://patch.msgid.link/20240821125251.1571445-5-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit be2e9089cb34dfc958d8383a755bde3681a817b2 Author: Ido Schimmel Date: Wed Aug 21 15:52:42 2024 +0300 ipv4: Unmask upper DSCP bits when constructing the Record Route option The Record Route IP option records the addresses of the routers that routed the packet. In the case of forwarded packets, the kernel performs a route lookup via fib_lookup() and fills in the preferred source address of the matched route. Unmask the upper DSCP bits when performing the lookup so that in the future the lookup could be performed according to the full DSCP value. No functional changes intended since the upper DSCP bits are masked when comparing against the TOS selectors in FIB rules and routes. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Acked-by: Florian Westphal Reviewed-by: David Ahern Link: https://patch.msgid.link/20240821125251.1571445-4-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit bc52a4eecefdd686065f8f68ba9e1c83d4ce6f14 Author: Ido Schimmel Date: Wed Aug 21 15:52:41 2024 +0300 ipv4: Unmask upper DSCP bits in NETLINK_FIB_LOOKUP family The NETLINK_FIB_LOOKUP netlink family can be used to perform a FIB lookup according to user provided parameters and communicate the result back to user space. Unmask the upper DSCP bits of the user-provided DS field before invoking the IPv4 FIB lookup API so that in the future the lookup could be performed according to the full DSCP value. No functional changes intended since the upper DSCP bits are masked when comparing against the TOS selectors in FIB rules and routes. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Acked-by: Florian Westphal Reviewed-by: David Ahern Link: https://patch.msgid.link/20240821125251.1571445-3-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit ef434fae72287a9cd0f7b85ad1701b998cce800b Author: Ido Schimmel Date: Wed Aug 21 15:52:40 2024 +0300 bpf: Unmask upper DSCP bits in bpf_fib_lookup() helper The helper performs a FIB lookup according to the parameters in the 'params' argument, one of which is 'tos'. According to the test in test_tc_neigh_fib.c, it seems that BPF programs are expected to initialize the 'tos' field to the full 8 bit DS field from the IPv4 header. Unmask the upper DSCP bits before invoking the IPv4 FIB lookup APIs so that in the future the lookup could be performed according to the full DSCP value. No functional changes intended since the upper DSCP bits are masked when comparing against the TOS selectors in FIB rules and routes. Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Acked-by: Florian Westphal Reviewed-by: David Ahern Link: https://patch.msgid.link/20240821125251.1571445-2-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 32ef4b710cbe1a8901534033872a5bc6b1618bbc Author: Kees Cook Date: Wed Jul 10 16:09:13 2024 -0700 media: venus: hfi_cmds: struct hfi_session_release_buffer_pkt: Add __counted_by annotation The only direct user of struct hfi_session_release_buffer_pkt is pkt_session_unset_buffers() which sets "num_buffers" before using it as a loop counter for accessing "buffer_info". Add the __counted_by annotation to reflect the relationship. Reviewed-by: Vikash Garodia Reviewed-by: Bryan O'Donoghue Reviewed-by: Dikshita Agarwal Reviewed-by: Gustavo A. R. Silva Link: https://lore.kernel.org/r/20240710230914.3156277-2-kees@kernel.org Signed-off-by: Kees Cook commit c93452777f537b2f6c3c601dc484821142b07dc7 Author: Kees Cook Date: Wed Jul 10 16:09:12 2024 -0700 media: venus: hfi_cmds: struct hfi_session_release_buffer_pkt: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct hfi_session_release_buffer_pkt with a modern flexible array. No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Reviewed-by: Vikash Garodia Reviewed-by: Gustavo A. R. Silva Reviewed-by: Dikshita Agarwal Reviewed-by: Bryan O'Donoghue Acked-by: Vikash Garodia Reviewed-by: Laurent Pinchart Link: https://lore.kernel.org/r/20240710230914.3156277-1-kees@kernel.org Signed-off-by: Kees Cook commit 5ac86f0ed04bce41242167ffa12ad92038788a95 Author: Kees Cook Date: Wed Jul 10 16:15:55 2024 -0700 virt: vbox: struct vmmdev_hgcm_pagelist: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct vmmdev_hgcm_pagelist with a modern flexible array. As this is UAPI, we cannot trivially change the size of the struct, so use a union to retain the old first element's size, but switch "pages" to a flexible array. No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Reviewed-by: Gustavo A. R. Silva Link: https://lore.kernel.org/r/20240710231555.work.406-kees@kernel.org Signed-off-by: Kees Cook commit 1cf60c6121587d3d068853179a5bab4db4a21a18 Merge: 5874e0c9f25661 8402a158028ffe Author: Jakub Kicinski Date: Thu Aug 22 16:56:09 2024 -0700 Merge branch 'enhance-network-interface-feature-testing' Abhinav Jain says: ==================== Enhance network interface feature testing This small series includes fixes for creation of veth pairs for networkless kernels & adds tests for turning the different network interface features on and off in selftests/net/netdevice.sh script. Tested using vng and compiles for network as well as networkless kernel. # selftests: net: netdevice.sh # No valid network device found, creating veth pair # PASS: veth0: set interface up # PASS: veth0: set MAC address # XFAIL: veth0: set IP address unsupported for veth* # PASS: veth0: ethtool list features # PASS: veth0: Turned off feature: rx-checksumming # PASS: veth0: Turned on feature: rx-checksumming # PASS: veth0: Restore feature rx-checksumming to initial state on # Actual changes: # tx-checksum-ip-generic: off ... # PASS: veth0: Turned on feature: rx-udp-gro-forwarding # PASS: veth0: Restore feature rx-udp-gro-forwarding to initial state off # Cannot get register dump: Operation not supported # XFAIL: veth0: ethtool dump not supported # PASS: veth0: ethtool stats # PASS: veth0: stop interface ==================== Link: https://patch.msgid.link/20240821171903.118324-1-jain.abhinav177@gmail.com Signed-off-by: Jakub Kicinski commit 8402a158028ffe030f3a02ec57b8c94cb94b137c Author: Abhinav Jain Date: Wed Aug 21 22:49:03 2024 +0530 selftests: net: Use XFAIL for operations not supported by the driver Check if veth pair was created and if yes, xfail on setting IP address logging an informational message. Use XFAIL instead of SKIP for unsupported ethtool APIs. Signed-off-by: Abhinav Jain Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240821171903.118324-4-jain.abhinav177@gmail.com Signed-off-by: Jakub Kicinski commit 6ce7bdbc0d4bde7578727e95e7d138e364512b33 Author: Abhinav Jain Date: Wed Aug 21 22:49:02 2024 +0530 selftests: net: Add on/off checks for non-fixed features of interface Implement on/off testing for all non-fixed features via while loop. Signed-off-by: Abhinav Jain Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240821171903.118324-3-jain.abhinav177@gmail.com Signed-off-by: Jakub Kicinski commit 1820b84f3c61fbe5d9cf82a09cb9733a23cd463c Author: Abhinav Jain Date: Wed Aug 21 22:49:01 2024 +0530 selftests: net: Create veth pair for testing in networkless kernel Check if the netdev list is empty and create veth pair to be used for feature on/off testing. Remove the veth pair after testing is complete. Signed-off-by: Abhinav Jain Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240821171903.118324-2-jain.abhinav177@gmail.com Signed-off-by: Jakub Kicinski commit 5874e0c9f25661c2faefe4809907166defae3d7f Author: Simon Horman Date: Wed Aug 21 16:58:57 2024 +0100 net: atlantic: Avoid warning about potential string truncation W=1 builds with GCC 14.2.0 warn that: .../aq_ethtool.c:278:59: warning: ‘%d’ directive output may be truncated writing between 1 and 11 bytes into a region of size 6 [-Wformat-truncation=] 278 | snprintf(tc_string, 8, "TC%d ", tc); | ^~ .../aq_ethtool.c:278:56: note: directive argument in the range [-2147483641, 254] 278 | snprintf(tc_string, 8, "TC%d ", tc); | ^~~~~~~ .../aq_ethtool.c:278:33: note: ‘snprintf’ output between 5 and 15 bytes into a destination of size 8 278 | snprintf(tc_string, 8, "TC%d ", tc); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ tc is always in the range 0 - cfg->tcs. And as cfg->tcs is a u8, the range is 0 - 255. Further, on inspecting the code, it seems that cfg->tcs will never be more than AQ_CFG_TCS_MAX (8), so the range is actually 0 - 8. So, it seems that the condition that GCC flags will not occur. But, nonetheless, it would be nice if it didn't emit the warning. It seems that this can be achieved by changing the format specifier from %d to %u, in which case I believe GCC recognises an upper bound on the range of tc of 0 - 255. After some experimentation I think this is due to the combination of the use of %u and the type of cfg->tcs (u8). Empirically, updating the type of the tc variable to unsigned int has the same effect. As both of these changes seem to make sense in relation to what the code is actually doing - iterating over unsigned values - do both. Compile tested only. Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240821-atlantic-str-v1-1-fa2cfe38ca00@kernel.org Signed-off-by: Jakub Kicinski commit bff5ca83791801b33c1e973e81d077ddc7530e33 Merge: b8195520e8b486 bfefa214d179f1 Author: Mark Brown Date: Thu Aug 22 21:58:11 2024 +0100 regulator: Minor cleanups Merge series from Chen-Yu Tsai : Here are some cleanups for some bits that I saw while reworking my I2C device tree component prober to use of_regulator_bulk_get_all(). These are not directly related to that series, so I send them separately here. commit eabc10e60dac08b9f4f05872d785532d0856e09f Author: GiSeong Ji Date: Thu Aug 22 18:18:06 2024 +0900 security: smack: Fix indentation in smack_netfilter.c Aligned parameters in the function declaration of smack_ip_output to adhere to the Linux kernel coding style guidelines. The parameters of the smack_ip_output function were previously misaligned, with the second and third parameters not aligned under the first parameter. This change corrects the indentation, improving code readability and maintaining consistency with the rest of the codebase. Signed-off-by: GiSeong Ji Signed-off-by: Casey Schaufler commit 7559a7a84ef83a2dd86caf623430b8d834843cec Author: Leon Hwang Date: Sun Jul 28 19:46:12 2024 +0800 selftests/bpf: Add testcase for updating attached freplace prog to prog_array map Add a selftest to confirm the issue, which gets -EINVAL when update attached freplace prog to prog_array map, has been fixed. cd tools/testing/selftests/bpf; ./test_progs -t tailcalls 328/25 tailcalls/tailcall_freplace:OK 328 tailcalls:OK Summary: 1/25 PASSED, 0 SKIPPED, 0 FAILED Acked-by: Yonghong Song Signed-off-by: Leon Hwang Link: https://lore.kernel.org/r/20240728114612.48486-3-leon.hwang@linux.dev Signed-off-by: Alexei Starovoitov commit 00dc514612fe98cfa117193b9df28f15e7c9db9c Author: Arnaldo Carvalho de Melo Date: Thu Aug 22 14:13:49 2024 -0300 perf python: Disable -Wno-cast-function-type-mismatch if present on clang The -Wcast-function-type-mismatch option was introduced in clang 19 and its enabled by default, since we use -Werror, and python bindings do casts that are valid but trips this warning, disable it if present. Closes: https://lore.kernel.org/all/CA+icZUXoJ6BS3GMhJHV3aZWyb5Cz2haFneX0C5pUMUUhG-UVKQ@mail.gmail.com Reported-by: Sedat Dilek Tested-by: Sedat Dilek Cc: Ian Rogers Cc: Ingo Molnar Cc: Namhyung Kim Cc: Nathan Chancellor Cc: Peter Zijlstra Cc: stable@vger.kernel.org # To allow building with the upcoming clang 19 Link: https://lore.kernel.org/lkml/CA+icZUVtHn8X1Tb_Y__c-WswsO0K8U9uy3r2MzKXwTA5THtL7w@mail.gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit ff4a0a4088adc6a37293a9cce25bb56ad2f26a16 Author: Hannes Reinecke Date: Mon Jul 22 14:02:26 2024 +0200 nvme-target: do not check authentication status for admin commands twice nvmet_check_ctrl_status() checks the authentication status, so we don't need to do that prior to calling it. Signed-off-by: Hannes Reinecke Reviewed-by: Sagi Grimberg Reviewed-by: Christoph Hellwig Signed-off-by: Keith Busch commit bb2df18958b4287104c38541cf48c4a60c90e721 Author: Hannes Reinecke Date: Mon Jul 22 14:02:25 2024 +0200 nvmet-auth: allow to clear DH-HMAC-CHAP keys As we can set DH-HMAC-CHAP keys, we should also be able to unset them. Signed-off-by: Hannes Reinecke Reviewed-by: Sagi Grimberg Signed-off-by: Keith Busch commit 02a3688c53d648e027ca9c27423bf864a189d7c7 Author: Hannes Reinecke Date: Mon Jul 22 14:02:24 2024 +0200 nvme-sysfs: add 'tls_keyring' attribute Add a 'tls_keyring' attribute to display the contents of the --keyring option from the connect string. Adding this attribute allows us to recreate the original connect string from sysfs settings. Signed-off-by: Hannes Reinecke Reviewed-by: Sagi Grimberg Signed-off-by: Keith Busch commit f5eb7397471bbc24d63011f8cb2d422ac606085d Author: Hannes Reinecke Date: Mon Jul 22 14:02:23 2024 +0200 nvme-sysfs: add 'tls_configured_key' sysfs attribute There is a difference between the negotiated TLS key (which is always present for a TLS encrypted connection) and the configured TLS key (which is specified with the --tls_key command line option). To differentate between these two add a new sysfs attribute 'tls_configured_key' to hold the specified on the command line. Signed-off-by: Hannes Reinecke Reviewed-by: Sagi Grimberg Signed-off-by: Keith Busch commit 1e48b34c9bc79aa36700fccbfdf87e61e4431d2b Author: Hannes Reinecke Date: Mon Jul 22 14:02:22 2024 +0200 nvme: split off TLS sysfs attributes into a separate group Split off TLS sysfs attributes into a separate group to improve readability and to keep all TLS related handling in one section. Signed-off-by: Hannes Reinecke Reviewed-by: Sagi Grimberg Signed-off-by: Keith Busch commit c5f2ca52d00de5d0348a758a28b51ddf5e685a89 Author: Hannes Reinecke Date: Mon Jul 22 14:02:21 2024 +0200 nvme: add a newline to the 'tls_key' sysfs attribute Print a newline for easier userspace handling. Signed-off-by: Hannes Reinecke Reviewed-by: Sagi Grimberg Reviewed-by: Christoph Hellwig Signed-off-by: Keith Busch commit 5bc46b49c828a6dfaab80b71ecb63fe76a1096d2 Author: Hannes Reinecke Date: Mon Jul 22 14:02:20 2024 +0200 nvme-tcp: check for invalidated or revoked key key_lookup() will always return a key, even if that key is revoked or invalidated. So check for invalid keys before continuing. Signed-off-by: Hannes Reinecke Reviewed-by: Sagi Grimberg Reviewed-by: Christoph Hellwig Signed-off-by: Keith Busch commit 363895767fbfa05891b0b4d9e06ebde7a10c6a07 Author: Hannes Reinecke Date: Mon Jul 22 14:02:19 2024 +0200 nvme-tcp: sanitize TLS key handling There is a difference between TLS configured (ie the user has provisioned/requested a key) and TLS enabled (ie the connection is encrypted with TLS). This becomes important for secure concatenation, where the initial authentication is run on an unencrypted connection (ie with TLS configured, but not enabled), and then the queue is reset to run over TLS (ie TLS configured _and_ enabled). So to differentiate between those two states store the generated key in opts->tls_key (as we're using the same TLS key for all queues), the key serial of the resulting TLS handshake in ctrl->tls_pskid (to signal that TLS on the admin queue is enabled), and a simple flag for the queues to indicated that TLS has been enabled. Signed-off-by: Hannes Reinecke Reviewed-by: Christoph Hellwig Signed-off-by: Keith Busch commit 79559c75332458985ab8a21f11b08bf7c9b833b0 Author: Hannes Reinecke Date: Mon Jul 22 14:02:18 2024 +0200 nvme-keyring: restrict match length for version '1' identifiers TP8018 introduced a new TLS PSK identifier version (version 1), which appended a PSK hash value to the existing identifier (cf NVMe TCP specification v1.1, section 3.6.1.3 'TLS PSK and PSK Identity Derivation'). An original (version 0) identifier has the form: NVMe0 and a version 1 identifier has the form: NVMe1 This patch modifies the lookup algorthm to compare only the first part of the identifier (excluding the hash value) to handle both version 0 and version 1 identifiers. And the spec declares 'version 0' identifiers obsolete, so the lookup algorithm is modified to prever v1 identifiers. Signed-off-by: Hannes Reinecke Reviewed-by: Sagi Grimberg Reviewed-by: Christoph Hellwig Signed-off-by: Keith Busch commit ca39fab8b7bc6c5a38c48c7bdf2b3c47792af9dd Merge: 90dc34da02aca2 61e1f74f739546 Author: Mark Brown Date: Thu Aug 22 20:19:38 2024 +0100 ASoC: grace time for DPCM cleanup Merge series from Kuninori Morimoto : As we discussed in [1], we don't need to use dpcm_playback/capture flag, so we remove it. But we have been using it for 10 years, some driver might get damage. The most likely case is that the device/driver can use both playback/capture, but have only one flag, and not using xxx_only flag. [1/3] patch indicates warning in such case. These adds grace time for DPCM cleanup. I'm not sure when dpcm_xxx will be removed, and Codec check bypass will be error, but maybe v6.12 or v6.13 ? Please check each driver by that time. Previous patch-set try to check both CPU and Codec in DPCM, but we noticed that there are some special DAI which we can't handle today [2]. So I will escape it in this patch-set. [1] https://lore.kernel.org/r/87edaym2cg.wl-kuninori.morimoto.gx@renesas.com [2] https://lore.kernel.org/all/3e67d62d-fe08-4f55-ab5b-ece8a57154f9@linux.intel.com/ Link: https://lore.kernel.org/r/87edaym2cg.wl-kuninori.morimoto.gx@renesas.com Link: https://lore.kernel.org/r/87wmo6dyxg.wl-kuninori.morimoto.gx@renesas.com Link: https://lore.kernel.org/r/87msole5wc.wl-kuninori.morimoto.gx@renesas.com Link: https://lore.kernel.org/r/871q5tnuok.wl-kuninori.morimoto.gx@renesas.com Link: https://lore.kernel.org/r/87bk4oqerx.wl-kuninori.morimoto.gx@renesas.com Link: https://lore.kernel.org/r/8734pctmte.wl-kuninori.morimoto.gx@renesas.com Link: https://lore.kernel.org/r/87r0ctwzr4.wl-kuninori.morimoto.gx@renesas.com Link: https://lore.kernel.org/r/87cymvlmki.wl-kuninori.morimoto.gx@renesas.com commit d8414067cc17bd2070e6667763124754e2932251 Author: Vitaly Kuznetsov Date: Fri Aug 16 15:01:39 2024 +0200 KVM: selftests: Re-enable hyperv_evmcs/hyperv_svm_test on bare metal KVM_CAP_HYPERV_DIRECT_TLBFLUSH is only reported when KVM runs on top of Hyper-V and hyperv_evmcs/hyperv_svm_test don't need that, these tests check that the feature is properly emulated for Hyper-V on KVM guests. There's no corresponding CAP for that, the feature is reported in KVM_GET_SUPPORTED_HV_CPUID. Hyper-V specific CPUIDs are not reported by KVM_GET_SUPPORTED_CPUID, implement dedicated kvm_hv_cpu_has() helper to do the job. Fixes: 6dac1195181c ("KVM: selftests: Make Hyper-V tests explicitly require KVM Hyper-V support") Signed-off-by: Vitaly Kuznetsov Link: https://lore.kernel.org/r/20240816130139.286246-3-vkuznets@redhat.com Signed-off-by: Sean Christopherson commit 24a7e944966cc8a285e6581dcc98edebeee76c97 Author: Vitaly Kuznetsov Date: Fri Aug 16 15:01:38 2024 +0200 KVM: selftests: Move Hyper-V specific functions out of processor.c Since there is 'hyperv.c' for Hyper-V specific functions already, move Hyper-V specific functions out of processor.c there. No functional change intended. Signed-off-by: Vitaly Kuznetsov Link: https://lore.kernel.org/r/20240816130139.286246-2-vkuznets@redhat.com Signed-off-by: Sean Christopherson commit 44dd0f5732b466a6e4d2a9b3aad1678f43f061af Author: Sean Christopherson Date: Fri Aug 2 11:19:35 2024 -0700 KVM: x86: Suppress userspace access failures on unsupported, "emulated" MSRs Extend KVM's suppression of userspace MSR access failures to MSRs that KVM reports as emulated, but are ultimately unsupported, e.g. if the VMX MSRs are emulated by KVM, but are unsupported given the vCPU model. Suggested-by: Weijiang Yang Reviewed-by: Weijiang Yang Link: https://lore.kernel.org/r/20240802181935.292540-11-seanjc@google.com Signed-off-by: Sean Christopherson commit 64a5d7a1091ff6ee70d2155b9dccfe8107d35ffa Author: Sean Christopherson Date: Fri Aug 2 11:19:34 2024 -0700 KVM: x86: Suppress failures on userspace access to advertised, unsupported MSRs Extend KVM's suppression of failures due to a userspace access to an unsupported, but advertised as a "to save" MSR to all MSRs, not just those that happen to reach the default case statements in kvm_get_msr_common() and kvm_set_msr_common(). KVM's soon-to-be-established ABI is that if an MSR is advertised to userspace, then userspace is allowed to read the MSR, and write back the value that was read, i.e. why an MSR is unsupported doesn't change KVM's ABI. Practically speaking, this is very nearly a nop, as the only other paths that return KVM_MSR_RET_UNSUPPORTED are {svm,vmx}_get_feature_msr(), and it's unlikely, though not impossible, that userspace is using KVM_GET_MSRS on unsupported MSRs. The primary goal of moving the suppression to common code is to allow returning KVM_MSR_RET_UNSUPPORTED as appropriate throughout KVM, without having to manually handle the "is userspace accessing an advertised" waiver. I.e. this will allow formalizing KVM's ABI without incurring a high maintenance cost. Link: https://lore.kernel.org/r/20240802181935.292540-10-seanjc@google.com Signed-off-by: Sean Christopherson commit 3adef9034596a8ba6415e6e460209cd9fc524e81 Author: Sean Christopherson Date: Fri Aug 2 11:19:33 2024 -0700 KVM: x86: Hoist x86.c's global msr_* variables up above kvm_do_msr_access() Move the definitions of the various MSR arrays above kvm_do_msr_access() so that kvm_do_msr_access() can query the arrays when handling failures, e.g. to squash errors if userspace tries to read an MSR that isn't fully supported, but that KVM advertised as being an MSR-to-save. No functional change intended. Link: https://lore.kernel.org/r/20240802181935.292540-9-seanjc@google.com Signed-off-by: Sean Christopherson commit 1cec2034980ad03ebf8ce0f187a8f3101c33e611 Author: Sean Christopherson Date: Fri Aug 2 11:19:32 2024 -0700 KVM: x86: Funnel all fancy MSR return value handling into a common helper Add a common helper, kvm_do_msr_access(), to invoke the "leaf" APIs that are type and access specific, and more importantly to handle errors that are returned from the leaf APIs. I.e. turn kvm_msr_ignored_check() from a a helper that is called on an error, into a trampoline that detects errors *and* applies relevant side effects, e.g. logging unimplemented accesses. Because the leaf APIs are used for guest accesses, userspace accesses, and KVM accesses, and because KVM supports restricting access to MSRs from userspace via filters, the error handling is subtly non-trivial. E.g. KVM has had at least one bug escape due to making each "outer" function handle errors. See commit 3376ca3f1a20 ("KVM: x86: Fix KVM_GET_MSRS stack info leak"). Link: https://lore.kernel.org/r/20240802181935.292540-8-seanjc@google.com Signed-off-by: Sean Christopherson commit 7075f163615072a74bae7c5344210adec5f9ea2a Author: Sean Christopherson Date: Fri Aug 2 11:19:31 2024 -0700 KVM: x86: Refactor kvm_get_feature_msr() to avoid struct kvm_msr_entry Refactor kvm_get_feature_msr() to take the components of kvm_msr_entry as separate parameters, along with a vCPU pointer, i.e. to give it the same prototype as kvm_{g,s}et_msr_ignored_check(). This will allow using a common inner helper for handling accesses to "regular" and feature MSRs. No functional change intended. Link: https://lore.kernel.org/r/20240802181935.292540-7-seanjc@google.com Signed-off-by: Sean Christopherson commit b848f24bd74a699745c1145e8cb707884d80694e Author: Sean Christopherson Date: Fri Aug 2 11:19:30 2024 -0700 KVM: x86: Rename get_msr_feature() APIs to get_feature_msr() Rename all APIs related to feature MSRs from get_msr_feature() to get_feature_msr(). The APIs get "feature MSRs", not "MSR features". And unlike kvm_{g,s}et_msr_common(), the "feature" adjective doesn't describe the helper itself. No functional change intended. Link: https://lore.kernel.org/r/20240802181935.292540-6-seanjc@google.com Signed-off-by: Sean Christopherson commit 74c6c98a598a1fa650f9f8dfb095d66e987ed9cf Author: Sean Christopherson Date: Fri Aug 2 11:19:29 2024 -0700 KVM: x86: Refactor kvm_x86_ops.get_msr_feature() to avoid kvm_msr_entry Refactor get_msr_feature() to take the index and data pointer as distinct parameters in anticipation of eliminating "struct kvm_msr_entry" usage further up the primary callchain. No functional change intended. Link: https://lore.kernel.org/r/20240802181935.292540-5-seanjc@google.com Signed-off-by: Sean Christopherson commit aaecae7b6a2b19a874a7df0d474f44f3a5b5a74e Author: Sean Christopherson Date: Fri Aug 2 11:19:28 2024 -0700 KVM: x86: Rename KVM_MSR_RET_INVALID to KVM_MSR_RET_UNSUPPORTED Rename the "INVALID" internal MSR error return code to "UNSUPPORTED" to try and make it more clear that access was denied because the MSR itself is unsupported/unknown. "INVALID" is too ambiguous, as it could just as easily mean the value for WRMSR as invalid. Avoid UNKNOWN and UNIMPLEMENTED, as the error code is used for MSRs that _are_ actually implemented by KVM, e.g. if the MSR is unsupported because an associated feature flag is not present in guest CPUID. Opportunistically beef up the comments for the internal MSR error codes. Link: https://lore.kernel.org/r/20240802181935.292540-4-seanjc@google.com Signed-off-by: Sean Christopherson commit b58b808cbe93e8abe936b285ae534c9927789242 Author: Sean Christopherson Date: Fri Aug 2 11:19:27 2024 -0700 KVM: x86: Move MSR_TYPE_{R,W,RW} values from VMX to x86, as enums Move VMX's MSR_TYPE_{R,W,RW} #defines to x86.h, as enums, so that they can be used by common x86 code, e.g. instead of doing "bool write". Opportunistically tweak the definitions to make it more obvious that the values are bitmasks, not arbitrary ascending values. No functional change intended. Link: https://lore.kernel.org/r/20240802181935.292540-3-seanjc@google.com Signed-off-by: Sean Christopherson commit 74a0e79df68a8042fb84fd7207e57b70722cf825 Author: Sean Christopherson Date: Fri Aug 2 11:19:26 2024 -0700 KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value Inject a #GP if the guest attempts to change MSR_AMD64_DE_CFG from its *current* value, not if the guest attempts to write a value other than KVM's set of supported bits. As per the comment and the changelog of the original code, the intent is to effectively make MSR_AMD64_DE_CFG read- only for the guest. Opportunistically use a more conventional equality check instead of an exclusive-OR check to detect attempts to change bits. Fixes: d1d93fa90f1a ("KVM: SVM: Add MSR-based feature support for serializing LFENCE") Cc: Tom Lendacky Reviewed-by: Tom Lendacky Link: https://lore.kernel.org/r/20240802181935.292540-2-seanjc@google.com Signed-off-by: Sean Christopherson commit 6baacf9391c03f91a7644b3f94634b7d4b2c5e34 Author: Dhruva Gole Date: Wed Aug 21 17:12:50 2024 +0530 cpuidle: remove dead code from cpuidle_enter_state() Checking for index < 0 is useless because the find_deepest_state() function never really returns a negative value. Since this hasn't been reported in over 9 years it's dead code, so remove it. Signed-off-by: Dhruva Gole Link: https://patch.msgid.link/20240821114250.1416421-1-d-gole@ti.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit 0da59840f10141988e949d8519ed9182991caf17 Author: Konrad Dybcio Date: Tue Aug 13 21:12:00 2024 +0200 PCI/pwrctl: Add WCN6855 support Add support for ATH11K inside the WCN6855 package to the power sequencing PCI power control driver. Link: https://lore.kernel.org/r/20240813191201.155123-1-brgl@bgdev.pl [Bartosz: split Konrad's bigger patch, write the commit message] Co-developed-by: Bartosz Golaszewski Signed-off-by: Konrad Dybcio Signed-off-by: Bartosz Golaszewski Signed-off-by: Bjorn Helgaas Reviewed-by: Konrad Dybcio commit acf2923271ef3611ceab7004fc8798d3ba31b739 Author: Sean Christopherson Date: Fri Aug 2 13:20:06 2024 -0700 KVM: x86/mmu: Clean up function comments for dirty logging APIs Rework the function comment for kvm_arch_mmu_enable_log_dirty_pt_masked() into the body of the function, as it has gotten a bit stale, is harder to read without the code context, and is the last source of warnings for W=1 builds in KVM x86 due to using a kernel-doc comment without documenting all parameters. Opportunistically subsume the functions comments for kvm_mmu_write_protect_pt_masked() and kvm_mmu_clear_dirty_pt_masked(), as there is no value in regurgitating similar information at a higher level, and capturing the differences between write-protection and PML-based dirty logging is best done in a common location. No functional change intended. Cc: David Matlack Reviewed-by: Kai Huang Reviewed-by: Pankaj Gupta Link: https://lore.kernel.org/r/20240802202006.340854-1-seanjc@google.com Signed-off-by: Sean Christopherson commit 308a40fb8fd9cfb1aa7d44f79980dfaef1a6c72f Author: Sean Anderson Date: Fri May 31 12:13:36 2024 -0400 PCI: xilinx-nwl: Add PHY support Add support for enabling/disabling PCIe PHYs. We can't really do anything about failures in the disable/remove path, so just print an error. Link: https://lore.kernel.org/r/20240531161337.864994-7-sean.anderson@linux.dev Signed-off-by: Sean Anderson Signed-off-by: Bjorn Helgaas commit 3e47bcc9b77df6c00bfa1e464a8f68b632f811f5 Author: Sean Anderson Date: Fri May 31 12:13:31 2024 -0400 dt-bindings: pci: xilinx-nwl: Add phys property Add phys properties so Linux can power-on/configure the GTR transceivers (xlnx,zynqmp-psgtr-v1.1). Link: https://lore.kernel.org/r/20240531161337.864994-2-sean.anderson@linux.dev Signed-off-by: Sean Anderson Signed-off-by: Bjorn Helgaas Reviewed-by: Rob Herring (Arm) commit cfd67903977b13f63340a4eb5a1cc890994f2c62 Author: Sean Anderson Date: Fri May 31 12:13:35 2024 -0400 PCI: xilinx-nwl: Clean up clock on probe failure/removal Make sure we turn off the clock on probe failure and device removal. Fixes: de0a01f52966 ("PCI: xilinx-nwl: Enable the clock through CCF") Link: https://lore.kernel.org/r/20240531161337.864994-6-sean.anderson@linux.dev Signed-off-by: Sean Anderson Signed-off-by: Bjorn Helgaas commit 78457cae24cb543650bec048927bfb4c164d060f Author: Sean Anderson Date: Fri May 31 12:13:34 2024 -0400 PCI: xilinx-nwl: Rate-limit misc interrupt messages The conditions logged by the misc interrupt can occur repeatedly and continuously. Avoid rendering the console unusable by rate-limiting these messages. Link: https://lore.kernel.org/r/20240531161337.864994-5-sean.anderson@linux.dev Signed-off-by: Sean Anderson Signed-off-by: Bjorn Helgaas commit a437027ae1730b8dc379c75fa0dd7d3036917400 Author: Sean Anderson Date: Fri May 31 12:13:33 2024 -0400 PCI: xilinx-nwl: Fix register misspelling MSIC -> MISC Fixes: c2a7ff18edcd ("PCI: xilinx-nwl: Expand error logging") Link: https://lore.kernel.org/r/20240531161337.864994-4-sean.anderson@linux.dev Signed-off-by: Sean Anderson Signed-off-by: Bjorn Helgaas commit 0199d2f2bd8cd97b310f7ed82a067247d7456029 Author: Sean Anderson Date: Fri May 31 12:13:32 2024 -0400 PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler MSGF_LEG_MASK is laid out with INTA in bit 0, INTB in bit 1, INTC in bit 2, and INTD in bit 3. Hardware IRQ numbers start at 0, and we register PCI_NUM_INTX IRQs. So to enable INTA (aka hwirq 0) we should set bit 0. Remove the subtraction of one. This bug would cause INTx interrupts not to be delivered, as enabling INTB would actually enable INTA, and enabling INTA wouldn't enable anything at all. It is likely that this got overlooked for so long since most PCIe hardware uses MSIs. This fixes the following UBSAN error: UBSAN: shift-out-of-bounds in ../drivers/pci/controller/pcie-xilinx-nwl.c:389:11 shift exponent 18446744073709551615 is too large for 32-bit type 'int' CPU: 1 PID: 61 Comm: kworker/u10:1 Not tainted 6.6.20+ #268 Hardware name: xlnx,zynqmp (DT) Workqueue: events_unbound deferred_probe_work_func Call trace: dump_backtrace (arch/arm64/kernel/stacktrace.c:235) show_stack (arch/arm64/kernel/stacktrace.c:242) dump_stack_lvl (lib/dump_stack.c:107) dump_stack (lib/dump_stack.c:114) __ubsan_handle_shift_out_of_bounds (lib/ubsan.c:218 lib/ubsan.c:387) nwl_unmask_leg_irq (drivers/pci/controller/pcie-xilinx-nwl.c:389 (discriminator 1)) irq_enable (kernel/irq/internals.h:234 kernel/irq/chip.c:170 kernel/irq/chip.c:439 kernel/irq/chip.c:432 kernel/irq/chip.c:345) __irq_startup (kernel/irq/internals.h:239 kernel/irq/chip.c:180 kernel/irq/chip.c:250) irq_startup (kernel/irq/chip.c:270) __setup_irq (kernel/irq/manage.c:1800) request_threaded_irq (kernel/irq/manage.c:2206) pcie_pme_probe (include/linux/interrupt.h:168 drivers/pci/pcie/pme.c:348) Fixes: 9a181e1093af ("PCI: xilinx-nwl: Modify IRQ chip for legacy interrupts") Link: https://lore.kernel.org/r/20240531161337.864994-3-sean.anderson@linux.dev Signed-off-by: Sean Anderson Signed-off-by: Bjorn Helgaas Cc: stable@vger.kernel.org commit e0183a42e3bcd4c30eb95bb046c016023fdc01ce Author: Li Chen Date: Mon Aug 19 13:59:27 2024 +0800 KVM: x86: Use this_cpu_ptr() in kvm_user_return_msr_cpu_online Use this_cpu_ptr() instead of open coding the equivalent in kvm_user_return_msr_cpu_online. Signed-off-by: Li Chen Link: https://lore.kernel.org/r/87zfp96ojk.wl-me@linux.beauty Signed-off-by: Sean Christopherson commit 6c65914a40d33e96ceedc757be0129139cdf7852 Author: Dmitry Torokhov Date: Fri Aug 16 11:54:23 2024 -0700 Input: keypad-nomadik-ske - remove the driver The users of this driver were removed in 2013 in commit 28633c54bda6 ("ARM: ux500: Rip out keypad initialisation which is no longer used"). Remove the driver as well. Acked-by: Arnd Bergmann Link: https://lore.kernel.org/r/Zr-gX0dfN4te_8VG@google.com Signed-off-by: Dmitry Torokhov commit 2ab637df5f68d4e0cfa9becd10f43400aee785b3 Author: Vitaly Kuznetsov Date: Fri Aug 16 15:01:24 2024 +0200 KVM: VMX: hyper-v: Prevent impossible NULL pointer dereference in evmcs_load() GCC 12.3.0 complains about a potential NULL pointer dereference in evmcs_load() as hv_get_vp_assist_page() can return NULL. In fact, this cannot happen because KVM verifies (hv_init_evmcs()) that every CPU has a valid VP assist page and aborts enabling the feature otherwise. CPU onlining path is also checked in vmx_hardware_enable(). To make the compiler happy and to future proof the code, add a KVM_BUG_ON() sentinel. It doesn't seem to be possible (and logical) to observe evmcs_load() happening without an active vCPU so it is presumed that kvm_get_running_vcpu() can't return NULL. No functional change intended. Reported-by: Mirsad Todorovac Suggested-by: Sean Christopherson Signed-off-by: Vitaly Kuznetsov Link: https://lore.kernel.org/r/20240816130124.286226-1-vkuznets@redhat.com Signed-off-by: Sean Christopherson commit 41ab0d59faa9532bbd37c91b03a8e9fb0215d67c Author: Maxim Levitsky Date: Thu Jul 25 13:52:31 2024 -0400 KVM: nVMX: Use vmx_segment_cache_clear() instead of open coded equivalent In prepare_vmcs02_rare(), call vmx_segment_cache_clear() instead of setting segment_cache.bitmask directly. Using the helper minimizes the chances of prepare_vmcs02_rare() doing the wrong thing in the future, e.g. if KVM ends up doing more than just zero the bitmask when purging the cache. No functional change intended. Signed-off-by: Maxim Levitsky Link: https://lore.kernel.org/r/20240725175232.337266-2-mlevitsk@redhat.com [sean: massage changelog] Signed-off-by: Sean Christopherson commit 653ea4489e6989f14a87abf8653f77c089097326 Author: Sean Christopherson Date: Mon Jul 22 16:59:22 2024 -0700 KVM: nVMX: Honor userspace MSR filter lists for nested VM-Enter/VM-Exit Synthesize a consistency check VM-Exit (VM-Enter) or VM-Abort (VM-Exit) if L1 attempts to load/store an MSR via the VMCS MSR lists that userspace has disallowed access to via an MSR filter. Intel already disallows including a handful of "special" MSRs in the VMCS lists, so denying access isn't completely without precedent. More importantly, the behavior is well-defined _and_ can be communicated the end user, e.g. to the customer that owns a VM running as L1 on top of KVM. On the other hand, ignoring userspace MSR filters is all but guaranteed to result in unexpected behavior as the access will hit KVM's internal state, which is likely not up-to-date. Unlike KVM-internal accesses, instruction emulation, and dedicated VMCS fields, the MSRs in the VMCS load/store lists are 100% guest controlled, thus making it all but impossible to reason about the correctness of ignoring the MSR filter. And if userspace *really* wants to deny access to MSRs via the aforementioned scenarios, userspace can hide the associated feature from the guest, e.g. by disabling the PMU to prevent accessing PERF_GLOBAL_CTRL via its VMCS field. But for the MSR lists, KVM is blindly processing MSRs; the MSR filters are the _only_ way for userspace to deny access. This partially reverts commit ac8d6cad3c7b ("KVM: x86: Only do MSR filtering when access MSR by rdmsr/wrmsr"). Cc: Hou Wenlong Cc: Jim Mattson Link: https://lore.kernel.org/r/20240722235922.3351122-1-seanjc@google.com Signed-off-by: Sean Christopherson commit d9aa56edad3536f8b24c4695d51725e8d33b3c46 Author: Kai Huang Date: Mon Jul 15 22:12:24 2024 +1200 KVM: VMX: Do not account for temporary memory allocation in ECREATE emulation In handle_encls_ecreate(), a page is allocated to store a copy of SECS structure used by the ENCLS[ECREATE] leaf from the guest. This page is only used temporarily and is freed after use in handle_encls_ecreate(). Don't account for the memory allocation of this page per [1]. Link: https://lore.kernel.org/kvm/b999afeb588eb75d990891855bc6d58861968f23.camel@intel.com/T/#mb81987afc3ab308bbb5861681aa9a20f2aece7fd [1] Signed-off-by: Kai Huang Link: https://lore.kernel.org/r/20240715101224.90958-1-kai.huang@intel.com Signed-off-by: Sean Christopherson commit caf22c6dd31294d136e527d0548f8697c7e72f37 Author: Qiang Liu Date: Tue Jul 2 06:46:09 2024 +0000 KVM: VMX: Modify the BUILD_BUG_ON_MSG of the 32-bit field in the vmcs_check16 function According to the SDM, the meaning of field bit 0 is: Access type (0 = full; 1 = high); must be full for 16-bit, 32-bit, and natural-width fields. So there is no 32-bit high field here, it should be a 32-bit field instead. Signed-off-by: Qiang Liu Link: https://lore.kernel.org/r/20240702064609.52487-1-liuq131@chinatelecom.cn Signed-off-by: Sean Christopherson commit c501062bb22ba325b7b77c91433d79574b4a3dcc Author: Yongqiang Liu Date: Wed Aug 21 19:27:37 2024 +0800 KVM: SVM: Remove unnecessary GFP_KERNEL_ACCOUNT in svm_set_nested_state() The fixed size temporary variables vmcb_control_area and vmcb_save_area allocated in svm_set_nested_state() are released when the function exits. Meanwhile, svm_set_nested_state() also have vcpu mutex held to avoid massive concurrency allocation, so we don't need to set GFP_KERNEL_ACCOUNT. Signed-off-by: Yongqiang Liu Link: https://lore.kernel.org/r/20240821112737.3649937-1-liuyongqiang13@huawei.com Signed-off-by: Sean Christopherson commit 566975f6ecd85247bd8989884d7b909d5a456da1 Author: Xin Li Date: Wed Jun 5 16:19:18 2024 -0700 KVM: nVMX: Use macros and #defines in vmx_restore_vmx_misc() Use macros in vmx_restore_vmx_misc() instead of open coding everything using BIT_ULL() and GENMASK_ULL(). Opportunistically split feature bits and reserved bits into separate variables, and add a comment explaining the subset logic (it's not immediately obvious that the set of feature bits is NOT the set of _supported_ feature bits). Cc: Shan Kang Cc: Kai Huang Signed-off-by: Xin Li [sean: split to separate patch, write changelog, drop #defines] Reviewed-by: Xiaoyao Li Reviewed-by: Kai Huang Reviewed-by: Zhao Liu Link: https://lore.kernel.org/r/20240605231918.2915961-11-seanjc@google.com Signed-off-by: Sean Christopherson commit 8f56b14e9fa0f91daf4d3be05988abf336255dc6 Author: Xin Li Date: Wed Jun 5 16:19:17 2024 -0700 KVM: VMX: Open code VMX preemption timer rate mask in its accessor Use vmx_misc_preemption_timer_rate() to get the rate in hardware_setup(), and open code the rate's bitmask in vmx_misc_preemption_timer_rate() so that the function looks like all the helpers that grab values from VMX_BASIC and VMX_MISC MSR values. No functional change intended. Cc: Shan Kang Cc: Kai Huang Signed-off-by: Xin Li [sean: split to separate patch, write changelog] Reviewed-by: Kai Huang Reviewed-by: Xiaoyao Li Link: https://lore.kernel.org/r/20240605231918.2915961-10-seanjc@google.com Signed-off-by: Sean Christopherson commit dc1e67f70f6d4e336da06cb61bf6669d6fa39869 Author: Sean Christopherson Date: Wed Jun 5 16:19:16 2024 -0700 KVM VMX: Move MSR_IA32_VMX_MISC bit defines to asm/vmx.h Move the handful of MSR_IA32_VMX_MISC bit defines that are currently in msr-indx.h to vmx.h so that all of the VMX_MISC defines and wrappers can be found in a single location. Opportunistically use BIT_ULL() instead of open coding hex values, add defines for feature bits that are architecturally defined, and move the defines down in the file so that they are colocated with the helpers for getting fields from VMX_MISC. No functional change intended. Cc: Shan Kang Cc: Kai Huang Signed-off-by: Xin Li [sean: split to separate patch, write changelog] Reviewed-by: Zhao Liu Reviewed-by: Kai Huang Reviewed-by: Xiaoyao Li Link: https://lore.kernel.org/r/20240605231918.2915961-9-seanjc@google.com Signed-off-by: Sean Christopherson commit 92e648042c237c3bba223ab7f7e1a76f41ab3ef7 Author: Sean Christopherson Date: Wed Jun 5 16:19:15 2024 -0700 KVM: nVMX: Add a helper to encode VMCS info in MSR_IA32_VMX_BASIC Add a helper to encode the VMCS revision, size, and supported memory types in MSR_IA32_VMX_BASIC, i.e. when synthesizing KVM's supported BASIC MSR value, and delete the now unused VMCS size and memtype shift macros. For a variety of reasons, KVM has shifted (pun intended) to using helpers to *get* information from the VMX MSRs, as opposed to defined MASK and SHIFT macros for direct use. Provide a similar helper for the nested VMX code, which needs to *set* information, so that KVM isn't left with a mix of SHIFT macros and dedicated helpers. Reported-by: Xiaoyao Li Reviewed-by: Xiaoyao Li Reviewed-by: Kai Huang Link: https://lore.kernel.org/r/20240605231918.2915961-8-seanjc@google.com Signed-off-by: Sean Christopherson commit c97b106fa8aa500823695abfda7c9bdefb42a648 Author: Xin Li Date: Wed Jun 5 16:19:14 2024 -0700 KVM: nVMX: Use macros and #defines in vmx_restore_vmx_basic() Use macros in vmx_restore_vmx_basic() instead of open coding everything using BIT_ULL() and GENMASK_ULL(). Opportunistically split feature bits and reserved bits into separate variables, and add a comment explaining the subset logic (it's not immediately obvious that the set of feature bits is NOT the set of _supported_ feature bits). Cc: Shan Kang Cc: Kai Huang Signed-off-by: Xin Li [sean: split to separate patch, write changelog, drop #defines] Reviewed-by: Zhao Liu Reviewed-by: Xiaoyao Li Reviewed-by: Kai Huang Link: https://lore.kernel.org/r/20240605231918.2915961-7-seanjc@google.com Signed-off-by: Sean Christopherson commit 9df398ff7d2ab4fa2ecf6131044431dc94c5bdf6 Author: Xin Li Date: Wed Jun 5 16:19:13 2024 -0700 KVM: VMX: Track CPU's MSR_IA32_VMX_BASIC as a single 64-bit value Track the "basic" capabilities VMX MSR as a single u64 in vmcs_config instead of splitting it across three fields, that obviously don't combine into a single 64-bit value, so that KVM can use the macros that define MSR bits using their absolute position. Replace all open coded shifts and masks, many of which are relative to the "high" half, with the appropriate macro. Opportunistically use VMX_BASIC_32BIT_PHYS_ADDR_ONLY instead of an open coded equivalent, and clean up the related comment to not reference a specific SDM section (to the surprise of no one, the comment is stale). No functional change intended (though obviously the code generation will be quite different). Cc: Shan Kang Cc: Kai Huang Signed-off-by: Xin Li [sean: split to separate patch, write changelog] Reviewed-by: Xiaoyao Li Reviewed-by: Kai Huang Reviewed-by: Zhao Liu Link: https://lore.kernel.org/r/20240605231918.2915961-6-seanjc@google.com Signed-off-by: Sean Christopherson commit d7bfc9ffd58037ff86f9fd0c3cef77cccb555da3 Author: Xin Li Date: Wed Jun 5 16:19:12 2024 -0700 KVM: VMX: Move MSR_IA32_VMX_BASIC bit defines to asm/vmx.h Move the bit defines for MSR_IA32_VMX_BASIC from msr-index.h to vmx.h so that they are colocated with other VMX MSR bit defines, and with the helpers that extract specific information from an MSR_IA32_VMX_BASIC value. Opportunistically use BIT_ULL() instead of open coding hex values. Opportunistically rename VMX_BASIC_64 to VMX_BASIC_32BIT_PHYS_ADDR_ONLY, as "VMX_BASIC_64" is widly misleading. The flag enumerates that addresses are limited to 32 bits, not that 64-bit addresses are allowed. Last but not least, opportunistically #define DUAL_MONITOR_TREATMENT so that all known single-bit feature flags are defined (this will allow replacing open-coded literals in the future). Cc: Shan Kang Cc: Kai Huang Signed-off-by: Xin Li [sean: split to separate patch, write changelog] Reviewed-by: Zhao Liu Reviewed-by: Kai Huang Reviewed-by: Xiaoyao Li Link: https://lore.kernel.org/r/20240605231918.2915961-5-seanjc@google.com Signed-off-by: Sean Christopherson commit b6717d35d8597d19f44736f11963e3bd5b8881b4 Author: Sean Christopherson Date: Wed Jun 5 16:19:11 2024 -0700 KVM: x86: Stuff vCPU's PAT with default value at RESET, not creation Move the stuffing of the vCPU's PAT to the architectural "default" value from kvm_arch_vcpu_create() to kvm_vcpu_reset(), guarded by !init_event, to better capture that the default value is the value "Following Power-up or Reset". E.g. setting PAT only during creation would break if KVM were to expose a RESET ioctl() to userspace (which is unlikely, but that's not a good reason to have unintuitive code). No functional change. Reviewed-by: Xiaoyao Li Reviewed-by: Kai Huang Reviewed-by: Jim Mattson Reviewed-by: Zhao Liu Link: https://lore.kernel.org/r/20240605231918.2915961-4-seanjc@google.com Signed-off-by: Sean Christopherson commit beb2e446046f8dd96bbeed3267b5f26bf1926ef9 Author: Sean Christopherson Date: Wed Jun 5 16:19:10 2024 -0700 x86/cpu: KVM: Move macro to encode PAT value to common header Move pat/memtype.c's PAT() macro to msr-index.h as PAT_VALUE(), and use it in KVM to define the default (Power-On / RESET) PAT value instead of open coding an inscrutable magic number. No functional change intended. Reviewed-by: Xiaoyao Li Reviewed-by: Kai Huang Reviewed-by: Thomas Gleixner Link: https://lore.kernel.org/r/20240605231918.2915961-3-seanjc@google.com Signed-off-by: Sean Christopherson commit e7e80b66fb242a63cdfc3d3534cff62a5e293185 Author: Sean Christopherson Date: Wed Jun 5 16:19:09 2024 -0700 x86/cpu: KVM: Add common defines for architectural memory types (PAT, MTRRs, etc.) Add defines for the architectural memory types that can be shoved into various MSRs and registers, e.g. MTRRs, PAT, VMX capabilities MSRs, EPTPs, etc. While most MSRs/registers support only a subset of all memory types, the values themselves are architectural and identical across all users. Leave the goofy MTRR_TYPE_* definitions as-is since they are in a uapi header, but add compile-time assertions to connect the dots (and sanity check that the msr-index.h values didn't get fat-fingered). Keep the VMX_EPTP_MT_* defines so that it's slightly more obvious that the EPTP holds a single memory type in 3 of its 64 bits; those bits just happen to be 2:0, i.e. don't need to be shifted. Opportunistically use X86_MEMTYPE_WB instead of an open coded '6' in setup_vmcs_config(). No functional change intended. Reviewed-by: Thomas Gleixner Acked-by: Kai Huang Reviewed-by: Xiaoyao Li Reviewed-by: Kai Huang Link: https://lore.kernel.org/r/20240605231918.2915961-2-seanjc@google.com Signed-off-by: Sean Christopherson commit 1c450ffef589383f743d798666703687fc2e582b Author: Tao Su Date: Mon Aug 19 14:23:27 2024 +0800 KVM: x86: Advertise AVX10.1 CPUID to userspace Advertise AVX10.1 related CPUIDs, i.e. report AVX10 support bit via CPUID.(EAX=07H, ECX=01H):EDX[bit 19] and new CPUID leaf 0x24H so that guest OS and applications can query the AVX10.1 CPUIDs directly. Intel AVX10 represents the first major new vector ISA since the introduction of Intel AVX512, which will establish a common, converged vector instruction set across all Intel architectures[1]. AVX10.1 is an early version of AVX10, that enumerates the Intel AVX512 instruction set at 128, 256, and 512 bits which is enabled on Granite Rapids. I.e., AVX10.1 is only a new CPUID enumeration with no new functionality. New features, e.g. Embedded Rounding and Suppress All Exceptions (SAE) will be introduced in AVX10.2. Advertising AVX10.1 is safe because there is nothing to enable for AVX10.1, i.e. it's purely a new way to enumerate support, thus there will never be anything for the kernel to enable. Note just the CPUID checking is changed when using AVX512 related instructions, e.g. if using one AVX512 instruction needs to check (AVX512 AND AVX512DQ), it can check ((AVX512 AND AVX512DQ) OR AVX10.1) after checking XCR0[7:5]. The versions of AVX10 are expected to be inclusive, e.g. version N+1 is a superset of version N. Per the spec, the version can never be 0, just advertise AVX10.1 if it's supported in hardware. Moreover, advertising AVX10_{128,256,512} needs to land in the same commit as advertising basic AVX10.1 support, otherwise KVM would advertise an impossible CPU model. E.g. a CPU with AVX512 but not AVX10.1/512 is impossible per the SDM. As more and more AVX related CPUIDs are added (it would have resulted in around 40-50 CPUID flags when developing AVX10), the versioning approach is introduced. But incrementing version numbers are bad for virtualization. E.g. if AVX10.2 has a feature that shouldn't be enumerated to guests for whatever reason, then KVM can't enumerate any "later" features either, because the only way to hide the problematic AVX10.2 feature is to set the version to AVX10.1 or lower[2]. But most AVX features are just passed through and don't have virtualization controls, so AVX10 should not be problematic in practice, so long as Intel honors their promise that future versions will be supersets of past versions. [1] https://cdrdv2.intel.com/v1/dl/getContent/784267 [2] https://lore.kernel.org/all/Zkz5Ak0PQlAN8DxK@google.com/ Suggested-by: Sean Christopherson Signed-off-by: Tao Su Link: https://lore.kernel.org/r/20240819062327.3269720-1-tao1.su@linux.intel.com [sean: minor changelog tweaks] Signed-off-by: Sean Christopherson commit 1448d4a935abb89942d0af7864480db349433079 Author: Thorsten Blum Date: Wed Aug 14 22:33:46 2024 +0200 KVM: x86: Optimize local variable in start_sw_tscdeadline() Change the data type of the local variable this_tsc_khz to u32 because virtual_tsc_khz is also declared as u32. Since do_div() casts the divisor to u32 anyway, changing the data type of this_tsc_khz to u32 also removes the following Coccinelle/coccicheck warning reported by do_div.cocci: WARNING: do_div() does a 64-by-32 division, please consider using div64_ul instead Signed-off-by: Thorsten Blum Link: https://lore.kernel.org/r/20240814203345.2234-2-thorsten.blum@toblux.com Signed-off-by: Sean Christopherson commit 919bb54e989c1edef87e9797be125c94c450fc65 Author: Rodrigo Vivi Date: Wed Aug 21 15:38:42 2024 -0400 drm/xe: Fix missing runtime outer protection for ggtt_remove_node Defer the ggtt node removal to a thread if runtime_pm is not active. The ggtt node removal can be called from multiple places, including places where we cannot protect with outer callers and places we are within other locks. So, try to grab the runtime reference if the device is already active, otherwise defer the removal to a separate thread from where we are sure we can wake the device up. v2: - use xe wq instead of system wq (Matt and CI) - Avoid GFP_KERNEL to be future proof since this removal can be called from outside our drivers and we don't want to block if atomic is needed. (Brost) v3: amend forgot chunk declaring xe_device. v4: Use a xe_ggtt_region to encapsulate the node and remova info, wihtout the need for any memory allocation at runtime. v5: Actually fill the delayed_removal.invalidate (Brost) v6: - Ensure that ggtt_region is not freed before work finishes (Auld) - Own wq to ensures that the queued works are flushed before ggtt_fini (Brost) v7: also free ggtt_region on early !bound return (Auld) v8: Address the null deref (CI) v9: Based on the new xe_ggtt_node for the proper care of the lifetime of the object. v10: Redo the lost v5 change. (Brost) v11: Simplify the invalidate_on_remove (Lucas) Cc: Matthew Auld Cc: Paulo Zanoni Cc: Francois Dugast Cc: Thomas Hellström Cc: Matthew Brost Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240821193842.352557-12-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit 34e804220f693fe6bb1c4e50f27dd855e9313f0c Author: Rodrigo Vivi Date: Wed Aug 21 15:38:41 2024 -0400 drm/xe: Make xe_ggtt_node struct independent In some rare cases, the drm_mm node cannot be removed synchronously due to runtime PM conditions. In this situation, the node removal will be delegated to a workqueue that will be able to wake up the device before removing the node. However, in this situation, the lifetime of the xe_ggtt_node cannot be restricted to the lifetime of the parent object. So, this patch introduces the infrastructure so the xe_ggtt_node struct can be allocated in advance and freed when needed. By having the ggtt backpointer, it also ensure that the init function is always called before any attempt to insert or reserve the node in the GGTT. v2: s/xe_ggtt_node_force_fini/xe_ggtt_node_fini and use it internaly (Brost) v3: - Use GF_NOFS for node allocation (CI) - Avoid ggtt argument, now that we have it inside the node (Lucas) - Fix some missed fini cases (CI) v4: - Fix SRIOV critical case where config->ggtt_region was lost (Michal) - Avoid ggtt argument also on removal (missed case on v3) (Michal) - Remove useless checks (Michal) - Return 0 instead of negative errno on a u32 addr. (Michal) - s/xe_ggtt_assign/xe_ggtt_node_assign for coherence, while we are touching it (Michal) v5: - Fix VFs' ggtt_balloon Cc: Matthew Auld Cc: Michal Wajdeczko Cc: Matthew Brost Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240821193842.352557-11-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit 15ca09499bc669b600dcdaf01fc0bf8c55e15b35 Author: Rodrigo Vivi Date: Wed Aug 21 15:38:40 2024 -0400 drm/xe: Refactor xe_ggtt balloon functions to make the node clear These operations are related to node. Convert them to the new appropriate name space xe_ggtt_node. v2: Also move arguments around for consistency (Lucas). v3: s/node_balloon/node_insert_balloon and s/node_deballoon/node_remove_balloon (Michal). Reviewed-by: Lucas De Marchi Cc: Michal Wajdeczko Link: https://patchwork.freedesktop.org/patch/msgid/20240821193842.352557-10-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit 136367290ea5d7b5d05696189e9fd6162b9d9742 Author: Rodrigo Vivi Date: Wed Aug 21 15:38:39 2024 -0400 drm/xe: Introduce xe_ggtt_print_holes Introduce a new xe_ggtt_print_holes helper that attends the SRIOV demand and finishes the goal of limiting drm_mm access to xe_ggtt. Cc: Michal Wajdeczko Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240821193842.352557-9-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit 1144e0dff5e68907cb8d3e2d64d1c00e2a96d1b2 Author: Rodrigo Vivi Date: Wed Aug 21 15:38:38 2024 -0400 drm/xe: Introduce xe_ggtt_largest_hole Introduce a new xe_ggtt_largest_hole helper that attends the SRIOV demand and continue with the goal of limiting drm_mm access to xe_ggtt. v2: Fix a typo (Michal) Cc: Michal Wajdeczko Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240821193842.352557-8-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit 8b5ccc9743ab026b12075eb5e3883cc9e42bc683 Author: Rodrigo Vivi Date: Wed Aug 21 15:38:37 2024 -0400 drm/xe: Limit drm_mm_node_allocated access to xe_ggtt_node Continue with the encapsulation of drm_mm_node inside xe_ggtt. Cc: Michal Wajdeczko Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240821193842.352557-7-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit 0567f18e0757a260031e59487fe01f402c16c0de Author: Rodrigo Vivi Date: Wed Aug 21 15:38:36 2024 -0400 drm/xe: Rename xe_ggtt_node related functions Bring some consistency and prepare for more xe_ggtt_node related functions to be introduced. Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240821193842.352557-6-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit 6062ea9398d3ec09c521774f9d81f604d1a85fbd Author: Rodrigo Vivi Date: Wed Aug 21 15:38:35 2024 -0400 drm/xe: Encapsulate drm_mm_node inside xe_ggtt_node The xe_ggtt component uses drm_mm to manage the GGTT. The drm_mm_node is just a node inside drm_mm, but in Xe we use that only in the GGTT context. So, this patch encapsulates the drm_mm_node into a xe_ggtt's new struct. This is the first step towards limiting all the drm_mm access through xe_ggtt. The ultimate goal is to have a better control of the node insertion and removal, so the removal can be delegated to a delayed workqueue. v2: Fix includes and typos (Michal and Brost) Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240821193842.352557-5-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit 6dbd43dcedf3b58a18eb3518e5c19e38a97aa68a Author: Rodrigo Vivi Date: Wed Aug 21 15:38:34 2024 -0400 drm/{i915, xe}: Avoid direct inspection of dpt_vma from outside dpt DPT code is so dependent on i915 vma implementation and it is not ported yet to Xe. This patch limits inspection to DPT's VMA struct to intel_dpt component only, so the Xe GGTT code can evolve. Cc: Matthew Brost Cc: Maarten Lankhorst Cc: Juha-Pekka Heikkila Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240821193842.352557-4-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit df99acc7ba1be9f111debdb75e00539fed8ad21a Author: Rodrigo Vivi Date: Wed Aug 21 15:38:33 2024 -0400 drm/xe: Remove unnecessary drm_mm.h includes These includes are no longer necessary, and where appropriate are replaced by the linux/types.h one. Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240821193842.352557-3-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit 244fe1666364865154930f34d8df5489df1922b6 Author: Rodrigo Vivi Date: Wed Aug 21 15:38:32 2024 -0400 drm/xe: Introduce GGTT documentation Document xe_ggtt and ensure it is part of the built kernel docs. v2: - Accepted all Michal's suggestions - Rebased on top of new set_pte per platform/wa function pointer v3: - Typos and other acronym fixes (Michal) Cc: Matthew Brost Cc: Michal Wajdeczko Reviewed-by: Himal Prasad Ghimiray #v1 Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240821193842.352557-2-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit 69f0925c67c21c1e3ccda152d2b6ce21c363e563 Author: Rodrigo Vivi Date: Wed Aug 21 15:38:31 2024 -0400 drm/xe: Removed unused xe_ggtt_printk Apparently this was only useful when enabling ggtt support for the very first time and never used again. It is also not useful now that we have the ggtt_dump available through debugfs. Reviewed-by: Himal Prasad Ghimiray Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240821193842.352557-1-rodrigo.vivi@intel.com Signed-off-by: Rodrigo Vivi commit 6708948e361fc1eea858f8ce333c1aab7411c114 Author: Heiko Carstens Date: Thu Aug 1 17:16:12 2024 +0200 s390/early: Dump register contents and call trace for early crashes If the early program check handler cannot resolve a program check dump register contents and a call trace to the console before loading a disabled wait psw. This makes debugging much easier. Emit an extra message with early_printk() for cases where regular printk() via the early console is not yet working so that at least some information is available. Signed-off-by: Heiko Carstens Acked-by: Vasily Gorbik Signed-off-by: Vasily Gorbik commit 0bc6a69f5fda17c907dfdf5850a293d13010e9e5 Author: Heiko Carstens Date: Thu Aug 1 17:16:11 2024 +0200 s390/early: Add __init to __do_early_pgm_check() __do_early_pgm_check() is a function which is only needed during early setup code. Mark it __init in order to save a few bytes. Signed-off-by: Heiko Carstens Acked-by: Alexander Gordeev Signed-off-by: Vasily Gorbik commit b495e710157606889f2d8bdc62aebf2aa02f67a7 Author: Thomas Richter Date: Wed Jul 10 12:23:47 2024 +0200 s390/cpum_sf: Remove WARN_ON_ONCE statements Remove WARN_ON_ONCE statements. These have not triggered in the past. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Signed-off-by: Vasily Gorbik commit 14a34130e030b5f597e1d688498a4b9679521b38 Author: Thomas Richter Date: Thu Jul 25 15:32:26 2024 +0200 s390/cpum_sf: Rework debug_sprintf_event() messages Rework debug messages: - Remove most of the debug_sprintf_event() invocations. - Do not split string format statements - Remove colon after function name. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Signed-off-by: Vasily Gorbik commit b81162302001f41157f6e93654aaccc30e817e2a Author: Arnaldo Carvalho de Melo Date: Thu Aug 22 14:13:49 2024 -0300 perf python: Allow checking for the existence of warning options in clang We'll need to check if an warning option introduced in clang 19 is available on the clang version being used, so cover the error message emitted when testing for a -W option. Tested-by: Sedat Dilek Cc: Ian Rogers Cc: Ingo Molnar Cc: Namhyung Kim Cc: Nathan Chancellor Cc: Peter Zijlstra Link: https://lore.kernel.org/lkml/CA+icZUVtHn8X1Tb_Y__c-WswsO0K8U9uy3r2MzKXwTA5THtL7w@mail.gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit 980c41f554c3029ce4f99678c0cd95296212775f Author: Shameer Kolothum Date: Fri Aug 16 14:28:19 2024 +0100 KVM: arm64: Make the exposed feature bits in AA64DFR0_EL1 writable from userspace KVM exposes the OS double lock feature bit to Guests but returns RAZ/WI on Guest OSDLR_EL1 access. This breaks Guest migration between systems where this feature differ. Add support to make this feature writable from userspace by setting the mask bit. While at it, set the mask bits for the exposed WRPs(Number of Watchpoints) as well. Also update the selftest to cover these fields. However we still can't make BRPs and CTX_CMPs fields writable, because as per ARM ARM DDI 0487K.a, section D2.8.3 Breakpoint types and linking of breakpoints, highest numbered breakpoints(BRPs) must be context aware breakpoints(CTX_CMPs). KVM does not trap + emulate the breakpoint registers, and as such cannot support a layout that misaligns with the underlying hardware. Reviewed-by: Oliver Upton Signed-off-by: Shameer Kolothum Link: https://lore.kernel.org/r/20240816132819.34316-1-shameerali.kolothum.thodi@huawei.com Signed-off-by: Marc Zyngier commit 4e893ca8117022de68ce1b61c0309e3d17bb8a25 Author: Stuart Hayes Date: Wed Jul 17 13:55:50 2024 -0500 nvme_core: scan namespaces asynchronously Use async function calls to make namespace scanning happen in parallel. Without the patch, NVME namespaces are scanned serially, so it can take a long time for all of a controller's namespaces to become available, especially with a slower (TCP) interface with large number of namespaces. It is not uncommon to have large numbers (hundreds or thousands) of namespaces on nvme-of with storage servers. The time it took for all namespaces to show up after connecting (via TCP) to a controller with 1002 namespaces was measured on one system: network latency without patch with patch 0 6s 1s 50ms 210s 10s 100ms 417s 18s Measurements taken on another system show the effect of the patch on the time nvme_scan_work() took to complete, when connecting to a linux nvme-of target with varying numbers of namespaces, on a network of 400us. namespaces without patch with patch 1 16ms 14ms 2 24ms 16ms 4 49ms 22ms 8 101ms 33ms 16 207ms 56ms 100 1.4s 0.6s 1000 12.9s 2.0s On the same system, connecting to a local PCIe NVMe drive (a Samsung PM1733) instead of a network target: namespaces without patch with patch 1 13ms 12ms 2 41ms 13ms Signed-off-by: Stuart Hayes Reviewed-by: Sagi Grimberg commit b8195520e8b486a0922b4baf511a2fd19bbfc25f Author: Krzysztof Kozlowski Date: Thu Aug 22 18:12:31 2024 +0200 regulator: s2mps11: use scoped memory allocation to simplify probe Allocate the memory with scoped/cleanup.h to reduce error handling (less error paths) and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240822161231.106744-1-krzysztof.kozlowski@linaro.org Signed-off-by: Mark Brown commit 50c374c6d1a43db9444cb74cc09552c817db2a9b Merge: d352eca2662734 872cf28b8df9c5 Author: Alexei Starovoitov Date: Thu Aug 22 09:27:59 2024 -0700 Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Cross-merge bpf fixes after downstream PR including important fixes (from bpf-next point of view): commit 41c24102af7b ("selftests/bpf: Filter out _GNU_SOURCE when compiling test_cpp") commit fdad456cbcca ("bpf: Fix updating attached freplace prog in prog_array map") No conflicts. Adjacent changes in: include/linux/bpf_verifier.h kernel/bpf/verifier.c tools/testing/selftests/bpf/Makefile Link: https://lore.kernel.org/bpf/20240813234307.82773-1-alexei.starovoitov@gmail.com/ Signed-off-by: Alexei Starovoitov commit 02c0207ecdcc9abdf3442676154f8fd2be0f649a Author: Yuesong Li Date: Thu Aug 22 10:14:00 2024 +0800 dm bufio: Remove NULL check of list_entry() list_entry() will never return a NULL pointer, thus remove the check. Signed-off-by: Yuesong Li Signed-off-by: Mikulas Patocka commit f5dafb8909dc2f5d859734eec41ceb21777d855e Author: Yang Li Date: Thu Aug 22 08:31:23 2024 +0800 ipe: Remove duplicated include in ipe.c The header files eval.h is included twice in ipe.c, so one inclusion of each can be removed. Reported-by: Abaci Robot Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=9796 Signed-off-by: Yang Li Signed-off-by: Paul Moore commit 417c5643cd67a55f424b203b492082035d0236c3 Author: KP Singh Date: Fri Aug 16 17:43:07 2024 +0200 lsm: replace indirect LSM hook calls with static calls LSM hooks are currently invoked from a linked list as indirect calls which are invoked using retpolines as a mitigation for speculative attacks (Branch History / Target injection) and add extra overhead which is especially bad in kernel hot paths: security_file_ioctl: 0xff...0320 <+0>: endbr64 0xff...0324 <+4>: push %rbp 0xff...0325 <+5>: push %r15 0xff...0327 <+7>: push %r14 0xff...0329 <+9>: push %rbx 0xff...032a <+10>: mov %rdx,%rbx 0xff...032d <+13>: mov %esi,%ebp 0xff...032f <+15>: mov %rdi,%r14 0xff...0332 <+18>: mov $0xff...7030,%r15 0xff...0339 <+25>: mov (%r15),%r15 0xff...033c <+28>: test %r15,%r15 0xff...033f <+31>: je 0xff...0358 0xff...0341 <+33>: mov 0x18(%r15),%r11 0xff...0345 <+37>: mov %r14,%rdi 0xff...0348 <+40>: mov %ebp,%esi 0xff...034a <+42>: mov %rbx,%rdx 0xff...034d <+45>: call 0xff...2e0 <__x86_indirect_thunk_array+352> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Indirect calls that use retpolines leading to overhead, not just due to extra instruction but also branch misses. 0xff...0352 <+50>: test %eax,%eax 0xff...0354 <+52>: je 0xff...0339 0xff...0356 <+54>: jmp 0xff...035a 0xff...0358 <+56>: xor %eax,%eax 0xff...035a <+58>: pop %rbx 0xff...035b <+59>: pop %r14 0xff...035d <+61>: pop %r15 0xff...035f <+63>: pop %rbp 0xff...0360 <+64>: jmp 0xff...47c4 <__x86_return_thunk> The indirect calls are not really needed as one knows the addresses of enabled LSM callbacks at boot time and only the order can possibly change at boot time with the lsm= kernel command line parameter. An array of static calls is defined per LSM hook and the static calls are updated at boot time once the order has been determined. With the hook now exposed as a static call, one can see that the retpolines are no longer there and the LSM callbacks are invoked directly: security_file_ioctl: 0xff...0ca0 <+0>: endbr64 0xff...0ca4 <+4>: nopl 0x0(%rax,%rax,1) 0xff...0ca9 <+9>: push %rbp 0xff...0caa <+10>: push %r14 0xff...0cac <+12>: push %rbx 0xff...0cad <+13>: mov %rdx,%rbx 0xff...0cb0 <+16>: mov %esi,%ebp 0xff...0cb2 <+18>: mov %rdi,%r14 0xff...0cb5 <+21>: jmp 0xff...0cc7 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Static key enabled for SELinux 0xffffffff818f0cb7 <+23>: jmp 0xff...0cde ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Static key enabled for BPF LSM. This is something that is changed to default to false to avoid the existing side effect issues of BPF LSM [1] in a subsequent patch. 0xff...0cb9 <+25>: xor %eax,%eax 0xff...0cbb <+27>: xchg %ax,%ax 0xff...0cbd <+29>: pop %rbx 0xff...0cbe <+30>: pop %r14 0xff...0cc0 <+32>: pop %rbp 0xff...0cc1 <+33>: cs jmp 0xff...0000 <__x86_return_thunk> 0xff...0cc7 <+39>: endbr64 0xff...0ccb <+43>: mov %r14,%rdi 0xff...0cce <+46>: mov %ebp,%esi 0xff...0cd0 <+48>: mov %rbx,%rdx 0xff...0cd3 <+51>: call 0xff...3230 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Direct call to SELinux. 0xff...0cd8 <+56>: test %eax,%eax 0xff...0cda <+58>: jne 0xff...0cbd 0xff...0cdc <+60>: jmp 0xff...0cb7 0xff...0cde <+62>: endbr64 0xff...0ce2 <+66>: mov %r14,%rdi 0xff...0ce5 <+69>: mov %ebp,%esi 0xff...0ce7 <+71>: mov %rbx,%rdx 0xff...0cea <+74>: call 0xff...e220 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Direct call to BPF LSM. 0xff...0cef <+79>: test %eax,%eax 0xff...0cf1 <+81>: jne 0xff...0cbd 0xff...0cf3 <+83>: jmp 0xff...0cb9 0xff...0cf5 <+85>: endbr64 0xff...0cf9 <+89>: mov %r14,%rdi 0xff...0cfc <+92>: mov %ebp,%esi 0xff...0cfe <+94>: mov %rbx,%rdx 0xff...0d01 <+97>: pop %rbx 0xff...0d02 <+98>: pop %r14 0xff...0d04 <+100>: pop %rbp 0xff...0d05 <+101>: ret 0xff...0d06 <+102>: int3 0xff...0d07 <+103>: int3 0xff...0d08 <+104>: int3 0xff...0d09 <+105>: int3 While this patch uses static_branch_unlikely indicating that an LSM hook is likely to be not present. In most cases this is still a better choice as even when an LSM with one hook is added, empty slots are created for all LSM hooks (especially when many LSMs that do not initialize most hooks are present on the system). There are some hooks that don't use the call_int_hook or call_void_hook. These hooks are updated to use a new macro called lsm_for_each_hook where the lsm_callback is directly invoked as an indirect call. Below are results of the relevant Unixbench system benchmarks with BPF LSM and SELinux enabled with default policies enabled with and without these patches. Benchmark Delta(%): (+ is better) ========================================================================== Execl Throughput +1.9356 File Write 1024 bufsize 2000 maxblocks +6.5953 Pipe Throughput +9.5499 Pipe-based Context Switching +3.0209 Process Creation +2.3246 Shell Scripts (1 concurrent) +1.4975 System Call Overhead +2.7815 System Benchmarks Index Score (Partial Only): +3.4859 In the best case, some syscalls like eventfd_create benefitted to about ~10%. Tested-by: Guenter Roeck Reviewed-by: Casey Schaufler Reviewed-by: Kees Cook Acked-by: Song Liu Acked-by: Andrii Nakryiko Signed-off-by: KP Singh Signed-off-by: Paul Moore commit d51e783c17bab0c139bf78d6bd9d1f66673f7903 Author: KP Singh Date: Fri Aug 16 17:43:06 2024 +0200 lsm: count the LSMs enabled at compile time These macros are a clever trick to determine a count of the number of LSMs that are enabled in the config to ascertain the maximum number of static calls that need to be configured per LSM hook. Without this one would need to generate static calls for the total number of LSMs in the kernel (even if they are not compiled) times the number of LSM hooks which ends up being quite wasteful. Tested-by: Guenter Roeck Suggested-by: Kui-Feng Lee Suggested-by: Andrii Nakryiko Reviewed-by: Kees Cook Reviewed-by: Casey Schaufler Reviewed-by: John Johansen Acked-by: Casey Schaufler Acked-by: Song Liu Acked-by: Andrii Nakryiko Nacked-by: Tetsuo Handa Signed-off-by: KP Singh [PM: added IPE to the count during merge] Signed-off-by: Paul Moore commit a32d621df4d46cdcef0a7cfd9178ce570824a3a2 Author: Rafael J. Wysocki Date: Mon Aug 19 18:26:20 2024 +0200 thermal: imx: Use the .should_bind() thermal zone callback Make the imx_thermal driver use the .should_bind() thermal zone callback to provide the thermal core with the information on whether or not to bind the given cooling device to the given trip point in the given thermal zone. If it returns 'true', the thermal core will bind the cooling device to the trip and the corresponding unbinding will be taken care of automatically by the core on the removal of the involved thermal zone or cooling device. In the imx_thermal case, it only needs to return 'true' for the passive trip point and it will match any cooling device passed to it, in analogy with the old-style imx_bind() callback function. Signed-off-by: Rafael J. Wysocki Reviewed-by: Daniel Lezcano Link: https://patch.msgid.link/2485070.jE0xQCEvom@rjwysocki.net commit 6d9149e75b810a08226fbe5e2b4e63036641bcc1 Author: Rafael J. Wysocki Date: Mon Aug 19 18:24:37 2024 +0200 mlxsw: core_thermal: Use the .should_bind() thermal zone callback Make the mlxsw core_thermal driver use the .should_bind() thermal zone callback to provide the thermal core with the information on whether or not to bind the given cooling device to the given trip point in the given thermal zone. If it returns 'true', the thermal core will bind the cooling device to the trip and the corresponding unbinding will be taken care of automatically by the core on the removal of the involved thermal zone or cooling device. It replaces the .bind() and .unbind() thermal zone callbacks (in 3 places) which assumed the same trip points ordering in the driver and in the thermal core (that may not be true any more in the future). The .bind() callbacks used loops over trip point indices to call thermal_zone_bind_cooling_device() for the same cdev (once it had been verified) and all of the trip points, but they passed different 'upper' and 'lower' values to it for each trip. To retain the original functionality, the .should_bind() callbacks need to use the same 'upper' and 'lower' values that would be used by the corresponding .bind() callbacks when they are about to return 'true'. To that end, the 'priv' field of each trip is set during the thermal zone initialization to point to the corresponding 'state' object containing the maximum and minimum cooling states of the cooling device. Signed-off-by: Rafael J. Wysocki Reviewed-by: Ido Schimmel Link: https://patch.msgid.link/2216931.Icojqenx9y@rjwysocki.net commit 13b6b63d6becb62ede986f35b14c873ac935e2e3 Author: Rafael J. Wysocki Date: Mon Aug 19 18:19:35 2024 +0200 platform/x86: acerhdf: Use the .should_bind() thermal zone callback Make the acerhdf driver use the .should_bind() thermal zone callback to provide the thermal core with the information on whether or not to bind the given cooling device to the given trip point in the given thermal zone. If it returns 'true', the thermal core will bind the cooling device to the trip and the corresponding unbinding will be taken care of automatically by the core on the removal of the involved thermal zone or cooling device. The previously existing acerhdf_bind() function bound cooling devices to thermal trip point 0 only, so the new callback needs to return 'true' for trip point 0. However, it is straightforward to observe that trip point 0 is an active trip point and the only other trip point in the driver's thermal zone is a critical one, so it is sufficient to return 'true' from that callback if the type of the given trip point is THERMAL_TRIP_ACTIVE. Signed-off-by: Rafael J. Wysocki Acked-by: Hans de Goede Tested-by: Peter Kästle Reviewed-by: Daniel Lezcano Link: https://patch.msgid.link/3779411.MHq7AAxBmi@rjwysocki.net commit 2fb85633641770d55b50c934db6b4fb02411a1fe Author: Rafael J. Wysocki Date: Mon Aug 19 18:05:00 2024 +0200 thermal: core: Unexport thermal_bind_cdev_to_trip() and thermal_unbind_cdev_from_trip() Since thermal_bind_cdev_to_trip() and thermal_unbind_cdev_from_trip() are only called locally in the thermal core now, they can be static, so change their definitions accordingly and drop their headers from the global thermal header file. No intentional functional impact. Signed-off-by: Rafael J. Wysocki Reviewed-by: Zhang Rui Acked-by: Huisong Li Reviewed-by: Daniel Lezcano Link: https://patch.msgid.link/3512161.QJadu78ljV@rjwysocki.net commit b1c75b3820c18b53cc117bbb02e86b41b018b70a Author: Rafael J. Wysocki Date: Mon Aug 19 18:02:44 2024 +0200 thermal: ACPI: Use the .should_bind() thermal zone callback Make the ACPI thermal zone driver use the .should_bind() thermal zone callback to provide the thermal core with the information on whether or not to bind the given cooling device to the given trip point in the given thermal zone. If it returns 'true', the thermal core will bind the cooling device to the trip and the corresponding unbinding will be taken care of automatically by the core on the removal of the involved thermal zone or cooling device. This replaces the .bind() and .unbind() thermal zone callbacks which allows the code to be simplified quite significantly while providing the same functionality. Signed-off-by: Rafael J. Wysocki Reviewed-by: Zhang Rui Reviewed-by: Daniel Lezcano Link: https://patch.msgid.link/1812827.VLH7GnMWUR@rjwysocki.net commit aa35e56a5217b86f9c05420c36c908baf3b2df5f Author: Rafael J. Wysocki Date: Mon Aug 19 18:00:19 2024 +0200 thermal: core: Introduce .should_bind() thermal zone callback The current design of the code binding cooling devices to trip points in thermal zones is convoluted and hard to follow. Namely, a driver that registers a thermal zone can provide .bind() and .unbind() operations for it, which are required to call either thermal_bind_cdev_to_trip() and thermal_unbind_cdev_from_trip(), respectively, or thermal_zone_bind_cooling_device() and thermal_zone_unbind_cooling_device(), respectively, for every relevant trip point and the given cooling device. Moreover, if .bind() is provided and .unbind() is not, the cleanup necessary during the removal of a thermal zone or a cooling device may not be carried out. In other words, the core relies on the thermal zone owners to do the right thing, which is error prone and far from obvious, even though all of that is not really necessary. Specifically, if the core could ask the thermal zone owner, through a special thermal zone callback, whether or not a given cooling device should be bound to a given trip point in the given thermal zone, it might as well carry out all of the binding and unbinding by itself. In particular, the unbinding can be done automatically without involving the thermal zone owner at all because all of the thermal instances associated with a thermal zone or cooling device going away must be deleted regardless. Accordingly, introduce a new thermal zone operation, .should_bind(), that can be invoked by the thermal core for a given thermal zone, trip point and cooling device combination in order to check whether or not the cooling device should be bound to the trip point at hand. It takes an additional cooling_spec argument allowing the thermal zone owner to specify the highest and lowest cooling states of the cooling device and its weight for the given trip point binding. Make the thermal core use this operation, if present, in the absence of .bind() and .unbind(). Note that .should_bind() will be called under the thermal zone lock. No intentional functional impact. Signed-off-by: Rafael J. Wysocki Reviewed-by: Zhang Rui Acked-by: Huisong Li Reviewed-by: Daniel Lezcano Link: https://patch.msgid.link/9334403.CDJkKcVGEf@rjwysocki.net commit d48005511a5496defa8ff6828ce9fdd1fb4dcd86 Author: Rafael J. Wysocki Date: Mon Aug 19 17:58:27 2024 +0200 thermal: core: Move thermal zone locking out of bind/unbind functions Since thermal_bind_cdev_to_trip() and thermal_unbind_cdev_from_trip() acquire the thermal zone lock, the locking rules for their callers get complicated. In particular, the thermal zone lock cannot be acquired in any code path leading to one of these functions even though it might be useful to do so. To address this, remove the thermal zone locking from both these functions, add lockdep assertions for the thermal zone lock to both of them and make their callers acquire the thermal zone lock instead. No intentional functional impact. Signed-off-by: Rafael J. Wysocki Reviewed-by: Zhang Rui Reviewed-by: Daniel Lezcano Link: https://patch.msgid.link/3837835.kQq0lBPeGt@rjwysocki.net commit 0a0a40d71cf5f51123292982efde38f4b111aee9 Author: Rafael J. Wysocki Date: Mon Aug 19 17:56:15 2024 +0200 thermal: sysfs: Use the dev argument in instance-related show/store Two sysfs show/store functions for attributes representing thermal instances, trip_point_show() and weight_store(), retrieve the thermal zone pointer from the instance object at hand, but they may also get it from their dev argument, which is more consistent with what the other thermal sysfs functions do, so make them do so. No intentional functional impact. Signed-off-by: Rafael J. Wysocki Reviewed-by: Zhang Rui Acked-by: Huisong Li Reviewed-by: Daniel Lezcano Link: https://patch.msgid.link/1987669.PYKUYFuaPT@rjwysocki.net commit eb3591cde1aee34c56b5dc96d9b247349827024f Author: Rafael J. Wysocki Date: Mon Aug 19 17:52:54 2024 +0200 thermal: core: Drop redundant thermal instance checks Because the trip and cdev pointers are sufficient to identify a thermal instance holding them unambiguously, drop the additional thermal zone checks from two loops walking the list of thermal instances in a thermal zone. No intentional functional impact. Signed-off-by: Rafael J. Wysocki Reviewed-by: Zhang Rui Reviewed-by: Daniel Lezcano Link: https://patch.msgid.link/10527734.nUPlyArG6x@rjwysocki.net commit b4e6d39817312919f907da266de202a30a7bc43b Author: Rafael J. Wysocki Date: Mon Aug 19 17:51:36 2024 +0200 thermal: core: Rearrange checks in thermal_bind_cdev_to_trip() It is not necessary to look up the thermal zone and the cooling device in the respective global lists to check whether or not they are registered. It is sufficient to check whether or not their respective list nodes are empty for this purpose. Use the above observation to simplify thermal_bind_cdev_to_trip(). In addition, eliminate an unnecessary ternary operator from it. Moreover, add lockdep_assert_held() for thermal_list_lock to it because that lock must be held by its callers when it is running. No intentional functional impact. Signed-off-by: Rafael J. Wysocki Reviewed-by: Zhang Rui Reviewed-by: Daniel Lezcano Link: https://patch.msgid.link/3324214.44csPzL39Z@rjwysocki.net commit a8bbe6f10f78f85243ff821432c5d798a6d99ed4 Author: Rafael J. Wysocki Date: Mon Aug 19 17:50:30 2024 +0200 thermal: core: Fold two functions into their respective callers Fold bind_cdev() into __thermal_cooling_device_register() and bind_tz() into thermal_zone_device_register_with_trips() to reduce code bloat and make it somewhat easier to follow the code flow. No intentional functional impact. Signed-off-by: Rafael J. Wysocki Reviewed-by: Zhang Rui Reviewed-by: Daniel Lezcano Link: https://patch.msgid.link/2962184.e9J7NaK4W3@rjwysocki.net commit f6a034f2df426e279f1ecad53626bab80c04796a Author: Rafael J. Wysocki Date: Thu Aug 22 17:42:57 2024 +0200 thermal: Introduce a debugfs-based testing facility Introduce a facility allowing the thermal core functionality to be exercised in a controlled way in order to verify its behavior, without affecting its regular users noticeably. It is based on the idea of preparing thermal zone templates along with their trip points by writing to files in debugfs. When ready, those templates can be used for registering test thermal zones with the thermal core. The temperature of a test thermal zone created this way can be adjusted via debugfs, which also triggers a __thermal_zone_device_update() call for it. By manipulating the temperature of a test thermal zone, one can check if the thermal core reacts to the changes of it as expected. Signed-off-by: Rafael J. Wysocki Link: https://patch.msgid.link/6065927.lOV4Wx5bFT@rjwysocki.net [ rjw: Fixed ordering of kcalloc() arguments ] [ rjw: Fixed debugfs_create_dir() return value checks ] [ rjw: Fixed two kerneldoc comments ] Signed-off-by: Rafael J. Wysocki commit 1cfd01eb602d73b92df2ffc24196cd0a3dc3efb2 Author: Namhyung Kim Date: Wed Aug 21 16:26:28 2024 -0700 perf annotate-data: Copy back variable types after move In some cases, compilers don't set the location expression in DWARF precisely. For instance, it may assign a variable to a register after copying it from a different register. Then it should use the register for the new type but still uses the old register. This makes hard to track the type information properly. This is an example I found in __tcp_transmit_skb(). The first argument (sk) of this function is a pointer to sock and there's a variable (tp) for tcp_sock. static int __tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it, gfp_t gfp_mask, u32 rcv_nxt) { ... struct tcp_sock *tp; BUG_ON(!skb || !tcp_skb_pcount(skb)); tp = tcp_sk(sk); prior_wstamp = tp->tcp_wstamp_ns; tp->tcp_wstamp_ns = max(tp->tcp_wstamp_ns, tp->tcp_clock_cache); ... So it basically calls tcp_sk(sk) to get the tcp_sock pointer from sk. But it turned out to be the same value because tcp_sock embeds sock as the first member. The sk is located in reg5 (RDI) and tp is in reg3 (RBX). The offset of tcp_wstamp_ns is 0x748 and tcp_clock_cache is 0x750. So you need to use RBX (reg3) to access the fields in the tcp_sock. But the code used RDI (reg5) as it has the same value. $ pahole --hex -C tcp_sock vmlinux | grep -e 748 -e 750 u64 tcp_wstamp_ns; /* 0x748 0x8 */ u64 tcp_clock_cache; /* 0x750 0x8 */ And this is the disassembly of the part of the function. <__tcp_transmit_skb>: ... 44: mov %rdi, %rbx 47: mov 0x748(%rdi), %rsi 4e: mov 0x750(%rdi), %rax 55: cmp %rax, %rsi Because compiler put the debug info to RBX, it only knows RDI is a pointer to sock and accessing those two fields resulted in error due to offset being beyond the type size. ----------------------------------------------------------- find data type for 0x748(reg5) at __tcp_transmit_skb+0x63 CU for net/ipv4/tcp_output.c (die:0x817f543) frame base: cfa=0 fbreg=6 scope: [1/1] (die:81aac3e) bb: [0 - 30] var [0] -0x98(stack) type='struct tcp_out_options' size=0x28 (die:0x81af3df) var [5] reg8 type='unsigned int' size=0x4 (die:0x8180ed6) var [5] reg2 type='unsigned int' size=0x4 (die:0x8180ed6) var [5] reg1 type='int' size=0x4 (die:0x818059e) var [5] reg4 type='struct sk_buff*' size=0x8 (die:0x8181360) var [5] reg5 type='struct sock*' size=0x8 (die:0x8181a0c) <<<--- the first argument ('sk' at %RDI) mov [19] reg8 -> -0xa8(stack) type='unsigned int' size=0x4 (die:0x8180ed6) mov [20] stack canary -> reg0 mov [29] reg0 -> -0x30(stack) stack canary bb: [36 - 3e] mov [36] reg4 -> reg15 type='struct sk_buff*' size=0x8 (die:0x8181360) bb: [44 - 63] mov [44] reg5 -> reg3 type='struct sock*' size=0x8 (die:0x8181a0c) <<<--- calling tcp_sk() var [47] reg3 type='struct tcp_sock*' size=0x8 (die:0x819eead) <<<--- new variable ('tp' at %RBX) var [4e] reg4 type='unsigned long long' size=0x8 (die:0x8180edd) mov [58] reg4 -> -0xc0(stack) type='unsigned long long' size=0x8 (die:0x8180edd) chk [63] reg5 offset=0x748 ok=1 kind=1 (struct sock*) : offset bigger than size <<<--- access with old variable final result: offset bigger than size While it's a fault in the compiler, we could work around this issue by using the type of new variable when it's copied directly. So I've added copied_from field in the register state to track those direct register to register copies. After that new register gets a new type and the old register still has the same type, it'll update (copy it back) the type of the old register. For example, if we can update type of reg5 at __tcp_transmit_skb+0x47, we can find the target type of the instruction at 0x63 like below: ----------------------------------------------------------- find data type for 0x748(reg5) at __tcp_transmit_skb+0x63 ... bb: [44 - 63] mov [44] reg5 -> reg3 type='struct sock*' size=0x8 (die:0x8181a0c) var [47] reg3 type='struct tcp_sock*' size=0x8 (die:0x819eead) var [47] copyback reg5 type='struct tcp_sock*' size=0x8 (die:0x819eead) <<<--- here mov [47] 0x748(reg5) -> reg4 type='unsigned long long' size=0x8 (die:0x8180edd) mov [4e] 0x750(reg5) -> reg0 type='unsigned long long' size=0x8 (die:0x8180edd) mov [58] reg4 -> -0xc0(stack) type='unsigned long long' size=0x8 (die:0x8180edd) chk [63] reg5 offset=0x748 ok=1 kind=1 (struct tcp_sock*) : Good! <<<--- new type found by insn track: 0x748(reg5) type-offset=0x748 final result: type='struct tcp_sock' size=0xa98 (die:0x819eeb2) Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240821232628.353177-5-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 895891dad7353d6058a8e5c499cf814fe7de9388 Author: Namhyung Kim Date: Wed Aug 21 16:26:27 2024 -0700 perf annotate-data: Update stack slot for the store When checking the match variable at the target instruction, it might not have any information if it's a first write to a stack slot. In this case it could spill a register value into the stack so the type info is in the source operand. But currently it's hard to get the operand from the checking function. Let's process the instruction and retry to get the type info from the stack if there's no information already. This is an example of __tcp_transmit_skb(). The instructions are <__tcp_transmit_skb>: 0: nopl 0x0(%rax, %rax, 1) 5: push %rbp 6: mov %rsp, %rbp 9: push %r15 b: push %r14 d: push %r13 f: push %r12 11: push %rbx 12: sub $0x98, %rsp 19: mov %r8d, -0xa8(%rbp) ... It cannot find any variable at -0xa8(%rbp) at this point. ----------------------------------------------------------- find data type for -0xa8(reg6) at __tcp_transmit_skb+0x19 CU for net/ipv4/tcp_output.c (die:0x817f543) frame base: cfa=0 fbreg=6 scope: [1/1] (die:81aac3e) bb: [0 - 19] var [0] -0x98(stack) type='struct tcp_out_options' size=0x28 (die:0x81af3df) var [5] reg8 type='unsigned int' size=0x4 (die:0x8180ed6) var [5] reg2 type='unsigned int' size=0x4 (die:0x8180ed6) var [5] reg1 type='int' size=0x4 (die:0x818059e) var [5] reg4 type='struct sk_buff*' size=0x8 (die:0x8181360) var [5] reg5 type='struct sock*' size=0x8 (die:0x8181a0c) chk [19] reg6 offset=-0xa8 ok=0 kind=0 fbreg : no type information no type information And it was able to find the type after processing the 'mov' instruction. ----------------------------------------------------------- find data type for -0xa8(reg6) at __tcp_transmit_skb+0x19 CU for net/ipv4/tcp_output.c (die:0x817f543) frame base: cfa=0 fbreg=6 scope: [1/1] (die:81aac3e) bb: [0 - 19] var [0] -0x98(stack) type='struct tcp_out_options' size=0x28 (die:0x81af3df) var [5] reg8 type='unsigned int' size=0x4 (die:0x8180ed6) var [5] reg2 type='unsigned int' size=0x4 (die:0x8180ed6) var [5] reg1 type='int' size=0x4 (die:0x818059e) var [5] reg4 type='struct sk_buff*' size=0x8 (die:0x8181360) var [5] reg5 type='struct sock*' size=0x8 (die:0x8181a0c) chk [19] reg6 offset=-0xa8 ok=0 kind=0 fbreg : retry <<<--- here mov [19] reg8 -> -0xa8(stack) type='unsigned int' size=0x4 (die:0x8180ed6) chk [19] reg6 offset=-0xa8 ok=0 kind=0 fbreg : Good! found by insn track: -0xa8(reg6) type-offset=0 final result: type='unsigned int' size=0x4 (die:0x8180ed6) Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240821232628.353177-4-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit a0d57c606188ebf106f26951558c3801627dd0a1 Author: Namhyung Kim Date: Wed Aug 21 16:26:26 2024 -0700 perf annotate-data: Update debug messages In check_matching_type(), it'd be easier to display the typename in question if it's available. For example, check out the line starts with 'chk'. ----------------------------------------------------------- find data type for 0x10(reg0) at cpuacct_charge+0x13 CU for kernel/sched/build_utility.c (die:0x137ee0b) frame base: cfa=1 fbreg=7 scope: [3/3] (die:13d9632) bb: [c - 13] var [c] reg5 type='struct task_struct*' size=0x8 (die:0x1381230) mov [c] 0xdf8(reg5) -> reg0 type='struct css_set*' size=0x8 (die:0x1385c56) chk [13] reg0 offset=0x10 ok=1 kind=1 (struct css_set*) : Good! <<<--- here found by insn track: 0x10(reg0) type-offset=0x10 final result: type='struct css_set' size=0x250 (die:0x1385b0e) Another example: ----------------------------------------------------------- find data type for 0x8(reg0) at menu_select+0x279 CU for drivers/cpuidle/governors/menu.c (die:0x7b0fe79) frame base: cfa=1 fbreg=7 scope: [2/2] (die:7b11010) bb: [273 - 277] bb: [279 - 279] chk [279] reg0 offset=0x8 ok=0 kind=0 cfa : no type information scope: [1/2] (die:7b10cbc) bb: [0 - 64] ... mov [26a] imm=0xffffffff -> reg15 bb: [273 - 277] bb: [279 - 279] chk [279] reg0 offset=0x8 ok=1 kind=1 (long long unsigned int) : no/void pointer <<<--- here final result: no/void pointer Also change some places to print negative offsets properly. Before: ----------------------------------------------------------- find data type for 0xffffff40(reg6) at __tcp_transmit_skb+0x58 After: ----------------------------------------------------------- find data type for -0xc0(reg6) at __tcp_transmit_skb+0x58 Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240821232628.353177-3-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit d352eca2662734cdd5ef90df1f8bc28b9505e36f Merge: 6d641ca50d7ec7 8c2e043daadad0 Author: Alexei Starovoitov Date: Thu Aug 22 08:35:21 2024 -0700 Merge branch 'support-bpf_fastcall-patterns-for-calls-to-kfuncs' Eduard Zingerman says: ==================== support bpf_fastcall patterns for calls to kfuncs As an extension of [1], allow bpf_fastcall patterns for kfuncs: - pattern rules are the same as for helpers; - spill/fill removal is allowed only for kfuncs listed in the is_fastcall_kfunc_call (under assumption that such kfuncs would always be members of special_kfunc_list). Allow bpf_fastcall rewrite for bpf_cast_to_kern_ctx() and bpf_rdonly_cast() in order to conjure selftests for this feature. After this patch-set verifier would rewrite the program below: r2 = 1 *(u64 *)(r10 - 32) = r2 call %[bpf_cast_to_kern_ctx] r2 = *(u64 *)(r10 - 32) r0 = r2;" As follows: r2 = 1 /* spill/fill at r10[-32] is removed */ r0 = r1 /* replacement for bpf_cast_to_kern_ctx() */ r0 = r2 exit Also, attribute used by LLVM implementation of the feature had been changed from no_caller_saved_registers to bpf_fastcall (see [2]). This patch-set replaces references to nocsr by references to bpf_fastcall to keep LLVM and Kernel parts in sync. [1] no_caller_saved_registers attribute for helper calls https://lore.kernel.org/bpf/20240722233844.1406874-1-eddyz87@gmail.com/ [2] [BPF] introduce __attribute__((bpf_fastcall)) https://github.com/llvm/llvm-project/pull/105417 Changes v2->v3: - added a patch fixing arch_mask handling in test_loader, otherwise newly added tests for the feature were skipped (a fix for regression introduced by a recent commit); - fixed warning regarding unused 'params' variable; - applied stylistical fixes suggested by Yonghong; - added acks from Yonghong; Changes v1->v2: - added two patches replacing all mentions of nocsr by bpf_fastcall (suggested by Andrii); - removed KF_NOCSR flag (suggested by Yonghong). v1: https://lore.kernel.org/bpf/20240812234356.2089263-1-eddyz87@gmail.com/ v2: https://lore.kernel.org/bpf/20240817015140.1039351-1-eddyz87@gmail.com/ ==================== Link: https://lore.kernel.org/r/20240822084112.3257995-1-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit 8c2e043daadad021fc501ac64cce131f48c3ca46 Author: Eduard Zingerman Date: Thu Aug 22 01:41:12 2024 -0700 selftests/bpf: check if bpf_fastcall is recognized for kfuncs Use kfunc_bpf_cast_to_kern_ctx() and kfunc_bpf_rdonly_cast() to verify that bpf_fastcall pattern is recognized for kfunc calls. Acked-by: Yonghong Song Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240822084112.3257995-7-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit f406026fefa745ff9a3153507cc3b9a87371d954 Author: Eduard Zingerman Date: Thu Aug 22 01:41:11 2024 -0700 selftests/bpf: by default use arch mask allowing all archs If test case does not specify architecture via __arch_* macro consider that it should be run for all architectures. Fixes: 7d743e4c759c ("selftests/bpf: __jited test tag to check disassembly after jit") Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240822084112.3257995-6-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit 40609093247b586ee6f8ca8f2b30c7d583c6fd25 Author: Eduard Zingerman Date: Thu Aug 22 01:41:10 2024 -0700 bpf: allow bpf_fastcall for bpf_cast_to_kern_ctx and bpf_rdonly_cast do_misc_fixups() relaces bpf_cast_to_kern_ctx() and bpf_rdonly_cast() by a single instruction "r0 = r1". This follows bpf_fastcall contract. This commit allows bpf_fastcall pattern rewrite for these two functions in order to use them in bpf_fastcall selftests. Acked-by: Yonghong Song Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240822084112.3257995-5-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit b2ee6d27e9c6be0409e96591dcee62032a8e0156 Author: Eduard Zingerman Date: Thu Aug 22 01:41:09 2024 -0700 bpf: support bpf_fastcall patterns for kfuncs Recognize bpf_fastcall patterns around kfunc calls. For example, suppose bpf_cast_to_kern_ctx() follows bpf_fastcall contract (which it does), in such a case allow verifier to rewrite BPF program below: r2 = 1; *(u64 *)(r10 - 32) = r2; call %[bpf_cast_to_kern_ctx]; r2 = *(u64 *)(r10 - 32); r0 = r2; By removing the spill/fill pair: r2 = 1; call %[bpf_cast_to_kern_ctx]; r0 = r2; Acked-by: Yonghong Song Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240822084112.3257995-4-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit adec67d372fecd97585d76dbebb610d62ec9d2cc Author: Eduard Zingerman Date: Thu Aug 22 01:41:08 2024 -0700 selftests/bpf: rename nocsr -> bpf_fastcall in selftests Attribute used by LLVM implementation of the feature had been changed from no_caller_saved_registers to bpf_fastcall (see [1]). This commit replaces references to nocsr by references to bpf_fastcall to keep LLVM and selftests parts in sync. [1] https://github.com/llvm/llvm-project/pull/105417 Acked-by: Yonghong Song Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240822084112.3257995-3-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit ae010757a55b57c8b82628e8ea9b7da2269131d9 Author: Eduard Zingerman Date: Thu Aug 22 01:41:07 2024 -0700 bpf: rename nocsr -> bpf_fastcall in verifier Attribute used by LLVM implementation of the feature had been changed from no_caller_saved_registers to bpf_fastcall (see [1]). This commit replaces references to nocsr by references to bpf_fastcall to keep LLVM and Kernel parts in sync. [1] https://github.com/llvm/llvm-project/pull/105417 Acked-by: Yonghong Song Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240822084112.3257995-2-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit a11b4222bb579dcf9646f3c4ecd2212ae762a2c8 Author: Namhyung Kim Date: Wed Aug 21 16:26:25 2024 -0700 perf dwarf-aux: Handle bitfield members from pointer access The __die_find_member_offset_cb() missed to handle bitfield members which don't have DW_AT_data_member_location. Like in adding member types in __add_member_cb() it should fallback to check the bit offset when it resolves the member type for an offset. Fixes: 437683a9941891c1 ("perf dwarf-aux: Handle type transfer for memory access") Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Masami Hiramatsu Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240821232628.353177-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 90dc34da02aca2fe529ae1ed1822e8fc2a0d9ebc Author: Richard Fitzgerald Date: Thu Aug 22 15:55:35 2024 +0100 ASoC: cs35l56: Make struct regmap_config const It's now possible to declare instances of struct regmap_config as const data. Signed-off-by: Richard Fitzgerald Link: https://patch.msgid.link/20240822145535.336407-1-rf@opensource.cirrus.com Signed-off-by: Mark Brown commit 6d641ca50d7ec7d5e4e889c3f8ea22afebc2a403 Author: Uros Bizjak Date: Sun Aug 11 18:13:33 2024 +0200 bpf: Fix percpu address space issues In arraymap.c: In bpf_array_map_seq_start() and bpf_array_map_seq_next() cast return values from the __percpu address space to the generic address space via uintptr_t [1]. Correct the declaration of pptr pointer in __bpf_array_map_seq_show() to void __percpu * and cast the value from the generic address space to the __percpu address space via uintptr_t [1]. In hashtab.c: Assign the return value from bpf_mem_cache_alloc() to void pointer and cast the value to void __percpu ** (void pointer to percpu void pointer) before dereferencing. In memalloc.c: Explicitly declare __percpu variables. Cast obj to void __percpu **. In helpers.c: Cast ptr in BPF_CALL_1 and BPF_CALL_2 from generic address space to __percpu address space via const uintptr_t [1]. Found by GCC's named address space checks. There were no changes in the resulting object files. [1] https://sparse.docs.kernel.org/en/latest/annotations.html#address-space-name Signed-off-by: Uros Bizjak Cc: Alexei Starovoitov Cc: Daniel Borkmann Cc: Andrii Nakryiko Cc: Martin KaFai Lau Cc: Eduard Zingerman Cc: Song Liu Cc: Yonghong Song Cc: John Fastabend Cc: KP Singh Cc: Stanislav Fomichev Cc: Hao Luo Cc: Jiri Olsa Acked-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240811161414.56744-1-ubizjak@gmail.com Signed-off-by: Alexei Starovoitov commit 5148f19ac4bdf66b5bf5736e8e9d1df323c0dcb4 Merge: b6ab50902724a2 110bbd3a2ed71f Author: Alexei Starovoitov Date: Thu Aug 22 08:00:26 2024 -0700 Merge branch 'bpf-fix-null-pointer-access-for-malformed-bpf_core_type_id_local-relos' Eduard Zingerman says: ==================== bpf: fix null pointer access for malformed BPF_CORE_TYPE_ID_LOCAL relos Liu RuiTong reported an in-kernel null pointer derefence when processing BPF_CORE_TYPE_ID_LOCAL relocations referencing non-existing BTF types. Fix this by adding proper id checks. Changes v2->v3: - selftest update suggested by Andrii: avoid memset(0) for log buffer and do memset(0) for bpf_attr. Changes v1->v2: - moved check from bpf_core_calc_relo_insn() to bpf_core_apply() now both in kernel and in libbpf relocation type id is guaranteed to exist when bpf_core_calc_relo_insn() is called; - added a test case. v1: https://lore.kernel.org/bpf/20240821164620.1056362-1-eddyz87@gmail.com/ v2: https://lore.kernel.org/bpf/20240822001837.2715909-1-eddyz87@gmail.com/ ==================== Link: https://lore.kernel.org/r/20240822080124.2995724-1-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit 110bbd3a2ed71f3cf4d9438d62f22f591952fc3b Author: Eduard Zingerman Date: Thu Aug 22 01:01:24 2024 -0700 selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation Check that verifier rejects BPF program containing relocation pointing to non-existent BTF type. To force relocation resolution on kernel side test case uses bpf_attr->core_relos field. This field is not exposed by libbpf, so directly do BPF system call in the test. Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240822080124.2995724-3-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit 3d2786d65aaa954ebd3fcc033ada433e10da21c4 Author: Eduard Zingerman Date: Thu Aug 22 01:01:23 2024 -0700 bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos In case of malformed relocation record of kind BPF_CORE_TYPE_ID_LOCAL referencing a non-existing BTF type, function bpf_core_calc_relo_insn would cause a null pointer deference. Fix this by adding a proper check upper in call stack, as malformed relocation records could be passed from user space. Simplest reproducer is a program: r0 = 0 exit With a single relocation record: .insn_off = 0, /* patch first instruction */ .type_id = 100500, /* this type id does not exist */ .access_str_off = 6, /* offset of string "0" */ .kind = BPF_CORE_TYPE_ID_LOCAL, See the link for original reproducer or next commit for a test case. Fixes: 74753e1462e7 ("libbpf: Replace btf__type_by_id() with btf_type_by_id().") Reported-by: Liu RuiTong Closes: https://lore.kernel.org/bpf/CAK55_s6do7C+DVwbwY_7nKfUz0YLDoiA1v6X3Y9+p0sWzipFSA@mail.gmail.com/ Acked-by: Andrii Nakryiko Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240822080124.2995724-2-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit e5ae4083d32d9ba196c7452814bed5e5aa0731ec Author: Frank Li Date: Wed Aug 21 18:20:00 2024 -0400 dt-bindings: leds: Convert leds-lm3692x to YAML format Additional changes: - Add ref to common.yaml for child node. - Add I2C node at example. Fix below warning: arch/arm64/boot/dts/freescale/imx8mq-librem5-r2.dtb: /soc@0/bus@30800000/i2c@30a40000/backlight@36: failed to match any schema with compatible: ['ti,lm36922'] Signed-off-by: Frank Li Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240821222001.591111-1-Frank.Li@nxp.com Signed-off-by: Lee Jones commit 4968f6721332189d36d6d799be61325921906a8c Author: Huan Yang Date: Wed Aug 21 09:37:25 2024 +0800 leds: lp55xx: Use devm_clk_get_enabled() helpers Simplify the code a bunch by using managed resource helpers. Also, there is no need to save clk pointer anymore. Suggested-by: Christophe JAILLET Signed-off-by: Huan Yang Link: https://lore.kernel.org/r/20240821013725.785956-1-link@vivo.com Signed-off-by: Lee Jones commit 77b2b4759849a9bb1cb54829f52945bad7a46919 Author: Javier Carrasco Date: Tue Aug 20 21:02:27 2024 +0200 leds: as3645a: Use device_* to iterate over device child nodes Drop the manual access to the fwnode of the device to iterate over its child nodes. `device_for_each_child_node` macro provides direct access to the child nodes, and given that the `child` variable is only required within the loop, the scoped variant of the macro can be used. Use the `device_for_each_child_node_scoped` macro to iterate over the direct child nodes of the device. Signed-off-by: Javier Carrasco Acked-by: Sakari Ailus Link: https://lore.kernel.org/r/20240820-device_child_node_access-v3-2-1ee09bdedb9e@gmail.com Signed-off-by: Lee Jones commit 8b7e0a6c443e855374a426dcdfd0a19912d70df3 Author: Bartosz Golaszewski Date: Wed Aug 21 12:08:18 2024 +0200 Documentation: add a driver API doc for the power sequencing subsystem Describe what the subsystem does, how the consumers and providers work and add API reference generated from kerneldocs. Acked-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240821100818.13763-1-brgl@bgdev.pl Signed-off-by: Bartosz Golaszewski commit 9557b4376d02088a33e5f4116bcc324d35a3b64c Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:49 2024 +0200 leds: qcom-lpg: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-17-1d0292802470@linaro.org Signed-off-by: Lee Jones commit 122d57e2960c81b6916a5ebe44bfb8c14ebe81de Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:48 2024 +0200 leds: turris-omnia: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Marek Behún Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-16-1d0292802470@linaro.org Signed-off-by: Lee Jones commit 42476bce8d78eeea5057f34738daa8236b9912a6 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:47 2024 +0200 leds: sc27xx: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-15-1d0292802470@linaro.org Signed-off-by: Lee Jones commit af728722d7a1d81dd38bdf9a646fee84aefde901 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:46 2024 +0200 leds: pca9532: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-14-1d0292802470@linaro.org Signed-off-by: Lee Jones commit d3f5f674058f5f1d93d9402c79f56684d81e5993 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:45 2024 +0200 leds: netxbig: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-13-1d0292802470@linaro.org Signed-off-by: Lee Jones commit 84e2b97f87b8bc7dde90555ef29ac5eae27b3c8e Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:44 2024 +0200 leds: mt6323: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-12-1d0292802470@linaro.org Signed-off-by: Lee Jones commit e98a7f1fb9296733855347a98b1cac16e70b7ed8 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:43 2024 +0200 leds: mc13783: Use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-11-1d0292802470@linaro.org Signed-off-by: Lee Jones commit 9d4cfee092ecdaf98f255ee61d094334ddf9f110 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:42 2024 +0200 leds: lp55xx: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-10-1d0292802470@linaro.org Signed-off-by: Lee Jones commit 2c37529ee95d06ab44613572bfa474413f9a5b58 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:41 2024 +0200 leds: is31fl32xx: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-9-1d0292802470@linaro.org Signed-off-by: Lee Jones commit c57ba40ea1e78bbf544ec667a9e0f885a8957f5c Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:40 2024 +0200 leds: bcm6358: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-8-1d0292802470@linaro.org Signed-off-by: Lee Jones commit 6a1d796e70c703a7557c7ef21304879de85f40ec Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:39 2024 +0200 leds: bcm6328: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-7-1d0292802470@linaro.org Signed-off-by: Lee Jones commit 073f016511913e2ea6c52e5d77d33a8cb03c4424 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:38 2024 +0200 leds: aw2013: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-6-1d0292802470@linaro.org Signed-off-by: Lee Jones commit 6c17a9a8991cf1f4e0767c2a8b3c110ea34e1019 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:37 2024 +0200 leds: 88pm860x: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-5-1d0292802470@linaro.org Signed-off-by: Lee Jones commit 05c2f554d1edd6399720e8f8097e9165dcf17044 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:36 2024 +0200 leds: max77693: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-4-1d0292802470@linaro.org Signed-off-by: Lee Jones commit d225d436f7baccde74ad80d9dc7f08e1271b8473 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:35 2024 +0200 leds: max77693: Add missing of_node_get for probe duration At beginning of probe() function, the driver iterates over OF children and assigns found device node for later. The code uses for_each_available_child_of_node() which drops the references on children on each successful pass, thus the probe function operates later on the device node without holding the reference. Fix this by increasing the reference count for found child node and drop it at the end of the probe, because it is not needed further (the V4L init code takes its own references). Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-3-1d0292802470@linaro.org Signed-off-by: Lee Jones commit 700b6c984b418c04c63a54f67b6758b81016f0e3 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:34 2024 +0200 leds: ktd2692: Use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-2-1d0292802470@linaro.org Signed-off-by: Lee Jones commit 1e63395e58b2b1d0105bb5ffdb1e5d7400a4be82 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:31:33 2024 +0200 leds: aat1290: Use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-var-v1-1-1d0292802470@linaro.org Signed-off-by: Lee Jones commit d6f75d86aa786740ef7a7607685e9e1039e30aab Author: Yu Jiaoliang Date: Wed Aug 21 16:14:45 2024 +0800 nfp: bpf: Use kmemdup_array instead of kmemdup for multiple allocation Let the kememdup_array() take care about multiplication and possible overflows. Signed-off-by: Yu Jiaoliang Signed-off-by: Louis Peens Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240821081447.12430-1-yujiaoliang@vivo.com Signed-off-by: Paolo Abeni commit 168448111279e639e3296ee5c19e0cd96756422e Author: Jani Nikula Date: Tue Aug 20 22:00:43 2024 +0300 drm/xe: remove display stepping handling The code is now unused. Remove. Reviewed-by: Matt Roper Acked-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/19bc7a3197f2bc6f3c0d337487ab19f3b7f5612a.1724180287.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit e0446e122eae43c173d0c99375e1b2cc8da009a7 Author: Jani Nikula Date: Tue Aug 20 22:00:42 2024 +0300 drm/i915: remove display stepping handling The code is now unused. Remove. Reviewed-by: Matt Roper Acked-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/d64c5e8563dcb8858569d5578230f6b675acdafb.1724180287.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit dfc88eac97e2177844e5dfa877f2ff60c73bf507 Author: Jani Nikula Date: Tue Aug 20 22:00:41 2024 +0300 drm/i915/display: switch to display detected steppings Move the stepping related macros over to display. We can proceed to remove the compat macros from xe. Note: Looks like we've failed to actually initialize the display stepping for GMD ID based platforms in the xe driver. It does get set in display runtime info, but until now the compat macro used xe->info.step.display which was not set for GMD ID. Reviewed-by: Matt Roper Acked-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/ce8bb94e1a801d3c345f1810837bdd1964c3af75.1724180287.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 4446387572fb7952a387b8e45e8a96b4f08a2a53 Author: Jani Nikula Date: Wed Aug 21 12:50:36 2024 +0300 drm/i915/display: identify display steppings in display probe Both i915 and xe have code to identify display steppings. Start deduplicating this by, uh, adding a third copy in display code. This is not yet used for anything other than debug logging. We'll switch over later. For platforms before GMD ID, attach the mapping from PCI revision to stepping in the platform and subplatform descriptors. This is a considerably cleaner approach than having it completely separate. Also add a separate field for stepping in display runtime info, preserving the value from GMD ID. v2: Handle NULL subdesc (Matt) Reviewed-by: Matt Roper Acked-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240821095036.2044654-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit 5a48d67ac336436ed4a79c1c9e036a409b502329 Author: Jani Nikula Date: Tue Aug 20 22:00:39 2024 +0300 drm/i915/display: rename IS_DISPLAY_IP_STEP() to IS_DISPLAY_VER_STEP() Unify macro naming on VER. Reviewed-by: Matt Roper Acked-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/6861e02f3adf15d56e89890000eb195070c33c9b.1724180287.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit c8fc8346bdd097d624771e606aef93644c072ef2 Author: Jani Nikula Date: Tue Aug 20 22:00:38 2024 +0300 drm/i915/display: rename IS_DISPLAY_IP_RANGE() to IS_DISPLAY_VER_FULL() Unify macro naming. Be more in line with DISPLAY_VER() and IS_DISPLAY_VER(). Reviewed-by: Matt Roper Acked-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/adb43f45ad0b1846c2cb9a5861ba1f727c41ae83.1724180287.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 85878978fcd2812eaca309ead436bcd38777f6f7 Author: Jani Nikula Date: Tue Aug 20 22:00:37 2024 +0300 drm/xe/step: define more steppings E-J These are primarily needed for compat reasons with display code in upcoming changes. There's no harm in having them. While at it, add a comment about the requirement to match against GMD ID value spacing. Reviewed-by: Matt Roper Acked-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/88074394509d4849f8ec6ab5776394b961032cd0.1724180287.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 7bb98ca6542e19a9da7cc322114bb4867acd9614 Author: Jani Nikula Date: Tue Aug 20 22:00:36 2024 +0300 drm/xe/display: remove the unused compat HAS_GMD_ID() The display code no longer needs or uses HAS_GMD_ID(). Remove it from the compat header. Reviewed-by: Matt Roper Acked-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/67571bb0b10fb5c99dba57757f2213ef39bdedbb.1724180287.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit fa509a33e34849cce6c17f969991dc87a864fbde Author: Jani Nikula Date: Tue Aug 20 22:00:35 2024 +0300 drm/xe/display: remove intel_display_step_name() to simplify The intel_display_step_name() is an unnecessary extra indirection. Simplify by just adding a macro to map intel_step_name() to xe_step_name(). We'll need to temporarily add a compat INTEL_DISPLAY_STEP() for this. Reviewed-by: Matt Roper Acked-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/cbea7def331cc9d2438da49ae344b9987f27cd12.1724180287.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 453afb1a439994deeacb8d9ecbb48c1f2348ea0a Author: Jani Nikula Date: Tue Aug 20 22:00:34 2024 +0300 drm/xe/display: fix compat IS_DISPLAY_STEP() range end It's supposed to be an open range at the end like in i915. Fingers crossed that nobody relies on this definition. Fixes: 44e694958b95 ("drm/xe/display: Implement display support") Reviewed-by: Lucas De Marchi Reviewed-by: Matt Roper Acked-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/fe8743770694e429f6902491cdb306c97bdf701a.1724180287.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 61e1f74f739546415570ccc1ac14e1b26afe4705 Author: Kuninori Morimoto Date: Wed Aug 21 02:14:15 2024 +0000 ASoC: Intel: sof_sdw: use playback/capture_only flags Prepare for removal of dpcm_playback and dpcm_capture flags in dailinks. [Kuninori adjusted Pierre-Louis's patch] Signed-off-by: Pierre-Louis Bossart Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87o75maah5.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit 46fb727a28d8c7195f915150a669d927d463069b Author: Jerome Brunet Date: Wed Aug 21 02:14:09 2024 +0000 ASoC: amlogic: do not use dpcm_playback/capture flags dpcm_playback/capture flags are being deprecated in ASoC. Use playback/capture_only flags instead Suggested-by: Kuninori Morimoto Signed-off-by: Jerome Brunet Signed-off-by: Kuninori Morimoto Tested-by: Jerome Brunet Link: https://patch.msgid.link/87plq2aahb.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit 12806510481497a01d01edd64d7bb53a4d9ec28d Author: Kuninori Morimoto Date: Wed Aug 21 02:14:02 2024 +0000 ASoC: remove snd_soc_dai_link_set_capabilities() dpcm_xxx flags are no longer needed. We need to use xxx_only flags instead if needed, but snd_soc_dai_link_set_capabilities() user adds dpcm_xxx if playback/capture were available. Thus converting dpcm_xxx to xxx_only is not needed. Just remove it. Signed-off-by: Kuninori Morimoto Tested-by: Jerome Brunet Link: https://patch.msgid.link/87r0aiaahh.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit fd69dfe6789f4ed46d1fdb52e223cff83946d997 Author: Kuninori Morimoto Date: Wed Aug 21 02:13:56 2024 +0000 ASoC: soc-pcm: Indicate warning if dpcm_playback/capture were used for availability limition I have been wondering why DPCM needs special flag (= dpcm_playback/capture) to use it. Below is the history why it was added to ASoC. (A) In beginning, there was no dpcm_xxx flag on ASoC. It checks channels_min for DPCM, same as current non-DPCM. Let's name it as "validation check" here. if (rtd->dai_link->dynamic || rtd->dai_link->no_pcm) { if (cpu_dai->driver->playback.channels_min) playback = 1; if (cpu_dai->driver->capture.channels_min) capture = 1; (B) commit 1e9de42f4324 ("ASoC: dpcm: Explicitly set BE DAI link supported stream directions") force to use dpcm_xxx flag on DPCM. According to this commit log, this is because "Some BE dummy DAI doesn't set channels_min for playback/capture". But we don't know which DAI is it, and not know why it can't/don't have channels_min. Let's name it as "no_chan_DAI" here. According to the code and git-log, it is used as DCPM-BE and is CPU DAI. I think the correct solution was set channels_min on "no_chan_DAI" side, not update ASoC framework side. But everything is under smoke today. if (rtd->dai_link->dynamic || rtd->dai_link->no_pcm) { playback = rtd->dai_link->dpcm_playback; capture = rtd->dai_link->dpcm_capture; (C) commit 9b5db059366a ("ASoC: soc-pcm: dpcm: Only allow playback/capture if supported") checks channels_min (= validation check) again. Because DPCM availability was handled by dpcm_xxx flag at that time, but some Sound Card set it even though it wasn't available. Clearly there's a contradiction here. I think correct solution was update Sound Card side instead of ASoC framework. Sound Card side will be updated to handle this issue later (commit 25612477d20b ("ASoC: soc-dai: set dai_link dpcm_ flags with a helper")) if (rtd->dai_link->dynamic || rtd->dai_link->no_pcm) { ... playback = rtd->dai_link->dpcm_playback && snd_soc_dai_stream_valid(cpu_dai, ...); capture = rtd->dai_link->dpcm_capture && snd_soc_dai_stream_valid(cpu_dai, ...); This (C) patch should have broken "no_chan_DAI" which doesn't have channels_min, but there was no such report during this 4 years. Possibilities case are as follows - No one is using "no_chan_DAI" - "no_chan_DAI" is no longer exist : was removed ? - "no_chan_DAI" is no longer exist : has channels_min ? Because of these history, this dpcm_xxx is unneeded flag today. But because we have been used it for 10 years since (B), it may have been used differently. For example some DAI available both playback/capture, but it set dpcm_playback flag only, in this case dpcm_xxx flag is used as availability limitation. We can use playback_only flag instead in this case, but it is very difficult to find such DAI today. Let's add grace time to remove dpcm_playback/capture flag. This patch don't use dpcm_xxx flag anymore, and indicates warning to use xxx_only flag if both playback/capture were available but using only one of dpcm_xxx flag, and not using xxx_only flag. Link: https://lore.kernel.org/r/87edaym2cg.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Kuninori Morimoto Tested-by: Jerome Brunet Link: https://patch.msgid.link/87seuyaahn.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit bfefa214d179f13d01cf1b64a7efbabf586b0c49 Author: Chen-Yu Tsai Date: Thu Aug 22 15:20:46 2024 +0800 regulator: Fully clean up on error in of_regulator_bulk_get_all() Currently in of_regulator_bulk_get_all(), if any regulator request fails, the error path releases all regulators already requested, but leaves the |struct regulator_bulk_data| memory to the caller to free, and also leaves the regulator consumer pointers dangling. The latter behavior is not documented, and may not be what the caller is expecting. Instead, explicitly clean up everything on error, and make it clear that the result pointer is only update if the whole request succeeds. Signed-off-by: Chen-Yu Tsai Link: https://patch.msgid.link/20240822072047.3097740-4-wenst@chromium.org Signed-off-by: Mark Brown commit 395a41a1d3e377462f3eea8a205ee72be8885ff6 Author: Chen-Yu Tsai Date: Thu Aug 22 15:20:45 2024 +0800 regulator: Return actual error in of_regulator_bulk_get_all() If regulator_get() in of_regulator_bulk_get_all() returns an error, that error gets overridden and -EINVAL is always passed out. This masks probe deferral requests and likely won't work properly in all cases. Fix this by letting of_regulator_bulk_get_all() return the original error code. Fixes: 27b9ecc7a9ba ("regulator: Add of_regulator_bulk_get_all") Signed-off-by: Chen-Yu Tsai Link: https://patch.msgid.link/20240822072047.3097740-3-wenst@chromium.org Signed-off-by: Mark Brown commit ad9d7a82901d9cea756b8666035b30ca41728e15 Author: Chen-Yu Tsai Date: Thu Aug 22 15:20:44 2024 +0800 regulator: Clarify error message for "id == NULL" in _regulator_get() The original error message simply said "get() with no identifier" without any context as to what was requested or what device the request was related to. The only thing the user or developer could do was grep for the message in the full source tree. Amend the error message to be more specific, and also use dev_* to associate the error message with a device. Signed-off-by: Chen-Yu Tsai Link: https://patch.msgid.link/20240822072047.3097740-2-wenst@chromium.org Signed-off-by: Mark Brown commit 1a9e3b0af301413210319e6946fb4b0b1ad71ccc Author: Shenghao Ding Date: Thu Aug 22 14:32:02 2024 +0800 ASoC: tas2781: mark const variables tas2563_dvc_table as __maybe_unused In case of tas2781, tas2563_dvc_table will be unused, so mark it as __maybe_unused. Signed-off-by: Shenghao Ding Link: https://patch.msgid.link/20240822063205.662-1-shenghao-ding@ti.com Signed-off-by: Mark Brown commit 23618f5b630a1dde8c465150ddb2fd308b686b08 Author: Wu Bo Date: Thu Aug 22 03:52:49 2024 -0600 ASoC: dwc: change to use devm_clk_get_enabled() helpers Make the code cleaner and avoid call clk_disable_unprepare() Signed-off-by: Wu Bo Link: https://patch.msgid.link/20240822095249.1642713-1-bo.wu@vivo.com Signed-off-by: Mark Brown commit b6ab50902724a27f1fc7136927c27d29f9ba01c6 Author: Yu Jiaoliang Date: Wed Aug 21 15:37:08 2024 +0800 bpf: Use kmemdup_array instead of kmemdup for multiple allocation Let the kmemdup_array() take care about multiplication and possible overflows. Signed-off-by: Yu Jiaoliang Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20240821073709.4067177-1-yujiaoliang@vivo.com commit 812a2751e827fa1eb01f3bd268b4d74c23f4226a Author: Lorenzo Bianconi Date: Wed Aug 21 09:30:14 2024 +0200 net: airoha: configure hw mac address according to the port id GDM1 port on EN7581 SoC is connected to the lan dsa switch. GDM{2,3,4} can be used as wan port connected to an external phy module. Configure hw mac address registers according to the port id. Signed-off-by: Lorenzo Bianconi Link: https://patch.msgid.link/20240821-airoha-eth-wan-mac-addr-v2-1-8706d0cd6cd5@kernel.org Signed-off-by: Paolo Abeni commit f60ef67ff21ede6f3d27d439a136481446dbd8aa Author: Stefan Wahren Date: Wed Aug 21 23:40:48 2024 +0200 drm/vc4: v3d: simplify clock retrieval Common pattern of handling deferred probe can be simplified with dev_err_probe() and devm_clk_get_optional(). This results in much less code. Signed-off-by: Stefan Wahren Reviewed-by: Maíra Canal Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240821214052.6800-6-wahrenst@gmx.net commit 59ac702a932028f572e34cd27fce235def2fc488 Author: Stefan Wahren Date: Wed Aug 21 23:40:46 2024 +0200 drm/vc4: Get the rid of DRM_ERROR() DRM_ERROR() has been deprecated in favor of pr_err(). However, we should prefer to use drm_err() whenever possible so we get device- specific output with the error message. In error case of kcalloc, we can simply drop DRM_ERROR(), because kcalloc already logs errors. Suggested-by: Maíra Canal Signed-off-by: Stefan Wahren Reviewed-by: Maxime Ripard Reviewed-by: Maíra Canal Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240821214052.6800-4-wahrenst@gmx.net commit f1a54e860b1bc8d824925b5a77f510913880e8d6 Author: Stefan Wahren Date: Wed Aug 21 23:40:45 2024 +0200 drm/vc4: hdmi: Handle error case of pm_runtime_resume_and_get The commit 0f5251339eda ("drm/vc4: hdmi: Make sure the controller is powered in detect") introduced the necessary power management handling to avoid register access while controller is powered down. Unfortunately it just print a warning if pm_runtime_resume_and_get() fails and proceed anyway. This could happen during suspend to idle. So we must assume it is unsafe to access the HDMI register. So bail out properly. Fixes: 0f5251339eda ("drm/vc4: hdmi: Make sure the controller is powered in detect") Signed-off-by: Stefan Wahren Reviewed-by: Maíra Canal Acked-by: Maxime Ripard Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240821214052.6800-3-wahrenst@gmx.net commit bcc3773c49af2426093645473fe02a5a8e765587 Author: Jakub Kicinski Date: Tue Aug 20 18:22:27 2024 -0700 selftests: net: add helper for checking if nettest is available A few tests check if nettest exists in the $PATH before adding $PWD to $PATH and re-checking. They don't discard stderr on the first check (and nettest is built as part of selftests, so it's pretty normal for it to not be available in system $PATH). This leads to output noise: which: no nettest in (/home/virtme/tools/fs/bin:/home/virtme/tools/fs/sbin:/home/virtme/tools/fs/usr/bin:/home/virtme/tools/fs/usr/sbin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin) Add a common helper for the check which does silence stderr. There is another small functional change hiding here, because pmtu.sh and fib_rule_tests.sh used to return from the test case rather than completely exit. Building nettest is not hard, there should be no need to maintain the ability to selectively skip cases in its absence. Reviewed-by: Ido Schimmel Signed-off-by: Jakub Kicinski Reviewed-by: Hangbin Liu Link: https://patch.msgid.link/20240821012227.1398769-1-kuba@kernel.org Signed-off-by: Paolo Abeni commit 8f3f07517834382e819e168740bf855273f13d47 Author: Abhishek Tamboli Date: Fri Aug 16 22:41:29 2024 +0530 leds: sun50i-a100: Replace msleep() with usleep_range() Replace msleep() with usleep_range() in sun50i_a100_ledc_suspend() to address the checkpatch.pl warning. msleep() for such short delay can lead to inaccurate sleep times. Switch to usleep_range() provide more precise delay. Fix the following warning from checkpatch.pl: WARNING: msleep < 20ms can sleep for up to 20ms; see Documentation/timers/timers-howto.rst + msleep(1); Signed-off-by: Abhishek Tamboli Acked-by: Chen-Yu Tsai Link: https://lore.kernel.org/r/20240816171129.6411-1-abhishektamboli9@gmail.com Signed-off-by: Lee Jones commit a139c98f760efa1b6f0ee2f36ea6f62f04c8b20a Author: Chris Wulff Date: Sat Aug 17 10:28:51 2024 -0400 USB: gadget: f_hid: Add GET_REPORT via userspace IOCTL While supporting GET_REPORT is a mandatory request per the HID specification the current implementation of the GET_REPORT request responds to the USB Host with an empty reply of the request length. However, some USB Hosts will request the contents of feature reports via the GET_REPORT request. In addition, some proprietary HID 'protocols' will expect different data, for the same report ID, to be to become available in the feature report by sending a preceding SET_REPORT to the USB Device that defines what data is to be presented when that feature report is subsequently retrieved via GET_REPORT (with a very fast < 5ms turn around between the SET_REPORT and the GET_REPORT). There are two other patch sets already submitted for adding GET_REPORT support. The first [1] allows for pre-priming a list of reports via IOCTLs which then allows the USB Host to perform the request, with no further userspace interaction possible during the GET_REPORT request. And another [2] which allows for a single report to be setup by userspace via IOCTL, which will be fetched and returned by the kernel for subsequent GET_REPORT requests by the USB Host, also with no further userspace interaction possible. This patch, while loosely based on both the patch sets, differs by allowing the option for userspace to respond to each GET_REPORT request by setting up a poll to notify userspace that a new GET_REPORT request has arrived. To support this, two extra IOCTLs are supplied. The first of which is used to retrieve the report ID of the GET_REPORT request (in the case of having non-zero report IDs in the HID descriptor). The second IOCTL allows for storing report responses in a list for responding to requests. The report responses are stored in a list (it will be either added if it does not exist or updated if it exists already). A flag (userspace_req) can be set to whether subsequent requests notify userspace or not. Basic operation when a GET_REPORT request arrives from USB Host: - If the report ID exists in the list and it is set for immediate return (i.e. userspace_req == false) then response is sent immediately, userspace is not notified - The report ID does not exist, or exists but is set to notify userspace (i.e. userspace_req == true) then notify userspace via poll: - If userspace responds, and either adds or update the response in the list and respond to the host with the contents - If userspace does not respond within the fixed timeout (2500ms) but the report has been set prevously, then send 'old' report contents - If userspace does not respond within the fixed timeout (2500ms) and the report does not exist in the list then send an empty report Note that userspace could 'prime' the report list at any other time. While this patch allows for flexibility in how the system responds to requests, and therefore the HID 'protocols' that could be supported, a drawback is the time it takes to service the requests and therefore the maximum throughput that would be achievable. The USB HID Specification v1.11 itself states that GET_REPORT is not intended for periodic data polling, so this limitation is not severe. Testing on an iMX8M Nano Ultra Lite with a heavy multi-core CPU loading showed that userspace can typically respond to the GET_REPORT request within 1200ms - which is well within the 5000ms most operating systems seem to allow, and within the 2500ms set by this patch. [1] https://lore.kernel.org/all/20220805070507.123151-2-sunil@amarulasolutions.com/ [2] https://lore.kernel.org/all/20220726005824.2817646-1-vi@endrift.com/ Signed-off-by: David Sands Signed-off-by: Chris Wulff Link: https://lore.kernel.org/r/20240817142850.1311460-2-crwulff@gmail.com Signed-off-by: Greg Kroah-Hartman commit db63d9868f7f310de44ba7bea584e2454f8b4ed0 Author: Wadim Egorov Date: Fri Aug 16 14:41:50 2024 +0200 usb: typec: tipd: Free IRQ only if it was requested before In polling mode, if no IRQ was requested there is no need to free it. Call devm_free_irq() only if client->irq is set. This fixes the warning caused by the tps6598x module removal: WARNING: CPU: 2 PID: 333 at kernel/irq/devres.c:144 devm_free_irq+0x80/0x8c ... ... Call trace: devm_free_irq+0x80/0x8c tps6598x_remove+0x28/0x88 [tps6598x] i2c_device_remove+0x2c/0x9c device_remove+0x4c/0x80 device_release_driver_internal+0x1cc/0x228 driver_detach+0x50/0x98 bus_remove_driver+0x6c/0xbc driver_unregister+0x30/0x60 i2c_del_driver+0x54/0x64 tps6598x_i2c_driver_exit+0x18/0xc3c [tps6598x] __arm64_sys_delete_module+0x184/0x264 invoke_syscall+0x48/0x110 el0_svc_common.constprop.0+0xc8/0xe8 do_el0_svc+0x20/0x2c el0_svc+0x28/0x98 el0t_64_sync_handler+0x13c/0x158 el0t_64_sync+0x190/0x194 Signed-off-by: Wadim Egorov Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240816124150.608125-1-w.egorov@phytec.de Signed-off-by: Greg Kroah-Hartman commit 29f5f2c0821ab7749b000e7157e71e8e1c2ace6d Author: Frank Li Date: Thu Aug 15 11:21:58 2024 -0400 dt-bindings: usb: add layerscape super speed usb support Add missed binding doc for layerscape dwc3 usb controller. Fix below warning: arch/arm64/boot/dts/freescale/fsl-ls1028a-kontron-kbox-a-230-ls.dtb: /soc/usb@3100000: failed to match any schema with compatible: ['fsl,ls1028a-dwc3', 'snps,dwc3'] Signed-off-by: Frank Li Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240815152159.4177782-1-Frank.Li@nxp.com Signed-off-by: Greg Kroah-Hartman commit fe592c86fe9c3686d5e93515ebf4823a9fb5757e Author: Masanori Ogino Date: Fri Aug 16 09:02:22 2024 +0000 Documentation: msm-hsusb.txt: remove Commit a170a1e9ccc5 ("usb: phy: remove phy-msm-usb.c") removed the device driver but left the corresponding documentation, delete it. Signed-off-by: Masanori Ogino Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816090105.13651-2-omasanori@proton.me Signed-off-by: Greg Kroah-Hartman commit a7bb96b18864225a694e3887ac2733159489e4b0 Author: Abhishek Tamboli Date: Thu Aug 15 15:52:02 2024 +0530 usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c Fix potential dereferencing of ERR_PTR() in find_format_by_pix() and uvc_v4l2_enum_format(). Fix the following smatch errors: drivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix() error: 'fmtdesc' dereferencing possible ERR_PTR() drivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format() error: 'fmtdesc' dereferencing possible ERR_PTR() Also, fix similar issue in uvc_v4l2_try_format() for potential dereferencing of ERR_PTR(). Signed-off-by: Abhishek Tamboli Link: https://lore.kernel.org/r/20240815102202.594812-1-abhishektamboli9@gmail.com Signed-off-by: Greg Kroah-Hartman commit 8557ef3f24e48d00c09d85ef9241fb43f4fdfb0e Author: Liao Chen Date: Wed Aug 14 03:04:43 2024 +0000 usb: bdc: fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Liao Chen Acked-by: Florian Fainelli Link: https://lore.kernel.org/r/20240814030443.3876203-1-liaochen4@huawei.com Signed-off-by: Greg Kroah-Hartman commit e8778a25059c4ca4348398e612c9f1cfb8837258 Author: Venkat Jayaraman Date: Tue Aug 13 16:18:28 2024 -0700 usb: typec: ucsi: Add DATA_RESET option of Connector Reset command Modify CONNECTOR_RESET command implementation to accommodate DATA_RESET reset type as defined in UCSI spec v2.0 and later. Hard Reset bit field was defined with value 1 in UCSI spec version 1.0. Starting with spec version 1.1, Hard Reset bit field was removed from the CONNECTOR_RESET command, until spec 2.0 reintroduced it with value 0, so, the value to pass in to the command for a Hard Reset is different depending on the UCSI version supported by the LPM. Reviewed-by: Heikki Krogerus Reviewed-by: Przemek Kitszel Signed-off-by: Venkat Jayaraman Link: https://lore.kernel.org/r/20240813231828.1192338-1-pooja.katiyar@intel.com Signed-off-by: Greg Kroah-Hartman commit 7393bf343a0346c4b0ac0f26991c45e9edf89cb7 Author: Yuesong Li Date: Wed Aug 21 16:52:45 2024 +0800 usb: gadget: lpc32xx_udc: Remove NULL check of list_entry() list_entry() will never return a NULL pointer, thus remove the check. Signed-off-by: Yuesong Li Reviewed-by: Vladimir Zapolskiy Link: https://lore.kernel.org/r/20240821085245.25348-1-liyuesong@vivo.com Signed-off-by: Greg Kroah-Hartman commit e24ed5e2f94e67a2b5d5bb2b45d1d23475189e48 Author: Jinjie Ruan Date: Wed Aug 21 15:17:52 2024 +0800 usb: ohci-exynos: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Reviewed-by: Krzysztof Kozlowski Acked-by: Alan Stern Reviewed-by: Anand Moon Link: https://lore.kernel.org/r/20240821071752.2335406-1-ruanjinjie@huawei.com Signed-off-by: Greg Kroah-Hartman commit 3cc92765a58f82d6ae512d8035d99095bfa7164a Author: Jinjie Ruan Date: Wed Aug 21 15:18:56 2024 +0800 usb: ehci-exynos: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Reviewed-by: Krzysztof Kozlowski Acked-by: Alan Stern Reviewed-by: Anand Moon Link: https://lore.kernel.org/r/20240821071856.2335529-1-ruanjinjie@huawei.com Signed-off-by: Greg Kroah-Hartman commit b5a71dce6358a26441526ea313e6c8d3f35bb54e Author: Konrad Dybcio Date: Tue Aug 20 13:34:22 2024 +0200 dt-bindings: usb: qcom,dwc3: Document X1E80100 MP controller The X1E80100, just like its predecessors, has a Multiport controller. This time around, 2 HS (eUSB) and 2 SS PHYs are attached. Document it. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240820-topic-h_mp-v2-1-d88518066372@quicinc.com Signed-off-by: Greg Kroah-Hartman commit 67a72043aa2e6f60f7bbe7bfa598ba168f16d04f Author: Sascha Hauer Date: Fri Aug 16 08:56:10 2024 +0200 wifi: mwifiex: remove unnecessary checks for valid priv The pointers in adapter->priv[] are allocated in mwifiex_register(). With an allocation failed the function will return an error and driver initialization is aborted. This makes all checks for valid priv pointers unnecessary throughout the driver. In many places the pointers are assumed to be valid without checks, this patch removes the remaining checks. Signed-off-by: Sascha Hauer Acked-by: Brian Norris Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240816-mwifiex-remove-priv-checks-v1-1-6dd6553e8ed9@pengutronix.de commit 001b98c9897352e914c71d8ffbfa9b79a6e12c3c Merge: f32c821ae0198c 273f8c142003df Author: Paolo Abeni Date: Thu Aug 22 10:45:15 2024 +0200 Merge branch 'net-ipv6-ioam6-introduce-tunsrc' Justin Iurman says: ==================== net: ipv6: ioam6: introduce tunsrc This series introduces a new feature called "tunsrc" (just like seg6 already does). v3: - address Jakub's comments v2: - add links to performance result figures (see patch#2 description) - move the ipv6_addr_any() check out of the datapath ==================== Link: https://patch.msgid.link/20240817131818.11834-1-justin.iurman@uliege.be Signed-off-by: Paolo Abeni commit 273f8c142003dfd874d45b1a60965809e95ccd50 Author: Justin Iurman Date: Sat Aug 17 15:18:18 2024 +0200 net: ipv6: ioam6: new feature tunsrc This patch provides a new feature (i.e., "tunsrc") for the tunnel (i.e., "encap") mode of ioam6. Just like seg6 already does, except it is attached to a route. The "tunsrc" is optional: when not provided (by default), the automatic resolution is applied. Using "tunsrc" when possible has a benefit: performance. See the comparison: - before (= "encap" mode): https://ibb.co/bNCzvf7 - after (= "encap" mode with "tunsrc"): https://ibb.co/PT8L6yq Signed-off-by: Justin Iurman Signed-off-by: Paolo Abeni commit 924b8bea870b4968cec4784676e6b27597e25d01 Author: Justin Iurman Date: Sat Aug 17 15:18:17 2024 +0200 net: ipv6: ioam6: code alignment This patch prepares the next one by correcting the alignment of some lines. Signed-off-by: Justin Iurman Signed-off-by: Paolo Abeni commit c9f4c1ec69728310a31080c266b8529381c1a7fa Author: Dan Carpenter Date: Thu Aug 15 14:29:27 2024 +0300 wifi: mwifiex: Fix uninitialized variable in mwifiex_cfg80211_authenticate() Smatch complains that: drivers/net/wireless/marvell/mwifiex/cfg80211.c:4408 mwifiex_cfg80211_authenticate() error: uninitialized symbol 'varptr'. It's a check for NULL, but "varptr" is either non-NULL or uninitialized. Initialize it to NULL. Fixes: 36995892c271 ("wifi: mwifiex: add host mlme for client mode") Signed-off-by: Dan Carpenter Acked-by: Brian Norris Signed-off-by: Kalle Valo Link: https://patch.msgid.link/d7d043b2-95d5-4e1d-b340-5d7330053ac6@stanley.mountain commit a7e8997ae18c42d30bc7181421b5715e319c0f71 Author: Gustavo A. R. Silva Date: Thu Aug 15 00:31:32 2024 -0600 wifi: iwlegacy: Avoid multiple -Wflex-array-member-not-at-end warnings -Wflex-array-member-not-at-end was introduced in GCC-14, and we are getting ready to enable it, globally. So, in order to avoid ending up with a flexible-array member in the middle of multiple other structs, we use the `__struct_group()` helper to create new tagged structures with the suffix `_hdr`. These structures group together all the members of the original flexible structures except the flexible arrays. As a result, the arrays are effectively separated from the rest of the members without modifying the memory layout of the flexible structures. We then change the type of the middle struct members currently causing trouble from the original flex struct to the newly created structs with suffix `_hdr`. We also want to ensure that when new members need to be added to the flexible structures, they are always included within the newly created tagged structs. For this, we use `static_assert()`. This ensures that the memory layout for both the flexible structure and the new tagged struct is the same after any changes. This approach avoids having to implement the `_hdr` structures as completely separate structures, thus preventing having to maintain two independent but basically identical structures, closing the door to potential bugs in the future. We also use `container_of()` whenever we need to retrieve a pointer to the flexible structure, through which we can access the flexible-array member, if necessary. Also, remove a couple of unused zero-length arrays and flexible-array members. So, with these changes, fix the following warnings: drivers/net/wireless/intel/iwlegacy/commands.h:1196:38: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/iwlegacy/commands.h:1197:36: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/iwlegacy/commands.h:2505:30: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/iwlegacy/commands.h:2549:26: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/iwlegacy/commands.h:2654:31: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/iwlegacy/commands.h:2665:30: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/iwlegacy/commands.h:2673:26: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/iwlegacy/commands.h:3349:30: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva Signed-off-by: Kalle Valo Link: https://patch.msgid.link/Zr2gxERA3RL3EwRe@elsanto commit 1a88217a19df1e090ad70df08f4fb373ceb61b41 Author: Alien Wesley Date: Wed Aug 21 22:04:56 2024 -0300 staging: rtl8192e: Fix blank line Removed blank line in r8192E_dev.c in order to silence the following checkpatch warning. CHECK: Please don't use multiple blank lines Signed-off-by: Alien Wesley Link: https://lore.kernel.org/r/20240822010456.20186-1-alienwesley51@gmail.com Signed-off-by: Greg Kroah-Hartman commit 6673f43370a79e40f14b035f9eceaa89faf2eaf8 Author: Túlio Fernandes Date: Wed Aug 21 21:45:58 2024 -0300 staging: rtl8192e: Fix parenthesis alignment Fix parenthesis alignment in rtl92e_set_rf_state in order to rid the following warning: CHECK: Alignment should match open parenthesis Signed-off-by: Túlio Fernandes Link: https://lore.kernel.org/r/20240822004558.14638-1-tuliomf09@gmail.com Signed-off-by: Greg Kroah-Hartman commit 22ea3a4b30efab076fb97bacb3cafde71993d41c Author: Pedro Orlando Date: Wed Aug 21 21:26:58 2024 -0300 staging: rtl8192e: Fix parenthesis alignment Fix parenthesis alignment in _rtl92e_wx_set_encode_ext to fix checkpatch warning: CHECK: Alignment should match open parenthesis Signed-off-by: Pedro Orlando Link: https://lore.kernel.org/r/20240822002658.33672-1-scramblerdoodle@gmail.com Signed-off-by: Greg Kroah-Hartman commit e79bb28bf7a8161929c39c19f19209b48bfa8f4d Author: Christian S Lima Date: Wed Aug 21 21:26:12 2024 -0300 staging: rtl8192e: fix parenthesis alignment fix line 1326 in order to silence warning CHECK: Alignment should match open parenthesis Signed-off-by: Christian S Lima Link: https://lore.kernel.org/r/20240822002620.63732-1-christiansantoslima21@gmail.com Signed-off-by: Greg Kroah-Hartman commit fca7bee615f0494f2e0768ec84dc77841178ddc1 Author: João Pedro Leôncio Date: Wed Aug 21 21:24:58 2024 -0300 staging: rtl8192e: Fix line ended with '(' Fix line ended with '(' in _rtl92e_update_received_rate_histogram_stats in order to silence the following checkpat warning: CHECK: Lines should not end with a '(' Signed-off-by: João Pedro Leôncio Link: https://lore.kernel.org/r/20240822002502.92583-1-aljpleoncio@gmail.com Signed-off-by: Greg Kroah-Hartman commit a59907219baca0b4a79e36c03eda921da7bc658a Author: thdecamargoj Date: Wed Aug 21 21:24:03 2024 -0300 staging: rtl8192e: change logical continuation to previous line on file r8192E_dev.c Change logical continuation to previous line to silence checkpatch warning: CHECK: Logical continuations should be on the previous line Signed-off-by: thdecamargoj Link: https://lore.kernel.org/r/20240822002403.268452-1-thdecamargoj@gmail.com Signed-off-by: Greg Kroah-Hartman commit cfb05827ef9318e8254bb6c331efae1c3663ebd6 Author: Vinicius Peixoto Date: Wed Aug 21 21:23:43 2024 -0300 staging: rtl8192e: Fix parenthesis alignment Fix parenthesis alignment in rtl92e_init_gain in order to silence the following checkpatch warning: CHECK: Alignment should match open parenthesis Signed-off-by: Vinicius Peixoto Link: https://lore.kernel.org/r/20240822002346.94433-1-vpeixoto@lkcamp.dev Signed-off-by: Greg Kroah-Hartman commit 8a07f476bddf3394cbb0e88305ddecbf26806bab Author: Leonardo Kenji Date: Wed Aug 21 21:25:43 2024 -0300 staging: rtl8192e: Fix parenthesis alignment Fix parenthesis alignment in _rtl92e_read_eeprom_info in order to silence the following checkpatch warning: CHECK: Alignment should match open parenthesis Signed-off-by: Leonardo Kenji Link: https://lore.kernel.org/r/20240822002543.44835-1-leokk06@gmail.com Signed-off-by: Greg Kroah-Hartman commit 94f7f4b90d6c815d68359a979006f8b3b1e90dc0 Author: Yuesong Li Date: Thu Aug 22 10:57:36 2024 +0800 staging: vme: vme_user: Remove NULL check of list_entry() list_entry() will never return a NULL pointer, thus remove the check. Signed-off-by: Yuesong Li Link: https://lore.kernel.org/r/20240822025736.1208339-1-liyuesong@vivo.com Signed-off-by: Greg Kroah-Hartman commit f64a887f8f695fa0e955ea7aaff5c75d8a65a4d9 Author: Vinicius Peixoto Date: Wed Aug 21 17:46:45 2024 -0300 staging: rtl8192e: insert blank line after function declaration This adds a blank line after the declaration of rtl92e_config_bb, in order to fix the following checkpatch warning: CHECK: Please use a blank line after function/struct/union/enum declarations Signed-off-by: Vinicius Peixoto Reviewed-by: Dan Carpenter Link: https://lore.kernel.org/r/20240821204714.5839-1-vpeixoto@lkcamp.dev Signed-off-by: Greg Kroah-Hartman commit 8da9f6afc47e4ebfb044ae2fb05ba7dae78ba0e8 Author: Guillaume Lefèvre-Crimé Date: Fri Aug 16 20:37:32 2024 +0200 staging: rtl8723bs: add spaces arround operators Adhere to Linux kernel coding style. Reported by checkpath : CHECK: spaces preferred around that '&' (ctx:VxV) Signed-off-by: Guillaume Lefèvre-Crimé Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240816183756.59250-1-guillaume.lefevre.crime@netc.fr Signed-off-by: Greg Kroah-Hartman commit 5f1a6826ea4900f8540d5eeb29f97796860f2d08 Author: Simon Horman Date: Wed Aug 21 16:42:50 2024 +0100 staging: rtl8192e: remove set but otherwise unused local variable iv32 Remove iv32 from rtllib_tkip_get_key() as it is set but otherwise unused. Flagged by allmodconfig W=1 builds with gcc-13 and clang-18. Compile tested only. Signed-off-by: Simon Horman Link: https://lore.kernel.org/r/20240821-rtl8192e-unused-var-v1-1-08b9e869260e@kernel.org Signed-off-by: Greg Kroah-Hartman commit c6fd8c872632e4da393314ffbd0cff8179f78d8a Author: Tree Davies Date: Tue Aug 20 20:08:56 2024 -0700 Staging: rtl8192e: Rename variable CmdID_WritePortUchar Rename variable CmdID_WritePortUchar to cmd_id_write_port_uchar to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Link: https://lore.kernel.org/r/20240821030856.57423-7-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 723329b20629ee077e55e360e4c31afd84d0a9b0 Author: Tree Davies Date: Tue Aug 20 20:08:55 2024 -0700 Staging: rtl8192e: Rename variable CmdID_WritePortUshort Rename variable CmdID_WritePortUshort to cmd_id_write_port_ushort to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Link: https://lore.kernel.org/r/20240821030856.57423-6-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 50d39a0f102206c5aed5a827ca6f1f67ba25bf39 Author: Tree Davies Date: Tue Aug 20 20:08:54 2024 -0700 Staging: rtl8192e: Rename variable CmdID_WritePortUlong Rename variable CmdID_WritePortUlong to cmd_id_write_port_ulong to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Link: https://lore.kernel.org/r/20240821030856.57423-5-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 0f1368b5f2e8053fba7acb4de609c228ebf0937c Author: Tree Davies Date: Tue Aug 20 20:08:53 2024 -0700 Staging: rtl8192e: Rename variable CmdID_BBRegWrite10 Rename variable CmdID_BBRegWrite10 to cmd_id_bbreg_write10 to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Link: https://lore.kernel.org/r/20240821030856.57423-4-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 6ccaa0c769ab98ce8386aa522d6fcc5eaef61c58 Author: Tree Davies Date: Tue Aug 20 20:08:52 2024 -0700 Staging: rtl8192e: Rename variable CmdID_SetTxPowerLevel Rename variable CmdID_SetTxPowerLevel to cmd_id_set_tx_power_level to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Link: https://lore.kernel.org/r/20240821030856.57423-3-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 74964861ffa85371a9285735ffccb08571f96827 Author: Tree Davies Date: Tue Aug 20 20:08:51 2024 -0700 Staging: rtl8192e: Rename variable CmdID_End Rename variable CmdID_End to cmd_id_end to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Link: https://lore.kernel.org/r/20240821030856.57423-2-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 4188ab05e41aa899c3c22a3c88d81fcc5bc471c6 Author: Dominik Karol Piątkowski Date: Sat Aug 17 10:07:26 2024 +0000 staging: vt6655: Fix alignment to open parentheses This patch fixes the "Alignment should match open parenthesis" checks detected by checkpatch.pl. Signed-off-by: Dominik Karol Piątkowski Link: https://lore.kernel.org/r/20240817100559.33174-1-dominik.karol.piatkowski@protonmail.com Signed-off-by: Greg Kroah-Hartman commit 71cea1fe415681ad00a9550c2ed107b8da16d5b6 Author: Peter Robinson Date: Wed Aug 14 15:52:46 2024 +0100 staging: rtl8723bs: drop unnessary dep on CFG80211_WEXT In commit 174ac41a7aaf ("staging: rtl8723bs: remove obsolete wext support") a dep on CFG80211_WEXT was added to allow wext userspace calls to be managed via the compatibility support. This is an optional dependency which the driver has no dependency on and stops users/distros etc from dropping CFG80211_WEXT if they want to enable this driver. Drop this dependency as if users want this legacy feature they will be explicitly enabling it themselves. Signed-off-by: Peter Robinson Reviewed-by: Hans de Goede Link: https://lore.kernel.org/r/20240814145250.943457-1-pbrobinson@gmail.com Signed-off-by: Greg Kroah-Hartman commit 11df68c265460d4dff5d19a1313f0fff69470f98 Merge: a809b92ee0f84c 8befe8fa5a4e4b Author: Simona Vetter Date: Thu Aug 22 09:42:22 2024 +0200 Merge tag 'drm-misc-next-2024-08-16' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-next drm-misc-next for v6.12: Core Changes: ci: - Update dependencies docs: - Cleanups edid: - Improve debug logging - Clean up interface fbdev emulation: - Remove old fbdev hooks - Update documentation panic: - Cleanups Driver Changes: amdgpu: - Remove usage of old fbdev hooks - Use backlight constants ast: - Fix timeout loop for DP link training hisilicon: - hibmc: Cleanups mipi-dsi: - Improve error handling - startek-kd070fhfid015: Use new error handling nouveau: - Remove usage of old fbdev hooks panel: - Use backlight constants radeon: - Use backlight constants rockchip: - Improve DP sink-capability reporting - Cleanups - dw_hdmi: Support 4k@60Hz; Cleanups - vop: Support RGB display on Rockchip RK3066; Support 4096px width tilcdc: - Use backlight constants Signed-off-by: Daniel Vetter From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240816084109.GA229316@localhost.localdomain commit 888f67e621dda5c2804a696524e28d0ca4cf0a80 Author: Andy Shevchenko Date: Wed Aug 21 18:48:23 2024 +0300 driver core: Use 2-argument strscpy() Use 2-argument strscpy(), which is not only shorter but also provides an additional check that destination buffer is an array. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240821154839.604259-6-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit d1363030d824b244744399ddd85a52cf615dee4c Author: Andy Shevchenko Date: Wed Aug 21 18:48:22 2024 +0300 driver core: Make use of returned value of dev_err_probe() Instead of assigning ret explicitly to the same value that is supplied to dev_err_probe(), make use of returned value of the latter. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240821154839.604259-5-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit adcae2048df15ae9647d792b09f8742d6ebe459b Author: Andy Shevchenko Date: Wed Aug 21 18:48:21 2024 +0300 driver core: Use guards for simple mutex locks Guards can help to make the code more readable. So use it wherever they do so. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240821154839.604259-4-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit a355a4655ec660fc68b60b909776290cb88e1124 Author: Andy Shevchenko Date: Wed Aug 21 18:48:20 2024 +0300 driver core: Use kasprintf() instead of fixed buffer formatting Improve readability and maintainability by replacing a hardcoded string allocation and formatting by the use of the kasprintf() helper. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240821154839.604259-3-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit d11f2a1ab8f6dcfda827f8f0c47d8483b8669165 Author: Andy Shevchenko Date: Wed Aug 21 18:48:19 2024 +0300 driver core: Sort headers Sort the headers in alphabetic order in order to ease the maintenance for this part. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240821154839.604259-2-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 5e9c0d1c5ea355679f5b2a57b0c1b5932d78719d Author: Thomas Zimmermann Date: Thu Aug 15 17:18:53 2024 +0200 drm/ast: Remove BMC output Ast's BMC connector tracks the status of an underlying physical connector and updates the BMC status accordingly. This functionality works around GNOME's settings app, which cannot handle multiple outputs on the same CRTC. The workaround is now obsolete as all code for physical outputs handle BMC support internally. Hence, remove the driver's code and the BMC output entirely. v3: - remove struct ast_bmc_connector Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240815151953.184679-12-tzimmermann@suse.de commit 2a2391f857cdc5cf16f8df030944cef8d3d2bc30 Author: Thomas Zimmermann Date: Thu Aug 15 17:18:52 2024 +0200 drm/ast: vga: Transparently handle BMC support Permanently set the connector status to 'connected'. Return BMC modes for connector if no display is attached to the physical DP connector. Otherwise use EDID modes as before. If the status of the physical connector changes, the driver still generates a hotplug event. DRM clients will then reconfigure their output to a mode appropriate for either physical display or BMC. v3: - use struct ast_connector.physical_status to handle BMC Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240815151953.184679-11-tzimmermann@suse.de commit d20c2f8464280550aeabd2766728590cf0ca8a4d Author: Thomas Zimmermann Date: Thu Aug 15 17:18:51 2024 +0200 drm/ast: sil164: Transparently handle BMC support Permanently set the connector status to 'connected'. Return BMC modes for connector if no display is attached to the physical DP connector. Otherwise use EDID modes as before. If the status of the physical connector changes, the driver still generates a hotplug event. DRM clients will then reconfigure their output to a mode appropriate for either physical display or BMC. v3: - use struct ast_connector.physical_status to handle BMC Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240815151953.184679-10-tzimmermann@suse.de commit 44a37ba12857c78389cda176c093967406250cfe Author: Thomas Zimmermann Date: Thu Aug 15 17:18:50 2024 +0200 drm/ast: dp501: Transparently handle BMC support Permanently set the connector status to 'connected'. Return BMC modes for connector if no display is attached to the physical DP connector. Otherwise use EDID modes as before. If the status of the physical connector changes, the driver still generates a hotplug event. DRM clients will then reconfigure their output to a mode appropriate for either physical display or BMC. v3: - use struct ast_connector.physical_status to handle BMC Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240815151953.184679-9-tzimmermann@suse.de commit 9e7a74a12101bb07ccc22fb180c5e44051c5a407 Author: Thomas Zimmermann Date: Thu Aug 15 17:18:49 2024 +0200 drm/ast: dp501: Use struct drm_edid and helpers Convert DP501 support to struct drm_edid and its helpers. Simplifies and modernizes the EDID handling. The driver reads 4 bytes at once, but the overall read length is now variable. Therefore update the EDID read loop to never return more than the requested bytes. v2: - fix reading EDID data Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240815151953.184679-8-tzimmermann@suse.de commit bbad0090b9f4735e35e9881278b7a353f71b43d0 Author: Thomas Zimmermann Date: Thu Aug 15 17:18:48 2024 +0200 drm/ast: astdp: Transparently handle BMC support Permanently set the connector status to 'connected'. Return BMC modes for connector if no display is attached to the physical DP connector. Otherwise use EDID modes as before. If the status of the physical connector changes, the driver still generates a hotplug event. DRM clients will then reconfigure their output to a mode appropriate for either physical display or BMC. v3: - use struct ast_connector.physical_status to handle BMC Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240815151953.184679-7-tzimmermann@suse.de commit 770a961d581c577b579d8d38414b2bfc0b4766c2 Author: Thomas Zimmermann Date: Thu Aug 15 17:18:47 2024 +0200 drm/ast: astdp: Simplify power management when detecting display Remove the CRTC handling in the ASTDP detect_ctx helper and enable power while the detecting the display. Unconditionally wait a few milliseconds after switching power. Simplifies the code and makes it more robust. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240815151953.184679-6-tzimmermann@suse.de commit 0e35457eb4b75f2bc9eca58a46d12e200e15e47f Author: Thomas Zimmermann Date: Thu Aug 15 17:18:46 2024 +0200 drm/ast: astdp: Use struct drm_edid and helpers Convert ASTDP support to struct drm_edid and its helpers. Simplifies and modernizes the EDID handling. The driver reads 4 bytes at once, but the overall read length is now variable. Therefore update the EDID read loop to never return more than the requested bytes. The device does not seem to support EDID extensions, as the driver actively clears any such information from the main EDID header. As the new interface allows for reading extension blocks for EDID, make sure that the block is always 0 (i.e., the main header). A later update might fix that. v2: - fix reading if len is not a multiple of 4 Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240815151953.184679-5-tzimmermann@suse.de commit f89001ea41771fe94005920c363dee43e8078bec Author: Thomas Zimmermann Date: Thu Aug 15 17:18:45 2024 +0200 drm/ast: astdp: Move locking into EDID helper The modeset mutex protects EDID retrival from concurrent modeset operations. Acquire the lock in ast_astdp_read_edid(). Prepares the code for conversion to struct drm_edid. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240815151953.184679-4-tzimmermann@suse.de commit 80431c017f745a818ea45ae6a8373b737f73b1a8 Author: Thomas Zimmermann Date: Thu Aug 15 17:18:44 2024 +0200 drm/ast: Add struct ast_connector Add struct ast_connector to track a connector's physical status. With the upcoming BMC support, the physical status can be different from the reported status. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240815151953.184679-3-tzimmermann@suse.de commit f6d9f39f8d9167627bc0f9e3e12ee0100c1c1919 Author: Thomas Zimmermann Date: Thu Aug 15 17:18:43 2024 +0200 drm/ast: Move code for physical outputs into separate files Move the modesetting code for the various transmitter chips into their own source files before adding BMC support. No functional changes. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240815151953.184679-2-tzimmermann@suse.de commit 611fbeb44a777e5ab54ab3127ec85f72147911d8 Author: Al Viro Date: Thu Aug 22 05:39:32 2024 +0100 selftests:core: test coverage for dup_fd() failure handling in unshare_fd() At some point there'd been a dumb braino during the dup_fd() calling conventions change; caught by smatch and immediately fixed. The trouble is, there had been no test coverage for the dup_fd() failure handling - neither in kselftests nor in LTP. Fortunately, it can be triggered on stock kernel - ENOMEM would require fault injection, but EMFILE can be had with sysctl alone (fs.nr_open). Add a test for dup_fd() failure. Fixed up commit log and short log - Shuah Khan Signed-off-by: Al Viro Signed-off-by: Shuah Khan commit 71e0b08ed2a98e5ab5eb255fc86cda04205b141e Author: Kwanghoon Son Date: Mon Aug 19 16:55:45 2024 +0900 arm64: dts: exynosautov9: Add dpum SysMMU Add System Memory Management Unit(SysMMU) for dpum also called iommu. This sysmmu is version 7.4, which has same functionality as exynos850. DPUM has 4 dma channel, each channel is mapped to one iommu. Signed-off-by: Kwanghoon Son Link: https://lore.kernel.org/r/20240819-add_sysmmu-v1-1-799c0f3f607f@samsung.com Signed-off-by: Krzysztof Kozlowski commit 1e6084cf69b3adefe6591d89bff911eef0c1d6da Merge: a8782104b78a08 ccb41c445a3e95 Author: Krzysztof Kozlowski Date: Thu Aug 22 08:32:25 2024 +0200 Merge branch 'for-v6.12/clk-dt-bindings' into next/dt64 commit af8a066f1c473261881a6d8e2b55cca8eda9ce80 Author: Kuniyuki Iwashima Date: Tue Aug 20 18:34:25 2024 -0700 selftest: bpf: Remove mssind boundary check in test_tcp_custom_syncookie.c. Smatch reported a possible off-by-one in tcp_validate_cookie(). However, it's false positive because the possible range of mssind is limited from 0 to 3 by the preceding calculation. mssind = (cookie & (3 << 6)) >> 6; Now, the verifier does not complain without the boundary check. Let's remove the checks. Reported-by: Dan Carpenter Closes: https://lore.kernel.org/bpf/6ae12487-d3f1-488b-9514-af0dac96608f@stanley.mountain/ Signed-off-by: Kuniyuki Iwashima Acked-by: Yonghong Song Link: https://lore.kernel.org/r/20240821013425.49316-1-kuniyu@amazon.com Signed-off-by: Martin KaFai Lau commit 10904df3f20cf36e418e78ab73c2fbcecda512b8 Author: R Kannappan Date: Fri Jul 19 21:37:20 2024 +0300 thunderbolt: Improve software receiver lane margining USB4 specification defines the metadata needed to perform software margining, as well as the necessary steps which include waiting for dwell time. - Add dwell_time attribute to set the wait time while performing margining and checking for link errors. - Add error_counter attribute to configure error counter prior to margining test. - Add voltage_time_offset attribute to set the voltage or time offset steps before performing the software margining test. - Perform software margining test for dwell duration, break if there are link errors, stop the clocks and provide results. Below is a minimalistic example how this can be used. Note these values are just examples. The exact values in practice depend on host specific capabilities and the type of measurement to be performed. # cd /sys/kernel/debug/thunderbolt/ROUTER/portX/margining/ # echo software > mode # echo 400 > dwell_time # echo 1 > run As usual the results attribute contains the results of a succesfull run. Signed-off-by: R Kannappan Co-developed-by: Rene Sapiens Signed-off-by: Rene Sapiens Co-developed-by: Aapo Vienamo Signed-off-by: Aapo Vienamo Signed-off-by: Mika Westerberg commit 9fafd46b39d140b7359b77e5fcc4c3130788df42 Author: Rene Sapiens Date: Fri Jul 19 21:37:19 2024 +0300 thunderbolt: Add optional voltage offset range for receiver lane margining Add optional extended voltage offset range support for software and hardware margining as defined by the USB4 specification. If supported, it can be enabled like below: # cd /sys/kernel/debug/thunderbolt/ROUTER/portX/margining/ # echo Y > optional_voltage_offset Signed-off-by: Rene Sapiens Co-developed-by: R Kannappan Signed-off-by: R Kannappan Co-developed-by: Aapo Vienamo Signed-off-by: Aapo Vienamo Signed-off-by: Mika Westerberg commit 81f848d28787b1f98f0526345c8f45f6dc1baf9e Author: Rene Sapiens Date: Fri Jul 19 21:37:18 2024 +0300 thunderbolt: Consolidate margining parameters into a structure Consolidate the hardware and software margining parameters into a single structure to reduce the number of parameters passed to the margining functions. Signed-off-by: Rene Sapiens Co-developed-by: Aapo Vienamo Signed-off-by: Aapo Vienamo Signed-off-by: Mika Westerberg commit 24edc397047180210ace0da60577b4a3e3d2af39 Author: Aapo Vienamo Date: Fri Jul 19 21:37:17 2024 +0300 thunderbolt: Add missing usb4_port_sb_read() to usb4_port_sw_margin() Synchronize the operation completion by reading back the software margining operation completion metadata into margining->results. Signed-off-by: Aapo Vienamo Co-developed-by: R Kannappan Signed-off-by: R Kannappan Co-developed-by: Rene Sapiens Signed-off-by: Rene Sapiens Signed-off-by: Mika Westerberg commit b5c58b2fdc427e7958412ecb2de2804a1f7c1572 Author: Leon Romanovsky Date: Wed Jul 24 21:04:49 2024 +0300 dma-mapping: direct calls for dma-iommu Directly call into dma-iommu just like we have been doing for dma-direct for a while. This avoids the indirect call overhead for IOMMU ops and removes the need to have DMA ops entirely for many common configurations. Signed-off-by: Leon Romanovsky Signed-off-by: Leon Romanovsky Acked-by: Greg Kroah-Hartman Acked-by: Robin Murphy Signed-off-by: Christoph Hellwig commit f69e342eec008e1bab772d3963c3dd9979293e13 Author: Leon Romanovsky Date: Wed Jul 24 21:04:48 2024 +0300 dma-mapping: call ->unmap_page and ->unmap_sg unconditionally Almost all instances of the dma_map_ops ->map_page()/map_sg() methods implement ->unmap_page()/unmap_sg() too. The once instance which doesn't dma_dummy_ops which is used to fail the DMA mapping and thus there won't be any calls to ->unmap_page()/unmap_sg(). Remove the checks for ->unmap_page()/unmap_sg() and call them directly to create an interface that is symmetrical to ->map_page()/map_sg(). Signed-off-by: Leon Romanovsky Signed-off-by: Leon Romanovsky Reviewed-by: Robin Murphy Signed-off-by: Christoph Hellwig commit 3be9b846896d1d8b66040ece6e216cd58d03242e Author: Catalin Marinas Date: Sun Aug 11 10:09:36 2024 +0300 arm64: support DMA zone above 4GB Commit 791ab8b2e3db ("arm64: Ignore any DMA offsets in the max_zone_phys() calculation") made arm64 DMA/DMA32 zones span the entire RAM when RAM starts above 32-bits. This breaks hardware with DMA area that start above 32-bits. But the commit log says that "we haven't noticed any such hardware". It turns out that such hardware does exist. One such platform has RAM starting at 32GB with an internal bus that has the following DMA limits: #address-cells = <2>; #size-cells = <2>; dma-ranges = <0x00 0xc0000000 0x08 0x00000000 0x00 0x40000000>; That is, devices under this bus see 1GB of DMA range between 3GB-4GB in their address space. This range is mapped to CPU memory at 32GB-33GB. With current code DMA allocations for devices under this bus are not limited to DMA area, leading to run-time allocation failure. This commit reinstates DMA zone at the bottom of RAM. The result is DMA zone that properly reflects the hardware constraints as follows: [ 0.000000] Zone ranges: [ 0.000000] DMA [mem 0x0000000800000000-0x000000083fffffff] [ 0.000000] DMA32 empty [ 0.000000] Normal [mem 0x0000000840000000-0x0000000bffffffff] Signed-off-by: Catalin Marinas [baruch: split off the original patch] Signed-off-by: Baruch Siach Reviewed-by: Petr Tesarik Signed-off-by: Christoph Hellwig commit ba0fb44aed47693cc2482427f63ba6cd19051327 Author: Catalin Marinas Date: Sun Aug 11 10:09:35 2024 +0300 dma-mapping: replace zone_dma_bits by zone_dma_limit The hardware DMA limit might not be power of 2. When RAM range starts above 0, say 4GB, DMA limit of 30 bits should end at 5GB. A single high bit can not encode this limit. Use a plain address for the DMA zone limit instead. Since the DMA zone can now potentially span beyond 4GB physical limit of DMA32, make sure to use DMA zone for GFP_DMA32 allocations in that case. Signed-off-by: Catalin Marinas Co-developed-by: Baruch Siach Signed-off-by: Baruch Siach Reviewed-by: Catalin Marinas Reviewed-by: Petr Tesarik Signed-off-by: Christoph Hellwig commit fa3c109a6d302b56437a6412c5f3044c3e12de03 Author: Yosry Ahmed Date: Sat Aug 10 00:59:11 2024 +0000 dma-mapping: use bit masking to check VM_DMA_COHERENT In dma_common_find_pages(), area->flags are compared directly with VM_DMA_COHERENT. This works because VM_DMA_COHERENT is the only set flag. During development of a new feature (ASI [1]), a new VM flag is introduced, and that flag can be injected into VM_DMA_COHERENT mappings (among others). The presence of that flag caused dma_common_find_pages() to return NULL for VM_DMA_COHERENT addresses, leading to a lot of problems ending in crashing during boot. It took a bit of time to figure this problem out. It was a mistake to inject a VM flag to begin with, but it took a significant amount of debugging to figure out the problem. Most users of area->flags use bitmasking rather than equivalency to check for flags. Update dma_common_find_pages() and dma_common_free_remap() to do the same, which would have avoided the boot crashing. Instead, add a warning in dma_common_find_pages() if any extra VM flags are set to catch such problems more easily during development. No functional change intended. [1]https://lore.kernel.org/lkml/20240712-asi-rfc-24-v1-0-144b319a40d8@google.com/ Signed-off-by: Yosry Ahmed Signed-off-by: Christoph Hellwig commit d212c55cc811fdc2e58f8ace2484c5c4845aed3c Author: Peter Yin Date: Fri Aug 2 00:01:35 2024 +0800 ARM: dts: aspeed: harma: Remove pca9546 Remove pca9546 device from i2c bus 9. Signed-off-by: Peter Yin Link: https://lore.kernel.org/r/20240801160136.1281291-12-peteryin.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 7fa11184852f6a8d690d21f60540b8de499f8bb0 Author: Peter Yin Date: Fri Aug 2 00:01:34 2024 +0800 ARM: dts: aspeed: harma: Fix spi-gpio dtb_check warnings Revise spi-gpio node and property name and remove max-ngpios. Signed-off-by: Peter Yin Link: https://lore.kernel.org/r/20240801160136.1281291-11-peteryin.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit c8d75c18367d1a9a5fdd7b892815664044a2a2cb Author: Peter Yin Date: Fri Aug 2 00:01:33 2024 +0800 ARM: dts: aspeed: harma: Enable mctp controller Enable the mctp controller in i2c9. Signed-off-by: Peter Yin Link: https://lore.kernel.org/r/20240801160136.1281291-10-peteryin.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 43a688a9e9d7c596522047178dc05bc06d6a9e6d Author: Peter Yin Date: Fri Aug 2 00:01:32 2024 +0800 ARM: dts: aspeed: harma: Add temperature device Add temperature device in i2c0 and i2c2. Signed-off-by: Peter Yin Link: https://lore.kernel.org/r/20240801160136.1281291-9-peteryin.openbmc@gmail.com [andrew: Fixed 'deivce' typo in commit message] Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 687d7e18049e639cb3f9785b36f8cb4aa306ca22 Author: Peter Yin Date: Fri Aug 2 00:01:31 2024 +0800 ARM: dts: aspeed: harma: Add fru device Add Aegis fru device and gpio expander device in bus 11. Signed-off-by: Peter Yin Link: https://lore.kernel.org/r/20240801160136.1281291-8-peteryin.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit bdf27467ba66a18b78dbf240eba2b8e46fb45ee3 Author: Peter Yin Date: Fri Aug 2 00:01:30 2024 +0800 ARM: dts: aspeed: harma: Remove multi-host property Harma is single host, so remove multi-host property. Signed-off-by: Peter Yin Link: https://lore.kernel.org/r/20240801160136.1281291-7-peteryin.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit f0ad6cc9f6aa8c9598358f044383ffa73431254d Author: Peter Yin Date: Fri Aug 2 00:01:29 2024 +0800 ARM: dts: aspeed: harma: Add power monitor xdp710 Add HSC xdp710 device in i2c4. Signed-off-by: Peter Yin Link: https://lore.kernel.org/r/20240801160136.1281291-6-peteryin.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 7d0597019acb344bdafd8766cd7b24b7f7717387 Author: Peter Yin Date: Fri Aug 2 00:01:28 2024 +0800 ARM: dts: aspeed: harma: Add ina238 Add INA238 power monitor for Harma fan board. Signed-off-by: Peter Yin Link: https://lore.kernel.org/r/20240801160136.1281291-5-peteryin.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit aeebc5a412fe6c190445e4ce58d8057f23256365 Author: Peter Yin Date: Fri Aug 2 00:01:27 2024 +0800 ARM: dts: aspeed: harma: Add sgpio name Add power-chassis-control and power-chassis-power for phosphor-power. Signed-off-by: Peter Yin Link: https://lore.kernel.org/r/20240801160136.1281291-4-peteryin.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit b44b6e3f4009b36f30ac5d581f4957159e54d591 Author: Peter Yin Date: Fri Aug 2 00:01:26 2024 +0800 ARM: dts: aspeed: harma: Add VR devices Add isl69260, xdpe152c4 devices. Signed-off-by: Peter Yin Link: https://lore.kernel.org/r/20240801160136.1281291-3-peteryin.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 16d6671033c2ad8650d3081350728df00a38594b Author: Peter Yin Date: Fri Aug 2 00:01:25 2024 +0800 ARM: dts: aspeed: harma: Revise hsc chip Revise HSC chip name and address to match LTC4287. Signed-off-by: Peter Yin Link: https://lore.kernel.org/r/20240801160136.1281291-2-peteryin.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 8e778b7ec90aa1fe5e71e834ae3c7d259d40278a Author: Andrew Jeffery Date: Fri Aug 2 13:55:24 2024 +0930 ARM: dts: aspeed-g6: Drop cells properties from ethernet nodes These are not specified in the binding and produce warnings such as the following: arch/arm/boot/dts/aspeed/aspeed-g6.dtsi:254.27-262.5: Warning (avoid_unnecessary_addr_size): /ahb/ethernet@1e670000: unnecessary #address-cells/#size-cells without "ranges", "dma-ranges" or child "reg" property arch/arm/boot/dts/aspeed/aspeed-g6.dtsi:264.27-272.5: Warning (avoid_unnecessary_addr_size): /ahb/ethernet@1e690000: unnecessary #address-cells/#size-cells without "ranges", "dma-ranges" or child "reg" property arch/arm/boot/dts/aspeed/aspeed-ast2600-evb-a1.dtb: ethernet@1e660000: Unevaluated properties are not allowed ('#address-cells', '#size-cells' were unexpected) Link: https://lore.kernel.org/r/20240802-dt-warnings-bmc-dts-cleanups-v1-7-1cb1378e5fcd@codeconstruct.com.au Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 342329720a2c3c3adb9d83d9d9a38cf146612fe0 Author: Andrew Jeffery Date: Fri Aug 2 13:55:23 2024 +0930 ARM: dts: aspeed-g6: Use generic 'ethernet' for ftgmac100 nodes Squash warnings such as: arch/arm/boot/dts/aspeed/aspeed-ast2600-evb.dtb: ftgmac@1e670000: $nodename:0: 'ftgmac@1e670000' does not match '^ethernet(@.*)?$' Link: https://lore.kernel.org/r/20240802-dt-warnings-bmc-dts-cleanups-v1-6-1cb1378e5fcd@codeconstruct.com.au Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 27df8e28036ec9093febb4ab8f43f8be3d87a6e9 Author: Andrew Jeffery Date: Fri Aug 2 13:55:22 2024 +0930 ARM: dts: aspeed: Clean up AST2500 pinctrl properties Many platforms were specifying the `aspeed,external-nodes` property required by the AST2500 pinctrl. However, its been specified in the pinctrl node directly in aspeed-g5.dtsi for quite a long time now. Remove the unnecessary override from all relevant platform dts files. Link: https://lore.kernel.org/r/20240802-dt-warnings-bmc-dts-cleanups-v1-5-1cb1378e5fcd@codeconstruct.com.au Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 1c8b6faf882de15fd62094e08b2ca5bf7870b767 Author: Andrew Jeffery Date: Fri Aug 2 13:55:21 2024 +0930 ARM: dts: aspeed: Remove undocumented XDMA nodes There's no binding defined for the device, so remove it from the devicetrees until someone has the motivation to write one. Squash warnings such as: arch/arm/boot/dts/aspeed/aspeed-ast2500-evb.dtb: /ahb/apb@1e6e0000/xdma@1e6e7000: failed to match any schema with compatible: ['aspeed,ast2500-xdma'] Link: https://lore.kernel.org/r/20240802-dt-warnings-bmc-dts-cleanups-v1-4-1cb1378e5fcd@codeconstruct.com.au Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit df274369540d466ef5cb29bd6b4fe751a995dd1b Author: Andrew Jeffery Date: Fri Aug 2 13:55:20 2024 +0930 ARM: dts: aspeed: Specify required properties for sram node Squash warnings such as: ``` arch/arm/boot/dts/aspeed/aspeed-bmc-facebook-galaxy100.dtb: sram@1e720000: '#address-cells' is a required property from schema $id: http://devicetree.org/schemas/sram/sram.yaml# arch/arm/boot/dts/aspeed/aspeed-bmc-facebook-galaxy100.dtb: sram@1e720000: '#size-cells' is a required property from schema $id: http://devicetree.org/schemas/sram/sram.yaml# arch/arm/boot/dts/aspeed/aspeed-bmc-facebook-galaxy100.dtb: sram@1e720000: 'ranges' is a required property from schema $id: http://devicetree.org/schemas/sram/sram.yaml# ``` Fixes: d44a1138cd82 ("arm/dts: Add Aspeed ast2400 device tree") Link: https://lore.kernel.org/r/20240802-dt-warnings-bmc-dts-cleanups-v1-3-1cb1378e5fcd@codeconstruct.com.au Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit e5d7d1878921c59bf9fb85f5dccf5ff3d879ca87 Author: Andrew Jeffery Date: Fri Aug 2 13:55:19 2024 +0930 ARM: dts: aspeed: Specify correct generic compatible for CVIC The ASPEED CVIC binding documents `aspeed,cvic` as the required generic compatible, but the devicetrees contained `aspeed-cvic`. Update the devictrees to use `aspeed,cvic` as documented and as required by the driver implementation. Presumably the bug was the result of some incoherent thoughts while removing the SoC name at the time of writing. Link: https://lore.kernel.org/r/20240802-dt-warnings-bmc-dts-cleanups-v1-2-1cb1378e5fcd@codeconstruct.com.au Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit ae8fd56184116146a72418d61055a58b229772fc Author: Andrew Jeffery Date: Fri Aug 2 13:55:18 2024 +0930 ARM: dts: aspeed: Fix coprocessor interrupt controller node name Squash schema warnings such as: arch/arm/boot/dts/aspeed/aspeed-bmc-facebook-galaxy100.dtb: copro-interrupt-controller@1e6c2000: $nodename:0: 'copro-interrupt-controller@1e6c2000' does not match '^interrupt-controller(@[0-9a-f,]+)*$' Link: https://lore.kernel.org/r/20240802-dt-warnings-bmc-dts-cleanups-v1-1-1cb1378e5fcd@codeconstruct.com.au Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 6177ea49c6b8481e80a97302af0f63d3d16633d6 Author: Chanh Nguyen Date: Tue Aug 6 07:18:06 2024 +0000 ARM: dts: aspeed: mtmitchell: Add LEDs Add LED nodes as the gpio-leds devices. They are led-bmc-ready, led-sw-heartbeat, led-identify, led-fault, led-fan-fault, led-psu-fault Signed-off-by: Chanh Nguyen Link: https://lore.kernel.org/r/20240806071806.1666550-6-chanh@os.amperecomputing.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit f689462fcd5dc6af32332cb8bf733582434de999 Author: Chanh Nguyen Date: Tue Aug 6 07:18:05 2024 +0000 ARM: dts: aspeed: mtmitchell: Enable i2c10 and i2c15 Enable the BMC I2C10. Enable the BMC I2C15 and add the GPIO Expander as a child node. Signed-off-by: Chanh Nguyen Link: https://lore.kernel.org/r/20240806071806.1666550-5-chanh@os.amperecomputing.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 0aa7ca5e8fb36c03abf1cbb3bf9358e4d079b7db Author: Chanh Nguyen Date: Tue Aug 6 07:18:04 2024 +0000 ARM: dts: aspeed: mtmitchell: Add Riser cards Define the I2C alias ports for the riser cards. Add the i2c muxes to switch to the i2c alias ports and the eeprom nodes to read the FRU contents on riser cards. Signed-off-by: Chanh Nguyen Link: https://lore.kernel.org/r/20240806071806.1666550-4-chanh@os.amperecomputing.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit f90607680b36df0751119304371d91b21b7fa952 Author: Chanh Nguyen Date: Tue Aug 6 07:18:03 2024 +0000 ARM: dts: aspeed: mtmitchell: Add I2C temperature sensor alias ports Add the I2C alias ports to read temperature sensors via channels of the I2C muxes. Signed-off-by: Chanh Nguyen Link: https://lore.kernel.org/r/20240806071806.1666550-3-chanh@os.amperecomputing.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 326bed426c43645cdce46197c420f929969a18c4 Author: Chanh Nguyen Date: Tue Aug 6 07:18:02 2024 +0000 ARM: dts: aspeed: mtjade, mtmitchell: Add OCP temperature sensors Define I2C alias ports from I2C Switch 0x70 at BMC I2C5. Add the tmp421 sensors via the I2C alias ports as OCP device temperature sensors. Signed-off-by: Chanh Nguyen Link: https://lore.kernel.org/r/20240806071806.1666550-2-chanh@os.amperecomputing.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit ac552a63bb8911b5c9dc925f179785810f3004c3 Author: Potin Lai Date: Mon Aug 5 23:46:28 2024 +0800 ARM: dts: aspeed: catalina: add Meta Catalina BMC Add linux device tree entry for Meta(Facebook) Catalina compute-tray BMC using AT2600 SoC. Signed-off-by: Potin Lai Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240805-potin-catalina-dts-v7-2-286bfd2ab93b@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit b49b858234f88d4b0700b8aa430b671bd92308f0 Author: Potin Lai Date: Mon Aug 5 23:46:27 2024 +0800 dt-bindings: arm: aspeed: add Meta Catalina board Document the new compatibles used on Meta Catalina. Signed-off-by: Potin Lai Acked-by: Conor Dooley Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240805-potin-catalina-dts-v7-1-286bfd2ab93b@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit e087adb102f5609e9d63052b861a99724374500c Author: Yang Chen Date: Thu Jul 11 21:05:01 2024 +0800 ARM: dts: aspeed: minerva: add host0-ready pin Add host0-ready pin for phosphor-state-manager. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240711130501.2900301-2-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit bd14a21d089ab91aaa9ffbdd4c5d522971e1ab10 Author: Yang Chen Date: Wed Jun 26 21:03:32 2024 +0800 ARM: dts: aspeed: minerva: Add spi-gpio Add spi-gpio for TPM device. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-18-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 9ac7385c0e1dc629d4390023f06dc2c8b0243d73 Author: Yang Chen Date: Wed Jun 26 21:03:31 2024 +0800 ARM: dts: aspeed: minerva: add ltc4287 device Enable LTC4287 device on i2c-0. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-17-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 527cb309bf8c9d9383e14c0f055ea03bd6174eed Author: Yang Chen Date: Wed Jun 26 21:03:30 2024 +0800 ARM: dts: aspeed: minerva: remove unused power device Remove unused power device. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-16-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 99d1feddda3023634f7afbd5c219e708271b2578 Author: Yang Chen Date: Wed Jun 26 21:03:29 2024 +0800 ARM: dts: aspeed: minerva: Switch the i2c bus number Switch the i2c bus number to map the i2c tag according to the hardware design. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-15-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit d0d21a66c8f0834095286edf9062d5fd922ff9ce Author: Yang Chen Date: Wed Jun 26 21:03:28 2024 +0800 ARM: dts: aspeed: minerva: revise sgpio line name Revise the SGPIO naming to mapping the SGPIO from the CPLD. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-14-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit b9de5a3f82dbcd771780369bea4f0103455b62f5 Author: Yang Chen Date: Wed Jun 26 21:03:27 2024 +0800 ARM: dts: aspeed: minerva: add power monitor xdp710 Add HSC xdp710 on i2c bus0. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-13-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 629e75e5dc88d8236027604b750fa4ed75d24ee9 Author: Yang Chen Date: Wed Jun 26 21:03:26 2024 +0800 ARM: dts: aspeed: minerva: add tmp75 sensor Add tmp75 sensor on the i2c bus connect to each fan board. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-12-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 469e35cc2f3639ebdf0c5d57b5adc3586e0726ef Author: Yang Chen Date: Wed Jun 26 21:03:25 2024 +0800 ARM: dts: aspeed: minerva: enable ehci0 for USB Enable ehci0 for USB. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-11-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 6fcb6ad68ce07d68c7c01d1ee3763d619c63f1e2 Author: Yang Chen Date: Wed Jun 26 21:03:24 2024 +0800 ARM: dts: aspeed: minerva: add linename of two pins Add linename of two pins for power good/control. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-10-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit c0bb01e26f288bdebee37d752e4bbf9c44f19e35 Author: Yang Chen Date: Wed Jun 26 21:03:23 2024 +0800 ARM: dts: aspeed: minerva: Add adc sensors for fan board Add ina238 support to read the sensors in front of fans. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-9-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 90098bb35213e30bace25748cdecf434f5356c33 Author: Yang Chen Date: Wed Jun 26 21:03:22 2024 +0800 ARM: dts: aspeed: minerva: Define the LEDs node name Define the LEDs node name. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-8-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 6b843a98e7b6ea4fd80d73668b3b1dad392047f4 Author: Yang Chen Date: Wed Jun 26 21:03:21 2024 +0800 ARM: dts: aspeed: minerva: remove unused bus and device Remove unused bus and device. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-7-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 183d8a5973efd0bd3e49b274b73c0ceaeebfdc38 Author: Yang Chen Date: Wed Jun 26 21:03:20 2024 +0800 ARM: dts: aspeed: minerva: enable mdio3 Change usage of I2C bus 11 to mdio3. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-6-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit fff89fba6ff7f9746d4835be7a63f54b992f6c2f Author: Yang Chen Date: Wed Jun 26 21:03:19 2024 +0800 ARM: dts: aspeed: minerva: change RTC reference Change the RTC reference from on-chip to externel on i2c bus 9 and address is 0x51. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-5-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit adb385a333864621ba526257b8cddd396085be72 Author: Yang Chen Date: Wed Jun 26 21:03:18 2024 +0800 ARM: dts: aspeed: minerva: add eeprom on i2c bus Add eeprom on the i2c-9 address 0x50 and i2c-15 address 0x56. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-4-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 606fe7e549cf4d1e00e41094965c050301dad24d Author: Yang Chen Date: Wed Jun 26 21:03:17 2024 +0800 ARM: dts: aspeed: minerva: change aliases for uart Change and add aliases name for uart interface. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-3-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 931f133325d9d7a56741f0697508eae1f39808cf Author: Yang Chen Date: Wed Jun 26 21:03:16 2024 +0800 ARM: dts: aspeed: minerva: change the address of tmp75 Revise the address of tmp75 on I2C bus 1 from 0x48 to 0x4f due to design change. Signed-off-by: Yang Chen Link: https://lore.kernel.org/r/20240626130332.929534-2-yangchen.openbmc@gmail.com Signed-off-by: Andrew Jeffery Signed-off-by: Joel Stanley commit 321d6b4b9cbe3dd0bc99937d5e5b4d730b5b5798 Author: Matthew Auld Date: Wed Aug 21 18:19:18 2024 +0100 drm/xe: fixup xe_alloc_pf_queue kzalloc expects number of bytes, therefore we should convert the number of dw into bytes, otherwise we are likely just accessing beyond the array causing all kinds of carnage. Also fixup the error handling while we are here. v2: - Prefer kcalloc (dim) Fixes: 3338e4f90c14 ("drm/xe: Use topology to determine page fault queue size") Signed-off-by: Matthew Auld Cc: Stuart Summers Cc: Matthew Brost Reviewed-by: Nirmoy Das Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240821171917.417386-2-matthew.auld@intel.com commit 6833337585dda8cc2e00532f1e2a6ad02fbf9dea Author: Ching-Te Ku Date: Fri Aug 16 20:46:14 2024 +0800 wifi: rtw89: coex: Add new Wi-Fi role format condition for function using There are many features need the information those record at Wi-Fi role structure. Implement the corresponding code for using. Signed-off-by: Ching-Te Ku Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240816124614.25592-5-pkshih@realtek.com commit b0923d48529c5e2f49492b356b3e970f0a98a649 Author: Ching-Te Ku Date: Fri Aug 16 20:46:13 2024 +0800 wifi: rtw89: coex: Bluetooth hopping map for Wi-Fi role version 7 To get Wi-Fi channel & bandwidth information from new Wi-Fi role format. Bluetooth will negotiate which channel to do TX/RX with connected device. And Bluetooth will maintain a hopping map, that describe the usable channels. To avoid the interference from Wi-Fi 2.4GHz/Bluetooth each other, Bluetooth must not to hop into Wi-Fi channel. Signed-off-by: Ching-Te Ku Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240816124614.25592-4-pkshih@realtek.com commit e43175dc045dd9ab77fd6ad71353f39f9c6edd66 Author: Ching-Te Ku Date: Fri Aug 16 20:46:12 2024 +0800 wifi: rtw89: coex: Update Wi-Fi role info version 7 This version included new introduced Wi-Fi DBCC information related to WiFi role. Signed-off-by: Ching-Te Ku Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240816124614.25592-3-pkshih@realtek.com commit 40520283e0fd11237ed9dfc0991503b3403d5fa4 Author: Matthew Brost Date: Tue Aug 20 09:16:32 2024 -0700 drm/xe: Invalidate media_gt TLBs in PT code Testing on LNL has shown media GT's TLBs need to be invalidated via the GuC, update PT code appropriately. v2: - Do dma_fence_get before first call of invalidation_fence_init (Himal) - No need to check for valid chain fence (Himal) Fixes: 3330361543fc ("drm/xe/lnl: Add LNL platform definition") Signed-off-by: Matthew Brost Reviewed-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240820161632.987369-1-matthew.brost@intel.com commit 2c29f70b3884fd69b5b246e78210a707354eb45e Author: Ching-Te Ku Date: Fri Aug 16 20:46:11 2024 +0800 wifi: rtw89: coex: Update report version of Wi-Fi firmware 0.29.90.0 for RTL8852BT Add the firmware related version code for RTL8852BT version 0.29.90.0. And add the version 7 report control structure format. Firmware will collect counters like mailbox count, RF on/off count, and some Bluetooth related counters into this structure and pass to driver periodically. It will help to understand how the firmware mechanism working. Signed-off-by: Ching-Te Ku Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240816124614.25592-2-pkshih@realtek.com commit 124410976bf807e76c45e36685ed8bf959229545 Author: Chia-Yuan Li Date: Thu Aug 15 21:40:54 2024 +0800 wifi: rtw89: limit the PPDU length for VHT rate to 0x40000 If the PPDU length for VHT rate exceeds 0x40000, calculating the PSDU length will overflow. TMAC will determine the length to be too small and as a result, all packets will be sent as ZLD (Zero Length Delimiter). Fixes: 5f7e92c59b8e ("wifi: rtw89: 8852b: set AMSDU limit to 5000") Signed-off-by: Chia-Yuan Li Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240815134054.44649-1-pkshih@realtek.com commit a3f00afc250aac2a4ed04828b9ec27278aebfe46 Author: Ping-Ke Shih Date: Fri Aug 16 19:57:00 2024 +0800 wifi: rtw89: debugfs: support multiple adapters debugging The rtw89 uses debugfs to access registers and driver states. To get a range of registers, the range value is set and stored to a variable, and get the set of register values by the stored range. However, the variable is a static global variable, which multiple adapters will be a problem, so move the variable to adapter context rtw89_dev. Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240816115700.17390-1-pkshih@realtek.com commit f32c821ae0198cf43181711efb18376b2eb6a1cb Author: Paolo Abeni Date: Tue Aug 20 17:12:22 2024 +0200 tools: ynl: lift an assumption about spec file name Currently the parsing code generator assumes that the yaml specification file name and the main 'name' attribute carried inside correspond, that is the field is the c-name representation of the file basename. The above assumption held true within the current tree, but will be hopefully broken soon by the upcoming net shaper specification. Additionally, it makes the field 'name' itself useless. Lift the assumption, always computing the generated include file name from the generated c file name. Signed-off-by: Paolo Abeni Link: https://patch.msgid.link/24da5a3596d814beeb12bd7139a6b4f89756cc19.1724165948.git.pabeni@redhat.com Signed-off-by: Jakub Kicinski commit f2e9b5caac5b4b987960c02623f64e4abd266294 Merge: 74b1e94e94ea36 76abb5d675c49b Author: Jakub Kicinski Date: Wed Aug 21 17:49:24 2024 -0700 Merge branch 'net-xilinx-axienet-add-statistics-support' Sean Anderson says: ==================== net: xilinx: axienet: Add statistics support Add support for hardware statistics counters (if they are enabled) in the AXI Ethernet driver. Unfortunately, the implementation is complicated a bit since the hardware might only support 32-bit counters. ==================== Link: https://patch.msgid.link/20240820175343.760389-1-sean.anderson@linux.dev Signed-off-by: Jakub Kicinski commit 76abb5d675c49baa0bc899c6ef8b49197ac914b8 Author: Sean Anderson Date: Tue Aug 20 13:53:42 2024 -0400 net: xilinx: axienet: Add statistics support Add support for reading the statistics counters, if they are enabled. The counters may be 64-bit, but we can't detect this statically as there's no ability bit for it and the counters are read-only. Therefore, we assume the counters are 32-bits by default. To ensure we don't miss an overflow, we read all counters at 13-second intervals. This should be often enough to ensure the bytes counters don't wrap at 2.5 Gbit/s. Another complication is that the counters may be reset when the device is reset (depending on configuration). To ensure the counters persist across link up/down (including suspend/resume), we maintain our own versions along with the last counter value we saw. Because we might wait up to 100 ms for the reset to complete, we use a mutex to protect writing hw_stats. We can't sleep in ndo_get_stats64, so we use a seqlock to protect readers. We don't bother disabling the refresh work when we detect 64-bit counters. This is because the reset issue requires us to read hw_stat_base and reset_in_progress anyway, which would still require the seqcount. And I don't think skipping the task is worth the extra bookkeeping. We can't use the byte counters for either get_stats64 or get_eth_mac_stats. This is because the byte counters include everything in the frame (destination address to FCS, inclusive). But rtnl_link_stats64 wants bytes excluding the FCS, and ethtool_eth_mac_stats wants to exclude the L2 overhead (addresses and length/type). It might be possible to calculate the byte values Linux expects based on the frame counters, but I think it is simpler to use the existing software counters. get_ethtool_stats is implemented for nonstandard statistics. This includes the aforementioned byte counters, VLAN and PFC frame counters, and user-defined (e.g. with custom RTL) counters. Signed-off-by: Sean Anderson Link: https://patch.msgid.link/20240820175343.760389-3-sean.anderson@linux.dev Signed-off-by: Jakub Kicinski commit d70e3788da1d335449ba91dd46f7c3e16b01aaae Author: Sean Anderson Date: Tue Aug 20 13:53:41 2024 -0400 net: xilinx: axienet: Report RxRject as rx_dropped The Receive Frame Rejected interrupt is asserted whenever there was a receive error (bad FCS, bad length, etc.) or whenever the frame was dropped due to a mismatched address. So this is really a combination of rx_otherhost_dropped, rx_length_errors, rx_frame_errors, and rx_crc_errors. Mismatched addresses are common and aren't really errors at all (much like how fragments are normal on half-duplex links). To avoid confusion, report these events as rx_dropped. This better reflects what's going on: the packet was received by the MAC but dropped before being processed. Signed-off-by: Sean Anderson Reviewed-by: Andrew Lunn Reviewed-by: Radhey Shyam Pandey Link: https://patch.msgid.link/20240820175343.760389-2-sean.anderson@linux.dev Signed-off-by: Jakub Kicinski commit 74b1e94e94ea369923e5656eeb10b26b16591327 Author: Jakub Kicinski Date: Tue Aug 20 13:51:19 2024 -0700 net: repack struct netdev_queue Adding the NAPI pointer to struct netdev_queue made it grow into another cacheline, even though there was 44 bytes of padding available. The struct was historically grouped as follows: /* read-mostly stuff (align) */ /* ... random control path fields ... */ /* write-mostly stuff (align) */ /* ... 40 byte hole ... */ /* struct dql (align) */ It seems that people want to add control path fields after the read only fields. struct dql looks pretty innocent but it forces its own alignment and nothing indicates that there is a lot of empty space above it. Move dql above the xmit_lock. This shifts the empty space to the end of the struct rather than in the middle of it. Move two example fields there to set an example. Hopefully people will now add new fields at the end of the struct. A lot of the read-only stuff is also control path-only, but if we move it all we'll have another hole in the middle. Before: /* size: 384, cachelines: 6, members: 16 */ /* sum members: 284, holes: 3, sum holes: 100 */ After: /* size: 320, cachelines: 5, members: 16 */ /* sum members: 284, holes: 1, sum holes: 8 */ Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240820205119.1321322-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit 0ce054f2b891afdd102c8bcc1fc57253c8964e40 Author: Dan Carpenter Date: Tue Aug 20 16:43:46 2024 +0300 ice: Fix a 32bit bug BIT() is unsigned long but ->pu.flg_msk and ->pu.flg_val are u64 type. On 32 bit systems, unsigned long is a u32 and the mismatch between u32 and u64 will break things for the high 32 bits. Fixes: 9a4c07aaa0f5 ("ice: add parser execution main loop") Signed-off-by: Dan Carpenter Reviewed-by: Alexander Lobakin Link: https://patch.msgid.link/ddc231a8-89c1-4ff4-8704-9198bcb41f8d@stanley.mountain Signed-off-by: Jakub Kicinski commit d35a3a8f1b7f27ac1ea0f7068dcab0c08846ac44 Author: Xi Huang Date: Tue Aug 20 19:54:42 2024 +0800 ipv6: remove redundant check err varibale will be set everytime,like -ENOBUFS and in if (err < 0), when code gets into this path. This check will just slowdown the execution and that's all. Signed-off-by: Xi Huang Reviewed-by: Florian Westphal Link: https://patch.msgid.link/20240820115442.49366-1-xuiagnh@gmail.com Signed-off-by: Jakub Kicinski commit 2d86ecb64b51127f0d9eac29cd4c58215246a029 Author: Jinjie Ruan Date: Tue Aug 20 15:50:47 2024 +0800 net: dsa: sja1105: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240820075047.681223-1-ruanjinjie@huawei.com Signed-off-by: Jakub Kicinski commit e58c3f3d5196952ffa29dd987a15405b7f559af9 Author: Jinjie Ruan Date: Tue Aug 20 15:48:05 2024 +0800 net: dsa: ocelot: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240820074805.680674-1-ruanjinjie@huawei.com Signed-off-by: Jakub Kicinski commit 488d34643ec3f4ce5ce120846fc81412534e9af1 Author: Gustavo A. R. Silva Date: Mon Aug 19 19:27:11 2024 -0600 nfc: pn533: Avoid -Wflex-array-member-not-at-end warnings -Wflex-array-member-not-at-end was introduced in GCC-14, and we are getting ready to enable it, globally. Remove unnecessary flex-array member `data[]`, and with this fix the following warnings: drivers/nfc/pn533/usb.c:268:38: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/nfc/pn533/usb.c:275:38: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva Reviewed-by: Simon Horman Link: https://patch.msgid.link/ZsPw7+6vNoS651Cb@elsanto Signed-off-by: Jakub Kicinski commit 2933aa8b77be957d57d1a1ba71617e09cdaa2cbb Author: Max Staudt Date: Sun Aug 11 22:09:06 2024 +0900 HID: hid-playstation: DS4: Update rumble and lightbar together Some 3rd party gamepads expect updates to rumble and lightbar together, and setting one may cancel the other. Let's maximise compatibility by always sending rumble and lightbar updates together, even when only one has been scheduled. Further background reading: - Apparently the PS4 always sends rumble and lightbar updates together: https://eleccelerator.com/wiki/index.php?title=DualShock_4#0x11_2 - 3rd party gamepads may not implement lightbar_blink, and may simply ignore updates with 0x07 set, according to: https://github.com/Ryochan7/DS4Windows/pull/1839 [jkosina@suse.com: fix shortlog] Acked-by: Roderick Colenbrander Signed-off-by: Max Staudt Signed-off-by: Jiri Kosina commit 6d1c22d0ace31d096b0dab5318c6a0d3219d6456 Author: Benno Lossin Date: Mon Aug 19 11:24:39 2024 +0000 rust: init: add `write_[pin_]init` functions Sometimes it is necessary to split allocation and initialization into two steps. One such situation is when reusing existing allocations obtained via `Box::drop_contents`. See [1] for an example. In order to support this use case add `write_[pin_]init` functions to the pin-init API. These functions operate on already allocated smart pointers that wrap `MaybeUninit`. Link: https://lore.kernel.org/rust-for-linux/f026532f-8594-4f18-9aa5-57ad3f5bc592@proton.me/ [1] Signed-off-by: Benno Lossin Reviewed-by: Boqun Feng Reviewed-by: Alice Ryhl Reviewed-by: Gary Guo Link: https://lore.kernel.org/r/20240819112415.99810-2-benno.lossin@proton.me Signed-off-by: Miguel Ojeda commit 01db99b272318da75a1aa5a81f75adb9d32f676e Author: Benno Lossin Date: Mon Aug 19 11:24:35 2024 +0000 rust: kernel: add `drop_contents` to `BoxExt` Sometimes (see [1]) it is necessary to drop the value inside of a `Box`, but retain the allocation. For example to reuse the allocation in the future. Introduce a new function `drop_contents` that turns a `Box` into `Box>` by dropping the value. Link: https://lore.kernel.org/rust-for-linux/20240418-b4-rbtree-v3-5-323e134390ce@google.com/ [1] Signed-off-by: Benno Lossin Reviewed-by: Boqun Feng Reviewed-by: Alice Ryhl Link: https://lore.kernel.org/r/20240819112415.99810-1-benno.lossin@proton.me Signed-off-by: Miguel Ojeda commit 447b167bb60d0bb95967c4d93dac9af1cca437db Author: Li Zhijian Date: Mon Aug 19 14:20:45 2024 +0800 nvdimm: Remove dead code for ENODEV checking in scan_labels() The only way create_namespace_pmem() returns an ENODEV code is if select_pmem_id(nd_region, &uuid) returns ENODEV when its 2nd parameter is a null pointer. However, this is impossible because &uuid is always valid. Furthermore, create_namespace_pmem() is the only user of select_pmem_id(), it's safe to remove the 'return -ENODEV' branch. Signed-off-by: Li Zhijian Reviewed-by: Ira Weiny Link: https://patch.msgid.link/20240819062045.1481298-2-lizhijian@fujitsu.com Signed-off-by: Ira Weiny commit 62c2aa6b1f565d2fc1ec11a6e9e8336ce37a6426 Author: Li Zhijian Date: Mon Aug 19 14:20:44 2024 +0800 nvdimm: Fix devs leaks in scan_labels() scan_labels() leaks memory when label scanning fails and it falls back to just creating a default "seed" namespace for userspace to configure. Root can force the kernel to leak memory. Allocate the minimum resources unconditionally and release them when unneeded to avoid the memory leak. A kmemleak reports: unreferenced object 0xffff88800dda1980 (size 16): comm "kworker/u10:5", pid 69, jiffies 4294671781 hex dump (first 16 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace (crc 0): [<00000000c5dea560>] __kmalloc+0x32c/0x470 [<000000009ed43c83>] nd_region_register_namespaces+0x6fb/0x1120 [libnvdimm] [<000000000e07a65c>] nd_region_probe+0xfe/0x210 [libnvdimm] [<000000007b79ce5f>] nvdimm_bus_probe+0x7a/0x1e0 [libnvdimm] [<00000000a5f3da2e>] really_probe+0xc6/0x390 [<00000000129e2a69>] __driver_probe_device+0x78/0x150 [<000000002dfed28b>] driver_probe_device+0x1e/0x90 [<00000000e7048de2>] __device_attach_driver+0x85/0x110 [<0000000032dca295>] bus_for_each_drv+0x85/0xe0 [<00000000391c5a7d>] __device_attach+0xbe/0x1e0 [<0000000026dabec0>] bus_probe_device+0x94/0xb0 [<00000000c590d936>] device_add+0x656/0x870 [<000000003d69bfaa>] nd_async_device_register+0xe/0x50 [libnvdimm] [<000000003f4c52a4>] async_run_entry_fn+0x2e/0x110 [<00000000e201f4b0>] process_one_work+0x1ee/0x600 [<000000006d90d5a9>] worker_thread+0x183/0x350 Cc: Dave Jiang Cc: Ira Weiny Fixes: 1b40e09a1232 ("libnvdimm: blk labels and namespace instantiation") Suggested-by: Dan Williams Signed-off-by: Li Zhijian Reviewed-by: Dan Williams Reviewed-by: Ira Weiny Link: https://patch.msgid.link/20240819062045.1481298-1-lizhijian@fujitsu.com Signed-off-by: Ira Weiny commit 795191854a8ff04a195c1cab856a61bd5677dda9 Author: Rob Herring (Arm) Date: Wed Jul 31 13:13:04 2024 -0600 nvdimm: Use of_property_present() and of_property_read_bool() Use of_property_present() and of_property_read_bool() to test property presence and read boolean properties rather than of_(find|get)_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_(find|get)_property() leak the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Reviewed-by: Dave Jiang Link: https://patch.msgid.link/20240731191312.1710417-26-robh@kernel.org Signed-off-by: Ira Weiny commit c4b43d8336e52dce6d124e428aa3b71703e62647 Author: Yang Ruibin <11162571@vivo.com> Date: Wed Aug 21 04:39:08 2024 -0400 drivers:iio:Fix the NULL vs IS_ERR() bug for debugfs_create_dir() The debugfs_create_dir() function returns error pointers. It never returns NULL. So use IS_ERR() to check it. Signed-off-by: Yang Ruibin <11162571@vivo.com> Link: https://patch.msgid.link/20240821083911.3411-1-11162571@vivo.com Signed-off-by: Jonathan Cameron commit fca0abb23447c37a6bdbc76798c24623a9b69a11 Author: Juha-Pekka Heikkila Date: Fri Aug 16 14:52:29 2024 +0300 drm/i915/display: allow creation of Xe2 ccs framebuffers Add I915_FORMAT_MOD_4_TILED_BMG_CCS and I915_FORMAT_MOD_4_TILED_LNL_CCS to possible created modifier for new framebuffer on Xe driver. Signed-off-by: Juha-Pekka Heikkila Reviewed-by: Mika Kahola Link: https://patchwork.freedesktop.org/patch/msgid/20240816115229.531671-4-juhapekka.heikkila@gmail.com Signed-off-by: Rodrigo Vivi commit 5151fa35ae5979821d091b80096b4c790b187bac Author: Juha-Pekka Heikkila Date: Fri Aug 16 14:52:28 2024 +0300 drm/fourcc: define Intel Xe2 related tile4 ccs modifiers Add Tile4 type ccs modifiers to indicate presence of compression on Xe2. Here is defined I915_FORMAT_MOD_4_TILED_LNL_CCS which is meant for integrated graphics with igpu related limitations Here is also defined I915_FORMAT_MOD_4_TILED_BMG_CCS which is meant for discrete graphics with dgpu related limitations Signed-off-by: Juha-Pekka Heikkila Reviewed-by: Lucas De Marchi Acked-by: Maarten Lankhorst Link: https://patchwork.freedesktop.org/patch/msgid/20240816115229.531671-3-juhapekka.heikkila@gmail.com Signed-off-by: Rodrigo Vivi commit 4cce34b3835b6f7dc52ee2da95c96b6364bb72e5 Author: Juha-Pekka Heikkila Date: Fri Aug 16 14:52:27 2024 +0300 drm/i915/display: Don't enable decompression on Xe2 with Tile4 >From now on expect Tile4 not to be using compression Signed-off-by: Juha-Pekka Heikkila Reviewed-by: Mika Kahola Link: https://patchwork.freedesktop.org/patch/msgid/20240816115229.531671-2-juhapekka.heikkila@gmail.com Signed-off-by: Rodrigo Vivi commit dbc3171194403d0d40e4bdeae666f6e76e428b53 Author: Samasth Norway Ananda Date: Mon Aug 12 13:26:59 2024 -0700 x86/PCI: Check pcie_find_root_port() return for NULL If pcie_find_root_port() is unable to locate a Root Port, it will return NULL. Check the pointer for NULL before dereferencing it. This particular case is in a quirk for devices that are always below a Root Port, so this won't avoid a problem and doesn't need to be backported, but check as a matter of style and to prevent copy/paste mistakes. Link: https://lore.kernel.org/r/20240812202659.1649121-1-samasth.norway.ananda@oracle.com Signed-off-by: Samasth Norway Ananda [bhelgaas: drop Fixes: and explain why there's no problem in this case] Signed-off-by: Bjorn Helgaas Reviewed-by: Mario Limonciello commit d35099d3c60c8a60de2cab909040c35e255cf474 Author: Andreas Klinger Date: Wed Aug 21 09:53:56 2024 +0200 iio: sgp40: retain documentation in driver Retain documentation on how the voc index is actually calculated in driver code as it'll be removed in Documentation. This is a follow up on patch "[PATCH] iio: ABI: remove duplicate in_resistance_calibbias" from David. Signed-off-by: Andreas Klinger Link: https://patch.msgid.link/ZsWdFOIkDtEB9WGO@mail.your-server.de Signed-off-by: Jonathan Cameron commit 6bcffddc14bbb39e05188c9b24826209576b52cf Author: David Lechner Date: Tue Aug 20 10:18:24 2024 -0500 iio: ABI: remove duplicate in_resistance_calibbias In commit 0f718e10da81 ("iio: ABI: add missing calibbias attributes"), the in_resistance_calibbias attribute was added to the main IIO ABI documentation. This attribute is was already documented in sysfs-bus-iio-chemical-sgp40. This resulted in a duplicate entry that is causing documentation build warnings. This removes the attribute from the sgp40 documentation in favor of the main IIO ABI documentation since this attribute fits the established pattern of standard IIO attributes. Reported-by: Stephen Rothwell Closes: https://lore.kernel.org/linux-next/20240820134739.50c771cb@canb.auug.org.au/ Signed-off-by: David Lechner Link: https://patch.msgid.link/20240820-iio-abi-remove-dup-in_resistance_calibbias-v1-1-e64e58cabb14@baylibre.com Signed-off-by: Jonathan Cameron commit bd5eebf4d3f02cdd069e5014a502ac7a310e3f03 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:29:51 2024 +0200 dt-bindings: iio: st,stm32-adc: add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clock-names. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Fabrice Gasnier Acked-by: Conor Dooley Link: https://patch.msgid.link/20240818172951.121983-1-krzysztof.kozlowski@linaro.org Signed-off-by: Jonathan Cameron commit 1a437d35a90b7a765d9ce2c629787d22ff103252 Merge: ffc41ce5cf09f8 a038eacdbf59e6 Author: Alexei Starovoitov Date: Wed Aug 21 11:03:01 2024 -0700 Merge branch '__jited-test-tag-to-check-disassembly-after-jit' Eduard Zingerman says: ==================== __jited test tag to check disassembly after jit Some of the logic in the BPF jits might be non-trivial. It might be useful to allow testing this logic by comparing generated native code with expected code template. This patch set adds a macro __jited() that could be used for test_loader based tests in a following manner: SEC("tp") __arch_x86_64 __jited(" endbr64") __jited(" nopl (%rax,%rax)") __jited(" xorq %rax, %rax") ... __naked void some_test(void) { ... } Also add a test for jit code generated for tail calls handling to demonstrate the feature. The feature uses LLVM libraries to do the disassembly. At selftests compilation time Makefile detects if these libraries are available. When libraries are not available tests using __jit_x86() are skipped. Current CI environment does not include llvm development libraries, but changes to add these are trivial. This was previously discussed here: https://lore.kernel.org/bpf/20240718205158.3651529-1-yonghong.song@linux.dev/ Patch-set includes a few auxiliary steps: - patches #2 and #3 fix a few bugs in test_loader behaviour; - patch #4 replaces __regex macro with ability to specify regular expressions in __msg and __xlated using "{{" "}}" escapes; - patch #8 updates __xlated to match disassembly lines consequently, same way as __jited does. Changes v2->v3: - changed macro name from __jit_x86 to __jited with __arch_* to specify disassembly arch (Yonghong); - __jited matches disassembly lines consequently with "..." allowing to skip some number of lines (Andrii); - __xlated matches disassembly lines consequently, same as __jited; - "{{...}}" regex brackets instead of __regex macro; - bug fixes for old commits. Changes v1->v2: - stylistic changes suggested by Yonghong; - fix for -Wformat-truncation related warning when compiled with llvm15 (Yonghong). v1: https://lore.kernel.org/bpf/20240809010518.1137758-1-eddyz87@gmail.com/ v2: https://lore.kernel.org/bpf/20240815205449.242556-1-eddyz87@gmail.com/ ==================== Link: https://lore.kernel.org/r/20240820102357.3372779-1-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit a038eacdbf59e6024c9e8da5df7f293e64cf20de Author: Eduard Zingerman Date: Tue Aug 20 03:23:57 2024 -0700 selftests/bpf: validate __xlated same way as __jited Both __xlated and __jited work with disassembly. It is logical to have both work in a similar manner. This commit updates __xlated macro handling in test_loader.c by making it expect matches on sequential lines, same way as __jited operates. For example: __xlated("1: *(u64 *)(r10 -16) = r1") ;; matched on line N __xlated("3: r0 = &(void __percpu *)(r0)") ;; matched on line N+1 Also: __xlated("1: *(u64 *)(r10 -16) = r1") ;; matched on line N __xlated("...") ;; not matched __xlated("3: r0 = &(void __percpu *)(r0)") ;; mantched on any ;; line >= N Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240820102357.3372779-10-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit e5bdd6a8be783eb0c960723d9f37df7ee931d6d6 Author: Eduard Zingerman Date: Tue Aug 20 03:23:56 2024 -0700 selftests/bpf: validate jit behaviour for tail calls A program calling sub-program which does a tail call. The idea is to verify instructions generated by jit for tail calls: - in program and sub-program prologues; - for subprogram call instruction; - for tail call itself. Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240820102357.3372779-9-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit 7d743e4c759c6bff0131d638158c3472358eda2b Author: Eduard Zingerman Date: Tue Aug 20 03:23:54 2024 -0700 selftests/bpf: __jited test tag to check disassembly after jit Allow to verify jit behaviour by writing tests as below: SEC("tp") __arch_x86_64 __jited(" endbr64") __jited(" nopl (%rax,%rax)") __jited(" xorq %rax, %rax") ... __naked void some_test(void) { asm volatile (... ::: __clobber_all); } Allow regular expressions in patterns, same way as in __msg. By default assume that each __jited pattern has to be matched on the next consecutive line of the disassembly, e.g.: __jited(" endbr64") # matched on line N __jited(" nopl (%rax,%rax)") # matched on line N+1 If match occurs on a wrong line an error is reported. To override this behaviour use __jited("..."), e.g.: __jited(" endbr64") # matched on line N __jited("...") # not matched __jited(" nopl (%rax,%rax)") # matched on any line >= N Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240820102357.3372779-7-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit b991fc52070042468f31b70fb8ccab96ba351f8a Author: Eduard Zingerman Date: Tue Aug 20 03:23:53 2024 -0700 selftests/bpf: utility function to get program disassembly after jit This commit adds a utility function to get disassembled text for jited representation of a BPF program designated by file descriptor. Function prototype looks as follows: int get_jited_program_text(int fd, char *text, size_t text_sz) Where 'fd' is a file descriptor for the program, 'text' and 'text_sz' refer to a destination buffer for disassembled text. Output format looks as follows: 18: 77 06 ja L0 1a: 50 pushq %rax 1b: 48 89 e0 movq %rsp, %rax 1e: eb 01 jmp L1 20: 50 L0: pushq %rax 21: 50 L1: pushq %rax ^ ^^^^^^^^ ^ ^^^^^^^^^^^^^^^^^^ | binary insn | textual insn | representation | representation | | instruction offset inferred local label name The code and makefile changes are inspired by jit_disasm.c from bpftool. Use llvm libraries to disassemble BPF program instead of libbfd to avoid issues with disassembly output stability pointed out in [1]. Selftests makefile uses Makefile.feature to detect if LLVM libraries are available. If that is not the case selftests build proceeds but the function returns -EOPNOTSUPP at runtime. [1] commit eb9d1acf634b ("bpftool: Add LLVM as default library for disassembling JIT-ed programs") Acked-by: Yonghong Song Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240820102357.3372779-6-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit f8d161756d422598e10a112171a73cf621e67fae Author: Eduard Zingerman Date: Tue Aug 20 03:23:52 2024 -0700 selftests/bpf: replace __regex macro with "{{...}}" patterns Upcoming changes require a notation to specify regular expression matches for regular verifier log messages, disassembly of BPF instructions, disassembly of jited instructions. Neither basic nor extended POSIX regular expressions w/o additional escaping are good for this role because of wide use of special characters in disassembly, for example: movq -0x10(%rbp), %rax ;; () are special characters cmpq $0x21, %rax ;; $ is a special character *(u64 *)(r10 -16) = r1 ;; * and () are special characters This commit borrows syntax from LLVM's FileCheck utility. It replaces __regex macro with ability to embed regular expressions in __msg patters using "{{" "}}" pairs for escaping. Syntax for __msg patterns: pattern := ( | regex)* regex := "{{" "}}" For example, pattern "foo{{[0-9]+}}" matches strings like "foo0", "foo007", etc. Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240820102357.3372779-5-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit f00bb757ed630affc951691ddaff206039cbb7ee Author: Eduard Zingerman Date: Tue Aug 20 03:23:51 2024 -0700 selftests/bpf: fix to avoid __msg tag de-duplication by clang __msg, __regex and __xlated tags are based on __attribute__((btf_decl_tag("..."))) annotations. Clang de-duplicates such annotations, e.g. the following two sequences of tags are identical in final BTF: /* seq A */ /* seq B */ __tag("foo") __tag("foo") __tag("bar") __tag("bar") __tag("foo") Fix this by adding a unique suffix for each tag using __COUNTER__ pre-processor macro. E.g. here is a new definition for __msg: #define __msg(msg) \ __attribute__((btf_decl_tag("comment:test_expect_msg=" XSTR(__COUNTER__) "=" msg))) Using this definition the "seq A" from example above is translated to BTF as follows: [..] DECL_TAG 'comment:test_expect_msg=0=foo' type_id=X component_idx=-1 [..] DECL_TAG 'comment:test_expect_msg=1=bar' type_id=X component_idx=-1 [..] DECL_TAG 'comment:test_expect_msg=2=foo' type_id=X component_idx=-1 Surprisingly, this bug affects a single existing test: verifier_spill_fill/old_stack_misc_vs_cur_ctx_ptr, where sequence of identical messages was expected in the log. Fixes: 537c3f66eac1 ("selftests/bpf: add generic BPF program tester-loader") Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240820102357.3372779-4-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit d0a29cdb6ef95d8a175e09ab2d1334271f047e60 Author: Eduard Zingerman Date: Tue Aug 20 03:23:50 2024 -0700 selftests/bpf: correctly move 'log' upon successful match Suppose log="foo bar buz" and msg->substr="bar". In such case current match processing logic would update 'log' as follows: log += strlen(msg->substr); -> log += 3 -> log=" bar". However, the intent behind the 'log' update is to make it point after the successful match, e.g. to make log=" buz" in the example above. Fixes: 4ef5d6af4935 ("selftests/bpf: no need to track next_match_pos in struct test_loader") Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240820102357.3372779-3-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit 7d41dad105b6667745f0984e386caf3289cef6db Author: Eduard Zingerman Date: Tue Aug 20 03:23:49 2024 -0700 selftests/bpf: less spam in the log for message matching When running test_loader based tests in the verbose mode each matched message leaves a trace in the stderr, e.g.: ./test_progs -vvv -t ... validate_msgs:PASS:expect_msg 0 nsec validate_msgs:PASS:expect_msg 0 nsec validate_msgs:PASS:expect_msg 0 nsec validate_msgs:PASS:expect_msg 0 nsec validate_msgs:PASS:expect_msg 0 nsec This is not very helpful when debugging such tests and clobbers the log a lot. Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240820102357.3372779-2-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov commit ffc41ce5cf09f8d7113aca98e68f6e11956c0eab Merge: 01ac89d0a5c233 b0cd726f9a8279 Author: Alexei Starovoitov Date: Wed Aug 21 10:37:52 2024 -0700 Merge branch 'support-passing-bpf-iterator-to-kfuncs' Andrii Nakryiko says: ==================== Support passing BPF iterator to kfuncs Add support for passing BPF iterator state to any kfunc. Such kfunc has to declare such argument with valid `struct bpf_iter_ *` type and should use "__iter" suffix in argument name, following the established suffix-based convention. We add a simple test/demo iterator getter in bpf_testmod. ==================== Link: https://lore.kernel.org/r/20240808232230.2848712-1-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit b0cd726f9a8279b33faa5b4b0011df14f331fb33 Author: Andrii Nakryiko Date: Thu Aug 8 16:22:30 2024 -0700 selftests/bpf: test passing iterator to a kfunc Define BPF iterator "getter" kfunc, which accepts iterator pointer as one of the arguments. Make sure that argument passed doesn't have to be the very first argument (unlike new-next-destroy combo). Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240808232230.2848712-4-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit baebe9aaba1e59e34cd1fe6455bb4c3029ad3bc1 Author: Andrii Nakryiko Date: Thu Aug 8 16:22:29 2024 -0700 bpf: allow passing struct bpf_iter_ as kfunc arguments There are potentially useful cases where a specific iterator type might need to be passed into some kfunc. So, in addition to existing bpf_iter__{new,next,destroy}() kfuncs, allow to pass iterator pointer to any kfunc. We employ "__iter" naming suffix for arguments that are meant to accept iterators. We also enforce that they accept PTR -> STRUCT btf_iter_ type chain and point to a valid initialized on-the-stack iterator state. Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240808232230.2848712-3-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit 496ddd19a0fad22f250fc7a7b7a8000155418934 Author: Andrii Nakryiko Date: Thu Aug 8 16:22:28 2024 -0700 bpf: extract iterator argument type and name validation logic Verifier enforces that all iterator structs are named `bpf_iter_` and that whenever iterator is passed to a kfunc it's passed as a valid PTR -> STRUCT chain (with potentially const modifiers in between). We'll need this check for upcoming changes, so instead of duplicating the logic, extract it into a helper function. Signed-off-by: Andrii Nakryiko Acked-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240808232230.2848712-2-andrii@kernel.org Signed-off-by: Alexei Starovoitov commit 8fa052c29e509f3e47d56d7fc2ca28094d78c60a Author: Udit Kumar Date: Tue Aug 20 16:20:04 2024 +0530 remoteproc: k3-r5: Delay notification of wakeup event Few times, core1 was scheduled to boot first before core0, which leads to error: 'k3_r5_rproc_start: can not start core 1 before core 0'. This was happening due to some scheduling between prepare and start callback. The probe function waits for event, which is getting triggered by prepare callback. To avoid above condition move event trigger to start instead of prepare callback. Fixes: 61f6f68447ab ("remoteproc: k3-r5: Wait for core0 power-up before powering up core1") Signed-off-by: Udit Kumar [ Applied wakeup event trigger only for Split-Mode booted rprocs ] Signed-off-by: Beleswar Padhi Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240820105004.2788327-1-b-padhi@ti.com Signed-off-by: Mathieu Poirier commit ebcf9008a895a2a9416f69e186b56fbade35e12c Author: Martyn Welch Date: Fri Aug 2 10:21:03 2024 -0500 remoteproc: k3-m4: Add a remoteproc driver for M4F subsystem The AM62x and AM64x SoCs of the TI K3 family has a Cortex M4F core in the MCU domain. This core is typically used for safety applications in a stand alone mode. However, some application (non safety related) may want to use the M4F core as a generic remote processor with IPC to the host processor. The M4F core has internal IRAM and DRAM memories and are exposed to the system bus for code and data loading. A remote processor driver is added to support this subsystem, including being able to load and boot the M4F core. Loading includes to M4F internal memories and predefined external code/data memories. The carve outs for external contiguous memory is defined in the M4F device node and should match with the external memory declarations in the M4F image binary. The M4F subsystem has two resets. One reset is for the entire subsystem i.e including the internal memories and the other, a local reset is only for the M4F processing core. When loading the image, the driver first releases the subsystem reset, loads the firmware image and then releases the local reset to let the M4F processing core run. Signed-off-by: Martyn Welch Signed-off-by: Hari Nagalla Signed-off-by: Andrew Davis Tested-by: Wadim Egorov Link: https://lore.kernel.org/r/20240802152109.137243-4-afd@ti.com Signed-off-by: Mathieu Poirier commit ce6acb2240f40f24bc7b9240e11bbfad7cf3d113 Author: Andrew Davis Date: Fri Aug 2 10:21:02 2024 -0500 remoteproc: k3: Factor out TI-SCI processor control OF get function Building the TSP structure is common for users of the TI-SCI processor control interface. Factor out this function and put it with the rest of the TI-SCI processor control functions. Signed-off-by: Andrew Davis Tested-by: Wadim Egorov Link: https://lore.kernel.org/r/20240802152109.137243-3-afd@ti.com Signed-off-by: Mathieu Poirier commit 9fedb829372d4bd176ad077a0f52bc47258aa178 Author: Hari Nagalla Date: Fri Aug 2 10:21:01 2024 -0500 dt-bindings: remoteproc: k3-m4f: Add K3 AM64x SoCs K3 AM64x SoC has a Cortex M4F subsystem in the MCU voltage domain. The remote processor's life cycle management and IPC mechanisms are similar across the R5F and M4F cores from remote processor driver point of view. However, there are subtle differences in image loading and starting the M4F subsystems. The YAML binding document provides the various node properties to be configured by the consumers of the M4F subsystem. Signed-off-by: Martyn Welch Signed-off-by: Hari Nagalla Signed-off-by: Andrew Davis Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240802152109.137243-2-afd@ti.com Signed-off-by: Mathieu Poirier commit d156263e247c334a8872578118e0709ed63c4806 Author: Tejun Heo Date: Wed Aug 21 06:37:39 2024 -1000 workqueue: Fix another htmldocs build warning Fix htmldocs build warning introduced by 9b59a85a84dc ("workqueue: Don't call va_start / va_end twice"). Signed-off-by: Tejun Heo Reported-by: Stephen Rothwell Cc: Matthew Brost commit 84c425bef3409d69ddb171c89664f66030bbf9d9 Author: Sergey Senozhatsky Date: Thu Aug 15 16:02:58 2024 +0900 workqueue: fix null-ptr-deref on __alloc_workqueue() error wq->lockdep_map is set only after __alloc_workqueue() successfully returns. However, on its error path __alloc_workqueue() may call destroy_workqueue() which expects wq->lockdep_map to be already set, which results in a null-ptr-deref in touch_wq_lockdep_map(). Add a simple NULL-check to touch_wq_lockdep_map(). Oops: general protection fault, probably for non-canonical address KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] RIP: 0010:__lock_acquire+0x81/0x7800 [..] Call Trace: ? __die_body+0x66/0xb0 ? die_addr+0xb2/0xe0 ? exc_general_protection+0x300/0x470 ? asm_exc_general_protection+0x22/0x30 ? __lock_acquire+0x81/0x7800 ? mark_lock+0x94/0x330 ? __lock_acquire+0x12fd/0x7800 ? __lock_acquire+0x3439/0x7800 lock_acquire+0x14c/0x3e0 ? __flush_workqueue+0x167/0x13a0 ? __init_swait_queue_head+0xaf/0x150 ? __flush_workqueue+0x167/0x13a0 __flush_workqueue+0x17d/0x13a0 ? __flush_workqueue+0x167/0x13a0 ? lock_release+0x50f/0x830 ? drain_workqueue+0x94/0x300 drain_workqueue+0xe3/0x300 destroy_workqueue+0xac/0xc40 ? workqueue_sysfs_register+0x159/0x2f0 __alloc_workqueue+0x1506/0x1760 alloc_workqueue+0x61/0x150 ... Signed-off-by: Sergey Senozhatsky Signed-off-by: Tejun Heo commit 77cc3f6c58b1b28cee73904946c46a1415187d04 Author: Matthew Brost Date: Tue Aug 20 09:01:29 2024 -0700 drm/xe: Invalidate media_gt TLBs Testing on LNL has shown media TLBs need to be invalidated via the GuC, update xe_vm_invalidate_vma appropriately. v2: Fix 2 tile case v3: Include missing local change Fixes: 3330361543fc ("drm/xe/lnl: Add LNL platform definition") Signed-off-by: Matthew Brost Reviewed-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240820160129.986889-1-matthew.brost@intel.com commit 32a42c93b74c8ca6d0915ea3eba21bceff53042f Author: Matthew Brost Date: Tue Aug 20 13:23:09 2024 -0700 drm/xe: Free job before xe_exec_queue_put Free job depends on job->vm being valid, the last xe_exec_queue_put can destroy the VM. Prevent UAF by freeing job before xe_exec_queue_put. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Matthew Brost Reviewed-by: Nirmoy Das Reviewed-by: Jagmeet Randhawa Link: https://patchwork.freedesktop.org/patch/msgid/20240820202309.1260755-1-matthew.brost@intel.com commit fd45d52eae5c42fdb68802127fa98d3718c80043 Author: Namhyung Kim Date: Mon Aug 19 16:36:03 2024 -0700 perf annotate-data: Add 'typecln' sort key Sometimes it's useful to organize member fields in cache-line boundary. The 'typecln' sort key is short for type-cacheline and to show samples in each cacheline. The cacheline size is fixed to 64 for now, but it can read the actual size once it saves the value from sysfs. For example, you maybe want to which cacheline in a target is hot or cold. The following shows members in the cfs_rq's first cache line. $ perf report -s type,typecln,typeoff -H ... - 2.67% struct cfs_rq + 1.23% struct cfs_rq: cache-line 2 + 0.57% struct cfs_rq: cache-line 4 + 0.46% struct cfs_rq: cache-line 6 - 0.41% struct cfs_rq: cache-line 0 0.39% struct cfs_rq +0x14 (h_nr_running) 0.02% struct cfs_rq +0x38 (tasks_timeline.rb_leftmost) ... Committer testing: # root@number:~# perf report -s type,typecln,typeoff -H --stdio # Total Lost Samples: 0 # # Samples: 5K of event 'cpu_atom/mem-loads,ldlat=5/P' # Event count (approx.): 312251 # # Overhead Data Type / Data Type Cacheline / Data Type Offset # .............. .................................................. # 0.07% struct sigaction 0.05% struct sigaction: cache-line 1 0.02% struct sigaction +0x58 (sa_mask) 0.02% struct sigaction +0x78 (sa_mask) 0.03% struct sigaction: cache-line 0 0.02% struct sigaction +0x38 (sa_mask) 0.01% struct sigaction +0x8 (sa_mask) Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240819233603.54941-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 7a5c2170244b4f55588353e68ebbafc249597ee6 Author: Namhyung Kim Date: Mon Aug 19 16:36:02 2024 -0700 perf annotate-data: Show offset and size in hex It'd be better to have them in hex to check cacheline alignment. Percent offset size field 100.00 0 0x1c0 struct cfs_rq { 0.00 0 0x10 struct load_weight load { 0.00 0 0x8 long unsigned int weight; 0.00 0x8 0x4 u32 inv_weight; }; 0.00 0x10 0x4 unsigned int nr_running; 14.56 0x14 0x4 unsigned int h_nr_running; 0.00 0x18 0x4 unsigned int idle_nr_running; 0.00 0x1c 0x4 unsigned int idle_h_nr_running; ... Committer notes: Justification from Namhyung when asked about why it would be "better": Cache line sizes are power of 2 so it'd be natural to use hex and check whether an offset is in the same boundary. Also 'perf annotate' shows instruction offsets in hex. > > Maybe this should be selectable? I can add an option and/or a config if you want. Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240819233603.54941-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit cad5b06c1fc71fe98272b26031b0560770094970 Author: Krzysztof Kozlowski Date: Wed Aug 21 16:01:16 2024 +0200 arm64: dts: qcom: sm8150-mtp: drop incorrect amd,imageon The SM8150 MTP board does not have magically different GPU than the SM8150, so it cannot use amd,imageon compatible, also pointed by dtbs_check: sm8150-mtp.dtb: gpu@2c00000: compatible: 'oneOf' conditional failed, one must be fixed: ['qcom,adreno-640.1', 'qcom,adreno', 'amd,imageon'] is too long 'qcom,adreno-640.1' does not match '^qcom,adreno-[0-9a-f]{8}$' 'qcom,adreno-640.1' does not match '^amd,imageon-200\\.[0-1]$' 'amd,imageon' was expected The incorrect amd,imageon compatible was added in commit f30ac26def18 ("arm64: dts: qcom: add sm8150 GPU nodes") to the SM8150 and later moved to the SM8150 MTP board in commit 1642ab96efa4 ("arm64: dts: qcom: sm8150: Don't start Adreno in headless mode") with an intention to allow headless mode. This should be solved via proper driver quirks, not fake compatibles. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240821140116.436441-1-krzysztof.kozlowski@linaro.org Signed-off-by: Bjorn Andersson commit ce66d7c703d32851ceb50511e634712049f0c1c1 Author: Yang Ruibin <11162571@vivo.com> Date: Wed Aug 21 06:14:56 2024 -0400 perf bpf: Remove redundant check that map is NULL The check that map is NULL is already done in the bpf_map__fd(map) and returns an errno, which does not run further checks. In addition, even if the check for map is run, the return is a pointer, which is not consistent with the err_number returned by bpf_map__fd(map). Signed-off-by: Yang Ruibin <11162571@vivo.com> Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Stephen Rothwell Cc: opensource.kernel@vivo.com Link: https://lore.kernel.org/r/20240821101500.4568-1-11162571@vivo.com Signed-off-by: Arnaldo Carvalho de Melo commit 4d6d6e0f61e2267103e9b013d2a82d04ff278127 Author: Namhyung Kim Date: Tue Aug 20 23:54:08 2024 -0700 perf annotate-data: Fix percpu pointer check In check_matching_type(), it checks the type state of the register in a wrong order. When it's the percpu pointer, it should check the type for the pointer, but it checks the CFA bit first and thought it has no type in the stack slot. This resulted in no type info. ----------------------------------------------------------- find data type for 0x28(reg1) at hrtimer_reprogram+0x88 CU for kernel/time/hrtimer.c (die:0x18f219f) frame base: cfa=1 fbreg=7 ... add [72] percpu 0x24500 -> reg1 pointer type='struct hrtimer_cpu_base' size=0x240 (die:0x18f6d46) bb: [7a - 7e] bb: [80 - 86] (here) bb: [88 - 88] vvv chk [88] reg1 offset=0x28 ok=1 kind=4 cfa : no type information no type information Here, instruction at 0x72 found reg1 has a (percpu) pointer and got the correct type. But when it checks the final result, it wrongly thought it was stack variable because it checks the cfa bit first. After changing the order of state check: ----------------------------------------------------------- find data type for 0x28(reg1) at hrtimer_reprogram+0x88 CU for kernel/time/hrtimer.c (die:0x18f219f) frame base: cfa=1 fbreg=7 ... (here) vvvvvvvvvv chk [88] reg1 offset=0x28 ok=1 kind=4 percpu ptr : Good! found by insn track: 0x28(reg1) type-offset=0x28 final type: type='struct hrtimer_cpu_base' size=0x240 (die:0x18f6d46) Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240821065408.285548-3-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 4a32a97268d304d5708f1212c4a4d0e1dd3246dd Author: Namhyung Kim Date: Tue Aug 20 23:54:07 2024 -0700 perf annotate-data: Prefer struct/union over base type Sometimes a compound type can have a single field and the size is the same as the base type. But it's still preferred as struct or union could carry more information than the base type. Also put a slight priority on the typedef for the same reason. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240821065408.285548-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 922ec313f061cf75157d8e93fe16bc6397f6ea25 Author: Namhyung Kim Date: Tue Aug 20 23:54:06 2024 -0700 perf annotate-data: Fix missing constant copy I found it missed to copy the immediate constant when it moves the register value. This could result in a wrong type inference since the address for the per-cpu variable would be 0 always. Fixes: eb9190afaed6afd5 ("perf annotate-data: Handle ADD instructions") Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240821065408.285548-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 6d9a732d8a4ab4a56eb7b4b9922f85fedc5827dd Author: Thomas Richter Date: Thu Aug 8 10:58:57 2024 +0200 s390/cpum_sf: Ignore qsi() return code qsi() executes the instruction qsi (query sample information) and stores the result of the query in a sample information block pointed to by the function argument. The instruction does not change the condition code register. The return code is always zero. No need to check for errors. Remove now unreferenced macros PMC_FAILURE and RS_INIT_FAILURE_QSI. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Signed-off-by: Vasily Gorbik commit 742a7557164bbde9f3263aeebc581fb985fe7dbc Author: Thomas Richter Date: Thu Aug 8 10:58:56 2024 +0200 s390/cpum_sf: Ignore lsctl() return code in sf_disable() sf_disable() returns the condition code of instruction lsctl (load sampling controls). However the parameter to lsctl() in sf_disable() is a sample control block containing all zeroes. This invocation of lsctl() does not fail and returns always zero even when there is no authorization for sampling on the machine. In short, sampling can be always turned off. Ignore the return code of sf_disable() and change the function return to void. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Signed-off-by: Vasily Gorbik commit 073ef6b2041075e08c780db34f67e6daf884c9f8 Author: Holger Dengler Date: Tue Jul 16 14:16:39 2024 +0200 s390/zcrypt_msgtype6: Cleanup debug code The dynamic debugging provides function names on request. So remove all explicit function strings. Reviewed-by: Harald Freudenberger [dengler: fix indent] Signed-off-by: Holger Dengler Signed-off-by: Vasily Gorbik commit a7a88eeae310f2acb564bb3e747cd3739daccc10 Author: Holger Dengler Date: Tue Jul 16 14:16:38 2024 +0200 s390/zcrypt_msgtype50: Cleanup debug code The dynamic debugging provides function names on request. So remove all explicit function strings. Reviewed-by: Harald Freudenberger Signed-off-by: Holger Dengler Signed-off-by: Vasily Gorbik commit 1849850e8177b60ae67be4ae1a0bebaaaabcb4d7 Author: Holger Dengler Date: Tue Jul 16 14:16:37 2024 +0200 s390/zcrypt_api: Cleanup debug code The dynamic debugging provides function names on request. So remove all explicit function strings. Reviewed-by: Harald Freudenberger Signed-off-by: Holger Dengler Signed-off-by: Vasily Gorbik commit ea31f0f6e251db7408cbe7500e97bc9d1694910c Author: Holger Dengler Date: Tue Jul 16 14:16:36 2024 +0200 s390/ap_queue: Cleanup debug code The dynamic debugging provides function names on request. So remove all explicit function strings. Reviewed-by: Harald Freudenberger Signed-off-by: Holger Dengler Signed-off-by: Vasily Gorbik commit 391b8a6ce12891815491fd51a00619cab2589fe4 Author: Holger Dengler Date: Tue Jul 16 14:16:35 2024 +0200 s390/ap_bus: Cleanup debug code The dynamic debugging provides function names on request. So remove all explicit function strings. Reviewed-by: Harald Freudenberger Signed-off-by: Holger Dengler Signed-off-by: Vasily Gorbik commit 61c80c77b4f35e229347551d13e265752f067151 Author: Vijendar Mukunda Date: Wed Aug 21 12:16:50 2024 +0530 ASoC: SOF: amd: remove unused variable from sof_amd_acp_desc structure Remove unused structure member 'rev' from sof_amd_acp_desc structure. Signed-off-by: Vijendar Mukunda Reviewed-by: Ranjani Sridharan Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240821064650.2850310-1-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 2d3b218d383e24623070f4439a0af64d200eb740 Author: Kuninori Morimoto Date: Wed Aug 21 02:23:07 2024 +0000 ASoC: soc-pcm: remove snd_soc_dpcm_stream_lock_irqsave_nested() soc-pcm.c has snd_soc_dpcm_stream_lock_irqsave_nested() / snd_soc_dpcm_stream_unlock_irqrestore() helper function, but it is almost nothing help. It just makes a code complex. Let's remove it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87msl6aa2c.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit 8a8dcf702673787543173b8ac5dafae2f7f13e87 Author: Baojun Xu Date: Wed Aug 21 15:25:27 2024 +0800 ASoC: tas2781: Remove unnecessary line feed for tasdevice_codec_remove Remove unnecessary line feed for tasdevice_codec_remove. Add comma at the end the last member of the array. Signed-off-by: Baojun Xu Link: https://patch.msgid.link/20240821072527.1294-1-baojun.xu@ti.com Signed-off-by: Mark Brown commit 6f6d8b2d49299492e704030632ab79257685e5d3 Author: Colin Ian King Date: Wed Aug 21 12:49:27 2024 +0100 ASoC: codecs: wcd934x: make read-only array minCode_param static const Don't populate the read-only array minCode_param on the stack at run time, instead make it static const. Signed-off-by: Colin Ian King Link: https://patch.msgid.link/20240821114927.520193-1-colin.i.king@gmail.com Signed-off-by: Mark Brown commit 4441686b24a1d7acf9834ca95864d67e3f97666a Author: Ingo Franzki Date: Fri Aug 16 13:21:33 2024 +0200 dm-crypt: Allow to specify the integrity key size as option For the MAC based integrity operation, the integrity key size (i.e. key_mac_size) is currently set to the digest size of the used digest. For wrapped key HMAC algorithms, the key size is independent of the cryptographic key size. So there is no known size of the mac key in such cases. The desired key size can optionally be specified as argument when the dm-crypt device is configured via 'integrity_key_size:%u'. If no integrity_key_size argument is specified, the mac key size is still set to the digest size, as before. Increase version number to 1.28.0 so that support for the new argument can be detected by user space (i.e. cryptsetup). Signed-off-by: Ingo Franzki Reviewed-by: Milan Broz Signed-off-by: Mikulas Patocka commit 255fc1703e42321b5afdedc8259ad03c7cc533ec Author: Andi Shyti Date: Wed Aug 7 11:05:21 2024 +0100 drm/i915/gem: Calculate object page offset for partial memory mapping To enable partial memory mapping of GPU virtual memory, it's necessary to introduce an offset to the object's memory (obj->mm.pages) scatterlist. This adjustment compensates for instances when userspace mappings do not start from the beginning of the object. Based on a patch by Chris Wilson. Signed-off-by: Andi Shyti Cc: Chris Wilson Cc: Lionel Landwerlin Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240807100521.478266-3-andi.shyti@linux.intel.com commit 609d8b1c422cd8d1f93bf526fb236f2e07687e7c Author: Andi Shyti Date: Wed Aug 7 11:05:20 2024 +0100 drm/i915/gem: Do not look for the exact address in node In preparation for the upcoming partial memory mapping feature, we want to make sure that when looking for a node we consider also the offset and not just the starting address of the virtual memory node. Signed-off-by: Andi Shyti Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240807100521.478266-2-andi.shyti@linux.intel.com commit 59cd94ef80094857f0d0085daa2e32badc4cddf4 Author: John Ogness Date: Tue Aug 20 08:36:01 2024 +0206 lockdep: Mark emergency sections in lockdep splats Mark emergency sections wherever multiple lines of lock debugging output are generated. In an emergency section, every printk() call will attempt to directly flush to the consoles using the EMERGENCY priority. Note that debug_show_all_locks() and lockdep_print_held_locks() rely on their callers to enter the emergency section. This is because these functions can also be called in non-emergency situations (such as sysrq). Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-36-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 8c03273a509c88b12c53a9ddf07702f83983e4de Author: John Ogness Date: Tue Aug 20 08:36:00 2024 +0206 rcu: Mark emergency sections in rcu stalls Mark emergency sections wherever multiple lines of rcu stall information are generated. In an emergency section, every printk() call will attempt to directly flush to the consoles using the EMERGENCY priority. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Acked-by: Paul E. McKenney Link: https://lore.kernel.org/r/20240820063001.36405-35-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 4bdfa0d8e920c391e6cc0aa1feef8ed91d81f724 Author: John Ogness Date: Tue Aug 20 08:35:59 2024 +0206 panic: Mark emergency section in oops Mark an emergency section beginning with oops_enter() until the end of oops_exit(). In this section, every printk() call will attempt to directly flush to the consoles using the EMERGENCY priority. The very end of oops_exit() performs a kmsg_dump(). This is not included in the emergency section because it is another flushing mechanism that should occur after the consoles have flushed the oops messages. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-34-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 4833794db61c8cc4de4563a2754c7aedaffbb684 Author: Thomas Gleixner Date: Tue Aug 20 08:35:58 2024 +0206 panic: Mark emergency section in warn Mark the full contents of __warn() as an emergency section. In this section, every printk() call will attempt to directly flush to the consoles using the EMERGENCY priority. Co-developed-by: John Ogness Signed-off-by: John Ogness Signed-off-by: Thomas Gleixner (Intel) Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-33-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit ecb5e1aa82c86642ec1eaafefd4e317dfba3a238 Author: Thomas Gleixner Date: Tue Aug 20 08:35:57 2024 +0206 printk: nbcon: Implement emergency sections In emergency situations (something has gone wrong but the system continues to operate), usually important information (such as a backtrace) is generated via printk(). This information should be pushed out to the consoles ASAP. Add per-CPU emergency nesting tracking because an emergency can arise while in an emergency situation. Add functions to mark the beginning and end of emergency sections where the urgent messages are generated. Perform direct console flushing at the emergency priority if the current CPU is in an emergency state and it is safe to do so. Note that the emergency state is not system-wide. While one CPU is in an emergency state, another CPU may attempt to print console messages at normal priority. Also note that printk() already attempts to flush consoles in the caller context for normal priority. However, follow-up changes will introduce printing kthreads, in which case the normal priority printk() calls will offload to the kthreads. Co-developed-by: John Ogness Signed-off-by: John Ogness Signed-off-by: Thomas Gleixner (Intel) Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-32-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 6690d6b52726bcb2b743466a1833e0b9f049b9d7 Author: John Ogness Date: Tue Aug 20 08:35:56 2024 +0206 printk: Add helper for flush type logic There are many call sites where console flushing occur. Depending on the system state and types of consoles, the flush methods to use are different. A flush call site generally must consider: @have_boot_console @have_nbcon_console @have_legacy_console @legacy_allow_panic_sync is_printk_preferred() and take into account the current CPU state: NBCON_PRIO_NORMAL NBCON_PRIO_EMERGENCY NBCON_PRIO_PANIC in order to decide if it should: flush nbcon directly via atomic_write() callback flush legacy directly via console_unlock flush legacy via offload to irq_work All of these call sites use their own logic to make this decision, which is complicated and error prone. Especially later when two more flush methods will be introduced: flush nbcon via offload to kthread flush legacy via offload to kthread Introduce a new internal struct console_flush_type that specifies which console flushing methods should be used in the context of the caller. Introduce a helper function to fill out console_flush_type to be used for flushing call sites. Replace the logic of all flushing call sites to use the new helper. This change standardizes behavior, leading to both fixes and optimizations across various call sites. For instance, in console_cpu_notify(), the new logic ensures that nbcon consoles are flushed when they aren’t managed by the legacy loop. Similarly, in console_flush_on_panic(), the system no longer needs to flush nbcon consoles if none are present. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-31-john.ogness@linutronix.de [pmladek@suse.com: Updated the commit message.] Signed-off-by: Petr Mladek commit e35a8884270bae11196eedf3b0a5bf22619f11f2 Author: John Ogness Date: Tue Aug 20 08:35:55 2024 +0206 printk: Coordinate direct printing in panic If legacy and nbcon consoles are registered and the nbcon consoles are allowed to flush (i.e. no boot consoles registered), the legacy consoles will no longer perform direct printing on the panic CPU until after the backtrace has been stored. This will give the safe nbcon consoles a chance to print the panic messages before allowing the unsafe legacy consoles to print. If no nbcon consoles are registered or they are not allowed to flush because boot consoles are registered, there is no change in behavior (i.e. legacy consoles will always attempt to print from the printk() caller context). Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-30-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit bebd87ae27e052e390c203893c7ee46f54b0bf9e Author: John Ogness Date: Tue Aug 20 08:35:54 2024 +0206 printk: Track nbcon consoles Add a global flag @have_nbcon_console to identify if any nbcon consoles are registered. This will be used in follow-up commits to preserve legacy behavior when no nbcon consoles are registered. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-29-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 60013065fdc677df7b71f9a0bac501020e3bbd4f Author: John Ogness Date: Tue Aug 20 08:35:53 2024 +0206 printk: Avoid console_lock dance if no legacy or boot consoles Currently the console lock is used to attempt legacy-type printing even if there are no legacy or boot consoles registered. If no such consoles are registered, the console lock does not need to be taken. Add tracking of legacy console registration and use it with boot console tracking to avoid unnecessary code paths, i.e. do not use the console lock if there are no boot consoles and no legacy consoles. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-28-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 5dde3b7354133846079fa51e55e74ef90a836759 Author: John Ogness Date: Tue Aug 20 08:35:52 2024 +0206 printk: nbcon: Add unsafe flushing on panic Add nbcon_atomic_flush_unsafe() to flush all nbcon consoles using the write_atomic() callback and allowing unsafe hostile takeovers. Call this at the end of panic() as a final attempt to flush any pending messages. Note that legacy consoles use unsafe methods for flushing from the beginning of panic (see bust_spinlocks()). Therefore, systems using both legacy and nbcon consoles may still fail to see panic messages due to unsafe legacy console usage. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-27-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit d2e85ca7a736d2d889bac9aef6ede0a67f6870b2 Author: John Ogness Date: Tue Aug 20 08:35:51 2024 +0206 printk: Flush nbcon consoles first on panic In console_flush_on_panic(), flush the nbcon consoles before flushing legacy consoles. The legacy write() callbacks are not fully safe when oops_in_progress is set. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-26-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 8ba77712a7501ca941603d6d5ed650cd0d42cafb Author: John Ogness Date: Tue Aug 20 08:35:50 2024 +0206 printk: nbcon: Flush new records on device_release() There may be new records that were added while a driver was holding the nbcon context for non-printing purposes. These new records must be flushed by the nbcon_device_release() context because no other context will do it. If boot consoles are registered, the legacy loop is used (either direct or per irq_work) to handle the flushing. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-25-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 70411bf8d22ab3d2f794f199d81d70b62d3a85fa Author: John Ogness Date: Tue Aug 20 08:35:49 2024 +0206 printk: Add is_printk_legacy_deferred() If printk has been explicitly deferred or is called from NMI context, legacy console printing must be deferred to an irq_work context. Introduce a helper function is_printk_legacy_deferred() for a CPU to query if it must defer legacy console printing. In follow-up commits this helper will be needed at other call sites as well. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-24-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit c158834b223fbfab3a14855ac203b8d9cddbbefd Author: John Ogness Date: Tue Aug 20 08:35:48 2024 +0206 printk: nbcon: Use nbcon consoles in console_flush_all() Allow nbcon consoles to print messages in the legacy printk() caller context (printing via unlock) by integrating them into console_flush_all(). The write_atomic() callback is used for printing. Provide nbcon_legacy_emit_next_record(), which acts as the nbcon variant of console_emit_next_record(). Call this variant within console_flush_all() for nbcon consoles. Since nbcon consoles use their own @nbcon_seq variable to track the next record to print, this also must be appropriately handled in console_flush_all(). Note that the legacy printing logic uses @handover to detect handovers for printing all consoles. For nbcon consoles, handovers/takeovers occur on a per-console basis and thus do not cause the console_flush_all() loop to abort. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-23-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 97ea9bccfcbe4c97f127e736823cc8d984d781bf Author: John Ogness Date: Tue Aug 20 08:35:47 2024 +0206 printk: Track registered boot consoles Unfortunately it is not known if a boot console and a regular (legacy or nbcon) console use the same hardware. For this reason they must not be allowed to print simultaneously. For legacy consoles this is not an issue because they are already synchronized with the boot consoles using the console lock. However nbcon consoles can be triggered separately. Add a global flag @have_boot_console to identify if any boot consoles are registered. This will be used in follow-up commits to ensure that boot consoles and nbcon consoles cannot print simultaneously. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-22-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit d3a9f82ec5c095d6eb1eb94ecaa494470b4cef70 Author: Thomas Gleixner Date: Tue Aug 20 08:35:46 2024 +0206 printk: nbcon: Provide function to flush using write_atomic() Provide nbcon_atomic_flush_pending() to perform flushing of all registered nbcon consoles using their write_atomic() callback. Unlike console_flush_all(), nbcon_atomic_flush_pending() will only flush up through the newest record at the time of the call. This prevents a CPU from printing unbounded when other CPUs are adding records. If new records are added while flushing, it is expected that the dedicated printer threads will print those records. If the printer thread is not available (which is always the case at this point in the rework), nbcon_atomic_flush_pending() _will_ flush all records in the ringbuffer. Unlike console_flush_all(), nbcon_atomic_flush_pending() will fully flush one console before flushing the next. This helps to guarantee that a block of pending records (such as a stack trace in an emergency situation) can be printed atomically at once before releasing console ownership. nbcon_atomic_flush_pending() is safe in any context because it uses write_atomic() and acquires with unsafe_takeover disabled. Co-developed-by: John Ogness Signed-off-by: John Ogness Signed-off-by: Thomas Gleixner (Intel) Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-21-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 06683a6649895ccf279c35ca2fb77fd7afb7a6c5 Author: John Ogness Date: Tue Aug 20 08:35:45 2024 +0206 printk: nbcon: Add helper to assign priority based on CPU state Add a helper function to use the current state of the CPU to determine which priority to assign to the printing context. The EMERGENCY priority handling is added in a follow-up commit. It will use a per-CPU variable. Note: nbcon_device_try_acquire(), which is used by console drivers to acquire the nbcon console for non-printing activities, is hard-coded to always use NORMAL priority. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-20-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit fc400d5f63570afdadd718ae962cf5aa0feeace6 Author: John Ogness Date: Tue Aug 20 08:35:44 2024 +0206 printk: Add @flags argument for console_is_usable() The caller of console_is_usable() usually needs @console->flags for its own checks. Rather than having console_is_usable() read its own copy, make the caller pass in the @flags. This also ensures that the caller saw the same @flags value. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-19-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 20846d1ce2adacd2b1f8672e24d6acb26b2e757b Author: John Ogness Date: Tue Aug 20 08:35:43 2024 +0206 printk: Let console_is_usable() handle nbcon The nbcon consoles use a different printing callback. For nbcon consoles, check for the write_atomic() callback instead of write(). Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-18-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 864c25c83d834bdf2cb5a24c768d37236b418410 Author: John Ogness Date: Tue Aug 20 08:35:42 2024 +0206 printk: Make console_is_usable() available to nbcon.c Move console_is_usable() as-is into internal.h so that it can be used by nbcon printing functions as well. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-17-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 1c17ebb7907a809a92f978995c27a53ead2526ee Author: John Ogness Date: Tue Aug 20 08:35:41 2024 +0206 printk: nbcon: Do not rely on proxy headers The headers kernel.h, serial_core.h, and console.h allow for the definitions of many types and functions from other headers. Rather than relying on these as proxy headers, explicitly include all headers providing needed definitions. Also sort the list alphabetically to be able to easily detect duplicates. Suggested-by: Andy Shevchenko Signed-off-by: John Ogness Reviewed-by: Andy Shevchenko Acked-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-16-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 4126f149c48b2ae757d11ea24675f7071ab22ebf Author: John Ogness Date: Tue Aug 20 08:35:40 2024 +0206 serial: core: Acquire nbcon context in port->lock wrapper Currently the port->lock wrappers uart_port_lock(), uart_port_unlock() (and their variants) only lock/unlock the spin_lock. If the port is an nbcon console that has implemented the write_atomic() callback, the wrappers must also acquire/release the console context and mark the region as unsafe. This allows general port->lock synchronization to be synchronized against the nbcon write_atomic() callback. Note that __uart_port_using_nbcon() relies on the port->lock being held while a console is added and removed from the console list (i.e. all uart nbcon drivers *must* take the port->lock in their device_lock() callbacks). Signed-off-by: John Ogness Acked-by: Greg Kroah-Hartman Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-15-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit adf6f37d142e14896115929f3892bbc0a86e25bf Author: John Ogness Date: Tue Aug 20 08:35:39 2024 +0206 nbcon: Add API to acquire context for non-printing operations Provide functions nbcon_device_try_acquire() and nbcon_device_release() which will try to acquire the nbcon console ownership with NBCON_PRIO_NORMAL and mark it unsafe for handover/takeover. These functions are to be used together with the device-specific locking when performing non-printing activities on the console device. They will allow synchronization against the atomic_write() callback which will be serialized, for higher priority contexts, only by acquiring the console context ownership. Pitfalls: The API requires to be called in a context with migration disabled because it uses per-CPU variables internally. The context is set unsafe for a takeover all the time. It guarantees full serialization against any atomic_write() caller except for the final flush in panic() which might try an unsafe takeover. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-14-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit dc219d8d858d95549543aa7a41b6e64a0da9e406 Author: John Ogness Date: Tue Aug 20 08:35:38 2024 +0206 console: Improve console_srcu_read_flags() comments It was not clear when exactly console_srcu_read_flags() must be used vs. directly reading @console->flags. Refactor and clarify that console_srcu_read_flags() is only needed if the console is registered or the caller is in a context where the registration status of the console may change (due to another context). The function requires the caller holds @console_srcu, which will ensure that the caller sees an appropriate @flags value for the registered console and that exit/cleanup routines will not run if the console is in the process of unregistration. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-13-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit eabd4600dafacf9895184259373f2445ff748654 Author: John Ogness Date: Tue Aug 20 08:35:37 2024 +0206 serial: core: Introduce wrapper to set @uart_port->cons Introduce uart_port_set_cons() as a wrapper to set @cons of a uart_port. The wrapper sets @cons under the port lock in order to prevent @cons from disappearing while another context is holding the port lock. This is necessary for a follow-up commit relating to the port lock wrappers, which rely on @cons not changing between lock and unlock. Signed-off-by: John Ogness Tested-by: Théo Lebrun # EyeQ5, AMBA-PL011 Acked-by: Greg Kroah-Hartman Reviewed-by: Petr Mladek Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20240820063001.36405-12-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 77e73c0687f5bc884fa1b0cb97aca912bcc01957 Author: John Ogness Date: Tue Aug 20 08:35:36 2024 +0206 serial: core: Provide low-level functions to lock port It will be necessary at times for the uart nbcon console drivers to acquire the port lock directly (without the additional nbcon functionality of the port lock wrappers). These are special cases such as the implementation of the device_lock()/device_unlock() callbacks or for internal port lock wrapper synchronization. Provide low-level variants __uart_port_lock_irqsave() and __uart_port_unlock_irqrestore() for this purpose. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Acked-by: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240820063001.36405-11-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit e55c3bcf380c7593d768f31994eff63935081d06 Author: John Ogness Date: Tue Aug 20 08:35:35 2024 +0206 printk: nbcon: Use driver synchronization while (un)registering Console drivers typically have to deal with access to the hardware via user input/output (such as an interactive login shell) and output of kernel messages via printk() calls. They use some classic driver-specific locking mechanism in most situations. But console->write_atomic() callbacks, used by nbcon consoles, are synchronized only by acquiring the console context. The synchronization via the console context ownership is possible only when the console driver is registered. It is when a particular device driver is connected with a particular console driver. The two synchronization mechanisms must be synchronized between each other. It is tricky because the console context ownership is quite special. It might be taken over by a higher priority context. Also CPU migration must be disabled. The most tricky part is to (dis)connect these two mechanisms during the console (un)registration. Use the driver-specific locking callbacks: device_lock(), device_unlock(). They allow taking the device-specific lock while the device is being (un)registered by the related console driver. For example, these callbacks lock/unlock the port lock for serial port drivers. Note that the driver-specific locking is only needed during (un)register if it is an nbcon console with the write_atomic() callback implemented. If write_atomic() is not implemented, the driver should never attempt to access the hardware without first acquiring its driver-specific lock. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-10-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 7a16a771890746b4060333d665ebe674945a3cfa Author: John Ogness Date: Tue Aug 20 08:35:34 2024 +0206 printk: nbcon: Add callbacks to synchronize with driver Console drivers typically must deal with access to the hardware via user input/output (such as an interactive login shell) and output of kernel messages via printk() calls. To provide the necessary synchronization, usually some driver-specific locking mechanism is used (for example, the port spinlock for uart serial consoles). Until now, usage of this driver-specific locking has been hidden from the printk-subsystem and implemented within the various console callbacks. However, nbcon consoles would need to use it even in the generic code. Add device_lock() and device_unlock() callback which will need to get implemented by nbcon consoles. The callbacks will use whatever synchronization mechanism the driver is using for itself. The minimum requirement is to prevent CPU migration. It would allow a context friendly acquiring of nbcon console ownership in non-emergency and non-panic context. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-9-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 7d56936c1e5208b5eeea2a9a2f70e85248f6da49 Author: John Ogness Date: Tue Aug 20 08:35:33 2024 +0206 printk: nbcon: Add detailed doc for write_atomic() The write_atomic() callback has special requirements and is allowed to use special helper functions. Provide detailed documentation of the callback so that a developer has a chance of implementing it correctly. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-8-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit b7049d88c1763d5f133b0e93e39da8e89a9f944b Author: John Ogness Date: Tue Aug 20 08:35:32 2024 +0206 printk: nbcon: Remove return value for write_atomic() The return value of write_atomic() does not provide any useful information. On the contrary, it makes things more complicated for the caller to appropriately deal with the information. Change write_atomic() to not have a return value. If the message did not get printed due to loss of ownership, the caller will notice this on its own. If ownership was not lost, it will be assumed that the driver successfully printed the message and the sequence number for that console will be incremented. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-7-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 8c9dab2c55ad74680728c72949971b20d70b56ca Author: John Ogness Date: Tue Aug 20 08:35:31 2024 +0206 printk: nbcon: Clarify rules of the owner/waiter matching The functions nbcon_owner_matches() and nbcon_waiter_matches() use a minimal set of data to determine if a context matches. The existing kerneldoc and comments were not clear enough and caused the printk folks to re-prove that the functions are indeed reliable in all cases. Update and expand the explanations so that it is clear that the implementations are sufficient for all cases. Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-6-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit 0e1d5731d3c1e2214249ef36dcd13ad51ad304cf Author: Sebastian Andrzej Siewior Date: Tue Aug 20 08:35:30 2024 +0206 printk: Check printk_deferred_enter()/_exit() usage Add validation that printk_deferred_enter()/_exit() are called in non-migration contexts. Signed-off-by: Sebastian Andrzej Siewior Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-5-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit d3ff380d47b6312d537c00829008528d1caad639 Author: Petr Mladek Date: Tue Aug 20 08:35:29 2024 +0206 printk: Properly deal with nbcon consoles on seq init If a non-boot console is registering and boot consoles exist, the consoles are flushed before being unregistered. This allows the non-boot console to continue where the boot console left off. If for whatever reason flushing fails, the lowest seq found from any of the enabled boot consoles is used. Until now con->seq was checked. However, if it is an nbcon boot console, the function nbcon_seq_read() must be used to read seq because con->seq is not updated for nbcon consoles. Check if it is an nbcon boot console and if so call nbcon_seq_read() to read seq. Also, avoid usage of con->seq as temporary storage of the starting record. Instead, rename console_init_seq() to get_init_console_seq() and just return the value. For nbcon consoles set the sequence via nbcon_seq_force(), for legacy consoles set con->seq. The cleaned design should make sure that the value stays and is set before the console is added to the console list. It also unifies the sequence number initialization for legacy and nbcon consoles. Reviewed-by: John Ogness Link: https://lore.kernel.org/r/20240820063001.36405-4-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit f37b105faef637cdaff334c0369b451410566ca0 Author: John Ogness Date: Tue Aug 20 08:35:28 2024 +0206 printk: nbcon: Consolidate alloc() and init() Rather than splitting the nbcon allocation and initialization into two pieces, perform all initialization in nbcon_alloc(). Later, the initial sequence is calculated and can be explicitly set using nbcon_seq_force(). This removes the need for the strong rules of nbcon_init() that even included a BUG_ON(). Signed-off-by: John Ogness Reviewed-by: Petr Mladek Link: https://lore.kernel.org/r/20240820063001.36405-3-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit eda25860bf6e71932311f1b5acdf8fc05cd84ff3 Author: John Ogness Date: Tue Aug 20 08:35:27 2024 +0206 printk: Add notation to console_srcu locking kernel/printk/printk.c:284:5: sparse: sparse: context imbalance in 'console_srcu_read_lock' - wrong count at exit include/linux/srcu.h:301:9: sparse: sparse: context imbalance in 'console_srcu_read_unlock' - unexpected unlock Fixes: 6c4afa79147e ("printk: Prepare for SRCU console list protection") Signed-off-by: John Ogness Reviewed-by: Petr Mladek Acked-by: Paul E. McKenney Link: https://lore.kernel.org/r/20240820063001.36405-2-john.ogness@linutronix.de Signed-off-by: Petr Mladek commit b41a9bf2c64eea119bb6cbef420345f547b9a677 Author: Fabio Estevam Date: Wed Aug 21 08:42:02 2024 -0300 gpio: pca953x: Print the error code on read/write failures Print the error code in the pca953x_write_regs() and pca953x_read_regs() functions to help debugging. Suggested-by: Russell King (Oracle) Signed-off-by: Fabio Estevam Link: https://lore.kernel.org/r/20240821114202.2072220-1-festevam@gmail.com Signed-off-by: Bartosz Golaszewski commit d785ed945de6955361aafc2d540d9bb7c6a69a65 Author: Jinjian Song Date: Sat Aug 17 16:33:55 2024 +0800 net: wwan: t7xx: PCIe reset rescan WWAN device is programmed to boot in normal mode or fastboot mode, when triggering a device reset through ACPI call or fastboot switch command. Maintain state machine synchronization and reprobe logic after a device reset. The PCIe device reset triggered by several ways. E.g.: - fastboot: echo "fastboot_switching" > /sys/bus/pci/devices/${bdf}/t7xx_mode. - reset: echo "reset" > /sys/bus/pci/devices/${bdf}/t7xx_mode. - IRQ: PCIe device request driver to reset itself by an interrupt request. Use pci_reset_function() as a generic way to reset device, save and restore the PCIe configuration before and after reset device to ensure the reprobe process. Suggestion from Bjorn: Link: https://lore.kernel.org/all/20230127133034.GA1364550@bhelgaas/ Signed-off-by: Jinjian Song Signed-off-by: David S. Miller commit 5e8431f722d95bf58276a3051240c1ebe3cc238d Author: Krzysztof Kozlowski Date: Fri Aug 16 12:54:37 2024 +0200 memory: ti-aemif: simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-memory-v2-13-9eed0ee16b78@linaro.org Signed-off-by: Krzysztof Kozlowski commit 82986f5cdd23756e7e0c4fa9e4f590f7516772e9 Author: Krzysztof Kozlowski Date: Fri Aug 16 12:54:35 2024 +0200 memory: ti-aemif: simplify with dev_err_probe() Use dev_err_probe() to avoid dmesg flood on actual defer. This makes the code also simpler. Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-memory-v2-11-9eed0ee16b78@linaro.org Signed-off-by: Krzysztof Kozlowski commit c7f67fec177484fd4f7836e832e66e77fa25700f Author: Krzysztof Kozlowski Date: Fri Aug 16 12:54:34 2024 +0200 memory: tegra30-emc: simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-memory-v2-10-9eed0ee16b78@linaro.org Signed-off-by: Krzysztof Kozlowski commit 818902cb74c377ade67ce933f3bbd8305615a459 Author: Krzysztof Kozlowski Date: Fri Aug 16 12:54:33 2024 +0200 memory: tegra20-emc: simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-memory-v2-9-9eed0ee16b78@linaro.org Signed-off-by: Krzysztof Kozlowski commit 2bc48f69717485e28ff9a300a928cc742ddd39b0 Author: Krzysztof Kozlowski Date: Fri Aug 16 12:54:32 2024 +0200 memory: tegra124-emc: simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-memory-v2-8-9eed0ee16b78@linaro.org Signed-off-by: Krzysztof Kozlowski commit 210059143b6f51819ecc9a00a15aeef80b45beee Author: Krzysztof Kozlowski Date: Fri Aug 16 12:54:31 2024 +0200 memory: tegra-mc: simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-memory-v2-7-9eed0ee16b78@linaro.org Signed-off-by: Krzysztof Kozlowski commit 4c1a381a9eb775f96eb64b1a63a4147fb265bb6f Author: Krzysztof Kozlowski Date: Fri Aug 16 12:54:30 2024 +0200 memory: stm32-fmc2-ebi: simplify with dev_err_probe() dev_err_probe() combines 'return' and error code printing, thus code is a bit simpler, even if it cannot actually defer. Suggested-by: Jonathan Cameron Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-memory-v2-6-9eed0ee16b78@linaro.org Signed-off-by: Krzysztof Kozlowski commit 48ec68281d40ee566c2f38d36357ee7d493000c8 Author: Krzysztof Kozlowski Date: Fri Aug 16 12:54:29 2024 +0200 memory: stm32-fmc2-ebi: simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-memory-v2-5-9eed0ee16b78@linaro.org Signed-off-by: Krzysztof Kozlowski commit e2cc3ddaec0218f227cc53e3f784144640cd1765 Author: Krzysztof Kozlowski Date: Fri Aug 16 12:54:28 2024 +0200 memory: samsung: exynos5422-dmc: use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-memory-v2-4-9eed0ee16b78@linaro.org Signed-off-by: Krzysztof Kozlowski commit 2af13f97fc67979701a240ebe397811491ad575c Author: Krzysztof Kozlowski Date: Fri Aug 16 12:54:27 2024 +0200 memory: samsung: exynos5422-dmc: simplify dmc->dev usage Store 'dmc->dev' in local 'dev' variable, to make several pieces of code using it shorter and easier to read. Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-memory-v2-3-9eed0ee16b78@linaro.org Signed-off-by: Krzysztof Kozlowski commit 50e40b71598cd19d59683c989bc5b89140e70d28 Author: Krzysztof Kozlowski Date: Fri Aug 16 12:54:26 2024 +0200 memory: atmel-ebi: simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-memory-v2-2-9eed0ee16b78@linaro.org Signed-off-by: Krzysztof Kozlowski commit d47d52554d0233120ee74ab874cea979147f00e3 Author: Krzysztof Kozlowski Date: Fri Aug 16 12:54:25 2024 +0200 memory: atmel-ebi: use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816-cleanup-h-of-node-put-memory-v2-1-9eed0ee16b78@linaro.org Signed-off-by: Krzysztof Kozlowski commit eba8a7b05e21ab1baa0394eb7e915312303492fe Author: Krzysztof Kozlowski Date: Sun Aug 18 19:29:30 2024 +0200 dt-bindings: memory-controllers: renesas,rpc-if: add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clocks. Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240818172930.121898-1-krzysztof.kozlowski@linaro.org Signed-off-by: Krzysztof Kozlowski commit 011a9de99793c3a2ee612ff3e0ce293dcbea6df0 Author: David Virag Date: Fri Aug 16 19:50:32 2024 +0200 clk: samsung: exynos7885: Add USB related clocks to CMU_FSYS Exynos7885 SoC has a DWC3 USB Controller with Exynos USB PHY which in theory supports USB3 SuperSpeed, but is only used as USB2 in all known devices. These clocks are needed for everything related to USB. While at it, also remove the CLK_SET_RATE_PARENT capability of CLK_MOUT_FSYS_USB30DRD_USER, since it's not actually needed. Signed-off-by: David Virag Link: https://lore.kernel.org/r/20240816175034.769628-3-virag.david003@gmail.com Signed-off-by: Krzysztof Kozlowski commit 4e39e5b84361924006f4d7cf81e049a2793079a6 Author: David Virag Date: Fri Aug 16 19:50:31 2024 +0200 clk: samsung: clk-pll: Add support for pll_1418x pll1418x is used in Exynos7885 SoC for USB PHY clock. Operation-wise it is very similar to pll0822x, except that MDIV is only 9 bits wide instead of 10, and we use the CON1 register in the PLL macro's "con" parameter instead of CON3 like this: PLL(pll_1418x, CLK_FOUT_USB_PLL, "fout_usb_pll", "oscclk", PLL_LOCKTIME_PLL_USB, PLL_CON0_PLL_USB, pll_usb_rate_table), Technically the PLL should work fine with pll0822x code if the PLL tables are correct, but it's more "correct" to actually update the mask. Signed-off-by: David Virag Link: https://lore.kernel.org/r/20240816175034.769628-2-virag.david003@gmail.com Signed-off-by: Krzysztof Kozlowski commit f3631ae11d4694e2befff9dd10dab8cd56033f6c Author: Zhang Zekun Date: Mon Aug 12 19:53:09 2024 +0800 dm: Remove unused declaration and empty definition "dm_zone_map_bio" dm_zone_map_bio() has beed removed since commit f211268ed1f9 ("dm: Use the block layer zone append emulation"), remain the declaration unused in header files. So, let's remove this unused declaration and empty definition. Signed-off-by: Zhang Zekun Reviewed-by: Damien Le Moal Signed-off-by: Mikulas Patocka commit 5d3691a8266e77fd2d695064532d0926af974331 Author: Heinz Mauelshagen Date: Thu Aug 8 13:50:36 2024 +0200 dm delay: enhance kernel documentation This commit improves documentation of the dm-delay target. Signed-off-by: Heinz Mauelshagen Signed-off-by: Mikulas Patocka commit 013f510d1fce563f37f420bf231b065885a16f21 Author: Yue Haibing Date: Thu Aug 1 21:31:21 2024 +0800 dm: Remove unused declaration dm_get_rq_mapinfo() Commit ae6ad75e5c3c ("dm: remove unused dm_get_rq_mapinfo()") removed the implementation but leave declaration. Signed-off-by: Yue Haibing Reviewed-by: Damien Le Moal Signed-off-by: Mikulas Patocka commit 448c4e4eb1901543259c038ed08266c250f5b079 Author: Susan LeGendre-McGhee Date: Tue Jul 30 17:18:07 2024 -0400 dm vdo: force read-only mode for a corrupt recovery journal Ensure the recovery journal does not attempt recovery when blocks with mismatched metadata versions are detected. This check is performed after determining that the blocks are otherwise valid so that it does not interfere with normal recovery. Signed-off-by: Susan LeGendre-McGhee Signed-off-by: Matthew Sakai Signed-off-by: Mikulas Patocka commit f3ff668352c59db2c0ab47f2e86488a70694ed57 Author: Susan LeGendre-McGhee Date: Fri Jul 19 17:52:32 2024 -0400 dm vdo: abort loading dirty VDO with the old recovery journal format Abort the load process with status code VDO_UNSUPPORTED_VERSION without forcing read-only mode when a journal block with the old format version is detected. Forcing the VDO volume into read-only mode and thus requiring a read-only rebuild should only be done when absolutely necessary. Signed-off-by: Susan LeGendre-McGhee Signed-off-by: Matthew Sakai Signed-off-by: Mikulas Patocka commit 47874c98dc0873aad65259d09f9b9029e97429e3 Author: Bruce Johnston Date: Thu Jul 18 14:02:38 2024 -0400 dm vdo: add dmsetup message for returning configuration info Add a new dmsetup message called config, which will return useful configuration information for the vdo volume and the uds index associated with it. The output is a YAML string, and contains a version number to allow future additions to the content. Signed-off-by: Bruce Johnston Signed-off-by: Matthew Sakai Signed-off-by: Mikulas Patocka commit 3a59b2ec2400017f7fcc5d794802ebc7f4187d22 Author: Ken Raeburn Date: Tue Aug 6 05:13:19 2024 -0400 dm vdo: remove bad check of bi_next field Remove this check to prevent spurious warning messages due to the behavior of other storage layers. This check was intended to make sure dm-vdo does not chain metadata bios together. However, vdo has no control over underlying storage layers, so the assertion is not always true. Signed-off-by: Ken Raeburn Signed-off-by: Matthew Sakai Signed-off-by: Mikulas Patocka commit 0808ebf2f80b962e75741a41ced372a7116f1e26 Author: Ken Raeburn Date: Fri Jul 26 15:08:53 2024 -0400 dm vdo: don't refer to dedupe_context after releasing it Clear the dedupe_context pointer in a data_vio whenever ownership of the context is lost, so that vdo can't examine it accidentally. Signed-off-by: Ken Raeburn Signed-off-by: Matthew Sakai Signed-off-by: Mikulas Patocka commit 95f6580352a7225e619551febb83595bcb77ab17 Author: Dan Carpenter Date: Tue Aug 20 11:41:34 2024 +0300 powercap: intel_rapl: Fix off by one in get_rpi() The rp->priv->rpi array is either rpi_msr or rpi_tpmi which have NR_RAPL_PRIMITIVES number of elements. Thus the > needs to be >= to prevent an off by one access. Fixes: 98ff639a7289 ("powercap: intel_rapl: Support per Interface primitive information") Signed-off-by: Dan Carpenter Acked-by: Zhang Rui Link: https://patch.msgid.link/86e3a059-504d-4795-a5ea-4a653f3b41f8@stanley.mountain Signed-off-by: Rafael J. Wysocki commit a8efd8ce280996fe29f2564f705e96e18da3fa62 Author: Jouni Högander Date: Mon Aug 19 12:25:49 2024 +0300 drm/i915/psr: Prevent Panel Replay if CRC calculation is enabled Similarly as for PSR2 CRC calculation seems to timeout when Panel Replay is enabled. Fix this by falling back to PSR if CRC calculation is enabled. Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2266 Signed-off-by: Jouni Högander Reviewed-by: Mika Kahola Link: https://patchwork.freedesktop.org/patch/msgid/20240819092549.1298233-1-jouni.hogander@intel.com commit 2a4727e6a8bd1d2b8ae7abf95061eda0457c4d79 Author: Andy Shevchenko Date: Tue Aug 20 23:08:58 2024 +0300 gpio: virtuser: Use GPIO_LOOKUP_IDX() macro Use GPIO_LOOKUP_IDX() macro which provides a compound literal and can be used with dynamic data. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240820200858.3659995-1-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit b7d47339d00d89af559a7068f4a640fc828177ad Author: Benjamin Gray Date: Wed May 15 12:44:45 2024 +1000 powerpc/code-patching: Add boot selftest for data patching Extend the code patching selftests with some basic coverage of the new data patching variants too. Signed-off-by: Benjamin Gray Reviewed-by: Hari Bathini Signed-off-by: Michael Ellerman Link: https://msgid.link/20240515024445.236364-6-bgray@linux.ibm.com commit 5799cd765fea93e643d81dbdae76a9c34e06dd18 Author: Benjamin Gray Date: Wed May 15 12:44:44 2024 +1000 powerpc/32: Convert patch_instruction() to patch_uint() These changes are for patch_instruction() uses on data. Unlike ppc64 these should not be incorrect as-is, but using the patch_uint() alias better reflects what kind of data being patched and allows for benchmarking the effect of different patch_* implementations (e.g., skipping instruction flushing when patching data). Signed-off-by: Benjamin Gray Tested-by: Hari Bathini Acked-by: Naveen N Rao Signed-off-by: Michael Ellerman Link: https://msgid.link/20240515024445.236364-5-bgray@linux.ibm.com commit 90d4fed5b273155c378b1d37595f2209f0a92bed Author: Benjamin Gray Date: Wed May 15 12:44:43 2024 +1000 powerpc/64: Convert patch_instruction() to patch_u32() This use of patch_instruction() is working on 32 bit data, and can fail if the data looks like a prefixed instruction and the extra write crosses a page boundary. Use patch_u32() to fix the write size. Fixes: 8734b41b3efe ("powerpc/module_64: Fix livepatching for RO modules") Link: https://lore.kernel.org/all/20230203004649.1f59dbd4@yea/ Signed-off-by: Benjamin Gray Tested-by: Hari Bathini Acked-by: Naveen N Rao Signed-off-by: Michael Ellerman Link: https://msgid.link/20240515024445.236364-4-bgray@linux.ibm.com commit dbf828aab466c6534711d1f1454c409ea68d18d0 Author: Benjamin Gray Date: Wed May 15 12:44:42 2024 +1000 powerpc/code-patching: Add data patch alignment check The new data patching still needs to be aligned within a cacheline too for the flushes to work correctly. To simplify this requirement, we just say data patches must be aligned. Detect when data patching is not aligned, returning an invalid argument error. Signed-off-by: Benjamin Gray Reviewed-by: Hari Bathini Acked-by: Naveen N Rao Signed-off-by: Michael Ellerman Link: https://msgid.link/20240515024445.236364-3-bgray@linux.ibm.com commit e6b8940e7e80cdfe98ba8493214922998920dd9c Author: Benjamin Gray Date: Wed May 15 12:44:41 2024 +1000 powerpc/code-patching: Add generic memory patching patch_instruction() is designed for patching instructions in otherwise readonly memory. Other consumers also sometimes need to patch readonly memory, so have abused patch_instruction() for arbitrary data patches. This is a problem on ppc64 as patch_instruction() decides on the patch width using the 'instruction' opcode to see if it's a prefixed instruction. Data that triggers this can lead to larger writes, possibly crossing a page boundary and failing the write altogether. Introduce patch_uint(), and patch_ulong(), with aliases patch_u32(), and patch_u64() (on ppc64) designed for aligned data patches. The patch size is now determined by the called function, and is passed as an additional parameter to generic internals. While the instruction flushing is not required for data patches, it remains unconditional in this patch. A followup series is possible if benchmarking shows fewer flushes gives an improvement in some data-patching workload. ppc32 does not support prefixed instructions, so is unaffected by the original issue. Care is taken in not exposing the size parameter in the public (non-static) interface, so the compiler can const-propagate it away. Signed-off-by: Benjamin Gray Reviewed-by: Hari Bathini Signed-off-by: Michael Ellerman Link: https://msgid.link/20240515024445.236364-2-bgray@linux.ibm.com commit a540ad3e386f8f84bc6d600b93792a50861a81ef Author: Christophe Leroy Date: Wed Aug 21 08:47:51 2024 +0200 powerpc: Remove unused LHZX_BE macro LHZX_BE has been unused since commit dbf44daf7c88 ("bpf, ppc64: remove ld_abs/ld_ind") Remove it. Signed-off-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/fd332b01c47bb9cb6c3af1696a2e109be655f5b5.1724222856.git.christophe.leroy@csgroup.eu commit f15e5587448989a55cf8b4feaad0df72ca3aa6a0 Author: Jani Nikula Date: Tue Aug 20 12:07:02 2024 +0300 drm/xe/display: drop unused rawclk_freq and RUNTIME_INFO() With rawclk_freq moved to display runtime info, xe has no users left for them. Reviewed-by: Ville Syrjälä Reviewed-by: Maarten Lankhorst Link: https://patchwork.freedesktop.org/patch/msgid/9f09274bddc14f555c0102f37af6df23b4433102.1724144570.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit a9556637a23311dea96f27fa3c3e5bfba0b38ae4 Author: Jani Nikula Date: Tue Aug 20 12:07:01 2024 +0300 drm/i915: move rawclk from runtime to display runtime info It's mostly about display, so move it under display. This should also fix rawclk freq initialization in the xe driver. v2: Change the init location Link: https://lore.kernel.org/r/20240819133138.147511-2-maarten.lankhorst@linux.intel.com Cc: Maarten Lankhorst Cc: Ville Syrjälä Reviewed-by: Maarten Lankhorst Link: https://patchwork.freedesktop.org/patch/msgid/39330d09c48509e013f01fd0247a9b7c291173e2.1724144570.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit c049acee3c71cfc26c739f82617a84e13e471a45 Author: Steven Rostedt (Google) Date: Wed May 15 01:36:20 2024 -0400 selftests/ftrace: Fix test to handle both old and new kernels The function "scheduler_tick" was renamed to "sched_tick" and a selftest that used that function for testing function trace filtering used that function as part of the test. But the change causes it to fail when run on older kernels. As tests should not fail on older kernels, add a check to see which name is available before testing. Fixes: 86dd6c04ef9f ("sched/balancing: Rename scheduler_tick() => sched_tick()") Signed-off-by: Steven Rostedt (Google) Signed-off-by: Shuah Khan commit 99338cc1e47187c3efdd39cda2a31500d0f2305d Author: Piotr Zalewski Date: Mon Aug 19 17:58:34 2024 +0000 kselftest: timers: Fix const correctness Make timespec pointers, pointers to const in checklist function. As a consequence, make list parameter in checklist function pointer to const as well. Const-correctness increases readability. Improvement was found by running cppcheck tool on the patched file as follows: ``` cppcheck --enable=all \ tools/testing/selftests/timers/threadtest.c \ --suppress=missingIncludeSystem \ --suppress=unusedFunction ``` Reviewed-by: Shuah Khan Signed-off-by: Piotr Zalewski Acked-by: John Stultz Signed-off-by: Shuah Khan commit 5071010ac3aa32a1b0f0b4c14d3ea6b217ba21ba Author: Kemeng Shi Date: Thu Jun 6 20:55:08 2024 +0800 ext4: correct comment of h_checksum Checksum of xattr block is always crc32c(uuid+blknum+xattrblock), see ext4_xattr_block_csum_set for detail. Remove incorrect comment that "id = inum if refcount=1". Signed-off-by: Kemeng Shi Link: https://patch.msgid.link/20240606125508.1459893-4-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit 4b14737ce90424179d615cd35f04453f398f8324 Author: Kemeng Shi Date: Thu Jun 6 20:55:07 2024 +0800 ext4: correct comment of ext4_xattr_block_cache_insert There is no return value from ext4_xattr_block_cache_insert, just correct it's comment about return value. Signed-off-by: Kemeng Shi Link: https://patch.msgid.link/20240606125508.1459893-3-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit 6ceeb2d8fdb19a1b6bb9cc48302e682fb380043b Author: Kemeng Shi Date: Thu Jun 6 20:55:06 2024 +0800 ext4: correct comment of ext4_xattr_cmp The ext4_xattr_cmp never returns negative error number. Correct possible return value in ext4_xattr_cmp's comment. Signed-off-by: Kemeng Shi Link: https://patch.msgid.link/20240606125508.1459893-2-shikemeng@huaweicloud.com Signed-off-by: Theodore Ts'o commit 88c511dea151b931ba4873119b1b3555aac0ce53 Author: Alex Deucher Date: Tue Aug 20 10:35:49 2024 -0400 drm/amd/gfx11: move the gfx mutex into the caller Otherwise we can fail to drop the software mutex when we fail to take the hardware mutex. Fixes: 76acba7b7f12 ("drm/amdgpu/gfx11: add a mutex for the gfx semaphore") Reported-by: Dan Carpenter Reviewed-by: Dan Carpenter Signed-off-by: Alex Deucher commit 186fb12e7a7b038c2710ceb2fb74068f1b5d55a4 Author: Tim Huang Date: Wed Aug 7 17:15:12 2024 +0800 drm/amd/pm: ensure the fw_info is not null before using it This resolves the dereference null return value warning reported by Coverity. Signed-off-by: Tim Huang Reviewed-by: Jesse Zhang Signed-off-by: Alex Deucher commit bf2bc61638033d118c9ef4ab1204295ba6694401 Author: Victor Zhao Date: Mon Aug 19 11:16:13 2024 +0800 drm/amd/amdgpu: allow use kiq to do hdp flush under sriov when use cpu to do page table update under sriov runtime, since mmio access is blocked, kiq has to be used to flush hdp. change WREG32_NO_KIQ to WREG32 to allow kiq. Signed-off-by: Victor Zhao Reviewed-by: Emily Deng Signed-off-by: Alex Deucher commit c69b07f7bbc905022491c45097923d3487479529 Author: Alex Deucher Date: Mon Aug 19 11:14:29 2024 -0400 drm/amdgpu: fix eGPU hotplug regression The driver needs to wait for the on board firmware to finish its initialization before probing the card. Commit 959056982a9b ("drm/amdgpu: Fix discovery initialization failure during pci rescan") switched from using msleep() to using usleep_range() which seems to have caused init failures on some navi1x boards. Switch back to msleep(). Fixes: 959056982a9b ("drm/amdgpu: Fix discovery initialization failure during pci rescan") Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3559 Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3500 Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher Cc: Ma Jun commit e389eefe34cebc6219dbe76a923b342b2f31e3ba Author: Martin Leung Date: Mon Aug 12 00:55:56 2024 -0400 drm/amd/display: Promote DC to 3.2.297 - Various DML 2.1 fixes - Fix module unload - Fix construct_phy with MXM connector - Support UHBR10 link rate on eDP - Revert updated DCCG wrappers Reviewed-by: Roman Li Signed-off-by: Martin Leung Signed-off-by: Roman Li Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit d07722e1fc749fbd78992650b6d00c9a2619be70 Author: Austin Zheng Date: Thu Aug 15 18:45:23 2024 -0400 drm/amd/display: DML2.1 Reintegration for Various Fixes [Why and How] DML2.1 reintegration for several fixes and updates to the DML code. Reviewed-by: Dillon Varone Signed-off-by: Austin Zheng Signed-off-by: Roman Li Signed-off-by: Alex Deucher commit 20b5a8f9f4670a8503aa9fa95ca632e77c6bf55d Author: Tim Huang Date: Thu Aug 15 18:45:22 2024 -0400 drm/amd/display: fix double free issue during amdgpu module unload Flexible endpoints use DIGs from available inflexible endpoints, so only the encoders of inflexible links need to be freed. Otherwise, a double free issue may occur when unloading the amdgpu module. [ 279.190523] RIP: 0010:__slab_free+0x152/0x2f0 [ 279.190577] Call Trace: [ 279.190580] [ 279.190582] ? show_regs+0x69/0x80 [ 279.190590] ? die+0x3b/0x90 [ 279.190595] ? do_trap+0xc8/0xe0 [ 279.190601] ? do_error_trap+0x73/0xa0 [ 279.190605] ? __slab_free+0x152/0x2f0 [ 279.190609] ? exc_invalid_op+0x56/0x70 [ 279.190616] ? __slab_free+0x152/0x2f0 [ 279.190642] ? asm_exc_invalid_op+0x1f/0x30 [ 279.190648] ? dcn10_link_encoder_destroy+0x19/0x30 [amdgpu] [ 279.191096] ? __slab_free+0x152/0x2f0 [ 279.191102] ? dcn10_link_encoder_destroy+0x19/0x30 [amdgpu] [ 279.191469] kfree+0x260/0x2b0 [ 279.191474] dcn10_link_encoder_destroy+0x19/0x30 [amdgpu] [ 279.191821] link_destroy+0xd7/0x130 [amdgpu] [ 279.192248] dc_destruct+0x90/0x270 [amdgpu] [ 279.192666] dc_destroy+0x19/0x40 [amdgpu] [ 279.193020] amdgpu_dm_fini+0x16e/0x200 [amdgpu] [ 279.193432] dm_hw_fini+0x26/0x40 [amdgpu] [ 279.193795] amdgpu_device_fini_hw+0x24c/0x400 [amdgpu] [ 279.194108] amdgpu_driver_unload_kms+0x4f/0x70 [amdgpu] [ 279.194436] amdgpu_pci_remove+0x40/0x80 [amdgpu] [ 279.194632] pci_device_remove+0x3a/0xa0 [ 279.194638] device_remove+0x40/0x70 [ 279.194642] device_release_driver_internal+0x1ad/0x210 [ 279.194647] driver_detach+0x4e/0xa0 [ 279.194650] bus_remove_driver+0x6f/0xf0 [ 279.194653] driver_unregister+0x33/0x60 [ 279.194657] pci_unregister_driver+0x44/0x90 [ 279.194662] amdgpu_exit+0x19/0x1f0 [amdgpu] [ 279.194939] __do_sys_delete_module.isra.0+0x198/0x2f0 [ 279.194946] __x64_sys_delete_module+0x16/0x20 [ 279.194950] do_syscall_64+0x58/0x120 [ 279.194954] entry_SYSCALL_64_after_hwframe+0x6e/0x76 [ 279.194980] Reviewed-by: Rodrigo Siqueira Signed-off-by: Tim Huang Reviewed-by: Roman Li Signed-off-by: Roman Li Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 2344413205521775d3b1d418e5659e3ae3bc263f Author: Nicholas Susanto Date: Thu Aug 15 18:45:21 2024 -0400 drm/amd/display: DCN35 set min dispclk to 50Mhz [Why] Causes hard hangs when resuming after display off on extended/duplicate modes [How] Set the min dispclk to 50Mhz for DCN35 Reviewed-by: Nicholas Kazlauskas Signed-off-by: Nicholas Susanto Signed-off-by: Roman Li Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit ec9e2e7acc6dabb8f00c2c60785931310caaa883 Author: Ilya Bakoulin Date: Thu Aug 15 18:45:20 2024 -0400 drm/amd/display: Fix construct_phy with MXM connector [Why/How] The call to construct_phy will fail in cases where connector type is MXM, and the dc_link won't be properly created/initialized. Reviewed-by: Wenjing Liu Signed-off-by: Ilya Bakoulin Signed-off-by: Roman Li Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit f327189389785b26e49904a7d3ba0c96506a4586 Author: Sung Joon Kim Date: Thu Aug 15 18:45:19 2024 -0400 drm/amd/display: Support UHBR10 link rate on eDP [why] Supporting UHBR10 link rate on eDP leverages the existing DP2.0 code but need to add some small adjustments in code. [how] Acknowledge the given DPCD caps for UHBR10 link rate support and allow DP2.0 programming sequence and link training for eDP. Reviewed-by: Wenjing Liu Signed-off-by: Sung Joon Kim Signed-off-by: Roman Li Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 272e6aab14bbf98d7a06b2b1cd6308a02d4a10a1 Author: Nevenko Stupar Date: Thu Aug 15 18:45:18 2024 -0400 drm/amd/display: Hardware cursor changes color when switched to software cursor [Why & How] DCN4 Cursor has separate degamma block and should always do Cursor degamma for Cursor color modes. Reviewed-by: Chris Park Signed-off-by: Nevenko Stupar Signed-off-by: Roman Li Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 4e9e50b6aeda3e3ce727453c5455cf08c68dac8b Author: Michael Strauss Date: Thu Aug 15 18:45:17 2024 -0400 drm/amd/display: Allow UHBR Interop With eDP Supported Link Rates Table [WHY] eDP 2.0 is introducing support for UHBR link rates, however current eDP ILR link optimization does not account for UHBR capabilities. Either UHBR capabilities will be provided via the same 128b/132b rate DPCD caps that are currently used on DP2.1, or Table 4-13 may be updated to include UHBR rates. [HOW] Add extra Supported Link Rates table translations for UHBR10/13.5/20. Update eDP link setting optimization search to be aware of 128b/132b DPCD rate caps in order to unblock UHBR on panels with Supported Link Rates table. Reviewed-by: Wenjing Liu Signed-off-by: Michael Strauss Signed-off-by: Roman Li Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 7c9cb6d1bf122fdac6a7d51f7dd8cc2d8c94b452 Author: Nicholas Susanto Date: Thu Aug 15 18:45:16 2024 -0400 drm/amd/display: Remove redundant check in DCN35 hwseq Removing redundant condition. Reviewed-by: Hansen Dsouza Signed-off-by: Nicholas Susanto Signed-off-by: Roman Li Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 8783a18409b48455b3a63f0cd930c7c88beee93d Author: Aurabindo Pillai Date: Thu Aug 15 18:45:15 2024 -0400 drm/amd/display: remove an extraneous call for checking dchub clock when removing the amdgpu module and reinserting it, a call trace is triggered: [ 334.230602] RIP: 0010:hubbub2_get_dchub_ref_freq+0xbb/0xe0 [amdgpu] [ 334.230807] Code: 25 28 00 00 00 75 3c 48 8d 65 f0 5b 41 5c 5d 31 c0 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 45 31 d2 45 31 db e9 55 a1 ca de <0f> 0b eb c6 0f 0b eb c2 d1 eb 8d 83 c0 63 ff ff 3d 20 4e 00 00 76 [ 334.230809] RSP: 0018:ffffbc8b823fb540 EFLAGS: 00010246 [ 334.230811] RAX: 0000000000001000 RBX: 00000000000186a0 RCX: 0000000000000000 [ 334.230812] RDX: ffffbc8b823fb544 RSI: 0000000000000000 RDI: 0000000000000000 [ 334.230813] RBP: ffffbc8b823fb560 R08: 0000000000000000 R09: 0000000000000000 [ 334.230814] R10: 0000000000000000 R11: 000000000000000f R12: ffff9e644f1f2bb0 [ 334.230815] R13: ffff9e6451361300 R14: 0000000000000000 R15: ffff9e6452c00000 [ 334.230816] FS: 00007af7c8519000(0000) GS:ffff9e737dd00000(0000) knlGS:0000000000000000 [ 334.230817] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 334.230818] CR2: 0000703576b9cbd0 CR3: 00000001095a2000 CR4: 0000000000750ee0 [ 334.230819] PKRU: 55555554 [ 334.230820] Call Trace: [ 334.230822] [ 334.230824] ? show_regs+0x6d/0x80 [ 334.230828] ? __warn+0x89/0x160 [ 334.230832] ? hubbub2_get_dchub_ref_freq+0xbb/0xe0 [amdgpu] [ 334.231024] ? report_bug+0x17e/0x1b0 [ 334.231028] ? handle_bug+0x46/0x90 [ 334.231030] ? exc_invalid_op+0x18/0x80 [ 334.231032] ? asm_exc_invalid_op+0x1b/0x20 [ 334.231036] ? hubbub2_get_dchub_ref_freq+0xbb/0xe0 [amdgpu] [ 334.231217] dc_create_resource_pool+0xfd/0x320 [amdgpu] [ 334.231408] dc_create+0x256/0x700 [amdgpu] [ 334.231588] ? srso_alias_return_thunk+0x5/0x7f [ 334.231590] ? dmi_matches+0xa0/0x230 [ 334.231594] amdgpu_dm_init+0x28c/0x25f0 [amdgpu] [ 334.231791] ? prb_read_valid+0x1c/0x30 [ 334.231795] ? __irq_work_queue_local+0x43/0xf0 [ 334.231798] ? srso_alias_return_thunk+0x5/0x7f [ 334.231800] ? irq_work_queue+0x2f/0x70 [ 334.231802] ? srso_alias_return_thunk+0x5/0x7f [ 334.231803] ? __wake_up_klogd.part.0+0x40/0x70 [ 334.231805] ? srso_alias_return_thunk+0x5/0x7f [ 334.231807] ? vprintk_emit+0xd9/0x210 [ 334.231809] ? set_dev_info+0x130/0x1c0 [ 334.231812] ? srso_alias_return_thunk+0x5/0x7f [ 334.231813] ? dev_printk_emit+0xa1/0xe0 [ 334.231819] dm_hw_init+0x14/0x30 [amdgpu] [ 334.231993] amdgpu_device_init+0x23c7/0x2fc0 [amdgpu] [ 334.232134] ? pci_read_config_word+0x25/0x50 [ 334.232139] amdgpu_driver_load_kms+0x1a/0xd0 [amdgpu] [ 334.232284] amdgpu_pci_probe+0x1f9/0x620 [amdgpu] On DCN401, get_dchub_ref_freq() hook is called before init_hw() hook. Hence, it is expected to trigger an assert. Remove the extraneous call to get_dchub_ref_freq() to suppress the call trace Reviewed-by: Alvin Lee Signed-off-by: Aurabindo Pillai Signed-off-by: Roman Li Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 9de60462cdba60f575f97ca2655533b35273c715 Author: Michael Strauss Date: Thu Aug 15 18:45:14 2024 -0400 drm/amd/display: Update HPO I/O When Handling Link Retrain Automation Request [WHY] Previous multi-display HPO fix moved where HPO I/O enable/disable is performed. The codepath now taken to enable/disable HPO I/O is not used for compliance test automation, meaning that if a compliance box being driven at a DP1 rate requests retrain at UHBR, HPO I/O will remain off if it was previously off. [HOW] Explicitly update HPO I/O after allocating encoders for test request. Reviewed-by: Charlene Liu Reviewed-by: Wenjing Liu Signed-off-by: Michael Strauss Signed-off-by: Roman Li Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 18ac82c26da45d033df7eb993139da83dd53ee68 Author: Hansen Dsouza Date: Thu Aug 15 18:45:13 2024 -0400 Revert "drm/amd/display: Update to using new dccg callbacks" [Why] Revert updated DCCG wrappers due to regression [How] This reverts commit 680458d41aa46a009909482f58358205b5c4b438. Reviewed-by: Chris Park Signed-off-by: Hansen Dsouza Signed-off-by: Roman Li Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit c0a04e3570d72aaf090962156ad085e37c62e442 Author: Candice Li Date: Thu Aug 15 11:37:28 2024 +0800 drm/amdgpu: Validate TA binary size Add TA binary size validation to avoid OOB write. Signed-off-by: Candice Li Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit eb067d65c33eecd4b81771384183ad42eec259bf Author: Mukul Joshi Date: Mon Aug 12 11:11:28 2024 -0400 drm/amdkfd: Update BadOpcode Interrupt handling with MES Based on the recommendation of MEC FW, update BadOpcode interrupt handling by unmapping all queues, removing the queue that got the interrupt from scheduling and remapping rest of the queues back when using MES scheduler. This is done to prevent the case where unmapping of the bad queue can fail thereby causing a GPU reset. Signed-off-by: Mukul Joshi Acked-by: Harish Kasiviswanathan Acked-by: Alex Deucher Reviewed-by: Felix Kuehling Signed-off-by: Alex Deucher commit 9a16042f02cd08bbd0a5a2d8e9c95347717165a3 Author: Mukul Joshi Date: Mon Jun 3 11:57:50 2024 -0400 drm/amdkfd: Update queue unmap after VM fault with MES MEC FW expects MES to unmap all queues when a VM fault is observed on a queue and then resumed once the affected process is terminated. Use the MES Suspend and Resume APIs to achieve this. Signed-off-by: Mukul Joshi Acked-by: Alex Deucher Reviewed-by: Harish Kasiviswanathan Reviewed-by: Felix Kuehling Signed-off-by: Alex Deucher commit ccf8ef6b7506cc43e7fd504a85465c1c0786a107 Author: Mukul Joshi Date: Mon Jun 3 11:48:23 2024 -0400 drm/amdgpu: Implement MES Suspend and Resume APIs for GFX11 Add implementation for MES Suspend and Resume APIs to unmap/map all queues for GFX11. Support for GFX12 will be added when the corresponding firmware support is in place. Signed-off-by: Mukul Joshi Reviewed-by: Alex Deucher Reviewed-by: Harish Kasiviswanathan Signed-off-by: Alex Deucher commit 87758a0ef12cfebb9fab8ef1d0e234dd7b3f4579 Author: Amber Lin Date: Mon Apr 29 16:40:44 2024 -0400 drm/amdkfd: Enable processes isolation on gfx9 When amdgpu enable enforce_isolation, KFD enables single-process mode in HWS and sets exec_cleaner_shader bit in MAP_PROCESS. Signed-off-by: Amber Lin Signed-off-by: Alex Deucher commit f846250b8a20e6c1225c64ce87a90d4f29cbf351 Author: Srinivasan Shanmugam Date: Tue May 14 23:55:20 2024 +0530 drm/amdgpu/gfx_v9_4_3: Apply Isolation Enforcement to GFX & Compute rings This commit applies isolation enforcement to the GFX and Compute rings in the gfx_v9_4_3 module. The commit sets `amdgpu_gfx_enforce_isolation_ring_begin_use` and `amdgpu_gfx_enforce_isolation_ring_end_use` as the functions to be called when a ring begins and ends its use, respectively. `amdgpu_gfx_enforce_isolation_ring_begin_use` is called when a ring begins its use. This function cancels any scheduled `enforce_isolation_work` and, if necessary, signals the Kernel Fusion Driver (KFD) to stop the runqueue. `amdgpu_gfx_enforce_isolation_ring_end_use` is called when a ring ends its use. This function schedules `enforce_isolation_work` to be run after a delay. These functions are part of the Enforce Isolation Handler, which enforces shader isolation on AMD GPUs to prevent data leakage between different processes. The commit also includes a check for the type of the ring. If the type of the ring is `AMDGPU_RING_TYPE_COMPUTE`, the `xcp_id` of the `enforce_isolation` structure in the `gfx` structure of the `amdgpu_device` is set to the `xcp_id` of the ring. This ensures that the correct `xcp_id` is used when enforcing isolation on compute rings. The `xcp_id` is an identifier for an XCP partition, and different rings can be associated with different XCP partitions. Cc: Christian König Cc: Alex Deucher Signed-off-by: Alex Deucher Signed-off-by: Srinivasan Shanmugam commit b710dbe55dee946d82bc4815c40373cf8a391581 Author: Srinivasan Shanmugam Date: Thu Jul 18 18:22:35 2024 +0530 drm/amdgpu/gfx9: Apply Isolation Enforcement to GFX & Compute rings This commit applies isolation enforcement to the GFX and Compute rings in the gfx_v9_0 module. The commit sets `amdgpu_gfx_enforce_isolation_ring_begin_use` and `amdgpu_gfx_enforce_isolation_ring_end_use` as the functions to be called when a ring begins and ends its use, respectively. `amdgpu_gfx_enforce_isolation_ring_begin_use` is called when a ring begins its use. This function cancels any scheduled `enforce_isolation_work` and, if necessary, signals the Kernel Fusion Driver (KFD) to stop the runqueue. `amdgpu_gfx_enforce_isolation_ring_end_use` is called when a ring ends its use. This function schedules `enforce_isolation_work` to be run after a delay. These functions are part of the Enforce Isolation Handler, which enforces shader isolation on AMD GPUs to prevent data leakage between different processes. Cc: Christian König Cc: Alex Deucher Signed-off-by: Srinivasan Shanmugam Signed-off-by: Alex Deucher Suggested-by: Christian König commit afefd6f245024684fff75100052065d6a9e8f75f Author: Srinivasan Shanmugam Date: Thu Jun 6 13:28:02 2024 +0530 drm/amdgpu: Implement Enforce Isolation Handler for KGD/KFD serialization This commit introduces the Enforce Isolation Handler designed to enforce shader isolation on AMD GPUs, which helps to prevent data leakage between different processes. The handler counts the number of emitted fences for each GFX and compute ring. If there are any fences, it schedules the `enforce_isolation_work` to be run after a delay of `GFX_SLICE_PERIOD`. If there are no fences, it signals the Kernel Fusion Driver (KFD) to resume the runqueue. The function is synchronized using the `enforce_isolation_mutex`. This commit also introduces a reference count mechanism (kfd_sch_req_count) to keep track of the number of requests to enable the KFD scheduler. When a request to enable the KFD scheduler is made, the reference count is decremented. When the reference count reaches zero, a delayed work is scheduled to enforce isolation after a delay of GFX_SLICE_PERIOD. When a request to disable the KFD scheduler is made, the function first checks if the reference count is zero. If it is, it cancels the delayed work for enforcing isolation and checks if the KFD scheduler is active. If the KFD scheduler is active, it sends a request to stop the KFD scheduler and sets the KFD scheduler state to inactive. Then, it increments the reference count. The function is synchronized using the kfd_sch_mutex to ensure that the KFD scheduler state and reference count are updated atomically. Cc: Christian König Cc: Alex Deucher Signed-off-by: Alex Deucher Signed-off-by: Srinivasan Shanmugam Suggested-by: Christian König Suggested-by: Alex Deucher commit 234eebe16138f94de3046f60c52763dc17fe5fed Author: Amber Lin Date: Mon Jul 29 14:22:30 2024 -0400 drm/amdkfd: APIs to stop/start KFD scheduling Provide amdgpu_amdkfd_stop_sched() for amdgpu to stop KFD scheduling compute work on HIQ. amdgpu_amdkfd_start_sched() resumes the scheduling. When amdgpu_amdkfd_stop_sched is called, KFD will unmap queues from runlist. If users send ioctls to KFD to create queues, they'll be added but those queues won't be mapped to runlist (so not scheduled) until amdgpu_amdkfd_start_sched is called. v2: fix build (Alex) Signed-off-by: Amber Lin Signed-off-by: Alex Deucher commit b1f49ff9cbe14264c7eb33462fb700c49c7d91a8 Author: Srinivasan Shanmugam Date: Mon Jul 29 22:18:45 2024 +0530 drm/amdgpu/gfx9: Add cleaner shader support for GFX9.4.4 hardware This commit extends the cleaner shader feature to support GFX9.4.4 hardware. The cleaner shader feature is used to clear or initialize certain GPU resources, such as Local Data Share (LDS), Vector General Purpose Registers (VGPRs), and Scalar General Purpose Registers (SGPRs). This operation needs to be performed in isolation, while no other tasks should be running on the GPU at the same time. Previously, the cleaner shader feature was implemented for GFX9.4.3 hardware. This commit adds support for GFX9.4.4 hardware by allowing the cleaner shader to be used with this hardware version. Cc: Christian König Cc: Alex Deucher Signed-off-by: Srinivasan Shanmugam Signed-off-by: Alex Deucher commit 335288315af18c0def7f47a37fe7eaa782c98f6d Author: Srinivasan Shanmugam Date: Mon Jul 29 22:14:41 2024 +0530 drm/amdgpu/gfx9: Add cleaner shader for GFX9.4.3 This commit adds the cleaner shader microcode for GFX9.4.3 GPUs. The cleaner shader is a piece of GPU code that is used to clear or initialize certain GPU resources, such as Local Data Share (LDS), Vector General Purpose Registers (VGPRs), and Scalar General Purpose Registers (SGPRs). Clearing these resources is important for ensuring data isolation between different workloads running on the GPU. Without the cleaner shader, residual data from a previous workload could potentially be accessed by a subsequent workload, leading to data leaks and incorrect computation results. The cleaner shader microcode is represented as an array of 32-bit words (`gfx_9_4_3_cleaner_shader_hex`). This array is the binary representation of the cleaner shader code, which is written in a low-level GPU instruction set. When the cleaner shader feature is enabled, the AMDGPU driver loads this array into a specific location in the GPU memory. The GPU then reads this memory location to fetch and execute the cleaner shader instructions. The cleaner shader is executed automatically by the GPU at the end of each workload, before the next workload starts. This ensures that all GPU resources are in a clean state before the start of each workload. This addition is part of the cleaner shader feature implementation. The cleaner shader feature helps improve GPU performance and resource utilization by cleaning up GPU resources after they are used. It also enhances security and reliability by preventing data leaks between workloads. v2: fix copyright date (Alex) Cc: Christian König Cc: Alex Deucher Signed-off-by: Srinivasan Shanmugam Signed-off-by: Alex Deucher commit d4c38154951b2bff6bfa4d5eb56df0bd08703cf9 Author: Srinivasan Shanmugam Date: Mon Jul 29 22:12:02 2024 +0530 drm/amdgpu/gfx9: Implement cleaner shader support for GFX9.4.3 hardware The patch modifies the gfx_v9_4_3_kiq_set_resources function to write the cleaner shader's memory controller address to the ring buffer. It also adds a new function, gfx_v9_4_3_ring_emit_cleaner_shader, which emits the PACKET3_RUN_CLEANER_SHADER packet to the ring buffer. This patch adds support for the PACKET3_RUN_CLEANER_SHADER packet in the gfx_v9_4_3 module. This packet is used to emit the cleaner shader, which is used to clear GPU memory before it's reused, helping to prevent data leakage between different processes. Finally, the patch updates the ring function structures to include the new gfx_v9_4_3_ring_emit_cleaner_shader function. This allows the cleaner shader to be emitted as part of the ring's operations. Cc: Christian König Cc: Alex Deucher Signed-off-by: Srinivasan Shanmugam Suggested-by: Alex Deucher Signed-off-by: Alex Deucher commit c2e70d307f4491ff970208a41cce84c95771f340 Author: Srinivasan Shanmugam Date: Mon Jul 29 21:56:57 2024 +0530 drm/amdgpu/gfx9: Implement cleaner shader support for GFX9 hardware The patch modifies the gfx_v9_0_kiq_set_resources function to write the cleaner shader's memory controller address to the ring buffer. It also adds a new function, gfx_v9_0_ring_emit_cleaner_shader, which emits the PACKET3_RUN_CLEANER_SHADER packet to the ring buffer. This patch adds support for the PACKET3_RUN_CLEANER_SHADER packet in the gfx_v9_0 module. This packet is used to emit the cleaner shader, which is used to clear GPU memory before it's reused, helping to prevent data leakage between different processes. Finally, the patch updates the ring function structures to include the new gfx_v9_0_ring_emit_cleaner_shader function. This allows the cleaner shader to be emitted as part of the ring's operations. Cc: Christian König Cc: Alex Deucher Signed-off-by: Srinivasan Shanmugam Suggested-by: Alex Deucher Signed-off-by: Alex Deucher commit 22ff907d4f0457b2800f4c6d4f40d4d4d31f7de1 Author: Srinivasan Shanmugam Date: Sun Jul 7 08:54:04 2024 +0530 drm/amdgpu: Add PACKET3_RUN_CLEANER_SHADER for cleaner shader execution This commit adds the PACKET3_RUN_CLEANER_SHADER definition. This packet is a command packet used to instruct the GPU to execute the cleaner shader. The cleaner shader is a piece of GPU code that is used to clear or initialize certain GPU resources, such as Local Data Share (LDS), Vector General Purpose Registers (VGPRs), and Scalar General Purpose Registers (SGPRs). Clearing these resources is important for ensuring data isolation between different workloads running on the GPU. The PACKET3_RUN_CLEANER_SHADER packet is used to trigger the execution of the cleaner shader on the GPU. The packet consists of a header followed by a RESERVED field, which is programmed to zero. When the GPU receives this packet, it fetches and executes the cleaner shader instructions from the location specified in the packet. The cleaner shader feature helps to enhances security and reliability by preventing data leaks between workloads. Cc: Christian König Cc: Alex Deucher Signed-off-by: Srinivasan Shanmugam Signed-off-by: Alex Deucher commit d361ad5d2fc0e4d59d5d538092c9b37889756642 Author: Srinivasan Shanmugam Date: Mon May 27 07:38:21 2024 +0530 drm/amdgpu: Add sysfs interface for running cleaner shader This patch adds a new sysfs interface for running the cleaner shader on AMD GPUs. The cleaner shader is used to clear GPU memory before it's reused, which can help prevent data leakage between different processes. The new sysfs file is write-only and is named `run_cleaner_shader`. Write the number of the partition to this file to trigger the cleaner shader on that partition. There is only one partition on GPUs which do not support partitioning. Changes made in this patch: - Added `amdgpu_set_run_cleaner_shader` function to handle writes to the `run_cleaner_shader` sysfs file. - Added `run_cleaner_shader` to the list of device attributes in `amdgpu_device_attrs`. - Updated `default_attr_update` to handle `run_cleaner_shader`. - Added `AMDGPU_DEVICE_ATTR_WO` macro to create write-only device attributes. v2: fix error handling (Alex) Cc: Christian König Cc: Alex Deucher Signed-off-by: Alex Deucher Signed-off-by: Srinivasan Shanmugam commit e189be9b2e3820c88164d95090f1fd6343cd77fc Author: Srinivasan Shanmugam Date: Mon May 27 07:30:47 2024 +0530 drm/amdgpu: Add enforce_isolation sysfs attribute This commit adds a new sysfs attribute 'enforce_isolation' to control the 'enforce_isolation' setting per GPU. The attribute can be read and written, and accepts values 0 (disabled) and 1 (enabled). When 'enforce_isolation' is enabled, reserved VMIDs are allocated for each ring. When it's disabled, the reserved VMIDs are freed. The set function locks a mutex before changing the 'enforce_isolation' flag and the VMIDs, and unlocks it afterwards. This ensures that these operations are atomic and prevents race conditions and other concurrency issues. Cc: Christian König Cc: Alex Deucher Signed-off-by: Srinivasan Shanmugam Suggested-by: Alex Deucher Signed-off-by: Alex Deucher commit dba1a6cfc311833e10df978f07147ea93b7045fa Author: Srinivasan Shanmugam Date: Wed Mar 20 06:42:38 2024 +0530 drm/amdgpu: Enforce isolation as part of the job This patch adds a new parameter 'enforce_isolation' to the amdgpu_job structure. This parameter is used to determine whether shader isolation should be enforced for a job. The enforce_isolation parameter is then stored in the amdgpu_job structure and used when flushing the VM. The enforce_isolation field of the amdgpu_job structure is set directly after the job is allocated This change allows more fine-grained control over shader isolation, making it possible to enforce isolation on a per-job basis rather than globally. This can be useful in scenarios where only certain jobs require isolation. Cc: Christian König Cc: Alex Deucher Signed-off-by: Alex Deucher Signed-off-by: Srinivasan Shanmugam Suggested-by: Christian König commit f67fbacd923f280c55b9e26e49650331446ef335 Author: carrion bent Date: Thu Jun 6 13:43:16 2024 +0800 ext4: fix macro definition error of EXT4_DIRENT_HASH and EXT4_DIRENT_MINOR_HASH The macro parameter 'entry' of EXT4_DIRENT_HASH and EXT4_DIRENT_MINOR_HASH was not used, but rather the variable 'de' was directly used, which may be a local variable inside a function that calls the macros. Fortunately, all callers have passed in 'de' so far, so this bug didn't have an effect. Signed-off-by: carrion bent Link: https://patch.msgid.link/1717652596-58760-1-git-send-email-carrionbent@linux.alibaba.com Signed-off-by: Theodore Ts'o commit 985b67cd86392310d9e9326de941c22fc9340eec Author: Lizhi Xu Date: Wed Jun 5 09:23:35 2024 +0800 ext4: filesystems without casefold feature cannot be mounted with siphash When mounting the ext4 filesystem, if the default hash version is set to DX_HASH_SIPHASH but the casefold feature is not set, exit the mounting. Reported-by: syzbot+340581ba9dceb7e06fb3@syzkaller.appspotmail.com Signed-off-by: Lizhi Xu Link: https://patch.msgid.link/20240605012335.44086-1-lizhi.xu@windriver.com Signed-off-by: Theodore Ts'o commit a3c3eecc7c876c7f2b09d9ee1acf5b8b85996cff Author: Junchao Sun Date: Mon Jun 3 21:15:24 2024 +0800 ext4: adjust the layout of the ext4_inode_info structure to save memory Using pahole, we can see that there are some padding holes in the current ext4_inode_info structure. Adjusting the layout of ext4_inode_info can reduce these holes, resulting in the size of the structure decreasing from 2424 bytes to 2408 bytes. Signed-off-by: Junchao Sun Reviewed-by: Jan Kara Link: https://patch.msgid.link/20240603131524.324224-1-sunjunchao2870@gmail.com Signed-off-by: Theodore Ts'o commit 4d36b2b1dea4ff528bd7d312d9c713a827656d75 Author: Florian Fainelli Date: Mon Aug 19 17:44:35 2024 -0700 net: dsa: b53: Use dev_err_probe() Rather than print an error even when we get -EPROBE_DEFER, use dev_err_probe() to filter out those messages. Link: https://github.com/openwrt/openwrt/pull/11680 Signed-off-by: Florian Fainelli Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240820004436.224603-1-florian.fainelli@broadcom.com Signed-off-by: Jakub Kicinski commit f7a678bbe5a8f22cfcef5369757cc9b95f73e027 Author: Christophe JAILLET Date: Thu Aug 15 08:47:28 2024 +0800 f2fs: Use sysfs_emit_at() to simplify code This file already uses sysfs_emit(). So be consistent and also use sysfs_emit_at(). This slightly simplifies the code and makes it more readable. Reviewed-by: Chao Yu Signed-off-by: Christophe JAILLET Signed-off-by: Jaegeuk Kim commit b2c160f4f3cfe9334b3e6bb52cb89a3a20ef0385 Author: Chao Yu Date: Fri Aug 16 09:13:42 2024 +0800 f2fs: atomic: fix to forbid dio in atomic_file atomic write can only be used via buffered IO, let's fail direct IO on atomic_file and return -EOPNOTSUPP. Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit f785cec298c95d00058560c0715233294a04b8f3 Author: Yeongjin Gil Date: Mon Aug 19 17:34:30 2024 +0900 f2fs: compress: don't redirty sparse cluster during {,de}compress In f2fs_do_write_data_page, when the data block is NULL_ADDR, it skips writepage considering that it has been already truncated. This results in an infinite loop as the PAGECACHE_TAG_TOWRITE tag is not cleared during the writeback process for a compressed file including NULL_ADDR in compress_mode=user. This is the reproduction process: 1. dd if=/dev/zero bs=4096 count=1024 seek=1024 of=testfile 2. f2fs_io compress testfile 3. dd if=/dev/zero bs=4096 count=1 conv=notrunc of=testfile 4. f2fs_io decompress testfile To prevent the problem, let's check whether the cluster is fully allocated before redirty its pages. Fixes: 5fdb322ff2c2 ("f2fs: add F2FS_IOC_DECOMPRESS_FILE and F2FS_IOC_COMPRESS_FILE") Reviewed-by: Sungjong Seo Reviewed-by: Sunmin Jeong Tested-by: Jaewook Kim Signed-off-by: Yeongjin Gil Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 43aec4d01bd2ce961817a777b3846f8318f398e4 Author: Shin'ichiro Kawasaki Date: Fri Aug 16 13:07:03 2024 +0900 f2fs: check discard support for conventional zones As the helper function f2fs_bdev_support_discard() shows, f2fs checks if the target block devices support discard by calling bdev_max_discard_sectors() and bdev_is_zoned(). This check works well for most cases, but it does not work for conventional zones on zoned block devices. F2fs assumes that zoned block devices support discard, and calls __submit_discard_cmd(). When __submit_discard_cmd() is called for sequential write required zones, it works fine since __submit_discard_cmd() issues zone reset commands instead of discard commands. However, when __submit_discard_cmd() is called for conventional zones, __blkdev_issue_discard() is called even when the devices do not support discard. The inappropriate __blkdev_issue_discard() call was not a problem before the commit 30f1e7241422 ("block: move discard checks into the ioctl handler") because __blkdev_issue_discard() checked if the target devices support discard or not. If not, it returned EOPNOTSUPP. After the commit, __blkdev_issue_discard() no longer checks it. It always returns zero and sets NULL to the given bio pointer. This NULL pointer triggers f2fs_bug_on() in __submit_discard_cmd(). The BUG is recreated with the commands below at the umount step, where /dev/nullb0 is a zoned null_blk with 5GB total size, 128MB zone size and 10 conventional zones. $ mkfs.f2fs -f -m /dev/nullb0 $ mount /dev/nullb0 /mnt $ for ((i=0;i<5;i++)); do dd if=/dev/zero of=/mnt/test bs=65536 count=1600 conv=fsync; done $ umount /mnt To fix the BUG, avoid the inappropriate __blkdev_issue_discard() call. When discard is requested for conventional zones, check if the device supports discard or not. If not, return EOPNOTSUPP. Fixes: 30f1e7241422 ("block: move discard checks into the ioctl handler") Cc: stable@vger.kernel.org Signed-off-by: Shin'ichiro Kawasaki Reviewed-by: Damien Le Moal Reviewed-by: Chao Yu Reviewed-by: Christoph Hellwig Signed-off-by: Jaegeuk Kim commit c7f114d864ac91515bb07ac271e9824a20f5ed95 Author: Chao Yu Date: Tue Jul 30 09:08:55 2024 +0800 f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread() syzbot reports a f2fs bug as below: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 print_report+0xe8/0x550 mm/kasan/report.c:491 kasan_report+0x143/0x180 mm/kasan/report.c:601 kasan_check_range+0x282/0x290 mm/kasan/generic.c:189 instrument_atomic_read_write include/linux/instrumented.h:96 [inline] atomic_fetch_add_relaxed include/linux/atomic/atomic-instrumented.h:252 [inline] __refcount_add include/linux/refcount.h:184 [inline] __refcount_inc include/linux/refcount.h:241 [inline] refcount_inc include/linux/refcount.h:258 [inline] get_task_struct include/linux/sched/task.h:118 [inline] kthread_stop+0xca/0x630 kernel/kthread.c:704 f2fs_stop_gc_thread+0x65/0xb0 fs/f2fs/gc.c:210 f2fs_do_shutdown+0x192/0x540 fs/f2fs/file.c:2283 f2fs_ioc_shutdown fs/f2fs/file.c:2325 [inline] __f2fs_ioctl+0x443a/0xbe60 fs/f2fs/file.c:4325 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f The root cause is below race condition, it may cause use-after-free issue in sbi->gc_th pointer. - remount - f2fs_remount - f2fs_stop_gc_thread - kfree(gc_th) - f2fs_ioc_shutdown - f2fs_do_shutdown - f2fs_stop_gc_thread - kthread_stop(gc_th->f2fs_gc_task) : sbi->gc_thread = NULL; We will call f2fs_do_shutdown() in two paths: - for f2fs_ioc_shutdown() path, we should grab sb->s_umount semaphore for fixing. - for f2fs_shutdown() path, it's safe since caller has already grabbed sb->s_umount semaphore. Reported-by: syzbot+1a8e2b31f2ac9bd3d148@syzkaller.appspotmail.com Closes: https://lore.kernel.org/linux-f2fs-devel/0000000000005c7ccb061e032b9b@google.com Fixes: 7950e9ac638e ("f2fs: stop gc/discard thread after fs shutdown") Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit ebd3309aec6271c4616573b0cb83ea25e623070a Author: Chao Yu Date: Wed Aug 7 18:24:35 2024 +0800 f2fs: atomic: fix to truncate pagecache before on-disk metadata truncation We should always truncate pagecache while truncating on-disk data. Fixes: a46bebd502fe ("f2fs: synchronize atomic write aborts") Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit a4d7f2b3238fd5f76b9e6434a0bd5d2e29049cff Author: Chao Yu Date: Mon Aug 12 22:12:42 2024 +0800 f2fs: fix to wait page writeback before setting gcing flag Soft IRQ Thread - f2fs_write_end_io - f2fs_defragment_range - set_page_private_gcing - type = WB_DATA_TYPE(page, false); : assign type w/ F2FS_WB_CP_DATA due to page_private_gcing() is true - dec_page_count() w/ wrong type - end_page_writeback() Value of F2FS_WB_CP_DATA reference count may become negative under above race condition, the root cause is we missed to wait page writeback before setting gcing page private flag, let's fix it. Fixes: 2d1fe8a86bf5 ("f2fs: fix to tag gcing flag on page during file defragment") Fixes: 4961acdd65c9 ("f2fs: fix to tag gcing flag on page during block migration") Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 8c1b787938fd86bab27a1492fa887408c75fec2b Author: Yeongjin Gil Date: Tue Aug 13 16:32:44 2024 +0900 f2fs: Create COW inode from parent dentry for atomic write The i_pino in f2fs_inode_info has the previous parent's i_ino when inode was renamed, which may cause f2fs_ioc_start_atomic_write to fail. If file_wrong_pino is true and i_nlink is 1, then to find a valid pino, we should refer to the dentry from inode. To resolve this issue, let's get parent inode using parent dentry directly. Fixes: 3db1de0e582c ("f2fs: change the current atomic write way") Reviewed-by: Sungjong Seo Reviewed-by: Sunmin Jeong Signed-off-by: Yeongjin Gil Reviewed-by: Daeho Jeong Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 4f5a100f87f32cb65d4bb1ad282a08c92f6f591e Author: Jann Horn Date: Tue Aug 6 16:07:16 2024 +0200 f2fs: Require FMODE_WRITE for atomic write ioctls The F2FS ioctls for starting and committing atomic writes check for inode_owner_or_capable(), but this does not give LSMs like SELinux or Landlock an opportunity to deny the write access - if the caller's FSUID matches the inode's UID, inode_owner_or_capable() immediately returns true. There are scenarios where LSMs want to deny a process the ability to write particular files, even files that the FSUID of the process owns; but this can currently partially be bypassed using atomic write ioctls in two ways: - F2FS_IOC_START_ATOMIC_REPLACE + F2FS_IOC_COMMIT_ATOMIC_WRITE can truncate an inode to size 0 - F2FS_IOC_START_ATOMIC_WRITE + F2FS_IOC_ABORT_ATOMIC_WRITE can revert changes another process concurrently made to a file Fix it by requiring FMODE_WRITE for these operations, just like for F2FS_IOC_MOVE_RANGE. Since any legitimate caller should only be using these ioctls when intending to write into the file, that seems unlikely to break anything. Fixes: 88b88a667971 ("f2fs: support atomic writes") Cc: stable@vger.kernel.org Signed-off-by: Jann Horn Reviewed-by: Chao Yu Reviewed-by: Eric Biggers Signed-off-by: Jaegeuk Kim commit 8fb9f31984bdc0aaa1b0f7c7e7a27bd3137f8744 Author: Zhiguo Niu Date: Thu Aug 1 09:33:51 2024 +0800 f2fs: clean up val{>>,<<}F2FS_BLKSIZE_BITS Use F2FS_BYTES_TO_BLK(bytes) and F2FS_BLK_TO_BYTES(blk) for cleanup Signed-off-by: Zhiguo Niu Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 88f65f903d25aed8801d795470042754cb18ec67 Author: Corey Minyard Date: Tue Aug 20 19:46:47 2024 -0500 ipmi:ssif: Improve detecting during probing If an IPMI SSIF device is probed and there is something there, but probably not an actual BMC, the code would just issue a lot of errors before it failed. We kind of need these errors to help with certain issues, and some of the failure reports are non-fatal. However, a get device id command should alway work. If that fails, nothing else is going to work and it's a pretty good indication that there's no valid BMC there. So issue and check that command and bail if it fails. Reported-by: Ivan T. Ivanov Signed-off-by: Corey Minyard commit 0e38f7ecb55c86c0bdb45ed817bac5a49cdeac04 Author: Yuntao Liu Date: Mon Aug 19 11:38:55 2024 +0000 ipmi: ipmi_ssif: fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from platform_device_id table. Signed-off-by: Yuntao Liu Message-Id: <20240819113855.787149-10-liuyuntao12@huawei.com> Signed-off-by: Corey Minyard commit bc3dd9ed04d69cba3bb603da06fa26d888233cff Author: James Chapman Date: Mon Aug 19 15:33:33 2024 +0100 l2tp: use skb_queue_purge in l2tp_ip_destroy_sock Recent commit ed8ebee6def7 ("l2tp: have l2tp_ip_destroy_sock use ip_flush_pending_frames") was incorrect in that l2tp_ip does not use socket cork and ip_flush_pending_frames is for sockets that do. Use __skb_queue_purge instead and remove the unnecessary lock. Also unexport ip_flush_pending_frames since it was originally exported in commit 4ff8863419cd ("ipv4: export ip_flush_pending_frames") for l2tp and is not used by other modules. Suggested-by: xiyou.wangcong@gmail.com Signed-off-by: James Chapman Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240819143333.3204957-1-jchapman@katalix.com Signed-off-by: Jakub Kicinski commit 8594d9b85c07f05e431bd07e895c2a3ad9b85d6f Author: Kuniyuki Iwashima Date: Fri Aug 16 16:39:21 2024 -0700 af_unix: Don't call skb_get() for OOB skb. Since introduced, OOB skb holds an additional reference count with no special reason and caused many issues. Also, kfree_skb() and consume_skb() are used to decrement the count, which is confusing. Let's drop the unnecessary skb_get() in queue_oob() and corresponding kfree_skb(), consume_skb(), and skb_unref(). Now unix_sk(sk)->oob_skb is just a pointer to skb in the receive queue, so special handing is no longer needed in GC. Signed-off-by: Kuniyuki Iwashima Link: https://patch.msgid.link/20240816233921.57800-1-kuniyu@amazon.com Signed-off-by: Jakub Kicinski commit 76501d19c6af43054492420ae53a9bd2d4de50b3 Author: Miguel Ojeda Date: Wed Aug 14 18:37:22 2024 +0200 rust: enable bindgen's `--enable-function-attribute-detection` flag `bindgen` is able to detect certain function attributes and annotate functions correspondingly in its output for the Rust side, when the `--enable-function-attribute-detection` is passed. In particular, it is currently able to use `__must_check` in C (`#[must_use]` in Rust), which give us a bunch of annotations that are nice to have to prevent possible issues in Rust abstractions, e.g.: extern "C" { + #[must_use] pub fn kobject_add( kobj: *mut kobject, parent: *mut kobject, fmt: *const core::ffi::c_char, ... ) -> core::ffi::c_int; } Apparently, there are edge cases where this can make generation very slow, which is why it is behind a flag [1], but it does not seem to affect us in any major way at the moment. Thus enable it. Link: https://github.com/rust-lang/rust-bindgen/issues/1465 [1] Link: https://lore.kernel.org/rust-for-linux/CANiq72=u5Nrz_NW3U3_VqywJkD8pECA07q2pFDd1wjtXOWdkAQ@mail.gmail.com/ Reviewed-by: Alice Ryhl Tested-by: Alice Ryhl Reviewed-by: Gary Guo Acked-by: Danilo Krummrich Link: https://lore.kernel.org/r/20240814163722.1550064-1-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit 1d15880378662ade209eb9289f9f03c98b431254 Author: Alice Ryhl Date: Fri Aug 9 13:28:35 2024 +0000 rust: sort blk includes in bindings_helper.h The headers in this file are sorted alphabetically, which makes it easy to quickly resolve conflicts by selecting all of the headers and invoking :'<,'>sort to sort them. To keep this technique to resolve conflicts working, also apply sorting to symbols that are not letters. This file is very prone to merge conflicts, so I think keeping conflict resolution really easy is more important than not messing with git blame history. These includes were originally introduced in commit 3253aba3408a ("rust: block: introduce `kernel::block::mq` module"). Signed-off-by: Alice Ryhl Acked-by: Danilo Krummrich Link: https://lore.kernel.org/r/20240809132835.274603-1-aliceryhl@google.com Signed-off-by: Miguel Ojeda commit 2862c9349d5d8667d897aa5cecf0f3886979ecb1 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:29:05 2024 +0200 dt-bindings: net: socionext,uniphier-ave4: add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clock-names and reset-names. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240818172905.121829-4-krzysztof.kozlowski@linaro.org Signed-off-by: Jakub Kicinski commit 70d16e13368c0526eb3e2a326ed002183a087c21 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:29:04 2024 +0200 dt-bindings: net: renesas,etheravb: add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for reg, clocks, clock-names, interrupts and interrupt-names. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240818172905.121829-3-krzysztof.kozlowski@linaro.org Signed-off-by: Jakub Kicinski commit 06ab21c3cb6e124bdc2da226f38bc8eb45946887 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:29:03 2024 +0200 dt-bindings: net: mediatek,net: add top-level constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for clocks and clock-names. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240818172905.121829-2-krzysztof.kozlowski@linaro.org Signed-off-by: Jakub Kicinski commit 55da77dec1be92afafb5683cc28a60bc2cc83716 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:29:02 2024 +0200 dt-bindings: net: mediatek,net: narrow interrupts per variants Each variable-length property like interrupts must have fixed constraints on number of items for given variant in binding. The clauses in "if:then:" block should define both limits: upper and lower. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240818172905.121829-1-krzysztof.kozlowski@linaro.org Signed-off-by: Jakub Kicinski commit 13cfd6a6d7ac78e845768278ab745acbd19c43ce Author: Gal Pressman Date: Sun Aug 18 14:43:51 2024 +0300 net: Silence false field-spanning write warning in metadata_dst memcpy When metadata_dst struct is allocated (using metadata_dst_alloc()), it reserves room for options at the end of the struct. Change the memcpy() to unsafe_memcpy() as it is guaranteed that enough room (md_size bytes) was allocated and the field-spanning write is intentional. This resolves the following warning: ------------[ cut here ]------------ memcpy: detected field-spanning write (size 104) of single field "&new_md->u.tun_info" at include/net/dst_metadata.h:166 (size 96) WARNING: CPU: 2 PID: 391470 at include/net/dst_metadata.h:166 tun_dst_unclone+0x114/0x138 [geneve] Modules linked in: act_tunnel_key geneve ip6_udp_tunnel udp_tunnel act_vlan act_mirred act_skbedit cls_matchall nfnetlink_cttimeout act_gact cls_flower sch_ingress sbsa_gwdt ipmi_devintf ipmi_msghandler xfrm_interface xfrm6_tunnel tunnel6 tunnel4 xfrm_user xfrm_algo nvme_fabrics overlay optee openvswitch nsh nf_conncount ib_srp scsi_transport_srp rpcrdma rdma_ucm ib_iser rdma_cm ib_umad iw_cm libiscsi ib_ipoib scsi_transport_iscsi ib_cm uio_pdrv_genirq uio mlxbf_pmc pwr_mlxbf mlxbf_bootctl bluefield_edac nft_chain_nat binfmt_misc xt_MASQUERADE nf_nat xt_tcpmss xt_NFLOG nfnetlink_log xt_recent xt_hashlimit xt_state xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xt_mark xt_comment ipt_REJECT nf_reject_ipv4 nft_compat nf_tables nfnetlink sch_fq_codel dm_multipath fuse efi_pstore ip_tables btrfs blake2b_generic raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor xor_neon raid6_pq raid1 raid0 nvme nvme_core mlx5_ib ib_uverbs ib_core ipv6 crc_ccitt mlx5_core crct10dif_ce mlxfw psample i2c_mlxbf gpio_mlxbf2 mlxbf_gige mlxbf_tmfifo CPU: 2 PID: 391470 Comm: handler6 Not tainted 6.10.0-rc1 #1 Hardware name: https://www.mellanox.com BlueField SoC/BlueField SoC, BIOS 4.5.0.12993 Dec 6 2023 pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : tun_dst_unclone+0x114/0x138 [geneve] lr : tun_dst_unclone+0x114/0x138 [geneve] sp : ffffffc0804533f0 x29: ffffffc0804533f0 x28: 000000000000024e x27: 0000000000000000 x26: ffffffdcfc0e8e40 x25: ffffff8086fa6600 x24: ffffff8096a0c000 x23: 0000000000000068 x22: 0000000000000008 x21: ffffff8092ad7000 x20: ffffff8081e17900 x19: ffffff8092ad7900 x18: 00000000fffffffd x17: 0000000000000000 x16: ffffffdcfa018488 x15: 695f6e75742e753e x14: 2d646d5f77656e26 x13: 6d5f77656e262220 x12: 646c65696620656c x11: ffffffdcfbe33ae8 x10: ffffffdcfbe1baa8 x9 : ffffffdcfa0a4c10 x8 : 0000000000017fe8 x7 : c0000000ffffefff x6 : 0000000000000001 x5 : ffffff83fdeeb010 x4 : 0000000000000000 x3 : 0000000000000027 x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffffff80913f6780 Call trace: tun_dst_unclone+0x114/0x138 [geneve] geneve_xmit+0x214/0x10e0 [geneve] dev_hard_start_xmit+0xc0/0x220 __dev_queue_xmit+0xa14/0xd38 dev_queue_xmit+0x14/0x28 [openvswitch] ovs_vport_send+0x98/0x1c8 [openvswitch] do_output+0x80/0x1a0 [openvswitch] do_execute_actions+0x172c/0x1958 [openvswitch] ovs_execute_actions+0x64/0x1a8 [openvswitch] ovs_packet_cmd_execute+0x258/0x2d8 [openvswitch] genl_family_rcv_msg_doit+0xc8/0x138 genl_rcv_msg+0x1ec/0x280 netlink_rcv_skb+0x64/0x150 genl_rcv+0x40/0x60 netlink_unicast+0x2e4/0x348 netlink_sendmsg+0x1b0/0x400 __sock_sendmsg+0x64/0xc0 ____sys_sendmsg+0x284/0x308 ___sys_sendmsg+0x88/0xf0 __sys_sendmsg+0x70/0xd8 __arm64_sys_sendmsg+0x2c/0x40 invoke_syscall+0x50/0x128 el0_svc_common.constprop.0+0x48/0xf0 do_el0_svc+0x24/0x38 el0_svc+0x38/0x100 el0t_64_sync_handler+0xc0/0xc8 el0t_64_sync+0x1a4/0x1a8 ---[ end trace 0000000000000000 ]--- Reviewed-by: Cosmin Ratiu Reviewed-by: Tariq Toukan Signed-off-by: Gal Pressman Link: https://patch.msgid.link/20240818114351.3612692-1-gal@nvidia.com Signed-off-by: Jakub Kicinski commit 2cbece60a4af03803634abd1e840e513db48d42e Author: Zhang Zekun Date: Sun Aug 18 13:25:18 2024 +0800 net: hns3: Use ARRAY_SIZE() to improve readability There is a helper function ARRAY_SIZE() to help calculating the u32 array size, and we don't need to do it mannually. So, let's use ARRAY_SIZE() to calculate the array size, and improve the code readability. Signed-off-by: Zhang Zekun Reviewed-by: Jijie Shao Link: https://patch.msgid.link/20240818052518.45489-1-zhangzekun11@huawei.com Signed-off-by: Jakub Kicinski commit 555e5531635a7c5dba663d06cea240362624dfde Author: Jakub Kicinski Date: Sat Aug 17 13:36:59 2024 -0700 selftests: net/forwarding: spawn sh inside vrf to speed up ping loop Looking at timestamped output of netdev CI reveals that most of the time in forwarding tests for custom route hashing is spent on a single case, namely the test which uses ping (mausezahn does not support flow labels). On a non-debug kernel we spend 714 of 730 total test runtime (97%) on this test case. While having flow label support in a traffic gen tool / mausezahn would be best, we can significantly speed up the loop by putting ip vrf exec outside of the iteration. In a test of 1000 pings using a normal loop takes 50 seconds to finish. While using: ip vrf exec $vrf sh -c "$loop-body" takes 12 seconds (1/4 of the time). Some of the slowness is likely due to our inefficient virtualization setup, but even on my laptop running "ip link help" 16k times takes 25-30 seconds, so I think it's worth optimizing even for fastest setups. Reviewed-by: Ido Schimmel Tested-by: Ido Schimmel Reviewed-by: Hangbin Liu Link: https://patch.msgid.link/20240817203659.712085-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit d628455ab3c22bf633935f5d09451530c44c4ba3 Author: Vedang Nagar Date: Mon Aug 12 19:17:52 2024 +0530 clk: qcom: videocc-sm8550: Use HW_CTRL_TRIGGER flag for video GDSC's The video driver will be using the newly introduced dev_pm_genpd_set_hwmode() API to switch the video GDSC to HW/SW control modes at runtime. Hence use HW_CTRL_TRIGGER flag instead of HW_CTRL for video GDSC's. Signed-off-by: Vedang Nagar Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240812134752.28031-1-quic_vnagar@quicinc.com Signed-off-by: Bjorn Andersson commit f7b01bfb4b476ce87a35a35c671f37114344268a Author: Ling Xu Date: Mon Aug 19 10:20:52 2024 +0530 arm64: qcom: sa8775p: Add ADSP and CDSP0 fastrpc nodes Add ADSP and CDSP0 fastrpc nodes. Signed-off-by: Ling Xu Reviewed-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240819045052.2405511-1-quic_lxu5@quicinc.com Signed-off-by: Bjorn Andersson commit 5c5edbf46177e6335f2faaa3b68456755bcb9006 Author: Konrad Dybcio Date: Tue Aug 20 13:34:23 2024 +0200 arm64: dts: qcom: x1e80100: Add USB Multiport controller X1E80100 has a multiport controller with 2 HS (eUSB) and 2 SS PHYs attached to it. It's commonly used for USB-A ports and internally routed devices. Configure it to support such functionality. Signed-off-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240820-topic-h_mp-v2-2-d88518066372@quicinc.com Signed-off-by: Bjorn Andersson commit 04b5b362bc2a36f1dfe5cad52c83b1ea9d25b87c Author: Tejas Vipin Date: Sun Aug 18 11:38:16 2024 +0530 drm/panel: jdi-fhd-r63452: transition to mipi_dsi wrapped functions Changes the jdi-fhd-r63452 panel to use multi style functions for improved error handling. Reviewed-by: Douglas Anderson Signed-off-by: Tejas Vipin Signed-off-by: Douglas Anderson Link: https://patchwork.freedesktop.org/patch/msgid/20240818060816.848784-3-tejasvipin76@gmail.com commit 051c86afc342aed1f84d66ff5d09dc9e1c1685a1 Author: Tejas Vipin Date: Sun Aug 18 11:38:15 2024 +0530 drm/mipi-dsi: Add mipi_dsi_dcs_set_tear_scanline_multi mipi_dsi_dcs_set_tear_scanline_multi can heavily benefit from being converted to a multi style function as it is often called in the context of similar functions. Reviewed-by: Douglas Anderson Signed-off-by: Tejas Vipin Signed-off-by: Douglas Anderson Link: https://patchwork.freedesktop.org/patch/msgid/20240818060816.848784-2-tejasvipin76@gmail.com commit e25ebda78e230283bf707ae3e9655270ff40a7f9 Author: Ian Rogers Date: Tue Aug 6 15:06:14 2024 -0700 perf cap: Tidy up and improve capability testing Remove dependence on libcap. libcap is only used to query whether a capability is supported, which is just 1 capget system call. If the capget system call fails, fall back on root permission checking. Previously if libcap fails then the permission is assumed not present which may be pessimistic/wrong. Add a used_root out argument to perf_cap__capable to say whether the fall back root check was used. This allows the correct error message, "root" vs "users with the CAP_PERFMON or CAP_SYS_ADMIN capability", to be selected. Tidy uses of perf_cap__capable so that tests aren't repeated if capget isn't supported. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Athira Rajeev Cc: Changbin Du Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Namhyung Kim Cc: Oliver Upton Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240806220614.831914-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 8b1042c425f6a5a9fb57c5e1d5ecf5247cf899a6 Author: Namhyung Kim Date: Thu Aug 15 15:38:23 2024 -0700 perf annotate-data: Set bitfield member offset and size properly The bitfield members might not have DW_AT_data_member_location. Let's use DW_AT_data_bit_offset to set the member offset correct. Also use DW_AT_bit_size for the name like in a C program. Before: Annotate type: 'struct sk_buff' (1 samples) Percent Offset Size Field - 100.00 0 232 struct sk_buff { + 0.00 0 24 union ; + 0.00 24 8 union ; + 0.00 32 8 union ; 0.00 40 48 char[] cb; + 0.00 88 16 union ; 0.00 104 8 long unsigned int _nfct; 100.00 112 4 unsigned int len; 0.00 116 4 unsigned int data_len; 0.00 120 2 __u16 mac_len; 0.00 122 2 __u16 hdr_len; 0.00 124 2 __u16 queue_mapping; 0.00 126 0 __u8[] __cloned_offset; 0.00 0 1 __u8 cloned; 0.00 0 1 __u8 nohdr; 0.00 0 1 __u8 fclone; 0.00 0 1 __u8 peeked; 0.00 0 1 __u8 head_frag; 0.00 0 1 __u8 pfmemalloc; 0.00 0 1 __u8 pp_recycle; 0.00 127 1 __u8 active_extensions; + 0.00 128 60 union ; 0.00 188 4 sk_buff_data_t tail; 0.00 192 4 sk_buff_data_t end; 0.00 200 8 unsigned char* head; After: Annotate type: 'struct sk_buff' (1 samples) Percent Offset Size Field - 100.00 0 232 struct sk_buff { + 0.00 0 24 union ; + 0.00 24 8 union ; + 0.00 32 8 union ; 0.00 40 48 char[] cb + 0.00 88 16 union ; 0.00 104 8 long unsigned int _nfct; 100.00 112 4 unsigned int len; 0.00 116 4 unsigned int data_len; 0.00 120 2 __u16 mac_len; 0.00 122 2 __u16 hdr_len; 0.00 124 2 __u16 queue_mapping; 0.00 126 0 __u8[] __cloned_offset; 0.00 126 1 __u8 cloned:1; 0.00 126 1 __u8 nohdr:1; 0.00 126 1 __u8 fclone:2; 0.00 126 1 __u8 peeked:1; 0.00 126 1 __u8 head_frag:1; 0.00 126 1 __u8 pfmemalloc:1; 0.00 126 1 __u8 pp_recycle:1; 0.00 127 1 __u8 active_extensions; + 0.00 128 60 union ; 0.00 188 4 sk_buff_data_t tail; 0.00 192 4 sk_buff_data_t end; 0.00 200 8 unsigned char* head; Commiter notes: Collect some data: root@number:~# perf mem record -a --ldlat 5 -- ping -s 8193 -f 192.168.86.1 Memory events are enabled on a subset of CPUs: 16-27 PING 192.168.86.1 (192.168.86.1) 8193(8221) bytes of data. .^C --- 192.168.86.1 ping statistics --- 13881 packets transmitted, 13880 received, 0.00720409% packet loss, time 8664ms rtt min/avg/max/mdev = 0.510/0.599/7.768/0.115 ms, ipg/ewma 0.624/0.593 ms [ perf record: Woken up 8 times to write data ] [ perf record: Captured and wrote 14.877 MB perf.data (46785 samples) ] root@number:~# root@number:~# perf evlist cpu_atom/mem-loads,ldlat=5/P cpu_atom/mem-stores/P dummy:u root@number:~# perf evlist -v cpu_atom/mem-loads,ldlat=5/P: type: 10 (cpu_atom), size: 136, config: 0x5d0 (mem-loads), { sample_period, sample_freq }: 4000, sample_type: IP|TID|TIME|ADDR|CPU|PERIOD|IDENTIFIER|DATA_SRC|WEIGHT_STRUCT, read_format: ID|LOST, disabled: 1, inherit: 1, freq: 1, precise_ip: 3, sample_id_all: 1, { bp_addr, config1 }: 0x7 cpu_atom/mem-stores/P: type: 10 (cpu_atom), size: 136, config: 0x6d0 (mem-stores), { sample_period, sample_freq }: 4000, sample_type: IP|TID|TIME|ADDR|CPU|PERIOD|IDENTIFIER|DATA_SRC|WEIGHT_STRUCT, read_format: ID|LOST, disabled: 1, inherit: 1, freq: 1, precise_ip: 3, sample_id_all: 1 dummy:u: type: 1 (software), size: 136, config: 0x9 (PERF_COUNT_SW_DUMMY), { sample_period, sample_freq }: 1, sample_type: IP|TID|TIME|ADDR|CPU|IDENTIFIER|DATA_SRC|WEIGHT_STRUCT, read_format: ID|LOST, inherit: 1, exclude_kernel: 1, exclude_hv: 1, mmap: 1, comm: 1, task: 1, mmap_data: 1, sample_id_all: 1, exclude_guest: 1, mmap2: 1, comm_exec: 1, ksymbol: 1, bpf_event: 1 root@number:~# Ok, now lets see what changes from before this patch to after it: root@number:~# perf annotate --data-type > /tmp/before Apply the patch, build: root@number:~# perf annotate --data-type > /tmp/after The first hunk of the diff, for a glib data structure, in userspace, look at those bitfields: root@number:~# diff -u10 /tmp/before /tmp/after | head -20 --- /tmp/before 2024-08-20 17:29:58.306765780 -0300 +++ /tmp/after 2024-08-20 17:33:13.210582596 -0300 @@ -163,22 +163,22 @@ Annotate type: 'GHashTable' in /usr/lib64/libglib-2.0.so.0.8000.3 (1 samples): ============================================================================ Percent offset size field 100.00 0 96 GHashTable { 0.00 0 8 gsize size; 0.00 8 4 gint mod; 100.00 12 4 guint mask; 0.00 16 4 guint nnodes; 0.00 20 4 guint noccupied; - 0.00 0 4 guint have_big_keys; - 0.00 0 4 guint have_big_values; + 0.00 24 1 guint have_big_keys:1; + 0.00 24 1 guint have_big_values:1; 0.00 32 8 gpointer keys; 0.00 40 8 guint* hashes; 0.00 48 8 gpointer values; root@number:~# As advertised :-) Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240815223823.2402285-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 60db6f540af9f93144d5039140aa2ed17171d168 Author: Matthew Brost Date: Thu Aug 15 12:35:22 2024 -0700 drm/xe: Drop HW fence pointer to HW fence ctx The HW fence ctx objects are not ref counted rather tied to the life of an LRC object. HW fences reference the HW fence ctx, HW fences can outlive LRCs thus resulting in UAF. Drop the HW fence pointer to HW fence ctx rather just store what is needed directly in HW fence. v2: - Fix typo in commit (Ashutosh) - Use snprintf (Ashutosh) Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Matthew Brost Reviewed-by: Ashutosh Dixit Link: https://patchwork.freedesktop.org/patch/msgid/20240815193522.16008-1-matthew.brost@intel.com commit d5c667e049ee75e82f3233eda0d44e39e8d492cf Author: Krzysztof Kozlowski Date: Tue Aug 20 11:40:23 2024 +0200 cpuidle: riscv-sbi: Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Reviewed-by: Jonathan Cameron Signed-off-by: Krzysztof Kozlowski Reviewed-by: Anup Patel Link: https://patch.msgid.link/20240820094023.61155-2-krzysztof.kozlowski@linaro.org Signed-off-by: Rafael J. Wysocki commit a309320ddbac6b1583224fcb6bacd424bcf8637f Author: Krzysztof Kozlowski Date: Tue Aug 20 11:40:22 2024 +0200 cpuidle: riscv-sbi: Use scoped device node handling to fix missing of_node_put Two return statements in sbi_cpuidle_dt_init_states() did not drop the OF node reference count. Solve the issue and simplify entire error handling with scoped/cleanup.h. Fixes: 6abf32f1d9c5 ("cpuidle: Add RISC-V SBI CPU idle driver") Cc: All applicable Signed-off-by: Krzysztof Kozlowski Reviewed-by: Anup Patel Link: https://patch.msgid.link/20240820094023.61155-1-krzysztof.kozlowski@linaro.org Signed-off-by: Rafael J. Wysocki commit 9b59a85a84dc37ca4f2c54df5e06aff4c1eae5d3 Author: Matthew Brost Date: Tue Aug 20 12:38:08 2024 -0700 workqueue: Don't call va_start / va_end twice Calling va_start / va_end multiple times is undefined and causes problems with certain compiler / platforms. Change alloc_ordered_workqueue_lockdep_map to a macro and updated __alloc_workqueue to take a va_list argument. Cc: Sergey Senozhatsky Cc: Tejun Heo Cc: Lai Jiangshan Signed-off-by: Matthew Brost Signed-off-by: Tejun Heo commit 5bb33212b5c664396e5de4cd5a2999abb84a3978 Author: Kai-Heng Feng Date: Tue Aug 20 12:11:28 2024 +0800 intel_idle: Disable promotion to C1E on Jasper Lake and Elkhart Lake PCIe ethernet throughut is sub-optimal on Jasper Lake and Elkhart Lake. The CPU can take long time to exit to C0 to handle IRQ and perform DMA when C1E has been entered. For this reason, adjust intel_idle to disable promotion to C1E and still use C-states from ACPI _CST on those two platforms. Link: https://bugzilla.kernel.org/show_bug.cgi?id=219023 Signed-off-by: Kai-Heng Feng Link: https://patch.msgid.link/20240820041128.102452-1-kai.heng.feng@canonical.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit 1934b0c82e980df4c9503315bed4e178905cc1d8 Author: Gaosheng Cui Date: Tue Aug 13 15:11:25 2024 +0800 ARM: OMAP1: Remove unused declarations in arch/arm/mach-omap1/pm.h The omap1510_idle_loop_suspend/_sz() and omap1610_idle_loop_suspend/_sz() has been removed since commit feb72f3b313e ("ARM: OMAP1: Remove omap_sram_idle()"), so remove them. Signed-off-by: Gaosheng Cui Link: https://lore.kernel.org/r/20240813071125.1044697-1-cuigaosheng1@huawei.com Signed-off-by: Kevin Hilman commit 9ad2861b773d7da1cf3a5a04a4e8f1aa7d092bbb Author: Yipeng Zou Date: Tue Aug 20 10:45:31 2024 +0800 sched_ext: Allow dequeue_task_scx to fail Since dequeue_task() allowed to fail, there is a compile error: kernel/sched/ext.c:3630:19: error: initialization of ‘bool (*)(struct rq*, struct task_struct *, int)’ {aka ‘_Bool (*)(struct rq *, struct task_struct *, int)’} from incompatible pointer type ‘void (*)(struct rq*, struct task_struct *, int)’ 3630 | .dequeue_task = dequeue_task_scx, | ^~~~~~~~~~~~~~~~ Allow dequeue_task_scx to fail too. Fixes: 863ccdbb918a ("sched: Allow sched_class::dequeue_task() to fail") Signed-off-by: Yipeng Zou Signed-off-by: Tejun Heo commit 5ac998574f93ac042cb84b4f1d919e2b20966afe Merge: 89909296a51e79 aef6987d89544d Author: Tejun Heo Date: Tue Aug 20 08:55:03 2024 -1000 Merge branch 'tip/sched/core' into for-6.12 To receive 863ccdbb918a ("sched: Allow sched_class::dequeue_task() to fail") which makes sched_class.dequeue_task() return bool instead of void. This leads to compile breakage and will be fixed by a follow-up patch. Signed-off-by: Tejun Heo commit 3c2acae88844e7423a50b5cbe0a2c9d430fcd20c Author: Chen Ridong Date: Tue Aug 20 03:01:26 2024 +0000 cgroup/cpuset: remove use_parent_ecpus of cpuset use_parent_ecpus is used to track whether the children are using the parent's effective_cpus. When a parent's effective_cpus is changed due to changes in a child partition's effective_xcpus, any child using parent'effective_cpus must call update_cpumasks_hier. However, if a child is not a valid partition, it is sufficient to determine whether to call update_cpumasks_hier based on whether the child's effective_cpus is going to change. To make the code more succinct, it is suggested to remove use_parent_ecpus. Signed-off-by: Chen Ridong Reviewed-by: Waiman Long Signed-off-by: Tejun Heo commit 9414f68d454529ff7e68f0c2aefe0a007060c66a Author: Chen Ridong Date: Tue Aug 20 03:01:25 2024 +0000 cgroup/cpuset: remove fetch_xcpus Both fetch_xcpus and user_xcpus functions are used to retrieve the value of exclusive_cpus. If exclusive_cpus is not set, cpus_allowed is the implicit value used as exclusive in a local partition. I can not imagine a scenario where effective_xcpus is not empty when exclusive_cpus is empty. Therefore, I suggest removing the fetch_xcpus function. Signed-off-by: Chen Ridong Reviewed-by: Waiman Long Signed-off-by: Tejun Heo commit e55f45b4bafee0ef488e815aa88368444ec5c79c Author: Chen Ridong Date: Tue Aug 20 03:01:24 2024 +0000 cgroup/cpuset: Correct invalid remote parition prs When enable a remote partition, I found that: cd /sys/fs/cgroup/ mkdir test mkdir test/test1 echo +cpuset > cgroup.subtree_control echo +cpuset > test/cgroup.subtree_control echo 3 > test/test1/cpuset.cpus echo root > test/test1/cpuset.cpus.partition cat test/test1/cpuset.cpus.partition root invalid (Parent is not a partition root) The parent of a remote partition could not be a root. This is due to the emtpy effective_xcpus. It would be better to prompt the message "invalid cpu list in cpuset.cpus.exclusive". Signed-off-by: Chen Ridong Reviewed-by: Waiman Long Signed-off-by: Tejun Heo commit aaf55d12fb51d7aa64abe51e27acac1d3d1853ec Author: Frank Li Date: Tue Aug 20 14:46:03 2024 -0400 ASoC: dt-bindings: Convert tpa6130a2.txt to yaml Convert binding doc tpa6130a2.txt to yaml format. Additional change: - add ref to dai-common.yaml - add i2c node in example Fix below warning: arch/arm64/boot/dts/freescale/imx8mq-zii-ultra-rmb3.dtb: /soc@0/bus@30800000/i2c@30a20000/amp@60: failed to match any schema with compatible: ['ti,tpa6130a2'] Reviewed-by: Rob Herring (Arm) Signed-off-by: Frank Li Link: https://patch.msgid.link/20240820184604.499017-1-Frank.Li@nxp.com Signed-off-by: Mark Brown commit 2192ef5e4bd140db22c46cd35ca64731d2e4ba33 Author: Stefan Wahren Date: Mon Aug 12 22:03:56 2024 +0200 dt-bindings: interrupt-controller: convert bcm2836-l1-intc to yaml Convert the DT binding document for BCM2836 per-CPU interrupt controller from .txt to YAML. Signed-off-by: Stefan Wahren Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240812200358.4061-3-wahrenst@gmx.net Signed-off-by: Florian Fainelli commit 364ae87602c57b1960176cfb2d258df3c587e245 Author: Stefan Wahren Date: Mon Aug 12 22:03:55 2024 +0200 dt-bindings: timer: convert bcm2835-system-timer bindings to YAML Convert the DT binding document for bcm2835-system-timer from .txt to YAML. Signed-off-by: Stefan Wahren Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240812200358.4061-2-wahrenst@gmx.net Signed-off-by: Florian Fainelli commit 34f86e8500af1a89c5019297e6331fa4ccf33f6e Author: Artur Weber Date: Mon Jul 29 14:34:21 2024 +0200 ARM: dts: bcm-mobile: Split out nodes used by both BCM21664 and BCM23550 The BCM21664 is nearly identical in terms of register layout to the BCM23550. Move the shared nodes into a new file, bcm2166x-common.dtsi, and make both bcm21664.dtsi and bcm23550.dtsi include it. This new common file is based on the former bcm23550.dtsi file, and inherits its licensing. Signed-off-by: Artur Weber Link: https://lore.kernel.org/r/20240729-bcm21664-common-v2-2-ebc21a89bf63@gmail.com Signed-off-by: Florian Fainelli commit 7cff549daa67c7549c5a8688674cea2df8c2ec80 Author: KP Singh Date: Fri Aug 16 17:43:05 2024 +0200 kernel: Add helper macros for loop unrolling This helps in easily initializing blocks of code (e.g. static calls and keys). UNROLL(N, MACRO, __VA_ARGS__) calls MACRO N times with the first argument as the index of the iteration. This allows string pasting to create unique tokens for variable names, function calls etc. As an example: #include #define MACRO(N, a, b) \ int add_##N(int a, int b) \ { \ return a + b + N; \ } UNROLL(2, MACRO, x, y) expands to: int add_0(int x, int y) { return x + y + 0; } int add_1(int x, int y) { return x + y + 1; } Tested-by: Guenter Roeck Reviewed-by: Kees Cook Reviewed-by: Casey Schaufler Reviewed-by: John Johansen Acked-by: Jiri Olsa Acked-by: Song Liu Acked-by: Andrii Nakryiko Acked-by: Casey Schaufler Nacked-by: Tetsuo Handa Signed-off-by: KP Singh Signed-off-by: Paul Moore commit 77b644c39d6afc0b2985807c74d95335931f6403 Author: KP Singh Date: Fri Aug 16 17:43:04 2024 +0200 init/main.c: Initialize early LSMs after arch code, static keys and calls. With LSMs using static calls and static keys, early_lsm_init needs to wait for setup_arch for architecture specific functionality which includes jump tables and static calls to be initialized. Since not all architectures call jump_table_init in setup_arch, explicitly call both jump_table_init and static_call_init before early_security_init. This only affects "early LSMs" i.e. only lockdown when CONFIG_SECURITY_LOCKDOWN_LSM_EARLY is set. Tested-by: Guenter Roeck Signed-off-by: KP Singh Signed-off-by: Paul Moore commit e4b0b54f95fdb4b160bf91fd2703fa8b0adc0fcd Author: Fan Wu Date: Fri Aug 2 23:08:34 2024 -0700 MAINTAINERS: add IPE entry with Fan Wu as maintainer Add a MAINTAINERS entry for the Integrity Policy Enforcement (IPE) LSM. Signed-off-by: Fan Wu [PM: removed changelog, updated description per email thread] Signed-off-by: Paul Moore commit ac6731870ed943c7c6a8d4114b3ccaddfbdf7d58 Author: Deven Bowers Date: Fri Aug 2 23:08:33 2024 -0700 documentation: add IPE documentation Add IPE's admin and developer documentation to the kernel tree. Co-developed-by: Fan Wu Signed-off-by: Deven Bowers Signed-off-by: Fan Wu Signed-off-by: Paul Moore commit 10ca05a7606519c7ec6a4b48be00ef90822c36a8 Author: Deven Bowers Date: Fri Aug 2 23:08:32 2024 -0700 ipe: kunit test for parser Add various happy/unhappy unit tests for both IPE's policy parser. Besides, a test suite for IPE functionality is available at https://github.com/microsoft/ipe/tree/test-suite Signed-off-by: Deven Bowers Signed-off-by: Fan Wu Signed-off-by: Paul Moore commit ba199dc909a20fe62270ae4e93f263987bb9d119 Author: Deven Bowers Date: Fri Aug 2 23:08:31 2024 -0700 scripts: add boot policy generation program Enables an IPE policy to be enforced from kernel start, enabling access control based on trust from kernel startup. This is accomplished by transforming an IPE policy indicated by CONFIG_IPE_BOOT_POLICY into a c-string literal that is parsed at kernel startup as an unsigned policy. Signed-off-by: Deven Bowers Signed-off-by: Fan Wu Signed-off-by: Paul Moore commit 31f8c8682f30720be25e9b1021caa43c64e8d9ce Author: Fan Wu Date: Fri Aug 2 23:08:30 2024 -0700 ipe: enable support for fs-verity as a trust provider Enable IPE policy authors to indicate trust for a singular fsverity file, identified by the digest information, through "fsverity_digest" and all files using valid fsverity builtin signatures via "fsverity_signature". This enables file-level integrity claims to be expressed in IPE, allowing individual files to be authorized, giving some flexibility for policy authors. Such file-level claims are important to be expressed for enforcing the integrity of packages, as well as address some of the scalability issues in a sole dm-verity based solution (# of loop back devices, etc). This solution cannot be done in userspace as the minimum threat that IPE should mitigate is an attacker downloads malicious payload with all required dependencies. These dependencies can lack the userspace check, bypassing the protection entirely. A similar attack succeeds if the userspace component is replaced with a version that does not perform the check. As a result, this can only be done in the common entry point - the kernel. Signed-off-by: Deven Bowers Signed-off-by: Fan Wu Signed-off-by: Paul Moore commit 7c373e4f1445263728d3eeab7e33e932c8f4a288 Author: Fan Wu Date: Fri Aug 2 23:08:29 2024 -0700 fsverity: expose verified fsverity built-in signatures to LSMs This patch enhances fsverity's capabilities to support both integrity and authenticity protection by introducing the exposure of built-in signatures through a new LSM hook. This functionality allows LSMs, e.g. IPE, to enforce policies based on the authenticity and integrity of files, specifically focusing on built-in fsverity signatures. It enables a policy enforcement layer within LSMs for fsverity, offering granular control over the usage of authenticity claims. For instance, a policy could be established to only permit the execution of all files with verified built-in fsverity signatures. The introduction of a security_inode_setintegrity() hook call within fsverity's workflow ensures that the verified built-in signature of a file is exposed to LSMs. This enables LSMs to recognize and label fsverity files that contain a verified built-in fsverity signature. This hook is invoked subsequent to the fsverity_verify_signature() process, guaranteeing the signature's verification against fsverity's keyring. This mechanism is crucial for maintaining system security, as it operates in kernel space, effectively thwarting attempts by malicious binaries to bypass user space stack interactions. The second to last commit in this patch set will add a link to the IPE documentation in fsverity.rst. Signed-off-by: Deven Bowers Signed-off-by: Fan Wu Acked-by: Eric Biggers Signed-off-by: Paul Moore commit fb55e177d5936fb80fb2586036d195c57e7f6892 Author: Fan Wu Date: Fri Aug 2 23:08:28 2024 -0700 lsm: add security_inode_setintegrity() hook This patch introduces a new hook to save inode's integrity data. For example, for fsverity enabled files, LSMs can use this hook to save the existence of verified fsverity builtin signature into the inode's security blob, and LSMs can make access decisions based on this data. Signed-off-by: Fan Wu [PM: subject line tweak, removed changelog] Signed-off-by: Paul Moore commit e155858dd99523d4afe0f74e9c26e4f4499eb5af Author: Deven Bowers Date: Fri Aug 2 23:08:27 2024 -0700 ipe: add support for dm-verity as a trust provider Allows author of IPE policy to indicate trust for a singular dm-verity volume, identified by roothash, through "dmverity_roothash" and all signed and validated dm-verity volumes, through "dmverity_signature". Signed-off-by: Deven Bowers Signed-off-by: Fan Wu [PM: fixed some line length issues in the comments] Signed-off-by: Paul Moore commit a6af7bc3d72ff52c5526a392144347fcb3094149 Author: Deven Bowers Date: Fri Aug 2 23:08:26 2024 -0700 dm-verity: expose root hash digest and signature data to LSMs dm-verity provides a strong guarantee of a block device's integrity. As a generic way to check the integrity of a block device, it provides those integrity guarantees to its higher layers, including the filesystem level. However, critical security metadata like the dm-verity roothash and its signing information are not easily accessible to the LSMs. To address this limitation, this patch introduces a mechanism to store and manage these essential security details within a newly added LSM blob in the block_device structure. This addition allows LSMs to make access control decisions on the integrity data stored within the block_device, enabling more flexible security policies. For instance, LSMs can now revoke access to dm-verity devices based on their roothashes, ensuring that only authorized and verified content is accessible. Additionally, LSMs can enforce policies to only allow files from dm-verity devices that have a valid digital signature to execute, effectively blocking any unsigned files from execution, thus enhancing security against unauthorized modifications. The patch includes new hook calls, `security_bdev_setintegrity()`, in dm-verity to expose the dm-verity roothash and the roothash signature to LSMs via preresume() callback. By using the preresume() callback, it ensures that the security metadata is consistently in sync with the metadata of the dm-verity target in the current active mapping table. The hook calls are depended on CONFIG_SECURITY. Signed-off-by: Deven Bowers Signed-off-by: Fan Wu Reviewed-by: Mikulas Patocka [PM: moved sig_size field as discussed] Signed-off-by: Paul Moore commit b55d26bd1891423a3cdccf816b386aec8bbefc87 Author: Deven Bowers Date: Fri Aug 2 23:08:25 2024 -0700 block,lsm: add LSM blob and new LSM hooks for block devices This patch introduces a new LSM blob to the block_device structure, enabling the security subsystem to store security-sensitive data related to block devices. Currently, for a device mapper's mapped device containing a dm-verity target, critical security information such as the roothash and its signing state are not readily accessible. Specifically, while the dm-verity volume creation process passes the dm-verity roothash and its signature from userspace to the kernel, the roothash is stored privately within the dm-verity target, and its signature is discarded post-verification. This makes it extremely hard for the security subsystem to utilize these data. With the addition of the LSM blob to the block_device structure, the security subsystem can now retain and manage important security metadata such as the roothash and the signing state of a dm-verity by storing them inside the blob. Access decisions can then be based on these stored data. The implementation follows the same approach used for security blobs in other structures like struct file, struct inode, and struct superblock. The initialization of the security blob occurs after the creation of the struct block_device, performed by the security subsystem. Similarly, the security blob is freed by the security subsystem before the struct block_device is deallocated or freed. This patch also introduces a new hook security_bdev_setintegrity() to save block device's integrity data to the new LSM blob. For example, for dm-verity, it can use this hook to expose its roothash and signing state to LSMs, then LSMs can save these data into the LSM blob. Please note that the new hook should be invoked every time the security information is updated to keep these data current. For example, in dm-verity, if the mapping table is reloaded and configured to use a different dm-verity target with a new roothash and signing information, the previously stored data in the LSM blob will become obsolete. It is crucial to re-invoke the hook to refresh these data and ensure they are up to date. This necessity arises from the design of device-mapper, where a device-mapper device is first created, and then targets are subsequently loaded into it. These targets can be modified multiple times during the device's lifetime. Therefore, while the LSM blob is allocated during the creation of the block device, its actual contents are not initialized at this stage and can change substantially over time. This includes alterations from data that the LSM 'trusts' to those it does not, making it essential to handle these changes correctly. Failure to address this dynamic aspect could potentially allow for bypassing LSM checks. Signed-off-by: Deven Bowers Signed-off-by: Fan Wu [PM: merge fuzz, subject line tweaks] Signed-off-by: Paul Moore commit a68916eaedcd01f254ac4c09ca12b5065d710fd0 Author: Deven Bowers Date: Fri Aug 2 23:08:24 2024 -0700 ipe: add permissive toggle IPE, like SELinux, supports a permissive mode. This mode allows policy authors to test and evaluate IPE policy without it affecting their programs. When the mode is changed, a 1404 AUDIT_MAC_STATUS will be reported. This patch adds the following audit records: audit: MAC_STATUS enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=ipe res=1 audit: MAC_STATUS enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=ipe res=1 The audit record only emit when the value from the user input is different from the current enforce value. Signed-off-by: Deven Bowers Signed-off-by: Fan Wu Signed-off-by: Paul Moore commit f44554b5067b36c14cc91ed811fa1bd58baed34a Author: Deven Bowers Date: Fri Aug 2 23:08:23 2024 -0700 audit,ipe: add IPE auditing support Users of IPE require a way to identify when and why an operation fails, allowing them to both respond to violations of policy and be notified of potentially malicious actions on their systems with respect to IPE itself. This patch introduces 3 new audit events. AUDIT_IPE_ACCESS(1420) indicates the result of an IPE policy evaluation of a resource. AUDIT_IPE_CONFIG_CHANGE(1421) indicates the current active IPE policy has been changed to another loaded policy. AUDIT_IPE_POLICY_LOAD(1422) indicates a new IPE policy has been loaded into the kernel. This patch also adds support for success auditing, allowing users to identify why an allow decision was made for a resource. However, it is recommended to use this option with caution, as it is quite noisy. Here are some examples of the new audit record types: AUDIT_IPE_ACCESS(1420): audit: AUDIT1420 ipe_op=EXECUTE ipe_hook=BPRM_CHECK enforcing=1 pid=297 comm="sh" path="/root/vol/bin/hello" dev="tmpfs" ino=3897 rule="op=EXECUTE boot_verified=TRUE action=ALLOW" audit: AUDIT1420 ipe_op=EXECUTE ipe_hook=BPRM_CHECK enforcing=1 pid=299 comm="sh" path="/mnt/ipe/bin/hello" dev="dm-0" ino=2 rule="DEFAULT action=DENY" audit: AUDIT1420 ipe_op=EXECUTE ipe_hook=BPRM_CHECK enforcing=1 pid=300 path="/tmp/tmpdp2h1lub/deny/bin/hello" dev="tmpfs" ino=131 rule="DEFAULT action=DENY" The above three records were generated when the active IPE policy only allows binaries from the initramfs to run. The three identical `hello` binary were placed at different locations, only the first hello from the rootfs(initramfs) was allowed. Field ipe_op followed by the IPE operation name associated with the log. Field ipe_hook followed by the name of the LSM hook that triggered the IPE event. Field enforcing followed by the enforcement state of IPE. (it will be introduced in the next commit) Field pid followed by the pid of the process that triggered the IPE event. Field comm followed by the command line program name of the process that triggered the IPE event. Field path followed by the file's path name. Field dev followed by the device name as found in /dev where the file is from. Note that for device mappers it will use the name `dm-X` instead of the name in /dev/mapper. For a file in a temp file system, which is not from a device, it will use `tmpfs` for the field. The implementation of this part is following another existing use case LSM_AUDIT_DATA_INODE in security/lsm_audit.c Field ino followed by the file's inode number. Field rule followed by the IPE rule made the access decision. The whole rule must be audited because the decision is based on the combination of all property conditions in the rule. Along with the syscall audit event, user can know why a blocked happened. For example: audit: AUDIT1420 ipe_op=EXECUTE ipe_hook=BPRM_CHECK enforcing=1 pid=2138 comm="bash" path="/mnt/ipe/bin/hello" dev="dm-0" ino=2 rule="DEFAULT action=DENY" audit[1956]: SYSCALL arch=c000003e syscall=59 success=no exit=-13 a0=556790138df0 a1=556790135390 a2=5567901338b0 a3=ab2a41a67f4f1f4e items=1 ppid=147 pid=1956 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4294967295 comm="bash" exe="/usr/bin/bash" key=(null) The above two records showed bash used execve to run "hello" and got blocked by IPE. Note that the IPE records are always prior to a SYSCALL record. AUDIT_IPE_CONFIG_CHANGE(1421): audit: AUDIT1421 old_active_pol_name="Allow_All" old_active_pol_version=0.0.0 old_policy_digest=sha256:E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649 new_active_pol_name="boot_verified" new_active_pol_version=0.0.0 new_policy_digest=sha256:820EEA5B40CA42B51F68962354BA083122A20BB846F auid=4294967295 ses=4294967295 lsm=ipe res=1 The above record showed the current IPE active policy switch from `Allow_All` to `boot_verified` along with the version and the hash digest of the two policies. Note IPE can only have one policy active at a time, all access decision evaluation is based on the current active policy. The normal procedure to deploy a policy is loading the policy to deploy into the kernel first, then switch the active policy to it. AUDIT_IPE_POLICY_LOAD(1422): audit: AUDIT1422 policy_name="boot_verified" policy_version=0.0.0 policy_digest=sha256:820EEA5B40CA42B51F68962354BA083122A20BB846F2676 auid=4294967295 ses=4294967295 lsm=ipe res=1 The above record showed a new policy has been loaded into the kernel with the policy name, policy version and policy hash. Signed-off-by: Deven Bowers Signed-off-by: Fan Wu [PM: subject line tweak] Signed-off-by: Paul Moore commit 2261306f4a3cea362fc40285e750a801dc0cfbe3 Author: Deven Bowers Date: Fri Aug 2 23:08:22 2024 -0700 ipe: add userspace interface As is typical with LSMs, IPE uses securityfs as its interface with userspace. for a complete list of the interfaces and the respective inputs/outputs, please see the documentation under admin-guide/LSM/ipe.rst Signed-off-by: Deven Bowers Signed-off-by: Fan Wu Signed-off-by: Paul Moore commit 7138679ff2a2b1674f16618558d6cabea6ab2c53 Author: Fan Wu Date: Fri Aug 2 23:08:21 2024 -0700 lsm: add new securityfs delete function When deleting a directory in the security file system, the existing securityfs_remove requires the directory to be empty, otherwise it will do nothing. This leads to a potential risk that the security file system might be in an unclean state when the intended deletion did not happen. This commit introduces a new function securityfs_recursive_remove to recursively delete a directory without leaving an unclean state. Co-developed-by: Christian Brauner (Microsoft) Signed-off-by: Fan Wu [PM: subject line tweak] Signed-off-by: Paul Moore commit a8a74df150835f5ceff89d40fadda1cf3961fdae Author: Fan Wu Date: Fri Aug 2 23:08:20 2024 -0700 ipe: introduce 'boot_verified' as a trust provider IPE is designed to provide system level trust guarantees, this usually implies that trust starts from bootup with a hardware root of trust, which validates the bootloader. After this, the bootloader verifies the kernel and the initramfs. As there's no currently supported integrity method for initramfs, and it's typically already verified by the bootloader. This patch introduces a new IPE property `boot_verified` which allows author of IPE policy to indicate trust for files from initramfs. The implementation of this feature utilizes the newly added `initramfs_populated` hook. This hook marks the superblock of the rootfs after the initramfs has been unpacked into it. Before mounting the real rootfs on top of the initramfs, initramfs script will recursively remove all files and directories on the initramfs. This is typically implemented by using switch_root(8) (https://man7.org/linux/man-pages/man8/switch_root.8.html). Therefore the initramfs will be empty and not accessible after the real rootfs takes over. It is advised to switch to a different policy that doesn't rely on the `boot_verified` property after this point. This ensures that the trust policies remain relevant and effective throughout the system's operation. Signed-off-by: Deven Bowers Signed-off-by: Fan Wu Signed-off-by: Paul Moore commit 2fea0c26b82f304f43b3905e56d954cf98a6d0e9 Author: Fan Wu Date: Fri Aug 2 23:08:19 2024 -0700 initramfs,lsm: add a security hook to do_populate_rootfs() This patch introduces a new hook to notify security system that the content of initramfs has been unpacked into the rootfs. Upon receiving this notification, the security system can activate a policy to allow only files that originated from the initramfs to execute or load into kernel during the early stages of booting. This approach is crucial for minimizing the attack surface by ensuring that only trusted files from the initramfs are operational in the critical boot phase. Signed-off-by: Fan Wu [PM: subject line tweak] Signed-off-by: Paul Moore commit 52443cb60c356707df494910fa134bbb0a8b1a66 Author: Deven Bowers Date: Fri Aug 2 23:08:18 2024 -0700 ipe: add LSM hooks on execution and kernel read IPE's initial goal is to control both execution and the loading of kernel modules based on the system's definition of trust. It accomplishes this by plugging into the security hooks for bprm_check_security, file_mprotect, mmap_file, kernel_load_data, and kernel_read_data. Signed-off-by: Deven Bowers Signed-off-by: Fan Wu Signed-off-by: Paul Moore commit 05a351630b7463ce58668095f5683669c1295f65 Author: Deven Bowers Date: Fri Aug 2 23:08:17 2024 -0700 ipe: add evaluation loop Introduce a core evaluation function in IPE that will be triggered by various security hooks (e.g., mmap, bprm_check, kexec). This function systematically assesses actions against the defined IPE policy, by iterating over rules specific to the action being taken. This critical addition enables IPE to enforce its security policies effectively, ensuring that actions intercepted by these hooks are scrutinized for policy compliance before they are allowed to proceed. Signed-off-by: Deven Bowers Signed-off-by: Fan Wu Reviewed-by: Serge Hallyn Signed-off-by: Paul Moore commit 54a88cd259204f80672393602501567c74d64106 Author: Deven Bowers Date: Fri Aug 2 23:08:16 2024 -0700 ipe: add policy parser IPE's interpretation of the what the user trusts is accomplished through its policy. IPE's design is to not provide support for a single trust provider, but to support multiple providers to enable the end-user to choose the best one to seek their needs. This requires the policy to be rather flexible and modular so that integrity providers, like fs-verity, dm-verity, or some other system, can plug into the policy with minimal code changes. Signed-off-by: Deven Bowers Signed-off-by: Fan Wu [PM: added NULL check in parse_rule() as discussed] Signed-off-by: Paul Moore commit df2dbc925fad3274b952b865f85d26d1e056c1cc Author: Stuart Summers Date: Sat Aug 17 02:47:32 2024 +0000 drm/xe/guc: Bump the G2H queue size to account for page faults With the increase in the size of the recoverable page fault queue, we want to ensure the initial messages from GuC in the G2H buffer have space while we transfer those out to the actual pf_queue. Bump the G2H queue size to account for this increase in the pf_queue size. Reviewed-by: Matthew Brost Signed-off-by: Stuart Summers Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/4c2b6974801bcffd8a010d838c8733fa4092573d.1723862633.git.stuart.summers@intel.com commit 3338e4f90c143cf32f77d64f464cb7f2c2d24700 Author: Stuart Summers Date: Sat Aug 17 02:47:31 2024 +0000 drm/xe: Use topology to determine page fault queue size Currently the page fault queue size is hard coded. However the hardware supports faulting for each EU and each CS. For some applications running on hardware with a large number of EUs and CSs, this can result in an overflow of the page fault queue. Add a small calculation to determine the page fault queue size based on the number of EUs and CSs in the platform as detmined by fuses. Signed-off-by: Stuart Summers Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/24d582a3b48c97793b8b6a402f34b4b469471636.1723862633.git.stuart.summers@intel.com commit 7586fc52b14e0b8edd0d1f8a434e0de2078b7b2b Author: Stuart Summers Date: Sat Aug 17 02:47:30 2024 +0000 drm/xe: Fix missing workqueue destroy in xe_gt_pagefault On driver reload we never free up the memory for the pagefault and access counter workqueues. Add those destroy calls here. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Stuart Summers Reviewed-by: Rodrigo Vivi Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/c9a951505271dc3a7aee76de7656679f69c11518.1723862633.git.stuart.summers@intel.com commit 009ff80bfaec1aa3fa48bbe5e2903c95931a6f37 Author: Xianwei Zhao Date: Fri Jul 19 16:08:10 2024 +0800 soc: amlogic: meson-gx-socinfo: add new SoCs id Add new definition for Amlogi SoCs, include S4, C3, T7, A4, A5. Reviewed-by: Neil Armstrong Signed-off-by: Xianwei Zhao Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240719-soc_info-v3-2-020a3b687c0c@amlogic.com Signed-off-by: Neil Armstrong commit dde3c64013035c9d6f0a5d0fd894a7a7e03c79ea Author: Xianwei Zhao Date: Fri Jul 19 16:08:09 2024 +0800 dt-bindings: arm: amlogic: meson-gx-ao-secure: support more SoCs Add new compatible for ao-secure of Amlogic SoCs(S4,C3,T7,A4). Acked-by: Conor Dooley Signed-off-by: Xianwei Zhao Link: https://lore.kernel.org/r/20240719-soc_info-v3-1-020a3b687c0c@amlogic.com Signed-off-by: Neil Armstrong commit b2d7fd0ecb292e77a2d04cb6836c909cb6b6655b Author: Xianwei Zhao Date: Fri Jul 19 16:08:14 2024 +0800 arm64: dts: amlogic: a4: add ao secure node Add node for board info registers, which allows getting SoC family and board revision. For example, with MESON_GX_SOCINFO config enabled we can get the following information for board with Amlogic A4 SoC: soc soc0: Amlogic A4 (A113L2) Revision 40:b (1:1) Detected. Signed-off-by: Xianwei Zhao Reviewed-by: Neil Armstrong Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240719-soc_info-v3-6-020a3b687c0c@amlogic.com Signed-off-by: Neil Armstrong commit 4c23177c51884f5307e67875b1dc87d98543be7a Author: Xianwei Zhao Date: Fri Jul 19 16:08:13 2024 +0800 arm64: dts: amlogic: t7: add ao secure node Add node for board info registers, which allows getting SoC family and board revision. For example, with MESON_GX_SOCINFO config enabled we can get the following information for board with Amlogic T7 SoC: soc soc0: Amlogic T7 (A311D2) Revision 36:c (1:1) Detected. Signed-off-by: Xianwei Zhao Reviewed-by: Neil Armstrong Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240719-soc_info-v3-5-020a3b687c0c@amlogic.com Signed-off-by: Neil Armstrong commit 84ed73ee34d152032633e540f159c482ede4c10b Author: Xianwei Zhao Date: Fri Jul 19 16:08:12 2024 +0800 arm64: dts: amlogic: c3: add ao secure node Add node for board info registers, which allows getting SoC family and board revision. For example, with MESON_GX_SOCINFO config enabled we can get the following information for board with Amlogic C3 SoC: soc soc0: Amlogic C3 (C308L) Revision 3d:a (1:1) Detected Signed-off-by: Xianwei Zhao Reviewed-by: Neil Armstrong Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240719-soc_info-v3-4-020a3b687c0c@amlogic.com Signed-off-by: Neil Armstrong commit 4b26afe7d216183bcb2b1aa2c0096cafdf7a9ea2 Author: Xianwei Zhao Date: Fri Jul 19 16:08:11 2024 +0800 arm64: dts: amlogic: s4: add ao secure node Add node for board info registers, which allows getting SoC family and board revision. For example, with MESON_GX_SOCINFO config enabled we can get the following information for board with Amlogic S4 SoC: soc soc0: Amlogic S4 (S805X2) Revision 37:a (2:1) Detecte Signed-off-by: Xianwei Zhao Reviewed-by: Neil Armstrong Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240719-soc_info-v3-3-020a3b687c0c@amlogic.com Signed-off-by: Neil Armstrong commit 48635ba6f7a15313675d71580ce1015e08e26d97 Author: Huqiang Qin Date: Tue Jul 9 16:48:26 2024 +0800 arm64: dts: amlogic: add watchdog node for A4 SoCs Add watchdog device. Signed-off-by: Huqiang Qin Signed-off-by: Xianwei Zhao Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240709-a4-a5_watchdog-v1-2-2ae852e05ec2@amlogic.com Signed-off-by: Neil Armstrong commit 3ab9d54b5d8472c7a2eb28f3dd9610740fb8f0c1 Author: Xianwei Zhao Date: Tue Jul 9 17:32:03 2024 +0800 arm64: dts: amlogic: enable some device nodes for S4 Enable more device nodes for AQ222 base S4, including SD, regulator and ethnernet node. Reviewed-by: Neil Armstrong Signed-off-by: Xianwei Zhao Link: https://lore.kernel.org/r/20240709-s4_node-v2-1-b9a218603c31@amlogic.com Signed-off-by: Neil Armstrong commit d08c561325ba11c1ee42ab191c78f56d5d42af9f Author: Xianwei Zhao Date: Thu Jun 27 19:47:53 2024 +0800 arm64: dts: amlogic: a5: add power domain controller node Add power domain controller node for Amlogic A5 SoC. Signed-off-by: Hongyu Chen Signed-off-by: Xianwei Zhao Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240627-a5_secpower-v1-3-1f47dde1270c@amlogic.com Signed-off-by: Neil Armstrong commit 0b3af7591dbfd16ca45740cd90eb34be8b9a7175 Author: Huacai Chen Date: Thu Aug 15 19:26:07 2024 +0800 irqchip/loongson-pch-msi: Switch to MSI parent domains Remove the global PCI/MSI irqdomain implementation and provide the required MSI parent functionality by filling in msi_parent_ops, so the PCI/MSI code can detect the new parent and setup per-device MSI domains. Signed-off-by: Huacai Chen Signed-off-by: Tianyang Zhang Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240815112608.26925-2-zhangtianyang@loongson.cn commit e68ac2b488495fa4d127d6105ce633849859957a Author: Caleb Sander Mateos Date: Thu Aug 15 11:15:40 2024 -0600 softirq: Remove unused 'action' parameter from action callback When soft interrupt actions are called, they are passed a pointer to the struct softirq action which contains the action's function pointer. This pointer isn't useful, as the action callback already knows what function it is. And since each callback handles a specific soft interrupt, the callback also knows which soft interrupt number is running. No soft interrupt action callback actually uses this parameter, so remove it from the function pointer signature. This clarifies that soft interrupt actions are global routines and makes it slightly cheaper to call them. Signed-off-by: Caleb Sander Mateos Signed-off-by: Thomas Gleixner Reviewed-by: Jens Axboe Link: https://lore.kernel.org/all/20240815171549.3260003-1-csander@purestorage.com commit 24d02c4e53e2f02da16b2ae8a1bc92553110ca25 Author: Matti Vaittinen Date: Tue Aug 13 14:34:27 2024 +0300 irqdomain: Always associate interrupts for legacy domains The unification of irq_domain_create_legacy() missed the fact that interrupts must be associated even when the Linux interrupt number provided in the first_irq argument is 0. This breaks all call sites of irq_domain_create_legacy() which supply 0 as the first_irq argument. Enforce the association for legacy domains in __irq_domain_instantiate() to cure this. [ tglx: Massaged it slightly. ] Fixes: 70114e7f7585 ("irqdomain: Simplify simple and legacy domain creation") Reported-by: Jiaxun Yang Signed-off-by Matti Vaittinen Signed-off-by: Thomas Gleixner Tested-by: Jiaxun Yang Link: https://lore.kernel.org/all/c3379142-10bc-4f14-b8ac-a46927aeac38@gmail.com commit 61824feae5c07987f70519b1235e50baa138b3c2 Author: Sudeep Holla Date: Tue Aug 20 15:28:00 2024 +0100 firmware: arm_ffa: Fetch the Rx/Tx buffer size using ffa_features() An endpoint can discover the minimum size, maximum size and alignment boundary for the Rx/Tx buffers by passing the function ID of the FFA_RXTX_MAP ABI as input in the FFA_FEATURES interface. The maximum size is an optional field and a value of 0 means that the partition manager or the hypervisor does not enforce a maximum size. Use the discovery mechanism and remove the hardcoded 4kB buffer size. If the discovery fails, it still defaults to 4kB. Message-Id: <20240820-ffa_v1-2-v2-7-18c0c5f3c65e@arm.com> Signed-off-by: Sudeep Holla commit eaca7ef8f31a9040021683d381ddb83eb6fd7774 Author: Sudeep Holla Date: Tue Aug 20 15:27:59 2024 +0100 firmware: arm_ffa: Add support for FFA_YIELD in direct messaging Successful completion of both direct messaging function can be indicated through an invocation of FFA_YIELD or GGA_INTERRUPT by the callee. FFA_INTERRUPT indicates that the direct request was interrupted and must be resumed through the FFA_RUN interface which is already done in the driver. FFA_YIELD indicates that the receiver endpoint has transitioned to the blocked runtime state and must be resumed through the FFA_RUN interface. However, the way receiver endpoint gets unblocked is implementation defined. So, the driver just sleeps for 1 - 2ms and issues FFA_RUN. It can return to the caller with FFA_YIELD is the receiver endpoint is still blocked. Message-Id: <20240820-ffa_v1-2-v2-6-18c0c5f3c65e@arm.com> Signed-off-by: Sudeep Holla commit aaef3bc98129c86078b336f16788dd733b0728a4 Author: Sudeep Holla Date: Tue Aug 20 15:27:58 2024 +0100 firmware: arm_ffa: Add support for FFA_MSG_SEND_DIRECT_{REQ,RESP}2 FFA_MSG_SEND_DIRECT_{REQ,RESP} supported only x3-x7 to pass implementation defined values as part of the message. This may not be sufficient sometimes and also it would be good to use all the registers supported by SMCCC v1.2 (x0-x17) for such register based communication. Also another limitation with the FFA_MSG_SEND_DIRECT_{REQ,RESP} is the ability to target a specific service within the partition based on it's UUID. In order to address both of the above limitation, FF-A v1.2 introduced FFA_MSG_SEND_DIRECT_{REQ,RESP}2 which has the ability to target the message to a specific service based on its UUID within a partition as well as utilise all the available registers(x4-x17 specifically) for the communication. This change adds support for FFA_MSG_SEND_DIRECT_REQ2 and FFA_MSG_SEND_DIRECT_RESP2. Message-Id: <20240820-ffa_v1-2-v2-5-18c0c5f3c65e@arm.com> Signed-off-by: Sudeep Holla commit ba85c644ac8dc37d9b01a3332c2f142cb4d46954 Author: Sudeep Holla Date: Tue Aug 20 15:27:57 2024 +0100 firmware: arm_ffa: Add support for FFA_PARTITION_INFO_GET_REGS FF-A v1.2 introduced FFA_PARTITION_INFO_GET_REGS which is similar to FFA_PARTITION_INFO_GET except that the former uses the registers to get the required information instead of the Rx buffer which the latter uses. We need to first check if the platform supports this new API using FFA_FEATURES so that we can fallback to the FFA_PARTITION_INFO_GET (which is mandatory) if FFA_PARTITION_INFO_GET_REGS is not implemented. Message-Id: <20240820-ffa_v1-2-v2-4-18c0c5f3c65e@arm.com> Signed-off-by: Sudeep Holla commit d37fff98262ddca6b6ef3b63f378136c04067c64 Author: Sudeep Holla Date: Tue Aug 20 15:27:56 2024 +0100 firmware: arm_ffa: Move the function ffa_features() earlier We need to use ffa_features() in ffa_partition_probe() to detect if the newer FFA_PARTITION_INFO_GET_REGS API is supported in the platform or not. To avoid unnecessary forward declaration within the file, let us just move this ffa_features() earlier. No funtional change. Message-Id: <20240820-ffa_v1-2-v2-3-18c0c5f3c65e@arm.com> Signed-off-by: Sudeep Holla commit 7c432a18ad216b4f7b08e93287586d60e12a3b7b Author: Sudeep Holla Date: Tue Aug 20 15:27:55 2024 +0100 firmware: arm_ffa: Update the FF-A command list with v1.2 additions Arm Firmware Framework for A-profile(FFA) v1.2 introduces register based discovery mechanism and direct messaging extensions that enables to target specific UUID within a partition. Let us add all the newly supported FF-A function IDs in the spec. Also update to the error values and associated handling. Message-Id: <20240820-ffa_v1-2-v2-2-18c0c5f3c65e@arm.com> Signed-off-by: Sudeep Holla commit fbbb0e5fd260dbc54df519b6d8e5b970274e9582 Author: Sudeep Holla Date: Tue Aug 20 15:27:54 2024 +0100 firmware: arm_ffa: Some coding style fixes These changes fixes a set of below coding style issues: 1. spaces required around that '=' (ctx:VxW) 2. possible unnecessary 'out of memory' message 3. unnecessary for single statement blocks Message-Id: <20240820-ffa_v1-2-v2-1-18c0c5f3c65e@arm.com> Signed-off-by: Sudeep Holla commit 8eea417b5748025d50fd537b224eb7be08e09dfb Author: Shyam Sundar S K Date: Mon Aug 12 20:10:18 2024 +0530 ACPI: APD: Add AMDI0015 as platform device Add AMDI0015 to the ACPI APD support list to ensure correct clock settings for the I3C device on the latest AMD platforms. Co-developed-by: Sanket Goswami Signed-off-by: Sanket Goswami Signed-off-by: Shyam Sundar S K Reviewed-by: Andy Shevchenko Link: https://patch.msgid.link/20240812144018.360847-1-Shyam-sundar.S-k@amd.com [ rjw: Added missing tag ] Signed-off-by: Rafael J. Wysocki commit 6cb9df81a2c462b89d2f9611009ab43ae8717841 Author: Julian Sun Date: Tue Aug 20 11:31:48 2024 +0800 gfs2: fix double destroy_workqueue error When gfs2_fill_super() fails, destroy_workqueue() is called within gfs2_gl_hash_clear(), and the subsequent code path calls destroy_workqueue() on the same work queue again. This issue can be fixed by setting the work queue pointer to NULL after the first destroy_workqueue() call and checking for a NULL pointer before attempting to destroy the work queue again. Reported-by: syzbot+d34c2a269ed512c531b0@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=d34c2a269ed512c531b0 Fixes: 30e388d57367 ("gfs2: Switch to a per-filesystem glock workqueue") Cc: stable@vger.kernel.org Signed-off-by: Julian Sun Signed-off-by: Andreas Gruenbacher commit 1004f34d4f4a59aa5508c3b96069759efa738544 Author: Vijendar Mukunda Date: Mon Aug 19 11:43:29 2024 +0530 ASoC: amd: acp: replace desc->rev check with acp pci revision id Replace acp descriptor structure member 'rev' check with acp pci revision id. Signed-off-by: Vijendar Mukunda Link: https://patch.msgid.link/20240819061329.1025189-1-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 2c9abde40389759c095960fdc25c0b6d38a19ac5 Merge: 5f83ee4b1f0c04 a42db293e5983a Author: Mark Brown Date: Tue Aug 20 15:23:08 2024 +0100 ASoC: Merge up fixes Merge branch 'for-6.11' of https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into asoc-6.12 for some AMD work. commit 4117efd5c9ecd9d1d531f85967df7a394d783cf2 Author: Andreas Gruenbacher Date: Mon Aug 19 13:32:44 2024 +0200 gfs2: Minor gfs2_glock_cb cleanup In gfs2_glock_cb(), we only need to calculate the glock hold time for inode glocks; the value is unused otherwise. Signed-off-by: Andreas Gruenbacher commit 988d40a4d4e7d671305bea501562a5d1a1d479fa Author: James Clark Date: Mon Jul 22 11:11:59 2024 +0100 coresight: Make trace ID map spinlock local to the map Reduce contention on the lock by replacing the global lock with one for each map. Signed-off-by: James Clark Reviewed-by: Mike Leach Signed-off-by: James Clark Signed-off-by: Suzuki K Poulose Link: https://lore.kernel.org/r/20240722101202.26915-18-james.clark@linaro.org commit 487eec8da80aef16229d30429f1b26090b1bf0eb Author: James Clark Date: Mon Jul 22 11:11:58 2024 +0100 coresight: Emit sink ID in the HW_ID packets For Perf to be able to decode when per-sink trace IDs are used, emit the sink that's being written to for each ETM. Perf currently errors out if it sees a newer packet version so instead of bumping it, add a new minor version field. This can be used to signify new versions that have backwards compatible fields. Considering this change is only for high core count machines, it doesn't make sense to make a breaking change for everyone. Signed-off-by: James Clark Tested-by: Leo Yan Reviewed-by: Mike Leach Signed-off-by: James Clark Signed-off-by: Suzuki K Poulose Link: https://lore.kernel.org/r/20240722101202.26915-17-james.clark@linaro.org commit de0029fdde86092c75472c92e56a962f4edee0f6 Author: James Clark Date: Mon Jul 22 11:11:57 2024 +0100 coresight: Remove pending trace ID release mechanism Pending the release of IDs was a way of managing concurrent sysfs and Perf sessions in a single global ID map. Perf may have finished while sysfs hadn't, and Perf shouldn't release the IDs in use by sysfs and vice versa. Now that Perf uses its own exclusive ID maps, pending release doesn't result in any different behavior than just releasing all IDs when the last Perf session finishes. As part of the per-sink trace ID change, we would have still had to make the pending mechanism work on a per-sink basis, due to the overlapping ID allocations, so instead of making that more complicated, just remove it. Signed-off-by: James Clark Reviewed-by: Mike Leach Signed-off-by: James Clark Signed-off-by: Suzuki K Poulose Link: https://lore.kernel.org/r/20240722101202.26915-16-james.clark@linaro.org commit 5ad628a7617607baac53745f8025638b967470a2 Author: James Clark Date: Mon Jul 22 11:11:56 2024 +0100 coresight: Use per-sink trace ID maps for Perf sessions This will allow sessions with more than CORESIGHT_TRACE_IDS_MAX ETMs as long as there are fewer than that many ETMs connected to each sink. Each sink owns its own trace ID map, and any Perf session connecting to that sink will allocate from it, even if the sink is currently in use by other users. This is similar to the existing behavior where the dynamic trace IDs are constant as long as there is any concurrent Perf session active. It's not completely optimal because slightly more IDs will be used than necessary, but the optimal solution involves tracking the PIDs of each session and allocating ID maps based on the session owner. This is difficult to do with the combination of per-thread and per-cpu modes and some scheduling issues. The complexity of this isn't likely to worth it because even with multiple users they'd just see a difference in the ordering of ID allocations rather than hitting any limits (unless the hardware does have too many ETMs connected to one sink). Signed-off-by: James Clark Reviewed-by: Mike Leach Signed-off-by: James Clark Signed-off-by: Suzuki K Poulose Link: https://lore.kernel.org/r/20240722101202.26915-15-james.clark@linaro.org commit d53c8253c7822fbc524adcd950e7c6de6a229c99 Author: James Clark Date: Mon Jul 22 11:11:55 2024 +0100 coresight: Make CPU id map a property of a trace ID map The global CPU ID mappings won't work for per-sink ID maps so move it to the ID map struct. coresight_trace_id_release_all_pending() is hard coded to operate on the default map, but once Perf sessions use their own maps the pending release mechanism will be deleted. So it doesn't need to be extended to accept a trace ID map argument at this point. Signed-off-by: James Clark Reviewed-by: Mike Leach Tested-by: Leo Yan Signed-off-by: James Clark Signed-off-by: Suzuki K Poulose Link: https://lore.kernel.org/r/20240722101202.26915-14-james.clark@linaro.org commit 7e52877868ae2546ead8ba07cdf1d3e4c9e931f7 Author: James Clark Date: Mon Jul 22 11:11:54 2024 +0100 coresight: Expose map arguments in trace ID API The trace ID API is currently hard coded to always use the global map. Add public versions that allow the map to be passed in so that Perf mode can use per-sink maps. Keep the non-map versions so that sysfs mode can continue to use the default global map. System ID functions are unchanged because they will always use the default map. Signed-off-by: James Clark Reviewed-by: Mike Leach Tested-by: Leo Yan Signed-off-by: James Clark Signed-off-by: Suzuki K Poulose Link: https://lore.kernel.org/r/20240722101202.26915-13-james.clark@linaro.org commit acb0184fe9bca3bb7103dadc76ba9d38c969ca86 Author: James Clark Date: Mon Jul 22 11:11:53 2024 +0100 coresight: Move struct coresight_trace_id_map to common header The trace ID maps will need to be created and stored by the core and Perf code so move the definition up to the common header. Reviewed-by: Anshuman Khandual Reviewed-by: Mike Leach Signed-off-by: James Clark Tested-by: Leo Yan Tested-by: Ganapatrao Kulkarni Signed-off-by: James Clark Signed-off-by: Suzuki K Poulose Link: https://lore.kernel.org/r/20240722101202.26915-12-james.clark@linaro.org commit eda1d11979c03f0104ca59ec4a0478cd52fa20de Author: James Clark Date: Mon Jul 22 11:11:52 2024 +0100 coresight: Clarify comments around the PID of the sink owner "Process being monitored" and "pid of the process to monitor" imply that this would be the same PID if there were two sessions targeting the same process. But this is actually the PID of the process that did the Perf event open call, rather than the target of the session. So update the comments to make this clearer. Reviewed-by: Anshuman Khandual Reviewed-by: Mike Leach Signed-off-by: James Clark Tested-by: Leo Yan Tested-by: Ganapatrao Kulkarni Signed-off-by: James Clark Signed-off-by: Suzuki K Poulose Link: https://lore.kernel.org/r/20240722101202.26915-11-james.clark@linaro.org commit 34172002bdac28dabbb846f191a86454bb226c7a Author: James Clark Date: Mon Jul 22 11:11:51 2024 +0100 coresight: Remove unused ETM Perf stubs This file is never included anywhere if CONFIG_CORESIGHT is not set so they are unused and aren't currently compile tested with any config so remove them. Reviewed-by: Anshuman Khandual Reviewed-by: Mike Leach Signed-off-by: James Clark Tested-by: Leo Yan Tested-by: Ganapatrao Kulkarni Signed-off-by: James Clark Signed-off-by: Suzuki K Poulose Link: https://lore.kernel.org/r/20240722101202.26915-10-james.clark@linaro.org commit c58dc5a1f886f2fcc1133746d0cbaa1fe7fd44ff Author: Suzuki K Poulose Date: Tue Jul 2 14:28:46 2024 +0100 coresight: tmc: sg: Do not leak sg_table Running perf with cs_etm on Juno triggers the following kmemleak warning ! :~# cat /sys/kernel/debug/kmemleak unreferenced object 0xffffff8806b6d720 (size 96): comm "perf", pid 562, jiffies 4297810960 hex dump (first 32 bytes): 38 d8 13 07 88 ff ff ff 00 d0 9e 85 c0 ff ff ff 8............... 00 10 00 88 c0 ff ff ff 00 f0 ff f7 ff 00 00 00 ................ backtrace (crc 1dbf6e00): [] kmemleak_alloc+0xbc/0xd8 [] kmalloc_trace_noprof+0x220/0x2e8 [] tmc_alloc_sg_table+0x48/0x208 [coresight_tmc] [] tmc_etr_alloc_sg_buf+0xac/0x240 [coresight_tmc] [] tmc_alloc_etr_buf.constprop.0+0x1f0/0x260 [coresight_tmc] [] alloc_etr_buf.constprop.0.isra.0+0x74/0xa8 [coresight_tmc] [] tmc_alloc_etr_buffer+0x110/0x260 [coresight_tmc] [] etm_setup_aux+0x204/0x3b0 [coresight] [] rb_alloc_aux+0x20c/0x318 [] perf_mmap+0x2e4/0x7a0 [] mmap_region+0x3b0/0xa08 [] do_mmap+0x3a0/0x500 [] vm_mmap_pgoff+0x100/0x1d0 [] ksys_mmap_pgoff+0xb8/0x110 [] __arm64_sys_mmap+0x38/0x58 [] invoke_syscall.constprop.0+0x58/0x100 This due to the fact that we do not free the "sg_table" itself while freeing up the SG table and data pages. Fix this by freeing the sg_table in tmc_free_sg_table(). Fixes: 99443ea19e8b ("coresight: Add generic TMC sg table framework") Cc: Mike Leach Cc: James Clark Signed-off-by: Suzuki K Poulose Reviewed-by: Anshuman Khandual Link: https://lore.kernel.org/r/20240702132846.1677261-1-suzuki.poulose@arm.com commit e2c87f484190b12fedcea9c428906aafcb8783cf Author: Takashi Sakamoto Date: Tue Aug 20 22:21:32 2024 +0900 firewire: core: update fw_device outside of device_find_child() When detecting updates of bus topology, the data of fw_device is newly allocated and caches the content of configuration ROM from the corresponding node. Then, the tree of device is sought to find the previous data of fw_device corresponding to the node. If found, the previous data is updated and reused and the data of fw_device newly allocated is going to be released. The above procedure is done in the call of device_find_child(), however it is a bit abusing against the intention of the helper function, since it is preferable to find only without updating. This commit splits the update outside of the call. Cc: Zijun Hu Link: https://lore.kernel.org/r/20240820132132.28839-1-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 797653865b982d53ecca517dd2b0ffb8bd967022 Author: Zhang Zekun Date: Fri Aug 16 09:58:37 2024 +0800 net: ethernet: ibm: Simpify code with for_each_child_of_node() for_each_child_of_node can help to iterate through the device_node, and we don't need to use while loop. No functional change with this conversion. Signed-off-by: Zhang Zekun Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240816015837.109627-1-zhangzekun11@huawei.com Signed-off-by: Paolo Abeni commit f3b78b470f28bb2a3a40e88bdf5c6de6a35a9b76 Author: Yicong Yang Date: Wed Jul 31 17:26:58 2024 +0800 ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 HiSilicon HIP10/11 platforms using the same SMMU PMCG with HIP09 and thus suffers the same erratum. List them in the PMCG platform information list without introducing a new SMMU PMCG Model. Update the silicon-errata.rst as well. Signed-off-by: Yicong Yang Link: https://lore.kernel.org/r/20240731092658.11012-1-yangyicong@huawei.com Signed-off-by: Will Deacon commit 6b2efdc454406ffcaa93ca925cebad448ea3241e Merge: ccb445ae460e90 1fa3314c14c6a2 Author: Paolo Abeni Date: Tue Aug 20 14:57:09 2024 +0200 Merge branch 'preparations-for-fib-rule-dscp-selector' Ido Schimmel says: ==================== Preparations for FIB rule DSCP selector This patchset moves the masking of the upper DSCP bits in 'flowi4_tos' to the core instead of relying on callers of the FIB lookup API to do it. This will allow us to start changing users of the API to initialize the 'flowi4_tos' field with all six bits of the DSCP field. In turn, this will allow us to extend FIB rules with a new DSCP selector. By masking the upper DSCP bits in the core we are able to maintain the behavior of the TOS selector in FIB rules and routes to only match on the lower DSCP bits. While working on this I found two users of the API that do not mask the upper DSCP bits before performing the lookup. The first is an ancient netlink family that is unlikely to be used. It is adjusted in patch #1 to mask both the upper DSCP bits and the ECN bits before calling the API. The second user is a nftables module that differs in this regard from its equivalent iptables module. It is adjusted in patch #2 to invoke the API with the upper DSCP bits masked, like all other callers. The relevant selftest passed, but in the unlikely case that regressions are reported because of this change, we can restore the existing behavior using a new flow information flag as discussed here [1]. The last patch moves the masking of the upper DSCP bits to the core, making the first two patches redundant, but I wanted to post them separately to call attention to the behavior change for these two users of the FIB lookup API. Future patchsets (around 3) will start unmasking the upper DSCP bits throughout the networking stack before adding support for the new FIB rule DSCP selector. Changes from v1 [2]: Patch #3: Include in instead of including it in net/ip_fib.h [1] https://lore.kernel.org/netdev/ZpqpB8vJU%2FQ6LSqa@debian/ [2] https://lore.kernel.org/netdev/20240725131729.1729103-1-idosch@nvidia.com/ ==================== Link: https://patch.msgid.link/20240814125224.972815-1-idosch@nvidia.com Signed-off-by: Paolo Abeni commit 1fa3314c14c6a20d098991a0a6980f9b18b2f930 Author: Ido Schimmel Date: Wed Aug 14 15:52:24 2024 +0300 ipv4: Centralize TOS matching The TOS field in the IPv4 flow information structure ('flowi4_tos') is matched by the kernel against the TOS selector in IPv4 rules and routes. The field is initialized differently by different call sites. Some treat it as DSCP (RFC 2474) and initialize all six DSCP bits, some treat it as RFC 1349 TOS and initialize it using RT_TOS() and some treat it as RFC 791 TOS and initialize it using IPTOS_RT_MASK. What is common to all these call sites is that they all initialize the lower three DSCP bits, which fits the TOS definition in the initial IPv4 specification (RFC 791). Therefore, the kernel only allows configuring IPv4 FIB rules that match on the lower three DSCP bits which are always guaranteed to be initialized by all call sites: # ip -4 rule add tos 0x1c table 100 # ip -4 rule add tos 0x3c table 100 Error: Invalid tos. While this works, it is unlikely to be very useful. RFC 791 that initially defined the TOS and IP precedence fields was updated by RFC 2474 over twenty five years ago where these fields were replaced by a single six bits DSCP field. Extending FIB rules to match on DSCP can be done by adding a new DSCP selector while maintaining the existing semantics of the TOS selector for applications that rely on that. A prerequisite for allowing FIB rules to match on DSCP is to adjust all the call sites to initialize the high order DSCP bits and remove their masking along the path to the core where the field is matched on. However, making this change alone will result in a behavior change. For example, a forwarded IPv4 packet with a DS field of 0xfc will no longer match a FIB rule that was configured with 'tos 0x1c'. This behavior change can be avoided by masking the upper three DSCP bits in 'flowi4_tos' before comparing it against the TOS selectors in FIB rules and routes. Implement the above by adding a new function that checks whether a given DSCP value matches the one specified in the IPv4 flow information structure and invoke it from the three places that currently match on 'flowi4_tos'. Use RT_TOS() for the masking of 'flowi4_tos' instead of IPTOS_RT_MASK since the latter is not uAPI and we should be able to remove it at some point. Include in since the former defines IPTOS_TOS_MASK which is used in the definition of RT_TOS() in . No regressions in FIB tests: # ./fib_tests.sh [...] Tests passed: 218 Tests failed: 0 And FIB rule tests: # ./fib_rule_tests.sh [...] Tests passed: 116 Tests failed: 0 Signed-off-by: Ido Schimmel Signed-off-by: Paolo Abeni commit 548a2029eb6668a47e9bc86a7ded3d33a738aa0c Author: Ido Schimmel Date: Wed Aug 14 15:52:23 2024 +0300 netfilter: nft_fib: Mask upper DSCP bits before FIB lookup As part of its functionality, the nftables FIB expression module performs a FIB lookup, but unlike other users of the FIB lookup API, it does so without masking the upper DSCP bits. In particular, this differs from the equivalent iptables match ("rpfilter") that does mask the upper DSCP bits before the FIB lookup. Align the module to other users of the FIB lookup API and mask the upper DSCP bits using IPTOS_RT_MASK before the lookup. No regressions in nft_fib.sh: # ./nft_fib.sh PASS: fib expression did not cause unwanted packet drops PASS: fib expression did drop packets for 1.1.1.1 PASS: fib expression did drop packets for 1c3::c01d PASS: fib expression forward check with policy based routing Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: Paolo Abeni commit 8fed54758cd248cd311a2b5c1e180abef1866237 Author: Ido Schimmel Date: Wed Aug 14 15:52:22 2024 +0300 ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family The NETLINK_FIB_LOOKUP netlink family can be used to perform a FIB lookup according to user provided parameters and communicate the result back to user space. However, unlike other users of the FIB lookup API, the upper DSCP bits and the ECN bits of the DS field are not masked, which can result in the wrong result being returned. Solve this by masking the upper DSCP bits and the ECN bits using IPTOS_RT_MASK. The structure that communicates the request and the response is not exported to user space, so it is unlikely that this netlink family is actually in use [1]. [1] https://lore.kernel.org/netdev/ZpqpB8vJU%2FQ6LSqa@debian/ Signed-off-by: Ido Schimmel Reviewed-by: Guillaume Nault Signed-off-by: Paolo Abeni commit 5f83ee4b1f0c04a8b4125daab8918606df3dc035 Author: Dmitry Torokhov Date: Mon Aug 19 18:13:47 2024 -0700 ASoC: tas5086: use sleeping variants of gpiod API The driver does not access reset GPIO in atomic contexts so it is usable with GPIOs that may sleep during access. Switch to using gpiod_set_value_cansleep(). Also the reset GPIO is configured as output at the time it is acquired, there is no need to use gpiod_direction_output() when executing reset sequence. Signed-off-by: Dmitry Torokhov Link: https://patch.msgid.link/ZsPty8oNMQk4YTl1@google.com Signed-off-by: Mark Brown commit e6c1d9068295796e34d59ef08fa80f6ff8f3530a Author: Krzysztof Kozlowski Date: Sun Aug 18 19:30:37 2024 +0200 ASoC: dt-bindings: samsung,odroid: drop stale clocks Clocks property was present only to allow usage of assigned-clocks in the sound card node, however in upstream DTS the assigned-clocks were moved in commit 4afb06afd768 ("ARM: dts: exynos: move assigned-clock* properties to i2s0 node in Odroid XU4") to respective I2S nodes. Linux drivers never parsed "clocks" so it can be safely dropped. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240818173037.122152-1-krzysztof.kozlowski@linaro.org Acked-by: Rob Herring (Arm) Signed-off-by: Mark Brown commit c88baabf16d1ef74ab8832de9761226406af5507 Author: Florian Westphal Date: Tue Aug 20 11:56:14 2024 +0200 netfilter: nf_tables: don't initialize registers in nft_do_chain() revert commit 4c905f6740a3 ("netfilter: nf_tables: initialize registers in nft_do_chain()"). Previous patch makes sure that loads from uninitialized registers are detected from the control plane. in this case rule blob auto-zeroes registers. Thus the explicit zeroing is not needed anymore. Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit 14fb07130c7ddd257e30079b87499b3f89097b09 Author: Florian Westphal Date: Tue Aug 20 11:56:13 2024 +0200 netfilter: nf_tables: allow loads only when register is initialized Reject rules where a load occurs from a register that has not seen a store early in the same rule. commit 4c905f6740a3 ("netfilter: nf_tables: initialize registers in nft_do_chain()") had to add a unconditional memset to the nftables register space to avoid leaking stack information to userspace. This memset shows up in benchmarks. After this change, this commit can be reverted again. Note that this breaks userspace compatibility, because theoretically you can do rule 1: reg2 := meta load iif, reg2 == 1 jump ... rule 2: reg2 == 2 jump ... // read access with no store in this rule ... after this change this is rejected. Neither nftables nor iptables-nft generate such rules, each rule is always standalone. This resuts in a small increase of nft_ctx structure by sizeof(long). To cope with hypothetical rulesets like the example above one could emit on-demand "reg[x] = 0" store when generating the datapath blob in nf_tables_commit_chain_prepare(). A patch that does this is linked to below. For now, lets disable this. In nf_tables, a rule is the smallest unit that can be replaced from userspace, i.e. a hypothetical ruleset that relies on earlier initialisations of registers can't be changed at will as register usage would need to be coordinated. Link: https://lore.kernel.org/netfilter-devel/20240627135330.17039-4-fw@strlen.de/ Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit 7ea0522ef81a335c2d3a0ab1c8a4fab9a23c4a03 Author: Florian Westphal Date: Tue Aug 20 11:56:12 2024 +0200 netfilter: nf_tables: pass context structure to nft_parse_register_load Mechanical transformation, no logical changes intended. Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit f7f8b433ac60057c002efda102c5529f74997acf Author: Jinjie Ruan Date: Wed Jul 31 10:19:18 2024 +0100 ARM: 9412/1: Convert to arch_cpu_is_hotpluggable() Convert arm32 to use the arch_cpu_is_hotpluggable() helper rather than arch_register_cpu(). Signed-off-by: Jinjie Ruan Signed-off-by: Russell King (Oracle) commit 609face018110c5f9bdde24d3155dbda38745622 Author: Jinjie Ruan Date: Wed Jul 31 10:17:55 2024 +0100 ARM: 9411/1: Switch over to GENERIC_CPU_DEVICES using arch_register_cpu() Currently, almost all architectures have switched to GENERIC_CPU_DEVICES, except for arm32. Also switch over to GENERIC_CPU_DEVICES, and provide an arch_register_cpu() that populates the hotpluggable flag for arm32. The struct cpu in struct cpuinfo_arm is never used directly, remove it to use the one GENERIC_CPU_DEVICES provides. This also has the effect of moving the registration of CPUs from subsys to driver core initialisation, prior to any initcalls running. Signed-off-by: Jinjie Ruan Signed-off-by: Russell King (Oracle) commit 89a906dfa8c3b21b3e5360f73c49234ac1eb885b Author: Calvin Owens Date: Mon Jul 29 17:05:51 2024 +0100 ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros Floating point instructions in userspace can crash some arm kernels built with clang/LLD 17.0.6: BUG: unsupported FP instruction in kernel mode FPEXC == 0xc0000780 Internal error: Oops - undefined instruction: 0 [#1] ARM CPU: 0 PID: 196 Comm: vfp-reproducer Not tainted 6.10.0 #1 Hardware name: BCM2835 PC is at vfp_support_entry+0xc8/0x2cc LR is at do_undefinstr+0xa8/0x250 pc : [] lr : [] psr: a0000013 sp : dc8d1f68 ip : 60000013 fp : bedea19c r10: ec532b17 r9 : 00000010 r8 : 0044766c r7 : c0000780 r6 : ec532b17 r5 : c1c13800 r4 : dc8d1fb0 r3 : c10072c4 r2 : c0101c88 r1 : ec532b17 r0 : 0044766c Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none Control: 00c5387d Table: 0251c008 DAC: 00000051 Register r0 information: non-paged memory Register r1 information: vmalloc memory Register r2 information: non-slab/vmalloc memory Register r3 information: non-slab/vmalloc memory Register r4 information: 2-page vmalloc region Register r5 information: slab kmalloc-cg-2k Register r6 information: vmalloc memory Register r7 information: non-slab/vmalloc memory Register r8 information: non-paged memory Register r9 information: zero-size pointer Register r10 information: vmalloc memory Register r11 information: non-paged memory Register r12 information: non-paged memory Process vfp-reproducer (pid: 196, stack limit = 0x61aaaf8b) Stack: (0xdc8d1f68 to 0xdc8d2000) 1f60: 0000081f b6f69300 0000000f c10073f4 c10072c4 dc8d1fb0 1f80: ec532b17 0c532b17 0044766c b6f9ccd8 00000000 c010a80c 00447670 60000010 1fa0: ffffffff c1c13800 00c5387d c0100f10 b6f68af8 00448fc0 00000000 bedea188 1fc0: bedea314 00000001 00448ebc b6f9d000 00447608 b6f9ccd8 00000000 bedea19c 1fe0: bede9198 bedea188 b6e1061c 0044766c 60000010 ffffffff 00000000 00000000 Call trace: [] (vfp_support_entry) from [] (do_undefinstr+0xa8/0x250) [] (do_undefinstr) from [] (__und_usr+0x70/0x80) Exception stack(0xdc8d1fb0 to 0xdc8d1ff8) 1fa0: b6f68af8 00448fc0 00000000 bedea188 1fc0: bedea314 00000001 00448ebc b6f9d000 00447608 b6f9ccd8 00000000 bedea19c 1fe0: bede9198 bedea188 b6e1061c 0044766c 60000010 ffffffff Code: 0a000061 e3877202 e594003c e3a09010 (eef16a10) ---[ end trace 0000000000000000 ]--- Kernel panic - not syncing: Fatal exception in interrupt ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]--- This is a minimal userspace reproducer on a Raspberry Pi Zero W: #include #include int main(void) { double v = 1.0; printf("%fn", NAN + *(volatile double *)&v); return 0; } Another way to consistently trigger the oops is: calvin@raspberry-pi-zero-w ~$ python -c "import json" The bug reproduces only when the kernel is built with DYNAMIC_DEBUG=n, because the pr_debug() calls act as barriers even when not activated. This is the output from the same kernel source built with the same compiler and DYNAMIC_DEBUG=y, where the userspace reproducer works as expected: VFP: bounce: trigger ec532b17 fpexc c0000780 VFP: emulate: INST=0xee377b06 SCR=0x00000000 VFP: bounce: trigger eef1fa10 fpexc c0000780 VFP: emulate: INST=0xeeb40b40 SCR=0x00000000 VFP: raising exceptions 30000000 calvin@raspberry-pi-zero-w ~$ ./vfp-reproducer nan Crudely grepping for vmsr/vmrs instructions in the otherwise nearly idential text for vfp_support_entry() makes the problem obvious: vmlinux.llvm.good [0xc0101cb8] <+48>: vmrs r7, fpexc vmlinux.llvm.good [0xc0101cd8] <+80>: vmsr fpexc, r0 vmlinux.llvm.good [0xc0101d20] <+152>: vmsr fpexc, r7 vmlinux.llvm.good [0xc0101d38] <+176>: vmrs r4, fpexc vmlinux.llvm.good [0xc0101d6c] <+228>: vmrs r0, fpscr vmlinux.llvm.good [0xc0101dc4] <+316>: vmsr fpexc, r0 vmlinux.llvm.good [0xc0101dc8] <+320>: vmrs r0, fpsid vmlinux.llvm.good [0xc0101dcc] <+324>: vmrs r6, fpscr vmlinux.llvm.good [0xc0101e10] <+392>: vmrs r10, fpinst vmlinux.llvm.good [0xc0101eb8] <+560>: vmrs r10, fpinst2 vmlinux.llvm.bad [0xc0101cb8] <+48>: vmrs r7, fpexc vmlinux.llvm.bad [0xc0101cd8] <+80>: vmsr fpexc, r0 vmlinux.llvm.bad [0xc0101d20] <+152>: vmsr fpexc, r7 vmlinux.llvm.bad [0xc0101d30] <+168>: vmrs r0, fpscr vmlinux.llvm.bad [0xc0101d50] <+200>: vmrs r6, fpscr <== BOOM! vmlinux.llvm.bad [0xc0101d6c] <+228>: vmsr fpexc, r0 vmlinux.llvm.bad [0xc0101d70] <+232>: vmrs r0, fpsid vmlinux.llvm.bad [0xc0101da4] <+284>: vmrs r10, fpinst vmlinux.llvm.bad [0xc0101df8] <+368>: vmrs r4, fpexc vmlinux.llvm.bad [0xc0101e5c] <+468>: vmrs r10, fpinst2 I think LLVM's reordering is valid as the code is currently written: the compiler doesn't know the instructions have side effects in hardware. Fix by using "asm volatile" in fmxr() and fmrx(), so they cannot be reordered with respect to each other. The original compiler now produces working kernels on my hardware with DYNAMIC_DEBUG=n. This is the relevant piece of the diff of the vfp_support_entry() text, from the original oopsing kernel to a working kernel with this patch: vmrs r0, fpscr tst r0, #4096 bne 0xc0101d48 tst r0, #458752 beq 0xc0101ecc orr r7, r7, #536870912 ldr r0, [r4, #0x3c] mov r9, #16 -vmrs r6, fpscr orr r9, r9, #251658240 add r0, r0, #4 str r0, [r4, #0x3c] mvn r0, #159 sub r0, r0, #-1207959552 and r0, r7, r0 vmsr fpexc, r0 vmrs r0, fpsid +vmrs r6, fpscr and r0, r0, #983040 cmp r0, #65536 bne 0xc0101d88 Fixes: 4708fb041346 ("ARM: vfp: Reimplement VFP exception entry in C code") Signed-off-by: Calvin Owens Signed-off-by: Russell King (Oracle) commit 727ac9ec6addca3afdac62bf265fe2c6f37c12b7 Author: Linus Walleij Date: Tue Jul 2 09:56:54 2024 +0100 ARM: 9409/1: mmu: Do not use magic number for TTBCR settings The code in early_paging_init is directly masking off bits 8, 9, 10 and 11 to temporarily disable caching of the translation tables. There is some exlanations in the comment, but use some defines instead of magic numbers so ut becomes more evident what is going on. Change the type of the register to u32 since these are indeed unsigned 32bit registers, and use a temporary variable instead of baking too much into the inline assembly call to increase readability. Signed-off-by: Linus Walleij Signed-off-by: Russell King (Oracle) commit ccb445ae460e90b6864e5d77d72c42ae2b3cf377 Merge: dca9d62a0d7684 e0d103542b06c3 Author: Paolo Abeni Date: Tue Aug 20 11:38:30 2024 +0200 Merge branch 'net-smc-introduce-ringbufs-usage-statistics' Wen Gu says: ==================== net/smc: introduce ringbufs usage statistics Currently, we have histograms that show the sizes of ringbufs that ever used by SMC connections. However, they are always incremental and since SMC allows the reuse of ringbufs, we cannot know the actual amount of ringbufs being allocated or actively used. So this patch set introduces statistics for the amount of ringbufs that actually allocated by link group and actively used by connections of a certain net namespace, so that we can react based on these memory usage information, e.g. active fallback to TCP. With appropriate adaptations of smc-tools, we can obtain these ringbufs usage information: $ smcr -d linkgroup LG-ID : 00000500 LG-Role : SERV LG-Type : ASYML VLAN : 0 PNET-ID : Version : 1 Conns : 0 Sndbuf : 12910592 B <- RMB : 12910592 B <- or $ smcr -d stats [...] RX Stats Data transmitted (Bytes) 869225943 (869.2M) Total requests 18494479 Buffer usage (Bytes) 12910592 (12.31M) <- [...] TX Stats Data transmitted (Bytes) 12760884405 (12.76G) Total requests 36988338 Buffer usage (Bytes) 12910592 (12.31M) <- [...] [...] Change log: v3->v2 - use new helper nla_put_uint() instead of nla_put_u64_64bit(). v2->v1 https://lore.kernel.org/r/20240807075939.57882-1-guwen@linux.alibaba.com/ - remove inline keyword in .c files. - use local variable in macros to avoid potential side effects. v1 https://lore.kernel.org/r/20240805090551.80786-1-guwen@linux.alibaba.com/ ==================== Link: https://patch.msgid.link/20240814130827.73321-1-guwen@linux.alibaba.com Signed-off-by: Paolo Abeni commit e0d103542b06c36240e3887edfe49578464866eb Author: Wen Gu Date: Wed Aug 14 21:08:27 2024 +0800 net/smc: introduce statistics for ringbufs usage of net namespace The buffer size histograms in smc_stats, namely rx/tx_rmbsize, record the sizes of ringbufs for all connections that have ever appeared in the net namespace. They are incremental and we cannot know the actual ringbufs usage from these. So here introduces statistics for current ringbufs usage of existing smc connections in the net namespace into smc_stats, it will be incremented when new connection uses a ringbuf and decremented when the ringbuf is unused. Signed-off-by: Wen Gu Signed-off-by: Paolo Abeni commit d386d59b7c1a39112ca875327339ed519df2b96c Author: Wen Gu Date: Wed Aug 14 21:08:26 2024 +0800 net/smc: introduce statistics for allocated ringbufs of link group Currently we have the statistics on sndbuf/RMB sizes of all connections that have ever been on the link group, namely smc_stats_memsize. However these statistics are incremental and since the ringbufs of link group are allowed to be reused, we cannot know the actual allocated buffers through these. So here introduces the statistic on actual allocated ringbufs of the link group, it will be incremented when a new ringbuf is added into buf_list and decremented when it is deleted from buf_list. Signed-off-by: Wen Gu Signed-off-by: Paolo Abeni commit 157519c026ec0773401111e33aed20a7a6800d5f Author: Krzysztof Kozlowski Date: Fri Aug 16 17:09:31 2024 +0200 cpuidle: dt_idle_genpd: Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816150931.142208-4-krzysztof.kozlowski@linaro.org Signed-off-by: Ulf Hansson commit 7aa1204d086e1eb8fc09203d2cdc3f798683d6d4 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:09:28 2024 +0200 cpuidle: psci: Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240816150931.142208-1-krzysztof.kozlowski@linaro.org Signed-off-by: Ulf Hansson commit 1453323eac4f13817a07f40e78e76dfc635aab34 Author: Abhishek Tamboli Date: Mon Aug 19 23:21:22 2024 +0530 drm/panel: ili9341: Add comments for registers in ili9341_config() Add detail comments for registers definitions in struct ili9341_config(). Replace TODO with comment for each registers. Signed-off-by: Abhishek Tamboli Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240819175122.33176-1-abhishektamboli9@gmail.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240819175122.33176-1-abhishektamboli9@gmail.com commit 9b37f971f31354fcfd84b7c2f219138644c7edd3 Author: Jinjie Ruan Date: Mon Aug 19 19:59:56 2024 +0800 pmdomain: apple: Make apple_pmgr_reset_ops static The sparse tool complains as follows: drivers/pmdomain/apple/pmgr-pwrstate.c:180:32: warning: symbol 'apple_pmgr_reset_ops' was not declared. Should it be static: This symbol is not used outside of pmgr-pwrstate.c, so marks it static. Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/r/20240819115956.3884847-1-ruanjinjie@huawei.com Signed-off-by: Ulf Hansson commit b61c4bc674c6032827f2682a0c72ff577c36143f Author: Tejas Vipin Date: Tue Aug 20 14:45:54 2024 +0530 drm/panel: mantix-mlaf057we51: write hex in lowercase Converts uppercase hex to lowercase hex for cleanup. Signed-off-by: Tejas Vipin Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240820091556.1032726-3-tejasvipin76@gmail.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240820091556.1032726-3-tejasvipin76@gmail.com commit e139c0eb22ce5b2ab6a2056c1ff495f3a38322d7 Author: Tejas Vipin Date: Tue Aug 20 14:45:53 2024 +0530 drm/panel: mantix-mlaf057we51: transition to mipi_dsi wrapped functions Changes the mantix-mlaf057we51 panel to use multi style functions for improved error handling. Reviewed-by: Guido Günther Reviewed-by: Douglas Anderson Signed-off-by: Tejas Vipin Link: https://lore.kernel.org/r/20240820091556.1032726-2-tejasvipin76@gmail.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240820091556.1032726-2-tejasvipin76@gmail.com commit 3b019409ce9a280db53dbf6beb7ee42c17951782 Author: Dikshita Agarwal Date: Mon Aug 19 15:59:10 2024 +0530 media: venus: use device managed APIs for power domains Use devres-enabled version of power domain attach APIs. Signed-off-by: Dikshita Agarwal Reviewed-by: Bryan O'Donoghue Link: https://lore.kernel.org/r/1724063350-11993-3-git-send-email-quic_dikshita@quicinc.com Signed-off-by: Ulf Hansson commit b6cee6544d01b8ac01232d343b1b2b594d94d61c Author: Dikshita Agarwal Date: Mon Aug 19 15:59:09 2024 +0530 PM: domains: add device managed version of dev_pm_domain_attach|detach_list() Add the devres-enabled version of dev_pm_domain_attach|detach_list. If client drivers use devm_pm_domain_attach_list() to attach the PM domains, devm_pm_domain_detach_list() will be invoked implicitly during remove phase. Signed-off-by: Dikshita Agarwal Link: https://lore.kernel.org/r/1724063350-11993-2-git-send-email-quic_dikshita@quicinc.com Signed-off-by: Ulf Hansson commit cfee1b50775869de9076d021ea11a8438854dcba Author: Finley Xiao Date: Wed Aug 14 18:26:42 2024 -0400 pmdomain: rockchip: Add support for RK3576 SoC Add configuration for RK3576 SoC and list the power domains. Signed-off-by: Finley Xiao Signed-off-by: Detlev Casanova Reviewed-by: Elaine Zhang Link: https://lore.kernel.org/r/20240814222824.3170-3-detlev.casanova@collabora.com Signed-off-by: Ulf Hansson commit 8565c448d590cd90c102631216c94435524822bf Merge: bca1c19f7a070c 77c5e7b6230325 Author: Ulf Hansson Date: Tue Aug 20 11:09:05 2024 +0200 pmdomain: Merge branch dt into next Merge the immutable branch dt into next, to allow the DT bindings to be tested together with changes that are targeted for v6.12. Signed-off-by: Ulf Hansson commit 77c5e7b623032502ee49fe7e7868eaca6786d7ed Author: Finley Xiao Date: Wed Aug 14 18:26:41 2024 -0400 dt-bindings: power: Add support for RK3576 SoC Define power domain IDs as described in the TRM and add compatible for rockchip,rk3576-power-controller Signed-off-by: Finley Xiao Co-Developed-by: Detlev Casanova Signed-off-by: Detlev Casanova Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240814222824.3170-2-detlev.casanova@collabora.com Signed-off-by: Ulf Hansson commit c4b3c1332f55c48785e6661cebeb7269a92a45fd Author: Liao Chen Date: Tue Aug 20 02:20:29 2024 +0000 zonefs: add support for FS_IOC_GETFSSYSFSPATH FS_IOC_GETFSSYSFSPATH ioctl expects sysfs sub-path of a filesystem, the format can be "$FSTYP/$SYSFS_IDENTIFIER" under /sys/fs, it can helps to standardizes exporting sysfs datas across filesystems. This patch wires up FS_IOC_GETFSSYSFSPATH for zonefs, it will output "zonefs/". Signed-off-by: Liao Chen Signed-off-by: Damien Le Moal commit 4b91188dced811e2d867574b672888406cb7114c Author: Andy Shevchenko Date: Mon Aug 19 17:29:00 2024 +0300 gpiolib: Replace gpio_suffix_count with NULL-terminated array There is no need to have and export the count variable for the array in question. Instead, make it NULL-terminated. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240819142945.327808-6-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit a975a64692c39991fdde2f1d990b7bdd48d183fc Author: Andy Shevchenko Date: Mon Aug 19 17:28:59 2024 +0300 gpiolib: swnode: Make use of for_each_gpio_property_name() For the sake of unification and easier maintenance replace swnode_format_propname() call with for_each_gpio_property_name() for-loop. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240819142945.327808-5-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit 7fd6809888a82055fcca9d14417d5e2675f0acc5 Author: Andy Shevchenko Date: Mon Aug 19 17:28:58 2024 +0300 gpiolib: swnode: Introduce swnode_gpio_get_reference() helper Instead of the spreading simlar code over the file, introduce a helper. It also enforces the nargs validation for all GPIO software node APIs. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240819142945.327808-4-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit e42fce0ff99658b5b43e8dae4f7acc43d38a00ef Author: Andy Shevchenko Date: Mon Aug 19 17:28:57 2024 +0300 gpiolib: swnode: Unify return code variable name In one case 'ret' is used in the other 'error'. Make the latter use the former, i.e. 'ret'. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240819142945.327808-3-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit ef3d4b94d2d88b160887ff9ca737a5f8ec101579 Author: Andy Shevchenko Date: Mon Aug 19 17:28:56 2024 +0300 gpiolib: Introduce for_each_gpio_property_name() helper Introduce a helper macro for_each_gpio_property_name(). With that in place, update users. This, in particular, will help making the following simplifications easier. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240819142945.327808-2-andriy.shevchenko@linux.intel.com Signed-off-by: Bartosz Golaszewski commit 120c2833b72f4bdbd67ea2cf70b9d96d1c235717 Author: Cong Dang Date: Thu Aug 1 15:39:19 2024 +0200 clk: renesas: r8a779h0: Add CANFD clock Add the CANFD module clock on the Renesas R-Car V4M (R8A779H0) SoC. Signed-off-by: Cong Dang Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/9bf71bfda338ee5411751174b03b9e870cc818e3.1722519424.git.geert+renesas@glider.be commit 36932cbc3e6cc95a681568c28bfadd72d7c2e7ce Author: Lad Prabhakar Date: Mon Jul 29 21:26:45 2024 +0100 clk: renesas: Add RZ/V2H(P) CPG driver Add RZ/V2H(P) CPG driver. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240729202645.263525-4-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit ab7d885a33a7ef328a97ccae0d1340b68c3db9ad Author: Geert Uytterhoeven Date: Thu Aug 1 15:54:36 2024 +0200 arm64: dts: renesas: gray-hawk-single: Add CAN-FD support Enable confirmed-working CAN-FD channels 0 and 1 on the Gray Hawk Single development board: - Channel 0 uses an NXP TJR1443AT CAN transceiver, which must be enabled through a GPIO, - Channels 1-3 use Microchip MCP2558FD-H/SN CAN transceivers, which do not need explicit description, but channels 2-3 do not seem to work. Inspired by a patch for Gray Hawk in the BSP by Duy Nguyen. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/7c2a06b7abec4ce1025761003ccdbce559789708.1722519717.git.geert+renesas@glider.be commit b3749d434ea48cca473afd440771f048d0860a2e Author: Duy Nguyen Date: Thu Aug 1 15:54:35 2024 +0200 arm64: dts: renesas: r8a779h0: Add CAN-FD node Add device nodes for the CAN-FD interface and the related external CAN clock on the Renesas R-Car V4M (R8A779H0) SoC. Signed-off-by: Duy Nguyen Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/43b786db932f5c53103d34fd530365c445c0425e.1722519717.git.geert+renesas@glider.be commit 6ad8bc92a47702f0b5d0b96b680199910b89f688 Author: Christian Hopps Date: Thu Aug 15 13:21:14 2024 -0400 net: add copy from skb_seq_state to buffer function Add an skb helper function to copy a range of bytes from within an existing skb_seq_state. Signed-off-by: Christian Hopps Signed-off-by: Steffen Klassert commit 0311507792b54069ac72e0a6c6b35c5d40aadad8 Author: Deven Bowers Date: Fri Aug 2 23:08:15 2024 -0700 lsm: add IPE lsm Integrity Policy Enforcement (IPE) is an LSM that provides an complimentary approach to Mandatory Access Control than existing LSMs today. Existing LSMs have centered around the concept of access to a resource should be controlled by the current user's credentials. IPE's approach, is that access to a resource should be controlled by the system's trust of a current resource. The basis of this approach is defining a global policy to specify which resource can be trusted. Signed-off-by: Deven Bowers Signed-off-by: Fan Wu [PM: subject line tweak] Signed-off-by: Paul Moore commit dca9d62a0d7684a5510645ba05960529c5066457 Author: Zhang Changzhong Date: Thu Aug 15 22:09:42 2024 +0800 net: remove redundant check in skb_shift() The check for '!to' is redundant here, since skb_can_coalesce() already contains this check. Signed-off-by: Zhang Changzhong Reviewed-by: Simon Horman Link: https://patch.msgid.link/1723730983-22912-1-git-send-email-zhangchangzhong@huawei.com Signed-off-by: Jakub Kicinski commit af3dc0ad3167985894a292968c67502f42854e6d Author: Yue Haibing Date: Fri Aug 16 18:04:04 2024 +0800 mptcp: Remove unused declaration mptcp_sockopt_sync() Commit a1ab24e5fc4a ("mptcp: consolidate sockopt synchronization") removed the implementation but leave declaration. Signed-off-by: Yue Haibing Reviewed-by: Matthieu Baerts (NGI0) Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240816100404.879598-1-yuehaibing@huawei.com Signed-off-by: Jakub Kicinski commit c5e2a1b06760a2253c5e8959b49b307e9986bfae Author: Yue Haibing Date: Fri Aug 16 18:15:50 2024 +0800 net/mlx5: E-Switch, Remove unused declarations These are never implenmented since commit b691b1116e82 ("net/mlx5: Implement devlink port function cmds to control ipsec_packet"). Signed-off-by: Yue Haibing Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240816101550.881844-1-yuehaibing@huawei.com Signed-off-by: Jakub Kicinski commit 12906bab4414d0e9034218a2ada82c53109ffff9 Author: Yue Haibing Date: Fri Aug 16 18:16:38 2024 +0800 igbvf: Remove two unused declarations There is no caller and implementations in tree. Signed-off-by: Yue Haibing Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240816101638.882072-1-yuehaibing@huawei.com Signed-off-by: Jakub Kicinski commit 359c5eb0f7364be9a26626402cc315e5e5f0d8c7 Author: Yue Haibing Date: Fri Aug 16 18:19:06 2024 +0800 gve: Remove unused declaration gve_rx_alloc_rings() Commit f13697cc7a19 ("gve: Switch to config-aware queue allocation") convert this function to gve_rx_alloc_rings_gqi(). Signed-off-by: Yue Haibing Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240816101906.882743-1-yuehaibing@huawei.com Signed-off-by: Jakub Kicinski commit 6236ebe07131a7746d870f1d8eb3637a8df13e70 Author: Arnaldo Carvalho de Melo Date: Mon Aug 19 16:46:29 2024 -0300 perf daemon: Fix the build on more 32-bit architectures The previous attempt fixed the build on debian:experimental-x-mipsel, but when building on a larger set of containers I noticed it broke the build on some other 32-bit architectures such as: 42 7.87 ubuntu:18.04-x-arm : FAIL gcc version 7.5.0 (Ubuntu/Linaro 7.5.0-3ubuntu1~18.04) builtin-daemon.c: In function 'cmd_session_list': builtin-daemon.c:692:16: error: format '%llu' expects argument of type 'long long unsigned int', but argument 4 has type 'long int' [-Werror=format=] fprintf(out, "%c%" PRIu64, ^~~~~ builtin-daemon.c:694:13: csv_sep, (curr - daemon->start) / 60); ~~~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from builtin-daemon.c:3:0: /usr/arm-linux-gnueabihf/include/inttypes.h:105:34: note: format string is defined here # define PRIu64 __PRI64_PREFIX "u" So lets cast that time_t (32-bit/64-bit) to uint64_t to make sure it builds everywhere. Fixes: 4bbe6002931954bb ("perf daemon: Fix the build on 32-bit architectures") Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/ZsPmldtJ0D9Cua9_@x1 Signed-off-by: Arnaldo Carvalho de Melo commit a2901083b1490a45df0700ac0aaa0730811cbf15 Author: Jakub Kicinski Date: Fri Aug 16 14:22:44 2024 -0700 tcp_metrics: use netlink policy for IPv6 addr len validation Use the netlink policy to validate IPv6 address length. Destination address currently has policy for max len set, and source has no policy validation. In both cases the code does the real check. With correct policy check the code can be removed. Reviewed-by: Stephen Hemminger Reviewed-by: David Ahern Link: https://patch.msgid.link/20240816212245.467745-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit db163778016b3a491d79d10a910d059c20f88f83 Merge: 92ec8b9367ab32 86149b4f5a2d53 Author: Martin KaFai Lau Date: Mon Aug 19 16:40:11 2024 -0700 Merge branch 'selftests/bpf: Various sockmap-related fixes' Michal Luczaj says: ==================== Series takes care of few bugs and missing features with the aim to improve the test coverage of sockmap/sockhash. Last patch is a create_pair() rewrite making use of __attribute__((cleanup)) to handle socket fd lifetime. --- Changes in v2: - Rebase on bpf-next (Jakub) - Use cleanup helpers from kernel's cleanup.h (Jakub) - Fix subject of patch 3, rephrase patch 4, use correct prefix - Link to v1: https://lore.kernel.org/r/20240724-sockmap-selftest-fixes-v1-0-46165d224712@rbox.co Changes in v1: - No declarations in function body (Jakub) - Don't touch output arguments until function succeeds (Jakub) - Link to v0: https://lore.kernel.org/netdev/027fdb41-ee11-4be0-a493-22f28a1abd7c@rbox.co/ ==================== Signed-off-by: Martin KaFai Lau commit 86149b4f5a2d535279096946b6ef8d41911a9b5a Author: Michal Luczaj Date: Wed Jul 31 12:01:31 2024 +0200 selftests/bpf: Introduce __attribute__((cleanup)) in create_pair() Rewrite function to have (unneeded) socket descriptors automatically close()d when leaving the scope. Make sure the "ownership" of fds is correctly passed via take_fd(); i.e. descriptor returned to caller will remain valid. Reviewed-by: Jakub Sitnicki Tested-by: Jakub Sitnicki Suggested-by: Jakub Sitnicki Signed-off-by: Michal Luczaj Link: https://lore.kernel.org/r/20240731-selftest-sockmap-fixes-v2-6-08a0c73abed2@rbox.co Signed-off-by: Martin KaFai Lau commit c9c70b28face7b156960f53649bec9ace5601b85 Author: Michal Luczaj Date: Wed Jul 31 12:01:30 2024 +0200 selftests/bpf: Exercise SOCK_STREAM unix_inet_redir_to_connected() Constants got switched reducing the test's coverage. Replace SOCK_DGRAM with SOCK_STREAM in one of unix_inet_skb_redir_to_connected() tests. Fixes: 51354f700d40 ("bpf, sockmap: Add af_unix test with both sockets in map") Reviewed-by: Jakub Sitnicki Tested-by: Jakub Sitnicki Suggested-by: Jakub Sitnicki Signed-off-by: Michal Luczaj Link: https://lore.kernel.org/r/20240731-selftest-sockmap-fixes-v2-5-08a0c73abed2@rbox.co Signed-off-by: Martin KaFai Lau commit b3b15b7a1e8de773c82f81c97904b51d4e919faa Author: Michal Luczaj Date: Wed Jul 31 12:01:29 2024 +0200 selftests/bpf: Honour the sotype of af_unix redir tests Do actually test the sotype as specified by the caller. This picks up after commit 75e0e27db6cf ("selftest/bpf: Change udp to inet in some function names"). Reviewed-by: Jakub Sitnicki Tested-by: Jakub Sitnicki Suggested-by: Jakub Sitnicki Signed-off-by: Michal Luczaj Link: https://lore.kernel.org/r/20240731-selftest-sockmap-fixes-v2-4-08a0c73abed2@rbox.co Signed-off-by: Martin KaFai Lau commit 4e3dec2295b1fdf5ea5c40a8195bc13de7cffdeb Author: Michal Luczaj Date: Wed Jul 31 12:01:28 2024 +0200 selftests/bpf: Simplify inet_socketpair() and vsock_socketpair_connectible() Replace implementation with a call to a generic function. Reviewed-by: Jakub Sitnicki Tested-by: Jakub Sitnicki Signed-off-by: Michal Luczaj Link: https://lore.kernel.org/r/20240731-selftest-sockmap-fixes-v2-3-08a0c73abed2@rbox.co Signed-off-by: Martin KaFai Lau commit b08f205e5b9a074ae89ad7f71002ca417a4a2700 Author: Michal Luczaj Date: Wed Jul 31 12:01:27 2024 +0200 selftests/bpf: Socket pair creation, cleanups Following create_pair() changes, remove unused function argument in create_socket_pairs() and adapt its callers, i.e. drop the open-coded loopback socket creation. Reviewed-by: Jakub Sitnicki Tested-by: Jakub Sitnicki Suggested-by: Jakub Sitnicki Signed-off-by: Michal Luczaj Link: https://lore.kernel.org/r/20240731-selftest-sockmap-fixes-v2-2-08a0c73abed2@rbox.co Signed-off-by: Martin KaFai Lau commit 190de5449973056f416c855b11fdfee2fc18f550 Author: Michal Luczaj Date: Wed Jul 31 12:01:26 2024 +0200 selftests/bpf: Support more socket types in create_pair() Extend the function to allow creating socket pairs of SOCK_STREAM, SOCK_DGRAM and SOCK_SEQPACKET. Adapt direct callers and leave further cleanups for the following patch. Reviewed-by: Jakub Sitnicki Tested-by: Jakub Sitnicki Suggested-by: Jakub Sitnicki Signed-off-by: Michal Luczaj Link: https://lore.kernel.org/r/20240731-selftest-sockmap-fixes-v2-1-08a0c73abed2@rbox.co Signed-off-by: Martin KaFai Lau commit 995d8fe0341ef206838fa88a021dd327e45c6521 Author: Ninad Palsule Date: Wed Jun 5 11:06:03 2024 -0500 ARM: dts: aspeed: System1: Updates to BMC board - Changed temperature sensor monitor chip from tmp423 to tmp432 Signed-off-by: Ninad Palsule Reviewed-by: Eddie James Link: https://lore.kernel.org/r/20240605160604.2135840-1-ninad@linux.ibm.com Signed-off-by: Andrew Jeffery commit 76c5533925434b0383f95a56a4da2e81e3e8a3d3 Author: Rafał Miłecki Date: Mon May 20 08:30:44 2024 +0200 ARM: dts: aspeed: convert ASRock SPC621D8HM3 NVMEM content to layout syntax Use cleaner (and non-deprecated) bindings syntax. See commit bd912c991d2e ("dt-bindings: nvmem: layouts: add fixed-layout") for details. Signed-off-by: Rafał Miłecki Acked-by: Zev Weiss Link: https://lore.kernel.org/r/20240520063044.4885-1-zajec5@gmail.com Signed-off-by: Andrew Jeffery commit fdc26e0560a0da25f2559656a74247e2fea79836 Author: Eddie James Date: Wed May 22 14:25:20 2024 -0500 ARM: dts: aspeed: Add IBM P11 Fuji BMC system Add the device tree for the new BMC system. The Fuji is a P11 system with eight processors. Signed-off-by: Eddie James Reviewed-by: Ninad Palsule Link: https://lore.kernel.org/r/20240522192524.3286237-17-eajames@linux.ibm.com Signed-off-by: Andrew Jeffery commit 787d4cbff0dc2fb5c4a344fb5f5f14ca5d7d0a9c Author: Eddie James Date: Wed May 22 14:25:19 2024 -0500 ARM: dts: aspeed: Add IBM P11 Blueridge 4U BMC system The 4U Blueridge is identical to the Blueridge system but has two extra power supplies. Signed-off-by: Eddie James Reviewed-by: Ninad Palsule Link: https://lore.kernel.org/r/20240522192524.3286237-16-eajames@linux.ibm.com Signed-off-by: Andrew Jeffery commit fe1d09efd2aed6909e556673dbf097d39f2a5fac Author: Eddie James Date: Wed May 22 14:25:18 2024 -0500 ARM: dts: aspeed: Add IBM P11 Blueridge BMC system Add the device tree for the new BMC system. The Blueridge is a P11 system with four processors. Signed-off-by: Eddie James Reviewed-by: Ninad Palsule Link: https://lore.kernel.org/r/20240522192524.3286237-15-eajames@linux.ibm.com Signed-off-by: Andrew Jeffery commit e09e75d5c669d49da03ecbbcaf05f72406c13c55 Author: Eddie James Date: Wed May 22 14:25:17 2024 -0500 ARM: dts: aspeed: Add IBM P11 FSI devices Add the P11 FSI device tree for use in upcoming BMC systems. Unlike P10, there is no system with only two processors, so only the quad processor FSI layout is necessary. Signed-off-by: Eddie James Reviewed-by: Ninad Palsule Link: https://lore.kernel.org/r/20240522192524.3286237-14-eajames@linux.ibm.com Signed-off-by: Andrew Jeffery commit db769d76874ed83e93c03a3027448842d051cb15 Author: Eddie James Date: Wed May 22 14:25:16 2024 -0500 dt-bindings: arm: aspeed: add IBM P11 BMC boards Document two new AST2600 BMC boards for IBM P11 systems. Signed-off-by: Eddie James Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240522192524.3286237-13-eajames@linux.ibm.com Signed-off-by: Andrew Jeffery commit 01ac89d0a5c2332be25a1b7ef707bad9ddb9fc20 Merge: 955bba7e0a0ec7 d9075ac631ce0c Author: Andrii Nakryiko Date: Mon Aug 19 15:30:06 2024 -0700 Merge branch 'correct-recent-gcc-incompatible-changes' Cupertino Miranda says: ==================== Correct recent GCC incompatible changes. Hi everyone, Apologies for the previous patches which did not include a cover letter. My wish was to send 3 indepepdent patches but after the initial mistake lets keep this as a series although they are all independent from themselves. The changes in this patch series is related to recovering GCC support to build the selftests. A few tests and a makefile change have broken the support for GCC in the last few months. Looking forward to your comments. Best regards, Cupertino ==================== Link: https://lore.kernel.org/r/20240819151129.1366484-1-cupertino.miranda@oracle.com Signed-off-by: Andrii Nakryiko commit d9075ac631ce0c5c2c17aa6221282a7c4ba8fa70 Author: Cupertino Miranda Date: Mon Aug 19 16:11:29 2024 +0100 selftest/bpf: Adapt inline asm operand constraint for GCC support GCC errors when compiling tailcall_bpf2bpf_hierarchy2.c and tailcall_bpf2bpf_hierarchy3.c with the following error: progs/tailcall_bpf2bpf_hierarchy2.c: In function 'tailcall_bpf2bpf_hierarchy_2': progs/tailcall_bpf2bpf_hierarchy2.c:66:9: error: input operand constraint contains '+' 66 | asm volatile (""::"r+"(ret)); | ^~~ Changed implementation to make use of __sink macro that abstracts the desired behaviour. The proposed change seems valid for both GCC and CLANG. Signed-off-by: Cupertino Miranda Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240819151129.1366484-4-cupertino.miranda@oracle.com commit 2aa93695081d4bd62350b41d58684d802be4563f Author: Cupertino Miranda Date: Mon Aug 19 16:11:27 2024 +0100 selftests/bpf: Disable strict aliasing for verifier_nocsr.c verfifier_nocsr.c fails to compile in GCC. The reason behind it was initially explained in commit 27a90b14b93d3b2e1efd10764e456af7e2a42991. "A few BPF selftests perform type punning and they may break strict aliasing rules, which are exploited by both GCC and clang by default while optimizing. This can lead to broken compiled programs." Signed-off-by: Cupertino Miranda Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240819151129.1366484-2-cupertino.miranda@oracle.com commit 955bba7e0a0ec7c13d3e9aa73c61f0d31e43fda8 Merge: fdf1c728fac541 7f6287417baf57 Author: Andrii Nakryiko Date: Mon Aug 19 15:25:31 2024 -0700 Merge branch 'bpf-enable-some-functions-in-cgroup-programs' Matteo Croce says: ==================== bpf: enable some functions in cgroup programs From: Matteo Croce Enable some BPF kfuncs and the helper bpf_current_task_under_cgroup() for program types BPF_CGROUP_*. These will be used by systemd-networkd: https://github.com/systemd/systemd/pull/32212 v5->v6: Called register_btf_kfunc_id_set() only once Fixed build error with !CONFIG_CGROUPS v4->v5: Same code, but v4 had an old cover letter v3->v4: Reset all the acked-by tags because the code changed a bit. Signed-off-by: Matteo Croce ==================== Link: https://lore.kernel.org/r/20240819162805.78235-1-technoboy85@gmail.com Signed-off-by: Andrii Nakryiko commit 7f6287417baf57754f47687c6ea1a749a0686ab0 Author: Matteo Croce Date: Mon Aug 19 18:28:05 2024 +0200 bpf: Allow bpf_current_task_under_cgroup() with BPF_CGROUP_* The helper bpf_current_task_under_cgroup() currently is only allowed for tracing programs, allow its usage also in the BPF_CGROUP_* program types. Move the code from kernel/trace/bpf_trace.c to kernel/bpf/helpers.c, so it compiles also without CONFIG_BPF_EVENTS. This will be used in systemd-networkd to monitor the sysctl writes, and filter it's own writes from others: https://github.com/systemd/systemd/pull/32212 Signed-off-by: Matteo Croce Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240819162805.78235-3-technoboy85@gmail.com commit 67666479edf1e2b732f4d0ac797885e859a78de4 Author: Matteo Croce Date: Mon Aug 19 18:28:04 2024 +0200 bpf: Enable generic kfuncs for BPF_CGROUP_* programs These kfuncs are enabled even in BPF_PROG_TYPE_TRACING, so they should be safe also in BPF_CGROUP_* programs. Since all BPF_CGROUP_* programs share the same hook, call register_btf_kfunc_id_set() only once. In enum btf_kfunc_hook, rename BTF_KFUNC_HOOK_CGROUP_SKB to a more generic BTF_KFUNC_HOOK_CGROUP, since it's used for all the cgroup related program types. Signed-off-by: Matteo Croce Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240819162805.78235-2-technoboy85@gmail.com commit 8dffaec34dd55473adcbc924a4c9b04aaa0d4278 Author: Tejun Heo Date: Mon Aug 19 12:18:23 2024 -1000 workqueue: Fix htmldocs build warning Fix htmldocs build warning introduced by ec0a7d44b358 ("workqueue: Add interface for user-defined workqueue lockdep map"). Signed-off-by: Tejun Heo Reported-by: Stephen Rothwell Cc: Matthew Brost commit d1a92d2d6c5dbeba9a87bfb57fa0142cdae7b206 Author: Chen Ridong Date: Thu Aug 15 13:14:08 2024 +0000 cgroup: update some statememt about delegation The comment in cgroup_file_write is missing some interfaces, such as 'cgroup.threads'. All delegatable files are listed in '/sys/kernel/cgroup/delegate', so update the comment in cgroup_file_write. Besides, add a statement that files outside the namespace shouldn't be visible from inside the delegated namespace. tj: Reflowed text for consistency. Signed-off-by: Chen Ridong Signed-off-by: Tejun Heo commit f94ce04e54038c37bcac8ae2e4e99a81a188b777 Author: Petr Pavlu Date: Mon Jul 22 11:06:22 2024 +0200 module: Clean up the description of MODULE_SIG_ The MODULE_SIG_ config choice has an inconsistent prompt styled as a question and lengthy option names. Simplify the prompt and option names to be consistent with other module options. Signed-off-by: Petr Pavlu Signed-off-by: Luis Chamberlain commit c7ff693fa2094ba0a9d0a20feb4ab1658eff9c33 Author: Petr Pavlu Date: Mon Jul 22 11:06:21 2024 +0200 module: Split modules_install compression and in-kernel decompression The kernel configuration allows specifying a module compression mode. If one is selected then each module gets compressed during 'make modules_install' and additionally one can also enable support for a respective direct in-kernel decompression support. This means that the decompression support cannot be enabled without the automatic compression. Some distributions, such as the (open)SUSE family, use a signer service for modules. A build runs on a worker machine but signing is done by a separate locked-down server that is in possession of the signing key. The build invokes 'make modules_install' to create a modules tree, collects information about the modules, asks the signer service for their signature, appends each signature to the respective module and compresses all modules. When using this arrangment, the 'make modules_install' step produces unsigned+uncompressed modules and the distribution's own build recipe takes care of signing and compression later. The signing support can be currently enabled without automatically signing modules during 'make modules_install'. However, the in-kernel decompression support can be selected only after first enabling automatic compression during this step. To allow only enabling the in-kernel decompression support without the automatic compression during 'make modules_install', separate the compression options similarly to the signing options, as follows: > Enable loadable module support [*] Module compression Module compression type (GZIP) ---> [*] Automatically compress all modules [ ] Support in-kernel module decompression * "Module compression" (MODULE_COMPRESS) is a new main switch for the compression/decompression support. It replaces MODULE_COMPRESS_NONE. * "Module compression type" (MODULE_COMPRESS_) chooses the compression type, one of GZ, XZ, ZSTD. * "Automatically compress all modules" (MODULE_COMPRESS_ALL) is a new option to enable module compression during 'make modules_install'. It defaults to Y. * "Support in-kernel module decompression" (MODULE_DECOMPRESS) enables in-kernel decompression. Signed-off-by: Petr Pavlu Acked-by: Masahiro Yamada Signed-off-by: Luis Chamberlain commit ee74817b0d6674c926c3ec2e14b191313fb59d8d Author: Krzysztof Kozlowski Date: Sun Aug 11 20:17:09 2024 +0200 ASoC: dt-bindings: serial-midi: reference serial-peripheral-props.yaml Reference common serial properties schema (for children of UART controllers) to bring common definition of "current-speed" and "max-speed" properties. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240811-dt-bindings-serial-peripheral-props-v1-6-1dba258b7492@linaro.org Signed-off-by: Rob Herring (Arm) commit c006059101a18b5c225ef68d6e52504a4d0a6085 Author: Krzysztof Kozlowski Date: Sun Aug 11 20:17:08 2024 +0200 dt-bindings: bluetooth: reference serial-peripheral-props.yaml Reference common serial properties schema (for children of UART controllers) to bring common definition of "current-speed" and "max-speed" properties. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240811-dt-bindings-serial-peripheral-props-v1-5-1dba258b7492@linaro.org Signed-off-by: Rob Herring (Arm) commit 38415a81e685eefaf5cd4d045ffc798134071654 Author: Krzysztof Kozlowski Date: Sun Aug 11 20:17:07 2024 +0200 dt-bindings: gnss: reference serial-peripheral-props.yaml The "current-speed" property is not a common property for all GNSS devices, but only to these connected with serial. Drop the property from the common GNSS properties schema and instead reference common serial properties schema (for children of UART controllers). Signed-off-by: Krzysztof Kozlowski Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240811-dt-bindings-serial-peripheral-props-v1-4-1dba258b7492@linaro.org Signed-off-by: Rob Herring (Arm) commit ab00f2abe68614438fbc3c213ddba5b8e27f3a52 Author: Krzysztof Kozlowski Date: Sun Aug 11 20:17:06 2024 +0200 dt-bindings: bluetooth: move Bluetooth bindings to dedicated directory Some Bluetooth devices bindings are in net/ and some are in net/bluetooth/, so bring some consistency by putting everything in net/bluetooth. Rename few bindings to match preferred naming style: "vendor,device". Signed-off-by: Krzysztof Kozlowski Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240811-dt-bindings-serial-peripheral-props-v1-3-1dba258b7492@linaro.org Signed-off-by: Rob Herring (Arm) commit 89b96e32440c48a2a5781ecbe16ebcc0c7b79345 Author: Krzysztof Kozlowski Date: Sun Aug 11 20:17:05 2024 +0200 dt-bindings: serial: add common properties schema for UART children Properties should be defined in only one place, thus add new serial-peripheral-props.yaml schema with definition of common properties for UART-connected devices (children of UART controller): current-speed and max-speed. The schema can be referenced by individual devices using these properties. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240811-dt-bindings-serial-peripheral-props-v1-2-1dba258b7492@linaro.org Signed-off-by: Rob Herring (Arm) commit 0292907532879363f2fa6f0944e1a47837865029 Author: Krzysztof Kozlowski Date: Sun Aug 11 20:17:04 2024 +0200 dt-bindings: serial: add missing "additionalProperties" on child nodes All nodes need an explicit additionalProperties or unevaluatedProperties unless a $ref has one that's false. Add missing additionalProperties for serial-attached devices. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240811-dt-bindings-serial-peripheral-props-v1-1-1dba258b7492@linaro.org Signed-off-by: Rob Herring (Arm) commit db8e81132cf051843c9a59b46fa5a071c45baeb3 Author: Andrew Jones Date: Sat Aug 17 09:41:08 2024 +0200 of/irq: Support #msi-cells=<0> in of_msi_get_domain An 'msi-parent' property with a single entry and no accompanying '#msi-cells' property is considered the legacy definition as opposed to its definition after being expanded with commit 126b16e2ad98 ("Docs: dt: add generic MSI bindings"). However, the legacy definition is completely compatible with the current definition and, since of_phandle_iterator_next() tolerates missing and present-but- zero *cells properties since commit e42ee61017f5 ("of: Let of_for_each_phandle fallback to non-negative cell_count"), there's no need anymore to special case the legacy definition in of_msi_get_domain(). Indeed, special casing has turned out to be harmful, because, as of commit 7c025238b47a ("dt-bindings: irqchip: Describe the IMX MU block as a MSI controller"), MSI controller DT bindings have started specifying '#msi-cells' as a required property (even when the value must be zero) as an effort to make the bindings more explicit. But, since the special casing of 'msi-parent' only uses the existence of '#msi-cells' for its heuristic, and not whether or not it's also nonzero, the legacy path is not taken. Furthermore, the path to support the new, broader definition isn't taken either since that path has been restricted to the platform-msi bus. But, neither the definition of 'msi-parent' nor the definition of '#msi-cells' is platform-msi-specific (the platform-msi bus was just the first bus that needed '#msi-cells'), so remove both the special casing and the restriction. The code removal also requires changing to of_parse_phandle_with_optional_args() in order to ensure the legacy (but compatible) use of 'msi-parent' remains supported. This not only simplifies the code but also resolves an issue with PCI devices finding their MSI controllers on riscv, as the riscv,imsics binding requires '#msi-cells=<0>'. Signed-off-by: Andrew Jones Link: https://lore.kernel.org/r/20240817074107.31153-2-ajones@ventanamicro.com Cc: stable@vger.kernel.org Signed-off-by: Rob Herring (Arm) commit 4b989e6e1a4fd726271fac589782ac1f4cb6bf55 Author: Aryabhatta Dey Date: Sat Aug 17 08:56:29 2024 +0530 dt-bindings: arc: convert archs-pct.txt to yaml Convert dt-binding archs-pct from txt to yaml format. Signed-off-by: Aryabhatta Dey Link: https://lore.kernel.org/r/emosjjbdwimwevrf2ew2dpn5sdx254el5fanhhquouu4bz6nbe@zqyp5ra7bmhh Signed-off-by: Rob Herring (Arm) commit 25b7d2cbba723bcff3aef40f7c2c78838a90d22e Author: Frank Li Date: Mon Aug 12 15:36:26 2024 -0400 dt-bindings: display: panel-simple-lvds-dual-ports: use unevaluatedProperties Replace additionalProperties with unevaluatedProperties because it ref to panel-common.yaml. Remove properties (backlight, enable-gpios and power-supply), which defined in panel-common.yaml. Fix below warning: arch/arm64/boot/dts/freescale/imx8mp-evk-mx8-dlvds-lcd1.dtb: panel-lvds: 'panel-timing' does not match any of the regexes: 'pinctrl-[0-9]+' from schema $id: http://devicetree.org/schemas/display/panel/panel-simple-lvds-dual-ports.yaml# Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20240812193626.3826250-1-Frank.Li@nxp.com Signed-off-by: Rob Herring (Arm) commit daa2be74b1b2302004945b2a5e32424e177cc7da Author: Frank Li Date: Tue Aug 13 12:36:29 2024 -0400 dt-bindings: board: convert fsl-board.txt to yaml Convert binding doc fsl-board.txt to yaml format. split to 3 part fsl,bcsr.yaml, fsl,fpga-qixis.yaml, fsl,fpga-qixis-i2c.yaml Additional change for fsl,fpga-qixis.yaml - Add childnode mdio-mux-emi* - Add compatible string fsl,ls1043aqds-fpga, fsl,ls1043ardb-fpga, fsl,ls1046aqds-fpga, fsl,ls1046ardb-fpga, fsl,ls208xaqds-fpga, fsl,ls1043ardb-cpld, fsl,ls1046ardb-cpld, fsl,ls1088aqds-fpga, fsl,ls1088ardb-fpga, fsl,ls2080aqds-fpga, fsl,ls2080ardb-fpga. - Change address to 32bit in example. Additional change for fsl,fpga-qixis-i2c.yaml - Add mux-controller - Add compatible string fsl,ls1028aqds-fpga, fsl,lx2160aqds-fpga Fix below warning: arch/arm64/boot/dts/freescale/fsl-ls1028a-qds.dtb: /soc/i2c@2000000/fpga@66: failed to match any schema with compatible: ['fsl,ls1028aqds-fpga', 'fsl,fpga-qixis-i2c', 'simple-mfd'] Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20240813163638.3889778-1-Frank.Li@nxp.com [robh: tweak mdio-mux node name, drop .dts change] Signed-off-by: Rob Herring (Arm) commit 3c8966403dae49d3402011441f3c813787a40b4e Author: Gaosheng Cui Date: Tue Aug 13 18:55:45 2024 +0800 ARM: s3c: remove unused s3c2410_cpu_suspend() declaration The s3c2410_cpu_suspend() has been removed since commit 61b7f8920b17 ("ARM: s3c: remove all s3c24xx support"), so remove it. Signed-off-by: Gaosheng Cui Link: https://lore.kernel.org/r/20240813105545.1180788-3-cuigaosheng1@huawei.com Fixes: 61b7f8920b17 ("ARM: s3c: remove all s3c24xx support") Signed-off-by: Krzysztof Kozlowski commit d248577a158393059fdcd2e41cdc422611765386 Author: Gaosheng Cui Date: Tue Aug 13 18:55:44 2024 +0800 ARM: s3c: remove unused declarations for s3c6400 These declarations for s3c6400 have been removed since commit 6bac4f78ea3d ("ARM: s3c: remove s3c6400 support"), so remove it. Signed-off-by: Gaosheng Cui Link: https://lore.kernel.org/r/20240813105545.1180788-2-cuigaosheng1@huawei.com Fixes: 6bac4f78ea3d ("ARM: s3c: remove s3c6400 support") Signed-off-by: Krzysztof Kozlowski commit 200b6c1a59975a60c7fab90c88533f3f3458d826 Author: Gaosheng Cui Date: Tue Aug 13 18:50:37 2024 +0800 ARM: s3c: Remove unused s3c_init_uart_irqs() declaration The s3c_init_uart_irqs() has not been used since commit 2a8d7bddf273 ("ARM: SAMSUNG: Remove uart irq handling from plaform code"), so remove it. Signed-off-by: Gaosheng Cui Link: https://lore.kernel.org/r/20240813105037.1178393-1-cuigaosheng1@huawei.com Fixes: 2a8d7bddf273 ("ARM: SAMSUNG: Remove uart irq handling from plaform code") Signed-off-by: Krzysztof Kozlowski commit 84236ed0a2b1d40a0b72e8dde4b18d641263f5f9 Author: Krzysztof Kozlowski Date: Sun Aug 18 19:28:04 2024 +0200 dt-bindings: samsung: exynos-usi: add missing constraints Properties with variable number of items per each device are expected to have widest constraints in top-level "properties:" block and further customized (narrowed) in "if:then:". Add missing top-level constraints for reg, clocks and clock-names. Reviewed-by: Sam Protsenko Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240818172804.121666-1-krzysztof.kozlowski@linaro.org Signed-off-by: Krzysztof Kozlowski commit 5cc698bad72667cf80097dece6b91efbb4a1a0a7 Author: Namhyung Kim Date: Sun Aug 18 14:29:48 2024 -0700 perf test: Add cgroup sampling test Add it to the record.sh shell test to verify if it tracks cgroup information correctly. It records with --all-cgroups option can check if it has PERF_RECORD_CGROUP and the names are not "unknown". $ sudo ./perf test -vv 95 95: perf record tests: --- start --- test child forked, pid 2871922 169c90-169cd0 g test_loop perf does have symbol 'test_loop' Basic --per-thread mode test Basic --per-thread mode test [Success] Register capture test Register capture test [Success] Basic --system-wide mode test Basic --system-wide mode test [Success] Basic target workload test Basic target workload test [Success] Branch counter test branch counter feature not supported on all core PMUs (/sys/bus/event_source/devices/cpu) [Skipped] Cgroup sampling test Cgroup sampling test [Success] ---- end(0) ---- 95: perf record tests : Ok Reviewed-by: Ian Rogers Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240818212948.2873156-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 3432bae89e044819f0b30f4c09260d2740896797 Author: Namhyung Kim Date: Sun Aug 18 14:29:47 2024 -0700 perf record: Fix sample cgroup & namespace tracking The recent change in 'struct perf_tool' constification broke the cgroup and/or namespace tracking by resetting tool fields. It should set the values after perf_tool__init(). Fixes: cecb1cf154b301c6 ("perf record: Use perf_tool__init()") Reviewed-by: Ian Rogers Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240818212948.2873156-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 9184b17fbc232554f91e9a01d29cea3a47bca2ea Author: Charles Wang Date: Wed Aug 14 10:45:13 2024 +0800 dt-bindings: input: Goodix SPI HID Touchscreen The Goodix GT7986U touch controller report touch data according to the HID protocol through the SPI bus. However, it is incompatible with Microsoft's HID-over-SPI protocol. Reviewed-by: Conor Dooley Signed-off-by: Charles Wang Signed-off-by: Jiri Kosina commit 75e16c8ce283bb88e77704dc8fa041c577caac0f Author: Charles Wang Date: Wed Aug 14 10:45:12 2024 +0800 HID: hid-goodix: Add Goodix HID-over-SPI driver This patch introduces a new driver to support the Goodix GT7986U touch controller. This device is not compatible with Microsoft's HID-over-SPI protocol and therefore needs to implement its own flavor. The data reported is packaged according to the HID protocol but uses SPI for communication to improve speed. This enables the device to transmit not only coordinate data but also corresponding raw data that can be accessed by user-space programs through the hidraw interface. The raw data can be utilized for functions like palm rejection, thereby improving the touch experience. Key features: - Device connection confirmation and initialization - IRQ-based event reporting to the input subsystem - Support for HIDRAW operations (GET_REPORT and SET_REPORT) Reviewed-by: Dmitry Torokhov Signed-off-by: Charles Wang Signed-off-by: Jiri Kosina commit aa4674c525e1e9a27f77e29fa71a4a5779a52ee4 Author: Zhang Lixu Date: Thu Aug 15 10:10:01 2024 +0800 hid: intel-ish-hid: Add support for vendor customized firmware loading Enhance the firmware loader to support the loading of vendor-specific customized firmware for the Intel Integrated Sensor Hub (ISH). The loader now constructs firmware file names based on the DMI_SYS_VENDOR, DMI_PRODUCT_NAME, and DMI_PRODUCT_SKU information in Desktop Management Interface (DMI). The loader will attempt to load the firmware files following a specific naming convention in sequence. If successful, it will skip the remaining files. For more details, please refer to Documentation/hid/intel-ish-hid.rst. Signed-off-by: Zhang Lixu Acked-by: Srinivas Pandruvada Signed-off-by: Jiri Kosina commit 641361538b68de29d97cc7bf535e50176dbdcfbf Author: Zhang Lixu Date: Thu Aug 15 10:10:00 2024 +0800 HID: intel-ish-hid: Use CPU generation string in driver_data ISH allows vendors to customize ISH firmware. To differentiate different vendors and load the correct firmware, Intel defined a firmware file name format. As part of the filename, there is a "generation" string. To load correct format the driver must know the generation name to create file name. In the absence of any vendor specific firmware, default ISH firmware is loaded. Currently full ISH firmware file name is stored as part of driver data. This file name already includes the generation name. For example, for Lunar Lake, the name is ish_lnlm.bin, where "lnlm" is the generation. So instead of storing both generation name and ISH default firmware file name, just store generation name and create the default ISH firmware file name string during initialization. No functional changes are expected. Signed-off-by: Zhang Lixu Acked-by: Srinivas Pandruvada Signed-off-by: Jiri Kosina commit 87de1615194eeb43b14cf5355ede3bd2115e0ff4 Author: Zhang Lixu Date: Thu Aug 15 10:09:59 2024 +0800 Documentation: hid: intel-ish-hid: Add vendor custom firmware loading Add ISH firmware loading guidelines for vendor custom firmware. Signed-off-by: Zhang Lixu Acked-by: Srinivas Pandruvada Signed-off-by: Jiri Kosina commit 429ecbef0d599cec66918d552a284b617f8724a4 Merge: aa6e8296a7ff55 265697288ec216 Author: Mark Brown Date: Mon Aug 19 20:04:49 2024 +0100 spi: bcm63xx: Fix two bugs Merge series from Jinjie Ruan : Fix module autoloading and missing pm_runtime_disable(). commit 175fcd15e8606f2cca1edce43e18fa65c443bce6 Merge: 46e21141111393 1f3662838a05f1 Author: Mark Brown Date: Mon Aug 19 19:58:04 2024 +0100 ALSA/ASoC/SoundWire: Intel: update maximum number Merge series from Bard Liao : Intel new platforms can have up to 5 SoundWire links. This series does not apply to SoundWire tree due to recent changes in machine driver. Can we go via ASoC tree with Vinod's Acked-by tag? commit 46e211411113932be1fd31580a03502466648f91 Merge: e486feb7b8ec04 526139aff1d14c Author: Mark Brown Date: Mon Aug 19 19:57:56 2024 +0100 ASoC: Intel: Remove skylake driver Merge series from Cezary Rojewski : A spiritual successor to haswell/baytrail removal series [1]. The avs-driver found in sound/soc/intel/avs is a direct replacement to the existing skylake-driver. It covers all features supported by it and more and aligns with the recommended flows and requirements based on Windows driver equivalent. The skylake-driver related UAPI has been removed with "ASoC: Drop soc-topology ABI v4 support" [2]. For the official kernel tree the deprecation begun with v6.0. Most skylake-drivers users moved to avs- or SOF-driver when AudioDSP capabilities are available on the platform or to snd-hda-intel (sound/pci/hda) when such capabilities are not. For the supported trees the deprecation begun with v5.4 with v5.15 being the first where the skylake-driver is disabled entirely. All machine board drivers that consume this DSP driver have their replacements present within sound/soc/intel/avs/boards/ directory. [1]: https://lore.kernel.org/alsa-devel/20201006064907.16277-1-cezary.rojewski@intel.com/ [2]: https://lore.kernel.org/alsa-devel/20240403091629.647267-1-cezary.rojewski@intel.com/ commit 05f4216272c4b588c87551d3ba9bfb88b1bffaba Author: Linus Torvalds Date: Thu Jul 25 13:45:10 2024 -0700 x86: do the user address masking outside the user access area In any normal situation this really shouldn't matter, but in case the address passed in to masked_user_access_begin() were to be some complex expression, we should evaluate it fully before doing the 'stac' instruction. And even without that issue (which objdump would pick up on for any really bad case), just in general we should strive to minimize the amount of code we run with user accesses enabled. For example, even for the trivial pselect6() case, the code generation (obviously with a non-debug build) just diff with this ends up being - stac mov %rax,%rcx sar $0x3f,%rcx or %rax,%rcx + stac mov (%rcx),%r13 mov 0x8(%rcx),%r14 clac so the area delimeted by the 'stac / clac' pair is now literally just the two user access instructions, and the address generation has been moved out to before that code. This will be much more noticeable if we end up deciding that we can go back to just inlining "get_user()" using the new masked user access model. The get_user() pointers can often be more complex expressions involving kernel memory accesses or even function calls. Signed-off-by: Linus Torvalds commit 2865baf54077aa98fcdb478cefe6a42c417b9374 Author: Linus Torvalds Date: Mon Apr 8 20:04:58 2024 -0700 x86: support user address masking instead of non-speculative conditional The Spectre-v1 mitigations made "access_ok()" much more expensive, since it has to serialize execution with the test for a valid user address. All the normal user copy routines avoid this by just masking the user address with a data-dependent mask instead, but the fast "unsafe_user_read()" kind of patterms that were supposed to be a fast case got slowed down. This introduces a notion of using src = masked_user_access_begin(src); to do the user address sanity using a data-dependent mask instead of the more traditional conditional if (user_read_access_begin(src, len)) { model. This model only works for dense accesses that start at 'src' and on architectures that have a guard region that is guaranteed to fault in between the user space and the kernel space area. With this, the user access doesn't need to be manually checked, because a bad address is guaranteed to fault (by some architecture masking trick: on x86-64 this involves just turning an invalid user address into all ones, since we don't map the top of address space). This only converts a couple of examples for now. Example x86-64 code generation for loading two words from user space: stac mov %rax,%rcx sar $0x3f,%rcx or %rax,%rcx mov (%rcx),%r13 mov 0x8(%rcx),%r14 clac where all the error handling and -EFAULT is now purely handled out of line by the exception path. Of course, if the micro-architecture does badly at 'clac' and 'stac', the above is still pitifully slow. But at least we did as well as we could. Signed-off-by: Linus Torvalds commit e2e641fe1c69bbbe94a89e814967da50e6df226b Author: Zhang Zekun Date: Sun Aug 18 13:57:02 2024 +0800 RDMA/ipoib: Remove unused declarations There are some declarations without function definition, which are listed as below: 1. ipoib_ib_tx_timer_func() has also been removed since commit 8966e28d2e40 ("IB/ipoib: Use NAPI in UD/TX flows") 2. ipoib_pkey_event() has been removed since commit ee1e2c82c245 ("IPoIB: Refresh paths instead of flushing them on SM change events") 3. ipoib_mcast_dev_down() has been removed since commit 988bd50300ef ("IPoIB: Fix memory leak of multicast group structures") 4. ipoib_pkey_open() has been removed since commit dd57c9308aff ("IB/ipoib: Avoid multicast join attempts with invalid P_key") Remove these unused declarations. Link: https://patch.msgid.link/r/20240818055702.79547-3-zhangzekun11@huawei.com Signed-off-by: Zhang Zekun Signed-off-by: Jason Gunthorpe commit 1fb797af8a4bb0569c1bc8bf95b630ecaf7bd38e Author: Zhang Zekun Date: Sun Aug 18 13:57:01 2024 +0800 RDMA/core: Remove unused declaration rdma_resolve_ip_route() The definition of rdma_resolve_ip_route() has been removed. Remove the unused declaration. Fixes: 6aaecd385685 ("RDMA/core: Simplify roce_resolve_route_from_path()") Link: https://patch.msgid.link/r/20240818055702.79547-2-zhangzekun11@huawei.com Signed-off-by: Zhang Zekun Signed-off-by: Jason Gunthorpe commit 53ffc09a3e6d39d7a9b3758be4a8795fb57a7989 Author: Yue Haibing Date: Fri Aug 16 18:13:58 2024 +0800 RDMA/mlx5: Remove two unused declarations Commit e6fb246ccafb ("RDMA/mlx5: Consolidate MR destruction to mlx5_ib_dereg_mr()") removed mlx5_ib_free_implicit_mr() but left the declaration. Commit d98995b4bf98 ("net/mlx5: Reimplement write combining test") left mlx5_ib_test_wc(). Remove the unused declarations. Link: https://patch.msgid.link/r/20240816101358.881247-1-yuehaibing@huawei.com Signed-off-by: Yue Haibing Signed-off-by: Jason Gunthorpe commit a9ed31f18e08bf24fce9e4484d9da5712d4980d1 Author: Yue Haibing Date: Wed Jul 31 18:35:45 2024 +0800 HID: amd_sfh: Remove unused declarations Commit 4b2c53d93a4b ("SFH:Transport Driver to add support of AMD Sensor Fusion Hub (SFH)") declared but never implemented them. Signed-off-by: Yue Haibing Acked-by: Basavaraj Natikar Signed-off-by: Jiri Kosina commit c61f9a8388ee8a5d75b71476c01c165af75e4f3a Author: Yue Haibing Date: Wed Jul 31 18:31:22 2024 +0800 HID: intel-ish-hid: Remove unused declarations Commit 3703f53b99e4 ("HID: intel_ish-hid: ISH Transport layer") declared ishtp_remove_all_clients()/ishtp_can_client_connect() but never implemented them. Signed-off-by: Yue Haibing Acked-by: Srinivas Pandruvada Signed-off-by: Jiri Kosina commit 05c4cfeba097b986532c7a5609dcc5435c0a4dee Author: Ian Rogers Date: Fri Aug 16 23:44:38 2024 -0700 perf inject: Combine mmap and mmap2 handling The handling of mmap and mmap2 events is near identical. Add a common helper function and call that by the two event handling functions. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anne Macedo Cc: Arnd Bergmann Cc: Athira Rajeev Cc: Casey Chen Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jann Horn Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Masahiro Yamada Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Sun Haiyong Cc: Weilin Wang Cc: Yang Jihong Cc: Yunseong Kim Cc: Ze Gao Link: https://lore.kernel.org/r/20240817064442.2152089-10-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 048a7a9363a276ffc15e137ae8544d2cd7c28b67 Author: Ian Rogers Date: Fri Aug 16 23:44:37 2024 -0700 perf inject: Combine different mmap and mmap2 functions There are repipe, build ID and JIT dump variants of the mmap and mmap2 repipe functions. The organization doesn't allow JIT dump to work with build ID injection and the structure is less than clear. Combine the function and enable the different behaviors based on ifs. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anne Macedo Cc: Arnd Bergmann Cc: Athira Rajeev Cc: Casey Chen Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jann Horn Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Masahiro Yamada Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Sun Haiyong Cc: Weilin Wang Cc: Yang Jihong Cc: Yunseong Kim Cc: Ze Gao Link: https://lore.kernel.org/r/20240817064442.2152089-9-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 0ed4c8c31139e3360c5db9f536e8ff37c1824f8a Author: Ian Rogers Date: Fri Aug 16 23:44:36 2024 -0700 perf inject: Combine build_ids and build_id_all into enum It is clearer to have a single enum that determines how build ids are injected, it also allows for future extension. Set the header build ID feature whether lazy or all are generated, previously only the lazy case would set it. Allow parsing of known build IDs for either the lazy or all cases. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anne Macedo Cc: Arnd Bergmann Cc: Athira Rajeev Cc: Casey Chen Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jann Horn Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Masahiro Yamada Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Sun Haiyong Cc: Weilin Wang Cc: Yang Jihong Cc: Yunseong Kim Cc: Ze Gao Link: https://lore.kernel.org/r/20240817064442.2152089-8-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit a8656614ebe017a0487ba9f85213910c09e89c59 Author: Ian Rogers Date: Fri Aug 16 23:44:35 2024 -0700 perf test: Expand pipe/inject test Test recording of call-graphs and injecting --build-all. Add/expand trap handler. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anne Macedo Cc: Arnd Bergmann Cc: Athira Rajeev Cc: Casey Chen Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jann Horn Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Masahiro Yamada Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Sun Haiyong Cc: Weilin Wang Cc: Yang Jihong Cc: Yunseong Kim Cc: Ze Gao Link: https://lore.kernel.org/r/20240817064442.2152089-7-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 63c89dc5e129a73cd3f8528640d2496543b79706 Author: Ian Rogers Date: Fri Aug 16 23:44:34 2024 -0700 perf evsel: Constify evsel__id_hdr_size() argument Allows evsel__id_hdr_size() to be used when the evsel is const. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anne Macedo Cc: Arnd Bergmann Cc: Athira Rajeev Cc: Casey Chen Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jann Horn Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Masahiro Yamada Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Sun Haiyong Cc: Weilin Wang Cc: Yang Jihong Cc: Yunseong Kim Cc: Ze Gao Link: https://lore.kernel.org/r/20240817064442.2152089-6-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit e4bb4caa54b24b839c21612d816b40673a75f6d4 Author: Ian Rogers Date: Fri Aug 16 23:44:33 2024 -0700 perf dso: Constify dso_id The passed dso_id is copied and so is never an out argument. Remove its mutability. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anne Macedo Cc: Arnd Bergmann Cc: Athira Rajeev Cc: Casey Chen Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jann Horn Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Masahiro Yamada Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Sun Haiyong Cc: Weilin Wang Cc: Yang Jihong Cc: Yunseong Kim Cc: Ze Gao Link: https://lore.kernel.org/r/20240817064442.2152089-5-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 0847c193c3d777b79af9d019d6509b5857591f33 Author: Ian Rogers Date: Fri Aug 16 23:44:32 2024 -0700 perf jit: Constify filename argument Make it clearer the argument is just being used as a string. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anne Macedo Cc: Arnd Bergmann Cc: Athira Rajeev Cc: Casey Chen Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jann Horn Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Masahiro Yamada Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Sun Haiyong Cc: Weilin Wang Cc: Yang Jihong Cc: Yunseong Kim Cc: Ze Gao Link: https://lore.kernel.org/r/20240817064442.2152089-4-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit a031073626d135b332c1004dd6ade1b1e8d7c9f8 Author: Ian Rogers Date: Fri Aug 16 23:44:31 2024 -0700 perf map: API clean up map__init() is only used internally so make it static. Assume memory is zero initialized, which will better support adding fields to struct map in the future and was already the case for map__new2. To reduce complexity, change set_priv and set_erange_warned to not take a value to assign as they always assign true. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anne Macedo Cc: Arnd Bergmann Cc: Athira Rajeev Cc: Casey Chen Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jann Horn Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Masahiro Yamada Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Sun Haiyong Cc: Weilin Wang Cc: Yang Jihong Cc: Yunseong Kim Cc: Ze Gao Link: https://lore.kernel.org/r/20240817064442.2152089-3-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 2aebebb834e208344eeabcc4cacfc680026c8f6f Author: Ian Rogers Date: Fri Aug 16 23:44:30 2024 -0700 perf synthetic-events: Avoid unnecessary memset Make sure the memset of a synthesized event only zeros the necessary tracing data part of the event, as a full event can be over 4kb in size. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anne Macedo Cc: Arnd Bergmann Cc: Athira Rajeev Cc: Casey Chen Cc: Chaitanya S Prakash Cc: Colin Ian King Cc: Dominique Martinet Cc: Ingo Molnar Cc: James Clark Cc: Jann Horn Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Masahiro Yamada Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Sun Haiyong Cc: Weilin Wang Cc: Yang Jihong Cc: Yunseong Kim Cc: Ze Gao Link: https://lore.kernel.org/r/20240817064442.2152089-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 2518e13275ab9ea6b2540f828cf78b0280991f85 Author: Xu Yang Date: Mon Aug 19 10:34:03 2024 +0800 perf python: Fix the build on 32-bit arm by including missing "util/sample.h" The 32-bit arm build system will complain: tools/perf/util/python.c:75:28: error: field ‘sample’ has incomplete type 75 | struct perf_sample sample; However, arm64 build system doesn't complain this. The root cause is arm64 define "HAVE_KVM_STAT_SUPPORT := 1" in tools/perf/arch/arm64/Makefile, but arm arch doesn't define this. This will lead to kvm-stat.h include other header files on arm64 build system, especially "util/sample.h" for util/python.c. This will try to directly include "util/sample.h" for "util/python.c" to avoid such build issue on arm platform. Signed-off-by: Xu Yang Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Cc: imx@lists.linux.dev Link: https://lore.kernel.org/r/20240819023403.201324-1-xu.yang_2@nxp.com Signed-off-by: Arnaldo Carvalho de Melo commit 105a0c76fd0c576ce1d865d5a0acf3be75900937 Author: Cai Huoqing Date: Thu Sep 16 23:31:48 2021 +0800 Input: colibri-vf50-ts - make use of the helper function dev_err_probe() When possible use dev_err_probe help to properly deal with the PROBE_DEFER error, the benefit is that DEFER issue will be logged in the devices_deferred debugfs file. Using dev_err_probe() can reduce code size, and the error value gets printed. Signed-off-by: Cai Huoqing Link: https://lore.kernel.org/r/20210916153148.14045-1-caihuoqing@baidu.com Signed-off-by: Dmitry Torokhov commit ed7687c75fc905a2ff4a95767c44d277dafd718b Author: Frank Li Date: Mon Aug 19 10:24:29 2024 -0400 dt-bindings: input: touchscreen: convert colibri-vf50-ts.txt to yaml Convert binding doc colibri-vf50-ts.txt to yaml. Additional change: - add ref touchscreen.yaml. - remove standard pinctrl properties. Fix below warning: arch/arm64/boot/dts/freescale/imx8qm-apalis-eval.dtb: /touchscreen: failed to match any schema with compatible: ['toradex,vf50-touchscreen'] Reviewed-by: Rob Herring (Arm) Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20240819142434.311760-1-Frank.Li@nxp.com Signed-off-by: Dmitry Torokhov commit 3ccedd259cc3e78666514881b37466a8b977b0d8 Author: Chen Wang Date: Mon Aug 5 10:33:20 2024 +0800 riscv: defconfig: sophgo: enable clks for sg2042 Enable clk generators for sg2042 due to many peripherals rely on these clocks. Signed-off-by: Chen Wang Signed-off-by: Conor Dooley commit d5283b47e225e1473e1a07085b9c4e6bfd08ba51 Author: Xin Long Date: Wed Jul 17 22:09:44 2024 -0400 netfilter: move nf_ct_netns_get out of nf_conncount_init This patch is to move nf_ct_netns_get() out of nf_conncount_init() and let the consumers of nf_conncount decide if they want to turn on netfilter conntrack. It makes nf_conncount more flexible to be used in other places and avoids netfilter conntrack turned on when using it in openvswitch conntrack. Signed-off-by: Xin Long Reviewed-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit c9526aeb4998393171d85225ff540e28c7d4ab86 Author: Pablo Neira Ayuso Date: Mon Jul 15 13:32:31 2024 +0200 netfilter: nf_tables: do not remove elements if set backend implements .abort pipapo set backend maintains two copies of the datastructure, removing the elements from the copy that is going to be discarded slows down the abort path significantly, from several minutes to few seconds after this patch. This patch was previously reverted by f86fb94011ae ("netfilter: nf_tables: revert do not remove elements if set backend implements .abort") but it is now possible since recent work by Florian Westphal to perform on-demand clone from insert/remove path: 532aec7e878b ("netfilter: nft_set_pipapo: remove dirty flag") 3f1d886cc7c3 ("netfilter: nft_set_pipapo: move cloning of match info to insert/removal path") a238106703ab ("netfilter: nft_set_pipapo: prepare pipapo_get helper for on-demand clone") c5444786d0ea ("netfilter: nft_set_pipapo: merge deactivate helper into caller") 6c108d9bee44 ("netfilter: nft_set_pipapo: prepare walk function for on-demand clone") 8b8a2417558c ("netfilter: nft_set_pipapo: prepare destroy function for on-demand clone") 80efd2997fb9 ("netfilter: nft_set_pipapo: make pipapo_clone helper return NULL") a590f4760922 ("netfilter: nft_set_pipapo: move prove_locking helper around") after this series, the clone is fully released once aborted, no need to take it back to previous state. Thus, no stale reference to elements can occur. Signed-off-by: Pablo Neira Ayuso commit c1aa38866b9c58dc6cf7a5fc6a3e1ca75565169e Author: Florian Westphal Date: Wed Jul 10 10:58:29 2024 +0200 netfilter: nf_tables: store new sets in dedicated list nft_set_lookup_byid() is very slow when transaction becomes large, due to walk of the transaction list. Add a dedicated list that contains only the new sets. Before: nft -f ruleset 0.07s user 0.00s system 0% cpu 1:04.84 total After: nft -f ruleset 0.07s user 0.00s system 0% cpu 30.115 total .. where ruleset contains ~10 sets with ~100k elements. The above number is for a combined flush+reload of the ruleset. With previous flush, even the first NEWELEM has to walk through a few hundred thousands of DELSET(ELEM) transactions before the first NEWSET object. To cope with random-order-newset-newsetelem we'd need to replace commit_set_list with a hashtable. Expectation is that a NEWELEM operation refers to the most recently added set, so last entry of the dedicated list should be the set we want. NB: This is not a bug fix per se (functionality is fine), but with larger transaction batches list search takes forever, so it would be nice to speed this up for -stable too, hence adding a "fixes" tag. Fixes: 958bee14d071 ("netfilter: nf_tables: use new transaction infrastructure to handle sets") Reported-by: Nadia Pinaeva Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit e2444c1d463995477fb447be9d0c54150a5c393b Author: Donald Hunter Date: Tue May 28 11:37:54 2024 +0100 netfilter: nfnetlink: convert kfree_skb to consume_skb Use consume_skb in the batch code path to avoid generating spurious NOT_SPECIFIED skb drop reasons. Signed-off-by: Donald Hunter Signed-off-by: Pablo Neira Ayuso commit 4e97d521c2be094718c4c5c7c4f785e8972b4af0 Author: Antonio Ojea Date: Tue Jul 2 13:15:36 2024 +0200 selftests: netfilter: nft_queue.sh: sctp coverage Test that nfqueue with and without GSO process SCTP packets correctly. Joint work with Florian and Pablo. Signed-off-by: Antonio Ojea Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso commit 26a77d02891ab62172085a4f94af9b3c90aed387 Author: Antonio Ojea Date: Thu Jun 27 13:27:10 2024 +0200 netfilter: nfnetlink_queue: unbreak SCTP traffic when packet is enqueued with nfqueue and GSO is enabled, checksum calculation has to take into account the protocol, as SCTP uses a 32 bits CRC checksum. Enter skb_gso_segment() path in case of SCTP GSO packets because skb_zerocopy() does not support for GSO_BY_FRAGS. Joint work with Pablo. Signed-off-by: Antonio Ojea Signed-off-by: Pablo Neira Ayuso commit 64ddf5123eff2edf47202e08744c3c14a9d28f59 Author: Zhaoxiong Lv Date: Wed Aug 7 18:04:29 2024 +0800 drm/panel: jd9365da: Modify the init code of Melfas Modify the Melfas panel init code to satisfy the gamma value of 2.2 Acked-by: Jessica Zhang Signed-off-by: Zhaoxiong Lv Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20240807100429.13260-3-lvzhaoxiong@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240807100429.13260-3-lvzhaoxiong@huaqin.corp-partner.google.com commit 97d1f449c359207b2fb5bc62eaefb7e21ad619ae Author: Zhaoxiong Lv Date: Wed Aug 7 18:04:28 2024 +0800 drm/panel: jd9365da: Move "exit sleep mode" and "set display on" cmds Move the "exit sleep mode" and "set display on" command from enable() to init() function. As mentioned in the patch: https://lore.kernel.org/all/20240624141926.5250-2-lvzhaoxiong@huaqin.corp-partner.google.com/ The Mediatek Soc DSI host has different modes in prepare() and enable() functions, prepare() is in LP mode and enable() is in HS mode. Since the "exit sleep mode" and "set display on" command must also be sent in LP mode, so we also move "exit sleep mode" and "set display on" command to the init() function. We have no other actions in the enable() function after moves "exit sleep mode" and "set display on", and we checked the call of the enable() function during the "startup" process. It seems that only one judgment was made in drm_panel_enabel(). If the panel does not define enable(), the judgment will skip the enable() and continue execution. This does not seem to have any other effect, and we found that some drivers also seem to have no enable() function added, for example: panel-asus-z00t-tm5p5-n35596 / panel-boe-himax8279d... In addition, we briefly tested the kingdisplay_kd101ne3 panel and melfas_lmfbx101117480 panel, and it seems that there is no garbage on the panel, so we delete enable() function. After moving the "exit sleep mode" and "set display on" command to the init() function, we no longer need additional delay judgment, so we delete variables "exit_sleep_to_display_on_delay_ms" and "display_on_delay_ms". Reviewed-by: Douglas Anderson Signed-off-by: Zhaoxiong Lv Acked-by: Jessica Zhang Link: https://lore.kernel.org/r/20240807100429.13260-2-lvzhaoxiong@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240807100429.13260-2-lvzhaoxiong@huaqin.corp-partner.google.com commit 91a759d402b5c17263f82097c647e784f217e2d4 Author: Liu Ying Date: Fri Aug 16 16:50:04 2024 +0800 drm/panel: simple: Add ON Tat Industrial Company KD50G21-40NT-A1 panel ON Tat Industrial Company KD50G21-40NT-A1 is a 5" WVGA LCD panel with DPI interface. The LCD module specification can be found at: https://cdn-shop.adafruit.com/datasheets/KD50G21-40NT-A1.pdf Signed-off-by: Liu Ying Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240816085004.491494-3-victor.liu@nxp.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240816085004.491494-3-victor.liu@nxp.com commit 773a0e3e89b354f14ec9ea8bddf3e86a602d162d Author: Liu Ying Date: Fri Aug 16 16:50:03 2024 +0800 dt-bindings: display: panel-simple: Add On Tat Industrial Company KD50G21-40NT-A1 Document On Tat Industrial Company KD50G21-40NT-A1 5" WVGA TFT LCD panel. The LCD module specification can be found at: https://cdn-shop.adafruit.com/datasheets/KD50G21-40NT-A1.pdf Signed-off-by: Liu Ying Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816085004.491494-2-victor.liu@nxp.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240816085004.491494-2-victor.liu@nxp.com commit f7c4a15225faeffe1e9f9a752097e7d85603ffef Author: Hironori KIKUCHI Date: Sun Aug 4 15:14:49 2024 +0900 drm/panel: st7701: Add Anbernic RG28XX panel support The Anbernic RG28XX is a handheld gaming device with a 2.8 inch 480x640 display. Add support for the display panel. This panel is driven by a variant of ST7701 driver IC internally, confirmed by dumping and analyzing its BSP initialization sequence by using a logic analyzer. It is very similar to the existing densitron,dmt028vghmcmi-1a panel, but differs in some unknown register values. Besides, it is connected via SPI, so add a new entry for the panel. Signed-off-by: Hironori KIKUCHI Reviewed-by: Neil Armstrong Reviewed-by: Jessica Zhang Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240804061503.881283-6-kikuchan98@gmail.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240804061503.881283-6-kikuchan98@gmail.com commit 6a60273a0e8274820210abcfe7ec0d5f1f38f458 Author: Hironori KIKUCHI Date: Sun Aug 4 15:14:48 2024 +0900 drm/panel: st7701: Add support for SPI for configuration The ST7701 supports not only MIPI DSI, but also SPI as an interface for configuration. To support a panel connected via SPI with an RGB parallel interface, add support for SPI using MIPI DBI helpers. Signed-off-by: Hironori KIKUCHI Reviewed-by: Neil Armstrong Reviewed-by: Jessica Zhang Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240804061503.881283-5-kikuchan98@gmail.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240804061503.881283-5-kikuchan98@gmail.com commit 9a01fb40fda3de773eabd87d0d10f9c1f49ad581 Author: Hironori KIKUCHI Date: Sun Aug 4 15:14:47 2024 +0900 dt-bindings: display: st7701: Add Anbernic RG28XX panel The RG28XX panel is a display panel of the Anbernic RG28XX, a handheld gaming device from Anbernic. It is 2.8 inches in size (diagonally) with a resolution of 480x640. This panel is driven by a variant of the ST7701 driver IC internally, confirmed by dumping and analyzing its BSP initialization sequence by using a logic analyzer. It is very similar to the existing densitron,dmt028vghmcmi-1a panel, but differs in some unknown register values, so add a new entry for the panel to distinguish them. Additionally, the panel only has an SPI instead of MIPI DSI. So add and modify for SPI as well. Although a panel connected via SPI with a D/CX pin theoretically exists, no such panels have been found for this driver yet. Therefore, disable the use of the dc-gpios property for all currently known devices. Signed-off-by: Hironori KIKUCHI Reviewed-by: Conor Dooley Reviewed-by: Neil Armstrong Reviewed-by: Jessica Zhang Link: https://lore.kernel.org/r/20240804061503.881283-4-kikuchan98@gmail.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240804061503.881283-4-kikuchan98@gmail.com commit a055c91ac6ea493c2508401537e8732dd2a7bbf8 Author: Hironori KIKUCHI Date: Sun Aug 4 15:14:46 2024 +0900 drm/panel: st7701: Decouple DSI and DRM parts Split into a DSI-specific part and a DRM-specific part. Additionally, use devm_add_action_or_reset() to simplify the flow, and disable and unprepare the panel on cleanup. Signed-off-by: Hironori KIKUCHI Reviewed-by: Neil Armstrong Reviewed-by: Jessica Zhang Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240804061503.881283-3-kikuchan98@gmail.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240804061503.881283-3-kikuchan98@gmail.com commit 00b8a47d8ebe0419e649dc81b96033f6db6a4746 Author: Hironori KIKUCHI Date: Sun Aug 4 15:14:45 2024 +0900 drm/panel: st7701: Rename macros Rename DSI_CMD* macros to ST7701_CMD*, and ST7701_DSI macro to ST7701_WRITE, because they do not belong to DSI. Signed-off-by: Hironori KIKUCHI Reviewed-by: Neil Armstrong Reviewed-by: Jessica Zhang Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240804061503.881283-2-kikuchan98@gmail.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240804061503.881283-2-kikuchan98@gmail.com commit b9d228a5b2ebcb1f1f63170f5b20bc2f9d276168 Author: Steffen Trumtrar Date: Mon Jul 29 09:02:39 2024 +0200 drm/panel: simple: add Innolux G070ACE-LH3 LVDS display support The G070ACE-LH3 is a 7" TFT Color LCD module with WLED backlight. https://www.data-modul.com/sites/default/files/products/G070ACE-LH3-specification-12058417.pdf Signed-off-by: Steffen Trumtrar Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240729-b4-v6-10-topic-innolux-v2-2-27d32c766ce5@pengutronix.de Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240729-b4-v6-10-topic-innolux-v2-2-27d32c766ce5@pengutronix.de commit 99d79eacd1286bafbf5878a510b3ceb49360872c Author: Steffen Trumtrar Date: Mon Jul 29 09:02:38 2024 +0200 dt-bindings: display: simple: Document support for Innolux G070ACE-LH3 Add Innolux G070ACE-LH3 7" WVGA (800x480) TFT LCD panel compatible string. Signed-off-by: Steffen Trumtrar Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240729-b4-v6-10-topic-innolux-v2-1-27d32c766ce5@pengutronix.de Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240729-b4-v6-10-topic-innolux-v2-1-27d32c766ce5@pengutronix.de commit 23683061805be368c8d1c7e7ff52abc470cac275 Author: Nirmoy Das Date: Fri Aug 16 15:51:54 2024 +0200 drm/xe/lnl: Offload system clear page activity to GPU On LNL because of flat CCS, driver creates migrates job to clear CCS meta data. Extend that to also clear system pages using GPU. Inform TTM to allocate pages without __GFP_ZERO to avoid double page clearing by clearing out TTM_TT_FLAG_ZERO_ALLOC flag and set TTM_TT_FLAG_CLEARED_ON_FREE while freeing to skip ttm pool's clear on free as XE now takes care of clearing pages. If a bo is in system placement such as BO created with DRM_XE_GEM_CREATE_FLAG_DEFER_BACKING and there is a cpu map then for such BO gpu clear will be avoided as there is no dma mapping for such BO at that moment to create migration jobs. Tested this patch api_overhead_benchmark_l0 from https://github.com/intel/compute-benchmarks Without the patch: api_overhead_benchmark_l0 --testFilter=UsmMemoryAllocation: UsmMemoryAllocation(api=l0 type=Host size=4KB) 84.206 us UsmMemoryAllocation(api=l0 type=Host size=1GB) 105775.56 us erf tool top 5 entries: 71.44% api_overhead_be [kernel.kallsyms] [k] clear_page_erms 6.34% api_overhead_be [kernel.kallsyms] [k] __pageblock_pfn_to_page 2.24% api_overhead_be [kernel.kallsyms] [k] cpa_flush 2.15% api_overhead_be [kernel.kallsyms] [k] pages_are_mergeable 1.94% api_overhead_be [kernel.kallsyms] [k] find_next_iomem_res With the patch: api_overhead_benchmark_l0 --testFilter=UsmMemoryAllocation: UsmMemoryAllocation(api=l0 type=Host size=4KB) 79.439 us UsmMemoryAllocation(api=l0 type=Host size=1GB) 98677.75 us Perf tool top 5 entries: 11.16% api_overhead_be [kernel.kallsyms] [k] __pageblock_pfn_to_page 7.85% api_overhead_be [kernel.kallsyms] [k] cpa_flush 7.59% api_overhead_be [kernel.kallsyms] [k] find_next_iomem_res 7.24% api_overhead_be [kernel.kallsyms] [k] pages_are_mergeable 5.53% api_overhead_be [kernel.kallsyms] [k] lookup_address_in_pgd_attr Without this patch clear_page_erms() dominates execution time which is also not pipelined with migration jobs. With this patch page clearing will get pipelined with migration job and will free CPU for more work. v2: Handle regression on dgfx(Himal) Update commit message as no ttm API changes needed. v3: Fix Kunit test. v4: handle data leak on cpu mmap(Thomas) v5: s/gpu_page_clear/gpu_page_clear_sys and move setting it to xe_ttm_sys_mgr_init() and other nits (Matt Auld) v6: Disable it when init_on_alloc and/or init_on_free is active(Matt) Use compute-benchmarks as reporter used it to report this allocation latency issue also a proper test application than mime. In v5, the test showed significant reduction in alloc latency but that is not the case any more, I think this was mostly because previous test was done on IFWI which had low mem BW from CPU. Cc: Himal Prasad Ghimiray Cc: Matthew Auld Cc: Matthew Brost Cc: Thomas Hellström Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240816135154.19678-2-nirmoy.das@intel.com Signed-off-by: Nirmoy Das commit decbfaf06db05fa1f9b33149ebb3c145b44e878f Author: Nirmoy Das Date: Fri Aug 16 15:51:53 2024 +0200 drm/ttm: Add a flag to allow drivers to skip clear-on-free Add TTM_TT_FLAG_CLEARED_ON_FREE, which DRM drivers can set before releasing backing stores if they want to skip clear-on-free. Cc: Matthew Auld Cc: Thomas Hellström Suggested-by: Christian König Reviewed-by: Christian König Link: https://patchwork.freedesktop.org/patch/msgid/20240816135154.19678-1-nirmoy.das@intel.com Signed-off-by: Nirmoy Das commit e6b64cda393efd84709ab3df2e42d36d36d7553e Author: Jie Gan Date: Mon Aug 12 12:28:44 2024 +0800 Coresight: Set correct cs_mode for dummy source to fix disable issue The coresight_disable_source_sysfs function should verify the mode of the coresight device before disabling the source. However, the mode for the dummy source device is always set to CS_MODE_DISABLED, resulting in the check consistently failing. As a result, dummy source cannot be properly disabled. Configure CS_MODE_SYSFS/CS_MODE_PERF during the enablement. Configure CS_MODE_DISABLED during the disablement. Fixes: 9d3ba0b6c056 ("Coresight: Add coresight dummy driver") Signed-off-by: Jie Gan Signed-off-by: Suzuki K Poulose Link: https://lore.kernel.org/r/20240812042844.2890115-1-quic_jiegan@quicinc.com commit 14f5fa9b5fcbe2b3d5098893aba6ad62254d2ef6 Author: Jie Gan Date: Mon Aug 12 12:30:43 2024 +0800 Coresight: Set correct cs_mode for TPDM to fix disable issue The coresight_disable_source_sysfs function should verify the mode of the coresight device before disabling the source. However, the mode for the TPDM device is always set to CS_MODE_DISABLED, resulting in the check consistently failing. As a result, TPDM cannot be properly disabled. Configure CS_MODE_SYSFS/CS_MODE_PERF during the enablement. Configure CS_MODE_DISABLED during the disablement. Fixes: b3c71626a933 ("Coresight: Add coresight TPDM source driver") Signed-off-by: Jie Gan Signed-off-by: Suzuki K Poulose Link: https://lore.kernel.org/r/20240812043043.2890694-1-quic_jiegan@quicinc.com commit 023aceecc74ae7dd9e91c8e35d641da74a371078 Author: Namhyung Kim Date: Fri Aug 16 16:58:39 2024 -0700 perf annotate-data: Update type stat at the end of find_data_type_die() After trying all possibilities with DWARF and instruction tracking. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240816235840.2754937-10-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit ba8833703b49451453d97bf6414a522293f7e31d Author: Namhyung Kim Date: Fri Aug 16 16:58:38 2024 -0700 perf annotate-data: Check variables in every scope Sometimes it matches a variable in the inner scope but it fails because the actual access can be on a different type. Let's try variables in every scope and choose the best one using is_better_type(). I have an example with update_blocked_averages(), at first it found a variable (__mptr) but it's a void pointer. So it moved on to the upper scope and found another variable (cfs_rq). $ perf --debug type-profile annotate --data-type --stdio ... ----------------------------------------------------------- find data type for 0x140(reg14) at update_blocked_averages+0x2db CU for kernel/sched/fair.c (die:0x12dd892) frame base: cfa=1 fbreg=7 found "__mptr" (die: 0x13022f1) in scope=4/4 (die: 0x13022e8) failed: no/void pointer variable location: base=reg14, offset=0x140 type='void*' size=0x8 (die:0x12dd8f9) found "cfs_rq" (die: 0x1301721) in scope=3/4 (die: 0x130171c) type_offset=0x140 variable location: reg14 type='struct cfs_rq' size=0x1c0 (die:0x12e37e5) final type: type='struct cfs_rq' size=0x1c0 (die:0x12e37e5) IIUC the scope is like below: 1: update_blocked_averages 2: __update_blocked_fair 3: for_each_leaf_cfs_rq_safe 4: list_entry -> (container_of) The container_of is implemented like: #define container_of(ptr, type, member) ({ \ void *__mptr = (void *)(ptr); \ static_assert(__same_type(*(ptr), ((type *)0)->member) || \ __same_type(*(ptr), void), \ "pointer type mismatch in container_of()"); \ ((type *)(__mptr - offsetof(type, member))); }) That's why we see the __mptr variable first but it failed since it has no type information. Then for_each_leaf_cfs_rq_safe() is defined as #define for_each_leaf_cfs_rq_safe(rq, cfs_rq, pos) \ list_for_each_entry_safe(cfs_rq, pos, &rq->leaf_cfs_rq_list, \ leaf_cfs_rq_list) Note that the access was 0x140(r14). And the cfs_rq has leaf_cfs_rq_list at the 0x140. So it converts the list_head pointer to a pointer to struct cfs_rq here. $ pahole --hex -C cfs_rq vmlinux | grep 140 struct cfs_rq struct list_head leaf_cfs_rq_list; /* 0x140 0x10 */ Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240816235840.2754937-9-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit c663451f9239c89746b55f1a17ad62b014fa7905 Author: Namhyung Kim Date: Fri Aug 16 16:58:37 2024 -0700 perf annotate-data: Add is_better_type() helper Sometimes more than one variables are located in the same register or a stack slot. Or it can overwrite existing information with others. I found this is not helpful in some cases so it needs to update the type information from the variable only if it's better. But it's hard to know which one is better, so we needs heuristics. :) As it deals with memory accesses, the location should have a pointer or something similar (like array or reference). So if it had an integer type and a variable is a pointer, we can take the variable's type to resolve the target of the access. If it has a pointer type and a variable with the same location has a different pointer type, it'll take one with bigger target type. This can be useful when the target type embeds a smaller type (like list header or RB-tree node) at the beginning so their location is same. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240816235840.2754937-8-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 6841a26e2c6715dc52a1cdd888e958dd2a92a5bc Author: Thorsten Blum Date: Mon Aug 19 11:57:52 2024 +0200 drm/xe/oa: Use vma_pages() helper function in xe_oa_mmap() Use the vma_pages() helper function and remove the following Coccinelle/coccicheck warning reported by vma_pages.cocci: WARNING: Consider using vma_pages helper on vma Reviewed-by: Ashutosh Dixit Signed-off-by: Thorsten Blum Signed-off-by: Ashutosh Dixit Link: https://patchwork.freedesktop.org/patch/msgid/20240819095751.539645-2-thorsten.blum@toblux.com commit 98d1f1dc72fd6e0e85db4acc0b2dd591f4488216 Author: Namhyung Kim Date: Fri Aug 16 16:58:36 2024 -0700 perf annotate-data: Add is_pointer_type() helper It treats pointers and arrays in the same way. Let's add the helper and use it when it checks if it needs a pointer. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240816235840.2754937-7-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 69e2c78425c92361f0ab01cbbb8f3a44fc94341f Author: Namhyung Kim Date: Fri Aug 16 16:58:35 2024 -0700 perf annotate-data: Change return type of find_data_type_block() So that it can return enum variable_match_type to be propagated to the find_data_type_die(). Also update the debug message to show the result of the check_matching_type(). chk [dd] reg0 offset=0 ok=1 kind=1 : Good! or chk [177] reg4 offset=0x138 ok=0 kind=0 cfa : no type information Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240816235840.2754937-6-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 653185d808ea6f5e3e6247087b793fcd8510bb26 Author: Namhyung Kim Date: Fri Aug 16 16:58:34 2024 -0700 perf annotate-data: Add variable_state_str() So that it can show a proper debug message in the right place. The check_variable() is used in other places which don't want to print the message. $ perf --debug type-profile annotate --data-type Before: ----------------------------------------------------------- find data type for 0x140(reg14) at update_blocked_averages+0x2db CU for kernel/sched/fair.c (die:0x12dd892) frame base: cfa=1 fbreg=7 no pointer or no type <<<--- removed check variable "__mptr" failed (die: 0x13022f1) variable location: base=reg14, offset=0x140 type='void*' size=0x8 (die:0x12dd8f9) After: ----------------------------------------------------------- find data type for 0x140(reg14) at update_blocked_averages+0x2db CU for kernel/sched/fair.c (die:0x12dd892) frame base: cfa=1 fbreg=7 found "__mptr" (die: 0x13022f1) in scope=4/4 (die: 0x13022e8) failed: no/void pointer <<<--- here variable location: base=reg14, offset=0x140 type='void*' size=0x8 (die:0x12dd8f9) Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240816235840.2754937-5-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 976862f8abefafc42a27fff4c0e5d56cfc8d8ef4 Author: Namhyung Kim Date: Fri Aug 16 16:58:33 2024 -0700 perf annotate-data: Add 'enum type_match_result' And let check_variable() return the enum value so that callers can know what was the problem. This will be used by the later patch to update the statistics correctly and print the error message in a right place. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240816235840.2754937-4-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 3ab0b8b238b5130ae3fa37ddaa329fc0e93b6b9a Author: Namhyung Kim Date: Fri Aug 16 16:58:32 2024 -0700 perf annotate-data: Fix off-by-one in location range check The location list will have entries with half-open addressing like [start, end) which means it doesn't include the end address. So it should skip entries at the end address and match to the next entry. An example location list looks like this (from readelf -wo): 00237876 ffffffff8110d32b (base address) 0023787f v000000000000000 v000000000000002 views at 00237868 for: ffffffff8110d32b ffffffff8110d4eb (DW_OP_reg3 (rbx)) <<<--- 1 00237885 v000000000000002 v000000000000000 views at 0023786a for: ffffffff8110d4eb ffffffff8110d50b (DW_OP_reg14 (r14)) <<<--- 2 0023788c v000000000000000 v000000000000001 views at 0023786c for: ffffffff8110d50b ffffffff8110d7c4 (DW_OP_reg3 (rbx)) 00237893 v000000000000000 v000000000000000 views at 0023786e for: ffffffff8110d806 ffffffff8110d854 (DW_OP_reg3 (rbx)) 0023789a v000000000000000 v000000000000000 views at 00237870 for: ffffffff8110d876 ffffffff8110d88e (DW_OP_reg3 (rbx)) The first entry at 0023787f has [8110d32b, 8110d4eb) (omitting the ffffffff at the beginning), and the second one has [8110d4eb, 8110d50b). Fixes: 2bc3cf575a162a2c ("perf annotate-data: Improve debug message with location info") Reviewed-by: Masami Hiramatsu Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Masami Hiramatsu Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240816235840.2754937-3-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit e8bb03ed6850c6ed4ce2f1600ea73401fc2ebd95 Author: Namhyung Kim Date: Fri Aug 16 16:58:31 2024 -0700 perf dwarf-aux: Check allowed location expressions when collecting variables It missed to call check_allowed_ops() in __die_collect_vars_cb() so it can take variables with complex location expression incorrectly. For example, I found some variable has this expression. 015d8df8 ffffffff81aacfb3 (base address) 015d8e01 v000000000000004 v000000000000000 views at 015d8df2 for: ffffffff81aacfb3 ffffffff81aacfd2 (DW_OP_fbreg: -176; DW_OP_deref; DW_OP_plus_uconst: 332; DW_OP_deref_size: 4; DW_OP_lit1; DW_OP_shra; DW_OP_const1u: 64; DW_OP_minus; DW_OP_stack_value) 015d8e14 v000000000000000 v000000000000000 views at 015d8df4 for: ffffffff81aacfd2 ffffffff81aacfd7 (DW_OP_reg3 (rbx)) 015d8e19 v000000000000000 v000000000000000 views at 015d8df6 for: ffffffff81aacfd7 ffffffff81aad020 (DW_OP_fbreg: -176; DW_OP_deref; DW_OP_plus_uconst: 332; DW_OP_deref_size: 4; DW_OP_lit1; DW_OP_shra; DW_OP_const1u: 64; DW_OP_minus; DW_OP_stack_value) 015d8e2c It looks like '((int *)(-176(%rbp) + 332) >> 1) - 64' but the current code thought it's just -176(%rbp) and processed the variable incorrectly. It should reject such a complex expression if check_allowed_ops() doesn't like it. :) Fixes: 932dcc2c39aedf54 ("perf dwarf-aux: Add die_collect_vars()") Signed-off-by: Namhyung Kim Acked-by: Masami Hiramatsu Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Masami Hiramatsu Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240816235840.2754937-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 57d0557dfa4940919ec2971245a6d288e5d85aa8 Author: Matthias Fetzer Date: Fri Aug 16 16:12:28 2024 +0200 platform/x86: thinkpad_acpi: Add Thinkpad Edge E531 fan support Fan control on the E531 is done using the ACPI methods FANG and FANW. The correct parameters and register values were found by analyzing EC firmware as well as DSDT. This has been tested on my Thinkpad Edge E531 (6885CTO, BIOS HEET52WW 1.33). Signed-off-by: Matthias Fetzer Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20240816141228.134529-1-kontakt@matthias-fetzer.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit daca644d0c9e06752c80e10411d89e087fa9a24e Author: Javier Carrasco Date: Thu Aug 8 17:12:37 2024 +0200 coresight: cti: use device_* to iterate over device child nodes Drop the manual access to the fwnode of the device to iterate over its child nodes. `device_for_each_child_node` macro provides direct access to the child nodes, and given that they are only required within the loop, the scoped variant of the macro can be used. Use the `device_for_each_child_node_scoped` macro to iterate over the direct child nodes of the device. Signed-off-by: Javier Carrasco Signed-off-by: Suzuki K Poulose Link: https://lore.kernel.org/r/20240808-device_child_node_access-v2-1-fc757cc76650@gmail.com commit f9ba1e0517863e4d6513dcc6327df4a4e8a34a0d Author: Daniel Lezcano Date: Fri Aug 16 10:12:32 2024 +0200 thermal/core: Compute low and high boundaries in thermal_zone_device_update() In order to set the scene for the thresholds support which have to manipulate the low and high temperature boundaries for the interrupt support, we must pass the low and high values to the incoming thresholds routine. The variables are set from the thermal_zone_set_trips() where the function loops the thermal trips to figure out the next and the previous temperatures to set the interrupt to be triggered when they are crossed. These variables will be needed by the function in charge of handling the thresholds in the incoming changes but they are local to the aforementioned function thermal_zone_set_trips(). Move the low and high boundaries computation out of the function in thermal_zone_device_update() so they are accessible from there. The positive side effect is they are computed in the same loop as handle_thermal_trip(), so we remove one loop. Co-developed-by: Rafael J. Wysocki Signed-off-by: Daniel Lezcano Link: https://patch.msgid.link/20240816081241.1925221-2-daniel.lezcano@linaro.org Signed-off-by: Rafael J. Wysocki commit b29ba8f1f9429b775a8b901364a21291588c2a23 Author: Simon Trimmer Date: Mon Aug 19 12:37:36 2024 +0000 ALSA: hda/realtek: Convert existing CS35L56 products to use autodetect fixup function The existing CS35L56 products can make use of the fixup function that works out the component binding details so we can remove the fixed configuration fixup functions. Signed-off-by: Simon Trimmer Link: https://patch.msgid.link/20240819123736.111946-1-simont@opensource.cirrus.com Signed-off-by: Takashi Iwai commit 370406bf5738dade8ac95a2ee95c29299d4ac902 Author: Artem Bityutskiy Date: Tue Aug 6 19:03:10 2024 +0300 intel_idle: add Granite Rapids Xeon support Add Granite Rapids Xeon C-states, which are C1, C1E, C6, and C6P. Comparing to previous Xeon Generations (e.g., Emerald Rapids), C6 requests end up only in core C6 state, and no package C-state promotion takes place even if all cores in the package are in core C6. C6P requests also end up in core C6, but if all cores have requested C6P, the SoC will enter the package C6 state. Signed-off-by: Artem Bityutskiy Link: https://patch.msgid.link/20240806160310.3719205-1-artem.bityutskiy@linux.intel.com [ rjw: Changelog edits ] Signed-off-by: Rafael J. Wysocki commit 3ca2a3d1e7271549985dc57c8106bb07b3134ecb Author: Srinivas Pandruvada Date: Fri Aug 2 11:48:39 2024 -0700 cpufreq: intel_pstate: Support Granite Rapids and Sierra Forest OOB mode Prevent intel_pstate from loading when OOB (Out Of Band) P-states mode is enabled. The OOB identifying bits are same as for the prior generation CPUs like Emerald Rapids servers. Add Granite Rapids and Sierra Forest CPU models to intel_pstate_cpu_oob_ids[]. Signed-off-by: Srinivas Pandruvada Link: https://patch.msgid.link/20240802184839.1909091-1-srinivas.pandruvada@linux.intel.com Signed-off-by: Rafael J. Wysocki commit 8a879141dcd15d2db876ce3adf88b9b01650b7fa Author: Esben Haabendal Date: Wed Aug 14 12:37:26 2024 +0200 drm/bridge: nwl-dsi: Use vsync/hsync polarity from display mode Using the correct bit helps. The documentation specifies bit 0 in both registers to be controlling polarity of dpi_vsync_input and dpi_hsync_input polarity. Bit 1 is reserved, and should therefore not be set. Tested with panel that requires active high vsync and hsync. Signed-off-by: Esben Haabendal Reviewed-by: Robert Foss Signed-off-by: Robert Foss Link: https://patchwork.freedesktop.org/patch/msgid/20240814-nwl-dsi-sync-polarity-v1-1-ee198e369196@geanix.com commit eca0f1b0bbf9f1082993206e3430d9da391be366 Author: Sumeet Pawnikar Date: Fri Aug 16 17:03:32 2024 +0530 powercap: intel_rapl: Add support for ArrowLake-U platform Add support for ArrowLake-U platform to the RAPL common driver. Signed-off-by: Sumeet Pawnikar Acked-by: Zhang Rui Link: https://patch.msgid.link/20240816113332.7408-1-sumeet.r.pawnikar@intel.com Signed-off-by: Rafael J. Wysocki commit 26096aed255fbac9501718174dbb24c935d8854e Author: Dhananjay Ugwekar Date: Tue Jul 30 04:49:19 2024 +0000 powercap/intel_rapl: Fix the energy-pkg event for AMD CPUs After commit ("x86/cpu/topology: Add support for the AMD 0x80000026 leaf"), on AMD processors that support extended CPUID leaf 0x80000026, the topology_logical_die_id() macros, no longer returns package id, instead it returns the CCD (Core Complex Die) id. This leads to the energy-pkg event scope to be modified to CCD instead of package. For more historical context, please refer to commit 32fb480e0a2c ("powercap/intel_rapl: Support multi-die/package"), which initially changed the RAPL scope from package to die for all systems, as Intel systems with Die enumeration have RAPL scope as die, and those without die enumeration are not affected. So, all systems(Intel, AMD, Hygon), worked correctly with topology_logical_die_id() until recently, but this changed after the "0x80000026 leaf" commit mentioned above. Future multi-die Intel systems will have package scope RAPL counters, but they will be using TPMI RAPL interface, which is not affected by this change. Replacing topology_logical_die_id() with topology_physical_package_id() conditionally only for AMD and Hygon fixes the energy-pkg event. On an AMD 2 socket 8 CCD Zen4 server: Before: linux$ ls /sys/class/powercap/ intel-rapl intel-rapl:4 intel-rapl:8:0 intel-rapl:d intel-rapl:0 intel-rapl:4:0 intel-rapl:9 intel-rapl:d:0 intel-rapl:0:0 intel-rapl:5 intel-rapl:9:0 intel-rapl:e intel-rapl:1 intel-rapl:5:0 intel-rapl:a intel-rapl:e:0 intel-rapl:1:0 intel-rapl:6 intel-rapl:a:0 intel-rapl:f intel-rapl:2 intel-rapl:6:0 intel-rapl:b intel-rapl:f:0 intel-rapl:2:0 intel-rapl:7 intel-rapl:b:0 intel-rapl:3 intel-rapl:7:0 intel-rapl:c intel-rapl:3:0 intel-rapl:8 intel-rapl:c:0 After: linux$ ls /sys/class/powercap/ intel-rapl intel-rapl:0 intel-rapl:0:0 intel-rapl:1 intel-rapl:1:0 Only one sysfs entry per-event per-package is created after this change. Fixes: 63edbaa48a57 ("x86/cpu/topology: Add support for the AMD 0x80000026 leaf") Reported-by: Michael Larabel Signed-off-by: Dhananjay Ugwekar Reviewed-by: Zhang Rui Link: https://patch.msgid.link/20240730044917.4680-3-Dhananjay.Ugwekar@amd.com Signed-off-by: Rafael J. Wysocki commit 11c742bb5a26d4adc873f6e6e2b69a59e1eae285 Author: Rob Herring (Arm) Date: Wed Jul 31 14:13:59 2024 -0600 drm: bridge: anx7625: Use of_property_read_variable_u8_array() There's no need to get the length of an DT array property before parsing the array. of_property_read_variable_u8_array() takes a minimum and maximum length and returns the actual length (or error code). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Signed-off-by: Robert Foss Link: https://patchwork.freedesktop.org/patch/msgid/20240731201407.1838385-4-robh@kernel.org commit 737ad3776343f6fcffee9d0d849dcd6f6b25f05a Author: Cristian Ciocaltea Date: Tue Aug 13 00:23:21 2024 +0300 drm/bridge: dw-hdmi: Simplify clock handling Make use of devm_clk_get_enabled() to replace devm_clk_get() and clk_prepare_enable() for isfr and iahb clocks, and drop the now unnecessary calls to clk_disable_unprepare(). Similarly, use devm_clk_get_optional_enabled() helper for cec clock, which additionally allows to remove the -ENOENT test. Moreover, the clock related members of struct dw_hdmi are not required anymore, hence drop them. Signed-off-by: Cristian Ciocaltea Reviewed-by: Robert Foss Signed-off-by: Robert Foss Link: https://patchwork.freedesktop.org/patch/msgid/20240813-dw-hdmi-simple-clk-v1-1-78d45cef02a9@collabora.com commit fe828fbd87786238b30f44cafd698d975d956c97 Author: Liu Ying Date: Tue Aug 13 17:16:37 2024 +0800 drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid() If the bridge is attached with the DRM_BRIDGE_ATTACH_NO_CONNECTOR flag set, this driver won't initialize a connector and hence display mode won't be validated in drm_connector_helper_funcs::mode_valid(). So, move the mode validation from drm_connector_helper_funcs::mode_valid() to drm_bridge_funcs::mode_valid(), because the mode validation is always done for the bridge. Fixes: 30e2ae943c26 ("drm/bridge: Introduce LT8912B DSI to HDMI bridge") Signed-off-by: Liu Ying Reviewed-by: Robert Foss Signed-off-by: Robert Foss Link: https://patchwork.freedesktop.org/patch/msgid/20240813091637.1054586-1-victor.liu@nxp.com commit cb8f81c1753187995b7a43e79c12959f14eb32d3 Author: Maarten Lankhorst Date: Tue Aug 6 12:50:44 2024 +0200 drm/xe/display: Make display suspend/resume work on discrete We should unpin before evicting all memory, and repin after GT resume. This way, we preserve the contents of the framebuffers, and won't hang on resume due to migration engine not being restored yet. Signed-off-by: Maarten Lankhorst Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Cc: stable@vger.kernel.org # v6.8+ Reviewed-by: Uma Shankar Link: https://patchwork.freedesktop.org/patch/msgid/20240806105044.596842-3-maarten.lankhorst@linux.intel.com Signed-off-by: Maarten Lankhorst,,, commit 492be2a070f023c66aaef6ebd664567fda28c2a6 Author: Maarten Lankhorst Date: Tue Aug 6 12:50:43 2024 +0200 drm/xe/display: Match i915 driver suspend/resume sequences better Suspend fbdev sooner, and disable user access before suspending to prevent some races. I've noticed this when comparing xe suspend to i915's. Matches the following commits from i915: 24b412b1bfeb ("drm/i915: Disable intel HPD poll after DRM poll init/enable") 1ef28d86bea9 ("drm/i915: Suspend the framebuffer console earlier during system suspend") bd738d859e71 ("drm/i915: Prevent modesets during driver init/shutdown") Thanks to Imre for pointing me to those commits. Driver shutdown is currently missing, but I have some idea how to implement it next. Signed-off-by: Maarten Lankhorst Cc: Imre Deak Reviewed-by: Uma Shankar Link: https://patchwork.freedesktop.org/patch/msgid/20240806105044.596842-2-maarten.lankhorst@linux.intel.com Signed-off-by: Maarten Lankhorst,,, commit 3900c6ab4129f5e37e95395462688670d117436f Author: Richard Fitzgerald Date: Wed Aug 14 14:29:39 2024 +0100 platform/x86: serial-multi-instantiate: Don't require both I2C and SPI Change the Kconfig dependency so that it doesn't require both I2C and SPI subsystems to be built. Make a few small changes to the code so that the code for a bus is only called if the bus is being built. When SPI support was added to serial-multi-instantiate it created a dependency that both CONFIG_I2C and CONFIG_SPI must be enabled. Typically they are, but there's no reason why this should be a requirement. A specific kernel build could have only I2C devices or only SPI devices. It should be possible to use serial-multi-instantiate if only I2C or only SPI is enabled. The dependency formula used is: depends on (I2C && !SPI) || (!I2C && SPI) || (I2C && SPI) The advantage of this approach is that if I2C=m or SPI=m then SERIAL_MULTI_INSTANTIATE is limited to n/m. Signed-off-by: Richard Fitzgerald Link: https://lore.kernel.org/r/20240814132939.308696-1-rf@opensource.cirrus.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 265697288ec2160ca84707565d6641d46f69b0ff Author: Jinjie Ruan Date: Mon Aug 19 20:33:49 2024 +0800 spi: bcm63xx: Fix missing pm_runtime_disable() The pm_runtime_disable() is missing in the remove function, fix it by using devm_pm_runtime_enable(), so the pm_runtime_disable() in the probe error path can also be removed. Fixes: 2d13f2ff6073 ("spi: bcm63xx-spi: fix pm_runtime") Cc: stable@vger.kernel.org # v5.13+ Signed-off-by: Jinjie Ruan Suggested-by: Jonas Gorski Link: https://patch.msgid.link/20240819123349.4020472-3-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 909f34f2462a99bf876f64c5c61c653213e32fce Author: Jinjie Ruan Date: Mon Aug 19 20:33:48 2024 +0800 spi: bcm63xx: Fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from platform_device_id table. Fixes: 44d8fb30941d ("spi/bcm63xx: move register definitions into the driver") Cc: stable@vger.kernel.org Signed-off-by: Jinjie Ruan Reviewed-by: Jonas Gorski Link: https://patch.msgid.link/20240819123349.4020472-2-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 5ae98b5a9f3aaacf62c34942e7efbee3de2b4abb Merge: 6e6f58a170ea98 107280e1371f1b Author: Rafael J. Wysocki Date: Mon Aug 19 14:42:19 2024 +0200 Merge back thermal core material for 6.12. commit f0121bfe11b3843287ceddd84b47019e2962c3e6 Merge: 71bf41b8e913ec dc171114926ec3 Author: Rafael J. Wysocki Date: Mon Aug 19 14:38:41 2024 +0200 Merge an earlier EC driver change for 6.12. commit aa6e8296a7ff55c7c40a616b87c521b2a7e96395 Author: Jinjie Ruan Date: Mon Aug 19 12:05:23 2024 +0800 spi: s3c64xx: Fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from of_device_id table. Signed-off-by: Jinjie Ruan Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240819040523.2801461-1-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 802df33076cabfcb32b2c5b066c3af07f68e40fa Author: Jinjie Ruan Date: Mon Aug 19 20:00:31 2024 +0800 spi: cadence: Make cdns_mrvl_xspi_clk_div_list static The sparse tool complains as follows: drivers/spi/spi-cadence-xspi.c:334:11: warning: symbol 'cdns_mrvl_xspi_clk_div_list' was not declared. Should it be static? This symbol is not used outside spi-cadence-xspi.c, so marks it static. Signed-off-by: Jinjie Ruan Link: https://patch.msgid.link/20240819120031.3884913-1-ruanjinjie@huawei.com Signed-off-by: Mark Brown commit 526139aff1d14c5a2cc0a769c063f439444c61c2 Author: Cezary Rojewski Date: Wed Aug 14 10:39:29 2024 +0200 ASoC: Intel: avs: Enable by default for all SST configurations The skylake-driver is deprecated in favour of the avs-driver. As the latter supports all configurations of its predecessor and more, update the existing selection mechanism to acknowledge the SST flag. Acked-by: Andy Shevchenko Signed-off-by: Cezary Rojewski Link: https://patch.msgid.link/20240814083929.1217319-15-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit a882f4d750ee0ec7e264c015019d0d642e136ff6 Author: Cezary Rojewski Date: Wed Aug 14 10:39:28 2024 +0200 ASoC: Intel: Remove skylake driver The avs-driver found in sound/soc/intel/avs is a direct replacement to the existing skylake-driver. It covers all features supported by it and more and aligns with the recommended flows and requirements based on Windows driver equivalent. For the official kernel tree the deprecation begun with v6.0. Most skylake-drivers users moved to avs- or SOF-driver when AudioDSP capabilities are available on the platform or to snd-hda-intel (sound/pci/hda) when such capabilities are not. For the supported trees the deprecation begun with v5.4 with v5.15 being the first where the skylake-driver is disabled entirely. All machine board drivers that consume the DSP driver have their replacements present within sound/soc/intel/avs/boards/ directory. Acked-by: Andy Shevchenko Signed-off-by: Cezary Rojewski Link: https://patch.msgid.link/20240814083929.1217319-14-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit 6de8dddc56b0577df996212b634f82f6f1fb013c Author: Cezary Rojewski Date: Wed Aug 14 10:39:27 2024 +0200 ASoC: Intel: Remove skl_nau88l25_max98357a board driver The driver has no users. Succeeded by: - avs_nau8825 (./intel/avs/boards/nau8825.c) - avs_max98357a (./intel/avs/boards/max98357a.c) Acked-by: Andy Shevchenko Signed-off-by: Cezary Rojewski Link: https://patch.msgid.link/20240814083929.1217319-13-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit 4dbf2f9a725d1370d67f9a3bce2f33e913b57e52 Author: Cezary Rojewski Date: Wed Aug 14 10:39:26 2024 +0200 ASoC: Intel: Remove skl_nau88l25_ssm4567 board driver The driver has no users. Succeeded by: - avs_nau8825 (./intel/avs/boards/nau8825.c) - avs_ssm4567 (./intel/avs/boards/ssm4567.c) Acked-by: Andy Shevchenko Signed-off-by: Cezary Rojewski Link: https://patch.msgid.link/20240814083929.1217319-12-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit 51d8e9b20db840e78e0d1ff585cf4c8eb4e091b0 Author: Cezary Rojewski Date: Wed Aug 14 10:39:25 2024 +0200 ASoC: Intel: Remove skl_rt286 board driver The driver has no users. Succeeded by: - avs_rt286 (./intel/avs/boards/rt286.c) Acked-by: Andy Shevchenko Signed-off-by: Cezary Rojewski Link: https://patch.msgid.link/20240814083929.1217319-11-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit 15d6966580f3e40fe2f4ecfcde2edd69cc5508e9 Author: Cezary Rojewski Date: Wed Aug 14 10:39:24 2024 +0200 ASoC: Intel: Remove kbl_da7219_max98357a board driver The driver has no users. Succeeded by: - avs_da7219 (./intel/avs/boards/da7219.c) - avs_max98357a (./intel/avs/boards/max98357a.c) Acked-by: Andy Shevchenko Signed-off-by: Cezary Rojewski Link: https://patch.msgid.link/20240814083929.1217319-10-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit 1daa8dce04619f39d4d8ee43ae2a0cec9ab31897 Author: Cezary Rojewski Date: Wed Aug 14 10:39:23 2024 +0200 ASoC: Intel: Remove kbl_da7219_max98927 board driver The driver has no users. Succeeded by: - avs_da7219 (./intel/avs/boards/da7219.c) - avs_max98927 (./intel/avs/boards/max98927.c) Acked-by: Andy Shevchenko Signed-off-by: Cezary Rojewski Link: https://patch.msgid.link/20240814083929.1217319-9-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit 1a40ef882fee37006243ebf0b4848c7811672fe2 Author: Cezary Rojewski Date: Wed Aug 14 10:39:22 2024 +0200 ASoC: Intel: Remove kbl_rt5660 board driver The driver has no users. Succeeded by: - avs_rt5660 (./intel/avs/boards/rt5660.c) Acked-by: Andy Shevchenko Signed-off-by: Cezary Rojewski Link: https://patch.msgid.link/20240814083929.1217319-8-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit 1af24289751253e58850ba572c584f7e6b1caa87 Author: Cezary Rojewski Date: Wed Aug 14 10:39:21 2024 +0200 ASoC: Intel: Remove kbl_rt5663_max98927 board driver The driver has no users. Succeeded by: - avs_rt5663 (./intel/avs/boards/rt5663.c) - avs_max98927 (./intel/avs/boards/max98927.c) Acked-by: Andy Shevchenko Signed-off-by: Cezary Rojewski Link: https://patch.msgid.link/20240814083929.1217319-7-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit a08b5fde945ef8b427d2d29515a806fe571d7639 Author: Cezary Rojewski Date: Wed Aug 14 10:39:20 2024 +0200 ASoC: Intel: Remove kbl_rt5663_rt5514_max98927 board driver The driver has no users. Succeeded by: - avs_rt5514 (./intel/avs/boards/rt5514.c) - avs_rt5663 (./intel/avs/boards/rt5663.c) - avs_max98927 (./intel/avs/boards/max98927.c) Acked-by: Andy Shevchenko Signed-off-by: Cezary Rojewski Link: https://patch.msgid.link/20240814083929.1217319-6-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit fa07502e01569b39265008bac783a1202a7560e5 Author: Cezary Rojewski Date: Wed Aug 14 10:39:19 2024 +0200 ASoC: Intel: Remove bxt_da7219_max98357a board driver The driver has no users. Succeeded by: - avs_da7219 (./intel/avs/boards/da7219.c) - avs_max98357a (./intel/avs/boards/max98357a.c) Acked-by: Andy Shevchenko Signed-off-by: Cezary Rojewski Link: https://patch.msgid.link/20240814083929.1217319-5-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit 4d61ed7609d8b8fef71f78db6a8ac3221a46ea17 Author: Cezary Rojewski Date: Wed Aug 14 10:39:18 2024 +0200 ASoC: Intel: Remove bxt_rt298 board driver The driver has no users. Succeeded by: - avs_rt298 (./intel/avs/boards/rt298.c) Acked-by: Andy Shevchenko Signed-off-by: Cezary Rojewski Link: https://patch.msgid.link/20240814083929.1217319-4-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit cd5c4dd97f35cd7cf772fc8c12738bd971cbb58e Author: Cezary Rojewski Date: Wed Aug 14 10:39:17 2024 +0200 ASoC: Intel: Drop skl_machine_pdata usage Preparation step in the skylake-driver removal process. Signed-off-by: Cezary Rojewski Acked-by: Andy Shevchenko Link: https://patch.msgid.link/20240814083929.1217319-3-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit ec7bccd770b628a465458194aeac4408cdcc5ccd Author: Cezary Rojewski Date: Wed Aug 14 10:39:16 2024 +0200 ALSA: hda: Move SST device entries to AVS The avs-driver succeeds the skylake-driver. It suppots all configurations of its predecessor and more. Reflect that in the existing selection table. Signed-off-by: Cezary Rojewski Reviewed-by: Takashi Iwai Acked-by: Andy Shevchenko Link: https://patch.msgid.link/20240814083929.1217319-2-cezary.rojewski@intel.com Signed-off-by: Mark Brown commit d937c813f88d727ea9d34a7768264a64c8b93025 Merge: 424f8cb7449220 fd54fa6efe0dd3 Author: Christian Brauner Date: Mon Aug 19 14:08:32 2024 +0200 Merge patch series "Squashfs: Update code to not use page->index" Phillip Lougher says: In the near future page->index will be removed [1]. Any code which still uses page->index needs to be updated. This patch-set contains 4 patches which updates most of the code in Squashfs. The exceptions are functions which have been fixed in recent patches [2] & [3]. [1]: https://lore.kernel.org/all/Zp8fgUSIBGQ1TN0D@casper.infradead.org/ [2]: https://lore.kernel.org/all/20240817101146.2347378-1-lizetao1@huawei.com/ [3]: https://lore.kernel.org/all/20240817101146.2347378-2-lizetao1@huawei.com/ * patchesf from https://lore.kernel.org/r/20240818235847.170468-1-phillip@squashfs.org.uk: Squashfs: Rewrite and update squashfs_readahead_fragment() to not use page->index Squashfs: Update squashfs_readpage_block() to not use page->index Squashfs: Update squashfs_readahead() to not use page->index Squashfs: Update page_actor to not use page->index Link: https://lore.kernel.org/r/20240818235847.170468-1-phillip@squashfs.org.uk Signed-off-by: Christian Brauner commit fd54fa6efe0dd3894d6fd703f8856675b4bf8315 Author: Phillip Lougher Date: Mon Aug 19 00:58:47 2024 +0100 Squashfs: Rewrite and update squashfs_readahead_fragment() to not use page->index The previous implementation lacked error checking (e.g. the bytes returned by squashfs_fill_page() is not checked), and the use of page->index could not be removed without substantially rewriting the routine to use the page actor abstraction used elsewhere. Signed-off-by: Phillip Lougher Link: https://lore.kernel.org/r/20240818235847.170468-5-phillip@squashfs.org.uk Signed-off-by: Christian Brauner commit 7f73fcde4d93072d4003fee0949359757e8d0e41 Author: Phillip Lougher Date: Mon Aug 19 00:58:46 2024 +0100 Squashfs: Update squashfs_readpage_block() to not use page->index This commit replaces references to page->index to folio->index or their equivalent. Signed-off-by: Phillip Lougher Link: https://lore.kernel.org/r/20240818235847.170468-4-phillip@squashfs.org.uk Signed-off-by: Christian Brauner commit 6f09ffb1f4fadf156d5d1032217b9d1fa4e07dbe Author: Phillip Lougher Date: Mon Aug 19 00:58:45 2024 +0100 Squashfs: Update squashfs_readahead() to not use page->index This commit removes references to page->index in the pages returned from __readahead_batch(), and instead uses the 'start' variable. This does reveal a bug in the previous code in that 'start' was not updated every time around the loop. This is fixed in this commit. Signed-off-by: Phillip Lougher Link: https://lore.kernel.org/r/20240818235847.170468-3-phillip@squashfs.org.uk Signed-off-by: Christian Brauner commit 2258e22f05aff5865c93cbd4e9acba55b295d832 Author: Phillip Lougher Date: Mon Aug 19 00:58:44 2024 +0100 Squashfs: Update page_actor to not use page->index This commit removes an unnecessary use of page->index, and moves the other use over to folio->index. Signed-off-by: Phillip Lougher Link: https://lore.kernel.org/r/20240818235847.170468-2-phillip@squashfs.org.uk Signed-off-by: Christian Brauner commit b27622f1317271b88048ff2d76fead28b72aeccf Author: Konrad Dybcio Date: Wed Aug 14 12:27:27 2024 +0200 platform/surface: Add OF support Add basic support for registering the aggregator module on Device Tree- based platforms. These include at least three generations of Qualcomm Snapdragon-based Surface devices: - SC8180X / SQ1 / SQ2: Pro X, - SC8280XP / SQ3: Devkit 2023, Pro 9 - X Elite: Laptop 7 / Pro11 Thankfully, the aggregators on these seem to be configured in an identical way, which allows for using these settings as defaults and no DT properties need to be introduced (until that changes, anyway). Based on the work done by Maximilian Luz, largely rewritten. Signed-off-by: Konrad Dybcio Reviewed-by: Maximilian Luz Tested-by: Maximilian Luz Link: https://lore.kernel.org/r/20240814-topic-sam-v3-3-a84588aad233@quicinc.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit ceccd196e158805a4e9b69d92318dafe7b9d3ea2 Author: Konrad Dybcio Date: Wed Aug 14 12:27:26 2024 +0200 dt-bindings: platform: Add Surface System Aggregator Module Add bindings for the Surface System Aggregator Module (SAM/SSAM), the Microsoft Surface-standard Embedded Controller, used on both x86- and Qualcomm-based devices. It provides a plethora of functions, depending on what's wired up to it. That includes but is not limited to: fan control, keyboard/touchpad support, thermal sensors, power control, special buttons, tablet mode. Signed-off-by: Konrad Dybcio Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240814-topic-sam-v3-2-a84588aad233@quicinc.com Signed-off-by: Hans de Goede commit c01a5d89e5c8abe638107be2a4ea9e4c7fcdd7f6 Author: Wang Long Date: Fri Aug 2 17:19:01 2024 +0800 percpu-rwsem: remove the unused parameter 'read' In the function percpu_rwsem_release, the parameter `read` is unused, so remove it. Signed-off-by: Wang Long Link: https://lore.kernel.org/r/20240802091901.2546797-1-w@laoqinren.net Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 66e5cfee6280a361c429b6a6bfd66044e4644e86 Author: Aleksa Sarai Date: Wed Jul 31 23:10:28 2024 +1000 coda: use param->file for FSCONFIG_SET_FD While the old code did support FSCONFIG_SET_FD, there's no need to re-get the file the fs_context infrastructure already grabbed for us. Signed-off-by: Aleksa Sarai Link: https://lore.kernel.org/r/20240731-fsconfig-fsparam_fd-fixes-v2-2-e7c472224417@cyphar.com Signed-off-by: Christian Brauner commit 6a64c5220c5df235448b846aeff3c0660d4cc83e Author: Aleksa Sarai Date: Wed Jul 31 23:10:27 2024 +1000 autofs: fix missing fput for FSCONFIG_SET_FD If you pass an fd using FSCONFIG_SET_FD, autofs_parse_fd() "steals" the param->file and so the fs_context infrastructure will not do fput() for us. Fixes: e6ec453bd0f0 ("autofs: convert autofs to use the new mount api") Signed-off-by: Aleksa Sarai Link: https://lore.kernel.org/r/20240731-fsconfig-fsparam_fd-fixes-v2-1-e7c472224417@cyphar.com Signed-off-by: Christian Brauner commit 6c203968f5af720ee2f4a8a17734e40aabe7b96b Author: Uros Bizjak Date: Tue Jul 30 14:18:34 2024 +0200 fs/aio: Fix __percpu annotation of *cpu pointer in struct kioctx __percpu annotation of *cpu pointer in struct kioctx is put at the wrong place, resulting in several sparse warnings: aio.c:623:24: warning: incorrect type in argument 1 (different address spaces) aio.c:623:24: expected void [noderef] __percpu *__pdata aio.c:623:24: got struct kioctx_cpu *cpu aio.c:788:18: warning: incorrect type in assignment (different address spaces) aio.c:788:18: expected struct kioctx_cpu *cpu aio.c:788:18: got struct kioctx_cpu [noderef] __percpu * aio.c:835:24: warning: incorrect type in argument 1 (different address spaces) aio.c:835:24: expected void [noderef] __percpu *__pdata aio.c:835:24: got struct kioctx_cpu *cpu aio.c:940:16: warning: incorrect type in initializer (different address spaces) aio.c:940:16: expected void const [noderef] __percpu *__vpp_verify aio.c:940:16: got struct kioctx_cpu * aio.c:958:16: warning: incorrect type in initializer (different address spaces) aio.c:958:16: expected void const [noderef] __percpu *__vpp_verify aio.c:958:16: got struct kioctx_cpu * Put __percpu annotation at the right place to fix these warnings. Signed-off-by: Uros Bizjak Link: https://lore.kernel.org/r/20240730121915.4514-1-ubizjak@gmail.com Reviewed-by: Jan Kara Cc: Benjamin LaHaise Cc: Alexander Viro Cc: Christian Brauner Cc: Jan Kara Cc: Andrew Morton Signed-off-by: Christian Brauner commit 4bcda1eaf184e308f07f9c61d3a535f9ce477ce8 Author: Olaf Hering Date: Tue Jul 30 10:58:13 2024 +0200 mount: handle OOM on mnt_warn_timestamp_expiry If no page could be allocated, an error pointer was used as format string in pr_warn. Rearrange the code to return early in case of OOM. Also add a check for the return value of d_path. Fixes: f8b92ba67c5d ("mount: Add mount warning for impending timestamp expiry") Signed-off-by: Olaf Hering Link: https://lore.kernel.org/r/20240730085856.32385-1-olaf@aepfle.de [brauner: rewrite commit and commit message] Signed-off-by: Christian Brauner commit de7007f27d9108fb00d801a6be8aae2ce4dd6101 Author: Mohit0404 Date: Sat Jul 27 12:51:34 2024 +0530 Fixed: fs: file_table_c: Missing blank line warnings and struct declaration improved Fixed- WARNING: Missing a blank line after declarations WARNING: Missing a blank line after declarations Declaration format: improved struct file declaration format Signed-off-by: Mohit0404 Link: https://lore.kernel.org/r/20240727072134.130962-2-mohitpawar@mitaoe.ac.in Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 160210cea0356d31ffaf64b63a3ebeb26c7c0cd4 Author: Youling Tang Date: Mon Jun 3 09:48:34 2024 +0800 fs/direct-io: Remove linux/prefetch.h include After commit c22198e78d52 ("direct-io: remove random prefetches"), Nothing in this file needs anything from `linux/prefetch.h`. Signed-off-by: Youling Tang Link: https://lore.kernel.org/r/20240603014834.45294-1-youling.tang@linux.dev Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit c393eaa85349941badf3ce5f087400dbaf3bbe02 Author: Haifeng Xu Date: Fri Jul 26 11:05:25 2024 +0800 fs: don't flush in-flight wb switches for superblocks without cgroup writeback When deactivating any type of superblock, it had to wait for the in-flight wb switches to be completed. wb switches are executed in inode_switch_wbs_work_fn() which needs to acquire the wb_switch_rwsem and races against sync_inodes_sb(). If there are too much dirty data in the superblock, the waiting time may increase significantly. For superblocks without cgroup writeback such as tmpfs, they have nothing to do with the wb swithes, so the flushing can be avoided. Signed-off-by: Haifeng Xu Link: https://lore.kernel.org/r/20240726030525.180330-1-haifeng.xu@shopee.com Reviewed-by: Jan Kara Suggested-by: Jan Kara Signed-off-by: Christian Brauner commit e02bdb7208e7b5432cbe68392ae062810a7649fb Author: Christian Brauner Date: Thu Jul 25 15:31:24 2024 +0200 Merge patch series "Add an fcntl() to check file creation" Christian Brauner says: Systemd has a helper called openat_report_new() that returns whether a file was created anew or it already existed before for cases where O_CREAT has to be used without O_EXCL (cf. [1]). That apparently isn't something that's specific to systemd but it's where I noticed it. The current logic is that it first attempts to open the file without O_CREAT | O_EXCL and if it gets ENOENT the helper tries again with both flags. If that succeeds all is well. If it now reports EEXIST it retries. That works fairly well but some corner cases make this more involved. If this operates on a dangling symlink the first openat() without O_CREAT | O_EXCL will return ENOENT but the second openat() with O_CREAT | O_EXCL will fail with EEXIST. The reason is that openat() without O_CREAT | O_EXCL follows the symlink while O_CREAT | O_EXCL doesn't for security reasons. So it's not something we can really change unless we add an explicit opt-in via O_FOLLOW which seems really ugly. The caller could try and use fanotify() to register to listen for creation events in the directory before calling openat(). The caller could then compare the returned tid to its own tid to ensure that even in threaded environments it actually created the file. That might work but is a lot of work for something that should be fairly simple and I'm uncertain about it's reliability. The caller could use a bpf lsm hook to hook into security_file_open() to figure out whether they created the file. That also seems a bit wild. So let's add F_CREATED_QUERY which allows the caller to check whether they actually did create the file. That has caveats of course but I don't think they are problematic: * In multi-threaded environments a thread can only be sure that it did create the file if it calls openat() with O_CREAT. In other words, it's obviously not enough to just go through it's fdtable and check these fds because another thread could've created the file. * If there's any codepaths where an openat() with O_CREAT would yield the same struct file as that of another thread it would obviously cause wrong results. I'm not aware of any such codepaths from openat() itself. Imho, that would be a bug. * Related to the previous point, calling the new fcntl() on files created and opened via special-purpose system calls or ioctl()s would cause wrong results only if the affected subsystem a) raises FMODE_CREATED and b) may return the same struct file for two different calls. I'm not seeing anything outside of regular VFS code that raises FMODE_CREATED. There is code for b) in e.g., the drm layer where the same struct file is resurfaced but again FMODE_CREATED isn't used and it would be very misleading if it did. [1]: https://github.com/systemd/systemd/blob/11d5e2b5fbf9f6bfa5763fd45b56829ad4f0777f/src/basic/fs-util.c#L1078 * patches from https://lore.kernel.org/r/20240724-work-fcntl-v1-0-e8153a2f1991@kernel.org: selftests: add F_CREATED_QUERY tests fcntl: add F_CREATED_QUERY Signed-off-by: Christian Brauner commit d0fe8920cbe42547798fd806f078eeaaba05df18 Author: Christian Brauner Date: Wed Jul 24 15:15:36 2024 +0200 selftests: add F_CREATED_QUERY tests Add simple selftests for fcntl(fd, F_CREATED_QUERY, 0). Link: https://lore.kernel.org/r/20240724-work-fcntl-v1-2-e8153a2f1991@kernel.org Signed-off-by: Christian Brauner commit 820a185896b77814557302b981b092a9e7b36814 Author: Christian Brauner Date: Wed Jul 24 15:15:35 2024 +0200 fcntl: add F_CREATED_QUERY Systemd has a helper called openat_report_new() that returns whether a file was created anew or it already existed before for cases where O_CREAT has to be used without O_EXCL (cf. [1]). That apparently isn't something that's specific to systemd but it's where I noticed it. The current logic is that it first attempts to open the file without O_CREAT | O_EXCL and if it gets ENOENT the helper tries again with both flags. If that succeeds all is well. If it now reports EEXIST it retries. That works fairly well but some corner cases make this more involved. If this operates on a dangling symlink the first openat() without O_CREAT | O_EXCL will return ENOENT but the second openat() with O_CREAT | O_EXCL will fail with EEXIST. The reason is that openat() without O_CREAT | O_EXCL follows the symlink while O_CREAT | O_EXCL doesn't for security reasons. So it's not something we can really change unless we add an explicit opt-in via O_FOLLOW which seems really ugly. The caller could try and use fanotify() to register to listen for creation events in the directory before calling openat(). The caller could then compare the returned tid to its own tid to ensure that even in threaded environments it actually created the file. That might work but is a lot of work for something that should be fairly simple and I'm uncertain about it's reliability. The caller could use a bpf lsm hook to hook into security_file_open() to figure out whether they created the file. That also seems a bit wild. So let's add F_CREATED_QUERY which allows the caller to check whether they actually did create the file. That has caveats of course but I don't think they are problematic: * In multi-threaded environments a thread can only be sure that it did create the file if it calls openat() with O_CREAT. In other words, it's obviously not enough to just go through it's fdtable and check these fds because another thread could've created the file. * If there's any codepaths where an openat() with O_CREAT would yield the same struct file as that of another thread it would obviously cause wrong results. I'm not aware of any such codepaths from openat() itself. Imho, that would be a bug. * Related to the previous point, calling the new fcntl() on files created and opened via special-purpose system calls or ioctl()s would cause wrong results only if the affected subsystem a) raises FMODE_CREATED and b) may return the same struct file for two different calls. I'm not seeing anything outside of regular VFS code that raises FMODE_CREATED. There is code for b) in e.g., the drm layer where the same struct file is resurfaced but again FMODE_CREATED isn't used and it would be very misleading if it did. Link: https://github.com/systemd/systemd/blob/11d5e2b5fbf9f6bfa5763fd45b56829ad4f0777f/src/basic/fs-util.c#L1078 [1] Link: https://lore.kernel.org/r/20240724-work-fcntl-v1-1-e8153a2f1991@kernel.org Reviewed-by: Jeff Layton Reviewed-by: Jan Kara Signed-off-by: Christian Brauner commit 424f8cb7449220e1d479eeba233c8da32c20caf5 Merge: 3e673d651c3749 2da4c51a66cd63 Author: Christian Brauner Date: Mon Aug 19 13:40:11 2024 +0200 Merge patch series "Finish converting jffs2 to folios" Matthew Wilcox (Oracle) says: This patch series applies on top of fs-next. After applying these two patches, there are no more references to 'struct page' in jffs2. I obviously haven't tested it at all beyond compilation. * patches from https://lore.kernel.org/r/20240814195915.249871-1-willy@infradead.org: jffs2: Use a folio in jffs2_garbage_collect_dnode() jffs2: Convert jffs2_do_readpage_nolock to take a folio Link: https://lore.kernel.org/r/20240814195915.249871-1-willy@infradead.org Signed-off-by: Christian Brauner commit 2da4c51a66cd633d9fc8feb3e98eaa5d9924fd45 Author: Matthew Wilcox (Oracle) Date: Wed Aug 14 20:59:13 2024 +0100 jffs2: Use a folio in jffs2_garbage_collect_dnode() Call read_cache_folio() instead of read_cache_page() to get the folio containing the page. No attempt is made here to support large folios as I assume that will never be interesting for jffs2. Includes a switch from kmap to kmap_local which looks safe. Signed-off-by: Matthew Wilcox (Oracle) Link: https://lore.kernel.org/r/20240814195915.249871-3-willy@infradead.org Reviewed-by: Zhihao Cheng Signed-off-by: Christian Brauner commit bcc7d11e6c0969208ee056c39692138a3f56d828 Author: Matthew Wilcox (Oracle) Date: Wed Aug 14 20:59:12 2024 +0100 jffs2: Convert jffs2_do_readpage_nolock to take a folio Both callers now have a folio, so pass it in. No effort is made here to support large folios. Removes several hidden calls to compound_head(), two references to page->index and a use of kmap. Signed-off-by: Matthew Wilcox (Oracle) Link: https://lore.kernel.org/r/20240814195915.249871-2-willy@infradead.org Reviewed-by: Zhihao Cheng Signed-off-by: Christian Brauner commit ac5ebdad20060a734ba5ae75e20dcfc1b89ef998 Author: Konrad Dybcio Date: Wed Aug 14 12:27:25 2024 +0200 dt-bindings: serial: Allow embedded-controller as child node There exist some embedded controllers (like Microsoft SAM found on Surface devices or Apple Oscar found on old iPhones) that connect to the host device via serial. Allow that class of devices to exist under serial interface controller nodes. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240814-topic-sam-v3-1-a84588aad233@quicinc.com Signed-off-by: Hans de Goede commit 7116c35aacedc38be6d15bd21b2fc936eed0008b Author: Matthew Auld Date: Wed Aug 14 12:01:30 2024 +0100 drm/xe: prevent UAF around preempt fence The fence lock is part of the queue, therefore in the current design anything locking the fence should then also hold a ref to the queue to prevent the queue from being freed. However, currently it looks like we signal the fence and then drop the queue ref, but if something is waiting on the fence, the waiter is kicked to wake up at some later point, where upon waking up it first grabs the lock before checking the fence state. But if we have already dropped the queue ref, then the lock might already be freed as part of the queue, leading to uaf. To prevent this, move the fence lock into the fence itself so we don't run into lifetime issues. Alternative might be to have device level lock, or only release the queue in the fence release callback, however that might require pushing to another worker to avoid locking issues. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") References: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2454 References: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2342 References: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2020 Signed-off-by: Matthew Auld Cc: Matthew Brost Cc: # v6.8+ Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240814110129.825847-2-matthew.auld@intel.com commit 3573fee87fe36e7c078d801809b186984ebe10d9 Author: Armin Wolf Date: Tue Aug 13 04:29:03 2024 +0200 platform/x86: lg-laptop: Add operation region support The LEGX0820 ACPI device is expected to provide a custom operation region: OperationRegion (XIN1, 0x8F, Zero, 0x04B0) Field (XIN1, AnyAcc, Lock, Preserve) { DMSG, 8, HDAP, 8, Offset (0x03), AFNM, 8, Offset (0x10), P80B, 8, P81B, 8, P82B, 8, P83B, 8, P84B, 8, P85B, 8, P86B, 8, P87B, 8, Offset (0x20), DTTM, 8, TMP1, 8, LTP1, 8, HTP1, 8, TMP2, 8, LTP2, 8, HTP2, 8, Offset (0x3E8), PMSG, 1600 } The PMSG field is used by AML code to log debug messages when DMSG is true. Since those debug messages are already logged using the standard ACPI Debug object, we set DMSG unconditionally to 0x00 and ignore any writes to PMSG. The TMPx, LTPx, HTPx and AFNM fields are used to inform the driver when the temperature/(presumably) trip points/fan mode changes. This only happens when the DTTM flag is set. Unfortunately we have to implement support for this operation region because the AML codes uses code constructs like this one: If (((\_SB.XINI.PLAV != Zero) && (\_SB.XINI.DTTM != Zero))) The PLAV field gets set to 1 when the driver registers its address space handler, so by default XIN1 should not be accessed. However ACPI does not use short-circuit evaluation when evaluating logical conditions. This causes the DTTM field to be accessed even when PLAV is 0, which results in an ACPI error. Since this check happens inside various thermal-related ACPI control methods, various thermal zone become unusable since any attempt to read their temperature results in an ACPI error. Fix this by providing support for this operation region. I suspect that the problem does not happen under Windows (which seemingly does not use short-circuit evaluation either) because the necessary driver comes preinstalled with the machine. Tested-by: Chris Signed-off-by: Armin Wolf Link: https://lore.kernel.org/r/20240813022903.20567-1-W_Armin@gmx.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 81695066c76fa74aa00aadbcb360cc7ab9c70c51 Author: Michael Ellerman Date: Fri Jul 26 22:33:22 2024 +1000 MAINTAINERS: Mark powerpc spufs as orphaned Jeremy is no longer actively maintaining spufs, mark it as orphan. Also drop the dead developerworks link. Acked-by: Jeremy Kerr Acked-by: Arnd Bergmann Signed-off-by: Michael Ellerman Link: https://msgid.link/20240726123322.1165562-2-mpe@ellerman.id.au commit db9a63913fc7aa6ea419c9a787bfa18937515037 Author: Michael Ellerman Date: Fri Jul 26 22:33:21 2024 +1000 MAINTAINERS: Mark powerpc Cell as orphaned Arnd is no longer actively maintaining Cell, mark it as orphan. Also drop the dead developerworks link. Acked-by: Arnd Bergmann Signed-off-by: Michael Ellerman Link: https://msgid.link/20240726123322.1165562-1-mpe@ellerman.id.au commit e486feb7b8ec04ec7cd53476acc9e18afd4a6a7d Author: Frank Li Date: Wed Aug 14 13:44:20 2024 -0400 ASoC: dt-bindings: convert tlv320aic31xx.txt to yaml Convert binding doc tlv320aic31xx.txt to yaml format. Additional change: - add i2c node in example. - replace MICBIAS_OFF with MICBIAS_2_0v in example because MICBIAS_OFF have been defined in header file. - add ref to dai-common.yaml. - add #sound-dai-cells. Fix below warning: arch/arm64/boot/dts/freescale/imx8mq-zii-ultra-rmb3.dtb: /soc@0/bus@30800000/i2c@30a30000/codec@18: failed to match any schema with compatible: ['ti,tlv320dac3100'] Signed-off-by: Frank Li Reviewed-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240814174422.4026100-1-Frank.Li@nxp.com Signed-off-by: Mark Brown commit 1f3662838a05f1ab6af89a417f6f252d91d0806b Author: Pierre-Louis Bossart Date: Mon Aug 19 08:55:48 2024 +0800 soundwire: intel: increase maximum number of links Intel platforms have enabled 4 links since the beginning, newer platforms now have 5 links. Update the definition accordingly. This patch will have no effect on older platforms where the number of links was hard-coded. A follow-up patch will add a dynamic check that the ACPI-reported information is aligned with hardware capabilities on newer platforms. Acked-by: Vinod Koul Signed-off-by: Pierre-Louis Bossart Reviewed-by: Péter Ujfalusi Signed-off-by: Bard Liao Acked-by: Mark Brown Reviewed-by: Takashi Iwai Link: https://patch.msgid.link/20240819005548.5867-4-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit d2234596be2192d9c1ae34f8c7534531191bc433 Author: Pierre-Louis Bossart Date: Mon Aug 19 08:55:47 2024 +0800 soundwire: intel: add probe-time check on link id In older platforms, the number of links was constant and hard-coded to 4. Newer platforms can have varying number of links, so we need to add a probe-time check to make sure the ACPI-reported information with _DSD properties is aligned with hardware capabilities reported in the SoundWire LCAP register. Acked-by: Vinod Koul Signed-off-by: Pierre-Louis Bossart Reviewed-by: Péter Ujfalusi Signed-off-by: Bard Liao Acked-by: Mark Brown Reviewed-by: Takashi Iwai Link: https://patch.msgid.link/20240819005548.5867-3-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit b27404b2bbf951a11500525dea15681cc970226c Author: Pierre-Louis Bossart Date: Mon Aug 19 08:55:46 2024 +0800 ALSA/ASoC/SoundWire: Intel: use single definition for SDW_INTEL_MAX_LINKS The definitions are currently duplicated in intel-sdw-acpi.c and sof_sdw.c. Move the definition to the sdw_intel.h header, and change the prefix to make it Intel-specific. No functionality change in this patch. Signed-off-by: Pierre-Louis Bossart Reviewed-by: Péter Ujfalusi Signed-off-by: Bard Liao Reviewed-by: Takashi Iwai Link: https://patch.msgid.link/20240819005548.5867-2-yung-chuan.liao@linux.intel.com Signed-off-by: Mark Brown commit 8f2407cb3f1e8586622e80269338efb7bed2f05b Author: Shyam Sundar S K Date: Mon Aug 19 12:04:04 2024 +0530 platform/x86/amd/pmf: Update SMU metrics table for 1AH family series The SMU metrics table has been revised for the 1AH family series. Introduce a new metrics table structure to retrieve comprehensive metrics information from the PMFW. This information will be utilized by the PMF driver to adjust system thermals. Reviewed-by: Ilpo Järvinen Co-developed-by: Patil Rajesh Reddy Signed-off-by: Patil Rajesh Reddy Signed-off-by: Shyam Sundar S K Link: https://lore.kernel.org/r/20240819063404.378061-2-Shyam-sundar.S-k@amd.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 37578054173919d898d2fe0b76d2f5d713937403 Author: Shyam Sundar S K Date: Mon Aug 19 12:04:03 2024 +0530 platform/x86/amd/pmf: Relocate CPU ID macros to the PMF header The CPU ID macros are needed by the Smart PC builder. Therefore, transfer the CPU ID macros from core.c to the common PMF header file. Reviewed-by: Ilpo Järvinen Co-developed-by: Patil Rajesh Reddy Signed-off-by: Patil Rajesh Reddy Signed-off-by: Shyam Sundar S K Link: https://lore.kernel.org/r/20240819063404.378061-1-Shyam-sundar.S-k@amd.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 023a25b071a2d28f8eb8ba46da14f275c92d38d1 Author: Shyam Sundar S K Date: Mon Aug 12 18:48:39 2024 +0530 platform/x86/amd/pmf: Add support for notifying Smart PC Solution updates The APMF function 14 (Notify Smart PC Solution Updates) allows the BIOS (AMD/OEM) to be informed about the outputs of custom Smart PC policies. Enhance the PMF driver to invoke APMF function 14 when these custom policy outputs are triggered. Co-developed-by: Patil Rajesh Reddy Signed-off-by: Patil Rajesh Reddy Signed-off-by: Shyam Sundar S K Link: https://lore.kernel.org/r/20240812131839.308768-1-Shyam-sundar.S-k@amd.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit e35ee8ee498d68de24e6a831ff5d33665b41a802 Author: Ilpo Järvinen Date: Tue Aug 6 11:30:47 2024 +0300 platform/x86: intel/pmc: Remove unused param idx from pmc_for_each_mode() pmc_for_each_mode() takes i (index) variable name as a parameter but the loop index is not used by any of the callers. Make the index variable internal to pmc_for_each_mode(). This also changes the loop logic such that ->lpm_en_modes[] is never read beyond num_lpm_modes. Signed-off-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20240806083047.1562-1-ilpo.jarvinen@linux.intel.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit e26fa546042add70944d018b930530d16b3cf626 Author: Gary Guo Date: Sat Aug 17 17:51:32 2024 +0100 rust: kbuild: auto generate helper exports This removes the need to explicitly export all symbols. Generate helper exports similarly to what's currently done for Rust crates. These helpers are exclusively called from within Rust code and therefore can be treated similar as other Rust symbols. Signed-off-by: Gary Guo Reviewed-by: Boqun Feng Tested-by: Boqun Feng Link: https://lore.kernel.org/r/20240817165302.3852499-1-gary@garyguo.net [ Fixed dependency path, reworded slightly, edited comment a bit and rebased on top of the changes made when applying Andreas' patch (e.g. no `README.md` anymore, so moved the edits). - Miguel ] Signed-off-by: Miguel Ojeda commit 1bf8e07c382bd4f04ede81ecc05267a8ffd60999 Author: Frank Li Date: Wed Aug 14 16:46:18 2024 -0400 dt-binding: ptp: fsl,ptp: add pci1957,ee02 compatible string for fsl,enetc-ptp fsl,enetc-ptp is embedded pcie device. Add compatible string pci1957,ee02. Fix warning: arch/arm64/boot/dts/freescale/fsl-ls1028a-kontron-kbox-a-230-ls.dtb: ethernet@0,4: compatible:0: 'pci1957,ee02' is not one of ['fsl,etsec-ptp', 'fsl,fman-ptp-timer', 'fsl,dpaa2-ptp', 'fsl,enetc-ptp'] Signed-off-by: Frank Li Acked-by: Rob Herring (Arm) Signed-off-by: David S. Miller commit 41776e40082b06c79c3c069559d6ab6664394113 Merge: 1026392d10af7b 3531df81dca2f4 Author: Takashi Iwai Date: Mon Aug 19 10:48:39 2024 +0200 Merge branch 'topic/seq-filter-cleanup' into for-next Pull ALSA sequencer cleanup. Signed-off-by: Takashi Iwai commit 3531df81dca2f42accbc11821c5fa28e4104efd5 Author: Takashi Iwai Date: Mon Aug 19 10:47:49 2024 +0200 ALSA: seq: Drop superfluous filter argument of get_event_dest_client() All callers of get_event_dest_clienter() pass 0 to the filter argument, and it means that the check there is utterly redundant. Drop the superfluous filter argument and its check as a code cleanup. Link: https://patch.msgid.link/20240819084757.11902-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 88d8a3082a949f09809352c334caff80c3ad234f Merge: f2c38c96d51093 e9b503879fd2b6 Author: Bartosz Golaszewski Date: Mon Aug 19 10:13:05 2024 +0200 Merge tag 'ib-mfd-gpio-pwm-v6.12' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/lee/mfd into gpio/for-next Immutable branch between MFD, GPIO and PWM due for the v6.12 merge window commit f2c38c96d51093a38af90e46bca813c7dff671d7 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:13:56 2024 +0200 gpio: of: simplify with scoped for each OF child loop Use scoped for_each_xxx loop when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816151356.154991-1-krzysztof.kozlowski@linaro.org Signed-off-by: Bartosz Golaszewski commit b8e4b0529d59a3ccd0b25a31d3cfc8b0f3b34068 Author: Konrad Dybcio Date: Tue Aug 13 21:08:41 2024 +0200 power: sequencing: qcom-wcn: add support for the WCN6855 PMU Enable support for controlling the power-up sequence of the PMU inside the WCN6855 model. Signed-off-by: Konrad Dybcio [Bartosz: split Konrad's bigger patch, write the commit message] Co-developed-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240813190841.155067-1-brgl@bgdev.pl Signed-off-by: Bartosz Golaszewski commit 100932fc37d468bfa80b5675b653ff65f7bafba7 Author: Christoph Schlameuss Date: Wed Aug 7 17:45:07 2024 +0200 selftests: kvm: s390: Add debug print functions Add functions to simply print some basic state information in selftests. The output can be enabled by setting: #define TH_LOG_ENABLED 1 #define DEBUG 1 * print_psw: current SIE state description and VM run state * print_hex_bytes: print memory with some counting markers * print_hex: PRINT_HEX with 512 bytes * print_run: use print_psw and print_hex to print contents of VM run state and SIE state description * print_regs: print content of general and control registers All prints use pr_debug for the output and can be configured using DEBUG. Signed-off-by: Christoph Schlameuss Acked-by: Janosch Frank Link: https://lore.kernel.org/r/20240807154512.316936-6-schlameuss@linux.ibm.com Signed-off-by: Janosch Frank Message-ID: <20240807154512.316936-6-schlameuss@linux.ibm.com> commit d4f8592f6c42a6df7f570be6c4ccf8bd40838aab Author: Christoph Schlameuss Date: Wed Aug 7 17:45:06 2024 +0200 selftests: kvm: s390: Add test fixture and simple VM setup tests Add a uc_kvm fixture to create and destroy a ucontrol VM. * uc_sie_assertions asserts basic settings in the SIE as setup by the kernel. * uc_attr_mem_limit asserts the memory limit is max value and cannot be set (not supported). * uc_no_dirty_log asserts dirty log is not supported. Signed-off-by: Christoph Schlameuss Reviewed-by: Claudio Imbrenda Link: https://lore.kernel.org/r/20240807154512.316936-5-schlameuss@linux.ibm.com Signed-off-by: Janosch Frank Message-ID: <20240807154512.316936-5-schlameuss@linux.ibm.com> commit 011901fc222435f5bf2d6accb392f749ddebdfe7 Author: Christoph Schlameuss Date: Wed Aug 7 17:45:05 2024 +0200 selftests: kvm: s390: Add s390x ucontrol test suite with hpage test Add test suite to validate the s390x architecture specific ucontrol KVM interface. Make use of the selftest test harness. * uc_cap_hpage testcase verifies that a ucontrol VM cannot be run with hugepages. To allow testing of the ucontrol interface the kernel needs a non-default config containing CONFIG_KVM_S390_UCONTROL. This config needs to be set to built-in (y) as this cannot be built as module. Signed-off-by: Christoph Schlameuss Reviewed-by: Janosch Frank Link: https://lore.kernel.org/r/20240807154512.316936-4-schlameuss@linux.ibm.com Signed-off-by: Janosch Frank Message-ID: <20240807154512.316936-4-schlameuss@linux.ibm.com> commit 845482188e3890269927c47316bcbacee9f71a3f Author: Christoph Schlameuss Date: Wed Aug 7 17:45:04 2024 +0200 selftests: kvm: s390: Add kvm_s390_sie_block definition for userspace tests Subsequent tests do require direct manipulation of the SIE control block. This commit introduces the SIE control block definition for use within the selftests. There are already definitions of this within the kernel. This differs in two ways. * This is the first definition of this in userspace. * In the context of the selftests this does not require atomicity for the flags. With the userspace definition of the SIE block layout now being present we can reuse the values in other tests where applicable. Signed-off-by: Christoph Schlameuss Reviewed-by: Janosch Frank Link: https://lore.kernel.org/r/20240807154512.316936-3-schlameuss@linux.ibm.com Signed-off-by: Janosch Frank Message-ID: <20240807154512.316936-3-schlameuss@linux.ibm.com> commit 252b6fd2e186b793b960fa28ffccb07ccc4d5f51 Author: Christoph Schlameuss Date: Wed Aug 7 17:45:03 2024 +0200 selftests: kvm: s390: Define page sizes in shared header Multiple test cases need page size and shift definitions. By moving the definitions to a single architecture specific header we limit the repetition. Make use of PAGE_SIZE, PAGE_SHIFT and PAGE_MASK defines in existing code. Signed-off-by: Christoph Schlameuss Reviewed-by: Claudio Imbrenda Reviewed-by: Janosch Frank Link: https://lore.kernel.org/r/20240807154512.316936-2-schlameuss@linux.ibm.com Signed-off-by: Janosch Frank Message-ID: <20240807154512.316936-2-schlameuss@linux.ibm.com> commit 09c38ad044e61f4ef3b321669361b161d5a5242f Author: Hariharan Mari Date: Thu Jul 4 13:14:00 2024 +0200 KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query The __insn32_query() function incorrectly uses the RRF instruction format for both the SORTL (RRE format) and DFLTCC (RRF format) instructions. To fix this issue, add separate query functions for SORTL and DFLTCC that use the appropriate instruction formats. Additionally pass the query operand as a pointer to the entire array of 32 elements to slightly optimize performance and readability. Fixes: d668139718a9 ("KVM: s390: provide query function for instructions returning 32 byte") Suggested-by: Heiko Carstens Reviewed-by: Juergen Christ Signed-off-by: Hariharan Mari Signed-off-by: Janosch Frank commit 92a10d3861491d09e73b35db7113dd049659f588 Author: Jann Horn Date: Tue Jul 30 22:15:16 2024 +0200 runtime constants: move list of constants to vmlinux.lds.h Refactor the list of constant variables into a macro. This should make it easier to add more constants in the future. Signed-off-by: Jann Horn Reviewed-by: Alexander Gordeev Reviewed-by: Thomas Gleixner Acked-by: Arnd Bergmann Acked-by: Will Deacon Signed-off-by: Arnd Bergmann commit 7193b5c4758368c3a0de0cf4fa54bc8697caaf86 Author: Al Viro Date: Mon Apr 8 17:43:37 2024 -0400 alpha: no need to include asm/xchg.h twice We used to generate different helpers for local and full {cmp,}xchg(); these days the barriers are in arch_{cmp,}xchg() instead and generated helpers are identical for local and full cases. No need for those parametrized includes of asm/xchg.h - we might as well insert its contents directly in asm/cmpxchg.h and do it only once. Signed-off-by: Al Viro commit 973d248c43f237e53116009dec70091c8e836c11 Author: Bartosz Golaszewski Date: Tue Aug 13 10:27:35 2024 +0200 ARM: davinci: remove unused cpuidle code The cpuidle driver in mach-davinci is no longer used by anyone. Remove it. Link: https://lore.kernel.org/r/20240813082735.52402-1-brgl@bgdev.pl Signed-off-by: Bartosz Golaszewski commit 6b77dab5da721f2fa9d3c3611e1cbaead8030706 Author: Nirmoy Das Date: Fri Aug 16 12:22:48 2024 +0200 drm/xe: Remove redundant param from xe_bo_create_user BO from xe_bo_create_user() will always be of type, ttm_bo_type_device. So remove that redundant parameter. Cc: Matthew Auld Cc: Matthew Brost Cc: Thomas Hellström Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240816102248.25628-1-nirmoy.das@intel.com Signed-off-by: Nirmoy Das commit 3c8787edab857478770b788f81cd16da6fba7fb5 Author: Andrei Simion Date: Mon Aug 12 16:52:31 2024 +0300 ARM: dts: microchip: sama5d29_curiosity: Add reg_5v to supply PMIC nodes Align with the datasheet by adding regulator-5v which supplies each node from the regulator using phandle to regulator-5v through pvin[1-4]-supply and lvin-supply. Co-developed-by: Mihai Sain Signed-off-by: Mihai Sain Signed-off-by: Andrei Simion Link: https://lore.kernel.org/r/20240812135231.43744-8-andrei.simion@microchip.com Signed-off-by: Claudiu Beznea commit 6067310c050eb3a401e11dece2c644ef2138de6e Author: Andrei Simion Date: Mon Aug 12 16:52:30 2024 +0300 ARM: dts: microchip: at91-sama5d27_wlsom1: Add reg_5v to supply PMIC nodes Align with the datasheet by adding regulator-5v which supplies each node from the regulator using phandle to regulator-5v through pvin[1-4]-supply and lvin-supply. Co-developed-by: Mihai Sain Signed-off-by: Mihai Sain Signed-off-by: Andrei Simion Link: https://lore.kernel.org/r/20240812135231.43744-7-andrei.simion@microchip.com Signed-off-by: Claudiu Beznea commit f4a052050ce834f78ab5b0c3deb8d0731b95f693 Author: Andrei Simion Date: Mon Aug 12 16:52:29 2024 +0300 ARM: dts: microchip: at91-sama5d2_icp: Add reg_5v to supply PMIC nodes Align with the datasheet by adding regulator-5v which supplies each node from the regulator using phandle to regulator-5v through pvin[1-4]-supply and lvin-supply. Co-developed-by: Mihai Sain Signed-off-by: Mihai Sain Signed-off-by: Andrei Simion Link: https://lore.kernel.org/r/20240812135231.43744-6-andrei.simion@microchip.com Signed-off-by: Claudiu Beznea commit b6f4d5bccfb9a681e254755ff581eba8eeafabe9 Author: Andrei Simion Date: Mon Aug 12 16:52:28 2024 +0300 ARM: dts: microchip: at91-sama7g54_curiosity: Add reg_5v to supply PMIC nodes Align with the datasheet by adding regulator-5v which supplies each node from the regulator using phandle to regulator-5v through pvin[1-4]-supply and lvin-supply. Co-developed-by: Mihai Sain Signed-off-by: Mihai Sain Signed-off-by: Andrei Simion Link: https://lore.kernel.org/r/20240812135231.43744-5-andrei.simion@microchip.com Signed-off-by: Claudiu Beznea commit c27bc7da27d790c788f6ed8bceb45cd9a57436ba Author: Andrei Simion Date: Mon Aug 12 16:52:27 2024 +0300 ARM: dts: microchip: at91-sama7g5ek: Add reg_5v to supply PMIC nodes Align with the datasheet by adding regulator-5v which supplies each node from the regulator using phandle to regulator-5v through pvin[1-4]-supply and lvin-supply. Co-developed-by: Mihai Sain Signed-off-by: Mihai Sain Signed-off-by: Andrei Simion Link: https://lore.kernel.org/r/20240812135231.43744-4-andrei.simion@microchip.com Signed-off-by: Claudiu Beznea commit ebbe30f4bba127505c5664dd67f519e5e06d16be Merge: 1241b384efa53f 47ac09b91befbb Author: Greg Kroah-Hartman Date: Mon Aug 19 06:24:50 2024 +0200 Merge 6.11-rc4 into tty-next We need the tty/serial fixes in here as well. Signed-off-by: Greg Kroah-Hartman commit ca7df2c7bb5f83fe46aa9ce998b7352c6b28f3a1 Merge: 82313624b2ae5a 47ac09b91befbb Author: Greg Kroah-Hartman Date: Mon Aug 19 06:16:49 2024 +0200 Merge 6.11-rc4 into usb-next We need the usb / thunderbolt fixes in here as well. Signed-off-by: Greg Kroah-Hartman commit 87ee9981d1f86ee9b1623a46c7f9e4ac24461fe4 Merge: 18ec12c97b39ff 47ac09b91befbb Author: Greg Kroah-Hartman Date: Mon Aug 19 06:07:49 2024 +0200 Merge 6.11-rc4 into driver-core-next We need the driver core build fixes in here as well. Signed-off-by: Greg Kroah-Hartman commit 10c8d1bd786508e996837d5d4b125c69315c5529 Merge: 4a017c0163833f 47ac09b91befbb Author: Greg Kroah-Hartman Date: Mon Aug 19 06:02:26 2024 +0200 Merge 6.11-rc4 into char-misc-next We need the char/misc fixes in here as well. Signed-off-by: Greg Kroah-Hartman commit 5aa09297a3dcc798d038bd7436f8c90f664045a6 Author: Atish Patra Date: Fri Aug 16 00:08:09 2024 -0700 RISC-V: KVM: Fix to allow hpmcounter31 from the guest The csr_fun defines a count parameter which defines the total number CSRs emulated in KVM starting from the base. This value should be equal to total number of counters possible for trap/emulation (32). Fixes: a9ac6c37521f ("RISC-V: KVM: Implement trap & emulate for hpmcounters") Signed-off-by: Atish Patra Link: https://lore.kernel.org/r/20240816-kvm_pmu_fixes-v1-2-cdfce386dd93@rivosinc.com Signed-off-by: Anup Patel commit 7d1ffc8b087e97dbe1985912c7a2d00e53cea169 Author: Atish Patra Date: Fri Aug 16 00:08:08 2024 -0700 RISC-V: KVM: Allow legacy PMU access from guest Currently, KVM traps & emulates PMU counter access only if SBI PMU is available as the guest can only configure/read PMU counters via SBI only. However, if SBI PMU is not enabled in the host, the guest will fallback to the legacy PMU which will try to access cycle/instret and result in an illegal instruction trap which is not desired. KVM can allow dummy emulation of cycle/instret only for the guest if SBI PMU is not enabled in the host. The dummy emulation will still return zero as we don't to expose the host counter values from a guest using legacy PMU. Fixes: a9ac6c37521f ("RISC-V: KVM: Implement trap & emulate for hpmcounters") Signed-off-by: Atish Patra Link: https://lore.kernel.org/r/20240816-kvm_pmu_fixes-v1-1-cdfce386dd93@rivosinc.com Signed-off-by: Anup Patel commit 47d40d93292d9cff8dabb735bed83d930fa03950 Author: Anup Patel Date: Thu Aug 15 22:39:07 2024 +0530 RISC-V: KVM: Don't zero-out PMU snapshot area before freeing data With the latest Linux-6.11-rc3, the below NULL pointer crash is observed when SBI PMU snapshot is enabled for the guest and the guest is forcefully powered-off. Unable to handle kernel NULL pointer dereference at virtual address 0000000000000508 Oops [#1] Modules linked in: kvm CPU: 0 UID: 0 PID: 61 Comm: term-poll Not tainted 6.11.0-rc3-00018-g44d7178dd77a #3 Hardware name: riscv-virtio,qemu (DT) epc : __kvm_write_guest_page+0x94/0xa6 [kvm] ra : __kvm_write_guest_page+0x54/0xa6 [kvm] epc : ffffffff01590e98 ra : ffffffff01590e58 sp : ffff8f80001f39b0 gp : ffffffff81512a60 tp : ffffaf80024872c0 t0 : ffffaf800247e000 t1 : 00000000000007e0 t2 : 0000000000000000 s0 : ffff8f80001f39f0 s1 : 00007fff89ac4000 a0 : ffffffff015dd7e8 a1 : 0000000000000086 a2 : 0000000000000000 a3 : ffffaf8000000000 a4 : ffffaf80024882c0 a5 : 0000000000000000 a6 : ffffaf800328d780 a7 : 00000000000001cc s2 : ffffaf800197bd00 s3 : 00000000000828c4 s4 : ffffaf800248c000 s5 : ffffaf800247d000 s6 : 0000000000001000 s7 : 0000000000001000 s8 : 0000000000000000 s9 : 00007fff861fd500 s10: 0000000000000001 s11: 0000000000800000 t3 : 00000000000004d3 t4 : 00000000000004d3 t5 : ffffffff814126e0 t6 : ffffffff81412700 status: 0000000200000120 badaddr: 0000000000000508 cause: 000000000000000d [] __kvm_write_guest_page+0x94/0xa6 [kvm] [] kvm_vcpu_write_guest+0x56/0x90 [kvm] [] kvm_pmu_clear_snapshot_area+0x42/0x7e [kvm] [] kvm_riscv_vcpu_pmu_deinit.part.0+0xe0/0x14e [kvm] [] kvm_riscv_vcpu_pmu_deinit+0x1a/0x24 [kvm] [] kvm_arch_vcpu_destroy+0x28/0x4c [kvm] [] kvm_destroy_vcpus+0x5a/0xda [kvm] [] kvm_arch_destroy_vm+0x14/0x28 [kvm] [] kvm_destroy_vm+0x168/0x2a0 [kvm] [] kvm_put_kvm+0x3c/0x58 [kvm] [] kvm_vm_release+0x22/0x2e [kvm] Clearly, the kvm_vcpu_write_guest() function is crashing because it is being called from kvm_pmu_clear_snapshot_area() upon guest tear down. To address the above issue, simplify the kvm_pmu_clear_snapshot_area() to not zero-out PMU snapshot area from kvm_pmu_clear_snapshot_area() because the guest is anyway being tore down. The kvm_pmu_clear_snapshot_area() is also called when guest changes PMU snapshot area of a VCPU but even in this case the previous PMU snaphsot area must not be zeroed-out because the guest might have reclaimed the pervious PMU snapshot area for some other purpose. Fixes: c2f41ddbcdd7 ("RISC-V: KVM: Implement SBI PMU Snapshot feature") Signed-off-by: Anup Patel Link: https://lore.kernel.org/r/20240815170907.2792229-1-apatel@ventanamicro.com Signed-off-by: Anup Patel commit 6b7b282e6baea06ba65b55ae7d38326ceb79cebf Author: Andrew Jones Date: Wed Aug 7 17:49:44 2024 +0200 RISC-V: KVM: Fix sbiret init before forwarding to userspace When forwarding SBI calls to userspace ensure sbiret.error is initialized to SBI_ERR_NOT_SUPPORTED first, in case userspace neglects to set it to anything. If userspace neglects it then we can't be sure it did anything else either, so we just report it didn't do or try anything. Just init sbiret.value to zero, which is the preferred value to return when nothing special is specified. KVM was already initializing both sbiret.error and sbiret.value, but the values used appear to come from a copy+paste of the __sbi_ecall() implementation, i.e. a0 and a1, which don't apply prior to the call being executed, nor at all when forwarding to userspace. Fixes: dea8ee31a039 ("RISC-V: KVM: Add SBI v0.1 support") Signed-off-by: Andrew Jones Link: https://lore.kernel.org/r/20240807154943.150540-2-ajones@ventanamicro.com Signed-off-by: Anup Patel commit c4d7f546dd9aa9780716cdb07416ca97264dce43 Author: Miguel Ojeda Date: Thu Jul 25 20:33:23 2024 +0200 objtool/kbuild/rust: enable objtool for Rust Now that we should be `objtool`-warning free, enable `objtool` for Rust too. Before this patch series, we were already getting warnings under e.g. IBT builds, since those would see Rust code via `vmlinux.o`. Tested-by: Alice Ryhl Tested-by: Benno Lossin Reviewed-by: Gary Guo Link: https://lore.kernel.org/r/20240725183325.122827-7-ojeda@kernel.org [ Solved trivial conflict. - Miguel ] Signed-off-by: Miguel Ojeda commit 56d680dd23c38067a32fb8aeb74d6ce838fcf26c Author: Miguel Ojeda Date: Thu Jul 25 20:33:22 2024 +0200 objtool/rust: list `noreturn` Rust functions Rust functions may be `noreturn` (i.e. diverging) by returning the "never" type, `!`, e.g. fn f() -> ! { loop {} } Thus list the known `noreturn` functions to avoid such warnings. Without this, `objtool` would complain if enabled for Rust, e.g.: rust/core.o: warning: objtool: _R...9panic_fmt() falls through to next function _R...18panic_nounwind_fmt() rust/alloc.o: warning: objtool: .text: unexpected end of section In order to do so, we cannot match symbols' names exactly, for two reasons: - Rust mangling scheme [1] contains disambiguators [2] which we cannot predict (e.g. they may vary depending on the compiler version). One possibility to solve this would be to parse v0 and ignore/zero those before comparison. - Some of the diverging functions come from `core`, i.e. the Rust standard library, which may change with each compiler version since they are implementation details (e.g. `panic_internals`). Thus, to workaround both issues, only part of the symbols are matched, instead of using the `NORETURN` macro in `noreturns.h`. Ideally, just like for the C side, we should have a better solution. For instance, the compiler could give us the list via something like: $ rustc --emit=noreturns ... [ Kees agrees this should be automated and Peter says: So it would be fairly simple to make objtool consume a magic section emitted by the compiler.. I think we've asked the compiler folks for that at some point even, but I don't have clear recollections. We will ask upstream Rust about it. And if they agree, then perhaps we can get Clang/GCC to implement something similar too -- for this sort of thing we can take advantage of the shorter cycles of `rustc` as well as their unstable features concept to experiment. Gary proposed using DWARF (though it would need to be available), and wrote a proof of concept script using the `object` and `gimli` crates: https://gist.github.com/nbdd0121/449692570622c2f46a29ad9f47c3379a - Miguel ] Link: https://rust-lang.github.io/rfcs/2603-rust-symbol-name-mangling-v0.html [1] Link: https://doc.rust-lang.org/rustc/symbol-mangling/v0.html#disambiguator [2] Acked-by: Peter Zijlstra (Intel) Tested-by: Alice Ryhl Reviewed-by: Kees Cook Tested-by: Benno Lossin Link: https://lore.kernel.org/r/20240725183325.122827-6-ojeda@kernel.org [ Added `len_mismatch_fail` symbol for new `kernel` crate code merged since then as well as 3 more `core::panicking` symbols that appear in `RUST_DEBUG_ASSERTIONS=y` builds. - Miguel ] Signed-off-by: Miguel Ojeda commit fc582dfc1f20476cab9d43d0ee8ec0a6bfe13485 Author: Miguel Ojeda Date: Thu Jul 25 20:33:21 2024 +0200 x86/rust: support MITIGATION_SLS Support `MITIGATION_SLS` by enabling the target features that Clang does. Without this, `objtool` would complain if enabled for Rust, e.g.: rust/core.o: warning: objtool: _R...next_up+0x44: missing int3 after ret These should be eventually enabled via `-Ctarget-feature` when `rustc` starts recognizing them (or via a new dedicated flag) [1]. Link: https://github.com/rust-lang/rust/issues/116851 [1] Reviewed-by: Gary Guo Tested-by: Alice Ryhl Tested-by: Benno Lossin Link: https://lore.kernel.org/r/20240725183325.122827-5-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit d7868550d5731e05148c881f035423f009a2b4d5 Author: Miguel Ojeda Date: Thu Jul 25 20:33:20 2024 +0200 x86/rust: support MITIGATION_RETHUNK The Rust compiler added support for `-Zfunction-return=thunk-extern` [1] in 1.76.0 [2], i.e. the equivalent of `-mfunction-return=thunk-extern`. Thus add support for `MITIGATION_RETHUNK`. Without this, `objtool` would warn if enabled for Rust and already warns under IBT builds, e.g.: samples/rust/rust_print.o: warning: objtool: _R...init+0xa5c: 'naked' return found in RETHUNK build Link: https://github.com/rust-lang/rust/issues/116853 [1] Link: https://github.com/rust-lang/rust/pull/116892 [2] Reviewed-by: Gary Guo Tested-by: Alice Ryhl Tested-by: Benno Lossin Reviewed-by: Thomas Gleixner Link: https://github.com/Rust-for-Linux/linux/issues/945 Link: https://lore.kernel.org/r/20240725183325.122827-4-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit 284a3ac4a96c619af269dfbdef5431a9a2a34d3b Author: Miguel Ojeda Date: Thu Jul 25 20:33:19 2024 +0200 x86/rust: support MITIGATION_RETPOLINE Support `MITIGATION_RETPOLINE` by enabling the target features that Clang does. The existing target feature being enabled was a leftover from our old `rust` branch, and it is not enough: the target feature `retpoline-external-thunk` only implies `retpoline-indirect-calls`, but not `retpoline-indirect-branches` (see LLVM's `X86.td`), unlike Clang's flag of the same name `-mretpoline-external-thunk` which does imply both (see Clang's `lib/Driver/ToolChains/Arch/X86.cpp`). Without this, `objtool` would complain if enabled for Rust, e.g.: rust/core.o: warning: objtool: _R...escape_default+0x13: indirect jump found in RETPOLINE build In addition, change the comment to note that LLVM is the one disabling jump tables when retpoline is enabled, thus we do not need to use `-Zno-jump-tables` for Rust here -- see commit c58f2166ab39 ("Introduce the "retpoline" x86 mitigation technique ...") [1]: The goal is simple: avoid generating code which contains an indirect branch that could have its prediction poisoned by an attacker. In many cases, the compiler can simply use directed conditional branches and a small search tree. LLVM already has support for lowering switches in this way and the first step of this patch is to disable jump-table lowering of switches and introduce a pass to rewrite explicit indirectbr sequences into a switch over integers. As well as a live example at [2]. These should be eventually enabled via `-Ctarget-feature` when `rustc` starts recognizing them (or via a new dedicated flag) [3]. Cc: Daniel Borkmann Link: https://github.com/llvm/llvm-project/commit/c58f2166ab3987f37cb0d7815b561bff5a20a69a [1] Link: https://godbolt.org/z/G4YPr58qG [2] Link: https://github.com/rust-lang/rust/issues/116852 [3] Reviewed-by: Gary Guo Tested-by: Alice Ryhl Tested-by: Benno Lossin Link: https://github.com/Rust-for-Linux/linux/issues/945 Link: https://lore.kernel.org/r/20240725183325.122827-3-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit 289088d54623a1a50bb3ff79f7331bbe501ea591 Author: Miguel Ojeda Date: Thu Jul 25 20:33:18 2024 +0200 rust: module: add static pointer to `{init,cleanup}_module()` Add the equivalent of the `___ADDRESSABLE()` annotation in the `module_{init,exit}` macros to the Rust `module!` macro. Without this, `objtool` would complain if enabled for Rust (under IBT builds), e.g.: samples/rust/rust_print.o: warning: objtool: cleanup_module(): not an indirect call target samples/rust/rust_print.o: warning: objtool: init_module(): not an indirect call target Tested-by: Alice Ryhl Tested-by: Benno Lossin Reviewed-by: Gary Guo Link: https://lore.kernel.org/r/20240725183325.122827-2-ojeda@kernel.org Signed-off-by: Miguel Ojeda commit 876346536c1b59a5b1b5e44477b1b3ece77647fd Author: Andreas Hindborg Date: Thu Aug 15 10:30:26 2024 +0000 rust: kbuild: split up helpers.c This patch splits up the rust helpers C file. When rebasing patch sets on upstream linux, merge conflicts in helpers.c is common and time consuming [1]. Thus, split the file so that each kernel component can live in a separate file. This patch lists helper files explicitly and thus conflicts in the file list is still likely. However, they should be more simple to resolve than the conflicts usually seen in helpers.c. [ Removed `README.md` and undeleted the original comment since now, in v3 of the series, we have a `helpers.c` again; which also allows us to keep the "Sorted alphabetically" line and makes the diff easier. In addition, updated the Documentation/ mentions of the file, reworded title and removed blank lines at the end of `page.c`. - Miguel ] Link: https://rust-for-linux.zulipchat.com/#narrow/stream/288089-General/topic/Splitting.20up.20helpers.2Ec/near/426694012 [1] Signed-off-by: Andreas Hindborg Reviewed-by: Gary Guo Acked-by: Dirk Behme Reviewed-by: Alice Ryhl Reviewed-by: Benno Lossin Link: https://lore.kernel.org/r/20240815103016.2771842-1-nmi@metaspace.dk Signed-off-by: Miguel Ojeda commit f1385dc670fe66860bcec5dcba215364bf71b807 Author: Neal Gompa Date: Wed Jul 31 08:54:28 2024 -0400 init/Kconfig: Only block on RANDSTRUCT for RUST When enabling Rust in the kernel, we only need to block on the RANDSTRUCT feature and GCC plugin. The rest of the GCC plugins are reasonably safe to enable. [ Originally (years ago) we only had this restriction, but we ended up restricting also the rest of the GCC plugins 1) to be on the safe side, 2) since compiler plugin support could be going away in the kernel and 3) since mixed builds are best effort so far; so I asked Neal about his experience enabling the other plugins -- Neal says: When I originally wrote this patch two years ago to get things working, Fedora used all the GCC plugins, so I was trying to get GCC + Rust to work while minimizing the delta on build differences. This was the combination that worked. We've been carrying this patch in the Asahi tree for a year now. And while Fedora does not currently have GCC plugins enabled because it caused issues with some third-party modules (I think it was the NVIDIA driver, but I'm not sure), it was around long enough for me to know with some confidence that it was fine this way. - Miguel ] Signed-off-by: Neal Gompa Link: https://lore.kernel.org/r/20240731125615.3368813-1-neal@gompa.dev Signed-off-by: Miguel Ojeda commit 7bc186731e87482662c4f86da455f435fe838fb6 Author: Miguel Ojeda Date: Tue Jul 30 17:57:02 2024 +0200 rust: error: allow `useless_conversion` for 32-bit builds For the new Rust support for 32-bit arm [1], Clippy warns: error: useless conversion to the same type: `i32` --> rust/kernel/error.rs:139:36 | 139 | unsafe { bindings::ERR_PTR(self.0.into()) as *mut _ } | ^^^^^^^^^^^^^ help: consider removing `.into()`: `self.0` | = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#useless_conversion = note: `-D clippy::useless-conversion` implied by `-D warnings` = help: to override `-D warnings` add `#[allow(clippy::useless_conversion)]` The `self.0.into()` converts an `c_int` into `ERR_PTR`'s parameter which is a `c_long`. Thus, both types are `i32` in 32-bit. Therefore, allow it for those architectures. Link: https://lore.kernel.org/rust-for-linux/2dbd1491-149d-443c-9802-75786a6a3b73@gmail.com/ [1] Reviewed-by: Alice Ryhl Reviewed-by: Christian Schrefl Link: https://lore.kernel.org/r/20240730155702.1110144-1-ojeda@kernel.org [ Fixed typo in tag. - Miguel ] Signed-off-by: Miguel Ojeda commit 7adcdd572248591c3932e27d98b4a086662d5cbe Author: Benno Lossin Date: Tue Jul 30 18:23:04 2024 +0000 rust: types: improve `ForeignOwnable` documentation There are no guarantees for the pointer returned by `into_foreign`. This is simply because there is no safety documentation stating any guarantees. Therefore dereferencing and all other operations for that pointer are not allowed in a general context (i.e. when the concrete type implementing the trait is not known). This might be confusing, therefore add normal documentation to state that there are no guarantees given for the pointer. Signed-off-by: Benno Lossin Reviewed-by: Alice Ryhl Link: https://lore.kernel.org/r/20240730182251.1466684-1-benno.lossin@proton.me Signed-off-by: Miguel Ojeda commit 6c2d0ad53b8ff25cb1a12570191576d834e9108d Author: Alice Ryhl Date: Tue Jul 30 13:06:32 2024 +0000 rust: implement ForeignOwnable for Pin> We already implement ForeignOwnable for Box, but it may be useful to store pinned data in a ForeignOwnable container. This patch makes that possible. This will be used together with upcoming miscdev abstractions, which Binder will use when binderfs is disabled. Signed-off-by: Alice Ryhl Reviewed-by: Benno Lossin Link: https://lore.kernel.org/r/20240730-foreign-ownable-pin-box-v1-1-b1d70cdae541@google.com Signed-off-by: Miguel Ojeda commit 08f983a55ccf0b015e4788d1a0de0da84e4a7626 Author: Alex Mantel Date: Fri Jul 26 21:24:42 2024 -0700 rust: Implement the smart pointer `InPlaceInit` for `Arc` For pinned and unpinned initialization of structs, a trait named `InPlaceInit` exists for uniform access. `Arc` did not implement `InPlaceInit` yet, although the functions already existed. The main reason for that, was that the trait itself returned a `Pin`. The `Arc` implementation of the kernel is already implicitly pinned. To enable `Arc` to implement `InPlaceInit` and to have uniform access, for in-place and pinned in-place initialization, an associated type is introduced for `InPlaceInit`. The new implementation of `InPlaceInit` for `Arc` sets `Arc` as the associated type. Older implementations use an explicit `Pin` as the associated type. The implemented methods for `Arc` are mostly moved from a direct implementation on `Arc`. There should be no user impact. The implementation for `ListArc` is omitted, because it is not merged yet. Link: https://github.com/Rust-for-Linux/linux/issues/1079 Signed-off-by: Alex Mantel Reviewed-by: Alice Ryhl Reviewed-by: Benno Lossin Link: https://lore.kernel.org/r/20240727042442.682109-1-alexmantel93@mailbox.org [ Removed "Rusts" (Benno). - Miguel ] Signed-off-by: Miguel Ojeda commit 1780e411ef940db314578b511518e5872d4a13b4 Author: Cristian Marussi Date: Tue Jul 30 15:47:04 2024 +0100 firmware: arm_scmi: Use max-rx-timeout-ms from devicetree Override default maximum RX timeout with the value picked from the devicetree, when provided. Suggested-by: Peng Fan Signed-off-by: Cristian Marussi Tested-by: Peng Fan #i.MX95 19x19 EVK Message-Id: <20240730144707.1647025-4-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit 3a5e6ab06eabcf105a83199be09453ff1475e77e Author: Peng Fan Date: Tue Jul 30 15:47:03 2024 +0100 dt-bindings: firmware: arm,scmi: Introduce property max-rx-timeout-ms System Controller Management Interface(SCMI) firmwares might have different designs depending on the platform: the maximum receive channel timeout value might vary depending on the specific underlying hardware and firmware design choices. Introduce the general property max-rx-timeout-ms property to describe the transport needs of a specific platform design. Reviewed-by: Rob Herring (Arm) Signed-off-by: Peng Fan [Cristian: reworded commit message, s/mailbox/transport in description] Signed-off-by: Cristian Marussi Tested-by: Peng Fan #i.MX95 19x19 EVK Message-Id: <20240730144707.1647025-3-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit 668f0cb2337f9fc5536a0880a8e13cc735efa00d Author: Cristian Marussi Date: Tue Jul 30 15:47:02 2024 +0100 firmware: arm_scmi: Remove const from transport descriptors The descriptor structure scmi_desc contains a variety of fields related to the transport functionalities and it is defined by the transport drivers themselves; such elements, though, serve varied purposes and have different lifetime. In particular, while there are some of those elements that provide a description of transport features that are supposed to be immutable, on the other side there are present also some other characteristics that are instead supposed to be configurable on a per-platform base since they represent configuration features tied to the specific hardware/firmware system. The immutable fields are already qualified as const on the their own; get rid of the structure-level const qualifier which is not needed, so as to enable possible runtime customization of the mutable configuration features. No functional change. Signed-off-by: Cristian Marussi Tested-by: Peng Fan #i.MX95 19x19 EVK Message-Id: <20240730144707.1647025-2-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit a8bd37e645602afcafc9d5f428c10aeda606b279 Author: Krzysztof Kozlowski Date: Fri Aug 16 17:14:07 2024 +0200 firmware: arm_scmi: Simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Cristian Marussi Message-Id: <20240816151407.155034-1-krzysztof.kozlowski@linaro.org> Signed-off-by: Sudeep Holla commit 54c9e0085bd1015e524d8f4d3c4e78a7bc77ffca Author: Yury Norov Date: Thu Jul 18 17:50:40 2024 -0700 nodemask: Switch from inline to __always_inline 'inline' keyword is only a recommendation for compiler. If it decides to not inline nodemask functions, the whole small_const_nbits() machinery doesn't work. This is how a standard GCC 11.3.0 does for my x86_64 build now. This patch replaces 'inline' directive with unconditional '__always_inline' to make sure that there's always a chance for compile-time optimization. It doesn't change size of kernel image, according to bloat-o-meter. [[ Brian: split out from: Subject: [PATCH 1/3] bitmap: switch from inline to __always_inline https://lore.kernel.org/all/20221027043810.350460-2-yury.norov@gmail.com/ But rewritten, as there were too many conflicts. ]] Co-developed-by: Brian Norris Signed-off-by: Brian Norris Reviewed-by: Kees Cook Reviewed-by: Nathan Chancellor Signed-off-by: Yury Norov commit ab6b1010dab68f6d4bf063517db4ce2d63554bc6 Author: Brian Norris Date: Thu Jul 18 17:50:39 2024 -0700 cpumask: Switch from inline to __always_inline On recent (v6.6+) builds with Clang (based on Clang 18.0.0) and certain configurations [0], I'm finding that (lack of) inlining decisions may lead to section mismatch warnings like the following: WARNING: modpost: vmlinux.o: section mismatch in reference: cpumask_andnot (section: .text) -> cpuhp_bringup_cpus_parallel.tmp_mask (section: .init.data) ERROR: modpost: Section mismatches detected. or more confusingly: WARNING: modpost: vmlinux: section mismatch in reference: cpumask_andnot+0x5f (section: .text) -> efi_systab_phys (section: .init.data) The first warning makes a little sense, because cpuhp_bringup_cpus_parallel() (an __init function) calls cpumask_andnot() on tmp_mask (an __initdata symbol). If the compiler doesn't inline cpumask_andnot(), this may appear like a mismatch. The second warning makes less sense, but might be because efi_systab_phys and cpuhp_bringup_cpus_parallel.tmp_mask are laid out near each other, and the latter isn't a proper C symbol definition. In any case, it seems a reasonable solution to suggest more strongly to the compiler that these cpumask macros *must* be inlined, as 'inline' is just a recommendation. This change has been previously proposed in the past as: Subject: [PATCH 1/3] bitmap: switch from inline to __always_inline https://lore.kernel.org/all/20221027043810.350460-2-yury.norov@gmail.com/ But the change has been split up, to separately justify the cpumask changes (which drive my work) and the bitmap/const optimizations (that Yury separately proposed for other reasons). This ends up as somewhere between a "rebase" and "rewrite" -- I had to rewrite most of the patch. According to bloat-o-meter, vmlinux decreases minimally in size (-0.00% to -0.01%, depending on the version of GCC or Clang and .config in question) with this series of changes: gcc 13.2.0, x86_64_defconfig -3005 bytes, Before=21944501, After=21941496, chg -0.01% clang 16.0.6, x86_64_defconfig -105 bytes, Before=22571692, After=22571587, chg -0.00% gcc 9.5.0, x86_64_defconfig -1771 bytes, Before=21557598, After=21555827, chg -0.01% clang 18.0_pre516547 (ChromiumOS toolchain), x86_64_defconfig -191 bytes, Before=22615339, After=22615148, chg -0.00% clang 18.0_pre516547 (ChromiumOS toolchain), based on ChromiumOS config + gcov -979 bytes, Before=76294783, After=76293804, chg -0.00% [0] CONFIG_HOTPLUG_PARALLEL=y ('select'ed for x86 as of [1]) and CONFIG_GCOV_PROFILE_ALL. [1] commit 0c7ffa32dbd6 ("x86/smpboot/64: Implement arch_cpuhp_init_parallel_bringup() and enable it") Co-developed-by: Brian Norris Signed-off-by: Brian Norris Reviewed-by: Kees Cook Reviewed-by: Nathan Chancellor Signed-off-by: Yury Norov commit ed8cd2b3bd9f070120528fc5403a2d0b5afe07f8 Author: Yury Norov Date: Thu Jul 18 17:50:38 2024 -0700 bitmap: Switch from inline to __always_inline 'inline' keyword is only a recommendation for compiler. If it decides to not inline bitmap functions, the whole small_const_nbits() machinery doesn't work. This is how a standard GCC 11.3.0 does for my x86_64 build now. This patch replaces 'inline' directive with unconditional '__always_inline' to make sure that there's always a chance for compile-time optimization. It doesn't change size of kernel image, according to bloat-o-meter. [[ Brian: split out from: Subject: [PATCH 1/3] bitmap: switch from inline to __always_inline https://lore.kernel.org/all/20221027043810.350460-2-yury.norov@gmail.com/ But rewritten, as there were too many conflicts. ]] Co-developed-by: Brian Norris Signed-off-by: Brian Norris Reviewed-by: Kees Cook Reviewed-by: Nathan Chancellor Signed-off-by: Yury Norov commit fda1dd3c54ef3c4200c2e77634a91610da973950 Author: Yury Norov Date: Thu Jul 18 17:50:37 2024 -0700 find: Switch from inline to __always_inline 'inline' keyword is only a recommendation for compiler. If it decides to not inline find_bit nodemask functions, the whole small_const_nbits() machinery doesn't work. This is how a standard GCC 11.3.0 does for my x86_64 build now. This patch replaces 'inline' directive with unconditional '__always_inline' to make sure that there's always a chance for compile-time optimization. It doesn't change size of kernel image, according to bloat-o-meter. [[ Brian: split out from: Subject: [PATCH 1/3] bitmap: switch from inline to __always_inline https://lore.kernel.org/all/20221027043810.350460-2-yury.norov@gmail.com/ But rewritten, as there were too many conflicts. ]] Co-developed-by: Brian Norris Signed-off-by: Brian Norris Reviewed-by: Kees Cook Reviewed-by: Nathan Chancellor Signed-off-by: Yury Norov commit 1026392d10af7b35361c7ec4e14569d88c0c33e4 Author: Ivan Orlov Date: Tue Aug 13 13:07:01 2024 +0100 selftests: ALSA: Cover userspace-driven timers with test Add a test for the new functionality of userspace-driven timers and the tool which allows us to count timer ticks in a certain time period. The test: 1. Creates a userspace-driven timer with ioctl to /dev/snd/timer 2. Starts the `global-timer` application to count the ticks of the timer from step 1. 3. Asynchronously triggers the timer multiple times with some interval 4. Compares the amount of caught ticks with the amount of trigger calls. Since we can't include and in one file due to overlapping declarations, I have to split the test into two applications: one of them counts the amount of timer ticks in the defined time period, and another one is the actual test which creates the timer, triggers it periodically and starts the first app to count the amount of ticks in a separate thread. Besides from testing the functionality itself, the test represents a sample application showing userspace-driven ALSA timers API. Also, the timer test includes a test case which tries to create a timer with invalid resolution (=0), and NULL as a timer info structure. Signed-off-by: Ivan Orlov Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240813120701.171743-5-ivan.orlov0322@gmail.com commit 37745918e0e7575bc40f38da93a99b9fa6406224 Author: Ivan Orlov Date: Tue Aug 13 13:07:00 2024 +0100 ALSA: timer: Introduce virtual userspace-driven timers Implement two ioctl calls in order to support virtual userspace-driven ALSA timers. The first ioctl is SNDRV_TIMER_IOCTL_CREATE, which gets the snd_timer_uinfo struct as a parameter and puts a file descriptor of a virtual timer into the `fd` field of the snd_timer_unfo structure. It also updates the `id` field of the snd_timer_uinfo struct, which provides a unique identifier for the timer (basically, the subdevice number which can be used when creating timer instances). This patch also introduces a tiny id allocator for the userspace-driven timers, which guarantees that we don't have more than 128 of them in the system. Another ioctl is SNDRV_TIMER_IOCTL_TRIGGER, which allows us to trigger the virtual timer (and calls snd_timer_interrupt for the timer under the hood), causing all of the timer instances binded to this timer to execute their callbacks. The maximum amount of ticks available for the timer is 1 for the sake of simplicity of the userspace API. 'start', 'stop', 'open' and 'close' callbacks for the userspace-driven timers are empty since we don't really do any hardware initialization here. Suggested-by: Axel Holzinger Signed-off-by: Ivan Orlov Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240813120701.171743-4-ivan.orlov0322@gmail.com commit 8fad71b6771afc1f12f1cdf616ae0fca628802e9 Author: Ivan Orlov Date: Tue Aug 13 13:06:59 2024 +0100 Docs/sound: Add documentation for userspace-driven ALSA timers Add the documentation which describes the new userspace-driven timers API introduced in this patch series. The documentation contains: - Description of userspace-driven ALSA timers, what they are for - Description of the timers API - Example of how the timers can be created and triggered - How the timers can be used as a timer sources for snd-aloop module Suggested-by: Axel Holzinger Signed-off-by: Ivan Orlov Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240813120701.171743-3-ivan.orlov0322@gmail.com commit e949df0b021cdd503c4e72db12b1b4154a82d698 Author: Ivan Orlov Date: Tue Aug 13 13:06:58 2024 +0100 ALSA: aloop: Allow using global timers Allow using global timers as a timer source when card id is equal to -1 in the timer_source parameter. Signed-off-by: Ivan Orlov Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240813120701.171743-2-ivan.orlov0322@gmail.com commit 48f1434a4632c7da1a6a94e159512ebddbe13392 Author: Yuntao Liu Date: Thu Aug 15 09:13:12 2024 +0000 ALSA: hda: cs35l41: fix module autoloading Add MODULE_DEVICE_TABLE(), so modules could be properly autoloaded based on the alias from spi_device_id table. Fixes: 7b2f3eb492da ("ALSA: hda: cs35l41: Add support for CS35L41 in HDA systems") Signed-off-by: Yuntao Liu Link: https://patch.msgid.link/20240815091312.757139-1-liuyuntao12@huawei.com Signed-off-by: Takashi Iwai commit 5aedb8d8336b0a0421b58ca27d1b572aa6695b5b Author: Pierre-Louis Bossart Date: Mon Aug 5 19:50:03 2024 +0800 soundwire: intel_bus_common: enable interrupts before exiting reset The existing code enables the Cadence IP interrupts after the bus reset sequence. The problem with this sequence is that it might be pre-empted, giving SoundWire devices time to sync and report as ATTACHED before the interrupts are enabled. In that case, the Cadence IP will not detect a state change and will not throw an interrupt to proceed with the enumeration of a Device0. In our overnight stress tests, we observed that a slight sub-millisecond delay in enabling interrupts after the reset was correlated with detection failures. This problem is more prevalent on the LunarLake silicon, likely due to SOC integration changes, but it was observed on earlier generations as well. This patch reverts the sequence, with the interrupts enabled before performing the bus reset. This removes the race condition and makes sure the Cadence IP is able to detect the presence of a Device0 in all cases. Signed-off-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://lore.kernel.org/r/20240805115003.88035-1-yung-chuan.liao@linux.intel.com Signed-off-by: Vinod Koul commit f8c35d61ba01afa76846905c67862cdace7f66b0 Author: Pierre-Louis Bossart Date: Mon Aug 5 19:49:21 2024 +0800 soundwire: cadence: re-check Peripheral status with delayed_work The SoundWire peripheral enumeration is entirely based on interrupts, more specifically sticky bits tracking state changes. This patch adds a defensive programming check on the actual status reported in PING frames. If for some reason an interrupt was lost or delayed, the delayed work would detect a peripheral change of status after the bus starts. The 100ms defined for the delay is not completely arbitrary, if a Peripheral didn't join the bus within that delay then probably the hardware link is broken, and conversely if the detection didn't happen because of software issues the 100ms is still acceptable in terms of user experience. The overhead of the one-shot workqueue is minimal, and the mutual exclusion ensures that the interrupt and delayed work cannot update the status concurrently. Reviewed-by: Liam Girdwood Signed-off-by: Pierre-Louis Bossart Signed-off-by: Bard Liao Link: https://lore.kernel.org/r/20240805114921.88007-1-yung-chuan.liao@linux.intel.com Signed-off-by: Vinod Koul commit 4099cfda9dd856222d7cab6970a65896375616d5 Author: Francois Dugast Date: Fri Aug 9 17:51:36 2024 +0200 drm/xe/device: Remove unused xe_device::usm::num_vm_in_* Those counters were used to keep track of the numbers VMs in fault mode and in non-fault mode, to determine if the whole device was in fault mode or not. This is no longer needed so remove those variables and their usages. Signed-off-by: Francois Dugast Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240809155156.1955925-12-francois.dugast@intel.com commit 226d92e49a7e7a7f5a3a37a34df7c319b72009fc Author: Francois Dugast Date: Fri Aug 9 17:51:35 2024 +0200 drm/xe/vm: Remove restriction that all VMs must be faulting if one is With this restriction, all VMs on the device must be faulting VMs if there is already one faulting VM, in which case the device is considered in fault mode. This prevents for example an application from running 3D jobs for the compositor while submitting a SVM compute job on the same device. Now that mutual exclusion of faulting LR jobs and dma fence jobs is ensured on the hw engine group, remove this restriction to allow running faulting and non-faulting VMs on the same device. Signed-off-by: Francois Dugast Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240809155156.1955925-11-francois.dugast@intel.com commit d16ef1a18e39a5086a419d8b3c71adb30273881a Author: Francois Dugast Date: Fri Aug 9 17:51:34 2024 +0200 drm/xe/exec: Switch hw engine group execution mode upon job submission If the job about to be submitted is a dma-fence job, update the current execution mode of the hw engine group. This triggers an immediate suspend of the exec queues running faulting long-running jobs. If the job about to be submitted is a long-running job, kick a new worker used to resume the exec queues running faulting long-running jobs once the dma-fence jobs have completed. v2: Kick the resume worker from exec IOCTL, switch to unordered workqueue, destroy it after use (Matt Brost) v3: Do not resume if no exec queue was suspended (Matt Brost) v4: Squash commits (Matt Brost) v5: Do not kick the worker when xe_vm_in_preempt_fence_mode (Matt Brost) Signed-off-by: Francois Dugast Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240809155156.1955925-10-francois.dugast@intel.com commit 770bd1d341130ff38feda169177159cd78389cfc Author: Francois Dugast Date: Fri Aug 9 17:51:33 2024 +0200 drm/xe/hw_engine_group: Ensure safe transition between execution modes Provide a way to safely transition execution modes of the hw engine group ahead of the actual execution. When necessary, either wait for running jobs to complete or preempt them, thus ensuring mutual exclusion between execution modes. Unlike a mutex, the rw_semaphore used in this context allows multiple submissions in the same mode. v2: Use lockdep_assert_held_write, add annotations (Matt Brost) v3: Fix kernel doc, remove redundant code (Matt Brost) v4: Now that xe_hw_engine_group_suspend_faulting_lr_jobs can fail, propagate the error to the caller (Matt Brost) Signed-off-by: Francois Dugast Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240809155156.1955925-9-francois.dugast@intel.com commit 2750ff97ee385b85195c5579ee911a551fbb0dd9 Author: Francois Dugast Date: Fri Aug 9 17:51:32 2024 +0200 drm/xe/hw_engine_group: Add helper to wait for dma fence jobs This is a required feature for faulting long running jobs not to be submitted while dma fence jobs are running on the hw engine group. v2: Switch to lockdep_assert_held_write in worker, get a proper reference for the last fence (Matt Brost) v3: Directly call dma_fence_put with the fence ref (Matt Brost) Signed-off-by: Francois Dugast Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240809155156.1955925-8-francois.dugast@intel.com commit 0d92cd8935a3fffbbfee0fd59cdc89ac5167b14a Author: Francois Dugast Date: Fri Aug 9 17:51:31 2024 +0200 drm/xe/exec_queue: Prepare last fence for hw engine group resume context Ensure we can safely take a ref of the exec queue's last fence from the context of resuming jobs from the hw engine group. The locking requirements differ from the general case, hence the introduction of this new function. v2: Add kernel doc, rework the code to prevent code duplication v3: Fix kernel doc, remove now unnecessary lockdep variants (Matt Brost) v4: Remove new put function (Matt Brost) Signed-off-by: Francois Dugast Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240809155156.1955925-7-francois.dugast@intel.com commit 7f0d7bee2079fc899c8280e177b0c0feb8b9debe Author: Francois Dugast Date: Fri Aug 9 17:51:30 2024 +0200 drm/xe/exec_queue: Remove duplicated code This code section is the same as the body of xe_exec_queue_last_fence_put_unlocked() so call the function instead and remove duplicated code to make maintenance easier. Signed-off-by: Francois Dugast Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240809155156.1955925-6-francois.dugast@intel.com commit 53fdfa19e6a9220a14c0bb21273880774ea70dbd Author: Francois Dugast Date: Fri Aug 9 17:51:29 2024 +0200 drm/xe/hw_engine_group: Add helper to suspend faulting LR jobs This is a required feature for dma fence jobs to preempt faulting long running jobs in order to ensure mutual exclusion on a given hw engine group. v2: Pipeline calls to suspend(q) and suspend_wait(q) to improve efficiency, switch to lockdep_assert_held_write (Matt Brost) v3: Return error on suspend_wait failure to propagate on the call stack up to IOCTL (Matt Brost) Signed-off-by: Francois Dugast Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240809155156.1955925-5-francois.dugast@intel.com commit 7970cb36966c9b9183255dc097ae0446300eebcf Author: Francois Dugast Date: Fri Aug 9 17:51:28 2024 +0200 'drm/xe/hw_engine_group: Register hw engine group's exec queues Add helpers to safely add and delete the exec queues attached to a hw engine group, and make use them at the time of creation and destruction of the exec queues. Keeping track of them is required to control the execution mode of the hw engine group. v2: Improve error handling and robustness, suspend exec queues created in fault mode if group in dma-fence mode, init queue link (Matt Brost) v3: Delete queue from hw engine group when it is destroyed by the user, also clean up at the time of closing the file in case the user did not destroy the queue v4: Use correct list when checking if empty, do not add the queue if VM is in xe_vm_in_preempt_fence_mode (Matt Brost) v5: Remove unrelated newline, add checks and asserts for group, unwind on suspend failure (Matt Brost) Signed-off-by: Francois Dugast Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240809155156.1955925-4-francois.dugast@intel.com commit 3dc6da76ae55d667fca2c9f9497e8ea1a27497b1 Author: Francois Dugast Date: Fri Aug 9 17:51:27 2024 +0200 drm/xe/guc_submit: Make suspend_wait interruptible Rely on wait_event_interruptible_timeout() to put the process to sleep with TASK_INTERRUPTIBLE. It allows using this function in interruptible context. v2: Propagate error on wait_event_interruptible_timeout (Matt Brost) Signed-off-by: Francois Dugast Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240809155156.1955925-3-francois.dugast@intel.com commit f784750c670f7c5ac572590ddad77a89b4c997bf Author: Francois Dugast Date: Fri Aug 9 17:51:26 2024 +0200 drm/xe/hw_engine_group: Introduce xe_hw_engine_group A xe_hw_engine_group is a group of hw engines. Two hw engines belong to the same xe_hw_engine_group if one hw engine cannot make progress while the other is stuck on a page fault. Typically, hw engines of the same group share some resources such as EUs, but this really depends on the hardware configuration of the platforms. The simple engines partitioning proposed here might be too conservative but is intended to work for existing platforms. It can be optimized later if more sets of independent engines are identified. The hw engine groups are intended to be used in the context of faulting long-running jobs submissions. v2: Move to own files, improve error handling (Matt Brost) v3: Fix build issue reported by CI, improve commit message (Matt Roper) v4: Fix kernel doc v5: Add switch case for XE_ENGINE_CLASS_OTHER Signed-off-by: Francois Dugast Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240809155156.1955925-2-francois.dugast@intel.com commit 852856e3b6f679c694dd5ec41e5a3c11aa46640b Author: Matthew Brost Date: Thu Aug 15 20:40:33 2024 -0700 drm/xe: Use reserved copy engine for user binds on faulting devices User binds map to engines with can fault, faults depend on user binds completion, thus we can deadlock. Avoid this by using reserved copy engine for user binds on faulting devices. While we are here, normalize bind queue creation with a helper. v2: - Pass in extensions to bind queue creation (CI) v3: - s/resevered/reserved (Lucas) - Fix NULL hwe check (Jonathan) Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Cc: Thomas Hellström Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240816034033.53837-1-matthew.brost@intel.com commit 0f718e10da81446df0909c9939dff2b77e3b4e95 Author: David Lechner Date: Thu Aug 15 12:22:13 2024 -0500 iio: ABI: add missing calibbias attributes There are a number of calibbias and calibbias_available attributes that are being used by various drivers that have not been documented yet. This adds attributes found by searching the code for: BIT(IIO_CHAN_INFO_CALIBSCALE) A couple of not quite alphabetical order attributes were moved while touching this. Signed-off-by: David Lechner Link: https://patch.msgid.link/20240815-iio-abi-calib-audit-v1-4-536b2fea8620@baylibre.com Signed-off-by: Jonathan Cameron commit 65bb432a2c5d7f5ac9a473f9c9002e5bb2ef628f Author: David Lechner Date: Thu Aug 15 12:22:12 2024 -0500 iio: ABI: add missing calibscale attributes This adds additional calibscale attributes to the ABI documentation for instances found in drivers by searching the code for: BIT(IIO_CHAN_INFO_CALIBSCALE) Signed-off-by: David Lechner Link: https://patch.msgid.link/20240815-iio-abi-calib-audit-v1-3-536b2fea8620@baylibre.com Signed-off-by: Jonathan Cameron commit 6f49235b9e4ff579d625690c2c3523205bb14eb9 Author: David Lechner Date: Thu Aug 15 12:22:11 2024 -0500 iio: ABI: sort calibscale attributes Sort calibscale attributes so that when we add more, they can also be added in alphabetical order. Signed-off-by: David Lechner Link: https://patch.msgid.link/20240815-iio-abi-calib-audit-v1-2-536b2fea8620@baylibre.com Signed-off-by: Jonathan Cameron commit 94290f74c5b73c2db1f49fa1f3bcfcff0b9cacc4 Author: David Lechner Date: Thu Aug 15 12:22:10 2024 -0500 iio: ABI: document calibscale_available attributes There are a number of light sensor drivers that have various calibscale_available attributes. Up to now, these were missing from the documentation. Kernel version 4.8 is used since the first use appears to be in commit eb869ade30a6 ("iio: Add tcs3472 color light sensor driver"). Signed-off-by: David Lechner Link: https://patch.msgid.link/20240815-iio-abi-calib-audit-v1-1-536b2fea8620@baylibre.com Signed-off-by: Jonathan Cameron commit 4bd7e5ce519a9f1de1a58fb10438e45aa9cc85ca Author: Abhash Jha Date: Wed Aug 14 17:01:34 2024 +0530 iio: light: ltr390: Calculate 'counts_per_uvi' dynamically counts_per_uvi depends on the current value of gain and resolution. Hence, we cannot use the hardcoded value 96. The `counts_per_uvi` function gives the count based on the current gain and resolution (integration time). Signed-off-by: Abhash Jha Link: https://patch.msgid.link/20240814113135.14575-3-abhashkumarjha123@gmail.com Signed-off-by: Jonathan Cameron commit 14e0d914a855f9ad2669c0a2ed35f0003f771be5 Author: Abhash Jha Date: Wed Aug 14 17:01:33 2024 +0530 iio: light: ltr390: Add ALS channel and support for gain and resolution Add new ALS channel and allow reading lux and scale values. Also provide gain and resolution configuration for ALS channel. Add automatic mode switching between the UVS and ALS channel based on which channel is being accessed. The default mode in which the sensor start is ALS mode. Signed-off-by: Abhash Jha Link: https://patch.msgid.link/20240814113135.14575-2-abhashkumarjha123@gmail.com Signed-off-by: Jonathan Cameron commit 0a2d94e9fcc0f88cbeac01b3b0368c4deb7e9535 Author: David Lechner Date: Tue Aug 13 12:26:41 2024 -0500 doc: iio: ad4695: document buffered read Update the ad4695 documentation to say that buffered reads are supported. Since there are 4 possible modes of reading conversion data, it is useful to know which one is actually being used, namely the advanced sequencer mode. Signed-off-by: David Lechner Link: https://patch.msgid.link/20240813-iio-adc-ad4695-buffered-read-v2-2-9bb19fc1924b@baylibre.com Signed-off-by: Jonathan Cameron commit 6cc7e4bf2e0841ead708044235bd982e895e2fb5 Author: David Lechner Date: Tue Aug 13 12:26:40 2024 -0500 iio: adc: ad4695: implement triggered buffer This implements buffered reads for the ad4695 driver using the typical triggered buffer implementation, including adding a soft timestamp channel. The chip has 4 different modes for doing conversions. The driver is using the advanced sequencer mode since that is the only mode that allows individual configuration of all aspects each channel (e.g. bipolar config currently and oversampling to be added in the future). Signed-off-by: David Lechner Link: https://patch.msgid.link/20240813-iio-adc-ad4695-buffered-read-v2-1-9bb19fc1924b@baylibre.com Signed-off-by: Jonathan Cameron commit d3bde2243d42a3b857fe72282ed1c19c82bd6e36 Author: Dan Carpenter Date: Mon Aug 12 09:43:05 2024 +0300 iio: proximity: hx9023s: Fix error code in hx9023s_property_get() If we're returning because "reg >= HX9023S_CH_NUM" then set the error code to -ENIVAL instead of success. Fixes: 60df548277b7 ("iio: proximity: Add driver support for TYHX's HX9023S capacitive proximity sensor") Signed-off-by: Dan Carpenter Link: https://patch.msgid.link/49b5a9bc-e5ca-43a7-a665-313eb06fbe27@stanley.mountain Signed-off-by: Jonathan Cameron commit 076c4d18de4e93591641d03fb921875c02b30eb3 Author: Marek Vasut Date: Wed Aug 14 21:19:09 2024 +0200 iio: light: noa1305: Fix up integration time look up The current code is always iterating over two fields in the noa1305_int_time_available array. Fix iteration limit, which has to be halved to avoid out of bounds access in case the value that is being looked up is not in the array. Fixes: 025f23cfebad ("iio: light: noa1305: Make integration time configurable") Reported-by: Dan Carpenter Suggested-by: Jonathan Cameron Signed-off-by: Marek Vasut Link: https://patch.msgid.link/20240814191946.81386-1-marex@denx.de Signed-off-by: Jonathan Cameron commit c524fbca672e07439a4ed5628c93cec10188dc00 Author: Joshua Felmeden Date: Mon Aug 5 09:12:53 2024 +0100 iio: humidity: Add support for ENS210 Add support for ENS210/ENS210A/ENS211/ENS212/ENS213A/ENS215. The ENS21x is a family of temperature and relative humidity sensors with accuracies tailored to the needs of specific applications. Signed-off-by: Joshua Felmeden Link: https://patch.msgid.link/20240805-ens21x-v6-2-5bb576ef26a6@thegoodpenguin.co.uk Signed-off-by: Jonathan Cameron commit 6dde94264a5555f79b7c67e829131b9ad5686c13 Author: Joshua Felmeden Date: Mon Aug 5 09:12:52 2024 +0100 dt-bindings: iio: humidity: add ENS210 sensor family Add device tree documentation for ENS210 family of temperature and humidity sensors Signed-off-by: Joshua Felmeden Reviewed-by: Conor Dooley Reviewed-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240805-ens21x-v6-1-5bb576ef26a6@thegoodpenguin.co.uk Signed-off-by: Jonathan Cameron commit ff6615efa87482600af14c1a1c4b5da4e32f9a82 Author: Yue Haibing Date: Sat Aug 17 17:35:27 2024 +0800 ALSA: trident: Remove unused declarations Commit 8bb8b453cb45 ("[ALSA] trident - clean up obsolete synth codes") remove synth functions but leave declarations. And Commit e5723b41abe5 ("[ALSA] Remove sequencer instrument layer") left snd_trident_attach_synthesizer(). Signed-off-by: Yue Haibing Link: https://patch.msgid.link/20240817093527.1120240-1-yuehaibing@huawei.com Signed-off-by: Takashi Iwai commit b0b228bb8d546edd23e2467ed7669d4ce62ae763 Author: Yue Haibing Date: Sat Aug 17 17:33:34 2024 +0800 ALSA: seq: Remove unused declarations These functions are never implemented and used. Signed-off-by: Yue Haibing Link: https://patch.msgid.link/20240817093334.1120002-1-yuehaibing@huawei.com Signed-off-by: Takashi Iwai commit 0523374e303051c94457df9170f12a752d8b09cf Author: Luca Coelho Date: Tue Aug 13 17:06:18 2024 +0300 drm/i915/gt: remove stray declaration of intel_gt_release_all() When intel_gt_release_all() was removed from the code in commit e89950553385 ("drm/i915: do not clean GT table on error path"), its declaration in the header file remained. Remove it. Signed-off-by: Luca Coelho Reviewed-by: Jonathan Cavitt Reviewed-by: Andi Shyti Signed-off-by: Andi Shyti Link: https://patchwork.freedesktop.org/patch/msgid/20240813140618.387553-1-luciano.coelho@intel.com commit 52f9fcbc7b11b305306c879fcc545d075066bee0 Author: Takashi Sakamoto Date: Sat Aug 17 18:11:28 2024 +0900 firewire: ohci: fix error path to detect initiated reset in TI TSB41BA3D phy A commit 404957c1e207 ("firewire: ohci: use guard macro to serialize accesses to phy registers") refactored initiated_reset() helper function, while the error path was changed wrongly. This commit fixes the bug. Reported-by: Dan Carpenter Fixes: 80f3401dfeb2 ("firewire: ohci: use guard macro to serialize accesses to phy registers") Link: https://lore.kernel.org/r/20240817091128.180303-1-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit aef6987d89544d63a47753cf3741cabff0b5574c Author: Peter Zijlstra Date: Thu Jun 20 13:16:49 2024 +0200 sched/eevdf: Propagate min_slice up the cgroup hierarchy In the absence of an explicit cgroup slice configureation, make mixed slice length work with cgroups by propagating the min_slice up the hierarchy. This ensures the cgroup entity gets timely service to service its entities that have this timing constraint set on them. Signed-off-by: Peter Zijlstra (Intel) Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105030.948188417@infradead.org commit 857b158dc5e81c6de795ef6be006eed146098fc6 Author: Peter Zijlstra Date: Mon May 22 13:46:30 2023 +0200 sched/eevdf: Use sched_attr::sched_runtime to set request/slice suggestion Allow applications to directly set a suggested request/slice length using sched_attr::sched_runtime. The implementation clamps the value to: 0.1[ms] <= slice <= 100[ms] which is 1/10 the size of HZ=1000 and 10 times the size of HZ=100. Applications should strive to use their periodic runtime at a high confidence interval (95%+) as the target slice. Using a smaller slice will introduce undue preemptions, while using a larger value will increase latency. For all the following examples assume a scheduling quantum of 8, and for consistency all examples have W=4: {A,B,C,D}(w=1,r=8): ABCD... +---+---+---+--- t=0, V=1.5 t=1, V=3.5 A |------< A |------< B |------< B |------< C |------< C |------< D |------< D |------< ---+*------+-------+--- ---+--*----+-------+--- t=2, V=5.5 t=3, V=7.5 A |------< A |------< B |------< B |------< C |------< C |------< D |------< D |------< ---+----*--+-------+--- ---+------*+-------+--- Note: 4 identical tasks in FIFO order ~~~ {A,B}(w=1,r=16) C(w=2,r=16) AACCBBCC... +---+---+---+--- t=0, V=1.25 t=2, V=5.25 A |--------------< A |--------------< B |--------------< B |--------------< C |------< C |------< ---+*------+-------+--- ---+----*--+-------+--- t=4, V=8.25 t=6, V=12.25 A |--------------< A |--------------< B |--------------< B |--------------< C |------< C |------< ---+-------*-------+--- ---+-------+---*---+--- Note: 1 heavy task -- because q=8, double r such that the deadline of the w=2 task doesn't go below q. Note: observe the full schedule becomes: W*max(r_i/w_i) = 4*2q = 8q in length. Note: the period of the heavy task is half the full period at: W*(r_i/w_i) = 4*(2q/2) = 4q ~~~ {A,C,D}(w=1,r=16) B(w=1,r=8): BAACCBDD... +---+---+---+--- t=0, V=1.5 t=1, V=3.5 A |--------------< A |---------------< B |------< B |------< C |--------------< C |--------------< D |--------------< D |--------------< ---+*------+-------+--- ---+--*----+-------+--- t=3, V=7.5 t=5, V=11.5 A |---------------< A |---------------< B |------< B |------< C |--------------< C |--------------< D |--------------< D |--------------< ---+------*+-------+--- ---+-------+--*----+--- t=6, V=13.5 A |---------------< B |------< C |--------------< D |--------------< ---+-------+----*--+--- Note: 1 short task -- again double r so that the deadline of the short task won't be below q. Made B short because its not the leftmost task, but is eligible with the 0,1,2,3 spread. Note: like with the heavy task, the period of the short task observes: W*(r_i/w_i) = 4*(1q/1) = 4q ~~~ A(w=1,r=16) B(w=1,r=8) C(w=2,r=16) BCCAABCC... +---+---+---+--- t=0, V=1.25 t=1, V=3.25 A |--------------< A |--------------< B |------< B |------< C |------< C |------< ---+*------+-------+--- ---+--*----+-------+--- t=3, V=7.25 t=5, V=11.25 A |--------------< A |--------------< B |------< B |------< C |------< C |------< ---+------*+-------+--- ---+-------+--*----+--- t=6, V=13.25 A |--------------< B |------< C |------< ---+-------+----*--+--- Note: 1 heavy and 1 short task -- combine them all. Note: both the short and heavy task end up with a period of 4q ~~~ A(w=1,r=16) B(w=2,r=16) C(w=1,r=8) BBCAABBC... +---+---+---+--- t=0, V=1 t=2, V=5 A |--------------< A |--------------< B |------< B |------< C |------< C |------< ---+*------+-------+--- ---+----*--+-------+--- t=3, V=7 t=5, V=11 A |--------------< A |--------------< B |------< B |------< C |------< C |------< ---+------*+-------+--- ---+-------+--*----+--- t=7, V=15 A |--------------< B |------< C |------< ---+-------+------*+--- Note: as before but permuted ~~~ From all this it can be deduced that, for the steady state: - the total period (P) of a schedule is: W*max(r_i/w_i) - the average period of a task is: W*(r_i/w_i) - each task obtains the fair share: w_i/W of each full period P Signed-off-by: Peter Zijlstra (Intel) Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105030.842834421@infradead.org commit 85e511df3cec46021024176672a748008ed135bf Author: Peter Zijlstra Date: Tue Sep 26 14:32:32 2023 +0200 sched/eevdf: Allow shorter slices to wakeup-preempt Part of the reason to have shorter slices is to improve responsiveness. Allow shorter slices to preempt longer slices on wakeup. Task | Runtime ms | Switches | Avg delay ms | Max delay ms | Sum delay ms | 100ms massive_intr 500us cyclictest NO_PREEMPT_SHORT 1 massive_intr:(5) | 846018.956 ms | 779188 | avg: 0.273 ms | max: 58.337 ms | sum:212545.245 ms | 2 massive_intr:(5) | 853450.693 ms | 792269 | avg: 0.275 ms | max: 71.193 ms | sum:218263.588 ms | 3 massive_intr:(5) | 843888.920 ms | 771456 | avg: 0.277 ms | max: 92.405 ms | sum:213353.221 ms | 1 chromium-browse:(8) | 53015.889 ms | 131766 | avg: 0.463 ms | max: 36.341 ms | sum:60959.230 ms | 2 chromium-browse:(8) | 53864.088 ms | 136962 | avg: 0.480 ms | max: 27.091 ms | sum:65687.681 ms | 3 chromium-browse:(9) | 53637.904 ms | 132637 | avg: 0.481 ms | max: 24.756 ms | sum:63781.673 ms | 1 cyclictest:(5) | 12615.604 ms | 639689 | avg: 0.471 ms | max: 32.272 ms | sum:301351.094 ms | 2 cyclictest:(5) | 12511.583 ms | 642578 | avg: 0.448 ms | max: 44.243 ms | sum:287632.830 ms | 3 cyclictest:(5) | 12545.867 ms | 635953 | avg: 0.475 ms | max: 25.530 ms | sum:302374.658 ms | 100ms massive_intr 500us cyclictest PREEMPT_SHORT 1 massive_intr:(5) | 839843.919 ms | 837384 | avg: 0.264 ms | max: 74.366 ms | sum:221476.885 ms | 2 massive_intr:(5) | 852449.913 ms | 845086 | avg: 0.252 ms | max: 68.162 ms | sum:212595.968 ms | 3 massive_intr:(5) | 839180.725 ms | 836883 | avg: 0.266 ms | max: 69.742 ms | sum:222812.038 ms | 1 chromium-browse:(11) | 54591.481 ms | 138388 | avg: 0.458 ms | max: 35.427 ms | sum:63401.508 ms | 2 chromium-browse:(8) | 52034.541 ms | 132276 | avg: 0.436 ms | max: 31.826 ms | sum:57732.958 ms | 3 chromium-browse:(8) | 55231.771 ms | 141892 | avg: 0.469 ms | max: 27.607 ms | sum:66538.697 ms | 1 cyclictest:(5) | 13156.391 ms | 667412 | avg: 0.373 ms | max: 38.247 ms | sum:249174.502 ms | 2 cyclictest:(5) | 12688.939 ms | 665144 | avg: 0.374 ms | max: 33.548 ms | sum:248509.392 ms | 3 cyclictest:(5) | 13475.623 ms | 669110 | avg: 0.370 ms | max: 37.819 ms | sum:247673.390 ms | As per the numbers the, this makes cyclictest (short slice) it's max-delay more consistent and consistency drops the sum-delay. The trade-off is that the massive_intr (long slice) gets more context switches and a slight increase in sum-delay. Chunxin contributed did_preempt_short() where a task that lost slice protection from PREEMPT_SHORT gets rescheduled once it becomes in-eligible. [mike: numbers] Co-Developed-by: Chunxin Zang Signed-off-by: Chunxin Zang Signed-off-by: Peter Zijlstra (Intel) Tested-by: Valentin Schneider Tested-by: Mike Galbraith Link: https://lkml.kernel.org/r/20240727105030.735459544@infradead.org commit 82e9d0456e06cebe2c89f3c73cdbc9e3805e9437 Author: Peter Zijlstra Date: Fri May 31 15:49:40 2024 +0200 sched/fair: Avoid re-setting virtual deadline on 'migrations' During OSPM24 Youssef noted that migrations are re-setting the virtual deadline. Notably everything that does a dequeue-enqueue, like setting nice, changing preferred numa-node, and a myriad of other random crap, will cause this to happen. This shouldn't be. Preserve the relative virtual deadline across such dequeue/enqueue cycles. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105030.625119246@infradead.org commit fc1892becd5672f52329a75c73117b60ac7841b7 Author: Peter Zijlstra Date: Fri Apr 26 13:00:50 2024 +0200 sched/eevdf: Fixup PELT vs DELAYED_DEQUEUE Note that tasks that are kept on the runqueue to burn off negative lag, are not in fact runnable anymore, they'll get dequeued the moment they get picked. As such, don't count this time towards runnable. Thanks to Valentin for spotting I had this backwards initially. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105030.514088302@infradead.org commit 54a58a78779169f9c92a51facf6de7ce94962328 Author: Peter Zijlstra Date: Thu May 23 12:26:06 2024 +0200 sched/fair: Implement DELAY_ZERO 'Extend' DELAY_DEQUEUE by noting that since we wanted to dequeued them at the 0-lag point, truncate lag (eg. don't let them earn positive lag). Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105030.403750550@infradead.org commit 152e11f6df293e816a6a37c69757033cdc72667d Author: Peter Zijlstra Date: Thu May 23 12:25:32 2024 +0200 sched/fair: Implement delayed dequeue Extend / fix 86bfbb7ce4f6 ("sched/fair: Add lag based placement") by noting that lag is fundamentally a temporal measure. It should not be carried around indefinitely. OTOH it should also not be instantly discarded, doing so will allow a task to game the system by purposefully (micro) sleeping at the end of its time quantum. Since lag is intimately tied to the virtual time base, a wall-time based decay is also insufficient, notably competition is required for any of this to make sense. Instead, delay the dequeue and keep the 'tasks' on the runqueue, competing until they are eligible. Strictly speaking, we only care about keeping them until the 0-lag point, but that is a difficult proposition, instead carry them around until they get picked again, and dequeue them at that point. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105030.226163742@infradead.org commit e1459a50ba31831efdfc35278023d959e4ba775b Author: Peter Zijlstra Date: Mon Jul 1 21:38:11 2024 +0200 sched: Teach dequeue_task() about special task states Since special task states must not suffer spurious wakeups, and the proposed delayed dequeue can cause exactly these (under some boundary conditions), propagate this knowledge into dequeue_task() such that it can do the right thing. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105030.110439521@infradead.org commit a1c446611e31ca5363d4db51e398271da1dce0af Author: Peter Zijlstra Date: Mon Jul 1 21:30:09 2024 +0200 sched,freezer: Mark TASK_FROZEN special The special task states are those that do not suffer spurious wakeups, TASK_FROZEN is very much one of those, mark it as such. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105029.998329901@infradead.org commit 781773e3b68031bd001c0c18aa72e8470c225ebd Author: Peter Zijlstra Date: Thu May 23 11:57:43 2024 +0200 sched/fair: Implement ENQUEUE_DELAYED Doing a wakeup on a delayed dequeue task is about as simple as it sounds -- remove the delayed mark and enjoy the fact it was actually still on the runqueue. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105029.888107381@infradead.org commit f12e148892ede8d9ee82bcd3e469e6d01fc077ac Author: Peter Zijlstra Date: Thu May 23 11:26:25 2024 +0200 sched/fair: Prepare pick_next_task() for delayed dequeue Delayed dequeue's natural end is when it gets picked again. Ensure pick_next_task() knows what to do with delayed tasks. Note, this relies on the earlier patch that made pick_next_task() state invariant -- it will restart the pick on dequeue, because obviously the just dequeued task is no longer eligible. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105029.747330118@infradead.org commit 2e0199df252a536a03f4cb0810324dff523d1e79 Author: Peter Zijlstra Date: Thu May 23 11:03:42 2024 +0200 sched/fair: Prepare exit/cleanup paths for delayed_dequeue When dequeue_task() is delayed it becomes possible to exit a task (or cgroup) that is still enqueued. Ensure things are dequeued before freeing. Thanks to Valentin for asking the obvious questions and making switched_from_fair() less weird. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105029.631948434@infradead.org commit e28b5f8bda01720b5ce8456b48cf4b963f9a80a1 Author: Peter Zijlstra Date: Thu May 23 11:00:10 2024 +0200 sched/fair: Assert {set_next,put_prev}_entity() are properly balanced Just a little sanity test.. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105029.486423066@infradead.org commit dfa0a574cbc47bfd5f8985f74c8ea003a37fa078 Author: Peter Zijlstra Date: Wed Jun 5 12:09:11 2024 +0200 sched/uclamg: Handle delayed dequeue Delayed dequeue has tasks sit around on the runqueue that are not actually runnable -- specifically, they will be dequeued the moment they get picked. One side-effect is that such a task can get migrated, which leads to a 'nested' dequeue_task() scenario that messes up uclamp if we don't take care. Notably, dequeue_task(DEQUEUE_SLEEP) can 'fail' and keep the task on the runqueue. This however will have removed the task from uclamp -- per uclamp_rq_dec() in dequeue_task(). So far so good. However, if at that point the task gets migrated -- or nice adjusted or any of a myriad of operations that does a dequeue-enqueue cycle -- we'll pass through dequeue_task()/enqueue_task() again. Without modification this will lead to a double decrement for uclamp, which is wrong. Reported-by: Luis Machado Reported-by: Hongyan Xia Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105029.315205425@infradead.org commit abc158c82ae555078aa5dd2d8407c3df0f868904 Author: Peter Zijlstra Date: Thu May 23 10:55:59 2024 +0200 sched: Prepare generic code for delayed dequeue While most of the delayed dequeue code can be done inside the sched_class itself, there is one location where we do not have an appropriate hook, namely ttwu_runnable(). Add an ENQUEUE_DELAYED call to the on_rq path to deal with waking delayed dequeue tasks. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105029.200000445@infradead.org commit e8901061ca0cd9acbd3d29d41d16c69c2bfff9f0 Author: Peter Zijlstra Date: Thu May 23 10:48:09 2024 +0200 sched: Split DEQUEUE_SLEEP from deactivate_task() As a preparation for dequeue_task() failing, and a second code-path needing to take care of the 'success' path, split out the DEQEUE_SLEEP path from deactivate_task(). Much thanks to Libo for spotting and fixing a TASK_ON_RQ_MIGRATING ordering fail. Fixed-by: Libo Chen Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105029.086192709@infradead.org commit fab4a808ba9fb59b691d7096eed9b1494812ffd6 Author: Peter Zijlstra Date: Wed Apr 3 09:50:41 2024 +0200 sched/fair: Re-organize dequeue_task_fair() Working towards delaying dequeue, notably also inside the hierachy, rework dequeue_task_fair() such that it can 'resume' an interrupted hierarchy walk. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105028.977256873@infradead.org commit 863ccdbb918a77e3f011571f943020bf7f0b114b Author: Peter Zijlstra Date: Wed Apr 3 09:50:20 2024 +0200 sched: Allow sched_class::dequeue_task() to fail Change the function signature of sched_class::dequeue_task() to return a boolean, allowing future patches to 'fail' dequeue. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105028.864630153@infradead.org commit 3b3dd89b8bb0f03657859c22c86c19224f778638 Author: Peter Zijlstra Date: Wed Apr 3 09:50:16 2024 +0200 sched/fair: Unify pick_{,next_}_task_fair() Implement pick_next_task_fair() in terms of pick_task_fair() to de-duplicate the pick loop. More importantly, this makes all the pick loops use the state-invariant form, which is useful to introduce further re-try conditions in later patches. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105028.725062368@infradead.org commit c97f54fe6d014419e557200ed075cf53b47c5420 Author: Peter Zijlstra Date: Wed Apr 3 09:50:12 2024 +0200 sched/fair: Cleanup pick_task_fair()'s curr With 4c456c9ad334 ("sched/fair: Remove unused 'curr' argument from pick_next_entity()") curr is no longer being used, so no point in clearing it. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105028.614707623@infradead.org commit 8e2e13ac6122915bd98315237b0317495e391be0 Author: Peter Zijlstra Date: Wed Apr 3 09:50:07 2024 +0200 sched/fair: Cleanup pick_task_fair() vs throttle Per 54d27365cae8 ("sched/fair: Prevent throttling in early pick_next_task_fair()") the reason check_cfs_rq_runtime() is under the 'if (curr)' check is to ensure the (downward) traversal does not result in an empty cfs_rq. But then the pick_task_fair() 'copy' of all this made it restart the traversal anyway, so that seems to solve the issue too. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Ben Segall Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105028.501679876@infradead.org commit 949090eaf0a3e39aa0f4a675407e16d0e975da11 Author: Peter Zijlstra Date: Wed Oct 4 12:43:53 2023 +0200 sched/eevdf: Remove min_vruntime_copy Since commit e8f331bcc270 ("sched/smp: Use lag to simplify cross-runqueue placement") the min_vruntime_copy is no longer used. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105028.395297941@infradead.org commit f25b7b32b0db6d71b07b06fe8de45b0408541c2a Author: Peter Zijlstra Date: Sat Oct 14 23:12:20 2023 +0200 sched/eevdf: Add feature comments Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Tested-by: Valentin Schneider Link: https://lkml.kernel.org/r/20240727105028.287790895@infradead.org commit 8e84a650079a0044374f57af8d24b367fc795340 Author: Kuan-Wei Chiu Date: Sun Aug 11 14:28:17 2024 +0800 crypto: octeontx2 - Remove custom swap functions in favor of built-in sort swap The custom swap functions used in octeontx2 driver do not perform any special operations and can be replaced with the built-in swap function of sort. This change not only reduces code size but also improves efficiency, especially in scenarios where CONFIG_RETPOLINE is enabled, as it makes indirect function calls more expensive. By using the built-in swap, we avoid these costly indirect function calls, leading to better performance. Signed-off-by: Kuan-Wei Chiu Signed-off-by: Herbert Xu commit a304393a9d950ae498151890d6cacc83909d90a4 Author: Kuan-Wei Chiu Date: Sun Aug 11 14:28:16 2024 +0800 crypto: octeontx - Remove custom swap function in favor of built-in sort swap The custom swap function used in octeontx driver do not perform any special operations and can be replaced with the built-in swap function of sort. This change not only reduces code size but also improves efficiency, especially in scenarios where CONFIG_RETPOLINE is enabled, as it makes indirect function calls more expensive. By using the built-in swap, we avoid these costly indirect function calls, leading to better performance. Signed-off-by: Kuan-Wei Chiu Signed-off-by: Herbert Xu commit 5a72a244bac3e8663834d88bb0b4f9069203e5e0 Author: Herbert Xu Date: Sat Aug 10 14:21:02 2024 +0800 crypto: rsa - Check MPI allocation errors Fixes: 6637e11e4ad2 ("crypto: rsa - allow only odd e and restrict value in FIPS mode") Fixes: f145d411a67e ("crypto: rsa - implement Chinese Remainder Theorem for faster private key operation") Signed-off-by: Herbert Xu commit 560efa7fca4f4f5bd390e54d43cd2cd1831c60cd Author: Herbert Xu Date: Sat Aug 10 14:20:59 2024 +0800 crypto: dh - Check mpi_rshift errors Now that mpi_rshift can return errors, check them. Fixes: 35d2bf20683f ("crypto: dh - calculate Q from P for the full public key verification") Signed-off-by: Herbert Xu commit 8e3a67f2de87ee94ac11ea69beb4edc2993b17a0 Author: Herbert Xu Date: Sat Aug 10 14:20:57 2024 +0800 crypto: lib/mpi - Add error checks to extension The remaining functions added by commit a8ea8bdd9df92a0e5db5b43900abb7a288b8a53e did not check for memory allocation errors. Add the checks and change the API to allow errors to be returned. Fixes: a8ea8bdd9df9 ("lib/mpi: Extend the MPI library") Signed-off-by: Herbert Xu commit fca5cb4dd2b4a9423cb6d112cc71c33899955a1f Author: Herbert Xu Date: Sat Aug 10 14:20:55 2024 +0800 Revert "lib/mpi: Extend the MPI library" This partially reverts commit a8ea8bdd9df92a0e5db5b43900abb7a288b8a53e. Most of it is no longer needed since sm2 has been removed. However, the following functions have been kept as they have developed other uses: mpi_copy mpi_mod mpi_test_bit mpi_set_bit mpi_rshift mpi_add mpi_sub mpi_addm mpi_subm mpi_mul mpi_mulm mpi_tdiv_r mpi_fdiv_r Signed-off-by: Herbert Xu commit f235bc11cc95fcd5847e8249d4c1c9ae5979701c Author: Eric Biggers Date: Fri Aug 9 16:11:49 2024 -0700 crypto: arm/aes-neonbs - go back to using aes-arm directly In aes-neonbs, instead of going through the crypto API for the parts that the bit-sliced AES code doesn't handle, namely AES-CBC encryption and single-block AES, just call the ARM scalar AES cipher directly. This basically goes back to the original approach that was used before commit b56f5cbc7e08 ("crypto: arm/aes-neonbs - resolve fallback cipher at runtime"). Calling the ARM scalar AES cipher directly is faster, simpler, and avoids any chance of bugs specific to the use of fallback ciphers such as module loading deadlocks which have happened twice. The deadlocks turned out to be fixable in other ways, but there's no need to rely on anything so fragile in the first place. The rationale for the above-mentioned commit was to allow people to choose to use a time-invariant AES implementation for the fallback cipher. There are a couple problems with that rationale, though: - In practice the ARM scalar AES cipher (aes-arm) was used anyway, since it has a higher priority than aes-fixed-time. Users *could* go out of their way to disable or blacklist aes-arm, or to lower its priority using NETLINK_CRYPTO, but very few users customize the crypto API to this extent. Systems with the ARMv8 Crypto Extensions used aes-ce, but the bit-sliced algorithms are irrelevant on such systems anyway. - Since commit 913a3aa07d16 ("crypto: arm/aes - add some hardening against cache-timing attacks"), the ARM scalar AES cipher is partially hardened against cache-timing attacks. It actually works like aes-fixed-time, in that it disables interrupts and prefetches its lookup table. It does use a larger table than aes-fixed-time, but even so, it is not clear that aes-fixed-time is meaningfully more time-invariant than aes-arm. And of course, the real solution for time-invariant AES is to use a CPU that supports AES instructions. Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu commit 9a22b2812393d93d84358a760c347c21939029a6 Author: VanGiang Nguyen Date: Fri Aug 9 06:21:42 2024 +0000 padata: use integer wrap around to prevent deadlock on seq_nr overflow When submitting more than 2^32 padata objects to padata_do_serial, the current sorting implementation incorrectly sorts padata objects with overflowed seq_nr, causing them to be placed before existing objects in the reorder list. This leads to a deadlock in the serialization process as padata_find_next cannot match padata->seq_nr and pd->processed because the padata instance with overflowed seq_nr will be selected next. To fix this, we use an unsigned integer wrap around to correctly sort padata objects in scenarios with integer overflow. Fixes: bfde23ce200e ("padata: unbind parallel jobs from specific CPUs") Cc: Co-developed-by: Christian Gafert Signed-off-by: Christian Gafert Co-developed-by: Max Ferger Signed-off-by: Max Ferger Signed-off-by: Van Giang Nguyen Acked-by: Daniel Jordan Signed-off-by: Herbert Xu commit f2f853e7ae4cb0aaf758fa30c07689a8d82680bc Author: Gustavo A. R. Silva Date: Thu Aug 8 16:09:06 2024 -0600 crypto: nx - Use static_assert() to check struct sizes Commit 1e6b251ce175 ("crypto: nx - Avoid -Wflex-array-member-not-at-end warning") introduced tagged `struct nx842_crypto_header_hdr`. We want to ensure that when new members need to be added to the flexible structure, they are always included within this tagged struct. So, we use `static_assert()` to ensure that the memory layout for both the flexible structure and the tagged struct is the same after any changes. Signed-off-by: Gustavo A. R. Silva Signed-off-by: Herbert Xu commit 8caa061cfdf65bca9a3ceb4ce2b2b8e5fb98c1e8 Author: Gustavo A. R. Silva Date: Thu Aug 8 16:05:26 2024 -0600 crypto: qat - Use static_assert() to check struct sizes Commit 140e4c85d540 ("crypto: qat - Avoid -Wflex-array-member-not-at-end warnings") introduced tagged `struct qat_alg_buf_list_hdr`. We want to ensure that when new members need to be added to the flexible structure, they are always included within this tagged struct. So, we use `static_assert()` to ensure that the memory layout for both the flexible structure and the tagged struct is the same after any changes. Signed-off-by: Gustavo A. R. Silva Acked-by: Giovanni Cabiddu Signed-off-by: Herbert Xu commit 9369693a2c8f4832f6cdc8a94cc63cc7f7f9c96c Author: Jia He Date: Tue Aug 6 05:54:44 2024 +0000 crypto: arm64/poly1305 - move data to rodata section When objtool gains support for ARM in the future, it may encounter issues disassembling the following data in the .text section: > .Lzeros: > .long 0,0,0,0,0,0,0,0 > .asciz "Poly1305 for ARMv8, CRYPTOGAMS by \@dot-asm" > .align 2 Move it to .rodata which is a more appropriate section for read-only data. There is a limit on how far the label can be from the instruction, hence use "adrp" and low 12bits offset of the label to avoid the compilation error. Signed-off-by: Jia He Tested-by: Daniel Gomez Signed-off-by: Herbert Xu commit 18e2188c4b2069cf52c12344b47b4f7ac982f555 Author: Thorsten Blum Date: Tue Aug 6 00:11:30 2024 +0200 crypto: chacha20poly1305 - Annotate struct chachapoly_ctx with __counted_by() Add the __counted_by compiler attribute to the flexible array member salt to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Reviewed-by: Kees Cook Signed-off-by: Thorsten Blum Signed-off-by: Herbert Xu commit 3ba963597d19d88eb06b50af8e8757abbdc9035b Author: Dan Carpenter Date: Thu Aug 15 14:24:36 2024 +0300 scsi: ufs: ufshcd-pltfrm: Signedness bug in ufshcd_parse_clock_info() The "sz" variable needs to be a signed type for the error handling to work as intended. Fortunately, there is some sanity checking on "sz" on the next line, so negative values would be caught and it doesn't really affect runtime. Fixes: eab0dce11dd9 ("scsi: ufs: ufshcd-pltfrm: Use of_property_count_u32_elems() to get property length") Signed-off-by: Dan Carpenter Link: https://lore.kernel.org/r/404a4727-89c6-410b-9ece-301fa399d4db@stanley.mountain Reviewed-by: Manivannan Sadhasivam Signed-off-by: Martin K. Petersen commit a99ef548bba01435f19137cf1670861be1c1ee4b Author: Simon Horman Date: Thu Aug 15 16:27:46 2024 +0100 bnx2x: Set ivi->vlan field as an integer In bnx2x_get_vf_config(): * The vlan field of ivi is a 32-bit integer, it is used to store a vlan ID. * The vlan field of bulletin is a 16-bit integer, it is also used to store a vlan ID. In the current code, ivi->vlan is set using memset. But in the case of setting it to the value of bulletin->vlan, this involves reading 32 bits from a 16bit source. This is likely safe, as the following 6 bytes are padding in the same structure, but none the less, it seems undesirable. However, it is entirely unclear to me how this scheme works on big-endian systems. Resolve this by simply assigning integer values to ivi->vlan. Flagged by W=1 builds. f.e. gcc-14 reports: In function 'fortify_memcpy_chk', inlined from 'bnx2x_get_vf_config' at .../bnx2x_sriov.c:2655:4: .../fortify-string.h:580:25: warning: call to '__read_overflow2_field' declared with attribute warning: detected read beyond size of field (2nd parameter); maybe use struct_group()? [-Wattribute-warning] 580 | __read_overflow2_field(q_size_field, size); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Compile tested only. Signed-off-by: Simon Horman Reviewed-by: Brett Creeley Link: https://patch.msgid.link/20240815-bnx2x-int-vlan-v1-1-5940b76e37ad@kernel.org Signed-off-by: Jakub Kicinski commit f4ae8420f6ebdabf97e0c4f5f99412768687985f Author: Christoph Paasch Date: Thu Aug 15 09:12:01 2024 -0700 mpls: Reduce skb re-allocations due to skb_cow() mpls_xmit() needs to prepend the MPLS-labels to the packet. That implies one needs to make sure there is enough space for it in the headers. Calling skb_cow() implies however that one wants to change even the playload part of the packet (which is not true for MPLS). Thus, call skb_cow_head() instead, which is what other tunnelling protocols do. Running a server with this comm it entirely removed the calls to pskb_expand_head() from the callstack in mpls_xmit() thus having significant CPU-reduction, especially at peak times. Cc: Roopa Prabhu Reported-by: Craig Taylor Signed-off-by: Christoph Paasch Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240815161201.22021-1-cpaasch@apple.com Signed-off-by: Jakub Kicinski commit 1c66df862561a11a8ea9b4c97ecfe91983c3bda7 Author: Simon Horman Date: Thu Aug 15 16:19:25 2024 +0100 net: txgbe: Remove unnecessary NULL check before free Remove unnecessary NULL check before freeing using kvfree(). This function will ignore a NULL argument. Flagged by Coccinelle: .../txgbe_hw.c:187:2-8: WARNING: NULL check before some freeing functions is not needed. No functional change intended. Compile tested only. Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240815-txgbe-kvfree-v1-1-5ecf8656f555@kernel.org Signed-off-by: Jakub Kicinski commit 1f803c95693f140bed46cd5581b97592e20b723e Author: Aleksander Jan Bajkowski Date: Thu Aug 15 09:49:56 2024 +0200 net: ethernet: lantiq_etop: remove unused variable Remove a variable that has never been used. Signed-off-by: Aleksander Jan Bajkowski Link: https://patch.msgid.link/20240815074956.155224-1-olek2@wp.pl Signed-off-by: Jakub Kicinski commit 3bce87eb744f1f88523a118e10e0deebf31806ec Merge: 2615639352420e 85652baa895b59 Author: Arnaldo Carvalho de Melo Date: Fri Aug 16 19:43:16 2024 -0300 Merge remote-tracking branch 'torvalds/master' into perf-tools-next To pick up the latest perf-tools merge for 6.11, i.e. to have the current perf tools branch that is getting into 6.11 with the perf-tools-next that is geared towards 6.12. Signed-off-by: Arnaldo Carvalho de Melo commit 2615639352420e6e3115952c5b8f46846e1c6d0e Author: Yicong Yang Date: Fri Aug 2 14:58:00 2024 +0800 perf stat: Display iostat headers correctly Currently we'll only print metric headers for metric leader in aggregration mode. This will make `perf iostat` header not shown since it'll aggregrated globally but don't have metric events: root@ubuntu204:/home/yang/linux/tools/perf# ./perf stat --iostat --timeout 1000 Performance counter stats for 'system wide': port 0000:00 0 0 0 0 0000:80 0 0 0 0 [...] Fix this by excluding the iostat in the check of printing metric headers. Then we can see the headers: root@ubuntu204:/home/yang/linux/tools/perf# ./perf stat --iostat --timeout 1000 Performance counter stats for 'system wide': port Inbound Read(MB) Inbound Write(MB) Outbound Read(MB) Outbound Write(MB) 0000:00 0 0 0 0 0000:80 0 0 0 0 [...] Fixes: 193a9e30207f5477 ("perf stat: Don't display metric header for non-leader uncore events") Signed-off-by: Yicong Yang Acked-by: Namhyung Kim Cc: Ian Rogers Cc: Ingo Molnar Cc: Jonathan Cameron Cc: Junhao He Cc: linuxarm@huawei.com Cc: Mark Rutland Cc: Peter Zijlstra Cc: Shameerali Kolothum Thodi Cc: Zeng Tao Link: https://lore.kernel.org/r/20240802065800.48774-1-yangyicong@huawei.com Signed-off-by: Arnaldo Carvalho de Melo commit 0769a1b7cf30d9a8af0657299e18713ce1587f57 Author: David Hunter Date: Wed Aug 7 14:53:32 2024 -0400 Documentation: Capitalize Fahrenheit in watchdog-api.rst Capitalize "fahrenheit," a spelling mistake. Signed-off-by: David Hunter Reviewed-by: Guenter Roeck Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240807185332.61624-1-david.hunter.linux@gmail.com commit 6bdf5168b6fb19541b0c1862bdaa596d116c7bfb Author: Yang Jihong Date: Tue Aug 6 10:35:33 2024 +0800 perf sched timehist: Fix missing free of session in perf_sched__timehist() When perf_time__parse_str() fails in perf_sched__timehist(), need to free session that was previously created, fix it. Fixes: 853b74071110bed3 ("perf sched timehist: Add option to specify time window of interest") Signed-off-by: Yang Jihong Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: David Ahern Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240806023533.1316348-1-yangjihong@bytedance.com Signed-off-by: Arnaldo Carvalho de Melo commit 8839adc33ff7a5464dbfc17de8afe5fedf9c6029 Author: Philipp Stanner Date: Fri Aug 9 11:52:48 2024 +0200 Documentation: devres: fix error about PCI devres The documentation states that pcim_enable_device() will make "all PCI ops" managed. This is totally false, only a small subset of PCI functions become managed that way. Implicating otherwise has caused at least one bug so far, namely in commit 8558de401b5f ("drm/vboxvideo: use managed pci functions"). Change the function summary so the functions dangerous behavior becomes obvious. Signed-off-by: Philipp Stanner Acked-by: Bjorn Helgaas Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240809095248.14220-2-pstanner@redhat.com commit 965e063743f6fb25add023cced360735b023d478 Author: Peng Fan Date: Sun Aug 4 20:32:56 2024 +0800 clk: clk-conf: support assigned-clock-rates-u64 i.MX95 System Management Control Firmware(SCMI) manages the clock function, it exposes PLL VCO which could support up to 5GHz rate that exceeds UINT32_MAX. So add assigned-clock-rates-u64 support to set rate that exceeds UINT32_MAX. Signed-off-by: Peng Fan Link: https://lore.kernel.org/r/20240804-clk-u64-v4-2-8e55569f39a4@nxp.com Signed-off-by: Stephen Boyd commit 9480fd0cd8a4621d42a88d43b0e7864048a6b09e Author: Tariq Toukan Date: Thu Aug 15 17:23:43 2024 +0300 docs: networking: Align documentation with behavior change Following commit 9f7e8fbb91f8 ("net/mlx5: offset comp irq index in name by one"), which fixed the index in IRQ name to start once again from 0, we change the documentation accordingly. Signed-off-by: Tariq Toukan Reviewed-by: Dragos Tatulea Link: https://patch.msgid.link/20240815142343.2254247-1-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit 02404bdb811dbea6ab523675ec98d9f815cfb3b2 Author: Frank Li Date: Thu Aug 15 12:34:07 2024 -0400 dt-bindings: net: mdio: change nodename match pattern Change mdio.yaml nodename match pattern to '^mdio(-(bus|external))?(@.+|-([0-9]+))$' Fix mdio.yaml wrong parser mdio controller's address instead phy's address when mdio-mux exista. For example: mdio-mux-emi1@54 { compatible = "mdio-mux-mmioreg", "mdio-mux"; mdio@20 { reg = <0x20>; ^^^ This is mdio controller register ethernet-phy@2 { reg = <0x2>; ^^^ This phy's address }; }; }; Only phy's address is limited to 31 because MDIO bus definition. But CHECK_DTBS report below warning: arch/arm64/boot/dts/freescale/fsl-ls1043a-qds.dtb: mdio-mux-emi1@54: mdio@20:reg:0:0: 32 is greater than the maximum of 31 The reason is that "mdio-mux-emi1@54" match "nodename: '^mdio(@.*)?'" in mdio.yaml. Change to '^mdio(-(bus|external))?(@.+|-([0-9]+))?$' to avoid wrong match mdio mux controller's node. Signed-off-by: Frank Li Reviewed-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240815163408.4184705-1-Frank.Li@nxp.com Signed-off-by: Jakub Kicinski commit b2261de75212910e2ca01fa673c8855a535d8c60 Author: Yue Haibing Date: Fri Aug 16 17:58:21 2024 +0800 blk-cgroup: Remove unused declaration blkg_path() Commit bb7e5a193d8b ("block, bfq: remove blkg_path()") removed the implementation but leave declaration. Signed-off-by: Yue Haibing Link: https://lore.kernel.org/r/20240816095821.877842-1-yuehaibing@huawei.com Signed-off-by: Jens Axboe commit 2dce239099d2e18aef7f36a5da43c4c33712d773 Merge: 795b1aa8f37e38 623122ac1c4074 Author: Jakub Kicinski Date: Fri Aug 16 11:28:50 2024 -0700 Merge branch '40GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue Tony Nguyen says: ==================== ice: iavf: add support for TC U32 filters on VFs Ahmed Zaki says: The Intel Ethernet 800 Series is designed with a pipeline that has an on-chip programmable capability called Dynamic Device Personalization (DDP). A DDP package is loaded by the driver during probe time. The DDP package programs functionality in both the parser and switching blocks in the pipeline, allowing dynamic support for new and existing protocols. Once the pipeline is configured, the driver can identify the protocol and apply any HW action in different stages, for example, direct packets to desired hardware queues (flow director), queue groups or drop. Patches 1-8 introduce a DDP package parser API that enables different pipeline stages in the driver to learn the HW parser capabilities from the DDP package that is downloaded to HW. The parser library takes raw packet patterns and masks (in binary) indicating the packet protocol fields to be matched and generates the final HW profiles that can be applied at the required stage. With this API, raw flow filtering for FDIR or RSS could be done on new protocols or headers without any driver or Kernel updates (only need to update the DDP package). These patches were submitted before [1] but were not accepted mainly due to lack of a user. Patches 9-11 extend the virtchnl support to allow the VF to request raw flow director filters. Upon receiving the raw FDIR filter request, the PF driver allocates and runs a parser lib instance and generates the hardware profile definitions required to program the FDIR stage. These were also submitted before [2]. Finally, patches 12 and 13 add TC U32 filter support to the iavf driver. Using the parser API, the ice driver runs the raw patterns sent by the user and then adds a new profile to the FDIR stage associated with the VF's VSI. Refer to examples in patch 13 commit message. [1]: https://lore.kernel.org/netdev/20230904021455.3944605-1-junfeng.guo@intel.com/ [2]: https://lore.kernel.org/intel-wired-lan/20230818064703.154183-1-junfeng.guo@intel.com/ * '40GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue: iavf: add support for offloading tc U32 cls filters iavf: refactor add/del FDIR filters ice: enable FDIR filters from raw binary patterns for VFs ice: add method to disable FDIR SWAP option virtchnl: support raw packet in protocol header ice: add API for parser profile initialization ice: add UDP tunnels support to the parser ice: support turning on/off the parser's double vlan mode ice: add parser execution main loop ice: add parser internal helper functions ice: add debugging functions for the parser sections ice: parse and init various DDP parser sections ice: add parser create and destroy skeleton ==================== Link: https://patch.msgid.link/20240813222249.3708070-1-anthony.l.nguyen@intel.com Signed-off-by: Jakub Kicinski commit 19cff16559a4f2d763faf4f8392bf86d3a21b93c Author: Victor Skvortsov Date: Fri Aug 2 14:22:26 2024 -0400 drm/amdgpu: abort KIQ waits when there is a pending reset Stop waiting for the KIQ to return back when there is a reset pending. It's quite likely that the KIQ will never response. Signed-off-by: Koenig Christian Suggested-by: Lazar Lijo Tested-by: Victor Skvortsov Signed-off-by: Victor Skvortsov Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 96595204195d7e13736a84295e217316610d4cdb Author: Srinivasan Shanmugam Date: Mon Jul 29 21:35:26 2024 +0530 drm/amdgpu: Make enforce_isolation setting per GPU This commit makes enforce_isolation setting to be per GPU and per partition by adding the enforce_isolation array to the adev structure. The adev variable is set based on the global enforce_isolation module parameter during device initialization. In amdgpu_ids.c, the adev->enforce_isolation value for the current GPU is used to determine whether to enforce isolation between graphics and compute processes on that GPU. In amdgpu_ids.c, the adev->enforce_isolation value for the current GPU and partition is used to determine whether to enforce isolation between graphics and compute processes on that GPU and partition. This allows the enforce_isolation setting to be controlled individually for each GPU and each partition, which is useful in a system with multiple GPUs and partitions where different isolation settings might be desired for different GPUs and partitions. v2: fix loop in amdgpu_vmid_mgr_init() (Alex) Cc: Christian König Cc: Alex Deucher Signed-off-by: Srinivasan Shanmugam Signed-off-by: Alex Deucher Suggested-by: Christian König commit ee7a846ea27bcbef5182d15923339a7bf182ec65 Author: Alex Deucher Date: Tue Mar 12 14:22:26 2024 -0400 drm/amdgpu: Emit cleaner shader at end of IB submission This commit introduces the emission of a cleaner shader at the end of the IB submission process. This is achieved by adding a new function pointer, `emit_cleaner_shader`, to the `amdgpu_ring_funcs` structure. If the `emit_cleaner_shader` function is set in the ring functions, it is called during the VM flush process. The cleaner shader is only emitted if the `enable_cleaner_shader` flag is set in the `amdgpu_device` structure. This allows the cleaner shader emission to be controlled on a per-device basis. By emitting a cleaner shader at the end of the IB submission, we can ensure that the VM state is properly cleaned up after each submission. Cc: Christian König Cc: Alex Deucher Signed-off-by: Alex Deucher Signed-off-by: Srinivasan Shanmugam Suggested-by: Christian König commit aec773a1fb0253494b85b073f46a0ba1d798b726 Author: Srinivasan Shanmugam Date: Thu Jun 6 13:12:40 2024 +0530 drm/amdgpu: Add infrastructure for Cleaner Shader feature The cleaner shader is used by the CP firmware to clean LDS and GPRs between processes on the CUs. This adds an internal API for GFX IP code to allocate and initialize the cleaner shader. Cc: Christian König Cc: Alex Deucher Signed-off-by: Alex Deucher Signed-off-by: Srinivasan Shanmugam Suggested-by: Christian König commit f49280ffd254e718ee01ef515fe91854fdf005cf Author: Alex Deucher Date: Wed Aug 14 19:06:36 2024 -0400 drm/amdgpu: handle enforce isolation on non-0 gfxhub Some chips have more than one gfxhub so check if we are a gfxhub rather than just gfxhub 0. Acked-by: Srinivasan Shanmugam Signed-off-by: Alex Deucher commit 2dc3851ef7d9c5439ea8e9623fc36878f3b40649 Author: Alex Deucher Date: Wed Aug 14 10:28:24 2024 -0400 drm/amdgpu/sdma5.2: limit wptr workaround to sdma 5.2.1 The workaround seems to cause stability issues on other SDMA 5.2.x IPs. Fixes: a03ebf116303 ("drm/amdgpu/sdma5.2: Update wptr registers as well as doorbell") Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3556 Acked-by: Ruijing Dong Signed-off-by: Alex Deucher commit 1a2103d68547407a098c237d7cade79b4ad2b88f Author: Sunil Khatri Date: Mon Aug 5 17:27:58 2024 +0530 drm/amdgpu: add vcn ip dump support for vcn_v2_6 Add support for logging the registers in devcoredump buffer for vcn_v2_6. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit bc62abe1b92db4e027a92a6799f2193bb93970ea Author: Sunil Khatri Date: Mon Aug 5 17:26:31 2024 +0530 drm/amdgpu: add print support for vcn_v2_5 ip dump Add support for logging the registers in devcoredump buffer for vcn_v2_5. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit 0eea81ee2e12900bd5276558434b675b52ab2d5d Author: Sunil Khatri Date: Mon Aug 5 17:23:55 2024 +0530 drm/amdgpu: add vcn_v2_5 ip dump support Add support of vcn ip dump in the devcoredump for vcn_v2_5. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit b910cacb4e70066238feafaf3f2430ef2c8c3b12 Author: Sunil Khatri Date: Mon Aug 5 17:19:42 2024 +0530 drm/amdgpu: add print support for vcn_v2_0 ip dump Add support for logging the registers in devcoredump buffer for vcn_v2_0. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit 2239aaa204f1c5002018a02903df7e45a0e0e503 Author: Sunil Khatri Date: Mon Aug 5 17:18:09 2024 +0530 drm/amdgpu: add vcn_v2_0 ip dump support Add support of vcn ip dump in the devcoredump for vcn_v2_0. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit ef9f3b5fd9d2594766c60b1e12b0e72e4918512c Author: Sunil Khatri Date: Mon Aug 5 17:08:22 2024 +0530 drm/amdgpu: add print support for vcn_v1_0 ip dump Add support for logging the registers in devcoredump buffer for vcn_v1_0. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit 837cc7f1bf2bbebb05781efb6bc1b10d5c2e9308 Author: Sunil Khatri Date: Mon Aug 5 17:06:24 2024 +0530 drm/amdgpu: add vcn_v1_0 ip dump support Add support of vcn ip dump in the devcoredump for vcn_v1_0. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit 439c3b124e9ee704766040d5182ccdaeb4d45499 Author: Sunil Khatri Date: Mon Aug 5 12:58:46 2024 +0530 drm/amdgpu: add print support for vcn_v4_0_5 ip dump Add support for logging the registers in devcoredump buffer for vcn_v4_0_5. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit 3a50a51d04d2ca5066949073274e70191104f8e5 Author: Sunil Khatri Date: Mon Aug 5 12:43:07 2024 +0530 drm/amdgpu: add print support for vcn_v4_0 ip dump Add support for logging the registers in devcoredump buffer for vcn_v4_0. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit dc57edda816df4fb43bfc2809675e91d15994195 Author: Sunil Khatri Date: Mon Aug 5 12:52:27 2024 +0530 drm/amdgpu: add print support for vcn_v4_0_3 ip dump Add support for logging the registers in devcoredump buffer for vcn_v4_0_3. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit 46553db49cf7b7dce95879ee0725f7d95de3c184 Author: Sunil Khatri Date: Mon Aug 5 12:57:09 2024 +0530 drm/amdgpu: add vcn_v4_0_5 ip dump support Add support of vcn ip dump in the devcoredump for vcn_v4_0_5. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit 9d87dac3f9adbe30d545c577aab483dfce71143d Author: Sunil Khatri Date: Mon Aug 5 12:31:21 2024 +0530 drm/amdgpu: add vcn_v4_0 ip dump support Add support of vcn ip dump in the devcoredump for vcn_v4_0. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit 8962915044364bb7c36b3018f74371a798aee46d Author: Sunil Khatri Date: Mon Aug 5 12:49:20 2024 +0530 drm/amdgpu: add vcn_v4_0_3 ip dump support Add support of vcn ip dump in the devcoredump for vcn_v4_0_3. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit f3c958ab857927e1ef2cc6806fcb0eb3f36c923a Author: Sunil Khatri Date: Thu Aug 1 19:19:27 2024 +0530 drm/amdgpu: add print support for vcn_v5_0 ip dump Add support for logging the registers in devcoredump buffer for vcn_v5_0. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit 32aada4d0a35ee613ffed23090bc23e1b40da419 Author: Alex Deucher Date: Mon Jun 3 13:48:40 2024 -0400 drm/amdgpu/mes12: add API for user queue reset Add API for resetting user queues. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit d4f1fde734eb73767015272dd2e8af1440b30a9b Author: Alex Deucher Date: Mon Jun 3 13:48:07 2024 -0400 drm/amdgpu/mes11: add API for user queue reset Add API for resetting user queues. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 5b7a59de4845460a313d93d4839258bfb982357c Author: Alex Deucher Date: Mon Jun 3 13:35:05 2024 -0400 drm/amdgpu/mes: add API for user queue reset Add API for resetting user queues. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 478efcb90b074f0fdd18e62b30ce09140bd69022 Author: Alex Deucher Date: Fri Jul 12 16:39:30 2024 -0400 drm/amdgpu/gfx11: export gfx_v11_0_request_gfx_index_mutex() It will be used by the queue reset code. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 76acba7b7f12517990f326fabfecb6f55e334233 Author: Alex Deucher Date: Fri Jul 12 16:37:33 2024 -0400 drm/amdgpu/gfx11: add a mutex for the gfx semaphore This will be used in more places in the future so add a mutex. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit b5be054c585110b2c5c1b180136800e8c41c7bb4 Author: Alex Deucher Date: Fri Jul 12 15:36:19 2024 -0400 drm/amdgpu/gfx11: enter safe mode before touching CP_INT_CNTL Need to enter safe mode before touching GC MMIO. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit d479158f6502a3698b91829fa03bd3f2ea38efe7 Author: Alex Deucher Date: Thu Jul 18 15:59:20 2024 -0400 drm/amdgpu/gfx7: add ring reset callback for gfx Add ring reset callback for gfx. v2: fix operator precedence (kernel test robot) Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 4af8071b654dbd9b8bd003ab8e49eb16b4cb9fcd Author: Alex Deucher Date: Thu Jul 18 15:50:23 2024 -0400 drm/amdgpu/gfx8: add ring reset callback for gfx Add ring reset callback for gfx. v2: fix operator precedence (kernel test robot) Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit f685b38455b0c990a0f018a17b238d8ffb5acccc Author: Sunil Khatri Date: Thu Aug 1 19:17:11 2024 +0530 drm/amdgpu: add vcn_v5_0 ip dump support Add support of vcn ip dump in the devcoredump for vcn_v5_0. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit 6d88c0f94ac07ffc9f08e459cca036f4af08617d Author: Sunil Khatri Date: Wed Jul 24 16:48:28 2024 +0530 drm/amdgpu: add print support for vcn_v3_0 ip dump Add support for logging the registers in devcoredump buffer for vcn_v3_0. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit ab10f7748789fa9247949b530d8ee7d56eafe9a3 Author: Sunil Khatri Date: Wed Jul 24 16:35:41 2024 +0530 drm/amdgpu: add vcn_v3_0 ip dump support Add support of vcn ip dump in the devcoredump for vcn_v3_0. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit 27a74c125d029d0606b81ef865bb68dd975ca2f7 Author: Sunil Khatri Date: Tue Jul 23 13:08:55 2024 +0530 drm/amdgpu: add vcn ip dump ptr in vcn global struct Add pointer to the vcn ip dump in the vcn global structure to be accessible for all vcn version via global adev. Signed-off-by: Sunil Khatri Acked-by: Leo Liu Signed-off-by: Alex Deucher commit 795b1aa8f37e38cf1a6202d274960bdd9c2ac44a Author: Pavan Kumar Linga Date: Wed Aug 14 10:59:02 2024 -0700 idpf: remove redundant 'req_vec_chunks' NULL check 'req_vec_chunks' is used to store the vector info received from the device control plane. The memory for it is allocated in idpf_send_alloc_vectors_msg and returns an error if the memory allocation fails. 'req_vec_chunks' cannot be NULL in the later code flow. So remove the conditional check to extract the vector ids received from the device control plane. Smatch static checker warning: drivers/net/ethernet/intel/idpf/idpf_lib.c:417 idpf_intr_req() error: we previously assumed 'adapter->req_vec_chunks' could be null (see line 360) Reported-by: Dan Carpenter Closes: https://lore.kernel.org/intel-wired-lan/a355ae8a-9011-4a85-a4d1-5b2793bb5f7b@stanley.mountain/ Reviewed-by: Dan Carpenter Signed-off-by: Pavan Kumar Linga Tested-by: Krishneil Singh Signed-off-by: Tony Nguyen Link: https://patch.msgid.link/20240814175903.4166390-1-anthony.l.nguyen@intel.com Signed-off-by: Jakub Kicinski commit 20588d5afce3992ff4fc9b61085e3e1affbac620 Author: Zhang Zekun Date: Mon Aug 12 20:24:15 2024 +0800 drm/amd: Remove unused declarations amdgpu_gart_table_vram_pin() and amdgpu_gart_table_vram_unpin() has been removed since commit 575e55ee4fbc ("drm/amdgpu: recover gart table at resume") remain the declarations untouched in the header files. Besides, amdgpu_dm_display_resume() has also beed removed since commit a80aa93de1a0 ("drm/amd/display: Unify dm resume sequence into a single call"). So, let's remove this unused declarations. Signed-off-by: Zhang Zekun Signed-off-by: Alex Deucher commit 3fbaf475a5b8361ebee7da18964db809e37518b7 Author: Nikita Zhandarovich Date: Tue Aug 6 10:19:04 2024 -0700 drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets Several cs track offsets (such as 'track->db_s_read_offset') either are initialized with or plainly take big enough values that, once shifted 8 bits left, may be hit with integer overflow if the resulting values end up going over u32 limit. Same goes for a few instances of 'surf.layer_size * mslice' multiplications that are added to 'offset' variable - they may potentially overflow as well and need to be validated properly. While some debug prints in this code section take possible overflow issues into account, simply casting to (unsigned long) may be erroneous in its own way, as depending on CPU architecture one is liable to get different results. Fix said problems by: - casting 'offset' to fixed u64 data type instead of ambiguous unsigned long. - casting one of the operands in vulnerable to integer overflow cases to u64. - adjust format specifiers in debug prints to properly represent 'offset' values. Found by Linux Verification Center (linuxtesting.org) with static analysis tool SVACE. Fixes: 285484e2d55e ("drm/radeon: add support for evergreen/ni tiling informations v11") Signed-off-by: Nikita Zhandarovich Signed-off-by: Alex Deucher commit aeac0b5e32e42aaafde0a71877fb0878c9999230 Merge: 7a4e0801b09e86 cc20a4791641a1 Author: Jakub Kicinski Date: Fri Aug 16 11:21:10 2024 -0700 Merge branch 'use-more-devm-for-ag71xx' Rosen Penev says: ==================== use more devm for ag71xx Some of these were introduced after the driver got introduced. In any case, using more devm allows removal of the remove function and overall simplifies the code. All of these were tested on a TP-LINK Archer C7v2. ==================== Link: https://patch.msgid.link/20240813170516.7301-1-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit cc20a4791641a1cbd1525695fac0d4725dd72509 Author: Rosen Penev Date: Tue Aug 13 10:04:59 2024 -0700 net: ag71xx: use devm for register_netdev Allows completely removing the remove function. Nothing is being done manually now. Tested on TP-LINK Archer C7v2. Signed-off-by: Rosen Penev Link: https://patch.msgid.link/20240813170516.7301-4-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 8ef34bea8cad381e0b5c90f9e4e539f48e8c2d7f Author: Rosen Penev Date: Tue Aug 13 10:04:58 2024 -0700 net: ag71xx: use devm for of_mdiobus_register Allows removing ag71xx_mdio_remove. Removed ag.mii_bus variable. Local one can be used with devm. Easier to reason about as mii_bus is only used here now. Also shrinks the struct slightly. Signed-off-by: Rosen Penev Link: https://patch.msgid.link/20240813170516.7301-3-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit df37fcf58f2a02eb0d49d27020e3dbd6c1115288 Author: Rosen Penev Date: Tue Aug 13 10:04:57 2024 -0700 net: ag71xx: devm_clk_get_enabled Allows removal of clk_prepare_enable to simplify the code slightly. Tested on a TP-LINK Archer C7v2. Signed-off-by: Rosen Penev Link: https://patch.msgid.link/20240813170516.7301-2-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit 89ec85d16eb8110d88c273d1d34f1fe5a70ba8cc Author: Yang Wang Date: Tue Aug 13 13:51:48 2024 +0800 drm/amdgpu: fixing rlc firmware loading failure issue Skip rlc firmware validation to ignore firmware header size mismatch issues. This restores the workaround added in commit 849e133c973c ("drm/amdgpu: Fix the null pointer when load rlc firmware") Fixes: 3af2c80ae2f5 ("drm/amdgpu: refine gfx10 firmware loading") Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3551 Signed-off-by: Yang Wang Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 0f2c243dbfa008cec2dad03ea074156b6b176a03 Author: Sunil Khatri Date: Tue Aug 13 22:34:26 2024 +0530 drm/amdgpu: remove ME0 registers from mi300 dump Remove ME0 registers from MI300 gfx_9_4_3 ipdump MI300 does not have gfx ME and hence those register are just empty one and could be dropped. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 3ec2ad7c34c412bd9264cd1ff235d0812be90e82 Author: Alex Deucher Date: Wed Jul 24 18:20:57 2024 -0400 drm/amdgpu/gfx9: use rlc safe mode for soft recovery Protect the MMIO access with safe mode. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit d082e5cde489caf7b29e966a9dbbc3fb43fb9164 Author: Alex Deucher Date: Wed Jul 24 18:20:44 2024 -0400 drm/amdgpu/gfx9.4.3: use rlc safe mode for soft recovery Protect the MMIO access with safe mode. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit a48f31fb78265d992c75d45bea215998367d4956 Author: Alex Deucher Date: Wed Jul 24 18:04:44 2024 -0400 drm/amdgpu/gfx9.4.3: use proper rlc safe mode helpers Rather than open coding it for the queue reset. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 27ef61f9617478c432bc477d4eed8963deb89f24 Author: Alex Deucher Date: Wed Jul 24 17:59:47 2024 -0400 drm/amdgpu/gfx9: use proper rlc safe mode helpers Rather than open coding it for the queue reset. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit c4f503551fd65e50e657219c9bfc2987c51805ca Author: Alex Deucher Date: Wed Jul 17 19:02:50 2024 -0400 drm/amdgpu/gfx9: add ring reset callback for gfx Add ring reset callback for gfx. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 31ef969301e58daaaed1728690e16192b77b9028 Author: Alex Deucher Date: Thu Jul 18 10:20:56 2024 -0400 drm/amdgpu/gfx9: per queue reset only on bare metal It's not supported under SR-IOV at the moment. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 4dc4422f11b041a9cb7a86f2f9bc310e48620fa2 Author: Jiadong Zhu Date: Thu Jul 4 14:51:58 2024 +0800 drm/amdgpu/gfx9.4.3: implement reset_hw_queue for gfx9.4.3 Using mmio to do queue reset. Enter safe mode before writing mmio registers. v2: set register instance offset according to xcc id. Acked-by: Vitaly Prosyak Signed-off-by: Jiadong Zhu Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 2e9bbdd7b7cb5f364a917e7c6eff2a2c36f11895 Author: Jiadong Zhu Date: Thu Jul 4 12:24:31 2024 +0800 drm/amdgpu/gfx9: implement reset_hw_queue for gfx9 Using mmio to do queue reset. Enter safe mode when writing registers. Acked-by: Vitaly Prosyak Signed-off-by: Jiadong Zhu Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 186020c16650d6f7a05774ef318ae9056aae4f21 Author: Jiadong Zhu Date: Thu Jul 4 12:12:42 2024 +0800 drm/amdgpu/gfx: add a new kiq_pm4_funcs callback for reset_hw_queue Add reset_hw_queue in kiq_pm4_funcs callbacks. Acked-by: Vitaly Prosyak Signed-off-by: Jiadong Zhu Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 4c953e53cc34f8601b7b7c6286c65322452d35fe Author: Jiadong Zhu Date: Fri Jun 28 11:48:22 2024 +0800 drm/amdgpu/gfx_9.4.3: wait for reset done before remap There is a racing condition that cp firmware modifies MQD in reset sequence after driver updates it for remapping. We have to wait till CP_HQD_ACTIVE becoming false then remap the queue. v2: fix KIQ locking (Alex) v3: fix KIQ locking harder Acked-by: Vitaly Prosyak Signed-off-by: Jiadong Zhu Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 6f38589e170f7649bb4b5efbff6b681c31433440 Author: Jiadong Zhu Date: Fri Jun 14 13:05:32 2024 +0800 drm/amdgpu/gfx9.4.3: remap queue after reset successfully Kiq command unmap_queues only does the dequeueing action. We have to map the queue back with clean mqd. Acked-by: Vitaly Prosyak Signed-off-by: Jiadong Zhu Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 5d0112f77793c0351faee6c723a6fb9191c12be6 Author: Alex Deucher Date: Mon Jun 3 17:24:03 2024 -0400 drm/amdgpu/gfx9.4.3: add ring reset callback Add ring reset callback for compute. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit fdbd69486b468e4963b4ef9f76901d3788252dd5 Author: Jiadong Zhu Date: Tue Jul 2 09:03:49 2024 +0800 drm/amdgpu/gfx9: wait for reset done before remap There is a racing condition that cp firmware modifies MQD in reset sequence after driver updates it for remapping. We have to wait till CP_HQD_ACTIVE becoming false then remap the queue. v2: fix KIQ locking (Alex) v3: fix KIQ locking harder Acked-by: Vitaly Prosyak Signed-off-by: Jiadong Zhu Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit b5e1a3874fe3cde73a4b02870bf3e8fa43777c5c Author: Jiadong Zhu Date: Tue Jun 11 18:06:44 2024 +0800 drm/amdgpu/gfx9: remap queue after reset successfully Kiq command unmap_queues only does the dequeueing action. We have to map the queue back with clean mqd. Acked-by: Vitaly Prosyak Signed-off-by: Jiadong Zhu Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 5fb4d2a77113d3ebaa5c9dcdbef8b7bdfdeeffb2 Author: Alex Deucher Date: Mon Jun 3 17:23:14 2024 -0400 drm/amdgpu/gfx9: add ring reset callback Add ring reset callback for compute. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit fb0a5834a338329bc665c7ce2b89f3e376557565 Author: Prike Liang Date: Wed Jun 12 15:49:38 2024 +0800 drm/amdgpu: increase the reset counter for the queue reset Update the reset counter for the amdgpu_cs_query_reset_state() Acked-by: Vitaly Prosyak Signed-off-by: Prike Liang Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 15789fa0f0e29cf802f30d0e308da9c6b18c116a Author: Alex Deucher Date: Mon Jun 3 14:38:20 2024 -0400 drm/amdgpu: add per ring reset support (v5) If a specific job is hung, try and reset just the ring associated with the job. v2: move to amdgpu_job.c v3: fix drm_sched_stop() handling when ring reset fails v4: drop unnecessary amdgpu_fence_driver_clear_job_fences() and drm_sched_increase_karma() v5: rework sched_stop handling Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 57a372f67688dc7aee23a2a00bcaf6188f592934 Author: Alex Deucher Date: Tue Apr 9 13:11:53 2024 -0400 drm/amdgpu: add new ring reset callback Use this to reset just a single ring. Acked-by: Vitaly Prosyak Signed-off-by: Alex Deucher commit 406792dc2a5c82e2f312e10c3c2c887de6ef80a4 Author: Soham Dandapat Date: Mon Jul 29 11:59:11 2024 +0530 drm/amdgpu: Return earlier in amdgpu_sw_ring_ib_end if mcbp is off As we don't trigger preemption is sw ring muxer when mcbp is disabled,so return earlier in amdgpu_sw_ring_ib_end function if mcbp is disabled ,not required to call amdgpu_ring_mux_end_ib Signed-off-by: Soham Dandapat Acked-by: Alex Deucher Signed-off-by: Alex Deucher commit 37ee1456239cc5680f672f37417e52db2349965b Author: Sunil Khatri Date: Thu Aug 8 14:23:07 2024 +0530 drm/amdgpu: add cp queue registers print for gfx9_4_3 Add gfx9_4_3 print support of CP queue registers for all queues to be used by devcoredump. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit f9e491c8633277d5398f384cf1fd1a477e04363f Author: Sunil Khatri Date: Thu Aug 8 14:09:06 2024 +0530 drm/amdgpu: add cp queue registers for gfx9_4_3 ipdump Add gfx9 support of CP queue registers for all queues to be used by devcoredump. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit fc7c7498db3da52efe874029a9c2ccc0ad2646ee Author: Matt Roper Date: Thu Aug 15 10:26:04 2024 -0700 drm/xe/mcr: Try to derive dss_per_grp from hwconfig attributes When steering MCR register ranges of type "DSS," the group_id and instance_id values are calculated by dividing the DSS pool according to the size of a gslice or cslice, depending on the platform. These values haven't changed much on past platforms, so we've been able to hardcode the proper divisor so far. However the layout may not be so fixed on future platforms so the proper, future-proof way to determine this is by using some of the attributes from the GuC's hwconfig table. The hwconfig has two attributes reflecting the architectural maximum slice and subslice counts (i.e., before any fusing is considered) that can be used for the purposes of calculating MCR steering targets. If the hwconfig is lacking the necessary values (which should only be possible on older platforms before these attributes were added), we can still fall back to the old hardcoded values. Going forward the hwconfig is expected to always provide the information we need on newer platforms, and any failure to do so will be considered a bug in the firmware that will prevent us from switching to the buggy firmware release. It's worth noting that over time GuC's hwconfig has provided a couple different keys with similar-sounding descriptions. For our purposes here, we only trust the newer key "70" which has supplanted the similarly-named key "2" that existed on older platforms. Bspec: 73210 Signed-off-by: Matt Roper Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240815172602.2729146-4-matthew.d.roper@intel.com commit 8a0f58ec4728ec04c654645bf8ed4070821ebbf3 Author: Matt Roper Date: Thu Aug 15 10:26:03 2024 -0700 drm/xe: Add debugfs to dump GuC's hwconfig Although the query uapi is the official way to get at the GuC's hwconfig table contents, it's still useful to have a quick debugfs interface to dump the table in a human-readable format while debugging the driver. Signed-off-by: Matt Roper Reviewed-by: Jonathan Cavitt Reviewed-by: Jagmeet Randhawa Link: https://patchwork.freedesktop.org/patch/msgid/20240815172602.2729146-3-matthew.d.roper@intel.com commit 7a4e0801b09e8642c2aed4c3db06f5a5f63078f2 Merge: 5da65c41620352 5f1b4f1be2d2b8 Author: Jakub Kicinski Date: Fri Aug 16 11:04:54 2024 -0700 Merge branch 'selftests-fib_rule_tests-cleanups-and-new-tests' Ido Schimmel says: ==================== selftests: fib_rule_tests: Cleanups and new tests This patchset performs some cleanups and adds new tests in preparation for upcoming FIB rule DSCP selector. ==================== Link: https://patch.msgid.link/20240814111005.955359-1-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 437ad4534a15ccf538ddb440cb29d3f445251605 Author: Jesus Narvaez Date: Thu Aug 8 13:49:43 2024 -0700 drm/i915/guc: Change GEM_WARN_ON to guc_err to prevent taints in CI This warning was supposed to catch a harmless issue, but changing to guc_error should prevent kernel taints in CI runs. Signed-off-by: Jesus Narvaez Reviewed-by: Jonathan Cavitt Signed-off-by: John Harrison Link: https://patchwork.freedesktop.org/patch/msgid/20240808204943.911727-1-jesus.narvaez@intel.com commit 5f1b4f1be2d2b8d85dd07352b097cfc7064ad2e5 Author: Ido Schimmel Date: Wed Aug 14 14:10:05 2024 +0300 selftests: fib_rule_tests: Test TOS matching with input routes The TOS value reaches the FIB rule core via different call paths when an input route is looked up compared to an output route. Re-test TOS matching with input routes to exercise these code paths. Pass the 'iif' and 'from' selectors separately from the 'get{,no}match' variables as otherwise the test name is too long to be printed without misalignments. Signed-off-by: Ido Schimmel Link: https://patch.msgid.link/20240814111005.955359-6-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 53f88ed85bdd194b8a30605a264692b28a3ee665 Author: Ido Schimmel Date: Wed Aug 14 14:10:04 2024 +0300 selftests: fib_rule_tests: Add negative connect tests The fib_rule{4,6}_connect tests verify that locally generated traffic from a socket that specifies a DS Field using the IP_TOS / IPV6_TCLASS socket options is correctly redirected using a FIB rule that matches on the given DS Field. Add negative tests to verify that the FIB rule is not hit when the socket specifies a DS Field that differs from the one used by the FIB rule. Signed-off-by: Ido Schimmel Link: https://patch.msgid.link/20240814111005.955359-5-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 9b6dcef32c2d8fe357592da5f6f52ef2edf1652d Author: Ido Schimmel Date: Wed Aug 14 14:10:03 2024 +0300 selftests: fib_rule_tests: Add negative match tests The fib_rule{4,6} tests verify the behavior of a given FIB rule selector (e.g., dport, sport) by redirecting to a routing table with a default route using a FIB rule with the given selector and checking that a route lookup using the selector matches this default route. Add negative tests to verify that a FIB rule is not hit when it should not. Signed-off-by: Ido Schimmel Link: https://patch.msgid.link/20240814111005.955359-4-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit b1487d6abeb5ccfc23f61d600ca63d2b09964f9a Author: Ido Schimmel Date: Wed Aug 14 14:10:02 2024 +0300 selftests: fib_rule_tests: Clarify test results Clarify the test results by grouping the output of test cases belonging to the same test under a common title. This is consistent with the output of fib_tests.sh. Before: # ./fib_rule_tests.sh TEST: rule6 check: oif redirect to table [ OK ] TEST: rule6 del by pref: oif redirect to table [ OK ] [...] TEST: rule4 check: oif redirect to table [ OK ] TEST: rule4 del by pref: oif redirect to table [ OK ] [...] Tests passed: 116 Tests failed: 0 After: # ./fib_rule_tests.sh IPv6 FIB rule tests TEST: rule6 check: oif redirect to table [ OK ] TEST: rule6 del by pref: oif redirect to table [ OK ] [...] IPv4 FIB rule tests TEST: rule4 check: oif redirect to table [ OK ] TEST: rule4 del by pref: oif redirect to table [ OK ] [...] Tests passed: 116 Tests failed: 0 Signed-off-by: Ido Schimmel Link: https://patch.msgid.link/20240814111005.955359-3-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit 30dcdd6a3a6caa27d75196bcc4f6ea9c7a51ad19 Author: Ido Schimmel Date: Wed Aug 14 14:10:01 2024 +0300 selftests: fib_rule_tests: Remove unused functions The functions are unused since commit 816cda9ae531 ("selftests: net: fib_rule_tests: add support to select a test to run"). Remove them. Signed-off-by: Ido Schimmel Link: https://patch.msgid.link/20240814111005.955359-2-idosch@nvidia.com Signed-off-by: Jakub Kicinski commit ed7171ff9fabc49ae6ed42fbd082a576473836fc Merge: db3461a7743817 a809b92ee0f84c Author: Lucas De Marchi Date: Fri Aug 16 10:05:54 2024 -0700 Merge drm/drm-next into drm-xe-next Get drm-xe-next on v6.11-rc2 and synchronized with drm-intel-next for the display side. This resolves the current conflict for the enable_display module parameter and allows further pending refactors. Signed-off-by: Lucas De Marchi commit 5da65c41620352a7705f308cedf5a20d94e726d8 Merge: c39be5e818e776 c7be6e70d20c0f Author: Jakub Kicinski Date: Fri Aug 16 10:27:50 2024 -0700 Merge branch 'ipv6-add-ipv6_addr_-cpu_to_be32-be32_to_cpu-helpers' Simon Horman says: ==================== ipv6: Add ipv6_addr_{cpu_to_be32,be32_to_cpu} helpers This series adds and uses some new helpers, ipv6_addr_{cpu_to_be32,be32_to_cpu}, which are intended to assist in byte order manipulation of IPv6 addresses stored as as arrays. v1: https://lore.kernel.org/r/20240812-ipv6_addr-helpers-v1-0-aab5d1f35c40@kernel.org ==================== Link: https://patch.msgid.link/20240813-ipv6_addr-helpers-v2-0-5c974f8cca3e@kernel.org Signed-off-by: Jakub Kicinski commit c7be6e70d20c0f8a20b484a0c51d2a12ef8f8ec7 Author: Simon Horman Date: Tue Aug 13 14:33:49 2024 +0100 net: hns3: Use ipv6_addr_{cpu_to_be32,be32_to_cpu} helpers Use new ipv6_addr_cpu_to_be32 and ipv6_addr_be32_to_cpu helpers, and IPV6_ADDR_WORDS. This is arguably slightly nicer. No functional change intended. Compile tested only. Suggested-by: Andrew Lunn Link: https://lore.kernel.org/netdev/c7684349-535c-45a4-9a74-d47479a50020@lunn.ch/ Reviewed-by: Andrew Lunn Reviewed-by: Jijie Shao Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240813-ipv6_addr-helpers-v2-3-5c974f8cca3e@kernel.org Signed-off-by: Jakub Kicinski commit b908c722133e3a158bf703b5003e7a8272e9d540 Author: Simon Horman Date: Tue Aug 13 14:33:48 2024 +0100 net: ethernet: mtk_eth_soc: Use ipv6_addr_{cpu_to_be32,be32_to_cpu} helpers Use ipv6_addr_cpu_to_be32 and ipv6_addr_be32_to_cpu helpers to convert address, rather than open coding the conversion. No functional change intended. Compile tested only. Suggested-by: Andrew Lunn Link: https://lore.kernel.org/netdev/c7684349-535c-45a4-9a74-d47479a50020@lunn.ch/ Reviewed-by: Andrew Lunn Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240813-ipv6_addr-helpers-v2-2-5c974f8cca3e@kernel.org Signed-off-by: Jakub Kicinski commit f40a455d01f80c6638be382d75cb1c4e7748d8af Author: Simon Horman Date: Tue Aug 13 14:33:47 2024 +0100 ipv6: Add ipv6_addr_{cpu_to_be32,be32_to_cpu} helpers Add helpers to convert an ipv6 addr, expressed as an array of words, from CPU to big-endian byte order, and vice versa. No functional change intended. Compile tested only. Suggested-by: Andrew Lunn Link: https://lore.kernel.org/netdev/c7684349-535c-45a4-9a74-d47479a50020@lunn.ch/ Reviewed-by: Andrew Lunn Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240813-ipv6_addr-helpers-v2-1-5c974f8cca3e@kernel.org Signed-off-by: Jakub Kicinski commit c39be5e818e7769704f69dd7e4528ef99dce9d0c Merge: 20f77dc7247138 6f2b72c04d58a4 Author: Jakub Kicinski Date: Fri Aug 16 10:25:05 2024 -0700 Merge branch 'net-dsa-microchip-ksz8795-add-wake-on-lan-support' Pieter Van Trappen says: ==================== net: dsa: microchip: ksz8795: add Wake on LAN support Add WoL support for KSZ8795 family of switches. This code was tested with a KSZ8794 chip. Strongly based on existing KSZ9477 code which has now been moved to ksz_common instead of duplicating, as proposed during the review of the v1 version of this patch. In addition to the device-tree addition and the actual code, there's two additional patches that fix some bugs found when further testing DSA with this KSZ8794 chip. v5: https://lore.kernel.org/20240812153015.653044-1-vtpieter@gmail.com v4: https://lore.kernel.org/20240812084945.578993-1-vtpieter@gmail.com v3: https://lore.kernel.org/20240806132606.1438953-1-vtpieter@gmail.com v2: https://lore.kernel.org/20240731103403.407818-1-vtpieter@gmail.com v1: https://lore.kernel.org/20240717193725.469192-1-vtpieter@gmail.com ==================== Link: https://patch.msgid.link/20240813142750.772781-1-vtpieter@gmail.com Signed-off-by: Jakub Kicinski commit 6f2b72c04d58a40c16f3cd858776517f16226119 Author: Pieter Van Trappen Date: Tue Aug 13 16:27:40 2024 +0200 net: dsa: microchip: fix tag_ksz egress mask for KSZ8795 family Fix the tag_ksz egress mask for DSA_TAG_PROTO_KSZ8795, the port is encoded in the two and not three LSB. This fix is for completeness, for example the bug doesn't manifest itself on the KSZ8794 because bit 2 seems to be always zero. Signed-off-by: Pieter Van Trappen Acked-by: Arun Ramadoss Link: https://patch.msgid.link/20240813142750.772781-7-vtpieter@gmail.com Signed-off-by: Jakub Kicinski commit 0d3edc90c4a0ac77332a25e1e6b709a39b202de9 Author: Pieter Van Trappen Date: Tue Aug 13 16:27:39 2024 +0200 net: dsa: microchip: fix KSZ87xx family structure wrt the datasheet The KSZ87xx switches have 32 static MAC address table entries and not 8. This fixes -ENOSPC non-critical errors from ksz8_add_sta_mac when configured as a bridge. Add a new ksz87xx_dev_ops structure to be able to use the ksz_r_mib_stat64 pointer for this family; this corrects a wrong mib->counters cast to ksz88xx_stats_raw. This fixes iproute2 statistics. Rename ksz8_dev_ops structure to ksz88x3_dev_ops, in line with ksz_is_* naming conventions from ksz_common.h. Signed-off-by: Pieter Van Trappen Acked-by: Arun Ramadoss Link: https://patch.msgid.link/20240813142750.772781-6-vtpieter@gmail.com Signed-off-by: Jakub Kicinski commit 90b06ac06529b4c90af97763e57cf38d96999827 Author: Pieter Van Trappen Date: Tue Aug 13 16:27:38 2024 +0200 net: dsa: microchip: add WoL support for KSZ87xx family Add WoL support for KSZ87xx family of switches. This code was tested with a KSZ8794 chip. Implement ksz_common usage of the new device-tree property 'microchip,pme-active-high'. Make use of the now generalized ksz_common WoL functions, adding an additional interrupt register write for KSZ87xx. Add helper functions to convert from PME (port) read/writes to indirect register read/writes in the dedicated ksz8795 sources. Add initial configuration during (port) setup as per KSZ9477. Signed-off-by: Pieter Van Trappen Acked-by: Arun Ramadoss Link: https://patch.msgid.link/20240813142750.772781-5-vtpieter@gmail.com Signed-off-by: Jakub Kicinski commit fd250fed1f8856c37caa7b9a5e6015ad6f5011e5 Author: Pieter Van Trappen Date: Tue Aug 13 16:27:37 2024 +0200 net: dsa: microchip: generalize KSZ9477 WoL functions at ksz_common Generalize KSZ9477 WoL functions at ksz_common. Move dedicated registers and generic masks to existing structures & defines for that purpose. Introduction of PME (port) read/write helper functions, which happen to be the generic read/write for KSZ9477 but not for the incoming KSZ87xx patch. Signed-off-by: Pieter Van Trappen Acked-by: Arun Ramadoss Link: https://patch.msgid.link/20240813142750.772781-4-vtpieter@gmail.com Signed-off-by: Jakub Kicinski commit f3ac6198a719857c492b04b0a8eb22c2cc81197b Author: Pieter Van Trappen Date: Tue Aug 13 16:27:36 2024 +0200 net: dsa: microchip: move KSZ9477 WoL functions to ksz_common Move KSZ9477 WoL functions to ksz_common, in preparation for adding KSZ87xx family support. Signed-off-by: Pieter Van Trappen Acked-by: Arun Ramadoss Link: https://patch.msgid.link/20240813142750.772781-3-vtpieter@gmail.com Signed-off-by: Jakub Kicinski commit 6a66873d820b4bd87a7c3f8e21b8bf4a76fa3223 Author: Pieter Van Trappen Date: Tue Aug 13 16:27:35 2024 +0200 dt-bindings: net: dsa: microchip: add microchip,pme-active-high flag Add microchip,pme-active-high property to set the PME (Power Management Event) pin polarity for Wake on Lan interrupts. Note that the polarity is active-low by default. Signed-off-by: Pieter Van Trappen Reviewed-by: Rob Herring (Arm) Reviewed-by: Oleksij Rempel Link: https://patch.msgid.link/20240813142750.772781-2-vtpieter@gmail.com Signed-off-by: Jakub Kicinski commit 20f77dc7247138c0c1463920f6d9829593804848 Author: Oleksij Rempel Date: Mon Aug 12 09:30:46 2024 +0200 net: phy: dp83tg720: Add cable testing support Introduce cable testing support for the DP83TG720 PHY. This implementation is based on the "DP83TG720S-Q1: Configuring for Open Alliance Specification Compliance (Rev. B)" application note. The feature has been tested with cables of various lengths: - No cable: 1m till open reported. - 5 meter cable: reported properly. - 20 meter cable: reported as 19m. - 40 meter cable: reported as cable ok. Reviewed-by: Andrew Lunn Signed-off-by: Oleksij Rempel Link: https://patch.msgid.link/20240812073046.1728288-3-o.rempel@pengutronix.de Signed-off-by: Jakub Kicinski commit 9e7c1a9b90334d3c87467f0204bf2bcd9794c22c Author: Oleksij Rempel Date: Mon Aug 12 09:30:45 2024 +0200 phy: Add Open Alliance helpers for the PHY framework Introduce helper functions specific to Open Alliance diagnostics, integrating them into the PHY framework. Currently, these helpers are limited to 1000BaseT1 specific TDR functionality. Signed-off-by: Oleksij Rempel Link: https://patch.msgid.link/20240812073046.1728288-2-o.rempel@pengutronix.de Signed-off-by: Jakub Kicinski commit 2140e63cd87fa707acf514d594725097bed018fd Author: Oleksij Rempel Date: Mon Aug 12 09:30:44 2024 +0200 ethtool: Add new result codes for TDR diagnostics Add new result codes to support TDR diagnostics in preparation for Open Alliance 1000BaseT1 TDR support: - ETHTOOL_A_CABLE_RESULT_CODE_NOISE: TDR not possible due to high noise level. - ETHTOOL_A_CABLE_RESULT_CODE_RESOLUTION_NOT_POSSIBLE: TDR resolution not possible / out of distance. Reviewed-by: Andrew Lunn Signed-off-by: Oleksij Rempel Link: https://patch.msgid.link/20240812073046.1728288-1-o.rempel@pengutronix.de Signed-off-by: Jakub Kicinski commit db3461a7743817ad7c73553902231b096616813a Author: Matthew Brost Date: Thu Aug 15 21:02:08 2024 -0700 drm/xe: Use for_each_remote_tile rather than manual check Replace for_each_tile plus a check against primary tile with for_each_remote_tile in tiles_fini. The latter macro does this for us. Signed-off-by: Matthew Brost Reviewed-by: Lucas De Marchi Reviewed-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240816040208.62695-1-matthew.brost@intel.com Signed-off-by: Lucas De Marchi commit 5a891a0e69f134f53cc91b409f38e5ea1cafaf0a Author: Daniele Ceraolo Spurio Date: Thu Aug 15 16:05:40 2024 -0700 drm/xe/uc: Use devm to register cleanup that includes exec_queues Exec_queue cleanup requires HW access, so we need to use devm instead of drmm for it. Signed-off-by: Daniele Ceraolo Spurio Cc: John Harrison Cc: Alan Previn Reviewed-by: Matthew Brost Reviewed-by: Lucas De Marchi Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240815230541.3828206-2-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit 2e5d47fe7839298fa096970e184aac9bf82c3bd3 Author: Daniele Ceraolo Spurio Date: Thu Aug 15 16:05:39 2024 -0700 drm/xe/uc: Use managed bo for HuC and GSC objects Drmm actions are not the right ones to clean up BOs and we should use devm instead. However, we can also instead just allocate the objects using the managed_bo function, which will internally register the correct cleanup call and therefore allows us to simplify the code. While at it, switch to drmm_kzalloc for the GSC proxy allocation to further simplify the cleanup. Cc: John Harrison Cc: Alan Previn Signed-off-by: Daniele Ceraolo Spurio Reviewed-by: Lucas De Marchi Reviewed-by: Matthew Brost Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240815230541.3828206-1-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit 17c40f3c94bc2279b879ea9ceb3eea973bcd1ac4 Author: Arnd Bergmann Date: Wed Aug 7 09:55:53 2024 +0200 leds: blinkm: Fix CONFIG_LEDS_CLASS_MULTICOLOR dependency With CONFIG_LEDS_CLASS_MULTICOLOR=m, a builtin leds-blinkm driver causes a link failure: arm-linux-gnueabi-ld: drivers/leds/leds-blinkm.o: in function `blinkm_set_mc_brightness': leds-blinkm.c:(.text.blinkm_set_mc_brightness+0xc): undefined reference to `led_mc_calc_color_components' Add a more specific dependency that only allows multicoler mode to be enabled for blinkm if it can build and link. Fixes: 56e8c56c9af0 ("leds: Add multicolor support to BlinkM LED driver") Signed-off-by: Arnd Bergmann Acked-by: Joseph Strauss Link: https://lore.kernel.org/r/20240807075614.2118068-1-arnd@kernel.org Signed-off-by: Lee Jones commit 82c5ada1f9d05902a4ccb926c7ce34e2fe699283 Author: Javier Carrasco Date: Wed Aug 7 15:37:03 2024 +0200 leds: pca995x: Fix device child node usage in pca995x_probe() The current implementation accesses the `child` fwnode handle outside of device_for_each_child_node() without incrementing its refcount. Add the missing call to `fwnode_handle_get(child)`. The cleanup process where `child` is accessed is not right either because a single call to `fwnode_handle_put()` is carried out in case of an error, ignoring unasigned nodes at the point when the error happens. Keep `child` inside of the first loop, and use the helper pointer that receives references via `fwnode_handle_get()` to handle the child nodes within the second loop. Keeping `child` inside the first node has also the advantage that the scoped version of the loop can be used. Fixes: ee4e80b2962e ("leds: pca995x: Add support for PCA995X chips") Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240807-leds-pca995x-fix-fwnode-usage-v1-1-8057c84dc583@gmail.com Signed-off-by: Lee Jones commit 616dbed65485c6e68325d00b6258a05369c14705 Author: Marek Vasut Date: Mon Jul 8 13:46:27 2024 +0200 dt-bindings: leds: Document "netdev" trigger Document the "netdev" trigger which is used to control LEDs by network device activity. This is an existing trigger used in existing DTs, document it so validation of those DTs would pass. Signed-off-by: Marek Vasut Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240708114653.18566-1-marex@denx.de Signed-off-by: Lee Jones commit b45af698d5114f9b666c7d8b58a9111d0526d7f7 Author: Bartosz Golaszewski Date: Fri Aug 16 12:23:45 2024 +0200 arm64: dts: qcom: sa8775p: fix the fastrpc label The fastrpc driver uses the label to determine the domain ID and create the device nodes. It should be "cdsp1" as this is the engine we use here. Fixes: df54dcb34ff2 ("arm64: dts: qcom: sa8775p: add ADSP, CDSP and GPDSP nodes") Reported-by: Ekansh Gupta Signed-off-by: Bartosz Golaszewski Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240816102345.16481-2-brgl@bgdev.pl Signed-off-by: Bjorn Andersson commit 25fb329a23c78d59a055a7b1329d18f30a2be92d Author: Thomas Weißschuh Date: Mon Aug 12 22:50:19 2024 +0200 tools/nolibc: x86_64: use local label in memcpy/memmove Compiling arch-x86_64.h with clang and binutils LD yields duplicate label errors: .../gcc-13.2.0-nolibc/x86_64-linux/bin/x86_64-linux-ld: error: LLVM gold plugin: :44:1: symbol '.Lbackward_copy' is already defined .Lbackward_copy:leaq -1(%rdi, %rcx, 1), %rdi Instead of a local symbol use a local label which can be defined multiple times and therefore avoids the error. Reviewed-by: Ammar Faizi Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240812-nolibc-lto-v2-3-736af7bbefa8@weissschuh.net Signed-off-by: Thomas Weißschuh commit ff7b9abbfce985b92f71c855246508edb0980cd6 Author: Thomas Weißschuh Date: Mon Aug 12 22:50:18 2024 +0200 tools/nolibc: stackprotector: mark implicitly used symbols as used During LTO the references from the compiler-generated prologue and epilogues to the stack protector symbols are not visible and the symbols are removed. This will then lead to errors during linking. As those symbols are already #ifdeffed-out if unused mark them as "used" to prevent their removal. Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240812-nolibc-lto-v2-2-736af7bbefa8@weissschuh.net Signed-off-by: Thomas Weißschuh commit 0021d6670d1a997549a39bf629da9940bf4068ed Author: Thomas Weißschuh Date: Mon Aug 12 22:50:17 2024 +0200 tools/nolibc: crt: mark _start_c() as used During LTO the reference from the asm startup code to the _start_c() function is not visible and _start_c() is removed. This will then lead to errors during linking. As _start_c() is indeed always used, mark it as such. Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240812-nolibc-lto-v2-1-736af7bbefa8@weissschuh.net Signed-off-by: Thomas Weißschuh commit 3e828c670b0ac8a9564c69f5c5ecf637b22a58d6 Author: Jeffrey Hugo Date: Fri Jul 26 09:53:10 2024 -0600 MAINTAINERS: qaic: Drop Pranjal as reviewer Pranjal's email address is bouncing. Signed-off-by: Jeffrey Hugo Reviewed-by: Carl Vanderlip Link: https://patchwork.freedesktop.org/patch/msgid/20240726155310.765164-1-quic_jhugo@quicinc.com commit ea1d6fb5b57135e8e05ebfaaf816e199baee96b3 Author: Beleswar Padhi Date: Thu Aug 8 13:11:27 2024 +0530 remoteproc: k3-dsp: Acquire mailbox handle during probe routine Acquire the mailbox handle during device probe and do not release handle in stop/detach routine or error paths. This removes the redundant requests for mbox handle later during rproc start/attach. This also allows to defer remoteproc driver's probe if mailbox is not probed yet. Signed-off-by: Beleswar Padhi Acked-by: Andrew Davis Link: https://lore.kernel.org/r/20240808074127.2688131-4-b-padhi@ti.com Signed-off-by: Mathieu Poirier commit f3f11cfe890733373ddbb1ce8991ccd4ee5e79e1 Author: Beleswar Padhi Date: Thu Aug 8 13:11:26 2024 +0530 remoteproc: k3-r5: Acquire mailbox handle during probe routine Acquire the mailbox handle during device probe and do not release handle in stop/detach routine or error paths. This removes the redundant requests for mbox handle later during rproc start/attach. This also allows to defer remoteproc driver's probe if mailbox is not probed yet. Signed-off-by: Beleswar Padhi Link: https://lore.kernel.org/r/20240808074127.2688131-3-b-padhi@ti.com Signed-off-by: Mathieu Poirier commit c81ef0cb576a3995edf24b63e9639881f19a2122 Author: Beleswar Padhi Date: Thu Aug 8 13:11:25 2024 +0530 remoteproc: k3-r5: Use devm_rproc_alloc() helper Use the device lifecycle managed allocation function. This helps prevent mistakes like freeing out of order in cleanup functions and forgetting to free on error paths. Signed-off-by: Beleswar Padhi Reviewed-by: Andrew Davis Link: https://lore.kernel.org/r/20240808074127.2688131-2-b-padhi@ti.com Signed-off-by: Mathieu Poirier commit af048ec9c05178206e845a88bfd3cb2884a43da7 Author: Dan Carpenter Date: Thu Aug 15 14:25:00 2024 +0300 iommu/arm-smmu-v3: Fix a NULL vs IS_ERR() check The arm_smmu_domain_alloc() function returns error pointers on error. It doesn't return NULL. Update the error checking to match. Fixes: 52acd7d8a413 ("iommu/arm-smmu-v3: Add support for domain_alloc_user fn") Signed-off-by: Dan Carpenter Reviewed-by: Shameer Kolothum Reviewed-by: Jason Gunthorpe Link: https://lore.kernel.org/r/9208cd0d-8105-40df-93e9-bdcdf0d55eec@stanley.mountain Signed-off-by: Will Deacon commit df49881956bab88298e754c73010196b49af6733 Author: Zhang Zekun Date: Thu Aug 15 19:15:04 2024 +0800 iommu/arm-smmu-v3: Remove the unused empty definition arm_smmu_sva_remove_dev_pasid() has been removed since commit d38c28dbefee ("iommu/arm-smmu-v3: Put the SVA mmu notifier in the smmu_domain"), remain the empty definition untouched in header file, which is used when CONFIG_ARM_SMMU_V3_SVA is not set. So, let's remove the unused definition. Signed-off-by: Zhang Zekun Reviewed-by: Jason Gunthorpe Link: https://lore.kernel.org/r/20240815111504.48810-1-zhangzekun11@huawei.com Signed-off-by: Will Deacon commit 98db56e4900837e4d5d3892b332dca76c8c9f68a Author: Rob Clark Date: Fri Aug 9 10:27:14 2024 -0700 iommu/arm-smmu: Un-demote unhandled-fault msg Previously this was dev_err_ratelimited() but it got changed to a ratelimited dev_dbg(). Change it back to dev_err(). Fixes: d525b0af0c3b ("iommu/arm-smmu: Pretty-print context fault related regs") Signed-off-by: Rob Clark Reviewed-by: Pranjal Shrivastava Link: https://lore.kernel.org/r/20240809172716.10275-1-robdclark@gmail.com Signed-off-by: Will Deacon commit 73d6eb7e77099054f7ce4a595767603cb4a096b1 Author: Michael Riesch Date: Fri Apr 12 14:54:09 2024 +0200 arm64: dts: rockchip: add wolfvision pf5 visualizer display Add device tree overlay for the WolfVision PF5 Visualizer display. Since there shall be additional variants of the WolfVision PF5 display in future, move common definitions to a device tree include file. Signed-off-by: Michael Riesch Link: https://lore.kernel.org/r/20240412-feature-wolfvision-pf5-display-v1-1-f032f32dba1a@wolfvision.net Signed-off-by: Heiko Stuebner commit d8226d8cfbaf5eb9771af8ad8b4e58697e2ffb74 Author: Rob Herring (Arm) Date: Wed Jul 31 10:51:24 2024 -0600 perf: arm_pmuv3: Add support for Armv9.4 PMU instruction counter Armv9.4/8.9 PMU adds optional support for a fixed instruction counter similar to the fixed cycle counter. Support for the feature is indicated in the ID_AA64DFR1_EL1 register PMICNTR field. The counter is not accessible in AArch32. Existing userspace using direct counter access won't know how to handle the fixed instruction counter, so we have to avoid using the counter when user access is requested. Acked-by: Mark Rutland Signed-off-by: Rob Herring (Arm) Tested-by: James Clark Link: https://lore.kernel.org/r/20240731-arm-pmu-3-9-icntr-v3-7-280a8d7ff465@kernel.org Signed-off-by: Will Deacon commit 2f62701fa5b0ee94c68d2fcfc470d08aef195441 Author: Rob Herring (Arm) Date: Wed Jul 31 10:51:23 2024 -0600 KVM: arm64: Refine PMU defines for number of counters There are 2 defines for the number of PMU counters: ARMV8_PMU_MAX_COUNTERS and ARMPMU_MAX_HWEVENTS. Both are the same currently, but Armv9.4/8.9 increases the number of possible counters from 32 to 33. With this change, the maximum number of counters will differ for KVM's PMU emulation which is PMUv3.4. Give KVM PMU emulation its own define to decouple it from the rest of the kernel's number PMU counters. The VHE PMU code needs to match the PMU driver, so switch it to use ARMPMU_MAX_HWEVENTS instead. Acked-by: Mark Rutland Reviewed-by: Marc Zyngier Signed-off-by: Rob Herring (Arm) Tested-by: James Clark Link: https://lore.kernel.org/r/20240731-arm-pmu-3-9-icntr-v3-6-280a8d7ff465@kernel.org Signed-off-by: Will Deacon commit 126d7d7cce5e048fb82477a9842d088d10ff0df6 Author: Rob Herring (Arm) Date: Wed Jul 31 10:51:22 2024 -0600 arm64: perf/kvm: Use a common PMU cycle counter define The PMUv3 and KVM code each have a define for the PMU cycle counter index. Move KVM's define to a shared location and use it for PMUv3 driver. Reviewed-by: Marc Zyngier Acked-by: Mark Rutland Signed-off-by: Rob Herring (Arm) Tested-by: James Clark Link: https://lore.kernel.org/r/20240731-arm-pmu-3-9-icntr-v3-5-280a8d7ff465@kernel.org Signed-off-by: Will Deacon commit f9b11aa00708d94a0cd78bfde34b68c0f95d8b50 Author: Rob Herring (Arm) Date: Wed Jul 31 10:51:21 2024 -0600 KVM: arm64: pmu: Use generated define for PMSELR_EL0.SEL access ARMV8_PMU_COUNTER_MASK is really a mask for the PMSELR_EL0.SEL register field. Make that clear by adding a standard sysreg definition for the register, and using it instead. Reviewed-by: Mark Rutland Acked-by: Mark Rutland Reviewed-by: Marc Zyngier Signed-off-by: Rob Herring (Arm) Tested-by: James Clark Link: https://lore.kernel.org/r/20240731-arm-pmu-3-9-icntr-v3-4-280a8d7ff465@kernel.org Signed-off-by: Will Deacon commit 741ee5284551cf5daae95d9c8c1e34f47382ed3c Author: Rob Herring (Arm) Date: Wed Jul 31 10:51:20 2024 -0600 KVM: arm64: pmu: Use arm_pmuv3.h register accessors Commit df29ddf4f04b ("arm64: perf: Abstract system register accesses away") split off PMU register accessor functions to a standalone header. Let's use it for KVM PMU code and get rid one copy of the ugly switch macro. Acked-by: Mark Rutland Reviewed-by: Marc Zyngier Signed-off-by: Rob Herring (Arm) Tested-by: James Clark Link: https://lore.kernel.org/r/20240731-arm-pmu-3-9-icntr-v3-3-280a8d7ff465@kernel.org Signed-off-by: Will Deacon commit a4a6e2078d85a9d94bcc7eab77845cb8cd39f680 Author: Rob Herring (Arm) Date: Wed Jul 31 10:51:19 2024 -0600 perf: arm_pmuv3: Prepare for more than 32 counters Various PMUv3 registers which are a mask of counters are 64-bit registers, but the accessor functions take a u32. This has been fine as the upper 32-bits have been RES0 as there has been a maximum of 32 counters prior to Armv9.4/8.9. With Armv9.4/8.9, a 33rd counter is added. Update the accessor functions to use a u64 instead. Acked-by: Mark Rutland Signed-off-by: Rob Herring (Arm) Tested-by: James Clark Link: https://lore.kernel.org/r/20240731-arm-pmu-3-9-icntr-v3-2-280a8d7ff465@kernel.org Signed-off-by: Will Deacon commit bf5ffc8c80e0cf5205849cd0c9c3cb261d2beee6 Author: Rob Herring (Arm) Date: Wed Jul 31 10:51:18 2024 -0600 perf: arm_pmu: Remove event index to counter remapping Xscale and Armv6 PMUs defined the cycle counter at 0 and event counters starting at 1 and had 1:1 event index to counter numbering. On Armv7 and later, this changed the cycle counter to 31 and event counters start at 0. The drivers for Armv7 and PMUv3 kept the old event index numbering and introduced an event index to counter conversion. The conversion uses masking to convert from event index to a counter number. This operation relies on having at most 32 counters so that the cycle counter index 0 can be transformed to counter number 31. Armv9.4 adds support for an additional fixed function counter (instructions) which increases possible counters to more than 32, and the conversion won't work anymore as a simple subtract and mask. The primary reason for the translation (other than history) seems to be to have a contiguous mask of counters 0-N. Keeping that would result in more complicated index to counter conversions. Instead, store a mask of available counters rather than just number of events. That provides more information in addition to the number of events. No (intended) functional changes. Acked-by: Mark Rutland Signed-off-by: Rob Herring (Arm) Tested-by: James Clark Link: https://lore.kernel.org/r/20240731-arm-pmu-3-9-icntr-v3-1-280a8d7ff465@kernel.org Signed-off-by: Will Deacon commit 48b035121a564f2695462fbab0d2af51cb4f4b7a Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:53 2024 -0600 perf: arm_pmu: Use of_property_present() Use of_property_present() to test for property presence rather than of_find_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Acked-by: Mark Rutland Reviewed-by: Anshuman Khandual Link: https://lore.kernel.org/r/20240731191312.1710417-15-robh@kernel.org Signed-off-by: Will Deacon commit d08ea4193a72c5e3090240872ff7ed60a70716e6 Author: Srinivas Kandagatla Date: Thu Aug 15 17:53:20 2024 +0100 ASoC: dt-bindings: qcom,lpass-wsa-macro: correct clocks on SM8250 we seems to have ended up with duplicate clocks for frame-sync on sm8250, it has both va and fsgen which are exactly same things. Remove the redundant va clock and make it align with other SoCs. Codec driver does not even handle va clock, so remove this from the bindings and examples to avoid any confusion. Signed-off-by: Srinivas Kandagatla Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240815165320.18836-1-srinivas.kandagatla@linaro.org Signed-off-by: Mark Brown commit 46765aaec4d78b9fef59e647ab228283991de075 Author: Alex Shi Date: Fri Aug 16 17:33:12 2024 +0800 KVM: PPC: Book3S HV: remove unused varible During build testing, we found a error: arch/powerpc/kvm/book3s_hv.c:4052:17: error: variable 'loops' set but not used unsigned long loops = 0; 1 error generated. Fix it by removing the unused variable. Fixes: b4deba5c41e9 ("KVM: PPC: Book3S HV: Implement dynamic micro-threading on POWER8") Signed-off-by: Alex Shi Signed-off-by: Michael Ellerman Link: https://msgid.link/20240816093313.327268-1-alexs@kernel.org commit 77c977327dfaa9ae2e154964cdb89ceb5c7b7cf1 Author: Dmitry Kandybka Date: Fri Aug 9 11:53:10 2024 +0300 wifi: rtw88: remove CPT execution branch never used In 'rtw_coex_action_bt_a2dp_pan', 'wl_cpt_test' and 'bt_cpt_test' are hardcoded to false, so corresponding 'table_case' and 'tdma_case' assignments are never met. Also 'rtw_coex_set_rf_para(rtwdev, chip->wl_rf_para_rx[1])' is never executed. Assuming that CPT was never fully implemented, remove lookalike leftovers. Compile tested only. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 76f631cb401f ("rtw88: coex: update the mechanism for A2DP + PAN") Signed-off-by: Dmitry Kandybka Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240809085310.10512-1-d.kandybka@gmail.com commit 338c9cba8d6f16c79c58c20d68561505a8170765 Author: Chin-Yen Lee Date: Fri Aug 9 15:20:11 2024 +0800 wifi: rtw89: 8852a: adjust ANA clock to 12M To reduce the I/O time from power save mode for 8852a, adjust ANA clock from 500k to 12M. Signed-off-by: Chin-Yen Lee Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240809072012.84152-6-pkshih@realtek.com commit 45742881f9eee2a4daeb6008e648a460dd3742cd Author: Ping-Ke Shih Date: Fri Aug 9 15:20:10 2024 +0800 wifi: rtw89: correct base HT rate mask for firmware Coverity reported that u8 rx_mask << 24 will become signed 32 bits, which casting to unsigned 64 bits will do sign extension. For example, putting 0x80000000 (signed 32 bits) to a u64 variable will become 0xFFFFFFFF_80000000. The real case we meet is: rx_mask[0...3] = ff ff 00 00 ra_mask = 0xffffffff_ff0ff000 After this fix: rx_mask[0...3] = ff ff 00 00 ra_mask = 0x00000000_ff0ff000 Fortunately driver does bitwise-AND with incorrect ra_mask and supported rates (1ss and 2ss rate only) afterward, so the final rate mask of original code is still correct. Addresses-Coverity-ID: 1504762 ("Unintended sign extension") Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240809072012.84152-5-pkshih@realtek.com commit 56310ddb50b190b3390fdc974aec455d0a516bd2 Author: Ping-Ke Shih Date: Fri Aug 9 15:20:09 2024 +0800 wifi: rtw89: remove unused C2H event ID RTW89_MAC_C2H_FUNC_READ_WOW_CAM to prevent out-of-bounds reading The handler of firmware C2H event RTW89_MAC_C2H_FUNC_READ_WOW_CAM isn't implemented, but driver expects number of handlers is NUM_OF_RTW89_MAC_C2H_FUNC_WOW causing out-of-bounds access. Fix it by removing ID. Addresses-Coverity-ID: 1598775 ("Out-of-bounds read") Fixes: ff53fce5c78b ("wifi: rtw89: wow: update latest PTK GTK info to mac80211 after resume") Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240809072012.84152-4-pkshih@realtek.com commit 82baae10d822747e7aa35cc6903f11729ec23820 Author: Kuan-Chung Chen Date: Fri Aug 9 15:20:08 2024 +0800 wifi: rtw89: 8922a: add digital compensation to avoid TX EVM degrade TX EVM will significantly decrease for long packets when the TX idle time increases. Introduce digital compensation based on TX idle time, to mitigate TX EVM degradation, and TX throughput improved from 1871 to 1947 Mbps. Signed-off-by: Kuan-Chung Chen Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240809072012.84152-3-pkshih@realtek.com commit 526929a326d177c856b61b9d9ec721553ac49390 Author: Kuan-Chung Chen Date: Fri Aug 9 15:20:07 2024 +0800 wifi: rtw89: 8852c: support firmware with fw_element Firmware from v1 will include fw_element so that the driver will loading parameters of BB and RF, TX power related tables from firmware. For the current flow, if fw_element is present, the driver will prioritize loading parameters and tables from firmware; otherwise, it will revert to the original loading method. Signed-off-by: Kuan-Chung Chen Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240809072012.84152-2-pkshih@realtek.com commit 93b81abc6ea9bf4eafec2af68484c6735e4f9167 Author: Yue Haibing Date: Sat Aug 10 17:39:44 2024 +0800 arm64/sve: Remove unused declaration read_smcr_features() Commit 391208485c3a ("arm64/sve: Remove SMCR pseudo register from cpufeature code") removed the implementation but leave declaration. Signed-off-by: Yue Haibing Reviewed-by: Mark Brown Reviewed-by: Zenghui Yu Reviewed-by: Anshuman Khandual Link: https://lore.kernel.org/r/20240810093944.2587809-1-yuehaibing@huawei.com Signed-off-by: Will Deacon commit ba8b7f7f2b7961471c2364b2b15d3a1c5407d63a Author: Hanjun Guo Date: Thu Aug 8 21:09:46 2024 +0800 ACPI: ARM64: add acpi_iort.h to MAINTAINERS IORT(Input Output Remapping Table) represents the I/O topology of an Arm-based system for use with the ACPI, so acpi_iort.h is for arm64 only. This helps git-send-email to figure out the proper maintainers when touching the file. Signed-off-by: Hanjun Guo Acked-by: Sudeep Holla Link: https://lore.kernel.org/r/20240808130946.1028376-1-guohanjun@huawei.com Signed-off-by: Will Deacon commit 9cd8062b38e61f11054f13b3c98695c7b1d73b11 Author: Andy Shevchenko Date: Thu Jun 6 19:50:05 2024 +0300 ACPI/IORT: Switch to use kmemdup_array() Let the kememdup_array() take care about multiplication and possible overflows. Signed-off-by: Andy Shevchenko Acked-by: Hanjun Guo Link: https://lore.kernel.org/r/20240606165005.3031490-1-andriy.shevchenko@linux.intel.com Signed-off-by: Will Deacon commit 4960f9a5a5ac7784e03c9b5fe5456e80557e4b32 Author: Yue Haibing Date: Mon Aug 5 22:00:38 2024 +0800 arm64: mm: Remove unused declaration early_io_map() Commit bf4b558eba92 ("arm64: add early_ioremap support") removed the implementation but leave declaration. Signed-off-by: Yue Haibing Reviewed-by: Anshuman Khandual Acked-by: Catalin Marinas Link: https://lore.kernel.org/r/20240805140038.1366033-1-yuehaibing@huawei.com Signed-off-by: Will Deacon commit c8a3231ae6d02b8f0cf08dc88f763f505dc35257 Author: Yue Haibing Date: Fri Aug 16 18:02:09 2024 +0800 ALSA: oss: Remove unused declarations These functions is never implemented and used. Signed-off-by: Yue Haibing Link: https://patch.msgid.link/20240816100209.879043-1-yuehaibing@huawei.com Signed-off-by: Takashi Iwai commit 5b39db6037e7cba1659f2149aef76934370aa6d5 Author: Dave Martin Date: Mon Jul 29 17:25:42 2024 +0100 arm64: el2_setup.h: Rename some labels to be more diff-friendly A minor anti-pattern has established itself in __init_el2_fgt, where each block of instructions is skipped by jumping to a label named for the next (typically unrelated) block. This makes diffs more noisy than necessary, since appending each new block to deal with some new architecture feature now requires altering a branch destination in the existing code. Fix it by naming the affected labels based on the block that is skipping itself instead, as is done elsewhere in the el2_setup code. No functional change. Signed-off-by: Dave Martin Link: https://lore.kernel.org/r/20240729162542.367059-1-Dave.Martin@arm.com Signed-off-by: Will Deacon commit fc2220c9b15828319b09384e68399b4afc6276d9 Author: Dave Martin Date: Mon Jul 29 16:20:05 2024 +0100 arm64: signal: Fix some under-bracketed UAPI macros A few SME-related sigcontext UAPI macros leave an argument unprotected from misparsing during macro expansion. Add parentheses around references to macro arguments where appropriate. Signed-off-by: Dave Martin Fixes: ee072cf70804 ("arm64/sme: Implement signal handling for ZT") Fixes: 39782210eb7e ("arm64/sme: Implement ZA signal handling") Reviewed-by: Mark Brown Link: https://lore.kernel.org/r/20240729152005.289844-1-Dave.Martin@arm.com Signed-off-by: Will Deacon commit 6ac96d6f9a8ec3227ceb1e935aeda61bdaeb62ac Author: Anshuman Khandual Date: Wed Jul 24 09:44:28 2024 +0530 arm64/mm: Drop TCR_SMP_FLAGS Earlier TCR_SMP_FLAGS gets conditionally set as TCR_SHARED with CONFIG_SMP. Currently CONFIG_SMP is always enabled on arm64 platforms, hence drop this indirection via TCR_SMP_FLAGS and instead always directly use TCR_SHARED. Cc: Catalin Marinas Cc: Will Deacon Cc: Ryan Roberts Cc: linux-arm-kernel@lists.infradead.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Anshuman Khandual Reviewed-by: Ryan Roberts Link: https://lore.kernel.org/r/20240724041428.573748-1-anshuman.khandual@arm.com Signed-off-by: Will Deacon commit 4b6049b643f42d5744cba685d602cd5bc79f31b3 Author: Anshuman Khandual Date: Wed Jul 24 10:17:12 2024 +0530 arm64/mm: Drop PMD_SECT_VALID This just drops off the macro PMD_SECT_VALID which remains unused. Because macro PMD_TYPE_SECT with same value (_AT(pmdval_t, 1) << 0), gets used for creating or updating given block mappings. Cc: Catalin Marinas Cc: Will Deacon Cc: Ryan Roberts Cc: linux-arm-kernel@lists.infradead.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Anshuman Khandual Reviewed-by: Ryan Roberts Link: https://lore.kernel.org/r/20240724044712.602210-1-anshuman.khandual@arm.com Signed-off-by: Will Deacon commit 94745807f3ebd379f23865e6dab196f220664179 Author: Toke Høiland-Jørgensen Date: Mon Aug 12 16:24:46 2024 +0200 wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit Syzbot points out that skb_trim() has a sanity check on the existing length of the skb, which can be uninitialised in some error paths. The intent here is clearly just to reset the length to zero before resubmitting, so switch to calling __skb_set_length(skb, 0) directly. In addition, __skb_set_length() already contains a call to skb_reset_tail_pointer(), so remove the redundant call. The syzbot report came from ath9k_hif_usb_reg_in_cb(), but there's a similar usage of skb_trim() in ath9k_hif_usb_rx_cb(), change both while we're at it. Reported-by: syzbot+98afa303be379af6cdb2@syzkaller.appspotmail.com Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240812142447.12328-1-toke@toke.dk commit daaf0dd0398d5e93b7304f35184ca182ed583681 Author: Sascha Hauer Date: Fri Aug 9 11:51:48 2024 +0200 wifi: mwifiex: keep mwifiex_cfg80211_ops constant With host_mlme support being added mwifiex_cfg80211_ops is no longer constant, but supplemented with the host_mlme related ops when host_mlme support is enabled. This doesn't work with multiple adapters when only few of then have host_mlme support. Duplicate mwifiex_cfg80211_ops before using it and keep the original constant. While at it mark mwifiex_cfg80211_ops const to prevent people from changing it again during runtime. Fixes: 36995892c271c ("wifi: mwifiex: add host mlme for client mode") Signed-off-by: Sascha Hauer Reviewed-by: Francesco Dolcini Acked-by: Brian Norris Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240809-mwifiex-duplicate-mwifiex_cfg80211_ops-v1-1-23e0e6290ace@pengutronix.de commit be9f086524b3ea17c27fb4cd57115bf873354791 Author: Cristian Marussi Date: Mon Aug 12 18:40:27 2024 +0100 firmware: arm_scmi: Update various protocols versions A few protocol versions had been increased with SCMI v3.2. Update accordingly the supported version define in the kernel stack, since all the mandatory base commands are indeed already supported. Signed-off-by: Cristian Marussi Message-Id: <20240812174027.3931160-1-cristian.marussi@arm.com> Reviewed-by: Dhruva Gole Signed-off-by: Sudeep Holla commit fc789363c9f095eda0ccbb57b179dba398a4b5b9 Author: Cristian Marussi Date: Mon Aug 12 18:33:40 2024 +0100 firmware: arm_scmi: Remove legacy transport-layer code Since all SCMI transports have been made standalone drivers, remove all the core SCMI stack legacy support that was needed to run transports as built into the stack. Signed-off-by: Cristian Marussi Message-Id: <20240812173340.3912830-10-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit 20bda12a0ea086c35a4cf7465f8014a248e59080 Author: Cristian Marussi Date: Mon Aug 12 18:33:39 2024 +0100 firmware: arm_scmi: Make VirtIO transport a standalone driver Make SCMI VirtIO transport a standalone driver that can be optionally loaded as a module. CC: Michael S. Tsirkin CC: Igor Skalkin CC: Peter Hilber Signed-off-by: Cristian Marussi Message-Id: <20240812173340.3912830-9-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit db9cc5e677783a8a9157804f4a61bb81d83049ac Author: Cristian Marussi Date: Mon Aug 12 18:33:38 2024 +0100 firmware: arm_scmi: Make OPTEE transport a standalone driver Make SCMI OPTEE transport a standalone driver that can be optionally loaded as a module. CC: Etienne Carriere Signed-off-by: Cristian Marussi Message-Id: <20240812173340.3912830-8-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit a41759500b7164abfe509e432b3da1619bc62763 Author: Cristian Marussi Date: Mon Aug 12 18:33:37 2024 +0100 firmware: arm_scmi: Make SMC transport a standalone driver Make SCMI SMC transport a standalone driver that can be optionally loaded as a module. CC: Peng Fan CC: Nikunj Kela Signed-off-by: Cristian Marussi Message-Id: <20240812173340.3912830-7-cristian.marussi@arm.com> [sudeep.holla: moved Clang Thumb2 build fix to the new makefile] Signed-off-by: Sudeep Holla commit f76506358078809461866086c5e224d949002016 Author: Jani Nikula Date: Wed Aug 14 13:00:35 2024 +0300 drm: use mem_is_zero() instead of !memchr_inv(s, 0, n) Use the mem_is_zero() helper where possible. Conversion done using cocci: | @@ | expression PTR; | expression SIZE; | @@ | | <... | ( | - memchr_inv(PTR, 0, SIZE) == NULL | + mem_is_zero(PTR, SIZE) | | | - !memchr_inv(PTR, 0, SIZE) | + mem_is_zero(PTR, SIZE) | | | - memchr_inv(PTR, 0, SIZE) | + !mem_is_zero(PTR, SIZE) | ) | ...> Reviewed-by: Kees Cook Link: https://patchwork.freedesktop.org/patch/msgid/20240814100035.3100852-2-jani.nikula@intel.com Signed-off-by: Jani Nikula commit 3942bb49728ad9e1f94d953a88af169a8f5d8099 Author: Jani Nikula Date: Wed Aug 14 13:00:34 2024 +0300 string: add mem_is_zero() helper to check if memory area is all zeros Almost two thirds of the memchr_inv() usages check if the memory area is all zeros, with no interest in where in the buffer the first non-zero byte is located. Checking for !memchr_inv(s, 0, n) is also not very intuitive or discoverable. Add an explicit mem_is_zero() helper for this use case. Reviewed-by: Kees Cook Reviewed-by: Andy Shevchenko Link: https://patchwork.freedesktop.org/patch/msgid/20240814100035.3100852-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit fbc64aafc99baabe4d4e4d5a58d6113aad7909c7 Author: Jani Nikula Date: Thu Aug 15 15:00:02 2024 +0300 drm/i915: make intel_display_power_domain_str() static The function isn't used outside of intel_display_power.c. Make it static. Suggested-by: Imre Deak Reviewed-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240815120002.3472727-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit 7d085bb17e3cab501218a7a4604aff6c4a8b9585 Author: Jani Nikula Date: Tue Aug 13 19:41:23 2024 +0300 drm/i915/hti: convert to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_hti.[ch] to struct intel_display. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240813164123.2674462-7-jani.nikula@intel.com Signed-off-by: Jani Nikula commit 6276706f33cc38ec59ebf03b680240ff74740c8a Author: Jani Nikula Date: Tue Aug 13 19:41:22 2024 +0300 drm/i915/display: convert dp aux backlight to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_dp_aux_backlight.[ch] to struct intel_display. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240813164123.2674462-6-jani.nikula@intel.com Signed-off-by: Jani Nikula commit d0fc54a201d673013b031ebce32e5d8a7e3bfb70 Author: Jani Nikula Date: Tue Aug 13 19:41:21 2024 +0300 drm/i915/lspcon: convert to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_lspcon.[ch] to struct intel_display. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240813164123.2674462-5-jani.nikula@intel.com Signed-off-by: Jani Nikula commit c6cbfc18138a22cfbffb208be92b18a531233528 Author: Jani Nikula Date: Tue Aug 13 19:41:20 2024 +0300 drm/i915/alpm: convert to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_alpm.[ch] to struct intel_display. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240813164123.2674462-4-jani.nikula@intel.com Signed-off-by: Jani Nikula commit 1b9e8095fa3ac29e3a00ba1326976b479fd809e0 Author: Jani Nikula Date: Tue Aug 13 19:41:19 2024 +0300 drm/i915/display: convert intel_load_detect.c to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_load_detect.[ch] to struct intel_display. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240813164123.2674462-3-jani.nikula@intel.com Signed-off-by: Jani Nikula commit 9aec90f9e545fba64ca47c18c37c588fa0d71b22 Author: Jani Nikula Date: Tue Aug 13 19:41:18 2024 +0300 drm/i915/display: convert intel_link_bw.c to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_link_bw.[ch] to struct intel_display. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240813164123.2674462-2-jani.nikula@intel.com Signed-off-by: Jani Nikula commit cb2f92569a2b7809a0569b380b9a6f2afa368cb2 Author: Jani Nikula Date: Tue Aug 13 19:41:17 2024 +0300 drm/i915/display: support struct intel_atomic_state in to_intel_display() Add support for converting struct intel_atomic_state pointers to struct intel_display pointers. Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240813164123.2674462-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit d32cf9fbcb613a8f43e2211e964ccc8bb7271dcf Author: Zhang Zekun Date: Fri Aug 16 10:18:26 2024 +0800 ALSA: aoa: Use helper function for_each_child_of_node() for_each_child_of_node can help to iterate through the device_node, and we don't need to use while loop. No functional change with this conversion. Signed-off-by: Zhang Zekun Link: https://patch.msgid.link/20240816021826.65190-1-zhangzekun11@huawei.com Signed-off-by: Takashi Iwai commit 8befe8fa5a4e4b30787b17e078d9d7b5cb92ea19 Author: Thomas Zimmermann Date: Wed Jul 31 14:17:21 2024 +0200 drm/tilcdc: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Jyri Sarha Cc: Tomi Valkeinen Reviewed-by: Tomi Valkeinen Link: https://patchwork.freedesktop.org/patch/msgid/20240731122311.1143153-10-tzimmermann@suse.de commit 34aa0a87f83b5322bd8541cd9534179c90c580d6 Author: Thomas Zimmermann Date: Wed Jul 31 14:17:20 2024 +0200 drm/radeon: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Alex Deucher Cc: "Christian König" Cc: Xinhui Pan Acked-by: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20240731122311.1143153-9-tzimmermann@suse.de commit 649ae0e0d55f6d432ea73298929560ecdfaabd05 Author: Thomas Zimmermann Date: Wed Jul 31 14:17:19 2024 +0200 drm/panel: panel-sony-acx565akm: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Neil Armstrong Cc: Jessica Zhang Reviewed-by: Jessica Zhang Link: https://patchwork.freedesktop.org/patch/msgid/20240731122311.1143153-8-tzimmermann@suse.de commit 7f75eb222d5c8c4b166ff99a38c85a3de97e0647 Author: Thomas Zimmermann Date: Wed Jul 31 14:17:18 2024 +0200 drm/panel: panel-samsung-s6e3ha2: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Neil Armstrong Cc: Jessica Zhang Reviewed-by: Jessica Zhang Link: https://patchwork.freedesktop.org/patch/msgid/20240731122311.1143153-7-tzimmermann@suse.de commit 21d6376865219277ca91bf95f9e54494c1ea7ae1 Author: Thomas Zimmermann Date: Wed Jul 31 14:17:17 2024 +0200 drm/panel: panel-samsung-s6e63j0x03: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Neil Armstrong Cc: Jessica Zhang Reviewed-by: Jessica Zhang Link: https://patchwork.freedesktop.org/patch/msgid/20240731122311.1143153-6-tzimmermann@suse.de commit f366d8804fc58f87b682bb02e8bf970b08e5df7d Author: Thomas Zimmermann Date: Wed Jul 31 14:17:16 2024 +0200 drm/panel: panel-orisetech-otm8009a: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Neil Armstrong Cc: Jessica Zhang Reviewed-by: Jessica Zhang Link: https://patchwork.freedesktop.org/patch/msgid/20240731122311.1143153-5-tzimmermann@suse.de commit b3a901841ed1edd65b2f4cb9dd890ea1e2fc7551 Author: Thomas Zimmermann Date: Wed Jul 31 14:17:15 2024 +0200 drm/panel: panel-novatak-nt35510: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Linus Walleij Cc: Neil Armstrong Cc: Jessica Zhang Reviewed-by: Jessica Zhang Link: https://patchwork.freedesktop.org/patch/msgid/20240731122311.1143153-4-tzimmermann@suse.de commit ddda6542c85304eff31fe433cc0fc2c0d03c8f3d Author: Thomas Zimmermann Date: Wed Jul 31 14:17:13 2024 +0200 drm/amdgpu: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Alex Deucher Cc: "Christian König" Cc: Xinhui Pan Acked-by: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20240731122311.1143153-2-tzimmermann@suse.de commit 9b49f55838b1f42b2624216ce494f0536669e8f0 Author: Patrisious Haddad Date: Sun Aug 11 11:56:42 2024 +0300 xfrm: Remove documentation WARN_ON to limit return values for offloaded SA The original idea to put WARN_ON() on return value from driver code was to make sure that packet offload doesn't have silent fallback to SW implementation, like crypto offload has. In reality, this is not needed as all *swan implementations followed this request and used explicit configuration style to make sure that "users will get what they ask". So instead of forcing drivers to make sure that even their internal flows don't return -EOPNOTSUPP, let's remove this WARN_ON. Signed-off-by: Patrisious Haddad Signed-off-by: Leon Romanovsky Signed-off-by: Steffen Klassert commit a809b92ee0f84c3f655b16a8b4d04bc3665d954a Merge: 4e996697a443a2 db639278e62171 Author: Dave Airlie Date: Fri Aug 16 12:56:37 2024 +1000 Merge tag 'drm-intel-next-2024-08-13' of https://gitlab.freedesktop.org/drm/i915/kernel into drm-next - Type-C programming fix for MTL+ (Gustavo) - Fix display clock workaround (Mitul) - Fix DP LTTPR detection (Imre) - Calculate vblank delay more accurately (Ville) - Make vrr_{enabling,disabling}() usable outside intel_display.c (Ville) - FBC clean-up (Ville) - DP link-training fixes and clean-up (Imre) - Make I2C terminology more inclusive (Easwar) - Make read-only array bw_gbps static const (Colin) - HDCP fixes and improvements (Suraj) - DP VSC SDP fixes and clean-ups (Suraj, Mitul) - Fix opregion leak in Xe code (Lucas) - Fix possible int overflow in skl_ddi_calculate_wrpll (Nikita)] - General display clean-ups and conversion towards intel_display (Jani) - On DP MST, Enable LT fallback for UHBR<->non-UHBR rates (Imre) - Add VRR condition for DPKGC Enablement (Suraj) - Use backlight power constants (Zimmermann) - Correct dual pps handling for MTL_PCH+ (Dnyaneshwar) - Dump DSC HW state (Imre) - Replace double blank with single blank after comma (Andi) - Read display register timeout on BMG (Mitul) Signed-off-by: Dave Airlie From: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/ZruWsyTv3nzdArDk@intel.com commit 399117317001d0f5bf4194feccaafa62b12e744f Merge: d440af37ba6fa3 c392d601939831 Author: Jakub Kicinski Date: Thu Aug 15 19:14:36 2024 -0700 Merge branch 'virtio-net-synchronize-op-admin-state' Jason Wang says: ==================== virtio-net: synchronize op/admin state This series tries to synchronize the operstate with the admin state which allows the lower virtio-net to propagate the link status to the upper devices like macvlan. This is done by toggling carrier during ndo_open/stop while doing other necessary serialization about the carrier settings during probe. While at it, also fix a race between probe and ndo_set_features as we didn't initalize the guest offload setting under rtnl lock. ==================== Link: https://patch.msgid.link/20240814052228.4654-1-jasowang@redhat.com Signed-off-by: Jakub Kicinski commit c392d6019398315526b0b508282f87c7b2318c72 Author: Jason Wang Date: Wed Aug 14 13:22:28 2024 +0800 virtio-net: synchronize probe with ndo_set_features We calculate guest offloads during probe without the protection of rtnl_lock. This lead to race between probe and ndo_set_features. Fix this by moving the calculation under the rtnl_lock. Fixes: 3f93522ffab2 ("virtio-net: switch off offloads on demand if possible on XDP set") Acked-by: Michael S. Tsirkin Signed-off-by: Jason Wang Link: https://patch.msgid.link/20240814052228.4654-5-jasowang@redhat.com Signed-off-by: Jakub Kicinski commit df28de7b00502761eba62490f413c65c9b175ed9 Author: Jason Wang Date: Wed Aug 14 13:22:27 2024 +0800 virtio-net: synchronize operstate with admin state on up/down This patch synchronizes operstate with admin state per RFC2863. This is done by trying to toggle the carrier upon open/close and synchronize with the config change work. This allows to propagate status correctly to stacked devices like: ip link add link enp0s3 macvlan0 type macvlan ip link set link enp0s3 down ip link show Before this patch: 3: enp0s3: mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000 link/ether 00:00:05:00:00:09 brd ff:ff:ff:ff:ff:ff ...... 5: macvlan0@enp0s3: mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000 link/ether b2:a9:c5:04:da:53 brd ff:ff:ff:ff:ff:ff After this patch: 3: enp0s3: mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000 link/ether 00:00:05:00:00:09 brd ff:ff:ff:ff:ff:ff ... 5: macvlan0@enp0s3: mtu 1500 qdisc noqueue state LOWERLAYERDOWN mode DEFAULT group default qlen 1000 link/ether b2:a9:c5:04:da:53 brd ff:ff:ff:ff:ff:ff Cc: Venkat Venkatsubra Cc: Gia-Khanh Nguyen Acked-by: Michael S. Tsirkin Signed-off-by: Jason Wang Link: https://patch.msgid.link/20240814052228.4654-4-jasowang@redhat.com Signed-off-by: Jakub Kicinski commit 224de6f886f8184fd448700a6d78f216694de948 Author: Jason Wang Date: Wed Aug 14 13:22:26 2024 +0800 virtio: allow driver to disable the configure change notification Sometime, it would be useful to disable the configure change notification from the driver. So this patch allows this by introducing a variable config_change_driver_disabled and only allow the configure change notification callback to be triggered when it is allowed by both the virtio core and the driver. It is set to false by default to hold the current semantic so we don't need to change any drivers. The first user for this would be virtio-net. Cc: Venkat Venkatsubra Cc: Gia-Khanh Nguyen Acked-by: Michael S. Tsirkin Signed-off-by: Jason Wang Link: https://patch.msgid.link/20240814052228.4654-3-jasowang@redhat.com Signed-off-by: Jakub Kicinski commit 0cb70ee4a6ee6b0a4b0e0f70a64a094c6fe05944 Author: Jason Wang Date: Wed Aug 14 13:22:25 2024 +0800 virtio: rename virtio_config_enabled to virtio_config_core_enabled Following patch will allow the config interrupt to be disabled by a specific driver via another boolean. So this patch renames virtio_config_enabled and relevant helpers to virtio_config_core_enabled. Cc: Venkat Venkatsubra Cc: Gia-Khanh Nguyen Acked-by: Michael S. Tsirkin Signed-off-by: Jason Wang Link: https://patch.msgid.link/20240814052228.4654-2-jasowang@redhat.com Signed-off-by: Jakub Kicinski commit 3396900aa273903639a1792afa4d23dc09bec291 Author: Matthew Brost Date: Fri Aug 9 16:28:30 2024 -0700 drm/xe: Fix tile fini sequence Only set tile->mmio.regs to NULL if not the root tile in tile_fini. The root tile mmio regs is setup ealier in MMIO init thus it should be set to NULL in mmio_fini. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Matthew Brost Reviewed-by: Lucas De Marchi Reviewed-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240809232830.3302251-1-matthew.brost@intel.com commit d440af37ba6fa301144c6fce2186fe0ab5a8f283 Author: Uros Bizjak Date: Wed Aug 14 09:06:38 2024 +0200 netdev: Add missing __percpu qualifier to a cast Add missing __percpu qualifier to a (void *) cast to fix dev.c:10863:45: warning: cast removes address space '__percpu' of expression sparse warning. Also remove now unneeded __force sparse directives. Found by GCC's named address space checks. There were no changes in the resulting object file. Signed-off-by: Uros Bizjak Link: https://patch.msgid.link/20240814070748.943671-1-ubizjak@gmail.com Signed-off-by: Jakub Kicinski commit fcb1aa5163b1ae4cf2864b688b08927aac51f51e Author: Xin Long Date: Mon Aug 12 13:17:53 2024 -0400 openvswitch: switch to per-action label counting in conntrack Similar to commit 70f06c115bcc ("sched: act_ct: switch to per-action label counting"), we should also switch to per-action label counting in openvswitch conntrack, as Florian suggested. The difference is that nf_connlabels_get() is called unconditionally when creating an ct action in ovs_ct_copy_action(). As with these flows: table=0,ip,actions=ct(commit,table=1) table=1,ip,actions=ct(commit,exec(set_field:0xac->ct_label),table=2) it needs to make sure the label ext is created in the 1st flow before the ct is committed in ovs_ct_commit(). Otherwise, the warning in nf_ct_ext_add() when creating the label ext in the 2nd flow will be triggered: WARN_ON(nf_ct_is_confirmed(ct)); Signed-off-by: Xin Long Reviewed-by: Aaron Conole Acked-by: Florian Westphal Link: https://patch.msgid.link/6b9347d5c1a0b364e88d900b29a616c3f8e5b1ca.1723483073.git.lucien.xin@gmail.com Signed-off-by: Jakub Kicinski commit e5efc2311cc437e2b565d164a3de884fa33f13e9 Author: Erwan Velu Date: Mon Aug 12 10:22:42 2024 +0200 net/mlx5: Use cpumask_local_spread() instead of custom code Commit 2acda57736de ("net/mlx5e: Improve remote NUMA preferences used for the IRQ affinity hints") removed the usage of cpumask_local_spread(). The issue explained in this commit was fixed by commit 406d394abfcd ("cpumask: improve on cpumask_local_spread() locality"). Since this commit, mlx5_cpumask_default_spread() is having the same behavior as cpumask_local_spread(). This commit is about : - removing the specific logic and use cpumask_local_spread() instead - passing mlx5_core_dev as argument to more flexibility mlx5_cpumask_default_spread() is kept as it could be useful for some future specific quirks. Signed-off-by: Erwan Velu Acked-by: Yury Norov Reviewed-by: Tariq Toukan Link: https://patch.msgid.link/20240812082244.22810-1-e.velu@criteo.com Signed-off-by: Jakub Kicinski commit 8ea71e23f821cd593549bc22d731752f30758567 Merge: 7cb43579641dc4 de67763cbdbba8 Author: Jakub Kicinski Date: Thu Aug 15 18:56:16 2024 -0700 Merge branch 'ip-random-cleanup-for-devinet-c' Kuniyuki Iwashima says: ==================== ip: Random cleanup for devinet.c patch 1 ~ 3 remove defensive !ifa->ifa_dev tests. patch 4 & 5 deduplicate common code. ==================== Link: https://patch.msgid.link/20240809235406.50187-1-kuniyu@amazon.com Signed-off-by: Jakub Kicinski commit de67763cbdbba8149eeb5d45ad0c6834f7c7b352 Author: Kuniyuki Iwashima Date: Fri Aug 9 16:54:06 2024 -0700 ip: Move INFINITY_LIFE_TIME to addrconf.h. INFINITY_LIFE_TIME is the common value used in IPv4 and IPv6 but defined in both .c files. Also, 0xffffffff used in addrconf_timeout_fixup() is INFINITY_LIFE_TIME. Let's move INFINITY_LIFE_TIME's definition to addrconf.h Signed-off-by: Kuniyuki Iwashima Link: https://patch.msgid.link/20240809235406.50187-6-kuniyu@amazon.com Signed-off-by: Jakub Kicinski commit 100465a91a900699db9c64fb55063affd15c4362 Author: Kuniyuki Iwashima Date: Fri Aug 9 16:54:05 2024 -0700 ipv4: Initialise ifa->hash in inet_alloc_ifa(). Whenever ifa is allocated, we call INIT_HLIST_NODE(&ifa->hash). Let's move it to inet_alloc_ifa(). Signed-off-by: Kuniyuki Iwashima Link: https://patch.msgid.link/20240809235406.50187-5-kuniyu@amazon.com Signed-off-by: Jakub Kicinski commit ecdae5168460f7260c0f8dad069aa06f9ba0706e Author: Kuniyuki Iwashima Date: Fri Aug 9 16:54:04 2024 -0700 ipv4: Remove redundant !ifa->ifa_dev check. Now, ifa_dev is only set in inet_alloc_ifa() and never NULL after ifa gets visible. Let's remove the unneeded NULL check for ifa->ifa_dev. Signed-off-by: Kuniyuki Iwashima Link: https://patch.msgid.link/20240809235406.50187-4-kuniyu@amazon.com Signed-off-by: Jakub Kicinski commit 6e701eb914124cf260a8b9a4350740f9a7407fc7 Author: Kuniyuki Iwashima Date: Fri Aug 9 16:54:03 2024 -0700 ipv4: Set ifa->ifa_dev in inet_alloc_ifa(). When a new IPv4 address is assigned via ioctl(SIOCSIFADDR), inet_set_ifa() sets ifa->ifa_dev if it's different from in_dev passed as an argument. In this case, ifa is always a newly allocated object, and ifa->ifa_dev is NULL. inet_set_ifa() can be called for an existing reused ifa, then, this check is always false. Let's set ifa_dev in inet_alloc_ifa() and remove the check in inet_set_ifa(). Now, inet_alloc_ifa() is symmetric with inet_rcu_free_ifa(). Signed-off-by: Kuniyuki Iwashima Link: https://patch.msgid.link/20240809235406.50187-3-kuniyu@amazon.com Signed-off-by: Jakub Kicinski commit e3af3d3c5b26c33a7950e34e137584f6056c4319 Author: Kuniyuki Iwashima Date: Fri Aug 9 16:54:02 2024 -0700 ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR). dev->ip_ptr could be NULL if we set an invalid MTU. Even then, if we issue ioctl(SIOCSIFADDR) for a new IPv4 address, devinet_ioctl() allocates struct in_ifaddr and fails later in inet_set_ifa() because in_dev is NULL. Let's move the check earlier. Signed-off-by: Kuniyuki Iwashima Link: https://patch.msgid.link/20240809235406.50187-2-kuniyu@amazon.com Signed-off-by: Jakub Kicinski commit 7cb43579641dc437941782b473387c6f8bbc1d25 Author: Pieter Van Trappen Date: Mon Aug 12 11:06:55 2024 +0200 net: macb: increase max_mtu for oversized frames Increase max_mtu from 1500 to 1518 bytes when not configured for jumbo frames. Use 1536 as a starting point as documented in macb.h for oversized (big) frames, which is the configuration applied in case jumbo frames capability is not configured; ref. macb_main.c. Signed-off-by: Pieter Van Trappen Link: https://patch.msgid.link/20240812090657.583821-1-vtpieter@gmail.com Signed-off-by: Jakub Kicinski commit e7d731326ef0622f103e5ed47d3405f71cdcd7f6 Author: Abhash Jha Date: Wed Aug 14 23:01:21 2024 +0530 selftests/net/pmtu.sh: Fix typo in error message The word 'expected' was spelled as 'exepcted'. Fixed the typo in this patch. Signed-off-by: Abhash Jha Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240814173121.33590-1-abhashkumarjha123@gmail.com Signed-off-by: Jakub Kicinski commit 4d3d3559fc7a56226d8a83ee68d72a900afd42c4 Merge: a9c60712d71ff0 a4a35f6cbebbf9 Author: Jakub Kicinski Date: Thu Aug 8 14:03:51 2024 -0700 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Cross-merge networking fixes after downstream PR. Conflicts: Documentation/devicetree/bindings/net/fsl,qoriq-mc-dpmac.yaml c25504a0ba36 ("dt-bindings: net: fsl,qoriq-mc-dpmac: add missed property phys") be034ee6c33d ("dt-bindings: net: fsl,qoriq-mc-dpmac: using unevaluatedProperties") https://lore.kernel.org/20240815110934.56ae623a@canb.auug.org.au drivers/net/dsa/vitesse-vsc73xx-core.c 5b9eebc2c7a5 ("net: dsa: vsc73xx: pass value in phy_write operation") fa63c6434b6f ("net: dsa: vsc73xx: check busy flag in MDIO operations") 2524d6c28bdc ("net: dsa: vsc73xx: use defined values in phy operations") https://lore.kernel.org/20240813104039.429b9fe6@canb.auug.org.au Resolve by using FIELD_PREP(), Stephen's resolution is simpler. Adjacent changes: net/vmw_vsock/af_vsock.c 69139d2919dd ("vsock: fix recursive ->recvmsg calls") 744500d81f81 ("vsock: add support for SIOCOUTQ ioctl") Link: https://patch.msgid.link/20240815141149.33862-1-pabeni@redhat.com Signed-off-by: Jakub Kicinski commit fdf1c728fac541891ef1aa773bfd42728626769c Author: Jiangshan Yi Date: Thu Aug 15 21:55:24 2024 +0800 samples/bpf: Fix compilation errors with cf-protection option Currently, compiling the bpf programs will result the compilation errors with the cf-protection option as follows in arm64 and loongarch64 machine when using gcc 12.3.1 and clang 17.0.6. This commit fixes the compilation errors by limited the cf-protection option only used in x86 platform. [root@localhost linux]# make M=samples/bpf ...... CLANG-bpf samples/bpf/xdp2skb_meta_kern.o error: option 'cf-protection=return' cannot be specified on this target error: option 'cf-protection=branch' cannot be specified on this target 2 errors generated. CLANG-bpf samples/bpf/syscall_tp_kern.o error: option 'cf-protection=return' cannot be specified on this target error: option 'cf-protection=branch' cannot be specified on this target 2 errors generated. ...... Fixes: 34f6e38f58db ("samples/bpf: fix warning with ignored-attributes") Reported-by: Jiangshan Yi Signed-off-by: Jiangshan Yi Signed-off-by: Andrii Nakryiko Tested-by: Qiang Wang Link: https://lore.kernel.org/bpf/20240815135524.140675-1-13667453960@163.com commit fab45b962749184e1a1a57c7c583782b78fad539 Author: Sam James Date: Tue Aug 13 20:49:06 2024 +0100 libbpf: Workaround -Wmaybe-uninitialized false positive In `elf_close`, we get this with GCC 15 -O3 (at least): ``` In function ‘elf_close’, inlined from ‘elf_close’ at elf.c:53:6, inlined from ‘elf_find_func_offset_from_file’ at elf.c:384:2: elf.c:57:9: warning: ‘elf_fd.elf’ may be used uninitialized [-Wmaybe-uninitialized] 57 | elf_end(elf_fd->elf); | ^~~~~~~~~~~~~~~~~~~~ elf.c: In function ‘elf_find_func_offset_from_file’: elf.c:377:23: note: ‘elf_fd.elf’ was declared here 377 | struct elf_fd elf_fd; | ^~~~~~ In function ‘elf_close’, inlined from ‘elf_close’ at elf.c:53:6, inlined from ‘elf_find_func_offset_from_file’ at elf.c:384:2: elf.c:58:9: warning: ‘elf_fd.fd’ may be used uninitialized [-Wmaybe-uninitialized] 58 | close(elf_fd->fd); | ^~~~~~~~~~~~~~~~~ elf.c: In function ‘elf_find_func_offset_from_file’: elf.c:377:23: note: ‘elf_fd.fd’ was declared here 377 | struct elf_fd elf_fd; | ^~~~~~ ``` In reality, our use is fine, it's just that GCC doesn't model errno here (see linked GCC bug). Suppress -Wmaybe-uninitialized accordingly by initializing elf_fd.fd to -1 and elf_fd.elf to NULL. I've done this in two other functions as well given it could easily occur there too (same access/use pattern). Signed-off-by: Sam James Signed-off-by: Andrii Nakryiko Link: https://gcc.gnu.org/PR114952 Link: https://lore.kernel.org/bpf/14ec488a1cac02794c2fa2b83ae0cef1bce2cb36.1723578546.git.sam@gentoo.org commit febb6f3e3ac196602cca5738d8a189d57392324a Author: Jeongjun Park Date: Wed Aug 7 23:31:10 2024 +0900 bpf: Remove __btf_name_valid() and change to btf_name_valid_identifier() __btf_name_valid() can be completely replaced with btf_name_valid_identifier, and since most of the time you already call btf_name_valid_identifier instead of __btf_name_valid , it would be appropriate to rename the __btf_name_valid function to btf_name_valid_identifier and remove __btf_name_valid. Signed-off-by: Jeongjun Park Signed-off-by: Andrii Nakryiko Reviewed-by: Alan Maguire Link: https://lore.kernel.org/bpf/20240807143110.181497-1-aha310510@gmail.com commit 362be5cbaec2a663eb86b7105313368b4a71fc1e Author: Dmitry Baryshkov Date: Sun Aug 4 08:40:06 2024 +0300 clk: qcom: dispcc-sm8250: use special function for Lucid 5LPE PLL According to msm-5.10 the lucid 5lpe PLLs have require slightly different configuration that trion / lucid PLLs, it doesn't set PLL_UPDATE_BYPASS bit. Add corresponding function and use it for the display clock controller on Qualcomm SM8350 platform. Fixes: 205737fe3345 ("clk: qcom: add support for SM8350 DISPCC") Signed-off-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240804-sm8350-fixes-v1-2-1149dd8399fe@linaro.org Signed-off-by: Bjorn Andersson commit 0e93c6320ecde0583de09f3fe801ce8822886fec Author: Dmitry Baryshkov Date: Sun Aug 4 08:40:05 2024 +0300 clk: qcom: dispcc-sm8250: use CLK_SET_RATE_PARENT for branch clocks Add CLK_SET_RATE_PARENT for several branch clocks. Such clocks don't have a way to change the rate, so set the parent rate instead. Fixes: 80a18f4a8567 ("clk: qcom: Add display clock controller driver for SM8150 and SM8250") Cc: stable@vger.kernel.org Signed-off-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240804-sm8350-fixes-v1-1-1149dd8399fe@linaro.org Signed-off-by: Bjorn Andersson commit 8d3a2d3d766a823c7510cdc17e6ff7c042c63b61 Author: Daniele Ceraolo Spurio Date: Fri Aug 9 16:12:35 2024 -0700 drm/xe: use devm instead of drmm for managed bo The BO cleanup touches the GGTT and therefore requires the HW to be available, so we need to use devm instead of drmm. Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/1160 Signed-off-by: Daniele Ceraolo Spurio Cc: Lucas De Marchi Cc: Matthew Auld Reviewed-by: Matthew Auld Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240809231237.1503796-2-daniele.ceraolospurio@intel.com Signed-off-by: Lucas De Marchi commit 8312d0f20f835a58d89edb1d55bf9a0f2aeceafa Author: Varadarajan Narayanan Date: Tue Jul 30 11:18:17 2024 +0530 arm64: dts: qcom: ipq5332: Add icc provider ability to gcc IPQ SoCs dont involve RPM in managing NoC related clocks and there is no NoC scaling. Linux itself handles these clocks. However, these should not be exposed as just clocks and align with other Qualcomm SoCs that handle these clocks from a interconnect provider. Hence include icc provider capability to the gcc node so that peripherals can use the interconnect facility to enable these clocks. Change USB to use the icc-clk framework for the iface clock. Reviewed-by: Konrad Dybcio Signed-off-by: Varadarajan Narayanan Link: https://lore.kernel.org/r/20240730054817.1915652-6-quic_varada@quicinc.com Signed-off-by: Bjorn Andersson commit a7948e0535db98a878a38a09cd9a251f651a9cf3 Merge: be7399872f7920 a500427c84d1c7 Author: Bjorn Andersson Date: Thu Aug 15 17:06:23 2024 -0500 Merge branch '20240730054817.1915652-2-quic_varada@quicinc.com' into arm64-for-6.12 Merge IPQ5332 interconnect binding from the topic branch, to gain access to the interconnect path defines. commit 92d04de25516fdcd7cdc378b5064df95a70d23dc Author: Varadarajan Narayanan Date: Tue Jul 30 11:18:16 2024 +0530 clk: qcom: ipq5332: Use icc-clk for enabling NoC related clocks Use the icc-clk framework to enable few clocks to be able to create paths and use the peripherals connected on those NoCs. Remove CLK_IGNORE_UNUSED from gpll4_main as all consumers have been identified. Reviewed-by: Dmitry Baryshkov Signed-off-by: Varadarajan Narayanan Link: https://lore.kernel.org/r/20240730054817.1915652-5-quic_varada@quicinc.com Signed-off-by: Bjorn Andersson commit 0e1ac23dfa3f635e486fdeb08206b981cb0a2a6b Author: Varadarajan Narayanan Date: Tue Jul 30 11:18:15 2024 +0530 clk: qcom: ipq5332: Register gcc_qdss_tsctr_clk_src gcc_qdss_tsctr_clk_src (enabled in the boot loaders and dependent on gpll4_main) was not registered as one of the ipq5332 clocks. Hence clk_disable_unused() disabled 'gpll4_main' assuming there were no consumers for 'gpll4_main' resulting in system freeze or reboots. Reviewed-by: Dmitry Baryshkov Fixes: 3d89d52970fd ("clk: qcom: add Global Clock controller (GCC) driver for IPQ5332 SoC") Signed-off-by: Varadarajan Narayanan Link: https://lore.kernel.org/r/20240730054817.1915652-4-quic_varada@quicinc.com Signed-off-by: Bjorn Andersson commit 34b8dbef668aed595a8e603c2e882e0ab65214f5 Author: Varadarajan Narayanan Date: Tue Jul 30 11:18:14 2024 +0530 dt-bindings: usb: qcom,dwc3: Update ipq5332 clock details Unlike MSM SoC, IPQ SoC doesn't use RPM to aggregate bandwidth requests and scale the NoC frequency. The NoCs are turned on and set to a specific frequency at boot time and that is used for the lifetime of the system. Hence interconnect was not considered previously. The same approach was used for PCIe and at that point the consensus was to move to interconnect. Hence implemented the ICC driver and updating the existing USB driver to use the ICC driver. USB uses icc-clk framework to enable the NoC interface clock. Hence the 'iface' clock is removed from the list of clocks. Update the clock-names list accordingly. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Varadarajan Narayanan Link: https://lore.kernel.org/r/20240730054817.1915652-3-quic_varada@quicinc.com Signed-off-by: Bjorn Andersson commit 2b148bf6030c31ccf0813044f00d911cb47229a0 Merge: 7554d532e03b4f a500427c84d1c7 Author: Bjorn Andersson Date: Thu Aug 15 17:05:22 2024 -0500 Merge branch '20240730054817.1915652-2-quic_varada@quicinc.com' into clk-for-6.12 Merge IPQ5332 interconnect binding additions through topic branchs to allow making the constants available in DeviceTree branch as well. commit a500427c84d1c7c59ebef6a70895fdf28ddb0884 Author: Varadarajan Narayanan Date: Tue Jul 30 11:18:13 2024 +0530 dt-bindings: interconnect: Add Qualcomm IPQ5332 support Add interconnect-cells to clock provider so that it can be used as icc provider. Add master/slave ids for Qualcomm IPQ5332 Network-On-Chip interfaces. This will be used by the gcc-ipq5332 driver for providing interconnect services using the icc-clk framework. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Varadarajan Narayanan Link: https://lore.kernel.org/r/20240730054817.1915652-2-quic_varada@quicinc.com Signed-off-by: Bjorn Andersson commit be7399872f79201c6ed7e97fb10e335b4cc87ea9 Author: Srinivas Kandagatla Date: Thu Aug 15 18:05:42 2024 +0100 arm64: dts: qcom: sm8250: move lpass codec macros to use clks directly Move lpass codecs va and wsa macros to use the clks directly from AFE clock controller instead of going via gfm mux like other codec macros and SoCs. This makes it more align with the other SoCs and codec macros in this SoC which take AFE clocks directly. This will also avoid an extra clk mux layer, provides consistency and avoids the buggy mux driver which will be removed. This should also fix RB5 audio. Remove the gfm mux drivers for both audiocc and aoncc. Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240815170542.20754-1-srinivas.kandagatla@linaro.org Signed-off-by: Bjorn Andersson commit 1a9544b832256817a387f952eb0badcb6416df7f Author: AngeloGioacchino Del Regno Date: Wed Aug 14 18:20:24 2024 +0200 arm64: dts: qcom: msm8998: Add disabled support for LPASS iommu for Q6 Add support for the LPASS (Q6) SMMU and keep it disabled as this is used only when the audio DSP is present and used, which is not mandatory to have. It is expected for board-specific device-trees to enable this node if supported. Signed-off-by: AngeloGioacchino Del Regno Signed-off-by: Marc Gonzalez Link: https://lore.kernel.org/r/20240814-lpass-v1-3-a5bb8f9dfa8b@freebox.fr [bjorn: s/iface/bus in clock-names, to match binding] Signed-off-by: Bjorn Andersson commit 562a2a89ab4e90f4e66bec1af518cd4be708b1ec Merge: a13676eac29c87 015dff12dfdeb8 Author: Bjorn Andersson Date: Thu Aug 15 16:11:50 2024 -0500 Merge branch '20240814-lpass-v1-1-a5bb8f9dfa8b@freebox.fr' into arm64-for-6.12 Merge MSM8998 GCC binding update, to get access to the newly introduced LPASS clock and GDSC constants. commit 7554d532e03b4f3a9e294077d38fb2403f2b5f7d Author: AngeloGioacchino Del Regno Date: Wed Aug 14 18:20:23 2024 +0200 clk: qcom: gcc-msm8998: Add Q6 BIMC and LPASS core, ADSP SMMU clocks Add the Q6 BIMC, LPASS core/adsp SMMU clocks to support audio related functionality on MSM8998 and APQ variants. As a final step to entirely enable the required clock tree for the lpass iommu and audio dsp, add the lpass core/adsp GDSCs. As a side note, it was found out that disabling the lpass core GDSC at any time would cause a system lockup (and reboot): disabling this GDSC will leave the lpass iommu completely unclocked, losing its state entirely - including the secure contexts that have been previously set-up from the bootloader/TrustZone. Losing this IOMMU configuration will trigger a hypervisor fault, which will reboot the system; the only workaround for this issue is to declare the lpass core gdsc as always-on. It should also not be forgotten that this is all about firmware and there may be a version of it that doesn't enable this GDSC at all before booting Linux, which is the reason why this specific declaration wasn't simply omitted. Signed-off-by: AngeloGioacchino Del Regno Signed-off-by: Marc Gonzalez Link: https://lore.kernel.org/r/20240814-lpass-v1-2-a5bb8f9dfa8b@freebox.fr Signed-off-by: Bjorn Andersson commit 2cb4fcc4d94d4e7150a47f59f42b64f72c7ba9cb Merge: 82ceaf6bcd7c7d 015dff12dfdeb8 Author: Bjorn Andersson Date: Thu Aug 15 16:10:24 2024 -0500 Merge branch '20240814-lpass-v1-1-a5bb8f9dfa8b@freebox.fr' into clk-for-6.12 Merge updates to MSM8998 GCC binding include file through topic branch, to make available the newly added constants to both clock and DeviceTree branch. commit 015dff12dfdeb8d94115ec829bc2e4b711075935 Author: AngeloGioacchino Del Regno Date: Wed Aug 14 18:20:22 2024 +0200 dt-bindings: clock: gcc-msm8998: Add Q6 and LPASS clocks definitions Add definitions for the Q6 BIMC, LPASS core and adsp smmu clocks, required to enable audio functionality on MSM8998. Add the GDSC definitions for the LPASS_ADSP_GDSC and LPASS_CORE_GDSC as a final step to enable the required clock tree for the lpass iommu and for the audio dsp itself. Signed-off-by: AngeloGioacchino Del Regno Signed-off-by: Marc Gonzalez Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240814-lpass-v1-1-a5bb8f9dfa8b@freebox.fr Signed-off-by: Bjorn Andersson commit b53f20b323ee3c5daa5494ad69e3ae0e77cfd82a Author: Alexander Gordeev Date: Thu Aug 15 09:20:46 2024 +0200 tools build: Provide consistent build options for fixdep The fixdep binary is being compiled and linked in one step. While the host linker flags are passed to the compiler the host compiler flags are missed. That leads to build errors at least on x86_64, arm64 and s390 as result of the compiler vs linker flags inconsistency. For example, during RPM package build redhat-hardened-ld script is provided to gcc, while redhat-hardened-cc1 script is missed. Provide both KBUILD_HOSTCFLAGS and KBUILD_HOSTLDFLAGS to avoid that. Fixes: ea974028a049f2ce ("tools build: Avoid circular .fixdep-in.o.cmd issues") Closes: https://lore.kernel.org/lkml/99ae0d34-ed76-4ca0-a9fd-c337da33c9f9@leemhuis.info/ Reported-by: Thorsten Leemhuis Reviewed-by: Brian Norris Signed-off-by: Alexander Gordeev Tested-by: Thorsten Leemhuis Acked-by: Jiri Olsa Link: https://lore.kernel.org/r/20240815072046.1002837-1-agordeev@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit e6b666de995e993bcda883ff045164f090e5506d Author: Danila Tikhonov Date: Thu Aug 8 21:40:19 2024 +0300 dt-bindings: soc: qcom: qcom,pmic-glink: Document SM7325 compatible The SM7325 is the closest SoC to the QCM6490 and is also identical to the SC7280. The SM7325 also requires both UCSI_NO_PARTNER_PDOS & UCSI_DELAY_DEVICE_PDOS quirks. Document the PMIC GLINK firmware interface on the SM7325 Platform by using the QCM6490 bindings as fallback. Signed-off-by: Danila Tikhonov Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240808184048.63030-6-danila@jiaxyga.com Signed-off-by: Bjorn Andersson commit 79b26c110545530fa2945050a2ffbb3c4e270228 Author: Danila Tikhonov Date: Thu Aug 8 21:40:18 2024 +0300 soc: qcom: pd_mapper: Add SM7325 compatible The Qualcomm SM7325 platform is identical to SC7280, so add compatibility leading to SC7280. Signed-off-by: Danila Tikhonov Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240808184048.63030-5-danila@jiaxyga.com Signed-off-by: Bjorn Andersson commit 31150c9e87b4a8fe8e726a6f50ac0933f5075532 Author: Danila Tikhonov Date: Thu Aug 8 21:40:16 2024 +0300 soc: qcom: socinfo: Add Soc IDs for SM7325 family Add Soc ID table entries for Qualcomm SM7325 family. Signed-off-by: Danila Tikhonov Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240808184048.63030-3-danila@jiaxyga.com Signed-off-by: Bjorn Andersson commit c580e7bfc0cd140b8d3cf73183e08ca8b23326db Author: Danila Tikhonov Date: Thu Aug 8 21:40:15 2024 +0300 dt-bindings: arm: qcom,ids: Add IDs for SM7325 family Add Qualcomm SM7325/SM7325P (yupik) SoC IDs. Signed-off-by: Danila Tikhonov Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240808184048.63030-2-danila@jiaxyga.com Signed-off-by: Bjorn Andersson commit ec532f3591ce6e6ed5ec6c35773a66aae118e1f0 Author: Heiko Stuebner Date: Thu Aug 15 18:25:19 2024 +0200 arm64: dts: rockchip: drop obsolete reset-names from rk356x rng node The reset-names property is not part of the binding, so drop it. It is also not used by the driver, so that property was likely a leftover from some vendor-kernel node. Fixes: afeccc408496 ("arm64: dts: rockchip: add DT entry for RNG to RK356x") Reported-by: Rob Herring Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240815162519.751193-1-heiko@sntech.de commit b0ee81dac3205db1e01019629c83595e9433d96b Author: Daniele Ceraolo Spurio Date: Wed Aug 14 13:56:54 2024 -0700 drm/xe: Make exec_queue_kill safe to call twice An upcoming PXP patch will kill queues at runtime when a PXP invalidation event occurs, so we need exec_queue_kill to be safe to call multiple times. v2: Add documentation (Matt B) Signed-off-by: Daniele Ceraolo Spurio Cc: Matthew Brost Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240814205654.1716586-1-daniele.ceraolospurio@intel.com commit 35ec1cdfc3fea11e5cbb2b17dccfc692430c73dd Merge: b97ce54743e598 69354085975ac6 Author: Martin KaFai Lau Date: Thu Aug 15 10:26:38 2024 -0700 Merge branch 'monitor network traffic for flaky test cases' Kui-Feng Lee says: ==================== Capture packets in the background for flaky test cases related to network features. We have some flaky test cases that are difficult to debug without knowing what the traffic looks like. Capturing packets, the CI log and packet files may help developers to fix these flaky test cases. This patch set monitors a few test cases. Recently, they have been showing flaky behavior. lo In IPv4 127.0.0.1:40265 > 127.0.0.1:55907: TCP, length 68, SYN lo In IPv4 127.0.0.1:55907 > 127.0.0.1:40265: TCP, length 60, SYN, ACK lo In IPv4 127.0.0.1:40265 > 127.0.0.1:55907: TCP, length 60, ACK lo In IPv4 127.0.0.1:55907 > 127.0.0.1:40265: TCP, length 52, ACK lo In IPv4 127.0.0.1:40265 > 127.0.0.1:55907: TCP, length 52, FIN, ACK lo In IPv4 127.0.0.1:55907 > 127.0.0.1:40265: TCP, length 52, RST, ACK Packet file: packets-2173-86-select_reuseport:sockhash_IPv4_TCP_LOOPBACK_test_detach_bpf-test.log #280/87 select_reuseport/sockhash IPv4/TCP LOOPBACK test_detach_bpf:OK The above block is the log of a test case. It shows every packet of a connection. The captured packets are stored in the file called packets-2173-86-select_reuseport:sockhash_IPv4_TCP_LOOPBACK_test_detach_bpf-test.log. We have a set of high-level helpers and a test_progs option to simplify the process of enabling the traffic monitor. netns_new() and netns_free() are helpers used to create and delete namespaces while also enabling the traffic monitor for the namespace based on the patterns provided by the "-m" option of test_progs. The value of the "-m" option is a list of patterns used to enable the traffic monitor for a group of tests or a file containing patterns. CI can utilize this option to enable monitoring. traffic_monitor_start() and traffic_monitor_stop() are low-level functions to start monitoring explicitly. You can have more controls, however high-level helpers are preferred. The following block is an example that monitors the network traffic of a test case in a network namespace. struct netns_obj *netns; ... netns = netns_new("test", true); if (!ASSERT_TRUE(netns, "netns_new")) goto err; ... test ... netns_free(netns); netns_new() will create a network namespace named "test" and bring up "lo" in the namespace. By passing "true" as the 2nd argument, it will set the network namespace of the current process to "test".netns_free() will destroy the namespace, and the process will leave the "test" namespace if the struct netns_obj returned by netns_new() is created with "true" as the 2nd argument. If the name of the test matches the patterns given by the "-m" option, the traffic monitor will be enabled for the "test" namespace as well. The packet files are located in the directory "/tmp/tmon_pcap/". The directory is intended to be compressed as a file so that developers can download it from the CI. This feature is enabled only if libpcap is available when building selftests. --- Changes from v7: - Remove ":" with "__" from the file names of traffic logs. ':' would cause an error of the upload-artifact action of github. - Move remove_netns() to avoid a forward declaration. Changes from v6: - Remove unnecessary memcpy for addresses. - Make packet messages similar to what tcpdump prints. - Check return value of inet_ntop(). - Remove duplicated errno in messages. - Print arphdr_type for not handled packets. - Set dev "lo" in make_netns(). - Avoid stacking netns by moving traffic_monitor_start() to earlier position. - Remove the word "packet" from packet messages. - Replace pipe with eventfd (wake_fd) to synchronize background threads. Changes from v5: - Remove "-m" completely if traffic monitor is not enabled. Changes from v4: - Use pkg-config to detect libpcap, and enable traffic monitor if there is libpcap. - Move traffic monitor functions back to network_helper.c, and pass extra parameters to traffic_monitor_start(). - Use flockfile() & funlockfile() to avoid log interleaving. - Show "In", "Out", "M" ... for captured packets. - Print a warning message if the user pass a "-m" when libpcap is not available. - Bring up dev lo in netns_new(). Changes from v3: - Rebase to the latest tip of bpf-next/for-next - Change verb back to C string. Changes from v2: - Include pcap header files conditionally. - Move the implementation of traffic monitor to test_progs.c. - Include test name and namespace as a part of names of packet files. - Parse and print ICMP(v4|v6) packets. - Add netns_new() and netns_free() to create and delete network namespaces. - Make tc_redirect, sockmap_listen and select_reuseport test in a network namespace. - Add the "-m" option to test_progs to enable traffic monitor for the tests matching the pattern. CI may use this option to enable monitoring for a given set of tests. Changes from v1: - Move to calling libpcap directly to capture packets in a background thread. - Print parsed packet information for TCP and UDP packets. v1: https://lore.kernel.org/all/20240713055552.2482367-5-thinker.li@gmail.com/ v2: https://lore.kernel.org/all/20240723182439.1434795-1-thinker.li@gmail.com/ v3: https://lore.kernel.org/all/20240730002745.1484204-1-thinker.li@gmail.com/ v4: https://lore.kernel.org/all/20240731193140.758210-1-thinker.li@gmail.com/ v5: https://lore.kernel.org/all/20240806221243.1806879-1-thinker.li@gmail.com/ v6: https://lore.kernel.org/all/20240807183149.764711-1-thinker.li@gmail.com/ v7: https://lore.kernel.org/all/20240810023534.2458227-2-thinker.li@gmail.com/ ==================== Signed-off-by: Martin KaFai Lau commit 69354085975ac61632ebceedebbeeeb0272620b8 Author: Kui-Feng Lee Date: Wed Aug 14 22:32:54 2024 -0700 selftests/bpf: Monitor traffic for select_reuseport. Enable traffic monitoring for the subtests of select_reuseport. Acked-by: Stanislav Fomichev Signed-off-by: Kui-Feng Lee Link: https://lore.kernel.org/r/20240815053254.470944-7-thinker.li@gmail.com Signed-off-by: Martin KaFai Lau commit b407b52b18505a7c09a77cbab022ec6cf82dc5f0 Author: Kui-Feng Lee Date: Wed Aug 14 22:32:53 2024 -0700 selftests/bpf: Monitor traffic for sockmap_listen. Enable traffic monitor for each subtest of sockmap_listen. Acked-by: Stanislav Fomichev Signed-off-by: Kui-Feng Lee Link: https://lore.kernel.org/r/20240815053254.470944-6-thinker.li@gmail.com Signed-off-by: Martin KaFai Lau commit 52a5b8a30fa882c4d363f7679b7db4a093550ac1 Author: Kui-Feng Lee Date: Wed Aug 14 22:32:52 2024 -0700 selftests/bpf: Monitor traffic for tc_redirect. Enable traffic monitoring for the test case tc_redirect. Acked-by: Stanislav Fomichev Signed-off-by: Kui-Feng Lee Link: https://lore.kernel.org/r/20240815053254.470944-5-thinker.li@gmail.com Signed-off-by: Martin KaFai Lau commit 1e115a58be0ffca63727dc0495dae924a19f8cd4 Author: Kui-Feng Lee Date: Wed Aug 14 22:32:51 2024 -0700 selftests/bpf: netns_new() and netns_free() helpers. netns_new()/netns_free() create/delete network namespaces. They support the option '-m' of test_progs to start/stop traffic monitor for the network namespace being created for matched tests. Acked-by: Stanislav Fomichev Signed-off-by: Kui-Feng Lee Link: https://lore.kernel.org/r/20240815053254.470944-4-thinker.li@gmail.com Signed-off-by: Martin KaFai Lau commit 23ab1cb6591dba7c97b65eb407cd71147bd878b8 Author: Matthew Auld Date: Mon Aug 12 15:13:32 2024 +0100 drm/xe: fix engine_class bounds check again This was fixed in commit b7dce525c4fc ("drm/xe/queue: fix engine_class bounds check"), but then re-introduced in commit 6f20fc09936e ("drm/xe: Move and export xe_hw_engine lookup.") which should only be simple code movement of the existing function. Fixes: 6f20fc09936e ("drm/xe: Move and export xe_hw_engine lookup.") Signed-off-by: Matthew Auld Cc: Dominik Grzegorzek Cc: Mika Kuoppala Cc: Matthew Brost Reviewed-by: Jonathan Cavitt Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240812141331.729843-2-matthew.auld@intel.com Signed-off-by: Lucas De Marchi commit 82ceaf6bcd7c7d01049c13f2461cc7830af41d53 Author: Satya Priya Kakitapalli Date: Tue Aug 13 14:28:46 2024 +0530 clk: qcom: Fix SM_CAMCC_8150 dependencies SM_CAMCC_8150 depends on SM_GCC_8150, which inturn depends on ARM64. Hence add the dependency to avoid below kernel-bot warning. WARNING: unmet direct dependencies detected for SM_GCC_8150 Depends on [n]: COMMON_CLK [=y] && COMMON_CLK_QCOM [=y] && (ARM64 || COMPILE_TEST [=n]) Selected by [y]: - SM_CAMCC_8150 [=y] && COMMON_CLK [=y] && COMMON_CLK_QCOM [=y] Fixes: ea73b7aceff6 ("clk: qcom: Add camera clock controller driver for SM8150") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408020234.jg9wrvhd-lkp@intel.com/ Signed-off-by: Satya Priya Kakitapalli Link: https://lore.kernel.org/r/20240813085846.941855-1-quic_skakitap@quicinc.com Signed-off-by: Bjorn Andersson commit bab0c7a0bc586e736b7cd2aac8e6391709a70ef2 Author: Satya Priya Kakitapalli Date: Mon Aug 12 10:43:05 2024 +0530 clk: qcom: gcc-sm8150: De-register gcc_cpuss_ahb_clk_src The branch clocks of gcc_cpuss_ahb_clk_src are marked critical and hence these clocks vote on XO blocking the suspend. De-register these clocks and its source as there is no rate setting happening on them. Fixes: 4433594bbe5d ("clk: qcom: gcc: Add global clock controller driver for SC8180x") Cc: stable@vger.kernel.org Signed-off-by: Satya Priya Kakitapalli Link: https://lore.kernel.org/r/20240812-gcc-sc8180x-fixes-v2-5-8b3eaa5fb856@quicinc.com Signed-off-by: Bjorn Andersson commit b8acaf2de8081371761ab4cf1e7a8ee4e7acc139 Author: Satya Priya Kakitapalli Date: Mon Aug 12 10:43:04 2024 +0530 clk: qcom: gcc-sc8180x: Fix the sdcc2 and sdcc4 clocks freq table Update the frequency tables of gcc_sdcc2_apps_clk and gcc_sdcc4_apps_clk as per the latest frequency plan. Fixes: 4433594bbe5d ("clk: qcom: gcc: Add global clock controller driver for SC8180x") Cc: stable@vger.kernel.org Signed-off-by: Satya Priya Kakitapalli Link: https://lore.kernel.org/r/20240812-gcc-sc8180x-fixes-v2-4-8b3eaa5fb856@quicinc.com Signed-off-by: Bjorn Andersson commit 818a2f8d5e4ad2c1e39a4290158fe8e39a744c70 Author: Satya Priya Kakitapalli Date: Mon Aug 12 10:43:03 2024 +0530 clk: qcom: gcc-sc8180x: Add GPLL9 support Add the missing GPLL9 pll and fix the gcc_parents_7 data to use the correct pll hw. Fixes: 4433594bbe5d ("clk: qcom: gcc: Add global clock controller driver for SC8180x") Cc: stable@vger.kernel.org Reviewed-by: Dmitry Baryshkov Signed-off-by: Satya Priya Kakitapalli Link: https://lore.kernel.org/r/20240812-gcc-sc8180x-fixes-v2-3-8b3eaa5fb856@quicinc.com Signed-off-by: Bjorn Andersson commit 648b4bde0aca2980ebc0b90cdfbb80d222370c3d Author: Satya Priya Kakitapalli Date: Mon Aug 12 10:43:02 2024 +0530 dt-bindings: clock: qcom: Add GPLL9 support on gcc-sc8180x Add the missing GPLL9 which is required for the gcc sdcc2 clock. Fixes: 0fadcdfdcf57 ("dt-bindings: clock: Add SC8180x GCC binding") Cc: stable@vger.kernel.org Acked-by: Krzysztof Kozlowski Signed-off-by: Satya Priya Kakitapalli Link: https://lore.kernel.org/r/20240812-gcc-sc8180x-fixes-v2-2-8b3eaa5fb856@quicinc.com Signed-off-by: Bjorn Andersson commit 1fc8c02e1d80463ce1b361d82b83fc43bb92d964 Author: Satya Priya Kakitapalli Date: Mon Aug 12 10:43:01 2024 +0530 clk: qcom: gcc-sc8180x: Register QUPv3 RCGs for DFS on sc8180x QUPv3 clocks support DFS on sc8180x platform but currently the code changes for it are missing from the driver, this results in not populating all the DFS supported frequencies and returns incorrect frequency when the clients request for them. Hence add the DFS registration for QUPv3 RCGs. Fixes: 4433594bbe5d ("clk: qcom: gcc: Add global clock controller driver for SC8180x") Cc: stable@vger.kernel.org Signed-off-by: Satya Priya Kakitapalli Link: https://lore.kernel.org/r/20240812-gcc-sc8180x-fixes-v2-1-8b3eaa5fb856@quicinc.com Signed-off-by: Bjorn Andersson commit a4e5af27e6f6a8b0d14bc0d7eb04f4a6c7291586 Author: Mike Tipton Date: Fri Aug 9 10:51:29 2024 +0530 clk: qcom: clk-rpmh: Fix overflow in BCM vote Valid frequencies may result in BCM votes that exceed the max HW value. Set vote ceiling to BCM_TCS_CMD_VOTE_MASK to ensure the votes aren't truncated, which can result in lower frequencies than desired. Fixes: 04053f4d23a4 ("clk: qcom: clk-rpmh: Add IPA clock support") Cc: stable@vger.kernel.org Signed-off-by: Mike Tipton Reviewed-by: Taniya Das Signed-off-by: Imran Shaik Link: https://lore.kernel.org/r/20240809-clk-rpmh-bcm-vote-fix-v2-1-240c584b7ef9@quicinc.com Signed-off-by: Bjorn Andersson commit db30c1160ca5f115476cd8c8008f67572acb2c08 Author: Jagadeesh Kona Date: Thu Aug 1 12:14:48 2024 +0530 dt-bindings: clock: qcom: Drop required-opps in required on SM8650 camcc On SM8650, the minimum voltage corner supported on MMCX from cmd-db is sufficient for clock controllers to operate and there is no need to specify the required-opps. Hence remove the required-opps property from the list of required properties for SM8650 camcc bindings. This fixes: arch/arm64/boot/dts/qcom/sm8650-hdk.dtb: clock-controller@ade0000: 'required-opps' is a required property arch/arm64/boot/dts/qcom/sm8650-mtp.dtb: clock-controller@ade0000: 'required-opps' is a required property arch/arm64/boot/dts/qcom/sm8650-qrd.dtb: clock-controller@ade0000: 'required-opps' is a required property Fixes: 1ae3f0578e0e ("dt-bindings: clock: qcom: Add SM8650 camera clock controller") Reported-by: Vladimir Zapolskiy Closes: https://lore.kernel.org/all/0f13ab6b-dff1-4b26-9707-704ae2e2b535@linaro.org/ Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202407070147.C9c3oTqS-lkp@intel.com/ Signed-off-by: Jagadeesh Kona Reviewed-by: Krzysztof Kozlowski Reviewed-by: Vladimir Zapolskiy Link: https://lore.kernel.org/r/20240801064448.29626-3-quic_jkona@quicinc.com Signed-off-by: Bjorn Andersson commit 6720e8dbcb1b6b3b43e38998b522088814ae1268 Author: Jagadeesh Kona Date: Thu Aug 1 12:14:47 2024 +0530 dt-bindings: clock: qcom: Drop required-opps in required on sm8650 videocc On SM8650, the minimum voltage corner supported on MMCX from cmd-db is sufficient for clock controllers to operate and there is no need to specify the required-opps. Hence remove the required-opps property from the list of required properties for SM8650 videocc bindings. This fixes: arch/arm64/boot/dts/qcom/sm8650-hdk.dtb: clock-controller@aaf0000: 'required-opps' is a required property arch/arm64/boot/dts/qcom/sm8650-mtp.dtb: clock-controller@aaf0000: 'required-opps' is a required property arch/arm64/boot/dts/qcom/sm8650-qrd.dtb: clock-controller@aaf0000: 'required-opps' is a required property Fixes: a6a61b9701d1 ("dt-bindings: clock: qcom: Add SM8650 video clock controller") Reported-by: Vladimir Zapolskiy Closes: https://lore.kernel.org/all/0f13ab6b-dff1-4b26-9707-704ae2e2b535@linaro.org/ Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202407070147.C9c3oTqS-lkp@intel.com/ Signed-off-by: Jagadeesh Kona Reviewed-by: Krzysztof Kozlowski Reviewed-by: Vladimir Zapolskiy Link: https://lore.kernel.org/r/20240801064448.29626-2-quic_jkona@quicinc.com Signed-off-by: Bjorn Andersson commit d0c2eccf64fd5b1a995c048cb6ad6fc53727fb17 Author: Rayyan Ansari Date: Tue Jul 16 09:56:20 2024 +0100 dt-bindings: clock: qcom,qcs404-turingcc: convert to dtschema Convert the bindings for the Turing Clock Controller on QCS404 from the old text format to yaml. Signed-off-by: Rayyan Ansari Acked-by: Conor Dooley Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240716085622.12182-2-rayyan.ansari@linaro.org Signed-off-by: Bjorn Andersson commit 386e0ac929f64de4c9df33e247d5acd514cd1c58 Author: Srinivas Kandagatla Date: Mon Jun 24 14:32:37 2024 +0100 dt-bindings: clock: Add x1e80100 LPASSCC reset controller X1E80100 LPASS (Low Power Audio Subsystem) clock controller provides reset support when it is under the control of Q6DSP. Add x1e80100 compatible to the existing sc8280xp as these reset controllers have same reg layout and compatible. Signed-off-by: Srinivas Kandagatla Reviewed-by: Krzysztof Kozlowski Acked-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240624-x1e-swr-reset-v2-2-8bc677fcfa64@linaro.org Signed-off-by: Bjorn Andersson commit 6319bdd24e4b29d82496c103ed6606e1a470bc13 Author: Srinivas Kandagatla Date: Mon Jun 24 14:32:36 2024 +0100 dt-bindings: clock: Add x1e80100 LPASS AUDIOCC reset controller X1E80100 LPASS (Low Power Audio Subsystem) Audio clock controller provides reset support when it is under the control of Q6DSP. Add x1e80100 compatible to the existing sc8280xp as these reset controllers have same reg layout and compatible. Signed-off-by: Srinivas Kandagatla Reviewed-by: Krzysztof Kozlowski Acked-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240624-x1e-swr-reset-v2-1-8bc677fcfa64@linaro.org Signed-off-by: Bjorn Andersson commit fd1036f7a73de55c9173d29067ff8c121be741fa Author: Luca Weiss Date: Wed Jun 19 23:02:48 2024 +0200 clk: qcom: a53-pll: Add MSM8226 a7pll support The MSM8226 has one PLL for its Cortex-A7 cores. The frequencies will be specified in devicetree. Signed-off-by: Luca Weiss Link: https://lore.kernel.org/r/20240619-msm8226-cpufreq-v1-4-85143f5291d1@lucaweiss.eu Signed-off-by: Bjorn Andersson commit 76709d35389ce81a29bcf1008f94f1a86951c803 Author: Luca Weiss Date: Wed Jun 19 23:02:47 2024 +0200 dt-bindings: clock: qcom,a53pll: Add msm8226-a7pll compatible Add the compatible for the A7PLL found in MSM8226 SoCs. Signed-off-by: Luca Weiss Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240619-msm8226-cpufreq-v1-3-85143f5291d1@lucaweiss.eu Signed-off-by: Bjorn Andersson commit 233ea1bda3f8fcc0629b332da0c02240ba6788e5 Author: Luca Weiss Date: Wed Jun 19 23:02:46 2024 +0200 dt-bindings: clock: qcom,a53pll: Allow opp-table subnode Allow placing an opp-table as a subnode that can be assigned using operating-points-v2 to specify the frequency table for the PLL. Signed-off-by: Luca Weiss Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240619-msm8226-cpufreq-v1-2-85143f5291d1@lucaweiss.eu Signed-off-by: Bjorn Andersson commit d63c77c5269652c32ad12eea98948a00cb6002ac Author: Ajit Pandey Date: Tue Jun 11 19:07:51 2024 +0530 clk: qcom: Add GPUCC driver support for SM4450 Add Graphics Clock Controller (GPUCC) support for SM4450 platform. Signed-off-by: Ajit Pandey Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240611133752.2192401-8-quic_ajipan@quicinc.com Signed-off-by: Bjorn Andersson commit ef404007677931b19896429151056d9926c6d5c5 Author: Ajit Pandey Date: Tue Jun 11 19:07:49 2024 +0530 clk: qcom: Add CAMCC driver support for SM4450 Add Camera Clock Controller (CAMCC) support for SM4450 platform. Signed-off-by: Ajit Pandey Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240611133752.2192401-6-quic_ajipan@quicinc.com Signed-off-by: Bjorn Andersson commit 76f05f1ec7664cc7ef7f26364aaa09044a34f8ac Author: Ajit Pandey Date: Tue Jun 11 19:07:47 2024 +0530 clk: qcom: Add DISPCC driver support for SM4450 Add Display Clock Controller (DISPCC) support for SM4450 platform. Signed-off-by: Ajit Pandey Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240611133752.2192401-4-quic_ajipan@quicinc.com Signed-off-by: Bjorn Andersson commit f5281aacec856e7e0beb643d74122595fc1fb4be Author: Kui-Feng Lee Date: Wed Aug 14 22:32:50 2024 -0700 selftests/bpf: Add the traffic monitor option to test_progs. Add option '-m' to test_progs to accept names and patterns of test cases. This option will be used later to enable traffic monitor that capture network packets generated by test cases. Acked-by: Stanislav Fomichev Signed-off-by: Kui-Feng Lee Link: https://lore.kernel.org/r/20240815053254.470944-3-thinker.li@gmail.com Signed-off-by: Martin KaFai Lau commit f52403b6bfea6994b017c58367aee9acdb9d9fd4 Author: Kui-Feng Lee Date: Wed Aug 14 22:32:49 2024 -0700 selftests/bpf: Add traffic monitor functions. Add functions that capture packets and print log in the background. They are supposed to be used for debugging flaky network test cases. A monitored test case should call traffic_monitor_start() to start a thread to capture packets in the background for a given namespace and call traffic_monitor_stop() to stop capturing. (Or, option '-m' implemented by the later patches.) lo In IPv4 127.0.0.1:40265 > 127.0.0.1:55907: TCP, length 68, SYN lo In IPv4 127.0.0.1:55907 > 127.0.0.1:40265: TCP, length 60, SYN, ACK lo In IPv4 127.0.0.1:40265 > 127.0.0.1:55907: TCP, length 60, ACK lo In IPv4 127.0.0.1:55907 > 127.0.0.1:40265: TCP, length 52, ACK lo In IPv4 127.0.0.1:40265 > 127.0.0.1:55907: TCP, length 52, FIN, ACK lo In IPv4 127.0.0.1:55907 > 127.0.0.1:40265: TCP, length 52, RST, ACK Packet file: packets-2173-86-select_reuseport:sockhash_IPv4_TCP_LOOPBACK_test_detach_bpf-test.log #280/87 select_reuseport/sockhash IPv4/TCP LOOPBACK test_detach_bpf:OK The above is the output of an example. It shows the packets of a connection and the name of the file that contains captured packets in the directory /tmp/tmon_pcap. The file can be loaded by tcpdump or wireshark. This feature only works if libpcap is available. (Could be found by pkg-config) Acked-by: Stanislav Fomichev Signed-off-by: Kui-Feng Lee Link: https://lore.kernel.org/r/20240815053254.470944-2-thinker.li@gmail.com Signed-off-by: Martin KaFai Lau commit d2a97be34548fc5643b4e9536ac8789d839f7374 Author: Rob Herring (Arm) Date: Thu Aug 15 12:23:05 2024 -0600 scripts/dtc: Update to upstream version v1.7.0-95-gbcd02b523429 Some pending overlay additions need the graph check fix. This adds the following commits from upstream: bcd02b523429 fdtoverlay: remove wrong singular article in a comment 84b056a89d3c checks: relax graph checks for overlays Signed-off-by: Rob Herring (Arm) commit 5f5f657a9c3efe16a2e1455b840c5009f9c75af5 Author: Jonas Karlman Date: Sat Jun 15 17:03:57 2024 +0000 drm/rockchip: dw_hdmi: Add max_tmds_clock validation Add max_tmds_clock validation to prepare for additions and changes to the MPLL config table. Use the same rate restrictions that is currently applied. The rate limit for RK3288, RK3399 and RK3568 is based on current mpll table. The rate limit for RK3228 and RK3328 is based on the inno-hdmi-phy pre-pll table. Signed-off-by: Jonas Karlman Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/20240615170417.3134517-7-jonas@kwiboo.se commit 1213b65e436d64611cf74ef8f005b22f6793275f Author: Jonas Karlman Date: Sat Jun 15 17:03:56 2024 +0000 drm/rockchip: dw_hdmi: Allow High TMDS Bit Rates Call dw_hdmi_set_high_tmds_clock_ratio in phy init ops to allow support of High TMDS Bit Rates used by HDMI2.0 display modes. Signed-off-by: Jonas Karlman Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/20240615170417.3134517-6-jonas@kwiboo.se commit a5d024541ec466f428e6c514577d511a40779c7b Author: Jonas Karlman Date: Sat Jun 15 17:03:55 2024 +0000 drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode EDID cannot be read on RK3328 until after read_hpd has been called and correct io voltage has been configured based on connection status. When a forced mode is used, e.g. video=1920x1080@60e, the connector detect ops, that in turn normally calls the read_hpd, never gets called. This result in reading EDID to fail in connector get_modes ops. Call dw_hdmi_rk3328_read_hpd at end of dw_hdmi_rk3328_setup_hpd to correct io voltage and allow reading EDID after setup_hpd. Fixes: 1c53ba8f22a1 ("drm/rockchip: dw_hdmi: add dw-hdmi support for the rk3328") Signed-off-by: Jonas Karlman Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/20240615170417.3134517-5-jonas@kwiboo.se commit 0ef968d91a20b5da581839f093f98f7a03a804f7 Author: Alex Bee Date: Sat Jun 15 17:03:54 2024 +0000 drm/rockchip: vop: Allow 4096px width scaling There is no reason to limit VOP scaling to 3840px width, the limit of RK3288, when there are newer VOP versions that support 4096px width. Change to enforce a maximum of 4096px width plane scaling, the maximum supported output width of the VOP versions supported by this driver. Fixes: 4c156c21c794 ("drm/rockchip: vop: support plane scale") Signed-off-by: Alex Bee Signed-off-by: Jonas Karlman Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/20240615170417.3134517-4-jonas@kwiboo.se commit da6f4130234448122fe3e66c8116f7d9eea8a5c7 Author: Heiko Stuebner Date: Sat Aug 10 23:14:38 2024 +0200 arm64: dts: rockchip: add product-data eeproms to QNAP TS433 The device contains two i2c-connected eeproms holding some product- specific values. One sitting on the mainboard and one on the statically connected backplane. While the eeprom chips themself have a size of 512 byte, the eeprom data only uses 256 byte each, probably to stay compatible with other models. Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240810211438.286441-3-heiko@sntech.de commit bbf3c7ff9dfa45be51500d23a1276991a7cd8c6e Author: Justin Stitt Date: Thu Aug 8 14:43:56 2024 -0700 lib/string_helpers: rework overflow-dependent code When @size is 0, the desired behavior is to allow unlimited bytes to be parsed. Currently, this relies on some intentional arithmetic overflow where --size gives us SIZE_MAX when size is 0. Explicitly spell out the desired behavior without relying on intentional overflow/underflow. Signed-off-by: Justin Stitt Link: https://lore.kernel.org/r/20240808-b4-string_helpers_caa133-v1-1-686a455167c4@google.com Signed-off-by: Kees Cook commit 0336f898881ae13b92dfd8b72e69ed1246eac762 Author: Kees Cook Date: Mon Aug 12 11:36:38 2024 -0700 coccinelle: Add rules to find str_down_up() replacements As done with str_up_down(), add checks for str_down_up() opportunities. 5 cases currently exist in the tree. Suggested-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240812183637.work.999-kees@kernel.org Reviewed-by: Andy Shevchenko Signed-off-by: Kees Cook commit f5c1ca3a15fdb867d2b535003f74e0b975eff116 Author: Kees Cook Date: Mon Aug 12 11:29:40 2024 -0700 string_choices: Add wrapper for str_down_up() The string choice functions which are not clearly true/false synonyms also have inverted wrappers. Add this for str_down_up() as well. Suggested-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240812182939.work.424-kees@kernel.org Reviewed-by: Andy Shevchenko Signed-off-by: Kees Cook commit 9b97452bcce77f8ef29b20c9662d95988b5990e4 Author: Michal Wajdeczko Date: Thu Jul 25 12:18:41 2024 +0200 coccinelle: Add rules to find str_up_down() replacements Add rules for finding places where str_up_down() can be used. This currently finds over 20 locations. Signed-off-by: Michal Wajdeczko Link: https://lore.kernel.org/r/20240725101841.574-2-michal.wajdeczko@intel.com Signed-off-by: Kees Cook commit a98ae7f045b29de4f48b191d5aeb4e803183d759 Author: Michal Wajdeczko Date: Thu Jul 25 12:18:40 2024 +0200 lib/string_choices: Add str_up_down() helper Add str_up_down() helper to return "up" or "down" string literal. Signed-off-by: Michal Wajdeczko Link: https://lore.kernel.org/r/20240725101841.574-1-michal.wajdeczko@intel.com Signed-off-by: Kees Cook commit 9c6b7fbbd7a2c2772a592adf9b2835371927a1d3 Author: Masahiro Yamada Date: Sun Jul 28 00:02:38 2024 +0900 fortify: use if_changed_dep to record header dependency in *.cmd files After building with CONFIG_FORTIFY_SOURCE=y, many .*.d files are left in lib/test_fortify/ because the compiler outputs header dependencies into *.d without fixdep being invoked. When compiling C files, if_changed_dep should be used so that the auto-generated header dependencies are recorded in .*.cmd files. Currently, if_changed is incorrectly used, and only two headers are hard-coded in lib/Makefile. In the previous patch version, the kbuild test robot detected new errors on GCC 7. GCC 7 or older does not produce test.d with the following test code: $ echo 'void b(void) __attribute__((__error__(""))); void a(void) { b(); }' | gcc -Wp,-MMD,test.d -c -o /dev/null -x c - Perhaps, this was a bug that existed in older GCC versions. Skip the tests for GCC<=7 for now, as this will be eventually solved when we bump the minimal supported GCC version. Link: https://lore.kernel.org/oe-kbuild-all/CAK7LNARmJcyyzL-jVJfBPi3W684LTDmuhMf1koF0TXoCpKTmcw@mail.gmail.com/T/#m13771bf78ae21adff22efc4d310c973fb4bcaf67 Signed-off-by: Masahiro Yamada Link: https://lore.kernel.org/r/20240727150302.1823750-4-masahiroy@kernel.org Signed-off-by: Kees Cook commit 5a8d0c46c9e024bed4805a9335fe6124d8a78d3a Author: Masahiro Yamada Date: Sun Jul 28 00:02:37 2024 +0900 fortify: move test_fortify.sh to lib/test_fortify/ This script is only used in lib/test_fortify/. There is no reason to keep it in scripts/. Signed-off-by: Masahiro Yamada Link: https://lore.kernel.org/r/20240727150302.1823750-3-masahiroy@kernel.org Signed-off-by: Kees Cook commit 4e9903b0861c9df3464b82db4a7025863bac1897 Author: Masahiro Yamada Date: Sun Jul 28 00:02:36 2024 +0900 fortify: refactor test_fortify Makefile to fix some build problems There are some issues in the test_fortify Makefile code. Problem 1: cc-disable-warning invokes compiler dozens of times To see how many times the cc-disable-warning is evaluated, change this code: $(call cc-disable-warning,fortify-source) to: $(call cc-disable-warning,$(shell touch /tmp/fortify-$$$$)fortify-source) Then, build the kernel with CONFIG_FORTIFY_SOURCE=y. You will see a large number of '/tmp/fortify-' files created: $ ls -1 /tmp/fortify-* | wc 80 80 1600 This means the compiler was invoked 80 times just for checking the -Wno-fortify-source flag support. $(call cc-disable-warning,fortify-source) should be added to a simple variable instead of a recursive variable. Problem 2: do not recompile string.o when the test code is updated The test cases are independent of the kernel. However, when the test code is updated, $(obj)/string.o is rebuilt and vmlinux is relinked due to this dependency: $(obj)/string.o: $(obj)/$(TEST_FORTIFY_LOG) always-y is suitable for building the log files. Problem 3: redundant code clean-files += $(addsuffix .o, $(TEST_FORTIFY_LOGS)) ... is unneeded because the top Makefile globally cleans *.o files. This commit fixes these issues and makes the code readable. Signed-off-by: Masahiro Yamada Link: https://lore.kernel.org/r/20240727150302.1823750-2-masahiroy@kernel.org Signed-off-by: Kees Cook commit 9ee6881454345c4bb518e9478415b32731da9858 Author: Yue Haibing Date: Wed Aug 14 11:30:04 2024 +0800 lockdown: Make lockdown_lsmid static Fix sparse warning: security/lockdown/lockdown.c:79:21: warning: symbol 'lockdown_lsmid' was not declared. Should it be static? Signed-off-by: Yue Haibing Reviewed-by: Kees Cook Signed-off-by: Paul Moore commit 6274df2530e35193ebac311d492d276a73162b57 Author: Miaoqing Pan Date: Thu Aug 15 19:03:22 2024 +0300 wifi: ath12k: fix the stack frame size warning in ath12k_mac_op_hw_scan Fix the following W=1 kernel build warning: drivers/net/wireless/ath/ath12k/mac.c: In function ‘ath12k_mac_op_hw_scan’: drivers/net/wireless/ath/ath12k/mac.c:3806:1: warning: the frame size of 1040 bytes is larger than 1024 bytes [-Wframe-larger-than=] Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3 Signed-off-by: Miaoqing Pan Acked-by: Jeff Johnson Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240809015841.2671448-1-quic_miaoqing@quicinc.com commit 4040b1139904b3f72b56862fc9a8d3e9abb69ffb Author: Sean Christopherson Date: Mon Jun 17 08:51:14 2024 -0700 context_tracking: Tag context_tracking_enabled_this_cpu() __always_inline Force context_tracking_enabled_this_cpu() to be inlined so that invoking it from guest_context_enter_irqoff(), which KVM uses in non-instrumentable code, doesn't unexpectedly leave a noinstr section. vmlinux.o: warning: objtool: vmx_vcpu_enter_exit+0x1c7: call to context_tracking_enabled_this_cpu() leaves .noinstr.text section vmlinux.o: warning: objtool: svm_vcpu_enter_exit+0x83: call to context_tracking_enabled_this_cpu() leaves .noinstr.text section Note, the CONFIG_CONTEXT_TRACKING_USER=n stub is already __always_inline. Signed-off-by: Sean Christopherson Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 4f336dc07eceb77d2164bc1121a5ae6003b19f55 Author: Valentin Schneider Date: Mon Apr 22 13:57:29 2024 +0200 context_tracking, rcu: Rename rcu_dyntick trace event into rcu_watching The "rcu_dyntick" naming convention has been turned into "rcu_watching" for all helpers now, align the trace event to that. To add to the confusion, the strings passed to the trace event are now reversed: when RCU "starts" the dyntick / EQS state, it "stops" watching. Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit c3dcd90b8f34f7fa796eccbfbd59a6bb47740832 Author: Valentin Schneider Date: Mon Apr 29 13:47:27 2024 +0200 rcu: Update stray documentation references to rcu_dynticks_eqs_{enter, exit}() rcu_dynticks_eqs_{enter, exit}() have been replaced by their context-tracking counterparts since commit: 171476775d32 ("context_tracking: Convert state to atomic_t") Update the stray documentation references. Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 32a9f26e5e266f0116cc8536e5e4544523ddd334 Author: Valentin Schneider Date: Mon Apr 29 16:43:36 2024 +0200 rcu: Rename rcu_momentary_dyntick_idle() into rcu_momentary_eqs() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, replace "dyntick_idle" into "eqs" to drop the dyntick reference. Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 3b18eb3f9f9e287214c3b99a4d02dcef264841ee Author: Valentin Schneider Date: Mon Apr 29 16:41:37 2024 +0200 rcu: Rename rcu_implicit_dynticks_qs() into rcu_watching_snap_recheck() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, drop the dyntick reference and update the name of this helper to express that it rechecks rdp->watching_snap after an earlier rcu_watching_snap_save(). Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 49f82c64fdc66447d839e77d2bd1c5b5b797590c Author: Valentin Schneider Date: Mon Apr 29 16:38:19 2024 +0200 rcu: Rename dyntick_save_progress_counter() into rcu_watching_snap_save() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, and the 'dynticks' prefix can be dropped without losing any meaning. Suggested-by: Frederic Weisbecker Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 76ce2b3d75305d02174655062e3a68a8f45117cd Author: Valentin Schneider Date: Mon Apr 29 14:05:29 2024 +0200 rcu: Rename struct rcu_data .exp_dynticks_snap into .exp_watching_snap The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, and the snapshot helpers are now prefix by "rcu_watching". Reflect that change into the storage variables for these snapshots. Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 2dba2230f9e26ad492fcd70e9ef2edc28313ea50 Author: Valentin Schneider Date: Mon Apr 29 14:05:29 2024 +0200 rcu: Rename struct rcu_data .dynticks_snap into .watching_snap The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, and the snapshot helpers are now prefix by "rcu_watching". Reflect that change into the storage variables for these snapshots. Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit fc1096ab1f318fd7cabb842279e88978bb31768e Author: Valentin Schneider Date: Mon Apr 29 13:11:34 2024 +0200 rcu: Rename rcu_dynticks_zero_in_eqs() into rcu_watching_zero_in_eqs() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, reflect that change in the related helpers. Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 3116a32eb40464de61828787c21f0629a1c26cfa Author: Valentin Schneider Date: Tue Apr 16 17:21:25 2024 +0200 rcu: Rename rcu_dynticks_in_eqs_since() into rcu_watching_snap_stopped_since() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, the dynticks prefix can go. While at it, this helper is only meant to be called after failing an earlier call to rcu_watching_snap_in_eqs(), document this in the comments and add a WARN_ON_ONCE() for good measure. Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 9629936d06d05540d4dc83cee1167422a477a818 Author: Valentin Schneider Date: Tue Apr 16 17:18:18 2024 +0200 rcu: Rename rcu_dynticks_in_eqs() into rcu_watching_snap_in_eqs() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, reflect that change in the related helpers. While at it, update a comment that still refers to rcu_dynticks_snap(), which was removed by commit: 7be2e6323b9b ("rcu: Remove full memory barrier on RCU stall printout") Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 654b578e4db04a68f9bfd0532edaeb7a87abc945 Author: Valentin Schneider Date: Tue Apr 16 12:25:31 2024 +0200 rcu: Rename rcu_dynticks_eqs_online() into rcu_watching_online() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, reflect that change in the related helpers. Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit fda70207135b60dd1a7c8f16cc036bb1cc344490 Author: Valentin Schneider Date: Tue Apr 16 11:01:23 2024 +0200 context_tracking, rcu: Rename rcu_dynticks_curr_cpu_in_eqs() into rcu_is_watching_curr_cpu() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, reflect that change in the related helpers. Note that "watching" is the opposite of "in EQS", so the negation is lifted out of the helper and into the callsites. Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit b1b91fd1bece511dfe05d41675c624a4506e409d Author: Valentin Schneider Date: Tue Apr 16 10:53:45 2024 +0200 context_tracking, rcu: Rename rcu_dynticks_task*() into rcu_task*() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, and the 'dynticks' prefix can be dropped without losing any meaning. While at it, flip the suffixes of these helpers. We are not telling that we are entering dynticks mode from an RCU-task perspective anymore; we are telling that we are exiting RCU-tasks because we are in eqs mode. [ neeraj.upadhyay: Incorporate Frederic Weisbecker feedback. ] Suggested-by: Frederic Weisbecker Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit ca35f2837927d73441cfb51174b824ae82a15f93 Author: Frank Li Date: Mon Aug 12 12:50:35 2024 -0400 dt-bindings: soc: fsl: cpm_qe: convert network.txt to yaml Convert binding doc newwork.txt to yaml format. HDLC part: - Convert to "fsl,ucc-hdlc.yaml". - Add missed reg and interrupt property. - Update example to pass build. ethernet part: - Convert to net/fsl,cpm-enet.yaml - Add 0x in example, which should be hex value - Add ref to ethernet-controller.yaml mdio part: - Convert to net/fsl,cpm-mdio.yaml - Add 0x in example, which should be hex value - Add ref to mdio.yaml Signed-off-by: Frank Li Acked-by: Jakub Kicinski Link: https://lore.kernel.org/r/20240812165041.3815525-1-Frank.Li@nxp.com Signed-off-by: Rob Herring (Arm) commit d33ebd57b987bb8dc499f4468170c8f85f64fe72 Author: Zhiguo Niu Date: Fri Jul 26 14:27:26 2024 +0800 f2fs: fix to use per-inode maxbytes and cleanup This is a supplement to commit 6d1451bf7f84 ("f2fs: fix to use per-inode maxbytes") for some missed cases, also cleanup redundant code in f2fs_llseek. Cc: Chengguang Xu Signed-off-by: Zhiguo Niu Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit f97a11c86cc38da14fd1d44fde767ae2ee1b6ebe Author: Zijie Wang Date: Mon Apr 1 21:24:08 2024 +0800 f2fs: use f2fs_get_node_page when write inline data We just need inode page when write inline data, use f2fs_get_node_page() to get it instead of using dnode_of_data, which can eliminate unnecessary struct use. Signed-off-by: Zijie Wang Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 6f092b55e1ad2d5c6a82d91dcf93534aeefcf1b9 Author: liujinbao1 Date: Wed Feb 21 15:32:49 2024 +0800 f2fs: sysfs: support atgc_enabled When we add "atgc" to the fstab table, ATGC is not immediately enabled. There is a 7-day time threshold, and we can use "atgc_enabled" to show whether ATGC is enabled. Signed-off-by: liujinbao1 Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit b722ff8ad66cf9beba971d9eb4bb7b5e6265ae5c Author: Wenjie Cheng Date: Fri Jun 14 00:48:41 2024 +0000 Revert "f2fs: use flush command instead of FUA for zoned device" This reverts commit c550e25bca660ed2554cbb48d32b82d0bb98e4b1. Commit c550e25bca660ed2554cbb48d32b82d0bb98e4b1 ("f2fs: use flush command instead of FUA for zoned device") used additional flush command to keep write order. Since Commit dd291d77cc90eb6a86e9860ba8e6e38eebd57d12 ("block: Introduce zone write plugging") has enabled the block layer to handle this order issue, there is no need to use flush command. Signed-off-by: Wenjie Cheng Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 5bcde45578624c43eb35bb739b03c50459971865 Author: Chao Yu Date: Tue Jun 18 15:26:20 2024 +0800 f2fs: get rid of buffer_head use Convert to use folio and related functionality. Cc: Matthew Wilcox Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 0cac51185e65dc2a20686184e02f3cafc99eb202 Author: Chao Yu Date: Thu Jun 27 15:15:21 2024 +0800 f2fs: fix to avoid racing in between read and OPU dio write If lfs mode is on, buffered read may race w/ OPU dio write as below, it may cause buffered read hits unwritten data unexpectly, and for dio read, the race condition exists as well. Thread A Thread B - f2fs_file_write_iter - f2fs_dio_write_iter - __iomap_dio_rw - f2fs_iomap_begin - f2fs_map_blocks - __allocate_data_block - allocated blkaddr #x - iomap_dio_submit_bio - f2fs_file_read_iter - filemap_read - f2fs_read_data_folio - f2fs_mpage_readpages - f2fs_map_blocks : get blkaddr #x - f2fs_submit_read_bio IRQ - f2fs_read_end_io : read IO on blkaddr #x complete IRQ - iomap_dio_bio_end_io : direct write IO on blkaddr #x complete In LFS mode, if there is inflight dio, let's wait for its completion, this policy won't cover all race cases, however it is a tradeoff which avoids abusing lock around IO paths. Fixes: f847c699cff3 ("f2fs: allow out-place-update for direct IO in LFS mode") Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 96cfeb0389530ae32ade8a48ae3ae1ac3b6c009d Author: Chao Yu Date: Thu Jun 27 15:17:11 2024 +0800 f2fs: fix to wait dio completion It should wait all existing dio write IOs before block removal, otherwise, previous direct write IO may overwrite data in the block which may be reused by other inode. Cc: stable@vger.kernel.org Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit aaf8c0b9ae042494cb4585883b15c1332de77840 Author: Chao Yu Date: Wed Jun 26 09:47:27 2024 +0800 f2fs: reduce expensive checkpoint trigger frequency We may trigger high frequent checkpoint for below case: 1. mkdir /mnt/dir1; set dir1 encrypted 2. touch /mnt/file1; fsync /mnt/file1 3. mkdir /mnt/dir2; set dir2 encrypted 4. touch /mnt/file2; fsync /mnt/file2 ... Although, newly created dir and file are not related, due to commit bbf156f7afa7 ("f2fs: fix lost xattrs of directories"), we will trigger checkpoint whenever fsync() comes after a new encrypted dir created. In order to avoid such performance regression issue, let's record an entry including directory's ino in global cache whenever we update directory's xattr data, and then triggerring checkpoint() only if xattr metadata of target file's parent was updated. This patch updates to cover below no encryption case as well: 1) parent is checkpointed 2) set_xattr(dir) w/ new xnid 3) create(file) 4) fsync(file) Fixes: bbf156f7afa7 ("f2fs: fix lost xattrs of directories") Reported-by: wangzijie Reported-by: Zhiguo Niu Tested-by: Zhiguo Niu Reported-by: Yunlei He Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 3496d2d0bf2442839cedfdadbbd12bfee6e7a039 Author: Hugues KAMBA MPIANA Date: Thu Aug 15 15:56:22 2024 +0100 dt-bindings: arm: Update Corstone-1000 maintainers The previous maintainers are no longer working on the Corstone-1000. - Add new maintainers: Abdellatif El Khlifi, Hugues Kamba Mpiana - Remove maintainers: Vishnu Banavath, Rui Miguel Silva - Update contact information for existing maintainers Signed-off-by: Hugues KAMBA MPIANA Link: https://lore.kernel.org/r/20240815145622.377614-1-hugues.kambampiana@arm.com Signed-off-by: Rob Herring (Arm) commit b8c02878292200ebb5b4a8cfc9dbf227327908bd Author: Sergey Bostandzhyan Date: Wed Aug 14 17:00:46 2024 +0000 arm64: dts: rockchip: Add DTS for FriendlyARM NanoPi R2S Plus The R2S Plus is basically an R2S with additional eMMC. The eMMC configuration for the DTS has been extracted and copied from rk3328-nanopi-r2.dts, v2017.09 branch from the friendlyarm/uboot-rockchip repository. Signed-off-by: Sergey Bostandzhyan Link: https://lore.kernel.org/r/20240814170048.23816-2-jin@mediatomb.cc Signed-off-by: Heiko Stuebner commit e68b29cb711e80b1bd50366c5cdf8310c9ac24f3 Author: Sergey Bostandzhyan Date: Wed Aug 14 17:00:47 2024 +0000 dt-bindings: arm: rockchip: Add NanoPi R2S Plus Add the NanoPi R2S Plus variant, which is an R2S with eMMC. Signed-off-by: Sergey Bostandzhyan Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240814170048.23816-3-jin@mediatomb.cc Signed-off-by: Heiko Stuebner commit ac01c8c4246546fd8340a232f3ada1921dc0ee48 Author: Matt Fleming Date: Thu Aug 15 15:22:12 2024 +0100 perf hist: Update hist symbol when updating maps AddressSanitizer found a use-after-free bug in the symbol code which manifested as 'perf top' segfaulting. ==1238389==ERROR: AddressSanitizer: heap-use-after-free on address 0x60b00c48844b at pc 0x5650d8035961 bp 0x7f751aaecc90 sp 0x7f751aaecc80 READ of size 1 at 0x60b00c48844b thread T193 #0 0x5650d8035960 in _sort__sym_cmp util/sort.c:310 #1 0x5650d8043744 in hist_entry__cmp util/hist.c:1286 #2 0x5650d8043951 in hists__findnew_entry util/hist.c:614 #3 0x5650d804568f in __hists__add_entry util/hist.c:754 #4 0x5650d8045bf9 in hists__add_entry util/hist.c:772 #5 0x5650d8045df1 in iter_add_single_normal_entry util/hist.c:997 #6 0x5650d8043326 in hist_entry_iter__add util/hist.c:1242 #7 0x5650d7ceeefe in perf_event__process_sample /home/matt/src/linux/tools/perf/builtin-top.c:845 #8 0x5650d7ceeefe in deliver_event /home/matt/src/linux/tools/perf/builtin-top.c:1208 #9 0x5650d7fdb51b in do_flush util/ordered-events.c:245 #10 0x5650d7fdb51b in __ordered_events__flush util/ordered-events.c:324 #11 0x5650d7ced743 in process_thread /home/matt/src/linux/tools/perf/builtin-top.c:1120 #12 0x7f757ef1f133 in start_thread nptl/pthread_create.c:442 #13 0x7f757ef9f7db in clone3 ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 When updating hist maps it's also necessary to update the hist symbol reference because the old one gets freed in map__put(). While this bug was probably introduced with 5c24b67aae72f54c ("perf tools: Replace map->referenced & maps->removed_maps with map->refcnt"), the symbol objects were leaked until c087e9480cf33672 ("perf machine: Fix refcount usage when processing PERF_RECORD_KSYMBOL") was merged so the bug was masked. Fixes: c087e9480cf33672 ("perf machine: Fix refcount usage when processing PERF_RECORD_KSYMBOL") Reported-by: Yunzhao Li Signed-off-by: Matt Fleming (Cloudflare) Cc: Ian Rogers Cc: kernel-team@cloudflare.com Cc: Namhyung Kim Cc: Riccardo Mancini Cc: stable@vger.kernel.org # v5.13+ Link: https://lore.kernel.org/r/20240815142212.3834625-1-matt@readmodwrite.com Signed-off-by: Arnaldo Carvalho de Melo commit c7085d08c7e53d9aef0cdd4b20798356f6f5d469 Author: Suraj Kandpal Date: Tue Aug 13 09:58:07 2024 +0530 drm/i915/pps: Disable DPLS_GATING around pps sequence Disable bit 29 of SCLKGATE_DIS register around pps sequence when we turn panel power on. --v2 -Squash two commit together [Jani] -Use IS_DISPLAY_VER [Jani] -Fix multiline comment [Jani] --v3 -Define register in a more appropriate place [Mitul] --v4 -Register is already defined no need to define it again [Ville] -Use correct WA number (lineage no.) [Dnyaneshwar] -Fix the range on which this WA is applied [Dnyaneshwar] Bspec: 49304 Signed-off-by: Suraj Kandpal Reviewed-by: Dnyaneshwar Bhadane Link: https://patchwork.freedesktop.org/patch/msgid/20240813042807.4015214-1-suraj.kandpal@intel.com commit 0a9173541b3f8cde8ad923eebd2e157650e13f35 Author: Shenghao Ding Date: Thu Aug 15 12:21:35 2024 +0800 ASoc: tas2781: Remove unnecessary line feed and space Remove unnecessary line feed for tasdevice_dsp_create_ctrls, and remove two unnecessary spaces in tas2563_digital_gain_get and tas2563_digital_gain_put. Signed-off-by: Shenghao Ding Link: https://patch.msgid.link/20240815042138.1997-1-shenghao-ding@ti.com Signed-off-by: Mark Brown commit dd925902634def895690426bf10e0a8b3e56f56d Author: Suraj Kandpal Date: Fri Aug 9 17:11:28 2024 +0530 drm/i915/hdcp: Use correct cp_irq_count We are checking cp_irq_count from the wrong hdcp structure which ends up giving timed out errors. We only increment the cp_irq_count of the primary connector's hdcp structure but here in case of multidisplay setup we end up checking the secondary connector's hdcp structure, which will not have its cp_irq_count incremented. This leads to a timed out at CP_IRQ error even though a CP_IRQ was raised. Extract it from the correct intel_hdcp structure. --v2 -Explain why it was the wrong hdcp structure [Jani] Fixes: 8c9e4f68b861 ("drm/i915/hdcp: Use per-device debugs") Signed-off-by: Suraj Kandpal Reviewed-by: Ankit Nautiyal Link: https://patchwork.freedesktop.org/patch/msgid/20240809114127.3940699-2-suraj.kandpal@intel.com commit a98a1a3c448820dfb3974839e1ccedf80b6fcacd Author: Louis Chauvet Date: Wed Aug 14 10:46:58 2024 +0200 drm/vkms: Formatting and typo fix Some newlines were missing around comments. Signed-off-by: Louis Chauvet Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240814-google-clarifications-v1-1-3ee76d7d0c28@bootlin.com commit 6a4ae7f095aae36ec3211fb6efd1a10b35b0fb8e Author: Javier Carrasco Date: Mon Jun 24 18:43:48 2024 +0200 drm/mediatek: ovl_adaptor: Use scoped variant of for_each_child_of_node() In order to avoid potential memory leaks if new error paths are added without a call to of_node_put(), use for_each_child_of_node_scoped() instead of for_each_child_of_node(). The former automatically decrements the refcount when the child goes out of scope, which removes the need for explicit calls to of_node_put(). Signed-off-by: Javier Carrasco Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20240624-mtk_disp_ovl_adaptor_scoped-v1-3-9fa1e074d881@gmail.com/ Signed-off-by: Chun-Kuang Hu commit 5beb6fba25db235b52eab34bde8112f07bb31d75 Author: Javier Carrasco Date: Mon Jun 24 18:43:47 2024 +0200 drm/mediatek: ovl_adaptor: Add missing of_node_put() Error paths that exit for_each_child_of_node() need to call of_node_put() to decerement the child refcount and avoid memory leaks. Add the missing of_node_put(). Cc: stable@vger.kernel.org Fixes: 453c3364632a ("drm/mediatek: Add ovl_adaptor support for MT8195") Signed-off-by: Javier Carrasco Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20240624-mtk_disp_ovl_adaptor_scoped-v1-2-9fa1e074d881@gmail.com/ Signed-off-by: Chun-Kuang Hu commit d88464a80a286bfafe5c9d08747be3a69e6104cc Author: Javier Carrasco Date: Mon Jun 24 18:43:46 2024 +0200 drm/mediatek: ovl_adaptor: Drop unused mtk_crtc.h header None of the elements from that header is used in this file. Signed-off-by: Javier Carrasco Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20240624-mtk_disp_ovl_adaptor_scoped-v1-1-9fa1e074d881@gmail.com/ Signed-off-by: Chun-Kuang Hu commit 5a38089fe4438a587291ccf932178ed8cdbdde28 Merge: 39b8cb4e1b5119 99cf5db9cdd391 Author: Mark Brown Date: Thu Aug 15 14:35:02 2024 +0100 regulator: Use scoped device node handling to simplify Merge series from Krzysztof Kozlowski : Make code a bit smaller/simpler, with less of_node_put() thanks to cleanup.h. commit ed49fe5a6fb9c1a1bbbf4b5b648c7d34a756cb6d Author: Will Deacon Date: Wed Aug 14 13:34:29 2024 +0100 KVM: arm64: Ensure TLBI uses correct VMID after changing context When the target context passed to enter_vmid_context() matches the current running context, the function returns early without manipulating the registers of the stage-2 MMU. This can result in a stale VMID due to the lack of an ISB instruction in exit_vmid_context() after writing the VTTBR when ARM64_WORKAROUND_SPECULATIVE_AT is not enabled. For example, with pKVM enabled: // Initially running in host context enter_vmid_context(guest); -> __load_stage2(guest); isb // Writes VTCR & VTTBR exit_vmid_context(guest); -> __load_stage2(host); // Restores VTCR & VTTBR enter_vmid_context(host); -> Returns early as we're already in host context tlbi vmalls12e1is // !!! Can use the stale VMID as we // haven't performed context // synchronisation since restoring // VTTBR.VMID Add an unconditional ISB instruction to exit_vmid_context() after restoring the VTTBR. This already existed for the ARM64_WORKAROUND_SPECULATIVE_AT path, so we can simply hoist that onto the common path. Cc: Marc Zyngier Cc: Oliver Upton Cc: Fuad Tabba Fixes: 58f3b0fc3b87 ("KVM: arm64: Support TLB invalidation in guest context") Signed-off-by: Will Deacon Link: https://lore.kernel.org/r/20240814123429.20457-3-will@kernel.org Signed-off-by: Marc Zyngier commit dc0dddb1d66de88c571cf1a5bc3b484521a578af Author: Will Deacon Date: Wed Aug 14 13:34:28 2024 +0100 KVM: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe hyp init When initialising the nVHE hypervisor, we invalidate potentially stale TLB entries for the EL1&0 regime using a 'vmalls12e1' invalidation. However, this invalidation operation applies only to the active VMID and therefore we could proceed with stale TLB entries for other VMIDs. Replace the operation with an 'alle1' which applies to all entries for the EL1&0 regime, regardless of the VMID. Cc: Marc Zyngier Cc: Oliver Upton Fixes: 1025c8c0c6ac ("KVM: arm64: Wrap the host with a stage 2") Signed-off-by: Will Deacon Link: https://lore.kernel.org/r/20240814123429.20457-2-will@kernel.org Signed-off-by: Marc Zyngier commit 4c57d0be528b1255abe61d8277f3213d4d22e85f Author: Steven Rostedt Date: Tue Aug 13 13:11:06 2024 -0400 tracing/fgraph: Have fgraph handle previous boot function addresses Update the function graph code to modify the function addresses for a previous boot buffer so that it matches the current kallsyms (note this does not handle module addresses, yet). After a reboot, instead of seeing: # trace-cmd show -B boot_mapped | tail -n30 swapper/0-1 [000] d..2. 56.286470: 0) 0.481 us | 0xffffffff925da5c4(); swapper/0-1 [000] d.... 56.286471: 0) 4.065 us | } swapper/0-1 [000] d.... 56.286471: 0) 4.920 us | } swapper/0-1 [000] d..1. 56.286472: 0) | 0xffffffff92536254() { swapper/0-1 [000] d..1. 56.286472: 0) + 28.974 us | 0xffffffff92534e30(); swapper/0-1 [000] d.... 56.286516: 0) + 43.881 us | } swapper/0-1 [000] d..1. 56.286517: 0) | 0xffffffff925136c4() { swapper/0-1 [000] d..1. 56.286518: 0) | 0xffffffff92514a14() { swapper/0-1 [000] d..1. 56.286518: 0) 6.003 us | 0xffffffff92514200(); swapper/0-1 [000] d.... 56.286529: 0) + 11.510 us | } swapper/0-1 [000] d.... 56.286529: 0) + 12.895 us | } swapper/0-1 [000] d.... 56.286530: 0) ! 382.884 us | } swapper/0-1 [000] d..1. 56.286530: 0) | 0xffffffff92536444() { swapper/0-1 [000] d..1. 56.286531: 0) | 0xffffffff92536254() { swapper/0-1 [000] d..1. 56.286531: 0) + 26.335 us | 0xffffffff92534e30(); swapper/0-1 [000] d.... 56.286560: 0) + 29.511 us | } swapper/0-1 [000] d.... 56.286561: 0) + 30.452 us | } swapper/0-1 [000] d..1. 56.286562: 0) | 0xffffffff9253c014() { swapper/0-1 [000] d..1. 56.286562: 0) | 0xffffffff9253bed4() { swapper/0-1 [000] d..1. 56.286563: 0) + 13.465 us | 0xffffffff92536684(); swapper/0-1 [000] d.... 56.286577: 0) + 14.651 us | } swapper/0-1 [000] d.... 56.286577: 0) + 15.821 us | } swapper/0-1 [000] d..1. 56.286578: 0) 0.667 us | 0xffffffff92547074(); swapper/0-1 [000] d..1. 56.286579: 0) 0.453 us | 0xffffffff924f35c4(); swapper/0-1 [000] d.... 56.286580: 0) # 3906.348 us | } swapper/0-1 [000] d..1. 56.286581: 0) | 0xffffffff92531a14() { swapper/0-1 [000] d..1. 56.286581: 0) 0.518 us | 0xffffffff92505cb4(); swapper/0-1 [000] d..1. 56.286595: 0) | 0xffffffff92db83c4() { swapper/0-1 [000] d..1. 56.286596: 0) | 0xffffffff92dec2e4() { swapper/0-1 [000] d..1. 56.286597: 0) | 0xffffffff92db5304() { It now shows: # trace-cmd show -B boot_mapped | tail -n30 swapper/0-1 [000] d..2. 363.079099: 0) 0.483 us | preempt_count_sub(); swapper/0-1 [000] d.... 363.079100: 0) 4.112 us | } swapper/0-1 [000] d.... 363.079101: 0) 4.979 us | } swapper/0-1 [000] d..1. 363.079101: 0) | disable_local_APIC() { swapper/0-1 [000] d..1. 363.079102: 0) + 29.153 us | clear_local_APIC.part.0(); swapper/0-1 [000] d.... 363.079148: 0) + 46.517 us | } swapper/0-1 [000] d..1. 363.079149: 0) | mcheck_cpu_clear() { swapper/0-1 [000] d..1. 363.079149: 0) | mce_intel_feature_clear() { swapper/0-1 [000] d..1. 363.079150: 0) 5.871 us | lmce_supported(); swapper/0-1 [000] d.... 363.079161: 0) + 11.340 us | } swapper/0-1 [000] d.... 363.079161: 0) + 12.638 us | } swapper/0-1 [000] d.... 363.079162: 0) ! 383.518 us | } swapper/0-1 [000] d..1. 363.079162: 0) | lapic_shutdown() { swapper/0-1 [000] d..1. 363.079163: 0) | disable_local_APIC() { swapper/0-1 [000] d..1. 363.079163: 0) + 26.144 us | clear_local_APIC.part.0(); swapper/0-1 [000] d.... 363.079192: 0) + 29.424 us | } swapper/0-1 [000] d.... 363.079192: 0) + 30.376 us | } swapper/0-1 [000] d..1. 363.079193: 0) | restore_boot_irq_mode() { swapper/0-1 [000] d..1. 363.079194: 0) | native_restore_boot_irq_mode() { swapper/0-1 [000] d..1. 363.079194: 0) + 13.863 us | disconnect_bsp_APIC(); swapper/0-1 [000] d.... 363.079209: 0) + 14.933 us | } swapper/0-1 [000] d.... 363.079209: 0) + 16.009 us | } swapper/0-1 [000] d..1. 363.079210: 0) 0.694 us | hpet_disable(); swapper/0-1 [000] d..1. 363.079211: 0) 0.511 us | iommu_shutdown_noop(); swapper/0-1 [000] d.... 363.079212: 0) # 3980.260 us | } swapper/0-1 [000] d..1. 363.079212: 0) | native_machine_emergency_restart() { swapper/0-1 [000] d..1. 363.079213: 0) 0.495 us | tboot_shutdown(); swapper/0-1 [000] d..1. 363.079230: 0) | acpi_reboot() { swapper/0-1 [000] d..1. 363.079231: 0) | acpi_reset() { swapper/0-1 [000] d..1. 363.079232: 0) | acpi_os_write_port() { Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Linus Torvalds Cc: Ross Zwisler Cc: Vincent Donnefort Link: https://lore.kernel.org/20240813171257.478901820@goodmis.org Signed-off-by: Steven Rostedt (Google) commit 29a02ec66556ac942d263416c32b97f5b9206f69 Author: Steven Rostedt (Google) Date: Thu Aug 15 08:28:11 2024 -0400 tracing: Allow boot instances to use reserve_mem boot memory Allow boot instances to use memory reserved by the reserve_mem boot option. reserve_mem=12M:4096:trace trace_instance=boot_mapped@trace The above will allocate 12 megs with 4096 alignment and label it "trace". The second parameter will create a "boot_mapped" instance and use the memory reserved and labeled as "trace" as the memory for the ring buffer. That will create an instance called "boot_mapped": /sys/kernel/tracing/instances/boot_mapped Note, because the ring buffer is using a defined memory ranged, it will act just like a memory mapped ring buffer. It will not have a snapshot buffer, as it can't swap out the buffer. The snapshot files as well as any tracers that uses a snapshot will not be present in the boot_mapped instance. Also note that reserve_mem is not reliable in acquiring the same physical memory at each soft reboot. It is possible that KALSR could map the kernel at the previous boot memory location forcing the reserve_mem to return a different memory location. In this case, the previous ring buffer will be lost. Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Linus Torvalds Cc: Ross Zwisler Cc: Vincent Donnefort Link: https://lore.kernel.org/20240815082811.669f7d8c@gandalf.local.home Signed-off-by: Steven Rostedt (Google) commit 66afec7c6992a04f8ab65b54421bdb5f8ac806e6 Author: Dan Carpenter Date: Thu Aug 15 14:25:08 2024 +0300 ata: ahci_imx: Fix error code in probe() Return a negative error code if devm_clk_get() fails. Don't return success. Fixes: 3156e1b2c071 ("ata: ahci_imx: AHB clock rate setting is not required on i.MX8QM AHCI SATA") Signed-off-by: Dan Carpenter Link: https://lore.kernel.org/r/cbcbdfc2-ddc7-4684-8ad4-018227823546@stanley.mountain Signed-off-by: Niklas Cassel commit aa3ca1faf3222af7aaa194a910995820135fc54e Author: Zhang Zekun Date: Sat Aug 10 10:34:26 2024 +0800 ata: libahci_platform: Simplify code with for_each_child_of_node_scoped() for_each_child_of_node_scoped() can put the device_node automatically. So let's use it to make the code simpler by avoiding the need to explicitly call of_node_put(). Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240810023426.110624-1-zhangzekun11@huawei.com Signed-off-by: Niklas Cassel commit bca1c19f7a070c686d5024ad6d8b2709a6e469dd Merge: 562cdeadac0617 52dd070c62e4ae Author: Ulf Hansson Date: Thu Aug 15 12:48:59 2024 +0200 pmdomain: Merge branch fixes into next Merge the pmdomain fixes for v6.11-rc[n] into the next branch, to allow them to get tested together with the new changes that are targeted for v6.12. Signed-off-by: Ulf Hansson commit ee689a9500efb4daeab45f44d43c782fc214dada Author: Cristian Ciocaltea Date: Tue Aug 13 00:15:11 2024 +0300 drm/rockchip: dw_hdmi: Drop superfluous assignments of mpll_cfg, cur_ctr and phy_config The mpll_cfg, cur_ctr and phy_config members in struct dw_hdmi_plat_data are only used to configure the Synopsys PHYs supported internally by DW HDMI transmitter driver (gpu/drm/bridge/synopsys/dw-hdmi.c), via hdmi_phy_configure_dwc_hdmi_3d_tx(), which is further invoked from dw_hdmi_phy_init(). This is part of the internal dw_hdmi_synopsys_phy_ops struct, managed within dw_hdmi_detect_phy(). To handle vendor PHYs, DW HDMI driver doesn't make use of the internal PHY ops and, instead, relies on the glue layer to provide the phy_ops and phy_name members of struct dw_hdmi_plat_data. Drop the unnecessary assignments of DW internal PHY related members from structs rk3228_hdmi_drv_data and rk3328_hdmi_drv_data, since both set the phy_force_vendor flag and correctly provide the expected vendor PHY data. Signed-off-by: Cristian Ciocaltea Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/20240813-dw-hdmi-rockchip-cleanup-v1-4-b3e73b5f4fd6@collabora.com commit 6a3283603c73e366c946195f0cfd30fe56d603be Author: Cristian Ciocaltea Date: Tue Aug 13 00:15:10 2024 +0300 drm/rockchip: dw_hdmi: Use devm_regulator_get_enable() The regulators are only enabled at bind() and disabled at unbind(), hence replace the boilerplate code by making use of devm_regulator_get_enable() helper. Signed-off-by: Cristian Ciocaltea Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/20240813-dw-hdmi-rockchip-cleanup-v1-3-b3e73b5f4fd6@collabora.com commit d2a80cb57a017c97d40c35f6b0cc7d103065f0cd Author: Cristian Ciocaltea Date: Tue Aug 13 00:15:09 2024 +0300 drm/rockchip: dw_hdmi: Simplify clock handling Make use of devm_clk_get_optional_enabled() to replace devm_clk_get() and clk_prepare_enable() for ref_clk and drop the now unnecessary calls to clk_disable_unprepare(). Additionally, use devm_clk_get_optional() helper for grf_clk to replace the open coding call to devm_clk_get() followed by the -ENOENT test. Signed-off-by: Cristian Ciocaltea Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/20240813-dw-hdmi-rockchip-cleanup-v1-2-b3e73b5f4fd6@collabora.com commit 1b8f576c69588ddee9e093d322449bb069e51f6c Author: Cristian Ciocaltea Date: Tue Aug 13 00:15:08 2024 +0300 drm/rockchip: dw_hdmi: Use modern drm_device based logging Prefer drm_{err|info|dbg}() over deprecated DRM_DEV_{ERROR|INFO|DEBUG}() logging macros. Conversion done with the help of the following semantic patch, followed by a few minor indentation adjustments: @@ identifier T; @@ ( -DRM_DEV_ERROR(T->dev, +drm_err(T, ...) | -DRM_DEV_INFO(T->dev, +drm_info(T, ...) | -DRM_DEV_DEBUG(T->dev, +drm_dbg(T, ...) ) Signed-off-by: Cristian Ciocaltea Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/20240813-dw-hdmi-rockchip-cleanup-v1-1-b3e73b5f4fd6@collabora.com commit 6ed51ba95e27221ce87979bd2ad5926033b9e1b9 Author: Val Packett Date: Mon Jun 24 17:40:49 2024 -0300 drm/rockchip: vop: enable VOP_FEATURE_INTERNAL_RGB on RK3066 The RK3066 does have RGB display output, so it should be marked as such. Fixes: f4a6de855eae ("drm: rockchip: vop: add rk3066 vop definitions") Cc: stable@vger.kernel.org Signed-off-by: Val Packett Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/20240624204054.5524-3-val@packett.cool commit 6b44aa559d6c7f4ea591ef9d2352a7250138d62a Author: Val Packett Date: Mon Jun 24 17:40:48 2024 -0300 drm/rockchip: vop: clear DMA stop bit on RK3066 The RK3066 VOP sets a dma_stop bit when it's done scanning out a frame and needs the driver to acknowledge that by clearing the bit. Unless we clear it "between" frames, the RGB output only shows noise instead of the picture. atomic_flush is the place for it that least affects other code (doing it on vblank would require converting all other usages of the reg_lock to spin_(un)lock_irq, which would affect performance for everyone). This seems to be a redundant synchronization mechanism that was removed in later iterations of the VOP hardware block. Fixes: f4a6de855eae ("drm: rockchip: vop: add rk3066 vop definitions") Cc: stable@vger.kernel.org Signed-off-by: Val Packett Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/20240624204054.5524-2-val@packett.cool commit ab03974df27e471ff03402265292f1bafafb5df6 Author: Cristian Ciocaltea Date: Wed Aug 7 14:07:26 2024 +0300 drm/rockchip: Explicitly include bits header Driver makes use of the BIT() macro, but relies on the bits header being implicitly included. Explicitly pull the header in to avoid potential build failures in some configurations. While at it, reorder include directives alphabetically. Signed-off-by: Cristian Ciocaltea Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/20240807-b4-rk3588-bridge-upstream-v3-4-60d6bab0dc7c@collabora.com commit 7af62003181f8589b3b597ef96b147d4303771c4 Author: Christophe JAILLET Date: Sat Jul 13 22:52:05 2024 +0200 drm/rockchip: Constify struct drm_encoder_helper_funcs 'struct drm_encoder_helper_funcs' is not modified in these drivers. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 7458 552 0 8010 1f4a drivers/gpu/drm/rockchip/analogix_dp-rockchip.o After: ===== text data bss dec hex filename 7578 424 0 8002 1f42 drivers/gpu/drm/rockchip/analogix_dp-rockchip.o Signed-off-by: Christophe JAILLET Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/128f9941aab3b1367eb7abca4ac26e2e5dd6ad21.1720903899.git.christophe.jaillet@wanadoo.fr commit f7f4df8851194d2635fb7989582014329dcffa12 Author: Dragan Simic Date: Thu Jul 4 01:32:20 2024 +0200 drm/rockchip: cdn-dp: Clean up a few logged messages Clean up a few logged messages, which were previously worded as rather incomplete sentences separated by periods. This was both a bit unreadable and grammatically incorrect, so convert them into partial sentences separated (or connected) by semicolons, together with some wording improvements. Signed-off-by: Dragan Simic Reviewed-by: Andy Yan Signed-off-by: Heiko Stuebner Link: https://patchwork.freedesktop.org/patch/msgid/92db74a313547c087cc71059428698c4ec37a9ae.1720048818.git.dsimic@manjaro.org commit ca958879ade564daa0e0fa82aeeccf3bc7f73edd Author: Chen Ni Date: Tue Jul 16 10:58:52 2024 +0800 md: convert comma to semicolon Replace a comma between expression statements by a semicolon. Fixes: 5e5702898e93 ("md/raid10: Handle read errors during recovery better.") Signed-off-by: Chen Ni Link: https://lore.kernel.org/r/20240716025852.400259-1-nichen@iscas.ac.cn Signed-off-by: Song Liu commit a9c60712d71ff07197b2982899b9db28ed548ded Merge: 35c9ffba80a853 6c5cdabb3ec325 Author: Jakub Kicinski Date: Wed Aug 14 20:37:49 2024 -0700 Merge branch 'uapi-net-sched-cxgb4-fix-wflex-array-member-not-at-end-warning' Gustavo A. R. Silva says: ==================== UAPI: net/sched - cxgb4: Fix -Wflex-array-member-not-at-end warning Small patch series aimed at fixing a -Wflex-array-member-not-at-end warning by creating a new tagged struct within a flexible structure. We then use this new struct type to fix a problematic middle-flex-array declaration in a composite struct. ==================== Link: https://patch.msgid.link/cover.1723586870.git.gustavoars@kernel.org Signed-off-by: Jakub Kicinski commit 6c5cdabb3ec325f1846dad72f520814bbda79dca Author: Gustavo A. R. Silva Date: Tue Aug 13 16:15:31 2024 -0600 cxgb4: Avoid -Wflex-array-member-not-at-end warning -Wflex-array-member-not-at-end was introduced in GCC-14, and we are getting ready to enable it, globally. Change the type of the middle struct member currently causing trouble from `struct tc_u32_sel` to `struct tc_u32_sel_hdr`. Fix the following warning: drivers/net/ethernet/chelsio/cxgb4/cxgb4_tc_u32_parse.h:245:27: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva Link: https://patch.msgid.link/97388e8a7990975aa56cf0ada211764c735c3432.1723586870.git.gustavoars@kernel.org Signed-off-by: Jakub Kicinski commit 216203bdc2280d8fc5baf60707eee2051de1426e Author: Gustavo A. R. Silva Date: Tue Aug 13 16:15:02 2024 -0600 UAPI: net/sched: Use __struct_group() in flex struct tc_u32_sel Use the `__struct_group()` helper to create a new tagged `struct tc_u32_sel_hdr`. This structure groups together all the members of the flexible `struct tc_u32_sel` except the flexible array. As a result, the array is effectively separated from the rest of the members without modifying the memory layout of the flexible structure. This new tagged struct will be used to fix problematic declarations of middle-flex-arrays in composite structs[1]. [1] https://git.kernel.org/linus/d88cabfd9abc Signed-off-by: Gustavo A. R. Silva Link: https://patch.msgid.link/e59fe833564ddc5b2cc83056a4c504be887d6193.1723586870.git.gustavoars@kernel.org Signed-off-by: Jakub Kicinski commit 35c9ffba80a8539f57a0cb1515e376dfb8058a23 Merge: 2984e69a24affc 1418e9ab3e2e2f Author: Jakub Kicinski Date: Wed Aug 14 20:36:35 2024 -0700 Merge branch 'bnxt_en-address-string-truncation' Simon Horman says: ==================== bnxt_en: address string truncation This series addresses several string truncation issues that are flagged by gcc-14. I do not have any reason to believe these are bugs, so I am targeting this at net-next and have not provided Fixes tags. v1: https://lore.kernel.org/r/20240705-bnxt-str-v1-0-bafc769ed89e@kernel.org ==================== Link: https://patch.msgid.link/20240813-bnxt-str-v2-0-872050a157e7@kernel.org Signed-off-by: Jakub Kicinski commit 1418e9ab3e2e2f3aad3b1f93e9e4472160132755 Author: Simon Horman Date: Tue Aug 13 15:32:56 2024 +0100 bnxt_en: avoid truncation of per rx run debugfs filename Although it seems unlikely in practice - there would need to be rx ring indexes greater than 10^10 - it is theoretically possible for the filename of per rx ring debugfs files to be truncated. This is because although a 16 byte buffer is provided, the length of the filename is restricted to 10 bytes. Remove this restriction and allow the entire buffer to be used. Also reduce the buffer to 12 bytes, which is sufficient. Given that the range of rx ring indexes likely much smaller than the maximum range of a 32-bit signed integer, a smaller buffer could be used, with some further changes. But this change seems simple, robust, and has minimal stack overhead. Flagged by gcc-14: .../bnxt_debugfs.c: In function 'bnxt_debug_dev_init': drivers/net/ethernet/broadcom/bnxt/bnxt_debugfs.c:69:30: warning: '%d' directive output may be truncated writing between 1 and 11 bytes into a region of size 10 [-Wformat-truncation=] 69 | snprintf(qname, 10, "%d", ring_idx); | ^~ In function 'debugfs_dim_ring_init', inlined from 'bnxt_debug_dev_init' at .../bnxt_debugfs.c:87:4: .../bnxt_debugfs.c:69:29: note: directive argument in the range [-2147483643, 2147483646] 69 | snprintf(qname, 10, "%d", ring_idx); | ^~~~ .../bnxt_debugfs.c:69:9: note: 'snprintf' output between 2 and 12 bytes into a destination of size 10 69 | snprintf(qname, 10, "%d", ring_idx); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Compile tested only Signed-off-by: Simon Horman Reviewed-by: Michael Chan Link: https://patch.msgid.link/20240813-bnxt-str-v2-2-872050a157e7@kernel.org Signed-off-by: Jakub Kicinski commit ffff7ee843c351ce71d6e0d52f0f20bea35e18c9 Author: Simon Horman Date: Tue Aug 13 15:32:55 2024 +0100 bnxt_en: Extend maximum length of version string by 1 byte This corrects an out-by-one error in the maximum length of the package version string. The size argument of snprintf includes space for the trailing '\0' byte, so there is no need to allow extra space for it by reducing the value of the size argument by 1. Found by inspection. Compile tested only. Signed-off-by: Simon Horman Reviewed-by: Michael Chan Link: https://patch.msgid.link/20240813-bnxt-str-v2-1-872050a157e7@kernel.org Signed-off-by: Jakub Kicinski commit dff75ec5763eb9c7ad64be952cc6930b410beb2d Author: Jingyi Wang Date: Wed Aug 14 15:28:06 2024 +0800 soc: qcom: socinfo: add QCS8275/QCS8300 SoC ID Add SoC ID for Qualcomm QCS8275/QCS8300. Signed-off-by: Jingyi Wang Link: https://lore.kernel.org/r/20240814072806.4107079-4-quic_jingyw@quicinc.com Signed-off-by: Bjorn Andersson commit 6b34e75c48bb913f3431e66353cad9782e7225c7 Author: Jingyi Wang Date: Wed Aug 14 15:28:05 2024 +0800 dt-bindings: arm: qcom,ids: add SoC ID for QCS8275/QCS8300 Add the ID for Qualcomm QCS8275/QCS8300 SoC. Signed-off-by: Jingyi Wang Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240814072806.4107079-3-quic_jingyw@quicinc.com Signed-off-by: Bjorn Andersson commit f728778272242c84d36682c0aabbb845195e745d Author: Krzysztof Kozlowski Date: Tue Aug 13 15:09:52 2024 +0200 soc: qcom: smp2p: use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240813-b4-cleanup-h-of-node-put-other-v1-6-cfb67323a95c@linaro.org Signed-off-by: Bjorn Andersson commit a29e97bdc160aaa27187c7be3bcd052af66c027a Author: Krzysztof Kozlowski Date: Tue Aug 13 15:09:51 2024 +0200 soc: qcom: pbs: use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240813-b4-cleanup-h-of-node-put-other-v1-5-cfb67323a95c@linaro.org Signed-off-by: Bjorn Andersson commit f4c1c19f5c0e5cf2870df91dedc6b40400fd9c8a Author: Krzysztof Kozlowski Date: Tue Aug 13 15:09:50 2024 +0200 soc: qcom: ocmem: use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240813-b4-cleanup-h-of-node-put-other-v1-4-cfb67323a95c@linaro.org Signed-off-by: Bjorn Andersson commit 877840f13bcc96e05aca2e1e6cc0f957afb788a4 Author: Krzysztof Kozlowski Date: Tue Aug 13 15:09:49 2024 +0200 soc: qcom: ice: use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240813-b4-cleanup-h-of-node-put-other-v1-3-cfb67323a95c@linaro.org Signed-off-by: Bjorn Andersson commit c50203cbba1573546f115330530d24382fc53f09 Author: Krzysztof Kozlowski Date: Tue Aug 13 15:09:48 2024 +0200 soc: qcom: aoss: simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240813-b4-cleanup-h-of-node-put-other-v1-2-cfb67323a95c@linaro.org Signed-off-by: Bjorn Andersson commit 6c26d9c764c62343722d6ea6c9e4c7e65989f634 Author: Krzysztof Kozlowski Date: Tue Aug 13 15:09:47 2024 +0200 soc: qcom: apr: simplify with scoped for each OF child loop Use scoped for_each_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240813-b4-cleanup-h-of-node-put-other-v1-1-cfb67323a95c@linaro.org Signed-off-by: Bjorn Andersson commit b14c150d195b8ae07deb391741a1efb8c302f176 Author: Dmitry Baryshkov Date: Mon Jul 29 22:52:16 2024 +0300 soc: qcom: smd-rpm: add qcom,smd-rpm compatible Add the generic qcom,smd-rpm and qcom,glink-smd-rpm compatibles so that there is no need to add further compat strings to the list. Existing strings are intact to keep compatibility with existing DTS. Signed-off-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240729-fix-smd-rpm-v2-3-0776408a94c5@linaro.org Signed-off-by: Bjorn Andersson commit 9d5f3cc5024df5ad3ee4bce14226a44ee78d22ae Author: Dmitry Baryshkov Date: Mon Jul 29 22:52:15 2024 +0300 dt-bindings: soc: qcom: smd-rpm: add generic compatibles Add two generic compatibles to all smd-rpm devices, they follow the same RPMSG protocol and are either accessed through the smd-edge or through the glink-edge. Signed-off-by: Dmitry Baryshkov Reviewed-by: Rob Herring (Arm) Acked-by: Stephen Boyd Link: https://lore.kernel.org/r/20240729-fix-smd-rpm-v2-2-0776408a94c5@linaro.org Signed-off-by: Bjorn Andersson commit b17155133391d7f6dd18d3fb94a7d492fdec18fa Author: Dmitry Baryshkov Date: Mon Jul 29 22:52:14 2024 +0300 Revert "soc: qcom: smd-rpm: Match rpmsg channel instead of compatible" The rpm_requests device nodes have the compatible node. As such the rpmsg core uses OF modalias instead of a native rpmsg modalias. Thus if smd-rpm is built as a module, it doesn't get autoloaded for the device. Revert the commit bcabe1e09135 ("soc: qcom: smd-rpm: Match rpmsg channel instead of compatible") Fixes: bcabe1e09135 ("soc: qcom: smd-rpm: Match rpmsg channel instead of compatible") Cc: stable@vger.kernel.org Signed-off-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240729-fix-smd-rpm-v2-1-0776408a94c5@linaro.org Signed-off-by: Bjorn Andersson commit d4d4049e411b246cdfc2df60d8d5a4474019c689 Author: Mukesh Ojha Date: Mon Jul 15 21:26:55 2024 +0530 firmware: qcom: scm: Add multiple download mode support Currently, scm driver only supports full dump when download mode is selected. Add support to enable minidump as well as enable it along with fulldump. Signed-off-by: Mukesh Ojha Link: https://lore.kernel.org/r/20240715155655.1811178-2-quic_mojha@quicinc.com Signed-off-by: Bjorn Andersson commit c802b0a2ed0f67fcec8cc0cac685c8fd0dd0aa6f Author: Mukesh Ojha Date: Mon Jul 15 21:26:54 2024 +0530 firmware: qcom: scm: Refactor code to support multiple dload mode Currently on Qualcomm SoC, download_mode is enabled if CONFIG_QCOM_SCM_DOWNLOAD_MODE_DEFAULT is selected or passed a boolean value from command line. Refactor the code such that it supports multiple download modes and drop CONFIG_QCOM_SCM_DOWNLOAD_MODE_DEFAULT config instead, give interface to set the download mode from module parameter while being backword compatible at the same time. Signed-off-by: Mukesh Ojha Link: https://lore.kernel.org/r/20240715155655.1811178-1-quic_mojha@quicinc.com Signed-off-by: Bjorn Andersson commit ed2c37520893427dfb8b615fcc6263af796a0ab1 Author: Stephan Gerhold Date: Mon Jul 8 18:22:10 2024 +0200 soc: qcom: pd_mapper: Add more older platforms without domains MSM8909, MSM8916 and MSM8939 all do not make use of pd-mapper, add them to the list similar to the other older platforms to avoid the following message in dmesg when booting: "PDM: no support for the platform, userspace daemon might be required." Signed-off-by: Stephan Gerhold Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240708-x1e80100-pd-mapper-v1-2-854386af4cf5@linaro.org Signed-off-by: Bjorn Andersson commit bd6db1f1486eedb8460647b3fbe9b5ae8fd09207 Author: Stephan Gerhold Date: Mon Jul 8 18:22:09 2024 +0200 soc: qcom: pd_mapper: Add X1E80100 X1E80100 has the same protection domains as SM8550, except that MPSS is missing. Add it to the in-kernel pd-mapper to avoid having to run the daemon in userspace for charging and audio functionality. Signed-off-by: Stephan Gerhold Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240708-x1e80100-pd-mapper-v1-1-854386af4cf5@linaro.org Signed-off-by: Bjorn Andersson commit 3f780bba3fc35f8a1beb9f198d51228395c3658a Merge: 79cb2cb8d89b7e 924fc22c282edb Author: Bjorn Andersson Date: Wed Aug 14 22:12:27 2024 -0500 Merge branch 'drivers-fixes-for-6.11' into HEAD Merge drivers-fixes-for-6.11 branch into drivers-for-6.12 to avoid the (trivial) merge conflict occuring related to the qcom_pdm_domains update. commit a13676eac29c87518d3894e032aa5943844eb116 Author: Barnabás Czémán Date: Wed Aug 7 22:33:56 2024 +0200 arm64: dts: qcom: msm8976: Add restart node Add a pshold restart node what can be found in downstream for enable to perform restart operations. Signed-off-by: Barnabás Czémán Link: https://lore.kernel.org/r/20240807-pshold-v1-1-0fa7927e99ce@mainlining.org Signed-off-by: Bjorn Andersson commit 9091225ba28c0106d3cd041c7abf5551a94bb524 Author: Tengfei Fan Date: Mon Aug 5 19:08:04 2024 +0200 remoteproc: qcom: pas: Add support for SA8775p ADSP, CDSP and GPDSP Add support for PIL loading on ADSP, CDSP0, CDSP1, GPDSP0 and GPDSP1 on SA8775p SoCs. Signed-off-by: Tengfei Fan Co-developed-by: Bartosz Golaszewski Signed-off-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240805-topic-sa8775p-iot-remoteproc-v4-3-86affdc72c04@linaro.org Signed-off-by: Bjorn Andersson commit 4f79d0deae37c298bbce5142937080ff5cc61a25 Author: Bartosz Golaszewski Date: Wed Aug 7 15:31:43 2024 +0200 arm64: dts: qcom: sa8775p: add CPU idle states Add CPU idle-state nodes and power-domains to the .dtsi for SA8775P. Signed-off-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240807-sa8775p-idle-states-v1-1-f2b5fcdfa0b0@linaro.org Signed-off-by: Bjorn Andersson commit c46eef29907bc1644e0ded4b99bbd0be5ccde9a7 Author: Rob Clark Date: Tue Aug 6 13:22:17 2024 -0700 arm64: dts: qcom: x1e80100-yoga: Update panel bindings Use the correct panel compatible, and wire up enable-gpio. It is wired up in the same way as the x1e80100-crd. Signed-off-by: Rob Clark Reviewed-by: Abel Vesa Reviewed-by: Stephan Gerhold Link: https://lore.kernel.org/r/20240806202218.9060-1-robdclark@gmail.com Signed-off-by: Bjorn Andersson commit 3e813b5408b7b9b061c2b1733d0089e4fae2e1ba Author: Nikita Travkin Date: Tue Aug 6 20:45:29 2024 +0500 arm64: dts: qcom: msm8916-samsung-gt58: Enable the touchkeys The tablet has two capacitive buttons on the scren bezel. Enable them by adding the keycodes in the dt. Signed-off-by: Nikita Travkin Link: https://lore.kernel.org/r/20240806-msm8916-gt58-tkey-v1-1-8987b06c5921@trvn.ru Signed-off-by: Bjorn Andersson commit 21927e94caa5ae05ab2361a5c6e63d52624e8381 Author: Bryan O'Donoghue Date: Tue Aug 6 10:45:43 2024 +0100 arm64: dts: qcom: sc8280xp-x13s: Enable RGB sensor Enable the main RGB sensor on the Lenovo x13s a five megapixel 2 lane DPHY MIPI sensor connected to cisphy0. With the pm8008 patches recently applied to the x13s dtsi we can now also enable the RGB sensor. Once done we have all upstream support necessary for the RGB sensor on x13s. Reviewed-by: Vladimir Zapolskiy Signed-off-by: Bryan O'Donoghue Link: https://lore.kernel.org/r/20240806-b4-linux-next-24-07-31-camss-sc8280xp-lenovo-rgb-v2-v3-1-199767fb193d@linaro.org Signed-off-by: Bjorn Andersson commit 2bec6f6a22815c6a5651d2b9aa4f54baf1ae5e73 Author: Bartosz Golaszewski Date: Mon Aug 5 19:08:07 2024 +0200 arm64: dts: qcom: sa8775p-ride: enable remoteprocs Enable all remoteproc nodes on the sa8775p-ride board and point to the appropriate firmware files. Reviewed-by: Dmitry Baryshkov Signed-off-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240805-topic-sa8775p-iot-remoteproc-v4-6-86affdc72c04@linaro.org Signed-off-by: Bjorn Andersson commit df54dcb34ff2eaabc5f74afbdb2fec104e2263e6 Author: Tengfei Fan Date: Mon Aug 5 19:08:06 2024 +0200 arm64: dts: qcom: sa8775p: add ADSP, CDSP and GPDSP nodes Add nodes for remoteprocs: ADSP, CDSP0, CDSP1, GPDSP0 and GPDSP1 for SA8775p SoCs. Reviewed-by: Dmitry Baryshkov Signed-off-by: Tengfei Fan [Ling: added the fastrcp nodes] Co-developed-by: Ling Xu Signed-off-by: Ling Xu [Bartosz: ported to mainline] Co-developed-by: Bartosz Golaszewski Signed-off-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240805-topic-sa8775p-iot-remoteproc-v4-5-86affdc72c04@linaro.org Signed-off-by: Bjorn Andersson commit 89817522b1a58970ac1247f65af009b046344fb0 Author: Tengfei Fan Date: Mon Aug 5 19:08:03 2024 +0200 dt-bindings: mailbox: qcom-ipcc: Add GPDSP0 and GPDSP1 clients Add GPDSP0 and GPDSP1 clients for SA8775p platform. Signed-off-by: Tengfei Fan Acked-by: Krzysztof Kozlowski Signed-off-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240805-topic-sa8775p-iot-remoteproc-v4-2-86affdc72c04@linaro.org Signed-off-by: Bjorn Andersson commit 469fc2e7a995ade8b929c4e2a32c93a231a3844f Author: Lin, Meng-Bo Date: Sun Aug 4 06:59:32 2024 +0000 arm64: dts: qcom: msm8916-samsung-j3ltetw: Add initial device tree The dts and dtsi add support for msm8916 variant of Samsung Galaxy J3 SM-J320YZ smartphone released in 2016. Add a device tree for SM-J320YZ with initial support for: - GPIO keys - SDHCI (internal and external storage) - USB Device Mode - UART (on USB connector via the SM5703 MUIC) - WCNSS (WiFi/BT) - Regulators - QDSP6 audio - Speaker/earpiece/headphones/microphones via digital/analog codec in MSM8916/PM8916 - WWAN Internet via BAM-DMUX - Touchscreen - Accelerometer There are different variants of J3, with some differences in MUIC, sensor, NFC and touch key I2C buses. The common parts are shared in msm8916-samsung-j3-common.dtsi to reduce duplication. Signed-off-by: Lin, Meng-Bo Link: https://lore.kernel.org/r/20240804065854.42437-3-linmengbo06890@proton.me Signed-off-by: Bjorn Andersson commit c17427c6ca5e0f7c5d1f9bd9c951cb6827c8c228 Author: Lin, Meng-Bo Date: Sun Aug 4 06:59:19 2024 +0000 dt-bindings: qcom: Document samsung,j3ltetw Document samsung,j3ltetw bindings used in its device tree. Signed-off-by: Lin, Meng-Bo Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240804065854.42437-2-linmengbo06890@proton.me Signed-off-by: Bjorn Andersson commit 115c14ee54aae1d61d2405f9b31f67c1e8947f4e Author: Dmitry Baryshkov Date: Sun Aug 4 08:40:15 2024 +0300 arm64: defconfig: build CONFIG_REGULATOR_QCOM_REFGEN as module Enable CONFIG_REGULATOR_QCOM_REFGEN and build it as a module. It is an internal supply used by the DSI on SM8350-based platforms (e.g. on the SM8350 HDK device). Signed-off-by: Dmitry Baryshkov Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240804-sm8350-fixes-v1-11-1149dd8399fe@linaro.org Signed-off-by: Bjorn Andersson commit 08822cf3de00f1b9edb01b995d926595e48a54eb Author: Dmitry Baryshkov Date: Sun Aug 4 08:40:14 2024 +0300 arm64: dts: qcom: sm8350: add refgen regulator On SM8350 platform the DSI internally is using the refgen regulator. Add corresponding device node and link it as a supply to the DSI node. Signed-off-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240804-sm8350-fixes-v1-10-1149dd8399fe@linaro.org Signed-off-by: Bjorn Andersson commit 5e1cf9f1f397a3d24dc6b06eda069be954504a16 Author: Dmitry Baryshkov Date: Sun Aug 4 08:40:13 2024 +0300 arm64: dts: qcom: sm8350: add MDSS registers interconnect Aside from the MDSS<->MEM interconnect, display devices have separate interconnect for register access. Add this interconnect to the display node. Signed-off-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240804-sm8350-fixes-v1-9-1149dd8399fe@linaro.org Signed-off-by: Bjorn Andersson commit 0bdadbf5c6fa4b42b33b3fb5595aaf34c5f4390b Author: Danila Tikhonov Date: Wed Jul 31 21:24:12 2024 +0300 arm64: dts: qcom: sm7125-xiaomi-common: Add reset-gpios for ufs_mem_hc The SC7180/SM7125 SoCs have a special pin for UFS reset. Generally, this pin is the same for all devices on the same SoC because it is hardcoded in the pinctrl driver. Therefore, it might seem appropriate to add this pin configuration in sc7180.dtsi. However, this pin is defined in the device-specific DTS files instead of the SoC-level DTS files in all Qualcomm DTS. To maintain consistency with this approach, we will follow the same style. Add reset-gpios to ufs_mem_hc. Signed-off-by: Danila Tikhonov Link: https://lore.kernel.org/r/20240731182412.27966-1-danila@jiaxyga.com Signed-off-by: Bjorn Andersson commit 1dd1a6d2b1851f8908643343c4e714af2e48352d Author: Tengfei Fan Date: Tue Jul 30 15:16:11 2024 +0800 arm64: dts: qcom: sa8775p: Add CPU and LLCC BWMON Add CPU and LLCC BWMON nodes and their corresponding opp tables for SA8775p SoC. SA8775p has two cpu clusters, with each cluster having a set of CPU-to-LLCC BWMON registers. Consequently, there are two sets of CPU-to-LLCC registers. Signed-off-by: Tengfei Fan Link: https://lore.kernel.org/r/20240730-add_sa8775p_bwmon-v1-2-f4f878da29ae@quicinc.com Signed-off-by: Bjorn Andersson commit 04b2f8d5aec32973d34839ae983821857924cc66 Author: André Apitzsch Date: Mon Jul 29 23:23:04 2024 +0200 arm64: dts: qcom: msm8939-longcheer-l9100: Add rear flash The phone has a Silergy SY7802 flash LED controller. Reviewed-by: Konrad Dybcio Signed-off-by: André Apitzsch Link: https://lore.kernel.org/r/20240729-sy7802-v6-1-86bb9083e40b@apitzsch.eu Signed-off-by: Bjorn Andersson commit 0b7d94e9d15d90aa55468b3c7681558ad66c7279 Author: Dmitry Baryshkov Date: Mon Jul 29 22:52:18 2024 +0300 arm64: dts: qcom: add generic compat string to RPM glink channels Add the generic qcom,smd-rpm / qcom,glink-smd-rpm compatible to RPM nodes to follow the schema. Signed-off-by: Dmitry Baryshkov Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240729-fix-smd-rpm-v2-5-0776408a94c5@linaro.org Signed-off-by: Bjorn Andersson commit a11a87a9a66e5ec1213c712ae681dbda37c2b1b8 Author: Dmitry Baryshkov Date: Mon Jul 29 22:52:17 2024 +0300 ARM: dts: qcom: add generic compat string to RPM glink channels Add the generic qcom,smd-rpm compatible to RPM nodes to follow the schema. Signed-off-by: Dmitry Baryshkov Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240729-fix-smd-rpm-v2-4-0776408a94c5@linaro.org Signed-off-by: Bjorn Andersson commit 76064d8f4cd608e18cef74e810a934ce6da81b4c Author: Naina Mehta Date: Tue Jul 9 12:19:21 2024 +0530 remoteproc: qcom: pas: Add SDX75 remoteproc support Add MPSS Peripheral Authentication Service support for SDX75 platform. Signed-off-by: Naina Mehta Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240709064924.325478-3-quic_nainmeht@quicinc.com Signed-off-by: Bjorn Andersson commit 888583bd3543da10c4bcb90c78825168fa8e7b90 Author: Naina Mehta Date: Tue Jul 9 12:19:20 2024 +0530 dt-bindings: remoteproc: qcom,sm8550-pas: document the SDX75 PAS Document the MPSS Peripheral Authentication Service on SDX75 platform. Signed-off-by: Naina Mehta Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240709064924.325478-2-quic_nainmeht@quicinc.com Signed-off-by: Bjorn Andersson commit 18042ad9dfd01d247407bb0721c6338eb8a9a2ac Author: Rayyan Ansari Date: Sun Jul 14 18:33:05 2024 +0100 ARM: dts: qcom: msm8226-microsoft-common: Add inertial sensors Add nodes for the Asahi Kasei AK09911 magnetometer and the Kionix KX022-1020 accelerometer, both of which are connected over i2c2, in the common device tree for msm8x26 Lumias. Moneypenny (Lumia 630) does not have a magnetometer, and so the node is deleted. Tesla's (Lumia 830's) magnetometer is currently unknown. Signed-off-by: Rayyan Ansari Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240714173431.54332-4-rayyan@ansari.sh Signed-off-by: Bjorn Andersson commit 42a7b7ca4d1ddc456093af434e511f540a89c8e5 Author: Naina Mehta Date: Tue Jul 9 12:19:24 2024 +0530 arm64: dts: qcom: sdx75-idp: enable MPSS remoteproc node Enable MPSS remoteproc node on sdx75-idp platform. Signed-off-by: Naina Mehta Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240709064924.325478-6-quic_nainmeht@quicinc.com Signed-off-by: Bjorn Andersson commit 41c72f36b2862f17266107a957b25aabc4702db0 Author: Naina Mehta Date: Tue Jul 9 12:19:23 2024 +0530 arm64: dts: qcom: sdx75: Add remoteproc node Add MPSS remoteproc node for SDX75 SoC. Signed-off-by: Naina Mehta Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240709064924.325478-5-quic_nainmeht@quicinc.com Signed-off-by: Bjorn Andersson commit 7a7d98fca65db42647b25de6e964a5cbd9743486 Author: Naina Mehta Date: Tue Jul 9 12:19:22 2024 +0530 arm64: dts: qcom: sdx75: update reserved memory regions for mpss Rename qdss@88800000 memory region as qlink_logging memory region and add qdss_mem memory region at address of 0x88500000, qlink_logging is being added at the memory region at the address of 0x88800000 as the region is being used by modem firmware. Since different DSM region size is required for different modem firmware, split mpss_dsmharq_mem region into 2 separate regions. This would provide the flexibility to remove the region which is not required for a particular platform. Based on the modem firmware either both the regions have to be used or only mpss_dsm_mem has to be used. Also, reduce the size of mpssadsp_mem region. Signed-off-by: Naina Mehta Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240709064924.325478-4-quic_nainmeht@quicinc.com Signed-off-by: Bjorn Andersson commit 79cb2cb8d89b7eca87e8dac031dadea4aeafeaa7 Author: Mukesh Ojha Date: Mon Jul 8 21:23:32 2024 +0530 firmware: qcom: scm: Disable SDI and write no dump to dump mode SDI is enabled for most of the Qualcomm SoCs and as per commit ff4aa3bc9825 ("firmware: qcom_scm: disable SDI if required") it was recommended to disable SDI by mentioning it in device tree to avoid hang during watchdog or during reboot. However, for some cases if download mode tcsr register already configured from boot firmware to collect dumps and if SDI is disabled via means of mentioning it in device tree we could still end up with dump collection. Disabling SDI alone is not completely enough to disable dump mode and we also need to zero out the bits download bits from tcsr register. Current commit now, unconditionally call qcom_scm_set_download_mode() based on download_mode flag, at max if TCSR register is not mentioned or available for a SoC it will fallback to legacy way of setting download mode through command which may be no-ops or return error in case current firmware does not implements QCOM_SCM_INFO_IS_CALL_AVAIL so, at worst it does nothing if it fails. It also does to call SDI disable call if dload mode is disabled, which looks fine to do as intention is to disable dump collection even if system crashes. Fixes: ff4aa3bc9825 ("firmware: qcom_scm: disable SDI if required") Signed-off-by: Mukesh Ojha Link: https://lore.kernel.org/r/20240708155332.4056479-1-quic_mojha@quicinc.com Signed-off-by: Bjorn Andersson commit b5cbd179f466f46b74ec0aa235e3ebe546135048 Author: Krishna Kurapati Date: Sun Jul 7 14:26:24 2024 +0530 arm64: dts: qcom: sa8295p-adp: Enable the four USB Type-A ports The multiport USB controller in the SA8295P ADP is connected to four USB Type-A ports. VBUS for each of these ports are provided by a TPS2559QWDRCTQ1 regulator, controlled from PMIC GPIOs. Add the necessary regulators and GPIO configuration to power these. It seems reasonable that these regulators should be referenced as vbus supply of usb-a-connector nodes and controlled by e.g. dwc3, but as this is not supported in Linux today the regulators are left always-on for now. Signed-off-by: Krishna Kurapati Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240707085624.3411961-1-quic_kriskura@quicinc.com Signed-off-by: Bjorn Andersson commit 6e229f9118438af09b4ac6a96313c32f33027e5a Author: Srinivas Kandagatla Date: Thu Jun 27 15:44:43 2024 +0100 arm64: dts: x1e80100-qcp: fix wsa soundwire port mapping Existing way of allocating ports dynamically is linear starting from 1 to MAX_PORTS. This will not work for x1e80100 as the master ports are are not mapped in the same order. Without this fix only one speaker in a pair of speakers will function. After this fix along with WSA codec changes both the speakers starts working. Reviewed-by: Krzysztof Kozlowski Tested-by: Neil Armstrong # on SM8650-HDK Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240626-port-map-v2-6-6cc1c5608cdd@linaro.org Signed-off-by: Bjorn Andersson commit d374fafd8972895eba01ebd69c993cc7d80c084b Author: Srinivas Kandagatla Date: Thu Jun 27 15:44:42 2024 +0100 arm64: dts: x1e80100-crd: fix wsa soundwire port mapping Existing way of allocating ports dynamically is linear starting from 1 to MAX_PORTS. This will not work for x1e80100 as the master ports are are not mapped in the same order. Without this fix only one speaker in a pair of speakers will function. After this fix along with WSA codec changes both the speakers starts working. Reviewed-by: Krzysztof Kozlowski Tested-by: Krzysztof Kozlowski Tested-by: Neil Armstrong # on SM8650-HDK Signed-off-by: Srinivas Kandagatla Link: https://lore.kernel.org/r/20240626-port-map-v2-5-6cc1c5608cdd@linaro.org Signed-off-by: Bjorn Andersson commit 8c7dbbed27723c4324c81e78fe239ce134aa8f58 Author: Srinivas Kandagatla Date: Mon Jun 24 14:32:38 2024 +0100 arm64: dts: qcom: x1e80100: add soundwire controller resets Soundwire controllers (WSA, WSA2, RX, TX) require reset lines to enable switching clock control from hardware to software. Add them along with the reset control providers. Without this reset we might hit fifo under/over run when we try to write to soundwire device registers. Signed-off-by: Srinivas Kandagatla Reviewed-by: Konrad Dybcio Reviewed-by: Krzysztof Kozlowski Acked-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240624-x1e-swr-reset-v2-3-8bc677fcfa64@linaro.org Signed-off-by: Bjorn Andersson commit c47dd4a87160fd604577aca41ca8b3391b5c5d3e Author: Luca Weiss Date: Wed Jun 19 23:02:51 2024 +0200 ARM: dts: qcom: msm8226: Convert APCS usages to mbox interface Since we now have the apcs set up as a mailbox provider, let's use the interface for all drivers where possible. Signed-off-by: Luca Weiss Reviewed-by: Dmitry Baryshkov Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240619-msm8226-cpufreq-v1-7-85143f5291d1@lucaweiss.eu Signed-off-by: Bjorn Andersson commit 807dfab845209062e4d268157cfbf0ba46652df7 Author: Luca Weiss Date: Wed Jun 19 23:02:50 2024 +0200 ARM: dts: qcom: msm8226: Hook up CPU cooling Add cooling-maps for the CPU thermal zones so the driver can actually do something when the CPU temperature rises too much. Signed-off-by: Luca Weiss Reviewed-by: Konrad Dybcio Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240619-msm8226-cpufreq-v1-6-85143f5291d1@lucaweiss.eu Signed-off-by: Bjorn Andersson commit 02f2ddaa1a78cbebd4255f78260781b404225170 Author: Luca Weiss Date: Wed Jun 19 23:02:49 2024 +0200 ARM: dts: qcom: msm8226: Add CPU frequency scaling support Add a node for the a7pll with its frequencies. With this we can use the apcs-kpss-global driver for the apcs node and use the apcs to scale the CPU frequency according to the opp-table. At the same time unfortunately we need to provide the gcc node xo_board instead of the XO via rpmcc since otherwise we'll have a circular dependency between apcs, gcc and the rpm. Signed-off-by: Luca Weiss Link: https://lore.kernel.org/r/20240619-msm8226-cpufreq-v1-5-85143f5291d1@lucaweiss.eu Signed-off-by: Bjorn Andersson commit 9e2ebc5817c94badf0ea716cad85f16ae05ff120 Author: Vladimir Zapolskiy Date: Thu Jun 13 00:58:35 2024 +0300 arm64: dts: qcom: sm8650: add description of CCI controllers Qualcomm SM8650 SoC has three CCI controllers with two I2C busses connected to each of them. The CCI controllers on SM8650 are compatible with the ones found on many other older generations of Qualcomm SoCs. Signed-off-by: Vladimir Zapolskiy Reviewed-by: Bryan O'Donoghue Link: https://lore.kernel.org/r/20240612215835.1149199-5-vladimir.zapolskiy@linaro.org Signed-off-by: Bjorn Andersson commit 4f33e6432f0859a19bb119248d0a8d20c29b9213 Author: Vladimir Zapolskiy Date: Thu Jun 13 00:58:34 2024 +0300 arm64: dts: qcom: sm8550: add description of CCI controllers Qualcomm SM8550 SoC contains 3 Camera Control Interface controllers very similar to the ones found on other Qualcomm SoCs. One noticeable difference is that cci@ac16000 controller provides only one I2C bus and has an additional control over AON CCI pins gpio208 and gpio209, but this feature is not yet supported in the CCI driver. Signed-off-by: Vladimir Zapolskiy Link: https://lore.kernel.org/r/20240612215835.1149199-4-vladimir.zapolskiy@linaro.org Signed-off-by: Bjorn Andersson commit fff617979f97c773aaa9432c31cf62444b3bdbd4 Author: Ajit Pandey Date: Tue Jun 11 19:07:45 2024 +0530 clk: qcom: clk-alpha-pll: Fix CAL_L_VAL override for LUCID EVO PLL In LUCID EVO PLL CAL_L_VAL and L_VAL bitfields are part of single PLL_L_VAL register. Update for L_VAL bitfield values in PLL_L_VAL register using regmap_write() API in __alpha_pll_trion_set_rate callback will override LUCID EVO PLL initial configuration related to PLL_CAL_L_VAL bit fields in PLL_L_VAL register. Observed random PLL lock failures during PLL enable due to such override in PLL calibration value. Use regmap_update_bits() with L_VAL bitfield mask instead of regmap_write() API to update only PLL_L_VAL bitfields in __alpha_pll_trion_set_rate callback. Fixes: 260e36606a03 ("clk: qcom: clk-alpha-pll: add Lucid EVO PLL configuration interfaces") Cc: stable@vger.kernel.org Signed-off-by: Ajit Pandey Reviewed-by: Dmitry Baryshkov Acked-by: Vladimir Zapolskiy Link: https://lore.kernel.org/r/20240611133752.2192401-2-quic_ajipan@quicinc.com Signed-off-by: Bjorn Andersson commit b87b8df9c0e4f56e480ef1519140419ea063c9ca Author: Ajit Pandey Date: Tue Jun 11 19:07:52 2024 +0530 arm64: dts: qcom: sm4450: add camera, display and gpu clock controller Add device node for camera, display and graphics clock controller on Qualcomm SM4450 platform. Signed-off-by: Ajit Pandey Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240611133752.2192401-9-quic_ajipan@quicinc.com Signed-off-by: Bjorn Andersson commit b40c6fe8215cdca16f9d103ec0c51196040444bf Merge: 3706bcfbdb8aec 47bad234eed970 Author: Bjorn Andersson Date: Wed Aug 14 21:06:25 2024 -0500 Merge branch '20240611133752.2192401-1-quic_ajipan@quicinc.com' into arm64-for-6.12 Merge the SM4450 display, camera and GPU bindings from a topic branch, to gain access to the clock defines. commit b4c71885e5c8d1c339590bfe15037cc21590c2a3 Merge: e997b400c84624 47bad234eed970 Author: Bjorn Andersson Date: Wed Aug 14 21:05:26 2024 -0500 Merge branch '20240611133752.2192401-1-quic_ajipan@quicinc.com' into clk-for-6.12 Merge the SM4450 display, camera and GPU bindings through a topic branch, to make it possible to merge them into the DeviceTree source branch as well. commit 47bad234eed970d0d1b03204aab1b3644709ee0b Author: Ajit Pandey Date: Tue Jun 11 19:07:50 2024 +0530 dt-bindings: clock: qcom: add GPUCC clocks on SM4450 Add device tree bindings for the graphics clock controller on Qualcomm SM4450 platform. Signed-off-by: Ajit Pandey Reviewed-by: Krzysztof Kozlowski Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240611133752.2192401-7-quic_ajipan@quicinc.com Signed-off-by: Bjorn Andersson commit 9bf45e4f317f75db234ef6af1f316cf4676e8863 Author: Ajit Pandey Date: Tue Jun 11 19:07:48 2024 +0530 dt-bindings: clock: qcom: add CAMCC clocks on SM4450 Add device tree bindings for the camera clock controller on Qualcomm SM4450 platform. Signed-off-by: Ajit Pandey Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240611133752.2192401-5-quic_ajipan@quicinc.com Signed-off-by: Bjorn Andersson commit 5115bcaf68d87e7a25fd238332b402a24bc534d0 Author: Ajit Pandey Date: Tue Jun 11 19:07:46 2024 +0530 dt-bindings: clock: qcom: add DISPCC clocks on SM4450 Add device tree bindings for the display clock controller on Qualcomm SM4450 platform. Signed-off-by: Ajit Pandey Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240611133752.2192401-3-quic_ajipan@quicinc.com Signed-off-by: Bjorn Andersson commit b97ce54743e598f4883697534496b27288b6e752 Merge: 4a4c013d3385b0 f957c230e173cf Author: Martin KaFai Lau Date: Wed Aug 14 18:10:47 2024 -0700 Merge branch 'selftests/bpf: convert three other cgroup tests to test_progs' Alexis Lothoré (eBPF Foundation) says: ==================== Hello, this series brings a new set of test converted to the test_progs framework. Since the tests are quite small, I chose to group three tests conversion in the same series, but feel free to let me know if I should keep one series per test. The series focuses on cgroup testing and converts the following tests: - get_cgroup_id_user - cgroup_storage - test_skb_cgroup_id_user Changes in v4: - Fix test after netns addition by making sure loopack interface is up - Link to v3: https://lore.kernel.org/r/20240812-convert_cgroup_tests-v3-0-47ac6ce4e88b@bootlin.com Changes in v3: - Fixed multiple leaks on cgroup file descriptors and sockets - Used dedicated network namespaces for tests involving network - Link to v2: https://lore.kernel.org/r/20240806-convert_cgroup_tests-v2-0-180c57e5b710@bootlin.com Changes in v2: - Use global variables instead of maps when possible - Collect review tags from Alan - Link to v1: https://lore.kernel.org/r/20240731-convert_cgroup_tests-v1-0-14cbc51b6947@bootlin.com ==================== Signed-off-by: Martin KaFai Lau commit f957c230e173cf227566686015016d05f7102d27 Author: Alexis Lothoré (eBPF Foundation) Date: Tue Aug 13 14:45:08 2024 +0200 selftests/bpf: convert test_skb_cgroup_id_user to test_progs test_skb_cgroup_id_user allows testing skb cgroup id retrieval at different levels, but is not integrated in test_progs, so it is not run automatically in CI. The test overlaps a bit with cgroup_skb_sk_lookup_kern, which is integrated in test_progs and test extensively skb cgroup helpers, but there is still one major difference between the two tests which justifies the conversion: cgroup_skb_sk_lookup_kern deals with a BPF_PROG_TYPE_CGROUP_SKB (attached on a cgroup), while test_skb_cgroup_id_user deals with a BPF_PROG_TYPE_SCHED_CLS (attached on a qdisc) Convert test_skb_cgroup_id_user into test_progs framework in order to run it automatically in CI. The main differences with the original test are the following: - rename the test to make it shorter and more straightforward regarding tested feature - the wrapping shell script has been dropped since every setup step is now handled in the main C test file - the test has been renamed for a shorter name and reflecting the tested API - add dedicated assert log per level to ease test failure debugging - use global variables instead of maps to access bpf prog data Signed-off-by: Alexis Lothoré (eBPF Foundation) Link: https://lore.kernel.org/r/20240813-convert_cgroup_tests-v4-4-a33c03458cf6@bootlin.com Signed-off-by: Martin KaFai Lau commit 7b4400a0a69b8255a2afed0bead0ce2c2c457545 Author: Alexis Lothoré (eBPF Foundation) Date: Tue Aug 13 14:45:07 2024 +0200 selftests/bpf: add proper section name to bpf prog and rename it test_skb_cgroup_id_kern.c is currently involved in a manual test. In its current form, it can not be used with the auto-generated skeleton APIs, because the section name is not valid to allow libbpf to deduce the program type. Update section name to allow skeleton APIs usage. Also rename the program name to make it shorter and more straighforward regarding the API it is testing. While doing so, make sure that test_skb_cgroup_id.sh passes to get a working reference before converting it to test_progs - update the obj name - fix loading issue (verifier rejecting the program when loaded through tc, because of map not found), by preloading the whole obj with bpftool Reviewed-by: Alan Maguire Signed-off-by: Alexis Lothoré (eBPF Foundation) Link: https://lore.kernel.org/r/20240813-convert_cgroup_tests-v4-3-a33c03458cf6@bootlin.com Signed-off-by: Martin KaFai Lau commit 37a14cfd667a22662867b986925f1ad4205c17df Author: Alexis Lothoré (eBPF Foundation) Date: Tue Aug 13 14:45:06 2024 +0200 selftests/bpf: convert test_cgroup_storage to test_progs test_cgroup_storage is currently a standalone program which is not run when executing test_progs. Convert it to the test_progs framework so it can be automatically executed in CI. The conversion led to the following changes: - converted the raw bpf program in the userspace test file into a dedicated test program in progs/ dir - reduced the scope of cgroup_storage test: the content from this test overlaps with some other tests already present in test_progs, most notably netcnt and cgroup_storage_multi*. Those tests already check extensively local storage, per-cpu local storage, cgroups interaction, etc. So the new test only keep the part testing that the program return code (based on map content) properly leads to packet being passed or dropped. Reviewed-by: Alan Maguire Signed-off-by: Alexis Lothoré (eBPF Foundation) Link: https://lore.kernel.org/r/20240813-convert_cgroup_tests-v4-2-a33c03458cf6@bootlin.com Signed-off-by: Martin KaFai Lau commit a4ae5c31e0f28d2c737583a06d4b29ffd6bbd622 Author: Alexis Lothoré (eBPF Foundation) Date: Tue Aug 13 14:45:05 2024 +0200 selftests/bpf: convert get_current_cgroup_id_user to test_progs get_current_cgroup_id_user allows testing for bpf_get_current_cgroup_id() bpf API but is not integrated into test_progs, and so is not tested automatically in CI. Convert it to the test_progs framework to allow running it automatically. The most notable differences with the old test are the following: - the new test relies on autoattach instead of manually hooking/enabling the targeted tracepoint through perf_event, which reduces quite a lot the test code size - it also accesses bpf prog data through global variables instead of maps - sleep duration passed to nanosleep syscall has been reduced to its minimum to not impact overall CI duration (we only care about the syscall being properly triggered, not about the passed duration) Signed-off-by: Alexis Lothoré (eBPF Foundation) Link: https://lore.kernel.org/r/20240813-convert_cgroup_tests-v4-1-a33c03458cf6@bootlin.com Signed-off-by: Martin KaFai Lau commit 0e3f3649d44bf1b388a7613ade14c29cbdedf075 Author: Jinjie Ruan Date: Wed Jul 3 10:27:32 2024 +0800 riscv: Enable generic CPU vulnerabilites support Currently x86, ARM and ARM64 support generic CPU vulnerabilites, but RISC-V not, such as: # cd /sys/devices/system/cpu/vulnerabilities/ x86: # cat spec_store_bypass Mitigation: Speculative Store Bypass disabled via prctl and seccomp # cat meltdown Not affected ARM64: # cat spec_store_bypass Mitigation: Speculative Store Bypass disabled via prctl and seccomp # cat meltdown Mitigation: PTI RISC-V: # cat /sys/devices/system/cpu/vulnerabilities # ... No such file or directory As SiFive RISC-V Core IP offerings are not affected by Meltdown and Spectre, it can use the default weak function as below: # cat spec_store_bypass Not affected # cat meltdown Not affected Link: https://www.sifive.cn/blog/sifive-statement-on-meltdown-and-spectre Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/r/20240703022732.2068316-1-ruanjinjie@huawei.com Signed-off-by: Palmer Dabbelt commit c6ebf2c528470a09be77d0d9df2c6617ea037ac5 Author: Ying Sun Date: Thu Jul 11 08:32:36 2024 +0000 riscv/kexec_file: Fix relocation type R_RISCV_ADD16 and R_RISCV_SUB16 unknown Runs on the kernel with CONFIG_RISCV_ALTERNATIVE enabled: kexec -sl vmlinux Error: kexec_image: Unknown rela relocation: 34 kexec_image: Error loading purgatory ret=-8 and kexec_image: Unknown rela relocation: 38 kexec_image: Error loading purgatory ret=-8 The purgatory code uses the 16-bit addition and subtraction relocation type, but not handled, resulting in kexec_file_load failure. So add handle to arch_kexec_apply_relocations_add(). Tested on RISC-V64 Qemu-virt, issue fixed. Co-developed-by: Petr Tesarik Signed-off-by: Petr Tesarik Signed-off-by: Ying Sun Reviewed-by: Andrew Jones Link: https://lore.kernel.org/r/20240711083236.2859632-1-sunying@isrc.iscas.ac.cn Signed-off-by: Palmer Dabbelt commit 1b2ed9df08007bfa44d818f6511af43bf089e63b Author: Andy Shevchenko Date: Wed Aug 14 15:54:08 2024 +0300 clk: visconti: Switch to use kmemdup_array() Let the kmemdup_array() take care about multiplication and possible overflows. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240814125513.2637955-3-andriy.shevchenko@linux.intel.com Signed-off-by: Stephen Boyd commit 0da7faca5319a07a2f02df3e17e665fd7718c9b9 Author: Andy Shevchenko Date: Wed Aug 14 15:54:07 2024 +0300 clk: mmp: Switch to use kmemdup_array() Let the kmemdup_array() take care about multiplication and possible overflows. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240814125513.2637955-2-andriy.shevchenko@linux.intel.com Signed-off-by: Stephen Boyd commit 60b5c173f5542adf020f5235db7fe5e5fa4ae0d8 Author: tangbin Date: Sat Jul 13 11:34:28 2024 -0400 ASoC: loongson: Remove useless variable definitions In the function loongson_pcm_trigger and loongson_pcm_open, the 'ret' is useless, so remove it to simplify code. Signed-off-by: tangbin Link: https://patch.msgid.link/20240713153428.44858-1-tangbin@cmss.chinamobile.com Signed-off-by: Mark Brown commit 6d02eefecc5e3887eea08f3df5e0f2af6eb35447 Author: Steven Rostedt Date: Fri Jul 19 10:13:12 2024 -0400 tracing: Fix ifdef of snapshots to not prevent last_boot_info file The mapping of the ring buffer to memory allocated at boot up will also expose a "last_boot_info" to help tooling to read the raw data from the last boot. As instances that have their ring buffer mapped to fixed memory cannot perform snapshots, they can either have the "snapshot" file or the "last_boot_info" file, but not both. The code that added the "last_boot_info" file failed to notice that the "snapshot" creation was inside a "#ifdef CONFIG_TRACER_SNAPSHOT" and incorrectly placed the creation of the "last_boot_info" file within the ifdef block. Not only does it cause a warning when CONFIG_TRACER_SNAPSHOT is not enabled, it also incorrectly prevents the file from appearing. Link: https://lore.kernel.org/all/20240719102640.718554-1-arnd@kernel.org/ Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Reported-by: Arnd Bergmann Link: https://lore.kernel.org/20240719101312.3d4ac707@rorschach.local.home Fixes: 7a1d1e4b9639 ("tracing/ring-buffer: Add last_boot_info file to boot instance") Signed-off-by: Steven Rostedt (Google) commit ee057c8c194b9283f4137b253b70e292693a39f0 Merge: b96c312551b241 7c626ce4bae1ac Author: Steven Rostedt Date: Wed Aug 14 16:56:42 2024 -0400 Merge tag 'v6.11-rc3' into trace/ring-buffer/core The "reserve_mem" kernel command line parameter has been pulled into v6.11. Merge the latest -rc3 to allow the persistent ring buffer memory to be able to be mapped at the address specified by the "reserve_mem" command line parameter. Signed-off-by: Steven Rostedt (Google) commit 4551d60299b5ddc2655b6b365a4b92634e14e04f Author: Tejas Upadhyay Date: Wed Aug 14 15:26:14 2024 +0530 drm/xe: Define STATELESS_COMPRESSION_CTRL as mcr register Register STATELESS_COMPRESSION_CTRL should be considered mcr register which should write to all slices as per documentation. Bspec: 71185 Fixes: ecabb5e6ce54 ("drm/xe/xe2: Add performance turning changes") Signed-off-by: Tejas Upadhyay Reviewed-by: Shekhar Chauhan Link: https://patchwork.freedesktop.org/patch/msgid/20240814095614.909774-4-tejas.upadhyay@intel.com Signed-off-by: Lucas De Marchi commit f0ffa657e9f3913c7921cbd4d876343401f15f52 Author: Tejas Upadhyay Date: Wed Aug 14 15:26:13 2024 +0530 drm/xe: Write all slices if its mcr register Register GAMREQSTRM_CTRL should be considered mcr register which should write to all slices as per documentation. Bspec: 71185 Fixes: 01570b446939 ("drm/xe/bmg: implement Wa_16023588340") Reviewed-by: Matt Roper Signed-off-by: Tejas Upadhyay Link: https://patchwork.freedesktop.org/patch/msgid/20240814095614.909774-3-tejas.upadhyay@intel.com Signed-off-by: Lucas De Marchi commit ab0d6ef864c5fa820e894ee1a07f861e63851664 Author: Tejas Upadhyay Date: Wed Aug 14 15:26:12 2024 +0530 drm/xe: Move enable host l2 VRAM post MCR init xe_gt_enable_host_l2_vram() is reading the XE2_GAMREQSTRM_CTRL register that is currently missing the MCR annotation. However, just adding the annotation doesn't work as this function is called before MCR handling is initialized in xe_gt_mcr_init(). xe_gt_enable_host_l2_vram() is used to implement WA 16023588340 that needs to be done as early as possible during initialization in order to be effective since the MMIO writes impact it. In the failure scenario, driver would simply not be able to bind successfully. Moving xe_gt_enable_host_l2_vram() later, after MCR initialization is done, only incurs a few additional HW accesses, particularly when loading GuC for hwconfig. Binding/unbinding the driver 100 times in BMG still works so it should be ok to start handling the WA a little bit later. This is sufficient to allow adding the MCR annotation to XE2_GAMREQSTRM_CTRL. Cc: Lucas De Marchi Signed-off-by: Tejas Upadhyay Reviewed-by: Matt Roper Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240814095614.909774-2-tejas.upadhyay@intel.com Signed-off-by: Lucas De Marchi commit 8f35fefad06323ab8ad5915bb7c6bc1a684cb8b5 Author: Christophe JAILLET Date: Tue Aug 6 15:30:16 2024 +0200 refscale: Constify struct ref_scale_ops 'struct ref_scale_ops' are not modified in these drivers. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 34231 4167 736 39134 98de kernel/rcu/refscale.o After: ===== text data bss dec hex filename 35175 3239 736 39150 98ee kernel/rcu/refscale.o Signed-off-by: Christophe JAILLET Tested-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit f1fd0e0bb12d09ca0564425b8af76fddf2e380fb Author: Paul E. McKenney Date: Thu Aug 1 17:43:08 2024 -0700 rcuscale: Count outstanding callbacks per-task rather than per-CPU The current rcu_scale_writer() asynchronous grace-period testing uses a per-CPU counter to track the number of outstanding callbacks. This is subject to CPU-imbalance errors when tasks migrate from one CPU to another between the time that the counter is incremented and the callback is queued, and additionally in kernels configured such that callbacks can be invoked on some CPU other than the one that queued it. This commit therefore arranges for per-task callback counts, thus avoiding any issues with migration of either tasks or callbacks. Reported-by: Vlastimil Babka Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 554f07a119866a78606b36123fb28e9451b1f994 Author: Paul E. McKenney Date: Thu Aug 1 17:43:07 2024 -0700 rcuscale: NULL out top-level pointers to heap memory Currently, if someone modprobes and rmmods rcuscale successfully, but the next run errors out during the modprobe, non-NULL pointers to freed memory will remain. If the run after that also errors out during the modprobe, there will be double-free bugs. This commit therefore NULLs out top-level pointers to memory that has just been freed. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 1c3e6e7903fa939601fdd326b04507304ba22337 Author: Paul E. McKenney Date: Thu Aug 1 17:43:06 2024 -0700 rcuscale: Use special allocator for rcu_scale_writer() The rcu_scale_writer() function needs only a fixed number of rcu_head structures per kthread, which means that a trivial allocator suffices. This commit therefore uses an llist-based allocator using a fixed array of structures per kthread. This allows aggressive testing of RCU performance without stressing the slab allocators. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 3e3c4f0e2753e92aa2a248d34c6866c0a264ac96 Author: Paul E. McKenney Date: Thu Aug 1 17:43:05 2024 -0700 rcuscale: Make rcu_scale_writer() tolerate repeated GFP_KERNEL failure Under some conditions, kmalloc(GFP_KERNEL) allocations have been observed to repeatedly fail. This situation has been observed to cause one of the rcu_scale_writer() instances to loop indefinitely retrying memory allocation for an asynchronous grace-period primitive. The problem is that if memory is short, all the other instances will allocate all available memory before the looping task is awakened from its rcu_barrier*() call. This in turn results in hangs, so that rcuscale fails to complete. This commit therefore removes the tight retry loop, so that when this condition occurs, the affected task is still passing through the full loop with its full set of termination checks. This spreads the risk of indefinite memory-allocation retry failures across all instances of rcu_scale_writer() tasks, which in turn prevents the hangs. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit abaf1322adbfd4faa28072fd5412e54b9722e477 Author: Paul E. McKenney Date: Thu Aug 1 17:43:04 2024 -0700 rcuscale: Make all writer tasks report upon hang This commit causes all writer tasks to provide a brief report after a hang has been reported, spaced at one-second intervals. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 11377947b5861fa59bf77c827e1dd7c081842cc9 Author: Paul E. McKenney Date: Thu Aug 1 17:43:03 2024 -0700 rcuscale: Provide clear error when async specified without primitives Currently, if the rcuscale module's async module parameter is specified for RCU implementations that do not have async primitives such as RCU Tasks Rude (which now lacks a call_rcu_tasks_rude() function), there will be a series of splats due to calls to a NULL pointer. This commit therefore warns of this situation, but switches to non-async testing. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 51b739990cc81316768b85db519eac3999ba92a9 Author: Ryo Takakura Date: Fri Jun 28 13:18:26 2024 +0900 rcu: Let dump_cpu_task() be used without preemption disabled The commit 2d7f00b2f0130 ("rcu: Suppress smp_processor_id() complaint in synchronize_rcu_expedited_wait()") disabled preemption around dump_cpu_task() to suppress warning on its usage within preemtible context. Calling dump_cpu_task() doesn't required to be in non-preemptible context except for suppressing the smp_processor_id() warning. As the smp_processor_id() is evaluated along with in_hardirq() to check if it's in interrupt context, this patch removes the need for its preemtion disablement by reordering the condition so that smp_processor_id() only gets evaluated when it's in interrupt context. Signed-off-by: Ryo Takakura Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 7c72dedb0079e62c1c75dbab038332017f34a6b8 Author: Paul E. McKenney Date: Mon Jul 1 21:24:29 2024 -0700 rcu: Summarize expedited RCU CPU stall warnings during CSD-lock stalls During CSD-lock stalls, the additional information output by expedited RCU CPU stall warnings is usually redundant, flooding the console for not good reason. However, this has been the way things work for a few years. This commit therefore uses rcutree.csd_lock_suppress_rcu_stall kernel boot parameter that causes expedited RCU CPU stall warnings to be abbreviated to a single line when there is at least one CPU that has been stuck waiting for CSD lock for more than five seconds. Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 27d5749d075578b105e958369a0263a0e15a8d3f Author: Paul E. McKenney Date: Mon Jul 1 21:19:06 2024 -0700 rcu: Extract synchronize_rcu_expedited_stall() from synchronize_rcu_expedited_wait() This commit extracts the RCU CPU stall-warning report code from synchronize_rcu_expedited_wait() and places it in a new function named synchronize_rcu_expedited_stall(). This is strictly a code-movement commit. A later commit will use this reorganization to avoid printing expedited RCU CPU stall warnings while there are ongoing CSD-lock stall reports. Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 1dd01c06506c42ab3a8026272ee93c466ae0cb4b Author: Paul E. McKenney Date: Mon Jul 1 19:30:56 2024 -0700 rcu: Summarize RCU CPU stall warnings during CSD-lock stalls During CSD-lock stalls, the additional information output by RCU CPU stall warnings is usually redundant, flooding the console for not good reason. However, this has been the way things work for a few years. This commit therefore adds an rcutree.csd_lock_suppress_rcu_stall kernel boot parameter that causes RCU CPU stall warnings to be abbreviated to a single line when there is at least one CPU that has been stuck waiting for CSD lock for more than five seconds. To make this abbreviated message happen with decent probability: tools/testing/selftests/rcutorture/bin/kvm.sh --allcpus --duration 8 \ --configs "2*TREE01" --kconfig "CONFIG_CSD_LOCK_WAIT_DEBUG=y" \ --bootargs "csdlock_debug=1 rcutorture.stall_cpu=200 \ rcutorture.stall_cpu_holdoff=120 rcutorture.stall_cpu_irqsoff=1 \ rcutree.csd_lock_suppress_rcu_stall=1 \ rcupdate.rcu_exp_cpu_stall_timeout=5000" --trust-make [ paulmck: Apply kernel test robot feedback. ] Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 9fbaa44114ca6b69074a488295e86a9fa7e685f9 Author: Rik van Riel Date: Mon Jul 15 13:49:41 2024 -0400 smp: print only local CPU info when sched_clock goes backward About 40% of all csd_lock warnings observed in our fleet appear to be due to sched_clock() going backward in time (usually only a little bit), resulting in ts0 being larger than ts2. When the local CPU is at fault, we should print out a message reflecting that, rather than trying to get the remote CPU's stack trace. Signed-off-by: Rik van Riel Tested-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit d40760d6811d55172ba6b90ebd2a60a75f88bffe Author: Paul E. McKenney Date: Tue Jul 2 14:32:20 2024 -0700 locking/csd-lock: Use backoff for repeated reports of same incident Currently, the CSD-lock diagnostics in CONFIG_CSD_LOCK_WAIT_DEBUG=y kernels are emitted at five-second intervals. Although this has proven to be a good time interval for the first diagnostic, if the target CPU keeps interrupts disabled for way longer than five seconds, the ratio of useful new information to pointless repetition increases considerably. Therefore, back off the time period for repeated reports of the same incident, increasing linearly with the number of reports and logarithmicly with the number of online CPUs. [ paulmck: Apply Dan Carpenter feedback. ] Signed-off-by: Paul E. McKenney Cc: Imran Khan Cc: Ingo Molnar Cc: Leonardo Bras Cc: "Peter Zijlstra (Intel)" Cc: Rik van Riel Reviewed-by: Rik van Riel Signed-off-by: Neeraj Upadhyay commit ac9d45544cd571decca395715d0b0a3b617d02f4 Author: Paul E. McKenney Date: Mon Jul 1 13:33:58 2024 -0700 locking/csd_lock: Provide an indication of ongoing CSD-lock stall If a CSD-lock stall goes on long enough, it will cause an RCU CPU stall warning. This additional warning provides much additional console-log traffic and little additional information. Therefore, provide a new csd_lock_is_stuck() function that returns true if there is an ongoing CSD-lock stall. This function will be used by the RCU CPU stall warnings to provide a one-line indication of the stall when this function returns true. [ neeraj.upadhyay: Apply Rik van Riel feedback. ] [ neeraj.upadhyay: Apply kernel test robot feedback. ] Signed-off-by: Paul E. McKenney Cc: Imran Khan Cc: Ingo Molnar Cc: Leonardo Bras Cc: "Peter Zijlstra (Intel)" Cc: Rik van Riel Signed-off-by: Neeraj Upadhyay commit 45c03c65ea77bd1a28ed1791b61594f579ee01ab Author: Wolfram Sang Date: Sun Aug 11 23:23:16 2024 +0200 i2c: testunit: return current command on read messages Because the testunit can start tests in the future via the DELAY register, it may happen that a command is still pending. Support detecting that by returning the number of a command in progress (if there is one). Signed-off-by: Wolfram Sang commit 6b21470af096e7f3acc4f0521354c5b044e2372c Author: Wolfram Sang Date: Sun Aug 11 23:23:15 2024 +0200 i2c: testunit: add command to support versioning and test rep_start For some devices, it is essential that controllers handle repeated start correctly and do not replace it with a stop/start combination. This addition helps to test that because it will only return a version string if repeated start is done properly. Signed-off-by: Wolfram Sang commit faf3c102c67a9d6b205e924d756769972ecce03f Author: Wolfram Sang Date: Sun Aug 11 23:23:14 2024 +0200 i2c: testunit: use decimal values in docs when appropriate Sometimes decimal values are just shorter (like for cmds), sometimes they are even easier to understand (like for the delay value). Make use of them. Signed-off-by: Wolfram Sang commit add03629dbae457692d7ce4dcdb6fe3a40356538 Author: Wolfram Sang Date: Sun Aug 11 23:23:13 2024 +0200 i2c: testunit: sort case blocks Because a 'fallthrough' was refactored away, the order of 'case' statements can be sorted better now to ease understanding the flow of events. Signed-off-by: Wolfram Sang commit d4245fd4a62931aebd1c5e6b7b6f51b6ef7ad087 Author: Yuntao Wang Date: Wed Aug 14 20:46:45 2024 +0800 x86/mm: Remove duplicate check from build_cr3() There is already a check for 'asid > MAX_ASID_AVAILABLE' in kern_pcid(), so it is unnecessary to perform this check in build_cr3() right before calling kern_pcid(). Remove it. Signed-off-by: Yuntao Wang Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240814124645.51019-1-yuntao.wang@linux.dev commit d6d0af1b9efff4e83ecd5eb2585b6e5f75df7495 Author: Pierre-Henry Moussay Date: Thu Jul 25 13:15:56 2024 +0100 dt-bindings: spi: add PIC64GX SPI/QSPI compatibility to MPFS SPI/QSPI bindings PIC64GX SPI/QSPI are compatible with MPFS SPI/QSPI driver, we just use fallback mechanism Signed-off-by: Pierre-Henry Moussay Link: https://patch.msgid.link/20240725121609.13101-5-pierre-henry.moussay@microchip.com Signed-off-by: Mark Brown commit 6a2ab229abdd9fb2177d0af72289eabcc971d985 Author: Krzysztof Kozlowski Date: Wed Aug 14 16:38:05 2024 +0200 spi: cadence-quadspi: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240814143805.98874-1-krzysztof.kozlowski@linaro.org Signed-off-by: Mark Brown commit 7781f1d120fec8624fc654eda900fc8748262082 Author: Andy Shevchenko Date: Wed Aug 14 17:45:12 2024 +0300 spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ 0 is incorrect error code when failed to parse and map IRQ. Replace OF specific old API for IRQ retrieval with a generic one to fix this issue. Fixes: 0f245463b01e ("spi: ppc4xx: handle irq_of_parse_and_map() errors") Signed-off-by: Andy Shevchenko Link: https://patch.msgid.link/20240814144525.2648450-1-andriy.shevchenko@linux.intel.com Signed-off-by: Mark Brown commit f1011ba20b83da3ee70dcb4a6d9d282a718916fa Author: Ma Ke Date: Mon Jul 22 22:18:22 2024 +0800 spi: ppc4xx: handle irq_of_parse_and_map() errors Zero and negative number is not a valid IRQ for in-kernel code and the irq_of_parse_and_map() function returns zero on error. So this check for valid IRQs should only accept values > 0. Fixes: 44dab88e7cc9 ("spi: add spi_ppc4xx driver") Signed-off-by: Ma Ke Link: https://patch.msgid.link/20240722141822.1052370-1-make24@iscas.ac.cn Signed-off-by: Mark Brown commit 39b8cb4e1b51191dd0da03b77fbd8b2a2e3e7645 Author: Bartosz Golaszewski Date: Tue Aug 13 20:58:27 2024 +0200 regulator: dt-bindings: qcom,qca6390-pmu: document the swctrl-gpios property Add support for the swctrl-gpios property which contains the phandle to the GPIO indicating the clock supply to the BT module. Signed-off-by: Bartosz Golaszewski Link: https://patch.msgid.link/20240813185827.154779-3-brgl@bgdev.pl Signed-off-by: Mark Brown commit 2416d2f87be431d98b2b05137fcd1f4da9a83894 Author: Bartosz Golaszewski Date: Tue Aug 13 20:58:26 2024 +0200 regulator: dt-bindings: qcom,qca6390-pmu: document WCN6855 Add description of the PMU of the WCN6855 model. Signed-off-by: Bartosz Golaszewski Link: https://patch.msgid.link/20240813185827.154779-2-brgl@bgdev.pl Signed-off-by: Mark Brown commit d275e9918cc01d27ab511e5dbf2aafc1e782628e Author: Bartosz Golaszewski Date: Tue Aug 13 20:58:25 2024 +0200 regulator: dt-bindings: qcom,qca6390-pmu: fix the description for bt-enable-gpios The Bluetooth module is obviously not an ath11k so drop the word. Fixes: b5cb34c93bd4 ("regulator: dt-bindings: describe the PMU module of the QCA6390 package") Signed-off-by: Bartosz Golaszewski Link: https://patch.msgid.link/20240813185827.154779-1-brgl@bgdev.pl Signed-off-by: Mark Brown commit 99cf5db9cdd39136fd5dbd10bda833aa0f870452 Author: Krzysztof Kozlowski Date: Wed Aug 14 17:04:11 2024 +0200 regulator: scmi: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240814-cleanup-h-of-node-put-regulator-v1-7-87151088b883@linaro.org Signed-off-by: Mark Brown commit d4cd75b8eff72d65dab63668d5d883d72dda0426 Author: Krzysztof Kozlowski Date: Wed Aug 14 17:04:10 2024 +0200 regulator: qcom-smd: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240814-cleanup-h-of-node-put-regulator-v1-6-87151088b883@linaro.org Signed-off-by: Mark Brown commit 17636d443fbe376d5192a7ce6a444aa45ce45541 Author: Krzysztof Kozlowski Date: Wed Aug 14 17:04:09 2024 +0200 regulator: qcom-rpmh: Simplify with scoped for each OF child loop Use scoped for_each_available_child_of_node_scoped() when iterating over device nodes to make code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240814-cleanup-h-of-node-put-regulator-v1-5-87151088b883@linaro.org Signed-off-by: Mark Brown commit 34a3f95941e0dfee750f2fd28faed4c8cd7ee42c Author: Krzysztof Kozlowski Date: Wed Aug 14 17:04:08 2024 +0200 regulator: s5m8767: Use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240814-cleanup-h-of-node-put-regulator-v1-4-87151088b883@linaro.org Signed-off-by: Mark Brown commit ea13bd391d1b8f62ae2347bde7a174059d7f3f0d Author: Krzysztof Kozlowski Date: Wed Aug 14 17:04:07 2024 +0200 regulator: max8997: Use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240814-cleanup-h-of-node-put-regulator-v1-3-87151088b883@linaro.org Signed-off-by: Mark Brown commit f372c262d4cfe31f0b67e8ae1a8ec9bf7c52d57b Author: Krzysztof Kozlowski Date: Wed Aug 14 17:04:06 2024 +0200 regulator: bd96801: Use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h and use scoped for_each_child_of_node_scoped() to reduce error handling and make the code a bit simpler. Add also brackets {} over outer for loop for code readability. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240814-cleanup-h-of-node-put-regulator-v1-2-87151088b883@linaro.org Signed-off-by: Mark Brown commit 83c7cdeef5b22a73336eb18a59c7b4d63ec26659 Author: Krzysztof Kozlowski Date: Wed Aug 14 17:04:05 2024 +0200 regulator: bd718x7: Use scoped device node handling to simplify error paths Obtain the device node reference with scoped/cleanup.h and use scoped for_each_child_of_node_scoped() to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240814-cleanup-h-of-node-put-regulator-v1-1-87151088b883@linaro.org Signed-off-by: Mark Brown commit c8c3d9f8e3ffc3e095159fdfda37038df74efdc5 Author: Kuninori Morimoto Date: Tue Jul 30 01:30:51 2024 +0000 ASoC: soc-pcm: remove snd_soc_dpcm_stream_{lock/unlock}_irq() soc-pcm.c has snd_soc_dpcm_stream_{lock/unlock}_irq() helper function, but it is almost nothing help. It just makes a code complex. Let's remove it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/875xsnll85.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit bcbbf713061c41f696f47baa4bdcb789a59d4f21 Author: Fabio Estevam Date: Thu Aug 8 15:49:44 2024 -0300 ASoC: imx-pcm-rpmsg: Switch to RUNTIME/SYSTEM_SLEEP_PM_OPS() Replace SET_RUNTIME_PM_OPS()/SET SYSTEM_SLEEP_PM_OPS() with their modern RUNTIME_PM_OPS() and SYSTEM_SLEEP_PM_OPS() alternatives. The combined usage of pm_ptr() and RUNTIME_PM_OPS/SYSTEM_SLEEP_PM_OPS() allows the compiler to evaluate if the runtime suspend/resume() functions are used at build time or are simply dead code. This allows removing the CONFIG_PM ifdefery from the runtime suspend/resume() functions. Signed-off-by: Fabio Estevam Link: https://patch.msgid.link/20240808184944.267686-7-festevam@gmail.com Signed-off-by: Mark Brown commit c504885a351b57c26c077992dde6904b8bbbdcd4 Author: Fabio Estevam Date: Thu Aug 8 15:49:43 2024 -0300 ASoC: imx-audmux: Switch to SYSTEM_SLEEP_PM_OPS Replace SET_SYSTEM_SLEEP_PM_OPS() with its modern SYSTEM_SLEEP_PM_OPS() alternative. The combined usage of pm_sleep_ptr() and SYSTEM_SLEEP_PM_OPS() allows the compiler to evaluate if the suspend/resume() functions are used at build time or are simply dead code. This allows removing the CONFIG_PM_SLEEP ifdefery from the suspend/resume() functions. Signed-off-by: Fabio Estevam Link: https://patch.msgid.link/20240808184944.267686-6-festevam@gmail.com Signed-off-by: Mark Brown commit 8ffb2fe2e92c98e5c69e9af9656baed7d298059a Author: Fabio Estevam Date: Thu Aug 8 15:49:42 2024 -0300 ASoC: fsl_ssi: Switch to SYSTEM_SLEEP_PM_OPS Replace SET_SYSTEM_SLEEP_PM_OPS() with its modern SYSTEM_SLEEP_PM_OPS() alternative. The combined usage of pm_sleep_ptr() and SYSTEM_SLEEP_PM_OPS() allows the compiler to evaluate if the suspend/resume() functions are used at build time or are simply dead code. This allows removing the CONFIG_PM_SLEEP ifdefery from the suspend/resume() functions. Signed-off-by: Fabio Estevam Link: https://patch.msgid.link/20240808184944.267686-5-festevam@gmail.com Signed-off-by: Mark Brown commit 01661bb9560def44eff0c79ebf14ec7ce0fdffab Author: Fabio Estevam Date: Thu Aug 8 15:49:41 2024 -0300 ASoC: fsl_spdif: Switch to RUNTIME/SYSTEM_SLEEP_PM_OPS() Replace SET_RUNTIME_PM_OPS()/SET SYSTEM_SLEEP_PM_OPS() with their modern RUNTIME_PM_OPS() and SYSTEM_SLEEP_PM_OPS() alternatives. The combined usage of pm_ptr() and RUNTIME_PM_OPS/SYSTEM_SLEEP_PM_OPS() allows the compiler to evaluate if the runtime suspend/resume() functions are used at build time or are simply dead code. This allows removing the CONFIG_PM ifdefery from the runtime suspend/resume() functions. Signed-off-by: Fabio Estevam Link: https://patch.msgid.link/20240808184944.267686-4-festevam@gmail.com Signed-off-by: Mark Brown commit bbc0798c402acb6799a8332fb0a49c05f4a5a414 Author: Fabio Estevam Date: Thu Aug 8 15:49:40 2024 -0300 ASoC: fsl_rpmsg: Switch to RUNTIME_PM_OPS() Replace SET_RUNTIME_PM_OPS() with its modern RUNTIME_PM_OPS() alternative. The combined usage of pm_ptr() and RUNTIME_PM_OPS() allows the compiler to evaluate if the runtime suspend/resume() functions are used at build time or are simply dead code. This allows removing the CONFIG_PM ifdefery from the runtime suspend/resume() functions. Signed-off-by: Fabio Estevam Link: https://patch.msgid.link/20240808184944.267686-3-festevam@gmail.com Signed-off-by: Mark Brown commit b7e4dd8da05a9de18471868a914d609522d04fdd Author: Fabio Estevam Date: Thu Aug 8 15:49:39 2024 -0300 ASoC: fsl_mqs: Switch to RUNTIME/SYSTEM_SLEEP_PM_OPS() Replace SET_RUNTIME_PM_OPS()/SET SYSTEM_SLEEP_PM_OPS() with their modern RUNTIME_PM_OPS() and SYSTEM_SLEEP_PM_OPS() alternatives. The combined usage of pm_ptr() and RUNTIME_PM_OPS/SYSTEM_SLEEP_PM_OPS() allows the compiler to evaluate if the runtime suspend/resume() functions are used at build time or are simply dead code. This allows removing the CONFIG_PM ifdefery from the runtime suspend/resume() functions. Signed-off-by: Fabio Estevam Link: https://patch.msgid.link/20240808184944.267686-2-festevam@gmail.com Signed-off-by: Mark Brown commit 73abd9698960c5d097559432cac13bb1f0aaf3df Author: Fabio Estevam Date: Thu Aug 8 15:49:38 2024 -0300 ASoC: fsl_audmix: Switch to RUNTIME/SYSTEM_SLEEP_PM_OPS() Replace SET_RUNTIME_PM_OPS()/SET SYSTEM_SLEEP_PM_OPS() with their modern RUNTIME_PM_OPS() and SYSTEM_SLEEP_PM_OPS() alternatives. The combined usage of pm_ptr() and RUNTIME_PM_OPS/SYSTEM_SLEEP_PM_OPS() allows the compiler to evaluate if the runtime suspend/resume() functions are used at build time or are simply dead code. This allows removing the CONFIG_PM ifdefery from the runtime suspend/resume() functions. Signed-off-by: Fabio Estevam Link: https://patch.msgid.link/20240808184944.267686-1-festevam@gmail.com Signed-off-by: Mark Brown commit 44f65d900698278a8451988abe0d5ca37fd46882 Author: Jeff Xu Date: Tue Aug 6 21:49:27 2024 +0000 binfmt_elf: mseal address zero In load_elf_binary as part of the execve(), when the current task’s personality has MMAP_PAGE_ZERO set, the kernel allocates one page at address 0. According to the comment: /* Why this, you ask??? Well SVr4 maps page 0 as read-only, and some applications "depend" upon this behavior. Since we do not have the power to recompile these, we emulate the SVr4 behavior. Sigh. */ At one point, Linus suggested removing this [1]. Code search in debian didn't see much use of MMAP_PAGE_ZERO [2], it exists in util and test (rr). Sealing this is probably safe, the comment doesn't say the app ever wanting to change the mapping to rwx. Sealing also ensures that never happens. If there is a complaint, we can make this configurable. Link: https://lore.kernel.org/lkml/CAHk-=whVa=nm_GW=NVfPHqcxDbWt4JjjK1YWb0cLjO4ZSGyiDA@mail.gmail.com/ [1] Link: https://codesearch.debian.net/search?q=MMAP_PAGE_ZERO&literal=1&perpkg=1&page=1 [2] Signed-off-by: Jeff Xu Link: https://lore.kernel.org/r/20240806214931.2198172-2-jeffxu@google.com Signed-off-by: Kees Cook commit 61de4c34b51c5b9c7ef8229eb246346254638446 Author: Yan Zhao Date: Wed Jul 3 10:12:19 2024 +0800 KVM: selftests: Test memslot move in memslot_perf_test with quirk disabled Add a new user option to memslot_perf_test to allow testing memslot move with quirk KVM_X86_QUIRK_SLOT_ZAP_ALL disabled. Signed-off-by: Yan Zhao Message-ID: <20240703021219.13939-1-yan.y.zhao@intel.com> Signed-off-by: Paolo Bonzini commit 218f6415004a881d116e254eeb837358aced55ab Author: Yan Zhao Date: Wed Jul 3 10:12:06 2024 +0800 KVM: selftests: Allow slot modification stress test with quirk disabled Add a new user option to memslot_modification_stress_test to allow testing with slot zap quirk KVM_X86_QUIRK_SLOT_ZAP_ALL disabled. Signed-off-by: Yan Zhao Message-ID: <20240703021206.13923-1-yan.y.zhao@intel.com> Signed-off-by: Paolo Bonzini commit b4ed2c67d275b85b2ab07d54f88bebd5998d61d8 Author: Yan Zhao Date: Wed Jul 3 10:11:19 2024 +0800 KVM: selftests: Test slot move/delete with slot zap quirk enabled/disabled Update set_memory_region_test to make sure memslot move and deletion function correctly both when slot zap quirk KVM_X86_QUIRK_SLOT_ZAP_ALL is enabled and disabled. Signed-off-by: Yan Zhao Message-ID: <20240703021119.13904-1-yan.y.zhao@intel.com> Signed-off-by: Paolo Bonzini commit aa8d1f48d353b0469bff357183ee9df137d15ef0 Author: Yan Zhao Date: Wed Jul 3 10:10:43 2024 +0800 KVM: x86/mmu: Introduce a quirk to control memslot zap behavior Introduce the quirk KVM_X86_QUIRK_SLOT_ZAP_ALL to allow users to select KVM's behavior when a memslot is moved or deleted for KVM_X86_DEFAULT_VM VMs. Make sure KVM behave as if the quirk is always disabled for non-KVM_X86_DEFAULT_VM VMs. The KVM_X86_QUIRK_SLOT_ZAP_ALL quirk offers two behavior options: - when enabled: Invalidate/zap all SPTEs ("zap-all"), - when disabled: Precisely zap only the leaf SPTEs within the range of the moving/deleting memory slot ("zap-slot-leafs-only"). "zap-all" is today's KVM behavior to work around a bug [1] where the changing the zapping behavior of memslot move/deletion would cause VM instability for VMs with an Nvidia GPU assigned; while "zap-slot-leafs-only" allows for more precise zapping of SPTEs within the memory slot range, improving performance in certain scenarios [2], and meeting the functional requirements for TDX. Previous attempts to select "zap-slot-leafs-only" include a per-VM capability approach [3] (which was not preferred because the root cause of the bug remained unidentified) and a per-memslot flag approach [4]. Sean and Paolo finally recommended the implementation of this quirk and explained that it's the least bad option [5]. By default, the quirk is enabled on KVM_X86_DEFAULT_VM VMs to use "zap-all". Users have the option to disable the quirk to select "zap-slot-leafs-only" for specific KVM_X86_DEFAULT_VM VMs that are unaffected by this bug. For non-KVM_X86_DEFAULT_VM VMs, the "zap-slot-leafs-only" behavior is always selected without user's opt-in, regardless of if the user opts for "zap-all". This is because it is assumed until proven otherwise that non- KVM_X86_DEFAULT_VM VMs will not be exposed to the bug [1], and most importantly, it's because TDX must have "zap-slot-leafs-only" always selected. In TDX's case a memslot's GPA range can be a mixture of "private" or "shared" memory. Shared is roughly analogous to how EPT is handled for normal VMs, but private GPAs need lots of special treatment: 1) "zap-all" would require to zap private root page or non-leaf entries or at least leaf-entries beyond the deleting memslot scope. However, TDX demands that the root page of the private page table remains unchanged, with leaf entries being zapped before non-leaf entries, and any dropped private guest pages must be re-accepted by the guest. 2) if "zap-all" zaps only shared page tables, it would result in private pages still being mapped when the memslot is gone. This may affect even other processes if later the gmem fd was whole punched, causing the pages being freed on the host while still mapped in the TD, because there's no pgoff to the gfn information to zap the private page table after memslot is gone. So, simply go "zap-slot-leafs-only" as if the quirk is always disabled for non-KVM_X86_DEFAULT_VM VMs to avoid manual opt-in for every VM type [6] or complicating quirk disabling interface (current quirk disabling interface is limited, no way to query quirks, or force them to be disabled). Add a new function kvm_mmu_zap_memslot_leafs() to implement "zap-slot-leafs-only". This function does not call kvm_unmap_gfn_range(), bypassing special handling to APIC_ACCESS_PAGE_PRIVATE_MEMSLOT, as 1) The APIC_ACCESS_PAGE_PRIVATE_MEMSLOT cannot be created by users, nor can it be moved. It is only deleted by KVM when APICv is permanently inhibited. 2) kvm_vcpu_reload_apic_access_page() effectively does nothing when APIC_ACCESS_PAGE_PRIVATE_MEMSLOT is deleted. 3) Avoid making all cpus request of KVM_REQ_APIC_PAGE_RELOAD can save on costly IPIs. Suggested-by: Kai Huang Suggested-by: Sean Christopherson Suggested-by: Paolo Bonzini Link: https://patchwork.kernel.org/project/kvm/patch/20190205210137.1377-11-sean.j.christopherson@intel.com [1] Link: https://patchwork.kernel.org/project/kvm/patch/20190205210137.1377-11-sean.j.christopherson@intel.com/#25054908 [2] Link: https://lore.kernel.org/kvm/20200713190649.GE29725@linux.intel.com/T/#mabc0119583dacf621025e9d873c85f4fbaa66d5c [3] Link: https://lore.kernel.org/all/20240515005952.3410568-3-rick.p.edgecombe@intel.com [4] Link: https://lore.kernel.org/all/7df9032d-83e4-46a1-ab29-6c7973a2ab0b@redhat.com [5] Link: https://lore.kernel.org/all/ZnGa550k46ow2N3L@google.com [6] Co-developed-by: Rick Edgecombe Signed-off-by: Rick Edgecombe Signed-off-by: Yan Zhao Message-ID: <20240703021043.13881-1-yan.y.zhao@intel.com> Signed-off-by: Paolo Bonzini commit 8de36789bd038ae24e29c40cbbc9e7d59604f54f Author: Wolfram Sang Date: Mon Jul 29 12:42:23 2024 +0200 fpga: zynq-fpga: Rename 'timeout' variable as 'time_left' There is a confusing pattern in the kernel to use a variable named 'timeout' to store the result of wait_for_completion_timeout() causing patterns like: timeout = wait_for_completion_timeout(...) if (!timeout) return -ETIMEDOUT; with all kinds of permutations. Use 'time_left' as a variable to make the code self explaining. Signed-off-by: Wolfram Sang Acked-by: Michal Simek Acked-by: Xu Yilun Link: https://lore.kernel.org/r/20240729104319.2658-2-wsa+renesas@sang-engineering.com Signed-off-by: Xu Yilun commit 4168ced7e02bef642a3641aec3b81107a5996707 Author: Wolfram Sang Date: Mon Jul 29 12:42:22 2024 +0200 fpga: socfpga: Rename 'timeout' variable as 'time_left' There is a confusing pattern in the kernel to use a variable named 'timeout' to store the result of wait_for_completion_interruptible_timeout() causing patterns like: timeout = wait_for_completion_interruptible_timeout(...) if (!timeout) return -ETIMEDOUT; with all kinds of permutations. Use 'time_left' as a variable to make the code self explaining. Fix to the proper variable type 'long' while here. Signed-off-by: Wolfram Sang Acked-by: Xu Yilun Link: https://lore.kernel.org/r/20240729104319.2658-1-wsa+renesas@sang-engineering.com Signed-off-by: Xu Yilun commit 27ac597c0e2f596f53963db4a2cf53cd84657cda Author: Veronika Molnarova Date: Mon Apr 29 10:53:07 2024 +0200 perf test record.sh: Raise limit of open file descriptors Subtest for system-wide record with '--threads=cpu' option fails due to a limit of open file descriptors on systems with 128 or more CPUs as the default limit is set to 1024. The number of open file descriptors should be slightly above nmb_events*nmb_cpus + nmb_cpus(for perf.data.n) + 4*nmb_cpus(for pipes), which equals 8*nmb_cpus. Therefore, temporarily raise the limit to 16*nmb_cpus for the test. Committer notes: Instead of disabling ShellCheck warnings all the uses of 'uname -n', i.e. those: In tests/shell/record.sh line 35: default_fd_limit=$(ulimit -Sn) ^-^ SC3045 (warning): In POSIX sh, ulimit -S is undefined. We can just switch from using '/bin/sh' to '/bin/bash' for this test, as bash _has_ 'ulimit -n', so ShellCheck will not emit that warning. There are dozens of 'perf test' shell tests that do just that, '/bin/bash' is a reasonable expectation for those tests. Signed-off-by: Veronika Molnarova Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Jiri Olsa Cc: Kajol Jain Cc: Michael Petlan Cc: Radostin Stoyanov Link: https://lore.kernel.org/linux-perf-users/20240429085721.10122-1-vmolnaro@redhat.com Signed-off-by: Arnaldo Carvalho de Melo commit d783ed2f5fe7850fb7f6296ae267e2efcf877319 Author: Marco Pagani Date: Thu Jul 25 14:50:31 2024 +0200 fpga: Simplify and improve fpga region test using deferred actions Use deferred actions to simplify the test suite and avoid potential memory leaks when test cases fail. Remove unnecessary calls to kunit_device_unregister() since kunit devices are tied to the test context and released by a deferred action when the test is completed. Other changes: fix a typo by changing the test suite name to fpga_region in the kunit_suite struct. Signed-off-by: Marco Pagani Acked-by: Xu Yilun Link: https://lore.kernel.org/r/20240725125031.308195-4-marpagan@redhat.com Signed-off-by: Xu Yilun commit 3c2c01849c01e7e3c99124a7fb7f238b7c9a2348 Author: Marco Pagani Date: Thu Jul 25 14:50:30 2024 +0200 fpga: Simplify and improve fpga bridge test using deferred actions Use deferred actions to simplify the test suite and avoid potential memory leaks when test cases fail. Remove unnecessary calls to kunit_device_unregister() since kunit devices are tied to the test context and released by a deferred action when the test is completed. Signed-off-by: Marco Pagani Acked-by: Xu Yilun Link: https://lore.kernel.org/r/20240725125031.308195-3-marpagan@redhat.com Signed-off-by: Xu Yilun commit dbcbd3650f305df708b569517c063c7644cf0d89 Author: Marco Pagani Date: Thu Jul 25 14:50:29 2024 +0200 fpga: Simplify and improve fpga mgr test using deferred actions Use deferred actions to simplify the test suite and avoid potential memory leaks when test cases fail. Remove unnecessary calls to kunit_device_unregister() since kunit devices are tied to the test context and released by a deferred action when the test is completed. Signed-off-by: Marco Pagani Acked-by: Xu Yilun Link: https://lore.kernel.org/r/20240725125031.308195-2-marpagan@redhat.com Signed-off-by: Xu Yilun commit a043ea54bbb975ca9239c69fd17f430488d33522 Merge: 03a979b74dc1ad ac79beb913dc40 Author: Hans Verkuil Date: Wed Aug 14 17:18:47 2024 +0200 Merge tag 'next-media-rkisp1-20240814' of git://git.kernel.org/pub/scm/linux/kernel/git/pinchartl/linux.git Extensible parameters support for the rkisp1 driver. Signed-off-by: Hans Verkuil commit d79e13f8e8abb5cd3a2a0f9fc9bc3fc750c5b06f Author: Takashi Iwai Date: Wed Aug 14 15:48:42 2024 +0200 ALSA: usb-audio: Replace complex quirk lines with macros Apply the newly introduced macros for reduce the complex expressions and cast in the quirk table definitions. It results in a significant code reduction, too. There should be no functional changes. Link: https://patch.msgid.link/20240814134844.2726-3-tiwai@suse.de Signed-off-by: Takashi Iwai commit 0c3ad39b791c2ecf718afcaca30e5ceafa939d5c Author: Takashi Iwai Date: Wed Aug 14 15:48:41 2024 +0200 ALSA: usb-audio: Define macros for quirk table entries Many entries in the USB-audio quirk tables have relatively complex expressions. For improving the readability, introduce a few macros. Those are applied in the following patch. Link: https://patch.msgid.link/20240814134844.2726-2-tiwai@suse.de Signed-off-by: Takashi Iwai commit 67dd9e861add38755a7c5d29e25dd0f6cb4116ab Author: Krzysztof Kozlowski Date: Mon Aug 12 14:30:55 2024 +0200 memory: tegra186-emc: drop unused to_tegra186_emc() to_tegra186_emc() is not used, W=1 builds: tegra186-emc.c:38:36: error: unused function 'to_tegra186_emc' [-Werror,-Wunused-function] Fixes: 9a38cb27668e ("memory: tegra: Add interconnect support for DRAM scaling in Tegra234") Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20240812123055.124123-1-krzysztof.kozlowski@linaro.org Signed-off-by: Krzysztof Kozlowski commit 4c55560f23d19051adc7e76818687a88448bef83 Author: Arnaldo Carvalho de Melo Date: Wed Aug 14 10:36:24 2024 -0300 perf build: Fix up broken capstone feature detection fast path The capstone devel headers define 'struct bpf_insn' in a way that clashes with what is in the libbpf devel headers, so we so far need to avoid including both. This is happening on the tools/build/feature/test-all.c file, where we try building all the expected set of libraries to be normally available on a system: ⬢[acme@toolbox perf-tools-next]$ cat /tmp/build/perf-tools-next/feature/test-all.make.output In file included from test-bpf.c:3, from test-all.c:150: /home/acme/git/perf-tools-next/tools/include/uapi/linux/bpf.h:77:8: error: ‘bpf_insn’ defined as wrong kind of tag 77 | struct bpf_insn { | ^~~~~~~~ ⬢[acme@toolbox perf-tools-next]$ cat /tmp/build/perf-tools-next/feature/test-all.make.output When doing so there is a trick where we define main to be main_test_libcapstone, then include the individual tools/build/feture/test-libcapstone.c capability query test, and then we undef 'main' because we'll do it all over again with the next expected library to be tested (at this time 'lzma'). To complete this mechanism we need to, in test-all.c 'main' routine, to call main_test_libcapstone(), which isn't being done, so the effect of adding references to capstone in test-all.c are not achieved. The only thing that is happening is that test-all.c is failing to build and thus all the tests will have to be done individually, which nullifies the test-all.c single build speedup. So lets remove references to capstone from test-all.c to see if this makes it build again so that we get faster builds or go on fixing up whatever is preventing us to get that benefit. Nothing: after this fix we get a clean test-all.c build and get the build speedup back: ⬢[acme@toolbox perf-tools-next]$ cat /tmp/build/perf-tools-next/feature/test-all.make.output ⬢[acme@toolbox perf-tools-next]$ cat /tmp/build/perf-tools-next/feature/test-all. test-all.bin test-all.d test-all.make.output ⬢[acme@toolbox perf-tools-next]$ cat /tmp/build/perf-tools-next/feature/test-all.make.output ⬢[acme@toolbox perf-tools-next]$ ldd /tmp/build/perf-tools-next/feature/test-all.bin linux-vdso.so.1 (0x00007f13277a1000) libpython3.12.so.1.0 => /lib64/libpython3.12.so.1.0 (0x00007f1326e00000) libm.so.6 => /lib64/libm.so.6 (0x00007f13274be000) libtraceevent.so.1 => /lib64/libtraceevent.so.1 (0x00007f1327496000) libtracefs.so.1 => /lib64/libtracefs.so.1 (0x00007f132746f000) libcrypto.so.3 => /lib64/libcrypto.so.3 (0x00007f1326800000) libunwind-x86_64.so.8 => /lib64/libunwind-x86_64.so.8 (0x00007f1327452000) libunwind.so.8 => /lib64/libunwind.so.8 (0x00007f1327436000) liblzma.so.5 => /lib64/liblzma.so.5 (0x00007f1327403000) libdw.so.1 => /lib64/libdw.so.1 (0x00007f1326d6f000) libz.so.1 => /lib64/libz.so.1 (0x00007f13273e2000) libelf.so.1 => /lib64/libelf.so.1 (0x00007f1326d53000) libnuma.so.1 => /lib64/libnuma.so.1 (0x00007f13273d4000) libslang.so.2 => /lib64/libslang.so.2 (0x00007f1326400000) libperl.so.5.38 => /lib64/libperl.so.5.38 (0x00007f1326000000) libc.so.6 => /lib64/libc.so.6 (0x00007f1325e0f000) libzstd.so.1 => /lib64/libzstd.so.1 (0x00007f1326741000) /lib64/ld-linux-x86-64.so.2 (0x00007f13277a3000) libbz2.so.1 => /lib64/libbz2.so.1 (0x00007f1326d3f000) libcrypt.so.2 => /lib64/libcrypt.so.2 (0x00007f1326d07000) ⬢[acme@toolbox perf-tools-next]$ And when having capstone-devel installed we get it detected and linked with perf, allowing us to benefit from the features that it enables: ⬢[acme@toolbox perf-tools-next]$ rpm -q capstone-devel capstone-devel-5.0.1-3.fc40.x86_64 ⬢[acme@toolbox perf-tools-next]$ ldd /tmp/build/perf-tools-next/perf | grep capstone libcapstone.so.5 => /lib64/libcapstone.so.5 (0x00007fe6a5c00000) ⬢[acme@toolbox perf-tools-next]$ /tmp/build/perf-tools-next/perf -vv | grep cap libcapstone: [ on ] # HAVE_LIBCAPSTONE_SUPPORT ⬢[acme@toolbox perf-tools-next]$ Fixes: 8b767db3309595a2 ("perf: build: introduce the libcapstone") Cc: Adrian Hunter Cc: Andi Kleen Cc: Changbin Du Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/Zry0sepD5Ppa5YKP@x1 Signed-off-by: Arnaldo Carvalho de Melo commit ac79beb913dc40b1a49b628e31afdfeb20194ab6 Author: Paul Elder Date: Thu Aug 8 22:41:05 2024 +0200 media: rkisp1: Add support for the companding block Add support to the rkisp1 driver for the companding block that exists on the i.MX8MP version of the ISP. This requires usage of the new extensible parameters format, and showcases how the format allows for extensions without breaking backward compatibility. Signed-off-by: Paul Elder Reviewed-by: Jacopo Mondi Reviewed-by: Paul Elder Signed-off-by: Jacopo Mondi Tested-by: Kieran Bingham Acked-by: Sakari Ailus Signed-off-by: Laurent Pinchart commit 74a18d029fb948ad4902b55ab30190fcbef088e8 Author: Paul Elder Date: Thu Aug 8 22:41:04 2024 +0200 media: rkisp1: Add feature flags for BLS and compand Add feature flags for the dedicated black level subtraction hardware block and for the compand hardware block. The companding feature flag is added on its own (as opposed to "the absence of BLS") because we will need it later for when we add support for the companding block. Skip BLS configuration when the BLS feature flag is unset, as devices without the dedicated BLS block cannot configure a hardware block that doesn't exist. Signed-off-by: Paul Elder Reviewed-by: Jacopo Mondi Signed-off-by: Jacopo Mondi Tested-by: Kieran Bingham Acked-by: Sakari Ailus Signed-off-by: Laurent Pinchart commit a735e539758af44a508698e4f4041eb59b325b2d Author: Paul Elder Date: Thu Aug 8 22:41:03 2024 +0200 media: rkisp1: Add register definitions for the companding block To prepare for adding support for the companding block to the rkisp1 driver for the version of the ISP on the i.MX8MP, add the register definitions for it, including relevant register field values. Signed-off-by: Paul Elder Reviewed-by: Jacopo Mondi Signed-off-by: Jacopo Mondi Tested-by: Kieran Bingham Acked-by: Sakari Ailus Signed-off-by: Laurent Pinchart commit f1463972738f6849b6ac4454c37ae2785094a700 Author: Laurent Pinchart Date: Thu Aug 8 22:41:02 2024 +0200 media: rkisp1: Add features mask to extensible block handlers Future ISP parameter blocks for i.MX8MP-specific features will not support on Rockchip platforms as they lack the corresponding hardware. Introduce a features mask in the extensible block handlers to indicate which device features a block require, and ignore blocks that require unavailable features. Reviewed-by: Jacopo Mondi Reviewed-by: Paul Elder Signed-off-by: Jacopo Mondi Tested-by: Kieran Bingham Acked-by: Sakari Ailus Signed-off-by: Laurent Pinchart commit d2db5694fde8212a8bd4269f1b60ed9a2a3b20cc Author: Laurent Pinchart Date: Thu Aug 8 22:41:01 2024 +0200 media: rkisp1: Add helper function to swap colour channels The BLS parameters passed by userspace are specified for named colour channels (R, Gr, Gb and B), while the hardware registers reference positions in the 2x2 CFA pattern (A, B, C and D). The BLS values are swapped based on the CFA pattern when writing to or reading from registers, using hand-roled switch statements. The logic is duplicated already, and new code will require similar processing. Move the swap logic to a shared function, using static data to control the channels order. Reviewed-by: Jacopo Mondi Reviewed-by: Paul Elder Signed-off-by: Jacopo Mondi Tested-by: Kieran Bingham Acked-by: Sakari Ailus Signed-off-by: Laurent Pinchart commit f848c0312e392d90556cbffa3b0632780c147f46 Author: Jacopo Mondi Date: Thu Aug 8 22:41:00 2024 +0200 media: rkisp1: Implement s_fmt/try_fmt Implement in the rkisp1 driver support for the s_fmt and try_fmt operation to allow userspace to select between the extensible and the fixed parameters formats. Implement enum_mbus_code to enumerate the fixed and the extensible formats and disallow changing the data format while the queue is busy. Signed-off-by: Jacopo Mondi Reviewed-by: Laurent Pinchart Reviewed-by: Paul Elder Tested-by: Kieran Bingham Acked-by: Sakari Ailus Signed-off-by: Laurent Pinchart commit 6c53a7b68c5d2a1dd4e8df52f01d75072ebc13bc Author: Jacopo Mondi Date: Thu Aug 8 22:40:59 2024 +0200 media: rkisp1: Implement extensible params support Implement support in rkisp1-params for the extensible configuration parameters format. Create a list of handlers for each ISP block that wraps the existing configuration functions and handles the ISP block enablement. Parse the configuration parameters buffer in rkisp1_ext_params_config and filter the enable blocks by group, to allow setting the 'other' groups separately from the 'lsc' group to support the pre/post-configure operations. Implement parameter buffer validation for the extensible format at .buf_prepare() time. Signed-off-by: Jacopo Mondi Reviewed-by: Laurent Pinchart Reviewed-by: Jacopo Mondi Reviewed-by: Paul Elder Tested-by: Kieran Bingham Acked-by: Sakari Ailus Signed-off-by: Laurent Pinchart commit dab5b6cb0d405425502e60450ecf1c8e5ea6b845 Author: Kan Liang Date: Tue Aug 13 09:02:08 2024 -0700 perf test: Add new test cases for the branch counter feature Enhance the test case for the branch counter feature. Now, the test verifies: - The new filter can be successfully applied on the supported platforms. - The counter value can be outputted via the perf report -D - The counter value and the abbr name can be outputted via the perf script (New) Reviewed-by: Andi Kleen Signed-off-by: Kan Liang Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240813160208.2493643-10-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 6f9d8d1de2c61288edd7dfc2a7e7986c8b2ae927 Author: Kan Liang Date: Tue Aug 13 09:02:07 2024 -0700 perf script: Add branch counters It's useful to print the branch counter information for each jump in the brstackinsn when it's available. Add a new field 'brcntr' to display the branch counter information. By default, the abbreviation will be used to indicate the branch counter. In the verbose mode, the real event name is shown. $ perf script -F +brstackinsn,+brcntr # Branch counter abbr list: # branch-instructions:ppp = A # branch-misses = B # '-' No event occurs # '+' Event occurrences may be lost due to branch counter saturated tchain_edit 332203 3366329.405674: 53030 branch-instructions:ppp: 401781 f3+0x2c (home/sdp/test/tchain_edit) f3+31: 0000000000401774 insn: eb 04 br_cntr: AA # PRED 5 cycles [5] 000000000040177a insn: 81 7d fc 0f 27 00 00 0000000000401781 insn: 7e e3 br_cntr: A # PRED 1 cycles [6] 2.00 IPC 0000000000401766 insn: 8b 45 fc 0000000000401769 insn: 83 e0 01 000000000040176c insn: 85 c0 000000000040176e insn: 74 06 br_cntr: A # PRED 1 cycles [7] 4.00 IPC 0000000000401776 insn: 83 45 fc 01 000000000040177a insn: 81 7d fc 0f 27 00 00 0000000000401781 insn: 7e e3 br_cntr: A # PRED 7 cycles [14] 0.43 IPC $ perf script -F +brstackinsn,+brcntr -v tchain_edit 332203 3366329.405674: 53030 branch-instructions:ppp: 401781 f3+0x2c (/home/sdp/os.linux.perf.test-suite/kernels/lbr_kernel/tchain_edit) f3+31: 0000000000401774 insn: eb 04 br_cntr: branch-instructions:ppp 2 branch-misses 0 # PRED 5 cycles [5] 000000000040177a insn: 81 7d fc 0f 27 00 00 0000000000401781 insn: 7e e3 br_cntr: branch-instructions:ppp 1 branch-misses 0 # PRED 1 cycles [6] 2.00 IPC 0000000000401766 insn: 8b 45 fc 0000000000401769 insn: 83 e0 01 000000000040176c insn: 85 c0 000000000040176e insn: 74 06 br_cntr: branch-instructions:ppp 1 branch-misses 0 # PRED 1 cycles [7] 4.00 IPC 0000000000401776 insn: 83 45 fc 01 000000000040177a insn: 81 7d fc 0f 27 00 00 0000000000401781 insn: 7e e3 br_cntr: branch-instructions:ppp 1 branch-misses 0 # PRED 7 cycles [14] 0.43 IPC Originally-by: Tinghao Zhang Reviewed-by: Andi Kleen Signed-off-by: Kan Liang Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240813160208.2493643-9-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit e6952dcec8302643a8b59751df250d03762429c3 Author: Kan Liang Date: Tue Aug 13 09:02:06 2024 -0700 perf annotate: Display the branch counter histogram Display the branch counter histogram in the annotation view. Press 'B' to display the branch counter's abbreviation list as well. Samples: 1M of events 'anon group { branch-instructions:ppp, branch-misses }', 4000 Hz, Event count (approx.): f3 /home/sdp/test/tchain_edit [Percent: local period] Percent │ IPC Cycle Branch Counter (Average IPC: 1.39, IPC Coverage: 29.4%) │ 0000000000401755 : 0.00 0.00 │ endbr64 │ push %rbp │ mov %rsp,%rbp │ movl $0x0,-0x4(%rbp) 0.00 0.00 │1.33 3 |A |- | ↓ jmp 25 11.03 11.03 │ 11: mov -0x4(%rbp),%eax │ and $0x1,%eax │ test %eax,%eax 17.13 17.13 │2.41 1 |A |- | ↓ je 21 │ addl $0x1,-0x4(%rbp) 21.84 21.84 │2.22 2 |AA |- | ↓ jmp 25 17.13 17.13 │ 21: addl $0x1,-0x4(%rbp) 21.84 21.84 │ 25: cmpl $0x270f,-0x4(%rbp) 11.03 11.03 │0.61 3 |A |- | ↑ jle 11 │ nop │ pop %rbp 0.00 0.00 │0.24 20 |AA |B | ← ret Originally-by: Tinghao Zhang Reviewed-by: Andi Kleen Signed-off-by: Kan Liang Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240813160208.2493643-8-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 20d6f555283915f24d52e29a982b547cf6517f06 Author: Kan Liang Date: Tue Aug 13 09:02:05 2024 -0700 perf report: Display the branch counter histogram Reusing the existing --total-cycles option to display the branch counters. Add a new PERF_HPP_REPORT__BLOCK_BRANCH_COUNTER to display the logged branch counter events. They are shown right after all the cycle-related annotations. Extend the 'struct block_info' to store and pass the branch counter related information. The annotation_br_cntr_entry() is to print the histogram of each branch counter event. If the number of logged events is less than 4, the exact number of the abbr name is printed. Otherwise, using '+' to stands for more than 3 events. Assume the number of logged events is less than 4. The annotation_br_cntr_abbr_list() prints the branch counter's abbreviation list. Press 'B' to display the list in the TUI mode. $ perf record -e "{branch-instructions:ppp,branch-misses}:S" -j any,counter $ perf report --total-cycles --stdio # To display the perf.data header info, please use --header/--header-only options. # # # Total Lost Samples: 0 # # Samples: 1M of events 'anon group { branch-instructions:ppp, branch-misses }' # Event count (approx.): 1610046 # # Branch counter abbr list: # branch-instructions:ppp = A # branch-misses = B # '-' No event occurs # '+' Event occurrences may be lost due to branch counter saturated # # Sampled Cycles% Sampled Cycles Avg Cycles% Avg Cycles Branch Counter [Program Block Range] # ............... .............. ........... .......... .............. .................. # 57.55% 2.5M 0.00% 3 |A |- | ... 25.27% 1.1M 0.00% 2 |AA |- | ... 15.61% 667.2K 0.00% 1 |A |- | ... 0.16% 6.9K 0.81% 575 |A |- | ... 0.16% 6.8K 1.38% 977 |AA |- | ... 0.16% 6.8K 0.04% 28 |AA |B | ... 0.15% 6.6K 1.33% 946 |A |- | ... 0.11% 4.5K 0.06% 46 |AAA+|- | ... 0.10% 4.4K 0.88% 624 |A |- | ... 0.09% 3.7K 0.74% 524 |AAA+|B | ... With -v applied, # Sampled Cycles% Sampled Cycles Avg Cycles% Avg Cycles Branch Counter [Program Block Range] # ............... .............. ........... .......... .............. .................. # 57.55% 2.5M 0.00% 3 A=1 ,B=- ... 25.27% 1.1M 0.00% 2 A=2 ,B=- ... 15.61% 667.2K 0.00% 1 A=1 ,B=- ... 0.16% 6.9K 0.81% 575 A=1 ,B=- ... 0.16% 6.8K 1.38% 977 A=2 ,B=- ... 0.16% 6.8K 0.04% 28 A=2 ,B=1 ... 0.15% 6.6K 1.33% 946 A=1 ,B=- ... 0.11% 4.5K 0.06% 46 A=3+,B=- ... 0.10% 4.4K 0.88% 624 A=1 ,B=- ... 0.09% 3.7K 0.74% 524 A=3+,B=1 ... Reviewed-by: Andi Kleen Signed-off-by: Kan Liang Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240813160208.2493643-7-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 7398bf181d59a8c8d8d13cb555bf3f44b70f6221 Author: Kan Liang Date: Tue Aug 13 09:02:04 2024 -0700 perf evsel: Assign abbr name for the branch counter events There could be several branch counter events. If perf tool output the result via the format "event name + a number", the line could be very long and hard to read. An abbreviation is introduced to replace the full event name in the display. The abbreviation starts from 'A' to 'Z9', which can support up to 286 events. The same abbreviation will be assigned if the same events are found in the evlist. The next patch will utilize the abbreviation name to show the branch counter events in the output. Reviewed-by: Andi Kleen Signed-off-by: Kan Liang Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240813160208.2493643-6-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 1f2b7fbb04f53540090ac7d320194654f142443f Author: Kan Liang Date: Tue Aug 13 09:02:03 2024 -0700 perf annotate: Save branch counters for each block When annotating a basic block, it's useful to display the occurrences of other events in the block. The branch counter feature is only available for newer Intel platforms. So a dedicated option to display the branch counters is not introduced. Reuse the existing --total-cycles option, which triggers the annotation of a basic block and displays the cycle-related annotation. When the branch counters information is available, the branch counters are automatically appended after all the cycle-related annotation. Accounting the branch counters as well when accounting the cycles in hist__account_cycles(). In 'struct annotated_branch', introduce a br_cntr array to save the accumulation of each branch counter. In a sample, all the branch counters for a branch are saved in a u64 space. Because the saturation of a branch counter is small, e.g., for Intel Sierra Forest, the saturation is only 3. Add ANNOTATION__BR_CNTR_SATURATED_FLAG to indicate if a branch counter once saturated. That can be used to indicate a potential event lost because of the saturation. Reviewed-by: Andi Kleen Signed-off-by: Kan Liang Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240813160208.2493643-5-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 3a867a6dadb2d67b85cbf9bc67eca2428075a109 Author: Kan Liang Date: Tue Aug 13 09:02:02 2024 -0700 perf evlist: Save branch counters information The branch counters logging (A.K.A LBR event logging) introduces a per-counter indication of precise event occurrences in LBRs. The kernel only dumps the number of occurrences into a record. The perf tool has to map the number to the corresponding event. Add evlist__update_br_cntr() to go through the evlist to pick the events that are configured to be logged. Assign a logical idx to track them, and add the total number of the events in the leader event. The total number will be used to allocate the space to save the branch counters for a block. The logical idx will be used to locate the corresponding event quickly in the following patches. It only needs to iterate the evlist once. The evsel__has_branch_counters() is also optimized. Reviewed-by: Andi Kleen Signed-off-by: Kan Liang Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240813160208.2493643-4-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 183212a45e5fe66e7f6cbd360d186174b013d023 Author: Kan Liang Date: Tue Aug 13 09:02:01 2024 -0700 perf report: Remove the first overflow check for branch counters A false overflow warning is triggered if a sample doesn't have any LBRs recorded and the branch counters feature is enabled. The current code does OVERFLOW_CHECK_u64() at the very beginning when reading the information of branch counters. It assumes that there is at least one LBR in the PEBS record. But it is a valid case that 0 LBR is recorded especially in a high context switch. Remove the OVERFLOW_CHECK_u64(). The later OVERFLOW_CHECK() should be good enough to check the overflow when reading the information of the branch counters. Fixes: 9fbb4b02302b0ae6 ("perf tools: Add branch counter knob") Reviewed-by: Andi Kleen Signed-off-by: Kan Liang Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Kan Liang Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240813160208.2493643-3-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 3ef44458071a19e5b5832cdfe6f75273aa521b6e Author: Kan Liang Date: Tue Aug 13 09:02:00 2024 -0700 perf report: Fix --total-cycles --stdio output error The --total-cycles may output wrong information with the --stdio. For example: # perf record -e "{cycles,instructions}",cache-misses -b sleep 1 # perf report --total-cycles --stdio The total cycles output of {cycles,instructions} and cache-misses are almost the same. # Samples: 938 of events 'anon group { cycles, instructions }' # Event count (approx.): 938 # # Sampled Cycles% Sampled Cycles Avg Cycles% Avg Cycles [Program Block Range] # ............... .............. ........... .......... ..................................................> # 11.19% 2.6K 0.10% 21 [perf_iterate_ctx+48 -> > 5.79% 1.4K 0.45% 97 [__intel_pmu_enable_all.constprop.0+80 -> __intel_> 5.11% 1.2K 0.33% 71 [native_write_msr+0 ->> # Samples: 293 of event 'cache-misses' # Event count (approx.): 293 # # Sampled Cycles% Sampled Cycles Avg Cycles% Avg Cycles [Program Block Range] # ............... .............. ........... .......... ..................................................> # 11.19% 2.6K 0.13% 21 [perf_iterate_ctx+48 -> > 5.79% 1.4K 0.59% 97 [__intel_pmu_enable_all.constprop.0+80 -> __intel_> 5.11% 1.2K 0.43% 71 [native_write_msr+0 ->> With the symbol_conf.event_group, the 'perf report' should only report the block information of the leader event in a group. However, the current implementation retrieves the next event's block information, rather than the next group leader's block information. Make sure the index is updated even if the event is skipped. With the patch, # Samples: 293 of event 'cache-misses' # Event count (approx.): 293 # # Sampled Cycles% Sampled Cycles Avg Cycles% Avg Cycles [Program Block Range] # ............... .............. ........... .......... ..................................................> # 37.98% 9.0K 4.05% 299 [perf_event_addr_filters_exec+0 -> perf_event_a> 11.19% 2.6K 0.28% 21 [perf_iterate_ctx+48 -> > 5.79% 1.4K 1.32% 97 [__intel_pmu_enable_all.constprop.0+80 -> __intel_> Fixes: 6f7164fa231a5f36 ("perf report: Sort by sampled cycles percent per block for stdio") Reviewed-by: Andi Kleen Signed-off-by: Kan Liang Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jin Yao Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240813160208.2493643-2-kan.liang@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 653ac51f53032df8a17fd5f9d6c7540a5e70f85c Author: Ian Rogers Date: Mon Aug 12 21:06:13 2024 -0700 perf test annotate: Dump trapping test in trap handler Help to better identify the location of test failures but dumping the failing test in the trap handler. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Athira Rajeev Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kajol Jain Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Thomas Richter Link: https://lore.kernel.org/r/20240813040613.882075-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit e8b89bc158199b60f3ae6c655ced4461c42d650b Author: Takashi Sakamoto Date: Wed Aug 14 22:12:22 2024 +0900 firewire: core/ohci: minor refactoring for computation of configuration ROM size The size of space for configuration ROM is defined by IEEE 1212. The start and end offsets are available as some macros in UAPI header. This commit uses these macros to compute the size. Link: https://lore.kernel.org/r/20240814131222.69949-4-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit d4dcb339739e84bc1de335b567ee24f4f89fc19a Author: Takashi Sakamoto Date: Wed Aug 14 22:12:21 2024 +0900 firewire: ohci: remove unused wrapper macro for dev_info() The ohci_info() macro is a thin wrapper of dev_info(), while it is never used. Link: https://lore.kernel.org/r/20240814131222.69949-3-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 56a4832c9f2e46e380ee1979a02f44b115598bf3 Author: Takashi Sakamoto Date: Wed Aug 14 22:12:20 2024 +0900 firewire: ohci: use helper macro for compiler aligned attribute The __aligned() macro has been available since v4.19 kernel by a commit 815f0ddb346c ("include/linux/compiler*.h: make compiler-*.h mutually exclusive"). This commit replaces with the macro. Link: https://lore.kernel.org/r/20240814131222.69949-2-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 202b85da0a2fb6f034f0290af841e0f29352af9f Author: Jani Nikula Date: Tue Aug 13 18:12:16 2024 +0300 drm/i915: make __intel_display_power_is_enabled() static The function isn't used outside of intel_display_power.c. Make it static. Reviewed-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240813151216.2573845-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit a05031713d460de5ff8500680458ed8f3fd946e6 Author: Ian Rogers Date: Mon Aug 12 21:06:12 2024 -0700 perf disasm: Fix memory leak for locked operations lock__parse() calls disasm_line__parse() passing &ops->locked.ins.name that will use strdup() to populate it. Ensure ops->locked.ins.name is freed in lock__delete(). Found with address/leak sanitizer. Signed-off-by: Ian Rogers Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Athira Rajeev Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kajol Jain Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Cc: Thomas Richter Link: https://lore.kernel.org/r/20240813040613.882075-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 562cdeadac06176b3a99bd457d9463a3b58df60f Author: Stefan Wahren Date: Sun Jul 28 13:41:49 2024 +0200 pmdomain: raspberrypi-power: set flag GENPD_FLAG_ACTIVE_WAKEUP Set flag GENPD_FLAG_ACTIVE_WAKEUP to rpi_power genpd, then when a device is set as wakeup source using device_set_wakeup_enable, the power domain could be kept on to make sure the device could wakeup the system. Signed-off-by: Stefan Wahren Link: https://lore.kernel.org/r/20240728114200.75559-6-wahrenst@gmx.net Signed-off-by: Ulf Hansson commit eb3896ea9e2829c8c3aa2e86d3f90765b06a41c6 Author: Stefan Wahren Date: Sun Jul 28 13:41:48 2024 +0200 pmdomain: raspberrypi-power: Add logging to rpi_firmware_set_power The Raspberry Pi power driver heavily relies on the logging of the underlying firmware driver. This results in disadvantages like unspecific error messages or limited debugging options. So implement the logging for the most important function rpi_firmware_set_power. Signed-off-by: Stefan Wahren Link: https://lore.kernel.org/r/20240728114200.75559-5-wahrenst@gmx.net Signed-off-by: Ulf Hansson commit 49d2a1ec68eebc436851ccc64135661bad5fc27d Author: Stefan Wahren Date: Sun Jul 28 13:41:47 2024 +0200 pmdomain: raspberrypi-power: Adjust packet definition According to the official Mailbox property interface the second part of RPI_FIRMWARE_SET_POWER_STATE ( and so on ...) is named state because it represent u32 flags and just the lowest bit is for on/off. So rename it to align with documentation and prepare the driver for further changes. Link: https://github.com/raspberrypi/firmware/wiki/Mailbox-property-interface Signed-off-by: Stefan Wahren Reviewed-by: Florian Fainelli Link: https://lore.kernel.org/r/20240728114200.75559-4-wahrenst@gmx.net Signed-off-by: Ulf Hansson commit 41f37c852ac3fbfd072a00281b60dc7ba056be8c Author: Masami Hiramatsu (Google) Date: Thu Jun 13 07:12:10 2024 +0900 selftests/ftrace: Add required dependency for kprobe tests kprobe_args_{char,string}.tc are using available_filter_functions file which is provided by function tracer. Thus if function tracer is disabled, these tests are failed on recent kernels because tracefs_create_dir is not raised events by adding a dynamic event. Add available_filter_functions to requires line. Fixes: 7c1130ea5cae ("test: ftrace: Fix kprobe test for eventfs") Signed-off-by: Masami Hiramatsu (Google) Signed-off-by: Shuah Khan commit 674fc922f06f7632ac94536ca92dd8addb606f46 Author: Paul E. McKenney Date: Thu Aug 1 17:43:02 2024 -0700 rcuscale: Print detailed grace-period and barrier diagnostics This commit uses the new rcu_tasks_torture_stats_print(), rcu_tasks_trace_torture_stats_print(), and rcu_tasks_rude_torture_stats_print() functions in order to provide detailed diagnostics on grace-period, callback, and barrier state when rcu_scale_writer() hangs. [ paulmck: Apply kernel test robot feedback. ] Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 0616f7e981968743edb1ef758ba1a0e984240419 Author: Paul E. McKenney Date: Thu Aug 1 17:43:01 2024 -0700 rcu: Mark callbacks not currently participating in barrier operation RCU keeps a count of the number of callbacks that the current rcu_barrier() is waiting on, but there is currently no easy way to work out which callback is stuck. One way to do this is to mark idle RCU-barrier callbacks by making the ->next pointer point to the callback itself, and this commit does just that. Later commits will use this for debug output. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 48c21c020fcacba6deb065c78ac1876418b5be11 Author: Paul E. McKenney Date: Thu Aug 1 17:43:00 2024 -0700 rcuscale: Dump grace-period statistics when rcu_scale_writer() stalls This commit adds a .stats function pointer to the rcu_scale_ops structure, and if this is non-NULL, it is invoked after stack traces are dumped in response to a rcu_scale_writer() stall. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 42a8a2695ccbb98c15d73703cb39af70cdcf45fb Author: Paul E. McKenney Date: Thu Aug 1 17:42:59 2024 -0700 rcuscale: Dump stacks of stalled rcu_scale_writer() instances This commit improves debuggability by dumping the stacks of rcu_scale_writer() instances that have not completed in a reasonable timeframe. These stacks are dumped remotely, but they will be accurate in the thus-far common case where the stalled rcu_scale_writer() instances are blocked. [ paulmck: Apply kernel test robot feedback. ] Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit ea793764b5c677cf16f114a5ee3fb620560a78f6 Author: Paul E. McKenney Date: Thu Aug 1 17:42:58 2024 -0700 rcuscale: Save a few lines with whitespace-only change This whitespace-only commit fuses a few lines of code, taking advantage of the newish 100-character-per-line limit to save a few lines of code. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 4e39bb49c2de445848c2668d7f9fec6ba70724ae Author: Christophe JAILLET Date: Sun Jul 21 09:23:46 2024 +0200 refscale: Optimize process_durations() process_durations() is not a hot path, but there is no good reason to iterate over and over the data already in 'buf'. Using a seq_buf saves some useless strcat() and the need of a temp buffer. Data is written directly at the correct place. Signed-off-by: Christophe JAILLET Tested-by: "Paul E. McKenney" Reviewed-by: Davidlohr Bueso Signed-off-by: Neeraj Upadhyay commit 3e49aea71d5bac93b892f954d14bc8070e4cc651 Author: Paul E. McKenney Date: Fri Jul 5 19:57:47 2024 -0700 refscale: Add TINY scenario This commit adds a TINY scenario in order to support tests of Tiny RCU and Tiny SRCU. Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 591ce640819ff10385cd072fb19c2ca5d5181fe5 Author: Paul E. McKenney Date: Thu Aug 1 17:34:26 2024 -0700 rcu/tasks: Add rcu_barrier_tasks*() start time to diagnostics This commit adds the start time, in jiffies, of the most recently started rcu_barrier_tasks*() operation to the diagnostic output used by rcuscale. This information can be helpful in distinguishing a hung barrier operation from a long series of barrier operations. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit fe91cf39db0939ac8d523b5a1c31840f7cbe205c Author: Paul E. McKenney Date: Thu Aug 1 17:34:25 2024 -0700 rcu/tasks: Add detailed grace-period and barrier diagnostics This commit adds rcu_tasks_torture_stats_print(), rcu_tasks_trace_torture_stats_print(), and rcu_tasks_rude_torture_stats_print() functions that provide detailed diagnostics on grace-period, callback, and barrier state. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 2984e69a24affc8e5624069b7bb44593e09037e8 Author: Moon Yeounsu Date: Sat Aug 10 23:15:02 2024 +0900 net: ethernet: dlink: replace deprecated macro Macro `SIMPLE_DEV_PM_OPS()` is deprecated. This patch replaces `SIMPLE_DEV_PM_OPS()` with `DEFINE_SIMPLE_DEV_PM_OPS()` currently used. Expanded results are the same since remaining member is initialized as zero (NULL): static SIMPLE_DEV_PM_OPS(rio_pm_ops, rio_suspend, rio_resume); Expanded to: static const struct dev_pm_ops __attribute__((__unused__)) rio_pm_ops = { .suspend = ((1) ? ((rio_suspend)) : ((void *)0)), .resume = ((1) ? ((rio_resume)) : ((void *)0)), .freeze = ((1) ? ((rio_suspend)) : ((void *)0)), .thaw = ((1) ? ((rio_resume)) : ((void *)0)), .poweroff = ((1) ? ((rio_suspend)) : ((void *)0)), .restore = ((1) ? ((rio_resume)) : ((void *)0)), }; static DEFINE_SIMPLE_DEV_PM_OPS(rio_pm_ops, rio_suspend, rio_resume); Expanded to: static const struct dev_pm_ops rio_pm_ops = { .suspend = ((1) ? ((rio_suspend)) : ((void *)0)), .resume = ((1) ? ((rio_resume)) : ((void *)0)), .freeze = ((1) ? ((rio_suspend)) : ((void *)0)), .thaw = ((1) ? ((rio_resume)) : ((void *)0)), .poweroff = ((1) ? ((rio_suspend)) : ((void *)0)), .restore = ((1) ? ((rio_resume)) : ((void *)0)), .runtime_suspend = ((void *)0), .runtime_resume = ((void *)0), .runtime_idle = ((void *)0), }; Signed-off-by: Moon Yeounsu Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit d3f84aeb71d61ece24164bb2ce3161c60922fd8c Author: Paul E. McKenney Date: Thu Aug 1 17:34:24 2024 -0700 rcu/tasks: Mark callbacks not currently participating in barrier operation Each Tasks RCU flavor keeps a count of the number of callbacks that the current rcu_barrier_tasks*() is waiting on, but there is currently no easy way to work out which callback is stuck. One way to do this is to mark idle RCU-barrier callbacks by making the ->next pointer point to the callback itself, and this commit does just that. Later commits will use this for debug output. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 54973cdd166b13195a99940cd21a827c3a99cac2 Author: Paul E. McKenney Date: Thu Aug 1 17:34:23 2024 -0700 rcu: Provide rcu_barrier_cb_is_done() to check rcu_barrier() CBs This commit provides a rcu_barrier_cb_is_done() function that returns true if the *rcu_barrier*() callback passed in is done. This will be used when printing grace-period debugging information. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 522295774db51ab39ea3d46926555401c8f10130 Author: Paul E. McKenney Date: Thu Aug 1 17:34:22 2024 -0700 rcu/tasks: Update rtp->tasks_gp_seq comment The rtp->tasks_gp_seq grace-period sequence number is not a strict count, but rather the usual RCU sequence number with the lower few bits tracking per-grace-period state and the upper bits the count of grace periods since boot, give or take the initial value. This commit therefore adjusts this comment. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 49f49266ec9d61a4d038cb4ddff4417ba793198f Author: Paul E. McKenney Date: Thu Aug 1 17:34:21 2024 -0700 rcu/tasks: Check processor-ID assumptions The current mapping of smp_processor_id() to a CPU processing Tasks-RCU callbacks makes some assumptions about layout. This commit therefore adds a WARN_ON() to check these assumptions. [ neeraj.upadhyay: Replace nr_cpu_ids with rcu_task_cpu_ids. ] Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit fd70e9f1d85f5323096ad313ba73f5fe3d15ea41 Author: Zqiang Date: Wed Jul 10 12:45:42 2024 +0800 rcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb() For kernels built with CONFIG_FORCE_NR_CPUS=y, the nr_cpu_ids is defined as NR_CPUS instead of the number of possible cpus, this will cause the following system panic: smpboot: Allowing 4 CPUs, 0 hotplug CPUs ... setup_percpu: NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:512 nr_node_ids:1 ... BUG: unable to handle page fault for address: ffffffff9911c8c8 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 0 PID: 15 Comm: rcu_tasks_trace Tainted: G W 6.6.21 #1 5dc7acf91a5e8e9ac9dcfc35bee0245691283ea6 RIP: 0010:rcu_tasks_need_gpcb+0x25d/0x2c0 RSP: 0018:ffffa371c00a3e60 EFLAGS: 00010082 CR2: ffffffff9911c8c8 CR3: 000000040fa20005 CR4: 00000000001706f0 Call Trace: ? __die+0x23/0x80 ? page_fault_oops+0xa4/0x180 ? exc_page_fault+0x152/0x180 ? asm_exc_page_fault+0x26/0x40 ? rcu_tasks_need_gpcb+0x25d/0x2c0 ? __pfx_rcu_tasks_kthread+0x40/0x40 rcu_tasks_one_gp+0x69/0x180 rcu_tasks_kthread+0x94/0xc0 kthread+0xe8/0x140 ? __pfx_kthread+0x40/0x40 ret_from_fork+0x34/0x80 ? __pfx_kthread+0x40/0x40 ret_from_fork_asm+0x1b/0x80 Considering that there may be holes in the CPU numbers, use the maximum possible cpu number, instead of nr_cpu_ids, for configuring enqueue and dequeue limits. [ neeraj.upadhyay: Fix htmldocs build error reported by Stephen Rothwell ] Closes: https://lore.kernel.org/linux-input/CALMA0xaTSMN+p4xUXkzrtR5r6k7hgoswcaXx7baR_z9r5jjskw@mail.gmail.com/T/#u Reported-by: Zhixu Liu Signed-off-by: Zqiang Signed-off-by: Neeraj Upadhyay commit 7945b741d1fc071a621366c512a060ea08848955 Author: Paul E. McKenney Date: Wed Jul 3 19:47:47 2024 -0700 rcu-tasks: Remove RCU Tasks Rude asynchronous APIs The call_rcu_tasks_rude() and rcu_barrier_tasks_rude() APIs are currently unused. This commit therefore removes their definitions and boot-time self-tests. Signed-off-by: Paul E. McKenney Cc: Peter Zijlstra Signed-off-by: Neeraj Upadhyay commit 599194d01459670049079ff54d52442f54d38432 Author: Paul E. McKenney Date: Wed Jul 3 19:46:00 2024 -0700 rcuscale: Stop testing RCU Tasks Rude asynchronous APIs The call_rcu_tasks_rude() and rcu_barrier_tasks_rude() APIs are currently unused. Furthermore, the idea is to get rid of RCU Tasks Rude entirely once all architectures have their deep-idle and entry/exit code correctly marked as inline or noinstr. As a step towards this goal, this commit therefore removes these two functions from rcuscale testing. Signed-off-by: Paul E. McKenney Cc: Peter Zijlstra Signed-off-by: Neeraj Upadhyay commit b428a9de9bba8877aeb5de4691cc9334467065d6 Author: Paul E. McKenney Date: Wed Jul 3 09:04:08 2024 -0700 rcutorture: Stop testing RCU Tasks Rude asynchronous APIs The call_rcu_tasks_rude() and rcu_barrier_tasks_rude() APIs are currently unused. Furthermore, the idea is to get rid of RCU Tasks Rude entirely once all architectures have their deep-idle and entry/exit code correctly marked as inline or noinstr. As a first step towards this goal, this commit therefore removes these two functions from rcutorture testing. Signed-off-by: Paul E. McKenney Cc: Peter Zijlstra Signed-off-by: Neeraj Upadhyay commit 0ff92d145a2be4da47e2ee6287a731084fba112f Author: Paul E. McKenney Date: Wed Jul 3 19:52:29 2024 -0700 doc: Remove RCU Tasks Rude asynchronous APIs The call_rcu_tasks_rude() and rcu_barrier_tasks_rude() APIs are no longer. This commit therefore removes them from the documentation. Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 1c5144a066fd17eba681b3d6b0f86bda8e06fbfa Author: Paul E. McKenney Date: Thu Aug 1 17:37:50 2024 -0700 torture: Add torture.sh --guest-cpu-limit argument for limited hosts Some servers have limitations on the number of CPUs a given guest OS can use. In my earlier experience, such limitations have been at least half of the host's CPUs, but in a recent example, this limit is less than 40%. This commit therefore adds a --guest-cpu-limit argument that allows such low limits to be made known to torture.sh. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 58cb3210543591c1783a9a884adf27708f19d2a1 Author: Paul E. McKenney Date: Thu Aug 1 17:37:49 2024 -0700 rcutorture: Add a stall_cpu_repeat module parameter This commit adds an stall_cpu_repeat kernel, which is also the rcutorture.stall_cpu_repeat boot parameter, to test repeated CPU stalls. Note that only the first stall will pay attention to the stall_cpu_irqsoff module parameter. For the second and subsequent stalls, interrupts will be enabled. This is helpful when testing the interaction between RCU CPU stall warnings and CSD-lock stall warnings. Reported-by: Rik van Riel Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 1aa0c92f816b3a136cc3a31ef184206a19fc3c03 Author: Yue Haibing Date: Wed Aug 14 11:19:22 2024 +0800 x86/mm: Remove unused NX related declarations Since commit 4763ed4d4552 ("x86, mm: Clean up and simplify NX enablement") these declarations is unused and can be removed. Signed-off-by: Yue Haibing Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240814031922.2333198-1-yuehaibing@huawei.com commit 22f42697265589534df9b109fe0b0efa36896509 Author: Yue Haibing Date: Wed Aug 14 11:16:36 2024 +0800 x86/platform/uv: Remove unused declaration uv_irq_2_mmr_info() Commit 43fe1abc18a2 ("x86/uv: Use hierarchical irqdomain to manage UV interrupts") removed the implementation but left declaration. Signed-off-by: Yue Haibing Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240814031636.1304772-1-yuehaibing@huawei.com commit 330dd6d9c0fce69718b53ca0bc4f2e3920f7f600 Author: Sebastian Andrzej Siewior Date: Mon Aug 12 12:51:05 2024 +0200 hrtimer: Annotate hrtimer_cpu_base_.*_expiry() for sparse. The two hrtimer_cpu_base_.*_expiry() functions are wrappers around the locking functions and sparse complains about the missing counterpart. Add sparse annotation to denote that this bevaviour is expected. Signed-off-by: Sebastian Andrzej Siewior Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240812105326.2240000-3-bigeasy@linutronix.de commit 38cd4cee73a87c40a3e9ef31c0ca7b179fd282f0 Author: Sebastian Andrzej Siewior Date: Mon Aug 12 12:51:04 2024 +0200 timers: Add sparse annotation for timer_sync_wait_running(). timer_sync_wait_running() first releases two locks and then acquires them again. This is unexpected and sparse complains about it. Add sparse annotation for timer_sync_wait_running() to note that the locking is expected. Signed-off-by: Sebastian Andrzej Siewior Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240812105326.2240000-2-bigeasy@linutronix.de commit 04dcadb87da68d1349b658b1fef04f077b78c13c Author: Valentin Caron Date: Mon Jul 22 18:00:22 2024 +0200 rtc: stm32: add alarm A out feature STM32 RTC can pulse some SOC pins when an RTC alarm expires. This patch adds this functionality for alarm A. The pulse can out on three pins RTC_OUT1, RTC_OUT2, RTC_OUT2_RMP (PC13, PB2, PI8 on stm32mp15) (PC13, PB2, PI1 on stm32mp13) (PC13, PF4/PF6, PI8 on stm32mp25). This patch only adds the functionality for devices which are using st,stm32mp1-rtc and st,stm32mp25-rtc compatible. Add "alarm-a" in pinmux functions. Signed-off-by: Valentin Caron Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240722160022.454226-5-valentin.caron@foss.st.com Signed-off-by: Alexandre Belloni commit bb7b0df2be5c6b7bfe0cf9c93067c5b1489566ca Author: Valentin Caron Date: Mon Jul 22 18:00:21 2024 +0200 rtc: stm32: add Low Speed Clock Output (LSCO) support RTC is able to output on a pin the "LSE" internal clock. STM32 RTC is now registered as a clock provider. It provides rtc_lsco clock, that means RTC_LSCO is output on either RTC_OUT1 or RTC_OUT2_RMP, depending on pinmux DT property. The clock is marked as CLK_IGNORE_UNUSED and CLK_IS_CRITICAL because RTC_LSCO can be early required by devices needed it to init. Add LSCO in pinmux functions. Add "stm32_rtc_clean_outs" to disable LSCO. As RTC is part of "backup" power domain, it is not reset during shutdown or reboot. So force LSCO disable at probe. Co-developed-by: Amelie Delaunay Signed-off-by: Amelie Delaunay Signed-off-by: Valentin Caron Link: https://lore.kernel.org/r/20240722160022.454226-4-valentin.caron@foss.st.com Signed-off-by: Alexandre Belloni commit 16ad2bc09efbcb9cb24f8d879ac218421cbef690 Author: Valentin Caron Date: Mon Jul 22 18:00:20 2024 +0200 rtc: stm32: add pinctrl and pinmux interfaces STM32 RTC is capable to handle 3 specific pins of the soc. "out1, out2 and out2_rmp". To handle this, we use pinctrl framework. There is a single pin per group. Signed-off-by: Valentin Caron Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240722160022.454226-3-valentin.caron@foss.st.com Signed-off-by: Alexandre Belloni commit 5b19519d4e6ff70c8bd7fc50055c910e141fd5f8 Author: Valentin Caron Date: Mon Jul 22 18:00:19 2024 +0200 dt-bindings: rtc: stm32: describe pinmux nodes STM32 RTC is capable to handle 3 specific pins of the soc (out1, out2, out2_rmp) and to outputs 2 signals (LSCO, alarm-a). This feature is configured thanks to pinmux nodes and pinctrl framework. This feature is available with compatible st,stm32mp1-rtc and st,stm32mp25-rtc only. Signed-off-by: Valentin Caron Reviewed-by: Krzysztof Kozlowski Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240722160022.454226-2-valentin.caron@foss.st.com Signed-off-by: Alexandre Belloni commit dfa5543193f303a7270ec7c725e656970faf7d57 Author: Jani Nikula Date: Mon Aug 12 17:28:49 2024 +0300 drm/edid: make drm_edid_block_valid() static drm_edid_block_valid() is no longer used outside of drm_edid.c. Make it static. Acked-by: Zhi Wang Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240812142849.1588006-2-jani.nikula@intel.com Signed-off-by: Jani Nikula commit 29323882aa48fc9f273db5820babf32c979359a9 Author: Jani Nikula Date: Mon Aug 12 17:28:48 2024 +0300 drm/i915/gvt: stop using drm_edid_block_valid() We'll want to stop drm_edid_block_valid() usage. KVMGT is the last user. Replace with drm_edid_valid(), which unfortunately requires an allocated drm_edid. However, on the plus side, this would be required to handle the TODO comment about EDID extension block support. Acked-by: Zhi Wang Reviewed-by: Zhenyu Wang Link: https://patchwork.freedesktop.org/patch/msgid/20240812142849.1588006-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit 03a979b74dc1ad5aeed8026a84d8771842cb1631 Author: Yunke Cao Date: Wed Aug 14 11:06:43 2024 +0900 media: videobuf2-core: attach once if multiple planes share the same dbuf When multiple planes use the same dma buf, each plane will have its own dma buf attachment and mapping. It is a waste of IOVA space. This patch adds a dbuf_duplicated boolean in vb2_plane. If a plane's dbuf is the same as an existing plane, do not create another attachment and mapping. Signed-off-by: Yunke Cao Acked-by: Tomasz Figa Signed-off-by: Hans Verkuil commit 1da4e16130d36c712e00bf045f09f194aac964b8 Author: Yunke Cao Date: Wed Aug 14 11:06:42 2024 +0900 media: videobuf2-core: reverse the iteration order in __vb2_buf_dmabuf_put This patch prepares for allowing multiple planes to share the same DMA buffer attachment. Release the planes from num_planes - 1 to 0 so that we don't leave invalid mem_priv pointers behind. Signed-off-by: Yunke Cao Acked-by: Tomasz Figa Signed-off-by: Hans Verkuil commit 95af7c00f35b9cb0873afb8f191f42e04714ed2a Author: Yunke Cao Date: Wed Aug 14 11:06:41 2024 +0900 media: videobuf2-core: release all planes first in __prepare_dmabuf() In the existing implementation, validating planes, checking if the planes changed, releasing previous planes and reaquiring new planes all happens in the same for loop. Split the for loop into 3 parts 1. In the first for loop, validate planes and check if planes changed. 2. Call __vb2_buf_dmabuf_put() to release all planes. 3. In the second for loop, reaquire new planes. Signed-off-by: Yunke Cao Acked-by: Tomasz Figa Signed-off-by: Hans Verkuil commit 6a9c97ab6b7e85697e0b74e86062192a5ffffd99 Author: Yunke Cao Date: Wed Aug 14 11:06:40 2024 +0900 media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() Clear vb2_plane's memory related fields in __vb2_plane_dmabuf_put(), including bytesused, length, fd and data_offset. Remove the duplicated code in __prepare_dmabuf(). Signed-off-by: Yunke Cao Acked-by: Tomasz Figa Signed-off-by: Hans Verkuil commit c60f77387b4a33750a03dcc3becbd8f7a7fb7def Author: Nicolas Dufresne Date: Thu Sep 14 11:06:51 2023 -0400 docs: uapi: media: Document Mediatek 10bit tiled formats Document V4L2_PIX_FMT_MT2110T and V4L2_PIX_FMT_MT2110R. These two formats are nearly identical, reusing MM21 format and expending it by inserting chunk of 16 bytes of lower 2 bit pixel data after each chunk of 64 bytes higher 8 bit of data. Signed-off-by: Nicolas Dufresne Signed-off-by: Hans Verkuil commit 8b4e0f96eace032841ee92152febb5db1a73993e Author: Nicolas Dufresne Date: Thu Sep 14 11:06:50 2023 -0400 docs: uapi: media: Add a layout diagram for MT2110T This diagram details the partitioning done in each tiles. Signed-off-by: Nicolas Dufresne Signed-off-by: Hans Verkuil commit f871cc5b7ec5ec2f5303f128c789ac09a001d287 Author: Nicolas Dufresne Date: Thu Sep 14 11:06:48 2023 -0400 docs: uapi: media: Move NV12_10BE_8L128 to NV15 section This is a 15 bits per pixel (or packed 10 bit format), so move it into the relevant section. Signed-off-by: Nicolas Dufresne Reviewed-by: Andrzej Pietrasiewicz Signed-off-by: Hans Verkuil commit bec81249af4b3b3e80d78363d8dbba6cd42762d9 Author: Nicolas Dufresne Date: Thu Sep 14 11:06:47 2023 -0400 docs: uapi: media: Properly locate NV12MT diagram The diagram have been pushed back at the end of a list of unrelated pixels formats. Move it back next its related pixel format. Signed-off-by: Nicolas Dufresne Reviewed-by: Andrzej Pietrasiewicz Signed-off-by: Hans Verkuil commit 2b4e497c62e15753fedde57ca43428e8a0975105 Author: Martin Tůma Date: Mon Aug 5 17:40:54 2024 +0200 media: admin-guide: mgb4: Outputs DV timings documentation update Properly document the function of the mgb4 output "frame_rate" sysfs parameter and update the default DV timings values according to the latest code changes. Signed-off-by: Martin Tůma Signed-off-by: Hans Verkuil commit e3582018337f4fdd52f873235d4b96fc20b37446 Author: Martin Tůma Date: Mon Aug 5 17:40:53 2024 +0200 media: mgb4: Fixed signal frame rate limit handling Change the default DV timings for the outputs to produce a better signal less "crippled" by the frame rate limiting. While the individual values are now different, the resulting signal still matches the same default display as before. Additionally fix the corner case when the frame rate limit is set to zero causing a "divide by zero" kernel panic. Signed-off-by: Martin Tůma Signed-off-by: Hans Verkuil commit 1724dcc9dd3cc1b58b9954ccafea46921546b4f0 Author: Martin Tůma Date: Mon Aug 5 17:40:52 2024 +0200 media: mgb4: Add support for V4L2_CAP_TIMEPERFRAME Recent mgb4 firmwares have support for setting a variable framerate independent of the signal framerate. Add/fix (the mgb4 driver already did promote V4L2_CAP_TIMEPERFRAME, but it didn't work) support for V4L2_CAP_TIMEPERFRAME to the driver to enable this feature. Additionally add support for the DV timings API (VIDIOC_G_DV_TIMINGS, VIDIOC_ENUM_DV_TIMINGS, ...) for the outputs that was missing. The timings info is required/used for implementing the V4L2_CAP_TIMEPERFRAME functionality. Signed-off-by: Martin Tůma Signed-off-by: Hans Verkuil commit a5972ea0fb8c862d887b91a146908a17b56ee5a2 Author: Martin Tůma Date: Mon Aug 5 17:40:51 2024 +0200 media: mgb4: Add support for YUV image formats Recent mgb4 firmwares support YUV in addition to the RGB image format. Enable YUV in the driver when the FW supports it. Signed-off-by: Martin Tůma Signed-off-by: Hans Verkuil commit 044fcf738a56d915514e2d651333395b3f8daa62 Author: Uwe Kleine-König Date: Wed Apr 24 16:02:48 2024 +0200 media: staging: media: starfive: camss: Drop obsolete return value documentation Recently the function stfcamss_remove() was changed to not return a value. Drop the documentation of the return value in the kernel doc. Fixes: b1f3677aebe5 ("media: staging: media: starfive: camss: Convert to platform remove callback returning void") Signed-off-by: Uwe Kleine-König Signed-off-by: Hans Verkuil commit 22629adc017f97de4f17f6c1068d0ea7ab79f8e3 Author: Jani Nikula Date: Tue May 14 15:55:07 2024 +0300 drm/rockchip: cdn-dp: get rid of drm_edid_raw() The dimensions are available in display info, so there's no need for raw EDID access. While at it, move the debug logging to where the EDID is actually read. Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/d0807fbde7b0bd06ebfcb5df5c3b1cdad4c4ef84.1715691257.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit fde7679a2b374c8c0932f5cc48438a312f3f442c Author: Jani Nikula Date: Thu Jun 6 15:35:03 2024 +0300 drm/edid: reduce DisplayID log spamming Debug printing at DisplayID validation leads to lots of log spamming as it's called at DisplayID iterators during EDID parsing. Remove it, and replace with a less noisy message at connector EDID update. Acked-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240606123503.2825088-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit 1241b384efa53f4b7a95fe2b34d69359bb3ae1b5 Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:35:47 2024 +0200 6pack: propagage new tty types In tty, u8 is now used for data, ssize_t for sizes (with possible negative error codes). Propagate these types to 6pack. Signed-off-by: Jiri Slaby (SUSE) Cc: Greg Kroah-Hartman Cc: Andreas Koensgen Cc: David S. Miller Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: linux-hams@vger.kernel.org Cc: netdev@vger.kernel.org Reviewed-by: Jeremy Kerr Link: https://lore.kernel.org/r/20240808103549.429349-12-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit 4283232aeb114d2a5906c24b5497a545c9b33629 Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:35:46 2024 +0200 6pack: remove global strings They are __init, so they are freed after init is done. But this obfuscates the code. Provided these days, we usually don't print anything if everything has gone fine, drop the info print completely (along with now unused and always artificial SIXPACK_VERSION). And move the other string into the printk proper (while converting from KERN_ERR to pr_err()). Signed-off-by: Jiri Slaby (SUSE) Cc: Greg Kroah-Hartman Cc: Andreas Koensgen Cc: David S. Miller Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: linux-hams@vger.kernel.org Cc: netdev@vger.kernel.org Reviewed-by: Jeremy Kerr Link: https://lore.kernel.org/r/20240808103549.429349-11-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit 392a9d4807e869cb7adfbde62e11e295389c7a72 Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:35:45 2024 +0200 6pack: drop sixpack::buffsize It's never read. Signed-off-by: Jiri Slaby (SUSE) Cc: Greg Kroah-Hartman Cc: Andreas Koensgen Cc: David S. Miller Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: linux-hams@vger.kernel.org Cc: netdev@vger.kernel.org Reviewed-by: Jeremy Kerr Link: https://lore.kernel.org/r/20240808103549.429349-10-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit e2a61a7974bc1d876803dde6f14abe3cabd14009 Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:35:44 2024 +0200 6pack: drop sixpack::mtu It holds a constant (AX25_MTU + 73), so use that constant in place of the single use directly. And remove the stale comment. Signed-off-by: Jiri Slaby (SUSE) Cc: Greg Kroah-Hartman Cc: Andreas Koensgen Cc: David S. Miller Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: linux-hams@vger.kernel.org Cc: netdev@vger.kernel.org Reviewed-by: Jeremy Kerr Link: https://lore.kernel.org/r/20240808103549.429349-9-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit 4c576b3fdeb0713baeb68b4daa1c12eb93d03a79 Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:35:43 2024 +0200 6pack: remove sixpack::rbuff It's unused (except allocation and free). Signed-off-by: Jiri Slaby (SUSE) Cc: Greg Kroah-Hartman Cc: Andreas Koensgen Cc: David S. Miller Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: linux-hams@vger.kernel.org Cc: netdev@vger.kernel.org Reviewed-by: Jeremy Kerr Link: https://lore.kernel.org/r/20240808103549.429349-8-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit be9a28455952ce4284a3a573fef1e35eb41637a3 Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:35:42 2024 +0200 mctp: serial: propagage new tty types In tty, u8 is now used for data, ssize_t for sizes (with possible negative error codes). Propagate these types (and use unsigned in next_chunk_len()) to mctp. Signed-off-by: Jiri Slaby (SUSE) Reviewed-by: Jeremy Kerr Cc: Greg Kroah-Hartman Cc: Jeremy Kerr Cc: Matt Johnston Cc: David S. Miller Cc: Eric Dumazet Cc: Jakub Kicinski Cc: Paolo Abeni Cc: netdev@vger.kernel.org Link: https://lore.kernel.org/r/20240808103549.429349-7-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit 866025f0237609532bc8e4af5ef4d7252d3b55b6 Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:35:41 2024 +0200 xhci: dbgtty: use kfifo from tty_port struct There is no need to define one in a custom structure. The tty_port one is free to use. Signed-off-by: Jiri Slaby (SUSE) Cc: Mathias Nyman Cc: Greg Kroah-Hartman Cc: linux-usb@vger.kernel.org Link: https://lore.kernel.org/r/20240808103549.429349-6-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit 2b217514436744dd98c4d9fa48d60610f9f67d61 Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:35:40 2024 +0200 xhci: dbgtty: remove kfifo_out() wrapper There is no need to check against kfifo_len() before kfifo_out(). Just ask the latter for data and it tells how much it retrieved. Or returns 0 in case there are no more. Signed-off-by: Jiri Slaby (SUSE) Cc: Mathias Nyman Cc: Greg Kroah-Hartman Cc: linux-usb@vger.kernel.org Link: https://lore.kernel.org/r/20240808103549.429349-5-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit b1ce5164b5835eed98cee4132926e5b016179c8c Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:35:39 2024 +0200 mxser: remove doubled sets of close times tty_port::close_delay and ::closing_wait are set in tty_port_init() few lines above already, no need to reset them (to the same values). Signed-off-by: Jiri Slaby (SUSE) Cc: Greg Kroah-Hartman Reviewed-by: Jeremy Kerr Link: https://lore.kernel.org/r/20240808103549.429349-4-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit e64caf989c76d6cfb1b4226fc977c342449452ce Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:35:38 2024 +0200 mxser: remove stale comment The comment mentions ISA removed long time ago. It also comments on .driver_data pointing to above structures. That is not true either. Remove that. Signed-off-by: Jiri Slaby (SUSE) Cc: Greg Kroah-Hartman Reviewed-by: Jeremy Kerr Link: https://lore.kernel.org/r/20240808103549.429349-3-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit 5879adbff5aad0436298db006a922dd576339c7f Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:35:37 2024 +0200 serial: use guards for simple mutex locks Guards can help to make the code more readable. So use it wherever they do so. On many places labels and 'ret' locals are eliminated completely. Signed-off-by: Jiri Slaby (SUSE) Link: https://lore.kernel.org/r/20240808103549.429349-2-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit 98e24a58b597d888f604f0de43fcf5eb5eb204b4 Author: Andy Shevchenko Date: Tue Aug 13 11:19:04 2024 +0300 serial: 8250_bcm2835aux: Switch to DEFINE_SIMPLE_DEV_PM_OPS() The definition of the PM operations opens code the existing macro, replace it with the DEFINE_SIMPLE_DEV_PM_OPS() for setting the driver's PM routines. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240813081954.1408792-1-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 77748913d5d157f1315202e54e24359505a09f65 Author: Andy Shevchenko Date: Mon Aug 12 18:47:09 2024 +0300 serial: 8250_platform: Unify comment style Unify comment style and fix indentation in some cases. While at it, add that it supports ACPI enumerated non-PNP devices. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240812154901.1068407-8-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit cc04428b2e9ea60b620e5ad5412cfcb2f07f3cd6 Author: Andy Shevchenko Date: Mon Aug 12 18:47:08 2024 +0300 serial: 8250_platform: Refactor serial8250_probe() Make it clear that it supports two cases, pure platform device and ACPI. With this in mind, split serial8250_probe() to two functions and rename the ACPI case accordingly. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240812154901.1068407-7-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 4596d2bd551d847dd7380979f064b17b8d41562e Author: Andy Shevchenko Date: Mon Aug 12 18:47:07 2024 +0300 serial: 8250_platform: Switch to use platform_get_mem_or_io() Switch to use new platform_get_mem_or_io() instead of home grown analogue. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240812154901.1068407-6-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 32e0a658752d9822f7b37299696c624cff6979d6 Author: Andy Shevchenko Date: Mon Aug 12 18:47:06 2024 +0300 serial: 8250_platform: Tidy up ACPI ID table Tidy up ACPI ID table: - remove explicit driver_data initializer - drop comma in the terminator entry - use C comment style Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240812154901.1068407-5-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 9136b3766635a08623f3627038533f4c093f7fa1 Author: Andy Shevchenko Date: Mon Aug 12 18:47:05 2024 +0300 serial: 8250_platform: Use same check for ACPI in the whole driver Use has_acpi_companion() as 8250_core does to unify this across the driver modules. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240812154901.1068407-4-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 6586ccd7685bd1550c06ed93e3b11feab9f9d6a6 Author: Andy Shevchenko Date: Mon Aug 12 18:47:04 2024 +0300 serial: 8250_platform: Don't shadow error from serial8250_register_8250_port() Don't shadow error from serial8250_register_8250_port() and return it as is. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240812154901.1068407-3-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit acf7c31def54147964955b61b883d440e0fd1a7f Author: Andy Shevchenko Date: Mon Aug 12 18:47:03 2024 +0300 serial: 8250_platform: Remove duplicate mapping UPF_IOREMAP is for serial core to map the resource on behalf of the driver. No need to perform this explicitly in the driver. Signed-off-by: Andy Shevchenko Link: https://lore.kernel.org/r/20240812154901.1068407-2-andriy.shevchenko@linux.intel.com Signed-off-by: Greg Kroah-Hartman commit 7c199bd2fdcbc221b6f77d624c34f864ad938487 Author: Markus Schneider-Pargmann Date: Wed Aug 7 16:12:27 2024 +0200 serial: 8250: omap: Parse DT wakeup-source proerty If the wakeup-source property is present, enable wakeup from this device. Signed-off-by: Markus Schneider-Pargmann Reviewed-by: Kevin Hilman Tested-by: Kevin Hilman Link: https://lore.kernel.org/r/20240807141227.1093006-6-msp@baylibre.com Signed-off-by: Greg Kroah-Hartman commit 4179df77e5f559e907c4f540e23d5464d7bf67fe Author: Markus Schneider-Pargmann Date: Wed Aug 7 16:12:26 2024 +0200 serial: 8250: omap: Set wakeup capable, do not enable The driver sets wakeup enable by default. But not all UARTs are meant to be wakeup enabled. Change the default to be wakeup capable but not enabled. The user can enable wakeup when needed. Signed-off-by: Markus Schneider-Pargmann Acked-by: Kevin Hilman Reviewed-by: Kevin Hilman Tested-by: Kevin Hilman Link: https://lore.kernel.org/r/20240807141227.1093006-5-msp@baylibre.com Signed-off-by: Greg Kroah-Hartman commit 35e648a16018b747897be2ccc3ce95ff23237bb5 Author: Markus Schneider-Pargmann Date: Wed Aug 7 16:12:25 2024 +0200 serial: 8250: omap: Cleanup on error in request_irq If devm_request_irq fails, the code does not cleanup many things that were setup before. Instead of directly returning ret we should jump to err. Fixes: fef4f600319e ("serial: 8250: omap: Fix life cycle issues for interrupt handlers") Signed-off-by: Markus Schneider-Pargmann Reviewed-by: Kevin Hilman Tested-by: Kevin Hilman Link: https://lore.kernel.org/r/20240807141227.1093006-4-msp@baylibre.com Signed-off-by: Greg Kroah-Hartman commit 704c2c361e1f405dcf676217498a7c24b64190cb Author: Markus Schneider-Pargmann Date: Wed Aug 7 16:12:24 2024 +0200 serial: 8250: omap: Remove unused wakeups_enabled This field seems to be unused for quite some time already. Remove it. Signed-off-by: Markus Schneider-Pargmann Reviewed-by: Kevin Hilman Tested-by: Kevin Hilman Link: https://lore.kernel.org/r/20240807141227.1093006-3-msp@baylibre.com Signed-off-by: Greg Kroah-Hartman commit a4db50efe0745001c65b8920d3d5609151cedef9 Author: Markus Schneider-Pargmann Date: Wed Aug 7 16:12:23 2024 +0200 dt-bindings: serial: 8250_omap: Add wakeup-source property Add the wakeup-source to enable this device as a wakeup source if defined in DT. Signed-off-by: Markus Schneider-Pargmann Acked-by: Conor Dooley Reviewed-by: Kevin Hilman Tested-by: Kevin Hilman Link: https://lore.kernel.org/r/20240807141227.1093006-2-msp@baylibre.com Signed-off-by: Greg Kroah-Hartman commit ff3c62edfc4e7af94f4c960962c105b4b564e939 Author: André Draszik Date: Thu Aug 8 09:11:52 2024 +0100 tty: serial: samsung_tty: cast the interrupt's void *id just once The interrupt handler routines and helpers are casting the 'void *' pointer to 'struct exynos_uart_port *' all over the place. There is no need for that, we can do the casting once and keep passing the 'struct exynos_uart_port *', simplifying the code and saving a few lines of code. No functional changes. Reviewed-by: Tudor Ambarus Signed-off-by: André Draszik Reviewed-by: Jiri Slaby Link: https://lore.kernel.org/r/20240808-samsung-tty-cleanup-v3-2-494412f49f4b@linaro.org Signed-off-by: Greg Kroah-Hartman commit 24179de090b973850e0359299a273683ab2e44b5 Author: André Draszik Date: Thu Aug 8 09:11:51 2024 +0100 tty: serial: samsung_tty: drop unused argument to irq handlers The 'irq' argument is not used in any of the callees, we can just drop it and simplify the code. No functional changes. Reviewed-by: Tudor Ambarus Signed-off-by: André Draszik Reviewed-by: Jiri Slaby Link: https://lore.kernel.org/r/20240808-samsung-tty-cleanup-v3-1-494412f49f4b@linaro.org Signed-off-by: Greg Kroah-Hartman commit fe826cc2654e8561b64246325e6a51b62bf2488c Author: Namhyung Kim Date: Tue Aug 13 22:55:11 2024 +0200 perf: Really fix event_function_call() locking Commit 558abc7e3f89 ("perf: Fix event_function_call() locking") lost IRQ disabling by mistake. Fixes: 558abc7e3f89 ("perf: Fix event_function_call() locking") Reported-by: Pengfei Xu Reported-by: Naresh Kamboju Tested-by: Pengfei Xu Signed-off-by: Namhyung Kim Signed-off-by: Peter Zijlstra (Intel) commit 712f585ab8b2cc2ff4e441b14a4907f764d78f2b Author: Enguerrand de Ribaucourt Date: Mon Aug 12 12:43:47 2024 +0000 net: dsa: microchip: ksz9477: unwrap URL in comment Keep the URL in a single line for easier copy-pasting. Signed-off-by: Enguerrand de Ribaucourt Reviewed-by: Andrew Lunn Acked-by: Arun Ramadoss Link: https://patch.msgid.link/20240812124346.597702-1-enguerrand.de-ribaucourt@savoirfairelinux.com Signed-off-by: Jakub Kicinski commit 29cabacef1024b39506d3acd18cb2e558832bbaf Author: Simon Horman Date: Mon Aug 12 12:24:13 2024 +0100 net: mvneta: Use __be16 for l3_proto parameter of mvneta_txq_desc_csum() The value passed as the l3_proto argument of mvneta_txq_desc_csum() is __be16. And mvneta_txq_desc_csum uses this parameter as a __be16 value. So use __be16 as the type for the parameter, rather than type with host byte order. Flagged by Sparse as: .../mvneta.c:1796:25: warning: restricted __be16 degrades to integer .../mvneta.c:1979:45: warning: incorrect type in argument 2 (different base types) .../mvneta.c:1979:45: expected int l3_proto .../mvneta.c:1979:45: got restricted __be16 [usertype] l3_proto No functional change intended. Flagged by Sparse. Signed-off-by: Simon Horman Reviewed-by: Marcin Wojtas Link: https://patch.msgid.link/20240812-mvneta-be16-v1-1-e1ea12234230@kernel.org Signed-off-by: Jakub Kicinski commit 713ebaed68d88121cbaf5e74104e2290a9ea74bd Author: Csókás, Bence Date: Mon Aug 12 11:47:15 2024 +0200 net: fec: Remove duplicated code `fec_ptp_pps_perout()` reimplements logic already in `fec_ptp_read()`. Replace with function call. Signed-off-by: Csókás, Bence Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240812094713.2883476-2-csokas.bence@prolan.hu Signed-off-by: Jakub Kicinski commit 4374a1fe580a14f6152752390c678d90311df247 Author: Csókás, Bence Date: Mon Aug 12 11:47:13 2024 +0200 net: fec: Move `fec_ptp_read()` to the top of the file This function is used in `fec_ptp_enable_pps()` through struct cyclecounter read(). Moving the declaration makes it clearer, what's happening. Suggested-by: Frank Li Link: https://lore.kernel.org/netdev/20240805144754.2384663-1-csokas.bence@prolan.hu/T/#ma6c21ad264016c24612048b1483769eaff8cdf20 Signed-off-by: Csókás, Bence Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240812094713.2883476-1-csokas.bence@prolan.hu Signed-off-by: Jakub Kicinski commit ed4290f39f417793928630e85c26411db233d841 Author: Christophe JAILLET Date: Sat Aug 10 23:39:04 2024 +0200 net: netconsole: Constify struct config_item_type 'struct config_item_type' is not modified in this driver. This structure is only used with config_group_init_type_name() which takes a const struct config_item_type* as a 3rd argument. This also makes things consistent with 'netconsole_target_type' witch is already const. Constifying this structure moves some data to a read-only section, so increase overall security, especially when the structure holds some function pointers. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 33007 3952 1312 38271 957f drivers/net/netconsole.o After: ===== text data bss dec hex filename 33071 3888 1312 38271 957f drivers/net/netconsole.o Signed-off-by: Christophe JAILLET Reviewed-by: Breno Leitao Link: https://patch.msgid.link/9c205b2b4bdb09fc9e9d2cb2f2936ec053da1b1b.1723325900.git.christophe.jaillet@wanadoo.fr Signed-off-by: Jakub Kicinski commit ac8c97b19dfc01d007ccaeabbbe2daa5e05fce74 Merge: be034ee6c33dcd fa46c456fa6ecc Author: Jakub Kicinski Date: Tue Aug 13 18:17:44 2024 -0700 Merge branch 'gve-add-rss-config-support' Ziwei Xiao says: ==================== gve: Add RSS config support These two patches are used to add RSS config support in GVE driver between the device and ethtool. v2: https://lore.kernel.org/20240808205530.726871-1-pkaligineedi@google.com ==================== Link: https://patch.msgid.link/20240812222013.1503584-1-pkaligineedi@google.com Signed-off-by: Jakub Kicinski commit fa46c456fa6ecc409cec43ac534b1a156bcef7b2 Author: Jeroen de Borst Date: Mon Aug 12 15:20:13 2024 -0700 gve: Add RSS adminq commands and ethtool support Introduce adminq commands to configure and retrieve RSS settings from the device. Implement corresponding ethtool ops for user-level management. Signed-off-by: Jeroen de Borst Co-developed-by: Ziwei Xiao Signed-off-by: Ziwei Xiao Signed-off-by: Praveen Kaligineedi Reviewed-by: Praveen Kaligineedi Reviewed-by: Harshitha Ramamurthy Reviewed-by: Willem de Bruijn Reviewed-by: Hariprasad Kelam Link: https://patch.msgid.link/20240812222013.1503584-3-pkaligineedi@google.com Signed-off-by: Jakub Kicinski commit 58c98d0cd4f8899f517ba1f0255d2aac7666a002 Author: Ziwei Xiao Date: Mon Aug 12 15:20:12 2024 -0700 gve: Add RSS device option Add a device option to inform the driver about the hash key size and hash table size used by the device. This information will be stored and made available for RSS ethtool operations. Signed-off-by: Ziwei Xiao Signed-off-by: Praveen Kaligineedi Reviewed-by: Praveen Kaligineedi Reviewed-by: Harshitha Ramamurthy Reviewed-by: Willem de Bruijn Link: https://patch.msgid.link/20240812222013.1503584-2-pkaligineedi@google.com Signed-off-by: Jakub Kicinski commit 92ec8b9367ab328cdd3d4409464137bc9775a2e5 Author: Asbjørn Sloth Tønnesen Date: Thu Aug 8 07:59:02 2024 +0000 selftests/bpf: Avoid subtraction after htons() in ipip tests On little-endian systems, doing subtraction after htons() leads to interesting results: Given: MAGIC_BYTES = 123 = 0x007B aka. in big endian: 0x7B00 = 31488 sizeof(struct iphdr) = 20 Before this patch: __bpf_constant_htons(MAGIC_BYTES) - sizeof(struct iphdr) = 0x7AEC 0x7AEC = htons(0xEC7A) = htons(60538) So these were outer IP packets with a total length of 123 bytes, containing an inner IP packet with a total length of 60538 bytes. After this patch: __bpf_constant_htons(MAGIC_BYTES - sizeof(struct iphdr)) = htons(103) Now these packets are outer IP packets with a total length of 123 bytes, containing an inner IP packet with a total length of 103 bytes. Signed-off-by: Asbjørn Sloth Tønnesen Reviewed-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/r/20240808075906.1849564-1-ast@fiberby.net Signed-off-by: Martin KaFai Lau commit be034ee6c33dcd7c8dc7160266acb50c897cc2ea Author: Frank Li Date: Sun Aug 11 14:40:49 2024 -0400 dt-bindings: net: fsl,qoriq-mc-dpmac: using unevaluatedProperties Replace additionalProperties with unevaluatedProperties because it have allOf: $ref: ethernet-controller.yaml#. Remove all properties, which already defined in ethernet-controller.yaml. Fixed below CHECK_DTBS warnings: arch/arm64/boot/dts/freescale/fsl-lx2160a-bluebox3.dtb: fsl-mc@80c000000: dpmacs:ethernet@11: 'fixed-link' does not match any of the regexes: 'pinctrl-[0-9]+' from schema $id: http://devicetree.org/schemas/misc/fsl,qoriq-mc.yaml# Signed-off-by: Frank Li Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240811184049.3759195-1-Frank.Li@nxp.com Signed-off-by: Jakub Kicinski commit eceb7b33e5f3bc1e60047d8695cb937b93a08ced Author: Al Viro Date: Tue Jul 30 01:16:10 2024 -0400 bpf: more trivial fdget() conversions All failure exits prior to fdget() leave the scope, all matching fdput() are immediately followed by leaving the scope. Reviewed-by: Christian Brauner Signed-off-by: Al Viro Signed-off-by: Andrii Nakryiko commit eb80ee85801cd8e3c6f39b08830867d2afecd8f5 Author: Al Viro Date: Tue Aug 13 14:34:10 2024 -0700 bpf: trivial conversions for fdget() fdget() is the first thing done in scope, all matching fdput() are immediately followed by leaving the scope. Reviewed-by: Christian Brauner Signed-off-by: Al Viro Signed-off-by: Andrii Nakryiko commit 55f325958ccc41eaea43eb4546d4dc77c1b5ef8a Author: Al Viro Date: Tue Jul 30 01:16:04 2024 -0400 bpf: switch maps to CLASS(fd, ...) Calling conventions for __bpf_map_get() would be more convenient if it left fpdut() on failure to callers. Makes for simpler logics in the callers. Among other things, the proof of memory safety no longer has to rely upon file->private_data never being ERR_PTR(...) for bpffs files. Original calling conventions made it impossible for the caller to tell whether __bpf_map_get() has returned ERR_PTR(-EINVAL) because it has found the file not be a bpf map one (in which case it would've done fdput()) or because it found that ERR_PTR(-EINVAL) in file->private_data of a bpf map file (in which case fdput() would _not_ have been done). Signed-off-by: Al Viro Reviewed-by: Christian Brauner Signed-off-by: Andrii Nakryiko commit 535ead44ffd08479212e31729a7118bd4e9ac699 Author: Andrii Nakryiko Date: Tue Aug 6 14:31:34 2024 -0700 bpf: factor out fetching bpf_map from FD and adding it to used_maps list Factor out the logic to extract bpf_map instances from FD embedded in bpf_insns, adding it to the list of used_maps (unless it's already there, in which case we just reuse map's index). This simplifies the logic in resolve_pseudo_ldimm64(), especially around `struct fd` handling, as all that is now neatly contained in the helper and doesn't leak into a dozen error handling paths. Signed-off-by: Andrii Nakryiko commit 51a1ca933f5dc9e764ac065ff0949130cc32a48b Author: Al Viro Date: Tue Aug 13 14:18:38 2024 -0700 bpf: switch fdget_raw() uses to CLASS(fd_raw, ...) Swith fdget_raw() use cases in bpf_inode_storage.c to CLASS(fd_raw). Reviewed-by: Christian Brauner Signed-off-by: Al Viro Signed-off-by: Andrii Nakryiko commit d71973707efe8522b1f95189113273d3d5652808 Author: Al Viro Date: Tue Jul 30 01:16:02 2024 -0400 bpf: convert __bpf_prog_get() to CLASS(fd, ...) Irregularity here is fdput() not in the same scope as fdget(); just fold ____bpf_prog_get() into its (only) caller and that's it... Signed-off-by: Al Viro Acked-by: Andrii Nakryiko Reviewed-by: Christian Brauner Signed-off-by: Andrii Nakryiko commit baae8b0ba8352f2b93346cc1e33ca115152cf22c Author: Jing-Ping Jan Date: Tue Aug 13 01:09:10 2024 +0800 Documentation: networking: correct spelling Correct spelling problems for Documentation/networking/ as reported by ispell. Signed-off-by: Jing-Ping Jan Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240812170910.5760-1-zoo868e@gmail.com Signed-off-by: Jakub Kicinski commit 623122ac1c4074791ea319df4676fb2875817fe4 Author: Ahmed Zaki Date: Thu Jul 25 16:08:09 2024 -0600 iavf: add support for offloading tc U32 cls filters Add support for offloading cls U32 filters. Only "skbedit queue_mapping" and "drop" actions are supported. Also, only "ip" and "802_3" tc protocols are allowed. The PF must advertise the VIRTCHNL_VF_OFFLOAD_TC_U32 capability flag. Since the filters will be enabled via the FD stage at the PF, a new type of FDIR filters is added and the existing list and state machine are used. The new filters can be used to configure flow directors based on raw (binary) pattern in the rx packet. Examples: 0. # tc qdisc add dev enp175s0v0 ingress 1. Redirect UDP from src IP 192.168.2.1 to queue 12: # tc filter add dev protocol ip ingress u32 \ match u32 0x45000000 0xff000000 at 0 \ match u32 0x00110000 0x00ff0000 at 8 \ match u32 0xC0A80201 0xffffffff at 12 \ match u32 0x00000000 0x00000000 at 24 \ action skbedit queue_mapping 12 skip_sw 2. Drop all ICMP: # tc filter add dev protocol ip ingress u32 \ match u32 0x45000000 0xff000000 at 0 \ match u32 0x00010000 0x00ff0000 at 8 \ match u32 0x00000000 0x00000000 at 24 \ action drop skip_sw 3. Redirect ICMP traffic from MAC 3c:fd:fe:a5:47:e0 to queue 7 (note proto: 802_3): # tc filter add dev protocol 802_3 ingress u32 \ match u32 0x00003CFD 0x0000ffff at 4 \ match u32 0xFEA547E0 0xffffffff at 8 \ match u32 0x08004500 0xffffff00 at 12 \ match u32 0x00000001 0x000000ff at 20 \ match u32 0x0000 0x0000 at 40 \ action skbedit queue_mapping 7 skip_sw Notes on matches: 1 - All intermediate fields that are needed to parse the correct PTYPE must be provided (in e.g. 3: Ethernet Type 0x0800 in MAC, IP version and IP length: 0x45 and protocol: 0x01 (ICMP)). 2 - The last match must provide an offset that guarantees all required headers are accounted for, even if the last header is not matched. For example, in #2, the last match is 4 bytes at offset 24 starting from IP header, so the total is 14 (MAC) + 24 + 4 = 42, which is the sum of MAC+IP+ICMP headers. Reviewed-by: Sridhar Samudrala Reviewed-by: Marcin Szycik Signed-off-by: Ahmed Zaki Tested-by: Rafal Romanowski Reviewed-by: Simon Horman Signed-off-by: Tony Nguyen commit 995617dccc89643d8d8022bbec76e869643842bf Author: Ahmed Zaki Date: Thu Jul 25 16:08:08 2024 -0600 iavf: refactor add/del FDIR filters In preparation for a second type of FDIR filters that can be added by tc-u32, move the add/del of the FDIR logic to be entirely contained in iavf_fdir.c. The iavf_find_fdir_fltr_by_loc() is renamed to iavf_find_fdir_fltr() to be more agnostic to the filter ID parameter (for now @loc, which is relevant only to current FDIR filters added via ethtool). The FDIR filter deletion is moved from iavf_del_fdir_ethtool() in ethtool.c to iavf_fdir_del_fltr(). While at it, fix a minor bug where the "fltr" is accessed out of the fdir_fltr_lock spinlock protection. Reviewed-by: Sridhar Samudrala Reviewed-by: Marcin Szycik Signed-off-by: Ahmed Zaki Tested-by: Rafal Romanowski Reviewed-by: Simon Horman Signed-off-by: Tony Nguyen commit 99f419df8a5c5e1a58822203989f77712d01d410 Author: Junfeng Guo Date: Thu Jul 25 16:08:07 2024 -0600 ice: enable FDIR filters from raw binary patterns for VFs Enable VFs to create FDIR filters from raw binary patterns. The corresponding processes for raw flow are added in the Parse / Create / Destroy stages. Reviewed-by: Marcin Szycik Signed-off-by: Junfeng Guo Co-developed-by: Ahmed Zaki Signed-off-by: Ahmed Zaki Tested-by: Rafal Romanowski Reviewed-by: Simon Horman Signed-off-by: Tony Nguyen commit f217c187ea2eb31500fdea34f595f56433a164f1 Author: Junfeng Guo Date: Thu Jul 25 16:08:06 2024 -0600 ice: add method to disable FDIR SWAP option The SWAP Flag in the FDIR Programming Descriptor doesn't work properly, it is always set and cannot be unset (hardware bug). Thus, add a method to effectively disable the FDIR SWAP option by setting the FDSWAP instead of FDINSET registers. Reviewed-by: Marcin Szycik Signed-off-by: Junfeng Guo Signed-off-by: Ahmed Zaki Tested-by: Rafal Romanowski Reviewed-by: Simon Horman Signed-off-by: Tony Nguyen commit fb4dae4ca315fe48f1a8a452172f29196b2a7f3d Author: Junfeng Guo Date: Thu Jul 25 16:08:05 2024 -0600 virtchnl: support raw packet in protocol header The patch extends existing virtchnl_proto_hdrs structure to allow VF to pass a pair of buffers as packet data and mask that describe a match pattern of a filter rule. Then the kernel PF driver is requested to parse the pair of buffer and figure out low level hardware metadata (ptype, profile, field vector.. ) to program the expected FDIR or RSS rules. Reviewed-by: Simon Horman Reviewed-by: Marcin Szycik Signed-off-by: Qi Zhang Signed-off-by: Junfeng Guo Signed-off-by: Ahmed Zaki Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit e312b3a1e2092f612914dbc4fa5d96b4d8ff94ef Author: Junfeng Guo Date: Thu Jul 25 16:08:04 2024 -0600 ice: add API for parser profile initialization Add API ice_parser_profile_init() to init a parser profile based on a parser result and a mask buffer. The ice_parser_profile struct is used by the low level FXP engine to create HW profile/field vectors. Reviewed-by: Marcin Szycik Signed-off-by: Qi Zhang Signed-off-by: Junfeng Guo Signed-off-by: Ahmed Zaki Tested-by: Rafal Romanowski Reviewed-by: Simon Horman Signed-off-by: Tony Nguyen commit 80a480075911ec333a692e3108899a565b5f4bdc Author: Junfeng Guo Date: Thu Jul 25 16:08:03 2024 -0600 ice: add UDP tunnels support to the parser Add support for the vxlan, geneve, ecpri UDP tunnels through the following APIs: - ice_parser_vxlan_tunnel_set() - ice_parser_geneve_tunnel_set() - ice_parser_ecpri_tunnel_set() Reviewed-by: Simon Horman Reviewed-by: Marcin Szycik Signed-off-by: Qi Zhang Signed-off-by: Junfeng Guo Signed-off-by: Ahmed Zaki Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit b2687653fe690569d48eb60343745fe436f7d532 Author: Junfeng Guo Date: Thu Jul 25 16:08:02 2024 -0600 ice: support turning on/off the parser's double vlan mode Add API ice_parser_dvm_set() to support turning on/off the parser's double vlan mode. Reviewed-by: Marcin Szycik Signed-off-by: Qi Zhang Signed-off-by: Junfeng Guo Co-developed-by: Ahmed Zaki Signed-off-by: Ahmed Zaki Tested-by: Rafal Romanowski Reviewed-by: Simon Horman Signed-off-by: Tony Nguyen commit 9a4c07aaa0f54dd2ddd9e772be9b9ece27b229f0 Author: Junfeng Guo Date: Thu Jul 25 16:08:01 2024 -0600 ice: add parser execution main loop Implement the core work of the runtime parser via: - ice_parser_rt_execute() - ice_parser_rt_reset() - ice_parser_rt_pkt_buf_set() Reviewed-by: Marcin Szycik Signed-off-by: Qi Zhang Signed-off-by: Junfeng Guo Signed-off-by: Ahmed Zaki Tested-by: Rafal Romanowski Reviewed-by: Simon Horman Signed-off-by: Tony Nguyen commit 4851f12c8d8a0dc89d1bf83ec9d7f34bd4f65572 Author: Junfeng Guo Date: Thu Jul 25 16:08:00 2024 -0600 ice: add parser internal helper functions Add the following internal helper functions: - ice_bst_tcam_match(): to perform ternary match on boost TCAM. - ice_pg_cam_match(): to perform parse graph key match in cam table. - ice_pg_nm_cam_match(): to perform parse graph key no match in cam table. - ice_ptype_mk_tcam_match(): to perform ptype markers match in tcam table. - ice_flg_redirect(): to redirect parser flags to packet flags. - ice_xlt_kb_flag_get(): to aggregate 64 bit packet flag into 16 bit key builder flags. Reviewed-by: Simon Horman Reviewed-by: Aleksandr Loktionov Reviewed-by: Wojciech Drewek Reviewed-by: Marcin Szycik Signed-off-by: Qi Zhang Signed-off-by: Junfeng Guo Signed-off-by: Ahmed Zaki Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 68add288189a5490868ccf8cbed273320568928d Author: Junfeng Guo Date: Thu Jul 25 16:07:59 2024 -0600 ice: add debugging functions for the parser sections Add debug for all parser sections. Reviewed-by: Marcin Szycik Signed-off-by: Qi Zhang Signed-off-by: Junfeng Guo Signed-off-by: Ahmed Zaki Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 75b4a938a947785cdda8908cb700c58e95f8ff69 Author: Junfeng Guo Date: Thu Jul 25 16:07:58 2024 -0600 ice: parse and init various DDP parser sections Parse the following DDP sections: - ICE_SID_RXPARSER_IMEM into an array of struct ice_imem_item - ICE_SID_RXPARSER_METADATA_INIT into an array of struct ice_metainit_item - ICE_SID_RXPARSER_CAM or ICE_SID_RXPARSER_PG_SPILL into an array of struct ice_pg_cam_item - ICE_SID_RXPARSER_NOMATCH_CAM or ICE_SID_RXPARSER_NOMATCH_SPILL into an array of struct ice_pg_nm_cam_item - ICE_SID_RXPARSER_CAM into an array of ice_bst_tcam_item - ICE_SID_LBL_RXPARSER_TMEM into an array of ice_lbl_item - ICE_SID_RXPARSER_MARKER_PTYPE into an array of ice_ptype_mk_tcam_item - ICE_SID_RXPARSER_MARKER_GRP into an array of ice_mk_grp_item - ICE_SID_RXPARSER_PROTO_GRP into an array of ice_proto_grp_item - ICE_SID_RXPARSER_FLAG_REDIR into an array of ice_flg_rd_item - ICE_SID_XLT_KEY_BUILDER_SW, ICE_SID_XLT_KEY_BUILDER_ACL, ICE_SID_XLT_KEY_BUILDER_FD and ICE_SID_XLT_KEY_BUILDER_RSS into struct ice_xlt_kb Reviewed-by: Marcin Szycik Signed-off-by: Qi Zhang Signed-off-by: Junfeng Guo Co-developed-by: Ahmed Zaki Signed-off-by: Ahmed Zaki Tested-by: Rafal Romanowski Reviewed-by: Simon Horman Signed-off-by: Tony Nguyen commit 86ff3d79a0ee72b7662ef1cc712ba85336b77c30 Author: Junfeng Guo Date: Thu Jul 25 16:07:57 2024 -0600 ice: add parser create and destroy skeleton Add new parser module which can parse a packet in binary and generate information like ptype, protocol/offset pairs and flags which can be later used to feed the FXP profile creation directly. Add skeleton of the create and destroy APIs: ice_parser_create() ice_parser_destroy() Reviewed-by: Simon Horman Reviewed-by: Marcin Szycik Reviewed-by: Wojciech Drewek Signed-off-by: Qi Zhang Signed-off-by: Junfeng Guo Co-developed-by: Ahmed Zaki Signed-off-by: Ahmed Zaki Tested-by: Rafal Romanowski Signed-off-by: Tony Nguyen commit 50470d3899cdf06fd58def74dec87f31e13cda6f Merge: 4a4c013d3385b0 de12c3391bce10 Author: Andrii Nakryiko Date: Tue Aug 13 13:52:30 2024 -0700 Merge remote-tracking branch 'vfs/stable-struct_fd' Merge Al Viro's struct fd refactorings. Signed-off-by: Andrii Nakryiko commit 1eda95cba9df35f1fb0fb4b89511beb6603c614e Author: Lucas De Marchi Date: Tue Aug 13 07:19:31 2024 -0700 drm/xe: Rename enable_display module param The different approach used by xe regarding the initialization of display HW has been proved a great addition for early driver bring up: core xe can be tested without having all the bits sorted out on the display side. On the other hand, the approach exposed by i915-display is to *actively* disable the display by programming it if needed, i.e. if it was left enabled by firmware. It also has its use to make sure the HW is actually disabled and not wasting power. However having both the way it is in xe doesn't expose a good interface wrt module params. From modinfo: disable_display:Disable display (default: false) (bool) enable_display:Enable display (bool) Rename enable_display to probe_display to try to convey the message that the HW is being touched and improve the module param description. To avoid confusion, the enable_display is renamed everywhere, not only in the module param. New description for the parameters: disable_display:Disable display (default: false) (bool) probe_display:Probe display HW, otherwise it's left untouched (default: true) (bool) Reviewed-by: Matt Roper Acked-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240813141931.3141395-1-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit eb81f43c901ff799d762aa65888fd87d08d9a1ff Author: Stefan Wahren Date: Mon Aug 12 22:03:57 2024 +0200 ARM: dts: bcm2837/bcm2712: adjust local intc node names After converting the bcm2836-l1-intc DT binding to YAML, the DT schema checks gave warnings like: 'local_intc@40000000' does not match '^interrupt-controller(@[0-9a-f,]+)*$' So fix them accordingly. Signed-off-by: Stefan Wahren Link: https://lore.kernel.org/r/20240812200358.4061-4-wahrenst@gmx.net Signed-off-by: Florian Fainelli commit 70c2cf283c2ff475e3a07d62ead91a11b18376b1 Author: Stefan Wahren Date: Sun Jul 28 13:41:45 2024 +0200 firmware: raspberrypi: Improve timeout warning Recent work on raspberry-power driver showed that even the stacktrace on firmware property timeout doesn't provide enough information. So add the first tag name to the warning to be in line with a status error. Signed-off-by: Stefan Wahren Reviewed-by: Florian Fainelli Link: https://lore.kernel.org/r/20240728114200.75559-2-wahrenst@gmx.net Signed-off-by: Florian Fainelli commit 14fcaf5081e14fc4181863212e71aed9e1cbcb61 Author: Frank Li Date: Fri Aug 9 10:32:06 2024 -0400 dt-bindings: net: convert maxim,ds26522.txt to yaml format Convert binding doc maxim,ds26522.txt to yaml format. Additional changes - Remove spi-max-frequency because ref to /schemas/spi/spi-peripheral-props.yaml - Add address-cells and size-cells in example Fix below warning: arch/arm64/boot/dts/freescale/fsl-ls1043a-rdb.dtb: /soc/spi@2100000/slic@2: failed to match any schema with compatible: ['maxim,ds26522'] Signed-off-by: Frank Li Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240809143208.3447888-1-Frank.Li@nxp.com Signed-off-by: Rob Herring (Arm) commit 7c43f89b171a8761a05741eaedf80e7ceaba6070 Author: Andrew Jeffery Date: Thu Aug 8 13:44:25 2024 +0930 dt-bindings: misc: aspeed,ast2400-cvic: Convert to DT schema Address warnings such as: arch/arm/boot/dts/aspeed/aspeed-bmc-facebook-galaxy100.dtb: interrupt-controller@1e6c0080: 'valid-sources' does not match any of the regexes: 'pinctrl-[0-9]+' and arch/arm/boot/dts/aspeed/aspeed-bmc-facebook-galaxy100.dtb: /ahb/copro-interrupt-controller@1e6c2000: failed to match any schema with compatible: ['aspeed,ast2400-cvic', 'aspeed-cvic'] Note that the conversion to DT schema causes some further warnings to be emitted, because the Aspeed devicetrees are not in great shape. These new warnings are resolved in a separate series: https://lore.kernel.org/lkml/20240802-dt-warnings-bmc-dts-cleanups-v1-0-1cb1378e5fcd@codeconstruct.com.au/ Signed-off-by: Andrew Jeffery Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240808-dt-warnings-irq-aspeed-dt-schema-v2-2-c2531e02633d@codeconstruct.com.au Signed-off-by: Rob Herring (Arm) commit b081414e23cf7767107f3cfa4e62c34f05fda890 Author: Andrew Jeffery Date: Thu Aug 8 13:44:24 2024 +0930 dt-bindings: interrupt-controller: aspeed,ast2400-vic: Convert to DT schema Squash warnings such as: arch/arm/boot/dts/aspeed/aspeed-bmc-facebook-galaxy100.dtb: /ahb/interrupt-controller@1e6c0080: failed to match any schema with compatible: ['aspeed,ast2400-vic'] The YAML DT schema defines an optional property, valid-sources, which was not previously described in the prose binding. It is added to document existing practice in the Aspeed devicetrees. Unfortunately the property seems to predate the requirement that vendor-specific properties be prefixed. Signed-off-by: Andrew Jeffery Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240808-dt-warnings-irq-aspeed-dt-schema-v2-1-c2531e02633d@codeconstruct.com.au Signed-off-by: Rob Herring (Arm) commit 84252c1d2c6efed706037e00f25455378fdda97c Author: Animesh Agarwal Date: Wed Jul 31 13:15:40 2024 +0530 dt-bindings: timer: nxp,lpc3220-timer: Convert to dtschema Convert the NXP LPC3220 timer bindings to yaml format. Add missing resets property as it is already being used in dts. Cc: Daniel Baluta Signed-off-by: Animesh Agarwal Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731074544.208411-1-animeshagarwal28@gmail.com Signed-off-by: Rob Herring (Arm) commit 8fc30d8f8e86eb4d4909b37d1b114451003dc9cf Author: Animesh Agarwal Date: Tue Jul 30 22:43:33 2024 +0530 dt-bindings: timer: fsl,ftm-timer: Convert to dtschema Convert the Freescale FlexTimer Module (FTM) Timer bindings to yaml. Cc: Daniel Baluta Signed-off-by: Animesh Agarwal Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240730171336.99090-1-animeshagarwal28@gmail.com Signed-off-by: Rob Herring (Arm) commit 6188a1c762eb9bbd444f47696eda77a5eae6207a Author: Dan Carpenter Date: Fri Jul 19 18:53:26 2024 -0500 PCI: keystone: Fix if-statement expression in ks_pcie_quirk() This code accidentally uses && where || was intended. It potentially results in a NULL dereference. Thus, fix the if-statement expression to use the correct condition. Fixes: 86f271f22bbb ("PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0)") Link: https://lore.kernel.org/linux-pci/1b762a93-e1b2-4af3-8c04-c8843905c279@stanley.mountain Signed-off-by: Dan Carpenter [kwilczynski: commit log] Signed-off-by: Krzysztof Wilczyński Reviewed-by: Manivannan Sadhasivam Reviewed-by: Siddharth Vadapalli commit a884dde8d9b6a4a817cc39663db824e5602a8001 Author: Vignesh Raman Date: Wed Aug 7 13:50:18 2024 +0530 drm/ci: uprev mesa Uprev mesa to adapt to the latest changes in mesa ci. Project 'anholt/deqp-runner' was moved to 'mesa/deqp-runner'. So update the link. Signed-off-by: Vignesh Raman Reviewed-by: Daniel Stone Signed-off-by: Helen Koike Link: https://patchwork.freedesktop.org/patch/msgid/20240807082020.429434-1-vignesh.raman@collabora.com commit 52e371914ed37f531a8d8c3b4cf1a1af2753eb6d Author: WangYuli Date: Tue Jul 16 16:37:43 2024 +0800 drm/ci: Upgrade setuptools requirement to 70.0.0 GitHub Dependabot has issued the following alert: "Upgrade setuptools to version 70.0.0 or later. A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0. Severity: 8.8 / 10 (High) Attack vector: Network Attack complexity: Low Privileges required: None User interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High CVE ID: CVE-2024-6345" To avoid disturbing everyone with the kernel repo hosted on GitHub, I suggest we upgrade our python dependencies once again to appease GitHub Dependabot. Link: https://github.com/dependabot Signed-off-by: WangYuli Acked-by: Helen Koike Signed-off-by: Helen Koike Link: https://patchwork.freedesktop.org/patch/msgid/0237854884D6DB3C+20240716083743.33415-1-wangyuli@uniontech.com commit a97756cbec448032f84b5bbfe4e101478d1e01e0 Author: Xin Li (Intel) Date: Tue Jul 9 08:40:48 2024 -0700 x86/fred: Enable FRED right after init_mem_mapping() On 64-bit init_mem_mapping() relies on the minimal page fault handler provided by the early IDT mechanism. The real page fault handler is installed right afterwards into the IDT. This is problematic on CPUs which have X86_FEATURE_FRED set because the real page fault handler retrieves the faulting address from the FRED exception stack frame and not from CR2, but that does obviously not work when FRED is not yet enabled in the CPU. To prevent this enable FRED right after init_mem_mapping() without interrupt stacks. Those are enabled later in trap_init() after the CPU entry area is set up. [ tglx: Encapsulate the FRED details ] Fixes: 14619d912b65 ("x86/fred: FRED entry/exit and dispatch code") Reported-by: Hou Wenlong Suggested-by: Thomas Gleixner Signed-off-by: Xin Li (Intel) Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240709154048.3543361-4-xin@zytor.com commit 73270c1f2369fb37683121ebe097cd37172602b6 Author: Xin Li (Intel) Date: Tue Jul 9 08:40:47 2024 -0700 x86/fred: Move FRED RSP initialization into a separate function To enable FRED earlier, move the RSP initialization out of cpu_init_fred_exceptions() into cpu_init_fred_rsps(). This is required as the FRED RSP initialization depends on the availability of the CPU entry areas which are set up late in trap_init(), No functional change intended. Marked with Fixes as it's a depedency for the real fix. Fixes: 14619d912b65 ("x86/fred: FRED entry/exit and dispatch code") Signed-off-by: Xin Li (Intel) Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240709154048.3543361-3-xin@zytor.com commit 989b5cfaa7b6054f4e1bde914470ee091c23e6a5 Author: Xin Li (Intel) Date: Tue Jul 9 08:40:46 2024 -0700 x86/fred: Parse cmdline param "fred=" in cpu_parse_early_param() Depending on whether FRED is enabled, sysvec_install() installs a system interrupt handler into either into FRED's system vector dispatch table or into the IDT. However FRED can be disabled later in trap_init(), after sysvec_install() has been invoked already; e.g., the HYPERVISOR_CALLBACK_VECTOR handler is registered with sysvec_install() in kvm_guest_init(), which is called in setup_arch() but way before trap_init(). IOW, there is a gap between FRED is available and available but disabled. As a result, when FRED is available but disabled, early sysvec_install() invocations fail to install the IDT handler resulting in spurious interrupts. Fix it by parsing cmdline param "fred=" in cpu_parse_early_param() to ensure that FRED is disabled before the first sysvec_install() incovations. Fixes: 3810da12710a ("x86/fred: Add a fred= cmdline param") Reported-by: Hou Wenlong Suggested-by: Thomas Gleixner Signed-off-by: Xin Li (Intel) Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240709154048.3543361-2-xin@zytor.com commit 89909296a51e792f296e52e104a04aed0cb7a9e9 Author: Tejun Heo Date: Wed Aug 7 13:15:19 2024 -1000 sched_ext: Don't use double locking to migrate tasks across CPUs consume_remote_task() and dispatch_to_local_dsq() use move_task_to_local_dsq() to migrate the task to the target CPU. Currently, move_task_to_local_dsq() expects the caller to lock both the source and destination rq's. While this may save a few lock operations while the rq's are not contended, under contention, the double locking can exacerbate the situation significantly (refer to the linked message below). Update the migration path so that double locking is not used. move_task_to_local_dsq() now expects the caller to be locking the source rq, drops it and then acquires the destination rq lock. Code is simpler this way and, on a 2-way NUMA machine w/ Xeon Gold 6138, 'hackbench 100 thread 5000` shows ~3% improvement with scx_simple. Signed-off-by: Tejun Heo Suggested-by: Peter Zijlstra Link: http://lkml.kernel.org/r/20240806082716.GP37996@noisy.programming.kicks-ass.net Acked-by: David Vernet commit ec0a7d44b358afaaf52856d03c72e20587bc888b Author: Matthew Brost Date: Fri Aug 9 15:28:25 2024 -0700 workqueue: Add interface for user-defined workqueue lockdep map Add an interface for a user-defined workqueue lockdep map, which is helpful when multiple workqueues are created for the same purpose. This also helps avoid leaking lockdep maps on each workqueue creation. v2: - Add alloc_workqueue_lockdep_map (Tejun) v3: - Drop __WQ_USER_OWNED_LOCKDEP (Tejun) - static inline alloc_ordered_workqueue_lockdep_map (Tejun) Cc: Tejun Heo Cc: Lai Jiangshan Signed-off-by: Matthew Brost Signed-off-by: Tejun Heo commit 4f022f430e21e456893283036bc2ea78ac6bd2a1 Author: Matthew Brost Date: Fri Aug 9 15:28:24 2024 -0700 workqueue: Change workqueue lockdep map to pointer Will help enable user-defined lockdep maps for workqueues. Cc: Tejun Heo Cc: Lai Jiangshan Signed-off-by: Matthew Brost Signed-off-by: Tejun Heo commit b188c57af2b5c17a1e8f71a0358f330446a4f788 Author: Matthew Brost Date: Fri Aug 9 15:28:23 2024 -0700 workqueue: Split alloc_workqueue into internal function and lockdep init Will help enable user-defined lockdep maps for workqueues. Cc: Tejun Heo Cc: Lai Jiangshan Signed-off-by: Matthew Brost Signed-off-by: Tejun Heo commit 33d031ec12105e4e4589dc5f50511a666d6f4b4f Author: Manu Bretelle Date: Tue Aug 13 11:56:25 2024 -0700 sched_ext: define missing cfi stubs for sched_ext `__bpf_ops_sched_ext_ops` was missing the initialization of some struct attributes. With https://lore.kernel.org/all/20240722183049.2254692-4-martin.lau@linux.dev/ every single attributes need to be initialized programs (like scx_layered) will fail to load. 05:26:48 [INFO] libbpf: struct_ops layered: member cgroup_init not found in kernel, skipping it as it's set to zero 05:26:48 [INFO] libbpf: struct_ops layered: member cgroup_exit not found in kernel, skipping it as it's set to zero 05:26:48 [INFO] libbpf: struct_ops layered: member cgroup_prep_move not found in kernel, skipping it as it's set to zero 05:26:48 [INFO] libbpf: struct_ops layered: member cgroup_move not found in kernel, skipping it as it's set to zero 05:26:48 [INFO] libbpf: struct_ops layered: member cgroup_cancel_move not found in kernel, skipping it as it's set to zero 05:26:48 [INFO] libbpf: struct_ops layered: member cgroup_set_weight not found in kernel, skipping it as it's set to zero 05:26:48 [WARN] libbpf: prog 'layered_dump': BPF program load failed: unknown error (-524) 05:26:48 [WARN] libbpf: prog 'layered_dump': -- BEGIN PROG LOAD LOG -- attach to unsupported member dump of struct sched_ext_ops processed 0 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0 -- END PROG LOAD LOG -- 05:26:48 [WARN] libbpf: prog 'layered_dump': failed to load: -524 05:26:48 [WARN] libbpf: failed to load object 'bpf_bpf' 05:26:48 [WARN] libbpf: failed to load BPF skeleton 'bpf_bpf': -524 Error: Failed to load BPF program Signed-off-by: Manu Bretelle Signed-off-by: Tejun Heo commit 107280e1371f1ba183be1ac88e91ec60cad33c18 Author: Rafael J. Wysocki Date: Mon Jul 29 18:27:25 2024 +0200 thermal: sysfs: Refine the handling of trip hysteresis changes Change trip_point_hyst_store() and replace thermal_zone_trip_updated() with thermal_zone_set_trip_hyst() to follow the trip_point_temp_store() code pattern for more consistency. No intentional functional impact. Signed-off-by: Rafael J. Wysocki Link: https://patch.msgid.link/5508466.Sb9uPGUboI@rjwysocki.net commit afd84fb10ced3caf53769ba734ea237bde0f69e3 Author: Rafael J. Wysocki Date: Mon Jul 29 18:25:59 2024 +0200 thermal: sysfs: Get to trips via attribute pointers The _store() and _show() functions for sysfs attributes corresponding to trip point parameters (type, temperature and hysteresis) read the trip ID from the attribute name and then use the trip ID as the index in the given thermal zone's trips table to get to the trip object they want. Instead of doing this, make them use the attribute pointer they get as the second argument to get to the trip object embedded in the same struct thermal_trip_desc as the struct device_attribute pointed to by it, which is much more straightforward and less overhead. Signed-off-by: Rafael J. Wysocki Link: https://patch.msgid.link/114841552.nniJfEyVGO@rjwysocki.net commit 66b263306a86c0f2d3cdb44e3722db6cff3a32b3 Author: Rafael J. Wysocki Date: Mon Jul 29 18:25:03 2024 +0200 thermal: core: Store trip sysfs attributes in thermal_trip_desc Instead of allocating memory for trip point sysfs attributes separately, store them in struct thermal_trip_desc for each trip individually which allows a few extra memory allocations to be avoided. No intentional functional impact. Signed-off-by: Rafael J. Wysocki Link: https://patch.msgid.link/46571375.fMDQidcC6G@rjwysocki.net commit e0b7de4fd18c47ebd47ec0dd1af6503d4071b943 Author: Sean Christopherson Date: Fri Jul 26 16:51:11 2024 -0700 KVM: arm64: Disallow copying MTE to guest memory while KVM is dirty logging Disallow copying MTE tags to guest memory while KVM is dirty logging, as writing guest memory without marking the gfn as dirty in the memslot could result in userspace failing to migrate the updated page. Ideally (maybe?), KVM would simply mark the gfn as dirty, but there is no vCPU to work with, and presumably the only use case for copy MTE tags _to_ the guest is when restoring state on the target. Fixes: f0376edb1ddc ("KVM: arm64: Add ioctl to fetch/store tags in a guest") Signed-off-by: Sean Christopherson Reviewed-by: Steven Price Reviewed-by: Catalin Marinas Link: https://lore.kernel.org/r/20240726235234.228822-3-seanjc@google.com Signed-off-by: Marc Zyngier commit 3d557dd3f54e329556e880129d0181988893b00f Author: Ian Rogers Date: Mon Aug 12 15:41:19 2024 -0700 perf inject: Inject build ids for entire call chain The DSO build id is injected when the dso is first encountered but the checking for first encountered only looks at the sample->ip not the entire callchain. Use the callchain logic to ensure all build ids are inserted. Fixes: 454c407ec17a0c63 ("perf: add perf-inject builtin") Signed-off-by: Ian Rogers Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Casey Chen Cc: Colin Ian King Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Cc: Tom Zanussi Link: https://lore.kernel.org/r/20240812224119.744968-1-irogers@google.com [ Split from a larger patch that introduced the API and use it ] Signed-off-by: Arnaldo Carvalho de Melo commit 1a9d080d19c3303569614ed4c3b43a39aacd90d7 Author: Ian Rogers Date: Mon Aug 12 15:41:19 2024 -0700 perf callchain: Add a for_each callback style API Add a for_each callback style API to callchain with sample__for_each_callchain_node(). Possibly in the future such an API can avoid the overhead of constructing the call chain list. Signed-off-by: Ian Rogers Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Casey Chen Cc: Colin Ian King Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Cc: Tom Zanussi Link: https://lore.kernel.org/r/20240812224119.744968-1-irogers@google.com [ Split from a larger patch that introduced the API and use it ] Signed-off-by: Arnaldo Carvalho de Melo commit ae41d7dbaeb4f79134136cd65ad7015cf9ccf78a Author: Sean Christopherson Date: Fri Jul 26 16:51:10 2024 -0700 KVM: arm64: Release pfn, i.e. put page, if copying MTE tags hits ZONE_DEVICE Put the page reference acquired by gfn_to_pfn_prot() if kvm_vm_ioctl_mte_copy_tags() runs into ZONE_DEVICE memory. KVM's less- than-stellar heuristics for dealing with pfn-mapped memory means that KVM can get a page reference to ZONE_DEVICE memory. Fixes: f0376edb1ddc ("KVM: arm64: Add ioctl to fetch/store tags in a guest") Signed-off-by: Sean Christopherson Reviewed-by: Steven Price Reviewed-by: Catalin Marinas Link: https://lore.kernel.org/r/20240726235234.228822-2-seanjc@google.com Signed-off-by: Marc Zyngier commit b2738fda24543777a623a7d1cc2a9985ab81b448 Author: Weilin Wang Date: Sat Jul 20 02:21:01 2024 -0400 perf test: Add test for Intel TPEBS counting mode Intel TPEBS sampling mode is supported through perf record. The counting mode code uses perf record to capture retire_latency value and use it in metric calculation. This test checks the counting mode code on Intel platforms. Committer testing: root@x1:~# perf test tpebs 123: test Intel TPEBS counting mode : Ok root@x1:~# set -o vi root@x1:~# perf test tpebs 123: test Intel TPEBS counting mode : Ok root@x1:~# perf test -v tpebs 123: test Intel TPEBS counting mode : Ok root@x1:~# perf test -vvv tpebs 123: test Intel TPEBS counting mode: --- start --- test child forked, pid 16603 Testing without --record-tpebs Testing with --record-tpebs ---- end(0) ---- 123: test Intel TPEBS counting mode : Ok root@x1:~# Reviewed-by: Namhyung Kim Signed-off-by: Weilin Wang Acked-by: Ian Rogers Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Caleb Biggers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Perry Taylor Cc: Peter Zijlstra Cc: Samantha Alt Link: https://lore.kernel.org/r/20240720062102.444578-9-weilin.wang@intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 38753cbc4dca431d4354319c7481f6bd1a212baf Author: Colton Lewis Date: Thu Aug 8 17:42:43 2024 +0000 KVM: arm64: Move data barrier to end of split walk This DSB guarantees page table updates have been made visible to the hardware table walker. Moving the DSB from stage2_split_walker() to after the walk is finished in kvm_pgtable_stage2_split() results in a roughly 70% reduction in Clear Dirty Log Time in dirty_log_perf_test (modified to use eager page splitting) when using huge pages. This gain holds steady through a range of vcpus used (tested 1-64) and memory used (tested 1-64GB). This is safe to do because nothing else is using the page tables while they are still being mapped and this is how other page table walkers already function. None of them have a data barrier in the walker itself because relative ordering of table PTEs to table contents comes from the release semantics of stage2_make_pte(). Signed-off-by: Colton Lewis Acked-by: Oliver Upton Link: https://lore.kernel.org/r/20240808174243.2836363-1-coltonlewis@google.com Signed-off-by: Marc Zyngier commit 169f18fd980cea90804bd8bc5a5614335fa0c8ae Author: Weilin Wang Date: Sat Jul 20 02:21:00 2024 -0400 perf Document: Add TPEBS (Timed PEBS(Precise Event-Based Sampling)) to Documents TPEBS (Timed PEBS(Precise Event-Based Sampling)) is a new feature Intel PMU from Granite Rapids microarchitecture. It will be used in new TMA (Top-Down Microarchitecture Analysis) releases. Add related introduction to documents while adding new code to support it in 'perf stat'. Reviewed-by: Namhyung Kim Signed-off-by: Weilin Wang Acked-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Caleb Biggers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Perry Taylor Cc: Peter Zijlstra Cc: Samantha Alt Link: https://lore.kernel.org/r/20240720062102.444578-8-weilin.wang@intel.com Signed-off-by: Arnaldo Carvalho de Melo commit d546e3acf3526eaf1d74902236c7219a424ac2e9 Author: Weilin Wang Date: Sat Jul 20 02:20:59 2024 -0400 perf stat: Add command line option for enabling TPEBS recording With this command line option, TPEBS recording is turned off in 'perf stat' on default. It will only be turned on when this option is given in 'perf stat' command. Example with --record-tpebs: perf stat -M tma_split_loads -C1-4 --record-tpebs sleep 1 [ perf record: Woken up 2 times to write data ] [ perf record: Captured and wrote 0.044 MB - ] Performance counter stats for 'CPU(s) 1-4': 53,259,156,071 cpu_core/TOPDOWN.SLOTS/ # 1.6 % tma_split_loads (50.00%) 15,867,565,250 cpu_core/topdown-retiring/ (50.00%) 15,655,580,731 cpu_core/topdown-mem-bound/ (50.00%) 11,738,022,218 cpu_core/topdown-bad-spec/ (50.00%) 6,151,265,424 cpu_core/topdown-fe-bound/ (50.00%) 20,445,917,581 cpu_core/topdown-be-bound/ (50.00%) 6,925,098,013 cpu_core/L1D_PEND_MISS.PENDING/ (50.00%) 3,838,653,421 cpu_core/MEMORY_ACTIVITY.STALLS_L1D_MISS/ (50.00%) 4,797,059,783 cpu_core/EXE_ACTIVITY.BOUND_ON_LOADS/ (50.00%) 11,931,916,714 cpu_core/CPU_CLK_UNHALTED.THREAD/ (50.00%) 102,576,164 cpu_core/MEM_LOAD_COMPLETED.L1_MISS_ANY/ (50.00%) 64,071,854 cpu_core/MEM_INST_RETIRED.SPLIT_LOADS/ (50.00%) 3 cpu_core/MEM_INST_RETIRED.SPLIT_LOADS/R 1.003049679 seconds time elapsed Example without --record-tpebs: perf stat -M tma_contested_accesses -C1 sleep 1 Performance counter stats for 'CPU(s) 1': 50,203,891 cpu_core/TOPDOWN.SLOTS/ # 0.0 % tma_contested_accesses (63.60%) 10,040,777 cpu_core/topdown-retiring/ (63.60%) 6,890,729 cpu_core/topdown-mem-bound/ (63.60%) 2,756,463 cpu_core/topdown-bad-spec/ (63.60%) 10,828,288 cpu_core/topdown-fe-bound/ (63.60%) 28,350,432 cpu_core/topdown-be-bound/ (63.60%) 98 cpu_core/OCR.DEMAND_DATA_RD.L3_HIT.SNOOP_HITM/ (63.70%) 577,520 cpu_core/MEMORY_ACTIVITY.STALLS_L2_MISS/ (54.62%) 313,339 cpu_core/MEMORY_ACTIVITY.STALLS_L3_MISS/ (54.62%) 14,155 cpu_core/MEM_LOAD_RETIRED.L1_MISS/ (45.54%) 0 cpu_core/OCR.DEMAND_DATA_RD.L3_HIT.SNOOP_HIT_WITH_FWD/ (36.30%) 8,468,077 cpu_core/CPU_CLK_UNHALTED.THREAD/ (45.38%) 198 cpu_core/MEM_LOAD_L3_HIT_RETIRED.XSNP_MISS/ (45.38%) 8,324 cpu_core/MEM_LOAD_RETIRED.FB_HIT/ (45.38%) 3,388,031,520 TSC 23,226,785 cpu_core/CPU_CLK_UNHALTED.REF_TSC/ (54.46%) 80 cpu_core/MEM_LOAD_L3_HIT_RETIRED.XSNP_FWD/ (54.46%) 0 cpu_core/MEM_LOAD_L3_HIT_RETIRED.XSNP_FWD/R 0 cpu_core/MEM_LOAD_L3_HIT_RETIRED.XSNP_MISS/R 1,006,816,667 ns duration_time 1.002537737 seconds time elapsed Reviewed-by: Namhyung Kim Signed-off-by: Weilin Wang Acked-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Caleb Biggers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Perry Taylor Cc: Peter Zijlstra Cc: Samantha Alt Link: https://lore.kernel.org/r/20240720062102.444578-7-weilin.wang@intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 0a7381601b8a55d44c97ea132e23876c0dd9f90e Author: Weilin Wang Date: Sat Jul 20 02:20:58 2024 -0400 perf vendor events intel: Add MTL metric JSON files Add MTL metric JSON file for TMA4.8. Some of the metrics' formulas use TPEBS retire_latency in MTL. This also includes lated E-Core TMA3.6 changes. Reviewed-by: Namhyung Kim Signed-off-by: Weilin Wang Acked-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Caleb Biggers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Perry Taylor Cc: Peter Zijlstra Cc: Samantha Alt Link: https://lore.kernel.org/r/20240720062102.444578-6-weilin.wang@intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 8db5cabcf1b6f9d62bd024aa6293de715d75518f Author: Weilin Wang Date: Sat Jul 20 02:20:56 2024 -0400 perf stat: Fork and launch 'perf record' when 'perf stat' needs to get retire latency value for a metric. When retire_latency value is used in a metric formula, evsel would fork a 'perf record' process with "-e" and "-W" options. 'perf record' will collect required retire_latency values in parallel while 'perf stat' is collecting counting values. At the point of time that 'perf stat' stops counting, evsel would stop 'perf record' by sending sigterm signal to 'perf record' process. Sampled data will be processed to get retire latency value. Another thread is required to synchronize between 'perf stat' and 'perf record' when we pass data through pipe. Retire_latency evsel is not opened for 'perf stat' so that there is no counter wasted on it. This commit includes code suggested by Namhyung to adjust reading size for groups that include retire_latency evsels. In current :R parsing implementation, the parser would recognize events with retire_latency modifier and insert them into the evlist like a normal event. Ideally, we need to avoid counting these events. In this commit, at the time when a retire_latency evsel is read, set the retire latency value processed from the sampled data to count value. This sampled retire latency value will be used for metric calculation and final event count print out. No special metric calculation and event print out code required for retire_latency events. Reviewed-by: Namhyung Kim Signed-off-by: Weilin Wang Acked-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Caleb Biggers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Perry Taylor Cc: Peter Zijlstra Cc: Samantha Alt Link: https://lore.kernel.org/r/20240720062102.444578-4-weilin.wang@intel.com [ Squashed the 3rd and 4th commit in the series to keep it building patch by patch ] [ Constified the 'struct perf_tool' pointer in process_sample_event() ] [ Use perf_tool__init(&tool, false) to address a segfault I reported and Ian/Weilin diagnosed ] Signed-off-by: Arnaldo Carvalho de Melo commit b080a60731ad909eae4463684acc23d322e93579 Author: Tejas Vipin Date: Tue Aug 6 19:29:49 2024 +0530 drm/panel: startek-kd070fhfid015: transition to mipi_dsi wrapped functions Use multi style wrapped functions for mipi_dsi in the startek-kd070fhfid015 panel. Signed-off-by: Tejas Vipin Reviewed-by: Jessica Zhang Reviewed-by: Douglas Anderson Signed-off-by: Douglas Anderson Link: https://patchwork.freedesktop.org/patch/msgid/20240806135949.468636-3-tejasvipin76@gmail.com commit 5ddb0a8aa8e4754a8fb77e284e0d6f46c2350f88 Author: Tejas Vipin Date: Tue Aug 6 19:29:48 2024 +0530 drm/mipi-dsi: add more multi functions for better error handling Add more functions that can benefit from being multi style and mark older variants as deprecated to eventually convert all mipi_dsi functions to multi style. Acked-by: Maxime Ripard Signed-off-by: Tejas Vipin Reviewed-by: Douglas Anderson Acked-by: Jessica Zhang [dianders: Fixed whitespace warning when applying] Signed-off-by: Douglas Anderson Link: https://patchwork.freedesktop.org/patch/msgid/20240806135949.468636-2-tejasvipin76@gmail.com commit 4b498d19610c6acd36a8ddf622afdefe4ab093fe Author: Himal Prasad Ghimiray Date: Tue Aug 13 16:14:19 2024 +0530 drm/xe: Remove unused xe parameter Remove the xe parameter from the pde_encode_pat_index and pte_encode_pat_index functions, as it is no longer used. Signed-off-by: Himal Prasad Ghimiray Reviewed-by: Tejas Upadhyay Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240813104419.2958046-1-himal.prasad.ghimiray@intel.com Signed-off-by: Lucas De Marchi commit 1d734a3e5d6bb266f52eaf2b1400c5d3f1875a54 Author: Matt Roper Date: Mon Aug 12 11:10:43 2024 -0700 drm/xe: Name and document Wa_14019789679 Early in the development of Xe we identified an issue with SVG state handling on DG2 and MTL (and later on Xe2 as well). In commit 72ac304769dd ("drm/xe: Emit SVG state on RCS during driver load on DG2 and MTL") and commit fb24b858a20d ("drm/xe/xe2: Update SVG state handling") we implemented our own workaround to prevent SVG state from leaking from context A to context B in cases where context B never issues a specific state setting. The hardware teams have now created official workaround Wa_14019789679 to cover this issue. The workaround description only requires emitting 3DSTATE_MESH_CONTROL, since they believe that's the only SVG instruction that would potentially remain unset by a context B, but still cause notable issues if unwanted values were inherited from context A. However since we already have a more extensive implementation that emits the entire SVG state and prevents _any_ SVG state from unintentionally leaking, we'll stick with our existing implementation just to be safe. Signed-off-by: Matt Roper Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240812181042.2013508-2-matthew.d.roper@intel.com commit 1c4d834e4e81637995b079fdb64fad4c32af15c8 Author: Frank Li Date: Tue Aug 13 11:44:43 2024 -0400 spi: dt-bindings: convert spi-sc18is602.txt to yaml format Convert binding doc spi-sc18is602.txt (I2C to SPI bridge) to yaml. Additional change: - ref spi-controller.yaml Fix below warning: arch/arm64/boot/dts/freescale/fsl-lx2160a-bluebox3.dtb: /soc/i2c@2000000/i2c-mux@77/i2c@7/i2c-mux@75/i2c@0/spi@28: failed to match any schema with compatible: ['nxp,sc18is602b'] Reviewed-by: Rob Herring (Arm) Signed-off-by: Frank Li Link: https://patch.msgid.link/20240813154444.3886690-1-Frank.Li@nxp.com Signed-off-by: Mark Brown commit c69bb91c47e840c96ec4e72e7ebd982dd518441e Merge: 7c626ce4bae1ac dde286ee577042 Author: Mark Brown Date: Tue Aug 13 17:47:04 2024 +0100 regmap IRQ support for devices with multiple IRQs Merge series from Matti Vaittinen : Devices can provide multiple interrupt lines. One reason for this is that a device has multiple subfunctions, each providing its own interrupt line. Another reason is that a device can be designed to be used (also) on a system where some of the interrupts can be routed to another processor. A line often further acts as a demultiplex for specific interrupts and has it's respective set of interrupt (status, mask, ack, ...) registers. Regmap supports the handling of these registers and demultiplexing interrupts, but interrupt domain code ends up assigning the same name for the per interrupt line domains This series adds possibility for giving a name suffix for an interrupt Previous discussion can be found from: https://lore.kernel.org/all/87plst28yk.ffs@tglx/ https://lore.kernel.org/all/15685ef6-92a5-41df-9148-1a67ceaec47b@gmail.com/ The domain suffix support added in this series will be used by the ROHM BD96801 ERRB IRQ support code. The BD96801 ERRB support will need the initial BD96801 driver code, which is not yet in irq/core or regmap trees. Thus the user for this new support is not included in the series, but will be sent once the name suffix support gets merged. commit 98aded657f506cd5d6d459d68ab4996d9dc0938c Author: Srinivasan Shanmugam Date: Mon Aug 12 15:53:36 2024 +0530 drm/amd/display: Align hwss_wait_for_all_blank_complete descriptor with implementation The descriptor for `hwss_wait_for_all_blank_complete` was previously misaligned with the actual implementation. This commit refines the descriptor to reflect the implementation of `hwss_wait_for_all_blank_complete` Fixes the below with gcc W=1: drivers/gpu/drm/amd/amdgpu/../display/dc/core/dc_hw_sequencer.c:991: warning: expecting prototype for hwss_wait_for_blank_complete(). Prototype was for hwss_wait_for_all_blank_complete() instead Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit b232c4a63a176ed837e3c6bb4a3ac79a1ca5ef1d Author: Sunil Khatri Date: Thu Aug 8 12:28:59 2024 +0530 drm/amdgpu: add print support for gfx9_4_3 ipdump Add support of gfx9_4_3 ipdump print so devcoredump could trigger it to dump the captured registers in devcoredump. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 1091796fb1d9d6888656f2416ad5c99cfc62a4bf Author: Sunil Khatri Date: Thu Aug 8 12:10:18 2024 +0530 drm/amdgpu: add gfx9_4_3 register support in ipdump Add general registers of gfx9_4_3 in ipdump for devcoredump support. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 6a28a072d90e4543b5e07a904e3a6afad0117e26 Author: David (Ming Qiang) Wu Date: Fri Aug 2 14:29:41 2024 -0400 drm/amd/amdgpu: cleanup parse_cs callbacks Because gpu_addr is updated in the calling routine (amdgpu_cs_patch_ibs()),it is removed in the callback. Use .patch_cs_in_place instead of .parse_cs for amdgpu_vce_ring_parse_cs_vm() as there is no need for keeping a temporary IB, therefore ib->sa_bo is NULL and amdgpu_ib_free() is removed. Reviewed-by: Alex Deucher Signed-off-by: David (Ming Qiang) Wu Signed-off-by: Alex Deucher commit a7f670d5d8e77b092404ca8a35bb0f8f89ed3117 Author: David (Ming Qiang) Wu Date: Thu Aug 8 12:19:50 2024 -0400 drm/amd/amdgpu: command submission parser for JPEG Add JPEG IB command parser to ensure registers in the command are within the JPEG IP block. Reviewed-by: Alex Deucher Signed-off-by: David (Ming Qiang) Wu Signed-off-by: Alex Deucher commit f7fb9d677faf0460131bc2af15afd766d48a1f47 Author: Jack Xiao Date: Wed Aug 7 12:03:11 2024 +0800 drm/amdgpu/mes12: fix suspend issue Use mes pipe to unmap kcq and kgq. Signed-off-by: Jack Xiao Acked-by: Alex Deucher Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 98cae695a8ae0e4291b1fa7feef9b54fabefe885 Author: Jack Xiao Date: Wed Aug 7 15:23:16 2024 +0800 drm/amdgpu/mes12: sw/hw fini for unified mes Free memory for two pipes and unmap pipe0 via pipe1. Signed-off-by: Jack Xiao Acked-by: Alex Deucher Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit ea5d6db17a8e3635ad91e8c53faa1fdc9570fbbb Author: Jack Xiao Date: Wed Aug 7 14:49:30 2024 +0800 drm/amdgpu/mes12: configure two pipes hardware resources Configure two pipes with different hardware resources. Signed-off-by: Jack Xiao Acked-by: Alex Deucher Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit aa539da8aff07ab08def6490e8c9b441439e70ba Author: Jack Xiao Date: Wed Aug 7 14:44:07 2024 +0800 drm/amdgpu/mes12: adjust mes12 sw/hw init for multiple pipes Adjust mes12 sw/hw initiailization for both pipe0 and pipe1 enablement. The two pipes are almost identical pipe. Pipe0 behaves like schq and pipe1 like kiq, pipe0 was mapped by pipe1. Signed-off-by: Jack Xiao Acked-by: Alex Deucher Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit b2dee0837a4be63e8d3e00550a9f057644f962c4 Author: Jack Xiao Date: Wed Aug 7 14:15:48 2024 +0800 drm/amdgpu/mes12: add mes pipe switch support Add mes pipe switch to let caller choose pipe to submit packet. Signed-off-by: Jack Xiao Acked-by: Alex Deucher Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 9e823f307074c0f82b5f6044943b0086e3079bed Author: Victor Skvortsov Date: Thu Aug 8 13:40:23 2024 -0400 drm/amdgpu: Block MMR_READ IOCTL in reset Register access from userspace should be blocked until reset is complete. Signed-off-by: Victor Skvortsov Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit a85c3db6b3b088f63b5b8c4fd4352f56f0e4ce3d Author: Jonathan Kim Date: Tue Jul 30 12:52:20 2024 -0400 drm/amdkfd: fallback to pipe reset on queue reset fail for gfx9 If queue reset fails, tell the CP to reset the pipe. Since queues multiplex context per pipe and we've issued a device wide preemption prior to the hang, we can assume the hung pipe only has one queue to reset on pipe reset. Signed-off-by: Jonathan Kim Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 9c081c11c62112f1c30ff2426f755279a43fa1a1 Author: Lijo Lazar Date: Mon Aug 12 09:02:57 2024 +0530 drm/amdgpu: Reorder to read EFI exported ROM first On EFI BIOSes, PCI ROM may be exported through EFI_PCI_IO_PROTOCOL and expansion ROM BARs may not be enabled. Choose to read from EFI exported ROM data before reading PCI Expansion ROM BAR. Signed-off-by: Lijo Lazar Reviewed-by: Hawking Zhang Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit e69c2dd7534f3fcabf7bb801db2a7ac71e7e5da6 Author: Jack Xiao Date: Wed Aug 7 13:19:59 2024 +0800 drm/amdgpu/mes12: load unified mes fw on pipe0 and pipe1 Enable unified mes firmware to load on pipe0 and pipe1. Signed-off-by: Jack Xiao Acked-by: Alex Deucher Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit f83cec3b3a7c968bbceb810b7acd1baf3fe8cd87 Author: Victor Skvortsov Date: Thu Aug 8 13:22:34 2024 -0400 drm/amdgpu: Disable dpm_enabled flag while VF is in reset VFs do not perform HW fini/suspend in FLR, so the dpm_enabled is incorrectly kept enabled. Add interface to disable it in virt_pre_reset call. v2: Made implementation generic for all asics v3: Re-order conditionals so PP_MP1_STATE_FLR is only evaluated on VF Signed-off-by: Victor Skvortsov Reviewed-by: Lijo Lazar Signed-off-by: Alex Deucher commit 35c7152202e111968b10140383f49da9159d2704 Author: Victor Skvortsov Date: Thu Jul 25 09:51:56 2024 -0400 Revert "drm/amdgpu: Extend KIQ reg polling wait for VF" KIQ timeouts no longer seen. This reverts commit 3a19a8af64eaff8a8b230796741a1a8277205344. Signed-off-by: Victor Skvortsov Reviewed-by: Zhigang Luo Signed-off-by: Alex Deucher commit aa02486fb18cecbaca0c4fd393d1a03f1d4c3f9a Author: Yinjie Yao Date: Fri Aug 9 17:20:26 2024 -0400 drm/amdgpu: Update kmd_fw_shared for VCN5 kmd_fw_shared changed in VCN5 Signed-off-by: Yinjie Yao Reviewed-by: Ruijing Dong Acked-by: Alex Deucher Signed-off-by: Alex Deucher commit 42b3a6f12aa56dcf789464d29fdf11f33bf0e793 Author: Lijo Lazar Date: Wed Aug 7 21:41:59 2024 +0530 drm/amdkfd: Add node_id to location_id generically If there are multiple nodes per kfd device, add nodeid to location_id to differentiate. Signed-off-by: Lijo Lazar Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 61cffacb3a1c590b15c0e9ff987de02d293e0dd8 Author: Kenneth Feng Date: Thu Aug 8 12:19:22 2024 +0800 drm/amd/amdgpu: add HDP_SD support on gc 12.0.0/1 add HDP_SD support on gc 12.0.0/1 Signed-off-by: Kenneth Feng Reviewed-by: Yang Wang Signed-off-by: Alex Deucher commit ef6c2cb349c708676b7820c36a5beb75868ad544 Author: Victor Zhao Date: Wed Aug 7 17:32:27 2024 +0800 drm/amd/sriov: extend NV_MAILBOX_POLL_MSG_TIMEDOUT on MI300/MI308 UBB products, when doing mode1 reset, since 1 gpu need to wait all 8 gpus finish mode1 reset and then do re-init. As observed, sometimes the gpu which triggered the reset need to wait 15s for all gpus to finish. If poll msg timeout, guest driver will send the reset message again, and may mess up the following reinit sequence on other gpus. So extend the time to cover the maximum time needed to recover. Signed-off-by: Victor Zhao Acked-by: Alex Deucher Signed-off-by: Alex Deucher commit bbec7cea6fa4a0463d4766ed0e6bb347773d3949 Author: Martin Leung Date: Mon Aug 5 11:00:14 2024 -0400 drm/amd/display: Promote DAL to 3.2.296 This version brings along following fixes: - Fix some cursor issue - Fix print format specifiers in DC_LOG_IPS - Fix minor coding errors in dml21 phase 5 - Fix MST BW calculation Regression - Improve FAM control for DCN401 - Add null pointer checks for some code - Refactor 3DLUT for non-DMA - Optimize vstartup position for AS-SDP - Update to using new dccg callbacks - Enable otg synchronization logic for DCN321 - Disable DCN401 UCLK P-State support on full updates Acked-by: Wayne Lin Signed-off-by: Martin Leung Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 267c5876c977d5f2d5a89f377d74adf42b5c38a5 Author: Rodrigo Siqueira Date: Fri Aug 2 12:33:20 2024 -0600 drm/amd/display: Remove unnecessary call to REG_SEQ_SUBMIT|WAIT_DONE [why & how] Remove unnecessary call to REG_SEQ_SUBMIT and REG_SEQ_WAIT_DONE, since those macros are not necessary anymore at the dpp1 set degamma. Those are part of an old implementation. Acked-by: Wayne Lin Signed-off-by: Rodrigo Siqueira Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 8f9b23abbae5ffcd64856facd26a86b67195bc2f Author: Rodrigo Siqueira Date: Thu Aug 1 16:16:35 2024 -0600 drm/amd/display: Adjust cursor position [why & how] When the commit 9d84c7ef8a87 ("drm/amd/display: Correct cursor position on horizontal mirror") was introduced, it used the wrong calculation for the position copy for X. This commit uses the correct calculation for that based on the original patch. Fixes: 9d84c7ef8a87 ("drm/amd/display: Correct cursor position on horizontal mirror") Cc: Mario Limonciello Cc: Alex Deucher Acked-by: Wayne Lin Signed-off-by: Rodrigo Siqueira Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 1fd2cf090096af8a25bf85564341cfc21cec659d Author: Melissa Wen Date: Tue Jan 31 15:05:46 2023 -0100 drm/amd/display: fix cursor offset on rotation 180 [why & how] Cursor gets clipped off in the middle of the screen with hw rotation 180. Fix a miscalculation of cursor offset when it's placed near the edges in the pipe split case. Cursor bugs with hw rotation were reported on AMD issue tracker: https://gitlab.freedesktop.org/drm/amd/-/issues/2247 The issues on rotation 270 was fixed by: https://lore.kernel.org/amd-gfx/20221118125935.4013669-22-Brian.Chang@amd.com/ that partially addressed the rotation 180 too. So, this patch is the final bits for rotation 180. Reported-by: Xaver Hugl Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/2247 Reviewed-by: Harry Wentland Fixes: 9d84c7ef8a87 ("drm/amd/display: Correct cursor position on horizontal mirror") Signed-off-by: Melissa Wen Signed-off-by: Hamza Mahfooz Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 82313624b2ae5a943d16475a566b65c873989e9f Author: Chris Wulff Date: Sat Aug 3 20:29:13 2024 -0400 usb: gadget: f_uac1: Change volume name and remove alt names This changes the UAPI to align with disussion of alt settings work. fu_name is renamed to fu_vol_name, and alt settings mode names are removed for now in favor of future work where they will be settable in subdirectories for each alt mode. discussion thread for api changes for alt mode settings: https://lore.kernel.org/linux-usb/35be4668-58d3-894a-72cf-de1afaacae45@ivitera.com/T/ Signed-off-by: Chris Wulff Link: https://lore.kernel.org/r/20240804002912.3293177-2-crwulff@gmail.com Signed-off-by: Greg Kroah-Hartman commit efd85f6887b2f4077e697ae3b905c833a00b18f3 Author: Kousik Sanagavarapu Date: Sat Jul 27 10:34:44 2024 +0530 dt-bindings: watchdog: ti,davinci-wdt: convert to dtschema Convert txt bindings of TI's DaVinci/Keystone Watchdog Timer Controller to dtschema to allow for validation. While at it, - Change the order of the compatibles. - Add "power-domains" to represent that the power domain maybe managed by TI-SCI controller if found on the SoC (for example, Keystone based K2G). w.r.t. to the txt binding to stay in sync with existing DTS. Signed-off-by: Kousik Sanagavarapu Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240727050736.4756-3-five231003@gmail.com Signed-off-by: Rob Herring (Arm) commit 0e743f172464478832301ad91531d7a524ddfad4 Author: Kousik Sanagavarapu Date: Sat Jul 27 10:34:43 2024 +0530 dt-bindings: timer: ti,davinci-timer: convert to dtschema Convert txt binding of TI's DaVinci timer to dtschema to allow for validation. While at it, change the file name to match the compatible. Signed-off-by: Kousik Sanagavarapu Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240727050736.4756-2-five231003@gmail.com Signed-off-by: Rob Herring (Arm) commit 209dd85aa4417480fb8d3c195893b116f9b87acb Author: Andrew Davis Date: Fri Aug 2 13:22:55 2024 -0500 remoteproc: keystone: Use devm_rproc_alloc() helper Use the device lifecycle managed allocation function. This helps prevent mistakes like freeing out of order in cleanup functions and forgetting to free on error paths. Signed-off-by: Andrew Davis Link: https://lore.kernel.org/r/20240802182300.244055-2-afd@ti.com Signed-off-by: Mathieu Poirier commit d32e71660056455ff0af73e10d239d4043d9c1a5 Author: Andrew Davis Date: Fri Aug 2 13:22:54 2024 -0500 remoteproc: keystone: Use devm_kasprintf() to build name string This is simpler and removes the need to assume the id length to be 1 digit, which then removes a W=1 compile warning about the same. Signed-off-by: Andrew Davis Link: https://lore.kernel.org/r/20240802182300.244055-1-afd@ti.com Signed-off-by: Mathieu Poirier commit 74de9654abf7cd0ab46d2393889f3f28b6384db8 Author: Krzysztof Kozlowski Date: Sun Aug 11 17:34:38 2024 +0200 dt-bindings: remoteproc: xlnx,zynqmp-r5fss: Add missing "additionalProperties" on child nodes All nodes need an explicit additionalProperties or unevaluatedProperties unless a $ref has one that's false. Add missing additionalProperties to fix dt_binding_check warning: xlnx,zynqmp-r5fss.yaml: ^r(.*)@[0-9a-f]+$: Missing additionalProperties/unevaluatedProperties constraint Fixes: 9e1b2a0757d0 ("dt-bindings: remoteproc: Add Tightly Coupled Memory (TCM) bindings") Signed-off-by: Krzysztof Kozlowski Acked-by: Conor Dooley Reviewed-by: Tanmay Shah Link: https://lore.kernel.org/r/20240811153438.126457-1-krzysztof.kozlowski@linaro.org Signed-off-by: Mathieu Poirier commit ba70bbfd28ab8aa09ed4b905b1b47580d5df17d6 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:45 2024 -0600 remoteproc: Use of_property_present() Use of_property_present() to test for property presence rather than of_(find|get)_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731191312.1710417-7-robh@kernel.org Signed-off-by: Mathieu Poirier commit 8f712c12f34daaaa2e47ba07cf3b348d3a442986 Author: Shenghao Ding Date: Sun Aug 11 21:51:41 2024 +0800 ASoc: tas2781: Rename dai_driver name to unify the name between TAS2563 and TAS2781 Rename dai_driver name to unify the name between TAS2563 and TAS2781. Signed-off-by: Shenghao Ding Link: https://patch.msgid.link/20240811135144.178-1-shenghao-ding@ti.com Signed-off-by: Mark Brown commit be280fddfd645ea0ce4c7a26692c3d1115447e32 Author: Dan Carpenter Date: Mon Aug 12 11:29:38 2024 +0300 drm/ast: astdp: fix loop timeout check This code has an issue because it loops until "i" is set to UINT_MAX but the test for failure assumes that "i" is set to zero. The result is that it will only print an error message if we succeed on the very last try. Reformat the loop to count forwards instead of backwards. Fixes: 2281475168d2 ("drm/ast: astdp: Perform link training during atomic_enable") Signed-off-by: Dan Carpenter Reviewed-by: Thomas Zimmermann Signed-off-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/1ba8da25-2d09-4924-a4ff-c0714bfbb192@stanley.mountain commit 17b6527dcfb3249401e037734ed3fd0f4752572f Author: Rodrigo Siqueira Date: Mon Jul 29 11:59:25 2024 -0600 drm/amd/display: Improve FAM control for DCN401 [why & how] When the commit 5324e2b205a2 ("drm/amd/display: Add driver support for future FAMS versions") was introduced, it missed some of the FAM2 code. This commit introduces the code that control the FAM enable and disable. Fixes: 5324e2b205a2 ("drm/amd/display: Add driver support for future FAMS versions") Acked-by: Wayne Lin Signed-off-by: Rodrigo Siqueira Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit b31274caf3993839e2eb266fe85ff5bcfd31292b Merge: 1b4ec561b47d80 bf5ba94fa0b90c Author: Mark Brown Date: Tue Aug 13 15:51:35 2024 +0100 Add input voltage suppliers for PMIC MCP16502 Merge series from Andrei Simion : In this series of patches, support for the *-supply property [1] is added (correlated with supply_name [2]) from the core regulator. Link [1]: https://github.com/torvalds/linux/blob/master/drivers/regulator/core.c#L471 Link [2]: https://github.com/torvalds/linux/blob/master/drivers/regulator/core.c#L2064 I modified the mcp16502.c driver and the dts that use this PMIC. We added these improvements to provide a complete description of the board power scheme. commit 5ac2557d75f94777076885b5119d3b6755e6761d Author: Rodrigo Siqueira Date: Fri Aug 2 12:31:42 2024 -0600 drm/amd/display: Remove unused field [why & how] Remove force_backlight_start_level since it is never used. Acked-by: Wayne Lin Signed-off-by: Rodrigo Siqueira Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 12dbb3ed212fc7655fce421542a5add637f8af7a Author: Fangzhi Zuo Date: Mon Jul 29 10:23:03 2024 -0400 drm/amd/display: Fix MST BW calculation Regression [Why & How] Revert commit 8b2cb32cf0c6 ("drm/amd/display: FEC overhead should be checked once for mst slot nums") Because causes bw calculation regression Cc: mario.limonciello@amd.com Cc: alexander.deucher@amd.com Reported-by: jirislaby@kernel.org Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3495 Closes: https://bugzilla.suse.com/show_bug.cgi?id=1228093 Reviewed-by: Wayne Lin Signed-off-by: Fangzhi Zuo Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit d6ed53712f583423db61fbb802606759e023bf7b Author: Loan Chen Date: Fri Aug 2 13:57:40 2024 +0800 drm/amd/display: Enable otg synchronization logic for DCN321 [Why] Tiled display cannot synchronize properly after S3. The fix for commit 5f0c74915815 ("drm/amd/display: Fix for otg synchronization logic") is not enable in DCN321, which causes the otg is excluded from synchronization. [How] Enable otg synchronization logic in dcn321. Fixes: 5f0c74915815 ("drm/amd/display: Fix for otg synchronization logic") Cc: Mario Limonciello Cc: Alex Deucher Reviewed-by: Alvin Lee Signed-off-by: Loan Chen Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 5b7813bc6218100d7bbc6d3a1b582bfd64034bf4 Author: Charlene Liu Date: Thu Aug 1 18:18:20 2024 -0400 drm/amd/display: remove redundant msg to pmfw at boot/resume [why & how] this is to remove redundant msg to pmfw at boot/resume since bios already power up dcn. Reviewed-by: Chris Park Signed-off-by: Charlene Liu Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 24f483ba49c9acc1139a0b4cbfd1b122fbe1ed7f Author: Dillon Varone Date: Fri Aug 2 13:50:10 2024 -0400 drm/amd/display: Set max VTotal cap for dcn401 [WHY&HOW] Set max VTotal cap for dcn401 because VTotal register is only 16 bits wide on dcn401. Reviewed-by: Chris Park Signed-off-by: Dillon Varone Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 7a1eb66809390d06b744aa13123b925b64b54c4c Author: Dillon Varone Date: Thu Aug 1 15:38:34 2024 -0400 drm/amd/display: Perform outstanding programming on full updates [WHY] In certain scenarios DC can internally trigger back to back full updates which will miss some required programming that is normally deferred until post update via optimize_bandwidth. [HOW] In back to back update scenarios, wait for pending updates to complete and perform any strictly required outstanding programming. Reviewed-by: Alvin Lee Signed-off-by: Dillon Varone Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 67ea53a4bd9d03a85eecd99875a2a794c886f788 Author: Dillon Varone Date: Thu Aug 1 15:35:51 2024 -0400 drm/amd/display: Disable DCN401 UCLK P-State support on full updates [WHY&HOW] It is not guaranteed even for HW exclusive P-State methods (like VActive) that P-state will be supported properly until optimize bandwidth is called, so unconditionally disable it on full updates. Reviewed-by: Alvin Lee Signed-off-by: Dillon Varone Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit cc2991203c9d4e23051dbe5bcb1fc700fea26992 Author: Dillon Varone Date: Mon Jul 29 18:17:55 2024 -0400 drm/amd/display: Reduce redundant minimal transitions due to SubVP [WHY] Stream ID's associated with phantom pipes can change often as they are reconstructed on full updates, however they can remain identical depending on the required update. [HOW] In the case phantom streams and pipe topologies remain the same between updates, mark the transition as seamless. Reviewed-by: Alvin Lee Signed-off-by: Dillon Varone Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit cd9e9e0852d501f169aa3bb34e4b413d2eb48c37 Author: Srinivasan Shanmugam Date: Fri Aug 2 12:35:13 2024 +0530 drm/amd/display: Add null check for 'afb' in amdgpu_dm_plane_handle_cursor_update (v2) This commit adds a null check for the 'afb' variable in the amdgpu_dm_plane_handle_cursor_update function. Previously, 'afb' was assumed to be null, but was used later in the code without a null check. This could potentially lead to a null pointer dereference. Changes since v1: - Moved the null check for 'afb' to the line where 'afb' is used. (Alex) Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm_plane.c:1298 amdgpu_dm_plane_handle_cursor_update() error: we previously assumed 'afb' could be null (see line 1252) Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Co-developed-by: Alex Hung Signed-off-by: Alex Hung Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit 027347d17a16562f3be272833243b835c21aa2a5 Author: Robin Chen Date: Thu Jul 18 16:48:26 2024 +0800 drm/amd/display: Optimize vstartup position for AS-SDP [Why] In current design, the vstartup position is adjusted to vblank start position when AS-SDP is enabled. However when the vblank length is too big, it may over vstartup boundary. [How] To adjust vstartup position to 1 line before vsync position. Reviewed-by: Anthony Koo Signed-off-by: Robin Chen Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 3bb41f2e9134906e0814766c07dfbdd9de0bfaf5 Author: Roman Li Date: Tue Jul 30 17:32:35 2024 -0400 drm/amd/display: Fix print format specifiers in DC_LOG_IPS [Why] %d specifier is used for printing unsigned values. It can result in negative values in logs for unsigned variables. [How] Replace %d with %u for unsigned. Reviewed-by: Nicholas Kazlauskas Signed-off-by: Roman Li Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit a1fc9f584c4aaf8bc1ebfa459fc57a3f26a290d8 Author: Philip Yang Date: Fri Aug 2 11:28:45 2024 -0400 drm/amdkfd: Handle queue destroy buffer access race Add helper function kfd_queue_unreference_buffers to reduce queue buffer refcount, separate it from release queue buffers. Because it is circular locking to hold dqm_lock to take vm lock, kfd_ioctl_destroy_queue should take vm lock, unreference queue buffers first, but not release queue buffers, to handle error in case failed to hold vm lock. Then hold dqm_lock to remove queue from queue list and then release queue buffers. Restore process worker restore queue hold dqm_lock, will always find the queue with valid queue buffers. v2 (Felix): - renamed kfd_queue_unreference_buffer(s) to kfd_queue_unref_bo_va(s) - added two FIXME comments for follow up Signed-off-by: Philip Yang Signed-off-by: Felix Kuehling Reviewed-by: Felix Kuehling Signed-off-by: Alex Deucher commit 70f83e7706e57200edb8ffa36883b2f43d214142 Author: Jonathan Kim Date: Wed Aug 7 15:33:41 2024 -0400 drm/amdkfd: fix partition query when setting up recommended sdma engines When users dynamically set the partition mode through sysfs writes, this can lead to a double lock situation where the KFD is trying to take the partition lock when updating the recommended SDMA engines. Have the KFD reference its saved socket device number count instead. Also ensure we have enough SDMA xGMI engines to report the recommended engines in the first place. Fixes: e06b71b2313a ("drm/amdkfd: allow users to target recommended SDMA engines") Signed-off-by: Jonathan Kim Reviewed-by: Lijo Lazar Signed-off-by: Alex Deucher commit 9b7e697839c2745c10f63fe5fd54c9e328fa2e3b Author: Sunil Khatri Date: Wed Aug 7 17:28:02 2024 +0530 drm/amdgpu: fix ptr check warning in gfx12 ip_dump Change condition, if (ptr == NULL) to if (!ptr) for a better format and fix the warning. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit bd15f805cdc503ac229a14f5fe21db12e6e7f84a Author: Sunil Khatri Date: Wed Aug 7 17:27:10 2024 +0530 drm/amdgpu: fix ptr check warning in gfx11 ip_dump Change condition, if (ptr == NULL) to if (!ptr) for a better format and fix the warning. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 98df5a7732e3b78bf8824d2938a8865a45cfc113 Author: Sunil Khatri Date: Wed Aug 7 17:25:24 2024 +0530 drm/amdgpu: fix ptr check warning in gfx10 ip_dump Change condition, if (ptr == NULL) to if (!ptr) for a better format and fix the warning. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 07f4f9c00ec545dfa6251a44a09d2c48a76e7ee5 Author: Sunil Khatri Date: Wed Aug 7 17:21:53 2024 +0530 drm/amdgpu: fix ptr check warning in gfx9 ip_dump Change if (ptr == NULL) to if (!ptr) for a better format and fix the warning. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 66e2d2d9a59f896def82a1c8684368be45cf4c06 Author: Wayne Lin Date: Wed Jul 31 17:04:44 2024 +0800 drm/amd/display: Check null pointer before try to access it [why & how] Make sure plane_state is not null before calling a function that dereferences it. Besides, remove redundant codes. Reviewed-by: Alex Hung Signed-off-by: Wayne Lin Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 1b686053c06ffb9f4524b288110cf2a831ff7a25 Author: Rodrigo Siqueira Date: Tue Jul 30 20:02:45 2024 -0600 drm/amd/display: Check null pointer before try to access it [why & how] Change the order of the pipe_ctx->plane_state check to ensure that plane_state is not null before accessing it. Reviewed-by: Alex Hung Signed-off-by: Rodrigo Siqueira Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit ce4f9f79ff8cfc78a064c533f0aab563a5613d81 Author: Muhammad Ahmed Date: Wed Jul 31 18:55:57 2024 -0400 drm/amd/display: guard otg disable w/a for test [why & how] HW removed this w/a, but we will still keep it to avoid regression. but return in test mode. Reviewed-by: Charlene Liu Signed-off-by: Muhammad Ahmed Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 8c4f9e466169b3e411947347fef09382c14e5733 Author: Aurabindo Pillai Date: Tue Jul 30 14:57:48 2024 -0400 drm/amd/display: Add more logging for MALL static screen [why & how] print additional info for MALL related calculations and DMCUB messaging to aid debugging. Reviewed-by: Rodrigo Siqueira Signed-off-by: Aurabindo Pillai Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 680458d41aa46a009909482f58358205b5c4b438 Author: Hansen Dsouza Date: Tue Jul 30 16:32:44 2024 -0400 drm/amd/display: Update to using new dccg callbacks [Why and how] Update to using new dccg callbacks Reviewed-by: Chris Park Signed-off-by: Hansen Dsouza Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 4af0d8ebf74ccbb60d33fdd410891283dd6cb109 Author: Austin Zheng Date: Tue Jul 30 11:55:23 2024 -0400 drm/amd/display: Unlock Pipes Based On DET Allocation [Why] DML21 does not allocate DET evenly between pipes. May result in underflow when unlocking the pipes as DET could be overallocated. [How] 1. Unlock pipes that have a decreased amount of DET allocation 2. Wait for the double buffer to be updated. 3. Unlock the remaining pipes. Reviewed-by: Alvin Lee Signed-off-by: Austin Zheng Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 95d9e0803e51d5a24276b7643b244c7477daf463 Author: Alex Hung Date: Mon Jul 29 15:29:09 2024 -0600 drm/amd/display: Check null pointers before using dc->clk_mgr [WHY & HOW] dc->clk_mgr is null checked previously in the same function, indicating it might be null. Passing "dc" to "dc->hwss.apply_idle_power_optimizations", which dereferences null "dc->clk_mgr". (The function pointer resolves to "dcn35_apply_idle_power_optimizations".) This fixes 1 FORWARD_NULL issue reported by Coverity. Reviewed-by: Rodrigo Siqueira Signed-off-by: Alex Hung Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit c20da89edb69f05ab78fe804899d50be2596b0f0 Author: Relja Vojvodic Date: Mon Jul 29 14:35:45 2024 -0400 drm/amd/display: 3DLUT non-DMA refactor [Why] Currently the handling for 3DLUT is found in multiple different places, which causes issues when the different functions are not in sync with each other. Frequently bugs occur because the LUT handling is broken up, and what has already been handled isn't kept track of well, which can cause earlier changes to the LUT params to be overridden. [How] Remove DMA LUT handling from DCN401 and refactor legacy LUT handling in one place to make it easier to keep track of what has and needs to be done. Reviewed-by: Ilya Bakoulin Signed-off-by: Relja Vojvodic Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 782cef7fc367542ccc851d93edbed166defdfc27 Author: Wenjing Liu Date: Fri May 31 11:37:15 2024 -0400 drm/amd/display: apply vmin optimization even if it doesn't reach vmin level [why] Based on power measurement result, in most cases when display clock is higher than Vmin display clock, lowering display clock using dynamic ODM will improve overall power consumption by 0 to 4 watts even if we can't reach Vmin. [how] Allow vmin optimization applied even if dispclk can't reach Vmin. Reviewed-by: Austin Zheng Signed-off-by: Wenjing Liu Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 596a4ec72876f1061f0ef4be47076b093f03b4f9 Author: Wenjing Liu Date: Mon May 27 10:30:45 2024 -0400 drm/amd/display: fix minor coding errors where dml21 phase 5 uses wrong variables [why & how] There is a coding error which causes incorrect variables to be assigned in DML21 phase 5. Reviewed-by: Austin Zheng Signed-off-by: Wenjing Liu Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 0fe20258b4989b9112b5e9470df33a0939403fd4 Author: Srinivasan Shanmugam Date: Fri Aug 2 12:20:36 2024 +0530 drm/amd/display: Add null check for 'afb' in amdgpu_dm_update_cursor (v2) This commit adds a null check for the 'afb' variable in the amdgpu_dm_update_cursor function. Previously, 'afb' was assumed to be null at line 8388, but was used later in the code without a null check. This could potentially lead to a null pointer dereference. Changes since v1: - Moved the null check for 'afb' to the line where 'afb' is used. (Alex) Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm.c:8433 amdgpu_dm_update_cursor() error: we previously assumed 'afb' could be null (see line 8388) Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Co-developed-by: Alex Hung Signed-off-by: Alex Hung Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit 311f2b587461f86e3c30e7ac28df38be4a862ac7 Author: Sunil Khatri Date: Thu Aug 8 23:36:26 2024 +0530 Revert "drm/amdgpu: add vcn ip dump ptr in vcn global struct" This reverts commit f3392e662efdc095f10109f588aa4f3be86f7eb5. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 434b3554d6435dc4e19083a2214dee40a88e09e1 Author: Sunil Khatri Date: Thu Aug 8 23:34:58 2024 +0530 Revert "drm/amdgpu: add vcn_v3_0 ip dump support" This reverts commit 58d283801d06d4434df6625ed6e6b8d2ba47fe65. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 2f93ec07ab54cae66155d0a09182843f358da178 Author: Sunil Khatri Date: Thu Aug 8 23:33:05 2024 +0530 Revert "drm/amdgpu: add print support for vcn_v3_0 ip dump" This reverts commit cd162ae9bc3ba91eb630a1321afd3d1dde5f2000. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit c7d4355648ffa02a1551495b05c71ea6c884d29c Author: Jack Xiao Date: Wed Aug 7 11:53:35 2024 +0800 drm/amdgpu/mes: add multiple mes ring instances support Add multiple mes ring instances in mes structure to support multiple mes pipes. Signed-off-by: Jack Xiao Acked-by: Alex Deucher Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 2ab5dc59177419d8a49e89585e82ff41524270fc Author: Jack Xiao Date: Wed Aug 7 11:43:45 2024 +0800 drm/amdgpu/mes12: update mes_v12_api_def.h Update mes12 api definition. Signed-off-by: Jack Xiao Acked-by: Alex Deucher Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 3df34334147e73b05480db6cf8353a405597d04a Author: Sunil Khatri Date: Thu Aug 8 23:29:09 2024 +0530 Revert "drm/amdgpu: add vcn_v5_0 ip dump support" This reverts commit a46a7bef7d41ee7787c246f47a656fbafe02f122. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit a46a7bef7d41ee7787c246f47a656fbafe02f122 Author: Sunil Khatri Date: Thu Aug 1 19:17:11 2024 +0530 drm/amdgpu: add vcn_v5_0 ip dump support Add support of vcn ip dump in the devcoredump for vcn_v5_0. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 947c0808693e267185c5471f87f83146e4300561 Author: Alex Deucher Date: Fri May 24 11:44:31 2024 -0400 drm/amdgpu/mes12: add API for legacy queue reset Add API for resetting kernel queues. Reviewed-by: Christian König Signed-off-by: Alex Deucher commit 45a2a4514320f9c835eccb661601357cb1fefd82 Author: Alex Deucher Date: Fri May 24 11:07:57 2024 -0400 drm/amdgpu/mes11: add API for legacy queue reset Add API for resetting kernel queues. Reviewed-by: Christian König Signed-off-by: Alex Deucher commit c30fb344a2f7fb5d553e98577185d9f8147598e2 Author: Alex Deucher Date: Fri May 24 10:49:33 2024 -0400 drm/amdgpu/mes: add API for legacy queue reset Add API for resetting kernel queues. Reviewed-by: Christian König Signed-off-by: Alex Deucher commit c6b86421f1f9ddf9d706f2453159813ee39d0cf9 Author: Bas Nieuwenhuizen Date: Tue Aug 6 22:27:32 2024 +0200 drm/amdgpu: Actually check flags for all context ops. Missing validation ... Checked libdrm and it clears all the structs, so we should be safe to just check everything. Signed-off-by: Bas Nieuwenhuizen Signed-off-by: Alex Deucher commit c6dbab46324b1742b50dc2fb5c1fee2c28129439 Author: Geert Uytterhoeven Date: Tue Jul 30 17:58:12 2024 +0200 drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() With -Werror: In function ‘r100_cp_init_microcode’, inlined from ‘r100_cp_init’ at drivers/gpu/drm/radeon/r100.c:1136:7: include/linux/printk.h:465:44: error: ‘%s’ directive argument is null [-Werror=format-overflow=] 465 | #define printk(fmt, ...) printk_index_wrap(_printk, fmt, ##__VA_ARGS__) | ^ include/linux/printk.h:437:17: note: in definition of macro ‘printk_index_wrap’ 437 | _p_func(_fmt, ##__VA_ARGS__); \ | ^~~~~~~ include/linux/printk.h:508:9: note: in expansion of macro ‘printk’ 508 | printk(KERN_ERR pr_fmt(fmt), ##__VA_ARGS__) | ^~~~~~ drivers/gpu/drm/radeon/r100.c:1062:17: note: in expansion of macro ‘pr_err’ 1062 | pr_err("radeon_cp: Failed to load firmware \"%s\"\n", fw_name); | ^~~~~~ Fix this by converting the if/else if/... construct into a proper switch() statement with a default to handle the error case. As a bonus, the generated code is ca. 100 bytes smaller (with gcc 11.4.0 targeting arm32). Signed-off-by: Geert Uytterhoeven Signed-off-by: Alex Deucher commit 020620424b27bababf7f53d00692ab919c357a3f Author: Arnd Bergmann Date: Fri Jul 19 12:08:28 2024 +0200 drm/amd: Use a constant format string for amdgpu_ucode_request Multiple files in amdgpu call amdgpu_ucode_request() with a fw_name variable that the compiler cannot check for being a valid format string, as seen by enabling the (default-disabled) -Wformat-security option: drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c: In function 'amdgpu_mes_init_microcode': drivers/gpu/drm/amd/amdgpu/amdgpu_mes.c:1517:61: error: format not a string literal and no format arguments [-Werror=format-security] 1517 | r = amdgpu_ucode_request(adev, &adev->mes.fw[pipe], fw_name); | ^~~~~~~ drivers/gpu/drm/amd/amdgpu/amdgpu_uvd.c: In function 'amdgpu_uvd_sw_init': drivers/gpu/drm/amd/amdgpu/amdgpu_uvd.c:263:9: error: format not a string literal and no format arguments [-Werror=format-security] 263 | r = amdgpu_ucode_request(adev, &adev->uvd.fw, fw_name); | ^ drivers/gpu/drm/amd/amdgpu/amdgpu_vce.c: In function 'amdgpu_vce_sw_init': drivers/gpu/drm/amd/amdgpu/amdgpu_vce.c:161:9: error: format not a string literal and no format arguments [-Werror=format-security] 161 | r = amdgpu_ucode_request(adev, &adev->vce.fw, fw_name); | ^ drivers/gpu/drm/amd/amdgpu/amdgpu_umsch_mm.c: In function 'amdgpu_umsch_mm_init_microcode': drivers/gpu/drm/amd/amdgpu/amdgpu_umsch_mm.c:590:9: error: format not a string literal and no format arguments [-Werror=format-security] 590 | r = amdgpu_ucode_request(adev, &adev->umsch_mm.fw, fw_name); | ^ drivers/gpu/drm/amd/amdgpu/amdgpu_cgs.c: In function 'amdgpu_cgs_get_firmware_info': drivers/gpu/drm/amd/amdgpu/amdgpu_cgs.c:417:72: error: format not a string literal and no format arguments [-Werror=format-security] 417 | err = amdgpu_ucode_request(adev, &adev->pm.fw, fw_name); | ^~~~~~~ drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm.c: In function 'load_dmcu_fw': drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm.c:2221:9: error: format not a string literal and no format arguments [-Werror=format-security] 2221 | r = amdgpu_ucode_request(adev, &adev->dm.fw_dmcu, fw_name_dmcu); | ^ drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm.c: In function 'dm_init_microcode': drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm.c:5147:9: error: format not a string literal and no format arguments [-Werror=format-security] 5147 | r = amdgpu_ucode_request(adev, &adev->dm.dmub_fw, fw_name_dmub); | ^ Change these all to use a "%s" format with the actual name as an argument, to let the compiler prove this to be correct. Fixes: e5a7d047f41b ("drm/amd: Use `amdgpu_ucode_*` helpers for CGS") Fixes: 52215e2a5d4a ("drm/amd: Use `amdgpu_ucode_*` helpers for VCE") Signed-off-by: Arnd Bergmann Signed-off-by: Alex Deucher commit 17d30ed33c8a9e7b866dd7c2ceb4a6858cfcaa81 Author: Tobias Jakobi Date: Sun Aug 4 15:56:29 2024 +0200 drm/amdgpu/swsmu: fix SMU11 typos (memlk -> memclk) No functional changes. Signed-off-by: Tobias Jakobi Signed-off-by: Alex Deucher commit 8641b817392bfb12fb1e71ebb68c31783297bfbd Author: Tobias Jakobi Date: Sun Aug 4 15:56:28 2024 +0200 drm/amd: Make amd_ip_funcs static for SDMA v5.2 The struct can be static, as it is only used in this translation unit. Signed-off-by: Tobias Jakobi Signed-off-by: Alex Deucher commit 9a12b1c7a0595736d398b24712dc1ce79072662e Author: Tobias Jakobi Date: Sun Aug 4 15:56:27 2024 +0200 drm/amd: Make amd_ip_funcs static for SDMA v5.0 The struct can be static, as it is only used in this translation unit. Signed-off-by: Tobias Jakobi Signed-off-by: Alex Deucher commit 3834ce360067b4ee98fdef14571923500a0499a4 Author: Remington Brasga Date: Wed Jul 31 05:54:51 2024 +0000 drm/amdgpu/uvd4: fix mask and shift definitions A few define's are listed twice with different, incorrect values. This fix sets them appropriately. Signed-off-by: Remington Brasga Signed-off-by: Alex Deucher commit 7b3a4e1d559e892ea563f46f45c504a60c82d70f Author: Colin Ian King Date: Fri Aug 2 12:42:52 2024 +0100 drm/amd/display: remove extraneous ; after statements There are a several statements with two following semicolons, replace these with just one semicolon. Signed-off-by: Colin Ian King Signed-off-by: Alex Deucher commit 0cee47cde41e22712c034ae961076067d4ac13a0 Author: WangYuli Date: Wed Jul 31 12:10:40 2024 +0800 drm/amd/amdgpu: Properly tune the size of struct The struct assertion is failed because sparse cannot parse `#pragma pack(push, 1)` and `#pragma pack(pop)` correctly. GCC's output is still 1-byte-aligned. No harm to memory layout. The error can be filtered out by sparse-diff, but sometimes multiple lines queezed into one, making the sparse-diff thinks its a new error. I'm trying to aviod this by fixing errors. Link: https://lore.kernel.org/all/20230620045919.492128-1-suhui@nfschina.com/ Link: https://lore.kernel.org/all/93d10611-9fbb-4242-87b8-5860b2606042@suswa.mountain/ Fixes: 1721bc1b2afa ("drm/amdgpu: Update VF2PF interface") Cc: Dan Carpenter Cc: wenlunpeng Reported-by: Su Hui Signed-off-by: WangYuli Signed-off-by: Alex Deucher commit c6c2e8b6a427d4fecc7c36cffccb908185afcab2 Author: Alex Deucher Date: Fri Jul 12 10:06:05 2024 -0400 drm/amdgpu/jpeg4: properly set atomics vmid field This needs to be set as well if the IB uses atomics. Reviewed-by: Leo Liu Signed-off-by: Alex Deucher commit 35c628774e50b3784c59e8ca7973f03bcb067132 Author: Alex Deucher Date: Fri Jul 12 10:00:33 2024 -0400 drm/amdgpu/jpeg2: properly set atomics vmid field This needs to be set as well if the IB uses atomics. Reviewed-by: Leo Liu Signed-off-by: Alex Deucher commit b7ecc44a1b0427d8c71fe2e2d46c4a8dd6e6f64d Author: Zhang Zekun Date: Mon Aug 12 20:35:43 2024 +0800 drm/hisilicon: Remove unused delarations hibmc_mm_init() has been removed since commit 28645ae064d1 ("drm/hisilicon/hibmc: Remove hibmc_ttm.c"), but remain the declaration untouched in the header files. So, let's remove this unused declaration. Signed-off-by: Zhang Zekun Reviewed-by: Thomas Zimmermann Signed-off-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240812123543.64300-1-zhangzekun11@huawei.com commit 446d0f4849b101bfc35c0d00835c3e3a4804616d Author: Thomas Zimmermann Date: Mon Aug 12 10:28:30 2024 +0200 drm: Remove struct drm_mode_config_funcs.output_poll_changed The output_poll_changed hook in struct drm_mode_config_funcs is unused. Remove it. The helper drm_client_dev_hotplug() implements the callback's functionality. Signed-off-by: Thomas Zimmermann Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240812083000.337744-10-tzimmermann@suse.de commit b5757a5be2fac24f5c138e8ddb3b2c7be8ba1cb3 Author: Thomas Zimmermann Date: Mon Aug 12 10:28:29 2024 +0200 drm: Remove struct drm_driver.lastclose The lastclose callback in struct drm_driver is unused. Remove it. Also update documentation. v2: - update to use drm_lastclose() - fix typo in documentation Signed-off-by: Thomas Zimmermann Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240812083000.337744-9-tzimmermann@suse.de commit 6c22aadbf6fd0240181eb4897308153c2aabec2a Author: Thomas Zimmermann Date: Mon Aug 12 10:28:28 2024 +0200 drm/fbdev-helper: Remove drm_fb_helper_output_poll_changed() The function is unused. Remove it. Signed-off-by: Thomas Zimmermann Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240812083000.337744-8-tzimmermann@suse.de commit 8df39400d0db29f84a72c891d1f526e3b61a332a Author: Thomas Zimmermann Date: Mon Aug 12 10:28:27 2024 +0200 drm/fbdev-helper: Update documentation on obsolete callbacks The old callbacks lastclose and output_poll_changed are deprecated and unused. Remove them from the documentation. Signed-off-by: Thomas Zimmermann Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240812083000.337744-7-tzimmermann@suse.de commit 17674d6603eab37a4f7b1cf5ba345d5a1e275fb7 Author: Thomas Zimmermann Date: Mon Aug 12 10:28:26 2024 +0200 drm/nouveau: Implement switcheroo reprobe with drm_client_dev_hotplug() Replace the call to drm_fb_helper_output_poll_changed() with a call to drm_client_dev_hotplug(). It is equivalent in functionality, but uses the DRM client infrastructure. v2: - fix commit description Signed-off-by: Thomas Zimmermann Reviewed-by: Daniel Vetter Acked-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240812083000.337744-6-tzimmermann@suse.de commit a0634663d09abcda84eae37e9817490628a034c9 Author: Thomas Zimmermann Date: Mon Aug 12 10:28:25 2024 +0200 drm/nouveau: Do not set struct drm_mode_config_funcs.output_poll_changed The output_poll_changed hook was only necessary before in-kernel DRM clients existed, but is now obsolete. The client code handles display hotplugging internally. v2: - fix commit description Signed-off-by: Thomas Zimmermann Reviewed-by: Daniel Vetter Acked-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240812083000.337744-5-tzimmermann@suse.de commit db1aeaf2a1374fb05d82a1f8fef5cbb059ce6a01 Author: Thomas Zimmermann Date: Mon Aug 12 10:28:24 2024 +0200 drm/nouveau: Do not set struct drm_driver.lastclose Remove the implementation of struct drm_driver.lastclose. The hook was only necessary before in-kernel DRM clients existed, but is now obsolete. The code in nouveau_vga_lastclose() is performed by drm_lastclose(). v2: - update commit description Signed-off-by: Thomas Zimmermann Reviewed-by: Daniel Vetter Acked-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240812083000.337744-4-tzimmermann@suse.de commit 7a26f18119d1daf910cca58f875582d50d0e4974 Author: Thomas Zimmermann Date: Mon Aug 12 10:28:23 2024 +0200 drm/amdgpu: Do not set struct drm_driver.lastclose Remove the implementation of struct drm_driver.lastclose. The hook was only necessary before in-kernel DRM clients existed, but is now obsolete. The code in amdgpu_driver_lastclose_kms() is performed by drm_lastclose(). v2: - update commit message Signed-off-by: Thomas Zimmermann Reviewed-by: Daniel Vetter Reviewed-by: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20240812083000.337744-3-tzimmermann@suse.de commit c3c5b79b6ed1d7ae7356b51f7c17bd88197bf405 Author: Thomas Zimmermann Date: Mon Aug 12 10:28:22 2024 +0200 drm: Do delayed switcheroo in drm_lastclose() Amdgpu and nouveau call vga_switcheroo_process_delayed_switch() from their lastclose callbacks. Call it from drm_lastclose(), so that the driver functions can finally be removed. Only PCI devices with enabled switcheroo do the delayed switching. The call has no effect on other hardware. v2: - move change to drm_lastclose() (Sima) - update docs for vga_switcheroo_process_delayed_switch() Signed-off-by: Thomas Zimmermann Reviewed-by: Daniel Vetter Reviewed-by: Alex Deucher Link: https://patchwork.freedesktop.org/patch/msgid/20240812083000.337744-2-tzimmermann@suse.de commit 237193e21b29d4aa0617ffeea3d6f49e72999708 Author: Hamza Mahfooz Date: Tue Aug 6 09:55:55 2024 -0400 drm/amd/display: fix s2idle entry for DCN3.5+ To be able to get to the lowest power state when suspending systems with DCN3.5+, we must be in IPS before the display hardware is put into D3cold. So, to ensure that the system always reaches the lowest power state while suspending, force systems that support IPS to enter idle optimizations before entering D3cold. Reviewed-by: Roman Li Signed-off-by: Hamza Mahfooz Signed-off-by: Alex Deucher commit 34e087e8920e635c62e2ed6a758b0cd27f836d13 Author: Jack Xiao Date: Thu Jul 18 16:38:50 2024 +0800 drm/amdgpu/mes: fix mes ring buffer overflow wait memory room until enough before writing mes packets to avoid ring buffer overflow. v2: squash in sched_hw_submission fix Fixes: de3246254156 ("drm/amdgpu: cleanup MES11 command submission") Fixes: fffe347e1478 ("drm/amdgpu: cleanup MES12 command submission") Signed-off-by: Jack Xiao Acked-by: Alex Deucher Signed-off-by: Alex Deucher commit 3706bcfbdb8aecdb506b80e45e2e5851044f1f28 Author: Bjorn Andersson Date: Mon Aug 12 20:34:19 2024 -0700 arm64: dts: qcom: sc8180x: Enable the power key No input events are generated from the pressing of the power key on either Primus or Flex 5G, because the device node isn't enabled. Give the power key node a label and enable this for the two devices. Signed-off-by: Bjorn Andersson Tested-by: Steev Klimaszewski Link: https://lore.kernel.org/r/20240812-sc8180x-pwrkey-enable-v1-1-2bcc22133774@quicinc.com Signed-off-by: Bjorn Andersson commit a28dc358e28fb0738dd23e401cd7646cb4b0f7f1 Author: Alexey Dobriyan Date: Mon Aug 12 21:12:10 2024 +0300 block: constify ext_pi_ref_escape() This function doesn't mutate data. Signed-off-by: Alexey Dobriyan Reviewed-by: Martin K. Petersen Reviewed-by: Christoph Hellwig Link: https://lore.kernel.org/r/d24611b3-dddf-473a-903d-39290db03b11@p183 Signed-off-by: Jens Axboe commit 49923a0dff59fa6b34aa6cc16dc9eefdbbcd3846 Author: Alexey Dobriyan Date: Mon Aug 12 21:10:33 2024 +0300 block: delete module stuff from t10-pi It is not possible to build t10-pi.ko anymore. This file doesn't even export functions. Signed-off-by: Alexey Dobriyan Reviewed-by: Martin K. Petersen Reviewed-by: Christoph Hellwig Link: https://lore.kernel.org/r/216ccc79-5b80-47b2-b507-990951aa810c@p183 Signed-off-by: Jens Axboe commit dde286ee57704226b500cb9eb59547fec07aad3d Author: Matti Vaittinen Date: Thu Aug 8 15:36:28 2024 +0300 regmap: Allow setting IRQ domain name suffix When multiple IRQ domains are created from the same device-tree node they will get the same name based on the device-tree path. This will cause a naming collision in debugFS when IRQ domain specific entries are created. The regmap-IRQ creates per instance IRQ domains. This will lead to a domain name conflict when a device which provides more than one interrupt line uses the regmap-IRQ. Add support for specifying an IRQ domain name suffix when creating a regmap-IRQ controller. Signed-off-by: Matti Vaittinen Link: https://patch.msgid.link/776bc4996969e5081bcf61b9bdb5517e537147a3.1723120028.git.mazziesaccount@gmail.com Signed-off-by: Mark Brown commit bf5ba94fa0b90c9433167bf143780af6c8805479 Author: Andrei Simion Date: Mon Aug 12 16:52:26 2024 +0300 regulator: dt-bindings: microchip,mcp16502: Add voltage input supply documentation Update the yaml schema with info about input supply phandle for each buck and ldo according with the PMIC MCP16502 Datasheet. Signed-off-by: Andrei Simion Link: https://patch.msgid.link/20240812135231.43744-3-andrei.simion@microchip.com Signed-off-by: Mark Brown commit 861289835002b733aa8715442ba555b1daa84baa Author: Andrei Simion Date: Mon Aug 12 16:52:25 2024 +0300 regulator: mcp16502: Add supplier for regulators Based on the datasheet [1] (Block Diagram) PVIN[1-4] and LVIN represent the input voltage supply for each BUCKs respective LDOs. Update the driver to align with the datasheet [1]. [1]: https://ww1.microchip.com/downloads/aemDocuments/documents/APID/ProductDocuments/DataSheets/MCP16502-Data-Sheet-DS20006275.pdf Co-developed-by: Mihai Sain Signed-off-by: Mihai Sain Signed-off-by: Andrei Simion Link: https://patch.msgid.link/20240812135231.43744-2-andrei.simion@microchip.com Signed-off-by: Mark Brown commit c6f3abbbdc99930f831d5c76dac32ddbd9b88fa1 Author: Vijendar Mukunda Date: Tue Aug 13 13:38:50 2024 +0530 ASoC: amd: acp: add legacy driver support for ACP7.1 based platforms Add acp pci driver and machine driver changes for ACP7.1 based platforms for legacy stack. Signed-off-by: Vijendar Mukunda Link: https://patch.msgid.link/20240813080850.3107409-1-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit ab73c7c0e5800a44690023cfdfeac72d3b6b95e8 Author: Christophe JAILLET Date: Tue Aug 6 15:52:24 2024 +0200 ASoC: rt1318: Constify struct reg_sequence 'struct reg_sequence' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security. While at it, remove rt1318_INIT_REG_LEN which is ununsed. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 22062 4859 32 26953 6949 sound/soc/codecs/rt1318.o After: ===== text data bss dec hex filename 24742 2171 32 26945 6941 sound/soc/codecs/rt1318.o Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/96561dd2962d4312eb0e68ab850027f44350d070.1722952334.git.christophe.jaillet@wanadoo.fr Signed-off-by: Mark Brown commit 6024b86b4a618b6973cf6fc5ed3fa21280e395b9 Author: Vijendar Mukunda Date: Mon Aug 12 15:34:22 2024 +0530 ASoC: amd: acp: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Vijendar Mukunda Reviewed-by: Ranjani Sridharan Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240812100429.2594745-1-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 86297bb30ae094e14a3a6c62b870a2f301a180a2 Author: Christophe JAILLET Date: Tue Aug 6 15:43:00 2024 +0200 ASoC: cs43130: Constify struct reg_sequence and reg_sequences 'struct reg_sequence' and 'struct reg_sequences' are not modified in this drivers. Constifying these structures moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 54409 7881 64 62354 f392 sound/soc/codecs/cs43130.o After: ===== text data bss dec hex filename 55562 6729 64 62355 f393 sound/soc/codecs/cs43130.o Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/5b906a0cc9b7be15d0d6310069f54254a75ea767.1722951770.git.christophe.jaillet@wanadoo.fr Reviewed-by: Charles Keepax Signed-off-by: Mark Brown commit b53515fa177ca7cf0793f573d5885bcb25a62b1b Author: Cristian Marussi Date: Mon Aug 12 18:33:36 2024 +0100 firmware: arm_scmi: Make MBOX transport a standalone driver Make SCMI mailbox transport a standalone driver that can be optionally loaded as a module; while at it, create a dedicated subdirectory and submenu for SCMI Transports. Signed-off-by: Cristian Marussi Message-Id: <20240812173340.3912830-6-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit 8b76a8c95930a36389e2301b306747ff6f06cb16 Author: Cristian Marussi Date: Mon Aug 12 18:33:35 2024 +0100 firmware: arm_scmi: Add support for standalone transport drivers Extend the core SCMI stack with structures and methods to allow for transports to be split out as standalone drivers, while still supporting old style transports, defined as built into the SCMI core stack. No functional change. Signed-off-by: Cristian Marussi Tested-by: Peng Fan #i.MX95 19x19 EVK Tested-by: Florian Fainelli Message-Id: <20240812173340.3912830-5-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit b6b7c77c988a1314b2a3505f9962a6bfc563a8dc Author: Cristian Marussi Date: Mon Aug 12 18:33:34 2024 +0100 firmware: arm_scmi: Introduce packet handling helpers Introduce a pair of structures initialized to contain all the existing packet handling helpers, both for transports based on shared memory and messages. No functional change. Signed-off-by: Cristian Marussi Tested-by: Peng Fan #i.MX95 19x19 EVK Tested-by: Florian Fainelli Message-Id: <20240812173340.3912830-4-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit 1ebc28e9357cc1064c5ae79a4c87c6b424b10b6e Author: Peng Fan Date: Mon Aug 12 18:33:33 2024 +0100 firmware: arm_scmi: Introduce setup_shmem_iomap To get the address of shmem could be generalized by introducing setup_shmem_iomap. Then the duplicated code in mailbox.c, optee.c and smc.c could be dropped. Signed-off-by: Peng Fan [ Cristian: use OF __free and make use of the new helper also in smc.c ] Signed-off-by: Cristian Marussi Tested-by: Peng Fan #i.MX95 19x19 EVK Tested-by: Florian Fainelli Message-Id: <20240812173340.3912830-3-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit e98dba934b2fc587eafb83f47ad64d9053b18ae0 Author: Cristian Marussi Date: Mon Aug 12 18:33:32 2024 +0100 firmware: arm_scmi: Fix double free in OPTEE transport Channels can be shared between protocols, avoid freeing the same channel descriptors twice when unloading the stack. Fixes: 5f90f189a052 ("firmware: arm_scmi: Add optee transport") Signed-off-by: Cristian Marussi Tested-by: Peng Fan #i.MX95 19x19 EVK Reviewed-by: Peng Fan Tested-by: Florian Fainelli Message-Id: <20240812173340.3912830-2-cristian.marussi@arm.com> Signed-off-by: Sudeep Holla commit a1fab3e69d9d0e9b62aab4450cb97da432ac3ef2 Author: Sohil Mehta Date: Mon Aug 12 21:43:18 2024 +0000 x86/irq: Fix comment on IRQ vector layout commit f5a3562ec9dd ("x86/irq: Reserve a per CPU IDT vector for posted MSIs") changed the first system vector from LOCAL_TIMER_VECTOR to POSTED_MSI_NOTIFICATION_VECTOR. Reflect this change in the vector layout comment as well. However, instead of pointing to the specific vector, use the FIRST_SYSTEM_VECTOR indirection which essentially refers to the same. This avoids unnecessary modifications to the same comment whenever additional system vectors get added. Signed-off-by: Sohil Mehta Signed-off-by: Thomas Gleixner Reviewed-by: Jacob Pan Link: https://lore.kernel.org/all/20240812214318.2715360-1-sohil.mehta@intel.com commit 2db5f86c0d5da9ef0f3a1a5a9c460bf0f36268bf Author: Yue Haibing Date: Sat Aug 10 17:36:10 2024 +0800 x86/apic: Remove unused extern declarations The removal of get_physical_broadcast(), generic_bigsmp_probe() and default_apic_id_valid() left the stale declarations around. Remove them. Signed-off-by: Yue Haibing Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240810093610.2586665-1-yuehaibing@huawei.com commit dd1bf9f9df156b43e5122f90d97ac3f59a1a5621 Author: Rosen Penev Date: Thu Aug 8 21:49:51 2024 -0700 net: hinic: use ethtool_sprintf/puts Simpler and avoids manual pointer addition. Signed-off-by: Rosen Penev Link: https://patch.msgid.link/20240809044957.4534-1-rosenp@gmail.com Signed-off-by: Paolo Abeni commit ae98f5c9fd8ba84cd408b41faa77e65bf1b4cdfa Merge: 748e21d94a34ed 89fbe672bd0e5e Author: Kalle Valo Date: Tue Aug 13 12:58:32 2024 +0300 Merge tag 'ath-next-20240812' of git://git.kernel.org/pub/scm/linux/kernel/git/ath/ath ath.git patches for v6.12 This is a fairly light pull request since ath12k is still working on MLO-related changes, and the other drivers are mostly in maintenance mode with a few cleanups and bug fixes. Major changes: ath12k * DebugFS support for transmit DE stats * Make ASPM support hardware-dependent * Align BSS Channel information command and message with firmware ath11k * Use work queue for beacon tx events ath9k * Use devm for gpio_request_one * Use unmanaged PCI functions in ath9k_pci_owl_loader() commit 748e21d94a34edc6e74e9ec674e93e570d3d0d3e Author: Gustavo A. R. Silva Date: Thu Aug 8 16:11:15 2024 -0600 wifi: mwl8k: Use static_assert() to check struct sizes Commit 5c4250092fad ("wifi: mwl8k: Avoid -Wflex-array-member-not-at-end warnings") introduced tagged `struct mwl8k_cmd_pkt_hdr`. We want to ensure that when new members need to be added to the flexible structure, they are always included within this tagged struct. We use `static_assert()` to ensure that the memory layout for both the flexible structure and the tagged struct is the same after any changes. Signed-off-by: Gustavo A. R. Silva Signed-off-by: Kalle Valo Link: https://patch.msgid.link/ZrVCg51Q9M2fTPaF@cute commit 18ec12c97b39ff6aa15beb8d2b25d15cd44b87d8 Author: Jinjie Ruan Date: Mon Aug 12 16:06:58 2024 +0800 driver core: Fix a potential null-ptr-deref in module_add_driver() Inject fault while probing of-fpga-region, if kasprintf() fails in module_add_driver(), the second sysfs_remove_link() in exit path will cause null-ptr-deref as below because kernfs_name_hash() will call strlen() with NULL driver_name. Fix it by releasing resources based on the exit path sequence. KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] Mem abort info: ESR = 0x0000000096000005 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x05: level 1 translation fault Data abort info: ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [dfffffc000000000] address between user and kernel address ranges Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: of_fpga_region(+) fpga_region fpga_bridge cfg80211 rfkill 8021q garp mrp stp llc ipv6 [last unloaded: of_fpga_region] CPU: 2 UID: 0 PID: 2036 Comm: modprobe Not tainted 6.11.0-rc2-g6a0e38264012 #295 Hardware name: linux,dummy-virt (DT) pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : strlen+0x24/0xb0 lr : kernfs_name_hash+0x1c/0xc4 sp : ffffffc081f97380 x29: ffffffc081f97380 x28: ffffffc081f97b90 x27: ffffff80c821c2a0 x26: ffffffedac0be418 x25: 0000000000000000 x24: ffffff80c09d2000 x23: 0000000000000000 x22: 0000000000000000 x21: 0000000000000000 x20: 0000000000000000 x19: 0000000000000000 x18: 0000000000001840 x17: 0000000000000000 x16: 0000000000000000 x15: 1ffffff8103f2e42 x14: 00000000f1f1f1f1 x13: 0000000000000004 x12: ffffffb01812d61d x11: 1ffffff01812d61c x10: ffffffb01812d61c x9 : dfffffc000000000 x8 : 0000004fe7ed29e4 x7 : ffffff80c096b0e7 x6 : 0000000000000001 x5 : ffffff80c096b0e0 x4 : 1ffffffdb990efa2 x3 : 0000000000000000 x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000000 Call trace: strlen+0x24/0xb0 kernfs_name_hash+0x1c/0xc4 kernfs_find_ns+0x118/0x2e8 kernfs_remove_by_name_ns+0x80/0x100 sysfs_remove_link+0x74/0xa8 module_add_driver+0x278/0x394 bus_add_driver+0x1f0/0x43c driver_register+0xf4/0x3c0 __platform_driver_register+0x60/0x88 of_fpga_region_init+0x20/0x1000 [of_fpga_region] do_one_initcall+0x110/0x788 do_init_module+0x1dc/0x5c8 load_module+0x3c38/0x4cac init_module_from_file+0xd4/0x128 idempotent_init_module+0x2cc/0x528 __arm64_sys_finit_module+0xac/0x100 invoke_syscall+0x6c/0x258 el0_svc_common.constprop.0+0x160/0x22c do_el0_svc+0x44/0x5c el0_svc+0x48/0xb8 el0t_64_sync_handler+0x13c/0x158 el0t_64_sync+0x190/0x194 Code: f2fbffe1 a90157f4 12000802 aa0003f5 (38e16861) ---[ end trace 0000000000000000 ]--- Kernel panic - not syncing: Oops: Fatal exception Fixes: 85d2b0aa1703 ("module: don't ignore sysfs_create_link() failures") Signed-off-by: Jinjie Ruan Link: https://lore.kernel.org/r/20240812080658.2791982-1-ruanjinjie@huawei.com Signed-off-by: Greg Kroah-Hartman commit 4a017c0163833fa3b0ebd2419973d30e9bd67e1e Author: Florian Rommel Date: Mon Aug 12 10:54:59 2024 +0200 kgdbts: fix hw_access_break_test The test for access watchpoints (hw_access_break_test) was broken (always failed) because the compiler optimized out the write to the static helper variable (hw_break_val2), as it is never read anywhere. This resulted in the target variable (hw_break_val) not being accessed and thus the breakpoint not being triggered. Remove the helper variable (hw_break_val2), and use READ_ONCE to force reading the target variable (hw_break_val). Signed-off-by: Florian Rommel Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20240812085459.291741-1-mail@florommel.de Signed-off-by: Greg Kroah-Hartman commit d727f0217ad6e92cfcdc80b4d01cea1cabc74c75 Author: Tree Davies Date: Sun Aug 11 18:36:50 2024 -0700 Staging: rtl8192e: Rename variable nSubframe_Length Rename variable nSubframe_Length to subframe_len to fix checkpatch warning Avoid CamelCase. Signed-off-by: Tree Davies Link: https://lore.kernel.org/r/20240812013650.199675-1-tdavies@darkphysics.net Signed-off-by: Greg Kroah-Hartman commit 91dfee97aca0edad106c786e27df983b88878354 Author: Jiwon Kim Date: Mon Aug 5 13:56:23 2024 +0000 staging: rtl8723bs: Delete unnecessary braces for single statement blocks in xmit_linux.c Delete braces {} for single statement blocks to shorten code. Signed-off-by: Jiwon Kim Reviewed-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240805135623.2069-1-jiwonaid0@gmail.com Signed-off-by: Greg Kroah-Hartman commit bc41879dd624e712578d7afd612647f0fe31572d Author: Thais-ra Date: Sat Aug 3 07:22:36 2024 +0000 greybus: camera-gb: Fix a alignment bug on gb_camera_ops() Fix checkpatch message "CHECK: Alignment should match open parenthesis". Signed-off-by: Thais-ra Link: https://lore.kernel.org/r/20240803072236.368-1-thais_ra@riseup.net Signed-off-by: Greg Kroah-Hartman commit f0bf2c33ba5a4d5df5be94fa7d89a8bda4b26f67 Author: Manjae Cho Date: Thu Aug 1 07:51:34 2024 +0900 staging: rtl8723bs: Improve clarity of MAR usage This patch improves the readability of the code related to the Multicast Address Register (REG_MAR) in the rtl8723bs driver. It adds comments to clarify the purpose and offset of the register, making the code more self-documenting without introducing new macros. Signed-off-by: Manjae Cho Reviewed-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240731225134.917542-1-manjae.cho@samsung.com Signed-off-by: Greg Kroah-Hartman commit 6d2c95ab495448b295a7bccb86183b98a936e4db Author: Thomas Zimmermann Date: Wed Jul 31 14:58:52 2024 +0200 staging: olpc_dcon: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Jens Frederich Cc: Jon Nettleton Cc: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240731130130.1148153-3-tzimmermann@suse.de Signed-off-by: Greg Kroah-Hartman commit 0929391a82cb8bbd93b9aa45a7d2c16ed72b1ad3 Author: Thomas Zimmermann Date: Wed Jul 31 14:58:51 2024 +0200 staging: fbtft: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240731130130.1148153-2-tzimmermann@suse.de Signed-off-by: Greg Kroah-Hartman commit 1ba70c69fc361400893ed41044c4f0f08e17449b Author: Riyan Dhiman Date: Wed Jul 31 12:35:07 2024 +0530 staging: vme_user: vme.h: alignment of closing parenthesis should match open parenthesis in function declaration Adhere to Linux kernel coding style. Reported by checkpatch: CHECK: Alignment should match open parenthesis Signed-off-by: Riyan Dhiman Link: https://lore.kernel.org/r/20240731070507.6290-1-riyandhiman14@gmail.com Signed-off-by: Greg Kroah-Hartman commit 844efaef48e846b5310b0e7af5e7578762eb7e8d Author: Andy Shevchenko Date: Mon Apr 22 17:33:38 2024 +0300 drm: fixed: Don't use "proxy" headers Update header inclusions to follow IWYU (Include What You Use) principle. Signed-off-by: Andy Shevchenko Reviewed-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240422143338.2026791-1-andriy.shevchenko@linux.intel.com Signed-off-by: Jani Nikula commit d408d6f8cbbb5ad92b383f33d091f027f5740aea Author: Jani Nikula Date: Mon Aug 12 13:30:21 2024 +0300 drm/xe: add kdev_to_xe_device() helper and use it There are enough users for kernel device to xe device conversion, add a helper for it. Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/38c80846e70c7e410850530426384e17cff9d031.1723458544.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit ec0796e6446352e9e4ecb1804bf470d1ca47c5f9 Author: Jani Nikula Date: Mon Aug 12 13:30:20 2024 +0300 drm/xe: use pdev_to_xe_device() instead of pci_get_drvdata() directly We have a helper for converting pci device to xe device, use it. Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/1b87c2e56200e001ce3a5d2f4a93eb26b294df32.1723458544.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 50680d1698f4d4c9651822398805cb943b7c04aa Author: Jani Nikula Date: Mon Aug 12 13:30:19 2024 +0300 drm/xe/tests: remove unused leftover xe_call_for_each_device() xe_call_for_each_device() has been unused since commit 57ecead343e7 ("drm/xe/tests: Convert xe_mocs live tests"). Remove it and the related dev_to_xe_device_fn() and struct kunit_test_data. Cc: Lucas De Marchi Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/fa3bb23d005313c9797f557e1211fde09fcb59cc.1723458544.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 2c9c2a3d1aeb1c1c598dcb9a75daf4f2247f9007 Merge: 2bbf1aedd66502 97714695ef904a Author: Paolo Abeni Date: Tue Aug 13 10:59:05 2024 +0200 Merge branch 'net-netconsole-fix-netconsole-unsafe-locking' Breno Leitao says: ==================== net: netconsole: Fix netconsole unsafe locking Problem: ======= The current locking mechanism in netconsole is unsafe and suboptimal due to the following issues: 1) Lock Release and Reacquisition Mid-Loop: In netconsole_netdev_event(), the target_list_lock is released and reacquired within a loop, potentially causing collisions and cleaning up targets that are being enabled. int netconsole_netdev_event() { ... spin_lock_irqsave(&target_list_lock, flags); list_for_each_entry(nt, &target_list, list) { spin_unlock_irqrestore(&target_list_lock, flags); __netpoll_cleanup(&nt->np); spin_lock_irqsave(&target_list_lock, flags); } spin_lock_irqsave(&target_list_lock, flags); ... } 2) Non-Atomic Cleanup Operations: In enabled_store(), the cleanup of structures is not atomic, risking cleanup of structures that are in the process of being enabled. size_t enabled_store() { ... spin_lock_irqsave(&target_list_lock, flags); nt->enabled = false; spin_unlock_irqrestore(&target_list_lock, flags); netpoll_cleanup(&nt->np); ... } These issues stem from the following limitations in netconsole's locking design: 1) write_{ext_}msg() functions: a) Cannot sleep b) Must iterate through targets and send messages to all enabled entries. c) List iteration is protected by target_list_lock spinlock. 2) Network event handling in netconsole_netdev_event(): a) Needs to sleep b) Requires iteration over the target list (holding target_list_lock spinlock). c) Some events necessitate netpoll struct cleanup, which *needs* to sleep. The target_list_lock needs to be used by non-sleepable functions while also protecting operations that may sleep, leading to the current unsafe design. Solution: ======== 1) Dual Locking Mechanism: - Retain current target_list_lock for non-sleepable use cases. - Introduce target_cleanup_list_lock (mutex) for sleepable operations. 2) Deferred Cleanup: - Implement atomic, deferred cleanup of structures using the new mutex (target_cleanup_list_lock). - Avoid the `goto` in the middle of the list_for_each_entry 3) Separate Cleanup List: - Create target_cleanup_list for deferred cleanup, protected by target_cleanup_list_lock. - This allows cleanup() to sleep without affecting message transmission. - When iterating over targets, move devices needing cleanup to target_cleanup_list. - Handle cleanup under the target_cleanup_list_lock mutex. 4) Make a clear locking hierarchy - The target_cleanup_list_lock takes precedence over target_list_lock. - Major Workflow Locking Sequences: a) Network Event Affecting Netpoll (netconsole_netdev_event): rtnl -> target_cleanup_list_lock -> target_list_lock b) Message Writing (write_msg()): console_lock -> target_list_lock c) Configfs Target Enable/Disable (enabled_store()): dynamic_netconsole_mutex -> target_cleanup_list_lock -> target_list_lock This hierarchy ensures consistent lock acquisition order across different operations, preventing deadlocks and maintaining proper synchronization. The target_cleanup_list_lock's higher priority allows for safe deferred cleanup operations without interfering with regular message transmission protected by target_list_lock. Each workflow follows a specific locking sequence, ensuring that operations like network event handling, message writing, and target management are properly synchronized and do not conflict with each other. Changelog: v3: * Move netconsole_process_cleanups() function to inside CONFIG_NETCONSOLE_DYNAMIC block, avoiding Werror=unused-function (Jakub) v2: * The selftest has been removed from the patchset because veth is now IFF_DISABLE_NETPOLL. A new test will be sent separately. * https://lore.kernel.org/all/20240807091657.4191542-1-leitao@debian.org/ v1: * https://lore.kernel.org/all/20240801161213.2707132-1-leitao@debian.org/ ==================== Link: https://patch.msgid.link/20240808122518.498166-1-leitao@debian.org Signed-off-by: Paolo Abeni commit 97714695ef904a4bdba75ca2f339215c0ae2b1fa Author: Breno Leitao Date: Thu Aug 8 05:25:11 2024 -0700 net: netconsole: Defer netpoll cleanup to avoid lock release during list traversal Current issue: - The `target_list_lock` spinlock is held while iterating over target_list() entries. - Mid-loop, the lock is released to call __netpoll_cleanup(), then reacquired. - This practice compromises the protection provided by `target_list_lock`. Reason for current design: 1. __netpoll_cleanup() may sleep, incompatible with holding a spinlock. 2. target_list_lock must be a spinlock because write_msg() cannot sleep. (See commit b5427c27173e ("[NET] netconsole: Support multiple logging targets")) Defer the cleanup of the netpoll structure to outside the target_list_lock() protected area. Create another list (target_cleanup_list) to hold the entries that need to be cleaned up, and clean them using a mutex (target_cleanup_list_lock). Signed-off-by: Breno Leitao Signed-off-by: Paolo Abeni commit f2ab4c1a9288774b1f9c102f0cb1b478965169bb Author: Breno Leitao Date: Thu Aug 8 05:25:10 2024 -0700 net: netconsole: Unify Function Return Paths The return flow in netconsole's dynamic functions is currently inconsistent. This patch aims to streamline and standardize the process by ensuring that the mutex is unlocked before returning the ret value. Additionally, this update includes a minor functional change where certain strnlen() operations are performed with the dynamic_netconsole_mutex locked. This adjustment is not anticipated to cause any issues, however, it is crucial to document this change for clarity. Signed-off-by: Breno Leitao Signed-off-by: Paolo Abeni commit 5c4a39e8a608a0f0afa2710f469432e5bfce4562 Author: Breno Leitao Date: Thu Aug 8 05:25:09 2024 -0700 net: netconsole: Standardize variable naming Update variable names from err to ret in cases where the variable may return non-error values. This change facilitates a forthcoming patch that relies on ret being used consistently to handle return values, regardless of whether they indicate an error or not. Signed-off-by: Breno Leitao Signed-off-by: Paolo Abeni commit e0a2b7e4a0f926948e7ade15cea5a43038dd790c Author: Breno Leitao Date: Thu Aug 8 05:25:08 2024 -0700 net: netconsole: Correct mismatched return types netconsole incorrectly mixes int and ssize_t types by using int for return variables in functions that should return ssize_t. This is fixed by updating the return variables to the appropriate ssize_t type, ensuring consistency across the function definitions. Signed-off-by: Breno Leitao Signed-off-by: Paolo Abeni commit 1ef33652d22c69a2a7519d003cd6c79b8e514f44 Author: Breno Leitao Date: Thu Aug 8 05:25:07 2024 -0700 net: netpoll: extract core of netpoll_cleanup Extract the core part of netpoll_cleanup(), so, it could be called from a caller that has the rtnl lock already. Netconsole uses this in a weird way right now: __netpoll_cleanup(&nt->np); spin_lock_irqsave(&target_list_lock, flags); netdev_put(nt->np.dev, &nt->np.dev_tracker); nt->np.dev = NULL; nt->enabled = false; This will be replaced by do_netpoll_cleanup() as the locking situation is overhauled. Signed-off-by: Breno Leitao Reviewed-by: Rik van Riel Signed-off-by: Paolo Abeni commit 788f125e5db14cec5e59a32c5e455a8ffa2ae886 Author: Benjamin Hahn Date: Fri Aug 9 11:02:31 2024 +0200 arm64: dts: freescale: imx8mp-phyboard-pollux: Add and enable TPM Add support for TPM for phyBOARD Pollux. Reviewed-by: Peng Fan Reviewed-by: Fabio Estevam Signed-off-by: Benjamin Hahn Reviewed-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit 3298cd7831798b4045b5770768c81a4a05c43ac5 Author: Clark Wang Date: Thu Aug 8 12:21:57 2024 -0400 arm64: dts: imx93: add lpi2c1 and st lsm6dso node The i.MX93 11x11 EVK has a ST LSM6DSO connected to I2C, which a is 6-axis IMU (inertial measurement unit = accelerometer & gyroscope). So add the missing parts to the DTS file. Signed-off-by: Clark Wang Reviewed-by: Haibo Chen Signed-off-by: Li Yang Signed-off-by: Dong Aisheng Signed-off-by: Frank Li Reviewed-by: Peng Fan Signed-off-by: Shawn Guo commit ebd60f604a8892f5d254b7aaea156788c814ed43 Author: Fabio Estevam Date: Thu Aug 8 09:32:06 2024 -0300 arm64: dts: imx93-tqma9352-mba93: Fix USB hub node name According to microchip,usb2514.yaml, the node name must contain 'usb-hub'. Change it accordingly to fix the following dt-schema warning: hub@1: $nodename:0: 'hub@1' does not match '^usb(@.*)?' Signed-off-by: Fabio Estevam Reviewed-by: Alexander Stein Signed-off-by: Shawn Guo commit d77d0cebbbbc0d21c384659b685df54b78b30459 Author: Fabio Estevam Date: Thu Aug 8 09:22:07 2024 -0300 arm64: dts: imx8mm/n-beacon-kit: Fix the order of ADV7535 reg entries According to adi,adv7533.yaml, the order for the reg and reg-names entries must be: main, edid, cec, and packet. Fix it accordingly to remove the following dt-schema warnings: hdmi@3d: reg-names:1: 'edid' was expected hdmi@3d: reg-names:2: 'cec' was expected Signed-off-by: Fabio Estevam Reviewed-by: Adam Ford Signed-off-by: Shawn Guo commit e5e5cc8f73fa677b5b96404b9595d653a9ee0805 Author: Vasant Hegde Date: Mon Jul 22 11:54:52 2024 +0000 iommu/amd: Add blocked domain support Create global blocked domain with attach device ops. It will clear the DTE so that all DMA from device will be aborted. Signed-off-by: Vasant Hegde Reviewed-by: Suravee Suthikulpanit Reviewed-by: Jason Gunthorpe Link: https://lore.kernel.org/r/20240722115452.5976-1-vasant.hegde@amd.com Signed-off-by: Joerg Roedel commit ebfaa1a900c4e5cacb553eff60bb8aa15675e3f3 Author: Fabio Estevam Date: Wed Aug 7 13:51:11 2024 -0300 ARM: dts: imx1/imx27: Use dma-controller as node name According to fsl,imx-dma.yaml, the node name must be dma-controller. Change it accordingly to fix the following dt-schema warnings: 'dma@10001000' does not match '^dma-controller(@.*)?$' Signed-off-by: Fabio Estevam Signed-off-by: Shawn Guo commit 7b9414cb2d370b7c5149b37f585b077af2ae211b Author: Andy Shevchenko Date: Mon Aug 12 22:29:40 2024 +0300 irqdomain: Remove stray '-' in the domain name When the domain suffix is not supplied alloc_fwnode_name() unconditionally adds a separator. Fix the format strings to get rid of the stray '-' separator. Fixes: 1e7c05292531 ("irqdomain: Allow giving name suffix for domain") Signed-off-by: Andy Shevchenko Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240812193101.1266625-3-andriy.shevchenko@linux.intel.com commit c0ece64497992473aabbcbb007e2afecc8d750a2 Author: Andy Shevchenko Date: Mon Aug 12 22:29:39 2024 +0300 irqdomain: Clarify checks for bus_token The code uses if (bus_token) and if (bus_token == DOMAIN_BUS_ANY). Since bus_token is an enum, the latter is more robust against changes. Convert all !bus_token checks to explicitely check for DOMAIN_BUS_ANY. Signed-off-by: Andy Shevchenko Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240812193101.1266625-2-andriy.shevchenko@linux.intel.com commit c26cee817f8bd9a22bfade20f739ec2fc6f20221 Author: David Sands Date: Sat Aug 10 20:00:05 2024 -0400 usb: gadget: f_fs: add capability for dfu functional descriptor Add the ability for the USB FunctionFS (FFS) gadget driver to be able to create Device Firmware Upgrade (DFU) functional descriptors. [1] This patch allows implementation of DFU in userspace using the FFS gadget. The DFU protocol uses the control pipe (ep0) for all messaging so only the addition of the DFU functional descriptor is needed in the kernel driver. The DFU functional descriptor is written to the ep0 file along with any other descriptors during FFS setup. DFU requires an interface descriptor followed by the DFU functional descriptor. This patch includes documentation of the added descriptor for DFU and conversion of some existing documentation to kernel-doc format so that it can be included in the generated docs. An implementation of DFU 1.1 that implements just the runtime descriptor using the FunctionFS gadget (with rebooting into u-boot for DFU mode) has been tested on an i.MX8 Nano. An implementation of DFU 1.1 that implements both runtime and DFU mode using the FunctionFS gadget has been tested on Xilinx Zynq UltraScale+. Note that for the best performance of firmware update file transfers, the userspace program should respond as quick as possible to the setup packets. [1] https://www.usb.org/sites/default/files/DFU_1.1.pdf Signed-off-by: David Sands Co-developed-by: Chris Wulff Signed-off-by: Chris Wulff Link: https://lore.kernel.org/r/20240811000004.1395888-2-crwulff@gmail.com Signed-off-by: Greg Kroah-Hartman commit d1e14e06810a96ef0cdabf572513594031d4dad6 Author: Christophe JAILLET Date: Sat Aug 10 23:05:46 2024 +0200 usb: gadget: configfs: Constify struct config_item_type 'struct config_item_type' is not modified in this file. Apparently, these structures are only used with config_group_init_type_name() which takes a const struct config_item_type* as a 3rd argument. Constifying this structure moves some data to a read-only section, so increase overall security, especially when the structure holds some function pointers. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 40834 5112 64 46010 b3ba drivers/usb/gadget/configfs.o After: ===== text data bss dec hex filename 41218 4728 64 46010 b3ba drivers/usb/gadget/configfs.o Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/513223e97082e1bb758e36d55c175ec9ea34a71c.1723323896.git.christophe.jaillet@wanadoo.fr Signed-off-by: Greg Kroah-Hartman commit c343e66ed009fdb6206787558130ccbd504ffc12 Author: Christophe JAILLET Date: Sat Aug 10 22:52:17 2024 +0200 usb: gadget: configfs: Make check_user_usb_string() static "linux/usb/gadget_configfs.h" is only included in "drivers/usb/gadget/configfs.c", so there is no need to declare a function in the header file. it is only used in this .c file. It's better to have it static. Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/958cb49dca1bff4254a3492c018efbf3b01918b4.1723323107.git.christophe.jaillet@wanadoo.fr Signed-off-by: Greg Kroah-Hartman commit 3779d89370aa0b3b356fd0fb485a1702bc4fe02c Author: Frank Li Date: Wed Aug 7 10:52:08 2024 -0400 arm64: dts: imx8mp-venice-gw74xx-imx219: remove compatible in overlay file Remove compatible string in overlay file to fix below warning: gw,imx8mp-gw74xx' is not one of ['fsl,ls1043a-rdb', 'fsl,ls1043a-qds'] Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit ad46d513b0ed46b34e7d690d6b9d2706b366b533 Author: Frank Li Date: Wed Aug 7 10:52:07 2024 -0400 arm64: dts: imx8mp-data-modul-edm-sbc: remove #clock-cells for sai3 Remove #clock-cells for sai3 because sai3 is not clock controller to fix below warning: /arch/arm64/boot/dts/freescale/imx8mp-data-modul-edm-sbc.dtb: sai@30c30000: Unevaluated properties are not allowed ('#clock-cells' was unexpected) Signed-off-by: Frank Li Reviewed-by: Marek Vasut Signed-off-by: Shawn Guo commit c59339ec2661505755fe264e5826da194d58fc3b Author: Frank Li Date: Wed Aug 7 10:52:06 2024 -0400 arm64: dts: imx8mm-venice-gw7901: add #address(size)-cells for gsc@20 Add #address-cells and #size-cells for gsc@20 to fix below warning: arch/arm64/boot/dts/freescale/imx8mm-venice-gw7901.dtb: gsc@20: '#address-cells' is a required propert Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 997fde9d422b88534bb89bd027ec5d35d8dec385 Author: Frank Li Date: Wed Aug 7 10:52:05 2024 -0400 arm64: dts: fsl-ls208xa: move reboot node under syscon Move reboot node under syscon and change compatible string to fsl,ls1028a-rstcr because it is exactly same as ls1028a. Fix below warning: arch/arm64/boot/dts/freescale/fsl-ls2088a-qds.dtb: /syscon@1e60000: failed to match any schema with compatible: ['fsl,ls2080a-rstcr', 'syscon'] Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit f15a8b38af2b832bd27f07c956107757f0b43332 Author: Frank Li Date: Wed Aug 7 10:52:04 2024 -0400 arm64: dts: fsl-ls1028a: remove undocumented 'little-endian' for dspi node According to binding doc http://devicetree.org/schemas/spi/fsl,dspi.yaml and driver drivers/spi/spi-fsl-dspi.c, default is little-endian, should use big-endian for big-endian system. Remove 'little-endian' to fix below warning: arch/arm64/boot/dts/freescale/fsl-ls1028a-qds-85bb.dtb: spi@2100000: Unevaluated properties are not allowed ('little-endian' was unexpected) Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 88177cd4537faf927fe994db99b62d75f73cb1fe Author: Zhang Zekun Date: Fri Aug 9 16:27:11 2024 +0800 usb: common: Use helper function for_each_node_with_property() for_each_node_with_property() can iterate through the device_node with a given property name, and we don't need to find the device_node in the while loop. Since of_device_is_available() will return false if the "controller" is NULL and break the while loop, there is no functional change with such conversion. Signed-off-by: Zhang Zekun Link: https://lore.kernel.org/r/20240809082711.99085-1-zhangzekun11@huawei.com Signed-off-by: Greg Kroah-Hartman commit 5cffefa1c1ede3e90a9b09f964bfd5c5e82a1041 Author: Valentina Fernandez Date: Tue Aug 6 14:14:07 2024 +0100 usb: musb: poll ID pin status in dual-role mode in mpfs glue layer Similar to other platforms using the MUSB driver, PolarFire SoC lacks an ID pin interrupt event, preventing several OTG-critical status change events from being exposed. We need to rely on polling to detect USB attach events for the dual-role port. The otg state machine implementation is based on Texas Instruments DA8xx/OMAP-L1x glue layer. This has been tested on BeagleV-Fire with couple of devices in host mode and with the Ethernet gadget driver in peripheral mode, in a wide variety of plug orders. Signed-off-by: Valentina Fernandez Link: https://lore.kernel.org/r/20240806131407.1542306-1-valentina.fernandezalanis@microchip.com Signed-off-by: Greg Kroah-Hartman commit 8952e50e16e383ff7fce873ac7676e0d68a3552b Author: Chris Wulff Date: Sat Aug 3 20:19:24 2024 -0400 usb: gadget: f_uac2: Expose all string descriptors through configfs. This makes all string descriptors configurable for the UAC2 gadget so the user can configure names of terminals and controls. Alt mode names are not included for now and will be in future work related to adding alternate settings. discussion thread for api changes for alt mode settings: https://lore.kernel.org/linux-usb/35be4668-58d3-894a-72cf-de1afaacae45@ivitera.com/T/ Signed-off-by: Chris Wulff Link: https://lore.kernel.org/r/20240804001923.3279431-2-crwulff@gmail.com Signed-off-by: Greg Kroah-Hartman commit 2919d888794ec25ae0af79c7ed7f5d48fe4d698f Author: Xu Yang Date: Fri Jul 26 19:32:06 2024 +0800 usb: phy: mxs: enable weak 1p1 regulator for imx6ul during suspend 1p1 is off when the system enters suspend at i.MX6UL. It cause the PHY get wrong USB DP/DM value, then unexpected wakeup may occur if USB wakeup enabled. This will enable weak 1p1 during PHY suspend if vbus exist. So USB DP/DM is correct when system suspend. Signed-off-by: Xu Yang Link: https://lore.kernel.org/r/20240726113207.3393247-5-xu.yang_2@nxp.com Signed-off-by: Greg Kroah-Hartman commit c99b27ef83f4bfd8c191ce914ab605c7e3cc077b Author: Xu Yang Date: Fri Jul 26 19:32:05 2024 +0800 usb: phy: mxs: add wakeup enable for imx7ulp This wakeup setting can enable USB wakeup function even the controller's power is lost, and both A7 and M4 are in VLLS mode. Signed-off-by: Xu Yang Reviewed-by: Peter Chen Link: https://lore.kernel.org/r/20240726113207.3393247-4-xu.yang_2@nxp.com Signed-off-by: Greg Kroah-Hartman commit 82c7a8166ccc5762e4b8f786c3ac90c379465d3e Author: Xu Yang Date: Fri Jul 26 19:32:03 2024 +0800 usb: phy: mxs: keep USBPHY2's clk always on IP require keep USBPHY2's clk always on, so USBPHY2 (PLL7) power can be controlled by suspend signal. USB remote wakeup needs resume signal be sent out as soon as possible to match USB requirements. Signed-off-by: Xu Yang Reviewed-by: Peter Chen Link: https://lore.kernel.org/r/20240726113207.3393247-2-xu.yang_2@nxp.com Signed-off-by: Greg Kroah-Hartman commit 966d73152078d62f526f0aa6942d9226bdc8c764 Author: Xu Yang Date: Fri Jul 26 19:32:02 2024 +0800 usb: phy: mxs: enable regulator phy-3p0 to improve signal qualilty Enable regulator 'phy-3p0' to pass eye diagram test since it improve signal qualilty. Signed-off-by: Xu Yang Reviewed-by: Peter Chen Link: https://lore.kernel.org/r/20240726113207.3393247-1-xu.yang_2@nxp.com Signed-off-by: Greg Kroah-Hartman commit c6a6c7d0c07a84cea80310fde8030e30fa8bb754 Author: André Draszik Date: Tue Aug 6 17:25:24 2024 +0100 usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling tcpci_maxim currently never triggers the TCPM state machine when CC status has not changed due to a contaminant but due to a real connection event, i.e. a genuine plug event, meaning the system will stay idle and not notify any subscribers. The reason is that the initial state of the port is 'toggling', which causes _max_tcpci_irq() to only drive the contamination part of the TCPM state machine (via tcpm_port_clean()). What should happen instead is that if no contamination was detected, the TCPM should be notified of the CC change in this case. To fix this, we update ...is_contaminant() to also allow its caller to determine if more CC processing is required and then call into the TCPM as required. While at it, add a kernel-doc for max_contaminant_is_contaminant(). Note: the code has an issue where I2C errors during contaminant detection also cause the TCPM state machine to not be updated. This commit doesn't change this behaviour and should be addressed by follow-up commit(s). Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240806-max33359-toggling-v2-1-a66ab37baafb@linaro.org Signed-off-by: Greg Kroah-Hartman commit c771a5ef48a2a974cd1b661a7f7fd4de53e3e787 Author: João Paulo Gonçalves Date: Wed Aug 7 10:54:20 2024 -0300 arm64: dts: imx8mp-verdin: add HDMI audio support Add native HDMI audio to Verdin iMX8MP and all its carriers boards. Signed-off-by: João Paulo Gonçalves Reviewed-by: Fabio Estevam Signed-off-by: Shawn Guo commit b8cdc47adf059f60a39555eeba1db92c503a5061 Author: Nirmoy Das Date: Sat Aug 10 00:03:47 2024 +0200 drm/xe/migrate: Parameterize ccs and bo data clear in xe_migrate_clear() Parameterize clearing ccs and bo data in xe_migrate_clear() which higher layers can utilize. This patch will be used later on when doing bo data clear for igfx as well. v2: Replace multiple params with flags in xe_migrate_clear (Matt B) v3: s/CLEAR_BO_DATA_FLAG_*/XE_MIGRATE_CLEAR_FLAG_* and move to xe_migrate.h. other nits(Matt B) Cc: Himal Prasad Ghimiray Cc: Matthew Auld Cc: Matthew Brost Cc: Thomas Hellström Signed-off-by: Akshata Jahagirdar Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240809220347.25330-1-nirmoy.das@intel.com Signed-off-by: Nirmoy Das commit db639278e6217173c21bf8bd52eff2e9a0d6919e Author: Jani Nikula Date: Mon Aug 12 13:34:15 2024 +0300 drm/i915: use pdev_to_i915() instead of pci_get_drvdata() directly We have a helper for converting pci device to i915 device, use it. v2: Also convert i915_pci_probe() (Gustavo) Reviewed-by: Gustavo Sousa Reviewed-by: Andi Shyti Link: https://patchwork.freedesktop.org/patch/msgid/20240812103415.1540096-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit 2bbf1aedd6650227115edbe2ddd9446b1e8cdc3b Merge: 0a3e6939d4b33d 930df0990d0624 Author: Paolo Abeni Date: Tue Aug 13 09:48:03 2024 +0200 Merge branch 'stmmac-add-loongson-platform-support' Yanteng Si says: ==================== stmmac: Add Loongson platform support v17: * As Serge's comments: Add return 0 for _dt_config(). Get back the conditional MSI-clear method execution. v16: * As Serge's comments: Move the of_node_put(plat->mdio_node) call to the DT-config/clear methods. Drop 'else if'. * Modify the commit message of 7/14. (LS2K CPU -> LS2K SOC) V15: * Drop return that will not be executed. * Move pdev from patch 12 to patch 13 to pass W=1 builds. RFC v15: * As Serge's comments: Extend the commit message.(patch 7 and patch 11) Add fixes tag for patch 8. Add loongson_dwmac_dt_clear() patch. Modify loongson_dwmac_msi_config(). ... * Pick Huacai's Acked-by tag. * Pick Serge's Reviewed-by tag. * I have already contacted the author(ZhangQing) of the module, so I copied her valid email: diasyzhang@tencent.com. Note: I replied to the comments on v14 last Sunday, but all of Loongson's email servers failed to deliver. The network administrator told me today that he has fixed the problem and re-delivered all the failed emails, but I did not see them on the mailing list. I hope they will not suddenly appear in everyone's mailbox one day. I apologize for this. (The email content mainly agrees with Serge's suggestion.) v14: Because Loongson GMAC can be also found with the 8-channels AV feature enabled, we'll need to reconsider the patches logic and thus the commit logs too. As Serge's comments and Russell's comments: [PATCH net-next v14 01/15] net: stmmac: Move the atds flag to the stmmac_dma_cfg structure [PATCH net-next v14 02/15] net: stmmac: Add multi-channel support [PATCH net-next v14 03/15] net: stmmac: Export dwmac1000_dma_ops [PATCH net-next v14 04/15] net: stmmac: dwmac-loongson: Drop duplicated hash-based filter size init [PATCH net-next v14 05/15] net: stmmac: dwmac-loongson: Drop pci_enable/disable_msi calls [PATCH net-next v14 06/15] net: stmmac: dwmac-loongson: Use PCI_DEVICE_DATA() macro for device identification [PATCH net-next v14 07/15] net: stmmac: dwmac-loongson: Detach GMAC-specific platform data init +-> Init the plat_stmmacenet_data::{tx_queues_to_use,rx_queues_to_use} in the loongson_gmac_data() method. [PATCH net-next v14 08/15] net: stmmac: dwmac-loongson: Init ref and PTP clocks rate [PATCH net-next v14 09/15] net: stmmac: dwmac-loongson: Add phy_interface for Loongson GMAC [PATCH net-next v14 10/15] net: stmmac: dwmac-loongson: Introduce PCI device info data +-> Make sure the setup() method is called after the pci_enable_device() invocation. [PATCH net-next v14 11/15] net: stmmac: dwmac-loongson: Add DT-less GMAC PCI-device support +-> Introduce the loongson_dwmac_dt_config() method here instead of doing that in a separate patch. +-> Add loongson_dwmac_acpi_config() which would just get the IRQ from the pdev->irq field and make sure it is valid. [PATCH net-next v14 12/15] net: stmmac: Fixed failure to set network speed to 1000. +-> Drop the patch as Russell's comments, At the same time, he provided another better repair suggestion, and I decided to send it separately after the patch set was merged. See: [PATCH net-next v14 13/15] net: stmmac: dwmac-loongson: Add Loongson Multi-channels GMAC support +-> This is former "net: stmmac: dwmac-loongson: Add Loongson GNET support" patch, but which adds the support of the Loongson GMAC with the 8-channels AV-feature available. +-> loongson_dwmac_intx_config() shall be dropped due to the loongson_dwmac_acpi_config() method added in the PATCH 11/15. +-> Make sure loongson_data::loongson_id is initialized before the stmmac_pci_info::setup() is called. +-> Move the rx_queues_to_use/tx_queues_to_use and coe_unsupported fields initialization to the loongson_gmac_data() method. +-> As before, call the loongson_dwmac_msi_config() method if the multi-channels Loongson MAC has been detected. +-> Move everything GNET-specific to the next patch. [PATCH net-next v14 14/15] net: stmmac: dwmac-loongson: Add Loongson GNET support +-> Everything Loonsgson GNET-specific is supposed to be added in the framework of this patch: + PCI_DEVICE_ID_LOONGSON_GNET macro + loongson_gnet_fix_speed() method + loongson_gnet_data() method + loongson_gnet_pci_info data + The GNET-specific part of the loongson_dwmac_setup() method. + ... [PATCH net-next v14 15/15] net: stmmac: dwmac-loongson: Add loongson module author Other's: Pick Serge's Reviewed-by tag. v13: * Sorry, we have clarified some things in the past 10 days. I did not give you a clear reply to the following questions in v12, so I need to reply again: 1. The current LS2K2000 also have a GMAC(and two GNET) that supports 8 channels, so we have to reconsider the initialization of tx/rx_queues_to_use into probe(); 2. In v12, we disagreed on the loongson_dwmac_msi_config method, but I changed it based on Serge's comments(If I understand correctly): if (dev_of_node(&pdev->dev)) { ret = loongson_dwmac_dt_config(pdev, plat, &res); } if (ld->loongson_id == DWMAC_CORE_LS2K2000) { ret = loongson_dwmac_msi_config(pdev, plat, &res); } else { ret = loongson_dwmac_intx_config(pdev, plat, &res); } 3. Our priv->dma_cap.pcs is false, so let's use PHY_INTERFACE_MODE_NA; 4. Our GMAC does not support Delay, so let's use PHY_INTERFACE_MODE_RGMII_ID, the current dts is wrong, a fix patch will be sent to the LoongArch list later. Others: * Re-split a part of the patch (it seems we do this with every version); * Copied Serge's comments into the commit message of patch; * Fixed the stmmac_dma_operation_mode() method; * Changed some code comments. v12: * The biggest change is the re-splitting of patches. * Add a "gmac_version" in loongson_data, then we only read it once in the _probe(). * Drop Serge's patch. * Rebase to the latest code state. * Fixed the gnet commit message. v11: * Break loongson_phylink_get_caps(), fix bad logic. * Remove a unnecessary ";". * Remove some unnecessary "{}". * add a blank. * Move the code of fix _force_1000 to patch 6/6. The main changes occur in these two functions: loongson_dwmac_probe(); loongson_dwmac_setup(); v10: As Andrew's comment: * Add a #define for the 0x37. * Add a #define for Port Select. others: * Pick Serge's patch, This patch resulted from the process of reviewing our patch set. * Based on Serge's patch, modify our loongson_phylink_get_caps(). * Drop patch 3/6, we need mac_interface. * Adjusted the code layout of gnet patch. * Corrected several errata in commit message. * Move DISABLE_FORCE flag to loongson_gnet_data(). v9: We have not provided a detailed list of equipment for a long time, and I apologize for this. During this period, I have collected some information and now present it to you, hoping to alleviate the pressure of review. 1. IP core We now have two types of IP cores, one is 0x37, similar to dwmac1000; The other is 0x10. Compared to 0x37, we split several DMA registers from one to two, and it is not worth adding a new entry for this. According to Serge's comment, we made these devices work by overwriting priv->synopsys_id = 0x37 and mac->dma = . 1.1. Some more detailed information The number of DMA channels for 0x37 is 1; The number of DMA channels for 0x10 is 8. Except for channel 0, otherchannels do not support sending hardware checksums. Supported AV features are Qav, Qat, and Qas, and the rest are consistent with 3.73. 2. DEVICE We have two types of devices, one is GMAC, which only has a MAC chip inside and needs an external PHY chip; the other is GNET, which integrates both MAC and PHY chips inside. 2.1. Some more detailed information GMAC device: LS7A1000, LS2K1000, these devices do not support any pause mode. gnet device: LS7A2000, LS2K2000, the chip connection between the mac and phy of these devices is not normal and requires two rounds of negotiation; LS7A2000 does not support half-duplex and multi-channel; to enable multi-channel on LS2K2000, you need to turn off hardware checksum. **Note**: Only the LS2K2000's IP core is 0x10, while the IP cores of other devices are 0x37. 3. TABLE device type pci_id ip_core ls7a1000 gmac 7a03 0x35/0x37 ls2k1000 gmac 7a03 0x35/0x37 ls7a2000 gnet 7a13 0x37 ls2k2000 gnet 7a13 0x10 ----------------------------------------------- Changes: * passed the CI * reverse xmas tree order. * Silence build warning. * Re-split the patch. * Add more detailed commit message. * Add more code comment. * Reduce modification of generic code. * using the GNET-specific prefix. * define a new macro for the GNET MAC. * Use an easier way to overwrite mac. * Removed some useless printk. v8: * The biggest change is according to Serge's comment in the previous edition: Seeing the patch in the current state would overcomplicate the generic code and the only functions you need to update are dwmac_dma_interrupt() dwmac1000_dma_init_channel() you can have these methods re-defined with all the Loongson GNET specifics in the low-level platform driver (dwmac-loongson.c). After that you can just override the mac_device_info.dma pointer with a fixed stmmac_dma_ops descriptor. Here is what should be done for that: 1. Keep the Patch 4/9 with my comments fixed. First it will be partly useful for your GNET device. Second in general it's a correct implementation of the normal DW GMAC v3.x multi-channels feature and will be useful for the DW GMACs with that feature enabled. 2. Create the Loongson GNET-specific stmmac_dma_ops.dma_interrupt() stmmac_dma_ops.init_chan() methods in the dwmac-loongson.c driver. Don't forget to move all the Loongson-specific macros from dwmac_dma.h to dwmac-loongson.c. 3. Create a Loongson GNET-specific platform setup method with the next semantics: + allocate stmmac_dma_ops instance and initialize it with dwmac1000_dma_ops. + override the stmmac_dma_ops.{dma_interrupt, init_chan} with the pointers to the methods defined in 2. + allocate mac_device_info instance and initialize the mac_device_info.dma field with a pointer to the new stmmac_dma_ops instance. + call dwmac1000_setup() or initialize mac_device_info in a way it's done in dwmac1000_setup() (the later might be better so you wouldn't need to export the dwmac1000_setup() function). + override stmmac_priv.synopsys_id with a correct value. 4. Initialize plat_stmmacenet_data.setup() with the pointer to the method created in 3. * Others: Re-split the patch. Passed checkpatch.pl test. v7: * Refer to andrew's suggestion: - Add DMA_INTR_ENA_NIE_RX and DMA_INTR_ENA_NIE_TX #define's, etc. * Others: - Using --subject-prefix="PATCH net-next vN" to indicate that the patches are for the networking tree. - Rebase to the latest networking tree: v6: * Refer to Serge's suggestion: - Add new platform feature flag: include/linux/stmmac.h: +#define STMMAC_FLAG_HAS_LGMAC BIT(13) - Add the IRQs macros specific to the Loongson Multi-channels GMAC: drivers/net/ethernet/stmicro/stmmac/dwmac_dma.h: +#define DMA_INTR_ENA_NIE_LOONGSON 0x00060000 /* ...*/ #define DMA_INTR_ENA_NIE 0x00010000 /* Normal Summary */ ... - Drop all of redundant changes that don't require the prototypes being converted to accepting the stmmac_priv pointer. * Refer to andrew's suggestion: - Drop white space changes. - break patch up into lots of smaller parts. Some small patches have been put into another series as a preparation see *note* : This series of patches relies on the three small patches above. * others - Drop irq_flags changes. - Changed patch order. v4 -> v5: * Remove an ugly and useless patch (fix channel number). * Remove the non-standard dma64 driver code, and also remove the HWIF entries, since the associated custom callbacks no longer exist. * Refer to Serge's suggestion: Update the dwmac1000_dma.c to support the multi-DMA-channels controller setup. See: v4: v3: v2: v1: ==================== Link: https://patch.msgid.link/cover.1723014611.git.siyanteng@loongson.cn Signed-off-by: Paolo Abeni commit 930df0990d06244c3baf43f295e3f3abbc075036 Author: Yanteng Si Date: Wed Aug 7 21:48:56 2024 +0800 net: stmmac: dwmac-loongson: Add loongson module author Add Yanteng Si as MODULE_AUTHOR of Loongson DWMAC PCI driver. Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Acked-by: Huacai Chen Reviewed-by: Serge Semin Signed-off-by: Yanteng Si Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit 56dbe2c290bc580ac0774e163133c2ed84ecb8f0 Author: Yanteng Si Date: Wed Aug 7 21:48:55 2024 +0800 net: stmmac: dwmac-loongson: Add Loongson GNET support The new generation Loongson LS2K2000 SoC and LS7A2000 chipset are equipped with the network controllers called Loongson GNET. It's the single and multi DMA-channels Loongson GMAC but with a PHY attached. Here is the summary of the DW GMAC features the controller has: DW GMAC IP-core: v3.73a Speeds: 10/100/1000Mbps Duplex: Full (both versions), Half (LS2K2000 GNET only) DMA-descriptors type: enhanced L3/L4 filters availability: Y VLAN hash table filter: Y PHY-interface: GMII (PHY is integrated into the chips) Remote Wake-up support: Y Mac Management Counters (MMC): Y Number of additional MAC addresses: 5 MAC Hash-based filter: Y Hash Table Size: 256 AV feature: Y (LS2K2000 GNET only) DMA channels: 8 (LS2K2000 GNET), 1 (LS7A2000 GNET) Let's update the Loongson DWMAC driver to supporting the new Loongson GNET controller. The change is mainly trivial: the driver shall be bound to the PCIe device with DID 0x7a13, and the device-specific setup() method shall be called for it. The only peculiarity concerns the integrated PHY speed change procedure. The PHY has a weird problem with switching from the low speeds to 1000Mbps mode. The speedup procedure requires the PHY-link re-negotiation. So the suggested change provide the device-specific fix_mac_speed() method to overcome the problem. Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Acked-by: Huacai Chen Reviewed-by: Serge Semin Signed-off-by: Yanteng Si Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit 803fc61df261dee7dc71fb4f7000c0569e2afff6 Author: Yanteng Si Date: Wed Aug 7 21:48:54 2024 +0800 net: stmmac: dwmac-loongson: Add Loongson Multi-channels GMAC support The Loongson DWMAC driver currently supports the Loongson GMAC devices (based on the DW GMAC v3.50a/v3.73a IP-core) installed to the LS2K1000 SoC and LS7A1000 chipset. But recently a new generation LS2K2000 SoC was released with the new version of the Loongson GMAC synthesized in. The new controller is based on the DW GMAC v3.73a IP-core with the AV-feature enabled, which implies the multi DMA-channels support. The multi DMA-channels feature has the next vendor-specific peculiarities: 1. Split up Tx and Rx DMA IRQ status/mask bits: Name Tx Rx DMA_INTR_ENA_NIE = 0x00040000 | 0x00020000; DMA_INTR_ENA_AIE = 0x00010000 | 0x00008000; DMA_STATUS_NIS = 0x00040000 | 0x00020000; DMA_STATUS_AIS = 0x00010000 | 0x00008000; DMA_STATUS_FBI = 0x00002000 | 0x00001000; 2. Custom Synopsys ID hardwired into the GMAC_VERSION.SNPSVER register field. It's 0x10 while it should have been 0x37 in accordance with the actual DW GMAC IP-core version. 3. There are eight DMA-channels available meanwhile the Synopsys DW GMAC IP-core supports up to three DMA-channels. 4. It's possible to have each DMA-channel IRQ independently delivered. The MSI IRQs must be utilized for that. Thus in order to have the multi-channels Loongson GMAC controllers supported let's modify the Loongson DWMAC driver in accordance with all the peculiarities described above: 1. Create the multi-channels Loongson GMAC-specific stmmac_dma_ops::dma_interrupt() stmmac_dma_ops::init_chan() callbacks due to the non-standard DMA IRQ CSR flags layout. 2. Create the Loongson DWMAC-specific platform setup() method which gets to initialize the DMA-ops with the dwmac1000_dma_ops instance and overrides the callbacks described in 1. The method also overrides the custom Synopsys ID with the real one in order to have the rest of the HW-specific callbacks correctly detected by the driver core. 3. Make sure the platform setup() method enables the flow control and duplex modes supported by the controller. Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Acked-by: Huacai Chen Signed-off-by: Yanteng Si Reviewed-by: Serge Semin Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit 126f4f96c41d2efe9ea1b949ff3e6d997010991e Author: Yanteng Si Date: Wed Aug 7 21:48:05 2024 +0800 net: stmmac: dwmac-loongson: Add DT-less GMAC PCI-device support The Loongson GMAC driver currently supports the network controllers installed on the LS2K1000 SoC and LS7A1000 chipset, for which the GMAC devices are required to be defined in the platform device tree source. But Loongson machines may have UEFI (implies ACPI) or PMON/UBOOT (implies FDT) as the system bootloaders. In order to have both system configurations support let's extend the driver functionality with the case of having the Loongson GMAC probed on the PCI bus with no device tree node defined for it. That requires to make the device DT-node optional, to rely on the IRQ line detected by the PCI core and to have the MDIO bus ID calculated using the PCIe Domain+BDF numbers. In order to have the device probe() and remove() methods less complicated let's move the DT- and ACPI-specific code to the respective sub-functions. Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Acked-by: Huacai Chen Signed-off-by: Yanteng Si Reviewed-by: Serge Semin Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit 0ec04d32b5e7f03f1a18713a4958a056240763c8 Author: Yanteng Si Date: Wed Aug 7 21:48:04 2024 +0800 net: stmmac: dwmac-loongson: Introduce PCI device info data The Loongson GNET device support is about to be added in one of the next commits. As another preparation for that introduce the PCI device info data with a setup() callback performing the device-specific platform data initializations. Currently it is utilized for the already supported Loongson GMAC device only. Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Reviewed-by: Serge Semin Acked-by: Huacai Chen Signed-off-by: Yanteng Si Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit 849dc7341d1f48dacdeadb86eb09f6d7777b1e5e Author: Yanteng Si Date: Wed Aug 7 21:48:03 2024 +0800 net: stmmac: dwmac-loongson: Add phy_interface for Loongson GMAC PHY-interface of the Loongson GMAC device is RGMII with no internal delays added to the data lines signal. So to comply with that let's pre-initialize the platform-data field with the respective enum constant. Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Reviewed-by: Serge Semin Acked-by: Huacai Chen Signed-off-by: Yanteng Si Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit c70f3163681381c15686bdd2fe56bf4af9b8aaaa Author: Yanteng Si Date: Wed Aug 7 21:48:02 2024 +0800 net: stmmac: dwmac-loongson: Init ref and PTP clocks rate Reference and PTP clocks rate of the Loongson GMAC devices is 125MHz. (So is in the GNET devices which support is about to be added.) Set the respective plat_stmmacenet_data field up in accordance with that so to have the coalesce command and timestamping work correctly. Fixes: 30bba69d7db4 ("stmmac: pci: Add dwmac support for Loongson") Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Reviewed-by: Serge Semin Acked-by: Huacai Chen Signed-off-by: Yanteng Si Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit 79afc70002c20753aaed41a5083cf936148832b1 Author: Yanteng Si Date: Wed Aug 7 21:47:10 2024 +0800 net: stmmac: dwmac-loongson: Detach GMAC-specific platform data init Loongson delivers two types of the network devices: Loongson GMAC and Loongson GNET in the framework of four SOC/Chipsets revisions: Chip Network PCI Dev ID Synopys Version DMA-channel LS2K1000 SOC GMAC 0x7a03 v3.50a/v3.73a 1 LS7A1000 Chipset GMAC 0x7a03 v3.50a/v3.73a 1 LS2K2000 SOC GMAC 0x7a03 v3.73a 8 LS2K2000 SOC GNET 0x7a13 v3.73a 8 LS7A2000 Chipset GNET 0x7a13 v3.73a 1 The driver currently supports the chips with the Loongson GMAC network device synthesized with a single DMA-channel available. As a preparation before adding the Loongson GNET support detach the Loongson GMAC-specific platform data initializations to the loongson_gmac_data() method and preserve the common settings in the loongson_default_data(). While at it drop the return value statement from the loongson_default_data() method as redundant. Note there is no intermediate vendor-specific PCS in between the MAC and PHY on Loongson GMAC and GNET. So the plat->mac_interface field can be freely initialized with the PHY_INTERFACE_MODE_NA value. Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Reviewed-by: Serge Semin Acked-by: Huacai Chen Signed-off-by: Yanteng Si Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit 324d96b46520f1476f25deaad0e49d8df71377c1 Author: Yanteng Si Date: Wed Aug 7 21:47:09 2024 +0800 net: stmmac: dwmac-loongson: Use PCI_DEVICE_DATA() macro for device identification For the readability sake convert the hard-coded Loongson GMAC PCI ID to the respective macro and use the PCI_DEVICE_DATA() macro-function to create the pci_device_id array entry. The later change will be specifically useful in order to assign the device-specific data for the currently supported device and for about to be added Loongson GNET controller. Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Reviewed-by: Serge Semin Acked-by: Huacai Chen Signed-off-by: Yanteng Si Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit 0c979e6b55f99f939bb8158f3d8f8d2072b04e9c Author: Yanteng Si Date: Wed Aug 7 21:47:08 2024 +0800 net: stmmac: dwmac-loongson: Drop pci_enable/disable_msi calls The Loongson GMAC driver currently doesn't utilize the MSI IRQs, but retrieves the IRQs specified in the device DT-node. Let's drop the direct pci_enable_msi()/pci_disable_msi() calls then as redundant Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Reviewed-by: Serge Semin Acked-by: Huacai Chen Signed-off-by: Yanteng Si Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit 393ea68bf154a53a108bde4bd387fa85b3662181 Author: Yanteng Si Date: Wed Aug 7 21:47:07 2024 +0800 net: stmmac: dwmac-loongson: Drop duplicated hash-based filter size init The plat_stmmacenet_data::multicast_filter_bins field is twice initialized in the loongson_default_data() method. Drop the redundant initialization, but for the readability sake keep the filters init statements defined in the same place of the method. Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Reviewed-by: Serge Semin Acked-by: Huacai Chen Signed-off-by: Yanteng Si Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit 005c0f071bc1db6a6972d598a265c0e45bca4038 Author: Yanteng Si Date: Wed Aug 7 21:45:30 2024 +0800 net: stmmac: Export dwmac1000_dma_ops Export the DW GMAC DMA-ops descriptor so one could be available in the low-level platform drivers. It will be utilized to override some callbacks in order to handle the LS2K2000 GNET device specifics. The GNET controller support is being added in one of the following up commits. Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Reviewed-by: Serge Semin Acked-by: Huacai Chen Signed-off-by: Yanteng Si Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit ad72f783de06827a1f20d7df57ca52ee102a6faf Author: Yanteng Si Date: Wed Aug 7 21:45:29 2024 +0800 net: stmmac: Add multi-channel support DW GMAC v3.73 can be equipped with the Audio Video (AV) feature which enables transmission of time-sensitive traffic over bridged local area networks (DWC Ethernet QoS Product). In that case there can be up to two additional DMA-channels available with no Tx COE support (unless there is vendor-specific IP-core alterations). Each channel is implemented as a separate Control and Status register (CSR) for managing the transmit and receive functions, descriptor handling, and interrupt handling. Add the multi-channels DW GMAC controllers support just by making sure the already implemented DMA-configs are performed on the per-channel basis. Note the only currently known instance of the multi-channel DW GMAC IP-core is the LS2K2000 GNET controller, which has been released with the vendor-specific feature extension of having eight DMA-channels. The device support will be added in one of the following up commits. Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Reviewed-by: Serge Semin Acked-by: Huacai Chen Signed-off-by: Yanteng Si Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit 12dbc67c3b0bcd7414b511fd8a42ba4e388705bc Author: Yanteng Si Date: Wed Aug 7 21:45:28 2024 +0800 net: stmmac: Move the atds flag to the stmmac_dma_cfg structure ATDS (Alternate Descriptor Size) is a part of the DMA Bus Mode configs (together with PBL, ALL, EME, etc) of the DW GMAC controllers. Seeing it's not changed at runtime but is activated as long as the IP-core has it supported (at least due to the Type 2 Full Checksum Offload Engine feature), move the respective parameter from the stmmac_dma_ops::init() callback argument to the stmmac_dma_cfg structure, which already have the rest of the DMA-related configs defined. Besides the being added in the next commit DW GMAC multi-channels support will require to add the stmmac_dma_ops::init_chan() callback and have the ATDS flag set/cleared for each channel in there. Having the atds-flag in the stmmac_dma_cfg structure will make the parameter accessible from stmmac_dma_ops::init_chan() callback too. Signed-off-by: Feiyang Chen Signed-off-by: Yinggang Gu Reviewed-by: Serge Semin Acked-by: Huacai Chen Signed-off-by: Yanteng Si Tested-by: Serge Semin Signed-off-by: Paolo Abeni commit 8205d5c7463d50dc32ebcf3417a9926ca2b25826 Author: Gaosheng Cui Date: Tue Aug 13 15:16:40 2024 +0800 ARM: davinci: remove unused davinci_init_ide() declaration The davinci_init_ide() has been removed since commit 2af4fcc0d357 ("ARM: davinci: remove unused board support"), so remove it. Signed-off-by: Gaosheng Cui Link: https://lore.kernel.org/r/20240813071640.1047137-3-cuigaosheng1@huawei.com Signed-off-by: Bartosz Golaszewski commit 8ac942a1fabc2d62e2e0f8574d561875c80ae647 Author: Gaosheng Cui Date: Tue Aug 13 15:16:39 2024 +0800 ARM: davinci: remove unused davinci_cfg_reg_list() declaration The davinci_cfg_reg_list() has been removed since commit dec85a95167a ("ARM: davinci: clean up platform support"), so remove it. Signed-off-by: Gaosheng Cui Link: https://lore.kernel.org/r/20240813071640.1047137-2-cuigaosheng1@huawei.com Signed-off-by: Bartosz Golaszewski commit 6ed087411969bd7fbe77eb68fa79344980351efd Author: Haibo Chen Date: Mon Aug 5 16:14:16 2024 -0400 arm64: dts: imx95: add flexcan[1..5] support Add the flexcan[1..5] nodes for imx95. Reviewed-by: Han Xu Signed-off-by: Haibo Chen Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit abfd53a708ff8f63fb0d67424808c55c3f9ac3de Author: Xu Yang Date: Mon Aug 5 16:14:15 2024 -0400 arm64: dts: imx95: add DDR Perf Monitor node Add DDR Perf Monitor for i.MX95. Signed-off-by: Xu Yang Reviewed-by: Peng Fan Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 1573f6a201be9fb915c5ac7dab60b8fd9724e47e Author: Frank Li Date: Mon Jul 29 14:59:32 2024 -0400 arm64: dts: fsl,ls2085a: remove fsl,ls2085a-pcie fsl,ls2080a-pcie actual is the same as fsl,ls2085a-pcie. Only keep one is enough, so remove "fsl,ls2085a-pcie" to fix below warnings. arch/arm64/boot/dts/freescale/fsl-ls2080a-rdb.dtb: pcie@3400000: compatible: ['fsl,ls2080a-pcie', 'fsl,ls2085a-pcie'] is too long from schema $id: http://devicetree.org/schemas/pci/fsl,layerscape-pcie.yaml# Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit d8a01abb828072867d6a82b99becce597d867771 Author: Frank Li Date: Mon Jul 29 14:59:31 2024 -0400 arm64: dts: layerscape: remove undocumented fsl,ls-pcie-ep Remove undocumented compatible string fsl,ls-pcie-ep to fix below CHECK_DTBS warning. arch/arm64/boot/dts/freescale/fsl-ls1046a-frwy.dtb: pcie_ep@3400000: compatible: ['fsl,ls1046a-pcie-ep', 'fsl,ls-pcie-ep'] is too long from schema $id: http://devicetree.org/schemas/pci/fsl,layerscape-pcie-ep.yaml Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit f79fbf356da32a8458dee709a5c9388e67b2489f Author: Frank Li Date: Mon Jul 29 14:59:30 2024 -0400 arm64: dts: fsl-ls1046a: remove big-endian at memory-controller According to binding doc fsl,ddr.yaml, big-endian is default setting. So remove it to fix below CHECK_DTBS warnings. arch/arm64/boot/dts/freescale/fsl-ls1043a-rdb.dtb: memory-controller@1080000: 'big-endian' does not match any of the regexes: 'pinctrl-[0-9]+' from schema $id: http://devicetree.org/schemas/memory-controllers/fsl/fsl,ddr.yaml Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 7c8ffc5555cb15dbc52b82f96570a426178e802a Author: Frank Li Date: Mon Jul 29 14:59:29 2024 -0400 arm64: dts: layerscape: remove big-endian for mmc nodes According to binding doc fsl,esdhc.yaml, the default endian mode is big-endian. So remove big-endian property to fix below CHECK_DTBS warnings: arm64/boot/dts/freescale/fsl-ls1012a-qds.dtb: mmc@1560000: Unevaluated properties are not allowed ('big-endian' was unexpected) from schema $id: http://devicetree.org/schemas/mmc/fsl,esdhc.yaml Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit c7ad422f0e09f0e2fba6e9b096f7a39ed477481d Author: Frank Li Date: Mon Jul 29 14:59:28 2024 -0400 arm64: dts: layerscape: add msi-cell = <1> for gic its Add msi-cell = <1> for GIC ITS. msi-parent have to be kept because it is checked by U-Boot due to historical reasons to fix up msi-map. Fix below CHECK_DTBS warning: arch/arm64/boot/dts/freescale/fsl-ls1028a-kontron-kbox-a-230-ls.dtb: interrupt-controller@6000000: msi-controller@6020000: '#msi-cells' is a required property from schema $id: http://devicetree.org/schemas/interrupt-controller/arm,gic-v3.yaml Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 8b35a4aceaa111567d5d2385dd10c065ccc96bef Author: Frank Li Date: Mon Jul 29 14:59:27 2024 -0400 arm64: dts: fsl-ls1028a: add fsl,ls1028-reset for syscon Add platform specific compatiable string 'fsl,ls1028-reset' for syscon and move reboot node under reset syscon node to fix below warning. syscon@1e60000: compatible: 'anyOf' conditional failed, one must be fixed: ['syscon'] is too short 'syscon' is not one of ['al,alpine-sysfabric-service', ... Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit e32faab60d690cd4185cb4e2c5abd40e200b6c97 Author: Frank Li Date: Mon Jul 29 14:59:26 2024 -0400 arm64: dts: fsl-ls1043a: change uqe to uqe-bus and remove #address-cells Change node name 'uqe' to 'uqe-bus'. Remove #address-cells and #size-cells for nodes, which have not child node. Fix below CHECK_DTBS warning: arch/arm64/boot/dts/freescale/fsl-ls1043a-rdb.dtb: uqe@2400000: si@700: '#address-cells', '#size-cells' do not match any of the regexes: 'pinctrl-[0-9]+' from schema $id: http://devicetree.org/schemas/soc/fsl/cpm_qe/fsl,qe.yaml# arch/arm64/boot/dts/freescale/fsl-ls1043a-rdb.dtb: uqe@2400000: siram@1000: '#address-cells', '#size-cells' do not match any of the regexes: 'pinctrl-[0-9]+' from schema $id: http://devicetree.org/schemas/soc/fsl/cpm_qe/fsl,qe.yaml# arch/arm64/boot/dts/freescale/fsl-ls1043a-rdb.dtb: uqe@2400000: $nodename:0: 'uqe@2400000' does not match '^([a-z][a-z0-9\\-]+-bus|bus|localbus|soc|axi|ahb|apb)(@.+)?$' from schema $id: http://devicetree.org/schemas/soc/fsl/cpm_qe/fsl,qe.yaml# arch/arm64/boot/dts/freescale/fsl-ls1043a-rdb.dtb: uqe@2400000: Unevaluated properties are not allowed ('#address-cells', '#size-cells', 'qeic@80', 'ucc@2000', 'ucc@2200' were unexpected) from schema $id: http://devicetree.org/schemas/soc/fsl/cpm_qe/fsl,qe.yaml# arch/arm64/boot/dts/freescale/fsl-ls1043a-rdb.dtb: qeic@80: '#address-cells' does not match any of the regexes: 'pinctrl-[0-9]+' from schema $id: http://devicetree.org/schemas/soc/fsl/cpm_qe/fsl,qe-ic.yaml# arch/arm64/boot/dts/freescale/fsl-ls1043a-rdb.dtb: si@700: '#address-cells', '#size-cells' do not match any of the regexes: 'pinctrl-[0-9]+' from schema $id: http://devicetree.org/schemas/soc/fsl/cpm_qe/fsl,qe-si.yaml# arch/arm64/boot/dts/freescale/fsl-ls1043a-rdb.dtb: siram@1000: '#address-cells', '#size-cells' do not match any of the regexes: 'pinctrl-[0-9]+' from schema $id: http://devicetree.org/schemas/soc/fsl/cpm_qe/fsl,qe-siram.yaml# Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 2950f80befa887ae7bde07d1c291a5b04f73c221 Author: Frank Li Date: Mon Jul 29 14:59:25 2024 -0400 arm64: dts: layerscape: use common pcs-handle property pcsphy-handle already deprecated according to binding fsl,fman-dtsec.yaml. Add new common pcs-handle at dts and fix below CHECK_DTBS warning. arch/arm64/boot/dts/freescale/fsl-ls1043a-rdb.dtb: fman@1a00000: ethernet@e0000: 'pcs-handle' is a dependency of 'pcs-handle-names' from schema $id: http://devicetree.org/schemas/net/fsl,fman.yaml# Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit e39f567e1c38c29629962ab327f0ad1a288dcab2 Author: Frank Li Date: Mon Jul 29 14:59:24 2024 -0400 arm64: dts: layerscape: rename rcpm as wakeup-control from power-control Invoke power-domain.yaml if node name as 'power-control'. Rcpm actually are not power domain controller. It just control wakeup capability. So rename it as wakeup-control. Fix below CHECK_DTBS warning. power-controller@1ee2140: '#power-domain-cells' is a required property from schema $id: http://devicetree.org/schemas/power/power-domain.yaml# Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 61a3e037b813e7eb0d9ca161441533f743df20d0 Author: Frank Li Date: Mon Jul 29 14:59:23 2024 -0400 arm64: dts: layerscape: rename aux-bus to bus The node name 'aux-bus' is special word. It invokes dp-aux-bus.yaml binding check. Simple change to 'bus' to fix below warning. aux-bus: '#address-cells', '#size-cells', 'compatible', 'dma-ranges', 'ranges', 'sata@3200000', 'usb@2f00000', 'usb@3000000', 'usb@3100000' do not match any of the regexes: 'pinctrl-[0-9]+' from schema $id: http://devicetree.org/schemas/display/dp-aux-bus.yaml# Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 2d6213bd592b4731b53ece3492f9d1d18e97eb5e Author: Stephen Rothwell Date: Mon Aug 12 10:42:35 2024 +1000 crypto: spacc - Add ifndef around MIN Fixup for "crypto: spacc - Add SPAcc Skcipher support" interacting with commit 1a251f52cfdc ("minmax: make generic MIN() and MAX() macros available everywhere") from Linus' tree. Signed-off-by: Stephen Rothwell Reintroduced MIN macro with ifndef around it. Signed-off-by: Herbert Xu commit d51f75270a60fb0e01aa9d3225a37bdfb6e0837f Author: Marcel Ziswiler Date: Mon Aug 5 14:48:14 2024 -0300 arm64: dts: imx8mp-verdin: drop limit to sdio wi-fi frequency to 100 mhz SDIO frequency was limited to workaround some instabilities, however it turned out that the instability had nothing to do with the speed but was because of an issue with the USDHC IP that was fixed in commit 52e4c32baed2 ("mmc: sdhci-esdhc-imx: only enable DAT[0] and CMD line auto tuning for SDIO device"). Signed-off-by: Marcel Ziswiler Signed-off-by: João Paulo Gonçalves Reviewed-by: Peng Fan Signed-off-by: Shawn Guo commit 331c038a95dc17732de3d13b984e9c9aca57724b Author: Peng Fan Date: Thu Aug 1 16:11:11 2024 +0800 arm64: dts: imx93: add cache info i.MX93 features two Cortex-A55 cores with per core L1 Instruction cache size 32KB, L1 data cache size 32KB, per core L2 cache 64KB, and unified 256KB L3 cache. Add the cache info to remove cacheinfo warnings at boot: "cacheinfo: Unable to detect cache hierarchy for CPU 0" Signed-off-by: Peng Fan Reviewed-by: Stefan Wahren Signed-off-by: Shawn Guo commit 280899d46f70024033980ec88b97222df354b683 Author: Clark Wang Date: Wed Jul 31 08:09:58 2024 +0200 arm64: dts: imx8-ss-dma: enable dma support for lpspi Add DMA configurations for LPSPI nodes on i.MX8QX/QM/DXL. Signed-off-by: Clark Wang Signed-off-by: Alexander Stein Reviewed-by: Peng Fan Signed-off-by: Shawn Guo commit 06980320c8082ca9f2ffc812be13b72d8582b2a6 Author: Shengjiu Wang Date: Mon Jul 29 09:39:59 2024 +0800 arm64: dts: imx93-11x11-evk: Add audio XCVR sound card Add audio XCVR sound card, which supports SPDIF TX & RX only, eARC RX, ARC RX are not supported. Signed-off-by: Shengjiu Wang Signed-off-by: Shawn Guo commit fcfa86b3e02c565339c98108ef34d2ed7c36ff9f Author: Shengjiu Wang Date: Mon Jul 29 09:39:58 2024 +0800 arm64: dts: imx93-11x11-evk: Add PDM microphone sound card support Add PDM micphone sound card support, configure the pinmux. This sound card supports recording sound from PDM microphone and convert the PDM format data to PCM data. Signed-off-by: Shengjiu Wang Signed-off-by: Shawn Guo commit 198aa4706cc7498e099b3379ea0a1ad1fbda9520 Author: Shengjiu Wang Date: Mon Jul 29 09:39:57 2024 +0800 arm64: dts: imx93-11x11-evk: add bt-sco sound card support Add bt-sco sound card, which is used by BT HFP case. It supports wb profile as default Signed-off-by: Shengjiu Wang Signed-off-by: Shawn Guo commit f5639dfb0352645e32fd074bddaabbb80c279d96 Author: Shengjiu Wang Date: Mon Jul 29 09:39:56 2024 +0800 arm64: dts: imx93: Add #sound-dai-cells property Add #sound-dai-cells property for audio cpu dai modules '#sound-dai-cells' is required to properly interpret the list of DAI specified in the 'sound-dai' property, Signed-off-by: Shengjiu Wang Signed-off-by: Shawn Guo commit 38e93270fd735e6993e1bddd84f08fecc9aeb63e Author: Tarang Raval Date: Thu Jul 25 17:55:22 2024 +0530 arm64: dts: imx8mm-emtop-baseboard: Add Ethernet Support Add ethernet support for emtop imx8mm baseboard Signed-off-by: Tarang Raval Signed-off-by: Shawn Guo commit f51d748195773c7780deca815dc787c281d77eb5 Author: Avri Altman Date: Sun Aug 11 17:37:57 2024 +0300 scsi: ufs: Add HCI capabilities sysfs group The standard register map of UFSHCI is comprised of several groups. The first group (starting from offset 0x00), is the host capabilities group. It contains some interesting information that otherwise is not available, e.g. the UFS version of the platform etc. Reviewed-by: Keoseong Park Reviewed-by: Bart Van Assche Reviewed-by: Bean Huo Signed-off-by: Avri Altman Link: https://lore.kernel.org/r/20240811143757.2538212-3-avri.altman@wdc.com Signed-off-by: Martin K. Petersen commit b9d104465a6c2f1bb27ae247bd90b4ab079a1699 Author: Avri Altman Date: Sun Aug 11 17:37:56 2024 +0300 scsi: ufs: Prepare to add HCI capabilities sysfs Prepare so we'll be able to read various other HCI registers. While at it, fix the HCPID & HCMID register names to stand for what they really are. Also replace the pm_runtime_{get/put}_sync() calls in auto_hibern8_show to ufshcd_rpm_{get/put}_sync() as any host controller register reads should. Reviewed-by: Keoseong Park Reviewed-by: Bart Van Assche Reviewed-by: Bean Huo Signed-off-by: Avri Altman Link: https://lore.kernel.org/r/20240811143757.2538212-2-avri.altman@wdc.com Signed-off-by: Martin K. Petersen commit 992f9884626a0e6ab73a98ca4eb166d17675cae6 Merge: f856e57d6138a2 a8ebca904f8e0e Author: Martin K. Petersen Date: Mon Aug 12 22:06:39 2024 -0400 Merge patch series "NCR5380: Bug fixes and other improvements" Finn Thain says: This series begins with some work on the mac_scsi driver to improve compatibility with SCSI2SD v5 devices. Better error handling is needed there because the PDMA hardware does not tolerate the write latency spikes which SD cards can produce. A bug is fixed in the 5380 core driver so that scatter/gather can be enabled in mac_scsi. Several patches at the end of this series improve robustness and correctness in the core driver. This series has been tested on a variety of mac_scsi hosts. A variety of SCSI targets was also tested, including Quantum HDD, Fujitsu HDD, Iomega FDD, Ricoh CD-RW, Matsushita CD-ROM, SCSI2SD and BlueSCSI. Link: https://lore.kernel.org/r/cover.1723001788.git.fthain@linux-m68k.org Signed-off-by: Martin K. Petersen commit a8ebca904f8e0e02afcff961f342734d36b69c69 Author: Finn Thain Date: Wed Aug 7 13:36:28 2024 +1000 scsi: NCR5380: Clean up indentation Tidy up a few indentation annoyances. No functional change. Signed-off-by: Finn Thain Link: https://lore.kernel.org/r/8541ea096fde9f8716b79e4f0707aed916a8c58d.1723001788.git.fthain@linux-m68k.org Signed-off-by: Martin K. Petersen commit c331df3d4a8db8a8d285b31895923cefabe77ecc Author: Finn Thain Date: Wed Aug 7 13:36:28 2024 +1000 scsi: NCR5380: Remove obsolete comment This comment should have been removed in commit e7734ef14ead ("scsi: NCR5380: Remove context check") when the irqs_disabled() conditional was removed. Signed-off-by: Finn Thain Link: https://lore.kernel.org/r/c54aff198b5a60be8ecfd50df0a9a77850730501.1723001788.git.fthain@linux-m68k.org Signed-off-by: Martin K. Petersen commit 8663cadefd15bafee457cb23bb561704383fb1ce Author: Finn Thain Date: Wed Aug 7 13:36:28 2024 +1000 scsi: NCR5380: Remove redundant result calculation from NCR5380_transfer_pio() NCR5380_transfer_pio() returns an ambiguous value which is ignored by callers. Make it void and remove the redundant calculation. Adopt kernel-doc format for the updated description. Tested-by: Stan Johnson Signed-off-by: Finn Thain Link: https://lore.kernel.org/r/c07a52d0d7610b4b9969d6dd4fc9a62458fe15de.1723001788.git.fthain@linux-m68k.org Signed-off-by: Martin K. Petersen commit 476f8c82e2187369be982ef1b3739307d67c10d3 Author: Finn Thain Date: Wed Aug 7 13:36:28 2024 +1000 scsi: NCR5380: Drop redundant member from struct NCR5380_cmd The 'message' member is stored but never loaded so just remove it. Tested-by: Stan Johnson Signed-off-by: Finn Thain Link: https://lore.kernel.org/r/4dc903a95a814d0c9b09656f3651a1bd798fcbbb.1723001788.git.fthain@linux-m68k.org Signed-off-by: Martin K. Petersen commit 086c4802cf99ab7275cd4ec6651f696f2cc61bfa Author: Finn Thain Date: Wed Aug 7 13:36:28 2024 +1000 scsi: NCR5380: Handle BSY signal loss during information transfer phases Improve robustness by checking for a lost BSY signal during the information transfer loop. The status register is being polled anyway, so a BSY check costs nothing. BSY signal loss could be caused by a target error or a kicked plug etc. A bus reset is another possibility but that is already handled and hostdata->connected would be NULL. Tested-by: Stan Johnson Signed-off-by: Finn Thain Link: https://lore.kernel.org/r/d253dddaf4d9bc17b8ee02ea2b731d92f25b16f1.1723001788.git.fthain@linux-m68k.org Signed-off-by: Martin K. Petersen commit 1c71065df2df693d208dd32758171c1dece66341 Author: Finn Thain Date: Wed Aug 7 13:36:28 2024 +1000 scsi: NCR5380: Initialize buffer for MSG IN and STATUS transfers Following an incomplete transfer in MSG IN phase, the driver would not notice the problem and would make use of invalid data. Initialize 'tmp' appropriately and bail out if no message was received. For STATUS phase, preserve the existing status code unless a new value was transferred. Tested-by: Stan Johnson Signed-off-by: Finn Thain Link: https://lore.kernel.org/r/52e02a8812ae1a2d810d7f9f7fd800c3ccc320c4.1723001788.git.fthain@linux-m68k.org Signed-off-by: Martin K. Petersen commit 2ac6d29716cd7a3a013b34fad6ba6e88767e28c9 Author: Finn Thain Date: Wed Aug 7 13:36:28 2024 +1000 scsi: mac_scsi: Enable scatter/gather by default Now that FLAG_DMA_FIXUP has itself been fixed up, it can be used to enable scatter/gather. Increase the default value for sg_tablesize to SG_ALL for those systems which are compatible with FLAG_DMA_FIXUP. Tested-by: Stan Johnson Signed-off-by: Finn Thain Link: https://lore.kernel.org/r/f155ba5ce93055cbc6ac6d4026673f40f826edb8.1723001788.git.fthain@linux-m68k.org Signed-off-by: Martin K. Petersen commit 5768718da9417331803fc4bc090544c2a93b88dc Author: Finn Thain Date: Wed Aug 7 13:36:28 2024 +1000 scsi: NCR5380: Check for phase match during PDMA fixup It's not an error for a target to change the bus phase during a transfer. Unfortunately, the FLAG_DMA_FIXUP workaround does not allow for that -- a phase change produces a DRQ timeout error and the device borken flag will be set. Check the phase match bit during FLAG_DMA_FIXUP processing. Don't forget to decrement the command residual. While we are here, change shost_printk() into scmd_printk() for better consistency with other DMA error messages. Tested-by: Stan Johnson Fixes: 55181be8ced1 ("ncr5380: Replace redundant flags with FLAG_NO_DMA_FIXUP") Signed-off-by: Finn Thain Link: https://lore.kernel.org/r/99dc7d1f4c825621b5b120963a69f6cd3e9ca659.1723001788.git.fthain@linux-m68k.org Signed-off-by: Martin K. Petersen commit 5551bc30e4a69ad86d0d008e2f56cd59b6583476 Author: Finn Thain Date: Wed Aug 7 13:36:28 2024 +1000 scsi: mac_scsi: Disallow bus errors during PDMA send SD cards can produce write latency spikes on the order of a hundred milliseconds. If the target firmware does not hide that latency during DATA IN and OUT phases it can cause the PDMA circuitry to raise a processor bus fault which in turn leads to an unreliable byte count and a DMA overrun. The Last Byte Sent flag is used to detect the overrun but this mechanism is unreliable on some systems. Instead, set a DID_ERROR result whenever there is a bus fault during a PDMA send, unless the cause was a phase mismatch. Cc: stable@vger.kernel.org # 5.15+ Reported-and-tested-by: Stan Johnson Fixes: 7c1f3e3447a1 ("scsi: mac_scsi: Treat Last Byte Sent time-out as failure") Signed-off-by: Finn Thain Link: https://lore.kernel.org/r/cc38df687ace2c4ffc375a683b2502fc476b600d.1723001788.git.fthain@linux-m68k.org Signed-off-by: Martin K. Petersen commit 5545c3165cbc98615fe65a44f41167cbb557e410 Author: Finn Thain Date: Wed Aug 7 13:36:28 2024 +1000 scsi: mac_scsi: Refactor polling loop Before the error handling can be revised, some preparation is needed. Refactor the polling loop with a new function, macscsi_wait_for_drq(). This function will gain more call sites in the next patch. Cc: stable@vger.kernel.org # 5.15+ Tested-by: Stan Johnson Signed-off-by: Finn Thain Link: https://lore.kernel.org/r/6a5ffabb4290c0d138c6d285fda8fa3902e926f0.1723001788.git.fthain@linux-m68k.org Signed-off-by: Martin K. Petersen commit 5ec4f820cb9766e4583df947150a6febce8da794 Author: Finn Thain Date: Wed Aug 7 13:36:28 2024 +1000 scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages After a bus fault, capture and log the chip registers immediately, if the NDEBUG_PSEUDO_DMA macro is defined. Remove some printk(KERN_DEBUG ...) messages that aren't needed any more. Don't skip the debug message when bytes == 0. Show all of the byte counters in the debug messages. Cc: stable@vger.kernel.org # 5.15+ Tested-by: Stan Johnson Signed-off-by: Finn Thain Link: https://lore.kernel.org/r/7573c79f4e488fc00af2b8a191e257ca945e0409.1723001788.git.fthain@linux-m68k.org Signed-off-by: Martin K. Petersen commit de12c3391bce10504c0e7bd767516c74110cfce1 Author: Al Viro Date: Fri May 31 16:34:25 2024 -0400 add struct fd constructors, get rid of __to_fd() Make __fdget() et.al. return struct fd directly. New helpers: BORROWED_FD(file) and CLONED_FD(file), for borrowed and cloned file references resp. NOTE: this might need tuning; in particular, inline on __fget_light() is there to keep the code generation same as before - we probably want to keep it inlined in fdget() et.al. (especially so in fdget_pos()), but that needs profiling. Reviewed-by: Christian Brauner Signed-off-by: Al Viro commit 88a2f6468d013ca1163490dbddfc95135d1c27a1 Author: Al Viro Date: Fri May 31 15:45:12 2024 -0400 struct fd: representation change We want the compiler to see that fdput() on empty instance is a no-op. The emptiness check is that file reference is NULL, while fdput() is "fput() if FDPUT_FPUT is present in flags". The reason why fdput() on empty instance is a no-op is something compiler can't see - it's that we never generate instances with NULL file reference combined with non-zero flags. It's not that hard to deal with - the real primitives behind fdget() et.al. are returning an unsigned long value, unpacked by (inlined) __to_fd() into the current struct file * + int. The lower bits are used to store flags, while the rest encodes the pointer. Linus suggested that keeping this unsigned long around with the extractions done by inlined accessors should generate a sane code and that turns out to be the case. Namely, turning struct fd into a struct-wrapped unsinged long, with fd_empty(f) => unlikely(f.word == 0) fd_file(f) => (struct file *)(f.word & ~3) fdput(f) => if (f.word & 1) fput(fd_file(f)) ends up with compiler doing the right thing. The cost is the patch footprint, of course - we need to switch f.file to fd_file(f) all over the tree, and it's not doable with simple search and replace; there are false positives, etc. Note that the sole member of that structure is an opaque unsigned long - all accesses should be done via wrappers and I don't want to use a name that would invite manual casts to file pointers, etc. The value of that member is equal either to (unsigned long)p | flags, p being an address of some struct file instance, or to 0 for an empty fd. For now the new predicate (fd_empty(f)) has no users; all the existing checks have form (!fd_file(f)). We will convert to fd_empty() use later; here we only define it (and tell the compiler that it's unlikely to return true). This commit only deals with representation change; there will be followups. Reviewed-by: Christian Brauner Signed-off-by: Al Viro commit 1da91ea87aefe2c25b68c9f96947a9271ba6325d Author: Al Viro Date: Fri May 31 14:12:01 2024 -0400 introduce fd_file(), convert all accessors to it. For any changes of struct fd representation we need to turn existing accesses to fields into calls of wrappers. Accesses to struct fd::flags are very few (3 in linux/file.h, 1 in net/socket.c, 3 in fs/overlayfs/file.c and 3 more in explicit initializers). Those can be dealt with in the commit converting to new layout; accesses to struct fd::file are too many for that. This commit converts (almost) all of f.file to fd_file(f). It's not entirely mechanical ('file' is used as a member name more than just in struct fd) and it does not even attempt to distinguish the uses in pointer context from those in boolean context; the latter will be eventually turned into a separate helper (fd_empty()). NOTE: mass conversion to fd_empty(), tempting as it might be, is a bad idea; better do that piecewise in commit that convert from fdget...() to CLASS(...). [conflicts in fs/fhandle.c, kernel/bpf/syscall.c, mm/memcontrol.c caught by git; fs/stat.c one got caught by git grep] [fs/xattr.c conflict] Reviewed-by: Christian Brauner Signed-off-by: Al Viro commit d82a4f5c9528136c365efbba45d3e7182ae004f5 Author: Andrei Stefanescu Date: Wed Jul 24 16:24:15 2024 +0300 arm64: dts: s32g: add the pinctrl node Add the pinctrl node in the device tree in order to enable the S32G2/S32G3 pinctrl driver to probe. Signed-off-by: Andrei Stefanescu Reviewed-by: Matthias Brugger Signed-off-by: Shawn Guo commit f856e57d6138a2dcbe4493c7333f0efdb535c19c Author: Ranjan Kumar Date: Thu Aug 8 18:24:18 2024 +0530 scsi: mpi3mr: Driver version update to 8.10.0.5.50 Update driver version to 8.10.0.5.50. Signed-off-by: Ranjan Kumar Link: https://lore.kernel.org/r/20240808125418.8832-4-ranjan.kumar@broadcom.com Signed-off-by: Martin K. Petersen commit 199510e33dea357e48389241a28b8d43762394e8 Author: Ranjan Kumar Date: Thu Aug 8 18:24:17 2024 +0530 scsi: mpi3mr: Update consumer index of reply queues after every 100 replies Instead of updating the ConsumerIndex of the Admin and Operational ReplyQueues after processing all replies in the queue, the index will now be periodically updated after processing every 100 replies. Co-developed-by: Sathya Prakash Signed-off-by: Sathya Prakash Signed-off-by: Ranjan Kumar Link: https://lore.kernel.org/r/20240808125418.8832-3-ranjan.kumar@broadcom.com Signed-off-by: Martin K. Petersen commit 6dc7050d46713591f4d9e1030b92b964287037ec Author: Ranjan Kumar Date: Thu Aug 8 18:24:16 2024 +0530 scsi: mpi3mr: Return complete ioc_status for ioctl commands The driver masked the loginfo available bit in the iocstatus before passing it to the applications, causing a mismatch in error messages between Linux and other operating systems. Modify driver to return unmasked (complete) iocstatus, including the loginfo available bit, for the MPI commands sent through the ioctl interface. Co-developed-by: Sathya Prakash Signed-off-by: Sathya Prakash Signed-off-by: Ranjan Kumar Link: https://lore.kernel.org/r/20240808125418.8832-2-ranjan.kumar@broadcom.com Signed-off-by: Martin K. Petersen commit b4167d9757c1cf8160a6c65887abae32fb5874f8 Author: Markus Niebel Date: Wed Jul 24 14:58:49 2024 +0200 arm64: dts: freescale: imx93-tqma9352: improve pad configuration - disable PU/PD if already done with external resistors - do not configure Schmitt Trigger for outputs - do not configure DSE / FSEL for inputs Signed-off-by: Markus Niebel Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit 0a3e6939d4b33d68bce89477b9db01d68b744749 Author: Gustavo A. R. Silva Date: Thu Aug 8 16:07:54 2024 -0600 net/smc: Use static_assert() to check struct sizes Commit 9748dbc9f265 ("net/smc: Avoid -Wflex-array-member-not-at-end warnings") introduced tagged `struct smc_clc_v2_extension_fixed` and `struct smc_clc_smcd_v2_extension_fixed`. We want to ensure that when new members need to be added to the flexible structures, they are always included within these tagged structs. So, we use `static_assert()` to ensure that the memory layout for both the flexible structure and the tagged struct is the same after any changes. Signed-off-by: Gustavo A. R. Silva Reviewed-by: Jan Karcher Link: https://patch.msgid.link/ZrVBuiqFHAORpFxE@cute Signed-off-by: Jakub Kicinski commit 46dd90fe51f3556deaf5af47aafcee10536a3978 Author: Gustavo A. R. Silva Date: Thu Aug 8 16:08:35 2024 -0600 nfp: Use static_assert() to check struct sizes Commit d88cabfd9abc ("nfp: Avoid -Wflex-array-member-not-at-end warnings") introduced tagged `struct nfp_dump_tl_hdr`. We want to ensure that when new members need to be added to the flexible structure, they are always included within this tagged struct. So, we use `static_assert()` to ensure that the memory layout for both the flexible structure and the tagged struct is the same after any changes. Signed-off-by: Gustavo A. R. Silva Reviewed-by: Simon Horman Link: https://patch.msgid.link/ZrVB43Hen0H5WQFP@cute Signed-off-by: Jakub Kicinski commit ff30732014f5a54f0f97fb7ae9259da833c468d0 Author: Pedro Falcato Date: Wed Aug 7 10:57:09 2024 +0100 scsi: snic: Avoid creating two slab caches with the same name In the spirit of [1], fix the copy-paste typo and use unique names for both caches. [1]: https://lore.kernel.org/all/20240807090746.2146479-1-pedro.falcato@gmail.com/ Signed-off-by: Pedro Falcato Link: https://lore.kernel.org/r/20240807095709.2200728-1-pedro.falcato@gmail.com Signed-off-by: Martin K. Petersen commit e2d0fadd703c3a3a6ebe318ec82ea64c08d709c2 Author: Gustavo A. R. Silva Date: Fri Aug 9 09:22:12 2024 -0600 sched: act_ct: avoid -Wflex-array-member-not-at-end warning -Wflex-array-member-not-at-end was introduced in GCC-14, and we are getting ready to enable it, globally. Remove unnecessary flex-array member `pad[]` and refactor the related code a bit. Fix the following warning: net/sched/act_ct.c:57:29: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva Link: https://patch.msgid.link/ZrY0JMVsImbDbx6r@cute Signed-off-by: Jakub Kicinski commit e96f6fd30eec4ba6e2ff7f855f24b552c5853b06 Merge: 246ef40670b71f 4b808f44733243 Author: Jakub Kicinski Date: Mon Aug 12 17:50:36 2024 -0700 Merge branch 'net-nexthop-increase-weight-to-u16' Petr Machata says: ==================== net: nexthop: Increase weight to u16 In CLOS networks, as link failures occur at various points in the network, ECMP weights of the involved nodes are adjusted to compensate. With high fan-out of the involved nodes, and overall high number of nodes, a (non-)ECMP weight ratio that we would like to configure does not fit into 8 bits. Instead of, say, 255:254, we might like to configure something like 1000:999. For these deployments, the 8-bit weight may not be enough. To that end, in this patchset increase the next hop weight from u8 to u16. Patch #1 adds a flag that indicates whether the reserved fields are zeroed. This is a follow-up to a new fix merged in commit 6d745cd0e972 ("net: nexthop: Initialize all fields in dumped nexthops"). The theory behind this patch is that there is a strict ordering between the fields actually being zeroed, the kernel declaring that they are, and the kernel repurposing the fields. Thus clients can use the flag to tell if it is safe to interpret the reserved fields in any way. Patch #2 contains the substantial code and the commit message covers the details of the changes. Patches #3 to #6 add selftests. ==================== Link: https://patch.msgid.link/cover.1723036486.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit 4b808f44733243f981ae04046ef93a65ecc631a9 Author: Petr Machata Date: Wed Aug 7 16:13:51 2024 +0200 selftests: fib_nexthops: Test 16-bit next hop weights Add tests that attempt to create NH groups that use full 16 bits of NH weight. Signed-off-by: Petr Machata Reviewed-by: Ido Schimmel Reviewed-by: David Ahern Link: https://patch.msgid.link/101cdd3f2bfd9511c9bec95f909d20ff56f70ba5.1723036486.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit dce0765c1d5bf810bf3cd8e66cf7f6e73d14d7e2 Author: Petr Machata Date: Wed Aug 7 16:13:50 2024 +0200 selftests: router_mpath_nh_res: Test 16-bit next hop weights Add tests that exercise full 16 bits of NH weight. Like in the previous patch, omit the 255:65535 test when KSFT_MACHINE_SLOW. Signed-off-by: Petr Machata Reviewed-by: Ido Schimmel Reviewed-by: David Ahern Link: https://patch.msgid.link/a91d6ead9d1b1b4b7e276ca58a71ef814f42b7dd.1723036486.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit bb89fdacf99ccbec4dfe2d04f76f870f1483d3ea Author: Petr Machata Date: Wed Aug 7 16:13:49 2024 +0200 selftests: router_mpath_nh: Test 16-bit next hop weights Add tests that exercise full 16 bits of NH weight. To test the 255:65535, it is necessary to run more packets than for the other tests. On a debug kernel, the test can take up to a minute, therefore avoid the test when KSFT_MACHINE_SLOW. Signed-off-by: Petr Machata Reviewed-by: Ido Schimmel Reviewed-by: David Ahern Link: https://patch.msgid.link/c0c257c00ad30b07afc3fa5e2afd135925405544.1723036486.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit 110d3ffe9d2b42c04faaf92c3fc627004e3328c6 Author: Petr Machata Date: Wed Aug 7 16:13:48 2024 +0200 selftests: router_mpath: Sleep after MZ In the context of an offloaded datapath, it may take a while for the ip link stats to be updated. This causes the test to fail when MZ_DELAY is too low. Sleep after the packets are sent for the link stats to get up to date. Signed-off-by: Petr Machata Reviewed-by: Ido Schimmel Reviewed-by: David Ahern Link: https://patch.msgid.link/8b1971d948273afd7de2da3d6a2ba35200540e55.1723036486.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit b72a6a7ab9573e06d5c2fcb92eaa28614a735bfd Author: Petr Machata Date: Wed Aug 7 16:13:47 2024 +0200 net: nexthop: Increase weight to u16 In CLOS networks, as link failures occur at various points in the network, ECMP weights of the involved nodes are adjusted to compensate. With high fan-out of the involved nodes, and overall high number of nodes, a (non-)ECMP weight ratio that we would like to configure does not fit into 8 bits. Instead of, say, 255:254, we might like to configure something like 1000:999. For these deployments, the 8-bit weight may not be enough. To that end, in this patch increase the next hop weight from u8 to u16. Increasing the width of an integral type can be tricky, because while the code still compiles, the types may not check out anymore, and numerical errors come up. To prevent this, the conversion was done in two steps. First the type was changed from u8 to a single-member structure, which invalidated all uses of the field. This allowed going through them one by one and audit for type correctness. Then the structure was replaced with a vanilla u16 again. This should ensure that no place was missed. The UAPI for configuring nexthop group members is that an attribute NHA_GROUP carries an array of struct nexthop_grp entries: struct nexthop_grp { __u32 id; /* nexthop id - must exist */ __u8 weight; /* weight of this nexthop */ __u8 resvd1; __u16 resvd2; }; The field resvd1 is currently validated and required to be zero. We can lift this requirement and carry high-order bits of the weight in the reserved field: struct nexthop_grp { __u32 id; /* nexthop id - must exist */ __u8 weight; /* weight of this nexthop */ __u8 weight_high; __u16 resvd2; }; Keeping the fields split this way was chosen in case an existing userspace makes assumptions about the width of the weight field, and to sidestep any endianness issues. The weight field is currently encoded as the weight value minus one, because weight of 0 is invalid. This same trick is impossible for the new weight_high field, because zero must mean actual zero. With this in place: - Old userspace is guaranteed to carry weight_high of 0, therefore configuring 8-bit weights as appropriate. When dumping nexthops with 16-bit weight, it would only show the lower 8 bits. But configuring such nexthops implies existence of userspace aware of the extension in the first place. - New userspace talking to an old kernel will work as long as it only attempts to configure 8-bit weights, where the high-order bits are zero. Old kernel will bounce attempts at configuring >8-bit weights. Renaming reserved fields as they are allocated for some purpose is commonly done in Linux. Whoever touches a reserved field is doing so at their own risk. nexthop_grp::resvd1 in particular is currently used by at least strace, however they carry an own copy of UAPI headers, and the conversion should be trivial. A helper is provided for decoding the weight out of the two fields. Forcing a conversion seems preferable to bending backwards and introducing anonymous unions or whatever. Signed-off-by: Petr Machata Reviewed-by: Ido Schimmel Reviewed-by: David Ahern Reviewed-by: Przemek Kitszel Link: https://patch.msgid.link/483e2fcf4beb0d9135d62e7d27b46fa2685479d4.1723036486.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit 75bab45e6b2da379fe2ebda48ed35f8ce371a2ef Author: Petr Machata Date: Wed Aug 7 16:13:46 2024 +0200 net: nexthop: Add flag to assert that NHGRP reserved fields are zero There are many unpatched kernel versions out there that do not initialize the reserved fields of struct nexthop_grp. The issue with that is that if those fields were to be used for some end (i.e. stop being reserved), old kernels would still keep sending random data through the field, and a new userspace could not rely on the value. In this patch, use the existing NHA_OP_FLAGS, which is currently inbound only, to carry flags back to the userspace. Add a flag to indicate that the reserved fields in struct nexthop_grp are zeroed before dumping. This is reliant on the actual fix from commit 6d745cd0e972 ("net: nexthop: Initialize all fields in dumped nexthops"). Signed-off-by: Petr Machata Reviewed-by: Ido Schimmel Link: https://patch.msgid.link/21037748d4f9d8ff486151f4c09083bcf12d5df8.1723036486.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit 246ef40670b71fef0c3e2cd11404279bc6d6468e Author: Maciej Żenczykowski Date: Mon Jul 29 17:30:10 2024 -0700 ipv6: eliminate ndisc_ops_is_useropt() as it doesn't seem to offer anything of value. There's only 1 trivial user: int lowpan_ndisc_is_useropt(u8 nd_opt_type) { return nd_opt_type == ND_OPT_6CO; } but there's no harm to always treating that as a useropt... Cc: David Ahern Cc: YOSHIFUJI Hideaki / 吉藤英明 Signed-off-by: Maciej Żenczykowski Link: https://patch.msgid.link/20240730003010.156977-1-maze@google.com Signed-off-by: Jakub Kicinski commit d9f6c64e03c2fd5bfe8e03f806b8e56d9cf112e4 Author: Takashi Sakamoto Date: Tue Aug 13 08:52:10 2024 +0900 firewire: core: use xarray instead of idr to maintain client resource In core function, the instances of some client resource structures are maintained by IDR. As of kernel v6.0, IDR has been superseded by XArray and deprecated. This commit replaces the usage of IDR with XArray to maintain the resource instances. The instance of XArray is allocated per client with XA_FLAGS_ALLOC1 so that the index of allocated entry is greater than zero and returns to user space client as handle of the resource. Link: https://lore.kernel.org/r/20240812235210.28458-6-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 6ec9e9260fe405a667e0dfbdf706483d648a8779 Author: Takashi Sakamoto Date: Tue Aug 13 08:52:09 2024 +0900 firewire: core: code refactoring to use idr_for_each_entry() macro instead of idr_for_each() function This commit is a preparation to use xa_for_each() macro. Current implementation uses idr_for_each() function and has a disadvantage to replace with the macro. The IDR framework has idr_for_each_entry() macro for the similar purpose. This commit replace the function with the macro with minor code refactoring. Link: https://lore.kernel.org/r/20240812235210.28458-5-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 58ee62c2907f4a582edc98c811f23011c5607686 Author: Takashi Sakamoto Date: Tue Aug 13 08:52:08 2024 +0900 firewire: core: add helper function to detect data of iso resource structure It depends on the function assigned to release member to identify resource structure. This commit adds a helper function to identify iso_resource structure. Link: https://lore.kernel.org/r/20240812235210.28458-4-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit ced2da31b87fc5389d6babfb755d0fc3355aba56 Author: Takashi Sakamoto Date: Tue Aug 13 08:52:07 2024 +0900 firewire: core: add helper functions to convert to parent resource structure All of local resource structure commonly have data of client_resource type in its first member. This design sometimes requires usage of container_of to retrieve parent structure by the first member. This commit adds some helper functions for this purpose. Link: https://lore.kernel.org/r/20240812235210.28458-3-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 3b443fe087889cf6c9c133638f36da5617431703 Author: Takashi Sakamoto Date: Tue Aug 13 08:52:06 2024 +0900 firewire: core: minor code refactoring to release client resource Current implementation checks and validates the result to find resource entry two times. It is redundant. This commit refactors the redundancy. Link: https://lore.kernel.org/r/20240812235210.28458-2-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 21ff3a16e92e2fa4f906a61d148aca1423c58298 Author: Tejas Upadhyay Date: Mon Aug 12 19:11:17 2024 +0530 drm/xe/xe2hpg: Add Wa_14021821874 Wa_14021821874 applies to xe2_hpg V2(Himal): - Use space after define Cc: Matt Roper Reviewed-by: Himal Prasad Ghimiray Signed-off-by: Tejas Upadhyay Reviewed-by: Matt Roper Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240812134117.813670-1-tejas.upadhyay@intel.com commit 9a4615be653b62cd06f38287b5b7aace18056d02 Merge: fe1f433555d5ba 8be1bd91db71fb Author: Jakub Kicinski Date: Mon Aug 12 15:44:33 2024 -0700 Merge branch 'eth-fbnic-add-basic-stats' Jakub Kicinski says: ==================== eth: fbnic: add basic stats Add basic interface stats to fbnic. v1: https://lore.kernel.org/20240807022631.1664327-1-kuba@kernel.org ==================== Link: https://patch.msgid.link/20240810054322.2766421-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit 8be1bd91db71fb52be17890586f34cf9403ace89 Author: Stanislav Fomichev Date: Fri Aug 9 22:43:22 2024 -0700 eth: fbnic: add support for basic qstats Implement netdev_stat_ops and export the basic per-queue stats. This interface expect users to set the values that are used either to zero or to some other preserved value (they are 0xff by default). So here we export bytes/packets/drops from tx and rx_stats plus set some of the values that are exposed by queue stats to zero. $ cd tools/testing/selftests/drivers/net && ./stats.py [...] Totals: pass:4 fail:0 xfail:0 xpass:0 skip:0 error:0 Reviewed-by: Joe Damato Signed-off-by: Stanislav Fomichev Link: https://patch.msgid.link/20240810054322.2766421-3-kuba@kernel.org Signed-off-by: Jakub Kicinski commit 45d84008ccbe2592206c110bd526c7dc140f7bd8 Author: Jakub Kicinski Date: Fri Aug 9 22:43:21 2024 -0700 eth: fbnic: add basic rtnl stats Count packets, bytes and drop on the datapath, and report to the user. Since queues are completely freed when the device is down - accumulate the stats in the main netdev struct. This means that per-queue stats will only report values since last reset (per qstat recommendation). Reviewed-by: Joe Damato Link: https://patch.msgid.link/20240810054322.2766421-2-kuba@kernel.org Signed-off-by: Jakub Kicinski commit 8dc1bffd6e15da727f7cd07e2d2e7aea728f42ff Author: Stanislav Jakubek Date: Mon Aug 5 08:50:51 2024 +0200 dt-bindings: hwlock: sprd-hwspinlock: convert to YAML Convert the Spreadtrum hardware spinlock bindings to DT schema. Reviewed-by: Conor Dooley Reviewed-by: Baolin Wang Signed-off-by: Stanislav Jakubek Link: https://lore.kernel.org/r/ZrB2S71BsxGAVXfQ@standask-GA-A55M-S2HP Signed-off-by: Bjorn Andersson commit 34f79c11fb2f31ba05f13e42b936b3eae1783d40 Author: Bjorn Andersson Date: Mon Aug 5 20:56:27 2024 -0700 rpmsg: glink: Introduce packet tracepoints Introduce tracepoints to allow tracing the GLINK packets being exchanged with other subsystems. This is useful for debugging both interaction with remote processors and client driver issues, as well as tracking latency through the communication stack. Channel events are traced with both local and remote channel ids, as well as the textual representation when possible. The channel ids are useful when matching traces with traces from the firmware side logs, while the textual representation is necessary to identify channels when we're starting to trace an already running system. Signed-off-by: Bjorn Andersson Reviewed-by: Chris Lew Link: https://lore.kernel.org/r/20240805-glink-tracepoints-v1-3-a5f3293fb09e@quicinc.com Signed-off-by: Bjorn Andersson commit 91adb340d1b8fed6507d0143da1f0d8ccb8aeca4 Author: Bjorn Andersson Date: Mon Aug 5 20:56:26 2024 -0700 rpmsg: glink: Pass channel to qcom_glink_send_close_ack() Align the qcom_glink_send_close_ack() arguments with other functions to take the struct glink_channel, so that the upcoming tracepoint patch can access the channel attributes. Signed-off-by: Bjorn Andersson Reviewed-by: Chris Lew Link: https://lore.kernel.org/r/20240805-glink-tracepoints-v1-2-a5f3293fb09e@quicinc.com Signed-off-by: Bjorn Andersson commit 159c79764f37f081b79d577e71b62f0b1b2b1062 Author: Bjorn Andersson Date: Mon Aug 5 20:56:25 2024 -0700 rpmsg: glink: Tidy up RX advance handling The operation of advancing the FIFO receive pointer is sprinkled between the interrupt handler itself, and functions being called from this. Push all the RX advancement operations to the individual handlers, to unify the style across the handling of the various messages. Signed-off-by: Bjorn Andersson Reviewed-by: Chris Lew Link: https://lore.kernel.org/r/20240805-glink-tracepoints-v1-1-a5f3293fb09e@quicinc.com Signed-off-by: Bjorn Andersson commit eab0dce11dd91410204aae39d33124d9c16ab5f0 Author: Rob Herring (Arm) Date: Thu Aug 8 11:07:03 2024 -0600 scsi: ufs: ufshcd-pltfrm: Use of_property_count_u32_elems() to get property length Replace of_get_property() with the type specific of_property_count_u32_elems() to get the property length. This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240808170704.1438658-1-robh@kernel.org Reviewed-by: Bart Van Assche Signed-off-by: Martin K. Petersen commit fd9cb9615fca4fa322a43eeecbd71d4de1ba146a Author: Rob Herring (Arm) Date: Thu Aug 8 11:06:44 2024 -0600 scsi: ufs: ufshcd-pltfrm: Use of_property_present() Use of_property_present() to test for property presence rather than of_find_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240808170644.1436991-1-robh@kernel.org Reviewed-by: Bart Van Assche Signed-off-by: Martin K. Petersen commit 991f125472c4bd6f80f50d76418e0afcb16f5d33 Author: Krzysztof Kozlowski Date: Sun Aug 11 17:35:07 2024 +0200 dt-bindings: fsl: fsl,rcpm: fix unevaluated fsl,rcpm-wakeup property Drop the RCPM consumer example from the binding (LPUART device node), because: 1. Using phandles is typical syntax, thus explaining it is not needed in the provider binding, 2. It has 'fsl,rcpm-wakeup' property which is not allowed by LPUART binding so it causes dt_binding_check warning: fsl,rcpm.example.dtb: serial@2950000: Unevaluated properties are not allowed ('fsl,rcpm-wakeup' was unexpected) from schema $id: http://devicetree.org/schemas/serial/fsl-lpuart.yaml# Alternatively, this property could be added to LPUART binding (fsl-lpuart.yaml), but it looks like none of in-tree DTS use it. Fixes: ad21e3840a88 ("dt-bindings: soc: fsl: Convert rcpm to yaml format") Signed-off-by: Krzysztof Kozlowski Reviewed-by: Frank Li Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240811153507.126512-1-krzysztof.kozlowski@linaro.org Signed-off-by: Rob Herring (Arm) commit ea6787c695ab7595d851c3506f67c157f3b593c0 Author: John Garry Date: Mon Aug 5 11:33:15 2024 +0000 scsi: block: Don't check REQ_ATOMIC for reads We check in submit_bio_noacct() if flag REQ_ATOMIC is set for both read and write operations, and then validate the atomic operation if set. Flag REQ_ATOMIC can only be set for writes, so don't bother checking for reads. Fixes: 9da3d1e912f3 ("block: Add core atomic write support") Signed-off-by: John Garry Link: https://lore.kernel.org/r/20240805113315.1048591-3-john.g.garry@oracle.com Reviewed-by: Kanchan Joshi Signed-off-by: Martin K. Petersen commit 0c150b30d3d51a8c2e09fadd004a640fa12985c6 Author: John Garry Date: Mon Aug 5 11:33:14 2024 +0000 scsi: sd: Don't check if a write for REQ_ATOMIC Flag REQ_ATOMIC can only be set for writes, so don't check if the operation is also a write in sd_setup_read_write_cmnd(). Fixes: bf4ae8f2e640 ("scsi: sd: Atomic write support") Signed-off-by: John Garry Link: https://lore.kernel.org/r/20240805113315.1048591-2-john.g.garry@oracle.com Reviewed-by: Kanchan Joshi Signed-off-by: Martin K. Petersen commit bdc9c46759296690e4f9da434b16a7ac4190c671 Author: Peter Yin Date: Fri Aug 9 15:00:54 2024 +0800 dt-bindings: trivial-devices: add isil,isl69260 Document the "isl,isl69260" compatible, which is already used in the DTS files but was not previously documented in the bindings. The ISL69260 is a digital dual output multiphase controller that supports Intel VR13, VR13.HC, and VR14 specifications. Signed-off-by: Peter Yin Acked-by: Krzysztof Kozlowski Acked-by: Guenter Roeck Link: https://lore.kernel.org/r/20240809070056.3588694-1-peteryin.openbmc@gmail.com Signed-off-by: Rob Herring (Arm) commit a9a4ca5767c1756b1bc5bd3397b515af2cbc2c82 Author: Weilin Wang Date: Sat Jul 20 02:20:55 2024 -0400 perf data: Allow to use given fd in data->file.fd When in PIPE mode, allow to use fd dynamically opened and asigned to data->file.fd instead of STDIN_FILENO or STDOUT_FILENO. Reviewed-by: Namhyung Kim Signed-off-by: Weilin Wang Acked-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Caleb Biggers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Perry Taylor Cc: Peter Zijlstra Cc: Samantha Alt Link: https://lore.kernel.org/r/20240720062102.444578-3-weilin.wang@intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 807746b9bdc2acc9b18130d0a7ff0be1626ccc76 Author: Ian Rogers Date: Sat Jul 20 02:20:54 2024 -0400 perf parse-events: Add a retirement latency modifier Retirement latency is a separate sampled count used on newer Intel CPUs. Reviewed-by: Namhyung Kim Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Caleb Biggers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Perry Taylor Cc: Peter Zijlstra Cc: Samantha Alt Link: https://lore.kernel.org/r/20240720062102.444578-2-weilin.wang@intel.com Signed-off-by: Weilin Wang Signed-off-by: Arnaldo Carvalho de Melo commit 8f29be326da202963e3e6d33550d375313009f68 Author: Ian Rogers Date: Mon Aug 12 13:47:19 2024 -0700 perf session: Constify tool Make tool const now that all uses are const and perf_tool__fill_defaults() won't be used. The aim is to better capture that sessions don't mutate tools. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-28-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 15d4a6f41d7275799d318b198f479c9783d56f78 Author: Ian Rogers Date: Mon Aug 12 13:47:18 2024 -0700 perf tool: Remove perf_tool__fill_defaults() Now all tools are fully initialized prior to use it has no use so remove. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-27-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit fcd00f3e3b375ee87caf5be587840441ef1b4243 Author: Ian Rogers Date: Mon Aug 12 13:47:17 2024 -0700 perf kwork: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-26-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 332b897f34b95fea32c998ceca0569ac2c049d3d Author: Ian Rogers Date: Mon Aug 12 13:47:16 2024 -0700 perf test event_update: Ensure tools is initialized Ensure tool is initialized to avoid lazy initialization pattern so that more uses of struct perf_tool can be made const. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-25-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 2721c6cc04d79057b855411a16964965d5a3da0a Author: Ian Rogers Date: Mon Aug 12 13:47:15 2024 -0700 perf data convert ctf: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-24-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit b9d276d1a282dfca186d0dbc2a001581b7c6f5b7 Author: Ian Rogers Date: Mon Aug 12 13:47:14 2024 -0700 perf data convert json: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-23-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 1e1ec8f2e5fa914da0155170c63099d7189f3cfc Author: Ian Rogers Date: Mon Aug 12 13:47:13 2024 -0700 perf diff: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-22-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 60b5fd3f62d0622b70450d4707dc30be47a724c7 Author: Ian Rogers Date: Mon Aug 12 13:47:12 2024 -0700 perf timechart: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-21-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 4a20562bc4118478b4592bab8f0d90975df77095 Author: Ian Rogers Date: Mon Aug 12 13:47:11 2024 -0700 perf mem: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-20-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 41860d49473c0c09dc0a2a4d148047f97aaa2539 Author: Ian Rogers Date: Mon Aug 12 13:47:10 2024 -0700 perf sched: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-19-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit d48940cabcf70c186901f2c75fe89fed12d4ec18 Author: Ian Rogers Date: Mon Aug 12 13:47:09 2024 -0700 perf annotate: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-18-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 071b117e755bd5000ea13f488e8d19ed9e42121c Author: Ian Rogers Date: Mon Aug 12 13:47:08 2024 -0700 perf stat: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-17-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 113f614c6dd0c2fb13f4c6d7f3c4a82212de0c0f Author: Ian Rogers Date: Mon Aug 12 13:47:07 2024 -0700 perf report: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-16-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit a37c0436f3799d02f13781d5e1c836b956b8c05d Author: Ian Rogers Date: Mon Aug 12 13:47:06 2024 -0700 perf inject: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-15-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 2fa28ccb17c4bfc31f7752b59e4b90856d7b33b1 Author: Ian Rogers Date: Mon Aug 12 13:47:05 2024 -0700 perf script: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-14-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 6bfb6df8663f3baf901f6540bd3f95ccb86c2b9b Author: Ian Rogers Date: Mon Aug 12 13:47:04 2024 -0700 perf c2c: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-13-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit cecb1cf154b301c6f8da434adccd7bcb855d3191 Author: Ian Rogers Date: Mon Aug 12 13:47:03 2024 -0700 perf record: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-12-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 419cbc44f5b94c1bc6a68e4c694ee46fe3907fc0 Author: Ian Rogers Date: Mon Aug 12 13:47:02 2024 -0700 perf evlist: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-11-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit b4fd4d00f9d4f51eab54e5b336afe27a846f1578 Author: Ian Rogers Date: Mon Aug 12 13:47:01 2024 -0700 perf lock: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-10-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit a01a5ef98870bd7a72f7eee0cb6168233c41bf53 Author: Ian Rogers Date: Mon Aug 12 13:47:00 2024 -0700 perf kvm: Use perf_tool__init() Use perf_tool__init() so that more uses of 'struct perf_tool' can be const and not relying on perf_tool__fill_defaults(). Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-9-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 584a268f50758a35b7176ecad798bbe77d672d21 Author: Ian Rogers Date: Mon Aug 12 13:46:59 2024 -0700 perf buildid-list: Use perf_tool__init Reduce scope of build_id__mark_dso_hit_ops() to the scope of function perf_session__list_build_ids, its only use, and use perf_tool__init() for the default values. Move perf_event__exit_del_thread() to event.[ch] so it can be used in builtin-buildid-list.c. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-8-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit f32b37cc783ac28a58ab75542de7cec2c7c01e74 Author: Ian Rogers Date: Mon Aug 12 13:46:58 2024 -0700 perf kmem: Use perf_tool__init Reduce the scope of the tool from global/static to just that of the cmd_kmem function where the session is scoped. Use the perf_tool__init() to initialize default values. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-7-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit ae737b61029ced77391e2b850433cd316716ddf9 Author: Ian Rogers Date: Mon Aug 12 13:46:57 2024 -0700 perf tool: Add perf_tool__init() Add init function that behaves like perf_tool__fill_defaults() but assumes all values haven't been initialized. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-6-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 564e5cbcfdf5c55491461edc61f6b7e2a4418063 Author: Ian Rogers Date: Mon Aug 12 13:46:56 2024 -0700 perf tool: Move fill defaults into tool.c The aim here is to eventually make perf_tool__fill_defaults() an init function so that the tools struct is more const. Create a tool.c to go along with tool.h. Move perf_tool__fill_defaults() out of session.c into tool.c along with the default stub values. Add perf_tool__compressed_is_stub() for a test in perf_session__process_user_event(). perf_session__process_compressed_event() is only used from being default initialized so migrate into tool.c. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-5-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 30f29bae9142f34e978a4861ed07aa512af21416 Author: Ian Rogers Date: Mon Aug 12 13:46:55 2024 -0700 perf tool: Constify tool pointers The tool pointer (to a struct largely of function pointers) is passed around but is unchanged except at initialization. Change parameter and variable types to be const to lower the possibilities of what could happen with a tool. Reviewed-by: Adrian Hunter Signed-off-by: Ian Rogers Tested-by: Adrian Hunter Tested-by: Leo Yan Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-4-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 1816dc4bc5be050cc543e6e4fcedf3805a2aea20 Author: Ian Rogers Date: Mon Aug 12 13:46:54 2024 -0700 perf s390-cpumsf: Remove unused struct struct s390_cpumsf_synth was likely cargo culted from other auxtrace examples. It has no users, so remove. Reviewed-by: Adrian Hunter Signed-off-by: Ian Rogers Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-3-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 4e322c785514e85c5ede49c54d72795a5573fa79 Author: Ian Rogers Date: Mon Aug 12 13:46:53 2024 -0700 perf auxtrace: Remove dummy tools Add perf_session__deliver_synth_attr_event that synthesizes a perf_record_header_attr event with one id. Remove use of perf_event__synthesize_attr that necessitates the use of the dummy tool in order to pass the session. Reviewed-by: Adrian Hunter Signed-off-by: Ian Rogers Tested-by: Adrian Hunter Tested-by: Leo Yan Cc: Alexander Shishkin Cc: Anshuman Khandual Cc: Athira Rajeev Cc: Huacai Chen Cc: Ilkka Koskinen Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Jonathan Cameron Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Nick Desaulniers Cc: Nick Terrell Cc: Oliver Upton Cc: Peter Zijlstra Cc: Song Liu Cc: Sun Haiyong Cc: Suzuki Poulouse Cc: Will Deacon Cc: Yanteng Si Cc: Yicong Yang Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240812204720.631678-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 79bcd34e0f3da39fda841406ccc957405e724852 Author: Ian Rogers Date: Mon Jul 29 15:06:20 2024 -0700 perf inject: Fix leader sampling inserting additional samples The processing of leader samples would turn an individual sample with a group of read values into multiple samples. 'perf inject' would pass through the additional samples increasing the output data file size: $ perf record -g -e "{instructions,cycles}:S" -o perf.orig.data true $ perf script -D -i perf.orig.data | sed -e 's/perf.orig.data/perf.data/g' > orig.txt $ perf inject -i perf.orig.data -o perf.new.data $ perf script -D -i perf.new.data | sed -e 's/perf.new.data/perf.data/g' > new.txt $ diff -u orig.txt new.txt --- orig.txt 2024-07-29 14:29:40.606576769 -0700 +++ new.txt 2024-07-29 14:30:04.142737434 -0700 ... -0xc550@perf.data [0x30]: event: 3 +0xc550@perf.data [0xd0]: event: 9 +. +. ... raw event: size 208 bytes +. 0000: 09 00 00 00 01 00 d0 00 fc 72 01 86 ff ff ff ff .........r...... +. 0010: 74 7d 2c 00 74 7d 2c 00 fb c3 79 f9 ba d5 05 00 t},.t},...y..... +. 0020: e6 cb 1a 00 00 00 00 00 01 00 00 00 00 00 00 00 ................ +. 0030: 02 00 00 00 00 00 00 00 76 01 00 00 00 00 00 00 ........v....... +. 0040: e6 cb 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +. 0050: 62 18 00 00 00 00 00 00 f6 cb 1a 00 00 00 00 00 b............... +. 0060: 00 00 00 00 00 00 00 00 0c 00 00 00 00 00 00 00 ................ +. 0070: 80 ff ff ff ff ff ff ff fc 72 01 86 ff ff ff ff .........r...... +. 0080: f3 0e 6e 85 ff ff ff ff 0c cb 7f 85 ff ff ff ff ..n............. +. 0090: bc f2 87 85 ff ff ff ff 44 af 7f 85 ff ff ff ff ........D....... +. 00a0: bd be 7f 85 ff ff ff ff 26 d0 7f 85 ff ff ff ff ........&....... +. 00b0: 6d a4 ff 85 ff ff ff ff ea 00 20 86 ff ff ff ff m......... ..... +. 00c0: 00 fe ff ff ff ff ff ff 57 14 4f 43 fc 7e 00 00 ........W.OC.~.. + +1642373909693435 0xc550 [0xd0]: PERF_RECORD_SAMPLE(IP, 0x1): 2915700/2915700: 0xffffffff860172fc period: 1 addr: 0 +... FP chain: nr:12 +..... 0: ffffffffffffff80 +..... 1: ffffffff860172fc +..... 2: ffffffff856e0ef3 +..... 3: ffffffff857fcb0c +..... 4: ffffffff8587f2bc +..... 5: ffffffff857faf44 +..... 6: ffffffff857fbebd +..... 7: ffffffff857fd026 +..... 8: ffffffff85ffa46d +..... 9: ffffffff862000ea +..... 10: fffffffffffffe00 +..... 11: 00007efc434f1457 +... sample_read: +.... group nr 2 +..... id 00000000001acbe6, value 0000000000000176, lost 0 +..... id 00000000001acbf6, value 0000000000001862, lost 0 + +0xc620@perf.data [0x30]: event: 3 ... This behavior is incorrect as in the case above 'perf inject' should have done nothing. Fix this behavior by disabling separating samples for a tool that requests it. Only request this for `perf inject` so as to not affect other perf tools. With the patch and the test above there are no differences between the orig.txt and new.txt. Fixes: e4caec0d1af3d608 ("perf evsel: Add PERF_SAMPLE_READ sample related processing") Signed-off-by: Ian Rogers Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Andi Kleen Cc: Ingo Molnar Cc: Jiri Olsa Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240729220620.2957754-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 7f3c8f13ad93044ab1d18949b8b840fed7c59c30 Author: Namhyung Kim Date: Mon Aug 12 12:44:47 2024 -0700 perf annotate-data: Show first-level children by default in TUI Now default is to fold everything but it only shows the name of the top-level data type which is not very useful. Instead just expand the top level entry so that it can show the layout at a higher level. Annotate type: 'struct task_struct' (4 samples) Percent Offset Size Field - 100.00 0 9792 struct task_struct { ◆ + 0.50 0 24 struct thread_info thread_info; ▒ 0.00 24 4 unsigned int __state; ▒ 0.00 32 8 void* stack; ▒ + 0.00 40 4 refcount_t usage; ▒ 0.00 44 4 unsigned int flags; ▒ 0.00 48 4 unsigned int ptrace; ▒ 0.00 52 4 int on_cpu; ▒ + 0.00 56 16 struct __call_single_node wake_entry; ▒ 0.00 72 4 unsigned int wakee_flips; ▒ 0.00 80 8 long unsigned int wakee_flip_decay_ts;▒ 0.00 88 8 struct task_struct* last_wakee; ▒ 0.00 96 4 int recent_used_cpu; ▒ 0.00 100 4 int wake_cpu; ▒ 0.00 104 4 int on_rq; ▒ 0.00 108 4 int prio; ▒ 0.00 112 4 int static_prio; ▒ 0.00 116 4 int normal_prio; ▒ 0.00 120 4 unsigned int rt_priority; ▒ + 0.00 128 256 struct sched_entity se; ▒ + 0.00 384 48 struct sched_rt_entity rt; ▒ + 0.00 432 224 struct sched_dl_entity dl; ▒ 0.00 656 8 struct sched_class* sched_class; ▒ ... Committer testing: # perf mem record -a sleep 5s # perf annotate --group --data-type=pthread_mutex_t Annotate type: 'pthread_mutex_t' (13 samples) Percent Offset Size Field - 100.00 0 40 pthread_mutex_t { ▒ - 100.00 0 40 struct __pthread_mutex_s __data { ▒ 39.45 0 4 int __lock; ▒ 0.00 4 4 unsigned int __count; ▒ 7.80 8 4 int __owner; ▒ 6.88 12 4 unsigned int __nusers; ▒ 45.87 16 4 int __kind; ▒ 0.00 20 2 short int __spins; ▒ 0.00 22 2 short int __elision; ▒ + 0.00 24 16 __pthread_list_t __list; ▒ }; ▒ 0.00 0 0 char[] __size; ▒ 39.45 0 8 long int __align; Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240812194447.2049187-4-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit af73856e9ac818bfe8e2f95b32734acbcabe6689 Author: Namhyung Kim Date: Mon Aug 12 12:44:46 2024 -0700 perf annotate-data: Implement folding in TUI browser Like 'perf report', use 'e' or 'E' key to toggle folding the current entry so that it can control displaying child entries. Note I didn't add the 'c' and 'C' key to collapse the entry because it's also handled with the 'e'/'E' since it toggles the state. Committer testing: Do some 'perf mem record' for some workload of the whole system, using the target options, as usual (--pid/-p, -C/--cpu, -a for the system wide profiling, etc) and then: # perf annotate --skip-empty --data-type=pthread_mutex_t That, by default, will start as --tui, then press 'E' to see the whole struct unfolded, etc. Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240812194447.2049187-3-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 05fc5b7de395c82a17871e441a551566a49c1ea8 Author: Namhyung Kim Date: Mon Aug 12 12:44:45 2024 -0700 perf annotate-data: Support folding in TUI browser Like in the hists browser, it should support folding current entry so that it can hide unwanted details in some data structures. The folded entries will be displayed with the '+' sign, while unfolded entries will have the '-' sign. Entries that have no children will not show any signs. Annotate type: 'struct socket' (1 samples) Percent Offset Size Field - 100.00 0 128 struct socket { ◆ 0.00 0 4 socket_state state; ▒ 0.00 4 2 short int type; ▒ 0.00 8 8 long unsigned int flags; ▒ 0.00 16 8 struct file* file; ▒ 100.00 24 8 struct sock* sk; ▒ 0.00 32 8 struct proto_ops* ops; ▒ - 0.00 64 64 struct socket_wq wq { ▒ - 0.00 64 24 wait_queue_head_t wait { ▒ + 0.00 64 4 spinlock_t lock; ▒ - 0.00 72 16 struct list_head head { ▒ 0.00 72 8 struct list_head* next; ▒ 0.00 80 8 struct list_head* prev; ▒ }; ▒ }; ▒ 0.00 88 8 struct fasync_struct* fasync_list; ▒ 0.00 96 8 long unsigned int flags; ▒ + 0.00 104 16 struct callback_head rcu; ▒ }; ▒ }; ▒ This just adds the display logic for folding, actually folding action will be implemented in the next patch. Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240812194447.2049187-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 7a75c6c23a2ea8dd22d90805b3a42bd65c53830e Author: Ian Rogers Date: Sat Aug 10 21:20:04 2024 -0700 perf vendor events: SKX, CLX, SNR uncore cache event fixes Cache home agent (CHA) events were setting the low rather than high config1 bits. SNR was using CLX CHA events, however its CHA is similar to ICX so remove the events. Incorporate the updates in: https://github.com/intel/perfmon/pull/215 https://github.com/intel/perfmon/pull/216 Fixes: 4cc49942444e958b ("perf vendor events: Update cascadelakex events/metrics") Closes: https://lore.kernel.org/linux-perf-users/CAPhsuW4nem9XZP+b=sJJ7kqXG-cafz0djZf51HsgjCiwkGBA+A@mail.gmail.com/ Reported-by: Song Liu Reviewed-by: Kan Liang Co-authored-by: Weilin Wang Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240811042004.421869-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 040c0f887fdcfe747a3f63c94e9cd29e9ed0b872 Author: Namhyung Kim Date: Mon Aug 12 10:25:33 2024 -0700 perf lock contention: Change stack_id type to s32 The bpf_get_stackid() helper returns a signed type to check whether it failed to get a stacktrace or not. But it saved the result in u32 and checked if the value is negative. 376 if (needs_callstack) { 377 pelem->stack_id = bpf_get_stackid(ctx, &stacks, 378 BPF_F_FAST_STACK_CMP | stack_skip); --> 379 if (pelem->stack_id < 0) ./tools/perf/util/bpf_skel/lock_contention.bpf.c:379 contention_begin() warn: unsigned 'pelem->stack_id' is never less than zero. Let's change the type to s32 instead. Fixes: 6d499a6b3d90277d ("perf lock: Print the number of lost entries for BPF") Reported-by: Dan Carpenter Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240812172533.2015291-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 00b04242683ebae91164244883b46e6ab2669d63 Author: Namhyung Kim Date: Sat Aug 10 12:15:02 2024 -0700 perf annotate-data: Fix a buffer overflow in TUI browser In get_member_overhead(), k is updated when it has a entry in the histogram. But the entry->hists array is allocated with the number of evsel in the group. So the k should be reset when it iterates the event using for_each_group_evsel(), otherwise it'd crash due to a buffer overflow. Fixes: cb1898f58e0f175d ("perf annotate-data: Support --skip-empty option") Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240810191502.1947959-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit cd86437cde1310f8674167d741d80d15e1008dc6 Author: Rob Herring (Arm) Date: Wed Aug 7 10:58:55 2024 -0600 dt-bindings: clock: mediatek: Convert MediaTek clock syscons to schema Convert the various MediaTek syscon bindings which are a clock provider into DT schema format. As they are all the same other than compatible string, combine them into a single schema file. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240807-dt-mediatek-clk-v1-3-e8d568abfd48@kernel.org Acked-by: Conor Dooley Signed-off-by: Stephen Boyd commit c1a9a21f9353cf27caa7d38dd9889925654fdb32 Author: Rob Herring (Arm) Date: Wed Aug 7 10:58:54 2024 -0600 dt-bindings: Move Mediatek clock controllers to "clock" directory The "arm" binding directory is for architecture specific and top-level board bindings. Move all the MediaTek bindings implementing clock providers from "arm/mediatek/" to "clock/" binding directories. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240807-dt-mediatek-clk-v1-2-e8d568abfd48@kernel.org Acked-by: Conor Dooley Signed-off-by: Stephen Boyd commit 5e938ef618857674f7d77c03578fdf69a5ba779b Author: Rob Herring (Arm) Date: Wed Aug 7 10:58:53 2024 -0600 dt-bindings: clock: mediatek,apmixedsys: Fix "mediatek,mt6779-apmixed" compatible "mediatek,mt6779-apmixed" is the compatible string in use already, not "mediatek,mt6779-apmixedsys". Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240807-dt-mediatek-clk-v1-1-e8d568abfd48@kernel.org Acked-by: Conor Dooley Signed-off-by: Stephen Boyd commit 22ba81c50a49468d80055674d8d6f78afb1c92c4 Author: Thomas Weißschuh Date: Wed Aug 7 23:51:51 2024 +0200 selftests/nolibc: run-tests.sh: allow building through LLVM The nolibc tests can now be properly built with LLVM. Expose this through run-tests.sh. Reviewed-by: Shuah Khan Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-15-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit 8404af7e13eeef91d0e69b44214cbafc2767b7f2 Author: Thomas Weißschuh Date: Wed Aug 7 23:51:50 2024 +0200 selftests/nolibc: use correct clang target for s390/systemz The target names between GCC and clang differ for s390. While GCC uses "s390", clang uses "systemz". This mapping is not handled by tools/scripts/Makefile.include, so do it in the nolibc-test Makefile. Acked-by: Willy Tarreau Reviewed-by: Shuah Khan Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-14-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit 801cf69ca03040a75ed73be263aa6f0fdcb8af5d Author: Thomas Weißschuh Date: Wed Aug 7 23:51:49 2024 +0200 selftests/nolibc: don't use libgcc when building with clang The logic in clang to find the libgcc.a from a GCC toolchain for a specific ABI does not work reliably and can lead to errors. Instead disable libgcc when building with clang, as it's not needed anyways. Acked-by: Willy Tarreau Reviewed-by: Shuah Khan Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-13-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit 27e458bbebdb0aa2aecce86d22c7f02b66e68ee1 Author: Thomas Weißschuh Date: Wed Aug 7 23:51:48 2024 +0200 selftests/nolibc: run-tests.sh: avoid overwriting CFLAGS_EXTRA If the user specified their own CFLAGS_EXTRA these should not be overwritten by `-e`. Reviewed-by: Shuah Khan Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-12-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit 1bd75aeb5446eb2b1351465e88a98fd784003250 Author: Thomas Weißschuh Date: Wed Aug 7 23:51:47 2024 +0200 selftests/nolibc: add cc-option compatible with clang cross builds The cc-option macro from Build.include is not compatible with clang cross builds, as it does not respect the "--target" and similar flags, set up by Mekfile.include. Provide a custom variant which works correctly. Reviewed-by: Shuah Khan Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-11-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit ae574ae37059da67b90916f14b482bbce0c0ab01 Author: Thomas Weißschuh Date: Wed Aug 7 23:51:46 2024 +0200 selftests/nolibc: add support for LLVM= parameter Makefile.include can modify CC and CFLAGS for usage with clang. Make use of it. Makefile.include is currently used to handle the O= variable. This is incompatible with the LLVM= handling as for O= it has to be included as early as possible, while for LLVM= it needs to be included after CFLAGS are set up. To avoid this incompatibility, switch the O= handling to custom logic. Reviewed-by: Shuah Khan Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-10-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit 1a1200b66fd52dca33255270a09a093592c3b877 Author: Thomas Weißschuh Date: Wed Aug 7 23:51:45 2024 +0200 selftests/nolibc: determine $(srctree) first The nolibc-test Makefile includes various other Makefiles from the tree. At first these are included with relative paths like "../../../build/Build.include" but as soon as $(srctree) is set up, the inclusions use that instead to build full paths. To keep the style of inclusions consistent, perform the setup $(srctree) as early as possible and use it for all inclusions. Reviewed-by: Shuah Khan Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-9-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit f1a58f61d88642ae1e6e97e9d72d73bc70a93cb8 Author: Thomas Weißschuh Date: Wed Aug 7 23:51:44 2024 +0200 selftests/nolibc: avoid passing NULL to printf("%s") Clang on higher optimization levels detects that NULL is passed to printf("%s") and warns about it. While printf() from nolibc gracefully handles that NULL, it is undefined behavior as per POSIX, so the warning is reasonable. Avoid the warning by transforming NULL into a non-NULL placeholder. Reviewed-by: Shuah Khan Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-8-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit ddae1d7fab8c5dc5d12da120dc410c4f374d37c3 Author: Thomas Weißschuh Date: Wed Aug 7 23:51:43 2024 +0200 selftests/nolibc: report failure if no testcase passed When nolibc-test is so broken, it doesn't even start, don't report success. Reviewed-by: Shuah Khan Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-7-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit e098eebb63cb1c03813559b5db9da4451ba3a318 Author: Thomas Weißschuh Date: Wed Aug 7 23:51:42 2024 +0200 tools/nolibc: compiler: use attribute((naked)) if available The current entrypoint attributes optimize("Os", "omit-frame-pointer") are intended to avoid all compiler generated code, like function porologue and epilogue. This is the exact usecase implemented by the attribute "naked". Unfortunately this is not implemented by GCC for all targets, so only use it where available. This also provides compatibility with clang, which recognizes the "naked" attribute but not the previously used attribute "optimized". Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-6-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit ef32e9b6a325d1d013b30d898b4dff94082902cd Author: Thomas Weißschuh Date: Wed Aug 7 23:51:41 2024 +0200 tools/nolibc: move entrypoint specifics to compiler.h The specific attributes for the _start entrypoint are duplicated for each architecture. Deduplicate it into a dedicated #define into compiler.h. For clang compatibility, the epilogue will also need to be adapted, so move that one, too. Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-5-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit 4a4c013d3385b0db85dc361203dc42ff048b6fd6 Author: Alan Maguire Date: Sat Aug 10 10:35:04 2024 +0100 libbpf: Fix license for btf_relocate.c License should be // SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause) ...as with other libbpf files. Fixes: 19e00c897d50 ("libbpf: Split BTF relocation") Reported-by: Neill Kapron Signed-off-by: Alan Maguire Signed-off-by: Andrii Nakryiko Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20240810093504.2111134-1-alan.maguire@oracle.com commit 652b0ae675fede81420758e3af7c5174cdaa8404 Author: Alexander Aring Date: Mon Aug 12 16:14:24 2024 -0400 dlm: add missing -ENOMEM if alloc_workqueue() fails This patch sets an missing -ENOMEM as error return value when the allocation of the dlm workqueue fails. Fixes: 94e180d6255f ("dlm: async freeing of lockspace resources") Reported-by: kernel test robot Reported-by: Dan Carpenter Closes: https://lore.kernel.org/r/202408110800.OsoP8TB9-lkp@intel.com/ Signed-off-by: Alexander Aring Signed-off-by: David Teigland commit 63dff3e48871b0583be5032ff8fb7260c349a18c Author: Paul Moore Date: Tue Jul 9 19:43:06 2024 -0400 lsm: add the inode_free_security_rcu() LSM implementation hook The LSM framework has an existing inode_free_security() hook which is used by LSMs that manage state associated with an inode, but due to the use of RCU to protect the inode, special care must be taken to ensure that the LSMs do not fully release the inode state until it is safe from a RCU perspective. This patch implements a new inode_free_security_rcu() implementation hook which is called when it is safe to free the LSM's internal inode state. Unfortunately, this new hook does not have access to the inode itself as it may already be released, so the existing inode_free_security() hook is retained for those LSMs which require access to the inode. Cc: stable@vger.kernel.org Reported-by: syzbot+5446fbf332b0602ede0b@syzkaller.appspotmail.com Closes: https://lore.kernel.org/r/00000000000076ba3b0617f65cc8@google.com Signed-off-by: Paul Moore commit 711f5c5ce6c2c640c1b3b569ab2a8847be5ab21f Author: Paul Moore Date: Mon Jul 15 21:22:51 2024 -0400 lsm: cleanup lsm_hooks.h Some cleanup and style corrections for lsm_hooks.h. * Drop the lsm_inode_alloc() extern declaration, it is not needed. * Relocate lsm_get_xattr_slot() and extern variables in the file to improve grouping of related objects. * Don't use tabs to needlessly align structure fields. Reviewed-by: Casey Schaufler Signed-off-by: Paul Moore commit 7d442a33bfe817ab2a735f3d2e430e36305354ea Author: Brian Mak Date: Tue Aug 6 18:16:02 2024 +0000 binfmt_elf: Dump smaller VMAs first in ELF cores Large cores may be truncated in some scenarios, such as with daemons with stop timeouts that are not large enough or lack of disk space. This impacts debuggability with large core dumps since critical information necessary to form a usable backtrace, such as stacks and shared library information, are omitted. We attempted to figure out which VMAs are needed to create a useful backtrace, and it turned out to be a non-trivial problem. Instead, we try simply sorting the VMAs by size, which has the intended effect. By sorting VMAs by dump size and dumping in that order, we have a simple, yet effective heuristic. Signed-off-by: Brian Mak Link: https://lore.kernel.org/r/036CD6AE-C560-4FC7-9B02-ADD08E380DC9@juniper.net Acked-by: "Eric W. Biederman" Signed-off-by: Kees Cook commit e53cef031bfac2369d249cfd726706c30a5a3351 Author: Paul E. McKenney Date: Thu Aug 1 17:36:22 2024 -0700 srcu: Mark callbacks not currently participating in barrier operation SRCU keeps a count of the number of callbacks that the current srcu_barrier() is waiting on, but there is currently no easy way to work out which callback is stuck. One way to do this is to mark idle SRCU-barrier callbacks by making the ->next pointer point to the callback itself, and this commit does just that. Later commits will use this for debug output. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit c8c3ae83e0bbed6d56a00068c7d10ebf64db48d9 Author: Paul E. McKenney Date: Thu Aug 1 17:36:21 2024 -0700 srcu: Check for concurrent updates of heuristics SRCU maintains the ->srcu_n_exp_nodelay and ->reschedule_count values to guide heuristics governing auto-expediting of normal SRCU grace periods and grace-period-state-machine delays. This commit adds KCSAN ASSERT_EXCLUSIVE_WRITER() calls to check for concurrent updates to these fields. Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit 29bc83e4d90546aa794a9584786086b141a6ba4d Author: JP Kobryn Date: Mon Jul 15 16:23:24 2024 -0700 srcu: faster gp seq wrap-around Using a higher value for the initial gp sequence counters allows for wrapping to occur faster. It can help with surfacing any issues that may be happening as a result of the wrap around. Signed-off-by: JP Kobryn Tested-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 0aac9daef6763e6efef398faff71f8c593651cce Author: Waiman Long Date: Tue Jul 23 14:10:25 2024 -0400 rcu: Use system_unbound_wq to avoid disturbing isolated CPUs It was discovered that isolated CPUs could sometimes be disturbed by kworkers processing kfree_rcu() works causing higher than expected latency. It is because the RCU core uses "system_wq" which doesn't have the WQ_UNBOUND flag to handle all its work items. Fix this violation of latency limits by using "system_unbound_wq" in the RCU core instead. This will ensure that those work items will not be run on CPUs marked as isolated. Beside the WQ_UNBOUND flag, the other major difference between system_wq and system_unbound_wq is their max_active count. The system_unbound_wq has a max_active of WQ_MAX_ACTIVE (512) while system_wq's max_active is WQ_DFL_ACTIVE (256) which is half of WQ_MAX_ACTIVE. Reported-by: Vratislav Bendel Closes: https://issues.redhat.com/browse/RHEL-50220 Signed-off-by: Waiman Long Reviewed-by: "Uladzislau Rezki (Sony)" Tested-by: Breno Leitao Signed-off-by: Neeraj Upadhyay commit 39fa14e5bdd037f50df0af408da7251e400b41fd Author: Nirmoy Das Date: Sat Aug 10 21:15:19 2024 +0200 drm/xe: Add stats for tlb invalidation count Add stats for tlb invalidation count which can be viewed with per GT stat debugfs file. Example output: cat /sys/kernel/debug/dri/0/gt0/stats tlb_inval_count: 22 v2: fix #include order(Tejas) Cc: Lucas De Marchi Cc: Matthew Brost Cc: Michal Wajdeczko Cc: Sai Gowtham Ch Reviewed-by: Tejas Upadhyay Link: https://patchwork.freedesktop.org/patch/msgid/20240810191522.18616-2-nirmoy.das@intel.com Signed-off-by: Nirmoy Das commit acc4e41ec41fa28ae9fbdb1a2750525a7a242743 Author: Nirmoy Das Date: Sat Aug 10 21:15:18 2024 +0200 drm/xe/gt: Add APIs for printing stats over debugfs Add skeleton APIs for recording and printing various stats over debugfs. This currently only added counter types stats which is backed by atomic_t and wrapped with CONFIG_DRM_XE_STATS so this can be disabled on production system. v4: Rebase and other minor fixes (Matt) v3: s/CONFIG_DRM_XE_STATS/CONFIG_DEBUG_FS(Lucas) v2: add missing docs Add boundary checks for stats id and other improvements (Michal) Fix build when CONFIG_DRM_XE_STATS is disabled(Matt) Cc: Lucas De Marchi Cc: Matthew Brost Cc: Michal Wajdeczko Cc: Sai Gowtham Ch Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240810191522.18616-1-nirmoy.das@intel.com Signed-off-by: Nirmoy Das commit 043da846c2b2dfd5b187bf3a9993b8fb0a6ed94a Author: Leo Yan Date: Mon Aug 12 10:34:59 2024 +0100 perf docs: Refine the description for the buffer size Current description for the AUX trace buffer size is misleading. When a user specifies the option '-m,512M', it represents a size value in bytes (512MiB) but not 512M pages (512M x 4KiB regard to a page of 4KiB). Make the document clear that the normal buffer and the AUX tracing buffer share the same semantics. Syncs the documents for consistent text. Reviewed-by: James Clark Signed-off-by: Leo Yan Cc: Adrian Hunter Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240812093459.2575278-1-leo.yan@arm.com Signed-off-by: Arnaldo Carvalho de Melo commit e6b56ae7c2d82976398fdbf00858f31193cf5971 Author: Martin Liška Date: Fri Jul 19 12:57:08 2024 +0200 perf script: add --addr2line option Similarly to other subcommands (like report, top), it would be handy to provide a path for addr2line command. Signed-off-by: Martin Liska Cc: Ian Rogers Link: https://lore.kernel.org/r/eadc3e36-029d-4848-9d69-272fe5a83a26@foxlink.cz Signed-off-by: Arnaldo Carvalho de Melo commit 38343be0bf9a7d7ef0d160da5f2db887a0e29b62 Merge: 25f51b76f90f10 7c626ce4bae1ac Author: Greg Kroah-Hartman Date: Mon Aug 12 18:49:00 2024 +0200 Merge 6.11-rc3 into usb-next We need the usb fixes in here as well. Signed-off-by: Greg Kroah-Hartman commit 4e12e550936364660b056116c848b82bf73aa8b6 Author: Frank Li Date: Sat Aug 10 10:38:34 2024 -0400 dt-bindings: input: touchscreen: convert ad7879 to yaml format Convert binding doc ad7879.txt to yaml format. Additional change: - Add ref to /schemas/spi/spi-peripheral-props.yaml - Add #gpio-cell - Remove spi-cpol and spi-cpha in example, the place hold 'spi' can't correct detect spi-controler.yaml. So these two properties can't be recongnized. Fix warning: arch/arm64/boot/dts/freescale/imx8dx-colibri-aster.dtb: /bus@5a000000/i2c@5a800000/touchscreen@2c: failed to match any schema with compatible: ['adi,ad7879-1'] Signed-off-by: Frank Li Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240810143840.3615450-1-Frank.Li@nxp.com Signed-off-by: Dmitry Torokhov commit 9f3eb413606b259c03ecbd20d61e5f7906681891 Merge: 259b4620488543 7c626ce4bae1ac Author: Greg Kroah-Hartman Date: Mon Aug 12 18:47:17 2024 +0200 Merge 6.11-rc3 into tty-next We need the tty/serial fixes in here to build on top of. Signed-off-by: Greg Kroah-Hartman commit 0c80bdfc9aa624b4a6c33c30ad11e81bf6407c36 Merge: bfa54a793ba77e 7c626ce4bae1ac Author: Greg Kroah-Hartman Date: Mon Aug 12 18:46:07 2024 +0200 Merge 6.11-rc3 into driver-core-next We need the driver core fixes in here as well to build on top of. Signed-off-by: Greg Kroah-Hartman commit 9ca12e50a48c100e3bda3e5152d2181f4a6649e2 Merge: 5c4efc60551c0e 7c626ce4bae1ac Author: Greg Kroah-Hartman Date: Mon Aug 12 18:44:54 2024 +0200 Merge 6.11-rc3 into char-misc-next We need the char/misc fixes in here as well. Signed-off-by: Greg Kroah-Hartman commit 4f21bfed691c96da1fc85b76c16e8f6d8fe98a3d Author: Arnaldo Carvalho de Melo Date: Mon Aug 12 09:57:20 2024 -0300 perf tests pmu: Initialize all fields of test_pmu variable Instead of explicitely initializing just the .name and .alias_name, use struct member named initialization of just the non-null -name field, the compiler will initialize all the other non-explicitely initialized fields to NULL. This makes the code more robust, avoiding the error recently fixed when the .alias_name was used and contained a random value. Reviewed-by: Veronika Molnarova Cc: Adrian Hunter Cc: Ian Rogers Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Michael Petlan Cc: Namhyung Kim Cc: Radostin Stoyanov Link: https://lore.kernel.org/lkml/e26941f9-f86c-4f2e-b812-20c49fb2c0d3@redhat.com Signed-off-by: Arnaldo Carvalho de Melo commit 9327b51c9a9c864f5177127e09851da9d78b4943 Author: Ming Lei Date: Mon Aug 12 09:36:24 2024 +0800 ublk: move zone report data out of request pdu ublk zoned takes 16 bytes in each request pdu just for handling REPORT_ZONE operation, this way does waste memory since request pdu is allocated statically. Store the transient zone report data into one global xarray, and remove it after the report zone request is completed. This way is reasonable since report zone is run in slow code path. Fixes: 29802d7ca33b ("ublk: enable zoned storage support") Cc: Damien Le Moal Cc: Andreas Hindborg Signed-off-by: Ming Lei Link: https://lore.kernel.org/r/20240812013624.587587-1-ming.lei@redhat.com Signed-off-by: Jens Axboe commit 6c1fa8edfef815a97db57f30216265bfa152792d Author: Gergo Koteles Date: Thu Jul 25 11:21:09 2024 +0200 platform/x86: ideapad-laptop: move ACPI helpers from header to source file Since moving ymc_trigger_ec from lenovo-ymc to ideapad-laptop, only the latter uses these definitions and functions. Move them back to source file. Signed-off-by: Gergo Koteles Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/57a48d2582b567f6c6fbcd3b379e17aee0fb5a94.1721898747.git.soyer@irl.hu Signed-off-by: Hans de Goede commit d945085a7e9fa5c951f01057a1efc9d7cf0762a7 Merge: 61b74964536e86 7cc06e729460a2 Author: Hans de Goede Date: Mon Aug 12 17:35:52 2024 +0200 Merge tag 'platform-drivers-x86-v6.11-3' into review-hans Merge 'platform-drivers-x86-v6.11-3' into review-hans to avoid conflicts when merging further ideapad-laptop patches. platform-drivers-x86 for v6.11-3 Fixes: - ideapad-laptop / lenovo-ymc: Protect VPC calls with a mutex - amd/pmf: Query HPD data also when ALS is disabled The following is an automated shortlog grouped by driver: amd/pmf: - Fix to Update HPD Data When ALS is Disabled ideapad-laptop: - add a mutex to synchronize VPC commands - introduce a generic notification chain - move ymc_trigger_ec from lenovo-ymc commit 61b74964536e86445d43acff5cff6ad907ba9321 Author: Jithu Joseph Date: Thu Aug 1 05:18:14 2024 +0000 trace: platform/x86/intel/ifs: Add SBAF trace support Add tracing support for the SBAF IFS tests, which may be useful for debugging systems that fail these tests. Log details like test content batch number, SBAF bundle ID, program index and the exact errors or warnings encountered by each HT thread during the test. Reviewed-by: Ashok Raj Reviewed-by: Tony Luck Reviewed-by: Ilpo Järvinen Reviewed-by: Steven Rostedt (Google) Signed-off-by: Jithu Joseph Signed-off-by: Kuppuswamy Sathyanarayanan Link: https://lore.kernel.org/r/20240801051814.1935149-5-sathyanarayanan.kuppuswamy@linux.intel.com Signed-off-by: Hans de Goede commit 3c4d06bd6e3713235fba5aa5eed9d1898239ec1f Author: Jithu Joseph Date: Thu Aug 1 05:18:13 2024 +0000 platform/x86/intel/ifs: Add SBAF test support In a core, the SBAF test engine is shared between sibling CPUs. An SBAF test image contains multiple bundles. Each bundle is further composed of subunits called programs. When a SBAF test (for a particular core) is triggered by the user, each SBAF bundle from the loaded test image is executed sequentially on all the threads on the core using the stop_core_cpuslocked mechanism. Each bundle execution is initiated by writing to MSR_ACTIVATE_SBAF. SBAF test bundle execution may be aborted when an interrupt occurs or if the CPU does not have enough power budget for the test. In these cases the kernel restarts the test from the aborted bundle. SBAF execution is not retried if the test fails or if the test makes no forward progress after 5 retries. Reviewed-by: Ashok Raj Reviewed-by: Tony Luck Reviewed-by: Ilpo Järvinen Signed-off-by: Jithu Joseph Signed-off-by: Kuppuswamy Sathyanarayanan Link: https://lore.kernel.org/r/20240801051814.1935149-4-sathyanarayanan.kuppuswamy@linux.intel.com Signed-off-by: Hans de Goede commit 0a3e4e94d137daacd5ec092365080eed847f8f01 Author: Jithu Joseph Date: Thu Aug 1 05:18:12 2024 +0000 platform/x86/intel/ifs: Add SBAF test image loading support Structural Based Functional Test at Field (SBAF) is a new type of testing that provides comprehensive core test coverage complementing existing IFS tests like Scan at Field (SAF) or ArrayBist. SBAF device will appear as a new device instance (intel_ifs_2) under /sys/devices/virtual/misc. The user interaction necessary to load the test image and test a particular core is the same as the existing scan test (intel_ifs_0). During the loading stage, the driver will look for a file named ff-mm-ss-.sbft in the /lib/firmware/intel/ifs_2 directory. The hardware interaction needed for loading the image is similar to SAF, with the only difference being the MSR addresses used. Reuse the SAF image loading code, passing the SBAF-specific MSR addresses via struct ifs_test_msrs in the driver device data. Unlike SAF, the SBAF test image chunks are further divided into smaller logical entities called bundles. Since the SBAF test is initiated per bundle, cache the maximum number of bundles in the current image, which is used for iterating through bundles during SBAF test execution. Reviewed-by: Ashok Raj Reviewed-by: Tony Luck Reviewed-by: Ilpo Järvinen Signed-off-by: Jithu Joseph Co-developed-by: Kuppuswamy Sathyanarayanan Signed-off-by: Kuppuswamy Sathyanarayanan Link: https://lore.kernel.org/r/20240801051814.1935149-3-sathyanarayanan.kuppuswamy@linux.intel.com Signed-off-by: Hans de Goede commit 7e597d496dfd69c8940a924bc2cc96f1666d33a9 Author: Kuppuswamy Sathyanarayanan Date: Thu Aug 1 05:18:11 2024 +0000 platform/x86/intel/ifs: Refactor MSR usage in IFS test code IFS tests such as Scan at Field (SAF) or Structural Based Functional Test at Field (SBAF), require the user to load a test image. The image loading process is similar across these tests, with the only difference being MSR addresses used. To reuse the code between these tests, remove the hard coding of MSR addresses and allow the driver to pass the MSR addresses per IFS test (via driver device data). Add a new structure named "struct ifs_test_msrs" to specify the test-specific MSR addresses. Each IFS test will provide this structure, enabling them to reuse the common code. This is a preliminary patch in preparation for the addition of SBAF support. Reviewed-by: Ashok Raj Reviewed-by: Tony Luck Reviewed-by: Ilpo Järvinen Signed-off-by: Kuppuswamy Sathyanarayanan Link: https://lore.kernel.org/r/20240801051814.1935149-2-sathyanarayanan.kuppuswamy@linux.intel.com Signed-off-by: Hans de Goede commit 440814caedb0e33c56f0478d7fa5b54479013904 Author: Srinivas Pandruvada Date: Wed Jul 31 11:42:56 2024 -0700 platform/x86: ISST: Simplify isst_misc_reg() and isst_misc_unreg() After commit '1630dc626c87 ("platform/x86: ISST: Add model specific loading for common module")' isst_misc_reg() and isst_misc_unreg() can be simplified. Since these functions are only called during module_init() and module_exit() respectively, there is no contention while calling misc_register()/misc_deregister or isst_if_cpu_info_init()/ isst_if_cpu_info_exit(). Hence remove mutex and reference counting. Signed-off-by: Srinivas Pandruvada Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20240731184256.1852840-1-srinivas.pandruvada@linux.intel.com Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 523b1c036ba970beaac3584f92a367be367f9146 Author: Thomas Zimmermann Date: Wed Jul 31 14:51:00 2024 +0200 platform/x86: samsung-laptop: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Corentin Chary Cc: Hans de Goede Cc: "Ilpo Järvinen" Link: https://lore.kernel.org/r/20240731125220.1147348-11-tzimmermann@suse.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit b780aaffb16ca41819ebd4a3ed0635ea35b93901 Author: Thomas Zimmermann Date: Wed Jul 31 14:50:59 2024 +0200 platform/x86: oaktrail: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Hans de Goede Cc: "Ilpo Järvinen" Link: https://lore.kernel.org/r/20240731125220.1147348-10-tzimmermann@suse.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit f6619520530417bbef368c4194fc6ec6d224dc2d Author: Thomas Zimmermann Date: Wed Jul 31 14:50:58 2024 +0200 platform/x86: ideapad-laptop: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Ike Panhc Cc: Hans de Goede Cc: "Ilpo Järvinen" Link: https://lore.kernel.org/r/20240731125220.1147348-9-tzimmermann@suse.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 6ecf83eaf902254f5c3195faf65f4a00b7d05749 Author: Thomas Zimmermann Date: Wed Jul 31 14:50:57 2024 +0200 platform/x86: fujitsu-laptop: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Jonathan Woithe Cc: Hans de Goede Cc: "Ilpo Järvinen" Acked-by: Jonathan Woithe Link: https://lore.kernel.org/r/20240731125220.1147348-8-tzimmermann@suse.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 1df0015074c973dd9aa51716fb9b7918c5dde717 Author: Thomas Zimmermann Date: Wed Jul 31 14:50:56 2024 +0200 platform/x86: eeepc-wmi: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Corentin Chary Cc: "Luke D. Jones" Cc: Hans de Goede Cc: "Ilpo Järvinen" Link: https://lore.kernel.org/r/20240731125220.1147348-7-tzimmermann@suse.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 902c0863936e0c435d6e8fa6754246fab48f020c Author: Thomas Zimmermann Date: Wed Jul 31 14:50:55 2024 +0200 platform/x86: eeepc-laptop: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Corentin Chary Cc: "Luke D. Jones" Cc: Hans de Goede Cc: "Ilpo Järvinen" Link: https://lore.kernel.org/r/20240731125220.1147348-6-tzimmermann@suse.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit a406bb7e086aa21164da72ab90f09e3167ded800 Author: Thomas Zimmermann Date: Wed Jul 31 14:50:54 2024 +0200 platform/x86: asus-wmi: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Corentin Chary Cc: "Luke D. Jones" Cc: Hans de Goede Cc: "Ilpo Järvinen" Link: https://lore.kernel.org/r/20240731125220.1147348-5-tzimmermann@suse.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit a04c5547a69d218d265e4a95faaf03a84493be96 Author: Thomas Zimmermann Date: Wed Jul 31 14:50:53 2024 +0200 platform/x86: asus-nb-wmi: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Corentin Chary Cc: "Luke D. Jones" Cc: Hans de Goede Cc: "Ilpo Järvinen" Link: https://lore.kernel.org/r/20240731125220.1147348-4-tzimmermann@suse.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 101cc8c6fcfa9f2ac49636b31682764a5ef2c626 Author: Thomas Zimmermann Date: Wed Jul 31 14:50:52 2024 +0200 platform/x86: asus-laptop: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Corentin Chary Cc: "Luke D. Jones" Cc: Hans de Goede Cc: "Ilpo Järvinen" Link: https://lore.kernel.org/r/20240731125220.1147348-3-tzimmermann@suse.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 754d389cdde9215f751ed4f35f1b1e5b765563cd Author: Thomas Zimmermann Date: Wed Jul 31 14:50:51 2024 +0200 platform/x86: acer-wmi: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: "Lee, Chun-Yi" Cc: Hans de Goede Cc: "Ilpo Järvinen" Link: https://lore.kernel.org/r/20240731125220.1147348-2-tzimmermann@suse.de Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 045a513040cc0242d364c05c3791594e2294f32d Author: David E. Box Date: Thu Jul 25 08:23:42 2024 -0400 platform/x86/intel/pmt: Use PMT callbacks PMT providers may require device specific actions before their telemetry may be read. If the read_telem() is assigned, call it instead of memcpy_fromio() and return. Since this needs to be done in multiple locations, add pmt_telem_read_mmio() as a wrapper function to perform this and any other needed checks. Reviewed-by: Ilpo Järvinen Reviewed-by: Michael J. Ruhl Signed-off-by: David E. Box Link: https://lore.kernel.org/r/20240725122346.4063913-4-michael.j.ruhl@intel.com Signed-off-by: Hans de Goede commit e92affc74cd8624a548b380af7364be037adef35 Author: David E. Box Date: Thu Jul 25 08:23:41 2024 -0400 platform/x86/intel/vsec: Add PMT read callbacks Some PMT providers require device specific actions before their telemetry can be read. Provide assignable PMT read callbacks to allow providers to perform those actions. Reviewed-by: Ilpo Järvinen Reviewed-by: Michael J. Ruhl Signed-off-by: David E. Box Link: https://lore.kernel.org/r/20240725122346.4063913-3-michael.j.ruhl@intel.com Signed-off-by: Hans de Goede commit fc9aef4382c02774662da3d7e1de8ba224e04f80 Author: David E. Box Date: Thu Jul 25 08:23:40 2024 -0400 platform/x86/intel/vsec.h: Move to include/linux Some drivers outside of PDX86 need access to the vsec header. Move it to include/linux to make it easier to include. Reviewed-by: Ilpo Järvinen Reviewed-by: Michael J. Ruhl Signed-off-by: David E. Box Link: https://lore.kernel.org/r/20240725122346.4063913-2-michael.j.ruhl@intel.com Signed-off-by: Hans de Goede commit 6aa8700150f7dc62f60b4cf5b1624e2e3d9ed78e Author: Karol Kosik Date: Sun Aug 11 17:29:56 2024 -0700 ALSA: usb-audio: Support multiple control interfaces Registering Numark Party Mix II fails with error 'bogus bTerminalLink 1'. The problem stems from the driver not being able to find input/output terminals required to configure audio streaming. The information about those terminals is stored in AudioControl Interface. Numark device contains 2 AudioControl Interfaces and the driver checks only one of them. According to the USB standard, a device can have multiple audio functions, each represented by Audio Interface Collection. Every audio function is considered to be closed box and will contain unique AudioControl Interface and zero or more AudioStreaming and MIDIStreaming Interfaces. The Numark device adheres to the standard and defines two audio functions: - MIDIStreaming function - AudioStreaming function It starts with MIDI function, followed by the audio function. The driver saves the first AudioControl Interface in `snd_usb_audio` structure associated with the entire device. It then attempts to use this interface to query for terminals and clocks. However, this fails because the correct information is stored in the second AudioControl Interface, defined in the second Audio Interface Collection. This patch introduces a structure holding association between each MIDI/Audio Interface and its corresponding AudioControl Interface, instead of relying on AudioControl Interface defined for the entire device. This structure is populated during usb probing phase and leveraged later when querying for terminals and when sending USB requests. Alternative solutions considered include: - defining a quirk for Numark where the order of interface is manually changed, or terminals are hardcoded in the driver. This solution would have fixed only this model, though it seems that device is USB compliant, and it also seems that other devices from this company may be affected. What's more, it looks like products from other manufacturers have similar problems, i.e. Rane One DJ console - keeping a list of all AudioControl Interfaces and querying all of them to find required information. That would have solved my problem and have low probability of breaking other devices, as we would always start with the same logic of querying first AudioControl Interface. This solution would not have followed the standard though. This patch preserves the `snd_usb_audio.ctrl_intf` variable, which holds the first AudioControl Interface, and uses it as a fallback when some interfaces are not parsed correctly and lack an associated AudioControl Interface, i.e., when configured via quirks. Link: https://bugzilla.kernel.org/show_bug.cgi?id=217865 Signed-off-by: Karol Kosik Link: https://patch.msgid.link/AS8P190MB1285893F4735C8B32AD3886BEC852@AS8P190MB1285.EURP190.PROD.OUTLOOK.COM Signed-off-by: Takashi Iwai commit a6fe07ce522a9f6242161ec516d46234c124c35f Author: Kane Chen Date: Fri Jul 19 20:28:07 2024 +0800 platform/x86/intel/pmc: Show live substate requirements While debugging runtime s0ix, we do need to check which required IPs are not power gated. This patch adds code to show live substate status vs requirements in sys/kernel/debug/pmc_core/substate_requirements to help runtime s0ix debug. Signed-off-by: Kane Chen Link: https://lore.kernel.org/r/20240719122807.3853292-1-kane.chen@intel.com Reviewed-by: Ilpo Järvinen Signed-off-by: Hans de Goede commit d7c66b5fbc70d09348f3e0414ebf360c3125f3fa Author: Chun-Kuang Hu Date: Sat Aug 10 09:09:15 2024 +0000 drm/mediatek: Use cmdq_pkt_create() and cmdq_pkt_destroy() Use cmdq_pkt_create() and cmdq_pkt_destroy() common function instead of implementing drm version. Signed-off-by: Chun-Kuang Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20240810090918.7457-3-chunkuang.hu@kernel.org/ commit 399826037349cbaf556cd264b84bafde3537866f Author: Chun-Kuang Hu Date: Sat Aug 10 09:09:14 2024 +0000 drm/mediatek: Use cmdq_pkt_eoc() instead of cmdq_pkt_finalize() For some client driver, it want to reduce latency between excuting previous packet command and next packet command, so append jump command to the end of previous packet and the jump destination address is the start address of next packet command buffer. Before next packet exist, the previous packet has no information of where to jump to, so append nop command first. When next packet exist, change nop command to jump command. For mediatek drm driver, it never has next packet, so appending nop command is redundant. Because cmdq_pkt_finalize() would append nop command, so change calling cmdq_pkt_finalize() to cmdq_pkt_eoc() to prevent append redundant nop command. Signed-off-by: Chun-Kuang Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20240810090918.7457-2-chunkuang.hu@kernel.org/ commit fe1f433555d5ba80fd8b2085f737b16b4197da6f Merge: 6b8a024d25ebf7 c1ad8ef804e40f Author: David S. Miller Date: Mon Aug 12 14:16:25 2024 +0100 Merge branch 'ethtool-rss-driver-tweaks' Jakub Kicinski says: ==================== ethtool: rss: driver tweaks and netlink context dumps This series is a semi-related collection of RSS patches. Main point is supporting dumping RSS contexts via ethtool netlink. At present additional RSS contexts can be queried one by one, and assuming user know the right IDs. This series uses the XArray added by Ed to provide netlink dump support for ETHTOOL_GET_RSS. Patch 1 is a trivial selftest debug patch. Patch 2 coverts mvpp2 for no real reason other than that I had a grand plan of converting all drivers at some stage. Patch 3 removes a now moot check from mlx5 so that all tests can pass. Patch 4 and 5 make a bit used for context support optional, for easier grepping of drivers which need converting if nothing else. Patch 6 OTOH adds a new cap bit; some devices don't support using a different key per context and currently act in surprising ways. Patch 7 and 8 update the RSS netlink code to use XArray. Patch 9 and 10 add support for dumping contexts. Patch 11 and 12 are small adjustments to spec and a new test. I'm getting distracted with other work, so probably won't have the time soon to complete next steps, but things which are missing are (and some of these may be bad ideas): - better discovery Some sort of API to tell the user who many contexts the device can create. Upper bound, devices often share contexts between ports etc. so it's hard to tell exactly and upfront number of contexts for a netdev. But order of magnitude (4 vs 10s) may be enough for container management system to know whether to bother. - create/modify/delete via netlink The only question here is how to handle all the tricky IOCTL legacy. "No change" maps trivially to attribute not present. "reset" (indir_size = 0) probably needs to be a new NLA_FLAG? - better table size handling The current API assumes the LUT has fixed size, which isn't true for modern devices. We should have better APIs for the drivers to resize the tables, and in user facing API - the ability to specify pattern and min size rather than exact table expected (sort of like ethtool CLI already does). - recounted / socket-bound contexts Support for contexts which get "cleaned up" when their parent netlink socket gets closed. The major catch is that ntuple filters (which we don't currently track) depend on the context, so we need auto-removal for both. v5: - fix build v4: https://lore.kernel.org/20240809031827.2373341-1-kuba@kernel.org - adjust to the meaning of max context from net v3: https://lore.kernel.org/20240806193317.1491822-1-kuba@kernel.org - quite a few code comments and commit message changes - mvpp2: fix interpretation of max_context_id (I'll take care of the net -> net-next merge as needed) - filter by ifindex in the selftest v2: https://lore.kernel.org/20240803042624.970352-1-kuba@kernel.org - fix bugs and build in mvpp2 v1: https://lore.kernel.org/20240802001801.565176-1-kuba@kernel.org ==================== Signed-off-by: David S. Miller commit c1ad8ef804e40fc1ef3cb008e0113d76f4acc1a0 Author: Jakub Kicinski Date: Fri Aug 9 22:37:28 2024 -0700 selftests: drv-net: rss_ctx: test dumping RSS contexts Add a test for dumping RSS contexts. Make sure indir table and key are sane when contexts are created with various combination of inputs. Test the dump filtering by ifname and start-context. Reviewed-by: Petr Machata Reviewed-by: Edward Cree Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller commit 8ad3be135212a99fe16961de0e6d7d0ddd8268a2 Author: Jakub Kicinski Date: Fri Aug 9 22:37:27 2024 -0700 netlink: specs: decode indirection table as u32 array Indirection table is dumped as a raw u32 array, decode it. It's tempting to decode hash key, too, but it is an actual bitstream, so leave it be for now. Signed-off-by: Jakub Kicinski Reviewed-by: Donald Hunter Signed-off-by: David S. Miller commit 3d50c66c0609c8b64fb22e9c188fca88f34e7c98 Author: Jakub Kicinski Date: Fri Aug 9 22:37:26 2024 -0700 ethtool: rss: support skipping contexts during dump Applications may want to deal with dynamic RSS contexts only. So dumping context 0 will be counter-productive for them. Support starting the dump from a given context ID. Alternative would be to implement a dump flag to skip just context 0, not sure which is better... Reviewed-by: Edward Cree Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller commit f6122900f4e28bfcb8abc76e1f7b83a1e0d8afd3 Author: Jakub Kicinski Date: Fri Aug 9 22:37:25 2024 -0700 ethtool: rss: support dumping RSS contexts Now that we track RSS contexts in the core we can easily dump them. This is a major introspection improvement, as previously the only way to find all contexts would be to try all ids (of which there may be 2^32 - 1). Don't use the XArray iterators (like xa_for_each_start()) as they do not move the index past the end of the array once done, which caused multiple bugs in Netlink dumps in the past. Reviewed-by: Edward Cree Reviewed-by: Joe Damato Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller commit bb87f2c7968eaebafa130f0618dea554700bb74b Author: Jakub Kicinski Date: Fri Aug 9 22:37:24 2024 -0700 ethtool: rss: report info about additional contexts from XArray IOCTL already uses the XArray when reporting info about additional contexts. Do the same thing in netlink code. Reviewed-by: Edward Cree Reviewed-by: Joe Damato Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller commit a7ddfd5d57036caaaf2e1e896ff7aeed6530a0ca Author: Jakub Kicinski Date: Fri Aug 9 22:37:23 2024 -0700 ethtool: rss: move the device op invocation out of rss_prepare_data() Factor calling device ops out of rss_prepare_data(). Next patch will add alternative path using xarray. No functional changes. Reviewed-by: Joe Damato Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller commit ec6e57beaf8bc64ea0c2dc0cc360afcc7f504425 Author: Jakub Kicinski Date: Fri Aug 9 22:37:22 2024 -0700 ethtool: rss: don't report key if device doesn't support it marvell/otx2 and mvpp2 do not support setting different keys for different RSS contexts. Contexts have separate indirection tables but key is shared with all other contexts. This is likely fine, indirection table is the most important piece. Don't report the key-related parameters from such drivers. This prevents driver-errors, e.g. otx2 always writes the main key, even when user asks to change per-context key. The second reason is that without this change tracking the keys by the core gets complicated. Even if the driver correctly reject setting key with rss_context != 0, change of the main key would have to be reflected in the XArray for all additional contexts. Since the additional contexts don't have their own keys not including the attributes (in Netlink speak) seems intuitive. ethtool CLI seems to deal with it just fine. Having to set the flag in majority of the drivers is a bit tedious but not reporting the key is a safer default. Reviewed-by: Edward Cree Reviewed-by: Joe Damato Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller commit fb770fe7584fb855620216193a34c6fb81830aa6 Author: Jakub Kicinski Date: Fri Aug 9 22:37:21 2024 -0700 eth: remove .cap_rss_ctx_supported from updated drivers Remove .cap_rss_ctx_supported from drivers which moved to the new API. This makes it easy to grep for drivers which still need to be converted. Reviewed-by: Gal Pressman Reviewed-by: Edward Cree Reviewed-by: Joe Damato Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller commit ce056504e2e53b22c1f789cff2ad6a0a135dc24d Author: Jakub Kicinski Date: Fri Aug 9 22:37:20 2024 -0700 ethtool: make ethtool_ops::cap_rss_ctx_supported optional cap_rss_ctx_supported was created because the API for creating and configuring additional contexts is mux'ed with the normal RSS API. Presence of ops does not imply driver can actually support rss_context != 0 (in fact drivers mostly ignore that field). cap_rss_ctx_supported lets core check that the driver is context-aware before calling it. Now that we have .create_rxfh_context, there is no such ambiguity. We can depend on presence of the op. Make setting the bit optional. Reviewed-by: Gal Pressman Reviewed-by: Edward Cree Reviewed-by: Joe Damato Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller commit a7f6f56f604a396f91d891321edb29f286a80069 Author: Jakub Kicinski Date: Fri Aug 9 22:37:19 2024 -0700 eth: mlx5: allow disabling queues when RSS contexts exist Since commit 24ac7e544081 ("ethtool: use the rss context XArray in ring deactivation safety-check") core will prevent queues from being disabled while being used by additional RSS contexts. The safety check is no longer necessary, and core will do a more accurate job of only rejecting changes which can actually break things. Reviewed-by: Gal Pressman Reviewed-by: Joe Damato Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller commit f203fd85e6669d72fb3bfa3ce485a9642a4a9583 Author: Jakub Kicinski Date: Fri Aug 9 22:37:18 2024 -0700 eth: mvpp2: implement new RSS context API Implement the separate create/modify/delete ops for RSS. No problems with IDs - even tho RSS tables are per device the driver already seems to allocate IDs linearly per port. There's a translation table from per-port context ID to device context ID. mvpp2 doesn't have a key for the hash, it defaults to an empty/previous indir table. Note that there is no key at all, so we don't have to be concerned with reporting the wrong one (which is addressed by a patch later in the series). Compile-tested only. Reviewed-by: Edward Cree Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller commit 10fbe8c082fdde74b1f0814bc30e194cf330cdf7 Author: Jakub Kicinski Date: Fri Aug 9 22:37:17 2024 -0700 selftests: drv-net: rss_ctx: add identifier to traffic comments Include the "name" of the context in the comment for traffic checks. Makes it easier to reason about which context failed when we loop over 32 contexts (it may matter if we failed in first vs last, for example). Reviewed-by: Gal Pressman Reviewed-by: Joe Damato Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller commit b9396b49879b6e3d9069586e39432b2203de0a7a Author: Daniel Yang Date: Thu Aug 8 20:23:50 2024 -0700 drm/connector: kerneldoc: Fix two missing newlines in drm_connector.c Fix the unexpected indentation errors. drm_connector.c has some kerneldoc comments that were missing newlines. This results in the following warnings when running make htmldocs: ./Documentation/gpu/drm-kms:538: ./drivers/gpu/drm/drm_connector.c:2344: WARNING: Definition list ends without a blank line; unexpected unindent. [docutils] ./Documentation/gpu/drm-kms:538: ./drivers/gpu/drm/drm_connector.c:2346: ERROR: Unexpected indentation. [docutils] ./Documentation/gpu/drm-kms:538: ./drivers/gpu/drm/drm_connector.c:2368: WARNING: Block quote ends without a blank line; unexpected unindent. [docutils] ./Documentation/gpu/drm-kms:538: ./drivers/gpu/drm/drm_connector.c:2381: ERROR: Unexpected indentation. [docutils] Signed-off-by: Daniel Yang Reviewed-by: Shuah Khan [hmahfooz: append drm/connector prefix] Signed-off-by: Hamza Mahfooz Link: https://patchwork.freedesktop.org/patch/msgid/20240809032350.226382-1-danielyangkang@gmail.com commit 6773e058ae5a9eaebe0a62a2c1b8fceb190ece82 Author: Richard Zhu Date: Mon Aug 12 10:00:55 2024 +0800 ata: ahci_imx: Correct the email address Correct the email address of driver author. Signed-off-by: Richard Zhu Reviewed-by: Frank Li Link: https://lore.kernel.org/r/1723428055-27021-6-git-send-email-hongxing.zhu@nxp.com Signed-off-by: Niklas Cassel commit 803f9fb819fd533fb41025898f625ec8835034e1 Author: Richard Zhu Date: Mon Aug 12 10:00:54 2024 +0800 ata: ahci_imx: Enlarge RX water mark for i.MX8QM SATA The RXWM(RxWaterMark) sets the minimum number of free location within the RX FIFO before the watermark is exceeded which in turn will cause the Transport Layer to instruct the Link Layer to transmit HOLDS to the transmitting end. Based on the default RXWM value 0x20, RX FIFO overflow might be observed on i.MX8QM MEK board, when some Gen3 SATA disks are used. The FIFO overflow will result in CRC error, internal error and protocol error, then the SATA link is not stable anymore. To fix this issue, enlarge RX water mark setting from 0x20 to 0x29. Signed-off-by: Richard Zhu Link: https://lore.kernel.org/r/1723428055-27021-5-git-send-email-hongxing.zhu@nxp.com Signed-off-by: Niklas Cassel commit 3156e1b2c07181f43cd65baf828c7e6acb022c12 Author: Richard Zhu Date: Mon Aug 12 10:00:53 2024 +0800 ata: ahci_imx: AHB clock rate setting is not required on i.MX8QM AHCI SATA i.MX8QM AHCI SATA doesn't need set AHB clock rate to config the vendor specified TIMER1MS register. Set AHB clock rate only for i.MX53 and i.MX6Q. Signed-off-by: Richard Zhu Reviewed-by: Frank Li Link: https://lore.kernel.org/r/1723428055-27021-4-git-send-email-hongxing.zhu@nxp.com Signed-off-by: Niklas Cassel commit 4147e9d2408aab6df9315900f18f4142ca6e7c3f Author: Richard Zhu Date: Mon Aug 12 10:00:52 2024 +0800 ata: ahci_imx: Clean up code by using i.MX8Q HSIO PHY driver Clean up code by using PHY interface provided by the PHY driver under PHY subsystem(drivers/phy/freescale/phy-fsl-imx8qm-hsio.c). Signed-off-by: Richard Zhu Reviewed-by: Frank Li Link: https://lore.kernel.org/r/1723428055-27021-3-git-send-email-hongxing.zhu@nxp.com Signed-off-by: Niklas Cassel commit 5ff80684fb23c5483219fb3a25ef6f87df7c7d51 Author: Richard Zhu Date: Mon Aug 12 10:00:51 2024 +0800 dt-bindings: ata: Add i.MX8QM AHCI compatible string Add i.MX8QM AHCI "fsl,imx8qm-ahci" compatible strings. i.MX8QM AHCI SATA doesn't require AHB clock rate to set the vendor specified TIMER1MS register. ahb clock is not required by i.MX8QM AHCI. Update the description of clocks in the dt-binding accordingly. Signed-off-by: Richard Zhu Reviewed-by: Rob Herring (Arm) Reviewed-by: Frank Li Link: https://lore.kernel.org/r/1723428055-27021-2-git-send-email-hongxing.zhu@nxp.com Signed-off-by: Niklas Cassel commit 6b8a024d25ebf7535eb4a3e926309aa693cfe1bd Author: Menglong Dong Date: Sat Aug 10 10:06:32 2024 +0800 net: vxlan: remove duplicated initialization in vxlan_xmit The variable "did_rsc" is initialized twice, which is unnecessary. Just remove one of them. Signed-off-by: Menglong Dong Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit f547e956dd84a585c6b75d3f52e1a1bb9c36c0e2 Author: Rosen Penev Date: Fri Aug 9 13:55:18 2024 -0700 net: sunvnet: use ethtool_sprintf/puts Simpler and allows avoiding manual pointer addition. Signed-off-by: Rosen Penev Signed-off-by: David S. Miller commit 5c61f59824b5e46516ea5d0543ad7a8871567416 Merge: 0dc4fb69eb1432 4e996697a443a2 Author: Thomas Zimmermann Date: Mon Aug 12 14:14:18 2024 +0200 Merge drm/drm-next into drm-misc-next Get drm-misc-next to the state of v6.11-rc2. Signed-off-by: Thomas Zimmermann commit be9885cee34eba3d40f8bb9d9166fe746eff5feb Author: Alexander Stein Date: Tue Jul 23 13:01:46 2024 +0200 arm64: dts: imx8mm-tqma8mqml-mba8mx: Increase frequency for i2c busses 100kHz is only needed for the USB Hub TUSB8041. But as this device is not connected by default, the speed can be increased. The other busses don't have any 100kHz only devices attached. Signed-off-by: Alexander Stein Signed-off-by: Shawn Guo commit 8fd256b6e6dc89b2062c523b4f9a90bc6d4590d4 Author: Liu Ying Date: Mon Jul 22 11:04:13 2024 +0800 ARM: dts: imx53-qsb-hdmi: Merge display0 node It's not necessary to split display0 node. Merge it to save two lines. Signed-off-by: Liu Ying Signed-off-by: Shawn Guo commit 53ad698be8fe0cf359585b4bd155ed9c0b9cf0f9 Author: Liu Ying Date: Mon Jul 22 11:04:12 2024 +0800 ARM: dts: imx53-qsb-hdmi: Do not disable TVE SII9022 and TVE are connected with IPU DI0 and IPU DI1 respectively, so they are in two different display pipelines and may run simultaneously. Keep TVE being enabled as imx53-qsb-common.dtsi does by not setting it's status property to "disabled". Fixes: eeb403df953f ("ARM: dts: imx53-qsb: add support for the HDMI expander") Signed-off-by: Liu Ying Signed-off-by: Shawn Guo commit f2fd0ca4fe87dd1e567ebfa68f2de9bf7b839563 Author: Alexander Stein Date: Wed Jul 17 15:50:26 2024 +0200 arm64: dts: imx8-ss-dma: Fix adc0 closing brace location Align the closing brace to opening line. Fixes: 1db044b25d2e ("arm64: dts: imx8dxl: add adc0 support") Signed-off-by: Alexander Stein Reviewed-by: Frank Li Signed-off-by: Shawn Guo commit 33b49409f066155bffa490114adad47b5c2d9e54 Author: Alexander Stein Date: Wed Jul 17 15:50:25 2024 +0200 arm64: dts: imx8-ss-dma: add #address-cells and #size-cells to LPI2C nodes These properties are required by i2c-controller.yaml bindings. Add them on SoC level, rather than on board level. Signed-off-by: Alexander Stein Reviewed-by: Frank Li Signed-off-by: Shawn Guo commit 16398399b62bee12a4bdfbc51f432243e41537f7 Author: Jacopo Mondi Date: Thu Aug 8 22:40:58 2024 +0200 media: rkisp1: Cache the currently active format The rkisp1-params driver assumes the data buffer format is the only currently supported "fixed" one. The usage of the "fixed" format is assumed when allocating memory for the scratch buffers and when initializing the vb2 queue. In order to prepare to support the "extensible" format beside the existing "fixed" one, add support in the driver for both formats by caching a pointer to the active one in the driver structure and use it in the vb2 queue operations and subdev pad operations implementations. Do not yet allow userspace to select between the two formats as the support for the "extensible" format parsing will be introduced in a later patch in the series. While at it, document the un-documented ycbcr_encoding field of struct rkisp1_params_ops. Signed-off-by: Jacopo Mondi Reviewed-by: Laurent Pinchart Reviewed-by: Paul Elder Tested-by: Kieran Bingham Acked-by: Sakari Ailus Signed-off-by: Laurent Pinchart commit 092e276db9d979ed8ac63ae7ffb6b4da48d19dc1 Author: Jacopo Mondi Date: Thu Aug 8 22:40:57 2024 +0200 media: rkisp1: Copy the parameters buffer The ISP parameters buffers are queued by userspace to the params video device and appended by the driver to the list of available buffers for later consumption. As the parameters buffer is mapped in the userspace process memory, applications have access to the buffer content after the buffer has been queued. To prevent userspace from modifying the contents of the parameters buffer after it has been queued to the video device, add to 'struct rkisp1_params_buffer' a scratch buffer where to copy the parameters. Allocate the scratch buffer in the vb2 buf_init() operation and copy the buffer content in the buf_prepare() operation. Free the scratch buffer in the newly introduced buf_cleanup() operation handler. Modify the ISP configuration function to access the ISP configuration from the cached copy of the parameters buffer instead of using the userspace-mapped one. Signed-off-by: Jacopo Mondi Reviewed-by: Laurent Pinchart Reviewed-by: Paul Elder Tested-by: Kieran Bingham Acked-by: Sakari Ailus Signed-off-by: Laurent Pinchart commit 3bdae13a75de84722aa6a3b9b99524b26b859148 Author: Jacopo Mondi Date: Thu Aug 8 22:40:56 2024 +0200 media: rkisp1: Add struct rkisp1_params_buffer Create the 'struct rkisp1_params_buffer' type that wraps a vb2_v4l2_buffer to prepare to hold a copy of the parameters buffer that will be used to cache the user-provided configuration buffer in the following patches. Replace usage of 'struct rkisp1_buffer' with 'struct rkisp1_params_buffer' in rkisp1-params.c to prepare for that. Signed-off-by: Jacopo Mondi Reviewed-by: Daniel Scally Reviewed-by: Laurent Pinchart Reviewed-by: Paul Elder Tested-by: Kieran Bingham Acked-by: Sakari Ailus Signed-off-by: Laurent Pinchart commit 1fc379f6241b331207c4573c4ff43526fe404301 Author: Jacopo Mondi Date: Thu Aug 8 22:40:55 2024 +0200 media: uapi: videodev2: Add V4L2_META_FMT_RK_ISP1_EXT_PARAMS The rkisp1 driver stores ISP configuration parameters in the fixed rkisp1_params_cfg structure. As the members of the structure are part of the userspace API, the structure layout is immutable and cannot be extended further. Introducing new parameters or modifying the existing ones would change the buffer layout and cause breakages in existing applications. The allow for future extensions to the ISP parameters, introduce a new extensible parameters format, with a new format 4CC. Document usage of the new format in the rkisp1 admin guide. Signed-off-by: Jacopo Mondi Reviewed-by: Daniel Scally Reviewed-by: Paul Elder Reviewed-by: Laurent Pinchart Tested-by: Kieran Bingham Acked-by: Sakari Ailus Signed-off-by: Laurent Pinchart commit e9d05e9d5db155dcc708891611f1b6f977c3fa11 Author: Jacopo Mondi Date: Thu Aug 8 22:40:54 2024 +0200 media: uapi: rkisp1-config: Add extensible params format Add to the rkisp1-config.h header data types and documentation of the extensible parameters format. Signed-off-by: Jacopo Mondi Reviewed-by: Laurent Pinchart Reviewed-by: Paul Elder Tested-by: Kieran Bingham Acked-by: Sakari Ailus Signed-off-by: Laurent Pinchart commit 983b32a29ea1e424caaf39d067c5883f6ab9aef3 Author: Ondrej Jirman Date: Sat Mar 16 00:02:41 2024 +0100 media: rkisp1: Adapt to different SoCs having different size limits - RK3399 has input/output limit of main path 4416 x 3312 - PX30 has input/output limit of main path 3264 x 2448 - i.MX8MP has input/output limit of main path 4096 x 3072 Use rkisp1_info struct to encode the limits. Signed-off-by: Ondrej Jirman Reviewed-by: Laurent Pinchart Reviewed-by: Paul Elder Signed-off-by: Laurent Pinchart commit 23a641d5c2bce4c723fff9118a5d865ee6b9d05a Author: Bartosz Golaszewski Date: Fri Aug 9 16:15:56 2024 +0200 memory: ti-aemif: don't needlessly iterate over child nodes When populating devices from a specific node, we don't need to call of_platform_populate() for every child node manually - the routine will already do it. We can call it directly from the platform device's OF node. While at it: use the managed variant of of_platform_populate(). Signed-off-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240809-ti-aemif-v1-3-27b1e5001390@linaro.org Signed-off-by: Krzysztof Kozlowski commit f6ae541cc3355fe872d4c942dc47d67877951d17 Author: Bartosz Golaszewski Date: Fri Aug 9 16:15:55 2024 +0200 memory: ti-aemif: use devm_clk_get_enabled() and shrink the code Remove several lines of code and a jump label by using the managed variant of clk_get() that also prepares and enables the clock (and disables and unprepares it on driver detach). Signed-off-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240809-ti-aemif-v1-2-27b1e5001390@linaro.org Signed-off-by: Krzysztof Kozlowski commit 8c38617722bdf57a90e6c77ed9ee5ebb60958d2a Author: Bartosz Golaszewski Date: Fri Aug 9 16:15:54 2024 +0200 memory: ti-aemif: remove platform data support There are no longer any users of the ti-aemif driver that set up platform data from board files. We can shrink the driver by removing support for it. Signed-off-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240809-ti-aemif-v1-1-27b1e5001390@linaro.org Signed-off-by: Krzysztof Kozlowski commit a4b3f197bcd17ea81605f3121a459dece448e877 Author: Stanislav Jakubek Date: Mon Aug 5 09:25:04 2024 +0200 arm64: dts: sprd: move/add SPDX license to top of the file Checkpatch complains about the SPDX-License-Identifier being in the wrong place. Move it to the top of the file to fix these warnings. In cases of the license being specified only in text, convert these to the SPDX-License-Identifier. Reviewed-by: Baolin Wang Signed-off-by: Stanislav Jakubek Link: https://lore.kernel.org/r/4d41caabb6af5741d92bd5567a04c93a18e2ebe2.1722842067.git.stano.jakubek@gmail.com Signed-off-by: Krzysztof Kozlowski commit e2e0d4554de7182f4843415343b8888dac8a4f72 Author: Stanislav Jakubek Date: Mon Aug 5 09:24:35 2024 +0200 arm64: dts: sprd: reorder clock-names after clocks DT convention is to have property-names after property. While at it, cleanup indentation for some clocks. No functional change. Reviewed-by: Baolin Wang Signed-off-by: Stanislav Jakubek Link: https://lore.kernel.org/r/13ea4a27f0d1428a925a6f817f9370673eaec938.1722842067.git.stano.jakubek@gmail.com Signed-off-by: Krzysztof Kozlowski commit 0dcc203956537696e6f936eef886fde70e049f54 Author: Stanislav Jakubek Date: Mon Aug 5 09:24:00 2024 +0200 arm64: dts: sprd: rename SDHCI and fuel gauge nodes to match bindings DT bindings expect SDHCI/MMC nodes to be called 'mmc', rename them. According to DT spec, node names should be generic. Rename the sprd,sc2731-fgu node to a more generic "fuel-gauge". Reviewed-by: Baolin Wang Signed-off-by: Stanislav Jakubek Link: https://lore.kernel.org/r/861648dea0d36017327e1742ef4ef42f54b971b8.1722842067.git.stano.jakubek@gmail.com Link: https://lore.kernel.org/r/45f5b1b8aac893d9b87c43ea76370199da4e3ff1.1722842067.git.stano.jakubek@gmail.com [krzysztof: squash last patch for fuel gauge here, because such trivial node cleanups is basically one logical change] Signed-off-by: Krzysztof Kozlowski commit c7b44ed960ddecb3604d1e273494a932f00f384b Author: Krzysztof Kozlowski Date: Mon Jul 1 18:49:15 2024 +0200 ARM: dts: nuvoton: wpcm450: align LED and GPIO keys node name with bindings Bindings expect the LED and GPIO keys node names to follow certain pattern, see dtbs_check warnings: nuvoton-wpcm450-supermicro-x9sci-ln4f.dtb: gpio-keys: 'uid' does not match any of the regexes: '^(button|event|key|switch|(button|event|key|switch)... Reviewed-by: Jonathan Neuschäfer Link: https://lore.kernel.org/r/20240701164915.577068-1-krzysztof.kozlowski@linaro.org Signed-off-by: Krzysztof Kozlowski commit 71aa9fd7b5dee10a620f0938f3df8a8818a7f232 Author: Rob Herring (Arm) Date: Tue May 28 14:15:09 2024 -0500 arm: dts: realview: Add/drop missing/spurious unit-addreses Various nodes on the Arm Realview boards have missing or spurious unit-addresses. Signed-off-by: Rob Herring (Arm) Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/20240528191510.1444068-1-robh@kernel.org Signed-off-by: Krzysztof Kozlowski commit 2bc1577ea2b13f668fe36fa4ff831eb2a946d75a Author: Marek Vasut Date: Sun Jun 30 05:31:10 2024 +0200 arm64: dts: apm: storm: Rename menetphy@3 to ethernet-phy@3 Make the PHY node name adhere to DT binding document. Fix the following DT check error: arch/arm64/boot/dts/apm/apm-mustang.dtb: menetphy@3: $nodename:0: 'menetphy@3' does not match '^ethernet-phy(@[a-f0-9]+)?$' from schema $id: http://devicetree.org/schemas/net/realtek,rtl82xx.yaml# arch/arm64/boot/dts/apm/apm-mustang.dtb: menetphy@3: Unevaluated properties are not allowed ('reg' was unexpected) from schema $id: http://devicetree.org/schemas/net/realtek,rtl82xx.yaml# Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202406290316.YvZdvLxu-lkp@intel.com/ Signed-off-by: Marek Vasut Link: https://lore.kernel.org/r/20240630033143.170301-1-marex@denx.de Signed-off-by: Krzysztof Kozlowski commit 9f92b047d05f2e859602020b6521b1f8c7c0508f Author: Conor Dooley Date: Wed Jul 17 10:37:53 2024 +0100 arm64: dts: imx8: remove non-existent DACs Neither the imx8dxl-evk or imx8qm-mek have a Rohm DAC on them as far as I can tell from online documentation, and they certainly do not have a dh2228fv, as this device does not actually exist! Remove the DAC nodes from the devicetrees as it is not acceptable to pretend to have a device on a board in order to bind the spidev driver in Linux. Signed-off-by: Conor Dooley Reviewed-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit 128cc36bdad84579353abb6e434da3f7ceb6d47b Author: Andrej Picej Date: Tue Jul 16 10:51:14 2024 +0200 arm64: dts: imx8mp-phyboard-pollux: Disable write-protect on SD card Micro SD cards can't be physically write-protected like full-sized cards. Disable this feature in device-tree to get rid of the kernel warning: "host does not support reading read-only switch, assuming write-enable" Signed-off-by: Andrej Picej Reviewed-by: Benjamin Hahn Signed-off-by: Shawn Guo commit 9aec6f76a28cd669aa98403883edda3a7981fef0 Author: Jani Nikula Date: Fri Aug 9 17:27:06 2024 +0300 drm/i915/bios: convert to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_bios.[ch] to struct intel_display. Do one drive-by conversion of unnecessary hex usage to decimal. Reviewed-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/0d0261a53aff5f141b16b482222a5ffce78e176e.1723213547.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 769b081c18b916e362a2b623d7c28ce761c3165c Author: Jani Nikula Date: Fri Aug 9 17:27:05 2024 +0300 drm/i915/opregion: convert to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_opregion.[ch] to struct intel_display. v2: - Fix declarations for !CONFIG_ACPI (Imre, kernel test robot) - Pass encoder/connector directly to intel_display() (Imre) Reviewed-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/aef94503909bbbf95f0244dc382a4d4cd050b903.1723213547.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit b7f317e62968979343a4677ffd5bd91dd3edc204 Author: Jani Nikula Date: Fri Aug 9 17:27:04 2024 +0300 drm/i915/opregion: unify intel_encoder/intel_connector naming Prefer the short encoder/connector names for struct intel_encoder/intel_connector variables and parameters. Reviewed-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/60c67da6b7282ab521366524109ade0470408cf8.1723213547.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit f7303ab29d08a551975aecb4bc6851ac3445abf4 Author: Jani Nikula Date: Fri Aug 9 17:27:03 2024 +0300 drm/i915/acpi: convert to struct intel_display Going forward, struct intel_display shall replace struct drm_i915_private as the main display device data pointer type. Convert intel_acpi.[ch] to struct intel_display. Reviewed-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/465436a3442807b49609fc55c9f652a29f96fd02.1723213547.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 0dc4fb69eb14320ea0fcd9657b7748eec201ccaa Author: Mohammed Anees Date: Sun Aug 11 06:16:51 2024 -0400 drm: Add missing documentation for struct drm_plane_size_hint This patch takes care of the following warnings during documentation compiling: ./include/uapi/drm/drm_mode.h:869: warning: Function parameter or struct member 'width' not described in 'drm_plane_size_hint' ./include/uapi/drm/drm_mode.h:869: warning: Function parameter or struct member 'height' not described in 'drm_plane_size_hint' Signed-off-by: Mohammed Anees Signed-off-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240811101653.170223-1-pvmohammedanees2003@gmail.com commit 5d45c01dea6f9e0f2dbed3ffee02ac2e80579ad4 Author: Jocelyn Falempe Date: Wed Aug 7 15:36:14 2024 +0200 drm/panic: Add panic description Now that kmsg dump callback has the description parameter, use it in the user panic screen. This is the string passed to panic(), like "VFS: Unable to mount root fs on xxx" or "Attempted to kill init! exitcode=0xxxx". It gives a hint on why the panic occurred, without being too cryptic. Signed-off-by: Jocelyn Falempe Reviewed-by: Thomas Zimmermann Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240807134902.458669-6-jfalempe@redhat.com commit 969135862e731620b9e03bb0c21179ff1cccfd0e Author: Jocelyn Falempe Date: Wed Aug 7 15:36:13 2024 +0200 drm/panic: Move copyright notice to the top Move the copyright notice to the top of drm_panic.h, and add the missing Red Hat copyright notice. Suggested-by: Thomas Zimmermann Signed-off-by: Jocelyn Falempe Reviewed-by: Daniel Vetter Reviewed-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240807134902.458669-5-jfalempe@redhat.com commit d27a14060f8501e556a65b346b2644be0d0a2de8 Author: Jocelyn Falempe Date: Wed Aug 7 15:36:12 2024 +0200 drm/panic: Move drm_panic_register prototype to drm_crtc_internal.h drm_panic_[un]register() are only used by the core drm, and are not intended to be called by other drm drivers, so move their prototypes to drm_crtc_internal.h. Suggested-by: Daniel Vetter Signed-off-by: Jocelyn Falempe Reviewed-by: Daniel Vetter Reviewed-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240807134902.458669-4-jfalempe@redhat.com commit 6d470f9b8cd3e88d097b332bab3e7231f2fb3dad Author: Jocelyn Falempe Date: Wed Aug 7 15:36:11 2024 +0200 drm/panic: Remove useless export symbols drm_panic_[un]register() are called only from the core drm, so there is no need to export them. Suggested-by: Daniel Vetter Signed-off-by: Jocelyn Falempe Reviewed-by: Daniel Vetter Reviewed-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240807134902.458669-3-jfalempe@redhat.com commit cae39e60abb10ba1e8cc095b7d5567edc9005f03 Author: Jocelyn Falempe Date: Wed Aug 7 15:36:10 2024 +0200 drm/panic: Remove space before "!" in panic message There is no space between the last word, and the punctuation mark in English. Suggested-by: Diego Viola Signed-off-by: Jocelyn Falempe Reviewed-by: Daniel Vetter Reviewed-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240807134902.458669-2-jfalempe@redhat.com commit ebfb5a57caa4e2e2203883ac6669bf8a294e7c89 Author: Jonathan LoBue Date: Sun Aug 11 21:53:25 2024 -0700 ALSA: hda/realtek: tas2781: Fix ROG ALLY X audio This patch enables the TI TAS2781 amplifier SoC for the ASUS ROG ALLY X. This is a design change from the original ASUS ROG ALLY, creating the need for this patch. All other Realtek Codec settings seem to be re-used from the original ROG ALLY design (on the ROG ALLY X). This patch maintains the previous settings for the Realtek codec portion, but enables the I2C binding for the TI TAS2781 amplifier (instead of the Cirrus CS35L41 amp used on the original ASUS ROG ALLY). One other requirement must be met for audio to work on the ASUS ROG ALLY X. A proper firmware file in the correct location with a proper symlink. We had reached out to TI engineers and confirmed that the firmware found in the Windows' driver package has a GPL license. Bazzite Github is hosting this firmware file for now until proper linux-firmware upstreaming can occur. https://github.com/ublue-os/bazzite This firmware file should be placed in /usr/lib/firmware/ti/tas2781/TAS2XXX1EB3.bin with a symlink to it from /usr/lib/firmware/TAS2XXX1EB3.bin Co-developed by: Kyle Gospodnetich Signed-off-by: Kyle Gospodnetich Co-developed by: Jan Drogehoff Signed-off-by: Jan Drogehoff Signed-off-by: Antheas Kapenekakis Tested-by: Richard Alvarez Tested-by: Miles Montierth Signed-off-by: Jonathan LoBue Link: https://patch.msgid.link/20240812045325.47736-1-jlobue10@gmail.com Signed-off-by: Takashi Iwai commit ddf1a212905aeb555249fddade7aa7a47f4167c4 Merge: 72c0f57dbe8bf6 004eb8ba776ccd Author: Takashi Iwai Date: Mon Aug 12 09:25:07 2024 +0200 Merge branch 'for-linus' into for-next Pull 6.11 devel branch for further development Signed-off-by: Takashi Iwai commit 7d113cce5fe92c8bf0a2e2f19f71762a845e9d9e Author: Mitul Golani Date: Wed Aug 7 19:51:05 2024 +0530 drm/i915/bmg: Read display register timeout Log the address of the register that caused the timeout interrupt by reading RMTIMEOUTREG_CAPTURE --v2: - Update RMTIMEOUTREG_CAPTURE naming (Suraj) --v3: - XeLpdp naming convention. - Use if condition instead of else if Signed-off-by: Mitul Golani Reviewed-by: Suraj Kandpal Signed-off-by: Suraj Kandpal Link: https://patchwork.freedesktop.org/patch/msgid/20240807142106.1270213-1-mitulkumar.ajitkumar.golani@intel.com commit 64c9c977c802ceee6adf2e9cc5283c5d4d021e83 Author: Benjamin Hahn Date: Wed Jul 10 11:48:54 2024 +0200 arm64: dts: freescale: imx8mp-phycore: Add no-eth overlay Add a devicetree overlay to disable ethernet for boards where it is not populated. Signed-off-by: Benjamin Hahn Reviewed-by: Fabio Estevam Signed-off-by: Shawn Guo commit 7a0a57cff296bbd90451fbf1f5614ffc48da73cd Author: Takashi Sakamoto Date: Mon Aug 12 10:42:51 2024 +0900 firewire: core: use lock in Xarray instead of local R/W semaphore The data of XArray structure includes spinlock and requires no external lock, while the data is still under the critical section by fw_device_rwsem. This commit deletes the critical section. Link: https://lore.kernel.org/r/20240812014251.165492-3-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 7e5a7725a0e4030cf37f8b93ff9d4328166a3b85 Author: Takashi Sakamoto Date: Mon Aug 12 10:42:50 2024 +0900 firewire: core: replace IDR with XArray to maintain fw_device In core function, the instances of fw_device corresponding to firewire device node in system are maintained by IDR. As of kernel v6.0, IDR has been superseded by XArray and deprecated. This commit replaces the usage of IDR with XArray to maintain the device instances. The instance of XArray is allocated statically, and initialized with XA_FLAGS_ALLOC so that the index of allocated entry starts with zero and available as the minor identifier of device node. Link: https://lore.kernel.org/r/20240812014251.165492-2-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 8afc0816f5f6213c2f40399317e2ecd43371729c Author: Anders Roxell Date: Fri Aug 2 14:45:36 2024 +0200 selftests: rust: config: disable GCC_PLUGINS CONFIG_RUST depends on !CONFIG_GCC_PLUGINS. Disable CONFIG_GCC_PLUGINS in rust/config file to make sure it doesn't get enabled. Signed-off-by: Anders Roxell Acked-by: Miguel Ojeda Signed-off-by: Shuah Khan commit fe8340a750002269a3e4178efa1229a88814a656 Author: Anders Roxell Date: Fri Aug 2 14:45:35 2024 +0200 selftests: rust: config: add trailing newline If adding multiple config files to the merge_config.sh script and rust/config is the fist one, then the last config fragment in this file and the first config fragment in the second file won't be set, since there isn't a newline in this file, so those two fragements end up at the same row like: CONFIG_SAMPLE_RUST_PRINT=mCONFIG_FRAGMENT=y And non of those will be enabled when running 'olddefconfig' after. Fixing the issue by adding a newline to the file. Signed-off-by: Anders Roxell Acked-by: Miguel Ojeda Signed-off-by: Shuah Khan commit 36e071d2a1522eeb3d38fb9c257cac8e5907979f Author: Heiko Stuebner Date: Sat Aug 10 23:14:37 2024 +0200 dt-bindings: eeprom: at24: Add compatible for Giantec GT24C04A The gt24c04a is just yet another 2404 compatible eeprom, and does not follow the generic naming matching, so add a separate compatible for it. Signed-off-by: Heiko Stuebner Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240810211438.286441-2-heiko@sntech.de Signed-off-by: Bartosz Golaszewski commit cb088e38aab4c7e9ce711c18c66e851c8f4227bb Author: Wei Yang Date: Thu Aug 8 00:14:15 2024 +0000 s390/mm: get estimated free pages by memblock api Instead of getting estimated free pages from memblock directly, we have introduced an API, memblock_estimated_nr_free_pages(), which is more friendly for users. Just replace it with new API, no functional change. Signed-off-by: Wei Yang CC: Mike Rapoport CC: David Hildenbrand Acked-by: David Hildenbrand Link: https://lore.kernel.org/r/20240808001415.6298-3-richard.weiyang@gmail.com Signed-off-by: Mike Rapoport (Microsoft) commit 0910bf0ef85c5404aac94394cb31e076e4eb03f1 Author: Wei Yang Date: Thu Aug 8 00:14:14 2024 +0000 kernel/fork.c: get estimated free pages by memblock api Instead of getting estimated free pages from memblock directly, we have introduced an API, memblock_estimated_nr_free_pages(), which is more friendly for users. Just replace it with new API, no functional change. Signed-off-by: Wei Yang CC: Mike Rapoport CC: David Hildenbrand CC: Oleg Nesterov Acked-by: David Hildenbrand Link: https://lore.kernel.org/r/20240808001415.6298-2-richard.weiyang@gmail.com Signed-off-by: Mike Rapoport (Microsoft) commit d0f8a8973f265f6a276f99d091af99edfb2b87de Author: Wei Yang Date: Thu Aug 8 00:14:13 2024 +0000 mm/memblock: introduce a new helper memblock_estimated_nr_free_pages() During bootup, system may need the number of free pages in the whole system to do some calculation before all pages are freed to buddy system. Usually this number is get from totalram_pages(). Since we plan to move the free pages accounting in __free_pages_core(), this value may not represent total free pages at the early stage, especially when CONFIG_DEFERRED_STRUCT_PAGE_INIT is enabled. Instead of using raw memblock api, let's introduce a new helper for user to get the estimated number of free pages from memblock point of view. Signed-off-by: Wei Yang CC: David Hildenbrand Reviewed-by: David Hildenbrand Link: https://lore.kernel.org/r/20240808001415.6298-1-richard.weiyang@gmail.com Signed-off-by: Mike Rapoport (Microsoft) commit c4e82c025b3f2561823b4ba7c5f112a2005f442b Author: Enguerrand de Ribaucourt Date: Thu Aug 8 15:14:21 2024 +0000 net: dsa: microchip: ksz9477: split half-duplex monitoring function In order to respect the 80 columns limit, split the half-duplex monitoring function in two. This is just a styling change, no functional change. Signed-off-by: Enguerrand de Ribaucourt Acked-by: Arun Ramadoss Signed-off-by: David S. Miller commit 462a94ec9ff712d13fc7dd5b650b9a9f9c1d8013 Merge: 4efee05fefb894 6ff3cddc365bea Author: David S. Miller Date: Sun Aug 11 17:04:29 2024 +0100 Merge branch 'phylib-fixed-speed-1G' Russell King says: ==================== net: phylib: fix fixed-speed >= 1G This is v2 of the patch (now patches) adding support for ethtool !autoneg while respecting the requirements of IEEE 802.3. v2 fixes the build errors in the previous patch by first constifying the "advertisement" argument to the linkmode functions that only read from this pointer. It also fixes the incorrectly named linkmode_set function. ==================== Signed-off-by: David S. Miller commit 6ff3cddc365beae1fbe185fd470cc0b86e895574 Author: Russell King (Oracle) Date: Thu Aug 8 12:41:22 2024 +0100 net: phylib: do not disable autoneg for fixed speeds >= 1G We have an increasing number of drivers that are forcing auto-negotiation to be enabled for speeds of 1G or faster. It would appear that auto-negotiation is mandatory for speeds above 100M. In 802.3, Annex 40C's state diagrams seems to imply that mr_autoneg_enable (BMCR AN ENABLE) doesn't affect whether or not the AN state machines work for 1000base-T, and some PHY datasheets (e.g. Marvell Alaska) state that disabling mr_autoneg_enable leaves AN enabled but forced to 1G full duplex. Other PHY datasheets imply that BMCR AN ENABLE should not be cleared for >= 1G. Thus, this should be handled in phylib rather than in each driver. Rather than erroring out, arrange to implement the Marvell Alaska solution but in software for all PHYs: generate an appropriate single-speed advertisement for the requested speed, and keep AN enabled to the PHY driver. However, to avoid userspace API breakage, continue to report to userspace that we have AN disabled. Signed-off-by: Russell King (Oracle) Signed-off-by: David S. Miller commit aa9fbc5dd9da9e095a8b1a58540cf20cb06f595f Author: Russell King (Oracle) Date: Thu Aug 8 12:41:17 2024 +0100 net: mii: constify advertising mask Constify the advertising mask to linkmode functions that only read from the advertising mask. Signed-off-by: Russell King (Oracle) Signed-off-by: David S. Miller commit 4efee05fefb8944fdf03ca33582ad6e73754b76c Merge: 80d021bc572fbf a7b32744475cb7 Author: David S. Miller Date: Sun Aug 11 17:00:33 2024 +0100 Merge branch 'mvpp2-child-port-removal' Javier Carrasco says: ==================== net: mvpp2: rework child node/port removal handling These two patches used to be part of another series [1] that did not apply to the networking tree without conflicts. This is therefore just a partial resend with no code modifications, just rebased onto net/main. Link: https://lore.kernel.org/all/20240806181026.5fe7f777@kernel.org/ [1] ==================== Signed-off-by: Javier Carrasco Signed-off-by: David S. Miller commit a7b32744475cb774b4fce599f58394f4ef0acb68 Author: Javier Carrasco Date: Thu Aug 8 11:47:33 2024 +0200 net: mvpp2: use device_for_each_child_node() to access device child nodes The iterated nodes are direct children of the device node, and the `device_for_each_child_node()` macro accounts for child node availability. `fwnode_for_each_available_child_node()` is meant to access the child nodes of an fwnode, and therefore not direct child nodes of the device node. The child nodes within mvpp2_probe are not accessed outside the loops, and the scoped version of the macro can be used to automatically decrement the refcount on early exits. Use `device_for_each_child_node()` and its scoped variant to indicate device's direct child nodes. Reviewed-by: Jonathan Cameron Signed-off-by: Javier Carrasco Signed-off-by: David S. Miller commit e81d00a6b3b7d619060223d0754ca02e7d4ba90f Author: Javier Carrasco Date: Thu Aug 8 11:47:32 2024 +0200 net: mvpp2: use port_count to remove ports As discussed in [1], there is no need to iterate over child nodes to remove the list of ports. Instead, a loop up to `port_count` ports can be used, and is in fact more reliable in case the child node availability changes. The suggested approach removes the need for the `fwnode` and `port_fwnode` variables in mvpp2_remove() as well. Link: https://lore.kernel.org/all/ZqdRgDkK1PzoI2Pf@shell.armlinux.org.uk/ [1] Suggested-by: Russell King Signed-off-by: Javier Carrasco Signed-off-by: David S. Miller commit a8782104b78a08f42f156e1f830b4761de51a9a8 Author: Kwanghoon Son Date: Fri Aug 9 20:54:13 2024 +0900 arm64: dts: exynosautov9: add dpum clock DT nodes Add dpum clock for sysmmu, dpu. Signed-off-by: Kwanghoon Son Link: https://lore.kernel.org/r/20240809-clk_dpum-v3-2-359decc30fe2@samsung.com Signed-off-by: Krzysztof Kozlowski commit 80d021bc572fbf1b59b029672df5be069dd078ae Merge: 969afb4347130b 97cbf3d0accce0 Author: David S. Miller Date: Sun Aug 11 13:48:03 2024 +0100 Merge branch 'bnxt_en-fix-queue-reset-when-queue-active' David Wei says: ==================== fix bnxt_en queue reset when queue is active The current bnxt_en queue API implementation is buggy when resetting a queue that has active traffic. The problem is that there is no FW involved to stop the flow of packets and relying on napi_disable() isn't enough. To fix this, call bnxt_hwrm_vnic_update() with MRU set to 0 for both the default and the ntuple vnic to stop the flow of packets. This works for any Rx queue and not only those that have ntuple rules since every Rx queue is either in the default or the ntuple vnic. For bnxt_hwrm_vnic_update() to work, proper flushing must be done by the FW. A FW flag is there to indicate support and queue_mgmt_ops is keyed behind this. The first three patches are from Michael Chan and adds the prerequisite vnic functions and FW flags indicating that it will properly flush during vnic update. Tested on BCM957504 while iperf3 is active: 1. Reset a queue that has an ntuple rule steering flow into it 2. Reset all queues in order, one at a time In both cases the flow is not interrupted. Sending this to net-next as there is no in-tree kernel consumer of queue API just yet, and there is a patch that changes when the queue_mgmt_ops is registered. Reviewed-by: Wojciech Drewek --- v3: - include patches from Michael Chan that adds a FW flag for vnic flush capability - key support for queue_mgmt_ops behind this new flag v2: - split setting vnic->mru into a separate patch (Wojciech) - clarify why napi_enable()/disable() is removed ==================== Signed-off-by: David S. Miller commit 97cbf3d0accce0f29db0be3ac1b50d9d561d3206 Author: David Wei Date: Wed Aug 7 22:15:18 2024 -0700 bnxt_en: only set dev->queue_mgmt_ops if supported by FW The queue API calls bnxt_hwrm_vnic_update() to stop/start the flow of packets, which can only properly flush the pipeline if FW indicates support. Add a macro BNXT_SUPPORTS_QUEUE_API that checks for the required flags and only set queue_mgmt_ops if true. Signed-off-by: David Wei Signed-off-by: David S. Miller commit b9d2956e869c78bb356a71dd0a75346da9fd191f Author: David Wei Date: Wed Aug 7 22:15:17 2024 -0700 bnxt_en: stop packet flow during bnxt_queue_stop/start The current implementation when resetting a queue while packets are flowing puts the queue into an inconsistent state. There needs to be some synchronisation with the FW. Add calls to bnxt_hwrm_vnic_update() to set the MRU for both the default and ntuple vnic during queue start/stop. When the MRU is set to 0, flow is stopped. Each Rx queue belongs to either the default or the ntuple vnic. With calling bnxt_hwrm_vnic_update() the calls to napi_enable() and napi_disable() must be removed for reset to work on a queue that has active traffic flowing e.g. iperf3. Co-developed-by: Somnath Kotur Signed-off-by: Somnath Kotur Signed-off-by: David Wei Signed-off-by: David S. Miller commit d41575f76a6d870b386b2aa75143c5cf9543fb45 Author: David Wei Date: Wed Aug 7 22:15:16 2024 -0700 bnxt_en: set vnic->mru in bnxt_hwrm_vnic_cfg() Set the newly added vnic->mru field in bnxt_hwrm_vnic_cfg(). Signed-off-by: David Wei Signed-off-by: David S. Miller commit 6e360862c08756b13f3eb4b1dcbf0b9b9e4d7382 Author: Michael Chan Date: Wed Aug 7 22:15:15 2024 -0700 bnxt_en: Check the FW's VNIC flush capability Check the HWRM_VNIC_QCAPS FW response for the receive engine flush capability. This capability indicates that we can reliably support RX ring restart when calling HWRM_VNIC_UPDATE with MRU set to 0. Signed-off-by: Michael Chan Signed-off-by: David Wei Signed-off-by: David S. Miller commit f2878cdeb7549437c7c47029b4020e535735c5c9 Author: Michael Chan Date: Wed Aug 7 22:15:14 2024 -0700 bnxt_en: Add support to call FW to update a VNIC Add the function bnxt_hwrm_vnic_update() to call FW to update a VNIC. This call can be used when disabling and enabling a receive ring within a VNIC. The mru which is the maximum receive size of packets received by the VNIC can be updated. Signed-off-by: Michael Chan Signed-off-by: David Wei Signed-off-by: David S. Miller commit fbda8ee64b7404a6a48af8481ed788f9d7946284 Author: Michael Chan Date: Wed Aug 7 22:15:13 2024 -0700 bnxt_en: Update firmware interface to 1.10.3.68 The main changes are: 1. HWRM_VNIC_UPDATE used to safely disable and enable an RX ring within the VNIC. 2. New flag in HWRM_VNIC_QCAPS to indicate FW will do the proper flush during HWRM_VNIC_UPDATE. 3. New flag in HWRM_FUNC_QCAPS to indicate that reservations for some resources such as VNIC can be reduced. 4. New backing store memory types not used by the driver yet. Signed-off-by: Michael Chan Signed-off-by: David Wei Signed-off-by: David S. Miller commit ae07389413d41995a027aa5fb99938cd9201fb40 Author: Kwanghoon Son Date: Fri Aug 9 20:54:14 2024 +0900 clk: samsung: exynosautov9: add dpum clock support Add dpum clock for exynosautov9. Signed-off-by: Kwanghoon Son Link: https://lore.kernel.org/r/20240809-clk_dpum-v3-3-359decc30fe2@samsung.com Signed-off-by: Krzysztof Kozlowski commit 2a93f5f91bda9d38d3a801ca23efa29127d07f97 Merge: cc9e3e375f4f2e ccb41c445a3e95 Author: Krzysztof Kozlowski Date: Sun Aug 11 14:30:18 2024 +0200 Merge branch 'for-v6.12/clk-dt-bindings' into next/clk commit ccb41c445a3e9506ef43fe33867a356048e41477 Author: Kwanghoon Son Date: Fri Aug 9 20:54:12 2024 +0900 dt-bindings: clock: exynosautov9: add dpum clock Add dpum clock definitions and compatibles. Also used clock name 'bus' instead of full clock name dout_clkcmu_dpum_bus like other board cmu schema (GS101). Signed-off-by: Kwanghoon Son Link: https://lore.kernel.org/r/20240809-clk_dpum-v3-1-359decc30fe2@samsung.com Signed-off-by: Krzysztof Kozlowski commit 3d2ce0fbcd33cd03c06328d81960d3487f2bc41b Author: Ciprian Costea Date: Thu Jul 4 16:56:53 2024 +0300 arm64: dts: s32g: Disable usdhc write-protect NXP S32G2/S32G3 SoC based platforms do not use a pin for SD-Card write protection used by the uSDHC controller. Hence, adding 'disable-wp' usdhc device-tree property in order to fix observed warnings on SD boot as the following: "host does not support reading read-only switch, assuming write-enable" Signed-off-by: Ciprian Costea Reviewed-by: Matthias Brugger Signed-off-by: Shawn Guo commit ec7ad6530909983c8736c80af46e3529ce7bab55 Author: Yishai Hadas Date: Thu Aug 1 15:05:17 2024 +0300 RDMA/mlx5: Introduce GET_DATA_DIRECT_SYSFS_PATH ioctl Introduce the 'GET_DATA_DIRECT_SYSFS_PATH' ioctl to return the sysfs path of the affiliated 'data direct' device for a given device. Signed-off-by: Yishai Hadas Link: https://patch.msgid.link/403745463e0ef52adbef681ff09aa6a29a756352.1722512548.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit de8f847a5114ff7cfcdfc114af8485c431dec703 Author: Yishai Hadas Date: Thu Aug 1 15:05:16 2024 +0300 RDMA/mlx5: Add support for DMABUF MR registrations with Data-direct Add support for DMABUF MR registrations with Data-direct device. Upon userspace calling to register a DMABUF MR with the data direct bit set, the below algorithm will be followed. 1) Obtain a pinned DMABUF umem from the IB core using the user input parameters (FD, offset, length) and the DMA PF device. The DMA PF device is needed to allow the IOMMU to enable the DMA PF to access the user buffer over PCI. 2) Create a KSM MKEY by setting its entries according to the user buffer VA to IOVA mapping, with the MKEY being the data direct device-crossed MKEY. This KSM MKEY is umrable and will be used as part of the MR cache. The PD for creating it is the internal device 'data direct' kernel one. 3) Create a crossing MKEY that points to the KSM MKEY using the crossing access mode. 4) Manage the KSM MKEY by adding it to a list of 'data direct' MKEYs managed on the mlx5_ib device. 5) Return the crossing MKEY to the user, created with its supplied PD. Upon DMA PF unbind flow, the driver will revoke the KSM entries. The final deregistration will occur under the hood once the application deregisters its MKEY. Notes: - This version supports only the PINNED UMEM mode, so there is no dependency on ODP. - The IOVA supplied by the application must be system page aligned due to HW translations of KSM. - The crossing MKEY will not be umrable or part of the MR cache, as we cannot change its crossed (i.e. KSM) MKEY over UMR. Signed-off-by: Yishai Hadas Link: https://patch.msgid.link/1f99d8020ed540d9702b9e2252a145a439609ba6.1722512548.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit 3aa73c6b795b9aaaf933f3c95495d85fc0de39e3 Author: Yishai Hadas Date: Thu Aug 1 15:05:15 2024 +0300 RDMA: Pass uverbs_attr_bundle as part of '.reg_user_mr_dmabuf' API Pass uverbs_attr_bundle as part of '.reg_user_mr_dmabuf' API instead of udata. This enables passing some new ioctl attributes to the drivers, as will be introduced in the next patches for mlx5 driver. Change the involved drivers accordingly. Signed-off-by: Yishai Hadas Link: https://patch.msgid.link/9a25b2fc02443f7c36c2d93499ae25252b6afd40.1722512548.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit 253c61dc256b3e6be65657f78b4a8452163ce00f Author: Yishai Hadas Date: Thu Aug 1 15:05:14 2024 +0300 RDMA/umem: Introduce an option to revoke DMABUF umem Introduce an option to revoke DMABUF umem. This option will retain the umem allocation while revoking its DMA mapping. Furthermore, any subsequent attempts to map the pages should fail once the umem has been revoked. This functionality will be utilized in the upcoming patches in the series, where we aim to delay umem deallocation until the mkey deregistration. However, we must unmap its pages immediately. Signed-off-by: Yishai Hadas Link: https://patch.msgid.link/a38270f2fe4a194868ca2312f4c1c760e51bcbff.1722512548.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit 682358fd35dece838e6ae2d9d6a69fc0b9a9d411 Author: Yishai Hadas Date: Thu Aug 1 15:05:13 2024 +0300 RDMA/umem: Add support for creating pinned DMABUF umem with a given dma device Add support for creating pinned DMABUF umem with a specified DMA device instead of the DMA device of the given IB device. This API will be utilized in the upcoming patches of the series when multiple path DMAs are implemented. Signed-off-by: Yishai Hadas Link: https://patch.msgid.link/038aad36a43797e5591b20ba81051fc5758124f9.1722512548.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit 2e8e631d7a41e3a4edc94f3c9dd5cb32c2aa539e Author: Yishai Hadas Date: Thu Aug 1 15:05:12 2024 +0300 RDMA/mlx5: Add the initialization flow to utilize the 'data direct' device Add the NET device initialization flow to utilize the 'data direct' device. When a NET mlx5_ib device is capable of 'data direct', the following sequence of actions will occur: - Find its affiliated 'data direct' VUID via a firmware command. - Create its own private PD and 'data direct' mkey. - Register to be notified when its 'data direct' driver is probed or removed. The DMA device of the affiliated 'data direct' device, including the private PD and the 'data direct' mkey, will be used later during MR registrations that request the data direct functionality. Signed-off-by: Yishai Hadas Link: https://patch.msgid.link/b11fa87b2a65bce4db8d40341bb6cee490fa4d06.1722512548.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit 6910e3660d86c1a5654f742a40181d2c9154f26f Author: Yishai Hadas Date: Thu Aug 1 15:05:11 2024 +0300 RDMA/mlx5: Introduce the 'data direct' driver Introduce the 'data direct' driver for a ConnectX-8 Data Direct device. The 'data direct' driver functions as the affiliated DMA device for one or more capable mlx5_ib devices. This DMA device, as the name suggests, is used exclusively for DMA operations. It can be considered a DMA engine managed by a PF/VF, lacking network capabilities and having minimal overall capabilities. Consequently, the DMA NIC PF will not be exposed to or directly used by software applications. The driver will not have any direct interface or interaction with the firmware (no command interface, no capabilities, etc.). It will operate solely over PCI to enable its DMA functionality. Registration and un-registration of the driver are handled as part of the mlx5_ib initialization and exit processes, as the mlx5_ib devices will effectively be its clients. The driver will serve as the DMA device for accessing another PCI device to achieve optimal performance (both on the same NUMA node, P2P access, etc.). Upon probing, it will read its VUID over PCI to handle mlx5_ib device registrations with the same VUID. Upon removal, it will notify its clients to allow them to clean up the resources that were mmaped with its DMA device. Signed-off-by: Yishai Hadas Link: https://patch.msgid.link/b77edecfd476c3f445da96ab6aef499ae47b2829.1722512548.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit a18eb864019e624bb4ea5778fce75cc903475ed5 Merge: 0ea4ffb2bc80e8 c772a2c6901824 Author: Leon Romanovsky Date: Thu Aug 8 10:54:53 2024 +0300 Introducing Multi-Path DMA Support for mlx5 RDMA Driver From Yishai, Overview -------- This patch series aims to enable multi-path DMA support, allowing an mlx5 RDMA device to issue DMA commands through multiple paths. This feature is critical for improving performance and reaching line rate in certain environments where issuing PCI transactions over one path may be significantly faster than over another. These differences can arise from various PCI generations in the system or the specific system topology. To achieve this functionality, we introduced a data direct DMA device that can serve the RDMA device by issuing DMA transactions on its behalf. The main key features and changes are described below. Multi-Path Discovery -------------------- API Implementation: * Introduced an API to discover multiple paths for a given mlx5 RDMA device. IOCTL Command: * Added a new IOCTL command, MLX5_IB_METHOD_GET_DATA_DIRECT_SYSFS_PATH, to the DEVICE object. When an affiliated Data-Direct/DMA device is present, its sysfs path is returned. Feature Activation by mlx5 RDMA Application ------------------------------------------- UVERBS Extension: * Extended UVERBS_METHOD_REG_DMABUF_MR over UVERBS_OBJECT_MR to include mlx5 extended flags. Access Flag: * Introduced the MLX5_IB_UAPI_REG_DMABUF_ACCESS_DATA_DIRECT flag, allowing applications to request the use of the affiliated DMA device for DMABUF registration. Data-Direct/DMA Device ---------------------- New Driver: * Introduced a new driver to manage the new DMA PF device ID (0x2100). Its registration/un-registration is handled as part of the mlx5_ib init/exit flows, with mlx5 IB devices as its clients. Functionality: * The driver does not interface directly with the firmware (no command interface, no caps, etc.) but works over PCI to activate its DMA functionality. It serves as the DMA device for efficiently accessing other PCI devices (e.g., GPU PF) and reads its VUID over PCI to handle NICs registrations with the same VUID. mlx5 IB RDMA Device --------------------------- VUID Query: * Reads its affiliated DMA PF VUID via the QUERY_VUID command with the data_direct bit set. Driver Registration: * Registers with the DMA PF driver to be notified upon bind/unbind. Application Request Handling: * Uses the DMA PF device upon application request as described above. DMABUF over Umem ---------------- Introduced an option to obtain a DMABUF UMEM using a different DMA device instead of the IB device, allowing the device to register over IOMMU with the expected DMA device for a given buffer registration. Further details are provided in the commit logs of the patches in this series. Thanks Link: https://lore.kernel.org/all/cover.1722512548.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit 0ea4ffb2bc80e8f4e6ca87e07142d1c17285ae95 Author: Mark Bloch Date: Tue Jul 30 12:18:45 2024 +0300 RDMA/mlx5: Expose vhca id for all ports in multiport mode In multiport mode, RDMA devices make it impossible for userspace to use DEVX to discover vhca id values for ports beyond port 1. This patch addresses the issue by exposing the vhca id of all ports. Signed-off-by: Mark Bloch Reviewed-by: Maor Gottlieb Link: https://patch.msgid.link/41dea83aa51843aa4c067b4f73f28d64e51bd53c.1722331101.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit df6d27a30970158466b632c82da09a9b24c30f4b Author: Chiara Meiohas Date: Tue Jul 30 12:17:25 2024 +0300 RDMA/nldev: Enhance netlink message parsing and validation Use strict parsing validation for set commands, and liberal validation for get commands. Additionally, remove all usage of nlmsg_parse_depricate(). Strict parsing validation fails when encountering unrecognized attributes in the Netlink message, while liberal parsing validation ignores them. In 57d7a8fd904c ("rdma: Add an option to display driver-specific QPs in the rdma tool") in iproute2, the attribute RDMA_NLDEV_ATTR_DRIVER_DETAILS was added. This cause backwards compatibility issues when using the rdma tool with the new attribute and an older kernel which does recognize this attribute. In this case, the command "rdma stat show mr" would fail, because the new rdma tool would fill the netlink message with the new attribute and the older kernel would fail as it used strict parsing and did not recognize the new attribute. In general, strict validation is appropriate for set commands as they modify the system, while liberal validation is suitable for get commands which only query system information. Replace all uses of nlmsg_parse_deprecated() with __nlmsg_parse(), using the NL_VALIDATE_LIBERAL flag. The nlmsg_parse_deprecated() function internally calls __nlmsg_parse() with the NL_VALIDATE_LIBERAL flag, but its name is confusing. Signed-off-by: Chiara Meiohas Reviewed-by: Michael Guralnik Link: https://lore.kernel.org/r/f633a979a49db090d05c24a3ba83d30727bb777b.1722331020.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit fb579e6656a8d5e042e65062f68ca41321817237 Author: Thorsten Blum Date: Wed Aug 7 11:55:00 2024 +0200 rcu: Annotate struct kvfree_rcu_bulk_data with __counted_by() Add the __counted_by compiler attribute to the flexible array member records to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Increment nr_records before adding a new pointer to the records array. Signed-off-by: Thorsten Blum Reviewed-by: "Gustavo A. R. Silva" Reviewed-by: "Uladzislau Rezki (Sony)" Reviewed-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit e1de438336222dbe27f2d4baa8c01074fcac2bef Author: Valentin Schneider Date: Mon Apr 29 15:52:32 2024 +0200 context_tracking, rcu: Rename DYNTICK_IRQ_NONIDLE into CT_NESTING_IRQ_NONIDLE The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, and the 'dynticks' prefix can be dropped without losing any meaning. Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 2ef2890b7a94fbbfa8fdf0a90499ae1df476b8e8 Author: Valentin Schneider Date: Tue Apr 16 14:49:13 2024 +0200 context_tracking, rcu: Rename ct_dynticks_nmi_nesting_cpu() into ct_nmi_nesting_cpu() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, and the 'dynticks' prefix can be dropped without losing any meaning. Suggested-by: Frederic Weisbecker Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 8375cb260d7e43610934af63748d1a51201449f8 Author: Valentin Schneider Date: Tue Apr 16 14:46:14 2024 +0200 context_tracking, rcu: Rename ct_dynticks_nmi_nesting() into ct_nmi_nesting() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, and the 'dynticks' prefix can be dropped without losing any meaning. Suggested-by: Frederic Weisbecker Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit dc5fface4b30508933b515a4985401c8c8f6bcfd Author: Valentin Schneider Date: Tue Apr 16 10:52:03 2024 +0200 context_tracking, rcu: Rename struct context_tracking .dynticks_nmi_nesting into .nmi_nesting The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, and the 'dynticks' prefix can be dropped without losing any meaning. [ neeraj.upadhyay: Fix htmldocs build error reported by Stephen Rothwell ] Suggested-by: Frederic Weisbecker Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit bca9455da531a3c2520c28ff349d0dab4e471d28 Author: Valentin Schneider Date: Tue Apr 16 14:48:26 2024 +0200 context_tracking, rcu: Rename ct_dynticks_nesting_cpu() into ct_nesting_cpu() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, and the 'dynticks' prefix can be dropped without losing any meaning. Suggested-by: Frederic Weisbecker Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 1089c0078b69bce0c2d540e3cc43470ba9e5dcfd Author: Valentin Schneider Date: Tue Apr 16 14:45:30 2024 +0200 context_tracking, rcu: Rename ct_dynticks_nesting() into ct_nesting() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, reflect that change in the related helpers. Suggested-by: Frederic Weisbecker Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit bf66471987b4bd537bc800353ca7d39bfd1d1022 Author: Valentin Schneider Date: Tue Apr 16 10:51:10 2024 +0200 context_tracking, rcu: Rename struct context_tracking .dynticks_nesting into .nesting The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, reflect that change in the related helpers. [ neeraj.upadhyay: Fix htmldocs build error reported by Stephen Rothwell ] Suggested-by: Frederic Weisbecker Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 969afb4347130b7dfd5b652aa60560cf60e214d8 Merge: bbfeba26036490 c1b2e36b8776a2 Author: David S. Miller Date: Sun Aug 11 04:38:50 2024 +0100 Merge branch 'l2tp-misc-improvements' James Chapman says: ==================== l2tp: misc improvements This series makes several improvements to l2tp: * update documentation to be consistent with recent l2tp changes. * move l2tp_ip socket tables to per-net data. * fix handling of hash key collisions in l2tp_v3_session_get * implement and use get-next APIs for management and procfs/debugfs. * improve l2tp refcount helpers. * use per-cpu dev->tstats in l2tpeth devices. * fix a lockdep splat. * fix a race between l2tp_pre_exit_net and pppol2tp_release. ==================== Signed-off-by: David S. Miller commit c1b2e36b8776a20a1fbdeb9d3be0637c00d671b0 Author: James Chapman Date: Wed Aug 7 07:54:52 2024 +0100 l2tp: flush workqueue before draining it syzbot exposes a race where a net used by l2tp is removed while an existing pppol2tp socket is closed. In l2tp_pre_exit_net, l2tp queues TUNNEL_DELETE work items to close each tunnel in the net. When these are run, new SESSION_DELETE work items are queued to delete each session in the tunnel. This all happens in drain_workqueue. However, drain_workqueue allows only new work items if they are queued by other work items which are already in the queue. If pppol2tp_release runs after drain_workqueue has started, it may queue a SESSION_DELETE work item, which results in the warning below in drain_workqueue. Address this by flushing the workqueue before drain_workqueue such that all queued TUNNEL_DELETE work items run before drain_workqueue is started. This will queue SESSION_DELETE work items for each session in the tunnel, hence pppol2tp_release or other API requests won't queue SESSION_DELETE requests once drain_workqueue is started. WARNING: CPU: 1 PID: 5467 at kernel/workqueue.c:2259 __queue_work+0xcd3/0xf50 kernel/workqueue.c:2258 Modules linked in: CPU: 1 UID: 0 PID: 5467 Comm: syz.3.43 Not tainted 6.11.0-rc1-syzkaller-00247-g3608d6aca5e7 #0 Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 RIP: 0010:__queue_work+0xcd3/0xf50 kernel/workqueue.c:2258 Code: ff e8 11 84 36 00 90 0f 0b 90 e9 1e fd ff ff e8 03 84 36 00 eb 13 e8 fc 83 36 00 eb 0c e8 f5 83 36 00 eb 05 e8 ee 83 36 00 90 <0f> 0b 90 48 83 c4 60 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc RSP: 0018:ffffc90004607b48 EFLAGS: 00010093 RAX: ffffffff815ce274 RBX: ffff8880661fda00 RCX: ffff8880661fda00 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: 0000000000000000 R08: ffffffff815cd6d4 R09: 0000000000000000 R10: ffffc90004607c20 R11: fffff520008c0f85 R12: ffff88802ac33800 R13: ffff88802ac339c0 R14: dffffc0000000000 R15: 0000000000000008 FS: 00005555713eb500(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000008 CR3: 000000001eda6000 CR4: 00000000003506f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: queue_work_on+0x1c2/0x380 kernel/workqueue.c:2392 pppol2tp_release+0x163/0x230 net/l2tp/l2tp_ppp.c:445 __sock_release net/socket.c:659 [inline] sock_close+0xbc/0x240 net/socket.c:1421 __fput+0x24a/0x8a0 fs/file_table.c:422 task_work_run+0x24f/0x310 kernel/task_work.c:228 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] exit_to_user_mode_loop kernel/entry/common.c:114 [inline] exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline] syscall_exit_to_user_mode+0x168/0x370 kernel/entry/common.c:218 do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f061e9779f9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffff1c1fce8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 RAX: 0000000000000000 RBX: 000000000001017d RCX: 00007f061e9779f9 RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 RBP: 00007ffff1c1fdc0 R08: 0000000000000001 R09: 00007ffff1c1ffcf R10: 00007f061e800000 R11: 0000000000000246 R12: 0000000000000032 R13: 00007ffff1c1fde0 R14: 00007ffff1c1fe00 R15: ffffffffffffffff Fixes: fc7ec7f554d7 ("l2tp: delete sessions using work queue") Reported-by: syzbot+0e85b10481d2f5478053@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=0e85b10481d2f5478053 Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit dcc59d3e328e3afe54df4f395796042735b1c420 Author: James Chapman Date: Wed Aug 7 07:54:51 2024 +0100 l2tp: l2tp_eth: use per-cpu counters from dev->tstats l2tp_eth uses old-style dev->stats for fastpath packet/byte counters. Convert it to use dev->tstats per-cpu counters. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit abe7a1a7d0b69e63b1bca5f9531023a52336784f Author: James Chapman Date: Wed Aug 7 07:54:50 2024 +0100 l2tp: improve tunnel/session refcount helpers l2tp_tunnel_inc_refcount and l2tp_session_inc_refcount wrap refcount_inc. They add no value so just use the refcount APIs directly and drop l2tp's helpers. l2tp already uses refcount_inc_not_zero anyway. Rename l2tp_tunnel_dec_refcount and l2tp_session_dec_refcount to l2tp_tunnel_put and l2tp_session_put to better match their use pairing various _get getters. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit 1f4c3dce9112d23145b4f8bbfd3793a1c4c517ab Author: James Chapman Date: Wed Aug 7 07:54:49 2024 +0100 l2tp: use get_next APIs for management requests and procfs/debugfs l2tp netlink and procfs/debugfs iterate over tunnel and session lists to obtain data. They currently use very inefficient get_nth functions to do so. Replace these with get_next. For netlink, use nl cb->ctx[] for passing state instead of the obsolete cb->args[]. l2tp_tunnel_get_nth and l2tp_session_get_nth are no longer used so they can be removed. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit aa92c1cec92b146fe499fb693688d6d3d6bafad9 Author: James Chapman Date: Wed Aug 7 07:54:48 2024 +0100 l2tp: add tunnel/session get_next helpers l2tp management APIs and procfs/debugfs iterate over l2tp tunnel and session lists. Since these lists are now implemented using IDR, we can use IDR get_next APIs to iterate them. Add tunnel/session get_next functions to do so. The session get_next functions get the next session in a given tunnel and need to account for l2tpv2 and l2tpv3 differences: * l2tpv2 sessions are keyed by tunnel ID / session ID. Iteration for a given tunnel ID, TID, can therefore start with a key given by TID/0 and finish when the next entry's tunnel ID is not TID. This is possible only because the tunnel ID part of the key is the upper 16 bits and the session ID part the lower 16 bits; when idr_next increments the key value, it therefore finds the next sessions of the current tunnel before those of the next tunnel. Entries with session ID 0 are always skipped because they are used internally by pppol2tp. * l2tpv3 sessions are keyed by session ID. Iteration starts at the first IDR entry and skips entries where the tunnel does not match. Iteration must also consider session ID collisions and walk the list of colliding sessions (if any) for one which matches the supplied tunnel. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit b0a8deda060d51ebe4614ed6e1829d933139ba1a Author: James Chapman Date: Wed Aug 7 07:54:47 2024 +0100 l2tp: handle hash key collisions in l2tp_v3_session_get To handle colliding l2tpv3 session IDs, l2tp_v3_session_get searches a hashed list keyed by ID and sk. Although unlikely, if hash keys collide, it is possible that hash_for_each_possible loops over a session which doesn't have the ID that we are searching for. So check for session ID match when looping over possible hash key matches. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit ebed6606b95954b94df6229db806978b32f3fa23 Author: James Chapman Date: Wed Aug 7 07:54:46 2024 +0100 l2tp: move l2tp_ip and l2tp_ip6 data to pernet l2tp_ip[6] have always used global socket tables. It is therefore not possible to create l2tpip sockets in different namespaces with the same socket address. To support this, move l2tpip socket tables to pernet data. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit 168464c19e1ab7ddc5fb80d9c9560cfbcce6211d Author: James Chapman Date: Wed Aug 7 07:54:45 2024 +0100 l2tp: remove inline from functions in c sources Update l2tp to remove the inline keyword from several functions in C sources, since this is now discouraged. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit e2b1762cf32fb9be1e662ec1e8f3b8b36a9b293d Author: James Chapman Date: Wed Aug 7 07:54:44 2024 +0100 documentation/networking: update l2tp docs l2tp no longer uses sk_user_data in tunnel sockets and now manages tunnel/session lifetimes slightly differently. Update docs to cover this. CC: linux-doc@vger.kernel.org CC: corbet@lwn.net Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit 2c04a4defcedfff1e6f99a898b068db0962f3ba2 Author: FUKAUMI Naoki Date: Fri Aug 2 14:15:08 2024 +0900 arm64: dts: rockchip: drop dr_mode for Radxa ZERO 3W/3E since dr_mode = "otg" can be used for USB gadget functions for U-Boot and Linux, there is no reason to set it to "peripheral". drop it. Fixes: 1a5c8d307c83 ("arm64: dts: rockchip: Add Radxa ZERO 3W/3E") Signed-off-by: FUKAUMI Naoki Link: https://lore.kernel.org/r/20240802051508.498-1-naoki@radxa.com Signed-off-by: Heiko Stuebner commit 8c51521de18755d4112a77a598a348b38d0af370 Author: Dragan Simic Date: Sun Aug 4 23:10:24 2024 +0200 arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency Increase the frequency of the PWM signal that drives the LED backlight of the Pinebook Pro's panel, from about 1.35 KHz (which equals to the PWM period of 740,740 ns), to exactly 8 kHz (which equals to the PWM period of 125,000 ns). Using a higher PWM frequency for the panel backlight, which reduces the flicker, can only be beneficial to the end users' eyes. On top of that, increasing the backlight PWM signal frequency reportedly eliminates the buzzing emitted from the Pinebook Pro's built-in speakers when certain backlight levels are set, which cause some weird interference with some of the components of the Pinebook Pro's audio chain. The old value for the backlight PWM period, i.e. 740,740 ns, is pretty much an arbitrary value that was selected during the very early bring-up of the Pinebook Pro, only because that value seemed to minimize horizontal line distortion on the display, which resulted from the old X.org drivers causing screen tearing when dragging windows around. That's no longer an issue, so there are no reasons to stick with the old PWM period value. The lower and the upper backlight PWM frequency limits for the Pinebook Pro's panel, according to its datasheet, are 200 Hz and 10 kHz, respectively. [1] These changes still leave some headroom, which may have some positive effects on the lifetime expectancy of the panel's backlight LEDs. [1] https://files.pine64.org/doc/datasheet/PinebookPro/NV140FHM-N49_Rev.P0_20160804_201710235838.pdf Fixes: 5a65505a6988 ("arm64: dts: rockchip: Add initial support for Pinebook Pro") Cc: stable@vger.kernel.org Reported-by: Nikola Radojevic Signed-off-by: Dragan Simic Tested-by: Nikola Radojević Link: https://lore.kernel.org/r/2a23b6cfd8c0513e5b233b4006ee3d3ed09b824f.1722805655.git.dsimic@manjaro.org Signed-off-by: Heiko Stuebner commit 789ce0f6028f9e68fc27f6748acefbd2e23f4716 Author: Jared McArthur Date: Fri Aug 9 10:46:38 2024 -0500 dt-bindings: gpio: gpio-davinci: Add the gpio-reserved-ranges property Current definition of the davinci gpio controller doesn't include the gpio-reserved-ranges property. Add the gpio-reserved-ranges property so it can be used within device tree files. Will prevent users from trying to access gpios that don't exist. Signed-off-by: Jared McArthur Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240809154638.394091-2-j-mcarthur@ti.com Signed-off-by: Bartosz Golaszewski commit 4a8c1161b843c366776fc872a6fe45b743b2983e Author: Andy Yan Date: Tue Jul 30 18:24:33 2024 +0800 arm64: dts: rockchip: Add support for rk3588 based Cool Pi CM5 GenBook Cool Pi CM5 GenBook works as a carrier board connect with CM5 [0]. Specification: - Rockchip RK3588 - LPDDR5X 8/32 GB - eMMC 64 GB - HDMI Type A out x 1 - USB 3.0 Host x 1 - USB-C 3.0 with DisplayPort AltMode - PCIE M.2 E Key for RTL8852BE Wireless connection - PCIE M.2 M Key for NVME connection - eDP panel with 1920x1080 This patch add basic support to bringup eMMC/USB HOST/WiFi/TouchPad/ Battery/PCIE NVME, and can also drive a HDMI output with out of tree hdmi patches. [0] https://www.crowdsupply.com/shenzhen-tianmao-technology-co-ltd/genbook-rk3588 Signed-off-by: Andy Yan Link: https://lore.kernel.org/r/20240730102433.540260-3-andyshrk@163.com Signed-off-by: Heiko Stuebner commit db0d831c58ce5bc7f37433f5eef65405610cb322 Author: Andy Yan Date: Tue Jul 30 18:24:32 2024 +0800 dt-bindings: arm: rockchip: Add Cool Pi CM5 GenBook Add Cool Pi CM5 GenBook, a laptop powered by RK3588. Cool Pi GenBook works with a carrier board connect with CM5. Signed-off-by: Andy Yan Reviewed-by: Krzysztof Kozlowski Reviewed-by: Dragan Simic Link: https://lore.kernel.org/r/20240730102433.540260-2-andyshrk@163.com Signed-off-by: Heiko Stuebner commit 8e0eb3dea9739cc5ada7a2d10319734dbbd2699c Author: Florian Klink Date: Thu Aug 8 13:30:47 2024 +0300 arm64: dts: rockchip: add rfkill node for M.2 E wifi on orangepi-5-plus This follows the same logic as 82d40b141a4c ("arm64: dts: rockchip: add rfkill node for M.2 Key E WiFi on rock-5b"). On the orangepi-5-plus, there's also a GPIO pin connecting the WiFi enable signal inside the M.2 Key E slot. The exact GPIO PIN can be validated in the Armbian rk-5.10-rkr4 kernel rk3588-orangepi-5-plus.dtsi file [1], which contains a `wifi_disable` node referencing RK_PC4 on &gpio0. With this change, I was able to get a "Intel Corporation Wi-Fi 6E(802.11ax) AX210/AX1675* 2x2 [Typhoon Peak] (rev 1a)" up, while `rfkill` previously only mentioned to be hardware blocked. [1] https://github.com/armbian/linux-rockchip/blob/9fbe23c9da24f236c6009f42d3f02c1ffb84c169/arch/arm64/boot/dts/rockchip/rk3588-orangepi-5-plus.dts Signed-off-by: Florian Klink Link: https://lore.kernel.org/r/20240808103052.1894764-1-flokli@flokli.de Signed-off-by: Heiko Stuebner commit afeccc4084963aaa932931b734c8def55613c483 Author: Aurelien Jarno Date: Tue Jul 30 17:11:44 2024 +0100 arm64: dts: rockchip: add DT entry for RNG to RK356x Include the just added Rockchip RNG driver for RK356x SoCs and enable it on RK3568. Signed-off-by: Aurelien Jarno Signed-off-by: Daniel Golle Link: https://lore.kernel.org/r/d2beb15377dc8b580ca5557b1a4a6f50b74055aa.1722355365.git.daniel@makrotopia.org Signed-off-by: Heiko Stuebner commit 02a62b551cee585f7c2c93f54d1230d5714ff7d4 Author: Thomas Weißschuh Date: Wed Aug 7 23:51:40 2024 +0200 tools/nolibc: compiler: introduce __nolibc_has_attribute() Recent compilers support __has_attribute() to check if a certain compiler attribute is supported. Unfortunately we have to first check if __has_attribute is supported in the first place and then if a specific attribute is present. These two checks can't be folded into a single condition as that would lead to errors. Nesting the two conditions like below works, but becomes ugly as soon as #else blocks are used as those need to be duplicated for both levels of #if. #if defined __has_attribute # if __has_attribute (nonnull) # define ATTR_NONNULL __attribute__ ((nonnull)) # endif #endif Introduce a new helper which makes the usage of __has_attribute() nicer and migrate the current user to it. Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-4-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit 1daea158d0aae0770371f3079305a29fdb66829e Author: Thomas Weißschuh Date: Wed Aug 7 23:51:39 2024 +0200 tools/nolibc: powerpc: limit stack-protector workaround to GCC As mentioned in the comment, the workaround for __attribute__((no_stack_protector)) is only necessary on GCC. Avoid applying the workaround on clang, as clang does not recognize __attribute__((__optimize__)) and would fail. Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-3-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit 0daf8c86a45163f35b8d4f7795068c2511dd0ad9 Author: Thomas Weißschuh Date: Wed Aug 7 23:51:38 2024 +0200 tools/nolibc: mips: load current function to $t9 The MIPS calling convention requires the address of the current function to be available in $t9. This was not done so far. For GCC this seems to have worked, but when compiled with clang the executable segfault instantly. Properly load the address of _start_c() into $t9 before calling it. Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-2-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit 55850eb4e582f0696f40b8315ac31a45d6a4955e Author: Thomas Weißschuh Date: Wed Aug 7 23:51:37 2024 +0200 tools/nolibc: arm: use clang-compatible asm syntax The clang assembler rejects the current syntax. Switch to a syntax accepted by both GCC and clang. Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240807-nolibc-llvm-v2-1-c20f2f5fc7c2@weissschuh.net Signed-off-by: Thomas Weißschuh commit 7a8b585d4a5df88da28caaac4d080ce46e494ffa Author: Nuno Sa Date: Fri Aug 9 11:17:09 2024 +0200 iio: imu: adis16460: drop ifdef around CONFIG_DEBUG_FS Use IS_ENABLED(CONFIG_DEBUG_FS) to return in case debugfs is not present. Since this is known at compile time, it allows the compiler to drop any unused code. Therefore no need to wrap the code with #ifdef. While at it make adis16460_debugfs_init() void as the return code is ignored. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240809-dev-adis-debugfs-improv-v1-4-d3adb6996518@analog.com Signed-off-by: Jonathan Cameron commit 7d6c97ba52087b9e3251eae273af12c7193d1609 Author: Nuno Sa Date: Fri Aug 9 11:17:08 2024 +0200 iio: imu: adis16400: drop ifdef around CONFIG_DEBUG_FS Use IS_ENABLED(CONFIG_DEBUG_FS) to return in case debugfs is not present. Since this is known at compile time, it allows the compiler to drop any unused code. Therefore no need to wrap the code with #ifdef. While at it make adis16400_debugfs_init() void as the return code is ignored. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240809-dev-adis-debugfs-improv-v1-3-d3adb6996518@analog.com Signed-off-by: Jonathan Cameron commit 7f5d956d3f955688aefddc51fb342f7bdd0d2cef Author: Nuno Sa Date: Fri Aug 9 11:17:07 2024 +0200 iio: imu: adis16480: drop ifdef around CONFIG_DEBUG_FS Use IS_ENABLED(CONFIG_DEBUG_FS) to return in case debugfs is not present. Since this is known at compile time, it allows the compiler to drop any unused code. Therefore no need to wrap the code with #ifdef. While at it make adis16480_debugfs_init() void as the return code is ignored. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240809-dev-adis-debugfs-improv-v1-2-d3adb6996518@analog.com Signed-off-by: Jonathan Cameron commit cec920f67e562821812b10f78334d91d81a4e26f Author: Nuno Sa Date: Fri Aug 9 11:17:06 2024 +0200 iio: imu: adis16475: drop ifdef around CONFIG_DEBUG_FS Use IS_ENABLED(CONFIG_DEBUG_FS) to return early in case debugfs is not present. Since this is known at compile time, it allows the compiler to drop any unused code. Therefore no need to wrap the code with #ifdef. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240809-dev-adis-debugfs-improv-v1-1-d3adb6996518@analog.com Signed-off-by: Jonathan Cameron commit c5d2291a3086f4b59ae42d5082cfe45ef9103062 Author: Dan Carpenter Date: Thu Aug 8 22:28:17 2024 +0300 iio: adc: pac1921: add missing error return in probe() This error path was intended to return, and not just print an error. The current code will lead to an error pointer dereference. Fixes: 371f778b83cd ("iio: adc: add support for pac1921") Signed-off-by: Dan Carpenter Acked-by: Matteo Martelli Link: https://patch.msgid.link/1fa4ab12-0939-477d-bc92-306fd32e4fd9@stanley.mountain Signed-off-by: Jonathan Cameron commit f2271ba6f0744a0175ed387577405697ee0360db Author: Colin Ian King Date: Wed Aug 7 10:47:45 2024 +0100 iio: Fix spelling mistake "avaialable" -> "available" There is a spelling mistake in a dev_warn message. Fix it. Signed-off-by: Colin Ian King Link: https://patch.msgid.link/20240807094745.4174785-1-colin.i.king@gmail.com Signed-off-by: Jonathan Cameron commit 4f6ca3464d987054f5e75f097a97dcbb86a87569 Author: Dan Carpenter Date: Fri Aug 9 15:28:30 2024 +0300 iio: dac: ltc2664: Fix off by one in ltc2664_channel_config() This comparison should be >= ARRAY_SIZE() instead of >. The "mspan" variable is later used as an array index into ltc2664_mspan_lut[] so this is an off by one bug. Fixes: 4cc2fc445d2e ("iio: dac: ltc2664: Add driver for LTC2664 and LTC2672") Signed-off-by: Dan Carpenter Link: https://patch.msgid.link/5727ab54-6280-466e-b107-1b6006e5ab29@stanley.mountain Signed-off-by: Jonathan Cameron commit b09999ee1e86a19d43eb6818daa69e577c2fb77a Author: Denis Benato Date: Wed Aug 7 20:56:19 2024 +0200 iio: bmi323: suspend and resume triggering on relevant pm operations Prevent triggers from stop working after the device has entered sleep: use iio_device_suspend_triggering and iio_device_resume_triggering helpers. Signed-off-by: Denis Benato Link: https://patch.msgid.link/20240807185619.7261-3-benato.denis96@gmail.com Signed-off-by: Jonathan Cameron commit 2837efdc7cef5b86b0c4d94a7410bc03cc2f003f Author: Denis Benato Date: Wed Aug 7 20:56:18 2024 +0200 iio: trigger: allow devices to suspend/resume theirs associated trigger When a machine enters a sleep state while a trigger is associated to an iio device that trigger is not resumed after exiting the sleep state: provide iio device drivers a way to suspend and resume the associated trigger to solve the aforementioned bug. Each iio driver supporting external triggers is expected to call iio_device_suspend_triggering before suspending, and iio_device_resume_triggering upon resuming. Signed-off-by: Denis Benato Link: https://patch.msgid.link/20240807185619.7261-2-benato.denis96@gmail.com Signed-off-by: Jonathan Cameron commit b4b4817bbf9aebb2071d8b887a970610ee943f91 Author: Detlev Casanova Date: Fri Aug 2 17:45:31 2024 -0400 dt-bindings: iio: adc: Add rockchip,rk3576-saradc string Add rockchip,rk3576-saradc compatible string. The saradc on RK3576 is compatible with the one on RK3588, so they are used together in an arm of the oneOf. Signed-off-by: Detlev Casanova Reviewed-by: Krzysztof Kozlowski Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240802214612.434179-5-detlev.casanova@collabora.com Signed-off-by: Jonathan Cameron commit 46e4ce4c11abf904dec37ea9a3b3c741cbcf34bd Author: David Lechner Date: Thu Aug 8 16:12:08 2024 -0500 dt-bindings: iio: ad4695: fix common-mode-channel The common-mode-channel property is a scalar, not an array, so we should not be using items: in the schema when specifying allowable values. Reported-by: Rob Herring Closes: https://lore.kernel.org/linux-iio/CAL_JsqKaddw8FnPfdnhKhHUb8AcTxFadc_eZmxjX0QxFR80=mw@mail.gmail.com/ Fixes: b40cafc11436 ("dt-bindings: iio: adc: add AD4695 and similar ADCs") Signed-off-by: David Lechner Reviewed-by: Krzysztof Kozlowski Acked-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240808-iio-adc-ad4695-fix-dt-bindings-v1-1-5cf37b9547b0@baylibre.com Signed-off-by: Jonathan Cameron commit 06e91ad34453ef7656680f1e983ce2089d068204 Author: Abhash Jha Date: Sun Aug 4 19:12:12 2024 +0530 iio: light: apds9960: Add proximity and gesture offset calibration Proximity and gesture offset registers perform offset correction to improve cross-talk performance. Added `calibbias` to the proximity and gesture channels. Provided facility to set calibbias based on the channel number. Signed-off-by: Abhash Jha Link: https://patch.msgid.link/20240804134212.51682-2-abhashkumarjha123@gmail.com Signed-off-by: Jonathan Cameron commit 6fc839dc320cd68c6009d5f5d73b7aa6ba428889 Author: Olivier Moysan Date: Tue Jul 30 10:46:39 2024 +0200 iio: adc: stm32-dfsdm: add scaling support to dfsdm Add scaling support to STM32 DFSDM. When used in an analog context, a DFSDM filter typically converts the data from a sigma delta modulator. The IIO device associated to the DFSDM filter provides these data as raw data. The IIO device can provide scaling information (voltage and offset) to allow conversion of raw data into physical values. With the new binding based on IIO backend framework, the sigma delta modulators are defined as backends providing scaling information. The scaling is not supported with legacy binding. Signed-off-by: Olivier Moysan Acked-by: Nuno Sa Link: https://patch.msgid.link/20240730084640.1307938-10-olivier.moysan@foss.st.com Signed-off-by: Jonathan Cameron commit bd71b6d0ba5ec195d580d79b1ebdfedaeb63aae2 Author: Olivier Moysan Date: Tue Jul 30 10:46:38 2024 +0200 iio: add iio backend support to sd modulator The legacy sd modulator driver registers the sigma delta modulator as an IIO channel provider. This implementation is not convenient when the SD modulator has to be cascaded with another IIO device. The scaling information is distributed across devices, which makes it difficult to report consistent scaling data on IIO devices. The solution is to expose these cascaded IIO devices as an aggregate device, which report global scaling information. Add IIO backend support to SD modulator to allow scaling information management. Signed-off-by: Olivier Moysan Link: https://patch.msgid.link/20240730084640.1307938-9-olivier.moysan@foss.st.com Signed-off-by: Jonathan Cameron commit 3208fa0cd9191494e6c618e3998720488d6b679b Author: Olivier Moysan Date: Tue Jul 30 10:46:37 2024 +0200 iio: adc: stm32-dfsdm: adopt generic channels bindings Move to generic channels binding to ease new backend framework adoption and prepare the convergence with MDF IP support on STM32MP2 SoC family. Legacy binding: DFSDM is an IIO channel consumer. SD modulator is an IIO channels provider. The channel phandles are provided in DT through io-channels property and channel indexes through st,adc-channels property. New binding: DFSDM is an IIO channel provider. The channel indexes are given by reg property in channel child node. This new binding is intended to be used with SD modulator IIO backends. It does not support SD modulator legacy IIO devices. The st,adc-channels property presence is used to discriminate between legacy and backend bindings. The support of the DFSDM legacy channels and SD modulator IIO devices is kept for backward compatibility. Signed-off-by: Olivier Moysan Link: https://patch.msgid.link/20240730084640.1307938-8-olivier.moysan@foss.st.com Signed-off-by: Jonathan Cameron commit e7385105553a38d5d347e565c2a1b654490a8d98 Author: Olivier Moysan Date: Tue Jul 30 10:46:36 2024 +0200 dt-bindings: iio: add vref support to sd modulator Allow to specify the reference voltage used by the SD modulator. When the SD modulator is defined as an IIO backend, the reference voltage can be used to evaluate scaling information of the IIO device. The reference voltage is not used otherwise. Signed-off-by: Olivier Moysan Reviewed-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240730084640.1307938-7-olivier.moysan@foss.st.com Signed-off-by: Jonathan Cameron commit 281b4318be49080d4995f8b2603089025282f499 Author: Olivier Moysan Date: Tue Jul 30 10:46:35 2024 +0200 dt-bindings: iio: add backend support to sd modulator The legacy sd modulator driver registers the sigma delta modulator as an IIO channel provider. This implementation is not convenient when the SD modulator has to be cascaded with another IIO device. The scaling information is distributed across devices, which makes it difficult to report consistent scaling data on IIO devices. The solution is to expose these cascaded IIO devices as an aggregate device, which report global scaling information. Add IIO backend support to SD modulator to allow scaling information management. Signed-off-by: Olivier Moysan Reviewed-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240730084640.1307938-6-olivier.moysan@foss.st.com Signed-off-by: Jonathan Cameron commit b8f31b1d65e96e45ff94ddc8129f90c21f7c5a5f Author: Olivier Moysan Date: Tue Jul 30 10:46:34 2024 +0200 dt-bindings: iio: dfsdm: move to backend framework Change the DFSDM binding to use the new IIO backend framework, along with the adoption of IIO generic channels. This binding change allows to add scaling support to the DFSDM. Keep the legacy binding as deprecated for backward compatibility. The io-backends property is supported only in generic IIO channel binding. - Channel description with the generic binding (Audio and Analog): Properties superseded by generic properties: st,adc-channels: becomes "reg" property in channel node st,adc-channel-names: becomes "label" property in channel node Properties moved to channel child node: st,adc-channel-types: becomes st,adc-channel-type st,adc-channel-clk-src, st,adc-alt-channel - Analog binding: DFSDM filter channel is configured as an IIO backend consumer. Add io-backends property in channel child nodes. DFSDM is no more configured as a channel consumer from SD modulator. Use of io-channels in DFSDM node is deprecated. - Audio binding: DFSDM audio DAI is configured as a channel consumer from DFSDM filter. No change compare to legacy. Signed-off-by: Olivier Moysan Reviewed-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240730084640.1307938-5-olivier.moysan@foss.st.com Signed-off-by: Jonathan Cameron commit c464cc610f51f6eb5f27bf905d4c1ab1896b2725 Author: Olivier Moysan Date: Tue Jul 30 10:46:33 2024 +0200 iio: add child nodes support in iio backend framework Add an API to support IIO generic channels binding: http://devicetree.org/schemas/iio/adc/adc.yaml# This new API is needed, as generic channel DT node isn't populated as a device. Add devm_iio_backend_fwnode_get() to allow an IIO device backend consumer to reference backend phandles in its child nodes. Signed-off-by: Olivier Moysan Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240730084640.1307938-4-olivier.moysan@foss.st.com Signed-off-by: Jonathan Cameron commit 2530d7d44ca6dc0c1c059f143cdcb2be8600c59a Author: Olivier Moysan Date: Tue Jul 30 10:46:32 2024 +0200 iio: add enable and disable services to iio backend framework Add iio_backend_disable() and iio_backend_enable() APIs to allow IIO backend consumer to request backend disabling and enabling. Signed-off-by: Olivier Moysan Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240730084640.1307938-3-olivier.moysan@foss.st.com Signed-off-by: Jonathan Cameron commit 0737158aabc278526c784f63b8dd8963cdc558a9 Author: Olivier Moysan Date: Tue Jul 30 10:46:31 2024 +0200 iio: add read scale and offset services to iio backend framework Add iio_backend_read_scale() and iio_backend_read_offset() services to read channel scale and offset from an IIO backbend device. Also add a read_raw callback which replicates the read_raw callback of the IIO framework, and is intended to request miscellaneous channel attributes from the backend device. Both scale and offset helpers use this callback. Signed-off-by: Olivier Moysan Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240730084640.1307938-2-olivier.moysan@foss.st.com Signed-off-by: Jonathan Cameron commit c7668ac67bc21aebdd8e2d7f839bfffba31b7713 Author: Krzysztof Kozlowski Date: Tue Aug 6 07:30:16 2024 +0200 dt-bindings: iio: asahi-kasei,ak8975: drop incorrect AK09116 compatible All compatibles in this binding without prefixes were deprecated, so adding a new deprecated one after some time is not allowed, because it defies the core logic of deprecating things. Drop the AK09916 vendorless compatible. Fixes: 76e28aa97fa0 ("iio: magnetometer: ak8975: add AK09116 support") Signed-off-by: Krzysztof Kozlowski Reviewed-by: Conor Dooley Link: https://patch.msgid.link/20240806053016.6401-2-krzysztof.kozlowski@linaro.org Signed-off-by: Jonathan Cameron commit da6e3160df230692bbd48a6d52318035f19595e2 Author: Krzysztof Kozlowski Date: Tue Aug 6 07:30:15 2024 +0200 iio: magnetometer: ak8975: drop incorrect AK09116 compatible All compatibles in this binding without prefixes were deprecated, so adding a new deprecated one after some time is not allowed, because it defies the core logic of deprecating things. Drop the AK09916 vendorless compatible. Fixes: 76e28aa97fa0 ("iio: magnetometer: ak8975: add AK09116 support") Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240806053016.6401-1-krzysztof.kozlowski@linaro.org Signed-off-by: Jonathan Cameron commit 17a9e95c8b6cf4b747e153bfc50df647e37feda1 Author: Nuno Sa Date: Tue Aug 6 15:10:40 2024 +0200 ABI: debugfs-iio-ad9467: document the debugfs interface Document the debugfs interface for the IIO ad9467 high speed ADC. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240806-dev-ad-debugfs-doc-v1-2-153b882a3f01@analog.com Signed-off-by: Jonathan Cameron commit 33e462d2d8ec58275e0478d5e56fc878c06ba7ff Author: Nuno Sa Date: Tue Aug 6 15:10:39 2024 +0200 MAINTAINERS: add entry for ad9467 Document the maintainers for the IIO ad9467 high speed ADC. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240806-dev-ad-debugfs-doc-v1-1-153b882a3f01@analog.com Signed-off-by: Jonathan Cameron commit 69eac4e1e293b94455f9cc68893126952007bac4 Author: Nuno Sa Date: Tue Aug 6 15:35:07 2024 +0200 iio: dac: ad9739a: add backend debugfs interface Call iio_backend_debugfs_add() to add (if available) the backend debug interface. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240806-dev-backend-dac-direct-reg-access-v1-2-b84a6e8ee8a0@analog.com Signed-off-by: Jonathan Cameron commit 24a9453c03686110f641697a09e07cefc57a0b87 Author: Nuno Sa Date: Tue Aug 6 15:35:06 2024 +0200 iio: dac: adi-axi-dac: support debugfs direct_reg_access Make it possible to read/write registers on the backend using the debugfs interface for it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240806-dev-backend-dac-direct-reg-access-v1-1-b84a6e8ee8a0@analog.com Signed-off-by: Jonathan Cameron commit 1e2ae3ce23b35bb8fa81624501b2f697b73afef3 Author: Matteo Martelli Date: Tue Jul 30 11:43:49 2024 +0200 iio: remove unneeded assignment in __iio_format_value Trivial cleanup in __iio_format_value() for the IIO_VAL_FRACTIONAL case where tmp1 = vals[1] assignment is unneeded and irrelevant since tmp1 is immediately overwritten by the subsequent div_s64_rem() call. Signed-off-by: Matteo Martelli Link: https://patch.msgid.link/20240730-iio-clean-fmt-value-v1-1-3e1c3deafc33@gmail.com Signed-off-by: Jonathan Cameron commit 4276a0bb62598966716e1ee1ac4a64d382cc9ef7 Author: Yosry Ahmed Date: Thu Apr 25 21:59:51 2024 +0000 x86/mm: Remove unused CR3_HW_ASID_BITS Commit 6fd166aae78c ("x86/mm: Use/Fix PCID to optimize user/kernel switches") removed the last usage of CR3_HW_ASID_BITS and opted to use X86_CR3_PCID_BITS instead. Remove CR3_HW_ASID_BITS. Signed-off-by: Yosry Ahmed Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240425215951.2310105-1-yosryahmed@google.com commit 72c0f57dbe8bf625108dc67e34f3472f28501776 Author: Norman Bintang Date: Fri Aug 9 22:06:45 2024 +0800 ALSA: pcm: Add xrun counter for snd_pcm_substream This patch adds an xrun counter to snd_pcm_substream as an alternative to using logs from XRUN_DEBUG_BASIC. The counter provides a way to track the number of xrun occurences, accessible through the /proc interface. The counter is enabled when CONFIG_SND_PCM_XRUN_DEBUG is set. Example output: $ cat /proc/asound/card0/pcm9p/sub0/status owner_pid : 1425 trigger_time: 235.248957291 tstamp : 0.000000000 delay : 1912 avail : 480 avail_max : 1920 ----- hw_ptr : 672000 appl_ptr : 673440 xrun_counter: 3 # (new row) Signed-off-by: Norman Bintang Reviewed-by: Chih-Yang Hsia Tested-by: Chih-Yang Hsia Reviewed-by: David Riley Link: https://patch.msgid.link/20240809140648.3414349-1-normanbt@chromium.org Signed-off-by: Takashi Iwai commit e9606148a6712f7a73dc81d69e19325b61bd4d09 Author: Stefan Stistrup Date: Fri Aug 9 22:49:22 2024 +0200 ALSA: usb-audio: Add input gain and master output mixer elements for RME Babyface Pro Add missing input gain and master output mixer controls for RME Babyface Pro. This patch implements: 1. Input gain controls for 2 mic and 2 line inputs 2. Master output volume controls for all 12 output channels These additions allow for more complete control of the Babyface Pro under Linux. Signed-off-by: Stefan Stistrup Link: https://patch.msgid.link/20240809204922.20112-1-sstistrup@gmail.com Signed-off-by: Takashi Iwai commit cc32e9fb380d8afdbf3486d7063d5520bfb0f071 Merge: 089332e703b681 002a5db9a52a0e Author: Kalle Valo Date: Sat Aug 10 10:42:26 2024 +0300 Merge tag 'rtw-next-2024-08-09' of https://github.com/pkshih/rtw rtw-next patches for v6.12 A pull-request for v6.12 containing fixes and features, and list major changes below: rtw88: - improve USB performance by aggregation - fix RX bandwidth for rx_status rtw89: - support new WiFi 6 chip RTL8852BE-VT - support WoWLAN net-detect feature - support hardware encryption in unicast management frames - support hardware rfkill commit 089332e703b681c8f62210ae5ef507df10324356 Author: Gustavo A. R. Silva Date: Tue Aug 6 12:25:57 2024 -0600 wifi: ipw2x00: libipw: Avoid -Wflex-array-member-not-at-end warnings -Wflex-array-member-not-at-end was introduced in GCC-14, and we are getting ready to enable it, globally. So, in order to avoid ending up with a flexible-array member in the middle of multiple other structs, we use the `__struct_group()` helper to create a new tagged `struct libipw_hdr_3addr_hdr`. This structure groups together all the members of the flexible `struct libipw_hdr_3addr` except the flexible array. As a result, the array is effectively separated from the rest of the members without modifying the memory layout of the flexible structure. We then change the type of the middle struct members currently causing trouble from `struct libipw_hdr_3addr` to `struct libipw_hdr_3addr_hdr`. We also want to ensure that when new members need to be added to the flexible structure, they are always included within the newly created tagged struct. For this, we use `static_assert()`. This ensures that the memory layout for both the flexible structure and the new tagged struct is the same after any changes. This approach avoids having to implement `struct libipw_hdr_3addr_hdr` as a completely separate structure, thus preventing having to maintain two independent but basically identical structures, closing the door to potential bugs in the future. Also, remove a couple of unused structures `struct libipw_ibss_dfs` and `struct libipw_assoc_request`. So, with these changes, fix the following warnings: drivers/net/wireless/intel/ipw2x00/libipw.h:403:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/ipw2x00/libipw.h:420:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/ipw2x00/libipw.h:433:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/ipw2x00/libipw.h:441:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/ipw2x00/libipw.h:447:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/ipw2x00/libipw.h:460:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/ipw2x00/libipw.h:468:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/ipw2x00/libipw.h:476:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] drivers/net/wireless/intel/ipw2x00/libipw.h:592:36: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva Signed-off-by: Kalle Valo Link: https://patch.msgid.link/ZrJqtUpCI+uCeb4D@cute commit ca0107c3aa304a50899baadf324bdb3f9db3a87e Author: Sascha Hauer Date: Mon Aug 5 08:39:15 2024 +0200 wifi: mwifiex: add support for WPA-PSK-SHA256 This adds support for the WPA-PSK AKM suite with SHA256 as hashing method (WPA-PSK-SHA256). Tested with a wpa_supplicant provided AP using key_mgmt=WPA-PSK-SHA256. Reviewed-by: Francesco Dolcini Link: https://lore.kernel.org/r/20240717-mwifiex-wpa-psk-sha256-v2-2-eb53d5082b62@pengutronix.de Acked-by: Brian Norris Link: https://lore.kernel.org/r/20240723-mwifiex-wpa-psk-sha256-v3-3-025168a91da1@pengutronix.de Signed-off-by: Sascha Hauer Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240805-mwifiex-wpa-psk-sha256-v4-3-e1eee80508e6@pengutronix.de commit 36aa649915439aa924fb45aec3a6a9acea04a501 Author: Sascha Hauer Date: Mon Aug 5 08:39:14 2024 +0200 wifi: mwifiex: fix key_mgmt setting bss_config->key_mgmt specifies the AKM suites that are usable in hardware. This variable is set to specific values while iterating over the advertised AKM suites. This means the final value of the variable depends on the order of the entries in the AKM suites array. Instead of setting the variable, just set the relevant bits in the key_mgmt bit field to make us independent of the order of entries. This behaviour is derived from the downstream driver that does the same. Also, set bss_config->key_mgmt to zero explicitly right before the loop. bss_config has been zero allocated by the caller already, but do so again to save the reader from following the code path. Reviewed-by: Francesco Dolcini Acked-by: Brian Norris Link: https://lore.kernel.org/r/20240723-mwifiex-wpa-psk-sha256-v3-2-025168a91da1@pengutronix.de Signed-off-by: Sascha Hauer Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240805-mwifiex-wpa-psk-sha256-v4-2-e1eee80508e6@pengutronix.de commit eb84567e7208491cd6733cc867d849ab07dabd67 Author: Sascha Hauer Date: Mon Aug 5 08:39:13 2024 +0200 wifi: mwifiex: simplify WPA flags setting The WPA flags setting only depends on the wpa_versions bitfield and not on the AKM suite, so move it out of the switch/case to simplify the code a bit. Also set bss_config->protocol to zero explicitly. This is done only to make the code clearer, bss_config has been zero alloced by the caller, so should be zero already. No functional change intended. Reviewed-by: Francesco Dolcini Acked-by: Brian Norris Link: https://lore.kernel.org/r/20240723-mwifiex-wpa-psk-sha256-v3-1-025168a91da1@pengutronix.de Signed-off-by: Sascha Hauer Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240805-mwifiex-wpa-psk-sha256-v4-1-e1eee80508e6@pengutronix.de commit 89fbe672bd0e5e5c39600fcc7a3bca0b8a212d23 Author: Toke Høiland-Jørgensen Date: Thu Aug 8 12:37:57 2024 +0200 Revert "wifi: ath9k: use devm for request_irq()" This reverts commit 92da4ce847bc5d942ddfdb102dba92f4e2797a59. Felix pointed out that moving to devm for request_irq() can lead to a use after free, and that avoiding that means having explicit frees that makes the devm thing pretty pointless. So let's just revert the patch. Link: https://lore.kernel.org/r/201f06b6-14f5-41bb-8897-49665cf14b66@nbd.name Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240808103758.11696-1-toke@toke.dk commit ebb9d3ca8f7efc1b6a2f1750d1058eda444883d0 Author: Takashi Sakamoto Date: Sat Aug 10 16:04:03 2024 +0900 firewire: core: correct range of block for case of switch statement A commit d8527cab6c31 ("firewire: cdev: implement new event to notify response subaction with time stamp") adds an additional case, FW_CDEV_EVENT_RESPONSE2, into switch statement in complete_transaction(). However, the range of block is beyond to the case label and reaches neibour default label. This commit corrects the range of block. Fortunately, it has few impacts in practice since the local variable in the scope under the label is not used in codes under default label. Fixes: d8527cab6c31 ("firewire: cdev: implement new event to notify response subaction with time stamp") Link: https://lore.kernel.org/r/20240810070403.36801-1-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit bbfeba260364907a71fe6bd2e398df01d8fc286b Merge: 1862923bf6ae9d 6b5662b75960b3 Author: Jakub Kicinski Date: Fri Aug 9 22:13:17 2024 -0700 Merge branch 'mlx5-misc-patches-2024-08-08' Tariq Toukan says: ==================== mlx5 misc patches 2024-08-08 This patchset contains multiple enhancements from the team to the mlx5 core and Eth drivers. Patch #1 by Chris bumps a defined value to permit more devices doing TC offloads. Patch #2 by Jianbo adds an IPsec fast-path optimization to replace the slow async handling. Patches #3 and #4 by Jianbo add TC offload support for complicated rules to overcome firmware limitation. Patch #5 by Gal unifies the access macro to advertised/supported link modes. Patches #6 to #9 by Gal adds extack messages in ethtool ops to replace prints to the kernel log. Patch #10 by Cosmin switches to using 'update' verb instead of 'replace' to better reflect the operation. Patch #11 by Cosmin exposes an update connection tracking operation to replace the assumed delete+add implementaiton. ==================== Link: https://patch.msgid.link/20240808055927.2059700-1-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit 6b5662b75960b38cee4930284c93bd645b8e03ab Author: Cosmin Ratiu Date: Thu Aug 8 08:59:27 2024 +0300 net/mlx5e: CT: Update connection tracking steering entries Previously, replacing a connection tracking steering entry was done by adding a new rule (with the same tag but possibly different mod hdr actions/labels) then removing the old rule. This approach doesn't work in hardware steering because two steering entries with the same tag cannot coexist in a hardware steering table. This commit prepares for that by adding a new ct_rule_update operation on the ct_fs_ops struct which is used instead of add+delete. Implementations for both dmfs (firmware steering) and smfs (software steering) are provided, which simply add the new rule and delete the old one. Signed-off-by: Cosmin Ratiu Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20240808055927.2059700-12-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit 486aeb2db55b4509039f2e6017b2d06836893ee2 Author: Cosmin Ratiu Date: Thu Aug 8 08:59:26 2024 +0300 net/mlx5e: CT: 'update' rules instead of 'replace' Offloaded rules can be updated with a new modify header action containing a changed restore cookie. This was done using the verb 'replace', while in some configurations 'update' is a better fit. This commit renames the functions used to reflect that. Signed-off-by: Cosmin Ratiu Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20240808055927.2059700-11-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit b5100b72da688282558b28255c03a2d72241a729 Author: Gal Pressman Date: Thu Aug 8 08:59:25 2024 +0300 net/mlx5e: Use extack in get module eeprom by page callback In case of errors in get module eeprom by page, reflect it through extack instead of a dmesg print. While at it, make the messages more human friendly. Signed-off-by: Gal Pressman Reviewed-by: Cosmin Ratiu Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20240808055927.2059700-10-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit 9c4298b466b19651203c8c8847fcbfe3e37ef6b7 Author: Gal Pressman Date: Thu Aug 8 08:59:24 2024 +0300 net/mlx5e: Use extack in set coalesce callback In case of errors in set coalesce, reflect it through extack instead of a dmesg print. While at it, make the messages more human friendly. Signed-off-by: Gal Pressman Reviewed-by: Cosmin Ratiu Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20240808055927.2059700-9-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit 29a943d71d231e2df81fd3834e75264904a77535 Author: Gal Pressman Date: Thu Aug 8 08:59:23 2024 +0300 net/mlx5e: Use extack in get coalesce callback In case of errors in get coalesce, reflect it through extack instead of a dmesg print. Signed-off-by: Gal Pressman Reviewed-by: Cosmin Ratiu Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20240808055927.2059700-8-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit ab666b5287e898fcafc0ad1f2d4506cc3a1bfd23 Author: Gal Pressman Date: Thu Aug 8 08:59:22 2024 +0300 net/mlx5e: Use extack in set ringparams callback In case of errors in set ringparams, reflect it through extack instead of a dmesg print. While at it, make the messages more human friendly and remove two redundant checks that are already validated by the core. Signed-off-by: Gal Pressman Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20240808055927.2059700-7-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit 4384bcff035e3699ab97286875d190f3661acc15 Author: Gal Pressman Date: Thu Aug 8 08:59:21 2024 +0300 net/mlx5e: Be consistent with bitmap handling of link modes Use the bitmap operations when accessing the advertised/supported link modes and remove places that access them as arrays of unsigned longs (underlying implementation of the bitmap), this makes the code much more readable and clear. Signed-off-by: Gal Pressman Reviewed-by: Carolina Jubran Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20240808055927.2059700-6-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit b11bde56246ee85a67364efa0e181b479543dfef Author: Jianbo Liu Date: Thu Aug 8 08:59:20 2024 +0300 net/mlx5e: TC, Offload rewrite and mirror to both internal and external dests Firmware has the limitation that it cannot offload a rule with rewrite and mirror to internal and external destinations simultaneously. This patch adds a workaround to this issue. Here the destination array is split again, just like what's done in previous commit, but after the action indexed by split_count - 1. An extra rule is added for the leftover destinations. Such rule can be offloaded, even there are destinations to both internal and external destinations, because the header rewrite is left in the original FTE. Signed-off-by: Jianbo Liu Reviewed-by: Cosmin Ratiu Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20240808055927.2059700-5-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit 16bb8c613379e20d4adabc639ea6aecdaeba2ff1 Author: Jianbo Liu Date: Thu Aug 8 08:59:19 2024 +0300 net/mlx5e: TC, Offload rewrite and mirror on tunnel over ovs internal port To offload the encap rule when the tunnel IP is configured on an openvswitch internal port, driver need to overwrite vport metadata in reg_c0 to the value assigned to the internal port, then forward packets to root table to be processed again by the rules matching on the metadata for such internal port. When such rule is combined with header rewrite and mirror, openvswitch generates the rule like the following, because it resets mirror after packets are modified. in_port(enp8s0f0npf0sf1),.., actions:enp8s0f0npf0sf2,set(tunnel(...)),set(ipv4(...)),vxlan_sys_4789,enp8s0f0npf0sf2 The split_count was introduced before to support rewrite and mirror. Driver splits the rule into two different hardware rules in order to offload it. But it's not enough to offload the above complicated rule because of the limitations, in both driver and firmware. To resolve this issue, the destination array is split again after the destination indexed by split_count. An extra rule is added for the leftover destinations (in the above example, it is enp8s0f0npf0sf2), and is inserted to post_act table. And the extra destination is added in the original rule to forward to post_act table, so the extra mirror is done there. Signed-off-by: Jianbo Liu Reviewed-by: Cosmin Ratiu Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20240808055927.2059700-4-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit 88c46f6103e232e819b35ca811e96454d70a7138 Author: Jianbo Liu Date: Thu Aug 8 08:59:18 2024 +0300 net/mlx5e: Enable remove flow for hard packet limit In the commit a2a73ea14b1a ("net/mlx5e: Don't listen to remove flows event"), remove_flow_enable event is removed, and the hard limit usually relies on software mechanism added in commit b2f7b01d36a9 ("net/mlx5e: Simulate missing IPsec TX limits hardware functionality"). But the delayed work is rescheduled every one second, which is slow for fast traffic. As a result, traffic can't be blocked even reaches the hard limit, which usually happens when soft and hard limits are very close. In reality it won't happen because soft limit is much lower than hard limit. But, as an optimization for RX to block traffic when reaching hard limit, need to set remove_flow_enable. When remove flow is enabled, IPSEC HARD_LIFETIME ASO syndrome will be set in the metadata defined in the ASO return register if packets reach hard lifetime threshold. And those packets are dropped immediately by the steering table. Signed-off-by: Jianbo Liu Reviewed-by: Leon Romanovsky Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20240808055927.2059700-3-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit 6e20d538fb1dfb9c477a8e991da1fca3064ce0f7 Author: Chris Mi Date: Thu Aug 8 08:59:17 2024 +0300 net/mlx5: E-Switch, Increase max int port number for offload Currently MLX5E_TC_MAX_INT_PORT_NUM is 8. Usually int port has one ingress and one egress rules. But sometimes, a temporary rule can be offloaded as well, eg: recirc_id(0),in_port(br-phy),eth(src=10:70:fd:87:57:c0,dst=33:33:00:00:00:16), eth_type(0x86dd),ipv6(frag=no), packets:2, bytes:180, used:0.060s, actions:enp8s0f0 If one int port device offloads 3 rules, only 2 devices can offload. Other devices will hit the limit and fail to offload. Actually it is insufficient for customers. So increase the number to 32. Signed-off-by: Chris Mi Reviewed-by: Roi Dayan Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20240808055927.2059700-2-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit 1862923bf6ae9d023826abf79d9795a06aecb350 Author: Rosen Penev Date: Wed Aug 7 14:58:27 2024 -0700 net: ag71xx: use phylink_mii_ioctl f1294617d2f38bd2b9f6cce516b0326858b61182 removed the custom function for ndo_eth_ioctl and used the standard phy_do_ioctl which calls phy_mii_ioctl. However since then, this driver was ported to phylink where it makes more sense to call phylink_mii_ioctl. Bring back custom function that calls phylink_mii_ioctl. Signed-off-by: Rosen Penev Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240807215834.33980-1-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit c89c6757cf9212978caeb65e84fbf92fe4495bfc Merge: c146f3d191147a e633e32b60fd67 Author: Jakub Kicinski Date: Fri Aug 9 22:09:20 2024 -0700 Merge branch 'ibmvnic-ibmvnic-rr-patchset' Nick Child says: ==================== ibmvnic: ibmvnic rr patchset v1 - https://lore.kernel.org/netdev/20240801212340.132607-1-nnac123@linux.ibm.com/ v2 - https://lore.kernel.org/netdev/20240806193706.998148-1-nnac123@linux.ibm.com/ ==================== Link: https://patch.msgid.link/20240807211809.1259563-1-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski commit e633e32b60fd6701bed73599b273a2a03621ea54 Author: Nick Child Date: Wed Aug 7 16:18:09 2024 -0500 ibmvnic: Perform tx CSO during send scrq direct During initialization with the vnic server, a bitstring is communicated to the client regarding header info needed during CSO (See "VNIC Capabilities" in PAPR). Most of the time, to be safe, vnic server requests header info for CSO. When header info is needed, multiple TX descriptors are required per skb; This limits the driver to use send_subcrq_indirect instead of send_subcrq_direct. Previously, the vnic server request for header info was ignored. This allowed the use of send_sub_crq_direct. Transmissions were successful because the bitstring returned by vnic server is broad and over cautionary. It was observed that mlx backing devices could actually transmit and handle CSO packets without the vnic server receiving header info (despite the fact that the bitstring requested it). There was a trust issue: The bitstring was overcautionary. This extra precaution (requesting header info when the backing device may not use it) comes at the cost of performance (using direct vs indirect hcalls has a 30% delta in small packet RR transaction rate). So it has been requested that the vnic server team tries to ensure that the bitstring is more exact. In the meantime, disable CSO when it is possible to use the skb in the send_subcrq_direct path. In other words, calculate the checksum before handing the packet to FW when the packet is not segmented and xmit_more is false. Since the code path is only possible if the skb is non GSO and xmit_more is false, the cost of doing checksum in the send_subcrq_direct path is minimal. Any large segmented skb will have xmit_more set to true more frequently and it is inexpensive to do checksumming on a small skb. The worst-case workload would be a 9000 MTU TCP_RR test with close to MTU sized packets (and TSO off). This allows xmit_more to be false more frequently and open the code path up to use send_subcrq_direct. Observing trace data (graph-time = 1) and packet rate with this workload shows minimal performance degradation: 1. NIC does checksum w headers, safely use send_subcrq_indirect: - Packet rate: 631k txs - Trace data: ibmvnic_xmit = 44344685.87 us / 6234576 hits = AVG 7.11 us skb_checksum_help = 4.07 us / 2 hits = AVG 2.04 us ^ Notice hits, tracing this just for reassurance ibmvnic_tx_scrq_flush = 33040649.69 us / 5638441 hits = AVG 5.86 us send_subcrq_indirect = 37438922.24 us / 6030859 hits = AVG 6.21 us 2. NIC does checksum w/o headers, dangerously use send_subcrq_direct: - Packet rate: 831k txs - Trace data: ibmvnic_xmit = 48940092.29 us / 8187630 hits = AVG 5.98 us skb_checksum_help = 2.03 us / 1 hits = AVG 2.03 ibmvnic_tx_scrq_flush = 31141879.57 us / 7948960 hits = AVG 3.92 us send_subcrq_indirect = 8412506.03 us / 728781 hits = AVG 11.54 ^ notice hits is much lower b/c send_subcrq_direct was called ^ wasn't traceable 3. driver does checksum, safely use send_subcrq_direct (THIS PATCH): - Packet rate: 829k txs - Trace data: ibmvnic_xmit = 56696077.63 us / 8066168 hits = AVG 7.03 us skb_checksum_help = 8587456.16 us / 7526072 hits = AVG 1.14 us ibmvnic_tx_scrq_flush = 30219545.55 us / 7782409 hits = AVG 3.88 us send_subcrq_indirect = 8638326.44 us / 763693 hits = AVG 11.31 us When the bitstring ever specifies that CSO does not require headers (dependent on VIOS vnic server changes), then this patch should be removed and replaced with one that investigates the bitstring before using send_subcrq_direct. Signed-off-by: Nick Child Link: https://patch.msgid.link/20240807211809.1259563-8-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski commit 1c33e29245ccb1182876eb57319777456f9e509c Author: Nick Child Date: Wed Aug 7 16:18:08 2024 -0500 ibmvnic: Only record tx completed bytes once per handler Byte Queue Limits depends on dql_completed being called once per tx completion round in order to adjust its algorithm appropriately. The dql->limit value is an approximation of the amount of bytes that the NIC can consume per irq interval. If this approximation is too high then the NIC will become over-saturated. Too low and the NIC will starve. The dql->limit depends on dql->prev-* stats to calculate an optimal value. If dql_completed() is called more than once per irq handler then those prev-* values become unreliable (because they are not an accurate representation of the previous state of the NIC) resulting in a sub-optimal limit value. Therefore, move the call to netdev_tx_completed_queue() to the end of ibmvnic_complete_tx(). When performing 150 sessions of TCP rr (request-response 1 byte packets) workloads, one could observe: PREVIOUSLY: - limit and inflight values hovering around 130 - transaction rate of around 750k pps. NOW: - limit rises and falls in response to inflight (130-900) - transaction rate of around 1M pps (33% improvement) Signed-off-by: Nick Child Link: https://patch.msgid.link/20240807211809.1259563-7-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski commit 74839f7a82689bf5a21a5447cae8e3a7b7a606d2 Author: Nick Child Date: Wed Aug 7 16:18:07 2024 -0500 ibmvnic: Introduce send sub-crq direct Firmware supports two hcalls to send a sub-crq request: H_SEND_SUB_CRQ_INDIRECT and H_SEND_SUB_CRQ. The indirect hcall allows for submission of batched messages while the other hcall is limited to only one message. This protocol is defined in PAPR section 17.2.3.3. Previously, the ibmvnic xmit function only used the indirect hcall. This allowed the driver to batch it's skbs. A single skb can occupy a few entries per hcall depending on if FW requires skb header information or not. The FW only needs header information if the packet is segmented. By this logic, if an skb is not GSO then it can fit in one sub-crq message and therefore is a candidate for H_SEND_SUB_CRQ. Batching skb transmission is only useful when there are more packets coming down the line (ie netdev_xmit_more is true). As it turns out, H_SEND_SUB_CRQ induces less latency than H_SEND_SUB_CRQ_INDIRECT. Therefore, use H_SEND_SUB_CRQ where appropriate. Small latency gains seen when doing TCP_RR_150 (request/response workload). Ftrace results (graph-time=1): Previous: ibmvnic_xmit = 29618270.83 us / 8860058.0 hits = AVG 3.34 ibmvnic_tx_scrq_flush = 21972231.02 us / 6553972.0 hits = AVG 3.35 Now: ibmvnic_xmit = 22153350.96 us / 8438942.0 hits = AVG 2.63 ibmvnic_tx_scrq_flush = 15858922.4 us / 6244076.0 hits = AVG 2.54 Signed-off-by: Nick Child Link: https://patch.msgid.link/20240807211809.1259563-6-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski commit 6e7a57581abea5335cbf29d738724d25d3c302d7 Author: Nick Child Date: Wed Aug 7 16:18:06 2024 -0500 ibmvnic: Remove duplicate memory barriers in tx send_subcrq_[in]direct() already has a dma memory barrier. Remove the earlier one. Signed-off-by: Nick Child Link: https://patch.msgid.link/20240807211809.1259563-5-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski commit d95f749a0b5e42a30d7025d19c15a11c1a570e72 Author: Nick Child Date: Wed Aug 7 16:18:05 2024 -0500 ibmvnic: Reduce memcpys in tx descriptor generation Previously when creating the header descriptors, the driver would: 1. allocate a temporary buffer on the stack (in build_hdr_descs_arr) 2. memcpy the header info into the temporary buffer (in build_hdr_data) 3. memcpy the temp buffer into a local variable (in create_hdr_descs) 4. copy the local variable into the return buffer (in create_hdr_descs) Since, there is no opportunity for errors during this process, the temp buffer is not needed and work can be done on the return buffer directly. Repurpose build_hdr_data() to only calculate the header lengths. Rename it to get_hdr_lens(). Edit create_hdr_descs() to read from the skb directly and copy directly into the returned useful buffer. The process now involves less memory and write operations while also being more readable. Signed-off-by: Nick Child Link: https://patch.msgid.link/20240807211809.1259563-4-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski commit b41b45ecee6ba74bd590b113be9f349c6b818b46 Author: Nick Child Date: Wed Aug 7 16:18:04 2024 -0500 ibmvnic: Use header len helper functions on tx Use the header length helper functions rather than trying to calculate it within the driver. There are defined functions for mac and network headers (skb_mac_header_len and skb_network_header_len) but no such function exists for the transport header length. Also, hdr_data was memset during allocation to all 0's so no need to memset again. Signed-off-by: Nick Child Link: https://patch.msgid.link/20240807211809.1259563-3-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski commit dda10fc801a9d81829e624ef75ecdfc94f39b310 Author: Nick Child Date: Wed Aug 7 16:18:03 2024 -0500 ibmvnic: Only replenish rx pool when resources are getting low Previously, the driver would replenish the rx pool if the polling function consumed less than the budget. The logic being that the driver did not exhaust its budget so that must mean that the driver is not busy and has cycles to spare for replenishing the pool. So pool replenishment happens on every poll which did not consume the budget. This can very costly during request-response tests. In fact, an extra ~100pps can be seen in TCP_RR_150 tests when we remove this conditional. Trace results (ftrace, graph-time=1) for the poll function are below: Previous results: ibmvnic_poll = 64951846.0 us / 4167628.0 hits = AVG 15.58 replenish_rx_pool = 17602846.0 us / 4710437.0 hits = AVG 3.74 Now: ibmvnic_poll = 57673941.0 us / 4791737.0 hits = AVG 12.04 replenish_rx_pool = 3938171.6 us / 4314.0 hits = AVG 912.88 While the replenish function takes longer, it is hit less frequently meaning the ibmvnic_poll function, on average, is faster. Furthermore, this change does not have a negative effect on performance bandwidth/latency measurements. Signed-off-by: Nick Child Link: https://patch.msgid.link/20240807211809.1259563-2-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski commit c146f3d191147a12d6c9ac61c4e48ac2dc53edc0 Author: Christophe Leroy Date: Thu Aug 8 09:16:48 2024 +0200 net: fs_enet: Fix warning due to wrong type Building fs_enet on powerpc e500 leads to following warning: CC drivers/net/ethernet/freescale/fs_enet/mac-scc.o In file included from ./include/linux/build_bug.h:5, from ./include/linux/container_of.h:5, from ./include/linux/list.h:5, from ./include/linux/module.h:12, from drivers/net/ethernet/freescale/fs_enet/mac-scc.c:15: drivers/net/ethernet/freescale/fs_enet/mac-scc.c: In function 'allocate_bd': ./include/linux/err.h:28:49: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] 28 | #define IS_ERR_VALUE(x) unlikely((unsigned long)(void *)(x) >= (unsigned long)-MAX_ERRNO) | ^ ./include/linux/compiler.h:77:45: note: in definition of macro 'unlikely' 77 | # define unlikely(x) __builtin_expect(!!(x), 0) | ^ drivers/net/ethernet/freescale/fs_enet/mac-scc.c:138:13: note: in expansion of macro 'IS_ERR_VALUE' 138 | if (IS_ERR_VALUE(fep->ring_mem_addr)) | ^~~~~~~~~~~~ This is due to fep->ring_mem_addr not being a pointer but a DMA address which is 64 bits on that platform while pointers are 32 bits as this is a 32 bits platform with wider physical bus. However, using fep->ring_mem_addr is just wrong because cpm_muram_alloc() returns an offset within the muram and not a physical address directly. So use fpi->dpram_offset instead. Signed-off-by: Christophe Leroy Reviewed-by: Simon Horman Link: https://patch.msgid.link/ec67ea3a3bef7e58b8dc959f7c17d405af0d27e4.1723101144.git.christophe.leroy@csgroup.eu Signed-off-by: Jakub Kicinski commit 2d5c9dd2cde33150f9dbb8ee091eff05eb6c7df3 Author: zhangxiangqian Date: Thu Aug 8 17:39:45 2024 +0800 net: usb: cdc_ether: don't spew notifications The usbnet_link_change function is not called, if the link has not changed. ... [16913.807393][ 3] cdc_ether 1-2:2.0 enx00e0995fd1ac: kevent 12 may have been dropped [16913.822266][ 2] cdc_ether 1-2:2.0 enx00e0995fd1ac: kevent 12 may have been dropped [16913.826296][ 2] cdc_ether 1-2:2.0 enx00e0995fd1ac: kevent 11 may have been dropped ... kevent 11 is scheduled too frequently and may affect other event schedules. Signed-off-by: zhangxiangqian Acked-by: Oliver Neukum Link: https://patch.msgid.link/1723109985-11996-1-git-send-email-zhangxiangqian@kylinos.cn Signed-off-by: Jakub Kicinski commit 916b7d31f7eef81fe20f86ef52c36938fa971872 Author: Mina Almasry Date: Thu Aug 8 20:53:45 2024 +0000 ethtool: refactor checking max channels Currently ethtool_set_channel calls separate functions to check whether the new channel number violates rss configuration or flow steering configuration. Very soon we need to check whether the new channel number violates memory provider configuration as well. To do all 3 checks cleanly, add a wrapper around ethtool_get_max_rxnfc_channel() and ethtool_get_max_rxfh_channel(), which does both checks. We can later extend this wrapper to add the memory provider check in one place. Note that in the current code, we put a descriptive genl error message when we run into issues. To preserve the error message, we pass the genl_info* to the common helper. The ioctl calls can pass NULL instead. Suggested-by: Jakub Kicinski Signed-off-by: Mina Almasry Link: https://patch.msgid.link/20240808205345.2141858-1-almasrymina@google.com Signed-off-by: Jakub Kicinski commit 001412493e74d89166d2441b622eeaea00511bdc Author: Eric Biggers Date: Mon Aug 5 11:27:13 2024 -0700 crypto: x86/aes-gcm - fix PREEMPT_RT issue in gcm_crypt() On PREEMPT_RT, kfree() takes sleeping locks and must not be called with preemption disabled. Therefore, on PREEMPT_RT skcipher_walk_done() must not be called from within a kernel_fpu_{begin,end}() pair, even when it's the last call which is guaranteed to not allocate memory. Therefore, move the last skcipher_walk_done() in gcm_crypt() to the end of the function so that it goes after the kernel_fpu_end(). To make this work cleanly, rework the data processing loop to handle only non-last data segments. Fixes: b06affb1cb58 ("crypto: x86/aes-gcm - add VAES and AVX512 / AVX10 optimized AES-GCM") Reported-by: Sebastian Andrzej Siewior Closes: https://lore.kernel.org/linux-crypto/20240802102333.itejxOsJ@linutronix.de Signed-off-by: Eric Biggers Tested-by: Sebastian Andrzej Siewior Signed-off-by: Herbert Xu commit 4b7acc85de14ee8a2236f54445dc635d47eceac0 Author: Gaosheng Cui Date: Sat Aug 3 14:49:23 2024 +0800 hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume Add the missing clk_disable_unprepare() before return in cctrng_resume(). Fixes: a583ed310bb6 ("hwrng: cctrng - introduce Arm CryptoCell driver") Cc: Signed-off-by: Gaosheng Cui Signed-off-by: Herbert Xu commit d57e2f7cffd57fe2800332dec768ec1b67a4159f Author: Gaosheng Cui Date: Sat Aug 3 14:49:22 2024 +0800 hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init Add the missing clk_disable_unprepare() before return in bcm2835_rng_init(). Fixes: e5f9f41d5e62 ("hwrng: bcm2835 - add reset support") Cc: Signed-off-by: Gaosheng Cui Reviewed-by: Florian Fainelli Signed-off-by: Herbert Xu commit da4fe6815aca25603944a64b0965310512e867d0 Author: Herbert Xu Date: Fri Aug 2 14:09:00 2024 +0800 Revert "lib/mpi: Introduce ec implementation to MPI library" This reverts commit d58bb7e55a8a65894cc02f27c3e2bf9403e7c40f. It's no longer needed since sm2 has been removed. Signed-off-by: Herbert Xu commit dcf4fef6631c302f9bdd188979fe3172e47a29c7 Author: Aurelien Jarno Date: Tue Jul 30 17:11:04 2024 +0100 hwrng: rockchip - add hwrng driver for Rockchip RK3568 SoC Rockchip SoCs used to have a random number generator as part of their crypto device, and support for it has to be added to the corresponding driver. However newer Rockchip SoCs like the RK3568 have an independent True Random Number Generator device. This patch adds a driver for it, greatly inspired from the downstream driver. The TRNG device does not seem to have a signal conditionner and the FIPS 140-2 test returns a lot of failures. They can be reduced by increasing RK_RNG_SAMPLE_CNT, in a tradeoff between quality and speed. This value has been adjusted to get ~90% of successes and the quality value has been set accordingly. Signed-off-by: Aurelien Jarno [daniel@makrotpia.org: code style fixes] Signed-off-by: Daniel Golle Acked-by: Krzysztof Kozlowski Signed-off-by: Herbert Xu commit 16fd38ab651ecebf1ff3d637f437f17e88cdc777 Author: Aurelien Jarno Date: Tue Jul 30 17:08:19 2024 +0100 dt-bindings: rng: Add Rockchip RK3568 TRNG Add the True Random Number Generator on the Rockchip RK3568 SoC. Signed-off-by: Aurelien Jarno Signed-off-by: Daniel Golle Reviewed-by: Krzysztof Kozlowski Signed-off-by: Herbert Xu commit f5903f50070518b6722559d25744f8a8dbe5011e Author: Herbert Xu Date: Tue Jul 30 11:41:55 2024 +0800 crypto: caam/qi* - Use cpumask_var_t instead of cpumask_t Switch cpumask_t to cpumask_var_t as the former may be too big for the stack: CC [M] drivers/crypto/caam/qi.o CC [M] drivers/crypto/caam/caamalg_qi2.o ../drivers/crypto/caam/qi.c: In function ‘caam_qi_init’: ../drivers/crypto/caam/qi.c:808:1: warning: the frame size of 1056 bytes is larger than 1024 bytes [-Wframe-larger-than=] 808 | } | ^ CHECK ../drivers/crypto/caam/qi.c ../drivers/crypto/caam/caamalg_qi2.c: In function ‘dpaa2_dpseci_setup’: ../drivers/crypto/caam/caamalg_qi2.c:5135:1: warning: the frame size of 1032 bytes is larger than 1024 bytes [-Wframe-larger-than=] 5135 | } | ^ Also fix the error path handling in qi.c. Signed-off-by: Herbert Xu commit 9d3a7ff2ce1781a77ad6f8896e1256875c17631e Author: Francesco Dolcini Date: Mon Jul 29 13:36:40 2024 +0200 hwrng: cn10k - Enable by default CN10K driver if Thunder SoC is enabled Before commit addea5858b66 ("hwrng: Kconfig - Do not enable by default CN10K driver") the Marvell CN10K Random Number Generator was always enabled when HW_RANDOM was enabled. This was changed with that commit to prevent having this driver being always enabled on arm64. To prevent introducing regression with some old defconfig enable the driver when ARCH_THUNDER is enabled. Fixes: addea5858b66 ("hwrng: Kconfig - Do not enable by default CN10K driver") Closes: https://lore.kernel.org/all/SN7PR18MB53144B37B82ADEEC5D35AE0CE3AC2@SN7PR18MB5314.namprd18.prod.outlook.com/ Signed-off-by: Francesco Dolcini Signed-off-by: Herbert Xu commit fc61c658c94cb7405ca6946d8f2a2b71cef49845 Author: Pavitrakumar M Date: Mon Jul 29 09:43:50 2024 +0530 crypto: spacc - Enable Driver compilation in crypto Kconfig and Makefile Signed-off-by: Bhoomika K Signed-off-by: Pavitrakumar M Acked-by: Ruud Derwig Signed-off-by: Herbert Xu commit cb67c924b2a7b561bd7f4f2bd66766337c1007b7 Author: Pavitrakumar M Date: Mon Jul 29 09:43:49 2024 +0530 crypto: spacc - Add SPAcc Kconfig and Makefile Signed-off-by: shwetar Signed-off-by: Pavitrakumar M Acked-by: Ruud Derwig Signed-off-by: Herbert Xu commit 06af76b46c78f4729fe2f9712a74502c90d87554 Author: Pavitrakumar M Date: Mon Jul 29 09:43:48 2024 +0530 crypto: spacc - Add SPAcc aead support Signed-off-by: shwetar Signed-off-by: Pavitrakumar M Acked-by: Ruud Derwig Signed-off-by: Herbert Xu commit 9f1a7ab4d31ef30fbf8adb0985300049469f2270 Author: Pavitrakumar M Date: Mon Jul 29 09:43:47 2024 +0530 crypto: spacc - Add SPAcc ahash support Signed-off-by: shwetar Signed-off-by: Pavitrakumar M Acked-by: Ruud Derwig Signed-off-by: Herbert Xu commit 8ebb14deef0f374f7ca0d34a1ad720ba0a7b79f3 Author: Pavitrakumar M Date: Mon Jul 29 09:43:46 2024 +0530 crypto: spacc - Enable SPAcc AUTODETECT Signed-off-by: Bhoomika K Signed-off-by: Pavitrakumar M Acked-by: Ruud Derwig Signed-off-by: Herbert Xu commit c8981d9230d808e62c65349d0b255c7f4b9087d6 Author: Pavitrakumar M Date: Mon Jul 29 09:43:45 2024 +0530 crypto: spacc - Add SPAcc Skcipher support Signed-off-by: Bhoomika K Signed-off-by: Pavitrakumar M Acked-by: Ruud Derwig Signed-off-by: Herbert Xu commit 08b5a4798713f4331317272752b27b1c4f6a246d Author: Lucas De Marchi Date: Thu Aug 8 10:11:21 2024 -0700 drm/xe: Allow to compile out debugfs Use a dummy xe_debugfs_register() if debugfs is not enabled and move all debugfs-related files under `ifeq ($(CONFIG_DEBUG_FS),y)` in the Makefile. This is similar to what was done for display in commit 439987f6f471 ("drm/xe: don't build debugfs files when CONFIG_DEBUG_FS=n"). This removes the following warning while loading xe with CONFIG_DEUBG_FS=n: xe 0000:03:00.0: [drm] Create GT directory failed Reviewed-by: Nirmoy Das Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240808171121.2484237-1-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit d79fdaef2b55deea0df3fc6af4d4ac60e81a527c Author: Matthew Brost Date: Fri Aug 9 12:19:29 2024 -0700 drm/xe: Allow suspend / resume to be safely called multiple times Switching modes between LR and dma-fence can result in multiple calls to suspend / resume. Make these calls safe while still enforcing call order. Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240809191929.3138956-6-matthew.brost@intel.com commit 885c31382509d13fd70f6a9c42637eb72056a6ce Author: Matthew Brost Date: Fri Aug 9 12:19:28 2024 -0700 drm/xe: Only enable scheduling upon resume if needed No need to enable scheduling in already enabled. Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240809191929.3138956-5-matthew.brost@intel.com commit 17d6abcbf6249b4ef22f41b255de2be2691ec32e Author: Matthew Brost Date: Fri Aug 9 12:19:27 2024 -0700 drm/xe: Add xe_sched_add_msg_locked helper Will help by allowing callers to own message locking. Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240809191929.3138956-4-matthew.brost@intel.com commit fc33077765e9104f84b49d9b9e0702a41d5269d6 Author: Matthew Brost Date: Fri Aug 9 12:19:26 2024 -0700 drm/xe: Reinit msg link when processing a message Will help to avoid adding a static message twice. Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240809191929.3138956-3-matthew.brost@intel.com commit a86ee96ce819800a399e0260c5ffad793c9c6ac3 Author: Matthew Brost Date: Fri Aug 9 12:19:25 2024 -0700 drm/xe: Add xe_sched_msg_lock/unlock helper Will help callers to own locking when adding messages to scheduler. Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240809191929.3138956-2-matthew.brost@intel.com commit cb1898f58e0f175d168a5a8c5a269a4d24cbbef5 Author: Namhyung Kim Date: Tue Aug 6 23:17:13 2024 -0700 perf annotate-data: Support --skip-empty option The --skip-empty option is to hide dummy events in a group. Like other output mode in 'perf report' and 'perf annotate', the data-type profiling output should support the option. Committer testing: With dummy: root@number:~# perf annotate --stdio --group --data-type --skip-empty | head -24 Annotate type: 'pthread_mutex_t' in /usr/lib64/libc.so.6 (50 samples): event[0] = cpu_atom/mem-loads,ldlat=30/P event[1] = cpu_atom/mem-stores/P event[2] = dummy:u ============================================================================ Percent offset size field 100.00 100.00 0.00 0 40 pthread_mutex_t { 100.00 100.00 0.00 0 40 struct __pthread_mutex_s __data { 45.21 84.54 0.00 0 4 int __lock; 0.00 0.00 0.00 4 4 unsigned int __count; 0.00 1.83 0.00 8 4 int __owner; 5.19 10.65 0.00 12 4 unsigned int __nusers; 49.61 2.97 0.00 16 4 int __kind; 0.00 0.00 0.00 20 2 short int __spins; 0.00 0.00 0.00 22 2 short int __elision; 0.00 0.00 0.00 24 16 __pthread_list_t __list { 0.00 0.00 0.00 24 8 struct __pthread_internal_list* __prev; 0.00 0.00 0.00 32 8 struct __pthread_internal_list* __next; }; }; 0.00 0.00 0.00 0 0 char[] __size; 45.21 84.54 0.00 0 8 long int __align; }; Skipping it: root@number:~# perf annotate --stdio --group --data-type --skip-empty | head -24 Annotate type: 'pthread_mutex_t' in /usr/lib64/libc.so.6 (50 samples): event[0] = cpu_atom/mem-loads,ldlat=30/P event[1] = cpu_atom/mem-stores/P ============================================================================ Percent offset size field 100.00 100.00 0 40 pthread_mutex_t { 100.00 100.00 0 40 struct __pthread_mutex_s __data { 45.21 84.54 0 4 int __lock; 0.00 0.00 4 4 unsigned int __count; 0.00 1.83 8 4 int __owner; 5.19 10.65 12 4 unsigned int __nusers; 49.61 2.97 16 4 int __kind; 0.00 0.00 20 2 short int __spins; 0.00 0.00 22 2 short int __elision; 0.00 0.00 24 16 __pthread_list_t __list { 0.00 0.00 24 8 struct __pthread_internal_list* __prev; 0.00 0.00 32 8 struct __pthread_internal_list* __next; }; }; 0.00 0.00 0 0 char[] __size; 45.21 84.54 0 8 long int __align; }; Annotate type: 'pthread_mutexattr_t' in /usr/lib64/libc.so.6 (1 samples): root@number:~# Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240807061713.1642924-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 336989d00f2140c7524b76126aa62c8a47a5a1d3 Author: Namhyung Kim Date: Tue Aug 6 23:15:55 2024 -0700 perf annotate: Fix --group behavior when leader has no samples When --group option is used, it should display all events together. But the current logic only checks if the first (leader) event has samples or not. Let's check the member events as well. Also it missed to put the linked samples from member evsels to the output RB-tree so that it can be displayed in the output. For example, take a look at this example. $ ./perf evlist cpu/mem-loads,ldlat=30/P cpu/mem-stores/P dummy:u It has three events but 'path_put' function has samples only for mem-stores (second) event. $ sudo ./perf annotate --stdio -f path_put Percent | Source code & Disassembly of kcore for cpu/mem-stores/P (2 samples, percent: local period) ---------------------------------------------------------------------------------------------------------- : 0 0xffffffffae600020 : 0.00 : ffffffffae600020: endbr64 0.00 : ffffffffae600024: nopl (%rax, %rax) 91.22 : ffffffffae600029: pushq %rbx 0.00 : ffffffffae60002a: movq %rdi, %rbx 0.00 : ffffffffae60002d: movq 8(%rdi), %rdi 8.78 : ffffffffae600031: callq 0xffffffffae614aa0 0.00 : ffffffffae600036: movq (%rbx), %rdi 0.00 : ffffffffae600039: popq %rbx 0.00 : ffffffffae60003a: jmp 0xffffffffae620670 0.00 : ffffffffae60003f: nop Therefore, it didn't show up when --group option is used since the leader ("mem-loads") event has no samples. But now it checks both events. Before: $ sudo ./perf annotate --stdio -f --group path_put (no output) After: $ sudo ./perf annotate --stdio -f --group path_put Percent | Source code & Disassembly of kcore for cpu/mem-loads,ldlat=30/P, cpu/mem-stores/P, dummy:u (0 samples, percent: local period) ------------------------------------------------------------------------------------------------------------------------------------------------------------- : 0 0xffffffffae600020 : 0.00 0.00 0.00 : ffffffffae600020: endbr64 0.00 0.00 0.00 : ffffffffae600024: nopl (%rax, %rax) 0.00 91.22 0.00 : ffffffffae600029: pushq %rbx 0.00 0.00 0.00 : ffffffffae60002a: movq %rdi, %rbx 0.00 0.00 0.00 : ffffffffae60002d: movq 8(%rdi), %rdi 0.00 8.78 0.00 : ffffffffae600031: callq 0xffffffffae614aa0 0.00 0.00 0.00 : ffffffffae600036: movq (%rbx), %rdi 0.00 0.00 0.00 : ffffffffae600039: popq %rbx 0.00 0.00 0.00 : ffffffffae60003a: jmp 0xffffffffae620670 0.00 0.00 0.00 : ffffffffae60003f: nop Committer testing: Before: root@number:~# perf annotate --group --stdio2 clear_page_erms root@number:~# After: root@number:~# perf annotate --group --stdio2 clear_page_erms Samples: 125 of events 'cpu_atom/mem-loads,ldlat=30/P, cpu_atom/mem-stores/P, dummy:u', 4000 Hz, Event count (approx.): 13198416, [percent: local period] clear_page_erms() /proc/kcore Percent 0xffffffff990c6cc0 : endbr64 movl $0x1000,%ecx xorl %eax,%eax 0.00 100.00 0.00 rep stosb %al, (%rdi) ← retq int3 int3 int3 int3 nop nop root@number:~# Reported-by: Arnaldo Carvalho de Melo Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: http://lore.kernel.org/lkml/20240807061555.1642669-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 46c3e31cb0f805f8329756b3d6fc2809839f172e Merge: 60029162a04588 1e7c05292531e5 Author: Thomas Gleixner Date: Fri Aug 9 23:04:41 2024 +0200 Merge tag 'irq-domain-24-08-09' into irq/core Merge the irqdomain changes which are required for regmap to apply depending patches and therefore tagged. commit 1e7c05292531e5b6bebe409cd531ed4ec0b2ff56 Author: Matti Vaittinen Date: Thu Aug 8 22:23:06 2024 +0200 irqdomain: Allow giving name suffix for domain Devices can provide multiple interrupt lines. One reason for this is that a device has multiple subfunctions, each providing its own interrupt line. Another reason is that a device can be designed to be used (also) on a system where some of the interrupts can be routed to another processor. A line often further acts as a demultiplex for specific interrupts and has it's respective set of interrupt (status, mask, ack, ...) registers. Regmap supports the handling of these registers and demultiplexing interrupts, but the interrupt domain code ends up assigning the same name for the per interrupt line domains. This causes a naming collision in the debugFS code and leads to confusion, as /proc/interrupts shows two separate interrupts with the same domain name and hardware interrupt number. Instead of adding a workaround in regmap or driver code, allow giving a name suffix for the domain name when the domain is created. Add a name_suffix field in the irq_domain_info structure and make irq_domain_instantiate() use this suffix if it is given when a domain is created. [ tglx: Adopt it to the cleanup patch and fixup the invalid NULL return ] Signed-off-by: Matti Vaittinen Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/871q2yvk5x.ffs@tglx commit 1bf2c92829274e7c815d06d7b3196a967ff70917 Author: Thomas Gleixner Date: Thu Aug 8 22:19:41 2024 +0200 irqdomain: Cleanup domain name allocation irq_domain_set_name() is truly unreadable gunk. Clean it up before adding more. Signed-off-by: Thomas Gleixner Reviewed-by: Matti Vaittinen Link: https://lore.kernel.org/all/874j7uvkbm.ffs@tglx commit 70114e7f7585ef078c2b7033ee14218f95f55e22 Author: Matti Vaittinen Date: Thu Aug 8 15:34:02 2024 +0300 irqdomain: Simplify simple and legacy domain creation irq_domain_create_simple() and irq_domain_create_legacy() use __irq_domain_instantiate(), but have extra handling of allocating interrupt descriptors and associating interrupts in them. Some of that is duplicated. There are also call sites which have conditonals to invoke different interrupt domain creator functions, where one of them is usually irq_domain_create_legacy(). Alternatively they associate the interrupts for the legacy case after creating the domain. Moving the extra logic of irq_domain_create_simple()/legacy() into __irq_domain_instantiate() allows to consolidate that. Introduce hwirq_base and virq_base members in the irq_domain_info structure, which allows to transport the required information and add the conditional interrupt descriptor allocation and interrupt association into __irq_domain_instantiate(). This reduces irq_domain_create_legacy() and irq_domain_create_simple() to trivial wrappers which fill in the info structure and allows call sites which must support the legacy case along with more modern mechanism to select the domain type via the parameters of the info struct. [ tglx: Massaged change log ] Suggested-by: Thomas Gleixner Signed-off-by: Matti Vaittinen Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/32d07bd79eb2b5416e24da9e9e8fe5955423dcf9.1723120028.git.mazziesaccount@gmail.com commit 890a1961c812db801e0f9dfaa4af233aa3c6ab63 Author: Andi Kleen Date: Wed Aug 7 16:18:20 2024 -0700 perf tools: Create source symlink in perf object dir Create a source symlink to the original source in the objdir. This is similar to what the main kernel build script does. Committer testing: ⬢[acme@toolbox perf-tools-next]$ make O=/tmp/build/$(basename $PWD)/ -C tools/perf install-bin ⬢[acme@toolbox perf-tools-next]$ ls -la /tmp/build/perf-tools-next/source lrwxrwxrwx. 1 acme acme 41 Aug 9 16:26 /tmp/build/perf-tools-next/source -> /home/acme/git/perf-tools-next/tools/perf ⬢[acme@toolbox perf-tools-next]$ Signed-off-by: Andi Kleen Tested-by: Arnaldo Carvalho de Melo Acked-by: Ian Rogers Acked-by: Namhyung Kim Link: https://lore.kernel.org/r/20240807231823.898979-1-ak@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 13d675aea6cac5bb4619ef9e3fdd90129fe6d139 Author: Arnaldo Carvalho de Melo Date: Fri Aug 9 11:32:45 2024 -0300 perf debuginfo: Fix the build with !HAVE_DWARF_SUPPORT In that case we have a set of placeholder functions, one of them uses a 'Dwarf_Addr' type that is not present as it is defined in the missing DWARF libraries, so provide a placeholder typedef for that as well. The build error before this patch: In file included from util/annotate.c:28: util/debuginfo.h:44:46: error: unknown type name ‘Dwarf_Addr’ 44 | Dwarf_Addr *offs __maybe_unused, | ^~~~~~~~~~ make[6]: *** [/home/acme/git/perf-tools-next/tools/build/Makefile.build:106: util/annotate.o] Error 1 make[6]: *** Waiting for unfinished jobs.... Acked-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Link: https://lore.kernel.org/lkml/CAM9d7ciushSwEfj7yW4rtDEJBTcCB991V4cswwFEL+cv6QF2pg@mail.gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit 3e40aa29d47e231a54640addf6a09c1f64c5b63f Author: Ilpo Järvinen Date: Thu Aug 8 15:17:07 2024 +0300 PCI: Wait for Link before restoring Downstream Buses __pci_reset_bus() calls pci_bridge_secondary_bus_reset() to perform the reset and also waits for the Secondary Bus to become again accessible. __pci_reset_bus() then calls pci_bus_restore_locked() that restores the PCI devices connected to the bus, and if necessary, recursively restores also the subordinate buses and their devices. The logic in pci_bus_restore_locked() does not take into account that after restoring a device on one level, there might be another Link Downstream that can only start to come up after restore has been performed for its Downstream Port device. That is, the Link may require additional wait until it becomes accessible. Similarly, pci_slot_restore_locked() lacks wait. Amend pci_bus_restore_locked() and pci_slot_restore_locked() to wait for the Secondary Bus before recursively performing the restore of that bus. Fixes: 090a3c5322e9 ("PCI: Add pci_reset_slot() and pci_reset_bus()") Link: https://lore.kernel.org/r/20240808121708.2523-1-ilpo.jarvinen@linux.intel.com Signed-off-by: Ilpo Järvinen Signed-off-by: Bjorn Helgaas commit 549dd786b61cd3db903f5d94d07fc5a89ccdbeb9 Author: Matthew Brost Date: Wed Jul 24 08:28:31 2024 -0700 drm/xe: Move VM dma-resv lock from xe_exec_queue_create to __xe_exec_queue_init The critical section which requires the VM dma-resv is the call xe_lrc_create in __xe_exec_queue_init. Move this lock to __xe_exec_queue_init holding it just around xe_lrc_create. Not only is good practice, this also fixes a locking double of the VM dma-resv in the error paths of __xe_exec_queue_init as xe_lrc_put tries to acquire this too resulting in a deadlock. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Cc: Maarten Lankhorst Signed-off-by: Matthew Brost Reviewed-by: Maarten Lankhorst Link: https://patchwork.freedesktop.org/patch/msgid/20240724152831.1848325-1-matthew.brost@intel.com commit 2eb20b96d7696dc354e1b38c511418b56291013c Author: Philipp Stanner Date: Wed Aug 7 10:30:20 2024 +0200 drm/ast: Request PCI BAR with devres ast currently ioremaps two PCI BARs using pcim_iomap(). It does not perform a request on the regions, however, which would make the driver a bit more robust. PCI now offers pcim_iomap_region(), a managed function which both requests and ioremaps a BAR. Replace pcim_iomap() with pcim_iomap_region(). Suggested-by: Thomas Zimmermann Link: https://lore.kernel.org/r/20240807083018.8734-4-pstanner@redhat.com Signed-off-by: Philipp Stanner Signed-off-by: Bjorn Helgaas Reviewed-by: Thomas Zimmermann Acked-by: Dave Airlie commit d140f80f603584d8282817994c0c6241e736bef4 Author: Philipp Stanner Date: Wed Aug 7 10:30:18 2024 +0200 PCI: Deprecate pcim_iomap_regions() in favor of pcim_iomap_region() pcim_iomap_regions() is a complicated function that uses a bit mask to determine the BARs the user wishes to request and ioremap. Almost all users only ever set a single bit in that mask, making that mechanism questionable. pcim_iomap_region() is now available as a more simple replacement. Make pcim_iomap_region() a public function. Mark pcim_iomap_regions() as deprecated. Link: https://lore.kernel.org/r/20240807083018.8734-2-pstanner@redhat.com Signed-off-by: Philipp Stanner Signed-off-by: Bjorn Helgaas commit 89121e5d0857bbf41f1987c3c6019f4f318aec4c Author: Philipp Stanner Date: Mon Jul 29 11:36:27 2024 +0200 drm/vboxvideo: Add PCI region request vboxvideo currently does not reserve its PCI BAR through a region request. Implement the request through the managed function pcim_request_region(). Link: https://lore.kernel.org/r/20240729093625.17561-5-pstanner@redhat.com Signed-off-by: Philipp Stanner Signed-off-by: Bjorn Helgaas Tested-by: Hans de Goede Reviewed-by: Hans de Goede Acked-by: Hans de Goede commit 7ff7509fa52397455e04bd44982e9dfbbd19457f Author: Philipp Stanner Date: Mon Jul 29 11:36:26 2024 +0200 PCI: Make pcim_request_region() a public function pcim_request_region() is the managed counterpart of pci_request_region(). It is currently only used internally for PCI. It can be useful for a number of drivers and exporting it is a step towards deprecating more complicated functions. Make pcim_request_region() a public function. Link: https://lore.kernel.org/r/20240729093625.17561-4-pstanner@redhat.com Signed-off-by: Philipp Stanner Signed-off-by: Bjorn Helgaas Tested-by: Hans de Goede Reviewed-by: Hans de Goede Acked-by: Hans de Goede commit 265baca69a0735b64227a43d4be865a95ba514bb Author: Lukas Wunner Date: Mon Aug 5 17:24:05 2024 +0200 s390/pci: Stop usurping pdev->dev.groups Bjorn suggests using pdev->dev.groups for attribute_groups constructed on PCI device enumeration: "Is it feasible to build an attribute group in pci_doe_init() and add it to dev->groups so device_add() will automatically add them?" https://lore.kernel.org/r/20231019165829.GA1381099@bhelgaas Unfortunately on s390, pcibios_device_add() usurps pdev->dev.groups for arch-specific attribute_groups, preventing its use for anything else. Introduce an ARCH_PCI_DEV_GROUPS macro which arches can define in . The macro is visible in drivers/pci/pci-sysfs.c through the inclusion of , which in turn includes . On s390, define the macro to the three attribute_groups previously assigned to pdev->dev.groups. Thereby pdev->dev.groups is made available for use by the PCI core. As a side effect, arch/s390/pci/pci_sysfs.c no longer needs to be compiled into the kernel if CONFIG_SYSFS=n. Link: https://lore.kernel.org/r/7b970f7923e373d1b23784721208f93418720485.1722870934.git.lukas@wunner.de Signed-off-by: Lukas Wunner Signed-off-by: Bjorn Helgaas Acked-by: Niklas Schnelle commit f73286f3922f9968e850fe1e0e476d04dde2e57c Author: Frank Li Date: Thu Jul 4 12:40:19 2024 -0400 dt-bindings: PCI: host-generic-pci: Drop minItems and maxItems of ranges The ranges description states that "at least one non-prefetchable memory and one or both of prefetchable memory and IO space may also be provided." However, it should not limit the maximum number of ranges to 3. Freescale LS1028 and iMX95 use more than 3 ranges because the space splits some discontinuous prefetchable and non-prefetchable segments. Drop minItems and maxItems. The number of entries will be limited to 32 in pci-bus-common.yaml in dtschema, which should be sufficient. Fixes this CHECK_DTBS warning: arch/arm64/boot/dts/freescale/fsl-ls1028a-rdb.dtb: pcie@1f0000000: ranges: [[2181038080, 1, 4160749568, 1, 4160749568, 0, 1441792], [3254779904, 1, 4162191360, 1, 4162191360, 0, 458752], [2181038080, 1, 4162650112, 1, 4162650112, 0, 131072], [3254779904, 1, 4162781184, 1, 4162781184, 0, 131072], [2181038080, 1, 4162912256, 1, 4162912256, 0, 131072], [3254779904, 1, 4163043328, 1, 4163043328, 0, 131072], [2181038080, 1, 4227858432, 1, 4227858432, 0, 4194304]] is too long Link: https://lore.kernel.org/r/20240704164019.611454-1-Frank.Li@nxp.com Signed-off-by: Frank Li Signed-off-by: Bjorn Helgaas Reviewed-by: Rob Herring (Arm) commit 9b103943ab281d137df1cdb48dcef329a87e0a06 Author: Waiman Long Date: Thu Aug 8 23:22:59 2024 -0400 cgroup: Fix incorrect WARN_ON_ONCE() in css_release_work_fn() It turns out that the WARN_ON_ONCE() call in css_release_work_fn introduced by commit ab0312526867 ("cgroup: Show # of subsystem CSSes in cgroup.stat") is incorrect. Although css->nr_descendants must be 0 when a css is released and ready to be freed, the corresponding cgrp->nr_dying_subsys[ss->id] may not be 0 if a subsystem is activated and deactivated multiple times with one or more of its previous activation leaving behind dying csses. Fix the incorrect warning by removing the cgrp->nr_dying_subsys check. Fixes: ab0312526867 ("cgroup: Show # of subsystem CSSes in cgroup.stat") Closes: https://lore.kernel.org/cgroups/6f301773-2fce-4602-a391-8af7ef00b2fb@redhat.com/T/#t Signed-off-by: Waiman Long Signed-off-by: Tejun Heo commit 76fb981ad6774b82f06703c896b492c8659b543b Author: Aboorva Devarajan Date: Fri Aug 9 14:07:28 2024 +0530 tools/cpupower: display residency value in idle-info Update cpuidle tool to display the residency value of cpuidle states. This addition provides a clearer and more detailed view of idle state information when using cpuidle-info. -------------------------------- Before Patch: -------------------------------- $ cpupower idle-info CPUidle driver: intel_idle CPUidle governor: menu analyzing CPU 28: Number of idle states: 3 Available idle states: POLL C1 C1E POLL: Flags/Description: CPUIDLE CORE POLL IDLE Latency: 0 Usage: 7448 Duration: 207170 C1: Flags/Description: MWAIT 0x00 Latency: 2 Usage: 7023 Duration: 3736853 C1E: Flags/Description: MWAIT 0x01 Latency: 10 Usage: 18468 Duration: 11396212 -------------------------------- After Patch: -------------------------------- $ cpupower idle-info CPUidle driver: intel_idle CPUidle governor: menu analyzing CPU 12: Number of idle states: 3 Available idle states: POLL C1 C1E POLL: Flags/Description: CPUIDLE CORE POLL IDLE Latency: 0 Residency: 0 Usage: 1950 Duration: 38458 C1: Flags/Description: MWAIT 0x00 Latency: 2 Residency: 2 Usage: 10688 Duration: 7133020 C1E: Flags/Description: MWAIT 0x01 Latency: 10 Residency: 20 Usage: 22356 Duration: 15687259 -------------------------------- Signed-off-by: Aboorva Devarajan Signed-off-by: Shuah Khan commit 05673c42f73965c6381ab986b4dd2145700e6a0c Author: Zixian Cai Date: Fri Aug 9 08:01:36 2024 +0000 perf script python: Add the 'ins_lat' field to event handler For example, when using the Alder Lake PMU memory load event, the instruction latency is stored in 'ins_lat', while the cache latency is stored in 'weight'. This patch reports the 'ins_lat' field for Python scripting. Committer testing: On a Rocket Lake Refresh Intel machine (14th gen): root@number:~# grep -m1 'model name' /proc/cpuinfo model name : Intel(R) Core(TM) i7-14700K root@number:~# perf mem record -a sleep 5 Memory events are enabled on a subset of CPUs: 16-27 [ perf record: Woken up 85 times to write data ] [ perf record: Captured and wrote 41.236 MB perf.data (191390 samples) ] root@number:~# perf evlist -v cpu_atom/mem-loads,ldlat=30/P: type: 10 (cpu_atom), size: 136, config: 0x5d0 (mem-loads), { sample_period, sample_freq }: 4000, sample_type: IP|TID|TIME|ADDR|CPU|PERIOD|IDENTIFIER|DATA_SRC|WEIGHT_STRUCT, read_format: ID|LOST, disabled: 1, inherit: 1, freq: 1, precise_ip: 3, sample_id_all: 1, { bp_addr, config1 }: 0x1f cpu_atom/mem-stores/P: type: 10 (cpu_atom), size: 136, config: 0x6d0 (mem-stores), { sample_period, sample_freq }: 4000, sample_type: IP|TID|TIME|ADDR|CPU|PERIOD|IDENTIFIER|DATA_SRC|WEIGHT_STRUCT, read_format: ID|LOST, disabled: 1, inherit: 1, freq: 1, precise_ip: 3, sample_id_all: 1 dummy:u: type: 1 (software), size: 136, config: 0x9 (PERF_COUNT_SW_DUMMY), { sample_period, sample_freq }: 1, sample_type: IP|TID|TIME|ADDR|CPU|IDENTIFIER|DATA_SRC|WEIGHT_STRUCT, read_format: ID|LOST, inherit: 1, exclude_kernel: 1, exclude_hv: 1, mmap: 1, comm: 1, task: 1, mmap_data: 1, sample_id_all: 1, exclude_guest: 1, mmap2: 1, comm_exec: 1, ksymbol: 1, bpf_event: 1 root@number:~# Now generate a python script to then dump the dictionary that now needs to have that 'ins_lat' field: root@number:~# perf script --gen python generated Python script: perf-script.py root@number:~# vim perf-script.py root@number:~# perf script -s perf-script.py | head -40 in trace_begin in trace_end root@number:~# vim perf-script.py Reviewed-by: Adrian Hunter Signed-off-by: Zixian Cai Cc: Alexander Shishkin Cc: Ben Gainey Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Paran Lee Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240809080137.3590148-1-fzczx123@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit 4d5921a39f67232f5d61440956c552f6e7a892d4 Author: Peng Fan Date: Fri Jun 28 11:03:09 2024 +0800 dt-bindings: firmware: arm,scmi: Add support for system power protocol Add SCMI System Power Protocol bindings, and the protocol id is 0x12. Signed-off-by: Peng Fan Reviewed-by: Rob Herring (Arm) Message-Id: <20240628030309.1162012-1-peng.fan@oss.nxp.com> Signed-off-by: Sudeep Holla commit eedc060cff725ff53f284c63d55a42f49e6d2b3c Author: Etienne Carriere Date: Thu Jul 25 08:53:17 2024 +0200 firmware: arm_scmi: Fix voltage description in failure cases Reset the reception buffer max size when a voltage domain description request fails, for example when the voltage domain returns an access permission error (SCMI_ERR_ACCESS) unless what only a single 32bit word is read back for the remaining voltage description requests responses leading to invalid information. The side effect of this issue is that the voltage regulators registered from those remaining SCMI voltage domain were assigned a wrong regulator name. Signed-off-by: Etienne Carriere Reviewed-by: Cristian Marussi Message-Id: <20240725065317.3758165-1-etienne.carriere@foss.st.com> Signed-off-by: Sudeep Holla commit bd02b0737f3816073e7a37a667190dea3c195e4a Author: Luke Parkin Date: Mon Aug 5 14:10:12 2024 +0100 firmware: arm_scmi: Add support to reset the debug metrics It is sometimes useful to reset all these SCMI communication debug metrics especially when we are interested in analysing these metrics during a particular workload or for a fixed time duration. Let us add the capability to reset all these metrics as once so that they can be counted during the period of interest. Signed-off-by: Luke Parkin Reviewed-by: Cristian Marussi Tested-by: Cristian Marussi Message-Id: <20240805131013.587016-6-sudeep.holla@arm.com> Signed-off-by: Sudeep Holla commit f6a905eaf6bfcf63d7b83d27bf3046e0e7a6f0a6 Author: Luke Parkin Date: Mon Aug 5 14:10:11 2024 +0100 firmware: arm_scmi: Create debugfs files for SCMI communication debug metrics Now that the basic support to collect the SCMI communication debug metrics is in place, let us create debugfs files for the same so that they are accessible to the users/debuggers. Signed-off-by: Luke Parkin Reviewed-by: Cristian Marussi Tested-by: Cristian Marussi Message-Id: <20240805131013.587016-5-sudeep.holla@arm.com> Signed-off-by: Sudeep Holla commit 0b3d48c4726e1b20dffd2ff81a9d94d5d930220b Author: Luke Parkin Date: Mon Aug 5 14:10:10 2024 +0100 firmware: arm_scmi: Track basic SCMI communication debug metrics Add the support for counting some of the SCMI communication debug metrics like how many were sent successfully or with some errors, responses received, notifications and delayed responses, transfer timeouts and errors from the firmware/platform. In many cases, the traces exists. But the traces are not always necessarily enabled and getting such cumulative SCMI communication debug metrics helps in understanding if there are any possible improvements that can be made on either side of SCMI communication. Signed-off-by: Luke Parkin Reviewed-by: Cristian Marussi Tested-by: Cristian Marussi Message-Id: <20240805131013.587016-4-sudeep.holla@arm.com> Signed-off-by: Sudeep Holla commit 1b18d4295f9d1125bc7a799fc12924cd45fc04b1 Author: Luke Parkin Date: Mon Aug 5 14:10:09 2024 +0100 firmware: arm_scmi: Add support for debug metrics at the interface Since SCMI involves interaction with the entity(software, firmware and/or hardware) providing services or features, it is quite useful to track certain metrics(for pure debugging purposes) like how many messages were sent or received, were there any failures, what kind of failures, ..etc. Add a new optional config option for the above purpose and the initial support for counting such key debug metrics. Signed-off-by: Luke Parkin Reviewed-by: Cristian Marussi Tested-by: Cristian Marussi Message-Id: <20240805131013.587016-3-sudeep.holla@arm.com> Signed-off-by: Sudeep Holla commit 20c9234d623cc54caed843739c1f89b305eb3bfa Author: Luke Parkin Date: Mon Aug 5 14:10:08 2024 +0100 firmware: arm_scmi: Remove superfluous handle_to_scmi_info Variable info is already defined in the outer code block and there is no need to define the same again in the inner code block. Let us just remove that duplicate definition of the variable info. No functional change. Reviewed-by: Cristian Marussi Tested-by: Cristian Marussi Signed-off-by: Luke Parkin Message-Id: <20240805131013.587016-2-sudeep.holla@arm.com> Signed-off-by: Sudeep Holla commit a1927fbbf74f9f61eb5c6d1414037c97a8d942ab Author: Thadeu Lima de Souza Cascardo Date: Fri Jul 26 15:12:35 2024 -0300 platform/chrome: cros_ec_typec: add remove driver hook This allows the driver to be unbound and bound again. Otherwise, when unbinding the driver, there will be leftover sysfs entries. When rebinding the driver, it also ends up touching freed memory when adding to the notifier chain as the old one was not removed and ends up being traversed. Add a remove_new driver hook, which removes the notifier from the chain and unregisters the typec ports. Signed-off-by: Thadeu Lima de Souza Cascardo Link: https://lore.kernel.org/r/20240726181235.920335-1-cascardo@igalia.com Signed-off-by: Tzung-Bi Shih commit 838ba7733e4e3a94a928e8d0a058de1811a58621 Author: Thomas Gleixner Date: Sun Jul 28 13:06:10 2024 +0200 x86/apic: Remove logical destination mode for 64-bit Logical destination mode of the local APIC is used for systems with up to 8 CPUs. It has an advantage over physical destination mode as it allows to target multiple CPUs at once with IPIs. That advantage was definitely worth it when systems with up to 8 CPUs were state of the art for servers and workstations, but that's history. Aside of that there are systems which fail to work with logical destination mode as the ACPI/DMI quirks show and there are AMD Zen1 systems out there which fail when interrupt remapping is enabled as reported by Rob and Christian. The latter problem can be cured by firmware updates, but not all OEMs distribute the required changes. Physical destination mode is guaranteed to work because it is the only way to get a CPU up and running via the INIT/INIT/STARTUP sequence. As the number of CPUs keeps increasing, logical destination mode becomes a less used code path so there is no real good reason to keep it around. Therefore remove logical destination mode support for 64-bit and default to physical destination mode. Reported-by: Rob Newcater Reported-by: Christian Heusel Signed-off-by: Thomas Gleixner Tested-by: Borislav Petkov (AMD) Tested-by: Rob Newcater Link: https://lore.kernel.org/all/877cd5u671.ffs@tglx commit 4004f3029e1f612903f03df497153c90a2752130 Merge: f6c9a097b55e19 9cacb32a0ba691 Author: Takashi Iwai Date: Fri Aug 9 14:25:16 2024 +0200 Merge branch 'topic/control-lookup-rwlock' into for-next Pull control lookup optimization changes. Signed-off-by: Takashi Iwai commit 9cacb32a0ba691c2859a20bd5e30b71cc592fad2 Author: Takashi Iwai Date: Fri Aug 9 12:42:31 2024 +0200 ASoC: Drop snd_soc_*_get_kcontrol_locked() The recent cleanup in ALSA control core made no difference between snd_ctl_find_id_mixer() and snd_ctl_find_id_mixer_locked(), and the latter is to be dropped. The only user of the left API was ASoC, and that's snd_soc_card_get_kcontrol_locked() and snd_soc_component_get_kcontrol_locked(). This patch drops those functions and rewrites those users to call the variant without locked instead. The test of the API became superfluous, hence dropped as well. As all callers of snd_ctl_find_id_mixer_locked() are gone, snd_ctl_find_id_mixer_locked() is finally dropped, too. Reviewed-by: Mark Brown Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240809104234.8488-4-tiwai@suse.de commit 38ea4c3dc306edf6f4e483e8ad9cb8d33943afde Author: Takashi Iwai Date: Fri Aug 9 12:42:30 2024 +0200 ALSA: control: Optimize locking for look-up For a fast look-up of a control element via either numid or name matching (enabled via CONFIG_SND_CTL_FAST_LOOKUP), a locking isn't needed at all thanks to Xarray. OTOH, the locking is still needed for a slow linked-list traversal, and that's rather a rare case. In this patch, we reduce the use of locking at snd_ctl_find_*() API functions, and switch from controls_rwsem to controls_rwlock for avoiding unnecessary lock inversions. This also resulted in a nice cleanup, as *_unlocked() version of snd_ctl_find_*() APIs can be dropped. snd_ctl_find_id_mixer_unlocked() is still left just as an alias of snd_ctl_find_id_mixer(), since soc-card.c has a wrapper and there are several users. Once after converting there, we can remove it later. Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240809104234.8488-3-tiwai@suse.de commit f428cc9eac6e29d57579be4978ba210c344322ea Author: Takashi Iwai Date: Fri Aug 9 12:42:29 2024 +0200 ALSA: control: Rename ctl_files_rwlock to controls_rwlock We'll re-use the existing rwlock for the protection of control list lookup, too, and now rename it to a more generic name. This is a preliminary change, only the rename of the struct field here, no functional changes. Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240809104234.8488-2-tiwai@suse.de commit 600a91931057bfec0afd665759c5574ed137cbea Merge: 36fb51479e3c11 3ade6ce1255e6e Author: David S. Miller Date: Fri Aug 9 13:18:46 2024 +0100 Merge branch 'selftest-rds' Allison Henderson says: ==================== selftests: rds selftest This series is a new selftest that Vegard, Chuck and myself have been working on to provide some test coverage for rds. I've modified the scripts to include the feedback from the last version, but let me know if there's anything missed. Questions and comments appreciated. Thanks everyone! Allison Changes in v2: - Removed qemu vm creation and related code - Updated README.txt with examples of running the test with virtme - Removed init.sh. run.sh now directly calls test.py - Some clean up done with the return code handling since there is no vm between the scripts anymore - Imported ip python function in tools/testing/selftests/net/lib/py/utils.py into test.py - Adapted test.py to use the imported ip function, and removed the local ip wrapper - Some line wrap clean up - Link to v1: https://lore.kernel.org/netdev/20240626012834.5678-3-allison.henderson@oracle.com/T ==================== Signed-off-by: David S. Miller commit 3ade6ce1255e6e97f91b8ba77408dce9d2292df2 Author: Vegard Nossum Date: Tue Aug 6 08:38:09 2024 -0700 selftests: rds: add testing infrastructure This adds some basic self-testing infrastructure for RDS-TCP. Signed-off-by: Vegard Nossum Signed-off-by: Chuck Lever Signed-off-by: Allison Henderson Signed-off-by: David S. Miller commit bc75dcc3cea797974913c6ccdbe17ed470be3da6 Author: Vegard Nossum Date: Tue Aug 6 08:38:08 2024 -0700 net: rds: add option for GCOV profiling To better our unit tests we need code coverage to be part of the kernel. This patch borrows heavily from how CONFIG_GCOV_PROFILE_FTRACE is implemented Reviewed-by: Chuck Lever Signed-off-by: Vegard Nossum Signed-off-by: Allison Henderson Signed-off-by: David S. Miller commit a0f6e5e9f1f8a0837a9e3ccc5a1f98cbfd2a6cf4 Author: Vegard Nossum Date: Tue Aug 6 08:38:07 2024 -0700 .gitignore: add .gcda files These files contain the runtime coverage data generated by gcov. Signed-off-by: Vegard Nossum Signed-off-by: Chuck Lever Signed-off-by: Allison Henderson Signed-off-by: David S. Miller commit a857add73e61277fb8f688234c9d383130313ea7 Author: Chris Wilson Date: Wed Aug 7 10:10:14 2024 +0100 drm/i915/gt: Mark the GT as dead when mmio is unreliable After we detect that mmio is returning all 0xff, we believe that the GPU has dropped off the pci bus and is dead. Mark the device as wedged such that we can propagate the failure back to userspace and wait for recovery. Signed-off-by: Chris Wilson Signed-off-by: Andi Shyti Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240807091014.469992-1-andi.shyti@linux.intel.com commit 36fb51479e3c1112013f60f01e3b9725f8f9baf7 Author: Simon Horman Date: Tue Aug 6 11:52:01 2024 +0100 net: stmmac: xgmac: use const char arrays for string constants Jiri Slaby advises me that the preferred mechanism for declaring string constants is static char arrays, so use that here. This mostly reverts commit 1692b9775e74 ("net: stmmac: xgmac: use #define for string constants") That commit was a fix for commit 46eba193d04f ("net: stmmac: xgmac: fix handling of DPP safety error for DMA channels"). The fix being replacing const char * with #defines in order to address compilation failures observed on GCC 6 through 10. Compile tested only. No functional change intended. Suggested-by: Jiri Slaby Link: https://lore.kernel.org/netdev/485dbc5a-a04b-40c2-9481-955eaa5ce2e2@kernel.org/ Signed-off-by: Simon Horman Signed-off-by: David S. Miller commit 2524d6c28bdcb114372e86354c88d2e47eb1019d Author: Pawel Dembicki Date: Mon Aug 5 23:23:22 2024 +0200 net: dsa: vsc73xx: use defined values in phy operations This commit changes magic numbers in phy operations. Some shifted registers was replaced with bitfield macros. No functional changes done. Reviewed-by: Linus Walleij Reviewed-by: Florian Fainelli Signed-off-by: Pawel Dembicki Signed-off-by: David S. Miller commit 49224a345c488a0e176f193a60a2a76e82349e3e Merge: 8400291e289ee6 a1d220d9dafa8d Author: Christian Brauner Date: Fri Aug 9 12:44:55 2024 +0200 Merge patch series "nsfs: iterate through mount namespaces" Christian Brauner says: Recently, we added the ability to list mounts in other mount namespaces and the ability to retrieve namespace file descriptors without having to go through procfs by deriving them from pidfds. This extends nsfs in two ways: (1) Add the ability to retrieve information about a mount namespace via NS_MNT_GET_INFO. This will return the mount namespace id and the number of mounts currently in the mount namespace. The number of mounts can be used to size the buffer that needs to be used for listmount() and is in general useful without having to actually iterate through all the mounts. The structure is extensible. (2) Add the ability to iterate through all mount namespaces over which the caller holds privilege returning the file descriptor for the next or previous mount namespace. To retrieve a mount namespace the caller must be privileged wrt to it's owning user namespace. This means that PID 1 on the host can list all mounts in all mount namespaces or that a container can list all mounts of its nested containers. Optionally pass a structure for NS_MNT_GET_INFO with NS_MNT_GET_{PREV,NEXT} to retrieve information about the mount namespace in one go. (1) and (2) can be implemented for other namespace types easily. Together with recent api additions this means one can iterate through all mounts in all mount namespaces without ever touching procfs. Here's a sample program list_all_mounts_everywhere.c: // SPDX-License-Identifier: GPL-2.0-or-later #define _GNU_SOURCE #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #define die_errno(format, ...) \ do { \ fprintf(stderr, "%m | %s: %d: %s: " format "\n", __FILE__, \ __LINE__, __func__, ##__VA_ARGS__); \ exit(EXIT_FAILURE); \ } while (0) /* Get the id for a mount namespace */ #define NS_GET_MNTNS_ID _IO(0xb7, 0x5) /* Get next mount namespace. */ struct mnt_ns_info { __u32 size; __u32 nr_mounts; __u64 mnt_ns_id; }; #define MNT_NS_INFO_SIZE_VER0 16 /* size of first published struct */ /* Get information about namespace. */ #define NS_MNT_GET_INFO _IOR(0xb7, 10, struct mnt_ns_info) /* Get next namespace. */ #define NS_MNT_GET_NEXT _IOR(0xb7, 11, struct mnt_ns_info) /* Get previous namespace. */ #define NS_MNT_GET_PREV _IOR(0xb7, 12, struct mnt_ns_info) #define PIDFD_GET_MNT_NAMESPACE _IO(0xFF, 3) #define STATX_MNT_ID_UNIQUE 0x00004000U /* Want/got extended stx_mount_id */ #define __NR_listmount 458 #define __NR_statmount 457 /* * @mask bits for statmount(2) */ #define STATMOUNT_SB_BASIC 0x00000001U /* Want/got sb_... */ #define STATMOUNT_MNT_BASIC 0x00000002U /* Want/got mnt_... */ #define STATMOUNT_PROPAGATE_FROM 0x00000004U /* Want/got propagate_from */ #define STATMOUNT_MNT_ROOT 0x00000008U /* Want/got mnt_root */ #define STATMOUNT_MNT_POINT 0x00000010U /* Want/got mnt_point */ #define STATMOUNT_FS_TYPE 0x00000020U /* Want/got fs_type */ #define STATMOUNT_MNT_NS_ID 0x00000040U /* Want/got mnt_ns_id */ #define STATMOUNT_MNT_OPTS 0x00000080U /* Want/got mnt_opts */ struct statmount { __u32 size; /* Total size, including strings */ __u32 mnt_opts; __u64 mask; /* What results were written */ __u32 sb_dev_major; /* Device ID */ __u32 sb_dev_minor; __u64 sb_magic; /* ..._SUPER_MAGIC */ __u32 sb_flags; /* SB_{RDONLY,SYNCHRONOUS,DIRSYNC,LAZYTIME} */ __u32 fs_type; /* [str] Filesystem type */ __u64 mnt_id; /* Unique ID of mount */ __u64 mnt_parent_id; /* Unique ID of parent (for root == mnt_id) */ __u32 mnt_id_old; /* Reused IDs used in proc/.../mountinfo */ __u32 mnt_parent_id_old; __u64 mnt_attr; /* MOUNT_ATTR_... */ __u64 mnt_propagation; /* MS_{SHARED,SLAVE,PRIVATE,UNBINDABLE} */ __u64 mnt_peer_group; /* ID of shared peer group */ __u64 mnt_master; /* Mount receives propagation from this ID */ __u64 propagate_from; /* Propagation from in current namespace */ __u32 mnt_root; /* [str] Root of mount relative to root of fs */ __u32 mnt_point; /* [str] Mountpoint relative to current root */ __u64 mnt_ns_id; __u64 __spare2[49]; char str[]; /* Variable size part containing strings */ }; struct mnt_id_req { __u32 size; __u32 spare; __u64 mnt_id; __u64 param; __u64 mnt_ns_id; }; #define MNT_ID_REQ_SIZE_VER1 32 /* sizeof second published struct */ #define LSMT_ROOT 0xffffffffffffffff /* root mount */ static int __statmount(__u64 mnt_id, __u64 mnt_ns_id, __u64 mask, struct statmount *stmnt, size_t bufsize, unsigned int flags) { struct mnt_id_req req = { .size = MNT_ID_REQ_SIZE_VER1, .mnt_id = mnt_id, .param = mask, .mnt_ns_id = mnt_ns_id, }; return syscall(__NR_statmount, &req, stmnt, bufsize, flags); } static struct statmount *sys_statmount(__u64 mnt_id, __u64 mnt_ns_id, __u64 mask, unsigned int flags) { size_t bufsize = 1 << 15; struct statmount *stmnt = NULL, *tmp = NULL; int ret; for (;;) { tmp = realloc(stmnt, bufsize); if (!tmp) goto out; stmnt = tmp; ret = __statmount(mnt_id, mnt_ns_id, mask, stmnt, bufsize, flags); if (!ret) return stmnt; if (errno != EOVERFLOW) goto out; bufsize <<= 1; if (bufsize >= UINT_MAX / 2) goto out; } out: free(stmnt); printf("statmount failed"); return NULL; } static ssize_t sys_listmount(__u64 mnt_id, __u64 last_mnt_id, __u64 mnt_ns_id, __u64 list[], size_t num, unsigned int flags) { struct mnt_id_req req = { .size = MNT_ID_REQ_SIZE_VER1, .mnt_id = mnt_id, .param = last_mnt_id, .mnt_ns_id = mnt_ns_id, }; return syscall(__NR_listmount, &req, list, num, flags); } int main(int argc, char *argv[]) { #define LISTMNT_BUFFER 10 __u64 list[LISTMNT_BUFFER], last_mnt_id = 0; int ret, pidfd, fd_mntns; struct mnt_ns_info info = {}; pidfd = pidfd_open(getpid(), 0); if (pidfd < 0) die_errno("pidfd_open failed"); fd_mntns = ioctl(pidfd, PIDFD_GET_MNT_NAMESPACE, 0); if (fd_mntns < 0) die_errno("ioctl(PIDFD_GET_MNT_NAMESPACE) failed"); ret = ioctl(fd_mntns, NS_MNT_GET_INFO, &info); if (ret < 0) die_errno("ioctl(NS_GET_MNTNS_ID) failed"); printf("Listing %u mounts for mount namespace %d:%llu\n", info.nr_mounts, fd_mntns, info.mnt_ns_id); for (;;) { ssize_t nr_mounts; next: nr_mounts = sys_listmount(LSMT_ROOT, last_mnt_id, info.mnt_ns_id, list, LISTMNT_BUFFER, 0); if (nr_mounts <= 0) { printf("Finished listing mounts for mount namespace %d:%llu\n\n", fd_mntns, info.mnt_ns_id); ret = ioctl(fd_mntns, NS_MNT_GET_NEXT, 0); if (ret < 0) die_errno("ioctl(NS_MNT_GET_NEXT) failed"); close(ret); ret = ioctl(fd_mntns, NS_MNT_GET_NEXT, &info); if (ret < 0) { if (errno == ENOENT) { printf("Finished listing all mount namespaces\n"); exit(0); } die_errno("ioctl(NS_MNT_GET_NEXT) failed"); } close(fd_mntns); fd_mntns = ret; last_mnt_id = 0; printf("Listing %u mounts for mount namespace %d:%llu\n", info.nr_mounts, fd_mntns, info.mnt_ns_id); goto next; } for (size_t cur = 0; cur < nr_mounts; cur++) { struct statmount *stmnt; last_mnt_id = list[cur]; stmnt = sys_statmount(last_mnt_id, info.mnt_ns_id, STATMOUNT_SB_BASIC | STATMOUNT_MNT_BASIC | STATMOUNT_MNT_ROOT | STATMOUNT_MNT_POINT | STATMOUNT_MNT_NS_ID | STATMOUNT_MNT_OPTS | STATMOUNT_FS_TYPE, 0); if (!stmnt) { printf("Failed to statmount(%llu) in mount namespace(%llu)\n", last_mnt_id, info.mnt_ns_id); continue; } printf("mnt_id(%u/%llu) | mnt_parent_id(%u/%llu): %s @ %s ==> %s with options: %s\n", stmnt->mnt_id_old, stmnt->mnt_id, stmnt->mnt_parent_id_old, stmnt->mnt_parent_id, stmnt->str + stmnt->fs_type, stmnt->str + stmnt->mnt_root, stmnt->str + stmnt->mnt_point, stmnt->str + stmnt->mnt_opts); free(stmnt); } } exit(0); } * patches from https://lore.kernel.org/r/20240719-work-mount-namespace-v1-0-834113cab0d2@kernel.org: nsfs: iterate through mount namespaces file: add fput() cleanup helper fs: add put_mnt_ns() cleanup helper fs: allow mount namespace fd Signed-off-by: Christian Brauner commit a1d220d9dafa8d76ba60a784a1016c3134e6a1e8 Author: Christian Brauner Date: Fri Jul 19 13:41:52 2024 +0200 nsfs: iterate through mount namespaces It is already possible to list mounts in other mount namespaces and to retrieve namespace file descriptors without having to go through procfs by deriving them from pidfds. Augment these abilities by adding the ability to retrieve information about a mount namespace via NS_MNT_GET_INFO. This will return the mount namespace id and the number of mounts currently in the mount namespace. The number of mounts can be used to size the buffer that needs to be used for listmount() and is in general useful without having to actually iterate through all the mounts. The structure is extensible. And add the ability to iterate through all mount namespaces over which the caller holds privilege returning the file descriptor for the next or previous mount namespace. To retrieve a mount namespace the caller must be privileged wrt to it's owning user namespace. This means that PID 1 on the host can list all mounts in all mount namespaces or that a container can list all mounts of its nested containers. Optionally pass a structure for NS_MNT_GET_INFO with NS_MNT_GET_{PREV,NEXT} to retrieve information about the mount namespace in one go. Both ioctls can be implemented for other namespace types easily. Together with recent api additions this means one can iterate through all mounts in all mount namespaces without ever touching procfs. Link: https://lore.kernel.org/r/20240719-work-mount-namespace-v1-5-834113cab0d2@kernel.org Reviewed-by: Josef Bacik Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 257b1c2c78c25643526609dee0c15f1544eb3252 Author: Christian Brauner Date: Fri Jul 19 13:41:51 2024 +0200 file: add fput() cleanup helper Add a simple helper to put a file reference. Link: https://lore.kernel.org/r/20240719-work-mount-namespace-v1-4-834113cab0d2@kernel.org Reviewed-by: Josef Bacik Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 5fcf329676cf9d132842d9871f83a091c32f3bfc Author: Christian Brauner Date: Fri Jul 19 13:41:50 2024 +0200 fs: add put_mnt_ns() cleanup helper Add a simple helper to put a mount namespace reference. Link: https://lore.kernel.org/r/20240719-work-mount-namespace-v1-3-834113cab0d2@kernel.org Reviewed-by: Josef Bacik Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 7b9d14af8777ac439bbfa9ac73a12a6d85289e7e Author: Christian Brauner Date: Fri Jul 19 13:41:49 2024 +0200 fs: allow mount namespace fd We already allow a mount namespace id, enable mount namespace file descriptors as well. Link: https://lore.kernel.org/r/20240719-work-mount-namespace-v1-2-834113cab0d2@kernel.org Reviewed-by: Josef Bacik Reviewed-by: Jeff Layton Signed-off-by: Christian Brauner commit 4e996697a443a214887ef81b008c344d183b5659 Merge: 91dae758bdb854 219b45d023ed09 Author: Simona Vetter Date: Fri Aug 9 10:41:58 2024 +0200 Merge tag 'drm-misc-next-2024-08-09' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-next drm-misc-next for v6.12: UAPI Changes: - remove Power Saving Policy property Core Changes: - update connector documentation CI: - add tests for mediatek, meson, rockchip Driver Changes: amdgpu: - revert support for Power Saving Policy property bridge: - lt9611uxc: require DRM_BRIDGE_ATTACH_NO_CONNECTOR mgag200: - transparently support BMC outputs omapdrm: - use common helper for_each_endpoint_of_node() panel: - panel-edp: fix name for HKC MB116AN01 vkms: - clean up endianess warnings Signed-off-by: Daniel Vetter From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240809071241.GA222501@localhost.localdomain commit 5bdacb0907c1f531995b6ba47b832ac3a0182ae9 Author: Michal Wajdeczko Date: Tue Aug 6 20:05:16 2024 +0200 drm/xe/pf: Fix VF config validation on multi-GT platforms When validating VF config on the media GT, we may wrongly report that VF is already partially configured on it, as we consider GGTT and LMEM provisioning done on the primary GT (since both GGTT and LMEM are tile-level resources, not a GT-level). This will cause skipping a VF auto-provisioning on the media-GT and in result will block a VF from successfully initialize that GT. Fix that by considering GGTT and LMEM configurations only when checking if a VF provisioning is complete, and omit GGTT and LMEM when reporting empty/partial provisioning. Fixes: 234670cea9a2 ("drm/xe/pf: Skip fair VFs provisioning if already provisioned") Signed-off-by: Michal Wajdeczko Cc: Piotr Piórkowski Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240806180516.618-1-michal.wajdeczko@intel.com commit f6c9a097b55e1955e3dd35f1de4828d3ed67534c Author: Takashi Iwai Date: Fri Aug 9 09:56:59 2024 +0200 ALSA: usx2y: Drop no longer used variable The recent conversion to the standard print API included some cleanups and that changed the code no longer referring to a variable iters at usb_stream_start(). This caused a compiler warning in the end. Let's drop the unused variable. Fixes: f8466d91f36d ("ALSA: usx2y: Use standard print API") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408090249.8LE9qrae-lkp@intel.com/ Link: https://patch.msgid.link/20240809075700.7320-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit af1d53b6e0ebef5ea57887e23619b2bb33a6f4de Author: Takashi Iwai Date: Fri Aug 9 09:42:51 2024 +0200 ALSA: caiaq: Fix unused variable warning The recent cleanup of caiaq driver forgot to remove the unused loop variable: sound/usb/caiaq/audio.c: In function 'snd_usb_caiaq_pcm_prepare': sound/usb/caiaq/audio.c:179:41: error: unused variable 'i' [-Werror=unused-variable] Fixes: e95b9f7f2ee0 ("ALSA: snd-usb-caiaq: use snd_pcm_rate_to_rate_bit") Reported-by: Stephen Rothwell Closes: https://lore.kernel.org/20240809112252.5af8025f@canb.auug.org.au Link: https://patch.msgid.link/20240809074254.5290-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 528baf4f62dd57dee1a1076390b0921ad32b88a8 Author: Takashi Iwai Date: Fri Aug 9 09:39:21 2024 +0200 ALSA: sparc: Fix a typo at dev_*() conversion There was a stupid typo left that broke the build. Fix it. Fixes: d41abde89483 ("ALSA: sparc: Use standard print API") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408090648.J2EAijjH-lkp@intel.com/ Link: https://patch.msgid.link/20240809073923.3735-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 219b45d023ed0902b05c5902a4f31c2c38bcf68c Author: Thomas Zimmermann Date: Mon Aug 5 15:06:01 2024 +0200 drm/mgag200: Remove BMC output Mgag200's BMC connector tracks the status of an underlying physical connector and updates the BMC status accordingly. This functionality works around GNOME's settings app, which cannot handle multiple outputs on the same CRTC. The workaround is now obsolete as the VGA-BMC connector handles BMC support internally. Hence, remove the driver's code and the BMC output entirely. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240805130622.63458-6-tzimmermann@suse.de commit 0f9ff361ad823b887cfb09dd78ecc8f25d32ecfa Author: Thomas Zimmermann Date: Mon Aug 5 15:06:00 2024 +0200 drm/mgag200: vga-bmc: Control BMC scanout from encoder Move calls to stop and start BMC scanout from CRTC helpers to the VGA-BMC encoder's atomic_disable and atomic_enable. Makes the BMC scanout transparent to the CRTC. DRM's atomic helpers call an encoder's atomic_disable and atomic_enable helpers for all enabled encoders. The BMC stops scanning out the VGA signal if modeset disables the VGA encoder, and starts scanning out if the modeset enables the VGA encoder. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240805130622.63458-5-tzimmermann@suse.de commit 9d09cac47de5358ace64dddd14278fea002e68c3 Author: Thomas Zimmermann Date: Mon Aug 5 15:05:59 2024 +0200 drm/mgag200: vga-bmc: Control CRTC VIDRST flag from encoder Control the VIDRST pin from the VGA-BMC encoder's atomic_check and remove the respective code from CRTC. Makes the VIDRST functionality fully composable. The VIDRST pin allows an external clock source to control the SYNC signals of the Matrox chip. The functionality is part of the CRTC, but depends on the presence of the clock source. This is the case for some BMCs, so control the pin from the VGA-BMC output. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240805130622.63458-4-tzimmermann@suse.de commit dc06efbb7934405461d95bba5b702849058424a4 Author: Thomas Zimmermann Date: Mon Aug 5 15:05:58 2024 +0200 drm/mgag200: vga-bmc: Transparently handle BMC The VGA-BMC connector selects the VGA output if a display has been attached to the physical connector. Otherwise it selects the BMC output. In any case, the connector status is set to 'detected', so that the userspace compositor displays to it. Depending on the setting, the connector's display modes either come from the VGA monitor's EDID or from an internal list of BMC-compatible modes. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240805130622.63458-3-tzimmermann@suse.de commit f5510726608fa035bdd2f1fc167cf4a0f7bee22b Author: Thomas Zimmermann Date: Mon Aug 5 15:05:57 2024 +0200 drm/mgag200: Add VGA-BMC output Duplicate VGA output to VGA-BMC output and update all code for Matrox server chips. The new output represents a VGA output that has a BMC attached to it. No functional changes so far. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240805130622.63458-2-tzimmermann@suse.de commit c80bfa4f9e0ebfce6ac909488d412347acbcb4f9 Author: Wolfram Sang Date: Mon Aug 5 23:51:21 2024 +0200 media: ti: cal: use 'time_left' variable with wait_event_timeout() There is a confusing pattern in the kernel to use a variable named 'timeout' to store the result of wait_event_timeout() causing patterns like: timeout = wait_event_timeout(...) if (!timeout) return -ETIMEDOUT; with all kinds of permutations. Use 'time_left' as a variable to make the code self explaining. Signed-off-by: Wolfram Sang Signed-off-by: Hans Verkuil commit f89906691495eff7a8b5809f63025bb02abd779e Author: Wolfram Sang Date: Mon Aug 5 23:51:20 2024 +0200 media: tegra-vde: use 'time_left' variable with wait_for_completion_interruptible_timeout() There is a confusing pattern in the kernel to use a variable named 'timeout' to store the result of wait_for_completion_interruptible_timeout() causing patterns like: timeout = wait_for_completion_interruptible_timeout(...) if (!timeout) return -ETIMEDOUT; with all kinds of permutations. Use 'time_left' as a variable to make the code self explaining. Signed-off-by: Wolfram Sang Acked-by: Thierry Reding Signed-off-by: Hans Verkuil commit b09b6f26adc407b0af7a7ad767f1e753a348d951 Author: Wolfram Sang Date: Mon Aug 5 23:51:19 2024 +0200 media: solo6x10: use 'time_left' variable with wait_for_completion_timeout() There is a confusing pattern in the kernel to use a variable named 'timeout' to store the result of wait_for_completion_timeout() causing patterns like: timeout = wait_for_completion_timeout(...) if (!timeout) return -ETIMEDOUT; with all kinds of permutations. Use 'time_left' as a variable to make the code self explaining. Fix to the proper variable type 'unsigned long' while here. Signed-off-by: Wolfram Sang Acked-by: Ismael Luceno Signed-off-by: Hans Verkuil commit 24a19e4b3a1abc548e45d35d7ce8f2b6b6c65ce7 Author: Wolfram Sang Date: Mon Aug 5 23:51:18 2024 +0200 media: platform: exynos-gsc: use 'time_left' variable with wait_event_timeout() There is a confusing pattern in the kernel to use a variable named 'timeout' to store the result of wait_event_timeout() causing patterns like: timeout = wait_event_timeout(...) if (!timeout) return -ETIMEDOUT; with all kinds of permutations. Use 'time_left' as a variable to make the code self explaining. Fix to the proper variable type 'long' while here. Signed-off-by: Wolfram Sang Signed-off-by: Hans Verkuil commit bafa00652c860665060b5f6ab01eb58e970c854e Author: Wolfram Sang Date: Mon Aug 5 23:51:17 2024 +0200 media: fimc-is: use 'time_left' variable with wait_event_timeout() There is a confusing pattern in the kernel to use a variable named 'timeout' to store the result of wait_event_timeout() causing patterns like: timeout = wait_event_timeout(...) if (!timeout) return -ETIMEDOUT; with all kinds of permutations. Use 'time_left' as a variable to make the code self explaining. Fix to the proper variable type 'long' while here. Signed-off-by: Wolfram Sang Signed-off-by: Hans Verkuil commit 9b2bf29410e962fd657cc50c7baa198506f1fc11 Author: Wolfram Sang Date: Mon Aug 5 23:51:16 2024 +0200 media: bdisp: use 'time_left' variable with wait_event_timeout() There is a confusing pattern in the kernel to use a variable named 'timeout' to store the result of wait_event_timeout() causing patterns like: timeout = wait_event_timeout(...) if (!timeout) return -ETIMEDOUT; with all kinds of permutations. Use 'time_left' as a variable to make the code self explaining. Fix to the proper variable type 'long' while here. Signed-off-by: Wolfram Sang Signed-off-by: Hans Verkuil commit 64979ac2aa7773d3a77c861c8eb4c006f9033eec Author: Wolfram Sang Date: Mon Aug 5 23:51:15 2024 +0200 media: atmel-isi: use 'time_left' variable with wait_for_completion_timeout() There is a confusing pattern in the kernel to use a variable named 'timeout' to store the result of wait_for_completion_timeout() causing patterns like: timeout = wait_for_completion_timeout(...) if (!timeout) return -ETIMEDOUT; with all kinds of permutations. Use 'time_left' as a variable to make the code self explaining. Signed-off-by: Wolfram Sang Signed-off-by: Hans Verkuil commit 0016b5a5c71ef426d88bff2b14096ddf86c4181f Author: Wolfram Sang Date: Mon Aug 5 23:51:14 2024 +0200 media: allegro: use 'time_left' variable with wait_for_completion_timeout() There is a confusing pattern in the kernel to use a variable named 'timeout' to store the result of wait_for_completion_timeout() causing patterns like: timeout = wait_for_completion_timeout(...) if (!timeout) return -ETIMEDOUT; with all kinds of permutations. Use 'time_left' as a variable to make the code self explaining, also for the code path using 'tmo' as a variable. Signed-off-by: Wolfram Sang Signed-off-by: Hans Verkuil commit ec1d98e9c60a7882d3c96c79eb67b92a34c5352f Author: Biju Das Date: Mon Aug 5 11:35:44 2024 +0100 media: dt-bindings: media: renesas,fcp: Document RZ/G2UL FCPVD bindings Document FCPVD found in RZ/G2UL SoC. FCPVD block is similar to FCP for VSP found on RZ/{G2L,G2LC,V2L} SoCs. Acked-by: Conor Dooley Reviewed-by: Geert Uytterhoeven Reviewed-by: Laurent Pinchart Signed-off-by: Biju Das Signed-off-by: Hans Verkuil commit 97111ab5ed9ae0b6ee4c0c34a416ca76f900cea8 Author: Biju Das Date: Mon Aug 5 11:35:43 2024 +0100 media: dt-bindings: media: renesas,vsp1: Document RZ/G2UL VSPD bindings Document VSPD found in RZ/G2UL SoC. The VSPD block is identical to RZ/G2L SoC and therefore use RZ/G2L fallback to avoid any driver changes. Acked-by: Conor Dooley Reviewed-by: Geert Uytterhoeven Reviewed-by: Laurent Pinchart Signed-off-by: Biju Das Signed-off-by: Hans Verkuil commit d2f035ef1c5ead354780ca15fc33a2f1f7889eb2 Author: Kuninori Morimoto Date: Tue Jul 30 00:35:21 2024 +0000 staging: media: atmel: use for_each_endpoint_of_node() We already have for_each_endpoint_of_node(), don't use of_graph_get_next_endpoint() directly. Replace it. Signed-off-by: Kuninori Morimoto Reviewed-by: Laurent Pinchart Signed-off-by: Hans Verkuil commit 18f9ca7edcbbbfeed574d439921a102cc4fa66ac Author: Kuninori Morimoto Date: Tue Jul 30 00:35:10 2024 +0000 media: platform: xilinx: use for_each_endpoint_of_node() We already have for_each_endpoint_of_node(), don't use of_graph_get_next_endpoint() directly. Replace it. Signed-off-by: Kuninori Morimoto Reviewed-by: Laurent Pinchart Signed-off-by: Hans Verkuil commit 7880333a5bedb2333f499477f3691cf356d02887 Author: Kuninori Morimoto Date: Tue Jul 30 00:35:00 2024 +0000 media: platform: ti: use for_each_endpoint_of_node() We already have for_each_endpoint_of_node(), don't use of_graph_get_next_endpoint() directly. Replace it. Signed-off-by: Kuninori Morimoto Reviewed-by: Laurent Pinchart Reviewed-by: Prabhakar Signed-off-by: Hans Verkuil commit 68a1560c3b7f8bb23423b272334fc19279e82d9a Author: Kuninori Morimoto Date: Tue Jul 30 00:34:51 2024 +0000 media: platform: microchip: use for_each_endpoint_of_node() We already have for_each_endpoint_of_node(), don't use of_graph_get_next_endpoint() directly. Replace it. Signed-off-by: Kuninori Morimoto Reviewed-by: Laurent Pinchart Signed-off-by: Hans Verkuil commit 6f93a2abecbed904f7c47a2041050f911c098767 Author: Javier Carrasco Date: Mon Jul 29 21:37:13 2024 +0200 media: docs: Fix newline typos in capture.c Commit d7894721f73b ("media: docs: Fix newline typo") aimed to fix the newline typos in capture.c, but some of the typos were not fixed. Fix the remaining newline typos. Signed-off-by: Javier Carrasco Signed-off-by: Hans Verkuil commit a151766bd3688f6803e706c6433a7c8d3c6a6a94 Author: Bryan O'Donoghue Date: Mon Jul 29 13:42:03 2024 +0100 media: qcom: camss: Fix ordering of pm_runtime_enable pm_runtime_enable() should happen prior to vfe_get() since vfe_get() calls pm_runtime_resume_and_get(). This is a basic race condition that doesn't show up for most users so is not widely reported. If you blacklist qcom-camss in modules.d and then subsequently modprobe the module post-boot it is possible to reliably show this error up. The kernel log for this error looks like this: qcom-camss ac5a000.camss: Failed to power up pipeline: -13 Fixes: 02afa816dbbf ("media: camss: Add basic runtime PM support") Reported-by: Johan Hovold Closes: https://lore.kernel.org/lkml/ZoVNHOTI0PKMNt4_@hovoldconsulting.com/ Tested-by: Johan Hovold Cc: Signed-off-by: Bryan O'Donoghue Reviewed-by: Konrad Dybcio Signed-off-by: Hans Verkuil commit 25f18cb1b673220b76a86ebef8e7fb79bd303b27 Author: Bryan O'Donoghue Date: Mon Jul 29 13:42:02 2024 +0100 media: qcom: camss: Remove use_count guard in stop_streaming The use_count check was introduced so that multiple concurrent Raw Data Interfaces RDIs could be driven by different virtual channels VCs on the CSIPHY input driving the video pipeline. This is an invalid use of use_count though as use_count pertains to the number of times a video entity has been opened by user-space not the number of active streams. If use_count and stream-on count don't agree then stop_streaming() will break as is currently the case and has become apparent when using CAMSS with libcamera's released softisp 0.3. The use of use_count like this is a bit hacky and right now breaks regular usage of CAMSS for a single stream case. Stopping qcam results in the splat below, and then it cannot be started again and any attempts to do so fails with -EBUSY. [ 1265.509831] WARNING: CPU: 5 PID: 919 at drivers/media/common/videobuf2/videobuf2-core.c:2183 __vb2_queue_cancel+0x230/0x2c8 [videobuf2_common] ... [ 1265.510630] Call trace: [ 1265.510636] __vb2_queue_cancel+0x230/0x2c8 [videobuf2_common] [ 1265.510648] vb2_core_streamoff+0x24/0xcc [videobuf2_common] [ 1265.510660] vb2_ioctl_streamoff+0x5c/0xa8 [videobuf2_v4l2] [ 1265.510673] v4l_streamoff+0x24/0x30 [videodev] [ 1265.510707] __video_do_ioctl+0x190/0x3f4 [videodev] [ 1265.510732] video_usercopy+0x304/0x8c4 [videodev] [ 1265.510757] video_ioctl2+0x18/0x34 [videodev] [ 1265.510782] v4l2_ioctl+0x40/0x60 [videodev] ... [ 1265.510944] videobuf2_common: driver bug: stop_streaming operation is leaving buffer 0 in active state [ 1265.511175] videobuf2_common: driver bug: stop_streaming operation is leaving buffer 1 in active state [ 1265.511398] videobuf2_common: driver bug: stop_streaming operation is leaving buffer 2 in active st One CAMSS specific way to handle multiple VCs on the same RDI might be: - Reference count each pipeline enable for CSIPHY, CSID, VFE and RDIx. - The video buffers are already associated with msm_vfeN_rdiX so release video buffers when told to do so by stop_streaming. - Only release the power-domains for the CSIPHY, CSID and VFE when their internal refcounts drop. Either way refusing to release video buffers based on use_count is erroneous and should be reverted. The silicon enabling code for selecting VCs is perfectly fine. Its a "known missing feature" that concurrent VCs won't work with CAMSS right now. Initial testing with this code didn't show an error but, SoftISP and "real" usage with Google Hangouts breaks the upstream code pretty quickly, we need to do a partial revert and take another pass at VCs. This commit partially reverts commit 89013969e232 ("media: camss: sm8250: Pipeline starting and stopping for multiple virtual channels") Fixes: 89013969e232 ("media: camss: sm8250: Pipeline starting and stopping for multiple virtual channels") Reported-by: Johan Hovold Closes: https://lore.kernel.org/lkml/ZoVNHOTI0PKMNt4_@hovoldconsulting.com/ Tested-by: Johan Hovold Cc: Signed-off-by: Bryan O'Donoghue Signed-off-by: Hans Verkuil commit 447b7fdba9e9497f27b845ec069300c91ed5d625 Author: Javier Carrasco Date: Mon Jul 29 11:37:37 2024 +0200 media: i2c: tda1997x: constify snd_soc_component_driver struct `tda1997x_codec_driver` is not modified after its declaration, and it is only passed to `devm_snd_soc_register_component()`, which expects a constant `snd_soc_component_driver`. Move `tda1997x_codec_driver` to a read-only section by declaring it const. Signed-off-by: Javier Carrasco Signed-off-by: Hans Verkuil commit c8ad75010c5bafe014860f33fc73a887ab561209 Author: Geert Uytterhoeven Date: Mon Jul 22 17:28:28 2024 +0200 media: raspberrypi: VIDEO_RASPBERRYPI_PISP_BE should depend on ARCH_BCM2835 Currently, the Raspberry Pi PiSP Backend (BE) ISP is only present on the Broadcom BCM2712-based Raspberry Pi 5. Hence add a dependency on ARCH_BCM2835, to prevent asking the user about this driver when configuring a kernel without Broadcom BCM2835 family support. The dependency can be relaxed if/when the encoder appears on other SoC families. Fixes: 12187bd5d4f8 ("media: raspberrypi: Add support for PiSP BE") Signed-off-by: Geert Uytterhoeven Acked-by: FLorian Fainelli Acked-by: Jacopo Mondi Signed-off-by: Hans Verkuil commit 670cb8f8a797b5365eafe4bc4676b4a0aaf22995 Author: Hans Verkuil Date: Sat Jul 20 12:46:51 2024 +0200 Documentation: media: move Memory Consistency Flags The documentation of the Memory Consistency Flags was part of the struct v4l2_buffer documentation, but that struct doesn't use those flags. Instead it is used by VIDIOC_CREATE_BUFS and VIDIOC_REQBUFS. Move the documentation from buffer.rst to vidioc-reqbufs.rst which is where it belongs. Signed-off-by: Hans Verkuil commit 2b9e67861b7ea511d287bb02f461ed8316b51515 Author: Hans Verkuil Date: Wed Jul 17 11:58:45 2024 +0200 media: v4l2-core: v4l2-ioctl: missing ', ' in create_bufs logging The v4l_print_create_buffers() function was missing a ', ' in the pr_cont call, leading to logs like this: [93293.533425] video0: VIDIOC_CREATE_BUFS: index=0, count=0, memory=dmabuf, capabilities=0x00000297, max num buffers=32type=vid-cap, width=0, height=0, pixelformat=.... little-endian (0x00000000), field=any, bytesperline=0, sizeimage=0, colorspace=0, flags=0x0, ycbcr_enc=0, quantization=0, xfer_func=0 Signed-off-by: Hans Verkuil Reviewed-by: Sebastian Fricke commit 911d5618165de19e29e8606b5062dda1caaeb192 Author: Hans Verkuil Date: Tue Jul 16 14:28:17 2024 +0200 Documentation: media: add missing V4L2_BUF_CAP_ flags The documentation for V4L2_BUF_CAP_SUPPORTS_MAX_NUM_BUFFERS and V4L2_BUF_CAP_SUPPORTS_REMOVE_BUFS was missing. Add this. Signed-off-by: Hans Verkuil Reviewed-by: Sebastian Fricke Reviewed-by: Benjamin Gaignard commit e25cc4be4616fcf5689622b3226d648aab253cdb Author: Roman Smirnov Date: Tue Jul 16 12:10:40 2024 +0300 Revert "media: tuners: fix error return code of hybrid_tuner_request_state()" This reverts commit b9302fa7ed979e84b454e4ca92192cf485a4ed41. As Fedor Pchelkin pointed out, this commit violates the convention of using the macro return value, which causes errors. For example, in functions tda18271_attach(), xc5000_attach(), simple_tuner_attach(). Link: https://lore.kernel.org/linux-media/20240424202031.syigrtrtipbq5f2l@fpc/ Suggested-by: Fedor Pchelkin Signed-off-by: Roman Smirnov Signed-off-by: Hans Verkuil commit 74e07a9a26a49ab60ee8ef09238c63ff461dfdd0 Author: Colin Ian King Date: Tue Jul 9 11:50:03 2024 +0100 media: i2c: GC08A3: Fix spelling mistake "STRAEMING_REG" -> "STREAMING_REG" There is a spelling mistake in a dev_err message. Fix it. Signed-off-by: Colin Ian King Signed-off-by: Hans Verkuil commit ac80fcad7eaf7f28af9e0a098284ee7e921c596e Author: Colin Ian King Date: Tue Jul 9 11:48:07 2024 +0100 media: i2c: GC05A2: Fix spelling mistake "Horizental" -> "Horizontal" There is a spelling mistake in a string in the gc05a2_test_pattern_menu array. Fix it. Signed-off-by: Colin Ian King Signed-off-by: Hans Verkuil commit 46d7ebfe6a75a454a5fa28604f0ef1491f9d8d14 Author: Junlin Li Date: Wed Jul 3 01:50:23 2024 +0800 drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error Ensure index in rtl2830_pid_filter does not exceed 31 to prevent out-of-bounds access. dev->filters is a 32-bit value, so set_bit and clear_bit functions should only operate on indices from 0 to 31. If index is 32, it will attempt to access a non-existent 33rd bit, leading to out-of-bounds access. Change the boundary check from index > 32 to index >= 32 to resolve this issue. Fixes: df70ddad81b4 ("[media] rtl2830: implement PID filter") Signed-off-by: Junlin Li Signed-off-by: Hans Verkuil commit 8ae06f360cfaca2b88b98ca89144548b3186aab1 Author: Junlin Li Date: Tue Jul 2 21:24:13 2024 +0800 drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error Ensure index in rtl2832_pid_filter does not exceed 31 to prevent out-of-bounds access. dev->filters is a 32-bit value, so set_bit and clear_bit functions should only operate on indices from 0 to 31. If index is 32, it will attempt to access a non-existent 33rd bit, leading to out-of-bounds access. Change the boundary check from index > 32 to index >= 32 to resolve this issue. Signed-off-by: Junlin Li Signed-off-by: Hans Verkuil Fixes: 4b01e01a81b6 ("[media] rtl2832: implement PID filter") [hverkuil: added fixes tag, rtl2830_pid_filter -> rtl2832_pid_filter in logmsg] commit b669f3789613d3cfb90f8204b1ab1aec3e9001ab Author: Hans Verkuil Date: Tue Jul 2 08:51:39 2024 +0200 Documentation: media: vivid.rst: update TODO list The vivid driver supports media controller support for quite a long time now, so drop that from the list. Since commit 4c4dacb052d4 ("media: vivid: loopback based on 'Connected To' controls") making EDID changes causes correct signaling to happen, but what is still missing is the 100 ms delay required before signaling that there is an HPD. Modify this TODO item accordingly. Signed-off-by: Hans Verkuil commit 04c8d3037ab5829ba413d8fd1f94ef92e6dc89d6 Author: Chen Ni Date: Tue Jul 2 10:57:11 2024 +0800 media: i2c: thp7312: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Reviewed-by: Paul Elder Reviewed-by: Laurent Pinchart Signed-off-by: Hans Verkuil commit eefcd6161ba851731187b3fe13db2c3b04ac30e7 Author: Ricardo Ribalda Date: Fri Jun 28 15:11:15 2024 +0000 media: imx-pxp: Rewrite coeff expression GCC5 cannot figure out that the expressions are constant, and that triggers a build failure. Rewrite the expressions. The following gcc5 error is workaround: #define BM_PXP_CSC1_COEF0_YCBCR_MODE 0x80000000 ^ BM_PXP_CSC1_COEF0_YCBCR_MODE | ^ #define BM_PXP_CSC1_COEF0_YCBCR_MODE 0x80000000 ^ drivers/media/platform/nxp/imx-pxp.c: In function 'pxp_setup_csc': drivers/media/platform/nxp/imx-pxp.h:582:38: error: initializer element is not constant drivers/media/platform/nxp/imx-pxp.c:374:4: note: in expansion of macro 'BM_PXP_CSC1_COEF0_YCBCR_MODE' drivers/media/platform/nxp/imx-pxp.h:582:38: note: (near initialization for 'csc1_coef_bt601_lim[0]') Signed-off-by: Ricardo Ribalda Signed-off-by: Hans Verkuil commit d66f9b2a47898ecfa50c80aa59a23002dad3a35a Author: Christophe JAILLET Date: Mon Jun 24 06:40:38 2024 +0200 media: ti: cal: Constify struct media_entity_operations 'struct media_entity_operations' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig, as an example: Before: ====== text data bss dec hex filename 20694 1394 32 22120 5668 drivers/media/platform/ti/cal/cal-camerarx.o After: ===== text data bss dec hex filename 20726 1362 32 22120 5668 drivers/media/platform/ti/cal/cal-camerarx.o Signed-off-by: Christophe JAILLET Signed-off-by: Hans Verkuil commit 0554e280c58b92e548f9d1355087ed096ac02e19 Author: Christian Hewitt Date: Tue Jun 4 05:15:33 2024 +0000 media: meson: vdec: add GXLX SoC platform Add the GXLX SoC platform which is based on GXL but omits the VP9 codec. Signed-off-by: Christian Hewitt Acked-by: Neil Armstrong Signed-off-by: Hans Verkuil commit e925d6b2fbf14102c7a685bfec9a35ca0302e637 Author: Christian Hewitt Date: Tue Jun 4 05:15:32 2024 +0000 dt-bindings: media: amlogic,gx-vdec: add the GXLX SoC family and update GXL The GXLX SoC is a GXL variant that omits VP9 codec support. Also add S905W and S905Y as GXL chips and sort the GXL comment. Signed-off-by: Christian Hewitt Acked-by: Krzysztof Kozlowski Acked-by: Neil Armstrong Signed-off-by: Hans Verkuil commit 34acbac08940359cf93d91d238ee281d8953e663 Author: Fritz Koenig Date: Thu May 30 11:51:57 2024 -0700 Documentation: media: Fix v4l2_av1_segmentation table formatting Fix incorrect formatting. Signed-off-by: Fritz Koenig Signed-off-by: Hans Verkuil [hverkuil: added missing commit message] commit 8bf5671e4515d2eb047d797dcbd1f80d875ebb9d Author: Michael Tretter Date: Tue May 28 15:03:14 2024 +0200 media: verisilicon: Use fourcc format string There is a fourcc format string for printing formats. Use it instead of open coding the conversion. Signed-off-by: Michael Tretter Reviewed-by: Nicolas Dufresne Signed-off-by: Hans Verkuil commit cc4cbd4b4f97a968203530ef73598ad2eaf70dee Author: Uwe Kleine-König Date: Wed May 8 15:20:42 2024 +0200 media: Drop explicit initialization of struct i2c_device_id::driver_data to 0 These drivers don't use the driver_data member of struct i2c_device_id, so don't explicitly initialize this member. This prepares putting driver_data in an anonymous union which requires either no initialization or named designators. But it's also a nice cleanup on its own. While add it, also remove commas after the sentinel entries. Signed-off-by: Uwe Kleine-König Signed-off-by: Hans Verkuil commit 343cb1ec7b3dd626e4b93b27d7aff604b06453e9 Author: Christophe JAILLET Date: Sun May 5 09:28:25 2024 +0200 media: platform: allegro-dvt: Constify struct regmap_config 'allegro_regmap_config' and 'allegro_sram_config' are not modified in this diver and are only used as a const struct regmap_config. Constifying these structures moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: text data bss dec hex filename 79587 3706 116 83409 145d1 drivers/media/platform/allegro-dvt/allegro-core.o After: text data bss dec hex filename 80219 3066 116 83401 145c9 drivers/media/platform/allegro-dvt/allegro-core.o Signed-off-by: Christophe JAILLET Reviewed-by: Michael Tretter Signed-off-by: Hans Verkuil commit f79f8a8a96046ed08b8ba71dc6ffecbbecec9f21 Author: Christophe JAILLET Date: Sun May 5 09:24:02 2024 +0200 media: i2c: tvp5150: Constify some structures 'vbi_ram_default' and 'tvp5150_config' are not modified in this diver and are only used as a const struct. Constifying these structures moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: text data bss dec hex filename 57197 2936 36 60169 eb09 drivers/media/i2c/tvp5150.o After: text data bss dec hex filename 57517 2608 36 60161 eb01 drivers/media/i2c/tvp5150.o Signed-off-by: Christophe JAILLET Signed-off-by: Hans Verkuil commit 677126b274806d8a33e7581c115bcf404b00ac8d Author: Sakari Ailus Date: Mon Apr 29 22:10:09 2024 +0300 media: Documentation: Fix spelling of "blanking" "Blanking" should be spelled as such, not "balanking". Fix it. Reported-by: Hans Verkuil Signed-off-by: Sakari Ailus Signed-off-by: Hans Verkuil commit 754283ce8326fdce75d589c99cc58456199c123d Author: Thomas Weißschuh Date: Sun Jul 28 22:34:11 2024 +0200 tools/nolibc: pass argc, argv and envp to constructors Since 2005 glibc has passed argc, argv, and envp to all constructors. As it is cheap and easy to do so, mirror that behaviour in nolibc. This makes it easier to migrate applications to nolibc. Link: https://lore.kernel.org/r/20240728-nolibc-constructor-args-v1-1-36d0bf5cd4c0@weissschuh.net Signed-off-by: Thomas Weißschuh commit eb3ab13d997a2f12ec9d557b6ae2aea4e28e2bc3 Author: Matthias Schiffer Date: Wed Aug 7 14:12:15 2024 +0200 net: ti: icssg_prueth: populate netdev of_node Allow of_find_net_device_by_node() to find icssg_prueth ports and make the individual ports' of_nodes available in sysfs. Signed-off-by: Matthias Schiffer Reviewed-by: MD Danish Anwar Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240807121215.3178964-1-matthias.schiffer@ew.tq-group.com Signed-off-by: Jakub Kicinski commit 09612576046a3cd29bd2b2b88c5813b1dfe96775 Author: Christophe JAILLET Date: Wed Aug 7 14:22:26 2024 +0200 net: sungem_phy: Constify struct mii_phy_def 'struct mii_phy_def' are not modified in this driver. Constifying these structures moves some data to a read-only section, so increase overall security. While at it fix the checkpatch warning related to this patch (some missing newlines and spaces around *) On a x86_64, with allmodconfig: Before: ====== 27709 928 0 28637 6fdd drivers/net/sungem_phy.o After: ===== text data bss dec hex filename 28157 476 0 28633 6fd9 drivers/net/sungem_phy.o Signed-off-by: Christophe JAILLET Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/54c3b30930f80f4895e6fa2f4234714fdea4ef4e.1723033266.git.christophe.jaillet@wanadoo.fr Signed-off-by: Jakub Kicinski commit ceb627435b00fe3bcee5957aeb3e5282a1f06eb6 Author: Edward Cree Date: Wed Aug 7 17:06:13 2024 +0100 net: ethtool: check rxfh_max_num_contexts != 1 at register time A value of 1 doesn't make sense, as it implies the only allowed context ID is 0, which is reserved for the default context - in which case the driver should just not claim to support custom RSS contexts at all. Suggested-by: Jakub Kicinski Signed-off-by: Edward Cree Link: https://lore.kernel.org/c07725b3a3d0b0a63b85e230f9c77af59d4d07f8.1723045898.git.ecree.xilinx@gmail.com Signed-off-by: Jakub Kicinski commit df665ab188cdca8b8b3e0cca84a6511c395f9ece Author: Rosen Penev Date: Wed Aug 7 12:02:53 2024 -0700 net: atlantic: use ethtool_sprintf Allows simplifying get_strings and avoids manual pointer manipulation. Signed-off-by: Rosen Penev Reviewed-by: Joe Damato Link: https://patch.msgid.link/20240807190303.6143-1-rosenp@gmail.com Signed-off-by: Jakub Kicinski commit a39036847fa3a0cc09895e1693ef3ab5b74dce1e Author: Simon Horman Date: Tue Aug 6 11:56:01 2024 +0100 bnx2x: Provide declaration of dmae_reg_go_c in header Provide declaration of dmae_reg_go_c in header. This symbol is defined in bnx2x_main.c. And used in that file and bnx2x_stats.c. However, Sparse complains that there is no declaration of the symbol in dmae_reg_go_c nor is the symbol static. .../bnx2x_main.c:291:11: warning: symbol 'dmae_reg_go_c' was not declared. Should it be static? Address this by moving the declaration from bnx2x_stats.c to bnx2x_reg.h. No functional change intended. Compile tested only. Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240806-bnx2x-dec-v1-1-ae844ec785e4@kernel.org Signed-off-by: Jakub Kicinski commit 002a5db9a52a0e7af0fa9a450d31049748435748 Author: Bitterblue Smith Date: Thu Aug 8 01:23:06 2024 +0300 wifi: rtw88: Enable USB RX aggregation for 8822c/8822b/8821c Enable USB RX aggregation when there is at least 1 Mbps RX or TX traffic, otherwise disable it. USB RX aggregation improves the RX speed of RTL8811CU on certain ARM systems, like the NanoPi NEO Core2. Before: 28 Mbps, after: 231 Mbps. It also improves the RX speed of RTL8822CU on some x86_64 systems. Before: ~200 Mbps, after: ~300 Mbps. The official drivers for these chips use the same logic for SDIO, but for some reason the SDIO driver in rtw88 always enables RX aggregation, so this patch only toggles aggregation for USB devices. RTL8703B is likely not found in USB devices, and RTL8723DU doesn't like aggregation. Tested-by: Sascha Hauer Signed-off-by: Bitterblue Smith Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/b4c0d54c-6755-4b0f-9dd7-f9196fd74b68@gmail.com commit df3d8f463b1dfc7cb8f4fb52b1b81d290b850d03 Author: Bitterblue Smith Date: Thu Aug 8 01:21:36 2024 +0300 wifi: rtw88: usb: Support RX aggregation The chips can be configured to aggregate several frames into a single USB transfer. Modify rtw_usb_rx_handler() to support this case. RX aggregation improves the RX speed of RTL8811CU on certain ARM systems, like the NanoPi NEO Core2. It also improves the RX speed of RTL8822CU on some x86_64 systems. Currently none of the chips are configured to aggregate frames. Tested with RTL8822CU, RTL8811CU, and RTL8723DU. Reviewed-by: Sascha Hauer Tested-by: Sascha Hauer Signed-off-by: Bitterblue Smith Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/f845826d-de71-492d-9a22-e48c07989a1f@gmail.com commit 38ea04a79ad0f8cc30bb5e9ad98d665e4ae5060c Author: Bitterblue Smith Date: Thu Aug 8 01:20:36 2024 +0300 wifi: rtw88: usb: Update the RX stats after every frame Update the number of received unicast data frames and bytes every time a frame is received. This is what the PCI and SDIO drivers do. This has an influence on the power saving, bluetooth coexistence, and (in a future patch) the use of RX aggregation. Tested with RTL8822CU, RTL8811CU, and RTL8723DU. Tested-by: Sascha Hauer Signed-off-by: Bitterblue Smith Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/75a2ca52-8f01-45c5-926f-d3a68ae3b284@gmail.com commit fbbd8cb347e25b68d25c4f3871821afc495ee7a9 Author: Bitterblue Smith Date: Thu Aug 8 01:19:36 2024 +0300 wifi: rtw88: usb: Init RX burst length according to USB speed This is needed in order to make USB RX aggregation work with RTL8811CU (and presumably RTL8822BU and RTL8822CU also). I don't know what BIT_DMA_BURST_CNT, BIT_DMA_MODE, and BIT_DROP_DATA_EN are doing. Tested with RTL8822CU, RTL8811CU, and RTL8723DU. The RX speed is unchanged in my tests. Tested-by: Sascha Hauer Signed-off-by: Bitterblue Smith Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/ac569c6f-7129-4341-b523-901fe10cabff@gmail.com commit e24f825a93e2d0775eedd40a4f17fb2c0f6df26b Author: Peter Robinson Date: Tue Aug 6 09:22:31 2024 +0100 wifi: rtl8xxxu: add missing rtl8192cu USB IDs The rtl8xxxu has all the rtl8192cu USB IDs except for the following 3 so add them to the untested section so they can be used with the rtl8xxxu as the rtl8192cu are well supported. Signed-off-by: Peter Robinson Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240806082233.3837436-1-pbrobinson@gmail.com commit 1b84378b8fe12e516cdc6c62f38aa6521d0a6582 Author: Peter Robinson Date: Mon Aug 5 23:19:04 2024 +0100 wifi: rtl8xxxu: drop reference to staging drivers The Kconfig notes mention staging drivers that have since been removed so update the driver's description so it no longer references the staging rtl8723au and rtl8192u drivers which have now been deleted. Signed-off-by: Peter Robinson Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240805221910.3765214-1-pbrobinson@gmail.com commit 9fd284aaaeada93f51f27fc4fff8fbcc7353d9a3 Author: Chin-Yen Lee Date: Mon Aug 5 17:00:28 2024 +0800 wifi: rtw89: wow: add net-detect support for 8852c Enable net-detect in WoWLan stub of 8852c, and declare net-detect support up to 8 SSIDs. Signed-off-by: Chin-Yen Lee Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240805090028.27768-6-pkshih@realtek.com commit e99dd80c8a183561de891a2cceb5a2bbcf64c88f Author: Chin-Yen Lee Date: Mon Aug 5 17:00:27 2024 +0800 wifi: rtw89: wow: add delay option for net-detect The delay option is the period in unit of second for WoWLAN firmware to wait before the first scan. We get the option from cfg80211 and practice it. Another, in some platform, WoWLAN firmware may found configured network and then trigger resume process, before suspend process is completed, lead to the wakeup function failed. So the default value is set one to avoid the issue. Signed-off-by: Chin-Yen Lee Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240805090028.27768-5-pkshih@realtek.com commit c0bc1bce12e4cb9fd96559377fe79433e5d35161 Author: Chin-Yen Lee Date: Mon Aug 5 17:00:26 2024 +0800 wifi: rtw89: wow: add WoWLAN net-detect support Net-detect is an option of WoWLAN to allow the device to be woken up from suspend mode when configured network is detected. When user enables net-detect and lets the device enter suspend state, WoWLAN firmware will periodically scan until beacon or probe response of configured networks are received. If configured networks are detected, WoWLAN firmware will trigger resume process. Signed-off-by: Chin-Yen Lee Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240805090028.27768-4-pkshih@realtek.com commit 0f683c2cf673da99b08b718db79e11451c42dc7e Author: Chin-Yen Lee Date: Mon Aug 5 17:00:25 2024 +0800 wifi: rtw89: wow: implement PS mode for net-detect When net-detect is enabled, WoWLAN firmware will periodically scan until beacon or probe response of configured networks are received. To reduce power consumption, the FW-IPS mode is implemented to keep WiFi chip in idle mode between each scan. The FW-IPS is controlled by WoWLAN firmware to turn of some critical electrical components, and is different from the original IPS mode which most electrical components are turned off. Signed-off-by: Chin-Yen Lee Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240805090028.27768-3-pkshih@realtek.com commit 45ae0e8cf8c75f41da8bfc588038864dc82614f9 Author: Ping-Ke Shih Date: Mon Aug 5 17:00:24 2024 +0800 wifi: rtw89: 8852c: support firmware format up to v1 Driver has supported different WoWLAN reason code by commit 0e5210217768 ("wifi: rtw89: wow: update WoWLAN reason register for different FW") since firmware version 0.27.80.0. The old driver can't support two kinds of WoWLAN reason, so increase firmware format to v1. Also driver tables of BB and RF registers and power values will be added into v1 format. Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240805090028.27768-2-pkshih@realtek.com commit 39e8111ce5ce76039a80eaf6dd71ae8bb6866f95 Merge: 91d516d4de4853 d53050934e66db Author: Martin KaFai Lau Date: Thu Aug 8 15:31:26 2024 -0700 Merge branch 'add TCP_BPF_SOCK_OPS_CB_FLAGS to bpf_*sockopt()' Alan Maguire says: ==================== As previously discussed here [1], long-lived sockets can miss a chance to set additional callbacks if a sock ops program was not attached early in their lifetime. Adding support to bpf_setsockopt() to set callback flags (and bpf_getsockopt() to retrieve them) provides other opportunities to enable callbacks, either directly via a cgroup/setsockopt intercepted setsockopt() or via a socket iterator. Patch 1 adds bpf_[get|set]sockopt() support; patch 2 adds testing for it via a sockops programs, along with verification via a cgroup/getsockopt program. Changes since v1 [2]: - Removed unneeded READ_ONCE() (Martin, patch 1) - Reworked sockopt test to leave existing tests undisturbed while adding test_nonstandard_opt() test to cover the TCP_BPF_SOCK_OPS_CB_FLAGS case; test verifies that value set via bpf_setsockopt() is what we expect via a call to getsockopt() which is caught by a cgroup/getsockopt program to provide the flags value (Martin, patch 2) - Removed unneeded iterator test (Martin) [1] https://lore.kernel.org/bpf/f42f157b-6e52-dd4d-3d97-9b86c84c0b00@oracle.com/ [2] https://lore.kernel.org/bpf/20240802152929.2695863-1-alan.maguire@oracle.com/ ==================== Signed-off-by: Martin KaFai Lau commit d53050934e66dbee64caed1309cef963a416c52f Author: Alan Maguire Date: Thu Aug 8 16:05:58 2024 +0100 selftests/bpf: add sockopt tests for TCP_BPF_SOCK_OPS_CB_FLAGS Add tests to set TCP sockopt TCP_BPF_SOCK_OPS_CB_FLAGS via bpf_setsockopt() and use a cgroup/getsockopt program to retrieve the value to verify it was set. Signed-off-by: Alan Maguire Link: https://lore.kernel.org/r/20240808150558.1035626-3-alan.maguire@oracle.com Signed-off-by: Martin KaFai Lau commit 3882dccf48f9fbe787b5df3187d708ef348ac860 Author: Alan Maguire Date: Thu Aug 8 16:05:57 2024 +0100 bpf/bpf_get,set_sockopt: add option to set TCP-BPF sock ops flags Currently the only opportunity to set sock ops flags dictating which callbacks fire for a socket is from within a TCP-BPF sockops program. This is problematic if the connection is already set up as there is no further chance to specify callbacks for that socket. Add TCP_BPF_SOCK_OPS_CB_FLAGS to bpf_setsockopt() and bpf_getsockopt() to allow users to specify callbacks later, either via an iterator over sockets or via a socket-specific program triggered by a setsockopt() on the socket. Previous discussion on this here [1]. [1] https://lore.kernel.org/bpf/f42f157b-6e52-dd4d-3d97-9b86c84c0b00@oracle.com/ Signed-off-by: Alan Maguire Link: https://lore.kernel.org/r/20240808150558.1035626-2-alan.maguire@oracle.com Signed-off-by: Martin KaFai Lau commit 344576fa6a69ce1292ef669c8d50c2088c36dc1e Author: Tejun Heo Date: Wed Aug 7 14:52:50 2024 -1000 sched_ext: Improve logging around enable/disable sched_ext currently doesn't generate messages when the BPF scheduler is enabled and disabled unless there are errors. It is useful to have paper trail. Improve logging around enable/disable: - Generate info messages on enable and non-error disable. - Update error exit message formatting so that it's consistent with non-error message. Also, prefix ei->msg with the BPF scheduler's name to make it clear where the message is coming from. - Shorten scx_exit_reason() strings for SCX_EXIT_UNREG* for brevity and consistency. v2: Use pr_*() instead of KERN_* consistently. (David) Signed-off-by: Tejun Heo Suggested-by: Phil Auld Reviewed-by: Phil Auld Acked-by: David Vernet commit 991ef53a4832941c8130008ef35c66ec88c7fa0f Author: Tejun Heo Date: Wed Aug 7 12:13:38 2024 -1000 sched_ext: Make scx_rq_online() also test cpu_active() in addition to SCX_RQ_ONLINE scx_rq_online() currently only tests SCX_RQ_ONLINE. This isn't fully correct - e.g. consume_dispatch_q() uses task_run_on_remote_rq() which tests scx_rq_online() to see whether the current rq can run the task, and, if so, calls consume_remote_task() to migrate the task to @rq. While the test itself was done while locking @rq, @rq can be temporarily unlocked by consume_remote_task() and nothing prevents SCX_RQ_ONLINE from going offline before the migration takes place. To address the issue, add cpu_active() test to scx_rq_online(). There is a synchronize_rcu() between cpu_active() being cleared and the rq going offline, so if an on-going scheduling operation sees cpu_active(), the associated rq is guaranteed to not go offline until the scheduling operation is complete. Signed-off-by: Tejun Heo Fixes: 60c27fb59f6c ("sched_ext: Implement sched_ext_ops.cpu_online/offline()") Acked-by: David Vernet commit 72763ea3d45c7f9fd69b825468afbf4d11c5ffc2 Author: Tejun Heo Date: Wed Aug 7 10:17:38 2024 -1000 sched_ext: Fix unsafe list iteration in process_ddsp_deferred_locals() process_ddsp_deferred_locals() executes deferred direct dispatches to the local DSQs of remote CPUs. It iterates the tasks on rq->scx.ddsp_deferred_locals list, removing and calling dispatch_to_local_dsq() on each. However, the list is protected by the rq lock that can be dropped by dispatch_to_local_dsq() temporarily, so the list can be modified during the iteration, which can lead to oopses and other failures. Fix it by popping from the head of the list instead of iterating the list. Signed-off-by: Tejun Heo Fixes: 5b26f7b920f7 ("sched_ext: Allow SCX_DSQ_LOCAL_ON for direct dispatches") Acked-by: David Vernet commit e47fd9beb1cec00f43077d6b6238c8d30bd03ecf Merge: 91d516d4de4853 ee9a43b7cfe2d8 Author: Jakub Kicinski Date: Thu Aug 8 14:03:51 2024 -0700 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Cross-merge networking fixes after downstream PR. No conflicts or adjacent changes. Link: https://patch.msgid.link/20240808170148.3629934-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit 5db564d4242e12c1de9ef294d7252dbb90898922 Merge: 001f8443d48077 caab9a1cbb9a9f Author: Mark Brown Date: Thu Aug 8 21:57:13 2024 +0100 ASoC: tas*: Fix up GPIO usage Merge series from Linus Walleij : The TI TAS drivers use some legacy GPIO code and headers, this series fixes it up. The TAS2781 is a special case since it adds a handful of lines of deviating code to reconfigure a GPIO line for IRQ mode and then never actually use the IRQ obtained in the code. Is the line used by autonomous hardware? I'm puzzled by this. Anyways the patch suggest how to solve this properly by fixing the parent irqchip and I'm happy to help. commit e422c0bfd9e47e399e86bcc483f49d8b54064fc2 Author: Daniele Ceraolo Spurio Date: Wed Aug 7 16:53:32 2024 -0700 drm/xe: fix WA 14018094691 This WA is applied while initializing the media GT, but it a primary GT WA (because it modifies a register on the primary GT), so the XE_WA macro is returning false even when the WA should be applied. Fix this by using the primary GT in the macro. Note that this WA only applies to PXP and we don't yet support that in Xe, so there are no negative effects to this bug, which is why we didn't see any errors in testing. v2: use the primary GT in the macro instead of marking the WA as platform-wide (Lucas, Matt). Signed-off-by: Daniele Ceraolo Spurio Cc: Matt Roper Cc: Lucas De Marchi Reviewed-by: Matt Roper Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240807235333.1370915-1-daniele.ceraolospurio@intel.com commit 636cdf6fbddff4780ff4452a82afb099292b88b1 Author: Julia Filipchuk Date: Mon Aug 5 13:54:35 2024 -0700 drm/xe/guc: Enable w/a 14022293748 and 22019794406 Enable workarounds for HW bug where render engine reset fails. Given that we're bumping the minimum required GuC version to 70.29, we're guaranteed to always have support for this KLV in the GuC. v2: Enable KLV correctly for either workaround (Lucas) v4: Add check for minimum supported GuC firmware version. Enable w/a for hw version 20.01 too. (Daniele) v5 (Daniele): remove now unneeded fw type and version checks (JohnH) Signed-off-by: Julia Filipchuk Signed-off-by: Daniele Ceraolo Spurio Cc: John Harrison Reviewed-by: John Harrison Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240805205435.921921-1-daniele.ceraolospurio@intel.com commit 9e9d0a79d34716f8e2590ccab0eee08f4fdfc7f4 Author: Arnaldo Carvalho de Melo Date: Thu Aug 8 11:26:13 2024 -0300 perf test shell lbr: Support hybrid x86 systems too Running on a: root@x1:~# grep 'model name' -m1 /proc/cpuinfo model name : 13th Gen Intel(R) Core(TM) i7-1365U root@x1:~# It skips all the tests with: root@x1:~# perf test -vvvv LBR 97: perf record LBR tests: --- start --- test child forked, pid 2033388 Skip: only x86 CPUs support LBR ---- end(-2) ---- 97: perf record LBR tests : Skip root@x1:~# Because the test checks for the /sys/devices/cpu/caps/branches file, that isn't present as we have instead: root@x1:~# ls -la /sys/devices/cpu*/caps/branches -r--r--r--. 1 root root 4096 Aug 8 11:22 /sys/devices/cpu_atom/caps/branches -r--r--r--. 1 root root 4096 Aug 8 11:21 /sys/devices/cpu_core/caps/branches root@x1:~# If we check as well for one of those, /sys/devices/cpu_core/caps/branches, then we don't skip the tests and all are run on these x86 Intel Hybrid systems as well, passing all of them: root@x1:~# perf test -vvvv LBR 97: perf record LBR tests: --- start --- test child forked, pid 2034956 LBR callgraph [ perf record: Woken up 5 times to write data ] [ perf record: Captured and wrote 1.812 MB /tmp/__perf_test.perf.data.B2HvQ (8114 samples) ] LBR callgraph [Success] LBR any branch test [ perf record: Woken up 25 times to write data ] [ perf record: Captured and wrote 6.382 MB /tmp/__perf_test.perf.data.B2HvQ (8071 samples) ] LBR any branch test: 8071 samples LBR any branch test [Success] LBR any call test [ perf record: Woken up 23 times to write data ] [ perf record: Captured and wrote 6.208 MB /tmp/__perf_test.perf.data.B2HvQ (8092 samples) ] LBR any call test: 8092 samples LBR any call test [Success] LBR any ret test [ perf record: Woken up 24 times to write data ] [ perf record: Captured and wrote 6.396 MB /tmp/__perf_test.perf.data.B2HvQ (8093 samples) ] LBR any ret test: 8093 samples LBR any ret test [Success] LBR any indirect call test [ perf record: Woken up 25 times to write data ] [ perf record: Captured and wrote 6.344 MB /tmp/__perf_test.perf.data.B2HvQ (8067 samples) ] LBR any indirect call test: 8067 samples LBR any indirect call test [Success] LBR any indirect jump test [ perf record: Woken up 12 times to write data ] [ perf record: Captured and wrote 3.073 MB /tmp/__perf_test.perf.data.B2HvQ (8061 samples) ] LBR any indirect jump test: 8061 samples LBR any indirect jump test [Success] LBR direct calls test [ perf record: Woken up 25 times to write data ] [ perf record: Captured and wrote 6.380 MB /tmp/__perf_test.perf.data.B2HvQ (8076 samples) ] LBR direct calls test: 8076 samples LBR direct calls test [Success] LBR any indirect user call test [ perf record: Woken up 5 times to write data ] [ perf record: Captured and wrote 1.597 MB /tmp/__perf_test.perf.data.B2HvQ (8079 samples) ] LBR any indirect user call test: 8079 samples LBR any indirect user call test [Success] LBR system wide any branch test [ perf record: Woken up 26 times to write data ] [ perf record: Captured and wrote 9.088 MB /tmp/__perf_test.perf.data.B2HvQ (9209 samples) ] LBR system wide any branch test: 9209 samples LBR system wide any branch test [Success] LBR system wide any call test [ perf record: Woken up 25 times to write data ] [ perf record: Captured and wrote 8.945 MB /tmp/__perf_test.perf.data.B2HvQ (9333 samples) ] LBR system wide any call test: 9333 samples LBR system wide any call test [Success] LBR parallel any branch test LBR parallel any call test LBR parallel any ret test LBR parallel any indirect call test LBR parallel any indirect jump test LBR parallel direct calls test LBR parallel system wide any branch test LBR parallel any indirect user call test LBR parallel system wide any call test [ perf record: Woken up 9 times to write data ] [ perf record: Woken up 51 times to write data ] [ perf record: Woken up 1 times to write data ] [ perf record: Woken up 5 times to write data ] [ perf record: Woken up 559 times to write data ] [ perf record: Woken up 14 times to write data ] [ perf record: Woken up 17 times to write data ] [ perf record: Woken up 1 times to write data ] [ perf record: Woken up 11 times to write data ] [ perf record: Captured and wrote 0.150 MB /tmp/__perf_test.perf.data.lANpR (1909 samples) ] [ perf record: Captured and wrote 2.371 MB /tmp/__perf_test.perf.data.Olum8 (3033 samples) ] [ perf record: Captured and wrote 1.230 MB /tmp/__perf_test.perf.data.njfJ8 (1742 samples) ] [ perf record: Captured and wrote 5.554 MB /tmp/__perf_test.perf.data.4ZTrj (29662 samples) ] [ perf record: Captured and wrote 19.906 MB /tmp/__perf_test.perf.data.dlGQt (29576 samples) ] [ perf record: Captured and wrote 0.289 MB /tmp/__perf_test.perf.data.CAT7y (4311 samples) ] [ perf record: Captured and wrote 3.129 MB /tmp/__perf_test.perf.data.diuKG (3971 samples) ] LBR parallel any indirect user call test: 1909 samples [ perf record: Captured and wrote 4.858 MB /tmp/__perf_test.perf.data.sVjtN (6130 samples) ] LBR parallel any indirect user call test [Success] [ perf record: Captured and wrote 3.669 MB /tmp/__perf_test.perf.data.AJtNI (4827 samples) ] LBR parallel any indirect jump test: 4311 samples LBR parallel any indirect jump test [Success] LBR parallel direct calls test: 3033 samples LBR parallel direct calls test [Success] LBR parallel any indirect call test: 1742 samples LBR parallel any indirect call test [Success] LBR parallel any call test: 4827 samples LBR parallel any call test [Success] LBR parallel any branch test: 6130 samples LBR parallel any branch test [Success] LBR parallel system wide any branch test: 29662 samples LBR parallel any ret test: 3971 samples LBR parallel any ret test [Success] LBR parallel system wide any branch test [Success] LBR parallel system wide any call test: 29576 samples LBR parallel system wide any call test [Success] ---- end(0) ---- 97: perf record LBR tests : Ok root@x1:~# Reviewed-by: Kan Liang Acked-by: Ian Rogers Cc: Adrian Hunter Cc: Jiri Olsa Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/ZrTXftup0H46R8WK@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 32559b99e0f590700dcc2522d97bc637979bcf61 Author: Ian Rogers Date: Wed Aug 7 22:46:44 2024 -0700 perf test: Add set of perf record LBR tests Adds coverage for LBR operations and LBR callgraph. Reviewed-by: Kan Liang Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Andi Kleen Cc: Anne Macedo Cc: Changbin Du Cc: Ingo Molnar Cc: Jiri Olsa Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240808054644.1286065-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 599c19397b17d197fc1184bbc950f163a292efc9 Author: Ian Rogers Date: Wed Aug 7 22:46:43 2024 -0700 perf callchain: Fix stitch LBR memory leaks The 'struct callchain_cursor_node' has a 'struct map_symbol' whose maps and map members are reference counted. Ensure these values use a _get routine to increment the reference counts and use map_symbol__exit() to release the reference counts. Do similar for 'struct thread's prev_lbr_cursor, but save the size of the prev_lbr_cursor array so that it may be iterated. Ensure that when stitch_nodes are placed on the free list the map_symbols are exited. Fix resolve_lbr_callchain_sample() by replacing list_replace_init() to list_splice_init(), so the whole list is moved and nodes aren't leaked. A reproduction of the memory leaks is possible with a leak sanitizer build in the perf report command of: ``` $ perf record -e cycles --call-graph lbr perf test -w thloop $ perf report --stitch-lbr ``` Reviewed-by: Kan Liang Fixes: ff165628d72644e3 ("perf callchain: Stitch LBR call stack") Signed-off-by: Ian Rogers [ Basic tests after applying the patch, repeating the example above ] Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Andi Kleen Cc: Anne Macedo Cc: Changbin Du Cc: Ingo Molnar Cc: Jiri Olsa Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240808054644.1286065-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit fb1911ef6f4899eaba082bb81f301987e2e3bb86 Author: Alexander Aring Date: Fri Aug 2 13:26:47 2024 -0400 dlm: do synchronized socket connect call To avoid -EINPROGRESS cases on connect that just ends in a retry we just call connect in a synchronized way to wait until its done. Since commit dbb751ffab0b ("fs: dlm: parallelize lowcomms socket handling") we have a non ordered workqueue running for serving the DLM sockets that allows us to call send/recv for each DLM socket connection in parallel. Before each worker needed to wait until the previous worker was done and probably the reason why connect() was called in an asynchronous way to not block other workers. This is however not necessary anymore as other socket handling workers don't need to wait. Signed-off-by: Alexander Aring Signed-off-by: David Teigland commit c846f732b97aa30ab91c03b0337cc0c8e27b24df Author: Alexander Aring Date: Fri Aug 2 13:26:46 2024 -0400 dlm: move lkb xarray lookup out of lock This patch moves the xarray lookup functionality for the lkb out of the ls_lkbxa_lock read lock handling. We can do that as the xarray should be possible to access lockless in case of reader like xa_load(). We confirm under ls_lkbxa_lock that the lkb is still part of the data structure and take a reference when its still part of ls_lkbxa to avoid being freed after doing the lookup. To do a check if the lkb is still part of the ls_lkbxa data structure we use a kref_read() as the last put will remove it from the ls_lkbxa data structure and any reference taken means it is still part of ls_lkbxa. A similar approach was done with the DLM rsb rhashtable just with a flag instead of the refcounter because the refcounter has a slightly different meaning. Signed-off-by: Alexander Aring Signed-off-by: David Teigland commit 5be323b0c64dbecdc33b43012f927e6af82d62d3 Author: Alexander Aring Date: Fri Aug 2 13:26:45 2024 -0400 dlm: move dlm_search_rsb_tree() out of lock The rhashtable structure is lockless for readers such as rhashtable_lookup_fast(). It should be save to call this lookup functionality out of holding ls_rsbtbl_lock to get the rsb pointer out of the hash. This reduce the contention time of ls_rsbtbl_lock in some cases. We still need to check if the rsb is part of the check as this state can be changed while ls_rsbtbl_lock is not held. If its part of the rhashtable data structure we take a reference to be sure it will not be freed after we drop the ls_rsbtbl_lock read lock. Signed-off-by: Alexander Aring Signed-off-by: David Teigland commit 98ff7d95d91b56d8f2fdd0c4d0421f7fbb538cba Author: Alexander Aring Date: Fri Aug 2 13:26:44 2024 -0400 dlm: use RSB_HASHED to avoid lookup twice Since commit 01fdeca1cc2d ("dlm: use rcu to avoid an extra rsb struct lookup") _dlm_master_lookup() is called under rcu lock that prevents that the rsb structure is being freed. There was a missing change to avoid an additional lookup and just check that the rsb is still part of the ls_rsbtbl structure. This patch is doing such check instead of lookup the rsb structure again. Signed-off-by: Alexander Aring Signed-off-by: David Teigland commit 94e180d6255f5a765bb723e6e8b67f1438ce574b Author: Alexander Aring Date: Fri Aug 2 13:26:43 2024 -0400 dlm: async freeing of lockspace resources This patch handles freeing of lockspace resources asynchronously besides the release_lockspace() context. The release_lockspace() context is sometimes called in a time critical context, e.g. umount syscall. Most every user space init system will timeout if it takes too long. To reduce the potential waiting time we deregister in release_lockspace() the lockspace from the DLM subsystem and do the actual releasing of lockspace resource in a worker of a workqueue following recommendation of: https://lore.kernel.org/all/49925af7-78a8-a3dd-bce6-cfc02e1a9236@I-love.SAKURA.ne.jp/T/#u as flushing of system workqueues are not allowed. The most time to release the DLM resources are spent to release the data structures "ls->ls_lkbxa" and "ls->ls_rsbtbl" as they iterate over each entries and those data structures can contain millions of entries. This patch handles for now only freeing of those data structures as those operations are the most reason why release_lockspace() blocking of being returned. Signed-off-by: Alexander Aring Signed-off-by: David Teigland commit 8a4cf500f1dded74ababd8d33db35631e540e124 Author: Alexander Aring Date: Fri Aug 2 13:26:42 2024 -0400 dlm: drop kobject release callback handling This patch removes the releasing of the "struct dlm ls" resource out of the kobject handling. Instead we run kfree() after kobject_put() of the lockspace kobject structure that should always being the last put call. This prepares to split the releasing of all lockspace resources asynchronously in the background and just deregister everything in release_lockspace(). Signed-off-by: Alexander Aring Signed-off-by: David Teigland commit d47b822974b8d4da6f22be5341afd4ce6bca6a9f Author: Alexander Aring Date: Fri Aug 2 13:26:41 2024 -0400 dlm: warn about invalid nodeid comparsions This patch adds a warn on if is_master() and dlm_is_removed() checks on invalid nodeid states that are probably not what the caller wants to do here. The is_master() function checking on r->res_nodeid is invalid when it is set to -1, whereas the dlm_is_removed() has a different meaning as "nodeid member" and also 0 is invalid. We run into these cases and this patch changes those cases as we never will run into them. There should be no functional changes as the condition should return the same result. However this patch signals now on caller level that there might be an "extra" case to handle here. Signed-off-by: Alexander Aring Signed-off-by: David Teigland commit 90ad918e371fcb7ea4cb6c0a391acc6bba51662e Author: Alexander Aring Date: Fri Aug 2 13:26:40 2024 -0400 dlm: never return invalid nodeid by dlm_our_nodeid() This patch will remote the return of an invalid nodeid value when local_comm is not set. This case should never happen as the DLM stack tries to compare valid nodeids with an invalid nodeid returned by dlm_our_nodeid(). Instead we let it crash to getting at least recognized if we running into such state. Signed-off-by: Alexander Aring Signed-off-by: David Teigland commit d3b3d2d8e1aa394fc5fde4c0d3e32f8697c2b42c Author: Alexander Aring Date: Fri Aug 2 13:26:39 2024 -0400 dlm: remove unnecessary refcounts This patch removes unnecessary refcounts that are obviously not necessary because either when the pointer is passed as parameter or it is part of a list we should already hold a reference to it. Signed-off-by: Alexander Aring Signed-off-by: David Teigland commit 116978854427fd7abbeb328768e75b49a7298520 Author: Alexander Aring Date: Fri Aug 2 13:26:38 2024 -0400 dlm: cleanup memory allocation helpers This patch removes a unnecessary parameter from DLM memory allocation helpers and reduce some functions by just directly reply the pointer address of the allocated memory. Signed-off-by: Alexander Aring Signed-off-by: David Teigland commit de7aeb5dddd484a9b840dcb53449e5c15f5d3e97 Author: Thorsten Blum Date: Thu Aug 1 12:36:16 2024 +0200 clk: hisilicon: Remove unnecessary local variable The local u64 variable refdiv_val has the same value as the local u32 variable val and can be removed. Remove it and use val directly as the divisor to also remove the following Coccinelle/coccicheck warning reported by do_div.cocci: WARNING: do_div() does a 64-by-32 division, please consider using div64_u64 instead Use the preferred div_u64() function instead of the do_div() macro. Signed-off-by: Thorsten Blum Link: https://lore.kernel.org/r/20240801103616.20430-1-thorsten.blum@toblux.com Acked-by: Uwe Kleine-König Signed-off-by: Stephen Boyd commit c46fc83e3f3c89f18962e43890de90b1c304747a Author: Takashi Iwai Date: Thu Aug 8 20:23:07 2024 +0200 ALSA: vxpocket: Fix a typo at conversion to dev_*() There was a typo in the previous conversion to dev_*() that caused a build error. Fix it. Fixes: 2acbb5e57230 ("ALSA: vxpocket: Use standard print API") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408090110.t0mWbTyh-lkp@intel.com/ Link: https://patch.msgid.link/20240808182308.28418-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit a7050ca724807a60e639da953a092cf8dc6d1bf7 Author: Steven Rostedt Date: Wed Aug 7 17:00:29 2024 -0400 pstore/ramoops: Fix typo as there is no "reserver" For some reason my finger always hits the 'r' after typing "reserve". Fix the typo in the Documentation example. Fixes: d9d814eebb1ae ("pstore/ramoops: Add ramoops.mem_name= command line option") Signed-off-by: Steven Rostedt (Google) Acked-by: Mike Rapoport (Microsoft) Link: https://lore.kernel.org/r/20240807170029.3c1ff651@gandalf.local.home Signed-off-by: Kees Cook commit 91dae758bdb854367bf0811d97acb84e791764d9 Merge: a4172af3040cdc d97e71e449373e Author: Simona Vetter Date: Thu Aug 8 18:58:45 2024 +0200 Merge tag 'drm-misc-next-2024-08-01' of https://gitlab.freedesktop.org/drm/misc/kernel into drm-next drm-misc-next for v6.12: UAPI Changes: virtio: - Define DRM capset Cross-subsystem Changes: dma-buf: - heaps: Clean up documentation printk: - Pass description to kmsg_dump() Core Changes: CI: - Update IGT tests - Point upstream repo to GitLab instance modesetting: - Introduce Power Saving Policy property for connectors - Add might_fault() to drm_modeset_lock priming - Add dynamic per-crtc vblank configuration support panic: - Avoid build-time interference with framebuffer console docs: - Document Colorspace property scheduler: - Remove full_recover from drm_sched_start TTM: - Make LRU walk restartable after dropping locks - Allow direct reclaim to allocate local memory Driver Changes: amdgpu: - Support Power Saving Policy connector property ast: - astdp: Support AST2600 with VGA; Clean up HPD bridge: - Silence error message on -EPROBE_DEFER - analogix: Clean aup - bridge-connector: Fix double free - lt6505: Disable interrupt when powered off - tc358767: Make default DP port preemphasis configurable gma500: - Update i2c terminology ivpu: - Add MODULE_FIRMWARE() lcdif: - Fix pixel clock loongson: - Use GEM refcount over TTM's mgag200: - Improve BMC handling - Support VBLANK intterupts nouveau: - Refactor and clean up internals - Use GEM refcount over TTM's panel: - Shutdown fixes plus documentation - Refactor several drivers for better code sharing - boe-th101mb31ig002: Support for starry-er88577 MIPI-DSI panel plus DT; Fix porch parameter - edp: Support AOU B116XTN02.3, AUO B116XAN06.1, AOU B116XAT04.1, BOE NV140WUM-N41, BOE NV133WUM-N63, BOE NV116WHM-A4D, CMN N116BCA-EA2, CMN N116BCP-EA2, CSW MNB601LS1-4 - himax-hx8394: Support Microchip AC40T08A MIPI Display panel plus DT - ilitek-ili9806e: Support Densitron DMT028VGHMCMI-1D TFT plus DT - jd9365da: Support Melfas lmfbx101117480 MIPI-DSI panel plus DT; Refactor for code sharing sti: - Fix module owner stm: - Avoid UAF wih managed plane and CRTC helpers - Fix module owner - Fix error handling in probe - Depend on COMMON_CLK - ltdc: Fix transparency after disabling plane; Remove unused interrupt tegra: - Call drm_atomic_helper_shutdown() v3d: - Clean up perfmon vkms: - Clean up Signed-off-by: Daniel Vetter From: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240801121406.GA102996@linux.fritz.box commit e95b9f7f2ee05bbef3bf6a4cd7da6e887f17f652 Author: Jerome Brunet Date: Thu Aug 8 15:48:54 2024 +0200 ALSA: snd-usb-caiaq: use snd_pcm_rate_to_rate_bit Use snd_pcm_rate_to_rate_bit() helper provided by Alsa instead re-implementing it. This reduce code duplication and helps when changing some Alsa definition is necessary. Signed-off-by: Jerome Brunet Link: https://patch.msgid.link/20240808134857.86749-1-jbrunet@baylibre.com Signed-off-by: Takashi Iwai commit a1066453b5e49a28523f3ecbbfe4e06c6a29561c Author: Takashi Iwai Date: Thu Aug 8 18:31:27 2024 +0200 ALSA: control: Fix power_ref lock order for compat code, too In the previous change for swapping the power_ref and controls_rwsem lock order, the code path for the compat layer was forgotten. This patch covers the remaining code. Fixes: fcc62b19104a ("ALSA: control: Take power_ref lock primarily") Link: https://patch.msgid.link/20240808163128.20383-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit c37f7cd7e5b6c2aabe0d5b2220545789517b064a Author: Takashi Iwai Date: Thu Aug 8 18:29:01 2024 +0200 ALSA: vxpocket: Drop no longer existent chip->dev assignment The recent cleanup change for vx_core overlooked the code in vxpocket pcmcia driver. Kill the superfluous line as well. Fixes: b426b3ba9f6f ("ALSA: vx_core: Drop unused dev field") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408090016.kW0TA6fc-lkp@intel.com/ Link: https://patch.msgid.link/20240808162902.20082-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 2d98fea7491a00dccd61fee019843b262e60f819 Author: Drew Fustini Date: Thu Aug 1 11:38:10 2024 -0700 riscv: dts: thead: change TH1520 SPI node to use clock controller Change the clock property in the TH1520 SPI controller node to a clock provided by AP_SYS clock controller. Remove spi_clk fixed clock reference from BeagleV Ahead and LPI4a dts. Link: https://git.beagleboard.org/beaglev-ahead/beaglev-ahead/-/tree/main/docs Signed-off-by: Drew Fustini commit 7f5b28218cec55072b562be386675ccae41acca1 Author: Drew Fustini Date: Thu Aug 1 11:38:09 2024 -0700 riscv: dts: thead: add clock to TH1520 gpio nodes Add clock property to TH1520 gpio controller nodes. These clock gates refer to corresponding enable bits in the peripheral clock gate control register. Refer to register PERI_CLK_CFG in section 4.4.2.2.52 of the TH1520 System User Manual. Link: https://git.beagleboard.org/beaglev-ahead/beaglev-ahead/-/tree/main/docs Signed-off-by: Drew Fustini commit 89d58327fd7451533fd313d727b50a8264477bf4 Author: Drew Fustini Date: Thu Aug 1 11:38:08 2024 -0700 riscv: dts: thead: update TH1520 dma and timer nodes to use clock controller Change the dma-controller and timer nodes to use the APB clock provided by the AP_SUBSYS clock controller. Remove apb_clk reference from BeagleV Ahead and LPI4a dts. Link: https://git.beagleboard.org/beaglev-ahead/beaglev-ahead/-/tree/main/docs Signed-off-by: Drew Fustini commit 03a20182e1e0f4a824aeef9aa7bd1d46ea6d0196 Author: Drew Fustini Date: Thu Aug 1 11:38:07 2024 -0700 riscv: dts: thead: change TH1520 mmc nodes to use clock controller Change the clock property in the TH1520 mmc controller nodes to a clock provided by AP_SYS clock controller. Remove sdhci fixed clock reference from BeagleV Ahead and LPI4a dts. Link: https://git.beagleboard.org/beaglev-ahead/beaglev-ahead/-/tree/main/docs Signed-off-by: Drew Fustini commit c101b4a028e21ceaa4e39a62ee36a404d7b4bca9 Author: Drew Fustini Date: Thu Aug 1 11:38:06 2024 -0700 riscv: dts: thead: change TH1520 uart nodes to use clock controller Change the clock property in TH1520 uart nodes to a clock provided by AP_SUBSYS clock controller. Link: https://git.beagleboard.org/beaglev-ahead/beaglev-ahead/-/tree/main/docs Signed-off-by: Drew Fustini commit e919fe036a97f6ed96eecf39ea61963eb2ff3442 Author: Drew Fustini Date: Thu Aug 1 11:38:05 2024 -0700 riscv: dts: thead: Add TH1520 AP_SUBSYS clock controller Add node for the AP_SUBSYS clock controller on the T-Head TH1520 SoC. Link: https://openbeagle.org/beaglev-ahead/beaglev-ahead/-/blob/main/docs/TH1520%20System%20User%20Manual.pdf Link: https://git.beagleboard.org/beaglev-ahead/beaglev-ahead/-/tree/main/docs Signed-off-by: Drew Fustini commit ae94b263f5f69c180347e795fbefa051b65aacc3 Author: Dmitry Vyukov Date: Tue Jun 11 09:50:33 2024 +0200 x86: Ignore stack unwinding in KCOV Stack unwinding produces large amounts of uninteresting coverage. It's called from KASAN kmalloc/kfree hooks, fault injection, etc. It's not particularly useful and is not a function of system call args. Ignore that code. Signed-off-by: Dmitry Vyukov Signed-off-by: Thomas Gleixner Reviewed-by: Alexander Potapenko Reviewed-by: Marco Elver Reviewed-by: Andrey Konovalov Acked-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/all/eaf54b8634970b73552dcd38bf9be6ef55238c10.1718092070.git.dvyukov@google.com commit f34d086fb7102fec895fd58b9e816b981b284c17 Author: Dmitry Vyukov Date: Tue Jun 11 09:50:32 2024 +0200 module: Fix KCOV-ignored file name module.c was renamed to main.c, but the Makefile directive was copy-pasted verbatim with the old file name. Fix up the file name. Fixes: cfc1d277891e ("module: Move all into module/") Signed-off-by: Dmitry Vyukov Signed-off-by: Thomas Gleixner Reviewed-by: Alexander Potapenko Reviewed-by: Marco Elver Reviewed-by: Andrey Konovalov Cc: stable@vger.kernel.org Link: https://lore.kernel.org/all/bc0cf790b4839c5e38e2fafc64271f620568a39e.1718092070.git.dvyukov@google.com commit 6cd0dd934b03d4ee4094ac474108723e2f2ed7d6 Author: Dmitry Vyukov Date: Tue Jun 11 09:50:31 2024 +0200 kcov: Add interrupt handling self test Add a boot self test that can catch sprious coverage from interrupts. The coverage callback filters out interrupt code, but only after the handler updates preempt count. Some code periodically leaks out of that section and leads to spurious coverage. Add a best-effort (but simple) test that is likely to catch such bugs. If the test is enabled on CI systems that use KCOV, they should catch any issues fast. Signed-off-by: Dmitry Vyukov Signed-off-by: Thomas Gleixner Reviewed-by: Alexander Potapenko Reviewed-by: Marco Elver Reviewed-by: Andrey Konovalov Link: https://lore.kernel.org/all/7662127c97e29da1a748ad1c1539dd7b65b737b2.1718092070.git.dvyukov@google.com commit 477d81a1c47a1b79b9c08fc92b5dea3c5143800b Author: Dmitry Vyukov Date: Tue Jun 11 09:50:30 2024 +0200 x86/entry: Remove unwanted instrumentation in common_interrupt() common_interrupt() and related variants call kvm_set_cpu_l1tf_flush_l1d(), which is neither marked noinstr nor __always_inline. So compiler puts it out of line and adds instrumentation to it. Since the call is inside of instrumentation_begin/end(), objtool does not warn about it. The manifestation is that KCOV produces spurious coverage in kvm_set_cpu_l1tf_flush_l1d() in random places because the call happens when preempt count is not yet updated to say that the kernel is in an interrupt. Mark kvm_set_cpu_l1tf_flush_l1d() as __always_inline and move it out of the instrumentation_begin/end() section. It only calls __this_cpu_write() which is already safe to call in noinstr contexts. Fixes: 6368558c3710 ("x86/entry: Provide IDTENTRY_SYSVEC") Signed-off-by: Dmitry Vyukov Signed-off-by: Thomas Gleixner Reviewed-by: Alexander Potapenko Acked-by: Peter Zijlstra (Intel) Cc: stable@vger.kernel.org Link: https://lore.kernel.org/all/3f9a1de9e415fcb53d07dc9e19fa8481bb021b1b.1718092070.git.dvyukov@google.com commit 830a0d12943f53077b235f2a3caa8ab2b36475a3 Author: Li RongQing Date: Tue Aug 6 20:08:23 2024 +0800 x86/mm: Don't print out SRAT table information This per CPU log is becoming longer with more and more CPUs in system, which slows down the boot process due to the serializing nature of printk(). The value of this information is dubious and it can be retrieved by lscpu from user space if required.. Downgrade the printk() to pr_debug() so it is still accessible for debug purposes. [ tglx: Massaged changelog ] Signed-off-by: Li RongQing Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240806120823.17111-1-lirongqing@baidu.com commit e61f1a729da850cca2c2d7e045b27c3fd4830d7c Author: Vishnu Reddy Date: Mon Jul 29 21:06:31 2024 +0530 pinctrl: samsung: Add support for pull-up and pull-down Gpiolib framework has the implementation of setting up the PUD configuration for GPIO pins but there is no driver support. Add support to handle the PUD configuration request from the userspace in samsung pinctrl driver. Signed-off-by: Vishnu Reddy Link: https://lore.kernel.org/r/20240729153631.24536-1-vishnu.reddy@samsung.com Signed-off-by: Krzysztof Kozlowski commit 60029162a0458832ab2bcfc6fd4986bfd9ca0f55 Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:41:18 2024 +0200 genirq: Remove irq_chip_regs:: Polarity The polarity member of struct irq_chip_regs is unused. Remove it along with its kernel-doc. Found by https://github.com/jirislaby/clang-struct. Signed-off-by: Jiri Slaby (SUSE) Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240808104118.430670-3-jirislaby@kernel.org commit a09cdb8f564613769142a60400bb5160864c3269 Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:41:17 2024 +0200 genirq: Remove unused irq_chip_generic:: {type,polarity}_cache The type_cache and polarity_cache members of struct irq_chip_generic are unused. Remove them both along with their kernel-doc. Found by https://github.com/jirislaby/clang-struct. Signed-off-by: Jiri Slaby (SUSE) Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240808104118.430670-2-jirislaby@kernel.org commit 15e46124ec937bb0ab530634dce4550947f53133 Author: Jiri Slaby (SUSE) Date: Thu Aug 8 12:41:16 2024 +0200 genirq/irq_sim: Remove unused irq_sim_work_ctx:: Irq_base Since commit 337cbeb2c13e ("genirq/irq_sim: Simplify the API"), irq_sim_work_ctx::irq_base is unused. Drop it. Found by https://github.com/jirislaby/clang-struct. Signed-off-by: Jiri Slaby (SUSE) Signed-off-by: Thomas Gleixner Acked-by: Bartosz Golaszewski Link: https://lore.kernel.org/all/20240808104118.430670-1-jirislaby@kernel.org commit 76bee035c6add05841addc3f31b41cd726b912c4 Author: Zhang Zekun Date: Thu Aug 8 11:15:52 2024 +0800 irqchip/mbigen: Simplify code logic with for_each_child_of_node_scoped() for_each_child_of_node_scoped() handles the device_node automaticlly, so switching over to it removes the device node cleanups and allows to return directly from the loop. Signed-off-by: Zhang Zekun Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240808031552.3156-1-zhangzekun11@huawei.com commit b77c6a73e10ae16b19999bebc6ca1413739dfe86 Author: Marek Behún Date: Wed Aug 7 18:41:04 2024 +0200 irqchip/armada-370-xp: Use mpic_is_ipi_available() in mpic_of_init() mpic_of_init() contains the last case where the open coded IPI support condition needs to be replaced with mpic_is_ipi_available() to keep the code consistent. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner commit d6ca3f440239fb4fa85228ead4c5e8b286645b7e Author: Marek Behún Date: Wed Aug 7 18:41:03 2024 +0200 irqchip/armada-370-xp: Allow mapping only per-CPU interrupts On platforms where MPIC is not the top-level interrupt controller the driver currently only supports handling of the per-CPU interrupts (the first 29 interrupts). This is obvious from the code of mpic_handle_cascade_irq(), which reads only one cause register. Bound the number of available interrupts in the interrupt domain to 29 for these platforms. The corresponding device-trees refer only to per-CPU interrupts via MPIC, the other interrupts are referred to via GIC. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner commit 4042a965a5e62c8d298d642cbf72b14f41687319 Author: Marek Behún Date: Wed Aug 7 18:41:02 2024 +0200 irqchip/armada-370-xp: Iterate only valid bits of the per-CPU interrupt cause register Use MPIC_PER_CPU_IRQS_NR (29) bound instead of BITS_PER_LONG (32) when iterating the bits of the per-CPU interrupt cause register, since there are only 29 per-CPU interrupts. The top 3 bits are always zero anyway. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner commit 2793f68749c1fb035e255cdffb10108ef023f608 Author: Marek Behún Date: Wed Aug 7 18:41:01 2024 +0200 irqchip/armada-370-xp: Fix reenabling last per-CPU interrupt The number of per-CPU interrupts is 29 (0 to 28). This is described by the constant MPIC_MAX_PER_CPU_IRQS, set to 28 (the maximum per-CPU interrupt). Commit 0fa4ce746d1d ("irqchip/armada-370-xp: Re-enable per-CPU interrupts at resume time") used the constant incorrectly in the for-loop, it used the operator < instead of <=, causing it to iterate only the first 28 interrupts (0 to 27), ignoring the last, 28th, per-CPU interrupt. To avoid this kind of confusions, fix this issue by renaming the constant to MPIC_PER_CPU_IRQS_NR and set it to 29, the number of per-CPU IRQs. Update its use in mpic_is_percpu_irq() accordingly. Fixes: 0fa4ce746d1d ("irqchip/armada-370-xp: Re-enable per-CPU interrupts at resume time") Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Cc: # The 29th interrupt is not used in any device-tree commit 6abd809a543936ca005fd37efa32906c78409aea Author: Marek Behún Date: Wed Aug 7 18:41:00 2024 +0200 irqchip/armada-370-xp: Dynamically allocate the driver private structure Dynamically allocate the driver private structure. This concludes the conversion of this driver to modern style. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner commit 77eef29b642f07f56af28a7126b5666f705ca8d0 Author: Marek Behún Date: Wed Aug 7 18:40:59 2024 +0200 irqchip/armada-370-xp: Pass around the driver private structure In continuation of converting the driver to modern style, drop the global pointer to the driver private structure and instead pass it around the functions and callbacks, wherever possible. (There are 3 cases where it is not possible: mpic_cascaded_starting_cpu() and the syscore operations mpic_suspend() and mpic_resume()). Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner commit ee5d09cf14a10010af163ac98e21aa282de6c4cf Author: Marek Behún Date: Wed Aug 7 18:40:58 2024 +0200 irqchip/armada-370-xp: Put MSI doorbell limits into the mpic structure Put the MSI doorbell limits msi_doorbell_start, msi_doorbell_size and msi_doorbell_mask into the driver private structure and get rid of the corresponding functions. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner commit 68fe2c59853611e2551370f0ab4b80b04a0748ee Author: Marek Behún Date: Wed Aug 7 18:40:57 2024 +0200 irqchip/armada-370-xp: Put static variables into driver private structure In preparation for converting the driver to modern style put all the interrupt controller private static variables into driver private structure. Access to these variables changes as: main_int_base mpic->base per_cpu_int_base mpic->per_cpu mpic_domain mpic->domain parent_irq mpic->parent_irq ... Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner commit a4d4d4a642da83d869d2851c8c3732c699cbc08e Author: Marek Behún Date: Wed Aug 7 18:40:56 2024 +0200 irqchip/armada-370-xp: Put __init attribute after return type in mpic_ipi_init() For consistency with the rest of the driver, put the __init attribute after the return type of the mpic_ipi_init() function. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner commit 37e130c224fd0da168570003355fcbd091a87030 Author: Marek Behún Date: Wed Aug 7 18:40:55 2024 +0200 irqchip/armada-370-xp: Add the __init attribute to mpic_msi_init() Add the __init attribute to the mpic_msi_init() function. It is only called from the device initializer, and so can be dropped after boot is complete. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner commit 0dbf9b6025e3d6092ad883541c090118e5361d98 Author: Marek Behún Date: Wed Aug 7 18:40:54 2024 +0200 irqchip/armada-370-xp: Drop msi_doorbell_end() Drop the msi_doorbell_end() function and related constants, it is not used anymore. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner commit 3431392d5e8a7d420c06048260d521c1dd08e931 Author: Marek Behún Date: Wed Aug 7 18:40:53 2024 +0200 irqchip/armada-370-xp: Drop IPI_DOORBELL_START and rename IPI_DOORBELL_END Drop IPI_DOORBELL_START since it is not used and rename IPI_DOORBELL_END to IPI_DOORBELL_NR. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner commit 372f244b01784b5ee233cdfd732b4c1929ddd71e Author: Jani Nikula Date: Tue Aug 6 16:38:32 2024 +0300 drm/i915: remove __i915_printk() With the previous cleanups, the last remaining user of __i915_printk() is i915_probe_error(). Switch that to use drm_dbg() and drm_err() instead, dropping the request to report bugs in the few remaining specific cases. It's not common for drivers to log bug filing requests to begin with, but these cases are in init, which is most likely to be tested in CI and least likely to be hit by end users anyway. Acked-by: Tvrtko Ursulin Reviewed-by: Andi Shyti Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/be9baeab281f75999e96cc7ad1c06c6680494bc1.1722951405.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 94a438a7595bb5a7a2efb94de2dc818845254e4f Author: Jani Nikula Date: Tue Aug 6 16:38:31 2024 +0300 drm/i915: remove i915_report_error() i915_report_error() presently acts as a wrapper for __i915_printk(). In practice, it would be better to use drm level error reporting wherever possible, so replace all uses of i915_report_error() with the equivalent drm_err() call. These cases are not worth having a dedicated wrapper to also print bug reporting info. Replacing the calls leaves i915_report_error() with no users, so remove it. Reviewed-by: Tvrtko Ursulin Reviewed-by: Andi Shyti Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/19eab020c57c0fa45acacf4e4a8077e57cd4d561.1722951405.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit b635066c2e0fcf74428b0864c249c1dbcaa4b5bc Author: Jani Nikula Date: Tue Aug 6 16:38:30 2024 +0300 drm/i915: remove a few __i915_printk() uses __i915_printk() does nothing special for notice/info levels. Just use the regular drm_notice() and drm_info() calls. Reviewed-by: Andi Shyti Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/82857a0c04d3c11ca6758f05c13a3cec4f1a2f01.1722951405.git.jani.nikula@intel.com Signed-off-by: Jani Nikula commit 37e2a19c98bf99747ca997be876dfc13f9165e0a Author: Veronika Molnarova Date: Thu Aug 8 12:37:49 2024 +0200 perf test pmu: Set uninitialized PMU alias to null Commit 3e0bf9fde2984469 ("perf pmu: Restore full PMU name wildcard support") adds a test case "PMU cmdline match" that covers PMU name wildcard support provided by function perf_pmu__match(). The test works with a wide range of supported combinations of PMU name matching but omits the case that if the perf_pmu__match() cannot match the PMU name to the wildcard, it tries to match its alias. However, this variable is not set up, causing the test case to fail when run with subprocesses or to segfault if run as a single process. ./perf test -vv 9 9: Sysfs PMU tests : 9.1: Parsing with PMU format directory : Ok 9.2: Parsing with PMU event : Ok 9.3: PMU event names : Ok 9.4: PMU name combining : Ok 9.5: PMU name comparison : Ok 9.6: PMU cmdline match : FAILED! ./perf test -F 9 9.1: Parsing with PMU format directory : Ok 9.2: Parsing with PMU event : Ok 9.3: PMU event names : Ok 9.4: PMU name combining : Ok 9.5: PMU name comparison : Ok Segmentation fault (core dumped) Initialize the PMU alias to null for all tests of perf_pmu__match() as this functionality is not being tested and the alias matching works exactly the same as the matching of the PMU name. ./perf test -F 9 9.1: Parsing with PMU format directory : Ok 9.2: Parsing with PMU event : Ok 9.3: PMU event names : Ok 9.4: PMU name combining : Ok 9.5: PMU name comparison : Ok 9.6: PMU cmdline match : Ok Fixes: 3e0bf9fde2984469 ("perf pmu: Restore full PMU name wildcard support") Signed-off-by: Veronika Molnarova Cc: James Clark Cc: Michael Petlan Cc: Namhyung Kim Cc: Radostin Stoyanov Link: https://lore.kernel.org/r/20240808103749.9356-1-vmolnaro@redhat.com Signed-off-by: Arnaldo Carvalho de Melo commit 31aaa7d95e09892c81df0d7c49ae85640fa4e202 Author: Hans Verkuil Date: Thu Aug 8 11:09:18 2024 +0200 media: cec: cec-adap.c: improve CEC_MSG_FL_REPLY_VENDOR_ID check The new CEC_MSG_FL_REPLY_VENDOR_ID flag only makes sense in combination with CEC_MSG_VENDOR_COMMAND_WITH_ID. So rather than reporting an error if that flag is set with another command, just clear the flag instead. Only keep the message length check, since otherwise the flag would not make sense. Signed-off-by: Hans Verkuil Signed-off-by: Mauro Carvalho Chehab commit 599f6899051cb70c4e0aa9fd591b9ee220cb6f14 Author: Hans Verkuil Date: Wed Aug 7 09:22:10 2024 +0200 media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags The cec_msg_set_reply_to() helper function never zeroed the struct cec_msg flags field, this can cause unexpected behavior if flags was uninitialized to begin with. Signed-off-by: Hans Verkuil Fixes: 0dbacebede1e ("[media] cec: move the CEC framework out of staging and to media") Cc: Signed-off-by: Mauro Carvalho Chehab commit 1f5e3920b5e45cef81a31a1dcf8e1d0f615840fa Author: ganjie Date: Thu Aug 8 16:57:07 2024 +0800 Documentation: dontdiff: remove 'utf8data.h' Commit 2b3d04787012 ("unicode: Add utf8-data module") changed the database file from 'utf8data.h' to 'utf8data.c' to build separate module, but it seems forgot to update Documentation/dontdiff. Remove 'utf8data.h' and add 'utf8data.c'. Signed-off-by: ganjie Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240808085707.3235019-1-guoxuenan@huawei.com commit 2df5484bbf2f1fa3efa2b6385efc1350d89b7783 Author: Arnaldo Carvalho de Melo Date: Thu Aug 8 09:59:40 2024 -0300 perf tests ftrace: Add pattern check for time, count In 'perf ftrace profile sleep 0.1' we know that we'll have an specific kernel function that will take a bit more than 0.1 seconds and will take place just one time, so we can add a check for that so that we validate more than just the presence of some functions in the profile. Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Steven Rostedt (VMware) Link: https://lore.kernel.org/lkml/ZrTBo7KACZeuCyLj@x1 Signed-off-by: Arnaldo Carvalho de Melo commit ed5bb548cc648de6dbb5894cf95955998e466589 Author: Namhyung Kim Date: Wed Aug 7 21:49:54 2024 -0700 perf test: Add a new shell test for perf ftrace $ sudo ./perf test ftrace -vv 86: perf ftrace tests: --- start --- test child forked, pid 1772223 perf ftrace list test syscalls for sleep: __x64_sys_nanosleep __ia32_sys_nanosleep __x64_sys_clock_nanosleep __ia32_sys_clock_nanosleep perf ftrace list test [Success] perf ftrace trace test # tracer: function_graph # # CPU DURATION FUNCTION CALLS # | | | | | | | 0) | __x64_sys_clock_nanosleep() { 0) | common_nsleep() { 0) | hrtimer_nanosleep() { 0) | do_nanosleep() { perf ftrace trace test [Success] perf ftrace latency test target function: __x64_sys_clock_nanosleep # DURATION | COUNT | GRAPH | 32 - 64 ms | 1 | ############################################## | perf ftrace latency test [Success] perf ftrace profile test # Total (us) Avg (us) Max (us) Count Function 100136.400 100136.400 100136.400 1 __x64_sys_clock_nanosleep 100135.200 100135.200 100135.200 1 common_nsleep 100134.700 100134.700 100134.700 1 hrtimer_nanosleep 100133.700 100133.700 100133.700 1 do_nanosleep 100130.600 100130.600 100130.600 1 schedule 166.868 55.623 80.299 3 scheduler_tick 5.926 5.926 5.926 1 native_smp_send_reschedule 301.941 301.941 301.941 1 __x64_sys_execve 295.786 295.786 295.786 1 do_execveat_common.isra.0 71.397 35.699 46.403 2 bprm_execve 2.519 1.260 1.547 2 sched_mm_cid_before_execve 1.098 0.549 0.686 2 sched_mm_cid_after_execve perf ftrace profile test [Success] ---- end(0) ---- 86: perf ftrace tests : Ok Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Steven Rostedt (VMware) Link: https://lore.kernel.org/r/20240808044954.1775333-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 90d78e7b8e57b064f700545081fc9288c1564e92 Author: Namhyung Kim Date: Wed Aug 7 15:31:29 2024 -0700 perf annotate-data: Show typedef names properly The die_get_typename() would resolve typedef and get to the original type. But sometimes the original type is a struct without name and it makes the output confusing and hard to read. This is a diff of perf report -s type before and after the change. New types such as atomic{,64}_t and sigset_t appeared and the portion of unnamed struct was reduced. Also u32, u64 and size_t were splitted from the base types. --- b 2024-08-01 17:02:34.307809952 -0700 +++ a 2024-08-07 14:17:05.245853999 -0700 - 2.40% long unsigned int + 2.26% long unsigned int - 1.56% unsigned int + 1.27% unsigned int - 0.98% struct - 0.79% long long unsigned int + 0.58% long long unsigned int + 0.36% struct + 0.27% atomic64_t + 0.22% u32 + 0.21% u64 + 0.19% atomic_t + 0.13% size_t - 0.08% struct seqcount_spinlock + 0.08% seqcount_spinlock_t + 0.08% sigset_t + 0.08% __poll_t Let's use the typedef name directly and the resolved to get the size of the type. Committer testing: root@x1:~# diff -u before after | head -30 --- before 2024-08-08 09:35:13.917325041 -0300 +++ after 2024-08-08 09:37:35.312257905 -0300 @@ -10,25 +10,27 @@ # ........ ......... # 79.40% (unknown) - 2.28% union 1.96% (stack operation) - 1.24% struct + 1.87% pthread_mutex_t 0.99% u32[] - 0.92% unsigned int 0.77% struct task_struct + 0.75% U32 0.75% struct pcpu_hot 0.63% struct qspinlock + 0.61% atomic_t 0.59% struct list_head - 0.58% int 0.53% struct cfs_rq 0.51% BYTE* - 0.48% unsigned char + 0.48% BYTE 0.48% long unsigned int 0.46% struct rq 0.41% struct worker 0.41% struct memcg_vmstats_percpu + 0.41% pthread_cond_t 0.37% _Bool + 0.36% int root@x1:~# Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Masami Hiramatsu Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240807223129.1738004-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 037f1b67e81c2500c94625b089cfd1ecc76a18b5 Author: Namhyung Kim Date: Mon Aug 5 16:46:48 2024 -0700 perf annotate: Cache debuginfo for data type profiling In find_data_type(), it creates and deletes a debug info whenver it tries to find data type for a sample. This is inefficient and it most likely accesses the same binary again and again. Let's add a single entry cache the debug info structure for the last DSO. Depending on sample data, it usually gives me 2~3x (and sometimes more) speed ups. Note that this will introduce a little difference in the output due to the order of checking stack operations. It used to check the stack ops before checking the availability of debug info but I moved it after the symbol check. So it'll report stack operations in DSOs without debug info as unknown. But I think it's ok and better to have the checking near the caching logic. Committer testing: root@x1:~# perf mem record -a sleep 5s root@x1:~# perf evlist cpu_atom/mem-loads,ldlat=30/P cpu_atom/mem-stores/P dummy:u root@x1:~# diff -u before after --- before 2024-08-08 09:33:53.880780784 -0300 +++ after 2024-08-08 09:35:13.917325041 -0300 @@ -81,8 +81,8 @@ # Overhead Data Type # ........ ......... # - 55.43% (unknown) - 11.61% (stack operation) + 55.56% (unknown) + 11.48% (stack operation) 4.93% struct pcpu_hot 3.26% unsigned int 2.48% struct Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240805234648.1453689-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit b2f70c99edc7e4dcd201abbdcc4b75030973edce Author: Ian Rogers Date: Tue Aug 6 23:51:36 2024 -0700 perf hist: Fix reference counting of branch_info iter_finish_branch_entry() doesn't put the branch_info from/to map elements creating memory leaks. This can be seen with: ``` $ perf record -e cycles -b perf test -w noploop $ perf report -D ... Direct leak of 984344 byte(s) in 123043 object(s) allocated from: #0 0x7fb2654f3bd7 in malloc libsanitizer/asan/asan_malloc_linux.cpp:69 #1 0x564d3400d10b in map__get util/map.h:186 #2 0x564d3400d10b in ip__resolve_ams util/machine.c:1981 #3 0x564d34014d81 in sample__resolve_bstack util/machine.c:2151 #4 0x564d34094790 in iter_prepare_branch_entry util/hist.c:898 #5 0x564d34098fa4 in hist_entry_iter__add util/hist.c:1238 #6 0x564d33d1f0c7 in process_sample_event tools/perf/builtin-report.c:334 #7 0x564d34031eb7 in perf_session__deliver_event util/session.c:1655 #8 0x564d3403ba52 in do_flush util/ordered-events.c:245 #9 0x564d3403ba52 in __ordered_events__flush util/ordered-events.c:324 #10 0x564d3402d32e in perf_session__process_user_event util/session.c:1708 #11 0x564d34032480 in perf_session__process_event util/session.c:1877 #12 0x564d340336ad in reader__read_event util/session.c:2399 #13 0x564d34033fdc in reader__process_events util/session.c:2448 #14 0x564d34033fdc in __perf_session__process_events util/session.c:2495 #15 0x564d34033fdc in perf_session__process_events util/session.c:2661 #16 0x564d33d27113 in __cmd_report tools/perf/builtin-report.c:1065 #17 0x564d33d27113 in cmd_report tools/perf/builtin-report.c:1805 #18 0x564d33e0ccb7 in run_builtin tools/perf/perf.c:350 #19 0x564d33e0d45e in handle_internal_command tools/perf/perf.c:403 #20 0x564d33cdd827 in run_argv tools/perf/perf.c:447 #21 0x564d33cdd827 in main tools/perf/perf.c:561 ... ``` Clearing up the map_symbols properly creates maps reference count issues so resolve those. Resolving this issue doesn't improve peak heap consumption for the test above. Committer testing: $ sudo dnf install libasan $ make -k CORESIGHT=1 EXTRA_CFLAGS="-fsanitize=address" CC=clang O=/tmp/build/$(basename $PWD)/ -C tools/perf install-bin Reviewed-by: Kan Liang Signed-off-by: Ian Rogers Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: Jiri Olsa Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Sun Haiyong Cc: Yanteng Si Link: https://lore.kernel.org/r/20240807065136.1039977-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 6600c55ba0d46c6f2f74eaa6ddfe2b66cb8df852 Author: Andi Shyti Date: Wed Aug 7 14:05:16 2024 +0100 drm/i915: Replace double blank with single blank after comma Do not use double blanks, ", " in function parameters where it's not required by any alignment purpose. Replase it with a single blank, ", ". Signed-off-by: Andi Shyti Reviewed-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240807130516.491053-3-andi.shyti@linux.intel.com commit b7b930d104c38a545d862896759863d649be8252 Author: Andi Shyti Date: Wed Aug 7 14:05:15 2024 +0100 drm/i915: Replace double blank with single blank after comma in gem/ and gt/ Do not use double blanks, ", " in function parameters where it's not required by any alignment purpose. Replase it with a single blank, ", ". Signed-off-by: Andi Shyti Reviewed-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240807130516.491053-2-andi.shyti@linux.intel.com commit 3e15a3fe3a2a170c5be52783667706875c088f96 Author: Peter Zijlstra Date: Wed Aug 7 13:29:29 2024 +0200 perf: Optimize __pmu_ctx_sched_out() There is is no point in doing the perf_pmu_disable() dance just to do nothing. This happens for ctx_sched_out(.type = EVENT_TIME) for instance. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Kan Liang Reviewed-by: Namhyung Kim Link: https://lore.kernel.org/r/20240807115550.392851915@infradead.org commit 5d95a2af973d47260b1e1828953fc860c0094052 Author: Peter Zijlstra Date: Wed Aug 7 13:29:28 2024 +0200 perf: Add context time freeze Many of the the context reschedule users are of the form: ctx_sched_out(.type = EVENT_TIME); ... modify context ctx_resched(); With the idea that the whole reschedule happens with a single time-stamp, rather than with each ctx_sched_out() advancing time and ctx_sched_in() re-starting time, creating a non-atomic experience. However, Kan noticed that since this completely stops time, it actually looses a bit of time between the stop and start. Worse, now that we can do partial (per PMU) reschedules, the PMUs that are not scheduled out still observe the time glitch. Replace this with: ctx_time_freeze(); ... modify context ctx_resched(); With the assumption that this happens in a perf_ctx_lock() / perf_ctx_unlock() pair. The new ctx_time_freeze() will update time and sets EVENT_FROZEN, and ensures EVENT_TIME and EVENT_FROZEN remain set, this avoids perf_event_time_now() from observing a time wobble from not seeing EVENT_TIME for a little while. Additionally, this avoids loosing time between ctx_sched_out(EVENT_TIME) and ctx_sched_in(), which would re-set the timestamp. Reported-by: Kan Liang Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Kan Liang Reviewed-by: Namhyung Kim Link: https://lore.kernel.org/r/20240807115550.250637571@infradead.org commit 558abc7e3f895049faa46b08656be4c60dc6e9fd Author: Peter Zijlstra Date: Wed Aug 7 13:29:27 2024 +0200 perf: Fix event_function_call() locking All the event_function/@func call context already uses perf_ctx_lock() except for the !ctx->is_active case. Make it all consistent. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Kan Liang Reviewed-by: Namhyung Kim Link: https://lore.kernel.org/r/20240807115550.138301094@infradead.org commit 9a32bd9901fe5b1dcf544389dbf04f3b0a2fbab4 Author: Peter Zijlstra Date: Wed Aug 7 13:29:26 2024 +0200 perf: Extract a few helpers The context time update code is repeated verbatim a few times. Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Kan Liang Reviewed-by: Namhyung Kim Link: https://lore.kernel.org/r/20240807115550.031212518@infradead.org commit 2d17cf1abcbe8a45b7dc41a768ed22aac158ddd8 Author: Peter Zijlstra Date: Wed Aug 7 13:29:25 2024 +0200 perf: Optimize context reschedule for single PMU cases Currently re-scheduling a context will reschedule all active PMUs for that context, even if it is known only a single event is added. Namhyung reported that changing this to only reschedule the affected PMU when possible provides significant performance gains under certain conditions. Therefore, allow partial context reschedules for a specific PMU, that of the event modified. While the patch looks somewhat noisy, it mostly just propagates a new @pmu argument through the callchain and modifies the epc loop to only pick the 'epc->pmu == @pmu' case. Reported-by: Namhyung Kim Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Kan Liang Reviewed-by: Namhyung Kim Link: https://lore.kernel.org/r/20240807115549.920950699@infradead.org commit e3e4e77140b4a240865309cc543141a593be4a21 Author: Rob Herring (Arm) Date: Wed Aug 7 16:59:58 2024 -0600 dt-bindings: memory-controllers: fsl,imx-weim: Fix "fsl,weim-cs-timing" schema The "fsl,weim-cs-timing" property is an array, but the constraints in the if/then schema are for a matrix. That worked fine when all properties were decoded into a matrix, but now dtschema decodes properties into scalars and arrays based on their type. Signed-off-by: Rob Herring (Arm) Acked-by: Peng Fan Link: https://lore.kernel.org/r/20240807225959.3343093-1-robh@kernel.org Signed-off-by: Krzysztof Kozlowski commit cecab0bb737fb74813733f2472761fc3a93857b1 Author: Andi Shyti Date: Wed Aug 7 11:45:53 2024 +0100 drm/i915/gem: Improve pfn calculation readability in vm_fault_gtt() By moving the pfn calculation to the set_address_limits() function we improve code readability. This way, set_address_limits() is responsible for calculating all memory mapping paramenters: "start", "end" and "pfn". This suggestion from Jonathan was made during the review of commit 8bdd9ef7e9b1 ("drm/i915/gem: Fix Virtual Memory mapping boundaries calculation"), which I liked, but it got lost on the way. Suggested-by: Jonathan Cavitt Signed-off-by: Andi Shyti Reviewed-by: Krzysztof Niemiec Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240807104553.481763-1-andi.shyti@linux.intel.com commit cc9e3e375f4f2e244695040aa416d16ef6d26ddd Author: David Virag Date: Tue Aug 6 14:11:48 2024 +0200 clk: samsung: exynos7885: Add missing MUX clocks from PLLs in CMU_TOP In Exynos7885 (and seemingly all modern Exynos SoCs) all PLLs have a MUX attached to them controlled by bit 4 in the PLL's CON0 register. These MUXes can select between OSCCLK or the PLL's output, essentially making the PLL bypassable. These weren't modeled in the driver because the vendor provided drivers didn't model it properly, instead setting them when updating the PMS values. Not having them modeled didn't cause any problems in this case, since these MUXes were set to the PLL's output by default, but this is not the case everywhere in this SoC. Signed-off-by: David Virag Link: https://lore.kernel.org/r/20240806121157.479212-6-virag.david003@gmail.com Signed-off-by: Krzysztof Kozlowski commit 217a5f23c290c349ceaa37a6f2c014ad4c2d5759 Author: David Virag Date: Tue Aug 6 14:11:47 2024 +0200 clk: samsung: exynos7885: Update CLKS_NR_FSYS after bindings fix Update CLKS_NR_FSYS to the proper value after a fix in DT bindings. This should always be the last clock in a CMU + 1. Fixes: cd268e309c29 ("dt-bindings: clock: Add bindings for Exynos7885 CMU_FSYS") Cc: stable@vger.kernel.org Signed-off-by: David Virag Link: https://lore.kernel.org/r/20240806121157.479212-5-virag.david003@gmail.com Signed-off-by: Krzysztof Kozlowski commit 5828732bc80f5904447115c92ac98cfce0f6f3e6 Merge: 79b918aa997acd b9dee49cc6f9ef Author: Krzysztof Kozlowski Date: Thu Aug 8 11:33:16 2024 +0200 Merge branch 'for-v6.12/clk-dt-bindings' into next/clk commit 9b88d0890ed9adab413ea991fac90842688e1017 Author: Takashi Iwai Date: Thu Aug 8 11:15:21 2024 +0200 ALSA: usb-audio: Check shutdown at endpoint_set_interface() The call of usb_set_interface() and a delay are superfluous when the device has been already disconnected. Add a disconnection check before doing it. Link: https://patch.msgid.link/20240808091522.31415-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit c01f3815453e2d5f699ccd8c8c1f93a5b8669e59 Author: Takashi Iwai Date: Thu Aug 8 11:15:12 2024 +0200 ALSA: hdsp: Break infinite MIDI input flush loop The current MIDI input flush on HDSP and HDSPM drivers relies on the hardware reporting the right value. If the hardware doesn't give the proper value but returns -1, it may be stuck at an infinite loop. Add a counter and break if the loop is unexpectedly too long. Link: https://patch.msgid.link/20240808091513.31380-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 7b986c7430a6bb68d523dac7bfc74cbd5b44ef96 Author: Takashi Iwai Date: Thu Aug 8 11:14:42 2024 +0200 ALSA: asihpi: Fix potential OOB array access ASIHPI driver stores some values in the static array upon a response from the driver, and its index depends on the firmware. We shouldn't trust it blindly. This patch adds a sanity check of the array index to fit in the array size. Link: https://patch.msgid.link/20240808091454.30846-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 001f8443d480773117a013a07f774d252f369bea Author: Vijendar Mukunda Date: Wed Aug 7 10:43:17 2024 +0530 ASoC: SOF: amd: update conditional check for cache register update Instead of desc->rev, use acp pci revision id(pci_rev) for cache register conditional check. Signed-off-by: Vijendar Mukunda Reviewed-by: Ranjani Sridharan Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240807051341.1616925-5-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 5dde0cd2433dc6ef7b82e04276335137cc4c3105 Author: Gustavo A. R. Silva Date: Mon Aug 5 09:28:55 2024 -0600 ASoC: SOF: sof-audio: Avoid -Wflex-array-member-not-at-end warnings -Wflex-array-member-not-at-end was introduced in GCC-14, and we are getting ready to enable it, globally. Move the conflicting declaration to the end of the structure. Notice that `struct snd_sof_pcm` ends in a flexible-array member through `struct snd_soc_tplg_pcm` -> `struct snd_soc_tplg_private`. Whith this, fix the following warnings: sound/soc/sof/sof-audio.h:350:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] ./include/trace/events/../../../sound/soc/sof/sof-audio.h:350:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] sound/soc/amd/../sof/amd/../sof-audio.h:350:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] sound/soc/sof/amd/../sof-audio.h:350:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] sound/soc/sof/intel/../sof-audio.h:350:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] sound/soc/sof/mediatek/mt8186/../../sof-audio.h:350:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] sound/soc/sof/mediatek/mt8195/../../sof-audio.h:350:33: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva Link: https://patch.msgid.link/ZrDvt6eyeFyajq6l@cute Signed-off-by: Mark Brown commit c35fad6f7e0d69b0e9e7e196bdbca3ed03ac24ea Author: Vijendar Mukunda Date: Wed Aug 7 14:21:48 2024 +0530 ASoC: amd: acp: add ZSC control register programming sequence Add ZSC Control register programming sequence for ACP D0 and D3 state transitions for ACP7.0 onwards. This will allow ACP to enter low power state when ACP enters D3 state. When ACP enters D0 State, ZSC control should be disabled. Tested-by: Leo Li Signed-off-by: Vijendar Mukunda Link: https://patch.msgid.link/20240807085154.1987681-1-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 20288905e1ee33af82570b79adee3f15018030d4 Author: Vijendar Mukunda Date: Wed Aug 7 10:38:39 2024 +0530 ASoC: amd: acp: remove MODULE_ALIAS for SoundWire machine driver As module device table added for AMD SoundWire machine driver MODULE_ALIAS is not required. Remove MODULE_ALIAS for AMD SoundWire machine driver. Signed-off-by: Vijendar Mukunda Suggested-by: Krzysztof Kozlowski Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240807050846.1616725-1-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit be942e3d20cf666f6174f47826914c3b5ea61d85 Author: Zhang Yi Date: Wed Aug 7 10:53:56 2024 +0800 ASoC: codecs: ES8326: input issue after init We found an input issue after initiation.So we added the default input source at initiation. Signed-off-by: Zhang Yi Link: https://patch.msgid.link/20240807025356.24904-3-zhangyi@everest-semi.com Signed-off-by: Mark Brown commit 7063a710830a09b01734be7f4ffd23f0ef72a57e Author: Simon Trimmer Date: Wed Aug 7 14:27:15 2024 +0000 ASoC: cs35l56: Use regmap_read_bypassed() to wake the device Now that regmap_read_bypassed() has been added to the kernel it is preferable to wake the device with a read rather than a write as the utility function can be called at a time before the device has been identified. Signed-off-by: Simon Trimmer Link: https://patch.msgid.link/20240807142715.47077-1-simont@opensource.cirrus.com Signed-off-by: Mark Brown commit 1a4f7965016b9685bd158f7f306039ce96d2beb5 Merge: 7d2fb3812acde0 a44b7b57ef1440 Author: Mark Brown Date: Thu Aug 8 09:14:57 2024 +0100 ASoC: Merge fixes So we can apply AMD patches that rely on them. commit b9dee49cc6f9efa97eee059d03b704dec0f45658 Author: David Virag Date: Tue Aug 6 14:11:46 2024 +0200 dt-bindings: clock: exynos7885: Add indices for USB clocks Exynos7885 SoC has a DWC3 USB Controller with Exynos USB PHY which in theory supports USB3 SuperSpeed, but is only used as USB2 in all known devices. These, of course, need some clocks. Add indices for these clocks. Signed-off-by: David Virag Link: https://lore.kernel.org/r/20240806121157.479212-4-virag.david003@gmail.com Signed-off-by: Krzysztof Kozlowski commit 59baa83e30f82b74b4c7dc07c20eac9899b6c0c6 Author: David Virag Date: Tue Aug 6 14:11:45 2024 +0200 dt-bindings: clock: exynos7885: Add CMU_TOP PLL MUX indices Add indices for missing MUX clocks from PLLs in CMU_TOP. Signed-off-by: David Virag Link: https://lore.kernel.org/r/20240806121157.479212-3-virag.david003@gmail.com Signed-off-by: Krzysztof Kozlowski commit abf3a3ea9acb5c886c8729191a670744ecd42024 Author: David Virag Date: Tue Aug 6 14:11:44 2024 +0200 dt-bindings: clock: exynos7885: Fix duplicated binding The numbering in Exynos7885's FSYS CMU bindings has 4 duplicated by accident, with the rest of the bindings continuing with 5. Fix this by moving CLK_MOUT_FSYS_USB30DRD_USER to the end as 11. Since CLK_MOUT_FSYS_USB30DRD_USER is not used in any device tree as of now, and there are no other clocks affected (maybe apart from CLK_MOUT_FSYS_MMC_SDIO_USER which the number was shared with, also not used in a device tree), this is the least impactful way to solve this problem. Fixes: cd268e309c29 ("dt-bindings: clock: Add bindings for Exynos7885 CMU_FSYS") Cc: stable@vger.kernel.org Signed-off-by: David Virag Link: https://lore.kernel.org/r/20240806121157.479212-2-virag.david003@gmail.com Signed-off-by: Krzysztof Kozlowski commit 17419a5c8c75e1f9de01b094f763ec1c6ad02979 Author: José Expósito Date: Tue Jul 16 18:17:26 2024 +0200 drm/vkms: Fix cpu_to_le16()/le16_to_cpu() warnings Building with Sparse enabled prints this warning for cpu_to_le16() calls: warning: incorrect type in assignment (different base types) expected unsigned short [usertype] got restricted __le16 [usertype] And this warning for le16_to_cpu() calls: warning: cast to restricted __le16 Declare the target buffer as __le16 to fix both warnings. Reviewed-by: Thomas Zimmermann Reviewed-by: Louis Chauvet Acked-by: Maíra Canal Signed-off-by: José Expósito Link: https://patchwork.freedesktop.org/patch/msgid/20240716161725.41408-2-jose.exposito89@gmail.com commit c772a2c690182410642ead740f7a84b3a7544b2b Author: Yishai Hadas Date: Thu Aug 1 15:05:10 2024 +0300 net/mlx5: Add IFC related stuff for data direct Add IFC related stuff for data direct. Signed-off-by: Yishai Hadas Link: https://patch.msgid.link/82da7f578a567909bb5858a64ba844fe4cc298fa.1722512548.git.leon@kernel.org Signed-off-by: Leon Romanovsky commit b39c457205d0a3513fed1c3863e7cf9b6d72bf86 Author: Krzysztof Kozlowski Date: Mon Jul 1 18:49:52 2024 +0200 ARM: dts: microchip: at91: align LED node name with bindings Bindings expect the LED node names to follow certain pattern, see dtbs_check warnings: at91sam9g15ek.dtb: leds: 'pb18', 'pd21' do not match any of the regexes: '(^led-[0-9a-f]$|led)', 'pinctrl-[0-9]+' Signed-off-by: Krzysztof Kozlowski Reviewed-by: Alexander Dahl Link: https://lore.kernel.org/r/20240701164952.577277-1-krzysztof.kozlowski@linaro.org Signed-off-by: Claudiu Beznea commit 9dbd9dbed73cf5b69204482ace8c917147f3e718 Author: Alexander Dahl Date: Tue May 28 17:31:09 2024 +0200 ARM: dts: microchip: sam9x60: Move i2c address/size to dtsi These properties are common for all i2c subnodes. Allows to add i2c device nodes (like an rtc for example) in other .dts files including sam9x60.dtsi without requiring to repeat these properties for each i2c device again and again. Found on a custom board after adding this in .dts: &flx5 { atmel,flexcom-mode = ; status = "okay"; i2c5: i2c@600 { pinctrl-0 = <&pinctrl_flx5_default>; status = "okay"; pcf8523: rtc@68 { compatible = "nxp,pcf8523"; reg = <0x68>; }; }; }; … which created a warning like this: […]:236.4-17: Warning (reg_format): /ahb/apb/flexcom@f0004000/i2c@600/rtc@68:reg: property has invalid length (4 bytes) (#address-cells == 2, #size-cells == 1) […]: Warning (pci_device_reg): Failed prerequisite 'reg_format' […]: Warning (pci_device_bus_num): Failed prerequisite 'reg_format' […]: Warning (simple_bus_reg): Failed prerequisite 'reg_format' […]/linux-6.6.25/arch/arm/boot/dts/microchip/sam9x60.dtsi:283.19-299.7: Warning (i2c_bus_bridge): /ahb/apb/flexcom@f0004000/i2c@600: incorrect #address-cells for I2C bus also defined at […]:228.16-238.4 […]/linux-6.6.25/arch/arm/boot/dts/microchip/sam9x60.dtsi:283.19-299.7: Warning (i2c_bus_bridge): /ahb/apb/flexcom@f0004000/i2c@600: incorrect #size-cells for I2C bus also defined at […]:228.16-238.4 […]: Warning (i2c_bus_reg): Failed prerequisite 'reg_format' […]: Warning (i2c_bus_reg): Failed prerequisite 'i2c_bus_bridge' […]: Warning (spi_bus_reg): Failed prerequisite 'reg_format' […]:234.19-237.5: Warning (avoid_default_addr_size): /ahb/apb/flexcom@f0004000/i2c@600/rtc@68: Relying on default #address-cells value […]:234.19-237.5: Warning (avoid_default_addr_size): /ahb/apb/flexcom@f0004000/i2c@600/rtc@68: Relying on default #size-cells value […]: Warning (avoid_unnecessary_addr_size): Failed prerequisite 'avoid_default_addr_size' […]: Warning (unique_unit_address): Failed prerequisite 'avoid_default_addr_size' This probably should have been done with commit 84f23f3284d5 ("ARM: dts: at91: sam9x60: move flexcom definitions") already, where those address-cells and size-cells properties were left in the board .dts files instead of moving them to the dtsi. Signed-off-by: Alexander Dahl Acked-by: Nicolas Ferre Link: https://lore.kernel.org/r/20240528153109.439407-1-ada@thorsis.com [claudiu.beznea: adjusted commit message as the properties are not required anymore] Signed-off-by: Claudiu Beznea commit 40cc4257169712f0ae3835820a4c5afbdd1a16ff Author: Heiko Stuebner Date: Mon Aug 5 18:20:52 2024 +0200 arm64: dts: rockchip: actually enable pmu-io-domains on qnap-ts433 Contrary to the vendor-kernel the pmu-io-domains are not enabled by default. This resulted in the value not being set according to the regulator, which in turn made the gmac0 interface that is connected to the vccio4 supply inoperable. Fixes: 64b7f16fb394 ("arm64: dts: rockchip: add 2 pmu_io_domain supplies for Qnap-TS433") Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240805162052.3345768-1-heiko@sntech.de commit 504dc9f5e62e3beef2554c453576e84993053647 Author: Takashi Iwai Date: Wed Aug 7 15:34:44 2024 +0200 ALSA: core: Drop snd_print stuff and co Now that all users of snd_print*() are gone, let's drop the functions completely. This also makes CONFIG_SND_VERBOSE_PRINTK redundant, and it's dropped, too. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-55-tiwai@suse.de commit 9acb51e9617c28a92f9ce2af767db6bd660a6d4f Author: Takashi Iwai Date: Wed Aug 7 15:34:43 2024 +0200 ALSA: docs: Drop snd_print*() stuff The legacy snd_print*() helpers will be dropped now. Clean up the corresponding documentation, too. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-54-tiwai@suse.de commit 7f5485c4d3190dfc9294f347b2bfcce8c946b966 Author: Takashi Iwai Date: Wed Aug 7 15:34:42 2024 +0200 ALSA: asihpi: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. The debug prints with a special macro snd_printddd() are replaced with the conditional pr_debug(). Unfortunately dev_dbg() can't be applied well due to the lack of the reference to the device pointer. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-53-tiwai@suse.de commit d41abde894830bfb77252653f606473728e930eb Author: Takashi Iwai Date: Wed Aug 7 15:34:41 2024 +0200 ALSA: sparc: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-52-tiwai@suse.de commit 7e88541f006b1c685b8ea5ab2d157724215fd7ac Author: Takashi Iwai Date: Wed Aug 7 15:34:40 2024 +0200 ALSA: sh: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-51-tiwai@suse.de commit 76a6ef90d5400dbd282803a2d4de70b1bef593f7 Author: Takashi Iwai Date: Wed Aug 7 15:34:39 2024 +0200 ALSA: ppc: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-50-tiwai@suse.de commit 7ba0212231bc89571cbb916545ac1237084e1ad6 Author: Takashi Iwai Date: Wed Aug 7 15:34:38 2024 +0200 ALSA: pdaudiocf: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-49-tiwai@suse.de commit 2acbb5e57230830016e0fb2d61886e7a8c7f59ce Author: Takashi Iwai Date: Wed Aug 7 15:34:37 2024 +0200 ALSA: vxpocket: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-48-tiwai@suse.de commit c7e58049a20b2d63c5964f229b11333e5a82168b Author: Takashi Iwai Date: Wed Aug 7 15:34:36 2024 +0200 ALSA: intel8x0: Drop unused snd_printd() calls There are commented out debug prints, which are utterly superfluous. Let's drop them. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-47-tiwai@suse.de commit df04b43fee68367130a17ad2346ff74f36645068 Author: Takashi Iwai Date: Wed Aug 7 15:34:35 2024 +0200 ALSA: usb-audio: Use standard print API Use pr_*() instead of open-coded printk() for code simplicity. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-46-tiwai@suse.de commit f8466d91f36d97e237ea1b3c6f19de980054a1b6 Author: Takashi Iwai Date: Wed Aug 7 15:34:34 2024 +0200 ALSA: usx2y: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Some superfluous debug prints are dropped, and some ambiguous messages are slightly rephrased. The sk.dev pointer is set properly for allowing to call dev_*() functions, too. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-45-tiwai@suse.de commit fea1510719dd2a33e0ffa1eae6118c5437f7071d Author: Takashi Iwai Date: Wed Aug 7 15:34:33 2024 +0200 ALSA: emux: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Some functions are changed to receive snd_card object for calling dev_*() functions, too. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-44-tiwai@suse.de commit def358f9baaa7ca7b04cd8fe1f72af2605f11209 Author: Takashi Iwai Date: Wed Aug 7 15:34:32 2024 +0200 ALSA: trident: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-43-tiwai@suse.de commit 1b28f418e77979629afbe8bdb6bb8c61c96a07f1 Author: Takashi Iwai Date: Wed Aug 7 15:34:31 2024 +0200 ALSA: emu10k1: Use dev_warn() Replace an open-coded printk warning with dev_warn() for code simplicity and consistency. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-42-tiwai@suse.de commit 594508d5f35876ab9b9385bc8bc1ec9e200af0df Author: Takashi Iwai Date: Wed Aug 7 15:34:30 2024 +0200 ALSA: azt3328: Use pr_warn() Replace with the standard print API from the home-baked one. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-41-tiwai@suse.de commit 8455587c892437aeac0f87d2d502f9c7fb60e8f7 Author: Takashi Iwai Date: Wed Aug 7 15:34:29 2024 +0200 ALSA: lx6464es: Cleanup the print API usages Use pr_debug() instead of open-coded printk(). Also drop a few snd_printdd() calls that can be better done via ftrace. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-40-tiwai@suse.de commit adf72c364816c16f448ecb3f0f193fc06bbb9939 Author: Takashi Iwai Date: Wed Aug 7 15:34:28 2024 +0200 ALSA: korg1212: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-39-tiwai@suse.de commit 8aee49444faa6dfe061ac1252f4901a179047899 Author: Takashi Iwai Date: Wed Aug 7 15:34:27 2024 +0200 ALSA: riptide: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. The device pointer is stored in struct cmdif for calling dev_*() functions. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-38-tiwai@suse.de commit 661c43fcdf622dffdf2d4f4e8d3276a4df59b920 Author: Takashi Iwai Date: Wed Aug 7 15:34:26 2024 +0200 ALSA: wss: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-37-tiwai@suse.de commit 8b4ac5429938dd5f1fbf2eea0687f08cbcccb6be Author: Takashi Iwai Date: Wed Aug 7 15:34:25 2024 +0200 ALSA: wavefront: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-36-tiwai@suse.de commit 610f04ca710cef5ab35dd14accfb0d14eaa822a0 Author: Takashi Iwai Date: Wed Aug 7 15:34:24 2024 +0200 ALSA: sscape: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. The device pointer is stored in struct soundscape for calling dev_*(). Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-35-tiwai@suse.de commit e7c475b92043c02c3e6cd0c20e308fbb6f03ebde Author: Takashi Iwai Date: Wed Aug 7 15:34:23 2024 +0200 ALSA: sc6000: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Some functions are changed to receive a device pointer to be passed to dev_*() calls. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-34-tiwai@suse.de commit 55c531bd81a66e1c3a0dd35e8ec07237ba9dce49 Author: Takashi Iwai Date: Wed Aug 7 15:34:22 2024 +0200 ALSA: pcm: oss: Use pr_debug() Use the standard print API instead of open-coded printk(). Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-33-tiwai@suse.de commit 56887daf2fa9206fa0fec7cfe6428835e0b66264 Author: Takashi Iwai Date: Wed Aug 7 15:34:21 2024 +0200 ALSA: control_led: Use dev_err() Use the standard print API instead of open-coded printk(). Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-32-tiwai@suse.de commit b8986876e7196941c9723065e893af1a6528ecee Author: Takashi Iwai Date: Wed Aug 7 15:34:20 2024 +0200 ALSA: sb: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Some functions are changed to receive snd_card pointer for referring to the device pointer for dev_*() calls, too. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-31-tiwai@suse.de commit 40b15de3c4f23994f53f930e94939c7b6a0cc52f Author: Takashi Iwai Date: Wed Aug 7 15:34:19 2024 +0200 ALSA: opti9xx: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. The card pointer is stored in struct snd_opti9xx and snd_miro to be referred for dev_*() calls. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-30-tiwai@suse.de commit 764a55bb8d41e7d4fc0686898c32e9a5b56493db Author: Takashi Iwai Date: Wed Aug 7 15:34:18 2024 +0200 ALSA: opl3sa2: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. The card pointer is stored in struct snd_opl3sa2 to be referred for dev_*() calls. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-29-tiwai@suse.de commit b48601834da44698f56569f6660fa7dac17a6f12 Author: Takashi Iwai Date: Wed Aug 7 15:34:17 2024 +0200 ALSA: msnd: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-28-tiwai@suse.de commit a6676811deb7e6b35d541437f49cd84c6b6d72bc Author: Takashi Iwai Date: Wed Aug 7 15:34:16 2024 +0200 ALSA: gus: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Some commented-out debug prints and dead code are dropped as well. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-27-tiwai@suse.de commit 12174dfee07e28c6e721d072174a128ec8433bb6 Author: Takashi Iwai Date: Wed Aug 7 15:34:15 2024 +0200 ALSA: es18xx: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. For referring to the device, introduce snd_card pointer to struct snd_es18xx. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-26-tiwai@suse.de commit 7f7eff209ee283eec9ae56e9c1446dd1ac3e1022 Author: Takashi Iwai Date: Wed Aug 7 15:34:14 2024 +0200 ALSA: es1688: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. For referring to the device, introduce snd_card pointer to struct snd_es1688. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-25-tiwai@suse.de commit 257d0c813b65cd2afb5ee68c026053d011509063 Author: Takashi Iwai Date: Wed Aug 7 15:34:13 2024 +0200 ALSA: cs4236: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-24-tiwai@suse.de commit 6aa5cb8540d0763cd00c97eb7855c80c6eb4b7a7 Author: Takashi Iwai Date: Wed Aug 7 15:34:12 2024 +0200 ALSA: cmi8330: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-23-tiwai@suse.de commit 09d1e9b4c18e46feb85f1e8738babf31b00632bf Author: Takashi Iwai Date: Wed Aug 7 15:34:11 2024 +0200 ALSA: cmi8328: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-22-tiwai@suse.de commit 80134f1bc7b34360ffb42629d4ad6e06b667bb00 Author: Takashi Iwai Date: Wed Aug 7 15:34:10 2024 +0200 ALSA: azt2320: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-21-tiwai@suse.de commit 2508acd40301685f362eb6fdaf79da191ba8ec4f Author: Takashi Iwai Date: Wed Aug 7 15:34:09 2024 +0200 ALSA: als100: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Use the standard print API instead of open-coded printk(). Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-20-tiwai@suse.de commit 20869176d7a7509bad9ea6b895469aebea9c8f21 Author: Takashi Iwai Date: Wed Aug 7 15:34:08 2024 +0200 ALSA: ad1816a: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-19-tiwai@suse.de commit ae1873eeb8bac3f5c188637f24d8e8714e994929 Author: Takashi Iwai Date: Wed Aug 7 15:34:07 2024 +0200 ALSA: i2c: Drop commented old debug prints There are quite a few commented-out debug prints that have never been used in the production code. Let's rip them off for code cleanness. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-18-tiwai@suse.de commit 1ac6352e50780603bbae44eda7b3cc0036b1013f Author: Takashi Iwai Date: Wed Aug 7 15:34:06 2024 +0200 ALSA: i2c: pt2258: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-17-tiwai@suse.de commit e71391ba9434823621886538c9db9e4c3946f1ba Author: Takashi Iwai Date: Wed Aug 7 15:34:05 2024 +0200 ALSA: i2c: cs8427: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-16-tiwai@suse.de commit 9cbe416b9356e84863dff02112d3d3c095f881f8 Author: Takashi Iwai Date: Wed Aug 7 15:34:04 2024 +0200 ALSA: pcsp: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-15-tiwai@suse.de commit 650dcf25e181ff1dc4f9f107f1fa71e802c14d1b Author: Takashi Iwai Date: Wed Aug 7 15:34:03 2024 +0200 ALSA: dummy: Use standard print API Use pr_*() macro instead of open-coded printk() just for code simplification. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-14-tiwai@suse.de commit ca2f73ffaadacb14a7232aee5c2b5854483f5c40 Author: Takashi Iwai Date: Wed Aug 7 15:34:02 2024 +0200 ALSA: aloop: Use standard print API Use pr_err() instead of open-coded printk() just for code simplification. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-13-tiwai@suse.de commit 41abc8056dd3125d4a9b7ac0f4087dfb67580d95 Author: Takashi Iwai Date: Wed Aug 7 15:34:01 2024 +0200 ALSA: vx_core: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. The commented old debug prints are dropped, too. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-12-tiwai@suse.de commit b426b3ba9f6fe17990893c5324727dd217d420b6 Author: Takashi Iwai Date: Wed Aug 7 15:34:00 2024 +0200 ALSA: vx_core: Drop unused dev field The vx_core.dev field has never been set but referred incorrectly at firmware loading. Pass the proper device pointer from card->dev at request_firmware(), and drop the unused dev field from vx_core, too. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-11-tiwai@suse.de commit b5557ef985301d7ca2ba08f8e9c22ba4f8c30d5d Author: Takashi Iwai Date: Wed Aug 7 15:33:59 2024 +0200 ALSA: virmidi: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-10-tiwai@suse.de commit 4d82bf10d1625d4b19443af1aaeca2b4202e0334 Author: Takashi Iwai Date: Wed Aug 7 15:33:58 2024 +0200 ALSA: serial-u16550: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-9-tiwai@suse.de commit 7debf0350e264c431f8c029a15d799317dd5d052 Author: Takashi Iwai Date: Wed Aug 7 15:33:57 2024 +0200 ALSA: opl4: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-8-tiwai@suse.de commit a2fa882d6dea19b4488b10f40334e04c77503ffc Author: Takashi Iwai Date: Wed Aug 7 15:33:56 2024 +0200 ALSA: opl3: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Some debug prints are cleaned up with a macro, too. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-7-tiwai@suse.de commit 1e594f9a7ba8bac7dd8e5bdd74cd786e0e00246c Author: Takashi Iwai Date: Wed Aug 7 15:33:55 2024 +0200 ALSA: mtpav: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. The commented-out debug prints got removed, too. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-6-tiwai@suse.de commit 1fa884ebeb73cfe5ff078606b8888aec38103e2b Author: Takashi Iwai Date: Wed Aug 7 15:33:54 2024 +0200 ALSA: mpu401_uart: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. The assignment of mpu->rmidi was moved to an earlier place, so that dev_*() can access to the proper device pointer. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-5-tiwai@suse.de commit 2bddeda8ac8d5f773edcb63fd60fb2db332b029d Author: Takashi Iwai Date: Wed Aug 7 15:33:53 2024 +0200 ALSA: mpu401: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-4-tiwai@suse.de commit f7d4adacc588d995e76a85f42064af2c7dc0fa83 Author: Takashi Iwai Date: Wed Aug 7 15:33:52 2024 +0200 ALSA: mts64: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-3-tiwai@suse.de commit 94cd66f8dcad8faba7a3425c324c83464ac60887 Author: Takashi Iwai Date: Wed Aug 7 15:33:51 2024 +0200 ALSA: portman2x4: Use standard print API Use the standard print API with dev_*() instead of the old house-baked one. It gives better information and allows dynamically control of debug prints. Reviewed-by: Jaroslav Kysela Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807133452.9424-2-tiwai@suse.de commit 91d516d4de48532d967a77967834e00c8c53dfe6 Author: Simon Horman Date: Tue Aug 6 12:28:24 2024 +0100 net: mvpp2: Increase size of queue_name buffer Increase size of queue_name buffer from 30 to 31 to accommodate the largest string written to it. This avoids truncation in the possibly unlikely case where the string is name is the maximum size. Flagged by gcc-14: .../mvpp2_main.c: In function 'mvpp2_probe': .../mvpp2_main.c:7636:32: warning: 'snprintf' output may be truncated before the last format character [-Wformat-truncation=] 7636 | "stats-wq-%s%s", netdev_name(priv->port_list[0]->dev), | ^ .../mvpp2_main.c:7635:9: note: 'snprintf' output between 10 and 31 bytes into a destination of size 30 7635 | snprintf(priv->queue_name, sizeof(priv->queue_name), | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 7636 | "stats-wq-%s%s", netdev_name(priv->port_list[0]->dev), | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 7637 | priv->port_count > 1 ? "+" : ""); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Introduced by commit 118d6298f6f0 ("net: mvpp2: add ethtool GOP statistics"). I am not flagging this as a bug as I am not aware that it is one. Compile tested only. Signed-off-by: Simon Horman Reviewed-by: Marcin Wojtas Link: https://patch.msgid.link/20240806-mvpp2-namelen-v1-1-6dc773653f2f@kernel.org Signed-off-by: Jakub Kicinski commit 7d70ed9f9c6a9537379ff645d6befea4c203aa98 Author: Nikolay Aleksandrov Date: Tue Aug 6 13:45:31 2024 +0300 doc/netlink/specs: add netkit support to rt_link.yaml Add netkit support to rt_link.yaml. Only forward(PASS) and blackhole(DROP) policies are allowed to be set by user-space so I've added only them to the yaml to avoid confusion. Example: $ ./tools/net/ynl/cli.py \ --spec Documentation/netlink/specs/rt_link.yaml \ --do getlink --json '{"ifname": "netkit0"}' --output-json | jq ... "linkinfo": { "kind": "netkit", "data": { "primary": 1, "policy": "blackhole", "mode": "l2", "peer-policy": "forward" } }, ... Signed-off-by: Nikolay Aleksandrov Link: https://patch.msgid.link/20240806104531.3296718-1-razor@blackwall.org Signed-off-by: Jakub Kicinski commit 93b828cc8e2a87355ee5e852d27c21fdee27591b Author: Simon Horman Date: Tue Aug 6 10:56:52 2024 +0100 bonding: Pass string literal as format argument of alloc_ordered_workqueue() Recently I noticed that both gcc-14 and clang-18 report that passing a non-string literal as the format argument of alloc_ordered_workqueue is potentially insecure. F.e. clang-18 says: .../bond_main.c:6384:37: warning: format string is not a string literal (potentially insecure) [-Wformat-security] 6384 | bond->wq = alloc_ordered_workqueue(bond_dev->name, WQ_MEM_RECLAIM); | ^~~~~~~~~~~~~~ .../workqueue.h:524:18: note: expanded from macro 'alloc_ordered_workqueue' 524 | alloc_workqueue(fmt, WQ_UNBOUND | __WQ_ORDERED | (flags), 1, ##args) | ^~~ .../bond_main.c:6384:37: note: treat the string as an argument to avoid this 6384 | bond->wq = alloc_ordered_workqueue(bond_dev->name, WQ_MEM_RECLAIM); | ^ | "%s", ..../workqueue.h:524:18: note: expanded from macro 'alloc_ordered_workqueue' 524 | alloc_workqueue(fmt, WQ_UNBOUND | __WQ_ORDERED | (flags), 1, ##args) | ^ Perhaps it is always the case where the contents of bond_dev->name is safe to pass as the format argument. That is, in my understanding, it never contains any format escape sequences. But, it seems better to be safe than sorry. And, as a bonus, compiler output becomes less verbose by addressing this issue as suggested by clang-18. Signed-off-by: Simon Horman Acked-by: Jay Vosburgh Link: https://patch.msgid.link/20240806-bonding-fmt-v1-1-e75027e45775@kernel.org Signed-off-by: Jakub Kicinski commit de6c7b9ada33046481a094be073b85a25dcffcaf Author: Fabio Estevam Date: Mon Aug 5 23:16:28 2024 -0300 net: fec: Switch to RUNTIME/SYSTEM_SLEEP_PM_OPS() Replace SET_RUNTIME_PM_OPS()/SET SYSTEM_SLEEP_PM_OPS() with their modern RUNTIME_PM_OPS() and SYSTEM_SLEEP_PM_OPS() alternatives. The combined usage of pm_ptr() and RUNTIME_PM_OPS/SYSTEM_SLEEP_PM_OPS() allows the compiler to evaluate if the runtime suspend/resume() functions are used at build time or are simply dead code. This allows removing the __maybe_unused notation from the runtime suspend/resume() functions. Signed-off-by: Fabio Estevam Reviewed-by: Peng Fan Link: https://patch.msgid.link/20240806021628.2524089-1-festevam@gmail.com Signed-off-by: Jakub Kicinski commit 3f49edf44bd660d393b68a2b1d77a0841fb7f21d Author: Gustavo A. R. Silva Date: Mon Aug 5 09:30:26 2024 -0600 net/fungible: Avoid -Wflex-array-member-not-at-end warning Use the `DEFINE_RAW_FLEX()` helper for an on-stack definition of a flexible structure where the size of the flexible-array member is known at compile-time, and refactor the rest of the code, accordingly. So, with these changes, fix the following warning: drivers/net/ethernet/fungible/funcore/fun_dev.c:550:43: warning: structure containing a flexible array member is not at the end of another structure [-Wflex-array-member-not-at-end] Signed-off-by: Gustavo A. R. Silva Link: https://patch.msgid.link/ZrDwEugW7DR/FlP5@cute Signed-off-by: Jakub Kicinski commit 1b4ec561b47d806eb0752a73837c2248bf622c06 Author: Macpaul Lin Date: Wed Aug 7 17:17:38 2024 +0800 regulator: dt-bindings: mediatek,mt6397-regulator: convert to YAML Convert the MediaTek MT6397 regulator bindings to DT schema. Signed-off-by: Sen Chu Signed-off-by: Macpaul Lin Acked-by: Conor Dooley Link: https://patch.msgid.link/20240807091738.18387-1-macpaul.lin@mediatek.com Signed-off-by: Mark Brown commit caab9a1cbb9a9fca24ceabeef57b3764d861ad32 Author: Linus Walleij Date: Wed Aug 7 17:02:34 2024 +0200 ASoC: tas*: Drop unused GPIO includes These drivers all use and has no business including the legacy headers or . Drop the surplus includes. Signed-off-by: Linus Walleij Link: https://patch.msgid.link/20240807-asoc-tas-gpios-v2-3-bd0f2705d58b@linaro.org Signed-off-by: Mark Brown commit 1c4b509edad15192bfb64c81d3c305bbae8070db Author: Linus Walleij Date: Wed Aug 7 17:02:33 2024 +0200 ASoC: tas2781-i2c: Get the right GPIO line The code is obtaining a GPIO reset using the reset GPIO name "reset-gpios", but the gpiolib is already adding the suffix "-gpios" to anything passed to this function and will be looking for "reset-gpios-gpios" which is most certainly not what the author desired. Fix it up. Fixes: ef3bcde75d06 ("ASoC: tas2781: Add tas2781 driver") Signed-off-by: Linus Walleij Link: https://patch.msgid.link/20240807-asoc-tas-gpios-v2-2-bd0f2705d58b@linaro.org Signed-off-by: Mark Brown commit c2c0b67dca3cb3b3cea0dd60075a1c5ba77e2fcd Author: Linus Walleij Date: Wed Aug 7 17:02:32 2024 +0200 ASoC: tas2781-i2c: Drop weird GPIO code The tas2781-i2c driver gets an IRQ from either ACPI or device tree, then proceeds to check if the IRQ has a corresponding GPIO and in case it does enforce the GPIO as input and set a label on it. This is abuse of the API: - First we cannot guarantee that the numberspaces of the GPIOs and the IRQs are the same, i.e that an IRQ number corresponds to a GPIO number like that. - Second, GPIO chips and IRQ chips should be treated as orthogonal APIs, the irqchip needs to ascertain that the backing GPIO line is set to input etc just using the irqchip. - Third it is using the legacy API which should not be used in new code yet this was added just a year ago. Delete the offending code. If this creates problems the GPIO and irqchip maintainers can help to fix the issues. It *should* not create any problems, because the irq isn't used anywhere in the driver, it's just obtained and then left unused. Fixes: ef3bcde75d06 ("ASoC: tas2781: Add tas2781 driver") Signed-off-by: Linus Walleij Link: https://patch.msgid.link/20240807-asoc-tas-gpios-v2-1-bd0f2705d58b@linaro.org Signed-off-by: Mark Brown commit 53af1a4b6a55b3910a253fce7a0893e6d51952be Author: Steven Rostedt (Google) Date: Thu May 23 12:45:41 2024 -0400 tracing/selftests: Run the ownership test twice A regression happened where running the ownership test passes on the first iteration but fails running it a second time. This was caught and fixed, but a later change brought it back. The regression was missed because the automated tests only run the tests once per boot. Change the ownership test to iterate through the tests twice, as this will catch the regression with a single run. Signed-off-by: Steven Rostedt (Google) Acked-by: Masami Hiramatsu (Google) Signed-off-by: Shuah Khan commit 98f8faea4b6379de2c1483125253b73f7449e6b6 Author: Masami Hiramatsu (Google) Date: Fri May 24 09:49:55 2024 +0900 selftests/uprobes: Add a basic uprobe testcase Add a basic uprobe testcase which checks whether add/remove/trace operations works on /bin/sh. Signed-off-by: Masami Hiramatsu (Google) Reviewed-by: Steven Rostedt (Google) Signed-off-by: Shuah Khan commit 602bce7e5edeb0d701ee2074fe512c4d793dac0d Author: Carlos Bilbao Date: Fri Jul 19 19:22:06 2024 -0500 docs: scheduler: Start documenting the EEVDF scheduler Add some documentation regarding the newly introduced scheduler EEVDF. Signed-off-by: Carlos Bilbao Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240720002207.444286-2-carlos.bilbao.osdev@gmail.com commit e9c7acd723127f0b9bf78202a02f2e5e7d0b6a4f Author: Shibu Kumar Date: Sun Aug 4 00:03:03 2024 +0530 docs: dm-crypt: Removal of unexpected indentation error Add the required indentation to fix this docs build error: Documentation/admin-guide/device-mapper/dm-crypt.rst:167: ERROR: Unexpected indentation. Also split the documentation for read and write into separate blocks. Signed-off-by: Shibu kumar shibukumar.bit@gmail.com [jc: rewrote changelog] Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240803183306.32425-1-shibukumar.bit@gmail.com commit 91031ca349ee607b3e1adc34578a33af5708a96c Author: Jiamu Sun Date: Sun Aug 4 02:19:09 2024 +0900 docs: improve comment consistency in .muttrc example configuration Added a space to align comment formatting; this helps improve consistency and visual uniformity. Signed-off-by: Jiamu Sun Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/SY0P300MB0801D1A4B278157CA7C92DE2CEBC2@SY0P300MB0801.AUSP300.PROD.OUTLOOK.COM commit 195a56986c50599e5d10a558c12f74266fd51bab Author: Breno Leitao Date: Fri Jul 26 05:09:30 2024 -0700 docs: fault-injection: document cache-filter feature for failslab The failslab fault injection mechanism has an undocumented capability that provides significant utility in testing and debugging. This feature, introduced in commit 4c13dd3b48fcb ("failslab: add ability to filter slab caches"), allows for targeted error injection into specific slab caches. However, it was inadvertently left undocumented at the time of its implementation. Add documentation for the cache-filter feature in the failslab mode description. Also, providing a practical example demonstrating how to use cache-filter to inject failures specifically when allocating socket buffers (skbs). Signed-off-by: Breno Leitao Reviewed-by: Akinobu Mita Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240726120930.3231333-1-leitao@debian.org commit 85878ff1b31f376a37b885824851fa8c1c3ae048 Author: Heiko Carstens Date: Thu Aug 1 11:48:26 2024 +0200 s390/entry: Move early_pgm_check_handler() to init text section Save some bytes and move early_pgm_check_handler() to init text section. Reviewed-by: Alexander Gordeev Signed-off-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit 3c4d0ae0671827f4b536cc2d26f8b9c54584ccc5 Author: Heiko Carstens Date: Wed Jul 31 15:26:01 2024 +0200 s390/traps: Handle early warnings gracefully Add missing warning handling to the early program check handler. This way a warning is printed to the console as soon as the early console is setup, and the kernel continues to boot. Before this change a disabled wait psw was loaded instead and the machine was silently stopped without giving an idea about what happened. Reviewed-by: Sven Schnelle Signed-off-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit f101b305a7b9513a8042a2cf09018de4ff371af2 Author: Heiko Carstens Date: Wed Jul 31 15:26:00 2024 +0200 s390/entry: Make early program check handler relocated lowcore aware Add the missing pieces so the early program check handler also works with a relocated lowcore. Right now the result of an early program check in case of a relocated lowcore would be a program check loop. Fixes: 8f1e70adb1a3 ("s390/boot: Add cmdline option to relocate lowcore") Reviewed-by: Sven Schnelle Signed-off-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit f2bb5b97b51ce5425e8f59f899643ce4eadba667 Author: Heiko Carstens Date: Wed Jul 31 15:25:59 2024 +0200 s390/entry: Move early program check handler to entry.S Have all program check handlers in one file to make future changes easy. Reviewed-by: Alexander Gordeev Reviewed-by: Sven Schnelle Signed-off-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit d0e7915d2ad3c628488f76cb9156b203bd917d54 Author: Heiko Carstens Date: Mon Jul 29 17:09:40 2024 +0200 s390/mm/ptdump: Generate address marker array dynamically Generate the address marker array dynamically instead of modifying a large static array at kernel startup. Each marker is added twice to the array: with and without a "start" indicator. This way the code and logic stays similar to other architectures. Acked-by: Alexander Gordeev Signed-off-by: Heiko Carstens Signed-off-by: Vasily Gorbik commit e09e58f425ad42726c008673b490aef53da10f1f Author: Thomas Richter Date: Thu Jul 25 14:13:06 2024 +0200 s390/cpum_sf: Use variable name cpuhw consistently All functions but setup_pmc_cpu() use a local variable named cpuhw to refer to struct cpu_hw_sf. In setup_pmc_cpu() rename variable cpusf to cpuhw. This makes the naming scheme consistent with all other functions. No functional change. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Signed-off-by: Vasily Gorbik commit 6bc565a99e77c8ced71c1184cebe4dda3bb4fa73 Author: Thomas Richter Date: Tue Jul 9 10:55:04 2024 +0200 s390/cpum_sf: Define and initialize variable Define and initialize a variable in one place. Remove space between cast and variable. No functional change. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Signed-off-by: Vasily Gorbik commit b20182829001f945ac854e22f305eb92917d5a1a Author: Thomas Richter Date: Thu Jul 25 13:20:32 2024 +0200 s390/cpum_sf: Use hwc as variable consistently In hw_perf_event_update() and cpumsf_pmu_enable() use variable hwc consistently to access event's hardware related data. No functional change. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Signed-off-by: Vasily Gorbik commit d4559eabc1a61c1f9e99ed34489f060a2097598d Author: Thomas Richter Date: Mon Jul 1 10:59:09 2024 +0200 s390/cpum_cf: Move defines from header file to source file The macros PERF_CPUM_CF_MAX_CTR and PERF_EVENT_CPUM_CF_DIAG are used in only one source file arch/s390/kernel/perf_cpum_cf.c. Move these defines from the header file arch/s390/include/asm/perf_event.h to the only user. No functional change. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Signed-off-by: Vasily Gorbik commit 52d6ef92a4711964d403e82a00ae2ef509b53eae Author: Thomas Richter Date: Thu Jun 27 09:45:48 2024 +0200 s390/cpum_sf: Move defines from header file to source file Some defines in common header file arch/s390/include/asm/perf_event.h are only used in one source file arch/s390/kernel/perf_cpum_sf.c. Move these defines from header to source file. No functional change. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Signed-off-by: Vasily Gorbik commit 501cab2b1d12d7ce34f6b0c36c1ff45aec7500b2 Author: Thomas Richter Date: Tue Jun 25 12:36:21 2024 +0200 s390/cpum_sf: Rename macro to consistent prefix Rename macro SAMPLE_FREQ_MODE to SAMPL_FREQ_MODE to make its prefix consistent with all other macro starting with prefix SAMPL_XXX. No functional change. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Signed-off-by: Vasily Gorbik commit ea95be4bda694d9000677c04efd15a09cd3ee1d2 Author: Thomas Richter Date: Thu Jun 27 09:02:06 2024 +0200 s390/cpum_sf: Remove unused defines REG_NONE and REG_OVERFLOW Member hw_perf_event::reg.reg is set but never used, so remove it. Defines REG_NONE and REG_OVERFLOW are not referenced anymore. The initialization to zero takes place in function perf_event_alloc() where ... event = kmem_cache_alloc_node(perf_event_cache, GFP_KERNEL | __GFP_ZERO, node); ... makes sure memory allocated for the event is zero'ed. This is done in the kernel's common code in kernel/events/core.c The struct perf_event contains member hw_perf_event as in struct perf_event { .... struct hw_perf_event hw; .... }; This contained sub-structure is also initialized to zero. No functional change. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Signed-off-by: Vasily Gorbik commit ba38df7a9b2c3d38a53bb26443add88ca24c970e Author: Thomas Richter Date: Tue Jun 25 11:46:04 2024 +0200 s390/cpum_sf: Remove unused define PERF_CPUM_SF_MODE_MASK Remove unreferenced marco PERF_CPUM_SF_MODE_MASK. No functional change. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Signed-off-by: Vasily Gorbik commit 8a6fe8f21ec4f049a7b1fe120ad50a5065a9c7a8 Author: Thomas Richter Date: Wed Jun 19 16:01:11 2024 +0200 s390/cpum_sf: Use refcount_t instead of atomic_t Replace atomic_t by refcount_t for reference counting of events. Signed-off-by: Thomas Richter Acked-by: Sumanth Korikkar Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Alexander Gordeev Signed-off-by: Vasily Gorbik commit f63ea3e075620f35fa87ccfe821d4d0273df0456 Merge: 6e083ab095cabc 8681156c0939a7 Author: Alexei Starovoitov Date: Wed Aug 7 11:26:54 2024 -0700 Merge branch 'add-bpf_get_dentry_xattr' Song Liu says: ==================== Add bpf_get_dentry_xattr Add a kfunc to read xattr from dentry. Also add selftest for the new kfunc. Changes v3 => v4: 1. Fix selftest build. V3: https://lore.kernel.org/bpf/20240806203340.3503805-1-song@kernel.org/T/#u Changes v2 => v3: 1. Move the kfuncs to fs/bpf_fs_kfuncs.c. 2. Fix selftests build error on s390. (Alexei) v2: https://lore.kernel.org/bpf/20240730230805.42205-1-song@kernel.org/T/#u Changes v1 => v2: 1. Remove 3 kfuncs that are ready yet. v1: https://lore.kernel.org/linux-fsdevel/20240725234706.655613-1-song@kernel.org/T/#u ==================== Link: https://lore.kernel.org/r/20240806230904.71194-1-song@kernel.org Signed-off-by: Alexei Starovoitov commit 8681156c0939a7511c47b9cc462390a83f0e846a Author: Song Liu Date: Tue Aug 6 16:09:04 2024 -0700 selftests/bpf: Add tests for bpf_get_dentry_xattr Add test for bpf_get_dentry_xattr on hook security_inode_getxattr. Verify that the kfunc can read the xattr. Also test failing getxattr from user space by returning non-zero from the LSM bpf program. Acked-by: Christian Brauner Signed-off-by: Song Liu Link: https://lore.kernel.org/r/20240806230904.71194-4-song@kernel.org Signed-off-by: Alexei Starovoitov commit ac13a4261afe81ca423eddd8e6571078fe2a7cea Author: Song Liu Date: Tue Aug 6 16:09:03 2024 -0700 bpf: Add kfunc bpf_get_dentry_xattr() to read xattr from dentry This kfunc can be used in LSM hooks with dentry, such as: security_inode_listxattr security_inode_permission and many more. Acked-by: Christian Brauner Signed-off-by: Song Liu Link: https://lore.kernel.org/r/20240806230904.71194-3-song@kernel.org Signed-off-by: Alexei Starovoitov commit fa4e5afa9758e6567a6a54ea7bf53d570ec94881 Author: Song Liu Date: Tue Aug 6 16:09:02 2024 -0700 bpf: Move bpf_get_file_xattr to fs/bpf_fs_kfuncs.c We are putting all fs kfuncs in fs/bpf_fs_kfuncs.c. Move existing bpf_get_file_xattr to it. Signed-off-by: Song Liu Link: https://lore.kernel.org/r/20240806230904.71194-2-song@kernel.org Signed-off-by: Alexei Starovoitov commit cd7d3f4f9756df0b14e5c91d6ba072372033ba18 Merge: 0274d8098291d8 a366e46da10d7b Author: Linus Walleij Date: Wed Aug 7 19:56:33 2024 +0200 Merge tag 'intel-pinctrl-v6.11-1' of git://git.kernel.org/pub/scm/linux/kernel/git/pinctrl/intel into devel intel-pinctrl for v6.11-1 This includes a new ACPI ID that is added to the Intel Meteor Lake driver to support recent Intel Arrow Lake hardware. Signed-off-by: Linus Walleij commit 4ab9f870a6335af27507d1f3bfb29635d956af48 Author: Christophe JAILLET Date: Sun Aug 4 08:32:44 2024 +0200 wifi: b43: Constify struct lpphy_tx_gain_table_entry 'struct lpphy_tx_gain_table_entry' are not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 16481 6232 0 22713 58b9 drivers/net/wireless/broadcom/b43/tables_lpphy.o After: ===== text data bss dec hex filename 22305 395 0 22700 58ac drivers/net/wireless/broadcom/b43/tables_lpphy.o Signed-off-by: Christophe JAILLET Acked-By: Michael Büsch Signed-off-by: Kalle Valo Link: https://patch.msgid.link/e33bc9e6dff4a5b6cd8d0ab5399aa1abac5bef9d.1722753127.git.christophe.jaillet@wanadoo.fr commit ae04f69de0bef93c7086cf2983dbc8e8fd624ebe Author: Qais Yousef Date: Mon Jun 10 20:20:18 2024 +0100 sched/rt: Rename realtime_{prio, task}() to rt_or_dl_{prio, task}() Some find the name realtime overloaded. Use rt_or_dl() as an alternative, hopefully better, name. Suggested-by: Daniel Bristot de Oliveira Signed-off-by: Qais Yousef Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240610192018.1567075-4-qyousef@layalina.io commit b166af3db70fdcecf125662a2360471bb20be203 Author: Qais Yousef Date: Mon Jun 10 20:20:17 2024 +0100 sched/rt, dl: Convert functions to return bool {rt, realtime, dl}_{task, prio}() functions' return value is actually a bool. Convert their return type to reflect that. Suggested-by: "Steven Rostedt (Google)" Signed-off-by: Qais Yousef Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Sebastian Andrzej Siewior Reviewed-by: "Steven Rostedt (Google)" Reviewed-by: Metin Kaya Link: https://lore.kernel.org/r/20240610192018.1567075-3-qyousef@layalina.io commit 130fd056dd82b02db9a661c013071af35309be1a Author: Qais Yousef Date: Mon Jun 10 20:20:16 2024 +0100 sched/rt: Clean up usage of rt_task() rt_task() checks if a task has RT priority. But depends on your dictionary, this could mean it belongs to RT class, or is a 'realtime' task, which includes RT and DL classes. Since this has caused some confusion already on discussion [1], it seemed a clean up is due. I define the usage of rt_task() to be tasks that belong to RT class. Make sure that it returns true only for RT class and audit the users and replace the ones required the old behavior with the new realtime_task() which returns true for RT and DL classes. Introduce similar realtime_prio() to create similar distinction to rt_prio() and update the users that required the old behavior to use the new function. Move MAX_DL_PRIO to prio.h so it can be used in the new definitions. Document the functions to make it more obvious what is the difference between them. PI-boosted tasks is a factor that must be taken into account when choosing which function to use. Rename task_is_realtime() to realtime_task_policy() as the old name is confusing against the new realtime_task(). No functional changes were intended. [1] https://lore.kernel.org/lkml/20240506100509.GL40213@noisy.programming.kicks-ass.net/ Signed-off-by: Qais Yousef Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Phil Auld Reviewed-by: "Steven Rostedt (Google)" Reviewed-by: Sebastian Andrzej Siewior Link: https://lore.kernel.org/r/20240610192018.1567075-2-qyousef@layalina.io commit 1a92f0387b17c8cb4548185675fb42de670f9794 Author: Varshini Rajendran Date: Mon Jul 29 12:39:16 2024 +0530 ARM: at91: Kconfig: add config flag for SAM9X7 SoC Add config flag for sam9x7 SoC. Signed-off-by: Varshini Rajendran Reviewed-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240729070916.1991370-1-varshini.rajendran@microchip.com Signed-off-by: Claudiu Beznea commit 5eb64f2b368f32cb4c31975fc42485c09b693c65 Author: Varshini Rajendran Date: Mon Jul 29 12:37:11 2024 +0530 ARM: at91: add support in SoC driver for new sam9x7 Add support for SAM9X7 SoC in the SoC driver. Signed-off-by: Varshini Rajendran Reviewed-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240729070711.1990605-1-varshini.rajendran@microchip.com Signed-off-by: Claudiu Beznea commit 2488bde930e59cdb148d8574a611fb1825cfc109 Author: Varshini Rajendran Date: Mon Jul 29 12:37:05 2024 +0530 ARM: at91: pm: add sam9x7 SoC init config Add SoC init config for sam9x7 family. Signed-off-by: Varshini Rajendran Reviewed-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240729070705.1990557-1-varshini.rajendran@microchip.com Signed-off-by: Claudiu Beznea commit 67146942efe9077b5d09a43e1aa41f9602d916ef Author: Varshini Rajendran Date: Mon Jul 29 12:36:59 2024 +0530 ARM: at91: pm: add support for sam9x7 SoC family Add support and pm init config for sam9x7 SoC. Signed-off-by: Varshini Rajendran Reviewed-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240729070659.1990506-1-varshini.rajendran@microchip.com Signed-off-by: Claudiu Beznea commit cffa8c8026e17e21c4b55ab2f83e9891fd0c1ee2 Author: Varshini Rajendran Date: Mon Jul 29 12:39:23 2024 +0530 ARM: configs: at91: enable config flags for sam9x7 SoC family Enable config flags for SAM9X7 SoC for the sam9x7 SoC family. Signed-off-by: Varshini Rajendran Reviewed-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240729070923.1991418-1-varshini.rajendran@microchip.com Signed-off-by: Claudiu Beznea commit 33013b43e2715c7e061ae052825edd87fd278330 Author: Varshini Rajendran Date: Mon Jul 29 12:38:11 2024 +0530 clk: at91: sam9x7: add sam9x7 pmc driver Add a driver for the PMC clocks of sam9x7 Soc family. Signed-off-by: Varshini Rajendran Link: https://lore.kernel.org/r/20240729070811.1990964-1-varshini.rajendran@microchip.com Signed-off-by: Claudiu Beznea commit 3dc73106ffc47640e692b9b32ebfd59d776c07fd Author: Varshini Rajendran Date: Mon Jul 29 12:38:03 2024 +0530 dt-bindings: clock: at91: Allow PLLs to be exported and referenced in DT Allow PLLADIV2 and LVDSPLL to be referenced as a PMC_TYPE_CORE clock from phandle in DT for sam9x7 SoC family. Signed-off-by: Varshini Rajendran Acked-by: Rob Herring Reviewed-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240729070803.1990916-1-varshini.rajendran@microchip.com Signed-off-by: Claudiu Beznea commit 5bf194adedb921f87fb7c9c59c590b802458bccc Author: Varshini Rajendran Date: Mon Jul 29 12:37:53 2024 +0530 clk: at91: sama7g5: move mux table macros to header file Move the mux table init and fill macro function definitions from the sama7g5 pmc driver to the pmc.h header file since they will be used by other SoC's pmc drivers as well like sam9x7. Signed-off-by: Varshini Rajendran Reviewed-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240729070753.1990866-1-varshini.rajendran@microchip.com Signed-off-by: Claudiu Beznea commit 5299f801875f376f65322ff9d5df68ae662d640a Author: Varshini Rajendran Date: Mon Jul 29 12:37:46 2024 +0530 clk: at91: sam9x7: add support for HW PLL freq dividers Add support for hardware dividers for PLL IDs in sam9x7 SoC. The system PLL - PLLA and the system PLL divided by 2 - PLLADIV2 with PLL ID 0 and 4 respectively, both have a hardware divider /2. This has to be taken into account in the software to obtain the right frequencies. Support for the same is added in the PLL driver. fcorepllack -----> HW Div = 2 -+--> fpllack | +--> HW Div = 2 ---> fplladiv2ck In this case the corepll freq is 1600 MHz. So, the plla freq is 800 MHz after the hardware divider and the plladiv2 freq is 400 MHz after the hardware divider (given that the DIVPMC is 0). Signed-off-by: Varshini Rajendran Reviewed-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240729070746.1990805-1-varshini.rajendran@microchip.com Signed-off-by: Claudiu Beznea commit a402c663940dfeca22caa7390b9f35aee6925caf Author: Varshini Rajendran Date: Mon Jul 29 12:37:37 2024 +0530 clk: at91: clk-sam9x60-pll: re-factor to support individual core freq outputs SAM9X7 SoC family supports different core output frequencies for different PLL IDs. To handle the same in the PLL driver, a separate parameter core_output is added. The sam9x60 and sama7g5 SoC PMC drivers are aligned to the PLL driver by adding the core output freq range in the PLL characteristics configurations. Signed-off-by: Varshini Rajendran Reviewed-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240729070737.1990756-1-varshini.rajendran@microchip.com Signed-off-by: Claudiu Beznea commit 7f1bcdba5e28546aad4493e03f74abf65dc784ca Author: Varshini Rajendran Date: Mon Jul 29 12:37:26 2024 +0530 dt-bindings: clocks: atmel,at91rm9200-pmc: add sam9x7 clock controller Add bindings for SAM9X7's pmc. Signed-off-by: Varshini Rajendran Acked-by: Conor Dooley Reviewed-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240729070726.1990705-1-varshini.rajendran@microchip.com Signed-off-by: Claudiu Beznea commit 22d121281eaa2b75a317d6769d52ef2056ffd6e2 Author: Varshini Rajendran Date: Mon Jul 29 12:37:17 2024 +0530 dt-bindings: clocks: atmel,at91sam9x5-sckc: add sam9x7 Add bindings for SAM9X7's slow clock controller. Signed-off-by: Varshini Rajendran Acked-by: Conor Dooley Reviewed-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240729070717.1990654-1-varshini.rajendran@microchip.com Signed-off-by: Claudiu Beznea commit 946c57e61d0b6237b9dfbbccd07edbaa447d4370 Author: Sangmoon Kim Date: Wed Aug 7 19:55:00 2024 +0900 Documentation: kernel-parameters: add workqueue.panic_on_stall The workqueue.panic_on_stall kernel parameter was added in commit 073107b39e55 ("workqueue: add cmdline parameter workqueue.panic_on_stall") but not listed in the kernel-parameters doc. Add it there. Signed-off-by: Sangmoon Kim Signed-off-by: Tejun Heo commit 00e5bd44389145cd2f42be8e98cadb210731e72a Author: Yue Haibing Date: Sat Aug 3 19:37:04 2024 +0800 x86/apic: Remove unused inline function apic_set_eoi_cb() Commit 2744a7ce34a7 ("x86/apic: Replace acpi_wake_cpu_handler_update() and apic_set_eoi_cb()") left it unused. Signed-off-by: Yue Haibing Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240803113704.246752-1-yuehaibing@huawei.com commit 1afe599a0a484225bda6098feb22562831d72a4e Author: Varshini Rajendran Date: Mon Jul 29 12:35:43 2024 +0530 dt-bindings: atmel-sysreg: add sam9x7 Add RAM controller & PIT64 DT bindings. Signed-off-by: Varshini Rajendran Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240729070543.1990209-1-varshini.rajendran@microchip.com Signed-off-by: Claudiu Beznea commit 62e303e346d7f829ff4f52c73176451c7f85f4bc Author: Thomas Gleixner Date: Fri Aug 2 18:15:52 2024 +0200 x86/ioapic: Cleanup remaining coding style issues Add missing new lines and reorder variable definitions. Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155441.158662179@linutronix.de commit 966e09b1862555267effa1db9032dc3dbc0cc588 Author: Thomas Gleixner Date: Fri Aug 2 18:15:50 2024 +0200 x86/ioapic: Cleanup line breaks 80 character limit is history. Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155441.095653193@linutronix.de commit 4bcfdf76d7d1976b035ca75776bc8d266a09d6c3 Author: Thomas Gleixner Date: Fri Aug 2 18:15:49 2024 +0200 x86/ioapic: Cleanup bracket usage Add brackets around if/for constructs as required by coding style or remove pointless line breaks to make it true single line statements which do not require brackets. Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155441.032045616@linutronix.de commit 75d449402b125648bf048309c9d22b39262d6fba Author: Thomas Gleixner Date: Fri Aug 2 18:15:48 2024 +0200 x86/ioapic: Cleanup comments Use proper comment styles and shrink comments to their scope where applicable. Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155440.969619978@linutronix.de commit ee64510fb959991c3afd94e05e468a5b27e77f68 Author: Thomas Gleixner Date: Fri Aug 2 18:15:47 2024 +0200 x86/ioapic: Move replace_pin_at_irq_node() to the call site It's only used by check_timer(). Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155440.906636514@linutronix.de commit 48855a2c92203389cb215c86ee3d2f2df5aa4024 Author: Thomas Gleixner Date: Fri Aug 2 18:15:45 2024 +0200 iommu/vt-d: Cleanup apic_printk() Use the new apic_pr_verbose() helper. Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155440.843266805@linutronix.de commit 1ee0aa8285c11921ad22336d07b67fc81a0d36cf Author: Thomas Gleixner Date: Fri Aug 2 18:15:44 2024 +0200 x86/mpparse: Cleanup apic_printk()s Use the new apic_pr_verbose() helper. Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155440.779537108@linutronix.de commit 54cd3795b471057a7e82acaade2b6a22beee1242 Author: Thomas Gleixner Date: Fri Aug 2 18:15:43 2024 +0200 x86/ioapic: Cleanup guarded debug printk()s Cleanup the APIC printk()s which are inside of a apic verbosity guarded region by using apic_dbg() for the KERN_DEBUG level prints. Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155440.714763708@linutronix.de commit f47998da395c1dfa53449bd335db4cf508be5275 Author: Thomas Gleixner Date: Fri Aug 2 18:15:42 2024 +0200 x86/ioapic: Cleanup apic_printk()s Replace apic_printk($LEVEL) with the corresponding apic_pr_*() helpers and use pr_info() for APIC_QUIET as that is always printed so the indirection is pointless noise. Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155440.652239904@linutronix.de commit ac1c9fc1b571d5355602daa642f74288ae4b701d Author: Thomas Gleixner Date: Fri Aug 2 18:15:41 2024 +0200 x86/apic: Cleanup apic_printk()s Use the new apic_pr_*() helpers and cleanup the apic_printk() maze. Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155440.589821068@linutronix.de commit d768e3f3e3fb43df2559d4c053b0f68c9649b2c7 Author: Thomas Gleixner Date: Fri Aug 2 18:15:39 2024 +0200 x86/apic: Provide apic_printk() helpers apic_printk() requires the APIC verbosity level and printk level which is tedious and horrible to read. Provide helpers to simplify all of that. Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155440.527510045@linutronix.de commit ed57538b8510a5811ec049659b726cdb24ed6b46 Author: Thomas Gleixner Date: Fri Aug 2 18:15:38 2024 +0200 x86/ioapic: Use guard() for locking where applicable KISS rules! Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155440.464227224@linutronix.de commit d8c76d0167a0f20d071c540b1ffba5794eeb83ca Author: Thomas Gleixner Date: Fri Aug 2 18:15:37 2024 +0200 x86/ioapic: Cleanup structs Make them conforming to the TIP coding style guide. Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155440.402005874@linutronix.de commit 6daceb891d5fd8729f9b4453b35d3d47dab10914 Author: Thomas Gleixner Date: Fri Aug 2 18:15:36 2024 +0200 x86/ioapic: Mark mp_alloc_timer_irq() __init Only invoked from check_timer() which is __init too. Cleanup the variable declaration while at it. Signed-off-by: Thomas Gleixner Tested-by: Qiuxu Zhuo Tested-by: Breno Leitao Reviewed-by: Breno Leitao Link: https://lore.kernel.org/all/20240802155440.339321108@linutronix.de commit 830802a0fea8fb39d3dc9fb7d6b5581e1343eb1f Author: Thomas Gleixner Date: Fri Aug 2 18:15:34 2024 +0200 x86/ioapic: Handle allocation failures gracefully Breno observed panics when using failslab under certain conditions during runtime: can not alloc irq_pin_list (-1,0,20) Kernel panic - not syncing: IO-APIC: failed to add irq-pin. Can not proceed panic+0x4e9/0x590 mp_irqdomain_alloc+0x9ab/0xa80 irq_domain_alloc_irqs_locked+0x25d/0x8d0 __irq_domain_alloc_irqs+0x80/0x110 mp_map_pin_to_irq+0x645/0x890 acpi_register_gsi_ioapic+0xe6/0x150 hpet_open+0x313/0x480 That's a pointless panic which is a leftover of the historic IO/APIC code which panic'ed during early boot when the interrupt allocation failed. The only place which might justify panic is the PIT/HPET timer_check() code which tries to figure out whether the timer interrupt is delivered through the IO/APIC. But that code does not require to handle interrupt allocation failures. If the interrupt cannot be allocated then timer delivery fails and it either panics due to that or falls back to legacy mode. Cure this by removing the panic wrapper around __add_pin_to_irq_node() and making mp_irqdomain_alloc() aware of the failure condition and handle it as any other failure in this function gracefully. Reported-by: Breno Leitao Signed-off-by: Thomas Gleixner Tested-by: Breno Leitao Tested-by: Qiuxu Zhuo Link: https://lore.kernel.org/all/ZqfJmUF8sXIyuSHN@gmail.com Link: https://lore.kernel.org/all/20240802155440.275200843@linutronix.de commit d0d92d272c29597b4a67f70517656e85aab2ddcb Author: Claudiu Beznea Date: Wed Jul 3 11:47:03 2024 +0300 ARM: dts: microchip: at91-sama7g5ek: add EEPROMs The main boot sequence for Microchip AT91 devices is one of the following: 1/ ROM BOOT -> AT91Bootstrap -> U-Boot -> Linux Kernel 2/ ROM BOOT -> AT91Bootstrap -> Linux Kernel For case 1/ U-Boot is the stage where the Ethernet MAC addresses are set. For case 2/ where U-Boot is skipped the Ethernet MAC addresses need to be configured in Linux. For this add EEPROMs and nvmem-layout to describe EUI48 MAC address regions. Signed-off-by: Claudiu Beznea [andrei.simion@microchip.com: Add nvmem-layout to describe eui48 mac region. Align compatible name with datasheet. Reword commit message.] Signed-off-by: Andrei Simion [claudiu.beznea: adjusted the new commit message] Signed-off-by: Claudiu Beznea Link: https://lore.kernel.org/r/20240703084704.197697-3-andrei.simion@microchip.com commit f15c21a3de1b5321ba4ae2c6c8f2e63b839d49fa Author: Ryo Takakura Date: Thu Jul 18 18:36:59 2024 +0900 RISC-V: Enable IPI CPU Backtrace Add arch_trigger_cpumask_backtrace() which is a generic infrastructure for sampling other CPUs' backtrace using IPI. The feature is used when lockups are detected or in case of oops/panic if parameters are set accordingly. Below is the case of oops with the oops_all_cpu_backtrace enabled. $ sysctl kernel.oops_all_cpu_backtrace=1 triggering oops shows: [ 212.214237] NMI backtrace for cpu 1 [ 212.214390] CPU: 1 PID: 610 Comm: in:imklog Tainted: G OE 6.10.0-rc6 #1 [ 212.214570] Hardware name: riscv-virtio,qemu (DT) [ 212.214690] epc : fallback_scalar_usercopy+0x8/0xdc [ 212.214809] ra : _copy_to_user+0x20/0x40 [ 212.214913] epc : ffffffff80c3a930 ra : ffffffff8059ba7e sp : ff20000000eabb50 [ 212.215061] gp : ffffffff82066f90 tp : ff6000008e958000 t0 : 3463303866660000 [ 212.215210] t1 : 000000000000005b t2 : 3463303866666666 s0 : ff20000000eabb60 [ 212.215358] s1 : 0000000000000386 a0 : 00007ff6e81df926 a1 : ff600000824df800 [ 212.215505] a2 : 000000000000003f a3 : 7fffffffffffffc0 a4 : 0000000000000000 [ 212.215651] a5 : 000000000000003f a6 : 0000000000000000 a7 : 0000000000000000 [ 212.215857] s2 : ff600000824df800 s3 : ffffffff82066cc0 s4 : 0000000000001c1a [ 212.216074] s5 : ffffffff8206a5a8 s6 : 00007ff6e81df926 s7 : ffffffff8206a5a0 [ 212.216278] s8 : ff600000824df800 s9 : ffffffff81e25de0 s10: 000000000000003f [ 212.216471] s11: ffffffff8206a59d t3 : ff600000824df812 t4 : ff600000824df812 [ 212.216651] t5 : ff600000824df818 t6 : 0000000000040000 [ 212.216796] status: 0000000000040120 badaddr: 0000000000000000 cause: 8000000000000001 [ 212.217035] [] fallback_scalar_usercopy+0x8/0xdc [ 212.217207] [] syslog_print+0x1f4/0x2b2 [ 212.217362] [] do_syslog.part.0+0x94/0x2d8 [ 212.217502] [] do_syslog+0x66/0x88 [ 212.217636] [] kmsg_read+0x44/0x5c [ 212.217764] [] proc_reg_read+0x7a/0xa8 [ 212.217952] [] vfs_read+0xb0/0x24e [ 212.218090] [] ksys_read+0x64/0xe4 [ 212.218264] [] __riscv_sys_read+0x20/0x2c [ 212.218453] [] do_trap_ecall_u+0x60/0x1d4 [ 212.218664] [] ret_from_exception+0x0/0x64 Signed-off-by: Ryo Takakura Link: https://lore.kernel.org/r/20240718093659.158912-1-takakura@valinux.co.jp Signed-off-by: Palmer Dabbelt commit fa740ca82277b476a49fee83c6fdb023656ef779 Author: Jinjie Ruan Date: Wed Aug 7 10:56:04 2024 +0800 powerpc: Remove useless config comment in asm/percpu.h commit 0db880fc865f ("powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt.") has a config comment typo, and the #if/#else/#endif section is small and doesn't nest additional #ifdefs so the comment is useless and should be removed completely. Signed-off-by: Jinjie Ruan Suggested-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/20240807025604.2817577-1-ruanjinjie@huawei.com commit cfdbfb94b3824b8da3a6b21252d24754d0162ab6 Author: Paul E. McKenney Date: Thu Aug 1 17:37:48 2024 -0700 rcutorture: Add rcutree.nohz_full_patience_delay to TREE07 This commit adds the rcutree.nohz_full_patience_delay=1000 kernel boot parameter to the TREE07 scenario, on the observation that "if it ain't tested, it don't work". Signed-off-by: "Paul E. McKenney" Signed-off-by: Neeraj Upadhyay commit c4afe3eb04a5fc095a9e3b1b25691f9ed31a52d3 Author: Uwe Kleine-König Date: Sun Aug 4 13:20:31 2024 +0200 powerpc/476: Drop explicit initialization of struct i2c_device_id::driver_data to 0 This driver doesn't use the driver_data member of struct i2c_device_id, so don't explicitly initialize this member. This prepares putting driver_data in an anonymous union which requires either no initialization or named designators. But it's also a nice cleanup on its own. Signed-off-by: Uwe Kleine-König Reviewed-by: Christophe Leroy Signed-off-by: Michael Ellerman Link: https://msgid.link/20240804112032.3628645-2-u.kleine-koenig@baylibre.com commit 62be134abf4250474a7a694837064bc783d2b291 Author: Dustin L. Howett Date: Tue Aug 6 21:54:09 2024 -0500 platform/chrome: cros_ec_lpc: switch primary DMI data for Framework Laptop Framework Computer appears to be moving away from the Microchip embedded controller seen in the Framework Laptop 13 with Intel Core 11th, 12th and 13th generation processors. All newer models use a Nuvoton NPCX embedded controller. Changing the default DMI match for Framework's products to match their newer product lines will reduce churn in this part of the cros_ec_lpc driver. The new match tables are: - Microchip EC models - "Laptop" (product, exact match) for the 11th gen. Intel Core - "12th Gen Intel Core" (product, exact match) - "13th Gen Intel Core" (product, exact match) - Nuvoton NPCX models - "Laptop" (product family, partial match) Signed-off-by: Dustin L. Howett Reviewed-by: Alexandru M Stan Link: https://lore.kernel.org/r/20240806-platform-chrome-cros_ec_lpcs-change-the-default-disposition-of-the-framework-laptop-v1-1-09e0d602b215@howett.net Signed-off-by: Tzung-Bi Shih commit c7907a47bb68a18758edf12fd45e201ff03e2acc Author: Thomas Zimmermann Date: Wed Jul 31 15:06:15 2024 +0200 macintosh/via-pmu-backlight: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. via-pmu-backlight.c already includes backlight.h where the BACKLIGHT constants are defined. Signed-off-by: Thomas Zimmermann Signed-off-by: Michael Ellerman Link: https://msgid.link/20240731130720.1148872-3-tzimmermann@suse.de commit 28455894bb99a1afe541cb7c987cc7e193c41fc6 Author: Thomas Zimmermann Date: Wed Jul 31 15:06:14 2024 +0200 powerpc/traps: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. traps.c already includes backlight.h where the BACKLIGHT constants are defined. Signed-off-by: Thomas Zimmermann Signed-off-by: Michael Ellerman Link: https://msgid.link/20240731130720.1148872-2-tzimmermann@suse.de commit 8a93960abed960b9f6097b6471b7fb34120ffc6a Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:47 2024 -0600 powerpc: Use of_property_present() Use of_property_present() to test for property presence rather than of_get_property(). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Signed-off-by: Michael Ellerman Link: https://msgid.link/20240731191312.1710417-9-robh@kernel.org commit 259b46204885431f2853afa2a2bffa63f3705e67 Author: Jiri Slaby (SUSE) Date: Mon Aug 5 12:20:37 2024 +0200 serial: remove quot_frac from serial8250_do_set_divisor() quot_frac is unused in serial8250_do_set_divisor() since commit b2b4b8ed3c06 (serial: 8250_exar: Move custom divisor support out from 8250_port). So no point to pass it. Signed-off-by: Jiri Slaby (SUSE) Cc: Ilpo Järvinen Cc: Andy Shevchenko Cc: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240805102046.307511-5-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit d0009a32c9e4e083358092f3c97e3c6e803a8930 Author: Jiri Slaby (SUSE) Date: Mon Aug 5 12:20:36 2024 +0200 serial: don't use uninitialized value in uart_poll_init() Coverity reports (as CID 1536978) that uart_poll_init() passes uninitialized pm_state to uart_change_pm(). It is in case the first 'if' takes the true branch (does "goto out;"). Fix this and simplify the function by simple guard(mutex). The code needs no labels after this at all. And it is pretty clear that the code has not fiddled with pm_state at that point. Signed-off-by: Jiri Slaby (SUSE) Fixes: 5e227ef2aa38 (serial: uart_poll_init() should power on the UART) Cc: stable@vger.kernel.org Cc: Douglas Anderson Cc: Greg Kroah-Hartman Reviewed-by: Ilpo Järvinen Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20240805102046.307511-4-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit 602babaa84d627923713acaf5f7e9a4369e77473 Author: Jiri Slaby (SUSE) Date: Mon Aug 5 12:20:35 2024 +0200 serial: protect uart_port_dtr_rts() in uart_shutdown() too Commit af224ca2df29 (serial: core: Prevent unsafe uart port access, part 3) added few uport == NULL checks. It added one to uart_shutdown(), so the commit assumes, uport can be NULL in there. But right after that protection, there is an unprotected "uart_port_dtr_rts(uport, false);" call. That is invoked only if HUPCL is set, so I assume that is the reason why we do not see lots of these reports. Or it cannot be NULL at this point at all for some reason :P. Until the above is investigated, stay on the safe side and move this dereference to the if too. I got this inconsistency from Coverity under CID 1585130. Thanks. Signed-off-by: Jiri Slaby (SUSE) Cc: Peter Hurley Cc: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240805102046.307511-3-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit 8173dbc18f7762de5b1a5a9960e09d303f766c4b Author: Jiri Slaby (SUSE) Date: Mon Aug 5 12:20:34 2024 +0200 tty: simplify tty_dev_name_to_number() using guard(mutex) In tty_dev_name_to_number(), a guard can help to make the code easier to follow. Especially how 0 is returned in the successful case. So use a guard there. Signed-off-by: Jiri Slaby (SUSE) Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20240805102046.307511-2-jirislaby@kernel.org Signed-off-by: Greg Kroah-Hartman commit 3a2a3437dc2eeff5d8f1263537d738d2f3b2a8f0 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:55 2024 -0600 serdev: Use of_property_present() Use of_property_present() to test for property presence rather than of_get_property(). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731191312.1710417-17-robh@kernel.org Signed-off-by: Greg Kroah-Hartman commit dce2cbd18f52c413222e5967ea0400de0423b684 Author: Arnd Bergmann Date: Wed Aug 7 09:57:44 2024 +0200 serial: 8250_platform: fix uart_8250_port initializer The first element in uart_8250_port is a structure, so initializing it to 0 causes a warning on newer compilers: drivers/tty/serial/8250/8250_platform.c: In function 'serial8250_platform_probe': drivers/tty/serial/8250/8250_platform.c:111:40: error: excess elements in struct initializer [-Werror] 111 | struct uart_8250_port uart = { 0 }; Use the modern empty {} initializer instead that works on all supported compilers. Fixes: d9e5a0ce2f16 ("serial: 8250_platform: Enable generic 16550A platform devices") Signed-off-by: Arnd Bergmann Reviewed-by: Sunil V L Reported-by: Stephen Rothwell Link: https://lore.kernel.org/r/20240807075751.2206508-2-arnd@kernel.org Signed-off-by: Greg Kroah-Hartman commit a2a815c7be9bcd5d58f552aacbedcc3702e9a753 Author: Arnd Bergmann Date: Wed Aug 7 09:57:43 2024 +0200 serial: 8250_platform: remove ACPI_PTR() annotation The acpi_platform_serial_table[] array is defined globally without an #ifdef check for CONFIG_ACPI, so ACPI_PTR() makes no sense here: drivers/tty/serial/8250/8250_platform.c:271:36: error: 'acpi_platform_serial_table' defined but not used [-Werror=unused-const-variable=] 271 | static const struct acpi_device_id acpi_platform_serial_table[] = { Fixes: d9e5a0ce2f16 ("serial: 8250_platform: Enable generic 16550A platform devices") Signed-off-by: Arnd Bergmann Reviewed-by: Sunil V L Link: https://lore.kernel.org/r/20240807075751.2206508-1-arnd@kernel.org Signed-off-by: Greg Kroah-Hartman commit 0829b5bcdd3ba077c408e71e22ac2bfa85bf2c95 Author: Tvrtko Ursulin Date: Tue May 21 11:12:01 2024 +0100 drm/i915: 2 GiB of relocations ought to be enough for anybody* Kernel test robot reports i915 can hit a warn in kvmalloc_node which has a purpose of dissalowing crazy size kernel allocations. This was added in 7661809d493b ("mm: don't allow oversized kvmalloc() calls"): /* Don't even allow crazy sizes */ if (WARN_ON_ONCE(size > INT_MAX)) return NULL; This would be kind of okay since i915 at one point dropped the need for making a shadow copy of the relocation list, but then it got re-added in fd1500fcd442 ("Revert "drm/i915/gem: Drop relocation slowpath".") a year after Linus added the above warning. It is plausible that the issue was not seen until now because to trigger gem_exec_reloc test requires a combination of an relatively older generation hardware but with at least 8GiB of RAM installed. Probably even more depending on runtime checks. Lets cap what we allow userspace to pass in using the matching limit. There should be no issue for real userspace since we are talking about "crazy" number of relocations which have no practical purpose. *) Well IGT tests might get upset but they can be easily adjusted. Signed-off-by: Tvrtko Ursulin Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-lkp/202405151008.6ddd1aaf-oliver.sang@intel.com Cc: Kees Cook Cc: Kent Overstreet Cc: Joonas Lahtinen Cc: Rodrigo Vivi Reviewed-by: Kees Cook Reviewed-by: Joonas Lahtinen Signed-off-by: Tvrtko Ursulin Link: https://patchwork.freedesktop.org/patch/msgid/20240521101201.18978-1-tursulin@igalia.com commit 25f51b76f90f10f9bf2fbc05fc51cf685da7ccad Author: Ben Hutchings Date: Wed Jul 31 22:32:29 2024 +0200 xhci-pci: Make xhci-pci-renesas a proper modular driver If CONFIG_USB_XHCI_PCI_RENESAS is enabled, xhci-pci conditionally calls into the xhci-pci-renesas module, which means both modules must be loaded to use any xHCI PCI controller. The MODULE_FIRMWARE declaration in the base xhci-pci module causes initramfs-tools to check for and warn about missing firmware for the Renesas xHCI controllers, when any xHCI PCI controller is present. And because of the previous oddity, simply moving this declaration to xhci-pci-renesas wouldn't help. To fix this, reverse the relationship between the modules: - Remove the quirk for the Renesas xHCIs, and the driver_data structure used only for them - In xhci-pci: - Rename xhci_pci_probe() to xhci_pci_common_probe() - Export xhci_pci_common_probe() and xhci_pci_remove() - Use a new probe function that rejects the Renesas xHCIs and then calls the common probe function - In xhci-pci-renesas: - Stop exporting renesas_xhci_check_request_fw() - Add a probe function that calls renesas_xhci_check_request_fw() followed by xhci_pci_common_probe() - Add and register a new pci_driver matching only the Renesas xHCIs and using its own probe function, but with other operations the same as in xhci-pci - Make CONFIG_USB_XHCI_PCI_RENESAS depend on CONFIG_USB_XHCI_PCI, not the other way around Finally, move the MODULE_FIRMWARE declaration to xhci-pci-renesas. Signed-off-by: Ben Hutchings Tested-by: Cyril Brulebois Link: https://lore.kernel.org/r/ZqqfXYRJf7kGaqus@decadent.org.uk Signed-off-by: Greg Kroah-Hartman commit f358602425486fce2eac1a9592444c9840557754 Author: Rob Herring (Arm) Date: Wed Jul 31 14:14:00 2024 -0600 usb: dwc3: Use of_property_read_variable_u32_array() to read "power" There's no need to get the length of an DT array property before parsing the array. of_property_read_variable_u32_array() takes a minimum and maximum length and returns the actual length (or error code). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240731201407.1838385-5-robh@kernel.org Signed-off-by: Greg Kroah-Hartman commit 89b7539123bf970d7c013645558bc344aef792b0 Author: Fabio Estevam Date: Tue Aug 6 08:42:31 2024 -0300 usb: dwc3: imx8mp: Switch to RUNTIME/SYSTEM_SLEEP_PM_OPS() Replace SET_RUNTIME_PM_OPS()/SET SYSTEM_SLEEP_PM_OPS() with their modern RUNTIME_PM_OPS() and SYSTEM_SLEEP_PM_OPS() alternatives. The combined usage of pm_ptr() and RUNTIME_PM_OPS/SYSTEM_SLEEP_PM_OPS() allows the compiler to evaluate if the runtime suspend/resume() functions are used at build time or are simply dead code. This allows removing the __maybe_unused notation from the runtime suspend/resume() functions. Signed-off-by: Fabio Estevam Acked-by: Thinh Nguyen Link: https://lore.kernel.org/r/20240806114231.2603055-1-festevam@gmail.com Signed-off-by: Greg Kroah-Hartman commit 260126159200c2724dab14dd332f79282ff9721a Author: Abhishek Tamboli Date: Fri Aug 2 00:32:09 2024 +0530 usb: gadget: u_audio: Use C99 syntax for array initializers Convert array initializers to C99 syntax by adding the '=' after each designated initializer. Fix the following smatch warnings: drivers/usb/gadget/function/u_audio.c:1117:20: warning: obsolete array initializer, use C99 syntax drivers/usb/gadget/function/u_audio.c:1124:28: warning: obsolete array initializer, use C99 syntax drivers/usb/gadget/function/u_audio.c:1131:19: warning: obsolete array initializer, use C99 syntax drivers/usb/gadget/function/u_audio.c:1138:27: warning: obsolete array initializer, use C99 syntax drivers/usb/gadget/function/u_audio.c:1145:25: warning: obsolete array initializer, use C99 syntax Also, fix two checkpatch.pl warnings: WARNING: please, no spaces at the start of a line + [UAC_FBACK_CTRL] = {$ WARNING: please, no spaces at the start of a line + [UAC_MUTE_CTRL] = {$ Signed-off-by: Abhishek Tamboli Reviewed-by: Ricardo B. Marliere Link: https://lore.kernel.org/r/20240801190209.500373-1-abhishektamboli9@gmail.com Signed-off-by: Greg Kroah-Hartman commit 08d6fd691bdd5d6e7881ce42ca6774ed92b10896 Author: Akash Kumar Date: Thu Aug 1 11:00:03 2024 +0530 usb: gadget: Increase max configuration interface to 32 Currently, max configuration interfaces are limited to 16, which fails for compositions containing 10 UVC configurations with interrupt ep disabled along with other configurations , and we see bind failures while allocating interface ID in uvc bind. Increase max configuration interface to 32 to support any large compositions limited to same size as usb device endpoints as interfaces cannot be more than endpoints. Signed-off-by: Akash Kumar Link: https://lore.kernel.org/r/20240801053003.15153-1-quic_akakum@quicinc.com Signed-off-by: Greg Kroah-Hartman commit 1380f158a8af0fa57e7db45623ec6bd9853a7ac6 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:56 2024 -0600 usb: chipidea: Use of_property_present() Use of_property_present() to test for property presence rather than of_get_property(). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731191312.1710417-18-robh@kernel.org Signed-off-by: Greg Kroah-Hartman commit e50f0887804e60584dc3223a06980597b7e8b2a8 Author: André Draszik Date: Wed Jul 10 11:36:22 2024 +0100 usb: typec: tcpm/tcpci_maxim: use device managed TCPCI port deregistration Instead of open-coding the call to tcpci_unregister_port() in various places, let's just register a hook using devm_add_action_or_reset() so that it gets called automatically as and when necessary by the device management APIs. Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-15-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit 6ba97b42a5f2e04367ae006f65f46f6c1ec78c0b Author: André Draszik Date: Wed Jul 10 11:36:21 2024 +0100 usb: typec: tcpm/tcpci_maxim: convert to dev_err_probe() dev_err_probe() exists as a useful helper ensuring standardized error messages during .probe() and using it also helps to make the code more legible. Use it. Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-14-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit fc64f1ce292d0adb9ac3c8b6e372412bb6aa3052 Author: André Draszik Date: Wed Jul 10 11:36:20 2024 +0100 usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_ADC_CTRL1 register Convert register TCPC_VENDOR_ADC_CTRL1 to using GENMASK() and FIELD_PREP() so as to keep using a similar approach throughout the code base and make it arguably easier to read. Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-13-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit 5cb7e20bad86ab2df81e1fe26b07f9905569df95 Author: André Draszik Date: Wed Jul 10 11:36:19 2024 +0100 usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL3 register Convert register TCPC_VENDOR_CC_CTRL3 to using GENMASK() so as to keep using a similar approach throughout the code base and make it arguably easier to read. Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-12-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit 9ee70dd4f7dc614adc606beadc32c8d86dc9b2d6 Author: André Draszik Date: Wed Jul 10 11:36:18 2024 +0100 usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL2 register Convert register TCPC_VENDOR_CC_CTRL2 to using GENMASK() and FIELD_PREP() so as to keep using a similar approach throughout the code base and make it arguably easier to read. Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-11-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit 4d39e00481a6b15440872ada4c25614edb76199b Author: André Draszik Date: Wed Jul 10 11:36:17 2024 +0100 usb: typec: tcpm/tcpci_maxim: drop STATUS_CHECK() Only one user of STATUS_CHECK() remains, and the code can actually be made more legible by simply avoiding the use of that wrapper macro, allowing to also drop the macro altogether. Do so. Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-10-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit 064e7e5a5d5f489cbce34ec8efe39199bfa7e1f7 Author: André Draszik Date: Wed Jul 10 11:36:16 2024 +0100 usb: typec: tcpm/tcpci_maxim: simplify clearing of TCPC_ALERT_RX_BUF_OVF There is no need for using the ternary if/else here, simply mask TCPC_ALERT_RX_BUF_OVF as necessary, which arguably makes the code easier to read. Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-9-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit 57e154cc44d23802dcce6a9bcb210735a43cd201 Author: André Draszik Date: Wed Jul 10 11:36:15 2024 +0100 usb: typec: tcpm/tcpci_maxim: sort TCPC_ALERT_MASK values by bit This makes it easier to see what's missing and what's being programmed. While at it, add brackets to help with formatting and remove a comment that doesn't add much value. Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-8-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit 7cd41974d2c81055f61ba9f69e31c02e866716e0 Author: André Draszik Date: Wed Jul 10 11:36:14 2024 +0100 usb: typec: tcpci: use GENMASK() for TCPC_TRANSMIT register fields Convert all fields from register TCPC_TRANSMIT to using GENMASK() and FIELD_PREP() so as to keep using a similar approach throughout the code base and make it arguably easier to read. Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-7-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit aee4568f42e0d7526207a10944bb89bb45522b59 Author: André Draszik Date: Wed Jul 10 11:36:13 2024 +0100 usb: typec: tcpci: use GENMASK() for TCPC_MSG_HDR_INFO_REV Convert field TCPC_MSG_HDR_INFO_REV from register TCPC_MSG_HDR_INFO to using GENMASK() and FIELD_PREP() so as to keep using a similar approach for all fields. Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-6-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit 46b1e0f87ba89f0a06ffbde5fe8d13c5af93f94e Author: André Draszik Date: Wed Jul 10 11:36:12 2024 +0100 usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_RP_VAL Align the last remaining field TCPC_ROLE_CTRL_RP_VAL with the other fields in the TCPC_ROLE_CTRL register by using GENMASK() and FIELD_PREP(). Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-5-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit 83b254c13ac093810e1058d9cb1bbb4b7ef9c246 Author: André Draszik Date: Wed Jul 10 11:36:11 2024 +0100 usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12] All this open-coded shifting and masking is quite hard to read, in particular the if-statement in tcpci_apply_rc(). Declare TCPC_ROLE_CTRL_CC[12] using GENMASK() which allows using FIELD_GET() and FIELD_PREP() to arguably make the code more legible. Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-4-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit f523aa6d72598bcd2946c7e02d29f33f94806a15 Author: André Draszik Date: Wed Jul 10 11:36:10 2024 +0100 usb: typec: tcpci: use GENMASK() for TCPC_CC_STATUS_CC[12] The existing code here, particularly in maxim_contaminant.c, is arguably quite hard to read due to the open-coded masking and shifting spanning multiple lines. Use GENMASK() and FIELD_GET() instead, which arguably make the code much easier to follow. While at it, use the symbolic name TCPC_CC_STATE_SRC_OPEN for one instance of open-coded 0x0. Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-3-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit 0943ce2b764310efeffc58fbc09a9105cf02a8ea Author: André Draszik Date: Wed Jul 10 11:36:09 2024 +0100 usb: typec: tcpm/tcpci_maxim: clarify a comment We loop while the status is != 0, so rephrase the comment slightly for clarity. Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-2-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit 07a83512fa5be3f3d46369eee6352102fd9fb505 Author: André Draszik Date: Wed Jul 10 11:36:08 2024 +0100 usb: typec: tcpci: fix a comment typo autonously -> autonomously Signed-off-by: André Draszik Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240710-tcpc-cleanup-v1-1-0ec1f41f4263@linaro.org Signed-off-by: Greg Kroah-Hartman commit 4ae0c2b91110dab6f4291c2c7f99dde60ecc97d8 Author: Dan Carpenter Date: Thu Aug 1 10:44:03 2024 -0500 sched/debug: Fix fair_server_period_max value This code has an integer overflow or sign extension bug which was caught by gcc-13: kernel/sched/debug.c:341:57: error: integer overflow in expression of type 'long int' results in '-100663296' [-Werror=overflow] 341 | static unsigned long fair_server_period_max = (1 << 22) * NSEC_PER_USEC; /* ~4 seconds */ The result is that "fair_server_period_max" is set to 0xfffffffffa000000 (585 years) instead of instead of 0xfa000000 (4 seconds) that was intended. Fix this by changing the type to shift from (1 << 22) to (1UL << 22). Closes: https://lore.kernel.org/all/CA+G9fYtE2GAbeqU+AOCffgo2oH0RTJUxU+=Pi3cFn4di_KgBAQ@mail.gmail.com/ Fixes: d741f297bcea ("sched/fair: Fair server interface") Reported-by: Linux Kernel Functional Testing Reported-by: Arnd Bergmann Reported-by: Stephen Rothwell Signed-off-by: Dan Carpenter Signed-off-by: Peter Zijlstra (Intel) Link: https://lkml.kernel.org/r/a936b991-e464-4bdf-94ab-08e25d364986@stanley.mountain commit 924e2904da9b5edec61611918b98ab1f7fccc461 Author: Tejun Heo Date: Mon Aug 5 12:39:10 2024 -1000 sched/fair: Make balance_fair() test sched_fair_runnable() instead of rq->nr_running balance_fair() skips newidle balancing if rq->nr_running - there are already tasks on the rq, so no need to try to pull tasks. This tests the total number of queued tasks on the CPU instead of only the fair class, but is still correct as the rq can currently only have fair class tasks while balance_fair() is running. However, with the addition of sched_ext below the fair class, this will not hold anymore and make put_prev_task_balance() skip sched_ext's balance() incorrectly as, when a CPU has only lower priority class tasks, rq->nr_running would still be positive and balance_fair() would return 1 even when fair doesn't have any tasks to run. Update balance_fair() to use sched_fair_runnable() which tests rq->cfs.nr_running which is updated by bandwidth throttling. Note that pick_next_task_fair() already uses sched_fair_runnable() in its optimized path for the same purpose. Reported-by: Peter Zijlstra Signed-off-by: Tejun Heo Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Chengming Zhou Reviewed-by: K Prateek Nayak Link: https://lore.kernel.org/r/ZrFUjlCf7x3TNXB8@slm.duckdns.org commit 3e673d651c3749e7447f0ccccfebb9cea58d8bf2 Merge: 8400291e289ee6 9f04609f74ec7a Author: Christian Brauner Date: Wed Aug 7 11:35:08 2024 +0200 Merge branch 'work.write.end' Matthew Wilcox (Oracle) says: On top of the ufs, minix, sysv and qnx6 directory handling patches, this patch series converts us to using folios for write_begin and write_end. That's the last mention of 'struct page' in several filesystems. * work.write.end: (54 commits) buffer: Convert __block_write_begin() to take a folio ocfs2: Convert ocfs2_write_zero_page to use a folio fs: Convert aops->write_begin to take a folio fs: Convert aops->write_end to take a folio vboxsf: Use a folio in vboxsf_write_end() orangefs: Convert orangefs_write_begin() to use a folio orangefs: Convert orangefs_write_end() to use a folio jffs2: Convert jffs2_write_begin() to use a folio jffs2: Convert jffs2_write_end() to use a folio hostfs: Convert hostfs_write_end() to use a folio fuse: Convert fuse_write_begin() to use a folio fuse: Convert fuse_write_end() to use a folio f2fs: Convert f2fs_write_begin() to use a folio f2fs: Convert f2fs_write_end() to use a folio ecryptfs: Use a folio in ecryptfs_write_begin() ecryptfs: Convert ecryptfs_write_end() to use a folio buffer: Convert block_write_end() to take a folio ntfs3: Remove reset_log_file() nilfs2: Use a folio in nilfs_recover_dsync_blocks() buffer: Use a folio in generic_write_end() ... Link: https://lore.kernel.org/r/20240717154716.237943-1-willy@infradead.org Signed-off-by: Christian Brauner commit 9f04609f74ec7a439e1ac42da5db9e6ddf4f7b13 Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 23:09:04 2024 -0400 buffer: Convert __block_write_begin() to take a folio Almost all callers have a folio now, so change __block_write_begin() to take a folio and remove a call to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 7f90d7f1bc9418aba1ef040565308e83dbe0f485 Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 23:04:59 2024 -0400 ocfs2: Convert ocfs2_write_zero_page to use a folio Removes a conversion of folio to page, and then two hidden conversions of page back to folio. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 1da86618bdce301d23e89ecce92161f9d3b3c5e7 Author: Matthew Wilcox (Oracle) Date: Mon Jul 15 14:24:01 2024 -0400 fs: Convert aops->write_begin to take a folio Convert all callers from working on a page to working on one page of a folio (support for working on an entire folio can come later). Removes a lot of folio->page->folio conversions. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit a225800f322a3d6cc8b8b6c7dc4d5281f2f5375b Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 15:45:32 2024 -0400 fs: Convert aops->write_end to take a folio Most callers have a folio, and most implementations operate on a folio, so remove the conversion from folio->page->folio to fit through this interface. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 3e5d37c5f98a06ee68a5c3e2784d4a4420e9d227 Author: Matthew Wilcox (Oracle) Date: Sun Jun 2 00:02:10 2024 -0400 vboxsf: Use a folio in vboxsf_write_end() Because we have to kmap() the page before calling vboxsf_write(), we can't entirely remove the use of struct page. But we can eliminate some uses of old APIs and remove some unnecessary calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 4c7e13850f317933b081fd49841dd246bff99619 Author: Matthew Wilcox (Oracle) Date: Thu Jul 11 16:58:06 2024 -0400 orangefs: Convert orangefs_write_begin() to use a folio Retrieve a folio from the page cache instead of a page. This function was previously mostly converted to use a folio, so it's a fairly small change. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 87969292a93f4afbd1179fb46ad02ac1dd275ca0 Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 17:06:19 2024 -0400 orangefs: Convert orangefs_write_end() to use a folio Convert the passed page to a folio and operate on that. Replaces five calls to compound_head() with one. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 0ee818cc42fc313b480e2e29ebe7b0dc14ccc156 Author: Matthew Wilcox (Oracle) Date: Thu Jul 11 16:58:06 2024 -0400 jffs2: Convert jffs2_write_begin() to use a folio Fetch a folio from the page cache instead of a page and use it throughout removing several calls to compound_head(). We still have to convert back to a page for calling internal jffs2 functions, but hopefully they will be converted soon. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit c8dbe54a2e0bf8cb9e7d36cdf16507d0025ef028 Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 16:42:35 2024 -0400 jffs2: Convert jffs2_write_end() to use a folio Convert the passed page to a folio and operate on that. Replaces six calls to compound_head() with one. Also use kmap_local instead of kmap. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 02d8a3227f49f07cd8c2c4f42b4449f657c060c5 Author: Matthew Wilcox (Oracle) Date: Fri Jul 12 12:08:54 2024 -0400 hostfs: Convert hostfs_write_end() to use a folio Convert the passed page to a folio and operate on that. Replaces four calls to compound_head() with one. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit a060d835cf76605fbb784f1285a6d40e9239c436 Author: Matthew Wilcox (Oracle) Date: Thu Jul 11 16:58:06 2024 -0400 fuse: Convert fuse_write_begin() to use a folio Fetch a folio from the page cache instead of a page and use it throughout removing several calls to compound_head() and supporting large folios (in this function). We still have to convert back to a page for calling internal fuse functions, but hopefully they will be converted soon. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 556d0ac068d71b78c309d7444357df4fa55f594e Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 16:42:35 2024 -0400 fuse: Convert fuse_write_end() to use a folio Convert the passed page to a folio and operate on that. Replaces five calls to compound_head() with one. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit dfd2e81d37e154f70f1e35d54ddb3d9df34595f2 Author: Matthew Wilcox (Oracle) Date: Thu Jul 11 16:58:06 2024 -0400 f2fs: Convert f2fs_write_begin() to use a folio Fetch a folio from the page cache instead of a page and use it throughout. We still have to convert back to a page for calling internal f2fs functions, but hopefully they will be converted soon. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit a0f858d450ce7b18fd2b7db6f22b321c2f28ed89 Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 16:42:35 2024 -0400 f2fs: Convert f2fs_write_end() to use a folio Convert the passed page to a folio and operate on that. Replaces five calls to compound_head() with one. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 6a09084cd4e67ab2e454cf6da6737383a7c6d41c Author: Matthew Wilcox (Oracle) Date: Thu Jul 11 11:42:46 2024 -0400 ecryptfs: Use a folio in ecryptfs_write_begin() Use __filemap_get_folio() instead of grab_cache_page_write_begin() and use the folio throughout. No attempt is made here to support large folios, simply converting this function to use folio APIs is the goal. Saves many hidden calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit efe2f7a4132d8c399f9238a320df5edb0d62fd48 Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 16:42:35 2024 -0400 ecryptfs: Convert ecryptfs_write_end() to use a folio Convert the passed page to a folio and operate on that. Replaces four calls to compound_head() with one. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 97edbc02b2efdb0cd0f507b6a45fc509acc861bb Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 14:51:11 2024 -0400 buffer: Convert block_write_end() to take a folio All callers now have a folio, so pass it in instead of converting from a folio to a page and back to a folio again. Saves a call to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit c4c9c89c8c8ec1bcb0fad951b91da0d3a7569a71 Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 14:44:14 2024 -0400 ntfs3: Remove reset_log_file() This function has no callers (which will be why nobody noticed that the page wasn't being unlocked). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 663459c851995a6dc216d83d9dea2e2aa18a2db7 Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 13:49:53 2024 -0400 nilfs2: Use a folio in nilfs_recover_dsync_blocks() Replaces four hidden calls to compound_head() with one. Reviewed-by: Josef Bacik Acked-by: Ryusuke Konishi Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 696876d03542a1c348e004511c4a307770481286 Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 13:46:15 2024 -0400 buffer: Use a folio in generic_write_end() Replaces two implicit calls to compound_head() with one. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 1262249d038a3823531dd220e5eced93bccf8d38 Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 13:43:36 2024 -0400 block: Use a folio in blkdev_write_end() Replaces two hidden calls to compound_head() with one explicit one. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit cc67bcb2c3709e12f1a72d5a884942309c89c2ee Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 22:50:29 2024 -0400 reiserfs: Convert reiserfs_write_begin() to use a folio Remove a few calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 24481ffdc0d1580ec2d968682b3c2dc4fbfd6c0b Author: Matthew Wilcox (Oracle) Date: Mon Jul 8 11:06:01 2024 -0400 reiserfs: Convert grab_tail_page() to use a folio Removes a call to grab_cache_page() and a few hidden calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 8eb835a1366f52d335aae7c2acff9c1bd57fb227 Author: Matthew Wilcox (Oracle) Date: Tue Apr 16 23:58:48 2024 -0400 fs: Convert block_write_begin() to use a folio Use the folio APIs to retrieve the folio from the page cache and manipulate it. Saves a few conversions between pages & folios. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 0551bc716e830e36c16c70282bc4134e2f3ec821 Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 21:03:03 2024 -0400 minixfs: Convert dir_commit_chunk() to take a folio All callers now have a folio, so pass it in. Saves a call to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit cf04e47128afd071bcb9d0c9806dce835f85356d Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 20:59:00 2024 -0400 minixfs: Convert minix_prepare_chunk() to take a folio All callers now have a folio, so convert minix_prepare_chunk() to take one. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit da2c04c15068adaf4a5cce0f47fd7aad97ac8c4f Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 20:42:38 2024 -0400 minixfs: Convert minix_make_empty() to use a folio Removes a few hidden calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit e033fe609d749749ba40554f6c312f9b29b28447 Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 20:40:11 2024 -0400 minixfs: Convert minix_delete_entry() to work on a folio Match ext2 and remove a few hidden calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 6e9ead1ec9f8067178d8db005470242bc5375e7f Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 20:37:59 2024 -0400 minixfs: Convert minix_set_link() and minix_dotdot() to take a folio This matches ext2 and removes a few hidden calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 5a77670ff8634f12636db6b5fd0a4ec5d548ef64 Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 16:09:32 2024 -0400 minixfs: Convert minix_find_entry() to take a folio Remove a few hidden calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 9cf2de3ddaeb2d70ea21448104cc604199da2acc Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 15:05:39 2024 -0400 minixfs: Convert dir_get_page() to dir_get_folio() Remove a few conversions between page and folio. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 25689405bc33788de71d39d9900f849aa8bd9040 Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 11:31:09 2024 -0400 qnx6: Convert directory handling to use kmap_local Eliminates qnx6_put_page() and a few hidden calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 1d49228f2762740be986886286f7683c6ae30f6d Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 08:30:23 2024 -0400 qnx6: Convert qnx6_iget() to use a folio Removes a use of kmap() and a couple of conversions between folios and pages. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 29c42e8b8a7813479961f868fb4189295943c07d Author: Matthew Wilcox (Oracle) Date: Wed Jul 10 08:22:12 2024 -0400 qnx6: Convert qnx6_checkroot() to use a folio Removes a use of kmap and removes a conversion from folio to page. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit b2f2454c3662ebdfe8b3ebe6fc247f2daf384bf8 Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 23:22:15 2024 -0400 qnx6: Convert qnx6_longname() to take a folio Removes a conversion from folio to page. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 5563040e852994c4ad40b189d3ea4ed253ace232 Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 23:13:18 2024 -0400 qnx6: Convert qnx6_find_entry() to qnx6_find_ino() It's hard to return a directory entry from qnx6_find_entry() because it might be a long dir_entry with a different format. So stick with the convention of returning an inode number, but rename it to qnx6_find_ino() to reflect what it actually does, and move the call to qnx6_put_page() inside the function which lets us get rid of the res_page parameter. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit b2aa61556fcfa83639507d329d48cd6e2f7ac487 Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 23:08:41 2024 -0400 qnx6: Convert qnx6_get_page() to qnx6_get_folio() Match the ext2 calling convention by returning the address and setting the folio return pointer. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 00753fb5f2406fb852e79d9c6e25328bab353388 Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 10:54:22 2024 -0400 sysv: Convert dir_commit_chunk() to take a folio All callers now have a folio, so pass it in. Saves a call to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit d3a2fa28fe516cf9621ffdafde35308bebc4714c Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 10:52:44 2024 -0400 sysv: Convert sysv_prepare_chunk() to take a folio All callers now have a folio, so convert sysv_prepare_chunk() to take one. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 7f4fb150631bc2b1de11938f9fc9f8c60abae591 Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 10:49:54 2024 -0400 sysv: Convert sysv_make_empty() to use a folio Removes a few hidden calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 9b1cf7790e5ae631839e06b1f96a9d05e088b450 Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 10:45:23 2024 -0400 sysv: Convert sysv_delete_entry() to work on a folio Match ext2 and remove a few hidden calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 1cfdaf9708ba7f2ff170723999fcdf87e9afb843 Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 10:42:23 2024 -0400 sysv: Convert sysv_set_link() and sysv_dotdot() to take a folio This matches ext2 and removes a few hidden calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit ba36ee530896bb1094f1d86b5456d776c93a5516 Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 10:31:45 2024 -0400 sysv: Convert sysv_find_entry() to take a folio Remove a few hidden calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit a3b4537f82425f6cb37f299477cb38cc81cbe30a Author: Matthew Wilcox (Oracle) Date: Tue Jul 9 09:41:38 2024 -0400 sysv: Convert dir_get_page() to dir_get_folio() Remove a few conversions between page and folio. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 516b97cf03dd630ad90c9329de312c755690650a Author: Matthew Wilcox (Oracle) Date: Mon Jul 8 18:01:47 2024 -0400 ufs: Convert directory handling to kmap_local Remove kmap use and use folio_release_kmap() instead of ufs_put_page(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 0f3e63f30bf5ba214561e127a2c21c2d46ded141 Author: Matthew Wilcox (Oracle) Date: Mon Jul 8 17:49:11 2024 -0400 ufs; Convert ufs_commit_chunk() to take a folio All callers now have a folio, so pass it in. Saves a call to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 128d1e89acb978bf6a4ec0d04bbfe8cb801965be Author: Matthew Wilcox (Oracle) Date: Mon Jul 8 17:47:06 2024 -0400 ufs: Convert ufs_prepare_chunk() to take a folio All callers now have a folio, so convert ufs_prepare_chunk() to take one. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit f4a20e53aba74b406f3becf28cc3776ad38153e7 Author: Matthew Wilcox (Oracle) Date: Mon Jul 8 17:44:48 2024 -0400 ufs: Convert ufs_make_empty() to use a folio Removes a few hidden calls to compound_head() and uses kmap_local instead of kmap. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 767bd0af25e59e8b75801847ddc7bf0ab186bf3c Author: Matthew Wilcox (Oracle) Date: Mon Jul 8 15:32:53 2024 -0400 ufs: Convert ufs_delete_entry() to work on a folio Match ext2 and remove a few hidden calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit 597697c5adf8ac16e8e8a5d55a572a19f2282b88 Author: Matthew Wilcox (Oracle) Date: Mon Jul 8 15:23:35 2024 -0400 ufs: Convert ufs_set_link() and ufss_dotdot() to take a folio This matches ext2 and removes a few hidden calls to compound_head(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit e95d2754458a6a0a1c8a5dc1d593d80f6940fbdc Author: Matthew Wilcox (Oracle) Date: Mon Jul 8 15:11:00 2024 -0400 ufs: Convert ufs_find_entry() to take a folio This matches ext2 and pushes the use of folios out by one layer. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit a60b0e8f150ff5e9fefaf9166b75381f162da45d Author: Matthew Wilcox (Oracle) Date: Mon Jul 8 11:42:51 2024 -0400 ufs: Convert ufs_check_page() to ufs_check_folio() Includes large folio support in case we decide to support block size > PAGE_SIZE (as with ext2, this support will be limited to machines without HIGHMEM). Reviewed-by: Josef Bacik Signed-off-by: Christian Brauner commit 5fe08b1d7e315cb4238ae1afa4a3ec951ae4908e Author: Matthew Wilcox (Oracle) Date: Mon Jul 8 14:46:26 2024 -0400 ufs: Convert ufs_get_page() to ufs_get_folio() Use the same calling convention as ext2 (see commit 46022375abe8) so that we can transition to kmap_local in a future patch. Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit bf9883d5779117776c2e25d29d4dfed31d390fb2 Author: Matthew Wilcox (Oracle) Date: Mon Jul 8 12:11:21 2024 -0400 ufs: Convert ufs_get_page() to use a folio Remove a call to read_mapping_page(). Reviewed-by: Josef Bacik Signed-off-by: Matthew Wilcox (Oracle) Signed-off-by: Christian Brauner commit b977831342ec131aea17831295db48450ada7202 Author: Takashi Iwai Date: Wed Aug 7 11:23:01 2024 +0200 ALSA: seq: Fix missing seq port info bit return for MIDI 1.0 block The recent extension added a new ALSA sequencer port info flag bit SNDRV_SEQ_PORT_FLG_IS_MIDI1, but it's not reported back when inquired. Fix it to report properly. Fixes: 0079c9d1e58a ("ALSA: ump: Handle MIDI 1.0 Function Block in MIDI 2.0 protocol") Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807092303.1935-7-tiwai@suse.de commit 8e3f30b8dc063ef323e535b21f0c6ac7b487ee5a Author: Takashi Iwai Date: Wed Aug 7 11:23:00 2024 +0200 ALSA: seq: Print MIDI 1.0 specific port in proc output When a sequencer port assigned to a UMP Group that is specific to MIDI 1.0 among MIDI 2.0 client, mark it explicitly in the proc output, so that user can see it easily. This is an exceptional case where the message isn't converted to MIDI 1.0 even if the client is running in MIDI 2.0 mode. Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807092303.1935-6-tiwai@suse.de commit ebaa86c0bddd2c47c516bf2096b17c0bed71d914 Author: Takashi Iwai Date: Wed Aug 7 11:22:59 2024 +0200 ALSA: usb-audio: Update UMP group attributes for GTB blocks, too When a FB is created from a GTB instead of UMP FB Info inquiry, we missed the update of the corresponding UMP Group attributes. Export the call of updater and let it be called from the USB driver. Fixes: 0642a3c5cacc ("ALSA: ump: Update substream name from assigned FB names") Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807092303.1935-5-tiwai@suse.de commit ac3a9185bd5f547cb16ef1388e8786ad5a6e8858 Author: Takashi Iwai Date: Wed Aug 7 11:22:58 2024 +0200 ALSA: usb-audio: Set MIDI1 flag appropriately for GTB MIDI 1.0 entry When a MIDI 1.0 protocol is specified in a GTB entry while others are set in MIDI 2.0, it should be seen as a legacy MIDI 1.0 port. Since recently we allow drivers to set a flag SNDRV_UMP_BLOCK_IS_MIDI1 to a FB for that purpose. This patch tries to set that flag when the device shows such a configuration. Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807092303.1935-4-tiwai@suse.de commit b28654233f654cc16134b72751bf371c7bf0ce3a Author: Takashi Iwai Date: Wed Aug 7 11:22:57 2024 +0200 ALSA: usb-audio: Accept multiple protocols in GTBs It's valid to give different protocols via multiple GTBs; e.g. a MIDI 1.0 port is embedded in a MIDI 2.0 device that talks with MIDI 2.0 protocol. However, the current driver implementation assumes only a single protocol over the whole Endpoint, and it can't handle such a scenario. This patch changes the driver's behavior to parse GTBs to accept multiple protocols. Instead of switching to the last given protocol, it adds the protocol capability bits now. Meanwhile, the default protocol is chosen by the first given protocol in GTBs. Practically seen, this should be a minor issue, as new devices should specify the protocols properly via UMP Endpoint Info messages, so this is rather just covering a corner case. Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807092303.1935-3-tiwai@suse.de commit 08713dcc49060f2d0870483932c6d68ef8430acf Author: Takashi Iwai Date: Wed Aug 7 11:22:56 2024 +0200 ALSA: ump: Choose the protocol when protocol caps are changed When the protocol capability bits are changed via Endpoint Info update notification, we should check the validity of the current protocol and reset it if needed, too. Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240807092303.1935-2-tiwai@suse.de commit e66f33bdf0c3adda068b1e2c70c768c56166b58a Merge: 2c14119ab8f356 ba0ca286c91950 Author: David S. Miller Date: Wed Aug 7 10:24:46 2024 +0100 Merge branch 'tcp-active-reset' Jason Xing says: =================== tcp: completely support active reset This time the patch series finally covers all the cases in the active reset logic. After this, we can know the related exact reason(s). v4 Link: 1. revise the changelog to avoid future confusion in patch [5/7] (Eric) 2. revise the changelog of patch [6/7] like above. 3. add reviewed-by tags (Eric) v3 Link: https://lore.kernel.org/all/20240731120955.23542-1-kerneljasonxing@gmail.com/ 1. introduce TCP_DISCONNECT_WITH_DATA reason (Eric) 2. use a better name 'TCP_KEEPALIVE_TIMEOUT' (Eric) 3. add three reviewed-by tags (Eric) v2 Link: https://lore.kernel.org/all/20240730133513.99986-1-kerneljasonxing@gmail.com/ 1. use RFC 9293 in the comment and changelog instead of old RFC 793 2. correct the comment and changelog in patch 5 ==================== Signed-off-by: David S. Miller commit ba0ca286c919508ac32d036509b082b3968c0bb2 Author: Jason Xing Date: Fri Aug 2 18:21:12 2024 +0800 tcp: rstreason: let it work finally in tcp_send_active_reset() Now it's time to let it work by using the 'reason' parameter in the trace world :) Signed-off-by: Jason Xing Reviewed-by: Eric Dumazet Signed-off-by: David S. Miller commit c026c6562f86b24dd2dfef501fb1e64cc3884a79 Author: Jason Xing Date: Fri Aug 2 18:21:11 2024 +0800 tcp: rstreason: introduce SK_RST_REASON_TCP_DISCONNECT_WITH_DATA for active reset When user tries to disconnect a socket and there are more data written into tcp write queue, we should tell users about this reset reason. Signed-off-by: Jason Xing Reviewed-by: Eric Dumazet Signed-off-by: David S. Miller commit 0a399892a596055c8f069a17b4775fe5ab66d32a Author: Jason Xing Date: Fri Aug 2 18:21:10 2024 +0800 tcp: rstreason: introduce SK_RST_REASON_TCP_KEEPALIVE_TIMEOUT for active reset Introducing this to show the users the reason of keepalive timeout. Signed-off-by: Jason Xing Reviewed-by: Eric Dumazet Signed-off-by: David S. Miller commit edefba66d929eb2d023df93a0a8175a4ffe82684 Author: Jason Xing Date: Fri Aug 2 18:21:09 2024 +0800 tcp: rstreason: introduce SK_RST_REASON_TCP_STATE for active reset Introducing a new type TCP_STATE to handle some reset conditions appearing in RFC 793 due to its socket state. Actually, we can look into RFC 9293 which has no discrepancy about this part. Signed-off-by: Jason Xing Reviewed-by: Eric Dumazet Signed-off-by: David S. Miller commit 8407994f0c3594eb3854e3799af86224f4a8e6e6 Author: Jason Xing Date: Fri Aug 2 18:21:08 2024 +0800 tcp: rstreason: introduce SK_RST_REASON_TCP_ABORT_ON_MEMORY for active reset Introducing a new type TCP_ABORT_ON_MEMORY for tcp reset reason to handle out of memory case. Signed-off-by: Jason Xing Reviewed-by: Eric Dumazet Signed-off-by: David S. Miller commit edc92b48abc5b21c98eca5d05b98a560d7df2e4d Author: Jason Xing Date: Fri Aug 2 18:21:07 2024 +0800 tcp: rstreason: introduce SK_RST_REASON_TCP_ABORT_ON_LINGER for active reset Introducing a new type TCP_ABORT_ON_LINGER for tcp reset reason to handle negative linger value case. Signed-off-by: Jason Xing Reviewed-by: Eric Dumazet Signed-off-by: David S. Miller commit 90c36325c796cc7111329607a649c34f4979c78e Author: Jason Xing Date: Fri Aug 2 18:21:06 2024 +0800 tcp: rstreason: introduce SK_RST_REASON_TCP_ABORT_ON_CLOSE for active reset Introducing a new type TCP_ABORT_ON_CLOSE for tcp reset reason to handle the case where more data is unread in closing phase. Signed-off-by: Jason Xing Reviewed-by: Eric Dumazet Signed-off-by: David S. Miller commit e102b5ed6e283a144793cab8fcd95f61d0ddbadb Author: Nirmoy Das Date: Tue Aug 6 13:07:22 2024 +0200 drm/xe: Fix access_ok check in user_fence_create Check size of the data not size of the pointer. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202407300421.IBkAja96-lkp@intel.com/ Fixes: 0fde907da2d5 ("drm/xe: Validate user fence during creation") Cc: Matthew Auld Cc: Matthew Brost Reviewed-by: Matthew Auld Reviewed-by: Tejas Upadhyay Reviewed-by: Apoorva Singh Link: https://patchwork.freedesktop.org/patch/msgid/20240806110722.28661-1-nirmoy.das@intel.com Signed-off-by: Nirmoy Das commit a66de2d0f22b1740f3f9777776ad98c4bee62dff Author: Baochen Qiang Date: Wed Jul 10 10:18:19 2024 +0800 wifi: ath12k: fix invalid AMPDU factor calculation in ath12k_peer_assoc_h_he() Currently ampdu_factor is wrongly calculated in ath12k_peer_assoc_h_he(), fix it. This is found during code review. Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0-03427-QCAHMTSWPL_V1.0_V2.0_SILICONZ-1.15378.4 Fixes: d889913205cf ("wifi: ath12k: driver for Qualcomm Wi-Fi 7 devices") Signed-off-by: Baochen Qiang Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240710021819.87216-1-quic_bqiang@quicinc.com commit dd98d54db29fb553839f43ade5f547baa93392c8 Author: P Praneesh Date: Mon Apr 1 00:02:32 2024 +0530 wifi: ath12k: match WMI BSS chan info structure with firmware definition struct wmi_pdev_bss_chan_info_event is not similar to the firmware struct definition, this will cause some random failures. Fix by matching the struct wmi_pdev_bss_chan_info_event with the firmware structure definition. Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1 Fixes: d889913205cf ("wifi: ath12k: driver for Qualcomm Wi-Fi 7 devices") Signed-off-by: P Praneesh Signed-off-by: Karthikeyan Kathirvel Acked-by: Jeff Johnson Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240331183232.2158756-3-quic_kathirve@quicinc.com commit 59529c982f85047650fd473db903b23006a796c6 Author: P Praneesh Date: Mon Apr 1 00:02:31 2024 +0530 wifi: ath12k: fix BSS chan info request WMI command Currently, the firmware returns incorrect pdev_id information in WMI_PDEV_BSS_CHAN_INFO_EVENTID, leading to incorrect filling of the pdev's survey information. To prevent this issue, when requesting BSS channel information through WMI_PDEV_BSS_CHAN_INFO_REQUEST_CMDID, firmware expects pdev_id as one of the arguments in this WMI command. Add pdev_id to the struct wmi_pdev_bss_chan_info_req_cmd and fill it during ath12k_wmi_pdev_bss_chan_info_request(). This resolves the issue of sending the correct pdev_id in WMI_PDEV_BSS_CHAN_INFO_EVENTID. Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1 Fixes: d889913205cf ("wifi: ath12k: driver for Qualcomm Wi-Fi 7 devices") Signed-off-by: P Praneesh Signed-off-by: Karthikeyan Kathirvel Acked-by: Jeff Johnson Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240331183232.2158756-2-quic_kathirve@quicinc.com commit 8be12629b428084be2610041d61b132074d334f6 Author: Aditya Kumar Singh Date: Tue Jul 9 11:28:17 2024 +0530 wifi: ath12k: restore ASPM for supported hardwares only During PCI based hardware device start up, ASPM is disabled for all. And once firmware is ready, it is restored back. However, not all hardwares (for example QCN9274) supports ASPM. Hence there is a need to conditionally restore ASPM back. Or else, for such hardwares, issue can be seen during sending and receiving packets. Introduce a new hardware param supports_aspm which identifies whether a given hardware supports ASPM or not and then accordingly restore it. Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1 Signed-off-by: Aditya Kumar Singh Acked-by: Jeff Johnson Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240709055817.3371406-1-quic_adisi@quicinc.com commit f6ffe7f0184792c2f99aca6ae5b916683973d7d3 Author: Toke Høiland-Jørgensen Date: Mon Aug 5 13:02:22 2024 +0200 wifi: ath9k: Remove error checks when creating debugfs entries We should not be checking the return values from debugfs creation at all: the debugfs functions are designed to handle errors of previously called functions and just transparently abort the creation of debugfs entries when debugfs is disabled. If we check the return value and abort driver initialisation, we break the driver if debugfs is disabled (such as when booting with debugfs=off). Earlier versions of ath9k accidentally did the right thing by checking the return value, but only for NULL, not for IS_ERR(). This was "fixed" by the two commits referenced below, breaking ath9k with debugfs=off starting from the 6.6 kernel (as reported in the Bugzilla linked below). Restore functionality by just getting rid of the return value check entirely. Link: https://bugzilla.kernel.org/show_bug.cgi?id=219122 Fixes: 1e4134610d93 ("wifi: ath9k: use IS_ERR() with debugfs_create_dir()") Fixes: 6edb4ba6fb5b ("wifi: ath9k: fix parameter check in ath9k_init_debug()") Reported-by: Daniel Tobias Tested-by: Daniel Tobias Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240805110225.19690-1-toke@toke.dk commit 8aabc03c7d226992b758a7bf5a53e05fc8a9ab01 Author: Rosen Penev Date: Wed Jul 31 14:03:08 2024 -0700 wifi: ath9k: use devm for gpio_request_one() Using devm_gpio_request_one() is simpler as then we don't need to call gpio_free(). Signed-off-by: Rosen Penev Acked-by: Toke Høiland-Jørgensen Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240731210312.7622-1-rosenp@gmail.com commit 92da4ce847bc5d942ddfdb102dba92f4e2797a59 Author: Rosen Penev Date: Wed Jul 31 14:02:40 2024 -0700 wifi: ath9k: use devm for request_irq() Avoids having to manually call free_irq(). Simplifies code slightly. Signed-off-by: Rosen Penev Acked-by: Toke Høiland-Jørgensen Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240731210243.7467-1-rosenp@gmail.com commit f7f3ddb6e5c8dc7b621fd8c0903ea42190d67452 Author: Kuninori Morimoto Date: Tue Jul 30 00:34:40 2024 +0000 gpu: drm: use for_each_endpoint_of_node() We already have for_each_endpoint_of_node(), don't use of_graph_get_next_endpoint() directly. Replace it. Signed-off-by: Kuninori Morimoto Acked-by: Dmitry Baryshkov Reviewed-by: Laurent Pinchart Signed-off-by: Tomi Valkeinen Link: https://patchwork.freedesktop.org/patch/msgid/87jzh3lnts.wl-kuninori.morimoto.gx@renesas.com commit 1ffec650d07f63a584d2a789a20bb64e9b13d34b Author: Rob Herring (Arm) Date: Tue Aug 6 07:58:24 2024 -0600 cpufreq: armada-8k: Avoid excessive stack usage In some build configurations (e.g. x86 allmodconfig), 2 cpu_mask variables exceeds the max stack frame size: drivers/cpufreq/armada-8k-cpufreq.c:203:1: error: the frame size of 2128 bytes is larger than 2048 bytes Fix it by making "cpus" static which is fine given that module init is only called once. Signed-off-by: Rob Herring (Arm) Signed-off-by: Viresh Kumar commit b81f97031a0ea2823cf37bb37eac51dbb8350e02 Author: Rob Herring (Arm) Date: Tue Aug 6 07:58:23 2024 -0600 cpufreq: omap: Drop asm includes The omap driver doesn't actually need asm/smp_plat.h, so drop it. asm/cpu.h is not needed either as linux/cpu.h is already included. Signed-off-by: Rob Herring (Arm) Acked-by: Kevin Hilman Signed-off-by: Viresh Kumar commit 5c326d24c1b31a275afc05b4fbb7292eabd4d70a Author: Rob Herring (Arm) Date: Tue Aug 6 07:58:22 2024 -0600 cpufreq: qcom: Add explicit io.h include for readl/writel_relaxed The qcom-cpufreq-hw driver is relying on an implicit include of io.h which doesn't get included on some architectures. Signed-off-by: Rob Herring (Arm) Signed-off-by: Viresh Kumar commit 9b3cc56c24d80671763b4b6b7ea4aed213059d32 Author: Rob Herring (Arm) Date: Wed Jul 31 14:16:15 2024 -0600 cpufreq: spear: Use of_property_for_each_u32() instead of open coding Use of_property_count_u32_elems() and of_property_for_each_u32() instead of of_find_property() and open coding the property parsing. This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) [Viresh: Fixed build failure and initialize / increment 'i'] Signed-off-by: Viresh Kumar commit 872cc94c7e3d874373f56b035f998631c6b26d22 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:40 2024 -0600 cpufreq: Use of_property_present() Use of_property_present() to test for property presence rather than of_(find|get)_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Acked-by: Chen-Yu Tsai Signed-off-by: Viresh Kumar commit b62ef7e4021f74bb12445987efd8109ccca289c4 Author: Mika Kuoppala Date: Tue Aug 6 18:30:09 2024 +0300 drm/xe: Add kernel doc for xe_hw_engine_lookup kerneldoc was missing from earlier commit where we exported xe_hw_engine_lookup. Add it. Cc: Dominik Grzegorzek Cc: Mika Kuoppala Cc: Matthew Brost Cc: Lucas De Marchi Cc: "Thomas Hellström" Cc: intel-xe@lists.freedesktop.org Signed-off-by: Mika Kuoppala Reviewed-by: Jonathan Cavitt Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240806153009.1081382-2-mika.kuoppala@linux.intel.com commit dae5d79a3bcc3101e1e02a1c2999ca74d1efde05 Author: Dominik Grzegorzek Date: Tue Aug 6 18:30:08 2024 +0300 drm/xe: Export xe_hw_engine's mmio accessors Export hw engine's mmio accessors. This is in preparation to use these from eudebug code. v2: s/hw_engine_mmio/xe_hw_engine_mmio (Matthew) v3: kernel doc (Matthew) Cc: Matthew Brost Signed-off-by: Dominik Grzegorzek Signed-off-by: Mika Kuoppala Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240806153009.1081382-1-mika.kuoppala@linux.intel.com commit 89a4c16cbdc961f69a636685f6bedc18d3813d45 Author: Dian-Syuan Yang Date: Wed Jul 31 15:05:06 2024 +0800 wifi: rtw89: correct VHT TX rate on 20MHz connection It may get wrong bitrate when connecting to AP set VHT 20MHz, and thus we fix it to follow Wi-Fi spec. Signed-off-by: Dian-Syuan Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240731070506.46100-6-pkshih@realtek.com commit 50961f88612c2200170111cf8d11e591d354fe1a Author: Kuan-Chung Chen Date: Wed Jul 31 15:05:05 2024 +0800 wifi: rtw89: add support for HW encryption in unicast management frames Add hardware encryption support for unicast management frames for 8922AE and 8852CE. Other chips will continue to use software encryption for unicast management frames. Signed-off-by: Kuan-Chung Chen Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240731070506.46100-5-pkshih@realtek.com commit 2c14119ab8f356cb429a5f4855b7880f33cfb981 Merge: acd221a6507c9d fa3c40b9d54094 Author: Jakub Kicinski Date: Tue Aug 6 19:44:21 2024 -0700 Merge tag 'linux-can-next-for-6.12-20240806' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next Marc Kleine-Budde says: ==================== pull-request: can-next 2024-08-06 The first patch is by Frank Li and adds the can-transceiver property to the flexcan device-tree bindings. Haibo Chen contributes 2 patches for the flexcan driver to add wakeup support for the imx95. The 2 patches by Stefan Mätje for the esd_402_pci driver clean up the driver and add support for the one-shot mode. The last 15 patches are by Jimmy Assarsson and add hardware timestamp support for all devices covered by the kvaser_usb driver. * tag 'linux-can-next-for-6.12-20240806' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next: can: kvaser_usb: Rename kvaser_usb_{ethtool,netdev}_ops_hwts to kvaser_usb_{ethtool,netdev}_ops can: kvaser_usb: Remove struct variables kvaser_usb_{ethtool,netdev}_ops can: kvaser_usb: Remove KVASER_USB_QUIRK_HAS_HARDWARE_TIMESTAMP can: kvaser_usb: leaf: Add hardware timestamp support to usbcan devices can: kvaser_usb: leaf: Store MSB of timestamp can: kvaser_usb: leaf: Add structs for Tx ACK and clock overflow commands can: kvaser_usb: leaf: Add hardware timestamp support to leaf based devices can: kvaser_usb: leaf: kvaser_usb_leaf_tx_acknowledge: Rename local variable can: kvaser_usb: leaf: Replace kvaser_usb_leaf_m32c_dev_cfg with kvaser_usb_leaf_m32c_dev_cfg_{16,24,32}mhz can: kvaser_usb: leaf: Assign correct timestamp_freq for kvaser_usb_leaf_imx_dev_cfg_{16,24,32}mhz can: kvaser_usb: leaf: Add struct for Tx ACK commands can: kvaser_usb: hydra: Set hardware timestamp on transmitted packets can: kvaser_usb: hydra: Add struct for Tx ACK commands can: kvaser_usb: hydra: kvaser_usb_hydra_ktime_from_rx_cmd: Drop {rx_} in function name can: kvaser_usb: Add helper functions to convert device timestamp into ktime can: esd_402_pci: Add support for one-shot mode can: esd_402_pci: Rename esdACC CTRL register macros can: flexcan: add wakeup support for imx95 dt-bindings: can: fsl,flexcan: move fsl,imx95-flexcan standalone dt-bindings: can: fsl,flexcan: add common 'can-transceiver' for fsl,flexcan ==================== Link: https://patch.msgid.link/20240806074731.1905378-1-mkl@pengutronix.de Signed-off-by: Jakub Kicinski commit 7dd5d2514a8ea58f12096e888b0bd050d7eae20a Author: Chih-Kang Chang Date: Wed Jul 31 15:05:04 2024 +0800 wifi: rtw89: avoid to add interface to list twice when SER If SER L2 occurs during the WoWLAN resume flow, the add interface flow is triggered by ieee80211_reconfig(). However, due to rtw89_wow_resume() return failure, it will cause the add interface flow to be executed again, resulting in a double add list and causing a kernel panic. Therefore, we have added a check to prevent double adding of the list. list_add double add: new=ffff99d6992e2010, prev=ffff99d6992e2010, next=ffff99d695302628. ------------[ cut here ]------------ kernel BUG at lib/list_debug.c:37! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 0 PID: 9 Comm: kworker/0:1 Tainted: G W O 6.6.30-02659-gc18865c4dfbd #1 770df2933251a0e3c888ba69d1053a817a6376a7 Hardware name: HP Grunt/Grunt, BIOS Google_Grunt.11031.169.0 06/24/2021 Workqueue: events_freezable ieee80211_restart_work [mac80211] RIP: 0010:__list_add_valid_or_report+0x5e/0xb0 Code: c7 74 18 48 39 ce 74 13 b0 01 59 5a 5e 5f 41 58 41 59 41 5a 5d e9 e2 d6 03 00 cc 48 c7 c7 8d 4f 17 83 48 89 c2 e8 02 c0 00 00 <0f> 0b 48 c7 c7 aa 8c 1c 83 e8 f4 bf 00 00 0f 0b 48 c7 c7 c8 bc 12 RSP: 0018:ffffa91b8007bc50 EFLAGS: 00010246 RAX: 0000000000000058 RBX: ffff99d6992e0900 RCX: a014d76c70ef3900 RDX: ffffa91b8007bae8 RSI: 00000000ffffdfff RDI: 0000000000000001 RBP: ffffa91b8007bc88 R08: 0000000000000000 R09: ffffa91b8007bae0 R10: 00000000ffffdfff R11: ffffffff83a79800 R12: ffff99d695302060 R13: ffff99d695300900 R14: ffff99d6992e1be0 R15: ffff99d6992e2010 FS: 0000000000000000(0000) GS:ffff99d6aac00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000078fbdba43480 CR3: 000000010e464000 CR4: 00000000001506f0 Call Trace: ? __die_body+0x1f/0x70 ? die+0x3d/0x60 ? do_trap+0xa4/0x110 ? __list_add_valid_or_report+0x5e/0xb0 ? do_error_trap+0x6d/0x90 ? __list_add_valid_or_report+0x5e/0xb0 ? handle_invalid_op+0x30/0x40 ? __list_add_valid_or_report+0x5e/0xb0 ? exc_invalid_op+0x3c/0x50 ? asm_exc_invalid_op+0x16/0x20 ? __list_add_valid_or_report+0x5e/0xb0 rtw89_ops_add_interface+0x309/0x310 [rtw89_core 7c32b1ee6854761c0321027c8a58c5160e41f48f] drv_add_interface+0x5c/0x130 [mac80211 83e989e6e616bd5b4b8a2b0a9f9352a2c385a3bc] ieee80211_reconfig+0x241/0x13d0 [mac80211 83e989e6e616bd5b4b8a2b0a9f9352a2c385a3bc] ? finish_wait+0x3e/0x90 ? synchronize_rcu_expedited+0x174/0x260 ? sync_rcu_exp_done_unlocked+0x50/0x50 ? wake_bit_function+0x40/0x40 ieee80211_restart_work+0xf0/0x140 [mac80211 83e989e6e616bd5b4b8a2b0a9f9352a2c385a3bc] process_scheduled_works+0x1e5/0x480 worker_thread+0xea/0x1e0 kthread+0xdb/0x110 ? move_linked_works+0x90/0x90 ? kthread_associate_blkcg+0xa0/0xa0 ret_from_fork+0x3b/0x50 ? kthread_associate_blkcg+0xa0/0xa0 ret_from_fork_asm+0x11/0x20 Modules linked in: dm_integrity async_xor xor async_tx lz4 lz4_compress zstd zstd_compress zram zsmalloc rfcomm cmac uinput algif_hash algif_skcipher af_alg btusb btrtl iio_trig_hrtimer industrialio_sw_trigger btmtk industrialio_configfs btbcm btintel uvcvideo videobuf2_vmalloc iio_trig_sysfs videobuf2_memops videobuf2_v4l2 videobuf2_common uvc snd_hda_codec_hdmi veth snd_hda_intel snd_intel_dspcfg acpi_als snd_hda_codec industrialio_triggered_buffer kfifo_buf snd_hwdep industrialio i2c_piix4 snd_hda_core designware_i2s ip6table_nat snd_soc_max98357a xt_MASQUERADE xt_cgroup snd_soc_acp_rt5682_mach fuse rtw89_8922ae(O) rtw89_8922a(O) rtw89_pci(O) rtw89_core(O) 8021q mac80211(O) bluetooth ecdh_generic ecc cfg80211 r8152 mii joydev gsmi: Log Shutdown Reason 0x03 ---[ end trace 0000000000000000 ]--- Signed-off-by: Chih-Kang Chang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240731070506.46100-4-pkshih@realtek.com commit 6ca6b918f280d3f1724c4494b8a04d81727629e1 Author: Po-Hao Huang Date: Wed Jul 31 15:05:03 2024 +0800 wifi: rtw89: 8922a: Add new fields for scan offload H2C command Update scan offload H2C format to fit firmware version 35.21. The new fields indicate lengths of variable length members, so when driver and firmware are using mismatch version, FW could handle the parsing better. Signed-off-by: Po-Hao Huang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240731070506.46100-3-pkshih@realtek.com commit ca33c15a936088525533cf2e0b111ec1744802c4 Author: Kuan-Chung Chen Date: Wed Jul 31 15:05:02 2024 +0800 wifi: rtw89: 8922a: new implementation for RFK pre-notify H2C For firmware version 0.35.31 and above, update H2C RFK pre-notify to new implementation. Rename existing H2C to v0 for backward compatibility. Signed-off-by: Kuan-Chung Chen Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240731070506.46100-2-pkshih@realtek.com commit acd221a6507c9d936728ed297f5b1e4bcc7585ec Author: Uros Bizjak Date: Sun Aug 4 17:46:09 2024 +0200 net/chelsio/libcxgb: Add __percpu annotations to libcxgb_ppm.c Compiling libcxgb_ppm.c results in several sparse warnings: libcxgb_ppm.c:368:15: warning: incorrect type in assignment (different address spaces) libcxgb_ppm.c:368:15: expected struct cxgbi_ppm_pool *pools libcxgb_ppm.c:368:15: got void [noderef] __percpu *_res libcxgb_ppm.c:374:48: warning: incorrect type in initializer (different address spaces) libcxgb_ppm.c:374:48: expected void const [noderef] __percpu *__vpp_verify libcxgb_ppm.c:374:48: got struct cxgbi_ppm_pool * libcxgb_ppm.c:484:19: warning: incorrect type in assignment (different address spaces) libcxgb_ppm.c:484:19: expected struct cxgbi_ppm_pool [noderef] __percpu *pool libcxgb_ppm.c:484:19: got struct cxgbi_ppm_pool *[assigned] pool libcxgb_ppm.c:511:21: warning: incorrect type in argument 1 (different address spaces) libcxgb_ppm.c:511:21: expected void [noderef] __percpu *__pdata libcxgb_ppm.c:511:21: got struct cxgbi_ppm_pool *[assigned] pool Add __percpu annotation to *pools and *pool percpu pointers and to ppm_alloc_cpu_pool() function that returns percpu pointer to fix these warnings. Compile tested only, but there is no difference in the resulting object file. Signed-off-by: Uros Bizjak Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240804154635.4249-1-ubizjak@gmail.com Signed-off-by: Jakub Kicinski commit 4f534b7f0c8d2a9ec557f9c7d77f96d29518c666 Author: Youwan Wang Date: Wed Jul 31 17:15:37 2024 +0800 net: phy: phy_device: fix PHY WOL enabled, PM failed to suspend If the PHY of the mido bus is enabled with Wake-on-LAN (WOL), we cannot suspend the PHY. Although the WOL status has been checked in phy_suspend(), returning -EBUSY(-16) would cause the Power Management (PM) to fail to suspend. Since phy_suspend() is an exported symbol (EXPORT_SYMBOL), timely error reporting is needed. Therefore, an additional check is performed here. If the PHY of the mido bus is enabled with WOL, we skip calling phy_suspend() to avoid PM failure. From the following logs, it has been observed that the phydev->attached_dev is NULL, phydev is "stmmac-0:01", it not attached, but it will affect suspend and resume.The actually attached "stmmac-0:00" will not dpm_run_callback(): mdio_bus_phy_suspend(). init log: [ 5.932502] YT8521 Gigabit Ethernet stmmac-0:00: attached PHY driver (mii_bus:phy_addr=stmmac-0:00, irq=POLL) [ 5.932512] YT8521 Gigabit Ethernet stmmac-0:01: attached PHY driver (mii_bus:phy_addr=stmmac-0:01, irq=POLL) [ 24.566289] YT8521 Gigabit Ethernet stmmac-0:00: yt8521_read_status, link down, media: UTP suspend log: [ 322.631362] OOM killer disabled. [ 322.631364] Freezing remaining freezable tasks [ 322.632536] Freezing remaining freezable tasks completed (elapsed 0.001 seconds) [ 322.632540] printk: Suspending console(s) (use no_console_suspend to debug) [ 322.633052] YT8521 Gigabit Ethernet stmmac-0:01: PM: dpm_run_callback(): mdio_bus_phy_suspend+0x0/0x110 [libphy] returns -16 [ 322.633071] YT8521 Gigabit Ethernet stmmac-0:01: PM: failed to suspend: error -16 [ 322.669699] PM: Some devices failed to suspend, or early wake event detected [ 322.669949] OOM killer enabled. [ 322.669951] Restarting tasks ... done. [ 322.671008] random: crng reseeded on system resumption [ 322.671014] PM: suspend exit Add a function that phylib can inquire of the driver whether WoL has been enabled at the PHY. Signed-off-by: Russell King (Oracle) Signed-off-by: Youwan Wang Reviewed-by: Wojciech Drewek Link: https://patch.msgid.link/20240731091537.771391-1-youwan@nfschina.com Signed-off-by: Jakub Kicinski commit ec562c9a9ec27c4e31bdcaa84c67fa49f59454a6 Author: Nuno Sá Date: Wed Jul 10 10:40:36 2024 +0200 clk: use clk_core_unlink_consumer() helper There is an helper to remove a consumer from the clk provider list. Hence, let's use it when releasing a consumer. Signed-off-by: Nuno Sá Link: https://lore.kernel.org/r/20240710-dev-clk-misc-v1-2-cd9d960099a2@analog.com Signed-off-by: Stephen Boyd commit 9cc033e07d025dee1fac178c20ba96c56f8d9a91 Author: Julia Filipchuk Date: Fri Aug 2 15:21:28 2024 -0700 drm/xe/guc: Define GuC version v70.29.2 for BMG UAPI version 1.13.4 Signed-off-by: Julia Filipchuk Reviewed-by: Daniele Ceraolo Spurio Signed-off-by: Daniele Ceraolo Spurio Link: https://patchwork.freedesktop.org/patch/msgid/20240802222129.3976212-4-John.C.Harrison@Intel.com commit 4eb0aab6e4434ada240286d934651dfdb2e08301 Author: Julia Filipchuk Date: Fri Aug 2 15:21:27 2024 -0700 drm/xe/guc: Bump minimum required GuC version to v70.29.2 The VF API version for this release is 1.13.4. Bumping the minimum required GuC version just before force-probe removal allows us to set a baseline for what API features are expected to be available. I.e., at this point there is no need for any version checking in the code before using a feature. Of course, if/when the API is extended in future GuC releases, those new features will need API version checks in the code. Bump the recommended GuC versions to match. Also add numerical comparison helpers to simplify the version number checks. v2: Reword commit message and make comparison helpers GuC specific - review feedback from Daniele, done by JohnH Signed-off-by: Julia Filipchuk Signed-off-by: John Harrison Reviewed-by: Daniele Ceraolo Spurio Signed-off-by: Daniele Ceraolo Spurio Link: https://patchwork.freedesktop.org/patch/msgid/20240802222129.3976212-3-John.C.Harrison@Intel.com commit ecabb5e6ce54711c28706fc794d77adb3ecd0605 Author: Shekhar Chauhan Date: Mon Aug 5 11:07:10 2024 +0530 drm/xe/xe2: Add performance turning changes Update performance tuning according to the hardware spec. Bspec: 72161 Signed-off-by: Shekhar Chauhan Reviewed-by: Sai Teja Pottumuttu Reviewed-by: Akshata Jahagirdar Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240805053710.877119-1-shekhar.chauhan@intel.com commit b2a0176620db7aa0aa77109d7a8b894755441079 Author: Rob Herring (Arm) Date: Wed Jul 31 14:13:58 2024 -0600 soc: ti: knav: Use of_property_read_variable_u32_array() There's no need to get the length of an DT array property before parsing the array. of_property_read_variable_u32_array() takes a minimum and maximum length and returns the actual length (or error code). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731201407.1838385-3-robh@kernel.org Signed-off-by: Nishanth Menon commit 8737e167dc55cc00c5818b408f47ba03b6ddb25b Author: Rob Herring (Arm) Date: Wed Jul 31 14:13:57 2024 -0600 soc: ti: knav: Drop unnecessary check for property presence of_property_read_u32() returns -EINVAL if a property is not present, so the preceding check for presence with of_get_property() can be dropped. This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731201407.1838385-2-robh@kernel.org Signed-off-by: Nishanth Menon commit e3cce1229c34b5c28f103361c4d6b3ef17302d5d Author: Bhavya Kapoor Date: Mon Jul 29 12:04:11 2024 +0530 arm64: dts: ti: k3-j7200-som-p0: Update mux-controller node name There are 2 mux-controller nodes in J7200 which are responsible for transferring can signals to the can phy but same node names for both the mux-controllers led to errors while setting up both mux-controllers for can phys simultaneously. Thus, update node names for these mux-controller. Fixes: da23e8d1124b ("arm64: dts: ti: k3-j7200-som-p0: Add support for CAN instance 0 in main domain") Signed-off-by: Bhavya Kapoor Reviewed-by: Judith Mendez Link: https://lore.kernel.org/r/20240729063411.1570930-3-b-kapoor@ti.com Signed-off-by: Nishanth Menon commit c36f60772e2aeca253924572a9f348ba27192bd0 Author: Bhavya Kapoor Date: Mon Jul 29 12:04:10 2024 +0530 arm64: dts: ti: k3-j721s2-som-p0: Update mux-controller node name There are 2 mux-controller nodes in J721S2 which are responsible for transferring can signals to the can phy but same node names for both the mux-controllers led to errors while setting up both mux-controllers for can phys simultaneously. Thus, update node names for these mux-controller. Fixes: 98f3b667e1de ("arm64: dts: ti: k3-j721s2: Add support for CAN instances 3 and 5 in main domain") Signed-off-by: Bhavya Kapoor Link: https://lore.kernel.org/r/20240729063411.1570930-2-b-kapoor@ti.com Signed-off-by: Nishanth Menon commit d9483b44c94eba6fa7451caf27cc7e993c8cc568 Author: Christophe JAILLET Date: Tue Jul 9 19:41:29 2024 +0200 soc: ti: k3-ringacc: Constify struct k3_ring_ops 'struct k3_ring_ops' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 17090 3304 32 20426 4fca drivers/soc/ti/k3-ringacc.o After: ===== text data bss dec hex filename 17266 3144 32 20442 4fda drivers/soc/ti/k3-ringacc.o Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/cb9dfc18cdf890afa2c53cd74b0b330d6f1c30ab.1720546863.git.christophe.jaillet@wanadoo.fr Signed-off-by: Nishanth Menon commit 073107b39e553a5ef911f019d4e433fd5a8601b7 Author: Sangmoon Kim Date: Tue Aug 6 14:12:09 2024 +0900 workqueue: add cmdline parameter workqueue.panic_on_stall When we want to debug the workqueue stall, we can immediately make a panic to get the information we want. In some systems, it may be necessary to quickly reboot the system to escape from a workqueue lockup situation. In this case, we can control the number of stall detections to generate panic. workqueue.panic_on_stall sets the number times of the stall to trigger panic. 0 disables the panic on stall. Signed-off-by: Sangmoon Kim Signed-off-by: Tejun Heo commit 2c082b62aeb5e818d9e9588253fc7b73fc5ab81b Author: Masahiro Yamada Date: Sat Jul 27 23:37:37 2024 +0900 selftests: harness: rename __constructor_order for clarification Now, __constructor_order is boolean; 1 for forward-order systems, 0 for backward-order systems while parsing __LIST_APPEND(). Change it into a bool variable, and rename it for clarification. Signed-off-by: Masahiro Yamada Signed-off-by: Shuah Khan commit 2a6b6c9a226279b4f6668450ddb21ae655558087 Author: Masahiro Yamada Date: Sat Jul 27 23:37:36 2024 +0900 selftests: harness: remove unneeded __constructor_order_last() __constructor_order_last() is unneeded. If __constructor_order_last() is not called on backward-order systems, __constructor_order will remain 0 instead of being set to _CONSTRUCTOR_ORDER_BACKWARD (= -1). __LIST_APPEND() will still take the 'else' branch, so there is no difference in the behavior. Signed-off-by: Masahiro Yamada Signed-off-by: Shuah Khan commit 2c390dda9e03d7936c492224453342d458e9bf98 Author: Tejun Heo Date: Tue Aug 6 09:40:11 2024 -1000 sched_ext: Make task_can_run_on_remote_rq() use common task_allowed_on_cpu() task_can_run_on_remote_rq() is similar to is_cpu_allowed() but there are subtle differences. It currently open codes all the tests. This is cumbersome to understand and error-prone in case the intersecting tests need to be updated. Factor out the common part - testing whether the task is allowed on the CPU at all regardless of the CPU state - into task_allowed_on_cpu() and make both is_cpu_allowed() and SCX's task_can_run_on_remote_rq() use it. As the code is now linked between the two and each contains only the extra tests that differ between them, it's less error-prone when the conditions need to be updated. Also, improve the comment to explain why they are different. v2: Replace accidental "extern inline" with "static inline" (Peter). Signed-off-by: Tejun Heo Suggested-by: Peter Zijlstra Acked-by: David Vernet commit 9390a923e109f85b242bf676dc5bc81958d447fa Author: Tejun Heo Date: Tue Aug 6 09:40:11 2024 -1000 sched_ext: Improve comment on idle_sched_class exception in scx_task_iter_next_locked() scx_task_iter_next_locked() skips tasks whose sched_class is idle_sched_class. While it has a short comment explaining why it's testing the sched_class directly isntead of using is_idle_task(), the comment doesn't sufficiently explain what's going on and why. Improve the comment. Signed-off-by: Tejun Heo Cc: Peter Zijlstra Acked-by: David Vernet commit a735d43c7f85d112a6aefd72973188d0626e4464 Author: Tejun Heo Date: Tue Aug 6 09:40:11 2024 -1000 sched_ext: Simplify UP support by enabling sched_class->balance() in UP On SMP, SCX performs dispatch from sched_class->balance(). As balance() was not available in UP, it instead called the internal balance function from put_prev_task_scx() and pick_next_task_scx() to emulate the effect, which is rather nasty. Enabling sched_class->balance() on UP shouldn't cause any meaningful overhead. Enable balance() on UP and drop the ugly workaround. Signed-off-by: Tejun Heo Suggested-by: Peter Zijlstra Acked-by: David Vernet commit 7799140b6a1697bf1d6ff80395079633f548f6e7 Author: Tejun Heo Date: Tue Aug 6 09:40:11 2024 -1000 sched_ext: Use update_curr_common() in update_curr_scx() update_curr_scx() is open coding runtime updates. Use update_curr_common() instead and avoid unnecessary deviations. Signed-off-by: Tejun Heo Suggested-by: Peter Zijlstra Acked-by: David Vernet commit cd0144926836b8405966ca9d00f6425ef822fa4b Author: Tejun Heo Date: Tue Aug 6 09:40:10 2024 -1000 sched_ext: Add scx_enabled() test to @start_class promotion in put_prev_task_balance() SCX needs its balance() invoked even when waking up from a lower priority sched class (idle) and put_prev_task_balance() thus has the logic to promote @start_class if it's lower than ext_sched_class. This is only needed when SCX is enabled. Add scx_enabled() test to avoid unnecessary overhead when SCX is disabled. Signed-off-by: Tejun Heo Suggested-by: Peter Zijlstra Acked-by: David Vernet commit 11cc374f4643b1be16deab571e034409c6ee7e66 Author: Tejun Heo Date: Tue Aug 6 09:40:10 2024 -1000 sched_ext: Simplify scx_can_stop_tick() invocation in sched_can_stop_tick() The way sched_can_stop_tick() used scx_can_stop_tick() was rather confusing and the behavior wasn't ideal when SCX is enabled in partial mode. Simplify it so that: - scx_can_stop_tick() can say no if scx_enabled(). - CFS tests rq->cfs.nr_running > 1 instead of rq->nr_running. This is easier to follow and leads to the correct answer whether SCX is disabled, enabled in partial mode or all tasks are switched to SCX. Peter, note that this is a bit different from your suggestion where sched_can_stop_tick() unconditionally returns scx_can_stop_tick() iff scx_switched_all(). The problem is that in partial mode, tick can be stopped when there is only one SCX task even if the BPF scheduler didn't ask and isn't ready for it. Signed-off-by: Tejun Heo Suggested-by: Peter Zijlstra Acked-by: David Vernet commit 4e354cce395f64001e054a41769ddaaef2efe3b4 Author: Frank Li Date: Tue Aug 6 12:21:21 2024 -0400 dt-bindings: soc: fsl: add missed compatible string fsl,ls*-isc Add compatible string, fsl,ls1088a-isc, fsl,ls2080a-isc, fsl,lx2160a-isc. Fix the below warning: arch/arm64/boot/dts/freescale/fsl-ls2080a-qds.dtb: /soc/syscon@1f70000: failed to match any schema with compatible: ['fsl,ls2080a-isc', 'syscon'] Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20240806162121.2996442-1-Frank.Li@nxp.com Signed-off-by: Rob Herring (Arm) commit ad21e3840a88bc781572a82cb54473b54726d185 Author: Frank Li Date: Fri Aug 2 11:22:19 2024 -0400 dt-bindings: soc: fsl: Convert rcpm to yaml format Convert dt-binding rcpm from txt to yaml format. Add fsl,ls1028a-rcpm compatible string. Additional changes: - Add missed compatible string fsl,-rcpm. - Remove map fsl,-rcpm to fsl,qoriq-rcpm-. Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20240802152219.2740137-1-Frank.Li@nxp.com Signed-off-by: Rob Herring (Arm) commit 1c668ea65506e67ce2eae07b69bb09fcdd86e309 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:48 2024 -0600 of: unittest: Use of_property_present() Use of_property_present() to test for property presence rather than of_find_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Link: https://lore.kernel.org/r/20240731191312.1710417-10-robh@kernel.org Signed-off-by: Rob Herring (Arm) commit 45160cebd6ac84fe8cc2b7f6fec2550398e144cd Author: Breno Leitao Date: Mon Aug 5 02:40:11 2024 -0700 net: veth: Disable netpoll support The current implementation of netpoll in veth devices leads to suboptimal behavior, as it triggers warnings due to the invocation of __netif_rx() within a softirq context. This is not compliant with expected practices, as __netif_rx() has the following statement: lockdep_assert_once(hardirq_count() | softirq_count()); Given that veth devices typically do not benefit from the functionalities provided by netpoll, Disable netpoll for veth interfaces. Signed-off-by: Breno Leitao Link: https://patch.msgid.link/20240805094012.1843247-1-leitao@debian.org Signed-off-by: Jakub Kicinski commit edfa53dd617f682cb43a1488bf08aca9a3e4236c Author: Yue Haibing Date: Sat Aug 3 19:22:13 2024 +0800 ethtool: cmis_cdb: Remove unused declaration ethtool_cmis_page_fini() ethtool_cmis_page_fini() is declared but never implemented. Signed-off-by: Yue Haibing Reviewed-by: Danielle Ratson Link: https://patch.msgid.link/20240803112213.4044015-1-yuehaibing@huawei.com Signed-off-by: Jakub Kicinski commit 87d5403378cccc557af9e02a8a2c8587ad8b7e9a Author: weiyufeng Date: Tue Aug 6 14:50:50 2024 +0800 PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads Use PCI_POSSIBLE_ERROR() to check the response we get when we read data from hardware. This unifies PCI error response checking and makes error checks consistent and easier to find. Link: https://lore.kernel.org/r/20240806065050.28725-1-412574090@163.com Signed-off-by: weiyufeng Signed-off-by: Bjorn Helgaas commit 871cdea0f82ebcfa1d86ef527b054a20a6dff8a2 Author: Christophe JAILLET Date: Sun Aug 4 08:20:17 2024 +0200 tcp: Use clamp() in htcp_alpha_update() Using clamp instead of min(max()) is easier to read and it matches even better the comment just above it. It also reduces the size of the preprocessed files by ~ 2.5 ko. (see [1] for a discussion about it) $ ls -l net/ipv4/tcp_htcp*.i 5576024 27 juil. 10:19 net/ipv4/tcp_htcp.old.i 5573550 27 juil. 10:21 net/ipv4/tcp_htcp.new.i [1]: https://lore.kernel.org/all/23bdb6fc8d884ceebeb6e8b8653b8cfe@AcuMS.aculab.com/ Signed-off-by: Christophe JAILLET Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/561bb4974499a328ac39aff31858465d9bd12b1c.1722752370.git.christophe.jaillet@wanadoo.fr Signed-off-by: Jakub Kicinski commit 63a796b4988c3dca83176a534890b510d44f105a Author: Lorenzo Bianconi Date: Sat Aug 3 17:50:50 2024 +0200 net: airoha: honor reset return value in airoha_hw_init() Take into account return value from reset_control_bulk_assert and reset_control_bulk_deassert routines in airoha_hw_init(). Signed-off-by: Lorenzo Bianconi Reviewed-by: Simon Horman Link: https://patch.msgid.link/f49dc04a87653e0155f4fab3e3eb584785c8ad6a.1722699555.git.lorenzo@kernel.org Signed-off-by: Jakub Kicinski commit c4e2ced14af0a95463eb2e84b474601eaf600a74 Author: Rahul Rameshbabu Date: Mon Aug 5 08:22:02 2024 +0300 MAINTAINERS: Update Mellanox website links Point to the nvidia.com domain. Signed-off-by: Rahul Rameshbabu Signed-off-by: Tariq Toukan Link: https://patch.msgid.link/20240805052202.2005316-1-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit abd9b9d94bc604e09ca73ad232c473006f1793d9 Author: Marek Vasut Date: Tue Jul 23 15:27:15 2024 +0200 PCI: xilinx: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-16-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam Acked-by: Thomas Gleixner commit 9200f2099f801c580c447d89ebb6b671474c0d52 Author: Marek Vasut Date: Tue Jul 23 15:27:14 2024 +0200 PCI: xilinx-xdma: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-15-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam Acked-by: Thomas Gleixner commit d5bba5b9ed233ed9d42e0b43e2b4cddcd91b5d7b Author: Marek Vasut Date: Tue Jul 23 15:27:13 2024 +0200 PCI: xilinx-nwl: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-14-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam Acked-by: Thomas Gleixner commit 647e9651a0110fb0ff163ef6bf1318b30f90a08c Author: Marek Vasut Date: Tue Jul 23 15:27:12 2024 +0200 PCI: vmd: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-13-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam Reviewed-by: Nirmal Patel Acked-by: Thomas Gleixner commit 39dea484e2bb9066abbc01e2c5e03b6917b0b775 Author: Markus Elfring Date: Mon Jul 15 10:42:17 2024 +0200 locking/lockdep: Simplify character output in seq_line() Single characters should be put into a sequence. Thus use the corresponding function “seq_putc” for one selected call. This issue was transformed by using the Coccinelle software. Suggested-by: Christophe Jaillet Signed-off-by: Markus Elfring Signed-off-by: Boqun Feng Link: https://lore.kernel.org/r/e346d688-7b01-462f-867c-ba52b7790d19@web.de commit a6f88ac32c6e63e69c595bfae220d8641704c9b7 Author: Zhiguo Niu Date: Thu Jun 20 22:54:34 2024 +0000 lockdep: fix deadlock issue between lockdep and rcu There is a deadlock scenario between lockdep and rcu when rcu nocb feature is enabled, just as following call stack: rcuop/x -000|queued_spin_lock_slowpath(lock = 0xFFFFFF817F2A8A80, val = ?) -001|queued_spin_lock(inline) // try to hold nocb_gp_lock -001|do_raw_spin_lock(lock = 0xFFFFFF817F2A8A80) -002|__raw_spin_lock_irqsave(inline) -002|_raw_spin_lock_irqsave(lock = 0xFFFFFF817F2A8A80) -003|wake_nocb_gp_defer(inline) -003|__call_rcu_nocb_wake(rdp = 0xFFFFFF817F30B680) -004|__call_rcu_common(inline) -004|call_rcu(head = 0xFFFFFFC082EECC28, func = ?) -005|call_rcu_zapped(inline) -005|free_zapped_rcu(ch = ?)// hold graph lock -006|rcu_do_batch(rdp = 0xFFFFFF817F245680) -007|nocb_cb_wait(inline) -007|rcu_nocb_cb_kthread(arg = 0xFFFFFF817F245680) -008|kthread(_create = 0xFFFFFF80803122C0) -009|ret_from_fork(asm) rcuop/y -000|queued_spin_lock_slowpath(lock = 0xFFFFFFC08291BBC8, val = 0) -001|queued_spin_lock() -001|lockdep_lock() -001|graph_lock() // try to hold graph lock -002|lookup_chain_cache_add() -002|validate_chain() -003|lock_acquire -004|_raw_spin_lock_irqsave(lock = 0xFFFFFF817F211D80) -005|lock_timer_base(inline) -006|mod_timer(inline) -006|wake_nocb_gp_defer(inline)// hold nocb_gp_lock -006|__call_rcu_nocb_wake(rdp = 0xFFFFFF817F2A8680) -007|__call_rcu_common(inline) -007|call_rcu(head = 0xFFFFFFC0822E0B58, func = ?) -008|call_rcu_hurry(inline) -008|rcu_sync_call(inline) -008|rcu_sync_func(rhp = 0xFFFFFFC0822E0B58) -009|rcu_do_batch(rdp = 0xFFFFFF817F266680) -010|nocb_cb_wait(inline) -010|rcu_nocb_cb_kthread(arg = 0xFFFFFF817F266680) -011|kthread(_create = 0xFFFFFF8080363740) -012|ret_from_fork(asm) rcuop/x and rcuop/y are rcu nocb threads with the same nocb gp thread. This patch release the graph lock before lockdep call_rcu. Fixes: a0b0fd53e1e6 ("locking/lockdep: Free lock classes that are no longer in use") Cc: stable@vger.kernel.org Cc: Boqun Feng Cc: Waiman Long Cc: Carlos Llamas Cc: Bart Van Assche Signed-off-by: Zhiguo Niu Signed-off-by: Xuewen Yan Reviewed-by: Waiman Long Reviewed-by: Carlos Llamas Reviewed-by: Bart Van Assche Signed-off-by: Carlos Llamas Acked-by: Paul E. McKenney Signed-off-by: Boqun Feng Link: https://lore.kernel.org/r/20240620225436.3127927-1-cmllamas@google.com commit 13c267f0c27e35ee9372d3cf0dde1ea09db02f13 Author: Thorsten Blum Date: Tue May 28 14:00:09 2024 +0200 lockdep: Use str_plural() to fix Coccinelle warning Fixes the following Coccinelle/coccicheck warning reported by string_choices.cocci: opportunity for str_plural(depth) Acked-by: Waiman Long Signed-off-by: Thorsten Blum Signed-off-by: Boqun Feng Link: https://lore.kernel.org/r/20240528120008.403511-2-thorsten.blum@toblux.com commit 37ce8a562a9f54d5eb4d35727e93dfb90925e349 Merge: 4bd380390fcce5 eb5e56d1491297 Author: Arnaldo Carvalho de Melo Date: Tue Aug 6 14:01:06 2024 -0300 Merge remote-tracking branch 'torvalds/master' into perf-tools-next To pick a patch that albeit being for tools/perf/ directory went thru a different tree and ended up breaking some recent tests introduced in the perf-tools-next tree to validate duplicate events in the JSON performance event files. Link: https://lore.kernel.org/lkml/ZrIqDMg7cBVhstYU@x1 Signed-off-by: Arnaldo Carvalho de Melo commit 901e85677ec0bb9a69fb9eab1feafe0c4eb7d07e Author: Takashi Iwai Date: Tue Aug 6 14:46:50 2024 +0200 ALSA: usb-audio: Add input value sanity checks for standard types For an invalid input value that is out of the given range, currently USB-audio driver corrects the value silently and accepts without errors. This is no wrong behavior, per se, but the recent kselftest rather wants to have an error in such a case, hence a different behavior is expected now. This patch adds a sanity check at each control put for the standard mixer types and returns an error if an invalid value is given. Note that this covers only the standard mixer types. The mixer quirks that have own control callbacks would need different coverage. Link: https://patch.msgid.link/20240806124651.28203-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 6e083ab095cabc5fdb5c980420fe43af7753b2dd Merge: 3d650ab5e7d9c4 2b399b9b1f995d Author: Alexei Starovoitov Date: Tue Aug 6 08:38:17 2024 -0700 Merge branch 'bpf-introduce-new-vfs-based-bpf-kfuncs' Matt Bobrowski says: ==================== bpf: introduce new VFS based BPF kfuncs G'day! A respin based off v3, which can be found here [0]. Original motivations for introducing this suite of BPF kfuncs can be found here [1]. The primary difference in this version of the patch series is that the suite of VFS related BPF kfuncs added can be used from both sleepable and non-sleepable BPF LSM program types. IOW, the KF_SLEEPABLE annotation has been removed from all of them. Changes sinve v3: * KF_SLEEPABLE annotation has been dropped from all newly introduced VFS related BPF kfuncs. This includes bpf_get_task_exe_file(), bpf_put_file(), and bpf_path_d_path(). Both negative and positive selftests backing these new BPF kfuncs have also been updated accordingly. * buf__sz conditional in bpf_path_d_path() has been updated from buf__sz <= 0, to !buf__sz. * Syntax issues as reported so here [2] have been corrected. [0] https://lore.kernel.org/bpf/20240726085604.2369469-1-mattbobrowski@google.com/ [1] https://lore.kernel.org/bpf/cover.1708377880.git.mattbobrowski@google.com/#t [2] https://netdev.bots.linux.dev/static/nipa/874023/13742510/checkpatch/stdout ==================== Link: https://lore.kernel.org/r/20240731110833.1834742-1-mattbobrowski@google.com Signed-off-by: Alexei Starovoitov commit 2b399b9b1f995d71f53e94a41e5717db46c39459 Author: Matt Bobrowski Date: Wed Jul 31 11:08:33 2024 +0000 selftests/bpf: add positive tests for new VFS based BPF kfuncs Add a bunch of positive selftests which extensively cover the various contexts and parameters in which the new VFS based BPF kfuncs may be used from. Again, the following VFS based BPF kfuncs are thoroughly tested within this new selftest: * struct file *bpf_get_task_exe_file(struct task_struct *); * void bpf_put_file(struct file *); * int bpf_path_d_path(struct path *, char *, size_t); Acked-by: Christian Brauner Acked-by: Song Liu Signed-off-by: Matt Bobrowski Link: https://lore.kernel.org/r/20240731110833.1834742-4-mattbobrowski@google.com Signed-off-by: Alexei Starovoitov commit ff358ada070fa1b64a6368147b2b56cc6a921847 Author: Matt Bobrowski Date: Wed Jul 31 11:08:32 2024 +0000 selftests/bpf: add negative tests for new VFS based BPF kfuncs Add a bunch of negative selftests responsible for asserting that the BPF verifier successfully rejects a BPF program load when the underlying BPF program misuses one of the newly introduced VFS based BPF kfuncs. The following VFS based BPF kfuncs are extensively tested within this new selftest: * struct file *bpf_get_task_exe_file(struct task_struct *); * void bpf_put_file(struct file *); * int bpf_path_d_path(struct path *, char *, size_t); Acked-by: Christian Brauner Acked-by: Song Liu Signed-off-by: Matt Bobrowski Link: https://lore.kernel.org/r/20240731110833.1834742-3-mattbobrowski@google.com Signed-off-by: Alexei Starovoitov commit d08e2045ebf0f5f2a97ad22cc7dae398b35354ba Author: Matt Bobrowski Date: Wed Jul 31 11:08:31 2024 +0000 bpf: introduce new VFS based BPF kfuncs Add a new variant of bpf_d_path() named bpf_path_d_path() which takes the form of a BPF kfunc and enforces KF_TRUSTED_ARGS semantics onto its arguments. This new d_path() based BPF kfunc variant is intended to address the legacy bpf_d_path() BPF helper's susceptability to memory corruption issues [0, 1, 2] by ensuring to only operate on supplied arguments which are deemed trusted by the BPF verifier. Typically, this means that only pointers to a struct path which have been referenced counted may be supplied. In addition to the new bpf_path_d_path() BPF kfunc, we also add a KF_ACQUIRE based BPF kfunc bpf_get_task_exe_file() and KF_RELEASE counterpart BPF kfunc bpf_put_file(). This is so that the new bpf_path_d_path() BPF kfunc can be used more flexibily from within the context of a BPF LSM program. It's rather common to ascertain the backing executable file for the calling process by performing the following walk current->mm->exe_file while instrumenting a given operation from the context of the BPF LSM program. However, walking current->mm->exe_file directly is never deemed to be OK, and doing so from both inside and outside of BPF LSM program context should be considered as a bug. Using bpf_get_task_exe_file() and in turn bpf_put_file() will allow BPF LSM programs to reliably get and put references to current->mm->exe_file. As of now, all the newly introduced BPF kfuncs within this patch are limited to BPF LSM program types. These can be either sleepable or non-sleepable variants of BPF LSM program types. [0] https://lore.kernel.org/bpf/CAG48ez0ppjcT=QxU-jtCUfb5xQb3mLr=5FcwddF_VKfEBPs_Dg@mail.gmail.com/ [1] https://lore.kernel.org/bpf/20230606181714.532998-1-jolsa@kernel.org/ [2] https://lore.kernel.org/bpf/20220219113744.1852259-1-memxor@gmail.com/ Acked-by: Christian Brauner Signed-off-by: Matt Bobrowski Acked-by: Song Liu Link: https://lore.kernel.org/r/20240731110833.1834742-2-mattbobrowski@google.com Signed-off-by: Alexei Starovoitov commit 46142cc1b9272d664e0258e105b537735bfeeccc Author: Arunpravin Paneer Selvam Date: Mon Aug 5 19:17:04 2024 +0530 drm/amdgpu: Add DCC GFX12 flag to enable address alignment We require this flag AMDGPU_GEM_CREATE_GFX12_DCC or any other kernel level GFX12 DCC flag to differentiate the DCC buffers and other pinned display buffers(which has TTM_PL_FLAG_CONTIGUOUS enabled). If we use the TTM_PL_FLAG_CONTIGUOUS flag for DCC buffers, we may over allocate for all the pinned display buffers unnecessarily that leads to memory allocation failure. Signed-off-by: Arunpravin Paneer Selvam Acked-by: Alex Deucher Signed-off-by: Alex Deucher commit 92549780e32718d64a6d08bbbb3c6fffecb541c7 Author: Tim Huang Date: Thu Aug 1 13:47:55 2024 +0800 drm/amdgpu: fix unchecked return value warning for amdgpu_atombios This resolves the unchecded return value warning reported by Coverity. Signed-off-by: Tim Huang Reviewed-by: Jesse Zhang Signed-off-by: Alex Deucher commit c0277b9d7c2ee9ee5dbc948548984f0fbb861301 Author: Tim Huang Date: Thu Aug 1 10:38:37 2024 +0800 drm/amdgpu: fix unchecked return value warning for amdgpu_gfx This resolves the unchecded return value warning reported by Coverity. Signed-off-by: Tim Huang Reviewed-by: Jesse Zhang Signed-off-by: Alex Deucher commit 57b09a168ffe88a4c088e8f7ca5de2ffbb8fefa3 Author: Tim Huang Date: Thu Aug 1 11:12:24 2024 +0800 drm/amd/pm: fix unchecked return value warning for vega10_hwmgr This resolves the unchecked return value warning reported by Coverity. Signed-off-by: Tim Huang Reviewed-by: Jesse Zhang Signed-off-by: Alex Deucher commit 86598c3819fdc70e59d28221bfa7bc36e9f5777e Author: Frank Min Date: Thu Aug 1 12:20:18 2024 +0800 drm/amdgpu: correct sdma7 max dw correct sdma7 max dw into 8 Signed-off-by: Frank Min Acked-by: Christian König Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit aa94b623cb9233b91ed342dd87ecd62e56ff4938 Author: Arunpravin Paneer Selvam Date: Sat Aug 3 21:30:18 2024 +0530 drm/amdgpu: Add address alignment support to DCC buffers Add address alignment support to the DCC VRAM buffers. v2: - adjust size based on the max_texture_channel_caches values only for GFX12 DCC buffers. - used AMDGPU_GEM_CREATE_GFX12_DCC flag to apply change only for DCC buffers. - roundup non power of two DCC buffer adjusted size to nearest power of two number as the buddy allocator does not support non power of two alignments. This applies only to the contiguous DCC buffers. v3:(Alex) - rewrite the max texture channel caches comparison code in an algorithmic way to determine the alignment size. v4:(Alex) - Move the logic from amdgpu_vram_mgr_dcc_alignment() to gmc_v12_0.c and add a new gmc func callback for dcc alignment. If the callback is non-NULL, call it to get the alignment, otherwise, use the default. v5:(Alex) - Set the Alignment to a default value if the callback doesn't exist. - Add the callback to amdgpu_gmc_funcs. v6: - Fix checkpatch warning reported by Intel CI. v7:(Christian) - remove the AMDGPU_GEM_CREATE_GFX12_DCC flag and keep a flag that checks the BO pinning and for a specific hw generation. v8:(Christian) - move this check into gmc_v12_0_get_dcc_alignment. v9: - Fix 32bit build errors Signed-off-by: Arunpravin Paneer Selvam Acked-by: Alex Deucher Acked-by: Christian König Reviewed-by: Frank Min Signed-off-by: Alex Deucher commit 130376ab8300ef06231ebac4db147f06d601d53c Author: Aric Cyr Date: Sun Jul 28 14:55:56 2024 -0400 drm/amd/display: 3.2.295 This version brings along following fixes: - Clean up some files style problems - Program the DET segment when initializing pipes in dcn10_hwseq - Fix overlay with pre-blend color processing - Disable SubVP if Hardware Rotation is Used - Fix few things in DML - Re-enable panel replay feature - Fix null pointer dereference under mst+dsc setup Acked-by: Tom Chung Signed-off-by: Aric Cyr Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit a0fcd3df4591043d447bb08919eed2ce68fbdb5b Author: Dillon Varone Date: Thu Jul 25 14:18:10 2024 -0400 drm/amd/display: Add DML2.1 option to disable DRR clamped P-State Strategies [WHY & HOW] When DRR is active with variable refresh rate, add the ability to block DRR clamped P-State strategies (such as SubVP). Reviewed-by: Alvin Lee Signed-off-by: Dillon Varone Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit e80f8f491df873ea2e07c941c747831234814612 Author: Gabe Teeger Date: Thu Jul 25 18:42:21 2024 -0400 drm/amd/display: Revert Avoid overflow assignment This reverts commit a15268787b79 ("drm/amd/display: Avoid overflow assignment in link_dp_cts") Due to regression causing DPMS hang. Reviewed-by: Alex Hung Signed-off-by: Gabe Teeger Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 00f06855f6e68954f67616cd5560fca25c755eba Author: Hansen Dsouza Date: Fri Jul 26 00:24:55 2024 -0400 drm/amd/display: Add clock control callbacks [why & how] Add clock source selection control functions based on spec Reviewed-by: Muhammad Ahmed Signed-off-by: Hansen Dsouza Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 329ee7087bc9862977fb6e431b8b0ea5e7e261b0 Author: Chris Park Date: Thu Jul 25 16:09:35 2024 -0400 drm/amd/display: Address coverity change [Why] Coverity picks up a defect with regards to array underflow. [How] Address coverity issue as recommended. Reviewed-by: Leo Ma Signed-off-by: Chris Park Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 8151a6c13111b465dbabe07c19f572f7cbd16fef Author: Fangzhi Zuo Date: Fri Jul 12 16:30:03 2024 -0400 drm/amd/display: Skip Recompute DSC Params if no Stream on Link [why] Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 4 PID: 917 Comm: sway Not tainted 6.3.9-arch1-1 #1 124dc55df4f5272ccb409f39ef4872fc2b3376a2 Hardware name: LENOVO 20NKS01Y00/20NKS01Y00, BIOS R12ET61W(1.31 ) 07/28/2022 RIP: 0010:drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper] Code: 01 00 00 48 8b 85 60 05 00 00 48 63 80 88 00 00 00 3b 43 28 0f 8d 2e 01 00 00 48 8b 53 30 48 8d 04 80 48 8d 04 c2 48 8b 40 18 <48> 8> RSP: 0018:ffff960cc2df77d8 EFLAGS: 00010293 RAX: 0000000000000000 RBX: ffff8afb87e81280 RCX: 0000000000000224 RDX: ffff8afb9ee37c00 RSI: ffff8afb8da1a578 RDI: ffff8afb87e81280 RBP: ffff8afb83d67000 R08: 0000000000000001 R09: ffff8afb9652f850 R10: ffff960cc2df7908 R11: 0000000000000002 R12: 0000000000000000 R13: ffff8afb8d7688a0 R14: ffff8afb8da1a578 R15: 0000000000000224 FS: 00007f4dac35ce00(0000) GS:ffff8afe30b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000008 CR3: 000000010ddc6000 CR4: 00000000003506e0 Call Trace: ? __die+0x23/0x70 ? page_fault_oops+0x171/0x4e0 ? plist_add+0xbe/0x100 ? exc_page_fault+0x7c/0x180 ? asm_exc_page_fault+0x26/0x30 ? drm_dp_atomic_find_time_slots+0x5e/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026] ? drm_dp_atomic_find_time_slots+0x28/0x260 [drm_display_helper 0e67723696438d8e02b741593dd50d80b44c2026] compute_mst_dsc_configs_for_link+0x2ff/0xa40 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054] ? fill_plane_buffer_attributes+0x419/0x510 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054] compute_mst_dsc_configs_for_state+0x1e1/0x250 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054] amdgpu_dm_atomic_check+0xecd/0x1190 [amdgpu 62e600d2a75e9158e1cd0a243bdc8e6da040c054] drm_atomic_check_only+0x5c5/0xa40 drm_mode_atomic_ioctl+0x76e/0xbc0 [how] dsc recompute should be skipped if no mode change detected on the new request. If detected, keep checking whether the stream is already on current state or not. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Rodrigo Siqueira Signed-off-by: Fangzhi Zuo Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 41cb5a5e8480fa41ee452ee60e620a4c1de3c323 Author: Fudong Wang Date: Thu Jul 25 16:48:25 2024 +0800 drm/amd/display: skip crtc power down when ips switch [Why & How] Add a dc debug option to keep crtc on when ips switch. Reviewed-by: Nicholas Kazlauskas Signed-off-by: Fudong Wang Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 78c508a1c162c90c48e12faa62bdab8b90e6f17c Author: Hansen Dsouza Date: Thu Jul 25 11:45:36 2024 -0400 drm/amd/display: Add clock control callbacks [why & how] Add clock source selection an control functions based on spec Reviewed-by: Muhammad Ahmed Signed-off-by: Hansen Dsouza Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit be64336307a6c3ee71fe1337c1b9f0495aa83c50 Author: Tom Chung Date: Wed Jun 26 17:02:23 2024 +0800 drm/amd/display: Re-enable panel replay feature [Why & How] Fixed the replay issues and now re-enable the panel replay feature. Reported-by: Arthur Borsboom Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3344 Reviewed-by: Sun peng Li Signed-off-by: Tom Chung Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit b8dc6ca028d9a39196a3a066b9ef2d4a5eca475d Author: Dillon Varone Date: Tue Jul 23 15:54:23 2024 -0400 drm/amd/display: Force enable 3DLUT DMA check for dcn401 in DML [WHY] Currently TR0 (trip 0) is not properly budgeting for urgent latency in DML2.1. This results in overly aggressive prefetch schedules that are vulnerable to request return jitter, resulting in severe underflow at the start of the frame. [HOW] Forcing 3DLUT DMA check to enable causes urgent latency to be budgeted properly into the prefetch schedule, avoiding the vulnerability. Reviewed-by: Alvin Lee Signed-off-by: Dillon Varone Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 51d334d6a49629ea03a2dde562d46846eb7d07a0 Author: Joshua Aberback Date: Tue Jul 23 16:20:15 2024 -0400 drm/amd/display: Assume 32 bpp cursor in DML21 [Why] Cursor size can change dynamically at runtime without re-validation, so DML should calculate with the max size cursor to cover all cases. Reviewed-by: Dillon Varone Signed-off-by: Joshua Aberback Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 7b2363e06c0ff4b868e7d768d605a9e656ff61f3 Author: Austin Zheng Date: Tue Jul 23 17:26:47 2024 -0400 drm/amd/display: Disable SubVP if Hardware Rotation is Used [Why and How] SubVP is not supported when hardware rotation is being used Reviewed-by: Alvin Lee Signed-off-by: Austin Zheng Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 5aacf8917fde5bc2a640f3cd49130c0e2e85e726 Author: Frank Min Date: Fri Aug 2 11:15:11 2024 +0800 drm/amdgpu: change non-dcc buffer copy configuration Without setting cpv bit and 7th ib dw, non-dcc buffer copy will have random corruption So set the cpv bit and clear the 7th ib dw for copy non-dcc buffers Signed-off-by: Frank Min Acked-by: Christian König Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit b3a3c9a6b27b68310f1d4d486f47556808c7c855 Author: Tao Zhou Date: Wed Jul 31 15:54:27 2024 +0800 drm/amdgpu: report bad status in GPU recovery Instead of printing GPU reset failed. v2: add check for reset_context->src. Signed-off-by: Tao Zhou Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit dd3e296289346109d41c6317124f51aee0269c25 Author: Tao Zhou Date: Thu Aug 1 16:26:27 2024 +0800 drm/amdgpu: update bad state check in GPU recovery Return RMA status without message print. Signed-off-by: Tao Zhou Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 65f6e9f7e1319119096a6dc93e62894e4375b578 Author: Fangzhi Zuo Date: Fri Jul 19 20:01:01 2024 -0400 drm/amd/display: Print Pcon FRL Link BW in Debug Message Under autonomous mode, source reads dpcd DP_PCON_HDMI_POST_FRL_STATUS for the frl link status. Without dsc passthrough, it serves as bw bottleneck on the entire link, compared with the dp link from source to the converter where dsc is available. Reviewed-by: Rodrigo Siqueira Signed-off-by: Fangzhi Zuo Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 434967aadbbbe3ad9103cc29e9a327de20fdba01 Author: Joshua Ashton Date: Thu Mar 7 19:04:31 2024 +0000 drm/amdgpu: Forward soft recovery errors to userspace As we discussed before[1], soft recovery should be forwarded to userspace, or we can get into a really bad state where apps will keep submitting hanging command buffers cascading us to a hard reset. 1: https://lore.kernel.org/all/bf23d5ed-9a6b-43e7-84ee-8cbfd0d60f18@froggi.es/ Signed-off-by: Joshua Ashton Reviewed-by: Marek Olšák Signed-off-by: Christian König Signed-off-by: Alex Deucher commit 671af06690e7f79db51b475a35c3b2619f345abc Author: Yang Wang Date: Fri Aug 2 10:11:37 2024 +0800 drm/amdgpu: remove RAS unused paramter 'err_addr' - amdgpu_ras_error_statistic_ue_count() - amdgpu_ras_error_statistic_ce_count() - amdgpu_ras_error_statistic_de_count() The parameter 'err_addr' is no longer used since following patch. Fixes: a7e8467fbeee ("drm/amdgpu: Remove unused code") Signed-off-by: Yang Wang Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit c9875d0a789060facc274dee0d4eb6500d471772 Author: Likun Gao Date: Thu Aug 1 10:47:16 2024 +0800 drm/amdgpu: add golden setting for gc v12 Adding Manual GDB golden setting for gc v12 revision 0 ASIC. Signed-off-by: Likun Gao Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit eaf3adb8faab611ba57594fa915893fc93a7788c Author: Aurabindo Pillai Date: Fri Jul 19 14:10:58 2024 -0400 drm/amd/display: fix a UBSAN warning in DML2.1 When programming phantom pipe, since cursor_width is explicity set to 0, this causes calculation logic to trigger overflow for an unsigned int triggering the kernel's UBSAN check as below: [ 40.962845] UBSAN: shift-out-of-bounds in /tmp/amd.EfpumTkO/amd/amdgpu/../display/dc/dml2/dml21/src/dml2_core/dml2_core_dcn4_calcs.c:3312:34 [ 40.962849] shift exponent 4294967170 is too large for 32-bit type 'unsigned int' [ 40.962852] CPU: 1 PID: 1670 Comm: gnome-shell Tainted: G W OE 6.5.0-41-generic #41~22.04.2-Ubuntu [ 40.962854] Hardware name: Gigabyte Technology Co., Ltd. X670E AORUS PRO X/X670E AORUS PRO X, BIOS F21 01/10/2024 [ 40.962856] Call Trace: [ 40.962857] [ 40.962860] dump_stack_lvl+0x48/0x70 [ 40.962870] dump_stack+0x10/0x20 [ 40.962872] __ubsan_handle_shift_out_of_bounds+0x1ac/0x360 [ 40.962878] calculate_cursor_req_attributes.cold+0x1b/0x28 [amdgpu] [ 40.963099] dml_core_mode_support+0x6b91/0x16bc0 [amdgpu] [ 40.963327] ? srso_alias_return_thunk+0x5/0x7f [ 40.963331] ? CalculateWatermarksMALLUseAndDRAMSpeedChangeSupport+0x18b8/0x2790 [amdgpu] [ 40.963534] ? srso_alias_return_thunk+0x5/0x7f [ 40.963536] ? dml_core_mode_support+0xb3db/0x16bc0 [amdgpu] [ 40.963730] dml2_core_calcs_mode_support_ex+0x2c/0x90 [amdgpu] [ 40.963906] ? srso_alias_return_thunk+0x5/0x7f [ 40.963909] ? dml2_core_calcs_mode_support_ex+0x2c/0x90 [amdgpu] [ 40.964078] core_dcn4_mode_support+0x72/0xbf0 [amdgpu] [ 40.964247] dml2_top_optimization_perform_optimization_phase+0x1d3/0x2a0 [amdgpu] [ 40.964420] dml2_build_mode_programming+0x23d/0x750 [amdgpu] [ 40.964587] dml21_validate+0x274/0x770 [amdgpu] [ 40.964761] ? srso_alias_return_thunk+0x5/0x7f [ 40.964763] ? resource_append_dpp_pipes_for_plane_composition+0x27c/0x3b0 [amdgpu] [ 40.964942] dml2_validate+0x504/0x750 [amdgpu] [ 40.965117] ? dml21_copy+0x95/0xb0 [amdgpu] [ 40.965291] ? srso_alias_return_thunk+0x5/0x7f [ 40.965295] dcn401_validate_bandwidth+0x4e/0x70 [amdgpu] [ 40.965491] update_planes_and_stream_state+0x38d/0x5c0 [amdgpu] [ 40.965672] update_planes_and_stream_v3+0x52/0x1e0 [amdgpu] [ 40.965845] ? srso_alias_return_thunk+0x5/0x7f [ 40.965849] dc_update_planes_and_stream+0x71/0xb0 [amdgpu] Fix this by adding a guard for checking cursor width before triggering the size calculation. Reviewed-by: Rodrigo Siqueira Signed-off-by: Aurabindo Pillai Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 792be2e23ac69821db7860ba4ba94592101f0b07 Author: Tao Zhou Date: Thu Aug 1 14:26:19 2024 +0800 drm/amdgpu: create function to check RAS RMA status In the convenience of calling it globally. Signed-off-by: Tao Zhou Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 64a905203fd0da3e8a3f649593cc48c9fbab25d0 Author: Hansen Dsouza Date: Tue Jul 23 00:26:19 2024 -0400 drm/amd/display: Add stream and char control callback [why & how] Add new stream and char control functions based on DCCG spec Reviewed-by: Muhammad Ahmed Signed-off-by: Hansen Dsouza Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 507293b1b207e419fc7ea4ff1d72c2f1db18e33c Author: Michael Strauss Date: Tue Jul 30 16:27:24 2019 -0400 drm/amd/display: Fix overlay with pre-blend color processing [WHY] Overlay works similarly to MPO, but uses global alpha on both planes and sets the desktop as the rear plane instead of the front plane [HOW] Ensure that top plane isn't overlay by checking global alpha before applying the previously added MPO fix Reviewed-by: Rodrigo Siqueira Signed-off-by: Michael Strauss Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit db65eb46de135338d6177f8853e0fd208f19d63e Author: Arunpravin Paneer Selvam Date: Fri Aug 2 11:13:19 2024 +0530 drm/buddy: Add start address support to trim function - Add a new start parameter in trim function to specify exact address from where to start the trimming. This would help us in situations like if drivers would like to do address alignment for specific requirements. - Add a new flag DRM_BUDDY_TRIM_DISABLE. Drivers can use this flag to disable the allocator trimming part. This patch enables the drivers control trimming and they can do it themselves based on the application requirements. v1:(Matthew) - check new_start alignment with min chunk_size - use range_overflows() Signed-off-by: Arunpravin Paneer Selvam Acked-by: Alex Deucher Acked-by: Christian König Signed-off-by: Alex Deucher commit e1dbe625d6ac2821eb29e087db46cb539d8079f0 Author: Rodrigo Siqueira Date: Thu Jul 25 16:41:38 2024 -0600 drm/amd/display: Add missing program DET segment call to pipe init Add a callback that program the DET segment when initializing pipes. Acked-by: Tom Chung Signed-off-by: Rodrigo Siqueira Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 4f842ba7cdd83cba1d5c0bbd15ed9d14d882cf89 Author: Rodrigo Siqueira Date: Thu Jul 25 14:35:09 2024 -0600 drm/amd/display: Remove unused fields from dc_caps [Why & How] Identify few unused fileds in dc_caps. Remove them. Acked-by: Tom Chung Signed-off-by: Rodrigo Siqueira Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit e9180253e22596991db426ab5b01111c2a739db4 Author: Rodrigo Siqueira Date: Wed Jul 24 15:22:26 2024 -0600 drm/amd/display: Remove unused fields from dmub_cmd_update_dirty_rect_data Drop coasting_vtotal_high and pad from dmub_cmd_update_dirty_rect_data, since it is not used. Acked-by: Tom Chung Signed-off-by: Rodrigo Siqueira Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 0345c8bc22c92f3d5fc0287957a96fd214297aa4 Author: Rodrigo Siqueira Date: Wed Jul 24 15:21:40 2024 -0600 drm/amd/display: Remove useless defines Remove __cplusplus defines added by accident. Acked-by: Tom Chung Signed-off-by: Rodrigo Siqueira Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 0964fbd59e7131c1bad4c8549ec13a27104f0b11 Author: Rodrigo Siqueira Date: Wed Jul 24 15:19:31 2024 -0600 drm/amd/display: Cleanup dml2 and dc/resource Makefile Remove some useless lines from DC Makefiles. Acked-by: Tom Chung Signed-off-by: Rodrigo Siqueira Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 089525632d40bbfa507f224c20563529b3f8a4b3 Author: Rodrigo Siqueira Date: Wed Jul 24 09:29:13 2024 -0600 drm/amd/display: Add missing DCN314 to the DML Makefile Include display_mode_vba_314 and display_rq_dlg_calc_314 to the dml Makefile. Acked-by: Tom Chung Signed-off-by: Rodrigo Siqueira Signed-off-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 62341f7bc2ccb7c024eb023a05714d798ba6437d Author: Sunil Khatri Date: Wed Jul 31 18:37:42 2024 +0530 drm/amdgpu: optimize the padding for gfx_v9_4_3 Adding NOP packets one by one in the ring does not use the CP efficiently. Solution: Use CP optimization while adding NOP packet's so PFP can discard NOP packets based on information of count from the Header instead of fetching all NOP packets one by one. Reviewed-by: Christian König Cc: Christian König Cc: Pierre-Eric Pelloux-Prayer Cc: Tvrtko Ursulin Cc: Marek Olšák Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit fd69ef05029f9beb7b031ef96e7a36970806a670 Author: Christian König Date: Thu Jul 11 15:25:06 2024 +0200 drm/radeon: use GEM references instead of TTMs Instead of a TTM reference grab a GEM reference whenever necessary. Signed-off-by: Christian König Reviewed-by: Daniel Vetter Signed-off-by: Alex Deucher commit dee44a7cb577f2aba39e1713a51e9faee2f65534 Author: Sunil Khatri Date: Wed Jul 31 18:35:14 2024 +0530 drm/amdgpu: optimize the padding for gfx9 Adding NOP packets one by one in the ring does not use the CP efficiently. Solution: Use CP optimization while adding NOP packet's so PFP can discard NOP packets based on information of count from the Header instead of fetching all NOP packets one by one. Reviewed-by: Christian König Cc: Christian König Cc: Pierre-Eric Pelloux-Prayer Cc: Tvrtko Ursulin Cc: Marek Olšák Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit bb670c31e13a402d30afa3d484403196031d0fbd Author: Tvrtko Ursulin Date: Wed Jul 31 20:19:15 2024 +0530 drm/amdpgu: Micro-optimise amdgpu_ring_commit For some value of optimisation we can replace the division with an bitwise and. And it even shrinks the code. Before: 6c9: 53 push %rbx 6ca: 4c 8b 47 08 mov 0x8(%rdi),%r8 6ce: 31 d2 xor %edx,%edx 6d0: 48 89 fb mov %rdi,%rbx 6d3: 8b 87 c8 05 00 00 mov 0x5c8(%rdi),%eax 6d9: 41 8b 48 04 mov 0x4(%r8),%ecx 6dd: f7 d0 not %eax 6df: 21 c8 and %ecx,%eax 6e1: 83 c1 01 add $0x1,%ecx 6e4: 83 c0 01 add $0x1,%eax 6e7: f7 f1 div %ecx 6e9: 89 d6 mov %edx,%esi 6eb: 41 ff 90 88 00 00 00 call *0x88(%r8) After: 6c9: 53 push %rbx 6ca: 48 8b 57 08 mov 0x8(%rdi),%rdx 6ce: 48 89 fb mov %rdi,%rbx 6d1: 8b 87 c8 05 00 00 mov 0x5c8(%rdi),%eax 6d7: 8b 72 04 mov 0x4(%rdx),%esi 6da: f7 d0 not %eax 6dc: 21 f0 and %esi,%eax 6de: 83 c0 01 add $0x1,%eax 6e1: 21 c6 and %eax,%esi 6e3: ff 92 88 00 00 00 call *0x88(%rdx) Reviewed-by: Christian König Reviewed-by: Sunil Khatri Signed-off-by: Tvrtko Ursulin Signed-off-by: Alex Deucher commit dfe9d047b162f3a79ab63046608c693ee14c5b7a Author: Hawking Zhang Date: Thu Aug 1 13:45:27 2024 +0800 drm/amdgpu: Add more types for boot time error reporting Data abort exception and unknown errors are supported. Signed-off-by: Hawking Zhang Reviewed-by: Tao Zhou Signed-off-by: Alex Deucher commit 9192c7613ca53572908ba23a4c3f39c7f8ba8021 Author: Likun Gao Date: Wed Jul 31 11:58:46 2024 +0800 drm/amdgpu: force to use legacy inv in mmhub MMHUB v4.1.0 only support fixed cache mode, so only use legacy invalidation accordingly. Signed-off-by: Likun Gao Reviewed-by: Frank Min Signed-off-by: Alex Deucher commit f59902ffcc43ce7e1db5d0c4dfee37ec2a1bae0c Author: Sunil Khatri Date: Wed Jul 31 18:27:28 2024 +0530 drm/amdgpu: optimize the padding for gfx12 Adding NOP packets one by one in the ring does not use the CP efficiently. Solution: Use CP optimization while adding NOP packet's so PFP can discard NOP packets based on information of count from the Header instead of fetching all NOP packets one by one. Reviewed-by: Christian König Cc: Christian König Cc: Pierre-Eric Pelloux-Prayer Cc: Tvrtko Ursulin Cc: Marek Olšák Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 28574b08c70e56d34d6f6379326a860b96749051 Author: Srinivasan Shanmugam Date: Wed Jul 31 13:15:00 2024 +0530 drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func This commit adds a null check for the set_output_gamma function pointer in the dcn32_set_output_transfer_func function. Previously, set_output_gamma was being checked for null, but then it was being dereferenced without any null check. This could lead to a null pointer dereference if set_output_gamma is null. To fix this, we now ensure that set_output_gamma is not null before dereferencing it. We do this by adding a null check for set_output_gamma before the call to set_output_gamma. Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit dd340acd42c24a3f28dd22fae6bf38662334264c Author: Srinivasan Shanmugam Date: Wed Jul 31 13:22:06 2024 +0530 drm/amd/display: Add NULL check for function pointer in dcn401_set_output_transfer_func This commit adds a null check for the set_output_gamma function pointer in the dcn401_set_output_transfer_func function. Previously, set_output_gamma was being checked for null, but then it was being dereferenced without any null check. This could lead to a null pointer dereference if set_output_gamma is null. To fix this, we now ensure that set_output_gamma is not null before dereferencing it. We do this by adding a null check for set_output_gamma before the call to set_output_gamma. Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit 62ed6f0f198da04e884062264df308277628004f Author: Srinivasan Shanmugam Date: Wed Jul 31 13:09:28 2024 +0530 drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func This commit adds a null check for the set_output_gamma function pointer in the dcn20_set_output_transfer_func function. Previously, set_output_gamma was being checked for null at line 1030, but then it was being dereferenced without any null check at line 1048. This could potentially lead to a null pointer dereference error if set_output_gamma is null. To fix this, we now ensure that set_output_gamma is not null before dereferencing it. We do this by adding a null check for set_output_gamma before the call to set_output_gamma at line 1048. Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit 62eefd10ac1c7e976bda47ff311bd87cee40ab8d Author: Yifan Zhang Date: Tue Jul 30 10:45:08 2024 +0800 drm/amdgpu: use CPU for page table update if SDMA is unavailable avoid using SDMA if it is unavailable. Signed-off-by: Yifan Zhang Reviewed-by: Tim Huang Signed-off-by: Alex Deucher commit 847e387e00547b0cc728a5e61f5beb2ff861ed1d Author: Sunil Khatri Date: Wed Jul 31 13:39:20 2024 +0530 drm/amdgpu: optimize the padding for gfx11 Adding NOP packets one by one in the ring does not use the CP efficiently. Solution: Use CP optimization while adding NOP packet's so PFP can discard NOP packets based on information of count from the Header instead of fetching all NOP packets one by one. Reviewed-by: Christian König Cc: Christian König Cc: Pierre-Eric Pelloux-Prayer Cc: Tvrtko Ursulin Cc: Marek Olšák Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit b41a382932263b2951bc9e83a22168d579a94865 Author: Jonathan Kim Date: Mon Jul 22 13:26:08 2024 -0400 drm/amdkfd: fix debug watchpoints for logical devices The number of watchpoints should be set and constrained per logical partition device, not by the socket device. Signed-off-by: Jonathan Kim Reviewed-by: Harish Kasiviswanathan Signed-off-by: Alex Deucher commit 67c4ca9f794951482c54a7006c8b3c367d6c3efc Author: Sunil Khatri Date: Wed Jul 31 13:36:15 2024 +0530 drm/amdgpu: do not call insert_nop fn for zero count Do not make a function call for zero size NOP as it does not add anything in the ring and is unnecessary function call. Reviewed-by: Christian König Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit ee0a469cf9175aeb6131c0476c4a4a8eb5997dfa Author: Jonathan Kim Date: Tue Jun 25 11:22:50 2024 -0400 drm/amdkfd: support per-queue reset on gfx9 Support per-queue reset for GFX9. The recommendation is for the driver to target reset the HW queue via a SPI MMIO register write. Since this requires pipe and HW queue info and MEC FW is limited to doorbell reports of hung queues after an unmap failure, scan the HW queue slots defined by SET_RESOURCES first to identify the user queue candidates to reset. Only signal reset events to processes that have had a queue reset. If queue reset fails, fall back to GPU reset. Signed-off-by: Jonathan Kim Reviewed-by: Felix Kuehling Signed-off-by: Alex Deucher commit e89d2fec4cde967445e16e02e406481bac380cc4 Author: Sunil Khatri Date: Tue Jul 30 00:24:44 2024 +0530 drm/amdgpu: optimize the padding for gfx10 Adding NOP packets one by one in the ring does not use the CP efficiently. Solution: Use CP optimization while adding NOP packet's so PFP can discard NOP packets based on information of count from the Header instead of fetching all NOP packets one by one. Cc: Christian König Cc: Pierre-Eric Pelloux-Prayer Cc: Tvrtko Ursulin Cc: Marek Olšák Reviewed-by: Christian König Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 4a4c815b08dc774dde67fb90a0286925f98204af Author: Srinivasan Shanmugam Date: Tue Jul 30 09:39:14 2024 +0530 drm/amd/display: Align 'dpp401_dscl_program_isharp' with actual function parameters This commit corrects the function comment for 'dpp401_dscl_program_isharp' in 'dcn401_dpp_dscl.c'. The comment previously included a description for a non-existent parameter 'bs_coeffs_updated'. This parameter description has been removed to reflect the function's actual parameters. Fixes the below with gcc W=1: drivers/gpu/drm/amd/amdgpu/../display/dc/dpp/dcn401/dcn401_dpp_dscl.c:981: warning: Excess function parameter 'bs_coeffs_updated' description in 'dpp401_dscl_program_isharp' Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit 836af5be1b6d8e93d736c252e711a20db7dbde9d Author: Sunil Khatri Date: Tue Jul 30 11:19:53 2024 +0530 drm/amdgpu: Clean up the register dump via debugfs list debugfs register list for dump is cleaned as it have some issues related to proper power state of the IP before register read. Since the above mentioned is removed we no longer want this to be dumped part of the devcoredump and hence removed. Reviewed-by: Christian König Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 17277da26623d4aa8bdda628d0024cf2f2e39ae6 Author: Sunil Khatri Date: Tue Jul 30 11:00:06 2024 +0530 drm/amdgpu: Remove debugfs amdgpu_reset_dump_register_list There are some problem with existing amdgpu_reset_dump_register_list debugfs node. It is supposed to read a list of registers but there could be cases when the IP is not in correct power state. Register read in such cases could lead to more problems. We are taking care of all such power states in devcoredump and dumping the registers of need for debugging. So cleaning this code and we dont need this functionality via debugfs anymore. Reviewed-by: Christian König Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 9710b84e2a6afde2db20cd33435038eb75b91200 Author: Kenneth Feng Date: Tue Jul 30 09:43:11 2024 +0800 drm/amd/pm: add overdrive support on smu v14.0.2/3 add overdrive support on smu v14.0.2/3 Signed-off-by: Kenneth Feng Reviewed-by: Yang Wang Signed-off-by: Alex Deucher commit 8141f21b941710ecebe49220b69822cab3abd23d Author: Srinivasan Shanmugam Date: Fri Jul 26 19:31:55 2024 +0530 drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream' This commit adds a null check for 'stream_status' in the function 'planes_changed_for_existing_stream'. Previously, the code assumed 'stream_status' could be null, but did not handle the case where it was actually null. This could lead to a null pointer dereference. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/core/dc_resource.c:3784 planes_changed_for_existing_stream() error: we previously assumed 'stream_status' could be null (see line 3774) Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit f905d0c328b440fabaaf265350bf4187ccd5f59b Author: Kenneth Feng Date: Mon Jul 29 09:24:20 2024 +0800 drm/amd/pm: update powerplay structure on smu v14.0.2/3 update powerplay structure on smu v14.0.2/3 Signed-off-by: Kenneth Feng Reviewed-by: Yang Wang Signed-off-by: Alex Deucher commit 1cb62da0802c8f08e26443a5409edba99b8a1f6e Author: Philip Yang Date: Thu Jul 25 19:10:43 2024 -0400 drm/amdkfd: Fix compile error if HMM support not enabled Fixes the below if kernel config not enable HMM support >> drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_queue.c:107:26: error: implicit declaration of function 'svm_range_from_addr' >> drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_queue.c:107:24: error: assignment to 'struct svm_range *' from 'int' makes pointer from integer without a cast [-Wint-conversion] >> drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_queue.c:111:28: error: invalid use of undefined type 'struct svm_range' Fixes: b049504e211e ("drm/amdkfd: Validate user queue svm memory residency") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202407252127.zvnxaKRA-lkp@intel.com/ Signed-off-by: Philip Yang Reviewed-by: Felix Kuehling Signed-off-by: Alex Deucher commit 3e048c8846a658098d935df83050170c8a8fb104 Author: Aric Cyr Date: Sun Jul 21 21:46:07 2024 -0400 drm/amd/display: 3.2.294 This version brings along the following: - SPL improvements. - Address coverity issues. - DML2 fixes. - Code cleanup. - DIO and DCCG refactor. - Improve the PSR state. Signed-off-by: Aric Cyr Reviewed-by: Rodrigo Siqueira Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 946e2c5be80b2cf93be34e28b3a6bdadc8ca419b Author: Rodrigo Siqueira Date: Mon Jul 22 20:46:25 2024 -0600 drm/amd/display: Remove unused code Remove function pointers that were never used. Reviewed-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit d91f93c7a7fb9589e62814c1e229943e1259b48c Author: Rodrigo Siqueira Date: Mon Jul 22 20:43:43 2024 -0600 drm/amd/display: Add missing registers for dcn32 Add missing debug registers for DCN32. Reviewed-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 74bad61c5d83f5af8a855c8b7dc8e20377c74d46 Author: Rodrigo Siqueira Date: Mon Jul 22 20:40:22 2024 -0600 drm/amd/display: Add dcc propagation value Initialize the field dcc_meta_propagation_delay_us with 10 ms. Reviewed-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit a00a177055cced5cd2bb057a1ace9a95a286bc49 Author: Rodrigo Siqueira Date: Mon Jul 22 20:33:40 2024 -0600 drm/amd/display: Add missing mcache registers Add missing register programming for mcache in DCN401. Reviewed-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 24ffa5bb6d363c8164be6af974e318f5752797e1 Author: Rodrigo Siqueira Date: Mon Jul 22 20:30:21 2024 -0600 drm/amd/display: Remove duplicated code DCN_MINIMUM_DISPCLK_Khz and DCN_MINIMUM_DPPCLK_Khz is declared twice. This commit removes that duplication. Reviewed-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 675d9ac9d0de765531e94f9fdc536989a997a324 Author: Rodrigo Siqueira Date: Mon Jul 22 16:53:42 2024 -0600 drm/amd/display: Add missing DET segments programming The commit 5034b935f62a ("drm/amd/display: Modify DHCUB waterwark structures and functions") introduced a code refactor for DCHUB, but during the merge process into amd-staging-drm-next, the program det segments were removed. This commit adds the DET segment programming for DCN35. Fixes: 5034b935f62a ("drm/amd/display: Modify DHCUB waterwark structures and functions") Reviewed-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit ab799c16c9d537fa2f070283f1ca63a4425502e9 Author: Alvin Lee Date: Fri Apr 26 15:24:06 2024 -0400 drm/amd/display: For FAMS2 don't program P-State force from driver P-State force programming is handled entirely by FW in FAMS2. Remove any programming from driver side to prevent incorrect programming from driver side (which may override FW programming) Signed-off-by: Alvin Lee Reviewed-by: Rodrigo Siqueira Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit c7b3569b3ebc53e997500be09eb612b6c852525a Author: Sung Lee Date: Thu Apr 4 10:25:21 2024 -0400 drm/amd/display: Fix Cursor Offset in Scaled Scenarios [WHY] Cursor position code had improper offsets in scaled modes. [HOW] Adjust cursor scaling to account for cursor offsets properly. Reviewed-by: Rodrigo Siqueira Signed-off-by: Sung Lee Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 6cc213b9aa34bc3213e20f9256345c5cc1495b0b Author: Rodrigo Siqueira Date: Mon Dec 4 16:35:04 2023 -0500 drm/amd/display: Replace dm_execute_dmub_cmd with dc_wake_and_execute_dmub_cmd In the commit c2cec7a872b6 ("drm/amd/display: Wake DMCUB before sending a command for replay feature"), replaced dm_execute_dmub_cmd with dc_wake_and_execute_dmub_cmd in multiple areas, but due to merge issues the replacement of this function in the dmub_replay_copy_settings was missed. This commit replaces the old dm_execute_dmub_cmd with dc_wake_and_execute_dmub_cmd. Fixes: 3601a35a2e9d ("drm/amd/display: Wake DMCUB before sending a command for replay feature") Reviewed-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 5d6a620875a04e70c51d8366eccae74d9cef0308 Author: Rodrigo Siqueira Date: Mon Jul 22 15:32:21 2024 -0600 drm/amd/display: Setup two pixel per container SPL has a control field for controlling the two pixels per container that is not in use yet. This commit adds a proper initialization for this feature. Reviewed-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 85ecfdda063b6f148335c354c8b7200a49640510 Author: Rodrigo Siqueira Date: Tue Jul 16 13:24:48 2024 -0600 drm/amd/display: Re-order enum in a header file Move the lb_memory_config close to the pixel format enums to improve the code readability. Reviewed-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 29d0732f8f61ed028d642034e5323b8cdf6a1905 Author: Cruise Date: Mon Jul 22 19:15:53 2024 +0800 drm/amd/display: Get link index for AUX reply notification The link index wasn't updated for the AUX reply notification. Get link index based on DPIA instance for AUX reply notification. Signed-off-by: Cruise Reviewed-by: Meenakshikumar Somasundaram Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 9330af0af3d54df71b6b752a260dadef05a4fc44 Author: Alex Hung Date: Tue Jul 16 14:05:12 2024 -0600 drm/amd/display: Check UnboundedRequestEnabled's value CalculateSwathAndDETConfiguration_params_st's UnboundedRequestEnabled is a pointer (i.e. dml_bool_t *UnboundedRequestEnabled), and thus p->UnboundedRequestEnabled checks its address, not bool value. To check value, *p->UnboundedRequestEnabled is used instead. This fixes 1 REVERSE_INULL issue reported by Coverity. Signed-off-by: Alex Hung Reviewed-by: Rodrigo Siqueira Reviewed-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit ca0fb243c3bb53dbbd71d16c76f319bf923ee3d4 Author: Daniel Sa Date: Fri Jul 19 13:39:09 2024 -0400 drm/amd/display: Underflow Seen on DCN401 eGPU [WHY] In dcn401 we read clock values before FW is loaded. These incorrect values cause the driver to believe that we are running higher clocks than what we actually have. This then causes corruption/underflow for the eGPU. [HOW] When new values are read from HW, update internal structures to propagate the new/correct value. Fixes issue Signed-off-by: Daniel Sa Reviewed-by: Alvin Lee Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 9a72570491b524c9dc4c1caa7323b2297c27b0b7 Author: Meenakshikumar Somasundaram Date: Wed Jul 10 12:58:20 2024 -0400 drm/amd/display: Enable aux transfer path via dmub for dp tunneling [Why] Aux transfer retries path does not support dp tunneling. [How] Based on ddc pin check, aux will be issued in legacy path or DMUB. Signed-off-by: Meenakshikumar Somasundaram Reviewed-by: Eric Yang Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 08b856b38c257bc23f208ef165816d7e710574e0 Author: Christophe JAILLET Date: Tue Aug 6 15:01:04 2024 +0200 regulator: bd9576: Constify struct linear_range 'struct linear_range' are not modified in these drivers. Constifying this structure moves some data to a read-only section, so increase overall security. This is also more consistent with the other struct linear_range declaration above. On a x86_64, with allmodconfig, as an example: Before: ====== text data bss dec hex filename 20767 4544 0 25311 62df drivers/regulator/bd9576-regulator.o After: ===== text data bss dec hex filename 21023 4288 0 25311 62df drivers/regulator/bd9576-regulator.o Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/a4e37991ea7b47145ab033128c8dd49f73a983e6.1722949232.git.christophe.jaillet@wanadoo.fr Signed-off-by: Mark Brown commit 16c9898ac5ab00fc96efee404a1b8bcfe20ad48b Author: Vignesh Raman Date: Tue Jul 30 07:45:41 2024 +0530 drm/ci: rockchip: add tests for rockchip display driver For rockchip rk3288 and rk3399, the display driver is rockchip and gpu driver is panfrost. Currently, in drm-ci for rockchip rk3288 and rk3399, only the gpu driver is tested. Refactor the existing rockchip jobs to test both display and gpu driver and update xfails. Since the correct driver name is passed from the job to test gpu and display driver, remove the check to set IGT_FORCE_DRIVER based on driver name for rockchip jobs. Acked-by: Helen Koike Reviewed-by: Daniel Stone Signed-off-by: Vignesh Raman Signed-off-by: Helen Koike Link: https://patchwork.freedesktop.org/patch/msgid/20240730021545.912271-7-vignesh.raman@collabora.com commit a0ac33cb9a12f1e499c9f009067a3135df626cd5 Author: Vignesh Raman Date: Tue Jul 30 07:45:40 2024 +0530 drm/ci: meson: add tests for meson display driver For Amlogic Meson G12B (A311D) SOC the display driver is meson and gpu driver is panfrost. Currently, in drm-ci for Meson G12B (A311D), only the gpu driver is tested. Refactor the existing meson jobs and add support in drm-ci to test both display and gpu driver for Amlogic Meson G12B (A311D) and update xfails. Since the correct driver name is passed from the job to test gpu and display driver, remove the check to set IGT_FORCE_DRIVER based on driver name for meson jobs. Acked-by: Helen Koike Reviewed-by: Daniel Stone Signed-off-by: Vignesh Raman Signed-off-by: Helen Koike Link: https://patchwork.freedesktop.org/patch/msgid/20240730021545.912271-6-vignesh.raman@collabora.com commit d7683c49638c83bcb6a817671bb348dc435da3b5 Author: Vignesh Raman Date: Tue Jul 30 07:45:39 2024 +0530 drm/ci: mediatek: add tests for powervr gpu driver For mediatek mt8173, the display driver is mediatek, while the gpu driver is powervr. Currently, in drm-ci for mt8173, only the display driver is tested. Add support in drm-ci to test powervr driver for mt8173. Powervr driver was merged in linux kernel, but there's no mediatek support yet. So disable the powervr:mt8173 job which uses powervr driver. Also update the MAINTAINERS file to include xfails for powervr driver. Acked-by: Helen Koike Reviewed-by: Daniel Stone Signed-off-by: Vignesh Raman Signed-off-by: Helen Koike Link: https://patchwork.freedesktop.org/patch/msgid/20240730021545.912271-5-vignesh.raman@collabora.com commit 75830999587470b17a30d2ecad25ad13cb272c19 Author: Vignesh Raman Date: Tue Jul 30 07:45:38 2024 +0530 drm/ci: mediatek: add tests for mediatek display driver For mediatek mt8183, the display driver is mediatek, while the gpu driver is panfrost. Currently, in drm-ci for mt8183, only the gpu driver is tested. Refactor the existing mediatek jobs and add support in drm-ci to test both display and gpu driver for mt8183 and update xfails. Since the correct driver name is passed from the job to test gpu and display driver, remove the check to set IGT_FORCE_DRIVER based on driver name for mediatek jobs. Update the MAINTAINERS file to include xfails for panfrost driver. Acked-by: Helen Koike Reviewed-by: Daniel Stone Signed-off-by: Vignesh Raman Signed-off-by: Helen Koike Link: https://patchwork.freedesktop.org/patch/msgid/20240730021545.912271-4-vignesh.raman@collabora.com commit 0b8778af8babe55f133b9bfe3a5bf234a36ad7f8 Author: Vignesh Raman Date: Tue Jul 30 07:45:37 2024 +0530 drm/ci: skip tools_test on non-intel platforms tools_test is a wrapper for running tools/intel_reg and tools/intel_l3_parity. So skip these tests on non-intel platforms and update expectaion files. Acked-by: Helen Koike Reviewed-by: Daniel Stone Signed-off-by: Vignesh Raman Signed-off-by: Helen Koike Link: https://patchwork.freedesktop.org/patch/msgid/20240730021545.912271-3-vignesh.raman@collabora.com commit 68914b7c4dae0fd59ccb6b8bd8e2b6f5656cd25d Author: Vignesh Raman Date: Tue Jul 30 07:45:36 2024 +0530 drm/ci: arm64.config: Enable CONFIG_DRM_ANALOGIX_ANX7625 Enable CONFIG_DRM_ANALOGIX_ANX7625 in the arm64 defconfig to get display driver probed on the mt8183-kukui-jacuzzi-juniper machine. arch/arm64/configs/defconfig has CONFIG_DRM_ANALOGIX_ANX7625=m, but drm-ci don't have initrd with modules, so add CONFIG_DRM_ANALOGIX_ANX7625=y in CI arm64 config. Acked-by: Helen Koike Reviewed-by: Daniel Stone Signed-off-by: Vignesh Raman Signed-off-by: Helen Koike Link: https://patchwork.freedesktop.org/patch/msgid/20240730021545.912271-2-vignesh.raman@collabora.com commit 4bd380390fcce5c77610bc9067a9a97cfd999402 Author: Ian Rogers Date: Mon Aug 5 12:44:24 2024 -0700 perf jevents.py: Ensure event names aren't duplicated Duplicate event names break invariants in 'perf list'. Assert that an event name isn't duplicated so that broken JSON won't build. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Albert Ou Cc: Alexander Shishkin Cc: Atish Patra Cc: Changbin Du Cc: Charles Ci-Jyun Wu Cc: Eric Lin Cc: Greentime Hu Cc: Guilherme Amadio Cc: Ingo Molnar Cc: Inochi Amaoto Cc: James Clark Cc: Ji Sheng Teoh Cc: Jing Zhang Cc: Jiri Olsa Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Locus Wei-Han Chen Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Peter Zijlstra Cc: Samuel Holland Cc: Sandipan Das Cc: Vincent Chen Cc: Will Deacon Cc: Xu Yang Link: https://lore.kernel.org/r/20240805194424.597244-5-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit c4f74bb61ae01b30067ae3878ca8ba7d677283ae Author: Ian Rogers Date: Mon Aug 5 12:44:22 2024 -0700 perf pmu-events: Remove duplicated ampereone event OP_SPEC is repeated twice in the file which will break invariants in 'perf list' as discussed in this thread: https://lore.kernel.org/linux-perf-users/20240719081651.24853-1-eric.lin@sifive.com/ Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Albert Ou Cc: Alexander Shishkin Cc: Atish Patra Cc: Changbin Du Cc: Charles Ci-Jyun Wu Cc: Eric Lin Cc: Greentime Hu Cc: Guilherme Amadio Cc: Ingo Molnar Cc: Inochi Amaoto Cc: James Clark Cc: Ji Sheng Teoh Cc: Jing Zhang Cc: Jiri Olsa Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Locus Wei-Han Chen Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Peter Zijlstra Cc: Samuel Holland Cc: Sandipan Das Cc: Vincent Chen Cc: Will Deacon Cc: Xu Yang Link: https://lore.kernel.org/r/20240805194424.597244-3-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit b79f9a437a5758c6dee29c0dbcce8db293f088c0 Author: Ian Rogers Date: Mon Aug 5 12:44:21 2024 -0700 perf pmu-events: Change dependencies for empty-pmu-events.c test Switch from $? (all the prerequisites that are newer than the target) to $^ (all the prerequisites) as touching jevents.py will mean that empty-pmu-events.c won't be passed to the diff command breaking the build. Reported-by: Arnaldo Carvalho de Melo Signed-off-by: Ian Rogers Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Albert Ou Cc: Alexander Shishkin Cc: Atish Patra Cc: Changbin Du Cc: Charles Ci-Jyun Wu Cc: Eric Lin Cc: Greentime Hu Cc: Guilherme Amadio Cc: Ingo Molnar Cc: Inochi Amaoto Cc: James Clark Cc: Ji Sheng Teoh Cc: Jing Zhang Cc: Jiri Olsa Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Locus Wei-Han Chen Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Peter Zijlstra Cc: Samuel Holland Cc: Sandipan Das Cc: Vincent Chen Cc: Will Deacon Cc: Xu Yang Link: https://lore.kernel.org/r/20240805194424.597244-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 2576b20abdb18d80c22cea783fda80e2235f36dd Author: Ian Rogers Date: Mon Aug 5 12:44:20 2024 -0700 perf test: Add build test for JEVENTS_ARCH=all Building with JEVENTS_ARCH=all builds all CPU types and allows things like assertions to check the validity of the input JSON. Signed-off-by: Ian Rogers Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Albert Ou Cc: Alexander Shishkin Cc: Atish Patra Cc: Changbin Du Cc: Charles Ci-Jyun Wu Cc: Eric Lin Cc: Greentime Hu Cc: Guilherme Amadio Cc: Ingo Molnar Cc: Inochi Amaoto Cc: James Clark Cc: Ji Sheng Teoh Cc: Jing Zhang Cc: Jiri Olsa Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Locus Wei-Han Chen Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Palmer Dabbelt Cc: Paul Walmsley Cc: Peter Zijlstra Cc: Samuel Holland Cc: Sandipan Das Cc: Vincent Chen Cc: Will Deacon Cc: Xu Yang Link: https://lore.kernel.org/r/20240805194424.597244-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 7b6cf6c750da7661a90c12642c3a8f141c7c2819 Author: Dmitry Baryshkov Date: Mon Jul 1 21:19:53 2024 +0300 drm/bridge: lt9611uxc: drop support for !DRM_BRIDGE_ATTACH_NO_CONNECTOR Having no in-kernel devices that use !DRM_BRIDGE_ATTACH_NO_CONNECTOR mode for the Lontium LT9611UXC bridge, drop the in-bridge implementation of the drm_connector. Signed-off-by: Dmitry Baryshkov Reviewed-by: Robert Foss Signed-off-by: Robert Foss Link: https://patchwork.freedesktop.org/patch/msgid/20240701-lt9611uxc-next-bridge-v1-2-665bce5fdaaa@linaro.org commit 7c5537cee9a8dff956e3b9a3f68c22af06a57558 Author: Dmitry Baryshkov Date: Mon Jul 1 21:19:52 2024 +0300 drm/bridge: lt9611uxc: properly attach to a next bridge If there is a next bridge in the OF graph don't let it be ignored. Attach the next bridge to the chain. Signed-off-by: Dmitry Baryshkov Reviewed-by: Robert Foss Signed-off-by: Robert Foss Link: https://patchwork.freedesktop.org/patch/msgid/20240701-lt9611uxc-next-bridge-v1-1-665bce5fdaaa@linaro.org commit 92653f2a572505adaf7f13f695c1907e71a1dc84 Author: David Gow Date: Sun Aug 4 17:18:48 2024 +0800 drm/i915: Attempt to get pages without eviction first In commit a78a8da51b36 ("drm/ttm: replace busy placement with flags v6"), __i915_ttm_get_pages was updated to use flags instead of the separate 'busy' placement list. However, the behaviour was subtly changed. Originally, the function would attempt to use the preferred placement without eviction, and give an opportunity to restart the operation before falling back to allowing eviction. This was unintentionally changed, as the preferred placement was not given the TTM_PL_FLAG_DESIRED flag, and so eviction could be triggered in that first pass. This caused thrashing, and a significant performance regression on DG2 systems with small BAR. For example, Minecraft and Team Fortress 2 would drop to single-digit framerates. Restore the original behaviour by marking the initial placement as desired on that first attempt. Also, rework this to use a separate struct ttm_palcement, as the individual placements are marked 'const', so hot-patching the flags is even more dodgy than before. Thanks to Justin Brewer for bisecting this. Fixes: a78a8da51b36 ("drm/ttm: replace busy placement with flags v6") Link: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/11255 Signed-off-by: David Gow Reviewed-by: Jonathan Cavitt Reviewed-by: Andi Shyti Signed-off-by: Andi Shyti Link: https://patchwork.freedesktop.org/patch/msgid/20240804091851.122186-3-david@davidgow.net commit 54bf0af90844fbf18f5be3272eda69198dfdb622 Author: David Gow Date: Sun Aug 4 17:18:47 2024 +0800 drm/i915: Allow evicting to use the requested placement In commit a78a8da51b36 ("drm/ttm: replace busy placement with flags v6"), the old system of having a separate placement list (for placements which should be used without eviction) and a 'busy' placement list (for placements which should be attempted if eviction is required) was replaced with a new one where placements could be marked 'FALLBACK' (to be attempted if eviction is required) or 'DESIRED' (to be attempted first, but not if eviction is required). i915 had always included the requested placement in the list of 'busy' placements: i.e., the placement could be used either if eviction is required or not. But when the new system was put in place, the requested (first) placement was marked 'DESIRED', so would never be used if eviction became necessary. While a bug in the original commit prevented this flag from working, when this was fixed in 4a0e7b3c ("drm/i915: fix applying placement flag"), it caused long hangs on DG2 systems with small BAR. Don't mark the requested placement DESIRED (or FALLBACK), allowing it to be used in both situations. This matches the old behaviour, and resolves the hangs. Thanks to Justin Brewer for bisecting the issue. Fixes: a78a8da51b36 ("drm/ttm: replace busy placement with flags v6") Fixes: 4a0e7b3c3753 ("drm/i915: fix applying placement flag") Link: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/11255 Signed-off-by: David Gow Reviewed-by: Jonathan Cavitt Reviewed-by: Andi Shyti Signed-off-by: Andi Shyti Link: https://patchwork.freedesktop.org/patch/msgid/20240804091851.122186-2-david@davidgow.net commit 7d2fb3812acde0a76e0d361877e8295db065f9f4 Author: Kuninori Morimoto Date: Tue Aug 6 00:00:57 2024 +0000 ASoC: remove bespoke trigger support Bespoke trigger support was added when Linux v3.5 by this patch. commit 07bf84aaf736781a283b1bd36eaa911453b14574 ("ASoC: dpcm: Add bespoke trigger()") test-component driver is using it, but this is because it indicates used function for debug/trace purpose. Except test-component driver, bespoke trigger has never been used over 10 years in upstream. We can re-support it if needed in the future, but let's remove it for now, because it just noise in upstream. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87v80ewmdi.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit 97b6784753da06d9d40232328efc5c5367e53417 Author: Andi Shyti Date: Fri Aug 2 10:38:50 2024 +0200 drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping offset. This can cause page fault access. Fix the calculation of the starting and ending addresses, the total size is now deduced from the difference between the end and start addresses. Additionally, the calculations have been rewritten in a clearer and more understandable form. Fixes: c58305af1835 ("drm/i915: Use remap_io_mapping() to prefault all PTE in a single pass") Reported-by: Jann Horn Co-developed-by: Chris Wilson Signed-off-by: Chris Wilson Signed-off-by: Andi Shyti Cc: Joonas Lahtinen Cc: Matthew Auld Cc: Rodrigo Vivi Cc: # v4.9+ Reviewed-by: Jann Horn Reviewed-by: Jonathan Cavitt [Joonas: Add Requires: tag] Requires: 60a2066c5005 ("drm/i915/gem: Adjust vma offset for framebuffer mmap offset") Signed-off-by: Joonas Lahtinen Link: https://patchwork.freedesktop.org/patch/msgid/20240802083850.103694-3-andi.shyti@linux.intel.com commit 60a2066c50058086510c91f404eb582029650970 Author: Andi Shyti Date: Fri Aug 2 10:38:49 2024 +0200 drm/i915/gem: Adjust vma offset for framebuffer mmap offset When mapping a framebuffer object, the virtual memory area (VMA) offset ('vm_pgoff') should be adjusted by the start of the 'vma_node' associated with the object. This ensures that the VMA offset is correctly aligned with the corresponding offset within the GGTT aperture. Increment vm_pgoff by the start of the vma_node with the offset= provided by the user. Suggested-by: Chris Wilson Signed-off-by: Andi Shyti Reviewed-by: Jonathan Cavitt Reviewed-by: Rodrigo Vivi Cc: # v4.9+ [Joonas: Add Cc: stable] Signed-off-by: Joonas Lahtinen Link: https://patchwork.freedesktop.org/patch/msgid/20240802083850.103694-2-andi.shyti@linux.intel.com commit 7424fc6b86c8980a87169e005f5cd4438d18efe6 Author: Gatlin Newhouse Date: Wed Jul 24 00:01:55 2024 +0000 x86/traps: Enable UBSAN traps on x86 Currently ARM64 extracts which specific sanitizer has caused a trap via encoded data in the trap instruction. Clang on x86 currently encodes the same data in the UD1 instruction but x86 handle_bug() and is_valid_bugaddr() currently only look at UD2. Bring x86 to parity with ARM64, similar to commit 25b84002afb9 ("arm64: Support Clang UBSAN trap codes for better reporting"). See the llvm links for information about the code generation. Enable the reporting of UBSAN sanitizer details on x86 compiled with clang when CONFIG_UBSAN_TRAP=y by analysing UD1 and retrieving the type immediate which is encoded by the compiler after the UD1. [ tglx: Simplified it by moving the printk() into handle_bug() ] Signed-off-by: Gatlin Newhouse Signed-off-by: Thomas Gleixner Acked-by: Peter Zijlstra (Intel) Cc: Kees Cook Link: https://lore.kernel.org/all/20240724000206.451425-1-gatlin.newhouse@gmail.com Link: https://github.com/llvm/llvm-project/commit/c5978f42ec8e9#diff-bb68d7cd885f41cfc35843998b0f9f534adb60b415f647109e597ce448e92d9f Link: https://github.com/llvm/llvm-project/blob/main/llvm/lib/Target/X86/X86InstrSystem.td#L27 commit d03521e6c18f62876b3b5c1fbf37e0d8ab9fd1b8 Author: Fei Shao Date: Fri Jul 19 12:58:04 2024 +0800 arm64: dts: mediatek: mt8186-corsola: Update ADSP reserved memory region Corsola firmware reserves the memory region of [0x60000000, 0x61100000) exclusively for ADSP usage. But in fact, a 6 MB "hole" of [0x60A00000, 0x61000000) didn't get assigned to the ADSP node in the Corsola device tree, meaning no audio tasks can access and utilize that memory section. Update the reserved ADSP memory region to fill the gap. Fixes: 8855d01fb81f ("arm64: dts: mediatek: Add MT8186 Krabby platform based Tentacruel / Tentacool") Signed-off-by: Fei Shao Reviewed-by: AngeloGioacchino Del Regno Link: https://lore.kernel.org/r/20240719045823.3264974-1-fshao@chromium.org Signed-off-by: AngeloGioacchino Del Regno commit 34d0472ce1087fbf8e2ba504a4625e4c74286c63 Author: Imre Deak Date: Mon Aug 5 18:07:56 2024 +0300 drm/i915: Remove DSC register dump The Display Engine's DSC register values are deducted from the DSC configuration stored in intel_crtc_state::dsc. The latter one is dumped in a human-readable format, so dumping the register values is redundant, remove it. Acked-by: Jani Nikula Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240805150802.3568970-8-imre.deak@intel.com commit 1de99ff7371bc6ce2187081bf5bfbbb4a7de28d7 Author: Imre Deak Date: Mon Aug 5 18:07:55 2024 +0300 drm/i915: Dump DSC state to dmesg and debugfs/i915_display_info Dump the DSC state to dmesg during HW readout and state computation as well as the i915_display_info debugfs entry. v2: Rebase on the s/DRM_X16/FXP_Q4 change. Acked-by: Jani Nikula Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240805150802.3568970-7-imre.deak@intel.com commit 2796b7ceec95bd5a7069cd27af7e4cf01a692db4 Author: Imre Deak Date: Mon Aug 5 18:07:54 2024 +0300 drm/i915: Replace BPP_X16_FMT()/ARGS() with FXP_Q4_FMT()/ARGS() Replace the BPP_X16_FMT()/ARGS() helpers defined by the driver with the equivalent FXP_Q4_FMT()/ARGS() helpers defined by DRM core. v2: Rebase on the s/DRM_X16/FXP_Q4 change. Acked-by: Jani Nikula Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240805150802.3568970-6-imre.deak@intel.com commit e60244554ca98e87ef731739f608eac54e478e9a Author: Imre Deak Date: Mon Aug 5 18:07:53 2024 +0300 drm/i915: Replace to_bpp_frac() with fxp_q4_to_frac() Replace the to_bpp_frac() helper defined by the driver with the equivalent fxp_q4_to_frac() helper defined by DRM core. v2: Rebase on the s/drm_x16/fxp_q4 change. Acked-by: Jani Nikula Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240805150802.3568970-5-imre.deak@intel.com commit ce9b1466f5a9a1b2acc80d29f12d69559fa97174 Author: Imre Deak Date: Mon Aug 5 18:07:52 2024 +0300 drm/i915: Replace to_bpp_int_roundup() with fxp_q4_to_int_roundup() Replace the to_bpp_int_roundup() helper defined by the driver with the equivalent fxp_q4_to_int_roundup() helper defined by DRM core. v2: Rebase on s/drm_x16/fxp_q4 change. Acked-by: Jani Nikula Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240805150802.3568970-4-imre.deak@intel.com commit 8466a14173e5ff7c2a52d8700a13f4b841d0e17c Author: Imre Deak Date: Mon Aug 5 18:07:51 2024 +0300 drm/i915: Replace to_bpp_int() with fxp_q4_to_int() Replace the to_bpp_int() helper defined by the driver with the equivalent fxp_q4_to_int() helper defined by DRM core. v2: Rebase on the s/drm_x16/fxp_q4 change. Acked-by: Jani Nikula Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240805150802.3568970-3-imre.deak@intel.com commit 3196763851b5fb9f7c8c488e233e947292cd71a6 Author: Imre Deak Date: Mon Aug 5 18:07:50 2024 +0300 drm/i915: Replace to_bpp_x16() with fxp_q4_from_int() Replace the to_bpp_x16() helper defined by the driver with the equivalent fxp_q4_from_int() helper defined by DRM core. v2: Rebase on the s/drm_x16/fxp_q4 change. Acked-by: Jani Nikula Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240805150802.3568970-2-imre.deak@intel.com commit 8294c090a05d10fa17fc63ffdaa643f1d123addc Author: Pin-yen Lin Date: Mon Aug 5 14:50:23 2024 +0800 arm64: dts: mediatek: mt8183: Remove clock from mfg_async power domain This clock dependency introduced a mutual dependency between mfg_async power domain and mt8183-mfgcfg clock, and Mediatek has confirmed that this dependency is not needed. Remove this to avoid potential deadlock. Signed-off-by: Pin-yen Lin Fixes: 37fb78b9aeb7 ("arm64: dts: mediatek: Add mt8183 power domains controller") Tested-by: Chen-Yu Tsai Link: https://lore.kernel.org/r/20240805065051.3129354-1-treapking@chromium.org Signed-off-by: AngeloGioacchino Del Regno commit f5843dc83583d58e13e6851c70ad8371f036dc35 Author: Chen-Yu Tsai Date: Tue Jun 25 17:54:38 2024 +0800 arm64: dts: mt8183-kukui: clean up regulator tree Some regulators in the kukui device tree are modeled incorrectly. Some are missing supplies and some switches are incorrectly modeled as voltage regulators. A pass-through was incorrectly modeled as a regulator. Add supplies where missing, remove voltage constraints for "switches", and drop the "bl_pp5000" pass-through. This depends on commit 2a99858c172e ("arm64: dts: mediatek: mt8183-kukui: Add PMIC regulator supplies") for reg_vsys. Fixes: cd894e274b74 ("arm64: dts: mt8183: Add krane-sku176 board") Fixes: f15722c0fef0 ("arm64: dts: mt8183: Add pwm and backlight node") Signed-off-by: Chen-Yu Tsai Link: https://lore.kernel.org/r/20240625095441.3474194-1-wenst@chromium.org Signed-off-by: AngeloGioacchino Del Regno commit ec5c04abbb3bd15f14eeebefd5287790f84970a8 Author: Rafał Miłecki Date: Sat Jul 27 13:48:28 2024 +0200 arm64: dts: mediatek: mt7981: add SPI controllers MT7981 (Filogic 820) has three on-SoC SPI controllers. Signed-off-by: Rafał Miłecki Reviewed-by: AngeloGioacchino Del Regno Link: https://lore.kernel.org/r/20240727114828.29558-2-zajec5@gmail.com Signed-off-by: AngeloGioacchino Del Regno commit 732ba98596046385dce6ac9f3f2c64cf1a2a660a Author: Nícolas F. R. A. Prado Date: Sat Aug 3 10:33:25 2024 -0400 arm64: dts: mediatek: mt8183-kukui: Disable unused efuse at 8000000 MT8183's Devicetree describes two eFuse regions: one at 8000000 and another at 11f10000. The efuse at 8000000, unlike the one at 11f10000 and the efuse on all other MediaTek SoCs, does not define any cell, including the socinfo-data ones which the mtk-efuse driver expects to always be present, resulting in the following errors in the log: mtk-socinfo mtk-socinfo.0.auto: error -ENOENT: Failed to get socinfo data mtk-socinfo mtk-socinfo.0.auto: probe with driver mtk-socinfo failed with error -2 The efuse at 8000000 is disabled by default but enabled on mt8183-kukui. Since it is unused, and to prevent the errors from being thrown, disable it on mt8183-kukui. Signed-off-by: Nícolas F. R. A. Prado Link: https://lore.kernel.org/r/20240803-mtk-socinfo-no-data-probe-err-v3-1-09cfffc7241a@collabora.com Signed-off-by: AngeloGioacchino Del Regno commit 48456547da153c3e3a59303609e08fd00365f674 Author: Nicolas Pitre Date: Mon Jun 3 12:50:53 2024 +0200 arm64: dts: mediatek: mt8188: add default thermal zones Inspired by the vendor kernel but adapted to the upstream thermal driver version. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Nicolas Pitre Signed-off-by: Julien Panis Link: https://lore.kernel.org/r/20240603-mtk-thermal-mt818x-dtsi-v7-6-8c8e3c7a3643@baylibre.com Signed-off-by: AngeloGioacchino Del Regno commit d39aacd1021a3fa953e4238fba63bb8de349232b Author: Nicolas Pitre Date: Mon Jun 3 12:50:52 2024 +0200 arm64: dts: mediatek: mt8188: add lvts definitions Various values extracted from the vendor's kernel driver. Signed-off-by: Nicolas Pitre Link: https://lore.kernel.org/r/20240402032729.2736685-14-nico@fluxnic.net [Angelo: Fixed wrong nvmem-cell-names] Signed-off-by: Julien Panis Link: https://lore.kernel.org/r/20240603-mtk-thermal-mt818x-dtsi-v7-5-8c8e3c7a3643@baylibre.com Signed-off-by: AngeloGioacchino Del Regno commit 965fe9178871948d3d409409f4235ba4e4e32cfd Author: Nicolas Pitre Date: Mon Jun 3 12:50:51 2024 +0200 arm64: dts: mediatek: mt8186: add default thermal zones Inspired by the vendor kernel but adapted to the upstream thermal driver version. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Nicolas Pitre Signed-off-by: Julien Panis Link: https://lore.kernel.org/r/20240603-mtk-thermal-mt818x-dtsi-v7-4-8c8e3c7a3643@baylibre.com Signed-off-by: AngeloGioacchino Del Regno commit b3610c99f11c30cdc24a2809c73a25e9ab6a044f Author: Nicolas Pitre Date: Mon Jun 3 12:50:50 2024 +0200 arm64: dts: mediatek: mt8186: add lvts definitions Values extracted from vendor source tree. Signed-off-by: Nicolas Pitre Link: https://lore.kernel.org/r/20240402032729.2736685-8-nico@fluxnic.net [Angelo: Fixed validation and quality issues] Signed-off-by: Julien Panis Link: https://lore.kernel.org/r/20240603-mtk-thermal-mt818x-dtsi-v7-3-8c8e3c7a3643@baylibre.com Signed-off-by: AngeloGioacchino Del Regno commit 0079c9d1e58a39148e6ce13bda55307ea6aa3a9e Author: Takashi Iwai Date: Tue Aug 6 09:00:23 2024 +0200 ALSA: ump: Handle MIDI 1.0 Function Block in MIDI 2.0 protocol The UMP v1.1 spec says in the section 6.2.1: "If a UMP Endpoint declares MIDI 2.0 Protocol but a Function Block represents a MIDI 1.0 connection, then may optionally be used for messages to/from that Function Block." It implies that the driver can (and should) keep MIDI 1.0 CVM exceptionally for those FBs even if UMP Endpoint is running in MIDI 2.0 protocol, and the current driver lacks of it. This patch extends the sequencer port info to indicate a MIDI 1.0 port, and tries to send/receive MIDI 1.0 CVM as is when this port is the source or sink. The sequencer port flag is set by the driver at parsing FBs and GTBs although application can set it to its own user-space clients, too. Link: https://patch.msgid.link/20240806070024.14301-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit bcc31692a1d1e21f0d06c5f727c03ee299d2264e Author: Hans de Goede Date: Mon Aug 5 16:51:47 2024 +0200 HID: Ignore battery for all ELAN I2C-HID devices Before this change there were 16 vid:pid based quirks to ignore the battery reported by Elan I2C-HID touchscreens on various Asus and HP laptops. And a report has been received that the 04F3:2A00 I2C touchscreen on the HP ProBook x360 11 G5 EE/86CF also reports a non present battery. Since I2C-HID devices are always builtin to laptops they are not battery owered so it should be safe to just ignore the battery on all Elan I2C-HID devices, rather then adding a 17th quirk for the 04F3:2A00 touchscreen. As reported in the changelog of commit a3a5a37efba1 ("HID: Ignore battery for ELAN touchscreens 2F2C and 4116"), which added 2 new Elan touchscreen quirks about a month ago, the HID reported battery seems to be related to a stylus being used. But even when a stylus is in use it does not properly report the charge of the stylus battery, instead the reported battery charge jumps from 0% to 1%. So it is best to just ignore the HID battery. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2302776 Cc: Louis Dalibard Signed-off-by: Hans de Goede Signed-off-by: Jiri Kosina commit b0cd6f4c3f1963439e9f26363c2bd40a05239f0a Author: Herbert Xu Date: Tue Aug 6 13:45:59 2024 +0800 Revert "crypto: arm64/poly1305 - move data to rodata section" This reverts commit 47d96252099a7184b4bad852fcfa3c233c1d2f71. It causes build issues as detected by the kernel test robot. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408040817.OWKXtCv6-lkp@intel.com/ Signed-off-by: Herbert Xu commit 9e3d665384fca2a1c56283c7a79a968243ef4614 Author: Wei Yang Date: Tue Aug 6 01:03:19 2024 +0000 memblock test: fix implicit declaration of function 'strscpy' Commit 1e4c64b71c9b ("mm/memblock: Add "reserve_mem" to reserved named memory at boot up") introduce the usage of strscpy, which breaks the memblock test. Let's define it as strcpy in userspace to fix it. Signed-off-by: Wei Yang Link: https://lore.kernel.org/r/20240806010319.29194-5-richard.weiyang@gmail.com Signed-off-by: Mike Rapoport (Microsoft) commit 8ac13bc7c266102f1068faafa5314522b68ebe65 Author: Wei Yang Date: Tue Aug 6 01:03:18 2024 +0000 memblock test: fix implicit declaration of function 'isspace' Commit 1e4c64b71c9b ("mm/memblock: Add "reserve_mem" to reserved named memory at boot up") introduce usage of isspace(). Let's include in kernel.h to fix this. Signed-off-by: Wei Yang Link: https://lore.kernel.org/r/20240806010319.29194-4-richard.weiyang@gmail.com Signed-off-by: Mike Rapoport (Microsoft) commit a88cde5769d523e4ae6aad61237e4a5f6bd2309a Author: Wei Yang Date: Tue Aug 6 01:03:17 2024 +0000 memblock test: fix implicit declaration of function 'memparse' Commit 1e4c64b71c9b ("mm/memblock: Add "reserve_mem" to reserved named memory at boot up") introduce the usage of memparse(), which is not defined in memblock test. Add the definition and link it to fix the build. Signed-off-by: Wei Yang Link: https://lore.kernel.org/r/20240806010319.29194-3-richard.weiyang@gmail.com Signed-off-by: Mike Rapoport (Microsoft) commit 9f76c2ade323121f9006f6a529e0795317e16b5c Author: Wei Yang Date: Tue Aug 6 01:03:16 2024 +0000 memblock test: add the definition of __setup() Commit 1e4c64b71c9b ("mm/memblock: Add "reserve_mem" to reserved named memory at boot up") introduce usage of __setup(), which is not defined in memblock test. Define it in init.h to fix the build error. Signed-off-by: Wei Yang Link: https://lore.kernel.org/r/20240806010319.29194-2-richard.weiyang@gmail.com Signed-off-by: Mike Rapoport (Microsoft) commit 39f64e402f659890a99d415eaf63a01f3b80a9a8 Author: Wei Yang Date: Tue Aug 6 01:03:15 2024 +0000 memblock test: fix implicit declaration of function 'virt_to_phys' Commit 94ff46de4a73 ("memblock: Move late alloc warning down to phys alloc") introduce the usage of virt_to_phys(), which is not defined in memblock tests. Define it in mm.h to fix the build error. Signed-off-by: Wei Yang Link: https://lore.kernel.org/r/20240806010319.29194-1-richard.weiyang@gmail.com Signed-off-by: Mike Rapoport (Microsoft) commit e2ae9cf39f8806d2d8f5eb0a22ba511804a804ec Author: Wei Yang Date: Fri Jul 12 03:51:38 2024 +0000 tools/testing: abstract two init.h into common include directory Currently we have two test suits define its own init.h. This is a little redundant. Let's create a init.h in common include directory and merge these two into it. Signed-off-by: Wei Yang CC: Mike Rapoport CC: Liam R. Howlett Link: https://lore.kernel.org/r/20240712035138.24674-3-richard.weiyang@gmail.com Signed-off-by: Mike Rapoport (Microsoft) commit d68c08173b70952cd74bb45075b843f4a637a43b Author: Wei Yang Date: Fri Jul 12 03:51:37 2024 +0000 memblock tests: include export.h in linkage.h as kernel dose In kernel code, linkage.h includes export.h. Let's sync with kernel. This is a preparation for move init.h in common include directory. Signed-off-by: Wei Yang CC: Mike Rapoport Link: https://lore.kernel.org/r/20240712035138.24674-2-richard.weiyang@gmail.com Signed-off-by: Mike Rapoport (Microsoft) commit 19c91bd8932a2e00f8de76022c780951166be9a0 Author: Wei Yang Date: Fri Jul 12 03:51:36 2024 +0000 memblock tests: include memory_hotplug.h in mmzone.h as kernel dose In kernel code, memory_hotplug.h is included in mmzone.h instead of in init.h. Let's sync with kernel. This is a preparation for move init.h in common include directory. Signed-off-by: Wei Yang CC: Mike Rapoport Link: https://lore.kernel.org/r/20240712035138.24674-1-richard.weiyang@gmail.com Signed-off-by: Mike Rapoport (Microsoft) commit fb97d2eb542faf19a8725afbd75cbc2518903210 Author: Roman Kisel Date: Thu Jul 18 11:27:25 2024 -0700 binfmt_elf, coredump: Log the reason of the failed core dumps Missing, failed, or corrupted core dumps might impede crash investigations. To improve reliability of that process and consequently the programs themselves, one needs to trace the path from producing a core dumpfile to analyzing it. That path starts from the core dump file written to the disk by the kernel or to the standard input of a user mode helper program to which the kernel streams the coredump contents. There are cases where the kernel will interrupt writing the core out or produce a truncated/not-well-formed core dump without leaving a note. Add logging for the core dump collection failure paths to be able to reason what has gone wrong when the core dump is malformed or missing. Report the size of the data written to aid in diagnosing the user mode helper. Signed-off-by: Roman Kisel Link: https://lore.kernel.org/r/20240718182743.1959160-3-romank@linux.microsoft.com Signed-off-by: Kees Cook commit c114e9948c2b6a0b400266e59cc656b59e795bca Author: Roman Kisel Date: Thu Jul 18 11:27:24 2024 -0700 coredump: Standartize and fix logging The coredump code does not log the process ID and the comm consistently, logs unescaped comm when it does log it, and does not always use the ratelimited logging. That makes it harder to analyze logs and puts the system at the risk of spamming the system log incase something crashes many times over and over again. Fix that by logging TGID and comm (escaped) consistently and using the ratelimited logging always. Signed-off-by: Roman Kisel Tested-by: Allen Pais Link: https://lore.kernel.org/r/20240718182743.1959160-2-romank@linux.microsoft.com Signed-off-by: Kees Cook commit eec9de0354105527e31394c0ed4b8c54fb1fe1dd Merge: e8fc78eb658a1e d17125fb092322 Author: Jakub Kicinski Date: Mon Aug 5 16:44:46 2024 -0700 Merge branch 'mlx5-ptm-cross-timestamping-support' Tariq Toukan says: ==================== mlx5 PTM cross timestamping support This patchset by Rahul and Carolina adds PTM (Precision Time Measurement) support to the mlx5 driver. PTM is a PCI extended capability introduced by PCI-SIG for providing an accurate read of the device clock offset without being impacted by asymmetric bus transfer rates. The performance of PTM on ConnectX-7 was evaluated using both real-time (RTC) and free-running (FRC) clocks under traffic and no traffic conditions. Tests with phc2sys measured the maximum offset values at a 50Hz rate, with and without PTM. Results: 1. No traffic +-----+--------+--------+ | | No-PTM | PTM | +-----+--------+--------+ | FRC | 125 ns | <29 ns | +-----+--------+--------+ | RTC | 248 ns | <34 ns | +-----+--------+--------+ 2. With traffic +-----+--------+--------+ | | No-PTM | PTM | +-----+--------+--------+ | FRC | 254 ns | <40 ns | +-----+--------+--------+ | RTC | 255 ns | <45 ns | +-----+--------+--------+ v2: https://lore.kernel.org/d1dba3e1-2ecc-4fdf-a23b-7696c4bccf45@gmail.com ==================== Link: https://patch.msgid.link/20240730134055.1835261-1-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit d17125fb0923228fb3cc1e03790de4ee88f7f95f Author: Rahul Rameshbabu Date: Tue Jul 30 16:40:54 2024 +0300 net/mlx5: Implement PTM cross timestamping support Expose Precision Time Measurement support through related PTP ioctl. The performance of PTM on ConnectX-7 was evaluated using both real-time (RTC) and free-running (FRC) clocks under traffic and no traffic conditions. Tests with phc2sys measured the maximum offset values at a 50Hz rate, with and without PTM. Results: 1. No traffic +-----+--------+--------+ | | No-PTM | PTM | +-----+--------+--------+ | FRC | 125 ns | <29 ns | +-----+--------+--------+ | RTC | 248 ns | <34 ns | +-----+--------+--------+ 2. With traffic +-----+--------+--------+ | | No-PTM | PTM | +-----+--------+--------+ | FRC | 254 ns | <40 ns | +-----+--------+--------+ | RTC | 255 ns | <45 ns | +-----+--------+--------+ Signed-off-by: Rahul Rameshbabu Co-developed-by: Carolina Jubran Signed-off-by: Carolina Jubran Signed-off-by: Tariq Toukan Reviewed-by: Wojciech Drewek Tested-by: Vadim Fedorenko Link: https://patch.msgid.link/20240730134055.1835261-4-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit bec6d85d43eb7fa0834b4284bdc62f7d3a23288f Author: Carolina Jubran Date: Tue Jul 30 16:40:53 2024 +0300 net/mlx5: Add support for enabling PTM PCI capability Since the kernel doesn't support enabling Precision Time Measurement for an endpoint device, enable the PTM PCI capability in the driver. Signed-off-by: Carolina Jubran Signed-off-by: Tariq Toukan Reviewed-by: Wojciech Drewek Tested-by: Vadim Fedorenko Link: https://patch.msgid.link/20240730134055.1835261-3-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit 7e45c1e9edc0004b914e2d5a33245908a06f072c Author: Rahul Rameshbabu Date: Tue Jul 30 16:40:52 2024 +0300 net/mlx5: Add support for MTPTM and MTCTR registers Make Management Precision Time Measurement (MTPTM) register and Management Cross Timestamp (MTCTR) register usable in mlx5 driver. Signed-off-by: Rahul Rameshbabu Signed-off-by: Tariq Toukan Reviewed-by: Wojciech Drewek Tested-by: Vadim Fedorenko Link: https://patch.msgid.link/20240730134055.1835261-2-tariqt@nvidia.com Signed-off-by: Jakub Kicinski commit e8fc78eb658a1ebcb871e93bbe4f18e9d51fdd3a Author: Colin Ian King Date: Fri Aug 2 12:34:36 2024 +0100 tools: ynl: remove extraneous ; after statements There are a couple of statements with two following semicolons, replace these with just one semicolon. Signed-off-by: Colin Ian King Reviewed-by: Donald Hunter Link: https://patch.msgid.link/20240802113436.448939-1-colin.i.king@gmail.com Signed-off-by: Jakub Kicinski commit 0143ed320573e66773b9438b935c39270a55df29 Merge: 10a6545f0bdcbb 87d973e8ddeedd Author: Jakub Kicinski Date: Mon Aug 5 16:22:51 2024 -0700 Merge branch 'net-constify-struct-net-parameter-of-socket-lookups' Eric Dumazet says: ==================== net: constify 'struct net' parameter of socket lookups We should keep const qualifiers whenever possible. This series should remove the need for Tom patch in : Link: https://lore.kernel.org/netdev/20240731172332.683815-2-tom@herbertland.com/ ==================== Link: https://patch.msgid.link/20240802134029.3748005-1-edumazet@google.com Signed-off-by: Jakub Kicinski commit 87d973e8ddeeddf1777e6689df86d5d369cbcbb3 Author: Eric Dumazet Date: Fri Aug 2 13:40:29 2024 +0000 ipv6: udp: constify 'struct net' parameter of socket lookups Following helpers do not touch their 'struct net' argument. - udp6_lib_lookup() - __udp6_lib_lookup() Signed-off-by: Eric Dumazet Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240802134029.3748005-6-edumazet@google.com Signed-off-by: Jakub Kicinski commit 10b2a44ccb0cdf85480b6f73a23530aa3ac722de Author: Eric Dumazet Date: Fri Aug 2 13:40:28 2024 +0000 inet6: constify 'struct net' parameter of various lookup helpers Following helpers do not touch their struct net argument: - bpf_sk_lookup_run_v6() - __inet6_lookup_established() - inet6_lookup_reuseport() - inet6_lookup_listener() - inet6_lookup_run_sk_lookup() - __inet6_lookup() - inet6_lookup() Signed-off-by: Eric Dumazet Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240802134029.3748005-5-edumazet@google.com Signed-off-by: Jakub Kicinski commit b9abcbb1239cd782f76532397a7c45458de9a73e Author: Eric Dumazet Date: Fri Aug 2 13:40:27 2024 +0000 udp: constify 'struct net' parameter of socket lookups Following helpers do not touch their 'struct net' argument. - udp_sk_bound_dev_eq() - udp4_lib_lookup() - __udp4_lib_lookup() Signed-off-by: Eric Dumazet Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240802134029.3748005-4-edumazet@google.com Signed-off-by: Jakub Kicinski commit d4433e8b405a882fa2ef29601c4ad262ba6e5526 Author: Eric Dumazet Date: Fri Aug 2 13:40:26 2024 +0000 inet: constify 'struct net' parameter of various lookup helpers Following helpers do not touch their struct net argument: - bpf_sk_lookup_run_v4() - inet_lookup_reuseport() - inet_lhash2_lookup() - inet_lookup_run_sk_lookup() - __inet_lookup_listener() - __inet_lookup_established() Signed-off-by: Eric Dumazet Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240802134029.3748005-3-edumazet@google.com Signed-off-by: Jakub Kicinski commit a2dc7bee4f77266ebb8e3a8544fc5f7812835f8c Author: Eric Dumazet Date: Fri Aug 2 13:40:25 2024 +0000 inet: constify inet_sk_bound_dev_eq() net parameter inet_sk_bound_dev_eq() and its callers do not modify the net structure. Signed-off-by: Eric Dumazet Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240802134029.3748005-2-edumazet@google.com Signed-off-by: Jakub Kicinski commit fceff12e52985e49c464f402e11b2f97bce3cc24 Author: Krzysztof Niemiec Date: Thu Aug 1 17:40:48 2024 +0200 drm/i915/gt: Empty uabi engines list during intel_engines_release() While the uabi_engines_llist is populated in intel_engines_init() during driver load, the corresponding function intel_engines_release() does not correctly get rid of it. This can lead to a UAF if, after failed initialization (for example when gt is set wedged on init), we try to access the engines. Suggested-by: Chris Wilson Signed-off-by: Krzysztof Niemiec Reviewed-by: Andi Shyti Signed-off-by: Andi Shyti Link: https://patchwork.freedesktop.org/patch/msgid/20240801154047.115176-2-krzysztof.niemiec@intel.com commit 843f10ce6539cd5e4989415e18cb809f4cff8b91 Author: Nitin Gote Date: Wed Jul 31 21:26:14 2024 +0530 drm/i915/gt: Add Wa_14019789679 Wa_14019789679 implementation for MTL, ARL and DG2. v2: Corrected condition v3: - Fix indentation (Jani Nikula) - dword size should be 0x1 and initialize dword to 0 instead of MI_NOOP (Tejas) - Use IS_GFX_GT_IP_RANGE() (Tejas) v4: - 3DSTATE_MESH_CONTROL instruction is 3 dwords long Align with dword size. (Roper, Matthew D) - Add RCS engine check. (Tejas) Bspec: 47083 Signed-off-by: Nitin Gote Reviewed-by: Tejas Upadhyay Reviewed-by: Matt Roper Reviewed-by: Andi Shyti Signed-off-by: Andi Shyti Link: https://patchwork.freedesktop.org/patch/msgid/20240731155614.3460645-1-nitin.r.gote@intel.com commit 8d5309b7f67571bc0c95d430f4722a99d38f3b79 Author: Matthew Brost Date: Mon Aug 5 13:02:33 2024 -0700 drm/xe: Only check last fence on user binds We only set the last fence on user binds, so no need to check last fence kernel issued binds. Will avoid blowing up last fence lockdep asserts. Cc: Francois Dugast Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240805200233.3050325-1-matthew.brost@intel.com commit 92841d6e23de09f180f948f99ddb40135775cedc Author: Waiman Long Date: Sun Aug 4 21:30:19 2024 -0400 selftest/cgroup: Add new test cases to test_cpuset_prs.sh Add new test cases to test_cpuset_prs.sh to cover corner cases reported in previous fix commits. Signed-off-by: Waiman Long Signed-off-by: Tejun Heo commit 99570300d3b4c8a1463491754d58e7a8d87cacef Author: Waiman Long Date: Sun Aug 4 21:30:18 2024 -0400 cgroup/cpuset: Check for partition roots with overlapping CPUs With the previous commit that eliminates the overlapping partition root corner cases in the hotplug code, the partition roots passed down to generate_sched_domains() should not have overlapping CPUs. Enable overlapping cpuset check for v2 and warn if that happens. This patch also has the benefit of increasing test coverage of the new Union-Find cpuset merging code to cgroup v2. Signed-off-by: Waiman Long Signed-off-by: Tejun Heo commit bc3c27516ffd836485446219344b2b74a5efb483 Merge: 4980f712023a1c ff0ce721ec2134 Author: Tejun Heo Date: Mon Aug 5 10:56:49 2024 -1000 Merge branch 'cgroup/for-6.11-fixes' into cgroup/for-6.12 cgroup/for-6.12 is about to receive updates that are dependent on changes from both for-6.11-fixes and for-6.12. Pull in for-6.11-fixes. Signed-off-by: Tejun Heo commit 4980f712023a1c0c26a12f5212ced34587d81663 Author: Xiu Jianfeng Date: Mon Aug 5 00:43:04 2024 +0000 cgroup/pids: Remove unreachable paths of pids_{can,cancel}_fork According to the implementation of cgroup_css_set_fork(), it will fail if cset cannot be found and the can_fork/cancel_fork methods will not be called in this case, which means that the argument 'cset' for these methods must not be NULL, so remove the unrechable paths in them. Signed-off-by: Xiu Jianfeng Reviewed-by: Waiman Long Signed-off-by: Tejun Heo commit 1a0bd289a5db1df8df8fab949633a0b8d3f235ee Author: Chao Yu Date: Tue Jun 25 11:13:48 2024 +0800 f2fs: atomic: fix to avoid racing w/ GC Case #1: SQLite App GC Thread Kworker Shrinker - f2fs_ioc_start_atomic_write - f2fs_ioc_commit_atomic_write - f2fs_commit_atomic_write - filemap_write_and_wait_range : write atomic_file's data to cow_inode echo 3 > drop_caches to drop atomic_file's cache. - f2fs_gc - gc_data_segment - move_data_page - set_page_dirty - writepages - f2fs_do_write_data_page : overwrite atomic_file's data to cow_inode - f2fs_down_write(&fi->i_gc_rwsem[WRITE]) - __f2fs_commit_atomic_write - f2fs_up_write(&fi->i_gc_rwsem[WRITE]) Case #2: SQLite App GC Thread Kworker - f2fs_ioc_start_atomic_write - __writeback_single_inode - do_writepages - f2fs_write_cache_pages - f2fs_write_single_data_page - f2fs_do_write_data_page : write atomic_file's data to cow_inode - f2fs_gc - gc_data_segment - move_data_page - set_page_dirty - writepages - f2fs_do_write_data_page : overwrite atomic_file's data to cow_inode - f2fs_ioc_commit_atomic_write In above cases racing in between atomic_write and GC, previous data in atomic_file may be overwrited to cow_file, result in data corruption. This patch introduces PAGE_PRIVATE_ATOMIC_WRITE bit flag in page.private, and use it to indicate that there is last dirty data in atomic file, and the data should be writebacked into cow_file, if the flag is not tagged in page, we should never write data across files. Fixes: 3db1de0e582c ("f2fs: change the current atomic write way") Cc: Daeho Jeong Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit d72750e4a7528b83a07b65335c35b454a98593d4 Author: Julian Sun Date: Sun Jul 21 22:39:13 2024 -0400 f2fs: fix macro definition stat_inc_cp_count The macro stat_inc_cp_count accepts a parameter si, but it was not used, rather the variable sbi was directly used, which may be a local variable inside a function that calls the macros. Signed-off-by: Julian Sun Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit d1e1ff971d1aafeaedda69136e6974e3a8792cbd Author: Julian Sun Date: Sun Jul 21 22:39:12 2024 -0400 f2fs: fix macro definition on_f2fs_build_free_nids The macro on_f2fs_build_free_nids accepts a parameter nmi, but it was not used, rather the variable nm_i was directly used, which may be a local variable inside a function that calls the macros. Signed-off-by: Julian Sun Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 8444ce524947daf441546b5b3a0c418706dade35 Author: Liao Yuanhong Date: Mon Jul 15 20:34:51 2024 +0800 f2fs: add write priority option based on zone UFS Currently, we are using a mix of traditional UFS and zone UFS to support some functionalities that cannot be achieved on zone UFS alone. However, there are some issues with this approach. There exists a significant performance difference between traditional UFS and zone UFS. Under normal usage, we prioritize writes to zone UFS. However, in critical conditions (such as when the entire UFS is almost full), we cannot determine whether data will be written to traditional UFS or zone UFS. This can lead to significant performance fluctuations, which is not conducive to development and testing. To address this, we have added an option zlu_io_enable under sys with the following three modes: 1) zlu_io_enable == 0:Normal mode, prioritize writing to zone UFS; 2) zlu_io_enable == 1:Zone UFS only mode, only allow writing to zone UFS; 3) zlu_io_enable == 2:Traditional UFS priority mode, prioritize writing to traditional UFS. Signed-off-by: Liao Yuanhong Signed-off-by: Wu Bo Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 50438dbc483ca6a133d2bce9d5d6747bcee38371 Author: Nikita Zhandarovich Date: Wed Jul 24 10:51:58 2024 -0700 f2fs: avoid potential int overflow in sanity_check_area_boundary() While calculating the end addresses of main area and segment 0, u32 may be not enough to hold the result without the danger of int overflow. Just in case, play it safe and cast one of the operands to a wider type (u64). Found by Linux Verification Center (linuxtesting.org) with static analysis tool SVACE. Fixes: fd694733d523 ("f2fs: cover large section in sanity check of super") Cc: stable@vger.kernel.org Signed-off-by: Nikita Zhandarovich Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 1cade98cf6415897bf9342ee451cc5b40b58c638 Author: Nikita Zhandarovich Date: Wed Jul 24 10:28:38 2024 -0700 f2fs: fix several potential integer overflows in file offsets When dealing with large extents and calculating file offsets by summing up according extent offsets and lengths of unsigned int type, one may encounter possible integer overflow if the values are big enough. Prevent this from happening by expanding one of the addends to (pgoff_t) type. Found by Linux Verification Center (linuxtesting.org) with static analysis tool SVACE. Fixes: d323d005ac4a ("f2fs: support file defragment") Cc: stable@vger.kernel.org Signed-off-by: Nikita Zhandarovich Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 47f268f33dff4a5e31541a990dc09f116f80e61c Author: Nikita Zhandarovich Date: Wed Jul 24 10:05:44 2024 -0700 f2fs: prevent possible int overflow in dir_block_index() The result of multiplication between values derived from functions dir_buckets() and bucket_blocks() *could* technically reach 2^30 * 2^2 = 2^32. While unlikely to happen, it is prudent to ensure that it will not lead to integer overflow. Thus, use mul_u32_u32() as it's more appropriate to mitigate the issue. Found by Linux Verification Center (linuxtesting.org) with static analysis tool SVACE. Fixes: 3843154598a0 ("f2fs: introduce large directory support") Cc: stable@vger.kernel.org Signed-off-by: Nikita Zhandarovich Reviewed-by: Chao Yu Signed-off-by: Jaegeuk Kim commit 2cf66b9de406dadbe7598618aa4541261d7bf536 Author: Chao Yu Date: Thu Jul 11 09:46:32 2024 +0800 f2fs: clean up data_blkaddr() and get_dnode_addr() Introudce a new help get_dnode_base() to wrap common code from get_dnode_addr() and data_blkaddr() for cleanup. Signed-off-by: Chao Yu Signed-off-by: Jaegeuk Kim commit ce533c9bc6deb12535348693fd48fab92a748c2a Author: Namhyung Kim Date: Sat Aug 3 14:13:32 2024 -0700 perf annotate: Add --skip-empty option Like in 'perf report', we want to hide empty events in the 'perf annotate' output. This is consistent when the option is set in perf report. For example, the following command would use 3 events including dummy. $ perf mem record -a -- perf test -w noploop $ perf evlist cpu/mem-loads,ldlat=30/P cpu/mem-stores/P dummy:u Just using perf annotate with --group will show the all 3 events. $ perf annotate --group --stdio | head Percent | Source code & Disassembly of ... -------------------------------------------------------------- : 0 0xe060 <_dl_relocate_object>: 0.00 0.00 0.00 : e060: pushq %rbp 0.00 0.00 0.00 : e061: movq %rsp, %rbp 0.00 0.00 0.00 : e064: pushq %r15 0.00 0.00 0.00 : e066: movq %rdi, %r15 0.00 0.00 0.00 : e069: pushq %r14 0.00 0.00 0.00 : e06b: pushq %r13 0.00 0.00 0.00 : e06d: movl %edx, %r13d Now with --skip-empty, it'll hide the last dummy event. $ perf annotate --group --stdio --skip-empty | head Percent | Source code & Disassembly of ... ------------------------------------------------------ : 0 0xe060 <_dl_relocate_object>: 0.00 0.00 : e060: pushq %rbp 0.00 0.00 : e061: movq %rsp, %rbp 0.00 0.00 : e064: pushq %r15 0.00 0.00 : e066: movq %rdi, %r15 0.00 0.00 : e069: pushq %r14 0.00 0.00 : e06b: pushq %r13 0.00 0.00 : e06d: movl %edx, %r13d Committer testing: root@x1:~# perf evlist cpu_atom/mem-loads,ldlat=30/P cpu_atom/mem-stores/P dummy:u root@x1:~# Before: root@x1:~# perf annotate --group --stdio2 do_lookup_x | head -25 Samples: 20 of events 'cpu_atom/mem-loads,ldlat=30/P, cpu_atom/mem-stores/P, dummy:u', 4000 Hz, Event count (approx.): 769079, [percent: local period] do_lookup_x() /usr/lib64/ld-linux-x86-64.so.2 Percent 0x9900 : pushq %rbp movq %rsp,%rbp pushq %r15 pushq %r14 pushq %r13 pushq %r12 pushq %rbx subq $0x88,%rsp movq %rdi,-0x50(%rbp) movl 8(%r9),%edi movq 0x10(%rbp),%r12 movq 0x28(%rbp),%r10 movq %rdx,-0x70(%rbp) movq %rcx,-0x58(%rbp) movq %rdi,%r11 0.00 5.73 0.00 movq %r8,-0x68(%rbp) movq (%r9),%r8 movl %esi,%eax 8.30 0.00 0.00 movl 0x30(%rbp),%r9d movl %esi,%r15d shrl $6, %eax movq %r8,%r13 root@x1:~# After: root@x1:~# perf annotate --group --skip-empty --stdio2 do_lookup_x | head -25 Samples: 20 of events 'cpu_atom/mem-loads,ldlat=30/P, cpu_atom/mem-stores/P', 4000 Hz, Event count (approx.): 769079, [percent: local period] do_lookup_x() /usr/lib64/ld-linux-x86-64.so.2 Percent 0x9900 : pushq %rbp movq %rsp,%rbp pushq %r15 pushq %r14 pushq %r13 pushq %r12 pushq %rbx subq $0x88,%rsp movq %rdi,-0x50(%rbp) movl 8(%r9),%edi movq 0x10(%rbp),%r12 movq 0x28(%rbp),%r10 movq %rdx,-0x70(%rbp) movq %rcx,-0x58(%rbp) movq %rdi,%r11 0.00 5.73 movq %r8,-0x68(%rbp) movq (%r9),%r8 movl %esi,%eax 8.30 0.00 movl 0x30(%rbp),%r9d movl %esi,%r15d shrl $6, %eax movq %r8,%r13 root@x1:~# Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240803211332.1107222-6-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit bb588e38290fb7236e7f2c0bcbd720150277ca83 Author: Namhyung Kim Date: Sat Aug 3 14:13:31 2024 -0700 perf annotate: Set al->data_nr using the notes->src->nr_events This is a preparation to support skipping empty events. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240803211332.1107222-5-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit b00e4d0d93d30a693ee88b2c25f40181d327e53b Author: Namhyung Kim Date: Sat Aug 3 14:13:30 2024 -0700 perf annotate: Use annotation__pcnt_width() consistently The annotation__pcnt_width() calculates the screen width for the overhead (percent) area considering event groups properly. Use this function consistently so that we can make sure it has similar output in different modes. But there's a difference in stdio and tui output: stdio uses 8 and tui uses 7 for a percent. Let's use 8 and adjust the print width in __annotation_line__write() properly. Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240803211332.1107222-4-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit cb1e8bfc7914747692c06b215539ef80105fddbc Author: Namhyung Kim Date: Sat Aug 3 14:13:29 2024 -0700 perf annotate: Set notes->src->nr_events early We want to use it in different places so make sure it sets properly in symbol__annotate() before creating the disasm lines. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240803211332.1107222-3-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 2dc02c26419b984692e20949252ca6cba515abaf Author: Namhyung Kim Date: Sat Aug 3 14:13:28 2024 -0700 perf annotate: Use al->data_nr if possible The data_nr keeps the number of entries in al->data[] so it should use it when it iterates the array. The notes->src->nr_events should have the same number but it'd be natural to use al->data_nr. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240803211332.1107222-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 7c08a2615f149f64fb1bb4660997e152fb3a11a7 Merge: dc1c8034e31b14 945302df3de156 Author: Palmer Dabbelt Date: Mon Aug 5 12:06:43 2024 -0700 Merge patch series "RISC-V: Parse DT for Zkr to seed KASLR" Jesse Taube says: Add functions to pi/fdt_early.c to help parse the FDT to check if the isa string has the Zkr extension. Then use the Zkr extension to seed the KASLR base address. The first two patches fix the visibility of symbols. * b4-shazam-merge: RISC-V: Use Zkr to seed KASLR base address RISC-V: pi: Add kernel/pi/pi.h RISC-V: lib: Add pi aliases for string functions RISC-V: pi: Force hidden visibility for all symbol references Link: https://lore.kernel.org/r/20240709173937.510084-1-jesse@rivosinc.com Signed-off-by: Palmer Dabbelt commit 945302df3de156fc367d3b537cec76d4aea0b0d1 Author: Jesse Taube Date: Tue Jul 9 13:39:37 2024 -0400 RISC-V: Use Zkr to seed KASLR base address Parse the device tree for Zkr in the isa string. If Zkr is present, use it to seed the kernel base address. On an ACPI system, as of this commit, there is no easy way to check if Zkr is present. Blindly running the instruction isn't an option as; we have to be able to trust the firmware. Signed-off-by: Jesse Taube Reviewed-by: Charlie Jenkins Reviewed-by: Alexandre Ghiti Tested-by: Zong Li Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240709173937.510084-5-jesse@rivosinc.com Signed-off-by: Palmer Dabbelt commit b3311827155aca72498b8a0dfd0f2499b70d39b8 Author: Jesse Taube Date: Tue Jul 9 13:39:36 2024 -0400 RISC-V: pi: Add kernel/pi/pi.h Add pi.h header for declarations of the kernel/pi prefixed functions and any other related declarations. Suggested-by: Charlie Jenkins Signed-off-by: Jesse Taube Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/20240709173937.510084-4-jesse@rivosinc.com Signed-off-by: Palmer Dabbelt commit d57e19fcbf3f7492974e78cd1dbaf85c67d198ce Author: Jesse Taube Date: Tue Jul 9 13:39:35 2024 -0400 RISC-V: lib: Add pi aliases for string functions memset, strcmp, and strncmp are all used in the __pi_ section, add SYM_FUNC_ALIAS for them. When KASAN is enabled in __pi___memset is also needed. Suggested-by: Charlie Jenkins Signed-off-by: Jesse Taube Reviewed-by: Charlie Jenkins Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/20240709173937.510084-3-jesse@rivosinc.com Signed-off-by: Palmer Dabbelt commit 14c3ec67236b2d90c553d2575950369aa6fa43c5 Author: Jesse Taube Date: Tue Jul 9 13:39:34 2024 -0400 RISC-V: pi: Force hidden visibility for all symbol references Eliminate all GOT entries in the .pi section, by forcing hidden visibility for all symbol references, which informs the compiler that such references will be resolved at link time without the need for allocating GOT entries. Include linux/hidden.h in Makefile, like arm64, for the hidden visibility attribute. Signed-off-by: Jesse Taube Reviewed-by: Alexandre Ghiti Link: https://lore.kernel.org/r/20240709173937.510084-2-jesse@rivosinc.com Signed-off-by: Palmer Dabbelt commit be1dec570b6f5a29ce9c99334c52bea94c28914b Author: Ashutosh Dixit Date: Sun Aug 4 23:20:57 2024 -0700 drm/xe/observation: Drop empty sysctl table entry An empty sysctl table entry was inadvertently left behind for observation sysctl. The breaks on 6.11 with the following errors: [ 219.654850] sysctl table check failed: dev/xe/(null) procname is null [ 219.654862] sysctl table check failed: dev/xe/(null) No proc_handler Drop the empty entry. Fixes: 8169b2097d88 ("drm/xe/uapi: Rename xe perf layer as xe observation layer") Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2419 Signed-off-by: Ashutosh Dixit Reviewed-by: Umesh Nerlige Ramappa Link: https://patchwork.freedesktop.org/patch/msgid/20240805062057.3547560-1-ashutosh.dixit@intel.com commit a99aff2608f422da833cd91fa1eff23daa05c0bd Author: José Expósito Date: Sun Aug 4 19:05:52 2024 +0200 drm/connector: Document destroy hook in drmm init functions Document that the drm_connector_funcs.destroy hook must be NULL in drmm_connector_init() and drmm_connector_hdmi_init(). Signed-off-by: José Expósito Signed-off-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240804170551.33971-2-jose.exposito89@gmail.com commit 25162a4f64f8ba0065f300977589fe1f6af332f0 Author: Dmitry Torokhov Date: Sun Aug 4 17:16:25 2024 -0700 Input: cyttsp4 - remove driver The cyttsp4 touchscreen driver was contributed in 2013 and since then has seen no updates. The driver uses platform data (no device tree support) and there are no users of it in the mainline kernel. There were occasional fixes to it for issues either found by static code analysis tools or via visual inspection, but otherwise the driver is completely untested. Remove the driver. Reviewed-by: Linus Walleij Reviewed-by: Javier Martinez Canillas Link: https://lore.kernel.org/r/ZrAZ2cUow_z838tp@google.com Signed-off-by: Dmitry Torokhov commit ae25dbac2ecced6b5825992449f2bd8bee3466ae Author: Dmitry Torokhov Date: Sun Aug 4 17:45:03 2024 -0700 Input: cyttsp - use devm_regulator_bulk_get_enable() The driver does not try to power down the rails at system suspend or when touchscreen is not in use, but rather enables regulators at probe time. Power savings are achieved by requesting the controller to enter low power mode. Switch to devm_regulator_bulk_get_enable() instead of separately requesting regulators, enabling them, and installing a custom devm-action to disable them on unbind/remove, which simplifies the code. Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/ZrAgj9rG6oVqfdoK@google.com Signed-off-by: Dmitry Torokhov commit 7925312eca64ef7de8c149ea80e1411be7df4679 Author: Dmitry Torokhov Date: Sun Aug 4 17:18:02 2024 -0700 Input: cyttsp - stop including gpio.h The driver does not use legacy GPIO API, stop including this header. Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/ZrAaOu_vf-cVBhRn@google.com Signed-off-by: Dmitry Torokhov commit 2c71e987f0af7b91195d52aebe074b9e2d5423b8 Author: Dmitry Torokhov Date: Sun Aug 4 17:17:33 2024 -0700 Input: ilitek_ts_i2c - stop including gpio.h The driver does not use legacy GPIO API, stop including this header. Reviewed-by: Linus Walleij Link: https://lore.kernel.org/r/ZrAaHWNvaAfDlDfI@google.com Signed-off-by: Dmitry Torokhov commit 208989744a6f01bed86968473312d4e650e600b3 Author: Emanuele Ghidoli Date: Mon Aug 5 10:55:11 2024 +0200 Input: ilitek_ts_i2c - add report id message validation Ensure that the touchscreen response has correct "report id" byte before processing the touch data and discard other messages. Fixes: 42370681bd46 ("Input: Add support for ILITEK Lego Series") Signed-off-by: Emanuele Ghidoli Signed-off-by: Francesco Dolcini Link: https://lore.kernel.org/r/20240805085511.43955-3-francesco@dolcini.it Signed-off-by: Dmitry Torokhov commit a80a3d92dc600fed760edb8a633ea80712faaf98 Author: Dhruva Gole Date: Mon Aug 5 15:41:18 2024 +0530 bus: ti-sysc: Remove excess struct member 'disable_on_idle' description When built with W=1, the driver throws the following warning: ../drivers/bus/ti-sysc.c:169: warning: Excess struct member 'disable_on_idle' description in 'sysc' Fix it by removing the excess description. Signed-off-by: Dhruva Gole Reviewed-by: Roger Quadros Link: https://lore.kernel.org/r/20240805101118.427133-1-d-gole@ti.com Signed-off-by: Kevin Hilman commit 0070dc29c85f0859a6071844b88fca6bce2974e4 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:39 2024 -0600 bus: ti-sysc: Use of_property_present() Use of_property_present() to test for property presence rather than of_get_property(). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. The code was also incorrectly assigning the return value to a 'struct property' pointer. It didn't matter as "prop" was never dereferenced. Signed-off-by: Rob Herring (Arm) Reviewed-by: Roger Quadros Link: https://lore.kernel.org/r/20240731191312.1710417-1-robh@kernel.org Signed-off-by: Kevin Hilman commit 7d0b18cd5dc7429917812963611d961fd93cb44d Author: Emanuele Ghidoli Date: Mon Aug 5 10:55:10 2024 +0200 Input: ilitek_ts_i2c - avoid wrong input subsystem sync For different reasons i2c transaction may fail or report id in the message may be wrong. Avoid closing the frame in this case as it will result in all contacts being dropped, indicating that nothing is touching the screen anymore, while usually it is not the case. Fixes: 42370681bd46 ("Input: Add support for ILITEK Lego Series") Signed-off-by: Emanuele Ghidoli Signed-off-by: Francesco Dolcini Link: https://lore.kernel.org/r/20240805085511.43955-2-francesco@dolcini.it Signed-off-by: Dmitry Torokhov commit 0204485c5a1e2de00acfd83c3931bd9dc6493c64 Author: Frank Li Date: Wed Jul 10 10:54:00 2024 -0400 dt-bindings: fsl-qdma: allow compatible string fallback to fsl,ls1021a-qdma The IP of QDMA ls1028/ls1043/ls1046/ is same as ls1021. So allow compatible string fallback to fsl,ls1021a-qdma. The difference is that ls1021a-qdma have 3 irqs, and other have 5 irqs. Fix below CHECK_DTB warning. arch/arm64/boot/dts/freescale/fsl-ls1046a-rdb.dtb: dma-controller@8380000: compatible: ['fsl,ls1046a-qdma', 'fsl,ls1021a-qdma'] is too long Reviewed-by: Krzysztof Kozlowski Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20240710145400.2257718-1-Frank.Li@nxp.com Signed-off-by: Vinod Koul commit 14d650fcb7fb57f121fda361b9f63eeefd8d59a5 Author: Marge Yang Date: Mon Aug 5 07:30:55 2024 -0700 Input: synaptics-rmi4 - add support for querying DPM value (F12) Newer firmware allows to query touchpad resolution information by reading from resolution register. Presence of resolution register is signalled via bit 29 of the "register presence" register. On devices that lack this resolution register we fall back to using pitch and number of receivers data to calculate size of the sensor. Signed-off-by: Marge Yang Signed-off-by: Vincent Huang Link: https://lore.kernel.org/r/20240805083636.1381205-1-marge.yang@tw.synaptics.com Signed-off-by: Dmitry Torokhov commit da080d987e20a8b20b368c75826226834c9660a3 Author: Thorsten Blum Date: Thu Jul 11 15:20:01 2024 +0200 dmaengine: dmatest: Explicitly cast divisor to u32 As the comment explains, the while loop ensures that runtime fits into 32 bits. Since do_div() casts the divisor to u32 anyway, explicitly cast runtime to u32 to remove the following Coccinelle/coccicheck warning reported by do_div.cocci: WARNING: do_div() does a 64-by-32 division, please consider using div64_s64 instead Signed-off-by: Thorsten Blum Link: https://lore.kernel.org/r/20240711132001.92157-1-thorsten.blum@toblux.com Signed-off-by: Vinod Koul commit 8bce5522a13107605709c3b253c09cb1f90850e8 Author: Chen Ni Date: Thu Jul 11 09:34:36 2024 +0800 dmaengine: idxd: Convert comma to semicolon Replace a comma between expression statements by a semicolon for more readability. Signed-off-by: Chen Ni Reviewed-by: Fenghua Yu Reviewed-by: Dave Jiang Link: https://lore.kernel.org/r/20240711013436.2655373-1-nichen@iscas.ac.cn Signed-off-by: Vinod Koul commit 31c70e0b7b54016ecf2033f8166a385d2abaad15 Author: Shresth Prasad Date: Tue Jul 23 15:25:19 2024 +0530 dt-bindings: dma: mv-xor-v2: Convert to dtschema Convert txt bindings of Marvell XOR v2 engines to dtschema to allow for validation. Also add missing property `dma-coherent` as `drivers/dma/mv_xor_v2.c` calls various dma-coherent memory functions. Signed-off-by: Shresth Prasad Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240723095518.9364-2-shresthprasad7@gmail.com Signed-off-by: Vinod Koul commit 7492b2f89cf6d83e2a68400c43be25bd8d4cff4b Author: Claudiu Beznea Date: Thu Jul 11 15:34:04 2024 +0300 dt-bindings: dma: rz-dmac: Document RZ/G3S SoC Document the Renesas RZ/G3S DMAC block. This is identical to the one found on the RZ/G2L SoC. Signed-off-by: Claudiu Beznea Acked-by: Rob Herring (Arm) Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/r/20240711123405.2966302-3-claudiu.beznea.uj@bp.renesas.com Signed-off-by: Vinod Koul commit e8d45544f806f3b55c30345de84262cbb9504902 Author: Uwe Kleine-König Date: Mon Mar 4 09:46:11 2024 +0100 arm64: dts: rockchip: Simplify network PHY connection on qnap-ts433 While it requires to have the right phy driver loaded (i.e. motorcomm) to make the phy asserting the right delays, this is generally the preferred way to define the MAC <-> PHY connection. Signed-off-by: Uwe Kleine-König Reviewed-by: Andrew Lunn Link: https://lore.kernel.org/r/20240304084612.711678-2-ukleinek@debian.org Signed-off-by: Heiko Stuebner commit c4b09c562086f32588d962d30d0b7e93fe3e7cbb Author: Cristian Ciocaltea Date: Thu Jun 20 03:36:25 2024 +0300 phy: phy-rockchip-samsung-hdptx: Add clock provider support The HDMI PHY PLL can be used as an alternative dclk source to RK3588 SoC CRU. It provides more accurate clock rates required by VOP2 to improve existing support for display modes handling, which is known to be problematic when dealing with non-integer refresh rates, among others. It is worth noting this only works for HDMI 2.0 or below, e.g. cannot be used to support HDMI 2.1 4K@120Hz mode. Signed-off-by: Cristian Ciocaltea Link: https://lore.kernel.org/r/20240620-rk3588-hdmiphy-clkprov-v2-4-6a2d2164e508@collabora.com Signed-off-by: Vinod Koul commit a652f2210054276990d45626a3b9ad5c99465f5a Author: Cristian Ciocaltea Date: Thu Jun 20 03:36:24 2024 +0300 dt-bindings: phy: rockchip,rk3588-hdptx-phy: Add #clock-cells The HDMI PHY can be used as a clock provider on RK3588 SoC, hence add the necessary '#clock-cells' property. Acked-by: Krzysztof Kozlowski Signed-off-by: Cristian Ciocaltea Link: https://lore.kernel.org/r/20240620-rk3588-hdmiphy-clkprov-v2-3-6a2d2164e508@collabora.com Signed-off-by: Vinod Koul commit 10ba8479f460e9256f7d884dc1b7d89006a89c7b Author: Cristian Ciocaltea Date: Thu Jun 20 03:36:23 2024 +0300 phy: phy-rockchip-samsung-hdptx: Enable runtime PM at PHY core level When a new PHY is created via [devm_]phy_create(), the runtime PM for it is not enabled unless the parent device (which creates the PHY) has its own runtime PM already enabled. Move the call to devm_pm_runtime_enable() before devm_phy_create() to enable runtime PM at PHY core level. With this change the ->power_on() and ->power_off() callbacks do not require explicit runtime PM management anymore, since the PHY core handles that via phy_pm_runtime_{get,put}_sync() when phy_power_on() and phy_power_off() are invoked. Hence drop the now unnecessary calls to pm_runtime_resume_and_get() and pm_runtime_put() helpers. Reviewed-by: Heiko Stuebner Signed-off-by: Cristian Ciocaltea Link: https://lore.kernel.org/r/20240620-rk3588-hdmiphy-clkprov-v2-2-6a2d2164e508@collabora.com Signed-off-by: Vinod Koul commit 1b369ff94bc36d2e16c8a91c0ea8ebd329555976 Author: Cristian Ciocaltea Date: Thu Jun 20 03:36:22 2024 +0300 phy: phy-rockchip-samsung-hdptx: Explicitly include pm_runtime.h Driver makes use of helpers from pm_runtime.h, but relies on the header file being implicitly included. Explicitly pull the header in to avoid potential build failures in some configurations. Fixes: 553be2830c5f ("phy: rockchip: Add Samsung HDMI/eDP Combo PHY driver") Reviewed-by: Heiko Stuebner Signed-off-by: Cristian Ciocaltea Link: https://lore.kernel.org/r/20240620-rk3588-hdmiphy-clkprov-v2-1-6a2d2164e508@collabora.com Signed-off-by: Vinod Koul commit 6eefd65ba6ae29ab801f6461e59c10f93dd496f8 Author: Javier Carrasco Date: Mon Aug 5 16:49:45 2024 +0200 leds: pca995x: Use device_for_each_child_node() to access device child nodes The iterated nodes are direct children of the device node, and the `device_for_each_child_node()` macro accounts for child node availability. `fwnode_for_each_available_child_node()` is meant to access the child nodes of an fwnode, and therefore not direct child nodes of the device node. Use `device_for_each_child_node()` to indicate device's direct child nodes. Signed-off-by: Javier Carrasco Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240805-device_for_each_child_node-available-v3-2-48243a4aa5c0@gmail.com Signed-off-by: Lee Jones commit 5b7b83a9839be643410c31d56f17c2d430245813 Author: Siddharth Vadapalli Date: Mon Aug 5 14:56:07 2024 +0530 phy: cadence-torrent: add support for three or more links using 2 protocols The Torrent SERDES can support at most two different protocols (PHY types). This only mandates that the device-tree sub-nodes used to represent the configuration should describe links with at-most two different protocols. The existing implementation however imposes an artificial constraint that allows only two links (device-tree sub-nodes). As long as at-most two protocols are chosen, using more than two links to describe them in an alternating configuration is still a valid configuration of the Torrent SERDES. A 3-Link 2-Protocol configuration of the 4-Lane SERDES can be: Lane 0 => Protocol 1 => Link 1 Lane 1 => Protocol 1 => Link 1 Lane 2 => Protocol 2 => Link 2 Lane 3 => Protocol 1 => Link 3 A 4-Link 2-Protocol configuration of the 4-Lane SERDES can be: Lane 0 => Protocol 1 => Link 1 Lane 1 => Protocol 2 => Link 2 Lane 2 => Protocol 1 => Link 3 Lane 3 => Protocol 2 => Link 4 Signed-off-by: Siddharth Vadapalli Reviewed-by: Roger Quadros Link: https://lore.kernel.org/r/20240805092607.143869-1-s-vadapalli@ti.com Signed-off-by: Vinod Koul commit fa3c40b9d540948884a7ae2205c247729e9f9f8f Merge: 0fe41a8704f081 88371f85461adb Author: Marc Kleine-Budde Date: Mon Aug 5 17:39:05 2024 +0200 Merge patch series "can: kvaser_usb: Add hardware timestamp support to all devices" Jimmy Assarsson says: This patch series add hardware timestamp support to all devices supported by the kvaser_usb driver. The first patches resolves a known issue; "Hardware timestamps are not set for CAN Tx frames". I can't remember why this wasn't implemented in the first version of the hydra driver. Followed by, hardware timestamp support for leaf and usbcan based devices. The final patches are removing code used for selecting the correct ethtool and netdev ops. Note: This patch series depends on patch "can: kvaser_usb: Explicitly initialize family in leafimx..." [1]. [1] https://lore.kernel.org/linux-can/20240628194529.312968-1-extja@kvaser.com Changes in v2: - Replaced patch 3/15 can: kvaser_usb: Add function kvaser_usb_ticks_to_ktime() with a new patch can: kvaser_usb: Add helper functions to convert device timestamp into ktime and put it first in this series - Resolved Vincent MAILHOL's review comments regarding duplicated code when converting timestamps [2] [3] - As pointed out by Vincent MAILHOL [4], the clock overflow commands is not dispatched in this patch moved code from 10/15 can: kvaser_usb: leaf: Add structs for Tx ACK and clock overflow commands to 11/15 can: kvaser_usb: leaf: Store MSB of timestamp where it's actually used [2] https://lore.kernel.org/linux-can/CAMZ6RqKSa-6KjvgfmN9eL7A=A65gMkYsRrnaF41Azhsc45FA2Q@mail.gmail.com/ [3] https://lore.kernel.org/linux-can/CAMZ6Rq+Xd7+th=dKV+vrqzRtS+GY-xq2UziH1CURcQ3HxEXMqQ@mail.gmail.com/ [4] https://lore.kernel.org/linux-can/CAMZ6RqKqJX6eqogS2598BFm-AN1uOBbBGL+MkoJtR=-z379Q=w@mail.gmail.com/ Link: https://lore.kernel.org/all/20240701154936.92633-1-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit 88371f85461adbdff4df3c09f6f1ffcbb5a88546 Author: Jimmy Assarsson Date: Mon Jul 1 17:49:36 2024 +0200 can: kvaser_usb: Rename kvaser_usb_{ethtool,netdev}_ops_hwts to kvaser_usb_{ethtool,netdev}_ops Now when we only got one set of ethtool_ops and netdev_ops, remove the "hwts" suffix from the struct variables kvaser_usb_{ethtool,netdev}_ops_hwts. Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-16-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit 1a6b249e4b1951be850c99a1d6e57730d76d8071 Author: Jimmy Assarsson Date: Mon Jul 1 17:49:35 2024 +0200 can: kvaser_usb: Remove struct variables kvaser_usb_{ethtool,netdev}_ops Remove no longer used struct variables, kvaser_usb_ethtool_ops and kvaser_usb_netdev_ops. Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-15-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit 51b56a25ed60d95a9f7c9e38b0b483811a1d5089 Author: Jimmy Assarsson Date: Mon Jul 1 17:49:34 2024 +0200 can: kvaser_usb: Remove KVASER_USB_QUIRK_HAS_HARDWARE_TIMESTAMP Remove KVASER_USB_QUIRK_HAS_HARDWARE_TIMESTAMP, since all devices got hardware timestamp support. Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-14-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit 0aa639d3b3b9a90fd7ee198de58f368bf4add580 Author: Jimmy Assarsson Date: Mon Jul 1 17:49:33 2024 +0200 can: kvaser_usb: leaf: Add hardware timestamp support to usbcan devices Add hardware timestamp support for all usbcan based devices (M16C). The usbcan firmware is slightly different compared to the other Kvaser USB interfaces: - The timestamp is provided by a 32-bit counter, with 10us resolution. Hence, the hardware timestamp will wrap after less than 12 hours. - Each Rx CAN or Tx ACK command only contains the 16-bits LSB of the timestamp counter. - The 16-bits MSB are sent in an asynchronous event (command), if any change occurred in the MSB since the last event. Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-13-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit c644c9698d8dcd1a09934976d1d0720925f7bd78 Author: Jimmy Assarsson Date: Mon Jul 1 17:49:32 2024 +0200 can: kvaser_usb: leaf: Store MSB of timestamp Store MSB of timestamp, provided from the device via the clock overflow event, for usbcan devices (M16C). Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-12-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit a7cfb2200d8592f7d9fa54baf9181703a35ac0fa Author: Jimmy Assarsson Date: Mon Jul 1 17:49:31 2024 +0200 can: kvaser_usb: leaf: Add structs for Tx ACK and clock overflow commands For usbcan devices (M16C), add struct usbcan_cmd_tx_acknowledge for Tx ACK commands and struct usbcan_cmd_clk_overflow_event for clock overflow event commands. Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-11-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit 8a52e5a0361f227fe9b8ee7277222751326e1e2d Author: Jimmy Assarsson Date: Mon Jul 1 17:49:30 2024 +0200 can: kvaser_usb: leaf: Add hardware timestamp support to leaf based devices Add hardware timestamp support to leaf based devices (M32C and leafimx). Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-10-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit 7f3823759751654ff2a59afd3e7c747b71bcb98f Author: Jimmy Assarsson Date: Mon Jul 1 17:49:29 2024 +0200 can: kvaser_usb: leaf: kvaser_usb_leaf_tx_acknowledge: Rename local variable Rename local variable skb to err_skb. Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-9-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit 9e1cd0d27276ff221368c0e72e3038e7df98d9b9 Author: Jimmy Assarsson Date: Mon Jul 1 17:49:28 2024 +0200 can: kvaser_usb: leaf: Replace kvaser_usb_leaf_m32c_dev_cfg with kvaser_usb_leaf_m32c_dev_cfg_{16,24,32}mhz Add new struct kvaser_usb_dev_cfg constants, kvaser_usb_leaf_m32c_dev_cfg_{16,24,32}mhz, for M32C based leaf devices. Note that the bittiming parameters are always calculated for 16MHz clock, while the timestamps are in the actual clock frequency of the device. Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-8-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit dcc8c203318a471cd5cb4e1ccdca56a766fa1a9d Author: Jimmy Assarsson Date: Mon Jul 1 17:49:27 2024 +0200 can: kvaser_usb: leaf: Assign correct timestamp_freq for kvaser_usb_leaf_imx_dev_cfg_{16,24,32}mhz Assign correct timestamp_freq to kvaser_usb_leaf_imx_dev_cfg_{16,24,32}mhz. Since the driver didn't utilize the value, this didn't cause any problems. Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-7-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit 8e7895942ea5fa5add3a2ceafe6e1e9284184806 Author: Jimmy Assarsson Date: Mon Jul 1 17:49:26 2024 +0200 can: kvaser_usb: leaf: Add struct for Tx ACK commands Add, struct leaf_cmd_tx_acknowledge, for Tx ACK commands received from leaf devices (M32C and leafimx28). Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-6-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit d920dd289ee5967c14026357635cb771cdfef11e Author: Jimmy Assarsson Date: Mon Jul 1 17:49:25 2024 +0200 can: kvaser_usb: hydra: Set hardware timestamp on transmitted packets Set hardware timestamp on transmitted packets. Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-5-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit 0512cc691a3abe51aa3daf72ce161f3ab1d3bedc Author: Jimmy Assarsson Date: Mon Jul 1 17:49:24 2024 +0200 can: kvaser_usb: hydra: Add struct for Tx ACK commands Add, struct kvaser_cmd_tx_ack, for standard Tx ACK commands. Expand kvaser_usb_hydra_ktime_from_cmd() to extract timestamps from both standard and extended Tx ACK commands. Unsupported commands are silently ignored, and 0 is returned. Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-4-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit 7cb0450c1da579f1d6372ed38da9a03a6312db47 Author: Jimmy Assarsson Date: Mon Jul 1 17:49:23 2024 +0200 can: kvaser_usb: hydra: kvaser_usb_hydra_ktime_from_rx_cmd: Drop {rx_} in function name Rename function, since this function will be used for more than just the rx commands. Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-3-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit 7d102d0e4c6378a24ae90fc99618a44ea52e2766 Author: Jimmy Assarsson Date: Mon Jul 1 17:49:22 2024 +0200 can: kvaser_usb: Add helper functions to convert device timestamp into ktime Add helper function kvaser_usb_ticks_to_ktime() that converts from device ticks to ktime. And kvaser_usb_timestamp{48,64}_to_ktime() that converts from device 48-bit or 64-bit timestamp, to ktime. Signed-off-by: Jimmy Assarsson Reviewed-by: Vincent Mailhol Link: https://lore.kernel.org/all/20240701154936.92633-2-extja@kvaser.com Signed-off-by: Marc Kleine-Budde commit 0fe41a8704f081a42f2b9e2e7c197a1ff3d4424d Merge: 72e5f5a917da8b c20ff3e0d9ebdc Author: Marc Kleine-Budde Date: Mon Aug 5 17:32:02 2024 +0200 Merge patch series "can: esd_402_pci: Do cleanup; Add one-shot mode" Stefan Mätje says: The goal of this patch series is to do some cleanup and also add the support for the one-shot mode before the next patch introduces CAN-FD support for this driver. Link: https://lore.kernel.org/all/20240717214409.3934333-1-stefan.maetje@esd.eu Signed-off-by: Marc Kleine-Budde commit c20ff3e0d9ebdc9f7fd84b8c59c2cba9442324c3 Author: Stefan Mätje Date: Wed Jul 17 23:44:09 2024 +0200 can: esd_402_pci: Add support for one-shot mode This patch adds support for one-shot mode. In this mode there happens no automatic retransmission in the case of an arbitration lost error or on any bus error. Signed-off-by: Stefan Mätje Link: https://lore.kernel.org/all/20240717214409.3934333-3-stefan.maetje@esd.eu Signed-off-by: Marc Kleine-Budde commit 3e6cb3f2fb4344db54b35601effc1ff46ebd9698 Author: Stefan Mätje Date: Wed Jul 17 23:44:08 2024 +0200 can: esd_402_pci: Rename esdACC CTRL register macros Rename macros to use for esdACC CTRL register access to match the internal documentation and to make the macro prefix consistent. - ACC_CORE_OF_CTRL_MODE -> ACC_CORE_OF_CTRL Makes the name match the documentation. - ACC_REG_CONTROL_MASK_MODE_ -> ACC_REG_CTRL_MASK_ ACC_REG_CONTROL_MASK_ -> ACC_REG_CTRL_MASK_ Makes the prefix consistent for macros describing masks in the same register (CTRL). Signed-off-by: Stefan Mätje Link: https://lore.kernel.org/all/20240717214409.3934333-2-stefan.maetje@esd.eu Signed-off-by: Marc Kleine-Budde commit dbb2a7a986971ef43d5a60d235c05491647e16f4 Author: Brian Norris Date: Mon Jul 15 13:32:44 2024 -0700 tools build: Correct bpf fixdep dependencies The dependencies in tools/lib/bpf/Makefile are incorrect. Before we recurse to build $(BPF_IN_STATIC), we need to build its 'fixdep' executable. I can't use the usual shortcut from Makefile.include: : fixdep because its 'fixdep' target relies on $(OUTPUT), and $(OUTPUT) differs in the parent 'make' versus the child 'make' -- so I imitate it via open-coding. I tweak a few $(MAKE) invocations while I'm at it, because 1. I'm adding a new recursive make; and 2. these recursive 'make's print spurious lines about files that are "up to date" (which isn't normally a feature in Kbuild subtargets) or "jobserver not available" (see [1]) I also need to tweak the assignment of the OUTPUT variable, so that relative path builds work. For example, for 'make tools/lib/bpf', OUTPUT is unset, and is usually treated as "cwd" -- but recursive make will change cwd and so OUTPUT has a new meaning. For consistency, I ensure OUTPUT is always an absolute path. And $(Q) gets a backup definition in tools/build/Makefile.include, because Makefile.include is sometimes included without tools/build/Makefile, so the "quiet command" stuff doesn't actually work consistently without it. After this change, top-level builds result in an empty grep result from: $ grep 'cannot find fixdep' $(find tools/ -name '*.cmd') [1] https://www.gnu.org/software/make/manual/html_node/MAKE-Variable.html If we're not using $(MAKE) directly, then we need to use more '+'. Signed-off-by: Brian Norris Acked-by: Andrii Nakryiko Acked-by: Jiri Olsa Cc: Ian Rogers Cc: Josh Poimboeuf Cc: Masahiro Yamada Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Thomas Richter Link: https://lore.kernel.org/r/20240715203325.3832977-4-briannorris@chromium.org Signed-off-by: Arnaldo Carvalho de Melo commit ea974028a049f2cea4bb6be963ee3e3844a03f6d Author: Brian Norris Date: Mon Jul 15 13:32:43 2024 -0700 tools build: Avoid circular .fixdep-in.o.cmd issues The 'fixdep' tool is used to post-process dependency files for various reasons, and it runs after every object file generation command. This even includes 'fixdep' itself. In Kbuild, this isn't actually a problem, because it uses a single command to generate fixdep (a compile-and-link command on fixdep.c), and afterward runs the fixdep command on the accompanying .fixdep.cmd file. In tools/ builds (which notably is maintained separately from Kbuild), fixdep is generated in several phases: 1. fixdep.c -> fixdep-in.o 2. fixdep-in.o -> fixdep Thus, fixdep is not available in the post-processing for step 1, and instead, we generate .cmd files that look like: ## from tools/objtool/libsubcmd/.fixdep.o.cmd # cannot find fixdep (/path/to/linux/tools/objtool/libsubcmd//fixdep) [...] These invalid .cmd files are benign in some respects, but cause problems in others (such as the linked reports). Because the tools/ build system is rather complicated in its own right (and pointedly different than Kbuild), I choose to simply open-code the rule for building fixdep, and avoid the recursive-make indirection that produces the problem in the first place. Signed-off-by: Brian Norris Acked-by: Jiri Olsa Cc: Ian Rogers Cc: Josh Poimboeuf Cc: Masahiro Yamada Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Thomas Richter Link: https://lore.kernel.org/all/Zk-C5Eg84yt6_nml@google.com/ Link: https://lore.kernel.org/r/20240715203325.3832977-3-briannorris@chromium.org Signed-off-by: Arnaldo Carvalho de Melo commit 96f30c8f0aa9923aa39b30bcaefeacf88b490231 Author: Brian Norris Date: Mon Jul 15 13:32:42 2024 -0700 tools build: Correct libsubcmd fixdep dependencies All built targets need fixdep to be built first, before handling object dependencies [1]. We're missing one such dependency before the libsubcmd target. This resolves .cmd file generation issues such that the following sequence produces many fewer results: $ git clean -xfd tools/ $ make tools/objtool $ grep "cannot find fixdep" $(find tools/objtool -name '*.cmd') In particular, only a buggy tools/objtool/libsubcmd/.fixdep.o.cmd remains, due to circular dependencies of fixdep on itself. Such incomplete .cmd files don't usually cause a direct problem, since they're designed to fail "open", but they can cause some subtle problems that would otherwise be handled by proper fixdep'd dependency files. [2] [1] This problem is better described in commit abb26210a395 ("perf tools: Force fixdep compilation at the start of the build"). I don't apply its solution here, because additional recursive make can be a bit of overkill. [2] Example failure case: cp -arl linux-src linux-src2 cd linux-src2 make O=/path/to/out cd ../linux-src rm -rf ../linux-src2 make O=/path/to/out Previously, we'd see errors like: make[6]: *** No rule to make target '/path/to/linux-src2/tools/include/linux/compiler.h', needed by '/path/to/out/tools/bpf/resolve_btfids/libsubcmd/exec-cmd.o'. Stop. Now, the properly-fixdep'd .cmd files will ignore a missing /path/to/linux-src2/... Signed-off-by: Brian Norris Acked-by: Jiri Olsa Cc: Ian Rogers Cc: Josh Poimboeuf Cc: Masahiro Yamada Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Thomas Richter Link: https://lore.kernel.org/all/ZGVi9HbI43R5trN8@bhelgaas/ Link: https://lore.kernel.org/all/Zk-C5Eg84yt6_nml@google.com/ Link: https://lore.kernel.org/r/20240715203325.3832977-2-briannorris@chromium.org Signed-off-by: Arnaldo Carvalho de Melo commit 4c29e80ab885fed99d863d744e41a9b50cd32f2d Author: Arnd Bergmann Date: Wed May 29 11:49:55 2024 +0200 platform/x86: int3472: make common part a separate module Linking an object file into multiple modules is not supported and causes a W=1 warning: scripts/Makefile.build:236: drivers/platform/x86/intel/int3472/Makefile: common.o is added to multiple modules: intel_skl_int3472_discrete intel_skl_int3472_tps68470 Split out the common part here into a separate module to make it more reliable. Fixes: a2f9fbc247ee ("platform/x86: int3472: Split into 2 drivers") Signed-off-by: Arnd Bergmann Link: https://lore.kernel.org/r/20240529095009.1895618-1-arnd@kernel.org Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit a720dee5e039238a44c0142dfccdc0e35c1125f7 Author: Luke D. Jones Date: Sat Jul 13 19:47:33 2024 +1200 hid-asus: use hid for brightness control on keyboard On almost all ASUS ROG series laptops the MCU used for the USB keyboard also has a HID packet used for setting the brightness. This is usually the same as the WMI method. But in some laptops the WMI method either is missing or doesn't work, so we should default to the HID control. Signed-off-by: Luke D. Jones Acked-by: Benjamin Tissoires Link: https://lore.kernel.org/r/20240713074733.77334-2-luke@ljones.dev Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit ea1992f36b894fe60cc3537a7f6a7af4087b999a Author: James Clark Date: Fri Aug 2 11:52:55 2024 +0100 perf/x86/intel/bts: Fix comment about default perf_event_paranoid setting The default paranoid setting was updated in commit 0161028b7c8a ("perf/core: Change the default paranoia level to 2") so this comment is no longer true. Signed-off-by: James Clark Signed-off-by: Peter Zijlstra (Intel) Link: https://lkml.kernel.org/r/20240802105256.335961-1-james.clark@linaro.org commit aaad0e2aa50723969f96b690f72e2f4aefa433f2 Author: Zhenyu Wang Date: Wed Jul 31 07:13:53 2024 -0700 perf/x86/intel/uncore: Use D0:F0 as a default device Some uncore PMON registers are located in the MMIO space of the Host Bridge and DRAM Controller device, which is located at D0:F0 for Tiger Lake and later client generation. Use D0:F0 as a default device. So it doesn't need to keep adding the complete Device ID list for each generation anymore. Signed-off-by: Zhenyu Wang Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Kan Liang Link: https://lore.kernel.org/r/20240731141353.759643-5-kan.liang@linux.intel.com commit 9ac57c456fcb17f07f8792219479b0c841d75ba7 Author: Zhenyu Wang Date: Wed Jul 31 07:13:52 2024 -0700 perf/x86/intel/uncore: Add LNL uncore iMC freerunning support LNL uncore imc freerunning counters keep same as previous HW. Signed-off-by: Zhenyu Wang Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Kan Liang Link: https://lore.kernel.org/r/20240731141353.759643-4-kan.liang@linux.intel.com commit 9bd7dfe3a5262d3b29debdc66e1410201a235019 Author: Kan Liang Date: Wed Jul 31 07:13:51 2024 -0700 perf/x86/intel/uncore: Add Lunar Lake support The uncore subsystem for Lunar Lake is similar to the previous Meteor Lake. The uncore PerfMon registers are located at both MSR and MMIO space. The ARB and iMC are kept. There is no difference from the Meteor Lake. Move the global control initialization to the first box of the CBOX. The sNCU is moved to the MMIO space. The HBO is newly added and only be accessed from the MMIO space. Signed-off-by: Kan Liang Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240731141353.759643-3-kan.liang@linux.intel.com commit efb0c9c0b9f78d964fb23ec6fdebe5a493f477f3 Author: Kan Liang Date: Wed Jul 31 07:13:50 2024 -0700 perf/x86/intel/uncore: Factor out common MMIO init and ops functions Some uncore PMON registers are located in the MMIO space. For the client machine, the MMIO space is usually located at D0:F0 but in a different BAR. For example, some uncore PMON registers are located in the SAF BAR, not the MCHBAR in the Lunar Lake. The current __uncore_imc_init_box() hard code the BAR information. Factor out the uncore_get_box_mmio_addr() which uses the BAR information as a parameter. The only change is the error output message. The hardcode name 'MCHBAR' is replaced by the offset of a BAR. Add a new macro, MMIO_UNCORE_COMMON_OPS(), since the MMIO ops functions are usually the same among different generations. Signed-off-by: Kan Liang Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240731141353.759643-2-kan.liang@linux.intel.com commit e0f49f15f6344ef3eeb0a04a8b5dedde2a454136 Author: Kan Liang Date: Wed Jul 31 07:13:49 2024 -0700 perf/x86/intel/uncore: Add Arrow Lake support >From the perspective of the uncore PMU, the Arrow Lake is the same as the previous Meteor Lake. The only difference is the event list, which will be supported in the perf tool later. Signed-off-by: Kan Liang Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240731141353.759643-1-kan.liang@linux.intel.com commit d5934e76316e84eced836b6b2bafae1837d1cd58 Author: Dan Williams Date: Fri Mar 29 16:48:48 2024 -0700 cleanup: Add usage and style documentation When proposing that PCI grow some new cleanup helpers for pci_dev_put() and pci_dev_{lock,unlock} [1], Bjorn had some fundamental questions about expectations and best practices. Upon reviewing an updated changelog with those details he recommended adding them to documentation in the header file itself. Add that documentation and link it into the rendering for Documentation/core-api/. Signed-off-by: Dan Williams Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Jonathan Cameron Reviewed-by: Kevin Tian Link: https://lore.kernel.org/r/171175585714.2192972.12661675876300167762.stgit@dwillia2-xfh.jf.intel.com commit 7886a61ebc1f3998df5950299cbe17272bf32c59 Author: Luis Claudio R. Goncalves Date: Tue Jul 30 14:45:47 2024 -0300 lockdep: suggest the fix for "lockdep bfs error:-1" on print_bfs_bug When lockdep fails while performing the Breadth-first-search operation due to lack of memory, hint that increasing the value of the config switch LOCKDEP_CIRCULAR_QUEUE_BITS should fix the warning. Preface the scary backtrace with the suggestion: [ 163.849242] Increase LOCKDEP_CIRCULAR_QUEUE_BITS to avoid this warning: [ 163.849248] ------------[ cut here ]------------ [ 163.849250] lockdep bfs error:-1 [ 163.849263] WARNING: CPU: 24 PID: 2454 at kernel/locking/lockdep.c:2091 print_bfs_bug+0x27/0x40 ... Signed-off-by: Luis Claudio R. Goncalves Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Boqun Feng Reviewed-by: Waiman Long Link: https://lkml.kernel.org/r/Zqkmy0lS-9Sw0M9j@uudg.org commit 72e5f5a917da8bc022d14474b9c5aa95fc5936c8 Merge: ef5e8d34bb9a2f 5b512f42e098df Author: Marc Kleine-Budde Date: Mon Aug 5 16:45:57 2024 +0200 Merge patch series "can: fsl,flexcan: add imx95 wakeup" The flexcan in iMX95 is not compatible with imx93 because wakeup method is difference. Link: https://lore.kernel.org/all/20240731-flexcan-v4-0-82ece66e5a76@nxp.com Signed-off-by: Marc Kleine-Budde commit 5b512f42e098df280f0b3f680ac806827a25d1dd Author: Haibo Chen Date: Wed Jul 31 20:00:26 2024 -0400 can: flexcan: add wakeup support for imx95 iMX95 defines a bit in GPR that sets/unsets the IPG_STOP signal to the FlexCAN module, controlling its entry into STOP mode. Wakeup should work even if FlexCAN is in STOP mode. Due to iMX95 architecture design, the A-Core cannot access GPR; only the system manager (SM) can configure GPR. To support the wakeup feature, follow these steps: - For suspend: 1) During Linux suspend, when CAN suspends, do nothing for GPR and keep CAN-related clocks on. 2) In ATF, check whether CAN needs to support wakeup; if yes, send a request to SM through the SCMI protocol. 3) In SM, configure the GPR and unset IPG_STOP. 4) A-Core suspends. - For wakeup and resume: 1) A-Core wakeup event arrives. 2) In SM, deassert IPG_STOP. 3) Linux resumes. Add a new fsl_imx95_devtype_data and FLEXCAN_QUIRK_SETUP_STOP_MODE_SCMI to reflect this. Reviewed-by: Han Xu Signed-off-by: Haibo Chen Reviewed-by: Vincent Mailhol Signed-off-by: Frank Li Link: https://lore.kernel.org/all/20240731-flexcan-v4-2-82ece66e5a76@nxp.com Signed-off-by: Marc Kleine-Budde commit 3eea16ba7c69ecab78bc458795ccd08de6fc4b1c Author: Haibo Chen Date: Wed Jul 31 20:00:25 2024 -0400 dt-bindings: can: fsl,flexcan: move fsl,imx95-flexcan standalone The flexcan in iMX95 is not compatible with imx93 because wakeup method is difference. Make fsl,imx95-flexcan not fallback to fsl,imx93-flexcan. Reviewed-by: Han Xu Signed-off-by: Haibo Chen Reviewed-by: Rob Herring (Arm) Signed-off-by: Frank Li Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/all/20240731-flexcan-v4-1-82ece66e5a76@nxp.com Signed-off-by: Marc Kleine-Budde commit 13159a139d85fa12bbbaefcde5a647e2b9721b19 Author: Namhyung Kim Date: Fri Aug 2 11:09:13 2024 -0700 perf mem: Update documentation for new options Add a common options section and move some items to the section. Also add description of new options to report options. Suggested-by: Ian Rogers Reviewed-by: Ian Rogers Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/lkml/20240802180913.1023886-1-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit e7311aa47a6ac355558bc65512aa7c381f8506ec Author: Ricardo Ribalda Date: Mon Aug 5 07:59:43 2024 +0000 media: siano: Simplify smscore_load_firmware_from_file The function is never called with a loadfirmware_handler, so we can remove some dead code. We can also use this as a excuse to remove some unused type definitions. This fixes the following smatch warning: drivers/media/common/siano/smscoreapi.c:1172 smscore_load_firmware_from_file() error: we previously assumed 'loadfirmware_handler' could be null (see line 1150) Signed-off-by: Ricardo Ribalda Reported-by: Hans Verkuil Closes: https://lore.kernel.org/linux-media/99bd75a0-a6f3-4c47-bc89-70ffd87da756@xs4all.nl/T/#t Signed-off-by: Hans Verkuil commit 70a4375e07fcbb771809f0af8b5f0df029ca660f Author: Jack Chen Date: Thu Aug 1 11:30:48 2024 -0400 leds: lm3601x: Reset LED controller during probe LED controller should be reset during initialization to avoid abnormal behaviors. For example, when power to SoC is recycled but power to LED controller is not, LED controller should not presume to be in original state. Signed-off-by: Jack Chen Link: https://lore.kernel.org/r/20240801153048.3813581-1-zenghuchen@google.com Signed-off-by: Lee Jones commit cc31744a294584a36bf764a0ffa3255a8e69f036 Author: Steve Wahl Date: Wed Jul 17 16:31:21 2024 -0500 x86/mm/ident_map: Use gbpages only where full GB page should be mapped. When ident_pud_init() uses only GB pages to create identity maps, large ranges of addresses not actually requested can be included in the resulting table; a 4K request will map a full GB. This can include a lot of extra address space past that requested, including areas marked reserved by the BIOS. That allows processor speculation into reserved regions, that on UV systems can cause system halts. Only use GB pages when map creation requests include the full GB page of space. Fall back to using smaller 2M pages when only portions of a GB page are included in the request. No attempt is made to coalesce mapping requests. If a request requires a map entry at the 2M (pmd) level, subsequent mapping requests within the same 1G region will also be at the pmd level, even if adjacent or overlapping such requests could have been combined to map a full GB page. Existing usage starts with larger regions and then adds smaller regions, so this should not have any great consequence. Signed-off-by: Steve Wahl Signed-off-by: Thomas Gleixner Tested-by: Pavin Joseph Tested-by: Sarah Brofeldt Tested-by: Eric Hagberg Link: https://lore.kernel.org/all/20240717213121.3064030-3-steve.wahl@hpe.com commit 5760929f6545c651682de3c2c6c6786816b17bb1 Author: Tao Liu Date: Wed Jul 17 16:31:20 2024 -0500 x86/kexec: Add EFI config table identity mapping for kexec kernel A kexec kernel boot failure is sometimes observed on AMD CPUs due to an unmapped EFI config table array. This can be seen when "nogbpages" is on the kernel command line, and has been observed as a full BIOS reboot rather than a successful kexec. This was also the cause of reported regressions attributed to Commit 7143c5f4cf20 ("x86/mm/ident_map: Use gbpages only where full GB page should be mapped.") which was subsequently reverted. To avoid this page fault, explicitly include the EFI config table array in the kexec identity map. Further explanation: The following 2 commits caused the EFI config table array to be accessed when enabling sev at kernel startup. commit ec1c66af3a30 ("x86/compressed/64: Detect/setup SEV/SME features earlier during boot") commit c01fce9cef84 ("x86/compressed: Add SEV-SNP feature detection/setup") This is in the code that examines whether SEV should be enabled or not, so it can even affect systems that are not SEV capable. This may result in a page fault if the EFI config table array's address is unmapped. Since the page fault occurs before the new kernel establishes its own identity map and page fault routines, it is unrecoverable and kexec fails. Most often, this problem is not seen because the EFI config table array gets included in the map by the luck of being placed at a memory address close enough to other memory areas that *are* included in the map created by kexec. Both the "nogbpages" command line option and the "use gpbages only where full GB page should be mapped" change greatly reduce the chance of being included in the map by luck, which is why the problem appears. Signed-off-by: Tao Liu Signed-off-by: Steve Wahl Signed-off-by: Thomas Gleixner Tested-by: Pavin Joseph Tested-by: Sarah Brofeldt Tested-by: Eric Hagberg Reviewed-by: Ard Biesheuvel Link: https://lore.kernel.org/all/20240717213121.3064030-2-steve.wahl@hpe.com commit 10a6545f0bdcbb920c6a8a033fe342111d204915 Author: Breno Leitao Date: Fri Aug 2 01:07:23 2024 -0700 net: netconsole: Fix MODULE_AUTHOR format Update the MODULE_AUTHOR for netconsole, according to the format, as stated in module.h: use "Name " or just "Name" Suggested-by: Stephen Hemminger Signed-off-by: Breno Leitao Signed-off-by: David S. Miller commit ac4c59390a877e02967b1da9ef6bc565150e9e7e Author: Pawel Dembicki Date: Fri Aug 2 07:16:09 2024 +0200 net: phy: vitesse: implement downshift in vsc73xx phys This commit implements downshift feature in vsc73xx family phys. By default downshift was enabled with maximum tries. Reviewed-by: Russell King (Oracle) Signed-off-by: Pawel Dembicki Signed-off-by: David S. Miller commit c89cca307b20917da739567a255a68a0798ee129 Author: Jakub Kicinski Date: Thu Aug 1 17:19:56 2024 -0700 net: skbuff: sprinkle more __GFP_NOWARN on ingress allocs build_skb() and frag allocations done with GFP_ATOMIC will fail in real life, when system is under memory pressure, and there's nothing we can do about that. So no point printing warnings. Signed-off-by: Jakub Kicinski Reviewed-by: Eric Dumazet Signed-off-by: David S. Miller commit 8287e9e2c7d26e9e3a6db2812fa8a1c6531b685e Merge: 1c4b2932bd629f 50359c9c3cb3e5 Author: Ulf Hansson Date: Mon Aug 5 13:27:17 2024 +0200 pmdomain: Merge branch fixes into next Merge the pmdomain fixes for v6.11-rc[n] into the next branch, to allow them to get tested together with the new changes that are targeted for v6.12. Signed-off-by: Ulf Hansson commit 1c4b2932bd629fe800282114ceb465d3eb5d0737 Author: Ulf Hansson Date: Mon May 27 16:25:57 2024 +0200 cpuidle: psci: Enable the hierarchical topology for s2idle on PREEMPT_RT To enable the domain-idle-states to be used during s2idle on a PREEMPT_RT based configuration, let's allow the re-assignment of the ->enter_s2idle() callback to psci_enter_s2idle_domain_idle_state(). Similar to s2ram, let's leave the support for CPU hotplug outside PREEMPT_RT, as it's depending on using runtime PM. For s2idle, this means that an offline CPU's PM domain will remain powered-on. In practise this may lead to that a shallower idle-state than necessary gets selected, which shouldn't be an issue (besides wasting power). Signed-off-by: Ulf Hansson Tested-by: Raghavendra Kakarla # qcm6490 with PREEMPT_RT set Acked-by: Sebastian Andrzej Siewior Link: https://lore.kernel.org/r/20240527142557.321610-8-ulf.hansson@linaro.org commit 4517b1c383807fadac8374f99f2361fe7eb4c0b4 Author: Ulf Hansson Date: Mon May 27 16:25:56 2024 +0200 cpuidle: psci: Enable the hierarchical topology for s2ram on PREEMPT_RT The hierarchical PM domain topology are currently disabled on a PREEMPT_RT based configuration. As a first step to enable it to be used, let's try to attach the CPU devices to their PM domains on PREEMPT_RT. In this way the syscore ops becomes available, allowing the PM domain topology to be managed during s2ram. For the moment let's leave the support for CPU hotplug outside PREEMPT_RT, as it's depending on using runtime PM. For s2ram, this isn't a problem as all CPUs are managed via the syscore ops. Signed-off-by: Ulf Hansson Tested-by: Raghavendra Kakarla # qcm6490 with PREEMPT_RT set Acked-by: Sebastian Andrzej Siewior Link: https://lore.kernel.org/r/20240527142557.321610-7-ulf.hansson@linaro.org commit 88bf68b76694873c3b101b65a26c4b315fab06df Author: Ulf Hansson Date: Mon May 27 16:25:55 2024 +0200 cpuidle: psci: Drop redundant assignment of CPUIDLE_FLAG_RCU_IDLE When using the hierarchical topology and PSCI OSI-mode we may end up overriding the deepest idle-state's ->enter|enter_s2idle() callbacks, but there is no point to also re-assign the CPUIDLE_FLAG_RCU_IDLE for the idle-state in question, as that has already been set when parsing the states from DT. See init_state_node(). Signed-off-by: Ulf Hansson Tested-by: Raghavendra Kakarla # qcm6490 with PREEMPT_RT set Acked-by: Sebastian Andrzej Siewior Link: https://lore.kernel.org/r/20240527142557.321610-6-ulf.hansson@linaro.org commit c7b45284ab3012d21a02cf4448df32c655c32afb Author: Ulf Hansson Date: Mon May 27 16:25:54 2024 +0200 cpuidle: psci-domain: Enable system-wide suspend on PREEMPT_RT The domain-idle-states are currently disabled on a PREEMPT_RT based configuration for the cpuidle-psci-domain. To enable them to be used for system-wide suspend and in particular during s2idle, let's set the GENPD_FLAG_RPM_ALWAYS_ON instead of GENPD_FLAG_ALWAYS_ON for the corresponding genpd provider. In this way, the runtime PM path remains disabled in genpd for its attached devices, while powering-on/off the PM domain during system-wide suspend becomes allowed. Signed-off-by: Ulf Hansson Tested-by: Raghavendra Kakarla # qcm6490 with PREEMPT_RT set Acked-by: Sebastian Andrzej Siewior Link: https://lore.kernel.org/r/20240527142557.321610-5-ulf.hansson@linaro.org commit 9094e53ff5c86ebe372ad3960c3216c9817a1a04 Author: Ulf Hansson Date: Mon May 27 16:25:53 2024 +0200 pmdomain: core: Use dev_name() instead of kobject_get_path() in debugfs Using kobject_get_path() means a dynamic memory allocation gets done, which doesn't work on a PREEMPT_RT based configuration while holding genpd's raw spinlock. To fix the problem, let's convert into using the simpler dev_name(). This means the information about the path doesn't get presented in debugfs, but hopefully this shouldn't be an issue. Signed-off-by: Ulf Hansson Tested-by: Raghavendra Kakarla # qcm6490 with PREEMPT_RT set Acked-by: Sebastian Andrzej Siewior Link: https://lore.kernel.org/r/20240527142557.321610-4-ulf.hansson@linaro.org commit b87eee38605c396f0e1fa435939960e5c6cd41d6 Author: Ulf Hansson Date: Mon May 27 16:25:52 2024 +0200 pmdomain: core: Don't hold the genpd-lock when calling dev_pm_domain_set() There is no need to hold the genpd-lock, while assigning the dev->pm_domain. In fact, it becomes a problem on a PREEMPT_RT based configuration as the genpd-lock may be a raw spinlock, while the lock acquired through the call to dev_pm_domain_set() is a regular spinlock. To fix the problem, let's simply move the calls to dev_pm_domain_set() outside the genpd-lock. Signed-off-by: Ulf Hansson Tested-by: Raghavendra Kakarla # qcm6490 with PREEMPT_RT set Acked-by: Sebastian Andrzej Siewior Link: https://lore.kernel.org/r/20240527142557.321610-3-ulf.hansson@linaro.org commit d7bdb8e6aabe218fd980768a1486434e42761539 Author: Ulf Hansson Date: Mon May 27 16:25:51 2024 +0200 pmdomain: core: Enable s2idle for CPU PM domains on PREEMPT_RT To allow a genpd provider for a CPU PM domain to enter a domain-idle-state during s2idle on a PREEMPT_RT based configuration, we can't use the regular spinlock, as they are turned into sleepable locks on PREEMPT_RT. To address this problem, let's convert into using the raw spinlock, but only for genpd providers that have the GENPD_FLAG_CPU_DOMAIN bit set. In this way, the lock can still be acquired/released in atomic context, which is needed in the idle-path for PREEMPT_RT. Do note that the genpd power-on/off notifiers may also be fired during s2idle, but these are already prepared for PREEMPT_RT as they are based on the raw notifiers. However, consumers of them may need to adopt accordingly to work properly on PREEMPT_RT. Signed-off-by: Ulf Hansson Tested-by: Raghavendra Kakarla # qcm6490 with PREEMPT_RT set Acked-by: Sebastian Andrzej Siewior Link: https://lore.kernel.org/r/20240527142557.321610-2-ulf.hansson@linaro.org commit 328fc9b29810819c4496c6e9fd74491ca458045e Author: Jerome Brunet Date: Tue Jul 30 15:02:22 2024 +0200 pmdomain: amlogic: remove obsolete vpu domain driver meson-gx-pwrc-vpu has been superseded by meson-ee-pwrc since commit 53773f2dfd9c ("soc: amlogic: meson-ee-pwrc: add support for the Meson GX SoCs"), so v5.8. This driver is obsolete and no longer used or tested. There is no reason to keep it around so remove it. Signed-off-by: Jerome Brunet Link: https://lore.kernel.org/r/20240730130227.712894-1-jbrunet@baylibre.com Signed-off-by: Ulf Hansson commit ef5e8d34bb9a2f6c13fa35a2209709d345ac1017 Author: Frank Li Date: Fri Jun 28 22:17:54 2024 -0400 dt-bindings: can: fsl,flexcan: add common 'can-transceiver' for fsl,flexcan Add common 'can-transceiver' children node for fsl,flexcan. Fix below warning: arch/arm64/boot/dts/freescale/fsl-ls1028a-rdb.dtb: can@2180000: 'can-transceiver' does not match any of the regexes: 'pinctrl-[0-9]+' from schema $id: http://devicetree.org/schemas/net/can/fsl,flexcan.yaml# Signed-off-by: Frank Li Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/all/20240629021754.3583641-1-Frank.Li@nxp.com Signed-off-by: Marc Kleine-Budde commit 26b95b7b588d70b5075b597ff808543503d36ac6 Author: Haibo Chen Date: Thu Aug 1 17:30:28 2024 +0800 gpio: vf610: add get_direction() support For IP which do not contain PDDR, currently use the pinmux API pinctrl_gpio_direction_input() to config the output/input, pinmux currently do not support get_direction(). So here add the GPIO get_direction() support only for the IP which has Port Data Direction Register (PDDR). Signed-off-by: Haibo Chen Link: https://lore.kernel.org/r/20240801093028.732338-3-haibo.chen@nxp.com Signed-off-by: Bartosz Golaszewski commit 3e7ebf271f935a316e9593d63f495498cde22f80 Author: Haibo Chen Date: Thu Aug 1 17:30:27 2024 +0800 gpio: gpio-vf610: use u32 mask to handle 32 number gpios This gpio controller support up to 32 pins per port. And all the register width is 32 bit. So here use u32 to replace the original unsigned long. Signed-off-by: Haibo Chen Reviewed-by: Stefan Wahren Link: https://lore.kernel.org/r/20240801093028.732338-2-haibo.chen@nxp.com Signed-off-by: Bartosz Golaszewski commit da1878b61c8d480c361ba6a39ce8a31c80b65826 Author: Dnyaneshwar Bhadane Date: Thu Aug 1 16:41:41 2024 +0530 drm/i915/display: correct dual pps handling for MTL_PCH+ On the PCH side the second PPS was introduced in ICP+.Add condition On MTL_PCH and greater platform also having the second PPS. Note that DG1/2 south block only has the single PPS, so need to exclude the fake DG1/2 PCHs Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/11488 Fixes: 93cbc1accbce ("drm/i915/mtl: Add fake PCH for Meteor Lake") Cc: # v6.9+ Signed-off-by: Dnyaneshwar Bhadane Reviewed-by: Jani Nikula Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240801111141.574854-1-dnyaneshwar.bhadane@intel.com commit e4c8b8014f3fb6a324ba388fc676d176a35bcdb8 Author: Takashi Sakamoto Date: Mon Aug 5 17:54:08 2024 +0900 firewire: ohci: use guard macro to serialize operations for isochronous contexts The 1394 OHCI driver uses spinlock to serialize operations for isochronous contexts. This commit uses guard macro to maintain the spinlock. Link: https://lore.kernel.org/r/20240805085408.251763-18-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 86baade948832b45a6b5ef1e47282d94dd99e2ba Author: Takashi Sakamoto Date: Mon Aug 5 17:54:07 2024 +0900 firewire: ohci: use guard macro to maintain image of configuration ROM The 1394 OHCI driver uses spinlock for the process to update local configuration ROM. This commit uses guard macro to maintain the spinlock. Link: https://lore.kernel.org/r/20240805085408.251763-17-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit b10e56fd0eae18d77afd3c859fc13f1d665a936c Author: Takashi Sakamoto Date: Mon Aug 5 17:54:06 2024 +0900 firewire: ohci: use guard macro to maintain bus time The 1394 OHCI driver maintains bus time to respond to querying request. The concurrent access to the bus time is protected by spinlock. This commit uses guard macro to maintain the spinlock. Link: https://lore.kernel.org/r/20240805085408.251763-16-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 27310d5616227c2ba8c0cedc5cdbe236042738b7 Author: Takashi Sakamoto Date: Mon Aug 5 17:54:05 2024 +0900 firewire: core: use guard macro to maintain properties of fw_card The core functions uses spinlock in instance of fw_card structure to protect concurrent access to properties in the instance. This commit uses guard macro to maintain the spinlock. Link: https://lore.kernel.org/r/20240805085408.251763-15-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit d320bac904f9e3a0d1af0c314b768fb1f545704e Author: Takashi Sakamoto Date: Mon Aug 5 17:54:04 2024 +0900 firewire: core: use guard macro to maintain list of asynchronous transaction The core function maintains pending asynchronous transactions by list in the instance of fw_card. The concurrent access to the list is protected by spinlock in the instance. This commit uses guard macro to maintain the spinlock. Link: https://lore.kernel.org/r/20240805085408.251763-14-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit b9545448f095f23f72fc6b28aa9bfb84a4ac9d40 Author: Takashi Sakamoto Date: Mon Aug 5 17:54:03 2024 +0900 firewire: core: use guard macro to maintain list of receivers for phy configuration packets The core function maintains clients to receive phy configuration packets by list in the instance of fw_card. The concurrent access to the list is protected by spinlock in the instance. This commit uses guard macro to maintain the list. Link: https://lore.kernel.org/r/20240805085408.251763-13-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit cf123b01286085f178f20454ec920526807f9fa0 Author: Takashi Sakamoto Date: Mon Aug 5 17:54:02 2024 +0900 firewire: core: use guard macro to maintain isochronous context for userspace client The core function allows one isochronous contexts per userspace client. The concurrent access to the context is protected by spinlock in the instance of client. This commit uses guard macro to maintain the spinlock. Link: https://lore.kernel.org/r/20240805085408.251763-12-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit d3816b8b988038bd1c4b7fe08f130ba3783a3432 Author: Takashi Sakamoto Date: Mon Aug 5 17:54:01 2024 +0900 firewire: core: use guard macro to maintain IDR of isochronous resources for userspace clients The core function provides UAPI to maintain isochronous resources allocated by userspace clients across bus resets automatically. The resources are maintained by IDR and the concurrent access to it is protected by spinlock in the instance of client. This commit uses guard macro to maintain the spinlock. Link: https://lore.kernel.org/r/20240805085408.251763-11-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 4f1f91aeca50c8ca0bd84baab3c92a0a3b4db2d7 Author: Takashi Sakamoto Date: Mon Aug 5 17:54:00 2024 +0900 firewire: core: use guard macro to maintain list of events for userspace clients The core function maintains events to userspace by list in the instance of client. The concurrent access to the list is protected by spinlock in the instance. This commit uses guard macro to maintain the spinlock. Link: https://lore.kernel.org/r/20240805085408.251763-10-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit bacf921c42bbec7974ffb2b49e30f06aa602580e Author: Takashi Sakamoto Date: Mon Aug 5 17:53:59 2024 +0900 firewire: core: use guard macro to disable local IRQ The core function provides an operation for userspace application to retrieve current value of CYCLE_TIMER register with several types of system time. In the operation, local interrupt is disables so that the access of the register and ktime are done atomically. This commit uses guard macro to disable/enable local interrupts. Link: https://lore.kernel.org/r/20240805085408.251763-9-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 3a335229c5eb13b8b9b8f7ede386df31cc94c1b1 Author: Takashi Sakamoto Date: Mon Aug 5 17:53:58 2024 +0900 firewire: core: use guard macro to maintain the list of address handler for transaction The core function maintains address handlers by list. It is protected by spinlock to insert and remove entry to the list. This commit uses guard macro to maintain the spinlock. Link: https://lore.kernel.org/r/20240805085408.251763-8-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 2a6a58f06bd5d123a5b248a565b90b5df26c9ea8 Author: Takashi Sakamoto Date: Mon Aug 5 17:53:57 2024 +0900 firewire: core: use guard macro to access to IDR for fw_device The core function maintains the instance of fw_device structure by IDR. The concurrent access to IDR is protected by static read/write semaphore. The semaphore is also utilized to protect concurrent access to the content of configuration ROM cached to the instance so that the cache is swapped to the latest one. This commit uses guard macro to maintain the mutex. Link: https://lore.kernel.org/r/20240805085408.251763-7-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit eade1e1ba2236f8f51e357a690ca70a41fe34d2d Author: Takashi Sakamoto Date: Mon Aug 5 17:53:56 2024 +0900 firewire: core: use guard macro to maintain RCU scope for transaction address handler The core function maintains address handlers by list. RCU is utilized for efficient read access to any entries in the list. This commit uses guard macro to maintain RCU locking and releasing. Link: https://lore.kernel.org/r/20240805085408.251763-6-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 6d72fbc81634b3c9423bf96207121ed7dd6bdc11 Author: Takashi Sakamoto Date: Mon Aug 5 17:53:55 2024 +0900 firewire: ohci: use guard macro to serialize accesses to phy registers The 1394 OHCI driver protects concurrent accesses to phy registers by mutex object in fw_ohci structure. This commit uses guard macro to maintain the mutex. Link: https://lore.kernel.org/r/20240805085408.251763-5-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 044ce581ab28f640d3997cb38e1ddda782238abb Author: Takashi Sakamoto Date: Mon Aug 5 17:53:54 2024 +0900 firewire: core: use guard macro to maintain the list of cdev clients The core function maintains userspace clients by the list in fw_device object associated to the operated character device. The concurrent access to the list is protected by mutex in the object. This commit uses guard macro to maintain the mutex. Link: https://lore.kernel.org/r/20240805085408.251763-4-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 57b40ec6db94dd325a76ad0a0fd1173a7cbfcc81 Author: Takashi Sakamoto Date: Mon Aug 5 17:53:53 2024 +0900 firewire: core: use guard macro to maintain the list of card The core function maintains registered cards by list. The concurrent access to the list is protected by static mutex. This commit uses guard macro to maintain the mutex. Link: https://lore.kernel.org/r/20240805085408.251763-3-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 232f72b10da74054055558b05235a725c3b90468 Author: Takashi Sakamoto Date: Mon Aug 5 17:53:52 2024 +0900 firewire: core: use guard macro to maintain static packet data for phy configuration The core function provide a kernel API to send phy configuration packet. Current implementation of the feature uses packet object allocated statically. The concurrent access to the object is protected by static mutex. This commit uses guard macro to maintain the mutex. Link: https://lore.kernel.org/r/20240805085408.251763-2-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit a4172af3040cdc207f1b60efffcdd219156093c9 Merge: de9c2c66ad8e78 f2881dfdaaa9ec Author: Dave Airlie Date: Mon Aug 5 18:47:30 2024 +1000 Merge tag 'drm-xe-next-2024-07-30' of https://gitlab.freedesktop.org/drm/xe/kernel into drm-next drm-xe-next for 6.12 UAPI Changes: - Rename xe perf layer as xe observation layer, but was also made available via fixes to previous verison (Ashutosh) - Use write-back caching mode for system memory on DGFX, but was also mad available via fixes to previous version (Thomas) - Expose SIMD16 EU mask in topology query for userspace to know the type of EU, as available in PVC, Lunar Lake and Battlemage (Lucas) - Return ENOBUFS instead of ENOMEM in vm_bind if failure is tied to an array of binds (Matthew Brost) Driver Changes: - Log cleanup moving messages to debug priority (Michal Wajdeczko) - Add timeout to fences to adhere to dma_buf rules (Matthew Brost) - Rename old engine nomenclature to exec_queue (Matthew Brost) - Convert multiple bind ops to 1 job (Matthew Brost) - Add error injection for vm bind to help testing error path (Matthew Brost) - Fix error handling in page table to propagate correctly to userspace (Matthew Brost) - Re-organize and cleanup SR-IOV related registers (Michal Wajdeczko) - Make the device write barrier compatible with VF (Michal Wajdeczko) - New display workarounds for Battlemage (Matthew Auld) - New media workarounds for Lunar Lake and Battlemage (Ngai-Mint Kwan) - New graphics workarounds for Lunar Lake (Bommu Krishnaiah) - Tracepoint updates (Matthew Brost, Nirmoy Das) - Cleanup the header generation for OOB workarounds (Lucas De Marchi) - Fix leaking HDCP-related object (Nirmoy Das) - Serialize L2 flushes to avoid races (Tejas Upadhyay) - Log pid and comm on job timeout (José Roberto de Souza) - Simplify boilerplate code for live kunit (Michal Wajdeczko) - Improve kunit skips for live kunit (Michal Wajdeczko) - Fix xe_sync cleanup when handling xe_exec ioctl (Ashutosh Dixit) - Limit fair VF LMEM provisioning (Michal Wajdeczko) - New workaround to fence mmio writes in Lunar Lake (Tejas Upadhyay) - Warn on writes inaccessible register in VF (Michal Wajdeczko) - Fix register lookup in VF (Michal Wajdeczko) - Add GSC support for Battlemage (Alexander Usyskin) - Fix wedging only the GT in which timeout occurred (Matthew Brost) - Block device suspend when wedging (Matthew Brost) - Handle compression and migration changes for Battlemage (Akshata Jahagirdar) - Limit access of stolen memory for Lunar Lake (Uma Shankar) - Fail invalid addresses during user fence creation (Matthew Brost) - Refcount xe_file to safely and accurately store fdinfo stats (Umesh Nerlige Ramappa) - Cleanup and fix PM reference for TLB invalidation code (Matthew Brost) - Fix PM reference handling when communicating with GuC (Matthew Brost) - Add new BO flag for 2 MiB alignement and use in VF (Michal Wajdeczko) - Simplify MMIO setup for multi-tile platforms (Lucas De Marchi) - Add check for uninitialized access to OOB workarounds (Lucas De Marchi) - New GSC and HuC firmware blobs for Lunar Lake and Battlemage (Daniele Ceraolo Spurio) - Unify mmio wait logic (Gustavo Sousa) - Fix off-by-one when processing RTP rules (Lucas De Marchi) - Future-proof migrate logic with compressed PAT flag (Matt Roper) - Add WA kunit tests for Battlemage (Lucas De Marchi) - Test active tracking for workaorunds with kunit (Lucas De Marchi) - Add kunit tests for RTP with no actions (Lucas De Marchi) - Unify parse of OR rules in RTP (Lucas De Marchi) - Add performance tuning for Battlemage (Sai Teja Pottumuttu) - Make bit masks unsigned (Geert Uytterhoeven) Signed-off-by: Dave Airlie From: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/k7xuktfav4zmtxxjr77glu2hszypvzgmzghoumh757nqfnk7kn@ccfi4ts3ytbk commit 0274d8098291d87f61f1f8e5b22214abb5324669 Author: Andrei Stefanescu Date: Tue Jul 23 16:18:32 2024 +0300 pinctrl: s32cc: add update and overwrite options when setting pinconf The previous pinconf settings(made by the bootloader) need to be overwritten when configuring the pinctrl of a driver during the boot process. Configuring the bias of a GPIO at runtime (e.g. pull-up) needs to preserve the other settings unaltered. This patch introduces changes to differentiate between the two cases. Signed-off-by: Radu Pirea Signed-off-by: Florin Buica Signed-off-by: Andrei Stefanescu Link: https://lore.kernel.org/20240723131832.1171036-4-andrei.stefanescu@oss.nxp.com Signed-off-by: Linus Walleij commit 522875e09ba5ca59d39040b3536f48540c177636 Author: Andrei Stefanescu Date: Tue Jul 23 16:18:31 2024 +0300 pinctrl: s32cc: configure PIN_CONFIG_DRIVE_PUSH_PULL Previously, it was possible to only configure the open-drain for a pin. However, after a pin got configured with open-drain, there wasn't any way to disable it. Add the push-pull configuration in order to reverse the open-drain configuration. Signed-off-by: Florin Buica Signed-off-by: Andrei Stefanescu Link: https://lore.kernel.org/20240723131832.1171036-3-andrei.stefanescu@oss.nxp.com Signed-off-by: Linus Walleij commit 846d9b8628a493b2eb38f1eb779a199fae7093dd Author: Andrei Stefanescu Date: Tue Jul 23 16:18:30 2024 +0300 pinctrl: s32cc: enable the input buffer for a GPIO The IBE (input buffer enable) should be enabled for a GPIO. Reading the value will return the one from the input register, writing the value will return the one from the output register. This offers the flexibility to check if the value intended to be set matches the actual physical one. Signed-off-by: Florin Buica Signed-off-by: Andrei Stefanescu Link: https://lore.kernel.org/20240723131832.1171036-2-andrei.stefanescu@oss.nxp.com Signed-off-by: Linus Walleij commit f384d2828f0d5be67fcd69a7c4756f82465a7f2a Author: Fabio Estevam Date: Mon Jul 1 20:12:29 2024 -0300 arm64: dts: imx8mm-venice-gw72xx-0x: Remove compatible from dtso There is no need to describe the compatible string inside a dtso file. dt-schema produces super verbose warnings about that. Signed-off-by: Fabio Estevam Acked-by: Parthiban Nallathambi Acked-by: Tim Harvey Signed-off-by: Shawn Guo commit c716fb7effdef34acef67711ac7de3880c224b92 Author: Fabio Estevam Date: Mon Jul 1 20:12:28 2024 -0300 arm64: dts: imx8mm-phygate-tauri-l: Remove compatible from dtso There is no need to describe the compatible string inside a dtso file. dt-schema produces super verbose warnings about that. Signed-off-by: Fabio Estevam Acked-by: Parthiban Nallathambi Signed-off-by: Shawn Guo commit 7500e5b3706e4f9a35aba017a0fd705d999e4285 Author: Frank Li Date: Mon Jul 1 16:07:28 2024 -0400 arm64: dts: imx95-19x19-evk: add pwm fan control Add pwm fan and overwrite default thermal nodes. Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 3d282d5cc8a8d8ec152ff4151053da6880a246ff Author: Frank Li Date: Mon Jul 1 16:07:27 2024 -0400 arm64: dts: imx95: add thermal_zone label Add thermal_zone label because it may be overwrite by board level dts file. Reviewed-by: Peng Fan Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit cb681512722dd4a96eeb2cdfb4329b0754731563 Author: Frank Li Date: Mon Jul 1 16:07:26 2024 -0400 arm64: dts: imx95-19x19-evk: add flexspi and child node Add flexspi and child flash node. Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit a748b411d6ba5f515f46d7e99ea042f62ca8759b Author: Frank Li Date: Mon Jul 1 16:07:25 2024 -0400 arm64: dts: imx95: add flexspi node Add flexspi support. Reviewed-by: Peng Fan Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 288c31c92f45fb5dee594563234c9ec596ef8987 Author: Frank Li Date: Mon Jul 1 16:07:24 2024 -0400 arm64: dts: imx95-19x19-evk: Add audio related nodes Add sai1, sai2. Add i2c4 and wm8962 and other dependent nodes. Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 70fd1f6641e26e78f04410a001fe0a53a541252f Author: Frank Li Date: Mon Jul 1 16:07:23 2024 -0400 arm64: dts: imx95: add sai[1..6], xcvr and micfill Add sai[1..6], NXP Audio Transceiver (XCVR) Controller and MICFIL Digital Audio Interface (MICFIL). Reviewed-by: Peng Fan Signed-off-by: Frank Li Signed-off-by: Shawn Guo commit 915fd2e127e8348a979dd6cb86ea4ad4dd5633b8 Author: Frank Li Date: Mon Jul 1 16:07:22 2024 -0400 arm64: dts: imx95: add edma[1..3] nodes Add eDMA1, eDMA2 and eDMA3 support for iMX95. Add dmas and dma-names for each peripheral, which use eDMA. Signed-off-by: Frank Li Reviewed-by: Peng Fan Signed-off-by: Shawn Guo commit 812765cd69540b1e3ed5f02e25ccb9904f6a82f7 Author: Hans Verkuil Date: Thu Jul 25 10:06:39 2024 +0200 media: vivid: add support This makes it possible to test the new CEC_MSG_FL_REPLY_VENDOR_ID flag. The vivid driver will Feature Abort any messages that do not have exactly 1 payload byte. It ignores messages where the payload byte is even, and where it is odd it will reply with the payload byte incremented by 1. Basically a simple ping-pong command. Signed-off-by: Hans Verkuil Signed-off-by: Mauro Carvalho Chehab commit 613f21505b25a4f43f33de00f11afc059bedde2b Author: Hans Verkuil Date: Thu Jul 4 11:01:51 2024 +0200 media: cec: core: add new CEC_MSG_FL_REPLY_VENDOR_ID flag If this flag is set, then the reply is expected to consist of the CEC_MSG_VENDOR_COMMAND_WITH_ID opcode followed by the Vendor ID (as used in bytes 1-4 of the message), followed by the struct cec_msg reply field. Note that this assumes that the byte after the Vendor ID is a vendor-specific opcode. This flag makes it easier to wait for replies to vendor commands, using the same CEC framework support for waiting for regular replies. Support for this flag is indicated by setting the new CEC_CAP_REPLY_VENDOR_ID capability. Signed-off-by: Hans Verkuil Signed-off-by: Mauro Carvalho Chehab commit 14411957096609b172a2d9fc1c985daa5c80f23d Author: Tomer Maimon Date: Tue Jul 16 22:40:08 2024 +0300 pinctrl: nuvoton: npcm8xx: modify pins flags Modify the following pins flags on the Nuvoton NPCM8XX BMC: - Add pins 110-113, 187, 191, 192, 194-199, 202 SLEW flag - Add pins 229 and 230 GPO flag. - Remove pin 233 SLEWLPC flag. - Remove pin 251 SLEW flag. Signed-off-by: Tomer Maimon Link: https://lore.kernel.org/20240716194008.3502068-8-tmaimon77@gmail.com Signed-off-by: Linus Walleij commit db5edf0f5c1ec28b3c63d6f1f574ba087ea4006c Author: Tomer Maimon Date: Tue Jul 16 22:40:07 2024 +0300 pinctrl: nuvoton: npcm8xx: modify clkrun and serirq pin configuration Modify clkrun and serirq pin configuration on the Nuvoton NPCM8XX BMC SoC. Signed-off-by: Tomer Maimon Link: https://lore.kernel.org/20240716194008.3502068-7-tmaimon77@gmail.com Signed-off-by: Linus Walleij commit d66fad91c9f37abd1d8e2c4a96dde1f861cf59d7 Author: Tomer Maimon Date: Tue Jul 16 22:40:06 2024 +0300 pinctrl: nuvoton: npcm8xx: add pin 250 to DDR pins group Add pin 250 to DDR pins group on the Nuvoton NPCM8xx BMC SoC. Signed-off-by: Tomer Maimon Link: https://lore.kernel.org/20240716194008.3502068-6-tmaimon77@gmail.com Signed-off-by: Linus Walleij commit 4edcebbb4399ebd10f7c05293cdd74b598c7fd96 Author: Tomer Maimon Date: Tue Jul 16 22:40:05 2024 +0300 pinctrl: nuvoton: npcm8xx: add gpi35 and gpi36 This patch adds support for GPIO pins GPI35 and GPI36 on the Nuvoton NPCM8xx BMC SoC. The pins are configured for only for input. Signed-off-by: Tomer Maimon Link: https://lore.kernel.org/20240716194008.3502068-5-tmaimon77@gmail.com Signed-off-by: Linus Walleij commit 92f5f86b064f1c50c33c74cb087bfbe3e53479d0 Author: Tomer Maimon Date: Tue Jul 16 22:40:04 2024 +0300 pinctrl: nuvoton: npcm8xx: clear polarity before set both edge Clear polarity before setting both edges to ensure that the polarity is in the same state before configuring events for both edges Signed-off-by: Tomer Maimon Link: https://lore.kernel.org/20240716194008.3502068-4-tmaimon77@gmail.com Signed-off-by: Linus Walleij commit 20070bdc1c74dcb8c899d940fa7e92d9f732687f Author: Tomer Maimon Date: Tue Jul 16 22:40:03 2024 +0300 pinctrl: nuvoton: npcm8xx: remove non-existent pins, groups, functions Remove non-existent smb4den abd lpcclk pins, groups and functions on the Nuvoton NPCM8XX BMC SoC. Signed-off-by: Tomer Maimon Link: https://lore.kernel.org/20240716194008.3502068-3-tmaimon77@gmail.com Signed-off-by: Linus Walleij commit 555590146461d9644fb85578d956dd48c814a1e3 Author: Tomer Maimon Date: Tue Jul 16 22:40:02 2024 +0300 dt-bindings: pinctrl: npcm8xx: remove non-existent groups and functions Remove non-existent smb4den and lpcclk groups and functions from Nuvoton NPCM8XX Pin controller binding documentation. Signed-off-by: Tomer Maimon Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/20240716194008.3502068-2-tmaimon77@gmail.com Signed-off-by: Linus Walleij commit d59c2396e0669cc657b68ef5765e2d4a1d3cef24 Author: Peng Fan Date: Sat May 4 21:20:18 2024 +0800 pinctrl: samsung: Use scope based of_node_put() cleanups Use scope based of_node_put() cleanup to simplify code. Signed-off-by: Peng Fan Link: https://lore.kernel.org/r/20240504-pinctrl-cleanup-v2-20-26c5f2dc1181@nxp.com Signed-off-by: Krzysztof Kozlowski commit 9c26327ee71af934b924ac374681518f60f226e7 Author: Fabio Estevam Date: Fri Jun 28 23:47:35 2024 -0300 ARM: mach-imx: imx6sx: Remove Ethernet refclock setting The Ethernet refclock configuration is board specific and should not be harcoded in machine code. Remove it to align with the imx6ul commit e87f3be1c7f8 ("ARM: mach-imx: imx6ul: remove not optional ethernet refclock overwrite"). Clearing bits 13 and 17 of GPR1 is the POR values, so this change does not affect existing boards in mainline. Tested on imx6sx-udoo-neo and imx6sx-sdb boards. Signed-off-by: Fabio Estevam Signed-off-by: Shawn Guo commit d3f891f1d172e8d8305dbb5f6572c4b60ab9eb37 Author: Rayyan Ansari Date: Tue Jul 9 17:17:56 2024 +0100 dt-bindings: pinctrl: qcom,apq8084-pinctrl: convert to dtschema Convert the Qualcomm APQ8084 TLMM block bindings from text to yaml dt schema format. Signed-off-by: Rayyan Ansari Reviewed-by: Krzysztof Kozlowski Reviewed-by: Bjorn Andersson Link: https://lore.kernel.org/20240709162009.5166-5-rayyan.ansari@linaro.org Signed-off-by: Linus Walleij commit 06881e91f371671224ab283c8862e22c6d1e84b6 Author: Rayyan Ansari Date: Tue Jul 9 17:17:55 2024 +0100 dt-bindings: pinctrl: qcom,ipq4019-pinctrl: convert to dtschema Convert the Qualcomm IPQ4019 TLMM block bindings from text to yaml dt schema format. Signed-off-by: Rayyan Ansari Reviewed-by: Krzysztof Kozlowski Reviewed-by: Bjorn Andersson Link: https://lore.kernel.org/20240709162009.5166-4-rayyan.ansari@linaro.org Signed-off-by: Linus Walleij commit df1acfd0a53a81b65f7876b9f6d78b76c54e7b17 Author: Rayyan Ansari Date: Tue Jul 9 17:17:54 2024 +0100 dt-bindings: pinctrl: qcom,ipq8064-pinctrl: convert to dtschema Convert the Qualcomm IPQ8064 TLMM block bindings from text to yaml dt schema format. Signed-off-by: Rayyan Ansari Reviewed-by: Krzysztof Kozlowski Reviewed-by: Bjorn Andersson Link: https://lore.kernel.org/20240709162009.5166-3-rayyan.ansari@linaro.org Signed-off-by: Linus Walleij commit 31ed8634a2251d7f0b69581440bef7f99a8b77c4 Author: Rayyan Ansari Date: Tue Jul 9 17:17:53 2024 +0100 dt-bindings: pinctrl: qcom,apq8064-pinctrl: convert to dtschema Convert the Qualcomm APQ8064 TLMM block bindings from text to yaml dt schema format. Signed-off-by: Rayyan Ansari Reviewed-by: Krzysztof Kozlowski Reviewed-by: Bjorn Andersson Link: https://lore.kernel.org/20240709162009.5166-2-rayyan.ansari@linaro.org Signed-off-by: Linus Walleij commit 3479c7ae9c1ddf04e720a2a9e6db046fee249745 Author: Christophe JAILLET Date: Tue Jul 9 22:37:44 2024 +0200 pinctrl: ti: ti-iodelay: Constify struct ti_iodelay_reg_data 'struct ti_iodelay_reg_data' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 17259 1788 16 19063 4a77 drivers/pinctrl/ti/pinctrl-ti-iodelay.o After: ===== text data bss dec hex filename 17355 1692 16 19063 4a77 drivers/pinctrl/ti/pinctrl-ti-iodelay.o Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/40d6e67ab4e73d2cbe7ca0060ac27afc894fc415.1720556038.git.christophe.jaillet@wanadoo.fr Signed-off-by: Linus Walleij commit a9f2b249adeef2b9744a884355fa8f5e581d507f Author: Christophe JAILLET Date: Tue Jul 9 22:37:43 2024 +0200 pinctrl: ti: ti-iodelay: Fix some error handling paths In the probe, if an error occurs after the ti_iodelay_pinconf_init_dev() call, it is likely that ti_iodelay_pinconf_deinit_dev() should be called, as already done in the remove function. Also in ti_iodelay_pinconf_init_dev(), if an error occurs after the first regmap_update_bits() call, it is also likely that the deinit() function should be called. The easier way to fix it is to add a devm_add_action_or_reset() at the rigtht place to have ti_iodelay_pinconf_deinit_dev() called when needed. Doing so, the .remove() function can be removed, and the associated platform_set_drvdata() call in the probe as well. Fixes: 003910ebc83b ("pinctrl: Introduce TI IOdelay configuration driver") Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/0220fa5b925bd08e361be8206a5438f6229deaac.1720556038.git.christophe.jaillet@wanadoo.fr Signed-off-by: Linus Walleij commit 52f82ed6a60688703b773bffb6fbd866b6192a62 Author: Fabio Estevam Date: Fri Jun 28 23:18:27 2024 -0300 ARM: dts: imx6sx-udoo-neo: Properly configure ENET_REF By default, the ENET_REF is configured at 125MHz on i.MX6SX, which works well for boards that operate in RGMII mode. The imx6sx-udoo-neo has a KSZ8091 Ethernet PHY that is connected via RMII interface, so a 50MHz ENET_REF clock is expected. Describe the IMX6SX_CLK_ENET_REF accordingly. Signed-off-by: Fabio Estevam Signed-off-by: Shawn Guo commit bebf833d334249b8ab13446a17d3d47fed6e0d45 Author: Javier Carrasco Date: Thu Jul 4 20:36:44 2024 +0200 pinctrl: realtek: Constify struct regmap_config `rtd_pinctrl_regmap_config` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/20240704-pinctrl-const-regmap_config-v1-2-9d5570f0b9f3@gmail.com Signed-off-by: Linus Walleij commit d801403c3324ecb8b79e1840f87cce01c4926cdc Author: Javier Carrasco Date: Thu Jul 4 20:36:43 2024 +0200 pinctrl: ti-iodelay: Constify struct regmap_config `dra7_iodelay_regmap_config` is not modified and can be declared as const to move its data to a read-only section. The pointer used to reference that struct has been made const accordingly. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/20240704-pinctrl-const-regmap_config-v1-1-9d5570f0b9f3@gmail.com Signed-off-by: Linus Walleij commit 0481dadbc5e55cb001712ffd78a6dfb3a788e002 Author: Peng Fan Date: Fri Jun 28 20:15:42 2024 +0800 arm64: dts: imx93: support i.MX93-14x14-EVK board Add the board device tree with sdhc1/2, cm33, flexcan, mu, lpuart1, lpi2c1/2, usb enabled and etc, which to support the i.MX 93 14x14 Evaluation kit that is an automotive market oriented evaluation board with i.MX 93 application processors in a 14x14mm package. Signed-off-by: Ye Li Signed-off-by: Peng Fan Signed-off-by: Shawn Guo commit 9ebd74c20a48dc6c07e7077987565df2cb9a9f00 Author: Peng Fan Date: Fri Jun 28 20:15:41 2024 +0800 dt-bindings: arm: fsl: add i.MX93 14x14 EVK board Add compatible string for i.MX93 14x14 EVK Board. Signed-off-by: Peng Fan Acked-by: Krzysztof Kozlowski Signed-off-by: Shawn Guo commit 2c25dcc2361949bc7da730d22de36c019c6bf1e3 Merge: ba5c778cab1dd3 de9c2c66ad8e78 Author: Mauro Carvalho Chehab Date: Mon Aug 5 08:25:09 2024 +0200 Merge tag 'v6.11-rc2' into media_stage Linux 6.11-rc2 * tag 'v6.11-rc2': (283 commits) Linux 6.11-rc2 profiling: remove profile=sleep support arm: dts: arm: versatile-ab: Fix duplicate clock node name runtime constants: deal with old decrepit linkers clocksource: Fix brown-bag boolean thinko in cs_watchdog_read() cifs: update internal version number smb: client: fix FSCTL_GET_REPARSE_POINT against NetApp smb3: add dynamic tracepoints for shutdown ioctl cifs: Remove cifs_aio_ctx smb: client: handle lack of FSCTL_GET_REPARSE_POINT support arm64: jump_label: Ensure patched jump_labels are visible to all CPUs syscalls: fix syscall macros for newfstat/newfstatat uretprobe: change syscall number, again thermal: core: Update thermal zone registration documentation Revert "nouveau: rip out busy fence waits" protect the fetch of ->fd[fd] in do_dup2() from mispredictions x86/uaccess: Zero the 8-byte get_range case on failure on 32-bit riscv: Fix linear mapping checks for non-contiguous memory regions KVM: x86/mmu: fix determination of max NPT mapping level for private pages PCI: pciehp: Retain Power Indicator bits for userspace indicators ... commit 9739ff4887c77a38575c23b12766b0a37c8be13c Author: Gautam Menghani Date: Tue Jul 16 17:22:04 2024 +0530 KVM: PPC: Book3S HV: Refactor HFSCR emulation for KVM guests Refactor HFSCR emulation for KVM guests when they exit out with H_FAC_UNAVAIL to use a switch case instead of checking all "cause" values, since the "cause" values are mutually exclusive; and this is better expressed with a switch case. Signed-off-by: Gautam Menghani Reviewed-by: Madhavan Srinivasan Signed-off-by: Michael Ellerman Link: https://msgid.link/20240716115206.70210-1-gautam@linux.ibm.com commit e997b400c846248bf208e34632c14f205acbff44 Author: Bjorn Andersson Date: Sun Aug 4 20:46:49 2024 -0500 clk: qcom: camcc-sm8150: Correct qcom_cc_really_probe() argument The SM8150 Camera Clock controller was merged using the old arguments for qcom_cc_really_probe(), correct this. Fixes: ea73b7aceff6 ("clk: qcom: Add camera clock controller driver for SM8150") Signed-off-by: Bjorn Andersson commit 63f92f11385dc3b1990e5af1d6412c22c71d7342 Author: Dmitry Torokhov Date: Thu Jul 11 10:27:17 2024 -0700 Input: tsc2004/5 - use guard notation when acquiring mutexes/locks This makes the code more compact and error handling more robust. Link: https://lore.kernel.org/r/20240711172719.1248373-6-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit f46b18f36c01ee2c8f52b1adabd5a38202a6089f Author: Dmitry Torokhov Date: Thu Jul 11 10:27:16 2024 -0700 Input: tsc2004/5 - respect "wakeup-source" property Do not mark the device as wakeup-enabled by default, respect the standard "wakeup-source" property. Link: https://lore.kernel.org/r/20240711172719.1248373-5-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit d086d6d8036a9551781bf3a3002cfad87a8fda40 Author: Dmitry Torokhov Date: Thu Jul 11 10:27:15 2024 -0700 Input: tsc2004/5 - do not use irq_set_irq_wake() directly Instead of setting irq_set_irq_wake() directly in probe(), mark the device as wakeup-capable, and use enable_irq_wake() and disable_irq_wake() in suspend/resume path. This also allows changing the wakeup setting dynamically at runtime using /sys/devices/.../tsc2005/power/wakeup. Reviewed-By: Sebastian Reichel Link: https://lore.kernel.org/r/20240711172719.1248373-4-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit f56b591880ff88f2107d5fe05fa6e1b9c804fb26 Author: Dmitry Torokhov Date: Thu Jul 11 10:27:14 2024 -0700 Input: tsc2004/5 - fix reset handling on probe When the driver has been converted to use gpiod API it was requesting and asserting the reset on probe, but never deasserted it. However because of incorrect annotations in device tree marking reset line as active high whereas in reality it is active low, the end result was that the chip was never reset on probe. With polarity of the reset line now corrected this became a problem. Fix this by calling tsc200x_reset() from tsc200x_probe() to properly complete the reset sequence and move requesting the reset GPIO and VIO supply closer to the point where we need to start talking to the hardware. Fixes: d257f2980feb ("Input: tsc2005 - convert to gpiod") Link: https://lore.kernel.org/r/20240711172719.1248373-3-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 075c777ed7b2a02a9af7345dd55ee0b4794cd5eb Author: Dmitry Torokhov Date: Thu Jul 11 10:27:13 2024 -0700 Input: tsc2004/5 - do not hard code interrupt trigger Instead of hard-coding interrupt trigger rely on ACPI/DT/board code to set it up appropriately. Link: https://lore.kernel.org/r/20240711172719.1248373-2-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit d95f0c4e5b5350c1b0ba0280004449cba79cb2ad Author: Dmitry Torokhov Date: Thu Jul 11 10:27:12 2024 -0700 Input: tsc2004/5 - fix handling of VIO power supply The chip needs to be powered up before calling tsc200x_stop_scan() which communicates with it; move the call to enable the regulator earlier in tsc200x_probe(). At the same time switch to using devm_regulator_get_enable() to simplify error handling. This also makes sure that regulator is not shut off too early when unbinding the driver. Link: https://lore.kernel.org/r/20240711172719.1248373-1-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 0f20e326e723075f98456bacf8de475421f68be6 Author: Chen Ni Date: Wed Jul 10 11:16:26 2024 +0800 phy: ti: phy-j721e-wiz: convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Chen Ni Link: https://lore.kernel.org/r/20240710031626.2003110-1-nichen@iscas.ac.cn Signed-off-by: Vinod Koul commit 0df340ceae2e51ccc6a8a19f4182f389223fbfdf Merge: e99129e5dbf7ca cea5a3472ac43f Author: Tejun Heo Date: Sun Aug 4 07:07:40 2024 -1000 Merge branch 'sched/core' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip into for-6.12 Pull tip/sched/core to resolve the following four conflicts. While 2-4 are simple context conflicts, 1 is a bit subtle and easy to resolve incorrectly. 1. 2c8d046d5d51 ("sched: Add normal_policy()") vs. faa42d29419d ("sched/fair: Make SCHED_IDLE entity be preempted in strict hierarchy") The former converts direct test on p->policy to use the helper normal_policy(). The latter moves the p->policy test to a different location. Resolve by converting the test on p->plicy in the new location to use normal_policy(). 2. a7a9fc549293 ("sched_ext: Add boilerplate for extensible scheduler class") vs. a110a81c52a9 ("sched/deadline: Deferrable dl server") Both add calls to put_prev_task_idle() and set_next_task_idle(). Simple context conflict. Resolve by taking changes from both. 3. a7a9fc549293 ("sched_ext: Add boilerplate for extensible scheduler class") vs. c245910049d0 ("sched/core: Add clearing of ->dl_server in put_prev_task_balance()") The former changes for_each_class() itertion to use for_each_active_class(). The latter moves away the adjacent dl_server handling code. Simple context conflict. Resolve by taking changes from both. 4. 60c27fb59f6c ("sched_ext: Implement sched_ext_ops.cpu_online/offline()") vs. 31b164e2e4af ("sched/smt: Introduce sched_smt_present_inc/dec() helper") 2f027354122f ("sched/core: Introduce sched_set_rq_on/offline() helper") The former adds scx_rq_deactivate() call. The latter two change code around it. Simple context conflict. Resolve by taking changes from both. Signed-off-by: Tejun Heo commit 8c9f085ae3384c5dfc0bc5f2f785b7adbf7d756b Author: Stefan Eichenberger Date: Thu Jul 11 15:12:47 2024 +0200 phy: marvell: phy-mvebu-cp110-comphy: improve eth_port1 on comphy4 According to the CN9100_MPP_information document, CP_SRD4 (comphy 4) supports 2500 BASE-X and 5000 BASE-R for ETH_PORT1. I was able to test that 2500 BASE-X is indeed supported. Unfortunately, our HW does not support 5000 BASE-R, but I assume from the document that it does, so I set the muxing there too to 0x1. Signed-off-by: Stefan Eichenberger Link: https://lore.kernel.org/r/20240711131612.98952-1-eichest@gmail.com Signed-off-by: Vinod Koul commit 265e472e12da17af754f584b6a2f11cedb94fe49 Author: Sam Protsenko Date: Mon Jan 29 14:47:17 2024 -0600 MAINTAINERS: Add entry for Samsung Exynos850 SoC Add maintainers entry for the Samsung Exynos850 SoC based platforms. Signed-off-by: Sam Protsenko Link: https://lore.kernel.org/r/20240129204717.9091-1-semen.protsenko@linaro.org Signed-off-by: Krzysztof Kozlowski commit 1bf641c514cfeae24bc42797816c582a35a9e4ba Author: Peng Fan Date: Fri Jun 28 10:09:53 2024 +0800 arm64: dts: imx93: drop duplicated properties '#address-cells' and '#size-cells' are already included in soc device tree, no need add them in board device tree. Signed-off-by: Peng Fan Signed-off-by: Shawn Guo commit b06402b31d9f936ad9b4da4c1fdf949bf70df383 Author: Peng Fan Date: Fri Jun 28 10:09:21 2024 +0800 arm64: dts: imx95: add p2a reply channel For Platform to Agent(p2a) notification, i.MX95 System Manager(SM) firmware requires a reply communication. So add mailbox channel for p2a reply communication. Signed-off-by: Peng Fan Signed-off-by: Shawn Guo commit 3608d6aca5e793958462e6e01a8cdb6c6e8088d0 Merge: 83044bf90e081f 2b0229f67932e4 Author: David S. Miller Date: Sun Aug 4 15:22:31 2024 +0100 Merge branch 'dsa-en7581' into main Lorenzo Bianconi says: ==================== Add second QDMA support for EN7581 eth controller EN7581 SoC supports two independent QDMA controllers to connect the Ethernet Frame Engine (FE) to the CPU. Introduce support for the second QDMA controller. This is a preliminary series to support multiple FE ports (e.g. connected to a second PHY controller). Changes since v1: - squash patch 6/9 and 7/9 - move some duplicated code from patch 2/9 in 1/9 - cosmetics ==================== Signed-off-by: David S. Miller commit 2b0229f67932e4b9e2f458bf286903582bd30740 Author: Lorenzo Bianconi Date: Thu Aug 1 09:35:12 2024 +0200 net: dsa: mt7530: Add EN7581 support Introduce support for the DSA built-in switch available on the EN7581 development board. EN7581 support is similar to MT7988 one except it requires to set MT7530_FORCE_MODE bit in MT753X_PMCR_P register for on cpu port. Tested-by: Benjamin Larsson Signed-off-by: Lorenzo Bianconi Reviewed-by: Arınç ÜNAL Reviewed-by: Florian Fainelli Signed-off-by: David S. Miller commit 101a002af005a21619463372f45ffb444a203438 Author: Lorenzo Bianconi Date: Thu Aug 1 09:35:11 2024 +0200 dt-bindings: net: dsa: mediatek,mt7530: Add airoha,en7581-switch Add documentation for the built-in switch which can be found in the Airoha EN7581 SoC. Signed-off-by: Lorenzo Bianconi Reviewed-by: Arınç ÜNAL Reviewed-by: Florian Fainelli Signed-off-by: David S. Miller commit 420a549395c24bf9e4755f9fb220ce72b2f4f8bd Author: Dmitry Kandybka Date: Thu Aug 1 13:15:31 2024 +0300 wifi: brcmsmac: clean up unnecessary current_ampdu_cnt and related checks In 'brcms_c_ffpld_check_txfunfl()', 'current_ampdu_cnt' is hardcoded to zero, so 'txunfl_ratio' is always zero as well and some dead code can be removed. Compile tested only. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Dmitry Kandybka Acked-by: Arend van Spriel Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240801101531.6626-1-d.kandybka@gmail.com commit c6002b6c05f3edfa12fd25990cc637281f200442 Author: Arend van Spriel Date: Sat Jul 27 20:56:17 2024 +0200 wifi: brcmfmac: introducing fwil query functions When the firmware interface layer was refactored it provided various "get" and "set" functions. For the "get" in some cases a parameter needed to be passed down to firmware as a key indicating what to "get" turning the output parameter of the "get" function into an input parameter as well. To accommodate this the "get" function blindly copies the parameter which in some places resulted in an uninitialized warnings from the compiler. These have been fixed by initializing the input parameter in the past. Recently another batch of similar fixes were submitted to address clang static checker warnings [1]. Proposing another solution by introducing a "query" variant which is used when the (input) parameter is needed by firmware. The "get" variant will only fill the (output) parameter with the result received from firmware taking care of proper endianess conversion. [1] https://lore.kernel.org/all/20240702122450.2213833-1-suhui@nfschina.com/ Fixes: 81f5dcb80830 ("brcmfmac: refactor firmware interface layer.") Reported-by: Su Hui Signed-off-by: Arend van Spriel Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240727185617.253210-1-arend.vanspriel@broadcom.com commit aa85d45338692e8b29b0c023826c404c3e7113a6 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:54 2024 -0600 pinctrl: samsung: Use of_property_present() Use of_property_present() to test for property presence rather than of_find_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731191312.1710417-16-robh@kernel.org Signed-off-by: Krzysztof Kozlowski commit 16b31ecb802946f1855259a2006c32c8d340ea5c Author: Christophe JAILLET Date: Sun Jul 21 09:40:19 2024 +0200 wifi: brcmfmac: fwsignal: Use struct_size() to simplify brcmf_fws_rxreorder() In the "struct brcmf_ampdu_rx_reorder", change the 'pktslots' field into flexible array. It saves the size of a pointer when the memory is allocated and avoids an indirection when the array is used. It also removes the usage of a pointer arithmetic and saves a few lines of code. Finally, struct_size() can be used. It is not a must have here, because it is easy to see that buf_size can not overflow, but still, it is a good practice. Signed-off-by: Christophe JAILLET Acked-by: Arend van Spriel Signed-off-by: Kalle Valo Link: https://patch.msgid.link/f4ca6b887ca1290c71e76247218adea4d1c42442.1721547559.git.christophe.jaillet@wanadoo.fr commit 9588469d06977bc8ff2c131c4eb589c6477c3b7c Author: David Lin Date: Thu Jul 4 11:30:01 2024 +0800 wifi: mwifiex: add host mlme for AP mode Add host based MLME to enable WPA3 functionalities in AP mode. This feature required a firmware with the corresponding V2 Key API support. The feature (WPA3) is currently enabled and verified only on IW416. Also, verified no regression with change when host MLME is disabled. Signed-off-by: David Lin Reviewed-by: Francesco Dolcini Acked-by: Brian Norris Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240704033001.603419-3-yu-hao.lin@nxp.com commit 36995892c271cce5e2230bc165a06f109b117222 Author: David Lin Date: Thu Jul 4 11:30:00 2024 +0800 wifi: mwifiex: add host mlme for client mode Add host based MLME to enable WPA3 functionalities in client mode. This feature required a firmware with the corresponding V2 Key API support. The feature (WPA3) is currently enabled and verified only on IW416. Also, verified no regression with change when host MLME is disabled. Signed-off-by: David Lin Reviewed-by: Francesco Dolcini Acked-by: Brian Norris Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240704033001.603419-2-yu-hao.lin@nxp.com commit e8b7d0c66a4ddbae909534cda515fbb56771d4bf Author: Sascha Hauer Date: Thu May 30 15:01:56 2024 +0200 wifi: mwifiex: increase max_num_akm_suites The maximum number of AKM suites will be set to two if not specified by the driver. Set it to CFG80211_MAX_NUM_AKM_SUITES to let userspace specify up to ten AKM suites in the akm_suites array. Without only the first two AKM suites will be used, further ones are ignored. Signed-off-by: Sascha Hauer Acked-by: Brian Norris Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240530130156.1651174-1-s.hauer@pengutronix.de commit d21fe1e9a6a44e752e227d3a43f41aed790dad95 Author: Inochi Amaoto Date: Thu Jul 18 10:23:54 2024 +0800 pinctrl: pinconf-generic: Add support for "input-schmitt-microvolt" property Add "input-schmitt-microvolt" property to generic options used for DT parsing files. This enables drivers, which use generic pin configurations, to get the value passed to this property. Signed-off-by: Inochi Amaoto Link: https://lore.kernel.org/IA1PR20MB4953806785BA04E075DC4F03BBAC2@IA1PR20MB4953.namprd20.prod.outlook.com Signed-off-by: Linus Walleij commit 737df10956c425e1fb003d54f3c6aa710e67c2fe Author: Inochi Amaoto Date: Thu Jul 18 10:23:53 2024 +0800 dt-bindings: pincfg-node: Add "input-schmitt-microvolt" property On Sophgo CV18XX platform, threshold strength of schmitt trigger can be configured. As this standard property is already supported by the common pinconf code. Add "input-schmitt-microvolt" property in pincfg-node.yaml so that other platforms requiring such feature can make use of this property. Signed-off-by: Inochi Amaoto Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/IA1PR20MB4953C71C87FD150D2E64FF41BBAC2@IA1PR20MB4953.namprd20.prod.outlook.com Signed-off-by: Linus Walleij commit 41795aa1f56a6e669b65c5418e2b22a5507a2e8d Author: Théo Lebrun Date: Tue Jul 30 18:08:19 2024 +0200 pinctrl: eyeq5: add platform driver Add the Mobileye EyeQ5 pin controller driver. It belongs to a syscon region called OLB and gets spawned as auxiliary device to the platform driver for clock. Existing pins and their function live statically in the driver code rather than in the devicetree, see compatible match data. Reviewed-by: Linus Walleij Signed-off-by: Théo Lebrun Link: https://lore.kernel.org/20240730-mbly-pinctrl-v2-2-d470f64e0395@bootlin.com Signed-off-by: Linus Walleij commit 1451576eef5ebd687055b03fa994064e65991e10 Author: Théo Lebrun Date: Tue Jul 30 18:08:18 2024 +0200 Revert "dt-bindings: pinctrl: mobileye,eyeq5-pinctrl: add bindings" Switch from one sub-node per functionality in the system-controller to a single node representing the entire OLB instance. This is the recommended approach for controllers handling many different functionalities; it is a single controller and should be represented by a single devicetree node. The pinctrl bindings is removed and all properties will be described by: soc/mobileye/mobileye,eyeq5-olb.yaml Reviewed-by: Rob Herring (Arm) Reviewed-by: Linus Walleij Signed-off-by: Théo Lebrun Link: https://lore.kernel.org/20240730-mbly-pinctrl-v2-1-d470f64e0395@bootlin.com Signed-off-by: Linus Walleij commit 83044bf90e081ffe87ae3521914b46bfdaba3b1d Merge: c4b28e5699d2a7 8eaf71f77c923f Author: David S. Miller Date: Sat Aug 3 22:38:45 2024 +0100 Merge branch 'netns-init-cleanups' into main Kuniyuki Iwashima says: ==================== net: Random cleanup for netns initialisation. patch 1 & 2 suppress unwanted memory allocation for net->gen->ptr[]. patch 3 ~ 6 move part of netns initialisation to prenet_init() that do not require pernet_ops_rwsem. v2: patch 1 : Removed Fixes: tag patch 2 : Use XOR for WARN_ON() v1: https://lore.kernel.org/netdev/20240729210801.16196-1-kuniyu@amazon.com/ ==================== Signed-off-by: David S. Miller commit 8eaf71f77c923f13e41a146703b93fa7988d101f Author: Kuniyuki Iwashima Date: Wed Jul 31 13:07:21 2024 -0700 net: Initialise net.core sysctl defaults in preinit_net(). Commit 7c3f1875c66f ("net: move somaxconn init from sysctl code") introduced net_defaults_ops to make sure that net.core sysctl knobs are always initialised even if CONFIG_SYSCTL is disabled. Such operations better fit preinit_net() added for a similar purpose by commit 6e77a5a4af05 ("net: initialize net->notrefcnt_tracker earlier"). Let's initialise the sysctl defaults in preinit_net(). Signed-off-by: Kuniyuki Iwashima Signed-off-by: David S. Miller commit 05be8012594451fbeb7e6319107440eef27bd17b Author: Kuniyuki Iwashima Date: Wed Jul 31 13:07:20 2024 -0700 net: Slim down setup_net(). Most initialisations in setup_net() do not require pernet_ops_rwsem and can be moved to preinit_net(). Signed-off-by: Kuniyuki Iwashima Signed-off-by: David S. Miller commit 930299491825575503ec411ff28473aaa6b8c9ca Author: Kuniyuki Iwashima Date: Wed Jul 31 13:07:19 2024 -0700 net: Call preinit_net() without pernet_ops_rwsem. When initialising the root netns, we call preinit_net() under pernet_ops_rwsem. However, the operations in preinit_net() do not require pernet_ops_rwsem. Also, we don't hold it for preinit_net() when initialising non-root netns. To be consistent, let's call preinit_net() without pernet_ops_rwsem in net_ns_init(). Signed-off-by: Kuniyuki Iwashima Signed-off-by: David S. Miller commit 2b5afc1d5d5a33060034f0f275bc0e9c243394bb Author: Kuniyuki Iwashima Date: Wed Jul 31 13:07:18 2024 -0700 net: Initialise net->passive once in preinit_net(). When initialising the root netns, we set net->passive in setup_net(). However, we do it twice for non-root netns in copy_net_ns() and setup_net(). This is because we could bypass setup_net() in copy_net_ns() if down_read_killable() fails. preinit_net() is a better place to put such an operation. Let's initialise net->passive in preinit_net(). Signed-off-by: Kuniyuki Iwashima Signed-off-by: David S. Miller commit 768e4bb6a75e3c6a034df7c67edac20bd222857e Author: Kuniyuki Iwashima Date: Wed Jul 31 13:07:17 2024 -0700 net: Don't register pernet_operations if only one of id or size is specified. We can allocate per-netns memory for struct pernet_operations by specifying id and size. register_pernet_operations() assigns an id to pernet_operations and later ops_init() allocates the specified size of memory as net->gen->ptr[id]. If id is missing, no memory is allocated. If size is not specified, pernet_operations just wastes an entry of net->gen->ptr[] for every netns. net_generic is available only when both id and size are specified, so let's ensure that. While we are at it, we add const to both fields. Signed-off-by: Kuniyuki Iwashima Signed-off-by: David S. Miller commit 1ad001347fb1ca1f036144b42a6f1df6615e4104 Author: Kuniyuki Iwashima Date: Wed Jul 31 13:07:16 2024 -0700 l2tp: Don't assign net->gen->ptr[] for pppol2tp_net_ops. Commit fd558d186df2 ("l2tp: Split pppol2tp patch into separate l2tp and ppp parts") converted net->gen->ptr[pppol2tp_net_id] in l2tp_ppp.c to net->gen->ptr[l2tp_net_id] in l2tp_core.c. Now the leftover wastes one entry of net->gen->ptr[] in each netns. Let's avoid the unwanted allocation. Signed-off-by: Kuniyuki Iwashima Reviewed-by: Simon Horman Reviewed-by: James Chapman Signed-off-by: David S. Miller commit 6f055df6f65944b155c35fa7f790ca749471f0b6 Author: Dumitru Ceclan Date: Wed Jul 31 15:37:25 2024 +0300 iio: adc: ad7124: set initial ADC mode to idle During setup the st->adc_control is 0, which corresponds to a continuous conversion mode. The reset value for channel 1 is to enable it. The combined effect of these two is that the ADC will start conversions for channel 1 without them being read. This is not neccessarily a problem, but it is an unexpected behavior. Set the ADC state to idle during setup to avoid this. Signed-off-by: Dumitru Ceclan Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240731-ad7124-fix-v1-4-46a76aa4b9be@analog.com Signed-off-by: Jonathan Cameron commit b7eef979b7ac267187218a515ce4afb502fe18c7 Author: Dumitru Ceclan Date: Wed Jul 31 15:37:24 2024 +0300 iio: adc: ad7124: reduce the number of SPI transfers The ad7124_init_config_vref() function writes the AD7124_ADC_CONTROL register for each channel that is configured to use the internal reference. The ad7124_write_config()function performs 7 SPI transfers for configuring 2 registers: config_x and filter_x. Reduce the number of SPI transfers: -during the probe by only setting the st->adc_control value in ad7124_init_config_vref() and writing to the device only at the end of ad7124_setup(). -in ad7124_write_config() by grouping writes to the same register. Signed-off-by: Dumitru Ceclan Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240731-ad7124-fix-v1-3-46a76aa4b9be@analog.com Signed-off-by: Jonathan Cameron commit 13fad2607dad14afd0633d9c869499f6e7c998bd Author: Abhash Jha Date: Wed Jul 31 12:07:03 2024 +0530 iio: light: ltr390: Add configurable gain and resolution Add support for configuring and reading the gain and resolution (integration time). Also provide the available values for gain and resoltion respectively via `read_avail` callback. Signed-off-by: Abhash Jha Link: https://patch.msgid.link/20240731063706.25412-2-abhashkumarjha123@gmail.com Signed-off-by: Jonathan Cameron commit d6b133a664fa7ea01a3a5f2849a6ac205d3c8810 Author: Nuno Sa Date: Fri Aug 2 16:27:06 2024 +0200 iio: adc: ad9467: add digital interface test to debugfs One useful thing to do (in case of problems) in this high speed devices with digital interfaces is to try different test patterns to see if the interface is working properly (and properly calibrated). Hence add this to debugfs. On top of this, for some test patterns, the backend may have a matching validator block which can be helpful in identifying possible issues. For the other patterns some test equipment must be used so one can look into the signal and see how it looks like. Hence, we also add the backend debugfs interface with iio_backend_debugfs_add(). Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240802-dev-iio-backend-add-debugfs-v2-8-4cb62852f0d0@analog.com Signed-off-by: Jonathan Cameron commit 5b30937b0bd348d8eb8b76ade3476c50ef187cd0 Author: Nuno Sa Date: Fri Aug 2 16:27:05 2024 +0200 iio: adc: ad9467: add backend test mode helpers Group the backend configurations to be done in preparing and stopping calibration in two new helpers analogous to ad9467_testmode_set(). This is in preparation for adding support for debugFS test_mode where we need similar configurations as in the calibration process. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240802-dev-iio-backend-add-debugfs-v2-7-4cb62852f0d0@analog.com Signed-off-by: Jonathan Cameron commit c031fee0425b80e96e5a062f041ee5ce2e20fcf3 Author: Nuno Sa Date: Fri Aug 2 16:27:04 2024 +0200 iio: adc: adi-axi-adc: implement backend debugfs interface Implement debugfs options to read/write registers and print the channel status into a buffer (so we may know better the cause for errors) . Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240802-dev-iio-backend-add-debugfs-v2-6-4cb62852f0d0@analog.com Signed-off-by: Jonathan Cameron commit 232cca61cf2f964bebbec66504a86b4ce36b6842 Author: Nuno Sa Date: Fri Aug 2 16:27:03 2024 +0200 iio: adc: adi-axi-adc: split axi_adc_chan_status() Add a new axi_adc_read_chan_status() helper so we get the raw register value out of it. This is in preparation of a future change where we really want to look into dedicated bits of the register. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240802-dev-iio-backend-add-debugfs-v2-5-4cb62852f0d0@analog.com Signed-off-by: Jonathan Cameron commit 53d7a77dac2534e179eb6b9954877de2ffc44e07 Author: Nuno Sa Date: Fri Aug 2 16:27:02 2024 +0200 iio: adc: adi-axi-adc: support modified prbs23 Add support for configuring the prbs23 sequence. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240802-dev-iio-backend-add-debugfs-v2-4-4cb62852f0d0@analog.com Signed-off-by: Jonathan Cameron commit b001635a7c3014fe7745a507840c5d8f58235c04 Author: Nuno Sa Date: Fri Aug 2 16:27:01 2024 +0200 iio: backend: add a modified prbs23 support Support ADI specific prb23 sequence that can be used both for calibrating or debugging digital interfaces. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240802-dev-iio-backend-add-debugfs-v2-3-4cb62852f0d0@analog.com Signed-off-by: Jonathan Cameron commit cdf01e0809a4c6c7877ea52401c2a6679df7aed6 Author: Nuno Sa Date: Fri Aug 2 16:27:00 2024 +0200 iio: backend: add debugFs interface This adds a basic debugfs interface for backends. Two new ops are being added: * debugfs_reg_access: Analogous to the core IIO one but for backend devices. * debugfs_print_chan_status: One useful usecase for this one is for testing test tones in a digital interface and "ask" the backend to dump more details on why a test tone might have errors. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240802-dev-iio-backend-add-debugfs-v2-2-4cb62852f0d0@analog.com Signed-off-by: Jonathan Cameron commit 2256f37e24b1979f9a97de0b76cabbf8544a8aff Author: Nuno Sa Date: Fri Aug 2 16:26:59 2024 +0200 iio: backend: introduce struct iio_backend_info Instead of only passing the backend ops when calling devm_iio_backend_register(), pass an info like structure that will contains the ops and additional information. Fow now, the backend name is being added as that will be used by the debugFS interface introduced in a later patch. It also opens the door for further customizations passed by backends. All users of devm_iio_backend_register() were updated accordingly. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240802-dev-iio-backend-add-debugfs-v2-1-4cb62852f0d0@analog.com Signed-off-by: Jonathan Cameron commit 958000dfa36d9bf9191af7cdab1b53ab60095100 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:43 2024 -0600 iio: adc: aspeed: Use of_property_present() Use of_property_present() to test for property presence rather than of_find_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Acked-by: Andrew Jeffery Link: https://patch.msgid.link/20240731191312.1710417-5-robh@kernel.org Signed-off-by: Jonathan Cameron commit c4b28e5699d2a789fc9464e7ce89f2a1e9d5085d Author: Kyle Swenson Date: Wed Jul 31 15:42:14 2024 +0000 net: pse-pd: tps23881: Fix the device ID check The DEVID register contains two pieces of information: the device ID in the upper nibble, and the silicon revision number in the lower nibble. The driver should work fine with any silicon revision, so let's mask that out in the device ID check. Fixes: 20e6d190ffe1 ("net: pse-pd: Add TI TPS23881 PSE controller driver") Signed-off-by: Kyle Swenson Reviewed-by: Thomas Petazzoni Acked-by: Oleksij Rempel Signed-off-by: David S. Miller commit 72c80a932074562ab4c5a6e20050997bc2f4c07d Author: Javier Carrasco Date: Thu Aug 1 08:13:51 2024 +0200 iio: adc: ad7768-1: use device_* to iterate over device child nodes Drop the manual access to the fwnode of the device to iterate over its child nodes. `device_for_each_child_node` macro provides direct access to the child nodes, and given that they are only required within the loop, the scoped variant of the macro can be used. Use the `device_for_each_child_node_scoped` macro to iterate over the direct child nodes of the device. Signed-off-by: Javier Carrasco Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240801-device_child_node_access-v1-2-ddfa21bef6f2@gmail.com Signed-off-by: Jonathan Cameron commit 1ca99efa17de319582dea5abbf57e17d4ede253a Author: Julien Stephan Date: Wed Jul 31 09:05:48 2024 +0200 docs: iio: ad7380: add support for single-ended parts The AD7380 family has some compatible single-ended chips: AD7386/7/8(-4). These single-ended chips have a 2:1 multiplexer in front of each ADC. They also include additional configuration registers that allow for either manual selection or automatic switching (sequencer mode), of the multiplexer inputs. Add a section to describe this. Signed-off-by: Julien Stephan Reviewed-by: David Lechner Link: https://patch.msgid.link/20240731-ad7380-add-single-ended-chips-v2-7-cd63bf05744c@baylibre.com Signed-off-by: Jonathan Cameron commit d4c6ff182d1b7cdbe9b8149767cc834256fb688e Author: Julien Stephan Date: Wed Jul 31 09:05:47 2024 +0200 iio: adc: ad7380: enable sequencer for single-ended parts ad7386/7/8(-4) single-ended parts have a 2:1 mux in front of each ADC. >From an IIO point of view, all inputs are exported, i.e ad7386/7/8 export 4 channels and ad7386-4/7-4/8-4 export 8 channels. First inputs of muxes correspond to the first half of IIO channels (i.e 0-1 or 0-3) and second inputs correspond to second half (i.e 2-3 or 4-7) Currently, the driver supports only sampling first half OR second half of the IIO channels. To enable sampling all channels simultaneously, these parts have an internal sequencer that automatically cycles through the mux entries. When enabled, the maximum throughput is divided by two. Moreover, the ADCs need additional settling time, so we add an extra CS toggle to correctly propagate setting, and an additional spi transfer to read the second half. Signed-off-by: Julien Stephan Reviewed-by: David Lechner Link: https://patch.msgid.link/20240731-ad7380-add-single-ended-chips-v2-6-cd63bf05744c@baylibre.com Signed-off-by: Jonathan Cameron commit ae20f31d3d47de4f0145bd8c206f9130cf3e7544 Author: Julien Stephan Date: Wed Jul 31 09:05:46 2024 +0200 iio: adc: ad7380: add support for single-ended parts Adding ad7386/7/8 (16/14/12 bits) unsigned, dual simultaneous sampling, single-ended compatible parts, and the corresponding ad7386-4/7-4/8-4 4 channels. These parts have a 2:1 multiplexer in front of each ADC. They also include additional configuration registers that allow for either manual selection or automatic switching (sequencer mode), of the multiplexer inputs. This commit focus on integrating manual selection. Sequencer mode will be implemented later. >From an IIO point of view, all inputs are exported, i.e ad7386/7/8 export 4 channels and ad7386-4/7-4/8-4 export 8 channels. Inputs AinX0 of multiplexers correspond to the first half of IIO channels (i.e 0-1 or 0-3) and inputs AinX1 correspond to second half (i.e 2-3 or 4-7). Example for AD7386/7/8 (2 channels parts): IIO | AD7386/7/8 | +---------------------------- | | _____ ______ | | | | | | voltage0 | AinA0 --|--->| | | | | | | mux |----->| ADCA |--- voltage2 | AinA1 --|--->| | | | | | |_____| |_____ | | | _____ ______ | | | | | | voltage1 | AinB0 --|--->| | | | | | | mux |----->| ADCB |--- voltage3 | AinB1 --|--->| | | | | | |_____| |______| | | | +---------------------------- When switching channel, the ADC require an additional settling time. According to the datasheet, data is valid on the third CS low. We already have an extra toggle before each read (either direct reads or buffered reads) to sample correct data, so we just add a single CS toggle at the end of the register write. Signed-off-by: Julien Stephan Reviewed-by: David Lechner Link: https://patch.msgid.link/20240731-ad7380-add-single-ended-chips-v2-5-cd63bf05744c@baylibre.com Signed-off-by: Jonathan Cameron commit d4d7e297789d718e4f47f61380b71d63f2aad6ab Author: Julien Stephan Date: Wed Jul 31 09:05:45 2024 +0200 iio: adc: ad7380: prepare driver for single-ended parts support ad738x family contains single-ended parts that have a 2:1 mux in front of ADC, so the number of IIO channels is different from the number of simultaneous channels that can be sampled. To prepare the support for single-ended parts, introduce a new num_simultaneous_channels variable. For currently supported parts, num_simultaneous_channels is equal to num_channels minus 1 (the timestamps channel) Signed-off-by: Julien Stephan Reviewed-by: David Lechner Link: https://patch.msgid.link/20240731-ad7380-add-single-ended-chips-v2-4-cd63bf05744c@baylibre.com Signed-off-by: Jonathan Cameron commit 65c89a5ac67b6551025bdea4574768db4579b979 Author: Julien Stephan Date: Wed Jul 31 09:05:44 2024 +0200 iio: adc: ad7380: add missing trailing commas Add missing trailing commas in iio_scan_type structures Signed-off-by: Julien Stephan Reviewed-by: David Lechner Link: https://patch.msgid.link/20240731-ad7380-add-single-ended-chips-v2-3-cd63bf05744c@baylibre.com Signed-off-by: Jonathan Cameron commit d092b6869817208326005df0a656e3bb9724d89f Author: Julien Stephan Date: Wed Jul 31 09:05:43 2024 +0200 iio: core: add function to retrieve active_scan_mask index Add a function to retrieve the index of the active scan mask inside the available scan masks array. As in iio_scan_mask_match and iio_sanity_check_avail_scan_masks, this function does not handle multi-long masks correctly. It only checks the first long to be zero, and will use such mask as a terminator even if there was bits set after the first long. This should be fine since the available_scan_mask has already been sanity tested using iio_sanity_check_avail_scan_masks. See iio_scan_mask_match and iio_sanity_check_avail_scan_masks for more details Signed-off-by: Julien Stephan Reviewed-by: David Lechner Link: https://patch.msgid.link/20240731-ad7380-add-single-ended-chips-v2-2-cd63bf05744c@baylibre.com Signed-off-by: Jonathan Cameron commit 2043594d64a5271f5360e35dd175f2c1d4d5bf0f Author: Julien Stephan Date: Wed Jul 31 09:05:42 2024 +0200 dt-bindings: iio: adc: ad7380: add single-ended compatible parts Adding ad7386/7/8 single-ended compatible parts, and the corresponding ad7386-4/7-4/8-4 4 channels. Acked-by: Krzysztof Kozlowski Signed-off-by: Julien Stephan Reviewed-by: David Lechner Link: https://patch.msgid.link/20240731-ad7380-add-single-ended-chips-v2-1-cd63bf05744c@baylibre.com Signed-off-by: Jonathan Cameron commit dfcc937a00a77af56c5edc15224686fab19730e5 Author: Marcelo Schmitt Date: Fri Jul 12 16:22:25 2024 -0300 Documentation: Add AD4000 documentation Reviewed-by: David Lechner Signed-off-by: Marcelo Schmitt Reviewed-by: Jonathan Cameron Tested-by: David Lechner Link: https://patch.msgid.link/aeee5fd9deccf85beadecf58c9b938b97a3aeba5.1720810545.git.marcelo.schmitt@analog.com Signed-off-by: Jonathan Cameron commit 938fd562b9743325c6dfacff441795bd8fcaa098 Author: Marcelo Schmitt Date: Fri Jul 12 16:22:14 2024 -0300 iio: adc: Add support for AD4000 Add support for AD4000 series of low noise, low power, high speed, successive approximation register (SAR) ADCs. Reviewed-by: Nuno Sa Reviewed-by: David Lechner Signed-off-by: Marcelo Schmitt Link: https://patch.msgid.link/356109ac61182f16f2379d5d0cadccfe017f505b.1720810545.git.marcelo.schmitt@analog.com Signed-off-by: Jonathan Cameron commit b71fdd65cad331c0d10fe1b529bbb830a4dd8eb0 Merge: 6140a92cd086e5 96472f18a4affd Author: Jonathan Cameron Date: Sat Aug 3 10:52:08 2024 +0100 Merge tag 'spi-mosi-config' into togreg spi: Support MOSI idle configuration Add support for configuring the idle state of the MOSI signal in controllers. commit 6140a92cd086e53e9a6cd7fcea644fd3f9b8fe25 Author: Antoniu Miclaus Date: Mon Jul 29 12:50:44 2024 +0300 iio: frequency: adf4377: add adf4378 support Add separate handling for adf4378 within the driver. The main difference between adf4377 and adf4378 is that adf4378 has only one output which is handled by only one gpio. Signed-off-by: Antoniu Miclaus Link: https://patch.msgid.link/20240729095047.25040-3-antoniu.miclaus@analog.com Signed-off-by: Jonathan Cameron commit 87bcd0f949e33faeaaba6351db594c2feb6f2f00 Author: Antoniu Miclaus Date: Mon Jul 29 12:50:43 2024 +0300 dt-bindings: iio: adf4377: add adf4378 support The adf4378 provides only one output channel. Therefore there is only one gpio available to enable the output. Reflect that into the bindings using property conditions. Add product link for the adf4378. Signed-off-by: Antoniu Miclaus Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240729095047.25040-2-antoniu.miclaus@analog.com Signed-off-by: Jonathan Cameron commit f38d4650b505d8cbe292e6a98b8653622a22ac2c Author: Kaustabh Chakraborty Date: Sat Jul 27 00:23:33 2024 +0530 dt-bindings: iio: light: stk33xx: add compatible for stk3013 STK3013 is a proximity sensor by Sensortek, bearing chipid of 0x31. Despite being marketed as a proximity sensor, it also appears to have ambient light sensing capabilities. The part is fully compatible with the existing implementation of the device driver. Add the compatible string of stk3013 to the existing list, with a fallback of stk3310. Signed-off-by: Kaustabh Chakraborty Acked-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240727-stk3310-v4-3-02497b1407ba@disroot.org Signed-off-by: Jonathan Cameron commit a50f537002096016f7b0e997bbf76d6d4a0947e1 Author: Kaustabh Chakraborty Date: Sat Jul 27 00:23:32 2024 +0530 iio: light: stk3310: add support for stk3013 Add support for Sensortek's STK3013 in the driver. The part bears the product ID 0x31. As seen in [1], Sensortek lists STK3013 as a proximity sensor. But it has been experimentally observed that they do have ambient light sensing capabilities. Furthermore, [2] implements a proximity and ambient light sensor driver for STK3x1x devices, which is also indicative of the fact that these parts are also ambient light sensors. [1] https://www.sensortek.com.tw/index.php/en/products/optical-sensor/ [2] https://android.googlesource.com/kernel/msm.git/+/e6dfa4641d88201e8019be19ff557e5d2cf4572f Signed-off-by: Kaustabh Chakraborty Link: https://patch.msgid.link/20240727-stk3310-v4-2-02497b1407ba@disroot.org Signed-off-by: Jonathan Cameron commit b3508a2ba521c3bf51a58eeda125370d44364452 Author: Kaustabh Chakraborty Date: Sat Jul 27 00:23:31 2024 +0530 iio: light: stk3310: relax chipid check warning In order to allow newer devices which are compatible with existing sensors, issuing a warning for an unknown chipid indicates that something has gone wrong with the init process, which isn't ideal. Swap it with a friendlier info message to get things right. Suggested-by: Conor Dooley Signed-off-by: Kaustabh Chakraborty Link: https://patch.msgid.link/20240727-stk3310-v4-1-02497b1407ba@disroot.org Signed-off-by: Jonathan Cameron commit 02e0a02c5685dfe6a4bf6aac65759039a61bbd85 Author: David Lechner Date: Thu Jul 25 14:22:51 2024 -0500 iio: adc: ti-tsc2046: use devm_regulator_get_enable_read_voltage() Use devm_regulator_get_enable_read_voltage() to replace tsc2046_adc_configure_regulator() which does the same thing. Signed-off-by: David Lechner Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240725-iio-regulator-refactor-round-4-v1-1-55e9dc1de325@baylibre.com Signed-off-by: Jonathan Cameron commit f7578fd46789a4dd45e077e86a7b71159f9a7aa6 Author: Petar Stoykov Date: Thu Jul 25 17:37:29 2024 +0200 MAINTAINERS: Add Sensirion SDP500 Add myself as a maintainer for Sensirion SDP500 pressure sensor driver Signed-off-by: Petar Stoykov Link: https://patch.msgid.link/20240725-mainline_sdp500-v4-3-ea2f5b189958@gmail.com Signed-off-by: Jonathan Cameron commit 6ddb86d93cc08c00eccc1a14980f7260e4fbe2bc Author: Petar Stoykov Date: Thu Jul 25 17:37:28 2024 +0200 iio: pressure: Add driver for Sensirion SDP500 Sensirion SDP500 is a digital differential pressure sensor. The sensor is accessed over I2C. Signed-off-by: Petar Stoykov Link: https://patch.msgid.link/20240725-mainline_sdp500-v4-2-ea2f5b189958@gmail.com Signed-off-by: Jonathan Cameron commit 0302c9dc7eb858fc0e8def17e1c3e02b62e80c42 Author: Petar Stoykov Date: Thu Jul 25 17:37:27 2024 +0200 dt-bindings: iio: pressure: Add Sensirion SDP500 Sensirion SDP500 is a digital differential pressure sensor. It provides a digital I2C output. Add devicetree bindings requiring the compatible string and I2C slave address (reg). Signed-off-by: Petar Stoykov Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240725-mainline_sdp500-v4-1-ea2f5b189958@gmail.com Signed-off-by: Jonathan Cameron commit 371f778b83cd94467852efb466d74dc84eddd11e Author: Matteo Martelli Date: Wed Jul 24 11:08:33 2024 +0200 iio: adc: add support for pac1921 Add support for Microchip PAC1921 Power/Current monitor. Implemented features: * capture of bus voltage, sense voltage, current and power measurements in free-run integration mode * support for both raw and triggered buffer reading * support for overflow events * scale attributes to control voltage and current gains * oversampling ratio attribute to control the number of integration samples * sampling rate attribute that reflects the integration period * userspace attribute and DT parameter to control shunt resistor * simple power management support Limitations: * operation mode fixed to free-run integration * READ/INT pin and OUT pin not supported * no controls for measurement resolutions and filters Signed-off-by: Matteo Martelli Link: https://patch.msgid.link/20240724-iio-pac1921-v4-3-723698e903a3@gmail.com Signed-off-by: Jonathan Cameron commit e5535ccf44040f05c3926468182ded7954d64cf7 Author: Matteo Martelli Date: Wed Jul 24 11:08:31 2024 +0200 dt-bindings: iio: adc: add binding for pac1921 Add binging for Microchip PAC1921 Power/Current monitor Reviewed-by: Rob Herring (Arm) Reviewed-by: Conor Dooley Signed-off-by: Matteo Martelli Link: https://patch.msgid.link/20240724-iio-pac1921-v4-1-723698e903a3@gmail.com Signed-off-by: Jonathan Cameron commit cc18b7fe70482df79fbbd99a8abc52247493529a Author: Vasileios Amoiridis Date: Fri Jul 26 01:18:18 2024 +0200 chemical: bme680: Convert to static the const lookup table By converting it to static, we ensure that this will be placed by the compiler in the read-only area. Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240725231818.615530-1-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 8cfb75d78af303b3c4370f1a5ac10d5562caa4e6 Author: Nuno Sa Date: Fri Jul 26 13:31:15 2024 +0200 iio: buffer-dma: Move exports into IIO_DMA_BUFFER namespace Avoid unnecessary pollution of the global symbol namespace and move global APIs into a specific namespace. Import that into the places that use them Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-dma-buf-mod-namespace-v1-1-8877cfe7f68e@analog.com Signed-off-by: Jonathan Cameron commit 8293a60cb5d14638bdca48b2d5aff0e39ef6212b Author: David Lechner Date: Tue Jul 23 13:59:50 2024 -0500 iio: adc: mcp3564: use devm_regulator_get_enable_read_voltage() This makes use of the new devm_regulator_get_enable_read_voltage() helper function to reduce boilerplate code in the MCP3564 ADC driver. The error message is slightly changed since there are fewer error return paths. Setting adc->vref_mv is consolidated into a single place to make the logic easier to follow. A use_internal_vref_attr local variable is added to make it more obvious what the difference between the two iio info structures is. The return value of the "Unknown Vref" dev_err_probe() is hard-coded to -ENODEV instead of ret since it was getting a bit far from where ret was set and logically that is the only value it could have. Signed-off-by: David Lechner Reviewed-by: Marius Cristea Link: https://patch.msgid.link/20240723-iio-regulator-refactor-round-3-v2-1-ae9291201785@baylibre.com Signed-off-by: Jonathan Cameron commit f44e94afbb340be90100f8a172ebb14a9e717c8b Author: Nuno Sa Date: Fri Jul 26 10:23:15 2024 +0200 iio: core: annotate masklength as __private Now that all users are using the proper accessors, we can mark masklength as __private so that no one tries to write. We also get help from checkers in warning us in case someone does it. To access the private field from IIO core code, we need to use the ACCESS_PRIVATE() macro. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-23-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit a71cfa4c7783798d62b90143d14159470f5304d0 Author: Nuno Sa Date: Fri Jul 26 10:23:14 2024 +0200 staging: iio: impedance-analyzer: ad5933: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-22-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit 7f60037ab03437d68c1b7f45aa40d28b979a15a1 Author: Nuno Sa Date: Fri Jul 26 10:23:13 2024 +0200 iio: common: cros_ec_sensors_core: use new '.masklength' accessors Make use of iio_get_masklength) and iio_for_each_active_channel() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-21-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit e7fb17a3d2e06291bc9b020a663834f961ea4a38 Author: Nuno Sa Date: Fri Jul 26 10:23:12 2024 +0200 iio: adc: xilinx-xadc-core: use new '.masklength' accessors Make use of iio_get_masklength) and iio_for_each_active_channel() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-20-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit bc76efb602c0f203c7ac9e339b32b969e87fa6f9 Author: Nuno Sa Date: Fri Jul 26 10:23:11 2024 +0200 iio: adc: vf610_adc: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-19-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit a2e77e7ecc4f1e928bc2995c673ba7a3cb6f30e5 Author: Nuno Sa Date: Fri Jul 26 10:23:10 2024 +0200 iio: adc: ti-ads8688: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-18-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit f26c5f9d5ba00d9b9f70aa3376e410039596bdb9 Author: Nuno Sa Date: Fri Jul 26 10:23:09 2024 +0200 iio: adc: ti-ads131e08: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-17-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit 2059ffb636191c15b07ded787aef457d69bf2947 Author: Nuno Sa Date: Fri Jul 26 10:23:08 2024 +0200 iio: adc: ti-ads124s08: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-16-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit 4fe37abdbccf45ea73d01b0b43482361a7635b94 Author: Nuno Sa Date: Fri Jul 26 10:23:07 2024 +0200 iio: adc: ti-adc12138: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-15-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit 368ffe2ec584e537c089da1bfd27dbdfc5f38194 Author: Nuno Sa Date: Fri Jul 26 10:23:06 2024 +0200 iio: adc: ti-ads1298: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-14-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit 68a48321b4409d0e4b91d560d921c26cd7aacb74 Author: Nuno Sa Date: Fri Jul 26 10:23:05 2024 +0200 iio: adc: ti-ads1119: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: João Paulo Gonçalves Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-13-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit 5149e03841faebdcb0762d25dcbe5910568d15ca Author: Nuno Sa Date: Fri Jul 26 10:23:04 2024 +0200 iio: adc: ti-ads1015: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-12-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit b64fc881e4a5aaa56f9fbfa5f3d97e2a2fd13d93 Author: Nuno Sa Date: Fri Jul 26 10:23:03 2024 +0200 iio: adc: ti-adc084s021: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-11-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit a08917ca16c11c68b308ab31951a70654727be13 Author: Nuno Sa Date: Fri Jul 26 10:23:02 2024 +0200 iio: adc: ti-adc0832: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-10-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit 25bad542085811d4107ea6ea36e36b34e1ec8d10 Author: Nuno Sa Date: Fri Jul 26 10:23:01 2024 +0200 iio: adc: stm32-dfsdm-adc: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-9-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit 07b1088762de12d7d5109a21513f6677bafe567c Author: Nuno Sa Date: Fri Jul 26 10:23:00 2024 +0200 iio: adc: stm32-adc: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-8-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit a4b99bff9234d68a472fe42a268ab9b5eb8e9a0a Author: Nuno Sa Date: Fri Jul 26 10:22:59 2024 +0200 iio: adc: rtq6056: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-7-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit 10616c3c74ae04f4fb4a696da541c3774238e376 Author: Nuno Sa Date: Fri Jul 26 10:22:58 2024 +0200 iio: adc: rockchip_saradc: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Acked-by: Heiko Stuebner Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-6-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit cef031729bc58c8fd0721b4714b11fff256586a1 Author: Nuno Sa Date: Fri Jul 26 10:22:57 2024 +0200 iio: adc: mt6360-adc: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: AngeloGioacchino Del Regno Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-5-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit 57783d696352d9ba874f0e24bee57a2fc7289e20 Author: Nuno Sa Date: Fri Jul 26 10:22:56 2024 +0200 iio: adc: mcp3911: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-4-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit ac9641f4787f04f846337f21cffe609ebae11330 Author: Nuno Sa Date: Fri Jul 26 10:22:55 2024 +0200 iio: adc: max1118: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-3-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit d61a4b3529bb9ad9d9ea2ea36bb14240bef1039d Author: Nuno Sa Date: Fri Jul 26 10:22:54 2024 +0200 iio: adc: max1118: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-2-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit c6e4112c93a1bae269da55523dda329ba7c55299 Author: Nuno Sa Date: Fri Jul 26 10:22:53 2024 +0200 iio: accel: adxl380: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240726-dev-iio-masklength-private3-v1-1-82913fc0fb87@analog.com Signed-off-by: Jonathan Cameron commit 2477d7b179d3295c9978420027750f047976bd04 Author: David Lechner Date: Fri Jul 26 15:18:40 2024 -0500 iio: backend: spelling: continuous -> continuous This fixes the spelling in IIO_BACKEND_INTERNAL_CONTINUOUS_WAVE. Signed-off-by: David Lechner Link: https://patch.msgid.link/20240726-iio-backend-spelling-continuous-v1-1-467c6e3f78ff@baylibre.com Signed-off-by: Jonathan Cameron commit d3abae8c1ea4a0400ada15bd7d144e2284040a8d Author: Matteo Martelli Date: Mon Jul 22 12:03:19 2024 +0200 iio: ABI: generalize shunt_resistor attribute Move ABI documentation for custom shunt resistor attributes into the generic iio documentation file. Exception for pac1934: leave it untouched since it does not comply with common iio ABI generalization. Signed-off-by: Matteo Martelli Link: https://patch.msgid.link/20240722-iio-pac1921-v3-2-05dc9916cb33@gmail.com Signed-off-by: Jonathan Cameron commit 1bba03b799d620cb7ed6bd10a8a8f33ccf4e6853 Author: Colin Ian King Date: Mon Jul 22 16:17:38 2024 +0100 iio: pressure: bmp280-core: Make read-only const array conversion_time_max static Don't populate the read-only array conversion_time_max on the stack at run time, instead make it static. Signed-off-by: Colin Ian King Link: https://patch.msgid.link/20240722151738.572913-1-colin.i.king@gmail.com Signed-off-by: Jonathan Cameron commit eab35358aae705b779a7c8b405474d1290175196 Author: Mudit Sharma Date: Thu Jul 18 23:02:06 2024 +0100 iio: light: ROHM BH1745 colour sensor Add support for BH1745, which is an I2C colour sensor with red, green, blue and clear channels. It has a programmable active low interrupt pin. Interrupt occurs when the signal from the selected interrupt source channel crosses set interrupt threshold high or low level. Interrupt source for the device can be configured by enabling the corresponding event. Interrupt latch is always enabled when setting up interrupt. Add myself as the maintainer for this driver in MAINTAINERS. Signed-off-by: Mudit Sharma Reviewed-by: Ivan Orlov Reviewed-by: Javier Carrasco Link: https://patch.msgid.link/20240718220208.331942-2-muditsharma.info@gmail.com Signed-off-by: Jonathan Cameron commit 876af455f242c58db65f8e3227122c6ce6e6507b Author: Mudit Sharma Date: Thu Jul 18 23:02:05 2024 +0100 dt-bindings: iio: light: ROHM BH1745 Add ROHM BH1745 - 4 channel I2C colour sensor's dt-bindings. Signed-off-by: Mudit Sharma Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240718220208.331942-1-muditsharma.info@gmail.com Signed-off-by: Jonathan Cameron commit 6dd42bb7735ca359755c454812b03a4e14571a89 Author: Nuno Sa Date: Thu Jul 18 15:38:08 2024 +0200 iio: proximity: sx_common: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-22-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit e46d71a89510e6d43f4800ae0671e89fd33bfbb0 Author: Nuno Sa Date: Thu Jul 18 15:38:07 2024 +0200 iio: proximity: sx9500: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-21-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit d05f4f6317b29ac97a2fec6b56c7e896b8e204b0 Author: Nuno Sa Date: Thu Jul 18 15:38:06 2024 +0200 iio: proximity: hx9023s: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-20-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit a457f968d2fdb989ece9866490b880b5949d5c12 Author: Nuno Sa Date: Thu Jul 18 15:38:05 2024 +0200 iio: pressure: dlhl60d: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-19-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit 130bdf8293c6b22b3ad1fdbfbd2da70f756de51f Author: Nuno Sa Date: Thu Jul 18 15:38:04 2024 +0200 iio: magnetometer: rm3100-core: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-18-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit 0718d52bb082770421ec9094e45178d219658376 Author: Nuno Sa Date: Thu Jul 18 15:38:03 2024 +0200 iio: light: tcs3472: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-17-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit f8d6c31d4717a43cb63564eed5c6a7a07fa63f77 Author: Nuno Sa Date: Thu Jul 18 15:38:02 2024 +0200 iio: light: tcs3414: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-16-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit 72c399838b2e9fed9856ee9c52375f628310dab9 Author: Nuno Sa Date: Thu Jul 18 15:38:01 2024 +0200 iio: light: si1145: use new '.masklength' accessors Make use of iio_get_masklength) and iio_for_each_active_channel() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-15-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit 4ab4d09e871746411e05e67e6cedd029c3b0083c Author: Nuno Sa Date: Thu Jul 18 15:38:00 2024 +0200 iio: light: isl29125: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-14-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit 327f46fe1282b378fe1d6e10e24a0e20160a2df0 Author: Nuno Sa Date: Thu Jul 18 15:37:59 2024 +0200 iio: light: gp2ap020a00f: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-13-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit f801ab1a3f7efddf5e11e760dcc3af75c8791a5c Author: Nuno Sa Date: Thu Jul 18 15:37:58 2024 +0200 iio: light: adjd_s311: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-12-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit fe90232d3999c77c8a577b8f2ada09b63adcbcfc Author: Nuno Sa Date: Thu Jul 18 15:37:57 2024 +0200 iio: imu: kmx61: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-11-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit eec662e3742bac6c9d93f271853dbb415bea7e15 Author: Nuno Sa Date: Thu Jul 18 15:37:56 2024 +0200 iio: imu: bno055: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-10-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit 39a1e2f38ea4b475277c72735a85c324c81cafd8 Author: Nuno Sa Date: Thu Jul 18 15:37:55 2024 +0200 iio: imu: bmi160_core: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-9-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit 72933488a2b87de6558f754792f71109e266653c Author: Nuno Sa Date: Thu Jul 18 15:37:54 2024 +0200 iio: humidity: am2315: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-8-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit 6bf392f2968bd0dfe903540f2c7c06c0231c8ba0 Author: Nuno Sa Date: Thu Jul 18 15:37:53 2024 +0200 iio: health: afe4404: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-7-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit 4ae1ebaabc27881c3a314e2356c9568a1433a502 Author: Nuno Sa Date: Thu Jul 18 15:37:52 2024 +0200 iio: health: max30102: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-6-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit b7890c7b632cad2028c6f4d69ae15642d22ae972 Author: Nuno Sa Date: Thu Jul 18 15:37:51 2024 +0200 iio: health: afe4403: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-5-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit 05552370dd3f3a67147fbcec612c1fdd36370772 Author: Nuno Sa Date: Thu Jul 18 15:37:50 2024 +0200 iio: dummy: iio_simple_dummy_buffer: use iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-4-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit d83b1961de126fdb3cf5124157acd6e43fc5442c Author: Nuno Sa Date: Thu Jul 18 15:37:49 2024 +0200 iio: adc: hx711: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-3-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit b59776720fa9cf234920eb4bdf9b9c9fc1492293 Author: Nuno Sa Date: Thu Jul 18 15:37:48 2024 +0200 iio: adc: dln2-adc: use new '.masklength' accessors Make use of iio_get_masklength) and iio_for_each_active_channel() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-2-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit 6d4e5ffb3c4b58b2764f800c0b99b999f1829fba Author: Nuno Sa Date: Thu Jul 18 15:37:47 2024 +0200 iio: adc: cc10001_adc: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240718-dev-iio-masklength-private2-v1-1-8e12cd042906@analog.com Signed-off-by: Jonathan Cameron commit 4718638155412623e090b0cee1385b87da3fc449 Author: Alisa-Dariana Roman Date: Thu Jul 18 00:25:35 2024 +0300 iio: adc: ad7192: Add clock provider Internal clock of AD719X devices can be made available on MCLK2 pin. Add clock provider to support this functionality when clock cells property is present. Signed-off-by: Alisa-Dariana Roman Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240717212535.8348-5-alisa.roman@analog.com Signed-off-by: Jonathan Cameron commit 8524782ee7c7f03030572c38076b35f5a2165838 Author: Alisa-Dariana Roman Date: Thu Jul 18 00:25:34 2024 +0300 dt-bindings: iio: adc: ad7192: Add clock provider Internal clock of AD719X devices can be made available on MCLK2 pin. Add clock provider to support this functionality when clock cells property is present. The clock source can be either provided externally or the internal clock is used. Pair of clocks and clock-names property is mutally exclusive with #clock-cells property. Modify second example to showcase the mode where internal clock is used. Signed-off-by: Alisa-Dariana Roman Acked-by: Conor Dooley Link: https://patch.msgid.link/20240717212535.8348-4-alisa.roman@analog.com Signed-off-by: Jonathan Cameron commit 51b6a716890750187ed7da8138cbb296f9141457 Author: Alisa-Dariana Roman Date: Thu Jul 18 00:25:33 2024 +0300 iio: adc: ad7192: Update clock config There are actually 4 configuration modes of clock source for AD719X devices. Either a crystal can be attached externally between MCLK1 and MCLK2 pins, or an external CMOS-compatible clock can drive the MCLK2 pin. The other 2 modes make use of the 4.92MHz internal clock. Undocumented properties adi,int-clock-output-enable and adi,clock-xtal still supported for backward compatibility, but their use is highly discouraged. Use cleaner alternative of configuring external clock by using clock names mclk and xtal. Functionality of AD7192_CLK_INT_CO will be implemented in complementary patch by adding clock provider. Signed-off-by: Alisa-Dariana Roman Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240717212535.8348-3-alisa.roman@analog.com Signed-off-by: Jonathan Cameron commit fe2e79695967297d022543c1a8df3c7c9cf62266 Author: Alisa-Dariana Roman Date: Thu Jul 18 00:25:32 2024 +0300 dt-bindings: iio: adc: ad7192: Update clock config There are actually 4 configuration modes of clock source for AD719X devices. Either a crystal can be attached externally between MCLK1 and MCLK2 pins, or an external CMOS-compatible clock can drive the MCLK2 pin. The other 2 modes make use of the 4.92MHz internal clock. To configure external clock as either a crystal or a CMOS-compatible clock, changing the register settings is necessary. Therefore, add clock name xtal alongside mclk. By selecting one or the other, the register is configured. The presence of an external clock source is optional, not required. When both clocks and clock-names properties are present, an external clock source is used. If the intention is to use the internal clock, both properties should be absent. Modify required properties accordingly. Signed-off-by: Alisa-Dariana Roman Reviewed-by: Conor Dooley Link: https://patch.msgid.link/20240717212535.8348-2-alisa.roman@analog.com Signed-off-by: Jonathan Cameron commit 53b53377d65eb3ef074eeab97e9144bdacbcad0f Author: Rayyan Ansari Date: Tue Jul 16 14:25:09 2024 +0100 dt-bindings: iio: magnetometer: bmc150: Document mount-matrix Document the mount-matrix property, which is used in device trees such as msm8916-samsung-fortuna-common.dtsi, and supported by the driver. Signed-off-by: Rayyan Ansari Acked-by: Conor Dooley Link: https://patch.msgid.link/20240716132512.80337-1-rayyan.ansari@linaro.org Signed-off-by: Jonathan Cameron commit 025f23cfebad59354725cc43b680f44476dabc00 Author: Marek Vasut Date: Mon Jul 15 20:28:59 2024 +0200 iio: light: noa1305: Make integration time configurable Add another attribute which is the integration time. Report available integration time settings, support read of integration time currently configured in hardware, and support configuration of integration time into hardware. Signed-off-by: Marek Vasut Link: https://patch.msgid.link/20240715183120.143417-5-marex@denx.de Signed-off-by: Jonathan Cameron commit 98077d34d05b4c8a7263ad9bf0b1677e19499c31 Author: Marek Vasut Date: Mon Jul 15 20:28:58 2024 +0200 iio: light: noa1305: Report available scale values Make use of the new static table of scale values and expose available scale values via sysfs attribute of the IIO device. Signed-off-by: Marek Vasut Link: https://patch.msgid.link/20240715183120.143417-4-marex@denx.de Signed-off-by: Jonathan Cameron commit 968a3bed1c96baa4e701de308fc1f78a9515ba0c Author: Marek Vasut Date: Mon Jul 15 20:28:57 2024 +0200 iio: light: noa1305: Use static table lookup of scale values Move scale values into a static table, perform look up of those scale values in noa1305_scale() simply by using the integration time register content as an index, because the integration time register content directly maps to the table values. Signed-off-by: Marek Vasut Link: https://patch.msgid.link/20240715183120.143417-3-marex@denx.de Signed-off-by: Jonathan Cameron commit dde56b6db4d40e6d5017fbb94a5a2d973208800f Author: Marek Vasut Date: Mon Jul 15 20:28:56 2024 +0200 iio: light: noa1305: Assign val in noa1305_measure() Make noa1305_measure() behave similar to noa1305_scale(), make it assign the 'val' output variable on success and return IIO_VAL_INT. This further simplifies noa1305_read_raw() and allows removal of ret variable altogether. Signed-off-by: Marek Vasut Link: https://patch.msgid.link/20240715183120.143417-2-marex@denx.de Signed-off-by: Jonathan Cameron commit 0cef1c3232e7b4e584e1f098f0eac63525128e59 Author: Marek Vasut Date: Mon Jul 15 20:28:55 2024 +0200 iio: light: noa1305: Simplify noa1305_read_raw() The only channel this hardware supports is IIO_LIGHT, if the channel is anything else, exit right away. The 'ret' variable is now always only assigned by noa1305_measure(), do not initialize it anymore. Update function parameter indent. No functional change. Signed-off-by: Marek Vasut Link: https://patch.msgid.link/20240715183120.143417-1-marex@denx.de Signed-off-by: Jonathan Cameron commit d5cbe1502043124ff8af8136b80f93758c4a61e0 Author: Rayyan Ansari Date: Sun Jul 14 18:33:04 2024 +0100 iio: accel: kxcjk-1013: Add support for KX022-1020 Add compatible for the KX022-1020 accelerometer [1] using the KX022-1023 [2] register map as both have an identical i2c interface. [1]: https://kionixfs.azureedge.net/en/datasheet/KX022-1020%20Specifications%20Rev%2012.0.pdf [2]: https://kionixfs.azureedge.net/en/datasheet/KX023-1025%20Specifications%20Rev%2012.0.pdf Signed-off-by: Rayyan Ansari Reviewed-by: Hans de Goede Link: https://patch.msgid.link/20240714173431.54332-3-rayyan@ansari.sh Signed-off-by: Jonathan Cameron commit fc1bc5e07154c6139a736c162ca8671cc6e15f94 Author: Rayyan Ansari Date: Sun Jul 14 18:33:03 2024 +0100 dt-bindings: iio: kionix,kxcjk1013: Document KX022-1020 Document the KX022-1020 accelerometer, which has the same register layout as the KX023-1025 and so can use the same driver. Signed-off-by: Rayyan Ansari Acked-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240714173431.54332-2-rayyan@ansari.sh Signed-off-by: Jonathan Cameron commit 26560d94d1f8bf40a83259a509835da70d6108d3 Author: David Lechner Date: Fri Jul 12 11:03:57 2024 -0500 iio: adc: mcp3911: use devm_regulator_get_enable_read_voltage() This makes use of the new devm_regulator_get_enable_read_voltage() helper function to reduce boilerplate code in the MCP3911 ADC driver. The error message is slightly changed since there are fewer error return paths. An extra parameter is added to the config callback to avoid adding state that is not used outside of the probe() function. Signed-off-by: David Lechner Reviewed-by: Marcus Folkesson Link: https://patch.msgid.link/20240712-iio-regulator-refactor-round-3-v1-6-835017bae43d@baylibre.com Signed-off-by: Jonathan Cameron commit f2e3fbc4443959c966a60519eef04178715dec74 Author: David Lechner Date: Fri Jul 12 11:03:55 2024 -0500 iio: dac: mcp4922: drop remove() callback By using devm_iio_device_register(), we can drop the remove() callback in the mcp4922 driver. We can also remove spi_set_drvdata() since there are no more callers of spi_get_drvdata(). Also use dev_err_probe() while we are at it. Signed-off-by: David Lechner Link: https://patch.msgid.link/20240712-iio-regulator-refactor-round-3-v1-4-835017bae43d@baylibre.com Signed-off-by: Jonathan Cameron commit ba2b35841ce9b0cdba125c7f16fb15416258040b Author: David Lechner Date: Fri Jul 12 11:03:54 2024 -0500 iio: dac: mcp4922: use devm_regulator_get_enable_read_voltage() This makes use of the new devm_regulator_get_enable_read_voltage() helper function to reduce boilerplate code in the MCP4922 DAC driver. The error message is slightly different because there is only one error return path now. Signed-off-by: David Lechner Link: https://patch.msgid.link/20240712-iio-regulator-refactor-round-3-v1-3-835017bae43d@baylibre.com Signed-off-by: Jonathan Cameron commit 475da4ee1494eaa70075571b74431c86a20fac23 Author: David Lechner Date: Fri Jul 12 11:03:53 2024 -0500 iio: dac: mcp4728: use devm_regulator_get_enable_read_voltage() This makes use of the new devm_regulator_get_enable_read_voltage() helper function to reduce boilerplate code in the MCP4728 DAC driver. Signed-off-by: David Lechner Link: https://patch.msgid.link/20240712-iio-regulator-refactor-round-3-v1-2-835017bae43d@baylibre.com Signed-off-by: Jonathan Cameron commit ae40596980dd108506e0c4889b99eb5dbfc7dd86 Author: David Lechner Date: Fri Jul 12 11:03:52 2024 -0500 iio: dac: mcp4728: rename err to ret in probe function To prepare for using a function that returns a non-error value, rename the variable 'err' to 'ret' in the probe function. Signed-off-by: David Lechner Link: https://patch.msgid.link/20240712-iio-regulator-refactor-round-3-v1-1-835017bae43d@baylibre.com Signed-off-by: Jonathan Cameron commit 248670153124a5f5af9ecfa93957ba455528db12 Author: Vasileios Amoiridis Date: Thu Jul 11 23:15:51 2024 +0200 iio: pressure: bmp280: Sort headers alphabetically Sort headers in alphabetical order Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240711211558.106327-4-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 262a6634bcc4f0c1c53d13aa89882909f281a6aa Author: Vasileios Amoiridis Date: Thu Jul 11 23:15:50 2024 +0200 iio: pressure: bmp280: Fix waiting time for BMP3xx configuration According to the datasheet, both pressure and temperature can go up to oversampling x32. With this option, the maximum measurement time is not 80ms (this is for press x32 and temp x2), but it is 130ms nominal (calculated from table 3.9.2) and since most of the maximum values are around +15%, it is configured to 150ms. Fixes: 8d329309184d ("iio: pressure: bmp280: Add support for BMP380 sensor family") Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240711211558.106327-3-vassilisamir@gmail.com Cc: Signed-off-by: Jonathan Cameron commit b9065b0250e1705935445ede0a18c1850afe7b75 Author: Vasileios Amoiridis Date: Thu Jul 11 23:15:49 2024 +0200 iio: pressure: bmp280: Fix regmap for BMP280 device Up to now, the BMP280 device is using the regmap of the BME280 which has registers that exist only in the BME280 device. Fixes: 14e8015f8569 ("iio: pressure: bmp280: split driver in logical parts") Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240711211558.106327-2-vassilisamir@gmail.com Cc: Signed-off-by: Jonathan Cameron commit 316c957feea4353b890868ab8be0678ac59df118 Author: David Lechner Date: Thu Jul 11 14:15:43 2024 -0500 Documentation: iio: Document ad4695 driver The Analog Devices Inc. AD4695 (and similar chips) are complex ADCs that will benefit from a detailed driver documentation. This documents the current features supported by the driver. Signed-off-by: David Lechner Signed-off-by: Jonathan Cameron commit 0277f93e844a74be27dbf195764fa2d61c1f45d0 Author: David Lechner Date: Thu Jul 11 14:15:42 2024 -0500 iio: adc: ad4695: Add driver for AD4695 and similar ADCs This is a new driver for Analog Devices Inc. AD4695 and similar ADCs. The initial driver supports initializing the chip including configuring all possible LDO and reference voltage sources as well as any possible voltage input channel wiring configuration. Only the 4-wire SPI wiring mode where the CNV pin is tied to the CS pin is supported at this time. And reading sample data from the ADC can only be done in direct mode for now. Co-developed-by: Ramona Gradinariu Signed-off-by: Ramona Gradinariu Signed-off-by: David Lechner Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240711-iio-adc-ad4695-v4-2-c31621113b57@baylibre.com Signed-off-by: Jonathan Cameron commit b40cafc1143600122719ae335359722538ed06e3 Author: David Lechner Date: Thu Jul 11 14:15:41 2024 -0500 dt-bindings: iio: adc: add AD4695 and similar ADCs Add device tree bindings for AD4695 and similar ADCs. Reviewed-by: Conor Dooley Signed-off-by: David Lechner Link: https://patch.msgid.link/20240711-iio-adc-ad4695-v4-0-c31621113b57@baylibre.com Signed-off-by: Jonathan Cameron commit 7b00bb6fd67495f7fe7d9817ee002c12ecf5a4be Author: Thorsten Blum Date: Thu Jul 11 15:45:03 2024 +0200 iio: common: scmi_iio: Remove unnecessary u64 type cast The variable uHz already has the type u64 and casting it to u64 is unnecessary. Remove the redundant type cast. Signed-off-by: Thorsten Blum Link: https://patch.msgid.link/20240711134502.168484-1-thorsten.blum@toblux.com Signed-off-by: Jonathan Cameron commit 4cc2fc445d2e4e63ed6bd5d310752d88d365f8e4 Author: Kim Seer Paller Date: Thu Jul 18 13:18:34 2024 +0800 iio: dac: ltc2664: Add driver for LTC2664 and LTC2672 LTC2664 4 channel, 12-/16-Bit Voltage Output SoftSpan DAC LTC2672 5 channel, 12-/16-Bit Current Output Softspan DAC Reviewed-by: Nuno Sa Co-developed-by: Michael Hennerich Signed-off-by: Michael Hennerich Signed-off-by: Kim Seer Paller Reviewed-by: Conor Dooley Link: https://patch.msgid.link/20240718051834.32270-7-kimseer.paller@analog.com Signed-off-by: Jonathan Cameron commit dd554d1a72c68b0b1ed5ab5d7a85641cebc34dea Author: Kim Seer Paller Date: Thu Jul 18 13:18:33 2024 +0800 dt-bindings: iio: dac: Add adi,ltc2672.yaml Add documentation for ltc2672. Reviewed-by: Conor Dooley Co-developed-by: Michael Hennerich Signed-off-by: Michael Hennerich Signed-off-by: Kim Seer Paller Link: https://patch.msgid.link/20240718051834.32270-6-kimseer.paller@analog.com Signed-off-by: Jonathan Cameron commit 2f472da99574b375f80bf3df75e4eca2f454b5f1 Author: Kim Seer Paller Date: Thu Jul 18 13:18:32 2024 +0800 dt-bindings: iio: dac: Add adi,ltc2664.yaml Add documentation for ltc2664. Reviewed-by: Conor Dooley Co-developed-by: Michael Hennerich Signed-off-by: Michael Hennerich Signed-off-by: Kim Seer Paller Link: https://patch.msgid.link/20240718051834.32270-5-kimseer.paller@analog.com Signed-off-by: Jonathan Cameron commit cfe76601f65650a8099b24da2faf771dac4850a3 Author: Kim Seer Paller Date: Thu Jul 18 13:18:31 2024 +0800 dt-bindings: iio: dac: Generalize DAC common properties Introduce a generalized DAC binding that can be used by DACs that have similar properties adding output-range-microamp and output-range-microvolt. Reviewed-by: Conor Dooley Signed-off-by: Kim Seer Paller Link: https://patch.msgid.link/20240718051834.32270-4-kimseer.paller@analog.com Signed-off-by: Jonathan Cameron commit 404cb1bcefa31cb8c6a768411dbc3ad12838600e Author: Kim Seer Paller Date: Thu Jul 18 13:18:30 2024 +0800 iio: ABI: add DAC 42kohm_to_gnd powerdown mode Add a new powerdown mode for DACs with 42kohm resistor to GND. Signed-off-by: Kim Seer Paller Link: https://patch.msgid.link/20240718051834.32270-3-kimseer.paller@analog.com Signed-off-by: Jonathan Cameron commit 5fe8da61272056f743a0c92bc266324d331971f5 Author: Kim Seer Paller Date: Thu Jul 18 13:18:29 2024 +0800 iio: ABI: Generalize ABI documentation for DAC Introduces a more generalized ABI documentation for DAC. Instead of having separate ABI files for each DAC, we now have a single ABI file that covers the common sysfs interface for all DAC. Signed-off-by: Kim Seer Paller https://patch.msgid.link/20240718051834.32270-2-kimseer.paller@analog.com Signed-off-by: Jonathan Cameron commit dd97cdd520ed678036fd154b852da50a90496cee Author: Nuno Sa Date: Tue Jul 9 13:14:29 2024 +0200 iio: backend: print message in case op is not implemented For APIs that have a return value, -EOPNOTSUPP is returned in case the backend does not support the functionality. However, for APIs that do not have a return value we are left in silence. Hence, at least print a debug message in case the callback is not implemented by the backend. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240709-dev-iio-backend-add-debugfs-v1-2-fb4b8f2373c7@analog.com Signed-off-by: Jonathan Cameron commit 8585632a8600d26d4e6b7246d375a9c3a344f0d2 Author: Nuno Sa Date: Tue Jul 9 13:14:28 2024 +0200 iio: backend: remove unused parameter Indio_dev was not being used in iio_backend_extend_chan_spec() so remove it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240709-dev-iio-backend-add-debugfs-v1-1-fb4b8f2373c7@analog.com Signed-off-by: Jonathan Cameron commit 3e82dfc82f38e4db5b578368beb5d99a8cdee21d Author: Julien Stephan Date: Tue Jul 9 17:16:46 2024 +0200 docs: iio: new docs for ad7380 driver This adds a new page to document how to use the ad7380 ADC driver. Credit: this docs is based on ad7944 docs. Signed-off-by: Julien Stephan Link: https://patch.msgid.link/20240709-ad7380-add-docs-v1-1-458ced3dfcc5@baylibre.com Signed-off-by: Jonathan Cameron commit b6a097a9af005b4556bed9df08cb269f2d702c9d Author: Antoniu Miclaus Date: Mon Jul 8 13:40:13 2024 +0300 docs: iio: add documentation for adxl380 driver Add documentation for adxl380 driver which describes the driver device files and shows how the user may use the ABI for various scenarios (configuration, measurement, etc.). Signed-off-by: Ramona Gradinariu Signed-off-by: Antoniu Miclaus Link: https://patch.msgid.link/20240708104114.29894-3-antoniu.miclaus@analog.com Signed-off-by: Jonathan Cameron commit df36de13677a0ebd3ab31dd2c603f9eafdf8de7d Author: Antoniu Miclaus Date: Mon Jul 8 13:40:12 2024 +0300 iio: accel: add ADXL380 driver The ADXL380/ADXL382 is a low noise density, low power, 3-axis accelerometer with selectable measurement ranges. The ADXL380 supports the +/-4 g, +/-8 g, and +/-16 g ranges, and the ADXL382 supports +/-15 g, +/-30 g and +/-60 g ranges. The ADXL380/ADXL382 offers industry leading noise, enabling precision applications with minimal calibration. The low noise, and low power ADXL380/ADXL382 enables accurate measurement in an environment with high vibration, heart sounds and audio. In addition to its low power consumption, the ADXL380/ADXL382 has many features to enable true system level performance. These include a built-in micropower temperature sensor, single / double / triple tap detection and a state machine to prevent a false triggering. In addition, the ADXL380/ADXL382 has provisions for external control of the sampling time and/or an external clock. Signed-off-by: Ramona Gradinariu Signed-off-by: Antoniu Miclaus Link: https://patch.msgid.link/20240708104114.29894-2-antoniu.miclaus@analog.com Signed-off-by: Jonathan Cameron commit f1022193094a47cb5bdb67c326d54a8bc50a555e Author: Antoniu Miclaus Date: Mon Jul 8 13:40:11 2024 +0300 dt-bindings: iio: accel: add ADXL380 Add dt-bindings for ADXL380/ADLX382 low noise density, low power, 3-axis accelerometer with selectable measurement ranges. Reviewed-by: Conor Dooley Signed-off-by: Ramona Gradinariu Signed-off-by: Antoniu Miclaus Link: https://patch.msgid.link/20240708104114.29894-1-antoniu.miclaus@analog.com Signed-off-by: Jonathan Cameron commit 80cd23f43ddce3bfa0389ab65a442d3dc8de4b4f Author: Vasileios Amoiridis Date: Fri Jun 28 19:17:26 2024 +0200 iio: pressure: bmp280: Add triggered buffer support BMP2xx, BME280, BMP3xx, and BMP5xx use continuous buffers for their temperature, pressure and humidity readings. This facilitates the use of burst/bulk reads in order to acquire data faster. The approach is different from the one used in oneshot captures. BMP085 & BMP1xx devices use a completely different measurement process that is well defined and is used in their buffer_handler(). Suggested-by: Angel Iglesias Signed-off-by: Vasileios Amoiridis Link: https://lore.kernel.org/r/20240512230524.53990-6-vassilisamir@gmail.com Link: https://patch.msgid.link/20240628171726.124852-4-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 479e67ac648009b992c4651f5ad0d6dc5b201e4e Author: Vasileios Amoiridis Date: Fri Jun 28 19:17:25 2024 +0200 iio: pressure: bmp280: Add SCALE, RAW values in channels and refactorize them Add extra IIO_CHAN_INFO_SCALE and IIO_CHAN_INFO_RAW channels in order to be able to calculate the processed value with standard userspace IIO tools. Can be used for triggered buffers as well. Even though it is not a good design choice to have SCALE, RAW and PROCESSED together, the PROCESSED channel is kept for ABI compatibility. While at it, separate BMPxxx and BMExxx device channels since BME supports also humidity measurements. Signed-off-by: Vasileios Amoiridis Link: https://lore.kernel.org/r/20240512230524.53990-5-vassilisamir@gmail.com Link: https://patch.msgid.link/20240628171726.124852-3-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 74353ceb3533ff1bcef1645cdab549d1a7dfaa22 Author: Vasileios Amoiridis Date: Fri Jun 28 19:17:24 2024 +0200 iio: pressure: bmp280: Generalize read_*() functions Add the coefficients for the IIO standard units and the IIO value inside the chip_info structure. Move the calculations for the IIO unit compatibility from inside the read_{temp,press,humid}() functions and move them to the general read_raw() function. In this way, all the data for the calculation of the value are located in the chip_info structure of the respective sensor. Signed-off-by: Vasileios Amoiridis Acked-by: Adam Rizkalla Link: https://patch.msgid.link/20240628171726.124852-2-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 7c7d9170305435f5c6f9fac3174118e81fc8178d Author: Marek Vasut Date: Mon Jul 8 13:41:18 2024 +0200 iio: light: ltrf216a: Add LTR-308 support Add LiteOn LTR-308 support into LTR-F216A kernel driver. The two devices seem to have almost identical register map, except that the LTR-308 does not have three CLEAR_DATA registers, which are unused by this driver. Furthermore, LTR-308 and LTR-F216A use different lux calculation constants, 0.6 and 0.45 respectively. Both differences are handled using chip info data. https://optoelectronics.liteon.com/upload/download/DS86-2016-0027/LTR-308ALS_Final_%20DS_V1%201.pdf https://optoelectronics.liteon.com/upload/download/DS86-2019-0016/LTR-F216A_Final_DS_V1.4.PDF Signed-off-by: Marek Vasut Link: https://patch.msgid.link/20240708114227.18283-2-marex@denx.de Signed-off-by: Jonathan Cameron commit 14c09562745c5f47db900b23dd76cb499af12577 Author: Marek Vasut Date: Mon Jul 8 13:41:17 2024 +0200 dt-bindings: iio: light: ltrf216a: Document LTR-308 support Document LiteOn LTR-308 support in LTR-F216A bindings. The two devices seem to have almost identical register map, except that the LTR-308 does not have three CLEAR_DATA registers, which are unused by this driver. Furthermore, LTR-308 and LTR-F216A use different lux calculation constants, 0.6 and 0.45 respectively. https://optoelectronics.liteon.com/upload/download/DS86-2016-0027/LTR-308ALS_Final_%20DS_V1%201.pdf https://optoelectronics.liteon.com/upload/download/DS86-2019-0016/LTR-F216A_Final_DS_V1.4.PDF Signed-off-by: Marek Vasut Acked-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240708114227.18283-1-marex@denx.de Signed-off-by: Jonathan Cameron commit 06342d3f97fec858b8adb86bca59dbde82d0d0b3 Author: Matti Vaittinen Date: Fri Jul 5 13:55:49 2024 +0300 iio: bu27034: Add a read only HARDWAREGAIN The ROHM BU27034 light sensor has two data channels for measuring different frequencies of light. The result from these channels is combined into Lux value while the raw channel values are reported via intensity channels. Both of the intensity channels have adjustable gain setting which impacts the scale of the raw channels. Eg, doubling the gain will double the values read from the raw channels, which halves the scale value. The integration time can also be set for the sensor. This does also have an impact to the scale of the intensity channels because increasing the integration time will also increase the values reported via the raw channels. Impact of integration time to the scale and the fact that the scale value does not start from '1', can make it hard for a human reader to compute the gain values based on the scale. Add read-only HARDWAREGAIN to help debugging. Signed-off-by: Matti Vaittinen Link: https://patch.msgid.link/ec349847cc994f3bd632e99b408a31e7c70581d0.1720176341.git.mazziesaccount@gmail.com Signed-off-by: Jonathan Cameron commit eb13959e2deac8b924cd663da8e564227d8b7184 Author: Matti Vaittinen Date: Fri Jul 5 13:55:34 2024 +0300 bu27034: ROHM BU27034ANUC correct lux calculation The ROHM BU27034NUC was cancelled and BU27034ANUC is replacing this sensor. The lux computation based on the data from a BU27034ANUC is different from the computation for the data from an old BU27034NUC. Fix the lux computation. Signed-off-by: Matti Vaittinen Link: https://patch.msgid.link/b7bea76b54b28eb354dc523771a0e0a8b6f26095.1720176341.git.mazziesaccount@gmail.com Signed-off-by: Jonathan Cameron commit bb1059815f56c3b749d4849cd355bcaf7a750071 Author: Matti Vaittinen Date: Fri Jul 5 13:55:19 2024 +0300 bu27034: ROHM BU27034ANUC correct gains and times The ROHM BU27034NUC was cancelled and BU27034ANUC is replacing this sensor. The BU27034ANUC does not support all the gains or all the integration times that were supported on BU27034NUC. Srop unsupported times and gains Signed-off-by: Matti Vaittinen Link: https://patch.msgid.link/19f8cca2b5498fbfea6e657b7b9c90b78516866a.1720176341.git.mazziesaccount@gmail.com Signed-off-by: Jonathan Cameron commit acfc80c702fc53ae1e210759d465170f28230107 Author: Matti Vaittinen Date: Fri Jul 5 13:55:03 2024 +0300 bu27034: ROHM BU27034NUC to BU27034ANUC drop data2 The ROHM BU27034NUC was cancelled and BU27034ANUC is replacing this sensor. The BU27034ANUC does not have the data2 channel. Drop the data2 channel. Signed-off-by: Matti Vaittinen Link: https://patch.msgid.link/6f261d4499e9c0e161279717261cc9a20764a6bd.1720176341.git.mazziesaccount@gmail.com Signed-off-by: Jonathan Cameron commit dd77c0ff9936ec781c6e7e06893d2c361f44b530 Author: Matti Vaittinen Date: Fri Jul 5 13:54:47 2024 +0300 bu27034: ROHM BU27034NUC to BU27034ANUC The ROHM BU27034NUC was cancelled and BU27034ANUC is replacing this sensor. These senors aren't compatible from the software point of view. According to ROHM, the BU27034NUC was never mass-produced. Hence dropping the BU27034NUC support and using this driver to support BU27034ANUC should not be a problem to users. We however need to ensure than people who use old kernel with the old BU27034NUC driver don't get the old driver probed for the new sensor. Prepare to use the BU27034NUC driver to support the new BU27034ANUC and change the compatible to prevent probing the old driver with the new sensor. Signed-off-by: Matti Vaittinen Link: https://patch.msgid.link/ed8b963b0cd3a84c06a494c79969a136d5abcf92.1720176341.git.mazziesaccount@gmail.com Signed-off-by: Jonathan Cameron commit 3c9edf76791ee127adb44aa441e1ff142cbd5c60 Author: Matti Vaittinen Date: Fri Jul 5 13:54:12 2024 +0300 dt-bindings: iio: BU27034 => BU27034ANUC The BU27034NUC was cancelled before it entered mass production. It was replaced by a new variant BU27034ANUC (note, added 'A'). The new variant gained a few significant changes, like removal of the 3.rd data channel and dropping some of the gain settings. This means that, from software point of view these ICs are incompatible. Lux calculation based on the data from the sensors needs to be done differently, and on the BU27034ANUC the channel 3 data is missing. Also, the gain setting differencies matter. Unfortunately, the identification register was not changed so there is no safe way for the software to distinguish the variants. According to the ROHM HQ engineers, the old BU27034NUC should not be encountered in the wild. Hence it makes sense to remove the support for the old BU27034NUC and add support for the new BU27034ANUC. Change the compatible in order to not load the incompatible old driver for new sensor (or, if someone had the old sensor, the new driver for it). Drop the compatible for old sensor which should not be in the wild and add a new compatible for the new model with accurate model suffix 'anuc'. Rename the file to match the new compatible. Signed-off-by: Matti Vaittinen Acked-by: Conor Dooley Link: https://patch.msgid.link/c39f9c67b3c07a27d7a13109c7b69cff9cfd2b9b.1720176341.git.mazziesaccount@gmail.com Signed-off-by: Jonathan Cameron commit d2651a43f375d2ec849ebfa6ba2c7c2a82c8938a Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:26 2024 +0200 iio: chemical: bme680: Refactorize reading functions The reading of the pressure and humidity value, requires an update of the t_fine variable which happens by reading the temperature value. So the bme680_read_{press/humid}() functions of the above sensors are internally calling the equivalent bme680_read_temp() function in order to update the t_fine value. By just looking at the code this relation is a bit hidden and is not easy to understand why those channels are not independent. This commit tries to clear these thing a bit by splitting the bme680_{read/compensate}_{temp/press/humid}() to the following: i. bme680_read_{temp/press/humid}_adc(): read the raw value from the sensor. ii. bme680_calc_t_fine(): calculate the t_fine variable. iii. bme680_get_t_fine(): get the t_fine variable. iv. bme680_compensate_{temp/press/humid}(): compensate the adc values and return the calculated value. v. bme680_read_{temp/press/humid}(): combine calls of the aforementioned functions to return the requested value. Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-16-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit ed4bb53c467f3b8fd11a0394f72d78575f28ad3f Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:25 2024 +0200 iio: chemical: bme680: Move forced mode setup in ->read_raw() Whenever the sensor is set to forced mode, a TPHG cycle is triggered and the values of temperature, pressure, humidity and gas become ready to be read. The setup of the forced mode to trigger measurements was located inside the read_{temp/gas}() functions. This was not posing a functional problem since read_{humid/press}() are internally calling read_temp() so the forced mode is set through this call. This is not very clear and it is kind of hidden that regardless of the measurement, the setup of the forced mode needs to happen before any measurement. Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-15-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 38605f704e606840d2826b6a9beaac405bb8f808 Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:24 2024 +0200 iio: chemical: bme680: Remove redundant gas configuration There is no need to explicitly configure the gas measurement registers every time a gas measurement takes place. These are initial configurations which are written in the beginning and they are not changed throughout the lifetime of the driver. If in the future, the device starts to support multiple configuration profiles with variable heater duration and heater temperature, then they could become members of the ->read_avail(). Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-14-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 7cc8f49daaac6a533ce7417231435f3f3f355577 Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:23 2024 +0200 iio: chemical: bme680: Move probe errors to dev_err_probe() There are multiple cases in the probe function that dev_err_probe() fits the needs, so use it. Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-13-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit fe358e57afebc33b083551aed5e0093a7ec6db14 Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:22 2024 +0200 iio: chemical: bme680: Modify startup procedure Modify the startup procedure to reflect the procedure of the Bosch BME68x Sensor API. The initial readings and configuration of the sensor need to happen in the following order: 1) Read calibration data [1,2] 2) Chip general configuration [3] 3) Gas configuration [4] After the chip configuration it is necessary to ensure that the sensor is in sleeping mode, in order to apply the gas configuration settings [5]. Also, after the soft reset, it is advised to wait for 5ms [6]. Link: https://github.com/boschsensortec/BME68x_SensorAPI/blob/v4.4.8/bme68x.c#L162 # [1] Link: https://github.com/boschsensortec/BME68x_SensorAPI/blob/v4.4.8/examples/forced_mode/forced_mode.c#L44 # [2] Link: https://github.com/boschsensortec/BME68x_SensorAPI/blob/v4.4.8/examples/forced_mode/forced_mode.c#L53 # [3] Link: https://github.com/boschsensortec/BME68x_SensorAPI/blob/v4.4.8/examples/forced_mode/forced_mode.c#L60 # [4] Link: https://github.com/boschsensortec/BME68x_SensorAPI/blob/v4.4.8/bme68x.c#L640 # [5] Link: https://github.com/boschsensortec/BME68x_SensorAPI/blob/v4.4.8/bme68x.c#L294 # [6] Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-12-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 8bc1f428ba1f1312107b24a367a7c80881bd3cc0 Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:21 2024 +0200 iio: chemical: bme680: Make error checks consistent In the majority of the error checks after a regmap_{read,write}() operation the following coding style is used: ret = regmap_{read,write}(data->regmap, ...); if (ret < 0) { dev_err(dev, ...); return ret; } In this particular case it was different so change it for consistency. Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-11-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit f2f2e7b1a4522d9dc0883e1baf0dea61544cc12b Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:20 2024 +0200 iio: chemical: bme680: Add read buffers in read/write buffer union Move the buffers that are used in order to read data from the device in the union which handles all the device read/write buffers. Also create defines for the number of bytes that are being read from the device and don't use magic numbers. Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-10-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 43eca242b3c19c0323dbf58871d0e4c0ffbaa117 Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:19 2024 +0200 iio: chemical: bme680: Allocate IIO device before chip initialization Move the IIO device allocation before the actual initialization of the chip to be more consistent with most IIO drivers and also to have the ability to use any driver specific data for the chip initialization. While at it, fix also a misaligned line. Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-9-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit a4f765e72e6723718cb8df1da77fe18a5488b552 Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:18 2024 +0200 iio: chemical: bme680: Use bulk reads for calibration data Calibration data are located in contiguous-ish registers inside the chip. For that reason we can use bulk reads as is done as well in the BME68x Sensor API [1]. The arrays that are used for reading the data out of the sensor are located inside DMA safe buffer. Link: https://github.com/boschsensortec/BME68x_SensorAPI/blob/v4.4.8/bme68x.c#L1769 # [1] Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-8-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 5a387668972d0172bb4e044a313b0a36a041b149 Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:17 2024 +0200 iio: chemical: bme680: Remove duplicate register read The LSB of the gas register was read first to check if the following check was correct and then the MSB+LSB were read together. Simplify this by reading together the MSB+LSB immediately. Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-7-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 4d879ba0a662f5e39c82c1c6b42a26b90798e358 Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:16 2024 +0200 iio: chemical: bme680: Sort headers alphabetically Sort headers in alphabetical order and split the iio specific functions with a blank line Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-6-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 8f53b8770ee757df48295cf15a1300904d03f6ec Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:15 2024 +0200 iio: chemical: bme680: Remove remaining ACPI-only stuff The ACPI ID table was removed with the following 2 commits: Commit b73d21dccf68 ("iio: bme680_i2c: Remove acpi_device_id table") Commit f0e4057e97c1 ("iio: bme680_spi: Remove acpi_device_id table") Remove the remaining ACPI related stuff to this driver since they are not directly used. Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-5-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 89ab0c33839115e988294ca4594cc2b5d6581ce2 Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:14 2024 +0200 iio: chemical: bme680: Drop unnecessary casts and correct adc data types Delete any redundant casts in the code and use unsigned integers for the raw adc values. Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-4-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit dfbfb2283cb4c464fc16f81d8b4769665068ba53 Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:13 2024 +0200 iio: chemical: bme680: Fix typo in define Fix a define typo that instead of BME680_... it is saying BM6880_... Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-3-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 77641e5a477d428335cd094b88ac54e09ccb70f4 Author: Vasileios Amoiridis Date: Mon Jun 10 01:38:12 2024 +0200 iio: chemical: bme680: Fix read/write ops to device by adding mutexes Add mutexes in the {read/write}_raw() functions of the device to guard the read/write of data from/to the device. This is necessary because for any operation other than temperature, multiple reads need to take place from the device. Even though regmap has a locking by itself, it won't protect us from multiple applications trying to read at the same time temperature and pressure since the pressure reading includes an internal temperature reading and there is nothing to ensure that this temperature+pressure reading will happen sequentially without any other operation interfering in the meantime. Fixes: 1b3bd8592780 ("iio: chemical: Add support for Bosch BME680 sensor") Signed-off-by: Vasileios Amoiridis Link: https://patch.msgid.link/20240609233826.330516-2-vassilisamir@gmail.com Signed-off-by: Jonathan Cameron commit 7d34b4ad8cd2867b130b5b8d7d76d0d6092bd019 Author: Antoniu Miclaus Date: Tue Jul 2 11:18:50 2024 +0300 ABI: testing: fix admv8818 attr description Fix description of the filter_mode_available attribute by pointing to the correct name of the attribute that can be written with valid values. Fixes: bf92d87d7c67 ("iio:filter:admv8818: Add sysfs ABI documentation") Signed-off-by: Antoniu Miclaus Link: https://patch.msgid.link/20240702081851.4663-1-antoniu.miclaus@analog.com Signed-off-by: Jonathan Cameron commit 5f36bd89a9948ae23571f9ffd122d7de1ced73e0 Merge: 52448d5fa3bad8 5b4ded3f35d5b2 Author: Martin K. Petersen Date: Fri Aug 2 22:10:04 2024 -0400 Merge patch series "smartpqi updates" Don Brace says: These patches are based on Martin Petersen's 6.11/scsi-queue tree https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git 6.11/scsi-queue The functional changes of note to smartpqi are for: multipath failover and improving the accuracy of our RAID bypass counter. For multipath we are: Reverting commit 94a68c814328 ("scsi: smartpqi: Quickly propagate path failures to SCSI midlayer") because under certain rare conditions involving encryption-enabled devices, a false path failure is reported to the SML causing multipath to failover to the other path. Improving errors returned from the driver back to the SML by checking for error codes returned from the firmware and returning the correct ASC/ASCQ codes to the SML. The other two patches add PCI-IDs for new controllers and change the driver version. Link: https://lore.kernel.org/r/20240711194704.982400-1-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit 5b4ded3f35d5b2c077e4035b66af2d04668d7ee5 Author: Don Brace Date: Thu Jul 11 14:47:04 2024 -0500 scsi: smartpqi: Update driver version to 2.1.28-025 Update driver version to 2.1.28-025. Reviewed-by: Mike Tran Reviewed-by: Gerry Morong Reviewed-by: Scott Benesh Reviewed-by: Scott Teel Signed-off-by: Don Brace Link: https://lore.kernel.org/r/20240711194704.982400-6-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit 57abab70a5e0179b5fff7c4a6dfdbcbcc97ca910 Author: Kevin Barnett Date: Thu Jul 11 14:47:03 2024 -0500 scsi: smartpqi: Improve handling of multipath failover Improve multipath failovers by mapping firmware errors into I/O errors. In some rare instances, firmware does not return the proper error code for I/O errors caused by a multipath path failure. Map I/O errors returned by firmware into errors that help the multipath layer to detect the failure of a path. Reviewed-by: Gerry Morong Reviewed-by: Scott Benesh Reviewed-by: Scott Teel Reviewed-by: Mike McGowen Signed-off-by: Kevin Barnett Signed-off-by: Don Brace Link: https://lore.kernel.org/r/20240711194704.982400-5-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit f1393d52e6cda9c20f12643cbecf1e1dc357e0e2 Author: Gilbert Wu Date: Thu Jul 11 14:47:02 2024 -0500 scsi: smartpqi: revert propagate-the-multipath-failure-to-SML-quickly Correct a rare multipath failure issue by reverting commit 94a68c814328 ("scsi: smartpqi: Quickly propagate path failures to SCSI midlayer") [1]. Reason for revert: The patch propagated the path failure to SML quickly when one of the path fails during IO and AIO path gets disabled for a multipath device. But it created a new issue: when creating a volume on an encryption-enabled controller, the firmware reports the AIO path is disabled, which cause the driver to report a path failure to SML for a multipath device. There will be a new fix to handle "Illegal request" and "Invalid field in parameter list" on RAID path when the AIO path is disabled on a multipath device. [1] https://lore.kernel.org/all/164375209313.440833.9992416628621839233.stgit@brunhilda.pdev.net/ Fixes: 94a68c814328 ("scsi: smartpqi: Quickly propagate path failures to SCSI midlayer") Reviewed-by: Scott Benesh Reviewed-by: Scott Teel Reviewed-by: Mike McGowen Signed-off-by: Gilbert Wu Signed-off-by: Don Brace Link: https://lore.kernel.org/r/20240711194704.982400-4-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit bb0f5445b27f4a8f8359cc0f36a59a397b4b5e0c Author: Kevin Barnett Date: Thu Jul 11 14:47:01 2024 -0500 scsi: smartpqi: Improve accuracy/performance of raid-bypass-counter The original implementation of this counter used an atomic variable. However, this implementation negatively impacted performance in some configurations. Switch to using per_cpu variables. Reviewed-by: Scott Benesh Reviewed-by: Scott Teel Reviewed-by: Mike McGowen Co-developed-by: Mahesh Rajashekhara Signed-off-by: Mahesh Rajashekhara Signed-off-by: Kevin Barnett Signed-off-by: Don Brace Link: https://lore.kernel.org/r/20240711194704.982400-3-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit 0e21e73384d324f75ea16f3d622cfc433fa6209b Author: David Strahan Date: Thu Jul 11 14:47:00 2024 -0500 scsi: smartpqi: Add new controller PCI IDs All PCI ID entries in hex. Add new inagile PCI IDs: VID / DID / SVID / SDID ---- ---- ---- ---- SMART-HBA 8242-24i 9005 / 028f / 1ff9 / 0045 RAID 8236-16i 9005 / 028f / 1ff9 / 0046 RAID 8240-24i 9005 / 028f / 1ff9 / 0047 SMART-HBA 8238-16i 9005 / 028f / 1ff9 / 0048 PM8222-SHBA 9005 / 028f / 1ff9 / 004a RAID PM8204-2GB 9005 / 028f / 1ff9 / 004b RAID PM8204-4GB 9005 / 028f / 1ff9 / 004c PM8222-HBA 9005 / 028f / 1ff9 / 004f MT0804M6R 9005 / 028f / 1ff9 / 0051 MT0801M6E 9005 / 028f / 1ff9 / 0052 MT0808M6R 9005 / 028f / 1ff9 / 0053 MT0800M6H 9005 / 028f / 1ff9 / 0054 RS0800M5H24i 9005 / 028f / 1ff9 / 006b RS0800M5E8i 9005 / 028f / 1ff9 / 006c RS0800M5H8i 9005 / 028f / 1ff9 / 006d RS0804M5R16i 9005 / 028f / 1ff9 / 006f RS0800M5E24i 9005 / 028f / 1ff9 / 0070 RS0800M5H16i 9005 / 028f / 1ff9 / 0071 RS0800M5E16i 9005 / 028f / 1ff9 / 0072 RT0800M7E 9005 / 028f / 1ff9 / 0086 RT0800M7H 9005 / 028f / 1ff9 / 0087 RT0804M7R 9005 / 028f / 1ff9 / 0088 RT0808M7R 9005 / 028f / 1ff9 / 0089 RT1608M6R16i 9005 / 028f / 1ff9 / 00a1 Add new h3c pci_id: VID / DID / SVID / SDID ---- ---- ---- ---- UN RAID P4408-Mr-2 9005 / 028f / 193d / 1110 Add new powerleader pci ids: VID / DID / SVID / SDID ---- ---- ---- ---- PL SmartROC PM8204 9005 / 028f / 1f3a / 0104 Reviewed-by: Scott Benesh Reviewed-by: Scott Teel Reviewed-by: Mike McGowen Signed-off-by: David Strahan Signed-off-by: Don Brace Link: https://lore.kernel.org/r/20240711194704.982400-2-don.brace@microchip.com Signed-off-by: Martin K. Petersen commit 52448d5fa3bad8b3e8d90d96366c80fd67844b0f Merge: 88e6804fb323d1 5b247f03779d36 Author: Martin K. Petersen Date: Fri Aug 2 21:48:54 2024 -0400 Merge patch series "Update lpfc to revision 14.4.0.4" Justin Tee says: Update lpfc to revision 14.4.0.4 This patch set contains diagnostic logging improvements, a minor clean up when submitting abort requests, a bug fix related to reset and errata paths, and modifications to FLOGI and PRLO ELS command handling. The patches were cut against Martin's 6.11/scsi-queue tree. Link: https://lore.kernel.org/r/20240726231512.92867-1-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit 5b247f03779d3601dcb080446bd7d680149a2aee Author: Justin Tee Date: Fri Jul 26 16:15:12 2024 -0700 scsi: lpfc: Copyright updates for 14.4.0.4 patches Update copyrights to 2024 for files modified in the 14.4.0.4 patch set. Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240726231512.92867-9-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit 62b52495e6a12b37ba3f790f815e717737643bf7 Author: Justin Tee Date: Fri Jul 26 16:15:11 2024 -0700 scsi: lpfc: Update lpfc version to 14.4.0.4 Update lpfc version to 14.4.0.4 Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240726231512.92867-8-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit 1f0f7679ad8942f810b0f19ee9cf098c3502d66a Author: Justin Tee Date: Fri Jul 26 16:15:10 2024 -0700 scsi: lpfc: Update PRLO handling in direct attached topology A kref imbalance occurs when handling an unsolicited PRLO in direct attached topology. Rework PRLO rcv handling when in MAPPED state. Save the state that we were handling a PRLO by setting nlp_last_elscmd to ELS_CMD_PRLO. Then in the lpfc_cmpl_els_logo_acc() completion routine, manually restart discovery. By issuing the PLOGI, which nlp_gets, before nlp_put at the end of the lpfc_cmpl_els_logo_acc() routine, we are saving us from a final nlp_put. And, we are still allowing the unreg_rpi to happen. Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240726231512.92867-7-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit b5c18c9dd138733c16893613345af44deadcf05e Author: Justin Tee Date: Fri Jul 26 16:15:09 2024 -0700 scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology In direct attached topology, certain target vendors that are quick to issue FLOGI followed by a cable pull for more than dev_loss_tmo may result in a kref imbalance for the remote port ndlp object. Add an nlp_get when the defer_flogi_acc flag is set. This is expected to balance the nlp_put in the defer_flogi_acc clause in the lpfc_issue_els_flogi() routine. Because we need to retain the ndlp ptr, reorganize all of the defer_flogi_acc information into one lpfc_defer_flogi_acc struct. Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240726231512.92867-6-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit 3976beb1b410441bab9c3726e2ba76cc7a4c0b2d Author: Justin Tee Date: Fri Jul 26 16:15:08 2024 -0700 scsi: lpfc: Fix unintentional double clearing of vmid_flag The vport->vmid_flag is unintentionally cleared twice after an issue_lip via the lpfc_reinit_vmid routine(). The first call to lpfc_reinit_vmid() is in lpfc_cmpl_els_flogi(). Then lpfc_cmpl_els_flogi_fabric() calls lpfc_register_new_vport(), which calls lpfc_cmpl_reg_new_vport() when the mbox command completes and calls lpfc_reinit_vmid() a second time. Fix by moving the vmid_flag clear outside of the lpfc_reinit_vmid() routine so that vmid_flag is only cleared once upon FLOGI completion. Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240726231512.92867-5-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit 2be1d4f11944cd6283cb97268b3e17c4424945ca Author: Justin Tee Date: Fri Jul 26 16:15:07 2024 -0700 scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths When the HBA is undergoing a reset or is handling an errata event, NULL ptr dereference crashes may occur in routines such as lpfc_sli_flush_io_rings(), lpfc_dev_loss_tmo_callbk(), or lpfc_abort_handler(). Add NULL ptr checks before dereferencing hdwq pointers that may have been freed due to operations colliding with a reset or errata event handler. Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240726231512.92867-4-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit f1bfe32073964372c1dfa572480eb43d44e34909 Author: Justin Tee Date: Fri Jul 26 16:15:06 2024 -0700 scsi: lpfc: Remove redundant vport assignment when building an abort request The lpfc_sli_issue_abort_iotag() routine has a redundant assignment of abtsiocbp->vport = vport; The duplicate lines are from a previous refactoring, and this patch removes the accidental redundancy. Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240726231512.92867-3-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit 5b8963c53de11dcef2b6241452988427db5773ec Author: Justin Tee Date: Fri Jul 26 16:15:05 2024 -0700 scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds During diagnostics, it has been determined that the 0115 log message for receipt of unknown ELS cmds does not benefit from trace buffer dumps. The trace buffer dump floods the console with unnecessary information, and the singular LOG_ELS flag has proven more beneficial in debugging efforts when dealing with unknown ELS cmds. Signed-off-by: Justin Tee Link: https://lore.kernel.org/r/20240726231512.92867-2-justintee8345@gmail.com Signed-off-by: Martin K. Petersen commit 88e6804fb323d1dbe477f002a89755f8b034e890 Author: Bao D. Nguyen Date: Tue Jul 23 20:49:32 2024 -0700 scsi: ufs: core: Support Updating UIC Command Timeout The default UIC command timeout still remains 500ms. Allow platform drivers to override the UIC command timeout if desired. In a real product, the 500ms timeout value is probably good enough. However, during the product development where there are a lot of logging and debug messages being printed to the UART console, interrupt starvations happen occasionally because the UART may print long debug messages from different modules in the system. While printing, the UART may have interrupts disabled for more than 500ms, causing UIC command timeout. The UIC command timeout would trigger more printing from the UFS driver, and eventually a watchdog timeout may occur unnecessarily. Add support for overriding the UIC command timeout value with the newly created uic_cmd_timeout kernel module parameter. Default value is 500ms. Supported values range from 500ms to 2 seconds. Signed-off-by: Bao D. Nguyen Link: https://lore.kernel.org/r/e4e1c87f3f867f270a3d4b5d57a00139ff0e9741.1721792309.git.quic_nguyenb@quicinc.com Suggested-by: Bart Van Assche Reviewed-by: Bart Van Assche Reviewed-by: Manivannan Sadhasivam Reviewed-by: Peter Wang Signed-off-by: Martin K. Petersen commit 15f7b71b9da6e0caa6a960e5cea4d64e5f12722c Merge: e0c39a5e65a269 fdb1db6ea7f66c Author: Martin K. Petersen Date: Fri Aug 2 21:39:30 2024 -0400 Merge patch series "scsi: aacraid: struct sgmap: Replace 1-element arrays with flexible arrays" Kees Cook says: This replaces some of the last remaining uses in the kernel of 1-element "fake" flexible arrays with modern C99 flexible arrays. Some refactoring is done to ease this, and binary differences are identified. For the on stack size changes in patch 2, the "yes, that is the source of the binary differences" debugging patch can be found here[1]. [1] https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/commit/?h=dev/v6.10-rc2/1-element&id=45e6226bcbc5e982541754eca7ac29f403e82f5e Link: https://lore.kernel.org/r/20240711212732.work.162-kees@kernel.org Signed-off-by: Martin K. Petersen commit fdb1db6ea7f66cad970b19b5cd341b8386350bca Author: Kees Cook Date: Thu Jul 11 14:57:38 2024 -0700 scsi: aacraid: struct {user,}sgmap{,64,raw}: Replace 1-element arrays with flexible arrays Replace the deprecated[1] use of 1-element arrays in struct sgmap, struct sgmap64, struct sgmapraw, struct user_sgmap, and struct user_sgmap64 with modern flexible arrays. Additionally remove struct user_sgmapraw as it is unused. The resulting binary output differences from this change are limited only to stack space consumption of the smaller "srbu" variable in aac_issue_safw_bmic_identify() and aac_get_safw_ciss_luns(), as well as the smaller associated pair of memcpy()s in aac_send_safw_bmic_cmd(). Artificially growing the size of srbu back to its prior size removes all binary differences[2]. As an aside, after studying the aacraid driver code I wonder how aac_send_wellness_command() ever works. It is reporting a size 4 bytes too small for what it has constructed in memory in the DMA region: sgentry64 is size 12, whereas sgentry is size 8. Perhaps the hardware doesn't care. (Regardless, it is unchanged by this patch.) Link: https://github.com/KSPP/linux/issues/79 [1] Link: https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/commit/?h=dev/v6.10-rc2/1-element&id=45e6226bcbc5e982541754eca7ac29f403e82f5e [2] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711215739.208776-2-kees@kernel.org Signed-off-by: Martin K. Petersen commit 6e5860b0ad4934baee8c7a202c02033b2631bb44 Author: Kees Cook Date: Thu Jul 11 14:57:37 2024 -0700 scsi: aacraid: Rearrange order of struct aac_srb_unit struct aac_srb_unit contains struct aac_srb, which contains struct sgmap, which ends in a (currently) "fake" (1-element) flexible array. Converting this to a flexible array is needed so that runtime bounds checking won't think the array is fixed size (i.e. under CONFIG_FORTIFY_SOURCE=y and/or CONFIG_UBSAN_BOUNDS=y), as other parts of aacraid use struct sgmap as a flexible array. It is not legal to have a flexible array in the middle of a structure, so it either needs to be split up or rearranged so that it is at the end of the structure. Luckily, struct aac_srb_unit, which is exclusively consumed/updated by aac_send_safw_bmic_cmd(), does not depend on member ordering. The values set in the on-stack struct aac_srb_unit instance "srbu" by the only two callers, aac_issue_safw_bmic_identify() and aac_get_safw_ciss_luns(), do not contain anything in srbu.srb.sgmap.sg, and they both implicitly initialize srbu.srb.sgmap.count to 0 during memset(). For example: memset(&srbu, 0, sizeof(struct aac_srb_unit)); srbcmd = &srbu.srb; srbcmd->flags = cpu_to_le32(SRB_DataIn); srbcmd->cdb[0] = CISS_REPORT_PHYSICAL_LUNS; srbcmd->cdb[1] = 2; /* extended reporting */ srbcmd->cdb[8] = (u8)(datasize >> 8); srbcmd->cdb[9] = (u8)(datasize); rcode = aac_send_safw_bmic_cmd(dev, &srbu, phys_luns, datasize); During aac_send_safw_bmic_cmd(), a separate srb is mapped into DMA, and has srbu.srb copied into it: srb = fib_data(fibptr); memcpy(srb, &srbu->srb, sizeof(struct aac_srb)); Only then is srb.sgmap.count written and srb->sg populated: srb->count = cpu_to_le32(xfer_len); sg64 = (struct sgmap64 *)&srb->sg; sg64->count = cpu_to_le32(1); sg64->sg[0].addr[1] = cpu_to_le32(upper_32_bits(addr)); sg64->sg[0].addr[0] = cpu_to_le32(lower_32_bits(addr)); sg64->sg[0].count = cpu_to_le32(xfer_len); But this is happening in the DMA memory, not in srbu.srb. An attempt to copy the changes back to srbu does happen: /* * Copy the updated data for other dumping or other usage if * needed */ memcpy(&srbu->srb, srb, sizeof(struct aac_srb)); But this was never correct: the sg64 (3 u32s) overlap of srb.sg (2 u32s) always meant that srbu.srb would have held truncated information and any attempt to walk srbu.srb.sg.sg based on the value of srbu.srb.sg.count would result in attempting to parse past the end of srbu.srb.sg.sg[0] into srbu.srb_reply. After getting a reply from hardware, the reply is copied into srbu.srb_reply: srb_reply = (struct aac_srb_reply *)fib_data(fibptr); memcpy(&srbu->srb_reply, srb_reply, sizeof(struct aac_srb_reply)); This has always been fixed-size, so there's no issue here. It is worth noting that the two callers _never check_ srbu contents -- neither srbu.srb nor srbu.srb_reply is examined. (They depend on the mapped xfer_buf instead.) Therefore, the ordering of members in struct aac_srb_unit does not matter, and the flexible array member can moved to the end. (Additionally, the two memcpy()s that update srbu could be entirely removed as they are never consumed, but I left that as-is.) Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711215739.208776-1-kees@kernel.org Signed-off-by: Martin K. Petersen commit e0c39a5e65a26943c1c84990bc70e9a822e90f05 Merge: c72e13cf820bc7 f296cc1d7f5aec Author: Martin K. Petersen Date: Fri Aug 2 21:33:37 2024 -0400 Merge patch series "scsi: message: fusion: Replace 1-element arrays with flexible arrays" Kees Cook says: Replace all remaining uses of deprecated 1-element "fake" flexible arrays with modern C99 flexible arrays. Add __counted_by annotations at the same time. Link: https://lore.kernel.org/r/20240711172432.work.523-kees@kernel.org Signed-off-by: Martin K. Petersen commit f296cc1d7f5aeccd0d87ec167e0aea05acb8a022 Author: Kees Cook Date: Thu Jul 11 10:28:20 2024 -0700 scsi: message: fusion: struct _CONFIG_PAGE_IOC_4: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct _CONFIG_PAGE_IOC_4 with a modern flexible array. Additionally add __counted_by annotation since SEP is only ever accessed after updating ACtiveSEP: lsi/mpi_cnfg.h: IOC_4_SEP SEP[] __counted_by(ActiveSEP); /* 08h */ mptsas.c: ii = IOCPage4Ptr->ActiveSEP++; mptsas.c: IOCPage4Ptr->SEP[ii].SEPTargetID = id; mptsas.c: IOCPage4Ptr->SEP[ii].SEPBus = channel; No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711172821.123936-6-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit 70631322dbab5b48f49f142dd9aef768c0fb077c Author: Kees Cook Date: Thu Jul 11 10:28:19 2024 -0700 scsi: message: fusion: struct _CONFIG_PAGE_IOC_3: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct _CONFIG_PAGE_IOC_3 with a modern flexible array. Additionally add __counted_by annotation since PhysDisk is only ever accessed via a loops bounded by NumPhysDisks: lsi/mpi_cnfg.h: IOC_3_PHYS_DISK PhysDisk[] __counted_by(NumPhysDisks); /* 08h */ mptscsih.c: for (i = 0; i < ioc->raid_data.pIocPg3->NumPhysDisks; i++) { mptscsih.c: if ((id == ioc->raid_data.pIocPg3->PhysDisk[i].PhysDiskID) && mptscsih.c: (channel == ioc->raid_data.pIocPg3->PhysDisk[i].PhysDiskBus)) { mptscsih.c: for (i = 0; i < ioc->raid_data.pIocPg3->NumPhysDisks; i++) { mptscsih.c: ioc->raid_data.pIocPg3->PhysDisk[i].PhysDiskNum); mptscsih.c: ioc->raid_data.pIocPg3->PhysDisk[i].PhysDiskNum, mptscsih.c: for (i = 0; i < ioc->raid_data.pIocPg3->NumPhysDisks; i++) { mptscsih.c: if ((id == ioc->raid_data.pIocPg3->PhysDisk[i].PhysDiskID) && mptscsih.c: (channel == ioc->raid_data.pIocPg3->PhysDisk[i].PhysDiskBus)) { mptscsih.c: rc = ioc->raid_data.pIocPg3->PhysDisk[i].PhysDiskNum; mptscsih.c: for (i = 0; i < ioc->raid_data.pIocPg3->NumPhysDisks; i++) { mptscsih.c: ioc->raid_data.pIocPg3->PhysDisk[i].PhysDiskNum); mptscsih.c: ioc->raid_data.pIocPg3->PhysDisk[i].PhysDiskNum, No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711172821.123936-5-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit de80fe29ab53dc9efde5c773fadebd3e547ad785 Author: Kees Cook Date: Thu Jul 11 10:28:18 2024 -0700 scsi: message: fusion: struct _CONFIG_PAGE_IOC_2: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct _CONFIG_PAGE_IOC_2 with a modern flexible array. Additionally add __counted_by annotation since RaidVolume is only ever accessed from loops controlled by NumActiveVolumes: lsi/mpi_cnfg.h: CONFIG_PAGE_IOC_2_RAID_VOL RaidVolume[] __counted_by(NumActiveVolumes); /* 0Ch */ mptbase.c: for (i = 0; i < pIoc2->NumActiveVolumes ; i++) mptbase.c: pIoc2->RaidVolume[i].VolumeBus, mptbase.c: pIoc2->RaidVolume[i].VolumeID); mptsas.c: for (i = 0; i < ioc->raid_data.pIocPg2->NumActiveVolumes; i++) { mptsas.c: RaidVolume[i].VolumeID) { mptsas.c: RaidVolume[i].VolumeBus; mptsas.c: for (i = 0; i < ioc->raid_data.pIocPg2->NumActiveVolumes; i++) { mptsas.c: ioc->raid_data.pIocPg2->RaidVolume[i].VolumeID, 0); mptsas.c: ioc->raid_data.pIocPg2->RaidVolume[i].VolumeID); mptsas.c: ioc->raid_data.pIocPg2->RaidVolume[i].VolumeID, 0); mptsas.c: for (i = 0; i < ioc->raid_data.pIocPg2->NumActiveVolumes; i++) { mptsas.c: if (ioc->raid_data.pIocPg2->RaidVolume[i].VolumeID == mptsas.c: for (i = 0; i < ioc->raid_data.pIocPg2->NumActiveVolumes; i++) mptsas.c: if (ioc->raid_data.pIocPg2->RaidVolume[i].VolumeID == id) mptspi.c: for (i=0; i < ioc->raid_data.pIocPg2->NumActiveVolumes; i++) { mptspi.c: if (ioc->raid_data.pIocPg2->RaidVolume[i].VolumeID == id) { No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711172821.123936-4-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit dc8932fbf6a9cad4cf6dd312d115a26d90facb7e Author: Kees Cook Date: Thu Jul 11 10:28:17 2024 -0700 scsi: message: fusion: struct _CONFIG_PAGE_RAID_PHYS_DISK_1: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct _CONFIG_PAGE_RAID_PHYS_DISK_1 with a modern flexible array. Additionally add __counted_by annotation since Path is only ever accessed via a loops bounded by NumPhysDiskPaths: lsi/mpi_cnfg.h: RAID_PHYS_DISK1_PATH Path[] __counted_by(NumPhysDiskPaths);/* 0Ch */ mptbase.c: phys_disk->NumPhysDiskPaths = buffer->NumPhysDiskPaths; mptbase.c: for (i = 0; i < phys_disk->NumPhysDiskPaths; i++) { mptbase.c: phys_disk->Path[i].PhysDiskID = buffer->Path[i].PhysDiskID; mptbase.c: phys_disk->Path[i].PhysDiskBus = buffer->Path[i].PhysDiskBus; No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711172821.123936-3-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit 14c1f88c7f625dc12fb4a6f18154bcd6f7cd021f Author: Kees Cook Date: Thu Jul 11 10:28:16 2024 -0700 scsi: message: fusion: struct _CONFIG_PAGE_SAS_IO_UNIT_0: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct _CONFIG_PAGE_SAS_IO_UNIT_0 with a modern flexible array. Additionally add __counted_by annotation since PhyData is only ever accessed via a loops bounded by NumPhys: lsi/mpi_cnfg.h: MPI_SAS_IO_UNIT0_PHY_DATA PhyData[] __counted_by(NumPhys); /* 10h */ mptsas.c: port_info->num_phys = buffer->NumPhys; mptsas.c: for (i = 0; i < port_info->num_phys; i++) { mptsas.c: mptsas_print_phy_data(ioc, &buffer->PhyData[i]); mptsas.c: port_info->phy_info[i].phy_id = i; mptsas.c: port_info->phy_info[i].port_id = mptsas.c: buffer->PhyData[i].Port; mptsas.c: port_info->phy_info[i].negotiated_link_rate = mptsas.c: buffer->PhyData[i].NegotiatedLinkRate; No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711172821.123936-2-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit 8e76c9c9dd117c95c0ae248a217197228000912c Author: Kees Cook Date: Thu Jul 11 10:28:15 2024 -0700 scsi: message: fusion: struct _RAID_VOL0_SETTINGS: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct _RAID_VOL0_SETTINGS with a modern flexible array. Additionally add __counted_by annotation since PhysDisk is only ever accessed via a loops bounded by NumPhysDisks: lsi/mpi_cnfg.h: RAID_VOL0_PHYS_DISK PhysDisk[] __counted_by(NumPhysDisks); /* 28h */ mptbase.c: for (i = 0; i < buffer->NumPhysDisks; i++) { mptbase.c: buffer->PhysDisk[i].PhysDiskNum, &phys_disk) != 0) mptsas.c: for (i = 0; i < buffer->NumPhysDisks; i++) { mptsas.c: buffer->PhysDisk[i].PhysDiskNum, &phys_disk) != 0) mptsas.c: for (i = 0; i < buffer->NumPhysDisks; i++) { mptsas.c: buffer->PhysDisk[i].PhysDiskNum, &phys_disk) != 0) No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711172821.123936-1-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit c72e13cf820bc79fffd5ffaaa0aaab11269027d1 Author: Kees Cook Date: Thu Jul 11 11:07:06 2024 -0700 scsi: ipr: Replace 1-element arrays with flexible arrays Replace the deprecated[1] use of a 1-element arrays in struct ipr_hostrcb_fabric_desc and struct ipr_hostrcb64_fabric_desc with modern flexible arrays. No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711180702.work.536-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit 2e35b43bc9a82fde4e7aebe5d8331e1158374d5c Author: Kees Cook Date: Thu Jul 11 10:50:55 2024 -0700 scsi: aacraid: struct aac_ciss_phys_luns_resp: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct aac_ciss_phys_luns_resp with a modern flexible array. No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711175055.work.928-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Reviewed-by: Kees Cook Signed-off-by: Martin K. Petersen commit 575b9be63684600e7e02517f0b647e5cb759120c Author: Kees Cook Date: Thu Jul 11 10:48:23 2024 -0700 scsi: aacraid: union aac_init: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in union aac_init with a modern flexible array. Additionally add __counted_by annotation since rrq is only ever accessed after rr_queue_count has been set (with the same value used to control the loop): init->r8.rr_queue_count = cpu_to_le32(dev->max_msix); ... for (i = 0; i < dev->max_msix; i++) { addr = (u64)dev->host_rrq_pa + dev->vector_cap * i * sizeof(u32); init->r8.rrq[i].host_addr_high = cpu_to_le32( upper_32_bits(addr)); No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711174815.work.689-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit 29b4a49750776925ea48ef440da6aa75828913db Author: Kees Cook Date: Thu Jul 11 08:58:42 2024 -0700 scsi: megaraid_sas: struct MR_HOST_DEVICE_LIST: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct MR_HOST_DEVICE_LIST with a modern flexible array. One binary difference appears in megasas_host_device_list_query(): struct MR_HOST_DEVICE_LIST *ci; ... ci = instance->host_device_list_buf; ... memset(ci, 0, sizeof(*ci)); The memset() clears only the non-flexible array fields. Looking at the rest of the function, this appears to be fine: firmware is using this region to communicate with the kernel, so it likely never made sense to clear the first MR_HOST_DEVICE_LIST_ENTRY. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711155841.work.839-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit ed8ab02c85b3494ec81f35f12e01f6678af09f6a Author: Kees Cook Date: Thu Jul 11 08:58:23 2024 -0700 scsi: megaraid_sas: struct MR_LD_VF_MAP: Replace 1-element arrays with flexible arrays Replace the deprecated[1] use of a 1-element array in struct MR_LD_VF_MAP with a modern flexible array. No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711155823.work.778-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit 778d7cddd8585198d15c3190d4f2b243ac53df52 Merge: 8400291e289ee6 a62193abae75f3 Author: Martin K. Petersen Date: Fri Aug 2 21:24:12 2024 -0400 Merge patch series "scsi: mpi3mr: Replace 1-element arrays with flexible arrays" Kees Cook says: Replace all the uses of deprecated 1-element "fake" flexible arrays with modern C99 flexible arrays. Link: https://lore.kernel.org/r/20240711155446.work.681-kees@kernel.org Signed-off-by: Martin K. Petersen commit a62193abae75f3c3f68bbc7d3343751644140556 Author: Kees Cook Date: Thu Jul 11 08:56:36 2024 -0700 scsi: mpi3mr: struct mpi3_sas_io_unit_page1: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct mpi3_sas_io_unit_page1 with a modern flexible array. No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711155637.3757036-4-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit 41bb96296f9d3a92f3b52bcf502d6c0e86fa84a0 Author: Kees Cook Date: Thu Jul 11 08:56:35 2024 -0700 scsi: mpi3mr: struct mpi3_sas_io_unit_page0: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct mpi3_sas_io_unit_page0 with a modern flexible array. No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711155637.3757036-3-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit 0e11f97bfddc608fd31d4fb7b8feaf74755d6372 Author: Kees Cook Date: Thu Jul 11 08:56:34 2024 -0700 scsi: mpi3mr: struct mpi3_event_data_pcie_topology_change_list: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct mpi3_event_data_pcie_topology_change_list with a modern flexible array. Additionally add __counted_by annotation since port_entry is only ever accessed in loops controlled by num_entries. For example: for (i = 0; i < event_data->num_entries; i++) { handle = le16_to_cpu(event_data->port_entry[i].attached_dev_handle); No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711155637.3757036-2-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit ac5b7505de7013a4c572aa80d5b43db287fa0161 Author: Kees Cook Date: Thu Jul 11 08:56:33 2024 -0700 scsi: mpi3mr: struct mpi3_event_data_sas_topology_change_list: Replace 1-element array with flexible array Replace the deprecated[1] use of a 1-element array in struct mpi3_event_data_sas_topology_change_list with a modern flexible array. Additionally add __counted_by annotation since phy_entry is only ever accessed in loops controlled by num_entries. For example: for (i = 0; i < event_data->num_entries; i++) { ... handle = le16_to_cpu(event_data->phy_entry[i].attached_dev_handle); No binary differences are present after this conversion. Link: https://github.com/KSPP/linux/issues/79 [1] Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20240711155637.3757036-1-kees@kernel.org Reviewed-by: Gustavo A. R. Silva Signed-off-by: Martin K. Petersen commit 8d5be2c4f4477915fee079572665198e70246b69 Author: Pawel Dembicki Date: Wed Jul 31 22:34:55 2024 +0200 net: dsa: vsc73xx: speed up MDIO bus to max allowed value According to the datasheet, the VSC73xx family's maximum internal MDIO bus speed is 20 MHz. It also allows disabling the preamble. This commit sets the MDIO clock prescaler to the minimum value and disables the preamble to speed up MDIO operations. It doesn't affect the external bus because it's configured in a different subblock. Signed-off-by: Pawel Dembicki Reviewed-by: Andrew Lunn Link: https://patch.msgid.link/20240731203455.580262-1-paweldembicki@gmail.com Signed-off-by: Jakub Kicinski commit 7e51d21ee01077c538d87c22fc9a164bd9b60a53 Author: Yue Haibing Date: Wed Jul 31 18:08:15 2024 +0800 rxrpc: Remove unused function declarations commit 3cec055c5695 ("rxrpc: Don't hold a ref for connection workqueue") left behind rxrpc_put_client_conn(). And commit 248f219cb8bc ("rxrpc: Rewrite the data and ack handling code") removed rxrpc_accept_incoming_calls() but left declaration. Signed-off-by: Yue Haibing Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240731100815.1277894-1-yuehaibing@huawei.com Signed-off-by: Jakub Kicinski commit f94074687d05aea10b50c4f4055a19d9d0c3bd27 Author: Dmitry Antipov Date: Thu Aug 1 17:23:11 2024 +0300 net: core: annotate socks of struct sock_reuseport with __counted_by According to '__reuseport_alloc()', annotate flexible array member 'sock' of 'struct sock_reuseport' with '__counted_by()' and use convenient 'struct_size()' to simplify the math used in 'kzalloc()'. Signed-off-by: Dmitry Antipov Reviewed-by: Gustavo A. R. Silva Reviewed-by: Kuniyuki Iwashima Link: https://patch.msgid.link/20240801142311.42837-1-dmantipov@yandex.ru Signed-off-by: Jakub Kicinski commit 6555a2a9212be6983d2319d65276484f7c5f431a Author: Simon Horman Date: Thu Aug 1 19:35:37 2024 +0100 tipc: guard against string buffer overrun Smatch reports that copying media_name and if_name to name_parts may overwrite the destination. .../bearer.c:166 bearer_name_validate() error: strcpy() 'media_name' too large for 'name_parts->media_name' (32 vs 16) .../bearer.c:167 bearer_name_validate() error: strcpy() 'if_name' too large for 'name_parts->if_name' (1010102 vs 16) This does seem to be the case so guard against this possibility by using strscpy() and failing if truncation occurs. Introduced by commit b97bf3fd8f6a ("[TIPC] Initial merge") Compile tested only. Reviewed-by: Jakub Kicinski Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240801-tipic-overrun-v2-1-c5b869d1f074@kernel.org Signed-off-by: Jakub Kicinski commit 66b065239a2db3ac188d369d0b1797cd8bf62aeb Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:42 2024 -0600 clk: Use of_property_present() Use of_property_present() to test for property presence rather than of_(find|get)_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_(find|get)_property() leak the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731191312.1710417-4-robh@kernel.org Reviewed-by: Linus Walleij Acked-by: Geert Uytterhoeven # clk-mstp.c Reviewed-by: Geert Uytterhoeven Signed-off-by: Stephen Boyd commit 9d6a53042c49af34603ff32689305a10a5efbb4e Author: Rob Herring (Arm) Date: Wed Jul 31 14:14:02 2024 -0600 clk: at91: Use of_property_count_u32_elems() to get property length Replace of_get_property() with the type specific of_property_count_u32_elems() to get the property length. This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731201407.1838385-7-robh@kernel.org Signed-off-by: Stephen Boyd commit b71441b7542d35d48b886b02d808e8544153adda Merge: 7e1d512dab5042 b5381a5540cbb7 Author: Jakub Kicinski Date: Fri Aug 2 16:39:45 2024 -0700 Merge branch 'ibmveth-rr-performance' Nick Child says: ==================== ibmveth RR performance This patchset aims to increase the ibmveth drivers small packet request response rate. These 2 patches address: 1. NAPI rescheduling technique 2. Driver-side processing of small packets Testing over several netperf tcp_rr connections, we saw a 30% increase in transactions per second. No regressions were observed in other workloads. ==================== Link: https://patch.msgid.link/20240801211215.128101-1-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski commit b5381a5540cbb7c18642a3280cb3906160bd6546 Author: Nick Child Date: Thu Aug 1 16:12:15 2024 -0500 ibmveth: Recycle buffers during replenish phase When the length of a packet is under the rx_copybreak threshold, the buffer is copied into a new skb and sent up the stack. This allows the dma mapped memory to be recycled back to FW. Previously, the reuse of the DMA space was handled immediately. This means that further packet processing has to wait until h_add_logical_lan finishes for this packet. Therefore, when reusing a packet, offload the hcall to the replenish function. As a result, much of the shared logic between the recycle and replenish functions can be removed. This change increases TCP_RR packet rate by another 15% (370k to 430k txns). We can see the ftrace data supports this: PREV: ibmveth_poll = 8078553.0 us / 190999.0 hits = AVG 42.3 us NEW: ibmveth_poll = 7632787.0 us / 224060.0 hits = AVG 34.07 us Signed-off-by: Nick Child Reviewed-by: Shannon Nelson Link: https://patch.msgid.link/20240801211215.128101-3-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski commit f128c7cf0530cd104d1370648c29eff0b582700f Author: Nick Child Date: Thu Aug 1 16:12:14 2024 -0500 ibmveth: Optimize poll rescheduling process When the ibmveth driver processes less than the budget, it must call napi_complete_done() to release the instance. This function will return false if the driver should avoid rearming interrupts. Previously, the driver was ignoring the return code of napi_complete_done(). As a result, there were unnecessary calls to enable the veth irq. Therefore, use the return code napi_complete_done() to determine if irq rearm is necessary. Additionally, in the event that new data is received immediately after rearming interrupts, rather than just rescheduling napi, also jump back to the poll processing loop since we are already in the poll function (and know that we did not expense all of budget). This slight tweak results in a 15% increase in TCP_RR transaction rate (320k to 370k txns). We can see the ftrace data supports this: PREV: ibmveth_poll = 8818014.0 us / 182802.0 hits = AVG 48.24 NEW: ibmveth_poll = 8082398.0 us / 191413.0 hits = AVG 42.22 Signed-off-by: Nick Child Reviewed-by: Shannon Nelson Link: https://patch.msgid.link/20240801211215.128101-2-nnac123@linux.ibm.com Signed-off-by: Jakub Kicinski commit 7e1d512dab5042aa1c2224ed362be79e3f22a15e Author: Simon Horman Date: Thu Aug 1 21:00:03 2024 +0100 linkmode: Change return type of linkmode_andnot to bool linkmode_andnot() simply returns the result of bitmap_andnot(). And the return type of bitmap_andnot() is bool. So it makes sense for the return type of linkmode_andnot() to also be bool. I checked all call-sites and they either ignore the return value or treat it as a bool. Compile tested only. Link: https://lore.kernel.org/netdev/68088998-4486-4930-90a4-96a32f08c490@lunn.ch/ Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240801-linkfield-bowl-v1-1-d58f68967802@kernel.org Signed-off-by: Jakub Kicinski commit d29dd11e1bb4bc50e96c0079c0b3952864833e2d Merge: 9a95b7a89dffae 9304640f2f7814 Author: Jakub Kicinski Date: Fri Aug 2 16:31:13 2024 -0700 Merge branch 'add-second-qdma-support-for-en7581-eth-controller' Lorenzo Bianconi says: ==================== Add second QDMA support for EN7581 eth controller EN7581 SoC supports two independent QDMA controllers to connect the Ethernet Frame Engine (FE) to the CPU. Introduce support for the second QDMA controller. This is a preliminary series to support multiple FE ports (e.g. connected to a second PHY controller). ==================== Link: https://patch.msgid.link/cover.1722522582.git.lorenzo@kernel.org Signed-off-by: Jakub Kicinski commit 9304640f2f78147dddf97a5ea01502ae175e41d9 Author: Lorenzo Bianconi Date: Thu Aug 1 16:35:10 2024 +0200 net: airoha: Link the gdm port to the selected qdma controller Link the running gdm port to the qdma controller used to connect with the CPU. Moreover, load all QDMA controllers available on EN7581 SoC. Signed-off-by: Lorenzo Bianconi Link: https://patch.msgid.link/95b515df34ba4727f7ae5b14a1d0462cceec84ff.1722522582.git.lorenzo@kernel.org Signed-off-by: Jakub Kicinski commit 160231e34b8e9512ba20530f3e68fb0ac499af87 Author: Lorenzo Bianconi Date: Thu Aug 1 16:35:09 2024 +0200 net: airoha: Start all qdma NAPIs in airoha_probe() This is a preliminary patch to support multi-QDMA controllers. Signed-off-by: Lorenzo Bianconi Link: https://patch.msgid.link/b51cf69c94d8cbc81e0a0b35587f024d01e6d9c0.1722522582.git.lorenzo@kernel.org Signed-off-by: Jakub Kicinski commit e618447cf492d04415007336eec025fae6e9a2ea Author: Lorenzo Bianconi Date: Thu Aug 1 16:35:08 2024 +0200 net: airoha: Allow mapping IO region for multiple qdma controllers Map MMIO regions of both qdma controllers available on EN7581 SoC. Run airoha_hw_cleanup routine for both QDMA controllers available on EN7581 SoC removing airoha_eth module or in airoha_probe error path. This is a preliminary patch to support multi-QDMA controllers. Signed-off-by: Lorenzo Bianconi Link: https://patch.msgid.link/a734ae608da14b67ae749b375d880dbbc70868ea.1722522582.git.lorenzo@kernel.org Signed-off-by: Jakub Kicinski commit e3d6bfdfc0aeb8c1d7965413b1050ec07f9761e5 Author: Lorenzo Bianconi Date: Thu Aug 1 16:35:07 2024 +0200 net: airoha: Use qdma pointer as private structure in airoha_irq_handler routine This is a preliminary patch to support multi-QDMA controllers. Signed-off-by: Lorenzo Bianconi Link: https://patch.msgid.link/1e40c3cb973881c0eb3c3c247c78550da62054ab.1722522582.git.lorenzo@kernel.org Signed-off-by: Jakub Kicinski commit 9a2500ab22f059e596942172a8e4a60ae8243ce4 Author: Lorenzo Bianconi Date: Thu Aug 1 16:35:06 2024 +0200 net: airoha: Add airoha_qdma pointer in airoha_tx_irq_queue/airoha_queue structures Move airoha_eth pointer in airoha_qdma structure from airoha_tx_irq_queue/airoha_queue ones. This is a preliminary patch to introduce support for multi-QDMA controllers available on EN7581. Signed-off-by: Lorenzo Bianconi Link: https://patch.msgid.link/074565b82fd0ceefe66e186f21133d825dbd48eb.1722522582.git.lorenzo@kernel.org Signed-off-by: Jakub Kicinski commit 19e47fc2aeda3a657c4f64144ffd6e65f7a66601 Author: Lorenzo Bianconi Date: Thu Aug 1 16:35:05 2024 +0200 net: airoha: Move irq_mask in airoha_qdma structure QDMA controllers have independent irq lines, so move irqmask in airoha_qdma structure. This is a preliminary patch to support multiple QDMA controllers. Signed-off-by: Lorenzo Bianconi Link: https://patch.msgid.link/1c8a06e8be605278a7b2f3cd8ac06e74bf5ebf2b.1722522582.git.lorenzo@kernel.org Signed-off-by: Jakub Kicinski commit 245c7bc86b198e5ec227eba6b582da73cb0721c8 Author: Lorenzo Bianconi Date: Thu Aug 1 16:35:04 2024 +0200 net: airoha: Move airoha_queues in airoha_qdma QDMA controllers available in EN7581 SoC have independent tx/rx hw queues so move them in airoha_queues structure. Signed-off-by: Lorenzo Bianconi Link: https://patch.msgid.link/795fc4797bffbf7f0a1351308aa9bf0e65b5126e.1722522582.git.lorenzo@kernel.org Signed-off-by: Jakub Kicinski commit 16874d1cf3818a5804cded8eaff634122b1d6c7c Author: Lorenzo Bianconi Date: Thu Aug 1 16:35:03 2024 +0200 net: airoha: Introduce airoha_qdma struct Introduce airoha_qdma struct and move qdma IO register mapping in airoha_qdma. This is a preliminary patch to enable both QDMA controllers available on EN7581 SoC. Signed-off-by: Lorenzo Bianconi Link: https://patch.msgid.link/7df163bdc72ee29c3d27a0cbf54522ffeeafe53c.1722522582.git.lorenzo@kernel.org Signed-off-by: Jakub Kicinski commit 9a95b7a89dffae5f1e99dd73748f144fec820292 Author: Simon Horman Date: Fri Aug 2 16:43:17 2024 +0100 eth: fbnic: select DEVLINK and PAGE_POOL Build bot reports undefined references to devlink functions. And local testing revealed undefined references to page_pool functions. Based on a patch by Jakub Kicinski Fixes: 1a9d48892ea5 ("eth: fbnic: Allocate core device specific structures and devlink interface") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202408011219.hiPmwwAs-lkp@intel.com/ Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240802-fbnic-select-v2-1-41f82a3e0178@kernel.org Signed-off-by: Jakub Kicinski commit 46619175f1b7e4f7fc5dc98547f5eca27193f8dc Author: Jakub Kicinski Date: Thu Aug 1 16:23:17 2024 -0700 selftests: net: ksft: print more of the stack for checks Print more stack frames and the failing line when check fails. This helps when tests use helpers to do the checks. Before: # At ./ksft/drivers/net/hw/rss_ctx.py line 92: # Check failed 1037698 >= 396893.0 traffic on other queues:[344612, 462380, 233020, 449174, 342298] not ok 8 rss_ctx.test_rss_context_queue_reconfigure After: # Check| At ./ksft/drivers/net/hw/rss_ctx.py, line 387, in test_rss_context_queue_reconfigure: # Check| test_rss_queue_reconfigure(cfg, main_ctx=False) # Check| At ./ksft/drivers/net/hw/rss_ctx.py, line 230, in test_rss_queue_reconfigure: # Check| _send_traffic_check(cfg, port, ctx_ref, { 'target': (0, 3), # Check| At ./ksft/drivers/net/hw/rss_ctx.py, line 92, in _send_traffic_check: # Check| ksft_lt(sum(cnts[i] for i in params['noise']), directed / 2, # Check failed 1045235 >= 405823.5 traffic on other queues (context 1)':[460068, 351995, 565970, 351579, 127270] not ok 8 rss_ctx.test_rss_context_queue_reconfigure Link: https://patch.msgid.link/20240801232317.545577-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit a48395f22b8c8687ceb77ae3014a0eabcd4bf688 Author: Stanislav Fomichev Date: Thu Aug 1 17:03:09 2024 -0700 selftests: net: ksft: replace 95 with errno.EOPNOTSUPP Petr suggested to use errno.EOPNOTSUPP instead of hard-coded 95 in the new test case. Adjust existing ones to match this style. Signed-off-by: Stanislav Fomichev Link: https://patch.msgid.link/20240802000309.2368-3-sdf@fomichev.me Signed-off-by: Jakub Kicinski commit f879306834818ebd1722a4372079610cdd466fec Author: Stanislav Fomichev Date: Thu Aug 1 17:03:08 2024 -0700 selftests: net: ksft: support marking tests as disruptive Add new @ksft_disruptive decorator to mark the tests that might be disruptive to the system. Depending on how well the previous test works in the CI we might want to disable disruptive tests by default and only let the developers run them manually. KSFT framework runs disruptive tests by default. DISRUPTIVE=False environment (or config file) can be used to disable these tests. ksft_setup should be called by the test cases that want to use new decorator (ksft_setup is only called via NetDrvEnv/NetDrvEpEnv for now). In the future we can add similar decorators to, for example, avoid running slow tests all the time. And/or have some option to run only 'fast' tests for some sort of smoke test scenario. $ DISRUPTIVE=False ./stats.py KTAP version 1 1..5 ok 1 stats.check_pause ok 2 stats.check_fec ok 3 stats.pkt_byte_sum ok 4 stats.qstat_by_ifindex ok 5 stats.check_down # SKIP marked as disruptive # Totals: pass:4 fail:0 xfail:0 xpass:0 skip:1 error:0 v3: - parse yes and properly treat non-zero nums as true (Petr) v2: - convert from cli argument to env variable (Jakub) Signed-off-by: Stanislav Fomichev Link: https://patch.msgid.link/20240802000309.2368-2-sdf@fomichev.me Signed-off-by: Jakub Kicinski commit ab1000976cc7de8e57bdef811dfcfcb6c17a929f Author: Stanislav Fomichev Date: Thu Aug 1 17:03:07 2024 -0700 selftests: net-drv: exercise queue stats when the device is down Verify that total device stats don't decrease after it has been turned down. Also make sure the device doesn't crash when we access per-queue stats when it's down (in case it tries to access some pointers that are NULL). KTAP version 1 1..5 ok 1 stats.check_pause ok 2 stats.check_fec ok 3 stats.pkt_byte_sum ok 4 stats.qstat_by_ifindex ok 5 stats.check_down # Totals: pass:5 fail:0 xfail:0 xpass:0 skip:0 error:0 v3: - use errno.EOPNOTSUPP (Petr) - move qstat[0] under try (Petr) v2: - KTAP output formatting (Jakub) - defer instead of try/finally (Jakub) - disappearing stats is an error (Jakub) - ksft_ge instead of open coding (Jakub) Signed-off-by: Stanislav Fomichev Link: https://patch.msgid.link/20240802000309.2368-1-sdf@fomichev.me Signed-off-by: Jakub Kicinski commit 49675f5bdf9ae2624b430dafda4cb29024521625 Author: Jakub Kicinski Date: Thu Aug 1 09:34:01 2024 -0700 net: remove IFF_* re-definition We re-define values of enum netdev_priv_flags as preprocessor macros with the same name. I guess this was done to avoid breaking out of tree modules which may use #ifdef X for kernel compatibility? Commit 7aa98047df95 ("net: move net_device priv_flags out from UAPI") which added the enum doesn't say. In any case, the flags with defines are quite old now, and defines for new flags don't get added. OOT drivers have to resort to code greps for compat detection, anyway. Let's delete these defines, save LoC, help LXR link to the right place. Reviewed-by: Simon Horman Reviewed-by: Jiri Pirko Link: https://patch.msgid.link/20240801163401.378723-1-kuba@kernel.org Signed-off-by: Jakub Kicinski commit 2009e808bc3e0df6d4d83e2271bc25ae63a4ac05 Author: Akshata Jahagirdar Date: Fri Aug 2 07:12:03 2024 -0700 drm/xe/xe2: Introduce performance changes Add Compression Performance Improvement Changes in Xe2 v2: Rebase v3: Rebase, updated as per latest changes on bspec, Removed unnecessary default actions (Matt) formatting nits (Tejas) v4: Formatting nits, removed default set action for bit 14 (Matt) Bspec: 72161 Signed-off-by: Akshata Jahagirdar Reviewed-by: Matt Roper Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/c2dd753fdc55df6a6432026f2df9c2684a0d25c1.1722607628.git.akshata.jahagirdar@intel.com commit cf410c1beaded9c7ba16210b36cbe9ed0e2b4d19 Merge: 218c9007851c21 2786d3f4943c47 Author: Mark Brown Date: Fri Aug 2 22:26:55 2024 +0100 ASoC/SOF/PCI/Intel: add PantherLake support Merge series from Pierre-Louis Bossart : Add initial support for the PantherLake platform, and initial ACPI configurations. commit 218c9007851c2190326ce12fd0719809a5219165 Merge: 839e231a53b824 5821d7b4981f49 Author: Mark Brown Date: Fri Aug 2 22:26:47 2024 +0100 ASoC: SOF: reshuffle and optimize structures Merge series from Pierre-Louis Bossart : pahole reports a number of sub-optimal structure definitions with holes and cache-line alignment problems, this patchset optimizes a couple of structure frequently used. No functionality change, only re-ordering of structure members. commit d196c714a54c03c81e7b5dc972814f597bfb1fac Merge: 0880f669436028 90ec3a8a7fd0d4 Author: Mark Brown Date: Fri Aug 2 21:53:04 2024 +0100 spi: Add dummy definitions for ACPI lookup functions Merge series from Richard Fitzgerald : Provide empty versions of acpi_spi_count_resources(), acpi_spi_device_alloc() and acpi_spi_find_controller_by_adev() if the real functions are not being built. This commit fixes two problems with the original definitions: 1) There wasn't an empty version of these functions 2) The #if only depended on CONFIG_ACPI. But the functions are implemented in the core spi.c so CONFIG_SPI_MASTER must also be enabled for the real functions to exist. commit f48ada402d2f1e46fa241bcc6725bdde70725e15 Author: YueHaibing Date: Fri Aug 2 17:51:47 2024 +0800 drbd: Remove unused extern declarations Commit b411b3637fa7 ("The DRBD driver") declared but never implemented drbd_read_remote(), is_valid_ar_handle() and drbd_set_recv_tcq(). And commit 668700b40a7c ("drbd: Create a dedicated workqueue for sending acks on the control connection") never implemented drbd_send_ping_wf(). Commit 2451fc3b2bd3 ("drbd: Removed the BIO_RW_BARRIER support form the receiver/epoch code") leave w_e_reissue() declaration unused. Commit 8fe605513ab4 ("drbd: Rename drbdd_init() -> drbd_receiver()") rename drbdd_init() and leave unsued declaration. Also drbd_asender() is removed in commit 1c03e52083c8 ("drbd: Rename asender to ack_receiver"). Signed-off-by: YueHaibing Link: https://lore.kernel.org/r/20240802095147.2788218-1-yuehaibing@huawei.com Signed-off-by: Jens Axboe commit 3d650ab5e7d9c4d7306e4c116f8aa9980bf13295 Author: Yonghong Song Date: Fri Aug 2 11:54:34 2024 -0700 selftests/bpf: Fix a btf_dump selftest failure Jakub reported bpf selftest "btf_dump" failure after forwarding to v6.11-rc1 with netdev. Error: #33 btf_dump Error: #33/15 btf_dump/btf_dump: var_data btf_dump_data:FAIL:find type id unexpected find type id: actual -2 < expected 0 The reason for the failure is due to commit 94ede2a3e913 ("profiling: remove stale percpu flip buffer variables") where percpu static variable "cpu_profile_flip" is removed. Let us replace "cpu_profile_flip" with a variable in bpf subsystem so whenever that variable gets deleted or renamed, we can detect the failure immediately. In this case, I picked a static percpu variable "bpf_cgrp_storage_busy" which is defined in kernel/bpf/bpf_cgrp_storage.c. Reported-by: Jakub Kicinski Signed-off-by: Yonghong Song Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240802185434.1749056-1-yonghong.song@linux.dev commit e99129e5dbf7ca87233d31ad19348f6ce8627b38 Author: Tejun Heo Date: Thu Aug 1 13:32:59 2024 -1000 sched_ext: Allow p->scx.disallow only while loading From 1232da7eced620537a78f19c8cf3d4a3508e2419 Mon Sep 17 00:00:00 2001 From: Tejun Heo Date: Wed, 31 Jul 2024 09:14:52 -1000 p->scx.disallow provides a way for the BPF scheduler to reject certain tasks from attaching. It's currently allowed for both the load and fork paths; however, the latter doesn't actually work as p->sched_class is already set by the time scx_ops_init_task() is called during fork. This is a convenience feature which is mostly useful from the load path anyway. Allow it only from the load path. v2: Trigger scx_ops_error() iff @p->policy == SCHED_EXT to make it a bit easier for the BPF scheduler (David). Signed-off-by: Tejun Heo Reported-by: "Zhangqiao (2012 lab)" Link: http://lkml.kernel.org/r/20240711110720.1285-1-zhangqiao22@huawei.com Fixes: 7bb6f0810ecf ("sched_ext: Allow BPF schedulers to disallow specific tasks from joining SCHED_EXT") Acked-by: David Vernet Signed-off-by: Tejun Heo commit 563ea1f5f85171b68f9075f5c3c22c4b521f1b5e Author: Xavier Date: Fri Aug 2 11:33:46 2024 +0800 Documentation: Fix the compilation errors in union_find.rst Fix the compilation errors and warnings caused by merging Documentation/core-api/union_find.rst and Documentation/translations/zh_CN/core-api/union_find.rst. Signed-off-by: Xavier Signed-off-by: Tejun Heo commit 839e231a53b824a62bc3696ad3ba1dcedc4f4167 Author: Christophe JAILLET Date: Mon Jul 29 19:36:05 2024 +0200 ASoC: cs43130: Constify snd_soc_component_driver struct In order to constify `snd_soc_component_driver` struct, duplicate `soc_component_dev_cs43130` into a `soc_component_dev_cs43130_digital` and `soc_component_dev_cs43130_analog`. These 2 new structures share the same .dapm_widgets and .dapm_routes arrays but differ for .num_dapm_widgets and .num_dapm_routes. In the digital case, the last entries are not taken into account. Doing so has several advantages: - `snd_soc_component_driver` can be declared as const to move their declarations to read-only sections. - code in the probe is simpler. There is no need to concatenate some arrays to handle the "analog" case - this saves some memory because all_hp_widgets and analog_hp_routes can be removed. Before : ====== text data bss dec hex filename 53965 8265 4512 66742 104b6 sound/soc/codecs/cs43130.o After : ===== text data bss dec hex filename 54409 7881 64 62354 f392 sound/soc/codecs/cs43130.o Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/1f04bb0366d9640d7ee361dae114ff79e4b381c1.1722274212.git.christophe.jaillet@wanadoo.fr Signed-off-by: Mark Brown commit b8e753128ed074fcb48e9ceded940752f6b1c19f Author: Paul E. McKenney Date: Wed Jul 24 16:51:52 2024 -0700 exit: Sleep at TASK_IDLE when waiting for application core dump Currently, the coredump_task_exit() function sets the task state to TASK_UNINTERRUPTIBLE|TASK_FREEZABLE, which usually works well. But a combination of large memory and slow (and/or highly contended) mass storage can cause application core dumps to take more than two minutes, which can cause check_hung_task(), which is invoked by check_hung_uninterruptible_tasks(), to produce task-blocked splats. There does not seem to be any reasonable benefit to getting these splats. Furthermore, as Oleg Nesterov points out, TASK_UNINTERRUPTIBLE could be misleading because the task sleeping in coredump_task_exit() really is killable, albeit indirectly. See the check of signal->core_state in prepare_signal() and the check of fatal_signal_pending() in dump_interrupted(), which bypass the normal unkillability of TASK_UNINTERRUPTIBLE, resulting in coredump_finish() invoking wake_up_process() on any threads sleeping in coredump_task_exit(). Therefore, change that TASK_UNINTERRUPTIBLE to TASK_IDLE. Reported-by: Anhad Jai Singh Signed-off-by: Paul E. McKenney Acked-by: Oleg Nesterov Cc: Jens Axboe Cc: Christian Brauner Cc: Andrew Morton Cc: "Matthew Wilcox (Oracle)" Cc: Chris Mason Cc: Rik van Riel commit 5d8491ae3b8083029ed58ae2aba66cdb70617d4d Author: ngn Date: Tue Jul 23 14:43:25 2024 +0300 PCI: shpchp: Remove hpc_ops Remove the hpc_ops struct from shpchp. This struct is unnecessary and no other hotplug controller implements it. A similar thing has already been done in pciehp with 82a9e79ef132 ("PCI: pciehp: remove hpc_ops"). Link: https://lore.kernel.org/r/Zp-XXVW4hlcMASEc@archbtw Signed-off-by: ngn Signed-off-by: Bjorn Helgaas commit e7ff4ebffe3bedf55560ef861d80f6500ff0d76f Author: Paul E. McKenney Date: Fri Aug 2 08:46:18 2024 -0700 x86/tsc: Check for sockets instead of CPUs to make code match comment The unsynchronized_tsc() eventually checks num_possible_cpus(), and if the system is non-Intel and the number of possible CPUs is greater than one, assumes that TSCs are unsynchronized. This despite the comment saying "assume multi socket systems are not synchronized", that is, socket rather than CPU. This behavior was preserved by commit 8fbbc4b45ce3 ("x86: merge tsc_init and clocksource code") and by the previous relevant commit 7e69f2b1ead2 ("clocksource: Remove the update callback"). The clocksource drivers were added by commit 5d0cf410e94b ("Time: i386 Clocksource Drivers") back in 2006, and the comment still said "socket" rather than "CPU". Therefore, bravely (and perhaps foolishly) make the code match the comment. Note that it is possible to bypass both code and comment by booting with tsc=reliable, but this also disables the clocksource watchdog, which is undesirable when trust in the TSC is strictly limited. Reported-by: Zhengxu Chen Reported-by: Danielle Costantino Signed-off-by: Paul E. McKenney Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240802154618.4149953-5-paulmck@kernel.org commit 4ac1dd3245b9067f929ab30141bb0475e9e32fc5 Author: Paul E. McKenney Date: Fri Aug 2 08:46:17 2024 -0700 clocksource: Set cs_watchdog_read() checks based on .uncertainty_margin Right now, cs_watchdog_read() does clocksource sanity checks based on WATCHDOG_MAX_SKEW, which sets a floor on any clocksource's .uncertainty_margin. These sanity checks can therefore act inappropriately for clocksources with large uncertainty margins. One reason for a clocksource to have a large .uncertainty_margin is when that clocksource has long read-out latency, given that it does not make sense for the .uncertainty_margin to be smaller than the read-out latency. With the current checks, cs_watchdog_read() could reject all normal reads from a clocksource with long read-out latencies, such as those from legacy clocksources that are no longer implemented in hardware. Therefore, recast the cs_watchdog_read() checks in terms of the .uncertainty_margin values of the clocksources involved in the timespan in question. The first covers two watchdog reads and one cs read, so use twice the watchdog .uncertainty_margin plus that of the cs. The second covers only a pair of watchdog reads, so use twice the watchdog .uncertainty_margin. Reported-by: Borislav Petkov Signed-off-by: Paul E. McKenney Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240802154618.4149953-4-paulmck@kernel.org commit f33a5d4bd9c2e545857b2cf7481eb721bcab867c Author: Paul E. McKenney Date: Fri Aug 2 08:46:16 2024 -0700 clocksource: Fix comments on WATCHDOG_THRESHOLD & WATCHDOG_MAX_SKEW The WATCHDOG_THRESHOLD macro is no longer used to supply a default value for ->uncertainty_margin, but WATCHDOG_MAX_SKEW now is. Therefore, update the comments to reflect this change. Reported-by: Borislav Petkov Signed-off-by: Paul E. McKenney Signed-off-by: Thomas Gleixner Acked-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/all/20240802154618.4149953-3-paulmck@kernel.org commit 17915131ae4660658aa779f89e9f444319861561 Author: Borislav Petkov Date: Fri Aug 2 08:46:14 2024 -0700 clocksource: Improve comments for watchdog skew bounds Add more detail on the rationale for bounding the clocksource ->uncertainty_margin below at about 500ppm. Signed-off-by: Borislav Petkov Signed-off-by: Paul E. McKenney Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240802154618.4149953-1-paulmck@kernel.org commit 531b2ca0a940ac9db03f246c8b77c4201de72b00 Author: David Woodhouse Date: Fri Aug 2 14:55:55 2024 +0100 clockevents/drivers/i8253: Fix stop sequence for timer 0 According to the data sheet, writing the MODE register should stop the counter (and thus the interrupts). This appears to work on real hardware, at least modern Intel and AMD systems. It should also work on Hyper-V. However, on some buggy virtual machines the mode change doesn't have any effect until the counter is subsequently loaded (or perhaps when the IRQ next fires). So, set MODE 0 and then load the counter, to ensure that those buggy VMs do the right thing and the interrupts stop. And then write MODE 0 *again* to stop the counter on compliant implementations too. Apparently, Hyper-V keeps firing the IRQ *repeatedly* even in mode zero when it should only happen once, but the second MODE write stops that too. Userspace test program (mostly written by tglx): ===== #include #include #include #include #include static __always_inline void __out##bwl(type value, uint16_t port) \ { \ asm volatile("out" #bwl " %" #bw "0, %w1" \ : : "a"(value), "Nd"(port)); \ } \ \ static __always_inline type __in##bwl(uint16_t port) \ { \ type value; \ asm volatile("in" #bwl " %w1, %" #bw "0" \ : "=a"(value) : "Nd"(port)); \ return value; \ } BUILDIO(b, b, uint8_t) #define inb __inb #define outb __outb #define PIT_MODE 0x43 #define PIT_CH0 0x40 #define PIT_CH2 0x42 static int is8254; static void dump_pit(void) { if (is8254) { // Latch and output counter and status outb(0xC2, PIT_MODE); printf("%02x %02x %02x\n", inb(PIT_CH0), inb(PIT_CH0), inb(PIT_CH0)); } else { // Latch and output counter outb(0x0, PIT_MODE); printf("%02x %02x\n", inb(PIT_CH0), inb(PIT_CH0)); } } int main(int argc, char* argv[]) { int nr_counts = 2; if (argc > 1) nr_counts = atoi(argv[1]); if (argc > 2) is8254 = 1; if (ioperm(0x40, 4, 1) != 0) return 1; dump_pit(); printf("Set oneshot\n"); outb(0x38, PIT_MODE); outb(0x00, PIT_CH0); outb(0x0F, PIT_CH0); dump_pit(); usleep(1000); dump_pit(); printf("Set periodic\n"); outb(0x34, PIT_MODE); outb(0x00, PIT_CH0); outb(0x0F, PIT_CH0); dump_pit(); usleep(1000); dump_pit(); dump_pit(); usleep(100000); dump_pit(); usleep(100000); dump_pit(); printf("Set stop (%d counter writes)\n", nr_counts); outb(0x30, PIT_MODE); while (nr_counts--) outb(0xFF, PIT_CH0); dump_pit(); usleep(100000); dump_pit(); usleep(100000); dump_pit(); printf("Set MODE 0\n"); outb(0x30, PIT_MODE); dump_pit(); usleep(100000); dump_pit(); usleep(100000); dump_pit(); return 0; } ===== Suggested-by: Sean Christopherson Co-developed-by: Li RongQing Signed-off-by: Li RongQing Signed-off-by: David Woodhouse Signed-off-by: Thomas Gleixner Tested-by: Michael Kelley Link: https://lore.kernel.org/all/20240802135555.564941-2-dwmw2@infradead.org commit 70e6b7d9ae3c63df90a7bba7700e8d5c300c3c60 Author: David Woodhouse Date: Fri Aug 2 14:55:54 2024 +0100 x86/i8253: Disable PIT timer 0 when not in use Leaving the PIT interrupt running can cause noticeable steal time for virtual guests. The VMM generally has a timer which toggles the IRQ input to the PIC and I/O APIC, which takes CPU time away from the guest. Even on real hardware, running the counter may use power needlessly (albeit not much). Make sure it's turned off if it isn't going to be used. Signed-off-by: David Woodhouse Signed-off-by: Thomas Gleixner Tested-by: Michael Kelley Link: https://lore.kernel.org/all/20240802135555.564941-1-dwmw2@infradead.org commit 21e97d3ca814ea59d5ddb6a734125bd006b66a60 Author: Terry Hsiao Date: Fri Aug 2 15:06:02 2024 +0800 drm/panel-edp: Fix HKC MB116AN01 name Rename HKC MB116AN01 from Unknown to MB116AN01 Signed-off-by: Terry Hsiao Reviewed-by: Douglas Anderson Signed-off-by: Douglas Anderson Link: https://patchwork.freedesktop.org/patch/msgid/20240802070602.154201-1-terry_hsiao@compal.corp-partner.google.com commit 717b432b6d55e1dcefcb5e2ec315bf66b6ab8c54 Author: Hamza Mahfooz Date: Fri Aug 2 10:59:46 2024 -0400 Revert "drm/amd: Add power_saving_policy drm property to eDP connectors" This reverts commit 9d8c094ddab05db88d183ba82e23be807848cad8. It was merged without meeting userspace requirements. Signed-off-by: Hamza Mahfooz Reviewed-by: Harry Wentland Link: https://patchwork.freedesktop.org/patch/msgid/20240802145946.48073-2-hamza.mahfooz@amd.com commit b6b242d019ed23195c81cf00eb8290d386efb83f Author: Hamza Mahfooz Date: Fri Aug 2 10:59:45 2024 -0400 Revert "drm: Introduce 'power saving policy' drm property" This reverts commit 76299a557f36d624ca32500173ad7856e1ad93c0. It was merged without meeting userspace requirements. Signed-off-by: Hamza Mahfooz Reviewed-by: Harry Wentland Link: https://patchwork.freedesktop.org/patch/msgid/20240802145946.48073-1-hamza.mahfooz@amd.com commit 07442c46abad1d50ac82af5e0f9c5de2732c4592 Author: Aleksandr Mishin Date: Wed Jul 31 01:53:39 2024 +0300 ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() In tps68470_pmic_opregion_probe() pointer 'dev' is compared to NULL which is useless. Fix this issue by removing unneeded check. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: e13452ac3790 ("ACPI / PMIC: Add TI PMIC TPS68470 operation region driver") Suggested-by: Andy Shevchenko Signed-off-by: Aleksandr Mishin Reviewed-by: Sakari Ailus Reviewed-by: Andy Shevchenko Link: https://patch.msgid.link/20240730225339.13165-1-amishin@t-argos.ru [ rjw: Subject edit ] Signed-off-by: Rafael J. Wysocki commit 5ac5f3f80aea2575a84791f0eb18eef9919684c9 Author: Li RongQing Date: Fri Jul 19 22:53:30 2024 +0800 ACPI: processor: Reduce the log level of a per-CPU message about idle states This made the CPU bootup faster, otherwise Linux spends lots of time to printing nonsense information for each CPU when there are lots of CPUs. Signed-off-by: Li RongQing Link: https://patch.msgid.link/20240719145330.9430-1-lirongqing@baidu.com [ rjw: Subject edits ] Signed-off-by: Rafael J. Wysocki commit a5242874488eba2b9062985bf13743c029821330 Author: Pei Xiao Date: Thu Jul 18 14:05:48 2024 +0800 ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() ACPICA commit 4d4547cf13cca820ff7e0f859ba83e1a610b9fd0 ACPI_ALLOCATE_ZEROED() may fail, elements might be NULL and will cause NULL pointer dereference later. Link: https://github.com/acpica/acpica/commit/4d4547cf Signed-off-by: Pei Xiao Link: https://patch.msgid.link/tencent_4A21A2865B8B0A0D12CAEBEB84708EDDB505@qq.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit bb664e50a9e0471fcaf0b2d84ee46a764cd2258d Author: Thomas Weißschuh Date: Tue Jul 9 22:37:28 2024 +0200 ACPI: sysfs: remove return value of acpi_device_setup_files() The function can not fail anymore, so drop its return value. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240709-acpi-sysfs-groups-v2-5-058ab0667fa8@weissschuh.net Signed-off-by: Rafael J. Wysocki commit cd4884724500232480cf79d8762f3cd716ba4c1b Author: Thomas Weißschuh Date: Tue Jul 9 22:37:27 2024 +0200 ACPI: sysfs: manage sysfs attributes through device core Now that the ACPI sysfs attributes are organized around an attribute_group, the device core can manage them. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240709-acpi-sysfs-groups-v2-4-058ab0667fa8@weissschuh.net [ rjw: Changelog edits ] Signed-off-by: Rafael J. Wysocki commit f6bae04a40f4441c62f4f8cd3bbe0ecf8b54033e Author: Thomas Weißschuh Date: Tue Jul 9 22:37:26 2024 +0200 ACPI: sysfs: manage attributes as attribute_group The current manual attribute management is inconsistent and brittle. Not all return values of device_create_file() are checked and the cleanup logic needs to be kept up to date manually. Moving all attributes into an attribute_group and using the is_visible() callback allows the management of all attributes as a single unit. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240709-acpi-sysfs-groups-v2-3-058ab0667fa8@weissschuh.net Signed-off-by: Rafael J. Wysocki commit 52831d9bbc9aa029aed525dfbe61cb78c1db991c Author: Thomas Weißschuh Date: Tue Jul 9 22:37:25 2024 +0200 ACPI: sysfs: evaluate _STR on each sysfs access The handling of the _STR method is inconsistent with the other method evaluations. It is the only method which is cached. The cached value stored in 'struct acpi_device_pnp' has a different lifetime than the other struct members. Commit d1efe3c324ea ("ACPI: Add new sysfs interface to export device description") does not explain this difference. Evaluating the method every time also removes the necessity to manage the lifetime of the cached value, which would be a problem when managing the sysfs attributes through the device core. Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240709-acpi-sysfs-groups-v2-2-058ab0667fa8@weissschuh.net Signed-off-by: Rafael J. Wysocki commit 4bb1e7d027413835b086aed35bc3f0713bc0f72b Author: Thomas Weißschuh Date: Tue Jul 9 22:37:24 2024 +0200 ACPI: sysfs: validate return type of _STR method Only buffer objects are valid return values of _STR. If something else is returned description_show() will access invalid memory. Fixes: d1efe3c324ea ("ACPI: Add new sysfs interface to export device description") Cc: All applicable Signed-off-by: Thomas Weißschuh Link: https://patch.msgid.link/20240709-acpi-sysfs-groups-v2-1-058ab0667fa8@weissschuh.net Signed-off-by: Rafael J. Wysocki commit 3745de7f2d00d44e098a2cae148cd9c1f1534070 Author: Ilpo Järvinen Date: Wed Jul 31 12:53:45 2024 +0300 ACPI: battery: Remove redundant NULL initalizations A local 'battery' variable is initialized to NULL on two occassions where it is unconditionally rewritten later. Remove the unnecessary initializations. Signed-off-by: Ilpo Järvinen Link: https://patch.msgid.link/20240731095345.2878-1-ilpo.jarvinen@linux.intel.com Signed-off-by: Rafael J. Wysocki commit 142acc42a7443f377b1a452ce906dc3adec91f70 Author: Muhammad Qasim Abdul Majeed Date: Sat Jul 6 13:11:03 2024 +0500 ACPI: battery: Use strscpy() instead of strcpy() Replace strcpy() with strscpy() in the ACPI battery driver. strcpy() has been deprecated because it is generally unsafe, so help to eliminate if from the kernel source. Link: https://github.com/KSPP/linux/issues/88 Signed-off-by: Muhammad Qasim Abdul Majeed Link: https://patch.msgid.link/20240706081104.14493-3-qasim.majeed20@gmail.com [ rjw: Subject and changelog edits ] Signed-off-by: Rafael J. Wysocki commit 2dce993165088dbe728faa21547e3b74213b6732 Author: Jiaxun Yang Date: Tue Jul 16 22:14:59 2024 +0800 cpu/hotplug: Provide weak fallback for arch_cpuhp_init_parallel_bringup() CONFIG_HOTPLUG_PARALLEL expects the architecture to implement arch_cpuhp_init_parallel_bringup() to decide whether paralllel hotplug is possible and to do the necessary architecture specific initialization. There are architectures which can enable it unconditionally and do not require architecture specific initialization. Provide a weak fallback for arch_cpuhp_init_parallel_bringup() so that such architectures are not forced to implement empty stub functions. Signed-off-by: Jiaxun Yang Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240716-loongarch-hotplug-v3-2-af59b3bb35c8@flygoat.com commit dc171114926ec390ab90f46534545420ec03e458 Author: Rafael J. Wysocki Date: Thu Jul 4 18:26:54 2024 +0200 ACPI: EC: Do not release locks during operation region accesses It is not particularly useful to release locks (the EC mutex and the ACPI global lock, if present) and re-acquire them immediately thereafter during EC address space accesses in acpi_ec_space_handler(). First, releasing them for a while before grabbing them again does not really help anyone because there may not be enough time for another thread to acquire them. Second, if another thread successfully acquires them and carries out a new EC write or read in the middle if an operation region access in progress, it may confuse the EC firmware, especially after the burst mode has been enabled. Finally, manipulating the locks after writing or reading every single byte of data is overhead that it is better to avoid. Accordingly, modify the code to carry out EC address space accesses entirely without releasing the locks. Signed-off-by: Rafael J. Wysocki Reviewed-by: Hans de Goede Link: https://patch.msgid.link/12473338.O9o76ZdvQC@rjwysocki.net commit c0e81a455e23f77683178b8ae32651df5841f065 Author: Jiaxun Yang Date: Tue Jul 16 22:14:58 2024 +0800 cpu/hotplug: Make HOTPLUG_PARALLEL independent of HOTPLUG_SMT Provide stub functions for SMT related parallel bring up functions so that HOTPLUG_PARALLEL can work without HOTPLUG_SMT. Signed-off-by: Jiaxun Yang Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240716-loongarch-hotplug-v3-1-af59b3bb35c8@flygoat.com commit a712f03fe8b162c922bc9eb91758254fcf9bcb08 Author: Xueqin Luo Date: Thu Aug 1 16:31:56 2024 +0800 PM: sleep: Use sysfs_emit() and sysfs_emit_at() in "show" functions As Documentation/filesystems/sysfs.rst suggested, show() should only use sysfs_emit() or sysfs_emit_at() when formatting the value to be returned to user space. No functional change intended. Signed-off-by: Xueqin Luo Link: https://patch.msgid.link/20240801083156.2513508-3-luoxueqin@kylinos.cn [ rjw: Subject edit ] Signed-off-by: Rafael J. Wysocki commit 6306653cd84f6faace2af646aedef2b90e61958a Author: Xueqin Luo Date: Thu Aug 1 16:31:55 2024 +0800 PM: hibernate: Use sysfs_emit() and sysfs_emit_at() in "show" functions As Documentation/filesystems/sysfs.rst suggested, show() should only use sysfs_emit() or sysfs_emit_at() when formatting the value to be returned to user space. No functional change intended. Signed-off-by: Xueqin Luo Link: https://patch.msgid.link/20240801083156.2513508-2-luoxueqin@kylinos.cn Signed-off-by: Rafael J. Wysocki commit 37c6dccd683797a5a4ec85d2e94939bf829d3499 Author: Qais Yousef Date: Sun Jul 28 20:26:59 2024 +0100 cpufreq: Remove LATENCY_MULTIPLIER The current LATENCY_MULTIPLIER which has been around for nearly 20 years causes rate_limit_us to be always in ms range. On M1 mac mini I get 50 and 56us transition latency, but due to the 1000 multiplier we end up setting rate_limit_us to 50 and 56ms, which gets capped into 2ms and was 10ms before e13aa799c2a6 ("cpufreq: Change default transition delay to 2ms") On Intel I5 system transition latency is 20us but due to the multiplier we end up with 20ms that again is capped to 2ms. Given how good modern hardware and how modern workloads require systems to be more responsive to cater for sudden changes in workload (tasks sleeping/wakeup/migrating, uclamp causing a sudden boost or cap) and that 2ms is quarter of the time of 120Hz refresh rate system, drop the old logic in favour of providing 50% headroom. rate_limit_us = 1.5 * latency. I considered not adding any headroom which could mean that we can end up with infinite back-to-back requests. I also considered providing a constant headroom (e.g: 100us) assuming that any h/w or f/w dealing with the request shouldn't require a large headroom when transition_latency is actually high. But for both cases I wasn't sure if h/w or f/w can end up being overwhelmed dealing with the freq requests in a potentially busy system. So I opted for providing 50% breathing room. This is expected to impact schedutil only as the other user, dbs_governor, takes the max(2*tick, transition_delay_us) and the former was at least 2ms on 1ms TICK, which is equivalent to the max_delay_us before applying this patch. For systems with TICK of 4ms, this value would have almost always ended up with 8ms sampling rate. For systems that report 0 transition latency, we still default to returning 1ms as transition delay. This helps in eliminating a source of latency for applying requests as mentioned in [1]. For example if we have a 1ms tick, most systems will miss sending an update at tick when updating the util_avg for a task/CPU (rate_limit_us will be 2ms for most systems). Link: https://lore.kernel.org/lkml/20240724212255.mfr2ybiv2j2uqek7@airbuntu/ # [1] Link: https://lore.kernel.org/lkml/20240205022500.2232124-1-qyousef@layalina.io/ Signed-off-by: Qais Yousef Link: https://patch.msgid.link/20240728192659.58115-1-qyousef@layalina.io [ rjw: Subject edits ] Signed-off-by: Rafael J. Wysocki commit 166df51097a258a14fe9e946e2157f3b75eeb3c2 Author: Dhananjay Ugwekar Date: Fri Jul 19 10:12:35 2024 +0000 powercap/intel_rapl: Add support for AMD family 1Ah AMD Family 1Ah's RAPL MSRs are identical to Family 19h's, extend Family 19h's support to Family 1Ah. Signed-off-by: Dhananjay Ugwekar Reviewed-by: Gautham R. Shenoy Link: https://patch.msgid.link/20240719101234.50827-1-Dhananjay.Ugwekar@amd.com Signed-off-by: Rafael J. Wysocki commit e0d3b845a1b10b7b5abdad7ecc69d45b2aab3209 Author: Dan Carpenter Date: Wed Jul 24 11:09:43 2024 -0500 crypto: iaa - Fix potential use after free bug The free_device_compression_mode(iaa_device, device_mode) function frees "device_mode" but it iss passed to iaa_compression_modes[i]->free() a few lines later resulting in a use after free. The good news is that, so far as I can tell, nothing implements the ->free() function and the use after free happens in dead code. But, with this fix, when something does implement it, we'll be ready. :) Fixes: b190447e0fa3 ("crypto: iaa - Add compression mode management along with fixed mode") Signed-off-by: Dan Carpenter Reviewed-by: Tom Zanussi Signed-off-by: Herbert Xu commit 2fc990581c0988ad35b41a1b4eca840deb3297e2 Author: Jeff Johnson Date: Thu Jul 18 18:14:18 2024 -0700 crypto: ppc/curve25519 - add missing MODULE_DESCRIPTION() macro Since commit 1fffe7a34c89 ("script: modpost: emit a warning when the description is missing"), a module without a MODULE_DESCRIPTION() will result in a warning with make W=1. The following warning is being observed when building ppc64le with CRYPTO_CURVE25519_PPC64=m: WARNING: modpost: missing MODULE_DESCRIPTION() in arch/powerpc/crypto/curve25519-ppc64le.o Add the missing invocation of the MODULE_DESCRIPTION() macro. Signed-off-by: Jeff Johnson Signed-off-by: Herbert Xu commit ca88a2bdd4dd371e9f248d12528b1daf10db8648 Author: Michal Witwicki Date: Wed Jul 17 07:45:00 2024 -0400 crypto: qat - allow disabling SR-IOV VFs The QAT driver allows enabling SR-IOV VFs but does not allow them to be disabled through a write to sysfs. Disabling SR-IOV VFs can be only achieved by bringing down and up a device using the attribute /sys/bus/pci/devices//qat/state. The documentation for the sysfs attribute `sriov_numvfs` specifies that "a userspace application wanting to disable the VFs would write a zero to this file". Add support for disabling SR-IOV VFs by writing '0' to the 'sriov_numvfs' attribute in sysfs. Enabling or disabling SR-IOV always requires adf_dev_down() to be called. This action subsequently leads to the deletion of the ADF_KERNEL_SEC configuration section. The keys ADF_NUM_CY and ADF_NUM_DC within that section must be set to '0', otherwise, the driver will register into the Linux Crypto Framework. Because of this, the configuration in the ADF_KERNEL_SEC section must be added before every sriov_enable. Signed-off-by: Michal Witwicki Reviewed-by: Giovanni Cabiddu Reviewed-by: Przemek Kitszel Signed-off-by: Herbert Xu commit cd8d2d74292c199b433ef77762bb1d28a4821784 Author: Michal Witwicki Date: Wed Jul 17 07:44:59 2024 -0400 crypto: qat - ensure correct order in VF restarting handler In the process of sending the ADF_PF2VF_MSGTYPE_RESTARTING message to Virtual Functions (VFs), the Physical Function (PF) should set the `vf->restarting` flag to true before dispatching the message. This change is necessary to prevent a race condition where the handling of the ADF_VF2PF_MSGTYPE_RESTARTING_COMPLETE message (which sets the `vf->restarting` flag to false) runs immediately after the message is sent, but before the flag is set to true. Set the `vf->restarting` to true before sending the message ADF_PF2VF_MSGTYPE_RESTARTING, if supported by the version of the protocol and if the VF is started. Fixes: ec26f8e6c784 ("crypto: qat - update PFVF protocol for recovery") Signed-off-by: Michal Witwicki Reviewed-by: Giovanni Cabiddu Reviewed-by: Przemek Kitszel Signed-off-by: Herbert Xu commit 6f1b5236348fced7e7691a933327694b4106bc39 Author: Michal Witwicki Date: Wed Jul 17 07:44:58 2024 -0400 crypto: qat - fix recovery flow for VFs When the PFVF protocol was updated to support version 5, i.e. ADF_PFVF_COMPAT_FALLBACK, the compatibility version for the VF was updated without supporting the message RESTARTING_COMPLETE required for such version. Add support for the ADF_VF2PF_MSGTYPE_RESTARTING_COMPLETE message in the VF drivers. This message is sent by the VF driver to the PF to notify the completion of the shutdown flow. Fixes: ec26f8e6c784 ("crypto: qat - update PFVF protocol for recovery") Signed-off-by: Michal Witwicki Reviewed-by: Giovanni Cabiddu Reviewed-by: Przemek Kitszel Signed-off-by: Herbert Xu commit b6c7d36292d50627dbe6a57fa344f87c776971e6 Author: Michal Witwicki Date: Wed Jul 17 07:44:57 2024 -0400 crypto: qat - disable IOV in adf_dev_stop() Disabling IOV has the side effect of re-enabling the AEs that might attempt to do DMAs into the heartbeat buffers. Move the disable_iov() function in adf_dev_stop() before the AEs are stopped. Fixes: ed8ccaef52fa ("crypto: qat - Add support for SRIOV") Signed-off-by: Michal Witwicki Reviewed-by: Giovanni Cabiddu Reviewed-by: Przemek Kitszel Signed-off-by: Herbert Xu commit 4e190a5740aedc37654335089e7923bc8109dc3a Author: Adam Guerin Date: Wed Jul 17 07:44:56 2024 -0400 crypto: qat - preserve ADF_GENERAL_SEC The ADF_GENERAL_SEC configuration section contains values that must be preserved during state transitions (down -> up, up -> down). This patch modifies the logic in adf_dev_shutdown() to maintain all key values within this section, rather than selectively saving and restoring only the ADF_SERVICES_ENABLED attribute. To achieve this, a new function has been introduced that deletes all configuration sections except for the one specified by name. This function is invoked during adf_dev_down(), with ADF_GENERAL_SEC as the argument. Consequently, the adf_dev_shutdown_cache_cfg() function has been removed as it is now redundant. Additionally, this patch eliminates the cache_config parameter from the adf_dev_down() function since ADF_GENERAL_SEC should always be retained. This change does not cause any side effects because all entries in the key-value store are cleared when a module is unloaded. Signed-off-by: Adam Guerin Co-developed-by: Michal Witwicki Signed-off-by: Michal Witwicki Reviewed-by: Giovanni Cabiddu Reviewed-by: Przemek Kitszel Signed-off-by: Herbert Xu commit 47d96252099a7184b4bad852fcfa3c233c1d2f71 Author: Jia He Date: Mon Jul 15 07:20:23 2024 +0000 crypto: arm64/poly1305 - move data to rodata section When objtool gains support for ARM in the future, it may encounter issues disassembling the following data in the .text section: > .Lzeros: > .long 0,0,0,0,0,0,0,0 > .asciz "Poly1305 for ARMv8, CRYPTOGAMS by \@dot-asm" > .align 2 Move it to .rodata which is a more appropriate section for read-only data. Signed-off-by: Jia He Signed-off-by: Herbert Xu commit a1c2716738b7ba9e912e04872639dd39c72baa35 Author: Yue Haibing Date: Fri Aug 2 18:10:44 2024 +0800 ASoC: fsl: lpc3xxx: Make some symbols static These symbols are not used outside of the files, make them static to fix sparse warnings: sound/soc/fsl/lpc3xxx-i2s.c:261:30: warning: symbol 'lpc3xxx_i2s_dai_ops' was not declared. Should it be static? sound/soc/fsl/lpc3xxx-i2s.c:271:27: warning: symbol 'lpc3xxx_i2s_dai_driver' was not declared. Should it be static? sound/soc/fsl/lpc3xxx-pcm.c:55:39: warning: symbol 'lpc3xxx_soc_platform_driver' was not declared. Should it be static? Signed-off-by: Yue Haibing Link: https://patch.msgid.link/20240802101044.3302251-1-yuehaibing@huawei.com Signed-off-by: Mark Brown commit 11c2d223713b7a7fee848595e9f582d34adc552b Author: Christophe JAILLET Date: Thu Aug 1 22:30:05 2024 +0200 ASoC: sti-sas: Constify snd_soc_component_driver struct In order to constify `snd_soc_component_driver` struct, simplify the logic and the `sti_sas_dev_data` struct. Since commit 165a57a3df02 ("ASoC: sti-sas: clean legacy in sti-sas") only only chip is supported and `sti_sas_driver` can be fully defined at compilation time. Before: ====== text data bss dec hex filename 8033 1547 16 9596 257c sound/soc/codecs/sti-sas.o After: ===== text data bss dec hex filename 8257 1163 16 9436 24dc sound/soc/codecs/sti-sas.o Signed-off-by: Christophe JAILLET Link: https://patch.msgid.link/2c08558813e3bbfae0a5302199cf6ca226e7cde1.1722544073.git.christophe.jaillet@wanadoo.fr Signed-off-by: Mark Brown commit 92b796845a4a8789c2d9434c6a77baa88a99121e Author: Shenghao Ding Date: Fri Aug 2 15:20:52 2024 +0800 ASoC: tas2781: Fix a compiling warning reported by robot kernel test due to adding tas2563_dvc_table Move tas2563_dvc_table into a separate Header file, as only tas2781 codec driver use this table, and hda side codec driver won't use it. Fixes: 75ed63a5ab5d ("ASoC: tas2781: Add new Kontrol to set tas2563 digital Volume") Signed-off-by: Shenghao Ding Link: https://patch.msgid.link/20240802072055.1462-1-shenghao-ding@ti.com Signed-off-by: Mark Brown commit 5821d7b4981f4915ab353f538be38defe9656f81 Author: Pierre-Louis Bossart Date: Fri Aug 2 14:46:09 2024 +0200 ASoC: SOF: sof-audio.h: optimize snd_sof_pcm_stream_pipeline_list Invert members to remove hole. Signed-off-by: Pierre-Louis Bossart Reviewed-by: Ranjani Sridharan Reviewed-by: Péter Ujfalusi Link: https://patch.msgid.link/20240802124609.188954-5-pierre-louis.bossart@linux.intel.com Signed-off-by: Mark Brown commit 5a4413d0fa8d0a438246acaf81637d71aab1b6a0 Author: Pierre-Louis Bossart Date: Fri Aug 2 14:46:08 2024 +0200 ASoC: SOF: sof-priv.h: optimize snd_sof_ipc_msg Move waitq to make sure it's entirely in the same cache line, and move ipc_complete to reduce padding. struct snd_sof_ipc_msg { void * msg_data; /* 0 8 */ void * reply_data; /* 8 8 */ size_t msg_size; /* 16 8 */ size_t reply_size; /* 24 8 */ int reply_error; /* 32 4 */ bool ipc_complete; /* 36 1 */ /* XXX 3 bytes hole, try to pack */ wait_queue_head_t waitq; /* 40 88 */ /* --- cacheline 2 boundary (128 bytes) --- */ void * rx_data; /* 128 8 */ /* size: 136, cachelines: 3, members: 8 */ /* sum members: 133, holes: 1, sum holes: 3 */ /* last cacheline: 8 bytes */ }; Signed-off-by: Pierre-Louis Bossart Reviewed-by: Ranjani Sridharan Reviewed-by: Péter Ujfalusi Link: https://patch.msgid.link/20240802124609.188954-4-pierre-louis.bossart@linux.intel.com Signed-off-by: Mark Brown commit e9e7eeaf199c7961d634235dbedeb7b682b1dd32 Author: Pierre-Louis Bossart Date: Fri Aug 2 14:46:07 2024 +0200 ASoC: SOF: sof-priv.h: optimize snd_sof_mailbox Reverse the two members to remove a hole. Signed-off-by: Pierre-Louis Bossart Reviewed-by: Ranjani Sridharan Reviewed-by: Péter Ujfalusi Link: https://patch.msgid.link/20240802124609.188954-3-pierre-louis.bossart@linux.intel.com Signed-off-by: Mark Brown commit cac88e96ba0961921b8068326579b26094f37ba4 Author: Pierre-Louis Bossart Date: Fri Aug 2 14:46:06 2024 +0200 ASoC: SOF: sof-priv.h: optimize snd_sof_platform_stream_params reshuffle members to remove hole. Signed-off-by: Pierre-Louis Bossart Reviewed-by: Ranjani Sridharan Reviewed-by: Péter Ujfalusi Link: https://patch.msgid.link/20240802124609.188954-2-pierre-louis.bossart@linux.intel.com Signed-off-by: Mark Brown commit 2786d3f4943c472c10dd630ec3e0a1a892181562 Author: Bard Liao Date: Fri Aug 2 14:40:11 2024 +0200 ASoC: Intel: soc-acpi-intel-ptl-match: Add rt722 support This patch adds match table for rt722 multiple function codec on link 0 and link3. The topology does not internally refer to link0 or link3, so we can simplify and use the same topology file name. We do need different tables though. Reviewed-by: Ranjani Sridharan Reviewed-by: Péter Ujfalusi Signed-off-by: Bard Liao Signed-off-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240802124011.173820-6-pierre-louis.bossart@linux.intel.com Signed-off-by: Mark Brown commit 77a6869afbbfad0db297e9e4b9233aac209d5385 Author: Bard Liao Date: Fri Aug 2 14:40:10 2024 +0200 ASoC: Intel: soc-acpi-intel-ptl-match: add rt711-sdca table Add rt711-sdca on sdw link0. Reviewed-by: Péter Ujfalusi Reviewed-by: Ranjani Sridharan Signed-off-by: Bard Liao Signed-off-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240802124011.173820-5-pierre-louis.bossart@linux.intel.com Signed-off-by: Mark Brown commit 3f8c8027775901c13d1289b4c54e024d3d5d982a Author: Pierre-Louis Bossart Date: Fri Aug 2 14:40:09 2024 +0200 ASoC: SOF: Intel: add initial support for PTL Clone LNL for now. Reviewed-by: Péter Ujfalusi Reviewed-by: Ranjani Sridharan Reviewed-by: Bard Liao Signed-off-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240802124011.173820-4-pierre-louis.bossart@linux.intel.com Signed-off-by: Mark Brown commit 42b4763ab301c5604343aa49774426d5005711a3 Author: Fred Oh Date: Fri Aug 2 14:40:08 2024 +0200 ASoC: SOF: Intel: add PTL specific power control register PTL has some differences from MTL/LNL. Need to use different register to power up. Reviewed-by: Ranjani Sridharan Reviewed-by: Bard Liao Reviewed-by: Péter Ujfalusi Signed-off-by: Fred Oh Signed-off-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240802124011.173820-3-pierre-louis.bossart@linux.intel.com Signed-off-by: Mark Brown commit 6a965fbaac461564ae74dbfe6d9c9e9de65ea67a Author: Pierre-Louis Bossart Date: Fri Aug 2 14:40:07 2024 +0200 ASoC: Intel: soc-acpi: add PTL match tables For now the tables are basic for mockup devices and headset codec support Reviewed-by: Péter Ujfalusi Reviewed-by: Ranjani Sridharan Reviewed-by: Bard Liao Signed-off-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240802124011.173820-2-pierre-louis.bossart@linux.intel.com Signed-off-by: Mark Brown commit bb4531976523c6e394188c4f4a7eeaf5e9efdd48 Author: Anshuman Khandual Date: Fri Aug 2 14:26:01 2024 +0530 irqchip/gic-v4.1: Replace bare number with ID_AA64PFR0_EL1_GIC_V4P1 Use ID_AA64PFR0_EL1_GIC_V4P1 instead of '3' in gic_cpuif_has_vsgi() to check for the GIC version. Signed-off-by: Anshuman Khandual Signed-off-by: Thomas Gleixner Reviewed-by: Zenghui Yu Acked-by: Marc Zyngier Link: https://lore.kernel.org/all/20240802085601.1824057-1-anshuman.khandual@arm.com commit ab9a244c396aae4aaa34b2399b82fc15ec2df8c1 Author: Helge Deller Date: Mon Jul 8 14:24:52 2024 +0200 crypto: xor - fix template benchmarking Commit c055e3eae0f1 ("crypto: xor - use ktime for template benchmarking") switched from using jiffies to ktime-based performance benchmarking. This works nicely on machines which have a fine-grained ktime() clocksource as e.g. x86 machines with TSC. But other machines, e.g. my 4-way HP PARISC server, don't have such fine-grained clocksources, which is why it seems that 800 xor loops take zero seconds, which then shows up in the logs as: xor: measuring software checksum speed 8regs : -1018167296 MB/sec 8regs_prefetch : -1018167296 MB/sec 32regs : -1018167296 MB/sec 32regs_prefetch : -1018167296 MB/sec Fix this with some small modifications to the existing code to improve the algorithm to always produce correct results without introducing major delays for architectures with a fine-grained ktime() clocksource: a) Delay start of the timing until ktime() just advanced. On machines with a fast ktime() this should be just one additional ktime() call. b) Count the number of loops. Run at minimum 800 loops and finish earliest when the ktime() counter has progressed. With that the throughput can now be calculated more accurately under all conditions. Fixes: c055e3eae0f1 ("crypto: xor - use ktime for template benchmarking") Signed-off-by: Helge Deller Tested-by: John David Anglin v2: - clean up coding style (noticed & suggested by Herbert Xu) - rephrased & fixed typo in commit message Signed-off-by: Herbert Xu commit 0f127178892ec54553da2e3975e23979709b5ff9 Author: Jeff Johnson Date: Mon Jul 22 10:14:32 2024 -0700 cpufreq: powerpc: add missing MODULE_DESCRIPTION() macros With ARCH=powerpc, make allmodconfig && make W=1 C=1 reports: WARNING: modpost: missing MODULE_DESCRIPTION() in drivers/cpufreq/ppc-cbe-cpufreq.o WARNING: modpost: missing MODULE_DESCRIPTION() in drivers/cpufreq/powernv-cpufreq.o Add the missing invocation of the MODULE_DESCRIPTION() macro to all files which have a MODULE_LICENSE(). This includes three additional files which, although they did not produce a warning with the powerpc allmodconfig configuration, may cause this warning with specific options enabled in the kernel configuration. Signed-off-by: Jeff Johnson Acked-by: Michael Ellerman (powerpc) Acked-by: Viresh Kumar Link: https://patch.msgid.link/20240722-md-powerpc-drivers-cpufreq-v2-1-bb84d715eb3d@quicinc.com Signed-off-by: Rafael J. Wysocki commit 6998a73efbb8a87f4dd0bddde90b7f5b0d47b5e0 Author: Keith Lucas Date: Fri Aug 2 06:13:18 2024 +0000 selftests/mm: Add new testcases for pkeys Add a few new tests to exercise the signal handler flow, especially with PKEY 0 disabled: - Verify that the SIGSEGV handler is invoked when pkey 0 is disabled. - Verify that a thread which disables PKEY 0 segfaults with PKUERR when accessing the stack. - Verify that the SIGSEGV handler that uses an alternate signal stack is correctly invoked when the thread disabled PKEY 0 - Verify that the PKRU value set by the application is correctly restored upon return from signal handling. - Verify that sigreturn() is able to restore the altstack even if the thread had PKEY 0 disabled [ Aruna: Adapted to upstream ] [ tglx: Made it actually compile. Restored protection_keys compile. Added useful info to the changelog instead of bare function names. ] Signed-off-by: Keith Lucas Signed-off-by: Aruna Ramakrishna Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240802061318.2140081-6-aruna.ramakrishna@oracle.com commit d10b554919d4cc8fa8fe2e95b57ad2624728c8e4 Author: Aruna Ramakrishna Date: Fri Aug 2 06:13:17 2024 +0000 x86/pkeys: Restore altstack access in sigreturn() A process can disable access to the alternate signal stack by not enabling the altstack's PKEY in the PKRU register. Nevertheless, the kernel updates the PKRU temporarily for signal handling. However, in sigreturn(), restore_sigcontext() will restore the PKRU to the user-defined PKRU value. This will cause restore_altstack() to fail with a SIGSEGV as it needs read access to the altstack which is prohibited by the user-defined PKRU value. Fix this by restoring altstack before restoring PKRU. Signed-off-by: Aruna Ramakrishna Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240802061318.2140081-5-aruna.ramakrishna@oracle.com commit 70044df250d022572e26cd301bddf75eac1fe50e Author: Aruna Ramakrishna Date: Fri Aug 2 06:13:16 2024 +0000 x86/pkeys: Update PKRU to enable all pkeys before XSAVE If the alternate signal stack is protected by a different PKEY than the current execution stack, copying XSAVE data to the sigaltstack will fail if its PKEY is not enabled in the PKRU register. It's unknown which pkey was used by the application for the altstack, so enable all PKEYS before XSAVE. But this updated PKRU value is also pushed onto the sigframe, which means the register value restored from sigcontext will be different from the user-defined one, which is incorrect. Fix that by overwriting the PKRU value on the sigframe with the original, user-defined PKRU. Signed-off-by: Aruna Ramakrishna Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240802061318.2140081-4-aruna.ramakrishna@oracle.com commit 84ee6e8d195e4af4c6c4c961bbf9266bdc8b90ac Author: Aruna Ramakrishna Date: Fri Aug 2 06:13:15 2024 +0000 x86/pkeys: Add helper functions to update PKRU on the sigframe In the case where a user thread sets up an alternate signal stack protected by the default PKEY (i.e. PKEY 0), while the thread's stack is protected by a non-zero PKEY, both these PKEYS have to be enabled in the PKRU register for the signal to be delivered to the application correctly. However, the PKRU value restored after handling the signal must not enable this extra PKEY (i.e. PKEY 0) - i.e., the PKRU value in the sigframe has to be overwritten with the user-defined value. Add helper functions that will update PKRU value in the sigframe after XSAVE. Note that sig_prepare_pkru() makes no assumption about which PKEY could be used to protect the altstack (i.e. it may not be part of init_pkru), and so enables all PKEYS. No functional change. Signed-off-by: Aruna Ramakrishna Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240802061318.2140081-3-aruna.ramakrishna@oracle.com commit 24cf2bc982ffe02aeffb4a3885c71751a2c7023b Author: Aruna Ramakrishna Date: Fri Aug 2 06:13:14 2024 +0000 x86/pkeys: Add PKRU as a parameter in signal handling functions Assume there's a multithreaded application that runs untrusted user code. Each thread has its stack/code protected by a non-zero PKEY, and the PKRU register is set up such that only that particular non-zero PKEY is enabled. Each thread also sets up an alternate signal stack to handle signals, which is protected by PKEY zero. The PKEYs man page documents that the PKRU will be reset to init_pkru when the signal handler is invoked, which means that PKEY zero access will be enabled. But this reset happens after the kernel attempts to push fpu state to the alternate stack, which is not (yet) accessible by the kernel, which leads to a new SIGSEGV being sent to the application, terminating it. Enabling both the non-zero PKEY (for the thread) and PKEY zero in userspace will not work for this use case. It cannot have the alt stack writeable by all - the rationale here is that the code running in that thread (using a non-zero PKEY) is untrusted and should not have access to the alternate signal stack (that uses PKEY zero), to prevent the return address of a function from being changed. The expectation is that kernel should be able to set up the alternate signal stack and deliver the signal to the application even if PKEY zero is explicitly disabled by the application. The signal handler accessibility should not be dictated by whatever PKRU value the thread sets up. The PKRU register is managed by XSAVE, which means the sigframe contents must match the register contents - which is not the case here. It's required that the signal frame contains the user-defined PKRU value (so that it is restored correctly from sigcontext) but the actual register must be reset to init_pkru so that the alt stack is accessible and the signal can be delivered to the application. It seems that the proper fix here would be to remove PKRU from the XSAVE framework and manage it separately, which is quite complicated. As a workaround, do this: orig_pkru = rdpkru(); wrpkru(orig_pkru & init_pkru_value); xsave_to_user_sigframe(); put_user(pkru_sigframe_addr, orig_pkru) In preparation for writing PKRU to sigframe, pass PKRU as an additional parameter down the call chain from get_sigframe(). No functional change. Signed-off-by: Aruna Ramakrishna Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240802061318.2140081-2-aruna.ramakrishna@oracle.com commit 4436e6da008fee87d54c038e983e5be9a6baf8fb Merge: b7c35279e0da41 8400291e289ee6 Author: Thomas Gleixner Date: Fri Aug 2 14:10:55 2024 +0200 Merge branch 'linus' into x86/mm Bring x86 and selftests up to date commit 8ecd953ca5850d2f83f548d4bbcf672d2d2cd0ca Author: Rafael J. Wysocki Date: Mon Jul 29 18:12:45 2024 +0200 thermal: trip: Drop thermal_zone_get_trip() There are no more callers of thermal_zone_get_trip() in the tree, so drop it. No functional impact. Signed-off-by: Rafael J. Wysocki Reviewed-by: Lukasz Luba Link: https://patch.msgid.link/2220301.Mh6RI2rZIc@rjwysocki.net commit 79f194dd54cef3a0212914cd79dda1f91b7bf7f6 Author: Rafael J. Wysocki Date: Mon Jul 29 18:11:29 2024 +0200 thermal: trip: Get rid of thermal_zone_get_num_trips() The only existing caller of thermal_zone_get_num_trips(), which is rcar_gen3_thermal_probe(), uses this function to put the number of trip points into a kernel log message, but this information is also available from the thermal sysfs interface. For this reason, remove the thermal_zone_get_num_trips() call from rcar_gen3_thermal_probe() and drop the former altogether. Signed-off-by: Rafael J. Wysocki Reviewed-by: Niklas Söderlund Reviewed-by: Lukasz Luba Link: https://patch.msgid.link/2636988.Lt9SDvczpP@rjwysocki.net commit 96d819908de094d7169915b993c9ecccf326049e Author: Rafael J. Wysocki Date: Fri Aug 2 13:56:04 2024 +0200 thermal: helpers: Drop get_thermal_instance() There are no more users of get_thermal_instance(), so drop it. While at it, replace get_instance() returning a pointer to struct thermal_instance with thermal_instance_present() returning a bool which is more straightforward. No functional impact. Signed-off-by: Rafael J. Wysocki Reviewed-by: Lukasz Luba Link: https://patch.msgid.link/2014591.usQuhbGJ8B@rjwysocki.net [ rjw: Dropped get_thermal_instance() documentation ] Signed-off-by: Rafael J. Wysocki commit 5136f99b9a4a63dc81924a05d256ad5829cbefa6 Author: Rafael J. Wysocki Date: Thu Aug 1 14:09:30 2024 +0200 thermal: tegra: Use thermal_zone_for_each_trip() for walking trip points It is generally inefficient to iterate over trip indices and call thermal_zone_get_trip() every time to get the struct thermal_trip corresponding to the given trip index, so modify the Tegra thermal drivers to use thermal_zone_for_each_trip() for walking trips. Signed-off-by: Rafael J. Wysocki Reviewed-by: Lukasz Luba Link: https://patch.msgid.link/1819430.VLH7GnMWUR@rjwysocki.net [ rjw: Dropped an unused local variable ] Signed-off-by: Rafael J. Wysocki commit 289a54f6115a95041bfddd7363676e8bf4d1803e Author: Rafael J. Wysocki Date: Mon Jul 29 18:02:22 2024 +0200 thermal: tegra: Introduce struct trip_temps for critical and hot trips Introduce a helper structure, struct trip_temps, for storing the temperatures of the critical and hot trip points. This helps to make the code in tegra_tsensor_get_hw_channel_trips() somewhat cleaner and will be useful subsequently in eliminating iteration over trip indices from the driver. No intentional functional impact. Signed-off-by: Rafael J. Wysocki Reviewed-by: Lukasz Luba Link: https://patch.msgid.link/9333090.CDJkKcVGEf@rjwysocki.net commit ab446887ea7753e712cd3b6f54e5786bbb7b1e33 Author: Rafael J. Wysocki Date: Mon Jul 29 17:58:56 2024 +0200 thermal: qcom: Use thermal_zone_get_crit_temp() in qpnp_tm_init() Modify qpnp_tm_init() to use thermal_zone_get_crit_temp() to get the critical trip temperature instead of iterating over trip indices and using thermal_zone_get_trip() to get a struct thermal_trip pointer from a trip index until it finds the critical one. Signed-off-by: Rafael J. Wysocki Reviewed-by: Lukasz Luba Link: https://patch.msgid.link/7712228.EvYhyI6sBW@rjwysocki.net commit 1ac1503cffd84aa7a6e699426de3e6308c9c34b6 Author: Rafael J. Wysocki Date: Fri Aug 2 13:41:02 2024 +0200 thermal: hisi: Use thermal_zone_for_each_trip() in hisi_thermal_register_sensor() Modify hisi_thermal_register_sensor() to use thermal_zone_for_each_trip() for walking trip points instead of iterating over trip indices and using thermal_zone_get_trip() to get a struct thermal_trip pointer from a trip index. Signed-off-by: Rafael J. Wysocki Reviewed-by: Lukasz Luba Link: https://patch.msgid.link/1994088.PYKUYFuaPT@rjwysocki.net [ rjw: Dropped two unused local variables ] Signed-off-by: Rafael J. Wysocki commit 5df9809c424fb889eb4ad44f856196d86aa389f7 Author: Rafael J. Wysocki Date: Mon Jul 29 17:53:59 2024 +0200 thermal: broadcom: Use thermal_zone_get_crit_temp() in bcm2835_thermal_probe() Modify the bcm2835 thermal driver to use thermal_zone_get_crit_temp() in bcm2835_thermal_probe() instead of relying on the assumption that the critical trip index will always be 0. Signed-off-by: Rafael J. Wysocki Reviewed-by: Florian Fainelli Reviewed-by: Lukasz Luba Link: https://patch.msgid.link/3322893.aeNJFYEL58@rjwysocki.net commit c147f663b6a5813b9860f3917cc473fb2c462d8d Author: Javier Carrasco Date: Tue Jul 30 07:54:37 2024 +0200 clang-format: Update with v6.11-rc1's `for_each` macro list Re-run the shell fragment that generated the original list. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240730-clang-format-for-each-macro-update-v2-1-254fca862c97@gmail.com Signed-off-by: Miguel Ojeda commit 19591e1a8a2e9e8ff53cc3121e6650bbf02f8403 Author: Jason Gerecke Date: Tue Jul 30 08:51:59 2024 -0700 HID: wacom: Support devices with two touchrings If a device has more than one touchring, we want to be sure that userspace is able to distinguish them. Following previous standards, the first absolute ring will be reported as ABS_WHEEL and the second as ABS_THROTTLE. Relative rings will use REL_WHEEL_HI_RES / REL_WHEEL for the first and REL_HWHEEL_HI_RES / REL_HWHEEL for the second. Signed-off-by: Jason Gerecke Signed-off-by: Jiri Kosina commit 7ca234e3ae457f6941601d58db22736cd133ef4c Author: Jason Gerecke Date: Tue Jul 30 08:51:58 2024 -0700 HID: wacom: Add preliminary support for high-resolution wheel scrolling Modern userspace (i.e. libinput) will make use of high-resolution scrolling if supported. Hardware does not currently set a resolution multiplier needed for effective high-res scrolling, but we can still write code to support it in the future. Signed-off-by: Jason Gerecke Signed-off-by: Jiri Kosina commit 7525a0bd928e3a5d6dcea6a38cc5ce88f45d27a9 Author: Jason Gerecke Date: Tue Jul 30 08:51:57 2024 -0700 HID: wacom: Support touchrings with relative motion If a touchring is configured to send relative events (e.g. +1 or -1 every time some bit of rotational distance is covered), we should similarly send relative events up to userspace. Previous non-HID tablets used REL_WHEEL to send this kind of information, so we opt to use this same axis since userspace (xf86-input-wacom and libinput) already expects this kind of behavior from the Wacom kernel driver. Signed-off-by: Jason Gerecke Signed-off-by: Jiri Kosina commit 3152301ff28872255461484b3dc831e2bf0f28db Author: Jason Gerecke Date: Tue Jul 30 08:51:56 2024 -0700 HID: wacom: Improve warning for tablets falling back to default resolution When we encounter a usage mapped to ABS_X or ABS_Y which has a calculated resolution of 0, we want to warn the user of this before setting a default value. The previous language used the word "usage" but then printed out the value of a "code" instead. We can improve this. Signed-off-by: Jason Gerecke Signed-off-by: Jiri Kosina commit 6edb8cd87cca5dd4389d4ea2d84b66ea94341bbd Author: Kerem Karabay Date: Fri Jul 5 11:17:42 2024 +0000 HID: core: add helper for finding a field with a certain usage This helper will allow HID drivers to easily determine if they should bind to a hid_device by checking for the prescence of a certain field when its ID is not enough, which can be the case on USB devices with multiple interfaces and/or configurations. Convert google-hammer driver to use it, and remove now superfluous hammer_has_usage(). [jkosina@suse.com: expand changelog with the information about google-hammer being added as user of this API ] Signed-off-by: Kerem Karabay Signed-off-by: Aditya Garg Signed-off-by: Jiri Kosina commit 12026d2034dfeb575e0eb28f33431cbf03dc732c Author: Oleg Nesterov Date: Thu Aug 1 15:27:49 2024 +0200 uprobes: shift put_uprobe() from delete_uprobe() to uprobe_unregister() Kill the extra get_uprobe() + put_uprobe() in uprobe_unregister() and move the possibly final put_uprobe() from delete_uprobe() to its only caller, uprobe_unregister(). Signed-off-by: Oleg Nesterov Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Jiri Olsa Acked-by: Andrii Nakryiko Acked-by: "Masami Hiramatsu (Google)" Link: https://lore.kernel.org/r/20240801132749.GA8817@redhat.com commit 70408bebba94a63ea11471ed00168cd8606a9328 Author: Oleg Nesterov Date: Thu Aug 1 15:27:44 2024 +0200 uprobes: fold __uprobe_unregister() into uprobe_unregister() Fold __uprobe_unregister() into its single caller, uprobe_unregister(). A separate patch to simplify the next change. Signed-off-by: Oleg Nesterov Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Jiri Olsa Acked-by: Andrii Nakryiko Acked-by: "Masami Hiramatsu (Google)" Link: https://lore.kernel.org/r/20240801132744.GA8814@redhat.com commit bb18c5de1c288050ef8bd4af4ca16896ad4cd3fc Author: Oleg Nesterov Date: Thu Aug 1 15:27:39 2024 +0200 uprobes: change uprobe_register() to use uprobe_unregister() instead of __uprobe_unregister() If register_for_each_vma() fails uprobe_register() can safely drop uprobe->register_rwsem and use uprobe_unregister(). There is no worry about the races with another register/unregister, consumer_add() was already called so this case doesn't differ from _unregister() right after the successful _register(). Yes this means the extra up_write() + down_write(), but this is the slow and unlikely case anyway. Signed-off-by: Oleg Nesterov Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Jiri Olsa Acked-by: Andrii Nakryiko Acked-by: "Masami Hiramatsu (Google)" Link: https://lore.kernel.org/r/20240801132739.GA8809@redhat.com commit 3c83a9ad0295eb63bdeb81d821b8c3b9417fbcac Author: Oleg Nesterov Date: Thu Aug 1 15:27:34 2024 +0200 uprobes: make uprobe_register() return struct uprobe * This way uprobe_unregister() and uprobe_apply() can use "struct uprobe *" rather than inode + offset. This simplifies the code and allows to avoid the unnecessary find_uprobe() + put_uprobe() in these functions. TODO: uprobe_unregister() still needs get_uprobe/put_uprobe to ensure that this uprobe can't be freed before up_write(&uprobe->register_rwsem). Co-developed-by: Andrii Nakryiko Signed-off-by: Andrii Nakryiko Signed-off-by: Oleg Nesterov Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Jiri Olsa Link: https://lore.kernel.org/r/20240801132734.GA8803@redhat.com commit e04332ebc8ac128fa551e83f1161ab1c094d13a9 Author: Oleg Nesterov Date: Thu Aug 1 15:27:28 2024 +0200 uprobes: kill uprobe_register_refctr() It doesn't make any sense to have 2 versions of _register(). Note that trace_uprobe_enable(), the only user of uprobe_register(), doesn't need to check tu->ref_ctr_offset to decide which one should be used, it could safely pass ref_ctr_offset == 0 to uprobe_register_refctr(). Add this argument to uprobe_register(), update the callers, and kill uprobe_register_refctr(). Signed-off-by: Oleg Nesterov Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Jiri Olsa Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240801132728.GA8800@redhat.com commit db61e6a4eee5a7884b2cafeaf407895f253bbaa7 Author: Jiri Olsa Date: Thu Aug 1 15:27:24 2024 +0200 selftests/bpf: fix uprobe.path leak in bpf_testmod testmod_unregister_uprobe() forgets to path_put(&uprobe.path). Signed-off-by: Jiri Olsa Signed-off-by: Oleg Nesterov Signed-off-by: Peter Zijlstra (Intel) Link: https://lore.kernel.org/r/20240801132724.GA8791@redhat.com commit 7c2bae2d9c27a89280b63ff3567d2dac2d89db28 Author: Andrii Nakryiko Date: Thu Aug 1 15:27:19 2024 +0200 uprobes: simplify error handling for alloc_uprobe() Return -ENOMEM instead of NULL, which makes caller's error handling just a touch simpler. Signed-off-by: Andrii Nakryiko Signed-off-by: Oleg Nesterov Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: "Masami Hiramatsu (Google)" Reviewed-by: Jiri Olsa Link: https://lore.kernel.org/r/20240801132719.GA8788@redhat.com commit 300b05621a3f85621130e356ca6ae90f6a4eec0e Author: Oleg Nesterov Date: Thu Aug 1 15:27:14 2024 +0200 uprobes: is_trap_at_addr: don't use get_user_pages_remote() get_user_pages_remote() and the comment above it make no sense. There is no task_struct passed into get_user_pages_remote() anymore, and nowadays mm_account_fault() increments the current->min/maj_flt counters regardless of FAULT_FLAG_REMOTE. Reported-by: Andrii Nakryiko Signed-off-by: Oleg Nesterov Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Jiri Olsa Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240801132714.GA8783@redhat.com commit 84455e6923c79a37812930787aaa141e82afe315 Author: Oleg Nesterov Date: Thu Aug 1 15:27:09 2024 +0200 uprobes: document the usage of mm->mmap_lock The comment above uprobe_write_opcode() is wrong, unapply_uprobe() calls it under mmap_read_lock() and this is correct. And it is completely unclear why register_for_each_vma() takes mmap_lock for writing, add a comment to explain that mmap_write_lock() is needed to avoid the following race: - A task T hits the bp installed by uprobe and calls find_active_uprobe() - uprobe_unregister() removes this uprobe/bp - T calls find_uprobe() which returns NULL - another uprobe_register() installs the bp at the same address - T calls is_trap_at_addr() which returns true - T returns to handle_swbp() and gets SIGTRAP. Reported-by: Andrii Nakryiko Signed-off-by: Oleg Nesterov Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Jiri Olsa Acked-by: Andrii Nakryiko Acked-by: "Masami Hiramatsu (Google)" Link: https://lore.kernel.org/r/20240801132709.GA8780@redhat.com commit cfa7f3d2c526c224a6271cc78a4a27a0de06f4f0 Author: Andrii Nakryiko Date: Mon Jul 29 10:52:23 2024 -0700 perf,x86: avoid missing caller address in stack traces captured in uprobe When tracing user functions with uprobe functionality, it's common to install the probe (e.g., a BPF program) at the first instruction of the function. This is often going to be `push %rbp` instruction in function preamble, which means that within that function frame pointer hasn't been established yet. This leads to consistently missing an actual caller of the traced function, because perf_callchain_user() only records current IP (capturing traced function) and then following frame pointer chain (which would be caller's frame, containing the address of caller's caller). So when we have target_1 -> target_2 -> target_3 call chain and we are tracing an entry to target_3, captured stack trace will report target_1 -> target_3 call chain, which is wrong and confusing. This patch proposes a x86-64-specific heuristic to detect `push %rbp` (`push %ebp` on 32-bit architecture) instruction being traced. Given entire kernel implementation of user space stack trace capturing works under assumption that user space code was compiled with frame pointer register (%rbp/%ebp) preservation, it seems pretty reasonable to use this instruction as a strong indicator that this is the entry to the function. In that case, return address is still pointed to by %rsp/%esp, so we fetch it and add to stack trace before proceeding to unwind the rest using frame pointer-based logic. We also check for `endbr64` (for 64-bit modes) as another common pattern for function entry, as suggested by Josh Poimboeuf. Even if we get this wrong sometimes for uprobes attached not at the function entry, it's OK because stack trace will still be overall meaningful, just with one extra bogus entry. If we don't detect this, we end up with guaranteed to be missing caller function entry in the stack trace, which is worse overall. Signed-off-by: Andrii Nakryiko Signed-off-by: Peter Zijlstra (Intel) Link: https://lkml.kernel.org/r/20240729175223.23914-1-andrii@kernel.org commit 7e8b255650fcfa1d05a57e4093d8405e6d8dd488 Author: Ben Gainey Date: Tue Jul 30 09:44:15 2024 +0100 perf: Support PERF_SAMPLE_READ with inherit This change allows events to use PERF_SAMPLE_READ with inherit so long as PERF_SAMPLE_TID is also set. This enables sample based profiling of a group of counters over a hierarchy of processes or threads. This is useful, for example, for collecting per-thread counters/metrics, event based sampling of multiple counters as a unit, access to the enabled and running time when using multiplexing and so on. Prior to this, users were restricted to either collecting aggregate statistics for a multi-threaded/-process application (e.g. with "perf stat"), or to sample individual threads, or to profile the entire system (which requires root or CAP_PERFMON, and may produce much more data than is required). Theoretically a tool could poll for or otherwise monitor thread/process creation and construct whatever events the user is interested in using perf_event_open, for each new thread or process, but this is racy, can lead to file-descriptor exhaustion, and ultimately just replicates the behaviour of inherit, but in userspace. This configuration differs from inherit without PERF_SAMPLE_READ in that the accumulated event count, and consequently any sample (such as if triggered by overflow of sample_period) will be on a per-thread rather than on an aggregate basis. The meaning of read_format::value field of both PERF_RECORD_READ and PERF_RECORD_SAMPLE is changed such that if the sampled event uses this new configuration then the values reported will be per-thread rather than the global aggregate value. This is a change from the existing semantics of read_format (where PERF_SAMPLE_READ is used without inherit), but it is necessary to expose the per-thread counter values, and it avoids reinventing a separate "read_format_thread" field that otherwise replicates the same behaviour. This change should not break existing tools, since this configuration was not previously valid and was rejected by the kernel. Tools that opt into this new mode will need to account for this when calculating the counter delta for a given sample. Tools that wish to have both the per-thread and aggregate value can perform the global aggregation themselves from the per-thread values. The change to read_format::value does not affect existing valid perf_event_attr configurations, nor does it change the behaviour of calls to "read" on an event descriptor. Both continue to report the aggregate value for the entire thread/process hierarchy. The difference between the results reported by "read" and PERF_RECORD_SAMPLE in this new configuration is justified on the basis that it is not (easily) possible for "read" to target a specific thread (the caller only has the fd for the original parent event). Signed-off-by: Ben Gainey Signed-off-by: Peter Zijlstra (Intel) Link: https://lkml.kernel.org/r/20240730084417.7693-3-ben.gainey@arm.com commit 79bd233010859463e46a0a4b3926eaaba25a6110 Author: Ben Gainey Date: Tue Jul 30 09:44:14 2024 +0100 perf: Rename perf_event_context.nr_pending to nr_no_switch_fast. nr_pending counts the number of events in the context that either pending_sigtrap or pending_work, but it is used to prevent taking the fast path in perf_event_context_sched_out. Renamed to reflect what it is used for, rather than what it counts. This change allows using the field to track other event properties that also require skipping the fast path without possible confusion over the name. Signed-off-by: Ben Gainey Signed-off-by: Peter Zijlstra (Intel) Link: https://lkml.kernel.org/r/20240730084417.7693-2-ben.gainey@arm.com commit 84542dfad12252887bc14402f2bdc6286262cbae Author: Niklas Söderlund Date: Wed Jul 31 12:53:21 2024 +0200 arm64: defconfig: Enable R-Car Ethernet-TSN support Enable support for R-Car Ethernet-TSN, as found on the White-Hawk development board. Signed-off-by: Niklas Söderlund Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240731105321.3196788-1-niklas.soderlund+renesas@ragnatech.se Signed-off-by: Geert Uytterhoeven commit 6d21b760b7a6603a16216ba78d2b6457e12ad6e6 Author: Geert Uytterhoeven Date: Tue Jul 30 16:32:24 2024 +0200 ARM: shmobile: defconfig: Enable slab hardening and kmalloc buckets Enable slab freelist metadata hardening, which in turn enables support for allocation from separate kmalloc buckets. The latter is recommended to be enabled, as per its help text. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/96fc3f0ed509b6364d8aeb297d5acf4abed18404.1722349907.git.geert+renesas@glider.be commit f73f63b24491fa43641daf3b6162d2a451bd8481 Author: Biju Das Date: Sun Jul 28 10:04:16 2024 +0100 pinctrl: renesas: rzg2l: Use dev_err_probe() Replace dev_err()->dev_err_probe() to simpilfy probe helper functions. Signed-off-by: Biju Das Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240728090421.7136-1-biju.das.jz@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit d56abfed1c02814b5ee96b0ed1f989ea9d7f6cbb Author: Lad Prabhakar Date: Tue Jul 23 17:47:44 2024 +0100 pinctrl: renesas: rzg2l: Return -EINVAL if the pin doesn't support PIN_CFG_OEN Update the rzg2l_pinctrl_pinconf_get() function to return -EINVAL for PIN_CONFIG_OUTPUT_ENABLE config if the pin doesn't support the PIN_CFG_OEN configuration. -EINVAL is a valid error when dumping the pin configurations. Returning -EOPNOTSUPP for a pin that does not support PIN_CFG_OEN resulted in the message 'ERROR READING CONFIG SETTING 16' being printed during dumping pinconf-pins. For consistency do similar change in rzg2l_pinctrl_pinconf_set() for PIN_CONFIG_OUTPUT_ENABLE config. Fixes: a9024a323af2 ("pinctrl: renesas: rzg2l: Clean up and refactor OEN read/write functions") Signed-off-by: Lad Prabhakar Tested-by: Claudiu Beznea Reviewed-by: Paul Barker Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240723164744.505233-1-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit ce21e520fdef49d92b01ce93cfc3d88906d01618 Merge: 3361a6eae59664 48ba8a1d042434 Author: David S. Miller Date: Fri Aug 2 10:25:23 2024 +0100 Merge branch 'axienet-coding-style' into main Radhey Shyam Pandey says: ==================== net: axienet: Fix coding style issues This patchset replace all occurences of (1<mtu <= XAE_JUMBO_MTU' and 'ndev->mtu > XAE_MTU'. Changes for v2: - Split each coding style change into separate patch. ==================== Signed-off-by: David S. Miller commit 48ba8a1d0424347e375f5deccdd2eda461fa9a94 Author: Radhey Shyam Pandey Date: Wed Jul 31 14:46:07 2024 +0530 net: axienet: remove unnecessary parentheses Remove unnecessary parentheses around 'ndev->mtu <= XAE_JUMBO_MTU' and 'ndev->mtu > XAE_MTU'. Reported by checkpatch. CHECK: Unnecessary parentheses around 'ndev->mtu > XAE_MTU' + if ((ndev->mtu > XAE_MTU) && + (ndev->mtu <= XAE_JUMBO_MTU)) { CHECK: Unnecessary parentheses around 'ndev->mtu <= XAE_JUMBO_MTU' + if ((ndev->mtu > XAE_MTU) && + (ndev->mtu <= XAE_JUMBO_MTU)) { Signed-off-by: Radhey Shyam Pandey Reviewed-by: Andrew Lunn Signed-off-by: David S. Miller commit f83828a0522fc57b244629844fc413e38cde95f3 Author: Radhey Shyam Pandey Date: Wed Jul 31 14:46:06 2024 +0530 net: axienet: remove unnecessary ftrace-like logging remove unnecessary ftrace-like logging. Also fixes below checkpatch WARNING. WARNING: Unnecessary ftrace-like logging - prefer using ftrace + dev_dbg(&ndev->dev, "%s\n", __func__); Signed-off-by: Radhey Shyam Pandey Reviewed-by: Andrew Lunn Signed-off-by: David S. Miller commit f7061a3e04cf17162a2d96f4f746f7904c26158e Author: Radhey Shyam Pandey Date: Wed Jul 31 14:46:05 2024 +0530 net: axienet: add missing blank line after declaration Add missing blank line after declaration. Fixes below checkpatch warnings. WARNING: Missing a blank line after declarations + struct sockaddr *addr = p; + axienet_set_mac_address(ndev, addr->sa_data); WARNING: Missing a blank line after declarations + struct axienet_local *lp = netdev_priv(ndev); + disable_irq(lp->tx_irq); Signed-off-by: Radhey Shyam Pandey Reviewed-by: Andrew Lunn Signed-off-by: David S. Miller commit 3ff578c91cd86461b58561e19cce087e8899d0ce Author: Appana Durga Kedareswara Rao Date: Wed Jul 31 14:46:04 2024 +0530 net: axienet: Replace the occurrences of (1< Signed-off-by: Radhey Shyam Pandey Reviewed-by: Andrew Lunn Signed-off-by: David S. Miller commit f82c086bcca6365ce5361a2fb668556fe0c4dc38 Author: Oliver Rhodes Date: Thu Jul 25 11:05:34 2024 +0100 dt-bindings: pinctrl: renesas: Document RZ/G2M v3.0 (r8a774a3) PFC support Document PFC support for Renesas RZ/G2M v3.0 (a.k.a r8a774a3) SoC. Signed-off-by: Oliver Rhodes Reviewed-by: Geert Uytterhoeven Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/20240725100534.5374-7-oliver.rhodes.aj@renesas.com Signed-off-by: Geert Uytterhoeven commit dd22e56217495e2d392ded86a1e11a908e424e64 Author: Lad Prabhakar Date: Mon Jul 29 21:26:44 2024 +0100 clk: renesas: Add family-specific clock driver for RZ/V2H(P) Add family-specific clock driver for RZ/V2H(P) SoCs. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240729202645.263525-3-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 042859e80d4b67ff93f19009c02d6a8a735b0fd9 Author: Lad Prabhakar Date: Mon Jul 29 21:26:43 2024 +0100 dt-bindings: clock: renesas: Document RZ/V2H(P) SoC CPG Document the device tree bindings for the Renesas RZ/V2H(P) SoC Clock Pulse Generator (CPG). CPG block handles the below operations: - Generation and control of clock signals for the IP modules - Generation and control of resets - Control over booting - Low power consumption and power supply domains Also define constants for the core clocks of the RZ/V2H(P) SoC. Note the core clocks are a subset of the ones which are listed as part of section 4.4.2 of HW manual Rev.1.01 which cannot be controlled by CLKON register. Signed-off-by: Lad Prabhakar Reviewed-by: Krzysztof Kozlowski Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240729202645.263525-2-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit ab52dd821f89abd3165f5b39936cc08ef2f9169e Author: Cong Dang Date: Thu Jul 25 21:49:08 2024 +0200 clk: renesas: r8a779h0: Add PWM clock Add the module clock used by the PWM timers on the Renesas R-Car V4M (R8A779H0) SoC. Signed-off-by: Cong Dang [wsa: rebased] Signed-off-by: Wolfram Sang Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240725194906.14644-9-wsa+renesas@sang-engineering.com Signed-off-by: Geert Uytterhoeven commit 4b3b9cdb7db191ba262256972d08802b7bd8c7d4 Author: Oliver Rhodes Date: Thu Jul 25 11:05:31 2024 +0100 dt-bindings: clock: renesas,cpg-mssr: Document RZ/G2M v3.0 (r8a774a3) clock Add binding documentation for Renesas RZ/G2M v3.0 (a.k.a r8a774a3) Clock Pulse Generator driver. The r8a774a3 cpg is similar to the r8a774a1 cpg however, it lacks some modules such as the FCPCI. Signed-off-by: Oliver Rhodes Reviewed-by: Geert Uytterhoeven Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/20240725100534.5374-4-oliver.rhodes.aj@renesas.com Signed-off-by: Geert Uytterhoeven commit 054a83a1548ce30eeebcf95c86951d3ef56e6f7d Author: Claudiu Beznea Date: Thu Jul 11 15:34:05 2024 +0300 arm64: dts: renesas: r9a08g045: Add DMAC node Add DMAC node. Signed-off-by: Claudiu Beznea Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240711123405.2966302-4-claudiu.beznea.uj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit d98121492b0393924d96824f788d482e545e3605 Author: Paul Barker Date: Tue Jun 25 21:03:16 2024 +0100 arm64: dts: renesas: rzg2ul: Set Ethernet PVDD to 1.8V On the RZ/G2UL & RZ/Five SMARC SOMs, the RGMII interface between the SoC and the Ethernet PHY operates at 1.8V. The power supply for this interface may be correctly configured in u-boot, but the kernel should not be relying on this. Now that the RZ/G2L pinctrl driver supports configuring the Ethernet power supply voltage, we can simply specify the desired voltage in the device tree. Signed-off-by: Paul Barker Reviewed-by: Geert Uytterhoeven Acked-by: Linus Walleij Link: https://lore.kernel.org/20240625200316.4282-10-paul.barker.ct@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 831d521927c9ed895662ab8fc4a39ceecac5b4ab Author: Paul Barker Date: Tue Jun 25 21:03:15 2024 +0100 arm64: dts: renesas: rzg2lc: Set Ethernet PVDD to 1.8V On the RZ/G2LC SMARC SOM, the RGMII interface between the SoC and the Ethernet PHY operates at 1.8V. The power supply for this interface may be correctly configured in u-boot, but the kernel should not be relying on this. Now that the RZ/G2L pinctrl driver supports configuring the Ethernet power supply voltage, we can simply specify the desired voltage in the device tree. Signed-off-by: Paul Barker Reviewed-by: Geert Uytterhoeven Acked-by: Linus Walleij Link: https://lore.kernel.org/20240625200316.4282-9-paul.barker.ct@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 96a3f525708120379013d9d3265663c07ceb38d5 Author: Paul Barker Date: Tue Jun 25 21:03:14 2024 +0100 arm64: dts: renesas: rzg2l: Set Ethernet PVDD to 1.8V On the RZ/G2L & RZ/V2L SMARC SOMs, the RGMII interface between the SoC and the Ethernet PHY operates at 1.8V. The power supply for this interface may be correctly configured in u-boot, but the kernel should not be relying on this. Now that the RZ/G2L pinctrl driver supports configuring the Ethernet power supply voltage, we can simply specify the desired voltage in the device tree. Signed-off-by: Paul Barker Reviewed-by: Geert Uytterhoeven Acked-by: Linus Walleij Link: https://lore.kernel.org/20240625200316.4282-8-paul.barker.ct@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 73302ad17ed66a628f04caef76d93d27e4c6118d Author: Paul Barker Date: Tue Jun 25 21:03:13 2024 +0100 arm64: dts: renesas: rzg2ul: Enable Ethernet TXC output Configure ET0_TXC and ET1_TXC as outputs on the Renesas RZ/G2UL and RZ/Five SMARC SoMs, as per RGMII specification. Signed-off-by: Paul Barker Reviewed-by: Geert Uytterhoeven Acked-by: Linus Walleij Link: https://lore.kernel.org/20240625200316.4282-7-paul.barker.ct@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit dabee5f143084dd8a1a346bad8df66183fd75ca7 Author: Paul Barker Date: Tue Jun 25 21:03:12 2024 +0100 arm64: dts: renesas: rzg2lc: Enable Ethernet TXC output Configure ET0_TXC and ET1_TXC as outputs on the Renesas RZ/G2LC SMARC SoM, as per RGMII specification. Signed-off-by: Paul Barker Reviewed-by: Geert Uytterhoeven Acked-by: Linus Walleij Link: https://lore.kernel.org/20240625200316.4282-6-paul.barker.ct@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 41c934da488d3a5a79148ead3b5c5eecac1b1d5d Author: Paul Barker Date: Tue Jun 25 21:03:11 2024 +0100 arm64: dts: renesas: rzg2l: Enable Ethernet TXC output Configure ET0_TXC and ET1_TXC as outputs on the Renesas RZ/[GV]2L SMARC SoMs, as per RGMII specification. Signed-off-by: Paul Barker Reviewed-by: Geert Uytterhoeven Acked-by: Linus Walleij Link: https://lore.kernel.org/20240625200316.4282-5-paul.barker.ct@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 3361a6eae59664ffae640ff7a838f5bd89c24461 Merge: 5fe164fb0e6e31 18ee44ce97c18e Author: David S. Miller Date: Fri Aug 2 09:20:29 2024 +0100 Merge branch 'vsock-virtio' into main Luigi Leonardi says: ==================== vsock: avoid queuing on intermediate queue if possible This series introduces an optimization for vsock/virtio to reduce latency and increase the throughput: When the guest sends a packet to the host, and the intermediate queue (send_pkt_queue) is empty, if there is enough space, the packet is put directly in the virtqueue. v3->v4 While running experiments on fio with 64B payload, I realized that there was a mistake in my fio configuration, so I re-ran all the experiments and now the latency numbers are indeed lower with the patch applied. I also noticed that I was kicking the host without the lock. - Fixed a configuration mistake on fio and re-ran all experiments. - Fio latency measurement using 64B payload. - virtio_transport_send_skb_fast_path sends kick with the tx_lock acquired - Addressed all minor style changes requested by maintainer. - Rebased on latest net-next - Link to v3: https://lore.kernel.org/r/20240711-pinna-v3-0-697d4164fe80@outlook.com v2->v3 - Performed more experiments using iperf3 using multiple streams - Handling of reply packets removed from virtio_transport_send_skb, as is needed just by the worker. - Removed atomic_inc/atomic_sub when queuing directly to the vq. - Introduced virtio_transport_send_skb_fast_path that handles the steps for sending on the vq. - Fixed a missing mutex_unlock in error path. - Changed authorship of the second commit - Rebased on latest net-next v1->v2 In this v2 I replaced a mutex_lock with a mutex_trylock because it was insidea RCU critical section. I also added a check on tx_run, so if the module is being removed the packet is not queued. I'd like to thank Stefano for reporting the tx_run issue. Applied all Stefano's suggestions: - Minor code style changes - Minor commit text rewrite Performed more experiments: - Check if all the packets go directly to the vq (Matias' suggestion) - Used iperf3 to see if there is any improvement in overall throughput from guest to host - Pinned the vhost process to a pCPU. - Run fio using 512B payload Rebased on latest net-next ==================== Signed-off-by: David S. Miller commit 18ee44ce97c18ee72f5807140d07ff8cebe3cab5 Author: Luigi Leonardi Date: Tue Jul 30 21:43:08 2024 +0200 test/vsock: add ioctl unsent bytes test Introduce two tests, one for SOCK_STREAM and one for SOCK_SEQPACKET, which use SIOCOUTQ ioctl to check that the number of unsent bytes is zero after delivering a packet. vsock_connect and vsock_accept are no longer static: this is to create more generic tests, allowing code to be reused for SEQPACKET and STREAM. Signed-off-by: Luigi Leonardi Reviewed-by: Stefano Garzarella Signed-off-by: David S. Miller commit e6ab45005772014ce49a693a63f928203c0cbbb0 Author: Luigi Leonardi Date: Tue Jul 30 21:43:07 2024 +0200 vsock/virtio: add SIOCOUTQ support for all virtio based transports Introduce support for virtio_transport_unsent_bytes ioctl for virtio_transport, vhost_vsock and vsock_loopback. For all transports the unsent bytes counter is incremented in virtio_transport_get_credit. In virtio_transport (G2H) and in vhost-vsock (H2G) the counter is decremented when the skbuff is consumed. In vsock_loopback the same skbuff is passed from the transmitter to the receiver, so the counter is decremented before queuing the skbuff to the receiver. Signed-off-by: Luigi Leonardi Reviewed-by: Stefano Garzarella Signed-off-by: David S. Miller commit 744500d81f81346b4d442809c0511684bb28c829 Author: Luigi Leonardi Date: Tue Jul 30 21:43:06 2024 +0200 vsock: add support for SIOCOUTQ ioctl Add support for ioctl(s) in AF_VSOCK. The only ioctl available is SIOCOUTQ/TIOCOUTQ, which returns the number of unsent bytes in the socket. This information is transport-specific and is delegated to them using a callback. Suggested-by: Daan De Meyer Signed-off-by: Luigi Leonardi Reviewed-by: Stefano Garzarella Signed-off-by: David S. Miller commit ea66e7107bdc4efb530878f2216390b8bc5bae0d Author: Ahmed S. Darwish Date: Thu Jul 18 15:47:49 2024 +0200 MAINTAINERS: Add x86 cpuid database entry Add a specific entry for the x86 architecture cpuid database. Reference the x86-cpuid.org development mailing list to facilitate easy tracking by external stakeholders such as the Xen developers. Include myself as a reviewer. Note, this MAINTAINERS entry will also cover the auto-generated C cpuid bitfields header files to be submitted in a future series. Signed-off-by: Ahmed S. Darwish Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240718134755.378115-10-darwi@linutronix.de commit cbbd847d107fb750e62670d0f205a7f58b36f893 Author: Ahmed S. Darwish Date: Thu Jul 18 15:47:48 2024 +0200 tools/x86/kcpuid: Introduce a complete cpuid bitfields CSV file For parsing the cpuid bitfields, kcpuid uses an incomplete CSV file with 300+ bitfields. Use an auto-generated CSV file from the x86-cpuid.org project instead. It provides complete bitfields coverage: 830+ bitfields, all with proper descriptions. The auto-generated file has the following blurb automatically added: # SPDX-License-Identifier: CC0-1.0 # Generator: x86-cpuid-db v1.0 The generator tag includes the project's workspace "git describe" version string. It is intended for projects like KernelCI, to aid in verifying that the auto-generated files have not been tampered with. The file also has the blurb: # Auto-generated file. # Please submit all updates and bugfixes to https://x86-cpuid.org It's thus kindly requested that the Linux kernel's x86 tree maintainers enforce sending all updates to x86-cpuid.org's upstream database first, thus benefiting the whole ecosystem. Signed-off-by: Ahmed S. Darwish Signed-off-by: Thomas Gleixner Link: https://gitlab.com/x86-cpuid.org/x86-cpuid-db/-/blob/v1.0/LICENSE.rst Link: https://gitlab.com/x86-cpuid.org/x86-cpuid-db Link: https://lore.kernel.org/all/20240718134755.378115-9-darwi@linutronix.de commit 58921443e9b04bbb1866070ed14ea39578302cea Author: Ahmed S. Darwish Date: Thu Jul 18 15:47:47 2024 +0200 tools/x86/kcpuid: Parse subleaf ranges if provided It's a common pattern in cpuid leaves to have the same bitfields format repeated across a number of subleaves. Typically, this is used for enumerating hierarchial structures like cache and TLB levels, CPU topology levels, etc. Modify kcpuid.c to handle subleaf ranges in the CSV file subleaves column. For example, make it able to parse lines in the form: # LEAF, SUBLEAVES, reg, bits, short_name , ... 0xb, 1:0, eax, 4:0, x2apic_id_shift , ... 0xb, 1:0, ebx, 15:0, domain_lcpus_count , ... 0xb, 1:0, ecx, 7:0, domain_nr , ... This way, full output can be printed to the user. Signed-off-by: Ahmed S. Darwish Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240718134755.378115-8-darwi@linutronix.de commit b0a59d14966dbfe0d544b2595dcb29728d41daf3 Author: Ahmed S. Darwish Date: Thu Jul 18 15:47:46 2024 +0200 tools/x86/kcpuid: Recognize all leaves with subleaves cpuid.csv will be extended in further commits with all-publicly-known CPUID leaves and bitfields. Thus, modify has_subleafs() to identify all known leaves with subleaves. Remove the redundant "is_amd" check since all x86 vendors already report the maxium supported extended leaf at leaf 0x80000000 EAX register. The extra mentioned leaves are: - Leaf 0x12, Intel Software Guard Extensions (SGX) enumeration - Leaf 0x14, Intel process trace (PT) enumeration - Leaf 0x17, Intel SoC vendor attributes enumeration - Leaf 0x1b, Intel PCONFIG (Platform configuration) enumeration - Leaf 0x1d, Intel AMX (Advanced Matrix Extensions) tile information - Leaf 0x1f, Intel v2 extended topology enumeration - Leaf 0x23, Intel ArchPerfmonExt (Architectural PMU ext) enumeration - Leaf 0x80000020, AMD Platform QoS extended features enumeration - Leaf 0x80000026, AMD v2 extended topology enumeration Set the 'max_subleaf' variable for all the newly marked leaves with extra subleaves. Ideally, this should be fetched from the CSV file instead, but the current kcpuid code architecture has two runs: one run to serially invoke the cpuid instructions and save all the output in-memory, and one run to parse this in-memory output through the CSV specification. Signed-off-by: Ahmed S. Darwish Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240718134755.378115-7-darwi@linutronix.de commit 9ecbc60a5ede928abdd2b152d828ae0ea8a1e3ed Author: Ahmed S. Darwish Date: Thu Jul 18 15:47:45 2024 +0200 tools/x86/kcpuid: Strip bitfield names leading/trailing whitespace While parsing and saving bitfield names from the CSV file, an extra leading space is copied verbatim. That extra space is not a big issue now, but further commits will add a new CSV file with much more padding for the bitfield's name column. Strip leading/trailing whitespaces while saving bitfield names. Signed-off-by: Ahmed S. Darwish Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240718134755.378115-6-darwi@linutronix.de commit cf96ab1a966b87b09fdd9e8cc8357d2d00776a3a Author: Ahmed S. Darwish Date: Thu Jul 18 15:47:44 2024 +0200 tools/x86/kcpuid: Protect against faulty "max subleaf" values Protect against the kcpuid code parsing faulty max subleaf numbers through a min() expression. Thus, ensuring that max_subleaf will always be ≤ MAX_SUBLEAF_NUM. Use "u32" for the subleaf numbers since kcpuid is compiled with -Wextra, which includes signed/unsigned comparisons warnings. Signed-off-by: Ahmed S. Darwish Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240718134755.378115-5-darwi@linutronix.de commit 5dd7ca42475bb15fd93d58d42e925512776f14a4 Author: Ahmed S. Darwish Date: Thu Jul 18 15:47:43 2024 +0200 tools/x86/kcpuid: Set max possible subleaves count to 64 cpuid.csv will be extended in further commits with all-publicly-known CPUID leaves and bitfields. One of the new leaves is 0xd for extended CPU state enumeration. Depending on XCR0 dword bits, it can export up to 64 subleaves. Set kcpuid.c MAX_SUBLEAF_NUM to 64. Signed-off-by: Ahmed S. Darwish Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240718134755.378115-4-darwi@linutronix.de commit a52e735f282c963155090d2d60726324ccd0e4bc Author: Ahmed S. Darwish Date: Thu Jul 18 15:47:42 2024 +0200 tools/x86/kcpuid: Properly align long-description columns When kcpuid is invoked with "--all --details", the detailed description column is not properly aligned for all bitfield rows: CPUID_0x4_ECX[0x0]: cache_level : 0x1 - Cache Level ... cache_self_init - Cache Self Initialization This is due to differences in output handling between boolean single-bit "bitflags" and multi-bit bitfields. For the former, the bitfield's value is not outputted as it is implied to be true by just outputting the bitflag's name in its respective line. If long descriptions were requested through the --all parameter, properly align the bitflag's description columns through extra tabs. With that, the sample output above becomes: CPUID_0x4_ECX[0x0]: cache_level : 0x1 - Cache Level ... cache_self_init - Cache Self Initialization Signed-off-by: Ahmed S. Darwish Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240718134755.378115-3-darwi@linutronix.de commit 39e470057f785eab7b6638feb3f24cbad6816aff Author: Ahmed S. Darwish Date: Thu Jul 18 15:47:41 2024 +0200 tools/x86/kcpuid: Remove unused variable Global variable "num_leafs" is set in multiple places but is never read anywhere. Remove it. Signed-off-by: Ahmed S. Darwish Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240718134755.378115-2-darwi@linutronix.de commit 23d22b0fe6a12317e9d17bb17720285ac4ba4d54 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:59 2024 -0600 memory: emif: Use of_property_read_bool() Use of_property_read_bool() to read boolean properties rather than of_find_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731191312.1710417-21-robh@kernel.org Signed-off-by: Krzysztof Kozlowski commit 11b227901ffaf9f6b4eebd3ed708d03ec91e764c Author: Zong-Zhe Yang Date: Sat Jul 27 16:06:50 2024 +0800 wifi: rtw89: pass chanctx_idx to rtw89_btc_{path_}phymap() Originally, rtw89_btc_phymap() and rtw89_btc_path_phymap() access chan with hard-code RTW89_CHANCTX_0. But, they are problematic when the chip supports multiple channels. So, change their prototype and pass chanctx_idx ahead. Let callers still pass RTW89_CHANCTX_0 for now, but we will refine callers in the following. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240727080650.12195-8-pkshih@realtek.com commit db0dbe26f48a4cf3a46967fb8a75ee1abd1d59ab Author: Zong-Zhe Yang Date: Sat Jul 27 16:06:49 2024 +0800 wifi: rtw89: fw: correct chan access in assoc_cmac_tbl_g7 and update_beacon_be Originally, these H2C commands access chan with hard-code RTW89_CHANCTX_0. They are problematic when the chip supports multiple channels. So, correct them by accessing right chan under rtwvif. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240727080650.12195-7-pkshih@realtek.com commit ed5f66a2812025a6818e12f07686735d0fe8580f Author: Zong-Zhe Yang Date: Sat Jul 27 16:06:48 2024 +0800 wifi: rtw89: pass rtwvif to RFK scan For chips supporting multiple channels, they need to get target info from rtwvif, e.g. PHY index and Chanctx index. So, change rfk_scan prototype and pass rtwvif ahead. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240727080650.12195-6-pkshih@realtek.com commit 75d853d4ae45ee1d4af31d6ced003aab8da5db70 Author: Zong-Zhe Yang Date: Sat Jul 27 16:06:47 2024 +0800 wifi: rtw89: pass rtwvif to RFK channel For chips supporting multiple channels, they need to get target info from rtwvif, e.g. PHY index and Chanctx index. So, change rfk_channel prototype and pass rtwvif ahead. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240727080650.12195-5-pkshih@realtek.com commit 583e998e202451c7a139afd9e59d4bce9bc7f963 Author: Zong-Zhe Yang Date: Sat Jul 27 16:06:46 2024 +0800 wifi: rtw89: rename sub_entity to chanctx Originally, we planed to fill MAC_0/1 indicators with chanctx and use sub_entity_xxx for these things. However, there are some reasons listed below which make us give up this plan after we know our Wi-Fi 7 HW design. 1. one link is bound to one HW band during its life time but, one link might change chanctx dynamically 2. in concurrent mode, assume 1st vif is MLD 1st vif's 2nd link might use the same chanctx as 2nd vif but, they are not on the same HW band So, we let sub_entity_xxx stuffs deal with only chanctx now. And, to be more readable, we rename sub_entity related words to chanctx. No logic is changed. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240727080650.12195-4-pkshih@realtek.com commit 39b9271095b28971fe25ac188203230505a6bf49 Author: Zong-Zhe Yang Date: Sat Jul 27 16:06:45 2024 +0800 wifi: rtw89: mcc: stop at a role holding chanctx In general, MCC (multi-channel concurrency) stops when some chanctx is unassigned. Originally, we let FW to stop at a fixed role. However, it might be the one to be unassigned. So, iterate MCC roles and select one which is still holding chanctx. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240727080650.12195-3-pkshih@realtek.com commit 62c5a91b25f0cf610d55ee0cc9637eb8b670423f Author: Zong-Zhe Yang Date: Sat Jul 27 16:06:44 2024 +0800 wifi: rtw89: chan: refine MCC re-plan flow when unassign chanctx Originally during unassign-chanctx, MCC (multi-channel concurrency) is re-planed before set-channel if need. But, we might calculate MCC stuffs based on old channel info. And, the following set-channel might be racing with FW MCC state mechanism. So, we refine this flow. Now, if MCC re-plan is needed here, it will be done after set-channel. Besides, to be more rigorous, we now ensure entity isn't paused before we deal with MCC things here. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240727080650.12195-2-pkshih@realtek.com commit 0e735a4c6137262bcefe45bb52fde7b1f5fc6c4d Author: Dmitry Antipov Date: Fri Jul 26 14:46:57 2024 +0300 wifi: rtw88: always wait for both firmware loading attempts In 'rtw_wait_firmware_completion()', always wait for both (regular and wowlan) firmware loading attempts. Otherwise if 'rtw_usb_intf_init()' has failed in 'rtw_usb_probe()', 'rtw_usb_disconnect()' may issue 'ieee80211_free_hw()' when one of 'rtw_load_firmware_cb()' (usually the wowlan one) is still in progress, causing UAF detected by KASAN. Fixes: c8e5695eae99 ("rtw88: load wowlan firmware if wowlan is supported") Reported-by: syzbot+6c6c08700f9480c41fe3@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=6c6c08700f9480c41fe3 Signed-off-by: Dmitry Antipov Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240726114657.25396-1-dmantipov@yandex.ru commit 27d90ad37771ab4af5ae2bf531321497984053b7 Author: Zong-Zhe Yang Date: Wed Jul 24 13:26:26 2024 +0800 wifi: rtw89: fix typo of rtw89_phy_ra_updata_XXX `updata` should be `update` Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240724052626.12774-5-pkshih@realtek.com commit 80fb81bb46a57daedd5decbcc253ea48428a254e Author: Ping-Ke Shih Date: Wed Jul 24 13:26:25 2024 +0800 wifi: rtw89: 885xb: reset IDMEM mode to prevent download firmware failure For different firmware type, it could change IDMEM mode, so reset it to default to avoid encountering error for RTL8851B/RTL8852B/RTL8852BT if that kind of firmware was downloaded before. rtw89_8851be 0000:02:00.0: Firmware version 0.29.41.3, cmd version 0, type 5 rtw89_8851be 0000:02:00.0: Firmware version 0.29.41.3, cmd version 0, type 3 rtw89_8851be 0000:02:00.0: MAC has already powered on rtw89_8851be 0000:02:00.0: fw security fail rtw89_8851be 0000:02:00.0: download firmware fail rtw89_8851be 0000:02:00.0: [ERR]fwdl 0x1E0 = 0x62 rtw89_8851be 0000:02:00.0: [ERR]fwdl 0x83F2 = 0x8 rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f51c rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f524 rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f51c rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f500 rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f51c rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f53c rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f520 rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f520 rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f508 rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f534 rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f520 rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f534 rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f508 rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f53c rtw89_8851be 0000:02:00.0: [ERR]fw PC = 0xb892f524 rtw89_8851be 0000:02:00.0: failed to setup chip information rtw89_8851be: probe of 0000:02:00.0 failed with error -16 Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240724052626.12774-4-pkshih@realtek.com commit 0b38e6277aed8a59ccb64fcc1172d962c1f11b4c Author: Kuan-Chung Chen Date: Wed Jul 24 13:26:24 2024 +0800 wifi: rtw89: add support for hardware rfkill Add support for ieee80211::rfkill_poll ops. This enables periodic monitoring of the hardware rfkill state, triggering updates when the status changes. Signed-off-by: Kuan-Chung Chen Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240724052626.12774-3-pkshih@realtek.com commit bd4a3b10fa0eaa80519fc0f8bffeb8740fa2f61e Author: Kuan-Chung Chen Date: Wed Jul 24 13:26:23 2024 +0800 wifi: rtw89: add EVM statistics for 1SS rate To more accurately debug performance issues, EVM statistics will differentiate between different space streams, and only beacon and data frames will be included. Signed-off-by: Kuan-Chung Chen Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240724052626.12774-2-pkshih@realtek.com commit 5fe164fb0e6e31dbcbb4b706fd76bc578e5af4c6 Author: Rob Herring (Arm) Date: Wed Jul 31 13:16:00 2024 -0600 net: Use of_property_read_bool() Use of_property_read_bool() to read boolean properties rather than of_find_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Reviewed-by: MD Danish Anwar Link: https://patch.msgid.link/20240731191601.1714639-2-robh@kernel.org Signed-off-by: Jakub Kicinski commit 0b0e9cdb3d1f8fda823b592b0667b4b0595e2ba7 Author: Rob Herring (Arm) Date: Wed Jul 31 14:15:15 2024 -0600 net: mdio: Use of_property_count_u32_elems() to get property length Replace of_get_property() with the type specific of_property_count_u32_elems() to get the property length. This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240731201514.1839974-2-robh@kernel.org Signed-off-by: Jakub Kicinski commit 46e6acfe3501fa938af9c5bd730f0020235b08a2 Author: Rob Herring (Arm) Date: Wed Jul 31 14:17:03 2024 -0600 net: phy: qca807x: Drop unnecessary and broken DT validation The check for "leds" and "gpio-controller" both being present is never true because "leds" is a node, not a property. This could be fixed with a check for child node, but there's really no need for the kernel to validate a DT. Just continue ignoring the LEDs if GPIOs are present. Signed-off-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240731201703.1842022-2-robh@kernel.org Signed-off-by: Jakub Kicinski commit 53ed4b25a79aeec5991c2dc579e635b136ef7676 Author: Po-Hao Huang Date: Wed Jul 24 13:05:01 2024 +0800 wifi: rtw88: 8822c: Parse channel from IE to correct invalid hardware reports For CCK packets we could get incorrect reports from hardware. And this causes wrong frequencies being reported. Parse the channel information from IE if provided by AP to fix this. Signed-off-by: Po-Hao Huang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240724050501.7550-1-pkshih@realtek.com commit 5fcf0801ef5c8adb785520f16b4a1faa8c4ac147 Author: John Wang Date: Tue Jul 30 16:46:35 2024 +0800 net: mctp: Consistent peer address handling in ioctl tag allocation When executing ioctl to allocate tags, if the peer address is 0, mctp_alloc_local_tag now replaces it with 0xff. However, during tag dropping, this replacement is not performed, potentially causing the key not to be dropped as expected. Signed-off-by: John Wang Reviewed-by: Jeremy Kerr Link: https://patch.msgid.link/20240730084636.184140-1-wangzhiqiang02@ieisystem.com Signed-off-by: Jakub Kicinski commit 8a96e7be8c33cbd809ca13c9590167a336e2e322 Author: Takashi Sakamoto Date: Fri Aug 2 09:36:06 2024 +0900 firewire: ohci: use static inline functions to serialize data of IT DMA THis commit replaces current implementation with the helper functions added in the former commit. Link: https://lore.kernel.org/r/20240802003606.109402-5-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 1ce2a92b5389266cc5b79b5f4042a81ee15f503a Author: Takashi Sakamoto Date: Fri Aug 2 09:36:05 2024 +0900 firewire: ohci: add static inline functions to serialize/deserialize data of IT DMA In 1394 OHCI specification, the format of data for IT DMA is different from the format of isochronous packet in IEEE 1394 specification, in its spd and srcBusID fields. This commit adds some static inline functions to serialize/deserialize the data of IT DMA. Link: https://lore.kernel.org/r/20240802003606.109402-4-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit db7a8f5519a30a0c3361741e44595d47cb7843ab Author: Takashi Sakamoto Date: Fri Aug 2 09:36:04 2024 +0900 firewire: ohci: use static inline functions to serialize data of AT DMA This commit replaces current implementation with the helper functions added in the former commit. Link: https://lore.kernel.org/r/20240802003606.109402-3-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 8db9d1557122a714549b91e25fd22301bc3a5178 Author: Takashi Sakamoto Date: Fri Aug 2 09:36:03 2024 +0900 firewire: ohci: add static inline functions to serialize/deserialize data of AT DMA In 1394 OHCI specification, the format of data for AT DMA is different from the format of asynchronous packet in IEEE 1394 specification, in its spd and srcBusID fields. This commit adds some static inline functions to serialize/deserialize the data of AT DMA. Link: https://lore.kernel.org/r/20240802003606.109402-2-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit bf1807c6ee1f66608c7835f6f9d9139c9c477942 Author: Damien Le Moal Date: Thu Aug 1 18:04:22 2024 +0900 ata: libata: Print device quirks only once In ata_dev_print_quirks(), return early if ata_dev_print_info() returns false or if we already printed quirk information. This is to avoid printing a device quirks multiple times (that is, each time ata_dev_revalidate() is called). To remember if ata_dev_print_quirks() was already executed, define the EH context flag ATA_EHI_DID_PRINT_QUIRKS and set this flag in ata_dev_print_quirks(). Reported-by: Geert Uytterhoeven Fixes: 58157d607aec ("ata: libata: Print quirks applied to devices") Signed-off-by: Damien Le Moal Tested-by: Geert Uytterhoeven commit b40824500eaa77668026b6d1ade6924901a680f9 Author: Damien Le Moal Date: Tue Jul 30 14:38:07 2024 +0900 ata: libata: Remove ata_noop_qc_prep() The function ata_noop_qc_prep(), as its name implies, does nothing and simply returns AC_ERR_OK. For drivers that do not need any special preparations of queued commands, we can avoid having to define struct ata_port qc_prep operation by simply testing if that operation is defined or not in ata_qc_issue(). Make this change and remove ata_noop_qc_prep(). Signed-off-by: Damien Le Moal Reviewed-by: John Garry Reviewed-by: Sergey Shtylyov commit 43d631bf06ec961bbe4c824b931fe03be44c419c Author: Thorsten Blum Date: Mon Jun 24 19:57:28 2024 +0200 kcsan: Use min() to fix Coccinelle warning Fixes the following Coccinelle/coccicheck warning reported by minmax.cocci: WARNING opportunity for min() Use const size_t instead of int for the result of min(). Compile-tested with CONFIG_KCSAN=y. Reviewed-by: Marco Elver Signed-off-by: Thorsten Blum Signed-off-by: Paul E. McKenney commit 1f35a0c74e441e1a21b5414c25bc01f06e9cca31 Author: Huacai Chen Date: Fri Jul 26 17:29:11 2024 +0800 PCI/ACPI: Increase Loongson max PCI hosts to 8 Beginning with Loongson-3C6000, there can be up to 8 PCI hosts for multi-chip machines. To support these machines, increase the number of entries in mcfg_quirks to 8. Link: https://lore.kernel.org/r/20240726092911.2042656-1-chenhuacai@loongson.cn Signed-off-by: Haowei Zheng Signed-off-by: Huacai Chen Signed-off-by: Bjorn Helgaas commit 7320ad972510415515d00838451c51f2db3974a7 Author: Namhyung Kim Date: Wed Jul 31 16:55:05 2024 -0700 perf mem: Add -T/--data-type option to report subcommand This is just a shortcut to have 'type' in the sort key and use more compact output format like below. $ perf mem report -T ... # # Overhead Samples Memory access Snoop TLB access Data Type # ........ ............ ....................................... ............ ...................... ......... # 14.84% 22 L1 hit None L1 or L2 hit (unknown) 7.68% 8 LFB/MAB hit None L1 or L2 hit (unknown) 7.17% 3 RAM hit Hit L2 miss (unknown) 6.29% 12 L1 hit None L1 or L2 hit (stack operation) 4.85% 5 RAM hit Hit L1 or L2 hit (unknown) 3.97% 5 LFB/MAB hit None L1 or L2 hit struct psi_group_cpu 3.18% 3 LFB/MAB hit None L1 or L2 hit (stack operation) 2.58% 3 L1 hit None L1 or L2 hit unsigned int 2.36% 2 L1 hit None L1 or L2 hit struct 2.31% 2 L1 hit None L1 or L2 hit struct psi_group_cpu ... Users also can use their own sort keys and -T option makes sure it has the 'type' sort key at the end. $ perf mem report -T -s mem Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240731235505.710436-7-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 2d99a991337f70a7d11135d6a539bed8c060cb0f Author: Namhyung Kim Date: Wed Jul 31 16:55:04 2024 -0700 perf mem: Add -s/--sort option So that users can set the sort key manually as they want. $ perf mem report -s Error: switch `s' requires a value Usage: perf mem report [] -s, --sort sort by key(s): overhead overhead_sys overhead_us overhead_guest_sys overhead_guest_us overhead_children sample period weight1 weight2 weight3 ins_lat retire_lat p_stage_cyc pid comm dso symbol parent cpu socket srcline srcfile local_weight weight transaction trace symbol_size dso_size cgroup cgroup_id ipc_null time code_page_size local_ins_lat ins_lat local_p_stage_cyc p_stage_cyc addr local_retire_lat retire_lat simd type typeoff symoff symbol_daddr dso_daddr locked tlb mem snoop dcacheline symbol_iaddr phys_daddr data_page_size blocked Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240731235505.710436-6-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 871893d748cce346097d907b9937604af3dafcf1 Author: Namhyung Kim Date: Wed Jul 31 16:55:03 2024 -0700 perf tools: Add mode argument to sort_help() Some sort keys are meaningful only in a specific mode - like branch stack and memory (data-src). Add the mode to skip unnecessary ones. This will be used for 'perf mem report' later. While at it, change the prefix for the -F/--fields option to remove the duplicate part. Before: $ perf report -F Error: switch `F' requires a value Usage: perf report [] -F, --fields output field(s): overhead period sample overhead overhead_sys overhead_us overhead_guest_sys overhead_guest_us overhead_children sample period weight1 weight2 weight3 ins_lat retire_lat ... After: $ perf report -F Error: switch `F' requires a value Usage: perf report [] -F, --fields output field(s): overhead overhead_sys overhead_us overhead_guest_sys overhead_guest_us overhead_children sample period weight1 weight2 weight3 ins_lat retire_lat ... Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240731235505.710436-5-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 35b38a71c92fa033aa6c8d681ee827e215254964 Author: Namhyung Kim Date: Wed Jul 31 16:55:02 2024 -0700 perf mem: Rework command option handling Split the common option and ones for record or report. Otherwise -U in the record option cannot be used because it clashes with in the common (or report) option. Also rename report_events() to __cmd_report() to follow the convention and to be sync with the record part. Also set the flag PARSE_OPT_STOP_AT_NON_OPTION for the common option so that it can show the help message in the subcommand like below: $ perf mem record -h Usage: perf mem record [] [] or: perf mem record [] -- [] -C, --cpu list of cpus to profile -e, --event event selector. use 'perf mem record -e list' to list available events -f, --force don't complain, do it -K, --all-kernel collect only kernel level data -p, --phys-data Record/Report sample physical addresses -t, --type memory operations(load,store) Default load,store -U, --all-user collect only user level data -v, --verbose be more verbose (show counter open errors, etc) --data-page-size Record/Report sample data address page size --ldlat mem-loads latency Cc: Aditya Gupta Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240731235505.710436-4-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 3da209bb1177462b6fe8e3021a5527a5a49a9336 Author: Namhyung Kim Date: Wed Jul 31 16:55:01 2024 -0700 perf mem: Free the allocated sort string, fixing a leak The get_sort_order() returns either a new string (from strdup) or NULL but it never gets freed. Signed-off-by: Namhyung Kim Fixes: 2e7f545096f954a9 ("perf mem: Factor out a function to generate sort order") Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240731235505.710436-3-namhyung@kernel.org [ Added Fixes tag ] Signed-off-by: Arnaldo Carvalho de Melo commit 96465e0179fa8a7059bd48a81a81889dcad7d543 Author: Namhyung Kim Date: Wed Jul 31 16:55:00 2024 -0700 perf hist: Correct hist_entry->mem_info refcounts The 'struct mem_info' is created by iter_prepare_mem_entry() at the beginning and destroyed by iter_finish_mem_entry() at the end. So if it's used in a new hist_entry, it should be cloned. Simplify (hopefully) the logic by adding some helper functions and by not holding the refcount in the temporary entry. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Athira Rajeev Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Stephane Eranian Link: https://lore.kernel.org/r/20240731235505.710436-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 7c5dd51bbb6767095df8a5e9e2b4528b8af18538 Author: Ian Rogers Date: Wed Jul 31 16:00:05 2024 -0700 perf python: Remove PYTHON_PERF ifdefs When perf code was compiled one way for the binary and another for the python module, the PYTHON_PERF ifdef was used to remove some code from the python module. Since switching to building the perf code as a series of libraries, with the same libraries being used for the python module, the ifdefs became unused as PYTHON_PERF is never defined. As such remove the ifdefs. Fixes: 9dabf4003423c8d3 ("perf python: Switch module to linking libraries from building source") Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240731230005.12295-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit 0fe881f10ceb7ae2be455d8bdf70fab18c0a5c5f Author: Ian Rogers Date: Tue Jul 30 12:17:44 2024 -0700 perf jevents: Autogenerate empty-pmu-events.c empty-pmu-events.c exists so that builds may occur without python being installed on a system. Manually updating empty-pmu-events.c to be in sync with jevents.py is a pain, let's use jevents.py to generate empty-pmu-events.c. 1) change jevents.py so that an arch and model of none cause generation of a pmu-events.c without any json. Add a SPDX and autogenerated warning to the start of the file. 2) change Build so that if a generated pmu-events.c for arch none and model none doesn't match empty-pmu-events.c the build fails with a cat of the differences. Update Makefile.perf to clean up the files used for this. 3) update empty-pmu-events.c to match the output of jevents.py with arch and mode of none. Committer notes: The firtst paragraph is confusing, so I asked and Ian further clarified: --- The requirement for python hasn't changed. Case 1: no python or NO_JEVENTS=1 Build happens using empty-pmu-events.c that is checked in, no python is required. Case 2: python pmu-events.c is created by jevents.py (requiring python) and then built. This change adds a step where the empty-pmu-events.c is created using jevents.py and that file is diffed against the checked in version. This stops the checked in empty-pmu-events.c diverging if changes are made to jevents.py. If the diff causes the build to fail then you just copy the diff empty-pmu-events.c over the checked in one. --- Reviewed-by: John Garry Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: Jing Zhang Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Oliver Sang Cc: Peter Zijlstra Cc: Philip Li Cc: Sandipan Das Cc: Weilin Wang Cc: Xu Yang Link: https://lore.kernel.org/r/20240730191744.3097329-3-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit ea59b70a8418a313d6f2ab48a957de015fc33018 Author: Arnaldo Carvalho de Melo Date: Wed Jul 31 11:58:56 2024 -0300 perf bpf: Move BPF disassembly routines to separate file to avoid clash with capstone bpf headers There is a clash of the libbpf and capstone libraries, that ends up with: In file included from /usr/include/capstone/capstone.h:325, from util/disasm.c:1513: /usr/include/capstone/bpf.h:94:14: error: ‘bpf_insn’ defined as wrong kind of tag 94 | typedef enum bpf_insn { So far we're just trying to avoid this by not having both headers included in the same .c or .h file, do it one more time by moving the BPF diassembly routines from util/disasm.c to util/disasm_bpf.c. This is only being hit when building with BUILD_NONDISTRO=1, i.e. building with binutils-devel, that isn't the in the default build due to a licencing clash. We need to reimplement what is now isolated in util/disasm_bpf.c using some other library to have BPF annotation feature that now only is available with BUILD_NONDISTRO=1. Fixes: 6d17edc113de1e21 ("perf annotate: Use libcapstone to disassemble") Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/ZqpUSKPxMwaQKORr@x1 Signed-off-by: Arnaldo Carvalho de Melo commit f0a1ffa6f9771c6a1283afab591781e7c797e2e1 Author: Abdulrasaq Lawani Date: Thu Aug 1 05:29:52 2024 -0400 selftest: acct: Add selftest for the acct() syscall The acct() system call enables or disables process accounting. If accounting is turned on, records for each terminating process are appended to a specified filename as it terminates. An argument of NULL causes accounting to be turned off. This patch will add a test for the acct() syscall. Signed-off-by: Abdulrasaq Lawani Signed-off-by: Shuah Khan commit 44b045e27c65153cc8f549627d8d6d82f897c03c Author: Muhammad Usama Anjum Date: Thu Jul 25 17:11:39 2024 +0500 selftests: lib: remove strscpy test The strscpy test loads test_strscpy module for testing. But test_strscpy was converted to Kunit (see fixes). Hence remove strscpy. Fixes: 41eefc46a3a4 ("string: Convert strscpy() self-test to KUnit") Signed-off-by: Muhammad Usama Anjum Signed-off-by: Shuah Khan commit 4e51e13bd986cab31dfab5c3bff1678171debbd1 Author: Muhammad Usama Anjum Date: Thu Jul 25 16:08:03 2024 +0500 selftests: user: remove user suite The user test suite has only one test, test_user_copy which loads test_user_copy module for testing. But test_user_copy module has already been converted to kunit (see fixes). Hence remove the entire suite. Fixes: cf6219ee889f ("usercopy: Convert test_user_copy to KUnit test") Signed-off-by: Muhammad Usama Anjum Signed-off-by: Shuah Khan commit 9aafe1dd035fd405c5514e6bea2647c196626dd3 Merge: bb2bf8568a425d bb660132868b52 Author: Mark Brown Date: Thu Aug 1 20:15:22 2024 +0100 ALSA/ASoC: use snd_pcm_direction_name() Merge series from Kuninori Morimoto : Many drivers are selecting strings "playback" / "capture" by own handling, but we have snd_pcm_direction_name() function for it. This patch use it. One note is that snd_pcm_direction_name() will select "Playback" and "Capture", instead of "playback" / "capture". Almost all drivers are using it as dev_dbg() or dev_err() so no problem. But some other drivers are using it as other purpose. It might be issue (?). For example ASoC debugfs dir name will be changed by this patch. commit 4f04d07c0a94b0b30db839e44f1b8364a1b508ac Author: Matthew Brost Date: Thu Aug 1 08:41:18 2024 -0700 drm/xe: Faster devcoredump The current algorithm to read out devcoredump is O(N*N) where N is the size of coredump due to usage of the drm_coredump_printer in xe_devcoredump_read. Switch to a O(N) algorithm which prints the devcoredump into a readable format in snapshot work and update xe_devcoredump_read to memcpy from the readable format directly. v2: - Fix double free on devcoredump removal (Testing) - Set read_data_size after snap work flush - Adjust remaining in iterator upon realloc (Testing) - Set read_data upon realloc (Testing) v3: - Kernel doc v4: - Two pass algorithm to determine size (Maarten) v5: - Use scope for reading variables (Johnathan) Reported-by: Paulo Zanoni Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2408 Cc: Rodrigo Vivi Cc: Maarten Lankhorst Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240801154118.2547543-4-matthew.brost@intel.com commit 53369581dc0c68a5700ed51e1660f44c4b2bb524 Author: Matthew Brost Date: Thu Aug 1 08:41:17 2024 -0700 drm/printer: Allow NULL data in devcoredump printer We want to determine the size of the devcoredump before writing it out. To that end, we will run the devcoredump printer with NULL data to get the size, alloc data based on the generated offset, then run the devcorecump again with a valid data pointer to print. This necessitates not writing data to the data pointer on the initial pass, when it is NULL. v5: - Better commit message (Jonathan) - Add kerenl doc with examples (Jani) Cc: Maarten Lankhorst Acked-by: Maarten Lankhorst Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240801154118.2547543-3-matthew.brost@intel.com commit c3bc97d2f102ddd5a8341eeb2dbae2a3e98bb46a Author: Matthew Brost Date: Thu Aug 1 08:41:16 2024 -0700 drm/xe: Take ref to VM in delayed snapshot Kernel BO's don't take a ref to the VM, we need the VM for the delayed snapshot, so take a ref to the VM in delayed snapshot. v2: - Check for lrc_bo before taking a VM ref (CI) - Check lrc_bo->vm before taking / dropping a VM ref (CI) - Drop VM in xe_lrc_snapshot_free v5: - Fix commit message wording (Johnathan) Fixes: 47058633d9c5 ("drm/xe: Move lrc snapshot capturing to xe_lrc.c") Cc: Maarten Lankhorst Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240801154118.2547543-2-matthew.brost@intel.com commit 5fa35bd39ce106889909444c937a10b2d3a79f08 Merge: 743ff02152bc46 183d46ff422ef9 Author: Jakub Kicinski Date: Thu Aug 1 10:43:15 2024 -0700 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Cross-merge networking fixes after downstream PR. No conflicts or adjacent changes. Link: https://patch.msgid.link/20240801131917.34494-1-pabeni@redhat.com Signed-off-by: Jakub Kicinski commit a2f4b16e736d62892ffd333996a7d682b57f6664 Author: Tejun Heo Date: Wed Jul 31 08:56:31 2024 -1000 sched_ext: Build fix on !CONFIG_STACKTRACE[_SUPPORT] scx_dump_task() uses stack_trace_save_tsk() which is only available when CONFIG_STACKTRACE. Make CONFIG_SCHED_CLASS_EXT select CONFIG_STACKTRACE if the support is available and skip capturing stack trace if !CONFIG_STACKTRACE. Signed-off-by: Tejun Heo Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202407161844.reewQQrR-lkp@intel.com/ Acked-by: David Vernet Signed-off-by: Tejun Heo commit 793aa4bf192d0ad07cca001a596f955d121f5c10 Author: Yazen Ghannam Date: Tue Jul 30 13:29:58 2024 -0500 x86/mce: Use mce_prep_record() helpers for apei_smca_report_x86_error() Current AMD systems can report MCA errors using the ACPI Boot Error Record Table (BERT). The BERT entries for MCA errors will be an x86 Common Platform Error Record (CPER) with an MSR register context that matches the MCAX/SMCA register space. However, the BERT will not necessarily be processed on the CPU that reported the MCA errors. Therefore, the correct CPU number needs to be determined and the information saved in struct mce. Use the newly defined mce_prep_record_*() helpers to get the correct data. Also, add an explicit check to verify that a valid CPU number was found from the APIC ID search. Signed-off-by: Yazen Ghannam Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Nikolay Borisov Link: https://lore.kernel.org/r/20240730182958.4117158-4-yazen.ghannam@amd.com Signed-off-by: Borislav Petkov (AMD) commit f9bbb8ad0c8b2f37e3d474b8693f563e4a29e92e Author: Yazen Ghannam Date: Tue Jul 30 13:29:57 2024 -0500 x86/mce: Define mce_prep_record() helpers for common and per-CPU fields Generally, MCA information for an error is gathered on the CPU that reported the error. In this case, CPU-specific information from the running CPU will be correct. However, this will be incorrect if the MCA information is gathered while running on a CPU that didn't report the error. One example is creating an MCA record using mce_prep_record() for errors reported from ACPI. Split mce_prep_record() so that there is a helper function to gather common, i.e. not CPU-specific, information and another helper for CPU-specific information. Leave mce_prep_record() defined as-is for the common case when running on the reporting CPU. Get MCG_CAP in the global helper even though the register is per-CPU. This value is not already cached per-CPU like other values. And it does not assist with any per-CPU decoding or handling. Signed-off-by: Yazen Ghannam Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Nikolay Borisov Link: https://lore.kernel.org/r/20240730182958.4117158-3-yazen.ghannam@amd.com Signed-off-by: Borislav Petkov (AMD) commit 5ad21a2497329c2b090d5b02b95394a1316bef53 Author: Yazen Ghannam Date: Tue Jul 30 13:29:56 2024 -0500 x86/mce: Rename mce_setup() to mce_prep_record() There is no MCE "setup" done in mce_setup(). Rather, this function initializes and prepares an MCE record. Rename the function to highlight what it does. No functional change is intended. Suggested-by: Borislav Petkov Signed-off-by: Yazen Ghannam Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Nikolay Borisov Link: https://lore.kernel.org/r/20240730182958.4117158-2-yazen.ghannam@amd.com Signed-off-by: Borislav Petkov (AMD) commit 743ff02152bc46bb4a2f2a49ec891c87eba6ab5b Author: Simon Horman Date: Wed Jul 31 10:15:28 2024 +0100 ethtool: Don't check for NULL info in prepare_data callbacks Since commit f946270d05c2 ("ethtool: netlink: always pass genl_info to .prepare_data") the info argument of prepare_data callbacks is never NULL. Remove checks present in callback implementations. Link: https://lore.kernel.org/netdev/20240703121237.3f8b9125@kernel.org/ Signed-off-by: Simon Horman Link: https://patch.msgid.link/20240731-prepare_data-null-check-v1-1-627f2320678f@kernel.org Signed-off-by: Jakub Kicinski commit f9c141fc33393923451bdd190c67d9d4f5d2c67f Author: Yue Haibing Date: Wed Jul 31 14:36:30 2024 +0800 RDS: IB: Remove unused declarations Commit f4f943c958a2 ("RDS: IB: ack more receive completions to improve performance") removed rds_ib_recv_tasklet_fn() implementation but not the declaration. And commit ec16227e1414 ("RDS/IB: Infiniband transport") declared but never implemented other functions. Signed-off-by: Yue Haibing Reviewed-by: Simon Horman Reviewed-by: Allison Henderson Link: https://patch.msgid.link/20240731063630.3592046-1-yuehaibing@huawei.com Signed-off-by: Jakub Kicinski commit 887b1d1adb2e9318b9233bef648bd2b1cc1e66ff Author: Daniel Golle Date: Tue Jul 30 11:36:42 2024 +0100 net: ethernet: mtk_eth_soc: drop clocks unused by Ethernet driver Clocks for SerDes and PHY are going to be handled by standalone drivers for each of those hardware components. Drop them from the Ethernet driver. The clocks which are being removed for this patch are responsible for the for the SerDes PCS and PHYs used for the 2nd and 3rd MAC which are anyway not yet supported. Hence backwards compatibility is not an issue. Signed-off-by: Daniel Golle Reviewed-by: AngeloGioacchino Del Regno Link: https://patch.msgid.link/b5faaf69b5c6e3e155c64af03706c3c423c6a1c9.1722335682.git.daniel@makrotopia.org Signed-off-by: Jakub Kicinski commit 501c3005f0311a7810cc7e56546930638ae6b26f Author: Anand Khoje Date: Tue Jul 30 13:06:33 2024 +0530 net/mlx5: Reclaim max 50K pages at once In non FLR context, at times CX-5 requests release of ~8 million FW pages. This needs humongous number of cmd mailboxes, which to be released once the pages are reclaimed. Release of humongous number of cmd mailboxes is consuming cpu time running into many seconds. Which with non preemptible kernels is leading to critical process starving on that cpu’s RQ. On top of it, the FW does not use all the mailbox messages as it has a limit of releasing 50K pages at once per MLX5_CMD_OP_MANAGE_PAGES + MLX5_PAGES_TAKE device command. Hence, the allocation of these many mailboxes is extra and adds unnecessary overhead. To alleviate this, this change restricts the total number of pages a worker will try to reclaim to maximum 50K pages in one go. Our tests have shown significant benefit of this change in terms of time consumed by dma_pool_free(). During a test where an event was raised by HCA to release 1.3 Million pages, following observations were made: - Without this change: Number of mailbox messages allocated was around 20K, to accommodate the DMA addresses of 1.3 million pages. The average time spent by dma_pool_free() to free the DMA pool is between 16 usec to 32 usec. value ------------- Distribution ------------- count 256 | 0 512 |@ 287 1024 |@@@ 1332 2048 |@ 656 4096 |@@@@@ 2599 8192 |@@@@@@@@@@ 4755 16384 |@@@@@@@@@@@@@@@ 7545 32768 |@@@@@ 2501 65536 | 0 - With this change: Number of mailbox messages allocated was around 800; this was to accommodate DMA addresses of only 50K pages. The average time spent by dma_pool_free() to free the DMA pool in this case lies between 1 usec to 2 usec. value ------------- Distribution ------------- count 256 | 0 512 |@@@@@@@@@@@@@@@@@@ 346 1024 |@@@@@@@@@@@@@@@@@@@@@@ 435 2048 | 0 4096 | 0 8192 | 1 16384 | 0 Signed-off-by: Anand Khoje Reviewed-by: Leon Romanovsky Reviewed-by: Zhu Yanjun Acked-by: Saeed Mahameed Link: https://patch.msgid.link/20240730073634.114407-1-anand.a.khoje@oracle.com Signed-off-by: Jakub Kicinski commit bb2bf8568a425d025bcb3f7c112f9a0282a7dc8e Merge: 69dd15a8ef0ae4 cb8ea62e640206 Author: Mark Brown Date: Thu Aug 1 16:50:43 2024 +0100 AMD SOF based generic SoundWire machine driver Merge series from Vijendar Mukunda : This patch series majorly consists of below changes. - Rename structures, macros and codec helper names used in Intel SoundWire generic driver to make it generic. - Move Intel SoundWire driver common structures, macros and codec helper functions to common placeholder so that it can be used by other platform machine driver. - Refactor few SoundWire common codec helper functions. - AMD SOF based generic SoundWire machine driver for ACP 6.3 variant. This work started a couple of months ago to avoid duplication of code that wasn't really Intel-specific in the "sof_sdw" machine driver. The code went through multiple iterations, was tested for multiple weeks and a couple of build issues reported by the Intel kbuild bots were corrected. This is the initial version of SoundWire machine driver for AMD platforms. Additional code refactoring will be done in the next step on the AMD side. Link: https://github.com/thesofproject/linux/pull/5068 Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart commit 9cb3549b73c1cd1f8ed0ff32bafab7649e5bf4ea Author: Namhyung Kim Date: Wed Jul 3 15:30:35 2024 -0700 perf test: Update sample filtering test Now it can run the BPF filtering test with normal user if the BPF objects are pinned by 'sudo perf record --setup-filter pin'. Let's update the test case to verify the behavior. It'll skip the test if the filter check is failed from a normal user, but it shows a message how to set up the filters. First, run the test as a normal user and it fails. $ perf test -vv filtering 95: perf record sample filtering (by BPF) tests: --- start --- test child forked, pid 425677 Checking BPF-filter privilege try 'sudo perf record --setup-filter pin' first. <<<--- here bpf-filter test [Skipped permission] ---- end(-2) ---- 95: perf record sample filtering (by BPF) tests : Skip According to the message, run the perf record command to pin the BPF objects. $ sudo perf record --setup-filter pin And re-run the test as a normal user. $ perf test -vv filtering 95: perf record sample filtering (by BPF) tests: --- start --- test child forked, pid 424486 Checking BPF-filter privilege Basic bpf-filter test Basic bpf-filter test [Success] Failing bpf-filter test Error: task-clock event does not have PERF_SAMPLE_CPU Failing bpf-filter test [Success] Group bpf-filter test Error: task-clock event does not have PERF_SAMPLE_CPU Error: task-clock event does not have PERF_SAMPLE_CODE_PAGE_SIZE Group bpf-filter test [Success] ---- end(0) ---- 95: perf record sample filtering (by BPF) tests : Ok Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: KP Singh Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Cc: Stephane Eranian Cc: bpf@vger.kernel.org Link: https://lore.kernel.org/r/20240703223035.2024586-9-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 3dee4b83a6b4c167db0827c2b1e288460af72ac6 Author: Namhyung Kim Date: Wed Jul 3 15:30:34 2024 -0700 perf record: Add --setup-filter option To allow BPF filters for unprivileged users it needs to pin the BPF objects to BPF-fs first. Let's add a new option to pin and unpin the objects easily. I'm not sure 'perf record' is a right place to do this but I don't have a better idea right now. $ sudo perf record --setup-filter pin The above command would pin BPF program and maps for the filter when the system has BPF-fs (usually at /sys/fs/bpf/). To unpin the objects, users can run the following command (as root). $ sudo perf record --setup-filter unpin Committer testing: root@number:~# perf record --setup-filter pin root@number:~# ls -la /sys/fs/bpf/perf_filter/ total 0 drwxr-xr-x. 2 root root 0 Jul 31 10:43 . drwxr-xr-t. 3 root root 0 Jul 31 10:43 .. -rw-rw-rw-. 1 root root 0 Jul 31 10:43 dropped -rw-rw-rw-. 1 root root 0 Jul 31 10:43 filters -rwxrwxrwx. 1 root root 0 Jul 31 10:43 perf_sample_filter -rw-rw-rw-. 1 root root 0 Jul 31 10:43 pid_hash -rw-------. 1 root root 0 Jul 31 10:43 sample_f_rodata root@number:~# ls -la /sys/fs/bpf/perf_filter/perf_sample_filter -rwxrwxrwx. 1 root root 0 Jul 31 10:43 /sys/fs/bpf/perf_filter/perf_sample_filter root@number:~# Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: KP Singh Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Cc: Stephane Eranian Cc: bpf@vger.kernel.org Link: https://lore.kernel.org/r/20240703223035.2024586-8-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 73bf63a4750ea18d7fbb8f80695dcfd0656d13f4 Author: Namhyung Kim Date: Wed Jul 3 15:30:33 2024 -0700 perf record: Fix a potential error handling issue The evlist is allocated at the beginning of cmd_record(). Also free-ing thread masks should be paired with record__init_thread_masks() which is called right before __cmd_record(). Let's change the order of these functions to release the resources correctly in case of errors. This is maybe fine as the process exits, but it might be a problem if it manages some system-wide resources that live longer than the process. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: KP Singh Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Cc: Stephane Eranian Cc: bpf@vger.kernel.org Link: https://lore.kernel.org/r/20240703223035.2024586-7-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 1ec6fd34e0572588b9628e397ff134fd3cf79b5d Author: Namhyung Kim Date: Wed Jul 3 15:30:32 2024 -0700 perf bpf-filter: Support separate lost counts for each filter As the BPF filter is shared between other processes, it should have its own counter for each invocation. Add a new array map (lost_count) to save the count using the same index as the filter. It should clear the count before running the filter. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: KP Singh Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Cc: Stephane Eranian Cc: bpf@vger.kernel.org Link: https://lore.kernel.org/r/20240703223035.2024586-6-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 0715f65e94377016e8e12dae6bb6a6d24644c54d Author: Namhyung Kim Date: Wed Jul 3 15:30:31 2024 -0700 perf bpf-filter: Support pin/unpin BPF object And use the pinned objects for unprivileged users to profile their own tasks. The BPF objects need to be pinned in the BPF-fs by root first and it'll be handled in the later patch. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: KP Singh Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Cc: Stephane Eranian Cc: bpf@vger.kernel.org Link: https://lore.kernel.org/r/20240703223035.2024586-5-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit eb1693b1150d4b99af5241242d6bcd6290cf68a0 Author: Namhyung Kim Date: Wed Jul 3 15:30:30 2024 -0700 perf bpf-filter: Split per-task filter use case If the target is a list of tasks, it can use a shared hash map for filter expressions. The key of the filter map is an integer index like in an array. A separate pid_hash map is added to get the index for the filter map using the tgid. For system-wide mode including per-cpu or per-user targets are handled by the single entry map like before. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: KP Singh Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Cc: Stephane Eranian Cc: bpf@vger.kernel.org Link: https://lore.kernel.org/r/20240703223035.2024586-4-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 966854e72f6e8a259609ea3c7fd78215e6606c7b Author: Namhyung Kim Date: Wed Jul 3 15:30:29 2024 -0700 perf bpf-filter: Pass 'target' to perf_bpf_filter__prepare() This is needed to prepare target-specific actions in the later patch. We want to reuse the pinned BPF program and map for regular users to profile their own processes. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: KP Singh Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Cc: Stephane Eranian Cc: bpf@vger.kernel.org Link: https://lore.kernel.org/r/20240703223035.2024586-3-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit edb08cdd10b57d30631492e534f5bc13a78e739b Author: Namhyung Kim Date: Wed Jul 3 15:30:28 2024 -0700 perf bpf-filter: Make filters map a single entry hashmap And the value is now an array. This is to support multiple filter entries in the map later. No functional changes intended. Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: KP Singh Cc: Kan Liang Cc: Peter Zijlstra Cc: Song Liu Cc: Stephane Eranian Cc: bpf@vger.kernel.org Link: https://lore.kernel.org/r/20240703223035.2024586-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 0f2c0400b560a3752fac9e583c1576a53a51cde9 Author: Ian Rogers Date: Tue Jul 30 12:17:43 2024 -0700 perf jevents: Use name for special find value (PMU_EVENTS__NOT_FOUND) -1000 was used as a special value added in Commit 3d5045492ab2 ("perf pmu-events: Add pmu_events_table__find_event()") to show that 1 table lacked a PMU/event but that didn't terminate the search in other tables. Add a new constant PMU_EVENTS__NOT_FOUND for this value and use it. Reviewed-by: John Garry Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: Jing Zhang Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Oliver Sang Cc: Peter Zijlstra Cc: Philip Li Cc: Sandipan Das Cc: Weilin Wang Cc: Xu Yang Link: https://lore.kernel.org/r/20240730191744.3097329-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo commit b48543c451c30387b53ee6e202dda8d5303f6268 Author: Tiezhu Yang Date: Tue Jul 30 14:23:01 2024 +0800 perf list: Give clues if failed to open tracing events directory When executing the command "perf list", I met "Error: failed to open tracing events directory" twice, the first reason is that there is no "/sys/kernel/tracing/events" directory due to it does not enable the kernel tracing infrastructure with CONFIG_FTRACE, the second reason is that there is no root privileges. Add the error string to tell the users what happened and what should to do, and also call put_tracing_file() to free events_path a little later to avoid messy code in the error message. At the same time, just remove the redundant "/" of the file path in the function get_tracing_file(), otherwise it shows something like "/sys/kernel/tracing//events". Before: $ ./perf list Error: failed to open tracing events directory After: (1) Without CONFIG_FTRACE $ ./perf list Error: failed to open tracing events directory /sys/kernel/tracing/events: No such file or directory (2) With CONFIG_FTRACE but no root privileges $ ./perf list Error: failed to open tracing events directory /sys/kernel/tracing/events: Permission denied Committer testing: Redirect stdout to null to quickly test the patch: Before: $ perf list > /dev/null Error: failed to open tracing events directory $ After: $ perf list > /dev/null Error: failed to open tracing events directory /sys/kernel/tracing/events: Permission denied $ Signed-off-by: Tiezhu Yang Tested-by: Arnaldo Carvalho de Melo Cc: Ingo Molnar Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/lkml/20240730062301.23244-3-yangtiezhu@loongson.cn Signed-off-by: Arnaldo Carvalho de Melo commit 839b1832e68a5b7d8c81c9281296b03e5ba7c31a Author: Tiezhu Yang Date: Tue Jul 30 14:23:00 2024 +0800 perf tools: Fix wrong message when running "make JOBS=1" There is only one job when running "make JOBS=1", it should print "sequential build" rather than "parallel build". Before: $ cd tools/perf && make JOBS=1 BUILD: Doing 'make -j1' parallel build After: $ cd tools/perf && make JOBS=1 BUILD: Doing 'make -j1' sequential build Signed-off-by: Tiezhu Yang Tested-by: Arnaldo Carvalho de Melo Cc: Ingo Molnar Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/lkml/20240730062301.23244-2-yangtiezhu@loongson.cn Signed-off-by: Arnaldo Carvalho de Melo commit d261f9ebcf424535fe04e720a1cfa023be409f52 Author: Charlie Jenkins Date: Mon Jul 29 16:11:02 2024 -0700 libperf: Add gitignore Ignore files that are generated by libperf and libperf tests. Signed-off-by: Charlie Jenkins Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/lkml/20240729-libperf_gitignore-v1-1-1c70dd98edf9@rivosinc.com Signed-off-by: Arnaldo Carvalho de Melo commit 1635bdca4b02bbe6529e769dd7d56a98960344fc Author: Leo Yan Date: Thu Jul 25 07:46:20 2024 +0100 perf arm-spe: Support multiple Arm SPE events As the flag 'auxtrace' has been set for Arm SPE events, now it is ready to use evsel__is_aux_event() to check if an event is AUX trace event or not. Use this function to replace the old checking for only the first Arm SPE event. Signed-off-by: Leo Yan Cc: Mark Rutland Cc: Suzuki K Poulose Cc: Ian Rogers Cc: Adrian Hunter Cc: Arnaldo Carvalho de Melo Cc: Jiri Olsa Cc: Namhyung Kim Cc: James Clark Cc: Mike Leach Cc: Cc: John Garry Cc: Signed-off-by: Arnaldo Carvalho de Melo commit ccd6fcda257573081b308f3f8f002a15810eba7c Author: Leo Yan Date: Thu Jul 25 07:46:19 2024 +0100 perf arm-spe: Extract evsel setting up The evsel for Arm SPE PMU needs to be set up. Extract the setting up into a function arm_spe_setup_evsel(). Signed-off-by: Leo Yan Cc: Mark Rutland Cc: Suzuki K Poulose Cc: Ian Rogers Cc: Adrian Hunter Cc: Arnaldo Carvalho de Melo Cc: Jiri Olsa Cc: Namhyung Kim Cc: James Clark Cc: Mike Leach Cc: Cc: John Garry Cc: Signed-off-by: Arnaldo Carvalho de Melo commit 3f66f26703093886db81f0610b97a6794511917c Author: Dmitry Kandybka Date: Thu Jul 25 14:17:43 2024 +0300 wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() In 'ath9k_get_et_stats()', promote TX stats counters to 'u64' to avoid possible integer overflow. Compile tested only. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Dmitry Kandybka Acked-by: Toke Høiland-Jørgensen Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240725111743.14422-1-d.kandybka@gmail.com commit 215a19631d1125a2834b2ffe62b8de9a9e73d6a8 Author: Thorsten Blum Date: Wed Jul 10 20:57:44 2024 +0200 wifi: ath9k: Use swap() to improve ath9k_hw_get_nf_hist_mid() Use the swap() macro to simplify the ath9k_hw_get_nf_hist_mid() function and improve its readability. Fixes the following Coccinelle/coccicheck warning reported by swap.cocci: WARNING opportunity for swap() Compile-tested only. Signed-off-by: Thorsten Blum Acked-by: Toke Høiland-Jørgensen Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240710185743.709742-2-thorsten.blum@toblux.com commit aa0d7643c8dd1a0483189499ea2f9492d74f4970 Author: Heiner Kallweit Date: Tue Apr 9 22:28:27 2024 +0200 wifi: ath9k: use unmanaged PCI functions in ath9k_pci_owl_loader Only managed PCI resource in the driver is the iomapped bar. However the bar is unmapped in the same function. Therefore using the device-managed versions just causes overhead, w/o any benefit. Once this is switched to the non-managed versions, there's nothing left to be managed for pcim_enable_device(). Therefore we can reduce overhead here too and switch to the non-managed version as well. This includes removing the no longer needed call to pcim_pin_device(). Signed-off-by: Heiner Kallweit Acked-by: Toke Høiland-Jørgensen Signed-off-by: Kalle Valo Link: https://patch.msgid.link/3b46f6c7-4372-4cc9-9a7c-2c1c06d29324@gmail.com commit 146458645e505f5eac498759bcd865cf7c0dfd9a Author: Karthik Poosa Date: Thu Aug 1 16:54:24 2024 +0530 drm/xe/hwmon: Fix PL1 disable flow in xe_hwmon_power_max_write In xe_hwmon_power_max_write, for PL1 disable supported case, instead of returning after PL1 disable, PL1 enable path was also being run. Fixed it by returning after disable. v2: Correct typo and grammar in commit message. (Jonathan) Signed-off-by: Karthik Poosa Fixes: fef6dd12b45a ("drm/xe/hwmon: Protect hwmon rw attributes with hwmon_lock") Reviewed-by: Jonathan Cavitt Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240801112424.1841766-1-karthik.poosa@intel.com commit 35e6dbfe1846caeafabb49b7575adb36b0aa2269 Author: Shubhrajyoti Datta Date: Thu Jul 11 15:36:56 2024 +0530 EDAC/synopsys: Fix error injection on Zynq UltraScale+ The Zynq UltraScale+ MPSoC DDR has a disjoint memory from 2GB to 32GB. The DDR host interface has a contiguous memory so while injecting errors, the driver should remove the hole else the injection fails as the address translation is incorrect. Introduce a get_mem_info() function pointer and set it for Zynq UltraScale+ platform to return host address. Fixes: 1a81361f75d8 ("EDAC, synopsys: Add Error Injection support for ZynqMP DDR controller") Signed-off-by: Shubhrajyoti Datta Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20240711100656.31376-1-shubhrajyoti.datta@amd.com commit bcbfcebda2cbc6a10a347d726e4a4f69e43a864e Author: Mohamed Ghanmi Date: Sun Jun 9 15:48:49 2024 +0100 platform/x86: asus-wmi: add support for vivobook fan profiles Add support for vivobook fan profiles wmi call on the ASUS VIVOBOOK to adjust power limits. These fan profiles have a different device id than the ROG series and different order. This reorders the existing modes. As part of keeping the patch clean the throttle_thermal_policy_available boolean stored in the driver struct is removed and throttle_thermal_policy_dev is used in place (as on init it is zeroed). Co-developed-by: Luke D. Jones Signed-off-by: Luke D. Jones Signed-off-by: Mohamed Ghanmi Reviewed-by: Luke D. Jones Link: https://lore.kernel.org/r/20240609144849.2532-2-mohamed.ghanmi@supcom.tn Reviewed-by: Hans de Goede Signed-off-by: Hans de Goede commit 2873085a8cd52a55ed6ae80f94032f912a3f9a91 Author: Chris Morgan Date: Wed Jul 10 18:17:18 2024 -0500 arm64: dts: allwinner: h700: Add Anbernic RG35XX-SP The Anbernic RG35XXSP is almost identical to the RG35XX-Plus, but in a clamshell form-factor. The key differences between the SP and the Plus is a lid switch and an RTC on the same i2c bus as the PMIC. Signed-off-by: Chris Morgan Reviewed-by: Andre Przywara Link: https://lore.kernel.org/r/20240710231718.106894-5-macroalpha82@gmail.com Signed-off-by: Chen-Yu Tsai commit c712e5d0985628b1df13930489b49b740e610a2b Author: Chris Morgan Date: Wed Jul 10 18:17:17 2024 -0500 arm64: dts: allwinner: h616: Change RG35XX Series from r_rsb to r_i2c Change the Anbernic RG35XX series to use the r_i2c bus for the PMIC instead of the r_rsb bus. This is to keep the device tree consistent as there are at least 3 devices (the RG35XX-SP, RG28XX, and RG40XX-H) that have an external RTC on the r_i2c bus. Signed-off-by: Chris Morgan Reviewed-by: Andre Przywara Tested-by: Ryan Walklin Link: https://lore.kernel.org/r/20240710231718.106894-4-macroalpha82@gmail.com Signed-off-by: Chen-Yu Tsai commit 7c9ea4ab76176f65f4f55aa144f9145a4bccaacb Author: Chris Morgan Date: Wed Jul 10 18:17:16 2024 -0500 arm64: dts: allwinner: h616: Add r_i2c pinctrl nodes Add pinctrl nodes for the r_i2c node. Without the pinmux defined the r_i2c bus may fail to work, possibly if the bootloader uses rsb mode for the PMIC. Fixes: 0d17c8651188 ("arm64: dts: allwinner: Add Allwinner H616 .dtsi file") Reviewed-by: Andre Przywara Signed-off-by: Chris Morgan Fixes: 0d17c8651188 ("arm64: dts: allwinner: Add Allwinner H616 .dtsi file") Link: https://lore.kernel.org/r/20240710231718.106894-3-macroalpha82@gmail.com Signed-off-by: Chen-Yu Tsai commit dbd52a3a06692e21df682f39c48cc8c1e84dc331 Author: Chris Morgan Date: Wed Jul 10 18:17:15 2024 -0500 dt-bindings: arm: sunxi: Add Anbernic RG35XXSP Add the Anbernic RG35XXSP variant device. The Anbernic RG35XXSP is almost identical to the RG35XX-Plus, but in a clamshell form-factor with an external RTC and a lid switch. Signed-off-by: Chris Morgan Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240710231718.106894-2-macroalpha82@gmail.com Signed-off-by: Chen-Yu Tsai commit bb660132868b5208d6a5f2bd184425cf788f4ef9 Author: Kuninori Morimoto Date: Tue Jul 30 02:06:16 2024 +0000 ASoC: soc-dapm: use snd_pcm_direction_name() We already have snd_pcm_direction_name(). Let's use it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87frrrk50n.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit ebbd6703d4635d36b35f12a1365dfd7894c0ff12 Author: Kuninori Morimoto Date: Tue Jul 30 02:06:10 2024 +0000 ASoC: soc-pcm: use snd_pcm_direction_name() We already have snd_pcm_direction_name(). Let's use it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87h6c7k50t.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit d6db65bc62fd19915a9926e08b9cbcfbadd64291 Author: Kuninori Morimoto Date: Tue Jul 30 02:06:03 2024 +0000 ASoC: tegra: use snd_pcm_direction_name() We already have snd_pcm_direction_name(). Let's use it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87ikwnk510.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit 8156921e620827319460e8daa9831d731b0d75fd Author: Kuninori Morimoto Date: Tue Jul 30 02:05:58 2024 +0000 ASoC: fsl: lpc3xxx-i2s: use snd_pcm_direction_name() We already have snd_pcm_direction_name(). Let's use it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87jzh3k515.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit baa779902020d8921cf652944309d1284a63811c Author: Kuninori Morimoto Date: Tue Jul 30 02:05:53 2024 +0000 ASoC: sof: intel: use snd_pcm_direction_name() We already have snd_pcm_direction_name(). Let's use it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87le1jk51b.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit cda4aa0069b73e3404ee61864b4814ccc7b7a6ad Author: Kuninori Morimoto Date: Tue Jul 30 02:05:46 2024 +0000 ASoC: sof: pcm: use snd_pcm_direction_name() We already have snd_pcm_direction_name(). Let's use it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87mslzk51h.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit 7dfdcde20179383d4acfee61692a22955d5a8217 Author: Kuninori Morimoto Date: Tue Jul 30 02:05:39 2024 +0000 ASoC: stm: use snd_pcm_direction_name() We already have snd_pcm_direction_name(). Let's use it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87o76fk51p.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit e9b503879fd2b6332eaf8b719d1e07199fc70c6b Author: Clark Wang Date: Mon Jul 22 15:11:00 2024 +0300 pwm: adp5585: Add Analog Devices ADP5585 support The ADP5585 is a 10/11 input/output port expander with a built in keypad matrix decoder, programmable logic, reset generator, and PWM generator. This driver supports the PWM function using the platform device registered by the core MFD driver. The driver is derived from an initial implementation from NXP, available in commit 113113742208 ("MLK-25922-1 pwm: adp5585: add adp5585 PWM support") in their BSP kernel tree. It has been extensively rewritten. Signed-off-by: Clark Wang Reviewed-by: Frank Li Co-developed-by: Laurent Pinchart Signed-off-by: Laurent Pinchart Acked-by: Uwe Kleine-König Link: https://lore.kernel.org/r/20240722121100.2855-5-laurent.pinchart@ideasonboard.com Signed-off-by: Lee Jones commit 738bbc660cae6437dda214d0d97ae68d39479fcd Author: Haibo Chen Date: Mon Jul 22 15:10:59 2024 +0300 gpio: adp5585: Add Analog Devices ADP5585 support The ADP5585 is a 10/11 input/output port expander with a built in keypad matrix decoder, programmable logic, reset generator, and PWM generator. This driver supports the GPIO function using the platform device registered by the core MFD driver. The driver is derived from an initial implementation from NXP, available in commit 451f61b46b76 ("MLK-25917-2 gpio: adp5585-gpio: add adp5585-gpio support") in their BSP kernel tree. It has been extensively rewritten. Signed-off-by: Haibo Chen Reviewed-by: Linus Walleij Acked-by: Bartosz Golaszewski Co-developed-by: Laurent Pinchart Signed-off-by: Laurent Pinchart Reviewed-by: Frank Li Link: https://lore.kernel.org/r/20240722121100.2855-4-laurent.pinchart@ideasonboard.com Signed-off-by: Lee Jones commit 480a8ad683d7a54e8d38c9c7778fb6b15aac241a Author: Haibo Chen Date: Mon Jul 22 15:10:58 2024 +0300 mfd: adp5585: Add Analog Devices ADP5585 core support The ADP5585 is a 10/11 input/output port expander with a built in keypad matrix decoder, programmable logic, reset generator, and PWM generator. This driver supports the chip by modelling it as an MFD device, with two child devices for the GPIO and PWM functions. The driver is derived from an initial implementation from NXP, available in commit 8059835bee19 ("MLK-25917-1 mfd: adp5585: add ADI adp5585 core support") in their BSP kernel tree. It has been extensively rewritten. Signed-off-by: Haibo Chen Signed-off-by: Laurent Pinchart Reviewed-by: Frank Li Link: https://lore.kernel.org/r/20240722121100.2855-3-laurent.pinchart@ideasonboard.com Signed-off-by: Lee Jones commit 312fc21c86824426b27ac9aa0889426ab10eae49 Author: Laurent Pinchart Date: Mon Jul 22 15:10:57 2024 +0300 dt-bindings: mfd: Add Analog Devices ADP5585 The ADP5585 is a 10/11 input/output port expander with a built in keypad matrix decoder, programmable logic, reset generator, and PWM generator. These bindings model the device as an MFD, and support the GPIO expander and PWM functions. These bindings support the GPIO and PWM functions. Drop the existing adi,adp5585 and adi,adp5585-02 compatible strings from trivial-devices.yaml. They have been added there by mistake as the driver that was submitted at the same time used different compatible strings. We can take them over safely. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Laurent Pinchart Link: https://lore.kernel.org/r/20240722121100.2855-2-laurent.pinchart@ideasonboard.com Signed-off-by: Lee Jones commit fea88a13a5d14b9f56fa338b47f2044806b3e64d Author: Chen Ni Date: Fri Jul 5 17:28:00 2024 +0800 backlight: l4f00242t03: Add check for spi_setup Add check for the return value of spi_setup() and return the error if it fails in order to catch the error. Signed-off-by: Chen Ni Reviewed-by: Daniel Thompson Link: https://lore.kernel.org/r/20240705092800.3221159-1-nichen@iscas.ac.cn Signed-off-by: Lee Jones commit a0864cf32044233e56247fa0eed3ac660f15db9e Author: Fenglin Wu Date: Fri Jul 5 15:55:01 2024 +0800 leds: flash: leds-qcom-flash: Limit LED current based on thermal condition The flash module has status bits to indicate different thermal conditions which are called as OTSTx. For each OTSTx status, there is a recommended total flash current for all channels to prevent the flash module entering into higher thermal level. For example, the total flash current should be limited to 1000mA/500mA respectively when the HW reaches the OTST1/OTST2 thermal level. Signed-off-by: Fenglin Wu Link: https://lore.kernel.org/r/20240705-qcom_flash_thermal_derating-v3-1-8e2e2783e3a6@quicinc.com Signed-off-by: Lee Jones commit 10cc487692e7e3dea793a75af499696cc059f11d Author: Javier Carrasco Date: Sun Jul 21 17:19:04 2024 +0200 leds: is31fl319x: Use device_for_each_child_node_scoped() to access child nodes The iterated nodes are direct children of the device node, and the `device_for_each_child_node()` macro accounts for child node availability. `fwnode_for_each_available_child_node()` is meant to access the child nodes of an fwnode, and therefore not direct child nodes of the device node. In this case, the child nodes are not required outside the loop, and the scoped version of the macro can be used to remove the repetitive `goto put` pattern. Use `device_for_each_child_node_scoped_scoped()` to indicate device's direct child nodes. Signed-off-by: Javier Carrasco Reviewed-by: Jonathan Cameron Link: https://lore.kernel.org/r/20240721-device_for_each_child_node-available-v2-4-f33748fd8b2d@gmail.com Signed-off-by: Lee Jones commit ffbf1fcb421429916a861cfc25dfe0c6387dda75 Author: Javier Carrasco Date: Sun Jul 21 17:19:03 2024 +0200 leds: bd2606mvv: Fix device child node usage in bd2606mvv_probe() The current implementation accesses the `child` fwnode handle outside of fwnode_for_each_available_child_node() without incrementing its refcount. Add the missing call to `fwnode_handle_get(child)`. The cleanup process where `child` is accessed is not right either because a single call to `fwnode_handle_put()` is carried out in case of an error, ignoring unasigned nodes at the point when the error happens. Keep `child` inside of the first loop, and use the helper pointer that receives references via `fwnode_handle_get()` to handle the child nodes within the second loop. Moreover, the iterated nodes are direct children of the device node, and the `device_for_each_child_node()` macro accounts for child node availability. By restricting `child` to live within that loop, the scoped version of it can be used to simplify the error handling. `fwnode_for_each_available_child_node()` is meant to access the child nodes of an fwnode, and therefore not direct child nodes of the device node. Use `device_for_each_child_node_scoped()` to indicate device's direct child nodes. Fixes: 8325642d2757 ("leds: bd2606mvv: Driver for the Rohm 6 Channel i2c LED driver") Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240721-device_for_each_child_node-available-v2-3-f33748fd8b2d@gmail.com Signed-off-by: Lee Jones commit 29357f8a8c95df6e59ddb8f5ca8a77b523d0f0a4 Author: Stanislav Jakubek Date: Sat Jul 13 16:19:11 2024 +0200 dt-bindings: leds: sc2731-bltc: Convert to YAML Convert the Spreadtrum SC2731 breathing light controller bindings to DT schema. Adjust filename to match compatible. Signed-off-by: Stanislav Jakubek Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/ZpKM3yYKJixnRabP@standask-GA-A55M-S2HP Signed-off-by: Lee Jones commit 68d6520d2e76998cdea58f6dd8782de5ab5b28af Author: Pieterjan Camerlynck Date: Thu Jul 11 14:49:51 2024 +0200 leds: leds-pca995x: Add support for NXP PCA9956B Add support for PCA9956B chip, which belongs to the same family. This chip features 24 instead of 16 outputs, so add a chipdef struct to deal with the different register layouts. Reviewed-by: Marek Vasut Signed-off-by: Pieterjan Camerlynck Link: https://lore.kernel.org/r/20240711-pca995x-v4-2-702a67148065@gmail.com Signed-off-by: Lee Jones commit 7f5e19062c555183efba88c7d248020c30bf5b04 Author: Pieterjan Camerlynck Date: Thu Jul 11 14:49:50 2024 +0200 dt-bindings: leds: pca995x: Add new nxp,pca9956b compatible Add nxp,pca9956b compatible, which has 24 instead of 16 outputs. Adjust the documentation for the difference. Reviewed-by: Marek Vasut Acked-by: Conor Dooley Signed-off-by: Pieterjan Camerlynck Link: https://lore.kernel.org/r/20240711-pca995x-v4-1-702a67148065@gmail.com Signed-off-by: Lee Jones commit 56e8c56c9af0df8b6de7bc4b6d9a2f4570b055db Author: Joseph Strauss Date: Wed Jul 10 13:48:44 2024 -0500 leds: Add multicolor support to BlinkM LED driver Add multicolor support to the BlinkM driver, making it easier to control from userspace. The BlinkM LED is a programmable RGB LED. The driver currently supports only the regular LED sysfs class, resulting in the creation of three distinct classes, one for red, green, and blue. The user then has to input three values into the three seperate brightness files within those classes. The multicolor LED framework makes the device easier to control with the multi_intensity file: the user can input three values at once to form a color, while still controlling the lightness with the brightness file. The main struct blinkm_led has changed slightly. The struct led_classdev for the regular sysfs classes remain. The blinkm_probe function checks CONFIG_LEDS_BLINKM_MULTICOLOR to decide whether to load the seperate sysfs classes or the single multicolor one, but never both. The blinkm_set_mc_brightness() function had to be added to calculate the three color components and then set the fields of the blinkm_data structure accordingly. Signed-off-by: Joseph Strauss Link: https://lore.kernel.org/r/20240710184844.108006-1-jstrauss@mailbox.org Signed-off-by: Lee Jones commit 6b08d07cac64c0dcf1dbb4584bdf95d0f789a520 Author: Lukasz Majewski Date: Wed Jul 10 12:06:51 2024 +0200 leds: trigger: netdev: Add support for tx_err and rx_err notification with LEDs This patch provides support for enabling blinking of LEDs when RX or TX errors are detected. Approach taken in this patch is similar to one for TX or RX data transmission indication (i.e. TRIGGER_NETDEV_TX/RX attribute). One can inspect transmission errors with: ip -s link show eth0 Example LED configuration: cd /sys/devices/platform/amba_pl@0/a001a000.leds/leds/ echo netdev > mode:blue/trigger && \ echo eth0 > mode:blue/device_name && \ echo 1 > mode:blue/tx_err Signed-off-by: Lukasz Majewski Reviewed-by: Andrew Lunn Link: https://lore.kernel.org/r/20240710100651.4059887-1-lukma@denx.de Signed-off-by: Lee Jones commit b5a7fc286c0f1a1f6e50b030a9450cf39ba100b1 Author: Jack Chen Date: Thu Jul 4 15:15:00 2024 -0400 leds: lm3601x: Calculate max_brightness and brightness properly The torch_current_max should be checked not exceeding the upper bound. If it does, throw a warning message and set to LM3601X_MAX_TORCH_I_UA. LM3601x torch brigthness register (LM3601X_LED_TORCH_REG) takes 0 as the minimum output (2.4 mA). However, 0 of led_brightness means LED_OFF. Adding a -1 offset to brightness before writing to brightness register, so when users write minimum brightness (1), it sets lm3601x output the minimum. Signed-off-by: Jack Chen Link: https://lore.kernel.org/r/20240704191500.766846-1-zenghuchen@google.com Signed-off-by: Lee Jones commit 26e43c9a894176e7b7f7eaff61aaf2748d4aa520 Author: John Allen Date: Tue Jul 30 15:17:31 2024 +0000 RAS/AMD/ATL: Translate normalized to system physical addresses using PRM AMD Zen-based systems report memory error addresses through machine check banks representing Unified Memory Controllers (UMCs) in the form of UMC relative "normalized" addresses. A normalized address must be converted to a system physical address to be usable by the OS. Future AMD platforms will provide a UEFI PRM module that implements a number of address translation PRM handlers. This will provide an interface for the OS to call platform specific code without requiring the use of SMM or other heavy firmware operations. Add support for the normalized to system physical address translation PRM handler in the AMD Address Translation Library and prefer it over native code if available. The GUID and parameter buffer structure are specific to the normalized to system physical address handler provided by the address translation PRM module included in future AMD systems. The address translation PRM module is documented in chapter 22 of the publicly available "AMD Family 1Ah Models 00h–0Fh and Models 10h–1Fh ACPI v6.5 Porting Guide". [ bp: Massage commit message. ] Signed-off-by: John Allen Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20240730151731.15363-3-john.allen@amd.com commit f0fcdd2cb0db62605d85f3b97a1b443e7c91f886 Author: John Allen Date: Tue Jul 30 15:17:30 2024 +0000 ACPI: PRM: Add PRM handler direct call support Platform Runtime Mechanism (PRM) handlers can be invoked from either the AML interpreter or directly by an OS driver. Implement the latter. [ bp: Massage commit message. ] Signed-off-by: John Allen Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Yazen Ghannam Reviewed-by: Ard Biesheuvel Acked-by: Rafael J. Wysocki Link: https://lore.kernel.org/r/20240730151731.15363-2-john.allen@amd.com commit 69dd15a8ef0ae494179fd15023aa8172188db6b7 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:58 2024 -0600 ASoC: Use of_property_read_bool() Use of_property_read_bool() to read boolean properties rather than of_get_property(). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240731191312.1710417-20-robh@kernel.org Signed-off-by: Mark Brown commit a1c8929b0ebbfd7598f038ac74fb0a28f94ade8c Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:57 2024 -0600 ASoC: Use of_property_present() Use of_property_present() to test for property presence rather than of_get_property(). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240731191312.1710417-19-robh@kernel.org Signed-off-by: Mark Brown commit c0e0bde2c7e6bca2a1f195d82ef7598d521399e5 Author: Thomas Zimmermann Date: Wed Jul 31 14:17:14 2024 +0200 drm/i915: Use backlight power constants Replace FB_BLANK_ constants with their counterparts from the backlight subsystem. The values are identical, so there's no change in functionality or semantics. Signed-off-by: Thomas Zimmermann Cc: Jani Nikula Cc: Rodrigo Vivi Cc: Joonas Lahtinen Cc: Tvrtko Ursulin Reviewed-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240731122311.1143153-3-tzimmermann@suse.de Signed-off-by: Jani Nikula commit b03695d95213121719f05cbf6f3baa1ad3667e7f Author: Rob Herring (Arm) Date: Wed Jul 31 13:13:02 2024 -0600 regulator: Use of_property_read_bool() Use of_property_read_bool() to read boolean properties rather than of_get_property(). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240731191312.1710417-24-robh@kernel.org Signed-off-by: Mark Brown commit cd7d47c5762997a2b1de57a47cd48a1cdad38d96 Author: Yue Haibing Date: Thu Aug 1 19:45:36 2024 +0800 regulator: max77857: Make max77857_id static Fix sparse warning: drivers/regulator/max77857-regulator.c:430:28: warning: symbol 'max77857_id' was not declared. Should it be static? max77857_id is not used outside the source file. Make it static. Signed-off-by: Yue Haibing Link: https://patch.msgid.link/20240801114536.472796-1-yuehaibing@huawei.com Signed-off-by: Mark Brown commit cb8ea62e6402067ba092d4c1d66a9440513a572b Author: Vijendar Mukunda Date: Thu Aug 1 16:48:17 2024 +0530 ASoC: amd/sdw_utils: add sof based soundwire generic machine driver Add sof based Soundwire generic driver for amd platforms. Currently support added for ACP6.3 based platforms. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801111821.18076-11-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit b7cdb4a89cc864ead6470a57947815c49870b09a Author: Vijendar Mukunda Date: Thu Aug 1 16:48:16 2024 +0530 ASoC: SOF: amd: update mach params subsystem_rev variable Add pci_rev variable in acp sof driver private data structure and assign this value to mach_params structure subsystem_rev variable. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801111821.18076-10-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 15049b6a6c19d799095e5dbe9a4772862b11ee23 Author: Vijendar Mukunda Date: Thu Aug 1 16:48:15 2024 +0530 ASoC: SOF: amd: add alternate machines for acp6.3 based platform Add SoundWire machines as alternate machines for acp6.3 based platform. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801111821.18076-9-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 57677ccde7522170c50eb44258d54c6584356f47 Author: Vijendar Mukunda Date: Thu Aug 1 16:48:14 2024 +0530 ASoC: amd: acp: add soundwire machines for acp6.3 based platform Add Soundwire machines for acp6.3 based platform. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801111821.18076-8-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 0b8f009ae92fa94ab3c0ca881fce02c336056a73 Author: Vijendar Mukunda Date: Thu Aug 1 16:48:13 2024 +0530 ASoC: soc-acpi: add pci revision id field in mach params structure Few IP's may have same PCI vendor id and device id and different revision id. Add revision id field to the 'snd_soc_acpi_mach_params' so that using this field platform specific implementation can be added in machine driver. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801111821.18076-7-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 59f8b622d52e30c5be7f14212c26ca37e810ece9 Author: Vijendar Mukunda Date: Thu Aug 1 16:48:12 2024 +0530 ASoC: intel/sdw_utils: refactor init_dai_link() and init_simple_dai_link() To make it generic, refactor existing implementation for init_dai_link() and init_simple_dai_link() as mentioned below. - Move init_dai_link() and init_simple_dai_link() to common place holder - Rename the functions with "asoc_sdw" as prefix. - Pass the platform specific 'platform_component' structure and its size as arguments for init_simple_dai_link() function and allocate one more extra dlc for platform component. - Pass the 'platform_component' and 'num_platforms' as arguments for init_dai_link(). Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801111821.18076-6-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 5bd414c7b80e39ef11bd86db76e726962c1bfc92 Author: Vijendar Mukunda Date: Thu Aug 1 16:48:11 2024 +0530 ASoC: sdw_utils: refactor sof_sdw_card_late_probe function Refactor sof_sdw_card_late_probe() function and derive a generic function soc_sdw_card_late_probe() function which can be used by SoundWire generic machine driver. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801111821.18076-5-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 778dcb08832a5e526e447971f7ca72cb6dd2307b Author: Vijendar Mukunda Date: Thu Aug 1 16:48:10 2024 +0530 ASoC: intel/sdw_utils: move machine driver dai link helper functions Move machine driver dai link helper functions to common place holder, So that it can be used by other platform machine driver. Rename these functions with "asoc_sdw" tag as a prefix. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801111821.18076-4-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit e377c94773171e8a97e716e57ec67d49b02ded0b Author: Vijendar Mukunda Date: Thu Aug 1 16:48:09 2024 +0530 ASoC: intel/sdw_utils: move soundwire codec_info_list structure SoundWire 'codec_info_list' structure is not a platform specific one. Move codec_info_list structure to common file soc_sdw_utils.c. Move codec helper functions which uses codec_info_list structure to common place holder and rename the function by adding _sdw tag. This will allow to use 'codec_info_list' structure and it's helper functions in other platform machine driver. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801111821.18076-3-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 6e7af1fdf7da7f0b79475f573d3c1f49a826bd68 Author: Vijendar Mukunda Date: Thu Aug 1 16:48:08 2024 +0530 ASoC: intel/sdw_utils: move soundwire dai type macros Move SoundWire dai type macros to common header file(soc_sdw_util.h). So that these macros will be used by other platform machine driver. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801111821.18076-2-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 8f87e292a34813e4551e1513c62b7222900481cb Author: Vijendar Mukunda Date: Thu Aug 1 16:48:07 2024 +0530 ASoC: intel/sdw_utils: move dai id common macros Move dai id common macros from intel SoundWire generic driver to soc_sdw_utils.h file so that it can be used by other platform machine driver. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801111821.18076-1-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 051b7cb3fde16fd8788078d697d84069b0e50e03 Author: Vijendar Mukunda Date: Thu Aug 1 14:44:35 2024 +0530 ASoC: intel/sdw_utils: move maxim codec helper functions Move maxim codec helper functions to common place holder so that it can be used by other platform machine driver. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-21-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 5fa46627d5118bf58b80df45489f49e1e316473a Author: Vijendar Mukunda Date: Thu Aug 1 14:44:34 2024 +0530 ASoC: intel/sdw_utils: move cirrus soundwire codec helper functions To make it generic, move Cirrus Soundwire codec helper functions to common place holder so that it can be used by other platform machine driver. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-20-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit ccc96ae2814a7faad591af68bd0115e4d2b256b4 Author: Vijendar Mukunda Date: Thu Aug 1 14:44:33 2024 +0530 ASoC: intel/sdw_utils: move rtk amp codec helper functions Move RTK amp codec helper functions related implementation to common place holder to make it generic so that these helper functions will be used by other platform machine driver modules. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-19-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 8e84fd22dc425fd0b005a20156eeb67f019ae39f Author: Vijendar Mukunda Date: Thu Aug 1 14:44:32 2024 +0530 ASoC: intel/sdw_utils: move rt700 and rt711 codec helper functions Move RT700 and RT711 Soundwire codec helper functions to common place holder so that it can be used by other platform machine driver. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-18-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit da5b1831673208e235cadc9107207adb092c2eb9 Author: Vijendar Mukunda Date: Thu Aug 1 14:44:31 2024 +0530 ASoC: intel/sdw_utils: move rtk jack common helper functions Move RTK codec jack common helper functions to common place holder (sdw_utils folder) to make it generic so that it will be used by other platform machine driver code. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-17-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 139e17740200d8e92677942bfee6c8cfe4da3009 Author: Vijendar Mukunda Date: Thu Aug 1 14:44:30 2024 +0530 ASoC: intel/sdw_utils: move rt5682 codec helper function Move rt5682 sdw codec helper function to common place holder to make it generic. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-16-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 4f54856b4ea460e9048c11e3f698c38fb072529d Author: Vijendar Mukunda Date: Thu Aug 1 14:44:29 2024 +0530 ASoC: intel: split soundwire machine driver private data Split intel generic SoundWire machine driver private data into two structures. One structure is generic one which can be used by other platform machine driver and the other one is intel specific one. Move generic machine driver private data to soc_sdw_utils.h. Define a void pointer in generic machine driver private data structure and assign the vendor specific structure in mc_probe() call. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-15-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 89b3456e9afa4c61879f6d744f6d2c6fadc2b2fc Author: Vijendar Mukunda Date: Thu Aug 1 14:44:28 2024 +0530 ASoC: intel/sdw_utils: move rt722 sdca helper functions Move RT722 SDCA codec helper file to sdw_utils folder to make it generic. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-14-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 09c60bc9da91f188e2aedb0bac94d3e129fa20f9 Author: Vijendar Mukunda Date: Thu Aug 1 14:44:27 2024 +0530 ASoC: intel/sdw_utils: move rt712 sdca helper functions Move RT712 SDCA codec helper file to sdw_utils folder so that these helper functions can be used by other platform machine drivers. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-13-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit a9831fd1c0e6353366bbde6e1dd7b15a2dd6d825 Author: Vijendar Mukunda Date: Thu Aug 1 14:44:26 2024 +0530 ASoC: intel/sdw_utils: move rtk dmic helper functions Move rtk SoundWire dmic helper functions implementation to sdw_utils folder to make it generic. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-12-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 4776d0c9088634677749e42ae8b36b4da46226db Author: Vijendar Mukunda Date: Thu Aug 1 14:44:25 2024 +0530 ASoC: intel/sdw_utils: move dmic codec helper function Move generic dmic codec helper function implementation to sdw_utils folder so that this function can be used by other platform machine drivers. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-11-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 941d6933eb31b13d09a7293bc92d9d494513a372 Author: Vijendar Mukunda Date: Thu Aug 1 14:44:24 2024 +0530 ASoC: intel/sdw_utils: move soundwire machine driver helper functions Move below Intel SoundWire machine driver helper functions to soc_sdw_utils.c file so that it can be used by other platform machine driver. - asoc_sdw_is_unique_device() - asoc_sdw_get_codec_name() Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-10-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 73619137c633a89a90f8c8c5fa59171aaff6e913 Author: Vijendar Mukunda Date: Thu Aug 1 14:44:23 2024 +0530 ASoC: intel: move soundwire machine driver common structures Move intel generic SoundWire machine driver common structures to soc_sdw_utils.h file. These structures will be used in other platform SoundWire machine driver code. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-9-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit d39388e6555cb805beb985a7ece1c771c611037c Author: Vijendar Mukunda Date: Thu Aug 1 14:44:22 2024 +0530 ASoC: intel/sdw-utils: move soundwire machine driver soc ops Move Intel SoundWire generic machine driver soc ops to common place so that it can be used by other platform machine driver. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-8-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit b1f7cbf0d5746ba270bc090f6f85a4b176410854 Author: Vijendar Mukunda Date: Thu Aug 1 14:44:21 2024 +0530 ASoC: intel: rename ignore_pch_dmic variable name Rename 'ignore_pch_dmic' variable name as 'ignore_internal_dmic'. This variable will be moved to common header file and will be used by other platform machine driver code. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-7-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit a2b5ec0ca5fcd6f609733b37c52e23ddb7328ffd Author: Vijendar Mukunda Date: Thu Aug 1 14:44:20 2024 +0530 ASoC: intel: rename maxim codec macros Rename maxim codec part id macros. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-6-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit bd5838c8999838059a25a963730bba1face1e53b Author: Vijendar Mukunda Date: Thu Aug 1 14:44:19 2024 +0530 ASoC: intel: rename soundwire codec helper functions Rename SoundWire codec helper functions with "asoc_sdw" tag. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-5-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 96990cfeff61d0a1053dded6d1a4dceafb2f1562 Author: Vijendar Mukunda Date: Thu Aug 1 14:44:18 2024 +0530 ASoC: intel: rename soundwire machine driver soc ops Rename Soundwire generic machine driver soc ops with tag "asoc". Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-4-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 408a454ee8886912cc8a64fcd012e0a1eb30fd0b Author: Vijendar Mukunda Date: Thu Aug 1 14:44:17 2024 +0530 ASoC: intel: rename soundwire common header macros Rename sof quirk macros, dai type and dai link macros with "SOC_SDW" tag. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-3-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit 6588fcc8833d8338b994edd97a4446bae95ff12c Author: Vijendar Mukunda Date: Thu Aug 1 14:44:16 2024 +0530 ASoC: intel: rename codec_info and dai_info structures names To make it generic, rename structure 'sof_sdw_codec_info' as 'asoc_sdw_codec_info' and 'sof_sdw_dai_info' as 'asoc_sdw_dai_info'. These structures will be moved to common header file so that it can be used by other platform machine driver. Link: https://github.com/thesofproject/linux/pull/5068 Signed-off-by: Vijendar Mukunda Reviewed-by: Bard Liao Reviewed-by: Pierre-Louis Bossart Link: https://patch.msgid.link/20240801091446.10457-2-Vijendar.Mukunda@amd.com Signed-off-by: Mark Brown commit d97e71e449373efbd2403f1d7a32d416599f32ac Author: Christoph Fritz Date: Fri Jul 5 11:38:44 2024 +0200 drm/bridge: synopsys: dw-mipi-dsi: enable EoTp by default Enable the transmission of an EoTp (end of transmission packet) by default. EoTp should be enabled anyway because it is a Linux necessity that can be disabled by a dsi mod_flag if needed. EoTp signals the end of an HS transmission, this adds overall robustness at protocol level at the expense of an increased overhead. Signed-off-by: Christoph Fritz Reviewed-by: Robert Foss Signed-off-by: Robert Foss Link: https://patchwork.freedesktop.org/patch/msgid/6a7293bd06942131161c5a7b7878c51cfbbb807e.camel@googlemail.com commit a48fee68a8fa35fc1a9b924c06d3e023d067ff41 Author: Kuninori Morimoto Date: Tue Jul 30 02:05:30 2024 +0000 ALSA: pcm_timer: use snd_pcm_direction_name() We already have snd_pcm_direction_name(). Let's use it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87plqvk51y.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Takashi Iwai commit e1a642aba479e861e3d552b0548d1274d6a1c122 Author: Kuninori Morimoto Date: Tue Jul 30 02:05:20 2024 +0000 ALSA: aloop: use snd_pcm_direction_name() We already have snd_pcm_direction_name(). Let's use it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87r0bbk528.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Takashi Iwai commit 469b77e421b92ce4662f6f1a47f1e7af9dbd14bd Author: Kuninori Morimoto Date: Tue Jul 30 02:05:12 2024 +0000 ALSA: trace: use snd_pcm_direction_name() We already have snd_pcm_direction_name(). Let's use it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87sevrk52f.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Takashi Iwai commit fc5aeeabd28b18c8750e6f7ba269afa8405bcf2a Author: Kuninori Morimoto Date: Tue Jul 30 02:05:07 2024 +0000 ALSA: pci: rme9652: use snd_pcm_direction_name() We already have snd_pcm_direction_name(). Let's use it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87ttg7k52k.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Takashi Iwai commit 7ca1d0ed1ad006b874a4ec94a004d194ab0cfb5f Author: Kuninori Morimoto Date: Tue Jul 30 02:05:01 2024 +0000 ALSA: pci: pcxhr: use snd_pcm_direction_name() We already have snd_pcm_direction_name(). Let's use it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87v80nk52q.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Takashi Iwai commit e469e2045f1b78418f39a2461a9fdf73c2789a1a Author: Takashi Iwai Date: Thu Aug 1 08:48:06 2024 +0200 ALSA: memalloc: Let IOMMU handle S/G primarily The recent changes in IOMMU made the non-contiguous page allocations as default, hence we can simply use the standard DMA allocation for the S/G pages as well. In this patch, we simplify the code by trying the standard DMA allocation at first, instead of dma_alloc_noncontiguous(). For the case without IOMMU, we still need to manage the S/G pages manually, so we keep the same fallback routines like before. The fallback types (SNDRV_DMA_TYPE_DEV_SG_FALLBACK & co) are dropped / folded into SNDRV_DMA_TYPE_DEV_SG and co now. The allocation via the standard DMA call overrides the type accordingly, hence we don't have to have extra fallback types any longer. OTOH, SNDRV_DMA_TYPE_DEV_SG is no longer an alias but became its own type back again. Note that this patch requires another prerequisite fix for memmalloc helper to use the DMA API for WC pages on x86. Link: https://bugzilla.kernel.org/show_bug.cgi?id=219087 Link: https://patch.msgid.link/20240801064808.31205-2-tiwai@suse.de Signed-off-by: Takashi Iwai commit 9c27301342a53fdf349e4c630d75c7c12bbbc580 Author: Takashi Iwai Date: Thu Aug 1 08:48:05 2024 +0200 ALSA: memalloc: Use DMA API for x86 WC page allocations, too The memalloc helper used a house-made code for allocation of WC pages on x86, since the standard DMA API doesn't cover it well. Meanwhile, the manually allocated pages won't work together with IOMMU, resulting in faults, so we should switch to the DMA API in that case, instead. This patch tries to switch back to DMA API for WC pages on x86, but with some additional tweaks that are missing. Link: https://bugzilla.kernel.org/show_bug.cgi?id=219087 Link: https://patch.msgid.link/20240801064808.31205-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 2a777679b8ccd09a9a65ea0716ef10365179caac Author: Saravanan Vajravel Date: Mon Jul 22 16:33:25 2024 +0530 RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases mad_agent_priv lock for every timed out WRs. This causes heavy locking contention when higher no. of WRs are to be handled inside timeout handler. This leads to softlockup with below trace in some use cases where rdma-cm path is used to establish connection between peer nodes Trace: ----- BUG: soft lockup - CPU#4 stuck for 26s! [kworker/u128:3:19767] CPU: 4 PID: 19767 Comm: kworker/u128:3 Kdump: loaded Tainted: G OE ------- --- 5.14.0-427.13.1.el9_4.x86_64 #1 Hardware name: Dell Inc. PowerEdge R740/01YM03, BIOS 2.4.8 11/26/2019 Workqueue: ib_mad1 timeout_sends [ib_core] RIP: 0010:__do_softirq+0x78/0x2ac RSP: 0018:ffffb253449e4f98 EFLAGS: 00000246 RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 000000000000001f RDX: 000000000000001d RSI: 000000003d1879ab RDI: fff363b66fd3a86b RBP: ffffb253604cbcd8 R08: 0000009065635f3b R09: 0000000000000000 R10: 0000000000000040 R11: ffffb253449e4ff8 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000040 FS: 0000000000000000(0000) GS:ffff8caa1fc80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fd9ec9db900 CR3: 0000000891934006 CR4: 00000000007706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: ? show_trace_log_lvl+0x1c4/0x2df ? show_trace_log_lvl+0x1c4/0x2df ? __irq_exit_rcu+0xa1/0xc0 ? watchdog_timer_fn+0x1b2/0x210 ? __pfx_watchdog_timer_fn+0x10/0x10 ? __hrtimer_run_queues+0x127/0x2c0 ? hrtimer_interrupt+0xfc/0x210 ? __sysvec_apic_timer_interrupt+0x5c/0x110 ? sysvec_apic_timer_interrupt+0x37/0x90 ? asm_sysvec_apic_timer_interrupt+0x16/0x20 ? __do_softirq+0x78/0x2ac ? __do_softirq+0x60/0x2ac __irq_exit_rcu+0xa1/0xc0 sysvec_call_function_single+0x72/0x90 asm_sysvec_call_function_single+0x16/0x20 RIP: 0010:_raw_spin_unlock_irq+0x14/0x30 RSP: 0018:ffffb253604cbd88 EFLAGS: 00000247 RAX: 000000000001960d RBX: 0000000000000002 RCX: ffff8cad2a064800 RDX: 000000008020001b RSI: 0000000000000001 RDI: ffff8cad5d39f66c RBP: ffff8cad5d39f600 R08: 0000000000000001 R09: 0000000000000000 R10: ffff8caa443e0c00 R11: ffffb253604cbcd8 R12: ffff8cacb8682538 R13: 0000000000000005 R14: ffffb253604cbd90 R15: ffff8cad5d39f66c cm_process_send_error+0x122/0x1d0 [ib_cm] timeout_sends+0x1dd/0x270 [ib_core] process_one_work+0x1e2/0x3b0 ? __pfx_worker_thread+0x10/0x10 worker_thread+0x50/0x3a0 ? __pfx_worker_thread+0x10/0x10 kthread+0xdd/0x100 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x29/0x50 Simplified timeout handler by creating local list of timed out WRs and invoke send handler post creating the list. The new method acquires/ releases lock once to fetch the list and hence helps to reduce locking contetiong when processing higher no. of WRs Signed-off-by: Saravanan Vajravel Link: https://lore.kernel.org/r/20240722110325.195085-1-saravanan.vajravel@broadcom.com Signed-off-by: Leon Romanovsky commit 3663e2c4bc45fcdc71931fcbfcbfbf9b71f55c83 Merge: 688c43dd6ca9e0 8400291e289ee6 Author: Jani Nikula Date: Thu Aug 1 13:06:09 2024 +0300 Merge drm/drm-next into drm-intel-next Sync with v6.11-rc1 in general, and specifically get the new BACKLIGHT_POWER_ constants for power states. Signed-off-by: Jani Nikula commit c9c0ee5f20c593faf289fa8850c3ed84031dd12a Author: Breno Leitao Date: Mon Jul 29 03:47:40 2024 -0700 net: skbuff: Skip early return in skb_unref when debugging This patch modifies the skb_unref function to skip the early return optimization when CONFIG_DEBUG_NET is enabled. The change ensures that the reference count decrement always occurs in debug builds, allowing for more thorough checking of SKB reference counting. Previously, when the SKB's reference count was 1 and CONFIG_DEBUG_NET was not set, the function would return early after a memory barrier (smp_rmb()) without decrementing the reference count. This optimization assumes it's safe to proceed with freeing the SKB without the overhead of an atomic decrement from 1 to 0. With this change: - In non-debug builds (CONFIG_DEBUG_NET not set), behavior remains unchanged, preserving the performance optimization. - In debug builds (CONFIG_DEBUG_NET set), the reference count is always decremented, even when it's 1, allowing for consistent behavior and potentially catching subtle SKB management bugs. This modification enhances debugging capabilities for networking code without impacting performance in production kernels. It helps kernel developers identify and diagnose issues related to SKB management and reference counting in the network stack. Cc: Chris Mason Suggested-by: Jakub Kicinski Signed-off-by: Breno Leitao Reviewed-by: Eric Dumazet Link: https://patch.msgid.link/20240729104741.370327-1-leitao@debian.org Signed-off-by: Paolo Abeni commit bb99c51bdaa846bddb85a1e7acca3a3aa5e9f082 Author: Christian König Date: Thu Jul 11 15:09:23 2024 +0200 drm/loongson: use GEM references instead of TTMs Instead of a TTM reference grab a GEM reference whenever necessary. Signed-off-by: Christian König Reviewed-by: Daniel Vetter Cc: Sui Jingfeng Link: https://patchwork.freedesktop.org/patch/msgid/20240723121750.2086-3-christian.koenig@amd.com commit b034a90b2745e43b4a85b56dc5fd7a6fa1a21f31 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:41 2024 -0600 gpio: Use of_property_present() Use of_property_present() to test for property presence rather than of_find_property(). This is part of a larger effort to remove callers of of_find_property() and similar functions. of_find_property() leaks the DT struct property and data pointers which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731191312.1710417-3-robh@kernel.org Signed-off-by: Bartosz Golaszewski commit 688c43dd6ca9e0cd0568868aefca5b041695c3f4 Author: Jani Nikula Date: Wed Jul 31 14:07:44 2024 +0300 drm/i915: remove unused HAS_BROKEN_CS_TLB() The last users have been removed years ago. Finish the job. Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/20240731110744.1572240-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit fef1ac950c600ba50ef4d65ca03c8dae9be7f9ea Author: Takashi Iwai Date: Thu Aug 1 08:42:01 2024 +0200 ALSA: control: Fix leftover snd_power_unref() One snd_power_unref() was forgotten and left at __snd_ctl_elem_info() in the previous change for reorganizing the locking order. Fixes: fcc62b19104a ("ALSA: control: Take power_ref lock primarily") Link: https://github.com/thesofproject/linux/pull/5127 Link: https://patch.msgid.link/20240801064203.30284-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 6c9e14ee9f519ee605a3694fbfa4711284781d22 Author: Thomas Zimmermann Date: Wed Jul 31 09:09:40 2024 +0200 drm/mgag200: Fix VBLANK interrupt handling Fix support for VBLANK interrupts on G200ER, G200EV and G200SE, which use a slightly different implementation than the others. The original commits forgot to update the custom helpers when adding interrupt handling for VBLANK events. Signed-off-by: Thomas Zimmermann Fixes: 89c6ea2006e2 ("drm/mgag200: Add vblank support") Fixes: d5070c9b2944 ("drm/mgag200: Implement struct drm_crtc_funcs.get_vblank_timestamp") Cc: Thomas Zimmermann Cc: Jocelyn Falempe Cc: Gerd Hoffmann Cc: Sam Ravnborg Cc: Dave Airlie Cc: dri-devel@lists.freedesktop.org Acked-by: Sui Jingfeng Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240731071004.519566-1-tzimmermann@suse.de commit 4da409ba6430e3b5c6da7879dbbdc5f6717d91b1 Author: Suraj Kandpal Date: Thu Jul 11 10:19:05 2024 +0530 drm/i915/dpkgc: Add VRR condition for DPKGC Enablement DPKGC can now be enabled with VRR enabled if Vmin = Vmax = Flipline is met. Bspec: 68986 Signed-off-by: Suraj Kandpal Reviewed-by: Mitul Golani Link: https://patchwork.freedesktop.org/patch/msgid/20240711044905.3306882-1-suraj.kandpal@intel.com commit dc8c4a8aee49e42cf13e32e123de127122dc516f Author: Shivnandan Kumar Date: Mon Jul 8 15:47:34 2024 +0530 soc: qcom: icc-bwmon: Add tracepoints in bwmon_intr_thread Add tracepoint for tracing the measured traffic in kbps, up_kbps and down_kbps in bwmon. This information is valuable for understanding what bwmon hw measures at the system cache level and at the DDR level which is helpful in debugging bwmon behavior. Signed-off-by: Shivnandan Kumar Reviewed-by: Sibi Sankar Link: https://lore.kernel.org/r/20240708101734.1999795-1-quic_kshivnan@quicinc.com Signed-off-by: Bjorn Andersson commit 4e71c38244dbeb6619156b417d469771bba52b83 Author: Bartosz Golaszewski Date: Tue Jul 9 14:18:37 2024 +0200 arm64: dts: qcom: sm8650-qrd: use the PMU to power up bluetooth Change the HW model in sm8650-qrd.dts to a one closer to reality - where the WLAN and Bluetooth modules of the WCN7850 are powered by the PMU inside the package. Signed-off-by: Bartosz Golaszewski Tested-by: Neil Armstrong # on SM8550-QRD Link: https://lore.kernel.org/r/20240709-hci_qca_refactor-v3-6-5f48ca001fed@linaro.org Signed-off-by: Bjorn Andersson commit 802b83205519e4253b873bef5c095b147cd69dad Author: Dmitry Baryshkov Date: Wed Jul 17 13:04:33 2024 +0300 clk: qcom: fold dispcc-sm8650 info dispcc-sm8550 There is a very minor difference between display clock controller drivers for SM8550 and SM8650 platforms. Fold the second one into the first one to reduce kernel footprint. The bindings for these two hardware blocks are fully compatible. Signed-off-by: Dmitry Baryshkov Reviewed-by: Neil Armstrong Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240717-dispcc-sm8550-fixes-v2-6-5c4a3128c40b@linaro.org Signed-off-by: Bjorn Andersson commit c8bee3ff6c9220092b646ff929f9c832c1adab6d Author: Dmitry Baryshkov Date: Wed Jul 17 13:04:32 2024 +0300 clk: qcom: dispcc-sm8550: use rcg2_shared_ops for ESC RCGs Follow the recommendations and park disp_cc_mdss_esc[01]_clk_src to the XO instead of disabling the clocks by using the clk_rcg2_shared_ops. Fixes: 90114ca11476 ("clk: qcom: add SM8550 DISPCC driver") Signed-off-by: Dmitry Baryshkov Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240717-dispcc-sm8550-fixes-v2-5-5c4a3128c40b@linaro.org Signed-off-by: Bjorn Andersson commit 7de10ddbdb9d03651cff5fbdc8cf01837c698526 Author: Dmitry Baryshkov Date: Wed Jul 17 13:04:31 2024 +0300 clk: qcom: dispcc-sm8650: Update the GDSC flags Add missing POLL_CFG_GDSCR to the MDSS GDSC flags. Fixes: 90114ca11476 ("clk: qcom: add SM8550 DISPCC driver") Signed-off-by: Dmitry Baryshkov Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240717-dispcc-sm8550-fixes-v2-4-5c4a3128c40b@linaro.org Signed-off-by: Bjorn Andersson commit eb64ccacd0cd9343926424f63fec76e73eb815a7 Author: Dmitry Baryshkov Date: Wed Jul 17 13:04:30 2024 +0300 clk: qcom: dispcc-sm8550: make struct clk_init_data const The clk_init_data instances are not changed at runtime. Mark them as constant data. Signed-off-by: Dmitry Baryshkov Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240717-dispcc-sm8550-fixes-v2-3-5c4a3128c40b@linaro.org Signed-off-by: Bjorn Andersson commit cb4c00698f2f27d99a69adcce659370ca286cf2a Author: Dmitry Baryshkov Date: Wed Jul 17 13:04:29 2024 +0300 clk: qcom: dispcc-sm8550: use rcg2_ops for mdss_dptx1_aux_clk_src clk_dp_ops should only be used for DisplayPort pixel clocks. Use clk_rcg2_ops for disp_cc_mdss_dptx1_aux_clk_src. Fixes: 90114ca11476 ("clk: qcom: add SM8550 DISPCC driver") Signed-off-by: Dmitry Baryshkov Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240717-dispcc-sm8550-fixes-v2-2-5c4a3128c40b@linaro.org Signed-off-by: Bjorn Andersson commit 7b6a4b907297b28727933493b9e0c95494504634 Author: Dmitry Baryshkov Date: Wed Jul 17 13:04:28 2024 +0300 clk: qcom: dispcc-sm8550: fix several supposed typos Fix seveal odd-looking places in SM8550's dispcc driver: - duplicate entries in disp_cc_parent_map_4 and disp_cc_parent_map_5 - using &disp_cc_mdss_dptx0_link_div_clk_src as a source for disp_cc_mdss_dptx1_usb_router_link_intf_clk The SM8650 driver has been used as a reference. Fixes: 90114ca11476 ("clk: qcom: add SM8550 DISPCC driver") Signed-off-by: Dmitry Baryshkov Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240717-dispcc-sm8550-fixes-v2-1-5c4a3128c40b@linaro.org Signed-off-by: Bjorn Andersson commit bb80185cde480c712231ff4e7dc57300c5bdca2c Merge: ccf683fa0c9b5c 99447ef003d199 Author: Bjorn Andersson Date: Wed Jul 31 22:07:40 2024 -0500 Merge branch '20240717-dispcc-sm8550-fixes-v2-7-5c4a3128c40b@linaro.org' into arm64-for-6.12 Merge the SM8550/SM8650 display clock controller binding header file merge through a topic branch, to ensure the bindings are kept in sync between clock and DeviceTree source branches. commit d9b66d8300827b9f04204faaacde08e59058a699 Merge: ea73b7aceff69c 99447ef003d199 Author: Bjorn Andersson Date: Wed Jul 31 22:05:44 2024 -0500 Merge branch '20240717-dispcc-sm8550-fixes-v2-7-5c4a3128c40b@linaro.org' into clk-for-6.12 Merge the SM8550/SM8650 display clock controller binding header file merge through a topic branch, to ensure the bindings are kept in sync between clock and DeviceTree source branches. commit 99447ef003d199329c0a1890f54958fcd10f7063 Author: Dmitry Baryshkov Date: Wed Jul 17 13:04:34 2024 +0300 dt-bindings: clock: qcom,sm8650-dispcc: replace with symlink The display clock controller indices for SM8650 and SM8550 are completely equal. Replace the header file for qcom,sm8650-dispcc with the symlink to the qcom,sm8550-dispcc header file. Signed-off-by: Dmitry Baryshkov Reviewed-by: Neil Armstrong Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240717-dispcc-sm8550-fixes-v2-7-5c4a3128c40b@linaro.org Signed-off-by: Bjorn Andersson commit ccf683fa0c9b5c53534030ddc9dd8a8603f715a0 Author: Raymond Hackley Date: Wed Jul 24 14:32:51 2024 +0000 arm64: dts: qcom: msm8916-samsung-fortuna: Add touch keys Touch keys feature on fortuna phones are provided by Zinitix touchscreen. Add property linux,keycodes to enable touch keys. Signed-off-by: Raymond Hackley Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240724143230.3804-1-raymondhackley@protonmail.com Signed-off-by: Bjorn Andersson commit 717ca334afd7ceb8170aa1bdad736f6a712c9220 Author: Ankit Sharma Date: Wed Jul 31 16:49:51 2024 +0530 arm64: dts: qcom: sa8775p: Add capacity and DPC properties The "capacity-dmips-mhz" and "dynamic-power-coefficient" are used to build Energy Model which in turn is used by EAS to take placement decisions. Signed-off-by: Ankit Sharma Link: https://lore.kernel.org/r/20240731111951.6999-1-quic_anshar@quicinc.com Signed-off-by: Bjorn Andersson commit 359c8c8491b5345bf49a4e79c07a76ab8e21f412 Author: Barnabás Czémán Date: Tue Jul 30 23:24:59 2024 +0200 arm64: dts: qcom: pm8950: Add resin node Add pm8950 resin node as a feature of the PMIC it should be declared in pm8950.dtsi, disabled by default. Like all other optional components it can then by enabled and configured in the board-specific device tree part. Signed-off-by: Barnabás Czémán Link: https://lore.kernel.org/r/20240730-pm8950_resin-v1-1-26de4d933f95@mainlining.org Signed-off-by: Bjorn Andersson commit f75537a42afbbe3f652c73493741448586df7719 Author: Satya Priya Kakitapalli Date: Wed Jul 31 11:59:16 2024 +0530 arm64: dts: qcom: Add camera clock controller for sm8150 Add device node for camera clock controller on Qualcomm SM8150 platform. Signed-off-by: Satya Priya Kakitapalli Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240731062916.2680823-9-quic_skakitap@quicinc.com Signed-off-by: Bjorn Andersson commit 0e1b56c06029cb54c47974fccd0e2f7bf10dba6b Merge: c1ece392ed906c 44933cd06e34e9 Author: Bjorn Andersson Date: Wed Jul 31 21:57:22 2024 -0500 Merge branch '20240731062916.2680823-7-quic_skakitap@quicinc.com' into arm64-for-6.12 Merge SM8150 camera clock controller binding from topic branch, to gain access to constants introduced by this. commit ea73b7aceff69c4426c5d13bbdd785c5dc1e2960 Author: Satya Priya Kakitapalli Date: Wed Jul 31 11:59:15 2024 +0530 clk: qcom: Add camera clock controller driver for SM8150 Add support for the camera clock controller for camera clients to be able to request for camcc clocks on SM8150 platform. Reviewed-by: Bryan O'Donoghue Signed-off-by: Satya Priya Kakitapalli Link: https://lore.kernel.org/r/20240731062916.2680823-8-quic_skakitap@quicinc.com Signed-off-by: Bjorn Andersson commit 0c31f6a3ab7fa7dc094b9e93eb48b29c6bfcc5ce Author: Taniya Das Date: Wed Jul 31 11:59:13 2024 +0530 clk: qcom: clk-alpha-pll: Add support for Regera PLL ops Regera PLL ops are required to control the Regera PLL from clock controller drivers, hence add the Regera PLL ops and configure function. Signed-off-by: Taniya Das Signed-off-by: Satya Priya Kakitapalli Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240731062916.2680823-6-quic_skakitap@quicinc.com Signed-off-by: Bjorn Andersson commit a689c2961f022c4f221304fe7bc542121fdc246c Merge: a5652d05f81b6d 44933cd06e34e9 Author: Bjorn Andersson Date: Wed Jul 31 21:53:59 2024 -0500 Merge branch '20240731062916.2680823-7-quic_skakitap@quicinc.com' into clk-for-6.12 Merge SM8150 camera clock controller binding through topic branch, to allow this to be shared with DeviceTree source branches as well. commit 44933cd06e34e9838fa0d6c8ed16a3632d49849b Author: Satya Priya Kakitapalli Date: Wed Jul 31 11:59:14 2024 +0530 dt-bindings: clock: qcom: Add SM8150 camera clock controller Add device tree bindings for the camera clock controller on Qualcomm SM8150 platform. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Satya Priya Kakitapalli Link: https://lore.kernel.org/r/20240731062916.2680823-7-quic_skakitap@quicinc.com Signed-off-by: Bjorn Andersson commit c1ece392ed906cc598a7b96234961721060aae05 Author: Bjorn Andersson Date: Tue Jul 30 20:24:44 2024 -0700 arm64: dts: qcom: sc8180x-lenovo-flex-5g: Enable USB multiport controller The Lenovo Flex 5G has a camera attached to the multiport USB controller, enable the controller and the four phys to enable this. Reviewed-by: Dmitry Baryshkov Signed-off-by: Bjorn Andersson Link: https://lore.kernel.org/r/20240730-sc8180x-usb-mp-v2-7-a7dc4265b553@quicinc.com Signed-off-by: Bjorn Andersson commit e12953d3b126dbff40a8531b99c377d653f0e27d Author: Bjorn Andersson Date: Tue Jul 30 20:24:43 2024 -0700 arm64: dts: qcom: sc8180x-primus: Enable the two MP USB ports The SC8180X Primus comes with an AUX card with two USB ports, fed by the two multiport ports. Enable the involved nodes and define two always-on regulators to enable VBUS for these ports. Reviewed-by: Dmitry Baryshkov Reviewed-by: Konrad Dybcio Signed-off-by: Bjorn Andersson Link: https://lore.kernel.org/r/20240730-sc8180x-usb-mp-v2-6-a7dc4265b553@quicinc.com Signed-off-by: Bjorn Andersson commit 96aab8ff59a9fca54dd0e13660684b4a8e73e1a3 Author: Bjorn Andersson Date: Tue Jul 30 20:24:42 2024 -0700 arm64: dts: qcom: sc8180x: Add USB MP controller and phys The SC8180X platform comes with a multiport DWC3 controller with two ports, each connected to a pair of HighSpeed and QMP SuperSpeed PHYs. Describe these blocks. Reviewed-by: Dmitry Baryshkov Signed-off-by: Bjorn Andersson Link: https://lore.kernel.org/r/20240730-sc8180x-usb-mp-v2-5-a7dc4265b553@quicinc.com Signed-off-by: Bjorn Andersson commit 82a40c7b06566bf0ff4fb7fbf29ab7b267c78f03 Author: Bjorn Andersson Date: Tue Jul 30 20:24:41 2024 -0700 arm64: dts: qcom: sc8180x: Align USB nodes with binding Add the pwr_event interrupt and rearrange the order of the other interrupts to match the binding. Reviewed-by: Konrad Dybcio Signed-off-by: Bjorn Andersson Link: https://lore.kernel.org/r/20240730-sc8180x-usb-mp-v2-4-a7dc4265b553@quicinc.com Signed-off-by: Bjorn Andersson commit c8d8e936bc820eaad0ca725ac0456f4839e50ad3 Author: Bjorn Andersson Date: Tue Jul 30 20:24:40 2024 -0700 arm64: dts: qcom: sc8180x-pmics: Add second PMC8180 GPIO The SC8180X comes with two PMC8180 PMICs, with the GPIO block being used to control VBUS supply of the second USB multiport port. Rename the GPIO controller in the first PMC8180 to match the schematics and define this second controller. Reviewed-by: Dmitry Baryshkov Signed-off-by: Bjorn Andersson Link: https://lore.kernel.org/r/20240730-sc8180x-usb-mp-v2-3-a7dc4265b553@quicinc.com Signed-off-by: Bjorn Andersson commit 9ed1dd650d44db47b1dbb0e6bcab1e0b4fc5bd97 Merge: 84c1711f27509a 39b5ffc9554366 Author: Bjorn Andersson Date: Wed Jul 31 21:51:29 2024 -0500 Merge branch '20240730-sc8180x-usb-mp-v2-1-a7dc4265b553@quicinc.com' into arm64-for-6.12 Merge the sc8180x Global Clock Controller binding from a topic branch, to gain access to the introduced USB multiport reset constants. commit a5652d05f81b6d0387c3894c63fae4db69ef9aad Author: Bjorn Andersson Date: Tue Jul 30 20:24:39 2024 -0700 clk: qcom: gcc-sc8180x: Add missing USB MP resets The USB multiport controller needs a few additional resets, add these to the driver. Reviewed-by: Konrad Dybcio Signed-off-by: Bjorn Andersson Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240730-sc8180x-usb-mp-v2-2-a7dc4265b553@quicinc.com Signed-off-by: Bjorn Andersson commit 856d6c27692e9b9cd5fee3f228b7136e7669b6c5 Merge: 889e1332310656 39b5ffc9554366 Author: Bjorn Andersson Date: Wed Jul 31 21:49:50 2024 -0500 Merge branch '20240730-sc8180x-usb-mp-v2-1-a7dc4265b553@quicinc.com' into clk-for-6.12 Merge the sc8180x multiport reset DeviceTree constants through a topic branch, to allow them also to be made available to DeviceTree source. commit 39b5ffc9554366122dbe5a4088a7c8798068ee9f Author: Bjorn Andersson Date: Tue Jul 30 20:24:38 2024 -0700 dt-bindings: clock: qcom: Add missing USB MP resets The USB multiport controller needs a few missing resets, describe them in the binding. Acked-by: Krzysztof Kozlowski Signed-off-by: Bjorn Andersson Link: https://lore.kernel.org/r/20240730-sc8180x-usb-mp-v2-1-a7dc4265b553@quicinc.com Signed-off-by: Bjorn Andersson commit 84c1711f27509a6a5841b13ac08fc58b1d091ae8 Author: Dang Huynh Date: Wed Jul 31 13:18:52 2024 +0700 arm64: dts: qcom: sm6115-pro1x: Enable ATH10K WLAN Enable onboard Wi-Fi on the F(x)tec Pro1X. For reference, HW/SW identifies as: qmi chip_id 0x120 chip_family 0x4007 board_id 0xff soc_id 0x40670000 qmi fw_version 0x324103d6 fw_build_timestamp 2021-12-02 08:20 fw_build_id QC_IMAGE_VERSION_STRING=WLAN.HL.3.2.4-00982-QCAHLSWMTPLZ-1 Reviewed-by: Konrad Dybcio Signed-off-by: Dang Huynh Link: https://lore.kernel.org/r/20240731-qx1050-feature-expansion-v3-11-b945527fa5d2@riseup.net Signed-off-by: Bjorn Andersson commit e055924159df6ec2ffa0f221aa84c49429cfe6db Author: Dang Huynh Date: Wed Jul 31 13:18:51 2024 +0700 arm64: dts: qcom: sm6115-pro1x: Enable remoteprocs Enable [A,C]DSP and MPSS remote processor on this device. Reviewed-by: Konrad Dybcio Signed-off-by: Dang Huynh Link: https://lore.kernel.org/r/20240731-qx1050-feature-expansion-v3-10-b945527fa5d2@riseup.net Signed-off-by: Bjorn Andersson commit b5c63330a7ef026c21da5eed4669a790b22ea642 Author: Dang Huynh Date: Wed Jul 31 13:18:50 2024 +0700 arm64: dts: qcom: sm6115-pro1x: Enable RGB LED This device has an RGB LED. It is used for notifications. Reviewed-by: Konrad Dybcio Signed-off-by: Dang Huynh Link: https://lore.kernel.org/r/20240731-qx1050-feature-expansion-v3-9-b945527fa5d2@riseup.net Signed-off-by: Bjorn Andersson commit 79f8d127c46a1311de49db7c175fee84ce827d3a Author: Dang Huynh Date: Wed Jul 31 13:18:49 2024 +0700 arm64: dts: qcom: sm6115-pro1x: Add PMI632 Type-C property The USB-C port is used for powering external devices and transfer data from/to them. Reviewed-by: Konrad Dybcio Signed-off-by: Dang Huynh Link: https://lore.kernel.org/r/20240731-qx1050-feature-expansion-v3-8-b945527fa5d2@riseup.net Signed-off-by: Bjorn Andersson commit e0674d85c80456782fdc44c36c4884fa64bb3a58 Author: Dang Huynh Date: Wed Jul 31 13:18:48 2024 +0700 arm64: dts: qcom: sm6115-pro1x: Hook up USB3 SS The F(x)tec Pro1X supports USB 3.0 through it's USB-C port. Reviewed-by: Konrad Dybcio Signed-off-by: Dang Huynh Link: https://lore.kernel.org/r/20240731-qx1050-feature-expansion-v3-7-b945527fa5d2@riseup.net Signed-off-by: Bjorn Andersson commit 8b9f76a6f8fbc81fdc44b5c4b134d20095c38a6a Author: Dang Huynh Date: Wed Jul 31 13:18:47 2024 +0700 arm64: dts: qcom: sm6115-pro1x: Enable MDSS and GPU Fxtec Pro1x uses the same display (BOE BF060Y8M-AJ0) as Pro1. Reviewed-by: Konrad Dybcio Signed-off-by: Dang Huynh Link: https://lore.kernel.org/r/20240731-qx1050-feature-expansion-v3-6-b945527fa5d2@riseup.net Signed-off-by: Bjorn Andersson commit 95b19afd734d0a278088456b052a2fb94c4ade55 Author: Dang Huynh Date: Wed Jul 31 13:18:46 2024 +0700 arm64: dts: qcom: sm6115-pro1x: Enable SD card slot Fxtec Pro1X has two card slots and allow either 2xSIM cards or 1xSIM, 1xSD Card configuration. Reviewed-by: Konrad Dybcio Signed-off-by: Dang Huynh Link: https://lore.kernel.org/r/20240731-qx1050-feature-expansion-v3-5-b945527fa5d2@riseup.net Signed-off-by: Bjorn Andersson commit 17c98581155e88d3f118cd879ba263e952b83946 Author: Dang Huynh Date: Wed Jul 31 13:18:45 2024 +0700 arm64: dts: qcom: sm6115-pro1x: Add Caps Lock LED The Pro1X has a caps lock LED on the keyboard. Reviewed-by: Konrad Dybcio Signed-off-by: Dang Huynh Link: https://lore.kernel.org/r/20240731-qx1050-feature-expansion-v3-4-b945527fa5d2@riseup.net Signed-off-by: Bjorn Andersson commit e46b455e67f836361a94512ca187442a8b699f25 Author: Dang Huynh Date: Wed Jul 31 13:18:44 2024 +0700 arm64: dts: qcom: sm6115-pro1x: Add Goodix Touchscreen The Fxtec Pro1X touchscreen uses Goodix GT9286 chip. Signed-off-by: Dang Huynh Link: https://lore.kernel.org/r/20240731-qx1050-feature-expansion-v3-3-b945527fa5d2@riseup.net Signed-off-by: Bjorn Andersson commit 4686161eb87168ec746eb54d7b84c5d022073a33 Author: Dang Huynh Date: Wed Jul 31 13:18:43 2024 +0700 arm64: dts: qcom: sm6115-pro1x: Add PCA9534 IO Expander F(x)tec Pro1X comes with PCA9534 IO Expander, it is used for enabling touch screen VDD/VDDIO and keyboard's caps lock LED. Reviewed-by: Konrad Dybcio Signed-off-by: Dang Huynh Reviewed-by: Caleb Connolly Link: https://lore.kernel.org/r/20240731-qx1050-feature-expansion-v3-2-b945527fa5d2@riseup.net [bjorn: Dropped unnecessary comment in i2c1] Signed-off-by: Bjorn Andersson commit ff5affd17bde4ea78d153122a601d69b3f302326 Author: Dang Huynh Date: Wed Jul 31 13:18:42 2024 +0700 arm64: dts: qcom: sm6115-pro1x: Add Hall Switch and Camera Button The Pro1X has a flip keyboard and a single-state camera button. Signed-off-by: Dang Huynh Link: https://lore.kernel.org/r/20240731-qx1050-feature-expansion-v3-1-b945527fa5d2@riseup.net Signed-off-by: Bjorn Andersson commit 3593b38a1367c3b57e986b0d2a9b6ceb84ec44ce Author: Takashi Sakamoto Date: Thu Aug 1 11:26:29 2024 +0900 firewire: core: utilize kref to maintain fw_node with reference counting Current implementation directly uses refcount_t to maintain the life time of fw_node, while kref is available for the same purpose. This commit replaces the implementation with kref. Link: https://lore.kernel.org/r/20240801022629.31857-1-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 8e0c0ec9b7dc2aec84f141c26c501e24906ff765 Merge: 9bb3ec18d052a2 c5092ba3155e06 Author: Jakub Kicinski Date: Wed Jul 31 19:05:19 2024 -0700 Merge branch 'ethernet-convert-from-tasklet-to-bh-workqueue' Allen Pais says: ==================== ethernet: Convert from tasklet to BH workqueue [part] The only generic interface to execute asynchronously in the BH context is tasklet; however, it's marked deprecated and has some design flaws. To replace tasklets, BH workqueue support was recently added. A BH workqueue behaves similarly to regular workqueues except that the queued work items are executed in the BH context. This patch converts a few drivers in drivers/ethernet/* from tasklet to BH workqueue. The next set will be sent out after the next -rc is out. v2: https://lore.kernel.org/20240621183947.4105278-1-allen.lkml@gmail.com v1: https://lore.kernel.org/20240507190111.16710-2-apais@linux.microsoft.com ==================== Link: https://patch.msgid.link/20240730183403.4176544-1-allen.lkml@gmail.com Signed-off-by: Jakub Kicinski commit c5092ba3155e0696e922fc9f1c2909f48fde2102 Author: Allen Pais Date: Tue Jul 30 11:33:52 2024 -0700 net: macb: Convert tasklet API to new bottom half workqueue mechanism Migrate tasklet APIs to the new bottom half workqueue mechanism. It replaces all occurrences of tasklet usage with the appropriate workqueue APIs throughout the macb driver. This transition ensures compatibility with the latest design and enhances performance. Signed-off-by: Allen Pais Link: https://patch.msgid.link/20240730183403.4176544-5-allen.lkml@gmail.com Signed-off-by: Jakub Kicinski commit 8d3beb6bc765ccea794612066454da5bb72a0746 Author: Allen Pais Date: Tue Jul 30 11:33:51 2024 -0700 net: cnic: Convert tasklet API to new bottom half workqueue mechanism Migrate tasklet APIs to the new bottom half workqueue mechanism. It replaces all occurrences of tasklet usage with the appropriate workqueue APIs throughout the cnic driver. This transition ensures compatibility with the latest design and enhances performance. Signed-off-by: Allen Pais Link: https://patch.msgid.link/20240730183403.4176544-4-allen.lkml@gmail.com Signed-off-by: Jakub Kicinski commit 2d671dc6f069f46214d96e934e14f5952d76d92f Author: Allen Pais Date: Tue Jul 30 11:33:50 2024 -0700 net: xgbe: Convert tasklet API to new bottom half workqueue mechanism Migrate tasklet APIs to the new bottom half workqueue mechanism. It replaces all occurrences of tasklet usage with the appropriate workqueue APIs throughout the xgbe driver. This transition ensures compatibility with the latest design and enhances performance. Signed-off-by: Allen Pais Link: https://patch.msgid.link/20240730183403.4176544-3-allen.lkml@gmail.com Signed-off-by: Jakub Kicinski commit 20a3bcfe9327e0559a25a9ecd45967fd4f11ff24 Author: Allen Pais Date: Tue Jul 30 11:33:49 2024 -0700 net: alteon: Convert tasklet API to new bottom half workqueue mechanism Migrate tasklet APIs to the new bottom half workqueue mechanism. It replaces all occurrences of tasklet usage with the appropriate workqueue APIs throughout the alteon driver. This transition ensures compatibility with the latest design and enhances performance. Signed-off-by: Allen Pais Link: https://patch.msgid.link/20240730183403.4176544-2-allen.lkml@gmail.com Signed-off-by: Jakub Kicinski commit 9bb3ec18d052a285def852dbdd7124ea355bd1d0 Merge: 9c26a1d0a01c94 b0d21321140ce9 Author: Jakub Kicinski Date: Wed Jul 31 18:38:31 2024 -0700 Merge branch 'mlxsw-core_thermal-small-cleanups' Petr Machata says: ==================== mlxsw: core_thermal: Small cleanups Ido Schimmel says: Clean up various issues which I noticed while addressing feedback on a different patchset. ==================== Link: https://patch.msgid.link/cover.1722345311.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit b0d21321140ce9a3cbdf877a4902cce2b596f282 Author: Ido Schimmel Date: Tue Jul 30 15:58:21 2024 +0200 mlxsw: core_thermal: Fix -Wformat-truncation warning The name of a thermal zone device cannot be longer than 19 characters ('THERMAL_NAME_LENGTH - 1'). The format string 'mlxsw-lc%d-module%d' can exceed this limitation if the maximum number of line cards cannot be represented using a single digit and the maximum number of transceiver modules cannot be represented using two digits. This is not the case with current systems nor future ones. Therefore, increase the size of the result buffer beyond 'THERMAL_NAME_LENGTH' and suppress the following build warning [1]. If this limitation is ever exceeded, we will know about it since the thermal core validates the thermal device's name during registration. [1] drivers/net/ethernet/mellanox/mlxsw/core_thermal.c: In function ‘mlxsw_thermal_modules_init.part.0’: drivers/net/ethernet/mellanox/mlxsw/core_thermal.c:418:70: error: ‘%d’ directive output may be truncated writing between 1 and 3 bytes into a region of size between 2 and 4 [-Werror=format-truncation=] 418 | snprintf(tz_name, sizeof(tz_name), "mlxsw-lc%d-module%d", | ^~ In function ‘mlxsw_thermal_module_tz_init’, inlined from ‘mlxsw_thermal_module_init’ at drivers/net/ethernet/mellanox/mlxsw/core_thermal.c:465:9, inlined from ‘mlxsw_thermal_modules_init.part.0’ at drivers/net/ethernet/mellanox/mlxsw/core_thermal.c:500:9: drivers/net/ethernet/mellanox/mlxsw/core_thermal.c:418:52: note: directive argument in the range [1, 256] 418 | snprintf(tz_name, sizeof(tz_name), "mlxsw-lc%d-module%d", | ^~~~~~~~~~~~~~~~~~~~~ drivers/net/ethernet/mellanox/mlxsw/core_thermal.c:418:17: note: ‘snprintf’ output between 18 and 22 bytes into a destination of size 20 418 | snprintf(tz_name, sizeof(tz_name), "mlxsw-lc%d-module%d", | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 419 | module_tz->slot_index, module_tz->module + 1); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Signed-off-by: Ido Schimmel Reviewed-by: Vadim Pasternak Signed-off-by: Petr Machata Reviewed-by: Wojciech Drewek Link: https://patch.msgid.link/583a70c6dbe75e6bf0c2c58abbb3470a860d2dc3.1722345311.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit ec672931d150910b5f886d70a5305eb89681b076 Author: Ido Schimmel Date: Tue Jul 30 15:58:20 2024 +0200 mlxsw: core_thermal: Remove unnecessary assignments Setting both pointers to NULL is unnecessary since the code never checks whether these pointers are NULL or not. Remove the assignments. Signed-off-by: Ido Schimmel Reviewed-by: Vadim Pasternak Signed-off-by: Petr Machata Reviewed-by: Wojciech Drewek Link: https://patch.msgid.link/ea646f5d7642fffd5393fa23650660ab8f77a511.1722345311.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit e7e3a450e5527f3321dc6d0146bf2b86cf44b508 Author: Ido Schimmel Date: Tue Jul 30 15:58:19 2024 +0200 mlxsw: core_thermal: Remove unnecessary checks mlxsw_thermal_module_fini() cannot be invoked with a thermal module which is NULL or which is not associated with a thermal zone, so remove these checks. Signed-off-by: Ido Schimmel Reviewed-by: Vadim Pasternak Signed-off-by: Petr Machata Reviewed-by: Wojciech Drewek Link: https://patch.msgid.link/8db5fe0a3a28ba09a15d4102cc03f7e8ca7675be.1722345311.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit e25f3040a61961c9f1bcb896b983a33b64d978e2 Author: Ido Schimmel Date: Tue Jul 30 15:58:18 2024 +0200 mlxsw: core_thermal: Simplify rollback During rollback, instead of calling mlxsw_thermal_module_fini() for all the modules, only call it for modules that were successfully initialized. This is not a bug fix since mlxsw_thermal_module_fini() first checks that the module was initialized. Signed-off-by: Ido Schimmel Reviewed-by: Vadim Pasternak Signed-off-by: Petr Machata Reviewed-by: Wojciech Drewek Link: https://patch.msgid.link/905bebc45f6e246031f0c5c177bba8efe11e05f5.1722345311.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit fb76ea1d4b12dab4ad1573f16b340e97174269b6 Author: Ido Schimmel Date: Tue Jul 30 15:58:17 2024 +0200 mlxsw: core_thermal: Make mlxsw_thermal_module_{init, fini} symmetric mlxsw_thermal_module_fini() de-initializes the module's thermal zone, but mlxsw_thermal_module_init() does not initialize it. Make both functions symmetric by moving the initialization of the module's thermal zone to mlxsw_thermal_module_init(). Signed-off-by: Ido Schimmel Reviewed-by: Vadim Pasternak Signed-off-by: Petr Machata Reviewed-by: Wojciech Drewek Link: https://patch.msgid.link/a661ad468f8ad0d7d533d8334e4abf61dfe34342.1722345311.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit 73c18f9998fd1f172baaea26d266b1efa4e7b0c5 Author: Ido Schimmel Date: Tue Jul 30 15:58:16 2024 +0200 mlxsw: core_thermal: Remove unused arguments 'dev' and 'core' arguments are not used by mlxsw_thermal_module_init(). Remove them. Signed-off-by: Ido Schimmel Reviewed-by: Vadim Pasternak Signed-off-by: Petr Machata Reviewed-by: Wojciech Drewek Link: https://patch.msgid.link/563fc7383f61809a306b9954872219eaaf3c689b.1722345311.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit d81d71434036642882b55cf93432bf4a1720a481 Author: Ido Schimmel Date: Tue Jul 30 15:58:15 2024 +0200 mlxsw: core_thermal: Fold two loops into one There is no need to traverse the same array twice. Do it once by folding both loops into one. Signed-off-by: Ido Schimmel Reviewed-by: Vadim Pasternak Signed-off-by: Petr Machata Reviewed-by: Wojciech Drewek Link: https://patch.msgid.link/81756744ed532aaa9249a83fc08757accfe8b07c.1722345311.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit 2a1c9dcb52ddc2916115e4a781f9f2a09c536d97 Author: Ido Schimmel Date: Tue Jul 30 15:58:14 2024 +0200 mlxsw: core_thermal: Remove another unnecessary check mlxsw_thermal_modules_init() allocates an array of modules and then initializes each entry by calling mlxsw_thermal_module_init() which among other things initializes the 'parent' pointer of the entry. mlxsw_thermal_modules_init() then traverses over the array again, but skips over entries that do not have their 'parent' pointer set which is impossible given the above. Therefore, remove the unnecessary check. Signed-off-by: Ido Schimmel Reviewed-by: Vadim Pasternak Signed-off-by: Petr Machata Reviewed-by: Wojciech Drewek Link: https://patch.msgid.link/fb3e8ded422a441436431d5785b900f11ffc9621.1722345311.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit 4be011d76408bb7ecfd2f3e00ab89c9a54ce94ce Author: Ido Schimmel Date: Tue Jul 30 15:58:13 2024 +0200 mlxsw: core_thermal: Remove unnecessary check mlxsw_thermal_modules_init() allocates an array of modules and then calls mlxsw_thermal_module_init() to initialize each entry in the array. It is therefore impossible for mlxsw_thermal_module_init() to encounter an entry that is already initialized and has its 'parent' pointer set. Remove the unnecessary check. Signed-off-by: Ido Schimmel Reviewed-by: Vadim Pasternak Signed-off-by: Petr Machata Reviewed-by: Wojciech Drewek Signed-off-by: Jakub Kicinski commit a1bb54b1a066e30e4130205a7dba78db9df56fa8 Author: Ido Schimmel Date: Tue Jul 30 15:58:12 2024 +0200 mlxsw: core_thermal: Call thermal_zone_device_unregister() unconditionally The function returns immediately if the thermal zone pointer is NULL so there is no need to check it before calling the function. Remove the check. Signed-off-by: Ido Schimmel Reviewed-by: Vadim Pasternak Signed-off-by: Petr Machata Reviewed-by: Wojciech Drewek Link: https://patch.msgid.link/0bd251aa8ce03d3c951983aa6b4300d8205b88a7.1722345311.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski commit f1e6f89506e48b42235755fb3c2b73022697d8e5 Author: Pallavi Mishra Date: Thu Aug 1 01:26:22 2024 +0530 drm/xe/xe2: Enable Priority Mem Read Enable feature to allow memory reads to take a priority memory path. This will reduce latency on the read path, but may introduce read after write (RAW) hazards as read and writes will no longer be ordered. To avoid RAW hazards, SW can use the MI_MEM_FENCE command or any other MI command that generates non posted memory writes. This will ensure data is coherent in memory prior to execution of commands which read data from memory. RCS,BCS and CCS support this feature. No pattern identified in KMD that could lead to a hazard. v2: Modify commit message, enable priority mem read feature for media, modify version range, modify bspec detail (Matt Roper) v3: Rebase, fix cramped line-wrapping (jcavitt) v4: Rebase v5: Media does not support Priority Mem Read. Modify commit to reflect the same. v6: Rebase Bspec: 60298, 60237, 60187, 60188 Signed-off-by: Pallavi Mishra Reviewed-by: Matt Roper Acked-by: José Roberto de Souza Acked-by: Carl Zhang Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240731195622.1868401-1-pallavi.mishra@intel.com commit 32121e158449f0b6d6ab6b2e63b22d9d80471563 Author: Kanak Shilledar Date: Fri Jul 5 15:04:59 2024 +0530 riscv: dts: thead: add basic spi node created spi0 node with fixed clock. the spi0 node uses synopsis designware driver and has the following compatible "snps,dw-apb-ssi". the spi0 node is connected to a SPI NOR flash pad which is left unpopulated on the back side of the board. Acked-by: Drew Fustini Signed-off-by: Kanak Shilledar Signed-off-by: Drew Fustini commit 9c26a1d0a01c941706fd0be55915b4db87bbe7c3 Author: Krzysztof Olędzki Date: Tue Jul 30 17:49:53 2024 -0700 net/mlx4: Add support for EEPROM high pages query for QSFP/QSFP+/QSFP28 Enable reading additional EEPROM information from high pages such as thresholds and alarms on QSFP/QSFP+/QSFP28 modules. "This is similar to commit a708fb7b1f8d ("net/mlx5e: ethtool, Add support for EEPROM high pages query") but given all the required logic already exists in mlx4_qsfp_eeprom_params_set() only s/_LEN/MAX_LEN/ is needed. Tested-by: Dan Merillat Signed-off-by: Krzysztof Piotr Oledzki Reviewed-by: Ido Schimmel Link: https://patch.msgid.link/b17c5336-6dc3-41f2-afa6-f9e79231f224@ans.pl Signed-off-by: Jakub Kicinski commit 2b28fe75c7dbe7ec322e706eed4622964409e21d Author: Florian Fainelli Date: Fri Jul 26 16:34:14 2024 -0700 ARM: bcm: Select ARM_GIC_V3 for ARCH_BRCMSTB A number of recent Broadcom STB SoCs utilize a GIC-600 interrupt controller thus requiring the use of the GICv3 driver. Link: https://lore.kernel.org/r/20240726233414.2305526-1-florian.fainelli@broadcom.com Signed-off-by: Florian Fainelli commit 8585ffeffeb2b415472b3a7afaed4478fb83925e Author: Animesh Agarwal Date: Tue Jul 30 19:43:34 2024 +0530 dt-bindings: clock: nxp,lpc3220-usb-clk: Convert bindings to dtschema Convert the NXP LPC32xx USB Clock Controller bindings to yaml format. Cc: Daniel Baluta Signed-off-by: Animesh Agarwal Link: https://lore.kernel.org/r/20240730141338.46234-1-animeshagarwal28@gmail.com Reviewed-by: Krzysztof Kozlowski Signed-off-by: Stephen Boyd commit b33037a0314798c23be89d103e97f045e4bc8ba9 Author: Animesh Agarwal Date: Wed Jul 31 12:21:33 2024 +0530 dt-bindings: clock: nxp,lpc3220-clk: Convert bindings to DT schema Convert the NXP LPC32xx Clock Controller bindings to yaml format. Cc: Daniel Baluta Signed-off-by: Animesh Agarwal Link: https://lore.kernel.org/r/20240731065137.156935-1-animeshagarwal28@gmail.com Reviewed-by: Krzysztof Kozlowski Signed-off-by: Stephen Boyd commit 4ed0f392e7dbd2e90a903bdd77d1f6e61b7d3073 Author: Weilin Wang Date: Wed May 22 13:42:54 2024 -0700 perf test: make metric validation test return early when there is no metric supported on the test system Add a check to return the metric validation test early when perf list metric does not output any metric. This would happen when NO_JEVENTS=1 is set or in a system that there is no metric supported. Signed-off-by: Weilin Wang Tested-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Caleb Biggers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Cc: Perry Taylor Cc: Peter Zijlstra Cc: Samantha Alt Link: https://lore.kernel.org/lkml/20240522204254.1841420-1-weilin.wang@intel.com Signed-off-by: Arnaldo Carvalho de Melo commit 74ae366c37b71b46be7f2fa45fa4b2c9c6708fbe Author: Namhyung Kim Date: Sun Jul 28 17:41:27 2024 -0700 perf ftrace profile: Add -s/--sort option The -s/--sort option is to sort the output by given column. $ sudo perf ftrace profile -s max sync | head # Total (us) Avg (us) Max (us) Count Function 6301.811 6301.811 6301.811 1 __do_sys_sync 6301.328 6301.328 6301.328 1 ksys_sync 5320.300 1773.433 2858.819 3 iterate_supers 2755.875 17.012 2610.633 162 sync_fs_one_sb 2728.351 682.088 2610.413 4 ext4_sync_fs [ext4] 2603.654 2603.654 2603.654 1 jbd2_log_wait_commit [jbd2] 4750.615 593.827 2597.427 8 schedule 2164.986 26.728 2115.673 81 sync_inodes_one_sb 2143.842 26.467 2115.438 81 sync_inodes_sb Reviewed-by: Ian Rogers Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Changbin Du Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Steven Rostedt (VMware) Link: https://lore.kernel.org/lkml/20240729004127.238611-5-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 0f223813edd051a516ec4b1fc23b1fdc00dd3b6d Author: Namhyung Kim Date: Sun Jul 28 17:41:26 2024 -0700 perf ftrace: Add 'profile' command The 'perf ftrace profile' command is to get function execution profiles using function-graph tracer so that users can see the total, average, max execution time as well as the number of invocations easily. The following is a profile for the perf_event_open syscall. $ sudo perf ftrace profile -G __x64_sys_perf_event_open -- \ perf stat -e cycles -C1 true 2> /dev/null | head # Total (us) Avg (us) Max (us) Count Function 65.611 65.611 65.611 1 __x64_sys_perf_event_open 30.527 30.527 30.527 1 anon_inode_getfile 30.260 30.260 30.260 1 __anon_inode_getfile 29.700 29.700 29.700 1 alloc_file_pseudo 17.578 17.578 17.578 1 d_alloc_pseudo 17.382 17.382 17.382 1 __d_alloc 16.738 16.738 16.738 1 kmem_cache_alloc_lru 15.686 15.686 15.686 1 perf_event_alloc 14.012 7.006 11.264 2 obj_cgroup_charge # Reviewed-by: Ian Rogers Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Changbin Du Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Steven Rostedt (VMware) Link: https://lore.kernel.org/lkml/20240729004127.238611-4-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 608585f43f9e4798db7585d8999c0404103d4b66 Author: Namhyung Kim Date: Sun Jul 28 17:41:25 2024 -0700 perf ftrace: Factor out check_ftrace_capable() The check is a common part of the ftrace commands, let's move it out. Reviewed-by: Ian Rogers Signed-off-by: Namhyung Kim Cc: Adrian Hunter Cc: Changbin Du Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Steven Rostedt (VMware) Link: https://lore.kernel.org/lkml/20240729004127.238611-3-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit c77800894b5a7d7d37b83862fd732230c5c3e518 Author: Namhyung Kim Date: Sun Jul 28 17:41:24 2024 -0700 perf ftrace: Add 'tail' option to --graph-opts The 'graph-tail' option is to print function name as a comment at the end. This is useful when a large function is mixed with other functions (possibly from different CPUs). For example, $ sudo perf ftrace -- perf stat true ... 1) | get_unused_fd_flags() { 1) | alloc_fd() { 1) 0.178 us | _raw_spin_lock(); 1) 0.187 us | expand_files(); 1) 0.169 us | _raw_spin_unlock(); 1) 1.211 us | } 1) 1.503 us | } $ sudo perf ftrace --graph-opts tail -- perf stat true ... 1) | get_unused_fd_flags() { 1) | alloc_fd() { 1) 0.099 us | _raw_spin_lock(); 1) 0.083 us | expand_files(); 1) 0.081 us | _raw_spin_unlock(); 1) 0.601 us | } /* alloc_fd */ 1) 0.751 us | } /* get_unused_fd_flags */ Reviewed-by: Ian Rogers Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Changbin Du Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Cc: Steven Rostedt (VMware) Link: https://lore.kernel.org/lkml/20240729004127.238611-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo commit 156e8dcfeceebce0694fb00542ac68e61a785fe1 Author: Dr. David Alan Gilbert Date: Sat Jul 27 18:59:19 2024 +0100 perf test pmu: Remove unused test_pmus Commit aa1551f299ba ("perf test pmu: Refactor format test and exposed test APIs") added the 'test_pmus' list, but didn't use it. (It seems to put them on the other_pmus list?) Remove it. Fixes: aa1551f299ba414c ("perf test pmu: Refactor format test and exposed test APIs") Reviewed-by: Ian Rogers Signed-off-by: Dr. David Alan Gilbert Cc: Ian Rogers Cc: Kan Liang Link: https://lore.kernel.org/lkml/20240727175919.1041468-1-linux@treblig.org Signed-off-by: Arnaldo Carvalho de Melo commit feab89bf991c940e2d44e45ededbde8640ac8830 Author: Adrian Hunter Date: Mon Jul 15 19:07:05 2024 +0300 perf tools: Enable evsel__is_aux_event() to work for S390_CPUMSF evsel__is_aux_event() identifies AUX area tracing selected events. S390_CPUMSF uses a raw event type (PERF_TYPE_RAW - refer s390_cpumsf_evsel_is_auxtrace()) not a PMU type value that could be checked in evsel__is_aux_event(). However it sets needs_auxtrace_mmap (refer auxtrace_record__init()), so check that first. Currently, the features that use evsel__is_aux_event() are used only by Intel PT, but that may change in the future. Reviewed-by: Andi Kleen Reviewed-by: Leo Yan Signed-off-by: Adrian Hunter Acked-by: Ian Rogers Cc: Alexander Shishkin Cc: Heiko Carstens Cc: Hendrik Brueckner Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Jonathan Cameron Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Suzuki Poulouse Cc: Thomas Richter Cc: Will Deacon Cc: Yicong Yang Cc: coresight@lists.linaro.org Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240715160712.127117-7-adrian.hunter@intel.com Signed-off-by: Arnaldo Carvalho de Melo commit c91928a8d5243f6b7355aab6325fe7545ee65404 Author: Adrian Hunter Date: Mon Jul 15 19:07:04 2024 +0300 perf tools: Enable evsel__is_aux_event() to work for ARM/ARM64 Set pmu->auxtrace on ARM/ARM64 AUX area PMUs. evsel__is_aux_event() needs the setting to identify AUX area tracing selected events. Currently, the features that use evsel__is_aux_event() are used only by Intel PT, but that may change in the future. Reviewed-by: Andi Kleen Reviewed-by: Leo Yan Signed-off-by: Adrian Hunter Acked-by: Ian Rogers Cc: Alexander Shishkin Cc: Heiko Carstens Cc: Hendrik Brueckner Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: Jonathan Cameron Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Suzuki Poulouse Cc: Thomas Richter Cc: Will Deacon Cc: Yicong Yang Cc: coresight@lists.linaro.org Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240715160712.127117-6-adrian.hunter@intel.com Signed-off-by: Arnaldo Carvalho de Melo commit ae8e4f4048b839c1cb333d9e3d20e634b430139e Author: James Clark Date: Tue Jul 23 14:28:58 2024 +0100 perf scripts python cs-etm: Restore first sample log in verbose mode The linked commit moved the early return on the first sample to before the verbose log, so move the log earlier too. Now the first sample is also logged and not skipped. Fixes: 2d98dbb4c9c5b09c ("perf scripts python arm-cs-trace-disasm.py: Do not ignore disam first sample") Reviewed-by: Leo Yan Signed-off-by: James Clark Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Benjamin Gray Cc: coresight@lists.linaro.org Cc: gankulkarni@os.amperecomputing.com Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Mark Rutland Cc: Mike Leach Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Ruidong Tian Cc: Suzuki Poulouse Link: https://lore.kernel.org/r/20240723132858.12747-1-james.clark@linaro.org Signed-off-by: Arnaldo Carvalho de Melo commit 4194744602c8cd971ad7fd95710416ca0568d999 Author: James Clark Date: Mon Jul 22 16:27:56 2024 +0100 perf cs-etm: Output 0 instead of 0xdeadbeef when exception packets are flushed Normally exception packets don't directly output a branch sample, but if they're the last record in a buffer then they will. Because they don't have addresses set we'll see the placeholder value CS_ETM_INVAL_ADDR (0xdeadbeef) in the output. Since commit 6035b6804bdf ("perf cs-etm: Support dummy address value for CS_ETM_TRACE_ON packet") we've used 0 as an externally visible "not set" address value. For consistency reasons and to not make exceptions look like an error, change them to use 0 too. This is particularly visible when doing userspace only tracing because trace is disabled when jumping to the kernel, causing the flush and then forcing the last exception packet to be emitted as a branch. With kernel trace included, there is no flush so exception packets don't generate samples until the next range packet and they'll pick up the correct address. Before: $ perf record -e cs_etm//u -- stress -i 1 -t 1 $ perf script -F comm,ip,addr,flags stress syscall ffffb7eedbc0 => deadbeefdeadbeef stress syscall ffffb7f14a14 => deadbeefdeadbeef stress syscall ffffb7eedbc0 => deadbeefdeadbeef After: stress syscall ffffb7eedbc0 => 0 stress syscall ffffb7f14a14 => 0 stress syscall ffffb7eedbc0 => 0 Reviewed-by: Mike Leach Signed-off-by: James Clark Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: James Clark Cc: Jiri Olsa Cc: John Garry Cc: Leo Yan Cc: Leo Yan Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Suzuki Poulouse Cc: Will Deacon Cc: coresight@lists.linaro.org Cc: gankulkarni@os.amperecomputing.com Cc: linux-arm-kernel@lists.infradead.org Link: https://lore.kernel.org/r/20240722152756.59453-2-james.clark@linaro.org Signed-off-by: Arnaldo Carvalho de Melo commit 496cae1b3306e2ea7bbb8ca7ced082a2046afed9 Author: Chen Ni Date: Tue Jul 16 15:53:47 2024 +0800 perf inject: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Reviewed-by: Ian Rogers Signed-off-by: Chen Ni Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240716075347.969041-1-nichen@iscas.ac.cn Signed-off-by: Arnaldo Carvalho de Melo commit e60fc19eab439736009018406a19fad28e60e664 Author: Chen Ni Date: Tue Jul 16 15:43:40 2024 +0800 perf daemon: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Reviewed-by: Ian Rogers Signed-off-by: Chen Ni Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240716074340.968909-1-nichen@iscas.ac.cn Signed-off-by: Arnaldo Carvalho de Melo commit 050f2a03aaadac13fff13f9ab7c5c1f0937ab729 Author: Chen Ni Date: Tue Jul 16 15:34:05 2024 +0800 perf annotate: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Reviewed-by: Ian Rogers Signed-off-by: Chen Ni Cc: Adrian Hunter Cc: Ahelenia Ziemiańska Cc: Alexander Shishkin Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Pekka Enberg Cc: Peter Zijlstra Link: https://lore.kernel.org/r/20240716073405.968801-1-nichen@iscas.ac.cn Signed-off-by: Arnaldo Carvalho de Melo commit 42d37fc0c819b81f6f6afd108b55d04ba9d32d0f Author: Kajol Jain Date: Tue Jul 23 10:51:54 2024 +0530 perf vendor events power10: Update JSON/events Update JSON/events for power10 platform with additional events. Also move PM_VECTOR_LD_CMPL event from others.json to frontend.json file. Reviewed-by: Ian Rogers Signed-off-by: Kajol Jain Tested-by: Disha Goel Cc: Akanksha J N Cc: Athira Rajeev Cc: Disha Goel Cc: Madhavan Srinivasan Cc: Namhyung Kim Cc: hbathini@linux.ibm.com Cc: linuxppc-dev@lists.ozlabs.org Link: https://lore.kernel.org/r/20240723052154.96202-1-kjain@linux.ibm.com [ Remove alternative to ' char that made the build break in some distros with a unicode parsing python error ] Signed-off-by: Arnaldo Carvalho de Melo commit 8bd2aa8529aca1f39bc2bfac4f68adc47c6bd1d7 Author: Rob Herring (Arm) Date: Wed Jul 31 13:12:52 2024 -0600 Input: tc3589x - use of_property_present() Use of_property_present() to test for property presence rather than of_get_property(). This is part of a larger effort to remove callers of of_get_property() and similar functions. of_get_property() leaks the DT property data pointer which is a problem for dynamically allocated nodes which may be freed. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240731191312.1710417-14-robh@kernel.org Signed-off-by: Dmitry Torokhov commit 2c9db7475e5de5125b5043fe8f560284b248b0ae Author: Athira Rajeev Date: Thu Jul 18 14:13:58 2024 +0530 perf annotate: Set instruction name to be used with insn-stat when using raw instruction Since the "ins.name" is not set while using raw instruction, 'perf annotate' with insn-stat gives wrong data: Result from "./perf annotate --data-type --insn-stat": Annotate Instruction stats total 615, ok 419 (68.1%), bad 196 (31.9%) Name : Good Bad ----------------------------------------------------------- : 419 196 This patch sets "dl->ins.name" in arch specific function "check_ppc_insn" while initialising "struct disasm_line". Also update "ins_find" function to pass "struct disasm_line" as a parameter so as to set its name field in arch specific call. With the patch changes: Annotate Instruction stats total 609, ok 446 (73.2%), bad 163 (26.8%) Name/opcode : Good Bad ----------------------------------------------------------- 58 : 323 80 32 : 49 43 34 : 33 11 OP_31_XOP_LDX : 8 20 40 : 23 0 OP_31_XOP_LWARX : 5 1 OP_31_XOP_LWZX : 2 3 OP_31_XOP_LDARX : 3 0 33 : 0 2 OP_31_XOP_LBZX : 0 1 OP_31_XOP_LWAX : 0 1 OP_31_XOP_LHZX : 0 1 Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-16-atrajeev@linux.vnet.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit c5d60de1813a9e09ea6d94f82da287d0fa1e1179 Author: Athira Rajeev Date: Thu Jul 18 14:13:57 2024 +0530 perf annotate: Add support to use libcapstone in powerpc Now perf uses the capstone library to disassemble the instructions in x86. capstone is used (if available) for perf annotate to speed up. Currently it only supports x86 architecture. This patch includes changes to enable this in powerpc. For now, only for data type sort keys, this method is used and only binary code (raw instruction) is read. This is because powerpc approach to understand instructions and reg fields uses raw instruction. The "cs_disasm" is currently not enabled. While attempting to do cs_disasm, observation is that some of the instructions were not identified (ex: extswsli, maddld) and it had to fallback to use objdump. Hence enabling "cs_disasm" is added in comment section as a TODO for powerpc. Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-15-atrajeev@linux.vnet.ibm.com [ Use dso__nsinfo(dso) as required to match EXTRA_CFLAGS=-DREFCNT_CHECKING=1 build expectations ] Signed-off-by: Arnaldo Carvalho de Melo commit f1e9347c855de73d8df1b0fa763184a46548d62f Author: Athira Rajeev Date: Thu Jul 18 14:13:56 2024 +0530 perf annotate: Use capstone_init and remove open_capstone_handle from disasm.c capstone_init is made availbale for all archs to use and updated to enable support for CS_ARCH_PPC as well. Patch removes open_capstone_handle and uses capstone_init in all the places. Committer notes: Avoid including capstone/capstone.h from print_insn.h to not break the build in builtin-script.c due to the namespace clash with libbpf: /usr/include/capstone/bpf.h:94:14: error: 'bpf_insn' defined as wrong kind of tag Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-14-atrajeev@linux.vnet.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 1fe86bc245abd1aded01403675d6610455794b5f Author: Athira Rajeev Date: Thu Jul 18 14:13:55 2024 +0530 perf annotate: Make capstone_init non-static so that it can be used during symbol disassemble symbol__disassemble_capstone in util/disasm.c calls function open_capstone_handle to open/init the capstone. We already have a capstone_init function in "util/print_insn.c". But capstone_init is defined as a static function in util/print_insn.c. Change this and also add the function in print_insn.h The open_capstone_handle checks the disassembler_style option from annotation_options to decide whether to set CS_OPT_SYNTAX_ATT. Add that logic in capstone_init also and by default set it to true. Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-13-atrajeev@linux.vnet.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 88444952bdfe27fcc91b1c499a0f77675db592a9 Author: Athira Rajeev Date: Thu Jul 18 14:13:54 2024 +0530 perf annotate: Update instruction tracking for powerpc Add instruction tracking function "update_insn_state_powerpc" for powerpc. Example sequence in powerpc: ld r10,264(r3) mr r31,r3 < ld r9,312(r31) Consider ithe sample is pointing to: "ld r9,312(r31)". Here the memory reference is hit at "312(r31)" where 312 is the offset and r31 is the source register. Previous instruction sequence shows that register state of r3 is moved to r31. So to identify the data type for r31 access, the previous instruction ("mr") needs to be tracked and the state type entry has to be updated. Current instruction tracking support in perf tools infrastructure is specific to x86. Patch adds this support for powerpc as well. Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-12-atrajeev@linux.vnet.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 539bfea3e09c8e7a773b0fc4f6a4b26d921d63ef Author: Athira Rajeev Date: Thu Jul 18 14:13:53 2024 +0530 perf annotate: Add more instructions for instruction tracking Add few more instructions and use opcode as search key to find if it is supported by the architecture. The added ones are: addi, addic, addic., addis, subfic and mulli Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-11-atrajeev@linux.vnet.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit cd0b6f67c4ab1aecdfedb277c42880fcffe75ace Author: Athira Rajeev Date: Thu Jul 18 14:13:52 2024 +0530 perf annotate: Add some of the arithmetic instructions to support instruction tracking in powerpc Data-type profiling has the concept of instruction tracking. Example sequence in powerpc: ld r10,264(r3) mr r31,r3 < ld r9,312(r31) or differently lwz r10,264(r3) add r31, r3, RB lwz r9, 0(r31) If a sample is hit at "lwz r9, 0(r31)", data type of r31 depends on previous instruction sequence here. So to track the previous instructions, patch adds changes to identify some of the arithmetic instructions which are having opcode as 31. Since memory instructions also has cases with opcode 31, use the bits 22:30 to filter the arithmetic instructions here. Also there are instructions with just two operands like "addme", "addze". This patch adds new instructions ops "arithmetic_ops" to handle this Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-10-atrajeev@linux.vnet.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit ace7d681d82d8ac6cc1c9646b19ab4cca7be0d90 Author: Athira Rajeev Date: Thu Jul 18 14:13:51 2024 +0530 perf annotate: Add support to identify memory instructions of opcode 31 in powerpc There are memory instructions in powerpc with opcode as 31. Example: "ldx RT,RA,RB" , Its X form is as below: ______________________________________ | 31 | RT | RA | RB | 21 |/| -------------------------------------- 0 6 11 16 21 30 31 The opcode for "ldx" is 31. There are other instructions also with opcode 31 which are memory insn like ldux, stbx, lwzx, lhaux But all instructions with opcode 31 are not memory. Example is add instruction: "add RT,RA,RB" The value in bit 21-30 [ 21 for ldx ] is different for these instructions. Patch uses this value to assign instruction ops for these cases. The naming convention and value to identify these are picked from defines in "arch/powerpc/include/asm/ppc-opcode.h" Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-9-atrajeev@linux.vnet.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 1acdad68183ab870fca1e63b64f32601be612611 Author: Athira Rajeev Date: Thu Jul 18 14:13:50 2024 +0530 perf annotate: Add parse function for memory instructions in powerpc Use the raw instruction code and macros to identify memory instructions, extract register fields and also offset. The implementation addresses the D-form, X-form, DS-form instructions. Two main functions are added. New parse function "load_store__parse" as instruction ops parser for memory instructions. Unlike other parsers (like mov__parse), this one fills in the "multi_regs" field for source/target and new added "mem_ref" field. No other fields are set because, here there is no need to parse the disassembled code and arch specific macros will take care of extracting offset and regs which is easier and will be precise. In powerpc, all instructions with a primary opcode from 32 to 63 are memory instructions. Update "ins__find" function to have "raw_insn" also as a parameter. Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-8-atrajeev@linux.vnet.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 1b4406d2a88cf65d615b0bcb42525d7a4723eb70 Author: Athira Rajeev Date: Thu Jul 18 14:13:49 2024 +0530 perf annotate: Update parameters for reg extract functions to use raw instruction on powerpc Use the raw instruction code and macros to identify memory instructions, extract register fields and also offset. The implementation addresses the D-form, X-form, DS-form instructions. Adds "mem_ref" field to check whether source/target has memory reference. Add function "get_powerpc_regs" which will set these fields: reg1, reg2, offset depending of where it is source or target ops. Update "parse" callback for "struct ins_ops" to also pass "struct disasm_line" as argument. This is needed in parse functions where opcode is used to determine whether to set multi_regs and other fields Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-7-atrajeev@linux.vnet.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 0b971e6bf1c305843a034ca762718b9428a5dd7f Author: Athira Rajeev Date: Thu Jul 18 14:13:48 2024 +0530 perf annotate: Add support to capture and parse raw instruction in powerpc using dso__data_read_offset utility Add support to capture and parse raw instruction in powerpc. Currently, the perf tool infrastructure uses two ways to disassemble and understand the instruction. One is objdump and other option is via libcapstone. Currently, the perf tool infrastructure uses "--no-show-raw-insn" option with "objdump" while disassemble. Example from powerpc with this option for an instruction address is: Snippet from: objdump --start-address=
--stop-address=
-d --no-show-raw-insn -C c0000000010224b4: lwz r10,0(r9) This line "lwz r10,0(r9)" is parsed to extract instruction name, registers names and offset. Also to find whether there is a memory reference in the operands, "memory_ref_char" field of objdump is used. For x86, "(" is used as memory_ref_char to tackle instructions of the form "mov (%rax), %rcx". In case of powerpc, not all instructions using "(" are the only memory instructions. Example, above instruction can also be of extended form (X form) "lwzx r10,0,r19". Inorder to easy identify the instruction category and extract the source/target registers, patch adds support to use raw instruction for powerpc. Approach used is to read the raw instruction directly from the DSO file using "dso__data_read_offset" utility which is already implemented in perf infrastructure in "util/dso.c". Example: 38 01 81 e8 ld r4,312(r1) Here "38 01 81 e8" is the raw instruction representation. In powerpc, this translates to instruction form: "ld RT,DS(RA)" and binary code as: | 58 | RT | RA | DS | | ------------------------------------- 0 6 11 16 30 31 Function "symbol__disassemble_dso" is updated to read raw instruction directly from DSO using dso__data_read_offset utility. In case of above example, this captures: line: 38 01 81 e8 The above works well when 'perf report' is invoked with only sort keys for data type ie type and typeoff. Because there is no instruction level annotation needed if only data type information is requested for. For annotating sample, along with type and typeoff sort key, "sym" sort key is also needed. And by default invoking just "perf report" uses sort key "sym" that displays the symbol information. With approach changes in powerpc which first reads DSO for raw instruction, "perf annotate" and "perf report" + a key breaks since it doesn't do the instruction level disassembly. Snippet of result from 'perf report': Samples: 1K of event 'mem-loads', 4000 Hz, Event count (approx.): 937238 do_work /usr/bin/pmlogger [Percent: local period] Percent│ ea230010 │ 3a550010 │ 3a600000 │ 38f60001 │ 39490008 │ 42400438 51.44 │ 81290008 │ 7d485378 Here, raw instruction is displayed in the output instead of human readable annotated form. One way to get the appropriate data is to specify "--objdump path", by which code annotation will be done. But the default behaviour will be changed. To fix this breakage, check if "sym" sort key is set. If so fallback and use the libcapstone/objdump way of disassmbling the sample. With the changes and "perf report" Samples: 1K of event 'mem-loads', 4000 Hz, Event count (approx.): 937238 do_work /usr/bin/pmlogger [Percent: local period] Percent│ ld r17,16(r3) │ addi r18,r21,16 │ li r19,0 │ 8b0: rldicl r10,r10,63,33 │ addi r10,r10,1 │ mtctr r10 │ ↓ b 8e4 │ 8c0: addi r7,r22,1 │ addi r10,r9,8 │ ↓ bdz d00 51.44 │ lwz r9,8(r9) │ mr r8,r10 │ cmpw r20,r9 Committer notes: Just add the extern for 'sort_order' in disasm.c so that we don't end up breaking the build due to this type colision with capstone and libbpf: In file included from /usr/include/capstone/capstone.h:325, from /git/perf-6.10.0/tools/perf/util/print_insn.h:23, from builtin-script.c:38: /usr/include/capstone/bpf.h:94:14: error: 'bpf_insn' defined as wrong kind of tag 94 | typedef enum bpf_insn { I reported this to the bpf mailing list, see one of the links below. Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-6-atrajeev@linux.vnet.ibm.com Link: https://lore.kernel.org/bpf/ZqOltPk9VQGgJZAA@x1/T/#u Signed-off-by: Arnaldo Carvalho de Melo commit 06dd4c5a561c48c66745352bae0b2c04bbe455be Author: Athira Rajeev Date: Thu Jul 18 14:13:47 2024 +0530 perf annotate: Add disasm_line__parse() to parse raw instruction for powerpc Currently, the perf tool infrastructure uses the disasm_line__parse function to parse disassembled line. Example snippet from objdump: objdump --start-address=
--stop-address=
-d --no-show-raw-insn -C c0000000010224b4: lwz r10,0(r9) This line "lwz r10,0(r9)" is parsed to extract instruction name, registers names and offset. In powerpc, the approach for data type profiling uses raw instruction instead of result from objdump to identify the instruction category and extract the source/target registers. Example: 38 01 81 e8 ld r4,312(r1) Here "38 01 81 e8" is the raw instruction representation. Add function "disasm_line__parse_powerpc" to handle parsing of raw instruction. Also update "struct disasm_line" to save the binary code/ With the change, function captures: line -> "38 01 81 e8 ld r4,312(r1)" raw instruction "38 01 81 e8" Raw instruction is used later to extract the reg/offset fields. Macros are added to extract opcode and register fields. "struct disasm_line" is updated to carry union of "bytes" and "raw_insn" of 32 bit to carry raw code (raw). Function "disasm_line__parse_powerpc fills the raw instruction hex value and can use macros to get opcode. There is no changes in existing code paths, which parses the disassembled code. The size of raw instruction depends on architecture. In case of powerpc, the parsing the disasm line needs to handle cases for reading binary code directly from DSO as well as parsing the objdump result. Hence adding the logic into separate function instead of updating "disasm_line__parse". The architecture using the instruction name and present approach is not altered. Since this approach targets powerpc, the macro implementation is added for powerpc as of now. Since the disasm_line__parse is used in other cases (perf annotate) and not only data tye profiling, the powerpc callback includes changes to work with binary code as well as mnemonic representation. Also in case if the DSO read fails and libcapstone is not supported, the approach fallback to use objdump as option. Hence as option, patch has changes to ensure objdump option also works well. Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-5-atrajeev@linux.vnet.ibm.com [ Add check for strndup() result ] Signed-off-by: Arnaldo Carvalho de Melo commit b1d8d968a7983e9756de34b8bcaa24cc339828ed Author: Athira Rajeev Date: Thu Jul 18 14:13:46 2024 +0530 perf annotate: Update TYPE_STATE_MAX_REGS to include max of regs in powerpc TYPE_STATE_MAX_REGS is arch-dependent. Currently this is defined to be 16. While checking if reg is valid using has_reg_type, max value is checked using TYPE_STATE_MAX_REGS value. Define this conditionally for powerpc. Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-4-atrajeev@linux.vnet.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 782959ac248ac3cbac80f7476d4e0410662ff400 Author: Athira Rajeev Date: Thu Jul 18 14:13:45 2024 +0530 perf annotate: Add "update_insn_state" callback function to handle arch specific instruction tracking Add "update_insn_state" callback to "struct arch" to handle instruction tracking. Currently updating instruction state is handled by static function "update_insn_state_x86" which is defined in "annotate-data.c". Make this as a callback for specific arch and move to archs specific file "arch/x86/annotate/instructions.c" . This will help to add helper function for other platforms in file: "arch//annotate/instructions.c" and make changes/updates easier. Define callback "update_insn_state" as part of "struct arch", also make some of the debug functions non-static so that it can be referenced from other places. Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-3-atrajeev@linux.vnet.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit 1d303deedb1057c6ca36fc0d1c0d7bf58a5b7322 Author: Athira Rajeev Date: Thu Jul 18 14:13:44 2024 +0530 perf annotate: Move the data structures related to register type to header file Data type profiling uses instruction tracking by checking each instruction and updating the register type state in some data structures. This is useful to find the data type in cases when the register state gets transferred from one reg to another. Example, in x86, "mov" instruction and in powerpc, "mr" instruction. Currently these structures are defined in annotate-data.c and instruction tracking is implemented only for x86. Move these data structures to "annotate-data.h" header file so that other arch implementations can use it in arch specific files as well. Reviewed-by: Kajol Jain Reviewed-by: Namhyung Kim Signed-off-by: Athira Rajeev Tested-by: Kajol Jain Cc: Adrian Hunter Cc: Akanksha J N Cc: Christophe Leroy Cc: Disha Goel Cc: Hari Bathini Cc: Ian Rogers Cc: Jiri Olsa Cc: Madhavan Srinivasan Cc: Segher Boessenkool Link: https://lore.kernel.org/lkml/20240718084358.72242-2-atrajeev@linux.vnet.ibm.com Signed-off-by: Arnaldo Carvalho de Melo commit e293f4b1e57fcc4d7d34b7a7a44ebec8ba8a1b7d Author: Ian Rogers Date: Wed Jul 17 09:57:17 2024 -0700 perf test: Avoid python leak sanitizer test failures Leak sanitizer will report memory leaks from python and the leak sanitizer output causes tests to fail. For example: ``` $ perf test 98 -v 98: perf script tests: --- start --- test child forked, pid 1272962 DB test [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.046 MB /tmp/perf-test-script.x0EktdCel8/perf.data (8 samples) ] call_path_table((1, 0, 0, 0) call_path_table((2, 1, 0, 140339508617447) call_path_table((3, 2, 2, 0) call_path_table((4, 3, 3, 0) call_path_table((5, 4, 4, 0) call_path_table((6, 5, 5, 0) call_path_table((7, 6, 6, 0) call_path_table((8, 7, 7, 0) call_path_table((9, 8, 8, 0) call_path_table((10, 9, 9, 0) call_path_table((11, 10, 10, 0) call_path_table((12, 11, 11, 0) call_path_table((13, 12, 1, 0) sample_table((1, 1, 1, 1, 1, 1, 1, 8, -2058824120, 588306954119000, -1, 0, 0, 0, 0, 1, 0, 0, 128933429281, 0, 0, 13, 0, 0, 0, -1, -1)) sample_table((2, 1, 1, 1, 1, 1, 1, 8, -2058824120, 588306954137053, -1, 0, 0, 0, 0, 1, 0, 0, 128933429281, 0, 0, 13, 0, 0, 0, -1, -1)) sample_table((3, 1, 1, 1, 1, 1, 1, 8, -2058824120, 588306954140089, -1, 0, 0, 0, 0, 9, 0, 0, 128933429281, 0, 0, 13, 0, 0, 0, -1, -1)) sample_table((4, 1, 1, 1, 1, 1, 1, 8, -2058824120, 588306954142376, -1, 0, 0, 0, 0, 155, 0, 0, 128933429281, 0, 0, 13, 0, 0, 0, -1, -1)) sample_table((5, 1, 1, 1, 1, 1, 1, 8, -2058824120, 588306954144045, -1, 0, 0, 0, 0, 2493, 0, 0, 128933429281, 0, 0, 13, 0, 0, 0, -1, -1)) sample_table((6, 1, 1, 1, 1, 1, 12, 77, -2046828595, 588306954145722, -1, 0, 0, 0, 0, 47555, 0, 0, 128933429281, 0, 0, 13, 0, 0, 0, -1, -1)) call_path_table((14, 9, 14, 0) call_path_table((15, 14, 15, 0) call_path_table((16, 15, 0, -1040969624) call_path_table((17, 16, 16, 0) call_path_table((18, 17, 17, 0) call_path_table((19, 18, 18, 0) call_path_table((20, 19, 19, 0) call_path_table((21, 20, 13, 0) sample_table((7, 1, 1, 1, 2, 1, 13, 46, -2053700898, 588306954157436, -1, 0, 0, 0, 0, 964078, 0, 0, 128933429281, 0, 0, 21, 0, 0, 0, -1, -1)) call_path_table((22, 1, 21, 0) call_path_table((23, 22, 22, 0) call_path_table((24, 23, 23, 0) call_path_table((25, 24, 24, 0) call_path_table((26, 25, 25, 0) call_path_table((27, 26, 26, 0) call_path_table((28, 27, 27, 0) call_path_table((29, 28, 28, 0) call_path_table((30, 29, 29, 0) call_path_table((31, 30, 30, 0) call_path_table((32, 31, 31, 0) call_path_table((33, 32, 32, 0) call_path_table((34, 33, 33, 0) call_path_table((35, 34, 20, 0) sample_table((8, 1, 1, 1, 2, 1, 20, 49, -2046878127, 588306954378624, -1, 0, 0, 0, 0, 2534317, 0, 0, 128933429281, 0, 0, 35, 0, 0, 0, -1, -1)) ================================================================= ==1272975==ERROR: LeakSanitizer: detected memory leaks Direct leak of 13628 byte(s) in 6 object(s) allocated from: #0 0x56354f60c092 in malloc (/tmp/perf/perf+0x29c092) #1 0x7ff25c7d02e7 in _PyObject_Malloc /build/python3.11/../Objects/obmalloc.c:2003:11 #2 0x7ff25c7d02e7 in _PyObject_Malloc /build/python3.11/../Objects/obmalloc.c:1996:1 SUMMARY: AddressSanitizer: 13628 byte(s) leaked in 6 allocation(s). --- Cleaning up --- ---- end(-1) ---- 98: perf script tests : FAILED! ``` Disable leak sanitizer when running specific perf+python tests to avoid this. This causes the tests to pass when run with leak sanitizer. Reviewed-by: Aditya Gupta Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Andi Kleen Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Thomas Richter Signed-off-by: Arnaldo Carvalho de Melo commit c3d747134cec49aa95aad22d14deffa43b2be37d Author: Arnaldo Carvalho de Melo Date: Tue Jun 25 02:13:45 2024 +0800 perf trace: Remove arg_fmt->is_enum, we can get that from the BTF type This is to pave the way for other BTF types, i.e. we try to find BTF type then use things like btf_is_enum(btf_type) that we cached to find the right strtoul and scnprintf routines. For now only enum is supported, all the other types simple return zero for scnprintf which makes it have the same behaviour as when BTF isn't available, i.e. fallback to no pretty printing. Ditto for strtoul. root@x1:~# perf test -v enum 124: perf trace enum augmentation tests : Ok root@x1:~# perf test -v enum 124: perf trace enum augmentation tests : Ok root@x1:~# perf test -v enum 124: perf trace enum augmentation tests : Ok root@x1:~# perf test -v enum 124: perf trace enum augmentation tests : Ok root@x1:~# perf test -v enum 124: perf trace enum augmentation tests : Ok root@x1:~# Signed-off-by: Howard Chu Tested-by: Howard Chu Cc: Adrian Hunter Cc: Howard Chu Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240624181345.124764-9-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit 62284329b194606f73252935cc422cf6156e811a Author: Arnaldo Carvalho de Melo Date: Tue Jun 25 02:13:44 2024 +0800 perf trace: Introduce trace__btf_scnprintf() To have a central place that will look at the BTF type and call the right scnprintf routine or return zero, meaning BTF pretty printing isn't available or not implemented for a specific type. Signed-off-by: Howard Chu Tested-by: Howard Chu Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/r/20240624181345.124764-8-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit d66763fed30f0bd8cc8fb2c8c144c69fcb560bda Author: Howard Chu Date: Tue Jun 25 02:13:43 2024 +0800 perf test trace_btf_enum: Add regression test for the BTF augmentation of enums in 'perf trace' Trace landlock_add_rule syscall to see if the output is desirable. Trace the non-syscall tracepoint 'timer:hrtimer_init' and 'timer:hrtimer_start', see if the 'mode' argument is augmented, the 'mode' enum argument has the prefix of 'HRTIMER_MODE_' in its name. Committer testing: root@x1:~# perf test enum 124: perf trace enum augmentation tests : Ok root@x1:~# perf test -v enum 124: perf trace enum augmentation tests : Ok root@x1:~# perf trace -e landlock_add_rule perf test -v enum 0.000 ( 0.010 ms): perf/749827 landlock_add_rule(ruleset_fd: 11, rule_type: LANDLOCK_RULE_PATH_BENEATH, rule_attr: 0x7ffd324171d4, flags: 45) = -1 EINVAL (Invalid argument) 0.012 ( 0.002 ms): perf/749827 landlock_add_rule(ruleset_fd: 11, rule_type: LANDLOCK_RULE_NET_PORT, rule_attr: 0x7ffd324171e0, flags: 45) = -1 EINVAL (Invalid argument) 457.821 ( 0.007 ms): perf/749830 landlock_add_rule(ruleset_fd: 11, rule_type: LANDLOCK_RULE_PATH_BENEATH, rule_attr: 0x7ffd4acd31e4, flags: 45) = -1 EINVAL (Invalid argument) 457.832 ( 0.003 ms): perf/749830 landlock_add_rule(ruleset_fd: 11, rule_type: LANDLOCK_RULE_NET_PORT, rule_attr: 0x7ffd4acd31f0, flags: 45) = -1 EINVAL (Invalid argument) 124: perf trace enum augmentation tests : Ok root@x1:~# Suggested-by: Arnaldo Carvalho de Melo Signed-off-by: Howard Chu Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/20240619082042.4173621-6-howardchu95@gmail.com Link: https://lore.kernel.org/r/20240624181345.124764-7-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit 3656e566cf03ab0f959b2bd6f8274ee9799641e6 Author: Howard Chu Date: Tue Jun 25 02:13:42 2024 +0800 perf test: Add landlock workload We'll use it to add a regression test for the BTF augmentation of enum arguments for tracepoints in 'perf trace': root@x1:~# perf trace -e landlock_add_rule perf test -w landlock 0.000 ( 0.009 ms): perf/747160 landlock_add_rule(ruleset_fd: 11, rule_type: LANDLOCK_RULE_PATH_BENEATH, rule_attr: 0x7ffd8e258594, flags: 45) = -1 EINVAL (Invalid argument) 0.011 ( 0.002 ms): perf/747160 landlock_add_rule(ruleset_fd: 11, rule_type: LANDLOCK_RULE_NET_PORT, rule_attr: 0x7ffd8e2585a0, flags: 45) = -1 EINVAL (Invalid argument) root@x1:~# Committer notes: It was agreed on the discussion (see Link below) to shorten then name of the workload from 'landlock_add_rule' to 'landlock', and I moved it to a separate patch. Also, to address a build failure from Namhyung, I stopped loading linux/landlock.h and instead added the used defines, enums and types to make this build in older systems. All we want is to emit the syscall and intercept it. Suggested-by: Arnaldo Carvalho de Melo Signed-off-by: Howard Chu Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim Link: https://lore.kernel.org/lkml/CAH0uvohaypdTV6Z7O5QSK+va_qnhZ6BP6oSJ89s1c1E0CjgxDA@mail.gmail.com Link: https://lore.kernel.org/r/20240624181345.124764-1-howardchu95@gmail.com Link: https://lore.kernel.org/r/20240624181345.124764-6-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit b4bac279319d3082eb42f074799c7b18ba528c71 Author: Feng Tang Date: Mon Jul 29 10:12:02 2024 +0800 x86/tsc: Use topology_max_packages() to get package number Commit b50db7095fe0 ("x86/tsc: Disable clocksource watchdog for TSC on qualified platorms") was introduced to solve problem that sometimes TSC clocksource is wrongly judged as unstable by watchdog like 'jiffies', HPET, etc. In it, the hardware package number is a key factor for judging whether to disable the watchdog for TSC, and 'nr_online_nodes' was chosen due to, at that time (kernel v5.1x), it is available in early boot phase before registering 'tsc-early' clocksource, where all non-boot CPUs are not brought up yet. Dave and Rui pointed out there are many cases in which 'nr_online_nodes' is cheated and not accurate, like: * SNC (sub-numa cluster) mode enabled * numa emulation (numa=fake=8 etc.) * numa=off * platforms with CPU-less HBM nodes, CPU-less Optane memory nodes. * 'maxcpus=' cmdline setup, where chopped CPUs could be onlined later * 'nr_cpus=', 'possible_cpus=' cmdline setup, where chopped CPUs can not be onlined after boot The SNC case is the most user-visible case, as many CSP (Cloud Service Provider) enable this feature in their server fleets. When SNC3 enabled, a 2 socket machine will appear to have 6 NUMA nodes, and get impacted by the issue in reality. Thomas' recent patchset of refactoring x86 topology code improves topology_max_packages() greatly, by making it more accurate and available in early boot phase, which works well in most of the above cases. The only exceptions are 'nr_cpus=' and 'possible_cpus=' setup, which may under-estimate the package number. As during topology setup, the boot CPU iterates through all enumerated APIC IDs and either accepts or rejects the APIC ID. For accepted IDs, it figures out which bits of the ID map to the package number. It tracks which package numbers have been seen in a bitmap. topology_max_packages() just returns the number of bits set in that bitmap. 'nr_cpus=' and 'possible_cpus=' can cause more APIC IDs to be rejected and can artificially lower the number of bits in the package bitmap and thus topology_max_packages(). This means that, for example, a system with 8 physical packages might reject all the CPUs on 6 of those packages and be left with only 2 packages and 2 bits set in the package bitmap. It needs the TSC watchdog, but would disable it anyway. This isn't ideal, but it only happens for debug-oriented options. This is fixable by tracking the package numbers for rejected CPUs. But it's not worth the trouble for debugging. So use topology_max_packages() to replace nr_online_nodes(). Reported-by: Dave Hansen Signed-off-by: Feng Tang Signed-off-by: Thomas Gleixner Reviewed-by: Waiman Long Link: https://lore.kernel.org/all/20240729021202.180955-1-feng.tang@intel.com Closes: https://lore.kernel.org/lkml/a4860054-0f16-6513-f121-501048431086@intel.com/ commit 924e19c39e8f0bbd581ab8a049f95a0ed02235b1 Author: Xu Kuohai Date: Wed Jul 24 10:06:59 2024 +0800 lsm: Refactor return value of LSM hook inode_copy_up_xattr To be consistent with most LSM hooks, convert the return value of hook inode_copy_up_xattr to 0 or a negative error code. Before: - Hook inode_copy_up_xattr returns 0 when accepting xattr, 1 when discarding xattr, -EOPNOTSUPP if it does not know xattr, or any other negative error code otherwise. After: - Hook inode_copy_up_xattr returns 0 when accepting xattr, *-ECANCELED* when discarding xattr, -EOPNOTSUPP if it does not know xattr, or any other negative error code otherwise. Signed-off-by: Xu Kuohai Reviewed-by: Casey Schaufler Signed-off-by: Paul Moore commit be72a57527fde6c80061c5f9d0e28762eb817b03 Author: Xu Kuohai Date: Wed Jul 24 10:06:58 2024 +0800 lsm: Refactor return value of LSM hook vm_enough_memory To be consistent with most LSM hooks, convert the return value of hook vm_enough_memory to 0 or a negative error code. Before: - Hook vm_enough_memory returns 1 if permission is granted, 0 if not. - LSM_RET_DEFAULT(vm_enough_memory_mm) is 1. After: - Hook vm_enough_memory reutrns 0 if permission is granted, negative error code if not. - LSM_RET_DEFAULT(vm_enough_memory_mm) is 0. Signed-off-by: Xu Kuohai Reviewed-by: Casey Schaufler Signed-off-by: Paul Moore commit 958b1891846e768584a4d44aed9fabc6f9a445fb Author: David Vernet Date: Wed Jul 31 00:14:37 2024 -0500 scx/selftests: Verify we can call create_dsq from prog_run We already have some testcases verifying that we can call BPF_PROG_TYPE_SYSCALL progs and invoke scx_bpf_exit(). Let's extend that to also call scx_bpf_create_dsq() so we get coverage for that as well. Signed-off-by: David Vernet Signed-off-by: Tejun Heo commit 298dec19bdeb6e33ac220502504d969272b50cf6 Author: David Vernet Date: Wed Jul 31 00:14:36 2024 -0500 scx: Allow calling sleepable kfuncs from BPF_PROG_TYPE_SYSCALL We currently only allow calling sleepable scx kfuncs (i.e. scx_bpf_create_dsq()) from BPF_PROG_TYPE_STRUCT_OPS progs. The idea here was that we'd never have to call scx_bpf_create_dsq() outside of a sched_ext struct_ops callback, but that might not actually be true. For example, a scheduler could do something like the following: 1. Open and load (not yet attach) a scheduler skel 2. Synchronously call into a BPF_PROG_TYPE_SYSCALL prog from user space. For example, to initialize an LLC domain, or some other global, read-only state. 3. Attach the skel, which actually enables the scheduler The advantage of doing this is that it can preclude having to do pretty ugly boilerplate like initializing a read-only, statically sized array of u64[]'s which the kernel consumes literally once at init time to then create struct bpf_cpumask objects which are actually queried at runtime. Doing the above is already possible given that we can invoke core BPF kfuncs, such as bpf_cpumask_create(), from BPF_PROG_TYPE_SYSCALL progs. We already allow many scx kfuncs to be called from BPF_PROG_TYPE_SYSCALL progs (e.g. scx_bpf_kick_cpu()). Let's allow the sleepable kfuncs as well. Signed-off-by: David Vernet Signed-off-by: Tejun Heo commit 90368fa3978fee3a5df5cbee3312e3fe51f7a8c5 Author: Guenter Roeck Date: Fri Jul 26 15:29:40 2024 -0700 hwmon: (max1619) Improve chip detection code Bail out immediately if reading any of the registers used for chip detection fails, or if it returns an unexpected value. Drop all log messages from detection code. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 13047ebe63a8b4ffabbb97ec6edc8c7dcdb96cee Author: Guenter Roeck Date: Tue Jul 16 09:01:27 2024 -0700 hwmon: (max1619) Add support for update_interval attribute The chip supports reading and writing the conversion rate. Add support for the update_interval sysfs attribute. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit f0b1f1f468f5c9bde6269e73c9a3eb57cb7e3293 Author: Guenter Roeck Date: Tue Jul 16 08:24:28 2024 -0700 hwmon: (max1619) Convert to with_info API Convert driver to with_info hwmon API to simplify the code and with it its maintainability. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit f8016132ce49dc4acf5c476cebfc93c27fb493cc Author: Guenter Roeck Date: Mon Jul 15 22:26:22 2024 -0700 hwmon: (max1619) Convert to use regmap Use regmap for local caching, to hide register read/write address differences, and for multi-byte operations. With this change, the driver specific lock is no longer necessary. While at it, check errors seen when initializing the chip and bail out if chip initialization fails. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 02c3c4e7026b307a220132b59758432b6e7a0cac Author: Guenter Roeck Date: Sun Jul 28 07:09:54 2024 -0700 hwmon: (max1619) Mask valid alarm bits Bit 0, 5, and 6 in the status register are reserved and, if set, do not indicate an alarm. Bit 7 is the 'busy' bit and also does not indicate an alarm. Mask the non-alarm bits to avoid reporting them to userspace. Cc: Tzung-Bi Shih Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 216147e624638fbcd64ed1014916138733b01653 Author: Guenter Roeck Date: Mon Jul 15 20:28:58 2024 -0700 hwmon: (max1619) Reorder include files to alphabetic order Simplify maintenance by reordering include files to alphabetic order. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 88c0f840dfe36e8c2fd9ddc7d6698e485f0ca1ad Author: Guenter Roeck Date: Mon Jul 15 22:36:35 2024 -0700 hwmon: (max1619) Clamp temperature range when writing limits Module test code reports underflows when writing sensor limits. temp2_min: Suspected underflow: [min=-77000, read 101000, written -2147483648] temp2_max: Suspected underflow: [min=-77000, read 101000, written -2147483648] temp2_crit: Suspected underflow: [min=-77000, read 101000, written -2147483648] Clamp temperature ranges when writing limits to fix the problem. While at it, use sign_extend32() when reading temperatures to make the code easier to understand. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 3adc2857bb6a7c6cb669627b87e9998a3a28231d Author: Guenter Roeck Date: Sat Jul 27 12:06:04 2024 -0700 hwmon: (max6697) Document discrepancy in overtemperature status bit values In the MAX6581 datasheet Revision 0 to 3, the local channel overtemperature status is reported in bit 6 of register 0x45, and the overtemperature status for remote channel 7 is reported in bit 7. In Revision 4 and later, the local channel overtemperature status is reported in bit 7, and the remote channel 7 overtemperature status is reported in bit 6. A real chip was found to match the functionality documented in Revision 4 and later. The code was fixed with commit 1ea3fd1eb986 ("hwmon: (max6697) Fix swapped temp{1,8} critical alarms"). At that time it looked like this was an original bug. It only turned out later that the problem was the result of incorrect information in the chip datasheet. Document the discrepancy to avoid confusion caused by old versions of the datasheet. Cc: Tzung-Bi Shih Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit c1b93b5414b48054600c96e28c325ad5920a47e6 Author: Guenter Roeck Date: Mon Jul 15 07:48:24 2024 -0700 hwmon: (max1668) Convert to use with_info hwmon API Convert to use with_info API to simplify the code and to reduce its size. This patch reduces object file size by approximately 25%. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 355c529077b61aadf68910dc103dd54c30ec24d5 Author: Guenter Roeck Date: Mon Jul 15 07:25:38 2024 -0700 hwmon: (max1668) Replace chip type with number of channels The only difference between supported chips is the number of channels. Drop enum chips and list the number of channels in struct i2c_device_id directly. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 021730acbca603b6bf8575f2e5f4b62c71869656 Author: Guenter Roeck Date: Mon Jul 15 07:18:57 2024 -0700 hwmon: (max1668) Convert to use regmap Use regmap for caching to simplify the code and to hide read/write register address differences. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 696dbe45fb1739eee853b1a110b5001b898031c8 Author: Guenter Roeck Date: Mon Jul 15 07:22:44 2024 -0700 hwmon: (max1668) Use BIT macro Use bit macro to make the code easier to understand and reduce duplication. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 74b6451beb8b2cda63b19aff680d4517a0955242 Author: Guenter Roeck Date: Mon Jul 15 07:20:35 2024 -0700 hwmon: (max1668) Reorder include files to alphabetic order Reorder include files to alphabetic order to simplify driver maintenance. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 34ea1f9867219e2810210dcfe3392a75a74dc6c3 Author: Cryolitia PukNgae Date: Fri Jul 26 09:21:14 2024 +0800 hwmon: (oxp-sensors) Fix typo in driver documentation RMP -> RPM Signed-off-by: Cryolitia PukNgae Link: https://lore.kernel.org/r/20240726-typo-v1-1-3ca3f07f93e9@gmail.com Signed-off-by: Guenter Roeck commit e21d6d4c7acb77fafc71586a0c94db928219c78e Author: Nuno Sa Date: Fri Jul 26 14:07:33 2024 +0200 hwmon: (ltc2947) Move to firmware agnostic API Use the device property APIs so the driver does not depend on OF to work. While at it, properly include mod_devicetable for struct of_device_id and fix some parameter alignment in the changed places. Signed-off-by: Nuno Sa Link: https://lore.kernel.org/r/20240726-dev-hwmon-ltc6947-fw-agnostic-v1-1-f7d6cab7d438@analog.com Signed-off-by: Guenter Roeck commit 777c97ff08d02ef2d19326b8ca9ef9f82b709007 Author: Chris Packham Date: Tue Jul 23 10:17:37 2024 +1200 hwmon: (adt7475) Add support for configuring initial PWM state By default the PWM duty cycle in hardware is 100%. On some systems this can cause unwanted fan noise. Add the ability to specify the fan connections and initial state of the PWMs via device properties. Signed-off-by: Chris Packham Link: https://lore.kernel.org/r/20240722221737.3407958-4-chris.packham@alliedtelesis.co.nz [groeck: Cleaned up formatting] Signed-off-by: Guenter Roeck commit 20705629555ad3a86eb2d5bf5244e6ae261664e3 Author: Chris Packham Date: Tue Jul 23 10:17:36 2024 +1200 dt-bindings: hwmon: adt7475: Deprecate adi,pwm-active-state Now that we have fan child nodes that can specify flags for the PWM outputs we no longer need the adi,pwm-active-state property. Signed-off-by: Chris Packham Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240722221737.3407958-3-chris.packham@alliedtelesis.co.nz Signed-off-by: Guenter Roeck commit 6b1bb53579b0a46c7a2467fffcd23e54e844ff41 Author: Chris Packham Date: Tue Jul 23 10:17:35 2024 +1200 dt-bindings: hwmon: Add adt7475 fan/pwm properties Add fan child nodes that allow describing the connections for the ADT7475 to the fans it controls. This also allows setting some initial values for the pwm duty cycle and frequency. Signed-off-by: Chris Packham Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240722221737.3407958-2-chris.packham@alliedtelesis.co.nz Signed-off-by: Guenter Roeck commit 1e56afb1e648556111b51561cfa1940077a251c5 Author: Guenter Roeck Date: Sat Jul 13 14:20:34 2024 -0700 hwmon: (max6697) Add support for tempX_min and tempX_min_alarm MAX6581 supports setting the minimum temperature as well as minimum temperature alarms. Add support for it. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 678c2a4582023a093d0c20def5ead7dd93f9004a Author: Guenter Roeck Date: Sat Jul 13 07:44:20 2024 -0700 hwmon: (max6697) Convert to with_info hwmon API Convert to with_info hwmon API to simplify the code and reduce its size. This patch reduces object file size by approximately 25%. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 3a2a8cc3fe24ec48a3d222f5b9db68a3404ffab3 Author: Guenter Roeck Date: Fri Jul 12 15:45:38 2024 -0700 hwmon: (max6697) Convert to use regmap Use regmap for register caching, and use regmap API for bit operations to simplify the code. This patch reduces object file size by approximately 10%. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit c02b25dcf64b07990a75292a83486b5348f3561e Author: Guenter Roeck Date: Fri Jul 12 14:46:19 2024 -0700 hwmon: (max6697) Use bit operations where possible Use bit operations to improve code maintainability. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit f81489a136ac2c18a7b9bb22cf37c0a6f6d58545 Author: Guenter Roeck Date: Fri Jul 12 13:57:13 2024 -0700 hwmon: (max6697) Drop platform data support Platform data is not used anywhere in the upstram kernel. Drop support for it to simplify code maintenance. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 351047fc5947a9549bae237104b800a89923a04d Author: Guenter Roeck Date: Fri Jul 12 13:06:30 2024 -0700 hwmon: (max6697) Reorder include files Reorder include files to alphabetic order to improve maintainability. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 119abf7d1815f098f7f91ae7abc84324a19943d7 Author: Guenter Roeck Date: Sun Jul 21 06:41:17 2024 -0700 hwmon: (max16065) Fix alarm attributes Chips reporting overcurrent alarms report it in the second alarm register. That means the second alarm register has to be read, even if the chip only supports 8 or fewer ADC channels. MAX16067 and MAX16068 report undervoltage and overvoltage alarms in separate registers. Fold register contents together to report both with the existing alarm attribute. This requires actually storing the chip type in struct max16065_data. Rename the variable 'chip' to match the variable name used in the probe function. Reviewed-by: Tzung-Bi Shih Fixes: f5bae2642e3d ("hwmon: Driver for MAX16065 System Manager and compatibles") Signed-off-by: Guenter Roeck commit 744ec4477b11c42e2c8de9eb8364675ae7a0bd81 Author: Guenter Roeck Date: Thu Jul 18 09:52:01 2024 -0700 hwmon: (max16065) Fix overflows seen when writing limits Writing large limits resulted in overflows as reported by module tests. in0_lcrit: Suspected overflow: [max=5538, read 0, written 2147483647] in0_crit: Suspected overflow: [max=5538, read 0, written 2147483647] in0_min: Suspected overflow: [max=5538, read 0, written 2147483647] Fix the problem by clamping prior to multiplications and the use of DIV_ROUND_CLOSEST, and by using consistent variable types. Reviewed-by: Tzung-Bi Shih Fixes: f5bae2642e3d ("hwmon: Driver for MAX16065 System Manager and compatibles") Signed-off-by: Guenter Roeck commit 97adb1aacef8f3f3ec3363ac1f8b72db432f55f0 Author: Javier Carrasco Date: Sun Jul 21 17:19:02 2024 +0200 hwmon: (ltc2992) use device_for_each_child_node_scoped() to access child nodes The iterated nodes are direct children of the device node, and the `device_for_each_child_node()` macro accounts for child node availability. `fwnode_for_each_available_child_node()` is meant to access the child nodes of an fwnode, and therefore not direct child nodes of the device node. In this case, the child nodes are not required outside the loop, and the scoped version of the macro can be used to remove the repetitive `goto put` pattern. Use `device_for_each_child_node_scoped_scoped()` to indicate device's direct child nodes. Reviewed-by: Jonathan Cameron Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240721-device_for_each_child_node-available-v2-2-f33748fd8b2d@gmail.com Signed-off-by: Guenter Roeck commit b4be51302d6873c23b4813676f851b5fbfa0f0fc Author: Armin Wolf Date: Fri Jul 19 22:37:06 2024 +0200 hwmon: (dell-smm) Add Dell Latitude 7320 to fan control whitelist Add the Dell Latitude 7320 to the fan control whitelist to allow for manual fan control. Closes: https://github.com/Wer-Wolf/i8kutils/issues/8 Signed-off-by: Armin Wolf Acked-by: Pali Rohár Link: https://lore.kernel.org/r/20240719203706.19466-1-W_Armin@gmx.de Signed-off-by: Guenter Roeck commit 3ec621cd6fcac82c1d8b3a40f774cd984a7fe55b Author: Guenter Roeck Date: Wed Jul 10 17:37:54 2024 -0700 hwmon: (lm95234) Use multi-byte regmap operations Use multi-byte regmap operations to simplify the code and to reduce dependency on locking. No functional change. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 280220236bf53a6eaa3c53653b649366228c4689 Author: Guenter Roeck Date: Wed Jul 10 15:57:18 2024 -0700 hwmon: (lm95234) Add support for tempX_enable attribute LM95233/LM95234 support enabling temperature channels one by one. Add support for tempX_enable attribute to be able to use that functionality. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit f27ab9f05c8633d63e50d4c412e7425c2dbad176 Author: Guenter Roeck Date: Wed Jul 10 07:11:12 2024 -0700 hwmon: (lm95234) Convert to with_info hwmon API Convert to with_info API to simplify the code and reduce its size. This patch reduces the object file size by about 30%. No functional change. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 963f9bc976e27bf073b449497fcce404ef223f91 Author: Guenter Roeck Date: Sun Jul 7 16:43:04 2024 -0700 hwmon: (lm95234) Convert to use regmap Use regmap to replace local caching and to be able to use regmap API functions. No functional change. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit e38b05f0a2fd5b92341d366c9f4f74301cd41ac6 Author: Guenter Roeck Date: Tue Jul 9 21:23:30 2024 -0700 hwmon: (lm95234) Use find_closest to find matching update interval Use find_closest() instead of manually coding it to find best update interval. Since find_closest() uses rounding to find the best match, the resulting update interval will now reflect the update interval that is closest to the requested value, not the value that is lower or equal to the requested value. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 8abff91c6173b175bda3381bdb14981249502434 Author: Guenter Roeck Date: Sun Jul 7 07:49:51 2024 -0700 hwmon: (lm95234) Reorder include files to be in alphabetic order Alphabetic include file order simplifies maintenance and makes it easier to add or remove files. No functional change. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit c37d0f08f8897f8a280566908545d13d450ba6ef Author: Guenter Roeck Date: Tue Jul 16 12:01:21 2024 -0700 hwmon: (amc6821) Use multi-byte regmap operations Use multi-byte regmap operations where possible to reduce code size. No functional changes. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 21a93a9e314f911d5022e988ab0b82a2f65a3507 Author: Guenter Roeck Date: Tue Jul 16 12:14:12 2024 -0700 hwmon: (max6639) Use multi-byte regmap operations Use multi-byte regmap operations where possible to reduce code size and the need for mutex protection. No functional changes. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit ad231314b6f8e83799b64dd59e6fea98e3b8d36f Author: Guenter Roeck Date: Tue Jul 9 14:07:19 2024 -0700 hwmon: (tmp464) Use multi-byte regmap operations Use multi-byte regmap operations where possible to reduce code size and the need for mutex protection. No functional changes. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 4ce612b16e9e1d93cabde798750c0fcfd2477586 Author: Guenter Roeck Date: Tue Jul 9 14:06:17 2024 -0700 hwmon: (adt7x10) Use multi-byte regmap operations Use multi-byte regmap operations where possible to reduce code size and the need for mutex protection. No functional changes. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 7b4882d9b80cc9723ab097510732a7cc28f56c69 Author: Guenter Roeck Date: Tue Jul 9 14:03:06 2024 -0700 hwmon: (nct7802) Use multi-byte regmap operations Use multi-byte regmap operations where possible to reduce code size and the need for mutex protection. No functional changes. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit 717c04cf43d2d005db098bb794bf3d558cad98cf Author: Guenter Roeck Date: Tue Jul 9 07:21:19 2024 -0700 hwmon: (lm95245) Use multi-byte regmap operations Use multi-byte regmap operations where possible to reduce code size and the need for mutex protection. No functional change. Reviewed-by: Tzung-Bi Shih Signed-off-by: Guenter Roeck commit a0a16d960f64f88d72f5b7a1155e9828d498b64f Author: Guenter Roeck Date: Tue Jul 9 13:53:37 2024 -0700 hwmon: (tmp401) Use multi-byte regmap operations Use multi-byte regmap operations where possible to reduce code size and the need for mutex protection. No functional change. Signed-off-by: Guenter Roeck commit 381cfd63050ba601326f89519dff3114f894f590 Author: Guenter Roeck Date: Tue Jul 9 07:16:43 2024 -0700 hwmon: (adt7470) Use multi-byte regmap operations Use multi-byte regmap operations where possible to reduce code size and the need for mutex protection. No functional change. Signed-off-by: Guenter Roeck commit 0b631ed3ce922b34dad4938215f84e5321f7e524 Author: Shreeya Patel Date: Tue Jul 16 00:56:34 2024 +0530 kselftest: cpufreq: Add RTC wakeup alarm Add RTC wakeup alarm for devices to resume after specific time interval. This improvement in the test will help in enabling this test in the CI systems and will eliminate the need of manual intervention for resuming back the devices after suspend/hibernation. Signed-off-by: Shreeya Patel Acked-by: Viresh Kumar Signed-off-by: Shuah Khan commit 37ee7d1995701c1819e1cc984bdd111fe23c7f5f Author: Chang Yu Date: Tue Jul 23 21:21:28 2024 -0700 selftests/exec: Fix grammar in an error message. Replace "not ... nor" in the error message with "neither ... nor". Signed-off-by: Chang Yu Signed-off-by: Shuah Khan commit 45eb1bf4d726caff8f1dce7ac8f950012d5f64b1 Author: Muhammad Usama Anjum Date: Wed Jul 10 13:15:34 2024 +0500 selftests: tpm2: redirect python unittest logs to stdout The python unittest module writes all its output to stderr, even when the run is clean. Redirect its output logs to stdout. Cc: Jarkko Sakkinen Signed-off-by: Muhammad Usama Anjum Signed-off-by: Shuah Khan commit b7ea631b9a79a85eee335fc5fab84108005d4f60 Merge: 92cc2456e9775d 84cdbff4a93501 Author: Martin KaFai Lau Date: Wed Jul 31 10:00:20 2024 -0700 Merge branch 'selftests/bpf: convert test_dev_cgroup to test_progs' Alexis Lothoré (eBPF Foundation) says: ==================== Hello, this small series aims to integrate test_dev_cgroup in test_progs so it could be run automatically in CI. The new version brings a few differences with the current one: - test now uses directly syscalls instead of wrapping commandline tools into system() calls - test_progs manipulates /dev/null (eg: redirecting test logs into it), so disabling access to it in the bpf program confuses the tests. To fix this, the first commit modifies the bpf program to allow access to char devices 1:3 (/dev/null), and disable access to char devices 1:5 (/dev/zero) - once test is converted, add a small subtest to also check for device type interpretation (char or block) - paths used in mknod tests are now in /dev instead of /tmp: due to the CI runner organisation and mountpoints manipulations, trying to create nodes in /tmp leads to errors unrelated to the test (ie, mknod calls refused by kernel, not the bpf program). I don't understand exactly the root cause at the deepest point (all I see in CI is an -ENXIO error on mknod when trying to create the node in tmp, and I can not make sense out of it neither replicate it locally), so I would gladly take inputs from anyone more educated than me about this. The new test_progs part has been tested in a local qemu environment as well as in upstream CI: ./test_progs -a cgroup_dev 47/1 cgroup_dev/allow-mknod:OK 47/2 cgroup_dev/allow-read:OK 47/3 cgroup_dev/allow-write:OK 47/4 cgroup_dev/deny-mknod:OK 47/5 cgroup_dev/deny-read:OK 47/6 cgroup_dev/deny-write:OK 47/7 cgroup_dev/deny-mknod-wrong-type:OK 47 cgroup_dev:OK Summary: 1/7 PASSED, 0 SKIPPED, 0 FAILED --- Changes in v4: - Fix mixup between ret and errno by testing both - Properly apply ack tag from Stanislas - Link to v3: https://lore.kernel.org/r/20240730-convert_dev_cgroup-v3-0-93e573b74357@bootlin.com Changes in v3: - delete mknod file only if it has been created - use bpf_program__attach_cgroup() instead of bpf_prog_attach - reorganize subtests order - collect review/ack tags from Alan and Stanislas - Link to v2: https://lore.kernel.org/r/20240729-convert_dev_cgroup-v2-0-4c1fc0520545@bootlin.com Changes in v2: - directly pass expected ret code to subtests instead of boolean pass/not pass - fix faulty fd check in subtest expected to fail on open - fix wrong subtest name - pass test buffer and corresponding size to read/write subtests - use correct series prefix - Link to v1: https://lore.kernel.org/r/20240725-convert_dev_cgroup-v1-0-2c8cbd487c44@bootlin.com ==================== Signed-off-by: Martin KaFai Lau commit 84cdbff4a93501b7199f0d2f1150961ee95c8582 Author: Alexis Lothoré (eBPF Foundation) Date: Wed Jul 31 08:37:27 2024 +0200 selftests/bpf: add wrong type test to cgroup dev Current cgroup_dev test mostly tests that device operation is accepted or refused base on passed major/minor (and so, any operation performed during test involves only char device) Add a small subtest ensuring that the device type passed to bpf program allows it to take decisions as well. Reviewed-by: Alan Maguire Acked-by: Stanislav Fomichev Signed-off-by: Alexis Lothoré (eBPF Foundation) Link: https://lore.kernel.org/r/20240731-convert_dev_cgroup-v4-3-849425d90de6@bootlin.com Signed-off-by: Martin KaFai Lau commit d83d8230e415ecf727f6b88c0ae55193f149d650 Author: Alexis Lothoré (eBPF Foundation) Date: Wed Jul 31 08:37:26 2024 +0200 selftests/bpf: convert test_dev_cgroup to test_progs test_dev_cgroup is defined as a standalone test program, and so is not executed in CI. Convert it to test_progs framework so it is tested automatically in CI, and remove the old test. In order to be able to run it in test_progs, /dev/null must remain usable, so change the new test to test operations on devices 1:3 as valid, and operations on devices 1:5 (/dev/zero) as invalid. Reviewed-by: Alan Maguire Acked-by: Stanislav Fomichev Signed-off-by: Alexis Lothoré (eBPF Foundation) Link: https://lore.kernel.org/r/20240731-convert_dev_cgroup-v4-2-849425d90de6@bootlin.com Signed-off-by: Martin KaFai Lau commit ba6a9018502eecb94e67001deeb48406fa71f916 Author: Alexis Lothoré (eBPF Foundation) Date: Wed Jul 31 08:37:25 2024 +0200 selftests/bpf: do not disable /dev/null device access in cgroup dev test test_dev_cgroup currently loads a small bpf program allowing any access on urandom and zero devices, disabling access to any other device. It makes migrating this test to test_progs impossible, since this one manipulates extensively /dev/null. Allow /dev/null manipulation in dev_cgroup program to make its usage in test_progs framework possible. Update test_dev_cgroup.c as well to match this change while it has not been removed. Reviewed-by: Alan Maguire Acked-by: Stanislav Fomichev Signed-off-by: Alexis Lothoré (eBPF Foundation) Link: https://lore.kernel.org/r/20240731-convert_dev_cgroup-v4-1-849425d90de6@bootlin.com Signed-off-by: Martin KaFai Lau commit ab03125268679e058e1e7b6612f6d12610761769 Author: Waiman Long Date: Mon Jul 15 11:00:34 2024 -0400 cgroup: Show # of subsystem CSSes in cgroup.stat Cgroup subsystem state (CSS) is an abstraction in the cgroup layer to help manage different structures in various cgroup subsystems by being an embedded element inside a larger structure like cpuset or mem_cgroup. The /proc/cgroups file shows the number of cgroups for each of the subsystems. With cgroup v1, the number of CSSes is the same as the number of cgroups. That is not the case anymore with cgroup v2. The /proc/cgroups file cannot show the actual number of CSSes for the subsystems that are bound to cgroup v2. So if a v2 cgroup subsystem is leaking cgroups (usually memory cgroup), we can't tell by looking at /proc/cgroups which cgroup subsystems may be responsible. As cgroup v2 had deprecated the use of /proc/cgroups, the hierarchical cgroup.stat file is now being extended to show the number of live and dying CSSes associated with all the non-inhibited cgroup subsystems that have been bound to cgroup v2. The number includes CSSes in the current cgroup as well as in all the descendants underneath it. This will help us pinpoint which subsystems are responsible for the increasing number of dying (nr_dying_descendants) cgroups. The CSSes dying counts are stored in the cgroup structure itself instead of inside the CSS as suggested by Johannes. This will allow us to accurately track dying counts of cgroup subsystems that have recently been disabled in a cgroup. It is now possible that a zero subsystem number is coupled with a non-zero dying subsystem number. The cgroup-v2.rst file is updated to discuss this new behavior. With this patch applied, a sample output from root cgroup.stat file was shown below. nr_descendants 56 nr_subsys_cpuset 1 nr_subsys_cpu 43 nr_subsys_io 43 nr_subsys_memory 56 nr_subsys_perf_event 57 nr_subsys_hugetlb 1 nr_subsys_pids 56 nr_subsys_rdma 1 nr_subsys_misc 1 nr_dying_descendants 30 nr_dying_subsys_cpuset 0 nr_dying_subsys_cpu 0 nr_dying_subsys_io 0 nr_dying_subsys_memory 30 nr_dying_subsys_perf_event 0 nr_dying_subsys_hugetlb 0 nr_dying_subsys_pids 0 nr_dying_subsys_rdma 0 nr_dying_subsys_misc 0 Another sample output from system.slice/cgroup.stat was: nr_descendants 34 nr_subsys_cpuset 0 nr_subsys_cpu 32 nr_subsys_io 32 nr_subsys_memory 34 nr_subsys_perf_event 35 nr_subsys_hugetlb 0 nr_subsys_pids 34 nr_subsys_rdma 0 nr_subsys_misc 0 nr_dying_descendants 30 nr_dying_subsys_cpuset 0 nr_dying_subsys_cpu 0 nr_dying_subsys_io 0 nr_dying_subsys_memory 30 nr_dying_subsys_perf_event 0 nr_dying_subsys_hugetlb 0 nr_dying_subsys_pids 0 nr_dying_subsys_rdma 0 nr_dying_subsys_misc 0 Note that 'debug' controller wasn't used to provide this information because the controller is not recommended in productions kernels, also many of them won't enable CONFIG_CGROUP_DEBUG by default. Similar information could be retrieved with debuggers like drgn but that's also not always available (e.g. lockdown) and the additional cost of runtime tracking here is deemed marginal. tj: Added Michal's paragraphs on why this is not added the debug controller to the commit message. Signed-off-by: Waiman Long Acked-by: Johannes Weiner Acked-by: Roman Gushchin Reviewed-by: Kamalesh Babulal Cc: Michal Koutný Link: http://lkml.kernel.org/r/20240715150034.2583772-1-longman@redhat.com Signed-off-by: Tejun Heo commit 4e92d504475ea5841716ad775f412342520a3d26 Author: Manivannan Sadhasivam Date: Wed Jul 31 20:55:48 2024 +0530 phy: qcom: qmp: Add debug prints for register writes These register prints are useful to validate the init sequence against the Qcom internal documentation and also to share with the Qcom hw engineers to debug issues related to PHY. Sample debug prints: qcom-qmp-pcie-phy 1c0e000.phy: Writing Reg: QSERDES_V5_COM_SYSCLK_EN_SEL Offset: 0x0094 Val: 0xd9 qcom-qmp-pcie-phy 1c0e000.phy: Writing Reg: QSERDES_V5_COM_HSCLK_SEL Offset: 0x0158 Val: 0x11 Signed-off-by: Manivannan Sadhasivam Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240731152548.102987-1-manivannan.sadhasivam@linaro.org Signed-off-by: Vinod Koul commit 9aed3b51fd6186582a95abd9fa67782982540749 Author: Paul E. McKenney Date: Tue Jul 2 18:49:35 2024 -0700 rcu: Better define "atomic" for list replacement The kernel-doc headers for list_replace_rcu() and hlist_replace_rcu() claim that the replacement is atomic, which it is, but only for readers. Avoid confusion by making it clear that the atomic nature of these functions applies only to readers, not to concurrent updaters. Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 5c7b393452b55ee0cdbced0d3bc798f6875b5c24 Author: Imre Deak Date: Mon Jul 22 19:55:03 2024 +0300 drm/i915/dp_mst: Enable LT fallback between UHBR/non-UHBR link rates Enable switching between UHBR and non-UHBR link rates on MST links when reducing the link parameters after an LT failure. Reviewed-by: Suraj Kandpal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240722165503.2084999-15-imre.deak@intel.com commit e44bc451aa4b08845c238028daafb4eaffb573a3 Author: Imre Deak Date: Mon Jul 22 19:55:02 2024 +0300 drm/i915/dp_mst: Ensure link parameters are up-to-date for a disabled link As explained in the previous patch, the MST link BW reported by branch devices during topology probing/path resources enumeration depends on the link parameters programmed to DPCD to be up-to-date. After a sink is plugged this is not ensured, as those DPCD values start out zeroed. The target link parameters (for a subsequent modeset) are the maximum that is supported, so make sure these maximum values are programmed before the topology probing. Reviewed-by: Suraj Kandpal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240722165503.2084999-14-imre.deak@intel.com commit e40fbf616610e33aba9597f278925b4ae8cc806c Author: Imre Deak Date: Mon Jul 22 19:55:01 2024 +0300 drm/i915/dp_mst: Reprobe the MST topology after a link parameter change The MST link BW reported by branch devices via the ENUM_PATH_RESOURCES message depends on the channel coding and link rate/lane count parameters programmed to DPCD. This is the case at least for some branch devices, while for others the reported BW is independent of the link parameters. In any case the DP standard requires the branch device to adjust the returned value to both account for the different way the BW for FEC is accounted for (included in the returned value for non-UHBR and not included for UHBR rates) and to limit the returned value to the (trained) link BW between the source and first downstream branch device, see DP v2.0/v2.1 Figure 2-94, DP v2.1 5.9.7. Presumedly this is also the reason why the standard requires the DPCD link rate/lane count values being up-to-date before sending the ENUM_PATH_RESOURCES message, see DP v2.1 2.14.9.4. Based on the above reprobe the MST topology after the link is retrained with new link parameters to make sure that the MST link BW tracked in the MST topology state (via each topology port's full_pbn value) is up-to-date. The next patch will make sure that the MST link BW is also kept up-to-date if the link is disabled. Reviewed-by: Suraj Kandpal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240722165503.2084999-13-imre.deak@intel.com commit 9d1f218ddce20329a01c46d7a1ea4d88fdb0fe86 Author: Imre Deak Date: Mon Jul 22 19:55:00 2024 +0300 drm/i915/dp_mst: Queue modeset-retry after a failed payload BW allocation If the MST payload allocation failed, enabling the output also failed most probably, so send a uevent accordinly requesting the user to retry the modeset. While at it remove the driver specific debug message, there is already one printed by drm_dp_add_payload_part1(). Reviewed-by: Suraj Kandpal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240722165503.2084999-12-imre.deak@intel.com commit 8f1fe39ded725483a67c15014a1863179c783b38 Author: Imre Deak Date: Mon Jul 22 19:54:59 2024 +0300 drm/i915/dp_mst: Configure MST after the link parameters are reset The MST topology probing depends on the maximum link parameters - programmed to DPCD if required by a follow-up patch - so make sure these parameters are up-to-date before configuring and probing the MST topology. Reviewed-by: Suraj Kandpal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240722165503.2084999-11-imre.deak@intel.com commit aa705f7ec6e2423af87c20b30f0e26eafdfd4513 Author: Imre Deak Date: Mon Jul 29 17:44:58 2024 +0300 drm/i915/dp_mst: Reduce the link parameters in BW order after LT failures On MST links - at least for some MST branch devices - the list of modes returned to users on an enabled link depends on the current link rate/lane count parameters (besides the DPRX link capabilities, any MST branch BW limit and the maximum link parameters reduced after LT failures). In particular the MST branch BW limit may depend on the link rate/lane count parameters programmed to DPCD. After an LT failure and limiting the maximum link parameters accordingly, users should see a mode list reflecting these new limits. However with the current fallback order this isn't ensured, as the new limit could allow for modes requiring a higher link BW, but these modes will be filtered out due to the enabled link's lower link BW. Ensure that the mode list changes in a consistent way after a link training failure and reducing the link parameters by changing the fallback order on MST links to happen in BW order. v2: - s/INTEL_DP_MAX_SUPPORTED_LANE_COUNTS/INTEL_DP_MAX_SUPPORTED_LANE_CONFIGS and s/num_common_lane_counts/num_common_lane_configs to make the difference wrt. max lane counts clearer. (Suraj) - Add a TODO comment to make the SST fallback logic work the same way as MST. (Arun) - Use sort_r()'s default swap function instead of a custom one. Cc: Suraj Kandpal Cc: Arun R Murthy Reviewed-by: Suraj Kandpal Reviewed-by: Arun R Murthy Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240729144458.2763667-1-imre.deak@intel.com commit 96c468c366dacc0e41e08ac53e20a5025f6ba967 Author: Imre Deak Date: Mon Jul 22 19:54:57 2024 +0300 drm/i915/dp: Add helpers to set link training mode, BW parameters Add helpers to set the link mode and BW parameters. These are required by a follow-up patch setting the parameters for a disabled link. Reviewed-by: Suraj Kandpal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240722165503.2084999-9-imre.deak@intel.com commit 634e1804242b0d5d64031199236fb3f337b5af3d Author: Imre Deak Date: Mon Jul 22 19:54:56 2024 +0300 drm/i915/dp: Add a separate function to reduce the link parameters A follow-up patch will add an alternative way to reduce the link parameters in BW order on MST links, prepare for that here. Reviewed-by: Suraj Kandpal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240722165503.2084999-8-imre.deak@intel.com commit a4530e20faddcc4ef4e5939f186a8560c71a5e94 Author: Imre Deak Date: Mon Jul 22 19:54:55 2024 +0300 drm/i915/dp: Send only a single modeset-retry uevent for a commit There are multiple failure cases a modeset-retry uevent can be sent for a link (TBT tunnel BW allocation failure, unrecoverable link training failure), a follow-up patch adding the handling for a new case where the DP MST payload allocation fails. The uevent is the same in all cases, sent to all the connectors on the link, so in case of multiple failures there is no point in sending a separate uevent for each failure; prevent this, sending only a single modeset-retry uevent for a commit. Reviewed-by: Arun R Murthy Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240722165503.2084999-7-imre.deak@intel.com commit a3f91f405aa7c54d0856c1b8698e4ff05ae7d439 Author: Imre Deak Date: Mon Jul 22 19:54:54 2024 +0300 drm/i915/dp: Initialize the link parameters during HW readout Initialize the DP link parameters during HW readout. These need to be up-to-date at least for the MST topology probing, which depends on the link rate and lane count programmed in DPCD. A follow-up patch will program the DPCD values to reflect the maximum link parameters before the first MST topology probing, but should do so only if the link is disabled (link_trained==false). Reviewed-by: Suraj Kandpal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240722165503.2084999-6-imre.deak@intel.com commit a64d5fe490cd92d74b1cf46da63164cefcc61a58 Author: Imre Deak Date: Mon Jul 22 19:54:53 2024 +0300 drm/i915/ddi: For an active output call the DP encoder sync_state() only for DP If the DDI encoder output is enabled in HDMI mode there is no point in calling intel_dp_sync_state(), as in that case the DPCD initialization will fail - as expected - with AUX timeouts. Prevent calling the hook in this case. Reviewed-by: Suraj Kandpal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240722165503.2084999-5-imre.deak@intel.com commit 0cf09702a118b1c09b694862061913108565edd0 Author: Imre Deak Date: Mon Jul 22 19:54:52 2024 +0300 drm/dp_mst: Simplify the condition when to enumerate path resources In the if (old_ddps != port->ddps || !created) if (port->ddps && !port->input) ret = drm_dp_send_enum_path_resources(); sequence the first if's condition is true if the port exists already (!created) or the port was created anew (hence old_ddps==0) and it was in the plugged state (port->ddps==1). The second if's condition is true for output ports in the plugged state. So the function is called for an output port in the plugged state, regardless if it already existed or not and regardless of the old plugged state. In all other cases port->full_pbn can be zeroed as the port is either an input for which full_pbn is never set, or an output in the unplugged state for which full_pbn was already zeroed previously or the port was just created (with port->full_pbn==0). Simplify the condition, making it clear that the path resources are always enumerated for an output port in the plugged state. Cc: Lyude Paul Cc: dri-devel@lists.freedesktop.org Reviewed-by: Lyude Paul Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240722165503.2084999-4-imre.deak@intel.com commit dbaeef363ea54f4c18112874b77503c72ba60fec Author: Imre Deak Date: Mon Jul 22 19:54:51 2024 +0300 drm/dp_mst: Add a helper to queue a topology probe A follow up i915 patch will need to reprobe the MST topology after the initial probing, add a helper for this. Cc: Lyude Paul Cc: dri-devel@lists.freedesktop.org Reviewed-by: Lyude Paul Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240722165503.2084999-3-imre.deak@intel.com commit e9b36c5be2e7fdef2cc933c1dac50bd81881e9b8 Author: Imre Deak Date: Mon Jul 22 19:54:50 2024 +0300 drm/dp_mst: Factor out function to queue a topology probe work Factor out a function to queue a work for probing the topology, also used by the next patch. Cc: Lyude Paul Cc: dri-devel@lists.freedesktop.org Reviewed-by: Lyude Paul Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240722165503.2084999-2-imre.deak@intel.com commit 9d4a984a53be22a52bdc505b474f819a699193d8 Author: Debbie Martin Date: Tue Jul 30 11:37:58 2024 +0100 arm64: dts: fvp: Set stdout-path to serial0 in the chosen node Add stdout-path to the fast models(FVP and Foundation) devicetrees to specify the primary console. This means that distributions can boot without the need for platform-specific command line parameters i.e. they can use earlycon with no parameters and no console argument is needed at all. Signed-off-by: Debbie Martin Reviewed-by: Andre Przywara Message-Id: <20240730103758.907950-1-Debbie.Martin@arm.com> Signed-off-by: Sudeep Holla commit 79b918aa997acd5066c7962502b1daaae76b6911 Author: Sam Protsenko Date: Tue Jul 23 11:33:11 2024 -0500 clk: samsung: exynos850: Add TMU clock Add TMU PCLK clock in CMU_PERI unit. It acts simultaneously as an interface clock (to access TMU registers) and an operating clock which makes TMU IP-core functional. Signed-off-by: Sam Protsenko Link: https://lore.kernel.org/r/20240723163311.28654-2-semen.protsenko@linaro.org Signed-off-by: Krzysztof Kozlowski commit 01ce1bf22adc0d09d906319787091ce784cb9914 Author: Sam Protsenko Date: Tue Jul 23 11:33:10 2024 -0500 dt-bindings: clock: exynos850: Add TMU clock Add a constant for TMU PCLK clock. It acts simultaneously as an interface clock (to access TMU registers) and an operating clock which makes TMU IP-core functional. Signed-off-by: Sam Protsenko Link: https://lore.kernel.org/r/20240723163311.28654-1-semen.protsenko@linaro.org Signed-off-by: Krzysztof Kozlowski commit 4225d5d5e779b859a6661130a3444eb4c5db77e5 Author: Hsiao Chien Sung Date: Wed Jul 17 13:24:45 2024 +0800 drm/mediatek: Support alpha blending in display driver Support "Pre-multiplied" and "None" blend mode on MediaTek's chips by adding correct blend mode property when the planes init. Before this patch, only the "Coverage" mode (default) is supported. For more information, there are three pixel blend modes in DRM driver: "None", "Pre-multiplied", and "Coverage". To understand the difference between these modes, let's take a look at the following two approaches to do alpha blending: 1. Straight: dst.RGB = src.RGB * src.A + dst.RGB * (1 - src.A) This is straightforward and easy to understand, when the source layer is compositing with the destination layer, it's alpha will affect the result. This is also known as "post-multiplied", or "Coverage" mode. 2. Pre-multiplied: dst.RGB = src.RGB + dst.RGB * (1 - src.A) Since the source RGB have already multiplied its alpha, only destination RGB need to multiply it. This is the "Pre-multiplied" mode in DRM. For the "None" blend mode in DRM, it means the pixel alpha is ignored when compositing the layers, only the constant alpha for the composited layer will take effects. Reviewed-by: CK Hu Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Hsiao Chien Sung Link: https://patchwork.kernel.org/project/dri-devel/patch/20240717-alpha-blending-v4-5-4b1c806c0749@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit 59e9d9de25f046b48ae7c2756e1a3f32166d6635 Author: Hsiao Chien Sung Date: Wed Jul 17 13:24:44 2024 +0800 drm/mediatek: Support "Pre-multiplied" blending in Mixer Support "Pre-multiplied" alpha blending mode in Mixer. Before this patch, only the coverage mode is supported. To replace the default setting that is set in mtk_ethdr_config(), we change mtk_ddp_write_mask() to mtk_ddp_write(), and this change will also reset the NON_PREMULTI_SOURCE bit that was assigned in mtk_ethdr_config(). Therefore, we must still set NON_PREMULTI_SOURCE bit if the blend mode is not DRM_MODE_BLEND_PREMULTI. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Hsiao Chien Sung Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20240717-alpha-blending-v4-4-4b1c806c0749@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit a3f7f7ef4bfefbbb03cc5e6fa73cd07bdb329bed Author: Hsiao Chien Sung Date: Wed Jul 17 13:24:43 2024 +0800 drm/mediatek: Support "Pre-multiplied" blending in OVL Support "Pre-multiplied" alpha blending mode on in OVL. Before this patch, only the "coverage" mode is supported. As whether OVL_CON_CLRFMT_MAN bit is enabled, (3 << 12) means different formats in the datasheet. To prevent misunderstandings going forward, instead of reusing OVL_CON_CLRFMT_RGBA8888, we intetionally defined OVL_CON_CLRFMT_PARGB8888 with bit operation again. Reviewed-by: CK Hu Signed-off-by: Hsiao Chien Sung Reviewed-by: AngeloGioacchino Del Regno Link: https://patchwork.kernel.org/project/dri-devel/patch/20240717-alpha-blending-v4-3-4b1c806c0749@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit eb17c5909481d5950282ca8460e7b7420a4c36a4 Author: Hsiao Chien Sung Date: Wed Jul 17 13:24:42 2024 +0800 drm/mediatek: Support "None" blending in Mixer Support "None" alpha blending mode on MediaTek's chips. Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Hsiao Chien Sung Reviewed-by: CK Hu Link: https://patchwork.kernel.org/project/dri-devel/patch/20240717-alpha-blending-v4-2-4b1c806c0749@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit 1f66fe62cc092d2f6a2f895ec3be86d2c326947c Author: Hsiao Chien Sung Date: Wed Jul 17 13:24:41 2024 +0800 drm/mediatek: Support "None" blending in OVL Support "None" alpha blending mode on MediaTek's chips. Reviewed-by: CK Hu Signed-off-by: Hsiao Chien Sung Reviewed-by: AngeloGioacchino Del Regno Link: https://patchwork.kernel.org/project/dri-devel/patch/20240717-alpha-blending-v4-1-4b1c806c0749@mediatek.com/ Signed-off-by: Chun-Kuang Hu commit 95586588868a04ea2bbfa144cf473bea9bb86110 Author: Howard Chu Date: Tue Jun 25 02:13:41 2024 +0800 perf trace: Filter enum arguments with enum names Before: perf $ ./perf trace -e timer:hrtimer_start --filter='mode!=HRTIMER_MODE_ABS_PINNED_HARD' --max-events=1 No resolver (strtoul) for "mode" in "timer:hrtimer_start", can't set filter "(mode!=HRTIMER_MODE_ABS_PINNED_HARD) && (common_pid != 281988)" After: perf $ ./perf trace -e timer:hrtimer_start --filter='mode!=HRTIMER_MODE_ABS_PINNED_HARD' --max-events=1 0.000 :0/0 timer:hrtimer_start(hrtimer: 0xffff9498a6ca5f18, function: 0xffffffffa77a5be0, expires: 12351248764875, softexpires: 12351248764875, mode: HRTIMER_MODE_ABS) && and ||: perf $ ./perf trace -e timer:hrtimer_start --filter='mode != HRTIMER_MODE_ABS_PINNED_HARD && mode != HRTIMER_MODE_ABS' --max-events=1 0.000 Hyprland/534 timer:hrtimer_start(hrtimer: 0xffff9497801a84d0, function: 0xffffffffc04cdbe0, expires: 12639434638458, softexpires: 12639433638458, mode: HRTIMER_MODE_REL) perf $ ./perf trace -e timer:hrtimer_start --filter='mode == HRTIMER_MODE_REL || mode == HRTIMER_MODE_PINNED' --max-events=1 0.000 ldlck-test/60639 timer:hrtimer_start(hrtimer: 0xffffb16404ee7bf8, function: 0xffffffffa7790420, expires: 12772614418016, softexpires: 12772614368016, mode: HRTIMER_MODE_REL) Switching it up, using both enum name and integer value(--filter='mode == HRTIMER_MODE_ABS_PINNED_HARD || mode == 0'): perf $ ./perf trace -e timer:hrtimer_start --filter='mode == HRTIMER_MODE_ABS_PINNED_HARD || mode == 0' --max-events=3 0.000 :0/0 timer:hrtimer_start(hrtimer: 0xffff9498a6ca5f18, function: 0xffffffffa77a5be0, expires: 12601748739825, softexpires: 12601748739825, mode: HRTIMER_MODE_ABS_PINNED_HARD) 0.036 :0/0 timer:hrtimer_start(hrtimer: 0xffff9498a6ca5f18, function: 0xffffffffa77a5be0, expires: 12518758748124, softexpires: 12518758748124, mode: HRTIMER_MODE_ABS_PINNED_HARD) 0.172 tmux: server/41881 timer:hrtimer_start(hrtimer: 0xffffb164081e7838, function: 0xffffffffa7790420, expires: 12518768255836, softexpires: 12518768205836, mode: HRTIMER_MODE_ABS) P.S. perf $ pahole hrtimer_mode enum hrtimer_mode { HRTIMER_MODE_ABS = 0, HRTIMER_MODE_REL = 1, HRTIMER_MODE_PINNED = 2, HRTIMER_MODE_SOFT = 4, HRTIMER_MODE_HARD = 8, HRTIMER_MODE_ABS_PINNED = 2, HRTIMER_MODE_REL_PINNED = 3, HRTIMER_MODE_ABS_SOFT = 4, HRTIMER_MODE_REL_SOFT = 5, HRTIMER_MODE_ABS_PINNED_SOFT = 6, HRTIMER_MODE_REL_PINNED_SOFT = 7, HRTIMER_MODE_ABS_HARD = 8, HRTIMER_MODE_REL_HARD = 9, HRTIMER_MODE_ABS_PINNED_HARD = 10, HRTIMER_MODE_REL_PINNED_HARD = 11, }; Committer testing: root@x1:~# perf trace -e timer:hrtimer_start --filter='mode != HRTIMER_MODE_ABS' --max-events=2 0.000 :0/0 timer:hrtimer_start(hrtimer: 0xffff8d4eff2a5050, function: 0xffffffff9e22ddd0, expires: 241502326000000, softexpires: 241502326000000, mode: HRTIMER_MODE_ABS_PINNED_HARD) 18446744073709.488 :0/0 timer:hrtimer_start(hrtimer: 0xffff8d4eff425050, function: 0xffffffff9e22ddd0, expires: 241501814000000, softexpires: 241501814000000, mode: HRTIMER_MODE_ABS_PINNED_HARD) root@x1:~# perf trace -e timer:hrtimer_start --filter='mode != HRTIMER_MODE_ABS && mode != HRTIMER_MODE_ABS_PINNED_HARD' --max-events=2 0.000 podman/510644 timer:hrtimer_start(hrtimer: 0xffffa2024f5f7dd0, function: 0xffffffff9e2170c0, expires: 241530497418194, softexpires: 241530497368194, mode: HRTIMER_MODE_REL) 40.251 gnome-shell/2484 timer:hrtimer_start(hrtimer: 0xffff8d48bda17650, function: 0xffffffffc0661550, expires: 241550528619247, softexpires: 241550527619247, mode: HRTIMER_MODE_REL) root@x1:~# perf trace -v -e timer:hrtimer_start --filter='mode != HRTIMER_MODE_ABS && mode != HRTIMER_MODE_ABS_PINNED_HARD && mode != HRTIMER_MODE_REL' --max-events=2 Using CPUID GenuineIntel-6-BA-3 vmlinux BTF loaded 0 0xa 0x1 New filter for timer:hrtimer_start: (mode != 0 && mode != 0xa && mode != 0x1) && (common_pid != 524049 && common_pid != 4041) mmap size 528384B ^Croot@x1:~# Suggested-by: Arnaldo Carvalho de Melo Signed-off-by: Howard Chu Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/lkml/ZnCcliuecJABD5FN@x1 Link: https://lore.kernel.org/r/20240624181345.124764-5-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit 607bbdb49ccb646be707a0f2ac1d78f5a7c3de7c Author: Howard Chu Date: Tue Jun 25 02:13:40 2024 +0800 perf trace: Augment non-syscall tracepoints with enum arguments with BTF Before: perf $ ./perf trace -e timer:hrtimer_start --max-events=1 0.000 :0/0 timer:hrtimer_start(hrtimer: 0xffff974466c25f18, function: 0xffffffff89da5be0, expires: 377432432256753, softexpires: 377432432256753, mode: 10) After: perf $ ./perf trace -e timer:hrtimer_start --max-events=1 0.000 :0/0 timer:hrtimer_start(hrtimer: 0xffff9498a6ca5f18, function: 0xffffffffa77a5be0, expires: 4382442895089, softexpires: 4382442895089, mode: HRTIMER_MODE_ABS_PINNED_HARD) in which HRTIMER_MODE_ABS_PINNED_HARD is: perf $ pahole hrtimer_mode enum hrtimer_mode { HRTIMER_MODE_ABS = 0, HRTIMER_MODE_REL = 1, HRTIMER_MODE_PINNED = 2, HRTIMER_MODE_SOFT = 4, HRTIMER_MODE_HARD = 8, HRTIMER_MODE_ABS_PINNED = 2, HRTIMER_MODE_REL_PINNED = 3, HRTIMER_MODE_ABS_SOFT = 4, HRTIMER_MODE_REL_SOFT = 5, HRTIMER_MODE_ABS_PINNED_SOFT = 6, HRTIMER_MODE_REL_PINNED_SOFT = 7, HRTIMER_MODE_ABS_HARD = 8, HRTIMER_MODE_REL_HARD = 9, HRTIMER_MODE_ABS_PINNED_HARD = 10, HRTIMER_MODE_REL_PINNED_HARD = 11, }; Can also be tested by ./perf trace -e pagemap:mm_lru_insertion,timer:hrtimer_start,timer:hrtimer_init,skb:kfree_skb --max-events=10 (Chose these 4 events because they happen quite frequently.) However some enum arguments may not be contained in vmlinux BTF. To see what enum arguments are supported, use: vmlinux_dir $ bpftool btf dump file /sys/kernel/btf/vmlinux > vmlinux vmlinux_dir $ while read l; do grep "ENUM '$l'" vmlinux; done < <(grep field:enum /sys/kernel/tracing/events/*/*/format | awk '{print $3}' | sort | uniq) | awk '{print $3}' | sed "s/'\(.*\)'/\1/g" dev_pm_qos_req_type error_detector hrtimer_mode i2c_slave_event ieee80211_bss_type lru_list migrate_mode nl80211_auth_type nl80211_band nl80211_iftype numa_vmaskip_reason pm_qos_req_action pwm_polarity skb_drop_reason thermal_trip_type xen_lazy_mode xen_mc_extend_args xen_mc_flush_reason zone_type And what tracepoints have these enum types as their arguments: vmlinux_dir $ while read l; do grep "ENUM '$l'" vmlinux; done < <(grep field:enum /sys/kernel/tracing/events/*/*/format | awk '{print $3}' | sort | uniq) | awk '{print $3}' | sed "s/'\(.*\)'/\1/g" > good_enums vmlinux_dir $ cat good_enums dev_pm_qos_req_type error_detector hrtimer_mode i2c_slave_event ieee80211_bss_type lru_list migrate_mode nl80211_auth_type nl80211_band nl80211_iftype numa_vmaskip_reason pm_qos_req_action pwm_polarity skb_drop_reason thermal_trip_type xen_lazy_mode xen_mc_extend_args xen_mc_flush_reason zone_type vmlinux_dir $ grep -f good_enums -l /sys/kernel/tracing/events/*/*/format /sys/kernel/tracing/events/cfg80211/cfg80211_chandef_dfs_required/format /sys/kernel/tracing/events/cfg80211/cfg80211_ch_switch_notify/format /sys/kernel/tracing/events/cfg80211/cfg80211_ch_switch_started_notify/format /sys/kernel/tracing/events/cfg80211/cfg80211_get_bss/format /sys/kernel/tracing/events/cfg80211/cfg80211_ibss_joined/format /sys/kernel/tracing/events/cfg80211/cfg80211_inform_bss_frame/format /sys/kernel/tracing/events/cfg80211/cfg80211_radar_event/format /sys/kernel/tracing/events/cfg80211/cfg80211_ready_on_channel_expired/format /sys/kernel/tracing/events/cfg80211/cfg80211_ready_on_channel/format /sys/kernel/tracing/events/cfg80211/cfg80211_reg_can_beacon/format /sys/kernel/tracing/events/cfg80211/cfg80211_return_bss/format /sys/kernel/tracing/events/cfg80211/cfg80211_tx_mgmt_expired/format /sys/kernel/tracing/events/cfg80211/rdev_add_virtual_intf/format /sys/kernel/tracing/events/cfg80211/rdev_auth/format /sys/kernel/tracing/events/cfg80211/rdev_change_virtual_intf/format /sys/kernel/tracing/events/cfg80211/rdev_channel_switch/format /sys/kernel/tracing/events/cfg80211/rdev_connect/format /sys/kernel/tracing/events/cfg80211/rdev_inform_bss/format /sys/kernel/tracing/events/cfg80211/rdev_libertas_set_mesh_channel/format /sys/kernel/tracing/events/cfg80211/rdev_mgmt_tx/format /sys/kernel/tracing/events/cfg80211/rdev_remain_on_channel/format /sys/kernel/tracing/events/cfg80211/rdev_return_chandef/format /sys/kernel/tracing/events/cfg80211/rdev_return_int_survey_info/format /sys/kernel/tracing/events/cfg80211/rdev_set_ap_chanwidth/format /sys/kernel/tracing/events/cfg80211/rdev_set_monitor_channel/format /sys/kernel/tracing/events/cfg80211/rdev_set_radar_background/format /sys/kernel/tracing/events/cfg80211/rdev_start_ap/format /sys/kernel/tracing/events/cfg80211/rdev_start_radar_detection/format /sys/kernel/tracing/events/cfg80211/rdev_tdls_channel_switch/format /sys/kernel/tracing/events/compaction/mm_compaction_defer_compaction/format /sys/kernel/tracing/events/compaction/mm_compaction_deferred/format /sys/kernel/tracing/events/compaction/mm_compaction_defer_reset/format /sys/kernel/tracing/events/compaction/mm_compaction_finished/format /sys/kernel/tracing/events/compaction/mm_compaction_kcompactd_wake/format /sys/kernel/tracing/events/compaction/mm_compaction_suitable/format /sys/kernel/tracing/events/compaction/mm_compaction_wakeup_kcompactd/format /sys/kernel/tracing/events/error_report/error_report_end/format /sys/kernel/tracing/events/i2c_slave/i2c_slave/format /sys/kernel/tracing/events/migrate/mm_migrate_pages/format /sys/kernel/tracing/events/migrate/mm_migrate_pages_start/format /sys/kernel/tracing/events/pagemap/mm_lru_insertion/format /sys/kernel/tracing/events/power/dev_pm_qos_add_request/format /sys/kernel/tracing/events/power/dev_pm_qos_remove_request/format /sys/kernel/tracing/events/power/dev_pm_qos_update_request/format /sys/kernel/tracing/events/power/pm_qos_update_flags/format /sys/kernel/tracing/events/power/pm_qos_update_target/format /sys/kernel/tracing/events/pwm/pwm_apply/format /sys/kernel/tracing/events/pwm/pwm_get/format /sys/kernel/tracing/events/sched/sched_skip_vma_numa/format /sys/kernel/tracing/events/skb/kfree_skb/format /sys/kernel/tracing/events/thermal/thermal_zone_trip/format /sys/kernel/tracing/events/timer/hrtimer_init/format /sys/kernel/tracing/events/timer/hrtimer_start/format /sys/kernel/tracing/events/xen/xen_mc_batch/format /sys/kernel/tracing/events/xen/xen_mc_extend_args/format /sys/kernel/tracing/events/xen/xen_mc_flush_reason/format /sys/kernel/tracing/events/xen/xen_mc_issue/format Committer testing: root@x1:~# perf trace -e timer:hrtimer_start --max-events=2 0.000 :0/0 timer:hrtimer_start(hrtimer: 0xffff8d4eff225050, function: 0xffffffff9e22ddd0, expires: 241152380000000, softexpires: 241152380000000, mode: HRTIMER_MODE_ABS) 0.028 :0/0 timer:hrtimer_start(hrtimer: 0xffff8d4eff225050, function: 0xffffffff9e22ddd0, expires: 241153654000000, softexpires: 241153654000000, mode: HRTIMER_MODE_ABS_PINNED_HARD) root@x1:~# Suggested-by: Arnaldo Carvalho de Melo Reviewed-by: Arnaldo Carvalho de Melo Signed-off-by: Howard Chu Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/lkml/20240615032743.112750-1-howardchu95@gmail.com Link: https://lore.kernel.org/r/20240624181345.124764-4-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit 45a0c928e7aa42caf2380b134bcd326b40a9df84 Author: Howard Chu Date: Tue Jun 25 02:13:39 2024 +0800 perf trace: BTF-based enum pretty printing for syscall args In this patch, BTF is used to turn enum value to the corresponding name. There is only one system call that uses enum value as its argument, that is `landlock_add_rule()`. The vmlinux btf is loaded lazily, when user decided to trace the `landlock_add_rule` syscall. But if one decide to run `perf trace` without any arguments, the behaviour is to trace `landlock_add_rule`, so vmlinux btf will be loaded by default. The laziest behaviour is to load vmlinux btf when a `landlock_add_rule` syscall hits. But I think you could lose some samples when loading vmlinux btf at run time, for it can delay the handling of other samples. I might need your precious opinions on this... before: ``` perf $ ./perf trace -e landlock_add_rule 0.000 ( 0.008 ms): ldlck-test/438194 landlock_add_rule(rule_type: 2) = -1 EBADFD (File descriptor in bad state) 0.010 ( 0.001 ms): ldlck-test/438194 landlock_add_rule(rule_type: 1) = -1 EBADFD (File descriptor in bad state) ``` after: ``` perf $ ./perf trace -e landlock_add_rule 0.000 ( 0.029 ms): ldlck-test/438194 landlock_add_rule(rule_type: LANDLOCK_RULE_NET_PORT) = -1 EBADFD (File descriptor in bad state) 0.036 ( 0.004 ms): ldlck-test/438194 landlock_add_rule(rule_type: LANDLOCK_RULE_PATH_BENEATH) = -1 EBADFD (File descriptor in bad state) ``` Committer notes: Made it build with NO_LIBBPF=1, simplified btf_enum_fprintf(), see [1] for the discussion. Signed-off-by: Howard Chu Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Günther Noack Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Kan Liang Cc: Mark Rutland Cc: Mickaël Salaün Cc: Namhyung Kim Cc: Peter Zijlstra Link: https://lore.kernel.org/lkml/20240613022757.3589783-1-howardchu95@gmail.com Link: https://lore.kernel.org/lkml/ZnXAhFflUl_LV1QY@x1 # [1] Link: https://lore.kernel.org/r/20240624181345.124764-3-howardchu95@gmail.com Signed-off-by: Arnaldo Carvalho de Melo commit bfa54a793ba77ef696755b66f3ac4ed00c7d1248 Author: Zijun Hu Date: Sat Jul 27 16:34:01 2024 +0800 driver core: bus: Fix double free in driver API bus_register() For bus_register(), any error which happens after kset_register() will cause that @priv are freed twice, fixed by setting @priv with NULL after the first free. Signed-off-by: Zijun Hu Link: https://lore.kernel.org/r/20240727-bus_register_fix-v1-1-fed8dd0dba7a@quicinc.com Signed-off-by: Greg Kroah-Hartman commit 2bdf3b83515ead3b3fdf93610e4a3bb9a89bc852 Author: Zijun Hu Date: Sat Jul 27 14:08:34 2024 +0800 driver core: bus: Add simple error handling for buses_init() Add simple error handling for buses_init() since it is easy to do. Signed-off-by: Zijun Hu Link: https://lore.kernel.org/r/20240727-buses_init-v1-1-e863295a2c0e@quicinc.com Signed-off-by: Greg Kroah-Hartman commit 0314647dec70bf0e856303dc70d00e9f1ba568ba Author: Zijun Hu Date: Thu Jul 25 23:40:55 2024 +0800 driver core: Remove unused parameter for virtual_device_parent() Function struct kobject *virtual_device_parent(struct device *dev) does not use its parameter @dev, and the kobject returned also has nothing deal with specific device, so remove the unused parameter. Signed-off-by: Zijun Hu Link: https://lore.kernel.org/r/20240725-virtual_kobj_fix-v1-1-36335cae4544@quicinc.com Signed-off-by: Greg Kroah-Hartman commit c0fd973c108cdc22a384854bc4b3e288a9717bb2 Author: Zijun Hu Date: Wed Jul 24 21:54:48 2024 +0800 driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute Return -EIO instead of 0 for below erroneous bus attribute operations: - read a bus attribute without show(). - write a bus attribute without store(). Signed-off-by: Zijun Hu Link: https://lore.kernel.org/r/20240724-bus_fix-v2-1-5adbafc698fb@quicinc.com Signed-off-by: Greg Kroah-Hartman commit 6d8249ac29bc23260dfa9747eb398ce76012d73c Author: Zijun Hu Date: Mon Jul 22 22:48:10 2024 +0800 driver core: Fix error handling in driver API device_rename() For class-device, device_rename() failure maybe cause unexpected link name within its class folder as explained below: /sys/class/.../old_name -> /sys/devices/.../old_name device_rename(..., new_name) and failed /sys/class/.../new_name -> /sys/devices/.../old_name Fixed by undoing renaming link if renaming kobject failed. Fixes: f349cf34731c ("driver core: Implement ns directory support for device classes.") Signed-off-by: Zijun Hu Link: https://lore.kernel.org/r/20240722-device_rename_fix-v2-1-77de1a6c6495@quicinc.com Signed-off-by: Greg Kroah-Hartman commit 4ea5e9deda3f4cbd471d29e6e99106e51be19c86 Author: Zijun Hu Date: Fri Jul 12 19:52:31 2024 +0800 driver core: Fix size calculation of symlink name for devlink_(add|remove)_symlinks() devlink_(add|remove)_symlinks() kzalloc() memory to save symlink name for both supplier and consumer, but do not explicitly take into account consumer's prefix "consumer:", so cause disadvantages listed below: 1) it seems wrong for the algorithm to calculate memory size 2) readers maybe need to count characters one by one of both prefix strings to confirm calculated memory size 3) it is relatively easy to introduce new bug if either prefix string is modified in future solved by taking into account consumer's prefix as well. Signed-off-by: Zijun Hu Link: https://lore.kernel.org/r/20240712-devlink_fix-v3-1-fa1c5172ffc7@quicinc.com Signed-off-by: Greg Kroah-Hartman commit 990c304930138dcd7a49763417e6e5313b81293e Author: Patrick Rohr Date: Mon Jul 29 15:00:59 2024 -0700 Add support for PIO p flag draft-ietf-6man-pio-pflag is adding a new flag to the Prefix Information Option to signal that the network can allocate a unique IPv6 prefix per client via DHCPv6-PD (see draft-ietf-v6ops-dhcp-pd-per-device). When ra_honor_pio_pflag is enabled, the presence of a P-flag causes SLAAC autoconfiguration to be disabled for that particular PIO. An automated test has been added in Android (r.android.com/3195335) to go along with this change. Cc: Maciej Żenczykowski Cc: Lorenzo Colitti Cc: David Lamparter Cc: Simon Horman Signed-off-by: Patrick Rohr Reviewed-by: Maciej Żenczykowski Signed-off-by: David S. Miller commit 5c4efc60551c0e2a51371ccb0709180a1537f7f8 Author: Rob Herring (Arm) Date: Mon Jul 29 16:36:44 2024 -0600 cxl: Use of_property_ accessor functions The CXL driver has its own custom implementations of typed DT property accessors. Replace the custom property accessor functions with the common DT property functions. This clean-up is part of a larger effort to remove of_get_property() and other DT functions which leak pointers to DT node and property data. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240729-dt-cxl-cleanup-v1-2-a75eea80d231@kernel.org Signed-off-by: Greg Kroah-Hartman commit 35fc26541f79071c14f314951c0c7604852c8839 Author: Rob Herring (Arm) Date: Mon Jul 29 16:36:43 2024 -0600 cxl: Drop printing of DT properties There's little reason to dump DT property values when they can be read at any time from the DT in /proc/device-tree. If such a feature is needed, then it really should be implemented in the DT core such that any module/driver can use it. Signed-off-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240729-dt-cxl-cleanup-v1-1-a75eea80d231@kernel.org Signed-off-by: Greg Kroah-Hartman commit 83a1b574ce33372decdcd8a6a395d975931f8a31 Author: Dr. David Alan Gilbert Date: Fri May 31 00:34:36 2024 +0100 cdx: remove unused struct 'cdx_mcdi_copy_buffer' 'cdx_mcdi_copy_buffer' has been unused since the original commit eb96b740192b ("cdx: add MCDI protocol interface for firmware interaction"). Looking at lkml, it was used in the V1 posting but was removed somewhere before V6. Remove it. Signed-off-by: Dr. David Alan Gilbert Acked-by: Nipun Gupta Link: https://lore.kernel.org/r/20240530233436.224461-1-linux@treblig.org Signed-off-by: Greg Kroah-Hartman commit 1b48fbbc03775bea3264d50cabd9370b1987047b Author: Vincenzo Mezzela Date: Fri Jul 19 17:13:35 2024 +0200 drivers: cacheinfo: use __free attribute instead of of_node_put() Introduce the __free attribute for scope-based resource management. Resources allocated with __free are automatically released at the end of the scope. This enhancement aims to mitigate memory management issues associated with forgetting to release resources by utilizing __free instead of of_node_put(). To introduce this feature, some modifications to the code structure were necessary. The original pattern: ``` prev = np; while(...) { [...] np = of_find_next_cache_node(np); of_node_put(prev); prev = np; [...] } ``` has been updated to: ``` while(...) { [...] struct device_node __free(device_node) *prev = np; np = of_find_next_cache_node(np) [...] } ``` With this change, the previous node is automatically cleaned up at the end of each iteration, allowing the elimination of all of_node_put() calls and some goto statements. Suggested-by: Julia Lawall Signed-off-by: Vincenzo Mezzela Link: https://lore.kernel.org/r/20240719151335.869145-1-vincenzo.mezzela@gmail.com Signed-off-by: Greg Kroah-Hartman commit 30b968b002a92870325a5c9d1ce78eba0ce386e7 Author: Yu-Ting Tseng Date: Tue Jul 9 00:00:49 2024 -0700 binder: frozen notification binder_features flag Add a flag to binder_features to indicate that the freeze notification feature is available. Signed-off-by: Yu-Ting Tseng Acked-by: Carlos Llamas Link: https://lore.kernel.org/r/20240709070047.4055369-6-yutingtseng@google.com Signed-off-by: Greg Kroah-Hartman commit d579b04a52a183db47dfcb7a44304d7747d551e1 Author: Yu-Ting Tseng Date: Tue Jul 9 00:00:47 2024 -0700 binder: frozen notification Frozen processes present a significant challenge in binder transactions. When a process is frozen, it cannot, by design, accept and/or respond to binder transactions. As a result, the sender needs to adjust its behavior, such as postponing transactions until the peer process unfreezes. However, there is currently no way to subscribe to these state change events, making it impossible to implement frozen-aware behaviors efficiently. Introduce a binder API for subscribing to frozen state change events. This allows programs to react to changes in peer process state, mitigating issues related to binder transactions sent to frozen processes. Implementation details: For a given binder_ref, the state of frozen notification can be one of the followings: 1. Userspace doesn't want a notification. binder_ref->freeze is null. 2. Userspace wants a notification but none is in flight. list_empty(&binder_ref->freeze->work.entry) = true 3. A notification is in flight and waiting to be read by userspace. binder_ref_freeze.sent is false. 4. A notification was read by userspace and kernel is waiting for an ack. binder_ref_freeze.sent is true. When a notification is in flight, new state change events are coalesced into the existing binder_ref_freeze struct. If userspace hasn't picked up the notification yet, the driver simply rewrites the state. Otherwise, the notification is flagged as requiring a resend, which will be performed once userspace acks the original notification that's inflight. See https://r.android.com/3070045 for how userspace is going to use this feature. Signed-off-by: Yu-Ting Tseng Acked-by: Carlos Llamas Link: https://lore.kernel.org/r/20240709070047.4055369-4-yutingtseng@google.com Signed-off-by: Greg Kroah-Hartman commit d5742b5d4d7b99531e352ea814506641f9fc8981 Author: Yue Haibing Date: Wed Jul 31 10:29:49 2024 +0800 ASoC: fsl: lpc3xxx-i2s: Remove set but not used variable 'savedbitclkrate' The variable savedbitclkrate is assigned and never used, so can be removed. sound/soc/fsl/lpc3xxx-i2s.c:42:13: warning: variable ‘savedbitclkrate’ set but not used [-Wunused-but-set-variable] Fixes: 0959de657a10 ("ASoC: fsl: Add i2s and pcm drivers for LPC32xx CPUs") Signed-off-by: Yue Haibing Link: https://patch.msgid.link/20240731022949.135016-1-yuehaibing@huawei.com Signed-off-by: Mark Brown commit 0880f669436028c5499901e5acd8f4b4ea0e0c6a Author: Biju Das Date: Wed Jul 31 08:29:53 2024 +0100 spi: rpc-if: Add missing MODULE_DEVICE_TABLE Add missing MODULE_DEVICE_TABLE definition for automatic loading of the driver when it is built as a module. Fixes: eb8d6d464a27 ("spi: add Renesas RPC-IF driver") Signed-off-by: Biju Das Reviewed-by: Geert Uytterhoeven Link: https://patch.msgid.link/20240731072955.224125-1-biju.das.jz@bp.renesas.com Signed-off-by: Mark Brown commit f75999c525a1d7d6c4425a6a225cabae40ab1721 Author: Christophe JAILLET Date: Thu Jul 11 21:34:54 2024 +0200 phy: cadence: Sierra: Constify a u32[] 'cdns_sierra_pll_mux_table' is not modified in this driver. And it is only used as a "const u32 *". Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 60937 3894 16 64847 fd4f drivers/phy/cadence/phy-cadence-sierra.o After: ===== text data bss dec hex filename 60897 3878 16 64791 fd17 drivers/phy/cadence/phy-cadence-sierra.o Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/43d881d52e3c1632ad197d4c2c18b6c481a13b24.1720723132.git.christophe.jaillet@wanadoo.fr Signed-off-by: Vinod Koul commit da41bac5c89720f9fb8289a03e30ec0b3cb1cc9c Author: Christophe JAILLET Date: Thu Jul 11 21:34:53 2024 +0200 phy: cadence: Sierra: Constify struct cdns_sierra_vals 'struct cdns_sierra_vals' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 60521 4310 16 64847 fd4f drivers/phy/cadence/phy-cadence-sierra.o After: ===== text data bss dec hex filename 60937 3894 16 64847 fd4f drivers/phy/cadence/phy-cadence-sierra.o Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/0ccfd259fdf40475c89cfb22a64c6388e7c646b4.1720723132.git.christophe.jaillet@wanadoo.fr Signed-off-by: Vinod Koul commit 29f33f0b442c092d7180b511d8bef871f3be9fed Author: Christophe JAILLET Date: Thu Jul 11 21:34:52 2024 +0200 phy: cadence: Sierra: Constify struct cdns_reg_pairs 'struct cdns_reg_pairs' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 60489 4342 16 64847 fd4f drivers/phy/cadence/phy-cadence-sierra.o After: ===== text data bss dec hex filename 60521 4310 16 64847 fd4f drivers/phy/cadence/phy-cadence-sierra.o Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/c57ee8206ebba8c222d7d954335654384072b9ac.1720723132.git.christophe.jaillet@wanadoo.fr Signed-off-by: Vinod Koul commit ceb6e0435075ad8b44c78a12dbdc3ec1fb4ec301 Author: Christophe JAILLET Date: Thu Jul 11 19:31:09 2024 +0200 phy: cadence-torrent: Constify a u32[] 'cdns_torrent_refclk_driver_mux_table' is not modified in this driver. And it is only used as a "const u32 *". Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 93578 4798 16 98392 18058 drivers/phy/cadence/phy-cadence-torrent.o After: ===== text data bss dec hex filename 93606 4790 16 98412 1806c drivers/phy/cadence/phy-cadence-torrent.o Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/34e23ceb6b7b7eb730ee8deee21d231b504dc65f.1720718240.git.christophe.jaillet@wanadoo.fr Signed-off-by: Vinod Koul commit 86946f25cb23b71d3ebdc3dd5bbb8ec5155c03ce Author: Christophe JAILLET Date: Thu Jul 11 19:31:08 2024 +0200 phy: cadence-torrent: Constify struct cdns_torrent_vals 'struct cdns_torrent_vals' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 92234 6078 16 98328 18018 drivers/phy/cadence/phy-cadence-torrent.o After: ===== text data bss dec hex filename 93578 4798 16 98392 18058 drivers/phy/cadence/phy-cadence-torrent.o Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/d9d135ee9b806726766a1bc5e1404267939aa637.1720718240.git.christophe.jaillet@wanadoo.fr Signed-off-by: Vinod Koul commit 1d7eb113f1f0d368afbadf56ffef91d615b1cf41 Author: Christophe JAILLET Date: Thu Jul 11 19:31:07 2024 +0200 phy: cadence-torrent: Constify struct cdns_torrent_vals_entry 'struct cdns_torrent_vals_entry' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 85130 13214 16 98360 18038 drivers/phy/cadence/phy-cadence-torrent.o After: ===== text data bss dec hex filename 92234 6078 16 98328 18018 drivers/phy/cadence/phy-cadence-torrent.o Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/dcc4e539999a840b3fd8f40fd8fd7523390232ac.1720718240.git.christophe.jaillet@wanadoo.fr Signed-off-by: Vinod Koul commit ad3654812f2cf937679128f18a146d25db9d3a0e Author: Christophe JAILLET Date: Thu Jul 11 19:31:06 2024 +0200 phy: cadence-torrent: Constify struct cdns_reg_pairs 'struct cdns_reg_pairs' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 78154 20222 16 98392 18058 drivers/phy/cadence/phy-cadence-torrent.o After: ===== text data bss dec hex filename 85130 13214 16 98360 18038 drivers/phy/cadence/phy-cadence-torrent.o Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/803684a6f0c24d7e091dc8d285dd49c6fd31a010.1720718240.git.christophe.jaillet@wanadoo.fr Signed-off-by: Vinod Koul commit b52a38ab1e157e43a2f5f1d846c4f52ef2105763 Author: Rayyan Ansari Date: Thu Jul 11 13:20:14 2024 +0100 dt-bindings: phy: drop obsolete qcom,usb-8x16-phy bindings Remove the bindings for the Qualcomm 8x16 PHY driver that was dropped in commit 4756f35fdf14 ("usb: phy: remove phy-qcom-8x16-usb.c") in 2017. Signed-off-by: Rayyan Ansari Reviewed-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240711122016.41806-1-rayyan.ansari@linaro.org Signed-off-by: Vinod Koul commit dd1051f9329880a0749954e601a5ece9a07f8685 Author: Rob Herring (Arm) Date: Thu Jul 11 09:23:13 2024 -0600 dt-bindings: phy: hisilicon,hi3798cv200-combphy: Convert to DT schema Convert the hisilicon,hi3798cv200-combphy binding to DT schema format. Drop the example as arm/hisilicon/controller/hi3798cv200-perictrl.yaml already contains an example of this binding. Acked-by: Shawn Guo Signed-off-by: Rob Herring (Arm) Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240711152313.2364383-1-robh@kernel.org Signed-off-by: Vinod Koul commit a755947e050b8751fc5402609a7d600e9c756fa7 Author: Mitul Golani Date: Mon Jul 15 21:55:13 2024 +0530 drm/dp: Describe target_rr_divider in struct drm_dp_as_sdp Describe newly added parameter target_rr_divider in struct drm_dp_as_sdp. -v2: Remove extra line from commit message.(Lucas) -v3: Rebase. Fixes: a20c6d954d75 ("drm/dp: Add refresh rate divider to struct representing AS SDP") Cc: Mitul Golani Cc: Arun R Murthy Cc: Suraj Kandpal Cc: Ankit Nautiyal Cc: Jani Nikula Cc: Stephen Rothwell Signed-off-by: Mitul Golani Reviewed-by: Ankit Nautiyal Acked-by: Maarten Lankhorst Signed-off-by: Maarten Lankhorst Link: https://patchwork.freedesktop.org/patch/msgid/20240715162514.2836421-1-mitulkumar.ajitkumar.golani@intel.com commit 7e6c2ffe6c2284a10f77079670e3b26b43df4443 Author: André Draszik Date: Wed Jul 10 07:45:07 2024 +0100 phy: exynos5-usbdrd: convert some FIELD_PREP_CONST() to FIELD_PREP() Use of FIELD_PREP_CONST() was a thinko - it's meant to be used for (constant) initialisers, not constant values. Use FIELD_PREP() where possible. It has better error checking and is therefore the preferred macro to use in those cases. Signed-off-by: André Draszik Reviewed-by: Sam Protsenko Link: https://lore.kernel.org/r/20240710-phy-field-prep-v1-1-2fa3f7dc4fc7@linaro.org Signed-off-by: Vinod Koul commit 104831a17518796fb29e803fe07eb87ce9df884d Author: Thorsten Blum Date: Wed Jul 10 23:52:39 2024 +0200 hpet: Optimize local variable data type in hpet_alloc() The local variable period uses at most 32 bits and can be a u32 instead of unsigned long. The upper 32 bits are all 0 after masking and right shifting cap by HPET_COUNTER_CLK_PERIOD_SHIFT and can be discarded. Since do_div() casts the divisor to u32 anyway, changing the data type of period to u32 also removes the following Coccinelle/coccicheck warning reported by do_div.cocci: WARNING: do_div() does a 64-by-32 division, please consider using div64_ul instead Signed-off-by: Thorsten Blum Acked-by: Arnd Bergmann Link: https://lore.kernel.org/r/20240710215238.799239-2-thorsten.blum@toblux.com Signed-off-by: Greg Kroah-Hartman commit 4d41a49c4660eca5214d8b6f85cc8569c7d77599 Author: Ian Abbott Date: Wed Jul 10 18:37:19 2024 +0100 comedi: ni_*: do not declare unused variable range_ni_E_ao_ext Mirsad Todorovac reported a compiler warning in "ni_stc.h" due to the variable `range_ni_E_ao_ext` being defined but unused when building the "ni_routes_test" module. The `range_ni_E_ao_ext` variable is tentatively defined in "ni_stc.h" (with internal linkage) and fully defined in "ni_mio_common.c". "ni_stc.h" and/or "ni_mio_common.c" are included by the "ni_atmio", "ni_pcimio", "ni_mio_cs", and "ni_routes_test" modules, which will each get their own local `range_ni_E_ao_ext` variable defined. However, it is not used by the "ni_mio_cs" or "ni_routes_test" modules. They should get optimized out, but there are compiler warnings about the unused variable when built with the `W=1` option. Move the full definition of the variable from "ni_mio_common.c" into the places where it is used, namely "ni_atmio.c" and "ni_pcimio.c", and remove the tentative definition of the variable from "ni_stc.h". This fixes the compiler warnings. Reported-by: Mirsad Todorovac Link: https://lore.kernel.org/lkml/3bab8580-c01a-4183-94af-ba3193c94c0e@gmail.com/ Cc: Mirsad Todorovac Signed-off-by: Ian Abbott Link: https://lore.kernel.org/r/20240710173719.3559437-1-abbotti@mev.co.uk Signed-off-by: Greg Kroah-Hartman commit 4bf8b462f84dd81c5938341a5468c3b669dbb1af Author: Rayyan Ansari Date: Mon Jul 15 14:01:06 2024 +0100 dt-bindings: phy: qcom,sata-phy: convert to dtschema Convert the bindings for the SATA PHY on both apq8064 and ipq806x from the old text format to yaml. Signed-off-by: Rayyan Ansari Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240715130854.53501-2-rayyan.ansari@linaro.org Signed-off-by: Vinod Koul commit 59f726578c9bc0f50011b9e1f50f8bd15ed354a6 Merge: b735154aeb3366 0908503ade5f5f Author: David S. Miller Date: Wed Jul 31 11:48:59 2024 +0100 Merge branch 'smc-cleanups' into main Zhengchao Shao says: ==================== net/smc: do some cleanups in smc module Do some cleanups in smc module. ==================== Signed-off-by: David S. Miller commit 0908503ade5f5fecbdb16c5ce16b2b5ee6107e8d Author: Zhengchao Shao Date: Tue Jul 30 09:25:06 2024 +0800 net/smc: remove unused input parameters in smcr_new_buf_create The input parameter "is_rmb" of the smcr_new_buf_create function has never been used, remove it. Signed-off-by: Zhengchao Shao Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit d37307eaac13f3c5fe912787b5f9facbc574f2cf Author: Zhengchao Shao Date: Tue Jul 30 09:25:05 2024 +0800 net/smc: remove redundant code in smc_connect_check_aclc When the SMC client perform CLC handshake, it will check whether the clc header type is correct in receiving SMC_CLC_ACCEPT packet. The specific invoking path is as follows: __smc_connect smc_connect_clc smc_clc_wait_msg smc_clc_msg_hdr_valid smc_clc_msg_acc_conf_valid Therefore, the smc_connect_check_aclc interface invoked by __smc_connect does not need to check type again. Signed-off-by: Zhengchao Shao Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit 5a79575711264b98b435e08107c9e5bf129df210 Author: Zhengchao Shao Date: Tue Jul 30 09:25:04 2024 +0800 net/smc: remove the fallback in __smc_connect When the SMC client begins to connect to server, smcd_version is set to SMC_V1 + SMC_V2. If fail to get VLAN ID, only SMC_V2 information is left in smcd_version. And smcd_version will not be changed to 0. Therefore, remove the fallback caused by the failure to get VLAN ID. Signed-off-by: Zhengchao Shao Reviewed-by: Simon Horman Signed-off-by: David S. Miller commit 1018825a9539a67aa381ff033a49355eb03bd84d Author: Zhengchao Shao Date: Tue Jul 30 09:25:03 2024 +0800 net/smc: remove unreferenced header in smc_loopback.h file Because linux/err.h is unreferenced in smc_loopback.h file, so remove it. Signed-off-by: Zhengchao Shao Reviewed-by: Simon Horman Reviewed-by: D. Wythe Signed-off-by: David S. Miller commit 2108aa2a01d850f850ed6ccea4e447100df9ee82 Author: Oliver Rhodes Date: Thu Jul 25 11:05:33 2024 +0100 dt-bindings: serial: renesas: Document RZ/G2M v3.0 (r8a774a3) scif Document scif bindings for the Renesas RZ/G2M v3.0 (a.k.a r8a774a3) SoC. Signed-off-by: Oliver Rhodes Reviewed-by: Geert Uytterhoeven Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240725100534.5374-6-oliver.rhodes.aj@renesas.com Signed-off-by: Greg Kroah-Hartman commit d9e5a0ce2f16e57ccf2b91a213a5b434dcc1d88b Author: Sunil V L Date: Tue Jul 30 10:42:18 2024 +0530 serial: 8250_platform: Enable generic 16550A platform devices Currently, 8250_platform driver is used only for devices with fixed serial ports (plat_serial8250_port). Extend this driver for any generic 16550A platform devices which can be probed using standard hardware discovery mechanisms like ACPI. This is required in particular for RISC-V which has non-PNP generic 16550A compatible UART that needs to be enumerated as ACPI platform device. Suggested-by: Andy Shevchenko Signed-off-by: Sunil V L Link: https://lore.kernel.org/r/20240730051218.767580-1-sunilvl@ventanamicro.com Signed-off-by: Greg Kroah-Hartman commit 755ed2f3030450ee6f5c8d3a4c35345c16376771 Author: Varshini Rajendran Date: Mon Jul 29 12:36:36 2024 +0530 dt-bindings: serial: atmel,at91-usart: add compatible for sam9x7. Add sam9x7 compatible to DT bindings documentation. Signed-off-by: Varshini Rajendran Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240729070636.1990368-1-varshini.rajendran@microchip.com Signed-off-by: Greg Kroah-Hartman commit 0e1d8780526f4bc683699348d0c765ca78ae37bb Author: Stefan Wahren Date: Sun Jul 28 15:00:28 2024 +0200 serial: 8250_bcm2835aux: add PM suspend/resume support This adds suspend/resume support for the 8250_bcm2835aux driver to provide power management support on attached devices. Signed-off-by: Stefan Wahren Link: https://lore.kernel.org/r/20240728130029.78279-7-wahrenst@gmx.net Signed-off-by: Greg Kroah-Hartman commit 254a6b0ba0494961aad96ef7cbeeffb3e432a778 Author: Rafał Miłecki Date: Sat Jul 27 14:14:47 2024 +0200 arm64: dts: mediatek: mt7981: add UART controllers MT7981 has three on-SoC UART controllers. Signed-off-by: Rafał Miłecki Reviewed-by: AngeloGioacchino Del Regno Link: https://lore.kernel.org/r/20240727121447.1016-2-zajec5@gmail.com Signed-off-by: Greg Kroah-Hartman commit 6683da78c5435e225f0277eb5ab68e12389ae942 Author: Rafał Miłecki Date: Sat Jul 27 14:14:46 2024 +0200 dt-bindings: serial: mediatek,uart: add MT7981 Add compatible string for serial on MT7981 SoC. Signed-off-by: Rafał Miłecki Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240727121447.1016-1-zajec5@gmail.com Signed-off-by: Greg Kroah-Hartman commit 7b09299c8764f612a46ef34b1e8022b0473ad766 Author: André Draszik Date: Thu Jul 25 08:05:59 2024 +0100 dt-bindings: serial: samsung: fix maxItems for gs101 While gs101 needs exactly two clocks for the UART, the schema doesn't currently limit the maximum number to this and instead the default of five from this schema is applied. Update the schema accordingly. Reviewed-by: Rob Herring (Arm) Signed-off-by: André Draszik Link: https://lore.kernel.org/r/20240725-gs101-uart-binding-v5-2-e237be8253a9@linaro.org Signed-off-by: Greg Kroah-Hartman commit 9da89fe1b9ffb00dd961a809240f47452402ed2b Author: André Draszik Date: Thu Jul 25 08:05:58 2024 +0100 dt-bindings: serial: samsung: avoid duplicating permitted clock-names This binding currently duplicates the permitted clock-names in various places, and when adding more compatibles, clock-names will have to be duplicated even more. The reason is: 1) subschemas (-if: ...), still have to match the top-level: pattern: '^clk_uart_baud[0-3]$' 2) there is one compatible that doesn't follow sequential numbering for the clock names (samsung,s3c6400-uart) 3) when limiting the number of clock-names, we also want to enforce sequential names Because of 1) and 2), the patterns can not simply be changed to constant strings, and later overridden in a different subschema (for samsung,s3c6400-uart only). Since we can't populate the top-level clock-names based on the compatible, and because when limiting the number of items we generally want sequential numbers and not a pattern, move the permitted strings into a subschema of its own and populate it based on the compatible: * 'uart clk_uart_baud2 clk_uart_baud3' for the one outlier * 'uart clk_uart_baud0..3' for everything else This way we can avoid having to duplicate the permitted names everywhere. While at it, add blank lines as per the universal style, which is to have blank lines between properties, except where they are booleans. Also add another example using a compatible that uses the default clock-names scheme, as opposed to the existing example that uses samsung,s3c6400-uart's non-default clock-names. This allows testing both versions of the clock-names property when running dt_binding_check. Reviewed-by: Rob Herring (Arm) Signed-off-by: André Draszik Link: https://lore.kernel.org/r/20240725-gs101-uart-binding-v5-1-e237be8253a9@linaro.org Signed-off-by: Greg Kroah-Hartman commit bca162fb37903b8681f33180cb13c53a1d43b581 Author: Jisheng Zhang Date: Fri Jul 12 00:07:20 2024 +0800 serial: 8250_early: add xscale earlycon support After commit 3a50365d8c79 ("serial: 8250: Add OF support for Xscale variant"), 8250_of can support the xscale variant. Now, let's add the earlycon support for xscale too. Signed-off-by: Jisheng Zhang Link: https://lore.kernel.org/r/20240711160720.3488-3-jszhang@kernel.org Signed-off-by: Greg Kroah-Hartman commit 8630f9d9cdccef8d1468a0ce62582d208cf2a15e Author: Jisheng Zhang Date: Fri Jul 12 00:07:19 2024 +0800 serial: 8250: move mmp|pxa uart earlycon code There are two other drivers that bind to "mrvl,mmp-uart": the 8250_of and the 8250_pxa. The previous one is generic and the latter is binded to ARCH_PXA || ARCH_MMP. Now we may have pxa programming compatible HW to support, making use of the generic 8250_of seems a good idea. However, there's no earlycon support if we go with this solution. So move the mmp|pxa-uart earlycon code to core 8250_early.c. Signed-off-by: Jisheng Zhang Link: https://lore.kernel.org/r/20240711160720.3488-2-jszhang@kernel.org Signed-off-by: Greg Kroah-Hartman commit 59449c9dbdaa29e9e9e75f66e8cb71694cf2b0a6 Author: Ferry Toth Date: Tue Jul 16 23:40:31 2024 +0200 tty: serial: 8250_dma: use sgl with 2 nents to take care of buffer wrap Previously 8250_dma used a circular xmit->buf as DMA output buffer. This causes messages that wrap around in the circular buffer to be transmitted using 2 DMA transfers. Depending on baud rate and processor load this can cause an interchar gap in the middle of the message. On the receiving end the gap may cause a short receive timeout, possibly long enough to terminate a DMA transfer, but too short to restart a receive DMA transfer in time thus causing a receive buffer overrun. This is especially a problem for devices with high speed UARTs (HSU) where even deep 64 byte FIFO's are not sufficient to handle interrupt latency. The circular buffer has now been replaced by kfifo which requires a SG list with a single entry, which still causes 2 dma transfers when a wrap around occurs. Fix this by allowing up to 2 entries in the sgl. Reviewed-by: Jiri Slaby Signed-off-by: Ferry Toth Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/r/20240716214055.102269-1-ftoth@exalondelft.nl Signed-off-by: Greg Kroah-Hartman commit 68c341c888f448410de027ca4b3d113f2b437c54 Author: Raphael Gallais-Pou Date: Tue Jul 16 20:00:10 2024 +0200 serial: st-asc: Switch from CONFIG_PM_SLEEP guards to pm_sleep_ptr() Letting the compiler remove these functions when the kernel is built without CONFIG_PM_SLEEP support is simpler and less error prone than the use of #ifdef based kernel configuration guards. Signed-off-by: Raphael Gallais-Pou Link: https://lore.kernel.org/r/20240716180010.126987-1-rgallaispou@gmail.com Signed-off-by: Greg Kroah-Hartman commit b735154aeb3366b249ab52bbfa0aa8a4c61c9a44 Author: Pawel Dembicki Date: Mon Jul 29 23:02:01 2024 +0200 dt-bindings: net: dsa: vsc73xx: add {rx,tx}-internal-delay-ps Add a schema validator to vitesse,vsc73xx.yaml for MAC-level RGMII delays in the CPU port. Additionally, valid values for VSC73XX were defined, and a common definition for the RX and TX valid range was created. Reviewed-by: Andrew Lunn Signed-off-by: Pawel Dembicki Reviewed-by: Rob Herring (Arm) Signed-off-by: David S. Miller commit 3b91b03271c5dbf156301ff5028b36925f00e102 Author: Pawel Dembicki Date: Mon Jul 29 23:01:59 2024 +0200 net: dsa: vsc73xx: make RGMII delays configurable This patch switches hardcoded RGMII transmit/receive delay to a configurable value. Delay values are taken from the properties of the CPU port: 'tx-internal-delay-ps' and 'rx-internal-delay-ps'. The default value is configured to 2.0 ns to maintain backward compatibility with existing code. Signed-off-by: Pawel Dembicki Reviewed-by: Andrew Lunn Signed-off-by: David S. Miller commit ba5c778cab1dd3e4918f940989e771e2818afee8 Author: Sean Young Date: Sun Jun 30 22:33:44 2024 +0100 media: rc: remove unused tx_resolution field The tx_resolution field is never read. In theory you can imagine this field being useful for detecting whether the transmitter has the resolution for the message you are trying to send, but I am not aware of any hardware where this could be an issue. Just remove. Signed-off-by: Sean Young Signed-off-by: Hans Verkuil commit 512d1899b8968cde259ab9b9980fa51df1394128 Author: Zelong Dong Date: Wed Jul 3 17:38:58 2024 +0800 media: rc: meson-ir: support PM suspend/resume IR Controller could be used and updated by other processor while kernel has been suspended. Reinitialize IR Controller just in case while kernel is resuming. Signed-off-by: Zelong Dong Signed-off-by: Sean Young Signed-off-by: Hans Verkuil commit d483f034f03261c8c8450d106aa243837122b5f0 Author: Stefan Wahren Date: Sun Jul 28 15:00:26 2024 +0200 usb: dwc2: Skip clock gating on Broadcom SoCs On resume of the Raspberry Pi the dwc2 driver fails to enable HCD_FLAG_HW_ACCESSIBLE before re-enabling the interrupts. This causes a situation where both handler ignore a incoming port interrupt and force the upper layers to disable the dwc2 interrupt line. This leaves the USB interface in a unusable state: irq 66: nobody cared (try booting with the "irqpoll" option) CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 6.10.0-rc3 Hardware name: BCM2835 Call trace: unwind_backtrace from show_stack+0x10/0x14 show_stack from dump_stack_lvl+0x50/0x64 dump_stack_lvl from __report_bad_irq+0x38/0xc0 __report_bad_irq from note_interrupt+0x2ac/0x2f4 note_interrupt from handle_irq_event+0x88/0x8c handle_irq_event from handle_level_irq+0xb4/0x1ac handle_level_irq from generic_handle_domain_irq+0x24/0x34 generic_handle_domain_irq from bcm2836_chained_handle_irq+0x24/0x28 bcm2836_chained_handle_irq from generic_handle_domain_irq+0x24/0x34 generic_handle_domain_irq from generic_handle_arch_irq+0x34/0x44 generic_handle_arch_irq from __irq_svc+0x88/0xb0 Exception stack(0xc1b01f20 to 0xc1b01f68) 1f20: 0005c0d4 00000001 00000000 00000000 c1b09780 c1d6b32c c1b04e54 c1a5eae8 1f40: c1b04e90 00000000 00000000 00000000 c1d6a8a0 c1b01f70 c11d2da8 c11d4160 1f60: 60000013 ffffffff __irq_svc from default_idle_call+0x1c/0xb0 default_idle_call from do_idle+0x21c/0x284 do_idle from cpu_startup_entry+0x28/0x2c cpu_startup_entry from kernel_init+0x0/0x12c handlers: [] dwc2_handle_common_intr [<75cd278b>] usb_hcd_irq Disabling IRQ #66 Disabling clock gating workaround this issue. Fixes: 0112b7ce68ea ("usb: dwc2: Update dwc2_handle_usb_suspend_intr function.") Link: https://lore.kernel.org/linux-usb/3fd0c2fb-4752-45b3-94eb-42352703e1fd@gmx.net/T/ Link: https://lore.kernel.org/all/5e8cbce0-3260-2971-484f-fc73a3b2bd28@synopsys.com/ Signed-off-by: Stefan Wahren Acked-by: Minas Harutyunyan Link: https://lore.kernel.org/r/20240728130029.78279-5-wahrenst@gmx.net Signed-off-by: Greg Kroah-Hartman commit e7d0aee60f49b7c915696d70a5b7d26d8af1e612 Author: Stefan Wahren Date: Sun Jul 28 15:00:25 2024 +0200 usb: dwc2: Add comment about BCM2848 ACPI ID During recent code review the different naming between ACPI and OF IDs led to confusion. So add a clarifying comment. Link: https://lore.kernel.org/linux-usb/38e46b44-6248-45e8-bdf9-66008a2fe290@arm.com/ Signed-off-by: Stefan Wahren Link: https://lore.kernel.org/r/20240728130029.78279-4-wahrenst@gmx.net Signed-off-by: Greg Kroah-Hartman commit 727f5a24b8b0164ac807dd77b469ed6e50df825d Author: Stefan Wahren Date: Sun Jul 28 15:00:24 2024 +0200 usb: dwc2: debugfs: Print parameter no_clock_gating The commit c4a0f7a6ab54 ("usb: dwc2: Skip clock gating on Samsung SoCs") introduced a parameter to skip enabling clock gating mode even the hardware platform should supports it. In order to make this more visible also print this in show parameters of debugfs. Signed-off-by: Stefan Wahren Acked-by: Minas Harutyunyan Reviewed-by: Florian Fainelli Link: https://lore.kernel.org/r/20240728130029.78279-3-wahrenst@gmx.net Signed-off-by: Greg Kroah-Hartman commit 3c2360f1a50e6ef74c61748696134b5b31a9e191 Author: Varadarajan Narayanan Date: Tue Jul 30 11:18:14 2024 +0530 dt-bindings: usb: qcom,dwc3: Update ipq5332 clock details Unlike MSM SoC, IPQ SoC doesn't use RPM to aggregate bandwidth requests and scale the NoC frequency. The NoCs are turned on and set to a specific frequency at boot time and that is used for the lifetime of the system. Hence interconnect was not considered previously. The same approach was used for PCIe and at that point the consensus was to move to interconnect. Hence implemented the ICC driver and updating the existing USB driver to use the ICC driver. USB uses icc-clk framework to enable the NoC interface clock. Hence the 'iface' clock is removed from the list of clocks. Update the clock-names list accordingly. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Varadarajan Narayanan Link: https://lore.kernel.org/r/20240730054817.1915652-3-quic_varada@quicinc.com Signed-off-by: Greg Kroah-Hartman commit f7fd939e805672417bbf418f6035dec9400230fd Author: Théo Lebrun Date: Fri Jul 26 20:17:49 2024 +0200 dt-bindings: usb: ti,j721e-usb: fix compatible list Compatible can be A or B+A, not A or B or A+B. B got added afterwards, we want B+A not A+B. A=ti,j721e-usb and B=ti,am64-usb. Reviewed-by: Rob Herring Reviewed-by: Conor Dooley Signed-off-by: Théo Lebrun Link: https://lore.kernel.org/r/20240726-s2r-cdns-v5-1-8664bfb032ac@bootlin.com Signed-off-by: Greg Kroah-Hartman commit 17668d7bb84e4b4d6aa0196f89273fd84e300a5c Author: Varadarajan Narayanan Date: Tue Jul 23 15:31:50 2024 +0530 dt-bindings: usb: qcom,dwc3: Update ipq5332 interrupt info IPQ5332 has only three interrupts. Update the constraints to fix the following dt_binding_check errors. interrupt-names: ['pwr_event', 'dp_hs_phy_irq', 'dm_hs_phy_irq'] is too short Fixes: 53c6d854be4e ("dt-bindings: usb: dwc3: Clean up hs_phy_irq in binding") Signed-off-by: Varadarajan Narayanan Acked-by: Rob Herring (Arm) Link: https://lore.kernel.org/r/20240723100151.402300-2-quic_varada@quicinc.com Signed-off-by: Greg Kroah-Hartman commit db1c0bc6534a60adc65efa80f298dffb02274076 Author: Krzysztof Kozlowski Date: Wed Jul 31 07:44:38 2024 +0200 usb: misc: eud: switch to fallback compatible for device matching The bindings require two compatibles to be used: qcom,sc7280-eud followed by fallback qcom,eud. The convention is to use fallback compatible in OF device ID tables, unless some device-specific quirks are needed. This will also simplify matching any new devices - they will use existing OF device ID entry, instead of adding a new one. Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240731054438.9073-1-krzysztof.kozlowski@linaro.org Signed-off-by: Greg Kroah-Hartman commit 4e33059ed59796eab07405f5effbb33bb4b3318f Author: Michael Walle Date: Tue Jul 30 21:38:40 2024 +0200 usb: gadget: u_serial: add .get_icount() support Add icount support for the transmitting and receiving characters. This will make the tty LED trigger work with the ttyGS devices. Signed-off-by: Michael Walle Link: https://lore.kernel.org/r/20240730193840.2580358-1-mwalle@kernel.org Signed-off-by: Greg Kroah-Hartman commit acabfb1b79802e8a7fc17c7f73271e2250fead0c Author: Chen Ni Date: Mon Jul 15 15:39:47 2024 +0800 usb: typec: ucsi: glink: Remove unnecessary semicolon Remove unnecessary semicolon at the end of the switch statement. This is detected by coccinelle. Signed-off-by: Chen Ni Reviewed-by: Dmitry Baryshkov Reviewed-by: Heikki Krogerus Link: https://lore.kernel.org/r/20240715073947.4028319-1-nichen@iscas.ac.cn Signed-off-by: Greg Kroah-Hartman commit 4c288f56030f380acb9572d88396ac15edfd30ed Author: Jani Nikula Date: Mon Jul 29 20:33:20 2024 +0300 drm/i915/bios: remove stale and useless comments The comments do not add any value. Remove. Reviewed-by: Vandita Kulkarni Link: https://patchwork.freedesktop.org/patch/msgid/20240729173320.1053791-1-jani.nikula@intel.com Signed-off-by: Jani Nikula commit bb548c1654db4a6f1a42657ed9068237e0c044b5 Author: Łukasz Bartosik Date: Mon Jul 15 13:11:30 2024 +0000 usbip: Add USB_SPEED_SUPER_PLUS as valid arg Add USB_SPEED_SUPER_PLUS as valid argument to allow to attach USB SuperSpeed+ devices. Update speed of virtual HC to SuperSpeed+ as well. Signed-off-by: Łukasz Bartosik Acked-by: Shuah Khan Link: https://lore.kernel.org/r/20240715131131.3876380-1-ukaszb@chromium.org Signed-off-by: Greg Kroah-Hartman commit ac7c73c4df624331d4871a61ced1d7a6350102b1 Author: Krzysztof Kozlowski Date: Fri Jul 12 14:09:47 2024 +0200 USB: ohci-ppc-of: Drop ohci-littledian compatible The "ohci-littledian" compatible has typo (edian->endian) and is not used in in-kernel DTS. Considering the typo and that it is an very old driver (~2006), drop the compatible. Suggested-by: Rob Herring Signed-off-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240712120947.86181-1-krzysztof.kozlowski@linaro.org Signed-off-by: Greg Kroah-Hartman commit aace0aec49a31e298994042f62c007e10b64ca14 Author: Chris Wulff Date: Tue Apr 23 14:09:04 2024 +0000 usb: gadget: f_uac1: Expose all string descriptors through configfs. This makes all string descriptors configurable for the UAC1 gadget so the user can configure names of terminals/controls/alt modes. Signed-off-by: Chris Wulff Link: https://lore.kernel.org/r/CO1PR17MB541911B0C80D21E4B575E48CE1112@CO1PR17MB5419.namprd17.prod.outlook.com Signed-off-by: Greg Kroah-Hartman commit 3fafd92edbeb523bad6aa63ab7118112d533c9ec Merge: 0a658d088cc637 5dfa598b249c5b Author: David S. Miller Date: Wed Jul 31 09:25:14 2024 +0100 Merge branch 'l2tp-session-cleanup' into main James Chapman says: ==================== l2tp: simplify tunnel and session cleanup This series simplifies and improves l2tp tunnel and session cleanup. * refactor l2tp management code to not use the tunnel socket's sk_user_data. This allows the tunnel and its socket to be closed and freed without sequencing the two using the socket's sk_destruct hook. * export ip_flush_pending_frames and use it when closing l2tp_ip sockets. * move the work of closing all sessions in the tunnel to the work queue so that sessions are deleted using the same codepath whether they are closed by user API request or their parent tunnel is closing. * refactor l2tp_ppp pppox socket / session relationship to have the session keep the socket alive, not the other way around. Previously the pppox socket held a ref on the session, which complicated session delete by having to go through the pppox socket destructor. * free sessions and pppox sockets by rcu. * fix a possible tunnel refcount underflow. * avoid using rcu_barrier in net exit handler. ==================== Signed-off-by: David S. Miller commit 5dfa598b249c5bd8fa620843cf9ece1ad16929d9 Author: James Chapman Date: Mon Jul 29 16:38:14 2024 +0100 l2tp: use pre_exit pernet hook to avoid rcu_barrier Move the work of closing all tunnels from the pernet exit hook to pre_exit since the core does rcu synchronisation between these steps and we can therefore remove rcu_barrier from l2tp code. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit d93b8a63f011f252dcfb101d5b90367bd8f42db3 Author: James Chapman Date: Mon Jul 29 16:38:13 2024 +0100 l2tp: cleanup eth/ppp pseudowire setup code l2tp eth/ppp pseudowire setup/cleanup uses kfree() in some error paths. Drop the refcount instead such that the session object is always freed when the refcount reaches 0. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit 0aa45570c3241e3bdba1a8b5b30d200c819b5b15 Author: James Chapman Date: Mon Jul 29 16:38:12 2024 +0100 l2tp: add idr consistency check in session_register l2tp_session_register uses an idr_alloc then idr_replace pattern to insert sessions into the session IDR. To catch invalid locking, add a WARN_ON_ONCE if the IDR entry is modified by another thread between alloc and replace steps. Also add comments to make expectations clear. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit 89b768ec2dfefaeba5212de14fc71368e12d06ba Author: James Chapman Date: Mon Jul 29 16:38:11 2024 +0100 l2tp: use rcu list add/del when updating lists l2tp_v3_session_htable and tunnel->session_list are read by lockless getters using RCU. Use rcu list variants when adding or removing list items. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit 24256415d18695b46da06c93135f5b51c548b950 Author: James Chapman Date: Mon Jul 29 16:38:10 2024 +0100 l2tp: prevent possible tunnel refcount underflow When a session is created, it sets a backpointer to its tunnel. When the session refcount drops to 0, l2tp_session_free drops the tunnel refcount if session->tunnel is non-NULL. However, session->tunnel is set in l2tp_session_create, before the tunnel refcount is incremented by l2tp_session_register, which leaves a small window where session->tunnel is non-NULL when the tunnel refcount hasn't been bumped. Moving the assignment to l2tp_session_register is trivial but l2tp_session_create calls l2tp_session_set_header_len which uses session->tunnel to get the tunnel's encap. Add an encap arg to l2tp_session_set_header_len to avoid using session->tunnel. If l2tpv3 sessions have colliding IDs, it is possible for l2tp_v3_session_get to race with l2tp_session_register and fetch a session which doesn't yet have session->tunnel set. Add a check for this case. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit c5cbaef992d6420d8bcebea1b1fcc23302a67c57 Author: James Chapman Date: Mon Jul 29 16:38:09 2024 +0100 l2tp: refactor ppp socket/session relationship Each l2tp ppp session has an associated pppox socket. l2tp_ppp uses the session's pppox socket refcount to manage session lifetimes; the pppox socket holds a ref on the session which is dropped by the socket destructor. This complicates session cleanup. Given l2tp sessions are refcounted, it makes more sense to reverse this relationship such that the session keeps the socket alive, not the other way around. So refactor l2tp_ppp to have the session hold a ref on its socket while it references it. When the session is closed, it drops its socket ref when it detaches from its socket. If the socket is closed first, it initiates the closing of its session, if one is attached. The socket/session can then be freed asynchronously when their refcounts drop to 0. Use the session's session_close callback to detach the pppox socket since this will be done on the work queue together with the rest of the session cleanup via l2tp_session_delete. Also, since l2tp_ppp uses the pppox socket's sk_user_data, use the rcu sk_user_data access helpers when accessing it and set the socket's SOCK_RCU_FREE flag to have pppox sockets freed by rcu. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit d17e89999574aca143dd4ede43e4382d32d98724 Author: James Chapman Date: Mon Jul 29 16:38:08 2024 +0100 l2tp: free sessions using rcu l2tp sessions may be accessed under an rcu read lock. Have them freed via rcu and remove the now unneeded synchronize_rcu when a session is removed. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit fc7ec7f554d7d0a27ba339fcf48df11d14413329 Author: James Chapman Date: Mon Jul 29 16:38:07 2024 +0100 l2tp: delete sessions using work queue When a tunnel is closed, l2tp_tunnel_closeall closes all sessions in the tunnel. Move the work of deleting each session to the work queue so that sessions are deleted using the same codepath whether they are closed by user API request or their parent tunnel is closing. This also avoids the locking dance in l2tp_tunnel_closeall where the tunnel's session list lock was unlocked and relocked in the loop. In l2tp_exit_net, use drain_workqueue instead of flush_workqueue because the processing of tunnel_delete work may queue session_delete work items which must also be processed. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit 29717a4fb7fcbbcfa5f0d5e8969b8ce0929276be Author: James Chapman Date: Mon Jul 29 16:38:06 2024 +0100 l2tp: simplify tunnel and socket cleanup When the l2tp tunnel socket used sk_user_data to point to its associated l2tp tunnel, socket and tunnel cleanup had to make use of the socket's destructor to free the tunnel only when the socket could no longer be accessed. Now that sk_user_data is no longer used, we can simplify socket and tunnel cleanup: * If the tunnel closes first, it cleans up and drops its socket ref when the tunnel refcount drops to zero. If its socket was provided by userspace, the socket is closed and freed asynchronously, when userspace closes it. If its socket is a kernel socket, the tunnel closes the socket itself during cleanup and drops its socket ref when the tunnel's refcount drops to zero. * If the socket closes first, we initiate the closing of its associated tunnel. For UDP sockets, this is via the socket's encap_destroy hook. For L2TPIP sockets, this is via the socket's destroy callback. The tunnel holds a socket ref while it references the sock. When the tunnel is freed, it drops its socket ref and the socket will be cleaned up when its own refcount drops to zero, asynchronous to the tunnel free. * The tunnel socket destructor is no longer needed since the tunnel is no longer freed through the socket destructor. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit 0fa51a7c6f54f1c0c23bb256eb9b2d31a8b9c544 Author: James Chapman Date: Mon Jul 29 16:38:05 2024 +0100 l2tp: remove unused tunnel magic field Since l2tp no longer derives tunnel pointers directly via sk_user_data, it is no longer useful for l2tp to check tunnel pointers using a magic feather. Drop the tunnel's magic field. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit 4a4cd70369f162f819b7855b0eabcb2db21f01f4 Author: James Chapman Date: Mon Jul 29 16:38:04 2024 +0100 l2tp: don't set sk_user_data in tunnel socket l2tp no longer uses the tunnel socket's sk_user_data so drop the code which sets it. In l2tp_validate_socket use l2tp_sk_to_tunnel to check whether a given socket is already attached to an l2tp tunnel since we can no longer use non-null sk_user_data to indicate this. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit eeb11209e000797d555aefd642e24ed6f4e70140 Author: James Chapman Date: Mon Jul 29 16:38:03 2024 +0100 l2tp: don't use tunnel socket sk_user_data in ppp procfs output l2tp's ppp procfs output can be used to show internal state of pppol2tp. It includes a 'user-data-ok' field, which is derived from the tunnel socket's sk_user_data being non-NULL. Use tunnel->sock being non-NULL to indicate this instead. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit ed8ebee6def7b7b760bd4fd90c03b9e86622701c Author: James Chapman Date: Mon Jul 29 16:38:02 2024 +0100 l2tp: have l2tp_ip_destroy_sock use ip_flush_pending_frames Use the recently exported ip_flush_pending_frames instead of a free-coded version and lock the socket while we call it. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit 4ff8863419cdc40f2c6e1ad99436e375b9b86b68 Author: James Chapman Date: Mon Jul 29 16:38:01 2024 +0100 ipv4: export ip_flush_pending_frames To avoid protocol modules implementing their own, export ip_flush_pending_frames. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit 2e7a280692bf43940728b7f6ca6a52ebf641a6f5 Author: James Chapman Date: Mon Jul 29 16:38:00 2024 +0100 l2tp: lookup tunnel from socket without using sk_user_data l2tp_sk_to_tunnel derives the tunnel from sk_user_data. Instead, lookup the tunnel by walking the tunnel IDR for a tunnel using the indicated sock. This is slow but l2tp_sk_to_tunnel is not used in the datapath so performance isn't critical. l2tp_tunnel_destruct needs a variant of l2tp_sk_to_tunnel which does not bump the tunnel refcount since the tunnel refcount is already 0. Change l2tp_sk_to_tunnel sk arg to const since it does not modify sk. Signed-off-by: James Chapman Signed-off-by: Tom Parkin Signed-off-by: David S. Miller commit fe035fa6f56c5b8146fcfe4253edbb9e9399ce2d Author: Chen-Yu Tsai Date: Wed Jul 31 11:44:10 2024 +0800 arm64: dts: mediatek: mt8195: Assign USB 3.0 PHY to xhci1 by default xhci1 has both USB 2.0 and USB 3.0 host capabilities. By default both are assumed to be enabled when the controller is enabled. To disable either one, an extra property is used. Since the default has both enabled, both PHYs should also be assigned to the host controller. If a specific design uses only either one, the board specific dts file can override the PHY assignment together with adding the "mediatek,u[23]p-dis-msk" property. This keeps both changes together. Signed-off-by: Chen-Yu Tsai Link: https://lore.kernel.org/r/20240731034411.371178-4-wenst@chromium.org Signed-off-by: AngeloGioacchino Del Regno commit be985531a5dd9ca50fc9f3f85b8adeb2a4a75a58 Author: Chen-Yu Tsai Date: Wed Jul 31 11:44:09 2024 +0800 arm64: dts: mediatek: mt8395-nio-12l: Mark USB 3.0 on xhci1 as disabled USB 3.0 on xhci1 is not used, as the controller shares the same PHY as pcie1. The latter is enabled to support the M.2 PCIe WLAN card on this design. Mark USB 3.0 as disabled on this controller using the "mediatek,u3p-dis-msk" property. Fixes: 96564b1e2ea4 ("arm64: dts: mediatek: Introduce the MT8395 Radxa NIO 12L board") Cc: stable@vger.kernel.org Signed-off-by: Chen-Yu Tsai Link: https://lore.kernel.org/r/20240731034411.371178-3-wenst@chromium.org Signed-off-by: AngeloGioacchino Del Regno commit 09d385679487c58f0859c1ad4f404ba3df2f8830 Author: Chen-Yu Tsai Date: Wed Jul 31 11:44:08 2024 +0800 arm64: dts: mediatek: mt8195-cherry: Mark USB 3.0 on xhci1 as disabled USB 3.0 on xhci1 is not used, as the controller shares the same PHY as pcie1. The latter is enabled to support the M.2 PCIe WLAN card on this design. Mark USB 3.0 as disabled on this controller using the "mediatek,u3p-dis-msk" property. Reported-by: Nícolas F. R. A. Prado #KernelCI Closes: https://lore.kernel.org/all/9fce9838-ef87-4d1b-b3df-63e1ddb0ec51@notapiano/ Fixes: b6267a396e1c ("arm64: dts: mediatek: cherry: Enable T-PHYs and USB XHCI controllers") Cc: stable@vger.kernel.org Signed-off-by: Chen-Yu Tsai Link: https://lore.kernel.org/r/20240731034411.371178-2-wenst@chromium.org Signed-off-by: AngeloGioacchino Del Regno commit ac93ca125b5409df56c5139648bbe10fd1ea989b Author: Zhu Jun Date: Tue Jul 23 19:46:36 2024 -0700 tools: gpio: Fix the wrong format specifier The unsigned int should use "%u" instead of "%d". Signed-off-by: Zhu Jun Link: https://lore.kernel.org/r/20240724024636.3634-1-zhujun2@cmss.chinamobile.com Signed-off-by: Bartosz Golaszewski commit f7176724e7c972201ee38ba531d6c8b68cab180b Author: Animesh Agarwal Date: Wed Jul 31 11:14:30 2024 +0530 dt-bindings: gpio: nxp,lpc3220-gpio: Convert to dtschema Convert the NXP LPC3220 SoC GPIO controller bindings to DT schema format. Signed-off-by: Animesh Agarwal Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240731054442.109732-1-animeshagarwal28@gmail.com Signed-off-by: Bartosz Golaszewski commit 663229e24255883f010ae4d94f9f8e9c34e57d6c Author: Johan Hovold Date: Fri Jul 12 16:08:01 2024 +0200 soundwire: bus: clean up probe warnings Clean up the probe warning messages by using a common succinct and greppable format (e.g. without __func__ and with a space after ':'). Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20240712140801.24267-4-johan+linaro@kernel.org Signed-off-by: Vinod Koul commit 6dfbafd8a1d51a52a623d912a2219e9982020854 Author: Johan Hovold Date: Fri Jul 12 16:08:00 2024 +0200 soundwire: bus: drop unused driver name field The soundwire driver name field is not currently used by any driver (and even appears to never have been used) so drop it. Signed-off-by: Johan Hovold Reviewed-by: Pierre-Louis Bossart Link: https://lore.kernel.org/r/20240712140801.24267-3-johan+linaro@kernel.org Signed-off-by: Vinod Koul commit d9a2b5eaec9424e6db0142e07c1b3de17fb81b88 Author: Johan Hovold Date: Fri Jul 12 16:07:59 2024 +0200 soundwire: bus: suppress probe deferral errors Soundwire driver probe errors are currently being logged both by the bus code and driver core: wsa884x-codec sdw:4:0:0217:0204:00:0: Probe of wsa884x-codec failed: -12 wsa884x-codec sdw:4:0:0217:0204:00:0: probe with driver wsa884x-codec failed with error -12 Drop the redundant bus error message, which is also incorrectly being logged on probe deferral: wsa884x-codec sdw:4:0:0217:0204:00:0: Probe of wsa884x-codec failed: -517 Note that no soundwire driver uses the driver struct name field, which will be removed by a follow-on change. Signed-off-by: Johan Hovold Reviewed-by: Pierre-Louis Bossart Link: https://lore.kernel.org/r/20240712140801.24267-2-johan+linaro@kernel.org Signed-off-by: Vinod Koul commit 5aa0018a93bf2848f625a2eb9c531028cf690b7f Author: Michael Straube Date: Tue Jul 30 10:29:28 2024 +0200 staging: rtl8192e: remove duplicate macros from rtllib.h These macros just duplicate macros from include/linux/ieee80211.h. We can safely remove them from rtllib.h. Signed-off-by: Michael Straube Tested-by: Philipp Hortmann Link: https://lore.kernel.org/r/20240730082928.62284-1-straube.linux@gmail.com Signed-off-by: Greg Kroah-Hartman commit 8682231045af0ea9ba19f7746118f5dd9eb6e05a Author: Steven Davis Date: Tue Jul 30 17:08:12 2024 -0400 staging: nvec: Capitalize outputs to match the rest of the driver Noticing that some messages were capitalized and some weren't, I capitalized them to match the rest. This makes the messages relatively easier to understand for an end user, and reduces confusion about capitalization. A comment was also capitalized. Signed-off-by: Steven Davis Link: https://lore.kernel.org/r/SJ2P223MB102626B10E837EF5A93ED1F1F7B02@SJ2P223MB1026.NAMP223.PROD.OUTLOOK.COM Signed-off-by: Greg Kroah-Hartman commit 13dda5c5096883fe40cc6f8e492d6e7a57506f99 Author: Santiago Ruano Rincón Date: Tue Jul 30 17:05:31 2024 +0900 staging: rtl8723bs: rtw_mlme_ext: replace spaces by tabs Fix checkpatch error "ERROR: code indent should use tabs where possible" in include/rtw_mlme_ext.h:388. Signed-off-by: Santiago Ruano Rincón Link: https://lore.kernel.org/r/20240730080531.991195-1-santiagorr@riseup.net Signed-off-by: Greg Kroah-Hartman commit fe4f695d753fb2200168ba6249136b7a719f73fe Author: Kartik Kulkarni Date: Tue Jul 30 13:41:55 2024 +0000 staging: rtl8723bs: remove space after pointer Fix checkpatch error "foo * bar" should be "foo *bar" in osdep_service.h:105 Signed-off-by: Kartik Kulkarni Reviewed-by: Hans de Goede Link: https://lore.kernel.org/r/20240730134155.37784-1-kartik.koolks@gmail.com Signed-off-by: Greg Kroah-Hartman commit 0129e5ff2842450f1426e312b5e580c0814e0de3 Author: Bitterblue Smith Date: Tue Jul 23 22:32:59 2024 +0300 wifi: rtw88: 8703b: Fix reported RX band width The definition of GET_RX_DESC_BW is incorrect. Fix it according to the GET_RX_STATUS_DESC_BW_8703B macro from the official driver. Tested only with RTL8812AU, which uses the same bits. Cc: stable@vger.kernel.org Fixes: 9bb762b3a957 ("wifi: rtw88: Add definitions for 8703b chip") Signed-off-by: Bitterblue Smith Tested-by: Fiona Klute Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/1cfed9d5-4304-4b96-84c5-c347f59fedb9@gmail.com commit a71ed5898dfae68262f79277915d1dfe34586bc6 Author: Bitterblue Smith Date: Tue Jul 23 22:31:36 2024 +0300 wifi: rtw88: 8822c: Fix reported RX band width "iw dev wlp2s0 station dump" shows incorrect rx bitrate: tx bitrate: 866.7 MBit/s VHT-MCS 9 80MHz short GI VHT-NSS 2 rx bitrate: 86.7 MBit/s VHT-MCS 9 VHT-NSS 1 This is because the RX band width is calculated incorrectly. Fix the calculation according to the phydm_rxsc_2_bw() function from the official drivers. After: tx bitrate: 866.7 MBit/s VHT-MCS 9 80MHz short GI VHT-NSS 2 rx bitrate: 390.0 MBit/s VHT-MCS 9 80MHz VHT-NSS 1 It also works correctly with the AP configured for 20 MHz and 40 MHz. Tested with RTL8822CE. Cc: stable@vger.kernel.org Fixes: e3037485c68e ("rtw88: new Realtek 802.11ac driver") Signed-off-by: Bitterblue Smith Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/bca8949b-e2bd-4515-98fd-70d3049a0097@gmail.com commit b9cdbb06d4fc4665b3a8a557926bcb09edc92c5f Author: Ping-Ke Shih Date: Sat Jul 20 10:13:40 2024 +0800 wifi: rtw89: 8852bt: add 8852BE-VT to Makefile and Kconfig RTL8852BE-VT is a WiFi 6 2x2 chip, which can operate on 2/5 GHz channels and 80MHz bandwidth. Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240720021340.12102-8-pkshih@realtek.com commit bbe48c328ff85d9ebe48d1fdac6f9ba771237ad1 Author: Ping-Ke Shih Date: Sat Jul 20 10:13:39 2024 +0800 wifi: rtw89: 8852bte: add PCI entry of 8852BE-VT PCI device ID 10ec:b520 of RTL8852BE-VT is added as PCI entry, and define chip capabilities for driver common routines. Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240720021340.12102-7-pkshih@realtek.com commit e67e15cb867c801afa6f6628a5405f7f3a0d9cbe Author: Ping-Ke Shih Date: Sat Jul 20 10:13:38 2024 +0800 wifi: rtw89: 8852bt: declare firmware features of RTL8852BT Firmware features are enabled after being supported, including TX wake, firmware crash simulation, hardware scan. Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240720021340.12102-6-pkshih@realtek.com commit 62eddca4d2961c6b9512b675ac199068f7b47578 Author: Ping-Ke Shih Date: Sat Jul 20 10:13:37 2024 +0800 wifi: rtw89: 8852bt: add chip_ops of RTL8852BT Add chip_info of RTL8852BT accordingly, including power on/off function, BB reset, TSSI settings while setting channel, RF calibration, and BT coexistence. Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240720021340.12102-5-pkshih@realtek.com commit c4dea0481e23b1e711d5ea3c3b1fe83e7b8e6797 Author: Ping-Ke Shih Date: Sat Jul 20 10:13:36 2024 +0800 wifi: rtw89: 8852bt: add chip_info of RTL8852BT Add chip_info of RTL8852BT accordingly, including firmware elements support, MAC memory quota (WDE, PLE and etc), SER IMR used by firmware, BTC registers, register based H2C/C2H, WoWLAN stub. Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240720021340.12102-4-pkshih@realtek.com commit be457fbacea9fdceb1dbeb8034eaee9713962c06 Author: Ping-Ke Shih Date: Sat Jul 20 10:13:35 2024 +0800 wifi: rtw89: 8852bt: rfk: use predefined string choice for DPK enable/disable clang warns precedence of '?:' and '&'. Even though original logic is correct, use str_enable_disable() to avoid clang confusing. Another way to fix is to add parentheses around '&', but I choose former one. >> drivers/net/wireless/realtek/rtw89/rtw8852bt_rfk.c:1827:46: warning: operator '?:' has lower precedence than '&'; '&' will be evaluated first [-Wbitwise-conditional-parentheses] 1827 | kidx, dpk->is_dpk_enable & off_reverse ? "enable" : "disable"); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^ Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202407200741.dMG9uvHU-lkp@intel.com/ Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240720021340.12102-3-pkshih@realtek.com commit 6bd63e44e98e06efebc89c5b606259bf2fd8f96c Author: Ping-Ke Shih Date: Sat Jul 20 10:13:34 2024 +0800 wifi: rtw89: 8852bt: add set_channel_rf Add RF part of set_channel() is to configure RF registers, and then hardware can TX/RX on specified frequency and bandwidth. Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240720021340.12102-2-pkshih@realtek.com commit d523dc49d13e8853b30ac7c5056bb506bbef1bcc Author: Zong-Zhe Yang Date: Thu Jul 18 15:06:16 2024 +0800 wifi: rtw89: select WANT_DEV_COREDUMP We have invoked device coredump when fw crash. Should select WANT_DEV_COREDUMP by ourselves. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240718070616.42217-2-pkshih@realtek.com commit 7e989b0c1e33210c07340bf5228aa83ea52515b5 Author: Zong-Zhe Yang Date: Thu Jul 18 15:06:15 2024 +0800 wifi: rtw88: select WANT_DEV_COREDUMP We have invoked device coredump when fw crash. Should select WANT_DEV_COREDUMP by ourselves. Signed-off-by: Zong-Zhe Yang Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240718070616.42217-1-pkshih@realtek.com commit 8db6c1ca64664ef9b071e6eeb646023ac5b240a8 Author: Ping-Ke Shih Date: Thu Jul 18 14:41:55 2024 +0800 wifi: rtw88: debugfs: support multiple adapters debugging Originally in order to read partial registers from large area, we write a range value stored into a static variable and read registers according to the static variable. However, if we install more than one adapters supported by this driver, the static variables will be overwritten by latter adapters. To resolve the problem, move the static variables to struct rtw_dev for each adapter. With changes, smatch spends too much time to parse rtw_debugfs_init(): debug.c:1289 rtw_debugfs_init() parse error: turning off implications after 60 seconds Move stuffs of adding debugfs entries to three rtw_debugfs_add_xxx() functions. Reported-by: Bitterblue Smith Closes: https://lore.kernel.org/linux-wireless/cd6a2acf3c2c36d938b40140b52a779516f446a9.camel@realtek.com/T/#m27662022c70d9f893ba96f6c6a8dd8fce2434dfe Tested-by: Bitterblue Smith Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240718064155.38955-1-pkshih@realtek.com commit 6f20fc09936e786a4ba18f5514fe185e0451ada9 Author: Dominik Grzegorzek Date: Mon Jul 29 16:01:52 2024 +0300 drm/xe: Move and export xe_hw_engine lookup. Move and export xe_hw_engine lookup. This is in preparation to use this in eudebug code where we want to find active engine. v2: s/tile/gt due to uapi changes (Mika) Signed-off-by: Dominik Grzegorzek Signed-off-by: Mika Kuoppala Reviewed-by: Matthew Brost Signed-off-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240729130152.100130-1-mika.kuoppala@linux.intel.com commit 7f7a2da3bf8bc0e0f6c239af495b7050056e889c Author: Matthew Brost Date: Fri Jul 26 18:22:16 2024 -0700 drm/xe: Use dma_fence_chain_free in chain fence unused as a sync A chain fence is uninitialized if not installed in a drm sync obj. Thus if xe_sync_entry_cleanup is called and sync->chain_fence is non-NULL the proper cleanup is dma_fence_chain_free rather than a dma-fence put. Reported-by: Paulo Zanoni Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2411 Closes: https://gitlab.freedesktop.org/drm/xe/kernel/-/issues/2261 Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Matthew Brost Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240727012216.2118276-1-matthew.brost@intel.com commit 0a658d088cc63745528cf0ec8a2c2df0f37742d9 Author: Dr. David Alan Gilbert Date: Mon Jul 29 21:53:37 2024 +0100 net/tcp: Expand goo.gl link The goo.gl URL shortener is deprecated and is due to stop expanding existing links in 2025. Expand the link in Kconfig. Signed-off-by: Dr. David Alan Gilbert Reviewed-by: Simon Horman Link: https://patch.msgid.link/20240729205337.48058-1-linux@treblig.org Signed-off-by: Jakub Kicinski commit e832bc9e818ca49078350a89f1de9aceba1775e3 Author: Joe Damato Date: Mon Jul 29 15:26:47 2024 +0000 net: wangxun: use net_prefetch to simplify logic Use net_prefetch to remove #ifdef and simplify prefetch logic. This follows the pattern introduced in a previous commit f468f21b7af0 ("net: Take common prefetch code structure into a function"), which replaced the same logic in all existing drivers at that time. Signed-off-by: Joe Damato Reviewed-by: Wojciech Drewek Link: https://patch.msgid.link/20240729152651.258713-1-jdamato@fastly.com Signed-off-by: Jakub Kicinski commit 92cc2456e9775dc4333fb4aa430763ae4ac2f2d9 Author: Andrii Nakryiko Date: Tue Jul 30 16:18:05 2024 -0700 selftests/bpf: fix RELEASE=1 compilation for sock_addr.c When building selftests with RELEASE=1 using GCC compiler, it complaints about uninitialized err. Fix the problem. Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20240730231805.1933923-1-andrii@kernel.org Signed-off-by: Martin KaFai Lau commit 8a895c2e6a7ed264a1b917616db205ed934e8306 Author: Xavier Date: Thu Jul 4 14:24:44 2024 +0800 cpuset: use Union-Find to optimize the merging of cpumasks The process of constructing scheduling domains involves multiple loops and repeated evaluations, leading to numerous redundant and ineffective assessments that impact code efficiency. Here, we use union-find to optimize the merging of cpumasks. By employing path compression and union by rank, we effectively reduce the number of lookups and merge comparisons. Signed-off-by: Xavier Signed-off-by: Tejun Heo commit 93c8332c8373fee415bd79f08d5ba4ba7ca5ad15 Author: Xavier Date: Thu Jul 4 14:24:43 2024 +0800 Union-Find: add a new module in kernel library This patch implements a union-find data structure in the kernel library, which includes operations for allocating nodes, freeing nodes, finding the root of a node, and merging two nodes. Signed-off-by: Xavier Signed-off-by: Tejun Heo commit 4a711dd910d0135b3d262f85612f7e17e0feb989 Author: Chen Ridong Date: Fri Jul 26 01:05:02 2024 +0000 cgroup/cpuset: add decrease attach_in_progress helpers There are several functions to decrease attach_in_progress, and they will wake up cpuset_attach_wq when attach_in_progress is zero. So, add a helper to make it concise. Signed-off-by: Chen Ridong Reviewed-by: Kamalesh Babulal Reviewed-by: Waiman Long Signed-off-by: Tejun Heo commit c149c4a48b19afbf0c383614e57b452d39b154de Author: Xiu Jianfeng Date: Sat Jul 13 08:59:16 2024 +0000 cgroup/cpuset: Remove cpuset_slab_spread_rotor Since the SLAB implementation was removed in v6.8, so the cpuset_slab_spread_rotor is no longer used and can be removed. Signed-off-by: Xiu Jianfeng Reviewed-by: Waiman Long Signed-off-by: Tejun Heo commit fcd5b7401dc4b25880e46769975c85091a3c2946 Author: Andy Shevchenko Date: Thu Jun 6 19:51:04 2024 +0300 ARM: omap2: Switch to use kmemdup_array() Let the kmemdup_array() take care about multiplication and possible overflows. Signed-off-by: Andy Shevchenko Reviewed-by: Aaro Koskinen Link: https://lore.kernel.org/r/20240606165104.3031737-1-andriy.shevchenko@linux.intel.com Signed-off-by: Kevin Hilman commit 67cbfa95adb7e099383e1a7d40ce97f15c74b47f Author: Dr. David Alan Gilbert Date: Sun May 5 21:22:14 2024 +0100 ARM: omap1: Remove unused struct 'dma_link_info' I think the last use of this was removed somewhere around the two: Commit 755cbfd8cf89 ("ARM: OMAP2+: Drop sdma interrupt handling for mach-omap2") and Commit 16630718ee46 ("ARM: omap1: move plat/dma.c to mach/omap-dma.c") Signed-off-by: Dr. David Alan Gilbert Acked-by: Aaro Koskinen Link: https://lore.kernel.org/r/20240505202214.623612-1-linux@treblig.org Signed-off-by: Kevin Hilman commit 22644cc0443550258f8710bd1613d483f82e8196 Author: Dominik Haller Date: Tue Jul 30 11:23:53 2024 +0200 ARM: dts: ti: omap: am335x-wega: Fix audio clock provider Bit clock and frame clock are provided by the mcasp. Change the simple card settings regarding the clock provider and the mclk-fs for usage with typical 44.1 kHz and 48 kHz sample rates. Signed-off-by: Dominik Haller Link: https://lore.kernel.org/r/20240730092353.10209-2-d.haller@phytec.de Signed-off-by: Kevin Hilman commit 65dcab697039c5d0e420cc9c4cc2fee1a4febda4 Author: Steffen Hemer Date: Tue Jul 30 11:23:52 2024 +0200 ARM: dts: ti: omap: am335x-regor: Fix RS485 settings RTS pin seems to have inverted behavior on am335x, other than expected with default "rs485-rts-active-high" (instead of low on idle, high on send, it is the opposite). Transceiver datasheet also suggests a pulldown. Add includes to pin definitions that are used. Signed-off-by: Steffen Hemer Signed-off-by: Dominik Haller Link: https://lore.kernel.org/r/20240730092353.10209-1-d.haller@phytec.de Signed-off-by: Kevin Hilman commit cf399f182c865a74a9c61c3572b628018c8fb9e0 Author: Rafał Miłecki Date: Thu May 23 06:27:50 2024 +0200 ARM: dts: omap: am335x-bone: convert NVMEM content to layout syntax Use cleaner (and non-deprecated) bindings syntax. See commit bd912c991d2e ("dt-bindings: nvmem: layouts: add fixed-layout") for details. Signed-off-by: Rafał Miłecki Link: https://lore.kernel.org/r/20240523042750.26238-1-zajec5@gmail.com Signed-off-by: Kevin Hilman commit b9bf5612610aa7e38d58fee16f489814db251c01 Author: Colin Foster Date: Fri May 31 13:38:17 2024 -0500 ARM: dts: am335x-bone-common: Increase MDIO reset deassert time Prior to commit df16c1c51d81 ("net: phy: mdio_device: Reset device only when necessary") MDIO reset deasserts were performed twice during boot. Now that the second deassert is no longer performed, device probe failures happen due to the change in timing with the following error message: SMSC LAN8710/LAN8720: probe of 4a101000.mdio:00 failed with error -5 Restore the original effective timing, which resolves the probe failures. Signed-off-by: Colin Foster Link: https://lore.kernel.org/r/20240531183817.2698445-1-colin.foster@in-advantage.com Signed-off-by: Kevin Hilman commit 32654bbd6313b4cfc82297e6634fa9725c3c900f Author: Stanislav Fomichev Date: Fri Jul 26 15:20:48 2024 -0700 xsk: Try to make xdp_umem_reg extension a bit more future-proof We recently found out that extending xsk_umem_reg might be a bit complicated due to not enforcing padding to be zero [0]. Add a couple of things to make it less error-prone: 1. Remove xdp_umem_reg_v2 since its sizeof is the same as xdp_umem_reg 2. Add BUILD_BUG_ON that checks that the size of xdp_umem_reg_v1 is less than xdp_umem_reg; presumably, when we get to v2, there is gonna be a similar line to enforce that sizeof(v2) > sizeof(v1) 3. Add BUILD_BUG_ON to make sure the last field plus its size matches the overall struct size. The intent is to demonstrate that we don't have any lingering padding. 0: https://lore.kernel.org/bpf/ZqI29QE+5JnkdPmE@boxer/T/#me03113f7c2458fd08f3c4114a7a9472ac3646c98 Reported-by: Julian Schindel Cc: Magnus Karlsson Reviewed-by: Maciej Fijalkowski Signed-off-by: Stanislav Fomichev Link: https://lore.kernel.org/r/20240726222048.1397869-1-sdf@fomichev.me Signed-off-by: Martin KaFai Lau commit d72a00a8485d1cb11ac1a57bf89b02cbd3a405bf Author: Xiu Jianfeng Date: Tue Jul 30 03:29:20 2024 +0000 cgroup/pids: Avoid spurious event notification Currently when a process in a group forks and fails due to it's parent's max restriction, all the cgroups from 'pids_forking' to root will generate event notifications but only the cgroups from 'pids_over_limit' to root will increase the counter of PIDCG_MAX. Consider this scenario: there are 4 groups A, B, C,and D, the relationships are as follows, and user is watching on C.pids.events. root->A->B->C->D When a process in D forks and fails due to B.max restriction, the user will get a spurious event notification because when he wakes up and reads C.pids.events, he will find that the content has not changed. To address this issue, only the cgroups from 'pids_over_limit' to root will have their PIDCG_MAX counters increased and event notifications generated. Fixes: 385a635cacfe ("cgroup/pids: Make event counters hierarchical") Signed-off-by: Xiu Jianfeng Signed-off-by: Tejun Heo commit 1cbe8143fd2f588031a5f157d15ae15ce12215e2 Author: Menglong Dong Date: Tue Jul 30 13:37:33 2024 +0800 bpf: kprobe: Remove unused declaring of bpf_kprobe_override After the commit 66665ad2f102 ("tracing/kprobe: bpf: Compare instruction pointer with original one"), "bpf_kprobe_override" is not used anywhere anymore, and we can remove it now. Fixes: 66665ad2f102 ("tracing/kprobe: bpf: Compare instruction pointer with original one") Signed-off-by: Menglong Dong Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240730053733.885785-1-dongml2@chinatelecom.cn commit 21c5f4f55da759c7444a1ef13e90b6e6f674eeeb Author: Tony Ambardar Date: Mon Jul 29 02:24:24 2024 -0700 selftests/bpf: Fix error compiling tc_redirect.c with musl libc Linux 5.1 implemented 64-bit time types and related syscalls to address the Y2038 problem generally across archs. Userspace handling of Y2038 varies with the libc however. While musl libc uses 64-bit time across all 32-bit and 64-bit platforms, GNU glibc uses 64-bit time on 64-bit platforms but defaults to 32-bit time on 32-bit platforms unless they "opt-in" to 64-bit time or explicitly use 64-bit syscalls and time structures. One specific area is the standard setsockopt() call, SO_TIMESTAMPNS option used for timestamping, and the related output 'struct timespec'. GNU glibc defaults as above, also exposing the SO_TIMESTAMPNS_NEW flag to explicitly use a 64-bit call and 'struct __kernel_timespec'. Since these are not exposed or needed with musl libc, their use in tc_redirect.c leads to compile errors building for mips64el/musl: tc_redirect.c: In function 'rcv_tstamp': tc_redirect.c:425:32: error: 'SO_TIMESTAMPNS_NEW' undeclared (first use in this function); did you mean 'SO_TIMESTAMPNS'? 425 | cmsg->cmsg_type == SO_TIMESTAMPNS_NEW) | ^~~~~~~~~~~~~~~~~~ | SO_TIMESTAMPNS tc_redirect.c:425:32: note: each undeclared identifier is reported only once for each function it appears in tc_redirect.c: In function 'test_inet_dtime': tc_redirect.c:491:49: error: 'SO_TIMESTAMPNS_NEW' undeclared (first use in this function); did you mean 'SO_TIMESTAMPNS'? 491 | err = setsockopt(listen_fd, SOL_SOCKET, SO_TIMESTAMPNS_NEW, | ^~~~~~~~~~~~~~~~~~ | SO_TIMESTAMPNS However, using SO_TIMESTAMPNS_NEW isn't strictly needed, nor is Y2038 being explicitly tested. The timestamp checks in tc_redirect.c are simple: the packet receive timestamp is non-zero and processed/handled in less than 5 seconds. Switch to using the standard setsockopt() call and SO_TIMESTAMPNS option to ensure compatibility across glibc and musl libc. In the worst-case, there is a 5-second window 14 years from now where tc_redirect tests may fail on 32-bit systems. However, we should reasonably expect glibc to adopt a 64-bit mandate rather than the current "opt-in" policy before the Y2038 roll-over. Fixes: ce6f6cffaeaa ("selftests/bpf: Wait for the netstamp_needed_key static key to be turned on") Fixes: c803475fd8dd ("bpf: selftests: test skb->tstamp in redirect_neigh") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/031d656c058b4e55ceae56ef49c4e1729b5090f3.1722244708.git.tony.ambardar@gmail.com commit 06eeca1217a8655975f340e0ead6a396df74a2a4 Author: Tony Ambardar Date: Mon Jul 29 02:24:23 2024 -0700 selftests/bpf: Fix using stdout, stderr as struct field names Typically stdin, stdout, stderr are treated as reserved identifiers under ISO/ANSI C and libc implementations further define these as macros, both in glibc and musl . However, while glibc defines: ... /* Standard streams. */ extern FILE *stdin; /* Standard input stream. */ extern FILE *stdout; /* Standard output stream. */ extern FILE *stderr; /* Standard error output stream. */ /* C89/C99 say they're macros. Make them happy. */ #define stdin stdin #define stdout stdout #define stderr stderr ... musl instead uses (legally): ... extern FILE *const stdin; extern FILE *const stdout; extern FILE *const stderr; #define stdin (stdin) #define stdout (stdout) #define stderr (stderr) ... The latter results in compile errors when the names are reused as fields of 'struct test_env' and elsewhere in test_progs.[ch] and reg_bounds.c. Rename the fields to stdout_saved and stderr_saved to avoid many errors seen building against musl, e.g.: In file included from test_progs.h:6, from test_progs.c:5: test_progs.c: In function 'print_test_result': test_progs.c:237:21: error: expected identifier before '(' token 237 | fprintf(env.stdout, "#%-*d %s:", TEST_NUM_WIDTH, test->test_num, test->test_name); | ^~~~~~ test_progs.c:237:9: error: too few arguments to function 'fprintf' 237 | fprintf(env.stdout, "#%-*d %s:", TEST_NUM_WIDTH, test->test_num, test->test_name); | ^~~~~~~ Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/ZqR2DuHdBXPX%2Fyx8@kodidev-ubuntu/ Link: https://lore.kernel.org/bpf/684ea17548e237f39dfb3f7a3d33450069015b21.1722244708.git.tony.ambardar@gmail.com commit c9a83e76b5a96801a2c7ea0a79ca77c356d8b38d Author: Tony Ambardar Date: Mon Jul 29 02:24:22 2024 -0700 selftests/bpf: Fix compile if backtrace support missing in libc Include GNU header only with glibc and provide weak, stubbed backtrace functions as a fallback in test_progs.c. This allows for non-GNU replacements while avoiding compile errors (e.g. with musl libc) like: test_progs.c:13:10: fatal error: execinfo.h: No such file or directory 13 | #include /* backtrace */ | ^~~~~~~~~~~~ test_progs.c: In function 'crash_handler': test_progs.c:1034:14: error: implicit declaration of function 'backtrace' [-Werror=implicit-function-declaration] 1034 | sz = backtrace(bt, ARRAY_SIZE(bt)); | ^~~~~~~~~ test_progs.c:1045:9: error: implicit declaration of function 'backtrace_symbols_fd' [-Werror=implicit-function-declaration] 1045 | backtrace_symbols_fd(bt, sz, STDERR_FILENO); | ^~~~~~~~~~~~~~~~~~~~ Fixes: 9fb156bb82a3 ("selftests/bpf: Print backtrace on SIGSEGV in test_progs") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/aa6dc8e23710cb457b278039d0081de7e7b4847d.1722244708.git.tony.ambardar@gmail.com commit 16b795cc59528cf280abc79af3c70bda42f715b9 Author: Tony Ambardar Date: Mon Jul 29 02:24:21 2024 -0700 selftests/bpf: Fix redefinition errors compiling lwt_reroute.c Compiling lwt_reroute.c with GCC 12.3 for mips64el/musl-libc yields errors: In file included from .../include/arpa/inet.h:9, from ./test_progs.h:18, from tools/testing/selftests/bpf/prog_tests/lwt_helpers.h:11, from tools/testing/selftests/bpf/prog_tests/lwt_reroute.c:52: .../include/netinet/in.h:23:8: error: redefinition of 'struct in6_addr' 23 | struct in6_addr { | ^~~~~~~~ In file included from .../include/linux/icmp.h:24, from tools/testing/selftests/bpf/prog_tests/lwt_helpers.h:9: .../include/linux/in6.h:33:8: note: originally defined here 33 | struct in6_addr { | ^~~~~~~~ .../include/netinet/in.h:34:8: error: redefinition of 'struct sockaddr_in6' 34 | struct sockaddr_in6 { | ^~~~~~~~~~~~ .../include/linux/in6.h:50:8: note: originally defined here 50 | struct sockaddr_in6 { | ^~~~~~~~~~~~ .../include/netinet/in.h:42:8: error: redefinition of 'struct ipv6_mreq' 42 | struct ipv6_mreq { | ^~~~~~~~~ .../include/linux/in6.h:60:8: note: originally defined here 60 | struct ipv6_mreq { | ^~~~~~~~~ These errors occur because is included before , bypassing the Linux uapi/libc compat mechanism's partial musl support. As described in [1] and [2], fix these errors by including in lwt_reroute.c before any uapi headers. [1]: commit c0bace798436 ("uapi libc compat: add fallback for unsupported libcs") [2]: https://git.musl-libc.org/cgit/musl/commit/?id=04983f227238 Fixes: 6c77997bc639 ("selftests/bpf: Add lwt_xmit tests for BPF_REROUTE") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/bd2908aec0755ba8b75f5dc41848b00585f5c73e.1722244708.git.tony.ambardar@gmail.com commit aa95073fd290b5b3e45f067fa22bb25e59e1ff7c Author: Tony Ambardar Date: Mon Jul 29 02:24:20 2024 -0700 selftests/bpf: Fix C++ compile error from missing _Bool type While building, bpftool makes a skeleton from test_core_extern.c, which itself includes and uses the 'bool' type. However, the skeleton test_core_extern.skel.h generated *does not* include or use the 'bool' type, instead using the C-only '_Bool' type. Compiling test_cpp.cpp with g++ 12.3 for mips64el/musl-libc then fails with error: In file included from test_cpp.cpp:9: test_core_extern.skel.h:45:17: error: '_Bool' does not name a type 45 | _Bool CONFIG_BOOL; | ^~~~~ This was likely missed previously because glibc uses a GNU extension for with C++ (#define _Bool bool), not supported by musl libc. Normally, a C fragment would include and use the 'bool' type, and thus cleanly work after import by C++. The ideal fix would be for 'bpftool gen skeleton' to output the correct type/include supporting C++, but in the meantime add a conditional define as above. Fixes: 7c8dce4b1661 ("bpftool: Make skeleton C code compilable with C++ compiler") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/6fc1dd28b8bda49e51e4f610bdc9d22f4455632d.1722244708.git.tony.ambardar@gmail.com commit cacf2a5a78cd1f5f616eae043ebc6f024104b721 Author: Tony Ambardar Date: Mon Jul 29 02:24:19 2024 -0700 selftests/bpf: Fix error compiling test_lru_map.c Although the post-increment in macro 'CPU_SET(next++, &cpuset)' seems safe, the sequencing can raise compile errors, so move the increment outside the macro. This avoids an error seen using gcc 12.3.0 for mips64el/musl-libc: In file included from test_lru_map.c:11: test_lru_map.c: In function 'sched_next_online': test_lru_map.c:129:29: error: operation on 'next' may be undefined [-Werror=sequence-point] 129 | CPU_SET(next++, &cpuset); | ^ cc1: all warnings being treated as errors Fixes: 3fbfadce6012 ("bpf: Fix test_lru_sanity5() in test_lru_map.c") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/22993dfb11ccf27925a626b32672fd3324cb76c4.1722244708.git.tony.ambardar@gmail.com commit 03bfcda1fbc37ef34aa21d2b9e09138335afc6ee Author: Tony Ambardar Date: Mon Jul 29 02:24:18 2024 -0700 selftests/bpf: Fix arg parsing in veristat, test_progs Current code parses arguments with strtok_r() using a construct like char *state = NULL; while ((next = strtok_r(state ? NULL : input, ",", &state))) { ... } where logic assumes the 'state' var can distinguish between first and subsequent strtok_r() calls, and adjusts parameters accordingly. However, 'state' is strictly internal context for strtok_r() and no such assumptions are supported in the man page. Moreover, the exact behaviour of 'state' depends on the libc implementation, making the above code fragile. Indeed, invoking "./test_progs -t " on mips64el/musl will hang, with the above code in an infinite loop. Similarly, we see strange behaviour running 'veristat' on mips64el/musl: $ ./veristat -e file,prog,verdict,insns -C two-ok add-failure Can't specify more than 9 stats Rewrite code using a counter to distinguish between strtok_r() calls. Fixes: 61ddff373ffa ("selftests/bpf: Improve by-name subtest selection logic in prog_tests") Fixes: 394169b079b5 ("selftests/bpf: add comparison mode to veristat") Fixes: c8bc5e050976 ("selftests/bpf: Add veristat tool for mass-verifying BPF object files") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/392d8bf5559f85fa37926c1494e62312ef252c3d.1722244708.git.tony.ambardar@gmail.com commit c0247800ee7da5bc067b2916cf2722f755072307 Author: Tony Ambardar Date: Mon Jul 29 02:24:17 2024 -0700 selftests/bpf: Use portable POSIX basename() Use the POSIX version of basename() to allow compilation against non-gnu libc (e.g. musl). Include ahead of to enable using functions from the latter while preferring POSIX over GNU basename(). In veristat.c, rely on strdupa() to avoid basename() altering the passed "const char" argument. This is not needed in xskxceiver.c since the arg is mutable and the program exits immediately after usage. Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/0fd3c9f3c605e6cba33504213c9df287817ade04.1722244708.git.tony.ambardar@gmail.com commit f2881dfdaaa9ec873dbd383ef5512fc31e576cbb Author: Geert Uytterhoeven Date: Mon Jul 29 11:26:34 2024 +0200 drm/xe/oa/uapi: Make bit masks unsigned When building with gcc-5: In function ‘decode_oa_format.isra.26’, inlined from ‘xe_oa_set_prop_oa_format’ at drivers/gpu/drm/xe/xe_oa.c:1664:6: ././include/linux/compiler_types.h:510:38: error: call to ‘__compiletime_assert_1336’ declared with attribute error: FIELD_GET: mask is not constant [...] ./include/linux/bitfield.h:155:3: note: in expansion of macro ‘__BF_FIELD_CHECK’ __BF_FIELD_CHECK(_mask, _reg, 0U, "FIELD_GET: "); \ ^ drivers/gpu/drm/xe/xe_oa.c:1573:18: note: in expansion of macro ‘FIELD_GET’ u32 bc_report = FIELD_GET(DRM_XE_OA_FORMAT_MASK_BC_REPORT, fmt); ^ Fixes: b6fd51c62119 ("drm/xe/oa/uapi: Define and parse OA stream properties") Signed-off-by: Geert Uytterhoeven Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240729092634.2227611-1-geert+renesas@glider.be Signed-off-by: Lucas De Marchi commit 781f0bbbdade00f91490a3f64212e8cc8d75905c Author: Zhu Jun Date: Wed Jul 24 04:11:20 2024 -0700 tools/bpf: Fix the wrong format specifier The format specifier of "unsigned int" in printf() should be "%u", not "%d". Signed-off-by: Zhu Jun Signed-off-by: Andrii Nakryiko Acked-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20240724111120.11625-1-zhujun2@cmss.chinamobile.com commit 9a2ec63ae683b35fc52e6ae707c9d301e67eb973 Author: Adam Słaboń Date: Mon Jul 29 21:38:49 2024 +0500 arm64: dts: qcom: msm8939-wingtech-wt82918: Add Lenovo Vibe K5 devices This commit introduces multiple hardware variants of Lenovo Vibe K5. - A6020a40 (msm8929-wingtech-wt82918hd) - A6020a46/A6020l36 (msm8939-wingtech-wt82918) - A6020a40 S616 H39 (msm8939-wingtech-wt82918hd) These devices are added with support for many features, notably: - Basic features like USB, mmc/sd storage, wifi, buttons, leds; - Accelerometer; - Touchscreen; - Sound and modem. Note that "HD" variant of K5 is based on msm8929 which is a lower bin of msm8939 SoC. A simple dtsi is added for this soc along with the new devices. Unfortunately, despite the heavy similarities, the combination of minor differences between variants make them incompatible between each other. Signed-off-by: Adam Słaboń [Nikita: Minor cleanup, commit message] Signed-off-by: Nikita Travkin Link: https://lore.kernel.org/r/20240729-msm89xx-wingtech-init-v3-3-32c35476f098@trvn.ru Signed-off-by: Bjorn Andersson commit d6326047576266991d88639e1e9739a9a9a20ef4 Author: Chen Ridong Date: Wed Jul 24 10:24:18 2024 +0000 cgroup/cpuset: remove child_ecpus_count The child_ecpus_count variable was previously used to update sibling cpumask when parent's effective_cpus is updated. However, it became obsolete after commit e2ffe502ba45 ("cgroup/cpuset: Add cpuset.cpus.exclusive for v2"). It should be removed. tj: Restored {} for style consistency. Signed-off-by: Chen Ridong Acked-by: Waiman Long Signed-off-by: Tejun Heo commit bc5bf7b1ec49bb2c4c3b6ba7952e973a68320d1c Author: Anton Bambura Date: Mon Jul 29 21:38:48 2024 +0500 arm64: dts: qcom: msm8916-wingtech-wt865x8: Add Lenovo A6000/A6010 Add initial device-tree for Lenovo A6000 (wt86518) and Lenovo A6010 (wt86528), which are MSM8916-based devices. These devices are quite similar, so some configuration is shared in msm8916-wingtech-wt865x8.dtsi. Lenovo A6000 (wt86518): - storage (eMMC and uSD card); - usb in peripheral mode; - touchscreen; - sensors; - WiFi/BT; - keys; - battery and charger. Lenovo A6010 (wt86528): - storage (eMMC and uSD card); - usb with extcon; - touchscreen; - sensors; - WiFi/BT; - keys; - leds; - battery; Signed-off-by: Anton Bambura Co-developed-by: Stephan Gerhold Signed-off-by: Stephan Gerhold [Nikita: minor cleanup] Signed-off-by: Nikita Travkin Link: https://lore.kernel.org/r/20240729-msm89xx-wingtech-init-v3-2-32c35476f098@trvn.ru Signed-off-by: Bjorn Andersson commit e3eaace51cb087ee3fdc463b5fd1053fe5539587 Author: Nikita Travkin Date: Mon Jul 29 21:38:47 2024 +0500 dt-bindings: arm: qcom: Add msm8916/39 based Lenovo devices Add compaitble values for some variants of Lenovo A6000/A6010/A6020 devices. These devices are based on designs from Wingtech so use it's vendor prefix and part numbers for compatibles. Reviewed-by: Krzysztof Kozlowski Signed-off-by: Nikita Travkin Link: https://lore.kernel.org/r/20240729-msm89xx-wingtech-init-v3-1-32c35476f098@trvn.ru Signed-off-by: Bjorn Andersson commit ed3c955cab3a9d5a9bce4756e4bd3390f9c23e1f Author: Alexander Reimelt Date: Sat Jul 27 20:04:50 2024 +0000 arm64: dts: qcom: msm8992-lg-h815: Initial support for LG G4 (H815) To make it easier for downstream projects and avoid duplication of work. Makes the device bootable and enables all buttons, hall sensor, eMMC and SD-Card. Signed-off-by: Alexander Reimelt Link: https://lore.kernel.org/r/20240727201413.114317-3-alexander.reimelt@posteo.de Signed-off-by: Bjorn Andersson commit d2e577267cc29841d9f316ff65494d1892fed13c Author: Alexander Reimelt Date: Sat Jul 27 20:04:49 2024 +0000 dt-bindings: arm: qcom: Add LG G4 (h815) International variant of the LG G4 from 2015. Signed-off-by: Alexander Reimelt Reviewed-by: Petr Vorel Acked-by: Rob Herring Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240727201413.114317-2-alexander.reimelt@posteo.de Signed-off-by: Bjorn Andersson commit c8faf11cd192214e231626c3ee973a35d8fc33f2 Merge: 8bb30798fd6ee7 8400291e289ee6 Author: Tejun Heo Date: Tue Jul 30 09:30:11 2024 -1000 Merge tag 'v6.11-rc1' into for-6.12 Linux 6.11-rc1 commit 9a7b0158aea7a53c8c942e8b83e16f7f30e0018c Merge: 8400291e289ee6 7f8af7bac5380f Author: Thomas Gleixner Date: Tue Jul 30 18:53:38 2024 +0200 Merge tag 'posix-timers-2024-07-29' of git://git.kernel.org/pub/scm/linux/kernel/git/frederic/linux-dynticks into timers/core Pull updates for posix timers and related signal code from Frederic Weisbecker: * Prepare posix timers selftests for upcoming changes: - Check signal behaviour sanity against SIG_IGN - Check signal behaviour sanity against timer reprogramm/deletion - Check SIGEV_NONE pending expiry read - Check interval timer read on a pending SIGNAL - Check correct overrun count after signal block/unblock * Various consolidations: - timer get/set - signal queue * Fixes: - Correctly read SIGEV_NONE timers - Forward expiry while reading expired interval timers with pending signal - Don't arm SIGEV_NONE timers * Various cleanups all over the place commit f98bdb21cfc94cb7733a5c3216e8f1dec1c06023 Author: André Apitzsch Date: Mon Jun 24 23:25:14 2024 +0200 arm64: dts: qcom: msm8939-longcheer-l9100: Add rear flash The phone has a Silergy SY7802 flash LED controller. Signed-off-by: André Apitzsch Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240624-sy7802-v5-3-7abc9d96bfa6@apitzsch.eu Signed-off-by: Bjorn Andersson commit 8663dd38a7ba5b2bfd2c7b4271e6e63bc0ef1e42 Author: Dongliang Mu Date: Tue Jul 30 13:36:40 2024 +0800 docs/zh_CN: fix a broken reference Warning: Documentation/translations/zh_CN/kbuild/index.rst references a file that doesn't exist: Documentation/kbuild/index Fix this by adding its full name. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202407300812.1VvDFdxD-lkp@intel.com/ Signed-off-by: Dongliang Mu Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240730053652.4073433-1-dzm91@hust.edu.cn commit 587c945c933364f24d132918d7703997fd1e2cd6 Author: Nícolas F. R. A. Prado Date: Thu Jun 6 17:12:04 2024 -0400 arm64: dts: mediatek: mt8195: Add SCP phandle to MDP3 DMA controller While the MDP3 DMA controller can look for the SCP node based on compatible, it's best practice to supply the MDP3 node with a phandle to the SCP since that allows supporting dual core SCP as well. Besides, relying on the compatible search causes an error to be printed, since the phandle is tried first: mtk-mdp3 14001000.dma-controller: can't get SCP node Add the missing phandle to follow the best practice and get rid of the error. Fixes: 5710462a116c ("arm64: dts: mediatek: mt8195: add MDP3 nodes") Signed-off-by: Nícolas F. R. A. Prado Link: https://lore.kernel.org/r/20240606-mt8195-dma-scp-node-err-v2-1-e14702e9d3f2@collabora.com Signed-off-by: AngeloGioacchino Del Regno commit 1b2255db3c22b0e6a53781871afe95d7cd1a69a6 Author: Benjamin Poirier Date: Wed Jul 17 16:35:21 2024 -0400 Documentation: Add detailed explanation for 'N' taint flag Every taint flag has an entry in the "More detailed explanation" section except for the 'N' flag. That omission was probably just an oversight so add an entry for that flag. Signed-off-by: Benjamin Poirier Acked-by: Luis Chamberlain Reviewed-by: David Gow Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240717203521.514348-1-bpoirier@nvidia.com commit d40981350844c2cfa437abfc80596e10ea8f1149 Author: Dongliang Mu Date: Fri Jul 19 12:13:34 2024 +0800 doc-guide: add help documentation checktransupdate.rst This commit adds help documents - doc-guide/checktransupdate.rst and zh_CN/doc-guide/checktransupdate.rst for scripts/checktransupdate.py , including English and Chinese versions Signed-off-by: Dongliang Mu Reviewed-by: Yanteng Si [jc: fixed missing title problem in the new file] Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240719041400.3909775-3-dzm91@hust.edu.cn commit 4e597323ef3d28441c792a00a1faddf71350f090 Author: Raymond Hackley Date: Tue Jul 23 13:15:09 2024 +0000 arm64: dts: qcom: msm8916-samsung-rossa: Add touchscreen Core Prime uses an Imagis IST3038 touchscreen that is connected to blsp_i2c5. Add it to the device tree. Signed-off-by: Raymond Hackley Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240723131441.1764-1-raymondhackley@protonmail.com Signed-off-by: Bjorn Andersson commit 40e9327a80362de8e8ca68f17512a3dd0f6bc4fa Author: Rajendra Nayak Date: Tue Jul 23 13:43:57 2024 +0530 arm64: dts: qcom: x1e80100: add rpmh-stats node Add a node describing the RPMh shared memory that can be used to retrieve statistics for the SoC low-power modes. Signed-off-by: Rajendra Nayak Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240723081357.1521942-1-quic_rjendra@quicinc.com Signed-off-by: Bjorn Andersson commit 0bf8dabfa3c013678962f1875239d1141466661d Author: André Apitzsch Date: Mon Jul 22 22:05:01 2024 +0200 arm64: dts: qcom: msm8916-longcheer-l8910: Add rear flash The phone has a Silergy SY7802 flash LED controller. Tested-by: Stéphane Martins Signed-off-by: André Apitzsch Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240722-x5_sy7802-v1-1-b2ffeeaf8d2d@apitzsch.eu Signed-off-by: Bjorn Andersson commit b045fcaaa8c17a702e11354cdc841a46c02b72e8 Author: Johan Hovold Date: Mon Jul 22 11:42:49 2024 +0200 arm64: dts: qcom: x1e80100-crd: enable SDX65 modem Enable PCIe5 and the SDX65 modem. Note that the modem may need to be flashed with firmware before use. Reviewed-by: Konrad Dybcio Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20240722094249.26471-9-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit 62ab23e1550820e9b54d570519ac036dd45538d4 Author: Johan Hovold Date: Mon Jul 22 11:42:48 2024 +0200 arm64: dts: qcom: x1e80100: add PCIe5 nodes Describe the fifth PCIe controller and its PHY. Note that using the GIC ITS with PCIe5 does not work currently so the ITS mapping is left unspecified for now. Reviewed-by: Konrad Dybcio Signed-off-by: Johan Hovold Link: https://lore.kernel.org/r/20240722094249.26471-8-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit 3ac5e84058a632ade7faab73b177fbb4f775bae4 Merge: dfd06c0e7ff7af 86c71c0e893d58 Author: Bjorn Andersson Date: Tue Jul 30 08:52:13 2024 -0500 Merge branch 'arm64-fixes-for-6.11' into HEAD Merge the X1E PCIe fixes from the fixes branch, to avoid merge conflicts with the addition of PCIe5 and the modem. commit d58ecc54bb09e3dfc0b43a82a6e1602a44bbebce Author: Witold Sadowski Date: Tue Jul 30 06:16:26 2024 -0700 spi: cadence: Add 64BIT Kconfig dependency xSPI block requires 64 bit operation for proper Marvell SDMA handling. Disallow bulding on targets without 64 bit support. Signed-off-by: Witold Sadowski Link: https://patch.msgid.link/20240730131627.1874257-1-wsadowski@marvell.com Signed-off-by: Mark Brown commit 225f2bd064c32397acfe3d9dfd9a2b3bc6d64fd7 Author: Breno Leitao Date: Mon Jul 29 09:40:59 2024 -0700 x86/bugs: Add a separate config for GDS Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create a new kernel config that allows GDS to be completely disabled, similarly to the "gather_data_sampling=off" or "mitigations=off" kernel command-line. Now, there are two options for GDS mitigation: * CONFIG_MITIGATION_GDS=n -> Mitigation disabled (New) * CONFIG_MITIGATION_GDS=y -> Mitigation enabled (GDS_MITIGATION_FULL) Suggested-by: Josh Poimboeuf Signed-off-by: Breno Leitao Signed-off-by: Borislav Petkov (AMD) Acked-by: Josh Poimboeuf Link: https://lore.kernel.org/r/20240729164105.554296-12-leitao@debian.org commit 03267a534bb388acdd2ee685101084d144e8384c Author: Breno Leitao Date: Mon Jul 29 09:40:58 2024 -0700 x86/bugs: Remove GDS Force Kconfig option Remove the MITIGATION_GDS_FORCE Kconfig option, which aggressively disables AVX as a mitigation for Gather Data Sampling (GDS) vulnerabilities. This option is not widely used by distros. While removing the Kconfig option, retain the runtime configuration ability through the `gather_data_sampling=force` kernel parameter. This allows users to still enable this aggressive mitigation if needed, without baking it into the kernel configuration. Simplify the kernel configuration while maintaining flexibility for runtime mitigation choices. Suggested-by: Borislav Petkov Signed-off-by: Breno Leitao Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Daniel Sneddon Link: https://lore.kernel.org/r/20240729164105.554296-11-leitao@debian.org commit b908cdab061a5ead51d5e1731ca9c1b26699a9bb Author: Breno Leitao Date: Mon Jul 29 09:40:57 2024 -0700 x86/bugs: Add a separate config for SSB Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the SSB CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Signed-off-by: Breno Leitao Signed-off-by: Borislav Petkov (AMD) Acked-by: Josh Poimboeuf Link: https://lore.kernel.org/r/20240729164105.554296-10-leitao@debian.org commit 72c70f480a70695523f984651d5da766b862c712 Author: Breno Leitao Date: Mon Jul 29 09:40:56 2024 -0700 x86/bugs: Add a separate config for Spectre V2 Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the Spectre V2 CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Signed-off-by: Breno Leitao Signed-off-by: Borislav Petkov (AMD) Acked-by: Josh Poimboeuf Link: https://lore.kernel.org/r/20240729164105.554296-9-leitao@debian.org commit a0b02e3fe3661ea20df4d13adfc94b6affdcc466 Author: Breno Leitao Date: Mon Jul 29 09:40:55 2024 -0700 x86/bugs: Add a separate config for SRBDS Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the SRBDS CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Signed-off-by: Breno Leitao Signed-off-by: Borislav Petkov (AMD) Acked-by: Josh Poimboeuf Link: https://lore.kernel.org/r/20240729164105.554296-8-leitao@debian.org commit ca01c0d8d03089f81c713aec0c63d359bc0f6796 Author: Breno Leitao Date: Mon Jul 29 09:40:54 2024 -0700 x86/bugs: Add a separate config for Spectre v1 Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the Spectre v1 CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Signed-off-by: Breno Leitao Signed-off-by: Borislav Petkov (AMD) Acked-by: Josh Poimboeuf Link: https://lore.kernel.org/r/20240729164105.554296-7-leitao@debian.org commit 894e28857c112c5a31517b3837b507f1dcbe9da5 Author: Breno Leitao Date: Mon Jul 29 09:40:53 2024 -0700 x86/bugs: Add a separate config for RETBLEED Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the RETBLEED CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Signed-off-by: Breno Leitao Signed-off-by: Borislav Petkov (AMD) Acked-by: Josh Poimboeuf Link: https://lore.kernel.org/r/20240729164105.554296-6-leitao@debian.org commit 22c406c9bf5e28d9fed0bf37ac9d544e56127fd3 Author: Kuninori Morimoto Date: Tue Jul 30 02:32:22 2024 +0000 ASoC: rsnd: use pcm_dmaengine code rsnd is implementing own DMAEngine code, but we can replace it with pcm_dmaengine code, because these are almost same. Let's use existing and stable code. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87cymvk3t5.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit 80565764c7f53b47be266c90d635285e295684dc Author: Kuninori Morimoto Date: Tue Jul 30 02:12:10 2024 +0000 ASoC: rsnd: remove rsnd_mod_confirm_ssi() under DEBUG rsnd_mod_confirm_ssi() confirms mod sanity, it should always be confirmed, not only when DEBUG. This patch tidyup it. Signed-off-by: Kuninori Morimoto Link: https://patch.msgid.link/87ed7bk4qt.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Mark Brown commit 833cf12846aa19adf9b76bc79c40747726f3c0c1 Author: Nikita Zhandarovich Date: Mon Jul 29 10:40:35 2024 -0700 drm/i915: Fix possible int overflow in skl_ddi_calculate_wrpll() On the off chance that clock value ends up being too high (by means of skl_ddi_calculate_wrpll() having been called with big enough value of crtc_state->port_clock * 1000), one possible consequence may be that the result will not be able to fit into signed int. Fix this issue by moving conversion of clock parameter from kHz to Hz into the body of skl_ddi_calculate_wrpll(), as well as casting the same parameter to u64 type while calculating the value for AFE clock. This both mitigates the overflow problem and avoids possible erroneous integer promotion mishaps. Found by Linux Verification Center (linuxtesting.org) with static analysis tool SVACE. Fixes: 82d354370189 ("drm/i915/skl: Implementation of SKL DPLL programming") Cc: stable@vger.kernel.org Signed-off-by: Nikita Zhandarovich Reviewed-by: Jani Nikula Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240729174035.25727-1-n.zhandarovich@fintech.ru commit b8fb82e4ffec3da153a6100d4cd6229fbfd3a22c Author: Jinjie Ruan Date: Mon Jul 29 19:26:06 2024 +0800 irqchip: Remove asmlinkage for handlers registered with set_handle_irq() All architectures with use set_handle_irq() to set the root chip interrupt handler call that handler from C code, so there's no need for these handlers to be marked asmlinkage. Remove asmlinkage for all handlers registered with set_handle_irq(). Suggested-by: Thomas Gleixner Signed-off-by: Jinjie Ruan Signed-off-by: Thomas Gleixner Acked-by: Mark Rutland Link: https://lore.kernel.org/all/20240729112606.1581732-1-ruanjinjie@huawei.com commit 1d07c9a3e71c97ee1bbc1f119e104bf3746c51f7 Author: Marek Behún Date: Thu Jul 11 18:09:07 2024 +0200 irqchip/armada-370-xp: Print error and return error code on initialization failure Print error and return error code on main / IPI / MSI domain initialization failure. Use WARN_ON() instead of BUG_ON(). Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240711160907.31012-11-kabel@kernel.org commit 654caa9db6649dbecdfa55ea29c9cbf4603fb402 Author: Marek Behún Date: Thu Jul 11 18:09:06 2024 +0200 irqchip/armada-370-xp: Refactor initial memory regions mapping Refactor the initial memory regions mapping: - put into its own function - return error numbers on failure - use WARN_ON() instead of BUG_ON() Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240711160907.31012-10-kabel@kernel.org commit 625f0582f05d1f496ecd598323df1c8bfcdcbd6f Author: Marek Behún Date: Thu Jul 11 18:09:05 2024 +0200 irqchip/armada-370-xp: Use u32 type instead of unsigned long where possieble For consistency across the driver, use the u32 type instead of unsigned long for holding register values and return value of cpu_logical_map(). One exception is when the variable is referenced for passing into for_each_set_bit(), in which case it has to be unsigned long. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240711160907.31012-9-kabel@kernel.org commit ac0ae59db6f521223b477677d2ff51e26815b114 Author: Marek Behún Date: Thu Jul 11 18:09:04 2024 +0200 irqchip/armada-370-xp: Rename variable for consistency Rename the variable holding the cause register to "cause" in mpic_handle_cascade_irq(). Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240711160907.31012-8-kabel@kernel.org commit 081b64cc872707f80a23e41f0ab12852716551b2 Author: Marek Behún Date: Thu Jul 11 18:09:03 2024 +0200 irqchip/armada-370-xp: Drop redundant continue Drop redundant continue from mpic_handle_irq(). Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240711160907.31012-7-kabel@kernel.org commit 15a50eeaadc169243b00ec90087f689a8a28848e Author: Marek Behún Date: Thu Jul 11 18:09:01 2024 +0200 irqchip/armada-370-xp: Simplify mpic_reenable_percpu() and mpic_resume() Refactor the mpic_reenable_percpu() and mpic_resume() functions to make them a little bit simpler. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240711160907.31012-5-kabel@kernel.org commit 0d4b1fcd378ea61ff76bedf0d484eac69c028c57 Author: Marek Behún Date: Thu Jul 11 18:09:00 2024 +0200 irqchip/armada-370-xp: Use consistent name for struct irq_data variables Always use variable name "d" for struct irq_data *, for consistency. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240711160907.31012-4-kabel@kernel.org commit a5d32b7475fffe2506fa374b1d6b4a74fa13020c Author: Marek Behún Date: Thu Jul 11 18:08:59 2024 +0200 irqchip/armada-370-xp: Use consistent types when iterating interrupts When iterating, use either the irq_hw_number_t type or the unsigned int type for the iterator variable, depending on whether the variable represents HW IRQ number or whether it is added to a IRQ number. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240711160907.31012-3-kabel@kernel.org commit 66fc31034f96cbdef7687b1c55d600367e70287e Author: Marek Behún Date: Thu Jul 11 18:08:58 2024 +0200 irqchip/armada-370-xp: Use consistent variable names for hwirqs Use consistent variable names for hwirqs: when iterating, use "i", otherwise use "hwirq". Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Link: https://lore.kernel.org/all/20240711160907.31012-2-kabel@kernel.org commit baf01c726b7f99b72f2abfa54e249d766cbd59a5 Author: Marek Behún Date: Thu Jul 11 13:57:48 2024 +0200 irqchip/armada-370-xp: Refactor handling IPI interrupts Refactor the handling of IPI interrupts - put into own function mpic_handle_ipi_irq(), similar to mpic_handle_msi_irq() - rename the variable holding the doorbell cause register to "cause" - retype and rename the variable holding the IPI HW IRQ number to "irq_hw_number_t i" Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240711115748.30268-11-kabel@kernel.org commit 63697bc7199ee2bacc8324b59951046a7b3ea991 Author: Marek Behún Date: Thu Jul 11 13:57:47 2024 +0200 irqchip/armada-370-xp: Refactor mpic_handle_msi_irq() code Refactor the mpic_handle_msi_irq() function to make it simpler: - drop the function arguments, they are not needed - rename the variable holding the doorbell cause register to "cause" - rename the iterating variable to "i" - use for_each_set_bit() (requires retyping "cause" to unsigned long) Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240711115748.30268-10-kabel@kernel.org commit 92128c74e41868e42e6944f83d9d2130c9aa8a22 Author: Marek Behún Date: Thu Jul 11 13:57:46 2024 +0200 irqchip/armada-370-xp: Use FIELD_GET() and named register constant Use FIELD_GET() and named register mask constant when reading the number of supported interrupts / current interrupt. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240711115748.30268-9-kabel@kernel.org commit 5ecafc9a640f7c1e5690375cf3a82848d669abb9 Author: Marek Behún Date: Thu Jul 11 13:57:45 2024 +0200 irqchip/armada-370-xp: Don't read number of supported interrupts multiple times Use mpic_domain::hwirq_max at runtime instead of reading the same value over and over from the MPIC_INT_CONTROL register. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240711115748.30268-8-kabel@kernel.org commit f63f54a2b8ff0815788d0c73cbbd5a96a3d467eb Author: Marek Behún Date: Thu Jul 11 13:57:44 2024 +0200 irqchip/armada-370-xp: Change symbol prefixes to mpic Change symbol prefixes from armada_370_xp_ or others to mpic_. The rationale is that it is shorter and more generic (this controller is called MPIC and is also used on Armada 38x and 39x). Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240711115748.30268-7-kabel@kernel.org commit 5302e767ebfc1c297bf76f6ef65888249b831a73 Author: Marek Behún Date: Thu Jul 11 13:57:43 2024 +0200 irqchip/armada-370-xp: Improve indentation Add some blank lines and other indentation improvements. Checkpatch now stops complaining. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240711115748.30268-6-kabel@kernel.org commit 0381be072f301088637ab6b01f2c8f0e5745e0e5 Author: Marek Behún Date: Thu Jul 11 13:57:42 2024 +0200 irqchip/armada-370-xp: Simplify ipi_resume() code Refactor the ipi_resume() function to drop one indentation level. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240711115748.30268-5-kabel@kernel.org commit 88d49ee30ca52ba9a0dd593860a1323426791710 Author: Marek Behún Date: Thu Jul 11 13:57:41 2024 +0200 irqchip/armada-370-xp: Use !virq instead of virq == 0 in condition Use !virq instead of virq == 0 when checking for availability of the virq. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240711115748.30268-4-kabel@kernel.org commit e4cd7c553a00e2904689cac543e314b1962c6a8e Author: Marek Behún Date: Thu Jul 11 13:57:40 2024 +0200 irqchip/armada-370-xp: Use unsigned int type for virqs The return type of irq_find_mapping() and irq_linear_revmap() is unsigned int. Use the unsigned int type for the variables storing the return value. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240711115748.30268-3-kabel@kernel.org commit 55689986d7eaed09b6569b1e06b29044cd3cb590 Author: Marek Behún Date: Thu Jul 11 13:57:39 2024 +0200 irqchip/armada-370-xp: Rename variable for consistency Rename the irq variable to virq in the ipi_resume() function for consistency with the rest of the code. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240711115748.30268-2-kabel@kernel.org commit 644799f920c906666b5393c33dcf3008ace1ef6b Author: Marek Behún Date: Mon Jul 8 17:18:01 2024 +0200 irqchip/armada-370-xp: Declare iterators in for loop Where possible, declare iterators in for cycle. This is possible since kernel uses -std=gnu11. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Link: https://lore.kernel.org/all/20240708151801.11592-11-kabel@kernel.org commit 045c4bb864489fda99309dfa902346570d576a39 Author: Marek Behún Date: Mon Jul 8 17:18:00 2024 +0200 irqchip/armada-370-xp: Change to SPDX license identifier Change the license identifier to SPDX style. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Link: https://lore.kernel.org/all/20240708151801.11592-10-kabel@kernel.org commit ccef3a991b7c972cccce4aee8e62f70e3a706e78 Author: Marek Behún Date: Mon Jul 8 17:17:59 2024 +0200 irqchip/armada-370-xp: Simplify is_percpu_irq() code Simplify the code in the is_percpu_irq() function. Instead of if (condition) return true; return false; simply return condition. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240708151801.11592-9-kabel@kernel.org commit 0cbbf7c15d197ac370387c08d900abe142153cd3 Author: Marek Behún Date: Mon Jul 8 17:17:58 2024 +0200 irqchip/armada-370-xp: Use correct type for cpu variable Use unsigned int instead of int for variable storing the cpu number. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Link: https://lore.kernel.org/all/20240708151801.11592-8-kabel@kernel.org commit e812dd60b6cca3211e7d83528c8bf077a51730b4 Author: Marek Behún Date: Mon Jul 8 17:17:57 2024 +0200 irqchip/armada-370-xp: Change register constants prefix to MPIC_ Change the long ARMADA_370_XP_ prefix in register constants (ARMADA_375_ in one case) to MPIC_. The rationale is that it is shorter and more generic (this controller is called MPIC and is also used on Armada 38x and 39x). Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Link: https://lore.kernel.org/all/20240708151801.11592-7-kabel@kernel.org commit 9236717b97e3f5f0a5c77e40a85b8355b6025311 Author: Marek Behún Date: Mon Jul 8 17:17:56 2024 +0200 irqchip/armada-370-xp: Cosmetic fix parentheses in register constant definitions Drop parentheses where not needed and add them where it makes sense in register constant definitions. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240708151801.11592-6-kabel@kernel.org commit 2613b94d2dc5fc6b80ea8175ac3dbf579e6e1bac Author: Marek Behún Date: Mon Jul 8 17:17:55 2024 +0200 irqchip/armada-370-xp: Use BIT() and GENMASK() macros Use the BIT() and GENMASK() macros where appropriate. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Link: https://lore.kernel.org/all/20240708151801.11592-5-kabel@kernel.org commit f04ef167b350722f1623308c085c3ce119894035 Author: Marek Behún Date: Mon Jul 8 17:17:54 2024 +0200 irqchip/armada-370-xp: Change spaces to tabs Change spaces to tabs in register constants definitions. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240708151801.11592-4-kabel@kernel.org commit 9fa3e59a003bb82977ade5011ca6255f5ec83c5d Author: Marek Behún Date: Mon Jul 8 17:17:53 2024 +0200 irqchip/armada-370-xp: Change register constant suffix from _MSK to _MASK There is one occurrence of suffix _MSK in register constants, others have _MASK instead. Change the one to _MASK for consistency. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Andrew Lunn Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240708151801.11592-3-kabel@kernel.org commit 5e389e9868878c8aeb3ed60789eb62242506c9f8 Author: Marek Behún Date: Mon Jul 8 17:17:52 2024 +0200 irqchip/armada-370-xp: Drop _OFFS suffix from some register constants Some register constants have the _OFFS suffix and some do not. Drop it to be more consistent. Signed-off-by: Marek Behún Signed-off-by: Thomas Gleixner Reviewed-by: Ilpo Järvinen Link: https://lore.kernel.org/all/20240708151801.11592-2-kabel@kernel.org commit 2000ddac9b5ce5102ab1b194a1cf91e8af3017d5 Author: Thomas Zimmermann Date: Wed Jul 17 16:24:20 2024 +0200 drm/ast: astdp: Clean up EDID reading Simplify ast_astdp_read_edid(). Rename register constants. Drop unnecessary error handling. On success, the helper returns 0; an error code otherwise. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240717143319.104012-6-tzimmermann@suse.de commit 2281475168d2ab3fbd763c2fd762f99a411fa1b6 Author: Thomas Zimmermann Date: Wed Jul 17 16:24:19 2024 +0200 drm/ast: astdp: Perform link training during atomic_enable The place for link training is in the encoder's atomic_enable helper. Remove all related tests from other helper ASTDP functions; especially ast_astdp_is_connected(), which tests HPD status. DP link training is controlled by the firmware. A status flag reports success or failure. The process can be fragile on Aspeed hardware. Moving the test from connector detection to the atomic_enable allows for several retries and a longer timeout. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240717143319.104012-5-tzimmermann@suse.de commit cbacb1b74400299edea7e9bcd58bbc7c40dad8c1 Author: Thomas Zimmermann Date: Wed Jul 17 16:24:18 2024 +0200 drm/ast: astdp: Only test HDP state in ast_astdp_is_connected() The overall control flow of the driver ensures that it never reads EDID or sets display state on unconnected outputs. Therefore remove all tests for Hot Plug Detection from these helpers. Also rename the register constants. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240717143319.104012-4-tzimmermann@suse.de commit c91d75a3c6a2567e8c6b44f7337b6955596ffb86 Author: Thomas Zimmermann Date: Wed Jul 17 16:24:17 2024 +0200 drm/ast: astdp: Test firmware status once during probing Test for running ASTDP firmware during probe. Do not bother testing this later. We cannot do much anyway if the firmware fails. Do not initialize the ASTDP conenctor if the test fails during device probing. Signed-off-by: Thomas Zimmermann Reported-by: Shixiong Ou Tested-by: Shixiong Ou Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240717143319.104012-3-tzimmermann@suse.de commit 98ef7cef1b3a5d73b5023c8661534768810dd941 Author: Chen-Yu Tsai Date: Tue Jun 25 17:57:04 2024 +0800 arm64: dts: mediatek: mt8183-kukui-jacuzzi: Simplify DSI endpoint replacement Currently the Jacuzzi dtsi file redeclares the full DSI endpoint tree from the DSI controller just to replace the remote endpoint. This is not necessary since the local endpoint already has a label that can be referenced. This will also confusion when the inherited layout is changed. Replace the redeclared DSI endpoint tree with a label reference. Signed-off-by: Chen-Yu Tsai Link: https://lore.kernel.org/r/20240625095705.3474713-1-wenst@chromium.org Signed-off-by: AngeloGioacchino Del Regno commit 73d7cd542bbd0a7c6881ea0df5255f190a1e7236 Author: Suraj Kandpal Date: Tue Jul 30 09:25:05 2024 +0530 drm/i915/hdcp: Fix HDCP2_STREAM_STATUS macro Fix HDCP2_STREAM_STATUS macro, it called pipe instead of port never threw a compile error as no one used it. --v2 -Add Fixes [Jani] Fixes: d631b984cc90 ("drm/i915/hdcp: Add HDCP 2.2 stream register") Signed-off-by: Suraj Kandpal Reviewed-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240730035505.3759899-1-suraj.kandpal@intel.com commit eb53e5b933b9ff315087305b3dc931af3067d19c Author: Mitul Golani Date: Tue Jul 30 09:39:40 2024 +0530 drm/i915/display/dp: Compute AS SDP when vrr is also enabled AS SDP should be computed when VRR timing generator is also enabled. Correct the compute condition to compute params of Adaptive sync SDP when VRR timing genrator is enabled along with sink support indication. --v2: Modify if condition (Jani). Fixes: b2013783c445 ("drm/i915/display: Cache adpative sync caps to use it later") Cc: Mitul Golani Cc: Arun R Murthy Cc: Jani Nikula Cc: intel-gfx@lists.freedesktop.org Cc: intel-xe@lists.freedesktop.org Signed-off-by: Mitul Golani Reviewed-by: Ankit Nautiyal Signed-off-by: Ankit Nautiyal (added prefix drm in subject) Link: https://patchwork.freedesktop.org/patch/msgid/20240730040941.396862-1-mitulkumar.ajitkumar.golani@intel.com commit 3a4ee4ff819b2bd09f1eca4a90846f2be449bd51 Author: Breno Leitao Date: Mon Jul 29 09:40:52 2024 -0700 x86/bugs: Add a separate config for L1TF Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the L1TF CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Signed-off-by: Breno Leitao Signed-off-by: Borislav Petkov (AMD) Acked-by: Josh Poimboeuf Link: https://lore.kernel.org/r/20240729164105.554296-5-leitao@debian.org commit 4c03a44e266887190bdaacc7010970ae2b26b852 Author: Nícolas F. R. A. Prado Date: Mon Jul 22 11:34:25 2024 -0400 arm64: dts: mediatek: mt8195-cherry: Remove keyboard-backlight node Commit 970c3a6b7aa3 ("mfd: cros_ec: Register keyboard backlight subdevice") introduced support for detecting keyboard backlight fuctionality through communication with the ChromeOS EC. This means that the DT node is no longer used. Remove the unneeded node. Tested-by: Chen-Yu Tsai Reviewed-by: Chen-Yu Tsai Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Nícolas F. R. A. Prado Link: https://lore.kernel.org/r/20240722-cros-backlight-dt-probe-v2-1-d77cdf7018ec@collabora.com Signed-off-by: AngeloGioacchino Del Regno commit d92fd0cc01b31d59a0e95f44e3f08921fd74fb87 Author: Nícolas F. R. A. Prado Date: Fri May 31 17:51:09 2024 -0400 arm64: dts: mediatek: cherry: Specify pull resistance for RSEL GPIOs GPIOs 34 and 35 on MT8195 are of type MTK_PULL_PU_PD_RSEL_TYPE, meaning not only can they be configured as pull-up or pull-down, but the pull resistance can also be configured. The current bias setting however doesn't specify a resistance value, resulting on the following errors: mt8195-pinctrl 10005000.pinctrl: Not support rsel value 1 Ohm for pin = 34 (GPIO34) mt8195-pinctrl 10005000.pinctrl: Not support rsel value 1 Ohm for pin = 35 (GPIO35) Specify the pull resistance for those GPIOs to fix the errors. Fixes: 5bf7dabe40f2 ("arm64: dts: mediatek: cherry: Document gpios and add default pin config") Signed-off-by: Nícolas F. R. A. Prado Link: https://lore.kernel.org/r/20240531-tomato-rsel-gpio34-35-fix-v1-1-64ab2545f182@collabora.com Signed-off-by: AngeloGioacchino Del Regno commit b0a4ce81f327eae06c1088f1a437edc48a94a3e8 Author: AngeloGioacchino Del Regno Date: Tue Jun 4 14:30:08 2024 +0200 arm64: dts: mediatek: Add ADC node on MT6357, MT6358, MT6359 PMICs Add support for the ADC on MT6357/8/9 and keep it default enabled as this IP is always present on those PMICs. Users may use different IIO channels depending on board-specific routing. Link: https://lore.kernel.org/r/20240604123008.327424-6-angelogioacchino.delregno@collabora.com Signed-off-by: AngeloGioacchino Del Regno commit 2317d018b835842df0501d8f9e9efa843068a101 Author: AngeloGioacchino Del Regno Date: Thu Jul 25 09:22:43 2024 +0200 arm64: dts: mediatek: mt8186: Fix supported-hw mask for GPU OPPs The speedbin eFuse reads a value 'x' from 0 to 7 and, in order to make that compatible with opp-supported-hw, it gets post processed as BIT(x). Change all of the 0x30 supported-hw to 0x20 to avoid getting duplicate OPPs for speedbin 4, and also change all of the 0x8 to 0xcf because speedbins different from 4 and 5 do support 900MHz, 950MHz, 1000MHz with the higher voltage of 850mV, 900mV, 950mV respectively. Fixes: f38ea593ad0d ("arm64: dts: mediatek: mt8186: Wire up GPU voltage/frequency scaling") Link: https://lore.kernel.org/r/20240725072243.173104-1-angelogioacchino.delregno@collabora.com Signed-off-by: AngeloGioacchino Del Regno commit d1e5d531d20b085bb83d9ab1868ed99fdeb0cc42 Author: AngeloGioacchino Del Regno Date: Mon Jul 29 14:25:38 2024 +0200 soc: mediatek: mtk-mutex: Reduce type size for mtk_mutex_data members All of mutex_mod and mutex_table_mod contain an array of bit numbers, which can go from 0 to 63, it is hence not needed to use an unsigned 32-bits integer to store that: change them to unsigned 8-bits instead. As for the mutex_sof table since this directly contains the values to write to the DISP_MUTEXn_CTL register, which has only bits [13:0] (so this register is effectively 14 bits long), change that to use unsigned 16-bits. The type of mutex_{mod,sof}_reg was also changed to 16 bits, as the maximum value that those will ever have is 0x800, because it calculates as 0x30 + (0x20 * n) where n's maximum value is 63. This reduces module size and brings no functional changes. Before: text data bss dec hex filename 9929 512 0 10441 28c9 mtk-mutex.o After: text data bss dec hex filename 7425 512 0 7937 1f01 mtk-mutex.o Link: https://lore.kernel.org/r/20240729122538.989855-1-angelogioacchino.delregno@collabora.com Signed-off-by: AngeloGioacchino Del Regno commit 1c28c9452d521bf21dc5d2c50a47c2e43002728d Author: Christophe JAILLET Date: Sun Jul 7 07:47:22 2024 +0200 soc: mediatek: pwrap: Use devm_clk_bulk_get_all_enable() Use devm_clk_bulk_get_all_enable() to simplify the code and to make sure that clk_disable_unprepare() is called if the driver is unloaded. Fixes: 55924157da8c ("soc: mediatek: pwrap: add support for sys & tmr clocks") Fixes: 1f022d84bd19 ("soc: mediatek: Add PMIC wrapper for MT8135 and MT8173 SoCs") Suggested-by: AngeloGioacchino Del Regno Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/5b1114c538dd5230728592855f89942aec8ef83b.1720331018.git.christophe.jaillet@wanadoo.fr Signed-off-by: AngeloGioacchino Del Regno commit 10c1ea1eaf4d107c323321e92237ba67848de291 Author: Christophe JAILLET Date: Sun Jul 7 07:47:21 2024 +0200 soc: mediatek: pwrap: Constify some struct int[] These arrays are not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 45528 8532 16 54076 d33c drivers/soc/mediatek/mtk-pmic-wrap.o After: ===== text data bss dec hex filename 52664 1384 16 54064 d330 drivers/soc/mediatek/mtk-pmic-wrap.o Signed-off-by: Christophe JAILLET Reviewed-by: AngeloGioacchino Del Regno Link: https://lore.kernel.org/r/f1fea00fbaa0fea298bf67732e019f9cc5c407ab.1720331018.git.christophe.jaillet@wanadoo.fr Signed-off-by: AngeloGioacchino Del Regno commit ded525f8ac5db53286b0eabb679ecf7edb974eaa Author: Christophe JAILLET Date: Sun Jul 7 07:47:20 2024 +0200 soc: mediatek: pwrap: Constify struct pmic_wrapper_type 'struct pmic_wrapper_type' is not modified in this driver. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig: Before: ====== text data bss dec hex filename 45336 8724 16 54076 d33c drivers/soc/mediatek/mtk-pmic-wrap.o After: ===== text data bss dec hex filename 45528 8532 16 54076 d33c drivers/soc/mediatek/mtk-pmic-wrap.o Signed-off-by: Christophe JAILLET Reviewed-by: AngeloGioacchino Del Regno Link: https://lore.kernel.org/r/5b4b60c5dfd6d8fe893b05cfc96c0e2d67705463.1720331018.git.christophe.jaillet@wanadoo.fr Signed-off-by: AngeloGioacchino Del Regno commit 163f9fe6b625c5f5c4d5b05265b194388182454b Author: Breno Leitao Date: Mon Jul 29 09:40:51 2024 -0700 x86/bugs: Add a separate config for MMIO Stable Data Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the MMIO Stale data CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Signed-off-by: Breno Leitao Signed-off-by: Borislav Petkov (AMD) Acked-by: Josh Poimboeuf Link: https://lore.kernel.org/r/20240729164105.554296-4-leitao@debian.org commit 9f766e8f5c2366d7237735a826084569b5705cf4 Author: Oliver Rhodes Date: Thu Jul 25 11:05:32 2024 +0100 dt-bindings: reset: renesas: Document RZ/G2M v3.0 (r8a774a3) reset module Document bindings for the Renesas RZ/G2M v3.0 (a.k.a r8a774a3) reset module. Signed-off-by: Oliver Rhodes Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240725100534.5374-5-oliver.rhodes.aj@renesas.com Signed-off-by: Geert Uytterhoeven commit 93d46d465f7dfbcf55096821565f04402088b09d Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:35 2024 +0200 clk: renesas: rcar-gen4: Remove unused default PLL2/3/4/6 configs The default PLL2/3/4/6 multiplier and divider configurations are no longer used after the conversion to fixed or variable fractional PLL clock types. Note that the default configurations are still documented in the comments above the individual rcar_gen4_cpg_pll_config instances. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/d13526a86066992d6afdf9bee7c1a18da72f914f.1721648548.git.geert+renesas@glider.be commit f7444f0fde1f51229c5a4c796730b5caaae0bb6d Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:34 2024 +0200 clk: renesas: rcar-gen4: Remove unused fixed PLL clock types All users of the fixed default PLL2/3/4/6 clock types have been converted to fixed or variable fractional PLL clock types. Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/c0229eb3518444f61173c6fb83bdcedb058dd079.1721648548.git.geert+renesas@glider.be commit ccdf745bd10f0682bfd87ba5612fabdf57ff1d5b Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:33 2024 +0200 clk: renesas: rcar-gen4: Remove unused variable PLL2 clock type The variable PLL2 clock type was superseded by the more generic variable fractional 8.25 PLL clock type, and its sole user was converted. Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/8e5564958002351f29435f63de1304fb3b51a725.1721648548.git.geert+renesas@glider.be commit 2cf316b4c54e8411c91a901a11a3d78db7fd10b7 Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:32 2024 +0200 clk: renesas: r8a779h0: Model PLL1/2/3/4/6 as fractional PLLs Currently, all PLLs are modelled as fixed divider clocks, based on the state of the mode pins. However, the boot loader stack may have changed the actual PLL configuration from the default, leading to incorrect clock frequencies. Describe PLL1 as a fixed fractional PLL instead, and PLL2, PLL3, PLL4, and PLL6 as variable fractional PLLs. Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/3beac7c44534ed153ce7cea5c31f4b0bb7b16ab0.1721648548.git.geert+renesas@glider.be commit e1924c6cd148f49b3e3c7085906272b966163bc4 Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:31 2024 +0200 clk: renesas: r8a779g0: Model PLL1/3/4/6 as fractional PLLs Currently, all PLLs but PLL2 are modelled as fixed divider clocks, based on the state of the mode pins. However, the boot loader stack may have changed the actual PLL configuration from the default, leading to incorrect clock frequencies. Describe PLL1 as a fixed fractional PLL instead, and PLL2, PLL3, PLL4, and PLL6 as variable fractional PLLs. Reformat nearby lines to retain a consistent layout. Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/b98523ed08de7386944c5ae860eae107dc28be3e.1721648548.git.geert+renesas@glider.be commit e4915fc7ded539cc9197fe35da25003cd66533db Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:30 2024 +0200 clk: renesas: r8a779f0: Model PLL1/2/3/6 as fractional PLLs Currently, all PLLs are modelled as fixed divider clocks, based on the state of the mode pins. However, the boot loader stack may have changed the actual PLL configuration from the default, leading to incorrect clock frequencies. Describe PLL1 as a fixed fractional PLL instead, and PLL2, PLL3, and PLL6 as variable fractional PLLs. Note that the R-Car Gen4 clock driver does not support variable 9.24 PLLs yet, so the driver will downgrade them to fixed fractional PLLs, too. Reformat nearby lines to retain a consistent layout. Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/8544571f507e00ed6fc61617d27c9e19de5e9d11.1721648548.git.geert+renesas@glider.be commit 4c63e9a13560fef7fd42b45f58687b400b958e3c Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:29 2024 +0200 clk: renesas: r8a779a0: Use defines for PLL control registers Add symbolic definitions for the various PLL control registers. Replace hardcoded register offsets by the new definitions. Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/8cac464c7dfb15ecd299b8ab4ba88a16135f8123.1721648548.git.geert+renesas@glider.be commit 732a6108ef5eb5fe6b961295d91d80991d724c06 Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:28 2024 +0200 clk: renesas: rcar-gen4: Add support for fractional 9.24 PLLs The custom clock driver that models the PLL clocks on R-Car Gen4 supports only fractional 8.25 PLLs, as used on R-Car V4H/V4M. R-Car S4-8 uses integer and fractional multiplication fields that are one bit larger resp. smaller, and a slightly different formula. Extend the existing support to fractional 9.24 PLL, and introduce new clock types and helper macros to describe these PLLs. Note that there is no use case for variable fractional 9.24 PLLs yet, as the Cortex-A55 cores on R-Car S4-8 do not support High Performance mode. Hence the PLL is always modeled as a fixed PLL, regardless of the description, Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/5684eda1260435c8eceabc274e0b18cb280a6341.1721648548.git.geert+renesas@glider.be commit 3284ffb74c75cde0fbad41ab4a7736f56d570bd7 Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:27 2024 +0200 clk: renesas: rcar-gen4: Add support for fixed variable PLLs The custom clock driver that models PLL clocks on R-Car Gen4 supports variable clocks, while PLL1 uses a similar control register layout, but is read-only. Extend the existing support to fixed clocks and PLL1, and introduce a new clock type and helper macro to describe a fixed PLL. Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/841fbb63d472c357b3ce291a5991db3b847f96d8.1721648548.git.geert+renesas@glider.be commit 724620bd711364f352d13563d48ade7b5c5ea297 Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:26 2024 +0200 clk: renesas: rcar-gen4: Add support for variable fractional PLLs The custom clock driver that models PLL clocks on R-Car Gen4 supports PLL2 on R-Car V4H/V4M only, while PLL3, PLL4, and PLL6 use the same control register layout. Extend the existing support to PLL3, PLL4, and PLL6, and introduce a new clock type and helper macro to describe these PLLs. Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/84ead759782560ec5643711e6bdd787a751053ce.1721648548.git.geert+renesas@glider.be commit 1b131e08e7f2b2271a32361bb0ae466d6cc50fbd Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:25 2024 +0200 clk: renesas: rcar-gen4: Add support for fractional multiplication R-Car Gen4 PLLs support fractional multiplication, which can improve accuracy when configuring a specific frequency. Add support for fractional multiplication to the custom clock driver for PLLs, which is currently used only for PLL2 on R-Car V4H. While at it, add the missing blank line after the function. Note that Fractional Multiplication is not enabled by the driver, but used only if the boot loaded enabled it before. Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/1a58ebef6f54460f49fb81ba9bbf288164de2646.1721648548.git.geert+renesas@glider.be commit dd82ab4fdf402461fb768e31f687c7b8ec4eb91f Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:24 2024 +0200 clk: renesas: rcar-gen4: Use defines for common CPG registers Add symbolic definitions for common CPG registers. Replace hardcoded register offsets by the new definitions. Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/8ae48a5dac59cb5723fbca3842b93a9e51ffe1ca.1721648548.git.geert+renesas@glider.be commit f719e598439db26f63293ae5992e654ca110af1f Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:23 2024 +0200 clk: renesas: rcar-gen4: Use FIELD_GET() Improve readability by using the FIELD_GET() helper instead of open-coding the same operation, and by adding field definitions to get rid of hardcoded values. While at it, move register definitions that are only used inside the rcar-gen4-cpg.c source file out of the rcar-gen4-cpg.h header file. Add a "CPG_" prefix to SD0CKCR1. Add comments where appropriate. Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/fb19ad829738f02effa340fa04c178a162d41202.1721648548.git.geert+renesas@glider.be commit 9edc5c209d3e192baed2230af90591a6dad51607 Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:22 2024 +0200 clk: renesas: rcar-gen4: Clarify custom PLL clock support The custom clock driver that models the PLL clocks on R-Car Gen4 assumes the integer and fractional[*] multiplication field sizes as used on R-Car V4H and V4M, representing a fractional 8.25 number. Rename the related definitions, functions, and structures to clarify this, and to prepare for the advent of support for the different field sizes on R-Car S4-8. [*] The fractional part is not yet supported. Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/2ce9f9c75bfb6312129d416672f9691bbd11c0e7.1721648548.git.geert+renesas@glider.be commit 4897930debb4abb98317b4a18c4f20bad1f71b9f Author: Geert Uytterhoeven Date: Mon Jul 22 13:50:21 2024 +0200 clk: renesas: rcar-gen4: Removed unused SSMODE_* definitions All SSMODE operations are done using CPG_PLLxCR0_SSMODE*. Signed-off-by: Geert Uytterhoeven Reviewed-by: Yoshihiro Shimoda Link: https://lore.kernel.org/19f84bfec94eab5f301a9c33563c285ab59b9b2a.1721648548.git.geert+renesas@glider.be commit 354e5cf4f6ed8c25b3dbdffa14c1afaea21452c5 Author: Lad Prabhakar Date: Mon Jul 15 11:35:55 2024 +0100 clk: renesas: rzg2l-cpg: Refactor to use priv for clks and base in clock register functions Simplify the `rzg2l-cpg` driver by removing explicit passing of `clks` and `base` parameters in various clock registration functions. These values are now accessed directly from the `priv` structure. While at it, drop masking of parent clocks with 0xffff as nothing is ever stored in the high bits. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240715103555.507767-3-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 019b5ecc03aef7a596941712391b776143c377d7 Author: Lad Prabhakar Date: Mon Jul 15 11:35:54 2024 +0100 clk: renesas: rzg2l-cpg: Use devres API to register clocks We are using devres APIs for divider, mux and pll5 clocks so for consistency use the devres APIs for module, fixed factor and PLL clocks. While at it switched to clk_hw_register() instead of clk_register() as this has been marked as deprecated interface. Signed-off-by: Lad Prabhakar Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240715103555.507767-2-prabhakar.mahadev-lad.rj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 588d55aba025eeeb9c905401e636a7efc1c54730 Author: Geert Uytterhoeven Date: Fri Jul 12 16:26:46 2024 +0200 clk: renesas: r8a779h0: Initial clock descriptions should be __initconst r8a779h0_core_clks[], r8a779h0_mod_clks[], and cpg_pll_configs[] are only used during initialization. Hence make them __initconst, so they will be freed later. Fixes: f077cab34df3010d ("clk: renesas: cpg-mssr: Add support for R-Car V4M") Signed-off-by: Geert Uytterhoeven Reviewed-by: Niklas Söderlund Link: https://lore.kernel.org/35bbcfb914ddb377fa77e3425e4e7e232c7c2cf9.1720794214.git.geert+renesas@glider.be commit 898b5bc482b4db4dad8c4cc95f235fb7b88c8e35 Author: Geert Uytterhoeven Date: Fri Jul 12 16:26:45 2024 +0200 clk: renesas: r8a779g0: cpg_pll_configs should be __initconst cpg_pll_configs[] is only used during initialization. Hence make it __initconst, so it will be freed later. Fixes: 0ab55cf1834177a2 ("clk: renesas: cpg-mssr: Add support for R-Car V4H") Signed-off-by: Geert Uytterhoeven Reviewed-by: Niklas Söderlund Link: https://lore.kernel.org/ea806a096d47382f4f560b20f1038f03b4e44e0e.1720794214.git.geert+renesas@glider.be commit 7d5c73d960a94e8c5b5c6eab569c5c8e57709013 Author: Geert Uytterhoeven Date: Fri Jul 12 16:26:44 2024 +0200 clk: renesas: r8a779f0: cpg_pll_configs should be __initconst cpg_pll_configs[] is only used during initialization. Hence make it __initconst, so it will be freed later. Fixes: 24aaff6a6ce4c4de ("clk: renesas: cpg-mssr: Add support for R-Car S4-8") Signed-off-by: Geert Uytterhoeven Reviewed-by: Niklas Söderlund Link: https://lore.kernel.org/2261fc8291099445e1b319812dfd4f79c90296d2.1720794214.git.geert+renesas@glider.be commit bd721d922c87a025fe458cc70f7ce5ce72c70e78 Author: Geert Uytterhoeven Date: Fri Jul 12 16:26:43 2024 +0200 clk: renesas: r8a779a0: cpg_pll_configs should be __initconst cpg_pll_configs[] is only used during initialization. Hence make it __initconst, so it will be freed later. Fixes: 17bcc8035d2d19fc ("clk: renesas: cpg-mssr: Add support for R-Car V3U") Signed-off-by: Geert Uytterhoeven Reviewed-by: Niklas Söderlund Link: https://lore.kernel.org/a9819625329b188c298481402e1c55ac46093518.1720794214.git.geert+renesas@glider.be commit 6f5c16b74b8d2eacc98f4e0d1611a129aa6506bd Author: Claudiu Beznea Date: Thu Jul 11 15:34:03 2024 +0300 clk: renesas: r9a08g045: Add DMA clocks and resets Add the missing DMA clock and resets. Signed-off-by: Claudiu Beznea Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240711123405.2966302-2-claudiu.beznea.uj@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit e2fc28837a02fd496d7e667647252ee269373cc9 Author: Zenghui Yu Date: Mon Jul 29 16:12:02 2024 +0800 MAINTAINERS: Add selftests to DMA-BUF HEAPS FRAMEWORK entry Include dmabuf-heaps selftests in the correct entry so that updates to it can be sent to the right place. Signed-off-by: Zenghui Yu Signed-off-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240729081202.937-1-yuzenghui@huawei.com commit 250ac9ee60dbb14cdf422ab7f2bc28d671ac9f46 Author: Shixiong Ou Date: Mon Jul 29 14:57:56 2024 +0800 drm: Add the missing symbol '.' Signed-off-by: Shixiong Ou Signed-off-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240729065756.123788-1-oushixiong1025@163.com commit b8da0b33d3899e5911aaf0220a317545fe2e3b37 Author: Breno Leitao Date: Mon Jul 29 09:40:50 2024 -0700 x86/bugs: Add a separate config for TAA Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the TAA CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Signed-off-by: Breno Leitao Signed-off-by: Borislav Petkov (AMD) Acked-by: Josh Poimboeuf Link: https://lore.kernel.org/r/20240729164105.554296-3-leitao@debian.org commit 10dfa837da4f5319ef6871c7cc7357da190c482f Author: Biju Das Date: Tue Jul 9 14:51:42 2024 +0100 clk: renesas: r9a07g043: Add LCDC clock and reset entries Add LCDC clock and reset entries to CPG driver. Signed-off-by: Biju Das Acked-by: Conor Dooley Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240709135152.185042-5-biju.das.jz@bp.renesas.com Signed-off-by: Geert Uytterhoeven commit 23319333146fb856f6e767f419830f6d7114eefc Author: Yoshihiro Shimoda Date: Thu Jul 4 15:17:20 2024 +0900 clk: renesas: r8a779h0: Add PCIe clock Add the PCIe module clock, which is used by the PCIe module on the Renesas R-Car V4M (R8A779H0) SoC. Signed-off-by: Yoshihiro Shimoda Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240704061720.1444755-1-yoshihiro.shimoda.uh@renesas.com Signed-off-by: Geert Uytterhoeven commit ca999750b95caf4829dbd89ecff5c673107d257c Author: Khanh Le Date: Thu Jul 25 21:49:10 2024 +0200 arm64: dts: renesas: r8a779h0: Add PWM device nodes Add device nodes for the PWM timers on the Renesas R-Car V4M (R8A779H0) SoC. Signed-off-by: Khanh Le [wsa: rebased, dropped TPU part to be upstreamed seperately] Signed-off-by: Wolfram Sang Reviewed-by: Geert Uytterhoeven Tested-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240725194906.14644-11-wsa+renesas@sang-engineering.com Signed-off-by: Geert Uytterhoeven commit 940455681d94a4100f024097737e502e93273f26 Author: Breno Leitao Date: Mon Jul 29 09:40:49 2024 -0700 x86/bugs: Add a separate config for MDS Currently, the CONFIG_SPECULATION_MITIGATIONS is halfway populated, where some mitigations have entries in Kconfig, and they could be modified, while others mitigations do not have Kconfig entries, and could not be controlled at build time. Create an entry for the MDS CPU mitigation under CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable it at compilation time. Signed-off-by: Breno Leitao Signed-off-by: Borislav Petkov (AMD) Acked-by: Josh Poimboeuf Link: https://lore.kernel.org/r/20240729164105.554296-2-leitao@debian.org commit 5343558a868e7e635b40baa2e46bf53df1a2d131 Author: Borislav Petkov (AMD) Date: Tue Jul 30 09:52:43 2024 +0200 x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive Initialize equiv_id in order to shut up: arch/x86/kernel/cpu/microcode/amd.c:714:6: warning: variable 'equiv_id' is \ used uninitialized whenever 'if' condition is false [-Wsometimes-uninitialized] if (x86_family(bsp_cpuid_1_eax) < 0x17) { ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ because clang doesn't do interprocedural analysis for warnings to see that this variable won't be used uninitialized. Fixes: 94838d230a6c ("x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID") Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202407291815.gJBST0P3-lkp@intel.com/ Signed-off-by: Borislav Petkov (AMD) commit 2501b491993f3165fbd01c09fb553113b934b211 Author: Tchadel Icard Date: Tue Jul 30 07:09:10 2024 +0000 staging: rtl8712: Fix move '{' to previous line Fix checkpatch error "ERROR: that open brace { should be on the previous line" Signed-off-by: Tchadel Icard Link: https://lore.kernel.org/r/20240730070910.34996-1-hello@tchadelicard.fr Signed-off-by: Greg Kroah-Hartman commit 101df28119575a158f48877676e30add05cb0603 Author: Benjamin Somers Date: Tue Jul 30 07:05:18 2024 +0000 staging: rtl8723bs: Fix spacing issues This patch removes superfluous tabs at the beginning of the file and commented includes Signed-off-by: Benjamin Somers Link: https://lore.kernel.org/r/20240730070518.2850-1-benjamin.somers@resel.fr Signed-off-by: Greg Kroah-Hartman commit 0fe80ae414616d50637df7d6bcc6fa37a86680d9 Author: Emmanuel Arias Date: Tue Jul 30 07:00:59 2024 +0000 staging: rtl8723bs: replace indent space for tabs Fix checkpatch error code indent should use tabs in file hal_pwr_seq.h:104 Signed-off-by: Emmanuel Arias Link: https://lore.kernel.org/r/20240730070059.33210-1-eamanu@riseup.net Signed-off-by: Greg Kroah-Hartman commit 296602b8e5f715d6a0ccdcd37d57170c2c81d5e4 Author: Dragan Simic Date: Sun Jul 21 05:45:16 2024 +0200 arm64: dts: rockchip: Move RK3399 OPPs to dtsi files for SoC variants Rename the Rockchip RK3399 SoC dtsi files and, consequently, adjust their contents and the contents of the affected board dts(i) files appropriately, to "encapsulate" the different CPU and GPU OPPs for each of the supported RK3399 SoC variants into the respective SoC variant dtsi files. Moving the OPPs to the SoC variant dtsi files, instead of requiring the board dts(i) files to include both the SoC variant dtsi file and the right OPP variant dtsi file, reduces the possibility for mismatched inclusion and improves the overall hierarchical representation of data. These changes follow the approach used for the Rockchip RK3588 SoC variants, which was introduced and described further in commit def88eb4d836 ("arm64: dts: rockchip: Prepare RK3588 SoC dtsi files for per-variant OPPs"). Please see that commit for a more detailed explanation. No functional changes are introduced, which was validated by decompiling and comparing all affected dtb files before and after these changes. In more detail, all decompiled dtb files remain exactly the same, except the files list below, which results from all of them stemming from the same base board dtsi file (rk3399-rock-pi-4.dtsi), while all of them include one of the three different RK3399 SoC variant dtsi files by themselves: - rk3399-rock-4se.dtb - rk3399-rock-pi-4a.dtb - rk3399-rock-pi-4a-plus.dtb - rk3399-rock-pi-4b.dtb - rk3399-rock-pi-4b-plus.dtb - rk3399-rock-pi-4c.dtb When compared with the decompiled original dtb files, these dtb files have some of their blocks shuffled around a bit and some of their phandles have different values, as a result of the changes to the order in which the building blocks from the parent dtsi files are included into them, but they still effectively remain the same as the originals. The only exception to the "include only a SoC variant dtsi" is found in rk3399-evb.dts, which includes rk3399-base.dtsi instead of rk3399.dtsi. This is intentional, because this board dts file doesn't enable the TSADC, so including rk3399.dtsi would enable the SoC to go into higher OPPs with no thermal throttling in place. Let's hope that people interested in this board will fix this in the future. As a side note, due to the nature of introduced changes, this commit is best viewed using the --break-rewrites option for git-log(1). Related-to: def88eb4d836 ("arm64: dts: rockchip: Prepare RK3588 SoC dtsi files for per-variant OPPs") Signed-off-by: Dragan Simic Link: https://lore.kernel.org/r/9417b5c5b64f9aceea64530a85a536169a3e7466.1721532747.git.dsimic@manjaro.org Signed-off-by: Heiko Stuebner commit 7537f0e7b2cd0faa4f58e3e9e64da0f95ade7a77 Author: Sai Sree Kartheek Adivi Date: Tue Jul 30 06:59:01 2024 +0000 staging: rtl8723bs: style fix open brace on new line It fixes the following checkpatch.pl error "ERROR: that open brace { should be on the previous line" and avoids the warning "WARNING: braces {} are not necessary for single statement blocks". Signed-off-by: Sai Sree Kartheek Adivi Link: https://lore.kernel.org/r/20240730065901.35254-1-sskartheekadivi@gmail.com Signed-off-by: Greg Kroah-Hartman commit 9acacf22b5d35c4493a0c7a615741425cf3adc0e Author: Guilherme Puida Moreira Date: Tue Jul 30 06:48:12 2024 +0000 staging: rtl8723bs: place opening brace on previous line Fix checkpatch diagnostic "ERROR: that open brace { should be on the previous line" in rtw_security.h:173 Signed-off-by: Guilherme Puida Moreira Link: https://lore.kernel.org/r/20240730064812.1979-1-guilherme@puida.xyz Signed-off-by: Greg Kroah-Hartman commit 3d7d6c7ca22582755f8e021c33f4d02014ae9f9c Author: David Prévot Date: Tue Jul 30 06:47:07 2024 +0000 staging: rtl8192e: style fix - alignment to match parenthesis Fixed checkpath Alignment should match open parenthesis Signed-off-by: David Prévot Link: https://lore.kernel.org/r/20240730064707.914-1-david@tilapin.org Signed-off-by: Greg Kroah-Hartman commit 2963d620a410b9075ea2daa2b1afb95ec5a3d889 Author: Felix Yan Date: Tue Jul 30 09:37:38 2024 +0300 staging: rtl8712: remove trailing whitespace Fix the following checkpatch.pl error: ERROR: trailing whitespace Signed-off-by: Felix Yan Link: https://lore.kernel.org/r/20240730063746.176245-1-felixonmars@archlinux.org Signed-off-by: Greg Kroah-Hartman commit bbb12311f507f123ea86f44aea70c934aef819b5 Author: Agathe Porte Date: Tue Jul 30 15:27:54 2024 +0900 staging: vme_user: vme_irq_handler: name func ptr args This commit fixes the following checkpatch.pl warnings: WARNING: function definition argument 'int' should also have an identifier name + void (*call)(int, int, void *); WARNING: function definition argument 'int' should also have an identifier name + void (*call)(int, int, void *); WARNING: function definition argument 'void *' should also have an identifier name + void (*call)(int, int, void *); Signed-off-by: Agathe Porte Link: https://lore.kernel.org/r/20240730062843.64977-1-gagath@debian.org Signed-off-by: Greg Kroah-Hartman commit af1cdd74c49774c8e7061fd362d4a9d9b7822e29 Author: Griffin Kroah-Hartman Date: Mon Jul 29 15:02:13 2024 +0200 staging: vme_user: vme_tsi148.c: Change Formatting Adhere to Linux Kernal coding style. Reported by checkpatch CHECK: Alignment should match open parenthesis Signed-off-by: Griffin Kroah-Hartman Link: https://lore.kernel.org/r/20240729130213.48941-2-griffin@kroah.com Signed-off-by: Greg Kroah-Hartman commit c9081e96375aaca671f23f1903aa7fe40852326e Author: Griffin Kroah-Hartman Date: Mon Jul 29 15:02:12 2024 +0200 staging: vme_user: vme_tsi148.C: remove redundant newlines Adhere to Linux kernel coding style. Reported by checkpatch: CHECK: Alignment should match open parenthesis Signed-off-by: Griffin Kroah-Hartman Link: https://lore.kernel.org/r/20240729130213.48941-1-griffin@kroah.com Signed-off-by: Greg Kroah-Hartman commit d93e795b8621eb259e9c519b98b728521a87068b Author: Philipp Hortmann Date: Sun Jul 28 07:25:52 2024 +0200 staging: ks7010: Remove unused driver Wolfram contributed this driver in 2016. He is not using it anymore and confirmed it to be removed. It is hard to find hardware around the globe. When it is offered it is expensive and performance is low. Remove unused driver. Link: https://lore.kernel.org/linux-staging/igi27iwrzg3ovgj3sym4gsi45timpkt4vkl5ss5dbftdzat6p4@ctxcjocvunpt/ Signed-off-by: Philipp Hortmann Reviewed-by: Wolfram Sang Link: https://lore.kernel.org/r/20240728052552.GA8748@matrix-ESPRIMO-P710 Signed-off-by: Greg Kroah-Hartman commit f67a5f76a67c0c8039254a527c432e80822b2f8a Author: Riyan Dhiman Date: Sat Jul 27 15:01:06 2024 +0530 staging: fbtft: Fix mutex and spinlock without comment warning Adhere to Linux kernel coding style Reported by checkpatch: CHECK: spinlock_t definition without comment CHECK: mutex definition without comment Signed-off-by: Riyan Dhiman Link: https://lore.kernel.org/r/20240727093106.11214-1-riyandhiman14@gmail.com Signed-off-by: Greg Kroah-Hartman commit ed50113fa24125929a6811f34528e8e34249ce3c Author: Riyan Dhiman Date: Thu Jul 25 18:33:51 2024 +0530 staging: fbtft: Remove ftrace-like logging Adhere to Linux kernel coding style Reported by checkpatch: WARNING: Unnecessary ftrace-like logging - prefer using ftrace Signed-off-by: Riyan Dhiman Link: https://lore.kernel.org/r/20240725130351.14877-1-riyandhiman14@gmail.com Signed-off-by: Greg Kroah-Hartman commit 1573c26775f2e7ce7dfd6015b46f2cf55fa87368 Author: Steven Davis Date: Tue Jul 23 12:31:03 2024 -0400 staging: most: video: Fixed minor capitalization and grammatical issues This patch makes three error messages in the driver easier to read by capitalizing the first letters properly. For example, "channel already linked" becomes "Channel already linked", and "expect" becomes "expected", as you would typically find in an error message. This patch improves user experience by making the errors clearer. Signed-off-by: Steven Davis Link: https://lore.kernel.org/r/SJ2P223MB1026E786B28986901BC1C126F7A92@SJ2P223MB1026.NAMP223.PROD.OUTLOOK.COM Signed-off-by: Greg Kroah-Hartman commit 64b7f16fb3947e5d08d9e9b860ce966250e45d52 Author: Heiko Stuebner Date: Tue Jul 23 21:55:38 2024 +0200 arm64: dts: rockchip: add 2 pmu_io_domain supplies for Qnap-TS433 Add the two supplies for the pmu-io-domains that are defined in the vendor devicetree for the TS433. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-15-heiko@sntech.de commit 9130eb62586f4cef0557d0378fb7e78d7397ab2d Author: Heiko Stuebner Date: Tue Jul 23 21:55:37 2024 +0200 arm64: dts: rockchip: enable gpu on Qnap-TS433 The TS433 doesn't provide display output, but the gpu nevertheless can be used for compute tasks for example. So there is no reason not to enable it. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-14-heiko@sntech.de commit ee078c7daa98353496410b715a5acbb41d7d3a90 Author: Heiko Stuebner Date: Tue Jul 23 21:55:36 2024 +0200 arm64: dts: rockchip: add missing pmic information on Qnap-TS433 Fill in the missing pieces for RK809 pmic used on the TS433. The regulator setup comes from the vendor-devicetree, so without proper schematics its accuracy is somewhat unclear, but it looks really similar to all the other rk3568 boards, so follows the reference design it seems. The one caveat is related to vcc3v3_sd. This regulator needs to stay on. When turned off because of no users, access to both PCIe controllers will stall. Maybe this rail does supply the 100MHz refclk generation or so. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-13-heiko@sntech.de commit 99b36ba910d896bddbb9a190ca686c6d9cd0325f Author: Heiko Stuebner Date: Tue Jul 23 21:55:35 2024 +0200 arm64: dts: rockchip: define cpu-supply on the Qnap-TS433 The TS433 seems to use a silergy,syr827 regulator for the cpu supply. At least that is the compatible used in the vendor devicetree, though it could very well also be another fan53555 clone. Define the needed regulator node and hook up the cpu-supply to the cpu cores. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-12-heiko@sntech.de commit 9b682d31b24f1f70b5b4d0618095d46e0722b9d8 Author: Heiko Stuebner Date: Tue Jul 23 21:55:34 2024 +0200 arm64: dts: rockchip: add gpio-keys to Qnap-TS433 The TS433 has 3 buttons, power and copy in the front as well as a reset pinhole button on the back. The power-button is connected to the embedded controller while the other two buttons are just gpio connected. Add the gpio-keys definition for the two buttons we can handle right now. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-11-heiko@sntech.de commit 2dfdddd9d20306fd0d04b88fcbbf36d76fb67f11 Author: Heiko Stuebner Date: Tue Jul 23 21:55:33 2024 +0200 arm64: dts: rockchip: enable the tsadc on the Qnap-TS433 Enable the tsadc node to allow for temperature measurements of the soc. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-10-heiko@sntech.de commit ea91aabf18bcad6f5eceae6848ea6570ea61f126 Author: Heiko Stuebner Date: Tue Jul 23 21:55:32 2024 +0200 arm64: dts: rockchip: add hdd leds to Qnap-TS433 Add the 4 gpio-controlled LEDs to the Qnap-TS433. They are meant for individual disk activitivy, but I haven't found a way for how to connect them to their individual sata slot yet. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-9-heiko@sntech.de commit dadd4256e12360d3ff1f6481b2e4697f9d890caf Author: Heiko Stuebner Date: Tue Jul 23 21:55:31 2024 +0200 arm64: dts: rockchip: add board-aliases for Qnap-TS433 Add the aliases for the internal network interface as well as the emmc on the board and make sure the dedicated RTC is always the first one. The TS433 actually has two rtc devices. One coming from the rk809 pmic without added functionality and also a dedicated RTC from Mycrocrystal that is battery backed to keep the time. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-8-heiko@sntech.de commit 673c1353b3d476b9c5df6b84a777ed171e5594f5 Author: Heiko Stuebner Date: Tue Jul 23 21:55:30 2024 +0200 arm64: dts: rockchip: enable sata1+2 on Qnap-TS433 The TS433 has 4 bays. The last two are accessed via a pci-connected sata controller, while the first two are accessed via the rk3568's sata controllers. Enable these two now. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-7-heiko@sntech.de commit e1cb5d8a92e41171bf4d5ddc459bd96372500901 Author: Heiko Stuebner Date: Tue Jul 23 21:55:29 2024 +0200 arm64: dts: rockchip: add stdout path on Qnap-TS433 As most Rockchip boards do, the TS433 also uses uart2 for its serial output. Set the correct chosen entry for it. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-6-heiko@sntech.de commit d992203f57c5caad0dbd4a9c669d79b315873c81 Author: Heiko Stuebner Date: Tue Jul 23 21:55:28 2024 +0200 arm64: dts: rockchip: enable usb ports on Qnap-TS433 Enable usb controllers and phys and add regulator infrastructure for the usb ports on the TS433. Of course there are no schematics available for the device, so the regulator information comes from the vendor-devicetree with unknown accuracy. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-5-heiko@sntech.de commit 07ef8be476bebd77cba3ca4804be03cc0dba414f Author: Heiko Stuebner Date: Tue Jul 23 21:55:27 2024 +0200 arm64: dts: rockchip: enable uart0 on Qnap-TS433 Uart0 is connected to an MCU on the board that handles system control like the fan-speed. So far no driver for it is available though. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-4-heiko@sntech.de commit 0f5f87a1d602a33028522784eb005647fa1b5c11 Author: Heiko Stuebner Date: Tue Jul 23 21:55:26 2024 +0200 arm64: dts: rockchip: enable second PCIe controller on the Qnap-TS433 The TS433 uses both pcie controllers for sata and the 2nd network interface. Set the needed data-lanes in the pcie3 phy and enable the second pcie controller, as well as remove the bifurcation comment. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-3-heiko@sntech.de commit e0ec6d48226fb3d4df18895b56f0b7a94c0fe474 Author: Heiko Stuebner Date: Tue Jul 23 21:55:25 2024 +0200 arm64: dts: rockchip: add PCIe supply regulator to Qnap-TS433 Add the vcc3v3-supply regulator and its link to the pcie controllers. Tested-by: Uwe Kleine-König Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240723195538.1133436-2-heiko@sntech.de commit fcc62b19104a67b9a2941513771e09389b75bd95 Author: Takashi Iwai Date: Mon Jul 29 18:06:58 2024 +0200 ALSA: control: Take power_ref lock primarily The code path for kcontrol accesses have often nested locks of both card's controls_rwsem and power_ref, and applies in that order. However, what could take much longer is the latter, power_ref; it waits for the power state of the device, and it pretty much depends on the user's action. This patch swaps the locking order of those locks to a more natural way, namely, power_ref -> controls_rwsem, in order to shorten the time of possible nested locks. For consistency, power_ref is taken always in the top-level caller side (that is, *_user() functions and the ioctl handler itself). Link: https://patch.msgid.link/20240729160659.4516-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 3bb668264db5c68a02b557b3052644181bb4f4be Author: Takashi Iwai Date: Mon Jul 29 16:15:17 2024 +0200 ALSA: hda: Enhance pm_blacklist option We want sometimes to keep the runtime PM disabled persistently just like we did for the PM deny-list in the previous change, e.g. for testing some buggy device. This patch enhances the existing pm_blacklist option for achieving it easily. The default behavior doesn't change -- the driver looks up the deny list and disables the runtime PM if matches. However, when pm_blacklist=1 option is set, now the driver disables the runtime PM completely, just like the deny-list does. Update the documentation for this option, too. Link: https://patch.msgid.link/20240729141519.18398-2-tiwai@suse.de Signed-off-by: Takashi Iwai commit 8abe0423ddd3ca7b9cea09c0a39249f65e646768 Author: Takashi Iwai Date: Mon Jul 29 16:15:16 2024 +0200 ALSA: hda: Keep PM disablement for deny-listed instance We have a runtime PM deny-list for the devices that show the problems (typically click noises) at runtime suspend/resume, and when it matches, the driver disables the default runtime PM. However, we still allow the runtime PM changed via power_save module option dynamically, and the desktop system often tweaks it. This ended up with a re-enablement of the runtime PM that surprises users, suddenly suffering from the noises. This patch changes the driver behavior slightly: when the device is listed in the deny-list, ignore the power_save option change and keep the original (that is, off) runtime PM state. Link: https://patch.msgid.link/20240729141519.18398-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 0642a3c5cacc0321c755d45ae48f2c84475469a6 Author: Takashi Iwai Date: Mon Jul 29 16:13:14 2024 +0200 ALSA: ump: Update substream name from assigned FB names We had a nice name scheme in ALSA sequencer UMP binding for each sequencer port referring to each assigned Function Block name, while the legacy rawmidi refers only to the UMP Endpoint name. It's better to align both. This patch moves the UMP Group attribute update functions into the core UMP code from the sequencer binding code, and improve the substream name of the legacy rawmidi. Link: https://patch.msgid.link/20240729141315.18253-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 4e9652003bc39032c3ab79e607aa3d1913c7cf57 Author: Takashi Iwai Date: Fri Jul 26 17:28:15 2024 +0200 ALSA: control: Annotate snd_kcontrol with __counted_by() struct snd_kcontrol contains a flex array of snd_kcontrol_volatile objects at its end, and the array size is stored in count field. This can be annotated gracefully with __counted_by() for catching possible array overflows. One additional change is the order of the count field initialization; The assignment of the count field is moved before assignment of vd[] elements for avoiding false-positive warnings from compilers. Link: https://patch.msgid.link/20240726152840.8629-1-tiwai@suse.de Signed-off-by: Takashi Iwai commit 3c0e1ed9c87877d064c705a60db5fdb31a91e985 Merge: 8400291e289ee6 3c0b6f924e1259 Author: Takashi Iwai Date: Tue Jul 30 07:45:13 2024 +0200 Merge branch 'for-linus' into for-next Pull 6.11-devel branch for further development. Signed-off-by: Takashi Iwai commit f9848cfa4bec953603dc9ffb838229e072b0193d Author: David Hunter Date: Sat Jul 20 11:24:47 2024 -0400 da8xx-cfgchip.c: replace of_node_put with __free improves cleanup The use of the __free function allows the cleanup to be based on scope instead of on another function called later. This makes the cleanup automatic and less susceptible to errors later. This code was compiled without errors or warnings. Signed-off-by: David Hunter Link: https://lore.kernel.org/r/20240720152447.311442-1-david.hunter.linux@gmail.com Reviewed-by: David Lechner Signed-off-by: Stephen Boyd commit 4a9e56f25633989238fc7b233e100e295ee33739 Author: AngeloGioacchino Del Regno Date: Thu Jul 18 10:25:28 2024 +0200 clk: mediatek: reset: Remove unused mtk_register_reset_controller() Now that all clock controllers have been migrated to the new mtk_register_reset_controller_with_dev() function, the one taking struct device node is now unused: remove it. Signed-off-by: AngeloGioacchino Del Regno Link: https://lore.kernel.org/r/20240718082528.220750-1-angelogioacchino.delregno@collabora.com Signed-off-by: Stephen Boyd commit ae8ca031f590dc2c33f0f0286034d34e629099ce Author: Fei Shao Date: Wed Jul 17 19:58:52 2024 +0800 clk: mediatek: reset: Return regmap's error code device_node_to_regmap() can return different errors, and it's better practice to pass them to callers. Clean up the hardcoded -EINVAL and use PTR_ERR(regmap) instead. Signed-off-by: Fei Shao Link: https://lore.kernel.org/r/20240717115919.975474-1-fshao@chromium.org Reviewed-by: AngeloGioacchino Del Regno Signed-off-by: Stephen Boyd commit 274aff8711b2e77c27bbda0ddc24caa39f154bfa Author: Stephen Boyd Date: Thu Jul 18 14:05:07 2024 -0700 clk: Add KUnit tests for clks registered with struct clk_parent_data Test that clks registered with 'struct clk_parent_data' work as intended and can find their parents. Cc: Christian Marangi Cc: Brendan Higgins Reviewed-by: David Gow Cc: Rae Moar Signed-off-by: Stephen Boyd Link: https://lore.kernel.org/r/20240718210513.3801024-9-sboyd@kernel.org commit 5776526beb9513a6593250f742cbc634b17711eb Author: Stephen Boyd Date: Thu Jul 18 14:05:06 2024 -0700 clk: Add KUnit tests for clk fixed rate basic type Test that the fixed rate basic type clk works as intended. Cc: Brendan Higgins Cc: David Gow Cc: Rae Moar Signed-off-by: Stephen Boyd Link: https://lore.kernel.org/r/20240718210513.3801024-8-sboyd@kernel.org commit d690bd11e87adfc684265209a5aabd1f58fa367e Author: Stephen Boyd Date: Thu Jul 18 14:05:05 2024 -0700 clk: Add test managed clk provider/consumer APIs Unit tests are more ergonomic and simpler to understand if they don't have to hoist a bunch of code into the test harness init and exit functions. Add some test managed wrappers for the clk APIs so that clk unit tests can write more code in the actual test and less code in the harness. Only add APIs that are used for now. More wrappers can be added in the future as necessary. Cc: Brendan Higgins Cc: David Gow Cc: Rae Moar Signed-off-by: Stephen Boyd Link: https://lore.kernel.org/r/20240718210513.3801024-7-sboyd@kernel.org commit 5ac79730324c6f37106ce397586020ffe6e8e234 Author: Stephen Boyd Date: Thu Jul 18 14:05:04 2024 -0700 platform: Add test managed platform_device/driver APIs Introduce KUnit resource wrappers around platform_driver_register(), platform_device_alloc(), and platform_device_add() so that test authors can register platform drivers/devices from their tests and have the drivers/devices automatically be unregistered when the test is done. This makes test setup code simpler when a platform driver or platform device is needed. Add a few test cases at the same time to make sure the APIs work as intended. Cc: Brendan Higgins Reviewed-by: David Gow Cc: Rae Moar Reviewed-by: Greg Kroah-Hartman Cc: "Rafael J. Wysocki" Signed-off-by: Stephen Boyd Link: https://lore.kernel.org/r/20240718210513.3801024-6-sboyd@kernel.org commit 5c9dd72d8385c2b02c6e31a0f59f777d8a26a218 Author: Stephen Boyd Date: Thu Jul 18 14:05:03 2024 -0700 of: Add a KUnit test for overlays and test managed APIs Test the KUnit test managed overlay APIs. Confirm that platform devices are created and destroyed properly. This provides us confidence that the test managed APIs work correctly and can be relied upon to provide tests with fake platform devices and device nodes via overlays compiled into the kernel image. Cc: Rob Herring Cc: Saravana Kannan Cc: Daniel Latypov Cc: Brendan Higgins Reviewed-by: David Gow Cc: Rae Moar Reviewed-by: Rob Herring (Arm) Signed-off-by: Stephen Boyd Link: https://lore.kernel.org/r/20240718210513.3801024-5-sboyd@kernel.org commit 7fc616c87fc5bd963f02797a2137c8e687c8e3f6 Author: Stephen Boyd Date: Thu Jul 18 14:05:02 2024 -0700 dt-bindings: vendor-prefixes: Add "test" vendor for KUnit and friends Add the vendor prefix "test" to reserve a vendor prefix for bindings that are purely for testing device tree code. This allows test code to write bindings that can be checked by the schema validator. Reviewed-by: Rob Herring Reviewed-by: David Gow Cc: Krzysztof Kozlowski Cc: Conor Dooley Signed-off-by: Stephen Boyd Link: https://lore.kernel.org/r/20240718210513.3801024-4-sboyd@kernel.org commit 6774e90f3146818c284b805b16ecdc144dda1c60 Author: Stephen Boyd Date: Thu Jul 18 14:05:01 2024 -0700 of: Add test managed wrappers for of_overlay_apply()/of_node_put() Add test managed wrappers for of_overlay_apply() that automatically removes the overlay when the test is finished. This API is intended for use by KUnit tests that test code which relies on 'struct device_node's and of_*() APIs. KUnit tests will call of_overlay_apply_kunit() to load an overlay that's been built into the kernel image. When the test is complete, the overlay will be removed. This has a few benefits: 1) It keeps the tests hermetic because the overlay is removed when the test is complete. Tests won't even be aware that an overlay was loaded in another test. 2) The overlay code can live right next to the unit test that loads it. The overlay and the unit test can be compiled into one kernel module if desired. 3) We can test different device tree configurations by loading different overlays. The overlays can be written for a specific test, and there can be many of them loaded per-test without needing to jam all possible combinations into one DTB. 4) It also allows KUnit to test device tree dependent code on any architecture, not just UML. This allows KUnit tests to test architecture specific device tree code. There are some potential pitfalls though. Test authors need to be careful to not overwrite properties in the live tree. The easiest way to do this is to add and remove nodes with a 'kunit-' prefix, almost guaranteeing that the same node won't be present in the tree loaded at boot. Suggested-by: Rob Herring Cc: Rob Herring Cc: Saravana Kannan Reviewed-by: Rob Herring (Arm) Reviewed-by: David Gow Signed-off-by: Stephen Boyd Link: https://lore.kernel.org/r/20240718210513.3801024-3-sboyd@kernel.org commit 814cff595d1ff6079fb4df2fd8ceeb0b6ad2d221 Author: Stephen Boyd Date: Thu Jul 18 14:05:00 2024 -0700 of/platform: Allow overlays to create platform devices from the root node We'd like to apply overlays to the root node in KUnit so we can test platform devices created as children of the root node. On some architectures (powerpc), the root node isn't marked with OF_POPULATED_BUS. If an overlay tries to modify the root node on these platforms it will fail, while on other platforms, such as ARM, it will succeed. This is because the root node is marked with OF_POPULATED_BUS by of_platform_default_populate_init() calling of_platform_default_populate() with NULL as the first argument. Loosen the requirement here so that platform devices can be created for nodes created as children of the root node via DT overlays even if the platform bus wasn't populated for the root node. Reviewed-by: Rob Herring (Arm) Cc: Saravana Kannan Signed-off-by: Geert Uytterhoeven [sboyd@kernel.org: Folded in condition fix] Signed-off-by: Stephen Boyd Link: https://lore.kernel.org/r/20240718210513.3801024-2-sboyd@kernel.org commit 73eb824914ff6371b27b37706eab42c30747ca89 Author: Damien Le Moal Date: Fri Jul 26 11:35:15 2024 +0900 ata: pata_hpt37x: Rename hpt_dma_blacklisted() Rename the function hpt_dma_blacklisted() to the more neutral hpt_dma_broken(). Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel Reviewed-by: Igor Pylypiv commit 16000756f39d7fb05ae85ff3d3fc18cf1231cd2b Author: Damien Le Moal Date: Fri Jul 26 11:32:37 2024 +0900 ata: pata_hpt366: Rename hpt_dma_blacklisted() Rename the function hpt_dma_blacklisted() to the more neutral hpt_dma_broken(). Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel Reviewed-by: Igor Pylypiv commit 022eb2792022a8b53b996bf75774f0c6a3b295bf Author: Damien Le Moal Date: Fri Jul 26 11:28:37 2024 +0900 ata: pata_cs5520: Rephrase file header comment Remove the use of the term "blacklist". What the comment using that term refers to does not seem to exist at all anyway as the driver does not have such list but rather only a list of compatible controllers. Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel Reviewed-by: Igor Pylypiv commit 8a3f41a335e9d1c1d348b6849d7b1e99bb22d629 Author: Damien Le Moal Date: Fri Jul 26 11:20:27 2024 +0900 ata: ata_piix: Remove useless comment in piix_init_sidpr() Remove the comment using the term "blacklist" from piix_init_sidpr(). That comment is useless given that the function piix_no_sidpr() name is clear about what is being checked. Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel Reviewed-by: Igor Pylypiv commit 93b0f9e11ce511353c65b7f924cf5f95bd9c3aba Author: Damien Le Moal Date: Fri Jul 26 11:14:11 2024 +0900 ata: sata_sil: Rename sil_blacklist to sil_quirks Rename the array sil_blacklist to sil_quirks as this name is more neutral and is also consistent with how this driver define quirks with the SIL_QUIRK_XXX flags. Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel Reviewed-by: Igor Pylypiv commit ca8040b071455d8485343d8f1ee9332a18575343 Author: Damien Le Moal Date: Fri Jul 26 11:07:17 2024 +0900 ata: ahci: Rephrase comment to not use the term blacklist Rephrase the comment for the eMachines entry in the sysids array of ahci_broken_suspend() to not use the term blacklist. Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel Reviewed-by: Igor Pylypiv commit 858048568c9e3887d8b19e101ee72f129d65cb15 Author: Damien Le Moal Date: Fri Jul 26 10:58:36 2024 +0900 ata: pata_serverworks: Do not use the term blacklist Let's not use the term blacklist in the function serverworks_osb4_filter() documentation comment and rather simply refer to what that function looks at: the list of devices with groken UDMA5. While at it, also constify the values of the csb_bad_ata100 array. Of note is that all of this should probably be handled using libata quirk mechanism but it is unclear if these UDMA5 quirks are specific to this controller only. Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel Reviewed-by: Igor Pylypiv commit 58157d607aecb4e05ab793408038b014c84e466f Author: Damien Le Moal Date: Thu Jul 18 16:54:03 2024 +0900 ata: libata: Print quirks applied to devices Introduce the function ata_dev_print_quirks() to print the quirk flags that will be applied to a scanned device. This new function is called from ata_dev_quirks() when a match on a device model or device model and revision is found for a device in the __ata_dev_quirks array. To implement this function, the ATA_QUIRK_ flags are redefined using the new enum ata_quirk which defines the bit shift for each quirk flag. The array of strings ata_quirk_names is used to define the name of each flag, which are printed by ata_dev_print_quirks(). Example output for a device listed in the __ata_dev_quirks array and which has the ATA_QUIRK_DISABLE flag applied: [10193.461270] ata1: SATA link up 6.0 Gbps (SStatus 133 SControl 300) [10193.469190] ata1.00: Model 'ASMT109x- Config', rev '2143 5', applying quirks: disable [10193.469195] ata1.00: unsupported device, disabling [10193.481564] ata1.00: disable device enum ata_quirk also defines the __ATA_QUIRK_MAX value as one plus the last quirk flag defined. This value is used in ata_dev_quirks() to add a build time check that all quirk flags fit within the unsigned int (32-bits) quirks field of struct ata_device. Signed-off-by: Damien Le Moal Reviewed-by: Igor Pylypiv Reviewed-by: Niklas Cassel commit 7ebd8c5acad5f8ca41f37b36dc62570e1fa13d8b Author: Damien Le Moal Date: Thu Jul 18 16:59:06 2024 +0900 ata: libata: Use QUIRK instead of HORKAGE According to Wiktionary, the verb "hork" is computing slang defined as "To foul up; to be occupied with difficulty, tangle, or unpleasantness; to be broken" (https://en.wiktionary.org/wiki/hork#Verb). libata uses this with the term "horkage" to refer to broken device features. Given that this term is not widely used and its meaning unknown to many, rename it to the more commonly used term "quirk", similar to many other places in the kernel. The renaming done is: 1) Rename all ATA_HORKAGE_XXX flags to ATA_QUIRK_XXX 2) Rename struct ata_device horkage field to quirks 3) Rename struct ata_blacklist_entry to struct ata_dev_quirks_entry. The array of these structures defining quirks for known devices is renamed __ata_dev_quirks. 4) The functions ata_dev_blacklisted() and ata_force_horkage() are renamed to ata_dev_quirks() and ata_force_quirks() respectively. 5) All the force_horkage_xxx() macros are renamed to force_quirk_xxx() And while at it, make sure that the type "unsigned int" is used consistantly for quirk flags variables and data structure fields. Signed-off-by: Damien Le Moal Reviewed-by: Niklas Cassel Reviewed-by: Igor Pylypiv commit ba71ffb660e4d41fe589f2459fb888ea61fdb310 Author: David Vernet Date: Wed Jul 24 22:22:14 2024 -0500 selftests/bpf: Load struct_ops map in global_maps_resize test In prog_tests/test_global_maps_resize.c, we test various use cases for resizing global maps. Commit 7244100e0389 ("libbpf: Don't take direct pointers into BTF data from st_ops") updated libbpf to not store pointers to volatile BTF data, which for some users, was causing a UAF when resizing a datasec array. Let's ensure we have coverage for resizing datasec arrays with struct_ops progs by also including a struct_ops map and struct_ops prog in the test_global_map_resize skeleton. The map is automatically loaded, so we don't need to do anything other than add it to the BPF prog being tested to get the coverage. Signed-off-by: David Vernet Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240725032214.50676-1-void@manifault.com commit 41b01a0271fd0387171eb9ad4692c22e37c8c80a Author: Alexis Lothoré (eBPF Foundation) Date: Sun Jul 21 21:33:04 2024 +0200 selftests/bpf: Integrate test_xdp_veth into test_progs test_xdp_veth.sh tests that XDP return codes work as expected, by bringing up multiple veth pairs isolated in different namespaces, attaching specific xdp programs to each interface, and ensuring that the whole chain allows to ping one end interface from the first one. The test runs well but is currently not integrated in test_progs, which prevents it from being run automatically in the CI infrastructure. Rewrite it as a C test relying on libbpf to allow running it in the CI infrastructure. The new code brings up the same network infrastructure and reuses the same eBPF programs as test_xdp_veth.sh, for which skeletons are already generated by the bpf tests makefile. Signed-off-by: Alexis Lothoré (eBPF Foundation) Signed-off-by: Daniel Borkmann Acked-by: Stanislav Fomichev Link: https://lore.kernel.org/bpf/20240721-convert_test_xdp_veth-v4-2-23bdba21b2f9@bootlin.com Signed-off-by: Andrii Nakryiko commit 0bfdda9db88990539b63a11028c84c4c069e8a0f Author: Alexis Lothoré (eBPF Foundation) Date: Sun Jul 21 21:33:03 2024 +0200 selftests/bpf: Update xdp_redirect_map prog sections for libbpf xdp_redirect_map.c is a bpf program used by test_xdp_veth.sh, which is not handled by the generic test runner (test_progs). To allow converting this test to test_progs, the corresponding program must be updated to allow handling it through skeletons generated by bpftool and libbpf. Update programs section names to allow to manipulate those with libbpf. Signed-off-by: Alexis Lothoré (eBPF Foundation) Signed-off-by: Daniel Borkmann Acked-by: Stanislav Fomichev Link: https://lore.kernel.org/bpf/20240721-convert_test_xdp_veth-v4-1-23bdba21b2f9@bootlin.com Signed-off-by: Andrii Nakryiko commit 04a94133f1b3cccb19e056c26f056c50b4e5b3b1 Author: David Vernet Date: Wed Jul 24 12:14:58 2024 -0500 libbpf: Don't take direct pointers into BTF data from st_ops In struct bpf_struct_ops, we have take a pointer to a BTF type name, and a struct btf_type. This was presumably done for convenience, but can actually result in subtle and confusing bugs given that BTF data can be invalidated before a program is loaded. For example, in sched_ext, we may sometimes resize a data section after a skeleton has been opened, but before the struct_ops scheduler map has been loaded. This may cause the BTF data to be realloc'd, which can then cause a UAF when loading the program because the struct_ops map has pointers directly into the BTF data. We're already storing the BTF type_id in struct bpf_struct_ops. Because type_id is stable, we can therefore just update the places where we were looking at those pointers to instead do the lookups we need from the type_id. Fixes: 590a00888250 ("bpf: libbpf: Add STRUCT_OPS support") Signed-off-by: David Vernet Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240724171459.281234-1-void@manifault.com commit 8efffab4e54f3e055c86ced2ad3299d6d96f4a39 Merge: 6b376e7543dd15 730561d3c08d4a Author: Andrii Nakryiko Date: Wed Jul 24 16:46:05 2024 -0700 Merge branch 'selftests-bpf-improve-libc-portability-musl-support-part-1' Tony Ambardar says: ==================== selftests/bpf: Improve libc portability / musl support (part 1) Hello all, This series includes the bulk of libc-related compile fixes accumulated to support systems using musl, with smaller numbers to follow. These patches are simple and straightforward, and the series has been tested with the kernel-patches/bpf CI and locally using mips64el-gcc/musl-libc and QEMU with an OpenWrt rootfs. The patches address a few general categories of libc portability issues: - missing, redundant or incorrect include headers - disabled GNU header extensions (i.e. missing #define _GNU_SOURCE) - issues with types and casting Feedback and suggestions for improvement are welcome! Thanks, Tony ==================== Link: https://lore.kernel.org/r/cover.1721713597.git.tony.ambardar@gmail.com Signed-off-by: Andrii Nakryiko commit 730561d3c08d4a327cceaabf11365958a1c00cec Author: Tony Ambardar Date: Mon Jul 22 22:54:46 2024 -0700 selftests/bpf: Fix errors compiling cg_storage_multi.h with musl libc Remove a redundant include of '', whose needed definitions are already included (via '') in cg_storage_multi_egress_only.c, cg_storage_multi_isolated.c, and cg_storage_multi_shared.c. This avoids redefinition errors seen compiling for mips64el/musl-libc like: In file included from progs/cg_storage_multi_egress_only.c:13: In file included from progs/cg_storage_multi.h:6: In file included from /usr/mips64el-linux-gnuabi64/include/asm/types.h:23: /usr/include/asm-generic/int-l64.h:29:25: error: typedef redefinition with different types ('long' vs 'long long') 29 | typedef __signed__ long __s64; | ^ /usr/include/asm-generic/int-ll64.h:30:44: note: previous definition is here 30 | __extension__ typedef __signed__ long long __s64; | ^ Fixes: 9e5bd1f7633b ("selftests/bpf: Test CGROUP_STORAGE map can't be used by multiple progs") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/4f4702e9f6115b7f84fea01b2326ca24c6df7ba8.1721713597.git.tony.ambardar@gmail.com commit 9822be702fe6e1c3e0933ef4b68a8c56683d930d Author: Tony Ambardar Date: Mon Jul 22 22:54:45 2024 -0700 selftests/bpf: Fix errors compiling crypto_sanity.c with musl libc Remove a redundant include of '', whose needed definitions are already provided by 'test_progs.h'. This avoids errors seen compiling for mips64el/musl-libc: In file included from .../arpa/inet.h:9, from ./test_progs.h:17, from prog_tests/crypto_sanity.c:10: .../netinet/in.h:23:8: error: redefinition of 'struct in6_addr' 23 | struct in6_addr { | ^~~~~~~~ In file included from crypto_sanity.c:7: .../linux/in6.h:33:8: note: originally defined here 33 | struct in6_addr { | ^~~~~~~~ .../netinet/in.h:34:8: error: redefinition of 'struct sockaddr_in6' 34 | struct sockaddr_in6 { | ^~~~~~~~~~~~ .../linux/in6.h:50:8: note: originally defined here 50 | struct sockaddr_in6 { | ^~~~~~~~~~~~ .../netinet/in.h:42:8: error: redefinition of 'struct ipv6_mreq' 42 | struct ipv6_mreq { | ^~~~~~~~~ .../linux/in6.h:60:8: note: originally defined here 60 | struct ipv6_mreq { | ^~~~~~~~~ Fixes: 91541ab192fc ("selftests: bpf: crypto skcipher algo selftests") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Reviewed-by: Vadim Fedorenko Link: https://lore.kernel.org/bpf/911293968f424ad7b462d8805aeb3baee8f4985b.1721713597.git.tony.ambardar@gmail.com commit 1b00f355130a5dfc38a01ad02458ae2cb2ebe609 Author: Tony Ambardar Date: Mon Jul 22 22:54:44 2024 -0700 selftests/bpf: Fix errors compiling decap_sanity.c with musl libc Remove a redundant include of '', whose needed definitions are already provided by 'test_progs.h'. This avoids errors seen compiling for mips64el/musl-libc: In file included from .../arpa/inet.h:9, from ./test_progs.h:17, from prog_tests/decap_sanity.c:9: .../netinet/in.h:23:8: error: redefinition of 'struct in6_addr' 23 | struct in6_addr { | ^~~~~~~~ In file included from decap_sanity.c:7: .../linux/in6.h:33:8: note: originally defined here 33 | struct in6_addr { | ^~~~~~~~ .../netinet/in.h:34:8: error: redefinition of 'struct sockaddr_in6' 34 | struct sockaddr_in6 { | ^~~~~~~~~~~~ .../linux/in6.h:50:8: note: originally defined here 50 | struct sockaddr_in6 { | ^~~~~~~~~~~~ .../netinet/in.h:42:8: error: redefinition of 'struct ipv6_mreq' 42 | struct ipv6_mreq { | ^~~~~~~~~ .../linux/in6.h:60:8: note: originally defined here 60 | struct ipv6_mreq { | ^~~~~~~~~ Fixes: 70a00e2f1dba ("selftests/bpf: Test bpf_skb_adjust_room on CHECKSUM_PARTIAL") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/e986ba2d7edccd254b54f7cd049b98f10bafa8c3.1721713597.git.tony.ambardar@gmail.com commit 27c4797ce51c8dd51e35e68e9024a892f62d78b2 Author: Tony Ambardar Date: Mon Jul 22 22:54:43 2024 -0700 selftests/bpf: Fix errors compiling lwt_redirect.c with musl libc Remove a redundant include of '' which is already provided in 'lwt_helpers.h'. This avoids errors seen compiling for mips64el/musl-libc: In file included from .../arpa/inet.h:9, from lwt_redirect.c:51: .../netinet/in.h:23:8: error: redefinition of 'struct in6_addr' 23 | struct in6_addr { | ^~~~~~~~ In file included from .../linux/icmp.h:24, from lwt_redirect.c:50: .../linux/in6.h:33:8: note: originally defined here 33 | struct in6_addr { | ^~~~~~~~ .../netinet/in.h:34:8: error: redefinition of 'struct sockaddr_in6' 34 | struct sockaddr_in6 { | ^~~~~~~~~~~~ .../linux/in6.h:50:8: note: originally defined here 50 | struct sockaddr_in6 { | ^~~~~~~~~~~~ .../netinet/in.h:42:8: error: redefinition of 'struct ipv6_mreq' 42 | struct ipv6_mreq { | ^~~~~~~~~ .../linux/in6.h:60:8: note: originally defined here 60 | struct ipv6_mreq { | ^~~~~~~~~ Fixes: 43a7c3ef8a15 ("selftests/bpf: Add lwt_xmit tests for BPF_REDIRECT") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/3869dda876d5206d2f8d4dd67331c739ceb0c7f8.1721713597.git.tony.ambardar@gmail.com commit debfa4f628f271f72933bf38d581cc53cfe1def5 Author: Tony Ambardar Date: Mon Jul 22 22:54:42 2024 -0700 selftests/bpf: Fix compiling core_reloc.c with musl-libc The type 'loff_t' is a GNU extension and not exposed by the musl 'fcntl.h' header unless _GNU_SOURCE is defined. Add this definition to fix errors seen compiling for mips64el/musl-libc: In file included from tools/testing/selftests/bpf/prog_tests/core_reloc.c:4: ./bpf_testmod/bpf_testmod.h:10:9: error: unknown type name 'loff_t' 10 | loff_t off; | ^~~~~~ ./bpf_testmod/bpf_testmod.h:16:9: error: unknown type name 'loff_t' 16 | loff_t off; | ^~~~~~ Fixes: 6bcd39d366b6 ("selftests/bpf: Add CO-RE relocs selftest relying on kernel module BTF") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/11c3af75a7eb6bcb7ad9acfae6a6f470c572eb82.1721713597.git.tony.ambardar@gmail.com commit 18826fb0b79c3c3cd1fe765d85f9c6f1a902c722 Author: Tony Ambardar Date: Mon Jul 22 22:54:41 2024 -0700 selftests/bpf: Fix compiling tcp_rtt.c with musl-libc The GNU version of 'struct tcp_info' in 'netinet/tcp.h' is not exposed by musl headers unless _GNU_SOURCE is defined. Add this definition to fix errors seen compiling for mips64el/musl-libc: tcp_rtt.c: In function 'wait_for_ack': tcp_rtt.c:24:25: error: storage size of 'info' isn't known 24 | struct tcp_info info; | ^~~~ tcp_rtt.c:24:25: error: unused variable 'info' [-Werror=unused-variable] cc1: all warnings being treated as errors Fixes: 1f4f80fed217 ("selftests/bpf: test_progs: convert test_tcp_rtt") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/f2329767b15df206f08a5776d35a47c37da855ae.1721713597.git.tony.ambardar@gmail.com commit 5e4c43bcb85973243d7274e0058b6e8f5810e4f7 Author: Tony Ambardar Date: Mon Jul 22 22:54:40 2024 -0700 selftests/bpf: Fix compiling flow_dissector.c with musl-libc The GNU version of 'struct tcphdr' has members 'doff', 'source' and 'dest', which are not exposed by musl libc headers unless _GNU_SOURCE is defined. Add this definition to fix errors seen compiling for mips64el/musl-libc: flow_dissector.c:118:30: error: 'struct tcphdr' has no member named 'doff' 118 | .tcp.doff = 5, | ^~~~ flow_dissector.c:119:30: error: 'struct tcphdr' has no member named 'source' 119 | .tcp.source = 80, | ^~~~~~ flow_dissector.c:120:30: error: 'struct tcphdr' has no member named 'dest' 120 | .tcp.dest = 8080, | ^~~~ Fixes: ae173a915785 ("selftests/bpf: support BPF_FLOW_DISSECTOR_F_PARSE_1ST_FRAG") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/8f7ab21a73f678f9cebd32b26c444a686e57414d.1721713597.git.tony.ambardar@gmail.com commit bae9a5ce7d3a9b3a9e07b31ab9e9c58450e3e9fd Author: Tony Ambardar Date: Mon Jul 22 22:54:39 2024 -0700 selftests/bpf: Fix compiling kfree_skb.c with musl-libc The GNU version of 'struct tcphdr' with member 'doff' is not exposed by musl headers unless _GNU_SOURCE is defined. Add this definition to fix errors seen compiling for mips64el/musl-libc: In file included from kfree_skb.c:2: kfree_skb.c: In function 'on_sample': kfree_skb.c:45:30: error: 'struct tcphdr' has no member named 'doff' 45 | if (CHECK(pkt_v6->tcp.doff != 5, "check_tcp", | ^ Fixes: 580d656d80cf ("selftests/bpf: Add kfree_skb raw_tp test") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/e2d8cedc790959c10d6822a51f01a7a3616bea1b.1721713597.git.tony.ambardar@gmail.com commit 4c329b99ef9c118343379bde9f97e8ce5cac9fc9 Author: Tony Ambardar Date: Mon Jul 22 22:54:38 2024 -0700 selftests/bpf: Fix compiling parse_tcp_hdr_opt.c with musl-libc The GNU version of 'struct tcphdr', with members 'doff' and 'urg_ptr', is not exposed by musl headers unless _GNU_SOURCE is defined. Add this definition to fix errors seen compiling for mips64el/musl-libc: parse_tcp_hdr_opt.c:18:21: error: 'struct tcphdr' has no member named 'urg_ptr' 18 | .pk6_v6.tcp.urg_ptr = 123, | ^~~~~~~ parse_tcp_hdr_opt.c:19:21: error: 'struct tcphdr' has no member named 'doff' 19 | .pk6_v6.tcp.doff = 9, /* 16 bytes of options */ | ^~~~ Fixes: cfa7b011894d ("selftests/bpf: tests for using dynptrs to parse skb and xdp buffers") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/ac5440213c242c62cb4e0d9e0a9cd5058b6a31f6.1721713597.git.tony.ambardar@gmail.com commit 21f0b0af977203220ad58aff95e372151288ec47 Author: Tony Ambardar Date: Mon Jul 22 22:54:37 2024 -0700 selftests/bpf: Fix include of Update ns_current_pid_tgid.c to use '#include ' and avoid compile error against mips64el/musl libc: In file included from .../prog_tests/ns_current_pid_tgid.c:14: .../include/sys/fcntl.h:1:2: error: #warning redirecting incorrect #include to [-Werror=cpp] 1 | #warning redirecting incorrect #include to | ^~~~~~~ cc1: all warnings being treated as errors Fixes: 09c02d553c49 ("bpf, selftests: Fold test_current_pid_tgid_new_ns into test_progs.") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/8bdc869749177b575025bf69600a4ce591822609.1721713597.git.tony.ambardar@gmail.com commit 6495eb79ca7d15bd87c38d77307e8f9b6b7bf4ef Author: Tony Ambardar Date: Mon Jul 22 22:54:36 2024 -0700 selftests/bpf: Fix missing BUILD_BUG_ON() declaration Explicitly include '' to fix errors seen compiling with gcc targeting mips64el/musl-libc: user_ringbuf.c: In function 'test_user_ringbuf_loop': user_ringbuf.c:426:9: error: implicit declaration of function 'BUILD_BUG_ON' [-Werror=implicit-function-declaration] 426 | BUILD_BUG_ON(total_samples <= c_max_entries); | ^~~~~~~~~~~~ cc1: all warnings being treated as errors Fixes: e5a9df51c746 ("selftests/bpf: Add selftests validating the user ringbuf") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/b28575f9221ec54871c46a2e87612bb4bbf46ccd.1721713597.git.tony.ambardar@gmail.com commit a2c155131b710959beb508ca6a54769b6b1bd488 Author: Tony Ambardar Date: Mon Jul 22 22:54:35 2024 -0700 selftests/bpf: Fix missing UINT_MAX definitions in benchmarks Include in 'bench.h' to provide a UINT_MAX definition and avoid multiple compile errors against mips64el/musl-libc like: benchs/bench_local_storage.c: In function 'parse_arg': benchs/bench_local_storage.c:40:38: error: 'UINT_MAX' undeclared (first use in this function) 40 | if (ret < 1 || ret > UINT_MAX) { | ^~~~~~~~ benchs/bench_local_storage.c:11:1: note: 'UINT_MAX' is defined in header ''; did you forget to '#include '? 10 | #include +++ |+#include 11 | seen with bench_local_storage.c, bench_local_storage_rcu_tasks_trace.c, and bench_bpf_hashmap_lookup.c. Fixes: 73087489250d ("selftests/bpf: Add benchmark for local_storage get") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/8f64a9d9fcff40a7fca090a65a68a9b62a468e16.1721713597.git.tony.ambardar@gmail.com commit d44c93fc2f5a0c47b23fa03d374e45259abd92d2 Author: Tony Ambardar Date: Mon Jul 22 22:54:34 2024 -0700 selftests/bpf: Fix missing ARRAY_SIZE() definition in bench.c Add a "bpf_util.h" include to avoid the following error seen compiling for mips64el with musl libc: bench.c: In function 'find_benchmark': bench.c:590:25: error: implicit declaration of function 'ARRAY_SIZE' [-Werror=implicit-function-declaration] 590 | for (i = 0; i < ARRAY_SIZE(benchs); i++) { | ^~~~~~~~~~ cc1: all warnings being treated as errors Fixes: 8e7c2a023ac0 ("selftests/bpf: Add benchmark runner infrastructure") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/bc4dde77dfcd17a825d8f28f72f3292341966810.1721713597.git.tony.ambardar@gmail.com commit 69f409469c9b1515a5db40d5a36fda372376fa2d Author: Tony Ambardar Date: Mon Jul 22 22:54:31 2024 -0700 selftests/bpf: Drop unneeded error.h includes The addition of general support for unprivileged tests in test_loader.c breaks building test_verifier on non-glibc (e.g. musl) systems, due to the inclusion of glibc extension '' in 'unpriv_helpers.c'. However, the header is actually not needed, so remove it to restore building. Similarly for sk_lookup.c and flow_dissector.c, error.h is not necessary and causes problems, so drop them. Fixes: 1d56ade032a4 ("selftests/bpf: Unprivileged tests for test_loader.c") Fixes: 0ab5539f8584 ("selftests/bpf: Tests for BPF_SK_LOOKUP attach point") Fixes: 0905beec9f52 ("selftests/bpf: run flow dissector tests in skb-less mode") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/5664367edf5fea4f3f4b4aec3b182bcfc6edff9c.1721713597.git.tony.ambardar@gmail.com commit 7b10f0c227ce3fa055d601f058dc411092a62a78 Author: Tony Ambardar Date: Mon Jul 22 22:54:30 2024 -0700 selftests/bpf: Fix error compiling bpf_iter_setsockopt.c with musl libc Existing code calls getsockname() with a 'struct sockaddr_in6 *' argument where a 'struct sockaddr *' argument is declared, yielding compile errors when building for mips64el/musl-libc: bpf_iter_setsockopt.c: In function 'get_local_port': bpf_iter_setsockopt.c:98:30: error: passing argument 2 of 'getsockname' from incompatible pointer type [-Werror=incompatible-pointer-types] 98 | if (!getsockname(fd, &addr, &addrlen)) | ^~~~~ | | | struct sockaddr_in6 * In file included from .../netinet/in.h:10, from .../arpa/inet.h:9, from ./test_progs.h:17, from bpf_iter_setsockopt.c:5: .../sys/socket.h:391:23: note: expected 'struct sockaddr * restrict' but argument is of type 'struct sockaddr_in6 *' 391 | int getsockname (int, struct sockaddr *__restrict, socklen_t *__restrict); | ^ cc1: all warnings being treated as errors This compiled under glibc only because the argument is declared to be a "funky" transparent union which includes both types above. Explicitly cast the argument to allow compiling for both musl and glibc. Fixes: eed92afdd14c ("bpf: selftest: Test batching and bpf_(get|set)sockopt in bpf tcp iter") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Acked-by: Geliang Tang Link: https://lore.kernel.org/bpf/f41def0f17b27a23b1709080e4e3f37f4cc11ca9.1721713597.git.tony.ambardar@gmail.com commit d393f9479d4aaab0fa4c3caf513f28685e831f13 Author: Tony Ambardar Date: Mon Jul 22 22:54:29 2024 -0700 selftests/bpf: Fix compile error from rlim_t in sk_storage_map.c Cast 'rlim_t' argument to match expected type of printf() format and avoid compile errors seen building for mips64el/musl-libc: In file included from map_tests/sk_storage_map.c:20: map_tests/sk_storage_map.c: In function 'test_sk_storage_map_stress_free': map_tests/sk_storage_map.c:414:56: error: format '%lu' expects argument of type 'long unsigned int', but argument 2 has type 'rlim_t' {aka 'long long unsigned int'} [-Werror=format=] 414 | CHECK(err, "setrlimit(RLIMIT_NOFILE)", "rlim_new:%lu errno:%d", | ^~~~~~~~~~~~~~~~~~~~~~~ 415 | rlim_new.rlim_cur, errno); | ~~~~~~~~~~~~~~~~~ | | | rlim_t {aka long long unsigned int} ./test_maps.h:12:24: note: in definition of macro 'CHECK' 12 | printf(format); \ | ^~~~~~ map_tests/sk_storage_map.c:414:68: note: format string is defined here 414 | CHECK(err, "setrlimit(RLIMIT_NOFILE)", "rlim_new:%lu errno:%d", | ~~^ | | | long unsigned int | %llu cc1: all warnings being treated as errors Fixes: 51a0e301a563 ("bpf: Add BPF_MAP_TYPE_SK_STORAGE test to test_maps") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/1e00a1fa7acf91b4ca135c4102dc796d518bad86.1721713597.git.tony.ambardar@gmail.com commit ec4fe2f0fa12fd2d0115df7e58414dc26899cc5e Author: Tony Ambardar Date: Mon Jul 22 22:54:28 2024 -0700 selftests/bpf: Use pid_t consistently in test_progs.c Use pid_t rather than __pid_t when allocating memory for 'worker_pids' in 'struct test_env', as this is its declared type and also avoids compile errors seen building against musl libc on mipsel64: test_progs.c:1738:49: error: '__pid_t' undeclared (first use in this function); did you mean 'pid_t'? 1738 | env.worker_pids = calloc(sizeof(__pid_t), env.workers); | ^~~~~~~ | pid_t test_progs.c:1738:49: note: each undeclared identifier is reported only once for each function it appears in Fixes: 91b2c0afd00c ("selftests/bpf: Add parallelism to test_progs") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Acked-by: Geliang Tang Link: https://lore.kernel.org/bpf/c6447da51a94babc1931711a43e2ceecb135c93d.1721713597.git.tony.ambardar@gmail.com commit 6b376e7543dd15faec4e3878bc1a187126532985 Author: Ihor Solodrai Date: Tue Jul 23 20:57:43 2024 +0000 selftests/bpf: Make %.test.d prerequisite order only %.test.o should depend on %.test.d order-only to avoid unnecessary recompilations due to compiler dumping .d and .o files in random order. Signed-off-by: Ihor Solodrai Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/all/gSoCpn9qV5K0hRvrvYlrw2StRntsvZcrUuDfkZUh1Ang9E6yZ9XJGYDuIP9iCuM2YTVhSEzEXCteQ94_0uIUjx_mXwupFJt64NJaiMr99a0=@pm.me Link: https://lore.kernel.org/all/FnnOUuDMmf0SebqA1bb0fQIW4vguOZ-VcAlPnPMnmT2lJYxMMxFAhcgh77px8MsPS5Fr01I0YQxLJClEJTFWHdpaTBVSQhlmsVTcEsNQbV4=@pm.me Link: https://lore.kernel.org/bpf/yyjJRl5LODbI4-FseU0wIP5e4ik0zAy7Sy-5eGwrzG_UanI8rwWlQPfXAFnn_27hoZFogoUHRSWxFsLk7hPr0b6P5TZ3cRrM30_ggnu555M=@pm.me commit 52839f31cecec2efe8cd50f432b7dd153d485c30 Merge: 26672b5caf3cbe d0ad1f8f8846cf Author: Alexei Starovoitov Date: Tue Jul 23 20:47:07 2024 -0700 Merge branch 'no_caller_saved_registers-attribute-for-helper-calls' Eduard Zingerman says: ==================== no_caller_saved_registers attribute for helper calls This patch-set seeks to allow using no_caller_saved_registers gcc/clang attribute with some BPF helper functions (and kfuncs in the future). As documented in [1], this attribute means that function scratches only some of the caller saved registers defined by ABI. For BPF the set of such registers could be defined as follows: - R0 is scratched only if function is non-void; - R1-R5 are scratched only if corresponding parameter type is defined in the function prototype. The goal of the patch-set is to implement no_caller_saved_registers (nocsr for short) in a backwards compatible manner: - for kernels that support the feature, gain some performance boost from better register allocation; - for kernels that don't support the feature, allow programs execution with minor performance losses. To achieve this, use a scheme suggested by Alexei Starovoitov: - for nocsr calls clang allocates registers as-if relevant r0-r5 registers are not scratched by the call; - as a post-processing step, clang visits each nocsr call and adds spill/fill for every live r0-r5; - stack offsets used for spills/fills are allocated as lowest stack offsets in whole function and are not used for any other purpose; - when kernel loads a program, it looks for such patterns (nocsr function surrounded by spills/fills) and checks if spill/fill stack offsets are used exclusively in nocsr patterns; - if so, and if current JIT inlines the call to the nocsr function (e.g. a helper call), kernel removes unnecessary spill/fill pairs; - when old kernel loads a program, presence of spill/fill pairs keeps BPF program valid, albeit slightly less efficient. Corresponding clang/llvm changes are available in [2]. The patch-set uses bpf_get_smp_processor_id() function as a canary, making it the first helper with nocsr attribute. For example, consider the following program: #define __no_csr __attribute__((no_caller_saved_registers)) #define SEC(name) __attribute__((section(name), used)) #define bpf_printk(fmt, ...) bpf_trace_printk((fmt), sizeof(fmt), __VA_ARGS__) typedef unsigned int __u32; static long (* const bpf_trace_printk)(const char *fmt, __u32 fmt_size, ...) = (void *) 6; static __u32 (*const bpf_get_smp_processor_id)(void) __no_csr = (void *)8; SEC("raw_tp") int test(void *ctx) { __u32 task = bpf_get_smp_processor_id(); bpf_printk("ctx=%p, smp=%d", ctx, task); return 0; } char _license[] SEC("license") = "GPL"; Compiled (using [2]) as follows: $ clang --target=bpf -O2 -g -c -o nocsr.bpf.o nocsr.bpf.c $ llvm-objdump --no-show-raw-insn -Sd nocsr.bpf.o ... 3rd parameter for printk call removable spill/fill pair .--- 0: r3 = r1 | ; | __u32 task = bpf_get_smp_processor_id(); | | 1: *(u64 *)(r10 - 0x8) = r3 <----------| | 2: call 0x8 | | 3: r3 = *(u64 *)(r10 - 0x8) <----------' ; | bpf_printk("ctx=%p, smp=%d", ctx, task); | 4: r1 = 0x0 ll | 6: r2 = 0xf | 7: r4 = r0 '--> 8: call 0x6 ; return 0; 9: r0 = 0x0 10: exit Here is how the program looks after verifier processing: # bpftool prog load ./nocsr.bpf.o /sys/fs/bpf/nocsr-test # bpftool prog dump xlated pinned /sys/fs/bpf/nocsr-test int test(void * ctx): 0: (bf) r3 = r1 <--- 3rd printk parameter ; __u32 task = bpf_get_smp_processor_id(); 1: (b4) w0 = 197324 <--. inlined helper call, 2: (bf) r0 = &(void __percpu *)(r0) <--- spill/fill 3: (61) r0 = *(u32 *)(r0 +0) <--' pair removed ; bpf_printk("ctx=%p, smp=%d", ctx, task); 4: (18) r1 = map[id:5][0]+0 6: (b7) r2 = 15 7: (bf) r4 = r0 8: (85) call bpf_trace_printk#-125920 ; return 0; 9: (b7) r0 = 0 10: (95) exit [1] https://clang.llvm.org/docs/AttributeReference.html#no-caller-saved-registers [2] https://github.com/eddyz87/llvm-project/tree/bpf-no-caller-saved-registers Change list: - v3 -> v4: - When nocsr spills/fills are removed in the subprogram, allow these spills/fills to reside in [-MAX_BPF_STACK-48..MAX_BPF_STACK) range (suggested by Alexei); - Dropped patches with special handling for bpf_probe_read_kernel() (requested by Alexei); - Reset aux .nocsr_pattern and .nocsr_spills_num fields in check_nocsr_stack_contract() (requested by Andrii). Andrii, I have not added an additional flag to struct bpf_subprog_info, it currently does not have holes and I really don't like adding a bool field there just as an alternative indicator that nocsr is disabled. Indicator at the moment: - nocsr_stack_off >= S16_MIN means that nocsr rewrite is enabled; - nocsr_stack_off == S16_MIN means that nocsr rewrite is disabled. - v2 -> v3: - As suggested by Andrii, 'nocsr_stack_off' is no longer checked at rewrite time, instead mark_nocsr_patterns() now does two passes over BPF program: - on a first pass it computes the lowest stack spill offset for the subprogram; - on a second pass this offset is used to recognize nocsr pattern. - As suggested by Alexei, a new mechanic is added to work around a situation mentioned by Andrii, when more helper functions are marked as nocsr at compile time than current kernel supports: - all {spill*,helper call,fill*} patterns are now marked as insn_aux_data[*].nocsr_pattern, thus relaxing failure condition for check_nocsr_stack_contract(); - spill/fill pairs are not removed for patterns where helper can't be inlined; - see mark_nocsr_pattern_for_call() for details an example. - As suggested by Alexei, subprogram stack depth is now adjusted if all spill/fill pairs could be removed. This adjustment has to take place before optimize_bpf_loop(), hence the rewrite is moved from do_misc_fixups() to remove_nocsr_spills_fills() (again). - As suggested by Andrii, special measures are taken to work around bpf_probe_read_kernel() access to BPF stack, see patches 11, 12. Patch #11 is very simplistic, a more comprehensive solution would be to change the type of the third parameter of the bpf_probe_read_kernel() from ARG_ANYTHING to something else and not only check nocsr contract, but also propagate stack slot liveness information. However, such change would require update in struct bpf_call_arg_meta processing, which currently implies that every memory parameter is followed by a size parameter. I can work on these changes, please comment. - Stylistic changes suggested by Andrii. - Added acks from Andrii. - Dropped RFC tag. - v1 -> v2: - assume that functions inlined by either jit or verifier conform to no_caller_saved_registers contract (Andrii, Puranjay); - allow nocsr rewrite for bpf_get_smp_processor_id() on arm64 and riscv64 architectures (Puranjay); - __arch_{x86_64,arm64,riscv64} macro for test_loader; - moved remove_nocsr_spills_fills() inside do_misc_fixups() (Andrii); - moved nocsr pattern detection from check_cfg() to a separate pass (Andrii); - various stylistic/correctness changes according to Andrii's comments. Revisions: - v1 https://lore.kernel.org/bpf/20240629094733.3863850-1-eddyz87@gmail.com/ - v2 https://lore.kernel.org/bpf/20240704102402.1644916-1-eddyz87@gmail.com/ - v3 https://lore.kernel.org/bpf/20240715230201.3901423-1-eddyz87@gmail.com/ ==================== Link: https://lore.kernel.org/r/20240722233844.1406874-1-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit d0ad1f8f8846cffebca55abdd1ed275e276a6754 Author: Eduard Zingerman Date: Mon Jul 22 16:38:44 2024 -0700 selftests/bpf: test no_caller_saved_registers spill/fill removal Tests for no_caller_saved_registers processing logic (see verifier.c:match_and_mark_nocsr_pattern()): - a canary positive test case; - a canary test case for arm64 and riscv64; - various tests with broken patterns; - tests with read/write fixed/varying stack access that violate nocsr stack access contract; - tests with multiple subprograms; - tests using nocsr in combination with may_goto/bpf_loop, as all of these features affect stack depth; - tests for nocsr stack spills below max stack depth. Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240722233844.1406874-11-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit ee7fe84468b1732fe65c5af3836437d54ac4c419 Author: Eduard Zingerman Date: Mon Jul 22 16:38:43 2024 -0700 selftests/bpf: __arch_* macro to limit test cases to specific archs Add annotations __arch_x86_64, __arch_arm64, __arch_riscv64 to specify on which architecture the test case should be tested. Several __arch_* annotations could be specified at once. When test case is not run on current arch it is marked as skipped. For example, the following would be tested only on arm64 and riscv64: SEC("raw_tp") __arch_arm64 __arch_riscv64 __xlated("1: *(u64 *)(r10 - 16) = r1") __xlated("2: call") __xlated("3: r1 = *(u64 *)(r10 - 16);") __success __naked void canary_arm64_riscv64(void) { asm volatile ( "r1 = 1;" "*(u64 *)(r10 - 16) = r1;" "call %[bpf_get_smp_processor_id];" "r1 = *(u64 *)(r10 - 16);" "exit;" : : __imm(bpf_get_smp_processor_id) : __clobber_all); } On x86 it would be skipped: #467/2 verifier_nocsr/canary_arm64_riscv64:SKIP Acked-by: Andrii Nakryiko Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240722233844.1406874-10-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 9c9f7339131030949a8ef111080427ff1a8085b5 Author: Eduard Zingerman Date: Mon Jul 22 16:38:42 2024 -0700 selftests/bpf: allow checking xlated programs in verifier_* tests Add a macro __xlated("...") for use with test_loader tests. When such annotations are present for the test case: - bpf_prog_get_info_by_fd() is used to get BPF program after all rewrites are applied by verifier. - the program is disassembled and patterns specified in __xlated are searched for in the disassembly text. __xlated matching follows the same mechanics as __msg: each subsequent pattern is matched from the point where previous pattern ended. This allows to write tests like below, where the goal is to verify the behavior of one of the of the transformations applied by verifier: SEC("raw_tp") __xlated("1: w0 = ") __xlated("2: r0 = &(void __percpu *)(r0)") __xlated("3: r0 = *(u32 *)(r0 +0)") __xlated("4: exit") __success __naked void simple(void) { asm volatile ( "call %[bpf_get_smp_processor_id];" "exit;" : : __imm(bpf_get_smp_processor_id) : __clobber_all); } Acked-by: Andrii Nakryiko Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240722233844.1406874-9-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 64f01e935ddb26f48baec71883c27878ac4231dc Author: Eduard Zingerman Date: Mon Jul 22 16:38:41 2024 -0700 selftests/bpf: extract test_loader->expect_msgs as a data structure Non-functional change: use a separate data structure to represented expected messages in test_loader. This would allow to use the same functionality for expected set of disassembled instructions in the follow-up commit. Acked-by: Andrii Nakryiko Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240722233844.1406874-8-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 4ef5d6af493558124b7a6c13cace58b938fe27d4 Author: Eduard Zingerman Date: Mon Jul 22 16:38:40 2024 -0700 selftests/bpf: no need to track next_match_pos in struct test_loader The call stack for validate_case() function looks as follows: - test_loader__run_subtests() - process_subtest() - run_subtest() - prepare_case(), which does 'tester->next_match_pos = 0'; - validate_case(), which increments tester->next_match_pos. Hence, each subtest is run with next_match_pos freshly set to zero. Meaning that there is no need to persist this variable in the struct test_loader, use local variable instead. Acked-by: Andrii Nakryiko Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240722233844.1406874-7-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 203e6aba7692bca18fd97251b1354da0f5e2ba30 Author: Eduard Zingerman Date: Mon Jul 22 16:38:39 2024 -0700 selftests/bpf: print correct offset for pseudo calls in disasm_insn() Adjust disasm_helpers.c:disasm_insn() to account for the following part of the verifier.c:jit_subprogs: for (i = 0, insn = prog->insnsi; i < prog->len; i++, insn++) { /* ... */ if (!bpf_pseudo_call(insn)) continue; insn->off = env->insn_aux_data[i].call_imm; subprog = find_subprog(env, i + insn->off + 1); insn->imm = subprog; } Where verifier moves offset of the subprogram to the insn->off field. Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240722233844.1406874-6-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 26672b5caf3cbeeffe8651035dddff95f610e7ec Author: Yonghong Song Date: Tue Jul 23 09:29:40 2024 -0700 selftests/bpf: Add reg_bounds tests for ldsx and subreg compare Add a few reg_bounds selftests to test 32/16/8-bit ldsx and subreg comparison. Without the previous patch, all added tests will fail. Acked-by: Eduard Zingerman Signed-off-by: Yonghong Song Link: https://lore.kernel.org/r/20240723162940.2732171-1-yonghong.song@linux.dev Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 424ebaa3678b0d7f653dffb08eae90424740e0f4 Author: Eduard Zingerman Date: Mon Jul 22 16:38:38 2024 -0700 selftests/bpf: extract utility function for BPF disassembly struct bpf_insn *disasm_insn(struct bpf_insn *insn, char *buf, size_t buf_sz); Disassembles instruction 'insn' to a text buffer 'buf'. Removes insn->code hex prefix added by kernel disassembly routine. Returns a pointer to the next instruction (increments insn by either 1 or 2). Acked-by: Andrii Nakryiko Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240722233844.1406874-5-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 9f5469b84577500375b311a98ffa8f4a68b5c77a Author: Yonghong Song Date: Tue Jul 23 09:29:33 2024 -0700 bpf: Get better reg range with ldsx and 32bit compare With latest llvm19, the selftest iters/iter_arr_with_actual_elem_count failed with -mcpu=v4. The following are the details: 0: R1=ctx() R10=fp0 ; int iter_arr_with_actual_elem_count(const void *ctx) @ iters.c:1420 0: (b4) w7 = 0 ; R7_w=0 ; int i, n = loop_data.n, sum = 0; @ iters.c:1422 1: (18) r1 = 0xffffc90000191478 ; R1_w=map_value(map=iters.bss,ks=4,vs=1280,off=1144) 3: (61) r6 = *(u32 *)(r1 +128) ; R1_w=map_value(map=iters.bss,ks=4,vs=1280,off=1144) R6_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) ; if (n > ARRAY_SIZE(loop_data.data)) @ iters.c:1424 4: (26) if w6 > 0x20 goto pc+27 ; R6_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=32,var_off=(0x0; 0x3f)) 5: (bf) r8 = r10 ; R8_w=fp0 R10=fp0 6: (07) r8 += -8 ; R8_w=fp-8 ; bpf_for(i, 0, n) { @ iters.c:1427 7: (bf) r1 = r8 ; R1_w=fp-8 R8_w=fp-8 8: (b4) w2 = 0 ; R2_w=0 9: (bc) w3 = w6 ; R3_w=scalar(id=1,smin=smin32=0,smax=umax=smax32=umax32=32,var_off=(0x0; 0x3f)) R6_w=scalar(id=1,smin=smin32=0,smax=umax=smax32=umax32=32,var_off=(0x0; 0x3f)) 10: (85) call bpf_iter_num_new#45179 ; R0=scalar() fp-8=iter_num(ref_id=2,state=active,depth=0) refs=2 11: (bf) r1 = r8 ; R1=fp-8 R8=fp-8 refs=2 12: (85) call bpf_iter_num_next#45181 13: R0=rdonly_mem(id=3,ref_obj_id=2,sz=4) R6=scalar(id=1,smin=smin32=0,smax=umax=smax32=umax32=32,var_off=(0x0; 0x3f)) R7=0 R8=fp-8 R10=fp0 fp-8=iter_num(ref_id=2,state=active,depth=1) refs=2 ; bpf_for(i, 0, n) { @ iters.c:1427 13: (15) if r0 == 0x0 goto pc+2 ; R0=rdonly_mem(id=3,ref_obj_id=2,sz=4) refs=2 14: (81) r1 = *(s32 *)(r0 +0) ; R0=rdonly_mem(id=3,ref_obj_id=2,sz=4) R1_w=scalar(smin=0xffffffff80000000,smax=0x7fffffff) refs=2 15: (ae) if w1 < w6 goto pc+4 20: R0=rdonly_mem(id=3,ref_obj_id=2,sz=4) R1=scalar(smin=0xffffffff80000000,smax=smax32=umax32=31,umax=0xffffffff0000001f,smin32=0,var_off=(0x0; 0xffffffff0000001f)) R6=scalar(id=1,smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=32,var_off=(0x0; 0x3f)) R7=0 R8=fp-8 R10=fp0 fp-8=iter_num(ref_id=2,state=active,depth=1) refs=2 ; sum += loop_data.data[i]; @ iters.c:1429 20: (67) r1 <<= 2 ; R1_w=scalar(smax=0x7ffffffc0000007c,umax=0xfffffffc0000007c,smin32=0,smax32=umax32=124,var_off=(0x0; 0xfffffffc0000007c)) refs=2 21: (18) r2 = 0xffffc90000191478 ; R2_w=map_value(map=iters.bss,ks=4,vs=1280,off=1144) refs=2 23: (0f) r2 += r1 math between map_value pointer and register with unbounded min value is not allowed The source code: int iter_arr_with_actual_elem_count(const void *ctx) { int i, n = loop_data.n, sum = 0; if (n > ARRAY_SIZE(loop_data.data)) return 0; bpf_for(i, 0, n) { /* no rechecking of i against ARRAY_SIZE(loop_data.n) */ sum += loop_data.data[i]; } return sum; } The insn #14 is a sign-extenstion load which is related to 'int i'. The insn #15 did a subreg comparision. Note that smin=0xffffffff80000000 and this caused later insn #23 failed verification due to unbounded min value. Actually insn #15 R1 smin range can be better. Before insn #15, we have R1_w=scalar(smin=0xffffffff80000000,smax=0x7fffffff) With the above range, we know for R1, upper 32bit can only be 0xffffffff or 0. Otherwise, the value range for R1 could be beyond [smin=0xffffffff80000000,smax=0x7fffffff]. After insn #15, for the true patch, we know smin32=0 and smax32=32. With the upper 32bit 0xffffffff, then the corresponding value is [0xffffffff00000000, 0xffffffff00000020]. The range is obviously beyond the original range [smin=0xffffffff80000000,smax=0x7fffffff] and the range is not possible. So the upper 32bit must be 0, which implies smin = smin32 and smax = smax32. This patch fixed the issue by adding additional register deduction after 32-bit compare insn. If the signed 32-bit register range is non-negative then 64-bit smin is in range of [S32_MIN, S32_MAX], then the actual 64-bit smin/smax should be the same as 32-bit smin32/smax32. With this patch, iters/iter_arr_with_actual_elem_count succeeded with better register range: from 15 to 20: R0=rdonly_mem(id=7,ref_obj_id=2,sz=4) R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31,var_off=(0x0; 0x1f)) R6=scalar(id=1,smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=32,var_off=(0x0; 0x3f)) R7=scalar(id=9,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R8=scalar(id=9,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-8=iter_num(ref_id=2,state=active,depth=3) refs=2 Acked-by: Eduard Zingerman Acked-by: Shung-Hsi Yu Signed-off-by: Yonghong Song Link: https://lore.kernel.org/r/20240723162933.2731620-1-yonghong.song@linux.dev Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 91b7fbf3936f5c27d1673264dc24a713290e2165 Author: Eduard Zingerman Date: Mon Jul 22 16:38:37 2024 -0700 bpf, x86, riscv, arm: no_caller_saved_registers for bpf_get_smp_processor_id() The function bpf_get_smp_processor_id() is processed in a different way, depending on the arch: - on x86 verifier replaces call to bpf_get_smp_processor_id() with a sequence of instructions that modify only r0; - on riscv64 jit replaces call to bpf_get_smp_processor_id() with a sequence of instructions that modify only r0; - on arm64 jit replaces call to bpf_get_smp_processor_id() with a sequence of instructions that modify only r0 and tmp registers. These rewrites satisfy attribute no_caller_saved_registers contract. Allow rewrite of no_caller_saved_registers patterns for bpf_get_smp_processor_id() in order to use this function as a canary for no_caller_saved_registers tests. Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240722233844.1406874-4-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 63a9936b45859b24780c86c32a32fc7b087c304e Author: Yonghong Song Date: Tue Jul 23 08:34:44 2024 -0700 selftests/bpf: Add tests for ldsx of pkt data/data_end/data_meta accesses The following tests are added to verifier_ldsx.c: - sign extension of data/data_end/data_meta for tcx programs. The actual checking is in bpf_skb_is_valid_access() which is called by sk_filter, cg_skb, lwt, tc(tcx) and sk_skb. - sign extension of data/data_end/data_meta for xdp programs. - sign extension of data/data_end for flow_dissector programs. All newly-added tests have verification failure with message "invalid bpf_context access". Without previous patch, all these tests succeeded verification. Acked-by: Eduard Zingerman Signed-off-by: Yonghong Song Link: https://lore.kernel.org/r/20240723153444.2430365-1-yonghong.song@linux.dev Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 5b5f51bff1b66cedb62b5ba74a1878341204e057 Author: Eduard Zingerman Date: Mon Jul 22 16:38:36 2024 -0700 bpf: no_caller_saved_registers attribute for helper calls GCC and LLVM define a no_caller_saved_registers function attribute. This attribute means that function scratches only some of the caller saved registers defined by ABI. For BPF the set of such registers could be defined as follows: - R0 is scratched only if function is non-void; - R1-R5 are scratched only if corresponding parameter type is defined in the function prototype. This commit introduces flag bpf_func_prot->allow_nocsr. If this flag is set for some helper function, verifier assumes that it follows no_caller_saved_registers calling convention. The contract between kernel and clang allows to simultaneously use such functions and maintain backwards compatibility with old kernels that don't understand no_caller_saved_registers calls (nocsr for short): - clang generates a simple pattern for nocsr calls, e.g.: r1 = 1; r2 = 2; *(u64 *)(r10 - 8) = r1; *(u64 *)(r10 - 16) = r2; call %[to_be_inlined] r2 = *(u64 *)(r10 - 16); r1 = *(u64 *)(r10 - 8); r0 = r1; r0 += r2; exit; - kernel removes unnecessary spills and fills, if called function is inlined by verifier or current JIT (with assumption that patch inserted by verifier or JIT honors nocsr contract, e.g. does not scratch r3-r5 for the example above), e.g. the code above would be transformed to: r1 = 1; r2 = 2; call %[to_be_inlined] r0 = r1; r0 += r2; exit; Technically, the transformation is split into the following phases: - function mark_nocsr_patterns(), called from bpf_check() searches and marks potential patterns in instruction auxiliary data; - upon stack read or write access, function check_nocsr_stack_contract() is used to verify if stack offsets, presumably reserved for nocsr patterns, are used only from those patterns; - function remove_nocsr_spills_fills(), called from bpf_check(), applies the rewrite for valid patterns. See comment in mark_nocsr_pattern_for_call() for more details. Suggested-by: Alexei Starovoitov Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240722233844.1406874-3-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 92de36080c93296ef9005690705cba260b9bd68a Author: Yonghong Song Date: Tue Jul 23 08:34:39 2024 -0700 bpf: Fail verification for sign-extension of packet data/data_end/data_meta syzbot reported a kernel crash due to commit 1f1e864b6555 ("bpf: Handle sign-extenstin ctx member accesses"). The reason is due to sign-extension of 32-bit load for packet data/data_end/data_meta uapi field. The original code looks like: r2 = *(s32 *)(r1 + 76) /* load __sk_buff->data */ r3 = *(u32 *)(r1 + 80) /* load __sk_buff->data_end */ r0 = r2 r0 += 8 if r3 > r0 goto +1 ... Note that __sk_buff->data load has 32-bit sign extension. After verification and convert_ctx_accesses(), the final asm code looks like: r2 = *(u64 *)(r1 +208) r2 = (s32)r2 r3 = *(u64 *)(r1 +80) r0 = r2 r0 += 8 if r3 > r0 goto pc+1 ... Note that 'r2 = (s32)r2' may make the kernel __sk_buff->data address invalid which may cause runtime failure. Currently, in C code, typically we have void *data = (void *)(long)skb->data; void *data_end = (void *)(long)skb->data_end; ... and it will generate r2 = *(u64 *)(r1 +208) r3 = *(u64 *)(r1 +80) r0 = r2 r0 += 8 if r3 > r0 goto pc+1 If we allow sign-extension, void *data = (void *)(long)(int)skb->data; void *data_end = (void *)(long)skb->data_end; ... the generated code looks like r2 = *(u64 *)(r1 +208) r2 <<= 32 r2 s>>= 32 r3 = *(u64 *)(r1 +80) r0 = r2 r0 += 8 if r3 > r0 goto pc+1 and this will cause verification failure since "r2 <<= 32" is not allowed as "r2" is a packet pointer. To fix this issue for case r2 = *(s32 *)(r1 + 76) /* load __sk_buff->data */ this patch added additional checking in is_valid_access() callback function for packet data/data_end/data_meta access. If those accesses are with sign-extenstion, the verification will fail. [1] https://lore.kernel.org/bpf/000000000000c90eee061d236d37@google.com/ Reported-by: syzbot+ad9ec60c8eaf69e6f99c@syzkaller.appspotmail.com Fixes: 1f1e864b6555 ("bpf: Handle sign-extenstin ctx member accesses") Acked-by: Eduard Zingerman Signed-off-by: Yonghong Song Link: https://lore.kernel.org/r/20240723153439.2429035-1-yonghong.song@linux.dev Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 45cbc7a5e004cf08528ef83633c62120cca3a5ee Author: Eduard Zingerman Date: Mon Jul 22 16:38:35 2024 -0700 bpf: add a get_helper_proto() utility function Extract the part of check_helper_call() as a utility function allowing to query 'struct bpf_func_proto' for a specific helper function id. Acked-by: Andrii Nakryiko Signed-off-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240722233844.1406874-2-eddyz87@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit f86601c3661946721e8f260bdd812b759854ac22 Author: Tony Ambardar Date: Mon Jul 22 17:30:45 2024 -0700 tools/runqslower: Fix LDFLAGS and add LDLIBS support Actually use previously defined LDFLAGS during build and add support for LDLIBS to link extra standalone libraries e.g. 'argp' which is not provided by musl libc. Fixes: 585bf4640ebe ("tools: runqslower: Add EXTRA_CFLAGS and EXTRA_LDFLAGS support") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Acked-by: Ilya Leoshkevich Link: https://lore.kernel.org/bpf/20240723003045.2273499-1-tony.ambardar@gmail.com commit 3ece93a4087b2db7b99ebb2412bd60cf26bbbb51 Author: Tony Ambardar Date: Fri Jul 19 22:25:35 2024 -0700 selftests/bpf: Fix wrong binary in Makefile log output Make log output incorrectly shows 'test_maps' as the binary name for every 'CLNG-BPF' build step, apparently picking up the last value defined for the $(TRUNNER_BINARY) variable. Update the 'CLANG_BPF_BUILD_RULE' variants to fix this confusing output. Current output: CLNG-BPF [test_maps] access_map_in_map.bpf.o GEN-SKEL [test_progs] access_map_in_map.skel.h ... CLNG-BPF [test_maps] access_map_in_map.bpf.o GEN-SKEL [test_progs-no_alu32] access_map_in_map.skel.h ... CLNG-BPF [test_maps] access_map_in_map.bpf.o GEN-SKEL [test_progs-cpuv4] access_map_in_map.skel.h After fix: CLNG-BPF [test_progs] access_map_in_map.bpf.o GEN-SKEL [test_progs] access_map_in_map.skel.h ... CLNG-BPF [test_progs-no_alu32] access_map_in_map.bpf.o GEN-SKEL [test_progs-no_alu32] access_map_in_map.skel.h ... CLNG-BPF [test_progs-cpuv4] access_map_in_map.bpf.o GEN-SKEL [test_progs-cpuv4] access_map_in_map.skel.h Fixes: a5d0c26a2784 ("selftests/bpf: Add a cpuv4 test runner for cpu=v4 testing") Fixes: 89ad7420b25c ("selftests/bpf: Drop the need for LLVM's llc") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Acked-by: Eduard Zingerman Link: https://lore.kernel.org/bpf/20240720052535.2185967-1-tony.ambardar@gmail.com commit 01510fd4a22d0e489f30e869bd9cd3cce43dd2cf Merge: d17f9b370df628 98adc743ae1feb Author: Andrii Nakryiko Date: Tue Jul 23 13:21:25 2024 -0700 Merge branch 'selftests-bpf-add-more-uprobe-multi-tests' Jiri Olsa says: ==================== selftests/bpf: Add more uprobe multi tests hi, adding more uprobe multi tests for failed attachments inside the uprobe register code. v3 changes: - renamed several variables/functions, null check [Andrii] - fixed CI issue thanks, jirka --- ==================== Link: https://lore.kernel.org/r/20240722202758.3889061-1-jolsa@kernel.org Signed-off-by: Andrii Nakryiko commit d17f9b370df628a3faaec7fd8be92a89ecc3e33a Author: Artem Savkov Date: Tue Jul 23 09:10:31 2024 +0200 selftests/bpf: Fix compilation failure when CONFIG_NET_FOU!=y Without CONFIG_NET_FOU bpf selftests are unable to build because of missing definitions. Add ___local versions of struct bpf_fou_encap and enum bpf_fou_encap_type to fix the issue. Signed-off-by: Artem Savkov Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240723071031.3389423-1-asavkov@redhat.com commit 98adc743ae1febb401d635bebe46667af2692751 Author: Jiri Olsa Date: Mon Jul 22 22:27:58 2024 +0200 selftests/bpf: Add uprobe multi consumers test Adding test that attaches/detaches multiple consumers on single uprobe and verifies all were hit as expected. Signed-off-by: Jiri Olsa Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240722202758.3889061-3-jolsa@kernel.org commit a5f40d596bff182b4b47547712f540885e8fb17b Author: Tony Ambardar Date: Mon Jul 22 17:13:29 2024 -0700 selftests/bpf: Fix error linking uprobe_multi on mips Linking uprobe_multi.c on mips64el fails due to relocation overflows, when the GOT entries required exceeds the default maximum. Add a specific CFLAGS (-mxgot) for uprobe_multi.c on MIPS that allows using a larger GOT and avoids errors such as: /tmp/ccBTNQzv.o: in function `bench': uprobe_multi.c:49:(.text+0x1d7720): relocation truncated to fit: R_MIPS_GOT_DISP against `uprobe_multi_func_08188' uprobe_multi.c:49:(.text+0x1d7730): relocation truncated to fit: R_MIPS_GOT_DISP against `uprobe_multi_func_08189' ... collect2: error: ld returned 1 exit status Fixes: 519dfeaf5119 ("selftests/bpf: Add uprobe_multi test program") Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/14eb7b70f8ccef9834874d75eb373cb9292129da.1721692479.git.tony.ambardar@gmail.com commit 30c2980c1092d5d69b2a3f460491145ebe0629ec Author: Jiri Olsa Date: Mon Jul 22 22:27:57 2024 +0200 selftests/bpf: Add uprobe fail tests for uprobe multi Adding tests for checking on recovery after failing to attach uprobe. Signed-off-by: Jiri Olsa Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240722202758.3889061-2-jolsa@kernel.org commit c7ad90736763b4e6bed10788ec07020a4f15dc32 Author: Tony Ambardar Date: Mon Jul 22 17:13:28 2024 -0700 selftests/bpf: Add missing system defines for mips Update get_sys_includes in Makefile with missing MIPS-related definitions to fix many, many compilation errors building selftests/bpf. The following added defines drive conditional logic in system headers for word-size and endianness selection: MIPSEL, MIPSEB _MIPS_SZPTR _MIPS_SZLONG _MIPS_SIM, _ABIO32, _ABIN32, _ABI64 Signed-off-by: Tony Ambardar Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/f3cfceaf5299cdd2ac0e0a36072d6ca7be23e603.1721692479.git.tony.ambardar@gmail.com commit a0ef659d03d2fc66c270cee791a1c5ebc0ff3bac Author: Ihor Solodrai Date: Tue Jul 23 03:07:00 2024 +0000 selftests/bpf: Don't include .d files on make clean Ignore generated %.test.o dependencies when make goal is clean or docs-clean. Signed-off-by: Ihor Solodrai Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/all/oNTIdax7aWGJdEgabzTqHzF4r-WTERrV1e1cNaPQMp-UhYUQpozXqkbuAlLBulczr6I99-jM5x3dxv56JJowaYBkm765R9Aa9kyrVuCl_kA=@pm.me Link: https://lore.kernel.org/bpf/K69Y8OKMLXBWR0dtOfsC4J46-HxeQfvqoFx1CysCm7u19HRx4MB6yAKOFkM6X-KAx2EFuCcCh_9vYWpsgQXnAer8oQ8PMeDEuiRMYECuGH4=@pm.me commit c7db4873fbd63918c124a5d67182492c78ba705b Author: Song Liu Date: Mon Jul 22 22:14:55 2024 -0700 selftests/bpf: Add a test for mmap-able map in map Regular BPF hash map is not mmap-able from user space. However, map-in-map with outer map of type BPF_MAP_TYPE_HASH_OF_MAPS and mmap-able array as inner map can perform similar operations as a mmap-able hash map. This can be used by applications that benefit from fast accesses to some local data. Add a selftest to show this use case. Signed-off-by: Song Liu Link: https://lore.kernel.org/r/20240723051455.1589192-1-song@kernel.org Signed-off-by: Martin KaFai Lau Signed-off-by: Andrii Nakryiko commit 1edf364a8af49390ae8f81595625a189a08b9be3 Merge: aa8ebb270c66ce 71a2fbaf9c91b0 Author: Martin KaFai Lau Date: Tue Jul 23 10:45:51 2024 -0700 Merge branch 'use network helpers, part 10' Geliang Tang says: ==================== This set is part 10 of series "use network helpers" all BPF selftests wide. Patches 1-3 drop local functions make_client(), make_socket() and inetaddr_len() in sk_lookup.c. Patch 4 drops a useless function __start_server() in network_helpers.c. ==================== Signed-off-by: Martin KaFai Lau Signed-off-by: Andrii Nakryiko commit 71a2fbaf9c91b0d863e11ec03f7168893904fbab Author: Geliang Tang Date: Sat Jul 20 19:40:06 2024 +0800 selftests/bpf: Drop __start_server in network_helpers The helper start_server_addr() is a wrapper of __start_server(), the only difference between them is __start_server() accepts a sockaddr type address parameter, but start_server_addr() accepts a sockaddr_storage one. This patch drops __start_server(), and updates the callers to invoke start_server_addr() instead. Signed-off-by: Geliang Tang Link: https://lore.kernel.org/r/31399df7cb957b7c233e79963b0aa0dc4278d273.1721475357.git.tanggeliang@kylinos.cn Signed-off-by: Martin KaFai Lau Signed-off-by: Andrii Nakryiko commit c3c41e016cca7cc6b6d9cd1322fdf9be845ccd06 Author: Geliang Tang Date: Sat Jul 20 19:40:05 2024 +0800 selftests/bpf: Drop inetaddr_len in sk_lookup No need to use a dedicated helper inetaddr_len() to get the length of the IPv4 or IPv6 address, it can be got by make_sockaddr(), this patch drops it. Signed-off-by: Geliang Tang Link: https://lore.kernel.org/r/32e2a4122921051da38a6e4fbb2ebee5f0af5a4e.1721475357.git.tanggeliang@kylinos.cn Signed-off-by: Martin KaFai Lau Signed-off-by: Andrii Nakryiko commit 01c2f776ed372155f9e80bd787324f26601914de Author: Geliang Tang Date: Sat Jul 20 19:40:04 2024 +0800 selftests/bpf: Drop make_socket in sk_lookup This patch uses the public network helers client_socket() + make_sockaddr() in sk_lookup.c to create the client socket, set the timeout sockopts, and make the connecting address. The local defined function make_socket() can be dropped then. Signed-off-by: Geliang Tang Link: https://lore.kernel.org/r/588771977ac48c27f73526d8421a84b91d7cf218.1721475357.git.tanggeliang@kylinos.cn Signed-off-by: Martin KaFai Lau Signed-off-by: Andrii Nakryiko commit af994e31b75e30941ef32796d0aa8510db00b32a Author: Geliang Tang Date: Sat Jul 20 19:40:03 2024 +0800 selftests/bpf: Drop make_client in sk_lookup This patch uses the new helper connect_to_addr_str() in sk_lookup.c to create the client socket and connect to the server, instead of using local defined function make_client(). This local function can be dropped then. Signed-off-by: Geliang Tang Link: https://lore.kernel.org/r/058199d7ab46802249dae066ca22c98f6be508ee.1721475357.git.tanggeliang@kylinos.cn Signed-off-by: Martin KaFai Lau Signed-off-by: Andrii Nakryiko commit aa8ebb270c66cea1f56a25d0f938036e91ad085a Author: Alexei Starovoitov Date: Mon Jul 22 19:08:15 2024 -0700 selftests/bpf: Workaround strict bpf_lsm return value check. test_progs-no_alu32 -t libbpf_get_fd_by_id_opts is being rejected by the verifier with the following error due to compiler optimization: 6: (67) r0 <<= 62 ; R0_w=scalar(smax=0x4000000000000000,umax=0xc000000000000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xc000000000000000)) 7: (c7) r0 s>>= 63 ; R0_w=scalar(smin=smin32=-1,smax=smax32=0) ; @ test_libbpf_get_fd_by_id_opts.c:0 8: (57) r0 &= -13 ; R0_w=scalar(smax=0x7ffffffffffffff3,umax=0xfffffffffffffff3,smax32=0x7ffffff3,umax32=0xfffffff3,var_off=(0x0; 0xfffffffffffffff3)) ; int BPF_PROG(check_access, struct bpf_map *map, fmode_t fmode) @ test_libbpf_get_fd_by_id_opts.c:27 9: (95) exit At program exit the register R0 has smax=9223372036854775795 should have been in [-4095, 0] Workaround by adding barrier(). Eventually the verifier will be able to recognize it. Fixes: 5d99e198be27 ("bpf, lsm: Add check for BPF LSM return value") Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 19c48f2789b0f90bc9270ddef4fffe9fd26e8dec Author: Artur Weber Date: Mon Jul 29 14:34:20 2024 +0200 ARM: dts: broadcom: bcm21664: Move chosen node into Garnet DTS The serial console settings in the chosen node are device-specific, not SoC-specific. Move the chosen node out of bcm21664.dtsi and into the only DTS that uses it, bcm21664-garnet.dts. Signed-off-by: Artur Weber Link: https://lore.kernel.org/r/20240729-bcm21664-common-v2-1-ebc21a89bf63@gmail.com Signed-off-by: Florian Fainelli commit ed0d78c75ca93c9f1d7f0d08ac5abe0de71fe312 Author: Rafał Miłecki Date: Thu May 16 10:47:37 2024 +0200 ARM: dts: broadcom: convert NVMEM content to layout syntax Use cleaner (and non-deprecated) bindings syntax. See commit bd912c991d2e ("dt-bindings: nvmem: layouts: add fixed-layout") for details. Signed-off-by: Rafał Miłecki Link: https://lore.kernel.org/r/20240516084737.2789-1-zajec5@gmail.com Signed-off-by: Florian Fainelli commit 8859ad50c41e375e287fe7b364b7a0b53f5b9632 Author: Krzysztof Kozlowski Date: Fri May 17 14:51:38 2024 +0200 dt-bindings: soc: bcm: document brcm,bcm2711-avs-monitor Document alreasdy used binding for Syscon / AVS monitor: brcm,bcm2711-avs-monitor to fix dt_binding_check and dtbs_check warnings like: brcm,avs-ro-thermal.example.dtb: /example-0/avs-monitor@7d5d2000: failed to match any schema with compatible: ['brcm,bcm2711-avs-monitor', 'syscon', 'simple-mfd'] Signed-off-by: Krzysztof Kozlowski Reviewed-by: Rob Herring Link: https://lore.kernel.org/r/20240517125138.53441-1-krzysztof.kozlowski@linaro.org Signed-off-by: Florian Fainelli commit faa3381267d01a389b13038504079c85c0bc4392 Author: Andrea della Porta Date: Thu May 30 12:12:01 2024 +0200 arm64: dts: broadcom: Add minimal support for Raspberry Pi 5 The BCM2712 SoC family can be found on Raspberry Pi 5. Add minimal SoC and board (Rpi5 specific) dts file to be able to boot from SD card and use console on debug UART. Signed-off-by: Andrea della Porta Reviewed-by: Stefan Wahren Link: https://lore.kernel.org/r/874589f6c621036620cca944986e5be7238b4784.1717061147.git.andrea.porta@suse.com Signed-off-by: Florian Fainelli commit 63e96ce050e52613eafe5c5dd90a9b81ce6eddb2 Author: Dongliang Mu Date: Fri Jul 19 12:13:33 2024 +0800 scripts: fix all issues reported by pylint This patch 1) fixes all the issues (not most) reported by pylint, 2) add the functionability to tackle documents that need translation, 3) add logging to adjust the logging level and log file Signed-off-by: Dongliang Mu Reviewed-by: Yanteng Si Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240719041400.3909775-2-dzm91@hust.edu.cn commit 565a3041b5273f2ffc75145411791364bcb45056 Author: Jakub Kicinski Date: Tue Jul 23 15:32:58 2024 -0700 MAINTAINERS: add Documentation/dev-tools/ to workflows@ The goal of the workflows@ mailing list was to make it easier for maintainers who don't use lore+lei to subscribe to topics related to process changes. In other words it should cover changes to Documentation files which most maintainers should know about. Recent changes from Kees [1] to provide guidelines on naming KUnit files did not fall under workflows@ since Documentation/dev-tools/ isn't covered. The patch volume for dev-tools isn't huge and most of the changes are interesting. Add it. Link: https://lore.kernel.org/20240720165441.it.320-kees@kernel.org/ # [1] Signed-off-by: Jakub Kicinski Reviewed-by: Kees Cook Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240723223258.2197852-1-kuba@kernel.org commit 0a8e4dc1d353f0931c5f42487f842e94e158a039 Author: Alyssa Ross Date: Thu Jul 25 19:11:21 2024 +0200 Documentation: ioctl: document 0x07 ioctl code It looks like this was supposed to be documented when VSOCK was added[1], but it got lost in later submissions. Link: https://lore.kernel.org/20130109000024.3719.71468.stgit@promb-2n-dhcp175.eng.vmware.com/#Z31Documentation:ioctl:ioctl-number.txt [1] Fixes: d021c344051a ("VSOCK: Introduce VM Sockets") Signed-off-by: Alyssa Ross Reviewed-by: Randy Dunlap Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240725171120.12226-2-hi@alyssa.is commit e6a5af90f0a24f08445e3b8a11b727ac84a9520c Author: Dongliang Mu Date: Fri Jul 26 22:57:23 2024 +0800 docs/zh_CN: add the translation of kbuild/headers_install.rst Finish the translation of kbuild/headers_install.rst and kbuild/index.rst, then add kbuild into zh_CN/index.rst. Update to commit 5b67fbfc32b5 ("Merge tag 'kbuild-v5.7' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild") Signed-off-by: Dongliang Mu Reviewed-by: Alex Shi Reviewed-by: Yanteng Si [jc: added missing EOF newline ] Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240726145754.2598197-1-dzm91@hust.edu.cn commit b745fdeff5398b108bbd1f8df19eba8e4b33fe77 Author: Dave Martin Date: Mon Jul 29 15:01:27 2024 +0100 docs/core-api: memory-allocation: GFP_NOWAIT doesn't need __GFP_NOWARN Since v6.8 the definition of GFP_NOWAIT has implied __GFP_NOWARN, so it is now redundant to add this flag explicitly. Update the docs to match, and emphasise the need for a fallback when using GFP_NOWAIT. Fixes: 16f5dfbc851b ("gfp: include __GFP_NOWARN in GFP_NOWAIT") Signed-off-by: Dave Martin Reviewed-by: Matthew Wilcox (Oracle) Acked-by: Mike Rapoport (Microsoft) Signed-off-by: Jonathan Corbet Link: https://lore.kernel.org/r/20240729140127.244606-1-Dave.Martin@arm.com commit 61a1dcdceb44d79e5ab511295791b88ea178c045 Author: Casey Schaufler Date: Wed Jul 10 14:32:30 2024 -0700 lsm: infrastructure management of the perf_event security blob Move management of the perf_event->security blob out of the individual security modules and into the security infrastructure. Instead of allocating the blobs from within the modules the modules tell the infrastructure how much space is required, and the space is allocated there. There are no longer any modules that require the perf_event_free() hook. The hook definition has been removed. Signed-off-by: Casey Schaufler Reviewed-by: John Johansen [PM: subject tweak] Signed-off-by: Paul Moore commit 66de33a0bbb59ef3909d2c65dbbb7fc503d573bd Author: Casey Schaufler Date: Wed Jul 10 14:32:29 2024 -0700 lsm: infrastructure management of the infiniband blob Move management of the infiniband security blob out of the individual security modules and into the LSM infrastructure. The security modules tell the infrastructure how much space they require at initialization. There are no longer any modules that require the ib_free() hook. The hook definition has been removed. Signed-off-by: Casey Schaufler Reviewed-by: John Johansen [PM: subject tweak, selinux style fixes] Signed-off-by: Paul Moore commit a39c0f77dbbe083f3eec6c3b32d90f168f7575eb Author: Casey Schaufler Date: Wed Jul 10 14:32:28 2024 -0700 lsm: infrastructure management of the dev_tun blob Move management of the dev_tun security blob out of the individual security modules and into the LSM infrastructure. The security modules tell the infrastructure how much space they require at initialization. There are no longer any modules that require the dev_tun_free hook. The hook definition has been removed. Signed-off-by: Casey Schaufler Reviewed-by: John Johansen [PM: subject tweak, selinux style fixes] Signed-off-by: Paul Moore commit 09001284eebfc1b684e81d1db0f006787d35f3e1 Author: Casey Schaufler Date: Wed Jul 10 14:32:27 2024 -0700 lsm: add helper for blob allocations Create a helper function lsm_blob_alloc() for general use in the hook specific functions that allocate LSM blobs. Change the hook specific functions to use this helper. This reduces the code size by a small amount and will make adding new instances of infrastructure managed security blobs easier. Signed-off-by: Casey Schaufler Reviewed-by: John Johansen [PM: subject tweak] Signed-off-by: Paul Moore commit 5f8d28f6d7d568dbbc8c5bce94894474c07afd4f Author: Casey Schaufler Date: Wed Jul 10 14:32:26 2024 -0700 lsm: infrastructure management of the key security blob Move management of the key->security blob out of the individual security modules and into the security infrastructure. Instead of allocating the blobs from within the modules the modules tell the infrastructure how much space is required, and the space is allocated there. There are no existing modules that require a key_free hook, so the call to it and the definition for it have been removed. Signed-off-by: Casey Schaufler Reviewed-by: John Johansen [PM: subject tweak] Signed-off-by: Paul Moore commit 2aff9d20d50ac45dd13a013ef5231f4fb8912356 Author: Casey Schaufler Date: Wed Jul 10 14:32:25 2024 -0700 lsm: infrastructure management of the sock security Move management of the sock->sk_security blob out of the individual security modules and into the security infrastructure. Instead of allocating the blobs from within the modules the modules tell the infrastructure how much space is required, and the space is allocated there. Acked-by: Paul Moore Reviewed-by: Kees Cook Reviewed-by: John Johansen Acked-by: Stephen Smalley Signed-off-by: Casey Schaufler [PM: subject tweak] Signed-off-by: Paul Moore commit e4ac526c440af8aa94d2bdfe6066339dd93b4db2 Author: Sai Teja Pottumuttu Date: Wed Jul 24 17:45:21 2024 +0530 drm/xe/xe2hpg: Introduce performance tuning changes for Xe2_HPG Add performance tuning changes for Xe2_HPG Bspec: 72161 Signed-off-by: Sai Teja Pottumuttu Reviewed-by: Gustavo Sousa Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240724121521.2347524-1-sai.teja.pottumuttu@intel.com commit fc328c869c4128fc1f975b8cfe92e9ec320d477f Author: Gaosheng Cui Date: Fri Jul 12 09:45:34 2024 +0800 selinux: refactor code to return ERR_PTR in selinux_netlbl_sock_genattr Refactor the code in selinux_netlbl_sock_genattr to return ERR_PTR when an error occurs. Signed-off-by: Gaosheng Cui Signed-off-by: Paul Moore commit da2d41308c4206b966d77dcb77fb838d94244352 Author: Canfeng Guo Date: Wed Jul 3 10:56:05 2024 +0800 selinux: Streamline type determination in security_compute_sid Simplifies the logic for determining the security context type in security_compute_sid, enhancing readability and efficiency. Consolidates default type assignment logic next to type transition checks, removing redundancy and improving code flow. Signed-off-by: Canfeng Guo Signed-off-by: Paul Moore commit 02d9fe1c4d987c4b3d272b5217da53280ffa71f5 Merge: e2854bc37344f4 04d8243b1f8325 Author: Alexei Starovoitov Date: Mon Jul 22 17:33:28 2024 -0700 Merge branch 'add-bpf-lsm-return-value-range-check-bpf-part' Xu Kuohai says: ==================== Add BPF LSM return value range check, BPF part From: Xu Kuohai LSM BPF prog may make kernel panic when returning an unexpected value, such as returning positive value on hook file_alloc_security. To fix it, series [1] refactored LSM hook return values and added BPF return value check on top of that. Since the refactoring of LSM hooks and checking BPF prog return value patches is not closely related, this series separates BPF-related patches from [1]. v2: - Update Shung-Hsi's patch with [3] v1: https://lore.kernel.org/bpf/20240719081749.769748-1-xukuohai@huaweicloud.com/ Changes to [1]: 1. Extend LSM disabled list to include hooks refactored in [1] to avoid dependency on the hooks return value refactoring patches. 2. Replace the special case patch for bitwise AND on [-1, 0] with Shung-Hsi's general bitwise AND improvement patch [2]. 3. Remove unused patches. [1] https://lore.kernel.org/bpf/20240711111908.3817636-1-xukuohai@huaweicloud.com https://lore.kernel.org/bpf/20240711113828.3818398-1-xukuohai@huaweicloud.com [2] https://lore.kernel.org/bpf/ykuhustu7vt2ilwhl32kj655xfdgdlm2xkl5rff6tw2ycksovp@ss2n4gpjysnw [3] https://lore.kernel.org/bpf/20240719081702.137173-1-shung-hsi.yu@suse.com/ Shung-Hsi Yu (1): bpf, verifier: improve signed ranges inference for BPF_AND ==================== Link: https://lore.kernel.org/r/20240719110059.797546-1-xukuohai@huaweicloud.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 04d8243b1f83251bd599fdd3ea91e89039b6a557 Author: Xu Kuohai Date: Fri Jul 19 19:00:59 2024 +0800 selftests/bpf: Add verifier tests for bpf lsm Add verifier tests to check bpf lsm return values and disabled hooks. Signed-off-by: Xu Kuohai Link: https://lore.kernel.org/r/20240719110059.797546-10-xukuohai@huaweicloud.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit d463dd9c9aa24b17ccb8ed76bdd7768baf857b48 Author: Xu Kuohai Date: Fri Jul 19 19:00:58 2024 +0800 selftests/bpf: Add test for lsm tail call Add test for lsm tail call to ensure tail call can only be used between bpf lsm progs attached to the same hook. Signed-off-by: Xu Kuohai Link: https://lore.kernel.org/r/20240719110059.797546-9-xukuohai@huaweicloud.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 2b23b6c0f03c94dbacff2abdfd45490eca9d7f6e Author: Xu Kuohai Date: Fri Jul 19 19:00:57 2024 +0800 selftests/bpf: Add return value checks for failed tests The return ranges of some bpf lsm test progs can not be deduced by the verifier accurately. To avoid erroneous rejections, add explicit return value checks for these progs. Signed-off-by: Xu Kuohai Link: https://lore.kernel.org/r/20240719110059.797546-8-xukuohai@huaweicloud.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 4dc7556490d77d5046844e7731d5d0a3055a3448 Author: Xu Kuohai Date: Fri Jul 19 19:00:56 2024 +0800 selftests/bpf: Avoid load failure for token_lsm.c The compiler optimized the two bpf progs in token_lsm.c to make return value from the bool variable in the "return -1" path, causing an unexpected rejection: 0: R1=ctx() R10=fp0 ; int BPF_PROG(bpf_token_capable, struct bpf_token *token, int cap) @ bpf_lsm.c:17 0: (b7) r6 = 0 ; R6_w=0 ; if (my_pid == 0 || my_pid != (bpf_get_current_pid_tgid() >> 32)) @ bpf_lsm.c:19 1: (18) r1 = 0xffffc9000102a000 ; R1_w=map_value(map=bpf_lsm.bss,ks=4,vs=5) 3: (61) r7 = *(u32 *)(r1 +0) ; R1_w=map_value(map=bpf_lsm.bss,ks=4,vs=5) R7_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) 4: (15) if r7 == 0x0 goto pc+11 ; R7_w=scalar(smin=umin=umin32=1,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) 5: (67) r7 <<= 32 ; R7_w=scalar(smax=0x7fffffff00000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000)) 6: (c7) r7 s>>= 32 ; R7_w=scalar(smin=0xffffffff80000000,smax=0x7fffffff) 7: (85) call bpf_get_current_pid_tgid#14 ; R0=scalar() 8: (77) r0 >>= 32 ; R0_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) 9: (5d) if r0 != r7 goto pc+6 ; R0_w=scalar(smin=smin32=0,smax=umax=umax32=0x7fffffff,var_off=(0x0; 0x7fffffff)) R7=scalar(smin=smin32=0,smax=umax=umax32=0x7fffffff,var_off=(0x0; 0x7fffffff)) ; if (reject_capable) @ bpf_lsm.c:21 10: (18) r1 = 0xffffc9000102a004 ; R1_w=map_value(map=bpf_lsm.bss,ks=4,vs=5,off=4) 12: (71) r6 = *(u8 *)(r1 +0) ; R1_w=map_value(map=bpf_lsm.bss,ks=4,vs=5,off=4) R6_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff)) ; @ bpf_lsm.c:0 13: (87) r6 = -r6 ; R6_w=scalar() 14: (67) r6 <<= 56 ; R6_w=scalar(smax=0x7f00000000000000,umax=0xff00000000000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xff00000000000000)) 15: (c7) r6 s>>= 56 ; R6_w=scalar(smin=smin32=-128,smax=smax32=127) ; int BPF_PROG(bpf_token_capable, struct bpf_token *token, int cap) @ bpf_lsm.c:17 16: (bf) r0 = r6 ; R0_w=scalar(id=1,smin=smin32=-128,smax=smax32=127) R6_w=scalar(id=1,smin=smin32=-128,smax=smax32=127) 17: (95) exit At program exit the register R0 has smin=-128 smax=127 should have been in [-4095, 0] To avoid this failure, change the variable type from bool to int. Signed-off-by: Xu Kuohai Link: https://lore.kernel.org/r/20240719110059.797546-7-xukuohai@huaweicloud.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 763aa759d3b2c4f95b11855e3d37b860860107e2 Author: Xu Kuohai Date: Fri Jul 19 19:00:54 2024 +0800 bpf: Fix compare error in function retval_range_within After checking lsm hook return range in verifier, the test case "test_progs -t test_lsm" failed, and the failure log says: libbpf: prog 'test_int_hook': BPF program load failed: Invalid argument libbpf: prog 'test_int_hook': -- BEGIN PROG LOAD LOG -- 0: R1=ctx() R10=fp0 ; int BPF_PROG(test_int_hook, struct vm_area_struct *vma, @ lsm.c:89 0: (79) r0 = *(u64 *)(r1 +24) ; R0_w=scalar(smin=smin32=-4095,smax=smax32=0) R1=ctx() [...] 24: (b4) w0 = -1 ; R0_w=0xffffffff ; int BPF_PROG(test_int_hook, struct vm_area_struct *vma, @ lsm.c:89 25: (95) exit At program exit the register R0 has smin=4294967295 smax=4294967295 should have been in [-4095, 0] It can be seen that instruction "w0 = -1" zero extended -1 to 64-bit register r0, setting both smin and smax values of r0 to 4294967295. This resulted in a false reject when r0 was checked with range [-4095, 0]. Given bpf lsm does not return 64-bit values, this patch fixes it by changing the compare between r0 and return range from 64-bit operation to 32-bit operation for bpf lsm. Fixes: 8fa4ecd49b81 ("bpf: enforce exact retval range on subprog/callback exit") Signed-off-by: Xu Kuohai Acked-by: Shung-Hsi Yu Link: https://lore.kernel.org/r/20240719110059.797546-5-xukuohai@huaweicloud.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 28ead3eaabc16ecc907cfb71876da028080f6356 Author: Xu Kuohai Date: Fri Jul 19 19:00:53 2024 +0800 bpf: Prevent tail call between progs attached to different hooks bpf progs can be attached to kernel functions, and the attached functions can take different parameters or return different return values. If prog attached to one kernel function tail calls prog attached to another kernel function, the ctx access or return value verification could be bypassed. For example, if prog1 is attached to func1 which takes only 1 parameter and prog2 is attached to func2 which takes two parameters. Since verifier assumes the bpf ctx passed to prog2 is constructed based on func2's prototype, verifier allows prog2 to access the second parameter from the bpf ctx passed to it. The problem is that verifier does not prevent prog1 from passing its bpf ctx to prog2 via tail call. In this case, the bpf ctx passed to prog2 is constructed from func1 instead of func2, that is, the assumption for ctx access verification is bypassed. Another example, if BPF LSM prog1 is attached to hook file_alloc_security, and BPF LSM prog2 is attached to hook bpf_lsm_audit_rule_known. Verifier knows the return value rules for these two hooks, e.g. it is legal for bpf_lsm_audit_rule_known to return positive number 1, and it is illegal for file_alloc_security to return positive number. So verifier allows prog2 to return positive number 1, but does not allow prog1 to return positive number. The problem is that verifier does not prevent prog1 from calling prog2 via tail call. In this case, prog2's return value 1 will be used as the return value for prog1's hook file_alloc_security. That is, the return value rule is bypassed. This patch adds restriction for tail call to prevent such bypasses. Signed-off-by: Xu Kuohai Link: https://lore.kernel.org/r/20240719110059.797546-4-xukuohai@huaweicloud.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 5d99e198be279045e6ecefe220f5c52f8ce9bfd5 Author: Xu Kuohai Date: Fri Jul 19 19:00:52 2024 +0800 bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to file_alloc_security hook makes kernel panic. This happens because file system can not filter out the positive number returned by the LSM prog using IS_ERR, and misinterprets this positive number as a file pointer. Given that hook file_alloc_security never returned positive number before the introduction of BPF LSM, and other BPF LSM hooks may encounter similar issues, this patch adds LSM return value check in verifier, to ensure no unexpected value is returned. Fixes: 520b7aa00d8c ("bpf: lsm: Initialize the BPF LSM hooks") Reported-by: Xin Liu Signed-off-by: Xu Kuohai Acked-by: Eduard Zingerman Link: https://lore.kernel.org/r/20240719110059.797546-3-xukuohai@huaweicloud.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 21c7063f6d08ab9afa088584939791bee0c177e5 Author: Xu Kuohai Date: Fri Jul 19 19:00:51 2024 +0800 bpf, lsm: Add disabled BPF LSM hook list Add a disabled hooks list for BPF LSM. progs being attached to the listed hooks will be rejected by the verifier. Suggested-by: KP Singh Signed-off-by: Xu Kuohai Link: https://lore.kernel.org/r/20240719110059.797546-2-xukuohai@huaweicloud.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit e2854bc37344f40a47c6e04a222e65d2669e64dd Merge: 0d7c06125cea53 4009c95fede6b7 Author: Alexei Starovoitov Date: Mon Jul 22 12:21:22 2024 -0700 Merge branch 'bpf-retire-the-unsupported_ops-usage-in-struct_ops' Martin KaFai Lau says: ==================== bpf: Retire the unsupported_ops usage in struct_ops From: Martin KaFai Lau This series retires the unsupported_ops usage and depends on the null-ness check on the cfi_stubs instead. Please see individual patches for details. v2: - Fixed a gcc compiler warning on Patch 1. ==================== Link: https://lore.kernel.org/r/20240722183049.2254692-1-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 4009c95fede6b783802ad01f264a7a0541f5ea60 Author: Martin KaFai Lau Date: Mon Jul 22 11:30:47 2024 -0700 selftests/bpf: Ensure the unsupported struct_ops prog cannot be loaded There is an existing "bpf_tcp_ca/unsupp_cong_op" test to ensure the unsupported tcp-cc "get_info" struct_ops prog cannot be loaded. This patch adds a new test in the bpf_testmod such that the unsupported ops test does not depend on other kernel subsystem where its supporting ops may be changed in the future. Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240722183049.2254692-4-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit e44b4fc40cb429f6dedc4518a16221115035f654 Author: Martin KaFai Lau Date: Mon Jul 22 11:30:46 2024 -0700 selftests/bpf: Fix the missing tramp_1 to tramp_40 ops in cfi_stubs The tramp_1 to tramp_40 ops is not set in the cfi_stubs in the bpf_testmod_ops. It fails the struct_ops_multi_pages test after retiring the unsupported_ops in the earlier patch. This patch initializes them in a loop during the bpf_testmod_init(). Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240722183049.2254692-3-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 7f8af7bac5380f2d95a63a6f19964e22437166e1 Author: Thomas Gleixner Date: Mon Jun 10 18:42:34 2024 +0200 signal: Replace BUG_ON()s These really can be handled gracefully without killing the machine. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Reviewed-by: Oleg Nesterov Acked-by: Peter Zijlstra (Intel) commit a2b80ce87a87fc18c594e74d13031d5e347b69cb Author: Thomas Gleixner Date: Mon Jun 10 18:42:33 2024 +0200 signal: Remove task argument from dequeue_signal() The task pointer which is handed to dequeue_signal() is always current. The argument along with the first comment about signalfd in that function is confusing at best. Remove it and use current internally. Update the stale comment for dequeue_signal() while at it. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Reviewed-by: Oleg Nesterov Acked-by: Peter Zijlstra (Intel) commit 566e2d82536cf77b5ed7c03f887e7c36bf86feaa Author: Thomas Gleixner Date: Mon Jun 10 18:42:32 2024 +0200 posix-timers: Consolidate signal queueing Rename posix_timer_event() to posix_timer_queue_signal() as this is what the function is about. Consolidate the requeue pending and deactivation updates into that function as there is no point in doing this in all incarnations of posix timers. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Acked-by: Peter Zijlstra (Intel) commit 24aea4cc483240ead3fdf581045a636dc7ea1352 Author: Thomas Gleixner Date: Mon Jun 10 18:42:31 2024 +0200 posix-cpu-timers: Make k_itimer::it_active consistent Posix CPU timers are not updating k_itimer::it_active which makes it impossible to base decisions in the common posix timer code on it. Update it when queueing or dequeueing posix CPU timers. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Reviewed-by: Anna-Maria Behnsen Acked-by: Peter Zijlstra (Intel) commit 20f13385b5836d00d64698748565fc6d3ce9b419 Author: Thomas Gleixner Date: Mon Jun 10 18:42:30 2024 +0200 posix-timers: Consolidate timer setup hrtimer based and CPU timers have their own way to install the new interval and to reset overrun and signal handling related data. Create a helper function and do the same operation for all variants. This also makes the handling of the interval consistent. It's only stored when the timer is actually armed, i.e. timer->it_value != 0. Before that it was stored unconditionally for posix CPU timers and conditionally for the other posix timers. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Acked-by: Peter Zijlstra (Intel) commit 52dea0a15cc888e89f0144dca7b712fb56d12a28 Author: Thomas Gleixner Date: Mon Jun 10 18:42:28 2024 +0200 posix-timers: Convert timer list to hlist No requirement for a real list. Spare a few bytes. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Acked-by: Peter Zijlstra (Intel) commit aca1dc0ce128a9b12640c39c0e035266bf9c9fa5 Author: Thomas Gleixner Date: Mon Jun 10 18:42:27 2024 +0200 posix-timers: Clear overrun in common_timer_set() Keeping the overrun count of the previous setup around is just wrong. The new setting has nothing to do with the previous one and has to start from a clean slate. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Acked-by: Peter Zijlstra (Intel) commit bfa408f03fc74bcfe8f275a434294bde06eabb00 Author: Thomas Gleixner Date: Mon Jun 10 18:42:26 2024 +0200 posix-timers: Retrieve interval in common timer_settime() code No point in doing this all over the place. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Reviewed-by: Anna-Maria Behnsen Acked-by: Peter Zijlstra (Intel) commit c20b99e3243f9e72b6fa0e260766adcba115f25b Author: Thomas Gleixner Date: Mon Jun 10 18:42:25 2024 +0200 posix-cpu-timers: Simplify posix_cpu_timer_set() Avoid the late sighand lock/unlock dance when a timer is not armed to enforce reevaluation of the timer base so that the process wide CPU timer sampling can be disabled. Do it right at the point where the arming decision is made which already has sighand locked. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Reviewed-by: Anna-Maria Behnsen Acked-by: Peter Zijlstra (Intel) commit 286bfaccea76e0bd3805ac6e77c8ec4a18ecb3fe Author: Thomas Gleixner Date: Mon Jun 10 18:42:23 2024 +0200 posix-cpu-timers: Remove incorrect comment in posix_cpu_timer_set() A leftover from historical code which describes fiction. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Acked-by: Peter Zijlstra (Intel) commit c44462661e4c5967c5df451393af727d1886c8ea Author: Thomas Gleixner Date: Mon Jun 10 18:42:22 2024 +0200 posix-cpu-timers: Use @now instead of @val for clarity posix_cpu_timer_set() uses @val as variable for the current time. That's confusing at best. Use @now as anywhere else and rewrite the confusing comment about clock sampling. No functional change. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Acked-by: Peter Zijlstra (Intel) commit bd29d773ea8d2c7fc36dc3f70d4c9d1cf404aa4b Author: Thomas Gleixner Date: Mon Jun 10 18:42:21 2024 +0200 posix-cpu-timers: Do not arm SIGEV_NONE timers There is no point in arming SIGEV_NONE timers as they never deliver a signal. timer_gettime() is handling the expiry time correctly and that's all SIGEV_NONE timers care about. Prevent arming them and remove the expiry handler code which just disarms them. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Reviewed-by: Anna-Maria Behnsen Acked-by: Peter Zijlstra (Intel) commit d471ff397c3571cfa648a20e7018aa04f8873cb3 Author: Thomas Gleixner Date: Sun Jun 23 13:17:08 2024 +0200 posix-cpu-timers: Replace old expiry retrieval in posix_cpu_timer_set() Reuse the split out __posix_cpu_timer_get() function which does already the right thing. No functional change. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Reviewed-by: Anna-Maria Behnsen Acked-by: Peter Zijlstra (Intel) commit 5f9d4a1065949a64c107f93a89dc2b62f806c833 Author: Thomas Gleixner Date: Sun Jun 23 13:16:02 2024 +0200 posix-cpu-timers: Handle SIGEV_NONE timers correctly in timer_set() Expired SIGEV_NONE oneshot timers must return 0 nsec for the expiry time in timer_get(), but the posix CPU timer implementation returns 1 nsec. Add the missing conditional. This will be cleaned up in a follow up patch. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Acked-by: Peter Zijlstra (Intel) commit d786b8ba9f01b361817033d06766b2dadf619c60 Author: Thomas Gleixner Date: Mon Jun 10 18:42:17 2024 +0200 posix-cpu-timers: Handle SIGEV_NONE timers correctly in timer_get() Expired SIGEV_NONE oneshot timers must return 0 nsec for the expiry time in timer_get(), but the posix CPU timer implementation returns 1 nsec. Add the missing conditional. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Acked-by: Peter Zijlstra (Intel) commit 1c5028425793ea98fcb403852331664662d97226 Author: Thomas Gleixner Date: Mon Jun 10 18:42:16 2024 +0200 posix-cpu-timers: Handle interval timers correctly in timer_get() timer_gettime() must return the remaining time to the next expiry of a timer or 0 if the timer is not armed and no signal pending, but posix CPU timers fail to forward a timer which is already expired. Add the required logic to address that. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Acked-by: Peter Zijlstra (Intel) commit b3e866b2dffbc36b31be7811ebded91ce82ecd10 Author: Thomas Gleixner Date: Mon Jun 10 18:42:15 2024 +0200 posix-cpu-timers: Save interval only for armed timers There is no point to return the interval for timers which have been disarmed. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Acked-by: Peter Zijlstra (Intel) commit d859704bf18519739c231403d53461e008eea4bf Author: Thomas Gleixner Date: Mon Jun 10 18:42:14 2024 +0200 posix-cpu-timers: Split up posix_cpu_timer_get() In preparation for addressing issues in the timer_get() and timer_set() functions of posix CPU timers. No functional change. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Reviewed-by: Anna-Maria Behnsen Acked-by: Peter Zijlstra (Intel) commit 73339b82f86521eeadbb781d8d7e04813cbd0998 Author: Thomas Gleixner Date: Mon Jun 10 18:42:12 2024 +0200 selftests/timers/posix-timers: Validate overrun after unblock When a timer signal is blocked and later unblocked then one signal should be delivered with the correct number of overruns since the timer was queued. Validate that behaviour. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker commit f924f868ed05d954d79db419e97ba11293110d52 Author: Thomas Gleixner Date: Mon Jun 10 18:42:11 2024 +0200 selftests/timers/posix-timers: Validate timer_gettime() timer_gettime() must return the correct expiry time for interval timers even when the timer is not armed, which is the case when a signal is pending but blocked. Works correctly for regular posix timers, but not for posix CPU timers. Add a selftest to validate the fixes. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker commit 2c2b56132bb74b6b801dcb82f57489ae1cf81a91 Author: Thomas Gleixner Date: Mon Jun 10 18:42:10 2024 +0200 selftests/timers/posix-timers: Validate SIGEV_NONE Posix timers with a delivery mode of SIGEV_NONE deliver no signals but the remaining expiry time must be readable via timer_gettime() for both one shot and interval timers. That's implemented correctly for regular posix timers but broken for posix CPU timers. Add a self test so the fixes can be verified. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker commit e65bb03e442751ccf1631382516dcca5b3a20122 Author: Thomas Gleixner Date: Mon Jun 10 18:42:09 2024 +0200 selftests/timers/posix_timers: Validate signal rules Add a test case to validate correct behaviour vs. timer reprogramming and deletion. The handling of queued signals in case of timer reprogramming or deletion is inconsistent at best. POSIX does not really specify the behaviour for that: - "The effect of disarming or resetting a timer with pending expiration notifications is unspecified." - "The disposition of pending signals for the deleted timer is unspecified." In both cases it is reasonable to expect that pending signals are discarded. Especially in the reprogramming case it does not make sense to account for previous overruns or to deliver a signal for a timer which has been disarmed. Add tests to validate that no unexpected signals are delivered. They fail for now until the signal and posix timer code is updated. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker commit 45c4225c3dcc7db2c0cdbf889cc7a9c72a53f742 Author: Thomas Gleixner Date: Mon Jun 10 18:42:07 2024 +0200 selftests/timers/posix_timers: Add SIG_IGN test Add a test case to validate correct behaviour vs. SIG_IGN. The posix specification states: "Setting a signal action to SIG_IGN for a signal that is pending shall cause the pending signal to be discarded, whether or not it is blocked." The kernel implements this in the signal handling code, but due to the way how posix timers are handling SIG_IGN for periodic timers, the behaviour after installing a real handler again is inconsistent and suprising. The following sequence is expected to deliver a signal: install_handler(SIG); block_signal(SIG); timer_create(...); <- Should send SIG timer_settime(value=100ms, interval=100ms); sleep(1); <- Timer expires and queues signal, timer is not rearmed as that should happen in the signal delivery path ignore_signal(SIG); <- Discards queued signal install_handler(SIG); <- Restore handler, should rearm but does not sleep(1); unblock_signal(SIG); <- Should deliver one signal with overrun count set in siginfo This fails because nothing rearms the timer when the signal handler is restored. Add a test for this case which fails until the signal and posix timer code is fixed. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker commit 0af02a8e356fc6d3b1eebb32fae7d35625127835 Author: Thomas Gleixner Date: Mon Jun 10 18:42:06 2024 +0200 selftests/timers/posix_timers: Simplify error handling No point in returning to main() on fatal errors. Just exit right away. Signed-off-by: Thomas Gleixner Signed-off-by: Frederic Weisbecker Reviewed-by: Anna-Maria Behnsen commit e42ac14180554fa23a3312d4f921dc4ea7972fb7 Author: Martin KaFai Lau Date: Mon Jul 22 11:30:45 2024 -0700 bpf: Check unsupported ops from the bpf_struct_ops's cfi_stubs The bpf_tcp_ca struct_ops currently uses a "u32 unsupported_ops[]" array to track which ops is not supported. After cfi_stubs had been added, the function pointer in cfi_stubs is also NULL for the unsupported ops. Thus, the "u32 unsupported_ops[]" becomes redundant. This observation was originally brought up in the bpf/cfi discussion: https://lore.kernel.org/bpf/CAADnVQJoEkdjyCEJRPASjBw1QGsKYrF33QdMGc1RZa9b88bAEA@mail.gmail.com/ The recent bpf qdisc patch (https://lore.kernel.org/bpf/20240714175130.4051012-6-amery.hung@bytedance.com/) also needs to specify quite many unsupported ops. It is a good time to clean it up. This patch removes the need of "u32 unsupported_ops[]" and tests for null-ness in the cfi_stubs instead. Testing the cfi_stubs is done in a new function bpf_struct_ops_supported(). The verifier will call bpf_struct_ops_supported() when loading the struct_ops program. The ".check_member" is removed from the bpf_tcp_ca in this patch. ".check_member" could still be useful for other subsytems to enforce other restrictions (e.g. sched_ext checks for prog->sleepable). To keep the same error return, ENOTSUPP is used. Cc: Amery Hung Signed-off-by: Martin KaFai Lau Link: https://lore.kernel.org/r/20240722183049.2254692-2-martin.lau@linux.dev Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 0d7c06125cea53b3d86d685d790b03b9ae9d6336 Author: Tao Chen Date: Sun Jul 21 22:42:52 2024 +0800 bpftool: Add document for net attach/detach on tcx subcommand This commit adds sample output for net attach/detach on tcx subcommand. Signed-off-by: Tao Chen Signed-off-by: Daniel Borkmann Acked-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20240721144252.96264-1-chen.dylane@gmail.com Signed-off-by: Andrii Nakryiko commit 4f88dde0e1525ee69d29ba235c3965685439d0e3 Author: Tao Chen Date: Sun Jul 21 22:42:38 2024 +0800 bpftool: Add bash-completion for tcx subcommand This commit adds bash-completion for attaching tcx program on interface. Signed-off-by: Tao Chen Signed-off-by: Daniel Borkmann Acked-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20240721144238.96246-1-chen.dylane@gmail.com Signed-off-by: Andrii Nakryiko commit 3b9d4fee8ad32599ba20ab36da7694feef022b48 Author: Tao Chen Date: Sun Jul 21 22:42:21 2024 +0800 bpftool: Add net attach/detach command to tcx prog Now, attach/detach tcx prog supported in libbpf, so we can add new command 'bpftool attach/detach tcx' to attach tcx prog with bpftool for user. # bpftool prog load tc_prog.bpf.o /sys/fs/bpf/tc_prog # bpftool prog show ... 192: sched_cls name tc_prog tag 187aeb611ad00cfc gpl loaded_at 2024-07-11T15:58:16+0800 uid 0 xlated 152B jited 97B memlock 4096B map_ids 100,99,97 btf_id 260 # bpftool net attach tcx_ingress name tc_prog dev lo # bpftool net ... tc: lo(1) tcx/ingress tc_prog prog_id 29 # bpftool net detach tcx_ingress dev lo # bpftool net ... tc: # bpftool net attach tcx_ingress name tc_prog dev lo # bpftool net tc: lo(1) tcx/ingress tc_prog prog_id 29 Test environment: ubuntu_22_04, 6.7.0-060700-generic Signed-off-by: Tao Chen Signed-off-by: Daniel Borkmann Acked-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20240721144221.96228-1-chen.dylane@gmail.com Signed-off-by: Andrii Nakryiko commit b7264f87f76c59698c7fd019a8797378fa17e7e3 Author: Tao Chen Date: Sun Jul 21 22:33:50 2024 +0800 bpftool: Refactor xdp attach/detach type judgment This commit no logical changed, just increases code readability and facilitates TCX prog expansion, which will be implemented in the next patch. Signed-off-by: Tao Chen Signed-off-by: Daniel Borkmann Acked-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20240721143353.95980-2-chen.dylane@gmail.com Signed-off-by: Andrii Nakryiko commit 81a0b95432c4fe605955939d8c36ad233c61293d Merge: bde0c5a7375699 b83b936f3e9a3c Author: Alexei Starovoitov Date: Fri Jul 19 19:47:02 2024 -0700 Merge branch 'bpf-fix-tailcall-hierarchy' Leon Hwang says: ==================== bpf: Fix tailcall hierarchy This patchset fixes a tailcall hierarchy issue. The issue is confirmed in the discussions of "bpf, x64: Fix tailcall infinite loop" [0]. The issue has been resolved on both x86_64 and arm64 [1]. I provide a long commit message in the "bpf, x64: Fix tailcall hierarchy" patch to describe how the issue happens and how this patchset resolves the issue in details. How does this patchset resolve the issue? In short, it stores tail_call_cnt on the stack of main prog, and propagates tail_call_cnt_ptr to its subprogs. First, at the prologue of main prog, it initializes tail_call_cnt and prepares tail_call_cnt_ptr. And at the prologue of subprog, it reuses the tail_call_cnt_ptr from caller. Then, when a tailcall happens, it increments tail_call_cnt by its pointer. v5 -> v6: * Address comments from Eduard: * Add JITed dumping along annotating comments * Rewrite two selftests with RUN_TESTS macro. v4 -> v5: * Solution changes from tailcall run ctx to tail_call_cnt and its pointer. It's because v4 solution is unable to handle the case that there is no tailcall in subprog but there is tailcall in EXT prog which attaches to the subprog. v3 -> v4: * Solution changes from per-task tail_call_cnt to tailcall run ctx. As for per-cpu/per-task solution, there is a case it is unable to handle [2]. v2 -> v3: * Solution changes from percpu tail_call_cnt to tail_call_cnt at task_struct. v1 -> v2: * Solution changes from extra run-time call insn to percpu tail_call_cnt. * Address comments from Alexei: * Use percpu tail_call_cnt. * Use asm to make sure no callee saved registers are touched. RFC v2 -> v1: * Solution changes from propagating tail_call_cnt with its pointer to extra run-time call insn. * Address comments from Maciej: * Replace all memcpy(prog, x86_nops[5], X86_PATCH_SIZE) with emit_nops(&prog, X86_PATCH_SIZE) RFC v1 -> RFC v2: * Address comments from Stanislav: * Separate moving emit_nops() as first patch. Links: [0] https://lore.kernel.org/bpf/6203dd01-789d-f02c-5293-def4c1b18aef@gmail.com/ [1] https://github.com/kernel-patches/bpf/pull/7350/checks [2] https://lore.kernel.org/bpf/CAADnVQK1qF+uBjwom2s2W-yEmgd_3rGi5Nr+KiV3cW0T+UPPfA@mail.gmail.com/ ==================== Link: https://lore.kernel.org/r/20240714123902.32305-1-hffilwlqm@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit b83b936f3e9a3c63896852198a1814e90e68eef5 Author: Leon Hwang Date: Sun Jul 14 20:39:02 2024 +0800 selftests/bpf: Add testcases for tailcall hierarchy fixing Add some test cases to confirm the tailcall hierarchy issue has been fixed. On x64, the selftests result is: cd tools/testing/selftests/bpf && ./test_progs -t tailcalls 327/18 tailcalls/tailcall_bpf2bpf_hierarchy_1:OK 327/19 tailcalls/tailcall_bpf2bpf_hierarchy_fentry:OK 327/20 tailcalls/tailcall_bpf2bpf_hierarchy_fexit:OK 327/21 tailcalls/tailcall_bpf2bpf_hierarchy_fentry_fexit:OK 327/22 tailcalls/tailcall_bpf2bpf_hierarchy_fentry_entry:OK 327/23 tailcalls/tailcall_bpf2bpf_hierarchy_2:OK 327/24 tailcalls/tailcall_bpf2bpf_hierarchy_3:OK 327 tailcalls:OK Summary: 1/24 PASSED, 0 SKIPPED, 0 FAILED On arm64, the selftests result is: cd tools/testing/selftests/bpf && ./test_progs -t tailcalls 327/18 tailcalls/tailcall_bpf2bpf_hierarchy_1:OK 327/19 tailcalls/tailcall_bpf2bpf_hierarchy_fentry:OK 327/20 tailcalls/tailcall_bpf2bpf_hierarchy_fexit:OK 327/21 tailcalls/tailcall_bpf2bpf_hierarchy_fentry_fexit:OK 327/22 tailcalls/tailcall_bpf2bpf_hierarchy_fentry_entry:OK 327/23 tailcalls/tailcall_bpf2bpf_hierarchy_2:OK 327/24 tailcalls/tailcall_bpf2bpf_hierarchy_3:OK 327 tailcalls:OK Summary: 1/24 PASSED, 0 SKIPPED, 0 FAILED Acked-by: Eduard Zingerman Signed-off-by: Leon Hwang Link: https://lore.kernel.org/r/20240714123902.32305-4-hffilwlqm@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 66ff4d61dc124eafe9efaeaef696a09b7f236da2 Author: Leon Hwang Date: Sun Jul 14 20:39:01 2024 +0800 bpf, arm64: Fix tailcall hierarchy This patch fixes a tailcall issue caused by abusing the tailcall in bpf2bpf feature on arm64 like the way of "bpf, x64: Fix tailcall hierarchy". On arm64, when a tail call happens, it uses tail_call_cnt_ptr to increment tail_call_cnt, too. At the prologue of main prog, it has to initialize tail_call_cnt and prepare tail_call_cnt_ptr. At the prologue of subprog, it pushes x26 register twice, and does not initialize tail_call_cnt. At the epilogue, it pops x26 twice, no matter whether it is main prog or subprog. Fixes: d4609a5d8c70 ("bpf, arm64: Keep tail call count across bpf2bpf calls") Acked-by: Puranjay Mohan Signed-off-by: Leon Hwang Link: https://lore.kernel.org/r/20240714123902.32305-3-hffilwlqm@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit 116e04ba1459fc08f80cf27b8c9f9f188be0fcb2 Author: Leon Hwang Date: Sun Jul 14 20:39:00 2024 +0800 bpf, x64: Fix tailcall hierarchy This patch fixes a tailcall issue caused by abusing the tailcall in bpf2bpf feature. As we know, tail_call_cnt propagates by rax from caller to callee when to call subprog in tailcall context. But, like the following example, MAX_TAIL_CALL_CNT won't work because of missing tail_call_cnt back-propagation from callee to caller. \#include \#include \#include "bpf_legacy.h" struct { __uint(type, BPF_MAP_TYPE_PROG_ARRAY); __uint(max_entries, 1); __uint(key_size, sizeof(__u32)); __uint(value_size, sizeof(__u32)); } jmp_table SEC(".maps"); int count = 0; static __noinline int subprog_tail1(struct __sk_buff *skb) { bpf_tail_call_static(skb, &jmp_table, 0); return 0; } static __noinline int subprog_tail2(struct __sk_buff *skb) { bpf_tail_call_static(skb, &jmp_table, 0); return 0; } SEC("tc") int entry(struct __sk_buff *skb) { volatile int ret = 1; count++; subprog_tail1(skb); subprog_tail2(skb); return ret; } char __license[] SEC("license") = "GPL"; At run time, the tail_call_cnt in entry() will be propagated to subprog_tail1() and subprog_tail2(). But, when the tail_call_cnt in subprog_tail1() updates when bpf_tail_call_static(), the tail_call_cnt in entry() won't be updated at the same time. As a result, in entry(), when tail_call_cnt in entry() is less than MAX_TAIL_CALL_CNT and subprog_tail1() returns because of MAX_TAIL_CALL_CNT limit, bpf_tail_call_static() in suprog_tail2() is able to run because the tail_call_cnt in subprog_tail2() propagated from entry() is less than MAX_TAIL_CALL_CNT. So, how many tailcalls are there for this case if no error happens? From top-down view, does it look like hierarchy layer and layer? With this view, there will be 2+4+8+...+2^33 = 2^34 - 2 = 17,179,869,182 tailcalls for this case. How about there are N subprog_tail() in entry()? There will be almost N^34 tailcalls. Then, in this patch, it resolves this case on x86_64. In stead of propagating tail_call_cnt from caller to callee, it propagates its pointer, tail_call_cnt_ptr, tcc_ptr for short. However, where does it store tail_call_cnt? It stores tail_call_cnt on the stack of main prog. When tail call happens in subprog, it increments tail_call_cnt by tcc_ptr. Meanwhile, it stores tail_call_cnt_ptr on the stack of main prog, too. And, before jump to tail callee, it has to pop tail_call_cnt and tail_call_cnt_ptr. Then, at the prologue of subprog, it must not make rax as tail_call_cnt_ptr again. It has to reuse tail_call_cnt_ptr from caller. As a result, at run time, it has to recognize rax is tail_call_cnt or tail_call_cnt_ptr at prologue by: 1. rax is tail_call_cnt if rax is <= MAX_TAIL_CALL_CNT. 2. rax is tail_call_cnt_ptr if rax is > MAX_TAIL_CALL_CNT, because a pointer won't be <= MAX_TAIL_CALL_CNT. Here's an example to dump JITed. struct { __uint(type, BPF_MAP_TYPE_PROG_ARRAY); __uint(max_entries, 1); __uint(key_size, sizeof(__u32)); __uint(value_size, sizeof(__u32)); } jmp_table SEC(".maps"); int count = 0; static __noinline int subprog_tail(struct __sk_buff *skb) { bpf_tail_call_static(skb, &jmp_table, 0); return 0; } SEC("tc") int entry(struct __sk_buff *skb) { int ret = 1; count++; subprog_tail(skb); subprog_tail(skb); return ret; } When bpftool p d j id 42: int entry(struct __sk_buff * skb): bpf_prog_0c0f4c2413ef19b1_entry: ; int entry(struct __sk_buff *skb) 0: endbr64 4: nopl (%rax,%rax) 9: xorq %rax, %rax ;; rax = 0 (tail_call_cnt) c: pushq %rbp d: movq %rsp, %rbp 10: endbr64 14: cmpq $33, %rax ;; if rax > 33, rax = tcc_ptr 18: ja 0x20 ;; if rax > 33 goto 0x20 ---+ 1a: pushq %rax ;; [rbp - 8] = rax = 0 | 1b: movq %rsp, %rax ;; rax = rbp - 8 | 1e: jmp 0x21 ;; ---------+ | 20: pushq %rax ;; <--------|---------------+ 21: pushq %rax ;; <--------+ [rbp - 16] = rax 22: pushq %rbx ;; callee saved 23: movq %rdi, %rbx ;; rbx = skb (callee saved) ; count++; 26: movabsq $-82417199407104, %rdi 30: movl (%rdi), %esi 33: addl $1, %esi 36: movl %esi, (%rdi) ; subprog_tail(skb); 39: movq %rbx, %rdi ;; rdi = skb 3c: movq -16(%rbp), %rax ;; rax = tcc_ptr 43: callq 0x80 ;; call subprog_tail() ; subprog_tail(skb); 48: movq %rbx, %rdi ;; rdi = skb 4b: movq -16(%rbp), %rax ;; rax = tcc_ptr 52: callq 0x80 ;; call subprog_tail() ; return ret; 57: movl $1, %eax 5c: popq %rbx 5d: leave 5e: retq int subprog_tail(struct __sk_buff * skb): bpf_prog_3a140cef239a4b4f_subprog_tail: ; int subprog_tail(struct __sk_buff *skb) 0: endbr64 4: nopl (%rax,%rax) 9: nopl (%rax) ;; do not touch tail_call_cnt c: pushq %rbp d: movq %rsp, %rbp 10: endbr64 14: pushq %rax ;; [rbp - 8] = rax (tcc_ptr) 15: pushq %rax ;; [rbp - 16] = rax (tcc_ptr) 16: pushq %rbx ;; callee saved 17: pushq %r13 ;; callee saved 19: movq %rdi, %rbx ;; rbx = skb ; asm volatile("r1 = %[ctx]\n\t" 1c: movabsq $-105487587488768, %r13 ;; r13 = jmp_table 26: movq %rbx, %rdi ;; 1st arg, skb 29: movq %r13, %rsi ;; 2nd arg, jmp_table 2c: xorl %edx, %edx ;; 3rd arg, index = 0 2e: movq -16(%rbp), %rax ;; rax = [rbp - 16] (tcc_ptr) 35: cmpq $33, (%rax) 39: jae 0x4e ;; if *tcc_ptr >= 33 goto 0x4e --------+ 3b: jmp 0x4e ;; jmp bypass, toggled by poking | 40: addq $1, (%rax) ;; (*tcc_ptr)++ | 44: popq %r13 ;; callee saved | 46: popq %rbx ;; callee saved | 47: popq %rax ;; undo rbp-16 push | 48: popq %rax ;; undo rbp-8 push | 49: nopl (%rax,%rax) ;; tail call target, toggled by poking | ; return 0; ;; | 4e: popq %r13 ;; restore callee saved <--------------+ 50: popq %rbx ;; restore callee saved 51: leave 52: retq Furthermore, when trampoline is the caller of bpf prog, which is tail_call_reachable, it is required to propagate rax through trampoline. Fixes: ebf7d1f508a7 ("bpf, x64: rework pro/epilogue and tailcall handling in JIT") Fixes: e411901c0b77 ("bpf: allow for tailcalls in BPF subprograms for x64 JIT") Reviewed-by: Eduard Zingerman Signed-off-by: Leon Hwang Link: https://lore.kernel.org/r/20240714123902.32305-2-hffilwlqm@gmail.com Signed-off-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko commit bde0c5a7375699c80a96392800744edf93093a07 Merge: 844f7315e77a01 cfbf25481d6dec Author: Andrii Nakryiko Date: Fri Jul 19 16:17:45 2024 -0700 Merge branch 'bpf-track-find_equal_scalars-history-on-per-instruction-level' Eduard Zingerman says: ==================== bpf: track find_equal_scalars history on per-instruction level This is a fix for precision tracking bug reported in [0]. It supersedes my previous attempt to fix similar issue in commit [1]. Here is a minimized test case from [0]: 0: call bpf_get_prandom_u32; 1: r7 = r0; 2: r8 = r0; 3: call bpf_get_prandom_u32; 4: if r0 > 1 goto +0; /* --- checkpoint #1: r7.id=1, r8.id=1 --- */ 5: if r8 >= r0 goto 9f; 6: r8 += r8; /* --- checkpoint #2: r7.id=1, r8.id=0 --- */ 7: if r7 == 0 goto 9f; 8: r0 /= 0; /* --- checkpoint #3 --- */ 9: r0 = 42; 10: exit; W/o this fix verifier incorrectly assumes that instruction at label (8) is unreachable. The issue is caused by failure to infer precision mark for r0 at checkpoint #1: - first verification path is: - (0-4): r0 range [0,1]; - (5): r8 range [0,0], propagated to r7; - (6): r8.id is reset; - (7): jump is predicted to happen; - (9-10): safe exit. - when jump at (7) is predicted mark_chain_precision() for r7 is called and backtrack_insn() proceeds as follows: - at (7) r7 is marked as precise; - at (5) r8 is not currently tracked and thus r0 is not marked; - at (4-5) boundary logic from [1] is triggered and r7,r8 are marked as precise; - => r0 precision mark is missed. - when second branch of (4) is considered, verifier prunes the state because r0 is not marked as precise in the visited state. Basically, backtracking logic fails to notice that at (5) range information is gained for both r7 and r8, and thus both r8 and r0 have to be marked as precise. This happens because [1] can only account for such range transfers at parent/child state boundaries. The solution suggested by Andrii Nakryiko in [0] is to use jump history to remember which registers gained range as a result of find_equal_scalars() [renamed to sync_linked_regs()] and use this information in backtrack_insn(). Which is what this patch-set does. The patch-set uses u64 value as a vector of 10-bit values that identify registers gaining range in find_equal_scalars(). This amounts to maximum of 6 possible values. To check if such capacity is sufficient I've instrumented kernel to track a histogram for maximal amount of registers that gain range in find_equal_scalars per program verification [2]. Measurements done for verifier selftests and Cilium bpf object files from [3] show that number of such registers is *always* <= 4 and in 98% of cases it is <= 2. When tested on a subset of selftests identified by selftests/bpf/veristat.cfg and Cilium bpf object files from [3] this patch-set has minimal verification performance impact: File Program Insns (DIFF) States (DIFF) ------------------------ ------------------------ -------------- ------------- bpf_host.o tail_handle_nat_fwd_ipv4 -75 (-0.61%) -3 (-0.39%) pyperf600_nounroll.bpf.o on_event +1673 (+0.33%) +3 (+0.01%) [0] https://lore.kernel.org/bpf/CAEf4BzZ0xidVCqB47XnkXcNhkPWF6_nTV7yt+_Lf0kcFEut2Mg@mail.gmail.com/ [1] commit 904e6ddf4133 ("bpf: Use scalar ids in mark_chain_precision()") [2] https://github.com/eddyz87/bpf/tree/find-equal-scalars-in-jump-history-with-stats [3] https://github.com/anakryiko/cilium Changes: - v2 -> v3: A number of stylistic changes suggested by Andrii: - renamings: - struct reg_or_spill -> linked_reg; - find_equal_scalars() -> collect_linked_regs; - copy_known_reg() -> sync_linked_regs; - collect_linked_regs() now returns linked regs set of size 2 or larger; - dropped usage of bit fields in struct linked_reg; - added a patch changing references to find_equal_scalars() in selftests comments. - v1 -> v2: - patch "bpf: replace env->cur_hist_ent with a getter function" is dropped (Andrii); - added structure linked_regs and helper functions to [de]serialize u64 value as such structure (Andrii); - bt_set_equal_scalars() renamed to bt_sync_linked_regs(), moved to start and end of backtrack_insn() in order to untie linked register logic from conditional jumps backtracking. Andrii requested a more radical change of moving linked registers processing to bt_set_xxx() functions, I did an experiment in this direction: https://github.com/eddyz87/bpf/tree/find-equal-scalars-in-jump-history--linked-regs-in-bt-set-reg the end result of the experiment seems much uglier than version presented in v2. Revisions: - v1: https://lore.kernel.org/bpf/20240222005005.31784-1-eddyz87@gmail.com/ - v2: https://lore.kernel.org/bpf/20240705205851.2635794-1-eddyz87@gmail.com/ ==================== Link: https://lore.kernel.org/r/20240718202357.1746514-1-eddyz87@gmail.com Signed-off-by: Andrii Nakryiko commit cfbf25481d6dec0089c99c9d33a2ea634fe8f008 Author: Eduard Zingerman Date: Thu Jul 18 13:23:56 2024 -0700 selftests/bpf: Update comments find_equal_scalars->sync_linked_regs find_equal_scalars() is renamed to sync_linked_regs(), this commit updates existing references in the selftests comments. Signed-off-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240718202357.1746514-5-eddyz87@gmail.com commit bebc17b1c03b224a0b4aec6a171815e39f8ba9bc Author: Eduard Zingerman Date: Thu Jul 18 13:23:55 2024 -0700 selftests/bpf: Tests for per-insn sync_linked_regs() precision tracking Add a few test cases to verify precision tracking for scalars gaining range because of sync_linked_regs(): - check what happens when more than 6 registers might gain range in sync_linked_regs(); - check if precision is propagated correctly when operand of conditional jump gained range in sync_linked_regs() and one of linked registers is marked precise; - check if precision is propagated correctly when operand of conditional jump gained range in sync_linked_regs() and a other-linked operand of the conditional jump is marked precise; - add a minimized reproducer for precision tracking bug reported in [0]; - Check that mark_chain_precision() for one of the conditional jump operands does not trigger equal scalars precision propagation. [0] https://lore.kernel.org/bpf/CAEf4BzZ0xidVCqB47XnkXcNhkPWF6_nTV7yt+_Lf0kcFEut2Mg@mail.gmail.com/ Signed-off-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240718202357.1746514-4-eddyz87@gmail.com commit 842edb5507a1038e009d27e69d13b94b6f085763 Author: Eduard Zingerman Date: Thu Jul 18 13:23:54 2024 -0700 bpf: Remove mark_precise_scalar_ids() Function mark_precise_scalar_ids() is superseded by bt_sync_linked_regs() and equal scalars tracking in jump history. mark_precise_scalar_ids() propagates precision over registers sharing same ID on parent/child state boundaries, while jump history records allow bt_sync_linked_regs() to propagate same information with instruction level granularity, which is strictly more precise. This commit removes mark_precise_scalar_ids() and updates test cases in progs/verifier_scalar_ids to reflect new verifier behavior. The tests are updated in the following manner: - mark_precise_scalar_ids() propagated precision regardless of presence of conditional jumps, while new jump history based logic only kicks in when conditional jumps are present. Hence test cases are augmented with conditional jumps to still trigger precision propagation. - As equal scalars tracking no longer relies on parent/child state boundaries some test cases are no longer interesting, such test cases are removed, namely: - precision_same_state and precision_cross_state are superseded by linked_regs_bpf_k; - precision_same_state_broken_link and equal_scalars_broken_link are superseded by linked_regs_broken_link. Signed-off-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240718202357.1746514-3-eddyz87@gmail.com commit 4bf79f9be434e000c8e12fe83b2f4402480f1460 Author: Eduard Zingerman Date: Thu Jul 18 13:23:53 2024 -0700 bpf: Track equal scalars history on per-instruction level Use bpf_verifier_state->jmp_history to track which registers were updated by find_equal_scalars() (renamed to collect_linked_regs()) when conditional jump was verified. Use recorded information in backtrack_insn() to propagate precision. E.g. for the following program: while verifying instructions 1: r1 = r0 | 2: if r1 < 8 goto ... | push r0,r1 as linked registers in jmp_history 3: if r0 > 16 goto ... | push r0,r1 as linked registers in jmp_history 4: r2 = r10 | 5: r2 += r0 v mark_chain_precision(r0) while doing mark_chain_precision(r0) 5: r2 += r0 | mark r0 precise 4: r2 = r10 | 3: if r0 > 16 goto ... | mark r0,r1 as precise 2: if r1 < 8 goto ... | mark r0,r1 as precise 1: r1 = r0 v Technically, do this as follows: - Use 10 bits to identify each register that gains range because of sync_linked_regs(): - 3 bits for frame number; - 6 bits for register or stack slot number; - 1 bit to indicate if register is spilled. - Use u64 as a vector of 6 such records + 4 bits for vector length. - Augment struct bpf_jmp_history_entry with a field 'linked_regs' representing such vector. - When doing check_cond_jmp_op() remember up to 6 registers that gain range because of sync_linked_regs() in such a vector. - Don't propagate range information and reset IDs for registers that don't fit in 6-value vector. - Push a pair {instruction index, linked registers vector} to bpf_verifier_state->jmp_history. - When doing backtrack_insn() check if any of recorded linked registers is currently marked precise, if so mark all linked registers as precise. This also requires fixes for two test_verifier tests: - precise: test 1 - precise: test 2 Both tests contain the following instruction sequence: 19: (bf) r2 = r9 ; R2=scalar(id=3) R9=scalar(id=3) 20: (a5) if r2 < 0x8 goto pc+1 ; R2=scalar(id=3,umin=8) 21: (95) exit 22: (07) r2 += 1 ; R2_w=scalar(id=3+1,...) 23: (bf) r1 = r10 ; R1_w=fp0 R10=fp0 24: (07) r1 += -8 ; R1_w=fp-8 25: (b7) r3 = 0 ; R3_w=0 26: (85) call bpf_probe_read_kernel#113 The call to bpf_probe_read_kernel() at (26) forces r2 to be precise. Previously, this forced all registers with same id to become precise immediately when mark_chain_precision() is called. After this change, the precision is propagated to registers sharing same id only when 'if' instruction is backtracked. Hence verification log for both tests is changed: regs=r2,r9 -> regs=r2 for instructions 25..20. Fixes: 904e6ddf4133 ("bpf: Use scalar ids in mark_chain_precision()") Reported-by: Hao Sun Suggested-by: Andrii Nakryiko Signed-off-by: Eduard Zingerman Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20240718202357.1746514-2-eddyz87@gmail.com Closes: https://lore.kernel.org/bpf/CAEf4BzZ0xidVCqB47XnkXcNhkPWF6_nTV7yt+_Lf0kcFEut2Mg@mail.gmail.com/ commit 844f7315e77a017fe90652b411e88b119c782a1f Author: Ihor Solodrai Date: Thu Jul 18 22:57:43 2024 +0000 selftests/bpf: Use auto-dependencies for test objects Make use of -M compiler options when building .test.o objects to generate .d files and avoid re-building all tests every time. Previously, if a single test bpf program under selftests/bpf/progs/*.c has changed, make would rebuild all the *.bpf.o, *.skel.h and *.test.o objects, which is a lot of unnecessary work. A typical dependency chain is: progs/x.c -> x.bpf.o -> x.skel.h -> x.test.o -> trunner_binary However for many tests it's not a 1:1 mapping by name, and so far %.test.o have been simply dependent on all %.skel.h files, and %.skel.h files on all %.bpf.o objects. Avoid full rebuilds by instructing the compiler (via -MMD) to produce *.d files with real dependencies, and appropriately including them. Exploit make feature that rebuilds included makefiles if they were changed by setting %.test.d as prerequisite for %.test.o files. A couple of examples of compilation time speedup (after the first clean build): $ touch progs/verifier_and.c && time make -j8 Before: real 0m16.651s After: real 0m2.245s $ touch progs/read_vsyscall.c && time make -j8 Before: real 0m15.743s After: real 0m1.575s A drawback of this change is that now there is an overhead due to make processing lots of .d files, which potentially may slow down unrelated targets. However a time to make all from scratch hasn't changed significantly: $ make clean && time make -j8 Before: real 1m31.148s After: real 1m30.309s Suggested-by: Eduard Zingerman Signed-off-by: Ihor Solodrai Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/VJihUTnvtwEgv_mOnpfy7EgD9D2MPNoHO-MlANeLIzLJPGhDeyOuGKIYyKgk0O6KPjfM-MuhtvPwZcngN8WFqbTnTRyCSMc2aMZ1ODm1T_g=@pm.me commit f157f9cb85b49745754f8c301c59c6ca110e865f Author: Markus Elfring Date: Mon Jul 15 11:12:30 2024 +0200 bpf: Simplify character output in seq_print_delegate_opts() Single characters should be put into a sequence. Thus use the corresponding function “seq_putc” for two selected calls. This issue was transformed by using the Coccinelle software. Suggested-by: Christophe Jaillet Signed-off-by: Markus Elfring Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/abde0992-3d71-44d2-ab27-75b382933a22@web.de commit df862de41fcde6a0a4906647b0cacec2a8db5cf3 Author: Markus Elfring Date: Sun Jul 14 16:15:34 2024 +0200 bpf: Replace 8 seq_puts() calls by seq_putc() calls Single line breaks should occasionally be put into a sequence. Thus use the corresponding function “seq_putc”. This issue was transformed by using the Coccinelle software. Signed-off-by: Markus Elfring Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/e26b7df9-cd63-491f-85e8-8cabe60a85e5@web.de commit 2291247296c848da1c2d9cb598c517636aecd829 Merge: 1722389b0d8630 c70b2d9027ca39 Author: Martin KaFai Lau Date: Thu Jul 18 12:07:19 2024 -0700 Merge branch 'use network helpers, part 9' Geliang Tang says: ==================== v3: - patch 2: - clear errno before connect_to_fd_opts. - print err logs in run_test. - set err to -1 when fd >= 0. - patch 3: - drop "int err". v2: - update patch 2 as Martin suggested. This is the 9th part of series "use network helpers" all BPF selftests wide. Patches 1-2 update network helpers interfaces suggested by Martin. Patch 3 adds a new helper connect_to_addr_str() as Martin suggested instead of adding connect_fd_to_addr_str(). Patch 4 uses this newly added helper in make_client(). Patch 5 uses make_client() in sk_lookup and drop make_socket(). ==================== Signed-off-by: Martin KaFai Lau Signed-off-by: Andrii Nakryiko commit c70b2d9027ca39e84d4ee01da78a70308ce1fd4f Author: Geliang Tang Date: Thu Jul 18 14:22:31 2024 +0800 selftests/bpf: Add connect_to_addr_str helper Similar to connect_to_addr() helper for connecting to a server with the given sockaddr_storage type address, this patch adds a new helper named connect_to_addr_str() for connecting to a server with the given string type address "addr_str", together with its "family" and "port" as other parameters of connect_to_addr_str(). In connect_to_addr_str(), the parameters "family", "addr_str" and "port" are used to create a sockaddr_storage type address "addr" by invoking make_sockaddr(). Then pass this "addr" together with "addrlen", "type" and "opts" to connect_to_addr(). Suggested-by: Martin KaFai Lau Signed-off-by: Geliang Tang Link: https://lore.kernel.org/r/647e82170831558dbde132a7a3d86df660dba2c4.1721282219.git.tanggeliang@kylinos.cn Signed-off-by: Martin KaFai Lau Signed-off-by: Andrii Nakryiko commit e1ee5a48b5b27e3e7bb294f80f7429c3d0466d19 Author: Geliang Tang Date: Thu Jul 18 14:22:30 2024 +0800 selftests/bpf: Drop must_fail from network_helper_opts The struct member "must_fail" of network_helper_opts() is only used in cgroup_v1v2 tests, it makes sense to drop it from network_helper_opts. Return value (fd) of connect_to_fd_opts() and the expect errno (EPERM) can be checked in cgroup_v1v2.c directly, no need to check them in connect_fd_to_addr() in network_helpers.c. This also makes connect_fd_to_addr() function useless. It can be replaced by connect(). Suggested-by: Martin KaFai Lau Signed-off-by: Geliang Tang Link: https://lore.kernel.org/r/3faf336019a9a48e2e8951f4cdebf19e3ac6e441.1721282219.git.tanggeliang@kylinos.cn Signed-off-by: Martin KaFai Lau Signed-off-by: Andrii Nakryiko commit a63507f3b11de30fd7711ec244fe354fb4a01a09 Author: Geliang Tang Date: Thu Jul 18 14:22:29 2024 +0800 selftests/bpf: Drop type of connect_to_fd_opts The "type" parameter of connect_to_fd_opts() is redundant of "server_fd". Since the "type" can be obtained inside by invoking getsockopt(SO_TYPE), without passing it in as a parameter. This patch drops the "type" parameter of connect_to_fd_opts() and updates its callers. Suggested-by: Martin KaFai Lau Signed-off-by: Geliang Tang Link: https://lore.kernel.org/r/50d8ce7ab7ab0c0f4d211fc7cc4ebe3d3f63424c.1721282219.git.tanggeliang@kylinos.cn Signed-off-by: Martin KaFai Lau Signed-off-by: Andrii Nakryiko commit b31b9fb578783ee569d28325917821e7149e6f9b Author: Marek Vasut Date: Thu Jul 25 20:03:23 2024 +0200 dt-bindings: hwmon: Document TI TPS546D24 Document TI TPS546D24 TPS546D24A 2.95-V to 16-V, 40-A, Up to 4x Stackable, PMBus Buck Converter as trivial device. Linux kernel does have an existing driver using the compatible documented here. Signed-off-by: Marek Vasut Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240725180337.64396-1-marex@denx.de Signed-off-by: Rob Herring (Arm) commit f7272daeaca31c00e61f46edb98d593b55595501 Author: Rayyan Ansari Date: Wed Jul 17 14:10:26 2024 +0100 dt-bindings: bus: qcom,ebi2: convert to dtschema Convert the bindings for the External Bus Interface on apq8060 and msm8660 from the old text format to yaml. Signed-off-by: Rayyan Ansari Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240717131030.51419-1-rayyan.ansari@linaro.org Signed-off-by: Rob Herring (Arm) commit 60df548277b7281171f51b87b214ab6717fc6101 Author: Yasin Lee Date: Tue Jul 2 22:12:34 2024 +0800 iio: proximity: Add driver support for TYHX's HX9023S capacitive proximity sensor A SAR sensor from NanjingTianyihexin Electronics Ltd. The device has the following entry points: Usual frequency: - sampling_frequency Instant reading of current values for different sensors: - in_proximity0_raw - in_proximity1_raw - in_proximity2_raw - in_proximity3_raw - in_proximity4_raw and associated events in events/ Signed-off-by: Yasin Lee Link: https://patch.msgid.link/20240702-add-tyhx-hx9023s-sensor-driver-v9-3-c030f1801d9b@gmail.com Signed-off-by: Jonathan Cameron commit dc926424211cf940d69e55bc46a064626b0cfa6f Author: Yasin Lee Date: Tue Jul 2 22:12:33 2024 +0800 dt-bindings: iio: proximity: Add TYHX HX9023S A capacitive proximity sensor Reviewed-by: Krzysztof Kozlowski Signed-off-by: Yasin Lee Link: https://patch.msgid.link/20240702-add-tyhx-hx9023s-sensor-driver-v9-2-c030f1801d9b@gmail.com Signed-off-by: Jonathan Cameron commit 8d1bae11ad1b253e49c3a279690850e15b8719f2 Author: Yasin Lee Date: Tue Jul 2 22:12:32 2024 +0800 dt-bindings: vendor-prefixes: add tyhx Add vendor prefix for NanjingTianyihexin Electronics Ltd. http://www.tianyihexin.com Acked-by: Krzysztof Kozlowski Signed-off-by: Yasin Lee Link: https://patch.msgid.link/20240702-add-tyhx-hx9023s-sensor-driver-v9-1-c030f1801d9b@gmail.com Signed-off-by: Jonathan Cameron commit 2903a2f260039a851ba60bdb88c09aa6d4eafd80 Author: Chen Ni Date: Fri Jul 5 16:42:50 2024 +0800 iio: dac: ti-dac7311: Add check for spi_setup Add check for the return value of spi_setup() and return the error if it fails in order to catch the error. Signed-off-by: Chen Ni Link: https://patch.msgid.link/20240705084250.3006527-1-nichen@iscas.ac.cn Signed-off-by: Jonathan Cameron commit 2956979dbd0d47473b41129d8fc8127ed13fd687 Author: Guillaume Stols Date: Tue Jul 2 17:34:12 2024 +0000 iio: adc: ad7606: switch mutexes to guard Switching to guard simplifies the code and avoids to take care to unlock the mutex in case of premature return. Signed-off-by: Guillaume Stols Reviewed-by: Nuno Sa Signed-off-by: Jonathan Cameron commit 059fe4f8bbdf5cad212e1aeeb3e8968c80b9ff3b Author: Guillaume Stols Date: Tue Jul 2 17:34:11 2024 +0000 iio: adc: ad7606: fix standby gpio state to match the documentation The binding's documentation specifies that "As the line is active low, it should be marked GPIO_ACTIVE_LOW". However, in the driver, it was handled the opposite way. This commit sets the driver's behaviour in sync with the documentation Fixes: 722407a4e8c0 ("staging:iio:ad7606: Use GPIO descriptor API") Signed-off-by: Guillaume Stols Reviewed-by: Nuno Sa Signed-off-by: Jonathan Cameron commit 8dc4594b54dbaaba40dc8884ad3d42083de39434 Author: Guillaume Stols Date: Tue Jul 2 17:34:10 2024 +0000 iio: adc: ad7606: fix oversampling gpio array gpiod_set_array_value was misused here: the implementation relied on the assumption that an unsigned long was required for each gpio, while the function expects a bit array stored in "as much unsigned long as needed for storing one bit per GPIO", i.e it is using a bit field. This leaded to incorrect parameter passed to gpiod_set_array_value, that would set 1 value instead of 3. It also prevents to select the software mode correctly for the AD7606B. Fixes: d2a415c86c6b ("iio: adc: ad7606: Add support for AD7606B ADC") Fixes: 41f71e5e7daf ("staging: iio: adc: ad7606: Use find_closest() macro") Signed-off-by: Guillaume Stols Reviewed-by: Nuno Sa Signed-off-by: Jonathan Cameron commit 8d71a5d8685025a0a95a73d3b130a45c91eaf8a4 Author: Guillaume Stols Date: Tue Jul 2 17:34:09 2024 +0000 dt-bindings: iio: adc: adi,ad7606: add conditions Since the driver supports several parts that present differences in their layout and behaviour, it is necessary to describe the differences from one chip to another. Reviewed-by: Conor Dooley Signed-off-by: Guillaume Stols Signed-off-by: Jonathan Cameron commit 746bb410aafd84133e313bac2e301c7531498191 Author: Guillaume Stols Date: Tue Jul 2 17:34:08 2024 +0000 dt-bindings: iio: adc: adi,ad7606: fix example Example uses adi,ad7606-8 as compatible, but adi,sw-mode is not available for it. So remove this property from example. Acked-by: Conor Dooley Signed-off-by: Guillaume Stols Signed-off-by: Jonathan Cameron commit 7248e0995b38a75462e1e07449d3c869f6e97d60 Author: Guillaume Stols Date: Tue Jul 2 17:34:07 2024 +0000 dt-bindings: iio: adc: adi,ad7606: add supply properties Add voltage supplies Acked-by: Conor Dooley Signed-off-by: Guillaume Stols Signed-off-by: Jonathan Cameron commit 786cbd7c2dc539b3f91aeabc9a026c01cea072c8 Author: Guillaume Stols Date: Tue Jul 2 17:34:06 2024 +0000 dt-bindings: iio: adc: adi,ad7606: improve descriptions Reword a few descriptions, and normalize the text width to 80 characters. Reviewed-by: Rob Herring (Arm) Signed-off-by: Guillaume Stols Signed-off-by: Jonathan Cameron commit a3b4a48fd51e4051c777143bad9f2f9b6d52ab7c Author: Guillaume Stols Date: Tue Jul 2 17:34:05 2024 +0000 dt-bindings: iio: adc: adi,ad7606: normalize textwidth Normalize textwidth to 80 columns on the descriptions. Acked-by: Rob Herring (Arm) Signed-off-by: Guillaume Stols Signed-off-by: Jonathan Cameron commit 43ebc481ab174d1f2fd346de58fd36ea19f0e507 Author: Nuno Sa Date: Thu Jul 4 11:25:25 2024 +0200 iio: adc: ad9467: support new parts Add support for new devices: * Analog Devices AD9652 16-bit 310 MSPS ADC; * Analog Devices AD9643 14-Bit, 170/210/250 MSPS ADC; * Analog Devices AD9649 14-bit 20/40/65/80 MSPS ADC. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240704-dev-iio-ad9467-new-devs-v1-5-f1adfee921f7@analog.com Signed-off-by: Jonathan Cameron commit f9c75d43f49531cfa780e9611a7e3c4792598a95 Author: Nuno Sa Date: Thu Jul 4 11:25:24 2024 +0200 dt-bindings: adc: ad9467: support new parts Add support for new devices: * Analog Devices AD9652 16-bit 310 MSPS ADC; * Analog Devices AD9643 14-Bit, 170/210/250 MSPS ADC; * Analog Devices AD9649 14-bit 20/40/65/80 MSPS ADC. Note all these parts have subtle differences in their programming model (different scales, number of channels, etc..) so fallbacks are not possible. Signed-off-by: Nuno Sa Acked-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240704-dev-iio-ad9467-new-devs-v1-4-f1adfee921f7@analog.com Signed-off-by: Jonathan Cameron commit b92f94f7482697e94f06ec483b7b4cfcc41e7497 Author: Nuno Sa Date: Thu Jul 4 11:25:23 2024 +0200 iio: adc: ad9467: don't allow reading vref if not available If there's only one possible scale, there's no way to change the Vref select in the device so avoid reading the register in ad9467_get_scale(). In this case, it makes no sense to provide the .read_available() callback nor allowing for writing the scale attribute. Note this is in preparation for supporting a new device that only has one possible scale. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240704-dev-iio-ad9467-new-devs-v1-3-f1adfee921f7@analog.com Signed-off-by: Jonathan Cameron commit bdc87f98cab780a6edfa658f20d9f95ad7e7efea Author: Nuno Sa Date: Thu Jul 4 11:25:22 2024 +0200 iio: adc: ad9467: add new chip_info variables Add new variables to the per chip info structure: * test_points: Number of valid test points for calibration; * has_dco_invert: Supports inverting DCO (Data clock output) polarity; * dco_en: Specicic mask to enable DCO delays. This is in preparation for supporting new parts with subtle differences in how to configure the hardware. Note that with the new test_points variable, we also add a new calib_map_size to 'struct ad9467_state' so we know our map size depending on how many test points we have and if we can run the calibration in the inverted state or not. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240704-dev-iio-ad9467-new-devs-v1-2-f1adfee921f7@analog.com Signed-off-by: Jonathan Cameron commit 7394a155dd1215ce20fd2a562ff537929b0f86d5 Author: Nuno Sa Date: Thu Jul 4 11:25:21 2024 +0200 iio: adc: ad9467: support multiple channels calibration The calibration process mixes the support for calibrating multiple channels with only having one channel. Some paths do have 'num_channels' into account while others don't. As of now, the driver only supports devices with one channel so the above is not really a problem. That said, we'll add support for devices with more than one channel, hence let's properly make the calibration process to work with it. Signed-off-by: Nuno Sa Link: https://patch.msgid.link/20240704-dev-iio-ad9467-new-devs-v1-1-f1adfee921f7@analog.com Signed-off-by: Jonathan Cameron commit 1de9c3c706eef7765590a456d5a8f46a432e5b87 Author: Krzysztof Kozlowski Date: Fri Jul 5 12:40:48 2024 +0200 iio: adc: ti-tsc2046: simplify with cleanup.h Allocate the memory with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Oleksij Rempel Link: https://patch.msgid.link/20240705-cleanup-h-iio-v1-5-77114c7e84c5@linaro.org Signed-off-by: Jonathan Cameron commit adcba9cd610912aa5f0befbae5125c63dda36e00 Author: Krzysztof Kozlowski Date: Fri Jul 5 12:40:47 2024 +0200 iio: adc: max1363: simplify with cleanup.h Allocate the memory with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240705-cleanup-h-iio-v1-4-77114c7e84c5@linaro.org Signed-off-by: Jonathan Cameron commit e3749aae6e0ed66b544db10c695f29f4d9c01ef4 Author: Krzysztof Kozlowski Date: Fri Jul 5 12:40:46 2024 +0200 iio: adc: at91: simplify with cleanup.h Allocate the memory with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240705-cleanup-h-iio-v1-3-77114c7e84c5@linaro.org Signed-off-by: Jonathan Cameron commit c74f7c09b537b8d1ea61670c2d89a99d0732208f Author: Krzysztof Kozlowski Date: Fri Jul 5 12:40:45 2024 +0200 iio: adc: ad7280a: simplify with cleanup.h Allocate the memory with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240705-cleanup-h-iio-v1-2-77114c7e84c5@linaro.org Signed-off-by: Jonathan Cameron commit f44c314faaec1882f16c8abcb49625594e9bbe4b Author: Krzysztof Kozlowski Date: Fri Jul 5 12:40:44 2024 +0200 iio: accel: bma400: simplify with cleanup.h Allocate the memory with scoped/cleanup.h to reduce error handling and make the code a bit simpler. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240705-cleanup-h-iio-v1-1-77114c7e84c5@linaro.org Signed-off-by: Jonathan Cameron commit 244315b317350ad14a2f24b021f73c9dfcf83595 Author: Javier Carrasco Date: Wed Jul 3 23:04:53 2024 +0200 iio: pressure: bmp280: Constify struct regmap_bus `bmp280_regmap_bus` and `bmp380_regmap_bus` are conditionally assigned to `bmp_regmap_bus`, which is only used to pass the struct as a read-only member. Add the const modifier to the structs and the pointer to move the data to a read-only section. Signed-off-by: Javier Carrasco Tested-By: Vasileios Amoiridis Link: https://patch.msgid.link/20240703-iio-cont-regmap_bus-v1-10-34754f355b65@gmail.com Signed-off-by: Jonathan Cameron commit 9abedf82c78505b9f9c8d9670cd06e67532eed71 Author: Javier Carrasco Date: Wed Jul 3 23:04:52 2024 +0200 iio: light: gp2ap002: Constify struct regmap_bus `gp2ap002_regmap_bus` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20240703-iio-cont-regmap_bus-v1-9-34754f355b65@gmail.com Signed-off-by: Jonathan Cameron commit 36a697964d8c59105835daa1b1ef4c8b58068395 Author: Javier Carrasco Date: Wed Jul 3 23:04:51 2024 +0200 iio: imu: bno055: Constify struct regmap_bus `bno055_ser_regmap_bus` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20240703-iio-cont-regmap_bus-v1-8-34754f355b65@gmail.com Signed-off-by: Jonathan Cameron commit b6f59c45005b3540b78dfbc9e2f562c0cf3055b7 Author: Javier Carrasco Date: Wed Jul 3 23:04:50 2024 +0200 iio: imu: bmi323: Constify struct regmap_bus `bmi323_regmap_bus` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20240703-iio-cont-regmap_bus-v1-7-34754f355b65@gmail.com Signed-off-by: Jonathan Cameron commit 840f7410fd59c029e1c5b700277bc03586e65856 Author: Javier Carrasco Date: Wed Jul 3 23:04:49 2024 +0200 iio: dac: ltc2688: Constify struct regmap_bus `ltc2688_regmap_bus` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240703-iio-cont-regmap_bus-v1-6-34754f355b65@gmail.com Signed-off-by: Jonathan Cameron commit 297fef494d78d00fa563ead08396da6b4ba58172 Author: Javier Carrasco Date: Wed Jul 3 23:04:48 2024 +0200 iio: chemical: bme680: Constify struct regmap_bus `bme680_regmap_bus` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Tested-By: Vasileios Amoiridis Link: https://patch.msgid.link/20240703-iio-cont-regmap_bus-v1-5-34754f355b65@gmail.com Signed-off-by: Jonathan Cameron commit 2a57a7df9f8d190ff80ba5d3c8e0f7f58fcda4a5 Author: Javier Carrasco Date: Wed Jul 3 23:04:47 2024 +0200 iio: adc: ad7091r8: Constify struct regmap_bus `ad7091r8_regmap_bus` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Reviewed-by: Marcelo Schmitt Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240703-iio-cont-regmap_bus-v1-4-34754f355b65@gmail.com Signed-off-by: Jonathan Cameron commit 48259265a3b41ec448d7cb1467fbed7bef1e108c Author: Javier Carrasco Date: Wed Jul 3 23:04:46 2024 +0200 iio: accel: bmi088: Constify struct regmap_bus `bmi088_regmap_bus` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20240703-iio-cont-regmap_bus-v1-3-34754f355b65@gmail.com Signed-off-by: Jonathan Cameron commit 867ade7dc0756ff656e3b14afea87c8a35880a08 Author: Javier Carrasco Date: Wed Jul 3 23:04:45 2024 +0200 iio: accel: bma400: Constify struct regmap_bus `bma400_regmap_bus` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20240703-iio-cont-regmap_bus-v1-2-34754f355b65@gmail.com Signed-off-by: Jonathan Cameron commit c922c634bd926d84967275efbb7275b8645aa343 Author: Javier Carrasco Date: Wed Jul 3 23:04:44 2024 +0200 iio: accel: adxl367: Constify struct regmap_bus `adxl367_spi_regmap_bus` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Link: https://patch.msgid.link/20240703-iio-cont-regmap_bus-v1-1-34754f355b65@gmail.com Signed-off-by: Jonathan Cameron commit 07465fe1b7cd461cb4b5b7832c50f7180e52ee50 Author: Nuno Sa Date: Tue Jul 2 18:02:52 2024 +0200 iio: imu: adis16480: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-20-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit d86db532307c928ca71f70686d10f1b1a703bc27 Author: Nuno Sa Date: Tue Jul 2 18:02:51 2024 +0200 iio: imu: adis16475: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-19-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit f3184b2f2c72839514763ca761663ad38c84751d Author: Nuno Sa Date: Tue Jul 2 18:02:50 2024 +0200 iio: adc: at91_adc: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-18-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit f726ebe7c23cd559869302212d638f468633e3b6 Author: Nuno Sa Date: Tue Jul 2 18:02:49 2024 +0200 iio: adc: ad_sigma_delta: use new '.masklength' accessors Make use of iio_get_masklength) and iio_for_each_active_channel() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-17-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit 972df0e9a08b62679ff8dcdd8cb650642804c38f Author: Nuno Sa Date: Tue Jul 2 18:02:48 2024 +0200 iio: adc: ad799x: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-16-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit abcc9b8a9a42c948a22f0013c036de469f2d8f6e Author: Nuno Sa Date: Tue Jul 2 18:02:47 2024 +0200 iio: adc: ad7298: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-15-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit 3dface1fb59b4272d96ce558c726f296a00ebf8c Author: Nuno Sa Date: Tue Jul 2 18:02:46 2024 +0200 iio: adc: ad7266: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-14-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit d637a64db3b29fde1daca0c1f4882674d13fae28 Author: Nuno Sa Date: Tue Jul 2 18:02:45 2024 +0200 iio: accel: stk8ba50: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-13-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit 5f38d117f5a670660490e3f097a1e02eb41c9160 Author: Nuno Sa Date: Tue Jul 2 18:02:44 2024 +0200 iio: accel: stk8312: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-12-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit cf7ec085f58d4be256e815df6ab35d34782f5e0b Author: Nuno Sa Date: Tue Jul 2 18:02:43 2024 +0200 iio: accel: sca3300: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-11-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit e5003b6098da6bfaad2e82bffcaf6e8ddf03bafe Author: Nuno Sa Date: Tue Jul 2 18:02:42 2024 +0200 iio: accel: msa311: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-10-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit c7d289eb10f60dfe6729d81178ea3beb9fb1689d Author: Nuno Sa Date: Tue Jul 2 18:02:41 2024 +0200 iio: accel: fxls8962af-core: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-9-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit bac3b7c43d6d9ed6749b9dc9f56a8c0e0e73cb02 Author: Nuno Sa Date: Tue Jul 2 18:02:40 2024 +0200 iio: accel: cros_ec_accel_legacy: make use of iio_get_masklength() Ue iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-8-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit 84550e2682ec9e4cba15073da9ff0faa41e0305f Author: Nuno Sa Date: Tue Jul 2 18:02:39 2024 +0200 iio: accel: bmc150-accel-core: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-7-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit 1a290e410ceecc6b1395f279d6364b2cc2c614df Author: Nuno Sa Date: Tue Jul 2 18:02:38 2024 +0200 iio: accel: bma180: make use of iio_for_each_active_channel() Use iio_for_each_active_channel() to iterate over active channels accessing '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-6-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit 6bb0d80e88a27268557a2689d20bdd31d8f797a5 Author: Nuno Sa Date: Tue Jul 2 18:02:37 2024 +0200 iio: accel: adxl372: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-5-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit 5d8c3c240f98ca23ae906af718a11727365e59dc Author: Nuno Sa Date: Tue Jul 2 18:02:36 2024 +0200 iio: accel: adxl367: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-4-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit 52fe020e7f9c2051343d68e759186ce11b72acc2 Author: Nuno Sa Date: Tue Jul 2 18:02:35 2024 +0200 iio: buffer: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. While at it, remove some unneeded line breaks. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-3-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit c6c47852c1769125a40f45662ef63d51f588f7c4 Author: Nuno Sa Date: Tue Jul 2 18:02:34 2024 +0200 iio: core: make use of iio_get_masklength() Use iio_get_masklength() to access '.masklength' so it can be annotated as __private when there are no more direct users of it. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-2-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit de79583ffe794663c53b77f97be814522d4edc4f Author: Nuno Sa Date: Tue Jul 2 18:02:33 2024 +0200 iio: core: add accessors 'masklength' 'masklength' is supposed to be an IIO private member. However, drivers (often in trigger handlers) need to access it to iterate over the enabled channels for example (there are other reasons). Hence, a couple of new accessors are being added: * iio_for_each_active_channel() - Iterates over the active channels; * iio_get_masklength() - Get length of the channels mask. The goal of these new accessors is to annotate 'masklength' as private as soon as all drivers accessing it are converted to use the new helpers. Signed-off-by: Nuno Sa Reviewed-by: Alexandru Ardelean Link: https://patch.msgid.link/20240702-dev-iio-masklength-private-v1-1-98193bf536a6@analog.com Signed-off-by: Jonathan Cameron commit bd6e614356d4fc852480cfb14d705da0561d5777 Author: Alex Bee Date: Wed Jul 10 15:28:13 2024 +0200 arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 The DW MCI controller driver will use them to reset the IP block before initialisation. Fixes: d717f7352ec6 ("arm64: dts: rockchip: add sdmmc/sdio/emmc nodes for RK3328 SoCs") Signed-off-by: Alex Bee Signed-off-by: Diederik de Haas Reviewed-by: Dragan Simic Link: https://lore.kernel.org/r/20240710132830.14710-4-didi.debian@cknow.org Signed-off-by: Heiko Stuebner commit 82e3aaae388199a0aff33e5371db307b3274f77a Author: Alex Bee Date: Wed Jul 10 15:28:12 2024 +0200 arm64: dts: rockchip: Add sdmmc_ext for RK3328 RK3328 SoC has a fourth mmc controller called SDMMC_EXT. Some boards have sdio wifi connected to it. In order to use it one would have to add the pinctrls from sdmmc0ext group which is done on board level. Signed-off-by: Alex Bee Signed-off-by: Diederik de Haas Reviewed-by: Dragan Simic Link: https://lore.kernel.org/r/20240710132830.14710-3-didi.debian@cknow.org Signed-off-by: Heiko Stuebner commit a24fc58198084194796486698e779963636c9065 Author: Heiko Stuebner Date: Sun Jun 23 23:56:31 2024 +0200 ARM: dts: rockchip: use constant for HCLK_SFC on rk3128 Due to inter-branch dependencies, it was necessary to add the rk3128 sfc controller with its hclk_sfc using the numeric clock id value instead of the nicer constant from the binding. Now that it's available, change over to this constant. Signed-off-by: Heiko Stuebner Link: https://lore.kernel.org/r/20240623215631.440399-1-heiko@sntech.de Signed-off-by: Heiko Stuebner commit 1d34b9757523c1ad547bd6d040381f62d74a3189 Author: Jonas Karlman Date: Sat Jun 15 17:03:53 2024 +0000 clk: rockchip: Set parent rate for DCLK_VOP clock on RK3228 Similar to DCLK_LCDC on RK3328, the DCLK_VOP on RK3228 is typically parented by the hdmiphy clk and it is expected that the DCLK_VOP and hdmiphy clk rate are kept in sync. Use CLK_SET_RATE_PARENT and CLK_SET_RATE_NO_REPARENT flags, same as used on RK3328, to make full use of all possible supported display modes. Fixes: 0a9d4ac08ebc ("clk: rockchip: set the clock ids for RK3228 VOP") Fixes: 307a2e9ac524 ("clk: rockchip: add clock controller for rk3228") Signed-off-by: Jonas Karlman Link: https://lore.kernel.org/r/20240615170417.3134517-3-jonas@kwiboo.se Signed-off-by: Heiko Stuebner commit 9df34247766b2a42c48cf0d81a0dd756c546cbdc Author: Chukun Pan Date: Wed Jul 10 22:30:17 2024 +0800 arm64: dts: rockchip: Enable UHS-I SDR-50 for Lunzn FastRhino R66S This board can work in UHS-I SDR-104 mode, but may not be stable, use SDR-50 instead. Remove the max-frequency property, which is already defined in rk356x.dtsi. Fixes: c79dab407afd ("arm64: dts: rockchip: Add Lunzn Fastrhino R66S") Signed-off-by: Chukun Pan Link: https://lore.kernel.org/r/20240710143017.685905-4-amadeus@jmu.edu.cn Signed-off-by: Heiko Stuebner commit ecb0835328a534f48f1213a257888d8510a1cad3 Author: Chukun Pan Date: Wed Jul 10 22:30:16 2024 +0800 arm64: dts: rockchip: remove useless tx/rx_delay for Lunzn Fastrhino R68S Since we use rgmii-id as the phy mode, remove the useless tx_delay and rx_delay properties. Fixes: b9f8ca655d80 ("arm64: dts: rockchip: Add Lunzn Fastrhino R68S") Signed-off-by: Chukun Pan Link: https://lore.kernel.org/r/20240710143017.685905-3-amadeus@jmu.edu.cn Signed-off-by: Heiko Stuebner commit 22de886d49613ea36b39bbe563bf77a2de057865 Author: Chukun Pan Date: Wed Jul 10 22:30:15 2024 +0800 arm64: dts: rockchip: use generic Ethernet PHY reset bindings for Lunzn Fastrhino R68S Replace the deprecated snps,reset-xxx bindings to the generic Ethernet PHY reset GPIO bindings. According to the PHY datasheet, the RTL8211F PHY needs a 10ms assert delay and at least 72ms deassert delay. Considering the possibility of mixed use of PHY chips, increased the reset time. Fixes: b9f8ca655d80 ("arm64: dts: rockchip: Add Lunzn Fastrhino R68S") Signed-off-by: Chukun Pan Link: https://lore.kernel.org/r/20240710143017.685905-2-amadeus@jmu.edu.cn Signed-off-by: Heiko Stuebner commit def33fb1191207f5afa6dcb681d71fef2a6c1293 Author: Dragan Simic Date: Mon Jul 15 19:44:20 2024 +0200 arm64: dts: rockchip: Correct the Pinebook Pro battery design capacity All batches of the Pine64 Pinebook Pro, except the latest batch (as of 2024) whose hardware design was revised due to the component shortage, use a 1S lithium battery whose nominal/design capacity is 10,000 mAh, according to the battery datasheet. [1][2] Let's correct the design full-charge value in the Pinebook Pro board dts, to improve the accuracy of the hardware description, and to hopefully improve the accuracy of the fuel gauge a bit on all units that don't belong to the latest batch. The above-mentioned latest batch uses a different 1S lithium battery with a slightly lower capacity, more precisely 9,600 mAh. To make the fuel gauge work reliably on the latest batch, a sample battery would need to be sent to CellWise, to obtain its proprietary battery profile, whose data goes into "cellwise,battery-profile" in the Pinebook Pro board dts. Without that data, the fuel gauge reportedly works unreliably, so changing the design capacity won't have any negative effects on the already unreliable operation of the fuel gauge in the Pinebook Pros that belong to the latest batch. According to the battery datasheet, its voltage can go as low as 2.75 V while discharging, but it's better to leave the current 3.0 V value in the dts file, because of the associated Pinebook Pro's voltage regulation issues. [1] https://wiki.pine64.org/index.php/Pinebook_Pro#Battery [2] https://files.pine64.org/doc/datasheet/pinebook/40110175P%203.8V%2010000mAh%E8%A7%84%E6%A0%BC%E4%B9%A6-14.pdf Fixes: c7c4d698cd28 ("arm64: dts: rockchip: add fuel gauge to Pinebook Pro dts") Cc: stable@vger.kernel.org Cc: Marek Kraus Signed-off-by: Dragan Simic Link: https://lore.kernel.org/r/731f8ef9b1a867bcc730d19ed277c8c0534c0842.1721065172.git.dsimic@manjaro.org Signed-off-by: Heiko Stuebner commit 710a568b6ab83742c31507c96201e2cf6652562d Author: Christopher Obbard Date: Thu Jul 18 09:40:26 2024 +0100 arm64: dts: rockchip: add Firefly JD4 baseboard with Core-PX30-JD4 SoM The Firefly MB-PX30-JD4 is a baseboard for the Core-PX30-JD4 SoM. Signed-off-by: Christopher Obbard Link: https://lore.kernel.org/r/20240718-rockchip-px30-firefly-v3-3-3835cdd22eae@collabora.com Signed-off-by: Heiko Stuebner commit a32b1a46502ee5748ec54268209ed539ebf675a4 Author: Christopher Obbard Date: Thu Jul 18 09:40:25 2024 +0100 arm64: dts: rockchip: add Firefly Core-PX30-JD4 SoM The Firefly Core-PX30-JD4 SoM is a 69.6x49.6mm (260 pin SODIMM connector) system-on-module from Firefly, featuring the Rockchip PX30. It provides the following feature set: * on-module DDR3 (1GB/2GB) * on-module eMMC 5.1 (8GB/16GB/32GB/64GB/128GB) * on-module NPU (optional) * SD card (on a baseboard) via edge connector * 100mbps Ethernet (on a baseboard) via edge connector * MIPI-DSI (on a baseboard) via edge connector * Audio (on a baseboard) via edge connector - 1x SPDIF - 1x 8-channel I2S/TDM - 1x 2-channel I2S/TDM - 1x 8-channel PDM * USB (on a baseboard) via edge connector - 1x USB 2.0 OTG - 1x USB 2.0 host * Various GPIO (on a baseboard) via edge connector Signed-off-by: Christopher Obbard Link: https://lore.kernel.org/r/20240718-rockchip-px30-firefly-v3-2-3835cdd22eae@collabora.com Signed-off-by: Heiko Stuebner commit 0406da35b4967e3e40036495627b76a48db51113 Author: Christopher Obbard Date: Thu Jul 18 09:40:24 2024 +0100 dt-bindings: arm: rockchip: Add Firefly Core-PX30-JD4 on baseboard Add binding for the Firefly Core-PX30-JD4 SoM when used in conjunction with the MB-JD4-PX30 baseboard. Signed-off-by: Christopher Obbard Acked-by: Conor Dooley Reviewed-by: Dragan Simic Link: https://lore.kernel.org/r/20240718-rockchip-px30-firefly-v3-1-3835cdd22eae@collabora.com Signed-off-by: Heiko Stuebner commit dbcbfc72d3b660b6dd9ea7d2c089c228609714ec Author: Lucas De Marchi Date: Fri Jul 26 18:59:07 2024 -0700 drm/xe: Migrate OOB WAs to OR rules Now that rtp has OR rules, it's not needed to extend it to process OOB WAs. Previously if an entry had no name, it was considered as "a set of rules OR'ed with the last named entry". Instead of generating new entries, add OR rules. The syntax for xe_wa_oob.rules remains the same, with xe_gen_wa_oob generating the slightly different table. Object sizes delta are negligible, but having just one logic makes it easier to maintain: add/remove: 0/0 grow/shrink: 1/2 up/down: 160/-269 (-109) Function old new delta __compound_literal 6104 6264 +160 xe_wa_dump 1839 1810 -29 oob_was 816 576 -240 Total: Before=17257, After=17148, chg -0.63% Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/20240727015907.899192-9-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit 1c408c516414fd9760c54f6d42ed1fa44a1dff15 Author: Lucas De Marchi Date: Fri Jul 26 18:59:06 2024 -0700 drm/xe/rtp: Expand max rules/actions per entry again Like commit 512660cd1f1a ("drm/xe/rtp: Expand max rules/actions per entry") did, expand the maximum number of actions/rules. That commit was too conservative, just incrementing 2. Other than the ugliness of these macros and additional preprocessor steps when they are used, there are no downsides on increasing the maximum: the tables in which they are used use a sentinel to mark the last element. With rtp processing now supporting OR rules, it's possible to migrate the extension made for OOB WAs that "entries with name are OR'ed in previous entry". For that the maximum number of rules needs to be increased. Just double it. Hopefully 12 is sufficient for longer than 6 was. Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/20240727015907.899192-8-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit d51a75ac975a6147a4dea2d68cef4566f5c2ecaf Author: Lucas De Marchi Date: Fri Jul 26 18:59:05 2024 -0700 drm/xe/rtp: Simplify marking active workarounds Stop doing the calculation both in rtp_mark_active() and in its caller. The caller easily knows the number of entries to mark, so just pass it forward. That also simplifies rtp_mark_active() since now it doesn't have a special case when handling 1 entry. Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/20240727015907.899192-7-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit 6da8acfdb6e1aa72787efb733e3af9e9e0c57b9a Author: Lucas De Marchi Date: Fri Jul 26 18:59:04 2024 -0700 drm/xe/kunit: Test rtp with no actions The OOB WAs use xe_rtp_process(), without passing an sr to save result of the actions since there are none. They are also executed in a gt-only context, making it harder to share the implementation. Thus, introduce a new set of tests to check these RTP entries. The only check that can be done is if the entry was marked as active. Before commit fd6797ec50c5 ("drm/xe/rtp: Fix off-by-one when processing rules") several of these tests were failing: the processing of OR'ed entries would make the subsequent entry to be inadvertently enabled. Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/20240727015907.899192-6-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit 9eab82c38d0184289ffea56477daca8425758442 Author: Lucas De Marchi Date: Fri Jul 26 18:59:03 2024 -0700 drm/xe/kunit: Rename rtp test cases Those tests check the behavior of xe_rtp_process_to_sr(), so name them accordingly to allow adding tests for xe_rtp_process() later. Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/20240727015907.899192-5-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit d93a4fec186c106115d0b3165047dd06f2c1aaab Author: Lucas De Marchi Date: Fri Jul 26 18:59:02 2024 -0700 drm/xe/kunit: Test active rtp entries Enabling active tracking in the rtp context and check for all the tests the expected entries become active. Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/20240727015907.899192-4-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit 20c3a0241b5c15c0d64929cba04653d5556b7d5d Author: Lucas De Marchi Date: Fri Jul 26 18:59:01 2024 -0700 drm/xe/kunit: Rename count to count_sr_entries The RTP tests check both the result of processing the RTP entries and the outcome saved as SR entries. Rename "count" to be explicit about what's being counted. Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/20240727015907.899192-3-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit e525473fd5b7202ae751316799ed759bfaaf02bc Author: Lucas De Marchi Date: Fri Jul 26 18:59:00 2024 -0700 drm/xe/kunit: Test WAs for BMG Add one variant for BMG to make sure the workarounds do not conflict. This matches the machine with BMG in CI: BATTLEMAGE e20b:0000 dgfx:1 gfx:Xe2_LPG / Xe2_HPG (20.01) media:Xe2_LPM / Xe2_HPM (13.01) display:yes dma_m_s:46 tc:1 gscfi:0 cscfi:1 Stepping = (G:A0, M:A1, D:**, B:**) Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/20240727015907.899192-2-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit 7216311681e7f53845c790945a05a61cbbf471fc Author: Marek Vasut Date: Tue Jul 23 15:27:11 2024 +0200 PCI: tegra: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-12-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam Acked-by: Thomas Gleixner commit 57d1992b396d5dbbc70b938c15a10d9d3469c48d Author: Marek Vasut Date: Tue Jul 23 15:27:10 2024 +0200 PCI: rcar-host: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-11-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam Acked-by: Thomas Gleixner commit e934abaac09692201d109b094a01b3dea3915382 Author: Marek Vasut Date: Tue Jul 23 15:27:09 2024 +0200 PCI: plda: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-10-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam Acked-by: Thomas Gleixner commit 2a1297ead0694c54e6997fe89f71b10e144d5540 Author: Marek Vasut Date: Tue Jul 23 15:27:08 2024 +0200 PCI: mobiveil: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-9-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam Acked-by: Thomas Gleixner commit 63e4794cde79c2724f9c02abe8a46be70a5b90df Author: Marek Vasut Date: Tue Jul 23 15:27:07 2024 +0200 PCI: mediatek: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-8-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam Acked-by: Jianjun Wang Acked-by: Thomas Gleixner commit 425c07563f4cefdb4d521d1f1cf5990004a388fa Author: Marek Vasut Date: Tue Jul 23 15:27:06 2024 +0200 PCI: mediatek-gen3: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-7-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam Acked-by: Jianjun Wang Acked-by: Thomas Gleixner commit 363d53acbfd3ec0454349d1e312f600d3fa33285 Author: Marek Vasut Date: Tue Jul 23 15:27:05 2024 +0200 PCI: dwc: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-6-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Damien Le Moal Reviewed-by: Manivannan Sadhasivam Acked-by: Thomas Gleixner commit c7b10edde0f25edd74a84f51a195bdf3a634d473 Author: Marek Vasut Date: Tue Jul 23 15:27:04 2024 +0200 PCI: brcmstb: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-5-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Florian Fainelli Reviewed-by: Manivannan Sadhasivam Acked-by: Thomas Gleixner commit 114ca2969f1e4d4f3b6920a4824f11b0a9cf708a Author: Marek Vasut Date: Tue Jul 23 15:27:03 2024 +0200 PCI: altera-msi: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-4-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam Acked-by: Thomas Gleixner commit 4dff9c32ae066896a77c23628fb221c4cb9f5111 Author: Marek Vasut Date: Tue Jul 23 15:27:02 2024 +0200 PCI: aardvark: Silence 'set affinity failed' warning Use MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset and allows migrate_one_irq() to exit right away, without warnings like this: IRQ...: set affinity failed(-22) Remove the .irq_set_affinity() implementation that is no longer needed. Link: https://lore.kernel.org/r/20240723132958.41320-3-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Manivannan Sadhasivam Acked-by: Thomas Gleixner commit 5297bba507dc54045e6efeb9955c1271ca9aafe1 Author: Marek Vasut Date: Tue Jul 23 15:27:01 2024 +0200 genirq/msi: Silence 'set affinity failed' warning Various PCI controllers that mux MSIs onto a single IRQ line produce these "IRQ%d: set affinity failed" warnings when entering suspend. This has been discussed before [1] [2] and an example test case is included at the end of this commit message. Controller drivers that create MSI IRQ domain with MSI_FLAG_USE_DEF_CHIP_OPS and do not override the .irq_set_affinity() irqchip callback get assigned the default msi_domain_set_affinity() callback. That is not desired on controllers where it is not possible to set affinity of each MSI IRQ line to a specific CPU core due to hardware limitation. Introduce flag MSI_FLAG_NO_AFFINITY, which keeps .irq_set_affinity() unset if the controller driver did not assign it. This way, migrate_one_irq() can exit right away, without printing the warning. The .irq_set_affinity() implementations which only return -EINVAL can be removed from multiple controller drivers. $ grep 25 /proc/interrupts 25: 0 0 0 0 0 0 0 0 PCIe MSI 0 Edge PCIe PME $ echo core > /sys/power/pm_test ; echo mem > /sys/power/state ... Disabling non-boot CPUs ... IRQ25: set affinity failed(-22). <---------- This is being silenced here psci: CPU7 killed (polled 4 ms) ... [1] https://lore.kernel.org/all/d4a6eea3c5e33a3a4056885419df95a7@kernel.org/ [2] https://lore.kernel.org/all/5f4947b18bf381615a37aa81c2242477@kernel.org/ Link: https://lore.kernel.org/r/20240723132958.41320-2-marek.vasut+renesas@mailbox.org Signed-off-by: Marek Vasut [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas Reviewed-by: Damien Le Moal Reviewed-by: Manivannan Sadhasivam Acked-by: Thomas Gleixner commit e620b496c78706bb71691502e0381eb344afeaea Author: Shenghao Ding Date: Tue Jul 16 14:41:17 2024 +0800 ASoC: tas2781: Add TAS2563 into the Header Add TAS2563 into the Header in case of misunderstanding and add channel No information for error debug in tasdevice_dev_read. Signed-off-by: Shenghao Ding Link: https://patch.msgid.link/20240716064120.158-1-shenghao-ding@ti.com Signed-off-by: Mark Brown commit 5cb7651f78e1b98f94d2a65d72a2375301e3623f Merge: 50ac44c768756d 9cabf4a487cd40 Author: Mark Brown Date: Mon Jul 29 17:03:16 2024 +0100 Marvell HW overlay support for Cadence xSPI Merge series from Witold Sadowski : This patch series adds support for the second version of the Marvell hardware overlay for the Cadence xSPI IP block. The overlay is a hardware change made around the original xSPI block. It extends xSPI features with clock configuration, interrupt masking, and full-duplex, variable-length SPI operations. These functionalities allow the xSPI block to operate not only with memory devices but also with simple SPI devices and TPM devices. Example ACPI entry: Device (SPI0) { Name (_HID, "PRP0001") // ACPI_DT_NAMESPACE_HID Name (_UID, 0) Name (_DDN, "SPI controller 0") Name (_CCA, ONE) Method (_STA) {Return (0xF)} Name (_CRS, ResourceTemplate() { QWordMemory ( ResourceConsumer,// ResourceUsage PosDecode, // Decode MinFixed, // MinType MaxFixed, // MaxType NonCacheable, // MemType ReadWrite, // ReadWriteType 0, // AddressGranularity 0x804000000000, // MinAddress 0x804000001037, // MaxAddress 0, // AddressTranslation 0x1038) // AddressLength QWordMemory ( ResourceConsumer,// ResourceUsage PosDecode, // Decode MinFixed, // MinType MaxFixed, // MaxType NonCacheable, // MemType ReadWrite, // ReadWriteType 0, // AddressGranularity 0x804010000000, // MinAddress 0x804010000007, // MaxAddress 0, // AddressTranslation 0x8) // AddressLength QWordMemory ( ResourceConsumer,// ResourceUsage PosDecode, // Decode MinFixed, // MinType MaxFixed, // MaxType NonCacheable, // MemType ReadWrite, // ReadWriteType 0, // AddressGranularity 0x804000002000, // MinAddress 0x804000004027, // MaxAddress 0, // AddressTranslation 0x2028) // AddressLength QWordMemory ( ResourceConsumer,// ResourceUsage PosDecode, // Decode MinFixed, // MinType MaxFixed, // MaxType NonCacheable, // MemType ReadWrite, // ReadWriteType 0, // AddressGranularity 0x804000008000, // MinAddress 0x804000008237, // MaxAddress 0, // AddressTranslation 0x238) // AddressLength Interrupt(ResourceConsumer, Edge, ActiveHigh, Exclusive) { 0x7A } }) Name (_DSD, Package() { ToUUID("daffd814-6eba-4d8c-8a91-bc9bbf4aa301"), Package () { Package () { "compatible", "marvell,cn10-xspi-nor"}, Package () { "reg", 0x8040}, } }) } // SPI0 commit 7803693988412380be095d228fb7b61f2d80e7c2 Merge: d0296adb0db134 a9d843e6b231e5 Author: Mark Brown Date: Mon Jul 29 17:03:08 2024 +0100 ASoC: codecs: wsa88xx and wcd93xx: Soundwire port Merge series from Krzysztof Kozlowski : Few cleanups to make the code more robust or readable. No functional impact (compiled objects stay the same). commit d0296adb0db13467408d6594de2a46faf0f98f8f Merge: 2e08bba3a83cc3 7eb62acd43c929 Author: Mark Brown Date: Mon Jul 29 17:03:00 2024 +0100 ASoC: codecs: wsa88xx: Few cleanups Merge series from Krzysztof Kozlowski : A few cleanups around wsa88xx codecs. commit 2e08bba3a83cc311115519f5fcb294005e4230a5 Merge: 275d57ae441f34 2cc719983603f0 Author: Mark Brown Date: Mon Jul 29 17:02:53 2024 +0100 Add HDMI Audio support Merge series from Biju Das : This patch series aims to add HDMI audio support for RZ/{G2L,G2LC,V2L} SMARC EVKs. commit 50ac44c768756dfa08766f8d5a7bc85fe6bcc068 Merge: 5972eb05ca322b 96472f18a4affd Author: Mark Brown Date: Mon Jul 29 16:48:44 2024 +0100 Add support for AD4000 series of ADCs Merge series from Marcelo Schmitt : This patch series extends the SPI bitbang, gpio, and spi-engine controllers to support configurable MOSI line idle states. It then introduces the ad4000 driver which uses the MOSI idle configuration to provide improved support for the AD4000 series of ADCs. Documentation is added describing the new extension to the SPI protocol. The currently supported wiring modes for AD4000 devices were documented under IIO documentation directory. Change log v6 -> v7: [Device tree] No changes to device tree from v6 to v7. [SPI] spi.c: Removed blank line added in code not related to MOSI idle feature. spi: bitbang: Rewrapped commit message. spi: bitbang: Rebased bitbang patch on top of spi for-next branch. [IIO] ad4000: Checked gain-milli read from dt and made it match one of supported gains or fail. ad4000: Added blank lines to improve code readability. ad4000: return 0; when known that no errors occurred. Link to v6: https://lore.kernel.org/linux-iio/cover.1719686465.git.marcelo.schmitt@analog.com/ Link to v5: https://lore.kernel.org/linux-iio/cover.1719351923.git.marcelo.schmitt@analog.com/ Link to v4: https://lore.kernel.org/linux-iio/cover.1718749981.git.marcelo.schmitt@analog.com/ Link to v3: https://lore.kernel.org/linux-iio/cover.1717539384.git.marcelo.schmitt@analog.com/ Link to v2: https://lore.kernel.org/linux-iio/cover.1712585500.git.marcelo.schmitt@analog.com/ Link to v1: https://lore.kernel.org/linux-iio/cover.1711131830.git.marcelo.schmitt@analog.com/ Prerequisite patches to apply this series to IIO testing branch: c3358a746e078d0f9048732c90fdab4f37c00e0d "spi: bitbang: Convert unsigned to unsigned int" https://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi.git/commit/?id=c3358a746e078d0f9048732c90fdab4f37c00e0d f261172d39f358dcecce13c310690d3937e0cca6 "spi: bitbang: Use typedef for txrx_*() callbacks" https://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi.git/commit/?id=f261172d39f358dcecce13c310690d3937e0cca6 6ecdb0aa4dca62d236a659426e11e6cf302e8f18 "spi: axi-spi-engine: Add SPI_CS_HIGH support" https://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi.git/commit/?h=for-6.11&id=6ecdb0aa4dca62d236a659426e11e6cf302e8f18 Prerequisite patches to apply the series to SPI for-next brach: ef60f9ca26d33d0f8e1a709771c61d3e96f64559 "docs: iio: add documentation for adis16480 driver" https://git.kernel.org/pub/scm/linux/kernel/git/jic23/iio.git/commit/?h=testing&id=ef60f9ca26d33d0f8e1a709771c61d3e96f64559 Thanks, Marcelo Marcelo Schmitt (7): spi: Enable controllers to extend the SPI protocol with MOSI idle configuration spi: bitbang: Implement support for MOSI idle state configuration spi: spi-gpio: Add support for MOSI idle state configuration spi: spi-axi-spi-engine: Add support for MOSI idle configuration dt-bindings: iio: adc: Add AD4000 iio: adc: Add support for AD4000 Documentation: Add AD4000 documentation .../bindings/iio/adc/adi,ad4000.yaml | 197 +++++ Documentation/iio/ad4000.rst | 131 ++++ Documentation/iio/index.rst | 1 + Documentation/spi/spi-summary.rst | 83 ++ MAINTAINERS | 9 + drivers/iio/adc/Kconfig | 12 + drivers/iio/adc/Makefile | 1 + drivers/iio/adc/ad4000.c | 722 ++++++++++++++++++ drivers/spi/spi-axi-spi-engine.c | 15 +- drivers/spi/spi-bitbang.c | 24 + drivers/spi/spi-gpio.c | 12 +- drivers/spi/spi.c | 6 + include/linux/spi/spi_bitbang.h | 1 + include/uapi/linux/spi/spi.h | 5 +- 14 files changed, 1213 insertions(+), 6 deletions(-) create mode 100644 Documentation/devicetree/bindings/iio/adc/adi,ad4000.yaml create mode 100644 Documentation/iio/ad4000.rst create mode 100644 drivers/iio/adc/ad4000.c base-commit: 986da024b99a72e64f6bdb3f3f0e52af024b1f50 prerequisite-patch-id: 76a35c35c2af889be2ff20052da02df561b3d71b prerequisite-patch-id: ce5abb83d4f04e72c69d0df4ded79077065cd649 prerequisite-patch-id: b30f54a92e47dbad33ca7450089c7b19610e9cf2 -- 2.43.0 commit 8749919defb874d6deabfbef24c4901d9ec76583 Author: Peng Fan Date: Fri Jul 19 16:36:14 2024 +0800 remoteproc: imx_rproc: Merge TCML/U Merge contiguous TCML/U regions into one to avoid load elf files which has large sections failure. Reviewed-by: Iuliana Prodan Signed-off-by: Peng Fan Reviewed-by: Daniel Baluta Link: https://lore.kernel.org/r/20240719-imx_rproc-v2-4-10d0268c7eb1@nxp.com Signed-off-by: Mathieu Poirier commit 858e57c1d3dd7b92cc0fa692ba130a0a5d57e49d Author: Peng Fan Date: Fri Jul 19 16:36:13 2024 +0800 remoteproc: imx_rproc: Initialize workqueue earlier Initialize workqueue before requesting mailbox channel, otherwise if mailbox interrupt comes before workqueue ready, the imx_rproc_rx_callback will trigger issue. Fixes: 2df7062002d0 ("remoteproc: imx_proc: enable virtio/mailbox") Signed-off-by: Peng Fan Reviewed-by: Daniel Baluta Link: https://lore.kernel.org/r/20240719-imx_rproc-v2-3-10d0268c7eb1@nxp.com Signed-off-by: Mathieu Poirier commit e954a1bd16102abc800629f9900715d8ec4c3130 Author: Peng Fan Date: Fri Jul 19 16:36:12 2024 +0800 remoteproc: imx_rproc: Use imx specific hook for find_loaded_rsc_table If there is a resource table device tree node, use the address as the resource table address, otherwise use the address(where .resource_table section loaded) inside the Cortex-M elf file. And there is an update in NXP SDK that Resource Domain Control(RDC) enabled to protect TCM, linux not able to write the TCM space when updating resource table status and cause kernel dump. So use the address from device tree could avoid kernel dump. Note: NXP M4 SDK not check resource table update, so it does not matter use whether resource table address specified in elf file or in device tree. But to reflect the fact that if people specific resource table address in device tree, it means people are aware and going to use it, not the address specified in elf file. Reviewed-by: Iuliana Prodan Signed-off-by: Peng Fan Reviewed-by: Daniel Baluta Link: https://lore.kernel.org/r/20240719-imx_rproc-v2-2-10d0268c7eb1@nxp.com Signed-off-by: Mathieu Poirier commit c901f817792822eda9cec23814a4621fa3e66695 Author: Peng Fan Date: Fri Jul 19 16:36:11 2024 +0800 remoteproc: imx_rproc: Correct ddr alias for i.MX8M The DDR Alias address should be 0x40000000 according to RM, so correct it. Fixes: 4ab8f9607aad ("remoteproc: imx_rproc: support i.MX8MQ/M") Reported-by: Terry Lv Reviewed-by: Iuliana Prodan Signed-off-by: Peng Fan Reviewed-by: Daniel Baluta Link: https://lore.kernel.org/r/20240719-imx_rproc-v2-1-10d0268c7eb1@nxp.com Signed-off-by: Mathieu Poirier commit ddb869ea237eb4e1c882c8768675fad53623b062 Author: Diogo Ivo Date: Thu Jul 4 12:31:26 2024 +0100 memory: tegra: Rework update_clock_tree_delay() Further streamline this function by moving the delay post-processing to the callers, leaving it only with the task of returning the measured delay values. Signed-off-by: Diogo Ivo Link: https://lore.kernel.org/r/20240704-tegra210_emcfreq-v4-7-3e450503c555@tecnico.ulisboa.pt Signed-off-by: Krzysztof Kozlowski commit b109656e9ca399d6899152eb40efac2bdd3b4202 Author: Diogo Ivo Date: Thu Jul 4 12:31:25 2024 +0100 memory: tegra: Move compare/update current delay values to a function Separate the comparison/updating of the measured delay values with the values currently programmed into a separate function to simplify the code. Signed-off-by: Diogo Ivo Link: https://lore.kernel.org/r/20240704-tegra210_emcfreq-v4-6-3e450503c555@tecnico.ulisboa.pt Signed-off-by: Krzysztof Kozlowski commit adc720820f963047210efc4fe1c1ff068b4bd773 Author: Diogo Ivo Date: Thu Jul 4 12:31:24 2024 +0100 memory: tegra: Loop update_clock_tree_delay() As the current form of this function in a completely unrolled loop over the RAM channels roll it up two levels to improve readability. Signed-off-by: Diogo Ivo Link: https://lore.kernel.org/r/20240704-tegra210_emcfreq-v4-5-3e450503c555@tecnico.ulisboa.pt Signed-off-by: Krzysztof Kozlowski commit a238f62b3666558f38d8abf688d0fecf4ccb48ee Author: Diogo Ivo Date: Thu Jul 4 12:31:23 2024 +0100 memory: tegra: Change macros to interpret parameter as integer Convert the macros that manipulate the delay values to interpret their index parameter as an integer to allow the introduction of loops. Signed-off-by: Diogo Ivo Link: https://lore.kernel.org/r/20240704-tegra210_emcfreq-v4-4-3e450503c555@tecnico.ulisboa.pt Signed-off-by: Krzysztof Kozlowski commit c5f83622ccd0158cf16c6be8ba56f178c99776a5 Author: Diogo Ivo Date: Thu Jul 4 12:31:22 2024 +0100 memory: tegra: Reword and correct comments Fix incorrect comment on periodic_compensation_handler() as the call update_clock_tree_delay() with DVFS_UPDATE is responsible for dividing the samples accumulated up to that point and comparing the computed values with the currently programmed ones. While at it fix the indentation of a nearby comment. Signed-off-by: Diogo Ivo Link: https://lore.kernel.org/r/20240704-tegra210_emcfreq-v4-3-3e450503c555@tecnico.ulisboa.pt Signed-off-by: Krzysztof Kozlowski commit 7b4dcb8888e1660d590ec13463ba71ec5bbf6333 Author: Diogo Ivo Date: Thu Jul 4 12:31:21 2024 +0100 memory: tegra: Move DQSOSC measurement to common place Move the calls that instruct the RAM to capture its clock tree delays to update_clock_tree_delay() in order to avoid code duplication. Signed-off-by: Diogo Ivo Link: https://lore.kernel.org/r/20240704-tegra210_emcfreq-v4-2-3e450503c555@tecnico.ulisboa.pt Signed-off-by: Krzysztof Kozlowski commit 649f4783dcda7400bbed866140df504d09a3b135 Author: Diogo Ivo Date: Thu Jul 4 12:31:20 2024 +0100 memory: tegra: Remove periodic compensation duplicate calls Prior to calling periodic_compensation_handler() the code is doing one extra DRAM delay reading which is unnecessary as this is already done in periodic_compensation_handler(), so remove these extra calls. Signed-off-by: Diogo Ivo Link: https://lore.kernel.org/r/20240704-tegra210_emcfreq-v4-1-3e450503c555@tecnico.ulisboa.pt Signed-off-by: Krzysztof Kozlowski commit 7657d7c96657179d002817d5ec2a1d4c84f21cdb Author: Matt Roper Date: Fri Jul 26 10:17:58 2024 -0700 drm/xe/migrate: Future-proof compressed PAT check Although all current Xe2 platforms support FlatCCS, we probably shouldn't assume that will be universally true forever. In the past we've had platforms like PVC that didn't support compression, and the same could show up again at some point in the future. Future-proof the migration code by adding an explicit check for FlatCCS support to the condition that decides whether to use a compressed PAT index for migration. While we're at it, we can drop the IS_DGFX check since it's redundant with the src_is_vram check (only dGPUs have VRAM). Cc: Akshata Jahagirdar Cc: Lucas De Marchi Signed-off-by: Matt Roper Reviewed-by: Akshata Jahagirdar Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240726171757.2728819-2-matthew.d.roper@intel.com commit 6f4e43a2f771b737d991142ec4f6d4b7ff31fbb4 Author: Lucas De Marchi Date: Wed Jul 24 14:53:09 2024 -0700 drm/xe: Fix opregion leak Being part o the display, ideally the setup and cleanup would be done by display itself. However this is a bigger refactor that needs to be done on both i915 and xe. For now, just fix the leak: unreferenced object 0xffff8881a0300008 (size 192): comm "modprobe", pid 4354, jiffies 4295647021 hex dump (first 32 bytes): 00 00 87 27 81 88 ff ff 18 80 9b 00 00 c9 ff ff ...'............ 18 81 9b 00 00 c9 ff ff 00 00 00 00 00 00 00 00 ................ backtrace (crc 99260e31): [] kmemleak_alloc+0x4b/0x80 [] kmalloc_trace_noprof+0x312/0x3d0 [] intel_opregion_setup+0x89/0x700 [xe] [] xe_display_init_noirq+0x2f/0x90 [xe] [] xe_device_probe+0x7a3/0xbf0 [xe] [] xe_pci_probe+0x333/0x5b0 [xe] [] local_pci_probe+0x48/0xb0 [] pci_device_probe+0xc8/0x280 [] really_probe+0xf8/0x390 [] __driver_probe_device+0x8a/0x170 [] driver_probe_device+0x23/0xb0 [] __driver_attach+0xc7/0x190 [] bus_for_each_dev+0x7d/0xd0 [] driver_attach+0x1e/0x30 [] bus_add_driver+0x117/0x250 Fixes: 44e694958b95 ("drm/xe/display: Implement display support") Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240724215309.644423-1-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit adac147c6a32e2919cb04555387e12e738991a19 Author: Jerome Brunet Date: Fri Jul 19 11:42:26 2024 +0200 clk: meson: introduce symbol namespace for amlogic clocks Symbols exported by the Amlogic clock modules are only meant to be used by Amlogic clock controller drivers. Using a dedicated symbols namespace make that clear and help clean the global namespace of symbols other modules do no need. Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240719094228.3985595-1-jbrunet@baylibre.com Signed-off-by: Jerome Brunet commit 4cb834703c6434c1f59156ed7b358cefaff13782 Author: Jerome Brunet Date: Fri Jul 19 11:39:32 2024 +0200 clk: meson: axg-audio: add sm1 earcrx clocks Add CMDC, DMAC and peripheral clocks for the eARC RX device found on the sm1 SoC family Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240719093934.3985139-4-jbrunet@baylibre.com Signed-off-by: Jerome Brunet commit dd8ab39a8b418801b05d97c3b92839ed5f18b74a Author: Jerome Brunet Date: Fri Jul 19 11:39:31 2024 +0200 clk: meson: axg-audio: setup regmap max_register based on the SoC The register region of axg-audio tends to grow with the addition of new supported SoC. Mapping slightly more has not been causing problem so far but it is not viable to continue like this long term. Setup the max register based on what is necessary on the related SoC. Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240719093934.3985139-3-jbrunet@baylibre.com Signed-off-by: Jerome Brunet commit cbf4d3981cac6e7f63e2574ccc0fb21abdc16c1b Merge: 66e72a01b60ae6 02672e609fa93d Author: Jerome Brunet Date: Mon Jul 29 16:46:26 2024 +0200 Merge branch 'v6.12/bindings' into clk-meson-next * v6.12/bindings: dt-bindings: clock: axg-audio: add earcrx clock ids commit 02672e609fa93dd5835783830bf18387916a077a Author: Jerome Brunet Date: Fri Jul 19 11:39:30 2024 +0200 dt-bindings: clock: axg-audio: add earcrx clock ids Add clock IDs for the eARC Rx device found on sm1 SoCs Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240719093934.3985139-2-jbrunet@baylibre.com Signed-off-by: Jerome Brunet commit 66e72a01b60ae6950ddbb3585fdc1424d303e14b Merge: 3d0e8b6edd6b08 8400291e289ee6 Author: Jerome Brunet Date: Mon Jul 29 16:32:02 2024 +0200 Merge tag 'v6.11-rc1' into clk-meson-next Linux 6.11-rc1 commit 9b6ad6a0115e9a35da65abdc973b80539f983c26 Author: Takashi Sakamoto Date: Mon Jul 29 22:46:31 2024 +0900 firewire: core: use common helper function to serialize phy configuration packet A common helper function is available to serialize the first quadlet of phy configuration packet. This commit is for the purpose. Link: https://lore.kernel.org/r/20240729134631.127189-4-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit faa11b99c90f6faaaa7d6581b8ffd09abf3e9ce5 Author: Takashi Sakamoto Date: Mon Jul 29 22:46:30 2024 +0900 firewire: ohci: minor code refactoring to localize text table The string table for tcode is just used by log_ar_at_event(). In the case, it is suitable to move the table inner the function definition. This commit is for the purpose. Additionally, the hard-coded value for tcode is replaced with defined macros as many as possible. Link: https://lore.kernel.org/r/20240729134631.127189-3-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit 568a8cbb3d4da609a799920c761b2cdb7e583839 Author: Takashi Sakamoto Date: Mon Jul 29 22:46:29 2024 +0900 firewire: ohci: use TCODE_LINK_INTERNAL consistently In IEEE 1394 specification, 0x0e in tcode field is reserved for internal purpose depending on link layer. In 1394 OHCI specification, it is used to express phy packet in AT/AR contexts. Current implementation of 1394 OHCI driver has several macros for the code. They can be simply replaced with a macro in core code. This commit obsoletes the macros. Link: https://lore.kernel.org/r/20240729134631.127189-2-o-takashi@sakamocchi.jp Signed-off-by: Takashi Sakamoto commit a6ed988ecdffb2680a65f142acfe3271e6c04ab4 Author: Jani Nikula Date: Mon Jul 29 15:36:24 2024 +0300 drm/nouveau: remove unused variable ret Fix build with CONFIG_NOUVEAU_PLATFORM_DRIVER enabled: ../drivers/gpu/drm/nouveau/nouveau_platform.c: In function ‘nouveau_platform_probe’: ../drivers/gpu/drm/nouveau/nouveau_platform.c:29:13: error: unused variable ‘ret’ [-Werror=unused-variable] 29 | int ret; | ^~~ Fixes: 961ae5f9807b ("drm/nouveau: handle pci/tegra drm_dev_{alloc, register} from common code") Cc: Ben Skeggs Cc: Danilo Krummrich Signed-off-by: Jani Nikula Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240729123624.868907-1-jani.nikula@intel.com commit 2d0c7ae784b487343b4813db9cb133ca51c674c3 Author: Peter Griffin Date: Fri Jun 28 23:35:04 2024 +0100 arm64: dts: exynos: gs101: add syscon-poweroff and syscon-reboot nodes Reboot of gs101 SoC can be handled by setting the bit(SWRESET_SYSTEM[1]) of SYSTEM_CONFIGURATION register(PMU + 0x3a00). Poweroff of gs101 SoC can be handled by setting bit(DATA[8]) of PAD_CTRL_PWR_HOLD register (PMU + 0x3e9c). Tested using "reboot" and "poweroff -p" commands. Tested-by: Will McVicker Signed-off-by: Peter Griffin Reviewed-by: Will McVicker Link: https://lore.kernel.org/r/20240628223506.1237523-3-peter.griffin@linaro.org Signed-off-by: Krzysztof Kozlowski commit d281814b8f7a710a75258da883fb0dfe1329c031 Author: David Virag Date: Sat Jul 13 19:58:32 2024 +0200 arm64: dts: exynos: exynos7885-jackpotlte: Correct RAM amount to 4GB All known jackpotlte variants have 4GB of RAM, let's use it all. RAM was set to 3GB from a mistake in the vendor provided DTS file. Fixes: 06874015327b ("arm64: dts: exynos: Add initial device tree support for Exynos7885 SoC") Signed-off-by: David Virag Reviewed-by: Sam Protsenko Link: https://lore.kernel.org/r/20240713180607.147942-3-virag.david003@gmail.com Signed-off-by: Krzysztof Kozlowski commit c652cfd1d31ebcb54fba1fc19dcd8691c5ba9474 Author: Uwe Kleine-König Date: Mon Jul 8 17:25:30 2024 +0200 ARM: s3c: Drop explicit initialization of struct i2c_device_id::driver_data to 0 The wlf-gf-module driver doesn't use the driver_data member of struct i2c_device_id, so don't explicitly initialize this member. This prepares putting driver_data in an anonymous union which requires either no initialization or named designators. But it's also a nice cleanup on its own. Signed-off-by: Uwe Kleine-König Link: https://lore.kernel.org/r/20240708152530.19306-2-u.kleine-koenig@baylibre.com Signed-off-by: Krzysztof Kozlowski commit cea5a3472ac43f18590e1bd6b842f808347a810c Author: Peter Zijlstra Date: Fri Jul 26 16:27:04 2024 +0200 sched/fair: Cleanup fair_server The throttle interaction made my brain hurt, make it consistently about 0 transitions of h_nr_running. Signed-off-by: Peter Zijlstra (Intel) commit 5f6bd380c7bdbe10f7b4e8ddcceed60ce0714c6d Author: Peter Zijlstra Date: Mon May 27 14:06:55 2024 +0200 sched/rt: Remove default bandwidth control Now that fair_server exists, we no longer need RT bandwidth control unless RT_GROUP_SCHED. Enable fair_server with parameters equivalent to RT throttling. Signed-off-by: Peter Zijlstra (Intel) Signed-off-by: "Peter Zijlstra (Intel)" Signed-off-by: Daniel Bristot de Oliveira Signed-off-by: "Vineeth Pillai (Google)" Signed-off-by: Peter Zijlstra (Intel) Tested-by: Juri Lelli Link: https://lore.kernel.org/r/14d562db55df5c3c780d91940743acb166895ef7.1716811044.git.bristot@kernel.org commit c8a85394cfdb4696b4e2f8a0f3066a1c921af426 Author: Joel Fernandes (Google) Date: Mon May 27 14:06:54 2024 +0200 sched/core: Fix picking of tasks for core scheduling with DL server * Use simple CFS pick_task for DL pick_task DL server's pick_task calls CFS's pick_next_task_fair(), this is wrong because core scheduling's pick_task only calls CFS's pick_task() for evaluation / checking of the CFS task (comparing across CPUs), not for actually affirmatively picking the next task. This causes RB tree corruption issues in CFS that were found by syzbot. * Make pick_task_fair clear DL server A DL task pick might set ->dl_server, but it is possible the task will never run (say the other HT has a stop task). If the CFS task is picked in the future directly (say without DL server), ->dl_server will be set. So clear it in pick_task_fair(). This fixes the KASAN issue reported by syzbot in set_next_entity(). (DL refactoring suggestions by Vineeth Pillai). Reported-by: Suleiman Souhlal Signed-off-by: "Joel Fernandes (Google)" Signed-off-by: Daniel Bristot de Oliveira Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Vineeth Pillai Tested-by: Juri Lelli Link: https://lore.kernel.org/r/b10489ab1f03d23e08e6097acea47442e7d6466f.1716811044.git.bristot@kernel.org commit 4b26cfdd395638918e370f62bd2c33e6f63ffb5e Author: Joel Fernandes (Google) Date: Mon May 27 14:06:53 2024 +0200 sched/core: Fix priority checking for DL server picks In core scheduling, a DL server pick (which is CFS task) should be given higher priority than tasks in other classes. Not doing so causes CFS starvation. A kselftest is added later to demonstrate this. A CFS task that is competing with RT tasks can be completely starved without this and the DL server's boosting completely ignored. Fix these problems. Reported-by: Suleiman Souhlal Signed-off-by: "Joel Fernandes (Google)" Signed-off-by: Daniel Bristot de Oliveira Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Vineeth Pillai Tested-by: Juri Lelli Link: https://lore.kernel.org/r/48b78521d86f3b33c24994d843c1aad6b987dda9.1716811044.git.bristot@kernel.org commit d741f297bceaf52aa1b97b997708fc0cd853c73e Author: Daniel Bristot de Oliveira Date: Mon May 27 14:06:52 2024 +0200 sched/fair: Fair server interface Add an interface for fair server setup on debugfs. Each CPU has two files under /debug/sched/fair_server/cpu{ID}: - runtime: set runtime in ns - period: set period in ns This then leaves /proc/sys/kernel/sched_rt_{period,runtime}_us to set bounds on admission control. The interface also add the server to the dl bandwidth accounting. Signed-off-by: Daniel Bristot de Oliveira Signed-off-by: Peter Zijlstra (Intel) Tested-by: Juri Lelli Link: https://lore.kernel.org/r/a9ef9fc69bcedb44bddc9bc34f2b313296052819.1716811044.git.bristot@kernel.org commit a110a81c52a9de73e2e57e826dd3bf0fd4c22226 Author: Daniel Bristot de Oliveira Date: Mon May 27 14:06:51 2024 +0200 sched/deadline: Deferrable dl server Among the motivations for the DL servers is the real-time throttling mechanism. This mechanism works by throttling the rt_rq after running for a long period without leaving space for fair tasks. The base dl server avoids this problem by boosting fair tasks instead of throttling the rt_rq. The point is that it boosts without waiting for potential starvation, causing some non-intuitive cases. For example, an IRQ dispatches two tasks on an idle system, a fair and an RT. The DL server will be activated, running the fair task before the RT one. This problem can be avoided by deferring the dl server activation. By setting the defer option, the dl_server will dispatch an SCHED_DEADLINE reservation with replenished runtime, but throttled. The dl_timer will be set for the defer time at (period - runtime) ns from start time. Thus boosting the fair rq at defer time. If the fair scheduler has the opportunity to run while waiting for defer time, the dl server runtime will be consumed. If the runtime is completely consumed before the defer time, the server will be replenished while still in a throttled state. Then, the dl_timer will be reset to the new defer time If the fair server reaches the defer time without consuming its runtime, the server will start running, following CBS rules (thus without breaking SCHED_DEADLINE). Then the server will continue the running state (without deferring) until it fair tasks are able to execute as regular fair scheduler (end of the starvation). Signed-off-by: Daniel Bristot de Oliveira Signed-off-by: Peter Zijlstra (Intel) Tested-by: Juri Lelli Link: https://lore.kernel.org/r/dd175943c72533cd9f0b87767c6499204879cc38.1716811044.git.bristot@kernel.org commit 557a6bfc662c4d560f909b78adb1270c9862efa8 Author: Peter Zijlstra Date: Mon May 27 14:06:50 2024 +0200 sched/fair: Add trivial fair server Use deadline servers to service fair tasks. This patch adds a fair_server deadline entity which acts as a container for fair entities and can be used to fix starvation when higher priority (wrt fair) tasks are monopolizing CPU(s). Signed-off-by: Peter Zijlstra (Intel) Signed-off-by: Daniel Bristot de Oliveira Signed-off-by: Peter Zijlstra (Intel) Tested-by: Juri Lelli Link: https://lore.kernel.org/r/b6b0bcefaf25391bcf5b6ecdb9f1218de402d42e.1716811044.git.bristot@kernel.org commit a741b82423f41501e301eb6f9820b45ca202e877 Author: Youssef Esmat Date: Mon May 27 14:06:49 2024 +0200 sched/core: Clear prev->dl_server in CFS pick fast path In case the previous pick was a DL server pick, ->dl_server might be set. Clear it in the fast path as well. Fixes: 63ba8422f876 ("sched/deadline: Introduce deadline servers") Signed-off-by: Youssef Esmat Signed-off-by: Daniel Bristot de Oliveira Signed-off-by: Peter Zijlstra (Intel) Tested-by: Juri Lelli Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/7f7381ccba09efcb4a1c1ff808ed58385eccc222.1716811044.git.bristot@kernel.org commit c245910049d04fbfa85bb2f5acd591c24e9907c7 Author: Joel Fernandes (Google) Date: Mon May 27 14:06:48 2024 +0200 sched/core: Add clearing of ->dl_server in put_prev_task_balance() Paths using put_prev_task_balance() need to do a pick shortly after. Make sure they also clear the ->dl_server on prev as a part of that. Fixes: 63ba8422f876 ("sched/deadline: Introduce deadline servers") Signed-off-by: "Joel Fernandes (Google)" Signed-off-by: Daniel Bristot de Oliveira Signed-off-by: Peter Zijlstra (Intel) Tested-by: Juri Lelli Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/d184d554434bedbad0581cb34656582d78655150.1716811044.git.bristot@kernel.org commit f23c042ce34ba265cf3129d530702b5d218e3f4b Author: Daniel Bristot de Oliveira Date: Mon May 27 14:06:47 2024 +0200 sched/deadline: Comment sched_dl_entity::dl_server variable Add an explanation for the newly added variable. Fixes: 63ba8422f876 ("sched/deadline: Introduce deadline servers") Signed-off-by: Daniel Bristot de Oliveira Signed-off-by: Peter Zijlstra (Intel) Tested-by: Juri Lelli Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/147f7aa8cb8fd925f36aa8059af6a35aad08b45a.1716811044.git.bristot@kernel.org commit faa42d29419def58d3c3e5b14ad4037f0af3b496 Author: Tianchen Ding Date: Wed Jun 26 10:35:05 2024 +0800 sched/fair: Make SCHED_IDLE entity be preempted in strict hierarchy Consider the following cgroup: root | ------------------------ | | normal_cgroup idle_cgroup | | SCHED_IDLE task_A SCHED_NORMAL task_B According to the cgroup hierarchy, A should preempt B. But current check_preempt_wakeup_fair() treats cgroup se and task separately, so B will preempt A unexpectedly. Unify the wakeup logic by {c,p}se_is_idle only. This makes SCHED_IDLE of a task a relative policy that is effective only within its own cgroup, similar to the behavior of NICE. Also fix se_is_idle() definition when !CONFIG_FAIR_GROUP_SCHED. Fixes: 304000390f88 ("sched: Cgroup SCHED_IDLE support") Signed-off-by: Tianchen Ding Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Josh Don Reviewed-by: Vincent Guittot Link: https://lkml.kernel.org/r/20240626023505.1332596-1-dtcccc@linux.alibaba.com commit a58501fb8320d6232507f722b4c9dcd4e03362ee Author: Phil Auld Date: Wed May 15 09:37:05 2024 -0400 sched: remove HZ_BW feature hedge As a hedge against unexpected user issues commit 88c56cfeaec4 ("sched/fair: Block nohz tick_stop when cfs bandwidth in use") included a scheduler feature to disable the new functionality. It's been a few releases (v6.6) and no screams, so remove it. Signed-off-by: Phil Auld Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Valentin Schneider Link: https://lore.kernel.org/r/20240515133705.3632915-1-pauld@redhat.com commit 2c2d9624697fc5e7dd84490ae01b80cc43ec2def Author: Chuyi Zhou Date: Wed Jul 17 22:33:42 2024 +0800 sched/fair: Remove cfs_rq::nr_spread_over and cfs_rq::exec_clock nr_spread_over tracks the number of instances where the difference between a scheduling entity's virtual runtime and the minimum virtual runtime in the runqueue exceeds three times the scheduler latency, indicating significant disparity in task scheduling. Commit that removed its usage: 5e963f2bd: sched/fair: Commit to EEVDF cfs_rq->exec_clock was used to account for time spent executing tasks. Commit that removed its usage: 5d69eca542ee1 sched: Unify runtime accounting across classes cfs_rq::nr_spread_over and cfs_rq::exec_clock are not used anymore in eevdf. Remove them from struct cfs_rq. Signed-off-by: Chuyi Zhou Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Chengming Zhou Reviewed-by: K Prateek Nayak Acked-by: Vishal Chourasia Link: https://lore.kernel.org/r/20240717143342.593262-1-zhouchuyi@bytedance.com commit 0ec8d5aed4d14055aab4e2746def33f8b0d409c3 Author: Peilin He Date: Tue Jul 16 10:42:44 2024 +0800 sched/core: Add WARN_ON_ONCE() to check overflow for migrate_disable() Background ========== When repeated migrate_disable() calls are made with missing the corresponding migrate_enable() calls, there is a risk of 'migration_disabled' going upper overflow because 'migration_disabled' is a type of unsigned short whose max value is 65535. In PREEMPT_RT kernel, if 'migration_disabled' goes upper overflow, it may make the migrate_disable() ineffective within local_lock_irqsave(). This is because, during the scheduling procedure, the value of 'migration_disabled' will be checked, which can trigger CPU migration. Consequently, the count of 'rcu_read_lock_nesting' may leak due to local_lock_irqsave() and local_unlock_irqrestore() occurring on different CPUs. Usecase ======== For example, When I developed a driver, I encountered a warning like "WARNING: CPU: 4 PID: 260 at kernel/rcu/tree_plugin.h:315 rcu_note_context_switch+0xa8/0x4e8" warning. It took me half a month to locate this issue. Ultimately, I discovered that the lack of upper overflow detection mechanism in migrate_disable() was the root cause, leading to a significant amount of time spent on problem localization. If the upper overflow detection mechanism was added to migrate_disable(), the root cause could be very quickly and easily identified. Effect ====== Using WARN_ON_ONCE() to check if 'migration_disabled' is upper overflow can help developers identify the issue quickly. Suggested-by: Peter Zijlstra Signed-off-by: Peilin He Signed-off-by: xu xin Signed-off-by: Peter Zijlstra (Intel) Reviewed-by: Yunkai Zhang Reviewed-by: Qiang Tu Reviewed-by: Kun Jiang Reviewed-by: Fan Yu Link: https://lkml.kernel.org/r/20240716104244764N2jD8gnBpnsLjCDnQGQ8c@zte.com.cn commit c40dd90ac045fa1fdf6acc5bf9109a2315e6c92c Author: Zhang Qiao Date: Thu Jun 27 21:33:59 2024 +0800 sched: Initialize the vruntime of a new task when it is first enqueued When creating a new task, we initialize vruntime of the newly task at sched_cgroup_fork(). However, the timing of executing this action is too early and may not be accurate. Because it uses current CPU to init the vruntime, but the new task actually runs on the cpu which be assigned at wake_up_new_task(). To optimize this case, we pass ENQUEUE_INITIAL flag to activate_task() in wake_up_new_task(), in this way, when place_entity is called in enqueue_entity(), the vruntime of the new task will be initialized. In addition, place_entity() in task_fork_fair() was introduced for two reasons: 1. Previously, the __enqueue_entity() was in task_new_fair(), in order to provide vruntime for enqueueing the newly task, the vruntime assignment equation "se->vruntime = cfs_rq->min_vruntime" was introduced by commit e9acbff6484d ("sched: introduce se->vruntime"). This is the initial state of place_entity(). 2. commit 4d78e7b656aa ("sched: new task placement for vruntime") added child_runs_first task placement feature which based on vruntime, this also requires the new task's vruntime value. After removing the child_runs_first and enqueue_entity() from task_fork_fair(), this place_entity() no longer makes sense, so remove it also. Signed-off-by: Zhang Qiao Signed-off-by: Peter Zijlstra (Intel) Link: https://lkml.kernel.org/r/20240627133359.1370598-1-zhangqiao22@huawei.com commit 52c3fb1a0f822fd64529ca64f3792095524de450 Author: Peter Zijlstra Date: Thu Jul 18 10:21:49 2024 +0200 perf/x86: Add hw_perf_event::aux_config Start a new section for AUX PMUs in hw_perf_event. Signed-off-by: Peter Zijlstra (Intel) commit d92792a4b26e50b96ab734cbe203d8a4c932a7a9 Author: Adrian Hunter Date: Mon Jul 15 19:07:00 2024 +0300 perf/x86/intel/pt: Fix sampling synchronization pt_event_snapshot_aux() uses pt->handle_nmi to determine if tracing needs to be stopped, however tracing can still be going because pt->handle_nmi is set to zero before tracing is stopped in pt_event_stop, whereas pt_event_snapshot_aux() requires that tracing must be stopped in order to copy a sample of trace from the buffer. Instead call pt_config_stop() always, which anyway checks config for RTIT_CTL_TRACEEN and does nothing if it is already clear. Note pt_event_snapshot_aux() can continue to use pt->handle_nmi to determine if the trace needs to be restarted afterwards. Fixes: 25e8920b301c ("perf/x86/intel/pt: Add sampling support") Signed-off-by: Adrian Hunter Signed-off-by: Peter Zijlstra (Intel) Cc: stable@vger.kernel.org Link: https://lkml.kernel.org/r/20240715160712.127117-2-adrian.hunter@intel.com commit 3eb434de00b39c843249e89cf151757410e8a6ad Author: Oliver Rhodes Date: Thu Jul 25 11:05:30 2024 +0100 dt-bindings: power: renesas: Document RZ/G2M v3.0 (r8a774a3) SYSC binding Document bindings for the Renesas RZ/G2M v3.0 (a.k.a r8a774a3) SYSC block. The RZ/G2M v3.0 SYSC is similar to the RZ/G2M v1.x SYSC however, it lacks the A2VC power area. To handle this difference, introduce renesas,r8a774a3-sysc compatible. Signed-off-by: Oliver Rhodes Acked-by: Rob Herring (Arm) Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240725100534.5374-3-oliver.rhodes.aj@renesas.com Signed-off-by: Geert Uytterhoeven commit 9bd41653c14dd8f4f83e61940c865679a62e721a Author: Oliver Rhodes Date: Thu Jul 25 11:05:29 2024 +0100 dt-bindings: soc: renesas: Document RZ/G2M v3.0 (r8a774a3) SoC Add SoC documentation for Renesas RZ/G2M v3.0 (a.k.a r8a774a3) SoC. Signed-off-by: Oliver Rhodes Acked-by: Rob Herring (Arm) Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/20240725100534.5374-2-oliver.rhodes.aj@renesas.com Signed-off-by: Geert Uytterhoeven commit 4200161c564da91eefe8eeea1151a537290319c7 Author: Kuninori Morimoto Date: Wed Jul 3 00:13:48 2024 +0000 arm64: defconfig: Enable AK4619 codec support Enable AK4619 audio codec support, as used on the Gray Hawk Single development board. Signed-off-by: Kuninori Morimoto Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/87bk3fbadf.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Geert Uytterhoeven commit 1200525fbc958a045e71e986ee7542739542d767 Author: Geert Uytterhoeven Date: Mon Jul 22 13:55:41 2024 +0200 arm64: dts: renesas: gray-hawk-single: Add GP LEDs Describe the three General Purpose LEDs on the Gray Hawk Single board, so they can be used as indicator LEDs. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/408eac88ec61cf4c56c96397fbb93b4b8c2c8f5b.1721649057.git.geert+renesas@glider.be commit d4d9a2fbeaa0efdca0a4cf779aaeff931949c703 Author: Geert Uytterhoeven Date: Mon Jul 22 13:55:40 2024 +0200 arm64: dts: renesas: gray-hawk-single: Add push switches Describe the three Push Switches on the Gray Hawk Single board, so they can be used for user input. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/41b8277d4b630e0c296375888d9b958448d02cde.1721649057.git.geert+renesas@glider.be commit cd0a847aa6c8a08ba948db4ff0dd6d5f94da998d Author: Geert Uytterhoeven Date: Mon Jul 8 11:37:24 2024 +0200 arm64: dts: renesas: r8a779h0: Add missing iommus properties Add missing iommus properties to all EthernetAVB device nodes that still lack them. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/1ed05b12961662e8fed2f1a6790f5ae3b595f509.1720430758.git.geert+renesas@glider.be commit c313c77babc72bf0f0611b871aef8ef350fd813e Author: Geert Uytterhoeven Date: Mon Jul 8 11:37:23 2024 +0200 arm64: dts: renesas: r8a779g0: Add missing iommus properties Add missing iommus properties to all EthernetAVB and Frame Compression Processor device nodes. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/bd394a7e330610d76d98cd5d230c0b3fcbf5c3e4.1720430758.git.geert+renesas@glider.be commit 2c44893ba3e2f7d652bcaf4849eda562fff070ae Author: Geert Uytterhoeven Date: Mon Jul 8 11:37:22 2024 +0200 arm64: dts: renesas: r8a779a0: Add missing iommus properties Add missing iommus properties to all EthernetAVB, DMAC, and Frame Compression Processor device nodes. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/39da0dddf7e7f1fde2b2d83444af7bb5ae73b922.1720430758.git.geert+renesas@glider.be commit 58026a0353d72c973f73831efafb7fa3dbda09cf Author: Geert Uytterhoeven Date: Mon Jul 8 11:37:21 2024 +0200 arm64: dts: renesas: r8a77980: Add missing iommus properties Add missing iommus properties to the Gigabit Ethernet and Frame Compression Processor device nodes. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/3259f4906e20ea626dcd45b7dd310155570b399c.1720430758.git.geert+renesas@glider.be commit da840cce10c47551b41cad122f5c27f37ea011fb Author: Geert Uytterhoeven Date: Mon Jul 8 11:37:20 2024 +0200 arm64: dts: renesas: r8a77970: Add missing iommus property Add the missing iommus property to the Frame Compression Processor device node. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/41445bdf72a40c9deb36b88e8360b50eb2836919.1720430758.git.geert+renesas@glider.be commit bc909045fd89930e849822a2bb05cc5884bcc4f1 Author: Geert Uytterhoeven Date: Mon Jul 8 11:37:19 2024 +0200 arm64: dts: renesas: r8a77965: Add missing iommus properties Add missing iommus properties to all Audio-DMAC, Serial-ATA, and Frame Compression Processor device nodes. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/79fe31020799ba508d16ff8dbd4296f239ecf76a.1720430758.git.geert+renesas@glider.be commit fc50fd9ab56d810a49ee070ec41c19dd47de5d1c Author: Geert Uytterhoeven Date: Mon Jul 8 11:37:18 2024 +0200 arm64: dts: renesas: r8a77961: Add missing iommus properties Add missing iommus properties to Frame Compression Processor device nodes that still lack them. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/25f8764edcb4f83f4dc3acfae36fa1fcbfd10cd7.1720430758.git.geert+renesas@glider.be commit 9e2494ba0a2297f35cc64b2b9f67802f1f5cca88 Author: Geert Uytterhoeven Date: Mon Jul 8 11:37:17 2024 +0200 arm64: dts: renesas: r8a77960: Add missing iommus properties Add missing iommus properties to Frame Compression Processor device nodes that still lack them. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/21e6b8dc21d8f1605d1cf5f081811b55e33ce04d.1720430758.git.geert+renesas@glider.be commit 3d7de696a10924f26c2b9df7db2f741acd138a66 Author: Geert Uytterhoeven Date: Mon Jul 8 11:37:16 2024 +0200 arm64: dts: renesas: r8a774e1: Add missing iommus properties Add missing iommus properties to all Frame Compression Processor device nodes. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/b2a1a5fd41c78c881e6e410b720e5e12572e2668.1720430758.git.geert+renesas@glider.be commit b4bcb7792f3a04320c6290d3d0e4f9f4d1251b4b Author: Geert Uytterhoeven Date: Mon Jul 8 11:37:15 2024 +0200 arm64: dts: renesas: r8a774c0: Add missing iommus properties Add missing iommus properties to all SDHI device nodes. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/299b47bf40d4d2d44beff46b3323c471915c714d.1720430758.git.geert+renesas@glider.be commit 1d325f5060d4940ea28818848e3a2290b217e963 Author: Geert Uytterhoeven Date: Mon Jul 8 11:37:14 2024 +0200 arm64: dts: renesas: r8a774b1: Add missing iommus properties Add missing iommus properties to all Audio-DMAC, SDHI, Serial-ATA, and Frame Compression Processor device nodes. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/2d6a97d2df0532c661a2be6bafc9e5061c645197.1720430758.git.geert+renesas@glider.be commit e8b655803da2cc0f27834c5ec931521dba831b95 Author: Geert Uytterhoeven Date: Mon Jul 8 11:37:13 2024 +0200 arm64: dts: renesas: r8a774a1: Add missing iommus properties Add missing iommus properties to SDHI and Frame Compression Processor device nodes that still lack them. Signed-off-by: Geert Uytterhoeven Link: https://lore.kernel.org/114e9915356670e59dae412c1054afad4ce4c964.1720430758.git.geert+renesas@glider.be commit ebeb40c77b3c3d19a96b92e067dd8161916a56d6 Author: Kuninori Morimoto Date: Wed Jul 3 00:13:42 2024 +0000 arm64: dts: renesas: gray-hawk-single: Add Sound support Because R-Car V4M supports only 1 SSI, it cannot use Playback/Capture at the same time. Hence select Playback as default. Signed-off-by: Kuninori Morimoto Reviewed-by: Geert Uytterhoeven Link: https://lore.kernel.org/87cynvbadm.wl-kuninori.morimoto.gx@renesas.com Signed-off-by: Geert Uytterhoeven commit c206d6be8605e9b564ef99a7fd7dcc406e3bda63 Author: Uwe Kleine-König Date: Mon Jul 15 21:43:40 2024 +0200 gpio: Drop explicit initialization of struct i2c_device_id::driver_data to 0 These drivers don't use the driver_data member of struct i2c_device_id, so don't explicitly initialize this member. This prepares putting driver_data in an anonymous union which requires either no initialization or named designators. But it's also a nice cleanup on its own. Signed-off-by: Uwe Kleine-König Link: https://lore.kernel.org/r/20240715194341.1755599-2-u.kleine-koenig@baylibre.com Signed-off-by: Bartosz Golaszewski commit ba386777a30b38dabcc7fb8a89ec2869a09915f7 Author: Vignesh Balasubramanian Date: Thu Jul 25 21:40:18 2024 +0530 x86/elf: Add a new FPU buffer layout info to x86 core files Add a new .note section containing type, size, offset and flags of every xfeature that is present. This information will be used by debuggers to understand the XSAVE layout of the machine where the core file has been dumped, and to read XSAVE registers, especially during cross-platform debugging. The XSAVE layouts of modern AMD and Intel CPUs differ, especially since Memory Protection Keys and the AVX-512 features have been inculcated into the AMD CPUs. Since AMD never adopted (and hence never left room in the XSAVE layout for) the Intel MPX feature, tools like GDB had assumed a fixed XSAVE layout matching that of Intel (based on the XCR0 mask). Hence, core dumps from AMD CPUs didn't match the known size for the XCR0 mask. This resulted in GDB and other tools not being able to access the values of the AVX-512 and PKRU registers on AMD CPUs. To solve this, an interim solution has been accepted into GDB, and is already a part of GDB 14, see https://sourceware.org/pipermail/gdb-patches/2023-March/198081.html. But it depends on heuristics based on the total XSAVE register set size and the XCR0 mask to infer the layouts of the various register blocks for core dumps, and hence, is not a foolproof mechanism to determine the layout of the XSAVE area. Therefore, add a new core dump note in order to allow GDB/LLDB and other relevant tools to determine the layout of the XSAVE area of the machine where the corefile was dumped. The new core dump note (which is being proposed as a per-process .note section), NT_X86_XSAVE_LAYOUT (0x205) contains an array of structures. Each structure describes an individual extended feature containing offset, size and flags in this format: struct x86_xfeat_component { u32 type; u32 size; u32 offset; u32 flags; }; and in an independent manner, allowing for future extensions without depending on hw arch specifics like CPUID etc. [ bp: Massage commit message, zap trailing whitespace. ] Co-developed-by: Jini Susan George Signed-off-by: Jini Susan George Co-developed-by: Borislav Petkov (AMD) Signed-off-by: Borislav Petkov (AMD) Signed-off-by: Vignesh Balasubramanian Link: https://lore.kernel.org/r/20240725161017.112111-2-vigbalas@amd.com commit 60dc7fcafea817f3dcff7ece18095ca6260b73bc Author: Showrya M N Date: Wed Jul 24 14:24:28 2024 +0530 RDMA/siw: Remove NETDEV_GOING_DOWN event handler Toggling link while running NVME-oF over siw hits a kernel panic due to race condition within siw_handler and ib_destroy_qp(). The IB_EVENT_PORT_ERR event can alone handle destroying qps. therefore remove unwanted processing in siw. Suggested-by: Bernard Metzler Signed-off-by: Showrya M N Signed-off-by: Potnuri Bharat Teja Link: https://lore.kernel.org/r/20240724085428.3813-1-showrya@chelsio.com Signed-off-by: Leon Romanovsky commit 75ab1533d79b046152d424ffe947f79f9d15682c Author: Anumula Murali Mohan Reddy Date: Tue Jul 16 19:55:32 2024 +0530 RDMA/cxgb4: use dma_mmap_coherent() for mapping non-contiguous memory dma_alloc_coherent() allocates contiguous memory irrespective of iommu mode, but after commit f5ff79fddf0e ("dma-mapping: remove CONFIG_DMA_REMAP") if iommu is enabled in translate mode, dma_alloc_coherent() may allocate non-contiguous memory. Attempt to map this memory results in panic. This patch fixes the issue by using dma_mmap_coherent() to map each page to user space. Signed-off-by: Anumula Murali Mohan Reddy Signed-off-by: Potnuri Bharat Teja Link: https://lore.kernel.org/r/20240716142532.97423-1-anumula@chelsio.com Signed-off-by: Leon Romanovsky commit 8423895d456672736a278d64f86d8b434eef2b54 Author: Niklas Schnelle Date: Tue May 14 15:08:58 2024 +0200 video: Handle HAS_IOPORT dependencies In a future patch HAS_IOPORT=n will disable inb()/outb() and friends at compile time. We thus need to #ifdef functions and their callsites which unconditionally use these I/O accessors. In the include/video/vga.h these are conveniently all those functions with the vga_io_* prefix. Co-developed-by: Arnd Bergmann Signed-off-by: Arnd Bergmann Signed-off-by: Niklas Schnelle Signed-off-by: Helge Deller commit 1524b01fb16f3b5459d5174b0d0982c2b77254d1 Author: Moon Yeounsu Date: Sun Jul 21 00:05:04 2024 -0400 staging: rtl8712: style fix multiple line dereference It fix the following checkpatch.pl warning: Avoid multiple line dereference - prefer %s Suggested-by: Dan Carpenter Signed-off-by: Moon Yeounsu Link: https://lore.kernel.org/r/20240721040504.1483-1-yyyynoom@gmail.com Signed-off-by: Greg Kroah-Hartman commit d43c918b6de9980ed3b9e51c56b3974c81a43182 Author: Griffin Kroah-Hartman Date: Mon Jul 15 16:11:02 2024 +0200 staging: vme_user: vme_tsi148.c: remove redundant newlines Adhere to Linux kernel coding style. Reported by checkpatch: CHECK: Alignment should match open parenthesis Signed-off-by: Griffin Kroah-Hartman Link: https://lore.kernel.org/r/20240715141102.142186-1-griffin@kroah.com Signed-off-by: Greg Kroah-Hartman commit 0e8655b4e852ef97655648b91ce780384a073ff4 Merge: 0c3f3a83c7e8df d4ef5d2b7ee0cb Author: Thomas Zimmermann Date: Mon Jul 29 09:35:54 2024 +0200 Merge drm/drm-next into drm-misc-next Backmerging to get a late RC of v6.10 before moving into v6.11. Signed-off-by: Thomas Zimmermann commit 94838d230a6c835ced1bad06b8759e0a5f19c1d3 Author: Borislav Petkov Date: Thu Jul 25 13:20:37 2024 +0200 x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID On Zen and newer, the family, model and stepping is part of the microcode patch ID so that the equivalence table the driver has been using, is not needed anymore. So switch the driver to use that from now on. The equivalence table in the microcode blob should still remain in case there's need to pass some additional information to the kernel loader. Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20240725112037.GBZqI1BbUk1KMlOJ_D@fat_crate.local commit 0c3f3a83c7e8dfaaae4ba8a5b69bd6bc13340d0b Author: Easwar Hariharan Date: Thu Jul 11 05:27:30 2024 +0000 drm/gma500: Make I2C terminology more inclusive I2C v7, SMBus 3.2, and I3C 1.1.1 specifications have replaced "master/slave" with more appropriate terms. Inspired by Wolfram's series to fix drivers/i2c/, fix the terminology for users of I2C_ALGOBIT bitbanging interface, now that the approved verbiage exists in the specification. Acked-by: Thomas Zimmermann Signed-off-by: Easwar Hariharan Signed-off-by: Thomas Zimmermann Link: https://patchwork.freedesktop.org/patch/msgid/20240711052734.1273652-3-eahariha@linux.microsoft.com commit 59c34008d3bdeef4c8ebc0ed2426109b474334d4 Author: Shyam Sundar S K Date: Mon Jul 22 14:58:01 2024 +0530 x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h Add new PCI device IDs into the root IDs and miscellaneous IDs lists to provide support for the latest generation of AMD 1Ah family 60h processor models. Signed-off-by: Shyam Sundar S K Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Yazen Ghannam Link: https://lore.kernel.org/r/20240722092801.3480266-1-Shyam-sundar.S-k@amd.com commit ae1f550efc11eaf1496c431d9c6e784cb49124c5 Author: Thomas Weißschuh Date: Thu Jul 25 19:10:44 2024 +0200 tools/nolibc: add stdbool.h header stdbool.h is very simple. Provide an implementation for the user convenience. Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240725-nolibc-stdbool-v1-1-a6ee2c80bcde@weissschuh.net Signed-off-by: Thomas Weißschuh commit 6ea2987c9a7b6c5f37d08a3eaa664c9ff7467670 Author: Thomas Weißschuh Date: Thu Jul 25 18:54:18 2024 +0200 tools/nolibc: include arch.h from string.h string.h tests for the macros NOLIBC_ARCH_HAS_$FUNC to use the architecture-optimized function variants. However if string.h is included before arch.h header then that check does not work, leading to duplicate function definitions. Fixes: 553845eebd60 ("tools/nolibc: x86-64: Use `rep movsb` for `memcpy()` and `memmove()`") Fixes: 12108aa8c1a1 ("tools/nolibc: x86-64: Use `rep stosb` for `memset()`") Cc: stable@vger.kernel.org Acked-by: Willy Tarreau Link: https://lore.kernel.org/r/20240725-arch-has-func-v1-1-5521ed354acd@weissschuh.net Signed-off-by: Thomas Weißschuh commit 889e1332310656961855c0dcedbb4dbe78e39d22 Author: Manivannan Sadhasivam Date: Mon Jul 22 16:27:33 2024 +0530 clk: qcom: gcc-sm8450: Do not turn off PCIe GDSCs during gdsc_disable() With PWRSTS_OFF_ON, PCIe GDSCs are turned off during gdsc_disable(). This can happen during scenarios such as system suspend and breaks the resume of PCIe controllers from suspend. So use PWRSTS_RET_ON to indicate the GDSC driver to not turn off the GDSCs during gdsc_disable() and allow the hardware to transition the GDSCs to retention when the parent domain enters low power state during system suspend. Cc: stable@vger.kernel.org # 5.17 Fixes: db0c944ee92b ("clk: qcom: Add clock driver for SM8450") Signed-off-by: Manivannan Sadhasivam Link: https://lore.kernel.org/r/20240722105733.13040-1-manivannan.sadhasivam@linaro.org Signed-off-by: Bjorn Andersson commit ade508b545c969c72cd68479f275a5dd640fd8b9 Author: Manivannan Sadhasivam Date: Fri Jul 19 19:12:38 2024 +0530 clk: qcom: gcc-sm8250: Do not turn off PCIe GDSCs during gdsc_disable() With PWRSTS_OFF_ON, PCIe GDSCs are turned off during gdsc_disable(). This can happen during scenarios such as system suspend and breaks the resume of PCIe controllers from suspend. So use PWRSTS_RET_ON to indicate the GDSC driver to not turn off the GDSCs during gdsc_disable() and allow the hardware to transition the GDSCs to retention when the parent domain enters low power state during system suspend. Cc: stable@vger.kernel.org # 5.7 Fixes: 3e5770921a88 ("clk: qcom: gcc: Add global clock controller driver for SM8250") Signed-off-by: Manivannan Sadhasivam Link: https://lore.kernel.org/r/20240719134238.312191-1-manivannan.sadhasivam@linaro.org Signed-off-by: Bjorn Andersson commit 99a7b371eef63507c1761e367382d78ebec0a5ab Author: Rajendra Nayak Date: Tue Jul 23 13:45:42 2024 +0530 soc: qcom: llcc: Update configuration data for x1e80100 Update the configuration table for x1e80100 with the latest recommendations from the SCT table. Signed-off-by: Rajendra Nayak Tested-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240723081542.1522249-1-quic_rjendra@quicinc.com Signed-off-by: Bjorn Andersson commit e6b5a4c3ae3b883cb13be2e1cd9fbf364928173e Author: Konrad Dybcio Date: Fri Jul 19 22:16:37 2024 +0200 firmware: qcom: scm: Allow QSEECOM on ThinkPad T14s Add the aforementioned machine to the list to get e.g. efivars up. Signed-off-by: Konrad Dybcio Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240719-topic-t14s_upstream-v1-2-d7d97fdebb28@linaro.org Signed-off-by: Bjorn Andersson commit dfd06c0e7ff7af10b34fbd6526a08e078a1e876b Author: Johan Hovold Date: Fri Jul 19 15:25:22 2024 +0200 arm64: dts: qcom: sc8280xp-x13s: clean up PCIe2a pinctrl node Clean up the PCIe2a pinctrl node indentation which should use tabs only. Signed-off-by: Johan Hovold Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240719132522.9176-5-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit a59e55237c477c7003f06c0297a80510434b3fe6 Author: Johan Hovold Date: Fri Jul 19 15:25:21 2024 +0200 arm64: dts: qcom: sc8280xp-x13s: disable PCIe perst pull downs Disable the PCIe perst pull-down resistors to save some power. Signed-off-by: Johan Hovold Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240719132522.9176-4-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit 60a99c4c10d41f4bbb54ec8a70dbdbc98eff18eb Author: Johan Hovold Date: Fri Jul 19 15:25:20 2024 +0200 arm64: dts: qcom: sc8280xp-crd: clean up PCIe2a pinctrl node Clean up the PCIe2a pinctrl node indentation which should use tabs only. Signed-off-by: Johan Hovold Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240719132522.9176-3-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit 7313361396d1db9c4d5a485ec5cf904792f5bd62 Author: Johan Hovold Date: Fri Jul 19 15:25:19 2024 +0200 arm64: dts: qcom: sc8280xp-crd: disable PCIe perst pull downs Disable the PCIe perst pull-down resistors to save some power. Signed-off-by: Johan Hovold Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240719132522.9176-2-johan+linaro@kernel.org Signed-off-by: Bjorn Andersson commit 73655137a570e4a3cd226fd9f17920f507cec028 Author: Amit Pundir Date: Thu Jul 18 18:25:45 2024 +0530 arm64: dts: qcom: sm8550-hdk: add the Wifi node Describe the ath12k WLAN on-board the WCN7850 module present on the board. Signed-off-by: Amit Pundir Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240718125545.2238857-1-amit.pundir@linaro.org Signed-off-by: Bjorn Andersson commit 1e19ffdb780a43f34d5da28b7f84ae8c23b47451 Author: Lin, Meng-Bo Date: Thu Jul 18 11:28:57 2024 +0000 arm64: dts: qcom: msm8916-samsung-grandmax: Add touchscreen Grand Max uses an Imagis IST3038 touchscreen that is connected to blsp_i2c5. Add it to the device tree. Signed-off-by: Lin, Meng-Bo Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240718112715.6117-1-linmengbo06890@proton.me Signed-off-by: Bjorn Andersson commit 440c3fdbfa7d9a244351a66595d844e64d171640 Author: Rayyan Ansari Date: Wed Jul 17 10:49:14 2024 +0100 ARM: dts: qcom: {a,i}pq8064: correct clock-names in sata node Correct the clock-names in the AHCI SATA controller node to adhere to the bindings. Signed-off-by: Rayyan Ansari Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240717094914.17931-2-rayyan.ansari@linaro.org Signed-off-by: Bjorn Andersson commit 85a55eeed40db02dfe292712c1789953712f86a4 Author: Sudeepgoud Patil Date: Tue Jul 16 23:08:34 2024 +0530 soc: qcom: smp2p: Introduce tracepoint support Introduce tracepoint support for smp2p to enable communication logging between local and remote processors. Include tracepoints with information about the remote subsystem name, negotiation details, supported features, bit change notifications, and ssr activity. These logs are useful for debugging issues between subsystems. Signed-off-by: Sudeepgoud Patil Link: https://lore.kernel.org/r/20240716173835.997259-3-quic_sudeepgo@quicinc.com Signed-off-by: Bjorn Andersson commit 6b18c5d2cd61ac0b526a9524110d4068ecfb1298 Author: Rayyan Ansari Date: Tue Jul 16 14:53:38 2024 +0100 arm64: dts: qcom: msm8939-samsung-a7: rename pwm node to conform to dtschema Rename the pwm node from "pwm-vibrator" to "pwm" to conform to the dt schema. Signed-off-by: Rayyan Ansari Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/20240716135339.87192-1-rayyan.ansari@linaro.org Signed-off-by: Bjorn Andersson commit af8f801f59ed6fbe490414fa61276287f7aca332 Author: Neil Armstrong Date: Tue Jul 16 11:45:11 2024 +0200 arm64: dts: qcom: sm8550-qrd: use the PMU to power up bluetooth Change the HW model in sm8550-qrd.dts to a one closer to reality - where the WLAN and Bluetooth modules of the WCN7850 are powered by the PMU inside the package. Signed-off-by: Neil Armstrong Reviewed-by: Dmitry Baryshkov Reviewed-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240716-topic-sm8x50-upstream-use-pmu-to-power-up-bt-v1-2-67b3755edf6a@linaro.org Signed-off-by: Bjorn Andersson commit dd5f9b31bb1af9da835fd67def673eba9096b864 Author: Neil Armstrong Date: Tue Jul 16 11:45:10 2024 +0200 arm64: dts: qcom: sm8650-hdk: use the PMU to power up bluetooth Change the HW model in sm8650-hdk.dts to a one closer to reality - where the WLAN and Bluetooth modules of the WCN7850 are powered by the PMU inside the package. Signed-off-by: Neil Armstrong Reviewed-by: Dmitry Baryshkov Reviewed-by: Bartosz Golaszewski Link: https://lore.kernel.org/r/20240716-topic-sm8x50-upstream-use-pmu-to-power-up-bt-v1-1-67b3755edf6a@linaro.org Signed-off-by: Bjorn Andersson commit 89721c0e5bf14e06dea2b42ab5efdff4bf035f83 Author: Rayyan Ansari Date: Mon Jul 15 14:01:07 2024 +0100 ARM: dts: qcom: apq8064: drop reg-names on sata-phy node Remove the reg-names property in the sata-phy node as it is not present in the bindings and is not required by the driver. Signed-off-by: Rayyan Ansari Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240715130854.53501-3-rayyan.ansari@linaro.org Signed-off-by: Bjorn Andersson commit 56080a49773935fb899c6559c390a5f8439b5632 Author: Bingwu Zhang Date: Mon Jul 15 20:22:01 2024 +0800 ARM: dts: qcom: msm8974pro-samsung-klte: Add pstore node Add pstore node to allow for retrieving crash logs. Signed-off-by: Bingwu Zhang Link: https://lore.kernel.org/r/20240715122201.345426-2-xtex@envs.net Signed-off-by: Bjorn Andersson commit da3c15ea05d8257c1987e527004e6331126e9451 Author: Christophe JAILLET Date: Sun Jul 14 15:01:58 2024 +0200 clk: qcom: Constify struct freq_tbl 'struct freq_tbl' are not modified in these drivers. Constifying this structure moves some data to a read-only section, so increase overall security. On a x86_64, with allmodconfig, as an example: Before: ====== text data bss dec hex filename 7595 43696 0 51291 c85b drivers/clk/qcom/mmcc-apq8084.o After: ===== text data bss dec hex filename 9867 41424 0 51291 c85b drivers/clk/qcom/mmcc-apq8084.o Signed-off-by: Christophe JAILLET Reviewed-by: Dmitry Baryshkov Link: https://lore.kernel.org/r/e8aee66fa83a4e65f7e855eb8bdbc91275d6994b.1720962107.git.christophe.jaillet@wanadoo.fr Signed-off-by: Bjorn Andersson commit 268a968ef946ccce45be7c01bf915dddce7208c9 Author: Rayyan Ansari Date: Thu Jul 11 12:01:42 2024 +0100 ARM: dts: qcom: ipq4019: adhere to pinctrl dtschema Pass dtbs_check for qcom,ipq4019-pinctrl.yaml. Signed-off-by: Rayyan Ansari Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240711110545.31641-7-rayyan.ansari@linaro.org Signed-off-by: Bjorn Andersson commit de52c020e1a9c3313d88405a4545020b1f5ab24d Author: Rayyan Ansari Date: Thu Jul 11 12:01:41 2024 +0100 ARM: dts: qcom: ipq8064: adhere to pinctrl dtschema Pass dtbs_check for qcom,ipq8064-pinctrl.yaml. Also remove invalid "bias-none" property, which I have assumed to mean "bias-disable". Signed-off-by: Rayyan Ansari Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240711110545.31641-6-rayyan.ansari@linaro.org Signed-off-by: Bjorn Andersson commit c9c8f449c8a27791bd8540cbcb538a19568608cc Author: Rayyan Ansari Date: Thu Jul 11 12:01:40 2024 +0100 ARM: dts: qcom: apq8064: adhere to pinctrl dtschema Pass dtbs_check for qcom,apq8064-pinctrl.yaml. Signed-off-by: Rayyan Ansari Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240711110545.31641-5-rayyan.ansari@linaro.org Signed-off-by: Bjorn Andersson commit 6dbec1c39d3ff53e24e434862c7b7da3552b1ffe Author: Rayyan Ansari Date: Thu Jul 11 12:01:39 2024 +0100 ARM: dts: qcom: asus,nexus7-flo: remove duplicate pinctrl handle in i2c nodes Remove duplicate handle to i2c pins in the device tree, as they are already set in qcom-apq8064.dtsi. Signed-off-by: Rayyan Ansari Reviewed-by: Konrad Dybcio Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240711110545.31641-4-rayyan.ansari@linaro.org Signed-off-by: Bjorn Andersson commit 046301eafc3296efe7266832b47c9cc93ff0ad38 Author: Rayyan Ansari Date: Thu Jul 11 12:01:38 2024 +0100 ARM: dts: qcom: apq8064-pins: correct error in drive-strength property The "drive-strength" property was incorrectly spelt as "drive-strengh". Correct this. Signed-off-by: Rayyan Ansari Reviewed-by: Konrad Dybcio Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240711110545.31641-3-rayyan.ansari@linaro.org Signed-off-by: Bjorn Andersson commit 421688265d7f5d3ff4211982e7231765378bb64f Author: Qingqing Zhou Date: Thu Jul 25 12:51:17 2024 +0530 arm64: dts: qcom: sa8775p: Mark APPS and PCIe SMMUs as DMA coherent The SMMUs on sa8775p are cache-coherent. GPU SMMU is marked as such, mark the APPS and PCIe ones as well. Fixes: 603f96d4c9d0 ("arm64: dts: qcom: add initial support for qcom sa8775p-ride") Fixes: 2dba7a613a6e ("arm64: dts: qcom: sa8775p: add the pcie smmu node") Cc: stable@vger.kernel.org Reviewed-by: Konrad Dybcio Reviewed-by: Manivannan Sadhasivam Signed-off-by: Qingqing Zhou Rule: add Link: https://lore.kernel.org/stable/20240723075948.9545-1-quic_qqzhou%40quicinc.com Link: https://lore.kernel.org/r/20240725072117.22425-1-quic_qqzhou@quicinc.com Signed-off-by: Bjorn Andersson commit 611cd69fe4c737c37a79ef7b99a2f15aff252d1d Author: Rayyan Ansari Date: Thu Jul 25 10:25:18 2024 +0100 ARM: dts: qcom: pma8084: add pon node Wrap existing pwrkey node inside a pon node, to conform to dt schema. Reviewed-by: Konrad Dybcio Signed-off-by: Rayyan Ansari Link: https://lore.kernel.org/r/20240725-pmic-bindings-v3-3-d7f6007b530d@linaro.org Signed-off-by: Bjorn Andersson commit ed14bed60cbe99a14297e11c5f09ac75450758c1 Author: Rayyan Ansari Date: Thu Jul 25 10:25:17 2024 +0100 arm64: dts: qcom: pmi8950: Remove address from lpg node Remove the address in both the reg property and node name to adhere to the bindings. Reviewed-by: Konrad Dybcio Signed-off-by: Rayyan Ansari Link: https://lore.kernel.org/r/20240725-pmic-bindings-v3-2-d7f6007b530d@linaro.org Signed-off-by: Bjorn Andersson commit 86b8eb4dbb6135d322e65cc1b7dcd37f1d4ede84 Author: Rayyan Ansari Date: Thu Jul 25 10:25:16 2024 +0100 arm64: dts: qcom: pmi8994: Add label to wled node Add a label, which is a required property, to the wled node. Reviewed-by: Konrad Dybcio Signed-off-by: Rayyan Ansari Link: https://lore.kernel.org/r/20240725-pmic-bindings-v3-1-d7f6007b530d@linaro.org Signed-off-by: Bjorn Andersson commit e93230d0597a2736f1123cd7790a4e549f3049a8 Author: Sagar Cheluvegowda Date: Tue Jul 9 11:21:40 2024 -0700 arm64: dts: qcom: sa8775p: Add interconnects for ethernet Define interconnect properties for ethernet hardware. Suggested-by: Andrew Halaney Signed-off-by: Sagar Cheluvegowda Reviewed-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240709-icc_bw_voting_emac_dtsi-v2-1-a1e02c7099a5@quicinc.com Signed-off-by: Bjorn Andersson commit 8d86550c2fc262c49a10a4a0e9837d8949f3578b Author: Stephan Gerhold Date: Wed Jul 10 10:18:20 2024 +0200 arm64: dts: qcom: x1e80100-crd: Add LID switch Add gpio-keys for exposing the LID switch state, similar to sc8280xp-lenovo-thinkpad-x13s.dts. Only the GPIO number is different. Signed-off-by: Stephan Gerhold Tested-by: Abel Vesa Reviewed-by: Abel Vesa Reviewed-by: Konrad Dybcio Reviewed-by: Johan Hovold Link: https://lore.kernel.org/r/20240710-x1e80100-crd-lid-v1-1-0156e8a62af6@linaro.org Signed-off-by: Bjorn Andersson commit c1972c8dc987769eac8e5dede536d3cff489c6ee Author: Paul E. McKenney Date: Mon Jul 1 09:49:49 2024 -0700 locking/csd_lock: Print large numbers as negatives The CSD-lock-hold diagnostics from CONFIG_CSD_LOCK_WAIT_DEBUG are printed in nanoseconds as unsigned long longs, which is a bit obtuse for human readers when timing bugs result in negative CSD-lock hold times. Yes, there are some people to whom it is immediately obvious that 18446744073709551615 is really -1, but for the rest of us... Therefore, print these numbers as signed long longs, making the negative hold times immediately apparent. Reported-by: Rik van Riel Signed-off-by: Paul E. McKenney Cc: Imran Khan Cc: Ingo Molnar Cc: Leonardo Bras Cc: "Peter Zijlstra (Intel)" Cc: Rik van Riel Reviewed-by: Rik van Riel Signed-off-by: Neeraj Upadhyay commit 3471e96bcf53731639587580fd02e5a297940b91 Author: Paul E. McKenney Date: Tue Jun 18 10:40:30 2024 -0700 rcu/kfree: Warn on unexpected tail state Within the rcu_sr_normal_gp_cleanup_work() function, there is an acquire load from rcu_state.srs_done_tail, which is expected to be non-NULL. This commit adds a WARN_ON_ONCE() to check this expectation. Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 9a13a324f40fc3846cf7867daffaccd785beb10c Author: Paul E. McKenney Date: Wed Jul 3 19:51:02 2024 -0700 tools/rcu: Remove RCU Tasks Rude asynchronous APIs from rcu-updaters.sh The call_rcu_tasks_rude() and rcu_barrier_tasks_rude() APIs are no longer. This commit therefore removes them from the rcu-updaters.sh script. Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 20cee0b3daa315237edded31ddf72a4e948d5e1d Author: Paul E. McKenney Date: Tue Jul 2 09:18:33 2024 -0700 rcutorture: Make rcu_torture_write_types() print number of update types This commit follows the list of update types with their count, resulting in console output like this: rcu_torture_write_types: Testing conditional GPs. rcu_torture_write_types: Testing conditional expedited GPs. rcu_torture_write_types: Testing conditional full-state GPs. rcu_torture_write_types: Testing expedited GPs. rcu_torture_write_types: Testing asynchronous GPs. rcu_torture_write_types: Testing polling GPs. rcu_torture_write_types: Testing polling full-state GPs. rcu_torture_write_types: Testing polling expedited GPs. rcu_torture_write_types: Testing polling full-state expedited GPs. rcu_torture_write_types: Testing normal GPs. rcu_torture_write_types: Testing 10 update types This commit adds the final line giving the count. Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit dc86460e77e8cea4896ff19de905001922653311 Author: Zhouyi Zhou Date: Wed Jun 19 23:06:58 2024 +0000 rcutorture: Add CFcommon.arch for arch-specific Kconfig options Add CFcommon.arch for arch-specific Kconfig options. In accordance with [1], [2] and [3], move the x86-specific kernel option CONFIG_HYPERVISOR_GUEST to CFcommon.i686 and CFcommon.x86_64, and also move the x86/PowerPC CONFIG_KVM_GUEST Kconfig option to CFcommon.i686, CFcommon.x86_64, and CFcommon.ppc64le. The "arch" in CFcommon.arch is taken from the "uname -m" command. [1] https://lore.kernel.org/all/20240427005626.1365935-1-zhouzhouyi@gmail.com/ [2] https://lore.kernel.org/all/059d36ce-6453-42be-a31e-895abd35d590@paulmck-laptop/ [3] https://lore.kernel.org/all/ZnBkHosMDhsh4H8g@J2N7QTR9R3/ Tested in x86_64 and PPC VM of Open Source Lab of Oregon State University. Fixes: a6fda6dab93c ("rcutorture: Tweak kvm options") Suggested-by: Paul E. McKenney Suggested-by: Mark Rutland Signed-off-by: Zhouyi Zhou Acked-by: Mark Rutland Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 72ed29f68e6370841ba10edce5b9a213259eb9a9 Author: Paul E. McKenney Date: Fri Jun 14 21:34:17 2024 -0700 rcutorture: Generic test for NUM_ACTIVE_*RCU_POLL* The rcutorture test suite has specific tests for both of the NUM_ACTIVE_RCU_POLL_OLDSTATE and NUM_ACTIVE_RCU_POLL_FULL_OLDSTATE macros provided for RCU polled grace periods. However, with the advent of NUM_ACTIVE_SRCU_POLL_OLDSTATE, a more generic test is needed. This commit therefore adds ->poll_active and ->poll_active_full fields to the rcu_torture_ops structure and converts the existing specific tests to use these fields, when present. Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 1bc5bb9a61378bbb2ca73ab06651d5b174876a8e Author: Paul E. McKenney Date: Fri Jun 14 16:47:12 2024 -0700 rcutorture: Add SRCU ->same_gp_state and ->get_comp_state functions This commit points the SRCU ->same_gp_state and ->get_comp_state fields to same_state_synchronize_srcu() and get_completed_synchronize_srcu(), allowing them to be tested. Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit cf3b1501a8aa8e817baede5e3e1f2beb26a09527 Author: Paul E. McKenney Date: Fri Jun 14 13:35:47 2024 -0700 rcutorture: Remove redundant rcu_torture_ops get_gp_completed fields The rcu_torture_ops structure's ->get_gp_completed and ->get_gp_completed_full fields are redundant with its ->get_comp_state and ->get_comp_state_full fields. This commit therefore removes the former in favor of the latter. Signed-off-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 91e43b9044a4f9b6976dc28b3f1446b733cc68de Author: Frederic Weisbecker Date: Thu May 30 15:45:51 2024 +0200 rcu/nocb: Remove SEGCBLIST_KTHREAD_CB This state excerpt from the (de-)offloading state machine was used to implement an ad-hoc kthread parking of rcuo kthreads. This code has been removed and therefore the related state can be erased as well. Signed-off-by: Frederic Weisbecker Signed-off-by: Paul E. McKenney Reviewed-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit bae6076ebbd14cc1f1bd4de65c2db21d3ab109d7 Author: Frederic Weisbecker Date: Thu May 30 15:45:50 2024 +0200 rcu/nocb: Remove SEGCBLIST_RCU_CORE RCU core can't be running anymore while in the middle of (de-)offloading since this sort of transition now only applies to offline CPUs. The SEGCBLIST_RCU_CORE state can therefore be removed. Signed-off-by: Frederic Weisbecker Signed-off-by: Paul E. McKenney Reviewed-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit df7c249a0ed464b3f690c6f04b8cbc0fdbf30afc Author: Frederic Weisbecker Date: Thu May 30 15:45:49 2024 +0200 rcu/nocb: Remove halfway (de-)offloading handling from rcu_core RCU core can't be running anymore while in the middle of (de-)offloading since this sort of transition now only applies to offline CPUs. The locked callback acceleration handling during the transition can therefore be removed, along with concurrent batch execution. Signed-off-by: Frederic Weisbecker Signed-off-by: Paul E. McKenney Reviewed-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 5a4f9059a8f46fc1fbbae74781a5f7c8d74c732b Author: Frederic Weisbecker Date: Thu May 30 15:45:48 2024 +0200 rcu/nocb: Remove halfway (de-)offloading handling from rcu_core()'s QS reporting RCU core can't be running anymore while in the middle of (de-)offloading since this sort of transition now only applies to offline CPUs. The locked callback acceleration handling during the transition can therefore be removed. Signed-off-by: Frederic Weisbecker Signed-off-by: Paul E. McKenney Reviewed-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit d2e7f55ff2e3d878a63149c90b360cbec101a83e Author: Frederic Weisbecker Date: Thu May 30 15:45:47 2024 +0200 rcu/nocb: Remove halfway (de-)offloading handling from bypass Bypass enqueue can't happen anymore in the middle of (de-)offloading since this sort of transition now only applies to offline CPUs. The related safety check can therefore be removed. Signed-off-by: Frederic Weisbecker Signed-off-by: Paul E. McKenney Reviewed-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 4e26ce423116e9f48f73723cc33add295e56ad31 Author: Frederic Weisbecker Date: Thu May 30 15:45:46 2024 +0200 rcu/nocb: (De-)offload callbacks on offline CPUs only Currently callbacks can be (de-)offloaded only on online CPUs. This involves an overly elaborated state machine in order to make sure that callbacks are always handled during the process while ensuring synchronization between rcu_core and NOCB kthreads. The only potential user of NOCB (de-)offloading appears to be a nohz_full toggling interface through cpusets. And the general agreement is now to work toward toggling the nohz_full state on offline CPUs to simplify the whole picture. Therefore, convert the (de-)offloading to only support offline CPUs. This involves the following changes: * Call rcu_barrier() before deoffloading. An offline offloaded CPU may still carry callbacks in its queue ignored by rcutree_migrate_callbacks(). Those callbacks must all be flushed before switching to a regular queue because no more kthreads will handle those before the CPU ever gets re-onlined. This means that further calls to rcu_barrier() will find an empty queue until the CPU goes through rcutree_report_cpu_starting(). As a result it is guaranteed that further rcu_barrier() won't try to lock the nocb_lock for that target and thus won't risk an imbalance. Therefore barrier_mutex doesn't need to be locked anymore upon deoffloading. * Assume the queue is empty before offloading, as rcutree_migrate_callbacks() took care of everything. This means that further calls to rcu_barrier() will find an empty queue until the CPU goes through rcutree_report_cpu_starting(). As a result it is guaranteed that further rcu_barrier() won't risk a nocb_lock imbalance. Therefore barrier_mutex doesn't need to be locked anymore upon offloading. * No need to flush bypass anymore. Further simplifications will follow in upcoming patches. Signed-off-by: Frederic Weisbecker Signed-off-by: Paul E. McKenney Reviewed-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 7121dd915a262aee1f5a88cf86b1543f3a9439d7 Author: Frederic Weisbecker Date: Thu May 30 15:45:45 2024 +0200 rcu/nocb: Introduce nocb mutex The barrier_mutex is used currently to protect (de-)offloading operations and prevent from nocb_lock locking imbalance in rcu_barrier() and shrinker, and also from misordered RCU barrier invocation. Now since RCU (de-)offloading is going to happen on offline CPUs, an RCU barrier will have to be executed while transitionning from offloaded to de-offloaded state. And this can't happen while holding the barrier_mutex. Introduce a NOCB mutex to protect (de-)offloading transitions. The barrier_mutex is still held for now when necessary to avoid barrier callbacks reordering and nocb_lock imbalance. Signed-off-by: Frederic Weisbecker Signed-off-by: Paul E. McKenney Reviewed-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 7be88a857eb84d2e0677690b81ee423dee51c93d Author: Frederic Weisbecker Date: Thu May 30 15:45:44 2024 +0200 rcu/nocb: Assert no callbacks while nocb kthread allocation fails When a NOCB CPU fails to create a nocb kthread on bringup, the CPU is then deoffloaded. The barrier mutex is locked at this stage. It is typically used to protect against concurrent (de-)offloading and/or concurrent rcu_barrier() that would otherwise risk a nocb locking imbalance. However: * rcu_barrier() can't run concurrently if it's the boot CPU on early boot-up. * rcu_barrier() can run concurrently if it's a secondary CPU but it is expected to see 0 callbacks on this target because it's the first time it boots. * (de-)offloading can't happen concurrently with smp_init(), as rcutorture is initialized later, at least not before device_initcall(), and userspace isn't available yet. * (de-)offloading can't happen concurrently with cpu_up(), courtesy of cpu_hotplug_lock. But: * The lazy shrinker might run concurrently with cpu_up(). It shouldn't try to grab the nocb_lock and risk an imbalance due to lazy_len supposed to be 0 but be extra cautious. * Also be cautious against resume from hibernation potential subtleties. So keep the locking and add some assertions and comments. Signed-off-by: Frederic Weisbecker Signed-off-by: Paul E. McKenney Reviewed-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit ff81428ede8a290fc5fd85135e39be1065ae6176 Author: Frederic Weisbecker Date: Thu May 30 15:45:43 2024 +0200 rcu/nocb: Move nocb field at the end of state struct nocb_is_setup is a rarely used field, mostly on boot and CPU hotplug. It shouldn't occupy the middle of the rcu state hot fields cacheline. Move it to the end and build it conditionally while at it. More cold NOCB fields are to come. Signed-off-by: Frederic Weisbecker Signed-off-by: Paul E. McKenney Reviewed-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 7aeba709a048d870c15940af8b620b16281c3b9e Author: Frederic Weisbecker Date: Thu May 30 15:45:42 2024 +0200 rcu/nocb: Introduce RCU_NOCB_LOCKDEP_WARN() Checking for races against concurrent (de-)offloading implies the creation of !CONFIG_RCU_NOCB_CPU stubs to check if each relevant lock is held. For now this only implies the nocb_lock but more are to be expected. Create instead a NOCB specific version of RCU_LOCKDEP_WARN() to avoid the proliferation of stubs. Signed-off-by: Frederic Weisbecker Signed-off-by: Paul E. McKenney Reviewed-by: Paul E. McKenney Signed-off-by: Neeraj Upadhyay commit 125716c393889f9035567d4d78da239483f63ece Author: Valentin Schneider Date: Tue Apr 16 14:47:12 2024 +0200 context_tracking, rcu: Rename ct_dynticks_cpu_acquire() into ct_rcu_watching_cpu_acquire() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, reflect that change in the related helpers. Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit a9fde9d1a5dd42edadf61cf4e64aa234b4c5bd3f Author: Valentin Schneider Date: Tue Apr 16 10:47:14 2024 +0200 context_tracking, rcu: Rename ct_dynticks_cpu() into ct_rcu_watching_cpu() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, reflect that change in the related helpers. Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit a4a7921ec08d016f9d692752e2f82f66369c7ffa Author: Valentin Schneider Date: Tue Apr 16 10:45:56 2024 +0200 context_tracking, rcu: Rename ct_dynticks() into ct_rcu_watching() The context_tracking.state RCU_DYNTICKS subvariable has been renamed to RCU_WATCHING, reflect that change in the related helpers. Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Signed-off-by: Neeraj Upadhyay commit 4aa35e0db6d758e8f952ed30d7ac3117c376562c Author: Valentin Schneider Date: Tue Jul 25 12:19:01 2023 +0100 context_tracking, rcu: Rename RCU_DYNTICKS_IDX into CT_RCU_WATCHING The symbols relating to the CT_STATE part of context_tracking.state are now all prefixed with CT_STATE. The RCU dynticks counter part of that atomic variable still involves symbols with different prefixes, align them all to be prefixed with CT_RCU_WATCHING. Suggested-by: "Paul E. McKenney" Signed-off-by: Valentin Schneider Reviewed-by: Frederic Weisbecker Acked-by: Thomas Gleixner Signed-off-by: Neeraj Upadhyay commit d65d411c9259a2499081e1e7ed91088232666b57 Author: Valentin Schneider Date: Tue Jul 25 12:08:50 2023 +0100 treewide: context_tracking: Rename CONTEXT_* into CT_STATE_* Context tracking state related symbols currently use a mix of the CONTEXT_ (e.g. CONTEXT_KERNEL) and CT_SATE_ (e.g. CT_STATE_MASK) prefixes. Clean up the naming and make the ctx_state enum use the CT_STATE_ prefix. Suggested-by: Frederic Weisbecker Signed-off-by: Valentin Schneider Acked-by: Frederic Weisbecker Acked-by: Thomas Gleixner Signed-off-by: Neeraj Upadhyay commit a9d843e6b231e550f8141f27e930f90ded4edae2 Author: Krzysztof Kozlowski Date: Thu Jul 25 13:23:49 2024 +0200 ASoC: codecs: wcd939x: Move max port number defines to enum Instead of having separate define to indicate number of TX and RX Soundwire ports, move it to the enums defining actual port indices/values. This makes it more obvious why such value was chosen as number of TX/RX ports. Note: the enums start from 1, thus number of ports equals to the last vaue in the enum. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Dmitry Baryshkov Link: https://patch.msgid.link/20240725-asoc-wsa88xx-port-arrays-v1-7-80a03f440c72@linaro.org Signed-off-by: Mark Brown commit 5e388488f0a1dd6d340f3925e7b371e212ee3cc2 Author: Krzysztof Kozlowski Date: Thu Jul 25 13:23:48 2024 +0200 ASoC: codecs: wcd938x: Move max port number defines to enum Instead of having separate define to indicate number of TX and RX Soundwire ports, move it to the enums defining actual port indices/values. This makes it more obvious why such value was chosen as number of TX/RX ports. Note: the enums start from 1, thus number of ports equals to the last vaue in the enum. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Dmitry Baryshkov Link: https://patch.msgid.link/20240725-asoc-wsa88xx-port-arrays-v1-6-80a03f440c72@linaro.org Signed-off-by: Mark Brown commit 42f3a2caf80910d0c251b2a407d4d220c0d3a79f Author: Krzysztof Kozlowski Date: Thu Jul 25 13:23:47 2024 +0200 ASoC: codecs: wcd937x: Move max port number defines to enum Instead of having separate define to indicate number of TX and RX Soundwire ports, move it to the enums defining actual port indices/values. This makes it more obvious why such value was chosen as number of TX/RX ports. Note: the enums start from 1, thus number of ports equals to the last vaue in the enum. WCD937X_MAX_SWR_PORTS is used in one of structures in the header, so entire enum must be moved to the top of the header file. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Dmitry Baryshkov Link: https://patch.msgid.link/20240725-asoc-wsa88xx-port-arrays-v1-5-80a03f440c72@linaro.org Signed-off-by: Mark Brown commit 06fa8271273d8181cb8727e63aeec3f87a48d8c7 Author: Krzysztof Kozlowski Date: Thu Jul 25 13:23:46 2024 +0200 ASoC: codecs: wcd938x: Drop unused defines and enums Drop defines and enums not used in the driver. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Dmitry Baryshkov Link: https://patch.msgid.link/20240725-asoc-wsa88xx-port-arrays-v1-4-80a03f440c72@linaro.org Signed-off-by: Mark Brown commit 125ed86b0d669334dbc567f441d10163ff0c44bc Author: Krzysztof Kozlowski Date: Thu Jul 25 13:23:45 2024 +0200 ASoC: codecs: wsa884x: Use designator array initializers for Soundwire ports Two arrays (with 'struct sdw_dpn_prop' and 'struct sdw_port_config') store configuration of Soundwire ports, thus each of their element is indexed according to the port number (enum wsa884x_port_ids, e.g. WSA884X_PORT_DAC). Except the indexing, they also store port number offset by one in member 'num'. Entire code depends on that correlation between array index and port number, thus make it explicit by using designators. The code is functionally the same, but more obvious for reading. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Dmitry Baryshkov Link: https://patch.msgid.link/20240725-asoc-wsa88xx-port-arrays-v1-3-80a03f440c72@linaro.org Signed-off-by: Mark Brown commit add41ea55060d5e41d62268aa0bda2a27e0f5053 Author: Krzysztof Kozlowski Date: Thu Jul 25 13:23:44 2024 +0200 ASoC: codecs: wsa883x: Use designator array initializers for Soundwire ports Two arrays (with 'struct sdw_dpn_prop' and 'struct sdw_port_config') store configuration of Soundwire ports, thus each of their element is indexed according to the port number (enum wsa_port_ids, e.g. WSA883X_PORT_DAC). Except the indexing, they also store port number offset by one in member 'num'. Entire code depends on that correlation between array index and port number, thus make it explicit by using designators. The code is functionally the same, but more obvious for reading. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Dmitry Baryshkov Link: https://patch.msgid.link/20240725-asoc-wsa88xx-port-arrays-v1-2-80a03f440c72@linaro.org Signed-off-by: Mark Brown commit 874d04fe15d12cafa09dd36e8555cea4eb0653f6 Author: Krzysztof Kozlowski Date: Thu Jul 25 13:23:43 2024 +0200 ASoC: codecs: wsa881x: Use designator array initializers for Soundwire ports Two arrays (with 'struct sdw_dpn_prop' and 'struct sdw_port_config') store configuration of Soundwire ports, thus each of their element is indexed according to the port number (enum wsa_port_ids, e.g. WSA881X_PORT_DAC). Except the indexing, they also store port number offset by one in member 'num'. Entire code depends on that correlation between array index and port number, thus make it explicit by using designators. The code is functionally the same, but more obvious for reading. Signed-off-by: Krzysztof Kozlowski Reviewed-by: Dmitry Baryshkov Link: https://patch.msgid.link/20240725-asoc-wsa88xx-port-arrays-v1-1-80a03f440c72@linaro.org Signed-off-by: Mark Brown commit 5972eb05ca322bb1efe44d32808bc7a331e7aee4 Author: AngeloGioacchino Del Regno Date: Fri Jul 26 13:47:21 2024 +0200 spi: spi-mt65xx: Use threaded interrupt for non-SPIMEM transfer In order to avoid blocking for an excessive amount of time, eventually impacting on system responsiveness, interrupt handlers should finish executing in as little time as possible. Use threaded interrupt and move the SPI transfer handling (both CPU and DMA) for the non-spimem case to an interrupt thread instead. For SPI-MEM (IPM) controllers, handling is kept in the blocking interrupt as it simply consists in signalling completion. Signed-off-by: AngeloGioacchino Del Regno Link: https://patch.msgid.link/20240726114721.142196-1-angelogioacchino.delregno@collabora.com Signed-off-by: Mark Brown commit dc58d15ae7f247f642ea4751a276914eefa31865 Author: Chen Ni Date: Tue Jul 16 17:11:51 2024 +0800 spi: meson-spicc: convert comma to semicolon Replace a comma between expression statements by a semicolon. Fixes: 3e0cf4d3fc29 ("spi: meson-spicc: add a linear clock divider support") Signed-off-by: Chen Ni Reviewed-by: Neil Armstrong Link: https://patch.msgid.link/20240716091151.1434450-1-nichen@iscas.ac.cn Signed-off-by: Mark Brown commit 0f245463b01ea254ae90e1d0389e90b0e7d8dc75 Author: Ma Ke Date: Wed Jul 24 16:40:47 2024 +0800 spi: ppc4xx: handle irq_of_parse_and_map() errors Zero and negative number is not a valid IRQ for in-kernel code and the irq_of_parse_and_map() function returns zero on error. So this check for valid IRQs should only accept values > 0. Fixes: 44dab88e7cc9 ("spi: add spi_ppc4xx driver") Signed-off-by: Ma Ke Link: https://patch.msgid.link/20240724084047.1506084-1-make24@iscas.ac.cn Signed-off-by: Mark Brown commit 158678bea637020dd6fc521536c5b07701447777 Author: Rafał Miłecki Date: Sat Jul 27 13:48:27 2024 +0200 spi: dt-bindings: mediatek,spi-mt65xx: add compatible for MT7981 MT7981 has SPI controllers based on IPM design Signed-off-by: Rafał Miłecki Acked-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240727114828.29558-1-zajec5@gmail.com Signed-off-by: Mark Brown commit f8918ef1267edab4d9b2154c22a912c87cc66f66 Author: David Lechner Date: Tue Jul 23 13:36:47 2024 -0500 spi: axi-spi-engine: don't emit XFER_BITS for empty xfer This adds a check on xfer->len to avoid emitting an XFER_BITS instruction for empty transfers in the AXI SPI Engine driver. This avoids unnecessary delays caused by executing an instruction that has no effect on the actual SPI transfer. Signed-off-by: David Lechner Reviewed-by: Nuno Sa Link: https://patch.msgid.link/20240723-spi-axi-spi-engine-opt-bpw-v1-1-2625ba4c4387@baylibre.com Signed-off-by: Mark Brown commit 96472f18a4affdaff5013a836c48375f1eddb4a4 Author: Marcelo Schmitt Date: Fri Jul 12 16:22:00 2024 -0300 dt-bindings: iio: adc: Add AD4000 Add device tree documentation for AD4000 series of ADC devices. Reviewed-by: Conor Dooley Signed-off-by: Marcelo Schmitt Reviewed-by: David Lechner Link: https://patch.msgid.link/98c82e0a2a868a1578989fe69527347aa92083d7.1720810545.git.marcelo.schmitt@analog.com Signed-off-by: Mark Brown commit a62073f4b2164028fc7c5ae45ceba10c9326cd91 Author: Marcelo Schmitt Date: Fri Jul 12 16:21:47 2024 -0300 spi: spi-axi-spi-engine: Add support for MOSI idle configuration Implement MOSI idle low and MOSI idle high to better support peripherals that request specific MOSI behavior. Acked-by: Nuno Sa Reviewed-by: David Lechner Signed-off-by: Marcelo Schmitt Link: https://patch.msgid.link/f237166c7bbe0a1cdabce243b97484bf2f428143.1720810545.git.marcelo.schmitt@analog.com Signed-off-by: Mark Brown commit 927d382c7efbcc2206c31fa2f672fa264c0f1d5b Author: Marcelo Schmitt Date: Fri Jul 12 16:21:23 2024 -0300 spi: spi-gpio: Add support for MOSI idle state configuration Implement MOSI idle low and MOSI idle high to better support peripherals that request specific MOSI behavior. Acked-by: Nuno Sa Reviewed-by: David Lechner Reviewed-by: Jonathan Cameron Signed-off-by: Marcelo Schmitt Link: https://patch.msgid.link/629c55a10005ba26825c3a6a19184372ef81b3e1.1720810545.git.marcelo.schmitt@analog.com Signed-off-by: Mark Brown commit 320f6693097bf89d67f9cabad24a2b911e23073f Author: Marcelo Schmitt Date: Fri Jul 12 16:21:03 2024 -0300 spi: bitbang: Implement support for MOSI idle state configuration Some SPI peripherals may require strict MOSI line state when the controller is not clocking out data. Implement support for MOSI idle state configuration (low or high) by setting the data output line level on controller setup and after transfers. Bitbang operations now call controller specific set_mosi_idle() callback to set MOSI to its idle state. The MOSI line is kept at its idle state if no tx buffer is provided. Acked-by: Nuno Sa Reviewed-by: David Lechner Reviewed-by: Jonathan Cameron Signed-off-by: Marcelo Schmitt Link: https://patch.msgid.link/de61a600b56ed9cb714d5ea87afa88948e70041e.1720810545.git.marcelo.schmitt@analog.com Signed-off-by: Mark Brown commit f58872f45c36ded048bccc22701b0986019c24d8 Author: Marcelo Schmitt Date: Fri Jul 12 16:20:36 2024 -0300 spi: Enable controllers to extend the SPI protocol with MOSI idle configuration The behavior of an SPI controller data output line (SDO or MOSI or COPI (Controller Output Peripheral Input) for disambiguation) is usually not specified when the controller is not clocking out data on SCLK edges. However, there do exist SPI peripherals that require specific MOSI line state when data is not being clocked out of the controller. Conventional SPI controllers may set the MOSI line on SCLK edges then bring it low when no data is going out or leave the line the state of the last transfer bit. More elaborated controllers are capable to set the MOSI idle state according to different configurable levels and thus are more suitable for interfacing with demanding peripherals. Add SPI mode bits to allow peripherals to request explicit MOSI idle state when needed. When supporting a particular MOSI idle configuration, the data output line state is expected to remain at the configured level when the controller is not clocking out data. When a device that needs a specific MOSI idle state is identified, its driver should request the MOSI idle configuration by setting the proper SPI mode bit. Acked-by: Nuno Sa Reviewed-by: Jonathan Cameron Reviewed-by: David Lechner Tested-by: David Lechner Signed-off-by: Marcelo Schmitt Link: https://patch.msgid.link/9802160b5e5baed7f83ee43ac819cb757a19be55.1720810545.git.marcelo.schmitt@analog.com Signed-off-by: Mark Brown commit 9cabf4a487cd4035844b4928881a314334f348fe Author: Witold Sadowski Date: Wed Jul 24 08:47:39 2024 -0700 spi: cadence: Try to read spi-tx/rx-bus width property using ACPI Try to read bus width property using acpi_dev_get_property function, do not rely on spi_mem_default_supports_op function only. If of_device_get_match_data() will fail, retry with acpi_device_get_match_data() to handle ACPI properly. Signed-off-by: Witold Sadowski Signed-off-by: Piyush Malgujar Link: https://patch.msgid.link/20240724154739.582367-10-wsadowski@marvell.com Signed-off-by: Mark Brown commit 8232f1e2584ac1eadd3282b035c306ebde87d8b4 Author: Witold Sadowski Date: Wed Jul 24 08:47:38 2024 -0700 spi: cadence: Change cs property reading. In current implementation cs property can be read only from device-tree(for_each_available_child_of_node_scoped). Change it to fwnode based read to allow property reading in ACPI case too. Signed-off-by: Witold Sadowski Signed-off-by: Piyush Malgujar Link: https://patch.msgid.link/20240724154739.582367-9-wsadowski@marvell.com Signed-off-by: Mark Brown commit 4b8cb7dcd8acd7a05354f0b458aca02e4497f2a6 Author: Witold Sadowski Date: Wed Jul 24 08:47:37 2024 -0700 spi: cadence: Change resource mapping If mapping resource by name will fail try to map resource by number. Such situation can occur in ACPI case. Signed-off-by: Witold Sadowski Signed-off-by: Piyush Malgujar Link: https://patch.msgid.link/20240724154739.582367-8-wsadowski@marvell.com Signed-off-by: Mark Brown commit 931e389ded0f1411cbf07ad50074dc2bcd49e1a8 Author: Witold Sadowski Date: Wed Jul 24 08:47:36 2024 -0700 spi: cadence: Add Marvell xfer operation support Marvell Xfer overlay extends xSPI capabilities to support non-memory SPI operations. The Marvell overlay, combined with a generic command, allows for full-duplex SPI transactions. It also enables transactions with undetermined lengths using the cs_hold parameter and the ability to extend CS signal assertion, even if the xSPI block requests CS signal de-assertion. Marvell overlay is using part of xSPI for writing data into device, and additional hardware block to read data from the device. To do that xSPI will trigger 1 byte generic command followed by data sequence. In same time overlay block will monitor MISO pin to read data from the device. Due to that SDMA data start will be shifted by 1 byte. Signed-off-by: Witold Sadowski Link: https://patch.msgid.link/20240724154739.582367-7-wsadowski@marvell.com Signed-off-by: Mark Brown commit fa7279acef673f17550202d662f592672be26247 Author: Witold Sadowski Date: Wed Jul 24 08:47:35 2024 -0700 spi: cadence: Add Marvell xSPI interrupt changes It is possible that before enabling interrupt, interrupt bit will be set. It might cause improper IRQ handler behaviour. To fix it, clear interrupt bit before enabling interrupts. That behaviour is specific to Marvell xSPI implementation. In addition in Marvell xSPI interrupt must be cleared in two places - xSPI itself, and Marvell overlay. Signed-off-by: Witold Sadowski Link: https://patch.msgid.link/20240724154739.582367-6-wsadowski@marvell.com Signed-off-by: Mark Brown commit 75128e2a14a9f443e8debdd30445f5934b5a7c83 Author: Witold Sadowski Date: Wed Jul 24 08:47:34 2024 -0700 spi: cadence: Add Marvell SDMA operations In Marvell xSPI implementation any access to SDMA register will result in 8 byte SPI data transfer. Reading less data(eg. 1B) will result in losing remaining bytes. To avoid that read/write 8 bytes into temporary buffer, and read/write whole temporary buffer into SDMA. Signed-off-by: Witold Sadowski Link: https://patch.msgid.link/20240724154739.582367-5-wsadowski@marvell.com Signed-off-by: Mark Brown commit 26d34fdc49712ddbd42b11102f5d9d78a0f42097 Author: Witold Sadowski Date: Wed Jul 24 08:47:33 2024 -0700 spi: cadence: Add clock configuration for Marvell xSPI overlay Add support for clock divider. Divider block can disable, enable and divide clock signal. Only 14 different divide ratios are avalible, from 6.25 up to 200MHz. For calculations use default Marvell system clock value(800MHz). Signed-off-by: Witold Sadowski Link: https://patch.msgid.link/20240724154739.582367-4-wsadowski@marvell.com Signed-off-by: Mark Brown commit b0d06169a7153f78b5356ca9e15cd836e43408dd Author: Witold Sadowski Date: Wed Jul 24 08:47:32 2024 -0700 spi: cadence: Add static PHY configuration in Marvell overlay This commit adds support for static PHY configuration of Cadence xSPI block. Configuration will be applied only if Marvell overlay compatible string will be detected. Configuration is static over the whole frequency range. Signed-off-by: Witold Sadowski Link: https://patch.msgid.link/20240724154739.582367-3-wsadowski@marvell.com Signed-off-by: Mark Brown commit 49f63e6a89e94a757ef86340ec531668d26ecc30 Author: Witold Sadowski Date: Wed Jul 24 08:47:31 2024 -0700 spi: dt-bindings: cadence: Add Marvell overlay bindings documentation for Cadence XSPI Add new bindings for the v2 Marvell xSPI overlay: marvell,cn10-xspi-nor compatible string. This new compatible string distinguishes between the original and modified xSPI block. Also add an optional base for the xfer register set with an additional reg field to allocate the xSPI Marvell overlay XFER block. Signed-off-by: Witold Sadowski Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240724154739.582367-2-wsadowski@marvell.com Signed-off-by: Mark Brown commit 3078425f63c5f526c8d2cb0b7ef9e0a3f50c9c39 Author: Chen Ni Date: Tue Jul 16 16:46:59 2024 +0800 regulator: rt5120: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Fixes: c0216c0e68f7 ("regulator: rt5120: Add PMIC regulator support") Signed-off-by: Chen Ni Reviewed-by: ChiYuan Huang Link: https://patch.msgid.link/20240716084659.1252690-1-nichen@iscas.ac.cn Signed-off-by: Mark Brown commit 291f854ecadeb275e5e586001963950341d85e7a Author: Chen Ni Date: Tue Jul 16 16:51:15 2024 +0800 regulator: wm831x-isink: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Fixes: d48acfd0377f ("regulator: wm831x-isink: Convert to use regulator_set/get_current_limit_regmap") Signed-off-by: Chen Ni Acked-by: Charles Keepax Link: https://patch.msgid.link/20240716085115.1252817-1-nichen@iscas.ac.cn Signed-off-by: Mark Brown commit f0aaae1a5827c916f2d66e4392726c0c43d0479c Author: Dan Carpenter Date: Fri Jul 12 09:05:39 2024 -0500 regulator: bd96801: Delete unnecessary check in probe() The "idesc" pointer points to the middle of rdesc[] array so it can't be NULL. Also rdesc isn't NULL. Delete the check. Signed-off-by: Dan Carpenter Link: https://patch.msgid.link/01cd578f-127b-4c8b-a8c6-5e11a0a2555c@stanley.mountain Signed-off-by: Mark Brown commit 275d57ae441f34749cbf8621441ce2148f83d5e6 Author: Chen Ni Date: Tue Jul 16 10:53:07 2024 +0800 ASoC: cs42l42: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Fixes: 90f6a2a20bd2 ("ASoC: cs42l42: Add SoundWire support") Signed-off-by: Chen Ni Reviewed-by: Richard Fitzgerald Reviewed-by: Dragan Simic Link: https://patch.msgid.link/20240716025307.400156-1-nichen@iscas.ac.cn Signed-off-by: Mark Brown commit d57ef03314f529e76385a9d5108c115459b54c2b Author: Geert Uytterhoeven Date: Mon Jul 22 14:04:00 2024 +0200 ASoC: dt-bindings: dlg,da7213: Convert to json-schema Convert the Dialog Semiconductor DA7212/DA7213 Audio Codec Device Tree binding documentation to json-schema. Add missing properties. Signed-off-by: Geert Uytterhoeven Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/7645c9024a1762d281f4067504bc32a7a3d27caa.1721649741.git.geert+renesas@glider.be Signed-off-by: Mark Brown commit aaa5e1aa39074fb466f6ef3df4de6903741dfeec Author: Takashi Iwai Date: Fri Jul 26 17:52:36 2024 +0200 ASoC: Use __counted_by() annotation for snd_soc_pcm_runtime The struct snd_soc_pcm_runtime has a flex array of snd_soc_component objects at its end, and the size is kept in num_components field. We can add __counted_by() annotation for compiler's assistance to catch array overflows. A slight additional change is the assignment of rtd->components[]; the array counter has to be incremented at first for avoiding false-positive reports from compilers. Also, the allocation size of snd_soc_pcm_runtime is cleaned up with the standard struct_size() helper, too. Signed-off-by: Takashi Iwai Link: https://patch.msgid.link/20240726155237.21961-1-tiwai@suse.de Signed-off-by: Mark Brown commit 42eb47310f89eca3226e8e427bc9d571149dc866 Author: Chen Ni Date: Tue Jul 9 16:51:31 2024 +0800 ASoC: mediatek: mt8192: remove redundant null pointer check before of_node_put of_node_put() has taken the null pointer check into account. So it is safe to remove the duplicated check before of_node_put(). Signed-off-by: Chen Ni Reviewed-by: AngeloGioacchino Del Regno Link: https://patch.msgid.link/20240709085131.1436128-1-nichen@iscas.ac.cn Signed-off-by: Mark Brown commit 4f8cd05a43058b165b83f12f656e60415d2ff5be Author: Biju Das Date: Mon Jul 15 10:23:20 2024 +0100 ASoC: sh: rz-ssi: Add full duplex support Add full duplex support, to support simultaneous playback/record on the same ssi channel. Signed-off-by: Biju Das Link: https://patch.msgid.link/20240715092322.119879-1-biju.das.jz@bp.renesas.com Signed-off-by: Mark Brown commit b3f35bae68c0ff9b9339b819ec5f5f341d798bbe Author: Krzysztof Kozlowski Date: Tue Jul 23 16:46:07 2024 +0200 ASoC: codecs: lpass-wsa-macro: Do not hard-code dai in VI mixer The wsa_macro_vi_feed_mixer_put() callback for setting VI feedback mixer value could be used for different DAIs (planned in the future CPS DAI), so make the code a bit more generic by using DAI ID from widget->shift, instead of hard-coding it. The get() callback already follows such convention. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240723144607.123240-1-krzysztof.kozlowski@linaro.org Signed-off-by: Mark Brown commit 3ff810b9bebe5578a245cfa97c252ab602e703f1 Author: Ma Ke Date: Wed Jul 17 19:54:36 2024 +0800 ASoC: rt5682s: Return devm_of_clk_add_hw_provider to transfer the error Return devm_of_clk_add_hw_provider() in order to transfer the error, if it fails due to resource allocation failure or device tree clock provider registration failure. Fixes: bdd229ab26be ("ASoC: rt5682s: Add driver for ALC5682I-VS codec") Signed-off-by: Ma Ke Link: https://patch.msgid.link/20240717115436.3449492-1-make24@iscas.ac.cn Signed-off-by: Mark Brown commit 8716bd241fa120aacce5e0136125b7ecc74fe3b2 Author: Krzysztof Kozlowski Date: Tue Jul 23 10:33:00 2024 +0200 ASoC: dt-bindings: qcom,apq8016-sbc-sndcard: move to separate binding The APQ8016 SBC and MSM8916 QDSP6 sound cards are a bit different from others: they have additional IO muxing address space and pin control. Move them to separate schema, so the original qcom,sm8250.yaml will be easier to manage. New schema is going to grow for other platforms having more of IO muxing address spaces. Cc: Adam Skladowski Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240723083300.35605-1-krzysztof.kozlowski@linaro.org Signed-off-by: Mark Brown commit 6024f3429fd1ac4948bac9610ecd4d0139088f0b Author: Zhang Yi Date: Fri Jul 26 11:10:02 2024 +0800 ASoC: codecs: ES8326: suspend issue We find that we need to disable micbias for the codec to enter suspend So We modify the trigger conditions for enable_micbias and disable_micbias Signed-off-by: Zhang Yi Link: https://patch.msgid.link/20240726031002.35055-1-zhangyi@everest-semi.com Signed-off-by: Mark Brown commit 00645b42e3ca6a35fc4a357dd769bcef41d4a077 Author: Animesh Agarwal Date: Mon Jul 22 12:06:51 2024 +0530 ASoC: dt-bindings: fsl,imx-audio-es8328: Convert to dtschema Convert the Freescale i.MX audio complex with ES8328 codec bindings to DT schema format. Cc: Daniel Baluta Signed-off-by: Animesh Agarwal Reviewed-by: Rob Herring (Arm) Link: https://patch.msgid.link/20240722063657.23018-1-animeshagarwal28@gmail.com Signed-off-by: Mark Brown commit 00425bf8cbc9981bd975a5475cec4964544fb297 Author: Animesh Agarwal Date: Wed Jul 17 19:17:21 2024 +0530 ASoC: dt-bindings: ti,pcm512x: Convert to dtschema Convert the PCM512x and TAS575x audio CODECs/amplifiers bindings to DT schema format. Add missing sound-dai-cells property. Cc: Daniel Baluta Signed-off-by: Animesh Agarwal Reviewed-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240717134729.51661-1-animeshagarwal28@gmail.com Signed-off-by: Mark Brown commit 7eb62acd43c9299630f0e859f56981072401c5b6 Author: Krzysztof Kozlowski Date: Wed Jul 10 15:52:33 2024 +0200 ASoC: codecs: wsa884x: Simplify handling variant Driver does not use detected variant variable past the init function, so do not store it in the state container structure. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240710-asoc-wsa88xx-version-v1-4-f1c54966ccde@linaro.org Signed-off-by: Mark Brown commit cd15fded0e1090bf713647a5bcfd83e372152844 Author: Krzysztof Kozlowski Date: Wed Jul 10 15:52:32 2024 +0200 ASoC: codecs: wsa883x: Simplify handling variant/version Driver does not use detected variant/version variables past the init function, so do not store them in the state container structure. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240710-asoc-wsa88xx-version-v1-3-f1c54966ccde@linaro.org Signed-off-by: Mark Brown commit 2fbf16992e5aa14acf0441320033a01a32309ded Author: Krzysztof Kozlowski Date: Wed Jul 10 15:52:31 2024 +0200 ASoC: codecs: wsa883x: Handle reading version failure If reading version and variant from registers fails (which is unlikely but possible, because it is a read over bus), the driver will proceed and perform device configuration based on uninitialized stack variables. Handle it a bit better - bail out without doing any init and failing the update status Soundwire callback. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240710-asoc-wsa88xx-version-v1-2-f1c54966ccde@linaro.org Signed-off-by: Mark Brown commit 3d2a69eb503d15171a7ba51cf0b562728ac396b7 Author: Krzysztof Kozlowski Date: Wed Jul 10 15:52:30 2024 +0200 ASoC: codecs: wsa881x: Drop unused version readout Driver does not use the device version after reading it from the registers, so simplify by dropping unneeded code. Signed-off-by: Krzysztof Kozlowski Link: https://patch.msgid.link/20240710-asoc-wsa88xx-version-v1-1-f1c54966ccde@linaro.org Signed-off-by: Mark Brown commit 2cc719983603f0e9d24da256b58d6abb79e3884a Author: Biju Das Date: Thu Jul 25 09:45:54 2024 +0100 ASoC: dt-bindings: renesas,rz-ssi: Document port property Document optional port property that connects to I2S signals. Signed-off-by: Biju Das Link: https://patch.msgid.link/20240725084559.13127-2-biju.das.jz@bp.renesas.com Signed-off-by: Mark Brown commit f209d8ed5249691076a3b425667a1bd94f90887b Author: Damien Le Moal Date: Thu Jul 18 17:06:44 2024 +0900 ata: libata: Rename ata_dma_blacklisted() Rename the function ata_dma_blacklisted() to ata_dev_nodma() as this new name is more neutral. The function signature is also changed to return a boolean instead of an int. Signed-off-by: Damien Le Moal Reviewed-by: Igor Pylypiv Reviewed-by: Niklas Cassel commit f8f26f743ccfa882620f39a8fbca6d5d138d2e46 Author: Damien Le Moal Date: Wed Jul 24 07:45:56 2024 +0900 ata: libata: Change ata_dev_knobble() to return a bool Change the function ata_dev_knobble() to return a boolean instead of a u8. Signed-off-by: Damien Le Moal Reviewed-by: Igor Pylypiv Reviewed-by: Niklas Cassel commit 837dcea001593c1b82a6de9b23cfe975ac88868c Author: Rayyan Ansari Date: Wed Jul 17 11:03:07 2024 +0100 dt-bindings: ata: qcom,apq8064-ahci: add to dtschema The APQ8064 SATA AHCI controller is used in apq8064.dtsi, although it was not documented in the old text bindings. Add its compatible to ahci-platform.yaml. Signed-off-by: Rayyan Ansari Reviewed-by: Krzysztof Kozlowski Signed-off-by: Damien Le Moal commit 03d38c74d06bc3a676f7702075a230e27f5f4375 Author: Rayyan Ansari Date: Wed Jul 17 11:03:06 2024 +0100 dt-bindings: ata: qcom,ipq806x-ahci: use dtschema Remove old text bindings and add ipq806x AHCI compatible to ahci-common.yaml, as well as its required properties. Signed-off-by: Rayyan Ansari Reviewed-by: Krzysztof Kozlowski Signed-off-by: Damien Le Moal commit 3fe81a56253b25864f15b699609e26c0ccdd9180 Author: Christophe JAILLET Date: Sat Jul 27 08:36:49 2024 +0200 Input: spear-keyboard - switch to devm_clk_get_prepared() Use devm_clk_get_prepared() in order to remove a clk_unprepare() in an error handling path of the probe and from the .remove() function. This done, the whole .remove() function can also be axed because 'input_dev' is a managed resource allocated with devm_input_allocate_device() and we can fully rely on devm for cleaning up. Signed-off-by: Christophe JAILLET Link: https://lore.kernel.org/r/062986b0a5105cbc61330da0e55b22c00e2c1c4f.1722062145.git.christophe.jaillet@wanadoo.fr Signed-off-by: Dmitry Torokhov commit 7543ae2269a855683a39af57048035f44bc8ef9c Author: Wouter Verhelst Date: Thu Jul 25 18:45:36 2024 +0200 nbd: add support for rotational devices The NBD protocol defines the flag NBD_FLAG_ROTATIONAL to flag that the export in use should be treated as a rotational device. Add support for that flag to the kernel driver. Signed-off-by: Wouter Verhelst Reviewed-by: Eric Blake Link: https://lore.kernel.org/r/20240725164536.1275851-1-w@uter.be Signed-off-by: Jens Axboe commit 7960af373ade3b39e10106ef415e43a1d2aa48c6 Author: Ofir Gal Date: Thu Jul 18 11:45:14 2024 +0300 drbd: use sendpages_ok() instead of sendpage_ok() Currently _drbd_send_page() use sendpage_ok() in order to enable MSG_SPLICE_PAGES, it check the first page of the iterator, the iterator may represent contiguous pages. MSG_SPLICE_PAGES enables skb_splice_from_iter() which checks all the pages it sends with sendpage_ok(). When _drbd_send_page() sends an iterator that the first page is sendable, but one of the other pages isn't skb_splice_from_iter() warns and aborts the data transfer. Using the new helper sendpages_ok() in order to enable MSG_SPLICE_PAGES solves the issue. Acked-by: Christoph Böhmwalder Signed-off-by: Ofir Gal Link: https://lore.kernel.org/r/20240718084515.3833733-4-ofir.gal@volumez.com Signed-off-by: Jens Axboe commit 6af7331a70b4888df43ec1d7e1803ae2c43b6981 Author: Ofir Gal Date: Thu Jul 18 11:45:13 2024 +0300 nvme-tcp: use sendpages_ok() instead of sendpage_ok() Currently nvme_tcp_try_send_data() use sendpage_ok() in order to disable MSG_SPLICE_PAGES, it check the first page of the iterator, the iterator may represent contiguous pages. MSG_SPLICE_PAGES enables skb_splice_from_iter() which checks all the pages it sends with sendpage_ok(). When nvme_tcp_try_send_data() sends an iterator that the first page is sendable, but one of the other pages isn't skb_splice_from_iter() warns and aborts the data transfer. Using the new helper sendpages_ok() in order to disable MSG_SPLICE_PAGES solves the issue. Reviewed-by: Christoph Hellwig Reviewed-by: Hannes Reinecke Reviewed-by: Sagi Grimberg Signed-off-by: Ofir Gal Link: https://lore.kernel.org/r/20240718084515.3833733-3-ofir.gal@volumez.com Signed-off-by: Jens Axboe commit 23a55f4492fcf868d068da31a2cd30c15f46207d Author: Ofir Gal Date: Thu Jul 18 11:45:12 2024 +0300 net: introduce helper sendpages_ok() Network drivers are using sendpage_ok() to check the first page of an iterator in order to disable MSG_SPLICE_PAGES. The iterator can represent list of contiguous pages. When MSG_SPLICE_PAGES is enabled skb_splice_from_iter() is being used, it requires all pages in the iterator to be sendable. Therefore it needs to check that each page is sendable. The patch introduces a helper sendpages_ok(), it returns true if all the contiguous pages are sendable. Drivers who want to send contiguous pages with MSG_SPLICE_PAGES may use this helper to check whether the page list is OK. If the helper does not return true, the driver should remove MSG_SPLICE_PAGES flag. Reviewed-by: Christoph Hellwig Reviewed-by: Sagi Grimberg Signed-off-by: Ofir Gal Acked-by: Jakub Kicinski Link: https://lore.kernel.org/r/20240718084515.3833733-2-ofir.gal@volumez.com Signed-off-by: Jens Axboe commit 79c6c60a6c1f5128b31ab80b7ac1c4d8255342ac Author: Yu Kuai Date: Fri Jul 19 15:15:06 2024 +0800 blk-ioprio: remove per-disk structure ioprio works on the blk-cgroup level, all disks in the same cgroup are the same, and the struct ioprio_blkg doesn't have anything in it. Hence register the policy is enough, because cpd_alloc/free_fn will be handled for each blk-cgroup, and there is no need to activate the policy for disk. Hence remove blk_ioprio_init/exit and ioprio_alloc/free_pd. Signed-off-by: Yu Kuai Reviewed-by: Christoph Hellwig Acked-by: Tejun Heo Reviewed-by: Bart Van Assche Link: https://lore.kernel.org/r/20240719071506.158075-4-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit d0e92795997c8dce7ec804791e359a93211f9719 Author: Yu Kuai Date: Fri Jul 19 15:15:05 2024 +0800 blk-ioprio: remove ioprio_blkcg_from_bio() Currently, if config is enabled, then ioprio is always enabled by default from blkcg_init_disk(), hence there is no point to check if the policy is enabled from blkg in ioprio_blkcg_from_bio(). Hence remove it and get blkcg directly from bio. Signed-off-by: Yu Kuai Reviewed-by: Christoph Hellwig Acked-by: Tejun Heo Reviewed-by: Bart Van Assche Link: https://lore.kernel.org/r/20240719071506.158075-3-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit ae8650b45d1837aae117fa147aeef69540bb3fe8 Author: Yu Kuai Date: Fri Jul 19 15:15:04 2024 +0800 blk-cgroup: check for pd_(alloc|free)_fn in blkcg_activate_policy() Currently all policies implement pd_(alloc|free)_fn, however, this is not necessary for ioprio that only works for blkcg, not blkg. There are no functional changes, prepare to cleanup activating ioprio policy. Signed-off-by: Yu Kuai Reviewed-by: Christoph Hellwig Acked-by: Tejun Heo Link: https://lore.kernel.org/r/20240719071506.158075-2-yukuai1@huaweicloud.com Signed-off-by: Jens Axboe commit a237b8da413c1ab2a85d411c99dbb168d0d0183b Author: Konrad Dybcio Date: Thu Jul 11 12:58:47 2024 +0200 arm64: dts: qcom: x1e80100: Disable SMB2360_2 by default It's absent on (most?) laptops that only have 2 type-C ports (of which there are quite a few, and coming upstream too). Keep it disabled by default and re-enable it on actual users. Signed-off-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240711-topic-hhh-v1-2-a1b6b716685f@linaro.org Signed-off-by: Bjorn Andersson commit 27302c7d8590995b172708e65fe227b7d60aabac Author: Konrad Dybcio Date: Thu Jul 11 12:58:46 2024 +0200 arm64: dts: qcom: x1e80100: Fix up hex style Adhere to the convention: pad the addresses to 8 hex digits and use lowercase letters. Compile tested, no difference. Signed-off-by: Konrad Dybcio Link: https://lore.kernel.org/r/20240711-topic-hhh-v1-1-a1b6b716685f@linaro.org Signed-off-by: Bjorn Andersson commit c9bfc37f085aa180b3c49b9c95756b9ef032243e Author: Hansen Dsouza Date: Thu Jul 18 22:42:06 2024 -0400 drm/amd/display: Add new enable and disable functions for DCN35 Add new enable and disable functions based on DCCG spec. Signed-off-by: Hansen Dsouza Reviewed-by: Muhammad Ahmed Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 31663521ede2edb622ee1b397ae3ac666d6351c5 Author: Nicholas Kazlauskas Date: Thu Jul 18 11:53:31 2024 -0400 drm/amd/display: Use gpuvm_min_page_size_kbytes for DML2 surfaces [Why] It's currently hard coded to 256 when it should be using the SOC provided values. This can result in corruption with linear surfaces where we prefetch more PTE than the buffer can hold. [How] Update the min page size correctly for the plane. Signed-off-by: Nicholas Kazlauskas Reviewed-by: Jun Lei Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 4067f4fa0423a89fb19a30b57231b384d77d2610 Author: Alex Hung Date: Mon Jul 15 09:57:01 2024 -0600 drm/amd/display: Initialize get_bytes_per_element's default to 1 Variables, used as denominators and maybe not assigned to other values, should not be 0. bytes_per_element_y & bytes_per_element_c are initialized by get_bytes_per_element() which should never return 0. This fixes 10 DIVIDE_BY_ZERO issues reported by Coverity. Signed-off-by: Alex Hung Reviewed-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 6eb1fe53ee94cffd7187844d08d46ba8659d667a Author: Alex Hung Date: Tue Jul 16 14:58:06 2024 -0600 drm/amd/display: Check null values from functions Functions get_per_method_common_meta and get_expanded_strategy_list can return null and thus it is necessary to check their returned values before dereferencing. This fixes 3 NULL_RETURNS issues reported by Coverity. Signed-off-by: Alex Hung Reviewed-by: Rodrigo Siqueira Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit c3f15273721f2ee60d32fc7d4f2c233a1eff47a8 Author: Cruise Date: Thu Jul 18 12:55:02 2024 +0800 drm/amd/display: Add logs for debugging outbox The DP tunnel AUX reply is received through Outbox1. Print the Outbox1 status if an issue occurs. Signed-off-by: Cruise Reviewed-by: Nicholas Kazlauskas Reviewed-by: Wayne Lin Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit b5126ba85beadfa1f3cfdc9e7a8533ad444ca210 Author: Hansen Dsouza Date: Wed Jul 17 18:29:04 2024 -0400 drm/amd/display: Add new enable and disable functions Add new enable and disable functions based on DCCG spec. Signed-off-by: Hansen Dsouza Reviewed-by: Muhammad Ahmed Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit c6bb3acf1cdeed5d01ebde70b769a8e25993965d Author: Thomas Weißschuh Date: Fri Jul 26 15:40:16 2024 +0200 drm/radeon: convert bios_hardcoded_edid to drm_edid Instead of manually passing around 'struct edid *' and its size, use 'struct drm_edid', which encapsulates a validated combination of both. As the drm_edid_ can handle NULL gracefully, the explicit checks can be dropped. Also save a few characters by transforming '&array[0]' to the equivalent 'array' and using 'max_t(int, ...)' instead of manual casts. Signed-off-by: Thomas Weißschuh Signed-off-by: Alex Deucher commit aeb81b62c7fe4782198e9dd79c7d6cdf04d92586 Author: Thomas Weißschuh Date: Fri Jul 26 15:40:15 2024 +0200 drm/amdgpu: convert bios_hardcoded_edid to drm_edid Instead of manually passing around 'struct edid *' and its size, use 'struct drm_edid', which encapsulates a validated combination of both. As the drm_edid_ can handle NULL gracefully, the explicit checks can be dropped. Also save a few characters by transforming '&array[0]' to the equivalent 'array' and using 'max_t(int, ...)' instead of manual casts. Signed-off-by: Thomas Weißschuh Signed-off-by: Alex Deucher commit 608d886c978cd5f3d8650630568d96c231845227 Author: Alex Deucher Date: Thu Jul 25 17:30:37 2024 -0400 drm/amdgpu: Fix APU handling in amdgpu_pm_load_smu_firmware() We only need to skip this on modern APUs. It's required on older APUs as it's where start_smu gets called from. Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3502 Fixes: 064d92436b69 ("drm/amd/pm: avoid to load smu firmware for APUs") Reviewed-by: Tim Huang Signed-off-by: Alex Deucher Cc: Tim Huang commit 13d8850a3387635c051c5ed1c8a8b6c1e9bd1341 Author: Sunil Khatri Date: Fri Jul 26 18:07:41 2024 +0530 drm/amdgpu: trigger ip dump before suspend of IP's Problem: IP dump right now is done post suspend of all IP's which for some IP's could change power state and software state too which we do not want to reflect in the dump as it might not be same at the time of hang. Solution: IP should be dumped as close to the HW state when the GPU was in hung state without trying to reinitialize any resource. Acked-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit a15268787b79fd183dd526cc16bec9af4f4e49a1 Author: Alex Hung Date: Wed Jul 17 09:17:56 2024 -0600 drm/amd/display: Avoid overflow assignment in link_dp_cts sampling_rate is an uint8_t but is assigned an unsigned int, and thus it can overflow. As a result, sampling_rate is changed to uint32_t. Similarly, LINK_QUAL_PATTERN_SET has a size of 2 bits, and it should only be assigned to a value less or equal than 4. This fixes 2 INTEGER_OVERFLOW issues reported by Coverity. Signed-off-by: Alex Hung Reviewed-by: Wenjing Liu Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit cead9ac8b0992ae2659b637e86a0da7cfeb5e267 Author: Ilya Bakoulin Date: Tue Jul 16 13:39:10 2024 -0400 drm/amd/display: Use correct cm_helper function Need to use cm3_helper function with DCN401 to avoid cases where high RGB component values can get set to zero if using the TF curve generated by cm_helper. Signed-off-by: Ilya Bakoulin Reviewed-by: Alvin Lee Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit bd870cfd21489d28195fda157710ebd4cecaa8ca Author: Nicholas Kazlauskas Date: Tue Jul 16 17:41:54 2024 -0400 drm/amd/display: Add seamless boot support for more DIG operation modes [Why] When pre-OS firmware enables display support for displays that operate the DIG in 2 pixels per cycle processing modes the inferred pixel rate from get_pixel_clk_frequency_100hz does not account for the true pixel rate since we're outputting 2 per cycle past the stream encoder. This causes seamless boot validation to abort early. [How] Add a new stream encoder function for getting pixels per cycle from the stream encoder. If the pixels per cycle is greater than 1 and the driver policy is to enable 2 pixels per cycle for post-OS then allow seamless boot to continue. Signed-off-by: Nicholas Kazlauskas Reviewed-by: Duncan Ma Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit df18a4de9e77ad92c472fd1eb0fb1255d52dd4cd Author: Tom Chung Date: Fri Jul 12 17:29:07 2024 +0800 drm/amd/display: Reset VRR config during resume [Why] After resume the system, the new_crtc_state->vrr_infopacket does not synchronize with the current state. It will affect the update_freesync_state_on_stream() does not update the state correctly. The previous patch causes a PSR SU regression that cannot let panel go into self-refresh mode. [How] Reset the VRR config during resume to force update the VRR config later. Fixes: eb6dfbb7a9c6 ("drm/amd/display: Reset freesync config before update new state") Signed-off-by: Tom Chung Reviewed-by: Sun peng Li Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 4981bd4749fa769b3d6acbc82fe8059c030d0920 Author: Tom Chung Date: Fri Jul 12 18:02:30 2024 +0800 drm/amd/display: Add a missing PSR state [Why & How] Add a missing PSR state to make the dmub_psr_get_state() return a correct PSR state. Signed-off-by: Tom Chung Reviewed-by: Sun peng Li Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 093b79d034c59a3b66f6312863502378a422496d Author: Charlene Liu Date: Tue Jul 16 15:58:35 2024 -0400 drm/amd/display: sync dmub output event type. [why] dmubfw added a new event type, update amdgpu to avoid "notify type 6 invalid" Signed-off-by: Charlene Liu Reviewed-by: Chris Park Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 9724b8494d3e85cb01c377f201bfaf25fd7d38ff Author: Charlene Liu Date: Tue Jul 16 13:47:43 2024 -0400 drm/amd/display: restore immediate_disable_crtc for w/a [why] immediate_disable_crtc does not reset ODM. if switching to disable_crtc which will disable ODM as well. i.e. need to restore ODM mem cfg at reenable it at end of w/a. Signed-off-by: Charlene Liu Reviewed-by: Xi (Alex) Liu Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 739d0f3e1f36738d4cd84166784a8f7a58d69612 Author: Michael Chen Date: Tue Jul 23 17:45:23 2024 -0400 drm/amdgpu: increase mes log buffer size for gfx12 MES firmware requires larger log buffer for gfx12. Allocate proper buffer respectively for gfx11 and gfx12. Signed-off-by: Michael Chen Acked-by: Alex Deucher Signed-off-by: Alex Deucher commit 58a8ee96f84d2c21abb85ad8c22d2bbdf59bd7a9 Author: Alex Hung Date: Mon Jul 15 10:37:28 2024 -0600 drm/amd/display: Check stream_status before it is used [WHAT & HOW] dc_state_get_stream_status can return null, and therefore null must be checked before stream_status is used. This fixes 1 NULL_RETURNS issue reported by Coverity. Signed-off-by: Alex Hung Reviewed-by: Rodrigo Siqueira Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 722e96c99f1d7532fdfbb557f50a399f6cc57d82 Author: Alex Hung Date: Mon Jul 15 10:24:58 2024 -0600 drm/amd/display: Check null pointers before using them [WHAT & HOW] dc_link is null checked previously in the same function, indicating it might be null as reported by Coverity. This fixes 1 FORWARD_NULL issue reported by Coverity. Signed-off-by: Alex Hung Reviewed-by: Rodrigo Siqueira Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 3f96f545f877ac59d0c967f52d760b4b2b3b9a47 Author: Alex Hung Date: Fri Jun 7 22:09:53 2024 -0600 drm/amd/display: Fix possible overflow in integer multiplication [WHAT & HOW] Integer multiplies integer may overflow in context that expects an expression of unsigned long long (64 bits). This can be fixed by casting integer to unsigned long long to force 64 bits results. This fixes 2 OVERFLOW_BEFORE_WIDEN issues reported by Coverity. Signed-off-by: Alex Hung Reviewed-by: Rodrigo Siqueira Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit d5022deb4a526009fdc20e4d62528b25b05112dc Author: Alvin Lee Date: Mon Jul 15 13:54:18 2024 -0400 drm/amd/display: Add option to disable unbounded req in DML21 Use debug option for disabling unbounded req in DML21 Signed-off-by: Alvin Lee Reviewed-by: Austin Zheng Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 680caca6feee720d0a6cb00f892c0d2d46dc4075 Author: Bhuvanachandra Pinninti Date: Tue Jul 16 18:53:03 2024 +0530 drm/amd/display: Refactor for dio Moved files to respective folders to improve DIO code. Signed-off-by: Bhuvanachandra Pinninti Reviewed-by: Martin Leung Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit fcb3a4fb8255149a73afeb3d8f2397eaac3a46b0 Author: Nicholas Kazlauskas Date: Mon Jul 15 15:52:46 2024 -0400 drm/amd/display: Request 0MHz dispclk for zero display case [Why] If we aren't entering RCG/IPS2 or CLKSTOP is not supported by PMFW then we should be requesting a dispclk value of 0MHz to PMFW. Currenly we run at max clock since there's an assumption in APU clock table formulation where we can run at any DISPCLK at any state so the real clock value ends up as 1200Mhz - the maximum. [How] Set to 0 instead of the minimum value in the state array. Signed-off-by: Nicholas Kazlauskas Reviewed-by: Duncan Ma Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 076362d931d0d5ed01a3d1cd4d066f2e6e7f86f8 Author: Sunil Khatri Date: Fri Jul 26 15:09:59 2024 +0530 drm/amdgpu: print VCN instance dump for valid instance VCN dump is dependent on power state of the ip. Dump is valid if VCN was powered up at the time of ip dump. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 0e4b858285e633ea6bc7335fd66529955d023af9 Author: Chris Park Date: Fri Jul 12 12:50:48 2024 -0400 drm/amd/display: Add two dmmuy I2C entry for GPIO port mapping issue [Why] When only 4 I2C is declared, two dummies are required to correctly map GPIO port. [How] Add one more I2C dummy entry to match GPIO port. Signed-off-by: Chris Park Reviewed-by: Alvin Lee Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 17e68f89132b9ee4b144358b49e5df404b314181 Author: Leo Li Date: Thu Jul 11 14:38:11 2024 -0400 drm/amd/display: Run idle optimizations at end of vblank handler [Why & How] 1. After allowing idle optimizations, hw programming is disallowed. 2. Before hw programming, we need to disallow idle optimizations. Otherwise, in scenario 1, we will immediately kick hw out of idle optimizations with register access. Scenario 2 is less of a concern, since any register access will kick hw out of idle optimizations. But we'll do it early for correctness. Signed-off-by: Leo Li Reviewed-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 7fb363c57522b704e156fc4c5fbcb7ee133fe304 Author: Leo Li Date: Thu Jul 11 14:31:27 2024 -0400 drm/amd/display: Let drm_crtc_vblank_on/off manage interrupts [Why] We manage interrupts for CRTCs in two places: 1. In manage_dm_interrupts(), when CRTC get enabled or disabled 2. When drm_vblank_get/put() starts or kills the vblank counter, calling into amdgpu_dm_crtc_set_vblank() The interrupts managed by these twp places should be identical. [How] Since manage_dm_interrupts() already use drm_crtc_vblank_on/off(), just move all CRTC interrupt management into amdgpu_dm_crtc_set_vblank(). This has the added benefit of disabling all CRTC and HUBP interrupts when there are no vblank requestors. Note that there is a TODO item - unchanged from when it was first introduced - to properly identify the HUBP instance from the OTG instance, rather than just assume direct mapping. Signed-off-by: Leo Li Reviewed-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit f9e6759888866748f31b6b6c2142a481d587f51f Author: Samson Tam Date: Sun Jul 14 16:31:05 2024 -0400 drm/amd/display: roll back quality EASF and ISHARP and dc dependency changes [Why] Seeing several regressions related to quality EASF and ISHARP changes and removing dc dependency changes. [How] Roll back SPL changes Signed-off-by: Samson Tam Reviewed-by: Martin Leung Tested-by: Daniel Wheeler Signed-off-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit 7c5b344537a143d15385992e41a50a9c5125e93c Author: Srinivasan Shanmugam Date: Fri Jul 26 12:17:12 2024 +0530 drm/amdkfd: Fix missing error code in kfd_queue_acquire_buffers The fix involves setting 'err' to '-EINVAL' before each 'goto out_err_unreserve'. Fixes the below: drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_queue.c:265 kfd_queue_acquire_buffers() warn: missing error code 'err' drivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_queue.c 226 int kfd_queue_acquire_buffers(struct kfd_process_device *pdd, struct queue_properties *properties) 227 { 228 struct kfd_topology_device *topo_dev; 229 struct amdgpu_vm *vm; 230 u32 total_cwsr_size; 231 int err; 232 233 topo_dev = kfd_topology_device_by_id(pdd->dev->id); 234 if (!topo_dev) 235 return -EINVAL; 236 237 vm = drm_priv_to_vm(pdd->drm_priv); 238 err = amdgpu_bo_reserve(vm->root.bo, false); 239 if (err) 240 return err; 241 242 err = kfd_queue_buffer_get(vm, properties->write_ptr, &properties->wptr_bo, PAGE_SIZE); 243 if (err) 244 goto out_err_unreserve; 245 246 err = kfd_queue_buffer_get(vm, properties->read_ptr, &properties->rptr_bo, PAGE_SIZE); 247 if (err) 248 goto out_err_unreserve; 249 250 err = kfd_queue_buffer_get(vm, (void *)properties->queue_address, 251 &properties->ring_bo, properties->queue_size); 252 if (err) 253 goto out_err_unreserve; 254 255 /* only compute queue requires EOP buffer and CWSR area */ 256 if (properties->type != KFD_QUEUE_TYPE_COMPUTE) 257 goto out_unreserve; This is clearly a success path. 258 259 /* EOP buffer is not required for all ASICs */ 260 if (properties->eop_ring_buffer_address) { 261 if (properties->eop_ring_buffer_size != topo_dev->node_props.eop_buffer_size) { 262 pr_debug("queue eop bo size 0x%lx not equal to node eop buf size 0x%x\n", 263 properties->eop_buf_bo->tbo.base.size, 264 topo_dev->node_props.eop_buffer_size); --> 265 goto out_err_unreserve; This has err in the label name. err = -EINVAL? 266 } 267 err = kfd_queue_buffer_get(vm, (void *)properties->eop_ring_buffer_address, 268 &properties->eop_buf_bo, 269 properties->eop_ring_buffer_size); 270 if (err) 271 goto out_err_unreserve; 272 } 273 274 if (properties->ctl_stack_size != topo_dev->node_props.ctl_stack_size) { 275 pr_debug("queue ctl stack size 0x%x not equal to node ctl stack size 0x%x\n", 276 properties->ctl_stack_size, 277 topo_dev->node_props.ctl_stack_size); 278 goto out_err_unreserve; err? 279 } 280 281 if (properties->ctx_save_restore_area_size != topo_dev->node_props.cwsr_size) { 282 pr_debug("queue cwsr size 0x%x not equal to node cwsr size 0x%x\n", 283 properties->ctx_save_restore_area_size, 284 topo_dev->node_props.cwsr_size); 285 goto out_err_unreserve; err? Not sure. 286 } 287 288 total_cwsr_size = (topo_dev->node_props.cwsr_size + topo_dev->node_props.debug_memory_size) 289 * NUM_XCC(pdd->dev->xcc_mask); 290 total_cwsr_size = ALIGN(total_cwsr_size, PAGE_SIZE); 291 292 err = kfd_queue_buffer_get(vm, (void *)properties->ctx_save_restore_area_address, 293 &properties->cwsr_bo, total_cwsr_size); 294 if (!err) 295 goto out_unreserve; 296 297 amdgpu_bo_unreserve(vm->root.bo); 298 299 err = kfd_queue_buffer_svm_get(pdd, properties->ctx_save_restore_area_address, 300 total_cwsr_size); 301 if (err) 302 goto out_err_release; 303 304 return 0; 305 306 out_unreserve: 307 amdgpu_bo_unreserve(vm->root.bo); 308 return 0; 309 310 out_err_unreserve: 311 amdgpu_bo_unreserve(vm->root.bo); 312 out_err_release: 313 kfd_queue_release_buffers(pdd, properties); 314 return err; 315 } Fixes: 629568d25fea ("drm/amdkfd: Validate queue cwsr area and eop buffer size") Reported-by: Dan Carpenter Cc: Philip Yang Cc: Felix Kuehling Cc: Christian König Cc: Alex Deucher Signed-off-by: Srinivasan Shanmugam Reviewed-by: Philip Yang Signed-off-by: Alex Deucher commit 66d71a72539e173a9b00ca0b1852cbaa5f5bf1ad Author: Srinivasan Shanmugam Date: Thu Jul 25 07:23:48 2024 +0530 drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream This commit addresses a null pointer dereference issue in the `commit_planes_for_stream` function at line 4140. The issue could occur when `top_pipe_to_program` is null. The fix adds a check to ensure `top_pipe_to_program` is not null before accessing its stream_res. This prevents a null pointer dereference. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/core/dc.c:4140 commit_planes_for_stream() error: we previously assumed 'top_pipe_to_program' could be null (see line 3906) Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit 8e4ed3cf1642df0c4456443d865cff61a9598aa8 Author: Srinivasan Shanmugam Date: Thu Jul 25 08:14:56 2024 +0530 drm/amd/display: Add null check for pipe_ctx->plane_state in dcn20_program_pipe This commit addresses a null pointer dereference issue in the `dcn20_program_pipe` function. The issue could occur when `pipe_ctx->plane_state` is null. The fix adds a check to ensure `pipe_ctx->plane_state` is not null before accessing. This prevents a null pointer dereference. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn20/dcn20_hwseq.c:1925 dcn20_program_pipe() error: we previously assumed 'pipe_ctx->plane_state' could be null (see line 1877) Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit 25dd25f86eca77b1ce4a611432f57b006fa91615 Author: Venkata Narendra Kumar Gutta Date: Tue Jun 18 18:16:52 2024 -0700 drm/amdgpu: Add MFD support for ISP I2C bus ISP I2C bus device can't be enumerated via ACPI mechanism since it shares the memory map with the AMDGPU. So use the MFD mechanism for registering the ISP I2C device and add the required resources. Signed-off-by: Venkata Narendra Kumar Gutta Acked-by: Alex Deucher Signed-off-by: Alex Deucher commit fbfb5f0342253d92c4e446588c428a9d90c3f610 Author: Christian König Date: Wed Jul 24 09:24:02 2024 +0200 drm/amdgpu: fix contiguous handling for IB parsing v2 Otherwise we won't get correct access to the IB. v2: keep setting AMDGPU_GEM_CREATE_VRAM_CONTIGUOUS to avoid problems in the VRAM backend. Signed-off-by: Christian König Closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3501 Fixes: e362b7c8f8c7 ("drm/amdgpu: Modify the contiguous flags behaviour") Reviewed-by: Alex Deucher Cc: stable@vger.kernel.org Tested-by: Dave Airlie Signed-off-by: Alex Deucher commit cd162ae9bc3ba91eb630a1321afd3d1dde5f2000 Author: Sunil Khatri Date: Wed Jul 24 16:48:28 2024 +0530 drm/amdgpu: add print support for vcn_v3_0 ip dump Add support for logging the registers in devcoredump buffer for vcn_v3_0. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 58d283801d06d4434df6625ed6e6b8d2ba47fe65 Author: Sunil Khatri Date: Wed Jul 24 16:35:41 2024 +0530 drm/amdgpu: add vcn_v3_0 ip dump support Add support of vcn ip dump in the devcoredump for vcn_v3_0. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 50d10d9271f6c6542196c54275091c7b2c6edf97 Author: Sunil Khatri Date: Wed Jul 24 22:35:56 2024 +0530 drm/amdgpu: add macro to calculate offset with instance Add macro definition which calculate offset of the register with index override. This is useful in case when there is an array of registers which is common for all instances. To read registers in that case it is easy to define registers once and the index value is manually passed to calculate proper offset of register for each instance. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit f3392e662efdc095f10109f588aa4f3be86f7eb5 Author: Sunil Khatri Date: Tue Jul 23 13:08:55 2024 +0530 drm/amdgpu: add vcn ip dump ptr in vcn global struct Add pointer to the vcn ip dump in the vcn global structure to be accessible for all vcn version via global adev. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 61671d85def2960bbf52db22e9e45b3bf8a5ceb5 Author: Ben Skeggs Date: Fri Jul 26 14:38:28 2024 +1000 drm/nouveau/kms: remove push pointer from nv50_dmac The struct itself lives in nv50_dmac already, just use that. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-38-bskeggs@nvidia.com commit 723388bc0fb68f2487795796f4e616ea39cee99c Author: Ben Skeggs Date: Fri Jul 26 14:38:27 2024 +1000 drm/nouveau/kms: remove a few unused struct members and fn decls Left-overs from the past that are completely unused now. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-37-bskeggs@nvidia.com commit 0df26c0d69dce1141218e0e5ed0ad378a0c6c058 Author: Ben Skeggs Date: Fri Jul 26 14:38:26 2024 +1000 drm/nouveau: remove push pointer from nouveau_channel The struct itself lives in nouveau_channel already, just use that. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-36-bskeggs@nvidia.com commit 034142a303fed2903957b06a7c91abdff5531bcf Author: Ben Skeggs Date: Fri Jul 26 14:38:25 2024 +1000 drm/nouveau: remove master The only remaining nouveau_drm.master struct member that's being used is the mutex that protects its object tree. Move that into nouveau_drm and remove nouveau_drm.master entirely. A pending series to remove the "ioctl" layer between DRM and NVKM also removes the need for object handle lookups, and hence this mutex, but it's still required for the moment. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-35-bskeggs@nvidia.com commit 3543e84e20fbd60e02264f757c77c7dbdfd1ee4a Author: Ben Skeggs Date: Fri Jul 26 14:38:24 2024 +1000 drm/nouveau: remove chan->drm The nouveau_cli that owns the channel is now stored in nouveau_chan, and it has a pointer to the drm device already. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-34-bskeggs@nvidia.com commit 2eb58f22e2761b75e4f35847be03ddd425ae2b5e Author: Ben Skeggs Date: Fri Jul 26 14:38:23 2024 +1000 drm/nouveau: remove nouveau_chan.device nouveau_chan.device is always the same as nouveau_chan.cli.device, so there's no need to store it separately. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-33-bskeggs@nvidia.com commit 5cca41ac70e5877383ed925bd017884c37edf09b Author: Ben Skeggs Date: Fri Jul 26 14:38:22 2024 +1000 drm/nouveau: pass cli to nouveau_channel_new() instead of drm+device Both of these are stored in nouveau_cli already, and also allows the removal of some void casts. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-32-bskeggs@nvidia.com commit 3019023ec9fb2bd7b0d2d82ce847ae2520f24c1b Author: Ben Skeggs Date: Fri Jul 26 14:38:21 2024 +1000 drm/nouveau: pass drm to nv50_dmac_create(), rather than device+disp Both of these are stored in nouveau_drm already. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-31-bskeggs@nvidia.com commit 0fa0955acdb342bee3651bacfdce3d8927ab1025 Author: Ben Skeggs Date: Fri Jul 26 14:38:20 2024 +1000 drm/nouveau: pass drm to nouveau_mem_new(), instead of cli The nouveau_cli pointer is only ever used to eventually access nouveau_drm, so just store it directly. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-30-bskeggs@nvidia.com commit c6bf82d426d8293d7257b9db368e025b1fd66454 Author: Ben Skeggs Date: Fri Jul 26 14:38:19 2024 +1000 drm/nouveau: add nvif_mmu to nouveau_drm This allocates a new nvif_mmu in nouveau_drm, and uses it for TTM backend memory allocations instead of nouveau_drm.master.mmu, which is removed by a later commit that removes nouveau_drm.master entirely. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-29-bskeggs@nvidia.com commit 6901f1d6479b6f81b537672cc16720b06b2ab3a5 Author: Ben Skeggs Date: Fri Jul 26 14:38:18 2024 +1000 drm/nouveau: move nvxx_* definitions to nouveau_drv.h These are some dodgy "convenience" macros for the DRM driver to peek into NVKM state. They're still used in a few places, but don't belong in nvif/device.h in any case. Move them to nouveau_drv.h, and modify callers to pass a nouveau_drm instead of an nvif_device. v2: - use drm->nvkm pointer for nvxx_*() macros, removing some void* v3: - add some explanation of the nvxx_*() macros Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-28-bskeggs@nvidia.com commit 8d7b2d3a7e3aa4fac309f9a496e6b237729d2b01 Author: Ben Skeggs Date: Fri Jul 26 14:38:17 2024 +1000 drm/nouveau/nvif: remove disp chan rd/wr There's no good reason the ioremap() that results from nvif_object_map() should fail, so add a check that the map succeeded, and remove the rd/wr methods from display channel objects. As this was the last user of rd/wr methods, the nvif plumbing is removed at the same time. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-27-bskeggs@nvidia.com commit 216c3c4424bb42bd6e4ea75cfe0c22aa7dceda6a Author: Ben Skeggs Date: Fri Jul 26 14:38:16 2024 +1000 drm/nouveau/nvif: remove device rd/wr The previous commit ensures the device is always mapped, so these are unneeded. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-26-bskeggs@nvidia.com commit cced63c3dd23e061f0fca754a3aeb35b62b0a628 Author: Ben Skeggs Date: Fri Jul 26 14:38:15 2024 +1000 drm/nouveau: always map device The next commit removes the nvif rd/wr methods from nvif_device, which were probably a bad idea, and mostly intended as a fallback if ioremap() failed (or wasn't available, as was the case in some tools I once used). The nv04 KMS driver already mapped the device, because it's mostly been kept alive on life-support for many years and still directly bashes PRI a lot for modesetting. Post-nv50, I tried pretty hard to keep PRI accesses out of the DRM code, but there's still a few random places where we do, and those were using the rd/wr paths prior to this commit. This allocates and maps a new nvif_device (which will replace the usage of nouveau_drm.master.device later on), and replicates this pointer to all other possible users. This will be cleaned up by the end of another patch series, after it's been made safe to do so. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-25-bskeggs@nvidia.com commit fabc65d16337b6cee1cbbd1470bbb903f6daf3ea Author: Ben Skeggs Date: Fri Jul 26 14:38:14 2024 +1000 drm/nouveau/nvif: remove device args These were once used by used by userspace tools (with nvkm built as a library), to access multiple GPUs from a single nvif_client. The DRM code just uses the driver's default device, so remove the arguments. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-24-bskeggs@nvidia.com commit 246b228eb905c94663af435a1cd6cd31cc205ba0 Author: Ben Skeggs Date: Fri Jul 26 14:38:13 2024 +1000 drm/nouveau/nvif: remove client fini Does nothing. Remove it. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-23-bskeggs@nvidia.com commit c45c999cfb6716d40af9048ed0142e42a6235378 Author: Ben Skeggs Date: Fri Jul 26 14:38:12 2024 +1000 drm/nouveau/nvif: remove client devlist This was once used by userspace tools (with nvkm built as a library), but is now unused. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-22-bskeggs@nvidia.com commit def122b64e37daa39774d4afa433ad42b8a5eaf3 Author: Ben Skeggs Date: Fri Jul 26 14:38:11 2024 +1000 drm/nouveau/nvif: remove client version This is not, and has never, been used for anything. Remove it. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-21-bskeggs@nvidia.com commit a897f65b3a6175243e4878e2fd2e9b8f494710ec Author: Ben Skeggs Date: Fri Jul 26 14:38:10 2024 +1000 drm/nouveau/nvif: remove client device arg This was once used by userspace tools (with nvkm built as a library), as a way to select a "default device". The DRM code doesn't need this at all as clients only have access to a single device already, so inherit the value from its parent. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-20-bskeggs@nvidia.com commit 7e0d8de4d35789b57eee8acb0a952b854edb37a1 Author: Ben Skeggs Date: Fri Jul 26 14:38:09 2024 +1000 drm/nouveau/nvif: remove driver keep/fini These are remnants of code long gone. Remove them. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-19-bskeggs@nvidia.com commit ffe9f1bfb3e6709769779bc6c1a5b1d971b7b95d Author: Ben Skeggs Date: Fri Jul 26 14:38:08 2024 +1000 drm/nouveau/nvif: remove nvxx_client() Make use of nouveau_cli.name instead of nvkm_client.name. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-18-bskeggs@nvidia.com commit 455167e8751c7fc50e88496e6d5dfb896e2ab3dc Author: Ben Skeggs Date: Fri Jul 26 14:38:07 2024 +1000 drm/nouveau/nvif: remove nvxx_object() This hasn't been used in a while. Moves io accessors from nvkm/core/os.h to nvif/os.h at the same time to fix a compile issue that results from no longer being included. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-17-bskeggs@nvidia.com commit d6e44a8548b614fa9d6c77e0c12b929c2c791258 Author: Ben Skeggs Date: Fri Jul 26 14:38:06 2024 +1000 drm/nouveau/nvif: remove route/token These were a cludge used to prevent userspace's nvif ioctl from accessing objects created by the kernel for the same client. That interface was removed in a previous patch, so these are no longer useful for anything. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-16-bskeggs@nvidia.com commit ca6eef9b1c3486bedadad6a85d246b26df51c61d Author: Ben Skeggs Date: Fri Jul 26 14:38:05 2024 +1000 drm/nouveau/nvif: remove support for userspace backends The tools that used libnvkm no longer exist. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-15-bskeggs@nvidia.com commit b2d474d4c8fa9cf7d18dae3c0784c4a710e850ca Author: Ben Skeggs Date: Fri Jul 26 14:38:04 2024 +1000 drm/nouveau/nvkm: remove nvkm_client_search() Has been unused for a while now. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-14-bskeggs@nvidia.com commit 4a865f6a76ed1295d878029cf7a1797395b1aec0 Author: Ben Skeggs Date: Fri Jul 26 14:38:03 2024 +1000 drm/nouveau/nvkm: remove perfmon This has never really been used for anything, in part due to never having reclocking stable enough in general to attempt to implement dynamic clock changes based on load, etc. To avoid having to rework its interfaces, remove it entirely. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-13-bskeggs@nvidia.com commit b5bd7cf76b7cf8f2dfe36aec0e4916a2a95c8fbb Author: Ben Skeggs Date: Fri Jul 26 14:38:02 2024 +1000 drm/nouveau/nvkm: remove detect/mmio/subdev_mask from device args All callers now pass "detect=true, mmio=true, subdev_mask=~0ULL", so remove the function arguments, and associated code. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-12-bskeggs@nvidia.com commit 8bc1ab4f615b200507b113d31ca614fa17b9772d Author: Ben Skeggs Date: Fri Jul 26 14:38:01 2024 +1000 drm/nouveau: remove abi16->handles Hasn't been needed since 2015... Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-11-bskeggs@nvidia.com commit d075d99ef73bbeca878fe2cbf758f8524bb698d5 Author: Ben Skeggs Date: Fri Jul 26 14:38:00 2024 +1000 drm/nouveau: remove abi16->device The previous commit removes the last remnants of userspace's own nvif instance, so this isn't needed anymore to hide the abi16 objects from userspace and we can use nouveau_cli.device instead. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-10-bskeggs@nvidia.com commit ba6b8479c944c50db7e2a81794885896fa6c48a8 Author: Ben Skeggs Date: Fri Jul 26 14:37:59 2024 +1000 drm/nouveau: handle limited nvif ioctl in abi16 nouveau_usif.c was already stripped right back a couple of years ago, limiting what userspace could do with it. A follow-on series removes the nvkm side of these interfaces entirely, in order to make it less of a nightmare to add/change internal APIs in the future. Unfortunately. Userspace uses some of this. Fortunately, userspace only ever ended up using a fraction of the APIs, so those are reimplemened here in a more direct manner, and return -EINVAL to userspace for everything else. v2: - simplified struct nouveau_abi16_obj - added a couple of comments v3: - comment harder Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-9-bskeggs@nvidia.com commit 2e408ad7a55273b55b14ce28f62111dc1c4f7fb6 Author: Ben Skeggs Date: Fri Jul 26 14:37:58 2024 +1000 drm/nouveau: add nouveau_cli to nouveau_abi16 Store a pointer to struct nouveau_cli in struct nouveau_abi16 to avoid some dubious void casts. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-8-bskeggs@nvidia.com commit ea94c8e217f9a845bf2c565b77c5eb078e975eae Author: Ben Skeggs Date: Fri Jul 26 14:37:57 2024 +1000 drm/nouveau: move allocation of root client out of nouveau_cli_init() drm->master isn't really a nouveau_cli, and is mostly just used to get at an nvif_mmu object to implement a hack around issues with the ioctl interface to nvkm. Later patches in this series allocate nvif_device/mmu objects in nouveau_drm directly, removing the need for master. A pending series to remove the "ioctl" layer between DRM and NVKM removes the need for the above-mentioned hack entirely. The only other member of drm->master that's needed is the nvif_client, and is a dependency of device/mmu. So the first step is to move its allocation out of code handling nouveau_cli init. v2: - modified slightly due to the addition of tegra/pci cleanup patches v3: - move nvif init below drm_dev_alloc() to avoid changing nouveau_name() Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-7-bskeggs@nvidia.com commit 6777264dfabe2a7c75453031bee5bcc2e7882cf7 Author: Ben Skeggs Date: Fri Jul 26 14:37:56 2024 +1000 drm/nouveau: store nvkm_device pointer in nouveau_drm There's various different places in the drm code that get at the nvkm_device via various creative (and not very type-safe) means. One of those being via nvif_device.object.priv. Another patch series is going to entirely remove the ioctl-like interfaces beween the drm code and nvkm, and that field will no longer exist. This provides a safer replacement for accessing the nvkm_device, and will used more in upcoming patches to cleanup other cases. v2: - fixup printk macros to not oops if used before client ctor Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-6-bskeggs@nvidia.com commit c0bfe34330b5fafdbbc63a7124841711651b96b9 Author: Ben Skeggs Date: Fri Jul 26 14:37:55 2024 +1000 drm/nouveau: create pci device once HW isn't touched anymore (aside from detection) until the first nvif_device has been allocated, so we no longer need a separate probe-only step before kicking efifb (etc) off the HW. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-5-bskeggs@nvidia.com commit 448359c1ce50a8e61842c39ffd52f399409a6860 Author: Ben Skeggs Date: Fri Jul 26 14:37:54 2024 +1000 drm/nouveau: replace drm_device* with nouveau_drm* as dev drvdata We almost always want to cast the pointer from dev_get_drvdata() to 'struct nouveau_drm *', so just directly store that pointer instead, simplifying callers, and fixing some clumsy naming of dev/drm_dev variables at the same time. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-4-bskeggs@nvidia.com commit 961ae5f9807bb15af0065485785725768a7269b9 Author: Ben Skeggs Date: Fri Jul 26 14:37:53 2024 +1000 drm/nouveau: handle pci/tegra drm_dev_{alloc, register} from common code Unify some more of the PCI/Tegra DRM driver init, both as a general cleanup, and because a subsequent commit changes the pointer stored via dev_set_drvdata(), and this allows the change to be made in one place. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-3-bskeggs@nvidia.com commit 20d70de5823ee6b9d4e8b3db4c13123cee0358af Author: Ben Skeggs Date: Fri Jul 26 14:37:52 2024 +1000 drm/nouveau: move nouveau_drm_device_fini() above init() The next commit wants to be able to call fini() from an init() failure path to remove the need to duplicate a bunch of cleanup. Moving fini() above init() avoids the need for a forward-declaration. Signed-off-by: Ben Skeggs Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240726043828.58966-2-bskeggs@nvidia.com commit 0d5040e406d2c4404d26b841c4aa34cec0bf1088 Author: Hamza Mahfooz Date: Thu Jul 25 16:51:08 2024 -0400 drm/vblank: add dynamic per-crtc vblank configuration support We would like to be able to enable vblank_disable_immediate unconditionally, however there are a handful of cases where a small off delay is necessary (e.g. with PSR enabled). So, we would like to be able to adjust the vblank off delay and disable imminent values dynamically for a given CRTC. Since, it will allow drivers to apply static screen optimizations more quickly and consequently allow users to benefit more so from the power savings afforded by the aforementioned optimizations, while avoiding issues in cases where an off delay is still warranted. In particular, the PSR case requires a small off delay of 2 frames, otherwise display firmware isn't able to keep up with all of the requests made to amdgpu. So, introduce drm_crtc_vblank_on_config() which is like drm_crtc_vblank_on(), but it allows drivers to specify the vblank CRTC configuration before enabling vblanking support for a given CRTC. Signed-off-by: Hamza Mahfooz Acked-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240725205109.209743-1-hamza.mahfooz@amd.com commit fd6797ec50c561f085bc94e3ee26f484a52af79e Author: Lucas De Marchi Date: Thu Jul 25 23:43:35 2024 -0700 drm/xe/rtp: Fix off-by-one when processing rules Gustavo noticed an odd "+ 2" in rtp_mark_active() while processing rtp rules and pointed that it should be "+ 1". In fact, while processing entries without actions (OOB workarounds), if the WA is activated and has OR rules, it will also inadvertently activate the very next workaround. Test in a LNL B0 platform by moving 18024947630 on top of 16020292621, makes the latter become active: $ cat /sys/kernel/debug/dri/0/gt0/workarounds ... OOB Workarounds 18024947630 16020292621 14018094691 16022287689 13011645652 22019338487_display In future a kunit test will be added to cover the rtp checks for entries without actions. Fixes: fe19328b900c ("drm/xe/rtp: Add support for entries with no action") Cc: Gustavo Sousa Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/20240726064337.797576-6-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit 9d8e91439fc3890de55eef2bcfde97470b7dc04d Author: Haikun Zhou Date: Thu Jul 25 19:52:29 2024 +0800 drm/panel-edp: Add CSW MNB601LS1-4 Add support for the CSW MNB601LS1-4, pleace the EDID here for subsequent reference. 00 ff ff ff ff ff ff 00 0e 77 04 11 00 00 00 00 00 22 01 04 a5 1a 0e 78 03 a1 35 9b 5e 58 91 25 1c 50 54 00 00 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 09 1e 56 dc 50 00 28 30 30 20 36 00 00 90 10 00 00 1a 00 00 00 fd 00 28 3c 30 30 08 01 0a 20 20 20 20 20 20 00 00 00 fe 00 43 53 4f 54 20 54 39 0a 20 20 20 20 20 00 00 00 fe 00 4d 4e 42 36 30 31 4c 53 31 2d 34 0a 20 00 20 Signed-off-by: Haikun Zhou Reviewed-by: Douglas Anderson Signed-off-by: Douglas Anderson Link: https://patchwork.freedesktop.org/patch/msgid/20240725115229.3416028-1-zhouhaikun5@huaqin.corp-partner.google.com commit a887d2c85a3f6af0d99ab0eafbd7a1a83f742cad Author: Zenghui Yu Date: Tue Jul 16 15:30:36 2024 +0800 accel/qaic: Remove the description of DRM_IOCTL_QAIC_PART_DEV The partition device ioctl was removed during the development of the initial version of qaic driver. Remove its description from the documentation to avoid confusing readers. Signed-off-by: Zenghui Yu Reviewed-by: Jeffrey Hugo Signed-off-by: Jeffrey Hugo Link: https://patchwork.freedesktop.org/patch/msgid/20240716073036.453-1-yuzenghui@huawei.com commit 5e9209c3739454a08c4d770c649187b0f51dffc6 Author: Matthew Brost Date: Thu Jul 25 16:18:01 2024 -0700 drm/xe: Assert G2H outstanding when releasing G2H Ensure we are managing G2H credits correctly. Extra important now that this is tied to PM. Signed-off-by: Matthew Brost Reviewed-by: Michal Wajdeczko Link: https://patchwork.freedesktop.org/patch/msgid/20240725231801.1958038-1-matthew.brost@intel.com commit 81e0a3d1063e388efcbbb4648e07479575ec85b4 Author: Deborah Brouwer Date: Wed Jul 17 16:52:21 2024 -0700 drm/ci: update link to Gitlab server Before building an image, the build script looks to see if there are fixes to apply from an upstream repository. The link for the upstream repository git://anongit.freedesktop.org/drm/drm became obsolete with the move to Gitlab server in March 2024. Until recently, this obsolete link was harmless because anongit would at least respond that there were no such fixes available. In the last few days anongit has stopped responding to requests causing the build script to hang indefinitely. Update the link from anongit to the Gitlab server to prevent the build script from hanging indefinitely. Signed-off-by: Deborah Brouwer Reviewed-by: Daniel Stone Acked-by: Helen Koike Signed-off-by: Helen Koike Link: https://patchwork.freedesktop.org/patch/msgid/20240717235221.64629-1-deborah.brouwer@collabora.com commit be8f9f4c866f41b62a3df9a5cfd54e0e88fc3e3e Author: Gustavo Sousa Date: Tue Jul 23 09:01:21 2024 -0300 drm/xe/mmio: Use single logic for waiting functions The implementations for xe_mmio_wait32() and xe_mmio_wait32_not() are almost identical. Let us avoid duplication of logic by having them calling a common __xe_mmio_wait32() function. Signed-off-by: Gustavo Sousa Reviewed-by: Himal Prasad Ghimiray Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240723120120.5443-2-gustavo.sousa@intel.com commit 641a118c9d91e53bc920ec0ea2ea350d84eb7a9d Author: Gustavo Sousa Date: Mon Jul 22 16:05:25 2024 -0300 drm/xe: Remove stale declaration of xe_mmio_probe_vram() The declaration of xe_mmio_probe_vram() became useless since commit 638d1c79cbf1 ("drm/xe: Promote VRAM initialization function to own file"). Remove it. Signed-off-by: Gustavo Sousa Reviewed-by: Michal Wajdeczko Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240722190524.71548-2-gustavo.sousa@intel.com commit 8f28c465a455563917aa15bf5ef40016b2a665d6 Author: Jiapeng Chong Date: Thu Jul 25 09:57:12 2024 +0800 drm/amd/display: remove unneeded semicolon No functional modification involved. ./drivers/gpu/drm/amd/display/dc/dml2/dml21/src/dml2_core/dml2_core_dcn4_calcs.c:481:2-3: Unneeded semicolon. ./drivers/gpu/drm/amd/display/dc/dml2/dml21/src/dml2_core/dml2_core_dcn4_calcs.c:3783:168-169: Unneeded semicolon. ./drivers/gpu/drm/amd/display/dc/dml2/dml21/src/dml2_core/dml2_core_dcn4_calcs.c:3782:166-167: Unneeded semicolon. Reported-by: Abaci Robot Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=9575 Signed-off-by: Jiapeng Chong Signed-off-by: Alex Deucher commit e06b71b2313a00579ba64a1cc43ad29d64cb8d4c Author: Jonathan Kim Date: Tue May 21 13:22:15 2024 -0400 drm/amdkfd: allow users to target recommended SDMA engines Certain GPUs have better copy performance over xGMI on specific SDMA engines depending on the source and destination GPU. Allow users to create SDMA queues on these recommended engines. Close to 2x overall performance has been observed with this optimization. Signed-off-by: Jonathan Kim Reviewed-by: Felix Kuehling Signed-off-by: Alex Deucher commit 60c30ba7ba2064066ec462236666058cbbf619c1 Author: Kenneth Feng Date: Thu Jul 4 08:14:15 2024 +0800 drm/amdgpu/pm: support gpu_metrics sysfs interface for smu v14.0.2/3 support gpu_metrics sysfs interface for smu v14.0.2/3 Signed-off-by: Kenneth Feng Reviewed-by: Yang Wang Signed-off-by: Alex Deucher commit f3c681f0c3b171db923d6147785064962351e043 Author: Jiapeng Chong Date: Wed Jul 24 15:37:49 2024 +0800 drm/amd/display: use swap() in sort() Use existing swap() function rather than duplicating its implementation. ./drivers/gpu/drm/amd/display/dc/dml2/dml21/src/dml2_pmo/dml2_pmo_dcn3.c:17:29-30: WARNING opportunity for swap(). Reported-by: Abaci Robot Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=9573 Signed-off-by: Jiapeng Chong Signed-off-by: Alex Deucher commit fdedd77b0eb31209c59107de66880ef0be21a77a Author: Nathan Chancellor Date: Wed Jul 24 08:49:35 2024 -0700 drm/amd/display: Reapply 2fde4fdddc1f Commit 2563391e57b5 ("drm/amd/display: DML2.1 resynchronization") blew away the compiler warning fix from commit 2fde4fdddc1f ("drm/amd/display: Avoid -Wenum-float-conversion in add_margin_and_round_to_dfs_grainularity()"), causing the warning to reappear. drivers/gpu/drm/amd/amdgpu/../display/dc/dml2/dml21/src/dml2_dpmm/dml2_dpmm_dcn4.c:183:58: error: arithmetic between enumeration type 'enum dentist_divider_range' and floating-point type 'double' [-Werror,-Wenum-float-conversion] 183 | divider = (unsigned int)(DFS_DIVIDER_RANGE_SCALE_FACTOR * (vco_freq_khz / clock_khz)); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~ 1 error generated. Apply the fix again to resolve the warning. Fixes: 2563391e57b5 ("drm/amd/display: DML2.1 resynchronization") Signed-off-by: Nathan Chancellor Signed-off-by: Alex Deucher commit 75c3f06fd900e01a68b8ade17e6b6be64cfdc9ff Author: Colin Ian King Date: Wed Jul 24 14:24:28 2024 +0100 drm/amd/display: Fix spelling mistake "tolarance" -> "tolerance" There is a spelling mistake in a dml2_printf message. Fix it. Signed-off-by: Colin Ian King Signed-off-by: Alex Deucher commit 17c6baff3d5f65c8da164137a58742541a060b2f Author: Alex Deucher Date: Tue Jul 23 13:31:58 2024 -0400 drm/radeon: properly handle vbios fake edid sizing The comment in the vbios structure says: // = 128 means EDID length is 128 bytes, otherwise the EDID length = ucFakeEDIDLength*128 This fake edid struct has not been used in a long time, so I'm not sure if there were actually any boards out there with a non-128 byte EDID, but align the code with the comment. Reviewed-by: Thomas Weißschuh Reported-by: Thomas Weißschuh Link: https://lists.freedesktop.org/archives/amd-gfx/2024-June/109964.html Fixes: c324acd5032f ("drm/radeon/kms: parse the extended LCD info block") Signed-off-by: Alex Deucher commit 8155566a26b8d6c1dd914f06a0c652e4e2f2adf1 Author: Alex Deucher Date: Tue Jul 23 13:23:56 2024 -0400 drm/amdgpu: properly handle vbios fake edid sizing The comment in the vbios structure says: // = 128 means EDID length is 128 bytes, otherwise the EDID length = ucFakeEDIDLength*128 This fake edid struct has not been used in a long time, so I'm not sure if there were actually any boards out there with a non-128 byte EDID, but align the code with the comment. Reviewed-by: Thomas Weißschuh Reported-by: Thomas Weißschuh Link: https://lists.freedesktop.org/archives/amd-gfx/2024-June/109964.html Fixes: d38ceaf99ed0 ("drm/amdgpu: add core driver (v4)") Signed-off-by: Alex Deucher commit 351a88713b6daae5435d683ddab1913a65d09eb2 Author: Daniele Ceraolo Spurio Date: Wed Jul 24 17:32:23 2024 -0700 drm/xe/huc: Define HuC binary for BMG Add the unversioned define for the BMG HuC FW. Signed-off-by: Daniele Ceraolo Spurio Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240725003224.516233-7-daniele.ceraolospurio@intel.com commit f4aa02c43969c36213a7fd4e56831693fc83ec4b Author: Daniele Ceraolo Spurio Date: Wed Jul 24 17:32:22 2024 -0700 drm/xe/gsc: Define GSC binary for LNL As with previous binaries, we match the compatibility version instead of the build number. Signed-off-by: Daniele Ceraolo Spurio Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240725003224.516233-6-daniele.ceraolospurio@intel.com commit e814902866ed22bc07d2af1303f3183357a438e8 Author: Daniele Ceraolo Spurio Date: Wed Jul 24 17:32:21 2024 -0700 drm/xe/huc: Define HuC binary for LNL Add the unversioned define for the LNL HuC FW. All new binaries are GSC-enabled (and even if they weren't the driver can detect the type of HuC binary), so the new lnl HuC filename doesn't use the _gsc postfix to avoid confusion with the GSC binary. Signed-off-by: Daniele Ceraolo Spurio Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240725003224.516233-5-daniele.ceraolospurio@intel.com commit d969b31afa439f71f810076a5612596dae38fd86 Author: Cong Yang Date: Wed Jul 10 16:47:14 2024 +0800 drm/panel: nt36672e: Break some CMDS into helper functions Break select page cmds and reload cmds into helper functions. Signed-off-by: Cong Yang Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20240710084715.1119935-4-yangcong5@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240710084715.1119935-4-yangcong5@huaqin.corp-partner.google.com commit 3c8d2d5da3e29f73fec6e04a424e789422f697db Author: Cong Yang Date: Wed Jul 10 16:47:13 2024 +0800 drm/panel: nt35521: Break some CMDS into helper functions Break select page cmds into helper functions. Signed-off-by: Cong Yang Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20240710084715.1119935-3-yangcong5@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240710084715.1119935-3-yangcong5@huaqin.corp-partner.google.com commit 93183c9959d456530ae502865586522acf21adf7 Author: Cong Yang Date: Wed Jul 10 16:47:12 2024 +0800 drm/panel: boe-tv101wum-nl6: Break some CMDS into helper functions hj110iz-01a and tv110c9m-ll3 both nt36523 controller, and they have some common cmds, so let's break them into helper functions. Signed-off-by: Cong Yang Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20240710084715.1119935-2-yangcong5@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240710084715.1119935-2-yangcong5@huaqin.corp-partner.google.com commit 773884e39bb5a57f998af48b3948308568027a54 Author: Marco Pagani Date: Tue Jul 23 21:10:35 2024 +0200 drm/test: use kunit action wrapper macro in the gem shmem test suite Replace deferred action function wrappers with equivalent ones defined using the macro introduced by commit 56778b49c9a2 ("kunit: Add a macro to wrap a deferred action function") Signed-off-by: Marco Pagani Signed-off-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240723191036.131286-1-marpagan@redhat.com commit 83b501c1799a96a41e163973e88826253ffadfb3 Author: Christian König Date: Fri Jul 19 17:24:14 2024 +0200 drm/scheduler: remove full_recover from drm_sched_start This was basically just another one of amdgpus hacks. The parameter allowed to restart the scheduler without turning fence signaling on again. That this is absolutely not a good idea should be obvious by now since the fences will then just sit there and never signal. While at it cleanup the code a bit. Signed-off-by: Christian König Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240722083816.99685-1-christian.koenig@amd.com commit 10ba3753665f77314cb475e1a4ad0785f4770c4b Author: Pin-yen Lin Date: Fri Jul 19 19:05:36 2024 +0800 drm/bridge: it6505: Disable IRQ when powered off When the bridge is powered off, disable the IRQ until the next power on to workaround an interrupt storm on some badly-designed hardware. Signed-off-by: Pin-yen Lin Reviewed-by: Robert Foss Signed-off-by: Robert Foss Link: https://patchwork.freedesktop.org/patch/msgid/20240719110623.1850021-1-treapking@chromium.org commit 3e307d6c28e7bc7d94b5699d0ed7fe07df6db094 Author: Suraj Kandpal Date: Wed Jul 24 22:07:43 2024 +0530 drm/i915/dp: Clear VSC SDP during post ddi disable routine Clear VSC SDP if intel_dp_set_infoframes is called from post ddi disable routine i.e with the variable of enable as false. This is to avoid an infoframes.enable mismatch issue which is caused when pipe is connected to eDp which has psr then connected to DPMST. In this case eDp's post ddi disable routine does not clear infoframes.enable VSC for the given pipe and DPMST does not recompute VSC SDP and write infoframes.enable which causes a mismatch. --v2 -Make the comment match the code [Jani] Signed-off-by: Suraj Kandpal Reviewed-by: Ankit Nautiyal Link: https://patchwork.freedesktop.org/patch/msgid/20240724163743.3668407-1-suraj.kandpal@intel.com commit b4224f6bae3801d589f815672ec62800a1501b0d Author: Suraj Kandpal Date: Mon Jul 22 12:14:51 2024 +0530 drm/xe/hdcp: Check GSC structure validity Sometimes xe_gsc is not initialized when checked at HDCP capability check. Add gsc structure check to avoid null pointer error. Signed-off-by: Suraj Kandpal Reviewed-by: Dnyaneshwar Bhadane Link: https://patchwork.freedesktop.org/patch/msgid/20240722064451.3610512-4-suraj.kandpal@intel.com commit d34f4f058edf1235c103ca9c921dc54820d14d40 Author: Suraj Kandpal Date: Mon Jul 22 12:14:50 2024 +0530 drm/i915/hdcp: Add encoder check in hdcp2_get_capability Add encoder check in intel_hdcp2_get_capability to avoid null pointer error. Signed-off-by: Suraj Kandpal Reviewed-by: Dnyaneshwar Bhadane Link: https://patchwork.freedesktop.org/patch/msgid/20240722064451.3610512-3-suraj.kandpal@intel.com commit 31b42af516afa1e184d1a9f9dd4096c54044269a Author: Suraj Kandpal Date: Mon Jul 22 12:14:49 2024 +0530 drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability Sometimes during hotplug scenario or suspend/resume scenario encoder is not always initialized when intel_hdcp_get_capability add a check to avoid kernel null pointer dereference. Signed-off-by: Suraj Kandpal Reviewed-by: Dnyaneshwar Bhadane Link: https://patchwork.freedesktop.org/patch/msgid/20240722064451.3610512-2-suraj.kandpal@intel.com commit 1a394b4f504f33eac8c38b6f42ba025105c7e869 Author: Matthew Brost Date: Wed Jul 24 09:43:41 2024 -0700 drm/xe: Fix possible UAF in guc_exec_queue_process_msg Store xe_device ahead of processing message as message can be free'd in some cases. v2: - Including missing local changes v3: - Resend for CI Reported-by: kernel test robot Reported-by: Dan Carpenter Closes: https://lore.kernel.org/r/202407231445.rpisd1vA-lkp@intel.com/ Fixes: d930c19fdff3 ("drm/xe: Build PM into GuC CT layer") Signed-off-by: Matthew Brost Reviewed-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240724164341.1848954-1-matthew.brost@intel.com commit 629568d25fea8ece4f65073f039aeef4e240ab67 Author: Philip Yang Date: Wed Jun 26 15:03:05 2024 -0400 drm/amdkfd: Validate queue cwsr area and eop buffer size When creating KFD user compute queue, check if queue eop buffer size, cwsr area size, ctl stack size equal to the size of KFD node properities. Check the entire cwsr area which may split into multiple svm ranges aligned to granularity boundary. Signed-off-by: Philip Yang Reviewed-by: Felix Kuehling Acked-by: Christian König Signed-off-by: Alex Deucher commit 517fff221c1e6b8a8db69e7a440116caee120ff5 Author: Philip Yang Date: Wed Jun 26 14:52:28 2024 -0400 drm/amdkfd: Store queue cwsr area size to node properties Use the queue eop buffer size, cwsr area size, ctl stack size calculation from Thunk, store the value to KFD node properties. Those will be used to validate queue eop buffer size, cwsr area size, ctl stack size when creating KFD user compute queue. Those will be exposed to user space via sysfs KFD node properties, to remove the duplicate calculation code from Thunk. Signed-off-by: Philip Yang Reviewed-by: Felix Kuehling Acked-by: Christian König Signed-off-by: Alex Deucher commit 47c0388b0589cb481c294dcb857d25a214c46eb3 Author: ZhenGuo Yin Date: Fri Jul 19 16:10:40 2024 +0800 drm/amdgpu: reset vm state machine after gpu reset(vram lost) [Why] Page table of compute VM in the VRAM will lost after gpu reset. VRAM won't be restored since compute VM has no shadows. [How] Use higher 32-bit of vm->generation to record a vram_lost_counter. Reset the VM state machine when vm->genertaion is not equal to the new generation token. v2: Check vm->generation instead of calling drm_sched_entity_error in amdgpu_vm_validate. v3: Use new generation token instead of vram_lost_counter for check. Signed-off-by: ZhenGuo Yin Reviewed-by: Christian König Signed-off-by: Alex Deucher commit 08ae395ea22fb3d9b318c8bde28c0dfd2f5fa4d2 Author: Srinivasan Shanmugam Date: Mon Jul 22 17:18:17 2024 +0530 drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func This commit adds a null check for the set_output_gamma function pointer in the dcn30_set_output_transfer_func function. Previously, set_output_gamma was being checked for nullity at line 386, but then it was being dereferenced without any nullity check at line 401. This could potentially lead to a null pointer dereference error if set_output_gamma is indeed null. To fix this, we now ensure that set_output_gamma is not null before dereferencing it. We do this by adding a nullity check for set_output_gamma before the call to set_output_gamma at line 401. If set_output_gamma is null, we log an error message and do not call the function. This fix prevents a potential null pointer dereference error. drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:401 dcn30_set_output_transfer_func() error: we previously assumed 'mpc->funcs->set_output_gamma' could be null (see line 386) drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c 373 bool dcn30_set_output_transfer_func(struct dc *dc, 374 struct pipe_ctx *pipe_ctx, 375 const struct dc_stream_state *stream) 376 { 377 int mpcc_id = pipe_ctx->plane_res.hubp->inst; 378 struct mpc *mpc = pipe_ctx->stream_res.opp->ctx->dc->res_pool->mpc; 379 const struct pwl_params *params = NULL; 380 bool ret = false; 381 382 /* program OGAM or 3DLUT only for the top pipe*/ 383 if (pipe_ctx->top_pipe == NULL) { 384 /*program rmu shaper and 3dlut in MPC*/ 385 ret = dcn30_set_mpc_shaper_3dlut(pipe_ctx, stream); 386 if (ret == false && mpc->funcs->set_output_gamma) { ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If this is NULL 387 if (stream->out_transfer_func.type == TF_TYPE_HWPWL) 388 params = &stream->out_transfer_func.pwl; 389 else if (pipe_ctx->stream->out_transfer_func.type == 390 TF_TYPE_DISTRIBUTED_POINTS && 391 cm3_helper_translate_curve_to_hw_format( 392 &stream->out_transfer_func, 393 &mpc->blender_params, false)) 394 params = &mpc->blender_params; 395 /* there are no ROM LUTs in OUTGAM */ 396 if (stream->out_transfer_func.type == TF_TYPE_PREDEFINED) 397 BREAK_TO_DEBUGGER(); 398 } 399 } 400 --> 401 mpc->funcs->set_output_gamma(mpc, mpcc_id, params); ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Then it will crash 402 return ret; 403 } Fixes: d99f13878d6f ("drm/amd/display: Add DCN3 HWSEQ") Reported-by: Dan Carpenter Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Hersen Wu Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit 0b071245ddd98539d4f7493bdd188417fcf2d629 Author: Tim Huang Date: Tue Jul 23 16:54:34 2024 +0800 drm/amdgpu: add missed harvest check for VCN IP v4/v5 To prevent below probe failure, add a check for models with VCN IP v4.0.6 where VCN1 may be harvested. v2: Apply the same check to VCN IP v4.0 and v5.0. [ 54.070117] RIP: 0010:vcn_v4_0_5_start_dpg_mode+0x9be/0x36b0 [amdgpu] [ 54.071055] Code: 80 fb ff 8d 82 00 80 fe ff 81 fe 00 06 00 00 0f 43 c2 49 69 d5 38 0d 00 00 48 8d 71 04 c1 e8 02 4c 01 f2 48 89 b2 50 f6 02 00 <89> 01 48 8b 82 50 f6 02 00 48 8d 48 04 48 89 8a 50 f6 02 00 c7 00 [ 54.072408] RSP: 0018:ffffb17985f736f8 EFLAGS: 00010286 [ 54.072793] RAX: 00000000000000d6 RBX: ffff99a82f680000 RCX: 0000000000000000 [ 54.073315] RDX: ffff99a82f680000 RSI: 0000000000000004 RDI: ffff99a82f680000 [ 54.073835] RBP: ffffb17985f73730 R08: 0000000000000001 R09: 0000000000000000 [ 54.074353] R10: 0000000000000008 R11: ffffb17983c05000 R12: 0000000000000000 [ 54.074879] R13: 0000000000000000 R14: ffff99a82f680000 R15: 0000000000000001 [ 54.075400] FS: 00007f8d9c79a000(0000) GS:ffff99ab2f140000(0000) knlGS:0000000000000000 [ 54.075988] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 54.076408] CR2: 0000000000000000 CR3: 0000000140c3a000 CR4: 0000000000750ef0 [ 54.076927] PKRU: 55555554 [ 54.077132] Call Trace: [ 54.077319] [ 54.077484] ? show_regs+0x69/0x80 [ 54.077747] ? __die+0x28/0x70 [ 54.077979] ? page_fault_oops+0x180/0x4b0 [ 54.078286] ? do_user_addr_fault+0x2d2/0x680 [ 54.078610] ? exc_page_fault+0x84/0x190 [ 54.078910] ? asm_exc_page_fault+0x2b/0x30 [ 54.079224] ? vcn_v4_0_5_start_dpg_mode+0x9be/0x36b0 [amdgpu] [ 54.079941] ? vcn_v4_0_5_start_dpg_mode+0xe6/0x36b0 [amdgpu] [ 54.080617] vcn_v4_0_5_set_powergating_state+0x82/0x19b0 [amdgpu] [ 54.081316] amdgpu_device_ip_set_powergating_state+0x64/0xc0 [amdgpu] [ 54.082057] amdgpu_vcn_ring_begin_use+0x6f/0x1d0 [amdgpu] [ 54.082727] amdgpu_ring_alloc+0x44/0x70 [amdgpu] [ 54.083351] amdgpu_vcn_dec_sw_ring_test_ring+0x40/0x110 [amdgpu] [ 54.084054] amdgpu_ring_test_helper+0x22/0x90 [amdgpu] [ 54.084698] vcn_v4_0_5_hw_init+0x87/0xc0 [amdgpu] [ 54.085307] amdgpu_device_init+0x1f96/0x2780 [amdgpu] [ 54.085951] amdgpu_driver_load_kms+0x1e/0xc0 [amdgpu] [ 54.086591] amdgpu_pci_probe+0x19f/0x550 [amdgpu] [ 54.087215] local_pci_probe+0x48/0xa0 [ 54.087509] pci_device_probe+0xc9/0x250 [ 54.087812] really_probe+0x1a4/0x3f0 [ 54.088101] __driver_probe_device+0x7d/0x170 [ 54.088443] driver_probe_device+0x24/0xa0 [ 54.088765] __driver_attach+0xdd/0x1d0 [ 54.089068] ? __pfx___driver_attach+0x10/0x10 [ 54.089417] bus_for_each_dev+0x8e/0xe0 [ 54.089718] driver_attach+0x22/0x30 [ 54.090000] bus_add_driver+0x120/0x220 [ 54.090303] driver_register+0x62/0x120 [ 54.090606] ? __pfx_amdgpu_init+0x10/0x10 [amdgpu] [ 54.091255] __pci_register_driver+0x62/0x70 [ 54.091593] amdgpu_init+0x67/0xff0 [amdgpu] [ 54.092190] do_one_initcall+0x5f/0x330 [ 54.092495] do_init_module+0x68/0x240 [ 54.092794] load_module+0x201c/0x2110 [ 54.093093] init_module_from_file+0x97/0xd0 [ 54.093428] ? init_module_from_file+0x97/0xd0 [ 54.093777] idempotent_init_module+0x11c/0x2a0 [ 54.094134] __x64_sys_finit_module+0x64/0xc0 [ 54.094476] do_syscall_64+0x58/0x120 [ 54.094767] entry_SYSCALL_64_after_hwframe+0x6e/0x76 Signed-off-by: Tim Huang Reviewed-by: Saleemkhan Jamadar Signed-off-by: Alex Deucher commit 3b37e2725ab32c9055bec00ef41caa63839efd37 Author: Yifan Zhang Date: Thu Jul 18 13:18:53 2024 +0800 drm/amdgpu: skip kfd init if GFX is not ready. avoid kfd init crash in that case. Signed-off-by: Yifan Zhang Acked-by: Alex Deucher Tested-by: Jesse Zhang Reviewed-by: Jesse Zhang Signed-off-by: Alex Deucher commit 305cd109b761202d71f2f655ea369fe889ba1d01 Author: Philip Yang Date: Thu Jun 20 13:00:48 2024 -0400 drm/amdkfd: Validate user queue update Ensure update queue new ring buffer is mapped on GPU with correct size. Decrease queue old ring_bo queue_refcount and increase new ring_bo queue_refcount. Signed-off-by: Philip Yang Reviewed-by: Felix Kuehling Acked-by: Christian König Signed-off-by: Alex Deucher commit b049504e211e8f4dbcd40434f2dcab2215ea1039 Author: Philip Yang Date: Thu Jun 20 12:44:57 2024 -0400 drm/amdkfd: Validate user queue svm memory residency Queue CWSR area maybe registered to GPU as svm memory, create queue to ensure svm mapped to GPU with KFD_IOCTL_SVM_FLAG_GPU_ALWAYS_MAPPED flag. Add queue_refcount to struct svm_range, to track queue CWSR area usage. Because unmap mmu notifier callback return value is ignored, if application unmap the CWSR area while queue is active, pr_warn message in dmesg log. To be safe, evict user queue. Signed-off-by: Philip Yang Reviewed-by: Felix Kuehling Acked-by: Christian König Signed-off-by: Alex Deucher commit b46119578167150810184494b2a097c40e2144b8 Author: Himal Prasad Ghimiray Date: Mon Jul 15 16:25:54 2024 +0530 drm/xe: Delete unused register from xe_regs.h Register SOFTWARE_FLAGS_SPR33 is unused; therefore, delete it. Cc: Michal Wajdeczko Signed-off-by: Himal Prasad Ghimiray Reviewed-by: Tejas Upadhyay Link: https://patchwork.freedesktop.org/patch/msgid/20240715105555.2220444-2-himal.prasad.ghimiray@intel.com Signed-off-by: Lucas De Marchi commit 7214da0ed2220a2b9ad22aa77a5974cdd2a62799 Author: Dmitry Osipenko Date: Sun Jul 14 23:55:02 2024 +0300 drm/virtio: Add DRM capset definition Define DRM native context capset in the VirtIO-GPU protocol header. Signed-off-by: Dmitry Osipenko Reviewed-by: Rob Clark Reviewed-by: Pierre-Eric Pelloux-Prayer Link: https://patchwork.freedesktop.org/patch/msgid/20240714205502.3409718-1-dmitry.osipenko@collabora.com commit 66ac3451fb467ce44fb1d4517f91db7390b9fa6b Author: Lucas De Marchi Date: Mon Jul 22 09:06:39 2024 -0700 drm/xe: Add assert for XE_WA() usage It's not always safe to call XE_WA() in the driver initialization. Add a xe_gt_assert() so this doesn't go unnoticed. While at it, fix typo in kernel-doc about OOB workarounds. Reviewed-by: Tejas Upadhyay Link: https://patchwork.freedesktop.org/patch/msgid/20240722160815.4085605-1-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit a2b4da9501c120d60413065169f140bc3d2e5991 Author: Lucas De Marchi Date: Mon Jul 22 21:54:57 2024 -0700 drm/xe: Refactor mmio setup for multi-tile Extract functions to setup the multi-tile mmio space and extension space, while better documenting the final memory layout. No change in behavior. Reviewed-by: Gustavo Sousa Link: https://patchwork.freedesktop.org/patch/msgid/20240723045558.288693-1-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit 76a791fa0926e504f262310cbd0c8f1a60e67ae8 Author: Colin Ian King Date: Mon Jul 22 16:39:37 2024 +0100 drm/i915/dp: Make read-only array bw_gbps static const Don't populate the read-only array bw_gbps on the stack at run time, instead make it static const. Signed-off-by: Colin Ian King Signed-off-by: Jani Nikula Link: https://patchwork.freedesktop.org/patch/msgid/20240722153937.574819-1-colin.i.king@gmail.com commit 6482253e6e1ad1c3a76645a3899d3cfdb5b918cb Author: Matthew Brost Date: Tue Jul 23 12:07:14 2024 -0700 drm/xe: Remove fence check from send_tlb_invalidation 'fence' argument in send_tlb_invalidation cannot be NULL, remove non-NULL check from send_tlb_invalidation. Reported-by: kernel test robot Reported-by: Dan Carpenter Closes: https://lore.kernel.org/r/202407231049.esig0Fkb-lkp@intel.com/ Fixes: 61ac035361ae ("drm/xe: Drop xe_gt_tlb_invalidation_wait") Signed-off-by: Matthew Brost Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240723190714.1744653-1-matthew.brost@intel.com Signed-off-by: Nirmoy Das commit 2108cdcee58b06460a8ecb106d15ab69f5bd49fc Author: Marek Vasut Date: Wed Jul 24 02:55:53 2024 +0200 drm/panel/panel-ilitek-ili9806e: Add Densitron DMT028VGHMCMI-1D TFT to ILI9806E DSI TCON driver Add Densitron DMT028VGHMCMI-1D 480x640 TFT matrix 2.83 inch panel attached to Ilitek ILI9806E DSI TCON into the ILI9806E driver. Note that the Densitron panels use different TCONs, this driver is for the later panel, use panel-ilitek-st7701.c for the former panel: DMT028VGHMCMI-1A - ST7701 DMT028VGHMCMI-1D - ILI9806E Signed-off-by: Marek Vasut Reviewed-by: Michael Walle Link: https://lore.kernel.org/r/20240724005700.196073-2-marex@denx.de Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240724005700.196073-2-marex@denx.de commit aa48c30f096bc10a583c2294d87713f2802986c2 Author: Marek Vasut Date: Wed Jul 24 02:55:52 2024 +0200 dt-bindings: display: panel: Document Densitron DMT028VGHMCMI-1D TFT on ILI9806E DSI TCON Document Densitron DMT028VGHMCMI-1D 480x640 TFT matrix 2.83 inch panel attached to Ilitek ILI9806E DSI TCON in the ILI9806E bindings. Signed-off-by: Marek Vasut Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240724005700.196073-1-marex@denx.de Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240724005700.196073-1-marex@denx.de commit 708899133615bdb8087cafa129b8e24397d0c79d Author: Zhaoxiong Lv Date: Tue Jul 23 14:26:15 2024 +0800 drm/panel: boe-th101mb31ig002 : using drm_connector_helper_get_modes_fixed() Use public functions( drm_connector_helper_get_modes_fixed()) to get porch parameters. Signed-off-by: Zhaoxiong Lv Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20240723062615.14796-3-lvzhaoxiong@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240723062615.14796-3-lvzhaoxiong@huaqin.corp-partner.google.com commit c60ca14bfd2d399a66f7164e044b63991c6a5a82 Author: Zhaoxiong Lv Date: Tue Jul 23 14:26:14 2024 +0800 drm/panel: boe-th101mb31ig002 : Fix the way to get porch parameters The current driver can only obtain the porch parameters of boe-th101mb31ig002. Modify it to obtain the porch parameters of the panel currently being used. Reviewed-by: Douglas Anderson Signed-off-by: Zhaoxiong Lv Link: https://lore.kernel.org/r/20240723062615.14796-2-lvzhaoxiong@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240723062615.14796-2-lvzhaoxiong@huaqin.corp-partner.google.com commit 61eec998c9399d1cce91c7a2f51a4d0cfbab97bb Author: Dang Huynh Date: Mon Jul 22 14:07:15 2024 +0700 drm: panel: boe-bf060y8m-aj0: Enable prepare_prev_first Enable prepare_prev_first flag for BF060Y8M-AJ0 panel so that the previous controller should be prepared first before the prepare for the panel is called. This makes sure that the previous controller, likely to be a DSI host controller should be initialized to LP-11 before the panel is powered up. Suggested-by: Marijn Suijten Signed-off-by: Dang Huynh Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240722-bf060y8m-aj0-prepare-prev-v1-1-0e51c0f59d22@riseup.net Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240722-bf060y8m-aj0-prepare-prev-v1-1-0e51c0f59d22@riseup.net commit 740ff03d7238214a318cdcfd96dec51832b053d2 Author: Binbin Zhou Date: Tue Jul 23 11:28:31 2024 -0700 Input: Add driver for PixArt PS/2 touchpad This patch introduces a driver for the PixArt PS/2 touchpad, which supports both clickpad and touchpad types. At the same time, we extended the single data packet length to 16, because according to the current PixArt hardware and FW design, we need 11 bytes/15 bytes to represent the complete three-finger/four-finger data. Co-developed-by: Jon Xie Signed-off-by: Jon Xie Co-developed-by: Jay Lee Signed-off-by: Jay Lee Signed-off-by: Binbin Zhou Link: https://lore.kernel.org/r/20240704125243.3633569-1-zhoubinbin@loongson.cn Signed-off-by: Dmitry Torokhov commit bd4bea5ab2bda37ddb092a978218c4d9b46927e6 Author: Alex Deucher Date: Fri Jul 12 18:57:14 2024 -0400 drm/amdgpu/gfx9.4.3: Enable bad opcode interrupt For the bad opcode case, it will cause CP/ME hang. The firmware will prevent the ME side from hanging by raising a bad opcode interrupt. And the driver needs to perform a vmid reset when receiving the interrupt. Acked-by: Felix Kuehling Signed-off-by: Alex Deucher commit 238352b4949bc5c724f6adc1c78d50f1d15e4759 Author: Alex Deucher Date: Fri Jul 12 18:50:26 2024 -0400 drm/amdgpu/gfx9: Enable bad opcode interrupt For the bad opcode case, it will cause CP/ME hang. The firmware will prevent the ME side from hanging by raising a bad opcode interrupt. And the driver needs to perform a vmid reset when receiving the interrupt. Acked-by: Felix Kuehling Signed-off-by: Alex Deucher commit 5ebca62eb8ebff67e2c8c4903bdb4f3c07922114 Author: Jesse Zhang Date: Fri Jul 12 18:42:53 2024 -0400 drm/amdgpu/gfx12: Enable bad opcode interrupt For the bad opcode case, it will cause CP/ME hang. The firmware will prevent the ME side from hanging by raising a bad opcode interrupt. And the driver needs to perform a vmid reset when receiving the interrupt. v2: update irq naming (drop priv) (Alex) Acked-by: Felix Kuehling Signed-off-by: Jesse Zhang Signed-off-by: Alex Deucher commit bc6c2a6f6495668e3cf0acbecf820b93ca03aef7 Author: Jesse Zhang Date: Fri Jul 12 18:14:52 2024 -0400 drm/amdgpu/gfx10: Enable bad opcode interrupt For the bad opcode case, it will cause CP/ME hang. The firmware will prevent the ME side from hanging by raising a bad opcode interrupt. And the driver needs to perform a vmid reset when receiving the interrupt. v2: update irq naming (drop priv) (Alex) Acked-by: Felix Kuehling Signed-off-by: Jesse Zhang Signed-off-by: Alex Deucher commit a7909022371dc8c70bdc4871a97cc49e34d78a6d Author: Jesse Zhang Date: Thu Jul 11 10:38:03 2024 +0800 drm/amdgpu/gfx11: Enable bad opcode interrupt For the bad opcode case, it will cause CP/ME hang. The firmware will prevent the ME side from hanging by raising a bad opcode interrupt. And the driver needs to perform a vmid reset when receiving the interrupt. v2: update irq naming (drop priv) (Alex) Acked-by: Felix Kuehling Signed-off-by: Jesse Zhang Reviewed-by: Prike Liang Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit acddd5cf70e609e1e1e638ac0422977ea2b4783f Author: Alex Deucher Date: Fri Jul 12 18:01:06 2024 -0400 drm/amdgpu/gfx: add bad opcode interrupt Add the irq source for bad opcodes. Acked-by: Felix Kuehling Signed-off-by: Alex Deucher commit 48695573d2feaf42812c1ad54e01caff0d1c2d71 Author: Alex Deucher Date: Tue Jul 2 10:24:59 2024 -0400 drm/amdgpu/gfx9: properly handle error ints on all pipes Need to handle the interrupt enables for all pipes. Acked-by: Christian König Signed-off-by: Alex Deucher commit 39879321769cc2d9a690725959ef76af92a38ac1 Author: Alex Deucher Date: Mon Jul 1 17:40:55 2024 -0400 drm/amdgpu/gfx12: properly handle error ints on all pipes Need to handle the interrupt enables for all pipes. v2: fix indexing (Jessie) Acked-by: Christian König Signed-off-by: Alex Deucher commit 2662b7d9d8bc1dda1f89f0dd33422e069f2f861c Author: Alex Deucher Date: Mon Jul 1 11:18:00 2024 -0400 drm/amdgpu/gfx11: properly handle error ints on all pipes Need to handle the interrupt enables for all pipes. v2: fix indexing (Jessie) Acked-by: Christian König Signed-off-by: Alex Deucher commit 4b95cec68937a6302c7085b26258cf721d726684 Author: Alex Deucher Date: Mon Jul 1 11:08:52 2024 -0400 drm/amdgpu/gfx10: properly handle error ints on all pipes Need to handle the interrupt enables for all pipes. v2: fix indexing (Jessie) Acked-by: Christian König Signed-off-by: Alex Deucher commit af4808ac40dbf668183d0b69ef6b31e62e1fc5df Author: Alex Deucher Date: Fri Jul 12 18:20:37 2024 -0400 drm/amdgpu/gfx12: enable wave kill for compute queues It should work the same for compute as well as gfx. Reviewed-by: Christian König Signed-off-by: Alex Deucher commit f53f526f7050041718af84e33fc24f670e7dccdb Author: Alex Deucher Date: Fri Jul 12 18:19:42 2024 -0400 drm/amdgpu/gfx11: enable wave kill for compute queues It should work the same for compute as well as gfx. Reviewed-by: Christian König Signed-off-by: Alex Deucher commit a2737c404cb2c1c335db30737925a306a2e7cc11 Author: Alex Deucher Date: Fri Jul 12 18:17:18 2024 -0400 drm/amdgpu/gfx10: enable wave kill for compute queues It should work the same for compute as well as gfx. Reviewed-by: Christian König Signed-off-by: Alex Deucher commit 015b8a2fdf39a4c288ff24e7b715b8d9198e56dc Author: Stanley.Yang Date: Thu Jul 18 10:58:04 2024 +0800 drm/amdgpu: Fix eeprom max record count The eeprom table is empty before initializing, set eeprom table version first before initializing. Changed from V1: Reuse amdgpu_ras_set_eeprom_table_version function Signed-off-by: Stanley.Yang Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit c395fd47d1565bd67671f45cca281b3acc2c31ef Author: Srinivasan Shanmugam Date: Mon Jul 22 16:44:40 2024 +0530 drm/amd/display: Add NULL check for clk_mgr in dcn32_init_hw This commit addresses a potential null pointer dereference issue in the `dcn32_init_hw` function. The issue could occur when `dc->clk_mgr` is null. The fix adds a check to ensure `dc->clk_mgr` is not null before accessing its functions. This prevents a potential null pointer dereference. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn32/dcn32_hwseq.c:961 dcn32_init_hw() error: we previously assumed 'dc->clk_mgr' could be null (see line 782) Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Alex Hung Signed-off-by: Alex Deucher commit 8284951a6e79c6806c675e5f68a4cd425dd56bc4 Author: YiPeng Chai Date: Fri Jul 19 20:43:04 2024 +0800 drm/amdgpu: fix ras UE error injection failure issue The ras command shared memory is allocated from VRAM and the response status of the command buffer will not be zero due to gpu being in fatal error state after ras UE error injection. Signed-off-by: YiPeng Chai Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 834368eab36922595a402b9e76470f8efa2fac7f Author: Philip Yang Date: Thu Jun 20 12:31:36 2024 -0400 drm/amdkfd: Ensure user queue buffers residency Add atomic queue_refcount to struct bo_va, return -EBUSY to fail unmap BO from the GPU if the bo_va queue_refcount is not zero. Create queue to increase the bo_va queue_refcount, destroy queue to decrease the bo_va queue_refcount, to ensure the queue buffers mapped on the GPU when queue is active. Signed-off-by: Philip Yang Reviewed-by: Felix Kuehling Acked-by: Christian König Signed-off-by: Alex Deucher commit 22a9d5cbf88a92ac6cd473c3ba1c369aee8fec9a Author: Alex Deucher Date: Fri Jul 12 18:27:37 2024 -0400 drm/amdgpu/gfx9.4.3: implement wave kill for compute queues Based on gfx9.0 implementation. Reviewed-by: Christian König Signed-off-by: Alex Deucher commit eac3b274aaea11ec4ade8e8f684055db80d5f8b7 Author: Sunil Khatri Date: Wed Jul 17 18:45:50 2024 +0530 drm/amdgpu: add print support for sdma_v_4_4_2 ip_dump Add print support for ip dump for sdma_v_4_4_2 in devcoredump. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 4b6377f0e96085cbec96eb7f0b282430ccdd3d75 Author: Srinivasan Shanmugam Date: Mon Jul 22 16:58:32 2024 +0530 drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn401_init_hw This commit addresses a potential null pointer dereference issue in the `dcn401_init_hw` function. The issue could occur when `dc->clk_mgr` or `dc->clk_mgr->funcs` is null. The fix adds a check to ensure `dc->clk_mgr` and `dc->clk_mgr->funcs` is not null before accessing its functions. This prevents a potential null pointer dereference. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn401/dcn401_hwseq.c:416 dcn401_init_hw() error: we previously assumed 'dc->clk_mgr' could be null (see line 225) Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Alex Hung Signed-off-by: Alex Deucher commit cba7fec864172dadd953daefdd26e01742b71a6a Author: Srinivasan Shanmugam Date: Mon Jul 22 16:21:19 2024 +0530 drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw This commit addresses a potential null pointer dereference issue in the `dcn30_init_hw` function. The issue could occur when `dc->clk_mgr` or `dc->clk_mgr->funcs` is null. The fix adds a check to ensure `dc->clk_mgr` and `dc->clk_mgr->funcs` is not null before accessing its functions. This prevents a potential null pointer dereference. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn30/dcn30_hwseq.c:789 dcn30_init_hw() error: we previously assumed 'dc->clk_mgr' could be null (see line 628) Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Alex Hung Signed-off-by: Alex Deucher commit 68e599db7a549f010a329515f3508d8a8c3467a4 Author: Philip Yang Date: Thu Jun 20 12:21:57 2024 -0400 drm/amdkfd: Validate user queue buffers Find user queue rptr, ring buf, eop buffer and cwsr area BOs, and check BOs are mapped on the GPU with correct size and take the BO reference. Signed-off-by: Philip Yang Reviewed-by: Felix Kuehling Acked-by: Christian König Signed-off-by: Alex Deucher commit 9c7e69d2e1245fdd5fa5c65cd022530b2a5ef1b7 Author: Alex Deucher Date: Fri Jul 12 18:21:48 2024 -0400 drm/amdgpu/gfx9: enable wave kill for compute queues It should work the same for compute as well as gfx. Reviewed-by: Christian König Signed-off-by: Alex Deucher commit 7e60ecc2b70adb41b92752cbcd749040e00b57b8 Author: Alex Deucher Date: Fri Jul 12 18:29:59 2024 -0400 drm/amdgpu/gfx8: enable wave kill for compute queues It should work the same for compute as well as gfx. Reviewed-by: Christian König Signed-off-by: Alex Deucher commit 12fb3e9c88406732749fb2f111911a2438eeb0fc Author: Alex Deucher Date: Fri Jul 12 18:29:20 2024 -0400 drm/amdgpu/gfx7: enable wave kill for compute queues It should work the same for compute as well as gfx. Reviewed-by: Christian König Signed-off-by: Alex Deucher commit ac2140449184a26eac99585b7f69814bd3ba8f2d Author: Srinivasan Shanmugam Date: Sun Jul 21 19:30:16 2024 +0530 drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer This commit addresses a potential null pointer dereference issue in the `dcn32_acquire_idle_pipe_for_head_pipe_in_layer` function. The issue could occur when `head_pipe` is null. The fix adds a check to ensure `head_pipe` is not null before asserting it. If `head_pipe` is null, the function returns NULL to prevent a potential null pointer dereference. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn32/dcn32_resource.c:2690 dcn32_acquire_idle_pipe_for_head_pipe_in_layer() error: we previously assumed 'head_pipe' could be null (see line 2681) Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit f22f4754aaa47d8c59f166ba3042182859e5dff7 Author: Srinivasan Shanmugam Date: Sun Jul 21 19:18:58 2024 +0530 drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer This commit addresses a potential null pointer dereference issue in the `dcn201_acquire_free_pipe_for_layer` function. The issue could occur when `head_pipe` is null. The fix adds a check to ensure `head_pipe` is not null before asserting it. If `head_pipe` is null, the function returns NULL to prevent a potential null pointer dereference. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn201/dcn201_resource.c:1016 dcn201_acquire_free_pipe_for_layer() error: we previously assumed 'head_pipe' could be null (see line 1010) Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit d81873f9e715b72d4f8d391c8eb243946f784dfc Author: Srinivasan Shanmugam Date: Sat Jul 20 18:05:20 2024 +0530 drm/amd/display: Fix index out of bounds in DCN30 color transformation This commit addresses a potential index out of bounds issue in the `cm3_helper_translate_curve_to_hw_format` function in the DCN30 color management module. The issue could occur when the index 'i' exceeds the number of transfer function points (TRANSFER_FUNC_POINTS). The fix adds a check to ensure 'i' is within bounds before accessing the transfer function points. If 'i' is out of bounds, the function returns false to indicate an error. drivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:180 cm3_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:181 cm3_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:182 cm3_helper_translate_curve_to_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit bdf606810210e8e07a0cdf1af3c467291363b295 Author: Srinivasan Shanmugam Date: Fri Jul 19 21:39:57 2024 +0530 drm/amd/display: Implement bounds check for stream encoder creation in DCN401 'stream_enc_regs' array is an array of dcn10_stream_enc_registers structures. The array is initialized with four elements, corresponding to the four calls to stream_enc_regs() in the array initializer. This means that valid indices for this array are 0, 1, 2, and 3. The error message 'stream_enc_regs' 4 <= 5 below, is indicating that there is an attempt to access this array with an index of 5, which is out of bounds. This could lead to undefined behavior Here, eng_id is used as an index to access the stream_enc_regs array. If eng_id is 5, this would result in an out-of-bounds access on the stream_enc_regs array. Thus fixing Buffer overflow error in dcn401_stream_encoder_create Found by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn401/dcn401_resource.c:1209 dcn401_stream_encoder_create() error: buffer overflow 'stream_enc_regs' 4 <= 5 Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit b7e99058eb2e86aabd7a10761e76cae33d22b49f Author: Srinivasan Shanmugam Date: Sat Jul 20 17:48:27 2024 +0530 drm/amd/display: Fix index out of bounds in degamma hardware format translation Fixes index out of bounds issue in `cm_helper_translate_curve_to_degamma_hw_format` function. The issue could occur when the index 'i' exceeds the number of transfer function points (TRANSFER_FUNC_POINTS). The fix adds a check to ensure 'i' is within bounds before accessing the transfer function points. If 'i' is out of bounds the function returns false to indicate an error. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit bc50b614d59990747dd5aeced9ec22f9258991ff Author: Srinivasan Shanmugam Date: Sat Jul 20 18:44:02 2024 +0530 drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation This commit addresses a potential index out of bounds issue in the `cm3_helper_translate_curve_to_degamma_hw_format` function in the DCN30 color management module. The issue could occur when the index 'i' exceeds the number of transfer function points (TRANSFER_FUNC_POINTS). The fix adds a check to ensure 'i' is within bounds before accessing the transfer function points. If 'i' is out of bounds, the function returns false to indicate an error. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:338 cm3_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.red' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:339 cm3_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.green' 1025 <= s32max drivers/gpu/drm/amd/amdgpu/../display/dc/dcn30/dcn30_cm_common.c:340 cm3_helper_translate_curve_to_degamma_hw_format() error: buffer overflow 'output_tf->tf_pts.blue' 1025 <= s32max Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit 0352e39e7e781fe6a408c70a336d0f321dfe108b Author: Srinivasan Shanmugam Date: Mon Jul 22 18:15:18 2024 +0530 drm/amd/display: Add kdoc entry for 'bs_coeffs_updated' in dpp401_dscl_program_isharp Fixes the below with gcc W=1: drivers/gpu/drm/amd/amdgpu/../display/dc/dpp/dcn401/dcn401_dpp_dscl.c:961: warning: Function parameter or struct member 'bs_coeffs_updated' not described in 'dpp401_dscl_program_isharp' Fixes: 94beb4ac1b3b ("drm/amd/display: ensure EASF and ISHARP coefficients are programmed together") Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Rodrigo Siqueira Signed-off-by: Alex Deucher commit c8a0222dedf90e9a79b88814e32ffb43ac4beef6 Author: Aric Cyr Date: Sun Jul 14 21:54:49 2024 -0400 drm/amd/display: 3.2.293 Signed-off-by: Aurabindo Pillai Signed-off-by: Aric Cyr Reviewed-by: Leo Li Signed-off-by: Alex Deucher commit 779ea9d32612f8e78a2f362d52cf31c23ba878f0 Author: Aurabindo Pillai Date: Mon Jul 15 16:03:30 2024 -0400 drm/amd/display: remove unused folder dc/{dcn401,dcn303} are unused since the files in it got moved under their respective new components location. Hence they are no longer necessary Fixes: 2d62bb450ed1 ("drm/amd/display: Refactor DCN3X into component folder") Reviewed-by: Leo Li Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit 8732594017d32132ca741f4ec4eec91211f5d10c Author: Joshua Aberback Date: Thu Jun 6 15:51:16 2024 -0400 drm/amd/display: Remove duplicate HWSS interfaces [Why] Some interface functions are defined in both the public and private HWSS interfaces, which can lead to confusion and runtime issues, therefore the duplicates should be eliminated. [How] - power_down should only be private, because it's only used within HWSS. - update_plane_addr should only be public, as it's used outside HWSS. Reviewed-by: Rodrigo Siqueira Signed-off-by: Joshua Aberback Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit 58ed441367b9b0fb48aa8cd471a73073d1143e16 Author: Dillon Varone Date: Mon May 20 11:12:07 2024 -0400 drm/amd/display: Various DML2 fixes for FAMS2 The disable fams2 operation was reworked, but some of the old code remained. This commit removes the disable_fams2_drr from the dml2_stream_parameters. Reviewed-by: Rodrigo Siqueira Signed-off-by: Dillon Varone Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit 3237403b98e173c296ec83cbba5e9def331c5e13 Author: Rodrigo Siqueira Date: Thu Jul 11 10:53:41 2024 -0600 drm/amd/display: Remove old comments Remove some old comments from DCN32/321. Signed-off-by: Rodrigo Siqueira Reviewed-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit d925c04d974c657d10471c0c2dba3bc9c7d994ee Author: Alex Hung Date: Thu Jun 27 16:45:39 2024 -0600 drm/amd/display: Check link_res->hpo_dp_link_enc before using it [WHAT & HOW] Functions dp_enable_link_phy and dp_disable_link_phy can pass link_res without initializing hpo_dp_link_enc and it is necessary to check for null before dereferencing. This fixes 1 FORWARD_NULL issue reported by Coverity. Fixes: 0beca868cde8 ("drm/amd/display: Check link_res->hpo_dp_link_enc before using it") Reviewed-by: Rodrigo Siqueira Signed-off-by: Alex Hung Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit 1a03b0e6c5fdb476203be4f4597205ff8799369b Author: Alex Hung Date: Fri Jul 12 09:39:13 2024 -0600 drm/amd/display: Add MST debug message when link detection fails [WHY & HOW] dc_link_detect returns a boolean value which can be used to print debug messages when it fails. This fixes 1 CHECKED_RETURN issue reported by Coverity. Reviewed-by: Rodrigo Siqueira Signed-off-by: Alex Hung Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit fae1879dc229249c17e5fd4ef81bf33684ee58f0 Author: Sung Joon Kim Date: Thu Jul 11 11:24:07 2024 -0400 drm/amd/display: Check top sink only when multiple streams for DP2 [why] When switching from extended to second display only mode, the top remote sink is not removed while the top stream itself is released. This causes DML to think there is no DP2 output encoder because top remote sink does not match with the second stream and disables DTBCLK and causes hang. [how] For DP2.0 MST hubs, only treat 1st remote sink as an encoder only when there are multiple displays connected. Reviewed-by: Michael Strauss Signed-off-by: Sung Joon Kim Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit ec0d7abbb0d464619d6d1646f03603c6616d966e Author: Gabe Teeger Date: Thu Jul 11 14:56:29 2024 -0400 drm/amd/display: Fix Potential Null Dereference [what & why] System hang after s4 regression points to code change here. Removing possible NULL dereference. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Nicholas Kazlauskas Signed-off-by: Gabe Teeger Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit a90e1dc25c064bf21353cb342aac938662a148e4 Author: Ilya Bakoulin Date: Tue Jul 9 13:11:55 2024 -0400 drm/amd/display: Add helper function to check for non-address fast updates [Why/How] Need to identify which fast updates will update more than just the address. Reviewed-by: Alvin Lee Signed-off-by: Ilya Bakoulin Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit fa53b23ff7c98930c7e529b8f5228d9f182ae2bc Author: Aurabindo Pillai Date: Thu Jul 4 18:41:58 2024 +0000 drm/amd/display: rename dcn401_soc to dcn4_variant_a_soc To distinguish between different soc with same DCN IP, use variants starting with alphabets Reviewed-by: Rodrigo Siqueira Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit f7543209ce5dc09e3f5a27a7d4ee53e226283719 Author: Aurabindo Pillai Date: Thu Jul 4 18:33:02 2024 +0000 drm/amd/display: rename dcn3/dcn4 to more sound terms Use more accurate names to refer to the asic architecture. dcn3 in DML actually refers to DCN32 and DCN321, so rename it to dcn32x dcn4 refers to any DCN4x soc., and hence rename dcn4 to dcn4x Reviewed-by: Rodrigo Siqueira Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit f52ea01925f4eeb967c09cb5dae61608a2330541 Author: Hansen Dsouza Date: Thu Jul 11 10:58:51 2024 -0400 drm/amd/display: Add source select helper functions [why & how] Add source select helpers based on DCCG spec Reviewed-by: Daniel Miess Signed-off-by: Hansen Dsouza Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit aaa21e6a33bae017fc190bd75f76baa29d259346 Author: Austin Zheng Date: Wed Jul 10 14:15:57 2024 -0400 drm/amd/display: Check if Mode is Supported Before Returning Result [Why] Even if the mode is not supported dml2_check_mode_supported() would still return true. This causes an unsupported mode to be programmed. [How] Check if the mode is supported or not and return the proper result. Reviewed-by: Chaitanya Dhere Signed-off-by: Austin Zheng Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit 94beb4ac1b3bc5fbeef977960a90ee4f594b4465 Author: Samson Tam Date: Wed Jul 10 17:09:04 2024 -0400 drm/amd/display: ensure EASF and ISHARP coefficients are programmed together [Why] EASF coefficients are programmed to RAM and then RAM selector is toggled. ISHARP coefficients are programmed after so they will not be in the same RAM block [How] Move ISHARP programming before EASF programming Add flag if ISHARP coefficients are updated. If so, then force EASF coefficients programming Reviewed-by: Alvin Lee Signed-off-by: Samson Tam Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit 0cf80506918da0d2cd9d31e3b07831f94a2c5cc6 Author: Ryan Seto Date: Wed Jul 10 17:03:32 2024 -0400 drm/amd/display: Fix visual confirm bug for SubVP [Why] Visual confirm was incorrect on dual monitor SubVP setup [How] Adjusted p_state assignment for dual monitor SubVP setup Signed-off-by: Ryan Seto Reviewed-by: Chaitanya Dhere Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit 14d6ca0740e6237f4bca2dabee4e240b6f4be508 Author: Hansen Dsouza Date: Tue Jul 9 16:50:05 2024 -0400 drm/amd/display: Add RCG helper functions [why & how] Add standard RCG helpers based on DCCG spec Reviewed-by: Daniel Miess Reviewed-by: Muhammad Ahmed Signed-off-by: Hansen Dsouza Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit 332315885d3ccc6d8fe99700f3c2e4c24aa65ab7 Author: Rodrigo Siqueira Date: Thu Jul 4 11:54:34 2024 -0600 drm/amd/display: Remove ASSERT if significance is zero in math_ceil2 In the DML math_ceil2 function, there is one ASSERT if the significance is equal to zero. However, significance might be equal to zero sometimes, and this is not an issue for a ceil function, but the current ASSERT will trigger warnings in those cases. This commit removes the ASSERT if the significance is equal to zero to avoid unnecessary noise. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Chaitanya Dhere Signed-off-by: Rodrigo Siqueira Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit 6fa4bf3dce0668a96faca0024e382f4489a9cc9b Author: Revalla Hari Krishna Date: Mon Jul 8 15:35:08 2024 +0530 drm/amd/display: Refactoring HPO [Why] To refactor HPO files [How] Moved hpo related files to specific hpo folder and update Makefiles. Reviewed-by: Martin Leung Signed-off-by: Revalla Hari Krishna Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit 3f7477bfbb906ec1cd9ad681475a04a142345eae Author: Hansen Dsouza Date: Tue Jul 9 15:56:36 2024 -0400 drm/amd/display: Add private data type for RCG [why & how] Add private data types for better RCG control Reviewed-by: Chris Park Reviewed-by: Yihan Zhu Signed-off-by: Hansen Dsouza Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit 295d91cbc700651782a60572f83c24861607b648 Author: Sung Joon Kim Date: Mon Jul 8 19:29:49 2024 -0400 drm/amd/display: Check for NULL pointer [why & how] Need to make sure plane_state is initialized before accessing its members. Cc: Mario Limonciello Cc: Alex Deucher Cc: stable@vger.kernel.org Reviewed-by: Xi (Alex) Liu Signed-off-by: Sung Joon Kim Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit 72dc6bf159467f43667bead6016965821186490b Author: Dillon Varone Date: Wed Jul 3 14:44:15 2024 -0400 drm/amd/display: Remove hardmax usage for dcn401 [WHY&HOW] Hardmax message will be retired for dcn4, so this removes it. Reviewed-by: Alvin Lee Signed-off-by: Dillon Varone Signed-off-by: Aurabindo Pillai Signed-off-by: Alex Deucher commit fb91065851cd5f2735348c5f3eddeeca3d7c2973 Author: Philip Yang Date: Thu Jun 20 11:53:50 2024 -0400 drm/amdkfd: Refactor queue wptr_bo GART mapping Add helper function kfd_queue_acquire_buffers to get queue wptr_bo reference from queue write_ptr if it is mapped to the KFD node with expected size. Add wptr_bo to structure queue_properties because structure queue is allocated after queue buffers are validated, then we can remove wptr_bo parameter from pqm_create_queue. Rename structure queue wptr_bo_gart to hold wptr_bo reference for GART mapping and umapping. Move MES wptr_bo_gart mapping to init_user_queue, the same location with queue ctx_bo GART mapping. Signed-off-by: Philip Yang Reviewed-by: Felix Kuehling Acked-by: Christian König Signed-off-by: Alex Deucher commit db54a725d57985c869f6fe4153a36cd229ab0b73 Author: Sunil Khatri Date: Wed Jul 17 18:40:47 2024 +0530 drm/amdgpu: Add sdma_v4_4_2 ip dump for devcoredump Add ip dump for sdma_v4_4_2 for devcoredump for all instances of sdma. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit a11b36ba9c1ac494c6a5cf7f1a5e68c1ce4dbe18 Author: Sunil Khatri Date: Wed Jul 17 17:12:56 2024 +0530 drm/amdgpu: add print support for sdma_v_4_0 ip_dump Add print support for ip dump for sdma_v_4_0 in devcoredump. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit c86ad39140bbcb9dc75a10046c2221f657e8083b Author: Philip Yang Date: Sun Jul 14 11:11:05 2024 -0400 drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Pass pointer reference to amdgpu_bo_unref to clear the correct pointer, otherwise amdgpu_bo_unref clear the local variable, the original pointer not set to NULL, this could cause use-after-free bug. Signed-off-by: Philip Yang Reviewed-by: Felix Kuehling Acked-by: Christian König Signed-off-by: Alex Deucher commit f9e292cbba21e79abea7315b41a52c36ea2b6980 Author: Philip Yang Date: Thu Jun 20 11:17:59 2024 -0400 drm/amdkfd: kfd_bo_mapped_dev support partition Change amdgpu_amdkfd_bo_mapped_to_dev to use drm_priv as parameter instead of adev, to support spatial partition. This is only used by CRIU checkpoint restore now. No functional change. Signed-off-by: Philip Yang Reviewed-by: Felix Kuehling Acked-by: Christian König Signed-off-by: Alex Deucher commit caaf576292f8ccef5cdc0ac16e77b87dbf6e17ab Author: Jane Jian Date: Mon Jul 15 18:48:31 2024 +0800 drm/amdgpu/vcn: Use offsets local to VCN/JPEG in VF For VCN/JPEG 4.0.3, use only the local addressing scheme. - Mask bit higher than AID0 range v2 remain the case for mmhub use master XCC Signed-off-by: Jane Jian Reviewed-by: Lijo Lazar Signed-off-by: Alex Deucher commit 49cfaebe48e97500a68d5322a8194736b0a2c3cf Author: Lijo Lazar Date: Mon Dec 11 11:18:42 2023 +0530 drm/amdgpu: Add empty HDP flush function to VCN v4.0.3 VCN 4.0.3 does not HDP flush with RRMT enabled. Instead, mmsch will do the HDP flush. This change is necessary for VCN v4.0.3, no need for backward compatibility Signed-off-by: Lijo Lazar Signed-off-by: Jane Jian Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 585e3fdb36f59c5cfed0ae06c852dc1df22b1d60 Author: Lijo Lazar Date: Mon Dec 11 10:45:38 2023 +0530 drm/amdgpu: Add empty HDP flush function to JPEG v4.0.3 JPEG v4.0.3 doesn't support HDP flush when RRMT is enabled. Instead, mmsch fw will do the flush. This change is necessary for JPEG v4.0.3, no need for backward compatibility Signed-off-by: Lijo Lazar Signed-off-by: Jane Jian Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit fec5f8e8c6bcf83ed7a392801d7b44c5ecfc1e82 Author: Pierre-Eric Pelloux-Prayer Date: Tue Jul 2 11:54:30 2024 +0200 drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit Before this commit, only submits with both a BO_HANDLES chunk and a 'bo_list_handle' would be rejected (by amdgpu_cs_parser_bos). But if UMD sent multiple BO_HANDLES, what would happen is: * only the last one would be really used * all the others would leak memory as amdgpu_cs_p1_bo_handles would overwrite the previous p->bo_list value This commit rejects submissions with multiple BO_HANDLES chunks to match the implementation of the parser. Signed-off-by: Pierre-Eric Pelloux-Prayer Reviewed-by: Christian König Signed-off-by: Alex Deucher commit 80237bfc031cd74cb8abf0d21094207284d56a48 Author: Sunil Khatri Date: Wed Jul 17 17:10:33 2024 +0530 drm/amdgpu: Add sdma_v4_0 ip dump for devcoredump Add ip dump for sdma_v4_0 for devcoredump for all instances of sdma. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit abf839f5ebd98134f51764f2a2841faa6cbf268a Author: Sunil Khatri Date: Wed Jul 17 12:03:33 2024 +0530 drm/amdgpu: add print support for sdma_v_7_0 ip_dump Add print support for ip dump for sdma_v_7_0 in devcoredump. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 6472de66c0aa18d50a4b5ca85f8272e88a737676 Author: Ma Ke Date: Thu Jul 18 22:17:35 2024 +0800 drm/amd/amdgpu: Fix uninitialized variable warnings Return 0 to avoid returning an uninitialized variable r. Cc: stable@vger.kernel.org Fixes: 230dd6bb6117 ("drm/amd/amdgpu: implement mode2 reset on smu_v13_0_10") Signed-off-by: Ma Ke Signed-off-by: Alex Deucher commit 93381e6b61804b777f60357d96d6254eb10b9b56 Author: Ma Ke Date: Thu Jul 18 22:11:41 2024 +0800 drm/amdgpu: fix a possible null pointer dereference In amdgpu_connector_add_common_modes(), the return value of drm_cvt_mode() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_cvt_mode(). Add a check to avoid npd. Cc: stable@vger.kernel.org Fixes: d38ceaf99ed0 ("drm/amdgpu: add core driver (v4)") Signed-off-by: Ma Ke Signed-off-by: Alex Deucher commit 666f14cab21b17ccc1bdfe1e82458aa429b3b7e0 Author: David Belanger Date: Mon Jun 10 16:38:55 2024 -0400 drm/amdgpu: Fix atomics on GFX12 If PCIe supports atomics, configure register to prevent DF from breaking atomics in separate load/store operations. Signed-off-by: David Belanger Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 4df9e2200fb8ae7199e46eaffeb9430bc0ba3ea7 Author: Sunil Khatri Date: Wed Jul 17 12:01:36 2024 +0530 drm/amdgpu: Add sdma_v7_0 ip dump for devcoredump Add ip dump for sdma_v7_0 for devcoredump for all instances of sdma. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit f2ac52634963fc38e4935e11077b6f7854e5d700 Author: Alex Deucher Date: Tue Jul 9 17:54:11 2024 -0400 drm/amdgpu/sdma5.2: Update wptr registers as well as doorbell We seem to have a case where SDMA will sometimes miss a doorbell if GFX is entering the powergating state when the doorbell comes in. To workaround this, we can update the wptr via MMIO, however, this is only safe because we disallow gfxoff in begin_ring() for SDMA 5.2 and then allow it again in end_ring(). Enable this workaround while we are root causing the issue with the HW team. Bug: https://gitlab.freedesktop.org/drm/amd/-/issues/3440 Tested-by: Friedrich Vock Signed-off-by: Alex Deucher commit ca82ee4e9fc1443f9ceec615918b299766432eec Author: Srinivasan Shanmugam Date: Thu Jul 18 09:30:01 2024 +0530 drm/amd/display: Add 'pstate_keepout' kdoc entry in 'optc1_program_timing' Fixes the below with gcc W=1: Function parameter or struct member 'pstate_keepout' not described in 'optc1_program_timing' Cc: Tom Chung Cc: Rodrigo Siqueira Cc: Roman Li Cc: Alex Hung Cc: Aurabindo Pillai Cc: Harry Wentland Cc: Hamza Mahfooz Signed-off-by: Srinivasan Shanmugam Reviewed-by: Tom Chung Signed-off-by: Alex Deucher commit 7a38efeee6b59d0984ff0470d234a06fe6a7cf3c Author: Ma Ke Date: Thu Jul 18 21:13:29 2024 +0800 drm/radeon: fix null pointer dereference in radeon_add_common_modes In radeon_add_common_modes(), the return value of drm_cvt_mode() is assigned to mode, which will lead to a possible NULL pointer dereference on failure of drm_cvt_mode(). Add a check to avoid npd. Cc: stable@vger.kernel.org Fixes: d50ba256b5f1 ("drm/kms: start adding command line interface using fb.") Signed-off-by: Ma Ke Signed-off-by: Alex Deucher commit a7e8467fbeee654e390aad1736291d273b407a2c Author: YiPeng Chai Date: Thu Jul 11 16:27:08 2024 +0800 drm/amdgpu: Remove unused code Remove unused code. Signed-off-by: YiPeng Chai Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 56631dee2932dbc203f0abd1011aa9d3d621e206 Author: YiPeng Chai Date: Thu Jul 11 16:14:22 2024 +0800 drm/amdgpu: optimize logging deferred error info 1. Use pa_pfn as the radix-tree key index to log deferred error info. 2. Use local array to store a row of bad pages. Signed-off-by: YiPeng Chai Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit 27cdf8c3cae2ad1dbfe1a32ff999c98349366862 Author: YiPeng Chai Date: Thu Jul 11 16:06:25 2024 +0800 drm/amdgpu: optimize umc v12 address conversion function Split into 3 parts: 1. Convert soc physical address via ras ta. 2. Expand bad pages from soc physical address. 3. Dump bad address info. Signed-off-by: YiPeng Chai Reviewed-by: Hawking Zhang Signed-off-by: Alex Deucher commit a9ed2f052c5c14e4be58c5ec8794dffc87588123 Author: Wu Hoi Pok Date: Sun Jun 30 12:59:22 2024 -0400 drm/radeon: change drm_dev_alloc to devm_drm_dev_alloc "drm_dev_alloc" is deprecated, in order to use the newer "devm_drm_dev_alloc", the "drm_device" is stored inside "radeon_device", by changing "rdev_to_drm(rdev)" other functions still gain access to the member "drm_device". Also, "devm_drm_dev_alloc" is now allocating "radeon_device", allocation inside "radeon_driver_load_kms" has to be removed. In "radeon_device_init", it originally assigned "rdev->dev" etc. However it is already done right after "devm_drm_dev_alloc" as you can see down below. It is better remove them. Reviewed-by: Thomas Zimmermann Tested-by: Thomas Zimmermann Signed-off-by: Wu Hoi Pok Signed-off-by: Alex Deucher commit fb1b5e1dd53fc834e12f69749cbc8484382599c4 Author: Wu Hoi Pok Date: Sun Jun 30 12:59:21 2024 -0400 drm/radeon: change rdev->ddev to rdev_to_drm(rdev) This patch changes the way "drm_device" is accessed. It uses "rdev_to_drm(rdev)" instead of accessing the struct member directly. Reviewed-by: Thomas Zimmermann Tested-by: Thomas Zimmermann Signed-off-by: Wu Hoi Pok Signed-off-by: Alex Deucher commit a6e23bec8ed184ed2a11080b28cdbd7a3024f0c0 Author: Wu Hoi Pok Date: Sun Jun 30 12:59:20 2024 -0400 drm/radeon: add helper rdev_to_drm(rdev) Add helper rdev_to_drm(rdev), similar to amdgpu, most function should access the "drm_device" with "rdev_to_drm(rdev)" instead, where amdgpu has "adev_to_drm(adev)". It also makes changing from "*drm_device" to "drm_device" in "radeon_devicce" later on easier. Reviewed-by: Thomas Zimmermann Tested-by: Thomas Zimmermann Signed-off-by: Wu Hoi Pok Signed-off-by: Alex Deucher commit 78dd6a8d33a3363fb4196e173be0eb4002962798 Author: Wu Hoi Pok Date: Sun Jun 30 12:59:19 2024 -0400 drm/radeon: use variable flags as parameter To be consistent with amdgpu driver, use "flags" as the parameter because it is already assigned as "ent->driver_data". Reviewed-by: Thomas Zimmermann Tested-by: Thomas Zimmermann Signed-off-by: Wu Hoi Pok Signed-off-by: Alex Deucher commit 90985660ba488cd3428706e7d53d6c9cdbbf3101 Author: Wu Hoi Pok Date: Sun Jun 30 12:59:18 2024 -0400 drm/radeon: remove load callback from kms_driver The ".load" callback in "struct drm_driver" is deprecated. In order to remove the callback, we have to manually call "radeon_driver_load_kms" instead. Acked-by: Thomas Zimmermann Tested-by: Thomas Zimmermann Signed-off-by: Wu Hoi Pok Signed-off-by: Alex Deucher commit 60a9472cf0a8568f32be6cbbd32ee7759bffe215 Author: Wu Hoi Pok Date: Sun Jun 30 12:59:17 2024 -0400 drm/radeon: change variable name "dev" to "ddev" for consistency In the probe function of amdgpu, it uses "ddev" as the name of "struct drm_device *", so I suggest renaming it to be consistent. Reviewed-by: Thomas Zimmermann Tested-by: Thomas Zimmermann Signed-off-by: Wu Hoi Pok Signed-off-by: Alex Deucher commit 2d67c4b54909982d462bfe227279d1499b329545 Author: Aric Cyr Date: Mon Jul 8 10:03:28 2024 -0400 drm/amd/display: 3.2.292 * FW Release 0.0.225.0 * DML2 fixes * Allow display DCC for DCN401 * Refactor DWB, OPP, MPC, MMHUBBUB * Fix dscclk Programming issue on DCN401 Acked-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Aric Cyr Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 6b0a9bf72c04cd8d2864fccce42817c24b060aec Author: Rodrigo Siqueira Date: Tue Jul 9 14:34:25 2024 -0600 drm/amd/display: Remove unused dml2_core_ip_params struct Acked-by: Jerry Zuo Signed-off-by: Rodrigo Siqueira Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 48eba83018c14ba6c102f5801d31c398807535d9 Author: Joshua Aberback Date: Thu Jul 4 15:22:13 2024 -0400 drm/amd/display: Remove unnecessary DSC power gating for DCN401 [Why] In some cases during topology changes, a pipe that was used to drive a stream being removed can be re-assigned to drive a different stream. In these cases, DSC power gating is not handled properly, leading to situations where DSC is being setup while power gated. [How] - remove enable_stream_gating and disable_stream_gating for DCN401 Reviewed-by: Wenjing Liu Signed-off-by: Jerry Zuo Signed-off-by: Joshua Aberback Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit f59549c7e705be0087d08bc116ccc767b86d8362 Author: Aurabindo Pillai Date: Wed Jul 3 16:41:52 2024 -0400 drm/amd/display: free bo used for dmub bounding box fix a memleak introduced by not removing the buffer object for use with early dmub bounding box value storage Fixes: 234e94555800 ("drm/amd/display: Enable copying of bounding box data from VBIOS DMUB") Reviewed-by: Rodrigo Siqueira Reviewed-by: Alex Hung Signed-off-by: Jerry Zuo Signed-off-by: Aurabindo Pillai Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 748b3c4ca0bf43cec186ace2ecb33457d7a4653d Author: Duncan Ma Date: Thu Jun 27 12:11:58 2024 -0400 drm/amd/display: Add visual confirm for Idle State [Why] Visual Confirm would tell us if it ever entered idle state. [How] Add debug option for IPS visual confirm Reviewed-by: Ovidiu Bunea Signed-off-by: Jerry Zuo Signed-off-by: Duncan Ma Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit acce1eb8eb5de360fd82fd900454ff180912d8b1 Author: Daniel Sa Date: Thu Jul 4 13:41:15 2024 -0400 drm/amd/display: Set Cursor Matrix to bypass instead of Input Plane why: When the cursor disappears/reappears on fullscreen video, there is a short transitional period where the cursor's color matrix is using the same format as the video plane. This sets the cursor to the wrong color momentarily before the UI plane appears, correcting the color. how: Instead of defaulting to using the color space from the input plane, default to bypass mode. Reviewed-by: Nevenko Stupar Signed-off-by: Jerry Zuo Signed-off-by: Daniel Sa Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit be7a6a5171649c39f79a6259518218351082bd99 Author: Sung Joon Kim Date: Wed Jul 3 16:15:59 2024 -0400 drm/amd/display: Check stream pointer is initialized before accessing [why & how] We calculate static screen wait frames based on the current timing info in the active stream. If stream is not initialized, then we should skip the calculation and go with the default values. Reviewed-by: Gabe Teeger Signed-off-by: Jerry Zuo Signed-off-by: Sung Joon Kim Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 08cbe68d4aafcf651a86730a485df53e6ee9f594 Author: Dillon Varone Date: Wed Jul 3 14:00:14 2024 -0400 drm/amd/display: Export additional FAMS2 global configuration options from DML [WHY&HOW] Some global configuration options were previously hardcoded in DC, now they are exported by DML and sent to FW. Reviewed-by: Martin Leung Signed-off-by: Jerry Zuo Signed-off-by: Dillon Varone Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit b8d3782da396215615c3d125f0829d1d06ad2c97 Author: Mudimela Date: Tue Jul 2 11:55:56 2024 +0530 drm/amd/display: Refactoring DWB related files from dcn30 Files [Why] To refactor DWB related files from dcn30 Files [How] Moved DWB related files from dcn30 to specific DWB folder and updated Makefiles to fix Compilation. Reviewed-by: Martin Leung Signed-off-by: Jerry Zuo Signed-off-by: Mudimela Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 323b19f424486e61784e8797a8bfb2e24585e162 Author: Fudongwang Date: Mon Jul 1 16:47:28 2024 +0800 drm/amd/display: add dmcub support check [Why & How] For DCN harvest case, if there is no dmcub support, we should return false to avoid bugcheck later. Reviewed-by: Aric Cyr Signed-off-by: Jerry Zuo Signed-off-by: Fudongwang Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 6d64d39486197083497a01b39e23f2f8474b35d3 Author: Alex Hung Date: Wed Jul 3 10:50:35 2024 -0600 drm/amd/display: Increase array size of dummy_boolean [WHY] dml2_core_shared_mode_support and dml_core_mode_support access the third element of dummy_boolean, i.e. hw_debug5 = &s->dummy_boolean[2], when dummy_boolean has size of 2. Any assignment to hw_debug5 causes an OVERRUN. [HOW] Increase dummy_boolean's array size to 3. This fixes 2 OVERRUN issues reported by Coverity. Reviewed-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit fdd5ecbbff751c3b9061d8ebb08e5c96119915b4 Author: Alex Hung Date: Tue Jun 25 10:37:35 2024 -0600 drm/amd/display: Check null pointers before multiple uses [WHAT & HOW] Poniters, such as stream_enc and dc->bw_vbios, are null checked previously in the same function, so Coverity warns "implies that stream_enc and dc->bw_vbios might be null". They are used multiple times in the subsequent code and need to be checked. This fixes 10 FORWARD_NULL issues reported by Coverity. Reviewed-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit be1fb44389ca3038ad2430dac4234669bc177ee3 Author: Alex Hung Date: Tue Jun 25 10:35:52 2024 -0600 drm/amd/display: Check null pointers before used [WHAT & HOW] Poniters, such as dc->clk_mgr, are null checked previously in the same function, so Coverity warns "implies that "dc->clk_mgr" might be null". As a result, these pointers need to be checked when used again. This fixes 10 FORWARD_NULL issues reported by Coverity. Reviewed-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 0beca868cde8742240cd0038141c30482d2b7eb8 Author: Alex Hung Date: Thu Jun 27 16:45:39 2024 -0600 drm/amd/display: Check link_res->hpo_dp_link_enc before using it [WHAT & HOW] Functions dp_enable_link_phy and dp_disable_link_phy can pass link_res without initializing hpo_dp_link_enc and it is necessary to check for null before dereferencing. This fixes 2 FORWARD_NULL issues reported by Coverity. Reviewed-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 9932ca4c03c8181601f611dd366fceb765329800 Author: Dillon Varone Date: Wed Jul 3 12:55:26 2024 -0400 drm/amd/display: Add P-State Keepout to dcn401 Global Sync [WHY&HOW] OTG has new functionality to allow P-State relative to VStartup. Keepout region for this should be configured based on DML outputs same as other global sync params. Reviewed-by: Alvin Lee Signed-off-by: Jerry Zuo Signed-off-by: Dillon Varone Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit f82200703434522f1b35d38bdef02486d22b2f25 Author: Samson Tam Date: Wed Jul 3 12:23:02 2024 -0400 drm/amd/display: remove dc dependencies from SPL library [Why] Make SPL library dc-independent so it can be reused by other components [How] Create separate set of fixed31_32 calls in SPL Make all inputs and outputs to SPL use primitive types For ratios and inits, return as uint32 from SPL. So add conversion from uint32 back to fixed point in SPL-to-dc translate function Reviewed-by: Relja Vojvodic Signed-off-by: Jerry Zuo Signed-off-by: Samson Tam Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit a41d58fb91248557438de4e8298d1d2ed5b39564 Author: Nevenko Stupar Date: Wed Jul 3 13:29:55 2024 -0400 drm/amd/display: Issue with 3 or more mcaches per surface [Why & How] Current logic in mcache admissibility check has flaw if calculated number of maches are 3 or more per surface, so sometimes the check may pass when it should fail, and sometimes may fail when it should pass, fix the issue and also adding additional check to make sure that required number of mcaches per surface cannot be higher than number of pipes + 1, used on that surface. Reviewed-by: Chaitanya Dhere Signed-off-by: Jerry Zuo Signed-off-by: Nevenko Stupar Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 4e8eac98046446d99cbbed740f0767204b839f3f Author: Alvin Lee Date: Wed Jul 3 11:36:34 2024 -0400 drm/amd/display: Calculate ODM width using odm slice rect, not recout [Description] There are scenarios where ODM4:1 is used but the surface is entirely outside of the first and last ODM slice. In this case the recout.width for the first and last slice is 0 because there's no overlap with the surface and that ODM slice, but this causes the x_pos for the cursor in this scenario to be calculated incorrectly. Instead we should use the ODM slice width instead of the recout width. Reviewed-by: Nevenko Stupar Signed-off-by: Jerry Zuo Signed-off-by: Alvin Lee Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 39d496d4721ba509647a70041f38d82b03c74680 Author: Dillon Varone Date: Wed Jul 3 10:41:26 2024 -0400 drm/amd/display: Add blanked streams override to DML2.1 [WHY] DML2.1 currently has no concept of a "blanked" stream. For cases like DPMS off, things like UCLK p-state is always allowed, so PMO is not required to optimize for it. [HOW] Add flag to DML2.1 display configuration to indicate all streams are blanked, so certain operations and optimizations can be skipped for optimal programming when displays are blanked. Reviewed-by: Chaitanya Dhere Signed-off-by: Jerry Zuo Signed-off-by: Dillon Varone Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit f91a9af09dea850d83d4b217b8acbafd97b5c61f Author: Tom Chung Date: Wed Jul 3 16:47:57 2024 +0800 drm/amd/display: Fix VRR cannot enable [Why] Sometimes the VRR cannot enable after login to the desktop. User space may call the DRM_IOCTL_MODE_GETCONNECTOR right after the DRM_IOCTL_MODE_RMFB. After calling DRM_IOCTL_MODE_RMFB to remove all the frame buffer and it will cause the driver to disable the crtc and disable the link while calling the link_set_dpms_off(). It will cause the dpcd read failed in amdgpu_dm_update_freesync_caps() while try to get the DP_MSA_TIMING_PAR_IGNORED capability and think the sink side does not support VRR. [How] Use the dpcd_caps.allow_invalid_MSA_timing_param flag instead of reading from dpcd directly. dpcd_caps.allow_invalid_MSA_timing_param flag is updated during HPD. It is safe to replace the original method. Reviewed-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 5ed9481db74740fd33ec4079b29db88e8c9f4a1c Author: Mounika Adhuri Date: Wed Jun 26 18:51:04 2024 +0530 drm/amd/display: Refactoring MPC [Why] To refactor MPC files [How] Moved MPC files to respective folders and updated makefiles appropriately. Reviewed-by: Martin Leung Signed-off-by: Jerry Zuo Signed-off-by: Mounika Adhuri Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 2563391e57b5a9c1d83fd36c05ac4cbafeb5efe6 Author: Chaitanya Dhere Date: Tue Jul 2 10:50:04 2024 -0400 drm/amd/display: DML2.1 resynchronization July update for DML2.1 library from hardware team targeting DCN401 Reviewed-by: Aurabindo Pillai Signed-off-by: Jerry Zuo Signed-off-by: Chaitanya Dhere Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 5d2c102deff63ff8980dfa848ee41858d255c291 Author: Sung Joon Kim Date: Tue Jul 2 13:30:36 2024 -0400 drm/amd/display: Do 1-to-1 mapping between OPP and DSC in DML2 [why] To determine which block instance to power-gate, we look at the available pipe resource for both plane and stream. On MPO, DSC3 was falsely powered on even though only 1 stream path was enabled because the resource mapping was not done correctly. [how] Acquire the correct DSC instance to power on / off based on the instance of OPP which determines the backend pipe index. Reviewed-by: Swapnil Patel Signed-off-by: Jerry Zuo Signed-off-by: Sung Joon Kim Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 906fd46a65383cd639e5eec72a047efc33045d86 Author: Revalla Hari Krishna Date: Tue Jul 2 17:17:40 2024 +0530 drm/amd/display: Refactoring MMHUBBUB [Why] To refactor MMHUBBUB files [How] Moved mmhubbub files from dcn20 to /mmhubbub/ folder and update makefile to fix compilation. Reviewed-by: Martin Leung Signed-off-by: Jerry Zuo Signed-off-by: Revalla Hari Krishna Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 892abca6877a96c9123bb1c010cafccdf8ca1b75 Author: Chris Park Date: Fri Jun 28 15:09:06 2024 -0400 drm/amd/display: Deallocate DML memory if allocation fails [Why] When DC state create DML memory allocation fails, memory is not deallocated subsequently, resulting in uninitialized structure that is not NULL. [How] Deallocate memory if DML memory allocation fails. Reviewed-by: Joshua Aberback Signed-off-by: Jerry Zuo Signed-off-by: Chris Park Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 35ff747c86767937ee1e0ca987545b7eed7a0810 Author: Alex Hung Date: Thu Jun 27 20:05:14 2024 -0600 drm/amd/display: Check stream before comparing them [WHAT & HOW] amdgpu_dm can pass a null stream to dc_is_stream_unchanged. It is necessary to check for null before dereferencing them. This fixes 1 FORWARD_NULL issue reported by Coverity. Reviewed-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 1ff12bcd7deaeed25efb5120433c6a45dd5504a8 Author: Alex Hung Date: Thu Jun 27 17:38:16 2024 -0600 drm/amd/display: Check null pointers before using them [WHAT & HOW] These pointers are null checked previously in the same function, indicating they might be null as reported by Coverity. As a result, they need to be checked when used again. This fixes 3 FORWARD_NULL issue reported by Coverity. Reviewed-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 5559598742fb4538e4c51c48ef70563c49c2af23 Author: Alex Hung Date: Thu Jun 27 11:51:27 2024 -0600 drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags [WHAT & HOW] "dcn20_validate_apply_pipe_split_flags" dereferences merge, and thus it cannot be a null pointer. Let's pass a valid pointer to avoid null dereference. This fixes 2 FORWARD_NULL issues reported by Coverity. Reviewed-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 3718a619a8c0a53152e76bb6769b6c414e1e83f4 Author: Alex Hung Date: Thu Jun 20 20:23:41 2024 -0600 drm/amd/display: Check phantom_stream before it is used dcn32_enable_phantom_stream can return null, so returned value must be checked before used. This fixes 1 NULL_RETURNS issue reported by Coverity. Reviewed-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 367cd9ceba1933b63bc1d87d967baf6d9fd241d2 Author: Alex Hung Date: Thu Jun 27 17:34:18 2024 -0600 drm/amd/display: Check null-initialized variables [WHAT & HOW] drr_timing and subvp_pipe are initialized to null and they are not always assigned new values. It is necessary to check for null before dereferencing. This fixes 2 FORWARD_NULL issues reported by Coverity. Reviewed-by: Nevenko Stupar Reviewed-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit b995c0a6de6c74656a0c39cd57a0626351b13e3c Author: Alex Hung Date: Tue Jun 18 14:05:08 2024 -0600 drm/amd/display: Initialize denominators' default to 1 [WHAT & HOW] Variables used as denominators and maybe not assigned to other values, should not be 0. Change their default to 1 so they are never 0. This fixes 10 DIVIDE_BY_ZERO issues reported by Coverity. Reviewed-by: Harry Wentland Signed-off-by: Jerry Zuo Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit f60881ca126cf825b89b4118e93dbd82ea9bcf33 Author: Revalla Hari Krishna Date: Wed Jun 26 18:03:16 2024 +0530 drm/amd/display: Refactoring OPP [Why] To refactor OPP files [How] Moved opp related files to specific opp folder and updated Makefiles. Acked-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Revalla Hari Krishna Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit d94df7cad26b4c5958fbfa550d65794c89aa90ba Author: Gabe Teeger Date: Fri Jun 28 16:05:36 2024 -0400 drm/amd/display: Fix DP-DVI dongle hotplug [why] Hotplugging with a DVI-DP dongle on pre-rdna embedded platform working about half the time. The regression was found to be the setting of link->type here. [what] Reverts fix besides the logging added. Reviewed-by: Wenjing Liu Signed-off-by: Jerry Zuo Signed-off-by: Gabe Teeger Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit c18fa08e6fd8952e88fa9ad108371c2bd5b82564 Author: Alvin Lee Date: Thu Jun 27 11:56:47 2024 -0400 drm/amd/display: Disable subvp based on HW cursor requirement [Description] - There are situations where HW cursor is required - In these scenarios we should disable subvp based on the HW cursor requirement Reviewed-by: Dillon Varone Signed-off-by: Jerry Zuo Signed-off-by: Alvin Lee Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit b3c9c9affd71f1f9b136534d6f56f392edb78620 Author: Alvin Lee Date: Thu Jun 27 10:42:26 2024 -0400 drm/amd/display: When resync fifo ensure to use correct pipe ctx We resync the FIFO after each pipe update in apply_ctx_to_hw. However, this means that some pipes (in hardware) are based on the new context and some are based on the current_state (since the pipes are updated on at a time). In this case we must ensure to use the pipe_ctx that's currently still configured in hardware when turning off / on OTG's and reconfiguring ODM during the resync. Reviewed-by: Nicholas Kazlauskas Signed-off-by: Jerry Zuo Signed-off-by: Alvin Lee Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit f5c783868855bbecfc4311050dbaca4cb28ada5e Author: Sridevi Arvindekar Date: Thu Jun 27 09:39:33 2024 -0400 drm/amd/display: Add option to allow transition when odm is forced Added option to allow transition for forced odm. Add the variation to the nightly run. Reviewed-by: Wenjing Liu Signed-off-by: Jerry Zuo Signed-off-by: Sridevi Arvindekar Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 218784049f4b90834dd7b854857df0b7e0f76567 Author: Jingwen Zhu Date: Tue Jun 25 16:20:58 2024 +0800 drm/amd/display: avoid disable otg when dig was disabled [Why] This is a workaround for an dcn3.1 hang that happens if otg dispclk is ramped while otg is on and stream enc is off. But this w/a should not trigger when we have a dig active. [How] Avoid disable otg when dig FE/BE FIFO was not switched. Acked-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Jingwen Zhu Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit c83ecc0bee94995117329fccbfa6e8b43ce56044 Author: Relja Vojvodic Date: Thu Jun 27 17:41:36 2024 -0400 drm/amd/display: Implement bias and scale pre scl why: New scaler needs the input to be full range color space. This will also fix issues that come up due to not having a predefined limited color space matrix for certain color spaces how: Use bias and scale HW to expand the range of limited color spaces to full before the scaler Reviewed-by: Krunoslav Kovac Signed-off-by: Jerry Zuo Signed-off-by: Relja Vojvodic Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 5fc77c26970d443f1c020ee8a5d475ad6b81e15f Author: Wenjing Liu Date: Fri May 31 11:37:15 2024 -0400 drm/amd/display: apply vmin optimization even if it doesn't reach vmin level [why] Based on power measurement result, in most cases when display clock is higher than Vmin display clock, lowering display clock using dynamic ODM will improve overall power consumption by 0 to 4 watts even if we can't reach Vmin. [how] Allow vmin optimization applied even if dispclk can't reach Vmin. Reviewed-by: Jun Lei Signed-off-by: Jerry Zuo Signed-off-by: Wenjing Liu Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 3c9154310af71802de2f40c5689b66009a407f37 Author: Wenjing Liu Date: Tue Jun 25 15:22:25 2024 -0400 drm/amd/display: fix dscclk programming sequence on DCN401 [why] The mux to switch between refclk and dto_dsc_clk is non double buffered. However dto dsc clk's phase and modulo divider registers are currently configured as double buffered update. This causes a problem when we switch to use dto dsc clk and program phase and modulo in the same sequence. In this sequence dsc clk is switched to dto but the clock divider programming doesn't take effect until next frame. When we try to program DSCC registers, SMN bus will hang because dto dsc clk divider phase is set to 0. [how] Configure phase and modulo to take effect immediately. Always switch to dto dsc clk before DSC clock is unagted. Switch back to refclk after DSC clock is gated. Acked-by: Rodrigo Siqueira Reviewed-by: Jerry Zuo Signed-off-by: Wenjing Liu Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit bc2fe69f16c7122b5dabc294aa2d6065d8da2169 Author: Alex Hung Date: Tue Jun 25 13:06:43 2024 -0600 drm/amd/display: Revert "Check HDCP returned status" This reverts commit 5d93060d430b359e16e7c555c8f151ead1ac614b due to a power consumption regression. Reviewed-by: Rodrigo Siqueira Signed-off-by: Jerry Zuo Signed-off-by: Alex Hung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit e8d77cfdd2698039667432b8569bac34d13508c1 Author: Roman Li Date: Tue Jun 25 13:23:36 2024 -0400 drm/amd/display: Replace assert with error message in dp_retrieve_lttpr_cap() [Why] When assert in dp_retrieve_lttpr_cap() is hit, dmesg has traces like: RIP: 0010:dp_retrieve_lttpr_cap+0xcc/0x1a0 [amdgpu] Call Trace: dp_retrieve_lttpr_cap+0xcc/0x1a0 [amdgpu] report_bug+0x1e8/0x240 handle_bug+0x46/0x80 link_detect+0x35/0x580 [amdgpu] It happens when LTTPRs fail to increment dpcd repeater count. We have a recovery action in place for such cases. Assert is misleading, an indicative error in dmesg is more useful. [How] Remove ASSERT and use DC_LOG_ERROR instead. Reviewed-by: Michael Strauss Signed-off-by: Jerry Zuo Signed-off-by: Roman Li Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 98579743c4561acc3b1c7d2f3fcd46b2160db5ba Author: Ryan Seto Date: Wed Jun 26 14:53:26 2024 -0400 drm/amd/display: Added logging for automated DPM testing [Why] Added clock logs to automate DPM testing [How] Added logs and helper functions to output clocks Co-authored-by: Ryan Seto Reviewed-by: Alvin Lee Signed-off-by: Jerry Zuo Signed-off-by: Ryan Seto Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 0961367cb5208850a123d235d147f92f586b2491 Author: Alvin Lee Date: Tue Jun 25 16:40:51 2024 -0400 drm/amd/display: Don't consider cursor for no plane case in DML1 [Description] For no plane scenarios we should not consider cursor as there cannot be any cursor if there's no planes. This fixes an issue where dc_commit_streams fails due to prefetch bandwidth requirements (the display config + dummy planes + cursor causes the prefetch bandwidth to exceed what is possible). Reviewed-by: Chaitanya Dhere Signed-off-by: Jerry Zuo Signed-off-by: Alvin Lee Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 5f30ee493044e9ea3a46167e5597a96f5c302adb Author: Samson Tam Date: Thu Jun 20 15:42:45 2024 -0400 drm/amd/display: quality improvements for EASF and ISHARP [Why] Update coefficients and LUT tables for scaler and sharpener to improve quality and support different use cases (SDR/HDR) [How] Move scaler coefficients to new file dc_spl_scl_easf_filters.c Remove older coefficients file dc_sp_scl_filters_old.c Update default taps for EASF support Update LLS policy for DON'T CARE case Update cositing offset from 0.5 to 0.25 Add support to adjust sharpness based on level, use case, and scaling ratio ( using discrete levels ) Apply sharpness to all RGB surfaces and both NV12 and P010 video ( in fullscreen only ). Upscale and 1:1 ratios only Enable scaler when sharpening 1:1 ratios Add support for coefficients that are in S1.10 format (convert to S1.12 format) Reviewed-by: Jun Lei Signed-off-by: Jerry Zuo Signed-off-by: Samson Tam Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit 4ccc8fdcca670edd76d8bfd6389f04c448cff6f6 Author: Alvin Lee Date: Tue Sep 12 14:51:47 2023 -0400 drm/amd/display: Disable HBR audio for DP2 for certain ASICs [Description] Due to a HW bug, HBR audio is not supported for DP2 encoders for certain ASICs. Reviewed-by: Alvin Lee Signed-off-by: Jerry Zuo Signed-off-by: Alvin Lee Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit b68417613d4134b9e39fff95e72ca726268b47db Author: Tom Chung Date: Wed Jun 26 16:14:24 2024 +0800 drm/amd/display: Disable replay if VRR capability is false [Why] The VRR need to be supported for panel replay feature. If VRR capability is false, panel replay capability also need to be disabled. [How] After update the vrr capability, the panel replay capability also need to be check if need. Reviewed-by: Wayne Lin Signed-off-by: Jerry Zuo Signed-off-by: Tom Chung Tested-by: Daniel Wheeler Signed-off-by: Alex Deucher commit e84f798a93881062cd14ce316a68068edd50bfb4 Author: Sunil Khatri Date: Tue Jul 16 16:15:57 2024 +0530 drm/amdgpu: add print support for sdma_v_5_0 ip_dump Add support for ip dump for sdma_v_5_0 in devcoredump. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 0f1a93704a5cf53ce819a7c544125442666d61ce Author: Sunil Khatri Date: Tue Jul 16 16:10:26 2024 +0530 drm/amdgpu: Add sdma_v5_0 ip dump for devcoredump Add ip dump for sdma_v5_0 for devcoredump for all instances of sdma. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit ccb54d7d91d256485cfe5403a12abb0175ce4539 Author: Sunil Khatri Date: Tue Jul 16 15:43:44 2024 +0530 drm/amdgpu: add print support for sdma_v_6_0 ip_dump Add print support for ip dump for sdma_v_6_0 in devcoredump. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 1eba165aa40c79f65f487678c8ea8e77b1c6a5a4 Author: Sunil Khatri Date: Tue Jul 16 15:22:56 2024 +0530 drm/amdgpu: Add sdma_v6_0 ip dump for devcoredump Add ip dump for sdma_v6_0 for devcoredump for all instances of sdma. Reviewed-by: Alex Deucher Signed-off-by: Sunil Khatri Signed-off-by: Alex Deucher commit 00bb3223bf7cfed3c9c714e994cbd454cc3e6b73 Author: Sunil Khatri Date: Fri Jul 12 17:55:33 2024 +0530 drm/amdgpu: fix the print message in devcoredump Fix the memory type logged for gtt memory size which is wrongly logged as visible vram size. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 43796955a89572c63f7f96e271a2849c27d18f2d Author: Sunil Khatri Date: Tue Jul 16 15:50:49 2024 +0530 drm/amdgpu: fix the extra space between two functions fix extra line space between two functions. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 08bed7e4ff24f90e200defcd2c23e70b0a3cd710 Author: Sunil Khatri Date: Fri Jul 12 16:44:36 2024 +0530 drm/amdgpu: add print support for sdma_v_5_2 ip_dump Add support for ip dump for sdma_v_5_2 in devcoredump. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit f763c3b543d80ebcb94dd19a69324bf2b72b23ab Author: Sunil Khatri Date: Fri Jul 12 16:17:46 2024 +0530 drm/amdgpu: Add sdma_v5_2 ip dump for devcoredump Add ip dump for sdma_v5_2 for devcoredump for all instances of sdma. Signed-off-by: Sunil Khatri Reviewed-by: Alex Deucher Signed-off-by: Alex Deucher commit 19cc4b7d75b52df2b4fbb76428a6b0dda3d248bc Author: Markus Elfring Date: Mon Jul 15 13:12:10 2024 +0200 drm/dp_mst: Simplify character output in drm_dp_mst_dump_topology() Single characters should be put into a sequence. Thus use the corresponding function “seq_putc” for one selected call. This issue was transformed by using the Coccinelle software. Suggested-by: Christophe Jaillet Signed-off-by: Markus Elfring Reviewed-by: Lyude Paul Signed-off-by: Lyude Paul Link: https://patchwork.freedesktop.org/patch/msgid/af602b2e-4d92-4c54-9884-7db84700aa93@web.de commit 1fb4dceeedc5f0d1d062ddc44c4a426e1639e387 Author: Marek Vasut Date: Mon Jul 8 17:01:14 2024 +0200 drm/bridge: tc358767: Add configurable default preemphasis Make the default DP port preemphasis configurable via new DT property "toshiba,pre-emphasis". This is useful in case the DP link properties are known and starting link training from preemphasis setting of 0 dB is not useful. The preemphasis can be set separately for both DP lanes in range 0=0dB, 1=3.5dB, 2=6dB . Acked-by: Alexander Stein Signed-off-by: Marek Vasut Link: https://patchwork.freedesktop.org/patch/msgid/20240708150130.54484-2-marex@denx.de commit b7d3d5447939bb03ed07d267298d6082b1957e16 Author: Marek Vasut Date: Mon Jul 8 17:01:13 2024 +0200 dt-bindings: display: bridge: tc358867: Document default DP preemphasis Document default DP port preemphasis configurable via new DT property "toshiba,pre-emphasis". This is useful in case the DP link properties are known and starting link training from preemphasis setting of 0 dB is not useful. The preemphasis can be set separately for both DP lanes in range 0=0dB, 1=3.5dB, 2=6dB . This is an endpoint property, not a port property, because the TC9595 datasheet does mention that the DP might operate in some sort of split mode, where each DP lane is used to feed one display, so in that case there might be two endpoints. Signed-off-by: Marek Vasut Reviewed-by: Rob Herring (Arm) Link: https://patchwork.freedesktop.org/patch/msgid/20240708150130.54484-1-marex@denx.de commit 8af13c3fc1259c1b8cfc4459d3701fcf41ad74df Author: Matthew Brost Date: Tue Jul 23 08:10:45 2024 -0700 drm/xe: Store process name and pid in xe file An xe file can outlive the associated process as the GPU cleanup is just triggered upon file close (process kill) and completes sometime later. If the file close triggers error conditions (GPU hangs) the process cannot be safely referenced to retrieve the name and pid for debug information. Store the process name and pid directly in the xe file to be safe. v2: - Access file->pid via rcu_access_pointer (Matthew Auld) Fixes: b10d0c5e9df7 ("drm/xe: Add process name to devcoredump") Fixes: f6ca930d974e ("drm/xe: Add process name and PID to job timedout message") Signed-off-by: Matthew Brost Acked-by: Rodrigo Vivi Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240723151045.1725417-1-matthew.brost@intel.com commit c8a31ff6199f12ca65d73f1235117c1d9e6365a9 Author: Matthew Brost Date: Mon Jul 22 18:17:02 2024 -0700 drm/xe: Return -ENOBUFS if a kmalloc fails which is tied to an array of binds The size of an array of binds is directly tied to several kmalloc in the KMD, thus making these kmalloc more likely to fail. Return -ENOBUFS in the case of these failures. The expected UMD behavior upon returning -ENOBUFS is to split an array of binds into a series of single binds. v2: - Resend for CI v3: - Resend for CI Cc: Paulo Zanoni Signed-off-by: Matthew Brost Reviewed-by: Himal Prasad Ghimiray Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240723011702.1684013-1-matthew.brost@intel.com commit 649b93dbb902ae3237fddbe998eb1f4de1a14b71 Author: Matthew Brost Date: Mon Jul 22 18:02:30 2024 -0700 drm/xe: Fix xe_pt_abort_unbind When restoring the children PT entries on a bind failure the incorrect loop index has used resulting in PT entries being leaked. This is shown by running xe_vm.bind-array-conflict-error-inject on a VRAM device going into a suspend state after the test completes. v2: - s/childern/children (CI, Matt Auld) Fixes: a708f6501c69 ("drm/xe: Update PT layer with better error handling") Cc: Matthew Auld Signed-off-by: Matthew Brost Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240723010230.1652707-1-matthew.brost@intel.com commit 9c27f613d55f8ffeb3f250d9d34e41edca3df3b5 Author: Rajneesh Bhardwaj Date: Mon Jul 8 12:06:36 2024 -0400 drm/ttm: Allow direct reclaim to allocate local memory v2 Limiting the allocation of higher order pages to the closest NUMA node and enabling direct memory reclaim provides not only failsafe against situations when memory becomes too much fragmented and the allocator is not able to satisfy the request from the local node but falls back to remote pages (HUGEPAGE) but also offers performance improvement. Accessing remote pages suffers due to bandwidth limitations and could be avoided if memory becomes defragmented and in most cases without using manual compaction. (/proc/sys/vm/compact_memory) Note: On certain distros such as RHEL, the proactive compaction is disabled. (https://tinyurl.com/4f32f7rs) v2 (chk): drop __GFP_RECLAIM since that is already set by GFP_USER Cc: Dave Airlie Cc: Vlastimil Babka Cc: Daniel Vetter Reviewed-by: Christian König Signed-off-by: Rajneesh Bhardwaj Link: https://patchwork.freedesktop.org/patch/msgid/20240708160636.1147308-1-rajneesh.bhardwaj@amd.com Signed-off-by: Christian König commit d5e79eeba3086a52593b295ac4bf6eddd64d4aad Author: T.J. Mercier Date: Sat Jul 20 15:15:42 2024 +0800 dma-buf: heaps: Deduplicate docs and adopt common format The docs for dma_heap_get_name were incorrect, and since they were duplicated in the header they were wrong there too. The docs formatting was inconsistent so I tried to make it more consistent across functions since I'm already in here doing cleanup. Remove multiple unused includes and alphabetize. Signed-off-by: T.J. Mercier Signed-off-by: Yong Wu [Yong: Just add a comment for "priv" to mute build warning] Signed-off-by: Yunfei Dong Link: https://patchwork.freedesktop.org/patch/msgid/20240720071606.27930-5-yunfei.dong@mediatek.com Signed-off-by: Christian König commit bf32a3a1268638442ac43b347e4a4a09044dccea Author: Danilo Krummrich Date: Thu Jul 18 18:58:48 2024 +0200 drm/nouveau: use GEM references instead of TTMs TTM wants to get rid of the duplicate refcounting of the embedded GEM object and its own reference count. Hence, use of GEM object references where possible. Also get rid of nouveau_bo_ref() and replace it with nouveau_bo_fini(), which drops the initial reference we get from initializing a ttm_bo. Reviewed-by: Ben Skeggs Acked-by: Christian König Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240718165959.3983-4-dakr@kernel.org commit b26d9dddad7bca6727069f6a26b265d303c65c49 Author: Danilo Krummrich Date: Thu Jul 18 18:58:47 2024 +0200 drm/nouveau: bo: remove unused functions nouveau_bo_new_pin_map() and nouveau_bo_unmap_unpin_unref() are unused, hence remove them. Reviewed-by: Ben Skeggs Acked-by: Christian König Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240718165959.3983-3-dakr@kernel.org commit 1b93f3e89d03cfc576636e195466a0d728ad8de5 Author: Danilo Krummrich Date: Thu Jul 18 18:58:46 2024 +0200 drm/nouveau: prime: fix refcount underflow Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow. Instead of calling nouveau_bo_ref() in the unwind path of drm_gem_object_init(), clean things up manually. Fixes: ab9ccb96a6e6 ("drm/nouveau: use prime helpers") Reviewed-by: Ben Skeggs Reviewed-by: Christian König Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240718165959.3983-2-dakr@kernel.org commit d4b9b6da5777bb03f36f01bb6b05c6cc303ededb Author: Terry Hsiao Date: Sun Jul 21 18:04:49 2024 +0800 drm/panel-edp: Add 6 panels used by MT8186 Chromebooks The raw EDIDs for each panel: AUO - B116XTN02.3 00 ff ff ff ff ff ff 00 06 af aa 73 00 00 00 00 00 21 01 04 95 1a 0e 78 02 6b f5 91 55 54 91 27 22 50 54 00 00 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 ce 1d 56 e2 50 00 1e 30 26 16 36 00 00 90 10 00 00 18 df 13 56 e2 50 00 1e 30 26 16 36 00 00 90 10 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 10 48 ff 0f 3c 7d 50 05 18 7d 20 20 20 00 67 - B116XAN06.1 00 ff ff ff ff ff ff 00 06 af 99 a1 00 00 00 00 00 1f 01 04 95 1a 0e 78 02 9e a5 96 59 58 96 28 1b 50 54 00 00 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 ce 1d 56 ea 50 00 1a 30 30 20 46 00 00 90 10 00 00 18 df 13 56 ea 50 00 1a 30 30 20 46 00 00 90 10 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 10 48 ff 0f 3c 7d 0c 0a 2a 7d 20 20 20 00 3a - B116XAT04.1 00 ff ff ff ff ff ff 00 06 af b4 c4 00 00 00 00 12 22 01 04 95 1a 0e 78 02 9e a5 96 59 58 96 28 1b 50 54 00 00 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 ce 1d 56 ea 50 00 1a 30 30 20 46 00 00 90 10 00 00 18 df 13 56 ea 50 00 1a 30 30 20 46 00 00 90 10 00 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 10 48 ff 0f 3c 7d 0c 0a 2a 7d 20 20 20 00 e7 BOE - NV116WHM-A4D 00 ff ff ff ff ff ff 00 09 e5 fa 0c 00 00 00 00 12 22 01 04 95 1a 0e 78 03 0b 55 9a 5f 58 95 28 1e 50 54 00 00 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 96 1d 56 c8 50 00 26 30 30 20 36 00 00 90 10 00 00 1a b9 13 56 c8 50 00 26 30 30 20 36 00 00 90 10 00 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 0d 40 ff 0a 3c 7d 0f 0c 17 7d 00 00 00 00 1a CMN - N116BCA-EA2 00 ff ff ff ff ff ff 00 0d ae 5d 11 00 00 00 00 0f 21 01 04 95 1a 0e 78 03 67 75 98 59 53 90 27 1c 50 54 00 00 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 da 1d 56 e2 50 00 20 30 30 20 a6 00 00 90 10 00 00 1a e7 13 56 e2 50 00 20 30 30 20 a6 00 00 90 10 00 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 0c 3d ff 0d 3c 7d 0d 0a 15 7d 00 00 00 00 0f - N116BCP-EA2 00 ff ff ff ff ff ff 00 0d ae 61 11 00 00 00 00 0f 21 01 04 95 1a 0e 78 03 67 75 98 59 53 90 27 1c 50 54 00 00 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 da 1d 56 e2 50 00 20 30 30 20 a6 00 00 90 10 00 00 1a e7 13 56 e2 50 00 20 30 30 20 a6 00 00 90 10 00 00 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 0c 3d ff 0d 3c 7d 0d 0a 15 7d 00 00 00 00 0b Signed-off-by: Terry Hsiao Reviewed-by: Douglas Anderson Signed-off-by: Douglas Anderson Link: https://patchwork.freedesktop.org/patch/msgid/20240721100449.8280-1-terry_hsiao@compal.corp-partner.google.com commit 7e0fe233aa0849de8a0a5e60cb0d71dfb359664f Author: Lucas De Marchi Date: Fri Jul 19 12:15:34 2024 -0700 drm/xe: Fix warning on unreachable statement eu_type_to_str() relies on -Wswitch to warn (and -Werror) to make sure it handles all enum values. However it's perfectly legal to pass an int to that function so in the end that function may happen to return nothing. There's too much implicit knowledge about the initialization of eu_type for a compiler to notice eu_type is never assigned to anything other than those values. Trying to reproduce this issue, none of gcc-9, gcc-10 and gcc-13 triggered for me, but this was reported in a different system with gcc-10: drivers/gpu/drm/xe/xe.o: warning: objtool: xe_gt_topology_dump() falls through to next function xe_gt_topology_init() Also it was reported these warnings when building with clang: drivers/gpu/drm/xe/xe.o: warning: objtool: xe_gt_topology_dump+0x77: sibling call from callable instruction with modified stack frame drivers/gpu/drm/xe/xe.o: warning: objtool: xe_gt_topology_dump() falls through to next function xe_dss_mask_group_ffs() drivers/gpu/drm/xe/xe.o: warning: objtool: xe_gt_topology_dump+0x77: can't find jump dest instruction at .text.xe_gt_topology_dump+0xc0 Since that value is not really possible in real world, just take the simple approach and return NULL. Fixes: 7108b4a589cd ("drm/xe/uapi: Expose SIMD16 EU mask in topology query") Reviewed-by: Nathan Chancellor Tested-by: Nathan Chancellor Reviewed-by: Michal Wajdeczko Link: https://patchwork.freedesktop.org/patch/msgid/20240719191534.3845469-1-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit edb46ddbc55e53eef3d6e575087baa315598d253 Author: Kemeng Shi Date: Mon Jul 15 21:05:34 2024 +0800 quota: remove unnecessary error code translation in dquot_quota_enable Simply set error code to -EEXIST when quota limit is already enabled in dquot_quota_enable to remove unnecessary error code translation. Link: https://patch.msgid.link/20240715130534.2112678-5-shikemeng@huaweicloud.com Signed-off-by: Kemeng Shi Signed-off-by: Jan Kara commit f439111b489167dce14ade4e848be8a1b23283ff Author: Kemeng Shi Date: Mon Jul 15 21:05:33 2024 +0800 quota: remove redundant return at end of void function Function dquot_claim_space_nodirty nad dquot_reclaim_space_nodirty have no return value, just remove redundant return at end of the functions. Link: https://patch.msgid.link/20240715130534.2112678-4-shikemeng@huaweicloud.com Signed-off-by: Kemeng Shi Signed-off-by: Jan Kara commit a838e5dca63d1dc701e63b2b1176943c57485c45 Author: Kemeng Shi Date: Mon Jul 15 21:05:32 2024 +0800 quota: remove unneeded return value of register_quota_format The register_quota_format always returns 0, simply remove unneeded return value. Link: https://patch.msgid.link/20240715130534.2112678-3-shikemeng@huaweicloud.com Signed-off-by: Kemeng Shi Reviewed-by: Joseph Qi Signed-off-by: Jan Kara commit d16a5f852025be546b6e4ceef15899db3490f4d7 Author: Kemeng Shi Date: Mon Jul 15 21:05:31 2024 +0800 quota: avoid missing put_quota_format when DQUOT_SUSPENDED is passed Avoid missing put_quota_format when DQUOT_SUSPENDED is passed to dquot_load_quota_sb. Link: https://patch.msgid.link/20240715130534.2112678-2-shikemeng@huaweicloud.com Signed-off-by: Kemeng Shi Fixes: d44c57663723 ("quota: Remove BUG_ON in dquot_load_quota_sb()") Reviewed-by: Joseph Qi Signed-off-by: Jan Kara commit f00bfaca704ca1a2c4e31501a0a7d4ee434e73a7 Author: Douglas Anderson Date: Fri Jun 21 13:44:29 2024 -0700 drm/panel: Avoid warnings w/ panel-simple/panel-edp at shutdown At shutdown if you've got a _properly_ coded DRM modeset driver then you'll get these two warnings at shutdown time: Skipping disable of already disabled panel Skipping unprepare of already unprepared panel These warnings are ugly and sound concerning, but they're actually a sign of a properly working system. That's not great. We're not ready to get rid of the calls to drm_panel_disable() and drm_panel_unprepare() because we're not 100% convinced that all DRM modeset drivers are properly calling drm_atomic_helper_shutdown() or drm_helper_force_disable_all() at the right times. However, having the warning show up for correctly working systems is bad. As a bit of a workaround, add some "if" tests to try to avoid the warning on correctly working systems. Also add some comments and update the TODO items in the hopes that future developers won't be too confused by what's going on here. Suggested-by: Daniel Vetter Acked-by: Neil Armstrong Reviewed-by: Linus Walleij Signed-off-by: Douglas Anderson Link: https://patchwork.freedesktop.org/patch/msgid/20240621134427.1.Ieb287c2c3ee3f6d3b0d5f49b29f746b93621749c@changeid commit 1f7ce4316d8c8ca8fdf5e477fee91012420b1fa3 Author: Jocelyn Falempe Date: Fri Jul 19 17:24:13 2024 +0200 mtd: mtdoops: Fix kmsgdump parameter renaming. When the kmsg_dumper callback parameter changed, the reason variable in mtdoops_do_dump() was not updated accordingly. This breaks the build with mtdoops. Fixes: e1a261ba599e ("printk: Add a short description string to kmsg_dump()") Suggested-by: Knop Ryszard Signed-off-by: Jocelyn Falempe Acked-by: Richard Weinberger Link: https://patchwork.freedesktop.org/patch/msgid/20240719152542.1554440-1-jfalempe@redhat.com commit 1c1ed27ee117da726657c10d6614995eeae33b68 Author: Jocelyn Falempe Date: Mon Jul 22 13:47:51 2024 +0200 fbcon: Use oops_in_progress instead of panic_cpu Panic_cpu is not exported, so it can't be used if fbcon is used as a module. Use oops_in_progress in this case, but non-fatal oops won't be printed. Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202407210203.2ISiIC9m-lkp@intel.com/ Signed-off-by: Jocelyn Falempe Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240722114800.174558-1-jfalempe@redhat.com commit bc3ca4d94369838c3b6668a183467d4a69a5a482 Author: Easwar Hariharan Date: Thu Jul 11 05:27:31 2024 +0000 drm/i915: Make I2C terminology more inclusive I2C v7, SMBus 3.2, and I3C 1.1.1 specifications have replaced "master/slave" with more appropriate terms. Inspired by Wolfram's series to fix drivers/i2c/, fix the terminology for users of I2C_ALGOBIT bitbanging interface, now that the approved verbiage exists in the specification. Reviewed-by: Rodrigo Vivi Acked-by: Rodrigo Vivi Acked-by: Zhi Wang Signed-off-by: Easwar Hariharan Reviewed-by: Andi Shyti Signed-off-by: Andi Shyti Link: https://patchwork.freedesktop.org/patch/msgid/20240711052734.1273652-4-eahariha@linux.microsoft.com commit 25ec7e809cc1fe9f01a71199d29092f6f1b4611c Author: Michal Wajdeczko Date: Mon Jul 15 20:05:38 2024 +0200 drm/xe: Add NEEDS_2M BO flag In addition of NEEDS_64K BO flag, add similar one to force 2 MiB alignment of the buffer objects. Explicitly use this flag during VF LMEM provisioning as LMTT uses 2 MiB pages and one day we may drop requirement of allocating pinned objects as contiguous. Signed-off-by: Michal Wajdeczko Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240715180538.1418-3-michal.wajdeczko@intel.com commit 9790bbe3ba48b659c0152f49552f6abc18f85bc8 Author: Michal Wajdeczko Date: Mon Jul 15 20:05:37 2024 +0200 drm/xe: Normalize NEEDS_64K BO flag In commit 62742d126631 ("drm/xe: Normalize bo flags macros"), we normalized all BO flags but XE_BO_NEEDS_64K. Do it now. Signed-off-by: Michal Wajdeczko Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240715180538.1418-2-michal.wajdeczko@intel.com commit cf1e6edbd1c8ba654f97071ccb748d87ef0115aa Author: Michal Wajdeczko Date: Sat Jul 20 16:25:28 2024 +0200 drm/xe/tests: Skip xe_mocs live tests on VF device There is no point to run those tests on VFs devices as they can't access any of the MOCS registers. Skip testing on the VF device. [ ] =================== xe_mocs (1 subtest) ==================== [ ] ================ xe_live_mocs_kernel_kunit ================ [ ] [PASSED] 0000:4d:00.0 [ ] [SKIPPED] 0000:4d:00.1 [ ] ============ [PASSED] xe_live_mocs_kernel_kunit ============ [ ] ===================== [PASSED] xe_mocs ===================== Signed-off-by: Michal Wajdeczko Reviewed-by: Jonathan Cavitt Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240720142528.530-8-michal.wajdeczko@intel.com commit 57ecead343e724b6ea38e9c2d8f794b293cf2951 Author: Michal Wajdeczko Date: Sat Jul 20 16:25:27 2024 +0200 drm/xe/tests: Convert xe_mocs live tests Convert xe_mocs live tests to parameterized style. Signed-off-by: Michal Wajdeczko Reviewed-by: Jonathan Cavitt Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240720142528.530-7-michal.wajdeczko@intel.com commit 37db1e776285518a7e1269b868d094a4532b2d54 Author: Michal Wajdeczko Date: Sat Jul 20 16:25:26 2024 +0200 drm/xe/tests: Convert xe_migrate live tests Convert xe_migrate live tests to parameterized style. Signed-off-by: Michal Wajdeczko Reviewed-by: Jonathan Cavitt Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240720142528.530-6-michal.wajdeczko@intel.com commit 8f3d86f13eb2b37d86fc48df8995dffd9b7d9010 Author: Michal Wajdeczko Date: Sat Jul 20 16:25:25 2024 +0200 drm/xe/tests: Convert xe_dma_buf live tests Convert xe_dma_buf live tests to parameterized style. Signed-off-by: Michal Wajdeczko Reviewed-by: Jonathan Cavitt Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240720142528.530-5-michal.wajdeczko@intel.com commit e17eedf56ea7afacd919a3d6cc75a617cddd003a Author: Michal Wajdeczko Date: Sat Jul 20 16:25:24 2024 +0200 drm/xe/tests: Convert xe_bo live tests Convert xe_bo live tests to parameterized style. Signed-off-by: Michal Wajdeczko Reviewed-by: Jonathan Cavitt Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240720142528.530-4-michal.wajdeczko@intel.com commit 8bfab7cd8335b10bad92e44f58c5a038762bcbc3 Author: Michal Wajdeczko Date: Sat Jul 20 16:25:23 2024 +0200 drm/xe/tests: Add helpers for use in live tests Instead of iterating over available Xe devices within a testcase, without being able to distinguish potential failures from different devices on system with many Xe devices, introduce helpers that will allow to treat each Xe device as a parameter for the testcase like: static void bar(struct kunit *test) { struct xe_device *xe = test->priv; ... } struct kunit_case foo_live_tests[] = { KUNIT_CASE_PARAM(bar, xe_pci_live_device_gen_param), {} }; struct kunit_suite foo_suite = { .name = "foo_live", .test_cases = foo_live_tests, .init = xe_kunit_helper_xe_device_live_test_init, }; Signed-off-by: Michal Wajdeczko Reviewed-by: Jonathan Cavitt Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240720142528.530-3-michal.wajdeczko@intel.com commit bd40536ae33911bc74df5ba3b29b573dcb72f904 Author: Michal Wajdeczko Date: Sat Jul 20 16:25:22 2024 +0200 drm/xe: Introduce const cast helper Typically we want to preserve pointer constness when converting from one xe pointer to another, but in some rare cases, like kunit parameter conversions, we might want to discard this constness. Add a helper that we will use to clearly indicate our intention. Signed-off-by: Michal Wajdeczko Reviewed-by: Jonathan Cavitt #v1 Cc: Lucas De Marchi Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240720142528.530-2-michal.wajdeczko@intel.com commit f6f22012e6c73867b959524604984ee5ebfd105f Author: Imre Deak Date: Fri Jul 12 16:57:24 2024 +0300 drm/i915/dp: Don't WARN on failed link-retrain modeset After a bad link state is detected, the sink capabilities with which the link was originally trained could have changed: for instance another sink got connected or the retraining was forced after the rate/lane count got decreased (as a fallback). In these cases the retraining modeset fails as expected also printing a debug message, so don't WARN on it. Reviewed-by: Rodrigo Vivi Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240712135724.660399-3-imre.deak@intel.com commit ec92c47d7d098e85eae7fb25c6bc07158686e675 Author: Imre Deak Date: Fri Jul 12 16:57:23 2024 +0300 drm/i915/dp: Require a valid atomic state for SST link training After the previous patch link training happens always with a valid atomic state, so remove the NOTE comments and asserts which required a valid state only for DP-MST and allowed for a NULL state for DP-SST. Reviewed-by: Suraj Kandpal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240712135724.660399-2-imre.deak@intel.com commit 2885d283cce544cf3619f35f0acb3d073de036e1 Author: Imre Deak Date: Fri Jul 12 16:57:22 2024 +0300 drm/i915/dp: Retrain SST links via a modeset commit Instead of direct calls of the link training functions, use a modeset commit to retrain a DP link in SST mode, similarly to how this is done in DP-MST mode. Originally the current way was chosen presumedly, because there wasn't a well-established way in place for the driver to do an internal (vs. userspace/kernel client) commit. Since then such internal commits became a common place (initial-, HDMI/TC link reset commit), so there is no reason to handle the DP-SST link-retraining case differently. At the end of the current sequence the HW reported a FIFO underrun - without other issues visible to users - because during retraining the link's encoder/port was disabled/re-enabled without also disabling/re-enabling the corresponding pipe/transcoder (as required by the spec); the corresponding underrun error message was suppressed as a known issue. Based on Ankit's test on DG2 the underrun error was still reported as it got detected with some (vblank) delay wrt. other platforms. Switching to a modeset commit resolves these underrun related issues. Cc: Ankit Nautiyal Cc: Ville Syrjälä Reviewed-by: Suraj Kandpal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240712135724.660399-1-imre.deak@intel.com commit be1dcdffa8fadc22ad272f605a53e2a2fd30e7f8 Author: Ohad Sharabi Date: Sun Jul 21 10:13:35 2024 +0300 drm/xe/oa: Don't use hardcoded values The current implementation uses hardcoded values instead of common defines. v2: - Make the commit a regular commit instead of a fixup commit - slightly modify commit message Signed-off-by: Ohad Sharabi Reviewed-by: Ashutosh Dixit Signed-off-by: Ashutosh Dixit Link: https://patchwork.freedesktop.org/patch/msgid/20240721071335.101234-1-osharabi@habana.ai commit d930c19fdff3109e97b610fa10943b7602efcabd Author: Matthew Brost Date: Fri Jul 19 10:29:05 2024 -0700 drm/xe: Build PM into GuC CT layer Take PM ref when any G2H are outstanding, drop when none are outstanding. To safely ensure we have PM ref when in the GuC CT layer, a PM ref needs to be held when scheduler messages are pending too. v2: - Add outer PM protections to xe_file_close (CI) v3: - Only take PM ref 0->1 and drop on 1->0 (Matthew Auld) v4: - Add assert to G2H increment function v5: - Rebase v6: - Declare xe as local variable in xe_file_close (CI) Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Cc: Matthew Auld Cc: Rodrigo Vivi Cc: Nirmoy Das Signed-off-by: Matthew Brost Reviewed-by: Matthew Auld Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240719172905.1527927-5-matthew.brost@intel.com commit 0a382f9bc5dc4744a33970a5ed4df8f9c702ee9e Author: Matthew Brost Date: Fri Jul 19 10:29:04 2024 -0700 drm/xe: Hold a PM ref when GT TLB invalidations are inflight Avoid GT TLB invalidation timeouts by holding a PM ref when invalidations are inflight. v2: - Drop PM ref before signaling fence (CI) v3: - Move invalidation_fence_signal helper in tlb timeout to previous patch (Matthew Auld) Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Cc: Rodrigo Vivi Cc: Nirmoy Das Signed-off-by: Matthew Brost Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240719172905.1527927-4-matthew.brost@intel.com commit 61ac035361ae555ee5a17a7667fe96afdde3d59a Author: Matthew Brost Date: Fri Jul 19 10:29:03 2024 -0700 drm/xe: Drop xe_gt_tlb_invalidation_wait Having two methods to wait on GT TLB invalidations is not ideal. Remove xe_gt_tlb_invalidation_wait and only use GT TLB invalidation fences. In addition to two methods being less than ideal, once GT TLB invalidations are coalesced the seqno cannot be assigned during xe_gt_tlb_invalidation_ggtt/range. Thus xe_gt_tlb_invalidation_wait would not have a seqno to wait one. A fence however can be armed and later signaled. v3: - Add explaination about coalescing to commit message v4: - Don't put dma fence if defined on stack (CI) v5: - Initialize ret to zero (CI) v6: - Use invalidation_fence_signal helper in tlb timeout (Matthew Auld) Signed-off-by: Matthew Brost Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240719172905.1527927-3-matthew.brost@intel.com commit a522b285c6b4b611406d59612a8d7241714d2e31 Author: Matthew Brost Date: Fri Jul 19 10:29:02 2024 -0700 drm/xe: Add xe_gt_tlb_invalidation_fence_init helper Other layers should not be touching struct xe_gt_tlb_invalidation_fence directly, add helper for initialization. v2: - Add dma_fence_get and list init to xe_gt_tlb_invalidation_fence_init Signed-off-by: Matthew Brost Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240719172905.1527927-2-matthew.brost@intel.com commit 075d9b22c8feacd02f3ffdce918d34790a3ba9d1 Author: Nikita Travkin Date: Fri Jul 19 15:03:47 2024 -0700 Input: zinitix - add touchkey support Zinitix touch controllers can use some of the sense lines for virtual keys (like those found on many phones). Add support for those keys. Reviewed-by: Linus Walleij Signed-off-by: Nikita Travkin Link: https://lore.kernel.org/r/20240717-zinitix-tkey-v5-2-52ea4cd4bd50@trvn.ru Signed-off-by: Dmitry Torokhov commit 1dbd1ab556fde75fb9b753ab1efbb6047844b528 Author: Nikita Travkin Date: Fri Jul 19 15:03:30 2024 -0700 dt-bindings: input: zinitix: Document touch-keys support In some configurations the touch controller can support the touch-keys. Document the linux,keycodes property that enables those keys and specifies the keycodes that should be used to report the key events. Reviewed-by: Rob Herring Signed-off-by: Nikita Travkin Link: https://lore.kernel.org/r/20240717-zinitix-tkey-v5-1-52ea4cd4bd50@trvn.ru Signed-off-by: Dmitry Torokhov commit 7e33fc2ff6754b5ff39b11297f713cd0841d9962 Author: Jocelyn Falempe Date: Fri Jul 19 14:20:40 2024 +0200 drm/panic: Add missing static inline to drm_panic_is_enabled() This breaks build if DRM_PANIC is not enabled. Also add the missing include drm_crtc_internal.h in drm_panic.c Fixes: 9f774c42a908 ("drm/panic: Add drm_panic_is_enabled()") Signed-off-by: Jocelyn Falempe Reviewed-by: Michal Wajdeczko Link: https://patchwork.freedesktop.org/patch/msgid/20240719122051.1507927-1-jfalempe@redhat.com commit 240801c5f4f64616569990f744a81448c3d314b6 Author: Charles Wang Date: Wed May 15 16:20:28 2024 -0700 Input: goodix-berlin - add sysfs interface for reading and writing touch IC registers Export a sysfs interface that would allow reading and writing touchscreen IC registers. With this interface many things can be done in usersapce such as firmware updates. An example tool that utilizes this interface for performing firmware updates can be found at [1]. [1] https://github.com/goodix/fwupdate_for_berlin_linux Signed-off-by: Charles Wang Link: https://lore.kernel.org/r/20240514115135.21410-1-charles.goodix@gmail.com Signed-off-by: Dmitry Torokhov commit 26dbffb2a4c4d4639c7b336f6b74a437c23dadd4 Author: Arnd Bergmann Date: Fri Jul 19 09:54:41 2024 +0200 drm/stm: add COMMON_CLK dependency The added lvds driver and a change in the dsi driver resulted in failed builds when COMMON_CLK is disabled: x86_64-linux-ld: drivers/gpu/drm/stm/dw_mipi_dsi-stm.o: in function `dw_mipi_dsi_stm_remove': dw_mipi_dsi-stm.c:(.text+0x51e): undefined reference to `clk_hw_unregister' x86_64-linux-ld: drivers/gpu/drm/stm/lvds.o: in function `lvds_remove': lvds.c:(.text+0xe3): undefined reference to `of_clk_del_provider' x86_64-linux-ld: lvds.c:(.text+0xec): undefined reference to `clk_hw_unregister' x86_64-linux-ld: drivers/gpu/drm/stm/lvds.o: in function `lvds_pll_config': lvds.c:(.text+0xb5d): undefined reference to `clk_hw_get_rate' x86_64-linux-ld: drivers/gpu/drm/stm/lvds.o: in function `lvds_probe': lvds.c:(.text+0x1476): undefined reference to `clk_hw_register' x86_64-linux-ld: lvds.c:(.text+0x148b): undefined reference to `of_clk_hw_simple_get' x86_64-linux-ld: lvds.c:(.text+0x1493): undefined reference to `of_clk_add_hw_provider' x86_64-linux-ld: lvds.c:(.text+0x1535): undefined reference to `clk_hw_unregister' Add this as a dependency for the stm driver itself, since it will be required in practice anyway. Fixes: 185f99b61442 ("drm/stm: dsi: expose DSI PHY internal clock") Fixes: aca1cbc1c986 ("drm/stm: lvds: add new STM32 LVDS Display Interface Transmitter driver") Signed-off-by: Arnd Bergmann Link: https://patchwork.freedesktop.org/patch/msgid/20240719075454.3595358-1-arnd@kernel.org Signed-off-by: Raphael Gallais-Pou commit 3a9b77cee7502f7450c725d4ead2c4a44924d158 Author: Jocelyn Falempe Date: Wed Jul 17 10:48:41 2024 +0200 drm/panic: Remove build time dependency with FRAMEBUFFER_CONSOLE Now that fbcon has the skip_panic option, there is no more conflicts between drm_panic and fbcon. Remove the build time dependency, so they can be both enabled. Signed-off-by: Jocelyn Falempe Reviewed-by: Javier Martinez Canillas Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240717090102.968152-4-jfalempe@redhat.com commit c2c2a91f3868515969a758042887fdc722216525 Author: Jocelyn Falempe Date: Thu Jul 18 11:21:27 2024 +0200 drm/fb-helper: Set skip_panic if the drm driver supports drm panic fb_info->skip_panic flag prevents fbcon from writing to the framebuffer during a kernel panic. So set it when the drm driver implements drm panic, to avoid overwriting the panic screen. Signed-off-by: Jocelyn Falempe Reviewed-by: Javier Martinez Canillas Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240717090102.968152-3-jfalempe@redhat.com commit d20a9f568f99591886ec73b80ff7283486710643 Author: Jocelyn Falempe Date: Wed Jul 17 10:48:40 2024 +0200 fbcon: Add an option to disable fbcon in panic This is required to avoid conflict between DRM_PANIC, and fbcon. If a drm device already handle panic with drm_panic, it should set the skip_panic field in fb_info, so that fbcon will stay quiet, and not overwrite the panic_screen. Signed-off-by: Jocelyn Falempe Reviewed-by: Javier Martinez Canillas Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240717090102.968152-3-jfalempe@redhat.com commit 9f774c42a908affba615bbed7463dd4f904dd5f1 Author: Jocelyn Falempe Date: Wed Jul 17 10:48:39 2024 +0200 drm/panic: Add drm_panic_is_enabled() It allows to check if the drm device supports drm_panic. Prepare the work to have better integration with fbcon and vtconsole. Signed-off-by: Jocelyn Falempe Reviewed-by: Javier Martinez Canillas Reviewed-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240717090102.968152-2-jfalempe@redhat.com commit ef824286128eddaa19cc62fedde198e2055bffff Author: Yannick Fertre Date: Fri Jul 12 15:14:53 2024 +0200 drm/stm: ltdc: remove reload interrupt The reload interrupt is not used by the driver. To avoid unnecessary calls of the interrupt routine, don't enable it. Solve small typo and add mask to simplify the driver. Signed-off-by: Yannick Fertre Link: https://patchwork.freedesktop.org/patch/msgid/20240712131453.98597-1-yannick.fertre@foss.st.com Signed-off-by: Raphael Gallais-Pou commit ab59c6b20588b9fad9fe90c30a4af4bf56e6e7c6 Author: Yannick Fertre Date: Fri Jul 12 15:14:23 2024 +0200 drm/stm: ltdc: add mask for lxcr register The purpose of this mask is to simplify writing to the lxcr register and not to forget any fields. Signed-off-by: Yannick Fertre Link: https://patchwork.freedesktop.org/patch/msgid/20240712131423.98405-1-yannick.fertre@foss.st.com Signed-off-by: Raphael Gallais-Pou commit 02fa62d41c8abff945bae5bfc3ddcf4721496aca Author: Yannick Fertre Date: Fri Jul 12 15:13:44 2024 +0200 drm/stm: ltdc: reset plane transparency after plane disable The plane's opacity should be reseted while the plane is disabled. It prevents from seeing a possible global or layer background color set earlier. Signed-off-by: Yannick Fertre Link: https://patchwork.freedesktop.org/patch/msgid/20240712131344.98113-1-yannick.fertre@foss.st.com Signed-off-by: Raphael Gallais-Pou commit d5070c9b29440c270b534bbacd636b8fa558e82b Author: Thomas Zimmermann Date: Thu Jul 18 12:44:17 2024 +0200 drm/mgag200: Implement struct drm_crtc_funcs.get_vblank_timestamp Implement struct drm_crtc_funcs.get_vblank_timestamp with the DRM helper drm_crtc_vblank_helper_get_vblank_timestamp() with its helper get_scanout_position. Read the scanout position from the MGAREG_VCOUNT register. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240718104551.575912-8-tzimmermann@suse.de commit 89c6ea2006e2d39b125848fb0195c08fa0b354be Author: Thomas Zimmermann Date: Thu Jul 18 12:44:16 2024 +0200 drm/mgag200: Add vblank support There's no VBLANK interrupt on Matrox chipsets. The workaround that is being used here and in other free Matrox drivers is to program to the value of and enable the VLINE interrupt. This triggers an interrupt at the time when VBLANK begins. VLINE uses separate registers for enabling and clearing pending interrupts. No extra synchronization between irq handler and the rest of the driver is required. v6: - clear VLINE status bit before registering IRQ (Jocelyn) v5: - disable all interrupts before registering IRQ (Jocelyn) - don't read from ICLEAR (Jocelyn) v4: - recreate patch on latest upstream - use devm_request_irq() for managed cleanup - fail if vblanking cannot be initialized - rename register constants (Sam, Emil) - clear interrupt before registering handler (Ville) - move programming into separate commit - set to - fix typo in commit message v3: - set to + 1 to trigger at VBLANK - expand comment on linecomp v2: - only signal vblank on CRTC 0 - use constants for registers and fields - set VLINECLR before enabling interrupt - test against STATUS and IEN in irq handler - coding-style fixes Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Acked-by: Gerd Hoffmann Acked-by: Sam Ravnborg Tested-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240718104551.575912-7-tzimmermann@suse.de commit ad16682db18f4414e53bba1ce0db75b08bdc4dff Author: Michal Wajdeczko Date: Thu Jul 18 22:31:55 2024 +0200 drm/xe/vf: Fix register value lookup We should use the number of actual entries stored in the runtime register buffer, not the maximum number of entries that this buffer can hold, otherwise bsearch() may fail and we may miss the data and wrongly report unexpected access to some registers. Fixes: 4edadc41a3a4 ("drm/xe/vf: Use register values obtained from the PF") Signed-off-by: Michal Wajdeczko Cc: Piotr Piórkowski Cc: Matt Roper Reviewed-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240718203155.486-1-michal.wajdeczko@intel.com commit 5cd522b5331b348302fe410dab1cd070e4fd6998 Author: Thomas Zimmermann Date: Thu Jul 18 12:44:15 2024 +0200 drm/mgag200: Add dedicted variable for field Replace the line-compare value of with a dedicated variable . Improves readability and prepares for vblank support. Signed-off-by: Thomas Zimmermann Acked-by: Sam Ravnborg Link: https://patchwork.freedesktop.org/patch/msgid/20240718104551.575912-6-tzimmermann@suse.de commit d6460bd52c27fde97d6a73e3d9c7a8d747fbaa3e Author: Thomas Zimmermann Date: Thu Jul 18 12:44:14 2024 +0200 drm/mgag200: Add dedicated variables for blanking fields Represent fields for horizontal and vertical blanking with , , and . Aligns the code with the Matrox programming manuals. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240718104551.575912-5-tzimmermann@suse.de commit e8f834b559621d634a939381caf99a024e272211 Author: Thomas Zimmermann Date: Thu Jul 18 12:44:13 2024 +0200 drm/mgag200: Use adjusted mode values for CRTCs Use the values with the crtc_ prefix from struct drm_display_mode to program hardware. The DRM core adjusted these values to the requirements of CRTC hardware. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240718104551.575912-4-tzimmermann@suse.de commit b345b3542d66fea49bff53288d347ccb06fa1b3a Author: Thomas Zimmermann Date: Thu Jul 18 12:44:12 2024 +0200 drm/mgag200: Align register field names with documentation In mgag200_set_mode_regs(), align variable names with the field names given in the Matrox programming manuals. Makes the code and docs grep- able. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240718104551.575912-3-tzimmermann@suse.de commit 754c9129b9494b2b058add1d1a627fb3c9466a03 Author: Thomas Zimmermann Date: Thu Jul 18 12:44:11 2024 +0200 drm/mgag200: Use hexadecimal register indeces In mgag200_set_mode_regs(), use hexadecimal indices for accessing registers. Aligns the code with the register indices in the Matrox programming manuals. Also convert to lower-case hexadecimal values. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240718104551.575912-2-tzimmermann@suse.de commit 2149ded63079449b8dddf9da38392632f155e6b5 Author: Umesh Nerlige Ramappa Date: Thu Jul 18 14:05:48 2024 -0700 drm/xe: Fix use after free when client stats are captured xe_file_close triggers an asynchronous queue cleanup and then frees up the xef object. Since queue cleanup flushes all pending jobs and the KMD stores client usage stats into the xef object after jobs are flushed, we see a use-after-free for the xef object. Resolve this by taking a reference to xef from xe_exec_queue. While at it, revert an earlier change that contained a partial work around for this issue. v2: - Take a ref to xef even for the VM bind queue (Matt) - Squash patches relevant to that fix and work around (Lucas) v3: Fix typo (Lucas) Fixes: ce62827bc294 ("drm/xe: Do not access xe file when updating exec queue run_ticks") Fixes: 6109f24f87d7 ("drm/xe: Add helper to accumulate exec queue runtime") Closes: https://gitlab.freedesktop.org/drm/xe/kernel/issues/1908 Signed-off-by: Umesh Nerlige Ramappa Reviewed-by: Matthew Brost Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240718210548.3580382-5-umesh.nerlige.ramappa@intel.com Signed-off-by: Lucas De Marchi commit a2387e69493df3de706f14e4573ee123d23d5d34 Author: Umesh Nerlige Ramappa Date: Thu Jul 18 14:05:47 2024 -0700 drm/xe: Take a ref to xe file when user creates a VM Take a reference to xef when user creates the VM and put the reference when user destroys the VM. Signed-off-by: Umesh Nerlige Ramappa Reviewed-by: Matthew Brost Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240718210548.3580382-4-umesh.nerlige.ramappa@intel.com Signed-off-by: Lucas De Marchi commit ce8c161cbad43f4056451e541f7ae3471d0cca12 Author: Umesh Nerlige Ramappa Date: Thu Jul 18 14:05:46 2024 -0700 drm/xe: Add ref counting for xe_file Add ref counting for xe_file. v2: - Add kernel doc for exported functions (Matt) - Instead of xe_file_destroy, export the get/put helpers (Lucas) v3: Fixup the kernel-doc format and description (Matt, Lucas) Signed-off-by: Umesh Nerlige Ramappa Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240718210548.3580382-3-umesh.nerlige.ramappa@intel.com Signed-off-by: Lucas De Marchi commit 3d0c4a62cc553c6ffde4cb11620eba991e770665 Author: Umesh Nerlige Ramappa Date: Thu Jul 18 14:05:45 2024 -0700 drm/xe: Move part of xe_file cleanup to a helper In order to make xe_file ref counted, move destruction of xe_file members to a helper. v2: Move xe_vm_close_and_put back into xe_file_close (Matt) Signed-off-by: Umesh Nerlige Ramappa Reviewed-by: Matthew Brost Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240718210548.3580382-2-umesh.nerlige.ramappa@intel.com Signed-off-by: Lucas De Marchi commit 0c977ff2b807aa53f655f095b0a306f18d8cf7be Author: Dr. David Alan Gilbert Date: Mon May 20 13:55:51 2024 +0100 drm/bridge: analogix: remove unused struct 'bridge_init' commit 6a1688ae8794 ("drm/bridge: ptn3460: Convert to I2C driver model") has dropped all the users of the struct bridge_init from the exynos_dp_core, while retaining unused structure definition. Later on the driver was reworked and the definition migrated to the analogix_dp driver. Remove unused struct bridge_init definition. Signed-off-by: Dr. David Alan Gilbert Reviewed-by: Dmitry Baryshkov Link: https://patchwork.freedesktop.org/patch/msgid/20240520125551.11534-1-linux@treblig.org Signed-off-by: Dmitry Baryshkov commit 7108b4a589cd6d3a2c1276fd610b3500f46de66a Author: Lucas De Marchi Date: Wed Jul 10 15:02:27 2024 -0700 drm/xe/uapi: Expose SIMD16 EU mask in topology query PVC, Xe2 and later platforms have 16-wide EUs. We were implicitly reporting for PVC the number of 16-wide EUs without giving userspace any hint that they were different than for other platforms. Xe2 and later also have 16-wide, but in those cases the reported number would correspond to the 8-wide count. To avoid confusion and make sure the right number is used by userspace depending on the platform, add a new item to the topology query and drop the one that is not available. The new mask reported for both PVC and Xe2 should now match the numbers reported via hwconfig. v2: Use a different topo item with EU type in its name to report the new mask instead of adding the type itself as the item (Matt Roper) Reviewed-by: Matt Roper Acked-by: José Roberto de Souza Acked-by: Mateusz Jablonski Acked-by: Wenbin Lu Acked-by: Effie Yu Acked-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240710220446.2169797-1-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit e4a0251d36fc6c190c545aa95702eec0efe05a4f Author: John Harrison Date: Fri Jun 21 17:46:36 2024 -0700 drm/i915/guc: Extend w/a 14019159160 There is a new part to an existing workaround, so enable that piece as well. v2: Extend even further. v3: Drop DG2 as there are CI failures still to resolve. Also re-order the parameters to a function to reduce excessive line wrapping. Signed-off-by: John Harrison Reviewed-by: Vinay Belgaumkar Signed-off-by: Daniele Ceraolo Spurio Link: https://patchwork.freedesktop.org/patch/msgid/20240622004636.662081-3-John.C.Harrison@Intel.com commit 104bcfae57d80c484185c012cc0ee8d8d5889a7e Author: John Harrison Date: Fri Jun 21 17:46:35 2024 -0700 drm/i915/arl: Enable Wa_14019159160 for ARL The context switch out workaround also applies to ARL. Signed-off-by: John Harrison Reviewed-by: Vinay Belgaumkar Signed-off-by: Daniele Ceraolo Spurio Link: https://patchwork.freedesktop.org/patch/msgid/20240622004636.662081-2-John.C.Harrison@Intel.com commit 5e4e1ed6b87b6b3a3531cd8b5cfa9c3b09d841b2 Author: Matthew Brost Date: Wed Jul 17 07:04:29 2024 -0700 drm/xe: Remove unused xe_sync_entry_wait xe_sync_entry_wait is no longer used, remove it. Signed-off-by: Matthew Brost Reviewed-by: Thomas Hellström Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240717140429.1396820-2-matthew.brost@intel.com commit 0fde907da2d5fd4da68845e96c6842497159c858 Author: Matthew Brost Date: Wed Jul 17 07:04:28 2024 -0700 drm/xe: Validate user fence during creation Fail invalid addresses during user fence creation. Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Matthew Brost Reviewed-by: Thomas Hellström Reviewed-by: Nirmoy Das Link: https://patchwork.freedesktop.org/patch/msgid/20240717140429.1396820-1-matthew.brost@intel.com commit d75dec1fcbcb05b021c08b62551649567ab8955c Author: Jonathan Cavitt Date: Fri Jul 12 14:41:56 2024 -0700 drm/i915: Allow NULL memory region Prevent a NULL pointer access in intel_memory_regions_hw_probe. Fixes: 05da7d9f717b ("drm/i915/gem: Downgrade stolen lmem setup warning") Reported-by: Dan Carpenter Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/11704 Signed-off-by: Jonathan Cavitt Reviewed-by: Nirmoy Das Reviewed-by: Andi Shyti Signed-off-by: Andi Shyti Link: https://patchwork.freedesktop.org/patch/msgid/20240712214156.3969584-1-jonathan.cavitt@intel.com commit 99e0fb8b087120b5a7019f1cff6c5c2b5b925ae5 Author: Simona Vetter Date: Wed Jul 10 11:31:16 2024 +0200 drm: Add might_fault to drm_modeset_lock priming We already teach lockdep that dma_resv nests within drm_modeset_lock, but there's a lot more: All drm kms ioctl rely on being able to put/get_user while holding modeset locks, so we really need a might_fault in there too to complete the picture. Add it. Motivated by a syzbot report that blew up on bcachefs doing an unconditional console_lock way deep in the locking hierarchy, and lockdep only noticing the depency loop in a drm ioctl instead of much earlier. This annotation will make sure such issues have a much harder time escaping. References: https://lore.kernel.org/dri-devel/00000000000073db8b061cd43496@google.com/ Signed-off-by: Daniel Vetter Cc: Maarten Lankhorst Cc: Maxime Ripard Cc: Thomas Zimmermann Cc: Sumit Semwal Cc: "Christian König" Cc: linux-media@vger.kernel.org Cc: linaro-mm-sig@lists.linaro.org Reviewed-by: Christian König Signed-off-by: Daniel Vetter Link: https://patchwork.freedesktop.org/patch/msgid/20240710093120.732208-1-daniel.vetter@ffwll.ch commit ca5442ed8f5383f86bb9b4d66eeb816cd90aeb3b Author: Cristian Ciocaltea Date: Thu Jul 11 14:26:55 2024 +0300 drm/bridge-connector: Fix double free in error handling paths The recent switch to drmm allocation in drm_bridge_connector_init() may cause double free on bridge_connector in some of the error handling paths. Drop the explicit kfree() calls on bridge_connector. Fixes: c12907be57b1 ("drm/bridge-connector: switch to using drmm allocations") Signed-off-by: Cristian Ciocaltea Reviewed-by: Dmitry Baryshkov Signed-off-by: Robert Foss Link: https://patchwork.freedesktop.org/patch/msgid/20240711-bridge-connector-fix-dbl-free-v1-1-d558b2d0eb93@collabora.com commit bc657615e10ddd7637dcc05811194ad7e2baea33 Author: Alexander Stein Date: Wed Jul 3 14:27:15 2024 +0200 drm/bridge: Silence error messages upon probe deferral When -EPROBE_DEFER is returned do not raise an error, but silently return this error instead. Fixes error like this: [drm:drm_bridge_attach] *ERROR* failed to attach bridge /soc@0/bus@30800000/mipi-dsi@30a00000 to encoder None-34: -517 [drm:drm_bridge_attach] *ERROR* failed to attach bridge /soc@0/bus@30800000/mipi-dsi@30a00000 to encoder None-34: -517 Signed-off-by: Alexander Stein Reviewed-by: Robert Foss Signed-off-by: Robert Foss Link: https://patchwork.freedesktop.org/patch/msgid/20240703122715.4004765-1-alexander.stein@ew.tq-group.com commit 275aa53f59df769802f28a0a623019aadab2e05d Author: Nirmoy Das Date: Wed Jul 17 14:59:50 2024 +0200 drm/xe/pm: Add trace for pm functions Add trace for xe pm function for better debuggability. v2: Fix indentation and add trace for xe_pm_runtime_get_ioctl Cc: Matthew Brost Cc: Rodrigo Vivi Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240717125950.9952-1-nirmoy.das@intel.com Signed-off-by: Nirmoy Das commit 775d0adc01a55fe0458139330415d86bb3533efe Author: Uma Shankar Date: Wed Jul 17 13:52:52 2024 +0530 drm/xe/fbdev: Limit the usage of stolen for LNL+ As per recommendation in the workarounds: WA_22019338487 There is an issue with accessing Stolen memory pages due a hardware limitation. Limit the usage of stolen memory for fbdev for LNL+. Don't use BIOS FB from stolen on LNL+ and assign the same from system memory. v2: Corrected the WA Number, limited WA to LNL and Adopted XE_WA framework as suggested by Lucas and Matt. v3: Introduced the waxxx_display to implement display side of WA changes on Lunarlake. Used xe_root_mmio_gt and avoid the for loop (Suggested by Lucas) v4: Fixed some nits (Luca) Reviewed-by: Lucas De Marchi Signed-off-by: Uma Shankar Link: https://patchwork.freedesktop.org/patch/msgid/20240717082252.3875909-1-uma.shankar@intel.com commit 3849c6ff3a1517e4c8a6d004d9cb31241c849713 Author: Akshata Jahagirdar Date: Wed Jul 17 21:10:08 2024 +0000 drm/xe/xe2: Do not run xe_bo_test for xe2+ dgfx In xe2+ dgfx, we don't need to handle the copying of ccs metadata during migration. This test validates the ccs data post clear and copy during evict/restore operation. Thus, we can skip this test on xe2+ dgfx. Signed-off-by: Akshata Jahagirdar Reviewed-by: Himal Prasad Ghimiray Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/57d9df82ad02e53c9b0d2a7d40bb27acce57b927.1721250309.git.akshata.jahagirdar@intel.com commit 8a92e2a67f627e69dd52aa9c2d3176be13aef2cc Author: Akshata Jahagirdar Date: Wed Jul 17 21:10:07 2024 +0000 drm/xe/migrate: Add kunit to test migration functionality for BMG This part of kunit verifies that - main data is decompressed and ccs data is clear post bo eviction. - main data is raw copied and ccs data is clear post bo restore. v2: Added missing bo_put()/bo_unlock() (Matt Auld) Signed-off-by: Akshata Jahagirdar Reviewed-by: Himal Prasad Ghimiray Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/1d36d4377c566508e42b3fb80d3fe4a588fd00ca.1721250309.git.akshata.jahagirdar@intel.com commit 523f191cc0c728a02a7e5fd0ec26526c41f399ef Author: Akshata Jahagirdar Date: Wed Jul 17 21:10:06 2024 +0000 drm/xe/xe_migrate: Handle migration logic for xe2+ dgfx During eviction (vram->sysmem), we use compressed -> uncompressed mapping. During restore (sysmem->vram), we need to use mapping from uncompressed -> uncompressed. Handle logic for selecting the compressed identity map for eviction, and selecting uncompressed map for restore operations. v2: Move check of xe_migrate_ccs_emit() before calling xe_migrate_ccs_copy(). (Nirmoy) Signed-off-by: Akshata Jahagirdar Reviewed-by: Matthew Auld Reviewed-by: Himal Prasad Ghimiray Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/79b3a016e686a662ae68c32b5fc7f0f2ac8043e9.1721250309.git.akshata.jahagirdar@intel.com commit 2b808d6b2919cb2fe92901e5087da7b4ed4b9e07 Author: Akshata Jahagirdar Date: Wed Jul 17 21:10:05 2024 +0000 drm/xe/xe2: Introduce identity map for compressed pat for vram Xe2+ has unified compression (exactly one compression mode/format), where compression is now controlled via PAT at PTE level. This simplifies KMD operations, as it can now decompress freely without concern for the buffer's original compression format—unlike DG2, which had multiple compression formats and thus required copying the raw CCS state during VRAM eviction. In addition mixed VRAM and system memory buffers were not supported with compression enabled. On Xe2 dGPU compression is still only supported with VRAM, however we can now support compression with VRAM and system memory buffers, with GPU access being seamless underneath. So long as when doing VRAM -> system memory the KMD uses compressed -> uncompressed, to decompress it. This also allows CPU access to such buffers, assuming that userspace first decompress the corresponding pages being accessed. If the pages are already in system memory then KMD would have already decompressed them. When restoring such buffers with sysmem -> VRAM the KMD can't easily know which pages were originally compressed, so we always use uncompressed -> uncompressed here. With this it also means we can drop all the raw CCS handling on such platforms (including needing to allocate extra CCS storage). In order to support this we now need to have two different identity mappings for compressed and uncompressed VRAM. In this patch, we set up the additional identity map for the VRAM with compressed pat_index. We then select the appropriate mapping during migration/clear. During eviction (vram->sysmem), we use the mapping from compressed -> uncompressed. During restore (sysmem->vram), we need the mapping from uncompressed -> uncompressed. Therefore, we need to have two different mappings for compressed and uncompressed vram. We set up an additional identity map for the vram with compressed pat_index. We then select the appropriate mapping during migration/clear. v2: Formatting nits, Updated code to match recent changes in xe_migrate_prepare_vm(). (Matt) v3: Move identity map loop to a helper function. (Matt Brost) v4: Split helper function in different patch, and add asserts and nits. (Matt Brost) v5: Convert the 2 bool arguments of pte_update_size to flags argument (Matt Brost) v6: Formatting nits (Matt Brost) Signed-off-by: Akshata Jahagirdar Reviewed-by: Himal Prasad Ghimiray Reviewed-by: Matthew Brost Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/b00db5c7267e54260cb6183ba24b15c1e6ae52a3.1721250309.git.akshata.jahagirdar@intel.com commit 8d79acd567db183e675cccc6cc737d2959e2a2d9 Author: Akshata Jahagirdar Date: Wed Jul 17 21:10:04 2024 +0000 drm/xe/migrate: Add helper function to program identity map Add an helper function to program identity map. v2: Formatting nits Signed-off-by: Akshata Jahagirdar Reviewed-by: Matthew Brost Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/91dc05f05bd33076fb9a9f74f8495b48d2abff53.1721250309.git.akshata.jahagirdar@intel.com commit 54f07cfc016226c3959e0b3b7ed306124d986ce4 Author: Akshata Jahagirdar Date: Wed Jul 17 21:10:03 2024 +0000 drm/xe/migrate: Add kunit to test clear functionality This test verifies if the main and ccs data are cleared during bo creation. The motivation to use Kunit instead of IGT is that, although we can verify whether the data is zero following bo creation, we cannot confirm whether the zero value after bo creation is the result of our clear function or simply because the initial data present was zero. v2: Updated the mutex_lock and unlock logic, Changed out_unlock to out_put. (Matt) v3: Added missing dma_fence_put(). (Nirmoy) v4: Rebase. v5: Add missing bo_put(), bo_unlock() calls. (Matt Auld) Signed-off-by: Akshata Jahagirdar Reviewed-by: Himal Prasad Ghimiray Acked-by: Nirmoy Das Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/c07603439b88cfc99e78c0e2069327e65d5aa87d.1721250309.git.akshata.jahagirdar@intel.com commit 108c972a11c5f6e37be58207460d9bcac06698db Author: Akshata Jahagirdar Date: Wed Jul 17 21:10:02 2024 +0000 drm/xe/migrate: Handle clear ccs logic for xe2 dgfx For Xe2 dGPU, we clear the bo by modifying the VRAM using an uncompressed pat index which then indirectly updates the compression status as uncompressed i.e zeroed CCS. So xe_migrate_clear() should be updated for BMG to not emit CCS surf copy commands. v2: Moved xe_device_needs_ccs_emit() to xe_migrate.c and changed name to xe_migrate_needs_ccs_emit() since its very specific to migration.(Matt) Signed-off-by: Akshata Jahagirdar Reviewed-by: Matthew Auld Reviewed-by: Himal Prasad Ghimiray Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/8dd869dd8dda5e17ace28c04f1a48675f5540874.1721250309.git.akshata.jahagirdar@intel.com commit 452bca0edbd0764ca0284239d5438b3edd305ab3 Author: Matthew Brost Date: Mon Jul 15 23:39:02 2024 -0700 drm/xe: Don't suspend device upon wedge When wedging a device we shouldn't be suspending device as state for debug will be lost. Also this appears to not work as the below stack trace pops upon trying to resume a wedged device: [ 304.245044] INFO: task cat:12115 blocked for more than 151 seconds. [ 304.251333] Tainted: G W 6.10.0-rc7-xe+ #3518 [ 304.257617] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 304.265459] task:cat state:D stack:13384 pid:12115 tgid:12115 ppid:3986 flags:0x00000006 [ 304.265465] Call Trace: [ 304.265467] [ 304.265469] __schedule+0x3c4/0xdf0 [ 304.265478] schedule+0x3c/0x140 [ 304.265481] rpm_resume+0x1cc/0x740 [ 304.265484] ? __pfx_autoremove_wake_function+0x10/0x10 [ 304.265489] __pm_runtime_resume+0x49/0x80 [ 304.265494] guc_info+0x6b/0xb0 [xe] [ 304.265538] ? __pfx___drm_printfn_seq_file+0x10/0x10 [ 304.265541] ? __pfx___drm_puts_seq_file+0x10/0x10 [ 304.265545] seq_read_iter+0x111/0x4c0 [ 304.265551] seq_read+0xfc/0x140 [ 304.265556] full_proxy_read+0x58/0x80 [ 304.265560] vfs_read+0xa7/0x360 [ 304.265563] ? find_held_lock+0x2b/0x80 [ 304.265568] ksys_read+0x64/0xe0 [ 304.265571] do_syscall_64+0x68/0x140 [ 304.265575] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 304.265578] RIP: 0033:0x7f4254d14992 [ 304.265580] RSP: 002b:00007ffc558666f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 304.265583] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f4254d14992 [ 304.265584] RDX: 0000000000020000 RSI: 00007f4254ebb000 RDI: 0000000000000003 [ 304.265586] RBP: 00007f4254ebb000 R08: 00007f4254eba010 R09: 00007f4254eba010 [ 304.265587] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000022000 [ 304.265588] R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000 [ 304.265593] [ 304.265594] Showing all locks held in the system: [ 304.265598] 1 lock held by khungtaskd/57: [ 304.265599] #0: ffffffff8273b860 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x36/0x1c0 [ 304.265607] 3 locks held by kworker/6:1/90: [ 304.265610] 1 lock held by in:imklog/547: [ 304.265611] #0: ffff88810498cd88 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x76/0xc0 [ 304.265620] 1 lock held by dmesg/1310: v2: Drop local 'err' variable (Jonathan) Fixes: 8ed9aaae39f3 ("drm/xe: Force wedged state and block GT reset upon any GPU hang") Cc: Rodrigo Vivi Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240716063902.1390130-2-matthew.brost@intel.com commit 7dbe8af13c189f5937e87e9fb924d5bbc49e6f71 Author: Matthew Brost Date: Mon Jul 15 23:39:01 2024 -0700 drm/xe: Wedge the entire device Wedge the entire device, not just GT which may have triggered the wedge. To implement this, cleanup the layering so xe_device_declare_wedged() calls into the lower layers (GT) to ensure entire device is wedged. While we are here, also signal any pending GT TLB invalidations upon wedging device. Lastly, short circuit reset wait if device is wedged. v2: - Short circuit reset wait if device is wedged (Local testing) Fixes: 8ed9aaae39f3 ("drm/xe: Force wedged state and block GT reset upon any GPU hang") Cc: Rodrigo Vivi Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240716063902.1390130-1-matthew.brost@intel.com commit e02cea83d32d3a616c9ef8b6b50a83444a6bbcbf Author: Alexander Usyskin Date: Mon Jul 8 11:49:06 2024 +0300 drm/xe/gsc: add Battlemage support Add heci_cscfi support bit for new CSC engine type. It has same mmio offsets as DG2 GSC but separate interrupt flow. Signed-off-by: Alexander Usyskin Reviewed-by: Rodrigo Vivi Signed-off-by: Daniele Ceraolo Spurio Link: https://patchwork.freedesktop.org/patch/msgid/20240708084906.2827024-1-alexander.usyskin@intel.com commit dce2a224763ce968445e14c43b49321936309c75 Author: Uros Bizjak Date: Wed Jun 5 20:13:16 2024 +0200 locking/atomic/x86: Redeclare x86_32 arch_atomic64_{add,sub}() as void Correct the return type of x86_32 arch_atomic64_add() and arch_atomic64_sub() functions to 'void' and remove redundant return. Signed-off-by: Uros Bizjak Signed-off-by: Ingo Molnar Cc: Linus Torvalds Link: https://lore.kernel.org/r/20240605181424.3228-2-ubizjak@gmail.com commit 6e30a7c98a9fda2f894e970e9cd637657f39c59d Author: Uros Bizjak Date: Wed Jun 5 20:13:15 2024 +0200 locking/atomic/x86: Introduce the read64_nonatomic macro to x86_32 with cx8 As described in commit: e73c4e34a0e9 ("locking/atomic/x86: Introduce arch_atomic64_read_nonatomic() to x86_32") the value preload before the CMPXCHG loop does not need to be atomic. Introduce the read64_nonatomic assembly macro to load the value from a atomic_t location in a faster non-atomic way and use it in atomic64_cx8_32.S. Signed-off-by: Uros Bizjak Signed-off-by: Ingo Molnar Cc: Linus Torvalds Link: https://lore.kernel.org/r/20240605181424.3228-1-ubizjak@gmail.com commit e1a261ba599eec97e1c5c7760d5c3698fc24e6a6 Author: Jocelyn Falempe Date: Tue Jul 2 14:26:04 2024 +0200 printk: Add a short description string to kmsg_dump() kmsg_dump doesn't forward the panic reason string to the kmsg_dumper callback. This patch adds a new struct kmsg_dump_detail, that will hold the reason and description, and pass it to the dump() callback. To avoid updating all kmsg_dump() call, it adds a kmsg_dump_desc() function and a macro for backward compatibility. I've written this for drm_panic, but it can be useful for other kmsg_dumper. It allows to see the panic reason, like "sysrq triggered crash" or "VFS: Unable to mount root fs on xxxx" on the drm panic screen. v2: * Use a struct kmsg_dump_detail to hold the reason and description pointer, for more flexibility if we want to add other parameters. (Kees Cook) * Fix powerpc/nvram_64 build, as I didn't update the forward declaration of oops_to_nvram() Signed-off-by: Jocelyn Falempe Acked-by: Petr Mladek Acked-by: Michael Ellerman (powerpc) Acked-by: Kees Cook Link: https://patchwork.freedesktop.org/patch/msgid/20240702122639.248110-1-jfalempe@redhat.com commit 0af8cd2822f31ed8363223329e5cff2a7ed01961 Author: Nick Morrow Date: Thu Jul 11 01:14:23 2024 +0300 wifi: rtw88: 8821cu: Remove VID/PID 0bda:c82c Remove VID/PID 0bda:c82c as it was inadvertently added to the device list in driver rtw8821cu. This VID/PID is for the rtw8822cu device and it is already in the appropriate place for that device. Cc: stable@vger.kernel.org Signed-off-by: Nick Morrow Signed-off-by: Bitterblue Smith Acked-by: Ping-Ke Shih Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/335d7fa1-0ba5-4b86-bba5-f98834ace1f8@gmail.com commit 315c23a64e99552502dd4d18d6ddc073fad9a7c3 Author: Bitterblue Smith Date: Thu Jul 11 01:11:33 2024 +0300 wifi: rtw88: usb: Support USB 3 with RTL8822CU/RTL8822BU The Realtek wifi 5 devices which support USB 3 are weird: when first plugged in, they pretend to be USB 2. The driver needs to send some commands to the device, which make it disappear and come back as a USB 3 device. Implement the required commands in rtw88. When a USB 3 device is plugged into a USB 2 port, rtw88 will try to switch it to USB 3 mode only once. The device will disappear and come back still in USB 2 mode, of course. Some people experience heavy interference in the 2.4 GHz band in USB 3 mode, so add a module parameter switch_usb_mode with the default value 1 to let people disable the switching. Signed-off-by: Bitterblue Smith Acked-by: Ping-Ke Shih Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/77906c62-5674-426f-bde1-1b2a12a0339d@gmail.com commit d64270128bf551d68f47122c8893ea78bfbad8be Author: Colin Ian King Date: Wed Jul 10 12:22:53 2024 +0100 wifi: rtw89: 8852bt: rfk: Fix spelling mistake "KIP_RESOTRE" -> "KIP_RESTORE" There is a spelling mistake in a literal string. Fix it. Signed-off-by: Colin Ian King Acked-by: Ping-Ke Shih Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/20240710112253.228171-1-colin.i.king@gmail.com commit 8fbcaa308591b91e9037ab6a8d733873b749a70d Author: Bitterblue Smith Date: Sat Jul 6 01:40:58 2024 +0300 wifi: rtw88: Set efuse->ext_lna_5g - fix typo efuse->ext_lna_2g is set twice and efuse->ext_lna_5g is not set at all. Set each one once. Nothing uses these members right now. They will be used by the RTL8821AU and RTL8812AU drivers. Signed-off-by: Bitterblue Smith Acked-by: Ping-Ke Shih Signed-off-by: Ping-Ke Shih Link: https://patch.msgid.link/8ccc9e13-0d45-417d-8f88-93a0ad294f77@gmail.com commit a237f217bad50c381773da5b00442710d1449098 Author: Clayton Craft Date: Mon May 20 15:18:36 2024 -0700 drm/panel-edp: Add entry for BOE NV133WUM-N63 panel This panel is found on some laptops e.g., variants of the Thinkpad X13s. Signed-off-by: Clayton Craft Link: https://patchwork.freedesktop.org/patch/msgid/20240520221836.16031-1-clayton@craftyguy.net [DB: moved the entry to the proper place] Signed-off-by: Dmitry Baryshkov commit 9480db72e17b5efd38f592a3c79d35af42ee0a25 Author: Marek Vasut Date: Fri May 31 22:27:21 2024 +0200 drm: lcdif: Use adjusted_mode .clock instead of .crtc_clock In case an upstream bridge modified the required clock frequency in its .atomic_check callback by setting adjusted_mode.clock , make sure that clock frequency is generated by the LCDIFv3 block. This is useful e.g. when LCDIFv3 feeds DSIM which feeds TC358767 with (e)DP output, where the TC358767 expects precise timing on its input side, the precise timing must be generated by the LCDIF. Signed-off-by: Marek Vasut Reviewed-by: Alexander Stein Link: https://patchwork.freedesktop.org/patch/msgid/20240531202813.277109-1-marex@denx.de commit 2f99ffd8d730caddadb5e0257ff8c3faf16c6ee6 Author: Jacky Bai Date: Mon Jul 15 20:07:21 2024 -0400 Input: bbnsm_pwrkey - fix missed key press after suspend Report input event directly on wakeup to ensure no press event is missed when resuming from suspend. Signed-off-by: Jacky Bai Reviewed-by: Peng Fan Acked-by: Jason Liu Signed-off-by: Frank Li Link: https://lore.kernel.org/r/20240716000721.3485597-1-Frank.Li@nxp.com Signed-off-by: Dmitry Torokhov commit 5d33d04e0c20ac7a2379d47e80acded8ab0af631 Author: Dmitry Torokhov Date: Wed Jul 10 16:51:21 2024 -0700 MAINTAINERS: update entry for Yealink driver Remove reference to no longer working usbb2k-api-dev@nongnu.org mailing list. Signed-off-by: Dmitry Torokhov commit dd29eadee1e8f07bbec57dddf4befbcd3e3c0af7 Author: Dmitry Torokhov Date: Sat Jul 13 23:00:28 2024 -0700 Input: msc_touchkey - remove the driver MCS-5000/5080 chips belong to the 1st generation of Melfas chips, manufactured in 2000-2007. The driver relies on custom platform data (no DT support) and there never were any users of this driver in the mainline kernel. It is likely that the driver was (like mcs5000_ts driver) was tested on S3C6410 NCP board (with Samsung S3C6410 SoC), but the touchkey device was never added to the board file. This board was removed in v6.3 in commit 743c8fbb90ca ("ARM: s3c: remove most s3c64xx board support"). Remove the driver since there are no users. Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240714060029.1528662-2-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit e8858fc07eb8386b9b6436d3e86eeb4b81e4f660 Author: Dmitry Torokhov Date: Sat Jul 13 23:00:27 2024 -0700 Input: msc5000_ts - remove the driver MCS-5000 belongs to the 1st generation of Melfas chips, manufactured in 2000-2007. The driver relies on custom platform data (no DT support) and there never were any users of this driver in the mainline kernel. The commit adding the driver mentioned that the driver was tested on S3C6410 NCP board (with Samsung S3C6410 SoC) but the touchscreen device was never added to the board file. This board was removed in v6.3 in commit 743c8fbb90ca ("ARM: s3c: remove most s3c64xx board support"). Remove the driver since there are no users. Reviewed-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/20240714060029.1528662-1-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit d04f939352ba70104adccf92691f9e971c309544 Author: Dmitry Torokhov Date: Thu Jul 11 22:18:50 2024 -0700 Input: usbtouchscreen - switch to using __free() cleanup facility Use __free(kfree) cleanup facility when allocating temporary buffers for USB transfers. Reviewed-by: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240712051851.3463657-8-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit f784adb66df7582316fe24f9507fc1f5d4d635b4 Author: Dmitry Torokhov Date: Thu Jul 11 22:18:49 2024 -0700 Input: usbtouchscreen - use guard notation when acquiring mutexes This makes the code more compact and error handling more robust. Reviewed-by: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240712051851.3463657-7-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 7f787df1ac447e13ede6022061ecc2903afec26e Author: Dmitry Torokhov Date: Thu Jul 11 22:18:48 2024 -0700 Input: usbtouchscreen - split device info table into individual pieces Instead of using a single table containing information about various touchscreens and enums to match the driver ID table data with chip information define individual per-protocol instances of usbtouch_device_info structure and reference them directly from the usbtouch_devices ID table. This is simpler, safer, and uses less memory in case some protocols are disabled. Reviewed-by: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240712051851.3463657-6-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 830f06c01789e1da6d8e7a92b9cf50dc14610181 Author: Dmitry Torokhov Date: Thu Jul 11 22:18:47 2024 -0700 Input: usbtouchscreen - constify usbtouch_dev_info table The data in this table is shared between all instances of the touchscreens so it should not be modified. Reviewed-by: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240712051851.3463657-5-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit fbb1c92282fac71b07ec59c5501d4b7751f5d48d Author: Dmitry Torokhov Date: Thu Jul 11 22:18:46 2024 -0700 Input: usbtouchscreen - move process_pkt() into main device structure In preparation of splitting big usbtouch_dev_info table into separate per-protocol structures and constifying them move process_pkt() from the device info into main drvice structure and set it up in probe(). We can derive if we should use single- or multi-packet handling based on presence of get_pkt_len() method. Reviewed-by: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240712051851.3463657-4-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit ca95a47e29b2f9455c6673a9daeead437e940a7d Author: Dmitry Torokhov Date: Thu Jul 11 22:18:45 2024 -0700 Input: usbtouchscreen - move the driver ID table Move the driver's ID table closer to where it is used in preparation to it using pointers to device info/parameters instead of device type enum. Reviewed-by: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240712051851.3463657-3-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 9f2feb06142c08b9b89bc1763247824bee0e00b4 Author: Dmitry Torokhov Date: Thu Jul 11 22:18:44 2024 -0700 Input: usbtouchscreen - remove custom USB_DEVICE_HID_CLASS macro There already exists perfectly suitable USB_DEVICE_INTERFACE_CLASS macro, use it. Reviewed-by: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240712051851.3463657-2-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit 6797e19d9aa4b0cf134a2b4ccf4db8005cda35cf Author: Dmitry Torokhov Date: Thu Jul 11 22:18:43 2024 -0700 Input: usbtouchscreen - use driver core to instantiate device attributes Instead of manually creating driver-specific device attributes set struct usb_driver->dev_groups pointer to have the driver core do it. Reviewed-by: Greg Kroah-Hartman Link: https://lore.kernel.org/r/20240712051851.3463657-1-dmitry.torokhov@gmail.com Signed-off-by: Dmitry Torokhov commit d13df21d62aaf3c7a8a07b5e5c659b7b75947814 Author: Javier Carrasco Date: Fri Apr 12 22:57:35 2024 +0200 Input: adc-joystick - use device_for_each_child_node_scoped() Switch to the _scoped() version introduced in commit 365130fd47af ("device property: Introduce device_for_each_child_node_scoped()") to remove the need for manual calling of fwnode_handle_put() in the paths where the code exits the loop early. In this case the err_fwnode_put label was no longer necessary and the error code is returned directly. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240412-input_device_for_each_child_node_scoped-v1-6-dbad1bc7ea84@gmail.com Signed-off-by: Dmitry Torokhov commit 44f9c7c5f5368738019d71e5b4bdf8de952c584a Author: Javier Carrasco Date: Fri Apr 12 22:57:34 2024 +0200 Input: adc-keys - use device_for_each_child_node_scoped() Switch to the _scoped() version introduced in commit 365130fd47af ("device property: Introduce device_for_each_child_node_scoped()") to remove the need for manual calling of fwnode_handle_put() in the paths where the code exits the loop early. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240412-input_device_for_each_child_node_scoped-v1-5-dbad1bc7ea84@gmail.com Signed-off-by: Dmitry Torokhov commit 1102db75c5ce9df1214ba06b69e00f6fe4dc19c1 Author: Javier Carrasco Date: Fri Apr 12 22:57:33 2024 +0200 Input: gpio_keys_polled - use device_for_each_child_node_scoped() Switch to the _scoped() version introduced in commit 365130fd47af ("device property: Introduce device_for_each_child_node_scoped()") to remove the need for manual calling of fwnode_handle_put() in the paths where the code exits the loop early. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240412-input_device_for_each_child_node_scoped-v1-4-dbad1bc7ea84@gmail.com Signed-off-by: Dmitry Torokhov commit c90a85197428de2c7effdc71063df51513be7113 Author: Javier Carrasco Date: Fri Apr 12 22:57:32 2024 +0200 Input: gpio_keys - use device_for_each_child_node_scoped() Switch to the _scoped() version introduced in commit 365130fd47af ("device property: Introduce device_for_each_child_node_scoped()") to remove the need for manual calling of fwnode_handle_put() in the paths where the code exits the loop early. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240412-input_device_for_each_child_node_scoped-v1-3-dbad1bc7ea84@gmail.com Signed-off-by: Dmitry Torokhov commit 4f210af5ebc166d0b0219459024c13208295bae7 Author: Javier Carrasco Date: Fri Apr 12 22:57:31 2024 +0200 Input: qt1050 - use device_for_each_child_node_scoped() Switch to the _scoped() version introduced in commit 365130fd47af ("device property: Introduce device_for_each_child_node_scoped()") to remove the need for manual calling of fwnode_handle_put() in the paths where the code exits the loop early. In this case the err label was no longer necessary and EINVAL is returned directly. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240412-input_device_for_each_child_node_scoped-v1-2-dbad1bc7ea84@gmail.com Signed-off-by: Dmitry Torokhov commit 4256d472010e742a1ff7558d02ed867d378695d9 Author: Javier Carrasco Date: Fri Apr 12 22:57:30 2024 +0200 Input: iqs269a - use device_for_each_child_node_scoped() Switch to the _scoped() version introduced in commit 365130fd47af ("device property: Introduce device_for_each_child_node_scoped()") to remove the need for manual calling of fwnode_handle_put() in the paths where the code exits the loop early. Signed-off-by: Javier Carrasco Link: https://lore.kernel.org/r/20240412-input_device_for_each_child_node_scoped-v1-1-dbad1bc7ea84@gmail.com Signed-off-by: Dmitry Torokhov commit 3daee2e4b3568f0ed88b0598df96547fcf21cb9b Merge: f3efefb6fdcce6 0c383648248120 Author: Dmitry Torokhov Date: Mon Jul 15 15:50:05 2024 -0700 Merge tag 'v6.10' into next Sync up with mainline to bring in device_for_each_child_node_scoped() and other newer APIs. commit 7df0be6e6280c6fca01d039864bb123e5e36604b Author: Nitin Gote Date: Thu Jul 11 22:02:08 2024 +0530 drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8 We're seeing a GPU hang issue on a CHV platform, which was caused by commit bac24f59f454 ("drm/i915/execlists: Enable coarse preemption boundaries for Gen8"). The Gen8 platform only supports timeslicing and doesn't have a preemption mechanism, as its engines do not have a preemption timer. Commit 751f82b353a6 ("drm/i915/gt: Only disable preemption on Gen8 render engines") addressed this issue only for render engines. This patch extends that fix by ensuring that preemption is not considered for all engines on Gen8 platforms. v4: - Use the correct Fixes tag (Rodrigo Vivi) - Reworded commit log (Andi Shyti) v3: - Inside need_preempt(), condition of can_preempt() is not required as simplified can_preempt() is enough. (Chris Wilson) v2: Simplify can_preempt() function (Tvrtko Ursulin) Fixes: 751f82b353a6 ("drm/i915/gt: Only disable preemption on gen8 render engines") Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/11396 Suggested-by: Andi Shyti Signed-off-by: Nitin Gote Cc: Chris Wilson CC: # v5.12+ Reviewed-by: Jonathan Cavitt Reviewed-by: Andi Shyti Signed-off-by: Andi Shyti Link: https://patchwork.freedesktop.org/patch/msgid/20240711163208.1355736-1-nitin.r.gote@intel.com commit b96c312551b241bc17226c5347c6d6b38a1efd3e Author: Thorsten Blum Date: Tue Jul 9 23:56:58 2024 +0200 ring-buffer: Use vma_pages() helper function Use the vma_pages() helper function and fix the following Coccinelle/coccicheck warning reported by vma_pages.cocci: WARNING: Consider using vma_pages helper on vma Rename the local variable vma_pages accordingly. Signed-off-by: Thorsten Blum Link: https://lore.kernel.org/20240709215657.322071-2-thorsten.blum@toblux.com Signed-off-by: Steven Rostedt (Google) commit 94dfa500e7deddceff22768bb994f0fa67bd2fd0 Author: Dan Carpenter Date: Thu Jun 20 11:49:57 2024 +0300 tracing: Fix NULL vs IS_ERR() check in enable_instances() The trace_array_create_systems() function returns error pointers, not NULL. Fix the check to match. Cc: Masami Hiramatsu Cc: Mathieu Desnoyers Fixes: e645535a954a ("tracing: Add option to use memmapped memory for trace boot instance") Link: https://lore.kernel.org/9b23ea03-d709-435f-a309-461c3d747457@moroto.mountain Signed-off-by: Dan Carpenter Signed-off-by: Steven Rostedt (Google) commit 45d30c828c613441bfbe5c97ca766854152b7181 Author: Michal Wajdeczko Date: Sat Jul 13 16:26:43 2024 +0200 drm/xe/vf: Track writes to inaccessible registers from VF Only limited set of registers is accessible for the VF driver and the hardware will silently drop writes to inaccessible registers. To improve our VF driver lets intercept all such writes to warn about such unexpected writes on debug builds or optionally allow to provide some substitution (as a potential future extension). Signed-off-by: Michal Wajdeczko Cc: Gustavo Sousa Cc: Piotr Piórkowski Reviewed-by: Piotr Piórkowski Link: https://patchwork.freedesktop.org/patch/msgid/20240713142643.1242-2-michal.wajdeczko@intel.com commit 58b5618ba80a5e5a8d531a70eae12070e5bd713f Author: Alexander F. Lent Date: Tue Jul 9 07:54:14 2024 -0400 accel/ivpu: Add missing MODULE_FIRMWARE metadata Modules that load firmware from various paths at runtime must declare those paths at compile time, via the MODULE_FIRMWARE macro, so that the firmware paths are included in the module's metadata. The accel/ivpu driver loads firmware but lacks this metadata, preventing dracut from correctly locating firmware files. Fix it. Fixes: 9ab43e95f922 ("accel/ivpu: Switch to generation based FW names") Fixes: 02d5b0aacd05 ("accel/ivpu: Implement firmware parsing and booting") Signed-off-by: Alexander F. Lent Reviewed-by: Jacek Lawrynowicz Signed-off-by: Jacek Lawrynowicz Link: https://patchwork.freedesktop.org/patch/msgid/20240709-fix-ivpu-firmware-metadata-v3-1-55f70bba055b@xanderlent.com commit 98491f020ada2d38930cee4d6c7317b379898801 Author: Jiapeng Chong Date: Mon Jun 24 10:41:13 2024 +0800 drm/stm: ltdc: Remove unused function plane_to_ltdc The function are defined in the ltdc.c file, but not called anywhere, so delete the unused function. drivers/gpu/drm/stm/ltdc.c:494:35: warning: unused function 'encoder_to_ltdc'. Reported-by: Abaci Robot Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=9403 Signed-off-by: Jiapeng Chong Acked-by: Yannick Fertre Link: https://patchwork.freedesktop.org/patch/msgid/20240624024113.54850-1-jiapeng.chong@linux.alibaba.com Signed-off-by: Raphael Gallais-Pou commit 19dd9780b7ac673be95bf6fd6892a184c9db611f Author: Katya Orlova Date: Fri Feb 16 15:50:40 2024 +0300 drm/stm: Avoid use-after-free issues with crtc and plane ltdc_load() calls functions drm_crtc_init_with_planes(), drm_universal_plane_init() and drm_encoder_init(). These functions should not be called with parameters allocated with devm_kzalloc() to avoid use-after-free issues [1]. Use allocations managed by the DRM framework. Found by Linux Verification Center (linuxtesting.org). [1] https://lore.kernel.org/lkml/u366i76e3qhh3ra5oxrtngjtm2u5lterkekcz6y2jkndhuxzli@diujon4h7qwb/ Signed-off-by: Katya Orlova Acked-by: Raphaël Gallais-Pou Link: https://patchwork.freedesktop.org/patch/msgid/20240216125040.8968-1-e.orlova@ispras.ru Signed-off-by: Raphael Gallais-Pou commit fd39730c58890cd7f0a594231e19bb357f28877c Author: Claudiu Beznea Date: Wed May 31 10:28:54 2023 +0300 drm/stm: ltdc: check memory returned by devm_kzalloc() devm_kzalloc() can fail and return NULL pointer. Check its return status. Identified with Coccinelle (kmerr.cocci script). Fixes: 484e72d3146b ("drm/stm: ltdc: add support of ycbcr pixel formats") Signed-off-by: Claudiu Beznea Acked-by: Raphael Gallais-Pou Link: https://patchwork.freedesktop.org/patch/msgid/20230531072854.142629-1-claudiu.beznea@microchip.com Signed-off-by: Raphael Gallais-Pou commit 3ac9384061b250ee40eda5facff10b85e2d5d3d8 Author: Thomas Zimmermann Date: Thu Jul 11 09:23:06 2024 +0200 drm/mgag200: Rename BMC vidrst names The BMC's scanout synchronization is only indirectly related to the VIDRST functionality. Do some renaming. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240711072415.11831-4-tzimmermann@suse.de commit 7bb97cf915884956311352eae3f444eaaae48cea Author: Thomas Zimmermann Date: Thu Jul 11 09:23:05 2024 +0200 drm/mgag200: Remove vidrst callbacks from struct mgag200_device_funcs The callbacks disable_vidrst and enable_vidrst are obsolete. Remove the fields from struct mgag200_device_funcs. Instead call their implementations directly of the field 'has_vidrst' has been set in struct mgag200_device_info. Also change the logic slightly. The BMC used to start and stop scanout during the CRTC's atomic_enable and atomic_disable. Plane updates were done while the BMC scanned out the display. Now only stop once in atomic_disable at the beginning of a modeset and then restart the scanout at the end of a modeset in atomic_enable. While the modeset takes place, the BMC does not scanout at all. Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240711072415.11831-3-tzimmermann@suse.de commit cd3a2e8b0a0367c636cd82efaf7802cf85ae5dad Author: Thomas Zimmermann Date: Thu Jul 11 09:23:04 2024 +0200 drm/mgag200: Only set VIDRST bits in CRTC modesetting The VRSTEN and HRSTEN bits control whether a CRTC synchronizes its display signal with an external source on the VIDRST pin. The G200WB and G200EW3 models synchronize with a BMC chip, but different external video encoders, such as the Matrox Maven, can also be attached to the pin. Only set VRSTEN and HRSTEN bits in the CRTC mode-setting code, so the bits are independent from the BMC. Add the field set_vidrst to the CRTC state for this purpose. Off by default, control the CRTC VIDRST setting from the CRTC's atomic_check helper. v3: - don't clear bits unnecessary (Jocelyn) v2: - keep logic entirely in CRTC (Jocelyn) Signed-off-by: Thomas Zimmermann Reviewed-by: Jocelyn Falempe Link: https://patchwork.freedesktop.org/patch/msgid/20240711072415.11831-2-tzimmermann@suse.de commit 8bb30798fd6ee79e4041a32ca85b9f70345d8671 Author: Jiapeng Chong Date: Mon Jul 15 10:10:26 2024 +0800 sched_ext: Fixes incorrect type in bpf_scx_init() The type_id is defined as u32type, if(type_id<0) is invalid, hence modified its type to s32. ./kernel/sched/ext.c:4958:5-12: WARNING: Unsigned expression compared with zero: type_id < 0. Reported-by: Abaci Robot Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=9523 Signed-off-by: Jiapeng Chong Signed-off-by: Tejun Heo commit 0b91c6dacae24a1393f99f8154037c56454c277c Author: Maíra Canal Date: Thu Jul 11 11:25:24 2024 -0300 drm/v3d: Expose memory stats through fdinfo Use the common DRM function `drm_show_memory_stats()` to expose standard fdinfo memory stats. V3D exposes global GPU memory stats through debugfs. Those stats will be preserved while the DRM subsystem doesn't have a standard solution to expose global GPU stats. Signed-off-by: Maíra Canal Reviewed-by: Tvrtko Ursulin Link: https://patchwork.freedesktop.org/patch/msgid/20240711142736.783816-1-mcanal@igalia.com commit c48abf099d5126fb93a941685df56e064d716175 Author: Tvrtko Ursulin Date: Thu Jul 11 14:53:40 2024 +0100 drm/v3d: Add some local variables in queries/extensions Add some local variables to make the code a bit less verbose, with the main benefit being pulling some lines to under 80 columns wide. Signed-off-by: Tvrtko Ursulin Reviewed-by: Maíra Canal Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240711135340.84617-12-tursulin@igalia.com commit 96bc9049ba41f99178f31658082891ff9850e522 Author: Tvrtko Ursulin Date: Thu Jul 11 14:53:39 2024 +0100 drm/v3d: Prefer get_user for scalar types It makes it just a tiny bit more obvious what is going on. Signed-off-by: Tvrtko Ursulin Reviewed-by: Maíra Canal Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240711135340.84617-11-tursulin@igalia.com commit 3ef80d4ed6ff8441195a90a7897db3b67f38cd95 Author: Tvrtko Ursulin Date: Thu Jul 11 14:53:38 2024 +0100 drm/v3d: Move perfmon init completely into own unit Now that the build time dependencies on various array sizes have been removed, we can move the perfmon init completely into its own compilation unit and remove the hardcoded defines. This improves on the temporary fix quickly delivered in commit 9c3951ec27b9 ("drm/v3d: Fix perfmon build error/warning"). Signed-off-by: Tvrtko Ursulin References: 9c3951ec27b9 ("drm/v3d: Fix perfmon build error/warning") Reviewed-by: Maíra Canal Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240711135340.84617-10-tursulin@igalia.com commit 1be825c5c060b6239f7c8ef45880f885f9dba056 Author: Tvrtko Ursulin Date: Thu Jul 11 14:53:37 2024 +0100 drm/v3d: Do not use intermediate storage when copying performance query results Removing the intermediate buffer removes the last use of the V3D_MAX_COUNTERS define, which will enable further driver cleanup. While at it pull the 32 vs 64 bit copying decision outside the loop in order to reduce the number of conditional instructions. Signed-off-by: Tvrtko Ursulin Reviewed-by: Iago Toral Quiroga Reviewed-by: Maíra Canal Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240711135340.84617-9-tursulin@igalia.com commit c9d6630f7c67a5c6cc2ba90f1abbd0dff7d8eca9 Author: Tvrtko Ursulin Date: Thu Jul 11 14:53:36 2024 +0100 drm/v3d: Size the kperfmon_ids array at runtime Instead of statically reserving pessimistic space for the kperfmon_ids array, make the userspace extension code allocate the exactly required amount of space. Apart from saving some memory at runtime, this also removes the need for the V3D_MAX_PERFMONS macro whose removal will benefit further driver cleanup. Signed-off-by: Tvrtko Ursulin Reviewed-by: Maíra Canal Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240711135340.84617-8-tursulin@igalia.com commit 4bd75a81e61ab691154a83068a694c9af44e2dd6 Author: Tvrtko Ursulin Date: Thu Jul 11 14:53:35 2024 +0100 drm/v3d: Move part of copying of reset/copy performance extension to a helper The loop which looks up the syncobj and copies the kperfmon ids is identical so lets move it to a helper. The only change is replacing copy_from_user with get_user when copying a scalar. Signed-off-by: Tvrtko Ursulin Reviewed-by: Maíra Canal Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240711135340.84617-7-tursulin@igalia.com commit a546b7e4d73c23838d7e4d2c92882b3ca902d213 Author: Tvrtko Ursulin Date: Thu Jul 11 14:53:34 2024 +0100 drm/v3d: Validate passed in drm syncobj handles in the performance extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking handle was looked up successfully or otherwise fail the extension by jumping into the existing unwind. Signed-off-by: Tvrtko Ursulin Fixes: bae7cb5d6800 ("drm/v3d: Create a CPU job extension for the reset performance query job") Cc: Maíra Canal Cc: Iago Toral Quiroga Cc: stable@vger.kernel.org # v6.8+ Reviewed-by: Maíra Canal Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240711135340.84617-6-tursulin@igalia.com commit 8d1276d1b8f738c3afe1457d4dff5cc66fc848a3 Author: Tvrtko Ursulin Date: Thu Jul 11 14:53:33 2024 +0100 drm/v3d: Validate passed in drm syncobj handles in the timestamp extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking handle was looked up successfully or otherwise fail the extension by jumping into the existing unwind. Signed-off-by: Tvrtko Ursulin Fixes: 9ba0ff3e083f ("drm/v3d: Create a CPU job extension for the timestamp query job") Cc: Maíra Canal Cc: Iago Toral Quiroga Cc: stable@vger.kernel.org # v6.8+ Reviewed-by: Maíra Canal Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240711135340.84617-5-tursulin@igalia.com commit 484de39fa5f5b7bd0c5f2e2c5265167250ef7501 Author: Tvrtko Ursulin Date: Thu Jul 11 14:53:32 2024 +0100 drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. Fix it by exporting and using a common cleanup helper. Signed-off-by: Tvrtko Ursulin Fixes: bae7cb5d6800 ("drm/v3d: Create a CPU job extension for the reset performance query job") Cc: Maíra Canal Cc: Iago Toral Quiroga Cc: stable@vger.kernel.org # v6.8+ Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240711135340.84617-4-tursulin@igalia.com commit 753ce4fea62182c77e1691ab4f9022008f25b62e Author: Tvrtko Ursulin Date: Thu Jul 11 14:53:31 2024 +0100 drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drm_syncobj_put. Fix it by exporting and using a common cleanup helper. Signed-off-by: Tvrtko Ursulin Fixes: 9ba0ff3e083f ("drm/v3d: Create a CPU job extension for the timestamp query job") Cc: Maíra Canal Cc: Iago Toral Quiroga Cc: stable@vger.kernel.org # v6.8+ Reviewed-by: Maíra Canal Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240711135340.84617-3-tursulin@igalia.com commit f32b5128d2c440368b5bf3a7a356823e235caabb Author: Tvrtko Ursulin Date: Thu Jul 11 14:53:30 2024 +0100 drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be copied into. Signed-off-by: Tvrtko Ursulin Fixes: bae7cb5d6800 ("drm/v3d: Create a CPU job extension for the reset performance query job") Cc: Maíra Canal Cc: Iago Toral Quiroga Cc: stable@vger.kernel.org # v6.8+ Reviewed-by: Iago Toral Quiroga Reviewed-by: Maíra Canal Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240711135340.84617-2-tursulin@igalia.com commit 86c5b70a9c0c3f05f7002ef8b789460c96b54e27 Author: Tejas Upadhyay Date: Tue Jul 9 21:26:06 2024 +0530 drm/xe/xe2: Add Wa_15015404425 Wa_15015404425 asks us to perform four "dummy" writes to a non-existent register offset before every real register read. Although the specific offset of the writes doesn't directly matter, the workaround suggests offset 0x130030 as a good target so that these writes will be easy to recognize and filter out in debugging traces. V5(MattR): - Avoid negating an equality comparison V4(MattR): - Use writel and remove xe_reg usage V3(MattR): - Define dummy reg local to function - Avoid tracing dummy writes - Update commit message V2: - Add WA to 8/16/32bit reads also - MattR - Corrected dummy reg address - MattR - Use for loop to avoid mental pause - JaniN Reviewed-by: Matt Roper Signed-off-by: Tejas Upadhyay Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240709155606.2998941-1-tejas.upadhyay@intel.com commit 4c3fe5eae46b92e2fd961b19f7779608352e5368 Author: Michal Wajdeczko Date: Thu Jul 11 21:23:19 2024 +0200 drm/xe/pf: Limit fair VF LMEM provisioning Due to the current design of the BO and VRAM manager, any object with XE_BO_FLAG_PINNED flag, which the PF driver uses during VF LMEM provisionining, is created with the TTM_PL_FLAG_CONTIGUOUS flag, which may cause VRAM fragmentation that prevents subsequent allocations of larger objects, like fair VF LMEM provisioning. To avoid such failures, round down fair VF LMEM provisioning size to next power of two size, to compensate what xe_ttm_vram_mgr is doing to achieve contiguous allocations. Fixes: ac6598aed1b3 ("drm/xe/pf: Add support to configure SR-IOV VFs") Signed-off-by: Michal Wajdeczko Reviewed-by: Piotr Piórkowski Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240711192320.1198-2-michal.wajdeczko@intel.com Signed-off-by: Lucas De Marchi commit 1edab907b57d42e2dcf4c16a00185a89209e8700 Author: Tejun Heo Date: Fri Jul 12 08:20:33 2024 -1000 sched_ext/scx_qmap: Pick idle CPU for direct dispatch on !wakeup enqueues Because there was no way to directly dispatch to the local DSQ of a remote CPU from ops.enqueue(), scx_qmap skipped looking for an idle CPU on !wakeup enqueues. This restriction was removed and sched_ext now allows SCX_DSQ_LOCAL_ON verdicts for direct dispatches. Factor out pick_direct_dispatch_cpu() from ops.select_cpu() and use it to direct dispatch from ops.enqueue() on !wakeup enqueues. Signed-off-by: Tejun Heo Acked-by: David Vernet Cc: Dan Schatzberg Cc: Changwoo Min Cc: Andrea Righi commit 5b26f7b920f76b2b9cc398c252a9e35e44bf5bb9 Author: Tejun Heo Date: Fri Jul 12 08:20:33 2024 -1000 sched_ext: Allow SCX_DSQ_LOCAL_ON for direct dispatches In ops.dispatch(), SCX_DSQ_LOCAL_ON can be used to dispatch the task to the local DSQ of any CPU. However, during direct dispatch from ops.select_cpu() and ops.enqueue(), this isn't allowed. This is because dispatching to the local DSQ of a remote CPU requires locking both the task's current and new rq's and such double locking can't be done directly from ops.enqueue(). While waking up a task, as ops.select_cpu() can pick any CPU and both ops.select_cpu() and ops.enqueue() can use SCX_DSQ_LOCAL as the dispatch target to dispatch to the DSQ of the picked CPU, the BPF scheduler can still do whatever it wants to do. However, while a task is being enqueued for a different reason, e.g. after its slice expiration, only ops.enqueue() is called and there's no way for the BPF scheduler to directly dispatch to the local DSQ of a remote CPU. This gap in API forces schedulers into work-arounds which are not straightforward or optimal such as skipping direct dispatches in such cases. Implement deferred enqueueing to allow directly dispatching to the local DSQ of a remote CPU from ops.select_cpu() and ops.enqueue(). Such tasks are temporarily queued on rq->scx.ddsp_deferred_locals. When the rq lock can be safely released, the tasks are taken off the list and queued on the target local DSQs using dispatch_to_local_dsq(). v2: - Add missing return after queue_balance_callback() in schedule_deferred(). (David). - dispatch_to_local_dsq() now assumes that @rq is locked but unpinned and thus no longer takes @rf. Updated accordingly. - UP build warning fix. Signed-off-by: Tejun Heo Tested-by: Andrea Righi Acked-by: David Vernet Cc: Dan Schatzberg Cc: Changwoo Min commit f47a818950dd5e5d16eb6e9c1713bb0bc61649cd Author: Tejun Heo Date: Fri Jul 12 08:20:33 2024 -1000 sched_ext: s/SCX_RQ_BALANCING/SCX_RQ_IN_BALANCE/ and add SCX_RQ_IN_WAKEUP SCX_RQ_BALANCING is used to mark that the rq is currently in balance(). Rename it to SCX_RQ_IN_BALANCE and add SCX_RQ_IN_WAKEUP which marks whether the rq is currently enqueueing for a wakeup. This will be used to implement direct dispatching to local DSQ of another CPU. Signed-off-by: Tejun Heo Acked-by: David Vernet commit 3cf78c5d01d61e6a4289c5856198235011f5e84b Author: Tejun Heo Date: Fri Jul 12 08:20:32 2024 -1000 sched_ext: Unpin and repin rq lock from balance_scx() sched_ext often needs to migrate tasks across CPUs right before execution and thus uses the balance path to dispatch tasks from the BPF scheduler. balance_scx() is called with rq locked and pinned but is passed @rf and thus allowed to unpin and unlock. Currently, @rf is passed down the call stack so the rq lock is unpinned just when double locking is needed. This creates unnecessary complications such as having to explicitly manipulate lock pinning for core scheduling. We also want to use dispatch_to_local_dsq_lock() from other paths which are called with rq locked but unpinned. rq lock handling in the dispatch path is straightforward outside the migration implementation and extending the pinning protection down the callstack doesn't add enough meaningful extra protection to justify the extra complexity. Unpin and repin rq lock from the outer balance_scx() and drop @rf passing and lock pinning handling from the inner functions. UP is updated to call balance_one() instead of balance_scx() to avoid adding NULL @rf handling to balance_scx(). AS this makes balance_scx() unused in UP, it's put inside a CONFIG_SMP block. No functional changes intended outside of lock annotation updates. Signed-off-by: Tejun Heo Acked-by: David Vernet Cc: Peter Zijlstra Cc: Andrea Righi commit d6a05910d25e1518cb34d9f79b2313587890c5e0 Author: Tejun Heo Date: Fri Jul 12 08:20:32 2024 -1000 sched_ext: Open-code task_linked_on_dsq() task_linked_on_dsq() exists as a helper because it used to test both the rbtree and list nodes. It now only tests the list node and the list node will soon be used for something else too. The helper doesn't improve anything materially and the naming will become confusing. Open-code the list node testing and remove task_linked_on_dsq() Signed-off-by: Tejun Heo Acked-by: David Vernet commit fc283116d008654c8dd6ccb222372cf011d3bb80 Author: Tejun Heo Date: Fri Jul 12 08:20:32 2024 -1000 sched: Move struct balance_callback definition upward Move struct balance_callback definition upward so that it's visible to class-specific rq struct definitions. This will be used to embed a struct balance_callback in struct scx_rq. No functional changes. Signed-off-by: Tejun Heo Acked-by: David Vernet Cc: Ingo Molnar Cc: Peter Zijlstra commit 6f1cacf4eba7a3203f08954a7e00b744e43f741c Author: Philipp Stanner Date: Fri Jul 12 08:26:18 2024 +0200 drm/nouveau: Improve variable name in nouveau_sched_init() nouveau_sched_init() uses the function drm_sched_init(). The latter function has parameters called "hang_limit" and "timeout" in its API documentation. nouveau_sched_init(), however, defines a variable called "job_hang_limit" which is passed to drm_sched_init()'s "timeout" parameter. The actual "hang_limit" parameter is directly set to 0. Rename "job_hang_limit" to "timeout". Signed-off-by: Philipp Stanner Signed-off-by: Danilo Krummrich Link: https://patchwork.freedesktop.org/patch/msgid/20240712062618.8057-1-pstanner@redhat.com commit 43a6faa6d9b5e9139758200a79fe9c8f4aaa0c8d Author: Ashutosh Dixit Date: Thu Jul 11 14:12:03 2024 -0700 drm/xe/exec: Fix minor bug related to xe_sync_entry_cleanup Increment num_syncs after xe_sync_entry_parse() is successful to ensure the xe_sync_entry_cleanup() logic under "err_syncs" label works correctly. v2: Use the same pattern as that in xe_vm.c (Matt Brost) Fixes: dd08ebf6c352 ("drm/xe: Introduce a new DRM driver for Intel GPUs") Signed-off-by: Ashutosh Dixit Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240711211203.3728180-1-ashutosh.dixit@intel.com commit d43caea1faf5c31dc02aa1adb8bb1aa1c33bf86f Author: Ville Syrjälä Date: Fri Jul 5 17:52:47 2024 +0300 drm/i915/fbc: Extract intel_fbc_cfb_cpp() Extract a helper to determine the CFB bytes per pixel value. Currently this is always 4, but that could change in the future. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240705145254.3355-14-ville.syrjala@linux.intel.com Reviewed-by: Uma Shankar commit 4d722029930bca7f53d99dbfc300a40dc297dee6 Author: Ville Syrjälä Date: Fri Jul 5 17:52:46 2024 +0300 drm/i915/fbc: Extract _intel_fbc_cfb_size() Pull the lower level stuff out from intel_fbc_cfb_size() into a separate function that doesn't depend on the plane_state. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240705145254.3355-13-ville.syrjala@linux.intel.com Reviewed-by: Uma Shankar commit f89d7664c3617836aecd291c56c8ab63fe228fbd Author: Ville Syrjälä Date: Fri Jul 5 17:52:45 2024 +0300 drm/i915/fbc: Extract intel_fbc_max_cfb_height() Pull the code to determine the maximum CFB height into a separate function. To make this work we need to declare an explicit max height for all older platforms as well. But that is actually just the max plane height as pre-HSW hardware supposedly doesn't have the trick of leaving the extra lines uncompressed. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240705145254.3355-12-ville.syrjala@linux.intel.com Reviewed-by: Uma Shankar commit 4290eaa8424905dcee4daa0666ec841dc3a0bfb3 Author: Ville Syrjälä Date: Fri Jul 5 17:52:44 2024 +0300 drm/i915/fbc: Reoder CFB max height platform checks Rearrange the max CFB max height platform into the more common "new first, old last" order. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240705145254.3355-11-ville.syrjala@linux.intel.com Reviewed-by: Rodrigo Vivi commit 566ad72ba636b745beb8a440bd4c05e779b95728 Author: Ville Syrjälä Date: Fri Jul 5 17:52:43 2024 +0300 drm/i915/fbc: s/lines/height/ Use the more customary name 'height' instead of 'lines'. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240705145254.3355-10-ville.syrjala@linux.intel.com Reviewed-by: Rodrigo Vivi commit 6a1738b3fdd92d48e61de438d05dedbc00fc598f Author: Ville Syrjälä Date: Fri Jul 5 17:52:42 2024 +0300 drm/i915/fbc: Extract _intel_fbc_cfb_stride() Pull the lower level stuff out from intel_fbc_cfb_stride() into a separate function that doesn't depend on the plane_state. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240705145254.3355-9-ville.syrjala@linux.intel.com Reviewed-by: Uma Shankar commit 94900000380300b230dc1bed489b598a2a2c55a1 Author: Ville Syrjälä Date: Fri Jul 5 17:52:41 2024 +0300 drm/i915/fbc: Adjust g4x+ platform checks Do the "is this ilk+ or g4x" checks in the customary order instead of the reverse order. Easier for the poor brain to parse this when it's always done the same way. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240705145254.3355-8-ville.syrjala@linux.intel.com Reviewed-by: Rodrigo Vivi commit 4c46e34e67587b268abc3916c9613426018561e6 Author: Ville Syrjälä Date: Fri Jul 5 17:52:40 2024 +0300 drm/i915/fbc: s/intel_fbc_hw_tracking_covers_screen()/intel_fbc_surface_size_ok()/ Rename intel_fbc_hw_tracking_covers_screen() to intel_fbc_surface_size_ok() so that the naming scheme is the same for the surface size vs. plane size checks. "surface size" is what bspec talks about. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240705145254.3355-7-ville.syrjala@linux.intel.com Reviewed-by: Rodrigo Vivi commit da9bbdb97469383a2ac97435a3b09543d14139fe Author: Ville Syrjälä Date: Fri Jul 5 17:52:39 2024 +0300 drm/i915/fbc: Extract intel_fbc_max_surface_size() Extract intel_fbc_max_surface_size() from intel_fbc_hw_tracking_covers_screen(), mainly to mirror the "max plane size" counterparts. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240705145254.3355-6-ville.syrjala@linux.intel.com Reviewed-by: Rodrigo Vivi commit a5beee65241d25ad20dd814668c975ba13a42615 Author: Ville Syrjälä Date: Fri Jul 5 17:52:38 2024 +0300 drm/i915/fbc: Extract intel_fbc_max_plane_size() Extract intel_fbc_max_plane_size() from intel_fbc_plane_size_valid(). We'll have another use for this soon in determining how much stolen memory we'd like to keep reserved for FBC. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240705145254.3355-5-ville.syrjala@linux.intel.com Reviewed-by: Rodrigo Vivi commit 6c9ee258b1f4e7021224c9bf541fe6b17a03ee40 Author: Ville Syrjälä Date: Fri Jul 5 17:52:37 2024 +0300 drm/i915/fbc: s/_intel_fbc_cfb_stride()/intel_fbc_plane_cfb_stride()/ _intel_fbc_cfb_stride() calculates the CFB stride the hardware would automagically generate from the plane's stride. Rename the function to intel_fbc_plane_cfb_stride() to better reflect its purpose. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240705145254.3355-4-ville.syrjala@linux.intel.com Reviewed-by: Rodrigo Vivi commit fd5a9b950ea8ba2c08ce07418b36b296a04d712b Author: Ville Syrjälä Date: Fri Jul 5 17:52:36 2024 +0300 drm/i915/fbc: Convert to intel_display, mostly Switch the FBC code over to intel_display from i915, as much as possible. This is the future direction so that the display code can be shared between i915 and xe more cleanly. Some of the platform checks and the stolen mem facing stiff still need i915 around though. v2: Drop some redundant to_i915() casts Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240705145254.3355-3-ville.syrjala@linux.intel.com Reviewed-by: Rodrigo Vivi commit bc34d310b578952d37b5200a7fa7475ab2a2bd5e Author: Ville Syrjälä Date: Fri Jul 5 17:52:35 2024 +0300 drm/i915/fbc: Extract intel_fbc_has_fences() Pull the "do we have fences?" check into a single helper in the FBC code. Avoids having to call to outside the display code in multiple places for this. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240705145254.3355-2-ville.syrjala@linux.intel.com Reviewed-by: Rodrigo Vivi commit 09af6037128c101c280c95c56d970ce8475506c2 Author: Ville Syrjälä Date: Mon Jun 24 22:10:20 2024 +0300 drm/i915: Make vrr_{enabling,disabling}() usable outside intel_display.c Give vrr_enabling() and vrr_disabling() slightly fancier names, and pass in the whole atomic state so that they'll be easier to use. We'll need to call at least the disabling part from the DSB code soon enough (so that we can do vblank evasions/etc. correctly on the DSB). Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240624191032.27333-3-ville.syrjala@linux.intel.com Reviewed-by: Animesh Manna commit 3b0974d7b74a908d1caa27f05a97551943e1bffe Author: Ville Syrjälä Date: Mon Jun 24 22:10:19 2024 +0300 drm/i915: Calculate vblank delay more accurately Calculate the vblank delay in the vblank evasion code correctly for interlaced modes. The current code assumes that we won't be using an interlaced mode. That assumption is actually valid since we've defeatured interlaced scanout in commit f71c9b7bc35f ("drm/i915/display: Prune Interlace modes for Display >=12") for DSB capable platforms. However the feature is still present in the hardware, and if we ever find the need to re-enable it seems better to calculate the vblank delay correctly. Signed-off-by: Ville Syrjälä Link: https://patchwork.freedesktop.org/patch/msgid/20240624191032.27333-2-ville.syrjala@linux.intel.com Reviewed-by: Animesh Manna commit e97701a069612ba2fa1d92b56a720b108049df4e Author: Michal Wajdeczko Date: Mon Jul 8 13:12:10 2024 +0200 drm/xe/kunit: Simplify xe_mocs live tests code layout The test case logic is implemented by the functions compiled as part of the core Xe driver module and then exported to build and register the test suite in the live test module. But we don't need to export individual test case functions, we may just export the entire test suite. And we don't need to register this test suite in a separate file, it can be done in the main file of the live test module. Signed-off-by: Michal Wajdeczko Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240708111210.1154-5-michal.wajdeczko@intel.com commit 0237368193e897aadeea9801126c101e33047354 Author: Michal Wajdeczko Date: Mon Jul 8 13:12:09 2024 +0200 drm/xe/kunit: Simplify xe_migrate live tests code layout The test case logic is implemented by the functions compiled as part of the core Xe driver module and then exported to build and register the test suite in the live test module. But we don't need to export individual test case functions, we may just export the entire test suite. And we don't need to register this test suite in a separate file, it can be done in the main file of the live test module. Signed-off-by: Michal Wajdeczko Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240708111210.1154-4-michal.wajdeczko@intel.com commit ff10c99ab1e644fed578dce13e94e372d2c688c3 Author: Michal Wajdeczko Date: Mon Jul 8 13:12:08 2024 +0200 drm/xe/kunit: Simplify xe_dma_buf live tests code layout The test case logic is implemented by the functions compiled as part of the core Xe driver module and then exported to build and register the test suite in the live test module. But we don't need to export individual test case functions, we may just export the entire test suite. And we don't need to register this test suite in a separate file, it can be done in the main file of the live test module. Signed-off-by: Michal Wajdeczko Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240708111210.1154-3-michal.wajdeczko@intel.com commit d6e850acc716d0fad756f09488d198db2077141e Author: Michal Wajdeczko Date: Mon Jul 8 13:12:07 2024 +0200 drm/xe/kunit: Simplify xe_bo live tests code layout The test case logic is implemented by the functions compiled as part of the core Xe driver module and then exported to build and register the test suite in the live test module. But we don't need to export individual test case functions, we may just export the entire test suite. And we don't need to register this test suite in a separate file, it can be done in the main file of the live test module. Signed-off-by: Michal Wajdeczko Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240708111210.1154-2-michal.wajdeczko@intel.com commit 57c2b3e684ba3e82e9944bc1975e047bd1630537 Author: Michal Wajdeczko Date: Fri Jul 5 21:10:57 2024 +0200 drm/xe/kunit: Drop XE_TEST_EXPORT It's unused and can be replaced with VISIBLE_IF_KUNIT if needed. Signed-off-by: Michal Wajdeczko Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240705191057.1110-3-michal.wajdeczko@intel.com commit bd85e00fa489f5374c2bad0eac15842d2ec68045 Author: Michal Wajdeczko Date: Fri Jul 5 21:10:56 2024 +0200 drm/xe/kunit: Kill xe_cur_kunit() We shouldn't use custom helper if there is a official one. Signed-off-by: Michal Wajdeczko Reviewed-by: Lucas De Marchi Link: https://patchwork.freedesktop.org/patch/msgid/20240705191057.1110-2-michal.wajdeczko@intel.com commit f6ca930d974e473fd608fc9aa1759fbe731fe44d Author: José Roberto de Souza Date: Wed Jul 10 14:31:49 2024 -0700 drm/xe: Add process name and PID to job timedout message This will be very helpful for Mesa CI, where it uses PID to match the exacly test that cause timedout/GPU hang and mark that test as failing. Also printing the process name as it might be relavant for human readers. Cc: Rodrigo Vivi Signed-off-by: José Roberto de Souza Reviewed-by: Matthew Brost Link: https://patchwork.freedesktop.org/patch/msgid/20240710213149.57662-1-jose.souza@intel.com commit 61fe488fc78a3024b8d4cafc90a34158f4562dae Author: Imre Deak Date: Mon Jul 8 22:00:27 2024 +0300 drm/i915/dp: Keep cached LTTPR mode up-to-date Nothing depends on the cached LTTPR mode, however for consistency keep it up-to-date with the value programmed to the DPCD register. Reviewed-by: Ville Syrjälä Reviewed-by: Ankit Nautiyal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240708190029.271247-5-imre.deak@intel.com commit 4613aa66e42ba1b0c896495a207b3b26e94e44d5 Author: Imre Deak Date: Mon Jul 8 22:00:26 2024 +0300 drm/i915/dp: Reset cached LTTPR count if number of LTTPRs is unsupported After detection the cached LTTPR count can be checked to determine if LTTPRs in non-transparent mode were detected. Reset the cached LTTPR count if the reported number of LTTPRs is invalid to ensure the above checks work as expected. Reviewed-by: Ville Syrjälä Reviewed-by: Ankit Nautiyal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240708190029.271247-4-imre.deak@intel.com commit 211ad49cf8ccfdc798a719b4d1e000d0a8a9e588 Author: Imre Deak Date: Mon Jul 8 22:00:25 2024 +0300 drm/i915/dp: Don't switch the LTTPR mode on an active link Switching to transparent mode leads to a loss of link synchronization, so prevent doing this on an active link. This happened at least on an Intel N100 system / DELL UD22 dock, the LTTPR residing either on the host or the dock. To fix the issue, keep the current mode on an active link, adjusting the LTTPR count accordingly (resetting it to 0 in transparent mode). v2: Adjust code comment during link training about reiniting the LTTPRs. (Ville) Fixes: 7b2a4ab8b0ef ("drm/i915: Switch to LTTPR transparent mode link training") Reported-and-tested-by: Gareth Yu Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/10902 Cc: # v5.15+ Cc: Ville Syrjälä Reviewed-by: Ville Syrjälä Reviewed-by: Ankit Nautiyal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240708190029.271247-3-imre.deak@intel.com commit a4d5ce61765c08ab364aa4b327f6739b646e6cfa Author: Imre Deak Date: Mon Jul 8 22:00:24 2024 +0300 drm/i915/dp: Reset intel_dp->link_trained before retraining the link Regularly retraining a link during an atomic commit happens with the given pipe/link already disabled and hence intel_dp->link_trained being false. Ensure this also for retraining a DP SST link via direct calls to the link training functions (vs. an actual commit as for DP MST). So far nothing depended on this, however the next patch will depend on link_trained==false for changing the LTTPR mode to non-transparent. Cc: # v5.15+ Cc: Ville Syrjälä Reviewed-by: Ankit Nautiyal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240708190029.271247-2-imre.deak@intel.com commit 0daf44ea9dccfcdb1fe694e9ea85497b6cc3a065 Author: Imre Deak Date: Mon Jul 8 22:00:28 2024 +0300 drm/dp: Add helper to dump an LTTPR PHY descriptor Add a helper to dump the DPCD descriptor for an LTTPR PHY. This is based on [1] and [2] moving the helper to DRM core as suggested by Ville. [1] https://lore.kernel.org/all/20240703155937.1674856-5-imre.deak@intel.com [2] https://lore.kernel.org/all/20240703155937.1674856-6-imre.deak@intel.com Cc: dri-devel@lists.freedesktop.org Cc: Ville Syrjälä Reviewed-by: Ankit Nautiyal Signed-off-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240708190029.271247-6-imre.deak@intel.com commit 993d36ac99efeafeb7b5f12353def6d7d20d6389 Author: Hsin-Yi Wang Date: Wed Jul 10 12:02:19 2024 -0700 drm/panel-edp: Add BOE NV140WUM-N41 The raw edid of the panel is: 00 ff ff ff ff ff ff 00 09 e5 e8 0a 00 00 00 00 2a 1f 01 04 a5 1e 13 78 03 fb f5 96 5d 5a 91 29 1e 50 54 00 00 00 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 9c 3e 80 c8 70 b0 3c 40 30 20 36 00 2e bc 10 00 00 1a 00 00 00 fd 00 28 3c 4c 4c 10 01 0a 20 20 20 20 20 20 00 00 00 fe 00 42 4f 45 20 43 51 0a 20 20 20 20 20 20 00 00 00 fe 00 4e 56 31 34 30 57 55 4d 2d 4e 34 31 0a 00 26 Signed-off-by: Hsin-Yi Wang Reviewed-by: Douglas Anderson Signed-off-by: Douglas Anderson Link: https://patchwork.freedesktop.org/patch/msgid/20240710190235.1095156-1-hsinyi@chromium.org commit 71733b8d7f50b61403f940c6c9745fb3a9b98dcb Author: Tejas Upadhyay Date: Wed Jul 10 10:57:50 2024 +0530 drm/xe/xe2: Make subsequent L2 flush sequential Issuing the flush on top of an ongoing flush is not desirable. Lets use lock to make it sequential. Reviewed-by: Nirmoy Das Signed-off-by: Tejas Upadhyay Link: https://patchwork.freedesktop.org/patch/msgid/20240710052750.3031586-1-tejas.upadhyay@intel.com Signed-off-by: Nirmoy Das commit 9d8c094ddab05db88d183ba82e23be807848cad8 Author: Mario Limonciello Date: Wed Jul 3 00:17:22 2024 -0500 drm/amd: Add power_saving_policy drm property to eDP connectors When the `power_saving_policy` property is set to bit mask "Require color accuracy" ABM should be disabled immediately and any requests by sysfs to update will return an -EBUSY error. When the `power_saving_policy` property is set to bit mask "Require low latency" PSR should be disabled. When the property is restored to an empty bit mask ABM and PSR can be enabled again. Signed-off-by: Mario Limonciello Reviewed-by: Leo Li Signed-off-by: Hamza Mahfooz Link: https://patchwork.freedesktop.org/patch/msgid/20240703051722.328-3-mario.limonciello@amd.com commit 76299a557f36d624ca32500173ad7856e1ad93c0 Author: Mario Limonciello Date: Wed Jul 3 00:17:21 2024 -0500 drm: Introduce 'power saving policy' drm property The `power saving policy` DRM property is an optional property that can be added to a connector by a driver. This property is for compositors to indicate intent of policy of whether a driver can use power saving features that may compromise the experience intended by the compositor. Acked-by: Leo Li Signed-off-by: Mario Limonciello Signed-off-by: Hamza Mahfooz Link: https://patchwork.freedesktop.org/patch/msgid/20240703051722.328-2-mario.limonciello@amd.com commit 0e7f4e6a20d550252c4f355d5a303b1d9c8ff052 Author: Vignesh Raman Date: Thu Jul 4 14:52:02 2024 +0530 drm/ci: uprev IGT Uprev IGT to the latest version, which includes a fix for the writeback tests issue on MSM devices. Enable debugging for igt-runner to log output such as 'Begin test' and 'End test'. This will help identify which test causes system freeze or hangs. Update xfails and add metadata header for each flake test. Signed-off-by: Vignesh Raman Acked-by: Dmitry Baryshkov # msm tests Signed-off-by: Helen Koike Link: https://patchwork.freedesktop.org/patch/msgid/20240704092202.75551-1-vignesh.raman@collabora.com commit 04aee7a847795ff64d4a5fab285dd2764ff22b85 Author: Dinesh Karthikeyan Date: Thu Jul 4 14:35:35 2024 +0530 wifi: ath12k: Support Transmit DE stats Add support to request transmit DE stats from firmware through HTT stats type 8. These stats give information about enqueued packets, discarded packets, failed packets and other information such as power, bandwidth information, number of retries, etc. Sample output: ------------- echo 8 > /sys/kernel/debug/ath12k/pci-0000\:06\:00.0/mac0/htt_stats_type cat /sys/kernel/debug/ath12k/pci-0000\:06\:00.0/mac0/htt_stats HTT_TX_DE_CMN_STATS_TLV: mac_id = 0 tcl2fw_entry_count = 0 not_to_fw = 0 ..... HTT_TX_DE_EAPOL_PACKETS_STATS_TLV: m1_packets = 0 m2_packets = 0 m3_packets = 0 ..... HTT_TX_DE_CLASSIFY_STATS_TLV: arp_packets = 0 igmp_packets = 0 dhcp_packets = 0 ..... HTT_TX_DE_CLASSIFY_FAILED_STATS_TLV: ap_bss_peer_not_found = 0 ap_bcast_mcast_no_peer = 0 sta_delete_in_progress = 0 ..... HTT_TX_DE_CLASSIFY_STATUS_STATS_TLV: eok = 0 classify_done = 0 lookup_failed = 0 ..... HTT_TX_DE_ENQUEUE_PACKETS_STATS_TLV: enqueued_pkts = 0 to_tqm = 0 to_tqm_bypass = 0 HTT_TX_DE_ENQUEUE_DISCARD_STATS_TLV: discarded_pkts = 0 local_frames = 0 is_ext_msdu = 0 HTT_TX_DE_COMPL_STATS_TLV: tcl_dummy_frame = 0 tqm_dummy_frame = 0 tqm_notify_frame = 0 ..... Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1 Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0-03427-QCAHMTSWPL_V1.0_V2.0_SILICONZ-1.15378.4 Signed-off-by: Dinesh Karthikeyan Signed-off-by: Roopni Devanathan Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240704090535.827680-1-quic_rdevanat@quicinc.com commit 69f253e46af98af17e3efa3e5dfa72fcb7d1983d Author: Karthikeyan Periyasamy Date: Thu Jul 4 12:38:11 2024 +0530 wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11k_soc_dp_stats::hal_reo_error array is defined with a maximum size of DP_REO_DST_RING_MAX. However, the ath11k_dp_process_rx() function access ath11k_soc_dp_stats::hal_reo_error using the REO destination SRNG ring ID, which is incorrect. SRNG ring ID differ from normal ring ID, and this usage leads to out-of-bounds array access. To fix this issue, modify ath11k_dp_process_rx() to use the normal ring ID directly instead of the SRNG ring ID to avoid out-of-bounds array access. Tested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1 Signed-off-by: Karthikeyan Periyasamy Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240704070811.4186543-3-quic_periyasa@quicinc.com commit e106b7ad13c1d246adaa57df73edb8f8b8acb240 Author: Karthikeyan Periyasamy Date: Thu Jul 4 12:38:10 2024 +0530 wifi: ath12k: fix array out-of-bound access in SoC stats Currently, the ath12k_soc_dp_stats::hal_reo_error array is defined with a maximum size of DP_REO_DST_RING_MAX. However, the ath12k_dp_rx_process() function access ath12k_soc_dp_stats::hal_reo_error using the REO destination SRNG ring ID, which is incorrect. SRNG ring ID differ from normal ring ID, and this usage leads to out-of-bounds array access. To fix this issue, modify ath12k_dp_rx_process() to use the normal ring ID directly instead of the SRNG ring ID to avoid out-of-bounds array access. Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1 Signed-off-by: Karthikeyan Periyasamy Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240704070811.4186543-2-quic_periyasa@quicinc.com commit 177b49dbf9c1d8f9f25a22ffafa416fc2c8aa6a3 Author: Kang Yang Date: Wed Jul 3 17:40:49 2024 +0300 wifi: ath11k: use work queue to process beacon tx event Commit 3a415daa3e8b ("wifi: ath11k: add P2P IE in beacon template") from Feb 28, 2024 (linux-next), leads to the following Smatch static checker warning: drivers/net/wireless/ath/ath11k/wmi.c:1742 ath11k_wmi_p2p_go_bcn_ie() warn: sleeping in atomic context The reason is that ath11k_bcn_tx_status_event() will directly call might sleep function ath11k_wmi_cmd_send() during RCU read-side critical sections. The call trace is like: ath11k_bcn_tx_status_event() -> rcu_read_lock() -> ath11k_mac_bcn_tx_event() -> ath11k_mac_setup_bcn_tmpl() …… -> ath11k_wmi_bcn_tmpl() -> ath11k_wmi_cmd_send() -> rcu_read_unlock() Commit 886433a98425 ("ath11k: add support for BSS color change") added the ath11k_mac_bcn_tx_event(), commit 01e782c89108 ("ath11k: fix warning of RCU usage for ath11k_mac_get_arvif_by_vdev_id()") added the RCU lock to avoid warning but also introduced this BUG. Use work queue to avoid directly calling ath11k_mac_bcn_tx_event() during RCU critical sections. No need to worry about the deletion of vif because cancel_work_sync() will drop the work if it doesn't start or block vif deletion until the running work is done. Tested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30 Fixes: 3a415daa3e8b ("wifi: ath11k: add P2P IE in beacon template") Reported-by: Dan Carpenter Closes: https://lore.kernel.org/all/2d277abd-5e7b-4da0-80e0-52bd96337f6e@moroto.mountain/ Signed-off-by: Kang Yang Acked-by: Jeff Johnson Signed-off-by: Kalle Valo Link: https://patch.msgid.link/20240626053543.1946-1-quic_kangyang@quicinc.com commit e4bd1db1c1f771983393bf5574854dff26ca7532 Author: Zhaoxiong Lv Date: Tue Jul 9 21:47:54 2024 +0800 drm/panel: boe-th101mb31ig002: Support for starry-er88577 MIPI-DSI panel The init_code of the starry-er88577 panel is very similar to the panel-boe-th101mb31ig002-28a.c driver, so we make it compatible with the panel-boe-th101mb31ig002-28a.c driver Signed-off-by: Zhaoxiong Lv Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240709134754.28013-6-lvzhaoxiong@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240709134754.28013-6-lvzhaoxiong@huaqin.corp-partner.google.com commit 3808a15e3248820c0859d9b8a0f2c7e5c8259044 Author: Zhaoxiong Lv Date: Tue Jul 9 21:47:53 2024 +0800 dt-bindings: display: panel: Add compatible for starry-er88577 The starry-er88577 is a 10.1" WXGA TFT-LCD panel, and the init_code of the starry-er88577 panel is very similar to the boe-th101mb31ig002 panel, so We will add a new configuration based on "boe,th101mb31ig002-28a.yaml". Because the panel used reset gpio before but did not add the definition of "reset gpio" in binding, reset gpio was added in binding, but since the starry-er88577 panel did not use "reset gpio", a judgment was added here. Signed-off-by: Zhaoxiong Lv Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240709134754.28013-5-lvzhaoxiong@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240709134754.28013-5-lvzhaoxiong@huaqin.corp-partner.google.com commit a16b680a2140e6cbda41ac144564696c3ee2815f Author: Zhaoxiong Lv Date: Tue Jul 9 21:47:52 2024 +0800 drm/panel: boe-th101mb31ig002: use wrapped MIPI DCS functions Remove conditional code and always use mipi_dsi_dcs_*multi() wrappers to simplify driver's init/enable/exit code. Convert the hex in init_code from UPPERCASE to lowercase. Signed-off-by: Zhaoxiong Lv Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240709134754.28013-4-lvzhaoxiong@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240709134754.28013-4-lvzhaoxiong@huaqin.corp-partner.google.com commit 7f58ebaccb67cb22b2936ba79c844f1e446dc73b Author: Zhaoxiong Lv Date: Tue Jul 9 21:47:51 2024 +0800 drm/panel: boe-th101mb31ig002: switch to devm_gpiod_get_optional() for reset_gpio Switch the driver to use devm_gpiod_get_optional() on reset_gpio to avoid driver probe issues when reset line is not specified. Signed-off-by: Zhaoxiong Lv Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240709134754.28013-3-lvzhaoxiong@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240709134754.28013-3-lvzhaoxiong@huaqin.corp-partner.google.com commit 24179ff9a2e4524ce83014b8827a73ad03a25c13 Author: Zhaoxiong Lv Date: Tue Jul 9 21:47:50 2024 +0800 drm/panel: boe-th101mb31ig002 : Make it compatible with other panel. This driver currently only applies to one panel. Modify it to be compatible with other panels. Signed-off-by: Zhaoxiong Lv Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240709134754.28013-2-lvzhaoxiong@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240709134754.28013-2-lvzhaoxiong@huaqin.corp-partner.google.com commit 3d0e8b6edd6b08f72e07e1230f371f6ca93531e4 Author: Javier Carrasco Date: Wed Jul 3 11:50:19 2024 +0200 clk: meson: s4: pll: Constify struct regmap_config `clkc_regmap_config` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240703-clk-const-regmap-v1-6-7d15a0671d6f@gmail.com Signed-off-by: Jerome Brunet commit 02cc1df92d754fe7f8f7a0ff4487d54be3ca10a5 Author: Javier Carrasco Date: Wed Jul 3 11:50:18 2024 +0200 clk: meson: s4: peripherals: Constify struct regmap_config `clkc_regmap_config` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240703-clk-const-regmap-v1-5-7d15a0671d6f@gmail.com Signed-off-by: Jerome Brunet commit 11c7c1b94059ffc669e083190bfa67a6b535c0cd Author: Javier Carrasco Date: Wed Jul 3 11:50:17 2024 +0200 clk: meson: c3: pll: Constify struct regmap_config `clkc_regmap_config` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240703-clk-const-regmap-v1-4-7d15a0671d6f@gmail.com Signed-off-by: Jerome Brunet commit af3e4505e6bc1a011d2058ae6fff7a63e67e0868 Author: Javier Carrasco Date: Wed Jul 3 11:50:16 2024 +0200 clk: meson: c3: peripherals: Constify struct regmap_config `clkc_regmap_config` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240703-clk-const-regmap-v1-3-7d15a0671d6f@gmail.com Signed-off-by: Jerome Brunet commit 5c6ffe3537d55834dfd36f5649b637a5a9d27032 Author: Javier Carrasco Date: Wed Jul 3 11:50:15 2024 +0200 clk: meson: a1: pll: Constify struct regmap_config `a1_pll_regmap_cfg` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240703-clk-const-regmap-v1-2-7d15a0671d6f@gmail.com Signed-off-by: Jerome Brunet commit 4a7665b885b6e972cf653e4a49d16a408a9cbd8b Author: Javier Carrasco Date: Wed Jul 3 11:50:14 2024 +0200 clk: meson: a1: peripherals: Constify struct regmap_config `a1_periphs_regmap_cfg` is not modified and can be declared as const to move its data to a read-only section. Signed-off-by: Javier Carrasco Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240703-clk-const-regmap-v1-1-7d15a0671d6f@gmail.com Signed-off-by: Jerome Brunet commit 33891539f9d6f245e93a76e3fb5791338180374f Author: Nirmoy Das Date: Mon Jul 8 14:59:18 2024 +0200 drm/xe/display/xe_hdcp_gsc: Free arbiter on driver removal Free arbiter allocated in intel_hdcp_gsc_init(). Fixes: 152f2df954d8 ("drm/xe/hdcp: Enable HDCP for XE") Cc: Suraj Kandpal Cc: Arun R Murthy Cc: Lucas De Marchi Cc: Rodrigo Vivi Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240708125918.23573-1-nirmoy.das@intel.com Signed-off-by: Nirmoy Das commit 7fbad577c82c5dd6db7217855c26f51554e53d85 Author: Mitul Golani Date: Mon Jul 8 14:02:46 2024 +0530 drm/i915/display: WA for Re-initialize dispcnlunitt1 xosc clock The dispcnlunit1_cp_xosc_clk should be de-asserted in display off and only asserted in display on. As part of this workaround, Display driver shall execute set-reset sequence at the end of the initialize sequence to ensure clk does not remain active in display OFF. --v2: - Rebase. --v3: - Correct HSD number in commit message. --v4: - Reformat commit message. - Use intel_de_rmw instead of intel_de_write --v5: - Build Fixes. WA: 15013987218 Signed-off-by: Mitul Golani Reviewed-by: Nemesa Garg Reviewed-by: Suraj Kandpal Signed-off-by: Suraj Kandpal Link: https://patchwork.freedesktop.org/patch/msgid/20240708083247.2611258-1-mitulkumar.ajitkumar.golani@intel.com commit ea74bf9ccba9ae80fc0766c07c4abaef927e9e63 Author: Lucas De Marchi Date: Mon Jul 8 14:29:06 2024 -0700 drm/xe: Generate oob before compiling anything Instead of keep adding more dependencies as WAs are needed in different places of the driver, just add a rule with all the objects so the code generation happens before anything else. While at it, group lines related to wa_oob in the Makefile. v2: Prefix $(obj) when declaring dependency Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240708213041.1734028-1-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit e7a6395a889a82edb1cdcebc2c66646aca454658 Author: Tejun Heo Date: Tue Jul 9 12:30:26 2024 -1000 sched_ext: Make scx_bpf_reenqueue_local() skip tasks that are being migrated When a running task is migrated to another CPU, the stop_task is used to preempt the running task and migrate it. This, expectedly, invokes ops.cpu_release(). If the BPF scheduler then calls scx_bpf_reenqueue_local(), it re-enqueues all tasks on the local DSQ including the task which is being migrated. This creates an unnecessary re-enqueue of a task which is about to be deactivated and re-activated for migration anyway. It can also cause confusion for the BPF scheduler as scx_bpf_task_cpu() of the task and its allowed CPUs may not agree while migration is pending. Signed-off-by: Tejun Heo Fixes: 245254f7081d ("sched_ext: Implement sched_ext_ops.cpu_acquire/release()") Acked-by: David Vernet commit fd0cf516956a0aaa4d899383ee5c2ff191418b5f Author: Tejun Heo Date: Tue Jul 9 12:30:26 2024 -1000 sched_ext: Reimplement scx_bpf_reenqueue_local() scx_bpf_reenqueue_local() is used to re-enqueue tasks on the local DSQ from ops.cpu_release(). Because the BPF scheduler may dispatch tasks to the same local DSQ, to avoid processing the same tasks repeatedly, it first takes the number of queued tasks and processes the task at the head of the queue that number of times. This is incorrect as a task can be dispatched to the same local DSQ with SCX_ENQ_HEAD. Such a task will be processed repeatedly until the count is exhausted and the succeeding tasks won't be processed at all. Fix it by first moving all candidate tasks to a private list and then processing that list. While at it, remove the WARNs. They're rather superflous as later steps will check them anyway. Signed-off-by: Tejun Heo Fixes: 245254f7081d ("sched_ext: Implement sched_ext_ops.cpu_acquire/release()") Acked-by: David Vernet commit b2013783c4458a1fe8b25c0b249d2e878bcf6999 Author: Mitul Golani Date: Thu Jul 4 13:56:38 2024 +0530 drm/i915/display: Cache adpative sync caps to use it later Add new member to struct intel_dp to cache support of Adaptive Sync SDP capabilities and use it whenever required to avoid HW access to read capability during each atomic commit. -v2: - Squash both the patches Signed-off-by: Mitul Golani Reviewed-by: Arun R Murthy Link: https://patchwork.freedesktop.org/patch/msgid/20240704082638.2302092-2-mitulkumar.ajitkumar.golani@intel.com Signed-off-by: Rodrigo Vivi commit 7b5bdae7740eb6a3d09f9cd4e4b07362a15b86b3 Author: Umesh Nerlige Ramappa Date: Fri Jun 28 17:56:43 2024 -0700 i915/perf: Remove code to update PWR_CLK_STATE for gen12 PWR_CLK_STATE only needs to be modified up until gen11. For gen12 this code is not applicable. Remove code to update context image with PWR_CLK_STATE for gen12. Fixes: 00a7f0d7155c ("drm/i915/tgl: Add perf support on TGL") Signed-off-by: Umesh Nerlige Ramappa Reviewed-by: Ashutosh Dixit Link: https://patchwork.freedesktop.org/patch/msgid/20240629005643.3050678-1-umesh.nerlige.ramappa@intel.com commit 488386d7ec680c8900f81b3fd7570797935bf1ff Author: Krzysztof Kozlowski Date: Mon Jul 1 18:52:10 2024 +0200 ARM: dts: amlogic: meson8b-ec100: align GPIO keys node name with bindings Bindings expect the GPIO keys node names to follow certain pattern, see dtbs_check warnings: meson8b-ec100.dtb: gpio-keys: '#address-cells', '#size-cells' do not match any of the regexes: '^(button|event|key|switch|(button|event|key|switch)... Signed-off-by: Krzysztof Kozlowski Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240701165210.578817-1-krzysztof.kozlowski@linaro.org Signed-off-by: Neil Armstrong commit 3d122660dc70029d9cccb4e8670125f0affa959e Author: Lucas De Marchi Date: Mon Jul 8 10:33:01 2024 -0700 drm/xe/gt: Remove double include The header generated/xe_wa_oob.h is included twice. Remove one. Fixes: 01570b446939 ("drm/xe/bmg: implement Wa_16023588340") Reported-by: kernel test robot Closes: https://lore.kernel.org/r/202407052122.AzuWSPuo-lkp@intel.com/ Reviewed-by: Michal Wajdeczko Link: https://patchwork.freedesktop.org/patch/msgid/20240708173301.1543871-1-lucas.demarchi@intel.com Signed-off-by: Lucas De Marchi commit 56ab6986992ba143aee0bda33e15a764343e271d Author: Bommu Krishnaiah Date: Wed Jul 3 14:37:54 2024 +0530 drm/xe/xe2lpg: Extend workaround 14021402888 workaround 14021402888 also applies to Xe2_LPG. Replicate the existing entry to one specific for Xe2_LPG. Signed-off-by: Bommu Krishnaiah Cc: Tejas Upadhyay Cc: Matt Roper Cc: Himal Prasad Ghimiray Reviewed-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240703090754.1323647-1-krishnaiah.bommu@intel.com Signed-off-by: Lucas De Marchi commit 533ca79cd9f734aae56814445e3f1e6cc1a50358 Author: Cong Yang Date: Thu Jul 4 12:50:17 2024 +0800 drm/panel: jd9365da: Break some CMDS into helper functions These panels have some common cmds (e0h~e3h,80h), let's break them into helper functions. Signed-off-by: Cong Yang Reviewed-by: Linus Walleij Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20240704045017.2781991-4-yangcong5@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240704045017.2781991-4-yangcong5@huaqin.corp-partner.google.com commit c4ce398cf18ae2859cc9930a9486b576ce262de9 Author: Cong Yang Date: Thu Jul 4 12:50:16 2024 +0800 drm/panel: jd9365da: Support for Melfas lmfbx101117480 MIPI-DSI panel The Melfas lmfbx101117480 is a 10.1" WXGA TFT-LCD panel, use jd9365da controller, which fits in nicely with the existing panel-jadard-jd9365da-h3 driver. Hence, we add a new compatible with panel specific config. Signed-off-by: Cong Yang Acked-by: Linus Walleij Reviewed-by: Douglas Anderson Link: https://lore.kernel.org/r/20240704045017.2781991-3-yangcong5@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240704045017.2781991-3-yangcong5@huaqin.corp-partner.google.com commit e7305ad465b50deaa7a9f3a97dde3b22cbd00474 Author: Cong Yang Date: Thu Jul 4 12:50:15 2024 +0800 dt-bindings: display: panel: Add compatible for melfas lmfbx101117480 The Melfas lmfbx101117480 is a 10.1" WXGA TFT LCD panel with jadard-jd9365da controller. Hence, we add a new compatible with panel specific config. Signed-off-by: Cong Yang Acked-by: Conor Dooley Link: https://lore.kernel.org/r/20240704045017.2781991-2-yangcong5@huaqin.corp-partner.google.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240704045017.2781991-2-yangcong5@huaqin.corp-partner.google.com commit 014e597d35816b56c7aac1348b77c73657c4066e Author: Manikandan Muralidharan Date: Mon Jul 1 14:28:37 2024 +0530 drm/panel: himax-hx8394: Add Support for Microchip AC40T08A MIPI Display Panel Add support for the Microchip AC40T08A MIPI Display panel. This panel uses a Himax HX8394 display controller and requires a vendor provided init sequence. The display resolution is 720x1280@60Hz with width and height of 76mm and 132mm respectively. Signed-off-by: Manikandan Muralidharan Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240701085837.50855-4-manikandan.m@microchip.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240701085837.50855-4-manikandan.m@microchip.com commit 1dcfca093be9e013a53e3c9b74b3f60ea9c5160e Author: Manikandan Muralidharan Date: Mon Jul 1 14:28:36 2024 +0530 drm/panel: himax-hx8394: switch to devm_gpiod_get_optional() for reset_gpio Switch the driver to use devm_gpiod_get_optional() on reset_gpio to avoid driver probe issues when reset line is not specified. Signed-off-by: Manikandan Muralidharan Reviewed-by: Neil Armstrong Link: https://lore.kernel.org/r/20240701085837.50855-3-manikandan.m@microchip.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240701085837.50855-3-manikandan.m@microchip.com commit 223c12dd492d67d90d3712ef3d9e042116a47522 Author: Manikandan Muralidharan Date: Mon Jul 1 14:28:35 2024 +0530 dt-bindings: display: himax-hx8394: Add Microchip AC40T08A MIPI Display panel Add compatible string for the Microchip's AC40T08A MIPI Display panel.This panel uses a Himax HX8394 display controller. The reset line is not populated and leads to driver probe issues, thus add conditional block to narrow reset-gpio property per variant. Signed-off-by: Manikandan Muralidharan Reviewed-by: Conor Dooley Link: https://lore.kernel.org/r/20240701085837.50855-2-manikandan.m@microchip.com Signed-off-by: Neil Armstrong Link: https://patchwork.freedesktop.org/patch/msgid/20240701085837.50855-2-manikandan.m@microchip.com commit 3756310e9fe1e0182adac89cedaa98c0eea66675 Author: Thomas Hellström Date: Fri Jul 5 17:32:05 2024 +0200 drm/ttm: Use the LRU walker for eviction Use the LRU walker for eviction. This helps removing a lot of code with weird locking semantics. The functionality is slightly changed so that when trylocked buffer objects are exhausted, we continue to interleave walks with ticket-locks while there is still progress made. The list walks are not restarted in-between evictions. Also provide a separate ttm_bo_evict_first() function for its single user. The context of that user allows sleeping dma_resv locks. v6: - Various cleanups suggested by Matthew Brost. - Fix error return code of ttm_bo_evict_first(). (Matthew Brost) - Fix an error check that was inverted. (Matthew Brost) v7: - Use s64 rather than long (Christian König) - Early ttm_resource_cursor_fini() in ttm_bo_evict_first(). - Simplify check for bo_moved in ttm_bo_evict_first(). (Christian König) - Don't evict pinned bos. Cc: Christian König Cc: Somalapuram Amaranath Cc: Matthew Brost Cc: Signed-off-by: Thomas Hellström Reviewed-by: Matthew Brost #v6 Link: https://patchwork.freedesktop.org/patch/msgid/20240705153206.68526-8-thomas.hellstrom@linux.intel.com Signed-off-by: Christian König commit 10efe34dae798c652053d4363871914c478f1475 Author: Thomas Hellström Date: Fri Jul 5 17:32:04 2024 +0200 drm/ttm: Use the LRU walker helper for swapping Rework the TTM swapping to use the LRU walker helper. This helps fixing up the ttm_bo_swapout() interface to be consistent about not requiring any locking. For now mimic the current behaviour of using trylock only. We could be using ticket-locks here but defer that until it's deemed necessary. The TTM swapout functionality is a bit weird anyway since it alternates between memory types without exhausting TTM_PL_SYSTEM first. Intentionally keep pages as the unit of progress since changing that to bytes is an unrelated change that can be done later. v6: - Improve on error code translation in the swapout callback (Matthew Brost). v7: - Use s64 rather than long. - Remove ttm_resource_cursor_fini() since it's no longer used. - Rename ttm_resource_cursor_fini_locked() to ttm_resource_cursor_fini(). - Don't swap out pinned bos. Cc: Christian König Cc: Somalapuram Amaranath Cc: Matthew Brost Cc: Signed-off-by: Thomas Hellström Reviewed-by: Matthew Brost #v6 Link: https://patchwork.freedesktop.org/patch/msgid/20240705153206.68526-7-thomas.hellstrom@linux.intel.com Signed-off-by: Christian König commit da966b82bf3d16f89a05732c933a589ec798d3f7 Author: Thomas Hellström Date: Fri Jul 5 17:32:03 2024 +0200 drm/ttm: Provide a generic LRU walker helper Provide a generic LRU walker in TTM, in the spirit of drm_gem_lru_scan() but building on the restartable TTM LRU functionality. The LRU walker optionally supports locking objects as part of a ww mutex locking transaction, to mimic to some extent the current functionality in ttm. However any -EDEADLK return is converted to -ENOSPC and then to -ENOMEM before reaching the driver, so that the driver will need to backoff and possibly retry without being able to keep the ticket. v3: - Move the helper to core ttm. - Remove the drm_exec usage from it for now, it will be reintroduced later in the series. v4: - Handle the -EALREADY case if ticketlocking. v6: - Some cleanup and added code comments (Matthew Brost) - Clarified the ticketlock in the commit message (Matthew Brost) v7: - Use s64 rather than long for the target and progress (Christian König) - Update documentation to not encourage using pages as a progress measure. (Christian König) - Remove cond_resched(). (Christian König) Cc: Christian König Cc: Somalapuram Amaranath Cc: Matthew Brost Cc: Signed-off-by: Thomas Hellström Reviewed-by: Matthew Brost #v6 Link: https://patchwork.freedesktop.org/patch/msgid/20240705153206.68526-6-thomas.hellstrom@linux.intel.com Signed-off-by: Christian König commit 4c44f89c5daee9540cb7428de5d835bd00951350 Author: Thomas Hellström Date: Fri Jul 5 17:32:02 2024 +0200 drm/ttm, drm/amdgpu, drm/xe: Consider hitch moves within bulk sublist moves To address the problem with hitches moving when bulk move sublists are lru-bumped, register the list cursors with the ttm_lru_bulk_move structure when traversing its list, and when lru-bumping the list, move the cursor hitch to the tail. This also means it's mandatory for drivers to call ttm_lru_bulk_move_init() and ttm_lru_bulk_move_fini() when initializing and finalizing the bulk move structure, so add those calls to the amdgpu- and xe driver. Compared to v1 this is slightly more code but less fragile and hopefully easier to understand. Changes in previous series: - Completely rework the functionality - Avoid a NULL pointer dereference assigning manager->mem_type - Remove some leftover code causing build problems v2: - For hitch bulk tail moves, store the mem_type in the cursor instead of with the manager. v3: - Remove leftover mem_type member from change in v2. v6: - Add some lockdep asserts (Matthew Brost) - Avoid NULL pointer dereference (Matthew Brost) - No need to check bo->resource before dereferencing bo->bulk_move (Matthew Brost) Cc: Christian König Cc: Somalapuram Amaranath Cc: Matthew Brost Cc: Signed-off-by: Thomas Hellström Reviewed-by: Matthew Brost Acked-by: Christian König Link: https://patchwork.freedesktop.org/patch/msgid/20240705153206.68526-5-thomas.hellstrom@linux.intel.com Signed-off-by: Christian König commit 8e9bf0fb10a79aaed37474600948cd33d14aa606 Author: Thomas Hellström Date: Fri Jul 5 17:32:01 2024 +0200 drm/ttm: Use LRU hitches Have iterators insert themselves into the list they are iterating over using hitch list nodes. Since only the iterator owner can remove these list nodes from the list, it's safe to unlock the list and when continuing, use them as a starting point. Due to the way LRU bumping works in TTM, newly added items will not be missed, and bumped items will be iterated over a second time before reaching the end of the list. The exception is list with bulk move sublists. When bumping a sublist, a hitch that is part of that sublist will also be moved and we might miss items if restarting from it. This will be addressed in a later patch. Changes in previous series: - Updated ttm_resource_cursor_fini() documentation. v2: - Don't reorder ttm_resource_manager_first() and _next(). (Christian König). - Use list_add instead of list_move (Christian König) v3: - Split into two patches, one cleanup, one new functionality (Christian König) - use ttm_resource_cursor_fini_locked() instead of open-coding (Matthew Brost) Cc: Christian König Cc: Somalapuram Amaranath Cc: Matthew Brost Cc: Signed-off-by: Thomas Hellström Reviewed-by: Matthew Brost Reviewed-by: Christian König Link: https://patchwork.freedesktop.org/patch/msgid/20240705153206.68526-4-thomas.hellstrom@linux.intel.com Signed-off-by: Christian König commit 9c62fb62c9f0761eeda8f2a9517e007ff2cdbe9a Author: Thomas Hellström Date: Fri Jul 5 17:32:00 2024 +0200 drm/ttm: Slightly clean up LRU list iteration To make the transition to using lru hitches easier, simplify the ttm_resource_manager_next() interface to only take the cursor and reuse ttm_resource_manager_next() functionality from ttm_resource_manager_first(). Cc: Christian König Cc: Somalapuram Amaranath Cc: Matthew Brost Cc: Signed-off-by: Thomas Hellström Reviewed-by: Matthew Brost Reviewed-by: Christian König Link: https://patchwork.freedesktop.org/patch/msgid/20240705153206.68526-3-thomas.hellstrom@linux.intel.com Signed-off-by: Christian König commit 6be74ddd0609959b4005f88b6a4d4af678e4a71f Author: Thomas Hellström Date: Fri Jul 5 17:31:59 2024 +0200 drm/ttm: Allow TTM LRU list nodes of different types To be able to handle list unlocking while traversing the LRU list, we want the iterators not only to point to the next position of the list traversal, but to insert themselves as list nodes at that point to work around the fact that the next node might otherwise disappear from the list while the iterator is pointing to it. These list nodes need to be easily distinguishable from other list nodes so that others traversing the list can skip over them. So declare a struct ttm_lru_item, with a struct list_head member and a type enum. This will slightly increase the size of a struct ttm_resource. Changes in previous series: - Update enum ttm_lru_item_type documentation. v3: - Introduce ttm_lru_first_res_or_null() (Christian König, Thomas Hellström) v5: - Update also the TTM test code (Xe CI). Cc: Christian König Cc: Somalapuram Amaranath Cc: Matthew Brost Cc: Signed-off-by: Thomas Hellström Reviewed-by: Matthew Brost Reviewed-by: Christian König Link: https://patchwork.freedesktop.org/patch/msgid/20240705153206.68526-2-thomas.hellstrom@linux.intel.com Signed-off-by: Christian König commit ce7c90bfda2656418c69ba0dd8f8a7536b8928d4 Author: Christophe JAILLET Date: Sat Jan 6 17:54:32 2024 +0100 drm/stm: Fix an error handling path in stm_drm_platform_probe() If drm_dev_register() fails, a call to drv_load() must be undone, as already done in the remove function. Fixes: b759012c5fa7 ("drm/stm: Add STM32 LTDC driver") Signed-off-by: Christophe JAILLET Acked-by: Raphael Gallais-Pou Link: https://patchwork.freedesktop.org/patch/msgid/20fff7f853f20a48a96db8ff186124470ec4d976.1704560028.git.christophe.jaillet@wanadoo.fr Signed-off-by: Raphael Gallais-Pou commit f592e01664b4a57b109fcf6f6916145517f94bd7 Author: Sebastian Wick Date: Tue Jul 2 16:30:16 2024 +0200 drm/drm_connector: Document Colorspace property variants The initial idea of the Colorspace prop was that this maps 1:1 to InfoFrames/SDP but KMS does not give user space enough information nor control over the output format to figure out which variants can be used for a given KMS commit. At the same time, properties like Broadcast RGB expect full range quantization range being produced by user space from the CRTC and drivers to convert to the range expected by the sink for the chosen output format, mode, InfoFrames, etc. This change documents the reality of the Colorspace property. The Default variant unfortunately is very much driver specific and not reflected by the EDID. The BT2020 variants are in active use by generic compositors which have expectations from the driver about the conversions it has to do when selecting certain output formats. Everything else is also marked as undefined. Coming up with valid behavior that makes it usable from user space and consistent with other KMS properties for those variants is left as an exercise for whoever wants to use them. v2: * Talk about "pixel operation properties" that user space configures * Mention that user space is responsible for checking the EDID for sink support * Make it clear that drivers can choose between RGB and YCbCr on their own Signed-off-by: Sebastian Wick Reviewed-by: Pekka Paalanen Signed-off-by: Maxime Ripard Link: https://patchwork.freedesktop.org/patch/msgid/20240702143017.2429975-1-sebastian.wick@redhat.com commit 6fbd643318a1a5f3caea7f94bfe035efbb293ddb Author: Tejun Heo Date: Mon Jul 8 14:30:55 2024 -1000 sched_ext/scx_qmap: Add an example usage of DSQ iterator Implement periodic dumping of the shared DSQ to demonstrate the use of the newly added DSQ iterator. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Alexei Starovoitov Cc: bpf@vger.kernel.org commit 650ba21b131ed1f8ee57826b2c6295a3be221132 Author: Tejun Heo Date: Mon Jul 8 14:30:55 2024 -1000 sched_ext: Implement DSQ iterator DSQs are very opaque in the consumption path. The BPF scheduler has no way of knowing which tasks are being considered and which is picked. This patch adds BPF DSQ iterator. - Allows iterating tasks queued on a DSQ in the dispatch order or reverse from anywhere using bpf_for_each(scx_dsq) or calling the iterator kfuncs directly. - Has ordering guarantee where only tasks which were already queued when the iteration started are visible and consumable during the iteration. v5: - Add a comment to the naked list_empty(&dsq->list) test in consume_dispatch_q() to explain the reasoning behind the lockless test and by extension why nldsq_next_task() isn't used there. - scx_qmap changes separated into its own patch. v4: - bpf_iter_scx_dsq_new() declaration in common.bpf.h was using the wrong type for the last argument (bool rev instead of u64 flags). Fix it. v3: - Alexei pointed out that the iterator is too big to allocate on stack. Added a prep patch to reduce the size of the cursor. Now bpf_iter_scx_dsq is 48 bytes and bpf_iter_scx_dsq_kern is 40 bytes on 64bit. - u32_before() comparison factored out. v2: - scx_bpf_consume_task() is separated out into a separate patch. - DSQ seq and iter flags don't need to be u64. Use u32. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Alexei Starovoitov Cc: bpf@vger.kernel.org commit d4af01c3731ff9c6e224d7183f8226a56d72b56c Author: Tejun Heo Date: Mon Jul 8 14:30:55 2024 -1000 sched_ext: Take out ->priq and ->flags from scx_dsq_node struct scx_dsq_node contains two data structure nodes to link the containing task to a DSQ and a flags field that is protected by the lock of the associated DSQ. One reason why they are grouped into a struct is to use the type independently as a cursor node when iterating tasks on a DSQ. However, when iterating, the cursor only needs to be linked on the FIFO list and the rb_node part ends up inflating the size of the iterator data structure unnecessarily making it potentially too expensive to place it on stack. Take ->priq and ->flags out of scx_dsq_node and put them in sched_ext_entity as ->dsq_priq and ->dsq_flags, respectively. scx_dsq_node is renamed to scx_dsq_list_node and the field names are renamed accordingly. This will help implementing DSQ task iterator that can be allocated on stack. No functional change intended. Signed-off-by: Tejun Heo Suggested-by: Alexei Starovoitov Acked-by: Alexei Starovoitov Cc: David Vernet commit caaf1f44a6a27bae33eee189842c4d8fc21c3b02 Author: Matthew Brost Date: Mon Jul 8 14:10:08 2024 -0700 drm/xe: Drop trace_xe_hw_fence_free fence->ctx may be stale memory when trace_xe_hw_fence_free is called resuling UAF bug when deriving the device name. This tracepoint is not all that useful, so just drop it. Fixes: 501c4255c409 ("drm/xe/trace: Print device_id in xe_trace events") Cc: Ville Syrjälä Cc: Lucas De Marchi Cc: Gustavo Sousa Cc: Radhakrishna Sripada Cc: Matt Roper Signed-off-by: Matthew Brost Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240708211008.956384-1-matthew.brost@intel.com commit bc5846d3d3dff9f057e2897a736b51584785da30 Author: Douglas Anderson Date: Wed Jun 12 15:23:43 2024 -0700 drm/tegra: Call drm_atomic_helper_shutdown() at shutdown time Based on grepping through the source code this driver appears to be missing a call to drm_atomic_helper_shutdown() at system shutdown time. Among other things, this means that if a panel is in use that it won't be cleanly powered off at system shutdown time. The fact that we should call drm_atomic_helper_shutdown() in the case of OS shutdown/restart comes straight out of the kernel doc "driver instance overview" in drm_drv.c. Suggested-by: Maxime Ripard Reviewed-by: Maxime Ripard Acked-by: Thierry Reding Signed-off-by: Douglas Anderson Link: https://patchwork.freedesktop.org/patch/msgid/20240612152336.v2.3.Ifb4450979b62976fd5a98847dade2e5b377d47c8@changeid commit e196c908f92795e76377d2392a16f9fd5d508a61 Author: Tejun Heo Date: Mon Jul 8 09:39:48 2024 -1000 sched, sched_ext: Move some declarations from kernel/sched/ext.h to sched.h While sched_ext was out of tree, everything sched_ext specific which can be put in kernel/sched/ext.h was put there to ease forward porting. However, kernel/sched/sched.h is the better location for some of them. Relocate. - struct sched_enq_and_set_ctx, sched_deq_and_put_task() and sched_enq_and_set_task(). - scx_enabled() and scx_switched_all(). - for_active_class_range() and for_each_active_class(). sched_class declarations are moved above the class iterators for this. No functional changes intended. Signed-off-by: Tejun Heo Suggested-by: Linus Torvalds Cc: David Vernet Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner commit 744d83601ffa11ebbca52c0ec0b039e269d05054 Author: Tejun Heo Date: Mon Jul 8 09:39:48 2024 -1000 sched, sched_ext: Open code for_balance_class_range() For flexibility, sched_ext allows the BPF scheduler to select the CPU to execute a task on at dispatch time so that e.g. a queue can be shared across multiple CPUs. To enable this, the dispatch path is executed from balance() so that a dispatched task can be hot-migrated to its target CPU. This means that sched_ext needs its balance() method invoked before every pick_next_task() even when the CPU is waking up from SCHED_IDLE. for_balance_class_range() defined in kernel/sched/ext.h implements this selective iteration promotion. However, the indirection obfuscates more than helps. Open code the iteration promotion in put_prev_task_balance() and remove for_balance_class_range(). No functional changes intended. Signed-off-by: Tejun Heo Suggested-by: Linus Torvalds Acked-by: David Vernet Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner commit 6ab228ecc3fd9e0e3cdda32e56e39faac0dc500f Author: Tejun Heo Date: Mon Jul 8 09:39:48 2024 -1000 sched_ext: Minor cleanups in kernel/sched/ext.h - scx_ops_cpu_preempt is only used in kernel/sched/ext.c and doesn't need to be global. Make it static. - Relocate task_on_scx() so that the inline functions are located together. Signed-off-by: Tejun Heo Acked-by: David Vernet commit 9f391f94a1730232ad2760202755b2d9baf4688d Author: Tejun Heo Date: Wed Jun 26 15:27:02 2024 -1000 sched_ext: Disallow loading BPF scheduler if isolcpus= domain isolation is in effect sched_domains regulate the load balancing for sched_classes. A machine can be partitioned into multiple sections that are not load-balanced across using either isolcpus= boot param or cpuset partitions. In such cases, tasks that are in one partition are expected to stay within that partition. cpuset configured partitions are always reflected in each member task's cpumask. As SCX always honors the task cpumasks, the BPF scheduler is automatically in compliance with the configured partitions. However, for isolcpus= domain isolation, the isolated CPUs are simply omitted from the top-level sched_domain[s] without further restrictions on tasks' cpumasks, so, for example, a task currently running in an isolated CPU may have more CPUs in its allowed cpumask while expected to remain on the same CPU. There is no straightforward way to enforce this partitioning preemptively on BPF schedulers and erroring out after a violation can be surprising. isolcpus= domain isolation is being replaced with cpuset partitions anyway, so keep it simple and simply disallow loading a BPF scheduler if isolcpus= domain isolation is in effect. Signed-off-by: Tejun Heo Link: http://lkml.kernel.org/r/20240626082342.GY31592@noisy.programming.kicks-ass.net Cc: David Vernet Cc: Peter Zijlstra Cc: Frederic Weisbecker commit e98abd22fbcada509f776229af688b7f74d6cdba Author: Tejun Heo Date: Mon Jul 8 09:19:14 2024 -1000 sched_ext: Account for idle policy when setting p->scx.weight in scx_ops_enable_task() When initializing p->scx.weight, scx_ops_enable_task() wasn't considering whether the task is SCHED_IDLE. Update it to use WEIGHT_IDLEPRIO as the source weight for SCHED_IDLE tasks. This leaves reweight_task_scx() the sole user of set_task_scx_weight(). Open code it. @weight is going to be provided by sched core in the future anyway. v2: Use the newly available @lw->weight to set @p->scx.weight in reweight_task_scx(). Signed-off-by: Tejun Heo Cc: David Vernet Cc: Peter Zijlstra commit 60564acbef5c43eeb11ecadf6efe17ac255a80b1 Author: Tejun Heo Date: Mon Jun 24 10:51:49 2024 -1000 sched, sched_ext: Simplify dl_prio() case handling in sched_fork() sched_fork() returns with -EAGAIN if dl_prio(@p). a7a9fc549293 ("sched_ext: Add boilerplate for extensible scheduler class") added scx_pre_fork() call before it and then scx_cancel_fork() on the exit path. This is silly as the dl_prio() block can just be moved above the scx_pre_fork() call. Move the dl_prio() block above the scx_pre_fork() call and remove the now unnecessary scx_cancel_fork() invocation. Signed-off-by: Tejun Heo Suggested-by: Thomas Gleixner Cc: Ingo Molnar Cc: Peter Zijlstra Cc: David Vernet commit 6203ef73fa5c0358f7960b038628259be1448724 Author: Hongyan Xia Date: Mon Jul 8 15:01:18 2024 +0100 sched/ext: Add BPF function to fetch rq rq contains many useful fields to implement a custom scheduler. For example, various clock signals like clock_task and clock_pelt can be used to track load. It also contains stats in other sched_classes, which are useful to drive scheduling decisions in ext. tj: Put the new helper below scx_bpf_task_*() helpers. Signed-off-by: Hongyan Xia Signed-off-by: Tejun Heo commit 7b9f6c864a3429ef086998a3d2b04e93fee7d051 Merge: 18b2bd03371b64 d329605287020c Author: Tejun Heo Date: Mon Jul 8 07:01:58 2024 -1000 Merge branch 'sched/core' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip into for-6.11 d32960528702 ("sched/fair: set_load_weight() must also call reweight_task() for SCHED_IDLE tasks") applied to sched/core changes how reweight_task() is called causing conflicts with e83edbf88f18 ("sched: Add sched_class->reweight_task()"). Resolve the conflicts by taking set_load_weight() changes from d32960528702 and updating sched_class->reweight_task() to take pointer to struct load_weight instead of int prio. Signed-off-by: Tejun Heo commit 74e3076800067c6dc0dcff5b75344cec064c20eb Author: Ngai-Mint Kwan Date: Mon Jul 1 11:46:37 2024 -0700 drm/xe/xe2lpm: Extend Wa_16021639441 Wa_16021639441 applies to Xe2_LPM. Signed-off-by: Ngai-Mint Kwan Reviewed-by: Matt Roper Signed-off-by: Matt Roper Link: https://patchwork.freedesktop.org/patch/msgid/20240701184637.531794-1-ngai-mint.kwan@linux.intel.com commit 5a716b06b329bd2108c95a4f04c71bbe491729f2 Author: Jiapeng Chong Date: Mon Jul 1 14:23:04 2024 +0800 drm/stm: Remove unnecessary .owner for lvds_platform_driver Remove .owner field if calls are used which set it automatically. ./drivers/gpu/drm/stm/lvds.c:1213:3-8: No need to set .owner here. The core will do it. Reported-by: Abaci Robot Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=9457 Signed-off-by: Jiapeng Chong Acked-by: Raphael Gallais-Pou Signed-off-by: Philippe Cornu Link: https://patchwork.freedesktop.org/patch/msgid/20240701062304.42844-1-jiapeng.chong@linux.alibaba.com commit b35e0dc548aa34eb39d80962e370e048dff7de88 Author: Benjamin Tissoires Date: Fri Jul 5 14:09:25 2024 +0200 HID: samples: fix the 2 struct_ops definitions Turns out that this is not compiling anymore because the hid_bpf_ops struct_ops definition had a change during the revisions. Fixes: e342d6f6f7d8 ("HID: samples: convert the 2 HID-BPF samples into struct_ops") Link: https://patch.msgid.link/20240705-for-6-11-bpf-v1-1-1960e3165c9e@kernel.org Signed-off-by: Benjamin Tissoires commit f3a47a269119ade7ea22d0465c7fbe518ca1bdfc Author: Lyude Paul Date: Wed Jul 3 12:04:58 2024 -0400 drm/vkms: Remove event from vkms_output While working on rvkms, I noticed that there's no code that actually uses the drm_pending_vblank_event that's embedded in vkms_output. So, just drop the member from the struct. Signed-off-by: Lyude Paul Reviewed-by: Louis Chauvet Tested-by: Louis Chauvet Reviewed-by: Maíra Canal Signed-off-by: Maíra Canal Link: https://patchwork.freedesktop.org/patch/msgid/20240703160458.1303872-1-lyude@redhat.com commit 01e0cfc994be484ddcb9e121e353e51d8bb837c0 Author: Thomas Hellström Date: Fri Jul 5 15:28:28 2024 +0200 drm/xe: Use write-back caching mode for system memory on DGFX The caching mode for buffer objects with VRAM as a possible placement was forced to write-combined, regardless of placement. However, write-combined system memory is expensive to allocate and even though it is pooled, the pool is expensive to shrink, since it involves global CPU TLB flushes. Moreover write-combined system memory from TTM is only reliably available on x86 and DGFX doesn't have an x86 restriction. So regardless of the cpu caching mode selected for a bo, internally use write-back caching mode for system memory on DGFX. Coherency is maintained, but user-space clients may perceive a difference in cpu access speeds. v2: - Update RB- and Ack tags. - Rephrase wording in xe_drm.h (Matt Roper) v3: - Really rephrase wording. Signed-off-by: Thomas Hellström Fixes: 622f709ca629 ("drm/xe/uapi: Add support for CPU caching mode") Cc: Pallavi Mishra Cc: Matthew Auld Cc: dri-devel@lists.freedesktop.org Cc: Joonas Lahtinen Cc: Effie Yu Cc: Matthew Brost Cc: Maarten Lankhorst Cc: Jose Souza Cc: Michal Mrozek Cc: # v6.8+ Acked-by: Matthew Auld Acked-by: José Roberto de Souza Reviewed-by: Rodrigo Vivi Fixes: 622f709ca629 ("drm/xe/uapi: Add support for CPU caching mode") Acked-by: Michal Mrozek Acked-by: Effie Yu #On chat Link: https://patchwork.freedesktop.org/patch/msgid/20240705132828.27714-1-thomas.hellstrom@linux.intel.com commit 2bf506b46d38e253693fb22e62469df4af4cbff1 Author: Krzysztof Kozlowski Date: Sat Mar 30 21:57:22 2024 +0100 drm/sti: hqvdp: drop driver owner assignment Core in platform_driver_register() already sets the .owner, so driver does not need to. Whatever is set here will be anyway overwritten by main driver calling platform_driver_register(). Signed-off-by: Krzysztof Kozlowski Acked-by: Alain Volmat Link: https://patchwork.freedesktop.org/patch/msgid/20240330205722.93801-2-krzysztof.kozlowski@linaro.org Signed-off-by: Maxime Ripard commit f87f19b8106d6a93272edd398e5f8807693bf6dd Author: Krzysztof Kozlowski Date: Sat Mar 30 21:57:21 2024 +0100 drm/sti: hdmi: drop driver owner assignment Core in platform_driver_register() already sets the .owner, so driver does not need to. Whatever is set here will be anyway overwritten by main driver calling platform_driver_register(). Signed-off-by: Krzysztof Kozlowski Acked-by: Alain Volmat Link: https://patchwork.freedesktop.org/patch/msgid/20240330205722.93801-1-krzysztof.kozlowski@linaro.org Signed-off-by: Maxime Ripard commit 4864402d98936f55646fa3b47ad49ff499d87c9c Author: Krzysztof Kozlowski Date: Sat Mar 30 21:38:31 2024 +0100 drm/sti: vtg: drop driver owner assignment Core in platform_driver_register() already sets the .owner, so driver does not need to. Whatever is set here will be anyway overwritten by main driver calling platform_driver_register(). Signed-off-by: Krzysztof Kozlowski Acked-by: Alain Volmat Link: https://patchwork.freedesktop.org/patch/msgid/20240330203831.87003-4-krzysztof.kozlowski@linaro.org Signed-off-by: Maxime Ripard commit 8e3772161ce4a89c6b5d33d3b0155b57712ea5da Author: Krzysztof Kozlowski Date: Sat Mar 30 21:38:30 2024 +0100 drm/sti: tvout: drop driver owner assignment Core in platform_driver_register() already sets the .owner, so driver does not need to. Whatever is set here will be anyway overwritten by main driver calling platform_driver_register(). Signed-off-by: Krzysztof Kozlowski Acked-by: Alain Volmat Link: https://patchwork.freedesktop.org/patch/msgid/20240330203831.87003-3-krzysztof.kozlowski@linaro.org Signed-off-by: Maxime Ripard commit 5223ba83c4d79c6f62ac62f6def42727a8e53d7e Author: Krzysztof Kozlowski Date: Sat Mar 30 21:38:29 2024 +0100 drm/sti: hda: drop driver owner assignment Core in platform_driver_register() already sets the .owner, so driver does not need to. Whatever is set here will be anyway overwritten by main driver calling platform_driver_register(). Signed-off-by: Krzysztof Kozlowski Acked-by: Alain Volmat Link: https://patchwork.freedesktop.org/patch/msgid/20240330203831.87003-2-krzysztof.kozlowski@linaro.org Signed-off-by: Maxime Ripard commit c41ef1b42af789dca5846493a4a9b6df398fc0ad Author: Krzysztof Kozlowski Date: Sat Mar 30 21:38:28 2024 +0100 drm/sti: dvo: drop driver owner assignment Core in platform_driver_register() already sets the .owner, so driver does not need to. Whatever is set here will be anyway overwritten by main driver calling platform_driver_register(). Signed-off-by: Krzysztof Kozlowski Acked-by: Alain Volmat Link: https://patchwork.freedesktop.org/patch/msgid/20240330203831.87003-1-krzysztof.kozlowski@linaro.org Signed-off-by: Maxime Ripard commit c55f79f317ab428ae6d005965bc07e37496f209f Author: Matthew Auld Date: Wed Jul 3 13:43:39 2024 +0100 drm/i915: disable fbc due to Wa_16023588340 On BMG-G21 we need to disable fbc due to complications around the WA. v2: - Try to handle with i915_drv.h and compat layer. (Rodrigo) v3: - For simplicity retreat back to the original design for now. - Drop the extra \ from the Makefile (Jani) Signed-off-by: Matthew Auld Cc: Jonathan Cavitt Cc: Matt Roper Cc: Lucas De Marchi Cc: Vinod Govindapillai Cc: Jani Nikula Cc: intel-gfx@lists.freedesktop.org Reviewed-by: Jonathan Cavitt Acked-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240703124338.208220-4-matthew.auld@intel.com commit 01570b446939c3538b1aa3d059837f49fa14a3ae Author: Matthew Auld Date: Wed Jul 3 13:43:38 2024 +0100 drm/xe/bmg: implement Wa_16023588340 This involves enabling l2 caching of host side memory access to VRAM through the CPU BAR. The main fallout here is with display since VRAM writes from CPU can now be cached in GPU l2, and display is never coherent with caches, so needs various manual flushing. In the case of fbc we disable it due to complications in getting this to work correctly (in a later patch). Signed-off-by: Matthew Auld Cc: Jonathan Cavitt Cc: Matt Roper Cc: Lucas De Marchi Cc: Vinod Govindapillai Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240703124338.208220-3-matthew.auld@intel.com commit 1fea3e2656595fe8a9d9485aaae1bfa3a14f2d31 Author: Hamza Mahfooz Date: Wed Jul 3 15:13:41 2024 -0400 MAINTAINERS: add an entry for AMD DC DML We want all DML changes to be reviewed by Chaitanya or Jun. So, add an entry for DML to MAINTAINERS. Suggested-by: Rodrigo Siqueira Acked-by: Alex Deucher Signed-off-by: Hamza Mahfooz Link: https://patchwork.freedesktop.org/patch/msgid/20240703191341.239296-1-hamza.mahfooz@amd.com commit 3078d9c8b6a0939bc732fd1c36ef86c0178127dd Author: Michal Wajdeczko Date: Tue Jul 2 20:37:04 2024 +0200 drm/xe: Use VF_CAP_REG for device wmb To force a write barrier on the device memory, we write to the SOFTWARE_FLAGS_SPR33 register, but this particular register was selected because it was one of the writable and unused register. Since a write barrier should also work if we use the read-only register, switch to VF_CAP_REG register that is also marked as accessible for VFs. While at it, add simple kernel-doc for xe_device_wmb() function. Signed-off-by: Michal Wajdeczko Cc: Matt Roper Reviewed-by: Matt Roper Reviewed-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240702183704.1022-4-michal.wajdeczko@intel.com commit 466a6c3855cf00653c14a92a6e9f8ae50077b77d Author: Michal Wajdeczko Date: Tue Jul 2 20:37:03 2024 +0200 drm/xe: Kill regs/xe_sriov_regs.h There is no real benefit to maintain a separate file. The register definitions related to SR-IOV can be placed in existing headers. Signed-off-by: Michal Wajdeczko Reviewed-by: Matt Roper Reviewed-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240702183704.1022-3-michal.wajdeczko@intel.com commit 9dae9751c7b0086963f5cbb82424b5e4cf58f123 Author: Michal Wajdeczko Date: Tue Jul 2 20:37:02 2024 +0200 drm/xe: Fix register definition order in xe_regs.h Swap XEHP_CLOCK_GATE_DIS(0x101014) with GU_DEBUG(x101018). Signed-off-by: Michal Wajdeczko Reviewed-by: Matt Roper Reviewed-by: Himal Prasad Ghimiray Link: https://patchwork.freedesktop.org/patch/msgid/20240702183704.1022-2-michal.wajdeczko@intel.com commit 04e9c0ce19ac68afd8be7fd54772db3b0356cf75 Author: Matthew Brost Date: Wed Jul 3 21:16:52 2024 -0700 drm/xe: Add VM bind IOCTL error injection Add VM bind IOCTL error injection which steals MSB of the bind flags field which if set injects errors at various points in the VM bind IOCTL. Intended to validate error paths. Enabled by CONFIG_DRM_XE_DEBUG. v4: - Change define layout (Jonathan) Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240704041652.272920-8-matthew.brost@intel.com commit a708f6501c692551e3d4ea618c44021f436730d9 Author: Matthew Brost Date: Wed Jul 3 21:16:51 2024 -0700 drm/xe: Update PT layer with better error handling Update PT layer so if a memory allocation for a PTE fails the error can be propagated to the user without requiring the VM to be killed. v5: - change return value invalidation_fence_init to void (Matthew Auld) v7: - Invert i,j usage in two places (Matthew Auld) - s/0/NULL (Matthew Auld) - Don't ignore return value of xe_pt_new_shared (Matthew Auld) - Don't check for NULL in xe_pt_entry (Matthew Auld) Signed-off-by: Matthew Brost Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240704041652.272920-7-matthew.brost@intel.com commit 282e6f846d8c3fcf36293f68f38d814645c3b852 Author: Matthew Brost Date: Wed Jul 3 21:16:50 2024 -0700 drm/xe: Update VM trace events The trace events have changed moving to a single job per VM bind IOCTL, update the trace events align with old behavior as much as possible. Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240704041652.272920-6-matthew.brost@intel.com commit e8babb280b5ef904df54b3a90e5a7e3a9600c4a9 Author: Matthew Brost Date: Wed Jul 3 21:16:49 2024 -0700 drm/xe: Convert multiple bind ops into single job This aligns with the uAPI of an array of binds or single bind that results in multiple GPUVA ops to be considered a single atomic operations. The design is roughly: - xe_vma_ops is a list of xe_vma_op (GPUVA op) - each xe_vma_op resolves to 0-3 PT ops - xe_vma_ops creates a single job - if at any point during binding a failure occurs, xe_vma_ops contains the information necessary unwind the PT and VMA (GPUVA) state v2: - add missing dma-resv slot reservation (CI, testing) v4: - Fix TLB invalidation (Paulo) - Add missing xe_sched_job_last_fence_add/test_dep check (Inspection) v5: - Invert i, j usage (Matthew Auld) - Add helper to test and add job dep (Matthew Auld) - Return on anything but -ETIME for cpu bind (Matthew Auld) - Return -ENOBUFS if suballoc of BB fails due to size (Matthew Auld) - s/do/Do (Matthew Auld) - Add missing comma (Matthew Auld) - Do not assign return value to xe_range_fence_insert (Matthew Auld) v6: - s/0x1ff/MAX_PTE_PER_SDI (Matthew Auld, CI) - Check to large of SA in Xe to avoid triggering WARN (Matthew Auld) - Fix checkpatch issues v7: - Rebase - Support more than 510 PTEs updates in a bind job (Paulo, mesa testing) v8: - Rebase Cc: Thomas Hellström Signed-off-by: Matthew Brost Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240704041652.272920-5-matthew.brost@intel.com commit 96e7ebb220f8a873321cfc5a87bc4533d36ec444 Author: Matthew Brost Date: Wed Jul 3 21:16:48 2024 -0700 drm/xe: Add xe_exec_queue_last_fence_test_dep Helpful to determine if a bind can immediately use CPU or needs to be deferred a drm scheduler job. v7: - Better wording in kernel doc (Matthew Auld) Signed-off-by: Matthew Brost Reviewed-by: Matthew Auld Link: https://patchwork.freedesktop.org/patch/msgid/20240704041652.272920-4-matthew.brost@intel.com commit 2e524668c440104633af1effcc85d1d6234c7ccf Author: Matthew Brost Date: Wed Jul 3 21:16:47 2024 -0700 drm/xe: Add xe_vm_pgtable_update_op to xe_vma_ops Each xe_vma_op resolves to 0-3 pt_ops. Add storage for the pt_ops to xe_vma_ops which is dynamically allocated based the number and types of xe_vma_op in the xe_vma_ops list. Allocation only implemented in this patch. This will help with converting xe_vma_ops (multiple xe_vma_op) in a atomic update unit. Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240704041652.272920-3-matthew.brost@intel.com commit 67d90d679eb3447f73e2a1fe55f7e6c6a44c9fa1 Author: Matthew Brost Date: Wed Jul 3 21:16:46 2024 -0700 drm/xe: s/xe_tile_migrate_engine/xe_tile_migrate_exec_queue Engine is old nomenclature, replace with exec queue. Signed-off-by: Matthew Brost Reviewed-by: Jonathan Cavitt Link: https://patchwork.freedesktop.org/patch/msgid/20240704041652.272920-2-matthew.brost@intel.com commit 8169b2097d88d99d7e4a72e20e4b549efe9eb8d7 Author: Ashutosh Dixit Date: Wed Jul 3 09:48:01 2024 -0700 drm/xe/uapi: Rename xe perf layer as xe observation layer In Xe, the perf layer allows capture of HW counter streams. These HW counters are generally performance related but don't have to be necessarily so. Also, the name "perf" is a carryover from i915 and is not preferred. Here we propose the name "observation" for this common layer which allows capture of different types of these counter streams. v2: Rename observability layer to observation layer (Lucas/Rodrigo) v3: Rename sysctl file to "observation_paranoid" (Jose) Fixes: 52c2e956dceb ("drm/xe/perf/uapi: "Perf" layer to support multiple perf counter stream types") Fixes: fe8929bdf835 ("drm/xe/perf/uapi: Add perf_stream_paranoid sysctl") Acked-by: Lucas De Marchi Acked-by: Rodrigo Vivi Signed-off-by: Ashutosh Dixit Reviewed-by: Umesh Nerlige Ramappa Acked-by: José Roberto de Souza Link: https://patchwork.freedesktop.org/patch/msgid/20240703164801.2561423-1-ashutosh.dixit@intel.com commit 627c961d672d3304564455ba471f5e4405170eec Author: Matthew Brost Date: Tue Jun 25 17:41:37 2024 -0700 drm/xe: Add timeout to preempt fences To adhere to dma fencing rules that fences must signal within a reasonable amount of time, add a 5 second timeout to preempt fences. If this timeout occurs, kill the associated VM as this fatal to the VM. v2: - Add comment for smp_wmb (Checkpatch) - Fix kernel doc typo (Inspection) - Add comment for killed check (Niranjana) v3: - Drop smp_wmb (Matthew Auld) - Don't take vm->lock in preempt fence worker (Matthew Auld) - Drop RB given changes to patch v4: - Add WRITE/READ_ONCE (Niranjana) - Don't export xe_vm_kill (Niranjana) Cc: Matthew Auld Cc: Niranjana Vishwanathapura Signed-off-by: Matthew Brost Tested-by: Stuart Summers Reviewed-by: Niranjana Vishwanathapura Link: https://patchwork.freedesktop.org/patch/msgid/20240626004137.4060806-1-matthew.brost@intel.com commit b7c35279e0da414e7d90eba76f58a16223a734cb Author: Yosry Ahmed Date: Tue Jul 2 13:21:39 2024 +0000 x86/mm: Cleanup prctl_enable_tagged_addr() nr_bits error checking There are two separate checks in prctl_enable_tagged_addr() that nr_bits is in the correct range. The checks are arranged such the correct case is sandwiched between both error cases, which do exactly the same thing. Simplify the if condition and pull the correct case outside with the rest of the success code path. Signed-off-by: Yosry Ahmed Signed-off-by: Dave Hansen Reviewed-by: Kirill A. Shutemov Link: https://lore.kernel.org/all/20240702132139.3332013-4-yosryahmed%40google.com commit ec225f8c255fd0f256c282cc73d211550cb08b34 Author: Yosry Ahmed Date: Tue Jul 2 13:21:38 2024 +0000 x86/mm: Fix LAM inconsistency during context switch LAM can only be enabled when a process is single-threaded. But _kernel_ threads can temporarily use a single-threaded process's mm. That means that a context-switching kernel thread can race and observe the mm's LAM metadata (mm->context.lam_cr3_mask) change. The context switch code does two logical things with that metadata: populate CR3 and populate 'cpu_tlbstate.lam'. If it hits this race, 'cpu_tlbstate.lam' and CR3 can end up out of sync. This de-synchronization is currently harmless. But it is confusing and might lead to warnings or real bugs. Update set_tlbstate_lam_mode() to take in the LAM mask and untag mask instead of an mm_struct pointer, and while we are at it, rename it to cpu_tlbstate_update_lam(). This should also make it clearer that we are updating cpu_tlbstate. In switch_mm_irqs_off(), read the LAM mask once and use it for both the cpu_tlbstate update and the CR3 update. Signed-off-by: Yosry Ahmed Signed-off-by: Dave Hansen Reviewed-by: Kirill A. Shutemov Link: https://lore.kernel.org/all/20240702132139.3332013-3-yosryahmed%40google.com commit 3b299b99556c1753923f8d9bbd9304bcd139282f Author: Yosry Ahmed Date: Tue Jul 2 13:21:37 2024 +0000 x86/mm: Use IPIs to synchronize LAM enablement LAM can only be enabled when a process is single-threaded. But _kernel_ threads can temporarily use a single-threaded process's mm. If LAM is enabled by a userspace process while a kthread is using its mm, the kthread will not observe LAM enablement (i.e. LAM will be disabled in CR3). This could be fine for the kthread itself, as LAM only affects userspace addresses. However, if the kthread context switches to a thread in the same userspace process, CR3 may or may not be updated because the mm_struct doesn't change (based on pending TLB flushes). If CR3 is not updated, the userspace thread will run incorrectly with LAM disabled, which may cause page faults when using tagged addresses. Example scenario: CPU 1 CPU 2 /* kthread */ kthread_use_mm() /* user thread */ prctl_enable_tagged_addr() /* LAM enabled on CPU 2 */ /* LAM disabled on CPU 1 */ context_switch() /* to CPU 1 */ /* Switching to user thread */ switch_mm_irqs_off() /* CR3 not updated */ /* LAM is still disabled on CPU 1 */ Synchronize LAM enablement by sending an IPI to all CPUs running with the mm_struct to enable LAM. This makes sure LAM is enabled on CPU 1 in the above scenario before prctl_enable_tagged_addr() returns and userspace starts using tagged addresses, and before it's possible to run the userspace process on CPU 1. In switch_mm_irqs_off(), move reading the LAM mask until after mm_cpumask() is updated. This ensures that if an outdated LAM mask is written to CR3, an IPI is received to update it right after IRQs are re-enabled. [ dhansen: Add a LAM enabling helper and comment it ] Fixes: 82721d8b25d7 ("x86/mm: Handle LAM on context switch") Suggested-by: Andy Lutomirski Signed-off-by: Yosry Ahmed Signed-off-by: Dave Hansen Reviewed-by: Kirill A. Shutemov Link: https://lore.kernel.org/all/20240702132139.3332013-2-yosryahmed%40google.com commit 18b2bd03371b64fdb21b31eb48095099d95b56ef Author: Aboorva Devarajan Date: Tue Jul 2 14:08:39 2024 +0530 sched_ext: Documentation: Remove mentions of scx_bpf_switch_all Updated sched_ext doc to eliminate references to scx_bpf_switch_all, which has been removed in recent sched_ext versions. Signed-off-by: Aboorva Devarajan Signed-off-by: Tejun Heo commit 7c0389c615b5c6aef1b0e38e30db759b3cbff885 Author: Michal Wajdeczko Date: Mon Jul 1 21:30:30 2024 +0200 drm/xe/guc: Demote GuC IDs usage message to debug Printing message at INFO level about available GuC IDs is not that important, DEBUG level is enough. It will also match message about available doorbells: [ ] xe ... [drm:xe_guc_id_mgr_init [xe]] GT0: using 65535 GuC IDs [ ] xe ... [drm:xe_guc_db_mgr_init [xe]] GT0: using 256 doorbells While at it, use proper "GuC" name. Signed-off-by: Michal Wajdeczko Reviewed-by: Rodrigo Vivi Link: https://patchwork.freedesktop.org/patch/msgid/20240701193030.978-1-michal.wajdeczko@intel.com commit af05917c221e97d723017b157e6e2d373f81a47f Merge: 1613e604df0cd3 466da3d2d967ee Author: Stephen Boyd Date: Mon Jul 1 13:25:33 2024 -0700 Merge tag 'clk-imx-6.11' of git://git.kernel.org/pub/scm/linux/kernel/git/abelvesa/linux into clk-imx Pull i.MX clk driver updates from Abel Vesa: - Add reset controller support to audiomix block control - Add CLK_SET_RATE_PARENT flag to all audiomix clocks and to i.MX7D lcdif_pixel_src clock - Fix parent clocks for earc_phy and audpll on i.MX8MP - Fix default parents for enet[12]_ref_sel on i.MX6UL - Add ops in composite 8M and 93 that allow no-op on disable - Add check for PCC present bit on composite 7ULP register - Fix fractional part for fracn-gppll on prepare - Fix clock tree update for TF-A managed clocks on i.MX8M - Drop CLK_SET_PARENT_GATE for DRAM mux on i.MX7D - Add the SAI7 IPG clock for i.MX8MN - Mark the 'nand_usdhc_bus' clock as non-critical on i.MX8MM - Add LVDS bypass clocks on i.MX8QXP - Add muxes for MIPI and PHY ref clocks - Reorder dc0_bypass0_clk, lcd_pxl and dc1_disp clocks on i.MX8QXP - Add 1039.5MHz and 800MHz rates to fracn-gppll table - Add CLK_SET_RATE_PARENT for media_disp pixel clocks on i.MX8QXP - Add some module descriptions to the i.MX generic and the i.MXRT1050 driver. - Fix return value for bypass for composite 7ULP * tag 'clk-imx-6.11' of git://git.kernel.org/pub/scm/linux/kernel/git/abelvesa/linux: (22 commits) clk: imx: composite-7ulp: Use NULL instead of 0 clk: imx: add missing MODULE_DESCRIPTION() macros clk: imx: clk-imx8mp: Allow media_disp pixel clock reconfigure parent rate clk: imx: fracn-gppll: update rate table clk: imx: imx8qxp: Parent should be initialized earlier than the clock clk: imx: imx8qxp: Register dc0_bypass0_clk before disp clk clk: imx: imx8qxp: Add clock muxes for MIPI and PHY ref clocks clk: imx: imx8qxp: Add LVDS bypass clocks clk: imx: imx8mm: Change the 'nand_usdhc_bus' clock to non-critical one clk: imx: imx8mn: add sai7_ipg_clk clock settings clk: imx: add CLK_SET_RATE_PARENT for lcdif_pixel_src for i.MX7D clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D clk: imx: imx8mp: fix clock tree update of TF-A managed clocks clk: imx: fracn-gppll: fix fractional part of PLL getting lost clk: imx: composite-7ulp: Check the PCC present bit clk: imx: composite-93: keep root clock on when mcore enabled clk: imx: composite-8m: Enable gate clk with mcore_booted clk: imx: imx6ul: fix default parent for enet*_ref_sel clk: imx: clk-audiomix: Correct parent clock for earc_phy and audpll clk: imx: clk-audiomix: Add CLK_SET_RATE_PARENT flags for clocks ... commit b651d7c39289850b5a0a2c67231dd36117340a2e Author: Tejun Heo Date: Mon Jul 1 08:30:02 2024 -1000 sched_ext: Swap argument positions in kcalloc() call to avoid compiler warning alloc_exit_info() calls kcalloc() but puts in the size of the element as the first argument which triggers the following gcc warning: kernel/sched/ext.c:3815:32: warning: ‘kmalloc_array_noprof’ sizes specified with ‘sizeof’ in the earlier argument and not in the later argument [-Wcalloc-transposed-args] Fix it by swapping the positions of the first two arguments. No functional changes. Signed-off-by: Tejun Heo Reported-by: Vishal Chourasia Link: http://lkml.kernel.org/r/ZoG6zreEtQhAUr_2@linux.ibm.com commit 9fc97277eb2d17492de636b68cf7d2f5c4f15c1b Author: Gustavo Sousa Date: Tue Jun 25 17:26:52 2024 -0300 drm/i915: Skip programming FIA link enable bits for MTL+ Starting with Xe_LPD+, although FIA is still used to readout Type-C pin assignment, part of Type-C support is moved to PICA and programming PORT_TX_DFLEXDPMLE1(*) registers is not applicable anymore like it was for previous display IPs (e.g. see BSpec 49190). v2: - Mention Bspec 49190 as a reference of instructions for previous IPs. (Shekhar Chauhan) - s/Xe_LPDP/Xe_LPD+/ in the commit message. (Matt Roper) - Update commit message to be more accurate to the changes in the IP. (Imre Deak) Bspec: 65750, 65448 Reviewed-by: Shekhar Chauhan Reviewed-by: Imre Deak Link: https://patchwork.freedesktop.org/patch/msgid/20240625202652.315936-1-gustavo.sousa@intel.com Signed-off-by: Gustavo Sousa commit b5ba2e1a955417e78a6018fb736a14c03df0abcd Author: Andrea Righi Date: Thu Jun 27 20:45:22 2024 +0200 sched_ext: add CONFIG_DEBUG_INFO_BTF dependency Without BTF, attempting to load any sched_ext scheduler will result in an error like the following: libbpf: kernel BTF is missing at '/sys/kernel/btf/vmlinux', was CONFIG_DEBUG_INFO_BTF enabled? This makes sched_ext pretty much unusable, so explicitly depend on CONFIG_DEBUG_INFO_BTF to prevent these issues. Signed-off-by: Andrea Righi Signed-off-by: Tejun Heo commit 1ff4f169c9f576a73c529365770d82595c53b6ef Author: Andrea Righi Date: Thu Jun 27 20:50:09 2024 +0200 sched_ext: fix typo in set_weight() description Correct eight to weight in the description of the .set_weight() operation in sched_ext_ops. Signed-off-by: Andrea Righi Signed-off-by: Tejun Heo commit f97dcd0fcf7a95aaf448a9d1a7ed6c95e16dfcdb Author: Colin Ian King Date: Thu Jun 27 18:11:32 2024 +0100 sched_ext: Fix spelling mistake: "intead" -> "instead" There is a spelling mistake in the help text. Fix it. Signed-off-by: Colin Ian King Signed-off-by: Tejun Heo commit eb4a3b629b4d61e83dc49541185100a297a7e6ba Author: Tejun Heo Date: Mon Jun 24 16:00:37 2024 -1000 sched_ext: Drop tools_clean target from the top-level Makefile 2a52ca7c9896 ("sched_ext: Add scx_simple and scx_example_qmap example schedulers") added the tools_clean target which is triggered by mrproper. The tools_clean target triggers the sched_ext_clean target in tools/. This unfortunately makes mrproper fail when no BTF enabled kernel image is found: Makefile:83: *** Cannot find a vmlinux for VMLINUX_BTF at any of " ../../vmlinux /sys/kernel/btf/vmlinux/boot/vmlinux-4.15.0-136-generic". Stop. Makefile:192: recipe for target 'sched_ext_clean' failed make[2]: *** [sched_ext_clean] Error 2 Makefile:1361: recipe for target 'sched_ext' failed make[1]: *** [sched_ext] Error 2 Makefile:240: recipe for target '__sub-make' failed make: *** [__sub-make] Error 2 Clean targets shouldn't fail like this but also it's really odd for mrproper to single out and trigger the sched_ext_clean target when no other clean targets under tools/ are triggered. Fix builds by dropping the tools_clean target from the top-level Makefile. The offending Makefile line is shared across BPF targets under tools/. Let's revisit them later. Signed-off-by: Tejun Heo Reported-by: Jon Hunter Link: http://lkml.kernel.org/r/ac065f1f-8754-4626-95db-2c9fcf02567b@nvidia.com Fixes: 2a52ca7c9896 ("sched_ext: Add scx_simple and scx_example_qmap example schedulers") Cc: David Vernet commit 466da3d2d967ee87d82060df2bc9c6ad4fc4af49 Author: Peng Fan Date: Mon Jun 24 10:43:51 2024 +0800 clk: imx: composite-7ulp: Use NULL instead of 0 Address the sparse warnings " sparse warnings: (new ones prefixed by >>) >> drivers/clk/imx/clk-composite-7ulp.c:85:24: sparse: sparse: Using plain integer as NULL pointer " Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202406220536.JnAncjqz-lkp@intel.com/ Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240624024351.488492-1-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit 1919d77a9591aa692c8de11540ffc0e7d18eabb4 Author: Jeff Johnson Date: Sun Jun 2 08:59:17 2024 -0700 clk: imx: add missing MODULE_DESCRIPTION() macros make allmodconfig && make W=1 C=1 reports: WARNING: modpost: missing MODULE_DESCRIPTION() in drivers/clk/imx/mxc-clk.o WARNING: modpost: missing MODULE_DESCRIPTION() in drivers/clk/imx/clk-imxrt1050.o Add the missing invocations of the MODULE_DESCRIPTION() macro. Signed-off-by: Jeff Johnson Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240602-md-clk-imx-v1-1-5c6d240f6fab@quicinc.com Signed-off-by: Abel Vesa commit 8a6c6b4b935f1613273f71609b69844babd8ff9e Author: David Vernet Date: Sun Jun 23 03:10:36 2024 -0500 sched_ext: Make scx_bpf_cpuperf_set() @cpu arg signed The scx_bpf_cpuperf_set() kfunc allows a BPF program to set the relative performance target of a specified CPU. Commit d86adb4fc065 ("sched_ext: Add cpuperf support") defined the @cpu argument to be unsigned. Let's update it to be signed to match the norm for the rest of ext.c and the kernel. Note that the kfunc declaration of scx_bpf_cpuperf_set() in the common.bpf.h header in tools/sched_ext already listed the cpu as signed, so this also fixes the build for tools/sched_ext and the sched_ext selftests due to kfunc declarations now being emitted in vmlinux.h based on BTF (thus causing the compiler to error due to observing conflicting types). Fixes: d86adb4fc065 ("sched_ext: Add cpuperf support") Signed-off-by: David Vernet Signed-off-by: Tejun Heo commit d86adb4fc0655a0867da811d000df75d2a325ef6 Author: Tejun Heo Date: Fri Jun 21 12:37:22 2024 -1000 sched_ext: Add cpuperf support sched_ext currently does not integrate with schedutil. When schedutil is the governor, frequencies are left unregulated and usually get stuck close to the highest performance level from running RT tasks. Add CPU performance monitoring and scaling support by integrating into schedutil. The following kfuncs are added: - scx_bpf_cpuperf_cap(): Query the relative performance capacity of different CPUs in the system. - scx_bpf_cpuperf_cur(): Query the current performance level of a CPU relative to its max performance. - scx_bpf_cpuperf_set(): Set the current target performance level of a CPU. This gives direct control over CPU performance setting to the BPF scheduler. The only changes on the schedutil side are accounting for the utilization factor from sched_ext and disabling frequency holding heuristics as it may not apply well to sched_ext schedulers which may have a lot weaker connection between tasks and their current / last CPU. With cpuperf support added, there is no reason to block uclamp. Enable while at it. A toy implementation of cpuperf is added to scx_qmap as a demonstration of the feature. v2: Ignore cpu_util_cfs_boost() when scx_switched_all() in sugov_get_util() to avoid factoring in stale util metric. (Christian) Signed-off-by: Tejun Heo Reviewed-by: David Vernet Cc: Rafael J. Wysocki Cc: Viresh Kumar Cc: Christian Loehle commit 8988cad8d06eb6097667925d2eb0522850bb0aac Author: Tejun Heo Date: Fri Jun 21 12:37:03 2024 -1000 cpufreq_schedutil: Refactor sugov_cpu_is_busy() sugov_cpu_is_busy() is used to avoid decreasing performance level while the CPU is busy and called by sugov_update_single_freq() and sugov_update_single_perf(). Both callers repeat the same pattern to first test for uclamp and then the business. Let's refactor so that the tests aren't repeated. The new helper is named sugov_hold_freq() and tests both the uclamp exception and CPU business. No functional changes. This will make adding more exception conditions easier. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Reviewed-by: Christian Loehle Acked-by: Rafael J. Wysocki Cc: Viresh Kumar commit b999e365c2982dbd50f01fec520215d3c61ea2aa Author: Tejun Heo Date: Thu Jun 20 12:15:02 2024 -1000 sched, sched_ext: Replace scx_next_task_picked() with sched_class->switch_class() scx_next_task_picked() is used by sched_ext to notify the BPF scheduler when a CPU is taken away by a task dispatched from a higher priority sched_class so that the BPF scheduler can, e.g., punt the task[s] which was running or were waiting for the CPU to other CPUs. Replace the sched_ext specific hook scx_next_task_picked() with a new sched_class operation switch_class(). The changes are straightforward and the code looks better afterwards. However, when !CONFIG_SCHED_CLASS_EXT, this ends up adding an unused hook which is unlikely to be useful to other sched_classes. For further discussion on this subject, please refer to the following: http://lkml.kernel.org/r/CAHk-=wjFPLqo7AXu8maAGEGnOy6reUg-F4zzFhVB0Kyu22h7pw@mail.gmail.com Signed-off-by: Tejun Heo Suggested-by: Linus Torvalds Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner commit ff06ea04e4cf3ba2f025024776e83bfbdfa05155 Author: Marek Vasut Date: Fri May 31 22:26:26 2024 +0200 clk: imx: clk-imx8mp: Allow media_disp pixel clock reconfigure parent rate The media_disp[12]_pix clock supply LCDIFv3 pixel clock output. These clocks are usually the only downstream clock from Video PLL on i.MX8MP. Allow these clocks to reconfigure the Video PLL, as that results in accurate pixel clock. If the Video PLL is not reconfigured, the pixel clock accuracy is low. Signed-off-by: Marek Vasut Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240531202648.277078-1-marex@denx.de Signed-off-by: Abel Vesa commit 2c3499c761e0d695f08463943c1bca95ffc92d68 Author: Peng Fan Date: Fri Jun 7 21:33:47 2024 +0800 clk: imx: fracn-gppll: update rate table - Add 1039.5MHz clock for video PLL to fulfill the LVDS display 148.5MHz * 7 requirement - Add 800MHz clock for ARM PLL Signed-off-by: Jacky Bai Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-16-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit 766c386c16c9899461b83573a06380d364c6e261 Author: Peng Fan Date: Fri Jun 7 21:33:46 2024 +0800 clk: imx: imx8qxp: Parent should be initialized earlier than the clock The initialization order of SCU clocks affects the sequence of SCU clock resume. If there are no other effects, the earlier the initialization, the earlier the resume. During SCU clock resume, the clock rate is restored. As SCFW guidelines, configure the parent clock rate before configuring the child rate. Fixes: babfaa9556d7 ("clk: imx: scu: add more scu clocks") Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-15-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit e61352d5ecdc0da2e7253121c15d9a3e040f78a1 Author: Peng Fan Date: Fri Jun 7 21:33:45 2024 +0800 clk: imx: imx8qxp: Register dc0_bypass0_clk before disp clk The initialization order of SCU clocks affects the sequence of SCU clock resume. If there are no other effects, the earlier the initialization, the earlier the resume. During SCU clock resume, the clock rate is restored. As SCFW guidelines, configure the parent clock rate before configuring the child rate. Fixes: 91e916771de0 ("clk: imx: scu: remove legacy scu clock binding support") Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-14-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit 236f32230c243b5f6f5e80730a8133fbded2beed Author: Oliver F. Brown Date: Fri Jun 7 21:33:44 2024 +0800 clk: imx: imx8qxp: Add clock muxes for MIPI and PHY ref clocks The MIPI Pixel and PHY Reference can use the bypass clock as a source. The MIPI bypass clock is the Pixel clock from the Display controller via the pixel link. Using the pixel clock for the PHY reference allows the MIPI bit clock match the pixel rate exactly. The MIPI pixel clock is currently set to be source from the bypass clock in the SCFW. This patch allows the pixel clock parent to be set by the kernel in the event that the SCFW default clock parent may change in the future. Signed-off-by: Oliver F. Brown Signed-off-by: Robert Chiras Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-13-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit 79124129305fc1eec4050a34d15eda65b103ad20 Author: Peng Fan Date: Fri Jun 7 21:33:43 2024 +0800 clk: imx: imx8qxp: Add LVDS bypass clocks For iMX8QXP and iMX8QM, add bypass clocks and register some of the LVDS clocks with imx_clk_scu2 as the parent needs to explicitly set. In order to make sure MIPI DSI works well after suspend/resume, the LVDS pixel and phy clocks must be initialized before the MIPI tx_esacpe and rx_escape clocks. LVDS phy, LVDS pixel, tx_escape, and rx_esacpe are all on the same MSLICE. They all share the same clock parent. So, setting the parent source or rate affects all of these clocks. In the LVDS use case the MIPI tx_escape and rx_escape are not saved and restored. So, LVDS works for either clock initialization order. For MIPI case, LVDS must be initialized first. Signed-off-by: Ranjani Vaidyanathan Signed-off-by: Oliver F. Brown Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-12-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit 6937d3a2e7373af7e2e447186e76443e54493a98 Author: Jacky Bai Date: Fri Jun 7 21:33:42 2024 +0800 clk: imx: imx8mm: Change the 'nand_usdhc_bus' clock to non-critical one The 'nand_usdhc_bus' clock is only need to be enabled when usdhc or nand module is active, so change it to non-critical clock type. Signed-off-by: Jacky Bai Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-11-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit b340ff2721a50d1a2ee381fd9bb60dba8cd3f68b Author: Adrian Alonso Date: Fri Jun 7 21:33:41 2024 +0800 clk: imx: imx8mn: add sai7_ipg_clk clock settings Add IMX8MN_CLK_SAI7_IPG clock entry. Reviewed-by: Peng Fan Signed-off-by: Adrian Alonso Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-10-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit fcc2a79a6091a5f6dafaf0c217a2ae479d11ebef Author: Peng Fan Date: Fri Jun 7 21:33:40 2024 +0800 clk: imx: add CLK_SET_RATE_PARENT for lcdif_pixel_src for i.MX7D Add flag 'CLK_SET_RATE_PARENT' to 'IMX7D_LCDIF_PIXEL_ROOT_SRC' to propagate rate changes from LCDIF pixel clock to video PLL to provide more accurate clock rate for LCDIF pixel clock. Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-9-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit a54c441b46a0745683c2eef5a359d22856d27323 Author: Peng Fan Date: Fri Jun 7 21:33:39 2024 +0800 clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D For i.MX7D DRAM related mux clock, the clock source change should ONLY be done done in low level asm code without accessing DRAM, and then calling clk API to sync the HW clock status with clk tree, it should never touch real clock source switch via clk API, so CLK_SET_PARENT_GATE flag should NOT be added, otherwise, DRAM's clock parent will be disabled when DRAM is active, and system will hang. Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-8-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit 3d29036853b9cb07ac49e8261fca82a940be5c41 Author: Zhipeng Wang Date: Fri Jun 7 21:33:38 2024 +0800 clk: imx: imx8mp: fix clock tree update of TF-A managed clocks On the i.MX8M*, the TF-A exposes a SiP (Silicon Provider) service for DDR frequency scaling. The imx8m-ddrc-devfreq driver calls the SiP and then does clk_set_parent on the DDR muxes to synchronize the clock tree. since commit 936c383673b9 ("clk: imx: fix composite peripheral flags"), these TF-A managed muxes have SET_PARENT_GATE set, which results in imx8m-ddrc-devfreq's clk_set_parent after SiP failing with -EBUSY: clk_set_parent(dram_apb_src, sys1_pll_40m);(busfreq-imx8mq.c) commit 926bf91248dd ("clk: imx8m: fix clock tree update of TF-A managed clocks") adds this method and enables 8mm, 8mn and 8mq. i.MX8MP also needs it. This is safe to do, because updating the Linux clock tree to reflect reality will always be glitch-free. Another reason to this patch is that powersave image BT music requires dram to be 400MTS, so clk_set_parent(dram_alt_src, sys1_pll_800m); is required. Without this patch, it will not succeed. Fixes: 936c383673b9 ("clk: imx: fix composite peripheral flags") Signed-off-by: Zhipeng Wang Reviewed-by: Ahmad Fatoum Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-7-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit 7622f888fca125ae46f695edf918798ebc0506c5 Author: Pengfei Li Date: Fri Jun 7 21:33:36 2024 +0800 clk: imx: fracn-gppll: fix fractional part of PLL getting lost Fractional part of PLL gets lost after re-enabling the PLL. the MFN can NOT be automatically loaded when doing frac PLL enable/disable, So when re-enable PLL, configure mfn explicitly. Fixes: 1b26cb8a77a4 ("clk: imx: support fracn gppll") Signed-off-by: Pengfei Li Reviewed-by: Jacky Bai Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-5-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit 4717ccadb51e2630790dddd222830702de17f090 Author: Ye Li Date: Fri Jun 7 21:33:35 2024 +0800 clk: imx: composite-7ulp: Check the PCC present bit When some module is disabled by fuse, its PCC PR bit is default 0 and PCC is not operational. Any write to this PCC will cause SError. Fixes: b40ba8065347 ("clk: imx: Update the compsite driver to support imx8ulp") Reviewed-by: Peng Fan Signed-off-by: Ye Li Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-4-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit d342df11726bfac9c3a9d2037afa508ac0e9e44e Author: Jacky Bai Date: Fri Jun 7 21:33:34 2024 +0800 clk: imx: composite-93: keep root clock on when mcore enabled Previously we assumed that the root clock slice is enabled by default when kernel boot up. But the bootloader may disable the clocks before jump into kernel. The gate ops should be registered rather than NULL to make sure the disabled clock can be enabled when kernel boot up. Refine the code to skip disable the clock if mcore booted. Fixes: a740d7350ff7 ("clk: imx: imx93: add mcore_booted module paratemter") Signed-off-by: Jacky Bai Reviewed-by: Peng Fan Tested-by: Chancel Liu Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-3-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit 8f32e9dd0916eb3fd4bcf550ed1d04542a65cb9e Author: Peng Fan Date: Fri Jun 7 21:33:33 2024 +0800 clk: imx: composite-8m: Enable gate clk with mcore_booted Bootloader might disable some CCM ROOT Slices. So if mcore_booted set with display CCM ROOT disabled by Bootloader, kernel display BLK CTRL driver imx8m_blk_ctrl_driver_init may hang the system because the BUS clk is disabled. Add back gate ops, but with disable doing nothing, then the CCM ROOT will be enabled when used. Fixes: bb7e897b002a ("clk: imx8m: check mcore_booted before register clk") Reviewed-by: Ye Li Reviewed-by: Jacky Bai Signed-off-by: Peng Fan Reviewed-by: Abel Vesa Link: https://lore.kernel.org/r/20240607133347.3291040-2-peng.fan@oss.nxp.com Signed-off-by: Abel Vesa commit e52fd71333b4ed78fd5bb43094bdc46476614d25 Author: Sebastien Laveze Date: Tue May 28 17:14:33 2024 +0200 clk: imx: imx6ul: fix default parent for enet*_ref_sel The clk_set_parent for "enet1_ref_sel" and "enet2_ref_sel" are incorrect, therefore the original requirements to have "enet_clk_ref" as output sourced by iMX ENET PLL as a default config is not met. Only "enet[1,2]_ref_125m" "enet[1,2]_ref_pad" are possible parents for "enet1_ref_sel" and "enet2_ref_sel". This was observed as a regression using a custom device tree which was expecting this default config. This can be fixed at the device tree level but having a default config matching the original behavior (before refclock mux) will avoid breaking existing configs. Fixes: 4e197ee880c2 ("clk: imx6ul: add ethernet refclock mux support") Link: https://lore.kernel.org/lkml/20230306020226.GC143566@dragon/T/ Signed-off-by: Sebastien Laveze Reviewed-by: Oleksij Rempel Link: https://lore.kernel.org/r/20240528151434.227602-1-slaveze@smartandconnective.com Signed-off-by: Abel Vesa commit d40371a1c963db688b37826adaf5ffdafb0862a1 Author: Shengjiu Wang Date: Fri Jun 14 15:42:03 2024 +0800 clk: imx: clk-audiomix: Correct parent clock for earc_phy and audpll According to Reference Manual of i.MX8MP The parent clock of "earc_phy" is "sai_pll_out_div2", The parent clock of "audpll" is "osc_24m". Add CLK_GATE_PARENT() macro for usage of specifying parent clock. Fixes: 6cd95f7b151c ("clk: imx: imx8mp: Add audiomix block control") Signed-off-by: Shengjiu Wang Reviewed-by: Peng Fan Link: https://lore.kernel.org/r/1718350923-21392-6-git-send-email-shengjiu.wang@nxp.com Signed-off-by: Abel Vesa commit dc4211c67e2069e29bc4089e177cf7f7d487e854 Author: Shengjiu Wang Date: Fri Jun 14 15:42:02 2024 +0800 clk: imx: clk-audiomix: Add CLK_SET_RATE_PARENT flags for clocks Add CLK_SET_RATE_PARENT flags that when the device driver sets the child clock rate, parent clock frequency can be refined accordingly. Signed-off-by: Shengjiu Wang Reviewed-by: Peng Fan Link: https://lore.kernel.org/r/1718350923-21392-5-git-send-email-shengjiu.wang@nxp.com Signed-off-by: Abel Vesa commit 6f0e817175c5b2e453f7ad6a4e9a8a7fd904ee4a Author: Shengjiu Wang Date: Fri Jun 14 15:42:00 2024 +0800 clk: imx: clk-audiomix: Add reset controller Audiomix block control can be a reset controller for Enhanced Audio Return Channel (EARC), which is one of modules in this audiomix subsystem. The reset controller is supported by the auxiliary device framework. Signed-off-by: Shengjiu Wang Reviewed-by: Frank Li Reviewed-by: Marco Felsch Link: https://lore.kernel.org/r/1718350923-21392-3-git-send-email-shengjiu.wang@nxp.com Signed-off-by: Abel Vesa commit d7d9ef1f40dc0639ba0901097139fcdc4bedb32e Author: Shengjiu Wang Date: Fri Jun 14 15:41:59 2024 +0800 dt-bindings: clock: imx8mp: Add #reset-cells property The Audio Block Control contains clock distribution and gating controls, as well as reset handling to several of the AUDIOMIX peripherals. Especially the reset controls for Enhanced Audio Return Channel (EARC) PHY and Controller. So make Audio Block Control a reset provider for EARC, which is one of modules in this audio subsystem. Signed-off-by: Shengjiu Wang Acked-by: Krzysztof Kozlowski Link: https://lore.kernel.org/r/1718350923-21392-2-git-send-email-shengjiu.wang@nxp.com Signed-off-by: Abel Vesa commit a5db7817af780db6a7f290c79677eff4fd13c5fa Author: David Vernet Date: Tue Jun 18 10:09:21 2024 -1000 sched_ext: Add selftests Add basic selftests. Signed-off-by: David Vernet Acked-by: Tejun Heo commit fa48e8d2c7b58d242c1db3a09c14f4274e055087 Author: Tejun Heo Date: Tue Jun 18 10:09:21 2024 -1000 sched_ext: Documentation: scheduler: Document extensible scheduler class Add Documentation/scheduler/sched-ext.rst which gives a high-level overview and pointers to the examples. v6: - Add paragraph explaining debug dump. v5: - Updated to reflect /sys/kernel interface change. Kconfig options added. v4: - README improved, reformatted in markdown and renamed to README.md. v3: - Added tools/sched_ext/README. - Dropped _example prefix from scheduler names. v2: - Apply minor edits suggested by Bagas. Caveats section dropped as all of them are addressed. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden Cc: Bagas Sanjaya commit 06e51be3d5e7a07aea5c9012773df8d5de01db6c Author: Tejun Heo Date: Tue Jun 18 10:09:21 2024 -1000 sched_ext: Add vtime-ordered priority queue to dispatch_q's Currently, a dsq is always a FIFO. A task which is dispatched earlier gets consumed or executed earlier. While this is sufficient when dsq's are used for simple staging areas for tasks which are ready to execute, it'd make dsq's a lot more useful if they can implement custom ordering. This patch adds a vtime-ordered priority queue to dsq's. When the BPF scheduler dispatches a task with the new scx_bpf_dispatch_vtime() helper, it can specify the vtime tha the task should be inserted at and the task is inserted into the priority queue in the dsq which is ordered according to time_before64() comparison of the vtime values. A DSQ can either be a FIFO or priority queue and automatically switches between the two depending on whether scx_bpf_dispatch() or scx_bpf_dispatch_vtime() is used. Using the wrong variant while the DSQ already has the other type queued is not allowed and triggers an ops error. Built-in DSQs must always be FIFOs. This makes it very easy for the BPF schedulers to implement proper vtime based scheduling within each dsq very easy and efficient at a negligible cost in terms of code complexity and overhead. scx_simple and scx_example_flatcg are updated to default to weighted vtime scheduling (the latter within each cgroup). FIFO scheduling can be selected with -f option. v4: - As allowing mixing priority queue and FIFO on the same DSQ sometimes led to unexpected starvations, DSQs now error out if both modes are used at the same time and the built-in DSQs are no longer allowed to be priority queues. - Explicit type struct scx_dsq_node added to contain fields needed to be linked on DSQs. This will be used to implement stateful iterator. - Tasks are now always linked on dsq->list whether the DSQ is in FIFO or PRIQ mode. This confines PRIQ related complexities to the enqueue and dequeue paths. Other paths only need to look at dsq->list. This will also ease implementing BPF iterator. - Print p->scx.dsq_flags in debug dump. v3: - SCX_TASK_DSQ_ON_PRIQ flag is moved from p->scx.flags into its own p->scx.dsq_flags. The flag is protected with the dsq lock unlike other flags in p->scx.flags. This led to flag corruption in some cases. - Add comments explaining the interaction between using consumption of p->scx.slice to determine vtime progress and yielding. v2: - p->scx.dsq_vtime was not initialized on load or across cgroup migrations leading to some tasks being stalled for extended period of time depending on how saturated the machine is. Fixed. Signed-off-by: Tejun Heo Reviewed-by: David Vernet commit 7b0888b7cc1924b74ce660e02f6211df8dd46e7b Author: Tejun Heo Date: Tue Jun 18 10:09:20 2024 -1000 sched_ext: Implement core-sched support The core-sched support is composed of the following parts: - task_struct->scx.core_sched_at is added. This is a timestamp which can be used to order tasks. Depending on whether the BPF scheduler implements custom ordering, it tracks either global FIFO ordering of all tasks or local-DSQ ordering within the dispatched tasks on a CPU. - prio_less() is updated to call scx_prio_less() when comparing SCX tasks. scx_prio_less() calls ops.core_sched_before() if available or uses the core_sched_at timestamp. For global FIFO ordering, the BPF scheduler doesn't need to do anything. Otherwise, it should implement ops.core_sched_before() which reflects the ordering. - When core-sched is enabled, balance_scx() balances all SMT siblings so that they all have tasks dispatched if necessary before pick_task_scx() is called. pick_task_scx() picks between the current task and the first dispatched task on the local DSQ based on availability and the core_sched_at timestamps. Note that FIFO ordering is expected among the already dispatched tasks whether running or on the local DSQ, so this path always compares core_sched_at instead of calling into ops.core_sched_before(). qmap_core_sched_before() is added to scx_qmap. It scales the distances from the heads of the queues to compare the tasks across different priority queues and seems to behave as expected. v3: Fixed build error when !CONFIG_SCHED_SMT reported by Andrea Righi. v2: Sched core added the const qualifiers to prio_less task arguments. Explicitly drop them for ops.core_sched_before() task arguments. BPF enforces access control through the verifier, so the qualifier isn't actually operative and only gets in the way when interacting with various helpers. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Reviewed-by: Josh Don Cc: Andrea Righi commit 0fd55582ed5b55998ea7df371e25ab40e5c098c3 Author: Tejun Heo Date: Tue Jun 18 10:09:20 2024 -1000 sched_ext: Bypass BPF scheduler while PM events are in progress PM operations freeze userspace. Some BPF schedulers have active userspace component and may misbehave as expected across PM events. While the system is frozen, nothing too interesting is happening in terms of scheduling and we can get by just fine with the fallback FIFO behavior. Let's make things easier by always bypassing the BPF scheduler while PM events are in progress. Signed-off-by: Tejun Heo Reviewed-by: David Vernet commit 60c27fb59f6cffa73fc8c60e3a22323c78044576 Author: Tejun Heo Date: Tue Jun 18 10:09:20 2024 -1000 sched_ext: Implement sched_ext_ops.cpu_online/offline() Add ops.cpu_online/offline() which are invoked when CPUs come online and offline respectively. As the enqueue path already automatically bypasses tasks to the local dsq on a deactivated CPU, BPF schedulers are guaranteed to see tasks only on CPUs which are between online() and offline(). If the BPF scheduler doesn't implement ops.cpu_online/offline(), the scheduler is automatically exited with SCX_ECODE_RESTART | SCX_ECODE_RSN_HOTPLUG. Userspace can implement CPU hotpplug support trivially by simply reinitializing and reloading the scheduler. scx_qmap is updated to print out online CPUs on hotplug events. Other schedulers are updated to restart based on ecode. v3: - The previous implementation added @reason to sched_class.rq_on/offline() to distinguish between CPU hotplug events and topology updates. This was buggy and fragile as the methods are skipped if the current state equals the target state. Instead, add scx_rq_[de]activate() which are directly called from sched_cpu_de/activate(). This also allows ops.cpu_on/offline() to sleep which can be useful. - ops.dispatch() could be called on a CPU that the BPF scheduler was told to be offline. The dispatch patch is updated to bypass in such cases. v2: - To accommodate lock ordering change between scx_cgroup_rwsem and cpus_read_lock(), CPU hotplug operations are put into its own SCX_OPI block and enabled eariler during scx_ope_enable() so that cpus_read_lock() can be dropped before acquiring scx_cgroup_rwsem. - Auto exit with ECODE added. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit 245254f7081dbe1c8da54675d0e4ddbe74cee61b Author: David Vernet Date: Tue Jun 18 10:09:20 2024 -1000 sched_ext: Implement sched_ext_ops.cpu_acquire/release() Scheduler classes are strictly ordered and when a higher priority class has tasks to run, the lower priority ones lose access to the CPU. Being able to monitor and act on these events are necessary for use cases includling strict core-scheduling and latency management. This patch adds two operations ops.cpu_acquire() and .cpu_release(). The former is invoked when a CPU becomes available to the BPF scheduler and the opposite for the latter. This patch also implements scx_bpf_reenqueue_local() which can be called from .cpu_release() to trigger requeueing of all tasks in the local dsq of the CPU so that the tasks can be reassigned to other available CPUs. scx_pair is updated to use .cpu_acquire/release() along with %SCX_KICK_WAIT to make the pair scheduling guarantee strict even when a CPU is preempted by a higher priority scheduler class. scx_qmap is updated to use .cpu_acquire/release() to empty the local dsq of a preempted CPU. A similar approach can be adopted by BPF schedulers that want to have a tight control over latency. v4: Use the new SCX_KICK_IDLE to wake up a CPU after re-enqueueing. v3: Drop the const qualifier from scx_cpu_release_args.task. BPF enforces access control through the verifier, so the qualifier isn't actually operative and only gets in the way when interacting with various helpers. v2: Add p->scx.kf_mask annotation to allow calling scx_bpf_reenqueue_local() from ops.cpu_release() nested inside ops.init() and other sleepable operations. Signed-off-by: David Vernet Reviewed-by: Tejun Heo Signed-off-by: Tejun Heo Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit 90e55164dad42c6546b698c031697b224a320834 Author: David Vernet Date: Tue Jun 18 10:09:20 2024 -1000 sched_ext: Implement SCX_KICK_WAIT If set when calling scx_bpf_kick_cpu(), the invoking CPU will busy wait for the kicked cpu to enter the scheduler. See the following for example usage: https://github.com/sched-ext/scx/blob/main/scheds/c/scx_pair.bpf.c v2: - Updated to fit the updated kick_cpus_irq_workfn() implementation. - Include SCX_KICK_WAIT related information in debug dump. Signed-off-by: David Vernet Reviewed-by: Tejun Heo Signed-off-by: Tejun Heo Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit 36454023f50b2aadd25b7f47c50b5edc0c59e1c0 Author: Tejun Heo Date: Tue Jun 18 10:09:19 2024 -1000 sched_ext: Track tasks that are subjects of the in-flight SCX operation When some SCX operations are in flight, it is known that the subject task's rq lock is held throughout which makes it safe to access certain fields of the task - e.g. its current task_group. We want to add SCX kfunc helpers that can make use of this guarantee - e.g. to help determining the currently associated CPU cgroup from the task's current task_group. As it'd be dangerous call such a helper on a task which isn't rq lock protected, the helper should be able to verify the input task and reject accordingly. This patch adds sched_ext_entity.kf_tasks[] that track the tasks which are currently being operated on by a terminal SCX operation. The new SCX_CALL_OP_[2]TASK[_RET]() can be used when invoking SCX operations which take tasks as arguments and the scx_kf_allowed_on_arg_tasks() can be used by kfunc helpers to verify the input task status. Note that as sched_ext_entity.kf_tasks[] can't handle nesting, the tracking is currently only limited to terminal SCX operations. If needed in the future, this restriction can be removed by moving the tracking to the task side with a couple per-task counters. v2: Updated to reflect the addition of SCX_KF_SELECT_CPU. Signed-off-by: Tejun Heo Reviewed-by: David Vernet commit 22a920209ab6aa4f8ec960ed81041643fddeaec6 Author: Tejun Heo Date: Tue Jun 18 10:09:19 2024 -1000 sched_ext: Implement tickless support Allow BPF schedulers to indicate tickless operation by setting p->scx.slice to SCX_SLICE_INF. A CPU whose current task has infinte slice goes into tickless operation. scx_central is updated to use tickless operations for all tasks and instead use a BPF timer to expire slices. This also uses the SCX_ENQ_PREEMPT and task state tracking added by the previous patches. Currently, there is no way to pin the timer on the central CPU, so it may end up on one of the worker CPUs; however, outside of that, the worker CPUs can go tickless both while running sched_ext tasks and idling. With schbench running, scx_central shows: root@test ~# grep ^LOC /proc/interrupts; sleep 10; grep ^LOC /proc/interrupts LOC: 142024 656 664 449 Local timer interrupts LOC: 161663 663 665 449 Local timer interrupts Without it: root@test ~ [SIGINT]# grep ^LOC /proc/interrupts; sleep 10; grep ^LOC /proc/interrupts LOC: 188778 3142 3793 3993 Local timer interrupts LOC: 198993 5314 6323 6438 Local timer interrupts While scx_central itself is too barebone to be useful as a production scheduler, a more featureful central scheduler can be built using the same approach. Google's experience shows that such an approach can have significant benefits for certain applications such as VM hosting. v4: Allow operation even if BPF_F_TIMER_CPU_PIN is not available. v3: Pin the central scheduler's timer on the central_cpu using BPF_F_TIMER_CPU_PIN. v2: Convert to BPF inline iterators. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit 1c29f8541e178c590c2b9b66b9681e6ccab84cea Author: Tejun Heo Date: Tue Jun 18 10:09:19 2024 -1000 sched_ext: Add task state tracking operations Being able to track the task runnable and running state transitions are useful for a variety of purposes including latency tracking and load factor calculation. Currently, BPF schedulers don't have a good way of tracking these transitions. Becoming runnable can be determined from ops.enqueue() but becoming quiescent can only be inferred from the lack of subsequent enqueue. Also, as the local dsq can have multiple tasks and some events are handled in the sched_ext core, it's difficult to determine when a given task starts and stops executing. This patch adds sched_ext_ops.runnable(), .running(), .stopping() and .quiescent() operations to track the task runnable and running state transitions. They're mostly self explanatory; however, we want to ensure that running <-> stopping transitions are always contained within runnable <-> quiescent transitions which is a bit different from how the scheduler core behaves. This adds a bit of complication. See the comment in dequeue_task_scx(). Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit 0922f54fdd15aedb93730eb8cfa0c069cbad4e08 Author: Tejun Heo Date: Tue Jun 18 10:09:19 2024 -1000 sched_ext: Make watchdog handle ops.dispatch() looping stall The dispatch path retries if the local DSQ is still empty after ops.dispatch() either dispatched or consumed a task. This is both out of necessity and for convenience. It has to retry because the dispatch path might lose the tasks to dequeue while the rq lock is released while trying to migrate tasks across CPUs, and the retry mechanism makes ops.dispatch() implementation easier as it only needs to make some forward progress each iteration. However, this makes it possible for ops.dispatch() to stall CPUs by repeatedly dispatching ineligible tasks. If all CPUs are stalled that way, the watchdog or sysrq handler can't run and the system can't be saved. Let's address the issue by breaking out of the dispatch loop after 32 iterations. It is unlikely but not impossible for ops.dispatch() to legitimately go over the iteration limit. We want to come back to the dispatch path in such cases as not doing so risks stalling the CPU by idling with runnable tasks pending. As the previous task is still current in balance_scx(), resched_curr() doesn't do anything - it will just get cleared. Let's instead use scx_kick_bpf() which will trigger reschedule after switching to the next task which will likely be the idle task. Signed-off-by: Tejun Heo Reviewed-by: David Vernet commit 037df2a314a0f2b1c6778602909dc57e5f1790f5 Author: Tejun Heo Date: Tue Jun 18 10:09:19 2024 -1000 sched_ext: Add a central scheduler which makes all scheduling decisions on one CPU This patch adds a new example scheduler, scx_central, which demonstrates central scheduling where one CPU is responsible for making all scheduling decisions in the system using scx_bpf_kick_cpu(). The central CPU makes scheduling decisions for all CPUs in the system, queues tasks on the appropriate local dsq's and preempts the worker CPUs. The worker CPUs in turn preempt the central CPU when it needs tasks to run. Currently, every CPU depends on its own tick to expire the current task. A follow-up patch implementing tickless support for sched_ext will allow the worker CPUs to go full tickless so that they can run completely undisturbed. v3: - Kumar fixed a bug where the dispatch path could overflow the dispatch buffer if too many are dispatched to the fallback DSQ. - Use the new SCX_KICK_IDLE to wake up non-central CPUs. - Dropped '-p' option. v2: - Use RESIZABLE_ARRAY() instead of fixed MAX_CPUS and use SCX_BUG[_ON]() to simplify error handling. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden Cc: Kumar Kartikeya Dwivedi Cc: Julia Lawall commit 81aae789181b5850d77dfdf74d4b85c63f0705e9 Author: Tejun Heo Date: Tue Jun 18 10:09:19 2024 -1000 sched_ext: Implement scx_bpf_kick_cpu() and task preemption support It's often useful to wake up and/or trigger reschedule on other CPUs. This patch adds scx_bpf_kick_cpu() kfunc helper that BPF scheduler can call to kick the target CPU into the scheduling path. As a sched_ext task relinquishes its CPU only after its slice is depleted, this patch also adds SCX_KICK_PREEMPT and SCX_ENQ_PREEMPT which clears the slice of the target CPU's current task to guarantee that sched_ext's scheduling path runs on the CPU. If SCX_KICK_IDLE is specified, the target CPU is kicked iff the CPU is idle to guarantee that the target CPU will go through at least one full sched_ext scheduling cycle after the kicking. This can be used to wake up idle CPUs without incurring unnecessary overhead if it isn't currently idle. As a demonstration of how backward compatibility can be supported using BPF CO-RE, tools/sched_ext/include/scx/compat.bpf.h is added. It provides __COMPAT_scx_bpf_kick_cpu_IDLE() which uses SCX_KICK_IDLE if available or becomes a regular kicking otherwise. This allows schedulers to use the new SCX_KICK_IDLE while maintaining support for older kernels. The plan is to temporarily use compat helpers to ease API updates and drop them after a few kernel releases. v5: - SCX_KICK_IDLE added. Note that this also adds a compat mechanism for schedulers so that they can support kernels without SCX_KICK_IDLE. This is useful as a demonstration of how new feature flags can be added in a backward compatible way. - kick_cpus_irq_workfn() reimplemented so that it touches the pending cpumasks only as necessary to reduce kicking overhead on machines with a lot of CPUs. - tools/sched_ext/include/scx/compat.bpf.h added. v4: - Move example scheduler to its own patch. v3: - Make scx_example_central switch all tasks by default. - Convert to BPF inline iterators. v2: - Julia Lawall reported that scx_example_central can overflow the dispatch buffer and malfunction. As scheduling for other CPUs can't be handled by the automatic retry mechanism, fix by implementing an explicit overflow and retry handling. - Updated to use generic BPF cpumask helpers. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit 1c3ae1cb2f2cf245d529fe363ce420ec8028a547 Author: Tejun Heo Date: Tue Jun 18 10:09:18 2024 -1000 tools/sched_ext: Add scx_show_state.py There are states which are interesting but don't quite fit the interface exposed under /sys/kernel/sched_ext. Add tools/scx_show_state.py to show them. Signed-off-by: Tejun Heo Reviewed-by: David Vernet commit 07814a9439a3b03d79a1001614b5bc1cab69bcec Author: Tejun Heo Date: Tue Jun 18 10:09:18 2024 -1000 sched_ext: Print debug dump after an error exit If a BPF scheduler triggers an error, the scheduler is aborted and the system is reverted to the built-in scheduler. In the process, a lot of information which may be useful for figuring out what happened can be lost. This patch adds debug dump which captures information which may be useful for debugging including runqueue and runnable thread states at the time of failure. The following shows a debug dump after triggering the watchdog: root@test ~# os/work/tools/sched_ext/build/bin/scx_qmap -t 100 stats : enq=1 dsp=0 delta=1 deq=0 stats : enq=90 dsp=90 delta=0 deq=0 stats : enq=156 dsp=156 delta=0 deq=0 stats : enq=218 dsp=218 delta=0 deq=0 stats : enq=255 dsp=255 delta=0 deq=0 stats : enq=271 dsp=271 delta=0 deq=0 stats : enq=284 dsp=284 delta=0 deq=0 stats : enq=293 dsp=293 delta=0 deq=0 DEBUG DUMP ================================================================================ kworker/u32:12[320] triggered exit kind 1026: runnable task stall (stress[1530] failed to run for 6.841s) Backtrace: scx_watchdog_workfn+0x136/0x1c0 process_scheduled_works+0x2b5/0x600 worker_thread+0x269/0x360 kthread+0xeb/0x110 ret_from_fork+0x36/0x40 ret_from_fork_asm+0x1a/0x30 QMAP FIFO[0]: QMAP FIFO[1]: QMAP FIFO[2]: 1436 QMAP FIFO[3]: QMAP FIFO[4]: CPU states ---------- CPU 0 : nr_run=1 ops_qseq=244 curr=swapper/0[0] class=idle_sched_class QMAP: dsp_idx=1 dsp_cnt=0 R stress[1530] -6841ms scx_state/flags=3/0x1 ops_state/qseq=2/20 sticky/holding_cpu=-1/-1 dsq_id=(n/a) cpus=ff QMAP: force_local=0 asm_sysvec_apic_timer_interrupt+0x16/0x20 CPU 2 : nr_run=2 ops_qseq=142 curr=swapper/2[0] class=idle_sched_class QMAP: dsp_idx=1 dsp_cnt=0 R sshd[1703] -5905ms scx_state/flags=3/0x9 ops_state/qseq=2/88 sticky/holding_cpu=-1/-1 dsq_id=(n/a) cpus=ff QMAP: force_local=1 __x64_sys_ppoll+0xf6/0x120 do_syscall_64+0x7b/0x150 entry_SYSCALL_64_after_hwframe+0x76/0x7e R fish[1539] -4141ms scx_state/flags=3/0x9 ops_state/qseq=2/124 sticky/holding_cpu=-1/-1 dsq_id=(n/a) cpus=ff QMAP: force_local=1 futex_wait+0x60/0xe0 do_futex+0x109/0x180 __x64_sys_futex+0x117/0x190 do_syscall_64+0x7b/0x150 entry_SYSCALL_64_after_hwframe+0x76/0x7e CPU 3 : nr_run=2 ops_qseq=162 curr=kworker/u32:12[320] class=ext_sched_class QMAP: dsp_idx=1 dsp_cnt=0 *R kworker/u32:12[320] +0ms scx_state/flags=3/0xd ops_state/qseq=0/0 sticky/holding_cpu=-1/-1 dsq_id=(n/a) cpus=ff QMAP: force_local=0 scx_dump_state+0x613/0x6f0 scx_ops_error_irq_workfn+0x1f/0x40 irq_work_run_list+0x82/0xd0 irq_work_run+0x14/0x30 __sysvec_irq_work+0x40/0x140 sysvec_irq_work+0x60/0x70 asm_sysvec_irq_work+0x16/0x20 scx_watchdog_workfn+0x15f/0x1c0 process_scheduled_works+0x2b5/0x600 worker_thread+0x269/0x360 kthread+0xeb/0x110 ret_from_fork+0x36/0x40 ret_from_fork_asm+0x1a/0x30 R kworker/3:2[1436] +0ms scx_state/flags=3/0x9 ops_state/qseq=2/160 sticky/holding_cpu=-1/-1 dsq_id=(n/a) cpus=08 QMAP: force_local=0 kthread+0xeb/0x110 ret_from_fork+0x36/0x40 ret_from_fork_asm+0x1a/0x30 CPU 7 : nr_run=0 ops_qseq=76 curr=swapper/7[0] class=idle_sched_class ================================================================================ EXIT: runnable task stall (stress[1530] failed to run for 6.841s) It shows that CPU 3 was running the watchdog when it triggered the error condition and the scx_qmap thread has been queued on CPU 0 for over 5 seconds but failed to run. It also prints out scx_qmap specific information - e.g. which tasks are queued on each FIFO and so on using the dump_*() ops. This dump has proved pretty useful for developing and debugging BPF schedulers. Debug dump is generated automatically when the BPF scheduler exits due to an error. The debug buffer used in such cases is determined by sched_ext_ops.exit_dump_len and defaults to 32k. If the debug dump overruns the available buffer, the output is truncated and marked accordingly. Debug dump output can also be read through the sched_ext_dump tracepoint. When read through the tracepoint, there is no length limit. SysRq-D can be used to trigger debug dump at any time while a BPF scheduler is loaded. This is non-destructive - the scheduler keeps running afterwards. The output can be read through the sched_ext_dump tracepoint. v2: - The size of exit debug dump buffer can now be customized using sched_ext_ops.exit_dump_len. - sched_ext_ops.dump*() added to enable dumping of BPF scheduler specific information. - Tracpoint output and SysRq-D triggering added. Signed-off-by: Tejun Heo Reviewed-by: David Vernet commit 1538e33995eaf3f315cbb5506019b9f913ed8555 Author: David Vernet Date: Tue Jun 18 10:09:18 2024 -1000 sched_ext: Print sched_ext info when dumping stack It would be useful to see what the sched_ext scheduler state is, and what scheduler is running, when we're dumping a task's stack. This patch therefore adds a new print_scx_info() function that's called in the same context as print_worker_info() and print_stop_info(). An example dump follows. BUG: kernel NULL pointer dereference, address: 0000000000000999 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 0 P4D 0 Oops: 0002 [#1] PREEMPT SMP CPU: 13 PID: 2047 Comm: insmod Tainted: G O 6.6.0-work-10323-gb58d4cae8e99-dirty #34 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS unknown 2/2/2022 Sched_ext: qmap (enabled+all), task: runnable_at=-17ms RIP: 0010:init_module+0x9/0x1000 [test_module] ... v3: - scx_ops_enable_state_str[] definition moved to an earlier patch as it's now used by core implementation. - Convert jiffy delta to msecs using jiffies_to_msecs() instead of multiplying by (HZ / MSEC_PER_SEC). The conversion is implemented in jiffies_delta_msecs(). v2: - We are now using scx_ops_enable_state_str[] outside CONFIG_SCHED_DEBUG. Move it outside of CONFIG_SCHED_DEBUG and to the top. This was reported by Changwoo and Andrea. Signed-off-by: David Vernet Reported-by: Changwoo Min Reported-by: Andrea Righi Signed-off-by: Tejun Heo commit 7bb6f0810ecfb73a9d7a2ca56fb001e0201a6758 Author: Tejun Heo Date: Tue Jun 18 10:09:18 2024 -1000 sched_ext: Allow BPF schedulers to disallow specific tasks from joining SCHED_EXT BPF schedulers might not want to schedule certain tasks - e.g. kernel threads. This patch adds p->scx.disallow which can be set by BPF schedulers in such cases. The field can be changed anytime and setting it in ops.prep_enable() guarantees that the task can never be scheduled by sched_ext. scx_qmap is updated with the -d option to disallow a specific PID: # echo $$ 1092 # grep -E '(policy)|(ext\.enabled)' /proc/self/sched policy : 0 ext.enabled : 0 # ./set-scx 1092 # grep -E '(policy)|(ext\.enabled)' /proc/self/sched policy : 7 ext.enabled : 0 Run "scx_qmap -p -d 1092" in another terminal. # cat /sys/kernel/sched_ext/nr_rejected 1 # grep -E '(policy)|(ext\.enabled)' /proc/self/sched policy : 0 ext.enabled : 0 # ./set-scx 1092 setparam failed for 1092 (Permission denied) - v4: Refreshed on top of tip:sched/core. - v3: Update description to reflect /sys/kernel/sched_ext interface change. - v2: Use atomic_long_t instead of atomic64_t for scx_kick_cpus_pnt_seqs to accommodate 32bit archs. Signed-off-by: Tejun Heo Suggested-by: Barret Rhoden Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit 8a010b81b3a50b033fc3cddc613517abda586cbe Author: David Vernet Date: Tue Jun 18 10:09:18 2024 -1000 sched_ext: Implement runnable task stall watchdog The most common and critical way that a BPF scheduler can misbehave is by failing to run runnable tasks for too long. This patch implements a watchdog. * All tasks record when they become runnable. * A watchdog work periodically scans all runnable tasks. If any task has stayed runnable for too long, the BPF scheduler is aborted. * scheduler_tick() monitors whether the watchdog itself is stuck. If so, the BPF scheduler is aborted. Because the watchdog only scans the tasks which are currently runnable and usually very infrequently, the overhead should be negligible. scx_qmap is updated so that it can be told to stall user and/or kernel tasks. A detected task stall looks like the following: sched_ext: BPF scheduler "qmap" errored, disabling sched_ext: runnable task stall (dbus-daemon[953] failed to run for 6.478s) scx_check_timeout_workfn+0x10e/0x1b0 process_one_work+0x287/0x560 worker_thread+0x234/0x420 kthread+0xe9/0x100 ret_from_fork+0x1f/0x30 A detected watchdog stall: sched_ext: BPF scheduler "qmap" errored, disabling sched_ext: runnable task stall (watchdog failed to check in for 5.001s) scheduler_tick+0x2eb/0x340 update_process_times+0x7a/0x90 tick_sched_timer+0xd8/0x130 __hrtimer_run_queues+0x178/0x3b0 hrtimer_interrupt+0xfc/0x390 __sysvec_apic_timer_interrupt+0xb7/0x2b0 sysvec_apic_timer_interrupt+0x90/0xb0 asm_sysvec_apic_timer_interrupt+0x1b/0x20 default_idle+0x14/0x20 arch_cpu_idle+0xf/0x20 default_idle_call+0x50/0x90 do_idle+0xe8/0x240 cpu_startup_entry+0x1d/0x20 kernel_init+0x0/0x190 start_kernel+0x0/0x392 start_kernel+0x324/0x392 x86_64_start_reservations+0x2a/0x2c x86_64_start_kernel+0x104/0x109 secondary_startup_64_no_verify+0xce/0xdb Note that this patch exposes scx_ops_error[_type]() in kernel/sched/ext.h to inline scx_notify_sched_tick(). v4: - While disabling, cancel_delayed_work_sync(&scx_watchdog_work) was being called before forward progress was guaranteed and thus could lead to system lockup. Relocated. - While enabling, it was comparing msecs against jiffies without conversion leading to spurious load failures on lower HZ kernels. Fixed. - runnable list management is now used by core bypass logic and moved to the patch implementing sched_ext core. v3: - bpf_scx_init_member() was incorrectly comparing ops->timeout_ms against SCX_WATCHDOG_MAX_TIMEOUT which is in jiffies without conversion leading to spurious load failures in lower HZ kernels. Fixed. v2: - Julia Lawall noticed that the watchdog code was mixing msecs and jiffies. Fix by using jiffies for everything. Signed-off-by: David Vernet Reviewed-by: Tejun Heo Signed-off-by: Tejun Heo Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden Cc: Julia Lawall commit 79e104400fc3b94a2d04c65d222a0726b3ae2382 Author: Tejun Heo Date: Tue Jun 18 10:09:18 2024 -1000 sched_ext: Add sysrq-S which disables the BPF scheduler This enables the admin to abort the BPF scheduler and revert to CFS anytime. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit 2a52ca7c98960aafb0eca9ef96b2d0c932171357 Author: Tejun Heo Date: Tue Jun 18 10:09:17 2024 -1000 sched_ext: Add scx_simple and scx_example_qmap example schedulers Add two simple example BPF schedulers - simple and qmap. * simple: In terms of scheduling, it behaves identical to not having any operation implemented at all. The two operations it implements are only to improve visibility and exit handling. On certain homogeneous configurations, this actually can perform pretty well. * qmap: A fixed five level priority scheduler to demonstrate queueing PIDs on BPF maps for scheduling. While not very practical, this is useful as a simple example and will be used to demonstrate different features. v7: - Compat helpers stripped out in prepartion of upstreaming as the upstreamed patchset will be the baselinfe. Utility macros that can be used to implement compat features are kept. - Explicitly disable map autoattach on struct_ops to avoid trying to attach twice while maintaining compatbility with older libbpf. v6: - Common header files reorganized and cleaned up. Compat helpers are added to demonstrate how schedulers can maintain backward compatibility with older kernels while making use of newly added features. - simple_select_cpu() added to keep track of the number of local dispatches. This is needed because the default ops.select_cpu() implementation is updated to dispatch directly and won't call ops.enqueue(). - Updated to reflect the sched_ext API changes. Switching all tasks is the default behavior now and scx_qmap supports partial switching when `-p` is specified. - tools/sched_ext/Kconfig dropped. This will be included in the doc instead. v5: - Improve Makefile. Build artifects are now collected into a separate dir which change be changed. Install and help targets are added and clean actually cleans everything. - MEMBER_VPTR() improved to improve access to structs. ARRAY_ELEM_PTR() and RESIZEABLE_ARRAY() are added to support resizable arrays in .bss. - Add scx_common.h which provides common utilities to user code such as SCX_BUG[_ON]() and RESIZE_ARRAY(). - Use SCX_BUG[_ON]() to simplify error handling. v4: - Dropped _example prefix from scheduler names. v3: - Rename scx_example_dummy to scx_example_simple and restructure a bit to ease later additions. Comment updates. - Added declarations for BPF inline iterators. In the future, hopefully, these will be consolidated into a generic BPF header so that they don't need to be replicated here. v2: - Updated with the generic BPF cpumask helpers. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit f0e1a0643a59bf1f922fa209cec86a170b784f3f Author: Tejun Heo Date: Tue Jun 18 10:09:17 2024 -1000 sched_ext: Implement BPF extensible scheduler class Implement a new scheduler class sched_ext (SCX), which allows scheduling policies to be implemented as BPF programs to achieve the following: 1. Ease of experimentation and exploration: Enabling rapid iteration of new scheduling policies. 2. Customization: Building application-specific schedulers which implement policies that are not applicable to general-purpose schedulers. 3. Rapid scheduler deployments: Non-disruptive swap outs of scheduling policies in production environments. sched_ext leverages BPF’s struct_ops feature to define a structure which exports function callbacks and flags to BPF programs that wish to implement scheduling policies. The struct_ops structure exported by sched_ext is struct sched_ext_ops, and is conceptually similar to struct sched_class. The role of sched_ext is to map the complex sched_class callbacks to the more simple and ergonomic struct sched_ext_ops callbacks. For more detailed discussion on the motivations and overview, please refer to the cover letter. Later patches will also add several example schedulers and documentation. This patch implements the minimum core framework to enable implementation of BPF schedulers. Subsequent patches will gradually add functionalities including safety guarantee mechanisms, nohz and cgroup support. include/linux/sched/ext.h defines struct sched_ext_ops. With the comment on top, each operation should be self-explanatory. The followings are worth noting: - Both "sched_ext" and its shorthand "scx" are used. If the identifier already has "sched" in it, "ext" is used; otherwise, "scx". - In sched_ext_ops, only .name is mandatory. Every operation is optional and if omitted a simple but functional default behavior is provided. - A new policy constant SCHED_EXT is added and a task can select sched_ext by invoking sched_setscheduler(2) with the new policy constant. However, if the BPF scheduler is not loaded, SCHED_EXT is the same as SCHED_NORMAL and the task is scheduled by CFS. When the BPF scheduler is loaded, all tasks which have the SCHED_EXT policy are switched to sched_ext. - To bridge the workflow imbalance between the scheduler core and sched_ext_ops callbacks, sched_ext uses simple FIFOs called dispatch queues (dsq's). By default, there is one global dsq (SCX_DSQ_GLOBAL), and one local per-CPU dsq (SCX_DSQ_LOCAL). SCX_DSQ_GLOBAL is provided for convenience and need not be used by a scheduler that doesn't require it. SCX_DSQ_LOCAL is the per-CPU FIFO that sched_ext pulls from when putting the next task on the CPU. The BPF scheduler can manage an arbitrary number of dsq's using scx_bpf_create_dsq() and scx_bpf_destroy_dsq(). - sched_ext guarantees system integrity no matter what the BPF scheduler does. To enable this, each task's ownership is tracked through p->scx.ops_state and all tasks are put on scx_tasks list. The disable path can always recover and revert all tasks back to CFS. See p->scx.ops_state and scx_tasks. - A task is not tied to its rq while enqueued. This decouples CPU selection from queueing and allows sharing a scheduling queue across an arbitrary subset of CPUs. This adds some complexities as a task may need to be bounced between rq's right before it starts executing. See dispatch_to_local_dsq() and move_task_to_local_dsq(). - One complication that arises from the above weak association between task and rq is that synchronizing with dequeue() gets complicated as dequeue() may happen anytime while the task is enqueued and the dispatch path might need to release the rq lock to transfer the task. Solving this requires a bit of complexity. See the logic around p->scx.sticky_cpu and p->scx.ops_qseq. - Both enable and disable paths are a bit complicated. The enable path switches all tasks without blocking to avoid issues which can arise from partially switched states (e.g. the switching task itself being starved). The disable path can't trust the BPF scheduler at all, so it also has to guarantee forward progress without blocking. See scx_ops_enable() and scx_ops_disable_workfn(). - When sched_ext is disabled, static_branches are used to shut down the entry points from hot paths. v7: - scx_ops_bypass() was incorrectly and unnecessarily trying to grab scx_ops_enable_mutex which can lead to deadlocks in the disable path. Fixed. - Fixed TASK_DEAD handling bug in scx_ops_enable() path which could lead to use-after-free. - Consolidated per-cpu variable usages and other cleanups. v6: - SCX_NR_ONLINE_OPS replaced with SCX_OPI_*_BEGIN/END so that multiple groups can be expressed. Later CPU hotplug operations are put into their own group. - SCX_OPS_DISABLING state is replaced with the new bypass mechanism which allows temporarily putting the system into simple FIFO scheduling mode bypassing the BPF scheduler. In addition to the shut down path, this will also be used to isolate the BPF scheduler across PM events. Enabling and disabling the bypass mode requires iterating all runnable tasks. rq->scx.runnable_list addition is moved from the later watchdog patch. - ops.prep_enable() is replaced with ops.init_task() and ops.enable/disable() are now called whenever the task enters and leaves sched_ext instead of when the task becomes schedulable on sched_ext and stops being so. A new operation - ops.exit_task() - is called when the task stops being schedulable on sched_ext. - scx_bpf_dispatch() can now be called from ops.select_cpu() too. This removes the need for communicating local dispatch decision made by ops.select_cpu() to ops.enqueue() via per-task storage. SCX_KF_SELECT_CPU is added to support the change. - SCX_TASK_ENQ_LOCAL which told the BPF scheudler that scx_select_cpu_dfl() wants the task to be dispatched to the local DSQ was removed. Instead, scx_bpf_select_cpu_dfl() now dispatches directly if it finds a suitable idle CPU. If such behavior is not desired, users can use scx_bpf_select_cpu_dfl() which returns the verdict in a bool out param. - scx_select_cpu_dfl() was mishandling WAKE_SYNC and could end up queueing many tasks on a local DSQ which makes tasks to execute in order while other CPUs stay idle which made some hackbench numbers really bad. Fixed. - The current state of sched_ext can now be monitored through files under /sys/sched_ext instead of /sys/kernel/debug/sched/ext. This is to enable monitoring on kernels which don't enable debugfs. - sched_ext wasn't telling BPF that ops.dispatch()'s @prev argument may be NULL and a BPF scheduler which derefs the pointer without checking could crash the kernel. Tell BPF. This is currently a bit ugly. A better way to annotate this is expected in the future. - scx_exit_info updated to carry pointers to message buffers instead of embedding them directly. This decouples buffer sizes from API so that they can be changed without breaking compatibility. - exit_code added to scx_exit_info. This is used to indicate different exit conditions on non-error exits and will be used to handle e.g. CPU hotplugs. - The patch "sched_ext: Allow BPF schedulers to switch all eligible tasks into sched_ext" is folded in and the interface is changed so that partial switching is indicated with a new ops flag %SCX_OPS_SWITCH_PARTIAL. This makes scx_bpf_switch_all() unnecessasry and in turn SCX_KF_INIT. ops.init() is now called with SCX_KF_SLEEPABLE. - Code reorganized so that only the parts necessary to integrate with the rest of the kernel are in the header files. - Changes to reflect the BPF and other kernel changes including the addition of bpf_sched_ext_ops.cfi_stubs. v5: - To accommodate 32bit configs, p->scx.ops_state is now atomic_long_t instead of atomic64_t and scx_dsp_buf_ent.qseq which uses load_acquire/store_release is now unsigned long instead of u64. - Fix the bug where bpf_scx_btf_struct_access() was allowing write access to arbitrary fields. - Distinguish kfuncs which can be called from any sched_ext ops and from anywhere. e.g. scx_bpf_pick_idle_cpu() can now be called only from sched_ext ops. - Rename "type" to "kind" in scx_exit_info to make it easier to use on languages in which "type" is a reserved keyword. - Since cff9b2332ab7 ("kernel/sched: Modify initial boot task idle setup"), PF_IDLE is not set on idle tasks which haven't been online yet which made scx_task_iter_next_filtered() include those idle tasks in iterations leading to oopses. Update scx_task_iter_next_filtered() to directly test p->sched_class against idle_sched_class instead of using is_idle_task() which tests PF_IDLE. - Other updates to match upstream changes such as adding const to set_cpumask() param and renaming check_preempt_curr() to wakeup_preempt(). v4: - SCHED_CHANGE_BLOCK replaced with the previous sched_deq_and_put_task()/sched_enq_and_set_tsak() pair. This is because upstream is adaopting a different generic cleanup mechanism. Once that lands, the code will be adapted accordingly. - task_on_scx() used to test whether a task should be switched into SCX, which is confusing. Renamed to task_should_scx(). task_on_scx() now tests whether a task is currently on SCX. - scx_has_idle_cpus is barely used anymore and replaced with direct check on the idle cpumask. - SCX_PICK_IDLE_CORE added and scx_pick_idle_cpu() improved to prefer fully idle cores. - ops.enable() now sees up-to-date p->scx.weight value. - ttwu_queue path is disabled for tasks on SCX to avoid confusing BPF schedulers expecting ->select_cpu() call. - Use cpu_smt_mask() instead of topology_sibling_cpumask() like the rest of the scheduler. v3: - ops.set_weight() added to allow BPF schedulers to track weight changes without polling p->scx.weight. - move_task_to_local_dsq() was losing SCX-specific enq_flags when enqueueing the task on the target dsq because it goes through activate_task() which loses the upper 32bit of the flags. Carry the flags through rq->scx.extra_enq_flags. - scx_bpf_dispatch(), scx_bpf_pick_idle_cpu(), scx_bpf_task_running() and scx_bpf_task_cpu() now use the new KF_RCU instead of KF_TRUSTED_ARGS to make it easier for BPF schedulers to call them. - The kfunc helper access control mechanism implemented through sched_ext_entity.kf_mask is improved. Now SCX_CALL_OP*() is always used when invoking scx_ops operations. v2: - balance_scx_on_up() is dropped. Instead, on UP, balance_scx() is called from put_prev_taks_scx() and pick_next_task_scx() as necessary. To determine whether balance_scx() should be called from put_prev_task_scx(), SCX_TASK_DEQD_FOR_SLEEP flag is added. See the comment in put_prev_task_scx() for details. - sched_deq_and_put_task() / sched_enq_and_set_task() sequences replaced with SCHED_CHANGE_BLOCK(). - Unused all_dsqs list removed. This was a left-over from previous iterations. - p->scx.kf_mask is added to track and enforce which kfunc helpers are allowed. Also, init/exit sequences are updated to make some kfuncs always safe to call regardless of the current BPF scheduler state. Combined, this should make all the kfuncs safe. - BPF now supports sleepable struct_ops operations. Hacky workaround removed and operations and kfunc helpers are tagged appropriately. - BPF now supports bitmask / cpumask helpers. scx_bpf_get_idle_cpumask() and friends are added so that BPF schedulers can use the idle masks with the generic helpers. This replaces the hacky kfunc helpers added by a separate patch in V1. - CONFIG_SCHED_CLASS_EXT can no longer be enabled if SCHED_CORE is enabled. This restriction will be removed by a later patch which adds core-sched support. - Add MAINTAINERS entries and other misc changes. Signed-off-by: Tejun Heo Co-authored-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden Cc: Andrea Righi commit a7a9fc549293168c1edbc8433d5d4fbbe1171630 Author: Tejun Heo Date: Tue Jun 18 10:09:17 2024 -1000 sched_ext: Add boilerplate for extensible scheduler class This adds dummy implementations of sched_ext interfaces which interact with the scheduler core and hook them in the correct places. As they're all dummies, this doesn't cause any behavior changes. This is split out to help reviewing. v2: balance_scx_on_up() dropped. This will be handled in sched_ext proper. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit 2c8d046d5d51691550da023976815e7a64151636 Author: Tejun Heo Date: Tue Jun 18 10:09:17 2024 -1000 sched: Add normal_policy() A new BPF extensible sched_class will need to dynamically change how a task picks its sched_class. For example, if the loaded BPF scheduler progs fail, the tasks will be forced back on CFS even if the task's policy is set to the new sched_class. To support such mapping, add normal_policy() which wraps testing for %SCHED_NORMAL. This doesn't cause any behavior changes. v2: Update the description with more details on the expected use. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit 96fd6c65efc652e9054163e6d3cf254b9e5b93d2 Author: Tejun Heo Date: Tue Jun 18 10:09:17 2024 -1000 sched: Factor out update_other_load_avgs() from __update_blocked_others() RT, DL, thermal and irq load and utilization metrics need to be decayed and updated periodically and before consumption to keep the numbers reasonable. This is currently done from __update_blocked_others() as a part of the fair class load balance path. Let's factor it out to update_other_load_avgs(). Pure refactor. No functional changes. This will be used by the new BPF extensible scheduling class to ensure that the above metrics are properly maintained. v2: Refreshed on top of tip:sched/core. Signed-off-by: Tejun Heo Reviewed-by: David Vernet commit 4f9c7ca851044273df5d67e00ca0b4d0476a48f6 Author: Tejun Heo Date: Tue Jun 18 10:09:16 2024 -1000 sched: Factor out cgroup weight conversion functions Factor out sched_weight_from/to_cgroup() which convert between scheduler shares and cgroup weight. No functional change. The factored out functions will be used by a new BPF extensible sched_class so that the weights can be exposed to the BPF programs in a way which is consistent cgroup weights and easier to interpret. The weight conversions will be used regardless of cgroup usage. It's just borrowing the cgroup weight range as it's more intuitive. CGROUP_WEIGHT_MIN/DFL/MAX constants are moved outside CONFIG_CGROUPS so that the conversion helpers can always be defined. v2: The helpers are now defined regardless of COFNIG_CGROUPS. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit d8c7bc2e209170ff78b88b85258546aa6e337af9 Author: Tejun Heo Date: Tue Jun 18 10:09:16 2024 -1000 sched: Add sched_class->switching_to() and expose check_class_changing/changed() When a task switches to a new sched_class, the prev and new classes are notified through ->switched_from() and ->switched_to(), respectively, after the switching is done. A new BPF extensible sched_class will have callbacks that allow the BPF scheduler to keep track of relevant task states (like priority and cpumask). Those callbacks aren't called while a task is on a different sched_class. When a task comes back, we wanna tell the BPF progs the up-to-date state before the task gets enqueued, so we need a hook which is called before the switching is committed. This patch adds ->switching_to() which is called during sched_class switch through check_class_changing() before the task is restored. Also, this patch exposes check_class_changing/changed() in kernel/sched/sched.h. They will be used by the new BPF extensible sched_class to implement implicit sched_class switching which is used e.g. when falling back to CFS when the BPF scheduler fails or unloads. This is a prep patch and doesn't cause any behavior changes. The new operation and exposed functions aren't used yet. v3: Refreshed on top of tip:sched/core. v2: Improve patch description w/ details on planned use. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit e83edbf88f18087b5b349c7ff701b030dd53dff3 Author: Tejun Heo Date: Tue Jun 18 10:09:16 2024 -1000 sched: Add sched_class->reweight_task() Currently, during a task weight change, sched core directly calls reweight_task() defined in fair.c if @p is on CFS. Let's make it a proper sched_class operation instead. CFS's reweight_task() is renamed to reweight_task_fair() and now called through sched_class. While it turns a direct call into an indirect one, set_load_weight() isn't called from a hot path and this change shouldn't cause any noticeable difference. This will be used to implement reweight_task for a new BPF extensible sched_class so that it can keep its cached task weight up-to-date. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit 304b3f2bc07ba7c74a1ebc7917a8f0549e6b8d54 Author: Tejun Heo Date: Tue Jun 18 10:09:16 2024 -1000 sched: Allow sched_cgroup_fork() to fail and introduce sched_cancel_fork() A new BPF extensible sched_class will need more control over the forking process. It wants to be able to fail from sched_cgroup_fork() after the new task's sched_task_group is initialized so that the loaded BPF program can prepare the task with its cgroup association is established and reject fork if e.g. allocation fails. Allow sched_cgroup_fork() to fail by making it return int instead of void and adding sched_cancel_fork() to undo sched_fork() in the error path. sched_cgroup_fork() doesn't fail yet and this patch shouldn't cause any behavior changes. v2: Patch description updated to detail the expected use. Signed-off-by: Tejun Heo Reviewed-by: David Vernet Acked-by: Josh Don Acked-by: Hao Luo Acked-by: Barret Rhoden commit df268382adc1f7aa3ad92f7de71b70395f24e4e7 Author: Tejun Heo Date: Tue Jun 18 10:09:16 2024 -1000 sched: Restructure sched_class order sanity checks in sched_init() Currently, sched_init() checks that the sched_class'es are in the expected order by testing each adjacency which is a bit brittle and makes it cumbersome to add optional sched_class'es. Instead, let's verify whether they're in the expected order using sched_class_above() which is what matters. Signed-off-by: Tejun Heo Suggested-by: Peter Zijlstra Reviewed-by: David Vernet commit 8cce475922aa99200a33ac8f417e0d5e5e67c817 Merge: c793a62823d1ce f6afdaf72af758 Author: Tejun Heo Date: Tue Jun 18 10:03:20 2024 -1000 Merge branch 'bpf/for-next' into sched_ext-base commit a62b4f6fbdffa8e90959da485b68f844241d300f Author: Steven Rostedt (Google) Date: Wed Jun 12 19:19:47 2024 -0400 tracing: Add last boot delta offset for stack traces The addresses of a stack trace event are relative to the kallsyms. As that can change between boots, when printing the stack trace from a buffer that was from the last boot, it needs all the addresses to be added to the "text_delta" that gives the delta between the addresses of the functions for the current boot compared to the address of the last boot. Then it can be passed to kallsyms to find the function name, otherwise it just shows a useless list of addresses. Link: https://lkml.kernel.org/r/20240612232027.145807384@goodmis.org Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Daniel Bristot de Oliveira Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Youssef Esmat Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Signed-off-by: Steven Rostedt (Google) commit 7cfeb9033dd1fbdaacd74b2e6613d7366f515e16 Author: Steven Rostedt (Google) Date: Wed Jun 12 19:19:46 2024 -0400 tracing: Update function tracing output for previous boot buffer For a persistent ring buffer that is saved across boots, if function tracing was performed in the previous boot, it only saves the address of the functions and uses "%pS" to print their names. But the current boot, those functions may be in different locations. The persistent meta-data saves the text delta between the two boots and can be used to find the address of the saved function of where it is located in the current boot. Link: https://lkml.kernel.org/r/20240612232026.988226055@goodmis.org Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Daniel Bristot de Oliveira Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Youssef Esmat Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Signed-off-by: Steven Rostedt (Google) commit 07714b4bb3f9800261c8b4b2f47e9010ed60979d Author: Steven Rostedt (Google) Date: Wed Jun 12 19:19:45 2024 -0400 tracing: Handle old buffer mappings for event strings and functions Use the saved text_delta and data_delta of a persistent memory mapped ring buffer that was saved from a previous boot, and use the delta in the trace event print output so that strings and functions show up normally. That is, for an event like trace_kmalloc() that prints the callsite via "%pS", if it used the address saved in the ring buffer it will not match the function that was saved in the previous boot if the kernel remaps itself between boots. For RCU events that point to saved static strings where only the address of the string is saved in the ring buffer, it too will be adjusted to point to where the string is on the current boot. Link: https://lkml.kernel.org/r/20240612232026.821020753@goodmis.org Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Daniel Bristot de Oliveira Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Youssef Esmat Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Signed-off-by: Steven Rostedt (Google) commit 7a1d1e4b9639ff08b2f42605c2950ae1ba4a43bf Author: Steven Rostedt (Google) Date: Wed Jun 12 19:19:44 2024 -0400 tracing/ring-buffer: Add last_boot_info file to boot instance If an instance is mapped to memory on boot up, create a new file called "last_boot_info" that will hold information that can be used to properly parse the raw data in the ring buffer. It will export the delta of the addresses for text and data from what it was from the last boot. It does not expose actually addresses (unless you knew what the actual address was from the last boot). The output will look like: # cat last_boot_info text delta: -268435456 data delta: -268435456 The text and data are kept separate in case they are ever made different. Link: https://lkml.kernel.org/r/20240612232026.658680738@goodmis.org Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Daniel Bristot de Oliveira Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Youssef Esmat Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Signed-off-by: Steven Rostedt (Google) commit 8f3e6659656e63bd710fcab4f0cdfb8608bc1b96 Author: Steven Rostedt (Google) Date: Wed Jun 12 19:19:43 2024 -0400 ring-buffer: Save text and data locations in mapped meta data When a ring buffer is mapped to a specific address, save the address of a text function and some data. This will be used to determine the delta between the last boot and the current boot for pointers to functions as well as to data. Link: https://lkml.kernel.org/r/20240612232026.496176678@goodmis.org Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Daniel Bristot de Oliveira Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Youssef Esmat Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Signed-off-by: Steven Rostedt (Google) commit e645535a954ad5eb53ed2c5752c534a3371547c3 Author: Steven Rostedt (Google) Date: Wed Jun 12 19:19:42 2024 -0400 tracing: Add option to use memmapped memory for trace boot instance Add an option to the trace_instance kernel command line parameter that allows it to use the reserved memory from memmap boot parameter. memmap=12M$0x284500000 trace_instance=boot_mapped@0x284500000:12M The above will reserves 12 megs at the physical address 0x284500000. The second parameter will create a "boot_mapped" instance and use the memory reserved as the memory for the ring buffer. That will create an instance called "boot_mapped": /sys/kernel/tracing/instances/boot_mapped Note, because the ring buffer is using a defined memory ranged, it will act just like a memory mapped ring buffer. It will not have a snapshot buffer, as it can't swap out the buffer. The snapshot files as well as any tracers that uses a snapshot will not be present in the boot_mapped instance. Link: https://lkml.kernel.org/r/20240612232026.329660169@goodmis.org Cc: linux-mm@kvack.org Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Daniel Bristot de Oliveira Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Youssef Esmat Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Signed-off-by: Steven Rostedt (Google) commit 5f3b6e839f3ceb8d6ef02231ba9b5aca71b8bf55 Author: Steven Rostedt (Google) Date: Wed Jun 12 19:19:41 2024 -0400 ring-buffer: Validate boot range memory events Make sure all the events in each of the sub-buffers that were mapped in a memory region are valid. This moves the code that walks the buffers for time-stamp validation out of the CONFIG_RING_BUFFER_VALIDATE_TIME_DELTAS ifdef block and is used to validate the content. Only the ring buffer event meta data and time stamps are checked and not the data load. This also has a second purpose. The buffer_page structure that points to the data sub-buffers has accounting that keeps track of the number of events that are on the sub-buffer. This updates that counter as well. That counter is used in reading the buffer and knowing if the ring buffer is empty or not. Link: https://lkml.kernel.org/r/20240612232026.172503570@goodmis.org Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Daniel Bristot de Oliveira Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Youssef Esmat Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Signed-off-by: Steven Rostedt (Google) commit c76883f18e59b762247ee91d3e4224231711854e Author: Steven Rostedt (Google) Date: Wed Jun 12 19:19:40 2024 -0400 ring-buffer: Add test if range of boot buffer is valid Add a test against the ring buffer memory range to see if it has valid data. The ring_buffer_meta structure is given a new field called "first_buffer" which holds the address of the first sub-buffer. This is used to both determine if the other fields are valid as well as finding the offset between the old addresses of the sub-buffer from the previous boot to the new addresses of the current boot. Since the values for nr_subbufs and subbuf_size is to be the same, check if the values in the meta page match the values calculated. Take the range of the first_buffer and the total size of all the buffers and make sure the saved head_buffer and commit_buffer fall in the range. Iterate through all the sub-buffers to make sure that the values in the sub-buffer "commit" field (the field that holds the amount of data on the sub-buffer) is within the end of the sub-buffer. Also check the index array to make sure that all the indexes are within nr_subbufs. Link: https://lkml.kernel.org/r/20240612232026.013843655@goodmis.org Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Daniel Bristot de Oliveira Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Youssef Esmat Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Signed-off-by: Steven Rostedt (Google) commit 950032ffcee7a43c960951940059afc5a2bdbcbc Author: Steven Rostedt (Google) Date: Wed Jun 12 19:19:39 2024 -0400 ring-buffer: Add output of ring buffer meta page Add a buffer_meta per-cpu file for the trace instance that is mapped to boot memory. This shows the current meta-data and can be used by user space tools to record off the current mappings to help reconstruct the ring buffer after a reboot. It does not expose any virtual addresses, just indexes into the sub-buffer pages. Link: https://lkml.kernel.org/r/20240612232025.854471446@goodmis.org Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Daniel Bristot de Oliveira Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Youssef Esmat Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Signed-off-by: Steven Rostedt (Google) commit 2124de79adaa0a0bd1795f1996774e2e69157766 Author: Steven Rostedt (Google) Date: Wed Jun 12 19:19:38 2024 -0400 tracing: Implement creating an instance based on a given memory region Allow for creating a new instance by passing in an address and size to map the ring buffer for the instance to. This will allow features like a pstore memory mapped region to be used for an tracing instance ring buffer that can be retrieved from one boot to the next. Link: https://lkml.kernel.org/r/20240612232025.692086240@goodmis.org Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Daniel Bristot de Oliveira Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Youssef Esmat Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Signed-off-by: Steven Rostedt (Google) commit b14d032973d4e6c36e025e96ea3437de53d072d9 Author: Steven Rostedt (Google) Date: Wed Jun 12 19:19:37 2024 -0400 ring-buffer: Add ring_buffer_meta data Populate the ring_buffer_meta array. It holds the pointer to the head_buffer (next to read), the commit_buffer (next to write) the size of the sub-buffers, number of sub-buffers and an array that keeps track of the order of the sub-buffers. This information will be stored in the persistent memory to help on reboot to reconstruct the ring buffer. Link: https://lkml.kernel.org/r/20240612232025.530733577@goodmis.org Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Daniel Bristot de Oliveira Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Youssef Esmat Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Signed-off-by: Steven Rostedt (Google) commit be68d63a139bd4a0eae44d06234eaff8c07d207c Author: Steven Rostedt (Google) Date: Wed Jun 12 19:19:36 2024 -0400 ring-buffer: Add ring_buffer_alloc_range() In preparation to allowing the trace ring buffer to be allocated in a range of memory that is persistent across reboots, add ring_buffer_alloc_range(). It takes a contiguous range of memory and will split it up evenly for the per CPU ring buffers. If there's not enough memory to handle all CPUs with the minimum size, it will fail to allocate the ring buffer. Link: https://lkml.kernel.org/r/20240612232025.363998725@goodmis.org Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Daniel Bristot de Oliveira Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Youssef Esmat Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Signed-off-by: Steven Rostedt (Google) commit dd4900d94f2f7bf3ccfdd4479a3d159e93cca2de Author: Steven Rostedt (Google) Date: Wed Jun 12 19:19:35 2024 -0400 ring-buffer: Allow mapped field to be set without mapping In preparation for having the ring buffer mapped to a dedicated location, which will have the same restrictions as user space memory mapped buffers, allow it to use the "mapped" field of the ring_buffer_per_cpu structure without having the user space meta page mapping. When this starts using the mapped field, it will need to handle adding a user space mapping (and removing it) from a ring buffer that is using a dedicated memory range. Link: https://lkml.kernel.org/r/20240612232025.190908567@goodmis.org Cc: Masami Hiramatsu Cc: Mark Rutland Cc: Mathieu Desnoyers Cc: Andrew Morton Cc: Vincent Donnefort Cc: Joel Fernandes Cc: Daniel Bristot de Oliveira Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Vineeth Pillai Cc: Youssef Esmat Cc: Beau Belgrave Cc: Alexander Graf Cc: Baoquan He Cc: Borislav Petkov Cc: "Paul E. McKenney" Cc: David Howells Cc: Mike Rapoport Cc: Dave Hansen Cc: Tony Luck Cc: Guenter Roeck Cc: Ross Zwisler Cc: Kees Cook Signed-off-by: Steven Rostedt (Google)